2015-07-31 07:55:22

by Salvatore Mesoraca

Subject: [PATCH] Adding YAMA hooks also when YAMA is not stacked.

Without this patch YAMA will not work at all if it is chosen
as the primary LSM instead of being "stacked".

Signed-off-by: Salvatore Mesoraca <[email protected]>
---
security/yama/yama_lsm.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index 9ed3250..5ebb896 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -406,6 +406,7 @@ static __init int yama_init(void)
*/
if (!security_module_enable("yama"))
return 0;
+ yama_add_hooks();
#endif
pr_info("Yama: becoming mindful.\n");

--
2.3.6

2015-07-31 19:09:42

by Kees Cook

Subject: Re: [PATCH] Adding YAMA hooks also when YAMA is not stacked.

On Fri, Jul 31, 2015 at 12:55 AM, Salvatore Mesoraca
<[email protected]> wrote:
> Without this patch YAMA will not work at all if it is chosen
> as the primary LSM instead of being "stacked".

Ah! Good catch, thank you! CONFIG based stacking for Yama will be
removed 4.3, but this is appropriate for fixing in 4.2. James, can you
take this and send it to Linus for 4.2-rc5?

Acked-by: Kees Cook <[email protected]>

-Kees

>
> Signed-off-by: Salvatore Mesoraca <[email protected]>
> ---
> security/yama/yama_lsm.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
> index 9ed3250..5ebb896 100644
> --- a/security/yama/yama_lsm.c
> +++ b/security/yama/yama_lsm.c
> @@ -406,6 +406,7 @@ static __init int yama_init(void)
> */
> if (!security_module_enable("yama"))
> return 0;
> + yama_add_hooks();
> #endif
> pr_info("Yama: becoming mindful.\n");
>
> --
> 2.3.6



--
Kees Cook
Chrome OS Security

2015-08-02 08:12:13

by Salvatore Mesoraca

Subject: Re: [PATCH] Adding YAMA hooks also when YAMA is not stacked.

> Ah! Good catch, thank you! CONFIG based stacking for Yama will be
> removed 4.3, but this is appropriate for fixing in 4.2.

Thank you very much for your time!

Salvatore Mesoraca

2015-08-03 05:10:58

by James Morris

Subject: Re: [PATCH] Adding YAMA hooks also when YAMA is not stacked.

On Fri, 31 Jul 2015, Salvatore Mesoraca wrote:

> Without this patch YAMA will not work at all if it is chosen
> as the primary LSM instead of being "stacked".
>
> Signed-off-by: Salvatore Mesoraca <[email protected]>
> ---
> security/yama/yama_lsm.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
> index 9ed3250..5ebb896 100644
> --- a/security/yama/yama_lsm.c
> +++ b/security/yama/yama_lsm.c
> @@ -406,6 +406,7 @@ static __init int yama_init(void)
> */
> if (!security_module_enable("yama"))
> return 0;
> + yama_add_hooks();
> #endif
> pr_info("Yama: becoming mindful.\n");

It looks like your mailer is converting tabs to spaces, please fix and
resend.


--
James Morris
<[email protected]>

2015-08-03 10:17:55

by Salvatore Mesoraca

Subject: Re: [PATCH] Adding YAMA hooks also when YAMA is not stacked.

> It looks like your mailer is converting tabs to spaces, please fix and
> resend.

I'm sorry for this. I'm resending a fixed V2.

Salvatore Mesoraca