[PATCH v4 09/30] security: add get, remove and set acl hook
Paul Moore
paul at paul-moore.com
Thu Sep 29 19:15:24 UTC 2022
On Thu, Sep 29, 2022 at 11:31 AM Christian Brauner <brauner at kernel.org> wrote:
>
> The current way of setting and getting posix acls through the generic
> xattr interface is error prone and type unsafe. The vfs needs to
> interpret and fixup posix acls before storing or reporting it to
> userspace. Various hacks exist to make this work. The code is hard to
> understand and difficult to maintain in it's current form. Instead of
> making this work by hacking posix acls through xattr handlers we are
> building a dedicated posix acl api around the get and set inode
> operations. This removes a lot of hackiness and makes the codepaths
> easier to maintain. A lot of background can be found in [1].
>
> So far posix acls were passed as a void blob to the security and
> integrity modules. Some of them like evm then proceed to interpret the
> void pointer and convert it into the kernel internal struct posix acl
> representation to perform their integrity checking magic. This is
> obviously pretty problematic as that requires knowledge that only the
> vfs is guaranteed to have and has lead to various bugs. Add a proper
> security hook for setting posix acls and pass down the posix acls in
> their appropriate vfs format instead of hacking it through a void
> pointer stored in the uapi format.
>
> In the next patches we implement the hooks for the few security modules
> that do actually have restrictions on posix acls.
>
> Link: https://lore.kernel.org/all/20220801145520.1532837-1-brauner@kernel.org [1]
> Signed-off-by: Christian Brauner (Microsoft) <brauner at kernel.org>
> ---
>
> Notes:
> /* v2 */
> unchanged
>
> /* v3 */
> Paul Moore <paul at paul-moore.com>:
> - Add get, and remove acl hook
>
> /* v4 */
> unchanged
>
> include/linux/lsm_hook_defs.h | 6 ++++++
> include/linux/lsm_hooks.h | 12 ++++++++++++
> include/linux/security.h | 29 +++++++++++++++++++++++++++++
> security/security.c | 25 +++++++++++++++++++++++++
> 4 files changed, 72 insertions(+)
Acked-by: Paul Moore <paul at paul-moore.com>
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list