From: ebiederm@xmission.com (Eric W. Biederman)
To: linux-security-module@vger.kernel.org
Subject: [RFC][PATCH] security: Make the selinux setxattr and removexattr hooks behave
Date: Thu, 28 Sep 2017 17:34:53 -0500 [thread overview]
Message-ID: <87tvzmqwoi.fsf@xmission.com> (raw)
It looks like once upon a time a long time ago selinux copied code
from cap_inode_removexattr and cap_inode_setxattr into
selinux_inode_setotherxattr. However the code has now diverged and
selinux is implementing a policy that is quite different than
cap_inode_setxattr and cap_inode_removexattr especially when it comes
to the security.capable xattr.
To keep things working and to make the comments in security/security.c
correct when the xattr is securit.capable, call cap_inode_setxattr
or cap_inode_removexattr as appropriate.
I suspect there is a larger conversation to be had here but this
is enough to keep selinux from implementing a non-sense hard coded
policy that breaks other parts of the kernel.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
---
security/selinux/hooks.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index f5d304736852..edf4bd292dc7 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3167,6 +3167,9 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
u32 newsid, sid = current_sid();
int rc = 0;
+ if (strcmp(name, XATTR_NAME_CAPS) == 0)
+ return cap_inode_setxattr(dentry, name, value, size, flags);
+
if (strcmp(name, XATTR_NAME_SELINUX))
return selinux_inode_setotherxattr(dentry, name);
@@ -3282,6 +3285,9 @@ static int selinux_inode_listxattr(struct dentry *dentry)
static int selinux_inode_removexattr(struct dentry *dentry, const char *name)
{
+ if (strcmp(name, XATTR_NAME_CAPS) == 0)
+ return cap_inode_removexattr(dentry, name);
+
if (strcmp(name, XATTR_NAME_SELINUX))
return selinux_inode_setotherxattr(dentry, name);
--
2.14.1
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2017-09-28 22:34 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-28 22:34 Eric W. Biederman [this message]
2017-09-29 1:16 ` [RFC][PATCH] security: Make the selinux setxattr and removexattr hooks behave Casey Schaufler
[not found] ` <1913d5c4-64ef-36c1-e8ad-c779ff5c7995-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2017-09-29 14:18 ` Stephen Smalley
2017-09-29 14:18 ` Stephen Smalley
[not found] ` <1506694737.5571.9.camel-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>
2017-09-29 15:46 ` Casey Schaufler
2017-09-29 15:46 ` Casey Schaufler
2017-09-30 16:22 ` Eric W. Biederman
2017-09-30 17:01 ` Casey Schaufler
[not found] ` <db1c58f3-5a01-5276-eba7-5aac7cdcbcf5-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2017-09-30 20:40 ` Eric W. Biederman
2017-09-30 20:40 ` Eric W. Biederman
[not found] ` <87d167ncms.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-09-30 23:22 ` Casey Schaufler
2017-09-30 23:22 ` Casey Schaufler
2017-10-01 1:02 ` Eric W. Biederman
2017-10-01 18:52 ` Casey Schaufler
2017-10-01 19:54 ` Serge E. Hallyn
2017-10-01 22:11 ` Eric W. Biederman
[not found] ` <bf18e641-91ed-0d75-f514-c059b5dfbb14-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2017-10-01 1:02 ` Eric W. Biederman
[not found] ` <6f293107-6ff9-c4c7-f682-207a546c5061-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2017-09-30 16:22 ` Eric W. Biederman
[not found] ` <87tvzmqwoi.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-09-29 1:16 ` Casey Schaufler
2017-09-29 12:36 ` Stephen Smalley
2017-09-29 12:36 ` Stephen Smalley
2017-10-02 3:26 ` Eric W. Biederman
[not found] ` <1506688601.5571.1.camel-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>
2017-10-02 3:26 ` Eric W. Biederman
2017-10-02 14:38 ` [PATCH] selinux: Perform both commoncap and selinux xattr checks Eric W. Biederman
2017-10-02 14:38 ` Eric W. Biederman
2017-10-02 15:52 ` Serge E. Hallyn
2017-10-03 16:24 ` Stephen Smalley
[not found] ` <873771ipib.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-10-02 15:52 ` Serge E. Hallyn
2017-10-03 16:24 ` Stephen Smalley
2017-10-03 21:08 ` Paul Moore
2017-10-03 21:08 ` Paul Moore
2017-10-03 21:08 ` Paul Moore
2017-10-03 21:26 ` Eric W. Biederman
2017-10-03 21:26 ` Eric W. Biederman
[not found] ` <87a8179b3u.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-10-04 14:53 ` Paul Moore
2017-10-04 14:53 ` Paul Moore
2017-10-04 14:53 ` Paul Moore
[not found] ` <CAHC9VhTzDKbP-h=GBaCTYOM9Sm=3C=nhNghmPoCRZitCpJj6YA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-03 21:26 ` Eric W. Biederman
-- strict thread matches above, loose matches on Subject: below --
2017-09-28 22:34 [RFC][PATCH] security: Make the selinux setxattr and removexattr hooks behave Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tvzmqwoi.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.