Message-id: <1441029540.2335.2.camel@samsung.com>
Subject: Re: [PATCH] security: smack: Add support automatic Smack labeling
From: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
To: jonghwa3.lee@samsung.com, Casey Schaufler <casey@schaufler-ca.com>,
        linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org
Cc: james.l.morris@oracle.com, serge@hallyn.com, sangbae90.lee@samsung.com,
        inki.dae@samsung.com
Date: Mon, 31 Aug 2015 15:59:00 +0200
In-reply-to: <55E3F0A2.2070102@samsung.com>
References: <1440640704-21730-1-git-send-email-jonghwa3.lee@samsung.com>
 <1440640704-21730-2-git-send-email-jonghwa3.lee@samsung.com>
 <55E09B2E.3040805@schaufler-ca.com> <55E3F0A2.2070102@samsung.com>
Content-type: text/plain; charset=UTF-8
MIME-version: 1.0
Content-transfer-encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 2057
Lines: 63

On pon, 2015-08-31 at 15:13 +0900, jonghwa3.lee@samsung.com wrote:
> A rule is defined for a process, 'process A',  in smack rule table.
> 
> ...
> Process A    device::A    arwx-
> ...
> 
> The object 'device::A' will be used to a device node that 'process A'
> will access.
> However when the target device node is created  it's labeled with
> default label
> which is inherited from any of filesystem, ancestor,  or creating
> process.
> Let's say the default object label for devtmpfs is '_' which allows
> only read and
> write access. So we need the specific labeling by the authorized
> process as like
> udevd for the devtmpfs.
> 
> In normal, smack label and access control follow the sequences,
> 
> 1. Kernel module driver loaded
> 2. New device node is created  (/dev/aaa ,  '_')
> 3. Udevd gets uevent and appies udev rule (/dev/aaa, 'device::A')
> 4. 'Process A' accesses the device node ('Process A' --->
> 'device::A', MAY_WRITE)
> 5. Access is permitted.
> 
> However, when labeling isn't done in proper time, result will be
> different,
> 
> 1. Kernel module driver loaded
> 2. New device node is created  (/dev/aaa ,  '_')
> 3. 'Process A' accesses the device node ('Process A' ---> '_',
> MAY_WRITE)
> 4. Access is prohibited
> 
> Can this situation be handled in current Smack subsystem?
> If so, could you give me an idea how to handle it.

This doesn't seem to be a Smack problem. This isn't even a kernel
problem. It's userspace race. You should wait for a proper udev event
that notifies after all udev rules are applied.

I think there are 2 udev events. One that notifies that a device has
been added. Second that notifies where all the rules for the device has
been applied. You need to use the second one.


-- 
Lukasz Pawelczyk
Samsung R&D Institute Poland
Samsung Electronics


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/