diff options
| author | Paul Moore <paul@paul-moore.com> | 2024-07-09 19:43:06 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2024-08-12 15:35:04 -0400 |
| commit | 63dff3e48871b0583be5032ff8fb7260c349a18c (patch) | |
| tree | 658e21e7c21fc865f459a1c6dcd9fad7059f0323 /security/landlock/fs.c | |
| parent | 711f5c5ce6c2c640c1b3b569ab2a8847be5ab21f (diff) | |
| download | linux-63dff3e48871b0583be5032ff8fb7260c349a18c.tar.gz linux-63dff3e48871b0583be5032ff8fb7260c349a18c.tar.bz2 linux-63dff3e48871b0583be5032ff8fb7260c349a18c.zip | |
lsm: add the inode_free_security_rcu() LSM implementation hook
The LSM framework has an existing inode_free_security() hook which
is used by LSMs that manage state associated with an inode, but
due to the use of RCU to protect the inode, special care must be
taken to ensure that the LSMs do not fully release the inode state
until it is safe from a RCU perspective.
This patch implements a new inode_free_security_rcu() implementation
hook which is called when it is safe to free the LSM's internal inode
state. Unfortunately, this new hook does not have access to the inode
itself as it may already be released, so the existing
inode_free_security() hook is retained for those LSMs which require
access to the inode.
Cc: stable@vger.kernel.org
Reported-by: syzbot+5446fbf332b0602ede0b@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/r/00000000000076ba3b0617f65cc8@google.com
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/landlock/fs.c')
| -rw-r--r-- | security/landlock/fs.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/security/landlock/fs.c b/security/landlock/fs.c index 7877a64cc6b8..0804f76a67be 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1207,13 +1207,16 @@ static int current_check_refer_path(struct dentry *const old_dentry, /* Inode hooks */ -static void hook_inode_free_security(struct inode *const inode) +static void hook_inode_free_security_rcu(void *inode_security) { + struct landlock_inode_security *inode_sec; + /* * All inodes must already have been untied from their object by * release_inode() or hook_sb_delete(). */ - WARN_ON_ONCE(landlock_inode(inode)->object); + inode_sec = inode_security + landlock_blob_sizes.lbs_inode; + WARN_ON_ONCE(inode_sec->object); } /* Super-block hooks */ @@ -1637,7 +1640,7 @@ static int hook_file_ioctl_compat(struct file *file, unsigned int cmd, } static struct security_hook_list landlock_hooks[] __ro_after_init = { - LSM_HOOK_INIT(inode_free_security, hook_inode_free_security), + LSM_HOOK_INIT(inode_free_security_rcu, hook_inode_free_security_rcu), LSM_HOOK_INIT(sb_delete, hook_sb_delete), LSM_HOOK_INIT(sb_mount, hook_sb_mount), |