On 2/11/20 5:55 PM, Daniel Colascione wrote:
A secure anonymous file is one we hooked up to its own inode (as opposed to the shared inode we use for non-secure anonymous files). A new selinux hook gives security modules a chance to initialize, label, and veto the creation of these secure anonymous files. Security modules had limit ability to interact with non-secure anonymous files due to all of these files sharing a single inode. Signed-off-by: Daniel Colascione <dancol@xxxxxxxxxx>
(please add linux-fsdevel, viro, linux-security-module, jmorris@xxxxxxxxx, serge@xxxxxxxxxx to cc on future versions of this patch since it is a VFS and a LSM change)
--- > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 20d8cf194fb7..ba208ce5711d 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -215,6 +215,10 @@ * Returns 0 if @name and @value have been successfully set, * -EOPNOTSUPP if no security attribute is needed, or * -ENOMEM on memory allocation failure. + * @inode_init_security_anon: + * Set up a secure anonymous inode. + * Returns 0 on success. Returns -EPERM if the security module denies + * the creation of this inode.
Please document the parameters for the hook as well.
