Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1729951rwb; Thu, 8 Dec 2022 14:39:33 -0800 (PST) X-Google-Smtp-Source: AA0mqf7mlGJD7HbygCQVvpBdLVkJFQpAVaNa89xKYMPkbJrJWH6NVkMOt2easaN/fwCAXofdmiU4 X-Received: by 2002:a17:907:cf48:b0:7aa:ee98:b812 with SMTP id uv8-20020a170907cf4800b007aaee98b812mr3157901ejc.19.1670539173722; Thu, 08 Dec 2022 14:39:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670539173; cv=none; d=google.com; s=arc-20160816; b=B1r4pz1xZ+Q81G+I8amQyrbUQS0ySv73+rr82+AcHtn4cXjD7N2kxMoJ73UdnmqM6y AZ3fIRRBXUH08+V4Ly+F3DYoIuygMDk1P6kvLuZi+kMJuqX9S7jzqE6Fk6X36tewpDLI CLz8dCsRf1AsrDnQTU8cBHT/Dhr/mMw0sd+Vkxv7aIbEbp4bf580iLRLYmjmB7OIsKJ6 kL9l5amUKbqSTMXQzP6zX/ux1+00/NWMTlLff03NugXKAKhV2TRO4ARkzflMxFr0P7sO Bw9LGeKzaxmYa8/QaPhai6OuOZDcz1hcsCIdlDuS+vQl4tkRzTxWQkoE7PC/ultMD6w0 tQcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=2dAILjLP69OS9FOb9YU5vIxnb/ja4jQMKeNfFXNX264=; b=urJtux12ypPcP7c0ifqTLrnR+6xDehjTLpYDH1RGcm6nFmoHssq49x3ZYJkscxqgsC dJQ3/erORqroEEcbwBdXC4tTiSyh63+ls6ZTQyZclK3CTTwWZl/n5fUrjHtsfmrIXmnE TLV4Z1Iw/Fg7e3j4jMFH9lK63l4K6Fa9Pph2w9B1lOjHvxVTz84ubmclfEe4tsIDaqbW eTOT995xkxSTyfh7hqwzR0LQMppZLx7UcTIBxjLabxVKkBdNk5rvv/Su/k17MM+gF/b4 nS1A1mBYIZpD3pZFmaC5Yt5UrXafJf9eybhKdGz4auQm/ycttxb6dnLM3/sI9CQmUxHK lmnQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="PRG2/oNn"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ji22-20020a170907981600b007c118b2d91dsi6430067ejc.248.2022.12.08.14.39.16; Thu, 08 Dec 2022 14:39:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="PRG2/oNn"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230070AbiLHWSP (ORCPT + 73 others); Thu, 8 Dec 2022 17:18:15 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51950 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229942AbiLHWSM (ORCPT ); Thu, 8 Dec 2022 17:18:12 -0500 Received: from sonic307-16.consmr.mail.ne1.yahoo.com (sonic307-16.consmr.mail.ne1.yahoo.com [66.163.190.39]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E84AD6FF1F for ; Thu, 8 Dec 2022 14:18:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1670537891; bh=2dAILjLP69OS9FOb9YU5vIxnb/ja4jQMKeNfFXNX264=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From:Subject:Reply-To; b=PRG2/oNnpGADGD83EeZtPq/kQrBymL9eocf9L0cafJvVP1JXHAZ43YtO0WAU79SFi+c5jCMCbtnjjqyQ4C3elOn/GLvcPzbp+cOkPhFClj0GlKIX15BRHFg96OP6IvRKlMLGkEmT5KnZxKDQ/ST8AjfIIDxnQGA1jFxI8HBdZEyxcXuhJ1mxbCC+RvxlyEoLToW3a6yE1n1eUgFKplpZMTCFla217dTohtfo+VkZJ2RbusnLV6zOeSFHWEXsF9915vzDH3An/ZvFWJ2m7mhp1saagrYiUHysW3IYn6RZatCW2gPARY/RrKF7ZVntHlKtSURn4uNB8ICaDF/3uP5DtQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1670537891; bh=5lRHWOPF5z14iBE75M6AOstxXbLwGCgN+49brGsVQ7j=; h=X-Sonic-MF:Date:Subject:To:From:From:Subject; b=tEfHCtNTBi1uMFSLdThHmzrkDfWfL/7qqnWQysCRr32DQy3BHYfZPYXsFXTUd0+y2pQQ+ARoqDJIV2/jCJYcRkiHt59uNdUz683mJl/3hWCpGu/clzSTCfpRNG+lfda4Lpk8l/ifFra9sVQlCbIs8q/smpP06Ffr1wSOaxM/cwYWFVUtb9MGmj8Rr4R7bDcl6PQW452GHRTy/DdT7+4nWq/qkAsApfp6JiKWm5Jv870Zzpjvaegw1uc6rKSo86P594ExgPXwVdxHxl4sRAraXMm95yMbKQkhOQghvbskHwtCmFeZePrdfTcG5oC3GaR02CZ3mqZZwfpyFxfNUh0M1Q== X-YMail-OSG: