Re: [PATCH 1/7] Security: Add inode_{get,set}secid LSM hooks and security helper functions

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Casey Schaufler <casey@schaufler-ca.com>
To: "David P. Quigley" <dpquigl@tycho.nsa.gov>,
	selinux@tycho.nsa.gov, labeled-nfs@linux-nfs.org
Cc: "David P. Quigley" <dpquigl@tycho.nsa.gov>
Subject: Re: [PATCH 1/7] Security: Add inode_{get,set}secid LSM hooks and security helper functions
Date: Wed, 1 Aug 2007 14:01:41 -0700 (PDT)	[thread overview]
Message-ID: <814557.21641.qm@web36607.mail.mud.yahoo.com> (raw)
In-Reply-To: <1185998532157-git-send-email-dpquigl@tycho.nsa.gov>


--- "David P. Quigley" <dpquigl@tycho.nsa.gov> wrote:

> From: David P. Quigley <dpquigl@tycho.nsa.gov>
> 
> This patch adds a pair of new hooks to LSM. The existing method of setting
> security information through inode_getsecurity and inode_setsecurity use
> extended attributes. However, NFS prefers to manipulate inode fields directly
> and to do this we need a method to access the inode's security field in a
> module independent manner.
> 
> Signed-off-by: David P. Quigley <dpquigl@tycho.nsa.gov>
> ---
>  include/linux/security.h |   27 +++++++++++++++++++++++++++
>  security/dummy.c         |   10 ++++++++++
>  security/selinux/hooks.c |   15 +++++++++++++++
>  3 files changed, 52 insertions(+), 0 deletions(-)
> 
> diff --git a/include/linux/security.h b/include/linux/security.h
> index c11dc8a..fbfada9 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -413,6 +413,11 @@ struct request_sock;
>   *	is specified by @buffer_size.  @buffer may be NULL to request
>   *	the size of the buffer required.
>   *	Returns number of bytes used/required on success.
> + * @inode_getsecid:
> + * 	Returns secid from @inode;
> + * @inode_setsecid:
> + * 	Set the security structure value of @inode with @sid.
> + * 	Returns 0 on success.

How about dealing with inode security blobs instead of secids?

>   *
>   * Security hooks for file operations
>   *
> @@ -1235,6 +1240,8 @@ struct security_operations {
>    	int (*inode_getsecurity)(const struct inode *inode, const char *name,
> void *buffer, size_t size, int err);
>    	int (*inode_setsecurity)(struct inode *inode, const char *name, const
> void *value, size_t size, int flags);
>    	int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t
> buffer_size);
> +	void (*inode_getsecid)(struct inode *inode, u32 *secid);
> +	void (*inode_setsecid)(struct inode *inode, u32 secid);

void (*inode_getblob) (struct inode *inode, void *blob);
void (*inode_setblob) (struct inode *inode, void *blob);

Or something like that, where the number of "*"s may vary.

