Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: Andrey Albershteyn <aalbersh@xxxxxxxxxx>, Mickaël Salaün <mic@xxxxxxxxxxx>

Subject: Re: [PATCH v3] fs: introduce getfsxattrat and setfsxattrat syscalls

From: Paul Moore <paul@xxxxxxxxxxxxxx>

Date: Fri, 21 Feb 2025 19:33:59 -0500

Cc: Richard Henderson <richard.henderson@xxxxxxxxxx>, Matt Turner <mattst88@xxxxxxxxx>, Russell King <linux@xxxxxxxxxxxxxxx>, Catalin Marinas <catalin.marinas@xxxxxxx>, Will Deacon <will@xxxxxxxxxx>, Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>, Michal Simek <monstr@xxxxxxxxx>, Thomas Bogendoerfer <tsbogend@xxxxxxxxxxxxxxxx>, "James E.J. Bottomley" <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, Helge Deller <deller@xxxxxx>, Madhavan Srinivasan <maddy@xxxxxxxxxxxxx>, Michael Ellerman <mpe@xxxxxxxxxxxxxx>, Nicholas Piggin <npiggin@xxxxxxxxx>, Christophe Leroy <christophe.leroy@xxxxxxxxxx>, Naveen N Rao <naveen@xxxxxxxxxx>, Heiko Carstens <hca@xxxxxxxxxxxxx>, Vasily Gorbik <gor@xxxxxxxxxxxxx>, Alexander Gordeev <agordeev@xxxxxxxxxxxxx>, Christian Borntraeger <borntraeger@xxxxxxxxxxxxx>, Sven Schnelle <svens@xxxxxxxxxxxxx>, Yoshinori Sato <ysato@xxxxxxxxxxxxx>, Rich Felker <dalias@xxxxxxxx>, John Paul Adrian Glaubitz <glaubitz@xxxxxxxxxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, Andreas Larsson <andreas@xxxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, x86@xxxxxxxxxx, "H. Peter Anvin" <hpa@xxxxxxxxx>, Chris Zankel <chris@xxxxxxxxxx>, Max Filippov <jcmvbkbc@xxxxxxxxx>, Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>, Christian Brauner <brauner@xxxxxxxxxx>, Jan Kara <jack@xxxxxxx>, Günther Noack <gnoack@xxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, linux-alpha@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, linux-m68k@xxxxxxxxxxxxxxx, linux-mips@xxxxxxxxxxxxxxx, linux-parisc@xxxxxxxxxxxxxxx, linuxppc-dev@xxxxxxxxxxxxxxxx, linux-s390@xxxxxxxxxxxxxxx, linux-sh@xxxxxxxxxxxxxxx, sparclinux@xxxxxxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, linux-arch@xxxxxxxxxxxxxxx, linux-xfs@xxxxxxxxxxxxxxx

In-reply-to: <20250221.ahB8jei2Chie@digikod.net>

References: <20250211-xattrat-syscall-v3-1-a07d15f898b2@kernel.org> <20250221.ahB8jei2Chie@digikod.net>

On Fri, Feb 21, 2025 at 10:08 AM Mickaël Salaün <mic@xxxxxxxxxxx> wrote:
>
> It looks security checks are missing.  With IOCTL commands, file
> permissions are checked at open time, but with these syscalls the path
> is only resolved but no specific access seems to be checked (except
> inode_owner_or_capable via vfs_fileattr_set).

Thanks for reviewing the patch and catching this Mickaël.  I agree
with the hooks identified and their placement; it should be fairly
straightforward with only a few lines added in each case.

-- 
paul-moore.com