Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
From: Mimi Zohar <zohar@linux.ibm.com>
To: Janne Karhunen <janne.karhunen@gmail.com>,
	linux-integrity@vger.kernel.org,
	linux-security-module@vger.kernel.org, linux-mm@kvack.org,
	viro@zeniv.linux.org.uk
Cc: Konsta Karsisto <konsta.karsisto@gmail.com>
Subject: Re: [PATCH 2/3] ima: update the file measurement on truncate
Date: Sun, 08 Sep 2019 11:38:26 -0400
Message-ID: <1567957106.4614.162.camel@linux.ibm.com> (raw)
In-Reply-To: <20190902094540.12786-2-janne.karhunen@gmail.com>

On Mon, 2019-09-02 at 12:45 +0300, Janne Karhunen wrote:
> Let IMA know when a file is being opened with truncate
> or truncated directly.
> 
> Depends on commit 72649b7862a7 ("ima: keep the integrity state of open files up to date")'
> 
> Signed-off-by: Janne Karhunen <janne.karhunen@gmail.com>
> Signed-off-by: Konsta Karsisto <konsta.karsisto@gmail.com>
> ---
>  fs/namei.c | 5 ++++-
>  fs/open.c  | 3 +++
>  2 files changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/namei.c b/fs/namei.c
> index 209c51a5226c..0994fe26bef1 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -3418,8 +3418,11 @@ static int do_last(struct nameidata *nd,
>  		goto out;
>  opened:
>  	error = ima_file_check(file, op->acc_mode);
> -	if (!error && will_truncate)
> +	if (!error && will_truncate) {
>  		error = handle_truncate(file);
> +		if (!error)
> +			ima_file_update(file);

Security and IMA hooks are normally named after the function.  For
example, there's a security hook named security_path_truncate() in
handle_truncate().  The new hook after the truncate would either be
named security_post_path_truncate() or ima_post_path_truncate().

> +	}
>  out:
>  	if (unlikely(error > 0)) {
>  		WARN_ON(1);
> diff --git a/fs/open.c b/fs/open.c
> index a59abe3c669a..98c2d4629371 100644
> --- a/fs/open.c
> +++ b/fs/open.c
> @@ -63,6 +63,9 @@ int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs,
>  	/* Note any delegations or leases have already been broken: */
>  	ret = notify_change(dentry, &newattrs, NULL);
>  	inode_unlock(dentry->d_inode);
> +
> +	if (filp)
> +		ima_file_update(filp);
>  	return ret;
>  }
>  

do_truncate() is called from a number of places.  Are you sure that
the call to IMA should be in all of them?  security_path_truncate()
isn't in all of the callers.

Mimi



  reply index

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-02  9:45 [PATCH 1/3] ima: keep the integrity state of open files up to date Janne Karhunen
2019-09-02  9:45 ` [PATCH 2/3] ima: update the file measurement on truncate Janne Karhunen
2019-09-08 15:38   ` Mimi Zohar [this message]
2019-09-02  9:45 ` [PATCH 3/3] ima: update the file measurement on writes Janne Karhunen
2019-09-08 17:07   ` Mimi Zohar
2019-09-02 11:31 ` [PATCH 1/3] ima: keep the integrity state of open files up to date kbuild test robot
2019-09-02 12:57 ` kbuild test robot
2019-09-08 16:35 ` Mimi Zohar
2019-09-09 21:39 ` Eric Biggers
2019-09-10  7:04   ` Janne Karhunen
2019-09-15 20:24     ` Eric Biggers
2019-09-16 11:45       ` Janne Karhunen
2019-09-17  4:23         ` Eric Biggers
2019-09-17  7:24           ` Janne Karhunen

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1567957106.4614.162.camel@linux.ibm.com \
    --to=zohar@linux.ibm.com \
    --cc=janne.karhunen@gmail.com \
    --cc=konsta.karsisto@gmail.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org
	public-inbox-index linux-security-module

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git