linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Chirantan Ekbote <chirantan@chromium.org>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: linux-fsdevel@vger.kernel.org, fuse-devel@lists.sourceforge.net
Subject: fuse doesn't use security_inode_init_security?
Date: Fri, 1 May 2020 15:55:20 +0900	[thread overview]
Message-ID: <CAJFHJroyC8SAFJZuQxcwHqph5EQRg=MqFdvfnwbK35Cv-A-neA@mail.gmail.com> (raw)

Hello,

I noticed that the fuse module doesn't currently call
security_inode_init_security and I was wondering if there is a
specific reason for that.  I found a patch from 2013[1] that would
change fuse so that it would call that function but it doesn't appear
that the patch was merged.

For background: I currently have a virtio-fs server with a guest VM
that wants to use selinux.  I was able to enable selinux support
without much issue by adding

    fs_use_xattr virtiofs u:object_r:labeledfs:s0;

to the selinux policy in the guest.  This works for the most part
except that `setfscreatecon` doesn't appear to work.  From what I can
tell, this ends up writing to `/proc/[pid]/attr/fscreate` and the
attributes actually get set via the `inode_init_security` lsm hook in
selinux.  However, since fuse doesn't call
`security_inode_init_security` the hook never runs so the
file/directory doesn't have the right attributes.

Is it safe to just call `security_inode_init_security` whenever fuse
creates a new inode?  How does this affect non-virtiofs fuse servers?
Would we need a new flag so that servers could opt-in to this behavior
like in the patch from [1]?

Thank you,
Chirantan

[1] https://sourceforge.net/p/fuse/mailman/message/31624830/

             reply	other threads:[~2020-05-01  6:55 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-01  6:55 Chirantan Ekbote [this message]
2020-05-01  7:53 ` fuse doesn't use security_inode_init_security? Miklos Szeredi
2020-05-01 18:32   ` Stephen Smalley
2020-05-07  7:53     ` Chirantan Ekbote
2020-05-07 13:06       ` Stephen Smalley
2020-05-01 15:46 ` Vivek Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAJFHJroyC8SAFJZuQxcwHqph5EQRg=MqFdvfnwbK35Cv-A-neA@mail.gmail.com' \
    --to=chirantan@chromium.org \
    --cc=fuse-devel@lists.sourceforge.net \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=miklos@szeredi.hu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).