From patchwork Fri Apr 19 00:44:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908271 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 64D60922 for ; Fri, 19 Apr 2019 00:46:33 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4FF1C28BA0 for ; Fri, 19 Apr 2019 00:46:33 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4376528B9F; Fri, 19 Apr 2019 00:46:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E7A0A28CA9 for ; Fri, 19 Apr 2019 00:46:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726377AbfDSAqb (ORCPT ); Thu, 18 Apr 2019 20:46:31 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:35562 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726080AbfDSAqb (ORCPT ); Thu, 18 Apr 2019 20:46:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634787; bh=TWuw99DnWmB51yX+yr9YkHlREDb2dZVqgCxQsdxAgdM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=UE8ykpGyJaS3el79IOuoPXTRNz/qUpryMIoJhT18UjcT7mReqCL5Qxjez5FTQEHCAa89ixf+WKWyq8Nni4FGk5vmfCePE080psXWLH+7mSmwHdnPFKDBWtpa3T8Of1Zp7C4tGLtG4/uB/qUTCPo1Hv2FxGqtv/5ceOnhTTSF26iBrVIQQh5nFRyFmrp86s9leqjh1obNqYqCuBaEeoqEy4t+OwHINLbBh8j8Of/51PayNkF8iADg2wQx5t2xtRZxJdbijvkry5f/7eDNesp9x0NBZjoigCWPJPkDPeU9mkRTeLXkxgK+bYlZum4KkTmSi127ou04MObtDSiwwYS8Fw== X-YMail-OSG: UEpHatoVM1nnnjVpeIF4s8GZQHjzbCYiwldKMZSVeJoEcvv0W6BOkqkVTvEwCGK f5x_Ox8gDG6TqVKZ1yp4c2uHSab_.Vetzk7lQRZBjC7u8YhYK1.69Ei6Y0J9ZB0Go47Zlbls0P6. kF_FVzteKhrPffL8uIS73RL.jtqbzdHVwqjK7.6pJ5VlSGmAOgtwAD6rUjoLrce5Xb8Dwmqo8PqD w.T6ahfVeDycAYQookpReHH4eOY3sxPYE9b5HQTRnZuYeoo8BhSz9e5cMJwZBbssJERjYZAypHJn 9HcUsyyMS7uFjzesaT6Yz9MdLRTQLLHj8XGyXe9FhQXN7CianEjXCpsaY7h0xdBPxEa99TmBdUBZ AuE7kYNoK.t_YJiDD3T7IXva9yNgaNcpPv0bz3Vm4NOZbscP.QY5CUvLAp3uuan.ejQ9RsvB5k4g VLUH7oP8sgU6P798Two2EJqtNVtmrCV.O_vQWSnbXFIXmi8mcfhhOPERKk5zKfbO1fOq6GPLy5L_ 9jC86MzRsgQ80kBhW67N209WX7CXiPuqgUOXKxDAKmox0.hu7gzY6Wu11PnUPWzisEItwgJ5Ms46 1bBjeoDPJNt4eZ.pF0MjqS5xeqNwUCmXfgX5hNPs7EMLYtNxUNiQ2wS2CP7RDLs5Tr0t8vsrj7Vm 9wRl6o6ptyGjWfJfF3InA5mA7BMJvcW8bqwYLWC7uPi3JHjdkH_vUwdNq0bZEs3LBcNT634IY.bj F1lluVTGJF0lt1rSqBHAwR3CWg9_HQPKyLnUp.GyxGT.SevAUcuU8E91fuhY.88H93vCiPMFd4qe OAQqzFnjK2fWPdNtGKlM4q8JDezOiqbO_RnBM4WXIjwp2kgs7bxYyYU8lBnBd2yUiJil44pH5XLH .AFYWpViJTkmBnVnzRGYM2.crVGJF7A24s9GYGZyHaYsZfJ.lTqIlPQU2tO.Fc.V6lcegVCe7btb xlLC61Ai0PJPFGVAyTlMR3jtqf2lRKY0hsI0qXW22Nwxov.fqjaAUp_R9YhtChsiQFe.9OF5LwOp LzDfnyxptY71B4MWsgggEy50sjq2ON52TIn0HA.s7GKj1VjS6DeQM9XxFDRWlOQ4ubZW2Ozo8_ue tnHMTNPinzgUjF_LTDYSXLELHC59y1_4Oy4p4pvue113xr355zAIsXyMqvQZH6eQy4pLVUxG2_oO dviALuw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:27 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp431.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID cf1bd369acc816a9d15b1740f4265439; Fri, 19 Apr 2019 00:46:25 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 01/90] LSM: Infrastructure management of the superblock Date: Thu, 18 Apr 2019 17:44:48 -0700 Message-Id: <20190419004617.64627-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Move management of the superblock->sb_security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 1 + security/security.c | 46 ++++++++++++++++++++---- security/selinux/hooks.c | 58 ++++++++++++------------------- security/selinux/include/objsec.h | 6 ++++ security/selinux/ss/services.c | 3 +- security/smack/smack.h | 6 ++++ security/smack/smack_lsm.c | 35 +++++-------------- 7 files changed, 85 insertions(+), 70 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index a9b8ff578b6b..cdc5730666d6 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2055,6 +2055,7 @@ struct lsm_blob_sizes { int lbs_cred; int lbs_file; int lbs_inode; + int lbs_superblock; int lbs_ipc; int lbs_msg_msg; int lbs_task; diff --git a/security/security.c b/security/security.c index 23cbb1a295a3..550988a0f024 100644 --- a/security/security.c +++ b/security/security.c @@ -172,6 +172,7 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); + lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); } @@ -300,12 +301,13 @@ static void __init ordered_lsm_init(void) for (lsm = ordered_lsms; *lsm; lsm++) prepare_lsm(*lsm); - init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); - init_debug("file blob size = %d\n", blob_sizes.lbs_file); - init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); - init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); - init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); - init_debug("task blob size = %d\n", blob_sizes.lbs_task); + init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); + init_debug("file blob size = %d\n", blob_sizes.lbs_file); + init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); + init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); + init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); + init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); + init_debug("task blob size = %d\n", blob_sizes.lbs_task); /* * Create any kmem_caches needed for blobs @@ -603,6 +605,27 @@ static void __init lsm_early_task(struct task_struct *task) panic("%s: Early task alloc failed.\n", __func__); } +/** + * lsm_superblock_alloc - allocate a composite superblock blob + * @sb: the superblock that needs a blob + * + * Allocate the superblock blob for all the modules + * + * Returns 0, or -ENOMEM if memory can't be allocated. + */ +int lsm_superblock_alloc(struct super_block *sb) +{ + if (blob_sizes.lbs_superblock == 0) { + sb->s_security = NULL; + return 0; + } + + sb->s_security = kzalloc(blob_sizes.lbs_superblock, GFP_KERNEL); + if (sb->s_security == NULL) + return -ENOMEM; + return 0; +} + /* * Hook list operation macros. * @@ -776,12 +799,21 @@ int security_fs_context_parse_param(struct fs_context *fc, struct fs_parameter * int security_sb_alloc(struct super_block *sb) { - return call_int_hook(sb_alloc_security, 0, sb); + int rc = lsm_superblock_alloc(sb); + + if (unlikely(rc)) + return rc; + rc = call_int_hook(sb_alloc_security, 0, sb); + if (unlikely(rc)) + security_sb_free(sb); + return rc; } void security_sb_free(struct super_block *sb) { call_void_hook(sb_free_security, sb); + kfree(sb->s_security); + sb->s_security = NULL; } void security_free_mnt_opts(void **mnt_opts) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 1d0b37af2444..7478d8eda00a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -335,7 +335,7 @@ static void inode_free_security(struct inode *inode) if (!isec) return; - sbsec = inode->i_sb->s_security; + sbsec = selinux_superblock(inode->i_sb); /* * As not all inode security structures are in a list, we check for * empty list outside of the lock to make sure that we won't waste @@ -366,11 +366,7 @@ static int file_alloc_security(struct file *file) static int superblock_alloc_security(struct super_block *sb) { - struct superblock_security_struct *sbsec; - - sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); - if (!sbsec) - return -ENOMEM; + struct superblock_security_struct *sbsec = selinux_superblock(sb); mutex_init(&sbsec->lock); INIT_LIST_HEAD(&sbsec->isec_head); @@ -379,18 +375,10 @@ static int superblock_alloc_security(struct super_block *sb) sbsec->sid = SECINITSID_UNLABELED; sbsec->def_sid = SECINITSID_FILE; sbsec->mntpoint_sid = SECINITSID_UNLABELED; - sb->s_security = sbsec; return 0; } -static void superblock_free_security(struct super_block *sb) -{ - struct superblock_security_struct *sbsec = sb->s_security; - sb->s_security = NULL; - kfree(sbsec); -} - struct selinux_mnt_opts { const char *fscontext, *context, *rootcontext, *defcontext; }; @@ -507,7 +495,7 @@ static int selinux_is_genfs_special_handling(struct super_block *sb) static int selinux_is_sblabel_mnt(struct super_block *sb) { - struct superblock_security_struct *sbsec = sb->s_security; + struct superblock_security_struct *sbsec = selinux_superblock(sb); /* * IMPORTANT: Double-check logic in this function when adding a new @@ -535,7 +523,7 @@ static int selinux_is_sblabel_mnt(struct super_block *sb) static int sb_finish_set_opts(struct super_block *sb) { - struct superblock_security_struct *sbsec = sb->s_security; + struct superblock_security_struct *sbsec = selinux_superblock(sb); struct dentry *root = sb->s_root; struct inode *root_inode = d_backing_inode(root); int rc = 0; @@ -648,7 +636,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, unsigned long *set_kern_flags) { const struct cred *cred = current_cred(); - struct superblock_security_struct *sbsec = sb->s_security; + struct superblock_security_struct *sbsec = selinux_superblock(sb); struct dentry *root = sbsec->sb->s_root; struct selinux_mnt_opts *opts = mnt_opts; struct inode_security_struct *root_isec; @@ -881,8 +869,8 @@ static int selinux_set_mnt_opts(struct super_block *sb, static int selinux_cmp_sb_context(const struct super_block *oldsb, const struct super_block *newsb) { - struct superblock_security_struct *old = oldsb->s_security; - struct superblock_security_struct *new = newsb->s_security; + struct superblock_security_struct *old = selinux_superblock(oldsb); + struct superblock_security_struct *new = selinux_superblock(newsb); char oldflags = old->flags & SE_MNTMASK; char newflags = new->flags & SE_MNTMASK; @@ -914,8 +902,9 @@ static int selinux_sb_clone_mnt_opts(const struct super_block *oldsb, unsigned long *set_kern_flags) { int rc = 0; - const struct superblock_security_struct *oldsbsec = oldsb->s_security; - struct superblock_security_struct *newsbsec = newsb->s_security; + const struct superblock_security_struct *oldsbsec = + selinux_superblock(oldsb); + struct superblock_security_struct *newsbsec = selinux_superblock(newsb); int set_fscontext = (oldsbsec->flags & FSCONTEXT_MNT); int set_context = (oldsbsec->flags & CONTEXT_MNT); @@ -1085,7 +1074,7 @@ static int show_sid(struct seq_file *m, u32 sid) static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb) { - struct superblock_security_struct *sbsec = sb->s_security; + struct superblock_security_struct *sbsec = selinux_superblock(sb); int rc; if (!(sbsec->flags & SE_SBINITIALIZED)) @@ -1377,7 +1366,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent if (isec->sclass == SECCLASS_FILE) isec->sclass = inode_mode_to_security_class(inode->i_mode); - sbsec = inode->i_sb->s_security; + sbsec = selinux_superblock(inode->i_sb); if (!(sbsec->flags & SE_SBINITIALIZED)) { /* Defer initialization until selinux_complete_init, after the initial policy is loaded and the security @@ -1767,7 +1756,8 @@ selinux_determine_inode_label(const struct task_security_struct *tsec, const struct qstr *name, u16 tclass, u32 *_new_isid) { - const struct superblock_security_struct *sbsec = dir->i_sb->s_security; + const struct superblock_security_struct *sbsec = + selinux_superblock(dir->i_sb); if ((sbsec->flags & SE_SBINITIALIZED) && (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) { @@ -1798,7 +1788,7 @@ static int may_create(struct inode *dir, int rc; dsec = inode_security(dir); - sbsec = dir->i_sb->s_security; + sbsec = selinux_superblock(dir->i_sb); sid = tsec->sid; @@ -1947,7 +1937,7 @@ static int superblock_has_perm(const struct cred *cred, struct superblock_security_struct *sbsec; u32 sid = cred_sid(cred); - sbsec = sb->s_security; + sbsec = selinux_superblock(sb); return avc_has_perm(&selinux_state, sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad); } @@ -2578,11 +2568,6 @@ static int selinux_sb_alloc_security(struct super_block *sb) return superblock_alloc_security(sb); } -static void selinux_sb_free_security(struct super_block *sb) -{ - superblock_free_security(sb); -} - static inline int opt_len(const char *s) { bool open_quote = false; @@ -2653,7 +2638,7 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) static int selinux_sb_remount(struct super_block *sb, void *mnt_opts) { struct selinux_mnt_opts *opts = mnt_opts; - struct superblock_security_struct *sbsec = sb->s_security; + struct superblock_security_struct *sbsec = selinux_superblock(sb); u32 sid; int rc; @@ -2877,7 +2862,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, int rc; char *context; - sbsec = dir->i_sb->s_security; + sbsec = selinux_superblock(dir->i_sb); newsid = tsec->create_sid; @@ -3115,7 +3100,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, return dentry_has_perm(current_cred(), dentry, FILE__SETATTR); } - sbsec = inode->i_sb->s_security; + sbsec = selinux_superblock(inode->i_sb); if (!(sbsec->flags & SBLABEL_MNT)) return -EOPNOTSUPP; @@ -3296,13 +3281,14 @@ static int selinux_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) { struct inode_security_struct *isec = inode_security_novalidate(inode); - struct superblock_security_struct *sbsec = inode->i_sb->s_security; + struct superblock_security_struct *sbsec; u32 newsid; int rc; if (strcmp(name, XATTR_SELINUX_SUFFIX)) return -EOPNOTSUPP; + sbsec = selinux_superblock(inode->i_sb); if (!(sbsec->flags & SBLABEL_MNT)) return -EOPNOTSUPP; @@ -6647,6 +6633,7 @@ struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { .lbs_inode = sizeof(struct inode_security_struct), .lbs_ipc = sizeof(struct ipc_security_struct), .lbs_msg_msg = sizeof(struct msg_security_struct), + .lbs_superblock = sizeof(struct superblock_security_struct), }; static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { @@ -6675,7 +6662,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(fs_context_parse_param, selinux_fs_context_parse_param), LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), - LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), LSM_HOOK_INIT(sb_eat_lsm_opts, selinux_sb_eat_lsm_opts), LSM_HOOK_INIT(sb_free_mnt_opts, selinux_free_mnt_opts), LSM_HOOK_INIT(sb_remount, selinux_sb_remount), diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 231262d8eac9..d08d7e5d2f93 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -188,4 +188,10 @@ static inline struct ipc_security_struct *selinux_ipc( return ipc->security + selinux_blob_sizes.lbs_ipc; } +static inline struct superblock_security_struct *selinux_superblock( + const struct super_block *superblock) +{ + return superblock->s_security + selinux_blob_sizes.lbs_superblock; +} + #endif /* _SELINUX_OBJSEC_H_ */ diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index ec62918521b1..e3f5d6aece66 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -50,6 +50,7 @@ #include #include #include +#include #include #include "flask.h" @@ -2751,7 +2752,7 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb) struct sidtab *sidtab; int rc = 0; struct ocontext *c; - struct superblock_security_struct *sbsec = sb->s_security; + struct superblock_security_struct *sbsec = selinux_superblock(sb); const char *fstype = sb->s_type->name; read_lock(&state->ss->policy_rwlock); diff --git a/security/smack/smack.h b/security/smack/smack.h index cf52af77d15e..caecbcba9942 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -375,6 +375,12 @@ static inline struct smack_known **smack_ipc(const struct kern_ipc_perm *ipc) return ipc->security + smack_blob_sizes.lbs_ipc; } +static inline struct superblock_smack *smack_superblock( + const struct super_block *superblock) +{ + return superblock->s_security + smack_blob_sizes.lbs_superblock; +} + /* * Is the directory transmuting? */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 5c1613519d5a..807eff2ccce9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -540,12 +540,7 @@ static int smack_syslog(int typefrom_file) */ static int smack_sb_alloc_security(struct super_block *sb) { - struct superblock_smack *sbsp; - - sbsp = kzalloc(sizeof(struct superblock_smack), GFP_KERNEL); - - if (sbsp == NULL) - return -ENOMEM; + struct superblock_smack *sbsp = smack_superblock(sb); sbsp->smk_root = &smack_known_floor; sbsp->smk_default = &smack_known_floor; @@ -554,22 +549,10 @@ static int smack_sb_alloc_security(struct super_block *sb) /* * SMK_SB_INITIALIZED will be zero from kzalloc. */ - sb->s_security = sbsp; return 0; } -/** - * smack_sb_free_security - free a superblock blob - * @sb: the superblock getting the blob - * - */ -static void smack_sb_free_security(struct super_block *sb) -{ - kfree(sb->s_security); - sb->s_security = NULL; -} - struct smack_mnt_opts { const char *fsdefault, *fsfloor, *fshat, *fsroot, *fstransmute; }; @@ -781,7 +764,7 @@ static int smack_set_mnt_opts(struct super_block *sb, { struct dentry *root = sb->s_root; struct inode *inode = d_backing_inode(root); - struct superblock_smack *sp = sb->s_security; + struct superblock_smack *sp = smack_superblock(sb); struct inode_smack *isp; struct smack_known *skp; struct smack_mnt_opts *opts = mnt_opts; @@ -880,7 +863,7 @@ static int smack_set_mnt_opts(struct super_block *sb, */ static int smack_sb_statfs(struct dentry *dentry) { - struct superblock_smack *sbp = dentry->d_sb->s_security; + struct superblock_smack *sbp = smack_superblock(dentry->d_sb); int rc; struct smk_audit_info ad; @@ -917,7 +900,7 @@ static int smack_bprm_set_creds(struct linux_binprm *bprm) if (isp->smk_task == NULL || isp->smk_task == bsp->smk_task) return 0; - sbsp = inode->i_sb->s_security; + sbsp = smack_superblock(inode->i_sb); if ((sbsp->smk_flags & SMK_SB_UNTRUSTED) && isp->smk_task != sbsp->smk_root) return 0; @@ -1168,7 +1151,7 @@ static int smack_inode_rename(struct inode *old_inode, */ static int smack_inode_permission(struct inode *inode, int mask) { - struct superblock_smack *sbsp = inode->i_sb->s_security; + struct superblock_smack *sbsp = smack_superblock(inode->i_sb); struct smk_audit_info ad; int no_block = mask & MAY_NOT_BLOCK; int rc; @@ -1410,7 +1393,7 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) */ if (strcmp(name, XATTR_NAME_SMACK) == 0) { struct super_block *sbp = dentry->d_sb; - struct superblock_smack *sbsp = sbp->s_security; + struct superblock_smack *sbsp = smack_superblock(sbp); isp->smk_inode = sbsp->smk_default; } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) @@ -1680,7 +1663,7 @@ static int smack_mmap_file(struct file *file, isp = smack_inode(file_inode(file)); if (isp->smk_mmap == NULL) return 0; - sbsp = file_inode(file)->i_sb->s_security; + sbsp = smack_superblock(file_inode(file)->i_sb); if (sbsp->smk_flags & SMK_SB_UNTRUSTED && isp->smk_mmap != sbsp->smk_root) return -EACCES; @@ -3288,7 +3271,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) goto unlockandout; sbp = inode->i_sb; - sbsp = sbp->s_security; + sbsp = smack_superblock(sbp); /* * We're going to use the superblock default label * if there's no label on the file. @@ -4575,6 +4558,7 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_inode = sizeof(struct inode_smack), .lbs_ipc = sizeof(struct smack_known *), .lbs_msg_msg = sizeof(struct smack_known *), + .lbs_superblock = sizeof(struct superblock_smack), }; static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { @@ -4586,7 +4570,6 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(fs_context_parse_param, smack_fs_context_parse_param), LSM_HOOK_INIT(sb_alloc_security, smack_sb_alloc_security), - LSM_HOOK_INIT(sb_free_security, smack_sb_free_security), LSM_HOOK_INIT(sb_free_mnt_opts, smack_free_mnt_opts), LSM_HOOK_INIT(sb_eat_lsm_opts, smack_sb_eat_lsm_opts), LSM_HOOK_INIT(sb_statfs, smack_sb_statfs), From patchwork Fri Apr 19 00:44:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908479 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A9BFA922 for ; Fri, 19 Apr 2019 00:48:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 90CBB28B1F for ; Fri, 19 Apr 2019 00:48:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8512728B91; Fri, 19 Apr 2019 00:48:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8AB0C28B1F for ; Fri, 19 Apr 2019 00:48:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726715AbfDSAsa (ORCPT ); Thu, 18 Apr 2019 20:48:30 -0400 Received: from sonic308-37.consmr.mail.bf2.yahoo.com ([74.6.130.236]:37875 "EHLO sonic308-37.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726959AbfDSAs3 (ORCPT ); Thu, 18 Apr 2019 20:48:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634907; bh=uYMzsP8oNFL/qA8PyuIX9+E+dFu5phtarBiekUH0zk4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=TCKf9BIYIVyepdMH63d+uXbe3iNMiIZ2gQ+oj42N6kmdKUOZzMhmJZc7XbG/9sHZq9AfbIom62xNRjtyI5RBSuzAO0C0HzQrOWgiofdZfrsCY0CzRsS5oqvQshSA+nVGwi8Q/3GxqXcWz0h6s44eyPk5u+IAME6YfaiKQwLlA9PSuwfvB8ac7u1A+w4/6VpnDGjqRv9v1+St+I67AiBCjoLYuMdVPW8a3NZwP3tSettFfI3AJ/FRu86VsvXwPXOdza8N9+Avm9zPCRD6DN5S9Qzt21cyAA0GLaoOifnLpvWPRB9wEK0NireTQG7fXkdlyCP8tjd7ihtl7UJWxUVv1Q== X-YMail-OSG: 9mfRPeMVM1naGpSq4iLAIFk0rzzv6LiHIlRzXve9vDHPNkGX8epQrY4yx.mn0xu 5eJyasbdv1BuRiC0Ujv5tJo27BpLdKia.6B9XVv1kmRvaL9VedLe7SdA42tsqKkyADqT1_xrY2jQ m0nw1K39p4xcb54Ts6rYbiJ2FoCGmhjM79tsFe4sGdwKgXrbohTIawdAVb7Zp7SNaArjyoFkoUs. .nVSWuiy4ttnqr7Koe8mXQJvjf93QO_0AmDUU1wxhvwhLeswLLCVF4LqbYKBKHER_fed1WXZpbqS hmSA5xXWQprrGQHM.08g0JIoZH2a8O2yKSz5UKvDFm8hJKD2GjliRvnAk0qRIPirmD_tfgT0Hcly 9Mz8_qQCkxk1Mng.vZ0P2Vwoe5vXso_AZ2ONiukOZ7q8Yjjzcu248B31rF2YiElfQ.Sk_Zs67qZj 0M7arF.oBOrulR6W_UFC.8UoN_Id.bCNRF4oOgepe4.lXH48o_yGD.u5KfOVjM8UrO4qF9WqLflh vzgH1mHVYrQZ.5RGksIg9uuOLGQWmg1dzs8YdBtSMOl7G3dn04aLPlZ6Xj6XmTpHB9zy5fNDlj1d 6eMmhNlgZL3.ucWue8eg5jgybVcsVi.2ulgdIsyTwVBN4YTgpd0GgpnFzemFZbl5BzX55XYp5PJi mwXjMxaKSdZ0cFen9BDeuIDS8PBweOe9nvhtAKTEmg0_P.vjXCer9.eqLv9gf13_yelyi_0uvp.L OiZh0RUTlLVN5QJFwwI8K6RTVtanQIMCQUF.ye0.gPlYVyOdYX5tyIHm3w7FI.PclV.zWvz_Z2.M 6Bvq2pLgwb3oFTGAs_qJl8i6iJ9XrmgJ1boGJlIlgrYLcXBmE.bPZgj4rz1m8K.o_eRE_U951MdB rBm76oVvkLid6TjlEUCeucfjrFNItNOZId_n2fjFKlM2BvRDd63PnfYxJQiwu9w8u4IYvf6Bj6x7 b6eOCL36Pr0P3ltv.F5yA.SC5cM4NrOHypJKXjKFfeLyjxj8J3OyLWb2RudnSh3HycRRNLeByNdF Rk2F8nifcz3xRkbYTSUiQaMFAhj8zLlXC1QXvERCoRliWT8LwbnT.XJr3fLJRjzTTQQ1NEOsQMaw 1bHJ0x7fxBc5INjLvpNHQZ0EA9IjPO27L_v8DQgqwIiS1H3ZD0mfDixJc3mU- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:27 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp431.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID cf1bd369acc816a9d15b1740f4265439; Fri, 19 Apr 2019 00:46:26 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 02/90] LSM: Infrastructure management of the sock security Date: Thu, 18 Apr 2019 17:44:49 -0700 Message-Id: <20190419004617.64627-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Move management of the sock->sk_security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 1 + security/apparmor/include/net.h | 6 ++- security/apparmor/lsm.c | 38 ++++----------- security/security.c | 36 +++++++++++++- security/selinux/hooks.c | 78 +++++++++++++++---------------- security/selinux/include/objsec.h | 5 ++ security/selinux/netlabel.c | 23 ++++----- security/smack/smack.h | 5 ++ security/smack/smack_lsm.c | 64 ++++++++++++------------- security/smack/smack_netfilter.c | 8 ++-- 10 files changed, 144 insertions(+), 120 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index cdc5730666d6..1dbed888dab0 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2055,6 +2055,7 @@ struct lsm_blob_sizes { int lbs_cred; int lbs_file; int lbs_inode; + int lbs_sock; int lbs_superblock; int lbs_ipc; int lbs_msg_msg; diff --git a/security/apparmor/include/net.h b/security/apparmor/include/net.h index 7334ac966d01..adac04e3b3cc 100644 --- a/security/apparmor/include/net.h +++ b/security/apparmor/include/net.h @@ -55,7 +55,11 @@ struct aa_sk_ctx { struct aa_label *peer; }; -#define SK_CTX(X) ((X)->sk_security) +static inline struct aa_sk_ctx *aa_sock(const struct sock *sk) +{ + return sk->sk_security + apparmor_blob_sizes.lbs_sock; +} + #define SOCK_ctx(X) SOCK_INODE(X)->i_security #define DEFINE_AUDIT_NET(NAME, OP, SK, F, T, P) \ struct lsm_network_audit NAME ## _net = { .sk = (SK), \ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 49d664ddff44..2716e7731279 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -757,33 +757,15 @@ static int apparmor_task_kill(struct task_struct *target, struct kernel_siginfo return error; } -/** - * apparmor_sk_alloc_security - allocate and attach the sk_security field - */ -static int apparmor_sk_alloc_security(struct sock *sk, int family, gfp_t flags) -{ - struct aa_sk_ctx *ctx; - - ctx = kzalloc(sizeof(*ctx), flags); - if (!ctx) - return -ENOMEM; - - SK_CTX(sk) = ctx; - - return 0; -} - /** * apparmor_sk_free_security - free the sk_security field */ static void apparmor_sk_free_security(struct sock *sk) { - struct aa_sk_ctx *ctx = SK_CTX(sk); + struct aa_sk_ctx *ctx = aa_sock(sk); - SK_CTX(sk) = NULL; aa_put_label(ctx->label); aa_put_label(ctx->peer); - kfree(ctx); } /** @@ -792,8 +774,8 @@ static void apparmor_sk_free_security(struct sock *sk) static void apparmor_sk_clone_security(const struct sock *sk, struct sock *newsk) { - struct aa_sk_ctx *ctx = SK_CTX(sk); - struct aa_sk_ctx *new = SK_CTX(newsk); + struct aa_sk_ctx *ctx = aa_sock(sk); + struct aa_sk_ctx *new = aa_sock(newsk); new->label = aa_get_label(ctx->label); new->peer = aa_get_label(ctx->peer); @@ -844,7 +826,7 @@ static int apparmor_socket_post_create(struct socket *sock, int family, label = aa_get_current_label(); if (sock->sk) { - struct aa_sk_ctx *ctx = SK_CTX(sock->sk); + struct aa_sk_ctx *ctx = aa_sock(sock->sk); aa_put_label(ctx->label); ctx->label = aa_get_label(label); @@ -1029,7 +1011,7 @@ static int apparmor_socket_shutdown(struct socket *sock, int how) */ static int apparmor_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) { - struct aa_sk_ctx *ctx = SK_CTX(sk); + struct aa_sk_ctx *ctx = aa_sock(sk); if (!skb->secmark) return 0; @@ -1042,7 +1024,7 @@ static int apparmor_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) static struct aa_label *sk_peer_label(struct sock *sk) { - struct aa_sk_ctx *ctx = SK_CTX(sk); + struct aa_sk_ctx *ctx = aa_sock(sk); if (ctx->peer) return ctx->peer; @@ -1126,7 +1108,7 @@ static int apparmor_socket_getpeersec_dgram(struct socket *sock, */ static void apparmor_sock_graft(struct sock *sk, struct socket *parent) { - struct aa_sk_ctx *ctx = SK_CTX(sk); + struct aa_sk_ctx *ctx = aa_sock(sk); if (!ctx->label) ctx->label = aa_get_current_label(); @@ -1136,7 +1118,7 @@ static void apparmor_sock_graft(struct sock *sk, struct socket *parent) static int apparmor_inet_conn_request(struct sock *sk, struct sk_buff *skb, struct request_sock *req) { - struct aa_sk_ctx *ctx = SK_CTX(sk); + struct aa_sk_ctx *ctx = aa_sock(sk); if (!skb->secmark) return 0; @@ -1153,6 +1135,7 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = { .lbs_cred = sizeof(struct aa_task_ctx *), .lbs_file = sizeof(struct aa_file_ctx), .lbs_task = sizeof(struct aa_task_ctx), + .lbs_sock = sizeof(struct aa_sk_ctx), }; static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { @@ -1189,7 +1172,6 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), - LSM_HOOK_INIT(sk_alloc_security, apparmor_sk_alloc_security), LSM_HOOK_INIT(sk_free_security, apparmor_sk_free_security), LSM_HOOK_INIT(sk_clone_security, apparmor_sk_clone_security), @@ -1581,7 +1563,7 @@ static unsigned int apparmor_ip_postroute(void *priv, if (sk == NULL) return NF_ACCEPT; - ctx = SK_CTX(sk); + ctx = aa_sock(sk); if (!apparmor_secmark_check(ctx->label, OP_SENDMSG, AA_MAY_SEND, skb->secmark, sk)) return NF_ACCEPT; diff --git a/security/security.c b/security/security.c index 550988a0f024..e32b7180282e 100644 --- a/security/security.c +++ b/security/security.c @@ -32,6 +32,7 @@ #include #include #include +#include #define MAX_LSM_EVM_XATTR 2 @@ -172,6 +173,7 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); + lsm_set_blob_size(&needed->lbs_sock, &blob_sizes.lbs_sock); lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); } @@ -306,6 +308,7 @@ static void __init ordered_lsm_init(void) init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); + init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); init_debug("task blob size = %d\n", blob_sizes.lbs_task); @@ -605,6 +608,28 @@ static void __init lsm_early_task(struct task_struct *task) panic("%s: Early task alloc failed.\n", __func__); } +/** + * lsm_sock_alloc - allocate a composite sock blob + * @sock: the sock that needs a blob + * @priority: allocation mode + * + * Allocate the sock blob for all the modules + * + * Returns 0, or -ENOMEM if memory can't be allocated. + */ +int lsm_sock_alloc(struct sock *sock, gfp_t priority) +{ + if (blob_sizes.lbs_sock == 0) { + sock->sk_security = NULL; + return 0; + } + + sock->sk_security = kzalloc(blob_sizes.lbs_sock, priority); + if (sock->sk_security == NULL) + return -ENOMEM; + return 0; +} + /** * lsm_superblock_alloc - allocate a composite superblock blob * @sb: the superblock that needs a blob @@ -2048,12 +2073,21 @@ EXPORT_SYMBOL(security_socket_getpeersec_dgram); int security_sk_alloc(struct sock *sk, int family, gfp_t priority) { - return call_int_hook(sk_alloc_security, 0, sk, family, priority); + int rc = lsm_sock_alloc(sk, priority); + + if (unlikely(rc)) + return rc; + rc = call_int_hook(sk_alloc_security, 0, sk, family, priority); + if (unlikely(rc)) + security_sk_free(sk); + return rc; } void security_sk_free(struct sock *sk) { call_void_hook(sk_free_security, sk); + kfree(sk->sk_security); + sk->sk_security = NULL; } void security_sk_clone(const struct sock *sk, struct sock *newsk) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7478d8eda00a..f38a6f484613 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4319,7 +4319,7 @@ static int socket_sockcreate_sid(const struct task_security_struct *tsec, static int sock_has_perm(struct sock *sk, u32 perms) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); struct common_audit_data ad; struct lsm_network_audit net = {0,}; @@ -4376,7 +4376,7 @@ static int selinux_socket_post_create(struct socket *sock, int family, isec->initialized = LABEL_INITIALIZED; if (sock->sk) { - sksec = sock->sk->sk_security; + sksec = selinux_sock(sock->sk); sksec->sclass = sclass; sksec->sid = sid; /* Allows detection of the first association on this socket */ @@ -4392,8 +4392,8 @@ static int selinux_socket_post_create(struct socket *sock, int family, static int selinux_socket_socketpair(struct socket *socka, struct socket *sockb) { - struct sk_security_struct *sksec_a = socka->sk->sk_security; - struct sk_security_struct *sksec_b = sockb->sk->sk_security; + struct sk_security_struct *sksec_a = selinux_sock(socka->sk); + struct sk_security_struct *sksec_b = selinux_sock(sockb->sk); sksec_a->peer_sid = sksec_b->sid; sksec_b->peer_sid = sksec_a->sid; @@ -4408,7 +4408,7 @@ static int selinux_socket_socketpair(struct socket *socka, static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen) { struct sock *sk = sock->sk; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); u16 family; int err; @@ -4540,7 +4540,7 @@ static int selinux_socket_connect_helper(struct socket *sock, struct sockaddr *address, int addrlen) { struct sock *sk = sock->sk; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); int err; err = sock_has_perm(sk, SOCKET__CONNECT); @@ -4711,9 +4711,9 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk) { - struct sk_security_struct *sksec_sock = sock->sk_security; - struct sk_security_struct *sksec_other = other->sk_security; - struct sk_security_struct *sksec_new = newsk->sk_security; + struct sk_security_struct *sksec_sock = selinux_sock(sock); + struct sk_security_struct *sksec_other = selinux_sock(other); + struct sk_security_struct *sksec_new = selinux_sock(newsk); struct common_audit_data ad; struct lsm_network_audit net = {0,}; int err; @@ -4745,8 +4745,8 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, static int selinux_socket_unix_may_send(struct socket *sock, struct socket *other) { - struct sk_security_struct *ssec = sock->sk->sk_security; - struct sk_security_struct *osec = other->sk->sk_security; + struct sk_security_struct *ssec = selinux_sock(sock->sk); + struct sk_security_struct *osec = selinux_sock(other->sk); struct common_audit_data ad; struct lsm_network_audit net = {0,}; @@ -4788,7 +4788,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, u16 family) { int err = 0; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); u32 sk_sid = sksec->sid; struct common_audit_data ad; struct lsm_network_audit net = {0,}; @@ -4821,7 +4821,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) { int err; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); u16 family = sk->sk_family; u32 sk_sid = sksec->sid; struct common_audit_data ad; @@ -4889,13 +4889,15 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) return err; } -static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *optval, - int __user *optlen, unsigned len) +static int selinux_socket_getpeersec_stream(struct socket *sock, + __user char *optval, + __user int *optlen, + unsigned int len) { int err = 0; char *scontext; u32 scontext_len; - struct sk_security_struct *sksec = sock->sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sock->sk); u32 peer_sid = SECSID_NULL; if (sksec->sclass == SECCLASS_UNIX_STREAM_SOCKET || @@ -4955,34 +4957,27 @@ static int selinux_socket_getpeersec_dgram(struct socket *sock, struct sk_buff * static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority) { - struct sk_security_struct *sksec; - - sksec = kzalloc(sizeof(*sksec), priority); - if (!sksec) - return -ENOMEM; + struct sk_security_struct *sksec = selinux_sock(sk); sksec->peer_sid = SECINITSID_UNLABELED; sksec->sid = SECINITSID_UNLABELED; sksec->sclass = SECCLASS_SOCKET; selinux_netlbl_sk_security_reset(sksec); - sk->sk_security = sksec; return 0; } static void selinux_sk_free_security(struct sock *sk) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); - sk->sk_security = NULL; selinux_netlbl_sk_security_free(sksec); - kfree(sksec); } static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) { - struct sk_security_struct *sksec = sk->sk_security; - struct sk_security_struct *newsksec = newsk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); + struct sk_security_struct *newsksec = selinux_sock(newsk); newsksec->sid = sksec->sid; newsksec->peer_sid = sksec->peer_sid; @@ -4996,7 +4991,7 @@ static void selinux_sk_getsecid(struct sock *sk, u32 *secid) if (!sk) *secid = SECINITSID_ANY_SOCKET; else { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); *secid = sksec->sid; } @@ -5006,7 +5001,7 @@ static void selinux_sock_graft(struct sock *sk, struct socket *parent) { struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(parent)); - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 || sk->sk_family == PF_UNIX) @@ -5021,7 +5016,7 @@ static void selinux_sock_graft(struct sock *sk, struct socket *parent) static int selinux_sctp_assoc_request(struct sctp_endpoint *ep, struct sk_buff *skb) { - struct sk_security_struct *sksec = ep->base.sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(ep->base.sk); struct common_audit_data ad; struct lsm_network_audit net = {0,}; u8 peerlbl_active; @@ -5172,8 +5167,8 @@ static int selinux_sctp_bind_connect(struct sock *sk, int optname, static void selinux_sctp_sk_clone(struct sctp_endpoint *ep, struct sock *sk, struct sock *newsk) { - struct sk_security_struct *sksec = sk->sk_security; - struct sk_security_struct *newsksec = newsk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); + struct sk_security_struct *newsksec = selinux_sock(newsk); /* If policy does not support SECCLASS_SCTP_SOCKET then call * the non-sctp clone version. @@ -5190,7 +5185,7 @@ static void selinux_sctp_sk_clone(struct sctp_endpoint *ep, struct sock *sk, static int selinux_inet_conn_request(struct sock *sk, struct sk_buff *skb, struct request_sock *req) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); int err; u16 family = req->rsk_ops->family; u32 connsid; @@ -5211,7 +5206,7 @@ static int selinux_inet_conn_request(struct sock *sk, struct sk_buff *skb, static void selinux_inet_csk_clone(struct sock *newsk, const struct request_sock *req) { - struct sk_security_struct *newsksec = newsk->sk_security; + struct sk_security_struct *newsksec = selinux_sock(newsk); newsksec->sid = req->secid; newsksec->peer_sid = req->peer_secid; @@ -5228,7 +5223,7 @@ static void selinux_inet_csk_clone(struct sock *newsk, static void selinux_inet_conn_established(struct sock *sk, struct sk_buff *skb) { u16 family = sk->sk_family; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); /* handle mapped IPv4 packets arriving via IPv6 sockets */ if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) @@ -5312,7 +5307,7 @@ static int selinux_tun_dev_attach_queue(void *security) static int selinux_tun_dev_attach(struct sock *sk, void *security) { struct tun_security_struct *tunsec = security; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); /* we don't currently perform any NetLabel based labeling here and it * isn't clear that we would want to do so anyway; while we could apply @@ -5353,7 +5348,7 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) int err = 0; u32 perm; struct nlmsghdr *nlh; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); if (skb->len < NLMSG_HDRLEN) { err = -EINVAL; @@ -5494,7 +5489,7 @@ static unsigned int selinux_ip_output(struct sk_buff *skb, return NF_ACCEPT; /* standard practice, label using the parent socket */ - sksec = sk->sk_security; + sksec = selinux_sock(sk); sid = sksec->sid; } else sid = SECINITSID_KERNEL; @@ -5533,7 +5528,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, if (sk == NULL) return NF_ACCEPT; - sksec = sk->sk_security; + sksec = selinux_sock(sk); ad.type = LSM_AUDIT_DATA_NET; ad.u.net = &net; @@ -5625,7 +5620,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, u32 skb_sid; struct sk_security_struct *sksec; - sksec = sk->sk_security; + sksec = selinux_sock(sk); if (selinux_skb_peerlbl_sid(skb, family, &skb_sid)) return NF_DROP; /* At this point, if the returned skb peerlbl is SECSID_NULL @@ -5654,7 +5649,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, } else { /* Locally generated packet, fetch the security label from the * associated socket. */ - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); peer_sid = sksec->sid; secmark_perm = PACKET__SEND; } @@ -6633,6 +6628,7 @@ struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { .lbs_inode = sizeof(struct inode_security_struct), .lbs_ipc = sizeof(struct ipc_security_struct), .lbs_msg_msg = sizeof(struct msg_security_struct), + .lbs_sock = sizeof(struct sk_security_struct), .lbs_superblock = sizeof(struct superblock_security_struct), }; diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index d08d7e5d2f93..29f02b8f8f31 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -194,4 +194,9 @@ static inline struct superblock_security_struct *selinux_superblock( return superblock->s_security + selinux_blob_sizes.lbs_superblock; } +static inline struct sk_security_struct *selinux_sock(const struct sock *sock) +{ + return sock->sk_security + selinux_blob_sizes.lbs_sock; +} + #endif /* _SELINUX_OBJSEC_H_ */ diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index 186e727b737b..c40914a157b7 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -81,7 +82,7 @@ static int selinux_netlbl_sidlookup_cached(struct sk_buff *skb, static struct netlbl_lsm_secattr *selinux_netlbl_sock_genattr(struct sock *sk) { int rc; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); struct netlbl_lsm_secattr *secattr; if (sksec->nlbl_secattr != NULL) @@ -114,7 +115,7 @@ static struct netlbl_lsm_secattr *selinux_netlbl_sock_getattr( const struct sock *sk, u32 sid) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); struct netlbl_lsm_secattr *secattr = sksec->nlbl_secattr; if (secattr == NULL) @@ -249,7 +250,7 @@ int selinux_netlbl_skbuff_setsid(struct sk_buff *skb, * being labeled by it's parent socket, if it is just exit */ sk = skb_to_full_sk(skb); if (sk != NULL) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); if (sksec->nlbl_state != NLBL_REQSKB) return 0; @@ -287,7 +288,7 @@ int selinux_netlbl_sctp_assoc_request(struct sctp_endpoint *ep, { int rc; struct netlbl_lsm_secattr secattr; - struct sk_security_struct *sksec = ep->base.sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(ep->base.sk); struct sockaddr *addr; struct sockaddr_in addr4; #if IS_ENABLED(CONFIG_IPV6) @@ -370,7 +371,7 @@ int selinux_netlbl_inet_conn_request(struct request_sock *req, u16 family) */ void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); if (family == PF_INET) sksec->nlbl_state = NLBL_LABELED; @@ -388,8 +389,8 @@ void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family) */ void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk) { - struct sk_security_struct *sksec = sk->sk_security; - struct sk_security_struct *newsksec = newsk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); + struct sk_security_struct *newsksec = selinux_sock(newsk); newsksec->nlbl_state = sksec->nlbl_state; } @@ -407,7 +408,7 @@ void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk) int selinux_netlbl_socket_post_create(struct sock *sk, u16 family) { int rc; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); struct netlbl_lsm_secattr *secattr; if (family != PF_INET && family != PF_INET6) @@ -522,7 +523,7 @@ int selinux_netlbl_socket_setsockopt(struct socket *sock, { int rc = 0; struct sock *sk = sock->sk; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); struct netlbl_lsm_secattr secattr; if (selinux_netlbl_option(level, optname) && @@ -560,7 +561,7 @@ static int selinux_netlbl_socket_connect_helper(struct sock *sk, struct sockaddr *addr) { int rc; - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); struct netlbl_lsm_secattr *secattr; /* connected sockets are allowed to disconnect when the address family @@ -599,7 +600,7 @@ static int selinux_netlbl_socket_connect_helper(struct sock *sk, int selinux_netlbl_socket_connect_locked(struct sock *sk, struct sockaddr *addr) { - struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *sksec = selinux_sock(sk); if (sksec->nlbl_state != NLBL_REQSKB && sksec->nlbl_state != NLBL_CONNLABELED) diff --git a/security/smack/smack.h b/security/smack/smack.h index caecbcba9942..4ac4bf3310d7 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -375,6 +375,11 @@ static inline struct smack_known **smack_ipc(const struct kern_ipc_perm *ipc) return ipc->security + smack_blob_sizes.lbs_ipc; } +static inline struct socket_smack *smack_sock(const struct sock *sock) +{ + return sock->sk_security + smack_blob_sizes.lbs_sock; +} + static inline struct superblock_smack *smack_superblock( const struct super_block *superblock) { diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 807eff2ccce9..fd69e1bd841b 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1439,7 +1439,7 @@ static int smack_inode_getsecurity(struct inode *inode, if (sock == NULL || sock->sk == NULL) return -EOPNOTSUPP; - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); if (strcmp(name, XATTR_SMACK_IPIN) == 0) isp = ssp->smk_in; @@ -1821,7 +1821,7 @@ static int smack_file_receive(struct file *file) if (inode->i_sb->s_magic == SOCKFS_MAGIC) { sock = SOCKET_I(inode); - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); tsp = smack_cred(current_cred()); /* * If the receiving process can't write to the @@ -2231,11 +2231,7 @@ static void smack_task_to_inode(struct task_struct *p, struct inode *inode) static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) { struct smack_known *skp = smk_of_current(); - struct socket_smack *ssp; - - ssp = kzalloc(sizeof(struct socket_smack), gfp_flags); - if (ssp == NULL) - return -ENOMEM; + struct socket_smack *ssp = smack_sock(sk); /* * Sockets created by kernel threads receive web label. @@ -2249,11 +2245,10 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) } ssp->smk_packet = NULL; - sk->sk_security = ssp; - return 0; } +#ifdef SMACK_IPV6_PORT_LABELING /** * smack_sk_free_security - Free a socket blob * @sk: the socket @@ -2262,7 +2257,6 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) */ static void smack_sk_free_security(struct sock *sk) { -#ifdef SMACK_IPV6_PORT_LABELING struct smk_port_label *spp; if (sk->sk_family == PF_INET6) { @@ -2275,9 +2269,8 @@ static void smack_sk_free_security(struct sock *sk) } rcu_read_unlock(); } -#endif - kfree(sk->sk_security); } +#endif /** * smack_ipv4host_label - check host based restrictions @@ -2395,7 +2388,7 @@ static struct smack_known *smack_ipv6host_label(struct sockaddr_in6 *sip) static int smack_netlabel(struct sock *sk, int labeled) { struct smack_known *skp; - struct socket_smack *ssp = sk->sk_security; + struct socket_smack *ssp = smack_sock(sk); int rc = 0; /* @@ -2440,7 +2433,7 @@ static int smack_netlabel_send(struct sock *sk, struct sockaddr_in *sap) int rc; int sk_lbl; struct smack_known *hkp; - struct socket_smack *ssp = sk->sk_security; + struct socket_smack *ssp = smack_sock(sk); struct smk_audit_info ad; rcu_read_lock(); @@ -2516,7 +2509,7 @@ static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address) { struct sock *sk = sock->sk; struct sockaddr_in6 *addr6; - struct socket_smack *ssp = sock->sk->sk_security; + struct socket_smack *ssp = smack_sock(sock->sk); struct smk_port_label *spp; unsigned short port = 0; @@ -2603,7 +2596,7 @@ static int smk_ipv6_port_check(struct sock *sk, struct sockaddr_in6 *address, int act) { struct smk_port_label *spp; - struct socket_smack *ssp = sk->sk_security; + struct socket_smack *ssp = smack_sock(sk); struct smack_known *skp = NULL; unsigned short port; struct smack_known *object; @@ -2697,7 +2690,7 @@ static int smack_inode_setsecurity(struct inode *inode, const char *name, if (sock == NULL || sock->sk == NULL) return -EOPNOTSUPP; - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); if (strcmp(name, XATTR_SMACK_IPIN) == 0) ssp->smk_in = skp; @@ -2745,7 +2738,7 @@ static int smack_socket_post_create(struct socket *sock, int family, * Sockets created by kernel threads receive web label. */ if (unlikely(current->flags & PF_KTHREAD)) { - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); ssp->smk_in = &smack_known_web; ssp->smk_out = &smack_known_web; } @@ -2770,8 +2763,8 @@ static int smack_socket_post_create(struct socket *sock, int family, static int smack_socket_socketpair(struct socket *socka, struct socket *sockb) { - struct socket_smack *asp = socka->sk->sk_security; - struct socket_smack *bsp = sockb->sk->sk_security; + struct socket_smack *asp = smack_sock(socka->sk); + struct socket_smack *bsp = smack_sock(sockb->sk); asp->smk_packet = bsp->smk_out; bsp->smk_packet = asp->smk_out; @@ -2825,7 +2818,7 @@ static int smack_socket_connect(struct socket *sock, struct sockaddr *sap, return 0; #ifdef SMACK_IPV6_SECMARK_LABELING - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); #endif switch (sock->sk->sk_family) { @@ -3566,9 +3559,9 @@ static int smack_unix_stream_connect(struct sock *sock, { struct smack_known *skp; struct smack_known *okp; - struct socket_smack *ssp = sock->sk_security; - struct socket_smack *osp = other->sk_security; - struct socket_smack *nsp = newsk->sk_security; + struct socket_smack *ssp = smack_sock(sock); + struct socket_smack *osp = smack_sock(other); + struct socket_smack *nsp = smack_sock(newsk); struct smk_audit_info ad; int rc = 0; #ifdef CONFIG_AUDIT @@ -3614,8 +3607,8 @@ static int smack_unix_stream_connect(struct sock *sock, */ static int smack_unix_may_send(struct socket *sock, struct socket *other) { - struct socket_smack *ssp = sock->sk->sk_security; - struct socket_smack *osp = other->sk->sk_security; + struct socket_smack *ssp = smack_sock(sock->sk); + struct socket_smack *osp = smack_sock(other->sk); struct smk_audit_info ad; int rc; @@ -3652,7 +3645,7 @@ static int smack_socket_sendmsg(struct socket *sock, struct msghdr *msg, struct sockaddr_in6 *sap = (struct sockaddr_in6 *) msg->msg_name; #endif #ifdef SMACK_IPV6_SECMARK_LABELING - struct socket_smack *ssp = sock->sk->sk_security; + struct socket_smack *ssp = smack_sock(sock->sk); struct smack_known *rsp; #endif int rc = 0; @@ -3817,7 +3810,7 @@ static int smk_skb_to_addr_ipv6(struct sk_buff *skb, struct sockaddr_in6 *sip) static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) { struct netlbl_lsm_secattr secattr; - struct socket_smack *ssp = sk->sk_security; + struct socket_smack *ssp = smack_sock(sk); struct smack_known *skp = NULL; int rc = 0; struct smk_audit_info ad; @@ -3934,7 +3927,7 @@ static int smack_socket_getpeersec_stream(struct socket *sock, int slen = 1; int rc = 0; - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); if (ssp->smk_packet != NULL) { rcp = ssp->smk_packet->smk_known; slen = strlen(rcp) + 1; @@ -3984,7 +3977,7 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, switch (family) { case PF_UNIX: - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); s = ssp->smk_out->smk_secid; break; case PF_INET: @@ -3997,7 +3990,7 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, * Translate what netlabel gave us. */ if (sock != NULL && sock->sk != NULL) - ssp = sock->sk->sk_security; + ssp = smack_sock(sock->sk); netlbl_secattr_init(&secattr); rc = netlbl_skbuff_getattr(skb, family, &secattr); if (rc == 0) { @@ -4035,7 +4028,7 @@ static void smack_sock_graft(struct sock *sk, struct socket *parent) (sk->sk_family != PF_INET && sk->sk_family != PF_INET6)) return; - ssp = sk->sk_security; + ssp = smack_sock(sk); ssp->smk_in = skp; ssp->smk_out = skp; /* cssp->smk_packet is already set in smack_inet_csk_clone() */ @@ -4055,7 +4048,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, { u16 family = sk->sk_family; struct smack_known *skp; - struct socket_smack *ssp = sk->sk_security; + struct socket_smack *ssp = smack_sock(sk); struct netlbl_lsm_secattr secattr; struct sockaddr_in addr; struct iphdr *hdr; @@ -4154,7 +4147,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, static void smack_inet_csk_clone(struct sock *sk, const struct request_sock *req) { - struct socket_smack *ssp = sk->sk_security; + struct socket_smack *ssp = smack_sock(sk); struct smack_known *skp; if (req->peer_secid != 0) { @@ -4558,6 +4551,7 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_inode = sizeof(struct inode_smack), .lbs_ipc = sizeof(struct smack_known *), .lbs_msg_msg = sizeof(struct smack_known *), + .lbs_sock = sizeof(struct socket_smack), .lbs_superblock = sizeof(struct superblock_smack), }; @@ -4667,7 +4661,9 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(socket_getpeersec_stream, smack_socket_getpeersec_stream), LSM_HOOK_INIT(socket_getpeersec_dgram, smack_socket_getpeersec_dgram), LSM_HOOK_INIT(sk_alloc_security, smack_sk_alloc_security), +#ifdef SMACK_IPV6_PORT_LABELING LSM_HOOK_INIT(sk_free_security, smack_sk_free_security), +#endif LSM_HOOK_INIT(sock_graft, smack_sock_graft), LSM_HOOK_INIT(inet_conn_request, smack_inet_conn_request), LSM_HOOK_INIT(inet_csk_clone, smack_inet_csk_clone), diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c index e36d17835d4f..701a1cc1bdcc 100644 --- a/security/smack/smack_netfilter.c +++ b/security/smack/smack_netfilter.c @@ -31,8 +31,8 @@ static unsigned int smack_ipv6_output(void *priv, struct socket_smack *ssp; struct smack_known *skp; - if (sk && sk->sk_security) { - ssp = sk->sk_security; + if (sk && smack_sock(sk)) { + ssp = smack_sock(sk); skp = ssp->smk_out; skb->secmark = skp->smk_secid; } @@ -49,8 +49,8 @@ static unsigned int smack_ipv4_output(void *priv, struct socket_smack *ssp; struct smack_known *skp; - if (sk && sk->sk_security) { - ssp = sk->sk_security; + if (sk && smack_sock(sk)) { + ssp = smack_sock(sk); skp = ssp->smk_out; skb->secmark = skp->smk_secid; } From patchwork Fri Apr 19 00:44:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908277 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 11E381515 for ; Fri, 19 Apr 2019 00:46:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 032DD28B8F for ; Fri, 19 Apr 2019 00:46:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id EBEE728B9C; Fri, 19 Apr 2019 00:46:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 46CB228B9D for ; Fri, 19 Apr 2019 00:46:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726648AbfDSAqc (ORCPT ); Thu, 18 Apr 2019 20:46:32 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:45868 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726650AbfDSAqc (ORCPT ); Thu, 18 Apr 2019 20:46:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634789; bh=dF+9lBJ8wYV5xYvHfxtglumJAG1aS1bgW4kXIJ5xz2c=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=SC/qhHCEwSyHN2gokpCHWugVqh8YzGzvUJ65+G2RkC/A9I9vCX/Z+XTIDEf7DMvuuEf+xEXT8tpmvUaV0QH6A14xjQkNKXuwaT8IEmggr4YCnJZEVNKBbYh9EdQ09d1gvDld1TqRqWmkzC+FGkxRlEc+p2/A1UF3Z5e4eZAFNDqi6SmfTh2oJOTNJ7DVyIdptEQd2AS7ot4uuX4229P4+ZzoogqCsOzZv46tOCZzszRNDa31FY97EbSVSDo6izZn24j6Tev/kaquTBjdCWjgx5Y9tx/MAS/UypKss9higyDItss54/wyBV30rAfboLpNVNEtlKHV2i8+n3sObPZ59g== X-YMail-OSG: .iBumtEVM1kdV6mqAkM.wznztDR3BW1YOtDdLS1ZBDF8XrzF_7aBhiQfAKUv_al 9mGX925HfYBWxNr8H5JTq1yDrzNP_i5XMymE_LmJzdzbqkXrqDWX74pqsg_Fu2lCj4M5k2qed6BQ 8U7hniFBTB60WVtgwQEt73eSlo_EBhGhDQVx1gCItGd6dqrsu_y6BqPtqcohS1GKXJ5u634I_nHE IWADKBeQWRmOJNzeiy3Oi6hrls2mkx3CzMelZwi5yOerYyZGBn4kBiLR8wJIzO1LZNfIFn99Kk.U yCzsYEq7dNYzhxwQupTBAUu1bkACF192wlMKolOeYOsZ9hl46tuA8FlkXyNGTHr6FdO68wQv_2ew uwb8WpXFXB.v0vWnnramPd5_DYgZg4jy8yUSxZG_P91RCQ2MN7N2uPzrC5c2Hjgwn2n_yd3u8v3W nsOYNjIeSEGKspxMkykDXjUcEv6Id_mxSjxwEDFljTWwr4IEdiYC7RCf.x.O81I_1CRmMtNWeY70 o_Olqkzz.8XW7swtz2iBD6kIY10j46x.Znzfv9YXhlx5n1NFfZsse5wQI3v8dbc9U4zbZruQhPi3 1y2qtfWH0aJ3__is5S6uIqU8YOralUBoBgKKhnCd.swKhGA_s6jtHgCKgKX4QtXjP7Hs.dCaVkZa 8qiBXgWcSslNSUI0I9BQp5tr0Z6usBsnR.xHVE.FeZfmWvXtJBT4Tt1SGHOgo37MR_W4FIJ7OOMk G406gl.6S.PAGHcJRImetMkrQxuaVQbDwJmpoAN0TnGC3.iNrdYkheR5rIH6RbhawN5F3UWHgDqo KLpHwylEKMfWkTItfOn_PZI60Gb3ukia4UwwnrWjT3pirCP1WmNOOGQ_z.Vtbr0fwoVmsOIwFpRF cdsC9qvWkHar8_829MM_dzZEFBhTKyXKdloOMqzjiQ8YCme3kg6GEJ_HNrxI48ZYNfThRTF2bCXD OQbUX80Ih7sq63MpVsMOx4AKlXmumMY7zCiZV.XpYoxcNPxDeaFSPt5ssj7R86QyBgiJs7ub7eYx x8NVBgGIlcAcYr6CBvZVVPhXp7_Jn7A6eeZrPPSSRd.t2xsJOI40HmhchLBg6x5e6qhM37I_V_F_ HYoQn5FyAy.bv7f_w9clS3grOaLN1VjGbcenJFcyhBn7cyN71SQN9d.rlZIa7aQcBdSQrYcMaHk2 bbixw1n1a Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:29 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp431.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID cf1bd369acc816a9d15b1740f4265439; Fri, 19 Apr 2019 00:46:27 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 03/90] LSM: Infrastructure management of the key security blob Date: Thu, 18 Apr 2019 17:44:50 -0700 Message-Id: <20190419004617.64627-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Move management of the key->security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 1 + security/security.c | 40 ++++++++++++++++++++++++++++++- security/selinux/hooks.c | 23 +++++------------- security/selinux/include/objsec.h | 7 ++++++ security/smack/smack.h | 7 ++++++ security/smack/smack_lsm.c | 33 ++++++++++++------------- 6 files changed, 75 insertions(+), 36 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 1dbed888dab0..9e3d593a1ec3 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2058,6 +2058,7 @@ struct lsm_blob_sizes { int lbs_sock; int lbs_superblock; int lbs_ipc; + int lbs_key; int lbs_msg_msg; int lbs_task; }; diff --git a/security/security.c b/security/security.c index e32b7180282e..d05f00a40e82 100644 --- a/security/security.c +++ b/security/security.c @@ -172,6 +172,9 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) blob_sizes.lbs_inode = sizeof(struct rcu_head); lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); +#ifdef CONFIG_KEYS + lsm_set_blob_size(&needed->lbs_key, &blob_sizes.lbs_key); +#endif lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); lsm_set_blob_size(&needed->lbs_sock, &blob_sizes.lbs_sock); lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); @@ -307,6 +310,9 @@ static void __init ordered_lsm_init(void) init_debug("file blob size = %d\n", blob_sizes.lbs_file); init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); +#ifdef CONFIG_KEYS + init_debug("key blob size = %d\n", blob_sizes.lbs_key); +#endif /* CONFIG_KEYS */ init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); @@ -573,6 +579,29 @@ static int lsm_ipc_alloc(struct kern_ipc_perm *kip) return 0; } +#ifdef CONFIG_KEYS +/** + * lsm_key_alloc - allocate a composite key blob + * @key: the key that needs a blob + * + * Allocate the key blob for all the modules + * + * Returns 0, or -ENOMEM if memory can't be allocated. + */ +int lsm_key_alloc(struct key *key) +{ + if (blob_sizes.lbs_key == 0) { + key->security = NULL; + return 0; + } + + key->security = kzalloc(blob_sizes.lbs_key, GFP_KERNEL); + if (key->security == NULL) + return -ENOMEM; + return 0; +} +#endif /* CONFIG_KEYS */ + /** * lsm_msg_msg_alloc - allocate a composite msg_msg blob * @mp: the msg_msg that needs a blob @@ -2339,12 +2368,21 @@ EXPORT_SYMBOL(security_skb_classify_flow); int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags) { - return call_int_hook(key_alloc, 0, key, cred, flags); + int rc = lsm_key_alloc(key); + + if (unlikely(rc)) + return rc; + rc = call_int_hook(key_alloc, 0, key, cred, flags); + if (unlikely(rc)) + security_key_free(key); + return rc; } void security_key_free(struct key *key) { call_void_hook(key_free, key); + kfree(key->security); + key->security = NULL; } int security_key_permission(key_ref_t key_ref, diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f38a6f484613..ee840fecfebb 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6353,11 +6353,7 @@ static int selinux_key_alloc(struct key *k, const struct cred *cred, unsigned long flags) { const struct task_security_struct *tsec; - struct key_security_struct *ksec; - - ksec = kzalloc(sizeof(struct key_security_struct), GFP_KERNEL); - if (!ksec) - return -ENOMEM; + struct key_security_struct *ksec = selinux_key(k); tsec = selinux_cred(cred); if (tsec->keycreate_sid) @@ -6365,18 +6361,9 @@ static int selinux_key_alloc(struct key *k, const struct cred *cred, else ksec->sid = tsec->sid; - k->security = ksec; return 0; } -static void selinux_key_free(struct key *k) -{ - struct key_security_struct *ksec = k->security; - - k->security = NULL; - kfree(ksec); -} - static int selinux_key_permission(key_ref_t key_ref, const struct cred *cred, unsigned perm) @@ -6394,7 +6381,7 @@ static int selinux_key_permission(key_ref_t key_ref, sid = cred_sid(cred); key = key_ref_to_ptr(key_ref); - ksec = key->security; + ksec = selinux_key(key); return avc_has_perm(&selinux_state, sid, ksec->sid, SECCLASS_KEY, perm, NULL); @@ -6402,7 +6389,7 @@ static int selinux_key_permission(key_ref_t key_ref, static int selinux_key_getsecurity(struct key *key, char **_buffer) { - struct key_security_struct *ksec = key->security; + struct key_security_struct *ksec = selinux_key(key); char *context = NULL; unsigned len; int rc; @@ -6627,6 +6614,9 @@ struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { .lbs_file = sizeof(struct file_security_struct), .lbs_inode = sizeof(struct inode_security_struct), .lbs_ipc = sizeof(struct ipc_security_struct), +#ifdef CONFIG_KEYS + .lbs_key = sizeof(struct key_security_struct), +#endif /* CONFIG_KEYS */ .lbs_msg_msg = sizeof(struct msg_security_struct), .lbs_sock = sizeof(struct sk_security_struct), .lbs_superblock = sizeof(struct superblock_security_struct), @@ -6842,7 +6832,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { #ifdef CONFIG_KEYS LSM_HOOK_INIT(key_alloc, selinux_key_alloc), - LSM_HOOK_INIT(key_free, selinux_key_free), LSM_HOOK_INIT(key_permission, selinux_key_permission), LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), #endif diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 29f02b8f8f31..3b78aa4ee98f 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -194,6 +194,13 @@ static inline struct superblock_security_struct *selinux_superblock( return superblock->s_security + selinux_blob_sizes.lbs_superblock; } +#ifdef CONFIG_KEYS +static inline struct key_security_struct *selinux_key(const struct key *key) +{ + return key->security + selinux_blob_sizes.lbs_key; +} +#endif /* CONFIG_KEYS */ + static inline struct sk_security_struct *selinux_sock(const struct sock *sock) { return sock->sk_security + selinux_blob_sizes.lbs_sock; diff --git a/security/smack/smack.h b/security/smack/smack.h index 4ac4bf3310d7..7cc3a3382fee 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -386,6 +386,13 @@ static inline struct superblock_smack *smack_superblock( return superblock->s_security + smack_blob_sizes.lbs_superblock; } +#ifdef CONFIG_KEYS +static inline struct smack_known **smack_key(const struct key *key) +{ + return key->security + smack_blob_sizes.lbs_key; +} +#endif /* CONFIG_KEYS */ + /* * Is the directory transmuting? */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index fd69e1bd841b..e9560b078efe 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4179,23 +4179,13 @@ static void smack_inet_csk_clone(struct sock *sk, static int smack_key_alloc(struct key *key, const struct cred *cred, unsigned long flags) { + struct smack_known **blob = smack_key(key); struct smack_known *skp = smk_of_task(smack_cred(cred)); - key->security = skp; + *blob = skp; return 0; } -/** - * smack_key_free - Clear the key security blob - * @key: the object - * - * Clear the blob pointer - */ -static void smack_key_free(struct key *key) -{ - key->security = NULL; -} - /** * smack_key_permission - Smack access on a key * @key_ref: gets to the object @@ -4208,6 +4198,8 @@ static void smack_key_free(struct key *key) static int smack_key_permission(key_ref_t key_ref, const struct cred *cred, unsigned perm) { + struct smack_known **blob; + struct smack_known *skp; struct key *keyp; struct smk_audit_info ad; struct smack_known *tkp = smk_of_task(smack_cred(cred)); @@ -4227,7 +4219,9 @@ static int smack_key_permission(key_ref_t key_ref, * If the key hasn't been initialized give it access so that * it may do so. */ - if (keyp->security == NULL) + blob = smack_key(keyp); + skp = *blob; + if (skp == NULL) return 0; /* * This should not occur @@ -4247,8 +4241,8 @@ static int smack_key_permission(key_ref_t key_ref, request |= MAY_READ; if (perm & (KEY_NEED_WRITE | KEY_NEED_LINK | KEY_NEED_SETATTR)) request |= MAY_WRITE; - rc = smk_access(tkp, keyp->security, request, &ad); - rc = smk_bu_note("key access", tkp, keyp->security, request, rc); + rc = smk_access(tkp, skp, request, &ad); + rc = smk_bu_note("key access", tkp, skp, request, rc); return rc; } @@ -4263,11 +4257,12 @@ static int smack_key_permission(key_ref_t key_ref, */ static int smack_key_getsecurity(struct key *key, char **_buffer) { - struct smack_known *skp = key->security; + struct smack_known **blob = smack_key(key); + struct smack_known *skp = *blob; size_t length; char *copy; - if (key->security == NULL) { + if (skp == NULL) { *_buffer = NULL; return 0; } @@ -4550,6 +4545,9 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_file = sizeof(struct smack_known *), .lbs_inode = sizeof(struct inode_smack), .lbs_ipc = sizeof(struct smack_known *), +#ifdef CONFIG_KEYS + .lbs_key = sizeof(struct smack_known *), +#endif /* CONFIG_KEYS */ .lbs_msg_msg = sizeof(struct smack_known *), .lbs_sock = sizeof(struct socket_smack), .lbs_superblock = sizeof(struct superblock_smack), @@ -4671,7 +4669,6 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { /* key management security hooks */ #ifdef CONFIG_KEYS LSM_HOOK_INIT(key_alloc, smack_key_alloc), - LSM_HOOK_INIT(key_free, smack_key_free), LSM_HOOK_INIT(key_permission, smack_key_permission), LSM_HOOK_INIT(key_getsecurity, smack_key_getsecurity), #endif /* CONFIG_KEYS */ From patchwork Fri Apr 19 00:44:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908269 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9F5CC17E0 for ; Fri, 19 Apr 2019 00:46:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9086728B9C for ; Fri, 19 Apr 2019 00:46:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8544E28B9F; Fri, 19 Apr 2019 00:46:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EB45B28B9C for ; Fri, 19 Apr 2019 00:46:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726669AbfDSAqa (ORCPT ); Thu, 18 Apr 2019 20:46:30 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:44220 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726583AbfDSAqa (ORCPT ); Thu, 18 Apr 2019 20:46:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634789; bh=is2u5Y0DRwzBY1W00Se6/XMCwBAVUpvFG8LStFYaqTs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=royU8HOBj1RogF08UJmD7RTmxVn1sxkSpUNfj6Sc7KqEq9zLVW7kElntGqvRbdYl1JMrkbTQuLwr4aguOu6yi1RmiXDkMzTvaxr0/d5vwK8fIM6SAOMiWupH8QqjjG1V8vyLLH6AVq3UcDsv0KfpPNwnJIkyDMAG9XsP12viBHX9ILKBhtTGkXAu+Mta2xTxf2NFiykCE1mSSL/kgmjo5SloiMw3oATRrPeiUC/IXverNe1jsBG61+2IBacy0LOvaCao8P0t3z53KT7Of/nbnbszMQQjKzu6+mKpFdy8PwXVKQgCFZh9B5w3Nd+gQdKVS74ykIQtSpUGK++duwabhQ== X-YMail-OSG: GsJJH54VM1lQvmCcBjisXnYJEsEzLp5MYCDxIz9y4VDvE0BFjeDajr8NQHJIYgX Ok0rmL1lqHNzgax5r0UEKt.9ywPw_FGc4HFkSqGSuU482mdDQiksAoLBvJCUCGHRUqH4Dl.hKZOR ynKyT6iQNrQtbGhQMzxMRHhNRCnJo0bs.aHESI5pGECR3LVELmh5yHeXdyA3gF6eAvJpePcKJyWW ky9eYydpL.DqxSvTChqJYEgE61pgObMCcZYhwDAx9CKb.BXObw_AIZuIXBFtjDnaS2CZcfvPTWE3 _7.BH7_fcy56a6pf9x0QWi1Nb6Z96s_WpR5X6z73ae0EjgakOIn_u4Qyq72sNyagDY47IaPI2_ei DzYCX2f6weCaVlprmDJzvNDzujSoVoXNv0kwOt3nN9xwmpBp5esoo64jbSSXn22a4W1Hy3Jvcupr bhtIoKOi5P3msYOK967eszgvBdCOrtiVrza_4IbtXMmjS42ZvqjPeSoMoJbHsxutE9ghh5eX7ghM O3gCnTXpmm84Ux.mq.wta4xBR6K0eZeTEDwuwGTP.b8v9pYYUKYNgFYHhdvB0D9AeTCCgRzPe7Kl A7dYMYz78KDx_PJet.BIktSMz450VU_ubdevHT4Xz639DoP2ZxMUUiZHMd94hAIDhtxZZDaUBtZm agaxAqysyuRhfwASqXSY_6TePs3rceUvk08UMzEXJ_mbXoMoTMO0xm71YHuyun1gEWHzcaue2MBh m6VRiUlkqR9OV1QLfEkMazX9B8ZtPOHN9KR.JtoTK7ijr5Ub1Njg8EC81QC4HiOuIdEDYU3lYjkD A6DzWAaDOUmpMAs60A5brb44WdSVw._tLwoRFCmC9dqZS2yWxgSTzQkZV1vcvwSziHVYunPTT3QW nNBWhVuKtCrmr3gh9viN5Sbix5x2hZlJ9qRjuj7iueTP_369wyb8t5.CNnQmKlnNj4Po91kvy05n I_thAbdE26k1YZV2clJlYxM3slQJjtk8D8lMu0nzxjfWAnToBbattZJPpuZtdEQbeUgFzoChBZbC 7h1Y38feou9eQduofR_gJ7fVtdadRWHt80rJDXjbGq06liTkBGqADbJ2hr7qPnUtg60MVsI4g8NL rs7wH7FU.o6HwDw_nAa1iSxMetbcGy6bXjUWUCe_zz4v_Q_h_QGRD.Kuie4.G93dxiAPleFaCHgm 7jOKNkp3n Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:29 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp431.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID cf1bd369acc816a9d15b1740f4265439; Fri, 19 Apr 2019 00:46:28 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 04/90] LSM: Create an lsm_export data structure. Date: Thu, 18 Apr 2019 17:44:51 -0700 Message-Id: <20190419004617.64627-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP When more than one security module is exporting data to audit and networking sub-systems a single 32 bit integer is no longer sufficient to represent the data. Add a structure to be used instead. Signed-off-by: Casey Schaufler --- include/linux/security.