From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=gdUt=OF=redhat.com=linux-audit-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.7 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D12C4C43217
	for <linux-audit@archiver.kernel.org>; Wed, 15 Sep 2021 16:50:01 +0000 (UTC)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 4B0D8610E9
	for <linux-audit@archiver.kernel.org>; Wed, 15 Sep 2021 16:50:01 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 4B0D8610E9
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=paul-moore.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=redhat.com
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-295-yxgLqeIrPkGe-DWX5fFAsA-1; Wed, 15 Sep 2021 12:49:59 -0400
X-MC-Unique: yxgLqeIrPkGe-DWX5fFAsA-1
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BCEA0802CB9;
	Wed, 15 Sep 2021 16:49:55 +0000 (UTC)
Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id A6FF360C82;
	Wed, 15 Sep 2021 16:49:55 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 84D871803B30;
	Wed, 15 Sep 2021 16:49:55 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
	[10.11.54.4])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 18FGnsPm004929 for <linux-audit@listman.util.phx.redhat.com>;
	Wed, 15 Sep 2021 12:49:54 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 03CA92028114; Wed, 15 Sep 2021 16:49:54 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id F2A2320296AC
	for <linux-audit@redhat.com>; Wed, 15 Sep 2021 16:49:47 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3CD72811E7A
	for <linux-audit@redhat.com>; Wed, 15 Sep 2021 16:49:47 +0000 (UTC)
Received: from mail-qv1-f47.google.com (mail-qv1-f47.google.com
	[209.85.219.47]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-443-AB3YLnxvPHu1sbgs6cF1RA-1; Wed, 15 Sep 2021 12:49:45 -0400
X-MC-Unique: AB3YLnxvPHu1sbgs6cF1RA-1
Received: by mail-qv1-f47.google.com with SMTP id 62so2253652qvb.11
	for <linux-audit@redhat.com>; Wed, 15 Sep 2021 09:49:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20210112;
	h=x-gm-message-state:subject:from:to:date:message-id:in-reply-to
	:references:user-agent:mime-version:content-transfer-encoding;
	bh=Y1TkJrYx+ov8z66ALV7f2Sg5s1JjZX16Pw/yL09jGtA=;
	b=QzGsj6FwTe37xycYyOliYs4ec0rnWJYOM6gLbO/BxsOH0oLG3O6fJJUZCw9pUIOGTL
	y19/JXJ69DrraL1hMvaAYKTKbif04f63IfOlcDgmRp5/d7Ben3YmvpFLOFIQPJunveso
	eS6hUhLAsjcOYEewCocLQJUbOugnDhhONVSSbaZQc/wR2g72/Q8TBROm7dZjM/A+CSIm
	OQE3chPobxDp0Sa0ACGmPsdIdyoQJIriougCU6Bpv6iagvjLWBD4h7DL9wiUjDh+YjV0
	iUAi0AXQBO3R4+XUTKL5lifUZJjkxohrrE7zJcA5ly40/OK3sB5YJcA4PnRQ5zgxybO8
	LxrA==
X-Gm-Message-State: AOAM533jP8TPC4AdjoCn+s31j6w5RHka9Fhy2ehFljWZ7NCOH11bSXRV
	MgtKmeyu2Cl0H+vqSj8Krg/k
X-Google-Smtp-Source: ABdhPJzkEEdLdy0cmCrWtOnT2Cl0+J/Y8K0llmm4G08TjUGg5mP2ZlZheVR6JwnNE/XlH+vcZDoLOg==
X-Received: by 2002:ad4:54ce:: with SMTP id j14mr653905qvx.32.1631724584929;
	Wed, 15 Sep 2021 09:49:44 -0700 (PDT)
Received: from localhost (pool-96-237-52-188.bstnma.fios.verizon.net.