O2RLWIEVM1kX0tTMjEkN_jNRv0FV8dAQtxZr6H8HYUI60J6CjCv37XMKD2CQwWN Ddfed.mH_vcnWG2nUNEqsnOreN7jUQTZS8PGx_1jTM9guhW2iIWje_2y7go.FqRYRsFY3ALFMukh a9fZgv_7UgWlKoxViHs2jAfPxFD4qOY_CFmX.RipjeQbbCv_PJumVHQZDLPhDqQK..FEBlgK83Dv AbCLZswRq46xiuYJgNLgSus6GY_nbYVlvPAVHnLV4yl5N_amkbYyGQBFPjABwfKDag9jJrKsStdS h3QkWoehd0UyuvjeEI5DcOo6LmgXjgMH5Bd8m6hQsaRyLeQ4j1pgOy.eTcwgN5oYkR.wDujEcRXB qUI9H5XrplDcZQI_jKkWNF131TepZFlvhW__88GDFZsRaaqkzbQWOzQ6SMdB8QyPEwYuRxWPWXHX xOR1Df3G4e9g9GE.7hXxnikp3oEImNX.woH4PRXUppDnSS2jmmG9sTxUIDV.yYG0Xmidc7JJGNvD IbxlJMkNAywH.GXUVlqxWBdt4nvki3HO8TX3egWbQqOY3i8Iag2V0c66UeQPuGaRQt4sMiCiGNLb o0nmGKZVeFKdM4Wl9UGBUFo63OO.dmAgpxFXgfjVWbIDIn_UK2PhjKzkMA1VyVpP6AgUVI0WVFhJ 6BHe354D50k2fHcrJd90t7hILF1Ipy3Xii5yAYbsMF8viZNx.SgnJ2MHYU2CkB6xNlWQF1gJi.bj Vt6Uungp4S3T4ocKujUlhH4uFqT.SLxvTib5q6X5a.l9Jv5R.3teQh27uOTs34fd4kosf7cWUBVx 82Eye6jsvatVpodREn9DIP1NqqaMWRkVmI7RLr67acpm3uLKrDPYrfIat6hFDyugpbTyEvnyVcLn OKCRKTXHavjiVVIkltCons.VnituJj6tSa6MECu..JCDZVvaMytU3JkRnTFs6dlefFTjb8ATp0Rz CYqYBGonBNLn3nnMLl2ZDI1l8Xd0WaFvh6JyuPl982QByrPHXFt6dUzR2sQeyhWQEglxIRElDKvU N8Ybe.ctuIfMcymEWpGWK0AAZWcWJqLXGsLeam02_C3sIPufZJByE2cUhpHs9CZropstg98r0jrm o93Zn910CuVR7CrxKvX5LvZswqEjil_23rBgc6IvzBNALYMhMCvRKPskZ4LGWo3HVpq7Q.S9e768 zqIjFOiV5YBlII2OJ5_khv32rhg0jIsuM16asnWksK_75TtAFLMF.nzGMYtcl.7dhuGOxJXEErp1 XXG5ucvON7T5lO9PZ7s0YqCOFxlAnYjy9_01G5Geo9OgeBbEuL0kCS8B4.F65I4I0RgboxYghWFa YtpkPIqkykPBGMhHFC3cgb8VZGFJrlosCfufPwnb2J.SCLZ6Va4xyWl4BKsBHvoULYLYAdJ_YGOk e1XUc1oVudyPcd_8vA9ngXAc.8gmvVHFybXZEFuEbhSOtyr21kry8Fv4wvmlhLKU704duD4TjAQP roYswyak9xhl7kHoaUHGZTPrGT21gMerg732sAspOtWXCIPyc6M6kXh4PmbgEmgn6Vo1XK9u.OBm Rujl2YaBeJU1KN1tpPDD9470OclWeuo66lc6ru.Q2hmjrVCLTv.fwjFBsdyZzAc26I4dxMC5F.eo qUakh_GR0UTa0r9p8WkVOPqEtlsgJWVV38V1KsdkeFBtJb.dNDLzCiNsl4glbFe.qwV2F2pdSsiD pBN08wNBpk7xAm5uW2nzHybDO8AxWwrf20K8PPbGZ3QrQNn25J4fcCOhSuTQGzlC8puv42yMH8Ia b8Z9ZZNU91ovq.g77l4kgCVKg2LCSlnhaONutWcF_m9qcGsbbGsSbrNSvRQFlbwu1_HSpy70rue7 xnUtScSindofW98pEsvan.3HSln27hhuAauxvzwpI6rj.2kx_oQFrLg7a4WctSXA4ZIrLc97D61H GBw6IJWDaXASSSyskHvT52sJ_EM.V14upipGr2OVGxCpJiDBC89ViRgX5XFAnxXY2R2d8.exVEdm 5N35uUNjYgt1Rzx24TlKnngNBC6TKJiHaG2o.HDobZKbprGhafgYqt.LoNa_fBQ9bZsBpBFYmXNN fVCDRYe6jAXUzuzvKnGRjVhOY902iVmsF5mvRJ4SErdLUNMNzPmvMFpAh0aJiCvanm1eg5T7CrOJ TpPIEt1zu2st9oeVZF_R9Yzv0Vwj2KuRJ_FDgDTWSEszmZUG9kqTeJVz6kkE4ABX9GohLtoC0Ck6 YyrpH9x8kRTzlp4R1v9BTfOiJa50F1TIKlEGNWu7RiQ8cEatc2aLxGeccs6yIn3pItrV3ep.Q0op DpcXlYSw9SbSmNn0- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Thu, 8 Dec 2022 22:18:11 +0000 Received: by hermes--production-gq1-d898c4779-66ldg (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID e4990e6f66164b6f2d176bcbbed58160; Thu, 08 Dec 2022 22:18:07 +0000 (UTC) Message-ID: <8d14fcbe-baab-4678-beb1-4f8ff6171eec@schaufler-ca.com> Date: Thu, 8 Dec 2022 14:18:06 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.5.1 Subject: Re: [PATCH v2 2/2] lsm: Add/fix return values in lsm_hooks.h and fix formatting