lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 1 Feb 2024 10:41:15 -0500
From: Stefan Berger <stefanb@...ux.ibm.com>
To: Amir Goldstein <amir73il@...il.com>
Cc: linux-integrity@...r.kernel.org, linux-security-module@...r.kernel.org,
        linux-unionfs@...r.kernel.org, linux-kernel@...r.kernel.org,
        paul@...l-moore.com, jmorris@...ei.org, serge@...lyn.com,
        zohar@...ux.ibm.com, roberto.sassu@...wei.com, miklos@...redi.hu,
        Christian Brauner <brauner@...nel.org>
Subject: Re: [PATCH 1/5] security: allow finer granularity in permitting
 copy-up of security xattrs



On 1/31/24 08:25, Amir Goldstein wrote:
> On Tue, Jan 30, 2024 at 11:46 PM Stefan Berger <stefanb@...ux.ibm.com> wrote:
>>
>> Copying up xattrs is solely based on the security xattr name. For finer
>> granularity add a dentry parameter to the security_inode_copy_up_xattr
>> hook definition, allowing decisions to be based on the xattr content as
>> well.
>>
>> Signed-off-by: Stefan Berger <stefanb@...ux.ibm.com>
>> ---
>>   fs/overlayfs/copy_up.c            | 2 +-
>>   include/linux/evm.h               | 2 +-
>>   include/linux/lsm_hook_defs.h     | 3 ++-
>>   include/linux/security.h          | 4 ++--
>>   security/integrity/evm/evm_main.c | 2 +-
>>   security/security.c               | 7 ++++---
>>   security/selinux/hooks.c          | 2 +-
>>   security/smack/smack_lsm.c        | 2 +-
>>   8 files changed, 13 insertions(+), 11 deletions(-)
>>
>> diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
>> index b8e25ca51016..bd9ddcefb7a7 100644
>> --- a/fs/overlayfs/copy_up.c
>> +++ b/fs/overlayfs/copy_up.c
>> @@ -114,7 +114,7 @@ int ovl_copy_xattr(struct super_block *sb, const struct path *oldpath, struct de
>>                  if (ovl_is_private_xattr(sb, name))
>>                          continue;
>>
>> -               error = security_inode_copy_up_xattr(name);
>> +               error = security_inode_copy_up_xattr(old, name);
> 
> What do you think about:
> 
>                       error = security_inode_copy_up_xattr(name, NULL, 0);

We need 'old'.
> 
> and then later...
> 
>                       error = security_inode_copy_up_xattr(name, value, size);

Are these parameter used to first query for the necessary size of the 
buffer and then provide the buffer to fill it? Or should the function 
rather take an existing buffer and realloc it if necessary and place the 
value of the xattr into it? Unfortunately this function currently 
returns '1' for 'discard', so returning the size of the xattr value from 
it maybe not ideal but it would require maybe yet another parameter that 
indicates what the size of the xattr value is.

    Stefan

> 
> I am asking because overlayfs uses mnt_idmap(path->mnt) and you
> have used nop_mnt_idmap inside evm hook.
> this does not look right to me?
> 
> Thanks,
> Amir.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