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 49f2685324b0..81f9f79f9a1e 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -76,6 +76,18 @@ enum lsm_event { LSM_POLICY_CHANGE, }; +/* Data exported by the security modules */ +struct lsm_export { + u32 selinux; + u32 smack; + u32 apparmor; + u32 flags; +}; +#define LSM_EXPORT_NONE 0x00 +#define LSM_EXPORT_SELINUX 0x01 +#define LSM_EXPORT_SMACK 0x02 +#define LSM_EXPORT_APPARMOR 0x04 + /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts); From patchwork Fri Apr 19 00:44:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908281 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0655C922 for ; Fri, 19 Apr 2019 00:46:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EAF7228B8F for ; Fri, 19 Apr 2019 00:46:40 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C8FD828BA0; Fri, 19 Apr 2019 00:46:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 50C4628B9C for ; Fri, 19 Apr 2019 00:46:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726703AbfDSAqj (ORCPT ); Thu, 18 Apr 2019 20:46:39 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:43803 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726659AbfDSAqj (ORCPT ); Thu, 18 Apr 2019 20:46:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634797; bh=NZEtztwTT91pajlXg+jbP5POdRvcqe1ikLbatbSvXaQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=uPIQjpm50yOW3wPvqNqpSxs8u7lMCFG08Cz051E9jPBqfSoJXjytpYBB1RfIMaSfbi4GVbUJRxBm8yFEA53k1HWt/XpfO6bdmWZZS6xxrMkVdFL7u+pvPqsbXfi04m5tq6p0P2n40R0yKw+GfdnknxZHe4vG8bf4e97P4l66OqzMDEfimjSx94yLpbbGG/G4kgXHS6xJLX5Y2idPnNxirfk5S70KpEWy7PCEEeSuVLA7gfjgszZXUvoORQKoS0hDMXFVC8ag/j5E7WBlIGpucJJUJpVQiKrsZu6tdNfHxB4tRGHhk2AJM3+wL3/k40EyGey4eXNdpqrSLe43tbv+3A== X-YMail-OSG: 12p.1xEVM1lzCnvL1jkLqELHtBj.EJAJYGilsHsdx22GXMfncas93_x5kbTXe3G Aswzk_Er6nEp15PV1H8bDMmbqezFjem4VqJYr1hFRQBsmbJ.oZK7zF1j8fXNLPikPCtukoCYaaa6 XEDDb88SNGHiivJVMjknJDMlfzmE2n13QW_K4bd3gsBG250g_IhzIgzjXqdMD0u0nIl9MQb_VDpk NeUoXuM2IxSbNd7hidsOz3A50T.TB5WkQgHWjiSwX3Wn8IqQ9vjkDEE.Fno_IFv4F0IZXYCxlvOF nQupWI28tFzcPcExt3Wit0eUkEC6Aov9C9QjenOET7ZLNl6jLlQB.u8dh9IMNXCca_LESCTLq87_ Ds.ZBjQB1CkC9EQO58EKClnqo5Ny4b9xh.8d.6AXb.hvvMgyZ4HgEUtR7xDiRllVHfpNcQiyttuW TMFvfQtidFSNOVHSNtJkZlr9B9dl0UOHizBj88OqXMh6CvPnb9L47zTtBWftvdJOYItMNZihJItW C0Dvr7bWqMF6FTuHusK6qbXT8wks7pYM48Ia.z4jUY9Dr2mtMEqRYoVwIajxBMsn.s4.3zXuW8_p ukFlY5tbUvyNXnKGqLedoTyn8D7kRqQl6uRUlDvOekboO.5USzWgFW5Lg2UoYqFlns0tTb0Qkazi N7sO0Gw1sLNA2o1v8nvcgzVKCISHL.xDZ7ALRtfr.BJ2rBHntFeg_6BK.zLJRvOIL7XvMGPVuG44 FwmK7YEPdpHz1DgBAOnsqfFKiOmWZtHkYxSzWP_rCGmYdf8_AEeyt.ywus6EyseVrtd_IdOI2Ls4 L93Ub.1DRBkX_JnrUPXpmcRw7ufl3kCm7tGckUb434poKjpXfSNYO4lL30Ip3aovZrndKh.kJWOV 8UMKkumI3190bhIo7C8HCBIa1da3Yw_hzRCjQb2QwURnFz.ps6TLLxP79QctLxf88nTFKRm9b8lG 39prO4M_7JV3xxetDXRmhaJKBecCjigq1iHLzXXcEoK4Xlb4p5C88uz6IjgXCJOYocvLTm8EjRfX WlAo8Uz6_C09NJO_BUFxjBvYR97iw5n9C53ttk.hMGpcAESy_Ar_k6qEtW3PKSAQ6gYVOziXM1bX RsnQ4RNG9FpZLLaLG5wqWHIndPtIPG2WaaH_LsMxtjRzH0CUAWgQIf46qRRE0u7Xg18JxfwXRr0H zlm5OiiI- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:37 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 832c03259c9605aacd6ad56a0995a740; Fri, 19 Apr 2019 00:46:36 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 05/90] LSM: Use lsm_export in the inode_getsecid hooks Date: Thu, 18 Apr 2019 17:44:52 -0700 Message-Id: <20190419004617.64627-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the inode_getsecid hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_inode_getsecid() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 4 ++-- include/linux/security.h | 5 +++++ security/security.c | 35 ++++++++++++++++++++++++++++++++++- security/selinux/hooks.c | 21 ++++++++++++++++----- security/smack/smack_lsm.c | 13 +++++++++++-- 5 files changed, 68 insertions(+), 10 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 9e3d593a1ec3..baeb83ef487d 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -425,7 +425,7 @@ * @inode_getsecid: * Get the secid associated with the node. * @inode contains a pointer to the inode. - * @secid contains a pointer to the location where result will be saved. + * @data contains a pointer to the location where result will be saved. * In case of failure, @secid will be set to zero. * @inode_copy_up: * A file is about to be copied up from lower layer to upper layer of @@ -1574,7 +1574,7 @@ union security_list_options { int flags); int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); - void (*inode_getsecid)(struct inode *inode, u32 *secid); + void (*inode_getsecid)(struct inode *inode, struct lsm_export *data); int (*inode_copy_up)(struct dentry *src, struct cred **new); int (*inode_copy_up_xattr)(const char *name); diff --git a/include/linux/security.h b/include/linux/security.h index 81f9f79f9a1e..fb19f41d630b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -88,6 +88,11 @@ struct lsm_export { #define LSM_EXPORT_SMACK 0x02 #define LSM_EXPORT_APPARMOR 0x04 +static inline void lsm_export_init(struct lsm_export *l) +{ + memset(l, 0, sizeof(*l)); +} + /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts); diff --git a/security/security.c b/security/security.c index d05f00a40e82..a1f28a5e582b 100644 --- a/security/security.c +++ b/security/security.c @@ -712,6 +712,36 @@ int lsm_superblock_alloc(struct super_block *sb) RC; \ }) +/** + * lsm_export_secid - pull the useful secid out of a lsm_export + * @data: the containing data structure + * @secid: where to put the one that matters. + * + * Shim that will disappear when all lsm_export conversions are done. + */ +static inline void lsm_export_secid(struct lsm_export *data, u32 *secid) +{ + switch (data->flags) { + case LSM_EXPORT_NONE: + *secid = 0; + break; + case LSM_EXPORT_SELINUX: + *secid = data->selinux; + break; + case LSM_EXPORT_SMACK: + *secid = data->smack; + break; + case LSM_EXPORT_APPARMOR: + *secid = data->apparmor; + break; + default: + pr_warn("%s flags=0x%u - not a valid set\n", __func__, + data->flags); + *secid = 0; + break; + } +} + /* Security operations */ int security_binder_set_context_mgr(struct task_struct *mgr) @@ -1389,7 +1419,10 @@ EXPORT_SYMBOL(security_inode_listsecurity); void security_inode_getsecid(struct inode *inode, u32 *secid) { - call_void_hook(inode_getsecid, inode, secid); + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + call_void_hook(inode_getsecid, inode, &data); + lsm_export_secid(&data, secid); } int security_inode_copy_up(struct dentry *src, struct cred **new) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ee840fecfebb..0e31be22d9bb 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -213,6 +213,15 @@ static void cred_init_security(void) tsec->osid = tsec->sid = SECINITSID_KERNEL; } +/* + * Set the SELinux secid in an lsm_export structure + */ +static inline void selinux_export_secid(struct lsm_export *l, u32 secid) +{ + l->selinux = secid; + l->flags |= LSM_EXPORT_SELINUX; +} + /* * get the security ID of a set of credentials */ @@ -3316,15 +3325,16 @@ static int selinux_inode_listsecurity(struct inode *inode, char *buffer, size_t return len; } -static void selinux_inode_getsecid(struct inode *inode, u32 *secid) +static void selinux_inode_getsecid(struct inode *inode, struct lsm_export *l) { struct inode_security_struct *isec = inode_security_novalidate(inode); - *secid = isec->sid; + + selinux_export_secid(l, isec->sid); } static int selinux_inode_copy_up(struct dentry *src, struct cred **new) { - u32 sid; + struct lsm_export l; struct task_security_struct *tsec; struct cred *new_creds = *new; @@ -3336,8 +3346,9 @@ static int selinux_inode_copy_up(struct dentry *src, struct cred **new) tsec = selinux_cred(new_creds); /* Get label from overlay inode and set it in create_sid */ - selinux_inode_getsecid(d_inode(src), &sid); - tsec->create_sid = sid; + lsm_export_init(&l); + selinux_inode_getsecid(d_inode(src), &l); + tsec->create_sid = l.selinux; *new = new_creds; return 0; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e9560b078efe..5e345122ccb1 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -466,6 +466,15 @@ static int smk_ptrace_rule_check(struct task_struct *tracer, return rc; } +/* + * Set the Smack secid in an lsm_export structure + */ +static inline void smack_export_secid(struct lsm_export *l, u32 secid) +{ + l->smack = secid; + l->flags |= LSM_EXPORT_SMACK; +} + /* * LSM hooks. * We he, that is fun! @@ -1481,11 +1490,11 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, * @inode: inode to extract the info from * @secid: where result will be saved */ -static void smack_inode_getsecid(struct inode *inode, u32 *secid) +static void smack_inode_getsecid(struct inode *inode, struct lsm_export *l) { struct smack_known *skp = smk_of_inode(inode); - *secid = skp->smk_secid; + smack_export_secid(l, skp->smk_secid); } /* From patchwork Fri Apr 19 00:44:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908287 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8FF11922 for ; Fri, 19 Apr 2019 00:46:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 821C528B9C for ; Fri, 19 Apr 2019 00:46:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7690228B9F; Fri, 19 Apr 2019 00:46:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E96A428B9D for ; Fri, 19 Apr 2019 00:46:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726659AbfDSAql (ORCPT ); Thu, 18 Apr 2019 20:46:41 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:37666 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726694AbfDSAql (ORCPT ); Thu, 18 Apr 2019 20:46:41 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634799; bh=+cOk5EbWObSrJ4n/q5EXan1kjg10sH4/KzvjAQgXLT4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=DJ6lfw6a0X+l7xz5Y+RkFJPS/zDXbt+DkxZbuvwYdHLTVl+dJ2RavtLQnExSfBdl41p1/W0+JKtTi8ofhTnSFORkmTlY2eyIW/IYtGNoC5GJou7q2C1D7DbiXQWz5o7oTQo/7CNKbQsx/87MZ4Z6vSDuDBiQpT+6HlsoVeL5KeTeTYuXGpZHEgIfnfkZH9YqhbPXE/1kIZb7ONtj5sSwTRMAA/AuKm5yvzJcQDWVtwGJQRP9KnfDstiJOMgjtnTUEQW+IVy6HaDMNGTo8BNUICDvR068S8VnEb2aPMTKV6m4Rqtlyhg9lp+90kDFp5SZc0EUBzYaYhfF5eTYb89bvw== X-YMail-OSG: WEvLf1UVM1l8OpY6Zk6ix9HHDYeinLLuZdEOxanGk_s6gABXscSw0Maki9YPrG2 6t7UWbOe7LZD47sxH_oTzwddNF6RiA_L.i6nqnRyRiSQdqIz_jkI0LhBgLL7AqJT73glrrFl8iEp egBCIXEq07OYD7VYA.ZDxIKDnwdUBLuXGoHRqcyTtOJRS6sTIYmCRbvgQwhOa2tMgLZ_rjTi_6.4 ubVKuf42dvt15Iud8uGjIN0Q90LQqiA4PTgAzI.09N__3QjHghf6ASA24L9vDuRegm62mZP.X_Jc IgsTkBTsm0Mjy0Y7Y.kwsxIu3kZMOinTGXjVvvv95w_TM4hWtq9UCaoRFs_bNVdSkBpD08LrgoDZ 6Z5oX5UOUB.ywYS9DZ9UvrAs405Bq7ZWRDFAiPFV7TprRCePchmClXIPKg7z6Hd2ohfDiOuirKho AV5RoZHxRsztOn08fC.Og41uUDfVeSLjTKVzHNJDY.dfSbyJL7U0AeFGoSW.RX.FZpVIMzjP47BV JswcyjA1QdLPjkcdcdSzwnXSH5DqanuAu9ix5WlVUmuYVYUSCxIRtpi2H..IgREgAr6kFZcRbmg8 t76dEb0oS9YlZtmxK9Wp13okjcWKzrN7i4_9l1nRuHVctvbLXcjjVYHJK9vY.dUbspLJ7IV8BDgw 1tsli8GZPwZHLL5dSVMr7hhm96kLtoMHDHafA_DxLHRmSYxqvQix.T5cfHhMmxlhC.hWCp089gyg ApJTVVu.Gfb7Eb8WqtUKWNnhN14upL.WPtb4QooQzUpDvpTr9alSMq5yPaBoUfy1SLisZYmKhSS2 x.VdB6GxarQ3Qb9Q8BzsotdIGo9wY3o3qaSslUK9zlJmYq2MlZtKI1xo8NHr52TiBXN57N83qlqp dAAkqH8Ve417J6I5IhAGL7Ss_JpC9Pxi.nqCzmvUOnVmRzSxBwwhKkFNiScixW2AjoE6R2TN7fPW 7R3zOUbv844.eCNri5_nllAb3oDJJ_Mr16BaXpyNhk.gWYtFzaVBOWGn4Qqx5U.vVhlfa2OTJCVc IY5dz8px72iAd.yJKpz2VfENxw6QEnySQMoUS5D_prPjdfb6wy1xh6wgZAWFlrowizpcX7EqAhp3 7Cvik7dDxS0Bc2RhdH1Z2P4BQsVd1luLyRKZsTbNyjLZgUQpSQ0Lz05nq6VRNbm83NFSXWQl3si3 rKv2TKZwu Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:39 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 832c03259c9605aacd6ad56a0995a740; Fri, 19 Apr 2019 00:46:37 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 06/90] LSM: Use lsm_export in the cred_getsecid hooks Date: Thu, 18 Apr 2019 17:44:53 -0700 Message-Id: <20190419004617.64627-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the cred_getsecid hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_cred_getsecid() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 5 +++-- security/security.c | 6 ++++-- security/selinux/hooks.c | 4 ++-- security/smack/smack_lsm.c | 4 ++-- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index baeb83ef487d..2fe54dff3efa 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -572,7 +572,8 @@ * Transfer data from original creds to new creds * @cred_getsecid: * Retrieve the security identifier of the cred structure @c - * @c contains the credentials, secid will be placed into @secid. + * @c contains the credentials + * @l contains a pointer to the location where result will be saved. * In case of failure, @secid will be set to zero. * @kernel_act_as: * Set the credentials for a kernel service to act as (subjective context). @@ -1604,7 +1605,7 @@ union security_list_options { int (*cred_prepare)(struct cred *new, const struct cred *old, gfp_t gfp); void (*cred_transfer)(struct cred *new, const struct cred *old); - void (*cred_getsecid)(const struct cred *c, u32 *secid); + void (*cred_getsecid)(const struct cred *c, struct lsm_export *l); int (*kernel_act_as)(struct cred *new, u32 secid); int (*kernel_create_files_as)(struct cred *new, struct inode *inode); int (*kernel_module_request)(char *kmod_name); diff --git a/security/security.c b/security/security.c index a1f28a5e582b..ca485a777ca1 100644 --- a/security/security.c +++ b/security/security.c @@ -1638,8 +1638,10 @@ void security_transfer_creds(struct cred *new, const struct cred *old) void security_cred_getsecid(const struct cred *c, u32 *secid) { - *secid = 0; - call_void_hook(cred_getsecid, c, secid); + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + call_void_hook(cred_getsecid, c, &data); + lsm_export_secid(&data, secid); } EXPORT_SYMBOL(security_cred_getsecid); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 0e31be22d9bb..f97dd414ac8d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3764,9 +3764,9 @@ static void selinux_cred_transfer(struct cred *new, const struct cred *old) *tsec = *old_tsec; } -static void selinux_cred_getsecid(const struct cred *c, u32 *secid) +static void selinux_cred_getsecid(const struct cred *c, struct lsm_export *l) { - *secid = cred_sid(c); + selinux_export_secid(l, cred_sid(c)); } /* diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 5e345122ccb1..15579bdd7244 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1980,13 +1980,13 @@ static void smack_cred_transfer(struct cred *new, const struct cred *old) * * Sets the secid to contain a u32 version of the smack label. */ -static void smack_cred_getsecid(const struct cred *cred, u32 *secid) +static void smack_cred_getsecid(const struct cred *cred, struct lsm_export *l) { struct smack_known *skp; rcu_read_lock(); skp = smk_of_task(smack_cred(cred)); - *secid = skp->smk_secid; + smack_export_secid(l, skp->smk_secid); rcu_read_unlock(); } From patchwork Fri Apr 19 00:44:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908283 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4E8171515 for ; Fri, 19 Apr 2019 00:46:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 36D1928BAC for ; Fri, 19 Apr 2019 00:46:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2B28A28BA0; Fri, 19 Apr 2019 00:46:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 80F7D28B8F for ; Fri, 19 Apr 2019 00:46:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726684AbfDSAql (ORCPT ); Thu, 18 Apr 2019 20:46:41 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:32915 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726659AbfDSAqk (ORCPT ); Thu, 18 Apr 2019 20:46:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634799; bh=MmtCEsyght4Z5zl828NTA0CWqne8Yk1YCMTRtKNxpho=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=I/hxXi71XY+WWK5oBqIK7bpraSmuYSIwR1Uw6ZbFlhUfA8G+xsM5cimJjGEBNHcFkf9PgBDIge3G3yMPK0vmBkxVGgimBZg0uEOqB+OUNOo1mb4BACmjLLdHoC97tGr2+NERvHvPQwcXd/YDlIJj4RbvYVzfCIxkB6T/lN8Z7OJkAJMEJB5ostSkYQWOf9fnm300dIQoFVYE0WxrBl8zZ6rESv85iTCEgKDViQiIArj/rk/p/x6ioVUocxDt6I7AtNReO1KPg182tNeCWCyDLZAZ9mYGsaalmRSIs5bEV11EFPdOCEp0kq7AeiFvmZnlQLdbf0dEJ5lnlKPN1ilnjw== X-YMail-OSG: k3D1LBUVM1n.tQgOVGB9bYwzXPjx_vLi64Dvayi9SOm1Tvru9n8lIcA2Dzp3Bfx YxWSmZxgUFxVdZjaJJTIY8_TFq__MsCFzpEyn7fHnSv4RhczgqagJoBsgHD9d4cVg.UHI8F32x0j 7gCBIlwiygPCskQPxi3khIjKlD9ZScmUh.sp3I1l2Fray6G9q9SaS1Nj1JmSLerU9iXudYgD.Wtg JLh2YQYTteWAqYczbTNGs4_StnLlJDrF6eVlS29vBXM8mn7O40AaU8980b.yd.rM5pA9aDxYHPri Ezyavucz5Z0uSCi6G2IOa3BVgsCaGzv9XZM3q_dxqgSBI5qeWEeX3RryUnTUwftzkGg_YUap4JSO 5.AebbKxtWn8x_uNvaxD3eBlj9lR46GTasCIvwWTeEWXru_Dz3va0vbGW3.pXvqoZiG7pv1MU3M1 sDokzxD1Ra_HJ0btQHb9xHZRQrWf6gcN_KcGHmBHJay3pO2xh3BRJBDo0K_SaT7u9nPWQ5HPc9wH s681CQIkvJ7O8yrWsJdjHVHJXpaKGZNn45zrxCvjdHtQ7KuO21Tc9QdjZOkl6mAgCph6_i36qjdr ZyKf71jRrymvuTrvH9zJXmp9KbsYPAX_1kPBLnDf_glizdcG56mTfsxYCyV4fgoEbSVThHw_uWjl cq1gEeHWsp2se.1cU8poSCZN23wXQf3wsh5jZ6iwzDvtC45MfJIzMD_nUXdNY9dvZpAisp_2p9CH JA4mW7n3afVgO_oamR0Gw1Z3RXv_pgucBeWXbkQNYwllvEVyXHFu_V0q5AaofbiFDrMx9ZKYPeUr zzwkdwM1UQBf3ziwmtZMgXCB_FHQXs.tSeeUcu8yTkixdAtLvJtC0oyvs04qLkxA77nQRKmHYaLc pu9pXb_cOmshB1dIhICd7q120Y9UoGiC1E2TQMF3KK2L86hwWX.vuvIoNEJr8eu1PIvjCgALliPH ogjtbJKtl3HAz5YZwRKVd14fi8RiQkGeiq1Q47T89fYS4pe.f1RpY2ZzNJOSHHemzqq4pIgVyB3e x827hVR4XN5nDsZcRMdNo7GufiQ.bHaCGXGfwCcrK5UQGxp9Q39wN3WQtTqg89lRrdhJyunDkoHw 6KBnGtxDx0fBKYc2njipVAOmrDZU6Mr5BHKc45pfKxv0iq8fjRm9PVGULN6iF Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:39 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 832c03259c9605aacd6ad56a0995a740; Fri, 19 Apr 2019 00:46:38 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 07/90] LSM: Use lsm_export in the ipc_getsecid and task_getsecid hooks Date: Thu, 18 Apr 2019 17:44:54 -0700 Message-Id: <20190419004617.64627-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the cred_getsecid and task_getsecid hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_ipc_getsecid() and security_task_getsecid() are updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 8 ++++---- security/apparmor/lsm.c | 12 ++++++++++-- security/security.c | 12 ++++++++---- security/selinux/hooks.c | 10 ++++++---- security/smack/smack_lsm.c | 8 ++++---- 5 files changed, 32 insertions(+), 18 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 2fe54dff3efa..544671f44dfa 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -638,7 +638,7 @@ * Return 0 if permission is granted. * @task_getsecid: * Retrieve the security identifier of the process @p. - * @p contains the task_struct for the process and place is into @secid. + * @p contains the task_struct for the process and place is into @l. * In case of failure, @secid will be set to zero. * * @task_setnice: @@ -1096,7 +1096,7 @@ * @ipc_getsecid: * Get the secid associated with the ipc object. * @ipcp contains the kernel IPC permission structure. - * @secid contains a pointer to the location where result will be saved. + * @l contains a pointer to the location where result will be saved. * In case of failure, @secid will be set to zero. * * Security hooks for individual messages held in System V IPC message queues @@ -1618,7 +1618,7 @@ union security_list_options { int (*task_setpgid)(struct task_struct *p, pid_t pgid); int (*task_getpgid)(struct task_struct *p); int (*task_getsid)(struct task_struct *p); - void (*task_getsecid)(struct task_struct *p, u32 *secid); + void (*task_getsecid)(struct task_struct *p, struct lsm_export *l); int (*task_setnice)(struct task_struct *p, int nice); int (*task_setioprio)(struct task_struct *p, int ioprio); int (*task_getioprio)(struct task_struct *p); @@ -1636,7 +1636,7 @@ union security_list_options { void (*task_to_inode)(struct task_struct *p, struct inode *inode); int (*ipc_permission)(struct kern_ipc_perm *ipcp, short flag); - void (*ipc_getsecid)(struct kern_ipc_perm *ipcp, u32 *secid); + void (*ipc_getsecid)(struct kern_ipc_perm *ipcp, struct lsm_export *l); int (*msg_msg_alloc_security)(struct msg_msg *msg); void (*msg_msg_free_security)(struct msg_msg *msg); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 2716e7731279..706e5ae09170 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -49,6 +49,14 @@ int apparmor_initialized; DEFINE_PER_CPU(struct aa_buffers, aa_buffers); +/* + * Set the AppArmor secid in an lsm_export structure + */ +static inline void apparmor_export_secid(struct lsm_export *l, u32 secid) +{ + l->apparmor = secid; + l->flags |= LSM_EXPORT_APPARMOR; +} /* * LSM hook functions @@ -710,10 +718,10 @@ static void apparmor_bprm_committed_creds(struct linux_binprm *bprm) return; } -static void apparmor_task_getsecid(struct task_struct *p, u32 *secid) +static void apparmor_task_getsecid(struct task_struct *p, struct lsm_export *l) { struct aa_label *label = aa_get_task_label(p); - *secid = label->secid; + apparmor_export_secid(l, label->secid); aa_put_label(label); } diff --git a/security/security.c b/security/security.c index ca485a777ca1..802557ff6f60 100644 --- a/security/security.c +++ b/security/security.c @@ -1722,8 +1722,10 @@ int security_task_getsid(struct task_struct *p) void security_task_getsecid(struct task_struct *p, u32 *secid) { - *secid = 0; - call_void_hook(task_getsecid, p, secid); + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + call_void_hook(task_getsecid, p, &data); + lsm_export_secid(&data, secid); } EXPORT_SYMBOL(security_task_getsecid); @@ -1805,8 +1807,10 @@ int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag) void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) { - *secid = 0; - call_void_hook(ipc_getsecid, ipcp, secid); + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + call_void_hook(ipc_getsecid, ipcp, &data); + lsm_export_secid(&data, secid); } int security_msg_msg_alloc(struct msg_msg *msg) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f97dd414ac8d..c82108793fb5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3911,9 +3911,9 @@ static int selinux_task_getsid(struct task_struct *p) PROCESS__GETSESSION, NULL); } -static void selinux_task_getsecid(struct task_struct *p, u32 *secid) +static void selinux_task_getsecid(struct task_struct *p, struct lsm_export *l) { - *secid = task_sid(p); + selinux_export_secid(l, task_sid(p)); } static int selinux_task_setnice(struct task_struct *p, int nice) @@ -6094,10 +6094,12 @@ static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag) return ipc_has_perm(ipcp, av); } -static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, + struct lsm_export *l) { struct ipc_security_struct *isec = selinux_ipc(ipcp); - *secid = isec->sid; + + selinux_export_secid(l, isec->sid); } static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 15579bdd7244..13ac3045a388 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2087,11 +2087,11 @@ static int smack_task_getsid(struct task_struct *p) * * Sets the secid to contain a u32 version of the smack label. */ -static void smack_task_getsecid(struct task_struct *p, u32 *secid) +static void smack_task_getsecid(struct task_struct *p, struct lsm_export *l) { struct smack_known *skp = smk_of_task_struct(p); - *secid = skp->smk_secid; + smack_export_secid(l, skp->smk_secid); } /** @@ -3231,12 +3231,12 @@ static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) * @ipp: the object permissions * @secid: where result will be saved */ -static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid) +static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, struct lsm_export *l) { struct smack_known **blob = smack_ipc(ipp); struct smack_known *iskp = *blob; - *secid = iskp->smk_secid; + smack_export_secid(l, iskp->smk_secid); } /** From patchwork Fri Apr 19 00:44:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908295 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D6C9C18FD for ; Fri, 19 Apr 2019 00:46:45 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C54AE28B8F for ; Fri, 19 Apr 2019 00:46:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B98AF28B9D; Fri, 19 Apr 2019 00:46:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4D1DC28B8F for ; Fri, 19 Apr 2019 00:46:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726730AbfDSAqo (ORCPT ); Thu, 18 Apr 2019 20:46:44 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:37891 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726700AbfDSAqo (ORCPT ); Thu, 18 Apr 2019 20:46:44 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634802; bh=bnhiZa2kx1PJdglKUm2qCM3rIeOnoh8kwEckh5gvzqc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=ZAsGd4bafd56PFRMHUc5qyPabsfvhNJTWom+YPXuEtKNz3O/0PnJfSCGYTvuCrInqFp+oU3d802iSAqTuUn5xIdxm1mRcldioONUXOIaASgsk+1w7CZgzffDolotti/Ut25FrlBI6PfHbl8eaefGZ0gJ605/zSDO3Y6QkByObvhQVe3PJviEi4jJjn1OEw6E+uIQVPVOaQtJ2eBXaoaPBAVjOrojXR5w3bTElLtuPj4DUqpvO04g1r9kI1MbKVAxmqCXTS4ZOKmfULsglLs2HZ7NEcCC8LpY7l7MtPfJ7ZFMFCQQSz8Bsjluih2PspY4KL51qjJFAbiMpfMJJyriuw== X-YMail-OSG: lGfr7bYVM1l4ratKVDr8.b7L_mOFAQq6iaoueN7pW.axNRQJEts8JZfU0AsccVf rhXYcXQLT0grva5xgAgjdpaXWMrurTyRH05uahlqdgPb_eHQWpMPwzYBlm9.vw_73uCx4soJRnGr E8hrjf2J.PRKxyKXVqhyiINwbKTa.BkIIx93V.C.QsHskq07ErRMd8qO0_z8CE2TeG7V_iGcjExR ibbkQgN_iGACv9SDq2feWmiQS.umgCqOvIw1At9rWFfzxrG5XBjKvXM8qpk2CvNMV_xKQ2wDlylE l43AZqaZSz44wi.5D8jyVjOwPLl7Izf7GSpFKdmyG4jjK2Z3eYhVsdF.Y_zYWQwvu5QBr7TvoMoU DHWsey9fH.43da4yUwFafpFV6DqVw04_gB30Q4cPyzjYVzuRnYXd5ORQAWBzI9RXspWhc.WC6FAc 6nVKWLQbwM0UMvGn8Kvh.lKzjy8MEFeT99tHsfIvw6WFGOLmEExfMw.w.XC7dw7MoK7Ns.SS7HgC Pb6CN5yzfyQqrCuap3hlx6C9XsSHFAYW.JGYov2irT3nTYPbuCvUjBgmYCwdMu2s_lCcP4FmPqBi ukCX1x483BSDFPfUT6P.cqVPFmEiX0X7kz3_qW.Lj7S09og9QPLFkvcDiLhiEvl16gB2onTPGvt7 ZKyFXChc6ebkNvPWOagrvnhwvBkZ8CwkopM3kwEX3DmiEqXDNjN2aYRC_v6acK5rTUx46kq1x9g8 KL8G3FJf4EHXNWFVJ6_M7K0lcalvHrXCgug5lBj2l4F91nb6FpwriuYY9Dzma3edV5_6kKvkMoWh b35O4YRm4nIwXQseM_8aWLW5ELAh6YR5X.9dKItFrtfn21lHoxdN_t2Le.tGnPNZVOxYOxYbtcin vIvp39PmfAy6aZXRLaPnRxGVbumtfSeb0EP6P9Puo.6jJ2fFLp.vqHIz5z95mAfsm3sCVxcIyYqA en906KhxjPsfBCtcK.VW0EkjS9Tf_8aWVwbuXqENpW0gca_gXdlkQ2ecNMSNRbnuvUJulEnuLHlM 9c6RMMVR94kIYSYQ7YFtD6Aa0iwrcCnEV.SL66yzoQQyof6pN5qq9JtE6PcmpXspaYAFUZ.NricL g0dc8LkpNG8Xaie5IDvD_BeNyiVLMNon2DaeRjAKJGp7zwlbkVoYRVSDvRm9.muqRae1K9jpqqow wNtnGZDALPeE- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:42 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 832c03259c9605aacd6ad56a0995a740; Fri, 19 Apr 2019 00:46:39 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 08/90] LSM: Use lsm_export in the kernel_ask_as hooks Date: Thu, 18 Apr 2019 17:44:55 -0700 Message-Id: <20190419004617.64627-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the kernel_ask_as hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_kernel_ask_as() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 4 ++-- security/security.c | 15 ++++++++++++++- security/selinux/hooks.c | 17 ++++++++++++++--- security/smack/smack_lsm.c | 12 +++++++++++- 4 files changed, 41 insertions(+), 7 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 544671f44dfa..85b8217ce2f2 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -578,7 +578,7 @@ * @kernel_act_as: * Set the credentials for a kernel service to act as (subjective context). * @new points to the credentials to be modified. - * @secid specifies the security ID to be set + * @l specifies the security data to be set * The current task must be the one that nominated @secid. * Return 0 if successful. * @kernel_create_files_as: @@ -1606,7 +1606,7 @@ union security_list_options { gfp_t gfp); void (*cred_transfer)(struct cred *new, const struct cred *old); void (*cred_getsecid)(const struct cred *c, struct lsm_export *l); - int (*kernel_act_as)(struct cred *new, u32 secid); + int (*kernel_act_as)(struct cred *new, struct lsm_export *l); int (*kernel_create_files_as)(struct cred *new, struct inode *inode); int (*kernel_module_request)(char *kmod_name); int (*kernel_load_data)(enum kernel_load_data_id id); diff --git a/security/security.c b/security/security.c index 802557ff6f60..3a766755b722 100644 --- a/security/security.c +++ b/security/security.c @@ -742,6 +742,15 @@ static inline void lsm_export_secid(struct lsm_export *data, u32 *secid) } } +static inline void lsm_export_to_all(struct lsm_export *data, u32 secid) +{ + data->selinux = secid; + data->smack = secid; + data->apparmor = secid; + data->flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | + LSM_EXPORT_APPARMOR; +} + /* Security operations */ int security_binder_set_context_mgr(struct task_struct *mgr) @@ -1647,7 +1656,11 @@ EXPORT_SYMBOL(security_cred_getsecid); int security_kernel_act_as(struct cred *new, u32 secid) { - return call_int_hook(kernel_act_as, 0, new, secid); + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + lsm_export_to_all(&data, secid); + + return call_int_hook(kernel_act_as, 0, new, &data); } int security_kernel_create_files_as(struct cred *new, struct inode *inode) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c82108793fb5..8d4334f68a65 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -222,6 +222,14 @@ static inline void selinux_export_secid(struct lsm_export *l, u32 secid) l->flags |= LSM_EXPORT_SELINUX; } +static inline void selinux_import_secid(struct lsm_export *l, u32 *secid) +{ + if (l->flags | LSM_EXPORT_SELINUX) + *secid = l->selinux; + else + *secid = SECSID_NULL; +} + /* * get the security ID of a set of credentials */ @@ -3773,19 +3781,22 @@ static void selinux_cred_getsecid(const struct cred *c, struct lsm_export *l) * set the security data for a kernel service * - all the creation contexts are set to unlabelled */ -static int selinux_kernel_act_as(struct cred *new, u32 secid) +static int selinux_kernel_act_as(struct cred *new, struct lsm_export *l) { struct task_security_struct *tsec = selinux_cred(new); + u32 nsid; u32 sid = current_sid(); int ret; + selinux_import_secid(l, &nsid); + ret = avc_has_perm(&selinux_state, - sid, secid, + sid, nsid, SECCLASS_KERNEL_SERVICE, KERNEL_SERVICE__USE_AS_OVERRIDE, NULL); if (ret == 0) { - tsec->sid = secid; + tsec->sid = nsid; tsec->create_sid = 0; tsec->keycreate_sid = 0; tsec->sockcreate_sid = 0; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 13ac3045a388..da85d607d40a 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -475,6 +475,14 @@ static inline void smack_export_secid(struct lsm_export *l, u32 secid) l->flags |= LSM_EXPORT_SMACK; } +static inline void smack_import_secid(struct lsm_export *l, u32 *secid) +{ + if (l->flags | LSM_EXPORT_SMACK) + *secid = l->smack; + else + *secid = 0; +} + /* * LSM hooks. * We he, that is fun! @@ -1997,10 +2005,12 @@ static void smack_cred_getsecid(const struct cred *cred, struct lsm_export *l) * * Set the security data for a kernel service. */ -static int smack_kernel_act_as(struct cred *new, u32 secid) +static int smack_kernel_act_as(struct cred *new, struct lsm_export *l) { + u32 secid; struct task_smack *new_tsp = smack_cred(new); + smack_import_secid(l, &secid); new_tsp->smk_task = smack_from_secid(secid); return 0; } From patchwork Fri Apr 19 00:44:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908299 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1106117E0 for ; Fri, 19 Apr 2019 00:46:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F3E7A28B8F for ; Fri, 19 Apr 2019 00:46:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E78CC28BAC; Fri, 19 Apr 2019 00:46:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 80E5128B9C for ; Fri, 19 Apr 2019 00:46:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726650AbfDSAqq (ORCPT ); Thu, 18 Apr 2019 20:46:46 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:42994 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726715AbfDSAqp (ORCPT ); Thu, 18 Apr 2019 20:46:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634804; bh=FXPJ6Gfz/Kw1RJDXF2OhaTmACwfJr6C43ZPwo4T1SLA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=DY6H6tWJi32/Zxqs4mDtx4ofGeHrpRDbgw8FH6PJ2UjV0CoblZwIDvEhGsGY4YNgCj96k8wPmPYzvE4rJzPggttLmiKhARGJTApOp5hRJV4VzDVyv4EB5UMyI/ofQPeXcr693fanuMJ8tKsUYEjlebUfvY4XMbWziC3LYBzF98udSKhNL37AZAEVQJrhU7P7mFq8OzWNIdlE7LCWQfSiZrlXLKNzbLV9y39xU9krgZVa2g4vfFoc5SnD5MH66ZSiHVPPGZ0sK4yXTRCyL8+TglYgtguG7W/nB8iHonW7nkBlqAPVHM/KCJjtJGkrQay0wprSaLiKD5RD/tNuhxcsxA== X-YMail-OSG: dWrFt4sVM1lgLrUOfrMI8JSDvZkFYVKiFOmWeJTOoP3V_UthczmMByNsafmujR0 JnFueQ_PoBwFYYHzY0fLDl9ieANcS.Re5mHDYRxFJORzIHtEyRb9jjdJZdKvPzR0G6TqMyUq3Occ 9evappFp7uDDKxIjD1yxnM4toGqZ6h9KwJ.gJKU0is6GwWMM3OrBCGlDydLDw7HIfvhs0WPBxT5g 3464frQiMQVRLDjDV3e4zZS1NvxMMrsBJGiUmxSZnaRxA.VCp01aEg7cLPMQYdiQfeRcbXoj.BP5 kqQSwv9TxdKj4vlf1MBzw1zfgCzi.OEHvy7DQbZAqRViou5R_OHHCB_9LFyJKZMmXMkU4SRotZbs NSNehWrF31lKCodgvDL6m.clz5zd05fT3foU7a7ZYJ7FPdkvVQYROZlwPUGKasAREH6.kH9CVTbt zz9Vm0C37AZUX3vhCacX.JtffOklryGjOaaV7ABR8grWHx8PL8SZbiAyqnyYcgMbiZPHA.HUX.zP 8woIR4CV0R7z_3hbk_YP5ZP_GQU.T8YQrDZIYa1lwhgI4pJcFXVDLjkHzpv9gM1kkI_ntUmJENM5 TZBGqHL4sX0D7JFFufUnQWqZK1SgSN8eKOb9PoQEZIngY9jy83DzDOBfbFVC4MMpxFm60TcR3XuQ CxQb2cEr7mlM0WG1CHL50poggNaxTvtznS.HGhQQ7RbN.mlWorR642SlP6_vFqd50W_Ky0D.VDns FxDd3mVXkTX2UQoQGo632tOuujQBA9b0YOw01gpSoyGIX01jAbJkxSU._M1lF0._4gQyhpJ9xx36 GvwAyEyuasqt63EXQjpksSQqkjjiODW7W7DPAsTfJD4xQKKOsiLUR00ZkgzaC.4j0nfJcMNC_fWz yCjbywT.Qj8Q4F8NEu28FRGiV4MWEOcYYGUrwWIa5T8g2yWmC_wq.RLDIPFpyRLoz.6MNfbkxeAq ml.jGssZZcCsuIngZVldazQ0nK_XF9Bkj2KOLSg3DhK4E9tF5VTWos.UWFxeRKP2_Z88TGli4tET Sd8J0RAXx5tn3obSyW2tzNfk1API0ozor0t0WVs3HE3Zxy6mcBYwF3.ukZAYuQt6k5D0Y3ElrIVF tKE.f_il5QdGAvbN5lkCH8D9_RHjSLfq_bjFJuu2y7H_awjCYMZWmdkt0KT2pESs- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:44 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 832c03259c9605aacd6ad56a0995a740; Fri, 19 Apr 2019 00:46:40 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 09/90] LSM: Use lsm_export in the getpeersec_dgram hooks Date: Thu, 18 Apr 2019 17:44:56 -0700 Message-Id: <20190419004617.64627-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the getpeersec_dgram hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_getpeersec_dgram() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 7 ++++--- security/apparmor/lsm.c | 3 ++- security/security.c | 13 ++++++++++--- security/selinux/hooks.c | 6 ++++-- security/smack/smack_lsm.c | 5 +++-- 5 files changed, 23 insertions(+), 11 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 85b8217ce2f2..59f38c18426a 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -881,9 +881,9 @@ * the IP_PASSSEC option via getsockopt. It can then retrieve the * security state returned by this hook for a packet via the SCM_SECURITY * ancillary message type. + * @sock is the socket * @skb is the skbuff for the packet being queried - * @secdata is a pointer to a buffer in which to copy the security data - * @seclen is the maximum length for @secdata + * @l is a pointer to a buffer in which to copy the security data * Return 0 on success, error on failure. * @sk_alloc_security: * Allocate and attach a security structure to the sk->sk_security field, @@ -1710,7 +1710,8 @@ union security_list_options { char __user *optval, int __user *optlen, unsigned len); int (*socket_getpeersec_dgram)(struct socket *sock, - struct sk_buff *skb, u32 *secid); + struct sk_buff *skb, + struct lsm_export *l); int (*sk_alloc_security)(struct sock *sk, int family, gfp_t priority); void (*sk_free_security)(struct sock *sk); void (*sk_clone_security)(const struct sock *sk, struct sock *newsk); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 706e5ae09170..24b638bd4305 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1096,7 +1096,8 @@ static int apparmor_socket_getpeersec_stream(struct socket *sock, * Sets the netlabel socket state on sk from parent */ static int apparmor_socket_getpeersec_dgram(struct socket *sock, - struct sk_buff *skb, u32 *secid) + struct sk_buff *skb, + struct lsm_export *l) { /* TODO: requires secid support */ diff --git a/security/security.c b/security/security.c index 3a766755b722..2f1355d10e0d 100644 --- a/security/security.c +++ b/security/security.c @@ -2145,10 +2145,17 @@ int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, optval, optlen, len); } -int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) +int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, + u32 *secid) { - return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, - skb, secid); + int rc; + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + rc = call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, skb, + &data); + + lsm_export_secid(&data, secid); + return rc; } EXPORT_SYMBOL(security_socket_getpeersec_dgram); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 8d4334f68a65..03dfa0cd6739 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4949,7 +4949,9 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, return err; } -static int selinux_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) +static int selinux_socket_getpeersec_dgram(struct socket *sock, + struct sk_buff *skb, + struct lsm_export *l) { u32 peer_secid = SECSID_NULL; u16 family; @@ -4971,7 +4973,7 @@ static int selinux_socket_getpeersec_dgram(struct socket *sock, struct sk_buff * selinux_skb_peerlbl_sid(skb, family, &peer_secid); out: - *secid = peer_secid; + selinux_export_secid(l, peer_secid); if (peer_secid == SECSID_NULL) return -EINVAL; return 0; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index da85d607d40a..5318b9e6820a 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3973,7 +3973,8 @@ static int smack_socket_getpeersec_stream(struct socket *sock, * Sets the netlabel socket state on sk from parent */ static int smack_socket_getpeersec_dgram(struct socket *sock, - struct sk_buff *skb, u32 *secid) + struct sk_buff *skb, + struct lsm_export *l) { struct netlbl_lsm_secattr secattr; @@ -4024,7 +4025,7 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, #endif break; } - *secid = s; + smack_export_secid(l, s); if (s == 0) return -EINVAL; return 0; From patchwork Fri Apr 19 00:44:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908311 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 832E7922 for ; Fri, 19 Apr 2019 00:46:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7476728B9C for ; Fri, 19 Apr 2019 00:46:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 68A5F28B9F; Fri, 19 Apr 2019 00:46:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 94DC528B9C for ; Fri, 19 Apr 2019 00:46:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726324AbfDSAqw (ORCPT ); Thu, 18 Apr 2019 20:46:52 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:36038 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726707AbfDSAqw (ORCPT ); Thu, 18 Apr 2019 20:46:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634809; bh=JqmHPCKmgnqzoENFdhELAFCXcZpoQtrMW7bW3NRYmPs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=eVUAOSST1f0Bgdf86LRRpuKVTlwtJg+Z0eLGxiAxpLaoBc7LCrRofxBJKYM3fIgsSDJCPrYN7DwmjTiJlr79f6NRWDjs0aCiCtbQBPueusYTCCAfldXF+Z/SEYTTbfI+zJt06PfX/luHOCLdY8SwcC6TSF6d+/XTrIi6szWZRLsi/66QZ99i5wVAybUI8qQN3RwfG0JFtKqYa8pEAeR/J1ZLacOgDN0bYZmkFUZM1VYcY4n+lH67UW8USuBPblJNvkbHGd8q1KIxN3gZy5I5T//zNNDjvqFv6RjKhbTJix97tEbYgEQRiW/CcrNZ1fKINY0fpdu8C1xVcYjMzsxSWA== X-YMail-OSG: j2E0UhgVM1kmRplTO.nUV0voRaN8egVLvuebO7oemW338WuFzY0STQB98r2hq2t DTfe6x5jWYLsGWB2ch71cWwZrO3rB_toZ5tczqGdHvntHBbuj4amjo8QjttfE93ck7nLhQDCtTak xL3KQt0nRO1NumRouzAurgK.Chta.FirmBNxMwqgltkHpoaD0J9KcKwTAngYODKTpmXhtNS5AGPA lkfnTeLruCxBnDwhi0rg1RGq38vFJfi0hYElvVmyPhj9Dyf.UyScVUTAz.qDD_1xKCqSvcMW44_s Rbhq7BebfJ4Jx70rPTKcxPlSl7qrTrhn6W5_thUZvDvOQ0RgU34UJcO4Z1qLylf911eHxFXoWk4n ljEW_JskObLxUdora0T.OhbJTL8BFrEYUBHg4FTXXTWEutk_ttx501QjChTSQnEtOQjN0HPgkPp9 HfmkiQSjy8ocCtw8lpc4XJEzjhFevPqVs8a3eJOee7kWejmJRbUkpe40ZQ4gwSReYurwD1BWy120 In2AS6dUNWaDH2Xa2yjzO5O6DX1hlh_U4t8EyQLEcPCcUk3Ey_3.p3yiZSLuvWUNHmOcT0OibQMu Iq0RaM4ZUBwRWWTO7RCD1RWOKM5Wqs6wmEua.T0wpkQrv2JwZDkGWri5.vG7QH_jjx5a1apW52JY Kg6UumLPpZdBGGVCbVg3l7FZaiUFte4lgS6UxyuSQTPRVnlRwRsC9ohJou_GTLVx9L_qWpuOpSsb KdHdL6ZbjazqRWFpW0_m31pjBHisUEqDwNCAT8.XaTuIqQnx.f73E6sTHYFB4LSTx4N7zAFQbm0y oEe6rLCozZKQZ_sSMMozrK.xImUZMdObZ1OCxQ7tGVPZ122ABnX3EcUPXaxjdIZI9wGrVbfv.k6I 9hEUfZQdEkIFvamWmxSM7b1en0msqnkNYfuPGZCHR4P9.8mKHG5jba2KKS6JaeNYFeblYfKK2WxP Z9XfONbiKDUmJpa_9mi_aXQjTmRxF7Gv_Nikx5Hac_XjPly._SIZTSbXzgjqEKvtuYKIj4nMe1a8 aeVvP6bOJFHZOhagqRcIGFuElgNllx.RHoJt2DzLIHlpdAHfjlLYOioX26T1zd_vkCLy2eavcnkx wPTRWcK809Vvb07f1ofKO_Hd1EHjSLTjUs9WpLHx5pNY8WG_S49hSsjScugGOo7E- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:49 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp430.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID db33df77ae90d094534f9c2fe92816eb; Fri, 19 Apr 2019 00:46:47 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 10/90] LSM: Use lsm_export in the audit_rule_match hooks Date: Thu, 18 Apr 2019 17:44:57 -0700 Message-Id: <20190419004617.64627-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the audit_rule_match hooks to use the lsm_export structure instead of a u32 secid. There is quite a bit of scaffolding involved that will be removed when security_audit_rule_match() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 5 +++-- security/apparmor/audit.c | 4 ++-- security/apparmor/include/audit.h | 2 +- security/apparmor/include/secid.h | 2 +- security/apparmor/secid.c | 17 +++++++++++++++-- security/security.c | 7 ++++++- security/selinux/hooks.c | 17 ----------------- security/selinux/include/audit.h | 5 +++-- security/selinux/include/objsec.h | 17 +++++++++++++++++ security/selinux/ss/services.c | 6 +++++- security/smack/smack_lsm.c | 7 +++++-- 11 files changed, 58 insertions(+), 31 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 59f38c18426a..690ab020508e 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1357,7 +1357,7 @@ * @audit_rule_match: * Determine if given @secid matches a rule previously approved * by @audit_rule_known. - * @secid contains the security id in question. + * @l points to the security data in question. * @field contains the field which relates to current LSM. * @op contains the operator that will be used for matching. * @rule points to the audit rule that will be checked against. @@ -1786,7 +1786,8 @@ union security_list_options { int (*audit_rule_init)(u32 field, u32 op, char *rulestr, void **lsmrule); int (*audit_rule_known)(struct audit_krule *krule); - int (*audit_rule_match)(u32 secid, u32 field, u32 op, void *lsmrule); + int (*audit_rule_match)(struct lsm_export *l, u32 field, u32 op, + void *lsmrule); void (*audit_rule_free)(void *lsmrule); #endif /* CONFIG_AUDIT */ diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c index 5a8b9cded4f2..bea59bfad332 100644 --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -225,13 +225,13 @@ int aa_audit_rule_known(struct audit_krule *rule) return 0; } -int aa_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) +int aa_audit_rule_match(struct lsm_export *l, u32 field, u32 op, void *vrule) { struct aa_audit_rule *rule = vrule; struct aa_label *label; int found = 0; - label = aa_secid_to_label(sid); + label = aa_secid_to_label(l); if (!label) return -ENOENT; diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h index ee559bc2acb8..372ba4fada9c 100644 --- a/security/apparmor/include/audit.h +++ b/security/apparmor/include/audit.h @@ -192,6 +192,6 @@ static inline int complain_error(int error) void aa_audit_rule_free(void *vrule); int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule); int aa_audit_rule_known(struct audit_krule *rule); -int aa_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule); +int aa_audit_rule_match(struct lsm_export *l, u32 field, u32 op, void *vrule); #endif /* __AA_AUDIT_H */ diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index fa2062711b63..c283c620efe3 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -25,7 +25,7 @@ struct aa_label; /* secid value that matches any other secid */ #define AA_SECID_WILDCARD 1 -struct aa_label *aa_secid_to_label(u32 secid); +struct aa_label *aa_secid_to_label(struct lsm_export *l); int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 05373d9a3d6a..1546c45a2a18 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -61,9 +61,12 @@ void aa_secid_update(u32 secid, struct aa_label *label) * * see label for inverse aa_label_to_secid */ -struct aa_label *aa_secid_to_label(u32 secid) +struct aa_label *aa_secid_to_label(struct lsm_export *l) { struct aa_label *label; + u32 secid; + + secid = (l->flags & LSM_EXPORT_APPARMOR) ? l->apparmor : 0; rcu_read_lock(); label = idr_find(&aa_secids, secid); @@ -72,12 +75,22 @@ struct aa_label *aa_secid_to_label(u32 secid) return label; } +static inline void aa_import_secid(struct lsm_export *l, u32 secid) +{ + l->flags = LSM_EXPORT_APPARMOR; + l->apparmor = secid; +} + int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) { /* TODO: cache secctx and ref count so we don't have to recreate */ - struct aa_label *label = aa_secid_to_label(secid); + struct lsm_export data; + struct aa_label *label; int len; + aa_import_secid(&data, secid); + label = aa_secid_to_label(&data); + AA_BUG(!seclen); if (!label) diff --git a/security/security.c b/security/security.c index 2f1355d10e0d..60dd064c0531 100644 --- a/security/security.c +++ b/security/security.c @@ -2477,7 +2477,12 @@ void security_audit_rule_free(void *lsmrule) int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule) { - return call_int_hook(audit_rule_match, 0, secid, field, op, lsmrule); + int rc; + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + + rc = call_int_hook(audit_rule_match, 0, &data, field, op, lsmrule); + lsm_export_secid(&data, &secid); + return rc; } #endif /* CONFIG_AUDIT */ diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 03dfa0cd6739..bfd0f1f5979f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -213,23 +213,6 @@ static void cred_init_security(void) tsec->osid = tsec->sid = SECINITSID_KERNEL; } -/* - * Set the SELinux secid in an lsm_export structure - */ -static inline void selinux_export_secid(struct lsm_export *l, u32 secid) -{ - l->selinux = secid; - l->flags |= LSM_EXPORT_SELINUX; -} - -static inline void selinux_import_secid(struct lsm_export *l, u32 *secid) -{ - if (l->flags | LSM_EXPORT_SELINUX) - *secid = l->selinux; - else - *secid = SECSID_NULL; -} - /* * get the security ID of a set of credentials */ diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h index 682e2b5de2a4..92dd5ab15fb2 100644 --- a/security/selinux/include/audit.h +++ b/security/selinux/include/audit.h @@ -39,7 +39,7 @@ void selinux_audit_rule_free(void *rule); /** * selinux_audit_rule_match - determine if a context ID matches a rule. - * @sid: the context ID to check + * @l: points to the context ID to check * @field: the field this rule refers to * @op: the operater the rule uses * @rule: pointer to the audit rule to check against @@ -47,7 +47,8 @@ void selinux_audit_rule_free(void *rule); * Returns 1 if the context id matches the rule, 0 if it does not, and * -errno on failure. */ -int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule); +int selinux_audit_rule_match(struct lsm_export *l, u32 field, u32 op, + void *rule); /** * selinux_audit_rule_known - check to see if rule contains selinux fields. diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 3b78aa4ee98f..d7efc5f23c1e 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -50,6 +50,23 @@ static inline u32 current_sid(void) return tsec->sid; } +/* + * Set the SELinux secid in an lsm_export structure + */ +static inline void selinux_export_secid(struct lsm_export *l, u32 secid) +{ + l->selinux = secid; + l->flags |= LSM_EXPORT_SELINUX; +} + +static inline void selinux_import_secid(struct lsm_export *l, u32 *secid) +{ + if (l->flags | LSM_EXPORT_SELINUX) + *secid = l->selinux; + else + *secid = SECSID_NULL; +} + enum label_initialized { LABEL_INVALID, /* invalid or not initialized */ LABEL_INITIALIZED, /* initialized */ diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e3f5d6aece66..626b877363fb 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3395,13 +3395,15 @@ int selinux_audit_rule_known(struct audit_krule *rule) return 0; } -int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) +int selinux_audit_rule_match(struct lsm_export *l, u32 field, u32 op, + void *vrule) { struct selinux_state *state = &selinux_state; struct context *ctxt; struct mls_level *level; struct selinux_audit_rule *rule = vrule; int match = 0; + u32 sid; if (unlikely(!rule)) { WARN_ONCE(1, "selinux_audit_rule_match: missing rule\n"); @@ -3415,6 +3417,8 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) goto out; } + selinux_import_secid(l, &sid); + ctxt = sidtab_search(state->ss->sidtab, sid); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 5318b9e6820a..0e048c1456ed 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4369,7 +4369,7 @@ static int smack_audit_rule_known(struct audit_krule *krule) /** * smack_audit_rule_match - Audit given object ? - * @secid: security id for identifying the object to test + * @l: security id for identifying the object to test * @field: audit rule flags given from user-space * @op: required testing operator * @vrule: smack internal rule presentation @@ -4377,10 +4377,12 @@ static int smack_audit_rule_known(struct audit_krule *krule) * The core Audit hook. It's used to take the decision of * whether to audit or not to audit a given object. */ -static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule) +static int smack_audit_rule_match(struct lsm_export *l, u32 field, u32 op, + void *vrule) { struct smack_known *skp; char *rule = vrule; + u32 secid; if (unlikely(!rule)) { WARN_ONCE(1, "Smack: missing rule\n"); @@ -4390,6 +4392,7 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule) if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER) return 0; + smack_import_secid(l, &secid); skp = smack_from_secid(secid); /* From patchwork Fri Apr 19 00:44:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908303 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9F812922 for ; Fri, 19 Apr 2019 00:46:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 905FA28B9C for ; Fri, 19 Apr 2019 00:46:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 84A4728BAC; Fri, 19 Apr 2019 00:46:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4252428B9C for ; Fri, 19 Apr 2019 00:46:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726740AbfDSAqu (ORCPT ); Thu, 18 Apr 2019 20:46:50 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:41118 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726520AbfDSAqu (ORCPT ); Thu, 18 Apr 2019 20:46:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634809; bh=fnJcv2J/MrzRf8h1makEn2/UWDvYNR2yTG2TfGic4Xg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=ZSYIbuXFGG+JolKcL/W7FwdpF+1waY9wl1aPF9SaTMJUWJ/dpvHp/rSylOSFODSN0OiIvY+kin10wfzkWReMhmm78NgWBZ2DLraKJfBhFINTB4qrgt15DeO3acbNCtZJGk+Ft5db63xj+vfl9wKesuKEzYnGcFwPuqQQuM6msq3j5Gm5+wSMLm2RQSQO3JL/fkt7l4YpBDQs4fV/M4ImqbLVrlwtpWKkJ16tZaqt7MJDNJX4kEYEFZa2nKsUOCdbz+1XJuj2RT2vfKEyOkHinslbRx12MBpMyAeT8CqP1uJmvYDE38KXDvt4N8YhWaUdgW1QIoIH4lIZcipWW1lWPw== X-YMail-OSG: n5yrI3IVM1m1pu3Mbixin4888ypnqzAKlalCfwV0e4Zlk2n9r7NcVdPObLO.FcD 6w4osrtEky4lfTuWqmbhEdn8G7.ZLIuXyhGI_qaCprLUQvVflCV4xL.Gf5EQs0QwaKVteByEaLi6 .hvFAYWCsGelKVL1b7.ol0FgnCV.wIuNrNbv01CEXKNYT8PtaEetKFDrVW77pJAAk.EEEElccwvD OS7fxyATGMYqpOY1TC5FdyMDKXSUPy46IKKMQouFhqD2GfDt9uYLYSKQQAqnG4ZyQYyZO5fSlr3O hVltNSF3dbZmKcqlBNieobJ7ea_4royHRlshjez2xbBSb4BpdNnuljPRymC75SrpnYamz4O7wgIl I2AfjK.UxkLkQuRw7KUdgv0.YJ0nm5.R_2LOyxwuYrZckjCe.0TPxnjxabfAkT9CxMxybgVzynMT ezr1Tp_FPMKphkTE51UH4tinpAb8AycUDQp_fxxpmO.h67FJqyeM1yaQRNJt7l07YsHy1JTYsw.u dFzvdbhpWQ0YWcwBdkYgJ3fh7NHaNunFnM7u5c437eRcGrUmFyWKFYDmmnQsIpuACeKLo5ARWWPj 7vaMAf1YThkH13rjTDZ1iXEL35.B2fewdFBw2rWcuOf1AgoGaZy3naLOQglNaQx8DPEZPApZj5oT mpHctxtWSgSiqJGl2IdB9mI0QKLnOy1HMNYaPfBoO_Dola0bprKog0QcQByLuzVSCnher4lXtEpt j.Xg.zZD8aGYKfUuhG6VlZrTmT7H6Nr5hfu66UGN640p_zHaVRH_9Kj78DpMJg_U0o8kXuCQ34Uy Ps_9ut6EQOcboS1urys0cMmkU6HC7S5.Pu8vqBrhAas7ReW1cxP9g.qqFj9v1Nx0z_0zNKRkQSGF BkS3YKqcA7RvCvYgVMHfHVV3aqfMIlY8EO5RtiIyyMJIAsGiWhzj6cx5ECNCpB0egLe9ptFGWn2. EG.PsVYJ_Z6jwIBtkpoUaD7sTicbkNGlj5VSVCz3EodsR2j0AX2VIRbPuwhMT1pIE7ZSqgRcMrGu dmNZd7gqZOoFl3TuNy75RyvqINWGaysc2HT9FFWUu41btYwKY0MBaanBVDMavBqjeCVrKVIZojZ6 HSo_7gk1T12jv8OtK7y16ksnfhmuEGu6xjWxIqXmp2VRlVmVfsb2kA92B_eXS7A-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:49 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp430.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID db33df77ae90d094534f9c2fe92816eb; Fri, 19 Apr 2019 00:46:48 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 11/90] LSM: Fix logical operation in lsm_export checks Date: Thu, 18 Apr 2019 17:44:58 -0700 Message-Id: <20190419004617.64627-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Fix the logic in Smack and SELinux when checking to see if the secid is included. Signed-off-by: Casey Schaufler --- security/selinux/include/objsec.h | 2 +- security/smack/smack_lsm.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index d7efc5f23c1e..59a3b1cd5ba9 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -61,7 +61,7 @@ static inline void selinux_export_secid(struct lsm_export *l, u32 secid) static inline void selinux_import_secid(struct lsm_export *l, u32 *secid) { - if (l->flags | LSM_EXPORT_SELINUX) + if (l->flags & LSM_EXPORT_SELINUX) *secid = l->selinux; else *secid = SECSID_NULL; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0e048c1456ed..a3776501965d 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -477,7 +477,7 @@ static inline void smack_export_secid(struct lsm_export *l, u32 secid) static inline void smack_import_secid(struct lsm_export *l, u32 *secid) { - if (l->flags | LSM_EXPORT_SMACK) + if (l->flags & LSM_EXPORT_SMACK) *secid = l->smack; else *secid = 0; From patchwork Fri Apr 19 00:44:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908305 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 84381922 for ; Fri, 19 Apr 2019 00:46:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6EBBB28B8F for ; Fri, 19 Apr 2019 00:46:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6390328B9F; Fri, 19 Apr 2019 00:46:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D180C28B8F for ; Fri, 19 Apr 2019 00:46:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726700AbfDSAqv (ORCPT ); Thu, 18 Apr 2019 20:46:51 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:36634 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726715AbfDSAqv (ORCPT ); Thu, 18 Apr 2019 20:46:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634809; bh=seyjgce0pdmEa+cpaRVpjQK9OBPNuMErUFViqdarFKQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=E00x9vplU2AZhWLoh6V4GKvq/bsbM9km3ehZT8bpNKDpoQDmMkf+bzAOUMkNhOtXKGjX1aCjQmVUx1FXjLArXxSktvCqrRPpj0EFFKA2J2MOP35KTIq/t9tlKpA9vCZOT7YXfrQECHcwO3/EAN2zkCNOBL3axNB25kf+qFFWJ1ITgK87vzS+tLlSJDq9RBCpxJeee/EDKcRVNgaVL8wDy7YMfQTKDIgWJQWGAVLIGcNNmRHWzv0tGz7yrkPnKJCqzTcgEjtOr7zYEeLpq5emq4GVJ/QQ2R43ewzRyKlamS2Fq7A44xM1y0KC0EYvgvoYtbK0FysQD+F+LGo5ECc9fg== X-YMail-OSG: PBB8Q4EVM1lEM4EMadN1pN1zteZj4j4xm5qH4PGlHvj0hqLtQQxouxYvTc8jz2F 0p9ERyxwmymM6J6tjcd.3KySmDfFRARg5RaaR42N8Xzmc6Yto9V6rpYYD7tS8ejz6g6_L0NMVz3K ur_M0ROFn4O95fgGfAUF2j1gotiO1FvtNgwjqSKJ1ymnQNjipcBwme0A.LYvZH7WFS3CSXLd4Q.M 0z1EIQ92zwhsa0aijag7L6SgFhuhRb1dHBGU2LlLXtt1Hy_QxYrMU9mYW0qyVvsXQavktEF1b890 Axa.Bs2p.rP2JU.enKrrhnXFae5.ce8NV2hiwVHN5I16feR.Kr9X31zcUj2uAfIkwZ0soj88ytTf xCZscXQpIfN_V8jYKZPYlYqAxSVn0q8v199s7V3VTEJH1V_H2OtncHKIFn0x1EKb.3VRD1aEuP7y nzNeiPbbvw5ICfwFli6ICk82eZkdF.JZWR1OE_UOmq5dS330H8PtlO7UfE53aNOgg7EGI2ghxXfs MPjPBxYnmteeS2xP4gWpYu9Ao.EHqK_zuxURVLd_5iPsPpLJ5uTL0ToSe3iI3CEfz_Ro5V1GW0TV p8BwyENmTSENJQVBtSErgNlcVD3inU29MDVPdWSC75oSYi16fQkssZyCuk1Lz19zm6Di9RQ6yuyq 15OlS7I8IHkdxMj1djg2FQkVbNtXsx_acjNzd9IwtOBaCmMxVbsR96WZo_Px9bPRCZY3mnypeSmH cX_NIa66TZRWJpAZFSWjal7bktTAmrMlQb9OnxqDlDbV3NH3hCZe9zy1vXo1mnE0p0BsOIFrRRbL P0VcqM1UykusWcLPR80Ozl2RGoSf5i5dyLBHhkR7mlRxW1LjVZBTieR5FMjI5NKGYn3bD5GivxOS auE1nherfa9d7dNh3vcW6H2SUF7vaN9Px4D2KBvkE9L9zO4PCRZlJXbvmImYiV4KlpWebdssYVTt ZuJc_m9y3BVqostvUcBfdJLLXSBPnAPYlh._yktJoAFlMGAHZwf5aq3idI.Eii50FWt7CTZJ.DuV 2eK3_nidI5LGqdvDXDuOra1aW7LhdfuNmPbLmIdfTFtWRAk1zM83n7IWM9zGY0AqHNiMH6Jni_79 1KSw91ls7Eo4CD9BPSOc3mtEeQXewYePKkAoL9u.ECdS6Rlsj1TnJ_RhBMKZUd3IK6_0uXG7o8oC c7v__UVQiHAG1Yg-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:49 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp430.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID db33df77ae90d094534f9c2fe92816eb; Fri, 19 Apr 2019 00:46:49 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 12/90] LSM: Use lsm_export in the secid_to_secctx hooks Date: Thu, 18 Apr 2019 17:44:59 -0700 Message-Id: <20190419004617.64627-13-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the secid_to_secctx hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_secid_to_secctx() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 5 +++-- security/apparmor/include/secid.h | 2 +- security/apparmor/secid.c | 6 ++---- security/security.c | 5 ++++- security/selinux/hooks.c | 6 +++++- security/smack/smack_lsm.c | 9 +++++++-- 6 files changed, 22 insertions(+), 11 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 690ab020508e..11ace5c923bd 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1322,7 +1322,7 @@ * This does mean that the length could change between calls to check the * length and the next call which actually allocates and returns the * secdata. - * @secid contains the security ID. + * @l points to the security information. * @secdata contains the pointer that stores the converted security * context. * @seclen pointer which contains the length of the data @@ -1672,7 +1672,8 @@ union security_list_options { int (*getprocattr)(struct task_struct *p, char *name, char **value); int (*setprocattr)(const char *name, void *value, size_t size); int (*ismaclabel)(const char *name); - int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); + int (*secid_to_secctx)(struct lsm_export *l, char **secdata, + u32 *seclen); int (*secctx_to_secid)(const char *secdata, u32 seclen, u32 *secid); void (*release_secctx)(char *secdata, u32 seclen); diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index c283c620efe3..03369183f512 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -26,7 +26,7 @@ struct aa_label; #define AA_SECID_WILDCARD 1 struct aa_label *aa_secid_to_label(struct lsm_export *l); -int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); +int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 1546c45a2a18..ab4dc165e43e 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -81,15 +81,13 @@ static inline void aa_import_secid(struct lsm_export *l, u32 secid) l->apparmor = secid; } -int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) { /* TODO: cache secctx and ref count so we don't have to recreate */ - struct lsm_export data; struct aa_label *label; int len; - aa_import_secid(&data, secid); - label = aa_secid_to_label(&data); + label = aa_secid_to_label(l); AA_BUG(!seclen); diff --git a/security/security.c b/security/security.c index 60dd064c0531..adf4cb768665 100644 --- a/security/security.c +++ b/security/security.c @@ -2002,7 +2002,10 @@ EXPORT_SYMBOL(security_ismaclabel); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) { - return call_int_hook(secid_to_secctx, -EOPNOTSUPP, secid, secdata, + struct lsm_export data; + + lsm_export_to_all(&data, secid); + return call_int_hook(secid_to_secctx, -EOPNOTSUPP, &data, secdata, seclen); } EXPORT_SYMBOL(security_secid_to_secctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index bfd0f1f5979f..16d902158e8a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6301,8 +6301,12 @@ static int selinux_ismaclabel(const char *name) return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); } -static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static int selinux_secid_to_secctx(struct lsm_export *l, char **secdata, + u32 *seclen) { + u32 secid; + + selinux_import_secid(l, &secid); return security_sid_to_context(&selinux_state, secid, secdata, seclen); } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index a3776501965d..809af981f14c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4433,9 +4433,14 @@ static int smack_ismaclabel(const char *name) * * Exists for networking code. */ -static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static int smack_secid_to_secctx(struct lsm_export *l, char **secdata, + u32 *seclen) { - struct smack_known *skp = smack_from_secid(secid); + struct smack_known *skp; + u32 secid; + + smack_import_secid(l, &secid); + skp = smack_from_secid(secid); if (secdata) *secdata = skp->smk_known; From patchwork Fri Apr 19 00:45:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908315 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9A0CC1515 for ; Fri, 19 Apr 2019 00:46:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 892FB28B9D for ; Fri, 19 Apr 2019 00:46:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7D89E28D84; Fri, 19 Apr 2019 00:46:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0C08228B9D for ; Fri, 19 Apr 2019 00:46:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726769AbfDSAq4 (ORCPT ); Thu, 18 Apr 2019 20:46:56 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:35053 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726757AbfDSAq4 (ORCPT ); Thu, 18 Apr 2019 20:46:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634814; bh=HePCWke2c6I7BkpqTHfPNmlfpR/ZgJTIEAfrAn5Ctvo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=iCueyj2r597psoSjg4UIn/1BlnYOG280tmhy3pcEzIIedERL6FdOvcN6dPpTO4X8ZQCJy5hWBmgkFwfYjNikAsnzhyaJMJqnJ1X0NuzqqaL3gy05soEaXkp0LpK7oiLBlVxwthIgWFGWOgx37lrA7J0HZOLjr5CpCB1ThDRWv4eYwhgTud2+UKGRSMPtAOXks6LuRQIl56TpgHYu1NDP70pa+mt5Xka1Azm/s/5bfpRnTaGL3csAvP+Ns4RZQrmBWB/QC+gQHjg5VX+YhuWGYV7HUbu8RUcmoOgwo7r10gCJS5W2jWKI/jXu5pi6dAOpIvgZFqpYuaskSwG8ktfCGw== X-YMail-OSG: hj3IKR4VM1mJnogt._vq0hDn78c7PIYjSchTDXGRNo37FV267oREUTdXgDbFQKV CGzU20BzwZkR4hvHvvMfJklGBENpWNO_tKvcK3b79m3_f8E73pJ3j90WmHwnq5NO.IYmU6MgotrJ wpmikZ9vQ8AJAX_Zx.eb9CjMnPfmMJsoWNl8KQmXqnCNoeNygmZynx0Xo3OQpw0Dt8dq2C8SN8WC IwzfXaFGb6dJIQDq.CPMrnXbsqucNxcFLzEFyHn4GvOHlWbGBKG6RRMF466Cmigk5688R8xMJQjn sA088iMbZU2nvm8B9sK0dTMmyTEHCXjWvFaD8z892zXjYjMTerhMTTd25KAYXiKesMy93oQDmgnK NWWDupWawh.VKK6SeygctQwdbd1qTv4s802JJc4rrZaGUcXuiEaVDnUs9Lv.ivUmbQoqSKEqG5ef 4IihRk91mtoPcDa85E41hA6epLMrGbAyWuWVxlHyfOIEq3C8rtE9a7CYhT7pf7iq_53FiVlD9hY8 Y5QUxSYjYzH7MEXwBAK6a8WYTY9DKgDxSUg4yDsWgHf2wbe8VKbc5Mj53p.gGBnwQ0e1eFuqfbzm v0BXetOfCEQNYgLYWxBFsEgP58S5z1nH1uTKCaseC.pIjnhEUVOw7Fx4b1NKt_W82N82ZKzTyqoI IbJpxWtcOhl7uASWxSoCCM.Ipo42LzBxVPDWOZO6nsTqnqIF7L.mibo75dcQp2KXGT2hI8FPrymK DG61bMC0aTgwt_Alt7JdQPTuNjh8bECFj4OuLkEggUoFyxwXymxfLy4HX.BwtDX8ATrh2ogNg.Qp tYp3DawexNxbH8TnycIvIwyGnkLjB2XMt9oSU7DTDYj8FUpRfjITh11daXZIvADUIyQnbODNl2Aw SxR51ivysps_s6ocy3GbBsChTVjMieIHEepOQPPKs.UERaXALu8UNiIO33TF.8L6UR0bS77yg.Ij mTiPjfMEBmcC0deUoVrjushMEALTxBJdLofQjVfRmdQFElV7eKFue4vu0A_CGrqyXw0rhDPXN_LX .41aTiokZuR10fdI6rKTn59SJD.S9iQc5ZdxgY4ErgbOhLF8wdwodHNkazT0t1g.RlO4yDlyHkes IojUP_HeGTo2dCey9jsFpjiJfD97VyX3C8LMXIakUkZFm1aRv80VDCyMT4_ztMshhPZXI8fTCdpa tmOx21tc0TwQw Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:54 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp430.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID db33df77ae90d094534f9c2fe92816eb; Fri, 19 Apr 2019 00:46:50 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 13/90] LSM: Use lsm_export in the secctx_to_secid hooks Date: Thu, 18 Apr 2019 17:45:00 -0700 Message-Id: <20190419004617.64627-14-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert the secctx_to_secid hooks to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when security_secctx_to_secid() is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 7 ++++--- security/apparmor/include/secid.h | 3 ++- security/apparmor/secid.c | 9 +++++---- security/security.c | 8 ++++++-- security/selinux/hooks.c | 12 +++++++++--- security/smack/smack_lsm.c | 7 ++++--- 6 files changed, 30 insertions(+), 16 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 11ace5c923bd..af0bcdf8fcfe 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1327,8 +1327,8 @@ * context. * @seclen pointer which contains the length of the data * @secctx_to_secid: - * Convert security context to secid. - * @secid contains the pointer to the generated security ID. + * Convert security context to exported lsm data. + * @l contains the pointer to the generated security data. * @secdata contains the security context. * * @release_secctx: @@ -1674,7 +1674,8 @@ union security_list_options { int (*ismaclabel)(const char *name); int (*secid_to_secctx)(struct lsm_export *l, char **secdata, u32 *seclen); - int (*secctx_to_secid)(const char *secdata, u32 seclen, u32 *secid); + int (*secctx_to_secid)(const char *secdata, u32 seclen, + struct lsm_export *l); void (*release_secctx)(char *secdata, u32 seclen); void (*inode_invalidate_secctx)(struct inode *inode); diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index 03369183f512..5381eff03d4f 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -27,7 +27,8 @@ struct aa_label; struct aa_label *aa_secid_to_label(struct lsm_export *l); int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); -int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); +int apparmor_secctx_to_secid(const char *secdata, u32 seclen, + struct lsm_export *l); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index ab4dc165e43e..69d98a89db75 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -75,9 +75,9 @@ struct aa_label *aa_secid_to_label(struct lsm_export *l) return label; } -static inline void aa_import_secid(struct lsm_export *l, u32 secid) +static inline void aa_export_secid(struct lsm_export *l, u32 secid) { - l->flags = LSM_EXPORT_APPARMOR; + l->flags |= LSM_EXPORT_APPARMOR; l->apparmor = secid; } @@ -111,7 +111,8 @@ int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) return 0; } -int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) +int apparmor_secctx_to_secid(const char *secdata, u32 seclen, + struct lsm_export *l) { struct aa_label *label; @@ -119,7 +120,7 @@ int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) seclen, GFP_KERNEL, false, false); if (IS_ERR(label)) return PTR_ERR(label); - *secid = label->secid; + aa_export_secid(l, label->secid); return 0; } diff --git a/security/security.c b/security/security.c index adf4cb768665..1645ebe06715 100644 --- a/security/security.c +++ b/security/security.c @@ -2012,8 +2012,12 @@ EXPORT_SYMBOL(security_secid_to_secctx); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) { - *secid = 0; - return call_int_hook(secctx_to_secid, 0, secdata, seclen, secid); + struct lsm_export data = { .flags = LSM_EXPORT_NONE }; + int rc; + + rc = call_int_hook(secctx_to_secid, 0, secdata, seclen, &data); + lsm_export_secid(&data, secid); + return rc; } EXPORT_SYMBOL(security_secctx_to_secid); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 16d902158e8a..7dd333f133db 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6311,10 +6311,16 @@ static int selinux_secid_to_secctx(struct lsm_export *l, char **secdata, secdata, seclen); } -static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) +static int selinux_secctx_to_secid(const char *secdata, u32 seclen, + struct lsm_export *l) { - return security_context_to_sid(&selinux_state, secdata, seclen, - secid, GFP_KERNEL); + u32 secid; + int rc; + + rc = security_context_to_sid(&selinux_state, secdata, seclen, + &secid, GFP_KERNEL); + selinux_export_secid(l, secid); + return rc; } static void selinux_release_secctx(char *secdata, u32 seclen) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 809af981f14c..ecd636e5c75c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4456,14 +4456,15 @@ static int smack_secid_to_secctx(struct lsm_export *l, char **secdata, * * Exists for audit and networking code. */ -static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) +static int smack_secctx_to_secid(const char *secdata, u32 seclen, + struct lsm_export *l) { struct smack_known *skp = smk_find_entry(secdata); if (skp) - *secid = skp->smk_secid; + smack_export_secid(l, skp->smk_secid); else - *secid = 0; + smack_export_secid(l, 0); return 0; } From patchwork Fri Apr 19 00:45:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908319 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 28F3017E0 for ; Fri, 19 Apr 2019 00:46:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 148FB28B9C for ; Fri, 19 Apr 2019 00:46:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 08B9528CA9; Fri, 19 Apr 2019 00:46:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6160F28BAC for ; Fri, 19 Apr 2019 00:46:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726757AbfDSAq4 (ORCPT ); Thu, 18 Apr 2019 20:46:56 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:44956 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726750AbfDSAq4 (ORCPT ); Thu, 18 Apr 2019 20:46:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634814; bh=kBs6xavdKLksOJrpeyZAKYy1l7B4qvl4+o1ibk1YtLg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=dpwL7HMRwYSuj3jV4nKSVJCka619XuLLuBNmSFlMc1r2/eajZH37p9OgntaywxiCx5fb3W9ZaTww1Z6offk3vQDJyTdrTJ1S2Xmv/dbYFMG2g8onCW3VOmEXEMagZ1ceCsnr8IuujUseM/H2Uc9xbGq6bcDPCsckHcwUGEjyJwDs+kGLdAo2aJ7IGxqHQ8McedOx25qUjKGk8PG3tMcCRhtHHv96CNfESDWnv523xOMDlPJWpGq55ujQhdx5Z/xua6EiBrj1Z/ovWbqGm3Z+DYcqJUMByvPTnvalF1RXPhUc3TUpDKPRE79bkjmt4x7V6NuunDwH3gEunI/1lFOfwg== X-YMail-OSG: DBgAQVIVM1nad1uZ3DFtrS5RjMJw4duATAqe5DHHDn3PKcLUza9WeWnZIgbFFk0 BMUf6M5vqsOP_ybeXqg_l5RGVGfgDdHFIA_2pyxYRTDRI4cSg4HpeFWU4CnvPZlfv2xpU..LtnVJ L8XudZAmCfEEFumUdIgBTCB5cKhv.p6v4FcL315ncoxqQ95gaWGytN4gW7BIEGYTZSY6HtF1ozKp UY5SbP7cut00V4hsNImwV5eHVnTZrTd3nQlra_iIhIFbBV1E4YhbYkurByOemtlQXmsd7jeWN.mk MbE0XA7yZj3bN7Lu8z2zhd3OdB3.Fa3qXXEktFbkccmy_7eF9SDCKnZ.A.wc0q1r_flGFSRi8txo vtj1S5rnCIXVSE4NHVolL6QCAsdSM0fLQMfiYADnXGVoLIHkhmzPKhy2tO5D12YExriTliLhGXH2 hnD5hJ_1aVqZP6.ytk2WkJyIhgXT7z1myNw8AgRwK1EPkyOOmbsV25E5NeE1hmN2iQJ.c2KT0BIS IZyROEqK_GA71mUJ5Wfn2HjFzc02F6lnFt5p24suGThMaoQ6PLDZwI06W0jR1d891REqjNR_WhT3 KjNgs6iGZqpZ5SzGcB.v3mS0SgiE7x1QFW29rdHnXiVojOqm9utkQswsys6pyv6LCKNoU8DPypoV 4Uk8MEq.XSioupU.jixtYbfM8sKy0fJsWBhCFVYaIonc0EalXdSoiljpTur9bamUc7Ic3zE0SH2f fo1mxLhDFsvuQ.GDJ1nBPGcc6gYftyjEUwh64dv2mzcnz6aaoigh2vdwnUE3LZenoqbX2r6tFdyr m4wVZFMR9iTss5hj7uoPm3C9iXM3Ej.b1ZADWNwpWYNuDa00tGKQEn7geD3x8SviTBaBRdcedGu. mrWAkagH711S7xXNSKW1SQpyGuS_Y3xtDMdrClC8tonwm7rcV06cfDQhctbmtW0xBEeb4dRY6saG i9d4gH6P3FZTkC6rdt_nEpZwRDMt67wZKWkQHlchyfjMRA9Im1g3tstSipe1yhpIlKJzL3vSIveH 3E.NjwQ43HbdYyx.tgRNZA7PvKGcjSi8FRJxyCQaX6Lud6yeiOwXbiE5pG6bfaDRXWJXb6Pshoku ZPYXwyOfjA9MRYQ40rCsrOmX1pPnpf11JZCRHofy6dZwWImrtPd3qublVdl6wZw97gmgmcE7RRJo uc_pKkX2AsfjYvQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:54 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp430.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID db33df77ae90d094534f9c2fe92816eb; Fri, 19 Apr 2019 00:46:51 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 14/90] LSM: Use lsm_export in security_audit_rule_match Date: Thu, 18 Apr 2019 17:45:01 -0700 Message-Id: <20190419004617.64627-15-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_audit_rule_match to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/security.h | 46 +++++++++++++++++++++++++-- kernel/auditfilter.c | 4 ++- kernel/auditsc.c | 13 +++++--- security/integrity/ima/ima_policy.c | 7 +++-- security/security.c | 48 ++--------------------------- 5 files changed, 63 insertions(+), 55 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index fb19f41d630b..ea2c6c4e88db 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -93,6 +93,45 @@ static inline void lsm_export_init(struct lsm_export *l) memset(l, 0, sizeof(*l)); } +/** + * lsm_export_secid - pull the useful secid out of a lsm_export + * @data: the containing data structure + * @secid: where to put the one that matters. + * + * Shim that will disappear when all lsm_export conversions are done. + */ +static inline void lsm_export_secid(struct lsm_export *data, u32 *secid) +{ + switch (data->flags) { + case LSM_EXPORT_NONE: + *secid = 0; + break; + case LSM_EXPORT_SELINUX: + *secid = data->selinux; + break; + case LSM_EXPORT_SMACK: + *secid = data->smack; + break; + case LSM_EXPORT_APPARMOR: + *secid = data->apparmor; + break; + default: + pr_warn("%s flags=0x%u - not a valid set\n", __func__, + data->flags); + *secid = 0; + break; + } +} + +static inline void lsm_export_to_all(struct lsm_export *data, u32 secid) +{ + data->selinux = secid; + data->smack = secid; + data->apparmor = secid; + data->flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | + LSM_EXPORT_APPARMOR; +} + /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts); @@ -1712,7 +1751,8 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) #ifdef CONFIG_SECURITY int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule); int security_audit_rule_known(struct audit_krule *krule); -int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule); +int security_audit_rule_match(struct lsm_export *l, u32 field, u32 op, + void *lsmrule); void security_audit_rule_free(void *lsmrule); #else @@ -1728,8 +1768,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) return 0; } -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, - void *lsmrule) +static inline int security_audit_rule_match(struct lsm_export *l, u32 field, + u32 op, void *lsmrule) { return 0; } diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 63f8b3f26fab..15771102919d 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1324,6 +1324,7 @@ int audit_filter(int msgtype, unsigned int listtype) struct audit_field *f = &e->rule.fields[i]; pid_t pid; u32 sid; + struct lsm_export le; switch (f->type) { case AUDIT_PID: @@ -1354,7 +1355,8 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_CLR: if (f->lsm_rule) { security_task_getsecid(current, &sid); - result = security_audit_rule_match(sid, + lsm_export_to_all(&le, sid); + result = security_audit_rule_match(&le, f->type, f->op, f->lsm_rule); } break; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index d1eab1d4a930..822ba35e4e64 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -445,6 +445,7 @@ static int audit_filter_rules(struct task_struct *tsk, const struct cred *cred; int i, need_sid = 1; u32 sid; + struct lsm_export le; unsigned int sessionid; cred = rcu_dereference_check(tsk->cred, tsk == current || task_creation); @@ -630,7 +631,8 @@ static int audit_filter_rules(struct task_struct *tsk, security_task_getsecid(tsk, &sid); need_sid = 0; } - result = security_audit_rule_match(sid, f->type, + lsm_export_to_all(&le, sid); + result = security_audit_rule_match(&le, f->type, f->op, f->lsm_rule); } @@ -645,15 +647,17 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_rule) { /* Find files that match */ if (name) { + lsm_export_to_all(&le, name->osid); result = security_audit_rule_match( - name->osid, + &le, f->type, f->op, f->lsm_rule); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { + lsm_export_to_all(&le, n->osid); if (security_audit_rule_match( - n->osid, + &le, f->type, f->op, f->lsm_rule)) { @@ -665,7 +669,8 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - if (security_audit_rule_match(ctx->ipc.osid, + lsm_export_to_all(&le, ctx->ipc.osid); + if (security_audit_rule_match(&le, f->type, f->op, f->lsm_rule)) ++result; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index e0cc323f948f..090ef8ceb116 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -327,6 +327,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; u32 osid; + struct lsm_export le; int retried = 0; if (!rule->lsm[i].rule) @@ -337,7 +338,8 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: security_inode_getsecid(inode, &osid); - rc = security_filter_rule_match(osid, + lsm_export_to_all(&le, osid); + rc = security_filter_rule_match(&le, rule->lsm[i].type, Audit_equal, rule->lsm[i].rule); @@ -345,7 +347,8 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - rc = security_filter_rule_match(secid, + lsm_export_to_all(&le, secid); + rc = security_filter_rule_match(&le, rule->lsm[i].type, Audit_equal, rule->lsm[i].rule); diff --git a/security/security.c b/security/security.c index 1645ebe06715..1e819ecf26ff 100644 --- a/security/security.c +++ b/security/security.c @@ -712,45 +712,6 @@ int lsm_superblock_alloc(struct super_block *sb) RC; \ }) -/** - * lsm_export_secid - pull the useful secid out of a lsm_export - * @data: the containing data structure - * @secid: where to put the one that matters. - * - * Shim that will disappear when all lsm_export conversions are done. - */ -static inline void lsm_export_secid(struct lsm_export *data, u32 *secid) -{ - switch (data->flags) { - case LSM_EXPORT_NONE: - *secid = 0; - break; - case LSM_EXPORT_SELINUX: - *secid = data->selinux; - break; - case LSM_EXPORT_SMACK: - *secid = data->smack; - break; - case LSM_EXPORT_APPARMOR: - *secid = data->apparmor; - break; - default: - pr_warn("%s flags=0x%u - not a valid set\n", __func__, - data->flags); - *secid = 0; - break; - } -} - -static inline void lsm_export_to_all(struct lsm_export *data, u32 secid) -{ - data->selinux = secid; - data->smack = secid; - data->apparmor = secid; - data->flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | - LSM_EXPORT_APPARMOR; -} - /* Security operations */ int security_binder_set_context_mgr(struct task_struct *mgr) @@ -2482,14 +2443,11 @@ void security_audit_rule_free(void *lsmrule) call_void_hook(audit_rule_free, lsmrule); } -int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule) +int security_audit_rule_match(struct lsm_export *l, u32 field, u32 op, + void *lsmrule) { - int rc; - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - rc = call_int_hook(audit_rule_match, 0, &data, field, op, lsmrule); - lsm_export_secid(&data, &secid); - return rc; + return call_int_hook(audit_rule_match, 0, l, field, op, lsmrule); } #endif /* CONFIG_AUDIT */ From patchwork Fri Apr 19 00:45:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908323 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D6BB917E0 for ; Fri, 19 Apr 2019 00:47:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C89C628B9C for ; Fri, 19 Apr 2019 00:47:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BB4D328BAC; Fri, 19 Apr 2019 00:47:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5608F28B9D for ; Fri, 19 Apr 2019 00:47:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726780AbfDSArA (ORCPT ); Thu, 18 Apr 2019 20:47:00 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:33272 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726750AbfDSArA (ORCPT ); Thu, 18 Apr 2019 20:47:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634819; bh=1W3uUkvFiV/hG0OeWxySGoGDdIhr1Nn/Tz9IT5pFX0c=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=gs3Ylr8ugBM3Z2pPZuPPJzqaEZ8DQRjsXiKr41VBhhgHx742VEgM9GXsUzhAV28HbaXGprQNo3PIi5o6LuTINbECkAM2wmlLJGWV8ylTi8bVnKcwpW+3j0s2IAkSFJLDX8RY5LUejgxS9xvlzsrWv8uYVdgmX62daB+p72Lwu55JMV8azLHn0pUUpxbbxQgXyEPPWSCqMagSh8zp/sxhocsoQjZH62vtdBUuXBfCdPjU1nbCodFi8Mi77A59fZ1V+Ny2xfA2DwSXmbOqnMyinoWW2utOIBl9WpIlJcgdNkzjgmTJM5mAgtMfhNpgpDCZQWUvvtDaTDHpadP2t86S8Q== X-YMail-OSG: NmCHi3IVM1mu7qRRcKEXdz9MjWSENJSZVEF0g9OEO19AImpk4yfWOoa4jFZkZR2 9.byuH46KrF9Zmt1B3dRwFeIIBLNtAY8f6xmSymSjiUEv3toe8KoMCyEN1YHXJhQSxbEAhr3pPXW tNCjGszSHH78kDcQHUVTULRZxwgzkl9nZ0hNNdzJwu7oo4vmM5uUfN5bAtTva.tjlwGROflY2Zjg LZuhsiNS5un.yy_LBzJ9cnhvSW_3hEakl6lkyWyMeQV6sfQoDYw9OIwRChb3jnF5gdp76dQuXhyB i3E6zrOUUlY7tgYZsnXFhuScEHGYVcO8qOnHos1iK1gq3keYmKJ4BMMGe1wtARGpdpgFQq5pqklv UvkkMueDvdHOAWzAGIcIxeiZ1Lrhl5beQEeuwf_8l6bx2JnzB5Zy2N4O4TQaESSFidKHR2X1nV_3 z7k624nT5s_II1n7r36R0NjrG_ycTWeoS4a8QpyFYxnq95lcX0es2kfLpFfrM1He8qK25NbTO5Y_ 7F3uTpMEbqvWHi9VTJ7_auyGOUFmgvK5VLPGV4paimOvjO8k7BoPyJjDzn4dmzWoOd9u7foKI0Zr ys_W0.H2N2MDaNXGQD.4Gxz4CLCU76oDHNwL1eAqEiio8TsTm4cE11oj.ozIxeiXg8O9jZt.y2Xs oanEziIhidDbf5_5rZZHUJXdJKNqaZLB0zhpskmZoU_.H9R7TvLF9114JsOLlDkJYpeG.VGbl0LR .9nUoUfveleLUU.TnpRkQpt_oid1oNOBsQIeTLDBWTvadHSCHTn09oZ9uT6AOZhufIS5IRDG_dL6 zmTHRWj8euFPoHWDJVOj8353P5piQnmBt6j4kn0DQkZCkTv9JHOKA0J1Ogeh2qKeIbNsqgyNMKmY NTocvOX9gaK8FaN7wyfNXAA6cTU5xViDiW5UOaKP2JYl8kzfKOwW0bLvodmnjDfjJjZ8nUbNmx9J mMznmkRbKuYrN8dC4CXA.dx2SjBp0gIWjm38Rn3BCh61dKqB7z2Dxu1YGLbLyviVCIcXiF0yCzuT fDOF3Txwn2V9TWCIXluWujSjSdVxAzch4lDcH_FOz87OvU0mvQCibHQxQdt5LvggIBatdfbdA6a9 0KTY9q6_ig8NomdpaXAInckIsIlYHfrThjJDxkH48n658Mg1zfklOvweb_ofkCD_ZOqVs8S_Rw4o SAZnbbUJqu4ex Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:46:59 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 7bfda36ec44e7fd17a13267c14302369; Fri, 19 Apr 2019 00:46:58 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 15/90] LSM: Use lsm_export in security_kernel_act_as Date: Thu, 18 Apr 2019 17:45:02 -0700 Message-Id: <20190419004617.64627-16-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Convert security_kernel_act_as to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/cred.h | 3 ++- include/linux/security.h | 5 +++-- kernel/cred.c | 10 ++++++---- security/security.c | 8 ++------ 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/linux/cred.h b/include/linux/cred.h index ddd45bb74887..023f422eefd6 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -22,6 +22,7 @@ struct cred; struct inode; +struct lsm_export; /* * COW Supplementary groups list @@ -165,7 +166,7 @@ extern const struct cred *override_creds(const struct cred *); extern void revert_creds(const struct cred *); extern struct cred *prepare_kernel_cred(struct task_struct *); extern int change_create_files_as(struct cred *, struct inode *); -extern int set_security_override(struct cred *, u32); +extern int set_security_override(struct cred *, struct lsm_export *); extern int set_security_override_from_ctx(struct cred *, const char *); extern int set_create_files_as(struct cred *, struct inode *); extern int cred_fscmp(const struct cred *, const struct cred *); diff --git a/include/linux/security.h b/include/linux/security.h index ea2c6c4e88db..7369cdc3a681 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -378,7 +378,7 @@ void security_cred_free(struct cred *cred); int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); void security_transfer_creds(struct cred *new, const struct cred *old); void security_cred_getsecid(const struct cred *c, u32 *secid); -int security_kernel_act_as(struct cred *new, u32 secid); +int security_kernel_act_as(struct cred *new, struct lsm_export *l); int security_kernel_create_files_as(struct cred *new, struct inode *inode); int security_kernel_module_request(char *kmod_name); int security_kernel_load_data(enum kernel_load_data_id id); @@ -961,7 +961,8 @@ static inline void security_transfer_creds(struct cred *new, { } -static inline int security_kernel_act_as(struct cred *cred, u32 secid) +static inline int security_kernel_act_as(struct cred *cred, + struct lsm_export *l) { return 0; } diff --git a/kernel/cred.c b/kernel/cred.c index 45d77284aed0..40a3fde22667 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -701,14 +701,14 @@ EXPORT_SYMBOL(prepare_kernel_cred); /** * set_security_override - Set the security ID in a set of credentials * @new: The credentials to alter - * @secid: The LSM security ID to set + * @l: The LSM security information to set * * Set the LSM security ID in a set of credentials so that the subjective * security is overridden when an alternative set of credentials is used. */ -int set_security_override(struct cred *new, u32 secid) +int set_security_override(struct cred *new, struct lsm_export *l) { - return security_kernel_act_as(new, secid); + return security_kernel_act_as(new, l); } EXPORT_SYMBOL(set_security_override); @@ -724,6 +724,7 @@ EXPORT_SYMBOL(set_security_override); */ int set_security_override_from_ctx(struct cred *new, const char *secctx) { + struct lsm_export le; u32 secid; int ret; @@ -731,7 +732,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) if (ret < 0) return ret; - return set_security_override(new, secid); + lsm_export_to_all(&le, secid); + return set_security_override(new, &le); } EXPORT_SYMBOL(set_security_override_from_ctx); diff --git a/security/security.c b/security/security.c index 1e819ecf26ff..edaaaef54239 100644 --- a/security/security.c +++ b/security/security.c @@ -1615,13 +1615,9 @@ void security_cred_getsecid(const struct cred *c, u32 *secid) } EXPORT_SYMBOL(security_cred_getsecid); -int security_kernel_act_as(struct cred *new, u32 secid) +int security_kernel_act_as(struct cred *new, struct lsm_export *l) { - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - - lsm_export_to_all(&data, secid); - - return call_int_hook(kernel_act_as, 0, new, &data); + return call_int_hook(kernel_act_as, 0, new, l); } int security_kernel_create_files_as(struct cred *new, struct inode *inode) From patchwork Fri Apr 19 00:45:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908329 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 05DBD18FD for ; Fri, 19 Apr 2019 00:47:06 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EAA4F28B9F for ; Fri, 19 Apr 2019 00:47:05 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DF53328D80; Fri, 19 Apr 2019 00:47:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 69C6428B9F for ; Fri, 19 Apr 2019 00:47:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726811AbfDSArE (ORCPT ); Thu, 18 Apr 2019 20:47:04 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:34123 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfDSArE (ORCPT ); Thu, 18 Apr 2019 20:47:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634823; bh=wTEQTvklkThW7Dll4nUn/vb0sTDbloo0pZigu96CHzg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=eAtrZyv5I9J3UgUVhiYXqnQ7+5jf8L9W0MiP1+qOUlMnsub3zq4g5gdaKoxMXJLjvTpSKsJMEn1D5Wa3QYFsJ6UHinOhxtukPBFPcHgDQ2l4kSp6s8WgQwKZoKAZb6oEAzdi+f3hCHqmIICfrsg4y9SFPJj5/yQjnAJShOqpPERts1kYCSULOXR5PvA7x6xmVdKDqdIDKBdcOcD1gVyKFhE2aMYGbjwrsDyx6hyYKXOl77NXDgHZRy7lbFdnNNE0Bt5yduG1PSm8Ppcx1aGv4EIodlco43GwSHvU12JSbN9E4rH5dNYgiVn5vRL7999WpGEskPbeWdmROcxhAWWdQA== X-YMail-OSG: c7bZ_EwVM1mqEvPjlWA4D2b.Q4SlzDMru3FufkDbUymLhGhjjQ7yMa2qZWWbOQf dSTMhq3O.8UW6k1O5GmLRIgxruHk9P75cUoPZ4mEiIcnl1tAoRh8ukzojeVO7tEaMs7aYCKp6jlN rVKrzZztI0F4V79TqMcvAid4C77rc5dVYg85QmbBzfVtlvR2cb0GXTiv8eXb7iriJvop3aGqUnC3 pCDHqiqIRcxYP9McFJb5z8Zkh4f.e6Y.Y8psHL4jjy7PtDgddMrkn4lCpIfs6QwvmOpQBrnXlsU6 UklpivA__aQTMgj8930s0ToQ020mFX8tuiQbfLeHNdrwSCjI0KHdcI9AyVL.65RGSdfuQI46BVdC a8y4n9ZNwV3C9enT3sCs6xw_J9yuQEFIi5jFtVo9j9RWh9EXiMFYzxznnPHzcemfIRXPoxjXkZLs hVVxg1SQ1o.V8bkgmpQLO0eHfoQ7l_2ZEfBGm1IOzutagWGgNnI.eItDEYh2q5VX_lSmqL6pWl2o QDJAaNMNrUQnYgh.Nc7zt55CxZu__Ue8B.j1JAGpSNn0KwUpLIvOZxv1kHjNmb_04z9Wbl7WbHPI Yo_Ea0CehWpce4Ak5N7IbqaeHTMQhmVs_uUpa4enP26qu.KcMeJKQIhR5ZKOx61F3hld.mmiY7C2 _.gUxE.qSEg5SGkqeRxQ2y6reERF8ula6ERkdXo6gZdG2pJUeJBkaEQjCKNvZRiWAUTZrtPwrheC YFry7IWmvrfDecX6hecwr.U36H2q9OEwvyBExjAiRAhMKoUQLe2_aOU3bO_TAZDAW1J.Fz9Qq4Pr YibLxrUejz8wEuw4ee7ynssH9NbzWOtaIJMPlwbF2THTGOzoFUVN.hZbenL62fa7WV4Zs3bDGppi quTINV_owS_h5_teZxwsmcPn4akrIdP5FzXGbHbaUVSn8PccFYUZC6QmhWpTf7wcKA_GPFfp_ER0 KHhE8PntJ1enE0ITopsxEDzp5Xmhk9zFQPUcbEUJPex.uMz8oeo.shnEqxkjQn97z7LkKr.QXJQE t9ZatejHJUQNEWuc7l.hm1MjvLHfAHT7SMncRyJpNgeSbOvsah4xaOufaoqTAK_trG5VIr.Gpz1w aGnPYYHr31MqyA4kmxIyyHGoEptOhWsVIN1j8JlWxJ7Po.tvPbsCMozEQSQosFbPoE3tjIgSEfCj fJuQacLmAccsb Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:03 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 7bfda36ec44e7fd17a13267c14302369; Fri, 19 Apr 2019 00:46:59 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 16/90] LSM: Use lsm_export in security_socket_getpeersec_dgram Date: Thu, 18 Apr 2019 17:45:03 -0700 Message-Id: <20190419004617.64627-17-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_socket_getpeersec_dgram to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. In particular, the le entry in scm_cookie includes the secid data. The secid will go away. Signed-off-by: Casey Schaufler --- include/linux/security.h | 7 +++++-- include/net/scm.h | 4 +++- net/ipv4/ip_sockglue.c | 4 +++- security/security.c | 13 ++++--------- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 7369cdc3a681..e3f5c61b9b2c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1270,7 +1270,8 @@ int security_socket_shutdown(struct socket *sock, int how); int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb); int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, int __user *optlen, unsigned len); -int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid); +int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, + struct lsm_export *l); int security_sk_alloc(struct sock *sk, int family, gfp_t priority); void security_sk_free(struct sock *sk); void security_sk_clone(const struct sock *sk, struct sock *newsk); @@ -1408,7 +1409,9 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __ return -ENOPROTOOPT; } -static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) +static inline int security_socket_getpeersec_dgram(struct socket *sock, + struct sk_buff *skb, + struct lsm_export *l) { return -ENOPROTOOPT; } diff --git a/include/net/scm.h b/include/net/scm.h index 1ce365f4c256..13b8a369fd89 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -34,6 +34,7 @@ struct scm_cookie { struct scm_creds creds; /* Skb credentials */ #ifdef CONFIG_SECURITY_NETWORK u32 secid; /* Passed security ID */ + struct lsm_export le; /* Passed LSM data */ #endif }; @@ -46,7 +47,8 @@ struct scm_fp_list *scm_fp_dup(struct scm_fp_list *fpl); #ifdef CONFIG_SECURITY_NETWORK static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm) { - security_socket_getpeersec_dgram(sock, NULL, &scm->secid); + security_socket_getpeersec_dgram(sock, NULL, &scm->le); + lsm_export_secid(&scm->le, &scm->secid); } #else static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm) diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index 82f341e84fae..b8ef7677a7e5 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -130,14 +130,16 @@ static void ip_cmsg_recv_checksum(struct msghdr *msg, struct sk_buff *skb, static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) { + struct lsm_export le; char *secdata; u32 seclen, secid; int err; - err = security_socket_getpeersec_dgram(NULL, skb, &secid); + err = security_socket_getpeersec_dgram(NULL, skb, &le); if (err) return; + lsm_export_secid(&le, &secid); err = security_secid_to_secctx(secid, &secdata, &seclen); if (err) return; diff --git a/security/security.c b/security/security.c index edaaaef54239..d8300a6400c3 100644 --- a/security/security.c +++ b/security/security.c @@ -2110,16 +2110,11 @@ int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, } int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, - u32 *secid) + struct lsm_export *l) { - int rc; - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - - rc = call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, skb, - &data); - - lsm_export_secid(&data, secid); - return rc; + lsm_export_init(l); + return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, skb, + l); } EXPORT_SYMBOL(security_socket_getpeersec_dgram); From patchwork Fri Apr 19 00:45:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908331 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 68748922 for ; Fri, 19 Apr 2019 00:47:06 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5501C28B9C for ; Fri, 19 Apr 2019 00:47:06 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 497D028BA0; Fri, 19 Apr 2019 00:47:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B950128B9C for ; Fri, 19 Apr 2019 00:47:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726632AbfDSArF (ORCPT ); Thu, 18 Apr 2019 20:47:05 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:43432 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726803AbfDSArE (ORCPT ); Thu, 18 Apr 2019 20:47:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634823; bh=nhyQ5HEMViXMwzj11P6PbXR0lPC7xmZwGngBq91che4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=p2wnSP422arMtKWJacNqhj701XifV5bmhJJEPkcWCCxU9PxtcVTwgUtwYLQYEHhtX2f+cHWz6a9BhmGBqR/mlbIuCJoCOkMjSZyZ9f1Puq/V2iJs6XJoX91RlZ1WLJ8TYvsWnIfSJ28ujm/sB5bhlEe8L1b4nXVSIJLOPIkuf7hGsuwkllTdJ78XVCAFl+XcKKAl+zpevwHM0sOnipUJBPVsO5kD64K/GHvJHECpgMb/+VoOFWsP75P+5LMtnzcO26u1DgxqLpsVMJ5f6YyWqFg6HgQ29HsdSv9XpFLT2ENUc+sPR2foy1dmEGSaZ2t1Yfp14Gef4HbmTz9GvSW8zw== X-YMail-OSG: dxtd2iQVM1mj8GqA_jdudZCkDg45uVt5siFt.GDhkljxYz6cWpMDsrOz92sIDuJ fbLqmjhyYfzPdpB3rHMJPQZzeQEe77b.nBqsFJc9GVIXC1HqloMGVHuaWsGcYoXC4q1yRRB8xcN1 oChZRmKl5QCe591J.Qox27kg1dLG5YrTYBtwwrG2Hmhs.gr8HCn0eJeTdiRSfAJ7HbUqjGdN1qi3 JwqjVJ4bSegurypPrCNrw8DK33nR.InNYw6DqF29c7cL0E_KKlBWWnKc.KYYjxIbmEWP1CCXNPIz 5433jxBXocClrnKSTOLwapTMBP.QWri0fJvUgVdoicSEI5teJPl4SxhxEY8LcuM_7LnB.utbULux Wh8XgutpVpY7JejKXlfApwOlU_HHwcS_wWNBhyN0hge60tzvFJ0AXFhO_ivRH8xtDTbhDPtjTa80 FPVtKtqOH0xsehsiCF8GPWEYKu67uyysNY6HH9RmnDrT0VDdVR1w8riUPhFpAUZWPNyAq.YVSe5v REXEeQIWKm5SH4yPQPCbwsX5U0yu5PnLOy0kpDqpTpfHN3iHCEASQu1DtOAY3R7B4e2CZfcVL45z EsejtGkTo6a7sIDZKc3OUhCpaKwB6rXQ9Z5Q747x1FQDxMXMHmDFdgCsRfGb3fM7b.e5VLjJ.1En a41fOgPgZ4PGPJR.o7MqNUUjIpSHYjTw5382ijoNxGoYWF7mfh0crU_1k1rYMQSi5euRTJCj9ocq o6t_d0A8LTkv1WoH_Mtievdmyg.EhUhdEzSimN28lpWtLAr90vengIEIil0lsDIQoKFN1xcg4Jed uzenu86o44Oh.XYj2CbtJn8HiadsqAtddsJdsRc5kV2nzO7GKQU3sC2CLoryq_P96.dU2SATBXR2 .wKrGZNGfQURoMXXthwxafLZL9yTCCQOD7GxrRjUXP5VRyG0eS8pl2RmWPfyGzvHDk.PRHHKb6nR BEQ4P.CtJUotpUW6ANlgWXvZ1KCVhudFjXHjbct9d2GbDhUX7Z6WKo7tqdqiR38tE4HibJXKM22d sjgTzRodnfFmiX5sila1aZ8J31Xh1jERxcCnyvlcAdjcrF5a_euzNP9Md3fe3Ukt.c7QPoHQmcDB bUlRWgYm3M1w_kNEd.ekq2LtDsywHWUAfFbbWpquoCqK5LDF1zD4w_NEdkl1fdIDsxZqjrQHuhz2 LIy.Fdr_LFk43CnurObrseTWoU1c- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:03 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 7bfda36ec44e7fd17a13267c14302369; Fri, 19 Apr 2019 00:47:00 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 17/90] LSM: Use lsm_export in security_secctx_to_secid Date: Thu, 18 Apr 2019 17:45:04 -0700 Message-Id: <20190419004617.64627-18-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_secctx_to_secid to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/security.h | 5 +++-- kernel/cred.c | 4 +--- net/netfilter/nft_meta.c | 4 +++- net/netfilter/xt_SECMARK.c | 5 +++-- net/netlabel/netlabel_unlabeled.c | 8 ++++++-- security/security.c | 11 ++++------- 6 files changed, 20 insertions(+), 17 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index e3f5c61b9b2c..991d2d2e290e 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -437,7 +437,8 @@ int security_setprocattr(const char *lsm, const char *name, void *value, int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); -int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); +int security_secctx_to_secid(const char *secdata, u32 seclen, + struct lsm_export *l); void security_release_secctx(char *secdata, u32 seclen); void security_inode_invalidate_secctx(struct inode *inode); @@ -1220,7 +1221,7 @@ static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *secle static inline int security_secctx_to_secid(const char *secdata, u32 seclen, - u32 *secid) + struct lsm_export *l) { return -EOPNOTSUPP; } diff --git a/kernel/cred.c b/kernel/cred.c index 40a3fde22667..7792538b1ca6 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -725,14 +725,12 @@ EXPORT_SYMBOL(set_security_override); int set_security_override_from_ctx(struct cred *new, const char *secctx) { struct lsm_export le; - u32 secid; int ret; - ret = security_secctx_to_secid(secctx, strlen(secctx), &secid); + ret = security_secctx_to_secid(secctx, strlen(secctx), &le); if (ret < 0) return ret; - lsm_export_to_all(&le, secid); return set_security_override(new, &le); } EXPORT_SYMBOL(set_security_override_from_ctx); diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index 987d2d6ce624..598bea8e4799 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -576,13 +576,15 @@ static const struct nla_policy nft_secmark_policy[NFTA_SECMARK_MAX + 1] = { static int nft_secmark_compute_secid(struct nft_secmark *priv) { + struct lsm_export le; u32 tmp_secid = 0; int err; - err = security_secctx_to_secid(priv->ctx, strlen(priv->ctx), &tmp_secid); + err = security_secctx_to_secid(priv->ctx, strlen(priv->ctx), &le); if (err) return err; + lsm_export_secid(&le, &tmp_secid); if (!tmp_secid) return -ENOENT; diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index f16202d26c20..2def8d8898e6 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c @@ -49,13 +49,13 @@ secmark_tg(struct sk_buff *skb, const struct xt_action_param *par) static int checkentry_lsm(struct xt_secmark_target_info *info) { + struct lsm_export le; int err; info->secctx[SECMARK_SECCTX_MAX - 1] = '\0'; info->secid = 0; - err = security_secctx_to_secid(info->secctx, strlen(info->secctx), - &info->secid); + err = security_secctx_to_secid(info->secctx, strlen(info->secctx), &le); if (err) { if (err == -EINVAL) pr_info_ratelimited("invalid security context \'%s\'\n", @@ -63,6 +63,7 @@ static int checkentry_lsm(struct xt_secmark_target_info *info) return err; } + lsm_export_secid(&le, &info->secid); if (!info->secid) { pr_info_ratelimited("unable to map security context \'%s\'\n", info->secctx); diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index c92894c3e40a..fc38934ccb35 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -896,6 +896,7 @@ static int netlbl_unlabel_staticadd(struct sk_buff *skb, void *mask; u32 addr_len; u32 secid; + struct lsm_export le; struct netlbl_audit audit_info; /* Don't allow users to add both IPv4 and IPv6 addresses for a @@ -919,10 +920,11 @@ static int netlbl_unlabel_staticadd(struct sk_buff *skb, ret_val = security_secctx_to_secid( nla_data(info->attrs[NLBL_UNLABEL_A_SECCTX]), nla_len(info->attrs[NLBL_UNLABEL_A_SECCTX]), - &secid); + &le); if (ret_val != 0) return ret_val; + lsm_export_secid(&le, &secid); return netlbl_unlhsh_add(&init_net, dev_name, addr, mask, addr_len, secid, &audit_info); @@ -947,6 +949,7 @@ static int netlbl_unlabel_staticadddef(struct sk_buff *skb, void *mask; u32 addr_len; u32 secid; + struct lsm_export le; struct netlbl_audit audit_info; /* Don't allow users to add both IPv4 and IPv6 addresses for a @@ -968,10 +971,11 @@ static int netlbl_unlabel_staticadddef(struct sk_buff *skb, ret_val = security_secctx_to_secid( nla_data(info->attrs[NLBL_UNLABEL_A_SECCTX]), nla_len(info->attrs[NLBL_UNLABEL_A_SECCTX]), - &secid); + &le); if (ret_val != 0) return ret_val; + lsm_export_secid(&le, &secid); return netlbl_unlhsh_add(&init_net, NULL, addr, mask, addr_len, secid, &audit_info); diff --git a/security/security.c b/security/security.c index d8300a6400c3..868e9ae6b48c 100644 --- a/security/security.c +++ b/security/security.c @@ -1967,14 +1967,11 @@ int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) } EXPORT_SYMBOL(security_secid_to_secctx); -int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) +int security_secctx_to_secid(const char *secdata, u32 seclen, + struct lsm_export *l) { - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - int rc; - - rc = call_int_hook(secctx_to_secid, 0, secdata, seclen, &data); - lsm_export_secid(&data, secid); - return rc; + lsm_export_init(l); + return call_int_hook(secctx_to_secid, 0, secdata, seclen, l); } EXPORT_SYMBOL(security_secctx_to_secid); From patchwork Fri Apr 19 00:45:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908337 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 035CF17E0 for ; Fri, 19 Apr 2019 00:47:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E478628B9C for ; Fri, 19 Apr 2019 00:47:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D8C3628CA9; Fri, 19 Apr 2019 00:47:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F351528B9C for ; Fri, 19 Apr 2019 00:47:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726355AbfDSArG (ORCPT ); Thu, 18 Apr 2019 20:47:06 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:37149 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726794AbfDSArG (ORCPT ); Thu, 18 Apr 2019 20:47:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634823; bh=7li7tkNnxiLkHtu/0oyIewmS2h9OYS5xrTRq2nlRU0I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=bldOnOvVTMTSdJkaF+U6/LGf1j9oc7e3bVnMCIY9XwepyHtY/58HlGMTyplMCYEk3BTOfhjZl5esMR8bEP77FpP3sXoaEzA6DHKt3NExgBxTXj8VBQ3PnBm1rD+kuG4vO72GZquPzl0sph9Zh5ibOk1YLueha+ZCcXF9LnQnvHb+zBOdgKCDxN+/9kPMQQFK6fOAsDqohICBD/6rFaDNPqei9TvoAY1lnT/VulHMDaFY70vPzloca/qGlj3cn6DH28nnI/S+WV4iKsOaDTbBZsxtnZZiG0zC/FKFi92P2dgykIHGaB3iNzrpW+RrSpVdhBiTojrykRUZrGw5uBGaNA== X-YMail-OSG: chgBUTEVM1lrt_gZLPy4qbVKDVOakQBVZNsHYy6nbIceLVyJauhdU26zIsdmt7a cZg6Z0bOY28H7Wfw5VzwzsqzikzaT0PSadB8ViPIlkzF3cVynANKcF3D.RAiumVClW7a91lEo8uO jMmhyuaqswAxcqeZ8d374M2RraV.MKPOJ.HA44h_avGL0RVAZepx46VtQ8DOvFgQ7W7KcUIs57g8 4eZE1n4JE9xwYS.F_GY11CyNjcm5Eu.3GVLean1Cb9Jo7b6FOlC8wxzcTaqVl6wVmOT5kwQb2ezn zOVvOUx2J4Xq6G_Dvi0PSM_TypwojvagLNIkLkTqIubzDUCZy4dmChYRnu1RFUup0F4gGtpkwA5. Bz8LYCRY6rfPEuwcBps8t7yI747pugLB5BmfvWvZ1DyezkgzftWbcPmgSOJ_el4ECpueEGA4jGTp gjTMc2Pjjw7ZRB7Hd8QLd6X.QLiZ1f5KjfSqTSXUufYiatSli5kcURoUiec5oNz2IN8jDErnA6J0 H4KSJnr86I49ZJVCxxCOq8OX7D0Lf0P5pbkqVztYoXLrAqWF34JLW_dz5YRpKcwlbaHoS5oGUqaB wU3E8EHF7CMue3HYaOxN.EiSqEcdrplIuINB9ex2eDPWq0HxlDYLX.g_K_0V2Xb36UGqnF8zhEWi AjMtt90b6UAMnRKJMw.IXrYmv8edas2yrxOf2VXaeay6Sp7vf7raLCPeYTlviXzkPCGY2sk35.Ru K23Z2YgyfWAFaNGru7U6hoz5EvXMXItdxPj0JfbDgpamBt1obkbU92LjKuge8AqLW1s4MtKcOGdH j.bPt0xGBz6.HCgaquml8Mycjy41gDxwu64qfKFxj7IGAajMAAIpWvbCcobgQRZo9U4vIwLF8fqt 8c.x_RsTVvsREy65PX5p9qUmGT_2Ffo31DCkdlOyCRnjs1uGTcmZ6DzDwfIFJQ2Vcy4HKnUulpgm nLamwgR7TpPhBfNQLyHDCGZwTiGNBEmVB9K_76XueZ0qAi6c_cGYU8OWYVdVovd.ghkYVr60b0fM iS.rVRkuDfhDQ_Ua455y_uJ9OKGerlUlgPRahV25SAg1OvJXrMEu7SA57AgWkV6xAL2nQSB0cp77 mMEHa.elbvTfNxaEFPhp3cNMl_OY2OlEoZSsJT5wuiZ2he1L1dsxGnDEbz3Ts Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:03 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 7bfda36ec44e7fd17a13267c14302369; Fri, 19 Apr 2019 00:47:01 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 18/90] LSM: Use lsm_export in security_secid_to_secctx Date: Thu, 18 Apr 2019 17:45:05 -0700 Message-Id: <20190419004617.64627-19-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_secid_to_secctx to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- drivers/android/binder.c | 4 +++- include/linux/security.h | 9 +++++++-- include/net/scm.h | 4 +--- kernel/audit.c | 9 +++++++-- kernel/auditsc.c | 13 +++++++++---- net/ipv4/ip_sockglue.c | 5 ++--- net/netfilter/nf_conntrack_netlink.c | 8 ++++++-- net/netfilter/nf_conntrack_standalone.c | 4 +++- net/netfilter/nfnetlink_queue.c | 8 ++++++-- net/netlabel/netlabel_unlabeled.c | 18 ++++++++++++++---- net/netlabel/netlabel_user.c | 6 +++--- net/unix/af_unix.c | 9 ++++++--- security/security.c | 8 ++------ 13 files changed, 69 insertions(+), 36 deletions(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index 8685882da64c..9119333f794b 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -3120,9 +3120,11 @@ static void binder_transaction(struct binder_proc *proc, if (target_node && target_node->txn_security_ctx) { u32 secid; + struct lsm_export le; security_task_getsecid(proc->tsk, &secid); - ret = security_secid_to_secctx(secid, &secctx, &secctx_sz); + lsm_export_to_all(&le, secid); + ret = security_secid_to_secctx(&le, &secctx, &secctx_sz); if (ret) { return_error = BR_FAILED_REPLY; return_error_param = ret; diff --git a/include/linux/security.h b/include/linux/security.h index 991d2d2e290e..5cea6260bbd9 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -115,6 +115,10 @@ static inline void lsm_export_secid(struct lsm_export *data, u32 *secid) case LSM_EXPORT_APPARMOR: *secid = data->apparmor; break; + case LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | LSM_EXPORT_APPARMOR: + /* For scaffolding only */ + *secid = data->selinux; + break; default: pr_warn("%s flags=0x%u - not a valid set\n", __func__, data->flags); @@ -436,7 +440,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); -int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); +int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); int security_secctx_to_secid(const char *secdata, u32 seclen, struct lsm_export *l); void security_release_secctx(char *secdata, u32 seclen); @@ -1214,7 +1218,8 @@ static inline int security_ismaclabel(const char *name) return 0; } -static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static inline int security_secid_to_secctx(struct lsm_export *l, + char **secdata, u32 *seclen) { return -EOPNOTSUPP; } diff --git a/include/net/scm.h b/include/net/scm.h index 13b8a369fd89..b5d1c24318e3 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -33,7 +33,6 @@ struct scm_cookie { struct scm_fp_list *fp; /* Passed files */ struct scm_creds creds; /* Skb credentials */ #ifdef CONFIG_SECURITY_NETWORK - u32 secid; /* Passed security ID */ struct lsm_export le; /* Passed LSM data */ #endif }; @@ -48,7 +47,6 @@ struct scm_fp_list *scm_fp_dup(struct scm_fp_list *fpl); static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm) { security_socket_getpeersec_dgram(sock, NULL, &scm->le); - lsm_export_secid(&scm->le, &scm->secid); } #else static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm) @@ -99,7 +97,7 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc int err; if (test_bit(SOCK_PASSSEC, &sock->flags)) { - err = security_secid_to_secctx(scm->secid, &secdata, &seclen); + err = security_secid_to_secctx(&scm->le, &secdata, &seclen); if (!err) { put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata); diff --git a/kernel/audit.c b/kernel/audit.c index c89ea48c70a6..b5d96a0320fb 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1430,7 +1430,10 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) case AUDIT_SIGNAL_INFO: len = 0; if (audit_sig_sid) { - err = security_secid_to_secctx(audit_sig_sid, &ctx, &len); + struct lsm_export le; + + lsm_export_to_all(&le, audit_sig_sid); + err = security_secid_to_secctx(&le, &ctx, &len); if (err) return err; } @@ -2073,12 +2076,14 @@ int audit_log_task_context(struct audit_buffer *ab) unsigned len; int error; u32 sid; + struct lsm_export le; security_task_getsecid(current, &sid); if (!sid) return 0; - error = security_secid_to_secctx(sid, &ctx, &len); + lsm_export_to_all(&le, sid); + error = security_secid_to_secctx(&le, &ctx, &len); if (error) { if (error != -EINVAL) goto error_path; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 822ba35e4e64..83aba0336eac 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -946,6 +946,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, char *ctx = NULL; u32 len; int rc = 0; + struct lsm_export le; ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID); if (!ab) @@ -955,7 +956,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); if (sid) { - if (security_secid_to_secctx(sid, &ctx, &len)) { + lsm_export_to_all(&le, sid); + if (security_secid_to_secctx(&le, &ctx, &len)) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1197,7 +1199,9 @@ static void show_special(struct audit_context *context, int *call_panic) if (osid) { char *ctx = NULL; u32 len; - if (security_secid_to_secctx(osid, &ctx, &len)) { + struct lsm_export le; + lsm_export_to_all(&le, osid); + if (security_secid_to_secctx(&le, &ctx, &len)) { audit_log_format(ab, " osid=%u", osid); *call_panic = 1; } else { @@ -1348,9 +1352,10 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, if (n->osid != 0) { char *ctx = NULL; u32 len; + struct lsm_export le; - if (security_secid_to_secctx( - n->osid, &ctx, &len)) { + lsm_export_to_all(&le, n->osid); + if (security_secid_to_secctx(&le, &ctx, &len)) { audit_log_format(ab, " osid=%u", n->osid); if (call_panic) *call_panic = 2; diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index b8ef7677a7e5..a4f37ba6dbe2 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -132,15 +132,14 @@ static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) { struct lsm_export le; char *secdata; - u32 seclen, secid; + u32 seclen; int err; err = security_socket_getpeersec_dgram(NULL, skb, &le); if (err) return; - lsm_export_secid(&le, &secid); - err = security_secid_to_secctx(secid, &secdata, &seclen); + err = security_secid_to_secctx(&le, &secdata, &seclen); if (err) return; diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 66c596d287a5..b069277450c5 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -330,8 +330,10 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) struct nlattr *nest_secctx; int len, ret; char *secctx; + struct lsm_export le; - ret = security_secid_to_secctx(ct->secmark, &secctx, &len); + lsm_export_to_all(&le, ct->secmark); + ret = security_secid_to_secctx(&le, &secctx, &len); if (ret) return 0; @@ -615,8 +617,10 @@ static inline int ctnetlink_secctx_size(const struct nf_conn *ct) { #ifdef CONFIG_NF_CONNTRACK_SECMARK int len, ret; + struct lsm_export le; - ret = security_secid_to_secctx(ct->secmark, NULL, &len); + lsm_export_to_all(&le, ct->secmark); + ret = security_secid_to_secctx(&le, NULL, &len); if (ret) return 0; diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index c2ae14c720b4..12318026d8d4 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -175,8 +175,10 @@ static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) int ret; u32 len; char *secctx; + struct lsm_export le; - ret = security_secid_to_secctx(ct->secmark, &secctx, &len); + lsm_export_to_all(&le, ct->secmark); + ret = security_secid_to_secctx(&le, &secctx, &len); if (ret) return; diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 0dcc3592d053..4c74c383e26b 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -309,13 +309,17 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) { u32 seclen = 0; #if IS_ENABLED(CONFIG_NETWORK_SECMARK) + struct lsm_export le; + if (!skb || !sk_fullsock(skb->sk)) return 0; read_lock_bh(&skb->sk->sk_callback_lock); - if (skb->secmark) - security_secid_to_secctx(skb->secmark, secdata, &seclen); + if (skb->secmark) { + lsm_export_to_all(&le, skb->secmark); + security_secid_to_secctx(&le, secdata, &seclen); + } read_unlock_bh(&skb->sk->sk_callback_lock); #endif diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index fc38934ccb35..00922f55dd9e 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -389,6 +389,7 @@ int netlbl_unlhsh_add(struct net *net, struct audit_buffer *audit_buf = NULL; char *secctx = NULL; u32 secctx_len; + struct lsm_export le; if (addr_len != sizeof(struct in_addr) && addr_len != sizeof(struct in6_addr)) @@ -451,7 +452,8 @@ int netlbl_unlhsh_add(struct net *net, unlhsh_add_return: rcu_read_unlock(); if (audit_buf != NULL) { - if (security_secid_to_secctx(secid, + lsm_export_to_all(&le, secid); + if (security_secid_to_secctx(&le, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " sec_obj=%s", secctx); @@ -488,6 +490,7 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, struct net_device *dev; char *secctx; u32 secctx_len; + struct lsm_export le; spin_lock(&netlbl_unlhsh_lock); list_entry = netlbl_af4list_remove(addr->s_addr, mask->s_addr, @@ -507,8 +510,10 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, addr->s_addr, mask->s_addr); if (dev != NULL) dev_put(dev); + if (entry != NULL) + lsm_export_to_all(&le, entry->secid); if (entry != NULL && - security_secid_to_secctx(entry->secid, + security_secid_to_secctx(&le, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " sec_obj=%s", secctx); security_release_secctx(secctx, secctx_len); @@ -550,6 +555,7 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, struct net_device *dev; char *secctx; u32 secctx_len; + struct lsm_export le; spin_lock(&netlbl_unlhsh_lock); list_entry = netlbl_af6list_remove(addr, mask, &iface->addr6_list); @@ -568,8 +574,10 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, addr, mask); if (dev != NULL) dev_put(dev); + if (entry != NULL) + lsm_export_to_all(&le, entry->secid); if (entry != NULL && - security_secid_to_secctx(entry->secid, + security_secid_to_secctx(&le, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " sec_obj=%s", secctx); security_release_secctx(secctx, secctx_len); @@ -1092,6 +1100,7 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, u32 secid; char *secctx; u32 secctx_len; + struct lsm_export le; data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid, cb_arg->seq, &netlbl_unlabel_gnl_family, @@ -1146,7 +1155,8 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, secid = addr6->secid; } - ret_val = security_secid_to_secctx(secid, &secctx, &secctx_len); + lsm_export_to_all(&le, secid); + ret_val = security_secid_to_secctx(&le, &secctx, &secctx_len); if (ret_val != 0) goto list_cb_failure; ret_val = nla_put(cb_arg->skb, diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 4676f5bb16ae..1079cdea872c 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -100,6 +100,7 @@ struct audit_buffer *netlbl_audit_start_common(int type, struct audit_buffer *audit_buf; char *secctx; u32 secctx_len; + struct lsm_export le; if (audit_enabled == AUDIT_OFF) return NULL; @@ -112,10 +113,9 @@ struct audit_buffer *netlbl_audit_start_common(int type, from_kuid(&init_user_ns, audit_info->loginuid), audit_info->sessionid); + lsm_export_to_all(&le, audit_info->secid); if (audit_info->secid != 0 && - security_secid_to_secctx(audit_info->secid, - &secctx, - &secctx_len) == 0) { + security_secid_to_secctx(&le, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " subj=%s", secctx); security_release_secctx(secctx, secctx_len); } diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index ddb838a1b74c..4d4107927ba2 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -143,17 +143,20 @@ static struct hlist_head *unix_sockets_unbound(void *addr) #ifdef CONFIG_SECURITY_NETWORK static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb) { - UNIXCB(skb).secid = scm->secid; + lsm_export_secid(&scm->le, &(UNIXCB(skb).secid)); } static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb) { - scm->secid = UNIXCB(skb).secid; + lsm_export_to_all(&scm->le, UNIXCB(skb).secid); } static inline bool unix_secdata_eq(struct scm_cookie *scm, struct sk_buff *skb) { - return (scm->secid == UNIXCB(skb).secid); + u32 best_secid; + + lsm_export_secid(&scm->le, &best_secid); + return (best_secid == UNIXCB(skb).secid); } #else static inline void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb) diff --git a/security/security.c b/security/security.c index 868e9ae6b48c..b6a096be95ac 100644 --- a/security/security.c +++ b/security/security.c @@ -1957,13 +1957,9 @@ int security_ismaclabel(const char *name) } EXPORT_SYMBOL(security_ismaclabel); -int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) { - struct lsm_export data; - - lsm_export_to_all(&data, secid); - return call_int_hook(secid_to_secctx, -EOPNOTSUPP, &data, secdata, - seclen); + return call_int_hook(secid_to_secctx, -EOPNOTSUPP, l, secdata, seclen); } EXPORT_SYMBOL(security_secid_to_secctx); From patchwork Fri Apr 19 00:45:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908339 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3012F922 for ; Fri, 19 Apr 2019 00:47:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2132B28B9C for ; Fri, 19 Apr 2019 00:47:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 154DB28B9F; Fri, 19 Apr 2019 00:47:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3A0A028B9D for ; Fri, 19 Apr 2019 00:47:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726481AbfDSArG (ORCPT ); Thu, 18 Apr 2019 20:47:06 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:40169 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726810AbfDSArG (ORCPT ); Thu, 18 Apr 2019 20:47:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634824; bh=affcoRY2PaaUmEgcqS6C9HybTLSyjRteSCEEdycSbI0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=jECWNrwrIgowuHkP0xyUd4fI2QGQq6+5RuTSnA1yfDG4XpMzuzjJxNSXy0Ao2I7mAksZPdemIv7JirjsINccroxmXZ0FwnVj19cG8+lHEKDtXcIT057P5vn/ENEMGXTlqWCCTHbYDzsl/J/fzEkj+iG1Ghz/LSG/czOnE2+DqmRid2cHwxzNLvAQjBnwvKgnf4D5xFuLHgZX0CEKZRdJhjAqnTyx2eA+npADthutVaXwr99+QaWzYFAOasMSM8G8IG6KLx9wGVtRxITq+NF+rJ0lSZo7ENJv9nBIozPBUeebd4EkkZX8QdwRdK7K7BiK1uJDTXzdwKPkWi0HFtfSlQ== X-YMail-OSG: sfX6tlsVM1k9h1ebifzdIQC3Fo3dWTlRzxUZYpZ8C1hqliIK7aK7WBr6E5nmNr. HEVKUtaGm0N8AHFgpTCFTK.sOMY_rnZbLZU9Dd_YztgsB6RLp8BUb_tzMljVzHZ5U6KlLTBneAUU LVsvUXsR_tYkAfOM8Ucepif2G10u5wVGwH4u_LQ2g_6sLGhH6zvh9VDLN_sLGONSl8OVee01sd1P pTc_iw6UVbef4OvsZWmIrC3BNXT2ysT_NB5v3Uhd49TLHsD7G1EPTyk4iH86O.6UjrLT14_xWz9. I4pvET8qnuJmsvpKRAB2jeQR1d0D8_gYtAIL5kZ7YKohv2dfdjB0AcF74jAgzFBgOrZU9VucUo9Z HssqRJ2SnUg8Rc.dOEXRjG2465x4ibT3yQal6PJ16Au4X7BkgLVqpI8QRC56p4T5TddM2.7wunkH B41Z7wkGAvpe.W2CEaUrb4X9JAJ9JqeP8ERu8jHgL0lDEriKZ74Sxr6X3187KwtIIu.oKWSbZmK1 cZqwNZaqRFYXFK8QdD6CC47g76217YmG0qs3XR5e55PpwlzhBx6REWcn86Lc7YsJxCQ3w823xBM_ Mv.px7FASxCj5UORhdXZznjdCUYQ1Xnv8she6WCziM0O4EBy8_6DBBeq7InwUd43xgjv9cwAOiAz GS1C9w4A8qcgqPKuTV50Q4GcosCWMWld7YPjqJ.X5rFvKcAV4R6RqcvYhLy47yl7qQb2hd7MG24k fl.8HgPERS_ClSxLObvJX2HlD0dHpynqi4yFfiBu8E0_In1dM6vx18HhX_ydUsyw_Tu.byXpxPNK 7_490e6Y.I0hG3oqW8PcE27nH4iE7bju9GGzrix3WjHkVdVjpxjdGpWwJcynFko.0Y1eJqF3ED_U 9bLha1uqeo.JDVsr2V1QftjvzlvqrZgEjyWDVOZaDxXXdFpZDBZZXeuXQh5dFOqWETFxh9mANPeB 4.RDDHxUXTGUHUjZ4C_pvuzsSzBnZ3rwt66aGoNVq7qJgn6jNp7jAjsMfidRwui2W0RWTieGIEBr lF8fRt.dhlfVvXe08gUBb5Sib8fqOIrwLBLb2NnIygV_pAXwGzKjJ2GnpEov_Hgf_SvPBvjbwU37 KCyNpmuHzAkMonWk_wkxrS92A50PGWjslvpq5jffVn9JG5HMRbz76RrqD2rqQhMT3dBOCAyJontO bi1N9Y0Nug4hE Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:04 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 7bfda36ec44e7fd17a13267c14302369; Fri, 19 Apr 2019 00:47:02 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 19/90] LSM: Use lsm_export in security_ipc_getsecid Date: Thu, 18 Apr 2019 17:45:06 -0700 Message-Id: <20190419004617.64627-20-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_ipc_getsecid to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/security.h | 7 ++++--- kernel/auditsc.c | 4 +++- security/security.c | 8 +++----- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 5cea6260bbd9..6ac48c7c4a41 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -411,7 +411,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5); void security_task_to_inode(struct task_struct *p, struct inode *inode); int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); -void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); +void security_ipc_getsecid(struct kern_ipc_perm *ipcp, struct lsm_export *l); int security_msg_msg_alloc(struct msg_msg *msg); void security_msg_msg_free(struct msg_msg *msg); int security_msg_queue_alloc(struct kern_ipc_perm *msq); @@ -1096,9 +1096,10 @@ static inline int security_ipc_permission(struct kern_ipc_perm *ipcp, return 0; } -static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, + struct lsm_export *l) { - *secid = 0; + lsm_export_init(l); } static inline int security_msg_msg_alloc(struct msg_msg *msg) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 83aba0336eac..eabbf78fee96 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2266,11 +2266,13 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) void __audit_ipc_obj(struct kern_ipc_perm *ipcp) { struct audit_context *context = audit_context(); + struct lsm_export le; context->ipc.uid = ipcp->uid; context->ipc.gid = ipcp->gid; context->ipc.mode = ipcp->mode; context->ipc.has_perm = 0; - security_ipc_getsecid(ipcp, &context->ipc.osid); + security_ipc_getsecid(ipcp, &le); + lsm_export_secid(&le, &context->ipc.osid); context->type = AUDIT_IPC; } diff --git a/security/security.c b/security/security.c index b6a096be95ac..6ba1187c9655 100644 --- a/security/security.c +++ b/security/security.c @@ -1775,12 +1775,10 @@ int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag) return call_int_hook(ipc_permission, 0, ipcp, flag); } -void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +void security_ipc_getsecid(struct kern_ipc_perm *ipcp, struct lsm_export *l) { - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - - call_void_hook(ipc_getsecid, ipcp, &data); - lsm_export_secid(&data, secid); + lsm_export_init(l); + call_void_hook(ipc_getsecid, ipcp, l); } int security_msg_msg_alloc(struct msg_msg *msg) From patchwork Fri Apr 19 00:45:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908351 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EA30E17E0 for ; Fri, 19 Apr 2019 00:47:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DAA7B28B1F for ; Fri, 19 Apr 2019 00:47:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CE69C28B9F; Fri, 19 Apr 2019 00:47:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1F74728B9D for ; Fri, 19 Apr 2019 00:47:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726522AbfDSArQ (ORCPT ); Thu, 18 Apr 2019 20:47:16 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:46019 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726814AbfDSArQ (ORCPT ); Thu, 18 Apr 2019 20:47:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634834; bh=rnYFo5ZRZDk+OWS44zRZyocobFLx6h6kqTHu/9Enlaw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=BcsZFJMvPKFK4whKx3log93UciSR3U8NdjwGrHSg6QSs12w8U//+hOYV3TVYkHr8uUrG7Tx3Oe0pdC+NkPSqLTqx0U7zqF4ToKtI+4AZIkl3RSK+guNJI3krGB7LYZVIXFkkNY+Av4H0/iG17Rs42lpiyQCGKkFaIYIzIOnKJHQ8MVycWRe29dX9SBHvshyxLDUw545/YAqIXUKKBsaLwrK1RjqttlOqRBlTn6VFtDCA1j3UjbVUiGJdDaaykdfwNdK5abBB9LEwuw91YcxYViLXH04yFEvWKGHOZCB+jvquM8Ao0lkuKKG7+svXeF2gT9OHRSixJcNcfXpf+QGLGA== X-YMail-OSG: EfQLhpUVM1nilIdng5mSn1x6wZA2jdeyRYC_m.VY8t7dbLqaRekOCYHHs5VeczZ HyIE0RVEWy4P6Wa4MZPU9f.v.KSeLjd8s7LMgP6P2hAk2HTrLEJnoBWgdEMZOR3jMZ0sKJQhzf0o PFzmP9iwxb6QkuHxGQIlfBQF.EqohcqIYGCnhxhtdHv2NpHvO58Qo8KE1UehIDXRIM5eX7.BuH.s AgPd8BQWVywMqC8hIt3e5_sqgo3I_KWtkw.XVroe966hB44FucK2xhGrUURhtY8xAXeK7PpmLiOD EwGdJtYX0qi83koe3oZ5Qon31jK5fE3HO_HjXz.zmjDM57VxrrP4n_VZ4UJTM7v_L6u1MH._.Hc7 uwx62rLJ0NFy_mP_oCqOvN.aCGb3N5QzHmCf.i5Z_.ot6xYjvRaOG5OlfuSdFpn9MfLDuBQDLJID stfZ2n8WQ_8qbUPNHjbzvTLHF3jbogmVj843L8L989EfTWGEfDgP2w_LqYJ_fHbKQ7b235d8zRme 1obwO9YTqqr6_JtQdbLhrOKZmu1._xWtZHzEmAFgY3_hJE1kqkdo44NbkQxf2wMTiCqf2oE86Dtz KYHQ1wCJrJBit0GDtDuugJgWkFOqD30WzahD.pN1pkLj5jScatJ1a6ALvg4jsVHiVOdpofhWxrlG uuHA9YDe5lkT_JmY5x3cg.7zAtc9byCX5TRbZb8ScCCTuNxp98yMcn_bOj0mDgkJdxzLzbK4_az3 CByenUNL6o55.e76WX5xrTDpwsa7L9P9FbXJQJxh4Fnzsz4Vin0t3Lnz67xlHZKPAc3SZyTUc907 FlWGYkRiEZ.Lt8Ah59eyFNmc2.gB.ASHyLJM8Flji1roSpnPbPs.wBKbfhIRQNa3WmknGMpSqBGP G8BfhXvxtFr18fbcxUH3WJIC5Mt7rrhty9guooZB.aFGqe4WzQJscw6QNdpdNDaCObpi2XLiWkPo 4iWrvkO_KOakA0xIckasI69IQV0BhIq5NnrD3nJx5StnWI4YfuUMv5QQBXdKEjaXgdGDABYzTFbn UNvqxe0.XSHQ.ucLjw7PPROz.DeR1E4PuZ3nSraDBlv.P2c_0ZNQ6y0DhpYk6HFzJv8yGUCMr5pw BcYqi9hiIfkm_jFq.WGzXgB83GRPcq.UJ1VnboTM0nLqgEAAkUqb8ye3V4_HP9WISdm2UvD9rBLB 27391ml54_ATe Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:14 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 2b98cff5dd7fb51e7c7719cd11eecc1a; Fri, 19 Apr 2019 00:47:10 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 20/90] LSM: Use lsm_export in security_task_getsecid Date: Thu, 18 Apr 2019 17:45:07 -0700 Message-Id: <20190419004617.64627-21-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_task_getsecid to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- drivers/android/binder.c | 4 +--- include/linux/security.h | 7 ++++--- kernel/audit.c | 4 ++-- kernel/auditfilter.c | 4 +--- kernel/auditsc.c | 18 +++++++++++------- net/netlabel/netlabel_unlabeled.c | 4 +++- net/netlabel/netlabel_user.h | 5 ++++- security/integrity/ima/ima_appraise.c | 4 +++- security/integrity/ima/ima_main.c | 16 ++++++++++++---- security/security.c | 8 +++----- 10 files changed, 44 insertions(+), 30 deletions(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index 9119333f794b..0eeb5b75da5b 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -3119,11 +3119,9 @@ static void binder_transaction(struct binder_proc *proc, t->priority = task_nice(current); if (target_node && target_node->txn_security_ctx) { - u32 secid; struct lsm_export le; - security_task_getsecid(proc->tsk, &secid); - lsm_export_to_all(&le, secid); + security_task_getsecid(proc->tsk, &le); ret = security_secid_to_secctx(&le, &secctx, &secctx_sz); if (ret) { return_error = BR_FAILED_REPLY; diff --git a/include/linux/security.h b/include/linux/security.h index 6ac48c7c4a41..ae4c058abc5e 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -394,7 +394,7 @@ int security_task_fix_setuid(struct cred *new, const struct cred *old, int security_task_setpgid(struct task_struct *p, pid_t pgid); int security_task_getpgid(struct task_struct *p); int security_task_getsid(struct task_struct *p); -void security_task_getsecid(struct task_struct *p, u32 *secid); +void security_task_getsecid(struct task_struct *p, struct lsm_export *l); int security_task_setnice(struct task_struct *p, int nice); int security_task_setioprio(struct task_struct *p, int ioprio); int security_task_getioprio(struct task_struct *p); @@ -1023,9 +1023,10 @@ static inline int security_task_getsid(struct task_struct *p) return 0; } -static inline void security_task_getsecid(struct task_struct *p, u32 *secid) +static inline void security_task_getsecid(struct task_struct *p, + struct lsm_export *l) { - *secid = 0; + lsm_export_init(l); } static inline int security_task_setnice(struct task_struct *p, int nice) diff --git a/kernel/audit.c b/kernel/audit.c index b5d96a0320fb..fa4c5544eb37 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -2078,11 +2078,11 @@ int audit_log_task_context(struct audit_buffer *ab) u32 sid; struct lsm_export le; - security_task_getsecid(current, &sid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &sid); if (!sid) return 0; - lsm_export_to_all(&le, sid); error = security_secid_to_secctx(&le, &ctx, &len); if (error) { if (error != -EINVAL) diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 15771102919d..468dac2bdce5 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1323,7 +1323,6 @@ int audit_filter(int msgtype, unsigned int listtype) for (i = 0; i < e->rule.field_count; i++) { struct audit_field *f = &e->rule.fields[i]; pid_t pid; - u32 sid; struct lsm_export le; switch (f->type) { @@ -1354,8 +1353,7 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_SEN: case AUDIT_SUBJ_CLR: if (f->lsm_rule) { - security_task_getsecid(current, &sid); - lsm_export_to_all(&le, sid); + security_task_getsecid(current, &le); result = security_audit_rule_match(&le, f->type, f->op, f->lsm_rule); } diff --git a/kernel/auditsc.c b/kernel/auditsc.c index eabbf78fee96..b06ffcf9bb9f 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -444,7 +444,6 @@ static int audit_filter_rules(struct task_struct *tsk, { const struct cred *cred; int i, need_sid = 1; - u32 sid; struct lsm_export le; unsigned int sessionid; @@ -628,10 +627,9 @@ static int audit_filter_rules(struct task_struct *tsk, logged upon error */ if (f->lsm_rule) { if (need_sid) { - security_task_getsecid(tsk, &sid); + security_task_getsecid(tsk, &le); need_sid = 0; } - lsm_export_to_all(&le, sid); result = security_audit_rule_match(&le, f->type, f->op, f->lsm_rule); @@ -2362,12 +2360,14 @@ int __audit_sockaddr(int len, void *a) void __audit_ptrace(struct task_struct *t) { struct audit_context *context = audit_context(); + struct lsm_export le; context->target_pid = task_tgid_nr(t); context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getsecid(t, &context->target_sid); + security_task_getsecid(t, &le); + lsm_export_secid(&le, &context->target_sid); memcpy(context->target_comm, t->comm, TASK_COMM_LEN); } @@ -2384,6 +2384,7 @@ int audit_signal_info(int sig, struct task_struct *t) struct audit_aux_data_pids *axp; struct audit_context *ctx = audit_context(); kuid_t uid = current_uid(), auid, t_uid = task_uid(t); + struct lsm_export le; if (auditd_test_task(t) && (sig == SIGTERM || sig == SIGHUP || @@ -2394,7 +2395,8 @@ int audit_signal_info(int sig, struct task_struct *t) audit_sig_uid = auid; else audit_sig_uid = uid; - security_task_getsecid(current, &audit_sig_sid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &audit_sig_sid); } if (!audit_signals || audit_dummy_context()) @@ -2407,7 +2409,8 @@ int audit_signal_info(int sig, struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getsecid(t, &ctx->target_sid); + security_task_getsecid(t, &le); + lsm_export_secid(&le, &ctx->target_sid); memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); return 0; } @@ -2428,7 +2431,8 @@ int audit_signal_info(int sig, struct task_struct *t) axp->target_auid[axp->pid_count] = audit_get_loginuid(t); axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); - security_task_getsecid(t, &axp->target_sid[axp->pid_count]); + security_task_getsecid(t, &le); + lsm_export_secid(&le, &axp->target_sid[axp->pid_count]); memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); axp->pid_count++; diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 00922f55dd9e..7f245d593c8f 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1554,11 +1554,13 @@ int __init netlbl_unlabel_defconf(void) int ret_val; struct netlbl_dom_map *entry; struct netlbl_audit audit_info; + struct lsm_export le; /* Only the kernel is allowed to call this function and the only time * it is called is at bootup before the audit subsystem is reporting * messages so don't worry to much about these values. */ - security_task_getsecid(current, &audit_info.secid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &audit_info.secid); audit_info.loginuid = GLOBAL_ROOT_UID; audit_info.sessionid = 0; diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h index 4a397cde1a48..2dbc4276bdcc 100644 --- a/net/netlabel/netlabel_user.h +++ b/net/netlabel/netlabel_user.h @@ -48,7 +48,10 @@ static inline void netlbl_netlink_auditinfo(struct sk_buff *skb, struct netlbl_audit *audit_info) { - security_task_getsecid(current, &audit_info->secid); + struct lsm_export le; + + security_task_getsecid(current, &le); + lsm_export_secid(&le, &audit_info->secid); audit_info->loginuid = audit_get_loginuid(current); audit_info->sessionid = audit_get_sessionid(current); } diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index 5fb7127bbe68..be714afc9fd2 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -51,11 +51,13 @@ bool is_ima_appraise_enabled(void) int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func) { u32 secid; + struct lsm_export le; if (!ima_appraise) return 0; - security_task_getsecid(current, &secid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &secid); return ima_match_policy(inode, current_cred(), secid, func, mask, IMA_APPRAISE | IMA_HASH, NULL); } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 357edd140c09..1e3cfaf0ee5c 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -336,9 +336,11 @@ static int process_measurement(struct file *file, const struct cred *cred, int ima_file_mmap(struct file *file, unsigned long prot) { u32 secid; + struct lsm_export le; if (file && (prot & PROT_EXEC)) { - security_task_getsecid(current, &secid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &secid); return process_measurement(file, current_cred(), secid, NULL, 0, MAY_EXEC, MMAP_CHECK); } @@ -363,8 +365,10 @@ int ima_bprm_check(struct linux_binprm *bprm) { int ret; u32 secid; + struct lsm_export le; - security_task_getsecid(current, &secid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &secid); ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, MAY_EXEC, BPRM_CHECK); if (ret) @@ -388,8 +392,10 @@ int ima_bprm_check(struct linux_binprm *bprm) int ima_file_check(struct file *file, int mask) { u32 secid; + struct lsm_export le; - security_task_getsecid(current, &secid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &secid); return process_measurement(file, current_cred(), secid, NULL, 0, mask & (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND), FILE_CHECK); @@ -500,6 +506,7 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, { enum ima_hooks func; u32 secid; + struct lsm_export le; if (!file && read_id == READING_FIRMWARE) { if ((ima_appraise & IMA_APPRAISE_FIRMWARE) && @@ -521,7 +528,8 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, } func = read_idmap[read_id] ?: FILE_CHECK; - security_task_getsecid(current, &secid); + security_task_getsecid(current, &le); + lsm_export_secid(&le, &secid); return process_measurement(file, current_cred(), secid, buf, size, MAY_READ, func); } diff --git a/security/security.c b/security/security.c index 6ba1187c9655..22ea709593f3 100644 --- a/security/security.c +++ b/security/security.c @@ -1690,12 +1690,10 @@ int security_task_getsid(struct task_struct *p) return call_int_hook(task_getsid, 0, p); } -void security_task_getsecid(struct task_struct *p, u32 *secid) +void security_task_getsecid(struct task_struct *p, struct lsm_export *l) { - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - - call_void_hook(task_getsecid, p, &data); - lsm_export_secid(&data, secid); + lsm_export_init(l); + call_void_hook(task_getsecid, p, l); } EXPORT_SYMBOL(security_task_getsecid); From patchwork Fri Apr 19 00:45:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908347 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 43CA017E0 for ; Fri, 19 Apr 2019 00:47:16 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3348328B9D for ; Fri, 19 Apr 2019 00:47:16 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 25B0128B9C; Fri, 19 Apr 2019 00:47:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B1B9728B9C for ; Fri, 19 Apr 2019 00:47:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726803AbfDSArP (ORCPT ); Thu, 18 Apr 2019 20:47:15 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:42077 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726794AbfDSArO (ORCPT ); Thu, 18 Apr 2019 20:47:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634833; bh=GPvWJDPXSClM26o50qIJxfLTG9C4Dy1cxsnhyj+//zw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=SxGB6AbyI+x0GaadzlOsICFdFMjwPn/Zwi4Tuvl6xEx73iVaVAkKozV4bHA7oEIUzz9wrUg+S68J/6WZMtOF9zfSvIYPjLY2T/v2r9RKq14qgDjVvHRdh+NCBnVt59JcB11uB4/Z54Xzvhf7Nca+hNStz/VkFl0wi4SOJxk4WK71KWN/Ym/We1mvVpwjV13pVgsSOoMz7AD39vsqlyoCx26Rx9emKkyAs7YkmxfXJehLdPB0YkRerGRVw30Uc+wDwJ8lzGe+CFmonqeF2B0unvptDcF8Wf6VdsCmV1gAo8NJrFGZXqZivU0gGrWvEsPoTYefBgCgQMe/k8BvLbCypg== X-YMail-OSG: jWHKai0VM1lhiBATWjvMhTOFqk70jzY1brGjw1UN4Mc6L73Zfn.oKrpryKH1g7w _54458Td.Bq_xW2uHyRu1qwakZURrqVqhLepG8elXf8.OVLVGG2dUP7wLQa1ESZC8Csv3f8wag5r YZPuJ2Fy6_2X2bKNy.4T6pQgyXYA1S5GNjVEDYL5pQ6reJ1Pwxgn1Hj9MYSACIbaPTmpi8gQ9MnI pKzO9zNyl4y_5ItJcCmk9lpRS92_Atu6Mkz5jkLRGZERPEDh9X.52DvXa_xpfXEHBqJxUyH4pskY LjTw2_wEt2RCuAcSrCTNRPPO5cBa.Exr9kSBHuvRlygzYH7YxCjSjaAJDTkmme4rJqOtvqHp5AU4 ThqTT1hmfvzMRrLa.w.y8wrKJQDWNA9kQOnbQmUQ1hlhNZmOvlCsl29vG60FlJsp0QMKZ3JGigyb WIdwpszQZqeWsD8cJ5THpV4kNz8ZVnL4syHNOuM56idfmD7KZXr_jWqjC.lqznCi2sqJvtf0BmeD 8udxbLZGR4OB8.cSM0YYhaPYFrSp1_bpHaxD61KsmhhQdqVeFJxJn5SLwtlPSI8JGiZFm.c0ci9. 5b_wN94zlFUvEvA2h4hKvO3tFOLky.229cp3DPTa2vLdFQfGYAbeAVEYdtytj_P9HBafUlc3nSAT Kn0m06v1Jb4n6aeGtPk02Dl4Nxfk0WXDmAnv1HgmbY.3DZTHw6IvbfG.n_dRKFBT3gtUHgyRlu5t JiA.NecXaDidzRs1Cn0TrNMNPFXWXhJKP73NQGVPQCDRuWuDAjmufLkQbsw2TqXN.N1Nc.lX2eK1 4Ug.eZyqW5FNLUqe4IM1yqMlqJODoGpWfRVbeYDtuzmNuWoGIZeO76m32.721NnkzjPOD82OCDyT pVkCOoyV4WqNXGUWaNqx_z1JNZ1X5_lMwKyfeb_FRqhbno2e245J8kUM_mGKUEVwoj0tpKENQn79 bMvenbobpNCOjZ2C2o62HxkXVe3kApiZ95F0oHBnZE0OOXvS1LlA_V5LmtUbGbD23iAhox3J9LJK Yr7ZHm0l0vk8_rdIsCxDv8drDeUsD3lsp943rszn_xiNI4BT25I79w9MA0jogBBe3R6oiNNHuhuB ltnhTwmCwLQSmtgIG_GL4kERDVVvXP9x.whDuqd7loSvc23HpMVzd3ydy9lY.6A-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:13 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 2b98cff5dd7fb51e7c7719cd11eecc1a; Fri, 19 Apr 2019 00:47:11 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 21/90] LSM: Use lsm_export in security_inode_getsecid Date: Thu, 18 Apr 2019 17:45:08 -0700 Message-Id: <20190419004617.64627-22-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_inode_getsecid to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/security.h | 7 ++++--- kernel/auditsc.c | 5 ++++- security/integrity/ima/ima_policy.c | 4 +--- security/security.c | 8 +++----- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index ae4c058abc5e..2d04687c3fa9 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -356,7 +356,7 @@ int security_inode_killpriv(struct dentry *dentry); int security_inode_getsecurity(struct inode *inode, const char *name, void **buffer, bool alloc); int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); -void security_inode_getsecid(struct inode *inode, u32 *secid); +void security_inode_getsecid(struct inode *inode, struct lsm_export *l); int security_inode_copy_up(struct dentry *src, struct cred **new); int security_inode_copy_up_xattr(const char *name); int security_file_permission(struct file *file, int mask); @@ -852,9 +852,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer, return 0; } -static inline void security_inode_getsecid(struct inode *inode, u32 *secid) +static inline void security_inode_getsecid(struct inode *inode, + struct lsm_export *l) { - *secid = 0; + lsm_export_init(l); } static inline int security_inode_copy_up(struct dentry *src, struct cred **new) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index b06ffcf9bb9f..71daead619e5 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1908,13 +1908,16 @@ static inline int audit_copy_fcaps(struct audit_names *name, void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { + struct lsm_export le; + name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getsecid(inode, &name->osid); + security_inode_getsecid(inode, &le); + lsm_export_secid(&le, &name->osid); if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 090ef8ceb116..280f2410e551 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -326,7 +326,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; - u32 osid; struct lsm_export le; int retried = 0; @@ -337,8 +336,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - security_inode_getsecid(inode, &osid); - lsm_export_to_all(&le, osid); + security_inode_getsecid(inode, &le); rc = security_filter_rule_match(&le, rule->lsm[i].type, Audit_equal, diff --git a/security/security.c b/security/security.c index 22ea709593f3..e12ce930dfd9 100644 --- a/security/security.c +++ b/security/security.c @@ -1387,12 +1387,10 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer } EXPORT_SYMBOL(security_inode_listsecurity); -void security_inode_getsecid(struct inode *inode, u32 *secid) +void security_inode_getsecid(struct inode *inode, struct lsm_export *l) { - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - - call_void_hook(inode_getsecid, inode, &data); - lsm_export_secid(&data, secid); + lsm_export_init(l); + call_void_hook(inode_getsecid, inode, l); } int security_inode_copy_up(struct dentry *src, struct cred **new) From patchwork Fri Apr 19 00:45:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908343 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AE5091515 for ; Fri, 19 Apr 2019 00:47:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9B64B28B9D for ; Fri, 19 Apr 2019 00:47:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8FAEC28D80; Fri, 19 Apr 2019 00:47:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 34EB328B9D for ; Fri, 19 Apr 2019 00:47:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726823AbfDSArO (ORCPT ); Thu, 18 Apr 2019 20:47:14 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:46457 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726803AbfDSArO (ORCPT ); Thu, 18 Apr 2019 20:47:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634833; bh=0JVMKDcgnflVCRGzj1eTsOgE9xKpgnePntpCQbXL9EQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=JXooOy0Gjmy9yTqmkwjpTcIMSphpchQMXDSGcYKHkeUAgS3I2kGez0Eq3mVQqWCqLS1SsjaBt49yE4yeev5th4l1zxtVC0JljbjnKtLRSqj41Tgf0C7mIsYnFqevc79xRzfSdQPzhHTUmtmpEMurxoWbUC/2uZYL7xExJk4Kkj8YxYpyO9CTQ5ImotkG25NgxEOCLUXNxwxD24XZVoqIbvmidjaq6hntsFrdndYIzTFDw3ZQvTF3/uftDC9Avh5HmZ7jwrYA73W20hnpUxC4SlZSMwT5yBZswYfMYwaHbOXeHRzfyhDH2/qAH0gXUx6qd3Y1fS/460L1xTg7B0yNsQ== X-YMail-OSG: x3R.wYYVM1lkhlXgxIjbdJSorU2yQGdavVal31jPljQTGintexuqlZVq5zcEkgA EfuB4gVFe.vzwm6MCNimRR8YHYX1dRAst9sQe5k1Lx_FZ6c94bLR1fSJHpjZb8NU5paNgDv2uSvR .hggxflOWbNEbueO2BhozPXEMcJ2kC1_z8xvpEdD0lCHR66QJeeLxdnx0KyOiXAyyBgfuYKWeak6 PhYKh8OAoHWCSw67U0fYrVUvThvz9H5RYl6C.9OpuRQDzHLX4i6We7i7xc_nRNgrM30RJvI2tJXn YM5q1tmw8p.zlQskrpKrRVsOYhBTlE4tKS7DBgI6ko81T5tl7HIHaVZDPM0HjoniAhr.dGuuOOrT uUED.L4.y0wamrEvPiziHJTEjup53vWttFSZctjvXJmAiaZe5M_D009IpzCVQJUAEaFbtIw3OLk_ Elc3rPvGwfVbs4FDT88qq_zb8HLQRAsDRAx1oWWVtcssDoRpr1SrIdJLiDK9Dh4Feabj6Dq7O6A6 2uDiEerwVzz.pV1Tn3jkrWQhf2Mz4MSjbQ_QQzTWGfE.sbdxsZdVev1cut3Zhg8JcP77_4pxPh0n nUUe2sDGR1Pt7RIBDolLZHE1jDB5LhNJds87xmoD.6pTNVNjs8ANiCcANdzR26quute.vKIv04aV 4mTCLv.THZ9BfThypoLb_rr.qwxozeQb34chyu.F3QsOxmo5GHYcAtzOMf01wb2ZQJjm8VwbMxpQ uhw03YK4HJHecKcAdAlR0BuGW3rMQjsiLV9R49lYRakvYVTZWWzQODRWiUoRGtVJf7GjeNyvIUsW BQwVCenuxvyM1muEiykCagWxaJFO8qG5Ku076fk4aMbDVF4ieB4Yl7gMUlDzD35LMQFwkzqhIyjH 3KQdevHo7kglTYvwjxWZVlIlwmDcpLt5suTcycCJNPgnrET5DkbKwkUfZNjvX8d8ZunM9Y6SgniC OhUcsuxbZFzZ8Sa.mSIfGw3j_mPnDm.t4avjEuOBuH3TzwzTdMjEP_5OnOeGdI65oZoSJTyu0zdr iWeRSnkAIZl.YODAbcmZKr4gdrXuavQHqtHs.NMM8M8.X73sV_P4ubsBpnXbc4mnng2_epjHz719 JZkq2Ce.y00EebCBo3rGPeNqX4pz1v2tq2TkymOjHFWdsmRyBJ.sZ_aSRznOY2pA8f3aU9AHeROb 6mwwpK5K9yQAc Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:13 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 2b98cff5dd7fb51e7c7719cd11eecc1a; Fri, 19 Apr 2019 00:47:12 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 22/90] LSM: Use lsm_export in security_cred_getsecid Date: Thu, 18 Apr 2019 17:45:09 -0700 Message-Id: <20190419004617.64627-23-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_cred_getsecid to use the lsm_export structure instead of a u32 secid. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/security.h | 2 +- security/integrity/ima/ima_main.c | 3 ++- security/security.c | 8 +++----- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 2d04687c3fa9..40aa7b9f3c83 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -381,7 +381,7 @@ int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); void security_cred_free(struct cred *cred); int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); void security_transfer_creds(struct cred *new, const struct cred *old); -void security_cred_getsecid(const struct cred *c, u32 *secid); +void security_cred_getsecid(const struct cred *c, struct lsm_export *l); int security_kernel_act_as(struct cred *new, struct lsm_export *l); int security_kernel_create_files_as(struct cred *new, struct inode *inode); int security_kernel_module_request(char *kmod_name); diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 1e3cfaf0ee5c..f5efa9ef270d 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -374,7 +374,8 @@ int ima_bprm_check(struct linux_binprm *bprm) if (ret) return ret; - security_cred_getsecid(bprm->cred, &secid); + security_cred_getsecid(bprm->cred, &le); + lsm_export_secid(&le, &secid); return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, MAY_EXEC, CREDS_CHECK); } diff --git a/security/security.c b/security/security.c index e12ce930dfd9..69983ad68233 100644 --- a/security/security.c +++ b/security/security.c @@ -1604,12 +1604,10 @@ void security_transfer_creds(struct cred *new, const struct cred *old) call_void_hook(cred_transfer, new, old); } -void security_cred_getsecid(const struct cred *c, u32 *secid) +void security_cred_getsecid(const struct cred *c, struct lsm_export *l) { - struct lsm_export data = { .flags = LSM_EXPORT_NONE }; - - call_void_hook(cred_getsecid, c, &data); - lsm_export_secid(&data, secid); + lsm_export_init(l); + call_void_hook(cred_getsecid, c, l); } EXPORT_SYMBOL(security_cred_getsecid); From patchwork Fri Apr 19 00:45:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908357 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 134F418FD for ; Fri, 19 Apr 2019 00:47:21 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0133828B1F for ; Fri, 19 Apr 2019 00:47:21 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E9A3128B91; Fri, 19 Apr 2019 00:47:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7F51628CA9 for ; Fri, 19 Apr 2019 00:47:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726809AbfDSArT (ORCPT ); Thu, 18 Apr 2019 20:47:19 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:40117 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726794AbfDSArT (ORCPT ); Thu, 18 Apr 2019 20:47:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634838; bh=j+cuqymh91xxGIirxxPJDUSMb0L9mw21aX8dKstwmqI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=QNBa1R6qbNWMI92q4dKg5aWf6MEL7odOtm6l+OlcxqiknqlP/H2P0lAgGAOJICJMgaR9V0ISASSuiM+pOzDzMPkUWlDR+j1LAMLC+2Z67QLU67FBQiwVY2eMpS1ZqJ86IDeUhH3FY5fqvXWfd0y2LKwAj6zKkT77I2Q4AvHUuRY1CS2jSnd379j77FPc7KBj9GRH2ZFSxyW62O8YLbXC2y5sxxfk1561zJrICBbXZmXpX+KU0+MOgJ/6uoRvrOGF3o31fC53nO0eK1K6Y9MXRbFROKyvuan0t3Ko3iihdScN0NU8GS1tBbZ4s2hI7VpVe06BTDOx7d7VwMeZxh3UKA== X-YMail-OSG: WMnyVKcVM1mfOVn_k.AKGOolCyDcZ8koJWNktiawnZ.00Qgl1VWGN0lDB_JE7He 5gLuDLGiGNGpLNyYmEyCFItaG1MXMclfHYJXm6oJQlL3eqSLLHfj_fhY1XvjRBU5gcYPzQHiptwX eCHt.bIv7dub1ywh88NMw6Xo8T51u4bdr052rYziYADue91mBq5zcmJNUGjSZvGR2p3AqYgvdxAx gGD8PGC9D1CxgD29TO7UHKWfuUBWjFh7VnrtkXW065nUw7RqpL5sli3B_vpU7iih3vBQA9gcwN4K 1oG4Wcc0KdC1HqP2B_xBipvL6uvW3lMdjwc.cR8a07JOHPqSpBbeO8HzUBOLpIKWRkHaL9w838zr pMlw3PqniVKzPy_helWaHHwHxWeqUcuzt2.GLk_AAShCyp5TPiwr1oE8v_etN1WkmBHt1He1d1Mp YfG_xNWW9PisqrULO0gxH8E3SWZ8njZQeJHouwcnodZBxUah_DDFARcEUD6FbU_JgvTel4FPkZHa 6jQUhrcB_yvqV6nK1FQulMdYnluwNbRiSG3cuGD9XUg7.qAJ4hJHc52yJUUEf9zqpcoBVqVzwwNF orCe16Ua39uo3gA2QFpGqAsFrFoCdCZadx.DbVSzbA9lYUScAhxJGSxLcSqSjnyIeU40SZQhG5nl wJR8hLnNaj2Vnbc9afgcqel1gvpjQRkRPf1A3DyLV31YuVCuuJ6sO4bj5ePf_mi63uijIs67jIeE F80hU.q.JcZ8nVqfNSRmURQNZdpJLJJVdobd.TOaTHrQ3w9D0qGFh.RttzJSNEOl9yFbwrWe5KNZ ARjWwh8H54j.WrRHUP4nOGlo_wqoJ1OGKDm80yoTMJwUfDE81m_HPOLYMAdEQP7oCy7_1ovz0kC2 NBLjl14SKDeFFQzR8wNSGgGliP7l.0YKlKQnzXnlCXgTEyIhGj0.8DkA1i01wBBbG4Fr.FUk1SBz r90nbuHOnzXkZOxEriELI5yXlXU65tl3T.34fU4id621giho3p3_OUKKEp3wS9dWJlFjr2XWGpqR B1wrsTKlKRlNatLLknTXgKb_m0DWgofdiPxlCQRqQ3sPrsoOs_cA.dQC08dYTDh.35y1DiabQBdS bA47u7DQuaLgOp3RpLvq5.whXg_9UvK8G8IDW1qUElbRNvz5jz0vhRy5HuilBXUK7gDShmvwUz5M n6FErnbHxesJi Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:18 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 2b98cff5dd7fb51e7c7719cd11eecc1a; Fri, 19 Apr 2019 00:47:13 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 23/90] Audit: Change audit_sig_sid to audit_sig_lsm Date: Thu, 18 Apr 2019 17:45:10 -0700 Message-Id: <20190419004617.64627-24-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Remove lsm_export scaffolding around audit_sig_sid by changing the u32 secid into an lsm_export structure named audit_sig_lsm. Signed-off-by: Casey Schaufler --- include/linux/security.h | 7 +++++++ kernel/audit.c | 18 ++++++++---------- kernel/audit.h | 2 +- kernel/auditsc.c | 3 +-- 4 files changed, 17 insertions(+), 13 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 40aa7b9f3c83..e76d7a9dbe50 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -93,6 +93,13 @@ static inline void lsm_export_init(struct lsm_export *l) memset(l, 0, sizeof(*l)); } +static inline bool lsm_export_any(struct lsm_export *l) +{ + return (((l->flags & LSM_EXPORT_SELINUX) && l->selinux) || + ((l->flags & LSM_EXPORT_SMACK) && l->smack) || + ((l->flags & LSM_EXPORT_APPARMOR) && l->apparmor)); +} + /** * lsm_export_secid - pull the useful secid out of a lsm_export * @data: the containing data structure diff --git a/kernel/audit.c b/kernel/audit.c index fa4c5544eb37..5226e2af9498 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -135,9 +135,9 @@ static u32 audit_backlog_limit = 64; static u32 audit_backlog_wait_time = AUDIT_BACKLOG_WAIT_TIME; /* The identity of the user shutting down the audit system. */ -kuid_t audit_sig_uid = INVALID_UID; -pid_t audit_sig_pid = -1; -u32 audit_sig_sid = 0; +kuid_t audit_sig_uid = INVALID_UID; +pid_t audit_sig_pid = -1; +struct lsm_export audit_sig_lsm; /* Records can be lost in several ways: 0) [suppressed in audit_alloc] @@ -1429,23 +1429,21 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) } case AUDIT_SIGNAL_INFO: len = 0; - if (audit_sig_sid) { - struct lsm_export le; - - lsm_export_to_all(&le, audit_sig_sid); - err = security_secid_to_secctx(&le, &ctx, &len); + if (lsm_export_any(&audit_sig_lsm)) { + err = security_secid_to_secctx(&audit_sig_lsm, &ctx, + &len); if (err) return err; } sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL); if (!sig_data) { - if (audit_sig_sid) + if (lsm_export_any(&audit_sig_lsm)) security_release_secctx(ctx, len); return -ENOMEM; } sig_data->uid = from_kuid(&init_user_ns, audit_sig_uid); sig_data->pid = audit_sig_pid; - if (audit_sig_sid) { + if (lsm_export_any(&audit_sig_lsm)) { memcpy(sig_data->ctx, ctx, len); security_release_secctx(ctx, len); } diff --git a/kernel/audit.h b/kernel/audit.h index 958d5b8fc1b3..64498850c52b 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -338,7 +338,7 @@ extern char *audit_unpack_string(void **bufp, size_t *remain, size_t len); extern pid_t audit_sig_pid; extern kuid_t audit_sig_uid; -extern u32 audit_sig_sid; +extern struct lsm_export audit_sig_lsm; extern int audit_filter(int msgtype, unsigned int listtype); diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 71daead619e5..41f540037a93 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2398,8 +2398,7 @@ int audit_signal_info(int sig, struct task_struct *t) audit_sig_uid = auid; else audit_sig_uid = uid; - security_task_getsecid(current, &le); - lsm_export_secid(&le, &audit_sig_sid); + security_task_getsecid(current, &audit_sig_lsm); } if (!audit_signals || audit_dummy_context()) From patchwork Fri Apr 19 00:45:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908379 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E6C47922 for ; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D523B28B1F for ; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C9D5128B8F; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.7 required=2.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5027828B9C for ; Fri, 19 Apr 2019 00:47:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726829AbfDSArT (ORCPT ); Thu, 18 Apr 2019 20:47:19 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:42578 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726809AbfDSArT (ORCPT ); Thu, 18 Apr 2019 20:47:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634838; bh=V6rKCyElicKZF/0fKwJbU08oHRiI1KUrOSjj+nGJXW4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=EAMx1pZIpJhKJ/L9D9fHZcIksCMY2HcZ/u2U3c1/3ft0VAeW4Ltrj3f80EwJSyrUMxdIMCWkOLxu1JQflJ7SpYw0Sl95pp9B7P0/hiwqs6S09teSxXL1ZZ6KK0N/RNIpVP6nP+ds96ChXqM/W7kCgHFrc8tSj67Ea/+giQJMNrLErI3Q5PmNW91D1NtgYR5OcoEYgxeoLcWnlvMYxZ047B+SAeAHJokELS1E9vjE/d1d6EOKb9S/7ohxG9XWIcdIFouWrVE+GitvkKclDAAGeUo+8J1L1KifHj+3Hu7VVewp35C7H9zNxDWyvR6M2Ew2Nl7DO+ka1+ppveNhV5aZEg== X-YMail-OSG: TDBFR7UVM1nqilPpYCa_dqZHln4.beY4xmDY2TNp2N8U.lj5VpmEg3rzvgnx7RU 6IfCh5VXFN2hWANwLm9u2BNLB2gA2Xoq_.JZwpXWzUfyu5vp5mgbwv4gXyuuq_eaw.gdLlbDbux2 fFVboRIxNAoKtUZXxrM2935z_Y6VRNV9UI2aDLBk3hry0Adwqw2msiYJ2ZY4dN8mdcllxet_g7EG xZIVmVZMW5iOiLCRmC5QImQfRuC0RqFi1oxh6rhB4SEftBt1p985dvnOO.WtnMeSju5oHn6CHcHw XLwukqo7UEtjZ9aXWCJFc0tekZa8cb74JYO91CF1xUv4ZjbiYxujZSWxjeyxpCki973g_RcdagOC hFv6pJJX15gaz2cbrTe4p6AT1unQ3I2vKNA0IYOupGLKnD6kkdUsv2Qml7puFV0LISanHfmGcnCr z3cB6KUpIaR9IhOHPzGP6_iOou97GA1FA3LhoGN2r1ooUhJyd0bVkIvFhWorRCwBSh3RaE9Z0BrV IHzLfr3XJb2ZuLqGVTLbJFwKmv0WuEcWgAUJmRcMZMf29BwMqLEbBn4Az6NEz_iVbeWSBen.tWeO iJUUC53FD4StldN5FtgGeFWELjGN5TkYeYGH05_muQi3gXhV8l.WZzbG28frcGQQjNnWblHnBp.0 Qi1ml94ogzmnlZjOLxGZ92Jizbw5D0zCVBuYXuSdy072HnZVg65Mw6J4hMZ9FXQi1GPAsenqi25Z nGmYq_kf1J9_sYhMjLxfn6GRbWquXFQN4Y3.ctZPqR4IN2fewwMGZIZ0mn9wF1xHRodvUeUI1tZq jUlG_bqZcrNRLxp4Mfa_KGMqW1rBCC10R6.IOKcvVNhA3LIaT4Jz6KrMounrKyVA3PKi_vsztuLS Uwtv7H4q0JDfc6mEPeBZP.1orCeEJcx0e0Q0wDPPKPs3GH8C4GOLl0zsotGwT2TmRYKzHjKclcn8 j2NkTl7nXqYR0z8VPbk9k450MiQxzejRkbNDHJEAYWJPsrJEgOuqvc5SXyBPY_ArxtaecKzZrXnf pWPwJ2LfFoDCvb5VTuAqANxlh.5RbPI56uKQo8M1eUStRxQJxpRgAEpqTKzfusO7lW0.JMOBMnRs 2WUi9nYFxh7d4GZDTdU0btVpzFkBzYxxm8lr3FbZqs.9AaIERm3TF58J3YXvgzPp.35JTbUsU0hO vm0peOWonNigD0Q-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:18 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 2b98cff5dd7fb51e7c7719cd11eecc1a; Fri, 19 Apr 2019 00:47:14 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 24/90] Audit: Convert target_sid to an lsm_export structure Date: Thu, 18 Apr 2019 17:45:11 -0700 Message-Id: <20190419004617.64627-25-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert target_sid to be an lsm_export structure instead of a u32 secid. Clean out the associated scaffolding. Change the name to target_lsm to be descriptive. Signed-off-by: Casey Schaufler --- kernel/audit.h | 3 ++- kernel/auditsc.c | 30 ++++++++++++------------------ 2 files changed, 14 insertions(+), 19 deletions(-) diff --git a/kernel/audit.h b/kernel/audit.h index 64498850c52b..e2e6fa911f9c 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -22,6 +22,7 @@ #include #include #include +#include #include #include @@ -147,7 +148,7 @@ struct audit_context { kuid_t target_auid; kuid_t target_uid; unsigned int target_sessionid; - u32 target_sid; + struct lsm_export target_lsm; char target_comm[TASK_COMM_LEN]; struct audit_tree_refs *trees, *first_trees; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 41f540037a93..75d181029d40 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -112,7 +112,7 @@ struct audit_aux_data_pids { kuid_t target_auid[AUDIT_AUX_PIDS]; kuid_t target_uid[AUDIT_AUX_PIDS]; unsigned int target_sessionid[AUDIT_AUX_PIDS]; - u32 target_sid[AUDIT_AUX_PIDS]; + struct lsm_export target_lsm[AUDIT_AUX_PIDS]; char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; int pid_count; }; @@ -937,14 +937,14 @@ static inline void audit_free_context(struct audit_context *context) } static int audit_log_pid_context(struct audit_context *context, pid_t pid, - kuid_t auid, kuid_t uid, unsigned int sessionid, - u32 sid, char *comm) + kuid_t auid, kuid_t uid, + unsigned int sessionid, + struct lsm_export *l, char *comm) { struct audit_buffer *ab; char *ctx = NULL; u32 len; int rc = 0; - struct lsm_export le; ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID); if (!ab) @@ -953,9 +953,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); - if (sid) { - lsm_export_to_all(&le, sid); - if (security_secid_to_secctx(&le, &ctx, &len)) { + if (lsm_export_any(l)) { + if (security_secid_to_secctx(l, &ctx, &len)) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1525,7 +1524,7 @@ static void audit_log_exit(void) axs->target_auid[i], axs->target_uid[i], axs->target_sessionid[i], - axs->target_sid[i], + &axs->target_lsm[i], axs->target_comm[i])) call_panic = 1; } @@ -1534,7 +1533,7 @@ static void audit_log_exit(void) audit_log_pid_context(context, context->target_pid, context->target_auid, context->target_uid, context->target_sessionid, - context->target_sid, context->target_comm)) + &context->target_lsm, context->target_comm)) call_panic = 1; if (context->pwd.dentry && context->pwd.mnt) { @@ -1711,7 +1710,7 @@ void __audit_syscall_exit(int success, long return_code) context->aux = NULL; context->aux_pids = NULL; context->target_pid = 0; - context->target_sid = 0; + lsm_export_init(&context->target_lsm); context->sockaddr_len = 0; context->type = 0; context->fds[0] = -1; @@ -2363,14 +2362,12 @@ int __audit_sockaddr(int len, void *a) void __audit_ptrace(struct task_struct *t) { struct audit_context *context = audit_context(); - struct lsm_export le; context->target_pid = task_tgid_nr(t); context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getsecid(t, &le); - lsm_export_secid(&le, &context->target_sid); + security_task_getsecid(t, &context->target_lsm); memcpy(context->target_comm, t->comm, TASK_COMM_LEN); } @@ -2387,7 +2384,6 @@ int audit_signal_info(int sig, struct task_struct *t) struct audit_aux_data_pids *axp; struct audit_context *ctx = audit_context(); kuid_t uid = current_uid(), auid, t_uid = task_uid(t); - struct lsm_export le; if (auditd_test_task(t) && (sig == SIGTERM || sig == SIGHUP || @@ -2411,8 +2407,7 @@ int audit_signal_info(int sig, struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getsecid(t, &le); - lsm_export_secid(&le, &ctx->target_sid); + security_task_getsecid(t, &ctx->target_lsm); memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); return 0; } @@ -2433,8 +2428,7 @@ int audit_signal_info(int sig, struct task_struct *t) axp->target_auid[axp->pid_count] = audit_get_loginuid(t); axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); - security_task_getsecid(t, &le); - lsm_export_secid(&le, &axp->target_sid[axp->pid_count]); + security_task_getsecid(t, &axp->target_lsm[axp->pid_count]); memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); axp->pid_count++; From patchwork Fri Apr 19 00:45:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908361 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0FA7917E0 for ; Fri, 19 Apr 2019 00:47:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F1BC928B1F for ; Fri, 19 Apr 2019 00:47:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E18F028B91; Fri, 19 Apr 2019 00:47:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6F5AF28B91 for ; Fri, 19 Apr 2019 00:47:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726810AbfDSArZ (ORCPT ); Thu, 18 Apr 2019 20:47:25 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:38743 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726660AbfDSArY (ORCPT ); Thu, 18 Apr 2019 20:47:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634843; bh=NLJ9WRLN3mqnoEKmIr7GkqEF3TZIbdXheKniGVooL5g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=C7e8wUMaIAeyN6q4BGU93pGTOhTalGoh9uuHdg4zt0cx+4CaEhmZJL6mtv1d1hHrW9uIMT7hQcEFPmtMin/uZQ6Kr8Yit8tAlKt69i4bNdVSNU0EUZhp8f8MH4TidkR/N4+elkSPVVoGKXjKQGffm08H7OjEkuepDW2R1q3RgLVs5fqthdKSGAp102rhOoZSGKDfAO727xdb/IdBqn4/cvx77dDaynj212q3VJYBXXyKJ43ETSpLLrM7QXPb9KhM54leCagCoUylV6PDgJP3fV3c7g5+f3GWqF8KK723rS4At0vgbhN50haWrKIwUCFBkcFdY4+mjZjP9zUZNpSqig== X-YMail-OSG: zDR9TKgVM1kF0Ol4kQIfT71oMvRFaC.QUs23laOag_i8T8snfVzuoGb6cDH30Hf KIGw_2ThFYckaoFttVOC6FbT4A7wmbc7pI6O.5aBpBX8Ek7VA4cXHsZED.WJw1byCyBoB6yRsCEw 3ea58od0xBbWfueJ_1TTbhjDSCnxMKsr9y7VpTOue8eVTJU9NOgWjkV50cLrHPAiOjI7S5wtUvRs FXAImiffhWez0TPhvi.u27cXxNDXocVqssZl2wBzbq2BKfk_8kQmri0tOJ_dj5lriQGwNIPzECHZ azREQtM_4uETeXDqj6cFqUBFtoWJKXfMjzgX2oZxU7etyb_rNmwfdAI60CHIoBu5fH_4Z.NmyLxu ZYPuJzFv5ags0V2orewBXecbJBrhwjCqbpzYMgbJaUfSEqqaVgh68vKE0TTIQywPTMVbiSTl1FXv FJtVtyfEPTAicKRqNz6FnvxiXA2zWQ0touz56zSEEGJ5.cNP0SJDK0v1qmhoroAT4cYjXoKkTg2Z RzmVoY53Jgr2uW09DskgPnme9ywFeDS4aJcRO7_kLH7icx5M.cucJ88yQmVIyWyWf4MAY7ZHTbN1 878j0b3krnxJiHIryFzdHQUJsrLtNM18T3.FZ.K6FQHl7FpOPbXketFNhwc_BlMg5s911u2xEjiQ lg0In_up44VVl_OBoT4BNf9Z5MRJLIU73w8CV34zrzP221dl2rUk853eBUq2c2Nr5whQjg7GxEgv eVXR9fEDjHjZ.81QvOwYa0wFn8f4fKBatIFSP4ULZDESRq8aA6tiITmp6lgXoHpFYiwOD7BnyBUS hi6XOR5SKiRSXLx3LqGHWpJd5VMBbnq75uHYBbBbTGF_FNn68_t3f3nvg1KkMoz26UcbxvBxreFr OrK7.7ImfMrTzrSaIK0dja7gjKBKaXbNjy6Swdq_IKkr7s5r3lRvKHaMkklFSXuSdI07hg0u0gvf XEIDioYEONhO1gGuypBY8dNDdNAbXG8iii_I4vF94UxkO.qCl0FEk2ueY7fTENrGwn7hQ_sCdbLT bH9eN7jtFXduFfPXbosCv72VJP7yGwDx_JuFePHvlFS3wL00GkdkWON7Akw_ZibcWXs8yAadF6c3 Dc8LJK2Kx3d3a81XeOfXJXg5Nft8mLaaYkH3WK8JB.6_r0dANVdLyn12D3V05avevdJawPD.Mgvy 5j8Gfx7R.fVNG Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:23 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp428.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 5d780a730ba98836fa707a31546db6ad; Fri, 19 Apr 2019 00:47:21 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 25/90] Audit: Convert osid to an lsm_export structure Date: Thu, 18 Apr 2019 17:45:12 -0700 Message-Id: <20190419004617.64627-26-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert osid to be an lsm_export structure instead of a u32 secid. Clean out the associated scaffolding. Change the name to olsm to be descriptive. Signed-off-by: Casey Schaufler --- kernel/audit.c | 4 +--- kernel/audit.h | 4 ++-- kernel/auditsc.c | 36 ++++++++++++------------------------ 3 files changed, 15 insertions(+), 29 deletions(-) diff --git a/kernel/audit.c b/kernel/audit.c index 5226e2af9498..d83d1f05c95d 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -2073,12 +2073,10 @@ int audit_log_task_context(struct audit_buffer *ab) char *ctx = NULL; unsigned len; int error; - u32 sid; struct lsm_export le; security_task_getsecid(current, &le); - lsm_export_secid(&le, &sid); - if (!sid) + if (!lsm_export_any(&le)) return 0; error = security_secid_to_secctx(&le, &ctx, &len); diff --git a/kernel/audit.h b/kernel/audit.h index e2e6fa911f9c..7d2fcdf0bc94 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -91,7 +91,7 @@ struct audit_names { kuid_t uid; kgid_t gid; dev_t rdev; - u32 osid; + struct lsm_export olsm; struct audit_cap_data fcap; unsigned int fcap_ver; unsigned char type; /* record type */ @@ -165,7 +165,7 @@ struct audit_context { kuid_t uid; kgid_t gid; umode_t mode; - u32 osid; + struct lsm_export olsm; int has_perm; uid_t perm_uid; gid_t perm_gid; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 75d181029d40..d64775f4bb1b 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -645,17 +645,15 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_rule) { /* Find files that match */ if (name) { - lsm_export_to_all(&le, name->osid); result = security_audit_rule_match( - &le, + &name->olsm, f->type, f->op, f->lsm_rule); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { - lsm_export_to_all(&le, n->osid); if (security_audit_rule_match( - &le, + &n->olsm, f->type, f->op, f->lsm_rule)) { @@ -667,8 +665,7 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - lsm_export_to_all(&le, ctx->ipc.osid); - if (security_audit_rule_match(&le, + if (security_audit_rule_match(&ctx->ipc.olsm, f->type, f->op, f->lsm_rule)) ++result; @@ -1187,19 +1184,17 @@ static void show_special(struct audit_context *context, int *call_panic) context->socketcall.args[i]); break; } case AUDIT_IPC: { - u32 osid = context->ipc.osid; + struct lsm_export *l = &context->ipc.olsm; audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", from_kuid(&init_user_ns, context->ipc.uid), from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); - if (osid) { + if (lsm_export_any(l)) { char *ctx = NULL; u32 len; - struct lsm_export le; - lsm_export_to_all(&le, osid); - if (security_secid_to_secctx(&le, &ctx, &len)) { - audit_log_format(ab, " osid=%u", osid); + if (security_secid_to_secctx(l, &ctx, &len)) { + audit_log_format(ab, " osid=(unknown)"); *call_panic = 1; } else { audit_log_format(ab, " obj=%s", ctx); @@ -1346,14 +1341,12 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, from_kgid(&init_user_ns, n->gid), MAJOR(n->rdev), MINOR(n->rdev)); - if (n->osid != 0) { + if (lsm_export_any(&n->olsm)) { char *ctx = NULL; u32 len; - struct lsm_export le; - lsm_export_to_all(&le, n->osid); - if (security_secid_to_secctx(&le, &ctx, &len)) { - audit_log_format(ab, " osid=%u", n->osid); + if (security_secid_to_secctx(&n->olsm, &ctx, &len)) { + audit_log_format(ab, " osid=(unknown)"); if (call_panic) *call_panic = 2; } else { @@ -1907,16 +1900,13 @@ static inline int audit_copy_fcaps(struct audit_names *name, void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { - struct lsm_export le; - name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getsecid(inode, &le); - lsm_export_secid(&le, &name->osid); + security_inode_getsecid(inode, &name->olsm); if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; @@ -2266,13 +2256,11 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) void __audit_ipc_obj(struct kern_ipc_perm *ipcp) { struct audit_context *context = audit_context(); - struct lsm_export le; context->ipc.uid = ipcp->uid; context->ipc.gid = ipcp->gid; context->ipc.mode = ipcp->mode; context->ipc.has_perm = 0; - security_ipc_getsecid(ipcp, &le); - lsm_export_secid(&le, &context->ipc.osid); + security_ipc_getsecid(ipcp, &context->ipc.olsm); context->type = AUDIT_IPC; } From patchwork Fri Apr 19 00:45:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908371 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 37A0217E0 for ; Fri, 19 Apr 2019 00:47:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2171228B1F for ; Fri, 19 Apr 2019 00:47:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 158F728B9D; Fri, 19 Apr 2019 00:47:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5112628B1F for ; Fri, 19 Apr 2019 00:47:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726831AbfDSAr1 (ORCPT ); Thu, 18 Apr 2019 20:47:27 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:40776 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726660AbfDSAr1 (ORCPT ); Thu, 18 Apr 2019 20:47:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634844; bh=WdnFJNhqMM887DyLRoNCsL62MRkkEDeoMEYJROIA3Sw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=pP0iAHxRCWllWhwq4xRZheVb369DFv9+8y1YuCHc+uNLuasd1eykESPADdc/xBOSKuqFfQcwTp9sykWeoafvzqdQO+DkbDMWzdcnYJbW4fwLVAMRTwNuqeACjXnl5I7ar8OqkmeMQGSmgi0iLtQxdibuOz315+5jgkYN/7OpjlsL1cBY5yPiwc+u2H28D/0D63467suN6EUmLCWIfjTSRd1SWyg25UHefLO819BhAzfw4Vk9WM0Blsxf/UPRKvMOprYNbCW0aDTGVcTFkwTifAMsu0PPheVg7FChvamV3qFjJIYLSczQU2A6B5mfcmtrG7fq4Ubg8NwWOhMx0sgJig== X-YMail-OSG: EAOAZ9gVM1kcUeofSVFV_BHklRzwWZNgKTHe.9IiUFZbDzWa222M5aOXkpSpeh9 ZJ5XoV3JZX7sR6oqeG9.IY.cAcbcU5zSCqEK40Jhdl7UnyMCCN1CFbxaeceULcfLvFQeqVQ5.amt qHxZgIEbLO8mfLe9l94B3hb4M5azRrg6E.gbONc4Rt6dtmttyzEboNapk1Ssd8Gtq6Zp8UC.BPxs 1giTAJDgZRel9u4vTMOruSCCVoXIrhI_Z5NWOsr3lobS6gQ5Sp7Ouu87rMmSpKGhnljcDjaG0SKD IFq63NdfpN5vF1cMo_C9GGDQ6Zqux3jNUzwH2Agd0Lq6mMs3aThiavCAnqrrHIu.YfX_Cx5UJ4NI lNx7IKwHItnA3tbQ6gKihWHlwnKv57FSW5H6Cg74P6Zp0yIFCRbRGcAbOPQi4yylqzk5nMMEwRRG 7ZZT4qF1q_LbAWuwtgoc0u2_a5sINSQ7RvwKZBf3dB0KHGOQEnd11oeMBJhbmAAGB2BWQb7g0OBh 7gjP3lYxgoOI5zgmO6a8yQ7853fGfqqF4itjLslLqJV1steqik56qW5OSbfqn7ddkF8HZkhGW7L7 vuh_wxn78nXZBY4WJwJT83gQCg79rdAv8DIbdHlgqjW6_JyJ3Ra4rtEINy4_d4.PGjCsGku1jREC MZqH6uFU_LPyKYDHPAzS_yHbFhJC.fqWW1Q.gy1Z0dhApEu5LzcDMF79bGCDnB.nCmz.c3mfWUwq bT696L1emVn99JBG5QBmnLei9jHnluD2_OPnmMhNherpdLk4mxGkIck32Ffrj3L4wQ_jfGmFQ5eb Q3QI4g_Rc66C518mAnUT2QUbJLsjuC547hE.7Dd2IEUYO18JWYXxlD3BbEfQUrjyU4vJ8vw2UwTC TMO9WsJYxDXVN25M1_FK8CefoUWsstXbtAEA9L7EPmhRIiDTV5ntY2y8fjkb3Z50Om7seLsIK1Gs LBXzQ8HdJzLaCxqVTKIrHBvkhxutheSIVjC.IUVMSArmEy9ZK3mZeBvGk6K.m3GxCbVeyF5Crv6w Qs1_hI_J9AyaF7vS8IKOZn0kq2oiH1YMkGUaVBxXrd85JDqMN1O7bHAjJtJ5n9Gv74uxTPM7dJ4L r2FRDNk5b3bCQRnl91Xtvgfoywgjo4bcDUvazX.TFI1fXAfY_5Vc0LsFLk3WA_10- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:24 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp428.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 5d780a730ba98836fa707a31546db6ad; Fri, 19 Apr 2019 00:47:22 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 26/90] IMA: Clean out lsm_export scaffolding Date: Thu, 18 Apr 2019 17:45:13 -0700 Message-Id: <20190419004617.64627-27-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Clean out the scaffolding used in the lsm_export transition. This requires changing some of the IMA internal interfaces from u32 to struct lsm_export pointers. Signed-off-by: Casey Schaufler --- security/integrity/ima/ima.h | 10 ++++++---- security/integrity/ima/ima_api.c | 9 +++++---- security/integrity/ima/ima_appraise.c | 4 +--- security/integrity/ima/ima_main.c | 25 ++++++++----------------- security/integrity/ima/ima_policy.c | 14 +++++++------- 5 files changed, 27 insertions(+), 35 deletions(-) diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index d213e835c498..8b109ad0de2e 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -192,8 +192,9 @@ enum ima_hooks { }; /* LIM API function definitions */ -int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, - int mask, enum ima_hooks func, int *pcr); +int ima_get_action(struct inode *inode, const struct cred *cred, + struct lsm_export *l, int mask, enum ima_hooks func, + int *pcr); int ima_must_measure(struct inode *inode, int mask, enum ima_hooks func); int ima_collect_measurement(struct integrity_iint_cache *iint, struct file *file, void *buf, loff_t size, @@ -213,8 +214,9 @@ void ima_free_template_entry(struct ima_template_entry *entry); const char *ima_d_path(const struct path *path, char **pathbuf, char *filename); /* IMA policy related functions */ -int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid, - enum ima_hooks func, int mask, int flags, int *pcr); +int ima_match_policy(struct inode *inode, const struct cred *cred, + struct lsm_export *l, enum ima_hooks func, int mask, + int flags, int *pcr); void ima_init_policy(void); void ima_update_policy(void); void ima_update_policy_flag(void); diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index c7505fb122d4..7e493af96134 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -159,7 +159,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * ima_get_action - appraise & measure decision based on policy. * @inode: pointer to inode to measure * @cred: pointer to credentials structure to validate - * @secid: secid of the task being validated + * @l: LAM data of the task being validated * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXEC, * MAY_APPEND) * @func: caller identifier @@ -175,14 +175,15 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * Returns IMA_MEASURE, IMA_APPRAISE mask. * */ -int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, - int mask, enum ima_hooks func, int *pcr) +int ima_get_action(struct inode *inode, const struct cred *cred, + struct lsm_export *l, int mask, enum ima_hooks func, + int *pcr) { int flags = IMA_MEASURE | IMA_AUDIT | IMA_APPRAISE | IMA_HASH; flags &= ima_policy_flag; - return ima_match_policy(inode, cred, secid, func, mask, flags, pcr); + return ima_match_policy(inode, cred, l, func, mask, flags, pcr); } /* diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index be714afc9fd2..ba64b0b61383 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -50,15 +50,13 @@ bool is_ima_appraise_enabled(void) */ int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func) { - u32 secid; struct lsm_export le; if (!ima_appraise) return 0; security_task_getsecid(current, &le); - lsm_export_secid(&le, &secid); - return ima_match_policy(inode, current_cred(), secid, func, mask, + return ima_match_policy(inode, current_cred(), &le, func, mask, IMA_APPRAISE | IMA_HASH, NULL); } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index f5efa9ef270d..22b973e743fe 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -169,8 +169,8 @@ void ima_file_free(struct file *file) } static int process_measurement(struct file *file, const struct cred *cred, - u32 secid, char *buf, loff_t size, int mask, - enum ima_hooks func) + struct lsm_export *l, char *buf, loff_t size, + int mask, enum ima_hooks func) { struct inode *inode = file_inode(file); struct integrity_iint_cache *iint = NULL; @@ -192,7 +192,7 @@ static int process_measurement(struct file *file, const struct cred *cred, * bitmask based on the appraise/audit/measurement policy. * Included is the appraise submask. */ - action = ima_get_action(inode, cred, secid, mask, func, &pcr); + action = ima_get_action(inode, cred, l, mask, func, &pcr); violation_check = ((func == FILE_CHECK || func == MMAP_CHECK) && (ima_policy_flag & IMA_MEASURE)); if (!action && !violation_check) @@ -335,13 +335,11 @@ static int process_measurement(struct file *file, const struct cred *cred, */ int ima_file_mmap(struct file *file, unsigned long prot) { - u32 secid; struct lsm_export le; if (file && (prot & PROT_EXEC)) { security_task_getsecid(current, &le); - lsm_export_secid(&le, &secid); - return process_measurement(file, current_cred(), secid, NULL, + return process_measurement(file, current_cred(), &le, NULL, 0, MAY_EXEC, MMAP_CHECK); } @@ -364,19 +362,16 @@ int ima_file_mmap(struct file *file, unsigned long prot) int ima_bprm_check(struct linux_binprm *bprm) { int ret; - u32 secid; struct lsm_export le; security_task_getsecid(current, &le); - lsm_export_secid(&le, &secid); - ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, + ret = process_measurement(bprm->file, current_cred(), &le, NULL, 0, MAY_EXEC, BPRM_CHECK); if (ret) return ret; security_cred_getsecid(bprm->cred, &le); - lsm_export_secid(&le, &secid); - return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, + return process_measurement(bprm->file, bprm->cred, &le, NULL, 0, MAY_EXEC, CREDS_CHECK); } @@ -392,12 +387,10 @@ int ima_bprm_check(struct linux_binprm *bprm) */ int ima_file_check(struct file *file, int mask) { - u32 secid; struct lsm_export le; security_task_getsecid(current, &le); - lsm_export_secid(&le, &secid); - return process_measurement(file, current_cred(), secid, NULL, 0, + return process_measurement(file, current_cred(), &le, NULL, 0, mask & (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND), FILE_CHECK); } @@ -506,7 +499,6 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, enum kernel_read_file_id read_id) { enum ima_hooks func; - u32 secid; struct lsm_export le; if (!file && read_id == READING_FIRMWARE) { @@ -530,8 +522,7 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, func = read_idmap[read_id] ?: FILE_CHECK; security_task_getsecid(current, &le); - lsm_export_secid(&le, &secid); - return process_measurement(file, current_cred(), secid, buf, size, + return process_measurement(file, current_cred(), &le, buf, size, MAY_READ, func); } diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 280f2410e551..fae4718d24f9 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -286,7 +286,7 @@ static void ima_lsm_update_rules(void) * Returns true on rule match, false on failure. */ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, - const struct cred *cred, u32 secid, + const struct cred *cred, struct lsm_export *l, enum ima_hooks func, int mask) { int i; @@ -345,8 +345,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - lsm_export_to_all(&le, secid); - rc = security_filter_rule_match(&le, + rc = security_filter_rule_match(l, rule->lsm[i].type, Audit_equal, rule->lsm[i].rule); @@ -394,7 +393,7 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * @inode: pointer to an inode for which the policy decision is being made * @cred: pointer to a credentials structure for which the policy decision is * being made - * @secid: LSM secid of the task to be validated + * @l: LSM data of the task to be validated * @func: IMA hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * @pcr: set the pcr to extend @@ -406,8 +405,9 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * list when walking it. Reads are many orders of magnitude more numerous * than writes so ima_match_policy() is classical RCU candidate. */ -int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid, - enum ima_hooks func, int mask, int flags, int *pcr) +int ima_match_policy(struct inode *inode, const struct cred *cred, + struct lsm_export *l, enum ima_hooks func, int mask, + int flags, int *pcr) { struct ima_rule_entry *entry; int action = 0, actmask = flags | (flags << 1); @@ -418,7 +418,7 @@ int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid, if (!(entry->action & actmask)) continue; - if (!ima_match_rules(entry, inode, cred, secid, func, mask)) + if (!ima_match_rules(entry, inode, cred, l, func, mask)) continue; action |= entry->flags & IMA_ACTION_FLAGS; From patchwork Fri Apr 19 00:45:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908367 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 88634922 for ; Fri, 19 Apr 2019 00:47:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 73DF628B1F for ; Fri, 19 Apr 2019 00:47:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6886E28B9F; Fri, 19 Apr 2019 00:47:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7D7D528B1F for ; Fri, 19 Apr 2019 00:47:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726322AbfDSAr0 (ORCPT ); Thu, 18 Apr 2019 20:47:26 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:46670 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726836AbfDSArZ (ORCPT ); Thu, 18 Apr 2019 20:47:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634844; bh=+QxXCb9k4EN0+MlvBQu1WP28VNVY6EbCswDSvfqvDU8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=IPX4t4T09BJyu5doJ8MumfOvCYzwD8SpUED6pEjDF3JoEoLxQTFHZEHXJbctSOegTN1klncO+DBBL3H6Lksam5FqKwwMIfhzHBIhcanH71JhMwJhXZNHQckxjdQcvHWExVchk1WZv2EsI5Ab8CzZdG/1HMPEn30h5RPvQjxxXvY88M4RzQXSzB86suI/zr34AfbTtcleOrDNpOHb2bnqTZ+H1M9rdE9IXsL3pYY8UU1K6+ooQ3QRSbvZhcBO5/BmtUVaB6uSfY1i9tQ/X2q2RICvHHznvx4sgBj4iH4IcHxWZYKXrohb5K0T3HU5wn8flp1XLaIWooJZn9SAyIBJLw== X-YMail-OSG: j50t5MkVM1lQ8_tAWS0oNfkVdilqiyg.0T1anNnX_kdBCgazwGujwnWnoFmwc3D RDfwH5qvezoAftjVcE9MdVzS493FEB7DeeAOEatan1Adn4NoU4VSJpt1tQHPVk4trpS5ibQcrh3Z 9P6BfLcc9b4sXgJ.PoPmkG8lKOrhl811l5mHOZEhBlOiM.TD7QSBC.cQY4vyBPbKHfPwMipAw6DA KSsqR_NA577V7Dz5VUcIhVPu2tGwX_kRw8owez83NT0iinGRvHAgb7Nhs7eQmbvTzu.TxXjth8Bp uaZZPngT30cq73vIkkOyWtk8k7836nUkE_NG9.evnOo_Fpq4nd0wWKEhPhklYcsio.Xle1pYKWCf 1ENEiq7wOOdKSu90pRs29c8zCMZkMT2_cp9lair5R21_OhOLH2h0V2JvUwbw1xUPZxCjZWHUsawh DludwQfCY.zvK2x1cwID0qk.RsnFGrVLmk14gkXxU_xTg.PpDr1wkhlls6G41e2D1qan8O.br1kb 0Z_GJXFV8fN.LHJqbJFfQrlZG83R3Ym8T6A9vGTE5ncRoPvKe06wJDNxG0sYrDclczH9ZYSxbaAd UM7e3zkGG.8vs1lMqWm2fUsjxiYEOteKIaI9ZN_7hZsVdWWkfzsmUH79FqeFrc0qBPXEnJeZ1H93 ThcwTqdY85S4yJox4gCUQvXoLpehG5PHxV33.6KTwzBEvrZFi9RM0sfldxqZ6NWAM3faTFfmxwjh fU0f8izU9otrF5KV1gHPIt7EjvbZ8peshcVpcX_WAQPtRgKoRdFOntfLwAkky8Sp98duk4wMYFQW vITBA35u_VqilxN4VGN6B6qy2nXRrxbGXq09xTht_luKC2R43Lhj9N4o7l08K6Xo90BOZ1Bctcu1 ttkqN.eoQtot1.BfKPEqrfd2jbDs7Lvr9BxvPO3m63QvigEC59mVCEQdEgnwBBoFOEE3Xn0cX.gS DnXtIzwXmZIqEieqawdSr2N5pXuF5WzFCWPSa8hhQp1nFtJAZjlbbxU6CCYcp..6ATst2.dL5euJ xO5grbLI1sJf9xpxED6g.a6GbYU0M80n83gubA9TnoE.Q9JbS3GQPEPSpVJo5d8NKd7fba00OCTi nkOtnVeq3Nfm1bkVZbmKEghfJLs.YSNwfFfM2uc4Dtl8LpsNU7d6yaqI9MVBj4yEMF6.FJ8PAC9I Gw0sKm0lC7A2c Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:24 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp428.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 5d780a730ba98836fa707a31546db6ad; Fri, 19 Apr 2019 00:47:23 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 27/90] NET: Change the UNIXCB from a secid to an lsm_export Date: Thu, 18 Apr 2019 17:45:14 -0700 Message-Id: <20190419004617.64627-28-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Store a lsm_export structure in the UDS control information instead of a single secid. Signed-off-by: Casey Schaufler --- include/linux/security.h | 16 ++++++++++++++++ include/net/af_unix.h | 2 +- net/unix/af_unix.c | 9 +++------ 3 files changed, 20 insertions(+), 7 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index e76d7a9dbe50..9d8115b3d679 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -100,6 +100,22 @@ static inline bool lsm_export_any(struct lsm_export *l) ((l->flags & LSM_EXPORT_APPARMOR) && l->apparmor)); } +static inline bool lsm_export_equal(struct lsm_export *l, struct lsm_export *m) +{ + if (l->flags != m->flags || l->flags == LSM_EXPORT_NONE) + return false; + if (l->flags & LSM_EXPORT_SELINUX && + (l->selinux != m->selinux || l->selinux == 0)) + return false; + if (l->flags & LSM_EXPORT_SMACK && + (l->smack != m->smack || l->smack == 0)) + return false; + if (l->flags & LSM_EXPORT_APPARMOR && + (l->apparmor != m->apparmor || l->apparmor == 0)) + return false; + return true; +} + /** * lsm_export_secid - pull the useful secid out of a lsm_export * @data: the containing data structure diff --git a/include/net/af_unix.h b/include/net/af_unix.h index 3426d6dacc45..c1612d4b191c 100644 --- a/include/net/af_unix.h +++ b/include/net/af_unix.h @@ -36,7 +36,7 @@ struct unix_skb_parms { kgid_t gid; struct scm_fp_list *fp; /* Passed files */ #ifdef CONFIG_SECURITY_NETWORK - u32 secid; /* Security ID */ + struct lsm_export le; /* LSM data */ #endif u32 consumed; } __randomize_layout; diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 4d4107927ba2..222929693867 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -143,20 +143,17 @@ static struct hlist_head *unix_sockets_unbound(void *addr) #ifdef CONFIG_SECURITY_NETWORK static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb) { - lsm_export_secid(&scm->le, &(UNIXCB(skb).secid)); + UNIXCB(skb).le = scm->le; } static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb) { - lsm_export_to_all(&scm->le, UNIXCB(skb).secid); + scm->le = UNIXCB(skb).le; } static inline bool unix_secdata_eq(struct scm_cookie *scm, struct sk_buff *skb) { - u32 best_secid; - - lsm_export_secid(&scm->le, &best_secid); - return (best_secid == UNIXCB(skb).secid); + return lsm_export_equal(&scm->le, &(UNIXCB(skb).le)); } #else static inline void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb) From patchwork Fri Apr 19 00:45:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908363 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 27B0B1515 for ; Fri, 19 Apr 2019 00:47:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 13B5428B91 for ; Fri, 19 Apr 2019 00:47:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 07ECB28CA9; Fri, 19 Apr 2019 00:47:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9E4C828B91 for ; Fri, 19 Apr 2019 00:47:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726836AbfDSAr0 (ORCPT ); Thu, 18 Apr 2019 20:47:26 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:36277 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726794AbfDSArZ (ORCPT ); Thu, 18 Apr 2019 20:47:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634844; bh=DXZobVlHba7NLExIjhRRZRkmastZlDIkiPrs42J8njM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=ZAa7n1p+STwlFVNBqWo9Y4OB7Z2nx4IE7YKFrIJutjojG/3deJ/qMl4vYxmo6dudcaTC3Tvdsfyr+R/DFk4iqVY/S/la4YJIeMzx0Fm/WEKbyq6vVoUHmgLFH/LP13GJSmCgAd8JV1BD7R4BoqK9YSG+Q3oH7vveg1DmC8TAIZO6xK91azY8OuCRJUKi/jn+1HGtn7HkEyP7a2Cktyn25ZNsnRo5cAT2HN7KNEZo5XxlUaaKyF2MfuZN3zU8gXZBWTdlOlXsejGFiSVTcNyFIN4y8PLC1U5cSojEI2pwbFJw035YtUEY65nJnniYiYuCK7PQc5iTI0QXbP7e6r/MQw== X-YMail-OSG: 29drDCUVM1m9ueTQf2X0F3Ac.SKutwBfdjQkkrpegJlraiOnSy0.qNwTBGUk020 RmcbEUNdOMyXbfN7n8HSMXZZwNjRnzKCsAcEUeNKoTXIEut9Ahfl9jwsgs89eYNGiFh_IFBU6BeB wF0R_Mc0sN6265WHjzKawqcwSIbIp_Y0i_Cxmq8BA_WgAQZAsAzHTgOIaUdpzdHnD9PjFP4lFb0g ubOzrKMGfhAwSAiN4SRDJwcuhjO0szzGoaCyrPBHsGr8OoFSjCYLwRkPi3NRR4y4HG5mViSgnawe KziziAwPCGbjWy8JkcrWMpjPQJvZrb6nNTT0qRveBQluUXXEqJ2snHvYzqiNbce2E.xHwH2xcFcv li27AyYIVN_0jEDWrAAH_HtlpLcSd6c8X6UXH46hgkaK0fiEjg7mXFQ12msgLsshud59qyiWEBSe Pj5_u5TJFTapf8fl2XiWPI_aDVXnjNzEGcg6u6JVOUa41klmByA5ceALQeyhaeNu.I2unQcTOBx8 46GKz8imPtpEV6mAr8YU_0r4J1o12.E2Ql6ItooNdzAEigYuUfX_QxKL6d6EBmLq4Kkn7lF02WSv Kqf.NTMfL44xcb0okn8FKggtIwjRknNMCs0MNKW62sJAswVWJ7nsXAhCtRgcKGx5YMvhWytbtlzr .EwL0ftd5xR0De3fxVs7LPHiFSGGRckGVt34FSTETp1TEi59Le7EhKMeOV5xMd8vLTU2llsb_sl9 _5IxtsVI2.YVwFJT30tJRNwRH.UCkhvSiXF.We8K0WlbHKkD.sVPXWe4oQZOQ7FH2Qv.ZIZSi0KX 7Zj9BG6ciQNI54jPQ_slUY_80whGD2MyR1cUhr25GWIzPqSGZDySfanvy2OR.MvWEGMS6hqhh6Mg ikEFuOai57RoJDy3.G17_FnW6rlNnac1DJUQL5w.OC7fpPihJ5WsLbJuzYacbcjzJQMkIlQy88ba 8WGkLnEaopo785xMqm3mzx5WQA98MuJhrVTZ3ktU7TrbZVGaV0EryTvYgITys95Qn3eyx.yiJ2bE nUfAI7XJzeIq12mp8fOYTVLam42K1ewlH2BS1DG2Ltk28JMYXj7GunlFzekU7_wfiqq2.Qje5Xp9 XCOi2EYPE0AYv3jmulaj.MFbyG5hLrnSdRYq21Q8KAlGe7EL8UeTNwZLHzcvcRA-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:24 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp428.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 5d780a730ba98836fa707a31546db6ad; Fri, 19 Apr 2019 00:47:24 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 28/90] NET: Remove scaffolding on secmarks Date: Thu, 18 Apr 2019 17:45:15 -0700 Message-Id: <20190419004617.64627-29-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Replace the lsm_export scaffolding in xt_SECMARK.c This raises an issue, in that Smack users have been using SECMARK_MODE_SEL, which is suppoed to be exclusively for SELinux. This is worked around in the code, but not fully addressed. Signed-off-by: Casey Schaufler --- net/netfilter/xt_SECMARK.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index 2def8d8898e6..9a2a97c200a2 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c @@ -55,6 +55,7 @@ static int checkentry_lsm(struct xt_secmark_target_info *info) info->secctx[SECMARK_SECCTX_MAX - 1] = '\0'; info->secid = 0; + lsm_export_init(&le); err = security_secctx_to_secid(info->secctx, strlen(info->secctx), &le); if (err) { if (err == -EINVAL) @@ -63,7 +64,12 @@ static int checkentry_lsm(struct xt_secmark_target_info *info) return err; } - lsm_export_secid(&le, &info->secid); + /* Smack is cheating, using SECMARK_MODE_SEL */ + if (le.selinux) + info->secid = le.selinux; + else + info->secid = le.smack; + if (!info->secid) { pr_info_ratelimited("unable to map security context \'%s\'\n", info->secctx); From patchwork Fri Apr 19 00:45:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908377 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 93EA017E0 for ; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 823E528B1F for ; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 76C8628B91; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3696128B8F for ; Fri, 19 Apr 2019 00:47:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726835AbfDSAr3 (ORCPT ); Thu, 18 Apr 2019 20:47:29 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:46591 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726839AbfDSAr3 (ORCPT ); Thu, 18 Apr 2019 20:47:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634848; bh=n7o8QGFhmUAYfuuVtS2cjj7dSkuQxOxyGbWYP+SBOLg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=bWVVU8Byzt1gLZXJMCCZZDZyFeJlrFBfE7uqJtbnUUtG/sCd46KmavmSIPdkHxlBx2FISAX3os0PyLOY9gowCciXhyEHvYiXr36hvJJ7rcONdXqzPEch5XOx/Giqai8akY+HcDQthLQS9AhlWuRiL0/UbVdUUwOiF48IXlEUV+LAaA8YtAK/AhpEhd8DCT98Ldy2ebOYqrKTKwBrPO4UxHqHRLU6tmrGr64hyjJlQXkGuMs96FH2+ilVpOsDz9ZAB5zi3+Gq1kcFPDU1dcEEhjEOPoeqqcRh8kUubnR+akpOI6xJwKKhKEBPXf88LbhYutHETdrke7hk2JKLFQI0IA== X-YMail-OSG: TnmnKLEVM1kRQPkMQLuqcQNomygn28zBmJqR_oqqecfEAVougFHyET5.t7IGhiF 8l4rRS0CoWnFQ03bMqfH32tFmymp1yq4MlLNqS.zegHxLFNAhcUAy.9.1GxLVo_EVDWpD4QNyWW3 8D1n2ZHrbknqVO4CuhGzxOs0ElkcKyz0jhTYJadq.VDCeTvuKgDYZ9bz7DtzKhP5DrWZmciLdUG3 C3rWJvwAXRN9OnlXx3jsG8j.PbKAKnMUGUqr9jfsxgcID2am7qdRPfzyuu_lLu15E5q_RuqIOorU 2bXJ8yKDtJ1y.HTPK1IQuorBKmT5sKchwcg9MkLBQONkHrH3q3vZhESJMBt04g7UNmigUfIFsOwU xqGkCZS9kUcx18cOKeylc5sAkKv5efd4D95meD6Mu1pORVwwjL5xQaQGXN7ubUnLMJr56na.N1BF wNktooGzZRmks9150TXFLrmut7Jpu.rFJcCyzenCESyDXBQQt4eD8WjP5ORF0SlKgGGtiITkOj0o IffSv3W4ppysYrz7Eal1q95hK__152JZ5WWtq8YjDjnL7LcDlj5uaMvQ3L11jiC4yvE7gr2NiUqh AqOD3TUOl5QKZ15GpVjNAyWC884ibbTjB1yjvYuXWnazv6.XglktEyUizaEiKXGwVFasmW8V8BlJ Hj2cTkjVNJ5Pnn_kAa.qs3Mw2nKL8n6pnlZEVVGZg0L0jBXwEjlU08IEy5yUrw1qV4RXcFDsMiaJ pcrMHt.jZ8W4CPhV5GQUi_RzDYKOYa9doel2Qz5AHNY2M6liKlaomeIE9ilrg2RpaBYiNhwX9QAK 8jRCzBg2ovom1pn7ewEtgKIf1b81xfp4jURM0EXah.PXq_fx.O4XSe2HGtbgNxHwu2rjJ..aqWvp wY6DMPO.W0to3qMg0Xke0_YuO_pBHYbO_WygMBBZxCMn2CXf.X4UPnXmRl8M6XhDKStYhMFptv10 Y.ODuHI0gLQCtjblSH0BM74xzAeWUaDmnTSYy6r4I63.hYiCDV53XB2wGH2fzO11SmcFTv3e_S9u bwpxwQ3mDD.Fl15nqDznhE0GvSyr5NjkqAeF3xUd9h_9ykZBx9MQ17IE.kYCS.fNDmHooHTRVgAb Szt8DQSvuwAJb9.TtqScDeML1rqo1V.44oWfufNsAtvrL.ZO0h0JFsAYTG_7SRaTR1EVAnmXKHQQ 5ePZZvNoeoL.n Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:28 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp428.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 5d780a730ba98836fa707a31546db6ad; Fri, 19 Apr 2019 00:47:25 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 29/90] NET: Remove scaffolding on new secmarks Date: Thu, 18 Apr 2019 17:45:16 -0700 Message-Id: <20190419004617.64627-30-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Replace the lsm_export scaffolding in nft_meta. Signed-off-by: Casey Schaufler --- net/netfilter/nft_meta.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index 598bea8e4799..a1d3dab5bc25 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -580,11 +580,17 @@ static int nft_secmark_compute_secid(struct nft_secmark *priv) u32 tmp_secid = 0; int err; + lsm_export_init(&le); err = security_secctx_to_secid(priv->ctx, strlen(priv->ctx), &le); if (err) return err; - lsm_export_secid(&le, &tmp_secid); + /* Use the "best" secid */ + if (le.selinux) + tmp_secid = le.selinux; + else + tmp_secid = le.smack; + if (!tmp_secid) return -ENOENT; From patchwork Fri Apr 19 00:45:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908383 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8A2161515 for ; Fri, 19 Apr 2019 00:47:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7B83B28B1F for ; Fri, 19 Apr 2019 00:47:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6F5C628B91; Fri, 19 Apr 2019 00:47:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 19F3A28B1F for ; Fri, 19 Apr 2019 00:47:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726839AbfDSArg (ORCPT ); Thu, 18 Apr 2019 20:47:36 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:44088 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726844AbfDSArg (ORCPT ); Thu, 18 Apr 2019 20:47:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634854; bh=KYlupIPcbLYAYHDyLLLdG0LtZrXeMUYE6GpZUguvURc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=GXuAJzjXvha7gsCV4j04dpBTBFYBhmbMVdvNcPQkci+v3lWgmVfkfhHlmBDE62K2D3bTPARW6qtaQCe70B/q/wL2Sl8upxfN72yEuC6W8sJ1E45vMwAPRuuP1dzkuxiiu0uBC+V4wJdimXEKWbMq/sr+4oP6BE8WrTl3lf06gUmX4RIcFdgNmxw6wKrAHzwTeX6yLaUzNxy9GUMrC7i+nDsr283LIxVwgquGFPvU1uWh5BZUgImDPzXXUhAwEejS4Au2XzXdFQkCfnmqYuL9SzAhuR4C2bGaRh0Uxsf/6sNgbFpmDi/54IC+L1PnFDCxYLWBOQKgP6aM6QkjoWyOUw== X-YMail-OSG: UwbwAmUVM1mTQMRUslcZq3H_MMBh0oKs7e5Vn4E0Zddkjye19ZR_4rehEaQAyf8 cflCEiQmSnrsfbbLlDalz5YOX4omkfSQ7XeszUPWvCw1xH8O.3lYcAy1yUbHZ.wIX2RWYUQmRZbH 3uaOfyHIA73KzAfCEiVKvNDTaYHvgqTD40H0S7dZJNPIED7tyoOIOQw7Yi7ISaJcTfhnHin6EaRg cvRzVyziLJh1h7My5lB4CCPKvPjBgV_1c5VqRp8a4nM91unocBtOQ.eaE1bzT5Aclk9YHZ1_XkjU cYEO9VgZElQbAAjV.qygUHH4uLHDFDAI1ssveG6LIsH2aLkahKFJaKKHYmkLWQKSmQYKwqrPk0ba HaECAj.xR_CNqdCCwwXj3kJzcbvHHs.ed3uHueQqBL_2X__2eciFI33ERtyGR6NRdZ4lGt5YeSu7 ZMlfxSxNhdm6hSUpDZnKYophziuHGgGXYBY2Ltn9SoIz0AcdaL61Kl9ngw45yuX70DXy41SkFKL7 BMRt4yNBHEjXllxpEiwEqpAW6fWqwRcS8Mkc0Y7u4TM6nkbp.2eUXSQFgPUqRZ8n195ECP9PPGR8 HGkCcYOLHYL1FXtwYoxxJq5LzHRCZi1xop.qWMWUUe772PFOGEarHCTMbJfWUL5LD0MYsLqwKfU6 MPBUHiiiRH.6C0vBTNvfGkROWmr10W5pjuhZi6Ln2hEEusNG7n3MhrqtiP3B7w7bQ0MZSuyJTv24 z9kFOz0Jks0tPZIMpP92ydH9oBQ_y9rCzqYlRDDW7rBJwuKfBIdichsZX7kRiwGWiFDUWPvRRNsA 5XedMfMQgedSmsI80LwPT59usN0geZfQYmKJPTLlQg5L3mUc_mMSi.DeAssytdMZPOO4a0QvtmVy xZ.RzRYSRo0jVcLRMFCHlMY2YtL4ClwG_coA_W0o4VrEE6sJ.eIU4FfnD0BLy74Ch3FRPwBfLX2M TOCLdhrcT8rdXmYKPx5vJX6TQV1Wbg7kY64AlPyMa_QRYLRDQFxLDR3Wznfql80cIWQGp2VKN7xt jWumWPOjxYRNAQuUWqbuJGAOdRlI7JwNHFjQCg8YmMW2JZOgAFSot1uUYQxb.dT.nK2vd2yMhlg4 mm8ROGmEkA9aLlP1QDGYFR.XzQ9wOtfmCRCgbgXNqIeg1WmUtZ31Hw6tgwKJYIQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:34 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 3136423b19635411d73e92b6945decf9; Fri, 19 Apr 2019 00:47:32 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 30/90] NET: Remove netfilter scaffolding for lsm_export Date: Thu, 18 Apr 2019 17:45:17 -0700 Message-Id: <20190419004617.64627-31-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Remove scaffolding functions from the netfilter code. Replace with direct access to lsm_export fields so as to be explicit about how the secmarks are being handled. Signed-off-by: Casey Schaufler --- net/netfilter/nf_conntrack_netlink.c | 12 ++++++++++-- net/netfilter/nf_conntrack_standalone.c | 7 ++++++- net/netfilter/nfnetlink_queue.c | 6 +++++- 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index b069277450c5..d10cc1924e46 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -332,7 +332,11 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) char *secctx; struct lsm_export le; - lsm_export_to_all(&le, ct->secmark); + lsm_export_init(&le); + le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; + le.selinux = ct->secmark; + le.smack = ct->secmark; + ret = security_secid_to_secctx(&le, &secctx, &len); if (ret) return 0; @@ -619,7 +623,11 @@ static inline int ctnetlink_secctx_size(const struct nf_conn *ct) int len, ret; struct lsm_export le; - lsm_export_to_all(&le, ct->secmark); + lsm_export_init(&le); + le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; + le.selinux = ct->secmark; + le.smack = ct->secmark; + ret = security_secid_to_secctx(&le, NULL, &len); if (ret) return 0; diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 12318026d8d4..d353f3efc5a5 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -177,7 +177,12 @@ static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) char *secctx; struct lsm_export le; - lsm_export_to_all(&le, ct->secmark); + /* Whichever LSM may be using the secmark */ + lsm_export_init(&le); + le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; + le.selinux = ct->secmark; + le.smack = ct->secmark; + ret = security_secid_to_secctx(&le, &secctx, &len); if (ret) return; diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 4c74c383e26b..a0670137477b 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -317,7 +317,11 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) read_lock_bh(&skb->sk->sk_callback_lock); if (skb->secmark) { - lsm_export_to_all(&le, skb->secmark); + /* Whichever LSM may be using the secmark */ + lsm_export_init(&le); + le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; + le.selinux = skb->secmark; + le.smack = skb->secmark; security_secid_to_secctx(&le, secdata, &seclen); } From patchwork Fri Apr 19 00:45:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908401 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id ACD271515 for ; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 952A928B1F for ; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 89BAE28B9C; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 54DF128B1F for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726862AbfDSArl (ORCPT ); Thu, 18 Apr 2019 20:47:41 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:36488 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726844AbfDSArl (ORCPT ); Thu, 18 Apr 2019 20:47:41 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634858; bh=ru3IBy79wwcnAZalZt5K4emNkCbgFnwqv7TisHF5r3A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=fFmSh9cRDzFmVWZw8pSUJrZZSDodDsPlc7Q3Cp9N32PInt5RA7xqQ0/GTGE8kV4ivS/poFPOdb2p1rbhBns4DKXWyOC4m9+QG7vhHY31G/JNPN1///mZKTDGgTz1zy3QXOQ75igImVg1NM5HgKnvIufuuWhaSAnZ8FzyctYuvHy4yazS+lKfeLzwnCmUK1DJjaznQ2n6Fr0kv9cPMkomEG+ESVj/a/TzTNpI90ykjGB5HO1Gi9B4PS0li7PW7DHOiw8uCH+KERG9/4U+0A9z74LvMea1GYhkipZZMzracIBILJ8Bdv2JazYN7ikh9TxQdbJcij9p0Qn0qVuqxdD00g== X-YMail-OSG: QEXnkJAVM1lx4u.i_Vue.hViS9PikEu7rdtLOny1ZBnD4gEe8_MLfTHRIjOPgX1 XpJEREI33pNJ8GE4G2h1zC5Z.2DxenBID0rzei4jjdNymGWN2i7IHWQJhhHD0._2rAkQhnNf3o4a 22mTiXj80rvkH8CM2jqobidwrjpj9BopDfw2t.swb4zDfMt9ZutPBiXqNGw2ZnOmZhVQHC.v9vL2 RLXyCDFUNTa.h5bfjm6KMJxfXZqZDYPiStHGsodYTVQEEfpTHSpNnzz5qEvGtxHHL.ePbQbD2kj5 ROgVdYlal3H1daQHeus8vvcHIbGQT4LlkoThucIVbEgniFBBe2skQv0Uu2WwTChVbJQl51HTbxET SB3q.B78biUPvEd.J2smPoisORzhq6h4kJDyKA.NAi76lkfS.yVmKECA.DY_VNKj4nXu3ETqQnFw mMBUOOXw_LTgS2j.uALItOv6rM93c5u0_vuxxja_1d_IVjrphRqOjgdfsuZLJLVPxGt1Dt24d2LB 5i8utDUft1iXkCiW1VQOMvunEqwmWS_Pn_7NLR8vxqq7Dof2CGf1kEpUfpb9mqAiVdQVz76bKe68 afUxzR.CY0tK5VHHLUJEhd6YU._YtsA7KpNKaSSNW3ewFRodNeifnhLKkzofU4XACqzxH8VvN4pp 65HJKfFUW3sZo_iIASfAuYme_f55dJnZ.EV8dTRJnxcrrPzseP9R6wkm8Yybtmtlau8r9HfKZ7XO KmmNoR09M_QVpL5_gZ28.Bs2FO1wujr_Nu4NQJ0O0hHGXOkjKadcOOd9xLcM8yNWuQ9mo52qshSG AUQq9ODja41qJDbXeUDhJEIikyXg4IsTpj44gKWY1XkKMZtbEDdOBPCsbUj..idhyFq4fXWuvR7g Ot9NgvhoTNZkVXMTjntzzXdEP9ojcXjfDChn4tFg51hGpj8sIB8YKt0F78erd3paZIELNvqYuM3s v4VmxIKW4xPN6yFNnOC4iqhvj4eyA_n8h_I8W2FWJX3esvi4qAWDypGIOnnX__wHeQkg0CRdsKjG SmpTXqP8zy9Gv2ePxpMzESEiTL4BAynDdCq2OLnUcAsOdUjeMXvwCuF0qOyEUzVq8JHUP0dRf9EE k1YIU4EPwDs.HPnpxahlvbrYwcZ79bQGCCL2PhyuJJj7yWVn8.Za7nirQIZrBSxQ8DVYgzF8pZoj kJ_wyQby.A7_.KQOTMl7o Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:38 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 3136423b19635411d73e92b6945decf9; Fri, 19 Apr 2019 00:47:33 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 31/90] Netlabel: Replace secids with lsm_export Date: Thu, 18 Apr 2019 17:45:18 -0700 Message-Id: <20190419004617.64627-32-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert to lsm_export structures instead of u32 secids. Clean out the associated scaffolding. This requires changes to several internal interfaces, but no change in behavior. Change the LOC tag type to pass an lsm_export instead of a single u32. As this tag is only used locally there is no change to externally exposed interfaces. Signed-off-by: Casey Schaufler --- include/net/netlabel.h | 10 ++--- net/ipv4/cipso_ipv4.c | 13 ++++--- net/netlabel/netlabel_kapi.c | 5 +-- net/netlabel/netlabel_unlabeled.c | 65 ++++++++++++------------------- net/netlabel/netlabel_unlabeled.h | 2 +- net/netlabel/netlabel_user.c | 7 ++-- net/netlabel/netlabel_user.h | 5 +-- security/selinux/netlabel.c | 2 +- security/selinux/ss/services.c | 9 +++-- security/smack/smack_lsm.c | 5 ++- security/smack/smackfs.c | 12 ++++-- 11 files changed, 64 insertions(+), 71 deletions(-) diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 72d6435fc16c..546c75f27d05 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -111,7 +111,7 @@ struct calipso_doi; /* NetLabel audit information */ struct netlbl_audit { - u32 secid; + struct lsm_export le; kuid_t loginuid; unsigned int sessionid; }; @@ -180,7 +180,7 @@ struct netlbl_lsm_catmap { * @attr.mls: MLS sensitivity label * @attr.mls.cat: MLS category bitmap * @attr.mls.lvl: MLS sensitivity level - * @attr.secid: LSM specific secid token + * @attr.le: LSM specific data * * Description: * This structure is used to pass security attributes between NetLabel and the @@ -215,7 +215,7 @@ struct netlbl_lsm_secattr { struct netlbl_lsm_catmap *cat; u32 lvl; } mls; - u32 secid; + struct lsm_export le; } attr; }; @@ -429,7 +429,7 @@ int netlbl_cfg_unlbl_static_add(struct net *net, const void *addr, const void *mask, u16 family, - u32 secid, + struct lsm_export *l, struct netlbl_audit *audit_info); int netlbl_cfg_unlbl_static_del(struct net *net, const char *dev_name, @@ -537,7 +537,7 @@ static inline int netlbl_cfg_unlbl_static_add(struct net *net, const void *addr, const void *mask, u16 family, - u32 secid, + struct lsm_export *l, struct netlbl_audit *audit_info) { return -ENOSYS; diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index f0165c5f376b..1defea2488b3 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c @@ -122,13 +122,16 @@ int cipso_v4_rbm_strictvalid = 1; * * 0 8 16 24 32 * +----------+----------+----------+----------+ - * | 10000000 | 00000110 | 32-bit secid value | + * | 10000000 | 00000110 | SELinux secid | * +----------+----------+----------+----------+ - * | in (host byte order)| + * | Smack secid | AppArmor secid | + * +----------+----------+----------+----------+ + * | LSM export flags | * +----------+----------+ * + * All secid and flag fields are in host byte order. */ -#define CIPSO_V4_TAG_LOC_BLEN 6 +#define CIPSO_V4_TAG_LOC_BLEN (2 + sizeof(struct lsm_export)) /* * Helper Functions @@ -1481,7 +1484,7 @@ static int cipso_v4_gentag_loc(const struct cipso_v4_doi *doi_def, buffer[0] = CIPSO_V4_TAG_LOCAL; buffer[1] = CIPSO_V4_TAG_LOC_BLEN; - *(u32 *)&buffer[2] = secattr->attr.secid; + memcpy(&buffer[2], &secattr->attr.le, sizeof(secattr->attr.le)); return CIPSO_V4_TAG_LOC_BLEN; } @@ -1501,7 +1504,7 @@ static int cipso_v4_parsetag_loc(const struct cipso_v4_doi *doi_def, const unsigned char *tag, struct netlbl_lsm_secattr *secattr) { - secattr->attr.secid = *(u32 *)&tag[2]; + memcpy(&secattr->attr.le, &tag[2], sizeof(secattr->attr.le)); secattr->flags |= NETLBL_SECATTR_SECID; return 0; diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index ee3e5b6471a6..849064422e0b 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c @@ -224,7 +224,7 @@ int netlbl_cfg_unlbl_static_add(struct net *net, const void *addr, const void *mask, u16 family, - u32 secid, + struct lsm_export *l, struct netlbl_audit *audit_info) { u32 addr_len; @@ -243,8 +243,7 @@ int netlbl_cfg_unlbl_static_add(struct net *net, } return netlbl_unlhsh_add(net, - dev_name, addr, mask, addr_len, - secid, audit_info); + dev_name, addr, mask, addr_len, l, audit_info); } /** diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 7f245d593c8f..f79ab91bf25e 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -80,7 +80,7 @@ struct netlbl_unlhsh_tbl { #define netlbl_unlhsh_addr4_entry(iter) \ container_of(iter, struct netlbl_unlhsh_addr4, list) struct netlbl_unlhsh_addr4 { - u32 secid; + struct lsm_export le; struct netlbl_af4list list; struct rcu_head rcu; @@ -88,7 +88,7 @@ struct netlbl_unlhsh_addr4 { #define netlbl_unlhsh_addr6_entry(iter) \ container_of(iter, struct netlbl_unlhsh_addr6, list) struct netlbl_unlhsh_addr6 { - u32 secid; + struct lsm_export le; struct netlbl_af6list list; struct rcu_head rcu; @@ -244,7 +244,7 @@ static struct netlbl_unlhsh_iface *netlbl_unlhsh_search_iface(int ifindex) static int netlbl_unlhsh_add_addr4(struct netlbl_unlhsh_iface *iface, const struct in_addr *addr, const struct in_addr *mask, - u32 secid) + struct lsm_export *l) { int ret_val; struct netlbl_unlhsh_addr4 *entry; @@ -256,7 +256,7 @@ static int netlbl_unlhsh_add_addr4(struct netlbl_unlhsh_iface *iface, entry->list.addr = addr->s_addr & mask->s_addr; entry->list.mask = mask->s_addr; entry->list.valid = 1; - entry->secid = secid; + entry->le = *l; spin_lock(&netlbl_unlhsh_lock); ret_val = netlbl_af4list_add(&entry->list, &iface->addr4_list); @@ -284,7 +284,7 @@ static int netlbl_unlhsh_add_addr4(struct netlbl_unlhsh_iface *iface, static int netlbl_unlhsh_add_addr6(struct netlbl_unlhsh_iface *iface, const struct in6_addr *addr, const struct in6_addr *mask, - u32 secid) + struct lsm_export *l) { int ret_val; struct netlbl_unlhsh_addr6 *entry; @@ -300,7 +300,7 @@ static int netlbl_unlhsh_add_addr6(struct netlbl_unlhsh_iface *iface, entry->list.addr.s6_addr32[3] &= mask->s6_addr32[3]; entry->list.mask = *mask; entry->list.valid = 1; - entry->secid = secid; + entry->le = *l; spin_lock(&netlbl_unlhsh_lock); ret_val = netlbl_af6list_add(&entry->list, &iface->addr6_list); @@ -379,7 +379,7 @@ int netlbl_unlhsh_add(struct net *net, const void *addr, const void *mask, u32 addr_len, - u32 secid, + struct lsm_export *l, struct netlbl_audit *audit_info) { int ret_val; @@ -389,7 +389,6 @@ int netlbl_unlhsh_add(struct net *net, struct audit_buffer *audit_buf = NULL; char *secctx = NULL; u32 secctx_len; - struct lsm_export le; if (addr_len != sizeof(struct in_addr) && addr_len != sizeof(struct in6_addr)) @@ -422,7 +421,7 @@ int netlbl_unlhsh_add(struct net *net, const struct in_addr *addr4 = addr; const struct in_addr *mask4 = mask; - ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, secid); + ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, l); if (audit_buf != NULL) netlbl_af4list_audit_addr(audit_buf, 1, dev_name, @@ -435,7 +434,7 @@ int netlbl_unlhsh_add(struct net *net, const struct in6_addr *addr6 = addr; const struct in6_addr *mask6 = mask; - ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, secid); + ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, l); if (audit_buf != NULL) netlbl_af6list_audit_addr(audit_buf, 1, dev_name, @@ -452,10 +451,7 @@ int netlbl_unlhsh_add(struct net *net, unlhsh_add_return: rcu_read_unlock(); if (audit_buf != NULL) { - lsm_export_to_all(&le, secid); - if (security_secid_to_secctx(&le, - &secctx, - &secctx_len) == 0) { + if (security_secid_to_secctx(l, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " sec_obj=%s", secctx); security_release_secctx(secctx, secctx_len); } @@ -490,7 +486,6 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, struct net_device *dev; char *secctx; u32 secctx_len; - struct lsm_export le; spin_lock(&netlbl_unlhsh_lock); list_entry = netlbl_af4list_remove(addr->s_addr, mask->s_addr, @@ -510,10 +505,8 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, addr->s_addr, mask->s_addr); if (dev != NULL) dev_put(dev); - if (entry != NULL) - lsm_export_to_all(&le, entry->secid); if (entry != NULL && - security_secid_to_secctx(&le, + security_secid_to_secctx(&entry->le, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " sec_obj=%s", secctx); security_release_secctx(secctx, secctx_len); @@ -555,7 +548,6 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, struct net_device *dev; char *secctx; u32 secctx_len; - struct lsm_export le; spin_lock(&netlbl_unlhsh_lock); list_entry = netlbl_af6list_remove(addr, mask, &iface->addr6_list); @@ -574,10 +566,8 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, addr, mask); if (dev != NULL) dev_put(dev); - if (entry != NULL) - lsm_export_to_all(&le, entry->secid); if (entry != NULL && - security_secid_to_secctx(&le, + security_secid_to_secctx(&entry->le, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " sec_obj=%s", secctx); security_release_secctx(secctx, secctx_len); @@ -903,7 +893,6 @@ static int netlbl_unlabel_staticadd(struct sk_buff *skb, void *addr; void *mask; u32 addr_len; - u32 secid; struct lsm_export le; struct netlbl_audit audit_info; @@ -932,9 +921,8 @@ static int netlbl_unlabel_staticadd(struct sk_buff *skb, if (ret_val != 0) return ret_val; - lsm_export_secid(&le, &secid); return netlbl_unlhsh_add(&init_net, - dev_name, addr, mask, addr_len, secid, + dev_name, addr, mask, addr_len, &le, &audit_info); } @@ -956,7 +944,6 @@ static int netlbl_unlabel_staticadddef(struct sk_buff *skb, void *addr; void *mask; u32 addr_len; - u32 secid; struct lsm_export le; struct netlbl_audit audit_info; @@ -983,10 +970,8 @@ static int netlbl_unlabel_staticadddef(struct sk_buff *skb, if (ret_val != 0) return ret_val; - lsm_export_secid(&le, &secid); return netlbl_unlhsh_add(&init_net, - NULL, addr, mask, addr_len, secid, - &audit_info); + NULL, addr, mask, addr_len, &le, &audit_info); } /** @@ -1097,10 +1082,9 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, struct netlbl_unlhsh_walk_arg *cb_arg = arg; struct net_device *dev; void *data; - u32 secid; char *secctx; u32 secctx_len; - struct lsm_export le; + struct lsm_export *lep; data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid, cb_arg->seq, &netlbl_unlabel_gnl_family, @@ -1138,7 +1122,7 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, if (ret_val != 0) goto list_cb_failure; - secid = addr4->secid; + lep = (struct lsm_export *)&addr4->le; } else { ret_val = nla_put_in6_addr(cb_arg->skb, NLBL_UNLABEL_A_IPV6ADDR, @@ -1152,11 +1136,10 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, if (ret_val != 0) goto list_cb_failure; - secid = addr6->secid; + lep = (struct lsm_export *)&addr6->le; } - lsm_export_to_all(&le, secid); - ret_val = security_secid_to_secctx(&le, &secctx, &secctx_len); + ret_val = security_secid_to_secctx(lep, &secctx, &secctx_len); if (ret_val != 0) goto list_cb_failure; ret_val = nla_put(cb_arg->skb, @@ -1501,26 +1484,30 @@ int netlbl_unlabel_getattr(const struct sk_buff *skb, case PF_INET: { struct iphdr *hdr4; struct netlbl_af4list *addr4; + struct lsm_export *lep; hdr4 = ip_hdr(skb); addr4 = netlbl_af4list_search(hdr4->saddr, &iface->addr4_list); if (addr4 == NULL) goto unlabel_getattr_nolabel; - secattr->attr.secid = netlbl_unlhsh_addr4_entry(addr4)->secid; + lep = &netlbl_unlhsh_addr4_entry(addr4)->le; + secattr->attr.le = *lep; break; } #if IS_ENABLED(CONFIG_IPV6) case PF_INET6: { struct ipv6hdr *hdr6; struct netlbl_af6list *addr6; + struct lsm_export *lep; hdr6 = ipv6_hdr(skb); addr6 = netlbl_af6list_search(&hdr6->saddr, &iface->addr6_list); if (addr6 == NULL) goto unlabel_getattr_nolabel; - secattr->attr.secid = netlbl_unlhsh_addr6_entry(addr6)->secid; + lep = &netlbl_unlhsh_addr6_entry(addr6)->le; + secattr->attr.le = *lep; break; } #endif /* IPv6 */ @@ -1554,13 +1541,11 @@ int __init netlbl_unlabel_defconf(void) int ret_val; struct netlbl_dom_map *entry; struct netlbl_audit audit_info; - struct lsm_export le; /* Only the kernel is allowed to call this function and the only time * it is called is at bootup before the audit subsystem is reporting * messages so don't worry to much about these values. */ - security_task_getsecid(current, &le); - lsm_export_secid(&le, &audit_info.secid); + security_task_getsecid(current, &audit_info.le); audit_info.loginuid = GLOBAL_ROOT_UID; audit_info.sessionid = 0; diff --git a/net/netlabel/netlabel_unlabeled.h b/net/netlabel/netlabel_unlabeled.h index 3a9e5dc9511b..0803f1e6e3c1 100644 --- a/net/netlabel/netlabel_unlabeled.h +++ b/net/netlabel/netlabel_unlabeled.h @@ -225,7 +225,7 @@ int netlbl_unlhsh_add(struct net *net, const void *addr, const void *mask, u32 addr_len, - u32 secid, + struct lsm_export *l, struct netlbl_audit *audit_info); int netlbl_unlhsh_remove(struct net *net, const char *dev_name, diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 1079cdea872c..2cc96305c841 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -100,7 +100,6 @@ struct audit_buffer *netlbl_audit_start_common(int type, struct audit_buffer *audit_buf; char *secctx; u32 secctx_len; - struct lsm_export le; if (audit_enabled == AUDIT_OFF) return NULL; @@ -113,9 +112,9 @@ struct audit_buffer *netlbl_audit_start_common(int type, from_kuid(&init_user_ns, audit_info->loginuid), audit_info->sessionid); - lsm_export_to_all(&le, audit_info->secid); - if (audit_info->secid != 0 && - security_secid_to_secctx(&le, &secctx, &secctx_len) == 0) { + if (lsm_export_any(&audit_info->le) && + security_secid_to_secctx(&audit_info->le, &secctx, + &secctx_len) == 0) { audit_log_format(audit_buf, " subj=%s", secctx); security_release_secctx(secctx, secctx_len); } diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h index 2dbc4276bdcc..ee73711e0756 100644 --- a/net/netlabel/netlabel_user.h +++ b/net/netlabel/netlabel_user.h @@ -48,10 +48,7 @@ static inline void netlbl_netlink_auditinfo(struct sk_buff *skb, struct netlbl_audit *audit_info) { - struct lsm_export le; - - security_task_getsecid(current, &le); - lsm_export_secid(&le, &audit_info->secid); + security_task_getsecid(current, &audit_info->le); audit_info->loginuid = audit_get_loginuid(current); audit_info->sessionid = audit_get_sessionid(current); } diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index c40914a157b7..4bbd50237a8a 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c @@ -122,7 +122,7 @@ static struct netlbl_lsm_secattr *selinux_netlbl_sock_getattr( return NULL; if ((secattr->flags & NETLBL_SECATTR_SECID) && - (secattr->attr.secid == sid)) + (secattr->attr.le.selinux == sid)) return secattr; return NULL; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 626b877363fb..8a197b387056 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3596,8 +3596,9 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, if (secattr->flags & NETLBL_SECATTR_CACHE) *sid = *(u32 *)secattr->cache->data; - else if (secattr->flags & NETLBL_SECATTR_SECID) - *sid = secattr->attr.secid; + else if (secattr->flags & NETLBL_SECATTR_SECID && + (secattr->attr.le.flags & LSM_EXPORT_SELINUX)) + *sid = secattr->attr.le.selinux; else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) { rc = -EIDRM; ctx = sidtab_search(sidtab, SECINITSID_NETMSG); @@ -3670,7 +3671,9 @@ int security_netlbl_sid_to_secattr(struct selinux_state *state, if (secattr->domain == NULL) goto out; - secattr->attr.secid = sid; + lsm_export_init(&secattr->attr.le); + secattr->attr.le.flags = LSM_EXPORT_SELINUX; + secattr->attr.le.selinux = sid; secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID; mls_export_netlbl_lvl(policydb, ctx, secattr); rc = mls_export_netlbl_cat(policydb, ctx, secattr); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index ecd636e5c75c..38ea48d22547 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3756,11 +3756,12 @@ static struct smack_known *smack_from_secattr(struct netlbl_lsm_secattr *sap, return &smack_known_web; return &smack_known_star; } - if ((sap->flags & NETLBL_SECATTR_SECID) != 0) + if ((sap->flags & NETLBL_SECATTR_SECID) != 0 && + (sap->attr.le.flags & LSM_EXPORT_SMACK)) /* * Looks like a fallback, which gives us a secid. */ - return smack_from_secid(sap->attr.secid); + return smack_from_secid(sap->attr.le.smack); /* * Without guidance regarding the smack value * for the packet fall back on the network diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index faf2ea3968b3..28c567465f6c 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -197,7 +197,8 @@ static void smk_netlabel_audit_set(struct netlbl_audit *nap) nap->loginuid = audit_get_loginuid(current); nap->sessionid = audit_get_sessionid(current); - nap->secid = skp->smk_secid; + nap->le.flags = LSM_EXPORT_SMACK; + nap->le.smack = skp->smk_secid; } /* @@ -1150,6 +1151,7 @@ static void smk_net4addr_insert(struct smk_net4addr *new) static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { + struct lsm_export le; struct smk_net4addr *snp; struct sockaddr_in newname; char *smack; @@ -1281,10 +1283,14 @@ static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, * this host so that incoming packets get labeled. * but only if we didn't get the special CIPSO option */ - if (rc == 0 && skp != NULL) + if (rc == 0 && skp != NULL) { + lsm_export_init(&le); + le.flags = LSM_EXPORT_SMACK; + le.smack = snp->smk_label->smk_secid; rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, &snp->smk_host, &snp->smk_mask, PF_INET, - snp->smk_label->smk_secid, &audit_info); + &le, &audit_info); + } if (rc == 0) rc = count; From patchwork Fri Apr 19 00:45:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908395 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9E2EA1932 for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9040C28B9C for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 84BBF28B8F; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3475D28CA9 for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726871AbfDSArl (ORCPT ); Thu, 18 Apr 2019 20:47:41 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:46774 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726874AbfDSArl (ORCPT ); Thu, 18 Apr 2019 20:47:41 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634859; bh=gEWZCQzFlqcooAYwsHr2Nt701eG0L+I40RIrEVg4i3g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=It4wecjRGLhJBRQNb1T9OEYBbtNq50nI3iOsL+welBxx37m8t8HrctVsMSOJR/ya0ThT+5pONC9JB1aCwOI9i6gr6YBM7tocADoLMjxRlEJnCPD9m0tZ4K5YNSl0nVEz2PtOOGhpFXoOG9O1jxHAsXxBe4KHkldtnY7LCxKtVP2TPtVO8wIkHqeQ4jpxE+SnObDBW2k8+0G960io5HvfH9r9Tr3e22DAVFze+Rup4N0iaHn23fYsrlhI3DAZ5C8FTGuYN9mch39vmYg7zaMsh2F/JnZ0ZdBsuOz2F6FNa4JaGGwWfPbAAeCLGc2e6bpMxrDYdyR6d2C68onK/3pYmA== X-YMail-OSG: sF14p58VM1lEXulwth_pfgFyi1eHGhh3wD1GweDjGm1X.UADS3ej0eLb1.O8dKk X2N3GQB7y24SKTH5SSRTjnDZsK3OVCq4AY0e7Db8z6EjrL35wnaaOPlfs9FqR7gHkjvxntwjQ2Qr cND5AGn3LsH29NKc4xIwpA3042WN2l7jWEjq2WBWWAvikRK1IkrM5SpIR5Ifw6bVCsH79zUY.QgG GsJw4vdsIIvYyQdYQMZtKYM9CGNERcXI5CegAwrCr35L4S43gk9odUI0_Cqr4cdrE874X3suECMJ 33exIKQ6bJr_F8kbwIreHDZhG0MQPvR89.yjEQJ34.ol2vjvQLfLvqYZiQGLkRo1EcqIZnHFZ8kx pDel4MIhoKcHnS1H0zDlv7AJxV1hT2MnYxqqwDfKhG2yBdoNeT2jSApvjLyg1hvNxwsYlj0jn3bg 6b.CzVocbHuRAvS2nMLhyRu3vSv4AEReBDa7CfG3rpWscYaRvxgnBDthsnVT20drVAbNxPAyT7no W9pAkPpGO2ba1sX35fT7__g2TjyR1h6IJi_drluWkYm3XrbBXbXV35qpL0ziUeV6xVSieNVzzpq0 lCmHUx8ESCMOZ.k9D483_OsCGemidbj.fUHfUX2Kv2O0G3u.ItCVuggtVDPNFqhN0oc87sIklK_M PW7mQxhUsA2Qs7JIpx2Rl.6O6LzA0sOlTWSO_bb4gUSXCzKVum9qNwJ_RDZYzpglXzzD4O_pP8er Wa_bIrdgKwMJYeYumkWvJXaML_xNPKtBY1BwHcqKM.pyzB426Cf.vpjLc7BTDsxwueJ4O6fsVbSC 93lBjXX1RXlztpMmx8kZpKWFZJzgSo49c5BWvPk6vO1b116F2CRHefKVuSiQqrCE_DC.HTAbToP7 dYkXzidR16k6sBbtJERIiWQT5FmexVYQlq1lr0nEtEIIlkLw898R9f.z1l1SdmtD86BxGjisjchM M3uXziEZqn7d9f8lyohBehPL8Nv8fvX4Of2uyRdzRTpJwuzhkFqQJp5miNXAWyw9O_7UFI4qnnKp X.pG6QbDiXekcl3H.7CxWdKzhqFAQZwt5ELEQIHwG.C02TQaKPKWaDBNxQj0OdqalOY9yZlFgtgm 5xGfAuY3bO3.EgJkLvHOojUUu8bOQP8J5EXGOKGBRbPcEy8yty7w_e8Lp_k9ofLiC6dQUEVCHfvX GDYgXH5JBNxn2ZQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:39 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 3136423b19635411d73e92b6945decf9; Fri, 19 Apr 2019 00:47:34 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 32/90] LSM: Remove lsm_export scaffolding functions Date: Thu, 18 Apr 2019 17:45:19 -0700 Message-Id: <20190419004617.64627-33-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The scaffolding functions lsm_export_secid and lsm_export_to_all are no longer required. Remove them. Signed-off-by: Casey Schaufler --- include/linux/security.h | 43 ---------------------------------------- 1 file changed, 43 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 9d8115b3d679..dde36e850cf0 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -116,49 +116,6 @@ static inline bool lsm_export_equal(struct lsm_export *l, struct lsm_export *m) return true; } -/** - * lsm_export_secid - pull the useful secid out of a lsm_export - * @data: the containing data structure - * @secid: where to put the one that matters. - * - * Shim that will disappear when all lsm_export conversions are done. - */ -static inline void lsm_export_secid(struct lsm_export *data, u32 *secid) -{ - switch (data->flags) { - case LSM_EXPORT_NONE: - *secid = 0; - break; - case LSM_EXPORT_SELINUX: - *secid = data->selinux; - break; - case LSM_EXPORT_SMACK: - *secid = data->smack; - break; - case LSM_EXPORT_APPARMOR: - *secid = data->apparmor; - break; - case LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | LSM_EXPORT_APPARMOR: - /* For scaffolding only */ - *secid = data->selinux; - break; - default: - pr_warn("%s flags=0x%u - not a valid set\n", __func__, - data->flags); - *secid = 0; - break; - } -} - -static inline void lsm_export_to_all(struct lsm_export *data, u32 secid) -{ - data->selinux = secid; - data->smack = secid; - data->apparmor = secid; - data->flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | - LSM_EXPORT_APPARMOR; -} - /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts); From patchwork Fri Apr 19 00:45:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908387 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E3FA117E0 for ; Fri, 19 Apr 2019 00:47:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D5A1428B8F for ; Fri, 19 Apr 2019 00:47:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CA2F128B9F; Fri, 19 Apr 2019 00:47:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7967228B8F for ; Fri, 19 Apr 2019 00:47:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726877AbfDSArl (ORCPT ); Thu, 18 Apr 2019 20:47:41 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:44871 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726861AbfDSArk (ORCPT ); Thu, 18 Apr 2019 20:47:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634859; bh=cOt9caKD/749IXNAg082OZdZ8wyzsShJ6Dne6L26IXA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=uRyPxd9qN/HkJ3f3nrrFvg5L3F18r9Sg6RA5GvMDf2zc7n2pyhSlniG9DTtbOTGuUknp7LzDjzNbwPec6lpXmK2K8h0ZMpJU0sIRlzbChbbNwa50FAciZPPV++ZuWxW6t1qLkPyijPwCRV27HTjIvA/f9CQGrb4PVhK20jeZuYmJRWiCqdeJg2nSognfpZHR1eG1BfqfT0pGwb879dXzvtw7hj+s0+ZxMRIbG/FHVfEXbVlN4XaheTciRgUYGBfN0wxL7BviXIlaxk78HAT2XaRF+lCkBeMfyikqjn0ADUtI5g6CRP2vzBBKN+bGgS+aBr5Vk991n7um8hHGfjN8XA== X-YMail-OSG: 35uvrLsVM1lh_5J1R1gzqyXXxW4rJKZZ99ACDN3_kFk2OLOCcDuQy4Vze9aSAnQ rKLoQHnCGqtBPbF.nI789TIFcoNyO3SpzdsJeM3moml9vK4DM5vKYL6GUAItrLDNz2jse9cLBplT pAHHuRiYlAjI7jJtB4ITjgmcvEqknj2VlWrf6jUDCouKanSbVzVykfE2EvcYuIgYIJ5q9upJqIAy Yn6v03Sjh3foaFb8tTKjZvWs1D57b53kcvQL0I9ldjiATEw2x_IrHuLEYFCPUb4E0hvsM.4rlZlf cKe4pO9BTwybqjDBLYOUem1O2xi3_iF41wbsG49l48.oeNL7l2LIfv_Vn4ZpUmDFwET2kw.NeJ09 8vZf_zfz8_vI5KYlIGBb.N_aG88tBvE5i7ObagCm5BM7xI8MEMjI.z6DUwABJYcrXI7PenKxE2L6 pp3_pMdbLIjvTraX7DyzcDsRYwC.OdcnT_mnSALUWMjCiv754ehI7aoytGnS2KQjpnlgpBislZlA sSI_yTnPFirkbWfWDrhjjRCINzuuNXHXwaBhK9SnnVB0vybTItejuXbN7SyN1XCYBBfdj82uSOoE zNkmZ22JoEAWVfNAbQXwqtbN7LDkm0eM.CYtJcoiJ4pcJLl5gWJ1oUTaF0znLbargv0LfTdIWzuz hetps5gF62dixw8keE9KWWxTWysQGTnId1Lk___4m6KwJCnkSmXRO2btFj6X08g6MnTNo5g2Hl5Q XQEtgLQBMKO6GxTSnGZ.wM85Yt0VaCtTR2bA7TZ1lBoMMYImnB0PYdkSpf1F5F_iBvZ3lZk8thW6 53z.pYmOMPHkPHPI8euk634cCWWYFFs5phFWNjwbrgWjNbUQ96kGzr..XcBfvCs9E9PKSJehqaoq bc0E8ZpQj9DcYbCJCBEVpuENvH5D30mM17qR5FgED2xrwHscTc2vDbHMAaXf2EKFDQDtTvWZrUE8 CEj29IBZevU_FfhonRsgr1kbqGgyWLYiRzdqlaKizFx8L0DwgAUf0LovHcwmqVik3kTq9SMkryyz F0AwDCisCHzJOZPLbYCqBOuiAiZHppdTF5Usv3j2cUUDrDxEHZmH_.zMBxdFTlOkOwegz69j1SHr nejnv1Jx3ZHZHhtkovVryNqdX09SS9QLXjGPG1n4fNinOV6k0rvpGv.FMDswaPD8wezc6E5ee7FY RrlmZwdRHJo1v4Q-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:39 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 3136423b19635411d73e92b6945decf9; Fri, 19 Apr 2019 00:47:35 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 33/90] IMA: FIXUP prototype using lsm_export Date: Thu, 18 Apr 2019 17:45:20 -0700 Message-Id: <20190419004617.64627-34-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Fix the prototype on a function stub Signed-off-by: Casey Schaufler --- security/integrity/ima/ima.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 8b109ad0de2e..7ae41218eb07 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -309,8 +309,8 @@ static inline int security_filter_rule_init(u32 field, u32 op, char *rulestr, return -EINVAL; } -static inline int security_filter_rule_match(u32 secid, u32 field, u32 op, - void *lsmrule) +static inline int security_filter_rule_match(struct lsm_export *l, u32 field, + u32 op, void *lsmrule) { return -EINVAL; } From patchwork Fri Apr 19 00:45:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908389 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4392A1515 for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2E66428B1F for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 22F1028B9D; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C69A028B1F for ; Fri, 19 Apr 2019 00:47:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726069AbfDSArl (ORCPT ); Thu, 18 Apr 2019 20:47:41 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:36193 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726862AbfDSArk (ORCPT ); Thu, 18 Apr 2019 20:47:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634859; bh=XFEQORQN/Rrt9xNIMHTY8NF01S7CWObpcTiWCO3b0pw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=bTA3a3SwmozGfpls9EtgEbCOyghTeMsz4AEaJ1fw6qIExxK1tKjXH3XI/Fq5uQMNrOVQLV0eNTIACjNeId9bQ6WX6t/3DoAM6xay/3zl+v1yC7z1qGC6pKO6Q90orG9/3OxVAQqkrksfs/cAtVmyrhOqNLsV0EfymilxH1QqO3eaZcXv/4K2AlS6wTgH0D3HRYxIiY9193B4J7UL4gfbqLmAFlfKDWPrhjiJir7OIhvmA9O/M7sfIh9L20zaNepR526l4C/Ol13yHMCfPEwSqkAq8zo0u2fD/Fj2cCWVtDH11JhMfJifuflkE2v2saN/PEYLIjFEhs6n3Yd1VY/tCQ== X-YMail-OSG: GJXHARYVM1l0C0XtOK51jlK1JyNeMVs8EHtqEkTSI5.IqkCDjFarTR4jL42ZHrg d8262WxaL2kWckPMCq0ylDhghMzuR2OjWGfUzB0C11bE68TsqsiiBHSk_lmzekcgtrS1PLevIJQ5 _jOltIyZUIzPTBfoZMrOlgBm__eH25VfaBbkv76U7gG_zh4ceky3aiItt2juCjx4EkY8fRmpU9HT ZGyYH4iVdIy5WYWp1eyKkos96aj8WXcc6mHkVZsopU4IUwyCZ5SUFxQN8MpPwhxpm9uvtL26ZOzn 0lS1SfxYlmm4DYH9H7GiMCa6zjBYRZaEcJqJSlVCY.jOKKJf3LOznbBc.gQU1wGggwPOjGcM3jYf bEssGTp9pxh4iz5tQuCaHBYiIjOqRwHF_aHQ.hZBSAGY0sIj3osK1VAEUq1l9j_9MkB_tJQQ_jOy _srGa_qbY0PHdX15n0vqS4qxEJ.nARFngmSNFCN44_sNueRH82I1mnXYvqqpOBpCkVscjdaF1f4r 68q8xD.s7cgI17StbTwOaUR0AvcDnUz8.VwuUo3z8VUlejngvuD9owxKYfxGBbeODMTCyrmfcE_x yGrBORSqkCa5e0p247E6H7s5alLk5iZsCgGR3MBhYcwdOjbu99GJt0acZkc.6vWfbb0od68A_m6b vfwemeZcf_xF8hxH.VvZxcrMjMQSFrKATAZHOSWA0M1D3zZ3_5fc6U54IyXUkSYc6wVoynn2uwL. wRlEUkb86Lz3rhDd2BymbXFrd53n5LBU7QptM2oawQZYdrrr3yt6at2YQbYXQLe4bPj.8MJW7mKw h6y5myFPb4901yiqayITYka0VzUJ5NJizyFnfic3E3yBsVoXm8aIarwWx.QRd56zFO26d8_LQUpm wKwYmjJSUAeOLMb83noZfg4EA0L.snwBvJ7hAV2vWmvIsOCxJiDa2ngbEy81J7zrASnoTUcIoXIa YbLYMOEgFTvSH0u.dlmBVJ.GQO9sSsmXQo3JTJ25S0tK453UhKDpv8PJvemqzFakvQFYFi7KsQpG bd49fzonQD7OYX7Dq3YhkkIf38k1yR.yRb5fcQkAIWJ3wMTps6vm_knDAeOkYF_VTW75eIXWYFXA vo3IuPiA24iIVp8f3x_FihIDVzMSet944UW23cjMEXe72XC4nkkZ0XDTez10nkagrEamg9zVySmj EBd72rIPdU6F0 Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:39 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp416.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 3136423b19635411d73e92b6945decf9; Fri, 19 Apr 2019 00:47:36 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 34/90] Smack: Restore the release_secctx hook Date: Thu, 18 Apr 2019 17:45:21 -0700 Message-Id: <20190419004617.64627-35-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The secid_to_secctx() hook has to be balanced with a release_secctx hook for stacking. This hook does nothing. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 38ea48d22547..a837af153ed9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4470,10 +4470,11 @@ static int smack_secctx_to_secid(const char *secdata, u32 seclen, } /* - * There used to be a smack_release_secctx hook - * that did nothing back when hooks were in a vector. - * Now that there's a list such a hook adds cost. + * There smack_release_secctx hook does nothing */ +static void smack_release_secctx(char *secdata, u32 seclen) +{ +} static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) { @@ -4713,6 +4714,7 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), + LSM_HOOK_INIT(release_secctx, smack_release_secctx), LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx), From patchwork Fri Apr 19 00:45:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908397 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 38CDF922 for ; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 258C728B8F for ; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1A50C28B9F; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B5D2C28B8F for ; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725939AbfDSArq (ORCPT ); Thu, 18 Apr 2019 20:47:46 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:45076 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726853AbfDSArp (ORCPT ); Thu, 18 Apr 2019 20:47:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634864; bh=VEDYIM3R1NMqedNbn6scDMcxUUfpt0y9Ccbwl5mHx6o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=fOeqevvMPv7pjLmpfcQal/at3X86AUsA5xAZZ1njeXPE1wlW9pyIB9/9paJhQTlpo/NURJkXYEZ9qLQnyJNkL4vtsW8gMFXmPjXJJhK9KdHoo2Pg/mXmXUykmAEEq5q/iZzYtij4zucR0MyS82JjgqybxwnkV5mhX1psiFzqD/CP7bh2331E7srFWN1VdJJdouEKgThEzFzsOawEuuBthpVcSs2ZtusNIFz9NkJffBHzADoSxZHE6BhVNaFLF1TPzRA57LMQ79oIQqi+mcB+CnQ13ZPrpGmTu7rTxrVa26DZEpj7ob1lZd9G2keFO0O2r+IrxvqHRAwdfdXcmFi3WA== X-YMail-OSG: RpaJTzgVM1n3Q4v9gZHV17NdXQaVX195ckS6GfPsG8FdcldaAC5aQhjKve_1BPF ieX9KtTJXO3wrlVy55iWGcM_0.3jy8V5QcCAFXXrUfsMArjsy_dYrJ868wY4KxfZ_rTP989n9gbA EaOv9PPjfh7XLqsvFInBeJNClPgYYhKvGHC6MqRqo.5n6PB6owJluZilpachmIkwQU5MNT_wm5Vz jM_5.kwGZWpARfVa2R.wmz5WjzDjJhlRuetPU06BCuxo6zv7iXgIluNeIsMKAloIgTCRVNn_rvLC 1SP6Ht9rTbcGfQ5.POjDqZRe7o6InsRe5x4nmrkhONUIDvc_bxng9F9FvkwQP6qJ0UOmlgf_N.5t Y5K6u1tSe2x6_qtAjYLzFuK.EfSi_vAtuSB16UdOSsHDWm7p_qeyyRgHrzM0ZgNivs.XFTeYKJRf n.Hy_RJCZmvTymtFDEC02cd6UZFoFJXlX2JuG8Rylxca7EllcrTMEY_BPzyOQg3d7A4hifY1RjTM EBvQLVtjp8fVtzR6kow_EGWUNtszDqWC6nEbBn6EFfX8I3L7N_zVLcQjGHh9DDBqENYC3F6tTjku .Fg1Zv7QgWCT1GMzNnTGX3qPbor968hDiuDEMtlJNhqtJOz4FA9WnOD8UhzGSNJC4ecc1_K5r1Ek HRoca4kYGpnWNWCe2IV8Ao5Ylph77P0ikPXDOhboBR96ylp4T4OM2TLJ5QFCoeJVVPgCo0SdamQt 5uvZqdj.26iW7tp8.qPZ6adaLqsRwbpQD1FFjcl6WnsmcgjCDE0vBmtLba0YDwbj9_UE20GqstP. dfRKcML6uIW1JwgC6Wc3ylKF.sVMssLA2qVc7wu45oTtSaRoCCAro.orngcPtehSRlqHHmtqCuBi 5fsqhlmCnFW4wIIPyKiBshbaXFxe_E4MNnoIdnDKaUpOd1uKK3mF3Faw70c5L.1QyD7x.Q4rj5k0 PSkmIWsPznSK3hFfZ7l5WZgzV_LBQD.wS.UKjkSSJq4m8rdXS9VgisUSPfJWJMFcOo8ooyZEWDvQ gFFHUE6lSK2pZhOd8zoadjzbMnbyzds4PUNJRvleA.mwifJiqGymfCtryLu6AVztsiWwOeQIZpeV xJ8LFn6QuxETIH9zjnmr7XUgxnNwDwiS6vwfTfxNebejaHvGSYM3j3G9o7W7SHKi4Awr_SzNrZif Iry.kfj36Gfrs Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:44 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID be9fa3e2c75d2b77c1de47e4a712b0c9; Fri, 19 Apr 2019 00:47:44 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 35/90] AppArmor: Remove unnecessary hook stub Date: Thu, 18 Apr 2019 17:45:22 -0700 Message-Id: <20190419004617.64627-36-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Remove the getpeersec_dgram hook stub. It's unnecessary and disrupts stacking. Signed-off-by: Casey Schaufler --- security/apparmor/lsm.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 24b638bd4305..76c409737370 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1094,15 +1094,9 @@ static int apparmor_socket_getpeersec_stream(struct socket *sock, * @secid: pointer to where to put the secid of the packet * * Sets the netlabel socket state on sk from parent + * + * The TODO stub interfered with stacking and was removed - Casey */ -static int apparmor_socket_getpeersec_dgram(struct socket *sock, - struct sk_buff *skb, - struct lsm_export *l) - -{ - /* TODO: requires secid support */ - return -ENOPROTOOPT; -} /** * apparmor_sock_graft - Initialize newly created socket @@ -1202,8 +1196,6 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { #endif LSM_HOOK_INIT(socket_getpeersec_stream, apparmor_socket_getpeersec_stream), - LSM_HOOK_INIT(socket_getpeersec_dgram, - apparmor_socket_getpeersec_dgram), LSM_HOOK_INIT(sock_graft, apparmor_sock_graft), #ifdef CONFIG_NETWORK_SECMARK LSM_HOOK_INIT(inet_conn_request, apparmor_inet_conn_request), From patchwork Fri Apr 19 00:45:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908411 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 39C131515 for ; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2AFFF28B8F for ; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1FB2628B91; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BF7ED28B9F for ; Fri, 19 Apr 2019 00:47:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726853AbfDSArv (ORCPT ); Thu, 18 Apr 2019 20:47:51 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:41839 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726880AbfDSArv (ORCPT ); Thu, 18 Apr 2019 20:47:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634869; bh=zfBzq44MmcEq1Uo3O/oH4Lkcr97+L8XoyMvRBXLr+Uw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=ssbVzyrlOMAmgPnftSg/VwIgatVRSd5Mtx0qhIWi+YH2nBzYNZi6ZI7xXAwAzQLIvkSG6GzQVM2www4b1C0ynolA1wjHNk1VzBoh6LWco+zTEHzwo9/JfBoFu6YYBEUYXxfPHcYqDp5Ez6XZNUa7b2ay1CGs3UR1kG01AdyWbOaXz8lTfronzyxxpTuvA1o/zcddvoJvWzMcclteUKk8uTWhE6/J0wnKhZ8vnRYxMjxla3pyPp+KM7eDux3ACx/pfsYBpn7nk+4QuBHyKkyywan1rAUfU4bDq6UtvHJQKBrx/GZnssZFPcSZBXPuPPlMY+lEBdeISPu4/BQPI7BWqw== X-YMail-OSG: qS..ymsVM1k4w.KLqY1gDMfLIR8mKYGKHfr8n5ATn7suv5iFEK.RTvScvTyezJg Lqpta7viIqILvaAU0hH9F5NjNAJTnzVXbOGsXaQTQV5fOmJCYQ6S7GycEOQZ.wqiANlXotAYDFPk 2xsRFlN5AN_vzhp7R_2.TUOyOVv4uG3P81kHoT_sQkAnBZnG4AQnB9O_ismHemjDv_MV8Zl9cD84 qQemRHru5cKnHQg10I1p7OSQjKDNGsMcb9hrp3ndXoTt_8_AJ110EjRF3RxFuNt0z7QpWM6NVIWN xCmG7CI_EO8mzjagmOtA_NrqgHR8iLc2S6I_SRlg8thLTzSoP32pM_5QuUO7FNreI5FKeLIBoLma 82YaArEOUQDzgBKFz1K8QPq5pDLttkBA6SJjw9dpWmhiLxE.hogen3A14JyFjrjInh9ie49VU_Ap FoJW5YE6KcFhNtDtsYmJg8qG_JMDUhTxETfA3Rxwz4Oyv6o2Es6.uetUvYxLpozkM0o40BcRbRWP x0_yUtV0LWW1AMtkS4pS_TFSmAX6QI9we41wqgPZL5f_CeKXkYKt8axAZJp7RlBfQPTtt_TfewC3 cJ.WDOSNAbrYNAZONGxE0DNZakMnSafVikPDTs._2J6zg2jeT7GeOnkC7T5qPGEX0ZFfiYtx1aR_ qoqQ6pya00qd28XxTp3FOOXv.iZ4pgOo849ZcCLEXnMwjdv38d_jfKMac0oT3Ai0EOyf7ZuxIpjl tWCQH8m8tq0DZ8vF93AZZtZEts.EU9.UPDk_LQ2wh5PdiXEpFztA1ctfgiM.vQ0mv4sUhOThGszj y9fSbf_zpp_F8uXHuXxy7jS13xYFY4vjz6iit2D.XmH4pQH34PBXKxLntKL9hGvjAA8jA9uA0LWl YYJIfCWPxr0WnzNo0us_zzDCAQWBlWUlcw17at5vfpN6ipp.VBOoVLNYik7TIgsDoQMn_uEkfaTR mAjUWp6fk481meUk5Z1tiNnIwPBzYi_f41oiTh2hwpxT3iirksHP0wTcYAryvbRtw7t_.mEXGdhq f5StFpQumlpaFdQzI.gOSZvhkJxlu2JuSXeytY6fMcQITqKvbIMJR.JnobV7MNvb17cV9NTD3jW. QdoqTbc6CpevCykcz9QenEGG7O66scc_in1DQDx19IUE86bZF_JuVXhR_Es1QoKVz8MIb3j3Bm.R Hxmet1yRI.45k Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:49 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID be9fa3e2c75d2b77c1de47e4a712b0c9; Fri, 19 Apr 2019 00:47:45 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 36/90] LSM: Limit calls to certain module hooks Date: Thu, 18 Apr 2019 17:45:23 -0700 Message-Id: <20190419004617.64627-37-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP LSM hooks dealing with security context strings should only be called for one security module. Add call macros that invoke a single module hook and us in for those cases. Signed-off-by: Casey Schaufler --- security/security.c | 32 ++++++++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/security/security.c b/security/security.c index 69983ad68233..365970f2501d 100644 --- a/security/security.c +++ b/security/security.c @@ -698,6 +698,16 @@ int lsm_superblock_alloc(struct super_block *sb) P->hook.FUNC(__VA_ARGS__); \ } while (0) +#define call_one_void_hook(FUNC, ...) \ + do { \ + struct security_hook_list *P; \ + \ + hlist_for_each_entry(P, &security_hook_heads.FUNC, list) { \ + P->hook.FUNC(__VA_ARGS__); \ + break; \ + } \ + } while (0) + #define call_int_hook(FUNC, IRC, ...) ({ \ int RC = IRC; \ do { \ @@ -712,6 +722,19 @@ int lsm_superblock_alloc(struct super_block *sb) RC; \ }) +#define call_one_int_hook(FUNC, IRC, ...) ({ \ + int RC = IRC; \ + do { \ + struct security_hook_list *P; \ + \ + hlist_for_each_entry(P, &security_hook_heads.FUNC, list) { \ + RC = P->hook.FUNC(__VA_ARGS__); \ + break; \ + } \ + } while (0); \ + RC; \ +}) + /* Security operations */ int security_binder_set_context_mgr(struct task_struct *mgr) @@ -1951,7 +1974,8 @@ EXPORT_SYMBOL(security_ismaclabel); int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) { - return call_int_hook(secid_to_secctx, -EOPNOTSUPP, l, secdata, seclen); + return call_one_int_hook(secid_to_secctx, -EOPNOTSUPP, l, secdata, + seclen); } EXPORT_SYMBOL(security_secid_to_secctx); @@ -1959,13 +1983,13 @@ int security_secctx_to_secid(const char *secdata, u32 seclen, struct lsm_export *l) { lsm_export_init(l); - return call_int_hook(secctx_to_secid, 0, secdata, seclen, l); + return call_one_int_hook(secctx_to_secid, 0, secdata, seclen, l); } EXPORT_SYMBOL(security_secctx_to_secid); void security_release_secctx(char *secdata, u32 seclen) { - call_void_hook(release_secctx, secdata, seclen); + call_one_void_hook(release_secctx, secdata, seclen); } EXPORT_SYMBOL(security_release_secctx); @@ -2090,7 +2114,7 @@ EXPORT_SYMBOL(security_sock_rcv_skb); int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, int __user *optlen, unsigned len) { - return call_int_hook(socket_getpeersec_stream, -ENOPROTOOPT, sock, + return call_one_int_hook(socket_getpeersec_stream, -ENOPROTOOPT, sock, optval, optlen, len); } From patchwork Fri Apr 19 00:45:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908409 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E4659922 for ; Fri, 19 Apr 2019 00:47:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D62FC28B8F for ; Fri, 19 Apr 2019 00:47:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CA7EA28B9D; Fri, 19 Apr 2019 00:47:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 84CB328B8F for ; Fri, 19 Apr 2019 00:47:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726694AbfDSArv (ORCPT ); Thu, 18 Apr 2019 20:47:51 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:38010 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726853AbfDSAru (ORCPT ); Thu, 18 Apr 2019 20:47:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634869; bh=K172cq+NB5Z0YjmWFKPzhzudN0HRFKrT7HKe6u3/BmU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=nzXD2+bQYO38xu7UgLFdGGf5SKMTtTleMNNLsVp9dDFoUiFW+pHv1UZefZcQ1TsexhfmAKpxHK9u/FmXJ9P38Jhk1bD63/+QdAv2Duk6SKeziqJYJhLtLOvtwVO4D1mqmyt6WF99RKc+HOT6LX3mxNCN4vP1ulho7xw5KWAGDc8S/2I7rHeCBD/nE/qFRZxPgoldAX7dz7FM0RZRNQCMclm6giI9AT4z1Pv9X8XDoPUkxiPG7oFRI5p8b3KPrsu9hq2DYbBWRYdKwF7TLaMcbzKM+WI5+3rtBmIakY8d3ztmafOeZpldqxaToOne/KRYz51fhIw3ZMaYsNf8vAVKyg== X-YMail-OSG: nVWlN8MVM1lXi26I7SMPXh4.OfuxbipT9ucHFBbN78c0AtljGj0glW.FDD_Nhv9 L27zALGry.cfYWWhsQieZznzXRLFvXYKAZVFVbBcICCy_9Zcd6P9B1LRTTiuNdMv.zGWT8xcnj5P d6Q8VxDhZ2_CBsrGqSXSh2filGnY6QPx2UomnRCARReuotLdrEtK1w6bsf7G5Sbth6Wf8EweW2jT GggAvOU_I92CUhVDyEEJlCdGNxa6gSkHXe5d0CxDDL8iiry1UCOnUT0GNDTS6Svu4IzlYo1_.Owp xlFhMB6CnHOeV6RWBEP2BnrNXpkgyvMy0jn7ClIFoz6tWptTWmg0P6C629bEa9r4o.88xBdTJD1j 80RfY3naRLHqedob66UA66V9lacdj0pV_7tBWcJOiyqHUCkycezjqr4_xeO00pJZnj2Igk3ceOVC R.ZUY3biBIG_jseaktehJfwEN_A1Ed5NzNPCSt9VAxhBFJYgwnAqG4IqImB4.ZC8z1w0uT4f6CE_ JpNPIojsBX3OSHrysgO0l40OMposGejKC7smHXvx.2rc4..crEXZES6OnBEWaX1THv9YSg0t1C6I UrkhpirdvBT.xx7y3L_19a3zzHj8B_WVw_UXYqGfVd.ExdVVW3NYND607VnoYc9SW1cqWuCZk5FJ nA_Q_7DjVdaFbjtfdaZK6i8PTTZns.bo4WZHLzZHscxK1FmqNbfQLHBeSb90gqhikPq4QnAZkRS9 .Q.nnheZHD9iiiUNZVDoxT1eqngZ0GPuzv4e0qZumcVB8NWH5lbFVi.Ufb9qF_lqNpWw2Pl4aarM 4DukNWG9RzYLquOgU0CqKoOhvWRom1mt2kZNfTmdD_IAh_vUPHHIRhDKEyhca0gKFYU0YJqR7Xub rIQL6OYCHNJSQ.8Aj5M6Z.X.uxq4K6pPUqAcz4Si9TlMbExSb5wjvpJmVes636tnGAArxKaCYwyE Rbpe9p4dQrJk7SMSYMWvQTtZcuD8tE1fZmogogaxlyjbO.NxFHVrN3IJ7NM289DQL19E_GPzRaU0 zGeXJU2jTGFHNiWiZ4hrtvVA6khdbQz11uRfYE3VYvdva5R99qFBFTRcifU9bZK6z17ghkrFlNhv KdMSw5m9ZYnEAk_55CwdNrMuSPROcDSQCNsGm6S57gIEj6Naq_St6Pahg2jZgCdMy53GCLzkftVv cqW3Gtvx5_opS Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:49 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID be9fa3e2c75d2b77c1de47e4a712b0c9; Fri, 19 Apr 2019 00:47:46 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 37/90] LSM: Create a data structure for a security context Date: Thu, 18 Apr 2019 17:45:24 -0700 Message-Id: <20190419004617.64627-38-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP A "security context" is the text representation of the information used by LSMs. This provides a structure so that the use can be made consistant. Signed-off-by: Casey Schaufler --- include/linux/security.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index dde36e850cf0..e12b169deed6 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -116,6 +116,17 @@ static inline bool lsm_export_equal(struct lsm_export *l, struct lsm_export *m) return true; } +/* Text representation of LSM specific security information - a "context" */ +struct lsm_context { + char *context; + u32 len; +}; + +static inline void lsm_context_init(struct lsm_context *cp) +{ + memset(cp, 0, sizeof(*cp)); +} + /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts); From patchwork Fri Apr 19 00:45:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908415 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F10B817E0 for ; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E21C128B8F for ; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D6CDC28BAC; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4D5C428B8F for ; Fri, 19 Apr 2019 00:47:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726876AbfDSArv (ORCPT ); Thu, 18 Apr 2019 20:47:51 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:36908 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726884AbfDSArv (ORCPT ); Thu, 18 Apr 2019 20:47:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634869; bh=iBWav/LqSAuvSVxnNUBmym1Fz0E8+WobP7qsqhd5Fm4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=Nileiq8qe96rFGuXt/BfQEeTxLXIo+KRRc0nhzG/ensz6iJgRYeYn9U8QJMrPWzGMzUZuwMCKZQG/fIpP2XNiCsUvoN3JBo4pS6KpPmtgh2FIhkNlc4tkQFbW5dUw62vSWskUW0M7J3UZ7lJd+RxBbchzYTmVCockUc2CPNEj0CSmzlh6HoUvO5Rh3TeUMcAui4RBy2Aw7ozLVhZ4PRAsJOIdHMVNxQFjy2ZBWvzQ7IVsc6wWQeVS5JQRTZ2/df1SjSo8c2YxV+5MACaKSDO44RdjTomO3ECMAKo1Bur6WWwcVGbG4Vw1LCx0TNai9/WmnWHTXbJXCXM6VMS2t5U9w== X-YMail-OSG: Iq7cLwAVM1kftIiASQ4ovQ7IUDM1RzJz7wPvqPPy92MNfLVvPWo6leY725E3ZGK msklmvCrSWVvGhmmnkrRvSECpDJ78XQu_U4URYGUoJTbCSSwgEQFSLwUXeTZXpMszY0VR0p9kcNj 7U8nB9nmmOhswDFwtp9Ee9hSEalXrs5oTBVniuIxN_W2sCWnUEd9Hbdajmiw.QUvv8XToeZpPKuG m0tKVnqa9PLbEBc8kg_L42GLA1KUrVH5ZA9D1cibkfaNRBr95THQNKlsACEu9bMh61YOdZ8aOfR8 nGAi.yzi9KfH9KfmogttccstG0yQy2iB1JMmIAPuDJ3PF7N7f3SSSb5SDA2woUryQYkqjVq6drNB xP1RE5gijZg3sL3CRFNFR6lkODB3yQayr7QL_Vif3aiaVyVfw0O4CkFpJE2Vey_23oApf2pxW8RP ORTJufY4Tx8sZWHT5xoPPjKAeksBev8.FQzwrTHOWq4vPAO_G9qEZvYmQp_.utTGxs.Twog4oTEy Py4aQ.6MTtnJKYs6XieSV6tnkGuXjJ_85wY_cBIQFR3826rlW0eG70FXPmFBELLVDoOqnb9sBtI6 .ocbcgW.bV1saSUjKqFHgkV5_P6zeRV6ICSdDBW4eB.7qp6GpbkAyp9JZo8eLv1y5981gXRsMlQ2 YrU6l70qEYqR8uXjZWRpYDLeewuIkCPGr2HCwgH.nkBsxp3ar3LSY1NNqOR4b4DEOrYdZgze3qTf fcZyfah5vgjA44bR5ol_JE57YRlOGG8k20HUZtXBLHw1mAqUE_uGIXnJK4T_wSFshXTaklx0FHpb 2hMZSNboItsn12kOToV7y5nsmj2IeNyFMd6e9qNRux9E9np_hQVT_A52olcy9y_ofyw3li1bA1M1 TaCXD7_hc.YgTFNwX39xEHPYn9JCI.mvp6sfkrxkl4GmSDxbomfJY2HxkExRgPCBZxUhr2sDbJ9z fhD_Ewb0G8Ig_rrj.i90NRW9o6faPc7sHW2_fQxfdb4FQDyQ30evAXWsCk5d3rzvaQGCYiQW9WoT mt3_TcDFOAokxKldVPl2ChtdgFgXnwERYeHS9wItgQdtk2rDv6E5lNjLWcnUT4Y7UWITQvrTqYZv Uy0.QQjIfLwD6gPaJsUzzQAv_s9R56xFXJDTuykFjb.5YWazkRiPUIneEED9teg-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:49 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID be9fa3e2c75d2b77c1de47e4a712b0c9; Fri, 19 Apr 2019 00:47:47 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 38/90] LSM: Use lsm_context in secid_to_secctx hooks Date: Thu, 18 Apr 2019 17:45:25 -0700 Message-Id: <20190419004617.64627-39-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert SELinux, Smack and AppArmor to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 6 ++---- security/apparmor/include/secid.h | 2 +- security/apparmor/secid.c | 11 +++++------ security/security.c | 12 ++++++++++-- security/selinux/hooks.c | 5 ++--- security/smack/smack_lsm.c | 8 +++----- 6 files changed, 23 insertions(+), 21 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index af0bcdf8fcfe..566714aa0caf 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1323,9 +1323,8 @@ * length and the next call which actually allocates and returns the * secdata. * @l points to the security information. - * @secdata contains the pointer that stores the converted security + * @cp contains the pointer that stores the converted security * context. - * @seclen pointer which contains the length of the data * @secctx_to_secid: * Convert security context to exported lsm data. * @l contains the pointer to the generated security data. @@ -1672,8 +1671,7 @@ union security_list_options { int (*getprocattr)(struct task_struct *p, char *name, char **value); int (*setprocattr)(const char *name, void *value, size_t size); int (*ismaclabel)(const char *name); - int (*secid_to_secctx)(struct lsm_export *l, char **secdata, - u32 *seclen); + int (*secid_to_secctx)(struct lsm_export *l, struct lsm_context *cp); int (*secctx_to_secid)(const char *secdata, u32 seclen, struct lsm_export *l); void (*release_secctx)(char *secdata, u32 seclen); diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index 5381eff03d4f..964d3dc92635 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -26,7 +26,7 @@ struct aa_label; #define AA_SECID_WILDCARD 1 struct aa_label *aa_secid_to_label(struct lsm_export *l); -int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); +int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp); int apparmor_secctx_to_secid(const char *secdata, u32 seclen, struct lsm_export *l); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 69d98a89db75..4e11434605d6 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -81,7 +81,7 @@ static inline void aa_export_secid(struct lsm_export *l, u32 secid) l->apparmor = secid; } -int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) +int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) { /* TODO: cache secctx and ref count so we don't have to recreate */ struct aa_label *label; @@ -89,13 +89,12 @@ int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) label = aa_secid_to_label(l); - AA_BUG(!seclen); - if (!label) return -EINVAL; - if (secdata) - len = aa_label_asxprint(secdata, root_ns, label, + /* scaffolding check - Casey */ + if (cp) + len = aa_label_asxprint(&cp->context, root_ns, label, FLAG_SHOW_MODE | FLAG_VIEW_SUBNS | FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT, GFP_ATOMIC); @@ -106,7 +105,7 @@ int apparmor_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) if (len < 0) return -ENOMEM; - *seclen = len; + cp->len = len; return 0; } diff --git a/security/security.c b/security/security.c index 365970f2501d..ac0498daa49e 100644 --- a/security/security.c +++ b/security/security.c @@ -1974,8 +1974,16 @@ EXPORT_SYMBOL(security_ismaclabel); int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) { - return call_one_int_hook(secid_to_secctx, -EOPNOTSUPP, l, secdata, - seclen); + struct lsm_context lc = { .context = NULL, .len = 0, }; + int rc; + + rc = call_one_int_hook(secid_to_secctx, -EOPNOTSUPP, l, &lc); + if (secdata) + *secdata = lc.context; + else + security_release_secctx(lc.context, lc.len); + *seclen = lc.len; + return rc; } EXPORT_SYMBOL(security_secid_to_secctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7dd333f133db..6a2a82dcd948 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6301,14 +6301,13 @@ static int selinux_ismaclabel(const char *name) return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); } -static int selinux_secid_to_secctx(struct lsm_export *l, char **secdata, - u32 *seclen) +static int selinux_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) { u32 secid; selinux_import_secid(l, &secid); return security_sid_to_context(&selinux_state, secid, - secdata, seclen); + &cp->context, &cp->len); } static int selinux_secctx_to_secid(const char *secdata, u32 seclen, diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index a837af153ed9..10d6c6a1a001 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4434,8 +4434,7 @@ static int smack_ismaclabel(const char *name) * * Exists for networking code. */ -static int smack_secid_to_secctx(struct lsm_export *l, char **secdata, - u32 *seclen) +static int smack_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) { struct smack_known *skp; u32 secid; @@ -4443,9 +4442,8 @@ static int smack_secid_to_secctx(struct lsm_export *l, char **secdata, smack_import_secid(l, &secid); skp = smack_from_secid(secid); - if (secdata) - *secdata = skp->smk_known; - *seclen = strlen(skp->smk_known); + cp->context = skp->smk_known; + cp->len = strlen(skp->smk_known); return 0; } From patchwork Fri Apr 19 00:45:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908417 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E1BD41515 for ; Fri, 19 Apr 2019 00:47:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C9EC928B1F for ; Fri, 19 Apr 2019 00:47:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BD54028B9C; Fri, 19 Apr 2019 00:47:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4450E28B1F for ; Fri, 19 Apr 2019 00:47:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726897AbfDSAry (ORCPT ); Thu, 18 Apr 2019 20:47:54 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:37045 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726878AbfDSAry (ORCPT ); Thu, 18 Apr 2019 20:47:54 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634873; bh=QuO58pKbB0Iy8bZpRCk+Z4JQJyApy+z8GqXKuGPYaZs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=tEuWd9MHOBGaXcpll6nBVwY+1LfYYuLxxltZHtwZrFopkxCKjvmulbn31ejnmPIgMF3+NYRbGzL9AiKC9mQ+H+7kSmXF67ZSBooz9AChfBBT3OSRxZvVTbGnHVGuyLDJO2MGPQI3CJEj+GBZ6r/PDZ29pnNjmK4ML0GUyg2H0kcbZrhoX7LOGVrZWgdf2D+o7nS27L0qU8NDh+3ZEaXBwZ0y2j/3pZsv7zIIisxQf8I/9Gk/ZN6tGNvJ42qsiVqPGIEPvDJR1bflU+RIX0xTeho7YU6oqf/9+5hsCshZEiOCyKve7AmnCLYbp8Ug4EebhDjRTW0OkveyqGqohIkIaQ== X-YMail-OSG: _LWuPP8VM1nJBGI0n.arHk6b3uzilYcWnJCR9m6gtVxP5xmGsCOQOt6Lre4M64t Cre2RyfrnoJ6zB0cROsAXhzqFYOmBTg1h33Su43TxLcRJjWpuAUci8..c6w3b.aYSQZiI7_7oDJg Kz82H0U4uGzUEWu9KUtSNgiq_YZAgMNryH1XZYq2emk1FgNd3aanBwNxrIuYaxVdQl2QUsZTFpTT 0a81sbep2Xz39BUZFmqU7G91KedVL5M46cXZZPg2SaP5QGc3H9eKPKSDdxl0SvxG2myjRhLop2vH T5zuVbMCTRqt0OQocHr5Irm4pE.TK7RLJfiHZ927R3sE4Ua7DXTZAAYUtzzyYIBZNMt16oOH9191 GHPdI6KWXQAEfpCO63Ji5s5oqfzsK32OJYx1ddn4BB.mcow6SppTBJ51a2zUIXCGSaGlL3Cn4MeE PdCRGL3DJwD7HP8VGqsPk903sEzVpDoA6arU0UpmHjWImdEsLjuUKvEsMan9CxqWGEfkM8ZDpGNv bh0Xa_y26bOX7NtZ8EiF793_4duXX5DU0YHK_ReQnUI5WOXepRBKDb0fC_RR5v5hF2vXDALMnsvC AgJVir7FFjaaobz0UH_8paFj0hh0kk4T8OF8ZwpOtYI5xoaHfJBxAJ617Hzh.7HXDEkQniHhyShi RsMzxEXLtb5Dh8lwOI7zvWcc9wAez9cCTIrNvpelPAu6j3eNRdKvDUzFD9TzikXDN.iT813R9aKS Ha.nXihiyvl4N9pRDjCDDTUXx.WpPCa13HlaAcr94iAdyGsXopGO0gzxG3aXrOvENzq7SVqG8EZZ _z_kWYxqGIWgDwtPx.EMtA66P6s8Mzo7.iB6VqDINRKct4caULuHkFMJDzGNu.FFeyLCcrTjnbcK hAgSaBDA8DCtSs0wUPQUyowYBZjcHn2hdN2LWs0WJUDe8LR1NCiJxiH7i4Wqd5TiyvyjSX4x0.mI cSQcXHZZyHhFW1in61tLRzsRAchl687jAoTqxShLc.vPDjPeprlK5v.Mpbxkmq51VBe8Ajo85mqt 9n18XG9NfG7JIq.EJ4EOd3tLXs6nuFvfKpMTRmLpHNLeujQ2S84hXYs..BofwhNI2NYxoebbQ775 Jx7UBhiyzkAY9rYdDqu3_ag1FbuyTmRuQ0F9wZFDSJBSt9pfJhFB0IWiR818ekeE- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:53 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID be9fa3e2c75d2b77c1de47e4a712b0c9; Fri, 19 Apr 2019 00:47:48 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 39/90] LSM: Use lsm_context in secctx_to_secid hooks Date: Thu, 18 Apr 2019 17:45:26 -0700 Message-Id: <20190419004617.64627-40-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert SELinux, Smack and AppArmor to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 4 ++-- security/apparmor/include/secid.h | 2 +- security/apparmor/secid.c | 7 +++---- security/security.c | 6 +++++- security/selinux/hooks.c | 4 ++-- security/smack/smack_lsm.c | 4 ++-- 6 files changed, 15 insertions(+), 12 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 566714aa0caf..8b842fd13fb4 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1327,8 +1327,8 @@ * context. * @secctx_to_secid: * Convert security context to exported lsm data. + * @cp contains the security context. * @l contains the pointer to the generated security data. - * @secdata contains the security context. * * @release_secctx: * Release the security context. @@ -1672,7 +1672,7 @@ union security_list_options { int (*setprocattr)(const char *name, void *value, size_t size); int (*ismaclabel)(const char *name); int (*secid_to_secctx)(struct lsm_export *l, struct lsm_context *cp); - int (*secctx_to_secid)(const char *secdata, u32 seclen, + int (*secctx_to_secid)(const struct lsm_context *cp, struct lsm_export *l); void (*release_secctx)(char *secdata, u32 seclen); diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index 964d3dc92635..acfcf99bff0e 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -27,7 +27,7 @@ struct aa_label; struct aa_label *aa_secid_to_label(struct lsm_export *l); int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp); -int apparmor_secctx_to_secid(const char *secdata, u32 seclen, +int apparmor_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 4e11434605d6..35df38592b6e 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -110,13 +110,12 @@ int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) return 0; } -int apparmor_secctx_to_secid(const char *secdata, u32 seclen, - struct lsm_export *l) +int apparmor_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l) { struct aa_label *label; - label = aa_label_strn_parse(&root_ns->unconfined->label, secdata, - seclen, GFP_KERNEL, false, false); + label = aa_label_strn_parse(&root_ns->unconfined->label, cp->context, + cp->len, GFP_KERNEL, false, false); if (IS_ERR(label)) return PTR_ERR(label); aa_export_secid(l, label->secid); diff --git a/security/security.c b/security/security.c index ac0498daa49e..84f27428b62d 100644 --- a/security/security.c +++ b/security/security.c @@ -1990,8 +1990,12 @@ EXPORT_SYMBOL(security_secid_to_secctx); int security_secctx_to_secid(const char *secdata, u32 seclen, struct lsm_export *l) { + struct lsm_context lc; + + lc.context = secdata; + lc.len = seclen; lsm_export_init(l); - return call_one_int_hook(secctx_to_secid, 0, secdata, seclen, l); + return call_one_int_hook(secctx_to_secid, 0, &lc, l); } EXPORT_SYMBOL(security_secctx_to_secid); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6a2a82dcd948..a2257ccaee5c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6310,13 +6310,13 @@ static int selinux_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) &cp->context, &cp->len); } -static int selinux_secctx_to_secid(const char *secdata, u32 seclen, +static int selinux_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l) { u32 secid; int rc; - rc = security_context_to_sid(&selinux_state, secdata, seclen, + rc = security_context_to_sid(&selinux_state, cp->context, cp->len, &secid, GFP_KERNEL); selinux_export_secid(l, secid); return rc; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 10d6c6a1a001..78c01ef707eb 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4455,10 +4455,10 @@ static int smack_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) * * Exists for audit and networking code. */ -static int smack_secctx_to_secid(const char *secdata, u32 seclen, +static int smack_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l) { - struct smack_known *skp = smk_find_entry(secdata); + struct smack_known *skp = smk_find_entry(cp->context); if (skp) smack_export_secid(l, skp->smk_secid); From patchwork Fri Apr 19 00:45:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908421 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D6E7F922 for ; Fri, 19 Apr 2019 00:48:00 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C489728B9F for ; Fri, 19 Apr 2019 00:48:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B8F4A28B9D; Fri, 19 Apr 2019 00:48:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4C2AA28B1F for ; Fri, 19 Apr 2019 00:48:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726911AbfDSAr7 (ORCPT ); Thu, 18 Apr 2019 20:47:59 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:45697 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726904AbfDSAr7 (ORCPT ); Thu, 18 Apr 2019 20:47:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634878; bh=FJBvj914M4FDb8xtVfzNmCwZw08zuqIGVPHbHm30r/I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=EAIKsjW28NDCgw2ixzKISqvrUeF6sDxOQK5saafqBpQfucnNxsuZ2UwLpmtwX9HotrnP0SX6XvrSJj6C4j/BBKyZD/ZgvqJARRUvYxcYueSIeY/x98xUid8HJjTLsjm97ObLMFCBUIc5TACNkMbm/ZwBa1lWYhGcv6505GA/+ldGNNXOosZz35vLxjEJZXDO0YCgm8dnZqP0/BfW0OA3VakH3wGOb671IT610OCIkAp/6eyqJgNqow0+s0WenNLKHO+n+8/oq5bL3VtW8bBpez9QXcqfcHk6ePGCv7njrL0H+5HMHQJFf8KY4svL0ecbvRx6QkAMUhUxhmAv6MVC9A== X-YMail-OSG: jyPLGhsVM1n74IXDpYzN8G7Tk53T_iiG0KWnZrJ6XW_XzWTFgmlcGg41HqjZVZ. PpiK5nKB5tzwEDahWW630gTDVm1Hl_cN3fHRIHENERm8jUuB3GergwamgXCeZYoXK4lT4YdVZQHh 0lOteGFZl0_7JyphrBrDLNI_t3kWaUfT67bST6f3rtohchzePf9tw1p_C25U8Qy59gS5v3hm53Ku xnPd9OuM0wqOR7642ViXq9VeKh_eecPm5BURa93QFqWAAtGtTQgZWMSrLdzbBImDoipa6PUsk4D. RuEeUjiZX4dyuYNrQEH0LAKyRFJEsLFIqnjbo2nBexO6D7l4e6JKJOBmPMIiKvS_F.kt2kv1yslN dxsfHC.PliFRqKwSUSvUp1UKr4ara9oczGhDXjVKzjkImjhVAlMrBw5VlaHKjutOUSs.0gL9r8xo U0KFcvd7urh4MDRkCYhwRygqy1IyiDm1EhiqG9vN8._Sf9yPPkQSkku8uFXV4Pn.i1i4Ryd3GqJE E66iBH563i5Lzx8Qy_9_u73jie387e2rqXJhYSxtnFgNstiIWDjLxwtpCgvYnoKhiyGrhK0Mf7mY HdEOn9tTs4NJdEf8tebORLevWPxRDo_aU2U4VxYcG298KiCJxs87hZ97nN_ndsJxT_bcAWHjpPpR rjj.jkLVrAIHs664PBKlClu7iluuGl7lXPvV4kNjGDWpdWm3TnTJ3pmEGbgVn21inuE8AGHUqoTC h8dm9c5z5I2snbHWQwwecBqDBu66TjblEJuHykeD7E0yX0rjN7IyF0Nl9QqqerGYWDFIJDqT5KWA iNzRfxYgBmu8I_fUVnbBZYZPubaYX1DiY3.n.fZ2qqJC1mry1dnSsEyvNJh75FRrCCQwHwr9V4sU dKhXcLkS.6T54No5faN8WJuXywj0lDuq8Ym3JCDqEgQrB_ybR8c2cbIUnlz.kM2NaE6c2q07MiKo GGda9sEYzRGBRUq3.7lpGB9xm9_H30tz5JWmgyuXRlCEquz1EOfE_V63WZAgL1NhcpMGxXH.Hs0z PcoRSB8nwwkHTM3YQ9T8VVzoF3wjAadJapyLGJiSr0SPLNYUbtE15jG6tojOB2BN7DTty8slmdSj jz4GyoHLN27kI1388kRm9jPVv49DELJLky8ilYABeeNnEoXc93uxmIZCLUOz1lmLGuhBkhwcBeR2 VLzL6App_P.O5Qg-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:58 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 9312487679b1d62a89b866e0f3ee025b; Fri, 19 Apr 2019 00:47:55 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 40/90] LSM: Use lsm_context in inode_getsecctx hooks Date: Thu, 18 Apr 2019 17:45:27 -0700 Message-Id: <20190419004617.64627-41-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert SELinux and Smack to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 7 +++---- security/security.c | 9 ++++++++- security/selinux/hooks.c | 6 +++--- security/smack/smack_lsm.c | 6 +++--- 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 8b842fd13fb4..34ed56be82b8 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1401,12 +1401,11 @@ * @ctxlen contains the length of @ctx. * * @inode_getsecctx: - * On success, returns 0 and fills out @ctx and @ctxlen with the security + * On success, returns 0 and fills out @cp with the security * context for the given @inode. * * @inode we wish to get the security context of. - * @ctx is a pointer in which to place the allocated security context. - * @ctxlen points to the place to put the length of @ctx. + * @cp is a pointer in which to place the allocated security context. * * Security hooks for using the eBPF maps and programs functionalities through * eBPF syscalls. @@ -1679,7 +1678,7 @@ union security_list_options { void (*inode_invalidate_secctx)(struct inode *inode); int (*inode_notifysecctx)(struct inode *inode, void *ctx, u32 ctxlen); int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen); - int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen); + int (*inode_getsecctx)(struct inode *inode, struct lsm_context *cp); #ifdef CONFIG_SECURITY_NETWORK int (*unix_stream_connect)(struct sock *sock, struct sock *other, diff --git a/security/security.c b/security/security.c index 84f27428b62d..1c59101279ab 100644 --- a/security/security.c +++ b/security/security.c @@ -2025,7 +2025,14 @@ EXPORT_SYMBOL(security_inode_setsecctx); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) { - return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, ctx, ctxlen); + struct lsm_context lc = { .context = NULL, .len = 0, }; + int rc; + + rc = call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, &lc); + + *ctx = (void *)lc.context; + *ctxlen = lc.len; + return rc; } EXPORT_SYMBOL(security_inode_getsecctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a2257ccaee5c..e881f42d3ff8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6355,14 +6355,14 @@ static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) return __vfs_setxattr_noperm(dentry, XATTR_NAME_SELINUX, ctx, ctxlen, 0); } -static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +static int selinux_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { int len = 0; len = selinux_inode_getsecurity(inode, XATTR_SELINUX_SUFFIX, - ctx, true); + (void **)&cp->context, true); if (len < 0) return len; - *ctxlen = len; + cp->len = len; return 0; } #ifdef CONFIG_KEYS diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 78c01ef707eb..46eead699e1d 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4484,12 +4484,12 @@ static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) return __vfs_setxattr_noperm(dentry, XATTR_NAME_SMACK, ctx, ctxlen, 0); } -static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +static int smack_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { struct smack_known *skp = smk_of_inode(inode); - *ctx = skp->smk_known; - *ctxlen = strlen(skp->smk_known); + cp->context = skp->smk_known; + cp->len = strlen(skp->smk_known); return 0; } From patchwork Fri Apr 19 00:45:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908423 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 47D4017E0 for ; Fri, 19 Apr 2019 00:48:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3380D28B1F for ; Fri, 19 Apr 2019 00:48:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 281A528B9F; Fri, 19 Apr 2019 00:48:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A405A28B91 for ; Fri, 19 Apr 2019 00:48:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726916AbfDSAsA (ORCPT ); Thu, 18 Apr 2019 20:48:00 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:45410 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726906AbfDSAr7 (ORCPT ); Thu, 18 Apr 2019 20:47:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634878; bh=+UV/tngJ9xERucMty0k3xAUXL9ia8S6enLrSOwE4aM0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=r5bHEgFJzpJLUTQanL6Iz49vTEmX0Dl2y/1drJXH8iSwvaU1a6O60M8i+LPgSSummYEQ0do2GF+CilRm7fbzqCf3nXuYFFLNTLYO8hg7tvAXXHwzAu8KB4D1JgnuSPAsuJEw+BLZJChZ32GY91bkJ/Ua3BZj3GNvDUuDOjNL53rrn5+6XD8j4f4qMvLh85pKTVppm4zKsoP2ja3HSnb+b/rXOWt7rTUrFGUl+bhEF9J+6tZhpGs78ev2htHyAk6aJDq3aE5Wn77E84F3HZTs32iwb0PHNEoRdfuwypFxE77F/r0fRlxkDSh3ms43YORDoMRzW0rcmEue4Wo96rVuKg== X-YMail-OSG: 4LtKv9UVM1mc_LMT9xrP4O23d3Eaj9z39um4y.USn9lawwWkWOD77TBd4AD80IS S6cYD6gIBqv5wVMv8Iser1v86IFyf8iYMKwm2CP4Ia9DtsugP.fkNDGyvYKBfFoychPHro1rAESd BKMy91oht8CsoU3JiDcW0zQTKrCwWt.aJ4keLWOm70WxbVqksugOB1U4wG5xy4HVnCl8NgBuPoap uWEe6B4n0SnkfenEpfAPMfTKTXeOAEUm5d16y1w8E4u5AHhztmnVjeQqoz1gGYv5en5oEhcSEVbY 1nV0PUp.TYgmNeBxe2lAfXOi5Dy80jPRN4xVd78E6KVw2aQWfJEI3tEOIhfjXvZlVoPd2pAjHnb9 mRbNHcVxzZCr8R5DprUzG93aWKF0w12P33wIc9yaZPwzg7oHcVm_D_v8QqdkFmll_RjiwhKkofa1 PZdXAbpVsklQ.PuglizGUHXXkWGlygoS_7RO7fnRKqPpXyhHbf6t_M5Mw0aEhofjrRbjkNcFrxdU K8fEr13ntyZTSvwEDv9oeSuLRexJIgLdYOFZY3g0RJvSiFGZTEp_Qma_2jMLcAtXDisiU.Wy7No8 fqKc14GEaCmJjTNtvC8gI7NyxOI.GCAcANy.Od4H_VIjbNQ46FEVqjr5ppZ3v1Dg40IWdFIhj1iq oAPxahzh6hmw_yryjKJ7sA5R9tvr6f4GgF5Vj3UBhJoR7PsY5aNZyDyt5pGfQ0vAB7MVgY71iafz LBdoTo46jUB_Dju7EZao.7iIr4GLyshUGbRwfbYz6BqHS5srUMa_dV2UoTYe0mCBENo.0I2RrEIb UnuXk51qW8hEcOwpCXb_CWA728xiToGEkZEIsvzR_p.DhGwMFDzo7L.dtip6FYPFxEishQ8XxxEI GRo0P.oa2uUyalMFkcHKiXeItn5f8KXCjGOuHCRHHqujiZIzQrtPRpQdhFTfdpbaiAFWrEcWVKKO SpU7RbzcFbsWNxD0BVClo87xGtSlQgHhVdg9CYJZj9ICmEUJNDdFIzBhZXPhMYCNIHlxjodlQUD1 8PkPqHp3ydcWzikZOab4SYiKi9IxMYoOLv6pbrrUOD4qe1xmGhGlQRzZzPow2BYX8R7rqErbCr8m hInYf1C9Zm5_GIU9Im48tO.ybyIWTUA4gacbJOwJXCyTfd4vT4orbtCaI9UEnUHQDfxMP8VwwFg7 HK4Zz039IvxPIpQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:58 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 9312487679b1d62a89b866e0f3ee025b; Fri, 19 Apr 2019 00:47:56 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 41/90] LSM: Use lsm_context in inode_notifysecctx hooks Date: Thu, 18 Apr 2019 17:45:28 -0700 Message-Id: <20190419004617.64627-42-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert SELinux and Smack to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 5 ++--- security/security.c | 6 +++++- security/selinux/hooks.c | 5 +++-- security/smack/smack_lsm.c | 5 +++-- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 34ed56be82b8..3344d18ba9d0 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1382,8 +1382,7 @@ * Must be called with inode->i_mutex locked. * * @inode we wish to set the security context of. - * @ctx contains the string which we wish to set in the inode. - * @ctxlen contains the length of @ctx. + * @cp contains the string which we wish to set in the inode. * * @inode_setsecctx: * Change the security context of an inode. Updates the @@ -1676,7 +1675,7 @@ union security_list_options { void (*release_secctx)(char *secdata, u32 seclen); void (*inode_invalidate_secctx)(struct inode *inode); - int (*inode_notifysecctx)(struct inode *inode, void *ctx, u32 ctxlen); + int (*inode_notifysecctx)(struct inode *inode, struct lsm_context *cp); int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen); int (*inode_getsecctx)(struct inode *inode, struct lsm_context *cp); diff --git a/security/security.c b/security/security.c index 1c59101279ab..5ee80bef9643 100644 --- a/security/security.c +++ b/security/security.c @@ -2013,7 +2013,11 @@ EXPORT_SYMBOL(security_inode_invalidate_secctx); int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) { - return call_int_hook(inode_notifysecctx, 0, inode, ctx, ctxlen); + struct lsm_context lc; + + lc.context = ctx; + lc.len = ctxlen; + return call_int_hook(inode_notifysecctx, 0, inode, &lc); } EXPORT_SYMBOL(security_inode_notifysecctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e881f42d3ff8..633d62b97e90 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6339,10 +6339,11 @@ static void selinux_inode_invalidate_secctx(struct inode *inode) /* * called with inode->i_mutex locked */ -static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +static int selinux_inode_notifysecctx(struct inode *inode, + struct lsm_context *cp) { int rc = selinux_inode_setsecurity(inode, XATTR_SELINUX_SUFFIX, - ctx, ctxlen, 0); + cp->context, cp->len, 0); /* Do not return error when suppressing label (SBLABEL_MNT not set). */ return rc == -EOPNOTSUPP ? 0 : rc; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 46eead699e1d..3d24503029e5 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4474,9 +4474,10 @@ static void smack_release_secctx(char *secdata, u32 seclen) { } -static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +static int smack_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) { - return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, ctx, ctxlen, 0); + return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, cp->context, + cp->len, 0); } static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) From patchwork Fri Apr 19 00:45:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908429 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4977417E0 for ; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 345C528B91 for ; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 28BD228B9C; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B6C0028B1F for ; Fri, 19 Apr 2019 00:48:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726910AbfDSAsB (ORCPT ); Thu, 18 Apr 2019 20:48:01 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:33545 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726915AbfDSAsB (ORCPT ); Thu, 18 Apr 2019 20:48:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634879; bh=kOtGhOXGmB0UKJFKi7rvNlfKTHO47ha92uul7+cYnU8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=L7vqIV733+k/OjN1naZdYi1y+Z2Ft8euL3SOb0c1O1B3WEXu1Dr163obIyxht3GwPQFq2wfidz/Tah9SZlQw9cX7O6xdh6JPU59rmvRk+uUtVkqUe6+GJUP0+ipDBoNr5WXT6X66lsC7bPUjOf7xnilcsZSwIjbtHundgdDVlNlquWNF/rcgCWVEkn6n7cvcAfe452RABHv5GL3kmVRKf0Xd9RX7xFy+iJU8Ibb1LGDAuYviy1Zjw6PXPYvQ018gUBYuvsmo9U/yIVCtPLwqktX8DrFrYK3LKiBtCRWA0chCc2ebK6VevuTAebN/IQk+JKv33IzXu7PnLGP5mfDISQ== X-YMail-OSG: V.oRz0MVM1lUNHijD8w5gOnfI8bPD5.ui.Myul.o1TEhx80BIHSXn4m6ximgPXR kCYdwI2zni6i3PbKdAH9KoevYuKVw527bmVq7pSXyQfNYHjiCcs.N9l6TPpqj0YkxWu4UhjL.unb FxKCRMfqi24cqv25glZSaBUHD7B0QXHTs1iAnJ.LYovGdpOJyH5xcsIH5icgclL_enDTJr9XZqFP MoJcoEQc3hWKdkQbeXon0uyzdBhgxmvqB1dziQ9PfmeN686YsVYkZQqt8thmHv4aTVzwDvMvS5G9 e567z8ijHcruyiJLMeGy66otLJ18eFRaKuB5sLrQyjMFOvDS6YcILPiTKwtlLomFJLyNZtlJ0xt9 Yj_cXLP7j5C2ZyZYkOHBTAzfj9phmPClKamauYcsrAuMrp3qVs13Z6GtQWIsa0udQjSo0ducsMU2 206BK5C2unfJ3hTDCg9MT5ZUhqeRAI4XpPZsTjFUUjQ1G1gzJkvgvDhZUMgrdAq9jGNj_ZVycbQJ IRtOdX4knn98axJ3DI0507OWO8TYL7y812MIGm.oWyatqRpvsATotOqorZaNpaQ94wUvFfliBDQL VA5F1E85yaZTJbE_6.1fyz9CcKDUryt3MC46uRBd0w.B_QRX5x.VZqJPpAR_SgZ5rM34n9cPNTtQ uaOzHr6RoAQAxFMCyaS4igHBdMvQ48SzfGC47f0ba4twWMQ76A0QkafMi5oC.MEGj74toY2msKGW a26Wk4r5n5iPRNpslYOlNc_eGupC833o1.SHtMo.SCuCXrosI4FlU.tnEu1AL09DcwdkY8PwTN3E ahKaSu5KfgRcYqL_DcESKsbbU7Q92KoxW6u4PEicF85.XqcT3t1cfBTwKXqvykGu.Jb1IGavXZIb wVU4f3MRwXngx8JF27v6pum_mM4zuY0uTbYIZ1OR15OJc06yBA8axSYbvqQJGZ5w7SrrKNL7JeCU uFVZdBRdn1gFIM4mFNwV5T26eJoi_MNyR55zDz_yf1M9qSCXgbSdJLcVL2IuNd_LJMpE15Mz5occ DYq.7kYHAfwrdSPw3FgMEBGzdpouhSmB.lv0C.9Ln17E_ShK7aDYKPS6SOwAPQByphXaNCnSkjaU ww.DD8GE.yaVMiGsZxMdy4f5wacJywPKs4Bw3ymhgNWDGaVOlu0fT3ebL6lqkVqPqRkRt7Z3efa2 bSFXjxQx7Q2Tv Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:59 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 9312487679b1d62a89b866e0f3ee025b; Fri, 19 Apr 2019 00:47:57 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 42/90] LSM: Use lsm_context in dentry_init_security hooks Date: Thu, 18 Apr 2019 17:45:29 -0700 Message-Id: <20190419004617.64627-43-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Convert SELinux to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 7 +++---- security/security.c | 10 ++++++++-- security/selinux/hooks.c | 8 ++++---- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 3344d18ba9d0..f60ec98596c8 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -166,8 +166,7 @@ * @dentry dentry to use in calculating the context. * @mode mode used to determine resource type. * @name name of the last path component used to create file - * @ctx pointer to place the pointer to the resulting context in. - * @ctxlen point to place the length of the resulting context. + * @cp pointer to place the pointer to the resulting context in. * @dentry_create_files_as: * Compute a context for a dentry as the inode is not yet available * and set that context in passed in creds so that new files are @@ -1500,8 +1499,8 @@ union security_list_options { int (*sb_add_mnt_opt)(const char *option, const char *val, int len, void **mnt_opts); int (*dentry_init_security)(struct dentry *dentry, int mode, - const struct qstr *name, void **ctx, - u32 *ctxlen); + const struct qstr *name, + struct lsm_context *cp); int (*dentry_create_files_as)(struct dentry *dentry, int mode, struct qstr *name, const struct cred *old, diff --git a/security/security.c b/security/security.c index 5ee80bef9643..fa0500b2c15f 100644 --- a/security/security.c +++ b/security/security.c @@ -1017,8 +1017,14 @@ int security_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, void **ctx, u32 *ctxlen) { - return call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode, - name, ctx, ctxlen); + struct lsm_context lc = { .context = NULL, .len = 0, }; + int rc; + + rc = call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode, + name, &lc); + *ctx = (void *)lc.context; + *ctxlen = lc.len; + return rc; } EXPORT_SYMBOL(security_dentry_init_security); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 633d62b97e90..fe09905d013c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2813,8 +2813,8 @@ static void selinux_inode_free_security(struct inode *inode) } static int selinux_dentry_init_security(struct dentry *dentry, int mode, - const struct qstr *name, void **ctx, - u32 *ctxlen) + const struct qstr *name, + struct lsm_context *cp) { u32 newsid; int rc; @@ -2826,8 +2826,8 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode, if (rc) return rc; - return security_sid_to_context(&selinux_state, newsid, (char **)ctx, - ctxlen); + return security_sid_to_context(&selinux_state, newsid, &cp->context, + &cp->len); } static int selinux_dentry_create_files_as(struct dentry *dentry, int mode, From patchwork Fri Apr 19 00:45:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908433 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B6750922 for ; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A19F828B1F for ; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9633828B9C; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 33EB828B1F for ; Fri, 19 Apr 2019 00:48:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726915AbfDSAsB (ORCPT ); Thu, 18 Apr 2019 20:48:01 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:43114 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726884AbfDSAsB (ORCPT ); Thu, 18 Apr 2019 20:48:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634879; bh=TM2ZUN68jEXypRJ0f+YHN9yBHBRv2sOZZODRyMmX3oI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=KU0s5cSPnoHr4Ll6bS8ntjqMxsSHJ9wC4N3CLjS4XgIlvJ5dhgc3S/rfPNEqbE8KWdfcUVLVmS2FGcBeq4CypGosM23X/s5ULpOBwZtUh7EPfrDQ80WnpUf7pHFFxzh6tcKAg+XjPlGsQHS67HJ2IX5o6Ra2ERa8TT/ZVjWy7lh8f/KpSLRinAhldTHiBdoeq9H5bIBsXBj2BGUKbB+iZVxm5mLdQOJog2OHuVXvgEWoZxa9cjVHbiHnTjSQtyOPYH9Nz8v5jY4UfHMR2T6XTBWeTeII3WdBIE1whKibSfVQErDIJazLFUWO0Mtvke6ixUeOYStvceHw5yurBIEjrg== X-YMail-OSG: Z.leZAkVM1mASe86KhCsb1fXdlq.fkoHn80YtduhkRJbeEVOgB2r_MHhgJBV86Y kJbizoJkBaaPF4D4L6UMLW18aBQZurV8oJz6EvFNtybSu1p0c8W3Q8sJxfc2cmm1Zsgel3.ilFSV fxMHhSRbnSuDhHoGGg7NP_5xgjiExElakCXGuGJVJMFA6f43TjgjwbEaN2bq48_tgK5oWb74jz7q w2OcLRh9j76nI7HixGcExRE3lTRtcwHKW5IBLrTDI9yLSW3v1YoXDuqturHyzMeiY0A.fc2IK1IZ 2nmWmtHLksgv_mVSe35182W6QjTn.6zAkg3jcDCTt5ANL5keRuL3aeny33ngCzoIhuoMOcU56Lip 1wWd9nXElwWoeoUx1NYTVhq7avB086pqrQ..j5eQfZRHv4ZObtKWuhSd_5P4.Fxwf1hTHEgdmdgz G1UFX0wiQBTSk18e5aIw4arzj7t8SrIlm.3Ou4.7I4EhWfi.lT78sumPqZ_xho2WSlcXpIo0mIbg uaO34FhEuih2Ms9wQaQ3FIRxNsw1CNLiP9H6YULymznq03DZrf6amj.bx3IkGcfrVUnKLs2.oU6P E2.M61oCV6VOwy5dXWYF.1X6_3rps6TkatCvvLAJ6DIu53ukvZhZ6rAko6ZShTuwauHcGNKN0kxC E7_GQQ1uif1CnBuQynz2exm_1bV9PzrwQV6EGZmMI2JEtqjbs9JnycglOfnjatHmOQt0B32ooNfW Rq5XSX3NyQM_80bifAT_AdiLfd_sXCDp3qkiYGwyBHdTc.zHDKsP8psyFsP_0BQarjVq_Nvf4A0p l9Y7CR.q4eLPE0t4H6b9zVpCts25oJrHbpy6ySaoG3R0XokIbR93czW.axRv7b4gbFpbNv4hGvCH zTeDoaikwABQdAKsRtLx7qW1eKP43IUfANO323bOij9lb2Pn_YEiebnn9rBCBggepZ7b.Kwf0WC9 2Jw2a_MnGpa08i7lgIqYQx497PVOzol34eB7e9kBiejvAr0PZ.eLKLiccsFmxZnsfvyNxTBzs_yW rn10LnKMSyds5lA5S4S9H5M0oB_Ojfc0yIJ91BntEesgWCDiaE00efXVC_sAdWYyD2xLAOpUtKc1 gF1BMle.ivMjaHyeFr024oJ7gU4jwXTKU8Aw.X22ZqH.X2X._8KnjdICrYFqkbTs- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:47:59 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 9312487679b1d62a89b866e0f3ee025b; Fri, 19 Apr 2019 00:47:59 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 43/90] LSM: Use lsm_context in security_dentry_init_security Date: Thu, 18 Apr 2019 17:45:30 -0700 Message-Id: <20190419004617.64627-44-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Convert security_dentry_init_security to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- fs/nfs/nfs4proc.c | 5 ++++- include/linux/security.h | 7 +++---- security/security.c | 14 ++++---------- 3 files changed, 11 insertions(+), 15 deletions(-) diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 4dbb0ee23432..de000649f9f3 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -113,6 +113,7 @@ static inline struct nfs4_label * nfs4_label_init_security(struct inode *dir, struct dentry *dentry, struct iattr *sattr, struct nfs4_label *label) { + struct lsm_context lc; /* Scaffolding -Casey */ int err; if (label == NULL) @@ -122,7 +123,9 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry, return NULL; err = security_dentry_init_security(dentry, sattr->ia_mode, - &dentry->d_name, (void **)&label->label, &label->len); + &dentry->d_name, &lc); + label->label = lc.context; + label->len = lc.len; if (err == 0) return label; diff --git a/include/linux/security.h b/include/linux/security.h index e12b169deed6..6c3a74a44a59 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -302,8 +302,8 @@ int security_sb_clone_mnt_opts(const struct super_block *oldsb, int security_add_mnt_opt(const char *option, const char *val, int len, void **mnt_opts); int security_dentry_init_security(struct dentry *dentry, int mode, - const struct qstr *name, void **ctx, - u32 *ctxlen); + const struct qstr *name, + struct lsm_context *cp); int security_dentry_create_files_as(struct dentry *dentry, int mode, struct qstr *name, const struct cred *old, @@ -674,8 +674,7 @@ static inline void security_inode_free(struct inode *inode) static inline int security_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, - void **ctx, - u32 *ctxlen) + struct lsm_context *cp) { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index fa0500b2c15f..649fd13cdda1 100644 --- a/security/security.c +++ b/security/security.c @@ -1014,17 +1014,11 @@ void security_inode_free(struct inode *inode) } int security_dentry_init_security(struct dentry *dentry, int mode, - const struct qstr *name, void **ctx, - u32 *ctxlen) + const struct qstr *name, + struct lsm_context *cp) { - struct lsm_context lc = { .context = NULL, .len = 0, }; - int rc; - - rc = call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode, - name, &lc); - *ctx = (void *)lc.context; - *ctxlen = lc.len; - return rc; + return call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode, + name, cp); } EXPORT_SYMBOL(security_dentry_init_security); From patchwork Fri Apr 19 00:45:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908439 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D088217E0 for ; Fri, 19 Apr 2019 00:48:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C11E328B1F for ; Fri, 19 Apr 2019 00:48:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B5DDE28B91; Fri, 19 Apr 2019 00:48:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5312428B8F for ; Fri, 19 Apr 2019 00:48:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726930AbfDSAsG (ORCPT ); Thu, 18 Apr 2019 20:48:06 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:45932 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726927AbfDSAsG (ORCPT ); Thu, 18 Apr 2019 20:48:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634884; bh=Jyx7KIysqq9TaCLw5/VISOB2mV6hTIZQdHhGkoxn7Xo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=sD8AKHcOgpC12MRyRLK2pakTunpmzIlKBM91+q5fYicHBLxYPVedGrkzyFVWtJ0Dc8/23g6ZPcqHZ5/vQWwVPeNxpvjDmmqwUpUqWq03CfEDdBdblhn4dwmpdjlf/osEIYvqDutXBkyKRn1gqpldneXQA2CvD2kahKJxeIhqpWTyT8myn++N0/is02DcmmpEEqcFNB5DB87QAmCSRYb1sdJXwHDCYPjHzqjFUs7GD6MLnn4T+2K5VisFifxfMNDfM7aFC67aCkRrmRVYz9ZMH9Y490e1xNvfCGQTUGGjbAqt2hH806TRD5plOnYVkYta+5TN7etRuPVmHcPhvW/sZw== X-YMail-OSG: EyOsoTYVM1nGeOqZ4YThJ0Zg1yDTdL_28wJJ2CVMDq0teSW0z327CztuVE9qSoo RomLtazOWChVarMrka25RZFU2BcECC0d1nsbt7KiyLZ3ZJHh7CEItrSlv9y0_MLQjo8kJUqi2EKT ci1oHKkPJ1OBpJDukgyJ6iDB9Vet3TocIugO.jWdPV7YiPhJJKlM0nHQFoPvKQceL_KVdqpi9xbB BC4Bp3bgx3QEDjFVxneK_GtpTvJBTJ4mx4zWK1caP6dL3icLdNYeTp0PjY2Jo3.Z5WlJQwztywkK _qnFza38iU1pzX7YlaHnUrl1R_bFnYKSLcWibzM60j7Jty4l09CJIGUzAmiYonkoaOtmLmUFklaA umuz6FFR2Y9clNEd.0CXm76tqkbEG_wM1EOWoHkdCdmAXOrlkukzFzGR7l31bC4C3J8Ow8gOdqEj YLfjLb1w4rE8dMinRWVn2enphjDNsAKVW1i1JAnh7pN26WW7LTDPJDyDvSEtnjzbvnY4IDSUH1ky YZO0FJfNXZdjNhS0_am9oOzsDoQoAxP.XlVE.f1NmwQMeu8Z1oFMUbn38lTAHjqqTR93I19nrz2X DM1M5zbcmUIyspDABeDzG_7a3RO2VecnFrhi3Sn1qjNT2jldZrxClzymGbJvJrhQ_E1WrvkTgp.U zDIOQ9f9EuM7iCMWqKqjOXJGCKzenIH3l3AfUsKFXYyF1eIMjtmw1cH9T2xKjv3RG91XN7fWG1xU wdweC1wi9mf2p3rCALNKtIWjT1ojkcwMRgQE0Ev1yKElBV1Zb3rHJk0OE7AmnmFcJxJqL0UBiND8 08vyCfPbb5L7Jv4Byl5ccQd1TDr5_N1T0Uy9.KCI5r6l7oJPO6S8jyh2oQ4McemD6qrvheuYUKRD uTamS1itDoYIM7pUiYmt1ggKYyyVnKpk1bIJrDiMsPDS3CXGVuczgIPOFDAyKs5g5Da53xHVVOir 6x7Sp37Y6Ds0KtuBOLICRP_5VJjykcNNNQV5VW3YdQqH27UMrNerG3_lUtwy113s3OHqemhIq19g AmGYu3dIr43reqJA0hJd6STq87ChnxGmBS6b6Ao5RffNxJ6T.wr4lL8EnnZsPzy9C3qIyjbiqaf1 Kz643syGMNN45GBeN_IxGl85RHTD9y5bVssrx48a1pdagTXoh2msJjq7nmNxV0q8- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:04 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp422.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 9312487679b1d62a89b866e0f3ee025b; Fri, 19 Apr 2019 00:48:00 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 44/90] LSM: Use lsm_context in security_inode_notifysecctx Date: Thu, 18 Apr 2019 17:45:31 -0700 Message-Id: <20190419004617.64627-45-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_inode_notifysecctx to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- fs/kernfs/inode.c | 6 ++++-- fs/nfs/inode.c | 6 ++++-- include/linux/security.h | 5 +++-- security/security.c | 8 ++------ 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 0c1fd945ce42..460e611b1938 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -184,6 +184,7 @@ static inline void set_inode_attr(struct inode *inode, struct iattr *iattr) static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode) { struct kernfs_iattrs *attrs = kn->iattr; + struct lsm_context lc; /* Scaffolding -Casey */ inode->i_mode = kn->mode; if (attrs) { @@ -192,8 +193,9 @@ static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode) * persistent copy in kernfs_node. */ set_inode_attr(inode, &attrs->ia_iattr); - security_inode_notifysecctx(inode, attrs->ia_secdata, - attrs->ia_secdata_len); + lc.context = attrs->ia_secdata; + lc.len = attrs->ia_secdata_len; + security_inode_notifysecctx(inode, &lc); } if (kernfs_type(kn) == KERNFS_DIR) diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index 414a90d48493..8d0be9767b14 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -340,14 +340,16 @@ static void nfs_clear_label_invalid(struct inode *inode) void nfs_setsecurity(struct inode *inode, struct nfs_fattr *fattr, struct nfs4_label *label) { + struct lsm_context lc; /* Scaffolding -Casey */ int error; if (label == NULL) return; if ((fattr->valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL) && inode->i_security) { - error = security_inode_notifysecctx(inode, label->label, - label->len); + lc.context = label->label; + lc.len = label->len; + error = security_inode_notifysecctx(inode, &lc); if (error) printk(KERN_ERR "%s() %s %d " "security_inode_notifysecctx() %d\n", diff --git a/include/linux/security.h b/include/linux/security.h index 6c3a74a44a59..6b2fcca08a43 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -437,7 +437,7 @@ int security_secctx_to_secid(const char *secdata, u32 seclen, void security_release_secctx(char *secdata, u32 seclen); void security_inode_invalidate_secctx(struct inode *inode); -int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); +int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); #else /* CONFIG_SECURITY */ @@ -1232,7 +1232,8 @@ static inline void security_inode_invalidate_secctx(struct inode *inode) { } -static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +static inline int security_inode_notifysecctx(struct inode *inode, + struct lsm_context *cp); { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index 649fd13cdda1..89bd384c14df 100644 --- a/security/security.c +++ b/security/security.c @@ -2011,13 +2011,9 @@ void security_inode_invalidate_secctx(struct inode *inode) } EXPORT_SYMBOL(security_inode_invalidate_secctx); -int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) { - struct lsm_context lc; - - lc.context = ctx; - lc.len = ctxlen; - return call_int_hook(inode_notifysecctx, 0, inode, &lc); + return call_int_hook(inode_notifysecctx, 0, inode, cp); } EXPORT_SYMBOL(security_inode_notifysecctx); From patchwork Fri Apr 19 00:45:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908449 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6CE4D17E0 for ; Fri, 19 Apr 2019 00:48:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5C86C28B1F for ; Fri, 19 Apr 2019 00:48:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 50DE328B8F; Fri, 19 Apr 2019 00:48:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D717928B91 for ; Fri, 19 Apr 2019 00:48:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726731AbfDSAsM (ORCPT ); Thu, 18 Apr 2019 20:48:12 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:39877 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726927AbfDSAsL (ORCPT ); Thu, 18 Apr 2019 20:48:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634889; bh=uiAdlfWT162BGGCBUsovr8p/pYfM4L4llbF+V9SFdMc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=Ltx0FLBw3TDQCHt3dYHPtIdvA7W9DuHlp2d3vIQn5HdRrjsGog8iQjDI5XpF+kLnsBAA3PiFgKNYGtaocZ8rpZiqm6z/JWWBNVEkka6zjC6Q/LGKVX2USFYvbXk2o6+C57wr9x0aWCAaY+aKwiZMVLvJGCm70UxJuhcVA7cBQBcaH9Tpu4O/OykEER6jkka6A+XLEkUOWBT4KmlwmkgcvwKHb6kcQVyWYPUQsOgTiSMHhB8z1Oh57DuvuV8BffomP5LPS+L/BU4N9winePdaiY7KpdTAnwhkyG+6hyhIdGlp7rgZAFo7qxons0GVeng5dh4TO44pm46sB+OaiLny/w== X-YMail-OSG: 47EKMg0VM1l5fk3P1Pe97.Xv5vEMenAbvWdlc81WnuoMQbm7vwC1kvBpJty0E8V xqzo6uvCJuQJVBm4eilfc3aGjonCw7CznH6RyTEXFJuwNjBxWUYozMGhisfUv0fjcXBUkmSrOnzf zD1rdXA1rqpzkwfI6yLvT_Y9Uu1WYygfQl_xLfmA52o5QzMeRm5wOYr9ntq6T02jUC2GXpsq0KOi yLZLuJDkVFlO4P1Zp9vcoqcuMjz4Dr_L7X0kIwD_WMTHbEZW1yLiEzVLBwlEUcvnC.c.3I77sISf ds1nyXclHDj3KwvefYeiXXyB2evnITZfXvVC7BBcV7ukbfkJSIwazlfhPi..BByidsVchSVEEDga g2cT2MIY2By062BJTZnwP3YGFg02fbG2DLFjA0EhCItcZ29P.dNusvgh2l.VVesKgVQVQ2aDujLm NhWjxRbY8Vj54ela4ISixPW_3mpBiE05yjCQUuuyqtP8JYstoisVuomnsk65CSJjzf6gY0_3A.77 m5n.SflL0xLCfhCK5mhx0h1xNpr_U2NEJyKDzaJGo3wcnb6EzXiDPI8mcv5EeDxGEzIL.GphOp5m 73Z3AAYXwEE51nJ4g6PEV2w1CB6BBSo_lq2C2pES1q1Wp2x5Is9WYottIZCg.M2npc5t18NIVdOf sfNm41fUx9wNkrch6dyRJjmIb3Qf19jb5DYKGlno4AExZnST4DXMorIQTrlU5C7hfQIbGVgopTwj gcBxzzdfLbMFvEZNmRaNMiR9Wrhp7OyqTe4DbexzBTUkHsIxwPYi5kRInrICyM0f8dQOwMeIR_Ep h9P9ZPQhl5srFs2BBmZxKPHeuN5wUjk6O6UMQ1QqYvFfNnHScqfdvS.dbHQXxCOQp.r4SiZuTqfl 3KANIiwtEDR0rDnQNuET7kKCKwA87csRbpQEamnHnmT2I6sfaiy6NPsbaNCNf7qGDzTRkHEtRY_v Harq0X4rXVcaefVCPZP1zF3jS548uxW7E3SuJWaecHkU22Z8Q2CzUu4DGih9nLKPkbwmTARCmcsP YRo4fLHeuwfAWF49EVJfiRem8y3U_asg.GCFDYERCjgSf.wE5PkXzQ4YWWhrTWyqe.Aib4KlVgAf xKTv4y3TRxlVdr2oOdHZSVt9XepEV6s8ICLiY6sDMsPzydZGP0LT9jhoxy9r3Rmg_iU2sTLX78As R44kQcrQ3x4Fs Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:09 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 354bec82e8db1938f39555b4d4e62c9d; Fri, 19 Apr 2019 00:48:07 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 45/90] LSM: Use lsm_context in security_inode_getsecctx Date: Thu, 18 Apr 2019 17:45:32 -0700 Message-Id: <20190419004617.64627-46-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Convert security_inode_getsecctx to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- fs/kernfs/inode.c | 11 +++++------ fs/nfsd/nfs4xdr.c | 14 ++++++-------- include/linux/security.h | 5 +++-- security/security.c | 11 ++--------- 4 files changed, 16 insertions(+), 25 deletions(-) diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 460e611b1938..41c5afc698fc 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -351,8 +351,7 @@ static int kernfs_security_xattr_set(const struct xattr_handler *handler, { struct kernfs_node *kn = inode->i_private; struct kernfs_iattrs *attrs; - void *secdata; - u32 secdata_len = 0; + struct lsm_context lc = { .context = NULL, .len = 0, }; int error; attrs = kernfs_iattrs(kn); @@ -362,16 +361,16 @@ static int kernfs_security_xattr_set(const struct xattr_handler *handler, error = security_inode_setsecurity(inode, suffix, value, size, flags); if (error) return error; - error = security_inode_getsecctx(inode, &secdata, &secdata_len); + error = security_inode_getsecctx(inode, &lc); if (error) return error; mutex_lock(&kernfs_mutex); - error = kernfs_node_setsecdata(attrs, &secdata, &secdata_len); + error = kernfs_node_setsecdata(attrs, (void **)&lc.context, &lc.len); mutex_unlock(&kernfs_mutex); - if (secdata) - security_release_secctx(secdata, secdata_len); + if (lc.context) + security_release_secctx(lc.context, lc.len); return error; } diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 3de42a729093..1bf34730d054 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -2420,8 +2420,7 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, __be32 status; int err; struct nfs4_acl *acl = NULL; - void *context = NULL; - int contextlen; + struct lsm_context lc = { .context = NULL, .len = 0, }; bool contextsupport = false; struct nfsd4_compoundres *resp = rqstp->rq_resp; u32 minorversion = resp->cstate.minorversion; @@ -2477,8 +2476,7 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, if ((bmval2 & FATTR4_WORD2_SECURITY_LABEL) || bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) { if (exp->ex_flags & NFSEXP_SECURITY_LABEL) - err = security_inode_getsecctx(d_inode(dentry), - &context, &contextlen); + err = security_inode_getsecctx(d_inode(dentry), &lc); else err = -EOPNOTSUPP; contextsupport = (err == 0); @@ -2907,8 +2905,8 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, } if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) { - status = nfsd4_encode_security_label(xdr, rqstp, context, - contextlen); + status = nfsd4_encode_security_label(xdr, rqstp, lc.context, + lc.len); if (status) goto out; } @@ -2919,8 +2917,8 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, out: #ifdef CONFIG_NFSD_V4_SECURITY_LABEL - if (context) - security_release_secctx(context, contextlen); + if (lc.context) + security_release_secctx(lc.context, lc.len); #endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ kfree(acl); if (tempfh) { diff --git a/include/linux/security.h b/include/linux/security.h index 6b2fcca08a43..90d1ff7a2fe6 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -439,7 +439,7 @@ void security_release_secctx(char *secdata, u32 seclen); void security_inode_invalidate_secctx(struct inode *inode); int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); -int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); +int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp); #else /* CONFIG_SECURITY */ static inline int call_lsm_notifier(enum lsm_event event, void *data) @@ -1241,7 +1241,8 @@ static inline int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 { return -EOPNOTSUPP; } -static inline int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +static inline int security_inode_getsecctx(struct inode *inode, + struct lsm_context *cp); { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index 89bd384c14df..b37bce99107c 100644 --- a/security/security.c +++ b/security/security.c @@ -2023,16 +2023,9 @@ int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) } EXPORT_SYMBOL(security_inode_setsecctx); -int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { - struct lsm_context lc = { .context = NULL, .len = 0, }; - int rc; - - rc = call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, &lc); - - *ctx = (void *)lc.context; - *ctxlen = lc.len; - return rc; + return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, cp); } EXPORT_SYMBOL(security_inode_getsecctx); From patchwork Fri Apr 19 00:45:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908443 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A5D9017E0 for ; Fri, 19 Apr 2019 00:48:12 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 96E5A28BAC for ; Fri, 19 Apr 2019 00:48:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8871228B8F; Fri, 19 Apr 2019 00:48:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 098F828B8F for ; Fri, 19 Apr 2019 00:48:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726935AbfDSAsL (ORCPT ); Thu, 18 Apr 2019 20:48:11 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:41249 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726904AbfDSAsL (ORCPT ); Thu, 18 Apr 2019 20:48:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634889; bh=iZvk5ymjUnVfkF81CAYui3SoSjojdju46pk91UHS7sU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=Z0hj+yUZioT934l5fYkwGnuNs7qU/N2S6w1befaSPhyxqx/XLmDChauaRHdarmg7XsTXqxE2pEz9kwXAlozmk/Lbt/G0tIwif0kq8uTf7nKDfnrlP3GfX/GUAU1SOPmdcVQb1GvShmPZCdlLD8RqCAFeg2deCEyRJ8wRMUl6Wx4wsPEbN3pqrqYwf1BTaczqg9eaDr4cTMhIRgN7+hCUxFaHk/wI6GPgmPd1u4DFV9idNw7fjCCYNjDZPYyF9H+7AIuat2V5MsZ6ZsUiJ+wCmbwwYVzTNb7EdTiHp8yiO4xPq7tR6HubrZJU1NYrqqVIQMzw0e+qGNMaOi3CbMa6yw== X-YMail-OSG: Ftz_42YVM1nJ7FSKLwgjWTRbtTVIiYskwdLaJb3gnu3Z5hT3nRiQf909oSHxu03 M7ujvm27lkMUHeu3FgiDSgpzrTCbzMWiDdF01WwuDNcafnT_gf4VZpoGHHPxRyMOqkQFXRx04P0K wNs1Nqe9gk2RHyTicT0MIbFNW0RjNa7c4gqlCJKoqSLJYZtxiKT8w3NZWvs8WwsFm.UYTb8z8VPS ug.UcARpT4BpHUAczXEuaSp1.R2SXgWxuCVFawauqWzq.3kzRijdMbuyY8302hszDaAuGaRxbAUZ t2Q9eWXyLZ628cbdpabCPhXelLhjchzHNEv6qsGY0kuASyOUDqZ9QNPueUZ3PNcGFdezDvxumIT. idpWXeypkTMK5hhVofyad9V4p4JBrz5v.QfJ8kqq0qnffKqIhjI6VML_5gzvqF2g3JEqkfhjs0Kw uooLnsuur5pbOqdg94O0CpbMZI4Alc73vH1lvGMO39g9nBAtKW.JgIKqtumyLEAFPswST0_TnseO r.WOfmtI9tDKpyTihnyh1y873m1l4DEWQc.2b0LTL95lP.sb0Q6gMViCXulyBVBdQNiUKrfGfyxe _yabEhiVHKLpb39P.MbUdr38oE56tVJfKe3A8jZaNpXh1ecMQIVUOU7zSt40AKy1hCqVd3b92rwa j.GQl4uOciFMtGDE1L7sbPm89DPyg_sJN.S7m4qEwimjze6NMAIHsg3SU8mSM7GRignloUUQbmu7 Ed._T1siGchTENebdSJA7AZs9wvsyyI77T_0mSvkwzA6I3Z6LMnT.w6C.0PM2dNYtwuqmz2d3OF8 yXfs4Q.4Liisvd63x_PdSE_zAeFtPPqtIXHHBEXPOApHx_f4Ok98Rxonm4qly8j7o.YEE.P_Of8g morf0fhKlQ4U7J3MtsNdfLq9uHedDvuNFBBu58RLg6axI74UByGyw.UZRoM04yZ0hisl5NkcolH2 S_8JG.gCJA3uOTWNb2TW40n1QiIxrkO6P7EH7ai4dYS.T24Yiv3q475LMG1Qi9x039RRa0LrUf_r MXbWyVNSwqUJFGf2na2refIr9bhowCYcBkST6LHkHPcKWs9UJ4VzQ9VhsOmkYkZceePA7Li0fGgk Y5JHsdKcXxRz1Cl.9pg6Isn_JDZGocM2_dgn27yIiMuAK69U4fWK_pCoXvarh9bORm0PT3G876Xj Vyij7_ag8QpRkgA-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:09 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 354bec82e8db1938f39555b4d4e62c9d; Fri, 19 Apr 2019 00:48:08 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 46/90] LSM: Use lsm_context in security_secctx_to_secid Date: Thu, 18 Apr 2019 17:45:33 -0700 Message-Id: <20190419004617.64627-47-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_secctx_to_secid to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/security.h | 6 ++---- kernel/cred.c | 5 ++++- net/netfilter/nft_meta.c | 5 ++++- net/netfilter/xt_SECMARK.c | 5 ++++- net/netlabel/netlabel_unlabeled.c | 16 ++++++++-------- security/security.c | 8 ++------ 6 files changed, 24 insertions(+), 21 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 90d1ff7a2fe6..3f757b2d8275 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -432,8 +432,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); -int security_secctx_to_secid(const char *secdata, u32 seclen, - struct lsm_export *l); +int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l); void security_release_secctx(char *secdata, u32 seclen); void security_inode_invalidate_secctx(struct inode *inode); @@ -1217,8 +1216,7 @@ static inline int security_secid_to_secctx(struct lsm_export *l, return -EOPNOTSUPP; } -static inline int security_secctx_to_secid(const char *secdata, - u32 seclen, +static inline int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l) { return -EOPNOTSUPP; diff --git a/kernel/cred.c b/kernel/cred.c index 7792538b1ca6..ebae67fdd4d0 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -724,10 +724,13 @@ EXPORT_SYMBOL(set_security_override); */ int set_security_override_from_ctx(struct cred *new, const char *secctx) { + struct lsm_context lc; struct lsm_export le; int ret; - ret = security_secctx_to_secid(secctx, strlen(secctx), &le); + lc.context = secctx; + lc.len = strlen(secctx); + ret = security_secctx_to_secid(&lc, &le); if (ret < 0) return ret; diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index a1d3dab5bc25..f25b26318d72 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -577,11 +577,14 @@ static const struct nla_policy nft_secmark_policy[NFTA_SECMARK_MAX + 1] = { static int nft_secmark_compute_secid(struct nft_secmark *priv) { struct lsm_export le; + struct lsm_context lc; u32 tmp_secid = 0; int err; lsm_export_init(&le); - err = security_secctx_to_secid(priv->ctx, strlen(priv->ctx), &le); + lc.context = priv->ctx; + lc.len = strlen(priv->ctx); + err = security_secctx_to_secid(&lc, &le); if (err) return err; diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index 9a2a97c200a2..a06e50535194 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c @@ -50,13 +50,16 @@ secmark_tg(struct sk_buff *skb, const struct xt_action_param *par) static int checkentry_lsm(struct xt_secmark_target_info *info) { struct lsm_export le; + struct lsm_context lc; int err; info->secctx[SECMARK_SECCTX_MAX - 1] = '\0'; info->secid = 0; lsm_export_init(&le); - err = security_secctx_to_secid(info->secctx, strlen(info->secctx), &le); + lc.context = info->secctx; + lc.len = strlen(info->secctx); + err = security_secctx_to_secid(&lc, &le); if (err) { if (err == -EINVAL) pr_info_ratelimited("invalid security context \'%s\'\n", diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index f79ab91bf25e..707ea5a364b0 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -894,6 +894,7 @@ static int netlbl_unlabel_staticadd(struct sk_buff *skb, void *mask; u32 addr_len; struct lsm_export le; + struct lsm_context lc; struct netlbl_audit audit_info; /* Don't allow users to add both IPv4 and IPv6 addresses for a @@ -914,10 +915,9 @@ static int netlbl_unlabel_staticadd(struct sk_buff *skb, if (ret_val != 0) return ret_val; dev_name = nla_data(info->attrs[NLBL_UNLABEL_A_IFACE]); - ret_val = security_secctx_to_secid( - nla_data(info->attrs[NLBL_UNLABEL_A_SECCTX]), - nla_len(info->attrs[NLBL_UNLABEL_A_SECCTX]), - &le); + lc.context = nla_data(info->attrs[NLBL_UNLABEL_A_SECCTX]); + lc.len = nla_len(info->attrs[NLBL_UNLABEL_A_SECCTX]); + ret_val = security_secctx_to_secid(&lc, &le); if (ret_val != 0) return ret_val; @@ -945,6 +945,7 @@ static int netlbl_unlabel_staticadddef(struct sk_buff *skb, void *mask; u32 addr_len; struct lsm_export le; + struct lsm_context lc; struct netlbl_audit audit_info; /* Don't allow users to add both IPv4 and IPv6 addresses for a @@ -963,10 +964,9 @@ static int netlbl_unlabel_staticadddef(struct sk_buff *skb, ret_val = netlbl_unlabel_addrinfo_get(info, &addr, &mask, &addr_len); if (ret_val != 0) return ret_val; - ret_val = security_secctx_to_secid( - nla_data(info->attrs[NLBL_UNLABEL_A_SECCTX]), - nla_len(info->attrs[NLBL_UNLABEL_A_SECCTX]), - &le); + lc.context = nla_data(info->attrs[NLBL_UNLABEL_A_SECCTX]); + lc.len = nla_len(info->attrs[NLBL_UNLABEL_A_SECCTX]); + ret_val = security_secctx_to_secid(&lc, &le); if (ret_val != 0) return ret_val; diff --git a/security/security.c b/security/security.c index b37bce99107c..9f32865e7329 100644 --- a/security/security.c +++ b/security/security.c @@ -1987,15 +1987,11 @@ int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) } EXPORT_SYMBOL(security_secid_to_secctx); -int security_secctx_to_secid(const char *secdata, u32 seclen, - struct lsm_export *l) +int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l) { - struct lsm_context lc; - lc.context = secdata; - lc.len = seclen; lsm_export_init(l); - return call_one_int_hook(secctx_to_secid, 0, &lc, l); + return call_one_int_hook(secctx_to_secid, 0, cp, l); } EXPORT_SYMBOL(security_secctx_to_secid); From patchwork Fri Apr 19 00:45:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908451 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 874661932 for ; Fri, 19 Apr 2019 00:48:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7820328B1F for ; Fri, 19 Apr 2019 00:48:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6B30F28B9F; Fri, 19 Apr 2019 00:48:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7FD0128D6D for ; Fri, 19 Apr 2019 00:48:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726519AbfDSAsL (ORCPT ); Thu, 18 Apr 2019 20:48:11 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:36479 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726731AbfDSAsL (ORCPT ); Thu, 18 Apr 2019 20:48:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634889; bh=+ZoKPzrD2nR5EUY6GzTUfVN3wrTitv5qfxKbCyM9F3k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=POGRBH3lplR45oGTLBpDc9Pf8lf3rs1HrmVg9U/L1kRlB8+u1puTX8zBmRS+vx1y9Zlqg3P47anVAtQQ4ERM4wNMbbj+cNrTLD0STeivtAWgkbPUWMWsSm2sObB3sbTv+m2WhnYmpaQ9PK2iyU7wjhJw+3cNyCTyLVkF2ee/MXXS2ZceRE2qmRDT5/+HEAoG3WsslvezLryuAdVpzSpshlO9cvX4hVQxLSedsdXgAm2pmqOkL/dFxSOloC7gPKfWMevbC4JQzGUqQ4dY5hrO/BXVhbDladnbc3i39n6lsiwGuLHzZpoqb8kvODDfbU7SqL5KRwkxXHE/gJJPCLG/Wg== X-YMail-OSG: _Sl8v3kVM1latTgedUUbPqrr67u0Zoy8gW5QIGg8LMJTLgyu16E7Z72bqwF22yZ 0kKlalEmXhmwZ6HBHNvsWvUREi_3_JcgtuzbL6CxZYKoe5wapf2N5JNhma36PhJZUg0gcaNZYRkQ gJ0g99bDG2luvSQYx1giebbwzg55IZeWzmQeyqGqCezOlB8QrP4D6jRr21eULbUTC5jkrn7M.VxJ QKuw1WMfabdq0DkFs30ZTi8SGP00.Qidp5RZyJRznKItqFAqNZp22EIi6sNWxtV9Zi6eUVc.hA3o kDuiP9NiiTk1nvj2emhn4J6c46xzGuCQW44.3sewr8jIhY5SJJFajevGOfOtSRgFSKU5zDngfsfb x36gL2Eo7FcnKDe7ZLvtHx5z9l2tmd2Env5yL8XJIlonjqem8g_SIKyBGLGm7sul1Hkf3ytU9wf_ rnAWFJxtHLd05Do2G9uwm8.stuiTN5sSYVSmmcUzXNOxWx9_QydLc5I8JdPcbxAYbqB2Md1WEhCX Yem.0rLnj0u39fUsalLD.ZFL7yUwgNu4PDAIcx9iUihpjWwMCVLuR8Ven.7lQ4pXxBuaBB10bd5I pGRBd1RChxc_0e3cObYECP.1EzNHX2_bhfAserszJaEUVFS4cBVH.tgcuYgdbwQ.YDJOL.yw.nNu WT5oRxTXADdmgG_GhSWQd_PorloR2hK_iPrPuQxNbQw9fFikiggAlY.XjRQNzHBWpa8M3ef5ZIKL 6snO9xYz4WmWosbTSQWwrtvpJUy_jOx5_Ic.u.O4CPBUPb_89Dbd8xh5mw5eu9CaYMfVKaFpkExx urP2rBvWtYsV9JMoSZAZ1NIVT7TN1JmODdg3yCoBF_cyPQQZVeVVyOd.qJ0BvvlfRqALrUx1NHBf TLjPMIW18UpM0m2NHwdcf4lD.xmYOevQRS5UTEwWzUWBBeU9gMU6sXKZNvnO8FOJgxWM1VTmLi.7 VceBDWCe8bW5vjH7BNkADFpR5xFP0cxe030FrrD0dNOwUoKAhY15UDbeeuoUQZJfTuSBbEDxoTo6 5KMzOVvAeE6xGJuMgDkvY8C0rU6yU1FTG8gZBDWJZkv2vXGDlQpIlINoq_4L8Gdut1Wz5i2m.AZI YQZ0EeRG_dBOYNtFwtx9Jhyhl2om6RIBoJBpIM1Cvjasa.KDxTRtSHw0CN6ZrSafq3LLZiSQ7Wa4 LzCDDqoe7OYaA Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:09 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 354bec82e8db1938f39555b4d4e62c9d; Fri, 19 Apr 2019 00:48:09 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 47/90] LSM: Use lsm_context in release_secctx hooks Date: Thu, 18 Apr 2019 17:45:34 -0700 Message-Id: <20190419004617.64627-48-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert SELinux, Smack and AppAror to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 3 +-- security/apparmor/include/secid.h | 2 +- security/apparmor/secid.c | 4 ++-- security/security.c | 7 +++++-- security/selinux/hooks.c | 4 ++-- security/smack/smack_lsm.c | 4 ++-- 6 files changed, 13 insertions(+), 11 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index f60ec98596c8..11bfa0a4f188 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1332,7 +1332,6 @@ * @release_secctx: * Release the security context. * @secdata contains the security context. - * @seclen contains the length of the security context. * * Security hooks for Audit * @@ -1671,7 +1670,7 @@ union security_list_options { int (*secid_to_secctx)(struct lsm_export *l, struct lsm_context *cp); int (*secctx_to_secid)(const struct lsm_context *cp, struct lsm_export *l); - void (*release_secctx)(char *secdata, u32 seclen); + void (*release_secctx)(struct lsm_context *cp); void (*inode_invalidate_secctx)(struct inode *inode); int (*inode_notifysecctx)(struct inode *inode, struct lsm_context *cp); diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index acfcf99bff0e..a780e56d4f5b 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -29,7 +29,7 @@ struct aa_label *aa_secid_to_label(struct lsm_export *l); int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp); int apparmor_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l); -void apparmor_release_secctx(char *secdata, u32 seclen); +void apparmor_release_secctx(struct lsm_context *cp); int aa_alloc_secid(struct aa_label *label, gfp_t gfp); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 35df38592b6e..46c8b9a67ac7 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -123,9 +123,9 @@ int apparmor_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l) return 0; } -void apparmor_release_secctx(char *secdata, u32 seclen) +void apparmor_release_secctx(struct lsm_context *cp) { - kfree(secdata); + kfree(cp->context); } /** diff --git a/security/security.c b/security/security.c index 9f32865e7329..029d2f4fe48c 100644 --- a/security/security.c +++ b/security/security.c @@ -1989,7 +1989,6 @@ EXPORT_SYMBOL(security_secid_to_secctx); int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l) { - lsm_export_init(l); return call_one_int_hook(secctx_to_secid, 0, cp, l); } @@ -1997,7 +1996,11 @@ EXPORT_SYMBOL(security_secctx_to_secid); void security_release_secctx(char *secdata, u32 seclen) { - call_one_void_hook(release_secctx, secdata, seclen); + struct lsm_context lc; + + lc.context = secdata; + lc.len = seclen; + call_one_void_hook(release_secctx, &lc); } EXPORT_SYMBOL(security_release_secctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index fe09905d013c..332296f69f76 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6322,9 +6322,9 @@ static int selinux_secctx_to_secid(const struct lsm_context *cp, return rc; } -static void selinux_release_secctx(char *secdata, u32 seclen) +static void selinux_release_secctx(struct lsm_context *cp) { - kfree(secdata); + kfree(cp->context); } static void selinux_inode_invalidate_secctx(struct inode *inode) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 3d24503029e5..cf27905ccaa5 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4468,9 +4468,9 @@ static int smack_secctx_to_secid(const struct lsm_context *cp, } /* - * There smack_release_secctx hook does nothing + * The smack_release_secctx hook does nothing */ -static void smack_release_secctx(char *secdata, u32 seclen) +static void smack_release_secctx(struct lsm_context *cp) { } From patchwork Fri Apr 19 00:45:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908455 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8BC65922 for ; Fri, 19 Apr 2019 00:48:21 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7A95028B1F for ; Fri, 19 Apr 2019 00:48:21 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6E55028B91; Fri, 19 Apr 2019 00:48:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 140B528B8F for ; Fri, 19 Apr 2019 00:48:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726531AbfDSAsT (ORCPT ); Thu, 18 Apr 2019 20:48:19 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:36675 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726470AbfDSAsT (ORCPT ); Thu, 18 Apr 2019 20:48:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634894; bh=fEFSaTJW0PhJ/+1XDLyA9EJN3fv5fqnG/83jcoBEXmU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=NnKP/hgUwX1Yg3gU9jIU0D3pb0b2d6zWILSDM+07tQl3+2YUyAjc+MTMQjD9Wunnl0Ri5/gneTvANbjWIcei6MtVELElkDsfhgzZktWxaZqr71x7Bm8E5cTF9eDm4AwA4iRl/4l1vBNTwpqJIlVIPZD+Vuu1RlgkXS/SgjA2bBFh/qCDwJUa0QEPBeYlN05B61/DDuh0JcfwBf7B2mf8CbyqlE+CkmlIbmW8VYbdoR7X5WDCCL8JqOQRCqFJxBI1S+eGqQS2RWupzo6uD75tOfVLTBb0bOkXIrNuWNVuyCMcZ6L71j2Ib9tTYUZtJXwTmqsfFI6EhAMihsDHjfzTJw== X-YMail-OSG: Nf27BuwVM1noqYOPsu3lfjO6UsPGuvfiIHnMQC1ebolAmtP7R2rxYpXLi84TiZN xAUbsw0LpTViZzeRp2mLHry4L8UMxtdqey0iWF2QAqw.k8RJt920cWOuzENOrl.DGEWEFs2oQ7KN mmEzb6QN.pqwI4otVnbJdw2FuEwvh.fqqy3LDVgCYDiEbY5rI44Fr0ZaWnUvDsRgGYiIK0wKb08. dpw1LLbCjiJwPruMTSA3KdOeoxSkgdYHh5pfja_Q.akkBeRIIjOwOPXVzVE6FyklVEDg16nKU0Tm medWqCsgRn6SMcARXN_TV6cOZvShFd0m6mr2KYOM3DaFq_H5KX_nSi4r7Kscg9dUxf_5tQfKL0bG h6mgbd2hVsGeBS7_T.s9aZ9urZmTNu2KOUQI_EJ8XH4WdykgkF1HP__9ZDzi7TyNawaCBDzRnsvV J.H.fEARQrOps3ngpV9_uRAcE3KxU2iBm62xS_alcVhl0aphl_2oBR5jLqVoT6Lto1WKvsPhKd17 73iWuUtBowlL2_zu4XooZS2ufYf2Dc29n7aLmP27mGL3Hw7klGK3o5jTKdODAjKlHK4OIy4e_ZL9 R9iunZROPTNc98KB4iovCp7U6ff3v4DAJHAA.PQgZhbPNYMxQ2g2esUqOdOwtjBI125cbRUB5vJd yEQPEgMxIaLhlHs5k9dnGfLEagrII_3u.R2fxxXsFnG1_QjnR2M1ssxr_9WxisLKHC1R3ej3MigP v9CBfPYnYKtBxGBHNCFUc4kIrx2glMFw2VuSVsSrvKBvUkMDD.Pqp4mLloP9tHX_g9Xh04CwZCRo nEzQ5oI.ap_69HRTvLcVj.9Bt1MN1Yep2SH3FGXcarkBfkt1y6ROns3HnOzGpqTZNQpIPSpT6DQ4 S_mj6MlzkJkep8QrG2SL6Q.o0byL_Qzg08fNFn8JNkXwNj004pqweF5qWCUY6Aw65Z4FtehB7Xqr WEcQSarbTFDZcBowPDATq8XQDCQfVqOUjUhysMYPUTiPDVxi8Bff60vetOExg4mBdpVgewSnXADp H6AKS5jlp39Sdqbl.j5Tlro7qJ35wk7woIe.JT6gi3N.6Qr5.BdRCQyQ4oD_ma9Kakbr9YrLJ_4T fn49dYw27t5VGOSYdnC0yAWt6M_pWNZjAuym22Aavho8y7PKU_KK_V.oZaJn5TiWCMtJTW.ii2P4 zEzledfQ- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:14 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 354bec82e8db1938f39555b4d4e62c9d; Fri, 19 Apr 2019 00:48:10 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 48/90] LSM: Use lsm_context in security_release_secctx Date: Thu, 18 Apr 2019 17:45:35 -0700 Message-Id: <20190419004617.64627-49-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_release_secctx to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- drivers/android/binder.c | 21 +++++++-------- fs/kernfs/dir.c | 9 ++++--- fs/kernfs/inode.c | 2 +- fs/nfs/nfs4proc.c | 9 +++++-- fs/nfsd/nfs4xdr.c | 2 +- include/linux/security.h | 4 +-- include/net/scm.h | 10 +++---- kernel/audit.c | 27 +++++++++---------- kernel/auditsc.c | 27 +++++++++---------- net/ipv4/ip_sockglue.c | 9 +++---- net/netfilter/nf_conntrack_netlink.c | 10 +++---- net/netfilter/nf_conntrack_standalone.c | 9 +++---- net/netfilter/nfnetlink_queue.c | 28 ++++++++++--------- net/netlabel/netlabel_unlabeled.c | 36 ++++++++++++------------- net/netlabel/netlabel_user.c | 11 ++++---- security/security.c | 10 +++---- 16 files changed, 109 insertions(+), 115 deletions(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index 0eeb5b75da5b..c2cfef13257c 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -2874,8 +2874,7 @@ static void binder_transaction(struct binder_proc *proc, binder_size_t last_fixup_min_off = 0; struct binder_context *context = proc->context; int t_debug_id = atomic_inc_return(&binder_last_id); - char *secctx = NULL; - u32 secctx_sz = 0; + struct