From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qv1-f49.google.com (mail-qv1-f49.google.com [209.85.219.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 42AEA270EB7 for ; Thu, 22 May 2025 22:26:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.49 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747952771; cv=none; b=tojWOzM97Mm+3VwBoanfibTwxi3QPNG+cG7VfTo0e33/+d1zqcSMSS2CqRJcpw6ST7GYBKFNbEKjzrj7UY0DOl5wqiCr2E1E0V7gL0qnnhVE69KdsFrUDbD+jT/4jBFAGFAXTO8bycU/7WjvB7C2qdlprh0ShpNisJM8S0UTR8s= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747952771; c=relaxed/simple; bh=yXfmq+fsOH2ydhYAaJ/O8G8cyrnfKS0KGUVUMAH0MGk=; h=Date:Message-ID:MIME-Version:Content-Type:From:To:Cc:Subject: References:In-Reply-To; b=fnKWeAaFLq80DpzOku++YFW3CvvlOyj8PURboDOpGuxRv88gbqsFhS2SrHcTinGSmU4oSwQ0uryyaKbQle4WlEFwCQSKvoWcRvBGbWvSCJZ6fw6nVrB2ZQHAs26a1gl+B81JjmyibQf2//4b818ywHg6BjrDaJqePsLT/OvtS3Q= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=PE8bp2bC; arc=none smtp.client-ip=209.85.219.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="PE8bp2bC" Received: by mail-qv1-f49.google.com with SMTP id 6a1803df08f44-6f0ad74483fso90570786d6.1 for ; Thu, 22 May 2025 15:26:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1747952767; x=1748557567; darn=vger.kernel.org; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:from:to:cc:subject:date:message-id :reply-to; bh=Jmptf5RMBQqSn8lkxlWoyMCjmS+Mv7H8iKTTl/Kwouo=; b=PE8bp2bC2u+7hVMWFXDxIhgHhKxulbXWcGxnUpIhrgzangQno0wz8wTj2SBpQlx+RH HWbPzJONY/k5V5KhKxFzRg0mqcSuevNUob7nbBRkNe4zNv5ta0ZZRbKuMkupvRu1j4H/ L5g61hkwn3G2TrJtCWpQppB/pCl9f/CPqdvv0wvc5m0YvonN/44WK2eHjcRrBNO9b+Bz rMI5Soc4po1JoBDybn3lJlA6EaENodtYQjDPfzlCn/d0jltsqZogc7KaymbExTqk6b2E 5S0ojIzkilaxs5NcdiEorb9gq51ZYUhzmmerYI6Csq70Rwqskc1RTDHHPC4a/b2ToWTE +pXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747952767; x=1748557567; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=Jmptf5RMBQqSn8lkxlWoyMCjmS+Mv7H8iKTTl/Kwouo=; b=aqCX0lY7aqsCkh5KoAIgwEK7bKteteTCTatNKsf0GT06+iVYvfa5B/wCXaezSLbEGk sQAYLsvUm5GEDZvmalAqUQAagOJf4/ERAKDtoNYXsMTYT4+n96/j+CqtUDAviBL+4q2w 39864lMdBnrGDQqRNN2JJ67u+tYW0QHkk1z2JjCEoO51GBMVDYRLNV2hX7CfYJUaFeS/ Cxw0l8rfiH71aGohirWjJN4+4ySfx28xq5h9Fp+aDkQj0r5ZRYZHuHMe8AqkjM8XkeUF qWOJHCcv4sWZjvRmLNZyScDDj0MMVwzKwmFmsNjOQX5F30BCC2+zomktSy6deX83WWwZ X0qw== X-Gm-Message-State: AOJu0Yw0turQ88xdIRhK2UmI1+BmuyoBUzm+va8zQak3FTjuwYAiIMiV fEuXB4Id49ZqLRE5WWMDB+DFA5MVX2uPu9w26OQUW4nQSqtDpuOJPt9J1MinDCpgUQ== X-Gm-Gg: ASbGncvTvjjgoqb1uaUjP2SYdxIr7NLq9MH/9/XCwNAxQ6iyPbp/xEjhLnA5V3lTJ8I AsA233whDkTVT3sMAIoxJa55vHoJtTh+FS13DH9rKqXJHRBekEWyEfSVE9QJtC6xCJ0amOQiBak g1xjw8FZHgH2Cqregn3Mv0bzgcSM51DRVJXqIj2tWLw6qoaA1fe1pVGrLwPUjIdOIi3vqofSnOA PsTVuMdIAQ6vtHudtrjxPfQgkBQ3vKGm2utQai20FZfa5fB4lB4MCppin7Itx7wNH6MHr4WmkDP 