From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2D5FD232367 for ; Fri, 21 Mar 2025 21:32:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.175 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1742592751; cv=none; b=ICutb9pCWOkzdPfh38R5GbQnyW94O/BphqsXRvVV7Fzwi/cJw4fG/CGDx4cqxMAtCsoSvVPhCQgbSrPdiEe0Y60K2oN/ZqAiPERhbci6fiy1jEFw9wPiNHdtPVHkKsx7eCeCRedi2je3Ni7s0ntFIhtBG/bQaknnVJ3SlURPwmE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1742592751; c=relaxed/simple; bh=yG1Qzi6F+aGsBMpdWaT175/M25TWqxBfzW0aBc2Mby8=; h=Date:Message-ID:MIME-Version:Content-Type:From:To:Cc:Subject: References:In-Reply-To; b=LxMvX1RqCpCDowcG6yR6z3D2BynAiaTxjthH/4IAbhgI76m8GNbOZpIR0mTk1CyWihRNvlrq/rL8DF/sC0q2jWhJfC3Re71Js6KHgOi09KAjm2EdSbzz/V4RZHLSMlkDgAi9fLAsOaIcHGcI6y9C59tN6HWyxpKXj80oVwbzJLE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=fIRjMm4y; arc=none smtp.client-ip=209.85.160.175 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="fIRjMm4y" Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-47664364628so26085211cf.1 for ; Fri, 21 Mar 2025 14:32:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1742592747; x=1743197547; darn=vger.kernel.org; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:from:to:cc:subject:date:message-id :reply-to; bh=WkEW7se4kA9gakYYehbVu1ZGmOR39c99GGBG3Q74ESA=; b=fIRjMm4y38rt6rR4EiVKrVqg8BgTJNJQzyxdGM3k4y0k9FWSEYB11GkLVZzJlOJC6P LYoP8Lc8BN7MqvRpg1M6uwz5/HCvBNBnnUPff9qC9ZraQOsQ5GUQEawk8nwSJ2R7w19Z Sk01Pvd8sjpeKYJJxvykAYmwnre5DsbtRyrfPhzlWJPMAhta6i64rgRDiNja4KVmxnVP rzhGnDTCiEHE+V04jIUKueIyxF6Gr30GDSoRcl/LOSRTXDBhiSsLptTCSi6lTO7cgJdu 3HHzCXJxe7cd89ONE4gDisu7v9DNNUwILVxBToovN+8GcAfKKh+8f8rSbRrLTA/ycUPn SCzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1742592747; x=1743197547; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=WkEW7se4kA9gakYYehbVu1ZGmOR39c99GGBG3Q74ESA=; b=xAwKZOrgwqL9s0ENvxbRjk+UmHELeCxkI4UDA7AHOXvmgn+ICzM/HfNEhCX3z/MhaU Y/KPTXBtRh4sLactmp6lJzUv5bgpNAiFpK0App/W7FZ7Nlnezu3Ec6nYvwpmGk3gFkj/ UWaYYCbbYI/Q+Fbi+fq1mpXaM6GSyrr8jM5r/C9X9Ywl8Z5UqPpPQDgBM+teYqty9HIi MlWhbA/OCdQDXu26ib7Imm474yvwU9CvZgho0oXSRVuBV6u4MvHrikWdXPlJf0YWvA8G YFdwaR8AfFuUyXOo8WGkM4mub6L7O+221pUgR0y0wqTrKK/0OT0bJeenseK6jAxcxfMB N4jA== X-Forwarded-Encrypted: i=1; AJvYcCXvsMyJKqrvdCS/RxFHRkyHHAsqmanVgdc2CGXBsU5BQcxTlKzxwgxdAbhrdteU4LKQlGMF/CE1p4aE@vger.kernel.org X-Gm-Message-State: AOJu0YzvvSxdlzE5LYjPtP0UL/lJETHfRywLu4/G74PRpebS5DVl+yFd Qf2gKdZB5Y2eTN786lM3b+fc41jvbulqhUXCcipSdzpMnVtXgYnb1aSf9LPn0A== X-Gm-Gg: ASbGncsVUICtC9L45q8fvZ0L/YCE3dXBltaaqyXI+VF40+saNfd1hvZaC1ib3pKglqO z4dCj3uq2w7AgsiUbreu3Poi0Is3uFmSUxRPqVvu2xuCODykMNXIznBCGipwnJFonatbtIO+XCP 3Q7SulwXtiSUDfYf/SlK2UCosdrm4gx01qAQYHNH81roB5PQI8DGchXq8iInD0DePLn0PQnsOhc G5diVCP5RIPbmjh6gaX67Efbhs6qXC5XmFQRZzuZz22qs1jxRpLU8jUVXze3E7dIIQU2EQ1Kd1v pjm6lzNfljFi5nRMttw/cSnHsMV61eTF7XdtQB3xNMkLEukc0HkHlK/C9VUU3q3sdYZhj8Nh3Sb R3jtXIX+a53uAjg== X-Google-Smtp-Source: AGHT+IEqvMs9f3zdHkqatEuHHMLq+Pp1CGQwo1N+6m68HBYAt0XjQifVPk3cXxCHJ8EdFG+VR82ouA== X-Received: by 2002:a05:622a:1f98:b0:471:fef5:ee84 with SMTP id d75a77b69052e-4771d924e1emr70292591cf.7.1742592746683; Fri, 21 Mar 2025 14:32:26 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-4771d64d5f6sm16343541cf.81.2025.03.21.14.32.