linux/security/landlock
Mickaël Salaün 74ce793bcb
hostfs: Fix ephemeral inodes
hostfs creates a new inode for each opened or created file, which
created useless inode allocations and forbade identifying a host file
with a kernel inode.

Fix this uncommon filesystem behavior by tying kernel inodes to host
file's inode and device IDs.  Even if the host filesystem inodes may be
recycled, this cannot happen while a file referencing it is opened,
which is the case with hostfs.  It should be noted that hostfs inode IDs
may not be unique for the same hostfs superblock because multiple host's
(backed) superblocks may be used.

Delete inodes when dropping them to force backed host's file descriptors
closing.

This enables to entirely remove ARCH_EPHEMERAL_INODES, and then makes
Landlock fully supported by UML.  This is very useful for testing
changes.

These changes also factor out and simplify some helpers thanks to the
new hostfs_inode_update() and the hostfs_iget() revamp: read_name(),
hostfs_create(), hostfs_lookup(), hostfs_mknod(), and
hostfs_fill_sb_common().

A following commit with new Landlock tests check this new hostfs inode
consistency.

Cc: Anton Ivanov <anton.ivanov@cambridgegreys.com>
Cc: Johannes Berg <johannes@sipsolutions.net>
Acked-by: Richard Weinberger <richard@nod.at>
Link: https://lore.kernel.org/r/20230612191430.339153-2-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2023-06-12 21:26:19 +02:00
..
common.h landlock: Set up the security framework and manage credentials 2021-04-22 12:22:10 -07:00
cred.c selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
cred.h landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
fs.c selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
fs.h landlock: Support file truncation 2022-10-19 09:01:44 +02:00
Kconfig hostfs: Fix ephemeral inodes 2023-06-12 21:26:19 +02:00
limits.h landlock: Support file truncation 2022-10-19 09:01:44 +02:00
Makefile landlock: Add syscall implementations 2021-04-22 12:22:11 -07:00
object.c landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
object.h landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
ptrace.c selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
ptrace.h landlock: Add ptrace restrictions 2021-04-22 12:22:10 -07:00
ruleset.c landlock: Define access_mask_t to enforce a consistent access mask size 2022-05-23 13:27:55 +02:00
ruleset.h landlock: Fix same-layer rule unions 2022-05-23 13:27:57 +02:00
setup.c selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
setup.h landlock: Support filesystem access-control 2021-04-22 12:22:11 -07:00
syscalls.c landlock: Support file truncation 2022-10-19 09:01:44 +02:00