From: Paul Moore <paul@paul-moore.com>
To: "Mickaël Salaün" <mic@digikod.net>
Cc: "Günther Noack" <gnoack@google.com>,
linux-security-module@vger.kernel.org,
"Jeff Xu" <jeffxu@google.com>, "Arnd Bergmann" <arnd@arndb.de>,
"Jorge Lucangeli Obes" <jorgelo@chromium.org>,
"Allen Webb" <allenwebb@google.com>,
"Dmitry Torokhov" <dtor@google.com>,
"Konstantin Meskhidze" <konstantin.meskhidze@huawei.com>,
"Matt Bobrowski" <repnop@google.com>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH v13 10/10] fs/ioctl: Add a comment to keep the logic in sync with the Landlock LSM
Date: Thu, 28 Mar 2024 13:06:57 -0400 [thread overview]
Message-ID: <CAHC9VhS=ESSCK6TiTXbqDmvDUwPa3UFBN7ZaJogmj=Qguc_m2w@mail.gmail.com> (raw)
In-Reply-To: <20240328.mahn4seChaej@digikod.net>
On Thu, Mar 28, 2024 at 12:43 PM Mickaël Salaün <mic@digikod.net> wrote:
> On Thu, Mar 28, 2024 at 09:08:13AM -0400, Paul Moore wrote:
> > On Thu, Mar 28, 2024 at 8:11 AM Mickaël Salaün <mic@digikod.net> wrote:
> > > On Wed, Mar 27, 2024 at 01:10:40PM +0000, Günther Noack wrote:
> > > > Landlock's IOCTL support needs to partially replicate the list of
> > > > IOCTLs from do_vfs_ioctl(). The list of commands implemented in
> > > > do_vfs_ioctl() should be kept in sync with Landlock's IOCTL policies.
> > > >
> > > > Signed-off-by: Günther Noack <gnoack@google.com>
> > > > ---
> > > > fs/ioctl.c | 3 +++
> > > > 1 file changed, 3 insertions(+)
> > > >
> > > > diff --git a/fs/ioctl.c b/fs/ioctl.c
> > > > index 1d5abfdf0f22..661b46125669 100644
> > > > --- a/fs/ioctl.c
> > > > +++ b/fs/ioctl.c
> > > > @@ -796,6 +796,9 @@ static int ioctl_get_fs_sysfs_path(struct file *file, void __user *argp)
> > > > *
> > > > * When you add any new common ioctls to the switches above and below,
> > > > * please ensure they have compatible arguments in compat mode.
> > > > + *
> > > > + * The commands which are implemented here should be kept in sync with the IOCTL
> > > > + * security policies in the Landlock LSM.
> > >
> > > Suggestion:
> > > "with the Landlock IOCTL security policy defined in security/landlock/fs.c"
> >
> > We really shouldn't have any comments or code outside of the security/
> > directory that reference a specific LSM implementation. I'm sure
> > there are probably a few old comments referring to SELinux, but those
> > are bugs as far as I'm concerned (if anyone spots one, please let me
> > know or send me a patch!).
> >
> > How about the following?
> >
> > "The LSM list should also be notified of any command additions or
>
> "The LSM mailing list..."
;)
> > changes as specific LSMs may be affected."
>
> Looks good.
--
paul-moore.com
prev parent reply other threads:[~2024-03-28 17:07 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-27 13:10 [PATCH v13 00/10] Landlock: IOCTL support Günther Noack
2024-03-27 13:10 ` [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices Günther Noack
2024-03-27 16:57 ` Mickaël Salaün
2024-03-28 12:01 ` Mickaël Salaün
2024-04-02 18:28 ` Günther Noack
2024-04-03 11:15 ` Mickaël Salaün
2024-04-05 16:17 ` Günther Noack
2024-04-05 16:22 ` Günther Noack
2024-04-05 18:04 ` Mickaël Salaün
2024-04-05 18:17 ` Kent Overstreet
2024-04-05 21:44 ` Günther Noack
2024-04-05 18:01 ` Mickaël Salaün
2024-03-27 13:10 ` [PATCH v13 02/10] selftests/landlock: Test IOCTL support Günther Noack
2024-03-27 16:58 ` Mickaël Salaün
2024-03-27 13:10 ` [PATCH v13 03/10] selftests/landlock: Test IOCTL with memfds Günther Noack
2024-03-27 13:10 ` [PATCH v13 04/10] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Günther Noack
2024-03-27 13:10 ` [PATCH v13 05/10] selftests/landlock: Test IOCTLs on named pipes Günther Noack
2024-03-27 13:10 ` [PATCH v13 06/10] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Günther Noack
2024-03-27 13:10 ` [PATCH v13 07/10] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Günther Noack
2024-03-27 13:10 ` [PATCH v13 08/10] landlock: Document IOCTL support Günther Noack
2024-03-27 13:10 ` [PATCH v13 09/10] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c Günther Noack
2024-03-27 13:10 ` [PATCH v13 10/10] fs/ioctl: Add a comment to keep the logic in sync with the Landlock LSM Günther Noack
2024-03-28 12:11 ` Mickaël Salaün
2024-03-28 13:08 ` Paul Moore
2024-03-28 16:43 ` Mickaël Salaün
2024-03-28 17:06 ` Paul Moore [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHC9VhS=ESSCK6TiTXbqDmvDUwPa3UFBN7ZaJogmj=Qguc_m2w@mail.gmail.com' \
--to=paul@paul-moore.com \
--cc=allenwebb@google.com \
--cc=arnd@arndb.de \
--cc=dtor@google.com \
--cc=gnoack@google.com \
--cc=jeffxu@google.com \
--cc=jorgelo@chromium.org \
--cc=konstantin.meskhidze@huawei.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=repnop@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.