mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 14:14:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/fuse
History
Vivek Goyal 3e2b6fdbdc fuse: send security context of inode on file 
When a new inode is created, send its security context to server along with
creation request (FUSE_CREAT, FUSE_MKNOD, FUSE_MKDIR and FUSE_SYMLINK).
This gives server an opportunity to create new file and set security
context (possibly atomically).  In all the configurations it might not be
possible to set context atomically.

Like nfs and ceph, use security_dentry_init_security() to dermine security
context of inode and send it with create, mkdir, mknod, and symlink
requests.

Following is the information sent to server.

fuse_sectx_header, fuse_secctx, xattr_name, security_context

 - struct fuse_secctx_header
   This contains total number of security contexts being sent and total
   size of all the security contexts (including size of
   fuse_secctx_header).

 - struct fuse_secctx
   This contains size of security context which follows this structure.
   There is one fuse_secctx instance per security context.

 - xattr name string
   This string represents name of xattr which should be used while setting
   security context.

 - security context
   This is the actual security context whose size is specified in
   fuse_secctx struct.

Also add the FUSE_SECURITY_CTX flag for the `flags` field of the
fuse_init_out struct.  When this flag is set the kernel will append the
security context for a newly created inode to the request (create, mkdir,
mknod, and symlink).  The server is responsible for ensuring that the inode
appears atomically (preferrably) with the requested security context.

For example, If the server is using SELinux and backed by a "real" linux
file system that supports extended attributes it can write the security
context value to /proc/thread-self/attr/fscreate before making the syscall
to create the inode.

This patch is based on patch from Chirantan Ekbote <chirantan@chromium.org>

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2021-11-25 14:05:18 +01:00
..
acl.c vfs: add rcu argument to ->get_acl() callback 2021-08-18 22:08:24 +02:00
control.c fuse: name fs_context consistently 2021-08-04 13:22:58 +02:00
cuse.c cuse: simplify refcount 2021-04-14 10:40:58 +02:00
dax.c fuse: always invalidate attributes after writes 2021-10-28 09:45:32 +02:00
dev.c fuse: release pipe buf after last use 2021-11-25 14:05:18 +01:00
dir.c fuse: send security context of inode on file 2021-11-25 14:05:18 +01:00
file.c fuse update for 5.16 2021-11-09 10:46:32 -08:00
fuse_i.h fuse: send security context of inode on file 2021-11-25 14:05:18 +01:00
inode.c fuse: send security context of inode on file 2021-11-25 14:05:18 +01:00
ioctl.c fuse: use kmap_local_page() 2021-10-22 17:03:01 +02:00
Kconfig virtiofs: implement dax read/write operations 2020-09-10 11:39:23 +02:00
Makefile fuse: move ioctl to separate source file 2021-04-12 15:04:30 +02:00
readdir.c fuse: only update necessary attributes 2021-10-28 09:45:33 +02:00
virtio_fs.c virtiofs: use strscpy for copying the queue name 2021-11-02 11:08:19 +01:00
xattr.c fuse: move fuse_invalidate_attr() into fuse_update_ctime() 2021-10-22 17:03:01 +02:00