Re: `nd' parameter may be null for security_inode_permission()

From: Seth Arnold (seth.arnold@private)
Date: Thu Oct 27 2005 - 09:24:50 PDT


On Thu, Oct 27, 2005 at 03:08:20PM +0800, Globe Trekker wrote:
> I tried to get `dentry' from `inode' but found it almost impossible(any 
> new idea?). I tried to figure out the situations in which the `nd' 
> parameter for security_inode_permission() hook is NULL but found it too 
> hard to accomplish.

You can find many of the cases where nd is null by using the 'gid'
tool from the id-utils package:

$ gid permission | grep NULL
fs/binfmt_misc.c:153:		if (permission(bprm->file->f_dentry->d_inode, MAY_READ, NULL))
fs/exec.c:890:	    permission(bprm->file->f_dentry->d_inode,MAY_READ, NULL) ||
fs/namei.c:1191:	error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
fs/namei.c:2122:		error = permission(old_dentry->d_inode, MAY_WRITE, NULL);
fs/open.c:561:	error = permission(inode, MAY_EXEC, NULL);
ipc/mqueue.c:636:	if (permission(dentry->d_inode, oflag2acc[oflag & O_ACCMODE], NULL))
drivers/block/floppy.c:3772:	    || permission(filp->f_dentry->d_inode, 2, NULL) == 0)
fs/ext2/xattr_user.c:44:	error = permission(inode, MAY_READ, NULL);
fs/ext2/xattr_user.c:64:	error = permission(inode, MAY_WRITE, NULL);
fs/ext3/xattr_user.c:46:	error = permission(inode, MAY_READ, NULL);
fs/ext3/xattr_user.c:66:	error = permission(inode, MAY_WRITE, NULL);
fs/hpfs/namei.c:418:		    permission(inode, MAY_WRITE, NULL) ||
fs/jfs/xattr.c:810:	return permission(inode, MAY_WRITE, NULL);
fs/jfs/xattr.c:979:	return permission(inode, MAY_READ, NULL);
fs/ncpfs/ioctl.c:37:	if ((permission(inode, MAY_WRITE, NULL) != 0)
fs/ncpfs/ioctl.c:65:	if ((permission(inode, MAY_WRITE, NULL) != 0)
fs/ncpfs/ioctl.c:193:		if ((permission(inode, MAY_WRITE, NULL) != 0)
fs/ncpfs/ioctl.c:257:			if (   (permission(inode, MAY_READ, NULL) != 0)
fs/ncpfs/ioctl.c:271:			if (   (permission(inode, MAY_READ, NULL) != 0)
fs/ncpfs/ioctl.c:346:		if ((permission(inode, MAY_WRITE, NULL) != 0)
fs/ncpfs/ioctl.c:369:		if (   (permission(inode, MAY_READ, NULL) != 0)
fs/ncpfs/ioctl.c:382:			if (   (permission(inode, MAY_WRITE, NULL) != 0)
fs/ncpfs/ioctl.c:403:		if (   (permission(inode, MAY_WRITE, NULL) != 0)
fs/ncpfs/ioctl.c:608:		if ((permission(inode, MAY_WRITE, NULL) != 0) &&
fs/ncpfs/ioctl.c:638:		if ((permission(inode, MAY_READ, NULL) != 0)
fs/nfsd/nfsfh.c:59:		err = permission(parent->d_inode, MAY_EXEC, NULL);
fs/nfsd/vfs.c:1819:	err = permission(inode, acc & (MAY_READ|MAY_WRITE|MAY_EXEC), NULL);
fs/nfsd/vfs.c:1824:		err = permission(inode, MAY_EXEC, NULL);
fs/udf/file.c:189:	if ( permission(inode, MAY_READ, NULL) != 0 )
$ gid exec_permission_lite | grep NULL
$ 

(This won't find any cases where permission or exec_permission_lite is
passed an 'nd' parameter from somewhere else that might be NULL -- but
if you track down all the uses of permission that don't pass NULL for
the final parameter, and iterate this process, you will get all of them.)

You're correct that finding the dentry to use from the inode is
difficult/impossible -- each inode may have several in-core dentries that
validly refer to the file. Is there a way you could attach the xattr to
the inode->i_security earlier on, so that you do not need to rely on
getting the dentry at security_inode_permission() time?





This archive was generated by hypermail 2.1.3 : Thu Oct 27 2005 - 09:25:08 PDT