Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3372826pxb; Mon, 16 Nov 2020 12:50:37 -0800 (PST) X-Google-Smtp-Source: ABdhPJza+ELCsiru7j4JhigYfXlTw7yEJNR8Ipxg7tAuOwHWHd3vSdE/8cXxGBZz1A8xzkqkTvpR X-Received: by 2002:a17:906:77cc:: with SMTP id m12mr16032562ejn.139.1605559837436; Mon, 16 Nov 2020 12:50:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605559837; cv=none; d=google.com; s=arc-20160816; b=dTjrcpQMyeVZBV2+hCx/vsiJjFpLLYdprZ7iOUPeFdkwgIn4FuWA1UBzhGgshqnk+b xVbminqVIKLJ2mGuyhj2+ewmIzb1Cawx1Jb1hMMUFwglAjeCxuRgvAfceO4cCUCsDxFk yVYVRnlzLA1t86up8BTLtCkblZ6Z7tIf5uFObEAd2i7asUZGDGVpeBOofBiPn5hT208k moK7hcdq61r2DZ2PUY3wDG+kIHVHpWHIf6nD+QuLYLVBo23jv9Y2fOFkQCRebQX/3sQ7 ltWvLNzQ/xq1sHvTiS1fg+Sj5w/RqC2ukSVwq4OzAX3hDJVc8KydH2aTY7l5ZajgLwyn JbCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=jXhYiraeCvEjgtp4Al1Jja9wRZjk54jdQVNIIz1mtNI=; b=CD+YCJ2p2DDvHfWX3/RUphORsmZqe3ykxUs6JIJiCk8QQ3rwSgVj3dMCLvVHldrsEu qtn0VK7DEzqroSNx1ahInXMAXAIcURGC4Pw7y327QRN4CIOt/Qa2/tYvE7UlxH6Xe4PC 1T/wKhscLVBs9AZ6Jssn/HQB6D1ohB24pfH2MVyMVVtzm6/hv5U9ACwIwaHxWDk2CAFA frSoyXzYmCfzM4bYRmya1tJxUpLDtVY+CYyA+KBMOioCjAWA6YQfikp7eRiJZnKiEnk5 Yco386Dif6VhSPTaBIfiSPetvaMXnssnIpyJ6rQfCyv6uRVZzIfNZNo3SXRbGqhdFHL8 uFZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=DJ4JRqLb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g18si11709453edh.40.2020.11.16.12.50.15; Mon, 16 Nov 2020 12:50:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=DJ4JRqLb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387731AbgKPRll (ORCPT + 99 others); Mon, 16 Nov 2020 12:41:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46494 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387673AbgKPRle (ORCPT ); Mon, 16 Nov 2020 12:41:34 -0500 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE7FFC0613CF; Mon, 16 Nov 2020 09:41:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=jXhYiraeCvEjgtp4Al1Jja9wRZjk54jdQVNIIz1mtNI=; b=DJ4JRqLbCnxL7oV46eew1i513o cuizmUxtJNSsbEo/J7T6unlPPjbVcPfPHf7PEy6C4HL42PdN2meHxNJqdVEh9o6Qd5c3kGMsCRZPY 7DgN1CTRMw9CX90r4EprheOKWoTjCkfD8FGZ/NxD+4ghMRRkbOJM/AFS6IKNsybRVRGEGzy7aA+a5 IKdlZCwL79FzxVE6bFdihZ05OG5Ph3WDVHIV0JmRn6s2T95xG3usEQE8da8xbEyzqPe0E4Se596fY hPSJ/dXtrulN/kouNf7LnzZHhkhqTVzBc7IEPlnbRKoVclBnuq1pjPMlp68L1LoJhR5F9AzO93B/o cZTocpbg==; Received: from hch by casper.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1keiVL-0001Fe-6A; Mon, 16 Nov 2020 17:41:27 +0000 Date: Mon, 16 Nov 2020 17:41:27 +0000 From: Christoph Hellwig To: Linus Torvalds Cc: Mimi Zohar , Christoph Hellwig , Roberto Sassu , "linux-integrity@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "linux-kernel@vger.kernel.org" , Silviu Vlasceanu , "stable@vger.kernel.org" , "viro@zeniv.linux.org.uk" , "linux-fsdevel@vger.kernel.org" Subject: Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash() Message-ID: <20201116174127.GA4578@infradead.org> References: <20201113080132.16591-1-roberto.sassu@huawei.com> <20201114111057.GA16415@infradead.org> <0fd0fb3360194d909ba48f13220f9302@huawei.com> <20201116162202.GA15010@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-SRS-Rewrite: SMTP reverse-path rewritten from by casper.infradead.org. See http://www.infradead.org/rpr.html Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 16, 2020 at 09:37:32AM -0800, Linus Torvalds wrote: > > This discussion seems to be going down the path of requiring an IMA > > filesystem hook for reading the file, again. That solution was > > rejected, not by me. What is new this time? > > You can't read a non-read-opened file. Not even IMA can. > > So don't do that then. > > IMA is doing something wrong. Why would you ever read a file that can't be read? > > Fix whatever "open" function instead of trying to work around the fact > that you opened it wrong. The "issue" with IMA is that it uses security hooks to hook into the VFS and then wants to read every file that gets opened on a real file system to "measure" the contents vs a hash stashed away somewhere. Which has always been rather sketchy.