Received: by 2002:ab2:1149:0:b0:1f3:1f8c:d0c6 with SMTP id z9csp2766250lqz; Wed, 3 Apr 2024 08:04:46 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVU48dtItZiG/3NXXOhxYeXPYS1eOaHQidETsvSh1QBxLC1N4oyTRMRbKhrzTqGnD/FcYrw8gia78+S/CkPT3zSbyulSQVqJZdQ8go6IA== X-Google-Smtp-Source: AGHT+IHZYmmsMEos3XLzT49eYQPgamw6RFs+UJnFtKwZnok1EZE3rMxJW5GybjltKnzJT1TxxtAe X-Received: by 2002:a05:6a20:9143:b0:1a3:b155:1cd2 with SMTP id x3-20020a056a20914300b001a3b1551cd2mr3531040pzc.10.1712156686506; Wed, 03 Apr 2024 08:04:46 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712156686; cv=pass; d=google.com; s=arc-20160816; b=hLb8YmqBydIIrwFxNHUzovKFYegU05IQruPxj0qCPadTKkC2/J1SCLZRLO64IM4VnT Yxb8PT7l6nJmsmBJ5KciZY87g4+iuRKXo6m2TmO8/k3YP6Fwm9RV8F0X2ZdgMT1WNXUt z5Fn+Ai1HlkNxJIBiCKr97KnMa+HIgyEwgB+cJOjPk3LCUtYFMa7xCLctmXx4RCZcY/E rojEoxdtUeUB5BIO0JpLs1PMzHIeourbl1S0Xy/ToNQQM+WepQ9+fjO3fzOXVWJkD9u6 dNiUeR0SkZULvYM58c6cfo22zgeQdIeWf+xCpF88uyZa3vvg0gkZrLVvGL8YHDgGvCqF dwvA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=oB/QZCIJNsw+4xmf5zobnrRWsDWTsJXOON4ReH8dtVg=; fh=ZvC4YNbxNs3JTUrE2w5O/tUFfvU/NQAeyCC5IGk1z3g=; b=fq0VGlr5yUsNvdUh+Wl9fRtQhWDE3yoNO+D69WaKtgQGz+Ifmoh9aGb+yYmMI2JyNk LAXG9mvXa0RXvrvwvWOK2tvWSkeBvGHtpdFRGbQGk9wRYdTamteF/g8O/EI9hTjAtCHk AkVbBmJDnPduCmTJm9vGWmco4+Ty9noinj9uMYdSVs5H+F+RBJ6fadvhNaMRDwELW8H6 p+2bkFKgKXxpMKUvYVBYixxgHD6pXyJ56zoqt4Zsni1DXsRQ3LU1VO8tBUatiKPXuaeC a1AaL87Aops2xI7qj04RwMIelD1nceUmwWqQDHmwa7yMhAwOtZQ772I+7nbFkHzAtK7H azkQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=GMcWIfYr; arc=pass (i=1 spf=pass spfdomain=paul-moore.com dkim=pass dkdomain=paul-moore.com dmarc=pass fromdomain=paul-moore.com); spf=pass (google.com: domain of linux-kernel+bounces-130023-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-130023-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id o10-20020a656a4a000000b005f05c950b97si14006482pgu.101.2024.04.03.08.04.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Apr 2024 08:04:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-130023-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=GMcWIfYr; arc=pass (i=1 spf=pass spfdomain=paul-moore.com dkim=pass dkdomain=paul-moore.com dmarc=pass fromdomain=paul-moore.com); spf=pass (google.com: domain of linux-kernel+bounces-130023-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-130023-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 3714D28DAC4 for ; Wed, 3 Apr 2024 15:03:40 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id F3A4814A092; Wed, 3 Apr 2024 15:03:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="GMcWIfYr" Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A599F148FE8 for ; Wed, 3 Apr 2024 15:03:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.176 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712156586; cv=none; b=qOd4VhlBDDfOFiTj4xI0IWtZpwDGnOvQk5Km+50Awr+zoe8p9QOQG0VVKoU8QC5asoSyygxmyA/UbDacHeWKdX8oAYhU4S992dzGtNFFJr/z8Qxv2c9AM4qJMM2hn4ysLgJx7c/THyx8Ov6AYmktTI2OlI2yz9KJR7Pod4SEmZg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712156586; c=relaxed/simple; bh=a7mNqaALJyPq3YdKVXicKQwMMqVLcFYOt4aFmY79KZk=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=WHw9ZFAJNp45wf0AJnDOaL8Sor+eCcT/9CYRUwI8rDSSvV8PnG3AsT7y+X4CWkyQSoaFivKnWacNuJZxtbV2sQXETqeN/GEixieGI5CRPC4VgyocsKS/ZdPp6H2gX0mDLeeHmObuF/x5uKFBdHqn3BMey/RCRWTKLiNtN/4Zso4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=GMcWIfYr; arc=none smtp.client-ip=209.85.219.