Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp2852224lqp; Mon, 25 Mar 2024 11:02:08 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXwubPAIQJcec6uCsia5wCSKQYc+/+XtL7fx6suu2YkazKSSS0gVBdYIzlUJ05HtJ23Rvd0BoTHuzIiTX7G/2eDzAnPEf8rqbt708e2Hw== X-Google-Smtp-Source: AGHT+IGzaVRGbOPM7fSF2HHz3DQN18MELzyjcsST103IWslwofqs3RqmUJNSudueUllgeJGadwTm X-Received: by 2002:ac8:594d:0:b0:430:c05c:86ef with SMTP id 13-20020ac8594d000000b00430c05c86efmr10440545qtz.1.1711389728225; Mon, 25 Mar 2024 11:02:08 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711389728; cv=pass; d=google.com; s=arc-20160816; b=i11kN2Oghek+esRtQND9345TjguEumW68+/N2wOGKjqs3K+LTT96p9MBQdX+iqVHuJ qXuVP0LCt9khUOsYJy1foC2nqgjJw7o3pagOBWWSWXy4734ZLkYc5wBZMPq1b76VhG8l fqHr50aE6LWpK9gN3E3IR00wmZCB192eG7PTYH9zJ92hCA5Lz3WVq9u2SAPdEc6HgXiO YKLhyf5V8ObpR9bOMUZqdP3v4ML4/5jBSc9jD3Q4jikF0ISY9fzAYYW0i2GHStFQhZyN NUH//g05ykGoNGDTieTnj/BUJ22z39dFdQj5HgA/3Uec87h5rm87TLV2liYmJ2LmjGx2 6Fng== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=GwFJJMO8Y9QW/VnLPngFZc/sbeBlDHZAU2bsUzRDf74=; fh=VMac1IxNxV1cLcesiPpwa74kjnK3YCU7frdNMZEYNYc=; b=V+CrXBRX6w/zVu43kUn1OQYY644KzPtKk0N2m9XpcTNu617pZ6RHJO24DE+PVi9otM oA+KSZgaHmv+5rhhQBIQk8AT7OBrI9orggF/i8vO4dO6oWRuZurhzZ08zMQuCdCW0A+z ec5t/8WG5B38oglUWerhXd4csHDM4bTkxUduB0wc0LCtjVVad406ZEI/i9Idv5d9hLEp l01mYjxwfn+kcoUg4UFXpS/PnFnqRhestGEGBQETqZHdF4wQy816cwsAMYxGpTMAVMlQ Y3qEIh3mGuxwSCF4uineEe6SuFcL13+H2e8MSY5ImOQ0OqUsL66sSAxXNF4jQuiJBApL h/ZQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=YTTx+L+K; arc=pass (i=1 spf=pass spfdomain=paul-moore.com dkim=pass dkdomain=paul-moore.com dmarc=pass fromdomain=paul-moore.com); spf=pass (google.com: domain of linux-kernel+bounces-117583-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-117583-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id cm17-20020a05622a251100b004310daef2a0si6257824qtb.442.2024.03.25.11.02.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Mar 2024 11:02:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-117583-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=YTTx+L+K; arc=pass (i=1 spf=pass spfdomain=paul-moore.com dkim=pass dkdomain=paul-moore.com dmarc=pass fromdomain=paul-moore.com); spf=pass (google.com: domain of linux-kernel+bounces-117583-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-117583-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id EE9B01C3B5CB for ; Mon, 25 Mar 2024 18:02:07 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D5CDB2208E; Mon, 25 Mar 2024 17:21:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="YTTx+L+K" Received: from mail-yw1-f171.google.com (mail-yw1-f171.google.com [209.85.128.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2D8114C89 for ; Mon, 25 Mar 2024 17:21:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.171 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711387293; cv=none; b=RblyGhW2YsQM4NcJdHDY7/E8AJOlVAkpBcbNdN+tyxtbiy9ffXSkfTF2AIZBTD+G/4izmUfbwr31uvZxw/0rRBAm8yYx3uYwXxvsi9vUVF+0Se9/aNQUV99ymIdwzfbyjgzjqRmNM5v8nsiT6T2eVB1AXnNKFUFkysOoEmI1KPs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711387293; c=relaxed/simple; bh=viw5DHYPaObU3U7ujOkzz6hhRTbM8dWi+h/TUtfWHlA=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=eCejj4i1Wfff3UI01f0BrVCod5flFNQLmbKkmNpoyL4GO2jCVLrYKat8PvAXEcSD9i/M040Vb9o1AuBAALHNA59pH3nLSiyQU8BYW0fty5L2gj9e+b8bWfftdst8ywPvqNDdxKgzGWmvBgwK8xKytxCrBTtRWzWLJIVN6OC/578= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=YTTx+L+K; arc=none smtp.client-ip=209.85.128.