[patch] Hook for d_instantiate

From: Stephen D. Smalley (sdsat_private)
Date: Thu Dec 19 2002 - 06:58:40 PST

  • Next message: David Wheeler: "Re: OWLSM - please update! Also, here are tweaks to stack it."

    The attached patch adds a hook for d_instantiate to the lsm-2.5 tree.  I also 
    have a patch for the 2.4 tree, but it is essentially the same other than the 
    extra diff in 2.5 for d_splice_alias.
    
    The purpose of this hook is to provide security modules with a reliable means of 
    initializing the inode security structures before the inode becomes accessible 
    through the dcache.  The existing inode_post_lookup hook is inadequate in 
    several ways:
    1) It is subject to races since the inode is already accessible through the 
    dcache before it is called,
    2) It doesn't handle filesystems that directly populate the dcache,
    3) It isn't always called in the desired context, e.g. for pipe, shm, and devpts 
    inodes, we want to perform this initialization in the context of the allocating 
    process after the inode's other state such as mode and uid have been set.
    
    Note that the d_instantiate hook call is performed before attaching the inode 
    and before taking the dcache lock.  
    
    A few caveats when implementing this hook:
    a) The 'inode' can be NULL.  Most (all?) modules will simply return immediately 
    in that case.  We could optionally only call the hook for non-NULL inodes.
    b) The inode is not attached yet when this hook is called.  Don't try to use 
    dentry->d_inode.  That's the point. You get to fill in the inode security
    state before it gets attached.
    
    --
    Stephen Smalley, NSA
    sdsat_private
    
    
    Index: lsm-2.5/fs/dcache.c
    ===================================================================
    RCS file: /home/pal/CVS/lsm-2.5/fs/dcache.c,v
    retrieving revision 1.1.1.18
    diff -u -r1.1.1.18 dcache.c
    --- lsm-2.5/fs/dcache.c	25 Nov 2002 13:30:33 -0000	1.1.1.18
    +++ lsm-2.5/fs/dcache.c	19 Dec 2002 13:32:06 -0000
    @@ -25,6 +25,7 @@
     #include <linux/module.h>
     #include <linux/mount.h>
     #include <asm/uaccess.h>
    +#include <linux/security.h>
     
     #define DCACHE_PARANOIA 1
     /* #define DCACHE_DEBUG 1 */
    @@ -699,6 +700,7 @@
     void d_instantiate(struct dentry *entry, struct inode * inode)
     {
     	if (!list_empty(&entry->d_alias)) BUG();
    +	security_d_instantiate(entry, inode);
     	spin_lock(&dcache_lock);
     	if (inode)
     		list_add(&entry->d_alias, &inode->i_dentry);
    @@ -825,6 +827,7 @@
     	struct dentry *new = NULL;
     
     	if (inode && S_ISDIR(inode->i_mode)) {
    +		security_d_instantiate(dentry, inode);
     		spin_lock(&dcache_lock);
     		if (!list_empty(&inode->i_dentry)) {
     			new = list_entry(inode->i_dentry.next, struct dentry, d_alias);
    Index: lsm-2.5/include/linux/security.h
    ===================================================================
    RCS file: /home/pal/CVS/lsm-2.5/include/linux/security.h,v
    retrieving revision 1.30
    diff -u -r1.30 security.h
    --- lsm-2.5/include/linux/security.h	4 Dec 2002 21:58:27 -0000	1.30
    +++ lsm-2.5/include/linux/security.h	18 Dec 2002 15:23:42 -0000
    @@ -1375,6 +1375,8 @@
     	                          struct security_operations *ops);
     	int (*unregister_security) (const char *name,
     	                            struct security_operations *ops);
    +
    +	void (*d_instantiate) (struct dentry * dentry, struct inode * inode);
     };
     
     /* global variables */
    @@ -2244,6 +2247,10 @@
     	return security_ops->sem_semctl(sma, cmd);
     }
     
    +static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode)
    +{
    +	security_ops->d_instantiate (dentry, inode);
    +}
     
     /* prototypes */
     extern int security_scaffolding_startup	(void);
    @@ -3066,6 +3073,9 @@
     {
     	return 0;
     }
    +
    +static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode)
    +{ }
     
     #endif	/* CONFIG_SECURITY */
     
    Index: lsm-2.5/security/dummy.c
    ===================================================================
    RCS file: /home/pal/CVS/lsm-2.5/security/dummy.c,v
    retrieving revision 1.30
    diff -u -r1.30 dummy.c
    --- lsm-2.5/security/dummy.c	13 Dec 2002 20:26:34 -0000	1.30
    +++ lsm-2.5/security/dummy.c	18 Dec 2002 15:23:42 -0000
    @@ -873,6 +873,12 @@
     	return -EINVAL;
     }
     
    +static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode)
    +{
    +	return;
    +}
    +
    +
     struct security_operations dummy_security_ops;
     
     #define set_to_dummy_if_null(ops, function)				\
    @@ -1039,5 +1045,6 @@
     	set_to_dummy_if_null(ops, skb_set_owner_w);
     	set_to_dummy_if_null(ops, skb_recv_datagram);
     	set_to_dummy_if_null(ops, skb_free_security);
    +	set_to_dummy_if_null(ops, d_instantiate);
     }
     
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:31:55 PST