Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2244998imm; Tue, 10 Jul 2018 16:20:48 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcqTP9Whu4LUcRsF7ppQU+k8y6E7S492CiSzBYmOAI9yBy5hM5PyxoJXdaCJsHSjDGqkR7m X-Received: by 2002:a63:ba43:: with SMTP id l3-v6mr23700261pgu.295.1531264848397; Tue, 10 Jul 2018 16:20:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531264848; cv=none; d=google.com; s=arc-20160816; b=QKA9avRIsYFP+ICLmSnbDuqei5i60dNpFYfRocUQcR9N6KJbS97lkhnpUosr76TM+C /t0Xr9yalOiY0tE6G5brMC1NkuTvA9g2qy/dTbqD99//oHjUhotus/I31+ecJIJ2gVNt U2Z8MZrHghHq9WsUcj+S9XGJ4Zs9nnNoFSs8dkyr8IclXAZV+3NF3bsGYaa+PuD3qrDg wy6J9+eNgrG2kLcmb4GlzX9G8FliU6PPQj1inhZ+ohZ25qBUqDb1TWeRRiP0bMhOg6AJ uw3NjA1Yg9C2g9C8YNqufZR7a08RKlM+aHpUibOWHhebOHVjCThqOgWkw1kwflSJ5KQ9 Udwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:content-id:mime-version :subject:cc:to:references:in-reply-to:from:organization :arc-authentication-results; bh=po7Wl+DhAsG1Odc2fQzw86H+ODeDqsB0fPOeZIe6LeY=; b=nGuwYqluUKKxLGHw71hiVuo5B6QyPB6UQUNj9qMxGod0FUGatvB6aMpLMnLy2dlUjU K/XGNI0mn4IvXGcUPvv60bJsUeZoGr4utFngru2yVgqq0RO92xSX+1SWBgiR/nxdMWcd wC/nWZNGnXeDphYhet/n7oYNl8rKDfBV/RcxuWJEgJOk/YYAU+YpXxapzSMyFOjkNtwE Vev03/I8VxQbeazJEiu9ImqiVcQH7Ko3CvPvaQsxaOBbnbFchU5Eesfg+MJmxxsIVvUG DbRHY5Qwg9UTZarCcrQWQapW4WqMqfKQUqxy6F+gefciX1ZwRatHQgeGGgRlxB7Fh4Fb k4Yg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y7-v6si15981684pgp.551.2018.07.10.16.20.32; Tue, 10 Jul 2018 16:20:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732345AbeGJXVR (ORCPT + 99 others); Tue, 10 Jul 2018 19:21:17 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:41152 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1732291AbeGJXVR (ORCPT ); Tue, 10 Jul 2018 19:21:17 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3393470219; Tue, 10 Jul 2018 23:19:55 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-120-149.rdu2.redhat.com [10.10.120.149]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3B386111AF0A; Tue, 10 Jul 2018 23:19:54 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 From: David Howells In-Reply-To: References: <153126248868.14533.9751473662727327569.stgit@warthog.procyon.org.uk> <153126254346.14533.14191961720018099798.stgit@warthog.procyon.org.uk> To: Casey Schaufler Cc: dhowells@redhat.com, viro@zeniv.linux.org.uk, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, torvalds@linux-foundation.org Subject: Re: [PATCH 08/32] smack: Implement filesystem context security hooks [ver #9] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16479.1531264793.1@warthog.procyon.org.uk> Date: Wed, 11 Jul 2018 00:19:53 +0100 Message-ID: <16480.1531264793@warthog.procyon.org.uk> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Tue, 10 Jul 2018 23:19:55 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Tue, 10 Jul 2018 23:19:55 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'dhowells@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Casey Schaufler wrote: > > Implement filesystem context security hooks for the smack LSM. > > > > Question: Should the ->fs_context_parse_source() hook be implemented to > > check the labels on any source devices specified? > > Checking the label on a block device when doing a mount > is just going to end in tears. If you're remounting from > an already mounted filesystem it might make sense to check > that the new mount doesn't provide greater access than the > existing mount. If the original mount has smackfsdefault="_" > I could see prohibiting the additional mount having > smackfsdefault="*" on a filesystem that doesn't support > xattrs. But that requires that a (hopefully) privileged > process be involved, and we expect them to have a clue. > So no, I don't see it necessary. I think I may have meant the device file rather than the actual device content. David