Return-Path: <linux-kernel-owner+w=401wt.eu-S1760416AbYHHTuT@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1760416AbYHHTuT (ORCPT <rfc822;w@1wt.eu>);
	Fri, 8 Aug 2008 15:50:19 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1760331AbYHHTuA
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Fri, 8 Aug 2008 15:50:00 -0400
Received: from e5.ny.us.ibm.com ([32.97.182.145]:36633 "EHLO e5.ny.us.ibm.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1760324AbYHHTt6 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Fri, 8 Aug 2008 15:49:58 -0400
In-Reply-To: <20080808191519.GA3704@kroah.com>
References: <20080808184349.999902616@linux.vnet.ibm.com> <1218221742.4444.12.camel@localhost.localdomain> <20080808190448.GA3356@kroah.com> <20080808191519.GA3704@kroah.com>
To: Greg KH <greg@kroah.com>
Cc: James Morris <jmorris@namei.org>, linux-kernel@vger.kernel.org,
       linux-security-module@vger.kernel.org,
       Randy Dunlap <randy.dunlap@oracle.com>, safford@watson.ibm.com,
       sailer@watson.ibm.com, Stephen Smalley <sds@tycho.nsa.gov>,
       serue@linux.vnet.ibm.com, Al Viro <viro@ZenIV.linux.org.uk>,
       Mimi Zohar <zohar@linux.vnet.ibm.com>
MIME-Version: 1.0
Subject: Re: [PATCH 2/4] integrity: special fs magic
X-KeepSent: C0E5DFDC:21CEA1BD-8525749F:006C2CBE;
 type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.0.1 February 07, 2008
Message-ID: <OFC0E5DFDC.21CEA1BD-ON8525749F.006C2CBE-8525749F.006CEE93@us.ibm.com>
From: Mimi Zohar <zohar@us.ibm.com>
Date: Fri, 8 Aug 2008 15:50:02 -0400
X-MIMETrack: Serialize by Router on D01ML604/01/M/IBM(Build V85_M1_05262008|May 26, 2008) at
 08/08/2008 15:49:50,
	Serialize complete at 08/08/2008 15:49:50
Content-Type: text/plain; charset="US-ASCII"
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1311
Lines: 36

Greg KH <greg@kroah.com> wrote on 08/08/2008 03:15:19 PM:

> On Fri, Aug 08, 2008 at 12:04:48PM -0700, Greg KH wrote:
> > On Fri, Aug 08, 2008 at 02:55:42PM -0400, Mimi Zohar wrote:
> > >     - Move special fs magic number definitions to magic.h
> > >     - Add magic.h include
> > > 
> > >     Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
> > 
> > Why?  What is this patch for?  Are you going to do something with 
these
> > magic values later?
> 
> Ok, I now see the follow-up patch that does something with them.
> 
> You should say so in this patch.
> 
> And is it really ok to be doing things from userspace based on a
> filesystem "magic" key?  Those are numbers we have never exported to
> userspace before, what happens if they are changed?
> 
> thanks,
> 
> greg k-h

Userspace only loads the measurement policy (via securityfs), and if
a magic number changes, and the policy is not updated to match, then
we would end up measuring some filesystems we didn't need to.  Before 
the magic numbers were hard coded in IMA, now at least, it's extensible. 

Mimi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/