linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Sakkinen, Jarkko" <jarkko.sakkinen@intel.com>
To: Hugh Dickins <hughd@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	James Morris <jmorris@namei.org>,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org
Subject: Re: [PATCH] tmpfs: security xattr setting on inode creation
Date: Sat, 25 Feb 2012 09:03:40 +0200	[thread overview]
Message-ID: <CADjiTvBr9Y7vPHahpdggzAwySCLHRjNDR4Tn4qDFfU6oeZ-DpQ@mail.gmail.com> (raw)
In-Reply-To: <alpine.LSU.2.00.1202241904070.22389@eggly.anvils>

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset=UTF-8, Size: 7681 bytes --]

Hi Hugh,

On Sat, Feb 25, 2012 at 5:19 AM, Hugh Dickins <hughd@google.com> wrote:
> Thanks a lot for doing this, Jarkko: I knew nothing about it.
> And thank you James for reviewing, I felt much happier seeing that.
>
> I did fiddle around with it slightly, to reduce the added textsize,
> and eliminate it when CONFIG_TMPFS_XATTR is off.  Please, Jarkko
> and James, complain bitterly if I've messed up the good work.

Thank you for the nice feedback :) LGTM.

>
> [PATCH] tmpfs: security xattr setting on inode creation
>
> From: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
>
> Adds to generic xattr support introduced in Linux 3.0 by
> implementing initxattrs callback. This enables consulting
> of security attributes from LSM and EVM when inode is created.
>
> [hughd: moved under CONFIG_TMPFS_XATTR, with memcpy in shmem_xattr_alloc]
>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
> Reviewed-by: James Morris <james.l.morris@oracle.com>
> Signed-off-by: Hugh Dickins <hughd@google.com>
> ---
>  mm/shmem.c |   88 +++++++++++++++++++++++++++++++++++++++++----------
>  1 file changed, 72 insertions(+), 16 deletions(-)
>
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
> @@ -1178,6 +1178,12 @@ static struct inode *shmem_get_inode(str
>  static const struct inode_operations shmem_symlink_inode_operations;
>  static const struct inode_operations shmem_short_symlink_operations;
>
> +#ifdef CONFIG_TMPFS_XATTR
> +static int shmem_initxattrs(struct inode *, const struct xattr *, void *);
> +#else
> +#define shmem_initxattrs NULL
> +#endif
> +
>  static int
>  shmem_write_begin(struct file *file, struct address_space *mapping,
>                        loff_t pos, unsigned len, unsigned flags,
> @@ -1490,7 +1496,7 @@ shmem_mknod(struct inode *dir, struct de
>        if (inode) {
>                error = security_inode_init_security(inode, dir,
>                                                     &dentry->d_name,
> -                                                    NULL, NULL);
> +                                                    shmem_initxattrs, NULL);
>                if (error) {
>                        if (error != -EOPNOTSUPP) {
>                                iput(inode);
> @@ -1630,7 +1636,7 @@ static int shmem_symlink(struct inode *d
>                return -ENOSPC;
>
>        error = security_inode_init_security(inode, dir, &dentry->d_name,
> -                                            NULL, NULL);
> +                                            shmem_initxattrs, NULL);
>        if (error) {
>                if (error != -EOPNOTSUPP) {
>                        iput(inode);
> @@ -1704,6 +1710,66 @@ static void shmem_put_link(struct dentry
>  * filesystem level, though.
>  */
>
> +/*
> + * Allocate new xattr and copy in the value; but leave the name to callers.
> + */
> +static struct shmem_xattr *shmem_xattr_alloc(const void *value, size_t size)
> +{
> +       struct shmem_xattr *new_xattr;
> +       size_t len;
> +
> +       /* wrap around? */
> +       len = sizeof(*new_xattr) + size;
> +       if (len <= sizeof(*new_xattr))
> +               return NULL;
> +
> +       new_xattr = kmalloc(len, GFP_KERNEL);
> +       if (!new_xattr)
> +               return NULL;
> +
> +       new_xattr->size = size;
> +       memcpy(new_xattr->value, value, size);
> +       return new_xattr;
> +}
> +
> +/*
> + * Callback for security_inode_init_security() for acquiring xattrs.
> + */
> +static int shmem_initxattrs(struct inode *inode,
> +                           const struct xattr *xattr_array,
> +                           void *fs_info)
> +{
> +       struct shmem_inode_info *info = SHMEM_I(inode);
> +       const struct xattr *xattr;
> +       struct shmem_xattr *new_xattr;
> +       size_t len;
> +
> +       for (xattr = xattr_array; xattr->name != NULL; xattr++) {
> +               new_xattr = shmem_xattr_alloc(xattr->value, xattr->value_len);
> +               if (!new_xattr)
> +                       return -ENOMEM;
> +
> +               len = strlen(xattr->name) + 1;
> +               new_xattr->name = kmalloc(XATTR_SECURITY_PREFIX_LEN + len,
> +                                         GFP_KERNEL);
> +               if (!new_xattr->name) {
> +                       kfree(new_xattr);
> +                       return -ENOMEM;
> +               }
> +
> +               memcpy(new_xattr->name, XATTR_SECURITY_PREFIX,
> +                      XATTR_SECURITY_PREFIX_LEN);
> +               memcpy(new_xattr->name + XATTR_SECURITY_PREFIX_LEN,
> +                      xattr->name, len);
> +
> +               spin_lock(&info->lock);
> +               list_add(&new_xattr->list, &info->xattr_list);
> +               spin_unlock(&info->lock);
> +       }
> +
> +       return 0;
> +}
> +
>  static int shmem_xattr_get(struct dentry *dentry, const char *name,
>                           void *buffer, size_t size)
>  {
> @@ -1731,24 +1797,17 @@ static int shmem_xattr_get(struct dentry
>        return ret;
>  }
>
> -static int shmem_xattr_set(struct dentry *dentry, const char *name,
> +static int shmem_xattr_set(struct inode *inode, const char *name,
>                           const void *value, size_t size, int flags)
>  {
> -       struct inode *inode = dentry->d_inode;
>        struct shmem_inode_info *info = SHMEM_I(inode);
>        struct shmem_xattr *xattr;
>        struct shmem_xattr *new_xattr = NULL;
> -       size_t len;
>        int err = 0;
>
>        /* value == NULL means remove */
>        if (value) {
> -               /* wrap around? */
> -               len = sizeof(*new_xattr) + size;
> -               if (len <= sizeof(*new_xattr))
> -                       return -ENOMEM;
> -
> -               new_xattr = kmalloc(len, GFP_KERNEL);
> +               new_xattr = shmem_xattr_alloc(value, size);
>                if (!new_xattr)
>                        return -ENOMEM;
>
> @@ -1757,9 +1816,6 @@ static int shmem_xattr_set(struct dentry
>                        kfree(new_xattr);
>                        return -ENOMEM;
>                }
> -
> -               new_xattr->size = size;
> -               memcpy(new_xattr->value, value, size);
>        }
>
>        spin_lock(&info->lock);
> @@ -1858,7 +1914,7 @@ static int shmem_setxattr(struct dentry
>        if (size == 0)
>                value = "";  /* empty EA, do not remove */
>
> -       return shmem_xattr_set(dentry, name, value, size, flags);
> +       return shmem_xattr_set(dentry->d_inode, name, value, size, flags);
>
>  }
>
> @@ -1878,7 +1934,7 @@ static int shmem_removexattr(struct dent
>        if (err)
>                return err;
>
> -       return shmem_xattr_set(dentry, name, NULL, 0, XATTR_REPLACE);
> +       return shmem_xattr_set(dentry->d_inode, name, NULL, 0, XATTR_REPLACE);
>  }
>
>  static bool xattr_is_trusted(const char *name)