>  	int (*file_permission) (struct file * file, int mask);
>  	int (*file_alloc_security) (struct file * file);
> @@ -1793,6 +1800,18 @@ static inline int security_inode_listsecurity(struct
> inode *inode, char *buffer,
>  	return security_ops->inode_listsecurity(inode, buffer, buffer_size);
>  }
>  
> +static inline void security_inode_getsecid(struct inode *inode, u32 *secid)
> +{
> +	security_ops->inode_getsecid(inode, secid);
> +}
> +
> +static inline void security_inode_setsecid(struct inode *inode, u32 sid)
> +{
> +	if (unlikely (IS_PRIVATE (inode)))
> +		return;
> +	security_ops->inode_setsecid(inode, sid);
> +}
> +
>  static inline int security_file_permission (struct file *file, int mask)
>  {
>  	return security_ops->file_permission (file, mask);
> @@ -2473,6 +2492,14 @@ static inline int security_inode_listsecurity(struct
> inode *inode, char *buffer,
>  	return 0;
>  }
>  
> +static inline void security_inode_getsecid(struct inode *inode, u32 *secid)
> +{
> +}
> +
> +static inline void security_inode_setsecid(struct inode *inode, u32 secid)
> +{
> +}
> +
>  static inline int security_file_permission (struct file *file, int mask)
>  {
>  	return 0;
> diff --git a/security/dummy.c b/security/dummy.c
> index 19d813d..c0c50aa 100644
> --- a/security/dummy.c
> +++ b/security/dummy.c
> @@ -392,6 +392,14 @@ static int dummy_inode_listsecurity(struct inode *inode,
> char *buffer, size_t bu
>  	return 0;
>  }
>  
> +static void dummy_inode_getsecid(struct inode *inode, u32 *secid)
> +{
> +}
> +
> +static void dummy_inode_setsecid(struct inode *inode, u32 secid)
> +{
> +}
> +
>  static const char *dummy_inode_xattr_getsuffix(void)
>  {
>  	return NULL;
> @@ -1022,6 +1030,8 @@ void security_fixup_ops (struct security_operations
> *ops)
>  	set_to_dummy_if_null(ops, inode_getsecurity);
>  	set_to_dummy_if_null(ops, inode_setsecurity);
>  	set_to_dummy_if_null(ops, inode_listsecurity);
> +	set_to_dummy_if_null(ops, inode_getsecid);
> +	set_to_dummy_if_null(ops, inode_setsecid);
>  	set_to_dummy_if_null(ops, file_permission);
>  	set_to_dummy_if_null(ops, file_alloc_security);
>  	set_to_dummy_if_null(ops, file_free_security);
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 0fac682..56d8ecb 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -2457,6 +2457,19 @@ static int selinux_inode_listsecurity(struct inode
> *inode, char *buffer, size_t
>  	return len;
>  }
>  
> +static void selinux_inode_getsecid(struct inode *inode, u32 *secid)
> +{
> +	struct inode_security_struct *isec = inode->i_security;
> +	*secid = isec->sid;
> +}
> +
> +static void selinux_inode_setsecid(struct inode *inode, u32 secid)
> +{
> +	struct inode_security_struct *isec = inode->i_security;
> +	isec->sid = secid;
> +	isec->initialized = 1;
> +}
> +
>  /* file security operations */
>  
>  static int selinux_file_permission(struct file *file, int mask)
> @@ -4773,6 +4786,8 @@ static struct security_operations selinux_ops = {
>  	.inode_getsecurity =            selinux_inode_getsecurity,
>  	.inode_setsecurity =            selinux_inode_setsecurity,
>  	.inode_listsecurity =           selinux_inode_listsecurity,
> +	.inode_getsecid = 		selinux_inode_getsecid,
> +	.inode_setsecid = 		selinux_inode_setsecid,
>  
>  	.file_permission =		selinux_file_permission,
>  	.file_alloc_security =		selinux_file_alloc_security,
> -- 
> 1.5.2.2
> 
> 
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
> 
> 
> 


Casey Schaufler
casey@schaufler-ca.com

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next prev parent reply	other threads:[~2007-08-01 21:01 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-08-01 20:02 [RFC] SENFS: MAC labeling support for NFSv4 David P. Quigley
2007-08-01 20:02 ` [PATCH 1/7] Security: Add inode_{get,set}secid LSM hooks and security helper functions David P. Quigley
2007-08-01 21:01   ` Casey Schaufler [this message]
2007-08-02  3:17   ` James Morris
2007-08-01 20:02 ` [PATCH 2/7] VFS: Add sid field to iattr structure for notify_change David P. Quigley
2007-08-01 21:03   ` Casey Schaufler
2007-08-02  3:21   ` James Morris
2007-08-01 20:02 ` [PATCH 3/7] KConfig: Add KConfig entries for MAC labeled NFS David P. Quigley
2007-08-01 21:08   ` Casey Schaufler
2007-08-02  3:24   ` James Morris
2007-08-01 20:02 ` [PATCH 4/7] Security: Add secctx_to_secid LSM hooks and security helper functions David P. Quigley
2007-08-01 21:11   ` Casey Schaufler
2007-08-01 21:41     ` Paul Moore
2007-08-01 22:14       ` Casey Schaufler
2007-08-01 20:02 ` [PATCH 5/7] NFSv4: Add secid recommended attribute and NFSv4 flags David P. Quigley
2007-08-01 21:18   ` Casey Schaufler
2007-08-01 20:02 ` [PATCH 6/7] NFSv4: Client implementation of MAC Labeling David P. Quigley
2007-08-01 21:29   ` Casey Schaufler
2007-08-01 21:34     ` [Labeled-nfs] " Stephen Smalley
2007-08-01 22:06       ` Casey Schaufler
2007-08-02  3:37   ` James Morris
2007-08-02 13:12   ` Stephen Smalley
2007-08-01 20:02 ` [PATCH 7/7] NFSv4: Server " David P. Quigley
2007-08-01 21:33   ` Casey Schaufler
2007-08-02 13:10   ` Stephen Smalley
2007-08-01 20:55 ` [RFC] SENFS: MAC labeling support for NFSv4 Casey Schaufler
2007-08-01 21:30   ` Stephen Smalley
2007-08-01 21:59     ` Casey Schaufler
2007-08-02 13:19       ` Stephen Smalley
2007-08-02 15:26         ` Casey Schaufler
2007-08-02 15:43           ` Stephen Smalley
2007-08-02 16:36             ` Casey Schaufler
2007-08-02  4:19 ` James Morris

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=814557.21641.qm@web36607.mail.mud.yahoo.com \
    --to=casey@schaufler-ca.com \
    --cc=dpquigl@tycho.nsa.gov \
    --cc=labeled-nfs@linux-nfs.org \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.