Re: [PATCH v5 2/7] lsm: introduce new hooks for setting/getting inode fsxattr

[PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Andrey Albershteyn <hidden> · 2025-05-13
[PATCH v5 1/7] fs: split fileattr related helpers into separate file · Andrey Albershteyn <hidden> · 2025-05-13
[PATCH v5 2/7] lsm: introduce new hooks for setting/getting inode fsxattr · Andrey Albershteyn <hidden> · 2025-05-13
Re: [PATCH v5 2/7] lsm: introduce new hooks for setting/getting inode fsxattr · Paul Moore <paul@paul-moore.com> · 2025-05-22
[PATCH v5 3/7] selinux: implement inode_file_[g|s]etattr hooks · Andrey Albershteyn <hidden> · 2025-05-13
Re: [PATCH v5 3/7] selinux: implement inode_file_[g|s]etattr hooks · Paul Moore <paul@paul-moore.com> · 2025-05-22
[PATCH v5 4/7] fs: split fileattr/fsxattr converters into helpers · Andrey Albershteyn <hidden> · 2025-05-13
[PATCH v5 5/7] fs: make vfs_fileattr_[get|set] return -EOPNOSUPP · Andrey Albershteyn <hidden> · 2025-05-13
[PATCH v5 6/7] fs: prepare for extending file_get/setattr() · Andrey Albershteyn <hidden> · 2025-05-13
[PATCH v5 7/7] fs: introduce file_getattr and file_setattr syscalls · Andrey Albershteyn <hidden> · 2025-05-13
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · "Arnd Bergmann" <arnd@arndb.de> · 2025-05-13
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-05-13
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · "H. Peter Anvin" <hpa@zytor.com> · 2025-05-14
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Christian Brauner <brauner@kernel.org> · 2025-05-15
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-05-15
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Christian Brauner <brauner@kernel.org> · 2025-05-19
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Dave Chinner <david@fromorbit.com> · 2025-05-19
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Andrey Albershteyn <hidden> · 2025-05-21
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Pali Rohár <pali@kernel.org> · 2025-05-21
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · "Arnd Bergmann" <arnd@arndb.de> · 2025-05-21
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-05-21
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Andrey Albershteyn <hidden> · 2025-05-21
Re: [PATCH v5 0/7] fs: introduce file_getattr and file_setattr syscalls · Amir Goldstein <amir73il@gmail.com> · 2025-05-21

From: Paul Moore <paul@paul-moore.com>
Date: 2025-05-22 22:26:07
Also in: linux-alpha, linux-api, linux-arch, linux-fsdevel, linux-m68k, linux-mips, linux-s390, linux-security-module, linux-sh, linux-unionfs, linux-xfs, lkml, selinux, sparclinux

On May 13, 2025 Andrey Albershteyn [off-list ref] wrote:

Introduce new hooks for setting and getting filesystem extended
attributes on inode (FS_IOC_FSGETXATTR).

Cc: selinux@vger.kernel.org
Cc: Paul Moore <paul@paul-moore.com>

Signed-off-by: Andrey Albershteyn <aalbersh@kernel.org>
---
 fs/file_attr.c                | 19 ++++++++++++++++---
 include/linux/lsm_hook_defs.h |  2 ++
 include/linux/security.h      | 16 ++++++++++++++++
 security/security.c           | 30 ++++++++++++++++++++++++++++++
 4 files changed, 64 insertions(+), 3 deletions(-)

The only thing that gives me a slight pause is that on a set operation
we are going to hit both the get and set LSM hooks, but since the code
does call into the getter on a set operation this is arguably the right
thing.

Acked-by: Paul Moore <paul@paul-moore.com>

--
paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help