lsm_context lc = { .len = 0, .context = NULL, }; e = binder_transaction_log_add(&binder_transaction_log); e->debug_id = t_debug_id; @@ -3122,14 +3121,14 @@ static void binder_transaction(struct binder_proc *proc, struct lsm_export le; security_task_getsecid(proc->tsk, &le); - ret = security_secid_to_secctx(&le, &secctx, &secctx_sz); + ret = security_secid_to_secctx(&le, &lc.context, &lc.len); if (ret) { return_error = BR_FAILED_REPLY; return_error_param = ret; return_error_line = __LINE__; goto err_get_secctx_failed; } - extra_buffers_size += ALIGN(secctx_sz, sizeof(u64)); + extra_buffers_size += ALIGN(lc.len, sizeof(u64)); } trace_binder_transaction(reply, t, target_node); @@ -3148,18 +3147,18 @@ static void binder_transaction(struct binder_proc *proc, t->buffer = NULL; goto err_binder_alloc_buf_failed; } - if (secctx) { + if (lc.context) { size_t buf_offset = ALIGN(tr->data_size, sizeof(void *)) + ALIGN(tr->offsets_size, sizeof(void *)) + ALIGN(extra_buffers_size, sizeof(void *)) - - ALIGN(secctx_sz, sizeof(u64)); + ALIGN(lc.len, sizeof(u64)); t->security_ctx = (uintptr_t)t->buffer->user_data + buf_offset; binder_alloc_copy_to_buffer(&target_proc->alloc, t->buffer, buf_offset, - secctx, secctx_sz); - security_release_secctx(secctx, secctx_sz); - secctx = NULL; + lc.context, lc.len); + security_release_secctx(&lc); + lc.context = NULL; } t->buffer->debug_id = t->debug_id; t->buffer->transaction = t; @@ -3479,8 +3478,8 @@ static void binder_transaction(struct binder_proc *proc, t->buffer->transaction = NULL; binder_alloc_free_buf(&target_proc->alloc, t->buffer); err_binder_alloc_buf_failed: - if (secctx) - security_release_secctx(secctx, secctx_sz); + if (lc.context) + security_release_secctx(&lc); err_get_secctx_failed: kfree(tcomplete); binder_stats_deleted(BINDER_STAT_TRANSACTION_COMPLETE); diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c index b84d635567d3..11672c075a8b 100644 --- a/fs/kernfs/dir.c +++ b/fs/kernfs/dir.c @@ -532,9 +532,12 @@ void kernfs_put(struct kernfs_node *kn) kfree_const(kn->name); if (kn->iattr) { - if (kn->iattr->ia_secdata) - security_release_secctx(kn->iattr->ia_secdata, - kn->iattr->ia_secdata_len); + if (kn->iattr->ia_secdata) { + struct lsm_context lc; /* Scaffolding -Casey */ + lc.context = kn->iattr->ia_secdata; + lc.len = kn->iattr->ia_secdata_len; + security_release_secctx(&lc); + } simple_xattrs_free(&kn->iattr->xattrs); kmem_cache_free(kernfs_iattrs_cache, kn->iattr); } diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 41c5afc698fc..45781f0da80f 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -370,7 +370,7 @@ static int kernfs_security_xattr_set(const struct xattr_handler *handler, mutex_unlock(&kernfs_mutex); if (lc.context) - security_release_secctx(lc.context, lc.len); + security_release_secctx(&lc); return error; } diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index de000649f9f3..8dee01eda643 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -134,8 +134,13 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry, static inline void nfs4_label_release_security(struct nfs4_label *label) { - if (label) - security_release_secctx(label->label, label->len); + struct lsm_context lc; /* Scaffolding -Casey */ + + if (label) { + lc.context = label->label; + lc.len = label->len; + security_release_secctx(&lc); + } } static inline u32 *nfs4_bitmask(struct nfs_server *server, struct nfs4_label *label) { diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 1bf34730d054..3d1251bd588f 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -2918,7 +2918,7 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, out: #ifdef CONFIG_NFSD_V4_SECURITY_LABEL if (lc.context) - security_release_secctx(lc.context, lc.len); + security_release_secctx(&lc); #endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ kfree(acl); if (tempfh) { diff --git a/include/linux/security.h b/include/linux/security.h index 3f757b2d8275..57ce9b824eef 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -433,7 +433,7 @@ int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l); -void security_release_secctx(char *secdata, u32 seclen); +void security_release_secctx(struct lsm_context *cp); void security_inode_invalidate_secctx(struct inode *inode); int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp); @@ -1222,7 +1222,7 @@ static inline int security_secctx_to_secid(struct lsm_context *cp, return -EOPNOTSUPP; } -static inline void security_release_secctx(char *secdata, u32 seclen) +static inline void security_release_secctx(struct lsm_context *cp); { } diff --git a/include/net/scm.h b/include/net/scm.h index b5d1c24318e3..7e242ebdd258 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -92,16 +92,16 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg, #ifdef CONFIG_SECURITY_NETWORK static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) { - char *secdata; - u32 seclen; + struct lsm_context lc; int err; if (test_bit(SOCK_PASSSEC, &sock->flags)) { - err = security_secid_to_secctx(&scm->le, &secdata, &seclen); + err = security_secid_to_secctx(&scm->le, &lc.context, &lc.len); if (!err) { - put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata); - security_release_secctx(secdata, seclen); + put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, + lc.len, lc.context); + security_release_secctx(&lc); } } } diff --git a/kernel/audit.c b/kernel/audit.c index d83d1f05c95d..269c76fefe40 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1191,8 +1191,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) struct audit_buffer *ab; u16 msg_type = nlh->nlmsg_type; struct audit_sig_info *sig_data; - char *ctx = NULL; - u32 len; + struct lsm_context lc = { .context = NULL, .len = 0, }; err = audit_netlink_ok(skb, msg_type); if (err) @@ -1428,27 +1427,26 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) break; } case AUDIT_SIGNAL_INFO: - len = 0; if (lsm_export_any(&audit_sig_lsm)) { - err = security_secid_to_secctx(&audit_sig_lsm, &ctx, - &len); + err = security_secid_to_secctx(&audit_sig_lsm, + &lc.context, &lc.len); if (err) return err; } - sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL); + sig_data = kmalloc(sizeof(*sig_data) + lc.len, GFP_KERNEL); if (!sig_data) { if (lsm_export_any(&audit_sig_lsm)) - security_release_secctx(ctx, len); + security_release_secctx(&lc); return -ENOMEM; } sig_data->uid = from_kuid(&init_user_ns, audit_sig_uid); sig_data->pid = audit_sig_pid; if (lsm_export_any(&audit_sig_lsm)) { - memcpy(sig_data->ctx, ctx, len); - security_release_secctx(ctx, len); + memcpy(sig_data->ctx, lc.context, lc.len); + security_release_secctx(&lc); } audit_send_reply(skb, seq, AUDIT_SIGNAL_INFO, 0, 0, - sig_data, sizeof(*sig_data) + len); + sig_data, sizeof(*sig_data) + lc.len); kfree(sig_data); break; case AUDIT_TTY_GET: { @@ -2070,24 +2068,23 @@ void audit_log_key(struct audit_buffer *ab, char *key) int audit_log_task_context(struct audit_buffer *ab) { - char *ctx = NULL; - unsigned len; int error; struct lsm_export le; + struct lsm_context lc = { .context = NULL, }; security_task_getsecid(current, &le); if (!lsm_export_any(&le)) return 0; - error = security_secid_to_secctx(&le, &ctx, &len); + error = security_secid_to_secctx(&le, &lc.context, &lc.len); if (error) { if (error != -EINVAL) goto error_path; return 0; } - audit_log_format(ab, " subj=%s", ctx); - security_release_secctx(ctx, len); + audit_log_format(ab, " subj=%s", lc.context); + security_release_secctx(&lc); return 0; error_path: diff --git a/kernel/auditsc.c b/kernel/auditsc.c index d64775f4bb1b..4dab81c7aca0 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -938,9 +938,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, unsigned int sessionid, struct lsm_export *l, char *comm) { + struct lsm_context lc = { .context = NULL, }; struct audit_buffer *ab; - char *ctx = NULL; - u32 len; int rc = 0; ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID); @@ -951,12 +950,12 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); if (lsm_export_any(l)) { - if (security_secid_to_secctx(l, &ctx, &len)) { + if (security_secid_to_secctx(l, &lc.context, &lc.len)) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { - audit_log_format(ab, " obj=%s", ctx); - security_release_secctx(ctx, len); + audit_log_format(ab, " obj=%s", lc.context); + security_release_secctx(&lc); } } audit_log_format(ab, " ocomm="); @@ -1191,14 +1190,13 @@ static void show_special(struct audit_context *context, int *call_panic) from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); if (lsm_export_any(l)) { - char *ctx = NULL; - u32 len; - if (security_secid_to_secctx(l, &ctx, &len)) { + struct lsm_context lc = { .context = NULL, }; + if (security_secid_to_secctx(l, &lc.context, &lc.len)) { audit_log_format(ab, " osid=(unknown)"); *call_panic = 1; } else { - audit_log_format(ab, " obj=%s", ctx); - security_release_secctx(ctx, len); + audit_log_format(ab, " obj=%s", lc.context); + security_release_secctx(&lc); } } if (context->ipc.has_perm) { @@ -1342,16 +1340,15 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, MAJOR(n->rdev), MINOR(n->rdev)); if (lsm_export_any(&n->olsm)) { - char *ctx = NULL; - u32 len; + struct lsm_context lc; - if (security_secid_to_secctx(&n->olsm, &ctx, &len)) { + if (security_secid_to_secctx(&n->olsm, &lc.context, &lc.len)) { audit_log_format(ab, " osid=(unknown)"); if (call_panic) *call_panic = 2; } else { - audit_log_format(ab, " obj=%s", ctx); - security_release_secctx(ctx, len); + audit_log_format(ab, " obj=%s", lc.context); + security_release_secctx(&lc); } } diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index a4f37ba6dbe2..18a7fab8b2d3 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -131,20 +131,19 @@ static void ip_cmsg_recv_checksum(struct msghdr *msg, struct sk_buff *skb, static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) { struct lsm_export le; - char *secdata; - u32 seclen; + struct lsm_context lc; int err; err = security_socket_getpeersec_dgram(NULL, skb, &le); if (err) return; - err = security_secid_to_secctx(&le, &secdata, &seclen); + err = security_secid_to_secctx(&le, &lc.context, &lc.len); if (err) return; - put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata); - security_release_secctx(secdata, seclen); + put_cmsg(msg, SOL_IP, SCM_SECURITY, lc.len, lc.context); + security_release_secctx(&lc); } static void ip_cmsg_recv_dstaddr(struct msghdr *msg, struct sk_buff *skb) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index d10cc1924e46..49bce1b085ce 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -328,16 +328,16 @@ static int ctnetlink_dump_mark(struct sk_buff *skb, const struct nf_conn *ct) static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) { struct nlattr *nest_secctx; - int len, ret; - char *secctx; + int ret; struct lsm_export le; + struct lsm_context lc; lsm_export_init(&le); le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; le.selinux = ct->secmark; le.smack = ct->secmark; - ret = security_secid_to_secctx(&le, &secctx, &len); + ret = security_secid_to_secctx(&le, &lc.context, &lc.len); if (ret) return 0; @@ -346,13 +346,13 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) if (!nest_secctx) goto nla_put_failure; - if (nla_put_string(skb, CTA_SECCTX_NAME, secctx)) + if (nla_put_string(skb, CTA_SECCTX_NAME, lc.context)) goto nla_put_failure; nla_nest_end(skb, nest_secctx); ret = 0; nla_put_failure: - security_release_secctx(secctx, len); + security_release_secctx(&lc); return ret; } #else diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index d353f3efc5a5..97d16a51504b 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -173,9 +173,8 @@ static void ct_seq_stop(struct seq_file *s, void *v) static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) { int ret; - u32 len; - char *secctx; struct lsm_export le; + struct lsm_context lc; /* Whichever LSM may be using the secmark */ lsm_export_init(&le); @@ -183,13 +182,13 @@ static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) le.selinux = ct->secmark; le.smack = ct->secmark; - ret = security_secid_to_secctx(&le, &secctx, &len); + ret = security_secid_to_secctx(&le, &lc.context, &lc.len); if (ret) return; - seq_printf(s, "secctx=%s ", secctx); + seq_printf(s, "secctx=%s ", lc.context); - security_release_secctx(secctx, len); + security_release_secctx(&lc); } #else static inline void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index a0670137477b..b70871693368 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -307,9 +307,9 @@ static int nfqnl_put_sk_uidgid(struct sk_buff *skb, struct sock *sk) static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) { - u32 seclen = 0; #if IS_ENABLED(CONFIG_NETWORK_SECMARK) struct lsm_export le; + struct lsm_context lc = { .context = NULL, .len = 0, }; if (!skb || !sk_fullsock(skb->sk)) return 0; @@ -322,12 +322,15 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; le.selinux = skb->secmark; le.smack = skb->secmark; - security_secid_to_secctx(&le, secdata, &seclen); + security_secid_to_secctx(&le, &lc.context, &lc.len); + *secdata = lc.context; } read_unlock_bh(&skb->sk->sk_callback_lock); + return lc.len; +#else + return 0; #endif - return seclen; } static u32 nfqnl_get_bridge_size(struct nf_queue_entry *entry) @@ -403,8 +406,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, enum ip_conntrack_info uninitialized_var(ctinfo); struct nfnl_ct_hook *nfnl_ct; bool csum_verify; - char *secdata = NULL; - u32 seclen = 0; + struct lsm_context lc = { .context = NULL, }; size = nlmsg_total_size(sizeof(struct nfgenmsg)) + nla_total_size(sizeof(struct nfqnl_msg_packet_hdr)) @@ -470,9 +472,9 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, } if ((queue->flags & NFQA_CFG_F_SECCTX) && entskb->sk) { - seclen = nfqnl_get_sk_secctx(entskb, &secdata); - if (seclen) - size += nla_total_size(seclen); + lc.len = nfqnl_get_sk_secctx(entskb, &lc.context); + if (lc.len) + size += nla_total_size(lc.len); } skb = alloc_skb(size, GFP_ATOMIC); @@ -605,7 +607,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, nfqnl_put_sk_uidgid(skb, entskb->sk) < 0) goto nla_put_failure; - if (seclen && nla_put(skb, NFQA_SECCTX, seclen, secdata)) + if (lc.len && nla_put(skb, NFQA_SECCTX, lc.len, lc.context)) goto nla_put_failure; if (ct && nfnl_ct->build(skb, ct, ctinfo, NFQA_CT, NFQA_CT_INFO) < 0) @@ -633,8 +635,8 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, } nlh->nlmsg_len = skb->len; - if (seclen) - security_release_secctx(secdata, seclen); + if (lc.context) + security_release_secctx(&lc); return skb; nla_put_failure: @@ -642,8 +644,8 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, kfree_skb(skb); net_err_ratelimited("nf_queue: error creating packet message\n"); nlmsg_failure: - if (seclen) - security_release_secctx(secdata, seclen); + if (lc.context) + security_release_secctx(&lc); return NULL; } diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 707ea5a364b0..4c4a8f6df261 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -387,8 +387,6 @@ int netlbl_unlhsh_add(struct net *net, struct net_device *dev; struct netlbl_unlhsh_iface *iface; struct audit_buffer *audit_buf = NULL; - char *secctx = NULL; - u32 secctx_len; if (addr_len != sizeof(struct in_addr) && addr_len != sizeof(struct in6_addr)) @@ -451,9 +449,10 @@ int netlbl_unlhsh_add(struct net *net, unlhsh_add_return: rcu_read_unlock(); if (audit_buf != NULL) { - if (security_secid_to_secctx(l, &secctx, &secctx_len) == 0) { - audit_log_format(audit_buf, " sec_obj=%s", secctx); - security_release_secctx(secctx, secctx_len); + struct lsm_context lc; + if (security_secid_to_secctx(l, &lc.context, &lc.len) == 0) { + audit_log_format(audit_buf, " sec_obj=%s", lc.context); + security_release_secctx(&lc); } audit_log_format(audit_buf, " res=%u", ret_val == 0 ? 1 : 0); audit_log_end(audit_buf); @@ -484,8 +483,6 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, struct netlbl_unlhsh_addr4 *entry; struct audit_buffer *audit_buf; struct net_device *dev; - char *secctx; - u32 secctx_len; spin_lock(&netlbl_unlhsh_lock); list_entry = netlbl_af4list_remove(addr->s_addr, mask->s_addr, @@ -499,6 +496,7 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_STCDEL, audit_info); if (audit_buf != NULL) { + struct lsm_context lc; dev = dev_get_by_index(net, iface->ifindex); netlbl_af4list_audit_addr(audit_buf, 1, (dev != NULL ? dev->name : NULL), @@ -507,9 +505,9 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, dev_put(dev); if (entry != NULL && security_secid_to_secctx(&entry->le, - &secctx, &secctx_len) == 0) { - audit_log_format(audit_buf, " sec_obj=%s", secctx); - security_release_secctx(secctx, secctx_len); + &lc.context, &lc.len) == 0) { + audit_log_format(audit_buf, " sec_obj=%s", lc.context); + security_release_secctx(&lc); } audit_log_format(audit_buf, " res=%u", entry != NULL ? 1 : 0); audit_log_end(audit_buf); @@ -560,6 +558,7 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_STCDEL, audit_info); if (audit_buf != NULL) { + struct lsm_context lc; dev = dev_get_by_index(net, iface->ifindex); netlbl_af6list_audit_addr(audit_buf, 1, (dev != NULL ? dev->name : NULL), @@ -568,9 +567,9 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, dev_put(dev); if (entry != NULL && security_secid_to_secctx(&entry->le, - &secctx, &secctx_len) == 0) { - audit_log_format(audit_buf, " sec_obj=%s", secctx); - security_release_secctx(secctx, secctx_len); + &lc.context, &lc.len) == 0) { + audit_log_format(audit_buf, " sec_obj=%s", lc.context); + security_release_secctx(&lc); } audit_log_format(audit_buf, " res=%u", entry != NULL ? 1 : 0); audit_log_end(audit_buf); @@ -1082,9 +1081,8 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, struct netlbl_unlhsh_walk_arg *cb_arg = arg; struct net_device *dev; void *data; - char *secctx; - u32 secctx_len; struct lsm_export *lep; + struct lsm_context lc; data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid, cb_arg->seq, &netlbl_unlabel_gnl_family, @@ -1139,14 +1137,14 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, lep = (struct lsm_export *)&addr6->le; } - ret_val = security_secid_to_secctx(lep, &secctx, &secctx_len); + ret_val = security_secid_to_secctx(lep, &lc.context, &lc.len); if (ret_val != 0) goto list_cb_failure; ret_val = nla_put(cb_arg->skb, NLBL_UNLABEL_A_SECCTX, - secctx_len, - secctx); - security_release_secctx(secctx, secctx_len); + lc.len, + lc.context); + security_release_secctx(&lc); if (ret_val != 0) goto list_cb_failure; diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 2cc96305c841..0418f0935199 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -98,8 +98,7 @@ struct audit_buffer *netlbl_audit_start_common(int type, struct netlbl_audit *audit_info) { struct audit_buffer *audit_buf; - char *secctx; - u32 secctx_len; + struct lsm_context lc; if (audit_enabled == AUDIT_OFF) return NULL; @@ -113,10 +112,10 @@ struct audit_buffer *netlbl_audit_start_common(int type, audit_info->sessionid); if (lsm_export_any(&audit_info->le) && - security_secid_to_secctx(&audit_info->le, &secctx, - &secctx_len) == 0) { - audit_log_format(audit_buf, " subj=%s", secctx); - security_release_secctx(secctx, secctx_len); + security_secid_to_secctx(&audit_info->le, &lc.context, + &lc.len) == 0) { + audit_log_format(audit_buf, " subj=%s", lc.context); + security_release_secctx(&lc); } return audit_buf; diff --git a/security/security.c b/security/security.c index 029d2f4fe48c..3da7302d20ec 100644 --- a/security/security.c +++ b/security/security.c @@ -1981,7 +1981,7 @@ int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) if (secdata) *secdata = lc.context; else - security_release_secctx(lc.context, lc.len); + security_release_secctx(&lc); *seclen = lc.len; return rc; } @@ -1994,13 +1994,9 @@ int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l) } EXPORT_SYMBOL(security_secctx_to_secid); -void security_release_secctx(char *secdata, u32 seclen) +void security_release_secctx(struct lsm_context *cp) { - struct lsm_context lc; - - lc.context = secdata; - lc.len = seclen; - call_one_void_hook(release_secctx, &lc); + call_one_void_hook(release_secctx, cp); } EXPORT_SYMBOL(security_release_secctx); From patchwork Fri Apr 19 00:45:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908595 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BB48C1515 for ; Fri, 19 Apr 2019 00:50:16 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A8A3D28C84 for ; Fri, 19 Apr 2019 00:50:16 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9CEC328C9B; Fri, 19 Apr 2019 00:50:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B9D3128C86 for ; Fri, 19 Apr 2019 00:50:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726057AbfDSAuP (ORCPT ); Thu, 18 Apr 2019 20:50:15 -0400 Received: from sonic305-31.consmr.mail.bf2.yahoo.com ([74.6.133.230]:33240 "EHLO sonic305-31.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727110AbfDSAuP (ORCPT ); Thu, 18 Apr 2019 20:50:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555635011; bh=20Rb5jYWo49Bap1qMEB12Igt97pOzw5rUDuKwPsIKtU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=aWX1zgGdiOZechbKynNOOPVynV205Lqs17vg2Vu4d97z+CNXdnyRK5VfEgnvVi1KewIf3jD0hvZL6QTu3EjdY/ykDR+rfaArdd6jbYxMwj63AD5kvVS6tWJHbXfN/U7+xV4dKG1x1h1iej56oJs1DXXQZUjVfh8fAGup2TEB7mnaL8OXbyIG9tex0RE0lOb1Pc/TKrBCLiD5Wvzfy8d0eOAU3IujrT6nVMS8L019Kg09h5bmHU8+Eo9u/Qt7USTj4SrrLouX0BVqNSfkCOGvn62zWjUN4sxBKv8DVh5+rKVGkX8njWw2iZCeIqmjT81dQ6TXRAjWKQGlRUZJ5HNIuw== X-YMail-OSG: y1GhQmEVM1kyADg9NpfhpwLQWraOQ0csKsDqCrXh94sNejYrRZH_8Iw1JIGThmM h3t4pmd3MWkM759HRi4SK12U.jNrSmI5ddqaD_Oh6RmVdQw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:50:11 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp404.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 354bec82e8db1938f39555b4d4e62c9d; Fri, 19 Apr 2019 00:48:11 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 49/90] LSM: Use lsm_context in security_secid_to_secctx Date: Thu, 18 Apr 2019 17:45:36 -0700 Message-Id: <20190419004617.64627-50-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert security_secid_to_secctx to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Add a flag for lsm_export to indicate that the caller of security_secid_to_secctx() is only interested in the length of the context. Signed-off-by: Casey Schaufler --- drivers/android/binder.c | 2 +- include/linux/security.h | 13 +++++++------ include/net/scm.h | 2 +- kernel/audit.c | 5 ++--- kernel/auditsc.c | 10 +++++----- net/ipv4/ip_sockglue.c | 2 +- net/netfilter/nf_conntrack_netlink.c | 11 ++++++----- net/netfilter/nf_conntrack_standalone.c | 2 +- net/netfilter/nfnetlink_queue.c | 2 +- net/netlabel/netlabel_unlabeled.c | 12 ++++-------- net/netlabel/netlabel_user.c | 3 +-- security/apparmor/secid.c | 3 +-- security/security.c | 13 ++----------- security/selinux/hooks.c | 3 +++ security/smack/smack_lsm.c | 2 +- 15 files changed, 37 insertions(+), 48 deletions(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index c2cfef13257c..58033c003cc2 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -3121,7 +3121,7 @@ static void binder_transaction(struct binder_proc *proc, struct lsm_export le; security_task_getsecid(proc->tsk, &le); - ret = security_secid_to_secctx(&le, &lc.context, &lc.len); + ret = security_secid_to_secctx(&le, &lc); if (ret) { return_error = BR_FAILED_REPLY; return_error_param = ret; diff --git a/include/linux/security.h b/include/linux/security.h index 57ce9b824eef..9a9de2bafa55 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -83,10 +83,11 @@ struct lsm_export { u32 apparmor; u32 flags; }; -#define LSM_EXPORT_NONE 0x00 -#define LSM_EXPORT_SELINUX 0x01 -#define LSM_EXPORT_SMACK 0x02 -#define LSM_EXPORT_APPARMOR 0x04 +#define LSM_EXPORT_NONE 0x00000000 +#define LSM_EXPORT_SELINUX 0x00000001 +#define LSM_EXPORT_SMACK 0x00000002 +#define LSM_EXPORT_APPARMOR 0x00000004 +#define LSM_EXPORT_LENGTH 0x80000000 /* Only the length required */ static inline void lsm_export_init(struct lsm_export *l) { @@ -431,7 +432,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); -int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen); +int security_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp); int security_secctx_to_secid(struct lsm_context *cp, struct lsm_export *l); void security_release_secctx(struct lsm_context *cp); @@ -1211,7 +1212,7 @@ static inline int security_ismaclabel(const char *name) } static inline int security_secid_to_secctx(struct lsm_export *l, - char **secdata, u32 *seclen) + struct lsm_seccontext *cp) { return -EOPNOTSUPP; } diff --git a/include/net/scm.h b/include/net/scm.h index 7e242ebdd258..b25ca3b6a514 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -96,7 +96,7 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc int err; if (test_bit(SOCK_PASSSEC, &sock->flags)) { - err = security_secid_to_secctx(&scm->le, &lc.context, &lc.len); + err = security_secid_to_secctx(&scm->le, &lc); if (!err) { put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, diff --git a/kernel/audit.c b/kernel/audit.c index 269c76fefe40..203e5b14bea4 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1428,8 +1428,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) } case AUDIT_SIGNAL_INFO: if (lsm_export_any(&audit_sig_lsm)) { - err = security_secid_to_secctx(&audit_sig_lsm, - &lc.context, &lc.len); + err = security_secid_to_secctx(&audit_sig_lsm, &lc); if (err) return err; } @@ -2076,7 +2075,7 @@ int audit_log_task_context(struct audit_buffer *ab) if (!lsm_export_any(&le)) return 0; - error = security_secid_to_secctx(&le, &lc.context, &lc.len); + error = security_secid_to_secctx(&le, &lc); if (error) { if (error != -EINVAL) goto error_path; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 4dab81c7aca0..ceefd17467f9 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -938,7 +938,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, unsigned int sessionid, struct lsm_export *l, char *comm) { - struct lsm_context lc = { .context = NULL, }; + struct lsm_context lc; struct audit_buffer *ab; int rc = 0; @@ -950,7 +950,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); if (lsm_export_any(l)) { - if (security_secid_to_secctx(l, &lc.context, &lc.len)) { + if (security_secid_to_secctx(l, &lc)) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1190,8 +1190,8 @@ static void show_special(struct audit_context *context, int *call_panic) from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); if (lsm_export_any(l)) { - struct lsm_context lc = { .context = NULL, }; - if (security_secid_to_secctx(l, &lc.context, &lc.len)) { + struct lsm_context lc; + if (security_secid_to_secctx(l, &lc)) { audit_log_format(ab, " osid=(unknown)"); *call_panic = 1; } else { @@ -1342,7 +1342,7 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, if (lsm_export_any(&n->olsm)) { struct lsm_context lc; - if (security_secid_to_secctx(&n->olsm, &lc.context, &lc.len)) { + if (security_secid_to_secctx(&n->olsm, &lc)) { audit_log_format(ab, " osid=(unknown)"); if (call_panic) *call_panic = 2; diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index 18a7fab8b2d3..56035b53952d 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -138,7 +138,7 @@ static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) if (err) return; - err = security_secid_to_secctx(&le, &lc.context, &lc.len); + err = security_secid_to_secctx(&le, &lc); if (err) return; diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 49bce1b085ce..ea83909af6db 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -337,7 +337,7 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) le.selinux = ct->secmark; le.smack = ct->secmark; - ret = security_secid_to_secctx(&le, &lc.context, &lc.len); + ret = security_secid_to_secctx(&le, &lc); if (ret) return 0; @@ -620,20 +620,21 @@ static inline size_t ctnetlink_acct_size(const struct nf_conn *ct) static inline int ctnetlink_secctx_size(const struct nf_conn *ct) { #ifdef CONFIG_NF_CONNTRACK_SECMARK - int len, ret; + int ret; struct lsm_export le; + struct lsm_context lc; lsm_export_init(&le); - le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; + le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK | LSM_EXPORT_LENGTH; le.selinux = ct->secmark; le.smack = ct->secmark; - ret = security_secid_to_secctx(&le, NULL, &len); + ret = security_secid_to_secctx(&le, &lc); if (ret) return 0; return nla_total_size(0) /* CTA_SECCTX */ - + nla_total_size(sizeof(char) * len); /* CTA_SECCTX_NAME */ + + nla_total_size(sizeof(char) * lc.len); /* CTA_SECCTX_NAME */ #else return 0; #endif diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 97d16a51504b..797abf443a34 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -182,7 +182,7 @@ static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) le.selinux = ct->secmark; le.smack = ct->secmark; - ret = security_secid_to_secctx(&le, &lc.context, &lc.len); + ret = security_secid_to_secctx(&le, &lc); if (ret) return; diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index b70871693368..4a3d4b52caef 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -322,7 +322,7 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; le.selinux = skb->secmark; le.smack = skb->secmark; - security_secid_to_secctx(&le, &lc.context, &lc.len); + security_secid_to_secctx(&le, &lc); *secdata = lc.context; } diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 4c4a8f6df261..336d315ee8eb 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -450,7 +450,7 @@ int netlbl_unlhsh_add(struct net *net, rcu_read_unlock(); if (audit_buf != NULL) { struct lsm_context lc; - if (security_secid_to_secctx(l, &lc.context, &lc.len) == 0) { + if (security_secid_to_secctx(l, &lc) == 0) { audit_log_format(audit_buf, " sec_obj=%s", lc.context); security_release_secctx(&lc); } @@ -504,8 +504,7 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, if (dev != NULL) dev_put(dev); if (entry != NULL && - security_secid_to_secctx(&entry->le, - &lc.context, &lc.len) == 0) { + security_secid_to_secctx(&entry->le, &lc) == 0) { audit_log_format(audit_buf, " sec_obj=%s", lc.context); security_release_secctx(&lc); } @@ -544,8 +543,6 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, struct netlbl_unlhsh_addr6 *entry; struct audit_buffer *audit_buf; struct net_device *dev; - char *secctx; - u32 secctx_len; spin_lock(&netlbl_unlhsh_lock); list_entry = netlbl_af6list_remove(addr, mask, &iface->addr6_list); @@ -566,8 +563,7 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, if (dev != NULL) dev_put(dev); if (entry != NULL && - security_secid_to_secctx(&entry->le, - &lc.context, &lc.len) == 0) { + security_secid_to_secctx(&entry->le, &lc) == 0) { audit_log_format(audit_buf, " sec_obj=%s", lc.context); security_release_secctx(&lc); } @@ -1137,7 +1133,7 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, lep = (struct lsm_export *)&addr6->le; } - ret_val = security_secid_to_secctx(lep, &lc.context, &lc.len); + ret_val = security_secid_to_secctx(lep, &lc); if (ret_val != 0) goto list_cb_failure; ret_val = nla_put(cb_arg->skb, diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 0418f0935199..11ea98525c4e 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -112,8 +112,7 @@ struct audit_buffer *netlbl_audit_start_common(int type, audit_info->sessionid); if (lsm_export_any(&audit_info->le) && - security_secid_to_secctx(&audit_info->le, &lc.context, - &lc.len) == 0) { + security_secid_to_secctx(&audit_info->le, &lc) == 0) { audit_log_format(audit_buf, " subj=%s", lc.context); security_release_secctx(&lc); } diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 46c8b9a67ac7..9dc17903a936 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -92,8 +92,7 @@ int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) if (!label) return -EINVAL; - /* scaffolding check - Casey */ - if (cp) + if (!(l->flags & LSM_EXPORT_LENGTH)) len = aa_label_asxprint(&cp->context, root_ns, label, FLAG_SHOW_MODE | FLAG_VIEW_SUBNS | FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT, diff --git a/security/security.c b/security/security.c index 3da7302d20ec..6588172b3ec8 100644 --- a/security/security.c +++ b/security/security.c @@ -1972,18 +1972,9 @@ int security_ismaclabel(const char *name) } EXPORT_SYMBOL(security_ismaclabel); -int security_secid_to_secctx(struct lsm_export *l, char **secdata, u32 *seclen) +int security_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) { - struct lsm_context lc = { .context = NULL, .len = 0, }; - int rc; - - rc = call_one_int_hook(secid_to_secctx, -EOPNOTSUPP, l, &lc); - if (secdata) - *secdata = lc.context; - else - security_release_secctx(&lc); - *seclen = lc.len; - return rc; + return call_one_int_hook(secid_to_secctx, -EOPNOTSUPP, l, cp); } EXPORT_SYMBOL(security_secid_to_secctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 332296f69f76..7bf73493d10d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6306,6 +6306,9 @@ static int selinux_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) u32 secid; selinux_import_secid(l, &secid); + if (l->flags & LSM_EXPORT_LENGTH) + return security_sid_to_context(&selinux_state, secid, + NULL, &cp->len); return security_sid_to_context(&selinux_state, secid, &cp->context, &cp->len); } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cf27905ccaa5..1b5b3e421bff 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4442,7 +4442,7 @@ static int smack_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) smack_import_secid(l, &secid); skp = smack_from_secid(secid); - cp->context = skp->smk_known; + cp->context = (l->flags & LSM_EXPORT_LENGTH) ? NULL : skp->smk_known; cp->len = strlen(skp->smk_known); return 0; } From patchwork Fri Apr 19 00:45:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908459 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6049517E0 for ; Fri, 19 Apr 2019 00:48:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4EC6428B8F for ; Fri, 19 Apr 2019 00:48:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 40E2628B9C; Fri, 19 Apr 2019 00:48:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B15F728B8F for ; Fri, 19 Apr 2019 00:48:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726949AbfDSAsX (ORCPT ); Thu, 18 Apr 2019 20:48:23 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:45235 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726470AbfDSAsW (ORCPT ); Thu, 18 Apr 2019 20:48:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634900; bh=obxKrBiGm3LYlnlm6RakpP9K6J8LRUBE6b25/AUVMcY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=LnrkVf6wqLLfWjcAS00QbNpkxnXrmimwnm97Rpi3sKgYNk0XFqgjrCDQ433+yz3hoE3y3lqSzQKxAOG7HvX701pVajiEyOHaCDfOZya4gxZXjQRcAcnX49qvTLGjQDsOXlyCTX/IdRPxRLyf6htfAKYYp17tpq8kjxMEbZ0Jzbv+WuxLo7+hlrvCal2OgA4JJ1lilw8hp4jAbeSrfJwKlHLCEnxMK4yOIjGJMm3esn4rFg8xnCrJNlvmNfZb7+0FWsDgZJRZiOvrCQqM0WWGIBpXSq7Vr+05vjGIYlspule93VtAAJQQO0PVd0ZM3zrrJasbHran5sb500z7CSK0xQ== X-YMail-OSG: l0lSQEEVM1n_L2UmljLrErgOqVRNbklK6KrrgeZfSw1V33EoGCKwJAy5VSKqn4j A4x1p4C8.cem6LEmX67D6D3xGk4sqUyvMH5BXrWrUVamT2EAaIDi500oTTICRnTzALqvPnnFuahj 6ZzmK.7Bw3rDzrEND7a7RDUD267.sDjz9mHsRg.p1KpjrO_yDcekGnhh78PqQ1i6TVIQtEaUUELv M236I5dmZpUDu4HCNaCLcDLzrbZjf1Jj9Dq0I_yLAb2aM3RDQBl41BKHCSlxfzGJ7U8wM6xzmyJN Vto5f9qUkg2kOsKb8_fhJhV6Y.7dDHYZUV4MY_Qf1LPcoc7Sq2jyF_5tFm7GLfhsFgSPCS8b.cdI LWtUvKSnVeDNRT7wCP_O2_4oXSSXkYBloSOwqP4im3rT_oA8SMh97i3SAoP8j.FX7FlX0wBd5nxl Dww6v._PEATc7K54Whpoq3sZn91D1B6crOxkBkEJP0izTswgp7fflL93ThEssApwbUCcVBrXOxBK 6hI58B1rTXNejA7GxnraPhCuMNqoL2SGuQVkFlgswMcK9qidZKl19R15gybkoOrgcKFv6W3utuB. kc_azJKmYHBxNVj3PWSZQ2xlLx18o6aBbXxa1G_QaWaMa5bDtWOVPIK1W_7ZK.0sgl8UapCu4oIH qcLU.TxgKCt.hLoNM0viK9Jl4TcF87OeKVOWvzjAbbub1UM37VNvsnzseFsrI228aBWZdOGvbHJt UhUsNArEJqjZveU78RLxuWsNJPw5Dl.fGYP5LDwwREShBGiSNT2BhgIjJyAvs310wUXViMQbkk1_ 7TthAXdebbxVIxwNa1kr3RPWw58hftOD8BF5nrJIdJbmgGpoLJk96UN4pgJ5p38JMro_Di9wVXDj jzwLKYX9gmqbfIafJhCUVTq4WEV9TzKZZ9CPCT4fZV19K.yR8u1po7mQ89tRELzFNA3t41Z_hd9m xOX6_uuxZjdJ00u1iRBNRsxyAemiic2MvVAGj9cxEmFgDsiI9ph_I6IXlDKmfT4Hle9Y3pMCmKaI iLr7k1y1K1yaJ_5dlHnUwQe93TUV.ItJkcwm0toIq0qirB6n.zmQKM2yqG1oauhmj7g.Y9jRK1lw LkWkMzeU3Q8asOWc92Sr5loDypSS1PtrezxnVV8eWKngIG0Dcp11yELVLB2k3Xg-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:20 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp425.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 48f2b950f84a4435a371532cc5391b39; Fri, 19 Apr 2019 00:48:18 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 50/90] fs: remove lsm_context scaffolding Date: Thu, 18 Apr 2019 17:45:37 -0700 Message-Id: <20190419004617.64627-51-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The conversion from secctx/seclen pairs to the lsm_context structure used scaffolding in kernfs and nfs. Replace the secctx/seclen pairs in the filesystem local datastructures with a lsm_context. Signed-off-by: Casey Schaufler --- fs/kernfs/dir.c | 9 +++------ fs/kernfs/inode.c | 13 +++++-------- fs/kernfs/kernfs-internal.h | 3 +-- fs/nfs/inode.c | 15 ++++++--------- fs/nfs/internal.h | 8 ++++---- fs/nfs/nfs4proc.c | 27 +++++++++++---------------- fs/nfs/nfs4xdr.c | 16 +++++++++------- include/linux/nfs4.h | 8 ++++---- 8 files changed, 43 insertions(+), 56 deletions(-) diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c index 11672c075a8b..48506e856573 100644 --- a/fs/kernfs/dir.c +++ b/fs/kernfs/dir.c @@ -532,12 +532,9 @@ void kernfs_put(struct kernfs_node *kn) kfree_const(kn->name); if (kn->iattr) { - if (kn->iattr->ia_secdata) { - struct lsm_context lc; /* Scaffolding -Casey */ - lc.context = kn->iattr->ia_secdata; - lc.len = kn->iattr->ia_secdata_len; - security_release_secctx(&lc); - } + if (kn->iattr->ia_context.context) + security_release_secctx( + &kn->iattr->ia_context); simple_xattrs_free(&kn->iattr->xattrs); kmem_cache_free(kernfs_iattrs_cache, kn->iattr); } diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 45781f0da80f..4c7da446d210 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -141,11 +141,11 @@ static int kernfs_node_setsecdata(struct kernfs_iattrs *attrs, void **secdata, void *old_secdata; size_t old_secdata_len; - old_secdata = attrs->ia_secdata; - old_secdata_len = attrs->ia_secdata_len; + old_secdata = attrs->ia_context.context; + old_secdata_len = attrs->ia_context.len; - attrs->ia_secdata = *secdata; - attrs->ia_secdata_len = *secdata_len; + attrs->ia_context.context = *secdata; + attrs->ia_context.len = *secdata_len; *secdata = old_secdata; *secdata_len = old_secdata_len; @@ -184,7 +184,6 @@ static inline void set_inode_attr(struct inode *inode, struct iattr *iattr) static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode) { struct kernfs_iattrs *attrs = kn->iattr; - struct lsm_context lc; /* Scaffolding -Casey */ inode->i_mode = kn->mode; if (attrs) { @@ -193,9 +192,7 @@ static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode) * persistent copy in kernfs_node. */ set_inode_attr(inode, &attrs->ia_iattr); - lc.context = attrs->ia_secdata; - lc.len = attrs->ia_secdata_len; - security_inode_notifysecctx(inode, &lc); + security_inode_notifysecctx(inode, &attrs->ia_context); } if (kernfs_type(kn) == KERNFS_DIR) diff --git a/fs/kernfs/kernfs-internal.h b/fs/kernfs/kernfs-internal.h index 0b7d197a904c..2a870795bb3e 100644 --- a/fs/kernfs/kernfs-internal.h +++ b/fs/kernfs/kernfs-internal.h @@ -21,8 +21,7 @@ struct kernfs_iattrs { struct iattr ia_iattr; - void *ia_secdata; - u32 ia_secdata_len; + struct lsm_context ia_context; struct simple_xattrs xattrs; }; diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index 8d0be9767b14..a9a3ec40a90c 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -340,22 +340,19 @@ static void nfs_clear_label_invalid(struct inode *inode) void nfs_setsecurity(struct inode *inode, struct nfs_fattr *fattr, struct nfs4_label *label) { - struct lsm_context lc; /* Scaffolding -Casey */ int error; if (label == NULL) return; if ((fattr->valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL) && inode->i_security) { - lc.context = label->label; - lc.len = label->len; - error = security_inode_notifysecctx(inode, &lc); + error = security_inode_notifysecctx(inode, &label->context); if (error) printk(KERN_ERR "%s() %s %d " "security_inode_notifysecctx() %d\n", __func__, - (char *)label->label, - label->len, error); + label->context.context, + label->context.len, error); nfs_clear_label_invalid(inode); } } @@ -375,12 +372,12 @@ struct nfs4_label *nfs4_label_alloc(struct nfs_server *server, gfp_t flags) if (label == NULL) return ERR_PTR(-ENOMEM); - label->label = kzalloc(NFS4_MAXLABELLEN, flags); - if (label->label == NULL) { + label->context.context = kzalloc(NFS4_MAXLABELLEN, flags); + if (label->context.context == NULL) { kfree(label); return ERR_PTR(-ENOMEM); } - label->len = NFS4_MAXLABELLEN; + label->context.len = NFS4_MAXLABELLEN; return label; } diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h index c7cf23ae6597..63de73024b5f 100644 --- a/fs/nfs/internal.h +++ b/fs/nfs/internal.h @@ -307,20 +307,20 @@ nfs4_label_copy(struct nfs4_label *dst, struct nfs4_label *src) if (!dst || !src) return NULL; - if (src->len > NFS4_MAXLABELLEN) + if (src->context.len > NFS4_MAXLABELLEN) return NULL; dst->lfs = src->lfs; dst->pi = src->pi; - dst->len = src->len; - memcpy(dst->label, src->label, src->len); + dst->context.len = src->context.len; + memcpy(dst->context.context, src->context.context, src->context.len); return dst; } static inline void nfs4_label_free(struct nfs4_label *label) { if (label) { - kfree(label->label); + kfree(label->context.context); kfree(label); } return; diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 8dee01eda643..b2480d0341f1 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -113,7 +113,6 @@ static inline struct nfs4_label * nfs4_label_init_security(struct inode *dir, struct dentry *dentry, struct iattr *sattr, struct nfs4_label *label) { - struct lsm_context lc; /* Scaffolding -Casey */ int err; if (label == NULL) @@ -123,9 +122,7 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry, return NULL; err = security_dentry_init_security(dentry, sattr->ia_mode, - &dentry->d_name, &lc); - label->label = lc.context; - label->len = lc.len; + &dentry->d_name, &label->context); if (err == 0) return label; @@ -134,13 +131,8 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry, static inline void nfs4_label_release_security(struct nfs4_label *label) { - struct lsm_context lc; /* Scaffolding -Casey */ - - if (label) { - lc.context = label->label; - lc.len = label->len; - security_release_secctx(&lc); - } + if (label) + security_release_secctx(&label->context); } static inline u32 *nfs4_bitmask(struct nfs_server *server, struct nfs4_label *label) { @@ -3556,7 +3548,9 @@ nfs4_atomic_open(struct inode *dir, struct nfs_open_context *ctx, int open_flags, struct iattr *attr, int *opened) { struct nfs4_state *state; - struct nfs4_label l = {0, 0, 0, NULL}, *label = NULL; + struct nfs4_label *label = NULL; + struct nfs4_label l = {0, 0, + .context = { .context = NULL, .len = 0, }, }; label = nfs4_label_init_security(dir, ctx->dentry, attr, &l); @@ -5595,7 +5589,8 @@ static int _nfs4_get_security_label(struct inode *inode, void *buf, { struct nfs_server *server = NFS_SERVER(inode); struct nfs_fattr fattr; - struct nfs4_label label = {0, 0, buflen, buf}; + struct nfs4_label label = {0, 0, + .context = { .context = buf, .len = buflen, }, }; u32 bitmask[3] = { 0, 0, FATTR4_WORD2_SECURITY_LABEL }; struct nfs4_getattr_arg arg = { @@ -5621,7 +5616,7 @@ static int _nfs4_get_security_label(struct inode *inode, void *buf, return ret; if (!(fattr.valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL)) return -ENOENT; - if (buflen < label.len) + if (buflen < label.context.len) return -ERANGE; return 0; } @@ -5713,8 +5708,8 @@ nfs4_set_security_label(struct inode *inode, const void *buf, size_t buflen) ilabel.pi = 0; ilabel.lfs = 0; - ilabel.label = (char *)buf; - ilabel.len = buflen; + ilabel.context.context = (char *)buf; + ilabel.context.len = buflen; olabel = nfs4_label_alloc(NFS_SERVER(inode), GFP_KERNEL); if (IS_ERR(olabel)) { diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c index cfcabc33e24d..85a527ccd6d7 100644 --- a/fs/nfs/nfs4xdr.c +++ b/fs/nfs/nfs4xdr.c @@ -1141,7 +1141,7 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, } if (label && (attrmask[2] & FATTR4_WORD2_SECURITY_LABEL)) { - len += 4 + 4 + 4 + (XDR_QUADLEN(label->len) << 2); + len += 4 + 4 + 4 + (XDR_QUADLEN(label->context.len) << 2); bmval[2] |= FATTR4_WORD2_SECURITY_LABEL; } @@ -1175,8 +1175,9 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, if (bmval[2] & FATTR4_WORD2_SECURITY_LABEL) { *p++ = cpu_to_be32(label->lfs); *p++ = cpu_to_be32(label->pi); - *p++ = cpu_to_be32(label->len); - p = xdr_encode_opaque_fixed(p, label->label, label->len); + *p++ = cpu_to_be32(label->context.len); + p = xdr_encode_opaque_fixed(p, label->context.context, + label->context.len); } if (bmval[2] & FATTR4_WORD2_MODE_UMASK) { *p++ = cpu_to_be32(iap->ia_mode & S_IALLUGO); @@ -4163,8 +4164,8 @@ static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap, return -EIO; if (len < NFS4_MAXLABELLEN) { if (label) { - memcpy(label->label, p, len); - label->len = len; + memcpy(label->context.context, p, len); + label->context.len = len; label->pi = pi; label->lfs = lfs; status = NFS_ATTR_FATTR_V4_SECURITY_LABEL; @@ -4174,9 +4175,10 @@ static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap, printk(KERN_WARNING "%s: label too long (%u)!\n", __func__, len); } - if (label && label->label) + if (label && label->context.context) dprintk("%s: label=%s, len=%d, PI=%d, LFS=%d\n", __func__, - (char *)label->label, label->len, label->pi, label->lfs); + (char *)label->context.context, label->context.len, + label->pi, label->lfs); return status; } diff --git a/include/linux/nfs4.h b/include/linux/nfs4.h index 22494d170619..1189aad71592 100644 --- a/include/linux/nfs4.h +++ b/include/linux/nfs4.h @@ -15,6 +15,7 @@ #include #include +#include #include enum nfs4_acl_whotype { @@ -43,10 +44,9 @@ struct nfs4_acl { #define NFS4_MAXLABELLEN 2048 struct nfs4_label { - uint32_t lfs; - uint32_t pi; - u32 len; - char *label; + uint32_t lfs; + uint32_t pi; + struct lsm_context context; }; typedef struct { char data[NFS4_VERIFIER_SIZE]; } nfs4_verifier; From patchwork Fri Apr 19 00:45:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908473 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0E5E81515 for ; Fri, 19 Apr 2019 00:48:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EE06228B91 for ; Fri, 19 Apr 2019 00:48:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E238F28B9F; Fri, 19 Apr 2019 00:48:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 449EC28B91 for ; Fri, 19 Apr 2019 00:48:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726906AbfDSAs0 (ORCPT ); Thu, 18 Apr 2019 20:48:26 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:33725 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726950AbfDSAs0 (ORCPT ); Thu, 18 Apr 2019 20:48:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634904; bh=P/zlsjKsKaSijsEpBcEMsErqE2LJmExsvA7oCdttQkk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=JGXMiIvG7zeco9s8z/EymsHDIfGdp1DWwieOW/2pRUxpDlYoq5LrjXmRWz5NJ6bBSOCEHqhhCaksi3fhO4hyIiEGQbVsAEdhmem3gk8/I2fjNT1pCaZ2KYRI74YvRrxHR7LWGcOdoCQGqINdbdjLPSlflwG+tZpSmllgXUfrzcP9JSG8TGhbIUxzTIb2cREEikMGDrWPl/LSAI7LQRflfHbdiwWgnlHVjozm7wbKESEDwNTbgvLgnIO/Uan3DiRid0K/CkvZVZssnM7R/vQyJgqY3yzf1u5SkumCtT2on8qN0Vv80uyS3SgNKzkYy/+Sh3EtFTsedFBffPvbJc/C7w== X-YMail-OSG: MxXuSVoVM1lrKPAzXvak2YMSWKBrRIBQSRhFnzbnLw46QTBC3I4YT5sB4V.LVeq zPBmPieRNsSZVBd_m.Dnhz7B6Tks2euT5J___DllPkQgmZIisTx3RVhUKLPdQSr58bdRh.3HjDdn SoKwRc8H7f2xzXUQXUfjp9kg5wyf20gQr2F1.IB_I4ntNwdPFCb13NeMaHzahBPlelQqraEuI1o4 UC0IpOcO8c0Tw9BJjjBRkFTpANjDrG2LdXZ9V6YsbaehbDObNMwDTissk7cI03K6JE0x_Kzwoo46 ID3C4.qUS1bjJ4Pam1YHv_A.jV6Sa0rTlb.rmTSaMiM4HovgV3F67Yb7kglnNsn23lwE4UyvL1CN mLLMzazn0nhIPkheXq6x.NrGmglLYFLJ_P6KBaXFMqJosv4pcyHMfVmLaXfb7VUyQrFQx1MFbDQk gsXwH1PGX6y4NBYzYe9f.H9oqma._2jwOJN7DW0gHTBP32auS5zGRX8J2Vwg4VSoz9PCaYWsM.Zs 2DQq6gNoiaZiHpaQUP1EqFzNNp.TXhEz0NN85bXslxa7MXk60YlObeSXjq9jV.Mwjs3xWLVQUqa. hEzAelcPGlnnsIv2Z4SYaj0mZdiU_IN2T_QsxuxuMuru7tGGoyB3lFxfc4NQjZbHg_.vyCEymOkV 32SvdHfPvfCcu0BsXuxt90M3YfivG2LSUvIys7KRe1LM73tmp8fTy0KFKKZELJIcssHom2bP9lB3 cQZfWtbwMsdJ2gyPE6Ewx0BHxaPpN528IkyF8XmjkoNdg0W4Lse7k53jqHCqL7wZ2c9C5h5LIrP7 AEyQNa7z5WNfeRV6YvBaynLz0VVlyY_pmYOg3X49qZWvSiqMZR89DIt5F21YWkB_.yARwtAM2QMy TG9UgbcBwGLOdYUSxwrksI.m0xxO7DOEg6D11j7UBDu6JOpxNa_c18oYcxvI9hf477sjk9lf7zCf .IkmkSDM2sGaYkXzLcIALoAENzB7aHrzA52xcLlCzmCNMXV.QuhD2IL6h7LUdSWcYJ601Sxc6RKS EYabp2UN5aiXhJk.Lmd3vGbrdjZovjlSxL2Xj4vAvl4A8cL8yBDLfwvpul29OF7ChX1pKunCntDm XfIp5gTi8CVtINfQ1o1uNtBIhcefqcihbHYxFIQ8lk28L5Tk1ja7.nwGpijGRSmYI_9VH4Uro.n7 euClqNSNE2hv9Xw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:24 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp425.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 48f2b950f84a4435a371532cc5391b39; Fri, 19 Apr 2019 00:48:19 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 51/90] LSM: Add the release function to the lsm_context Date: Thu, 18 Apr 2019 17:45:38 -0700 Message-Id: <20190419004617.64627-52-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP In order to ensure that the release function for a lsm_context matches the LSM that allocated it an element is added to the lsm_context structure to contain a pointer to it. This function is called in security_release_secctx instead of relying on a value in a hook list. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 6 ------ include/linux/security.h | 1 + security/apparmor/lsm.c | 1 - security/apparmor/secid.c | 11 ++++++----- security/security.c | 5 ++++- security/selinux/hooks.c | 14 ++++++++------ security/smack/smack_lsm.c | 16 ++++++++-------- 7 files changed, 27 insertions(+), 27 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 11bfa0a4f188..1d364e211639 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1329,10 +1329,6 @@ * @cp contains the security context. * @l contains the pointer to the generated security data. * - * @release_secctx: - * Release the security context. - * @secdata contains the security context. - * * Security hooks for Audit * * @audit_rule_init: @@ -1670,7 +1666,6 @@ union security_list_options { int (*secid_to_secctx)(struct lsm_export *l, struct lsm_context *cp); int (*secctx_to_secid)(const struct lsm_context *cp, struct lsm_export *l); - void (*release_secctx)(struct lsm_context *cp); void (*inode_invalidate_secctx)(struct inode *inode); int (*inode_notifysecctx)(struct inode *inode, struct lsm_context *cp); @@ -1947,7 +1942,6 @@ struct security_hook_heads { struct hlist_head ismaclabel; struct hlist_head secid_to_secctx; struct hlist_head secctx_to_secid; - struct hlist_head release_secctx; struct hlist_head inode_invalidate_secctx; struct hlist_head inode_notifysecctx; struct hlist_head inode_setsecctx; diff --git a/include/linux/security.h b/include/linux/security.h index 9a9de2bafa55..94c714310ab7 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -121,6 +121,7 @@ static inline bool lsm_export_equal(struct lsm_export *l, struct lsm_export *m) struct lsm_context { char *context; u32 len; + void (*release)(struct lsm_context *cp); /* frees .context */ }; static inline void lsm_context_init(struct lsm_context *cp) diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 76c409737370..771b0ae24a5f 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1225,7 +1225,6 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(secid_to_secctx, apparmor_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, apparmor_secctx_to_secid), - LSM_HOOK_INIT(release_secctx, apparmor_release_secctx), }; /* diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 9dc17903a936..30fd4ad80948 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -81,6 +81,11 @@ static inline void aa_export_secid(struct lsm_export *l, u32 secid) l->apparmor = secid; } +void apparmor_release_secctx(struct lsm_context *cp) +{ + kfree(cp->context); +} + int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) { /* TODO: cache secctx and ref count so we don't have to recreate */ @@ -105,6 +110,7 @@ int apparmor_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) return -ENOMEM; cp->len = len; + cp->release = apparmor_release_secctx; return 0; } @@ -122,11 +128,6 @@ int apparmor_secctx_to_secid(const struct lsm_context *cp, struct lsm_export *l) return 0; } -void apparmor_release_secctx(struct lsm_context *cp) -{ - kfree(cp->context); -} - /** * aa_alloc_secid - allocate a new secid for a profile * @label: the label to allocate a secid for diff --git a/security/security.c b/security/security.c index 6588172b3ec8..c8ce190dcdda 100644 --- a/security/security.c +++ b/security/security.c @@ -1987,7 +1987,10 @@ EXPORT_SYMBOL(security_secctx_to_secid); void security_release_secctx(struct lsm_context *cp) { - call_one_void_hook(release_secctx, cp); + if (WARN_ON(cp->release == NULL)) + return; + cp->release(cp); + lsm_context_init(cp); } EXPORT_SYMBOL(security_release_secctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7bf73493d10d..0e347a26c3d8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2812,6 +2812,11 @@ static void selinux_inode_free_security(struct inode *inode) inode_free_security(inode); } +static void selinux_release_secctx(struct lsm_context *cp) +{ + kfree(cp->context); +} + static int selinux_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, struct lsm_context *cp) @@ -2826,6 +2831,7 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode, if (rc) return rc; + cp->release = selinux_release_secctx; return security_sid_to_context(&selinux_state, newsid, &cp->context, &cp->len); } @@ -6306,6 +6312,7 @@ static int selinux_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) u32 secid; selinux_import_secid(l, &secid); + cp->release = selinux_release_secctx; if (l->flags & LSM_EXPORT_LENGTH) return security_sid_to_context(&selinux_state, secid, NULL, &cp->len); @@ -6325,11 +6332,6 @@ static int selinux_secctx_to_secid(const struct lsm_context *cp, return rc; } -static void selinux_release_secctx(struct lsm_context *cp) -{ - kfree(cp->context); -} - static void selinux_inode_invalidate_secctx(struct inode *inode) { struct inode_security_struct *isec = selinux_inode(inode); @@ -6367,6 +6369,7 @@ static int selinux_inode_getsecctx(struct inode *inode, struct lsm_context *cp) if (len < 0) return len; cp->len = len; + cp->release = selinux_release_secctx; return 0; } #ifdef CONFIG_KEYS @@ -6781,7 +6784,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ismaclabel, selinux_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, selinux_secctx_to_secid), - LSM_HOOK_INIT(release_secctx, selinux_release_secctx), LSM_HOOK_INIT(inode_invalidate_secctx, selinux_inode_invalidate_secctx), LSM_HOOK_INIT(inode_notifysecctx, selinux_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, selinux_inode_setsecctx), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 1b5b3e421bff..e00346799cdf 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4425,6 +4425,12 @@ static int smack_ismaclabel(const char *name) return (strcmp(name, XATTR_SMACK_SUFFIX) == 0); } +/* + * The smack_release_secctx hook does nothing + */ +static void smack_release_secctx(struct lsm_context *cp) +{ +} /** * smack_secid_to_secctx - return the smack label for a secid @@ -4444,6 +4450,7 @@ static int smack_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) cp->context = (l->flags & LSM_EXPORT_LENGTH) ? NULL : skp->smk_known; cp->len = strlen(skp->smk_known); + cp->release = smack_release_secctx; return 0; } @@ -4467,13 +4474,6 @@ static int smack_secctx_to_secid(const struct lsm_context *cp, return 0; } -/* - * The smack_release_secctx hook does nothing - */ -static void smack_release_secctx(struct lsm_context *cp) -{ -} - static int smack_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) { return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, cp->context, @@ -4491,6 +4491,7 @@ static int smack_inode_getsecctx(struct inode *inode, struct lsm_context *cp) cp->context = skp->smk_known; cp->len = strlen(skp->smk_known); + cp->release = smack_release_secctx; return 0; } @@ -4713,7 +4714,6 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), - LSM_HOOK_INIT(release_secctx, smack_release_secctx), LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx), From patchwork Fri Apr 19 00:45:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908465 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BD05B18FD for ; Fri, 19 Apr 2019 00:48:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A964B28B1F for ; Fri, 19 Apr 2019 00:48:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9E12828D6D; Fri, 19 Apr 2019 00:48:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DCB8828B9C for ; Fri, 19 Apr 2019 00:48:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726969AbfDSAsZ (ORCPT ); Thu, 18 Apr 2019 20:48:25 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:33317 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726470AbfDSAsZ (ORCPT ); Thu, 18 Apr 2019 20:48:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634903; bh=d2rFad6uz38tqOOEQ2L2mVhN9yxg3v+SnsOxi83s/3Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=EKYe0M1Byoo+toa8ZM9wgM+aUMFdd47LnQ6sV9vob7s3UhQOg8taSskvHUiv8/MbTEHhyeyplxL4rg06yuM9mglt+HJgdtrlNv1ouzsizA2rJRWUN5jbI5BpeuwnUY1MSf24t7K42mLSAuycsD/7CCMUSZ/5nlfg3eD/CNohYabw4Sb29g6IAqRLp0rTG354NZvVtoZ+BZpiij529U+gKpd9Mg3u/tZSvdYNm20D2VhirAVBM3f3yq01Q01kRDtqjiR9wjX7avfwDfF4Wm/0CQvyssmvFIVnEHFArjxBFXM0/2HkgKpELb+3E/IuBmoj7LxL+Ul/uSPvZdob0oNZ1g== X-YMail-OSG: CiU0OywVM1n6w9O6NaHL5FAqbsypNCuUtrQVDoV2Tf8O2_qXnCd1fmJ55U3ERxW 1DOkFXfBWiQx7FTdILzt3sG4Ou_4OFaWRBoDXUZmlbzwVO02miHRgeH33nJfja5tzrJZhQPU46v5 EyJBoU6HppJnE8cpLE7CEGNyQ5HG3j5xJJaX2zTXaEffLgeCI9CH_L0RG3W7gjassI5JfgQErBHz zccCqJCTAuro0viZZ4Tws1PSN4zODQKg8L4t8HaAPMG34Ly.jJnHSSwL5UfowPpZd5A5iIzM5xws q1yAXEnmHv8BEHYMJN7GzDwzZeKDWealqPWLuICWic2hRz_WgZuTfT1X4jdEV9cYcD7Vw19hZBeq cqvxGqrRbI_db_VelicA6_giu9hHxvVOai5LBbdE3ILT8o00lbQ6L_p163TLElAWugZYP1WmcE6j QQg4YNg2KZCcAV54aC6cX_A8aLwYzA9C2PD3ijtJggRus8VC4ScMrSmkc2nfYbhQn4pBUTMd74L7 TCTwT1ZwCKI3lDDFhIUWMamwvTf21h9P_O_iT7W.sfSq6FOGCNcyLRWxpsEDXgxgqbPadEDIQS6o igQl05Bgg0ld6VF0BNGHIREn_xu2r19sjOx9U1HkdoX_1FJrdJG76pwRoxnT6LjUl8K120pxKhQg OUZi4aAv44FE.stgz.SEQuyaieiy0jhQdbjutZ5DbOtL6wR8GKsFa2vcV03qM3AIDa.7Q2CpAmev BSnMKD7fE3pK1qiQB_bs8ybPlO_HSngztGOFhixcXvLM2XjInDxNjx4JPr8UkCgJdBobRN.T_b4b nyYTKDTF9eKOAvEM4Nq.vtrTalCo_xMvWvTbyeWFKZ5gGccF1kApD34te0k2o1dgZlpVXQpokSfO erafOvmh5uM5pjjcurTc4IYsixUWeUmir3Pd_5lJGF8UuA2J2uW6oi_Wwo5ypH1_BMKIRX9F6e.q EQuWEalDo_AtuKvwsdPeVvLzgZqj57cRqGwSjpQyDNMaWum0OkAxwvWd7ibzVNRjADsD2emjKkRx 95PNZwiAEb9L0sP3q9wmGRwznq2pK.kURrLsKG834lH00_NJks3PMU2lpPqHlVuMdnqeyJ6IKXnW GtCFQbuau6WwTnDB63JoBLAZb3Qsau.ufrnDnMsGewXzO1RHx0THCuU6sDSpMVcSN2inc3UMqRGO 2znkFVG5lLYjb Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:23 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp425.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 48f2b950f84a4435a371532cc5391b39; Fri, 19 Apr 2019 00:48:20 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 52/90] LSM: Use lsm_context in inode_setsecctx hooks Date: Thu, 18 Apr 2019 17:45:39 -0700 Message-Id: <20190419004617.64627-53-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Convert SELinux and Smack to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 5 ++--- security/security.c | 6 +++++- security/selinux/hooks.c | 6 ++++-- security/smack/smack_lsm.c | 5 +++-- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 1d364e211639..014791349bbd 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1390,8 +1390,7 @@ * Must be called with inode->i_mutex locked. * * @dentry contains the inode we wish to set the security context of. - * @ctx contains the string which we wish to set in the inode. - * @ctxlen contains the length of @ctx. + * @cp contains the string which we wish to set in the inode. * * @inode_getsecctx: * On success, returns 0 and fills out @cp with the security @@ -1669,7 +1668,7 @@ union security_list_options { void (*inode_invalidate_secctx)(struct inode *inode); int (*inode_notifysecctx)(struct inode *inode, struct lsm_context *cp); - int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen); + int (*inode_setsecctx)(struct dentry *dentry, struct lsm_context *cp); int (*inode_getsecctx)(struct inode *inode, struct lsm_context *cp); #ifdef CONFIG_SECURITY_NETWORK diff --git a/security/security.c b/security/security.c index c8ce190dcdda..9d09c774a1e9 100644 --- a/security/security.c +++ b/security/security.c @@ -2008,7 +2008,11 @@ EXPORT_SYMBOL(security_inode_notifysecctx); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) { - return call_int_hook(inode_setsecctx, 0, dentry, ctx, ctxlen); + struct lsm_context lc; + + lc.context = ctx; + lc.len = ctxlen; + return call_int_hook(inode_setsecctx, 0, dentry, &lc); } EXPORT_SYMBOL(security_inode_setsecctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 0e347a26c3d8..af0d98f4dd37 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6356,9 +6356,11 @@ static int selinux_inode_notifysecctx(struct inode *inode, /* * called with inode->i_mutex locked */ -static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) +static int selinux_inode_setsecctx(struct dentry *dentry, + struct lsm_context *cp) { - return __vfs_setxattr_noperm(dentry, XATTR_NAME_SELINUX, ctx, ctxlen, 0); + return __vfs_setxattr_noperm(dentry, XATTR_NAME_SELINUX, cp->context, + cp->len, 0); } static int selinux_inode_getsecctx(struct inode *inode, struct lsm_context *cp) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e00346799cdf..4570e8cac1b3 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4480,9 +4480,10 @@ static int smack_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) cp->len, 0); } -static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) +static int smack_inode_setsecctx(struct dentry *dentry, struct lsm_context *cp) { - return __vfs_setxattr_noperm(dentry, XATTR_NAME_SMACK, ctx, ctxlen, 0); + return __vfs_setxattr_noperm(dentry, XATTR_NAME_SMACK, cp->context, + cp->len, 0); } static int smack_inode_getsecctx(struct inode *inode, struct lsm_context *cp) From patchwork Fri Apr 19 00:45:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908461 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6196D922 for ; Fri, 19 Apr 2019 00:48:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4AE6628B1F for ; Fri, 19 Apr 2019 00:48:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3DF1D28CA9; Fri, 19 Apr 2019 00:48:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2D2BF28B1F for ; Fri, 19 Apr 2019 00:48:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725975AbfDSAsY (ORCPT ); Thu, 18 Apr 2019 20:48:24 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:44141 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726950AbfDSAsY (ORCPT ); Thu, 18 Apr 2019 20:48:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634903; bh=0jVxUPp+/V3kRc2gW7rNVCE5I4hyQouQVqDWX5FgND4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=UyYq0PYNsvq8o7GlFtvFecwXR+Flj1xdjo3NjqsdakBqM+2yUzqcP8Q9ld3PMV9rw1Hlln0Wj047+rC0jnOe8vZ58YmunXYpDiQ60u/1W8LHrrWm06mw4MU5xWk17rYWcidvzbqu4LevNsmh9ndQen8EOAUQkvuABBw3uEgihXeWDlW8mbVTCF6l4v7SKBfU6raCETUlaxghDHQA94llW6StMAHX0AJvnQgDOMxrwVJ30AwiMuIZxHGwlb8q6d6ifqiH8qXqdHA4cHVxKezv8R2V7cBOCYd1Xz0nKSJodZI7nhQsTKxr5C1I1aZyVex04ajbs0l/khmUVLIyn6vJdQ== X-YMail-OSG: alIOpDwVM1kwpOG1Vfr6BpCCmwSoyw12AdvyNzFVFLG539l0ECIFEhI26U3jdCU Sv0tbSDkQWQgAxHyu25DafsZsZI.Fj1AdHp.9xg9xfl2LBOmKcfdJqtsEGntKWrM7nRaGFWnOz_u Fi.YKSSZrbVb1qg6RqUvxIdihFl0uKafm891y03H5ytYVPeHhGfdI.XJ7n19GthT.wxh7UzYKLHr _xWrKmUM1ZwQhFwO9bxod1zAQ4ouflJXBuOYc9rlGDzAyxhpWCiVbjYC.jIRqgdcGNgNcBSOIy1H BYFiDGav2TdSZbIu_qHJYqpafRXBmA9etARxnQFL8PWI4dGPBbI0jKBiNoFO1RAtAgWDYNa6XHfR _CtY0iorOAMtx4x52i1AlnHi.bEIEJ2Gee.ciDn6oBN6TP6GKvA4Ofslia0e2KTgLiYyzs9O34fk Drtt_U9hAhAlAAa2XCKdEHzZwtyERFEHj1GfpStQcCRFS_jtK.UbM15zBNTpc.PrynRqWrCn2zVU KwV4QZlQVhAceyeocSExcsUim49v8x5C2p7DknAkDaaBLJyO_cSOCok.x6sSY.iTbRybYQRCXdOH Ls4_Z.5UtUhFWAJOyJQCcW4yc.RQpLg52Y.xnsqw0xTZBDXgA4aane8x1l03tN15.J41unlq8ogm DxUFdDSehTVRUSFejK8b1Zt5pKQC3c5Dg73VxGUk97r1EpHAc6.jt1IzzbqQ3v4ll7Y3LfCKErO6 V4tnscztbC4DjBfGz7T_LaA8K4ri.3Y4yyKYId03MVpU65TSG1r13glWqT58RqkcbNnyjPFQiMLL oFzhV.gWC8EsGDRLkLZtWoDmNVr55EywrW6uwZqEau5HMVNVa1YHi2twGVbs874KDOHOZm8PtNuN mIkEwN33gXwv.HPrufbdSEH46tyvdrxy4C7Bu_4dyNYJ9c8vXTN068qtCftdHphvCXA44zt.Nn.D oiGks_fn6GfShnOBZDpasFtmHTjgP0qvSKO8iDsLhBJ9RL.57KXdDADG3Pj_STl7OPuzOVb20ruQ FlJ1I7KtuPQAS75lbLRXkoDGucowTjogqvWb3EKK1AFqkpM8HMEGVKwtPuHzMCPhf4jVVYP6CSdl 3MU_UH1PSMTXxczzF2Ody_fg0Za5QmvPVgVEtpJoRPw.n3fD4IYAaA2WXeNHOKL6J_VyAgA2kWG4 23_dg7O3x4SLgZA-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:23 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp425.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 48f2b950f84a4435a371532cc5391b39; Fri, 19 Apr 2019 00:48:21 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 53/90] LSM: Use lsm_context in security_inode_setsecctx Date: Thu, 18 Apr 2019 17:45:40 -0700 Message-Id: <20190419004617.64627-54-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Convert security_inode_setsecctx to use the lsm_context structure instead of a context/secid pair. There is some scaffolding involved that will be removed when the related data is updated. Signed-off-by: Casey Schaufler --- fs/nfsd/nfs4proc.c | 8 ++++++-- fs/nfsd/vfs.c | 7 ++++++- include/linux/security.h | 5 +++-- security/security.c | 8 ++------ 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 0cfd257ffdaf..5b4ea2a317ed 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -54,12 +54,16 @@ static inline void nfsd4_security_inode_setsecctx(struct svc_fh *resfh, struct xdr_netobj *label, u32 *bmval) { + struct lsm_context lc; struct inode *inode = d_inode(resfh->fh_dentry); int status; inode_lock(inode); - status = security_inode_setsecctx(resfh->fh_dentry, - label->data, label->len); + + lsm_context_init(&lc); + lc.context = label->data; + lc.len = label->len; + status = security_inode_setsecctx(resfh->fh_dentry, &lc); inode_unlock(inode); if (status) diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index 7dc98e14655d..2d6dd4bb7247 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -531,6 +531,7 @@ __be32 nfsd4_set_nfs4_label(struct svc_rqst *rqstp, struct svc_fh *fhp, __be32 error; int host_error; struct dentry *dentry; + struct lsm_context lc; error = fh_verify(rqstp, fhp, 0 /* S_IFREG */, NFSD_MAY_SATTR); if (error) @@ -539,7 +540,11 @@ __be32 nfsd4_set_nfs4_label(struct svc_rqst *rqstp, struct svc_fh *fhp, dentry = fhp->fh_dentry; inode_lock(d_inode(dentry)); - host_error = security_inode_setsecctx(dentry, label->data, label->len); + + lsm_context_init(&lc); + lc.context = label->data; + lc.len = label->len; + host_error = security_inode_setsecctx(dentry, &lc); inode_unlock(d_inode(dentry)); return nfserrno(host_error); } diff --git a/include/linux/security.h b/include/linux/security.h index 94c714310ab7..0be6eadd0110 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -439,7 +439,7 @@ void security_release_secctx(struct lsm_context *cp); void security_inode_invalidate_secctx(struct inode *inode); int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp); -int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); +int security_inode_setsecctx(struct dentry *dentry, struct lsm_context *cp); int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp); #else /* CONFIG_SECURITY */ @@ -1237,7 +1237,8 @@ static inline int security_inode_notifysecctx(struct inode *inode, { return -EOPNOTSUPP; } -static inline int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) +static inline int security_inode_setsecctx(struct dentry *dentry, + struct lsm_context *cp) { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index 9d09c774a1e9..363647cf1ae8 100644 --- a/security/security.c +++ b/security/security.c @@ -2006,13 +2006,9 @@ int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) } EXPORT_SYMBOL(security_inode_notifysecctx); -int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) +int security_inode_setsecctx(struct dentry *dentry, struct lsm_context *cp) { - struct lsm_context lc; - - lc.context = ctx; - lc.len = ctxlen; - return call_int_hook(inode_setsecctx, 0, dentry, &lc); + return call_int_hook(inode_setsecctx, 0, dentry, cp); } EXPORT_SYMBOL(security_inode_setsecctx); From patchwork Fri Apr 19 00:45:41 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908475 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3A6B248C0 for ; Fri, 19 Apr 2019 00:48:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2C58D28B8F for ; Fri, 19 Apr 2019 00:48:28 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 20ECE28B9C; Fri, 19 Apr 2019 00:48:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CBD3828B8F for ; Fri, 19 Apr 2019 00:48:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726950AbfDSAs0 (ORCPT ); Thu, 18 Apr 2019 20:48:26 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:33446 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726958AbfDSAs0 (ORCPT ); Thu, 18 Apr 2019 20:48:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634904; bh=s293PbMAjW22h/8ubCAR0YEDBHbqaLOuUY2hFLr6/0s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=acacLhFZkPFnSCjkbZB35KCwIteWOVEUJVISTdz71ynWEREktoPebQa8DPiM1qKvybX7ModcO1VY0I9IEXTmTzzu0JRUKzbcgNl5HJB/4dJSM2GdOF2c7NfalN0VMgu32aauWN7j6gFFTBd1Jx2EcpJdIASuygI2OlMD0qiuzDuhcmPpAuXcoibH316T2mKy3QQmKUTxWQbdt96onOPl8K1uBIvmhuLSXR9yuetCem5tP9aGDStW/N1el4ey0HphNvR6O95g9EWk+GHh9lw3/o0tAAjCLOvns9oKsHoPKuOlvSrFwC78qpoEPBUIj+q6ldi/SnWA2kZnmSGcR1rr/Q== X-YMail-OSG: 1hdnEPwVM1nuPZUEKTSPJOE2Hc9dG27sgA_mjmJwIltxIiqS0hSAZAeyr0UIeME KkagB7KlHecKpBcdzzoDi3F1LCrxkK7b2MDraACCM0DhX_VQDghsekK7iwLqh8MxVbBgFwGRyeon PiS7GLD.BAGv9Hot8itA1.LPWLH0N_xlmyGQPEVrJ34mNQ056IjOJZ2nLd0x4L81.plV8V02y5Ai jt6yx16Sx4q79lEFF.WyebBP_Hqu2igpFwjUAZIJ7O2rU8O4294tgHzfHPbER_kTVgtyhSzALx8H .iqKFm86yPFkL065ttqbQxX26ApkFNKanqUs82f9M7Z454VtHXwnCw1eKnYe4tSHMILKV5b0y6As iwN0pP1mQU2CiuhbZPPjv2QH05dE.PhqYisdSbRomXz9Ypff5FGhw4JrGgHLcurftE6VyyT67q2y nW3rFD7kMvhUSHMz6rkwka67Ra20rASFt5IoGQN6IEiKZPk0fIr75136ZItfiv.0pu_C.hlNOvbi 6yfmv1_ms6yOxBdIeiaYc4maXwZYMMpp1xULOlYD3_Iqg1hTO50EwzXvHarKph1i8bw01dvDbHkl k431OY2yEj_iE3fbQK_Os3NqygIGdi7IKbrIwbUm458iMVjUIhnOSetcKAjWLMc_oPkqDRJLN_aA rS9x4Ps.0vz_KsLQWjE_v.kYu3Zk7mML54ROWfNhbNibC4BfmK0D1CLUv3cquDiUHQHaVkeWjnnk uFAAs18Gq1aBLy5EPkxOsUWBJU_S9M3fGb9fKxZuBKnQkKhAjiQocbGeT_IwfBHRHhdCpj4M2Hsa QTCYWPh2GbhyZe9UVmeIUJXcP46PBK4jodJeZMadaNipD5phXl1JYtEYniDfAX9zyDn5v3BJTdH1 PQXQSjul4GNgBGcPYbVXF2fRRmM0okrJ6f6KC_OHw8WnWW9lqQMLosxRVNafQxeiNXob.GVPG4mP RIsFhp7yQC41hj0zU3_.eA1Jtm4DdePD2d0todsJeobUOHqCgK_7MHYMniJViH7ZviduTFqpO9zq 8PJVDgDQ6JuOe0UUbmyfEQceazNvXU5tIt9zMv1TRlfai3bNg8LVyxiMoiThJzPFaF8RGJ9sdqR. ARZ0GCoqJjxZ7W69x6YUKZgiwYl90J1UZWNeZaG0nphVv5_D4yapOZ9_lFFw5Y5E- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:24 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp425.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 48f2b950f84a4435a371532cc5391b39; Fri, 19 Apr 2019 00:48:23 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 54/90] kernfs: remove lsm_context scaffolding Date: Thu, 18 Apr 2019 17:45:41 -0700 Message-Id: <20190419004617.64627-55-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Change the parameters to kernfs_node_setsecdata from a data/length pair to a lsm_context struct as both the function it calls and the function that calls it want that. Signed-off-by: Casey Schaufler --- fs/kernfs/inode.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 4c7da446d210..d6e25cd7bf21 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -135,20 +135,15 @@ int kernfs_iop_setattr(struct dentry *dentry, struct iattr *iattr) return error; } -static int kernfs_node_setsecdata(struct kernfs_iattrs *attrs, void **secdata, - u32 *secdata_len) +static int kernfs_node_setsecdata(struct kernfs_iattrs *attrs, + struct lsm_context *cp) { - void *old_secdata; - size_t old_secdata_len; + struct lsm_context old_context; - old_secdata = attrs->ia_context.context; - old_secdata_len = attrs->ia_context.len; + old_context = attrs->ia_context; + attrs->ia_context = *cp; + *cp = old_context; - attrs->ia_context.context = *secdata; - attrs->ia_context.len = *secdata_len; - - *secdata = old_secdata; - *secdata_len = old_secdata_len; return 0; } @@ -363,7 +358,7 @@ static int kernfs_security_xattr_set(const struct xattr_handler *handler, return error; mutex_lock(&kernfs_mutex); - error = kernfs_node_setsecdata(attrs, (void **)&lc.context, &lc.len); + error = kernfs_node_setsecdata(attrs, &lc); mutex_unlock(&kernfs_mutex); if (lc.context) From patchwork Fri Apr 19 00:45:42 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908485 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BD7DB1515 for ; Fri, 19 Apr 2019 00:48:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AD5B528B1F for ; Fri, 19 Apr 2019 00:48:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A1BFA28B9F; Fri, 19 Apr 2019 00:48:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4F52728B9C for ; Fri, 19 Apr 2019 00:48:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726959AbfDSAse (ORCPT ); Thu, 18 Apr 2019 20:48:34 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:46672 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726778AbfDSAse (ORCPT ); Thu, 18 Apr 2019 20:48:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634913; bh=zgFSe6tWYXYAPxCMjdvNLFgshVy6juLl1RtnFRkSwpk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=iTjaza+XL0+VGSPiSZHDg4RO/X8Z5IGXhkqISo9T0TOk9AyY1D8w+nRHK2T/t4brktF5xEUj/63TyK0v3R4g2bUItbtSE0S98p4AkWuEq/7LVT84OeBmJPGt1m/VoIiZPLoYrmVx2SwNykeLfXc7p28iQWzRGRbwVpIJW7643XtNUxhl0vjFA+VGzfP+CyIS7Wdjqh6cT4YKSyc8EScDpqgP1YYruqtPA9/zZgfqEZsjs3OSmLb92sPcWW3aN/NZItAzbPj8S8LnJ2dcJM55GXcGfqYQsqLlCEhtPplL1spPTp90uqHIdCKIeTDCGd5Rl7TCVNAyhTX+ggLSBLwtUA== X-YMail-OSG: 2bwMA_4VM1mqWcMp.HRxd6p0mbAwP2aBgSSQ7zvK7xqmPek1ZRMywmT7iKI2REc IOrhoEmEChtwiyPGMr4.1jvR3aoD4tBps1.y2LbUyubnuw5WoRLi.AqDko3xhnUe0teSI8YNuPeK 9E1v0ueCbqkoJCCK0ZwlII8G7PDwHYr8eqC4lRPicE9QqUQqc4oHnUHUiENPa6wfeBQ4X19XX20y sxYLDrlMN3.O1IOQDbbUyUs.cNYbLpsqcEcmhJVKXaRI5OMGa5GUu_vgMELosluMYzVUcNHOevQr HMJd.0ctmVflHyECqBu4oi.CCWcLF8KGdAsj9K4SkOhbUVz6o5s45kAWXwr5lcy4jDpLqu3BQ6yb gzFhRH0hoZ6TxRBYVhQUgwgjF.IH2dkLhRxbj7TTOtYuIzCu4TnEXDhWMevL.yk5aHOJ3mEiT6BR kCCcAeqocM5JZS8p0g_iIADdrA.unyzMm4AtlSWCe9z1Onj3VNZfXsRAe7TSpdjKquaO_bBUW7nJ AtP2BykwwS9iwTcmYBDr66dZB8HIbmR0iEcG_Pn7T3waWu_RrdZB30l.akG79DOPhJzK0TafML5J y0WAGglQIOPxMxUEqUwzCE4F1PQxTuxtOXBOetgVU8t8_hAcu.tOk5ziZTa42TAhjHvCHGtreWSV lHmBr.fK1DDo4x2ng56olwcsStKbuWpLOHGbZWOCpDWObbK0w8QU.lUWDe_4mP.EczdF4c1q4.IE UdMVtkh9B.0zezHWvp7K96mpT8RkQMIcWTjpM3slDPKcrrdDYIe0vzf8oMGmaqzRIe8uZaOg21k3 26P4WaAADGj5ziFjffY1OO.yjKDybrIFg4RycU6GaN4tr7f9NUGvNbgtt7lsrlMNKqLwKX1evzZC 7xpdL7CB6EQcFCU58R20l16yOgjPQ0a0DDle7Gl9lW8_xiJuxLvtrXPu29NTsRMAWDFGPLf2RNbH o2JJgBdKI4YDXV_KkKn6iV9Wgg1vFW4X1akIHGejlebg3qKxNFWGkqpbEcxp6cdN.0kXbtwFZtXE NA8eX66YaEIFU4A7Qw0zaPXbjPXHkOsi_Tg2guG2F0d8bverMicXFlJ9sh4cdpfmpO8JvZC6KhY. dDfPNsZGlFhrWouXpZve4Fifajfpw6idOv60yNuQzikG_Agj0kJgZN0_hDK20En3uXt.Ludy9QW7 jQzwm8DbTDeL1gw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:33 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 828306e040049ab0082b23fbf6722cca; Fri, 19 Apr 2019 00:48:30 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 55/90] LSM: Remove unused macro Date: Thu, 18 Apr 2019 17:45:42 -0700 Message-Id: <20190419004617.64627-56-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The call_one_void_hook macro is unused since the change to how releasing a secctx was made. Remove it. Signed-off-by: Casey Schaufler --- security/security.