From patchwork Mon Jul 24 15:13:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 125065 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp1874283vqg; Mon, 24 Jul 2023 08:27:41 -0700 (PDT) X-Google-Smtp-Source: APBJJlFdbWeRGt0Jop4ssvTkA6PVHi3F2fTEjHQqAbFxGOmbzWMpJ05LYIYnelp6J7BvFAmExOrh X-Received: by 2002:a05:6a20:12c9:b0:133:c9d0:75ff with SMTP id v9-20020a056a2012c900b00133c9d075ffmr8603589pzg.42.1690212461328; Mon, 24 Jul 2023 08:27:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690212461; cv=none; d=google.com; s=arc-20160816; b=UGMgjF8g5Bk8xM8awnIIynFViVDttcPse13mWU8CyNGBF7jiPvqG8/pHXnPnhaLTSZ OwQoO9B8Ak0HSaR0XVtso+W05+tCD5McxTnHMwh6debT4OyeZGycUunr2hn+Yw43yRKU lupBdgsLtlVwfXAyuN5XO9PXBeBi0F5lCl283WfMbHmMdbTAyOYYCjSVkPOKYQDIPHhR YepAtOBkIG9hVFJ4/QxA9AyLTN82uS5jJrqCHYC7YIP5/DYpHKHW1o9ETfA2DXTf9icS 74Lbro751gFV+UMWMDyAWjZsKNqQ/pLuSeP0VxqP6pCi4geyMFABf+2epidstfBKbi/j VXmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=dEX9C+O3A7zp6w4uV/lnzOUVvtTIX4GjrhvlDBBokFA=; fh=z7vPyysRJOxh1U4ufKlXD98Auu6H+pYIEt5RTGBgBtQ=; b=YduQI3Aj+vJ4LcC81N1zAO+pbzDa8nwpTb6WRDiHy36bSVOGqauLcETgLhYOB51dbi uCt0e+oYgri6JP+24MPppHWkRPVatpw2d26stRJ36l8ZrsainkN03eb34oIjW+QSlmHq 2lCfmV49nO2HQbafJT4EahwtjUPIMu6hWb3bl9G+rMI/GCUOjzwsVe8sJ2sdwcSAYIAo WkmQeky/YqSj+MvdIP4jIdADFyZ5xXUOR/FDl/rmsBNRYFj3grI/M2OU1VIvujE1exsE 4dJhX0lylLJt/VI5nSy7GGPjJLvX1ZTykPRI270DzNh6yYtsM44DrmyTzlp/tlwxYVXz i6KA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m1-20020a656a01000000b00548e140a1a4si9953760pgu.644.2023.07.24.08.27.21; Mon, 24 Jul 2023 08:27:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230286AbjGXPTQ (ORCPT + 99 others); Mon, 24 Jul 2023 11:19:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42910 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231180AbjGXPTI (ORCPT ); Mon, 24 Jul 2023 11:19:08 -0400 Received: from frasgout11.his.huawei.com (unknown [14.137.139.23]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 649FC10E7; Mon, 24 Jul 2023 08:19:00 -0700 (PDT) Received: from mail02.huawei.com (unknown [172.18.147.229]) by frasgout11.his.huawei.com (SkyGuard) with ESMTP id 4R8k6f6xTgz9yM9x; Mon, 24 Jul 2023 23:07:38 +0800 (CST) Received: from huaweicloud.com (unknown [10.204.63.22]) by APP2 (Coremail) with SMTP id GxC2BwCHTlU3lr5kJcTzBA--.28220S6; Mon, 24 Jul 2023 16:18:47 +0100 (CET) From: Roberto Sassu To: casey@schaufler-ca.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com Cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Roberto Sassu Subject: [PATCH v2 4/5] smack: Initialize the in-memory inode in smack_inode_init_security() Date: Mon, 24 Jul 2023 17:13:40 +0200 Message-Id: <20230724151341.538889-5-roberto.sassu@huaweicloud.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230724151341.538889-1-roberto.sassu@huaweicloud.com> References: <20230724151341.538889-1-roberto.sassu@huaweicloud.com> MIME-Version: 1.0 X-CM-TRANSID: GxC2BwCHTlU3lr5kJcTzBA--.28220S6 X-Coremail-Antispam: 1UD129KBjvJXoWxCry8WFWfGF4kAw18GFW5Awb_yoW5Zw1UpF Zxt3W7KwnYyF97urW0yF47Ww1SkayrKr4UGrZ8Jw17A3ZFqwn7KF18Zr45ZF15Wr4kZa1Y vF4j9ry3WFn0y3DanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUvKb4IE77IF4wAFF20E14v26rWj6s0DM7CY07I20VC2zVCF04k2 6cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28IrcIa0xkI8VA2jI8067AKxVWUAV Cq3wA2048vs2IY020Ec7CjxVAFwI0_Xr0E3s1l8cAvFVAK0II2c7xJM28CjxkF64kEwVA0 rcxSw2x7M28EF7xvwVC0I7IYx2IY67AKxVWUJVWUCwA2z4x0Y4vE2Ix0cI8IcVCY1x0267 AKxVW8JVWxJwA2z4x0Y4vEx4A2jsIE14v26r4j6F4UM28EF7xvwVC2z280aVCY1x0267AK xVWxJr0_GcWle2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrVC2j2 WlYx0E2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkE