From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qv1-f52.google.com (mail-qv1-f52.google.com [209.85.219.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 32B1627056C for ; Thu, 22 May 2025 22:26:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.52 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747952772; cv=none; b=HLlAL01ZJSEJygUCbJas23mSQSpqNFExtKx7JLjXQOoMLlcARIo1hSKk2Gcho6IHNIQm5/CO3LvtVnSb/qdw1QNG0uNqPlnMtNSH5TapIvaow8np0LKtC7pYwOWNNsRPG6i/HH1Iasz6yz8e/0Jn5runEwF2DguXHg31Tz2mvko= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747952772; c=relaxed/simple; bh=yXfmq+fsOH2ydhYAaJ/O8G8cyrnfKS0KGUVUMAH0MGk=; h=Date:Message-ID:MIME-Version:Content-Type:From:To:Cc:Subject: References:In-Reply-To; b=E0gE8tFdEkLx92qrRnNfjAxb7jjO2Z5F1Zyv6ZPuTMTSGubSpWFy/zOwAZfutWDCQNf1tDFyadp9vHB2OQVmnmsqqbRj/vlRkoLlMYSkvwsQqGpTJQjtNxGASkec5dEqDrNO8iJ63Gfl4RSLaKBmluq+HjPWar0JmPtBaEgOXyQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=PE8bp2bC; arc=none smtp.client-ip=209.85.219.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="PE8bp2bC" Received: by mail-qv1-f52.google.com with SMTP id 6a1803df08f44-6f0ad74483fso90570826d6.1 for ; Thu, 22 May 2025 15:26:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1747952767; x=1748557567; darn=vger.kernel.org; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:from:to:cc:subject:date:message-id :reply-to; bh=Jmptf5RMBQqSn8lkxlWoyMCjmS+Mv7H8iKTTl/Kwouo=; b=PE8bp2bC2u+7hVMWFXDxIhgHhKxulbXWcGxnUpIhrgzangQno0wz8wTj2SBpQlx+RH HWbPzJONY/k5V5KhKxFzRg0mqcSuevNUob7nbBRkNe4zNv5ta0ZZRbKuMkupvRu1j4H/ L5g61hkwn3G2TrJtCWpQppB/pCl9f/CPqdvv0wvc5m0YvonN/44WK2eHjcRrBNO9b+Bz rMI5Soc4po1JoBDybn3lJlA6EaENodtYQjDPfzlCn/d0jltsqZogc7KaymbExTqk6b2E 5S0ojIzkilaxs5NcdiEorb9gq51ZYUhzmmerYI6Csq70Rwqskc1RTDHHPC4a/b2ToWTE +pXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747952767; x=1748557567; h=in-reply-to:references:subject:cc:to:from:content-transfer-encoding :mime-version:message-id:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=Jmptf5RMBQqSn8lkxlWoyMCjmS+Mv7H8iKTTl/Kwouo=; b=tRWrd8E4cRNmb5RXC+wTtx+eRlA7lS2S0taLLd9kbQ4Tn0P/dnEEAgTKKBJcVI4JIX 8Tgbh+a0dndOVxnbmdfMFroONSrDrsXlW+LiI7MBpicNXWfVAA7VLR9v2GzUOaPlmPHY FOKJp47keMrr1m7L/wY5aMrWuOnY+cC1Zq/INfKcoIr/42rNjXNiGMakO8dLh+ttSlsy RdJ+llgHSpgqb6lHBWqASt4lwZcSAYyOCal50tN8gIndG+e8brQUiJAuSrIGzQCuXHzz uo1Fx3yZa8CumocIWKCGgcpY8uy9Rf653MVfh/EPLbV1FuKgz5CA4TjsKO0D4QRbSaSG tMdg== X-Forwarded-Encrypted: i=1; AJvYcCWlvCcwC1IOTFZgkoPbNA3/5OnyOJ/KKS3XBwYfzk+CTTyMvjYJ0cOns4uWZUtP/BUVG2dreCaRQnUN0YIm@vger.kernel.org X-Gm-Message-State: AOJu0YyvJVqen6rfDzWlyvAu6Q59P6iiq1vcEXoHOGJheQwTAWObP930 FhAY2/zolKoTLm0T+AI5mNYOLCkMZHS57LtrYO3shIsTlK2NBTAqZMcZENn1s7LpeQ== X-Gm-Gg: ASbGnctleT+4QXu+jktatU4PkmmrF4mRlr0C7hxomlpEO8pGUywLEj2qOE74Gsv8BKJ 3vGrz9Xx0f8PBXAbWixULX900+u1eX88kLnD4LqA5o26qx8akLYcfdT6lKERwSqcZHV5L+lZ0bU