Commit 215b674b authored by Lokesh Gidra's avatar Lokesh Gidra Committed by Paul Moore
Browse files

security: add inode_init_security_anon() LSM hook 



This change adds a new LSM hook, inode_init_security_anon(), that will
be used while creating secure anonymous inodes. The hook allows/denies
its creation and assigns a security context to the inode.

The new hook accepts an optional context_inode parameter that callers
can use to provide additional contextual information to security modules
for granting/denying permission to create an anon-inode of the same type.
This context_inode's security_context can also be used to initialize the
newly created anon-inode's security_context.

Signed-off-by: default avatarLokesh Gidra <lokeshgidra@google.com>
Reviewed-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 08abe46b

include/linux/lsm_hook_defs.h

+2 −0
Original line number Diff line number Diff line
@@ -113,6 +113,8 @@ LSM_HOOK(void, LSM_RET_VOID, inode_free_security, struct inode *inode) 
LSM_HOOK(int, 0, inode_init_security, struct inode *inode,

	 struct inode *dir, const struct qstr *qstr, const char **name,

	 void **value, size_t *len)

LSM_HOOK(int, 0, inode_init_security_anon, struct inode *inode,

	 const struct qstr *name, const struct inode *context_inode)

LSM_HOOK(int, 0, inode_create, struct inode *dir, struct dentry *dentry,

	 umode_t mode)

LSM_HOOK(int, 0, inode_link, struct dentry *old_dentry, struct inode *dir,

include/linux/lsm_hooks.h

+9 −0
Original line number Diff line number Diff line
@@ -233,6 +233,15 @@ 
 *	Returns 0 if @name and @value have been successfully set,

 *	-EOPNOTSUPP if no security attribute is needed, or

 *	-ENOMEM on memory allocation failure.

 * @inode_init_security_anon:

 *      Set up the incore security field for the new anonymous inode

 *      and return whether the inode creation is permitted by the security

 *      module or not.

 *      @inode contains the inode structure

 *      @name name of the anonymous inode class

 *      @context_inode optional related inode

 *	Returns 0 on success, -EACCES if the security module denies the

 *	creation of this inode, or another -errno upon other errors.

 * @inode_create:

 *	Check permission to create a regular file.

 *	@dir contains inode structure of the parent of the new file.

include/linux/security.h

+10 −0
Original line number Diff line number Diff line
@@ -324,6 +324,9 @@ void security_inode_free(struct inode *inode); 
int security_inode_init_security(struct inode *inode, struct inode *dir,

				 const struct qstr *qstr,

				 initxattrs initxattrs, void *fs_data);

int security_inode_init_security_anon(struct inode *inode,

				      const struct qstr *name,

				      const struct inode *context_inode);

int security_old_inode_init_security(struct inode *inode, struct inode *dir,

				     const struct qstr *qstr, const char **name,

				     void **value, size_t *len);
@@ -738,6 +741,13 @@ static inline int security_inode_init_security(struct inode *inode, 
	return 0;

}



static inline int security_inode_init_security_anon(struct inode *inode,

						    const struct qstr *name,

						    const struct inode *context_inode)

{

	return 0;

}



static inline int security_old_inode_init_security(struct inode *inode,

						   struct inode *dir,

						   const struct qstr *qstr,

security/security.c

+8 −0
Original line number Diff line number Diff line
@@ -1059,6 +1059,14 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, 
}

EXPORT_SYMBOL(security_inode_init_security);



int security_inode_init_security_anon(struct inode *inode,

				      const struct qstr *name,

				      const struct inode *context_inode)

{

	return call_int_hook(inode_init_security_anon, 0, inode, name,

			     context_inode);

}



int security_old_inode_init_security(struct inode *inode, struct inode *dir,

				     const struct qstr *qstr, const char **name,

				     void **value, size_t *len)