Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1717970rwb; Thu, 8 Dec 2022 14:28:39 -0800 (PST) X-Google-Smtp-Source: AA0mqf5G74VIOEiPzO0m2hbcVe1fWGNjTJAJtcXz0wGQkKMSI3dCoJp8JZVHiBxPEaGnGhDbeLKA X-Received: by 2002:a17:907:d40c:b0:7c0:8a2c:8883 with SMTP id vi12-20020a170907d40c00b007c08a2c8883mr3397080ejc.56.1670538519140; Thu, 08 Dec 2022 14:28:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670538519; cv=none; d=google.com; s=arc-20160816; b=qeroLweW2ES0KNyuK+EyPYRSGiG/0WiedBDRnzeaKTwmE6giuQLnTpAj3UP3vNA8ub PQOPQTrQQdTE0Ly/juZi9vmk2SL5bNwz+oAI1pwys6ZBfnbsrOGABj9CJms28entpP7k FOzHKuhROrv27pCfZk11WDkWuH1AltLQ/T+a5gCZ9pyK5q/Ed7Z7/3PGc1biQ9rQJHtS EOfPs7UKJQwHCCgOCKwpQfzF83pmY742xnN4WOf9fA+doaK9WpOG73BNeOl0ihoGswT9 fb74YE0i6VBmumndq6za0L+rPMr/zuq/g8jAEkJ8b6kmCGuE7eNLuYUbfE4kTgxp3URF Az5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=g16i19egww1EdjGD+zRuacsquJsxBwloaiWcEoNVR9E=; b=rj1GrQs+17N6mh5DGAmaEHNLSuDObqhn8jQ6IJJwfJix8bjdlHuqvMyMSyMo3I6HKy n4E30+NUmvwfHZkgAQx116dAHxrSJOtdBGR81erfNZtv9neitGR6locwjfVinXHoECtE /cj1As81QvA4lDRm7vWVszFK6JNbEc8sczdwBKBB27yi25Im5LnftmGcHfuad8JdN4NR L6DIYVEqTTlUYcd8jl51hk6OzDo3fnnqPceqk2xYVDPTDWtmEWZXC6Jogk1y3sYuDRxH k0f8p/a0ppmwhqV9FiGjZmV47+lzP50TtfACf7jIgN1mMIZecrX11nwmC+3Caa2+V5rg JiAQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=WxKa1V6j; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hg2-20020a1709072cc200b007c0d4287966si13633905ejc.423.2022.12.08.14.28.17; Thu, 08 Dec 2022 14:28:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=WxKa1V6j; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230189AbiLHWAC (ORCPT + 74 others); Thu, 8 Dec 2022 17:00:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58936 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230143AbiLHV7c (ORCPT ); Thu, 8 Dec 2022 16:59:32 -0500 Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A52EA658E for ; Thu, 8 Dec 2022 13:59:20 -0800 (PST) Received: by mail-pg1-x531.google.com with SMTP id h193so2249051pgc.10 for ; Thu, 08 Dec 2022 13:59:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=g16i19egww1EdjGD+zRuacsquJsxBwloaiWcEoNVR9E=; b=WxKa1V6jeJxxo14AlfMldjz0WsyEw+FaBx/HybeIBV0TJkD0adijMV0A/4JxP8WNh6 wHL3+5H/cR6dMO4/U9Bj3kTySQO2hGaOxN84MY1dnDEtJeVVTLEN/+Ghq1f81y/Y8VQ8 +jpGyBj0+H2zglyjpVNDov9dNqUix8S8TplAu0AWIuiG2IDr2AppxGmc8rRKnOyKk/t9 9O8I7AGruiBpdU4TohuFxxMEAqqqELsBBENYFcXgWxxAiKqj55M7Z/h3/R8Aor/2poW8 hXR1KKEOQh1uXoRGRkxLyUJpy2O5tXGGzOE9gmf/vYvRXTe+/shARE+/Fhum5MsqgQPF bjVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=g16i19egww1EdjGD+zRuacsquJsxBwloaiWcEoNVR9E=; b=BrBgSk1hF7oTdLca/nKQfQXr9Ud5Cv53gWb8Umbq5NQimX4OmQByr4s5kD0TbdeslW UXvSMUyXvrH0aeMKGv8kF1mk2lbqn2Q0rf24xqMY0tWWZgKl0WdIunG8B1iyYLG3v8kt aA2BNubZ4x2XZmhuduB59NjzRGcDuSVq0FOpoEHCtuHpRGQKRRSYjxH91NSwuTtw7FpL S3b2Rk7UXrkWOMzxwkLazqDvFa+LP7twThIsEAfB/N7XF7kx8l6NJbnfW6a48v7/kL8G 