Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752315Ab2EPONk (ORCPT ); Wed, 16 May 2012 10:13:40 -0400 Received: from mail-qc0-f174.google.com ([209.85.216.174]:48628 "EHLO mail-qc0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751522Ab2EPONi (ORCPT ); Wed, 16 May 2012 10:13:38 -0400 MIME-Version: 1.0 In-Reply-To: References: <1336963631-3541-1-git-send-email-zohar@us.ibm.com> <1337112446.20904.50.camel@falcor> Date: Wed, 16 May 2012 10:13:37 -0400 Message-ID: Subject: Re: [PATCH] vfs: fix IMA lockdep circular locking dependency From: Eric Paris To: Linus Torvalds Cc: Mimi Zohar , Mimi Zohar , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Al Viro , Stephen Smalley Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 991 Lines: 24 On Tue, May 15, 2012 at 8:37 PM, Linus Torvalds wrote: > It does change some things, like say that "->mmap_file()" is only ever > called for actual files, not for anonymous mappings. It doesn't seem > to be sensible to have a security model for anonymous mappings - > there's nothing there to really target. Whatever. So we would have no checks for anonymous mappings? We actually do have some controls around them today http://www.akkadia.org/drepper/selinux-mem.html It's mostly around W+X memory. (or was W now X memory) Admittedly with the growing prevalence of JiT stuff we are using those protections less and less and less.... Not certain how happy some will be to see them completely disappear.... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/