Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp212427pxb;
        Wed, 11 Nov 2020 01:31:22 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzWQbFdgvOvmYZ73VGf3uifbSgZVvk2UCvt9jZjZ404f8I9vmUXzegnTfEHNHdV5w9+en1N
X-Received: by 2002:a17:906:c407:: with SMTP id u7mr24587671ejz.261.1605087082208;
        Wed, 11 Nov 2020 01:31:22 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1605087082; cv=none;
        d=google.com; s=arc-20160816;
        b=SzTMEgrr7UHq3CT6PIUDut+aQGoc0d19Gvr++A5tBzgNxFh4dE/DyyEztHHzyiAJK0
         1Z562ajXPxrNcGuMTw+3PhFLs/NbG/oxTSYmU5qArAc0DFD9yF4JubIXeMS17fl+3N8O
         xP91jGVptpNjCJzE8kPCR6AaVPVJnXv731O1XCU7SZEN13oMAGPlO7WMUHkIk0D9i+BE
         2QR1LC95W3a+sRFru0SQP7iFlfJuTjRxagjJYKkww7I1SpkyALtK0oU+zG0BP7oL0oGk
         WwPHCG+/UOxxbeQzUA1kWjP/7PbVeq/Xma1Sdk6W8RYfftRJLyzE0ofHqu5GTYCJXxSE
         mcdQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=JdRhmjHOtqdZzX5TIAzQD8r5bOZG+Sd2nC9cBD2IGaY=;
        b=YeI/YGMgS57Br08+d5lCPmX0Hzj+U7fKjq4UUK/XL98mey/u5CWtdbcnP5wNQ812N7
         heyRY/DjQVQpJ/gkL8E+bduMG5ZODXCrIAwUtIZGlayOTdTOUsKk9r8Q5K3oYe85u6OJ
         lgeLIB3iAtApB2Nc9UBUYCGD1leCqmsAokrm0m9NtURWBOnf/68veOsCUyITLHytHA05
         ImgqEQxUb4jwU+tFn7TfCvRyppGSAT1tjLZK9FX48e5fQBKd3axKAFGVaMb58iGV63Mh
         /NCkWMd6IdSwi8wKr6+2rTZ2izTPF43UFsWAJKbVGYjozY52bCpTu5onScySrw78UOdU
         HYTw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id 5si1065678edo.577.2020.11.11.01.30.58;
        Wed, 11 Nov 2020 01:31:22 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727107AbgKKJ0b (ORCPT <rfc822;patchstalker@gmail.com>
        + 99 others); Wed, 11 Nov 2020 04:26:31 -0500
Received: from frasgout.his.huawei.com ([185.176.79.56]:2092 "EHLO
        frasgout.his.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726136AbgKKJ03 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 11 Nov 2020 04:26:29 -0500
Received: from fraeml714-chm.china.huawei.com (unknown [172.18.147.226])
        by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4CWK7z0xjbz67KnT;
        Wed, 11 Nov 2020 17:25:03 +0800 (CST)
Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.161)
 by fraeml714-chm.china.huawei.com (10.206.15.33) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1913.5; Wed, 11 Nov 2020 10:26:26 +0100
From:   Roberto Sassu <roberto.sassu@huawei.com>
To:     <zohar@linux.ibm.com>, <mjg59@google.com>
CC:     <linux-integrity@vger.kernel.org>,
        <linux-security-module@vger.kernel.org>,
        <linux-fsdevel@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
        <silviu.vlasceanu@huawei.com>,
        Roberto Sassu <roberto.sassu@huawei.com>
Subject: [PATCH v3 11/11] ima: Don't remove security.ima if file must not be appraised
Date:   Wed, 11 Nov 2020 10:23:02 +0100
Message-ID: <20201111092302.1589-12-roberto.sassu@huawei.com>
X-Mailer: git-send-email 2.27.GIT
In-Reply-To: <20201111092302.1589-1-roberto.sassu@huawei.com>
References: <20201111092302.1589-1-roberto.sassu@huawei.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type:   text/plain; charset=US-ASCII
X-Originating-IP: [10.204.65.161]
X-ClientProxiedBy: lhreml735-chm.china.huawei.com (10.201.108.86) To
 fraeml714-chm.china.huawei.com (10.206.15.33)
X-CFilter-Loop: Reflected
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Files might come from a remote source and might have xattrs, including
security.ima. It should not be IMA task to decide whether security.ima
should be kept or not. This patch removes the removexattr() system
call in ima_inode_post_setattr().

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
---
 security/integrity/ima/ima_appraise.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 00b038941a10..f03cb4b7270d 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -529,8 +529,6 @@ void ima_inode_post_setattr(struct dentry *dentry)
 		return;
 
 	action = ima_must_appraise(inode, MAY_ACCESS, POST_SETATTR);
-	if (!action)
-		__vfs_removexattr(dentry, XATTR_NAME_IMA);
 	iint = integrity_iint_find(inode);
 	if (iint) {
 		set_bit(IMA_CHANGE_ATTR, &iint->atomic_flags);
-- 
2.27.GIT