From patchwork Fri Feb 19 22:22:31 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Olga Kornievskaia X-Patchwork-Id: 12096295 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 399FCC433DB for ; Fri, 19 Feb 2021 22:23:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1647D64E12 for ; Fri, 19 Feb 2021 22:23:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229752AbhBSWXQ (ORCPT ); Fri, 19 Feb 2021 17:23:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59814 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229700AbhBSWXN (ORCPT ); Fri, 19 Feb 2021 17:23:13 -0500 Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90497C061786; Fri, 19 Feb 2021 14:22:32 -0800 (PST) Received: by mail-il1-x12d.google.com with SMTP id w1so5775738ilm.12; Fri, 19 Feb 2021 14:22:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=q0+YHrjRMXzvo9iLbY6PGIPzvcsrQEDleY/dlymWrS4=; b=YFWc4yC60tG/hB7FPxDFuvX84iAywEhzR/Cj9+l6fqpTyGPa0769VBStMccU3Ex4PU t+LdxTgDJn2fjvQhx/jBj7kGJ3hBomlE5ReDTA66duaTttUdHL/Ocs7RkAPTXfD9qjoJ jm7AwcvD0ETNzITFS+F2FfxMwidF4y6/lW2NorzqnmvSU/SAc7k0hvNg72LoES5/lTFN H85V16B/3XegfPQaO5YTeEf2mdBle/tgKAcubaKx1+WG07gXpJWvKTx+k3xOKNqWnvlp lhjcJBuOe97vwdVrLBRG0DT4Nfq09q95MgaJKZydahG1ypa/kyrvg1N4j/RaoDh1ysoL 6VRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=q0+YHrjRMXzvo9iLbY6PGIPzvcsrQEDleY/dlymWrS4=; b=nn1eM3NWXg4KNFju8cNSDZTIML6bbo62fclnOuj3oVDIWeuTRA6QPVXp+C4DwnKFay vjUDBclS9yBW3ap37d/EFueXRV+LLckTmvyfKgEoea32o4LmDEuD/Mmh/PD472vh6eCh YDWf6S+XWu5we2opgHtcBaSfhY5CdsHKuOQJpuO97khk7e+vknTPDYddhF3m8WxENYnq WNOKduUBVnkuP0alGpvPCryq6v7gaEc7gA2VRimKmKh9JVS2Bt7UKxUT2n6jxsA8jM7P JKFvPF1XOSNp6h/yXgc6KdDn0OUAOcPkowwtzUd8GpycmMOAKhET5dIJOltCwhvhTesX BIBg== X-Gm-Message-State: AOAM533KO6u2YcRlLLQVf3dsgb2IRYyRHSQFP4QO4mbb06yV+0OBM8GB 7uvh73DRNvsftb43ylC2xw4yGMQFHFSGfTo6 X-Google-Smtp-Source: ABdhPJwId1DPpjv7tYcWyMbbf9TN1n80isb3/NYN57vpJ46+HQBbP8UGFMU4hLvgY32ddCNZfeTcZA== X-Received: by 2002:a05:6e02:16ca:: with SMTP id 10mr5887294ilx.28.1613773351935; Fri, 19 Feb 2021 14:22:31 -0800 (PST) Received: from Olgas-MBP-470.attlocal.net (172-10-226-31.lightspeed.livnmi.sbcglobal.net. [172.10.226.31]) by smtp.gmail.com with ESMTPSA id b19sm8456290ioj.50.2021.02.19.14.22.30 (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 19 Feb 2021 14:22:31 -0800 (PST) From: Olga Kornievskaia To: trond.myklebust@hammerspace.com, anna.schumaker@netapp.com Cc: linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Subject: [PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount Date: Fri, 19 Feb 2021 17:22:31 -0500 Message-Id: <20210219222233.20748-1-olga.kornievskaia@gmail.com> X-Mailer: git-send-email 2.10.1 (Apple Git-78) Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Olga Kornievskaia Add a new hook that takes an existing super block and a new mount with new options and determines if new options confict with an existing mount or not. A filesystem can use this new hook to determine if it can share the an existing superblock with a new superblock for the new mount. Signed-off-by: Olga Kornievskaia --- include/linux/lsm_hook_defs.h | 1 + include/linux/lsm_hooks.h | 6 ++++ include/linux/security.h | 8 +++++ security/security.c | 7 +++++ security/selinux/hooks.c | 56 +++++++++++++++++++++++++++++++++++ 5 files changed, 78 insertions(+) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 7aaa753b8608..1b12a5266a51 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -62,6 +62,7 @@ LSM_HOOK(int, 0, sb_alloc_security, struct