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/security/security.c b/security/security.c index 363647cf1ae8..ae43735575d6 100644 --- a/security/security.c +++ b/security/security.c @@ -698,16 +698,6 @@ int lsm_superblock_alloc(struct super_block *sb) P->hook.FUNC(__VA_ARGS__); \ } while (0) -#define call_one_void_hook(FUNC, ...) \ - do { \ - struct security_hook_list *P; \ - \ - hlist_for_each_entry(P, &security_hook_heads.FUNC, list) { \ - P->hook.FUNC(__VA_ARGS__); \ - break; \ - } \ - } while (0) - #define call_int_hook(FUNC, IRC, ...) ({ \ int RC = IRC; \ do { \ From patchwork Fri Apr 19 00:45:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908491 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4264018FD for ; Fri, 19 Apr 2019 00:48:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3018A28B1F for ; Fri, 19 Apr 2019 00:48:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 24C3D28B91; Fri, 19 Apr 2019 00:48:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C422B28B1F for ; Fri, 19 Apr 2019 00:48:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726987AbfDSAsg (ORCPT ); Thu, 18 Apr 2019 20:48:36 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:35562 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726964AbfDSAsg (ORCPT ); Thu, 18 Apr 2019 20:48:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634915; bh=mIUpIvzdXdT+Bhe9HVyLHFmBoIk5UXgAItDFEpi4VkQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=TD8b2eBYAEum0r5FJgY1+91qCCrnZZf1Xjd3eEQ1jIhfaXKRQ7sCzY8DlG71SvTNs8OnvC4vH/0aWVCwmJ/EWJqKsRYqfc4YCzfTHH+hzMaBGTisOa9ftIKhlEOV2yZ/cZRkJawpcEfyqYPWdvPVF/adLS8SEs0jBXO2T0fNfssXhPNQbwZTpiZGLXxfYGiHMF7Q1sRhOhrpyRAkt7isnshn1Srb88EsQSIpCiliSPIw6SjT82hMMtIecjSoEIHfZsbBtHB+1D4E6fX6JKfWbFWMZxq4lONn6np1f6RIDXiNUOV4b0GARO8RZdKChas6cg2GNd9pJktr6fTWnm/xGQ== X-YMail-OSG: mu8mkSgVM1kXYF2bOZLnDkb_EHnGqeaYie9Q8eLRyROIhjUwGHJMKZ5zW9mudgz bRFV_rJ5CE4AtKjcZZg0umejAL64kxEeM0AG2UiBG0.tO9KC.Mtk9BN4bwEEUXUho6r2PXv5EiRv J7OPmd28NEGV2kdqSdHz0w7IOQvjdBKP.Y3Dtv3SyVnJst9GXXMn3Wb9S7zKjyWWaqxdxPXqI.Ky RQdAdtt20a4zMAfrAm.W5Flmpwf9ixwL1BFJw7B0V1EtLud9dSuxK7rGv8Grp1yc4QW9GXEvHp29 AKOMK967282RVlPMxLsmry_nJZMLWhXb0VoGqC9TWUFbJWV6yfjG92.OK.UtSslAcaZJ40a4jo6y Ey7SQiTpr2nimRuF3TG9kczabarzCKk.vIZkeMWtcuHVsLKckCkMbg1r3_v7WYRg6boYJ0KJ6_58 sUQyROIzUNCGD37CgchfrfN0flV9AmKYFGvE9RbkTeKb.4zVGZkqunZYz_hkLRHsYJkjwnPRjFxb kny5kidnWksHJzZnB8jdbPSwD8u7l2R0o0ZXTHkyfmFmqohLKeBNf7QAL7VSRPSWcavQZBV9Obgm a9Yx3HfLjzc5qqCHKZz5VWAAwQmaBZBf.iUDlV.jMeLobqYMwKBV1LM4zVd0wI755wLBlYp10Rpf cuu9CgkG_Uq2NGz.msfzL3TpvDz2tw6_THfue0TMPOrMWoKAU0v5iB3ZUc1Juz5qOtR1APewJ202 EyG0H5z6b59e6NTqsFSycqDUruNxPvL7kjTS9WpIIOGKQGjbns5Eb_iDQu8Ox2k.8KRYI_xMdA5q _tpSRfHbPVPgIc1irtT2Tgi5muLq0xP57nATQ7wtt81YpgkXRaQta4WWFcH.mt6GNHbVZwVL3Jxa q7qJamY_lIWETtGc4KptuSvsHAsavy5JefGPoq592nnmXAxnGUKc7_.MYEY4HUjOMFyZNaNG6lt. oc2lhhygkNpXt9EkmbOWmP5ae.3iEiD9OxR8.EpVlvvu4Fahto0f7UYNQHrji_E392SFz82IrlFz jYxiZNxnei0QoXxG50X1sNxoN7GPXJyuOrvsaUBL3xeRHyAPVTw7K0VqA7PICKVnLyEaIInnhULq fYYcYPpjTJljFsax6hlV09yUukzNOlAPFxuZdy3aoUbn.vNaGrz0Rk7QaUtyWvHn.DqMpAzPkh56 Cmi9_98wNG.zz.w-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:35 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 828306e040049ab0082b23fbf6722cca; Fri, 19 Apr 2019 00:48:31 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 56/90] LSM: Special handling for secctx lsm hooks Date: Thu, 18 Apr 2019 17:45:43 -0700 Message-Id: <20190419004617.64627-57-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Create a special set of LSM hooks for the translation to human readable security data. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 10 ++++++++++ security/security.c | 32 ++++++++++++++++++++++++-------- 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 014791349bbd..0653f295897a 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2040,6 +2040,16 @@ struct security_hook_list { char *lsm; } __randomize_layout; +/* + * The set of hooks that may be selected for a specific module. + */ +struct lsm_one_hooks { + char *lsm; + union security_list_options secid_to_secctx; + union security_list_options secctx_to_secid; + union security_list_options socket_getpeersec_stream; +}; + /* * Security blob size or offset data. */ diff --git a/security/security.c b/security/security.c index ae43735575d6..b05265ec24f0 100644 --- a/security/security.c +++ b/security/security.c @@ -420,6 +420,9 @@ static int lsm_append(char *new, char **result) return 0; } +/* Base list of once-only hooks */ +struct lsm_one_hooks lsm_base_one; + /** * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add @@ -436,6 +439,25 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, for (i = 0; i < count; i++) { hooks[i].lsm = lsm; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); + + /* + * Check for the special hooks that are restricted to + * a single module to create the base set. Use the hooks + * from that module for the set, which may not be complete. + */ + if (lsm_base_one.lsm && strcmp(lsm_base_one.lsm, hooks[i].lsm)) + continue; + if (hooks[i].head == &security_hook_heads.secid_to_secctx) + lsm_base_one.secid_to_secctx = hooks[i].hook; + else if (hooks[i].head == &security_hook_heads.secctx_to_secid) + lsm_base_one.secctx_to_secid = hooks[i].hook; + else if (hooks[i].head == + &security_hook_heads.socket_getpeersec_stream) + lsm_base_one.socket_getpeersec_stream = hooks[i].hook; + else + continue; + if (lsm_base_one.lsm == NULL) + lsm_base_one.lsm = kstrdup(hooks[i].lsm, GFP_KERNEL); } if (lsm_append(lsm, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); @@ -714,14 +736,8 @@ int lsm_superblock_alloc(struct super_block *sb) #define call_one_int_hook(FUNC, IRC, ...) ({ \ int RC = IRC; \ - do { \ - struct security_hook_list *P; \ - \ - hlist_for_each_entry(P, &security_hook_heads.FUNC, list) { \ - RC = P->hook.FUNC(__VA_ARGS__); \ - break; \ - } \ - } while (0); \ + if (lsm_base_one.FUNC.FUNC) \ + RC = lsm_base_one.FUNC.FUNC(__VA_ARGS__); \ RC; \ }) From patchwork Fri Apr 19 00:45:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908487 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D9157922 for ; Fri, 19 Apr 2019 00:48:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C6DA428B91 for ; Fri, 19 Apr 2019 00:48:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BB3CB28B9C; Fri, 19 Apr 2019 00:48:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6C88028B1F for ; Fri, 19 Apr 2019 00:48:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726983AbfDSAsg (ORCPT ); Thu, 18 Apr 2019 20:48:36 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:39023 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726778AbfDSAsf (ORCPT ); Thu, 18 Apr 2019 20:48:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634914; bh=nBnBMo6nnWk5nN0YxdI8fLfbN2dvJh7eXD4R2+pTog8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=UI06IT/NAuX2dGs6Cc59C3ocm2igfXAE11wCxTDp7kyrht4krhz75sEPYhc+IXd0141XCPUxl0803k3UARAl+Ks1Ia9cZ2gAYdS8opL6FS1SF3vz4isjjQtcFFhnCilL7LGcMtQwdzwpHxIKi4rjzQ5Au/rcpbIFJ9SGJO0i+KcIaQxtG+p+gC8N0g7buRflBQwY4QXf4Is1x80FqZx/2ioPC0LAXMedZpMQyoRJ3T5ZbAT84H+LHCZNP9fyiq2/skc55itv2VjuBqfz9HZ29514eWIWXmOpUl9tZQi8u+6YZdDm7Sl4NwPyPLhvQXBMPDyIYLY2StNjAkvMkIterg== X-YMail-OSG: pBTW4kUVM1k8jHbvIxRVJRiLkc6iXHCIQAtYzQJAbK3_PuEFCWpGfNeSvf5nsoH k6WyzMjzSDD1.JurjKHlURxjfIOP3a2j30gtcOikUorBh.RLmdcSwpR_mnfctOj3CRke0RFxFBQa oenJEia_qQYdH8gkdzj0rGEq0.FRHB0IiiM9ABCtQjMvpsWZhskJGN5icGonnVbJ0VR_6F79qTnj lyfoOoAFjj4Br1UePMOXnyuwiC6GSJYqYGL56_UZFrj6Rx_zmiANn.Px.hB9luKw9fEyFT7yfD4A WCe7d9kLnVi3T1UrbxGtpDmgPmkZtt0yIgrBsuhnZ0.0VMu3Wv1qgte4HWR0sKZJyr.hrF8xwYeW dPlL1SQBdc0kEpUVNkz9lo4KnzK9wCuUSR_mMDn5NAPlAVKUkzBwUdxzXzXNXZOTify.pf8deFZa PRj8MrRG1NOAYDwk7e7AOcvOHnYSxa8swHHUkx1RbV8_L5I5xD71Y2Foh2Pn7QN.SVs6nXpzxznp IODTD..RyFhbTxW4mf5y0p30JqsyiI25YahCd2W_iLQI8aQrK8I0w1Cv6RIQ6rjKJD._oxBennrV brUcq.Igh3njTrHGy.6.ZYXWUo7_rhoHdJvLBIUkCnb3PgiWaBcxFh4633CVNvCoEtLDV3BYz1Mz Kki5uO8ka_DXB3pVtJfY.ylYu35I.G2tnMR8WSkh7eUlrTga.0_1diKI9i4KwrP4u427b07jMeZv ubf72lAEfckdGSlCGdKyAAxXGd0g1xcxFhPRZJ0gDrhf._2nUN5IhdLQX_WBabjFZCIv7qzxQy4g 1KuxvcyaJAJ_dfaHZwcS9XZ7g4FAzreSXvdjK8rhbDIIywTDXObLPGrcNuN513ZV6235OlXYIurq SFPrXVIEIJ_ho.RyeMY83qzuVz299qvMV2ZA2Q2SREyv_oLNk3GEeZSqXKeA_DDGVkx1bGWjtEu4 VEA_gT6vu.8WjckUaosjhWJhIMptclQv8T85FYyMuIYkXuYH65eV5q1sWpM.inZ_d5wF.TTNIq2l vGJvKB3RVaeWfgiCGAY1jut1Wqi6nUXS9Cvopj3.4nJ0vkGZAZGY4BNQP6ywdnS_Bd9HOg7VCIgb Fy4T8nbWj20ueIuY.PYiqSIdsKnHzZI.WCKOwAm9uWRBb2AlF6CWq7qWJLgsnyMjigzojF.VUVAT DzL6fFyMN9dR7 Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:34 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 828306e040049ab0082b23fbf6722cca; Fri, 19 Apr 2019 00:48:32 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 57/90] SELinux: Use blob offset in current_sid Date: Thu, 18 Apr 2019 17:45:44 -0700 Message-Id: <20190419004617.64627-58-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Replace the use of current_security() with a call to current_cred() so that the blob offset can be correctly applied. Signed-off-by: Casey Schaufler --- security/selinux/include/objsec.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 59a3b1cd5ba9..c9a88b7a96a7 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -31,6 +31,8 @@ #include "flask.h" #include "avc.h" +extern struct lsm_blob_sizes selinux_blob_sizes; + struct task_security_struct { u32 osid; /* SID prior to last execve */ u32 sid; /* current SID */ @@ -45,7 +47,9 @@ struct task_security_struct { */ static inline u32 current_sid(void) { - const struct task_security_struct *tsec = current_security(); + const struct task_security_struct *tsec; + + tsec = current_cred()->security + selinux_blob_sizes.lbs_cred; return tsec->sid; } @@ -174,7 +178,6 @@ struct bpf_security_struct { u32 sid; /*SID of bpf obj creater*/ }; -extern struct lsm_blob_sizes selinux_blob_sizes; static inline struct task_security_struct *selinux_cred(const struct cred *cred) { return cred->security + selinux_blob_sizes.lbs_cred; From patchwork Fri Apr 19 00:45:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908501 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6869617E0 for ; Fri, 19 Apr 2019 00:48:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 59C1128B1F for ; Fri, 19 Apr 2019 00:48:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4E94728B91; Fri, 19 Apr 2019 00:48:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D353F28B8F for ; Fri, 19 Apr 2019 00:48:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726999AbfDSAsk (ORCPT ); Thu, 18 Apr 2019 20:48:40 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:45669 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726974AbfDSAsk (ORCPT ); Thu, 18 Apr 2019 20:48:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634918; bh=5GP2CrxJNDp2BFUDQ+U49VHnhWLXKi0Sb6zMHU3zI00=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=cfFR5oAwRYBuMHDo16c4QJxZmtDC/aQjSpnczmsp86AxNVrjnLc0Db3pp7s68qMzYYwRSRNOiWrPz9Cx4Stfa1NxSlDt1IMGggMBLO0W+Mesi8aXZhGcci7jApH/jOZajgk5RdncQB1tQoWUnMOJujFp4H1mftC2cb6rQZrcrb6Snm0hf/gIMqThgfm0NS6XuhUl3SNtsIv6Fd1vZAULj0QRIsaKnFhAVs8/gEE4KJj70Nn1jHfJub0YrwQNf3rK7+7XTyH1GBY0swF0+A7axPpnfSqNlIpUaWOhECrMXdOhQ7bB6dhrXeaZhuB22oyggDxWNzq0TL9LRYLX/sJzxA== X-YMail-OSG: 8LMeScEVM1n.V18L23_YrMgVF1dxFdx6_FRN1ePdj4X5cEkqBogTj13R1M80FfQ vwn1DEuTWdWH23CHgixyB0o2L4ZUMw3NfG4Hzf3m.Dv7pwt6LPWNl7DbIH4iZmv8RZkqcUdzVKQ2 aEFx68t.BHk_e2HiJj.XrU0OuNI0os3ziWk9mk_mKE.15GHruLjbr2liVrZ.W01Ub3p5l2Ikb0dE G9FCilb3zD86l9KSlXS4vGf5ILjYL9X35CrcQuz6WhsGyOc.K5IvN2K2SNMs1isH2z93xsYpg7Pt _XeqNyaKrIc4g7VQSc3DhNTKyEyHny7lFrU7G8wDNDEKN5dg3q_D.nWJpB8GOaEoWzK_ZPyNtafn Fzn0AJKXPw0zK0AD6CK3hIi6R6vqF2uaJ1f4KNb27hxsmQg4x_f.p1Qj8Dxb7dM5xDoJBY69lpoM Akj1dv.AzJLnlOVSOi2xWTEfvgkFPEsNYouvjYULh8CEwTjJk9BDU5r0aA3751U8cZn_WTredbVl 79VFm_DG7CdYoUAmD1hagMoPfPOhjN.gUbZJuqXXDqvmfyny7yWXbBf_TGYai30.eUR21poygU5e GmnWtbStZpEveeaAkooY61z4gLL65ugiq0bh7x0Jom4nPiaqoUBvnAGZ7kPM1TvrzPnFqNdOJsuV qplMm87xf1lerf8S0e4LTr0yPIKnQjkRaxx3OR6MuSP298dAp5P7_5hFy0oTnxpAFIqmZitEsM80 L1VcQo3RKETLt5_AZZJxRn7XzNV04iM4RFEfgJLOHt6vfWHyp63kc38NfQgBfOxDLKwOT.MZrbxh F7pwIX8OkA9ivwaF_k5XFtQHAn.j8eEWXiyqwx1OJsGio0ySkTUNRkhps7KJoErNydCfqhFnqS7U NH.8wbs6hmMtoVC.JVcpJNYWS4j76w5pWgNuaINGxV5ppoKB2AzCJBYG0kt2LbdX1hRhuOP1Evv9 W5BIdPoNc.i0I51Rn3G8mrJ0ATluejHw_uiOrQoySLHK_95utFkPLJSu4.zyX.xT0vlDWwcIFi1s .CWnJ00bw15MoTg4HEw75BGADYi.r8ISgGLi_1zOiMjZ_S.FeVuPeOjzkFbC9mkU83sRtrNc.WdI 5Q1N8KENpHlSru3cbNI4_TK37Rqqavv0o4Nul.fJGSxmIw7IjNY_v.L3pcM753wkSlF0Z2kfrNub DoG5LhoZkLU_4fg-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:38 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 828306e040049ab0082b23fbf6722cca; Fri, 19 Apr 2019 00:48:33 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 58/90] LSM: Specify which LSM to display Date: Thu, 18 Apr 2019 17:45:45 -0700 Message-Id: <20190419004617.64627-59-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Create a new entry "display" in /proc/.../attr for controlling which LSM security information is displayed for a process. The name of an active LSM that supplies hooks for human readable data may be written to "display" to set the value. The name of the LSM currently in use can be read from "display". Signed-off-by: Casey Schaufler --- fs/proc/base.c | 1 + security/security.c | 110 +++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 109 insertions(+), 2 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index ddef482f1334..7bf70e041315 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -2618,6 +2618,7 @@ static const struct pid_entry attr_dir_stuff[] = { ATTR(NULL, "fscreate", 0666), ATTR(NULL, "keycreate", 0666), ATTR(NULL, "sockcreate", 0666), + ATTR(NULL, "display", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/security/security.c b/security/security.c index b05265ec24f0..4af99077572d 100644 --- a/security/security.c +++ b/security/security.c @@ -46,7 +46,9 @@ static struct kmem_cache *lsm_file_cache; static struct kmem_cache *lsm_inode_cache; char *lsm_names; -static struct lsm_blob_sizes blob_sizes __lsm_ro_after_init; +static struct lsm_blob_sizes blob_sizes __lsm_ro_after_init = { + .lbs_task = sizeof(struct lsm_one_hooks), +}; /* Boot-time LSM user choice */ static __initdata const char *chosen_lsm_order; @@ -577,6 +579,7 @@ static int lsm_task_alloc(struct task_struct *task) task->security = kzalloc(blob_sizes.lbs_task, GFP_KERNEL); if (task->security == NULL) return -ENOMEM; + return 0; } @@ -736,7 +739,10 @@ int lsm_superblock_alloc(struct super_block *sb) #define call_one_int_hook(FUNC, IRC, ...) ({ \ int RC = IRC; \ - if (lsm_base_one.FUNC.FUNC) \ + struct lsm_one_hooks *LOH = current->security; \ + if (LOH->FUNC.FUNC) \ + RC = LOH->FUNC.FUNC(__VA_ARGS__); \ + else if (LOH->lsm == NULL && lsm_base_one.FUNC.FUNC) \ RC = lsm_base_one.FUNC.FUNC(__VA_ARGS__); \ RC; \ }) @@ -1569,13 +1575,22 @@ int security_file_open(struct file *file) int security_task_alloc(struct task_struct *task, unsigned long clone_flags) { + struct lsm_one_hooks *odisplay = current->security; + struct lsm_one_hooks *ndisplay; int rc = lsm_task_alloc(task); if (rc) return rc; + rc = call_int_hook(task_alloc, 0, task, clone_flags); if (unlikely(rc)) security_task_free(task); + else if (odisplay) { + ndisplay = task->security; + if (ndisplay) + *ndisplay = *odisplay; + } + return rc; } @@ -1945,10 +1960,28 @@ int security_getprocattr(struct task_struct *p, const char *lsm, char *name, char **value) { struct security_hook_list *hp; + struct lsm_one_hooks *loh = current->security; + char *s; + + if (!strcmp(name, "display")) { + if (loh->lsm) + s = loh->lsm; + else if (lsm_base_one.lsm) + s = lsm_base_one.lsm; + else + return -EINVAL; + + *value = kstrdup(s, GFP_KERNEL); + if (*value) + return strlen(s); + return -ENOMEM; + } hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { if (lsm != NULL && strcmp(lsm, hp->lsm)) continue; + if (lsm == NULL && loh->lsm && strcmp(loh->lsm, hp->lsm)) + continue; return hp->hook.getprocattr(p, name, value); } return -EINVAL; @@ -1958,10 +1991,83 @@ int security_setprocattr(const char *lsm, const char *name, void *value, size_t size) { struct security_hook_list *hp; + struct lsm_one_hooks *loh = current->security; + bool found = false; + char *s; + + /* + * End the passed name at a newline. + */ + s = strnchr(value, size, '\n'); + if (s) + *s = '\0'; + + if (!strcmp(name, "display")) { + union security_list_options secid_to_secctx; + union security_list_options secctx_to_secid; + union security_list_options socket_getpeersec_stream; + + if (size == 0 || size >= 100) + return -EINVAL; + + secid_to_secctx.secid_to_secctx = NULL; + hlist_for_each_entry(hp, &security_hook_heads.secid_to_secctx, + list) { + if (size >= strlen(hp->lsm) && + !strncmp(value, hp->lsm, size)) { + secid_to_secctx = hp->hook; + found = true; + break; + } + } + secctx_to_secid.secctx_to_secid = NULL; + hlist_for_each_entry(hp, &security_hook_heads.secctx_to_secid, + list) { + if (size >= strlen(hp->lsm) && + !strncmp(value, hp->lsm, size)) { + secctx_to_secid = hp->hook; + found = true; + break; + } + } + socket_getpeersec_stream.socket_getpeersec_stream = NULL; + hlist_for_each_entry(hp, + &security_hook_heads.socket_getpeersec_stream, + list) { + if (size >= strlen(hp->lsm) && + !strncmp(value, hp->lsm, size)) { + socket_getpeersec_stream = hp->hook; + found = true; + break; + } + } + if (!found) + return -EINVAL; + + /* + * The named lsm is active and supplies one or more + * of the relevant hooks. Switch to it. + */ + s = kmemdup(value, size + 1, GFP_KERNEL); + if (s == NULL) + return -ENOMEM; + s[size] = '\0'; + + if (loh->lsm) + kfree(loh->lsm); + loh->lsm = s; + loh->secid_to_secctx = secid_to_secctx; + loh->secctx_to_secid = secctx_to_secid; + loh->socket_getpeersec_stream = socket_getpeersec_stream; + + return size; + } hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { if (lsm != NULL && strcmp(lsm, hp->lsm)) continue; + if (lsm == NULL && loh->lsm && strcmp(loh->lsm, hp->lsm)) + continue; return hp->hook.setprocattr(name, value, size); } return -EINVAL; From patchwork Fri Apr 19 00:45:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908497 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4F46D1515 for ; Fri, 19 Apr 2019 00:48:40 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3E4A528B8F for ; Fri, 19 Apr 2019 00:48:40 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 32C8828BA0; Fri, 19 Apr 2019 00:48:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E817628B8F for ; Fri, 19 Apr 2019 00:48:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726450AbfDSAsj (ORCPT ); Thu, 18 Apr 2019 20:48:39 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:43162 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726997AbfDSAsj (ORCPT ); Thu, 18 Apr 2019 20:48:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634918; bh=NriQJ/Ly+k4Qx0CdGV3MY+BheCtZdoxEEIBOuIRJP8o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=j/CV0oktmGBdcaihmWg5i+mw6b4BZ7k2KcBlWJ76M9aCxBgc9FAoSMyzQy2GiuiLUobxQTCUkcfS5ns2iW9o212ERNkYk8//1u/2RZmitwBPie9Nzlfmv8JjgutaKrCxZB8u3EKERPjyzMlMIbKYi2zYbW2mPqh1i2DsSQr/s5YhQABVZGtE0duhYoLlELlfwEMdJBHq5Mr3dw6qKHNJZzKQLa4KYucO6pNGkgyC5pkOOTRG5UtJgVWp2HO97QhKybm54eE4bpaPAkTFSAyh9UDtzeNxx43fl38b8obCO/nSna9F/iMVTtqypRunxmK294BUfItrLAJstyi2aPtBBQ== X-YMail-OSG: CLU.fegVM1nG72SpjvTJ8RCWUp_0KaIo5Lg9vc.grXsS_ei2jiOrTIso1BLlVN_ _H1Z8YD3rfKGK0ebNnQBlK2reSHSTIXJGH1Qnlq6Ubk_IPecrBnA9dpUL7pWuJh8CsuGGMkYS1UN E5ZcyrDkgB5T_X5MF9O5gkCUI0E_ZNqZCkujDpIaaMaZSwBMO0fTCG4YimiecO5m2b_uHDHZDfwH c88D6QrmFzrheQWgPfXBW0J1C3K2Z67Ly6Lm.y.IVJ8I7Ll5lak.9LmfitmeogeoN9Jb5GLw7meZ NHeEQTKEg_d1GLS8ZlBKtYU.ZvtHlL6CqKUNDqYAvogUN.ECbKxFOZ2Xv9z6S8EGgArf58QABKsh dcdEc_KFHWTJvei_m3sMioMsbkG4RdD2WStnVcTdUz3Wje_fM2khRkI15.xA.HsVOlHYyqIi.nXm KT9CjUhLzlwHYTKjD5GQDas6cby88E7R2SAfrEuneyeNGbil9bLYmNlgjKad4zqDzVjVKc.LkbN3 6YN8ccguAwhMClm6rTBwOM5FFp3Sc6exg7tAn3RYCX0nB0sgm91ZEdFTV9mFonR._qRNjNTG_k4F aYCOUqFDQ6TdqC.e5J8sgGFwnDV2Tdl9nWr8JP.8f0Fy91j46sR8eg741GpQH9kPvC63tcI6SDKh 8UllII.kZOVBijwki9GtV_xYGGkPVLv5eq6ytJcS0oKJwzH0pvNrbHl6WEQZZR_B9M5BwlKMsu0X doCCxewZJhOVO9WuNgdtKoWPADAQDabPHe4BWJbttjiH1bQKj3vRrwaNbGaexOt7ESiwS3zZgFCG 2IldB4zUzlTkuW76He3CM3zu8WsRP.yvyNTQnwGWEctDwXSOn0qVM1v8Dbrspd9H.pDc8SymrXFV Bb8_j8q2IXxZ66FFZNBW7hUK5ADCQbO_oVYSKLXuWk9f8tYpdp_DL4fhdsnqt8eFXz56GCVFl6b9 KSZ5LCuS2METOABUZ91hdin5BeFQVuN_Lp2msympKC4DiHkzcXcSVf69YbUSzKZcpILXJs1jAGet h6RUpKBTvpEhQJ6ey5vkwoldyZVuwo_qQ.JmVnU7yEtYUqBBEBqzCTxIGmQLmweFOLqHE7OYWWJA mYcWu8lbT..1xZfuRUFSUJiawwsYeMf9cz38jkQY9.vwq2j.CfSv04bvpI.o.wXCPpTFKV2xPnn_ e2M.ndZLJzHFT7g-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:38 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 828306e040049ab0082b23fbf6722cca; Fri, 19 Apr 2019 00:48:34 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 59/90] AppArmor: Remove the exclusive flag Date: Thu, 18 Apr 2019 17:45:46 -0700 Message-Id: <20190419004617.64627-60-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP With the inclusion of the "display" process attribute mechanism AppArmor no longer needs to be treated as an "exclusive" security module. Remove the flag that indicates it is exclusive. Signed-off-by: Casey Schaufler --- security/apparmor/lsm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 771b0ae24a5f..a8b11a7f29fa 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1705,7 +1705,7 @@ static int __init apparmor_init(void) DEFINE_LSM(apparmor) = { .name = "apparmor", - .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, + .flags = LSM_FLAG_LEGACY_MAJOR, .enabled = &apparmor_enabled, .blobs = &apparmor_blob_sizes, .init = apparmor_init, From patchwork Fri Apr 19 00:45:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908513 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C86E71515 for ; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B98DF28B8F for ; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AE3B828B1F; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5AB2528B8F for ; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727002AbfDSAsq (ORCPT ); Thu, 18 Apr 2019 20:48:46 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:36964 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727000AbfDSAsq (ORCPT ); Thu, 18 Apr 2019 20:48:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634924; bh=j4aETVrf26rqIvvvKKp8/4QjDq2yhMOHprRedhXorzg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=Re7C7IxAY7CN2uDVEzC7pVgD+FeBikIfBGHn3WZ6t4BdqkGAcHtJRTRZuZz0+u5MbR7Ec2U6teMq3VabbGXVba/s/sLi5amWpviv5SS732q1YL2qe5tJ0GX+RsK8yfOxXH3BMMmPhMVefTEzyV4lgCYp9YZg//FI2NGSNWGvJHCroGGHuCcqLHE50OzLwq0ZpuFCWFNNqXeVg0WbxJ/6pU0cPGI/oWIUHj4T3WmSkg69O3k+Yhu852Alp1/ZyZj47KnXbCNeEe/TWAPglaMo+ThVxHhou80ja/2uEIVEJGPlpEWakK43C6DSHJVLfFq6VX3LI6jPjswwlcl7R0y7kg== X-YMail-OSG: uWIX0pcVM1nkkPjxqKDAABlub7KxatRIV4QoYQqu6FRNeMe_JU75pbMvLtPLhen bqgfOXop86q9ZkVlLUQHczW768NbXAgfiYFij0JMTqBIOB66mw9Rs57ZWbsBMIgxeYLgQfW0ZhLL fbTM5yPHUOcAsUNDDeQSciHDVS7Rir1uo30Ru3Bi3VjYMkujNNS.eigtLJfIaalYA7bDkiOc5sEC SYdcTAqGiqY2nRt_qBtKN9KhL9UccAmShEhP3tsap8DX1bv5tQwWeHUU7ltELvKfZdJZYExXwmiA 8dSxOepP9uboJaSVtuBS3K9SMQLeRraYIi.LsXIIPhSi3hXlZELK_b3h.tXHn.u5Uf.ZrcA63Dkx F55CEiN2_BzRFlunZZ9PcKZvr09Kav_cCL5tgkof8I8yjE..f8Omyu1DxT2HAZ7xfkwaGiAtyxcN 3vfjFF4jb38n5h7gfrbsM9Mf5HyjmmvjyBNe3sYGnO0KPTHsfIpu4LNdo9p0kEW9LegkxaucmvYt fjE8LvnbZvASw8gwhPl2FMqKNUSYlJMIHiS3IOulHSHBQz0UQurhi.1r_jNutxkCOoUTJ12epu7G vvc2zSuH4AXfDoYE76LIYJJYrVvdY7wDy0Xf0UzEzmEfdmKbG2832cnBmDFB.eDb3UqlUUNwHFeJ VSLKGH11KoRTtOjmWcoZiX0J4EhetLptN6AkB7VG23z77sndtTnyvVJO_Rw5JPRQToYzMOEY6IUx y4k2ht9jkNksNI7H6UylUzEX_be0Fb1SQ7TY35z0YQLCCOsf.PlELuNXL6lcshmco3YrTIna7AXJ wabN2MKcqfn5CK6LNHVl.mPs.tDjQzEhIOe1jfu7r8ywKsZU2A.CJj_k9Py3qd26_XbPtXgdbMwP Jb4MgSeCm9.eap76456Uizkf.4l9Mx4U0cGGBzFzXvMXjTopUHl_bqDt5cvydl9WFrijwd9Y.6pZ 1oGrF4keEqrb1zT8mxP4Naxt787CfyRz_ZlCx2fn4IZGDXRt24JG51nakeXO.98cAc5VWZWPxRyq fbkJQjHFtiElXFjcpNJXd87Dvhzd3DDz7.6B5YglpfeDmLJbPmoxoKeJ_oH0JRMYycs.W7xgOOHB hm0Xr2_q_qKCJV145f0ePu5YpUKjfb4E83p0AK4rlXAomkrszBaurm.pYwi7lw36gmqGK5lHlVeK JT4wEvBIh1BUb Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:44 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp415.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 33cedab91c06b09a1d8646eb41267569; Fri, 19 Apr 2019 00:48:41 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 60/90] LSM: Add secmark_relabel_packet to the set of one call hooks Date: Thu, 18 Apr 2019 17:45:47 -0700 Message-Id: <20190419004617.64627-61-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The secmark_relabel_packet hooks are dependent on the results of secctx_to_secid hooks. Add secmark_relabel_packet to the set of one call hooks, as the secid use will always match the LSM providing the secid. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 1 + security/security.c | 18 +++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0653f295897a..711f9b3eb265 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2048,6 +2048,7 @@ struct lsm_one_hooks { union security_list_options secid_to_secctx; union security_list_options secctx_to_secid; union security_list_options socket_getpeersec_stream; + union security_list_options secmark_relabel_packet; }; /* diff --git a/security/security.c b/security/security.c index 4af99077572d..f99845aae595 100644 --- a/security/security.c +++ b/security/security.c @@ -456,6 +456,9 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, else if (hooks[i].head == &security_hook_heads.socket_getpeersec_stream) lsm_base_one.socket_getpeersec_stream = hooks[i].hook; + else if (hooks[i].head == + &security_hook_heads.secmark_relabel_packet) + lsm_base_one.secmark_relabel_packet = hooks[i].hook; else continue; if (lsm_base_one.lsm == NULL) @@ -2006,6 +2009,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, union security_list_options secid_to_secctx; union security_list_options secctx_to_secid; union security_list_options socket_getpeersec_stream; + union security_list_options secmark_relabel_packet; if (size == 0 || size >= 100) return -EINVAL; @@ -2041,6 +2045,17 @@ int security_setprocattr(const char *lsm, const char *name, void *value, break; } } + secmark_relabel_packet.secmark_relabel_packet = NULL; + hlist_for_each_entry(hp, + &security_hook_heads.secmark_relabel_packet, + list) { + if (size >= strlen(hp->lsm) && + !strncmp(value, hp->lsm, size)) { + secmark_relabel_packet = hp->hook; + found = true; + break; + } + } if (!found) return -EINVAL; @@ -2059,6 +2074,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, loh->secid_to_secctx = secid_to_secctx; loh->secctx_to_secid = secctx_to_secid; loh->socket_getpeersec_stream = socket_getpeersec_stream; + loh->secmark_relabel_packet = secmark_relabel_packet; return size; } @@ -2305,7 +2321,7 @@ EXPORT_SYMBOL(security_inet_conn_established); int security_secmark_relabel_packet(u32 secid) { - return call_int_hook(secmark_relabel_packet, 0, secid); + return call_one_int_hook(secmark_relabel_packet, 0, secid); } EXPORT_SYMBOL(security_secmark_relabel_packet); From patchwork Fri Apr 19 00:45:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908505 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3F81B17E0 for ; Fri, 19 Apr 2019 00:48:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2F9EA28B1F for ; Fri, 19 Apr 2019 00:48:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 23CC328B8F; Fri, 19 Apr 2019 00:48:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C3BA728B91 for ; Fri, 19 Apr 2019 00:48:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726759AbfDSAsp (ORCPT ); Thu, 18 Apr 2019 20:48:45 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:43865 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726974AbfDSAsp (ORCPT ); Thu, 18 Apr 2019 20:48:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634923; bh=IGbdibcUV8Ae5bpYVLlCyrn2lcUru6UOWag6V1sFgNk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=eWrPBUW5yTSFjkAabaAUX7nWTmsNrAgsFbkrVdWZ56zXK5ZHr4D95/eDJEAHuiNRxxrlPhOgNixMaH6SZbSi7p0o7oGEpgJRjU9vb4gVZvJMbv+y6uSuW5VBshhhSbvKRuymELIxW9CcuHppSGG1ilqsPw4nfIxYr9fkxc8MOEytwjftre/jVVN2NV6Pm2qqE2hE3Q1+MnPMGrZHt2KlsflZLuvRZh0uIazbqLiSD626OFeTdiUH0/XznYALcz2q5/ytSQLzpqI4LRT51jvFxq6JKEaEi0jW0RDe7sBv4Jitk2QKBNGKMb/JMtJ/U3qX5oSaz1U44tXT8e2M3BKxaQ== X-YMail-OSG: qJtbDJgVM1kuXEBvY_gyA594Qy04sC.qVfzAo8z8xcJDtJx.cnKTkXvXLKA9XIL BLljZ6YQFmj_XEC96n6q7ZsPE.7NZxHvm7p058_10p1EhyiAvCIt8KRMC4ZFO29NrTn4FLxxrY7c 0wWE65MgSGX1ODTrIK0nECqB9.XkwPK0Wk8t42q4z9vjInX4sOHE2mho_HDec0TCBQSDK1WtAu2O B4gzz4q1sc37_5mrbpTw2kPh3TLPXmH6BWW2Dg0ktXI7BMCen35sMrx23Yksfa6opHqS2Migb4BC 08FMJpVx27LMmLvHxWtrRXf7xlcF4dfIlCo9H6rHTh.T.Tof_ot0BDL8hrb8KkVpryib8fG0cxmF MCaVuuTJyYuY1Runs2G7J_lsSui0hsr7mFEQmQ6WnIEy.LRV4miXtLULbPJMVEIMrfo1frfwZdrq B6kmXwD87NOx7oN0g4BKmswa9VISoUZBDNGfgBBOtKvZwBvFTSeOXqulPS7w3wLBeSIKhGDiCzRF .vPx5z7ZtTe2WsxHEb.akoWgTk1aNUClG2.hNhexZou9EVy9Bq9lbuvOogkDUIZTSB12G4kMQRSH jo1iZJVUA0Re9QkASUPdc6SNcGxQiwGMi4E6wKicklh3qWs7FFLdOBlDocG9Y5jRRcqZk4Apfo_k NHzY2embLqrT1Z.9G0IuL2lHC_CkgWLlWI5wqtqhcNna4IDk44lmVNKUJppWfeQ3IfNfMH15jLt8 hbndwlV3BK1gifW9jcN57prnoM_OqJnwtD5yAUPs2XSy71sgIVGiLDC8rpv7m3sZEKv8.amqyFLu t3QJ1qhruvb2rX1Nj6wriHyhs71epV39.6FTIiPry3GAN8NU8UAFaC.Ri6hUEvKHAqrk1aSaCn5o D0svfjylllICxG1z.jEMSc0dO11kAJSgS_fBzNI46KN2fFwZAavhyGIlGXcyZ_oCO.KfEBCHRW.s HMb4q7gv.CqkmzutrxM0hairssO9NOlUZ9FG679GGKCt61I1x5jR6UuMv4t.0u6kK65AI3IGH8YU DB46bFfCSVFIdSOSEcQlHB42mXTrnWRlzHTq0_Vtj_Y9ekp9dC9u9hw.u5ww5c71jlFuxAd2Bdss oa3V0IC.bLFTIXcDgYMJmoqH_FsLsHo35uaVD8lmLY5dLMGaCdtWE9F6Fy60ZOQaJMIMHYUzRILl x_LKTkd9ke17QKA-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:43 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp415.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 33cedab91c06b09a1d8646eb41267569; Fri, 19 Apr 2019 00:48:42 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 61/90] LSM: Make getting the secmark right cleaner Date: Thu, 18 Apr 2019 17:45:48 -0700 Message-Id: <20190419004617.64627-62-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Getting the u32 secmark from the result of security_secctx_to_secid() requires knowledge about which LSM interpreted the context. Add a function lsm_export_one_secid() that finds the active secid in a lsm_export structure. Use it in secmark processing. Signed-off-by: Casey Schaufler --- include/linux/security.h | 16 ++++++++++++++++ net/netfilter/nft_meta.c | 7 +------ net/netfilter/xt_SECMARK.c | 7 +------ 3 files changed, 18 insertions(+), 12 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 0be6eadd0110..8eb849d71e9d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -117,6 +117,22 @@ static inline bool lsm_export_equal(struct lsm_export *l, struct lsm_export *m) return true; } +/* + * After calling security_secctx_to_secid() one, and only one + * of the LSM fields will be set in the lsm_export. Return + * whichever one was set. Used to supply secmarks. + */ +static inline u32 lsm_export_one_secid(struct lsm_export *l) +{ + if (l->flags & LSM_EXPORT_SELINUX) + return l->selinux; + if (l->flags & LSM_EXPORT_SMACK) + return l->smack; + if (l->flags & LSM_EXPORT_APPARMOR) + return l->apparmor; + return 0; +} + /* Text representation of LSM specific security information - a "context" */ struct lsm_context { char *context; diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index f25b26318d72..ef8db0fb0af1 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -588,12 +588,7 @@ static int nft_secmark_compute_secid(struct nft_secmark *priv) if (err) return err; - /* Use the "best" secid */ - if (le.selinux) - tmp_secid = le.selinux; - else - tmp_secid = le.smack; - + tmp_secid = lsm_export_one_secid(&le); if (!tmp_secid) return -ENOENT; diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index a06e50535194..b20753957e8d 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c @@ -67,12 +67,7 @@ static int checkentry_lsm(struct xt_secmark_target_info *info) return err; } - /* Smack is cheating, using SECMARK_MODE_SEL */ - if (le.selinux) - info->secid = le.selinux; - else - info->secid = le.smack; - + info->secid = lsm_export_one_secid(&le); if (!info->secid) { pr_info_ratelimited("unable to map security context \'%s\'\n", info->secctx); From patchwork Fri Apr 19 00:45:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908521 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4306717E0 for ; Fri, 19 Apr 2019 00:48:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3408728B1F for ; Fri, 19 Apr 2019 00:48:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 284EE28B8F; Fri, 19 Apr 2019 00:48:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CC5BE28B9C for ; Fri, 19 Apr 2019 00:48:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727000AbfDSAsu (ORCPT ); Thu, 18 Apr 2019 20:48:50 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:34547 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727009AbfDSAsu (ORCPT ); Thu, 18 Apr 2019 20:48:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634928; bh=IQPOe1KDOXin7cd+cq1pf4+Z4nQsCBIs+n+ynYEv1w4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=GCj30fSXlsgwMz8TmBvTL8LEmIXILSRk2X+FOAj+vilJdgVKurquc74DjVoRBDvUhPB6I7fmcRSW0fZq+NhOLTHS985cg3z66DiqIdYfH86FuuSAcQvBtR9wCzYSD+JMETRdmGs0fnbkdxCiKCicj0fkHq7krniEZY8FLqZ5Ghsa49fGaW5/koEj9cDWgH578AX/I5TToMhG5A3WQSE0iiXw/pzf3Kv4WcVScmeeoqHr4la+gQYIo/IxfYWwfIkxEYs0kx0kiqNWeCtbPTWsplNKzxjuYA6e5mi3xW1Yf0xvok8jsqFVQi4wdWFGC29Di2HxFSCt1y4W88qHzM2PIg== X-YMail-OSG: 5rLEYQQVM1mepwn5fu6N7lFG0dN1TLiyCqOfoYeRCcEhPefNNIX_XdIhWULk8qN lzdFrtP8xhATUOgtNlPFehjaiVkUphVYWDhHaPwwS5rU2l84O0eYVV0rIvxzZuBz3TN9C4XVSLhq 7NpNOTVNEtS4H96qp1nU1rYhofp5WVT5_JKQVGdlKgdw5AxIy2Zz0ey1HJOxU4jNj2W.KB4wnRUQ tbO07SmH9sVBwcO1qseAjNO4roBnxgknlW5e_NKcp4SfYQf4J.xuFLgA9SlSA8NOTPkkk4a8JjC3 v3b7J77SMl25Ti3mUVikoVN.GQdAtAJXS8QdV3gQ4Ze2sJA99PMcAcBwRNqoWx8P7n6ZNMkEhO.U JDEzEpiHCwM5WBb3zEWIldwj5ZkUcI6Ou.cIU7yFFISkPdJbT4NxrenDoaA7PZmzkx53SpzZgMpf IjnA3rXCvDUKlHWhVxNaTCfJKKaY4wjlX9A5ecCmxN_zgEvCey3_JNd.PoN_hFvHb8Bg87V0xhL2 4fmU5Mj9gQcixqiDPLdo.bDFJhbdsEbK4NUbwASKtQhRWapXHMzQDz_Sbi4a3Zst_eoQSpXN9LXD QHmdPaZg7hsvqZDtQ2ueDpDGhkTXJqOleKVOntnMCmDesRfRa.okzAGYSnsd2BRvnRNaoJYGwbrf kQhwwRMYCp0_BuJMJXXAaECqNQJp5MO52MI4_K1KHx8w_GsXNWAnmBnszSMep3XJhTjTh24IsHua itF6aERs.l3QdIt3EVFqRI9jBIw7TL158AE0N.W.D_WqS3Zd_6xRojZ4up4IXdXRpHUu8iKOJ53u kulgYo._FWjwIh71J1bQnIqvywBvdw4AvKnM.EftnF.97R6YCNvZ6hQ3XTd5kq7lKKHlFo6oevzv uKBbH0JW0D_8OvIeLVMzWNJ3i9brho0yKsnDzT_ycQG2NvnUHBm6Kp8zN2_6BdreBztEtSOk6Zxk sgSusQdUmIEm134OBnIdIujMv4AaOJmrHBOUItow8A9KxFyMRu32mArKfUUT.SF8wrV6HcKlGwCf g2qsOkOlxZtaqMO3WnprE9twkE2xS6LrkqpHnSXBv7ssR.sYZoYN4eqYYzeDCmSWeOpYfV6oiUjX YuDQ0f8AAU38HRJg5RpvcZfbNTmMGkNkph7v7DSQ5Lb2UhhMLiqo19fePfDZANf1YAQEWQazn Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:48 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp415.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 33cedab91c06b09a1d8646eb41267569; Fri, 19 Apr 2019 00:48:43 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 62/90] netfilter: Fix memory leak introduced with lsm_context Date: Thu, 18 Apr 2019 17:45:49 -0700 Message-Id: <20190419004617.64627-63-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Fix a memory leak introduced by the scaffolding around the introduction of lsm_context structures. Signed-off-by: Casey Schaufler --- net/netfilter/nfnetlink_queue.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 4a3d4b52caef..7a095b9d0a10 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -305,14 +305,13 @@ static int nfqnl_put_sk_uidgid(struct sk_buff *skb, struct sock *sk) return -1; } -static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) +static void nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsm_context *cp) { #if IS_ENABLED(CONFIG_NETWORK_SECMARK) struct lsm_export le; - struct lsm_context lc = { .context = NULL, .len = 0, }; if (!skb || !sk_fullsock(skb->sk)) - return 0; + return; read_lock_bh(&skb->sk->sk_callback_lock); @@ -322,14 +321,10 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK; le.selinux = skb->secmark; le.smack = skb->secmark; - security_secid_to_secctx(&le, &lc); - *secdata = lc.context; + security_secid_to_secctx(&le, cp); } read_unlock_bh(&skb->sk->sk_callback_lock); - return lc.len; -#else - return 0; #endif } @@ -406,7 +401,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, enum ip_conntrack_info uninitialized_var(ctinfo); struct nfnl_ct_hook *nfnl_ct; bool csum_verify; - struct lsm_context lc = { .context = NULL, }; + struct lsm_context lc; size = nlmsg_total_size(sizeof(struct nfgenmsg)) + nla_total_size(sizeof(struct nfqnl_msg_packet_hdr)) @@ -472,7 +467,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, } if ((queue->flags & NFQA_CFG_F_SECCTX) && entskb->sk) { - lc.len = nfqnl_get_sk_secctx(entskb, &lc.context); + nfqnl_get_sk_secctx(entskb, &lc); if (lc.len) size += nla_total_size(lc.len); } @@ -635,8 +630,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, } nlh->nlmsg_len = skb->len; - if (lc.context) - security_release_secctx(&lc); + security_release_secctx(&lc); return skb; nla_put_failure: From patchwork Fri Apr 19 00:45:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908511 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A8DD318FD for ; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9B08528B1F for ; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8FC8E28B9C; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3677028B1F for ; Fri, 19 Apr 2019 00:48:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727008AbfDSAsq (ORCPT ); Thu, 18 Apr 2019 20:48:46 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:33944 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727002AbfDSAsq (ORCPT ); Thu, 18 Apr 2019 20:48:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634924; bh=vf/aL6n6NKaDhEgvGBqKFINI51OYLza2qYfAZZQENPo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=F49mIX/KrQ2E0/HTdASxZscGbNnL5SE3WPm3rMLMBZEBPQrzrRG7PKSa8M0/ZIcQSElkFmAddzY4NvVZEvaCt5gtlGQekkod8Jqowz8RBkk11RxgBXUzhuBt6iOOiBjBF/CCAnqdR9nts10wok2RvD4+59SuLcLjQWw4klYjg2azYTmCLDg5TUEvqAeihixdrsuFh8oDjYgviOEekyAm4d5MhpGb1p1QGjf0e6uhxp+fcpe+NoqxWFli81WDyvzdVSoLOqEje2WvBaZaz85OSd3IL+xL9An4Ejuxo/IpfTljq/JIJkIMz5CGr/0U+Dlp6EysZoAPocbYZUjjqzdkxA== X-YMail-OSG: 59TOLCkVM1l95IFCeTnF0VwwVEzxzkYlrbEoaLdqnGLy3Y3eXsHowYtQjI3s_rc Qm22ZybwDU4ZCr5CRGWjmBTCcHmDrne7EP.R_Pc5oxVTWk3NPRs3QZ3_RorZaMgLfeebM7SYDdxw ikWGRGslXpI6HzsCvKzq_VkeZ909T2A4rsTJT0ke_baeyFVvOMpAvdoEqiSvGqF_LyF66c3f4aEl xvl1ZgSi13Lwef1PWMGbYE_RDzk85KnzsmZF19t_LoT4OCLjEpiLiR5NKpoLBUZ2BbmiZ3ZuBrOi 5TUwORuheQ37MGzWmfDrHrqMihq9J5NNuuvH4QIEvIwCMc7a6G4ATrUGlTUVUQ3u7YJW0..yfYjS AjiIwj1QX2vUw3Zpsp973BY.i2UkdqMw3gcs0Qxff5hbLIH.1_QrFI_RUvbX4AFcVwcstK1cGywV eztyIczSRhdKApptzIVqD8Rk4F7Mhm50GGNPlPRlSgRoLGnkYGXGdASa9i8FlgF9WBIEt4P0gef3 tTfZVkh9yylKJjOsYdjepcloXJGpanDKVZ72740QmyRAmY_LrQTrSOCNq05XbEx9vqKgELyuzaUe wP65VBv_IFUJh4OEG3kVBESTEoNwHT8A9oB9Klq24_G.BDjsa33VDTEIy27_h6j8I58l.Q4qKhYN eAOw5tpjpSTjfM3euid0eAzYNA7XtnMxtl803QvsChbN7qfEe0yNP.b1tBrffx35lnr83Qm93Y_0 mPFDIm0nLgmVXBe1reucSRHSkrJfxX9yfjhdtFE.YOoAboefCUw5LF3WCxkME3OhCRE.JF4m..38 CzZQM0DgrAHsgdhZVqcG8xek1Dv.DCr.HZKjdOQm9s.JlaO73rAzixDsssN2jWSP_wDxjFZbKQhr Ezyi5e7ESgf6pJIngj4Z.vTS7OtTf3Era6rRB5bk4xsM0UCvUEGQXh439.IfaQzVYmtIIJtd1b91 Jb8mdXObfWqpaY240RROs7QnX_2j7GeIQAa4U9wPVoyy6E2bUm5lFNaMrfTY_oKbLuMfTuGxL7QI Lpyx_89oz0Yed0FxWfZ28rgv5qef9kQyao4n4xmJr7UJwy9ShUNUqAZIc1UtDZ5tuLm4X2PDDWmM _QklKDk5kw8FZii3awQWkuUvCbXIcSI0Zg1C3F375KR0jMVH899dnGOKzaHjEuanZ8075.cq2_7N 58vYHHDArpuod Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:44 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp415.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 33cedab91c06b09a1d8646eb41267569; Fri, 19 Apr 2019 00:48:44 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 63/90] Smack: Consolidate secmark conversions Date: Thu, 18 Apr 2019 17:45:50 -0700 Message-Id: <20190419004617.64627-64-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add a helper function smack_from_skb() that does all the checks required and maps a valid secmark to a smack_known structure. Replace the direct use of the secmark in surrounding code. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 39 ++++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 4570e8cac1b3..aaca4ba53032 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3820,6 +3820,20 @@ static int smk_skb_to_addr_ipv6(struct sk_buff *skb, struct sockaddr_in6 *sip) } #endif /* CONFIG_IPV6 */ +/** + * smack_from_skb - Smack data from the secmark in an skb + * @skb: packet + * + * Returns smack_known of the secmark or NULL if that won't work. + */ +static struct smack_known *smack_from_skb(struct sk_buff *skb) +{ + if (skb == NULL || skb->secmark == 0) + return NULL; + + return smack_from_secid(skb->secmark); +} + /** * smack_socket_sock_rcv_skb - Smack packet delivery access check * @sk: socket @@ -3854,10 +3868,9 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) * If there is no secmark fall back to CIPSO. * The secmark is assumed to reflect policy better. */ - if (skb && skb->secmark != 0) { - skp = smack_from_secid(skb->secmark); + skp = smack_from_skb(skb); + if (skp) goto access_check; - } #endif /* CONFIG_SECURITY_SMACK_NETFILTER */ /* * Translate what netlabel gave us. @@ -3900,9 +3913,8 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) proto != IPPROTO_TCP && proto != IPPROTO_DCCP) break; #ifdef SMACK_IPV6_SECMARK_LABELING - if (skb && skb->secmark != 0) - skp = smack_from_secid(skb->secmark); - else + skp = smack_from_skb(skb); + if (skp == NULL) skp = smack_ipv6host_label(&sadd); if (skp == NULL) skp = smack_net_ambient; @@ -4003,9 +4015,11 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, break; case PF_INET: #ifdef CONFIG_SECURITY_SMACK_NETFILTER - s = skb->secmark; - if (s != 0) + skp = smack_from_skb(skb); + if (skp) { + s = skp->smk_secid; break; + } #endif /* * Translate what netlabel gave us. @@ -4022,7 +4036,9 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, break; case PF_INET6: #ifdef SMACK_IPV6_SECMARK_LABELING - s = skb->secmark; + skp = smack_from_skb(skb); + if (skp) + s = skp->smk_secid; #endif break; } @@ -4100,10 +4116,9 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, * If there is no secmark fall back to CIPSO. * The secmark is assumed to reflect policy better. */ - if (skb && skb->secmark != 0) { - skp = smack_from_secid(skb->secmark); + skp = smack_from_skb(skb); + if (skp) goto access_check; - } #endif /* CONFIG_SECURITY_SMACK_NETFILTER */ netlbl_secattr_init(&secattr); From patchwork Fri Apr 19 00:45:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908517 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CDAA0922 for ; Fri, 19 Apr 2019 00:48:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BF25728B1F for ; Fri, 19 Apr 2019 00:48:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B394228B91; Fri, 19 Apr 2019 00:48:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 73D8C28B8F for ; Fri, 19 Apr 2019 00:48:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727019AbfDSAst (ORCPT ); Thu, 18 Apr 2019 20:48:49 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:33110 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727000AbfDSAst (ORCPT ); Thu, 18 Apr 2019 20:48:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634928; bh=MLDeC9Ht4LZU4r6lmDzLBrgMarlsX79yWQkujVoSPSc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=pKQMvVfx+nT/yL3wU5sG+NwDCuY0BoTdi1gGRGokqqCpNE2234XFWTMxEuJB9r8SorCBH5rEaFiyK1YViDaYC9+FTYgNROWaA4V0lJb6X/SooeDlNk4mwvyQegBSDstxysXXSlxGCBDJMAyutA+z+HTg4+6R52RILX9A9JHwdiARHoxmSZ2eSpb/q+5S3ZdZj+N2FjfFi5MyHeUPTYhvM2wJ+CE4Akn8rxPD5sWrS+B1QFUFrbeFVFf3LnEIyaAdKoNCQh+i2Umkaj/Sl43J1stue7X9bqxZUSyndFwNGW7pD9wi4q4ZlNgTNXH+YAozuJ4oPq34tML7ozJCjlTwJw== X-YMail-OSG: NJULh9AVM1lTgNcsu.lN00iqL08Ef2iB8rmCUvbMhkQSSvuZrp9us9RsslvSnt9 Fvuvra1mPSQARLfHaSOyQcSfiqLL8A0AO1SUifAm6jBrHyR8DNGAnZNC4RxRPQqTV2YLyvMH.sI6 duooi4jC0Vk6lb7LsKaNmRK79rQBBk1aNxpLyxO3ccYU.4Yo_DqNnLPpwIukpdPsrX7a5x65MrnJ HbHOR78njJUg_1kKHsIJqNABGzDi7pHFAntKQ3af_6mnA4djVVQ7Q5uyPSAEqaryr1F47EUCthU_ 0Fb7QmUKnSaeWUIDODtPWnF2XsnXQsW.lWrUthPUTGmSTCjRvMBmQjQOJhnI06OwX96gzP8fwGgA Mz8nhNaNr4.hUridKqewMHEo7NF_S_vx52D9NrMMo5.Cksh0JSoDw9gakvkyn9yx738hdOVUIkD0 LmfRRrNjwOhhGtdpiYrUpR_bScZSZGpb8m6ykT.f2M.NaHc.A1I37_sZNenxJNcH3.GLmNZZZvCT _kIa0OSKi7OdJ_ByBIS13jRBnv.9KL393pmXNtoVSpwmhVz_9aTu6_1wr0iKgOBGsQIQVa7_aKQA k4cs1fem6A4S8UI0hz67dcTG6wsETE8TrH_r05vcE1KpBC6su996UjyjIsd036DJSsGXuM_rYSSo E6ywTKkZsTBRC8KDRCZRdfT8VDMruuXPAiIgNCjLwKiWRPL6IjGf3AdAlX5W39F99rfqg2.4MoQR nT2mlsD18qIJz5hm7LSMGGUs9B_PyOrkSG7ahPm6N6D1y_kmOdvrrYaM_Ioa6MP5Ygctd6f6Wi60 KRrEDBVQY9.gPq_1cp9N96eJVw6XeRzOK23I3MY8YkfIGDHWK9ebn.1FsV.C3T2lTsmAM6Q7JiNa BmYYRcUh68zMsQ2gvoAt9V0IB6tMa_0c6frtsXHeu4slSiEf71UwBBHzqREI4mwi_AqKokderocu TLCem8pgiEaDZiQ9.r7yQf41tDFamOz2cF4Q9uG_Ht2iuo8o7he8mTX8IDeqiKNmgBFIioUHKhH_ w49vSLJr0asjOpBqzuTCgENLA.m._cuMc6B0ApsvLFeeTWVcrVV9sKQUHxTWnGCQoSg1IxWDWGN7 baBIJQZkEZlxn4Kuqu0B6dPuUpHEDHrNoJIv9DVALCq._UAkRHZLx7vs94jgHZFqYMBglKcg4Nkw 52TEbbIMl1sN.9c436pGyZnlt Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:48 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp415.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 33cedab91c06b09a1d8646eb41267569; Fri, 19 Apr 2019 00:48:45 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 64/90] netfilter: Remove unnecessary NULL check in lsm_context Date: Thu, 18 Apr 2019 17:45:51 -0700 Message-Id: <20190419004617.64627-65-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP There is a redundant NULL check when releasing a security context. Remove it. Signed-off-by: Casey Schaufler --- net/netfilter/nfnetlink_queue.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 7a095b9d0a10..83bb44d70582 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -638,8 +638,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, kfree_skb(skb); net_err_ratelimited("nf_queue: error creating packet message\n"); nlmsg_failure: - if (lc.context) - security_release_secctx(&lc); + security_release_secctx(&lc); return NULL; } From patchwork Fri Apr 19 00:45:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908529 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 34A9C1932 for ; Fri, 19 Apr 2019 00:48:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1F3AD28BAC for ; Fri, 19 Apr 2019 00:48:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1395E28B91; Fri, 19 Apr 2019 00:48:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8AEAB28BAC for ; Fri, 19 Apr 2019 00:48:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727020AbfDSAs4 (ORCPT ); Thu, 18 Apr 2019 20:48:56 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:41883 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727018AbfDSAs4 (ORCPT ); Thu, 18 Apr 2019 20:48:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634934; bh=O0IeCsut2lmwjAFie1gHcZBQCGvPQaJTqoCsbXdNgtQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=DzzUJSNhMd4YFiszblAelG/LSrRU4CmT1KpwYYGft/6rZzOgf9miP8yR48pObyY1ntqQpiGF8M2dNPzKOOeGNX6TSEQCuSFC0VLmbAPcyYaAuKJzPC+Q+XgVOLGFPFPz0bpjkni2g55wP296LleL4xDjMJr/kerk7+ubHUdhVEP8PmEQ8UO/b4O/t1KtmZCuZKtj+4rlQH8gP/EQglkiyyCSkihED47Ika9XvqCQhmWiZ7o3/dc3T7sf9fDP/xeKJdSNPflMRa8x+XhayXTCmRBt17ljdAuXbgwPXy1fi6166u8/REP9qUWufLnFbP+u9Z02Om74AKZFakUJe17rFQ== X-YMail-OSG: Gem5FuQVM1nKG9t6Qvsblwkoo8QGqZtymIS9_vaz_.iCFl0iEAchjHDgJaaqzzV tt9v9AY7NvIohEPUZHTuyy2zSKw2D7fyOuLujzzMEqi65nwmDE18JwzLiQy8ElWJn_usDjtk5HKj XwYxYoE6nlOJujwD_hDqSyaGpy91.rzfSHQKOxxTPKwyyAMnU0lnXW5tXrCmad8yt0sRCn.EPDLs 0jB4lGTQ0rs7Qm80QByNQE16FyU8Hi9Bsv1.0S7BlTEJbOQV_NTSuP9_HNBK33ZGf3YXpfSvjvMu _qkYdNNywSKPAQqTnO2046fMT2rb1unvEGSB0Ybwjd5nCOwXUyBLwSeKhotfTiQk_hPvoGKcTAel fvZgs7Q2sH8VhakJB3hWzmJHHHwZxrA0Hf_Hzwcx.8sl2rprnnURSmaF2YbVCOQOFPr2X2pg10iG EU6vpgp0cy08wZPN6wF1IOTGLj.25KxEksClr8fsDbSyInSq8cSkpPBOmozgFqizhri8BetXVQ3c 8oZifsnIl38TO5_2RJwOja2rTIQqheB90pLDHkHb3u6c2W9h2iUReNfXFpwz_fgSZuLTZoqPyqLs nHZWMNEVApEL0Dc_YtLQPTYK9yJAQGKZuJS.BzrF2T76tpt2yyzfEG0BfYeXlms8ciyaTQxojs2S 7sbg8Fe0WV9n95FXAZFaSPmxluy3Rrk62hndxVFTcCddYl7JyQ63caXwqH4kVlkXi3FKtUpkXdUb K_vTfPlyfOuK3ELbQcnCVhtLHtIiV_tsKx2V17aCMd9QSjaVFE2ZykDvJUammwjO9EJCotQbNBgu JFmE7HneVHDT69DZg3_x95libtFu1V2fICrmvILg3IU.MjReLIMGEdSI1BS5lvK08laOYVPr7855 YZkaSRyLbs3I0F.q1jxOaLaDZAXDCn2hhSO2aueO8Rglpm5Hze14NYlvcbFKff4yGSBTyDfs_JM0 kJWlFLdRle0MMliJfJIMpf1lDiQpWsFolul8A.UepppokxAeIq2.7Cg0lXt6z9joB7hxpS3Cg1gR gPtioTPmlU0ZTixR6kxGInU6WzIDLv6FbNDWAk8i7mlVTwvPZ9PIfqzFLVlsre5YHT7Fv9zivsg6 TMjh5u5Q74HoeNozGVvwRKYkjhS_g5rE9X17dhDlnGxhxhEB1LHg_sf5eFkReDlMvL3pr7uwIijy CIN7fVEHnJLHC Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:54 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 406f9efc49df2aab5b39f3872aa73829; Fri, 19 Apr 2019 00:48:52 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 65/90] LSM: Add secmark refcounting to call_one list Date: Thu, 18 Apr 2019 17:45:52 -0700 Message-Id: <20190419004617.64627-66-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add secmark_refcount_dec and secmark_refcount_inc to the LSM hooks for which only the designated module is called. This is in support of consistant secmark behavior. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 2 ++ security/security.c | 44 +++++++++++++++++++++++++++++++++++++-- 2 files changed, 44 insertions(+), 2 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 711f9b3eb265..5135b8d1d759 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2049,6 +2049,8 @@ struct lsm_one_hooks { union security_list_options secctx_to_secid; union security_list_options socket_getpeersec_stream; union security_list_options secmark_relabel_packet; + union security_list_options secmark_refcount_inc; + union security_list_options secmark_refcount_dec; }; /* diff --git a/security/security.c b/security/security.c index f99845aae595..d36e5bf594dd 100644 --- a/security/security.c +++ b/security/security.c @@ -459,6 +459,12 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, else if (hooks[i].head == &security_hook_heads.secmark_relabel_packet) lsm_base_one.secmark_relabel_packet = hooks[i].hook; + else if (hooks[i].head == + &security_hook_heads.secmark_refcount_inc) + lsm_base_one.secmark_refcount_inc = hooks[i].hook; + else if (hooks[i].head == + &security_hook_heads.secmark_refcount_dec) + lsm_base_one.secmark_refcount_dec = hooks[i].hook; else continue; if (lsm_base_one.lsm == NULL) @@ -740,6 +746,14 @@ int lsm_superblock_alloc(struct super_block *sb) RC; \ }) +#define call_one_void_hook(FUNC, ...) ({ \ + struct lsm_one_hooks *LOH = current->security; \ + if (LOH->FUNC.FUNC) \ + LOH->FUNC.FUNC(__VA_ARGS__); \ + else if (LOH->lsm == NULL && lsm_base_one.FUNC.FUNC) \ + lsm_base_one.FUNC.FUNC(__VA_ARGS__); \ +}) + #define call_one_int_hook(FUNC, IRC, ...) ({ \ int RC = IRC; \ struct lsm_one_hooks *LOH = current->security; \ @@ -2010,6 +2024,8 @@ int security_setprocattr(const char *lsm, const char *name, void *value, union security_list_options secctx_to_secid; union security_list_options socket_getpeersec_stream; union security_list_options secmark_relabel_packet; + union security_list_options secmark_refcount_inc; + union security_list_options secmark_refcount_dec; if (size == 0 || size >= 100) return -EINVAL; @@ -2056,6 +2072,28 @@ int security_setprocattr(const char *lsm, const char *name, void *value, break; } } + secmark_refcount_inc.secmark_refcount_inc = NULL; + hlist_for_each_entry(hp, + &security_hook_heads.secmark_refcount_inc, + list) { + if (size >= strlen(hp->lsm) && + !strncmp(value, hp->lsm, size)) { + secmark_refcount_inc = hp->hook; + found = true; + break; + } + } + secmark_refcount_dec.secmark_refcount_dec = NULL; + hlist_for_each_entry(hp, + &security_hook_heads.secmark_refcount_dec, + list) { + if (size >= strlen(hp->lsm) && + !strncmp(value, hp->lsm, size)) { + secmark_refcount_dec = hp->hook; + found = true; + break; + } + } if (!found) return -EINVAL; @@ -2075,6 +2113,8 @@ int security_setprocattr(const char *lsm, const char *name, void *value, loh->secctx_to_secid = secctx_to_secid; loh->socket_getpeersec_stream = socket_getpeersec_stream; loh->secmark_relabel_packet = secmark_relabel_packet; + loh->secmark_refcount_inc = secmark_refcount_inc; + loh->secmark_refcount_dec = secmark_refcount_dec; return size; } @@ -2327,13 +2367,13 @@ EXPORT_SYMBOL(security_secmark_relabel_packet); void security_secmark_refcount_inc(void) { - call_void_hook(secmark_refcount_inc); + call_one_void_hook(secmark_refcount_inc); } EXPORT_SYMBOL(security_secmark_refcount_inc); void security_secmark_refcount_dec(void) { - call_void_hook(secmark_refcount_dec); + call_one_void_hook(secmark_refcount_dec); } EXPORT_SYMBOL(security_secmark_refcount_dec); From patchwork Fri Apr 19 00:45:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908525 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C418117E0 for ; Fri, 19 Apr 2019 00:48:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B5A5B28B8F for ; Fri, 19 Apr 2019 00:48:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A9D5428B91; Fri, 19 Apr 2019 00:48:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 42A3528B8F for ; Fri, 19 Apr 2019 00:48:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727021AbfDSAs4 (ORCPT ); Thu, 18 Apr 2019 20:48:56 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:38266 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727009AbfDSAs4 (ORCPT ); Thu, 18 Apr 2019 20:48:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634934; bh=ORbRvUuux3kmPjo0O2j+KtG3N/AG1FBfXpeKW+fyBLI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=m38suh//TLtlLVqUGMP7YHy8/EaA6UPScTqoZUzC142a3iShadz6cX1d70qdVaFs0lqyqB+oOH442MoInuq5kxkT9qMRQ74hLb5PdNx9pl1QkXajMdvKyhsY+PFU9oPahEvUUcY9DcBNs3tUJLY8gZNC5RnSs/S8H+Ep8ewPaPcEPQA2wjPber35gIPuYYu10h193PsFKRX72GJ8MxyiEmhJobXgTiSyOn0BWh32KDEtOW20RJn8cJG0nYliZe0qfLV4iuyTTafDZC1olwarxQSN3dWQOGZuNf9sXbeQEagda8YFDCe3Xh6i7PJg6Z0BlBK0FVb1QoJXEihPtKegsg== X-YMail-OSG: 9eHLjN4VM1kF6lRnbGCDc20GURfrRGhiIYWbrUmstuCydfELWTLN9tMq7gIYJq7 uQ4wLA5jhfKEhAVQPpv_rBzN4_f0LK6j2HHOOgz04Bh4jMvkW9clq49A3Bqz6NoUAiWNbhNBLp90 k8LETUHk0qjW1JXn5ge9sRv.N0WuJ0osRvDyubemfe26_Zih92i_G.2qOY0.8t92iMJpy4dMM_KD CvI9pJ8JnEFjSSCPg6c790UDgEnl5IIgEd.Xz7rwX58.LRNY6wMA3CMtqma2BKkdrnOamABBueDa 1OqM_gItL_P.chP15zV1dftN6cv0RHxb.KNTSHG9JDG0HaskZ2qRHxuIs7_ceSQV4letBuMh.dxy UyeXZvBp3DOrJ18__ujyqZTmAzdTX.LJNn74K_cWyBWZTEjmrX7r264UV6559Z03v6gFvxxLjUNr cHc31oIvkNfCyYnOOxc5m4Sm3LWTOAJjZg4WE6YGYqMX1XJaVgguE6wE293pPDd8mJzOtOHgvFWa Jm6fo0swJ6uZQgCVN_AgIWf1f3.Huwmj.vupKC31Lqxp6OBO2pS6N8v91M9odlrBItlui6EhQNDf xReGJhqb_r5ORpZjFTF3O5bJUk2Pnyc48QZ2JLMxlK_KvlxuuiapgOp7UrYHx5rD1.ubcxzuJuam MVVtAIkj.zTK0HUK8ystsShfjmxSoe3vcrFpf5bYcZG5LXpPvuD.Qw3ZR2bGQ.DL9wunIWfJIz7B R2FhLivR7xYDX5tWTExIYnb7_RPtxuEFSedl6X_U47NJPswz2k2LOOnaeJVRq8sqqc13rEGLRoK1 ppZWQdwywsrC5M6hFVNwiG5AvD51df1RexJ8Fekzf8ja.sDtP01XyitSTIHBb3tdUWaix.ZTdCzc 53WQ6VhoX49UvXb_KWyKgbOZgiP1vkE06GRm.CXs0k3uAEQASI4n7DGisqIYmUJmw1hqD46P1cY8 9CBGfyB_LukPLf8MpyjiVR1SXDC5xfmJqrukDodBlWcEUrIact1WTkHIuBPYGzNmaMQP5dGTPmyC cSbNEo1xKGQfDCgFR_aC4ks_vhdRMOWbMpMsKWcBYI2igCnAH.f.ZOhd0.hRu_TMeWbzfAAY0Jvs tu9dX3_RpknCk98OQcaa0Cyhv5SfObWiV2pI54UT32.4CGX5ROsg7ox6t1Sz3q6uhcgmJH_28qWU hDC_QNjX7gd8IaQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:54 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 406f9efc49df2aab5b39f3872aa73829; Fri, 19 Apr 2019 00:48:53 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 66/90] LSM: refactor security_setprocattr Date: Thu, 18 Apr 2019 17:45:53 -0700 Message-Id: <20190419004617.64627-67-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Break the common code for setting the lsm_one hooks into a helper function. Signed-off-by: Casey Schaufler --- security/security.c | 124 ++++++++++++++++---------------------------- 1 file changed, 45 insertions(+), 79 deletions(-) diff --git a/security/security.c b/security/security.c index d36e5bf594dd..0c749816fb7b 100644 --- a/security/security.c +++ b/security/security.c @@ -2004,12 +2004,31 @@ int security_getprocattr(struct task_struct *p, const char *lsm, char *name, return -EINVAL; } +/* + * The use of the secid_to_secctx memeber of the union is + * arbitrary. Any member would work. + */ +static bool lsm_add_one(union security_list_options *hook, + struct hlist_head *head, char *lsm, size_t size, + bool was) +{ + struct security_hook_list *hp; + + hlist_for_each_entry(hp, head, list) { + if (size >= strlen(hp->lsm) && !strncmp(lsm, hp->lsm, size)) { + hook->secid_to_secctx = hp->hook.secid_to_secctx; + return true; + } + } + hook->secid_to_secctx = NULL; + return was; +} + int security_setprocattr(const char *lsm, const char *name, void *value, size_t size) { struct security_hook_list *hp; struct lsm_one_hooks *loh = current->security; - bool found = false; char *s; /* @@ -2020,80 +2039,31 @@ int security_setprocattr(const char *lsm, const char *name, void *value, *s = '\0'; if (!strcmp(name, "display")) { - union security_list_options secid_to_secctx; - union security_list_options secctx_to_secid; - union security_list_options socket_getpeersec_stream; - union security_list_options secmark_relabel_packet; - union security_list_options secmark_refcount_inc; - union security_list_options secmark_refcount_dec; + struct lsm_one_hooks o; + bool found = false; if (size == 0 || size >= 100) return -EINVAL; - secid_to_secctx.secid_to_secctx = NULL; - hlist_for_each_entry(hp, &security_hook_heads.secid_to_secctx, - list) { - if (size >= strlen(hp->lsm) && - !strncmp(value, hp->lsm, size)) { - secid_to_secctx = hp->hook; - found = true; - break; - } - } - secctx_to_secid.secctx_to_secid = NULL; - hlist_for_each_entry(hp, &security_hook_heads.secctx_to_secid, - list) { - if (size >= strlen(hp->lsm) && - !strncmp(value, hp->lsm, size)) { - secctx_to_secid = hp->hook; - found = true; - break; - } - } - socket_getpeersec_stream.socket_getpeersec_stream = NULL; - hlist_for_each_entry(hp, - &security_hook_heads.socket_getpeersec_stream, - list) { - if (size >= strlen(hp->lsm) && - !strncmp(value, hp->lsm, size)) { - socket_getpeersec_stream = hp->hook; - found = true; - break; - } - } - secmark_relabel_packet.secmark_relabel_packet = NULL; - hlist_for_each_entry(hp, - &security_hook_heads.secmark_relabel_packet, - list) { - if (size >= strlen(hp->lsm) && - !strncmp(value, hp->lsm, size)) { - secmark_relabel_packet = hp->hook; - found = true; - break; - } - } - secmark_refcount_inc.secmark_refcount_inc = NULL; - hlist_for_each_entry(hp, - &security_hook_heads.secmark_refcount_inc, - list) { - if (size >= strlen(hp->lsm) && - !strncmp(value, hp->lsm, size)) { - secmark_refcount_inc = hp->hook; - found = true; - break; - } - } - secmark_refcount_dec.secmark_refcount_dec = NULL; - hlist_for_each_entry(hp, - &security_hook_heads.secmark_refcount_dec, - list) { - if (size >= strlen(hp->lsm) && - !strncmp(value, hp->lsm, size)) { - secmark_refcount_dec = hp->hook; - found = true; - break; - } - } + found = lsm_add_one(&o.secid_to_secctx, + &security_hook_heads.secid_to_secctx, + value, size, found); + found = lsm_add_one(&o.secctx_to_secid, + &security_hook_heads.secctx_to_secid, + value, size, found); + found = lsm_add_one(&o.socket_getpeersec_stream, + &security_hook_heads.socket_getpeersec_stream, + value, size, found); + found = lsm_add_one(&o.secmark_relabel_packet, + &security_hook_heads.secmark_relabel_packet, + value, size, found); + found = lsm_add_one(&o.secmark_refcount_inc, + &security_hook_heads.secmark_refcount_inc, + value, size, found); + found = lsm_add_one(&o.secmark_refcount_dec, + &security_hook_heads.secmark_refcount_dec, + value, size, found); + if (!found) return -EINVAL; @@ -2101,20 +2071,16 @@ int security_setprocattr(const char *lsm, const char *name, void *value, * The named lsm is active and supplies one or more * of the relevant hooks. Switch to it. */ - s = kmemdup(value, size + 1, GFP_KERNEL); + s = kmemdup(value, size, GFP_KERNEL); if (s == NULL) return -ENOMEM; - s[size] = '\0'; + s[size - 1] = '\0'; if (loh->lsm) kfree(loh->lsm); + + *loh = o; loh->lsm = s; - loh->secid_to_secctx = secid_to_secctx; - loh->secctx_to_secid = secctx_to_secid; - loh->socket_getpeersec_stream = socket_getpeersec_stream; - loh->secmark_relabel_packet = secmark_relabel_packet; - loh->secmark_refcount_inc = secmark_refcount_inc; - loh->secmark_refcount_dec = secmark_refcount_dec; return size; } From patchwork Fri Apr 19 00:45:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908531 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6B5CB1515 for ; Fri, 19 Apr 2019 00:49:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5631228B1F for ; Fri, 19 Apr 2019 00:49:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4AEC128B9C; Fri, 19 Apr 2019 00:49:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BF07D28B1F for ; Fri, 19 Apr 2019 00:49:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727035AbfDSAtA (ORCPT ); Thu, 18 Apr 2019 20:49:00 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:36219 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727018AbfDSAs7 (ORCPT ); Thu, 18 Apr 2019 20:48:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634938; bh=H1TSzSq4uFLYhDu853vDJ5OALlVedvdY2SPUi+Vr3D4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=PX6O+LeLw4rj/5XrdgDYrqC6pSt99l0RmORlFkl5h2SSMhme5ipOSmJY62XdLoTm7j4tMFfN1k9ewy4CKd/0GAicwTa3fiWaWsvSQh1V5jIBXaHhBdib95UwfxPf5hZXLGg7PQYWXRdun8OpURfNk8aS4GIUyOpwRFOdm9xrNQpWI2DDvyKNH2fZtPyhP41M8HAad7xbFtg5OLYwn8wMJ1JoEEytn3JBLR9pDldtdKJ0dd3CRtRo5XnW94yS8eJIRpGBtXQbxUp7ksXQSQuLrmJAIiZr/XSYxdhjl75XuhHlz0sW0l3NkX31O7btHZH/LqBNPLlNYvN7G1/4yqpwaQ== X-YMail-OSG: YhxrFNwVM1mrg6C6dSnAJQBRCnKTKour8tAO5VqF5obnBQ_FyzZ6UiiHzMdIRxr Yr0rRGE1GGfwuMr6.gmaCW3YSOhpNN.gYN..QAN0J.BjaT0avvLOpyYtG39lAgrckRYuwZdl89T8 ha.TNqm2amHqDuFE6TRr8GABoJ8XXlAT_fLCHikaK.LM7GESEu98Bog_tOggRJGQKxOHud0EyKSS JTMfr6wV497cVJKXm9uR.qgpYdK18dEojk_nKoatD6pQ3wEe0HTcS2WLy1m2RCm5ymIzwo3m0WgZ NeeGGiIz26aioEpWyqSWIaxk8JN9vIOXlqwb1h58ldNZsH6Q9pmvEwxhO7NNnsBpsDIjl1b1RbP7 EI9L_ngxVxLPIJXq_4AtzkUCRvAOUFkq5jZwjNL4Xf8LXT.GJNFLgCa3FU3p8KKzuscfLcC1Dyz3 9NejsJ6Xu61_7n.9HjcD5cpP5TpHLHJHGuWT2eIe_pgqeIe_Z1Kl5UHM.o1_i.7WBsHhlPPr39zs kC3F6bGzKyNLzX0NS4pKxpqF6EMfp_zMQvXr9KX6o42_idLEN0lZH8tN9xruxgIJhCzKPP_QwItR a7HZzTOqMJOBs9qK_sYHqbgqIOhetJmZQVgRaqdVN_6krhUwHndfED99LCts5C6wuNLcBLZiSArA jIQBuby_hZXnFj7z91sKPtm5ktll63WSdXFETWXVq2hVTaKIk2e0gk3jxcQwFATMj4Zi6uWnK21h 0AjfDATBHO8Jh4AH7rM64GSbcfmbvgqit5MOV98teqpF2oOuuOQ0UX_X6FSFbr0G_UT3vYzS9qYy VZbwEzy9t6VELaqfXAM_KXWkAEk1sYf7Fu.w__0d_TjyKIwWZVKtV0z3xd57nW5gxk2u1y7k6GsM cZwijcM7MK3zWQNZLqplqVakA6Rsw_7FEnrpJ_.a6yOm4_TYYBnXZm0QSLVMcxAWfU1z0E9dmk_x rQbNWXVv8BIGNSB.4TN9HKLgrLKAT.RZr_5kUIKyw_wqzqKpASdugJes_.RmCr69_RrdRVIr3gXV 4quq86RX0E_RRm7g5Gx60wwl3nuR.yCLk2XwOBg0tAvFby4mm8lrowDtx451r47kS1PWx6qH.gEi i5Hna8eMhy4KOu8HsrWy_xIuW9wPyfi13Vu0.20SeFMFwkjLEB1jDnXu_qe9vw0Jz Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:48:58 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 406f9efc49df2aab5b39f3872aa73829; Fri, 19 Apr 2019 00:48:54 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 67/90] Smack: Detect if secmarks can be safely used Date: Thu, 18 Apr 2019 17:45:54 -0700 Message-Id: <20190419004617.64627-68-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Utilize the security_secmark_refcount_in() hooks to determine if Smack can safely assume that IP secmarks are not being used by another LSM. Only use secmarks if they can be determined to belong to Smack. Signed-off-by: Casey Schaufler --- security/smack/smack.h | 15 +++++++++++++++ security/smack/smack_lsm.c | 16 +++++----------- security/smack/smack_netfilter.c | 25 +++++++++++++++++++++++-- 3 files changed, 43 insertions(+), 13 deletions(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index 7cc3a3382fee..66ad1c175002 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -544,4 +544,19 @@ static inline void smk_ad_setfield_u_net_sk(struct smk_audit_info *a, } #endif +#ifdef CONFIG_SECURITY_SMACK_NETFILTER +extern bool smack_use_secmark; +void smack_secmark_refcount_inc(void); + +static inline bool smk_use_secmark(void) +{ + return smack_use_secmark; +} +#else +static inline bool smk_use_secmark(void) +{ + return false; +} +#endif + #endif /* _SECURITY_SMACK_H */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index aaca4ba53032..d76aa0fc37a4 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3828,7 +3828,7 @@ static int smk_skb_to_addr_ipv6(struct sk_buff *skb, struct sockaddr_in6 *sip) */ static struct smack_known *smack_from_skb(struct sk_buff *skb) { - if (skb == NULL || skb->secmark == 0) + if (skb == NULL || skb->secmark == 0 || !smk_use_secmark()) return NULL; return smack_from_secid(skb->secmark); @@ -3862,7 +3862,6 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) switch (family) { case PF_INET: -#ifdef CONFIG_SECURITY_SMACK_NETFILTER /* * If there is a secmark use it rather than the CIPSO label. * If there is no secmark fall back to CIPSO. @@ -3871,7 +3870,6 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) skp = smack_from_skb(skb); if (skp) goto access_check; -#endif /* CONFIG_SECURITY_SMACK_NETFILTER */ /* * Translate what netlabel gave us. */ @@ -3885,9 +3883,8 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) netlbl_secattr_destroy(&secattr); -#ifdef CONFIG_SECURITY_SMACK_NETFILTER access_check: -#endif + #ifdef CONFIG_AUDIT smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net); ad.a.u.net->family = family; @@ -4014,13 +4011,11 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, s = ssp->smk_out->smk_secid; break; case PF_INET: -#ifdef CONFIG_SECURITY_SMACK_NETFILTER skp = smack_from_skb(skb); if (skp) { s = skp->smk_secid; break; } -#endif /* * Translate what netlabel gave us. */ @@ -4110,7 +4105,6 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, } #endif /* CONFIG_IPV6 */ -#ifdef CONFIG_SECURITY_SMACK_NETFILTER /* * If there is a secmark use it rather than the CIPSO label. * If there is no secmark fall back to CIPSO. @@ -4119,7 +4113,6 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, skp = smack_from_skb(skb); if (skp) goto access_check; -#endif /* CONFIG_SECURITY_SMACK_NETFILTER */ netlbl_secattr_init(&secattr); rc = netlbl_skbuff_getattr(skb, family, &secattr); @@ -4129,9 +4122,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, skp = &smack_known_huh; netlbl_secattr_destroy(&secattr); -#ifdef CONFIG_SECURITY_SMACK_NETFILTER access_check: -#endif #ifdef CONFIG_AUDIT smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net); @@ -4708,6 +4699,9 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sk_alloc_security, smack_sk_alloc_security), #ifdef SMACK_IPV6_PORT_LABELING LSM_HOOK_INIT(sk_free_security, smack_sk_free_security), +#endif +#ifdef CONFIG_SECURITY_SMACK_NETFILTER + LSM_HOOK_INIT(secmark_refcount_inc, smack_secmark_refcount_inc), #endif LSM_HOOK_INIT(sock_graft, smack_sock_graft), LSM_HOOK_INIT(inet_conn_request, smack_inet_conn_request), diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c index 701a1cc1bdcc..ea45b173f8ca 100644 --- a/security/smack/smack_netfilter.c +++ b/security/smack/smack_netfilter.c @@ -21,6 +21,15 @@ #include #include "smack.h" +bool smack_use_secmark; +static bool smack_checked_secmark; + +void smack_secmark_refcount_inc(void) +{ + smack_use_secmark = true; + pr_info("Smack: Using network secmarks.\n"); +} + #if IS_ENABLED(CONFIG_IPV6) static unsigned int smack_ipv6_output(void *priv, @@ -31,7 +40,13 @@ static unsigned int smack_ipv6_output(void *priv, struct socket_smack *ssp; struct smack_known *skp; - if (sk && smack_sock(sk)) { + if (!smack_checked_secmark) { + security_secmark_refcount_inc(); + security_secmark_refcount_dec(); + smack_checked_secmark = true; + } + + if (smack_use_secmark && sk && smack_sock(sk)) { ssp = smack_sock(sk); skp = ssp->smk_out; skb->secmark = skp->smk_secid; @@ -49,7 +64,13 @@ static unsigned int smack_ipv4_output(void *priv, struct socket_smack *ssp; struct smack_known *skp; - if (sk && smack_sock(sk)) { + if (!smack_checked_secmark) { + security_secmark_refcount_inc(); + security_secmark_refcount_dec(); + smack_checked_secmark = true; + } + + if (smack_use_secmark && sk && smack_sock(sk)) { ssp = smack_sock(sk); skp = ssp->smk_out; skb->secmark = skp->smk_secid; From patchwork Fri Apr 19 00:45:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908535 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8B737922 for ; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7620328B1F for ; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6A6A328B9F; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0A04F28B1F for ; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726813AbfDSAtB (ORCPT ); Thu, 18 Apr 2019 20:49:01 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:38624 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727047AbfDSAtB (ORCPT ); Thu, 18 Apr 2019 20:49:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634940; bh=irB6ChJAf0NNvtmr1bddnxr04exdAr8I2+tqVZgLMNg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=Q235N0EYNG6m5+fx6S+Zn43wJ7OT3VA2EFf31xRgkmvnyUZyxiKbViSJeVbw0+wzJSqUHuNFlrTzhat0/pyG+7SVyUzySTnWFrR95YOJ8lXzXiI+PtjTpxOpB/1Yso8vq8TKqJDGpYhl66LwnW2RHRg0gYQo5LV0Dz5+yEW0eqvo4oID2q0N7ETE99g2OGTSVCDqiB6j5q4xO7j6+cA+rXb30AmLS0KVLHc5viIv8j3+DCkW2/igKYRTBKXI5bNcotQ7s6iGL388jLq2zdLS3ecLUBApiCgp8ziU9thkML+GS2R5KO5dd+MlMBIMhPm+dJG+tRNbpvP/k9O4BsBAmg== X-YMail-OSG: c9wQnyUVM1k9pQVTsezXwlikkYOi2Y.ex2yAm3pyWjKD5Gvpp_W53bUzODJ0EYm MQbnlx5876SgcD4ClRmRaEG29rxI_h4gRFRzAfd.A6fuO4XO6R0hAzHfVQDyFWLPZUMXKJhbaqaR Z3Vx1RxwgwEIMFQDJBLI2v2xlU4mZCQoXvdAEknwB7se1hpVi6wTVb8cLaGZPcVtTZANJ3Pk1nvJ yKQ5xzKSSoTLnZTnriihGoJd2_2pyA140nd3_ClJTIF9rIvYS1QwLmBqPDOosEhhYQqvvPuFCto0 _63KH6t1zqx2twRx7wPDVGKxDrvv0jJ9WKboqRFb3r5YFkNRuvx353EcyytLCKQt.1K.qQ_JmOMN fgi.eJBuShOC9XWG5aj6zfGjTQh2a0kFupcQUU5KD2sKBHebjggxVF0qNrud6QW9cbAt.avsqBLn XXmhjFfXpBNWUEWbe_OwD6r17THsS3LuNu8v.r.wDUst.5KTTb60vxmhWAMK8ZnGZ4fIrNo2JSWg 1HZkDWaOEB.KOeKqtlFVJ.WlK1ZslvEh7pDk7O_GDLmy788GLDCAcx8p3hCIby0bKS1t0MUzgrhy eHcg0hXDyL.p6x.cV50rIxOltL.keZmdrxOMcOGDBwp8iQq_bayqv80jzPGmPewt6o40BJFgogIp TelEGmL9Z58VQXjDwle0ZkDwhRw7aeVTQxZe0p8RgWLrfnwh9vZq4iWq48ucmcfkb4vuibkHe_0A .RdPvK6O86wBw9y2lDFgH7enz.sCerbC1Bv4B9LaV9Uq3A5C4f69DCOxJqxrPuV76OY.vkFhW5G_ ButU0f5qeavr9tXewurmr6RSNc8Z4xIJ9rsmFr5dmve3pmMiGxiHYtiHQbvaN4jyvK64dQphPdIy f_mKDZf1GRqz4_5nSiHMxK1AqFq0n2yGKmIadxAZ7pC__l_2DniA9ldP4kPhWzNf7GW3HveEfhZA ICGYJTkPaX72xXmfWBisXqDTZkj9J3e5SfTBmzwZbxHQy52lnxljOhypSowfIYAI5sVWl6rEiSkU 34T8F0Jvht8HcnwJ8KgnX4PsGBff.nnrxTJjELKgHk7KlIen2YGLtXBjYuBcs.E2cDUfL6oG85qq xKlbdCXKWrGGYi59DfLD9GrrPb_go4P64pTwQZ3JFBucXPqbL0wGOx2V440X5WL4uBb0.Zb5SyGj VZCs3oVFadbbDFA-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:00 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 406f9efc49df2aab5b39f3872aa73829; Fri, 19 Apr 2019 00:48:56 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 68/90] LSM: Support multiple LSMs using inode_init_security Date: Thu, 18 Apr 2019 17:45:55 -0700 Message-Id: <20190419004617.64627-69-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Refactor security_inode_init_security() so that it can do the integrity processing for more than one LSM. Signed-off-by: Casey Schaufler --- security/security.c | 48 +++++++++++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 19 deletions(-) diff --git a/security/security.c b/security/security.c index 0c749816fb7b..b8c90e7c4554 100644 --- a/security/security.c +++ b/security/security.c @@ -1064,9 +1064,10 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, const struct qstr *qstr, const initxattrs initxattrs, void *fs_data) { - struct xattr new_xattrs[MAX_LSM_EVM_XATTR + 1]; - struct xattr *lsm_xattr, *evm_xattr, *xattr; - int ret; + struct security_hook_list *p; + struct xattr *repo; + int rc; + int i; if (unlikely(IS_PRIVATE(inode))) return 0; @@ -1074,24 +1075,33 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, if (!initxattrs) return call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir, qstr, NULL, NULL, NULL); - memset(new_xattrs, 0, sizeof(new_xattrs)); - lsm_xattr = new_xattrs; - ret = call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir, qstr, - &lsm_xattr->name, - &lsm_xattr->value, - &lsm_xattr->value_len); - if (ret) - goto out; - evm_xattr = lsm_xattr + 1; - ret = evm_inode_init_security(inode, lsm_xattr, evm_xattr); - if (ret) - goto out; - ret = initxattrs(inode, new_xattrs, fs_data); + repo = kzalloc((LSM_COUNT * 2) * sizeof(*repo), GFP_NOFS); + if (repo == NULL) + return -ENOMEM; + + i = 0; + rc = -EOPNOTSUPP; + hlist_for_each_entry(p, &security_hook_heads.inode_init_security, + list) { + rc = p->hook.inode_init_security(inode, dir, qstr, + &repo[i].name, &repo[i].value, + &repo[i].value_len); + if (rc) + goto out; + + rc = evm_inode_init_security(inode, &repo[i], &repo[i + 1]); + if (rc) + goto out; + + i += 2; + } + rc = initxattrs(inode, repo, fs_data); out: - for (xattr = new_xattrs; xattr->value != NULL; xattr++) - kfree(xattr->value); - return (ret == -EOPNOTSUPP) ? 0 : ret; + for (i-- ; i >= 0; i--) + kfree(repo[i].value); + kfree(repo); + return (rc == -EOPNOTSUPP) ? 