superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/security
History
NeilBrown 833d2b3a07
Add start_renaming_two_dentries() 
A few callers want to lock for a rename and already have both dentries.
Also debugfs does want to perform a lookup but doesn't want permission
checking, so start_renaming_dentry() cannot be used.

This patch introduces start_renaming_two_dentries() which is given both
dentries.  debugfs performs one lookup itself.  As it will only continue
with a negative dentry and as those cannot be renamed or unlinked, it is
safe to do the lookup before getting the rename locks.

overlayfs uses start_renaming_two_dentries() in three places and  selinux
uses it twice in sel_make_policy_nodes().

In sel_make_policy_nodes() we now lock for rename twice instead of just
once so the combined operation is no longer atomic w.r.t the parent
directory locks.  As selinux_state.policy_mutex is held across the whole
operation this does not open up any interesting races.

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: NeilBrown <neil@brown.name>
Link: https://patch.msgid.link/20251113002050.676694-13-neilb@ownmail.net
Signed-off-by: Christian Brauner <brauner@kernel.org>
 		2025-11-14 13:15:58 +01:00
..
apparmor VFS: introduce start_removing_dentry() 2025-11-14 13:15:57 +01:00
bpf bpf: lsm: Remove hook to bpf_task_storage_free 2024-12-16 12:32:31 -08:00
integrity ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr 2025-10-03 07:50:56 -04:00
ipe ipe/stable-6.17 PR 20250728 2025-07-31 09:42:20 -07:00
keys security: keys: use menuconfig for KEYS symbol 2025-10-04 17:25:35 +03:00
landlock fs: add an icount_read helper 2025-09-01 12:41:09 +02:00
loadpin loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported 2025-03-03 09:35:50 -08:00
lockdown lockdown: initialize local array before use to quiet static analysis 2025-01-05 12:48:43 -05:00
safesetid safesetid: check size of policy writes 2025-01-04 22:46:09 -05:00
selinux Add start_renaming_two_dentries() 2025-11-14 13:15:58 +01:00
smack Simplifying ->d_name audits, easy part. 2025-10-03 11:14:02 -07:00
tomoyo copy_process: pass clone_flags as u64 across calltree 2025-09-01 15:31:34 +02:00
yama yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl() 2025-03-07 19:58:05 -08:00
Kconfig lsm: CONFIG_LSM can depend on CONFIG_SECURITY 2025-09-11 16:32:04 -04:00
Kconfig.hardening rust: add bitmap API. 2025-09-22 15:52:44 -04:00
Makefile lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
commoncap.c exec: Correct the permission check for unsafe exec 2025-06-23 10:38:39 -05:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c make securityfs_remove() remove the entire subtree 2025-06-11 18:19:46 -04:00
lsm_audit.c net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
min_addr.c security: use umax() to improve code 2025-08-18 15:41:47 -04:00
security.c Simplifying ->d_name audits, easy part. 2025-10-03 11:14:02 -07:00