From patchwork Fri Dec 9 03:21:23 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 130277 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 6851D1007D6 for ; Fri, 9 Dec 2011 14:21:42 +1100 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1RYr1g-000650-G9; Fri, 09 Dec 2011 03:21:32 +0000 Received: from www262.sakura.ne.jp ([202.181.97.72]) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1RYr1d-00064Q-SB for kernel-team@lists.ubuntu.com; Fri, 09 Dec 2011 03:21:30 +0000 Received: from www262.sakura.ne.jp (ksav01.sakura.ne.jp [210.224.165.38]) by www262.sakura.ne.jp (8.14.3/8.14.3) with ESMTP id pB93LNw4080061; Fri, 9 Dec 2011 12:21:23 +0900 (JST) (envelope-from from-ubuntu@i-love.sakura.ne.jp) X-Nat-Received: from [202.181.97.72]:58900 [ident-empty] by smtp-proxy.isp with TPROXY id 1323400883.19062 Received: from www262.sakura.ne.jp (localhost [127.0.0.1]) by www262.sakura.ne.jp (8.14.3/8.14.3) with ESMTP id pB93LNVC080057; Fri, 9 Dec 2011 12:21:23 +0900 (JST) (envelope-from from-ubuntu@i-love.sakura.ne.jp) Received: (from i-love@localhost) by www262.sakura.ne.jp (8.14.3/8.14.3/Submit) id pB93LNQ8080056; Fri, 9 Dec 2011 12:21:23 +0900 (JST) (envelope-from from-ubuntu@i-love.sakura.ne.jp) Message-Id: <201112090321.pB93LNQ8080056@www262.sakura.ne.jp> X-Authentication-Warning: www262.sakura.ne.jp: i-love set sender to from-ubuntu@i-love.sakura.ne.jp using -f Subject: Re: 3.2-rc1 rebase review From: Tetsuo Handa To: keescook@chromium.org MIME-Version: 1.0 Date: Fri, 09 Dec 2011 12:21:23 +0900 References: <4EB99A68.7020105@canonical.com> <201111092250.FGJ30299.CVSUVNPVtGO@I-love.SAKURA.ne.jp> <201111100646.EJJ52108.PVVNCOUGtVS@I-love.SAKURA.ne.jp> <4EBB41B3.1040404@canonical.com> In-Reply-To: X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.44/RELEASE, bases: 09122011 #5956698, status: clean Cc: kernel-team@lists.ubuntu.com X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.13 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com Kees Cook wrote: > >> Okay, I see what you mean now. It's skipping the register_security() > >> part that hadn't sunk in. :) > > Tetsuo, does this look okay to you? I incorportated some additional > feedback about #ifdef clutter. Looks OK, except one thing. --- a/include/linux/security.h +++ b/include/linux/security.h @@ -3070,5 +3070,47 @@ static inline void free_secdata(void *secdata) { } #endif /* CONFIG_SECURITY */ +#if CONFIG_SECURITY_YAMA +extern int yama_ptrace_access_check(struct task_struct *child, + unsigned int mode); +extern int yama_path_link(struct dentry *old_dentry, struct path *new_dir, Please use "#ifdef CONFIG_SECURITY_YAMA". -- kernel-team mailing list kernel-team@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kernel-team