On Thu, 2023-10-12 at 07:43 -0400, Mimi Zohar wrote: > On Thu, 2023-10-12 at 09:42 +0200, Roberto Sassu wrote: > > On Wed, 2023-10-11 at 20:08 -0400, Mimi Zohar wrote: > > > gOn Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote: > > > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > > > > > In preparation for moving IMA and EVM to the LSM infrastructure, introduce > > > > the inode_post_setattr hook. > > > > > > > > It is useful for EVM to recalculate the HMAC on modified file attributes > > > > and other file metadata, after it verified the HMAC of current file > > > > metadata with the inode_setattr hook. > > > > > > "useful"? > > > > > > At inode_setattr hook, EVM verifies the file's existing HMAC value. At > > > inode_post_setattr, EVM re-calculates the file's HMAC based on the > > > modified file attributes and other file metadata. > > > > > > > > > > > LSMs should use the new hook instead of inode_setattr, when they need to > > > > know that the operation was done successfully (not known in inode_setattr). > > > > The new hook cannot return an error and cannot cause the operation to be > > > > reverted. > > > > > > Other LSMs could similarly update security xattrs or ... > > > > I added your sentence. The one above is to satisfy Casey's request to > > justify the addition of the new hook, and to explain why inode_setattr > > is not sufficient. > > I was suggesting simplifying the wording. Perhaps something like: > > Other LSMs could similarly take some action after successful file attri > bute change. Ok, will use that. Thanks Roberto
