From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qt1-f174.google.com (mail-qt1-f174.google.com [209.85.160.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 181DD230BDF for ; Fri, 21 Mar 2025 21:32:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.174 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1742592750; cv=none; b=L5b1gpdmK8KWG4hnTMYXQkpGE07VIH6TxpM7ZUbGekMwp6VJLW0CyotWp/6aBngNkUrVxAwjNSPGCz6WlQLplb91GPD6NTrl5CE9wvXjj9VqzZmd5stuOGoPKVAKy6e+vIvAxGq44uW/E2djk2Mak9tjuCsbafyw+M9MAk9lWMA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1742592750; c=relaxed/simple; bh=yG1Qzi6F+aGsBMpdWaT175/M25TWqxBfzW0aBc2Mby8=; h=Date:Message-ID:MIME-Version:Content-Type:From:To:Cc:Subject: References:In-Reply-To; b=GKUO6Yce7eec4EALQ7LkJfBU5YiucK0MzVvQLeSLISdHFIf1ludixa6bVjRrBA94t5V3TRWaF5H2fDVdI6uY6Up8BiqIWjU/UF4b57Aq2VxXSY2QNHBE1kgOaco4PNCdHEAplu/deXtnCMjBiVn0/XH4pPncmxAxaGQ9sXIygXU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=fIRjMm4y; arc=none smtp.client-ip=209.85.160.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="fIRjMm4y" Received: by mail-qt1-f174.google.com with SMTP id d75a77b69052e-47664364628so26085201cf.1 for ; Fri, 21 Mar 2025 14:32:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1742592747; x=1743197547; darn=vger.kernel.org; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:from:to:cc:subject:date:message-id :reply-to; bh=WkEW7se4kA9gakYYehbVu1ZGmOR39c99GGBG3Q74ESA=; b=fIRjMm4y38rt6rR4EiVKrVqg8BgTJNJQzyxdGM3k4y0k9FWSEYB11GkLVZzJlOJC6P LYoP8Lc8BN7MqvRpg1M6uwz5/HCvBNBnnUPff9qC9ZraQOsQ5GUQEawk8nwSJ2R7w19Z Sk01Pvd8sjpeKYJJxvykAYmwnre5DsbtRyrfPhzlWJPMAhta6i64rgRDiNja4KVmxnVP rzhGnDTCiEHE+V04jIUKueIyxF6Gr30GDSoRcl/LOSRTXDBhiSsLptTCSi6lTO7cgJdu 3HHzCXJxe7cd89ONE4gDisu7v9DNNUwILVxBToovN+8GcAfKKh+8f8rSbRrLTA/ycUPn SCzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1742592747; x=1743197547; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=WkEW7se4kA9gakYYehbVu1ZGmOR39c99GGBG3Q74ESA=; b=JqY8pnVTHhdPUObGvEMWmnp3wZqcyXnJQXGaN+WCGMP1/Zq+0KELT5Bon1+pVb2Oz8 3bkOMukybH9Vo7WqSklUhZFSVgi9k2NPZ5bJUk3GRZVysDbcf534rvXtYfzXvaDwKrjl SFBgD8pqN4lPm5pCAQPvZcmtj2jetRYD72d6CbYYaYVW5msXqUIXI1p30w5fffDf3WlM 4YDcRDDDOhGC2fg3VMF8Qf8nIjSdpsQbNXabYUptAhRtDti6HeyO+xobA368Omi5CeNi J4jZCeorvtnwDZXSGWxXo9eYrpsmCayyDEcNBZK5gSEJXt44CYKjRC6R/2BTzSX/6/6i rj7A== X-Gm-Message-State: AOJu0YwB/R/+GUbEOssKwehP7niOa0VgZMJyA/79VvzRbhr1I4svCaAQ HqIeD2cXWOdn/zh/dIfZMU4fDLKD0X//sDVV3y8qMQZoZn/8x0yzF8PP8ulB0g== X-Gm-Gg: ASbGncsVSHAnMvLjaAxpfu+6xfQmmyylU6L10jWFgTAavx1OOInIRtRkLm8b29eg/X0 pHN68KRT88bqunrNduHXt20Gaj8jIj1eGfVmw5Y3j+5PDAssGJaMtKT/rTPqtAkrmPIpDM+Fh/y ZVvsI7DGSyr8RUjTZlR5hq77E3Bts19LxiblxXJqk8MvSWUypG77zCKxjJOdlD8w6Lk/tfBZLBt OoNevSSkB3FJw3MESXtZfz2iHAAYQ1Ivfspwp0Vf36XelkHNkU33L9/pXya5zfIyCene0KroBJc zGUoEEbvyhewJTfQOhVfdXDevkspvef4RMzB6m0s88FuAs4k76QhJlg+m3C8QBO5atQ+Of1r4Dh 6WdTcOJJXxIA8Sg== X-Google-Smtp-Source: AGHT+IEqvMs9f3zdHkqatEuHHMLq+Pp1CGQwo1N+6m68HBYAt0XjQifVPk3cXxCHJ8EdFG+VR82ouA== X-Received: by 2002:a05:622a:1f98:b0:471:fef5:ee84 with SMTP id d75a77b69052e-4771d924e1emr70292591cf.7.1742592746683; Fri, 21 Mar 2025 14:32:26 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-4771d64d5f6sm16343541cf.81.2025.03.21.14.32.