From patchwork Mon Apr 22 15:06:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13638612 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D934B5025E; Mon, 22 Apr 2024 15:07:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713798442; cv=none; b=M9j3oC2U5jZB+718TzQhzz+kjJH8E+awOimuH2fV8Z1BY4ieyq5oUjpf3j7Z4nmnkl7JRqerAVJxQuP971wRFv28pZJk48vocu655yaRYtNYyZjjw05fMs8r3lhgvKmOPaqPpO4zUX1V3OLkaOiXcDnrV3M3oTM/RGCYqdYPcYU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713798442; c=relaxed/simple; bh=kuIUXr6YCXOh6IhDYo491UZyf4sjhrPMSWv5b0L5gno=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XOGyI1OdDpiSfsXPaR/90aOeXbiTAbAL148IjerOu562e31v4cG8KTuZY4rr9wg0fEmTH0JWtjWDYpOgsON8H3vKelsuFp7Hr2Hnz6lGVPhCjYzrVYWDkuCYM0GxzBW7Mcl2PpyCvadkq+9eX1q4h8LgxS9VFaCpT3fbaq/FGHU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=iPRMRii7; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="iPRMRii7" Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 43MEmx5b029307; Mon, 22 Apr 2024 15:07:05 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=4fKxuhDNVZ10Ev35pQE20tb1THhCYL/0YyVKHfB7crI=; b=iPRMRii7f6CLKwrZj99qE25polEJPStTONLanaCDb0bOhjelQbso9n2ZRaMscO1lQTYI ssTjM8V2lebS8OQZLS/xZenbb7ZC+PcRrjL0QV3f2gQT7eXSeMxrwncP+k0C3sXz8EsB kM4qGspQ3yaYcJlNm3HWdcCBG5t4h3FoukfHIpeBnxERr2x154VSO3QLwJ3pJZ+AKndF +I31NEWvE8RewDIo1+xcSndoiMpJA89DsGyPv1faSlHdF3ptNneOD2SDgVx0q33+IIc9 qWzp7JEKDuEcuMejppfms6p5MtZlVjaVDMuI+VFEcITAYhVb+vpAycz60Su5JSvAzgbG +Q== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3xnsyx81jb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Apr 2024 15:07:04 +0000 Received: from m0353722.ppops.net (m0353722.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 43MF73Qi030610; Mon, 22 Apr 2024 15:07:04 GMT Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3xnsyx81ja-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Apr 2024 15:07:04 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 43MBmHMu028328; Mon, 22 Apr 2024 15:07:03 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3xmtr27vdv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Apr 2024 15:07:03 +0000 Received: from smtpav05.wdc07v.mail.ibm.com (smtpav05.wdc07v.mail.ibm.com [10.39.53.232]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 43MF70IM25821940 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 22 Apr 2024 15:07:02 GMT Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5FCFE58065; Mon, 22 Apr 2024 15:07:00 +0000 (GMT) Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 86FF058043; Mon, 22 Apr 2024 15:06:59 +0000 (GMT) Received: from sbct-3.bos2.lab (unknown [9.47.158.153]) by smtpav05.wdc07v.mail.ibm.com (Postfix) with ESMTP; Mon, 22 Apr 2024 15:06:59 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org, linux-unionfs@vger.kernel.org Cc: linux-kernel@vger.kernel.org, zohar@linux.ibm.com, roberto.sassu@huawei.com, amir73il@gmail.com, miklos@szeredi.hu, brauner@kernel.org, Stefan Berger Subject: [RFC PATCH v2 1/2] ovl: Define D_REAL_FILEDATA for d_real to return dentry with data Date: Mon, 22 Apr 2024 11:06:50 -0400 Message-ID: <20240422150651.2908169-2-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240422150651.2908169-1-stefanb@linux.ibm.com> References: <20240422150651.2908169-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: BSjmWBvt92PLPKosiN5REeUDopk1TNUt X-Proofpoint-GUID: iOmg7h_3DNPC1Pc8_8sU5S8ir8steyM9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-22_09,2024-04-22_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 adultscore=0 clxscore=1015 malwarescore=0 mlxlogscore=999 impostorscore=0 spamscore=0 priorityscore=1501 mlxscore=0 phishscore=0 lowpriorityscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2404010000 definitions=main-2404220065 Define D_REAL_FILEDATA which is to be used as a parameter for d_real() to