From: Stefan Berger <stefanb@linux.ibm.com>
To: Amir Goldstein <amir73il@gmail.com>
Cc: linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-unionfs@vger.kernel.org, linux-kernel@vger.kernel.org,
paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
zohar@linux.ibm.com, roberto.sassu@huawei.com, miklos@szeredi.hu,
Christian Brauner <brauner@kernel.org>
Subject: Re: [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
Date: Thu, 1 Feb 2024 10:41:15 -0500 [thread overview]
Message-ID: <093ffc74-c5f5-49e7-8be9-77158336c878@linux.ibm.com> (raw)
In-Reply-To: <CAOQ4uxjgdvGU0WE+92ByQE26Jp0j16AgfyCjNyEp7=86akOSsA@mail.gmail.com>
On 1/31/24 08:25, Amir Goldstein wrote:
> On Tue, Jan 30, 2024 at 11:46 PM Stefan Berger <stefanb@linux.ibm.com> wrote:
>>
>> Copying up xattrs is solely based on the security xattr name. For finer
>> granularity add a dentry parameter to the security_inode_copy_up_xattr
>> hook definition, allowing decisions to be based on the xattr content as
>> well.
>>
>> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
>> ---
>> fs/overlayfs/copy_up.c | 2 +-
>> include/linux/evm.h | 2 +-
>> include/linux/lsm_hook_defs.h | 3 ++-
>> include/linux/security.h | 4 ++--
>> security/integrity/evm/evm_main.c | 2 +-
>> security/security.c | 7 ++++---
>> security/selinux/hooks.c | 2 +-
>> security/smack/smack_lsm.c | 2 +-
>> 8 files changed, 13 insertions(+), 11 deletions(-)
>>
>> diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
>> index b8e25ca51016..bd9ddcefb7a7 100644
>> --- a/fs/overlayfs/copy_up.c
>> +++ b/fs/overlayfs/copy_up.c
>> @@ -114,7 +114,7 @@ int ovl_copy_xattr(struct super_block *sb, const struct path *oldpath, struct de
>> if (ovl_is_private_xattr(sb, name))
>> continue;
>>
>> - error = security_inode_copy_up_xattr(name);
>> + error = security_inode_copy_up_xattr(old, name);
>
> What do you think about:
>
> error = security_inode_copy_up_xattr(name, NULL, 0);
We need 'old'.
>
> and then later...
>
> error = security_inode_copy_up_xattr(name, value, size);
Are these parameter used to first query for the necessary size of the
buffer and then provide the buffer to fill it? Or should the function
rather take an existing buffer and realloc it if necessary and place the
value of the xattr into it? Unfortunately this function currently
returns '1' for 'discard', so returning the size of the xattr value from
it maybe not ideal but it would require maybe yet another parameter that
indicates what the size of the xattr value is.
Stefan
>
> I am asking because overlayfs uses mnt_idmap(path->mnt) and you
> have used nop_mnt_idmap inside evm hook.
> this does not look right to me?
>
> Thanks,
> Amir.
next prev parent reply other threads:[~2024-02-01 15:41 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-30 21:46 [PATCH 0/5] evm: Support signatures on stacked filesystem Stefan Berger
2024-01-30 21:46 ` [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs Stefan Berger
2024-01-31 13:25 ` Amir Goldstein
2024-01-31 14:25 ` Christian Brauner
2024-01-31 14:56 ` Stefan Berger
2024-02-01 13:35 ` Christian Brauner
2024-02-01 14:18 ` Amir Goldstein
2024-02-02 11:58 ` Christian Brauner
2024-02-01 15:41 ` Stefan Berger [this message]
2024-01-31 16:47 ` kernel test robot
2024-01-31 19:06 ` kernel test robot
2024-01-30 21:46 ` [PATCH 2/5] evm: Implement per signature type decision in security_inode_copy_up_xattr Stefan Berger
2024-01-31 13:28 ` Amir Goldstein
2024-01-30 21:46 ` [PATCH 3/5] ima: Reset EVM status upon detecting changes to overlay backing file Stefan Berger
2024-01-31 13:56 ` Amir Goldstein
2024-01-31 14:46 ` Stefan Berger
2024-01-30 21:46 ` [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash Stefan Berger
2024-01-31 2:10 ` Stefan Berger
2024-01-31 13:16 ` Amir Goldstein
2024-01-31 14:40 ` Stefan Berger
2024-01-31 15:54 ` Amir Goldstein
2024-01-31 17:23 ` Amir Goldstein
2024-01-31 17:46 ` Stefan Berger
2024-02-01 12:10 ` Amir Goldstein
2024-02-01 13:36 ` Stefan Berger
2024-02-01 14:11 ` Amir Goldstein
2024-02-01 20:35 ` Stefan Berger
2024-02-02 9:24 ` Amir Goldstein
2024-02-02 14:59 ` Stefan Berger
2024-02-02 15:51 ` Amir Goldstein
2024-02-02 16:06 ` Stefan Berger
2024-02-02 16:17 ` Amir Goldstein
2024-02-02 16:30 ` Stefan Berger
2024-01-31 17:25 ` Stefan Berger
2024-01-30 21:46 ` [PATCH 5/5] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509 Stefan Berger
2024-01-31 14:06 ` Amir Goldstein
2024-02-01 17:53 ` Mimi Zohar
2024-01-31 13:18 ` [PATCH 0/5] evm: Support signatures on stacked filesystem Amir Goldstein
2024-01-31 14:52 ` Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=093ffc74-c5f5-49e7-8be9-77158336c878@linux.ibm.com \
--to=stefanb@linux.ibm.com \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=paul@paul-moore.com \
--cc=roberto.sassu@huawei.com \
--cc=serge@hallyn.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).