0 : rc; } EXPORT_SYMBOL(security_inode_init_security); From patchwork Fri Apr 19 00:45:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908539 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0037618FD for ; Fri, 19 Apr 2019 00:49:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DDE9728B1F for ; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D05C228B8F; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5CB4028B9C for ; Fri, 19 Apr 2019 00:49:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727047AbfDSAtB (ORCPT ); Thu, 18 Apr 2019 20:49:01 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:44090 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727032AbfDSAtB (ORCPT ); Thu, 18 Apr 2019 20:49:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634940; bh=48+5U+50jFm6f0Nxz7VZWq9WDAQQ3RN6UxLpN1fpkp4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=eZRDDxVdqNZulrvKaDrgCGwAsFxAHwO+CUQ1m2WG3L91pxh/jnsjzAc7Duas5SF0Z/LCH0/GB7xjywRXw9P/kNtREPwyEWlI4zeLr+kmZFrbU7EAWhn4z5DwQBMprSEj3+Bz8p+zet4H3ykGyjbKXl+2e4wXj6dZ+bYbyHPudyKyNR7idYd0H3lCgKoFZJ1/+pGcMlvYZNVD23kcH0hzxp7Nq8h/JmQ7naNPxyErfWUrXif8Tyn7AiaSDK9FNZW/SO7/Cz48r3/kWLXbzeNEUqaNjiwAd0d4jOAV9gS/5KxJGaqlISHycyJOk5o62AX7C7QpP6nD6R+ZYyIoJd1JhQ== X-YMail-OSG: XTNKt_cVM1nfmoc4nlQ9LkojrCTFRUWLXRQme9ry8pvUgEo4ff0Rn3IGW2JcO98 .c4Tubj518xQeoDyhBl0XQ1hq_2GRCK8zq2RXLQ9BMflMVBRK864ZRqiDijwBRmgK97oGO.1PBZU WBIjzz.W1XVyVz4NmRAj5OuKdz3OPvx6iYOqnIvH2Igo9iCssembyUcXpkRIGel5n.IZuzO4mJMi 8sovGU.1q_wtAwImVQPvQzytRVCZvI5103E4Mzo_pSB9r2X48ZIlDxFC39VYXCZ7aLzQgfeFdM1R EQBH7uuU5V00ZGdHSExyN9zn1LzaWU8lvDDKb.GzviwCC0P.lMorpeqI.ImEjy3yYFmLuEb4BwF1 82hahZ34xxh5LABTLVC_t41cF32wCD_WkvY3R6NsBQ4munuN_YbQt7MqMCJvnbDb_Gpjuiouyb.7 XWXgnj3I55SmSc0RfLcdv4WdsNlFab9RIWb2Y8AKrlm_5fZPQT1aZqI16r.2dhRVE50fLC2bwjIo bmfe.If0yKWQVqFP8YN5NMNJj3ya54iM1UmpvppjpwkVBtycIDtxM9_qBthUJXYSoSquaeCWA4cC QNaDFanvKi3IpmtsXZbejlc3yBTIdLyydbujd4XY.XXSycFoYl1ms5NSGQoNoDH7Kdadno4JeXIc e1dypFJNQVjw6i6GcWMX6Lu9NTkco7eIRQe.7Y4FrLiBH57a6Ctu6xR7HmYIaU2SHs3TqZIYvVTv 6tE1s17Jcjf2msKvCxAu16rB2Urs1BAr8jKEBBe6XZr_s8iy80twFxUZ1HPq4QCNPuNN0Nkj_fKE sqqifBqi3APWQ4DzBQk_fXF2cUE5HfPaCJfJ32rm61FNreN3PLIg_HyN2AFyK2dHr.o.zW5SmWew C.Rj6lXul0fojVxKThw0wDgTpVJwDNpZEwZFozpsc3aXSakgb12skOI48nPYMw0Fc9nFU.6sy.Wc LJfy8ptfDBYgPswkJOjIsrYoBDvonUFmxf2Se_eAaMTKU7G1Db3FVEY2QJnlp9EcLAKJwKNe1.BH qdyJi2dF9jNVs4Yrhir01N2tdbCvcBtlkBOTfjkHdgnGpD4cuWWv.Gh8Itcpv2DIecVOU1ylCOJT 5s2EbBDslVCX6PKOpGzC7UOf_bw2IoLjmlRzlDzocrz3t_9V78ww7o4pMZo39wspDNkvzMB4ik67 VPBSxR3ncc4rwnw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:00 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp432.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 406f9efc49df2aab5b39f3872aa73829; Fri, 19 Apr 2019 00:48:57 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 69/90] LSM: Use full security context in security_inode_setsecctx Date: Thu, 18 Apr 2019 17:45:56 -0700 Message-Id: <20190419004617.64627-70-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The security hooks security_inode_setsecctx and security_inode_getsecctx need to maintain the context strings for any and all LSMs that provide contexts. This information is internal to the kernel and volitile. If only one LSM uses this information the raw form is used. Signed-off-by: Casey Schaufler --- security/security.c | 110 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 108 insertions(+), 2 deletions(-) diff --git a/security/security.c b/security/security.c index b8c90e7c4554..05a19b28e105 100644 --- a/security/security.c +++ b/security/security.c @@ -425,6 +425,9 @@ static int lsm_append(char *new, char **result) /* Base list of once-only hooks */ struct lsm_one_hooks lsm_base_one; +/* Count of inode_[gs]etsecctx hooks */ +static int lsm_inode_secctx_count; + /** * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add @@ -442,6 +445,15 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, hooks[i].lsm = lsm; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); + /* + * Keep count of the internal security context using hooks. + * Assume that there is a 1:1 mapping from inode_getsecctx + * to inode_setsecctx in the security modules. + */ + if (hooks[i].head == &security_hook_heads.inode_getsecctx) { + lsm_inode_secctx_count++; + continue; + } /* * Check for the special hooks that are restricted to * a single module to create the base set. Use the hooks @@ -2150,15 +2162,109 @@ int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) } EXPORT_SYMBOL(security_inode_notifysecctx); +/* + * The inode_[gs]etsecctx functions need to proved a context + * for multiple security modules. If there is more than one + * LSM supplying hooks the format will be + * lsm1='value',lsm2='value'[,lsmN='value']... + */ +static void lsm_release_secctx(struct lsm_context *cp) +{ + kfree(cp->context); +} + int security_inode_setsecctx(struct dentry *dentry, struct lsm_context *cp) { - return call_int_hook(inode_setsecctx, 0, dentry, cp); + struct security_hook_list *hp; + struct lsm_context lc; + char *full; + char *ctx; + char *quote; + int rc = 0; + + if (lsm_inode_secctx_count <= 1) + return call_int_hook(inode_setsecctx, 0, dentry, cp); + + full = kstrndup(cp->context, cp->len, GFP_KERNEL); + if (full == NULL) + return -ENOMEM; + + ctx = full; + hlist_for_each_entry(hp, &security_hook_heads.inode_setsecctx, list) { + if (strncmp(ctx, hp->lsm, strlen(hp->lsm))) { + WARN_ONCE(1, "security_inode_setsecctx form1 error\n"); + rc = -EINVAL; + break; + } + ctx += strlen(hp->lsm); + if (ctx[0] != '=' || ctx[1] != '\'') { + WARN_ONCE(1, "security_inode_setsecctx form2 error\n"); + rc = -EINVAL; + break; + } + ctx += 2; + quote = strnchr(ctx, cp->len, '\''); + if (quote == NULL) { + WARN_ONCE(1, "security_inode_setsecctx form3 error\n"); + rc = -EINVAL; + break; + } + quote[0] = '\0'; + if (quote[1] != ',' && quote[1] != '\0') { + WARN_ONCE(1, "security_inode_setsecctx form4 error\n"); + rc = -EINVAL; + break; + } + lc.context = ctx; + lc.len = strlen(ctx); + + ctx = quote + 2; + + rc = hp->hook.inode_setsecctx(dentry, &lc); + if (rc) + break; + } + + kfree(full); + return rc; } EXPORT_SYMBOL(security_inode_setsecctx); int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { - return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, cp); + struct security_hook_list *hp; + struct lsm_context lc; + char *final = NULL; + char *tp; + int rc; + + if (lsm_inode_secctx_count <= 1) + return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, cp); + + hlist_for_each_entry(hp, &security_hook_heads.inode_getsecctx, list) { + rc = hp->hook.inode_getsecctx(inode, &lc); + if (rc) { + kfree(final); + return rc; + } + if (final) { + tp = kasprintf(GFP_KERNEL, "%s,%s='%s'", final, + hp->lsm, lc.context); + kfree(final); + } else + tp = kasprintf(GFP_KERNEL, "%s='%s'", hp->lsm, + lc.context); + security_release_secctx(&lc); + if (tp == NULL) { + kfree(final); + return -ENOMEM; + } + final = tp; + } + cp->context = final; + cp->len = strlen(final); + cp->release = lsm_release_secctx; + return 0; } EXPORT_SYMBOL(security_inode_getsecctx); From patchwork Fri Apr 19 00:45:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908543 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 327281515 for ; Fri, 19 Apr 2019 00:49:11 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1C7AE28B1F for ; Fri, 19 Apr 2019 00:49:11 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0E98828B9D; Fri, 19 Apr 2019 00:49:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 88AF628B1F for ; Fri, 19 Apr 2019 00:49:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727059AbfDSAtK (ORCPT ); Thu, 18 Apr 2019 20:49:10 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:44917 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727054AbfDSAtJ (ORCPT ); Thu, 18 Apr 2019 20:49:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634948; bh=d5byK4DqcfIbnPzz1tahUCb++vs0/VJdTyNADlEhXIU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=BJpwsZVIvYS9aYB03aAKhjPXSzNKLWdN/On8bVn3ODMBJIKo4BlAcycNsHCtArTR/xQoMGZWfGntxEw0dzOtYNOgTXn7mLCGM51xvfdGvBAoZ0w+kWk3jnEYklec6BMQT+zTi01tqg4+uTSfusU9g33aBju1d8YRs6rx3xnhhd6p4i7abV5+FHmRrIuMO34FhTt6OB9sjGeNvdYjd8l+elJsaG/hi+Rw9SfUsTDH2eJoTVL7/x5rhDp5CwvLhOSFm8rfR9HaoKRh008VuYaq/mxaq4YEXRpNf7CmVRSKIAfZhGmbpwWtlFiciI61F1bJ1ejzDerXCr6sINCvSMl6rg== X-YMail-OSG: MOU0_ZIVM1kNMn74rzxah3yXPnQ.Fr_ruvhCE5lG1wLRMGWo9qL.aPv9mTEgkSF eMauBQEMj10DoiR8hsrcySZJaxNqlnOGK4FG00jIqJhEEfkfxYpxZmHmfXcQIxdjeziHp2dH17Uh XymZCnxE53VwSMgNMWBVRFgVsCCx3qprglxMtuTiRCEFp2GrcbM4Y.F0Y_TMmhSlaEyqmohAp8Zf QSr.CuZFkOP_N7xvTQ7U1wlWOJ0Az4RgS4mZh_VkQ2p_v2g6wwhfquieEzBpyPTsegwA6SJVyS.c IbuMgR7RvvEemDv2FUjISTrVAuE3txP6I.o6HDZybDKz6NqeTLO1SnbM0438EGuwgT5wu1JkdZ5P s1Cayvp7s7nuT74QbLimAOQC7unD_na.Hae1_lx2gx.cql3xsrTt2Urv3sw2EdJAjYHxQenbPMp4 kTBsvqGVpPWmWzliu1K3PT5q3DMmCvg1ACiPvkYhx8L_iCiyBAMcruqq.RPHx_iJYNGBbYPOmdFg AcltW2f7V6yiQiZcADz0MsCuuGqYoAOIsYKQtk0ZnvQOqLPvKJxMYfqedg6V2dYmSSOKw_sW69dA nuzQBljEVnGvM7r2F6MegmALgb.ryo5e9kCWlG81uNKVwcOPME30Mr.E5wCiJtwuMATMF1aT1PlO PYTyoH.xn4e0BzXF.roXuXD04gYMZVVoxRdJoqOQ6LUgEvLIRnGgny3bv1PyIIzD67u7XI6N3wb6 vL7GIpDndAjx5Q3xCZLZoCP8V7ikA9YrPpto3U6eUjHYgAE9hgNC5a6RsIyTj2wbJhFdRJ9bWFoe sKsD26yzz7E_rVB1xenyfwfUtWVyoAJrc0NQGu1QWFn.rhpBpTgE9jveshorbZKgvcK8uQ0VPNNE eL.qTGr7LdNmizLemcIs_b65rgDYEdO_cJqzpEoTLmAi0HwrOO2MFNxf3EPRRqu4jM0CQjaFit10 mSyAekJdM4Oq1ruCMoJ.bpiJKb_VpZda3RsbYNbZ68LzAQMNBZ9C1uA9OPNknQJiYd2KJvBSJIEA AGerMHOrlk6LdgUlUXd.J1i3pw4PI7afIl5byFXLAzEwYQ0gXhNGQ4H4TvGAubDAVjyYZyxqTUJy H5wzpJwmV1sDkcwpe_luALHl1HkIgkAgbcjQBIrOwUoQ4oF.PEhfioZ6FFdVCeLbCetI6LfAUEMr Xxq5rKHA6HS29 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:08 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp419.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 524225efee00edb3a1e75559f6c5c8ed; Fri, 19 Apr 2019 00:49:04 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 70/90] LSM: Correct handling of ENOSYS in inode_setxattr Date: Thu, 18 Apr 2019 17:45:57 -0700 Message-Id: <20190419004617.64627-71-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The usual "bail on fail" behavior of LSM hooks doesn't work for security_inode_setxattr(). Modules are allowed to return -ENOSYS if the attribute specifed isn't one they manage. Fix the code to accomodate this unusal case. This requires changes to the hooks in SELinux and Smack. Signed-off-by: Casey Schaufler --- security/security.c | 28 ++++++++++++++-------------- security/selinux/hooks.c | 7 ++----- security/smack/smack_lsm.c | 10 +++++----- 3 files changed, 21 insertions(+), 24 deletions(-) diff --git a/security/security.c b/security/security.c index 05a19b28e105..f1e2ffe81829 100644 --- a/security/security.c +++ b/security/security.c @@ -1341,24 +1341,24 @@ int security_inode_getattr(const struct path *path) int security_inode_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) { - int ret; + struct security_hook_list *hp; + int rc = -ENOSYS; if (unlikely(IS_PRIVATE(d_backing_inode(dentry)))) return 0; - /* - * SELinux and Smack integrate the cap call, - * so assume that all LSMs supplying this call do so. - */ - ret = call_int_hook(inode_setxattr, 1, dentry, name, value, size, - flags); - if (ret == 1) - ret = cap_inode_setxattr(dentry, name, value, size, flags); - if (ret) - return ret; - ret = ima_inode_setxattr(dentry, name, value, size); - if (ret) - return ret; + hlist_for_each_entry(hp, &security_hook_heads.inode_setxattr, list) { + rc = hp->hook.inode_setxattr(dentry, name, value, size, flags); + if (rc != -ENOSYS) + break; + } + if (rc == -ENOSYS) + rc = cap_inode_setxattr(dentry, name, value, size, flags); + if (rc) + return rc; + rc = ima_inode_setxattr(dentry, name, value, size); + if (rc) + return rc; return evm_inode_setxattr(dentry, name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index af0d98f4dd37..17ba47f9f4e2 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3097,13 +3097,10 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, int rc = 0; if (strcmp(name, XATTR_NAME_SELINUX)) { - rc = cap_inode_setxattr(dentry, name, value, size, flags); - if (rc) - return rc; - /* Not an attribute we recognize, so just check the ordinary setattr permission. */ - return dentry_has_perm(current_cred(), dentry, FILE__SETATTR); + rc = dentry_has_perm(current_cred(), dentry, FILE__SETATTR); + return rc ? rc : -ENOSYS; } sbsec = selinux_superblock(inode->i_sb); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index d76aa0fc37a4..0e2f68e5b895 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1281,7 +1281,7 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name, strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0) rc = -EINVAL; } else - rc = cap_inode_setxattr(dentry, name, value, size, flags); + rc = -ENOSYS; if (check_priv && !smack_privileged(CAP_MAC_ADMIN)) rc = -EPERM; @@ -1295,11 +1295,11 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name, rc = -EINVAL; } - smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY); - smk_ad_setfield_u_fs_path_dentry(&ad, dentry); - if (rc == 0) { - rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad); + smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY); + smk_ad_setfield_u_fs_path_dentry(&ad, dentry); + rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), + MAY_WRITE, &ad); rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc); } From patchwork Fri Apr 19 00:45:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908553 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A9B941515 for ; Fri, 19 Apr 2019 00:49:14 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8F75528B9F for ; Fri, 19 Apr 2019 00:49:14 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8351228B9D; Fri, 19 Apr 2019 00:49:14 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D6B1328B9F for ; Fri, 19 Apr 2019 00:49:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727065AbfDSAtN (ORCPT ); Thu, 18 Apr 2019 20:49:13 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:32963 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727068AbfDSAtM (ORCPT ); Thu, 18 Apr 2019 20:49:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634950; bh=NzIbNj3420MeAfnn4NhgXXttfOBB14E8Boq0C6nczTs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=prcoC2/iCKF+27jb05Rbk4mayV4i8GbD1ObfHAJmCFLDNFtsevmeOxSYqVzG+NPQqiN7+qhNIBfvCfuIAx7gXib+E7eQ5S8HU6CWNTY+4m21znthOpt7Iznpk7OIUFPjRqIRBOerJDy8LMCR4UxMOzynxkjK8lFhIQDuezD6h87um3PX4MWIcA/W9fNhqP1YkQf8tQTUfJ65rOrSlRrVUdD54ZLt/EZFqbKe+6tFx3NOEkaAJWFiB8AswZO9lrZa2uWmSOgJ+zhRao8T5c22H02KNkPpKf1YBVZHj4wsQ7+PTDohYjuqywU2Uvq9WcOH5MSUpK6rU+1L/PiN8VeKEg== X-YMail-OSG: vYUajbMVM1ly1OonIjcNznEpUadDEAXSA6rn7P9Vh8mh60HjN4qZb8aAfT5yqTT 8DGUCUbFW_NrLFRPUsaT58oAnQN9M8r.mYWdbsW0i5qvg7DlU7c3NGOLP2NiQudeg0KmFpuT_dPu 2oCps96.w5zy.olzf.WVSQ5HEVrFKL.GMdj4k1tK4UQZ4j.UNQ0v0gqHuzPmJIWZh5JzESe02crK FToIbyaxAUS_uqpxwc6UZFg6y2WwiZfj9N2Zs99a.2IBJY8KFvTFJoRoqa0eOLVzAJs33N.dBhYz eru23dWuvsBi3SHDMpdxYKRgq88j_Dub5RODLKRt4z5uYi89QtnIkvOl30WvjzZLoam3C3eNXeDB nOJRGDUsNLywLb07jB41lFX05R05z9ZGV3jgMKPsPMMWPRDdvdDcyzOSmkoZVhbDlIqrJFN82xjf Gn1UO1YZKnxdwxkCbVumXKElmQwBuuSL5zWEe6c2rtsd9YGOXocWash7VbEK9lEiaaGQdVT4KAoA oBzTIG._I_4LOLZ1YGua.I.YY3mrNZaHZ9M6CBBlXJd1W0X4jhy6cQu1eHy4doJ6uQXhjeh9K2sR Wler9sAJmCN8WyRP.rvaYnPtoYZhqkuaGatXe2ss1A9G4ydrrNg8XWWM8Bdj.l3DXsq5nue5vLrc TITpS_k8VDthRYZTZfQYBg1KHz4HMzFquEFo20wdVpI4G3EffyQ6x_UYPzhOAOtsp4JryDokEgY5 s5nv1JV7MiLIazHQ370FB5DI74dffPVqOef7UR.Lo5pWlM6awolPeNph0wsbq0NEKBbaFkE0ohxz yD3KhLv_SrqZ7QFyJnzlQA4Xm6chgdohYYeFrE9T_WiAJoalbDrDu1pSPg1D1qhAe1Mbj31Hepmx 7p33IRG1saEnaTaJTEhB9qop_PJB265rDxCrb6tCDu5EORmU1Oe9giRipwLysLJASzYFMWaWrd90 xnrOcXeqP_IAkSenyBDyId7N0KVSW6e_dyAqT71F7CXjPB9.1TputkmMf4vG6BJ5mxZGKUNKFMnt I0gNK917yS9T4THPqExwRtYNnGcCrqCLiAS8ChmPU8hDeXucsn81n4rj5aPUv7TsIHCTNuxyFywt 2sLb95gAwI4ZlctPtk.cMCUAE2djA92ejTUR2.nncVPmd5V2efNSYwkLjt3Yz7uIVq9nKwuwAqx6 LGi6tArg_mYtq Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:10 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp419.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 524225efee00edb3a1e75559f6c5c8ed; Fri, 19 Apr 2019 00:49:05 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 71/90] LSM: Infrastructure security blobs for mount options Date: Thu, 18 Apr 2019 17:45:58 -0700 Message-Id: <20190419004617.64627-72-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Manage LSM data for mount options in the infrastructure rather than in the individual modules. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 5 +++++ security/security.c | 18 ++++++++++++++++++ security/selinux/hooks.c | 31 ++++++++++++++++++------------- security/smack/smack_lsm.c | 19 +++++++++++++------ 4 files changed, 54 insertions(+), 19 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5135b8d1d759..34f98cfe2ffd 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2066,6 +2066,7 @@ struct lsm_blob_sizes { int lbs_key; int lbs_msg_msg; int lbs_task; + int lbs_mnt_opts; }; /* @@ -2139,4 +2140,8 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, extern int lsm_inode_alloc(struct inode *inode); +#ifdef CONFIG_SECURITY +void *lsm_mnt_opts_alloc(void); +#endif + #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/security.c b/security/security.c index f1e2ffe81829..63b001e60b59 100644 --- a/security/security.c +++ b/security/security.c @@ -177,6 +177,7 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) #ifdef CONFIG_KEYS lsm_set_blob_size(&needed->lbs_key, &blob_sizes.lbs_key); #endif + lsm_set_blob_size(&needed->lbs_mnt_opts, &blob_sizes.lbs_mnt_opts); lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); lsm_set_blob_size(&needed->lbs_sock, &blob_sizes.lbs_sock); lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); @@ -315,6 +316,7 @@ static void __init ordered_lsm_init(void) #ifdef CONFIG_KEYS init_debug("key blob size = %d\n", blob_sizes.lbs_key); #endif /* CONFIG_KEYS */ + init_debug("mnt_opts blob size = %d\n", blob_sizes.lbs_mnt_opts); init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); @@ -726,6 +728,21 @@ int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_mnt_opts_alloc - allocate a composite mnt_opts blob + * + * Allocate the mount options blob + * + * Returns the blob, or NULL if memory can't be allocated. + */ +void *lsm_mnt_opts_alloc(void) +{ + if (blob_sizes.lbs_mnt_opts == 0) + return NULL; + + return kzalloc(blob_sizes.lbs_mnt_opts, GFP_KERNEL); +} + /* * Hook list operation macros. * @@ -939,6 +956,7 @@ void security_free_mnt_opts(void **mnt_opts) if (!*mnt_opts) return; call_void_hook(sb_free_mnt_opts, *mnt_opts); + kfree(*mnt_opts); *mnt_opts = NULL; } EXPORT_SYMBOL(security_free_mnt_opts); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 17ba47f9f4e2..86578f7de131 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -383,14 +383,20 @@ struct selinux_mnt_opts { const char *fscontext, *context, *rootcontext, *defcontext; }; +static void *selinux_mnt_opts(void *mnt_opts) +{ + if (mnt_opts) + return mnt_opts + selinux_blob_sizes.lbs_mnt_opts; + return NULL; +} + static void selinux_free_mnt_opts(void *mnt_opts) { - struct selinux_mnt_opts *opts = mnt_opts; + struct selinux_mnt_opts *opts = selinux_mnt_opts(mnt_opts); kfree(opts->fscontext); kfree(opts->context); kfree(opts->rootcontext); kfree(opts->defcontext); - kfree(opts); } static inline int inode_doinit(struct inode *inode) @@ -638,7 +644,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, const struct cred *cred = current_cred(); struct superblock_security_struct *sbsec = selinux_superblock(sb); struct dentry *root = sbsec->sb->s_root; - struct selinux_mnt_opts *opts = mnt_opts; + struct selinux_mnt_opts *opts = selinux_mnt_opts(mnt_opts); struct inode_security_struct *root_isec; u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0; u32 defcontext_sid = 0; @@ -653,7 +659,8 @@ static int selinux_set_mnt_opts(struct super_block *sb, server is ready to handle calls. */ goto out; } - rc = -EINVAL; + /* Don't set any SELinux options. Allow any other LSM + that's on the stack to do so. */ pr_warn("SELinux: Unable to set superblock options " "before the security server is initialized\n"); goto out; @@ -980,16 +987,17 @@ static int selinux_sb_clone_mnt_opts(const struct super_block *oldsb, static int selinux_add_opt(int token, const char *s, void **mnt_opts) { - struct selinux_mnt_opts *opts = *mnt_opts; + struct selinux_mnt_opts *opts = selinux_mnt_opts(*mnt_opts); if (token == Opt_seclabel) /* eaten and completely ignored */ return 0; if (!opts) { - opts = kzalloc(sizeof(struct selinux_mnt_opts), GFP_KERNEL); + opts = lsm_mnt_opts_alloc(); if (!opts) return -ENOMEM; *mnt_opts = opts; + opts = selinux_mnt_opts(opts); } if (!s) return -ENOMEM; @@ -1042,10 +1050,8 @@ static int selinux_add_mnt_opt(const char *option, const char *val, int len, rc = selinux_add_opt(token, val, mnt_opts); if (unlikely(rc)) { kfree(val); - if (*mnt_opts) { + if (*mnt_opts) selinux_free_mnt_opts(*mnt_opts); - *mnt_opts = NULL; - } } return rc; } @@ -2611,10 +2617,8 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) rc = selinux_add_opt(token, arg, mnt_opts); if (unlikely(rc)) { kfree(arg); - if (*mnt_opts) { + if (*mnt_opts) selinux_free_mnt_opts(*mnt_opts); - *mnt_opts = NULL; - } return rc; } } else { @@ -2637,7 +2641,7 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) static int selinux_sb_remount(struct super_block *sb, void *mnt_opts) { - struct selinux_mnt_opts *opts = mnt_opts; + struct selinux_mnt_opts *opts = selinux_mnt_opts(mnt_opts); struct superblock_security_struct *sbsec = selinux_superblock(sb); u32 sid; int rc; @@ -6641,6 +6645,7 @@ struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { #ifdef CONFIG_KEYS .lbs_key = sizeof(struct key_security_struct), #endif /* CONFIG_KEYS */ + .lbs_mnt_opts = sizeof(struct selinux_mnt_opts), .lbs_msg_msg = sizeof(struct msg_security_struct), .lbs_sock = sizeof(struct sk_security_struct), .lbs_superblock = sizeof(struct superblock_security_struct), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0e2f68e5b895..3fd46cd2c4b1 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -574,26 +574,33 @@ struct smack_mnt_opts { const char *fsdefault, *fsfloor, *fshat, *fsroot, *fstransmute; }; +static void *smack_mnt_opts(void *opts) +{ + if (opts) + return opts + smack_blob_sizes.lbs_mnt_opts; + return NULL; +} + static void smack_free_mnt_opts(void *mnt_opts) { - struct smack_mnt_opts *opts = mnt_opts; + struct smack_mnt_opts *opts = smack_mnt_opts(mnt_opts); kfree(opts->fsdefault); kfree(opts->fsfloor); kfree(opts->fshat); kfree(opts->fsroot); kfree(opts->fstransmute); - kfree(opts); } static int smack_add_opt(int token, const char *s, void **mnt_opts) { - struct smack_mnt_opts *opts = *mnt_opts; + struct smack_mnt_opts *opts = smack_mnt_opts(*mnt_opts); if (!opts) { - opts = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL); + opts = lsm_mnt_opts_alloc(); if (!opts) return -ENOMEM; *mnt_opts = opts; + opts = smack_mnt_opts(opts); } if (!s) return -ENOMEM; @@ -741,7 +748,6 @@ static int smack_sb_eat_lsm_opts(char *options, void **mnt_opts) kfree(arg); if (*mnt_opts) smack_free_mnt_opts(*mnt_opts); - *mnt_opts = NULL; return rc; } } else { @@ -784,7 +790,7 @@ static int smack_set_mnt_opts(struct super_block *sb, struct superblock_smack *sp = smack_superblock(sb); struct inode_smack *isp; struct smack_known *skp; - struct smack_mnt_opts *opts = mnt_opts; + struct smack_mnt_opts *opts = smack_mnt_opts(mnt_opts); bool transmute = false; if (sp->smk_flags & SMK_SB_INITIALIZED) @@ -4586,6 +4592,7 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { #ifdef CONFIG_KEYS .lbs_key = sizeof(struct smack_known *), #endif /* CONFIG_KEYS */ + .lbs_mnt_opts = sizeof(struct smack_mnt_opts), .lbs_msg_msg = sizeof(struct smack_known *), .lbs_sock = sizeof(struct socket_smack), .lbs_superblock = sizeof(struct superblock_smack), From patchwork Fri Apr 19 00:45:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908561 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EDEAB1515 for ; Fri, 19 Apr 2019 00:49:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DEAA128B1F for ; Fri, 19 Apr 2019 00:49:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D302F28B9C; Fri, 19 Apr 2019 00:49:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6370E28B8F for ; Fri, 19 Apr 2019 00:49:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727068AbfDSAtN (ORCPT ); Thu, 18 Apr 2019 20:49:13 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:35900 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727069AbfDSAtL (ORCPT ); Thu, 18 Apr 2019 20:49:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634950; bh=XgvZ3rj387jRjl/mTxiiNwjJyuYQ67qm2e5z9K9Qfis=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=NIAaceYRZuG1Bb1pZ40MysyMH/6hvvgPHX6MMA5yY9dMSfbnFgXW/Mral9I+eT/Ks9rcCvge+qMUTJOMWHMRPUpdTeVbTgOT+UPZwQb4bCa7lwAGhY/IzXbRaKMkU7hmLkAxx9hqKa2MyeymTJJ8Rv7vPTOHyBKv8sfDGRIg+3yBegBU75O5PthXtPJdvVfgK/18/YOTdNO5WXiTdlg0LsRZFCkKOdfP8Yc0+NuRJZ8gQGczIfHemPmbMg1egJejCxKd6Jk/Hy8En1As0t7m851bTsm3For+hpZ22xCGxP+7QacSMW7oZmP9FgdBw8tyF7wE5bz33vTHEQwVpgXbjw== X-YMail-OSG: UCEo2GQVM1kc2pf3KtfEYPnj9xYYlnK2hjhZPqRtnNRLzwxNkAorR59Ma82e2V2 9KCB2k2A6upDFQJ2DppKQIbL6QFG.8ddibkHciDoEk5WYOtbYlA8nNKQe1StHt7ksAWLopj9Lhv1 wX6f.JrY1CwXA3w2EDSh2A9B1vRBz9nxECqQQSgy7sgohZT5uDstcJt4fx1anuvL.VZyTsTtrBPA YqVF7ce1i5bX6pmpNBaXN.FDok2t6OD7SO1yytj8NYL90Q1DlaWGhmGS1gTzduff0viL1XZl1FrV c3NJqaD2zzU.U6kL1JcwlcQquEdIAuvvzvkH33vOklMyIqoqtsF6WeKD35.7kYLCvVyUtwgh_3TS l5yncG1teILzMYrIQZhE.2AJ_IbmSW91Iu300eAWKciqd4CTcExGjB7MlfjqC0CoUz_F1dJ5mbKn WtXhCNWJv6KQSuvmwOiFj0ih3tB1nVILAmw5BmCDybK3O5HD5BZidITZ1z2C3a4S2xpWJuCsPbid 7ipWbNbzA4CSUNYCCNDRTyf.aNC1NWMvBNO6.o5G0AtSQzDJcGByNtk4kPuN_p6M_4RERx843Xk5 .ZUqL5W9EeZ0o6MgdanDB5KOtXCuEHlo8hH1HJimisOu6wbx5fLIQ3sviz0Yw7ir_Ab0eBMvAF18 MkjzypjCyWjWn369YZB5_UwvA.EloqADDFN7TKu36U0r_Ijuu8zrfVUYOHdg2ZGE_pdyweWhbLGV UsrEXqQIc3VoIxjTeFYCouQCcDUQnKQW._jt8h_NxhKWhxjM0w6f.gtzrh3T6q_z938oaAfDoYCA 4xf0b0xDLmRARrUHanwNlyNNI_YcXYIAMFzqiRnd6ndHKdBm6iV9507DUDldsKXhmXlPzpMBQ.8N 1NLtg5gUNs3Ot8J4Dijue.1R8IvaZo9tkgnxrtHP87ZFb4l0fbYW8Sqdq1kQK3b9KL54emP6v2jb rDt3xbGJUxWRR2TbixZeo6JdvSaEaNH8Hzs.K07tWb46UEsBGRXBKu5SHq.TCdAyu7vYxU8AuWVC oghdPP8w4A1SV3hVfQR_sTKE3J.U1U_DVMFn_S9VfuYCVicn2GLmTMp3ms.WYObjvtpXzW.2zIEh OarGnx8afrT.NLVGGS3j4w5uWsKUgY1dRSTG0dPxvOfQpSMdYmblgp2wBcuuX14gO8zlPuTOVTfz _0yscGdMyI931Jw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:10 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp419.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 524225efee00edb3a1e75559f6c5c8ed; Fri, 19 Apr 2019 00:49:06 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 72/90] LSM: Fix for security_init_inode_security Date: Thu, 18 Apr 2019 17:45:59 -0700 Message-Id: <20190419004617.64627-73-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The code assumes you can call evm_init_inode_security more than once for an inode, but that won't work because security.evm is a single value attribute. This does not make EVM work properly, but does allow the security modules to initialize their attributes. Signed-off-by: Casey Schaufler --- security/security.c | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/security/security.c b/security/security.c index 63b001e60b59..1a54e7b1196e 100644 --- a/security/security.c +++ b/security/security.c @@ -1102,11 +1102,24 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, if (unlikely(IS_PRIVATE(inode))) return 0; - if (!initxattrs) - return call_int_hook(inode_init_security, -EOPNOTSUPP, inode, - dir, qstr, NULL, NULL, NULL); + if (!initxattrs) { + rc = -EOPNOTSUPP; + hlist_for_each_entry(p, + &security_hook_heads.inode_init_security, + list) { + rc = p->hook.inode_init_security(inode, dir, qstr, + NULL, NULL, NULL); + if (rc == -EOPNOTSUPP) { + rc = 0; + continue; + } + if (rc) + break; + } + return rc; + } - repo = kzalloc((LSM_COUNT * 2) * sizeof(*repo), GFP_NOFS); + repo = kzalloc((LSM_COUNT + 1) * sizeof(*repo), GFP_NOFS); if (repo == NULL) return -ENOMEM; @@ -1117,18 +1130,20 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, rc = p->hook.inode_init_security(inode, dir, qstr, &repo[i].name, &repo[i].value, &repo[i].value_len); + if (rc == -EOPNOTSUPP) + continue; if (rc) goto out; - rc = evm_inode_init_security(inode, &repo[i], &repo[i + 1]); - if (rc) - goto out; - - i += 2; + i++; } + rc = evm_inode_init_security(inode, &repo[i], &repo[i + 1]); + if (rc) + goto out; + rc = initxattrs(inode, repo, fs_data); out: - for (i-- ; i >= 0; i--) + for (i++ ; i >= 0; i--) kfree(repo[i].value); kfree(repo); return (rc == -EOPNOTSUPP) ? 0 : rc; From patchwork Fri Apr 19 00:46:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908549 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1249317E0 for ; Fri, 19 Apr 2019 00:49:14 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F1FB828B8F for ; Fri, 19 Apr 2019 00:49:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E646828B9D; Fri, 19 Apr 2019 00:49:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8AC5028B8F for ; Fri, 19 Apr 2019 00:49:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727030AbfDSAtN (ORCPT ); Thu, 18 Apr 2019 20:49:13 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:42895 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727065AbfDSAtL (ORCPT ); Thu, 18 Apr 2019 20:49:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634950; bh=E0tCQDUWbNPu0uHhuqprzqFCq9/uRZl3GZh+KPSBEGM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=ON8R6RF/4VHxRxP2BJvwXj0Zlc/QG/RWWUTtfSlkoi8tI+hIEmbh4cBX3BXdVvFxsSRx7YZLSK9oQ3/OtU7r6TUjbCxaCTtvpuLwhzPtN4bGBpmhUsfO3p29DpqCKP+Qbimud6ktaPHtkEIN3labhzKj8ss7KYN7z5gM7SZtyt5WobPiFg1R9DODiytYKIuDqoPwy6Gi+ytOLy9corw59i+QvX9eHQAYgf9GOMM0JOR8WQmY2jIv+fEQL9epw4o8Xa+E3nv7ymS5WtA0cHHoerMLWtbC8TOQhGN+r8T/DkrZaBBVikUsHnuF1jvuWOdFDrwQ7WyrQ/+oIMa0BfSeCg== X-YMail-OSG: uiG2Z.sVM1kRKn.ZsvXYmTyWHz312fQBpsm8QNeLQwM2QZjLKH1Vr9XiOD3OCk4 OG5bKTf0UKx.ym8JFHH1Mqplbd1Rl.5S9phWfmu_2Lu_kp32_c4RZxgSvp1Wjh8QxAnxUfA9QQIP pPnk_vPqtoJHA5nEcTemlfWw1Mcsw_0ouSTppneqFEKSkQmiObozPIXjMdgBaPudIh9Xp76l4xsc nYdQ6FGbw8R3bp8Q4F6hx3UJzWQ4q4nom2fQq.XTcXGjhnXsImpfzRwCaVI1BE4pZ3zPLs0TdFMn RTVYFTVdjYTtvN8PKCNbvdXAz96_1EThy2CZIZdu39VR3C0J267TllXtiQKVN7JNwWkX4BF4tDop PPgLniOTl3Pefhv.lomS9TDoGMsWTl_DWuBSV74FUzR10up._oHSlyrSTDQDj_rWBfZAjL7XgXa_ rTBEAq8p3dJRQQKpUiaS0YwLrCjTvvTT.k.JJcQK7Pbid3tUFR_J8N5Fl_aB1Tg6eYo9GRTzzGoq 6M.zOKZ7KPx.0VObxrh0AjW5xZCaH4cx7S3MRMMhTxK4qkfhr0xRcCWUgSOTTsQVX7yx4J9_GFju EcpGbWP9xAWoIdwjAcjQJbPTTUUQPPd4UMUfo1_3oyL0_Ku94_0qzIvCtrgjm9aTZNPxb8JdE._6 ZoAn7PaIVSvqzsJvvXiXfueenZXEezLfmIhS6W7j2GBqzVmqDleHXXVKFXId4NBYbULuE1B3YlC1 2bn5xVWR0d.Jm3kT3VDjTFgiJdZT7652V.o5OskifreS3fvAfq_qbWlGIBoKqHjy4Vt.EST6biQF djImMH6ZyzvNMWZAErYXKhmYAiUcXjUwFMR50hfuLGvQh_ybPLooFrsfHzurczaL6SwDsHFaRb4i Uz2RDGHVvcvQtSP17szRe5KQFI7IM3Gx5VO8Qt14RB3RpNK97Qaw7Fzpl3qmp0SxZ7U1ywLB81GQ eeBky76nZuP85_bT2OVbdSTksDvZfwsJIC9J1tNfQJRdJxVfFyuFEVDjTzTApvgsBW8D3kVtxzs. DR63uCFTf2tnUfJJC.L9xh4FS59qQ2EKbe4DAjnuc1iOO13TrbPo2vkbTIZws_jQ2sDXzaiczU0Q 0Mr0DK05mmdqofVHq9fAjkebOC4G1uBgPKC.JVeaslQq48L4UwpGyQF6REq.xVjc- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:10 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp419.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 524225efee00edb3a1e75559f6c5c8ed; Fri, 19 Apr 2019 00:49:07 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 73/90] Smack: Advertise the secid to netlabel Date: Thu, 18 Apr 2019 17:46:00 -0700 Message-Id: <20190419004617.64627-74-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add the secid to the attributes shared with netlabel. Signed-off-by: Casey Schaufler --- security/smack/smack_access.c | 8 ++++++-- security/smack/smackfs.c | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index fe2ce3a65822..0764bb85daee 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c @@ -549,8 +549,12 @@ struct smack_known *smk_import_entry(const char *string, int len) skp->smk_known = smack; skp->smk_secid = smack_next_secid++; skp->smk_netlabel.domain = skp->smk_known; - skp->smk_netlabel.flags = - NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL; + lsm_export_init(&skp->smk_netlabel.attr.le); + skp->smk_netlabel.attr.le.flags = LSM_EXPORT_SMACK; + skp->smk_netlabel.attr.le.smack = skp->smk_secid; + skp->smk_netlabel.flags = NETLBL_SECATTR_DOMAIN | + NETLBL_SECATTR_MLS_LVL | + NETLBL_SECATTR_SECID; /* * If direct labeling works use it. * Otherwise use mapped labeling. diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 28c567465f6c..abaa5325c32f 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -2953,8 +2953,12 @@ static struct vfsmount *smackfs_mount; static int __init smk_preset_netlabel(struct smack_known *skp) { skp->smk_netlabel.domain = skp->smk_known; - skp->smk_netlabel.flags = - NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL; + lsm_export_init(&skp->smk_netlabel.attr.le); + skp->smk_netlabel.attr.le.flags = LSM_EXPORT_SMACK; + skp->smk_netlabel.attr.le.smack = skp->smk_secid; + skp->smk_netlabel.flags = NETLBL_SECATTR_DOMAIN | + NETLBL_SECATTR_MLS_LVL | + NETLBL_SECATTR_SECID; return smk_netlbl_mls(smack_cipso_direct, skp->smk_known, &skp->smk_netlabel, strlen(skp->smk_known)); } From patchwork Fri Apr 19 00:46:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908557 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2E0D317E0 for ; Fri, 19 Apr 2019 00:49:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1F27A28BAC for ; Fri, 19 Apr 2019 00:49:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1356428B9F; Fri, 19 Apr 2019 00:49:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3FB3D28B1F for ; Fri, 19 Apr 2019 00:49:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727069AbfDSAtN (ORCPT ); Thu, 18 Apr 2019 20:49:13 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:36389 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727055AbfDSAtK (ORCPT ); Thu, 18 Apr 2019 20:49:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634948; bh=2i685M1eG2IMjP8G8c/VGp+hY4YBwtj8BDfBKWWf31E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=AxAAR7ul0jNwVxu8TKCgLkmEaHshny4a9q6baVXT3guKsnlgF5ytkdr8mWzRxjIKPVs/zSKx2/tJvipMXtJ72QB9o0HN8dvebY0FjA5ZiD9lYIzkuWolo/orM9siJRH/1OuidKGR8NV/AEmOapxyoo1LH0psX9xh690ANzdWjH12ffC/E2BbAHvGGI0IRmZN7WjSAZPaMIdU6gjmIi41oRVCZOjRxqQFW9KEnVZPFw1/i6+fqEdcnzOY0OlIFoBUDNjODhU+Xj7d1mmlMGhmZFLe1gDQsc3xFcMAOMhH9imbK8wbMdPxgbj0tfMb9E1kkH8w2jHimigChlZ37Y1tGA== X-YMail-OSG: bUDfF4sVM1kkD6PcDoB_Oug6DbRkVon2yThd1N9xX_X5EGaIDrpIu0GrMN1GX1v ..q65e2gSxsTuK.R_I5XZbgxUvzrrIsPKh.xg7IdQxh5qXMASXhHxgASSE8FYOSCnYQ8ZwSJwkFO MgDS306ZPmDyrtooO4xixYq1QeIWpK9xXP8n7uUF5jhJNtooQt8vQJjwyr5gNFszhxk7l.jkqb18 _j0fyGc295btQvDs4_cYYCwB0bEglvimuoNfIjZ4aeP326hymoaVpZEGmTDWdo0uUgJnCq_XMyje vwJS_O5doVXatwbMhQW8Oy6_RGXedZMDwJJCRrw4svI7R2ug9_ZEMIwl43P8nexAwsEI5o8K1z1I gb8wZ2J7ev6nZrKuq8k0cMRf7I4cBZjybYnd_WGpCLnt0CFdiq70LAo.hr6CyBiOGypuN252Ksas Huo2MMVVThKp1_hyY9WBWXeKZbZpP77VigbzoXQw8BpacyosHh2LFSEZJzBqweqHjoE5expWOYr2 3NFL5v7vafGkPBxxbQtwuQLYr78Ly5r3G0NQFGSNbtgXHQMMzvkyK29eKd2P_s6VoA3HD4yEqT_N L5zlDKgUAzlMNDfcnc0iZz5JXGms3IigxBGwL7sCx.5SVEyNevGfdVtghe2HGR7NWeGINbiBi8kh JA2seJm5rJo3feLI99n06AOB4__H4OHhE45jeaP2Lhd1TxbgAhgAMeGMFnXiQXbTFffl.582m0NO xJgSqphZ40h5bThUDxZEkfpuvm5LLoGne2ec4MAK.6J976u0RxH5GdoFaTTcQepmR6oNR0sJCiLq ZDmNC_FbpGie09QidHz7gLIqV.mYYw_RKMhEevg4x1ambmzSYhr1LVhEF4vt3kShN89SMJv0pwCl 7SEhgtqp79yMg9sM8qZlGoGTuqMcVJivsYFee8M23FGD7Lzm_UEY1yLjYMgdhOFGyMceIU9zIGYj LKJLBltB2EYOgL2YtWETheYm8d89nK7D3dRIMzhev.c4GO3y25Z5aIqF46I4is27HFJLcZBpx_MB chibMgUKev_teVABhxyK8G48ekdqyjhIJwX89y0V4LogiLAK91eB3Rh1NItJXFqmIS.3dM7ZRhKf YBRma.4oJrhflmzSAHFttGDwsP2PncOZSDya9vhw9YGBlWI9bEjWehwkz.a6W64ydRBZ9shTUUN1 wbcWLo9tNf.2YKg-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:08 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp419.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 524225efee00edb3a1e75559f6c5c8ed; Fri, 19 Apr 2019 00:49:08 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 74/90] LSM: Change error detection for UDP peer security Date: Thu, 18 Apr 2019 17:46:01 -0700 Message-Id: <20190419004617.64627-75-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP security_socket_getpeercred_dgram() supplies secids for use by security_secid_to_secctx(). Sometimes a secid will be invalid. Move the check for an invalid secid from the LSM specific socket_getpeercred_dgram hooks into the secid_to_secctx hooks. This allows for the case where one LSM (Smack) will provide a secid and another (SELinux) to have an error for the same call. Regardless of which LSM the caller wants to see the peer security attributes for the correct result will be provided. As there is no longer any reason for security_secid_to_secctx() to return a value make all the secid_to_secctx functions void instead of int. Add checking for a invalid secid to the Smack and SELinux secid_to_secctx hooks. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 3 +-- include/linux/security.h | 11 +++++------ net/ipv4/ip_sockglue.c | 4 +--- security/security.c | 7 +++---- security/selinux/hooks.c | 13 +++++++------ security/smack/smack_lsm.c | 17 ++++++++--------- 6 files changed, 25 insertions(+), 30 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 34f98cfe2ffd..0bb064c8b2dd 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -883,7 +883,6 @@ * @sock is the socket * @skb is the skbuff for the packet being queried * @l is a pointer to a buffer in which to copy the security data - * Return 0 on success, error on failure. * @sk_alloc_security: * Allocate and attach a security structure to the sk->sk_security field, * which is used to copy security attributes between local stream sockets. @@ -1699,7 +1698,7 @@ union security_list_options { int (*socket_getpeersec_stream)(struct socket *sock, char __user *optval, int __user *optlen, unsigned len); - int (*socket_getpeersec_dgram)(struct socket *sock, + void (*socket_getpeersec_dgram)(struct socket *sock, struct sk_buff *skb, struct lsm_export *l); int (*sk_alloc_security)(struct sock *sk, int family, gfp_t priority); diff --git a/include/linux/security.h b/include/linux/security.h index 8eb849d71e9d..99f9824ec230 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1288,8 +1288,8 @@ int security_socket_shutdown(struct socket *sock, int how); int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb); int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, int __user *optlen, unsigned len); -int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, - struct lsm_export *l); +void security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, + struct lsm_export *l); int security_sk_alloc(struct sock *sk, int family, gfp_t priority); void security_sk_free(struct sock *sk); void security_sk_clone(const struct sock *sk, struct sock *newsk); @@ -1427,11 +1427,10 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __ return -ENOPROTOOPT; } -static inline int security_socket_getpeersec_dgram(struct socket *sock, - struct sk_buff *skb, - struct lsm_export *l) +static inline void security_socket_getpeersec_dgram(struct socket *sock, + struct sk_buff *skb, + struct lsm_export *l) { - return -ENOPROTOOPT; } static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index 56035b53952d..ae69718d87ae 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -134,9 +134,7 @@ static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) struct lsm_context lc; int err; - err = security_socket_getpeersec_dgram(NULL, skb, &le); - if (err) - return; + security_socket_getpeersec_dgram(NULL, skb, &le); err = security_secid_to_secctx(&le, &lc); if (err) diff --git a/security/security.c b/security/security.c index 1a54e7b1196e..0bbe0dfd3cfc 100644 --- a/security/security.c +++ b/security/security.c @@ -2402,12 +2402,11 @@ int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, optval, optlen, len); } -int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, - struct lsm_export *l) +void security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, + struct lsm_export *l) { lsm_export_init(l); - return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, skb, - l); + call_void_hook(socket_getpeersec_dgram, sock, skb, l); } EXPORT_SYMBOL(security_socket_getpeersec_dgram); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 86578f7de131..93c3982d940c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4939,9 +4939,9 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, return err; } -static int selinux_socket_getpeersec_dgram(struct socket *sock, - struct sk_buff *skb, - struct lsm_export *l) +static void selinux_socket_getpeersec_dgram(struct socket *sock, + struct sk_buff *skb, + struct lsm_export *l) { u32 peer_secid = SECSID_NULL; u16 family; @@ -4964,9 +4964,7 @@ static int selinux_socket_getpeersec_dgram(struct socket *sock, out: selinux_export_secid(l, peer_secid); - if (peer_secid == SECSID_NULL) - return -EINVAL; - return 0; + return; } static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority) @@ -6313,6 +6311,9 @@ static int selinux_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) u32 secid; selinux_import_secid(l, &secid); + if (secid == SECSID_NULL) + return -EINVAL; + cp->release = selinux_release_secctx; if (l->flags & LSM_EXPORT_LENGTH) return security_sid_to_context(&selinux_state, secid, diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 3fd46cd2c4b1..e18245a52e80 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3988,9 +3988,9 @@ static int smack_socket_getpeersec_stream(struct socket *sock, * * Sets the netlabel socket state on sk from parent */ -static int smack_socket_getpeersec_dgram(struct socket *sock, - struct sk_buff *skb, - struct lsm_export *l) +static void smack_socket_getpeersec_dgram(struct socket *sock, + struct sk_buff *skb, + struct lsm_export *l) { struct netlbl_lsm_secattr secattr; @@ -3998,7 +3998,6 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, struct smack_known *skp; int family = PF_UNSPEC; u32 s = 0; /* 0 is the invalid secid */ - int rc; if (skb != NULL) { if (skb->protocol == htons(ETH_P_IP)) @@ -4028,8 +4027,7 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, if (sock != NULL && sock->sk != NULL) ssp = smack_sock(sock->sk); netlbl_secattr_init(&secattr); - rc = netlbl_skbuff_getattr(skb, family, &secattr); - if (rc == 0) { + if (netlbl_skbuff_getattr(skb, family, &secattr) == 0) { skp = smack_from_secattr(&secattr, ssp); s = skp->smk_secid; } @@ -4044,9 +4042,7 @@ static int smack_socket_getpeersec_dgram(struct socket *sock, break; } smack_export_secid(l, s); - if (s == 0) - return -EINVAL; - return 0; + return; } /** @@ -4458,6 +4454,9 @@ static int smack_secid_to_secctx(struct lsm_export *l, struct lsm_context *cp) u32 secid; smack_import_secid(l, &secid); + if (secid == 0) + return -EINVAL; + skp = smack_from_secid(secid); cp->context = (l->flags & LSM_EXPORT_LENGTH) ? NULL : skp->smk_known; From patchwork Fri Apr 19 00:46:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908567 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4FC9A1515 for ; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3CD4A28B9D for ; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3121128BA0; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CB31828B1F for ; Fri, 19 Apr 2019 00:49:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727089AbfDSAtV (ORCPT ); Thu, 18 Apr 2019 20:49:21 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:41992 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727086AbfDSAtV (ORCPT ); Thu, 18 Apr 2019 20:49:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634960; bh=2VA6uOU/XgMGox11CWNLvwPuLm+p+pPuXxB0AhzGMZ4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=hc4DM13yh1kAZBRI1/U0BFgWXEb0WgA7HAfN+39o+NREL5p6ZEDs40hrolVKthvs+Hzm7EFFWi5f9Vzs9XYB9CYPxNJ4pVR1yhd8esF+nZMW+cYARz/B8CJxy6Ho1HSYRGRsyvEdfToRv84s+u1IgwCm/zA0o1bKRxfPehgVnbI90v+H5WT+IQAiC4lL2aQVLjbL031WduKn4vzzQbIckMbNd0uOi/kpuy0R1HT2qhEB/T2QwXkGfg202zfT9lerVJ8RRp1uL99Qx9BpyaDKjP9ZXdvnXHJqOMUT4io4sxGuP1dogP8L5hLx960FWf7hV2zYZHJ7BibDvOnea0M5sg== X-YMail-OSG: Oh_raLwVM1k6RcadMyWuYLnOoux_iktr1mbSZW9hkfK9JH2y9wTUdymNeBvlD1r 2DhV5LhX.xK2bHfmnlIVMRitxjk3v8Q6nyf_ZqEANEBZjPE.tgLChPLiu0FC0dgBRD7bNWE.Napo krzW3ajsEeFi7bAPFeNFz0T5iRYzHKtLLC03v9fnUI8.L1LI9jogXHy7ouj8KloCt.U6YeACMsAz Zc_fPO_J1vIutyn8VyQYWJ7AFV0lBHr5zTgVf2cavsGs_9C1y1XPrMpKuSqzgesLfJclWTiVzciE swt0BRfeJswtvAOU.zxyir95YJs2VUig_YfDco68t2hVLq3YSzMgAYlug9YqJrZcS2YPY99e1QqQ r2r7Fl2iIo1svU1iuKMA_.sWSAyVn6ytWdZGyJtIhh4jBaM8lHYbdx16FY5O_OAWYLRaPXIj0szZ UPIKwgrRZnEbgL7Dimh9ebPXF.eWLgq8bEqXZ0NwUJo547qg6ItABS1MH4eZNFqYKaiQunx0Oo7L BZhszatRHxukBv4.yfz49z7vOl_TknvDnuvFy.3XKFjwXDvKyGp6oEzliKCQH.LTux46VPnsLFsW BRv4we9V.cK5ym1gF6MWBMf_5zS.Ow1shXorVD8T1.655Z.IN2Nmr2yn6aEFBjrV5j77YTMbUld9 XYzN9BC4gBtgeLSWLafo656SzfaemrJ9DkY33bL0E1IBTsKmpIwAoC3xTKZqIRJo7Cxh9rMggomX SbtDrwwScbKdgGeOf35G_Qu.Z6wjK20OFFv4TJyqvZx8wNdfuLhNo6XhEEaS7QlvQrLzlM5EtZgv Zzz8kyq72_mzQQzSno7VUwrfi544DBEVauKRZJh.zBmK9VjkWAzcgyls5l4u5MtcbEVnqihy7qrm vviVjV7i1VfdGXBF2143bg0N90sQbxveOw0W5ffDyNdykqrFgdzSscog871b9D00Dvv0qGibMWSg QABZjESElF_8DJ8E5zDEg83SlneCsUcTDG3zk_a4XL55JDw2wB.uqAi0gGcrgGi0jvOIUXMNkXio Ip_4KG4vn_SP0V6DlU6yGzrvYIm10.HHez0E7ed.jH_yjrU5kI2zaV43MBoL7gh1ZC5_ErTsCBLM zs3AiTQJEOgN25xNsNNpGtiKBZdx7FsNbQAQQwBjnfX9CpYrVq8H9DF7xYoySCAQA5ukZiEPZcJB dPba79qK0EU9v6g-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:20 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp411.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID b2fce6e68c800904f23626e111be9fc8; Fri, 19 Apr 2019 00:49:15 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 75/90] Smack: Fix setting of the CIPSO MLS_CAT flags Date: Thu, 18 Apr 2019 17:46:02 -0700 Message-Id: <20190419004617.64627-76-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Don't tell CIPSO that a netlabel created by Smack has categories set when it does not. Signed-off-by: Casey Schaufler --- security/smack/smack_access.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 0764bb85daee..5fe5c6799b27 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c @@ -494,8 +494,8 @@ int smk_netlbl_mls(int level, char *catset, struct netlbl_lsm_secattr *sap, int cat; int rc; int byte; + bool has = false; - sap->flags |= NETLBL_SECATTR_MLS_CAT; sap->attr.mls.lvl = level; sap->attr.mls.cat = NULL; @@ -503,6 +503,7 @@ int smk_netlbl_mls(int level, char *catset, struct netlbl_lsm_secattr *sap, for (m = 0x80; m != 0; m >>= 1, cat++) { if ((m & *cp) == 0) continue; + has = true; rc = netlbl_catmap_setbit(&sap->attr.mls.cat, cat, GFP_KERNEL); if (rc < 0) { @@ -511,6 +512,9 @@ int smk_netlbl_mls(int level, char *catset, struct netlbl_lsm_secattr *sap, } } + if (has) + sap->flags |= NETLBL_SECATTR_MLS_CAT; + return 0; } From patchwork Fri Apr 19 00:46:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908573 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8EC291932 for ; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8164A28B1F for ; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 75EBD28B9F; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 37E9A28B1F for ; Fri, 19 Apr 2019 00:49:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727090AbfDSAtV (ORCPT ); Thu, 18 Apr 2019 20:49:21 -0400 Received: from sonic310-23.consmr.mail.bf2.yahoo.com ([74.6.135.197]:37269 "EHLO sonic310-23.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727085AbfDSAtV (ORCPT ); Thu, 18 Apr 2019 20:49:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634960; bh=AFDO0iF9+OgK65IBpuL1G9CHqioHua8PTEYc/McmVKI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=Vp93SoQfGoRjotdCMwW1W63+N8zlGmq6F0afcGGHnmIbLIIEBxQqEI0gikgNn1OTs+0IEe4WTDdb3RrfTSywuPDSeRfWdzxeKPJTd0uqjuN0Pp3sAins0iHoqhHAVAMxZy1QmHEuz0nbHPRJCVZElWmpspYzG2s+g7Tt2O9y5q5wWxKSei7bbvXHLi8zk2q4/jq5afJ09GPFq3Tg4XkgCeafpiCNuXdQS6ykRdop5N3qRNVVqLQ8OQrmfBioadwy0ngrtTOJczOE1f6YWeF9c5miPAVhxOUrl2GnQj+gv2CoAugzm2nB/Kl1h8y4rox7NhwswbGPjK59QDK7ojYY3w== X-YMail-OSG: RyQ7E5gVM1nb8ED_Kvl6e6I8vKetjq7lsWhSaVgvcW7ZQHNu_KjXsFHjWlk7gCY ov6Mw44NQPr9AuMu09b3SEE.SAI5qkORBYb6pKZA3RAr.zdQgJtQvaWBebdkXrVCx7V125LBuQIh IsDRUSlPSr4iyqZY4p0yzL2zM44.AnGZGvc1I5QXggd0VSHz5s7PNXzUXhbttVjislCZ2sTaFRKq dOYmSrgX13zP3lZGA3oRrwxWbA.amJrYIsasR_HmiHrPzw3CijVUaK0yDSGAWzDG8aZKbpcWvGKe bhEs5.npt76yr.tTuiiIRGxSIZPomJr7xTFeHLRCn6EbAu7Y5rxwrwVk79moCjlqG2ACSNPelaw9 n_W35B5LPUff2AtTR.yj63ZmCn4gr54nufmIfU8FDCBbb7nf2tu0fJn5gi.g.xhSwWSvgx5Kmzxu fdIT_LuyHma296KIHua4tabR30F35ZykcfC1L3yiZNiay7z1P0Q6tnff4U93g9DQPhSfjudkVPtP uUthIxNNBhpuQx6gppW8.k1MIAJA7A6hIGYIRzY89Gt3YKIYzTAHtCHJ5hnmXZXR1d9DzgpzfkaY NzhkalFbkt7MgrYAAHQqU072orSlzVwsKgdFKtC8wTV568eKWNR6ZL99nUwOm12SO8X9U26mo2Dw wMFFVQAaCUkZ7r0VbyncZ25kmNQVSE5MsT50HZXepOlVYHMds5kdjO_7CH9OskMq0J3Mf5yV0wz6 l1tBcfpf13VqAW.uobrec99I8Hdso3HjkY4YJShZBYU9OvJsmhy_Yhj2uNEuySRN7vwC9L1bTxos j6iSffmZNN8WUYoZUWT9Y2eTHgQjcprod.ingpcwU4OeOjou8ZzRjSsc3fRkKSXhhXHM9LYkDJ6Y cnHAAiC.T6zcQXQeOa2ChjVWiPlrjpDuPQ3LsGcfCNsH72r7Y7SUrBY1XTnqedqBbVBAsvtVnjxo E5.ErS7B0KXEhWB81dHNICYCZ4iZWcggNu1aJ2FIf31LKXD3v.zK.gh0Fh7gxnn3Qn3W1CLoD_Rv 6Ohb2DwnWtcyArR754xwmYCLEBAv8w26X2yyr07XhnIc8wcv1lgzyEPHpi8mwartuuLdg8F2xcPl jCQIdDOm9UonbFqR5TfsH0z4lSNVXjZENWBu7JCRoqWHbZQGx.4eXqbXFni0J6dRmZN6D1cy63d7 MhBnAp5e0shn5 Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:20 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp411.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID b2fce6e68c800904f23626e111be9fc8; Fri, 19 Apr 2019 00:49:16 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 76/90] Smack: Set netlabel flags properly on new label import Date: Thu, 18 Apr 2019 17:46:03 -0700 Message-Id: <20190419004617.64627-77-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Ensure that all netlabel flags are correctly set on the netlabel attribute of a newly imported Smack label. Signed-off-by: Casey Schaufler --- security/smack/smackfs.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index abaa5325c32f..0abfa4315fb1 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -931,6 +931,9 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf, smack_catset_bit(cat, mapcatset); } + skp->smk_netlabel.flags = NETLBL_SECATTR_DOMAIN | + NETLBL_SECATTR_MLS_LVL | + NETLBL_SECATTR_SECID; rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); if (rc >= 0) { netlbl_catmap_free(skp->smk_netlabel.attr.mls.cat); From patchwork Fri Apr 19 00:46:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908563 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9E7A714DB for ; Fri, 19 Apr 2019 00:49:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 886A728B1F for ; Fri, 19 Apr 2019 00:49:20 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7D31128B9D; Fri, 19 Apr 2019 00:49:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1C60C28B1F for ; Fri, 19 Apr 2019 00:49:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727058AbfDSAtT (ORCPT ); Thu, 18 Apr 2019 20:49:19 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:32844 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726802AbfDSAtT (ORCPT ); Thu, 18 Apr 2019 20:49:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634958; bh=OEjphbUXy3t+0v5Gfp0GLJ88lfThjCKhTnnmvu7zDGk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=oBQDZGUf9lLI+E1JC3uHauUVhSUo2WbmY6CwG2FwmWJ59T3oahBvNGKN2YVVrPe0l4lbyOY6dx1Y15+bE/hZiPcNOVGyT53TocCDM49Ec/JSJFvn4Sb551MNhGbGyZkKHL1LJXYfGyxSpaKrWj/6YAJ9DKIVsu38MwbjEK74RPeQDudxcNqYiMoYRKThSc1+8TQqBrLR5JIwQT2zKl7DZW1toRWf7Zw7uhL466dPRkGszIrmXvXy3stMJLnOJMHb+ZHuNFDOweNxd1Dz846ZpxK5JKjE996abyjoHDsDylmhaS4sIuFGMN0y/xddzB9Xv9y9r13VF10iyB5YewPYHw== X-YMail-OSG: 4m2u2KgVM1koF0jfHfdeQwqxMu8t0gV9AnDlt.9ThOr9TM1QzTlT8gryKeDJap5 P2j_i.TM._aF_EFGWwrpy7G.s5IG5hCiXDUHsRpRlZOcNBYvkp9yW4fai9xpHXqf.oJPDIS8GikV AVoBubB_JJx.h6EhTLsulvhj5DHXVzx0IyhSMEaBqE0Y1y3riXuSdwsUwG6Ic2wMBrlXVFWYg4KC KohyihwevlXmO_H0w2n1VwRBB6R1gGY9eosPFOJsCNFkmJ47x6bLgYUqP_A4J9l9WdCL6ieNqlx2 CKC92x4LoaRMA_80xK04cAR2jSmeL7AqnZO4noSt6hUA2S9_kOiUpy.3BnbittyDZJoBozSmJv49 ricbEDuyYKfiNIMPQu7ryCeKLm7wr9_dgBmy8d.5o47j0p2NWtRHtiGFPlEVfneTYKiU.cXkfvm2 _TbSr2tbfUrg36EHNGhcD1aHiRMHxx.yeAZD2HpdrkAnJfBmG1ngfmKNWkjgWM2oRupp2wnljAPR pCz1zBX3CtrPvl9tx_.V89oeFqWnxG2Vjf9AxEDhDW5GtHpTBpAHDissyx0M6RNaSs9KB6IvQ4W4 bpgzaA8AdNob.kkv43OinxSlfheaxL.Eo2SVqxcS9noq2HGgvaVCkl0vIBiPTVQEg0bo_Uqvu7HM QlQtkpRpsI.uCyst8d1FuzruDhGtdfHsqTWXho2Mhu0qX9.MCRGi_AtZA4FvcwXVAzlXBj7lMulI 2p985kjl9.2DKWxKKNCwvEmqjP95H49vT4tX3jz74lLoLoHoqwDuAcM6E5o5mqwATCxqGiq3p156 53yLDck.ZRz3ZqrCrmHSPX226EQ4X9x6c7cmE3luZaKNgqlZjVUhiswt2yV5sAItJl0rYhTjWfxv .Hds_W5r8mA0l6cKL7a0Yn5Q.sB27r9KFcIJV34wf9taOOTa0GxVa8idYRU0.wcxkpIllABKxx1y SfnGyL3f2YoUmE01UMTM4oY5n23lY1suPV_CoSmo60WZKUQulKsl5okBS8iXht39ubS.SEHWBsM0 NGZcREKRqg7mU2dkcUTE9713ToPIXJpobsn.lFu.0cZBvfBEwmGFqprWscChbOUcOugXBvDCaPNf u9vpeZEG9UsTCGSoCMYRcb29mAU_xwyZlw1oRt5WVRVZVBZ1WzRpaSn_wMf8SpxC_i4RwMu0XMtk 3e7LvvY6eTtmICw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:18 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp411.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID b2fce6e68c800904f23626e111be9fc8; Fri, 19 Apr 2019 00:49:17 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 77/90] Netlabel: Add a secattr comparison API function Date: Thu, 18 Apr 2019 17:46:04 -0700 Message-Id: <20190419004617.64627-78-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add a new API function netlbl_secattr_equal() that determines if two secattr structures would result in the same on-wire representation. Signed-off-by: Casey Schaufler --- include/net/netlabel.h | 8 ++++++ net/netlabel/netlabel_kapi.c | 50 ++++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 546c75f27d05..00000d53cdcd 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -472,6 +472,8 @@ int netlbl_catmap_setlong(struct netlbl_lsm_catmap **catmap, u32 offset, unsigned long bitmap, gfp_t flags); +bool netlbl_secattr_equal(const struct netlbl_lsm_secattr *secattr_a, + const struct netlbl_lsm_secattr *secattr_b); /* Bitmap functions */ @@ -623,6 +625,12 @@ static inline int netlbl_catmap_setlong(struct netlbl_lsm_catmap **catmap, { return 0; } +static inline bool netlbl_secattr_equal( + const struct netlbl_lsm_secattr *secattr_a, + const struct netlbl_lsm_secattr *secattr_b) +{ + return true; +} static inline int netlbl_enabled(void) { return 0; diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index 849064422e0b..648103ecc48b 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c @@ -1461,6 +1461,56 @@ int netlbl_cache_add(const struct sk_buff *skb, u16 family, return -ENOMSG; } +/** + * netlbl_secattr_equal - Compare two lsm secattrs + * @secattr_a: one security attribute + * @secattr_b: the other security attribute + * + * Description: + * Compare two lsm security attribute structures. + * Don't compare secid fields, as those are distinct. + * Returns true if they are the same, false otherwise. + * + */ +bool netlbl_secattr_equal(const struct netlbl_lsm_secattr *secattr_a, + const struct netlbl_lsm_secattr *secattr_b) +{ + struct netlbl_lsm_catmap *iter_a; + struct netlbl_lsm_catmap *iter_b; + + if (secattr_a == secattr_b) + return true; + if (!secattr_a || !secattr_b) + return false; + + if ((secattr_a->flags & NETLBL_SECATTR_MLS_LVL) != + (secattr_b->flags & NETLBL_SECATTR_MLS_LVL)) + return false; + + if ((secattr_a->flags & NETLBL_SECATTR_MLS_LVL) && + secattr_a->attr.mls.lvl != secattr_b->attr.mls.lvl) + return false; + + if ((secattr_a->flags & NETLBL_SECATTR_MLS_CAT) != + (secattr_b->flags & NETLBL_SECATTR_MLS_CAT)) + return false; + + iter_a = secattr_a->attr.mls.cat; + iter_b = secattr_b->attr.mls.cat; + + while (iter_a && iter_b) { + if (iter_a->startbit != iter_b->startbit) + return false; + if (memcmp(iter_a->bitmap, iter_b->bitmap, + sizeof(iter_a->bitmap))) + return false; + iter_a = iter_a->next; + iter_b = iter_b->next; + } + + return !iter_a && !iter_b; +} + /* * Protocol Engine Functions */ From patchwork Fri Apr 19 00:46:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908575 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 58E961515 for ; Fri, 19 Apr 2019 00:49:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4563228B1F for ; Fri, 19 Apr 2019 00:49:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3A13128B9D; Fri, 19 Apr 2019 00:49:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C56E528B1F for ; Fri, 19 Apr 2019 00:49:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727093AbfDSAtZ (ORCPT ); Thu, 18 Apr 2019 20:49:25 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:42917 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727083AbfDSAtZ (ORCPT ); Thu, 18 Apr 2019 20:49:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634963; bh=qO5b58JffRqW0gUzx7cYFmwh1lTk4Tm3ZWXObOuHgSw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=SpMGU3Mqvao8ch6BNEYwaXlCSIrsJR3/AUWwbzQHw1ctyDo768qE+jnQ9fPoLBo73bB94A0639T6mMAwH1tNPwq3etQB/umjztl41JPn5npDmsDxXQpqpAPV7swQDf9r9jdK/HXNDEdOVvbnUbl7GFsi8Lnb99VAd8GsOiBMyejq/OIPYfJ00c453NBj2vb8QczbCGpHy1cnuFYX6XqtEgwB3ROi9y2icbD0sUGxpt0zEeKF6f6Kncig1gmTu1zvG7ERjBJmkFy/udgr4rZlOgPlspVrxCYaE+2kWtI5pnO/hRdZu0RdgbzCEtFV7MnSeDOYH5JNrR8Y44a8jnbRJw== X-YMail-OSG: eXQuaAUVM1k5aMZL7Od6U0W57dAWYQEnjhwQDSPa0eVUdspc0qTBReqLQkPLDep buxXCdKbZgK8NwD7921x5prEMCvU4SAzJ60BCFmZzcW32lmL1mYFZRAxd4j3wVMn3Ag7BX5T.aqP ibXe440mMm42iiZbUQZmPqB0VWB9B7zs3CEQJnaSchEE18MCbteOiGNG5lfax0vHhDqERuOji7Am lDIEk2NfWGkHxKQ3qOh.9JjDqxVPw14t_4J.UsBUcJAIyL71T4g6zOrzTaB0TbWR1TgbpQKUsemC eAV_oFt5SF78iWG4QTac7qdSPF0lexvaDqKm.w0QbMZ7VnNqPqkdp6HDrOAah..v3Gmxw1yNvzGm Ra7ZGbDSdAvkcNngNpQ_xsISxXm9a4d3ZtAKAcVIK9c5FQbVsWFv4.kbVnzgKK68mO2dkOeOaBIB WENW0i58pMd.vhzr9c9_MKPP86PmWKxHXGfb1jkqDvbtTu.lGrKcKZSNkt1UDUbbSTVeUgBtXTZt POGKxjF7cFI79bzMOCuxhNv1.Tp2YZF1WWO8KOP1ouIj4CiXyay201qWlxHtXGJ.mIUQlbUUJGt5 36YBnsgIzcKL5Mf3XO4LCREAb4jtjH9LkHdVpGwuvVWzLVHxeaLxhVJqxbfYX9UbUg1J13_R7G.c pm3cAZc5VNeiblIyg22pK0FhPjsQkgKYOIA.Sra8tT2Td9O0U2yUmwbJhEXNewkOrrzAx9xaHAhN YwcaCKm6MOccP2VpPDPN9o_4.Mb1ibgZeQQd_ZMpmAh6FrjIxI_o95k3SLYqEIl9_DrBE07B0brD yeMr7yKzSynHQsqOyaDIuzFZ.K5SA5C9Be8YAA3fNNAWUkBWIue3cwMMDtGdsnOD7DZTjKRT5KyD EmamoPm4AriI7..X0iTyJW2qAF0o7GqEE5splc3BtIodGyIdhAq7gjhu0CGEhdEhOZfdFrDNXRkO Qh6v_g4NYY3pYYtghqzHDwmKazJYGFaf3aRTXFgCMgSJgwu2dncLDXmiCqG6MKvHXIW9R1RBRz.r B6FR1BvbrHNmCiTpUfRdev0uBeko2cfwzPBgUSl3g1wMWao424Y0WePp.QzKiaATrs.ZBfdRAgnx gufoCaKpxwAhYReXhykKxzitBc_aLn5mACaYwxMZQxQzbuaz_6zSbsJyHVuFjUwY- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:23 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp411.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID b2fce6e68c800904f23626e111be9fc8; Fri, 19 Apr 2019 00:49:19 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 78/90] Smack: Let netlabel do the work on the ambient domain Date: Thu, 18 Apr 2019 17:46:05 -0700 Message-Id: <20190419004617.64627-79-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Don't delete the netlabel data from sockets on the ambient domain as netlabel will do it correctly without any help. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 31 ++++++++----------------------- 1 file changed, 8 insertions(+), 23 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e18245a52e80..ace5b48f90dc 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2403,37 +2403,27 @@ static struct smack_known *smack_ipv6host_label(struct sockaddr_in6 *sip) /** * smack_netlabel - Set the secattr on a socket * @sk: the socket - * @labeled: socket label scheme * * Convert the outbound smack value (smk_out) to a * secattr and attach it to the socket. * * Returns 0 on success or an error code */ -static int smack_netlabel(struct sock *sk, int labeled) +static int smack_netlabel(struct sock *sk) { struct smack_known *skp; struct socket_smack *ssp = smack_sock(sk); int rc = 0; /* - * Usually the netlabel code will handle changing the + * The netlabel code will handle changing the * packet labeling based on the label. - * The case of a single label host is different, because - * a single label host should never get a labeled packet - * even though the label is usually associated with a packet - * label. */ local_bh_disable(); bh_lock_sock_nested(sk); - if (ssp->smk_out == smack_net_ambient || - labeled == SMACK_UNLABELED_SOCKET) - netlbl_sock_delattr(sk); - else { - skp = ssp->smk_out; - rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel); - } + skp = ssp->smk_out; + rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel); bh_unlock_sock(sk); local_bh_enable(); @@ -2455,8 +2445,7 @@ static int smack_netlabel(struct sock *sk, int labeled) static int smack_netlabel_send(struct sock *sk, struct sockaddr_in *sap) { struct smack_known *skp; - int rc; - int sk_lbl; + int rc = 0; struct smack_known *hkp; struct socket_smack *ssp = smack_sock(sk); struct smk_audit_info ad; @@ -2472,19 +2461,15 @@ static int smack_netlabel_send(struct sock *sk, struct sockaddr_in *sap) ad.a.u.net->dport = sap->sin_port; ad.a.u.net->v4info.daddr = sap->sin_addr.s_addr; #endif - sk_lbl = SMACK_UNLABELED_SOCKET; skp = ssp->smk_out; rc = smk_access(skp, hkp, MAY_WRITE, &ad); rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc); - } else { - sk_lbl = SMACK_CIPSO_SOCKET; - rc = 0; } rcu_read_unlock(); if (rc != 0) return rc; - return smack_netlabel(sk, sk_lbl); + return smack_netlabel(sk); } #if IS_ENABLED(CONFIG_IPV6) @@ -2722,7 +2707,7 @@ static int smack_inode_setsecurity(struct inode *inode, const char *name, else if (strcmp(name, XATTR_SMACK_IPOUT) == 0) { ssp->smk_out = skp; if (sock->sk->sk_family == PF_INET) { - rc = smack_netlabel(sock->sk, SMACK_CIPSO_SOCKET); + rc = smack_netlabel(sock->sk); if (rc != 0) printk(KERN_WARNING "Smack: \"%s\" netlbl error %d.\n", @@ -2773,7 +2758,7 @@ static int smack_socket_post_create(struct socket *sock, int family, /* * Set the outbound netlbl. */ - return smack_netlabel(sock->sk, SMACK_CIPSO_SOCKET); + return smack_netlabel(sock->sk); } /** From patchwork Fri Apr 19 00:46:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908581 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B81DD17E0 for ; Fri, 19 Apr 2019 00:49:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A967628B1F for ; Fri, 19 Apr 2019 00:49:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9D81128BA0; Fri, 19 Apr 2019 00:49:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5927A28B8F for ; Fri, 19 Apr 2019 00:49:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727101AbfDSAt0 (ORCPT ); Thu, 18 Apr 2019 20:49:26 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:42672 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727095AbfDSAt0 (ORCPT ); Thu, 18 Apr 2019 20:49:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634965; bh=29V7H+gcN+aWTxtcORV9RWWZhXjh/E92Uaha4IKqRvk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=RkQB256/Gml8mL2A8z0baNePCZJGmXX7Q8uBePJW8vKyUvtBBwTRLOHBTlGxfO2+9Sv18mjlstpY3japhP5NojzkOJtYcdPDsV8cSGO9f4OwrRa7Jjp916cx25xCT+GtZWYN8xDs/QryJxSEtDX1GOOsa/qRT/An9DXbcKzn7NOi0eezZokxJ2acdT/ScI2KbrS7m/lIWT7wnN9UYjvCwuwPmgL2al8d4KyanjWgezB5wFnT8gXYd83XYuMQIRAoNURFy/RJH01PP8wwQJMSzVaX0nZbRWx43yr9E7a7+gexyonPchpuUl0JqTd9zmy1aNYYmyY2IQQaZVjuZMOdYw== X-YMail-OSG: 7UC.jSwVM1n4p2Pe9LZQOarJeatkkLIQCnDom2U5Vh07LXaTi4VOZvBRroPrPa. nFcNDyZRNEm.2j1LV1UUop5ROhU4h9q4_oaMfVqfJ4lMUcYxcHf8cv3_ZvV_p085KQtgQQnjufck X3wgNBKm12dzkt763i1qWFxWct8BaWAEhDe3tPY6.w8GS4WVRBCZ5rFvEDzXXAU0N5TTd11feRCp 8QzQmB_ORN47aAwrrarzeF0_ZixKCw1pG.x4W4l1XzlX.or696ZTvHKyl6cIDHTkRoqtwY7u1P0t Ea.73j.j9eVdG_.UeYkNTf7gU.Hy7_21PWBk8.zBOzXdmgjYFfRhctly1DMXHe_Np60RRgDBd6ho 9t6kvA1fBVNW2r6jDT291VY3BGr1QvYMCUEfNTyxIlh213gNqEvlDZoZ75ySZDdz794MAhBJ3R1T EkJCE9YDo_Vg2Yym3TgCxHbLaGMxq.SeRuHcLyF2Ft5plbpNrGw.G55UDuW0mbIfF67tULh8OI.c 214MU1Z1HZJuUDLluoIf5ueZ3IGzh.UG8B87dHbrZOjHP7yaumtrZGLVRhjuKfENuJO7CwnL8mSD NW6zFLVIMRBNEKfH5Ly5srloST1TwnUHOPcm717hSjWPGt2CAVXjr1L5K3w4VLVk16mY.xF7kuwZ zLRJZyeNKcyvpj3O7RNeD0Xz_kGP1GN9Ld9LnBi6S8fM_HL_cRtM7wi8vfIrs83p2MsW8Qmi1yD_ C1kS5YFv1MezcYmqEWRz.C7ZEMyUFFfRN_8QE_H9mDOapOMzQhQ_DodW2JfxCshxaXQtdIl5Tr.H MZL6bkJg3e_UDnTeQFdNkCIqgDb4AzDWUZIpTluxcFAw1ORMVPehOkPtQ2.2uN.ZTkUZMKYQVvv0 cqT2Tcye1u85sZj6gUMXJz_Qh20oVuvW2yKeCNZ4ydH1H3s0mIC3BETPIgfHYj9r.BlbJ_gOie21 PsEwpwqLSk6VjsQ9F4nUDhosaxM4cFtKVV3kok3f3wKnVm2ZLzk7li9pvoibLP.GRvZJZVEdFWo0 asY0inOObXOkFOUY1Lir_EMNxvHrY8TQGcgPyvljY_38bRaaC2y6V0O96GrKGVT33NBmk7N_Iemy 27WZqG707A6prDvvIBapAF.Da1_l2Xgv4PVuSw4jYyAY_TKgtfBxpfD90TV3OPzE9ef3_cWqNHaU 13V2xbBGlbDZC9w-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:25 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp411.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID b2fce6e68c800904f23626e111be9fc8; Fri, 19 Apr 2019 00:49:20 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 79/90] Smack: Don't set the socket label on each send Date: Thu, 18 Apr 2019 17:46:06 -0700 Message-Id: <20190419004617.64627-80-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The socket does not need to be relabeled on each send. Remove the code that does that. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index ace5b48f90dc..25b5160e343b 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2466,10 +2466,7 @@ static int smack_netlabel_send(struct sock *sk, struct sockaddr_in *sap) rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc); } rcu_read_unlock(); - if (rc != 0) - return rc; - - return smack_netlabel(sk); + return rc; } #if IS_ENABLED(CONFIG_IPV6) From patchwork Fri Apr 19 00:46:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908585 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DE34917E0 for ; Fri, 19 Apr 2019 00:49:30 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CE50C28B1F for ; Fri, 19 Apr 2019 00:49:30 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C2E1028B8F; Fri, 19 Apr 2019 00:49:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 82FED28B9D for ; Fri, 19 Apr 2019 00:49:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727083AbfDSAta (ORCPT ); Thu, 18 Apr 2019 20:49:30 -0400 Received: from sonic317-33.consmr.mail.bf2.yahoo.com ([74.6.129.88]:43094 "EHLO sonic317-33.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727095AbfDSAt3 (ORCPT ); Thu, 18 Apr 2019 20:49:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634968; bh=4aXj0qNoXdJzkkLTQx3Pn2N2wTtQ7aiN3OSHPR8TXCE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=KZwMdho/mJCeF0GKvf1AkjMz76KO01cahxacIU6CeMleA7i9/LObwSoyzGwCLLkkJ7j4CEW+eqBdkYPjUwRx8pnFuskqMcFjodk3Ei1Hb55G3ohzgtKQaEQiloX9z464YkbBNnc/SRggVu7xTH36WuZ+rrcD1MnL2ivK/0LSmD3DN7a/aSwouuc3NRFs+3RYyPv769Mvy7/C4owq4vxZ76k+qMcOcSVAU35BtZKcYxcOndHPz0gbWpN0X5qXuRlYBnfx6zJtMjcRRt9z2v5pMUUW1DOwkh/SbfSnc1GC7qkV025czQ7YTf6W9QQBliphSo+vfFnQoSX0ubnSxpD49g== X-YMail-OSG: hjY0AuQVM1kzjIB6acXNqg.f9JJ5ho.z2RgOyh6U7uJvbVK.V_h53EsFC0.LKUl ovRoHdBNg6sw7bwIUmbU7ROtSzb.p6RzvRNY_HXS_0uotGiQvHPtvnSPZk0E4Ew9c5RYOXMI3668 MmrBPcEq_zHPbKtlV5BqZdXbPwP4JmPu49yQVI1mGGiYN7U_zwgMgp3lbyaDcJZXRSunLOQfVHD9 F4xwnZs0oOMj.7eoC._EIQSoVosXAvAVWOjuSrfYZHH.MVQp81ActhRaaPGX8Uwm4wzvysRhuhyx kvVZSpgherYRUoue4M6E7pqCvrBfy.mlZtraLX8t3dZT9AwVCaRvY36kMmfB8ryEPzAXFooSxPMH 98uVGsxQ9OJVyd9naYS1MYMCT0TF.wul1QtESJ5xsMTRCs255bgVxQSnn7kjPX0JjOPi4_9gAWv_ _Z5NdQ7A7vhrNyzdJoNRTFcM2x4SKUSBDUwXip58eThq9EUG5DvHnIGybvleb093K2TTnx5jnq45 Lqtadl_oxOjQw8F1Bx6KS5hTjJg1RQAaduY0XERXzGtWKuD32XX.afRthQUXDSFVQyI9itKsuu4R NiqYDPNCn.r1Mua73ON5gGc_XO1loxKqtJjjLe2uRaT3seUO5B4Bb5fIfFxumjHnE1uL4VjGMQyN gxdL8.EthwwmADAT5ql.4EMrRKR78sUsc1OFSjPE89t6qcVm9x9ZC4vUMPRMHfB7PPSbeOUb0O_3 5daHrsNVyDM0IxfZ4MDlmEKXbfvLCZswtTFxHwrHvaGDY4QrFVbo0y51vQEjH_dNPJKRD7AaFLE8 qpyYYGUnY716Xs6w3CFFvMj_MiRzfKDor3QfmpYk._WuD8KmeTLAJSk2_jmVkUpJ1G.9TTByoyo3 GLP1B5a2LtWqy61r7Oxi7iwnWDrx39gkPZxq.7u1z1S0ihtUD9oeblcM7eeFUvE9qMH7G59AXx_O mI3Wtcdnsmqphkj7hkvsIFXFAcSRE339kuPF30Qf4iJP_igTh4eawOnDjcyf__YyBtv1M2KLgUY9 5CnrdG1te1aEfFbLMZN15jr34MsnfE8_mypyAHZnUhJS2o6JiYRhCUDXrSWu5kV3kifgkBoFsSwe 1vzrAqnw7MG5G1h_wt66RnGW7FmZjBjvBO5wJ.BhD5girKqVK5VCKryMRo82S1w-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:28 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp426.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID cd54bbdbca338d2b8f0b466ae999e136; Fri, 19 Apr 2019 00:49:27 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 80/90] Smack: Let netlabel do the work on connections Date: Thu, 18 Apr 2019 17:46:07 -0700 Message-Id: <20190419004617.64627-81-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Rather than removing the netlabel socket attribute on connections set the ambient domain. This is more in line with the way netlabel "should" be used. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 25b5160e343b..337a05c34931 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4143,7 +4143,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, if (hskp == NULL) rc = netlbl_req_setattr(req, &skp->smk_netlabel); else - netlbl_req_delattr(req); + rc = netlbl_req_setattr(req, &smack_net_ambient->smk_netlabel); return rc; } From patchwork Fri Apr 19 00:46:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10908589 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DB18017E0 for ; Fri, 19 Apr 2019 00:49:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CBDCD28B8F for ; Fri, 19 Apr 2019 00:49:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BF81328B1F; Fri, 19 Apr 2019 00:49:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 633CB28B8F for ; Fri, 19 Apr 2019 00:49:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727095AbfDSAtc (ORCPT ); Thu, 18 Apr 2019 20:49:32 -0400 Received: from sonic308-9.consmr.mail.bf2.yahoo.com ([74.6.130.48]:42276 "EHLO sonic308-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727102AbfDSAtb (ORCPT ); Thu, 18 Apr 2019 20:49:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555634970; bh=WeQ9/eWmuruZSiDJgZFggZKJXxBbEdWiScLQJMN/Pb0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject; b=nQembyU73CSTwi6in3h5bINBoTRHaImC16svWcS3mMfMZf4FWLoISWVx2xFKsBS6lBZ8oIRwnwPM4g3GE8F/VrRKt6dH4Ckvm0KyaPLZW9Tk42csPEH8qdevfJsYp36PXJcSr/nB+keqrLcC3LhXLgJk/jFhsz1n8on85/wf/bpWWAoYVpyMj6BoAvRyrf5OKqDjGmlLH0/TwSP1NLK0z5QrgGL3TBnS12UeRVr73QQ3XC0Suplqmh3wQnVlkC7is8ly/0mUKHy5VZF4tjSes4qVu4H4XKGaIVCY2OhiitRbGpyom/N6hcEJXsgGTW10F+IUU27C/qaH+sVZGowyhw== X-YMail-OSG: pqax2xsVM1kjHojgrI_08tcscmoz0O1GtEDpnDx8FN0pOCALbBRW6Lc4o4dHctj GYM2yWGYO_oJv4E2ODc_.e0d74_bs02ccKfhQRKTZc8XRfeVMx448.YoS7EbWpiWh4N_toWUzJ7S DKFOGkE1do9KUjtgSoIpQXy7HYGpqm4nJRI3K.JLZ_JLahT9dZ2b25WgA3BAb.54pK7LaE1yZcwT tUeNOqiWAJyhhnN4bdYb_6XHLPtrAoaK_wlUazyINn1rLT7viSnyswJpPjiK7clRyCiusQVe4WDO GNZEtIfnGG3NHRMvIX1GxLxW3Rh6Tz6rK_wfZxCXX6igaOkFRs9NhDk2fWoUHk_Vnw4teo6VBQ7. 04A2ogrA02o3zGBQZhlozwcI.w_mAKjfPzjlAe_nxE3NyFIRH8Tx2KZpW8AnHfHtP_N1HG80ctWZ OKCBdnyCEBtynb4FllNPyjEwHeIp1l8CLaqNs1Y5ZXq7deDjmDjlY2n3a_bG6TuTI1hvKouVPBWL PSBKhGLV4lnusnSzAl0LjipgsWNCHQPkh.P_fxldBJ2zFfGNwvMxFbfpSNVk7fThUoDtT5MZ8IyW 748IXNtE_BnZhPziavUedCeZrBkUD6QnSrsd8d6hGEh7whz9vnuHt9F6jAh6qD585moX4rpyh3K1 5NTBmelhxUTafGAa1qaN0YbHafS12AzAl6ylrLetikAyxyYI2qRFK3u6PASvkmi7tj3J1C5S1PXQ 8l9XYHK1DnPUfuJNiZb0GoVoXsGNUO5WF8w7KAVmv3W84hXs8VSvfZARcENJWS7o4r_5WEbjpe_b w2Wv.TukBaH5heo7GtToULiQIPcMxZp.6tuiGTWExYnorq6nIH0Ch6ECx_uzFoyhbwUkZHdQ6B02 Pq8SI.jFEzJR_M9gBviDPxdFqzZo2j2BJ77gfDL.cMGMUKqNH5MkNpO2NaCH75S2RNsvFMGp5eUJ l84UbF1wtM0xCRWb5Tckddv58JJHja4vAZZ0Wbg4HQJK1fbnMpLju6XqT12lePdD2cBDXd7JYYK7 3JHVnp9J9v4LCVysO2qntYCkxiDHsjEeN6sZaZvdWsYLseWNChQLVNfIExXv2qbwcFxTs_MMsKVs rz3.bNUWr20PgZtigaM.Kakfz4cHALzLoO9zfQKo5Md6tdEE3SY.8bMSmAcG.lQ-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Apr 2019 00:49:30 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO localhost.localdomain) ([67.169.65.224]) by smtp426.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID cd54bbdbca338d2b8f0b466ae999e136; Fri, 19 Apr 2019 00:49:28 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, jmorris@namei.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org Cc: casey@schaufler-ca.com Subject: [PATCH 81/90] Netlabel: Return the labeling type on socket Date: Thu, 18 Apr 2019 17:46:08 -0700 Message-Id: <20190419004617.64627-82-casey@schaufler-ca.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com> References: <20190419004617.64627-1-casey@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Change netlbl_sock_setattr() to return the labeling type of the domain. This allows the labeling types to be compared when two LSMs want to determine how a socket should be used. Signed-off-by: Casey Schaufler --- net/netlabel/netlabel_kapi.c | 25 ++++++++++++------------- security/selinux/netlabel.c | 11 ++++------- security/smack/smack_lsm.c | 2 ++ 3 files changed, 18 insertions(+), 20 deletions(-) diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index 648103ecc48b..2f7ba0e2e436 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c @@ -974,15 +974,14 @@ int netlbl_enabled(void) * Attach the correct label to the given socket using the security attributes * specified in @secattr. This function requires exclusive access to @sk, * which means it either needs to be in the process of being created or locked. - * Returns zero on success, -EDESTADDRREQ if the domain is configured to use - * network address selectors (can't blindly label the socket), and negative - * values on all other failures. + * Returns the labeling type of the domain, or negative values on failures. * */ int netlbl_sock_setattr(struct sock *sk, u16 family, const struct netlbl_lsm_secattr *secattr) { + int rc; int ret_val; struct netlbl_dom_map *dom_entry; @@ -994,17 +993,17 @@ int netlbl_sock_setattr(struct sock *sk, } switch (family) { case AF_INET: + ret_val = dom_entry->def.type; switch (dom_entry->def.type) { case NETLBL_NLTYPE_ADDRSELECT: - ret_val = -EDESTADDRREQ; break; case NETLBL_NLTYPE_CIPSOV4: - ret_val = cipso_v4_sock_setattr(sk, - dom_entry->def.cipso, - secattr); + rc = cipso_v4_sock_setattr(sk, dom_entry->def.cipso, + secattr); + if (rc < 0) + ret_val = rc; break; case NETLBL_NLTYPE_UNLABELED: - ret_val = 0; break; default: ret_val = -ENOENT; @@ -1012,17 +1011,17 @@ int netlbl_sock_setattr(struct sock *sk, break; #if IS_ENABLED(CONFIG_IPV6) case AF_INET6: + ret_val = dom_entry->def.type; switch (dom_entry->def.type) { case NETLBL_NLTYPE_ADDRSELECT: - ret_val = -EDESTADDRREQ; break; case NETLBL_NLTYPE_CALIPSO: - ret_val = calipso_sock_setattr(sk, - dom_entry->def.calipso, - secattr); + rc = calipso_sock_setattr(sk, dom_entry->def.calipso, + secattr); + if (rc < 0) + ret_val = rc; break; case NETLBL_NLTYPE_UNLABELED: - ret_val = 0; break; default: ret_val = -ENOENT; diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index 4bbd50237a8a..85156a0cdfc3 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c @@ -418,15 +418,12 @@ int selinux_netlbl_socket_post_create(struct sock *sk, u16 family) if (secattr == NULL) return -ENOMEM; rc = netlbl_sock_setattr(sk, family, secattr); - switch (rc) { - case 0: - sksec->nlbl_state = NLBL_LABELED; - break; - case -EDESTADDRREQ: + if (rc == NETLBL_NLTYPE_ADDRSELECT) sksec->nlbl_state = NLBL_REQSKB; + else if (rc >= 0) + sksec->nlbl_state = NLBL_LABELED; + if (rc > 0) rc = 0; - break; - } return rc; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 337a05c34931..a787f8010067 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2424,6 +2424,8 @@ static int smack_netlabel(struct sock *sk) skp = ssp->smk_out; rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel); + if (rc > 0) + rc = 0; bh_unlock_sock(sk); local_bh_enable();