Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls

[PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-02-11
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · "H. Peter Anvin" <hpa@zytor.com> · 2025-02-11
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · "Arnd Bergmann" <arnd@arndb.de> · 2025-02-11
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-02-18
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Mickaël Salaün <mic@digikod.net> · 2025-02-21
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Paul Moore <paul@paul-moore.com> · 2025-02-22
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-02-24
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Paul Moore <paul@paul-moore.com> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · "Darrick J. Wong" <djwong@kernel.org> · 2025-02-21
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andreas Dilger <hidden> · 2025-02-21
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-02-21
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-02-24
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-02-24
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · "Arnd Bergmann" <arnd@arndb.de> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · "Arnd Bergmann" <arnd@arndb.de> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · "Darrick J. Wong" <djwong@kernel.org> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Pali Rohár <pali@kernel.org> · 2025-02-25
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-02-28
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Pali Rohár <pali@kernel.org> · 2025-03-02
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Jan Kara <jack@suse.cz> · 2025-02-24
Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-02-24

From: Paul Moore <paul@paul-moore.com>
Date: 2025-02-22 00:34:11
Also in: linux-alpha, linux-arch, linux-fsdevel, linux-m68k, linux-mips, linux-s390, linux-security-module, linux-sh, linux-xfs, linuxppc-dev, lkml, sparclinux

On Fri, Feb 21, 2025 at 10:08 AM Mickaël Salaün [off-list ref] wrote:

It looks security checks are missing.  With IOCTL commands, file
permissions are checked at open time, but with these syscalls the path
is only resolved but no specific access seems to be checked (except
inode_owner_or_capable via vfs_fileattr_set).

Thanks for reviewing the patch and catching this Mickaël.  I agree
with the hooks identified and their placement; it should be fairly
straightforward with only a few lines added in each case.

-- 
paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help