Mimi Zohar schrieb am 14.12.2018 um 20:01 Uhr: > On Fri, 2018-12-14 at 19:11 +0100, Ignaz Forster wrote: >> Hello, >> >> persisting files opened with O_TMPFILE doesn't seem to work on IMA as >> expected: The IMA xattr won't be written. This makes it impossible to >> access the file later. >> The following example application, based on the O_TMPFILE example from >> man 2 open >> will demonstrate this: >> >> >> #include >> #include >> #include >> #include >> >> int main(int argc, char *argv[]) { >> char path[PATH_MAX]; >> int fd = open("/tmp", __O_TMPFILE | O_RDWR, S_IRUSR | S_IWUSR); >> write(fd, "test", 4); >> snprintf(path, PATH_MAX, "/proc/self/fd/%d", fd); >> linkat(AT_FDCWD, path, AT_FDCWD, "/tmp/tmpfile_persisted.txt", >> AT_SYMLINK_FOLLOW); >> } >> >> >> (/tmp should not be a tmpfs of course; change to paths to a supported >> file system if necessary.) >> >> This was discovered when trying to understand why IMA is failing on >> overlayfs during truncated copy_up operations (see thread "PROBLEM: IMA >> xattrs not written on overlayfs" from September / October), though this >> is probably a different problem. > > rootfs is a tmpfs filesystem.  Once CPIO supports xattrs, they can be > included in the initramfs. > > Remember the builtin policies - ima_policy=tcb|appraise_tcb - are > there from boot.  They are meant to be replaced with finer grained > policies based on LSM labels, once the LSMs are up and running. > > Feel free to replace the builtin IMA policy with one to your liking. I'm not talking about the initrd or the early boot process here - the application will fail when compiling and executing it in a fully started system. It will just open a temporary file without a name, write something into it and save it to "/tmp/tmpfile_persisted.txt", following the example for using O_TMPFILE in the open(2) manpage. No IMA hash will be generated for the file, making the file inaccessible and thus breaking applications relying on this feature of O_TMPFILE (though I assume that's not widely used yet). Ignaz