Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr

[PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-03-21
[PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr · Andrey Albershteyn <hidden> · 2025-03-21
Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr · Paul Moore <paul@paul-moore.com> · 2025-03-21
Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr · Mickaël Salaün <mic@digikod.net> · 2025-03-24
Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr · Andrey Albershteyn <hidden> · 2025-03-27
Re: [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr · Mickaël Salaün <mic@digikod.net> · 2025-03-24
[PATCH v4 2/3] fs: split fileattr/fsxattr converters into helpers · Andrey Albershteyn <hidden> · 2025-03-21
Re: [PATCH v4 2/3] fs: split fileattr/fsxattr converters into helpers · Jan Kara <jack@suse.cz> · 2025-03-27
[PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-03-21
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-03-23
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-03-27
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-03-27
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-04-22
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-04-22
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-04-25
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-04-28
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Jan Kara <jack@suse.cz> · 2025-03-27
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-04-22
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Jan Kara <jack@suse.cz> · 2025-04-23
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Christian Brauner <brauner@kernel.org> · 2025-04-24
Re: [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Andrey Albershteyn <hidden> · 2025-04-24
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-03-23
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Pali Rohár <pali@kernel.org> · 2025-03-23
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-03-27
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Pali Rohár <pali@kernel.org> · 2025-03-27
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-03-27
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Pali Rohár <pali@kernel.org> · 2025-03-27
Re: [PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-03-28

From: Mickaël Salaün <mic@digikod.net>
Date: 2025-03-24 19:27:12
Also in: linux-alpha, linux-arch, linux-fsdevel, linux-m68k, linux-mips, linux-s390, linux-security-module, linux-sh, linuxppc-dev, lkml, selinux, sparclinux

On Fri, Mar 21, 2025 at 05:32:25PM -0400, Paul Moore wrote:

On Mar 21, 2025 Andrey Albershteyn [off-list ref] wrote:

quoted

Introduce new hooks for setting and getting filesystem extended
attributes on inode (FS_IOC_FSGETXATTR).

Cc: selinux@vger.kernel.org
Cc: Paul Moore <paul@paul-moore.com>

Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
---
 fs/ioctl.c                    |  7 ++++++-
 include/linux/lsm_hook_defs.h |  4 ++++
 include/linux/security.h      | 16 ++++++++++++++++
 security/security.c           | 32 ++++++++++++++++++++++++++++++++
 4 files changed, 58 insertions(+), 1 deletion(-)

Thanks Andrey, one small change below, but otherwise this looks pretty
good.  If you feel like trying to work up the SELinux implementation but
need some assitance please let me know, I'll be happy to help :)

quoted

diff --git a/fs/ioctl.c b/fs/ioctl.c
index 638a36be31c14afc66a7fd6eb237d9545e8ad997..4434c97bc5dff5a3e8635e28745cd99404ff353e 100644
--- a/fs/ioctl.c
+++ b/fs/ioctl.c

@@ -525,10 +525,15 @@ EXPORT_SYMBOL(fileattr_fill_flags);
 int vfs_fileattr_get(struct dentry *dentry, struct fileattr *fa)
 {
 	struct inode *inode = d_inode(dentry);
+	int error;
 
 	if (!inode->i_op->fileattr_get)
 		return -ENOIOCTLCMD;
 
+	error = security_inode_getfsxattr(inode, fa);
+	if (error)
+		return error;
+
 	return inode->i_op->fileattr_get(dentry, fa);
 }
 EXPORT_SYMBOL(vfs_fileattr_get);

@@ -692,7 +697,7 @@ int vfs_fileattr_set(struct mnt_idmap *idmap, struct dentry *dentry,
 			fa->flags |= old_ma.flags & ~FS_COMMON_FL;
 		}
 		err = fileattr_set_prepare(inode, &old_ma, fa);
-		if (!err)
+		if (!err && !security_inode_setfsxattr(inode, fa))
 			err = inode->i_op->fileattr_set(idmap, dentry, fa);
 	}
 	inode_unlock(inode);

I don't believe we want to hide or otherwise drop the LSM return code as
that could lead to odd behavior, e.g. returning 0/success despite not
having executed the fileattr_set operation.

Yes, this should look something like this:

 		err = fileattr_set_prepare(inode, &old_ma, fa);
 		if (err)
 			goto out;
 		err = security_inode_setfsxattr(dentry, fa);
 		if (err)
 			goto out;
 		err = inode->i_op->fileattr_set(idmap, dentry, fa);
 		if (err)
 			goto out;

--
paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help