6UQRbokp+5oooVJojnl8979pQyntUSP6A9Ag6yCaqZJp/vSEu4jgE2hfUrQZPxT2rfxB ectg== X-Gm-Message-State: ANoB5plkAtSGEQGvf71LCgL77kH1c41FGDHfD0StURtKhvMMBnKKhrwY dc4qZyPaa4gE2WoIwyG0rR1nhn+9rRf140OuCtcV X-Received: by 2002:a63:1f63:0:b0:460:ec46:3645 with SMTP id q35-20020a631f63000000b00460ec463645mr88685381pgm.92.1670536759965; Thu, 08 Dec 2022 13:59:19 -0800 (PST) MIME-Version: 1.0 References: <20221128144240.210110-1-roberto.sassu@huaweicloud.com> <20221128144240.210110-3-roberto.sassu@huaweicloud.com> <7225e76c09c7ff68937e37ee041fefdd6ccac1c8.camel@huaweicloud.com> <0682348d9601ca3847ce9ba035e4ab1b586cf712.camel@huaweicloud.com> In-Reply-To: From: Paul Moore Date: Thu, 8 Dec 2022 16:59:08 -0500 Message-ID: Subject: Re: [PATCH v2 2/2] lsm: Add/fix return values in lsm_hooks.h and fix formatting To: Roberto Sassu Cc: David Howells , casey@schaufler-ca.com, omosnace@redhat.com, john.johansen@canonical.com, kpsingh@kernel.org, bpf@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Roberto Sassu Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 8, 2022 at 4:29 AM Roberto Sassu wrote: > On Wed, 2022-12-07 at 14:34 -0500, Paul Moore wrote: > > On Wed, Dec 7, 2022 at 4:18 AM Roberto Sassu > > wrote: > > > For this patch, I saw it is already in lsm/next. Paul, should I do an > > > incremental patch or change the one in the repo and you force push it? > > > I would just remove the three lines after the parameters description. > > > > Just send a patch against the current lsm/next branch to remove those > > lines, and please do it ASAP as the merge window opens this > > weekend/Monday. > > Ok, was about to send but I would need a clarification first. > > In mount_api.rst, there is for security_fs_context_parse_param(): > > The value pointed to by param may be modified (if a string) or stolen > (provided the value pointer is NULL'd out). If it is stolen, 0 must be > returned to prevent it being passed to the filesystem. > > Looking at security.c: > > hlist_for_each_entry(hp, &security_hook_heads.fs_context_parse_param, > list) { > trc = hp->hook.fs_context_parse_param(fc, param); > if (trc == 0) > rc = 0; > else if (trc != -ENOPARAM) > return trc; > } > > If, as mount_api.rst says, the value is modified by an LSM or stolen, > should it be passed to other LSMs too? All of the LSMs should be using fs_parse() in their fs_context_parse_param() hook to identify the mount options that they own, skipping those they do not (fs_parse() would return -ENOPARAM in those cases). I don't believe we currently have any mount options that are shared across the different LSMs, so I believe this is a non-issue. In the future if we ever find the need to share mount options across different LSMs we will need some additional work to ensure it is handled properly, but I don't think we need to worry too much about that now. -- paul-moore.com