From: Christian Brauner <brauner@kernel.org>
To: Paul Moore <paul@paul-moore.com>
Cc: linux-fsdevel@vger.kernel.org, Seth Forshee <sforshee@kernel.org>,
Christoph Hellwig <hch@lst.de>, Al Viro <viro@zeniv.linux.org.uk>,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH v2 17/30] acl: add vfs_remove_acl()
Date: Wed, 28 Sep 2022 09:41:33 +0200 [thread overview]
Message-ID: <20220928074133.maredn3fcavfygxr@wittgenstein> (raw)
In-Reply-To: <CAHC9VhRZBP6fXtBseJJ_zHy+yoHMkVkSUbAFXmer7bKpt1Qvow@mail.gmail.com>
On Tue, Sep 27, 2022 at 06:55:37PM -0400, Paul Moore wrote:
> On Mon, Sep 26, 2022 at 11:24 AM Christian Brauner <brauner@kernel.org> wrote:
> >
> > In previous patches we implemented get and set inode operations for all
> > non-stacking filesystems that support posix acls but didn't yet
> > implement get and/or set acl inode operations. This specifically
> > affected cifs and 9p.
> >
> > Now we can build a posix acl api based solely on get and set inode
> > operations. We add a new vfs_remove_acl() api that can be used to set
> > posix acls. This finally removes all type unsafety and type conversion
> > issues explained in detail in [1] that we aim to get rid of.
> >
> > After we finished building the vfs api we can switch stacking
> > filesystems to rely on the new posix api and then finally switch the
> > xattr system calls themselves to rely on the posix acl api.
> >
> > Link: https://lore.kernel.org/all/20220801145520.1532837-1-brauner@kernel.org [1]
> > Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
> > ---
> >
> > Notes:
> > /* v2 */
> > unchanged
> >
> > fs/posix_acl.c | 65 +++++++++++++++++++++++++++++++++++++++
> > include/linux/posix_acl.h | 8 +++++
> > 2 files changed, 73 insertions(+)
>
> ...
>
> > diff --git a/fs/posix_acl.c b/fs/posix_acl.c
> > index 18873be583a9..40038851bfe1 100644
> > --- a/fs/posix_acl.c
> > +++ b/fs/posix_acl.c
> > @@ -1484,3 +1484,68 @@ struct posix_acl *vfs_get_acl(struct user_namespace *mnt_userns,
> > return acl;
> > }
> > EXPORT_SYMBOL(vfs_get_acl);
> > +
> > +/**
> > + * vfs_remove_acl - remove posix acls
> > + * @mnt_userns: user namespace of the mount
> > + * @dentry: the dentry based on which to retrieve the posix acls
> > + * @acl_name: the name of the posix acl
> > + *
> > + * This function removes posix acls.
> > + *
> > + * Return: On success 0, on error negative errno.
> > + */
> > +int vfs_remove_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
> > + const char *acl_name)
> > +{
> > + int acl_type;
> > + int error;
> > + struct inode *inode = d_inode(dentry);
> > + struct inode *delegated_inode = NULL;
> > +
> > + acl_type = posix_acl_type(acl_name);
> > + if (acl_type < 0)
> > + return -EINVAL;
> > +
> > +retry_deleg:
> > + inode_lock(inode);
> > +
> > + /*
> > + * We only care about restrictions the inode struct itself places upon
> > + * us otherwise POSIX ACLs aren't subject to any VFS restrictions.
> > + */
> > + error = xattr_permission(mnt_userns, inode, acl_name, MAY_WRITE);
> > + if (error)
> > + goto out_inode_unlock;
> > +
> > + error = security_inode_removexattr(mnt_userns, dentry, acl_name);
> > + if (error)
> > + goto out_inode_unlock;
>
> Similar to my comments in patch 16/30 for vfs_get_acl(), I would
> suggest a dedicated ACL remove hook here. Yes, it's still a little
> bit silly, but if we are going to make one dedicated hook, we might as
> well do them all.
