From patchwork Thu May 9 11:24:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10937019 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 038FD933 for ; Thu, 9 May 2019 11:28:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E597F283C9 for ; Thu, 9 May 2019 11:28:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D9AED28A47; Thu, 9 May 2019 11:28:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 833B5283C9 for ; Thu, 9 May 2019 11:28:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726698AbfEIL2J (ORCPT ); Thu, 9 May 2019 07:28:09 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32928 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725872AbfEIL2J (ORCPT ); Thu, 9 May 2019 07:28:09 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 6FC508F0FA1104671975; Thu, 9 May 2019 12:28:07 +0100 (IST) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.154) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 9 May 2019 12:27:57 +0100 From: Roberto Sassu To: CC: , , , , , , , , , , , , , , , Roberto Sassu Subject: [PATCH v2 1/3] fs: add ksys_lsetxattr() wrapper Date: Thu, 9 May 2019 13:24:18 +0200 Message-ID: <20190509112420.15671-2-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190509112420.15671-1-roberto.sassu@huawei.com> References: <20190509112420.15671-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.154] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Similarly to commit 03450e271a16 ("fs: add ksys_fchmod() and do_fchmodat() helpers and ksys_chmod() wrapper; remove in-kernel calls to syscall"), this patch introduces the ksys_lsetxattr() helper to avoid in-kernel calls to the sys_lsetxattr() syscall. Signed-off-by: Roberto Sassu --- fs/xattr.c | 9 ++++++++- include/linux/syscalls.h | 3 +++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/fs/xattr.c b/fs/xattr.c index 0d6a6a4af861..422b3d481edb 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -484,11 +484,18 @@ SYSCALL_DEFINE5(setxattr, const char __user *, pathname, return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW); } +int ksys_lsetxattr(const char __user *pathname, + const char __user *name, const void __user *value, + size_t size, int flags) +{ + return path_setxattr(pathname, name, value, size, flags, 0); +} + SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname, const char __user *, name, const void __user *, value, size_t, size, int, flags) { - return path_setxattr(pathname, name, value, size, flags, 0); + return ksys_lsetxattr(pathname, name, value, size, flags); } SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name, diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index e446806a561f..b639f13cd1f8 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1260,6 +1260,9 @@ int ksys_ipc(unsigned int call, int first, unsigned long second, unsigned long third, void __user * ptr, long fifth); int compat_ksys_ipc(u32 call, int first, int second, u32 third, u32 ptr, u32 fifth); +int ksys_lsetxattr(const char __user *pathname, + const char __user *name, const void __user *value, + size_t size, int flags); /* * The following kernel syscall equivalents are just wrappers to fs-internal From patchwork Thu May 9 11:24:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10937027 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 78F36933 for ; Thu, 9 May 2019 11:28:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6835F283C9 for ; Thu, 9 May 2019 11:28:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 59A8928A47; Thu, 9 May 2019 11:28:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EFCC5283C9 for ; Thu, 9 May 2019 11:28:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726715AbfEIL2k (ORCPT ); Thu, 9 May 2019 07:28:40 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32929 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725869AbfEIL2j (ORCPT ); Thu, 9 May 2019 07:28:39 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 104CA225B8BBA7A807A8; Thu, 9 May 2019 12:28:38 +0100 (IST) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.154) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 