	[96.237.52.188])
	by smtp.gmail.com with ESMTPSA id g12sm268749qtq.92.2021.09.15.09.49.44
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Wed, 15 Sep 2021 09:49:44 -0700 (PDT)
Subject: [PATCH v4 4/8] fs: add anon_inode_getfile_secure() similar to
	anon_inode_getfd_secure()
From: Paul Moore <paul@paul-moore.com>
To: linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
	linux-audit@redhat.com, io-uring@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, Jens Axboe <axboe@kernel.dk>,
	Pavel Begunkov <asml.silence@gmail.com>,
	Kumar Kartikeya Dwivedi <memxor@gmail.com>
Date: Wed, 15 Sep 2021 12:49:43 -0400
Message-ID: <163172458385.88001.9452390680679491195.stgit@olly>
In-Reply-To: <163172413301.88001.16054830862146685573.stgit@olly>
References: <163172413301.88001.16054830862146685573.stgit@olly>
User-Agent: StGit/1.1
MIME-Version: 1.0
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: linux-audit@redhat.com
X-BeenThere: linux-audit@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Linux Audit Discussion <linux-audit.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

RXh0ZW5kaW5nIHRoZSBzZWN1cmUgYW5vbnltb3VzIGlub2RlIHN1cHBvcnQgdG8gb3RoZXIgc3Vi
c3lzdGVtcwpyZXF1aXJlcyB0aGF0IHdlIGhhdmUgYSBzZWN1cmUgYW5vbl9pbm9kZV9nZXRmaWxl
KCkgdmFyaWFudCBpbgphZGRpdGlvbiB0byB0aGUgZXhpc3Rpbmcgc2VjdXJlIGFub25faW5vZGVf
Z2V0ZmQoKSB2YXJpYW50LgoKVGhhbmtmdWxseSB3ZSBjYW4gcmV1c2UgdGhlIGV4aXN0aW5nIF9f
YW5vbl9pbm9kZV9nZXRmaWxlKCkgZnVuY3Rpb24KYW5kIGp1c3Qgd3JhcCBpdCB3aXRoIHRoZSBw
cm9wZXIgYXJndW1lbnRzLgoKQWNrZWQtYnk6IE1pY2thw6tsIFNhbGHDvG4gPG1pY0BsaW51eC5t
aWNyb3NvZnQuY29tPgpTaWduZWQtb2ZmLWJ5OiBQYXVsIE1vb3JlIDxwYXVsQHBhdWwtbW9vcmUu
Y29tPgoKLS0tCnY0OgotIG5vIGNoYW5nZQp2MzoKLSBubyBjaGFuZ2UKdjI6Ci0gbm8gY2hhbmdl
CnYxOgotIGluaXRpYWwgZHJhZnQKLS0tCiBmcy9hbm9uX2lub2Rlcy5jICAgICAgICAgICAgfCAg
IDI5ICsrKysrKysrKysrKysrKysrKysrKysrKysrKysrCiBpbmNsdWRlL2xpbnV4L2Fub25faW5v
ZGVzLmggfCAgICA0ICsrKysKIDIgZmlsZXMgY2hhbmdlZCwgMzMgaW5zZXJ0aW9ucygrKQoKZGlm
ZiAtLWdpdCBhL2ZzL2Fub25faW5vZGVzLmMgYi9mcy9hbm9uX2lub2Rlcy5jCmluZGV4IGEyODAx
NTYxMzhlZC4uZTBjM2UzM2M0MTc3IDEwMDY0NAotLS0gYS9mcy9hbm9uX2lub2Rlcy5jCisrKyBi
L2ZzL2Fub25faW5vZGVzLmMKQEAgLTE0OCw2ICsxNDgsMzUgQEAgc3RydWN0IGZpbGUgKmFub25f
aW5vZGVfZ2V0ZmlsZShjb25zdCBjaGFyICpuYW1lLAogfQogRVhQT1JUX1NZTUJPTF9HUEwoYW5v
bl9pbm9kZV9nZXRmaWxlKTsKIAorLyoqCisgKiBhbm9uX2lub2RlX2dldGZpbGVfc2VjdXJlIC0g
TGlrZSBhbm9uX2lub2RlX2dldGZpbGUoKSwgYnV0IGNyZWF0ZXMgYSBuZXcKKyAqICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAhU19QUklWQVRFIGFub24gaW5vZGUgcmF0aGVyIHRoYW4gcmV1
c2UgdGhlCisgKiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2luZ2xldG9uIGFub24gaW5v
ZGUgYW5kIGNhbGxzIHRoZQorICogICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlub2RlX2lu
