Re: [PATCH] Security/sysfs: Enable security xattrs to be set onsysfs files, directories, and symlinks.

From: David P. Quigley
Date: Thu Jul 09 2009 - 13:22:49 EST

Next message: Randy Dunlap: "Re: linux-next: Tree for July 6-July 9 (percpu/x86)"
Previous message: Jeff Garzik: "Re: [PATCH 2/4] block: use the same failfast bits for bio and request"
In reply to: Greg KH: "Re: [PATCH] Security/sysfs: Enable security xattrs to be set onsysfs files, directories, and symlinks."
Next in thread: Greg KH: "Re: [PATCH] Security/sysfs: Enable security xattrs to be set onsysfs files, directories, and symlinks."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2009-07-09 at 08:18 -0700, Greg KH wrote:
> On Wed, Jul 08, 2009 at 01:28:26PM -0400, David P. Quigley wrote:
> > --- a/fs/sysfs/sysfs.h
> > +++ b/fs/sysfs/sysfs.h
> > @@ -57,6 +57,7 @@ struct sysfs_dirent {
> > ino_t s_ino;
> > umode_t s_mode;
> > struct iattr *s_iattr;
> > + u32 s_secid;
> > };
>
> Why not just make this a void * like all other security hooks, and then
> you and SMACK can pick and choose what you want to embed here?
>
> thanks,
>
> greg k-h
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/

The issue is that there really aren't any LSM hooks to accommodate that.
I have a few LSM hooks for the Labeled NFS work which could be used for
this but it still requires us to store the full xattr value somewhere
and referencing it in the sysfs_dirent structure. The issue here is that
there are two ways of presenting security information. The first is
through the xattr interface which represents the security information as
an opaque blob which the LSM turns into an internal representation. The
second which is left over from the early days is the secid which I
equate to a file handle. The problem I see is that the opaque blob (the
xattr) is the interface presented to user space. It isn't really used
internally except to turn it into a data structure or to write it to
disk for persistence.

The situation we have with sysfs is that there is no persistence for
labels and the in-core inode maybe evicted so we need a way of
persisting changes from the default label. What is really need here is
a way of persisting the security structure maintained by the LSM. Since
these structures are contained in the LSM the only reasonable
abstraction for this is for the LSM to provide a handle to refer to the
structure. There are two ways of doing this. One is with a large string
(the xattr) and the other is with a light weight handle (the secid).

Dave

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy Dunlap: "Re: linux-next: Tree for July 6-July 9 (percpu/x86)"
Previous message: Jeff Garzik: "Re: [PATCH 2/4] block: use the same failfast bits for bio and request"
In reply to: Greg KH: "Re: [PATCH] Security/sysfs: Enable security xattrs to be set onsysfs files, directories, and symlinks."
Next in thread: Greg KH: "Re: [PATCH] Security/sysfs: Enable security xattrs to be set onsysfs files, directories, and symlinks."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]