Re: [PATCH v2 14/25] evm: add support for fscaps security hooks

[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
[PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h · Christian Brauner <brauner@kernel.org> · 2024-02-22
[PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
[PATCH v2 02/25] mnt_idmapping: include cred.h · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 02/25] mnt_idmapping: include cred.h · Christian Brauner <brauner@kernel.org> · 2024-02-22
[PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data · Christian Brauner <brauner@kernel.org> · 2024-02-22
[PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · Christian Brauner <brauner@kernel.org> · 2024-02-22
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · Christian Brauner <brauner@kernel.org> · 2024-02-23
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · Roberto Sassu <hidden> · 2024-03-01
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-01
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · Roberto Sassu <hidden> · 2024-03-04
Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-04
[PATCH v2 08/25] xattr: add is_fscaps_xattr() helper · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids · Christian Brauner <brauner@kernel.org> · 2024-02-22
[PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace · Christian Brauner <brauner@kernel.org> · 2024-02-22
[PATCH v2 09/25] commoncap: use is_fscaps_xattr() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 09/25] commoncap: use is_fscaps_xattr() · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 12/25] selinux: add hooks for fscaps operations · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations · Paul Moore <paul@paul-moore.com> · 2024-02-21
Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22
Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations · Paul Moore <paul@paul-moore.com> · 2024-02-22
Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22
[PATCH v2 11/25] security: add hooks for set/get/remove of fscaps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps · Paul Moore <paul@paul-moore.com> · 2024-02-21
Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22
Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps · Christian Brauner <brauner@kernel.org> · 2024-02-23
Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps · Roberto Sassu <hidden> · 2024-03-01
Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-01
[PATCH v2 10/25] xattr: use is_fscaps_xattr() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 10/25] xattr: use is_fscaps_xattr() · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 13/25] smack: add hooks for fscaps operations · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 13/25] smack: add hooks for fscaps operations · Casey Schaufler <casey@schaufler-ca.com> · 2024-02-21
Re: [PATCH v2 13/25] smack: add hooks for fscaps operations · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22
[PATCH v2 14/25] evm: add support for fscaps security hooks · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · Roberto Sassu <hidden> · 2024-03-01
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · Christian Brauner <brauner@kernel.org> · 2024-03-01
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · Roberto Sassu <hidden> · 2024-03-01
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · Christian Brauner <brauner@kernel.org> · 2024-03-01
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-01
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · Roberto Sassu <hidden> · 2024-03-01
Re: [PATCH v2 14/25] evm: add support for fscaps security hooks · Roberto Sassu <hidden> · 2024-03-04
[PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks · Paul Moore <paul@paul-moore.com> · 2024-02-21
Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22
Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks · Paul Moore <paul@paul-moore.com> · 2024-02-22
[PATCH v2 20/25] ovl: add fscaps handlers · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 20/25] ovl: add fscaps handlers · Christian Brauner <brauner@kernel.org> · 2024-02-23
Re: [PATCH v2 20/25] ovl: add fscaps handlers · Amir Goldstein <amir73il@gmail.com> · 2024-02-27
Re: [PATCH v2 20/25] ovl: add fscaps handlers · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-27
[PATCH v2 18/25] fs: add vfs_set_fscaps() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 18/25] fs: add vfs_set_fscaps() · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
[PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
[PATCH v2 23/25] commoncap: remove cap_inode_getsecurity() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
[PATCH v2 19/25] fs: add vfs_remove_fscaps() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 19/25] fs: add vfs_remove_fscaps() · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 17/25] fs: add vfs_get_fscaps() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 17/25] fs: add vfs_get_fscaps() · Christian Brauner <brauner@kernel.org> · 2024-02-23
[PATCH v2 24/25] commoncap: use vfs fscaps interfaces · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-04
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-04
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-04
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-04
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Christian Brauner <brauner@kernel.org> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Christian Brauner <brauner@kernel.org> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-03-05
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-06
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Mimi Zohar <zohar@linux.ibm.com> · 2024-03-06
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Roberto Sassu <hidden> · 2024-03-06
Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces · Mimi Zohar <zohar@linux.ibm.com> · 2024-03-06
[PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr() · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-21
Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities · Christian Brauner <brauner@kernel.org> · 2024-02-22
Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities · "Seth Forshee (DigitalOcean)" <sforshee@kernel.org> · 2024-02-22

From: Christian Brauner <brauner@kernel.org>
Date: 2024-03-01 12:54:22
Also in: linux-doc, linux-fsdevel, linux-integrity, linux-unionfs, lkml, selinux

On Fri, Mar 01, 2024 at 10:19:13AM +0100, Roberto Sassu wrote:

On Wed, 2024-02-21 at 15:24 -0600, Seth Forshee (DigitalOcean) wrote:

quoted

Support the new fscaps security hooks by converting the vfs_caps to raw
xattr data and then handling them the same as other xattrs.

Hi Seth

I started looking at this patch set.

The first question I have is if you are also going to update libcap
(and also tar, I guess), since both deal with the raw xattr.

From IMA/EVM perspective (Mimi will add on that), I guess it is
important that files with a signature/HMAC continue to be accessible
after applying this patch set.

Looking at the code, it seems the case (if I understood correctly,
vfs_getxattr_alloc() is still allowed).

To be sure that everything works, it would be really nice if you could
also extend our test suite:

https://github.com/mimizohar/ima-evm-utils/blob/next-testing/tests/portable_signatures.test

and

https://github.com/mimizohar/ima-evm-utils/blob/next-testing/tests/evm_hmac.test

The first test we would need to extend is check_cp_preserve_xattrs,
which basically does a cp -a. We would need to set fscaps in the
origin, copy to the destination, and see if the latter is accessible.

I would also extend:

check_tar_extract_xattrs_different_owner
check_tar_extract_xattrs_same_owner
check_metadata_change
check_evm_revalidate
check_evm_portable_sig_ima_appraisal
check_evm_portable_sig_ima_measurement_list

It should not be too complicated. The purpose would be to exercise your
code below.

Regarding the second test, we would need to extend just check_evm_hmac.

Just realized, before extending the tests, it would be necessary to
modify also evmctl.c, to retrieve fscaps through the new interfaces,
and to let users provide custom fscaps the HMAC or portable signature
is calculated on.

While request for tests are obviously fine they should be added by the
respective experts for IMA/EVM in this case. I don't think it's
appropriate to expect Seth to do that especially because you seem to
imply that you currently don't have any tests for fscaps at all. We're
always happy to test things and if that'd be adding new IMA/EVM specific
features than it would be something to discuss but really we're
refactoring so the fact that you don't have tests we can run is not the
fault of this patchset and IMA/EVM is just a small portion of it.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help