From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fsdevel@vger.kernel.org, James Morris <jmorris@namei.org>,
David Safford <safford@watson.ibm.com>,
Dave Hansen <dave@linux.vnet.ibm.com>,
Mimi Zohar <zohar@us.ibm.com>
Subject: Re: [PATCH 02/15] security: move LSM xattrnames to xattr.h
Date: Fri, 25 Jun 2010 07:15:06 -0400 [thread overview]
Message-ID: <1277464506.3220.5.camel@localhost.localdomain> (raw)
In-Reply-To: <4C242745.6050801@schaufler-ca.com>
On Thu, 2010-06-24 at 20:49 -0700, Casey Schaufler wrote:
> Mimi Zohar wrote:
> > Make the security extended attributes names global.
> >
> > Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
> > Acked-by: Serge Hallyn <serue@us.ibm.com>
> > ---
> > include/linux/capability.h | 3 ---
> > include/linux/xattr.h | 10 ++++++++++
> > security/selinux/hooks.c | 3 ---
> > security/smack/smack.h | 2 --
> > 4 files changed, 10 insertions(+), 8 deletions(-)
> >
> > diff --git a/include/linux/capability.h b/include/linux/capability.h
> > index 39e5ff5..90012b9 100644
> > --- a/include/linux/capability.h
> > +++ b/include/linux/capability.h
> > @@ -49,9 +49,6 @@ typedef struct __user_cap_data_struct {
> > } __user *cap_user_data_t;
> >
> >
> > -#define XATTR_CAPS_SUFFIX "capability"
> > -#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
> > -
> > #define VFS_CAP_REVISION_MASK 0xFF000000
> > #define VFS_CAP_REVISION_SHIFT 24
> > #define VFS_CAP_FLAGS_MASK ~VFS_CAP_REVISION_MASK
> > diff --git a/include/linux/xattr.h b/include/linux/xattr.h
> > index 0cfa1e9..62ca853 100644
> > --- a/include/linux/xattr.h
> > +++ b/include/linux/xattr.h
> > @@ -33,6 +33,16 @@
> > #define XATTR_USER_PREFIX "user."
> > #define XATTR_USER_PREFIX_LEN (sizeof (XATTR_USER_PREFIX) - 1)
> >
> > +/* Security namespace */
> > +#define XATTR_SELINUX_SUFFIX "selinux"
> > +#define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX
> > +
> > +#define XATTR_SMACK_SUFFIX "SMACK64"
> > +#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX
> > +
> > +#define XATTR_CAPS_SUFFIX "capability"
> > +#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
> > +
> > struct inode;
> > struct dentry;
> >
> > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> > index 0f524b7..85338f0 100644
> > --- a/security/selinux/hooks.c
> > +++ b/security/selinux/hooks.c
> > @@ -87,9 +87,6 @@
> > #include "netlabel.h"
> > #include "audit.h"
> >
> > -#define XATTR_SELINUX_SUFFIX "selinux"
> > -#define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX
> > -
> > #define NUM_SEL_MNT_OPTS 5
> >
> > extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm);
> > diff --git a/security/smack/smack.h b/security/smack/smack.h
> > index c6e9aca..9c773e3 100644
> > --- a/security/smack/smack.h
> > +++ b/security/smack/smack.h
> > @@ -126,10 +126,8 @@ struct smack_known {
> > /*
> > * xattr names
> > */
> > -#define XATTR_SMACK_SUFFIX "SMACK64"
> > #define XATTR_SMACK_IPIN "SMACK64IPIN"
> > #define XATTR_SMACK_IPOUT "SMACK64IPOUT"
> > -#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX
> > #define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN
> > #define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT
> >
>
> Why just the SMACK64 attribute name, and not the others? They are
> manipulated with the same interfaces (well, fsetxattr, fgetxattr)
> as the SMACK64 attribute. There isn't any conceptual difference and
> the rationale for moving attribute names really ought to apply to
> them as well.
Hi Casey,
Moving the other SMACK xattrs is fine, but are they used on persistent
files and need to be EVM protected?
Mimi
next prev parent reply other threads:[~2010-06-25 11:15 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-24 18:10 [PATCH 00/15] EVM Mimi Zohar
2010-06-24 18:10 ` [PATCH 01/15] integrity: move ima inode integrity data management Mimi Zohar
2010-06-24 18:10 ` [PATCH 02/15] security: move LSM xattrnames to xattr.h Mimi Zohar
2010-06-25 3:49 ` Casey Schaufler
2010-06-25 11:15 ` Mimi Zohar [this message]
2010-06-27 16:54 ` Casey Schaufler
2010-06-28 1:35 ` Mimi Zohar
2010-06-24 18:10 ` [PATCH 03/15] xattr: define vfs_getxattr_alloc and vfs_xattr_cmp Mimi Zohar
2010-06-24 18:10 ` [PATCH 04/15] evm: re-release Mimi Zohar
2010-06-24 18:10 ` [PATCH 05/15] ima: move ima_file_free before releasing the file Mimi Zohar
2010-06-24 18:10 ` [PATCH 06/15] security: imbed evm calls in security hooks Mimi Zohar
2010-06-24 18:10 ` [PATCH 07/15] evm: inode post removexattr Mimi Zohar
2010-06-24 18:10 ` [PATCH 08/15] evm: imbed evm_inode_post_setattr Mimi Zohar
2010-06-24 18:10 ` [PATCH 09/15] evm: inode_post_init Mimi Zohar
2010-06-24 18:10 ` [PATCH 10/15] fs: add evm_inode_post_init calls Mimi Zohar
2010-06-24 18:10 ` [PATCH 11/15] ima: integrity appraisal extension Mimi Zohar
2010-06-24 18:10 ` [PATCH 12/15] ima: appraise default rules Mimi Zohar
2010-06-24 18:10 ` [PATCH 13/15] ima: inode post_setattr Mimi Zohar
2010-06-24 18:10 ` [PATCH 14/15] ima: add ima_inode_setxattr and ima_inode_removexattr Mimi Zohar
2010-06-24 18:10 ` [PATCH 15/15] ima: appraise measurement required Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1277464506.3220.5.camel@localhost.localdomain \
--to=zohar@linux.vnet.ibm.com \
--cc=casey@schaufler-ca.com \
--cc=dave@linux.vnet.ibm.com \
--cc=jmorris@namei.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).