From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: viro@zeniv.linux.org.uk, brauner@kernel.org, jack@suse.cz,
chuck.lever@oracle.com, jlayton@kernel.org, neilb@suse.de,
kolga@netapp.com, Dai.Ngo@oracle.com, tom@talpey.com,
paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
zohar@linux.ibm.com, dmitry.kasatkin@gmail.com,
eric.snowberg@oracle.com, dhowells@redhat.com, jarkko@kernel.org,
stephen.smalley.work@gmail.com, omosnace@redhat.com,
casey@schaufler-ca.com, shuah@kernel.org, mic@digikod.net
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-integrity@vger.kernel.org, keyrings@vger.kernel.org,
selinux@vger.kernel.org, linux-kselftest@vger.kernel.org,
Roberto Sassu <roberto.sassu@huawei.com>,
Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH v10 13/25] security: Introduce file_release hook
Date: Thu, 15 Feb 2024 11:31:01 +0100 [thread overview]
Message-ID: <20240215103113.2369171-14-roberto.sassu@huaweicloud.com> (raw)
In-Reply-To: <20240215103113.2369171-1-roberto.sassu@huaweicloud.com>
From: Roberto Sassu <roberto.sassu@huawei.com>
In preparation for moving IMA and EVM to the LSM infrastructure, introduce
the file_release hook.
IMA calculates at file close the new digest of the file content and writes
it to security.ima, so that appraisal at next file access succeeds.
The new hook cannot return an error and cannot cause the operation to be
reverted.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Christian Brauner <brauner@kernel.org>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
---
fs/file_table.c | 1 +
include/linux/lsm_hook_defs.h | 1 +
include/linux/security.h | 4 ++++
security/security.c | 11 +++++++++++
4 files changed, 17 insertions(+)
diff --git a/fs/file_table.c b/fs/file_table.c
index b991f90571b4..725407f374fa 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -367,6 +367,7 @@ static void __fput(struct file *file)
eventpoll_release(file);
locks_remove_file(file);
+ security_file_release(file);
ima_file_free(file);
if (unlikely(file->f_flags & FASYNC)) {
if (file->f_op->fasync)
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index 3c84942d2818..7f9e9240606e 100644
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -173,6 +173,7 @@ LSM_HOOK(int, 0, kernfs_init_security, struct kernfs_node *kn_dir,
struct kernfs_node *kn)
LSM_HOOK(int, 0, file_permission, struct file *file, int mask)
LSM_HOOK(int, 0, file_alloc_security, struct file *file)
+LSM_HOOK(void, LSM_RET_VOID, file_release, struct file *file)
LSM_HOOK(void, LSM_RET_VOID, file_free_security, struct file *file)
LSM_HOOK(int, 0, file_ioctl, struct file *file, unsigned int cmd,
unsigned long arg)
diff --git a/include/linux/security.h b/include/linux/security.h
index 97f2212c13b6..2997348afcb7 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -395,6 +395,7 @@ int security_kernfs_init_security(struct kernfs_node *kn_dir,
struct kernfs_node *kn);
int security_file_permission(struct file *file, int mask);
int security_file_alloc(struct file *file);
+void security_file_release(struct file *file);
void security_file_free(struct file *file);
int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
int security_file_ioctl_compat(struct file *file, unsigned int cmd,
@@ -1008,6 +1009,9 @@ static inline int security_file_alloc(struct file *file)
return 0;
}
+static inline void security_file_release(struct file *file)
+{ }
+
static inline void security_file_free(struct file *file)
{ }
diff --git a/security/security.c b/security/security.c
index 5b442032c273..145e3141339c 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2719,6 +2719,17 @@ int security_file_alloc(struct file *file)
return rc;
}
+/**
+ * security_file_release() - Perform actions before releasing the file ref
+ * @file: the file
+ *
+ * Perform actions before releasing the last reference to a file.
+ */
+void security_file_release(struct file *file)
+{
+ call_void_hook(file_release, file);
+}
+
/**
* security_file_free() - Free a file's LSM blob
* @file: the file
--
2.34.1
next prev parent reply other threads:[~2024-02-15 10:36 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-15 10:30 [PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 02/25] ima: Align ima_file_mprotect() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 03/25] ima: Align ima_inode_setxattr() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 04/25] ima: Align ima_inode_removexattr() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 05/25] ima: Align ima_post_read_file() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 06/25] evm: Align evm_inode_post_setattr() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 07/25] evm: Align evm_inode_setxattr() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() " Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 10/25] security: Introduce inode_post_setattr hook Roberto Sassu
2024-02-15 10:30 ` [PATCH v10 11/25] security: Introduce inode_post_removexattr hook Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 12/25] security: Introduce file_post_open hook Roberto Sassu
2024-02-15 10:31 ` Roberto Sassu [this message]
2024-02-15 10:31 ` [PATCH v10 14/25] security: Introduce path_post_mknod hook Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 16/25] security: Introduce inode_post_set_acl hook Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 18/25] security: Introduce key_post_create_or_update hook Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA Roberto Sassu
2024-02-15 16:09 ` Roberto Sassu
2024-02-16 0:25 ` Mimi Zohar
2024-02-15 10:31 ` [PATCH v10 20/25] ima: Move to LSM infrastructure Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 21/25] ima: Move IMA-Appraisal " Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 22/25] evm: Move " Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 24/25] ima: " Roberto Sassu
2024-02-15 10:31 ` [PATCH v10 25/25] integrity: Remove LSM Roberto Sassu
2024-02-16 4:43 ` [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure Paul Moore
2024-02-16 7:54 ` Roberto Sassu
2024-02-16 22:34 ` [PATCH v10 00/25] " Eric Snowberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240215103113.2369171-14-roberto.sassu@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=Dai.Ngo@oracle.com \
--cc=brauner@kernel.org \
--cc=casey@schaufler-ca.com \
--cc=chuck.lever@oracle.com \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=eric.snowberg@oracle.com \
--cc=jack@suse.cz \
--cc=jarkko@kernel.org \
--cc=jlayton@kernel.org \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=kolga@netapp.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=neilb@suse.de \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=roberto.sassu@huawei.com \
--cc=selinux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=shuah@kernel.org \
--cc=stefanb@linux.ibm.com \
--cc=stephen.smalley.work@gmail.com \
--cc=tom@talpey.com \
--cc=viro@zeniv.linux.org.uk \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).