linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: David Howells <dhowells@redhat.com>
To: torvalds@osdl.org, akpm@osdl.org, steved@redhat.com,
	trond.myklebust@fys.uio.no
Cc: linux-fsdevel@vger.kernel.org, linux-cachefs@redhat.com,
	nfsv4@linux-nfs.org, linux-kernel@vger.kernel.org
Subject: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
Date: Thu, 09 Aug 2007 17:05:25 +0100	[thread overview]
Message-ID: <20070809160525.17906.35400.stgit@warthog.cambridge.redhat.com> (raw)
In-Reply-To: <20070809160438.17906.76348.stgit@warthog.cambridge.redhat.com>

Make it possible for a process's file creation SID to be temporarily overridden
by CacheFiles so that files created in the cache have the right label attached.

Without this facility, files created in the cache will be given the current
file creation SID of whatever process happens to have invoked CacheFiles
indirectly by means of opening a netfs file at the time the cache file is
created.

Signed-Off-By: David Howells <dhowells@redhat.com>
---

 include/linux/security.h |   35 +++++++++++++++++++++++++++++++++++
 security/dummy.c         |   12 ++++++++++++
 security/selinux/hooks.c |   18 ++++++++++++++++++
 3 files changed, 65 insertions(+), 0 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index c11dc8a..92d3da0 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1147,6 +1147,13 @@ struct request_sock;
  *	@secdata contains the security context.
  *	@seclen contains the length of the security context.
  *
+ * @get_fscreate_secid:
+ *	Get the current FS security ID.
+ *
+ * @set_fscreate_secid:
+ *	Set the current FS security ID.
+ *	@secid contains the security ID to set.
+ *
  * This is the main security structure.
  */
 struct security_operations {
@@ -1330,6 +1337,8 @@ struct security_operations {
  	int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size);
 	int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
 	void (*release_secctx)(char *secdata, u32 seclen);
+	u32 (*get_fscreate_secid)(void);
+	u32 (*set_fscreate_secid)(u32 secid);
 
 #ifdef CONFIG_SECURITY_NETWORK
 	int (*unix_stream_connect) (struct socket * sock,
@@ -2127,6 +2136,16 @@ static inline void security_release_secctx(char *secdata, u32 seclen)
 	return security_ops->release_secctx(secdata, seclen);
 }
 
+static inline u32 security_get_fscreate_secid(void)
+{
+	return security_ops->get_fscreate_secid();
+}
+
+static inline u32 security_set_fscreate_secid(u32 secid)
+{
+	return security_ops->set_fscreate_secid(secid);
+}
+
 /* prototypes */
 extern int security_init	(void);
 extern int register_security	(struct security_operations *ops);
@@ -2795,6 +2814,11 @@ static inline void securityfs_remove(struct dentry *dentry)
 {
 }
 
+static inline int security_to_secctx_secid(char *secdata, u32 seclen, u32 *secid)
+{
+	return -EOPNOTSUPP;
+}
+
 static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
 {
 	return -EOPNOTSUPP;
@@ -2803,6 +2827,17 @@ static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *secle
 static inline void security_release_secctx(char *secdata, u32 seclen)
 {
 }
+
+static inline u32 security_get_fscreate_secid(void)
+{
+	return 0;
+}
+
+static inline u32 security_set_fscreate_secid(u32 secid)
+{
+	return 0;
+}
+
 #endif	/* CONFIG_SECURITY */
 
 #ifdef CONFIG_SECURITY_NETWORK
diff --git a/security/dummy.c b/security/dummy.c
index 19d813d..d463e6f 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -930,6 +930,16 @@ static void dummy_release_secctx(char *secdata, u32 seclen)
 {
 }
 
+static u32 dummy_get_fscreate_secid(void)
+{
+	return 0;
+}
+
+static u32 dummy_set_fscreate_secid(u32 secid)
+{
+	return 0;
+}
+
 #ifdef CONFIG_KEYS
 static inline int dummy_key_alloc(struct key *key, struct task_struct *ctx,
 				  unsigned long flags)
@@ -1084,6 +1094,8 @@ void security_fixup_ops (struct security_operations *ops)
  	set_to_dummy_if_null(ops, setprocattr);
  	set_to_dummy_if_null(ops, secid_to_secctx);
  	set_to_dummy_if_null(ops, release_secctx);
+ 	set_to_dummy_if_null(ops, get_fscreate_secid);
+ 	set_to_dummy_if_null(ops, set_fscreate_secid);
 #ifdef CONFIG_SECURITY_NETWORK
 	set_to_dummy_if_null(ops, unix_stream_connect);
 	set_to_dummy_if_null(ops, unix_may_send);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6237933..c5905b0 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4661,6 +4661,22 @@ static void selinux_release_secctx(char *secdata, u32 seclen)
 	kfree(secdata);
 }
 
