From patchwork Wed Jan 29 20:39:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fan Wu X-Patchwork-Id: 13954109 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D3333C0218D for ; Wed, 29 Jan 2025 20:40:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 61F166B031A; Wed, 29 Jan 2025 15:40:51 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 5CE5C6B031B; Wed, 29 Jan 2025 15:40:51 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 495FA6B031C; Wed, 29 Jan 2025 15:40:51 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 2A0756B031A for ; Wed, 29 Jan 2025 15:40:51 -0500 (EST) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 874F912047B for ; Wed, 29 Jan 2025 20:40:42 +0000 (UTC) X-FDA: 83061657924.18.EB0B4C4 Received: from nyc.source.kernel.org (nyc.source.kernel.org [147.75.193.91]) by imf25.hostedemail.com (Postfix) with ESMTP id C971DA0007 for ; Wed, 29 Jan 2025 20:40:40 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=FBFQfTpr; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf25.hostedemail.com: domain of wufan@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=wufan@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738183240; a=rsa-sha256; cv=none; b=46Q6ruU6oiIQkrC5xF0HDFhxXyxJGP52L9DhuB/pduAUfkdGOcN2nR0UfnA4xsRR0F6NXs SVKwcMa6QB91wuporicH/G/STgNR1gvbupgx1us0YmibiRJMoCiwgfCgW67p9jBGGv8BpD CqPs48XvC0hgVZQwCQiPv5nV5i5R0YY= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=FBFQfTpr; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf25.hostedemail.com: domain of wufan@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=wufan@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738183240; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2IzrWZov9SgfmUjsr0HKx2CZNMyUyH4I7M/J+fAIjdU=; b=u2VG3ftw0A5F1h/WcDbJRkgXjXSmPDSZRqgwlaK0skGnXHDkVVjAF+H8GdFmHInJ3H/SF/ f4J8bJQrRas3RiCnOmGEh8T3OXtvUvnz966g+k2EcWYTfKZrXnCtaYB6CRbQgSWTglY6P4 5FiHCeAjN7LMYFilW2ZNcpvQiXIj1s0= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id 4447AA41C18; Wed, 29 Jan 2025 20:38:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A11CAC4CEE6; Wed, 29 Jan 2025 20:40:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738183239; bh=rNSXy9Sct5j7fuWxOAUzXWDDz8RBbrqWcCcnTgGXcZ8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FBFQfTprdHiKPbOv4p1kJ3C0ty/oxBMjnxUI5cW4VE8S1bpnZP76xYfCQM3QHg5da K9iMXgtQ7duBEnsiR9P7Gi3YOHEyQh24jkpMeKCSfwsw2qKOk3KQKtfm4QqFs9QXrz R/BcO9DSXOEwd5lGGmgqtB97B1PQ78AtJ0UdZcDJO9E0R0ns4vYKYHzozi2OfFPyaQ +Lp/gn4l9XVN2VgUztxLYBH9W4g2AXyXSfrzpzp2v7rhqxR3WgxNsZyUZPAn0Tl6/p fzFXT0JkwmVIih4UUOvVCu+doUoHFgiQuPnFcohGDrY0QvVS+7lX6QQ1NQef07zegz Ab0cXtwNuL4zg== From: wufan@kernel.org To: corbet@lwn.net, jmorris@namei.org, paul@paul-moore.com, serge@hallyn.com, akpm@linux-foundation.org Cc: linux-doc@vger.kernel.org, linux-security-module@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Fan Wu Subject: [RFC PATCH v2 1/2] memfd,lsm: add a security hook to memfd_create() Date: Wed, 29 Jan 2025 20:39:31 +0000 Message-Id: <20250129203932.22165-2-wufan@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250129203932.22165-1-wufan@kernel.org> References: <20250129203932.22165-1-wufan@kernel.org> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Queue-Id: C971DA0007 X-Rspamd-Server: rspam10 X-Stat-Signature: yfgf7q8ankt96yyon38pk3af3kb6hesj X-HE-Tag: 1738183240-306243 X-HE-Meta: