mbox series

[GIT,PULL] SELinux patches for v6.2

Message ID CAHC9VhSmJHDRroUJifUuDNF+KvVPVtW17CuMzb_RrUKBBkTabA@mail.gmail.com (mailing list archive)
State Accepted
Delegated to: Paul Moore
Headers show
Series [GIT,PULL] SELinux patches for v6.2 | expand

Pull-request

https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20221212

Message

Paul Moore Dec. 13, 2022, 3:05 a.m. UTC
Hi Linus,

Two SELinux patches for Linux v6.2: one increases the sleep time on
deprecated functionality, and one removes the indirect calls in the
sidtab context conversion code.  Unfortunately, this pull request does
conflict with fixes that were merged during the v6.1-rcX cycle so you
will either need to do some manual fixup or you can pull the tag below
which has the necessary fixes and has been sanity tested today.  If
you're looking for something different to handle this merge, let me
know.

* tags/selinux-pr-20221212.merge

-Paul

--
The following changes since commit 9abf2313adc1ca1b6180c508c25f22f9395cc780:

 Linux 6.1-rc1 (2022-10-16 15:36:24 -0700)

are available in the Git repository at:

 https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
   tags/selinux-pr-20221212

for you to fetch changes up to 048be156491ff1aeb0fe5ff0862644d38cd39015:

 selinux: remove the sidtab context conversion indirect calls
   (2022-11-09 11:00:49 -0500)

----------------------------------------------------------------
selinux/stable-6.2 PR 20221212

----------------------------------------------------------------
Paul Moore (2):
     selinux: increase the deprecation sleep for checkreqprot and runtime
              disable
     selinux: remove the sidtab context conversion indirect calls

security/selinux/selinuxfs.c   |  4 ++--
security/selinux/ss/services.c | 51 ++++++++++++++----------------------
security/selinux/ss/services.h | 14 +++++++++---
security/selinux/ss/sidtab.c   | 21 +++++++++--------
security/selinux/ss/sidtab.h   |  3 +--
5 files changed, 47 insertions(+), 46 deletions(-)

Comments

Linus Torvalds Dec. 13, 2022, 5:44 p.m. UTC | #1
On Mon, Dec 12, 2022 at 7:05 PM Paul Moore <paul@paul-moore.com> wrote:
>
>   Unfortunately, this pull request does
> conflict with fixes that were merged during the v6.1-rcX cycle so you
> will either need to do some manual fixup or you can pull the tag below
> which has the necessary fixes and has been sanity tested today.

I did the merge manually, but compared to your version. They were
identical except that you hadn't added the documentation entry for the
gfp_flags parameter.

That said, I'm not super-happy with that merge - it was the trivial
straightforward one, but when I looked at the code it struck me that
the only thing that actually seems to *use* that gfp_flags argument is
that

        if (oldc->str) {
                s = kstrdup(oldc->str, gfp_flags);
                if (!s)
                        return -ENOMEM;

sequence. And it strikes me that this is not the only place where
selinux ends up doing that whole

                str = kstrdup(ctx->str, GFP_xyz);

dance.

It feels to me like that thing shouldn't be an allocation at all, but
that selinux should use ref-counted strings instead (and just increase
the refcount). It's in other places like context_cpy(), but having it
be a refcounted string would also potentially help with
"context_cmp()" in that the string compare could be a "is it the same
ref-counted pointer" and maybe hit that case most of the time before
it even needs to do an actual strcmp.

Hmm?

Anyway, that was just my reaction to resolving that conflict, and
obviously *not* for this merge window. I'm just saying that if you
agree, maybe that could be a future improvement, making the whole
allocation - and the whole need for that gfp_flag - go away?

               Linus
pr-tracker-bot@kernel.org Dec. 13, 2022, 6:13 p.m. UTC | #2
The pull request you sent on Mon, 12 Dec 2022 22:05:32 -0500:

> https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20221212

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/57888f7b952d3f2696f82a701f1b3d9de7e346d3

Thank you!
Paul Moore Dec. 13, 2022, 7:25 p.m. UTC | #3
On Tue, Dec 13, 2022 at 12:44 PM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
> On Mon, Dec 12, 2022 at 7:05 PM Paul Moore <paul@paul-moore.com> wrote:
> >
> >   Unfortunately, this pull request does
> > conflict with fixes that were merged during the v6.1-rcX cycle so you
> > will either need to do some manual fixup or you can pull the tag below
> > which has the necessary fixes and has been sanity tested today.
>
> I did the merge manually, but compared to your version. They were
> identical except that you hadn't added the documentation entry for the
> gfp_flags parameter.

Ah, thanks for catching that.

> That said, I'm not super-happy with that merge ... It feels to me like
> that thing shouldn't be an allocation at all, but that selinux should
> use ref-counted strings instead (and just increase the refcount).

It is something worth looking into for the future.  I'm in the middle
of reworking the audit code, and one of the changes is heavy use of
string refcounts to reduce the copies needed.