d9yjUzW6ic6uYdofBv9fNjUBQ4zuEHCcp8DkWr1qnZ4KN/hGz+OmeNNLb+YbV72Y47tjMr2hBM3 rkIS+8nQ8vCwTSPhUO+24ybl4uOJNpO+/83DBeuVW3gOmNV5LYaP8aqb2HnWtOyUsvQ+rJh3jdb xs0YwJEY5TS7PFRoTIeZ51bvwgwzic8CX+rPTcIzPfwcRSiPbJCNVePruWt3nCkZYRSwnbKzf8W gxiRMKkDXcoSu0riiqdOw X-Google-Smtp-Source: AGHT+IE2zN7SH+0SaGrs2tzepSFkLMKNXBgIbbn8M9DQcRbDJBs1dDzlx85ZuSxbIPErdUE31K4qXg== X-Received: by 2002:a05:6214:1947:b0:6f2:b094:430e with SMTP id 6a1803df08f44-6f8b0829131mr503375636d6.25.1747952766984; Thu, 22 May 2025 15:26:06 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f8b0987259sm105076766d6.120.2025.05.22.15.26.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 May 2025 15:26:06 -0700 (PDT) Date: Thu, 22 May 2025 18:26:05 -0400 Message-ID: <0bb73a49ccbc93e90ea87c0dbb4097ae@paul-moore.com> Precedence: bulk X-Mailing-List: linux-unionfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailer: pstg-pwork:20250522_1740/pstg-lib:20250522_1730/pstg-pwork:20250522_1740 From: Paul Moore To: Andrey Albershteyn , Richard Henderson , Matt Turner , Russell King , Catalin Marinas , Will Deacon , Geert Uytterhoeven , Michal Simek , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Yoshinori Sato , Rich Felker , John Paul Adrian Glaubitz , "David S. Miller" , Andreas Larsson , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Chris Zankel , Max Filippov , Alexander Viro , Christian Brauner , Jan Kara , =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= , =?UTF-8?Q?G=C3=BCnther_Noack?= , Arnd Bergmann , =?UTF-8?Q?Pali_Roh=C3=A1r?= , James Morris , "Serge E. Hallyn" , Stephen Smalley , Ondrej Mosnacek , Tyler Hicks , Miklos Szeredi , Amir Goldstein Cc: linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org, linux-arch@vger.kernel.org, selinux@vger.kernel.org, ecryptfs@vger.kernel.org, linux-unionfs@vger.kernel.org, linux-xfs@vger.kernel.org, Andrey Albershteyn Subject: Re: [PATCH v5 2/7] lsm: introduce new hooks for setting/getting inode fsxattr References: <20250513-xattrat-syscall-v5-2-22bb9c6c767f@kernel.org> In-Reply-To: <20250513-xattrat-syscall-v5-2-22bb9c6c767f@kernel.org> On May 13, 2025 Andrey Albershteyn wrote: > > Introduce new hooks for setting and getting filesystem extended > attributes on inode (FS_IOC_FSGETXATTR). > > Cc: selinux@vger.kernel.org > Cc: Paul Moore > > Signed-off-by: Andrey Albershteyn > --- > fs/file_attr.c | 19 ++++++++++++++++--- > include/linux/lsm_hook_defs.h | 2 ++ > include/linux/security.h | 16 ++++++++++++++++ > security/security.c | 30 ++++++++++++++++++++++++++++++ > 4 files changed, 64 insertions(+), 3 deletions(-) The only thing that gives me a slight pause is that on a set operation we are going to hit both the get and set LSM hooks, but since the code does call into the getter on a set operation this is arguably the right thing. Acked-by: Paul Moore -- paul-moore.com