Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1532439pxf; Fri, 9 Apr 2021 10:39:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyzUhCM3FfL0OXEWpV7kHhwp7TiUJuEkSyBB2yZmgdwGLtFq7wb3Iy78UKZNPS527rANZME X-Received: by 2002:a17:90a:eb18:: with SMTP id j24mr15251257pjz.52.1617989983105; Fri, 09 Apr 2021 10:39:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617989983; cv=none; d=google.com; s=arc-20160816; b=CWGyvl/P3j+HUgJP1NmQWm1Zgv/UebUnLNiT0NUlA8fbo+uh5SOoUo5CDj5r5PFl8N LgzL4Fe5AWqNfjXobLHcVrCnpLh2r/n/hrSCUioWDFQWQuOdsDWmNPm/KcruntuQCVAK gEZuNrpcTkYiqSQ70vAuhrcVydRXzpe+Jm1Np7OozZv99C/o0hvnrFtNlmGErjq6aNor 4M1tK9UoRdBe/6/VTNyCngB7k18gpO0tRe1yk+IjHWW+fgegynrwR0wupyxe01nzAXBE ekFf12fXJ0jCnNQHMC88IwhtRq1GluVbbcNvDikLyWMHcoafsXbZ2NHyDwNWpk03OlA0 AIUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=ctSABw2kjoLnR/9CPsehS2T91aGqZMmVOGM3FfnHLik=; b=vcgalMly7vG6njx3/brRQ1vGH2PBbedKpDedtiZlFOS6rBLovw/CYll4+uGgH1xtSk CxK/en6mn0UqPWPG38yWr7VQdE3rfHXp2kQ+LkfDlTiJRvT9IeBCsq96qnIrLBcPzVkZ QX9IcJGSjT5GrFVU+IE8+IIzjlsA+V9tnjmthETldmpR19xQGYVWXSWbFVCccPK+Q8df s9AFPGrzl4u+VqMjFmb5C4rkgKREbXYsfIK38TiZExUmSLDtRhhMqw3ey1dvox1PthjS Eamt8bBT7vj1XYDHxTn7Ni9FDxj0WE2+LH1rNoOyjCztKIe8qCZDQKy0mMqyCmfvdKfY i16g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=BH7vAMMC; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c11si3982207pfv.191.2021.04.09.10.39.20; Fri, 09 Apr 2021 10:39:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=BH7vAMMC; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234169AbhDIRjc (ORCPT + 99 others); Fri, 9 Apr 2021 13:39:32 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:26735 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233038AbhDIRjb (ORCPT ); Fri, 9 Apr 2021 13:39:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1617989958; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ctSABw2kjoLnR/9CPsehS2T91aGqZMmVOGM3FfnHLik=; b=BH7vAMMCRfOinjpFyXteIZ6epWmq8hl4d8tF38XkXET5lZX8hk5O7L0YmNsGvnqsdmsCGZ VtvnrtzZjYt+u0p9d40gEpB7jeyHSW6COIZVlA3zHXrMBwkJgC0V9N4qhvZ6HiStGXqZ5R pb7EjJqAw30COglbGc08UtzbdzN5HV8= Received: from mail-yb1-f199.google.com (mail-yb1-f199.google.com [209.85.219.199]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-523-aVmiTgpKME2G6yFRSp52dQ-1; Fri, 09 Apr 2021 13:39:16 -0400 X-MC-Unique: aVmiTgpKME2G6yFRSp52dQ-1 Received: by mail-yb1-f199.google.com with SMTP id i6so6059435ybk.2 for ; Fri, 09 Apr 2021 10:39:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ctSABw2kjoLnR/9CPsehS2T91aGqZMmVOGM3FfnHLik=; b=Imo0csI+x84rzSQFSgJxKG259Hc2/Xln3w4T45NsBcI3G9pE80iwVvzPl7lJH1aok2 65L86bw+AhBYXQHY5FwnXeTJNK96y99rEY5ANTv8/OR8QBD4mCYs1EXxxu+BQr77g30M uRxDyEbZYwWsUVS1rCExR3lbat7hjnFWujROn4wDJiFpG9mUTNPTDNZuVss7HvFyo1i+ 0JBXtqHB5w8DgHBWdWJRGDFoyx7i6VBOs/ktdRCUvP50gi8XXbXTS3rQ7X4PqvoEelej PCL9Jv9oW+4IBFsdwCtsnSLKLOhdeCvgY56ZSiQ2p+Kkvlo16qIMZfmSgCXypoyPvePH h+MQ== X-Gm-Message-State: AOAM533EKBueOxkAuKhfg91MZvwGJqp0qItMEm/gUcr7DxnTOEABqAvM RJDQa2KD5c3vxoi/yaYJUXD353zyujnVeFsJs1U7588rYqkPjRwatGz+vjXoQHPzH/AKfEMkbVk iP9iFVo3G7IhxC4/reYs5pMSp5PqrPeUrZkSg X-Received: by 2002:a25:c607:: with SMTP id k7mr6756017ybf.227.1617989955815; Fri, 09 Apr 2021 10:39:15 -0700 (PDT) X-Received: by 2002:a25:c607:: with SMTP id k7mr6755995ybf.227.1617989955622; Fri, 09 Apr 2021 10:39:15 -0700 (PDT) MIME-Version: 1.0 References: <20210409111254.271800-1-omosnace@redhat.com> In-Reply-To: From: Ondrej Mosnacek Date: Fri, 9 Apr 2021 19:39:02 +0200 Message-ID: Subject: Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling To: Al Viro Cc: Linux Security Module list , SElinux list , linux-fsdevel@vger.kernel.org, linux-nfs , linux-btrfs@vger.kernel.org, Paul Moore , Olga Kornievskaia , David Howells , Stephen Smalley Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Fri, Apr 9, 2021 at 2:28 PM Al Viro wrote: > On Fri, Apr 09, 2021 at 01:12:52PM +0200, Ondrej Mosnacek wrote: > > This series attempts to clean up part of the mess that has grown around > > the LSM mount option handling across different subsystems. > > I would not describe growing another FS_... flag Why is that necessarily a bad thing? > *AND* spreading the > FS_BINARY_MOUNTDATA further, with rather weird semantics at that, > as a cleanup of any sort. How is this spreading it further? The patches remove one (rather bad) use of it in SELinux and somewhat reduce its use in btrfs. Hold on... actually I just realized that with FS_HANDLES_LSM_OPTS it is possible to do btrfs without FS_BINARY_MOUNTDATA and also eliminate the need for the workaround in vfs_parse_fs_param() (i.e. [2]). Basically instead of setting FS_BINARY_MOUNTDATA | FS_HANDLES_LSM_OPTS in btrfs_fs_type and neither in btrfs_root_fs_type, it is enough to set neither in btrfs_fs_type and only FS_HANDLES_LSM_OPTS in btrfs_root_fs_type. The security opts are then applied in the outer vfs_get_tree() call instead of the inner one, but the net effect is the same. That should pretty much do away with both the non-legit users of FS_BINARY_MOUNTDATA (selinux_set_mnt_opts() and btrfs). All the rest seem to be in line with the semantic. Would [something like] the above stand any chance of getting your approval? [2] https://lore.kernel.org/selinux/20210401065403.GA1363493@infradead.org/T/ -- Ondrej Mosnacek Software Engineer, Linux Security - SELinux kernel Red Hat, Inc.