Re: [PATCH] Smack: Restore the smackfsdef mount option and add missing prefixes

From: Casey Schaufler <casey@schaufler-ca.com>
To: David Howells <dhowells@redhat.com>
Cc: viro@zeniv.linux.org.uk, jmorris@namei.org,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org, casey@schaufler-ca.com
Subject: Re: [PATCH] Smack: Restore the smackfsdef mount option and add missing prefixes
Date: Tue, 28 May 2019 14:39:22 -0700	[thread overview]
Message-ID: <207acb88-782d-37c1-c23a-7ca0c1daf7d5@schaufler-ca.com> (raw)
In-Reply-To: <155907646050.25083.16573974978890009010.stgit@warthog.procyon.org.uk>

On 5/28/2019 1:47 PM, David Howells wrote:
> From: Casey Schaufler <casey@schaufler-ca.com>
>
> The 5.1 mount system rework changed the smackfsdef mount option
> to smackfsdefault. This fixes the regression by making smackfsdef
> treated the same way as smackfsdefault.
>
> Also fix the smack_param_specs[] to have "smack" prefixes on all the names.
> This isn't visible to a user unless they either:
>
>  (a) Try to mount a filesystem that's converted to the internal mount API
>      and that implements the ->parse_monolithic() context operation - and
>      only then if they call security_fs_context_parse_param() rather than
>      security_sb_eat_lsm_opts().
>
>      There are no examples of this upstream yet, but nfs will probably want
>      to do this for nfs2 or nfs3.
>
>  (b) Use fsconfig() to configure the filesystem - in which case
>      security_fs_context_parse_param() will be called.
>
> This issue is that smack_sb_eat_lsm_opts() checks for the "smack" prefix on
> the options, but smack_fs_context_parse_param() does not.
>
> Fixes: c3300aaf95fb ("smack: get rid of match_token()")
> Fixes: 2febd254adc4 ("smack: Implement filesystem context security hooks")
> Cc: stable@vger.kernel.org
> Reported-by: Jose Bollo <jose.bollo@iot.bzh>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
> Signed-off-by: David Howells <dhowells@redhat.com>

Tested-by: Casey Schaufler <casey@schaufler-ca.com>

Looks good. Can you send this in for 5.1 and 5.2?

> ---
>
>  security/smack/smack_lsm.c |   12 +++++++-----
>  1 file changed, 7 insertions(+), 5 deletions(-)
>
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 0de725f88bed..d99450b4f511 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -68,6 +68,7 @@ static struct {
>  	int len;
>  	int opt;
>  } smk_mount_opts[] = {
> +	{"smackfsdef", sizeof("smackfsdef") - 1, Opt_fsdefault},
>  	A(fsdefault), A(fsfloor), A(fshat), A(fsroot), A(fstransmute)
>  };
>  #undef A
> @@ -682,11 +683,12 @@ static int smack_fs_context_dup(struct fs_context *fc,
>  }
>  
>  static const struct fs_parameter_spec smack_param_specs[] = {
> -	fsparam_string("fsdefault",	Opt_fsdefault),
> -	fsparam_string("fsfloor",	Opt_fsfloor),
> -	fsparam_string("fshat",		Opt_fshat),
> -	fsparam_string("fsroot",	Opt_fsroot),
> -	fsparam_string("fstransmute",	Opt_fstransmute),
> +	fsparam_string("smackfsdef",		Opt_fsdefault),
> +	fsparam_string("smackfsdefault",	Opt_fsdefault),
> +	fsparam_string("smackfsfloor",		Opt_fsfloor),
> +	fsparam_string("smackfshat",		Opt_fshat),
> +	fsparam_string("smackfsroot",		Opt_fsroot),
> +	fsparam_string("smackfstransmute",	Opt_fstransmute),
>  	{}
>  };
>  
>