Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp430518pxj; Fri, 11 Jun 2021 02:47:00 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy5ifjgwPaaVGZtr6+ETurTg/1CpbG7J/N8TrGq9mbjiq5f2HCrwxcX4/2bkVKeTPhYg1sI X-Received: by 2002:a17:907:948c:: with SMTP id dm12mr2863887ejc.484.1623404820340; Fri, 11 Jun 2021 02:47:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623404820; cv=none; d=google.com; s=arc-20160816; b=nHJYobBLdZ74q+uj1GhvQNg3S9EdJM/OXZXzNEw7VvTTMxjFeLZhdpLNDQnkPlOHov hsMwylJonR0yHAMNQd78USydTFjqpRzLl5VDoTzNLUeO9ZKeurtTiP1Uqdtnqlo042Zu EQuU1vpw1rnP/xJkq38rcwVnjrhyslugYRf8K0sdPi2ywUWplo07BbxbJr6T2EyzLich dgp3qSn0fRaDBfiTsphM6vT4I1sipZhg7HnBDAgrdrC84vj0wiFCJZMtWb1aJSD1XBs3 iW42A85ng3xMdDfNDzlf9cKlSrd8PSnRn8Oo0rLxomlPf0DD39VbLQ/UWVjb9hiy5+bm 8YAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :content-language:accept-language:message-id:date:thread-index :thread-topic:subject:cc:to:from; bh=/nCcfih4jyF63Ob0yoSuDFrd7dMIyVxTnziZ/SDwwqA=; b=zCKM6w1jSV5NCLT0ihXZP5I06/9KMiGZ9wOi7iodksTDZvYCN39ZEPCJ4XMAKP984d 0oPL5lR6Lb0Je/PvxhYCFiq1by8lNdtKZVMFEfqvkSv+aOQTnEJtsZz8uIvIRerna83F DF+K/RBlvFojoGDlbBwApzu8mPiJIhb85zB3AJ6AYEYS6dtMzySjtvv7fxxCpB4iABRe ZD3Fv/hdvGXp5qy5x5/BEuN16EbuQes0iGEgb9EdOpPLtvoDKb/REy0gkEXFqzGGdStp G4dO8JRKpCRP4AzLPzeErAvPUGl8k4EqR779wVIk/mqCgpCGs27IgfewKfNP/hsqlGYW Gkxg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m22si4610483edv.69.2021.06.11.02.46.37; Fri, 11 Jun 2021 02:47:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231187AbhFKJqE convert rfc822-to-8bit (ORCPT + 99 others); Fri, 11 Jun 2021 05:46:04 -0400 Received: from frasgout.his.huawei.com ([185.176.79.56]:3206 "EHLO frasgout.his.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230356AbhFKJqD (ORCPT ); Fri, 11 Jun 2021 05:46:03 -0400 Received: from fraeml714-chm.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4G1bKC0QxMz6L777; Fri, 11 Jun 2021 17:34:39 +0800 (CST) Received: from fraeml714-chm.china.huawei.com (10.206.15.33) by fraeml714-chm.china.huawei.com (10.206.15.33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Fri, 11 Jun 2021 11:44:03 +0200 Received: from fraeml714-chm.china.huawei.com ([10.206.15.33]) by fraeml714-chm.china.huawei.com ([10.206.15.33]) with mapi id 15.01.2176.012; Fri, 11 Jun 2021 11:44:03 +0200 From: Roberto Sassu To: "viro@zeniv.linux.org.uk" , Mimi Zohar , "paul@paul-moore.com" , "Stephen Smalley" , "casey@schaufler-ca.com" , Stefan Berger CC: "linux-integrity@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "selinux@vger.kernel.org" Subject: Size mismatch between vfs_getxattr_alloc() and vfs_getxattr() Thread-Topic: Size mismatch between vfs_getxattr_alloc() and vfs_getxattr() Thread-Index: AddepfVXRzZV65zDQYWfY30E1Ui8ng== Date: Fri, 11 Jun 2021 09:44:03 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.221.98.153] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8BIT MIME-Version: 1.0 X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello the ima-evm-utils tool discovered an issue doing signature verification of xattrs. On kernel side, EVM reads the xattr value with vfs_getxattr_alloc(), which gets the value directly from the xattr handler. On user side, ima-evm-utils reads the value with the lgetxattr() system call, which gets the value from LSMs. There is a corner case, where security.selinux is set directly with setfattr without adding \0 at the end. In this case, the kernel and the user see different values due to the fact that the former gets the raw value from the xattr handler, and the latter gets the value normalized by SELinux (which adds \0). I found that originally also lgetxattr() was getting the value from the xattr handler. This changed with: commit 4bea58053f206be9a89ca35850f9ad295dac2042 Author: David P. Quigley Date: Mon Feb 4 22:29:40 2008 -0800 VFS: Reorder vfs_getxattr to avoid unnecessary calls to the LSM which directly calls LSMs for security.* xattrs. Given that this patch is there for a long time, I would ask if it makes sense to fix this issue. The way I would do it is to check if the size returned by the xattr handler is the same of the size returned by LSMs. If not, I would get the value from the xattr handler. Although this change does not check the xattr content, it is sufficient to fix the issue. Any opinion? Thanks Roberto HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Li Jian, Shi Yanli