Re: [PATCH v2 2/6] Add a concept of a "secure" anonymous file
From: Stephen Smalley
Date: Wed Feb 12 2020 - 11:48:35 EST
On 2/11/20 5:55 PM, Daniel Colascione wrote:
A secure anonymous file is one we hooked up to its own inode (as
opposed to the shared inode we use for non-secure anonymous files). A
new selinux hook gives security modules a chance to initialize, label,
and veto the creation of these secure anonymous files. Security
modules had limit ability to interact with non-secure anonymous files
due to all of these files sharing a single inode.
Signed-off-by: Daniel Colascione <dancol@xxxxxxxxxx>
(please add linux-fsdevel, viro, linux-security-module,
jmorris@xxxxxxxxx, serge@xxxxxxxxxx to cc on future versions of this
patch since it is a VFS and a LSM change)
--- > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 20d8cf194fb7..ba208ce5711d 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -215,6 +215,10 @@
* Returns 0 if @name and @value have been successfully set,
* -EOPNOTSUPP if no security attribute is needed, or
* -ENOMEM on memory allocation failure.
+ * @inode_init_security_anon:
+ * Set up a secure anonymous inode.
+ * Returns 0 on success. Returns -EPERM if the security module denies
+ * the creation of this inode.
Please document the parameters for the hook as well.