Sure, I don't mind doing that. I'll add the infrastructure and then the
individual LSMs can add their own hooks.
next prev parent reply other threads:[~2022-09-28 7:46 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-26 14:07 [PATCH v2 00/30] acl: add vfs posix acl api Christian Brauner
2022-09-26 14:07 ` [PATCH v2 01/30] orangefs: rework posix acl handling when creating new filesystem objects Christian Brauner
2022-09-26 14:07 ` [PATCH v2 02/30] fs: pass dentry to set acl method Christian Brauner
2022-09-26 14:08 ` [PATCH v2 03/30] fs: rename current get " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 04/30] fs: add new " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 05/30] cifs: implement " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 06/30] cifs: implement set " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 07/30] 9p: implement get " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 08/30] 9p: implement set " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 09/30] acl: add vfs_set_acl() Christian Brauner
2022-09-26 14:08 ` [PATCH v2 10/30] security: add set acl hook Christian Brauner
2022-09-27 22:55 ` Paul Moore
2022-09-26 14:08 ` [PATCH v2 11/30] selinux: implement " Christian Brauner
2022-09-27 22:55 ` Paul Moore
2022-09-26 14:08 ` [PATCH v2 12/30] smack: " Christian Brauner
2022-09-27 22:56 ` Paul Moore
2022-09-27 23:15 ` Casey Schaufler
2022-09-26 14:08 ` [PATCH v2 13/30] evm: " Christian Brauner
2022-09-27 22:56 ` Paul Moore
2022-09-26 14:08 ` [PATCH v2 14/30] acl: use " Christian Brauner
2022-09-27 22:56 ` Paul Moore
2022-09-26 14:08 ` [PATCH v2 15/30] evm: add post " Christian Brauner
2022-09-27 22:56 ` Paul Moore
2022-09-26 14:08 ` [PATCH v2 16/30] acl: add vfs_get_acl() Christian Brauner
2022-09-27 22:55 ` Paul Moore
2022-09-28 7:40 ` Christian Brauner
2022-09-28 14:58 ` Paul Moore
2022-09-28 15:12 ` Christian Brauner
2022-09-28 15:27 ` Paul Moore
2022-09-26 14:08 ` [PATCH v2 17/30] acl: add vfs_remove_acl() Christian Brauner
2022-09-27 22:55 ` Paul Moore
2022-09-28 7:41 ` Christian Brauner [this message]
2022-09-26 14:08 ` [PATCH v2 18/30] evm: simplify evm_xattr_acl_change() Christian Brauner
2022-09-27 22:56 ` Paul Moore
2022-09-28 13:31 ` Christian Brauner
2022-09-26 14:08 ` [PATCH v2 19/30] ksmbd: use vfs_remove_acl() Christian Brauner
2022-09-26 14:08 ` [PATCH v2 20/30] ecryptfs: implement get acl method Christian Brauner
2022-09-26 14:08 ` [PATCH v2 21/30] ecryptfs: implement set " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 22/30] ovl: implement get " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 23/30] ovl: implement set " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 24/30] ovl: use posix acl api Christian Brauner
2022-09-26 14:08 ` [PATCH v2 25/30] xattr: " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 26/30] ecryptfs: use stub posix acl handlers Christian Brauner
2022-09-26 14:08 ` [PATCH v2 27/30] ovl: " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 28/30] cifs: " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 29/30] 9p: " Christian Brauner
2022-09-26 14:08 ` [PATCH v2 30/30] acl: remove a slew of now unused helpers Christian Brauner
2022-09-27 0:22 ` [PATCH v2 00/30] acl: add vfs posix acl api Casey Schaufler
2022-09-27 7:41 ` Christoph Hellwig
2022-09-27 7:59 ` Christian Brauner
2022-09-27 14:11 ` Casey Schaufler
2022-09-27 15:16 ` Seth Forshee
2022-09-27 15:55 ` Casey Schaufler
2022-09-27 23:24 ` Paul Moore
2022-09-27 23:37 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220928074133.maredn3fcavfygxr@wittgenstein \
--to=brauner@kernel.org \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=sforshee@kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).