[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7812899531b2bd936b25fde8fc2f1c2a6080b2bd.camel@linux.ibm.com>
Date: Mon, 21 Nov 2022 15:54:19 -0500
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Roberto Sassu <roberto.sassu@...weicloud.com>,
dmitry.kasatkin@...il.com, paul@...l-moore.com, jmorris@...ei.org,
serge@...lyn.com, stephen.smalley.work@...il.com,
eparis@...isplace.org, casey@...aufler-ca.com
Cc: linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org, selinux@...r.kernel.org,
reiserfs-devel@...r.kernel.org, linux-kernel@...r.kernel.org,
keescook@...omium.org, nicolas.bouchinet@...p-os.org,
Roberto Sassu <roberto.sassu@...wei.com>,
ocfs2-devel@....oracle.com
Subject: Re: [PATCH v4 2/5] security: Rewrite
security_old_inode_init_security()
On Mon, 2022-11-21 at 10:45 +0100, Roberto Sassu wrote:
> > As ocfs2 already defines initxattrs, that leaves only reiserfs missing
> > initxattrs(). A better, cleaner solution would be to define one.
>
> If I understood why security_old_inode_init_security() is called
> instead of security_inode_init_security(), the reason seems that the
> filesystem code uses the length of the obtained xattr to make some
> calculations (e.g. reserve space). The xattr is written at a later
> time.
>
> Since for reiserfs there is a plan to deprecate it, it probably
> wouldn't be worth to support the creation of multiple xattrs. I would
> define a callback to take the first xattr and make a copy, so that
> calling security_inode_init_security() + reiserfs_initxattrs() is
> equivalent to calling security_old_inode_init_security().
>
> But then, this is what anyway I was doing with the
> security_initxattrs() callback, for all callers of security_old_inode_i
> nit_security().
>
> Also, security_old_inode_init_security() is exported to kernel modules.
> Maybe, it is used somewhere. So, unless we plan to remove it
> completely, it should be probably be fixed to avoid multiple LSMs
> successfully setting an xattr, and losing the memory of all except the
> last (which this patch fixes by calling security_inode_init_security())
> .
>
> If there is still the preference, I will implement the reiserfs
> callback and make a fix for security_old_inode_init_security().
There's no sense in doing both, as the purpose of defining a reiserfs
initxattrs function was to clean up this code making it more readable.
Mimi
Powered by blists - more mailing lists