From: Paul Moore <paul@paul-moore.com>
To: felix <fuzhen5@huawei.com>, linux-security-module@vger.kernel.org
Cc: casey@schaufler-ca.com, roberto.sassu@huawei.com,
stefanb@linux.ibm.com, zohar@linux.ibm.com,
kamrankhadijadj@gmail.com, andrii@kernel.org,
omosnace@redhat.com, linux-kernel@vger.kernel.org,
bpf@vger.kernel.org, xiujianfeng@huawei.com,
wangweiyang2@huawei.com
Subject: Re: [PATCH -next] lsm: fix default return value for inode_set(remove)xattr
Date: Wed, 1 May 2024 16:47:37 -0400 [thread overview]
Message-ID: <CAHC9VhT0=Useuop92s4J9CGNpXa54r4NYnY9DOTnGmoo0hNv5w@mail.gmail.com> (raw)
In-Reply-To: <CAHC9VhTCFOCE0E-en3HnNkPVRumzWRPcrJMF-=dxke53dOv1Gg@mail.gmail.com>
On Wed, May 1, 2024 at 12:02 PM Paul Moore <paul@paul-moore.com> wrote:
> On Mon, Apr 29, 2024 at 7:47 AM felix <fuzhen5@huawei.com> wrote:
> >
> > From: Felix Fu <fuzhen5@huawei.com>
> >
> > The return value of security_inode_set(remove)xattr should
> > be 1. If it return 0, cap_inode_setxattr would not be
> > executed when no lsm exist, which is not what we expected,
> > any user could set some security.* xattr for a file.
> >
> > Before commit 260017f31a8c ("lsm: use default hook return
> > value in call_int_hook()") was approved, this issue would
> > still happened when lsm only include bpf, because bpf_lsm_
> > inode_setxattr return 0 by default which cause cap_inode_set
> > xattr to be not executed.
> >
> > Fixes: 260017f31a8c ("lsm: use default hook return value in call_int_hook()")
> > Signed-off-by: Felix Fu <fuzhen5@huawei.com>
> > ---
> > include/linux/lsm_hook_defs.h | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
>
> Adding the LSM list as that is the important list for this patch.
It's also worth noting the discussion below from earlier this year. I
just spent a little bit of time working on a different solution which
I personally find more acceptable; I'm building a test kernel now,
assuming it works I'll post it as a RFC.
https://lore.kernel.org/linux-security-module/20240129133058.1627971-1-omosnace@redhat.com/
--
paul-moore.com
prev parent reply other threads:[~2024-05-01 20:47 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20240429114636.123395-1-fuzhen5@huawei.com>
2024-05-01 16:02 ` [PATCH -next] lsm: fix default return value for inode_set(remove)xattr Paul Moore
2024-05-01 20:47 ` Paul Moore [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHC9VhT0=Useuop92s4J9CGNpXa54r4NYnY9DOTnGmoo0hNv5w@mail.gmail.com' \
--to=paul@paul-moore.com \
--cc=andrii@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=casey@schaufler-ca.com \
--cc=fuzhen5@huawei.com \
--cc=kamrankhadijadj@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=omosnace@redhat.com \
--cc=roberto.sassu@huawei.com \
--cc=stefanb@linux.ibm.com \
--cc=wangweiyang2@huawei.com \
--cc=xiujianfeng@huawei.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).