bVWUJVW8JwACjcxG0xvY0x0EwIxGrwCF04k20xvY0x0EwIxGrwCFx2IqxVCFs4IE7xkEbV WUJVW8JwC20s026c02F40E14v26r1j6r18MI8I3I0E7480Y4vE14v26r106r1rMI8E67AF 67kF1VAFwI0_JF0_Jw1lIxkGc2Ij64vIr41lIxAIcVC0I7IYx2IY67AKxVWUJVWUCwCI42 IY6xIIjxv20xvEc7CjxVAFwI0_Gr0_Cr1lIxAIcVCF04k26cxKx2IYs7xG6r1j6r1xMIIF 0xvEx4A2jsIE14v26r1j6r4UMIIF0xvEx4A2jsIEc7CjxVAFwI0_Gr0_Gr1UYxBIdaVFxh VjvjDU0xZFpf9x07UZo7tUUUUU= X-CM-SenderInfo: purev21wro2thvvxqx5xdzvxpfor3voofrz/1tbiAgAIBF1jj4zfjQABsg X-CFilter-Loop: Reflected X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,KHOP_HELO_FCRDNS, MAY_BE_FORGED,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L3,RDNS_DYNAMIC, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772316221923151326 X-GMAIL-MSGID: 1772316221923151326 From: Roberto Sassu Currently, Smack initializes in-memory new inodes in three steps. It first sets the xattrs in smack_inode_init_security(), fetches them in smack_d_instantiate() and finally, in the same function, sets the in-memory inodes depending on xattr values, unless they are in specially-handled filesystems. Other than being inefficient, this also prevents filesystems not supporting xattrs from working properly since, without xattrs, there is no way to pass the label determined in smack_inode_init_security() to smack_d_instantiate(). Since the LSM infrastructure allows setting and getting the security field without xattrs through the inode_setsecurity and inode_getsecurity hooks, make the inode creation work too, by initializing the in-memory inode earlier in smack_inode_init_security(). Also mark the inode as instantiated, to prevent smack_d_instantiate() from overwriting the security field. As mentioned above, this potentially has impact for inodes in specially-handled filesystems in smack_d_instantiate(), if they are not handled in the same way in smack_inode_init_security(). Filesystems other than tmpfs don't call security_inode_init_security(), so they would be always initialized in smack_d_instantiate(), as before. For tmpfs, the current behavior is to assign to inodes the label '*', but actually that label is overwritten with the one fetched from the SMACK64 xattr, set in smack_inode_init_security() (default: '_'). Initializing the in-memory inode is straightforward: if not transmuting, nothing more needs to be done; if transmuting, overwrite the current inode label with the one from the parent directory, and set SMK_INODE_TRANSMUTE. Finally, set SMK_INODE_INSTANT for all cases, to mark the inode as instantiated. Signed-off-by: Roberto Sassu --- security/smack/smack_lsm.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 5a31d005c6d..f3946778192 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -942,6 +942,7 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir, struct xattr *xattrs, int *xattr_count) { struct task_smack *tsp = smack_cred(current_cred()); + struct inode_smack *issp = smack_inode(inode); struct smack_known *skp = smk_of_task(tsp); struct smack_known *isp = smk_of_inode(inode); struct smack_known *dsp = smk_of_inode(dir); @@ -977,7 +978,9 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir, * smack_inode_alloc_security(). */ if (tsp->smk_task != tsp->smk_transmuted) - isp = dsp; + isp = issp->smk_inode = dsp; + + issp->smk_flags |= SMK_INODE_TRANSMUTE; xattr_transmute = lsm_get_xattr_slot(xattrs, xattr_count); if (xattr_transmute) { @@ -992,6 +995,8 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir, } } + issp->smk_flags |= SMK_INODE_INSTANT; + if (xattr) { xattr->value = kstrdup(isp->smk_known, GFP_NOFS); if (!xattr->value)