From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: mark@fasheh.com, jlbec@evilplan.org, joseph.qi@linux.alibaba.com,
zohar@linux.ibm.com, dmitry.kasatkin@gmail.com,
paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
stephen.smalley.work@gmail.com, eparis@parisplace.org,
casey@schaufler-ca.com
Cc: ocfs2-devel@oss.oracle.com, reiserfs-devel@vger.kernel.org,
linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
linux-kernel@vger.kernel.org, keescook@chromium.org,
nicolas.bouchinet@clip-os.org,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security()
Date: Thu, 1 Dec 2022 11:41:21 +0100 [thread overview]
Message-ID: <20221201104125.919483-3-roberto.sassu@huaweicloud.com> (raw)
In-Reply-To: <20221201104125.919483-1-roberto.sassu@huaweicloud.com>
From: Roberto Sassu <roberto.sassu@huawei.com>
In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security().
Extend the existing ocfs2_initxattrs() to take the
ocfs2_security_xattr_info structure from fs_info, and populate the
name/value/len triple with the first xattr provided by LSMs.
As fs_info was not used before, ocfs2_initxattrs() can now handle the case
of replicating the behavior of security_old_inode_init_security(), i.e.
just obtaining the xattr, in addition to setting all xattrs provided by
LSMs.
Supporting multiple xattrs is not currently supported where
security_old_inode_init_security() was called (mknod, symlink), as it
requires non-trivial changes that can be done at a later time. Like for
reiserfs, even if EVM is invoked, it will not provide an xattr (if it is
not the first to set it, its xattr will be discarded; if it is the first,
it does not have xattrs to calculate the HMAC on).
Finally, modify the handling of the return value from
ocfs2_init_security_get(). As security_inode_init_security() does not
return -EOPNOTSUPP, remove this case and directly handle the error if the
return value is not zero.
However, the previous case of receiving -EOPNOTSUPP should be still
taken into account, as security_inode_init_security() could return zero
without setting xattrs and ocfs2 would consider it as if the xattr was set.
Instead, if security_inode_init_security() returned zero, look at the xattr
if it was set, and behave accordingly, i.e. set si->enable to zero to
notify to the functions following ocfs2_init_security_get() that the xattr
is not available (same as if security_old_inode_init_security() returned
-EOPNOTSUPP).
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
---
fs/ocfs2/namei.c | 18 ++++++------------
fs/ocfs2/xattr.c | 30 ++++++++++++++++++++++++++----
2 files changed, 32 insertions(+), 16 deletions(-)
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
index 05f32989bad6..55fba81cd2d1 100644
--- a/fs/ocfs2/namei.c
+++ b/fs/ocfs2/namei.c
@@ -242,6 +242,7 @@ static int ocfs2_mknod(struct user_namespace *mnt_userns,
int want_meta = 0;
int xattr_credits = 0;
struct ocfs2_security_xattr_info si = {
+ .name = NULL,
.enable = 1,
};
int did_quota_inode = 0;
@@ -315,12 +316,8 @@ static int ocfs2_mknod(struct user_namespace *mnt_userns,
/* get security xattr */
status = ocfs2_init_security_get(inode, dir, &dentry->d_name, &si);
if (status) {
- if (status == -EOPNOTSUPP)
- si.enable = 0;
- else {
- mlog_errno(status);
- goto leave;
- }
+ mlog_errno(status);
+ goto leave;
}
/* calculate meta data/clusters for setting security and acl xattr */
@@ -1805,6 +1802,7 @@ static int ocfs2_symlink(struct user_namespace *mnt_userns,
int want_clusters = 0;
int xattr_credits = 0;
struct ocfs2_security_xattr_info si = {
+ .name = NULL,
.enable = 1,
};
int did_quota = 0, did_quota_inode = 0;
@@ -1875,12 +1873,8 @@ static int ocfs2_symlink(struct user_namespace *mnt_userns,
/* get security xattr */
status = ocfs2_init_security_get(inode, dir, &dentry->d_name, &si);
if (status) {
- if (status == -EOPNOTSUPP)
- si.enable = 0;
- else {
- mlog_errno(status);
- goto bail;
- }