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Mar 2025 14:32:26 -0700 (PDT) Date: Fri, 21 Mar 2025 17:32:25 -0400 Message-ID: Precedence: bulk X-Mailing-List: linux-s390@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailer: pstg-pwork:20250320_1749/pstg-lib:20250320_2248/pstg-pwork:20250320_1749 From: Paul Moore To: Andrey Albershteyn , Richard Henderson , Matt Turner , Russell King , Catalin Marinas , Will Deacon , Geert Uytterhoeven , Michal Simek , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Yoshinori Sato , Rich Felker , John Paul Adrian Glaubitz , "David S. Miller" , Andreas Larsson , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Chris Zankel , Max Filippov , Alexander Viro , Christian Brauner , Jan Kara , =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= , =?UTF-8?Q?G=C3=BCnther_Noack?= , Arnd Bergmann , =?UTF-8?Q?Pali_Roh=C3=A1r?= , James Morris , "Serge E. Hallyn" Cc: linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org, linux-arch@vger.kernel.org, selinux@vger.kernel.org, Andrey Albershteyn Subject: Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr References: <20250321-xattrat-syscall-v4-1-3e82e6fb3264@kernel.org> In-Reply-To: <20250321-xattrat-syscall-v4-1-3e82e6fb3264@kernel.org> On Mar 21, 2025 Andrey Albershteyn wrote: > > Introduce new hooks for setting and getting filesystem extended > attributes on inode (FS_IOC_FSGETXATTR). > > Cc: selinux@vger.kernel.org > Cc: Paul Moore > > Signed-off-by: Andrey Albershteyn > --- > fs/ioctl.c | 7 ++++++- > include/linux/lsm_hook_defs.h | 4 ++++ > include/linux/security.h | 16 ++++++++++++++++ > security/security.c | 32 ++++++++++++++++++++++++++++++++ > 4 files changed, 58 insertions(+), 1 deletion(-) Thanks Andrey, one small change below, but otherwise this looks pretty good. If you feel like trying to work up the SELinux implementation but need some assitance please let me know, I'll be happy to help :) > diff --git a/fs/ioctl.c b/fs/ioctl.c > index 638a36be31c14afc66a7fd6eb237d9545e8ad997..4434c97bc5dff5a3e8635e28745cd99404ff353e 100644 > --- a/fs/ioctl.c > +++ b/fs/ioctl.c > @@ -525,10 +525,15 @@ EXPORT_SYMBOL(fileattr_fill_flags); > int vfs_fileattr_get(struct dentry *dentry, struct fileattr *fa) > { > struct inode *inode = d_inode(dentry); > + int error; > > if (!inode->i_op->fileattr_get) > return -ENOIOCTLCMD; > > + error = security_inode_getfsxattr(inode, fa); > + if (error) > + return error; > + > return inode->i_op->fileattr_get(dentry, fa); > } > EXPORT_SYMBOL(vfs_fileattr_get); > @@ -692,7 +697,7 @@ int vfs_fileattr_set(struct mnt_idmap *idmap, struct dentry *dentry, > fa->flags |= old_ma.flags & ~FS_COMMON_FL; > } > err = fileattr_set_prepare(inode, &old_ma, fa); > - if (!err) > + if (!err && !security_inode_setfsxattr(inode, fa)) > err = inode->i_op->fileattr_set(idmap, dentry, fa); > } > inode_unlock(inode); I don't believe we want to hide or otherwise drop the LSM return code as that could lead to odd behavior, e.g. returning 0/success despite not having executed the fileattr_set operation. -- paul-moore.com