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-dc742543119so6354346276.0 for ; Wed, 03 Apr 2024 08:03:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1712156584; x=1712761384; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=oB/QZCIJNsw+4xmf5zobnrRWsDWTsJXOON4ReH8dtVg=; b=GMcWIfYrscgAst0DD1198oNQcsFMfoJUezrKRuFuSkBeRfUlhe12r/FugLlhXrhjeu kVcDqPEqIJjtPihBsbmlxgtpqxFdeAS8D2EFqLTdvi+V/MTKMlJFWDTV+NxXb3Urstno uHlDgkqMs9Py7j+iWmqbI7uTWyplzVeREnbJSH/hzqEUBusyomTt1uikCuT7VIIC2d1J ZCOhc352kmpbiZNf+/IPd5HgyMPOcDEEBP5Ki7v8Y8I4K8j8jgs25mAVXv6c34bMHG31 D8MOcddtf/gRfQB4MxTLnLUarjmPwHenM+wRP/AlZk1tMTTjjU6rrOrdnN3EQr7ZMfpD Y9AA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712156584; x=1712761384; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oB/QZCIJNsw+4xmf5zobnrRWsDWTsJXOON4ReH8dtVg=; b=UmYHZ9bFkGlZGlWjYncs9Fo/wrwmNHmDaVSs0xWN2/DLZjCDr7Kovwm3ZtcUwZrr2g JjOoDQSDL5ZU1Ylo1PaRxd302X/0ci+4KlWlLDDe+FcN8KZdYyflYdlULuqVg1wNjzDc Zk+XWxZgnC7ssVG+D5SlQUMyaEnwzRmuIvWOza5WyrgnYTp0egj+kQFTR4xwJ8O5+iDq XI707rOnmhMFD1b7KI4gUMndUGXAT92DYAmomo8TsbvBSstOYMCY+c91zz1TsiwKpUmy LsSjGtLdXud+cAtFQNTn591cAv8e6ntvmgwyiQTnNnhnun64CI45XF4t1rBz8SdA1eiz Nw7w== X-Forwarded-Encrypted: i=1; AJvYcCXDuJyabgZWJhzjD2P2jQmb3O9CMr12sMfiWukDLxvC2tuIZJbqbagXBiHlP2QnpCUgLlBUVnWUqES+HJDqulQpHUYcTCo1xPfCrLpc X-Gm-Message-State: AOJu0Yyf9nE17YZ2PRZ7X/7QB/0zDKCVOYPza8n6QVrCDpmcLwjBb4NA V0S7nxYghVLV9c2xFt5YAE/fE5C9yrdVjG25XF2XcyivbBLKFQ5QVpLCxH/06Pw7cq0+f0g/pVN ED/Uf2XXLI1s0BLS3tBDe3bQz3ukvWNFCkWLg X-Received: by 2002:a05:6902:2b87:b0:dca:c369:fac8 with SMTP id fj7-20020a0569022b8700b00dcac369fac8mr3635102ybb.1.1712156583732; Wed, 03 Apr 2024 08:03:03 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240403090749.2929667-1-roberto.sassu@huaweicloud.com> <6d3b9d8a5f5a2ca010a5a701d7826e47912fec89.camel@linux.ibm.com> In-Reply-To: <6d3b9d8a5f5a2ca010a5a701d7826e47912fec89.camel@linux.ibm.com> From: Paul Moore Date: Wed, 3 Apr 2024 11:02:53 -0400 Message-ID: Subject: Re: [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was To: Mimi Zohar Cc: Roberto Sassu , viro@zeniv.linux.org.uk, brauner@kernel.org, jack@suse.cz, jmorris@namei.org, serge@hallyn.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-cifs@vger.kernel.org, linux-integrity@vger.kernel.org, pc@manguebit.com, torvalds@linux-foundation.org, Roberto Sassu , Steve French Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Apr 3, 2024 at 9:11=E2=80=AFAM Mimi Zohar wro= te: > On Wed, 2024-04-03 at 11:07 +0200, Roberto Sassu wrote: > > > > However, as reported by VFS maintainers, successful mknod operation doe= s > > not mean that the dentry always has an inode attached to it (for exampl= e, > > not for FIFOs on a SAMBA mount). > > > > If that condition happens, the kernel crashes when > > security_path_post_mknod() attempts to verify if the inode associated t= o > > the dentry is private. > > This is an example of why making the LSM hook more generic than needed di= dn't > work. Based on the discussion there is no valid reason for making the ho= ok more > generic. I agree, I think we all do, but I don't think we want to get into process discussions in the patch description. The description explains the original motivation for the buggy commit, the problem it caused, and the solution; that's enough IMHO. --=20 paul-moore.com