super_block *sb) LSM_HOOK(void, LSM_RET_VOID, sb_free_security, struct super_block *sb) LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts) LSM_HOOK(int, 0, sb_eat_lsm_opts, char *orig, void **mnt_opts) +LSM_HOOK(int, 0, sb_mnt_opts_compat, struct super_block *sb, void *mnt_opts) LSM_HOOK(int, 0, sb_remount, struct super_block *sb, void *mnt_opts) LSM_HOOK(int, 0, sb_kern_mount, struct super_block *sb) LSM_HOOK(int, 0, sb_show_options, struct seq_file *m, struct super_block *sb) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index a19adef1f088..d76aaecfdf0f 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -142,6 +142,12 @@ * @orig the original mount data copied from userspace. * @copy copied data which will be passed to the security module. * Returns 0 if the copy was successful. + * @sb_mnt_opts_compat: + * Determine if the existing mount options are compatible with the new + * mount options being used. + * @sb superblock being compared + * @mnt_opts new mount options + * Return 0 if options are compatible. * @sb_remount: * Extracts security system specific mount options and verifies no changes * are being made to those options. diff --git a/include/linux/security.h b/include/linux/security.h index c35ea0ffccd9..50db3d5d1608 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -291,6 +291,7 @@ int security_sb_alloc(struct super_block *sb); void security_sb_free(struct super_block *sb); void security_free_mnt_opts(void **mnt_opts); int security_sb_eat_lsm_opts(char *options, void **mnt_opts); +int security_sb_mnt_opts_compat(struct super_block *sb, void *mnt_opts); int security_sb_remount(struct super_block *sb, void *mnt_opts); int security_sb_kern_mount(struct super_block *sb); int security_sb_show_options(struct seq_file *m, struct super_block *sb); @@ -635,6 +636,13 @@ static inline int security_sb_remount(struct super_block *sb, return 0; } +static inline int security_sb_mnt_opts_compat(struct super_block *sb, + void *mnt_opts) +{ + return 0; +} + + static inline int security_sb_kern_mount(struct super_block *sb) { return 0; diff --git a/security/security.c b/security/security.c index 7b09cfbae94f..56cf5563efde 100644 --- a/security/security.c +++ b/security/security.c @@ -890,6 +890,13 @@ int security_sb_eat_lsm_opts(char *options, void **mnt_opts) } EXPORT_SYMBOL(security_sb_eat_lsm_opts); +int security_sb_mnt_opts_compat(struct super_block *sb, + void *mnt_opts) +{ + return call_int_hook(sb_mnt_opts_compat, 0, sb, mnt_opts); +} +EXPORT_SYMBOL(security_sb_mnt_opts_compat); + int security_sb_remount(struct super_block *sb, void *mnt_opts) { diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 644b17ec9e63..afee3a222a0e 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2656,6 +2656,61 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) return rc; } +static int selinux_sb_mnt_opts_compat(struct super_block *sb, void *mnt_opts) +{ + struct selinux_mnt_opts *opts = mnt_opts; + struct superblock_security_struct *sbsec = sb->s_security; + u32 sid; + int rc; + + /* + * Superblock not initialized (i.e. no options) - reject if any + * options specified, otherwise accept. + */ + if (!(sbsec->flags & SE_SBINITIALIZED)) + return opts ? 1 : 0; + + /* + * Superblock initialized and no options specified - reject if + * superblock has any options set, otherwise accept. + */ + if (!opts) + return (sbsec->flags & SE_MNTMASK) ? 