| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Jun 2015 14:32:15 +0100
From: David Howells <dhowells@...hat.com>
To: sds@...ho.nsa.gov, viro@...iv.linux.org.uk, miklos@...redi.hu
Cc: linux-fsdevel@...r.kernel.org, dhowells@...hat.com,
linux-security-module@...r.kernel.org,
linux-unionfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 0/8] Security: Provide unioned file support
The attached patches provide security support for unioned files where the
security involves an object-label-based LSM (such as SELinux) rather than a
path-based LSM.
The patches can be broken down into a number of sets:
(1) A small patch to drop a lock earlier in overlayfs. The main VFS patch
touches the same code, so I put this first.
(2) The main VFS patch that makes an open file struct referring to a union
file have ->f_path point to the union/overlay file whilst ->f_inode and
->f_mapping refer to the subordinate file that does the actual work.
(3) LSM hooks to handle copy up of a file, including label setting and xattr
filtration and SELinux implementations of these hooks.
(4) LSM hooks to handle file open and file permission checking for the
instance where a union/overlay file is opened that actually falls through
to a subordinate file (ie. as (2) above) and the SELinux implementation.
(5) An SELinux patch to make a common helper for several functions that need
to determine the label for an inode.
The first two patches can be found here:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=for-viro
And all the patches here:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=overlayfs
Tagged with overlay-pin-20150618.
This is based on part of Al Viro's vfs/for-next branch. However, the security
bits will need to go through the security tree - but after first two patches
are taken through the VFS tree.
David
---
David Howells (8):
overlay: Call ovl_drop_write() earlier in ovl_dentry_open()
overlayfs: Make f_path always point to the overlay and f_inode to the underlay
Security: Provide copy-up security hooks for unioned files
Overlayfs: Use copy-up security hooks
SELinux: Stub in copy-up handling
SELinux: Handle opening of a unioned file
SELinux: Create a common helper to determine an inode label
SELinux: Check against union label for file operations
fs/dcache.c | 5 +
fs/internal.h | 1
fs/open.c | 49 +++++-----
fs/overlayfs/copy_up.c | 12 ++
fs/overlayfs/inode.c | 22 +---
fs/overlayfs/overlayfs.h | 1
fs/overlayfs/super.c | 1
include/linux/dcache.h | 2
include/linux/fs.h | 2
include/linux/security.h | 36 +++++++
security/capability.c | 13 +++
security/security.c | 13 +++
security/selinux/hooks.c | 185 +++++++++++++++++++++++++++----------
security/selinux/include/objsec.h | 1
14 files changed, 254 insertions(+), 89 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists