Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-14 Thread James Morris
On Thu, 14 May 2020, Mickaël Salaün wrote: > > fsnotify is not an LSM. > > Yes, so I'll need to add a new LSM hook for this (release) call, right? Unless an existing one will work. -- James Morris

Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-14 Thread Mickaël Salaün
On 14/05/2020 19:31, James Morris wrote: > On Thu, 14 May 2020, Mickaël Salaün wrote: > >>> This needs to be converted to the LSM API via superblock blob stacking. >>> >>> See Casey's old patch: >>> https://lore.kernel.org/linux-security-module/20190829232935.7099-2-ca...@schaufler-ca.com/ >> >

Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-14 Thread Mickaël Salaün
On 14/05/2020 17:58, Casey Schaufler wrote: > On 5/14/2020 3:39 AM, Mickaël Salaün wrote: >> On 14/05/2020 05:37, James Morris wrote: >>> On Mon, 11 May 2020, Mickaël Salaün wrote: >>> >>> diff --git a/include/linux/fs.h b/include/linux/fs.h index 45cc10cdf6dd..2276642f8e05 100644

Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-14 Thread James Morris
On Thu, 14 May 2020, Mickaël Salaün wrote: > > This needs to be converted to the LSM API via superblock blob stacking. > > > > See Casey's old patch: > > https://lore.kernel.org/linux-security-module/20190829232935.7099-2-ca...@schaufler-ca.com/ > > s_landlock_inode_refs is quite similar to s_f

Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-14 Thread Casey Schaufler
On 5/14/2020 3:39 AM, Mickaël Salaün wrote: > On 14/05/2020 05:37, James Morris wrote: >> On Mon, 11 May 2020, Mickaël Salaün wrote: >> >> >>> diff --git a/include/linux/fs.h b/include/linux/fs.h >>> index 45cc10cdf6dd..2276642f8e05 100644 >>> --- a/include/linux/fs.h >>> +++ b/include/linux/fs.h >

Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-14 Thread Mickaël Salaün
On 14/05/2020 05:37, James Morris wrote: > On Mon, 11 May 2020, Mickaël Salaün wrote: > > >> diff --git a/include/linux/fs.h b/include/linux/fs.h >> index 45cc10cdf6dd..2276642f8e05 100644 >> --- a/include/linux/fs.h >> +++ b/include/linux/fs.h >> @@ -1517,6 +1517,11 @@ struct super_block { >>

Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-13 Thread James Morris
On Mon, 11 May 2020, Mickaël Salaün wrote: > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 45cc10cdf6dd..2276642f8e05 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -1517,6 +1517,11 @@ struct super_block { > /* Pending fsnotify inode refs */ > atomic_

[PATCH v17 05/10] fs,landlock: Support filesystem access-control

2020-05-11 Thread Mickaël Salaün
Thanks to the Landlock objects and ruleset, it is possible to identify inodes according to a process's domain. To enable an unprivileged process to express a file hierarchy, it first needs to open a directory (or a file) and pass this file descriptor to the kernel through landlock(2). When checki