Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1756664Ab0LISH4 (ORCPT <rfc822;w@1wt.eu>);
	Thu, 9 Dec 2010 13:07:56 -0500
Received: from mx1.redhat.com ([209.132.183.28]:38486 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1755375Ab0LISHy (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 9 Dec 2010 13:07:54 -0500
Subject: Re: [PATCH] fs/vfs/security: pass last path component to LSM on
 inode creation
From: Eric Paris <eparis@redhat.com>
To: John Stoffel <john@stoffel.org>
Cc: xfs-masters@oss.sgi.com, linux-btrfs@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-ext4@vger.kernel.org,
        cluster-devel@redhat.com, linux-mtd@lists.infradead.org,
        jfs-discussion@lists.sourceforge.net, ocfs2-devel@oss.oracle.com,
        reiserfs-devel@vger.kernel.org, xfs@oss.sgi.com, linux-mm@kvack.org,
        linux-security-module@vger.kernel.org, chris.mason@oracle.com,
        jack@suse.cz, akpm@linux-foundation.org, adilger.kernel@dilger.ca,
        tytso@mit.edu, swhiteho@redhat.com, dwmw2@infradead.org,
        shaggy@linux.vnet.ibm.com, mfasheh@suse.com, joel.becker@oracle.com,
        aelder@sgi.com, hughd@google.com, jmorris@namei.org, sds@tycho.nsa.gov,
        eparis@parisplace.org, hch@lst.de, dchinner@redhat.com,
        viro@zeniv.linux.org.uk, shemminger@vyatta.com, jeffm@suse.com,
        paul.moore@hp.com, penguin-kernel@I-love.SAKURA.ne.jp,
        casey@schaufler-ca.com, kees.cook@canonical.com, dhowells@redhat.com
In-Reply-To: <19713.5738.653711.301814@quad.stoffel.home>
References: <20101208194527.13537.77202.stgit@paris.rdu.redhat.com>
	 <19712.61515.201226.938553@quad.stoffel.home>
	 <1291909941.3072.70.camel@localhost.localdomain>
	 <19713.5738.653711.301814@quad.stoffel.home>
Content-Type: text/plain; charset="UTF-8"
Date: Thu, 09 Dec 2010 13:05:21 -0500
Message-ID: <1291917921.12683.4.camel@localhost.localdomain>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1564
Lines: 31

On Thu, 2010-12-09 at 12:48 -0500, John Stoffel wrote:
> >>>>> "Eric" == Eric Paris <eparis@redhat.com> writes:
> 
> Eric> On Thu, 2010-12-09 at 10:05 -0500, John Stoffel wrote:
> >> >>>>> "Eric" == Eric Paris <eparis@redhat.com> writes:
> 
> Eric> This patch adds a 4th piece of information, the name of the
> Eric> object being created.  An obvious situation where this will be
> Eric> useful is devtmpfs (although you'll find other examples in the
> Eric> above thread).  devtmpfs when it creates char/block devices is
> Eric> unable to distinguish between kmem and console and so they are
> Eric> created with a generic label.  hotplug/udev is then called which
> Eric> does some pathname like matching and relabels them to something
> Eric> more specific.  We've found that many people are able to race
> Eric> against this particular updating and get spurious denials in
> Eric> /dev.  With this patch devtmpfs will be able to get the labels
> Eric> correct to begin with.
> 
> So your Label based access controls are *also* based on pathnames?
> Right?

Access decisions are still based solely on the label.  This patch can
influence how new objects get their label, which makes the access
decisions indirectly path based.  You'll find a reasonable summary and
commentary on lwn in this weeks security section.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/