Hello everyone,
In security/security.c (see here:https://github.com/torvalds/linux/blob/835c92d43b29eb354abdbd5475308a474d7efdfa/security/security.c )
Looking at this:
int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
{
if (unlikely(IS_PRIVATE(inode)))
return 0;
return call_int_hook(inode_listsecurity, 0, inode, buffer, buffer_size);
}
One would expect all stacked security module to be called. However, when looking at this:
#define call_int_hook(FUNC, IRC, ...) ({ \
int RC = IRC; \
do { \
struct security_hook_list *P; \
\
list_for_each_entry(P, &security_hook_heads.FUNC, list) { \
RC = P->hook.FUNC(__VA_ARGS__); \
if (RC != 0) \
break; \
} \
} while (0); \
RC; \
})
If one of the module return a non-zero value, the other are not called. That means that the list of security of xattr is not built (or rather that it only contains the first module being called), as the lenght of inserted element is returned. Similarly for setsecurity and getsecurity, it seems that only one module will be called as if the given module does not support the security xattr, it returns -EOPNOTSUPP (instead I believe the next module being called, until one supporting the attribute is met).
I am aware that LSM stacking is not fully supported yet:
Here fix setsecurity and getsecurity: https://github.com/cschaufler/smack-next/blob/next/security/security.c ; but listsecurity would appear to still not behave as I would expect. However, I may be missing something.
What is the rational here? I could change the code to support multiple security xattr, but don't want to do so before I am sure I understand why it was done like this. Any help is welcome.
Thanks.
Thomas
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies