Re: [PATCH BUGFIX -rc3] Smack: Don't register smackfs if we're notloaded

[Ahmed S. Darwish]

On Wed, Mar 05, 2008 at 11:58:08AM +1100, James Morris wrote:
> On Tue, 4 Mar 2008, Linus Torvalds wrote:
> 
> > 
> > 
> > On Tue, 4 Mar 2008, Casey Schaufler wrote:
> > > 
> > > One solution would be to tighten the smackfs code so that it
> > > handles the uninitialized LSM case properly.
> > 
> > I really would tend to prefer that.
> 
> Can you simply call init_smk_fs() from smack_init() prior to 
> register_security() ?
> 

After analysing below oops:

[    0.072989] Call Trace:
[    0.072989]  [<c017d4a4>] alloc_vfsmnt+0x24/0xd0
[    0.072989]  [<c0168ee1>] vfs_kern_mount+0x31/0x120
[    0.072989]  [<c0168fe2>] kern_mount_data+0x12/0x20
[    0.072989]  [<c038a73c>] init_smk_fs+0x4c/0x80
[    0.072989]  [<c038a6ce>] smack_init+0xae/0xd0
[    0.072989]  [<c038a192>] security_init+0x52/0x70
[    0.072989]  [<c037aaa5>] start_kernel+0x1e5/0x290
[    0.072989]  [<c037a380>] unknown_bootoption+0x0/0x1f0
[    0.072989]  =======================

I've found that vfs_caches_init() got called after calling 
security_init() in the main kernel init path. 

This leads to kern_mount() Oopsing cause of Null dereferencing 
of mnt_cache  in the alloc_vfsmnt(mnt_cache, GFP_KERNEL) step.

I was thinking about exporting the current chosen_lsm[] string,
but I don't know if this maybe seen by Linus as another global
that arises from bad design. It may not also scale well if the
LSM needs to check if it's enabled in various places (lots of
strcmp()s).

Regards,

-- 

"Better to light a candle, than curse the darkness"

Ahmed S. Darwish
Homepage: http://darwish.07.googlepages.com
Blog: http://darwish-07.blogspot.com

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/