+ mlog_errno(status);
+ goto bail;
}
/* calculate meta data/clusters for setting security xattr */
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
index 95d0611c5fc7..55699c573541 100644
--- a/fs/ocfs2/xattr.c
+++ b/fs/ocfs2/xattr.c
@@ -7259,9 +7259,21 @@ static int ocfs2_xattr_security_set(const struct xattr_handler *handler,
static int ocfs2_initxattrs(struct inode *inode, const struct xattr *xattr_array,
void *fs_info)
{
+ struct ocfs2_security_xattr_info *si = fs_info;
const struct xattr *xattr;
int err = 0;
+ if (si) {
+ si->value = kmemdup(xattr_array->value, xattr_array->value_len,
+ GFP_KERNEL);
+ if (!si->value)
+ return -ENOMEM;
+
+ si->name = xattr_array->name;
+ si->value_len = xattr_array->value_len;
+ return 0;
+ }
+
for (xattr = xattr_array; xattr->name != NULL; xattr++) {
err = ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY,
xattr->name, xattr->value,
@@ -7277,13 +7289,23 @@ int ocfs2_init_security_get(struct inode *inode,
const struct qstr *qstr,
struct ocfs2_security_xattr_info *si)
{
+ int ret;
+
/* check whether ocfs2 support feature xattr */
if (!ocfs2_supports_xattr(OCFS2_SB(dir->i_sb)))
return -EOPNOTSUPP;
- if (si)
- return security_old_inode_init_security(inode, dir, qstr,
- &si->name, &si->value,
- &si->value_len);
+ if (si) {
+ ret = security_inode_init_security(inode, dir, qstr,
+ &ocfs2_initxattrs, si);
+ /*
+ * security_inode_init_security() does not return -EOPNOTSUPP,
+ * we have to check the xattr ourselves.
+ */
+ if (!ret && !si->name)
+ si->enable = 0;
+
+ return ret;
+ }
return security_inode_init_security(inode, dir, qstr,
&ocfs2_initxattrs, NULL);
--
2.25.1
next prev parent reply other threads:[~2022-12-01 10:43 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-01 10:41 [PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes Roberto Sassu
2022-12-01 10:41 ` [PATCH v7 1/6] reiserfs: Switch to security_inode_init_security() Roberto Sassu
2023-02-17 19:47 ` Mimi Zohar
2022-12-01 10:41 ` Roberto Sassu [this message]
2023-01-10 8:55 ` [PATCH v7 2/6] ocfs2: " Roberto Sassu
2023-01-12 17:21 ` Paul Moore
2023-02-08 14:33 ` Roberto Sassu
2023-02-09 21:05 ` Paul Moore
2023-02-21 6:45 ` Joseph Qi
2023-02-21 7:51 ` Roberto Sassu
2023-02-17 19:51 ` Mimi Zohar
2023-02-17 21:30 ` Mimi Zohar
2023-02-20 9:27 ` Roberto Sassu
2023-02-20 11:08 ` Mimi Zohar
2023-02-20 12:20 ` Roberto Sassu
2023-02-20 12:40 ` Mimi Zohar
2023-02-20 8:34 ` Roberto Sassu
2022-12-01 10:41 ` [PATCH v7 3/6] security: Remove security_old_inode_init_security() Roberto Sassu
2023-02-19 19:41 ` Mimi Zohar
2022-12-01 10:41 ` [PATCH v7 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook Roberto Sassu
2023-02-20 12:43 ` Mimi Zohar
2022-12-01 10:41 ` [PATCH v7 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure Roberto Sassu
2023-02-19 19:41 ` Mimi Zohar
2022-12-01 10:41 ` [PATCH v7 6/6] evm: Support multiple LSMs providing an xattr Roberto Sassu
2023-02-19 19:42 ` Mimi Zohar
2023-02-20 9:49 ` Roberto Sassu
2023-02-20 10:56 ` Mimi Zohar
2023-01-12 17:15 ` [PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes Paul Moore
2023-01-13 10:35 ` Roberto Sassu
2023-03-08 22:16 ` Paul Moore
2023-03-09 7:53 ` Roberto Sassu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221201104125.919483-3-roberto.sassu@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=casey@schaufler-ca.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=eparis@parisplace.org \
--cc=jlbec@evilplan.org \
--cc=jmorris@namei.org \
--cc=joseph.qi@linux.alibaba.com \
--cc=keescook@chromium.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mark@fasheh.com \
--cc=nicolas.bouchinet@clip-os.org \
--cc=ocfs2-devel@oss.oracle.com \
--cc=paul@paul-moore.com \
--cc=reiserfs-devel@vger.kernel.org \
--cc=roberto.sassu@huawei.com \
--cc=selinux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=stephen.smalley.work@gmail.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).