+static u32 selinux_get_fscreate_secid(void)
+{
+	struct task_security_struct *tsec = current->security;
+
+	return tsec->create_sid;
+}
+
+static u32 selinux_set_fscreate_secid(u32 secid)
+{
+	struct task_security_struct *tsec = current->security;
+	u32 oldsid = tsec->create_sid;
+
+	tsec->create_sid = secid;
+	return oldsid;
+}
+
 #ifdef CONFIG_KEYS
 
 static int selinux_key_alloc(struct key *k, struct task_struct *tsk,
@@ -4843,6 +4859,8 @@ static struct security_operations selinux_ops = {
 
 	.secid_to_secctx =		selinux_secid_to_secctx,
 	.release_secctx =		selinux_release_secctx,
+	.get_fscreate_secid =		selinux_get_fscreate_secid,
+	.set_fscreate_secid =		selinux_set_fscreate_secid,
 
         .unix_stream_connect =		selinux_socket_unix_stream_connect,
 	.unix_may_send =		selinux_socket_unix_may_send,

  parent reply	other threads:[~2007-08-09 16:05 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-08-09 16:04 [PATCH 00/14] Permit filesystem local caching [try #2] David Howells
2007-08-09 16:04 ` [PATCH 01/14] FS-Cache: Release page->private after failed readahead " David Howells
2007-08-09 16:04 ` [PATCH 02/14] FS-Cache: Recruit a couple of page flags for cache management " David Howells
2007-08-09 16:04 ` [PATCH 03/14] FS-Cache: Provide an add_wait_queue_tail() function " David Howells
2007-08-09 16:04 ` [PATCH 04/14] FS-Cache: Generic filesystem caching facility " David Howells
2007-08-09 16:05 ` [PATCH 05/14] CacheFiles: Add missing copy_page export for ia64 " David Howells
2007-08-09 16:05 ` [PATCH 06/14] CacheFiles: Add a hook to write a single page of data to an inode " David Howells
2007-08-09 16:05 ` [PATCH 07/14] CacheFiles: Permit the page lock state to be monitored " David Howells
2007-08-09 16:05 ` [PATCH 08/14] CacheFiles: Export things for CacheFiles " David Howells
2007-08-09 16:05 ` David Howells [this message]
2007-08-09 17:04   ` [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden " Casey Schaufler
2007-08-09 18:07     ` David Howells
2007-08-09 18:51       ` Casey Schaufler
2007-08-09 16:05 ` [PATCH 10/14] CacheFiles: Add an act-as SID override in task_security_struct " David Howells
2007-08-09 16:05 ` [PATCH 11/14] CacheFiles: Permit an inode's security ID to be obtained " David Howells
2007-08-09 17:07   ` Casey Schaufler
2007-08-09 17:22     ` Stephen Smalley
2007-08-09 17:59       ` Casey Schaufler
2007-08-09 18:06     ` David Howells
2007-08-09 18:50     ` James Morris
2007-08-09 19:07     ` David Howells
2007-08-09 19:34       ` James Morris
2007-08-09 20:33         ` Casey Schaufler
2007-08-10  9:22           ` David Howells
2007-08-09 18:16   ` James Morris
2007-08-09 18:21   ` David Howells
2007-08-09 18:42     ` James Morris
2007-08-09 16:05 ` [PATCH 12/14] CacheFiles: Get the SID under which the CacheFiles module should operate " David Howells
2007-08-09 16:05 ` [PATCH 13/14] CacheFiles: A cache that backs onto a mounted filesystem " David Howells
2007-08-09 16:05 ` [PATCH 14/14] NFS: Use local caching " David Howells
2007-08-09 18:24   ` Trond Myklebust
2007-08-09 18:52   ` David Howells
2007-08-09 19:25     ` Trond Myklebust
2007-08-10 14:04     ` David Howells
2007-08-10 16:07       ` Trond Myklebust
2007-08-09 19:15   ` David Howells

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070809160525.17906.35400.stgit@warthog.cambridge.redhat.com \
    --to=dhowells@redhat.com \
    --cc=akpm@osdl.org \
    --cc=linux-cachefs@redhat.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nfsv4@linux-nfs.org \
    --cc=steved@redhat.com \
    --cc=torvalds@osdl.org \
    --cc=trond.myklebust@fys.uio.no \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).