From: "Mickaël Salaün" <mic@digikod.net>
To: Roberto Sassu <roberto.sassu@huaweicloud.com>
Cc: Paul Moore <paul@paul-moore.com>,
Christian Brauner <brauner@kernel.org>,
linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org,
linux-security-module@vger.kernel.org, audit@vger.kernel.org,
Mimi Zohar <zohar@linux.ibm.com>,
Roberto Sassu <roberto.sassu@huawei.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
Eric Snowberg <eric.snowberg@oracle.com>
Subject: Re: [PATCH RFC v1 4/7] integrity: Fix inode numbers in audit records
Date: Fri, 11 Oct 2024 14:38:49 +0200 [thread overview]
Message-ID: <20241011.upah1Ek3faiB@digikod.net> (raw)
In-Reply-To: <370204a3fbceef1bebfdcfc136beed98a3ca0229.camel@huaweicloud.com>
On Fri, Oct 11, 2024 at 01:34:39PM +0200, Roberto Sassu wrote:
> On Fri, 2024-10-11 at 12:15 +0200, Mickaël Salaün wrote:
> > On Thu, Oct 10, 2024 at 09:20:52PM -0400, Paul Moore wrote:
> > > On Oct 10, 2024 =?UTF-8?q?Micka=C3=ABl=20Sala=C3=BCn?= <mic@digikod.net> wrote:
> > > >
> > > > Use the new inode_get_ino() helper to log the user space's view of
> > > > inode's numbers instead of the private kernel values.
> > > >
> > > > Cc: Mimi Zohar <zohar@linux.ibm.com>
> > > > Cc: Roberto Sassu <roberto.sassu@huawei.com>
> > > > Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
> > > > Cc: Eric Snowberg <eric.snowberg@oracle.com>
> > > > Signed-off-by: Mickaël Salaün <mic@digikod.net>
> > > > ---
> > > > security/integrity/integrity_audit.c | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > Should we also need to update the inode value used in hmac_add_misc()?
> >
> > I'm not sure what the impact will be wrt backward compatibility. Mimi,
> > Roberto?
>
> Changing the inode number the HMAC was calculated with has the
> potential effect of making the file inaccessible.
>
> In order to use the new inode number, we need to define a new EVM xattr
> type, and update the previous xattr version with the new one. We could
> deprecate the old xattr version after a while (to be discussed with
> Mimi).
That was my though. I don't we should patch hmac_add_misc() because it
is already in the IMA/EVM ABI and not directly reflected to user space.
The issue might be that user space cannot recreate this hmac because
this private inode number is not known to user space, but I don't know
if there is such user space implementation of IMA/EVM.
>
> Roberto
>
> > >
> > > diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
> > > index 7c06ffd633d2..68ae454e187f 100644
> > > --- a/security/integrity/evm/evm_crypto.c
> > > +++ b/security/integrity/evm/evm_crypto.c
> > > @@ -155,7 +155,7 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
> > > * signatures
> > > */
> > > if (type != EVM_XATTR_PORTABLE_DIGSIG) {
> > > - hmac_misc.ino = inode->i_ino;
> > > + hmac_misc.ino = inode_get_ino(inode->i_ino);
> > > hmac_misc.generation = inode->i_generation;
> > > }
> > > /* The hmac uid and gid must be encoded in the initial user
> > >
> > > --
> > > paul-moore.com
>
>
next prev parent reply other threads:[~2024-10-11 12:38 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-10 15:26 [RFC PATCH v1 1/7] fs: Add inode_get_ino() and implement get_ino() for NFS Mickaël Salaün
2024-10-10 15:26 ` [RFC PATCH v1 2/7] audit: Fix inode numbers Mickaël Salaün
2024-10-11 1:20 ` [PATCH RFC " Paul Moore
2024-10-11 1:38 ` Paul Moore