/Jarkko
ÿôèº{.nÇ+‰·Ÿ®‰­†+%ŠËÿ±éݶ\x17¥Šwÿº{.nÇ+‰·¥Š{±þG«éÿŠ{ayº\x1dʇڙë,j\a­¢f£¢·hšïêÿ‘êçz_è®\x03(­éšŽŠÝ¢j"ú\x1a¶^[m§ÿÿ¾\a«þG«éÿ¢¸?™¨è­Ú&£ø§~á¶iO•æ¬z·švØ^\x14\x04\x1a¶^[m§ÿÿÃ\fÿ¶ìÿ¢¸?–I¥

  reply	other threads:[~2012-02-25  7:03 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-02-23  9:46 [PATCH] tmpfs: security xattr setting on inode creation Jarkko Sakkinen
2012-02-24  8:13 ` James Morris
2012-02-25  3:19   ` Hugh Dickins
2012-02-25  7:03     ` Sakkinen, Jarkko [this message]
2012-02-27 22:46     ` Andrew Morton
2012-02-28  3:46       ` Ware, Ryan R
     [not found]       ` <CAGGTEhPQ6OLgqZbbAwE=3Xj8qE2iNhLOk5LdkGU13WxbY=qb2w@mail.gmail.com>
2012-02-28  4:10         ` Hugh Dickins
2012-02-28  5:51           ` Sakkinen, Jarkko
  -- strict thread matches above, loose matches on Subject: below --
2012-02-22  7:48 Jarkko Sakkinen
2012-02-22 17:46 ` Sakkinen, Jarkko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CADjiTvBr9Y7vPHahpdggzAwySCLHRjNDR4Tn4qDFfU6oeZ-DpQ@mail.gmail.com \
    --to=jarkko.sakkinen@intel.com \
    --cc=akpm@linux-foundation.org \
    --cc=hughd@google.com \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).