U2FsdGVkX191nNkdmfDe6QFVd/D7sDUeXwAXLWycudQi+UVP9kj7u3hwbhPNNX3CkIp5ofseaBf3Q+H5VbDJRZF3MZQPxs/oiDECmIGT4l+CLr9gBhkPPUXknhwvOL07ntvN4sEJJ8osEATI4I1M8wD81yzulQ5yQq/5Lf+ankdmHHDMcOCeGGYQRcurqZMlNxtUjCJQnHvfxCmfPXRigmvRfDfo38ayRpjAlUYkgBA0QVfLIeFfe6qGrHCuaHPf69YNxKami3WIoVsS/lZLMF734aFQ41DvriNuF2I868+rhmvqPxJGAkY0QQRqxpipep31+ixlsHFAPCmOKqLCcexyS2YklZL02IIrI2XfBjywH7c6xvxlwC8+7QmOgzz5FbqZXrNVRTZ+8L7xmtKWUmEXx1tLQnMyTpC8KxXL7sT7Oq4YdpTBev4P86mJuXPBAZKnXP+TjjgO1B/jwvimrh6AjazsBvpzVddY5x//r09MPEGHUPIBDz++1R4SGx8jfEXvXIKZzYbJ1hdqHzmZhQN5j5uG3W957j8RLt/mVL1WQMsbyNNnv9pMsbJBTlEgOx45PKfagxzx+x0JM3o5gTtgL/Nqar7Dd+gznS6AH2kv5xVAJbFU18XE44I1Sc13RqvYur1nfyZjQ8bRYFUUuvvuZEGveOSB3IYlermdIEmVqU5GctxzealAJB3/rfU+lAlngeN39oMg5Hc3jBMV1pFbhguCbMrFJpTEWYajTSqEEtgfre75GtQq0mCzPHxMTw4ARQQDaQNgqXY2ts54k8vqMqO8n+FU6wSYhDnELYxLIsrjFNwj2rmDG7oHseeHtBJmKTFyQAQzyubyL2PdjV4v34c1vnOgvTJsyk326zYbiIM1hLJh151uij8yPUYY0f4AgsFqh2OYRQ4s5PmTEOIa7ybJ0JpVAQ2Jk1CCw1wzrAoLBiZuQY1T0pkbcmeotQ1ghlX4BbeJd3BAY2T OE5OJYnp FW1j1UsuCkiKS8KxMjGr4k2xgTGiSKTeNV4Ckoq0RVdPupoDldKpgLVQWJ9gvNHNUDyDgFa9kHU4bVailX3m8P6h9xuRPAFgSEnYkS8rlGfuoXxGe/VCtC896BrYvU+zm6C1AKr4RCtjLMB6NSif6S3EYa3LCJaKna4T8bWhV2/TojdXbQ25phA0y4ulHLQcdiL4LvS5AZlPN6P0j14cKNxdwQXjnyBJlOH8nIdZazw1II9BSCboAo5Em2htp4dGbTxCckDHC8y8tO3aVYVs6+5biMZ6MY8y4DikExAnBuPOTfWaNkkJz/SZ8Tg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Fan Wu This patch adds a new LSM hook that notifies the security subsystem whenever a new memfd is created by memfd_create(). The hook is invoked before fd_install() inside memfd_create(), allowing the LSM to differentiate memfd files from regular shmemfs or hugetlbfs files that share the same superblock. Upon receiving this notification, the security system can label the memfd files thereafter the lsms can make security decision specifically for them. Signed-off-by: Fan Wu --- include/linux/lsm_hook_defs.h | 3 +++ include/linux/security.h | 8 ++++++++ mm/memfd.c | 2 ++ security/security.c | 11 +++++++++++ 4 files changed, 24 insertions(+) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index e2f1ce37c41e..1c0a9953c924 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -463,3 +463,6 @@ LSM_HOOK(int, 0, bdev_alloc_security, struct block_device *bdev) LSM_HOOK(void, LSM_RET_VOID, bdev_free_security, struct block_device *bdev) LSM_HOOK(int, 0, bdev_setintegrity, struct block_device *bdev, enum lsm_integrity_type type, const void *value, size_t size) + +LSM_HOOK(void, 0, memfd_created, struct file *file) + diff --git a/include/linux/security.h b/include/linux/security.h index 980b6c207cad..40ae79270eaf 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2386,4 +2386,12 @@ static inline void security_initramfs_populated(void) } #endif /* CONFIG_SECURITY */ +#ifdef CONFIG_SECURITY +extern void security_memfd_created(struct file *file); +#else +static inline void security_memfd_created(struct file *file) +{ +} +#endif /* CONFIG_SECURITY */ + #endif /* ! __LINUX_SECURITY_H */ diff --git a/mm/memfd.c b/mm/memfd.c index 37f7be57c2f5..597d27ccb0b6 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -19,6 +19,7 @@ #include #include #include +#include #include /* @@ -483,6 +484,7 @@ SYSCALL_DEFINE2(memfd_create, goto err_fd; } + security_memfd_created(file); fd_install(fd, file); kfree(name); return fd; diff --git a/security/security.c b/security/security.c index 143561ebc3e8..daa9e0e0e879 100644 --- a/security/security.c +++ b/security/security.c @@ -6010,3 +6010,14 @@ void security_initramfs_populated(void) { call_void_hook(initramfs_populated); } + +/** + * security_memfd_created() - Notify LSMs that a memfd has been created + * + * Tells the LSMs that a memfd has been created. + */ +void security_memfd_created(struct file *file) +{ + call_void_hook(memfd_created, file); +} +