From patchwork Sat Aug 13 20:38:11 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 9279339 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 333CF60780 for ; Sun, 14 Aug 2016 11:51:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2219728A06 for ; Sun, 14 Aug 2016 11:51:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1681128A5D; Sun, 14 Aug 2016 11:51:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 91D4B28A06 for ; Sun, 14 Aug 2016 11:51:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965405AbcHNLvF (ORCPT ); Sun, 14 Aug 2016 07:51:05 -0400 Received: from nm32-vm4.bullet.mail.bf1.yahoo.com ([72.30.239.140]:39452 "EHLO nm32-vm4.bullet.mail.bf1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933253AbcHNLvC (ORCPT ); Sun, 14 Aug 2016 07:51:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1471120692; bh=5ECzeqcyd/VfjPydCORPQhM0X0mS7v0jqegHJHD4PgI=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From:Subject; b=P1MwHFG9OtSIm/3GU2rcOaAW1HeSqCqMB17XmT6rbQM88XoYRG5sqhObAP8/MgZBbJ4XupFKAV3OSZ/nLTC5c1OtPvybxiLJ7cu5vwEqZ9LzIOgyDEq3fzFdmzURnsNSZO5PMvMBYdmsXuQs/YJgN78ErwscWBANCoQjd6Zj+RwVj67I6fheVYKd+Mf57YcOGhYbeBPUR5stVDPr7RIwgm8ZMHF2bUqw5xt3/hn+UDtOm365X8ZRHaKb2l7scpXw8RIX91TRCngKjQNAL0kvryQWA3Fv+4wJnJvy38r9wLIoQsj6EtmblBQ6ZM1bdNgTSFDTrFJqe/7G5TDWXoqIew== Received: from [98.139.215.141] by nm32.bullet.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:38:12 -0000 Received: from [98.139.211.205] by tm12.bullet.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:38:12 -0000 Received: from [127.0.0.1] by smtp214.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:38:12 -0000 X-Yahoo-Newman-Id: 757547.99949.bm@smtp214.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: JiVIEDIVM1mJd3Qa9Relz02AatvD1i_19FtpU70_s5tMvME kX4Y7zXHTJ3LwL1N3jvP6MK5FTufR6ZSURCtyTGKZF4Kne70SmtI157zMQ_R hwaLhtrMF3YsuZJsOAzrjkxhgYg4gSo431VJGPla23_1NyuyiixfDGrep8uV kYA_HEO.jjWjaO0ECcaM0WbRaNkGwcvGPwge40danF92bYaFa62DfgfIVXc7 .CO15KBVd5t276kz4iC9iVmacla05lkLMeGOWWCLTo3Nxkkn1u0QAF4391eb .G8Y_O6OcBtGnul.MecaWSUjmFAnMl4snhAy_2fcmeQlzITT8n6CtY.YBZE_ h6yV7mM0ad.eha8D7YSfLaRA9huFXXRUP0HuCSWx7KlFzhz7V58_Nhmz9a29 INgF7H50KgispF8WEyxmnBUpivY300_C4DaWZfOHDmnSy9IOUiOraolo1btu J9z17kyeEm3GTmXBkr1ELNRJiSkDSnRNSTi7YI4SLUGI5cO0NqpZHpB0co5e k4MLUGoIPl_JnLSGXIpUX0esPlg3Jh5RlLpbW63SxSXtm9VK6CEqw7kDFvKH Fs58z0Wy8e0.C X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw-- Subject: [PATCH 22/25] LSM: Put new key blob code under ifdef To: LSM , James Morris References: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Cc: John Johansen , Tetsuo Handa , Paul Moore , Stephen Smalley From: Casey Schaufler Message-ID: Date: Sat, 13 Aug 2016 13:38:11 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Subject: [PATCH 22/25] LSM: Put new key blob code under ifdef A repair for the preceeding patch, where the new key related code was not properly ifdefed. Signed-off-by: Casey Schaufler --- security/security.c | 6 +++++- security/selinux/hooks.c | 2 ++ security/selinux/include/objsec.h | 2 ++ security/smack/smack.h | 2 ++ security/smack/smack_lsm.c | 2 ++ 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/security/security.c b/security/security.c index 5dd1d57..9eade94 100644 --- a/security/security.c +++ b/security/security.c @@ -90,11 +90,13 @@ int __init security_init(void) pr_info("LSM: file blob size = %d\n", blob_sizes.lbs_file); pr_info("LSM: inode blob size = %d\n", blob_sizes.lbs_inode); pr_info("LSM: ipc blob size = %d\n", blob_sizes.lbs_ipc); +#ifdef CONFIG_KEYS pr_info("LSM: key blob size = %d\n", blob_sizes.lbs_key); +#endif /* CONFIG_KEYS */ pr_info("LSM: msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); pr_info("LSM: sock blob size = %d\n", blob_sizes.lbs_sock); pr_info("LSM: superblock blob size = %d\n", blob_sizes.lbs_superblock); -#endif +#endif /* CONFIG_SECURITY_STACKING_DEBUG */ return 0; } @@ -316,6 +318,7 @@ int lsm_ipc_alloc(struct kern_ipc_perm *kip) return 0; } +#ifdef CONFIG_KEYS /** * lsm_key_alloc - allocate a composite key blob * @key: the key that needs a blob @@ -340,6 +343,7 @@ int lsm_key_alloc(struct key *key) return -ENOMEM; return 0; } +#endif /* CONFIG_KEYS */ /** * lsm_msg_msg_alloc - allocate a composite msg_msg blob diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d20c46a..668fde5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -5867,7 +5867,9 @@ struct lsm_blob_sizes selinux_blob_sizes = { .lbs_file = sizeof(struct file_security_struct), .lbs_inode = sizeof(struct inode_security_struct), .lbs_ipc = sizeof(struct ipc_security_struct), +#ifdef CONFIG_KEYS .lbs_key = sizeof(struct key_security_struct), +#endif /* CONFIG_KEYS */ .lbs_msg_msg = sizeof(struct msg_security_struct), .lbs_sock = sizeof(struct sk_security_struct), .lbs_superblock = sizeof(struct superblock_security_struct), diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index cd12239..cf48aea 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -188,6 +188,7 @@ static inline struct ipc_security_struct *selinux_ipc( #endif } +#ifdef CONFIG_KEYS static inline struct key_security_struct *selinux_key(const struct key *key) { #ifdef CONFIG_SECURITY_STACKING @@ -196,6 +197,7 @@ static inline struct key_security_struct *selinux_key(const struct key *key) return key->security; #endif } +#endif /* CONFIG_KEYS */ static inline struct sk_security_struct *selinux_sock(const struct sock *sock) { diff --git a/security/smack/smack.h b/security/smack/smack.h index f7c2945..6e147d8 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -405,6 +405,7 @@ static inline struct smack_known **smack_ipc(const struct kern_ipc_perm *ipc) #endif } +#ifdef CONFIG_KEYS static inline struct smack_known **smack_key(const struct key *key) { #ifdef CONFIG_SECURITY_STACKING @@ -413,6 +414,7 @@ static inline struct smack_known **smack_key(const struct key *key) return key->security; #endif } +#endif /* CONFIG_KEYS */ /* * Is the directory transmuting? diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 9ac6487..b3986e9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4444,7 +4444,9 @@ struct lsm_blob_sizes smack_blob_sizes = { .lbs_file = sizeof(struct smack_known *), .lbs_inode = sizeof(struct inode_smack), .lbs_ipc = sizeof(struct smack_known *), +#ifdef CONFIG_KEYS .lbs_key = sizeof(struct smack_known *), +#endif /* CONFIG_KEYS */ .lbs_msg_msg = sizeof(struct smack_known *), .lbs_sock = sizeof(struct socket_smack), .lbs_superblock = sizeof(struct superblock_smack),