9 May 2019 12:28:32 +0100 From: Roberto Sassu To: CC: , , , , , , , , , , , , , , , Roberto Sassu Subject: [PATCH v2 2/3] initramfs: set extended attributes Date: Thu, 9 May 2019 13:24:19 +0200 Message-ID: <20190509112420.15671-3-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190509112420.15671-1-roberto.sassu@huawei.com> References: <20190509112420.15671-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.154] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Mimi Zohar This patch adds xattrs to a file, with name and value taken from a supplied buffer. The data format is: \0 [kamensky: fixed restoring of xattrs for symbolic links by using sys_lsetxattr() instead of sys_setxattr()] [sassu: removed state management, kept only do_setxattrs(), replaced sys_lsetxattr() with ksys_lsetxattr(), added check for xattr_entry_size, added check for hdr->c_size, replaced strlen() with strnlen()] Signed-off-by: Mimi Zohar Signed-off-by: Victor Kamensky Signed-off-by: Taras Kondratiuk Signed-off-by: Roberto Sassu --- init/initramfs.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 61 insertions(+), 2 deletions(-) diff --git a/init/initramfs.c b/init/initramfs.c index 4749e1115eef..98c2aa4b5ab4 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -146,7 +146,8 @@ static __initdata time64_t mtime; static __initdata unsigned long ino, major, minor, nlink; static __initdata umode_t mode; -static __initdata unsigned long body_len, name_len; +static __initdata u32 name_len, xattr_len; +static __initdata u64 body_len; static __initdata uid_t uid; static __initdata gid_t gid; static __initdata unsigned rdev; @@ -218,7 +219,7 @@ static void __init read_into(char *buf, unsigned size, enum state next) } } -static __initdata char *header_buf, *symlink_buf, *name_buf; +static __initdata char *header_buf, *symlink_buf, *name_buf, *xattr_buf; static int __init do_start(void) { @@ -392,6 +393,64 @@ static int __init do_symlink(void) return 0; } +struct xattr_hdr { + char c_size[8]; /* total size including c_size field */ + char c_data[]; /* \0 */ +}; + +static int __init do_setxattrs(void) +{ + char *buf = xattr_buf; + char *bufend = buf + xattr_len; + struct xattr_hdr *hdr; + char str[sizeof(hdr->c_size) + 1]; + + if (!xattr_len) + return 0; + + str[sizeof(hdr->c_size)] = 0; + + while (buf < bufend) { + char *xattr_name, *xattr_value; + unsigned long xattr_entry_size; + unsigned long xattr_name_size, xattr_value_size; + int ret; + + if (buf + sizeof(hdr->c_size) > bufend) { + error("malformed xattrs"); + break; + } + + hdr = (struct xattr_hdr *)buf; + memcpy(str, hdr->c_size, sizeof(hdr->c_size)); + ret = kstrtoul(str, 16, &xattr_entry_size); + buf += xattr_entry_size; + if (ret || buf > bufend || !xattr_entry_size) { + error("malformed xattrs"); + break; + } + + xattr_name = hdr->c_data; + xattr_name_size = strnlen(xattr_name, + xattr_entry_size - sizeof(hdr->c_size)); + if (xattr_name_size == xattr_entry_size - sizeof(hdr->c_size)) { + error("malformed xattrs"); + break; + } + + xattr_value = xattr_name + xattr_name_size + 1; + xattr_value_size = buf - xattr_value; + + ret = ksys_lsetxattr(name_buf, xattr_name, xattr_value, + xattr_value_size, 0); + + pr_debug("%s: %s size: %lu val: %s (ret: %d)\n", name_buf, + xattr_name, xattr_value_size, xattr_value, ret); + } + + return 0; +} + static __initdata int (*actions[])(void) = { [Start] = do_start, [Collect] = do_collect, From patchwork Thu May 9 11:24:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10937031 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7F09213AD for ; Thu, 9 May 2019 11:29:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6E1ED28647 for ; Thu, 9 May 2019 11:29:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 61D3528A47; Thu, 9 May 2019 11:29:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EDD1E28647 for ; Thu, 9 May 2019 11:29:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726573AbfEIL3K (ORCPT ); Thu, 9 May 2019 07:29:10 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32930 