1 : 0; + + if (opts->fscontext) { + rc = parse_sid(sb, opts->fscontext, &sid); + if (rc) + return 1; + if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, sid)) + return 1; + } + if (opts->context) { + rc = parse_sid(sb, opts->context, &sid); + if (rc) + return 1; + if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, sid)) + return 1; + } + if (opts->rootcontext) { + struct inode_security_struct *root_isec; + + root_isec = backing_inode_security(sb->s_root); + rc = parse_sid(sb, opts->rootcontext, &sid); + if (rc) + return 1; + if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid)) + return 1; + } + if (opts->defcontext) { + rc = parse_sid(sb, opts->defcontext, &sid); + if (rc) + return 1; + if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, sid)) + return 1; + } + return 0; +} + static int selinux_sb_remount(struct super_block *sb, void *mnt_opts) { struct selinux_mnt_opts *opts = mnt_opts; @@ -6984,6 +7039,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), LSM_HOOK_INIT(sb_free_mnt_opts, selinux_free_mnt_opts), + LSM_HOOK_INIT(sb_mnt_opts_compat, selinux_sb_mnt_opts_compat), LSM_HOOK_INIT(sb_remount, selinux_sb_remount), LSM_HOOK_INIT(sb_kern_mount, selinux_sb_kern_mount), LSM_HOOK_INIT(sb_show_options, selinux_sb_show_options), From patchwork Fri Feb 19 22:22:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Olga Kornievskaia X-Patchwork-Id: 12096293 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3951FC433E0 for ; Fri, 19 Feb 2021 22:23:18 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E7AFA60C3E for ; Fri, 19 Feb 2021 22:23:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229722AbhBSWXQ (ORCPT ); Fri, 19 Feb 2021 17:23:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59816 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229689AbhBSWXN (ORCPT ); Fri, 19 Feb 2021 17:23:13 -0500 Received: from mail-il1-x12e.google.com (mail-il1-x12e.google.com [IPv6:2607:f8b0:4864:20::12e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5B573C06178A; Fri, 19 Feb 2021 14:22:33 -0800 (PST) Received: by mail-il1-x12e.google.com with SMTP id e2so5814372ilu.0; Fri, 19 Feb 2021 14:22:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tUiXt38vszTo/8I4Tq05S3DKXWtyC93gf//69MCl9bI=; b=WmUBk1i1WxpKzqh/WrjSTcH2JYceqpG2GkbZmLLj5LnN4S+lj2KbHF4iWF2zpDBG/m x4VE+XrmKOO/OMzP3QS7T+lizbjJCJ2w6D2zx0V21YrjHlMMfHX0nNQr+arBgUSLg3B1 lWbpALH3uD2JAAqRYfv1HTQDAuAfrl/4+0rqfByael5ypUdwaDmTbco2W1Wztn2Bapr7 FHbdDo4xeYIJiHNFdB0rLnagg3FziBNQaiiRX4K2yu2sgBh8x6Uepi88mrsOf1VyQTUf XjDPZyYPmjPep0z8DAMkX0gnjt3pAyrUbhu+8fDh/UgaDJ4c2AMB/6EBWKYiypL7I/1i 8XqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tUiXt38vszTo/8I4Tq05S3DKXWtyC93gf//69MCl9bI=; b=SlqnnaOeui7lIZNLIRonrHwLsDEn/Oss2w0A1VfR3AZ7LKbu4CFmz1XeabtdXI4kBg wWqGBxKKKvV0fl4iaIJYbAipiecgcpbVAsAktNrLKEBfhsMpYp89x/Gq/8DsVzmUI9nb iCw6TWKZn/ttRYXA5359exYqfoDz8/x+AhHtR+hsBxNECpU1Rc+XJazg6xrHDPylLeDK 0YWVNVCIoKmm1k4U1tEHqUNw5y3XDgAu15ogVCMhHXS8nJ0byWj4NImJG0SYC7yx7xuf +eA7Rt1sEPUn6TgIknZBT+n56w++NYgon78fHbRV//2J3BNGTd5UuwlGYP9k/KemeiQ9 g7Vg== X-Gm-Message-State: AOAM533NGSDxGmGwOcjIH0VvkfYUR4zSmAzEI6u0wvK+VJBFYNr07KEZ mX3khNhcdmwmVupEQrDBTnbOj6OJW4lPxPjD X-Google-Smtp-Source: ABdhPJxTF2eOPiEl6F/rr9pQp0bg1FYrCXk7F6h87MBYJtpsmB9Y7beiMatGH4ghXMNRjFP5Ar7plw== X-Received: by 2002:a92:cd8a:: with SMTP id r10mr5614069ilb.110.1613773352889; Fri, 19 Feb 2021 14:22:32 -0800 (PST) Received: from Olgas-MBP-470.attlocal.net (172-10-226-31.lightspeed.livnmi.sbcglobal.net. [172.10.226.31]) by smtp.gmail.com with ESMTPSA