From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A70E7C54FB9 for ; Thu, 16 Nov 2023 04:34:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344845AbjKPEeO (ORCPT ); Wed, 15 Nov 2023 23:34:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43596 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235675AbjKPEd4 (ORCPT ); Wed, 15 Nov 2023 23:33:56 -0500 Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 572171B3 for ; Wed, 15 Nov 2023 20:33:52 -0800 (PST) Received: by mail-qt1-x836.google.com with SMTP id d75a77b69052e-41e1921da84so2604981cf.1 for ; Wed, 15 Nov 2023 20:33:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1700109231; x=1700714031; darn=vger.kernel.org; h=in-reply-to:references:subject:cc:to:from:message-id:date:from:to :cc:subject:date:message-id:reply-to; bh=FRCIUlxMviG/akojIoiuUtAzlfA4z+ppx5JWcANslrQ=; b=SwYS/wyuZgZb9WJ0PIvbdBV7/u/Z74cHs86kLwpyUjEaxAXQtDq6If6SI7YvAdGeTm 6CCGvzBiXTzyxPeSUfFgQNUfwXcV8V6Ol45lE8wSbPTJkP5Yh2x+QdBsmHJs9uBoL3oJ eGSmR68w0bH5KDsM4hsNba/8NMA/Dl9jaNVn85591Ud0BL+hq9WIzhpnHo13OE4hgLt2 JmqI4uCRpXAqIc0dTXWhjm/I3Pxv3lu83q7bOIndslt95HTIOsiQ1Xi73YnnBvxqTy2N TcmKB0D9Z7rNvSj00Z8ubcL6V54Qfcuv/lxJwqOi5ttkVZ1DdMhAr9Q1PyDEV3fHaCAh hhYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700109231; x=1700714031; h=in-reply-to:references:subject:cc:to:from:message-id:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FRCIUlxMviG/akojIoiuUtAzlfA4z+ppx5JWcANslrQ=; b=Y4BLPXbLF6d5ZkoQW3+QB+8Z9BLDiRAY7NNa3+nRJClLDTSK7LcGBu7VhZqotwe9sG Ix8jbpNh2qJxj31PIX9CRdzEMXk3Pb8nLHZt9KWohwfOC08CRado0aUZLNw9T2mFMJpr P9/UYVKKyzFwoBPEmg81pQHubnzMM0colLbR6eri6scGbUR1uj5R4Ia0SLZsak3cklko Lhpj0H97SgeK177vf9yKezKxP4bKWiuiqRgBvoCXY6pYxP5kIomycsuL4MZpGaBXe5Cm 1f5D4pjbAi9U943U8Fwn0s35eqFIJMFql8NIDTUaOabC3kuznyDz3Wx4swKNNF/1YI5Z KITA== X-Gm-Message-State: AOJu0YxuyfrIuMi3ICd2XY9WAQ71aVMSY+XqCuAwf3KQbj1ifTMv1/IP AdvRX9zkCtGxCznHHsU6KZ7/ X-Google-Smtp-Source: AGHT+IHphFpDzgVFwOfukFTgf3tIsG9A83ycMGfQY4UVTT6EROx8wCbgF2iRta1hsOxzIr0MuKuWvQ== X-Received: by 2002:a05:622a:1a9c:b0:412:24e6:a485 with SMTP id s28-20020a05622a1a9c00b0041224e6a485mr8399280qtc.2.1700109231366; Wed, 15 Nov 2023 20:33:51 -0800 (PST) Received: from localhost ([70.22.175.108]) by smtp.gmail.com with ESMTPSA id e7-20020ac84907000000b004195faf1e2csm4050405qtq.97.2023.11.15.20.33.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Nov 2023 20:33:50 -0800 (PST) Date: Wed, 15 Nov 2023 23:33:50 -0500 Message-ID: From: Paul Moore To: Roberto Sassu , viro@zeniv.linux.org.uk, brauner@kernel.org, chuck.lever@oracle.com, jlayton@kernel.org, neilb@suse.de, kolga@netapp.com, Dai.Ngo@oracle.com, tom@talpey.com, jmorris@namei.org, serge@hallyn.com, zohar@linux.ibm.com, dmitry.kasatkin@gmail.com, dhowells@redhat.com, jarkko@kernel.org, stephen.smalley.work@gmail.com, eparis@parisplace.org, casey@schaufler-ca.com, mic@digikod.net Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, selinux@vger.kernel.org, Roberto Sassu , Stefan Berger Subject: Re: [PATCH v5 17/23] security: Introduce inode_post_remove_acl hook References: <20231107134012.682009-18-roberto.sassu@huaweicloud.com> In-Reply-To: <20231107134012.682009-18-roberto.sassu@huaweicloud.com> Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Nov 7, 2023 Roberto Sassu wrote: > > In preparation for moving IMA and EVM to the LSM infrastructure, introduce > the inode_post_remove_acl hook. > > At inode_remove_acl hook, EVM verifies the file's existing HMAC value. At > inode_post_remove_acl, EVM re-calculates the file's HMAC with the passed > POSIX ACL removed and other file metadata. > > Other LSMs could similarly take some action after successful POSIX ACL > removal. > > The new hook cannot return an error and cannot cause the operation to be > reverted. > > Signed-off-by: Roberto Sassu > Reviewed-by: Stefan Berger > Acked-by: Casey Schaufler > Reviewed-by: Mimi Zohar > --- > fs/posix_acl.c | 1 + > include/linux/lsm_hook_defs.h | 2 ++ > include/linux/security.h | 8 ++++++++ > security/security.c | 17 +++++++++++++++++ > 4 files changed, 28 insertions(+) ... > diff --git a/security/security.c b/security/security.c > index d2dbea54a63a..6eb7c9cff1e5 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -2413,6 +2413,23 @@ int security_inode_remove_acl(struct mnt_idmap *idmap, > return evm_inode_remove_acl(idmap, dentry, acl_name); > } > > +/** > + * security_inode_post_remove_acl() - Update inode security after rm posix acls > + * @idmap: idmap of the mount > + * @dentry: file > + * @acl_name: acl name > + * > + * Update inode security data after successfully removing posix acls on > + * @dentry in @idmap. The posix acls are identified by @acl_name. > + */ > +void security_inode_post_remove_acl(struct mnt_idmap *idmap, > + struct dentry *dentry, const char *acl_name) > +{ > + if (unlikely(IS_PRIVATE(d_backing_inode(dentry)))) > + return; See previous comments regaring S_PRIVATE checks. > + call_void_hook(inode_post_remove_acl, idmap, dentry, acl_name); > +} > + > /** > * security_inode_post_setxattr() - Update the inode after a setxattr operation > * @dentry: file > -- > 2.34.1 -- paul-moore.com