return the dentry that is holding the file data, which is either the upper or the lower denry. The caller is expected to call d_real() again on the returned dentry to get to lower layers of a stacked filesystem, if available. This allows a caller to get all dentries involved in hold a file's data and iterate through the layers. Signed-off-by: Stefan Berger --- fs/overlayfs/super.c | 6 ++++++ include/linux/dcache.h | 1 + 2 files changed, 7 insertions(+) diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index 06a231970cb5..f466ad89b005 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c @@ -36,6 +36,7 @@ static struct dentry *ovl_d_real(struct dentry *dentry, enum d_real_type type) switch (type) { case D_REAL_DATA: case D_REAL_METADATA: + case D_REAL_FILEDATA: break; default: goto bug; @@ -47,6 +48,11 @@ static struct dentry *ovl_d_real(struct dentry *dentry, enum d_real_type type) } upper = ovl_dentry_upper(dentry); + if (type == D_REAL_FILEDATA) { + if (ovl_has_upperdata(d_inode(dentry))) + return upper; + return ovl_dentry_lower(dentry); + } if (upper && (type == D_REAL_METADATA || ovl_has_upperdata(d_inode(dentry)))) return upper; diff --git a/include/linux/dcache.h b/include/linux/dcache.h index bf53e3894aae..e4e54fb2cf4e 100644 --- a/include/linux/dcache.h +++ b/include/linux/dcache.h @@ -128,6 +128,7 @@ enum dentry_d_lock_class enum d_real_type { D_REAL_DATA, D_REAL_METADATA, + D_REAL_FILEDATA, }; struct dentry_operations { From patchwork Mon Apr 22 15:06:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13638614 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DEB3B15217D; Mon, 22 Apr 2024 15:07:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713798443; cv=none; b=oqL2EPDmhBy28+YLg8J6kTYHdCOUUoRb5OEswqJz7Z3yw1R6nDMAKPkp9JSDa/da8iOsT2RmPD1j3dPEqZXcc2pcn1haV15BgW6e92mEr9J41RYTPyeOrLJNmhcdvfg3Lxa4vTrD8Oysdfzl3HZleW0fCezHtCerJgxc52mNZIU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713798443; c=relaxed/simple; bh=9JnUA2M7ld+cdmtH5SExTOA4m2nU2g3VkDOtkWnpGRM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nVebu9B/v75k/jlrIkYc7pxFhknBlVopEaSgTWxtd0iv19gU+ihJEs1thh9NwjGKxxpdNfRM0o+f4jEzHtkQl5DcwBubSBQQ7pRisex+VnUXLMFiRy5Hq7P/PBKfQOrcdrUVAztx3EvSVM8OHoSDg3yyoif+4pA2M8VjVepIhmg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=PkV6Kq3v; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="PkV6Kq3v" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 43MEnRRp031035; Mon, 22 Apr 2024 15:07:06 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=CfL7MiiThw2Agk96Q2WmYQnMT87ZKq/BPxVs8GeYDHQ=; b=PkV6Kq3vDONA65I06A84onrC2BA9rTn1GZB0i/zH5P8fmc8CpPQJ70/kQtSVa0o7NYkA CMlLy81cc79fTQ7+VwPT0VxNIlCukfawsDINr4cTYORx3RFKk88ZGVAWCM00zWXH22EM Dky1FD1txBNWuCzRsI79P0o/UMYuzy78ygPdkJRaX/vKbupLee9vDZyHddkHsfZsmSyi C/68nEVbjOpww4+VOtEwXWbbkjQ/CQdK3vt9lOk/9+Yd0RUdfdlkqYwma6fI04eXdvoI 2aDztbR4N5wUayiO7VVFw/jWAoIwvsYX4vSYrcof93u/R+4T5YORlB09zi9NYN2gaArz aA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3xnt0501jk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Apr 2024 15:07:05 +0000 Received: from m0360072.ppops.net (m0360072.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 43MF75L7030765; Mon, 22 Apr 2024 15:07:05 GMT Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3xnt0501jj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Apr 2024 15:07:05 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 43MBmHMw028328; Mon, 22 Apr 2024 15:07:04 GMT Received: from smtprelay06.dal12v.mail.ibm.com ([172.16.1.8]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3xmtr27ve2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Apr 2024 15:07:04 +0000 Received: from smtpav05.wdc07v.mail.ibm.com (smtpav05.wdc07v.mail.ibm.com [10.39.53.232]) by smtprelay06.