Content-Language: en-US To: Paul Moore , Roberto Sassu Cc: David Howells , omosnace@redhat.com, john.johansen@canonical.com, kpsingh@kernel.org, bpf@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Roberto Sassu , casey@schaufler-ca.com References: <20221128144240.210110-1-roberto.sassu@huaweicloud.com> <20221128144240.210110-3-roberto.sassu@huaweicloud.com> <7225e76c09c7ff68937e37ee041fefdd6ccac1c8.camel@huaweicloud.com> <0682348d9601ca3847ce9ba035e4ab1b586cf712.camel@huaweicloud.com> From: Casey Schaufler In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Mailer: WebService/1.1.20926 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12/8/2022 1:59 PM, Paul Moore wrote: > On Thu, Dec 8, 2022 at 4:29 AM Roberto Sassu > wrote: >> On Wed, 2022-12-07 at 14:34 -0500, Paul Moore wrote: >>> On Wed, Dec 7, 2022 at 4:18 AM Roberto Sassu >>> wrote: >>>> For this patch, I saw it is already in lsm/next. Paul, should I do an >>>> incremental patch or change the one in the repo and you force push it? >>>> I would just remove the three lines after the parameters description. >>> Just send a patch against the current lsm/next branch to remove those >>> lines, and please do it ASAP as the merge window opens this >>> weekend/Monday. >> Ok, was about to send but I would need a clarification first. >> >> In mount_api.rst, there is for security_fs_context_parse_param(): >> >> The value pointed to by param may be modified (if a string) or stolen >> (provided the value pointer is NULL'd out). If it is stolen, 0 must be >> returned to prevent it being passed to the filesystem. >> >> Looking at security.c: >> >> hlist_for_each_entry(hp, &security_hook_heads.fs_context_parse_param, >> list) { >> trc = hp->hook.fs_context_parse_param(fc, param); >> if (trc == 0) >> rc = 0; >> else if (trc != -ENOPARAM) >> return trc; >> } >> >> If, as mount_api.rst says, the value is modified by an LSM or stolen, >> should it be passed to other LSMs too? > All of the LSMs should be using fs_parse() in their > fs_context_parse_param() hook to identify the mount options that they > own, skipping those they do not (fs_parse() would return -ENOPARAM in > those cases). I don't believe we currently have any mount options > that are shared across the different LSMs, so I believe this is a > non-issue. There aren't any today. SELinux and Smack are the only LSMs with mount options. Smack mount options all begin with "smack", so it's unlikely there is going to be a future overlap. I'd hate to do the /proc/self/attr/current battle over again, so I recommend that any new LSM that uses mount options be required to use an identifying prefix. I don't see any way that using the same option name for mounts, even if the use is the same, won't end in tears. > > In the future if we ever find the need to share mount options across > different LSMs we will need some additional work to ensure it is > handled properly, but I don't think we need to worry too much about > that now. >