2024-10-11 21:34 ` [RFC PATCH " Paul Moore
2024-10-14 13:30 ` Mickaël Salaün
2024-10-14 23:36 ` Paul Moore
2024-10-10 15:26 ` [RFC PATCH v1 3/7] selinux: Fix inode numbers in error messages Mickaël Salaün
2024-10-11 1:20 ` [PATCH RFC " Paul Moore
2024-10-10 15:26 ` [RFC PATCH v1 4/7] integrity: Fix inode numbers in audit records Mickaël Salaün
2024-10-11 1:20 ` [PATCH RFC " Paul Moore
2024-10-11 10:15 ` Mickaël Salaün
2024-10-11 11:34 ` Roberto Sassu
2024-10-11 12:38 ` Mickaël Salaün [this message]
2024-10-11 12:45 ` Roberto Sassu
2024-10-10 15:26 ` [RFC PATCH v1 5/7] ipe: " Mickaël Salaün
2024-10-10 17:44 ` Fan Wu
2024-10-10 15:26 ` [RFC PATCH v1 6/7] smack: Fix inode numbers in logs Mickaël Salaün
2024-10-10 17:18 ` Casey Schaufler
2024-10-10 15:26 ` [RFC PATCH v1 7/7] tomoyo: " Mickaël Salaün
2024-10-12 7:35 ` [PATCH] tomoyo: use u64 for handling numeric values Tetsuo Handa
2024-10-14 13:59 ` Mickaël Salaün
2024-10-10 18:07 ` [RFC PATCH v1 1/7] fs: Add inode_get_ino() and implement get_ino() for NFS Anna Schumaker
2024-10-11 10:14 ` Mickaël Salaün
2024-10-10 19:28 ` Trond Myklebust
2024-10-11 10:15 ` Mickaël Salaün
2024-10-11 12:22 ` Trond Myklebust
2024-10-11 12:38 ` Mickaël Salaün
2024-10-11 12:43 ` Mickaël Salaün
2024-10-11 10:12 ` Tetsuo Handa
2024-10-11 10:54 ` Tetsuo Handa
2024-10-11 11:10 ` Mickaël Salaün
2024-10-11 11:04 ` Mickaël Salaün
2024-10-11 14:27 ` Tetsuo Handa
2024-10-11 15:13 ` Christoph Hellwig
2024-10-11 15:26 ` Mickaël Salaün
2024-10-11 12:30 ` Christoph Hellwig
2024-10-11 12:47 ` Mickaël Salaün
2024-10-11 12:54 ` Christoph Hellwig
2024-10-11 13:20 ` Mickaël Salaün
2024-10-11 13:23 ` Christoph Hellwig
2024-10-11 13:52 ` Mickaël Salaün
2024-10-11 14:39 ` Christoph Hellwig
2024-10-11 15:30 ` Mickaël Salaün
2024-10-11 15:34 ` Christoph Hellwig
2024-10-14 14:35 ` Christian Brauner
2024-10-14 14:36 ` Christoph Hellwig
2024-10-13 10:17 ` Jeff Layton
2024-10-14 8:40 ` Burn Alting
2024-10-14 9:02 ` Christoph Hellwig
2024-10-14 12:12 ` Burn Alting
2024-10-14 12:17 ` Christoph Hellwig
2024-10-14 13:13 ` Mickaël Salaün
[not found] ` <9c3bc3b7-2e79-4423-b8eb-f9f6249ee5bf@iinet.net.au>
2024-10-14 10:22 ` Jeff Layton
2024-10-14 14:45 ` Christian Brauner
2024-10-14 15:27 ` Mickaël Salaün
2024-10-16 0:15 ` Paul Moore
2024-10-14 14:47 ` Christian Brauner
2024-10-14 17:51 ` Mickaël Salaün
2024-10-16 14:23 ` Christian Brauner
2024-10-16 23:05 ` Paul Moore
2024-10-17 14:30 ` Trond Myklebust
2024-10-17 14:54 ` Paul Moore
2024-10-17 14:58 ` Christoph Hellwig
2024-10-17 15:15 ` Paul Moore
2024-10-17 15:25 ` Christoph Hellwig
2024-10-17 16:43 ` Jan Kara
2024-10-18 5:15 ` Christoph Hellwig
2024-10-21 13:17 ` Christian Brauner
2024-10-17 17:05 ` Jeff Layton
2024-10-17 17:09 ` Trond Myklebust
2024-10-17 17:59 ` Jeff Layton
2024-10-17 21:06 ` Trond Myklebust
2024-10-18 5:18 ` hch
2024-10-17 20:21 ` Paul Moore
2024-10-18 12:25 ` Jan Kara
2024-10-21 13:13 ` Christian Brauner
2024-10-21 14:04 ` Christian Brauner
2024-10-17 14:56 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241011.upah1Ek3faiB@digikod.net \
--to=mic@digikod.net \
--cc=audit@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=dmitry.kasatkin@gmail.com \
--cc=eric.snowberg@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=roberto.sassu@huawei.com \
--cc=roberto.sassu@huaweicloud.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox