Re: [RFC] [PATCH] Stacking support for inode_init_security

From: Christoph Hellwig (hch@private)
Date: Tue Sep 06 2005 - 04:42:12 PDT


On Fri, Aug 19, 2005 at 03:47:12PM -0500, hallyn@private wrote:
> The following patch changes the (new to -mm) inode_init_security
> function to support multiple LSMs.  It does this by placing the
> three passed arguments (name, value, len) into a structure, and
> passing in a list_head, onto which the structure can be appended.
> The callers (filesystems) call their <fs>_xattr_set functions
> on each returned (name, value, len) set.
> 
> This is useful both for the stacker LSM, and for any two (or more)
> LSMs which might want to cooperate even without stacker.
> 
> I've tested it under a plain selinux-enabled 2.6.13-rc6-mm1 using
> Stephen Smalley's sample exploit originally motivating
> inode_init_security, as well as with a simple 'touch ab; ls -Z ab'.
> 
> I've also tested it with a corresponding stacker patch, with
> selinux stacked with two test LSMs which simply define
> inode_init_security.  Again, this passed the sample exploit, and
> manually inspecting the .security xattrs gave the expected results.

I'm personally against supporting stacking LSMs, but if the relevant
maintainers decided we really want to have them this patch is nessecary
to support it and thus okay.



This archive was generated by hypermail 2.1.3 : Tue Sep 06 2005 - 12:08:37 PDT