| Message ID | 20161209130304.20862-1-r.krypa@samsung.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 12/9/2016 5:03 AM, Rafal Krypa wrote: > Since 4b936885a (v2.6.32) all inodes on sockfs and pipefs are disconnected. > It caused filesystem specific code in smack_d_instantiate to be skipped, > because all inodes on those pseudo filesystems were treated as root inodes. > As a result all sockfs inodes had the Smack label set to floor. > > In most cases access checks for sockets use socket_smack data so the inode > label is not important. But there are special cases that were broken. > One example would be calling fcntl with F_SETOWN command on a socket fd. > > Now smack_d_instantiate expects all pipefs and sockfs inodes to be > disconnected and has the logic in appropriate place. > > Signed-off-by: Rafal Krypa <r.krypa@samsung.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> I have queued this for my 4.11 tree. > --- > security/smack/smack_lsm.c | 14 +++++++------- > 1 file changed, 7 insertions(+), 7 deletions(-) > > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index 4d90257..9d79d2f 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -3438,6 +3438,13 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) > case PIPEFS_MAGIC: > isp->smk_inode = smk_of_current(); > break; > + case SOCKFS_MAGIC: > + /* > + * Socket access is controlled by the socket > + * structures associated with the task involved. > + */ > + isp->smk_inode = &smack_known_star; > + break; > default: > isp->smk_inode = sbsp->smk_root; > break; > @@ -3454,19 +3461,12 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) > */ > switch (sbp->s_magic) { > case SMACK_MAGIC: > - case PIPEFS_MAGIC: > - case SOCKFS_MAGIC: > case CGROUP_SUPER_MAGIC: > /* > * Casey says that it's a little embarrassing > * that the smack file system doesn't do > * extended attributes. > * > - * Casey says pipes are easy (?) > - * > - * Socket access is controlled by the socket > - * structures associated with the task involved. > - * > * Cgroupfs is special > */ > final = &smack_known_star; -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 4d90257..9d79d2f 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3438,6 +3438,13 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) case PIPEFS_MAGIC: isp->smk_inode = smk_of_current(); break; + case SOCKFS_MAGIC: + /* + * Socket access is controlled by the socket + * structures associated with the task involved. + */ + isp->smk_inode = &smack_known_star; + break; default: isp->smk_inode = sbsp->smk_root; break; @@ -3454,19 +3461,12 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) */ switch (sbp->s_magic) { case SMACK_MAGIC: - case PIPEFS_MAGIC: - case SOCKFS_MAGIC: case CGROUP_SUPER_MAGIC: /* * Casey says that it's a little embarrassing * that the smack file system doesn't do * extended attributes. * - * Casey says pipes are easy (?) - * - * Socket access is controlled by the socket - * structures associated with the task involved. - * * Cgroupfs is special */ final = &smack_known_star;
Since 4b936885a (v2.6.32) all inodes on sockfs and pipefs are disconnected. It caused filesystem specific code in smack_d_instantiate to be skipped, because all inodes on those pseudo filesystems were treated as root inodes. As a result all sockfs inodes had the Smack label set to floor. In most cases access checks for sockets use socket_smack data so the inode label is not important. But there are special cases that were broken. One example would be calling fcntl with F_SETOWN command on a socket fd. Now smack_d_instantiate expects all pipefs and sockfs inodes to be disconnected and has the logic in appropriate place. Signed-off-by: Rafal Krypa <r.krypa@samsung.com> --- security/smack/smack_lsm.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-)