From patchwork Sat Aug 13 20:36:00 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 9279331 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id C8DE860780 for ; Sun, 14 Aug 2016 11:50:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B970128A06 for ; Sun, 14 Aug 2016 11:50:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AE0EC28A57; Sun, 14 Aug 2016 11:50:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E7E0B28A4A for ; Sun, 14 Aug 2016 11:50:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753265AbcHNLuc (ORCPT ); Sun, 14 Aug 2016 07:50:32 -0400 Received: from nm2-vm1.bullet.mail.bf1.yahoo.com ([98.139.213.158]:52575 "EHLO nm2-vm1.bullet.mail.bf1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753234AbcHNLu3 (ORCPT ); Sun, 14 Aug 2016 07:50:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1471120563; bh=2hp6tkQPJhw3tv1YnS0+HeLbPI6TySX8ug2/tu2T5ZQ=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From:Subject; b=lEhemRXq0wz1pvNAzPcZBNB1/ANibc7Kb7wWGfuucF84BRtGHF1qL5AGSr9LNxrVY4rvVNc1W1rcU9Ud4/y4eOgBsvmTekwZeYqati7UsYnys8UxkAio5uhDd7IYGXN1FKoUPHpXrFxGYNek9j6UTVSrrDXDwTBtlvT+BRK/cUu8nByITfLi7YVvbNkJ0x6Kdcq/JZN9xXto8hCEFdweFbD/QIdy/iqsuX5oNMFacJi/DM/PN4+GguDgSwduvBNS4DFSgfzT2XB0ht8/gPRw21Qx2P6uZV26Mgw4Ye+yQuR1w/fVhXoJytArLhmHK1u0y306COlKu+r6v+BguSdc7Q== Received: from [98.139.214.32] by nm2.bullet.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:36:03 -0000 Received: from [98.139.211.197] by tm15.bullet.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:36:02 -0000 Received: from [127.0.0.1] by smtp206.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:36:02 -0000 X-Yahoo-Newman-Id: 898807.63095.bm@smtp206.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: ykf.k1YVM1kEJG2w4mUPZYurNwokXxqGBwc4jy0RZQe0.R9 o.5R8I.vRhCnhxzv8R6.4gMbjT2JfWT9lh4NQ5Fz8GjCXfRU9OxqWlgstTSn MK3LUqb_SfGn5je4yYh1ww01KKRjwDakNHXbZZDrOHsaL.2Ng9JqKAWyYEuP zReuxhhlkX4AQHTjLzsl5K8ssoBAwnQb4OZsIN8AXzCYH55aMSYb0xlNKBsi GkX97JgnUrhMnL9S8._NLvSKaCz919DxTxiT_HBZPKLFclAkUdF0skjMvice 3s7_aE3BSV.uMeXCK308be6QcXjVkYys0pOud1ybYxqbBg697mzfZAwtg8kQ GePA3XG7V8nfMJpDKX93Y7WNYy0UL27JG7eUsL2rnqQXzscdrofaQPO4hS._ SX6n1coIb.FwrAEHvh_H51WAUj1z_HZbSuk6x5EEHMgkYMHS26QmjtlxARXR d_I.gdaJP7cF9zqFO4eaC1Z7mfHKG5kWU_HGq.Whk16Qozx9dyByqDi0_olJ y8SbaC4JhBK.l_MCoHPFEfjyjTl6RTx0VjTj2Xk38svCnftMBN3c0Y.IyNC7 1RdLgJ3O61H5F X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw-- Subject: [PATCH 07/25] TOMOYO: Abstract the cred security blob To: LSM , James Morris References: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Cc: John Johansen , Tetsuo Handa , Paul Moore , Stephen Smalley From: Casey Schaufler Message-ID: Date: Sat, 13 Aug 2016 13:36:00 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Subject: [PATCH 07/25] TOMOYO: Abstract the cred security blob Abstract reading the credential security blob. Remove abstraction when writing the credential security blob. There is no change in the behavior of the code. Signed-off-by: Casey Schaufler --- security/tomoyo/common.h | 16 ++++++++++++++-- security/tomoyo/securityfs_if.c | 8 +++++--- security/tomoyo/tomoyo.c | 17 ++++++++++++----- 3 files changed, 31 insertions(+), 10 deletions(-) diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 361e7a2..82be05d 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h @@ -28,6 +28,7 @@ #include #include #include +#include #include #include #include @@ -1196,13 +1197,24 @@ static inline void tomoyo_put_group(struct tomoyo_group *group) } /** + * tomoyo_cred - Get a pointer to the tomoyo cred