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 43MF71OD54329610 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 22 Apr 2024 15:07:03 GMT Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5EDB758053; Mon, 22 Apr 2024 15:07:01 +0000 (GMT) Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 85AAE58043; Mon, 22 Apr 2024 15:07:00 +0000 (GMT) Received: from sbct-3.bos2.lab (unknown [9.47.158.153]) by smtpav05.wdc07v.mail.ibm.com (Postfix) with ESMTP; Mon, 22 Apr 2024 15:07:00 +0000 (GMT) From: Stefan Berger To: linux-integrity@vger.kernel.org, linux-unionfs@vger.kernel.org Cc: linux-kernel@vger.kernel.org, zohar@linux.ibm.com, roberto.sassu@huawei.com, amir73il@gmail.com, miklos@szeredi.hu, brauner@kernel.org, Stefan Berger Subject: [RFC PATCH v2 2/2] ima: Fix detection of read/write violations on stacked filesystems Date: Mon, 22 Apr 2024 11:06:51 -0400 Message-ID: <20240422150651.2908169-3-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240422150651.2908169-1-stefanb@linux.ibm.com> References: <20240422150651.2908169-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 2KSdtnbHGMLxs-JxKxr0E51uN_l0aoP0 X-Proofpoint-ORIG-GUID: jf-2JOobOTNWqrxHexaYVu1VCXNPeWLY X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-22_09,2024-04-22_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=547 clxscore=1015 adultscore=0 impostorscore=0 priorityscore=1501 spamscore=0 suspectscore=0 lowpriorityscore=0 mlxscore=0 phishscore=0 bulkscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2404010000 definitions=main-2404220065 On a stacked filesystem, when one process opens the file holding a file's data (e.g., on upper or lower layer on overlayfs) then issue a violation when another process opens the file for reading on the top layer (overlay layer on overlayfs). This then provides similar behavior to the existing case where a violation is generated when one process opens a file for writing and another one opens the same file for reading. Convert the current code so that it can handle the normal case as well as the stacked filesystem case. Therefore, use d_real with parameter D_REAL_FILEDATA to get the next dentry holding the file data. On a normal filesystem this would be the dentry of the file and on a stacked filesystem this could be an upper or lower dentry. Check the dentry's inode for writes and if it has any issue the violation. Otherwise continue onto the next dentry given the current dentry by again calling d_real. On a normal filesystem this would return the same dentry as before and on a stacked filesystem it would return the next-level dentry, so either the upper or lower dentry of the next lower layer. Signed-off-by: Stefan Berger --- security/integrity/ima/ima_main.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index f04f43af651c..7d727c448dc7 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -122,7 +122,9 @@ static void ima_rdwr_violation_check(struct file *file, char *filename) { struct inode *inode = file_inode(file); + struct dentry *fd_dentry, *d; fmode_t mode = file->f_mode; + struct inode *fd_inode; bool send_tomtou = false, send_writers = false; if (mode & FMODE_WRITE) { @@ -134,11 +136,20 @@ static void ima_rdwr_violation_check(struct file *file, &iint->atomic_flags)) send_tomtou = true; } - } else { - if (must_measure) - set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); - if (inode_is_open_for_write(inode) && must_measure) - send_writers = true; + } else if (must_measure) { + set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); + + d = d_real(file_dentry(file), D_REAL_FILEDATA); + do { + fd_dentry = d; + fd_inode = d_inode(fd_dentry); + if (inode_is_open_for_write(fd_inode)) { + send_writers = true; + break; + } + /* next layer of stacked fs */ + d = d_real(fd_dentry, D_REAL_FILEDATA); + } while (d != fd_dentry); } if (!send_tomtou && !send_writers)