[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAHC9VhQ_w6uaOAKCj6mx7n7SNjk4d7vcUb3Bd6Wybx_1dA=ttQ@mail.gmail.com>
Date: Thu, 28 Mar 2024 09:03:46 -0400
From: Paul Moore <paul@...l-moore.com>
To: Roberto Sassu <roberto.sassu@...weicloud.com>, Christian Brauner <brauner@...nel.org>
Cc: Roberto Sassu <roberto.sassu@...wei.com>, Al Viro <viro@...iv.linux.org.uk>,
Steve French <smfrench@...il.com>, LKML <linux-kernel@...r.kernel.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>, CIFS <linux-cifs@...r.kernel.org>,
Paulo Alcantara <pc@...guebit.com>, Christian Brauner <christian@...uner.io>,
Mimi Zohar <zohar@...ux.ibm.com>,
"linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>
Subject: Re: kernel crash in mknod
On Thu, Mar 28, 2024 at 8:07 AM Christian Brauner <brauner@...nel.org> wrote:
> On Thu, Mar 28, 2024 at 01:24:25PM +0200, Roberto Sassu wrote:
> > Also, consider that the pre hook security_path_mknod() has the dentry as
> > parameter. For symmetry, we could keep it in the post hook.
>
> I think that's not that important.
It is important to me. If you change security_path_post_mknod() to
take an inode, please also change security_path_mknod() to take an
inode ... actually, looking quickly at the code it looks like at least
AppArmor and TOMOYO make use of the dentry and not just the associated
inode. I didn't dive deeply into either so perhaps they could be
modified to use an inode instead, but that is a decision I would leave
up to John and Tetsuo. While Landlock does make use of the hook, it
doesn't look like it cares about anything in the dentry.
With that in mind, unless Christian has a strong argument as to why
security_path_post_mknod() must change its parameter from a dentry to
an inode, I would very much prefer to have both hooks continue to take
a dentry, unless we all decide they can be safely changed to use an
inode as a parameter. As the previous IMA/EVM hook took a dentry for
years, and Christian originally reviewed/OK'd the LSM hook, I'm
guessing there is not any significant harm in continuing to pass a
dentry, but if that isn't the case please say so ...
Of course this doesn't change anything with respect to the necessary
bugfix and/or the hook name/bikeshedding effort; no objections from me
on either.
--
paul-moore.com
Powered by blists - more mailing lists