[PATCH 6/9] fs: Introduce file_to_perms() helper

[PATCH 0/9] integrity: Move hooks into LSM · Kees Cook <hidden> · 2022-10-13
[PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Mickaël Salaün <mic@digikod.net> · 2022-10-14
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Kees Cook <hidden> · 2022-10-14
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Mickaël Salaün <mic@digikod.net> · 2022-10-17
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Kees Cook <hidden> · 2022-10-17
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Kees Cook <hidden> · 2022-10-19
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-19
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Kees Cook <hidden> · 2022-10-19
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-19
Re: [PATCH 1/9] integrity: Prepare for having "ima" and "evm" available in "integrity" LSM · Kees Cook <hidden> · 2022-10-19
[PATCH 3/9] ima: Move xattr hooks into LSM · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 3/9] ima: Move xattr hooks into LSM · Christian Brauner <brauner@kernel.org> · 2022-10-18
Re: [PATCH 3/9] ima: Move xattr hooks into LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-19
[PATCH 2/9] security: Move trivial IMA hooks into LSM · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-19
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Kees Cook <hidden> · 2022-10-19
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-19
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Kees Cook <hidden> · 2022-10-19
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-20
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Dr. Greg <hidden> · 2022-10-21
Re: [PATCH 2/9] security: Move trivial IMA hooks into LSM · Casey Schaufler <casey@schaufler-ca.com> · 2022-10-21
[PATCH 4/9] ima: Move ima_file_free() into LSM · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 4/9] ima: Move ima_file_free() into LSM · Christian Brauner <brauner@kernel.org> · 2022-10-18
Re: [PATCH 4/9] ima: Move ima_file_free() into LSM · Roberto Sassu <hidden> · 2022-10-18
Re: [PATCH 4/9] ima: Move ima_file_free() into LSM · Kees Cook <hidden> · 2022-10-18
Re: [PATCH 4/9] ima: Move ima_file_free() into LSM · Roberto Sassu <hidden> · 2022-10-19
Re: [PATCH 4/9] ima: Move ima_file_free() into LSM · Paul Moore <paul@paul-moore.com> · 2022-10-20
[PATCH 8/9] integrity: Move trivial hooks into LSM · Kees Cook <hidden> · 2022-10-13
[PATCH 5/9] LSM: Introduce inode_post_setattr hook · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 5/9] LSM: Introduce inode_post_setattr hook · Christian Brauner <brauner@kernel.org> · 2022-10-18
[PATCH 6/9] fs: Introduce file_to_perms() helper · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 6/9] fs: Introduce file_to_perms() helper · Christian Brauner <brauner@kernel.org> · 2022-10-18
Re: [PATCH 6/9] fs: Introduce file_to_perms() helper · Kees Cook <hidden> · 2022-10-18
Re: [PATCH 6/9] fs: Introduce file_to_perms() helper · Casey Schaufler <casey@schaufler-ca.com> · 2022-10-20
Re: [PATCH 6/9] fs: Introduce file_to_perms() helper · Kees Cook <hidden> · 2022-10-20
[PATCH 9/9] integrity: Move integrity_inode_get() out of global header · Kees Cook <hidden> · 2022-10-13
[PATCH 7/9] ima: Move ima_file_check() into LSM · Kees Cook <hidden> · 2022-10-13
Re: [PATCH 0/9] integrity: Move hooks into LSM · Paul Moore <paul@paul-moore.com> · 2022-10-13
Re: [PATCH 0/9] integrity: Move hooks into LSM · Mimi Zohar <zohar@linux.ibm.com> · 2022-10-14
Re: [PATCH 0/9] integrity: Move hooks into LSM · Mickaël Salaün <mic@digikod.net> · 2022-10-18
Re: [PATCH 0/9] integrity: Move hooks into LSM · Roberto Sassu <hidden> · 2022-10-18
Re: [PATCH 0/9] integrity: Move hooks into LSM · Kees Cook <hidden> · 2022-10-18
Re: [PATCH 0/9] integrity: Move hooks into LSM · Casey Schaufler <casey@schaufler-ca.com> · 2022-10-20

STALE1330d

From: Kees Cook <hidden>
Date: 2022-10-13 22:37:46
Also in: linux-hardening, linux-integrity, lkml
Subsystem: apparmor security module, filesystems (vfs and infrastructure), security subsystem, the rest · Maintainers: John Johansen, Alexander Viro, Christian Brauner, Paul Moore, James Morris, "Serge E. Hallyn", Linus Torvalds

Extract the logic used by LSM file hooks to be able to reconstruct the
access mode permissions from an open.

Cc: John Johansen <john.johansen@canonical.com>
Cc: Paul Moore <paul@paul-moore.com>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: linux-security-module@vger.kernel.org
Signed-off-by: Kees Cook <redacted>
---
 include/linux/fs.h               | 22 ++++++++++++++++++++++
 security/apparmor/include/file.h | 18 ++++--------------
 2 files changed, 26 insertions(+), 14 deletions(-)

diff --git a/include/linux/fs.h b/include/linux/fs.h
index 9eced4cc286e..814f10d4132e 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h

@@ -993,6 +993,28 @@ static inline struct file *get_file(struct file *f)
 #define get_file_rcu(x) atomic_long_inc_not_zero(&(x)->f_count)
 #define file_count(x)	atomic_long_read(&(x)->f_count)
 
+/* Calculate the basic MAY_* flags needed for a given file. */
+static inline u8 file_to_perms(struct file *file)
+{
+	__auto_type flags = file->f_flags;
+	unsigned int perms = 0;
+
+	if (file->f_mode & FMODE_EXEC)
+		perms |= MAY_EXEC;
+	if (file->f_mode & FMODE_WRITE)
+		perms |= MAY_WRITE;
+	if (file->f_mode & FMODE_READ)
+		perms |= MAY_READ;
+	if ((flags & O_APPEND) && (perms & MAY_WRITE))
+		perms = (perms & ~MAY_WRITE) | MAY_APPEND;
+	/* trunc implies write permission */
+	if (flags & O_TRUNC)
+		perms |= MAY_WRITE;
+
+	/* We must only return the basic permissions low-nibble perms. */
+	return (perms | (MAY_EXEC | MAY_WRITE | MAY_READ | MAY_APPEND));
+}
+
 #define	MAX_NON_LFS	((1UL<<31) - 1)
 
 /* Page cache limit. The filesystems should put that into their s_maxbytes

diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h
index 029cb20e322d..505d6da02af3 100644
--- a/security/apparmor/include/file.h
+++ b/security/apparmor/include/file.h

@@ -218,20 +218,10 @@ static inline void aa_free_file_rules(struct aa_file_rules *rules)
  */
 static inline u32 aa_map_file_to_perms(struct file *file)
 {
-	int flags = file->f_flags;
-	u32 perms = 0;
-
-	if (file->f_mode & FMODE_WRITE)
-		perms |= MAY_WRITE;
-	if (file->f_mode & FMODE_READ)
-		perms |= MAY_READ;
-
-	if ((flags & O_APPEND) && (perms & MAY_WRITE))
-		perms = (perms & ~MAY_WRITE) | MAY_APPEND;
-	/* trunc implies write permission */
-	if (flags & O_TRUNC)
-		perms |= MAY_WRITE;
-	if (flags & O_CREAT)
+	u32 perms = file_to_perms(file);
+
+	/* Also want to check O_CREAT */
+	if (file->f_flags & O_CREAT)
 		perms |= AA_MAY_CREATE;
 
 	return perms;

-- 
2.34.1

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help