aXRfc2VjdXJpdHlfYW5vbigpIExTTSBob29rLiAgVGhpcworICogICAgICAgICAgICAgICAgICAg
ICAgICAgICAgIGFsbG93cyBmb3IgYm90aCB0aGUgaW5vZGUgdG8gaGF2ZSBpdHMgb3duCisgKiAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgc2VjdXJpdHkgY29udGV4dCBhbmQgZm9yIHRoZSBM
U00gdG8gZW5mb3JjZQorICogICAgICAgICAgICAgICAgICAgICAgICAgICAgIHBvbGljeSBvbiB0
aGUgaW5vZGUncyBjcmVhdGlvbi4KKyAqCisgKiBAbmFtZTogICAgW2luXSAgICBuYW1lIG9mIHRo
ZSAiY2xhc3MiIG9mIHRoZSBuZXcgZmlsZQorICogQGZvcHM6ICAgIFtpbl0gICAgZmlsZSBvcGVy
YXRpb25zIGZvciB0aGUgbmV3IGZpbGUKKyAqIEBwcml2OiAgICBbaW5dICAgIHByaXZhdGUgZGF0
YSBmb3IgdGhlIG5ldyBmaWxlICh3aWxsIGJlIGZpbGUncyBwcml2YXRlX2RhdGEpCisgKiBAZmxh
Z3M6ICAgW2luXSAgICBmbGFncworICogQGNvbnRleHRfaW5vZGU6CisgKiAgICAgICAgICAgW2lu
XSAgICB0aGUgbG9naWNhbCByZWxhdGlvbnNoaXAgd2l0aCB0aGUgbmV3IGlub2RlIChvcHRpb25h
bCkKKyAqCisgKiBUaGUgTFNNIG1heSB1c2UgQGNvbnRleHRfaW5vZGUgaW4gaW5vZGVfaW5pdF9z
ZWN1cml0eV9hbm9uKCksIGJ1dCBhCisgKiByZWZlcmVuY2UgdG8gaXQgaXMgbm90IGhlbGQuICBS
ZXR1cm5zIHRoZSBuZXdseSBjcmVhdGVkIGZpbGUqIG9yIGFuIGVycm9yCisgKiBwb2ludGVyLiAg
U2VlIHRoZSBhbm9uX2lub2RlX2dldGZpbGUoKSBkb2N1bWVudGF0aW9uIGZvciBtb3JlIGluZm9y
bWF0aW9uLgorICovCitzdHJ1Y3QgZmlsZSAqYW5vbl9pbm9kZV9nZXRmaWxlX3NlY3VyZShjb25z
dCBjaGFyICpuYW1lLAorCQkJCSAgICAgICBjb25zdCBzdHJ1Y3QgZmlsZV9vcGVyYXRpb25zICpm
b3BzLAorCQkJCSAgICAgICB2b2lkICpwcml2LCBpbnQgZmxhZ3MsCisJCQkJICAgICAgIGNvbnN0
IHN0cnVjdCBpbm9kZSAqY29udGV4dF9pbm9kZSkKK3sKKwlyZXR1cm4gX19hbm9uX2lub2RlX2dl
dGZpbGUobmFtZSwgZm9wcywgcHJpdiwgZmxhZ3MsCisJCQkJICAgIGNvbnRleHRfaW5vZGUsIHRy
dWUpOworfQorCiBzdGF0aWMgaW50IF9fYW5vbl9pbm9kZV9nZXRmZChjb25zdCBjaGFyICpuYW1l
LAogCQkJICAgICAgY29uc3Qgc3RydWN0IGZpbGVfb3BlcmF0aW9ucyAqZm9wcywKIAkJCSAgICAg
IHZvaWQgKnByaXYsIGludCBmbGFncywKZGlmZiAtLWdpdCBhL2luY2x1ZGUvbGludXgvYW5vbl9p
bm9kZXMuaCBiL2luY2x1ZGUvbGludXgvYW5vbl9pbm9kZXMuaAppbmRleCA3MTg4MWEyYjZmNzgu
LjVkZWFkZGJkNzkyNyAxMDA2NDQKLS0tIGEvaW5jbHVkZS9saW51eC9hbm9uX2lub2Rlcy5oCisr
KyBiL2luY2x1ZGUvbGludXgvYW5vbl9pbm9kZXMuaApAQCAtMTUsNiArMTUsMTAgQEAgc3RydWN0
IGlub2RlOwogc3RydWN0IGZpbGUgKmFub25faW5vZGVfZ2V0ZmlsZShjb25zdCBjaGFyICpuYW1l
LAogCQkJCWNvbnN0IHN0cnVjdCBmaWxlX29wZXJhdGlvbnMgKmZvcHMsCiAJCQkJdm9pZCAqcHJp
diwgaW50IGZsYWdzKTsKK3N0cnVjdCBmaWxlICphbm9uX2lub2RlX2dldGZpbGVfc2VjdXJlKGNv
bnN0IGNoYXIgKm5hbWUsCisJCQkJICAgICAgIGNvbnN0IHN0cnVjdCBmaWxlX29wZXJhdGlvbnMg
KmZvcHMsCisJCQkJICAgICAgIHZvaWQgKnByaXYsIGludCBmbGFncywKKwkJCQkgICAgICAgY29u
c3Qgc3RydWN0IGlub2RlICpjb250ZXh0X2lub2RlKTsKIGludCBhbm9uX2lub2RlX2dldGZkKGNv
bnN0IGNoYXIgKm5hbWUsIGNvbnN0IHN0cnVjdCBmaWxlX29wZXJhdGlvbnMgKmZvcHMsCiAJCSAg
ICAgdm9pZCAqcHJpdiwgaW50IGZsYWdzKTsKIGludCBhbm9uX2lub2RlX2dldGZkX3NlY3VyZShj
b25zdCBjaGFyICpuYW1lLAoKLS0KTGludXgtYXVkaXQgbWFpbGluZyBsaXN0CkxpbnV4LWF1ZGl0
QHJlZGhhdC5jb20KaHR0cHM6Ly9saXN0bWFuLnJlZGhhdC5jb20vbWFpbG1hbi9saXN0aW5mby9s
aW51eC1hdWRpdA==