--- v13
+++ v12
@@ -74,14 +74,7 @@
Co-developed-by: Thibaut Sautereau <thibaut.sautereau@ssi.gouv.fr>
Signed-off-by: Thibaut Sautereau <thibaut.sautereau@ssi.gouv.fr>
Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
-Link: https://lore.kernel.org/r/20211007182321.872075-2-mic@digikod.net
---
-
-Changes since v12:
-* Update inode_permission() call to allign with commit 47291baa8ddf
- ("namei: make permission helpers idmapped mount aware").
-* Switch from d_backing_inode(f.file->f_path.dentry) to
- file_inode(f.file).
Changes since v10:
* Add enum definition to syscalls.h .
@@ -186,16 +179,16 @@
opening only regular files during execve()").
---
Documentation/admin-guide/sysctl/fs.rst | 50 ++++++++++++++++
- fs/open.c | 78 +++++++++++++++++++++++++
+ fs/open.c | 77 +++++++++++++++++++++++++
include/linux/fs.h | 1 +
include/linux/syscalls.h | 2 +
include/uapi/linux/trusted-for.h | 18 ++++++
kernel/sysctl.c | 12 +++-
- 6 files changed, 159 insertions(+), 2 deletions(-)
+ 6 files changed, 158 insertions(+), 2 deletions(-)
create mode 100644 include/uapi/linux/trusted-for.h
diff --git a/Documentation/admin-guide/sysctl/fs.rst b/Documentation/admin-guide/sysctl/fs.rst
-index 2a501c9ddc55..da7f24f0159f 100644
+index f48277a0a850..c163ae050bdd 100644
--- a/Documentation/admin-guide/sysctl/fs.rst
+++ b/Documentation/admin-guide/sysctl/fs.rst
@@ -48,6 +48,7 @@ Currently, these files are in /proc/sys/fs:
@@ -208,8 +201,8 @@
aio-nr & aio-max-nr
@@ -382,3 +383,52 @@ Each "watch" costs roughly 90 bytes on a 32bit kernel, and roughly 160 bytes
on a 64bit one.
- The current default value for max_user_watches is the 1/25 (4%) of the
- available low memory, divided for the "watch" cost in bytes.
+ The current default value for max_user_watches is the 1/32 of the available
+ low memory, divided for the "watch" cost in bytes.
+
+
+trust_policy
@@ -260,7 +253,7 @@
+https://github.com/clipos-archive/clipos4_portage-overlay/search?q=O_MAYEXEC .
+See also an overview article: https://lwn.net/Articles/820000/ .
diff --git a/fs/open.c b/fs/open.c
-index daa324606a41..6edd61562abe 100644
+index 9af548fb841b..25f63314e105 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -32,6 +32,8 @@
@@ -272,7 +265,7 @@
#include "internal.h"
-@@ -480,6 +482,82 @@ SYSCALL_DEFINE2(access, const char __user *, filename, int, mode)
+@@ -482,6 +484,81 @@ SYSCALL_DEFINE2(access, const char __user *, filename, int, mode)
return do_faccessat(AT_FDCWD, filename, mode, 0);
}
@@ -299,7 +292,7 @@
+ f = fdget(fd);
+ if (!f.file)
+ return -EBADF;
-+ inode = file_inode(f.file);
++ inode = d_backing_inode(f.file->f_path.dentry);
+
+ /*
+ * For compatibility reasons, without a defined security policy, we
@@ -344,8 +337,7 @@
+ mask |= MAY_READ;
+ }
+
-+ err = inode_permission(file_mnt_user_ns(f.file), inode,
-+ mask | MAY_ACCESS);
++ err = inode_permission(inode, mask | MAY_ACCESS);
+
+out_fd:
+ fdput(f);
@@ -356,10 +348,10 @@
{
struct path path;
diff --git a/include/linux/fs.h b/include/linux/fs.h
-index e7a633353fd2..c6e60509fbfd 100644
+index 8667d0cdc71e..197d089932d1 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
-@@ -86,6 +86,7 @@ extern int sysctl_protected_symlinks;
+@@ -83,6 +83,7 @@ extern int sysctl_protected_symlinks;
extern int sysctl_protected_hardlinks;
extern int sysctl_protected_fifos;
extern int sysctl_protected_regular;
@@ -368,18 +360,18 @@
typedef __kernel_rwf_t rwf_t;
diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
-index 252243c7783d..8a69a6b1c1ef 100644
+index 37bea07c12f2..2f29e88d36b3 100644
--- a/include/linux/syscalls.h
+++ b/include/linux/syscalls.h
-@@ -71,6 +71,7 @@ struct open_how;
- struct mount_attr;
- struct landlock_ruleset_attr;
- enum landlock_rule_type;
+@@ -68,6 +68,7 @@ union bpf_attr;
+ struct io_uring_params;
+ struct clone_args;
+ struct open_how;
+enum trusted_for_usage;
#include <linux/types.h>
#include <linux/aio_abi.h>
-@@ -461,6 +462,7 @@ asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len);
+@@ -429,6 +430,7 @@ asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len);
asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode);
asmlinkage long sys_faccessat2(int dfd, const char __user *filename, int mode,
int flags);
@@ -412,10 +404,10 @@
+
+#endif /* _UAPI_LINUX_TRUSTED_FOR_H */
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index 083be6af29d7..77ca76b5fe02 100644
+index afad085960b8..b33b63a8388c 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
-@@ -115,6 +115,7 @@ static int sixty = 60;
+@@ -113,6 +113,7 @@ static int sixty = 60;
static int __maybe_unused neg_one = -1;
static int __maybe_unused two = 2;
@@ -423,7 +415,7 @@
static int __maybe_unused four = 4;
static unsigned long zero_ul;
static unsigned long one_ul = 1;
-@@ -936,7 +937,6 @@ static int proc_taint(struct ctl_table *table, int write,
+@@ -887,7 +888,6 @@ static int proc_taint(struct ctl_table *table, int write,
return err;
}
@@ -431,7 +423,7 @@
static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
void *buffer, size_t *lenp, loff_t *ppos)
{
-@@ -945,7 +945,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
+@@ -896,7 +896,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
}
@@ -439,7 +431,7 @@
/**
* struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure
-@@ -3357,6 +3356,15 @@ static struct ctl_table fs_table[] = {
+@@ -3301,6 +3300,15 @@ static struct ctl_table fs_table[] = {
.extra1 = SYSCTL_ZERO,
.extra2 = &two,
},
@@ -456,5 +448,5 @@
{
.procname = "binfmt_misc",
--
-2.32.0
-
+2.29.2
+