security blob + * @cred - the relevant cred + * + * Returns pointer to the tomoyo cred blob. + */ +static inline struct tomoyo_domain_info *tomoyo_cred(const struct cred *cred) +{ + return cred->security; +} + +/** * tomoyo_domain - Get "struct tomoyo_domain_info" for current thread. * * Returns pointer to "struct tomoyo_domain_info" for current thread. */ static inline struct tomoyo_domain_info *tomoyo_domain(void) { - return current_cred()->security; + return tomoyo_cred(current_cred()); } /** @@ -1215,7 +1227,7 @@ static inline struct tomoyo_domain_info *tomoyo_domain(void) static inline struct tomoyo_domain_info *tomoyo_real_domain(struct task_struct *task) { - return task_cred_xxx(task, security); + return tomoyo_cred(get_task_cred(task)); } /** diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c index 06ab41b1..1ac1454 100644 --- a/security/tomoyo/securityfs_if.c +++ b/security/tomoyo/securityfs_if.c @@ -70,8 +70,8 @@ static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, if (!cred) { error = -ENOMEM; } else { - struct tomoyo_domain_info *old_domain = - cred->security; + struct tomoyo_domain_info *old_domain; + old_domain = tomoyo_cred(cred); cred->security = new_domain; atomic_inc(&new_domain->users); atomic_dec(&old_domain->users); @@ -233,10 +233,12 @@ static void __init tomoyo_create_entry(const char *name, const umode_t mode, */ static int __init tomoyo_initerface_init(void) { + struct tomoyo_domain_info *domain; struct dentry *tomoyo_dir; + domain = tomoyo_cred(current_cred()); /* Don't create securityfs entries unless registered. */ - if (current_cred()->security != &tomoyo_kernel_domain) + if (domain != &tomoyo_kernel_domain) return 0; tomoyo_dir = securityfs_create_dir("tomoyo", NULL); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index edc52d6..353c935 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -33,7 +33,9 @@ static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp) static int tomoyo_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) { - struct tomoyo_domain_info *domain = old->security; + struct tomoyo_domain_info *domain; + + domain = tomoyo_cred(old); new->security = domain; if (domain) atomic_inc(&domain->users); @@ -58,7 +60,9 @@ static void tomoyo_cred_transfer(struct cred *new, const struct cred *old) */ static void tomoyo_cred_free(struct cred *cred) { - struct tomoyo_domain_info *domain = cred->security; + struct tomoyo_domain_info *domain; + + domain = tomoyo_cred(cred); if (domain) atomic_dec(&domain->users); } @@ -72,6 +76,8 @@ static void tomoyo_cred_free(struct cred *cred) */ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm) { + struct tomoyo_domain_info *domain; + /* * Do only if this function is called for the first time of an execve * operation. @@ -92,8 +98,8 @@ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm) * stored inside "bprm->cred->security" will be acquired later inside * tomoyo_find_next_domain(). */ - atomic_dec(&((struct tomoyo_domain_info *) - bprm->cred->security)->users); + domain = tomoyo_cred(bprm->cred); + atomic_dec(&domain->users); /* * Tell tomoyo_bprm_check_security() is called for the first time of an * execve operation. @@ -111,8 +117,9 @@ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm) */ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) { - struct tomoyo_domain_info *domain = bprm->cred->security; + struct tomoyo_domain_info *domain; + domain = tomoyo_cred(bprm->cred); /* * Execute permission is checked against pathname passed to do_execve() * using current domain.