id b19sm8456290ioj.50.2021.02.19.14.22.32 (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 19 Feb 2021 14:22:32 -0800 (PST) From: Olga Kornievskaia To: trond.myklebust@hammerspace.com, anna.schumaker@netapp.com Cc: linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Subject: [PATCH v3 2/3] [NFS] cleanup: remove unneeded null check in nfs_fill_super() Date: Fri, 19 Feb 2021 17:22:32 -0500 Message-Id: <20210219222233.20748-2-olga.kornievskaia@gmail.com> X-Mailer: git-send-email 2.10.1 (Apple Git-78) In-Reply-To: <20210219222233.20748-1-olga.kornievskaia@gmail.com> References: <20210219222233.20748-1-olga.kornievskaia@gmail.com> Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Olga Kornievskaia In nfs_fill_super() passed in nfs_fs_context can never be NULL. Signed-off-by: Olga Kornievskaia --- fs/nfs/super.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 4034102010f0..59d846d7830f 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c @@ -1026,7 +1026,7 @@ static void nfs_fill_super(struct super_block *sb, struct nfs_fs_context *ctx) sb->s_blocksize = 0; sb->s_xattr = server->nfs_client->cl_nfs_mod->xattr; sb->s_op = server->nfs_client->cl_nfs_mod->sops; - if (ctx && ctx->bsize) + if (ctx->bsize) sb->s_blocksize = nfs_block_size(ctx->bsize, &sb->s_blocksize_bits); if (server->nfs_client->rpc_ops->version != 2) { From patchwork Fri Feb 19 22:22:33 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Olga Kornievskaia X-Patchwork-Id: 12096297 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66D38C433E9 for ; Fri, 19 Feb 2021 22:23:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2ED7F60C3E for ; Fri, 19 Feb 2021 22:23:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229755AbhBSWXR (ORCPT ); Fri, 19 Feb 2021 17:23:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59832 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229743AbhBSWXQ (ORCPT ); Fri, 19 Feb 2021 17:23:16 -0500 Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E77AC06178B; Fri, 19 Feb 2021 14:22:36 -0800 (PST) Received: by mail-io1-xd2c.google.com with SMTP id s17so7282657ioj.4; Fri, 19 Feb 2021 14:22:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=zX2Qmwu8qadQXiZiv5e82jYCoB+V6+SDLIEhvNoOKew=; b=f2kPdW4wVFVXe8ITiZWRfQkuGs6WVStOEV29jJ0Iwh+vOxcOQGPJuj1fa1/LcKwYGH a9H4+cmkQELfYW/iGoVdlN+ieUUiwlBdtW6/JYjZhj+Bk6SynpXFf3yFhxIN4hkF+Qui tunlfg+qJx20rCn4QA7EkmU0DC5pNXK1JsHxDJ+pQbuxP0747zvuDX3OISfhshYwBv5F zFCtixcRFsNKGektj338ApyCs+bjb1zclcv392/7hBbfa9QKfdNETZdWkHpXwMNcx/85 aH67f6xaDbTM02KLsi9vF7qtuXSVbznd8CNmi7b4nB+PGQ37mfieMa11t7owEq7xYDeo brrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=zX2Qmwu8qadQXiZiv5e82jYCoB+V6+SDLIEhvNoOKew=; b=EzUqeSjkeTeEvi3AO1pjDoBtp30tVsI0zYqFS3W4fjGwv0U0cPiAOMFvPPyddXgWrn 5ADU7yZKg21SaMXVfSvt0IL320yg5Ly9fz/wLBWnk6qq/DLqtMyAlsVp4n57TVIBs0TF 9xET44bMXoid86grHDemoc5sWw9QHebryRe8JTKIQUXUrheWXs+NkQzFGLvkpreF2yP0 5n5ifeQT3DeF7d//c+3LoPGDKSB/xIan2TH52QIzRn75z8DvtJ25ykH4jZS1gi33ziUj QT5N4jgOI9X1Wv4vEIXwbXtqNDKM8t+5vfpDHDyBVo8voOqfHOaxEt+j8HXAbOeRmlYh 4ydA== X-Gm-Message-State: AOAM530r1uAX9G1z3cP9OFkLj/l27H70EQ3vxBuqKbXC5gYkUOmcBZw5 +QJTRF3bRwMNTVXNHzmYEN0= X-Google-Smtp-Source: ABdhPJyEY2sIsHPvrUl/lRyk5cAOlfHbdG0DpVyvtg9OMXuusibH81o+dnKWOE2FklzWLqJms3KO9g== X-Received: by 2002:a5d:8617:: with SMTP id f23mr5941693iol.90.1613773354031; Fri, 19 Feb 2021 14:22:34 -0800 (PST) Received: from Olgas-MBP-470.attlocal.net (172-10-226-31.lightspeed.livnmi.sbcglobal.net. [172.10.226.31]) by