Quoting KaiGai Kohei (kaigai@private):
> Hmm... I'm not so familiar with ISO-15408.
> Do you know previous discussions about such behavior on filename resolving
> or readdir ?
I can look around later in the week for past discussions (not sure
whether there have been any), but at least here is the protection
profile I'm talking about:
http://niap.nist.gov/cc-scheme/pp/PP_MLOSPP-MR_V1.22.html
> Pay attention to what 'filler' was overwritten in this patch.
> When LSM is enable, FS's readdir method (dir->f_op->readdir) always calls
> 'security_file_filldir'
> for each directory entry instead of original 'filler' given by arguments.
Yes, I see, and I was being dense and misread it. So forget what I said
before. But please add a good comment above the security_file_filldir
definition. Also, the kernel community doesn't like typedefs, so please
change
+typedef struct {
+ struct file *dir;
+ void *buffer;
+ filldir_t filler;
+} security_filldir_t;
to something like
+struct security_filldir_info {
+ struct file *dir;
+ void *buffer;
+ filldir_t filler;
+};
Do you have any performance measurements, say with selinux and with only
capabilities compiled in, with and without this patch? I suspect that will
be one of the most important points of contention if this goes to the
linux-kernel list.
thanks,
-serge
This archive was generated by hypermail 2.1.3 : Sun Jan 01 2006 - 16:24:17 PST