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Received: by mail-yw1-f171.google.com with SMTP id 00721157ae682-609f1b77728so50897817b3.3 for ; Mon, 25 Mar 2024 10:21:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1711387291; x=1711992091; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=GwFJJMO8Y9QW/VnLPngFZc/sbeBlDHZAU2bsUzRDf74=; b=YTTx+L+KKPuBuhxnpXHeUOcGt8Uppef+zkahssJep2AgGWDOHljab1Iv+i3+xFKuEQ AedEqMLV30CVEKseuJCHYMatq/Ao2y29L0rUJ/y7WWgFwHUe9PpUHunZ0iHX7A3pHnVA bu+44E6/EZhSswDywqaK86dGhvY9Ne0QGdhC8bSojLoMxA/AJuRS3IISZG8MOubOfM+q rdiBpQSaVfzt8dRjM3VzPOaEQYn5HnGWC4oRHoIodImVh35IF/sB0aDxFU8YcIo55Px3 7iXnPO+oqSCFJb9yS5+/Yewcix0r84Fss4uSeJa9ycsUQo1W/6GTX8cds+XLTV+2DNZS y+vA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711387291; x=1711992091; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GwFJJMO8Y9QW/VnLPngFZc/sbeBlDHZAU2bsUzRDf74=; b=cILUxpSv0EjxaqrcSliOTHvuaZYI/viHcetfw5LQ8hdeB1G75h4jS5hHn3Zb6QbMc9 QRkM3KxeZgM7aWFVelrE6Lf43J4e6L67/NLOE2OKFrZONq2q89c5IIobuCrqU9SsB979 A2HPTKPsHaaIe6MX/fFKUt0vLquwUf5IA5zYySRh9PfWob2HJ3tToNoTwxaO4E2oeu4q 9Prt3s2vlTr4qFWFN9CIakl/f6hN7Au9h3qIv77N1aLn4G22euWpqI639Wn2pEVEPDxq tjfzAiq6xbs4wmCYBFXC1K8Zc2SKrgTyyzHRvplxjJQXh5V8j6xEDyrTgzC2WBvqQJOf aHXw== X-Forwarded-Encrypted: i=1; AJvYcCXuWuTHbNnzW21rTKCjam2SUJd9F3FAE/OhOkcFFJyDqlbrmf7FUdpski/0JwV10h+QnFAmJ5dw+T7iZqhAdgvHwwybZE4akNoDMhee X-Gm-Message-State: AOJu0Yxx+W9dgay4HxzhOFgAFH9hi50uNPSuZ/RnTHw/DC3TAMHXdyoJ Ubmx6nN0J5roF1YJmzqUkTUwaD1uyY8qSdh0lfVQ/g6OW+HORKLoh08N9U/7/z8eUUMYriY+RQW HN//Ryl/9xrymngx6KNoRFIMdNiSlHFn8YizK X-Received: by 2002:a81:a10e:0:b0:60f:e8ca:4959 with SMTP id y14-20020a81a10e000000b0060fe8ca4959mr6688036ywg.18.1711387291265; Mon, 25 Mar 2024 10:21:31 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240324054636.GT538574@ZenIV> <3441a4a1140944f5b418b70f557bca72@huawei.com> <20240325-beugen-kraftvoll-1390fd52d59c@brauner> In-Reply-To: <20240325-beugen-kraftvoll-1390fd52d59c@brauner> From: Paul Moore Date: Mon, 25 Mar 2024 13:21:20 -0400 Message-ID: Subject: Re: kernel crash in mknod To: Christian Brauner Cc: Roberto Sassu , Al Viro , Steve French , LKML , linux-fsdevel , CIFS , Paulo Alcantara , Christian Brauner , Mimi Zohar , "linux-integrity@vger.kernel.org" , "linux-security-module@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Mar 25, 2024 at 12:06=E2=80=AFPM Christian Brauner wrote: > I'm a bit confused now why this is taking a dentry. Nothing in IMA or > EVM cares about the dentry for these hooks so it really should have take > an inode in the first place? I don't want to speak for Roberto or Mimi here, but this LSM hook was intended to replace the dedicated ima_post_path_mknod() hook as I wanted to see IMA/EVM integrated as proper LSMs so we could so away with all of the special IMA/EVM hooks and treat everything as a LSM. Part of this was creating new LSM hooks where historically we only had a IMA and/or EVM hook, the security_path_post_mknod() hook is such a case (e.g. /ima_post_path_mknod/security_path_post_mknod/) and the new LSM hook kept the same parameters as the old IMA hook. Yes, you are correct that neither IMA and EVM do anything with the dentry other than looking at the associated inode. I'm not the IMA/EVM expert in this thread, but I suspect this is simply an old vestige of former code, or perhaps an "optimization" to avoid having to fetch the inode pointer in cases where IMA/EVM was not enabled (although it is used in the vfs_create() call directly above, so who knows ... > And one minor other question I just realized. Why are some of the new > hooks called security_path_post_mknod() when they aren't actually taking > a path in contrast to say > security_path_{chown,chmod,mknod,chroot,truncate}() that do. Once again, think of this as a /ima_post_path_mknod/security_path_post_mknod/ type of replacement and you have your answer. That said, I'm not really against bikeshedding LSM hook names if people want to do that, it's not a stable protected API so while we try to keep it stable~ish simply for our own sanity, I'm happy to see it changed if everyone agrees it makes sense. --=20 paul-moore.com