Return-Path: linux-nfs-owner@vger.kernel.org Received: from fieldses.org ([174.143.236.118]:58837 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754007Ab3C2Skj (ORCPT ); Fri, 29 Mar 2013 14:40:39 -0400 Date: Fri, 29 Mar 2013 14:40:31 -0400 To: Mimi Zohar Cc: Steve Dickson , Trond Myklebust , "J. Bruce Fields" , "David P. Quigley" , Linux NFS list Subject: Re: [PATCH 02/14] Security: Add Hook to test if the particular xattr is part of a MAC model. Message-ID: <20130329184031.GF22307@fieldses.org> References: <1364478845-29796-1-git-send-email-SteveD@redhat.com> <1364478845-29796-3-git-send-email-SteveD@redhat.com> <1364557380.2580.189.camel@falcor1.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <1364557380.2580.189.camel@falcor1.watson.ibm.com> From: "J. Bruce Fields" Sender: linux-nfs-owner@vger.kernel.org List-ID: On Fri, Mar 29, 2013 at 07:43:00AM -0400, Mimi Zohar wrote: > On Thu, 2013-03-28 at 09:53 -0400, Steve Dickson wrote: > > From: David Quigley > > > > The interface to request security labels from user space is the xattr > > interface. When requesting the security label from an NFS server it is > > important to make sure the requested xattr actually is a MAC label. This allows > > us to make sure that we get the desired semantics from the attribute instead of > > something else such as capabilities or a time based LSM. > > > > Signed-off-by: Matthew N. Dodd > > Signed-off-by: Miguel Rodel Felipe > > Signed-off-by: Phua Eu Gene > > Signed-off-by: Khin Mi Mi Aung > > --- > > include/linux/security.h | 14 ++++++++++++++ > > security/capability.c | 6 ++++++ > > security/security.c | 6 ++++++ > > security/selinux/hooks.c | 6 ++++++ > > security/smack/smack_lsm.c | 11 +++++++++++ > > 5 files changed, 43 insertions(+) > > > > diff --git a/include/linux/security.h b/include/linux/security.h > > index a957e7a..8a6faff 100644 > > --- a/include/linux/security.h > > +++ b/include/linux/security.h > > @@ -1319,6 +1319,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) > > * @pages contains the number of pages. > > * Return 0 if permission is granted. > > * > > + * @ismaclabel: > > + * Check if the extended attribute specified by @name > > + * represents a MAC label. Returns 0 if name is a MAC > > + * attribute otherwise returns non-zero. > > Sorry, the comment doesn't match the code. Yeah, that looks backwards. Confirmed by looking at an implementation: > > +static int selinux_ismaclabel(const char *name) > > +{ > > + return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); > > +} > > + Could we also make the return value bool to make it even less ambiguous? --b.