cachefiles.rst - OpenGrok cross reference for /kernel/linux/linux-5.10/Documentation/filesystems/caching/cachefiles.rst

Lines Matching full:security
23  (*) Security model and SELinux.
25  (*) A note on security.
291 Security Model and SELinux
294 CacheFiles is implemented to deal properly with the LSM security features of
299 security context that is not appropriate for accessing the cache - either
304 The way CacheFiles works is to temporarily change the security context (fsuid,
305 fsgid and actor security label) that the process acts as - without changing the
306 security context of the process when it the target of an operation performed by
312  (1) Finds the security label attached to the root cache directory and uses
313      that as the security label with which it will create files.  By default,
318  (2) Finds the security label of the process which issued the bind request
323      and asks LSM to supply a security ID as which it should act given the
328      SELinux transitions the daemon's security ID to the module's security ID
338 The module's security ID gives it permission to create, move and remove files
343 The daemon's security ID gives it only a very restricted set of permissions: it
385 A Note on Security
388 CacheFiles makes use of the split security in the task_struct.  It allocates
393 bypassing security and calling inode ops directly.  Therefore the VFS and LSM
395 circumstances the caching code is running in the security context of whatever
398 Furthermore, should CacheFiles create a file or directory, the security
399 parameters with that object is created (UID, GID, security label) would be
404 What is required is to temporarily override the security of the process that
406 security data as that affects the process as an object, not just as a subject.
410 So CacheFiles makes use of a logical split in the security between the
411 objective security (task->real_cred) and the subjective security (task->cred).
412 The objective security holds the intrinsic security properties of a process and
417 The subjective security holds the active security properties of a process, and
423 for CacheFiles to run in a context of a specific security label, or to create
424 files and directories with another security label.