smtp.gmail.com with ESMTPSA id b19sm8456290ioj.50.2021.02.19.14.22.32 (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 19 Feb 2021 14:22:33 -0800 (PST) From: Olga Kornievskaia To: trond.myklebust@hammerspace.com, anna.schumaker@netapp.com Cc: linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Subject: [PATCH v3 3/3] NFSv4 account for selinux security context when deciding to share superblock Date: Fri, 19 Feb 2021 17:22:33 -0500 Message-Id: <20210219222233.20748-3-olga.kornievskaia@gmail.com> X-Mailer: git-send-email 2.10.1 (Apple Git-78) In-Reply-To: <20210219222233.20748-1-olga.kornievskaia@gmail.com> References: <20210219222233.20748-1-olga.kornievskaia@gmail.com> Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Olga Kornievskaia Keep track of whether or not there were LSM security context options passed during mount (ie creation of the superblock). Then, while deciding if the superblock can be shared for the new mount, check if the newly passed in LSM security context options are compatible with the existing superblock's ones by calling security_sb_mnt_opts_compat(). Previously, with selinux enabled, NFS wasn't able to do the following 2mounts: mount -o vers=4.2,sec=sys,context=system_u:object_r:root_t:s0 :/ /mnt mount -o vers=4.2,sec=sys,context=system_u:object_r:swapfile_t:s0 :/scratch /scratch 2nd mount would fail with "mount.nfs: an incorrect mount option was specified" and var log messages would have: "SElinux: mount invalid. Same superblock, different security settings for.." Signed-off-by: Olga Kornievskaia --- fs/nfs/fs_context.c | 3 +++ fs/nfs/internal.h | 1 + fs/nfs/super.c | 4 ++++ include/linux/nfs_fs_sb.h | 1 + 4 files changed, 9 insertions(+) diff --git a/fs/nfs/fs_context.c b/fs/nfs/fs_context.c index 06894bcdea2d..8067f055d842 100644 --- a/fs/nfs/fs_context.c +++ b/fs/nfs/fs_context.c @@ -448,6 +448,9 @@ static int nfs_fs_context_parse_param(struct fs_context *fc, if (opt < 0) return ctx->sloppy ? 1 : opt; + if (fc->security) + ctx->has_sec_mnt_opts = 1; + switch (opt) { case Opt_source: if (fc->source) diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h index 62d3189745cd..08f4f34e8cf5 100644 --- a/fs/nfs/internal.h +++ b/fs/nfs/internal.h @@ -96,6 +96,7 @@ struct nfs_fs_context { char *fscache_uniq; unsigned short protofamily; unsigned short mountfamily; + bool has_sec_mnt_opts; struct { union { diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 59d846d7830f..686ccc04cd57 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c @@ -1058,6 +1058,7 @@ static void nfs_fill_super(struct super_block *sb, struct nfs_fs_context *ctx) &sb->s_blocksize_bits); nfs_super_set_maxbytes(sb, server->maxfilesize); + server->has_sec_mnt_opts = ctx->has_sec_mnt_opts; } static int nfs_compare_mount_options(const struct super_block *s, const struct nfs_server *b, @@ -1174,6 +1175,9 @@ static int nfs_compare_super(struct super_block *sb, struct fs_context *fc) return 0; if (!nfs_compare_userns(old, server)) return 0; + if ((old->has_sec_mnt_opts || fc->security) && + security_sb_mnt_opts_compat(sb, fc->security)) + return 0; return nfs_compare_mount_options(sb, server, fc); } diff --git a/include/linux/nfs_fs_sb.h b/include/linux/nfs_fs_sb.h index 38e60ec742df..3f0acada5794 100644 --- a/include/linux/nfs_fs_sb.h +++ b/include/linux/nfs_fs_sb.h @@ -254,6 +254,7 @@ struct nfs_server { /* User namespace info */ const struct cred *cred; + bool has_sec_mnt_opts; }; /* Server capabilities */