848yeE/1uek40+TYKLbmrbW0Bx1ymdNznSzbKiYfkUh0CseLLp/D0ZDGpILFpR3VupvCg5YKca7 KA9b9YMjaPA/4hdGF/gCp X-Google-Smtp-Source: AGHT+IE2zN7SH+0SaGrs2tzepSFkLMKNXBgIbbn8M9DQcRbDJBs1dDzlx85ZuSxbIPErdUE31K4qXg== X-Received: by 2002:a05:6214:1947:b0:6f2:b094:430e with SMTP id 6a1803df08f44-6f8b0829131mr503375636d6.25.1747952766984; Thu, 22 May 2025 15:26:06 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f8b0987259sm105076766d6.120.2025.05.22.15.26.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 May 2025 15:26:06 -0700 (PDT) Date: Thu, 22 May 2025 18:26:05 -0400 Message-ID: <0bb73a49ccbc93e90ea87c0dbb4097ae@paul-moore.com> Precedence: bulk X-Mailing-List: linux-alpha@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailer: pstg-pwork:20250522_1740/pstg-lib:20250522_1730/pstg-pwork:20250522_1740 From: Paul Moore To: Andrey Albershteyn , Richard Henderson , Matt Turner , Russell King , Catalin Marinas , Will Deacon , Geert Uytterhoeven , Michal Simek , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Yoshinori Sato , Rich Felker , John Paul Adrian Glaubitz , "David S. Miller" , Andreas Larsson , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Chris Zankel , Max Filippov , Alexander Viro , Christian Brauner , Jan Kara , =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= , =?UTF-8?Q?G=C3=BCnther_Noack?= , Arnd Bergmann , =?UTF-8?Q?Pali_Roh=C3=A1r?= , James Morris , "Serge E. Hallyn" , Stephen Smalley , Ondrej Mosnacek , Tyler Hicks , Miklos Szeredi , Amir Goldstein Cc: linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org, linux-arch@vger.kernel.org, selinux@vger.kernel.org, ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org, linux-xfs@vger.kernel.org, Andrey Albershteyn Subject: Re: [PATCH v5 2/7] lsm: introduce new hooks for setting/getting inode fsxattr References: <20250513-xattrat-syscall-v5-2-22bb9c6c767f@kernel.org> In-Reply-To: <20250513-xattrat-syscall-v5-2-22bb9c6c767f@kernel.org> On May 13, 2025 Andrey Albershteyn wrote: > > Introduce new hooks for setting and getting filesystem extended > attributes on inode (FS_IOC_FSGETXATTR). > > Cc: selinux@vger.kernel.org > Cc: Paul Moore > > Signed-off-by: Andrey Albershteyn > --- > fs/file_attr.c | 19 ++++++++++++++++--- > include/linux/lsm_hook_defs.h | 2 ++ > include/linux/security.h | 16 ++++++++++++++++ > security/security.c | 30 ++++++++++++++++++++++++++++++ > 4 files changed, 64 insertions(+), 3 deletions(-) The only thing that gives me a slight pause is that on a set operation we are going to hit both the get and set LSM hooks, but since the code does call into the getter on a set operation this is arguably the right thing. Acked-by: Paul Moore -- paul-moore.com