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Mar 2025 14:32:26 -0700 (PDT) Date: Fri, 21 Mar 2025 17:32:25 -0400 Message-ID: Precedence: bulk X-Mailing-List: linux-alpha@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailer: pstg-pwork:20250320_1749/pstg-lib:20250320_2248/pstg-pwork:20250320_1749 From: Paul Moore To: Andrey Albershteyn , Richard Henderson , Matt Turner , Russell King , Catalin Marinas , Will Deacon , Geert Uytterhoeven , Michal Simek , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Yoshinori Sato , Rich Felker , John Paul Adrian Glaubitz , "David S. Miller" , Andreas Larsson , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Chris Zankel , Max Filippov , Alexander Viro , Christian Brauner , Jan Kara , =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= , =?UTF-8?Q?G=C3=BCnther_Noack?= , Arnd Bergmann , =?UTF-8?Q?Pali_Roh=C3=A1r?= , James Morris , "Serge E. Hallyn" Cc: linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org, linux-arch@vger.kernel.org, selinux@vger.kernel.org, Andrey Albershteyn Subject: Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr References: <20250321-xattrat-syscall-v4-1-3e82e6fb3264@kernel.org> In-Reply-To: <20250321-xattrat-syscall-v4-1-3e82e6fb3264@kernel.org> On Mar 21, 2025 Andrey Albershteyn wrote: > > Introduce new hooks for setting and getting filesystem extended > attributes on inode (FS_IOC_FSGETXATTR). > > Cc: selinux@vger.kernel.org > Cc: Paul Moore > > Signed-off-by: Andrey Albershteyn > --- > fs/ioctl.c | 7 ++++++- > include/linux/lsm_hook_defs.h | 4 ++++ > include/linux/security.h | 16 ++++++++++++++++ > security/security.c | 32 ++++++++++++++++++++++++++++++++ > 4 files changed, 58 insertions(+), 1 deletion(-) Thanks Andrey, one small change below, but otherwise this looks pretty good. If you feel like trying to work up the SELinux implementation but need some assitance please let me know, I'll be happy to help :) > diff --git a/fs/ioctl.c b/fs/ioctl.c > index 638a36be31c14afc66a7fd6eb237d9545e8ad997..4434c97bc5dff5a3e8635e28745cd99404ff353e 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -525,10 +525,15 @@ EXPORT_SYMBOL(fileattr_fill_flags); > int vfs_fileattr_get(struct dentry *dentry, struct fileattr *fa) > { > struct inode *inode = d_inode(dentry); > + int error; > > if (!inode->i_op->fileattr_get) > return -ENOIOCTLCMD; > > + error = security_inode_getfsxattr(inode, fa); > + if (error) > + return error; > + > return inode->i_op->fileattr_get(dentry, fa); > } > EXPORT_SYMBOL(vfs_fileattr_get); > @@ -692,7 +697,7 @@ int vfs_fileattr_set(struct mnt_idmap *idmap, struct dentry *dentry, > fa->flags |= old_ma.flags & ~FS_COMMON_FL; > } > err = fileattr_set_prepare(inode, &old_ma, fa); > - if (!err) > + if (!err && !security_inode_setfsxattr(inode, fa)) > err = inode->i_op->fileattr_set(idmap, dentry, fa); > } > inode_unlock(inode); I don't believe we want to hide or otherwise drop the LSM return code as that could lead to odd behavior, e.g. returning 0/success despite not having executed the fileattr_set operation. -- paul-moore.com