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725869AbfEIL3K (ORCPT ); Thu, 9 May 2019 07:29:10 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 9D6FBDF03E2FB9130A0C; Thu, 9 May 2019 12:29:08 +0100 (IST) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.154) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 9 May 2019 12:29:02 +0100 From: Roberto Sassu To: CC: , , , , , , , , , , , , , , , Roberto Sassu Subject: [PATCH v2 3/3] initramfs: introduce do_readxattrs() Date: Thu, 9 May 2019 13:24:20 +0200 Message-ID: <20190509112420.15671-4-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190509112420.15671-1-roberto.sassu@huawei.com> References: <20190509112420.15671-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.154] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch adds support for an alternative method to add xattrs to files in the rootfs filesystem. Instead of extracting them directly from the ram disk image, they are extracted from a regular file called .xattr-list, that can be added by any ram disk generator available today. .xattr-list can be generated by executing: $ getfattr --absolute-names -d -P -R -e hex -m - \ | xattr.awk -b > ${initdir}/.xattr-list where the content of the xattr.awk script is: #! /usr/bin/awk -f { if (!length($0)) { printf("%.10x%s\0", len, file); for (x in xattr) { printf("%.8x%s\0", xattr_len[x], x); for (i = 0; i < length(xattr[x]) / 2; i++) { printf("%c", strtonum("0x"substr(xattr[x], i * 2 + 1, 2))); } } i = 0; delete xattr; delete xattr_len; next; }; if (i == 0) { file=$3; len=length(file) + 8 + 1; } if (i > 0) { split($0, a, "="); xattr[a[1]]=substr(a[2], 3); xattr_len[a[1]]=length(a[1]) + 1 + 8 + length(xattr[a[1]]) / 2; len+=xattr_len[a[1]]; }; i++; } Signed-off-by: Roberto Sassu --- init/initramfs.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/init/initramfs.c b/init/initramfs.c index 98c2aa4b5ab4..91f35a84c592 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -11,6 +11,9 @@ #include #include +#define XATTR_LIST_FILENAME ".xattr-list" + + static ssize_t __init xwrite(int fd, const char *p, size_t count) { ssize_t out = 0; @@ -451,6 +454,91 @@ static int __init do_setxattrs(void) return 0; } +struct path_hdr { + char p_size[10]; /* total size including p_size field */ + char p_data[]; /* \0 */ +}; + +static int __init do_readxattrs(void) +{ + struct path_hdr hdr; + char str[sizeof(hdr.p_size) + 1]; + unsigned long file_entry_size; + size_t size, name_buf_size, total_size; + struct kstat st; + int ret, fd; + + ret = vfs_lstat(XATTR_LIST_FILENAME, &st); + if (ret < 0) + return ret; + + total_size = st.size; + + fd = ksys_open(XATTR_LIST_FILENAME, O_RDONLY, 0); + if (fd < 0) + return fd; + + while (total_size) { + size = ksys_read(fd, (char *)&hdr, sizeof(hdr)); + if (size != sizeof(hdr)) { + ret = -EIO; + goto out; + } + + total_size -= size; + + memcpy(str, hdr.p_size, sizeof(hdr.p_size)); + ret = kstrtoul(str, 16, &file_entry_size); + if (ret < 0) + goto out; + + file_entry_size -= sizeof(sizeof(hdr.p_size)); + if (file_entry_size > total_size) { + ret = -EINVAL; + goto out; + } + + name_buf = vmalloc(file_entry_size); + if (!name_buf) { + ret = -ENOMEM; + goto out; + } + + size = ksys_read(fd, name_buf, file_entry_size); + if (size != file_entry_size) { + ret = -EIO; + goto out_free; + } + + total_size -= size; + + name_buf_size = strnlen(name_buf, file_entry_size); + if (name_buf_size == file_entry_size) { + ret = -EINVAL; + goto out_free; + } + + xattr_buf = name_buf + name_buf_size + 1; + xattr_len = file_entry_size - name_buf_size - 1; + + ret = do_setxattrs(); + vfree(name_buf); + name_buf = NULL; + + if (ret < 0) + break; + } +out_free: + vfree(name_buf); +out: + ksys_close(fd); + + if (ret < 0) + error("Unable to parse xattrs"); + + return ret; +} + static __initdata int (*actions[])(void) = { [Start] = do_start, [Collect] = do_collect, @@ -554,6 +642,7 @@ static char * __init unpack_to_rootfs(char *buf, unsigned long len) buf += my_inptr; len -= my_inptr; } + do_readxattrs(); dir_utime(); kfree(name_buf); kfree(symlink_buf);