Commit 16685211 authored by Andrew Morton's avatar Andrew Morton Committed by Linus Torvalds

[PATCH] ext2 xattr handler for security modules

From: Stephen Smalley <sds@epoch.ncsc.mil>

This patch against 2.5.68 implements an xattr handler for ext2 to support the
use of extended attributes by security modules for storing file security
labels.  As per the earlier discussion of extended attributes for security
modules, this handler uses a "security." prefix and allows for per-module
attribute names.  Security checking on userspace access to these attributes
can be performed by the security module using the LSM hooks in fs/xattr.c,
and the security module is free to internally use the inode operations
without restriction for managing its security labels.  Unlike the trusted
namespace, these labels are used internally for access control purposes by
the security module, and controls over userspace access to them require finer
granularity than capable() supports.
parent c5013b3f
...@@ -73,6 +73,18 @@ config EXT2_FS_POSIX_ACL ...@@ -73,6 +73,18 @@ config EXT2_FS_POSIX_ACL
If you don't know what Access Control Lists are, say N If you don't know what Access Control Lists are, say N
config EXT2_FS_SECURITY
bool "Ext2 Security Labels"
depends on EXT2_FS_XATTR
help
Security labels support alternative access control models
implemented by security modules like SELinux. This option
enables an extended attribute handler for file security
labels in the ext2 filesystem.
If you are not using a security module that requires using
extended attributes for file security labels, say N.
config EXT3_FS config EXT3_FS
tristate "Ext3 journalling file system support" tristate "Ext3 journalling file system support"
help help
......
...@@ -14,3 +14,7 @@ endif ...@@ -14,3 +14,7 @@ endif
ifeq ($(CONFIG_EXT2_FS_POSIX_ACL),y) ifeq ($(CONFIG_EXT2_FS_POSIX_ACL),y)
ext2-objs += acl.o ext2-objs += acl.o
endif endif
ifeq ($(CONFIG_EXT2_FS_SECURITY),y)
ext2-objs += xattr_security.o
endif
...@@ -1102,22 +1102,33 @@ init_ext2_xattr(void) ...@@ -1102,22 +1102,33 @@ init_ext2_xattr(void)
&ext2_xattr_trusted_handler); &ext2_xattr_trusted_handler);
if (err) if (err)
goto out; goto out;
#ifdef CONFIG_EXT2_FS_SECURITY
err = ext2_xattr_register(EXT2_XATTR_INDEX_SECURITY,
&ext2_xattr_security_handler);
if (err)
goto out1;
#endif
#ifdef CONFIG_EXT2_FS_POSIX_ACL #ifdef CONFIG_EXT2_FS_POSIX_ACL
err = init_ext2_acl(); err = init_ext2_acl();
if (err) if (err)
goto out1; goto out2;
#endif #endif
ext2_xattr_cache = mb_cache_create("ext2_xattr", NULL, ext2_xattr_cache = mb_cache_create("ext2_xattr", NULL,
sizeof(struct mb_cache_entry) + sizeof(struct mb_cache_entry) +
sizeof(struct mb_cache_entry_index), 1, 6); sizeof(struct mb_cache_entry_index), 1, 6);
if (!ext2_xattr_cache) { if (!ext2_xattr_cache) {
err = -ENOMEM; err = -ENOMEM;
goto out2; goto out3;
} }
return 0; return 0;
out2: out3:
#ifdef CONFIG_EXT2_FS_POSIX_ACL #ifdef CONFIG_EXT2_FS_POSIX_ACL
exit_ext2_acl(); exit_ext2_acl();
out2:
#endif
#ifdef CONFIG_EXT2_FS_SECURITY
ext2_xattr_unregister(EXT2_XATTR_INDEX_SECURITY,
&ext2_xattr_security_handler);
out1: out1:
#endif #endif
ext2_xattr_unregister(EXT2_XATTR_INDEX_TRUSTED, ext2_xattr_unregister(EXT2_XATTR_INDEX_TRUSTED,
...@@ -1134,6 +1145,10 @@ exit_ext2_xattr(void) ...@@ -1134,6 +1145,10 @@ exit_ext2_xattr(void)
mb_cache_destroy(ext2_xattr_cache); mb_cache_destroy(ext2_xattr_cache);
#ifdef CONFIG_EXT2_FS_POSIX_ACL #ifdef CONFIG_EXT2_FS_POSIX_ACL
exit_ext2_acl(); exit_ext2_acl();
#endif
#ifdef CONFIG_EXT2_FS_SECURITY
ext2_xattr_unregister(EXT2_XATTR_INDEX_SECURITY,
&ext2_xattr_security_handler);
#endif #endif
ext2_xattr_unregister(EXT2_XATTR_INDEX_TRUSTED, ext2_xattr_unregister(EXT2_XATTR_INDEX_TRUSTED,
&ext2_xattr_trusted_handler); &ext2_xattr_trusted_handler);
......
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
#define EXT2_XATTR_INDEX_POSIX_ACL_ACCESS 2 #define EXT2_XATTR_INDEX_POSIX_ACL_ACCESS 2
#define EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT 3 #define EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT 3
#define EXT2_XATTR_INDEX_TRUSTED 4 #define EXT2_XATTR_INDEX_TRUSTED 4
#define EXT2_XATTR_INDEX_SECURITY 6
struct ext2_xattr_header { struct ext2_xattr_header {
__u32 h_magic; /* magic number for identification */ __u32 h_magic; /* magic number for identification */
...@@ -134,4 +135,5 @@ exit_ext2_xattr(void) ...@@ -134,4 +135,5 @@ exit_ext2_xattr(void)
extern struct ext2_xattr_handler ext2_xattr_user_handler; extern struct ext2_xattr_handler ext2_xattr_user_handler;
extern struct ext2_xattr_handler ext2_xattr_trusted_handler; extern struct ext2_xattr_handler ext2_xattr_trusted_handler;
extern struct ext2_xattr_handler ext2_xattr_security_handler;
/*
* linux/fs/ext2/xattr_security.c
* Handler for storing security labels as extended attributes.
*/
#include <linux/module.h>
#include <linux/string.h>
#include <linux/fs.h>
#include <linux/smp_lock.h>
#include <linux/ext2_fs.h>
#include "xattr.h"
#define XATTR_SECURITY_PREFIX "security."
static size_t
ext2_xattr_security_list(char *list, struct inode *inode,
const char *name, int name_len)
{
const int prefix_len = sizeof(XATTR_SECURITY_PREFIX)-1;
if (list) {
memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);
memcpy(list+prefix_len, name, name_len);
list[prefix_len + name_len] = '\0';
}
return prefix_len + name_len + 1;
}
static int
ext2_xattr_security_get(struct inode *inode, const char *name,
void *buffer, size_t size)
{
if (strcmp(name, "") == 0)
return -EINVAL;
return ext2_xattr_get(inode, EXT2_XATTR_INDEX_SECURITY, name,
buffer, size);
}
static int
ext2_xattr_security_set(struct inode *inode, const char *name,
const void *value, size_t size, int flags)
{
if (strcmp(name, "") == 0)
return -EINVAL;
return ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY, name,
value, size, flags);
}
struct ext2_xattr_handler ext2_xattr_security_handler = {
.prefix = XATTR_SECURITY_PREFIX,
.list = ext2_xattr_security_list,
.get = ext2_xattr_security_get,
.set = ext2_xattr_security_set,
};
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment