From patchwork Fri Aug 9 12:19:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahiro Yamada X-Patchwork-Id: 13758747 X-Patchwork-Delegate: paul@paul-moore.com Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1BF581940B3; Fri, 9 Aug 2024 12:20:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723206021; cv=none; b=a1JT+T/vcvqWSqaIWmUgNofaEc8aItuOhM/a7Oro/M82/2huD9D2Ogwub6iIutaoKivOlfUywCb5cg0nuaiidK1bBlpx0ETeJV2mSZVFXySGr+I40UCAg/ioSDcIopNMIkfBYORR0pbHAxYXR3vJaXM3N9aX3RJGpcx+TIxXuxk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723206021; c=relaxed/simple; bh=Khd0Q+yxNjaRJ6HM1jN2DezMjTZjzWz7wbIGnd13yn4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ombFersWob/3oBIu+GRb4Q9b2b16nO0Dta3cDHo1f8NYoYhkI/PVSlxKAnsYoYh/kc7ctD9NlV3LIffAFb9qXU0G+gEvAsDtiAsdbJTAvuW0eRTcVtwu2WC+t/mJwz5SZIyL+Bb6j/qoSuDikYqjtt02XmiyVhiDGyIOJd9b2+8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=IVct3qvN; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="IVct3qvN" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 20FB4C4AF0D; Fri, 9 Aug 2024 12:20:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1723206021; bh=Khd0Q+yxNjaRJ6HM1jN2DezMjTZjzWz7wbIGnd13yn4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IVct3qvNuEXeAcGA8S0LURMQiQ72Rto7JqMseYw5P0JBrv6Ulz/axWM9zdnJT0ECC lM/IBzhr8PdZxgbSr4p8Ruox3hkz+vH+E3K50yAVzbWDKJ7AXE9Q+q8+4bizADYPLF u/8QUf6OPX6RvBu8q3oCK2CisbkCdTZ68907X5E60YRUC7/BbZsphGjWktxxvH8+rH q52YJIjoF4t1053apDODNiHjsJgd6xcMc6ORP+kWOuCYrVHPpjAr30l4Fe6d5N7oOp k8qYFYBswAF+G/udzBsh8viad6Fu1RSipQKh6mxhm0j1LcMHG8lhCmaHl1xRVCzrTw IFLkPhC88++Mg== From: Masahiro Yamada To: Paul Moore , linux-security-module@vger.kernel.org Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, Daniel Gomez , Masahiro Yamada , Ondrej Mosnacek , Stephen Smalley , selinux@vger.kernel.org Subject: [PATCH 1/2] selinux: do not include headers from host programs Date: Fri, 9 Aug 2024 21:19:01 +0900 Message-ID: <20240809122007.1220219-2-masahiroy@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240809122007.1220219-1-masahiroy@kernel.org> References: <20240809122007.1220219-1-masahiroy@kernel.org> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Commit bfc5e3a6af39 ("selinux: use the kernel headers when building scripts/selinux") is not the right thing to do. It is clear from the warning in include/uapi/linux/types.h: #ifndef __EXPORTED_HEADERS__ #warning "Attempt to use kernel headers from user space, see https://kernelnewbies.org/KernelHeaders" #endif /* __EXPORTED_HEADERS__ */ If you are inclined to define __EXPORTED_HEADERS__, you are likely doing wrong. Adding the comment: /* NOTE: we really do want to use the kernel headers here */ does not justify the hack in any way. Currently, headers are included for the following purposes: - is included to check CAP_LAST_CAP - in included to check PF_MAX We can skip these checks when building host programs, as they will be eventually tested when building the kernel space. I got rid of from initial_sid_to_string.h because it is likely that NULL is already defined. If you insist on making it self-contained, you can add the following: #ifdef __KERNEL__ #include #else #include #endif scripts/selinux/mdp/mdp.c still includes , which is also discouraged and should be fixed by a follow-up refactoring. Signed-off-by: Masahiro Yamada --- scripts/selinux/genheaders/Makefile | 4 +--- scripts/selinux/genheaders/genheaders.c | 3 --- scripts/selinux/mdp/Makefile | 2 +- scripts/selinux/mdp/mdp.c | 4 ---- security/selinux/include/classmap.h | 19 ++++++++++++------- .../selinux/include/initial_sid_to_string.h | 2 -- 6 files changed, 14 insertions(+), 20 deletions(-) diff --git a/scripts/selinux/genheaders/Makefile b/scripts/selinux/genheaders/Makefile index 1faf7f07e8db..866f60e78882 100644 --- a/scripts/selinux/genheaders/Makefile +++ b/scripts/selinux/genheaders/Makefile @@ -1,5 +1,3 @@ # SPDX-License-Identifier: GPL-2.0 hostprogs-always-y += genheaders -HOST_EXTRACFLAGS += \ - -I$(srctree)/include/uapi -I$(srctree)/include \ - -I$(srctree)/security/selinux/include +HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c index 15520806889e..3834d7eb0af6 100644 --- a/scripts/selinux/genheaders/genheaders.c +++ b/scripts/selinux/genheaders/genheaders.c @@ -1,8 +1,5 @@ // SPDX-License-Identifier: GPL-2.0 -/* NOTE: we really do want to use the kernel headers here */ -#define __EXPORTED_HEADERS__ - #include #include #include diff --git a/scripts/selinux/mdp/Makefile b/scripts/selinux/mdp/Makefile index d61058ddd15c..673782e3212f 100644 --- a/scripts/selinux/mdp/Makefile +++ b/scripts/selinux/mdp/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 hostprogs-always-y += mdp HOST_EXTRACFLAGS += \ - -I$(srctree)/include/uapi -I$(srctree)/include \ + -I$(srctree)/include \ -I$(srctree)/security/selinux/include -I$(objtree)/include clean-files := policy.* file_contexts diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c index 1415604c3d24..52365921c043 100644 --- a/scripts/selinux/mdp/mdp.c +++ b/scripts/selinux/mdp/mdp.c @@ -11,10 +11,6 @@ * Authors: Serge E. Hallyn */ - -/* NOTE: we really do want to use the kernel headers here */ -#define __EXPORTED_HEADERS__ - #include #include #include diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index 7229c9bf6c27..518209e1beb0 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -1,8 +1,5 @@ /* SPDX-License-Identifier: GPL-2.0 */ -#include -#include - #define COMMON_FILE_SOCK_PERMS \ "ioctl", "read", "write", "create", "getattr", "setattr", "lock", \ "relabelfrom", "relabelto", "append", "map" @@ -36,10 +33,6 @@ "mac_override", "mac_admin", "syslog", "wake_alarm", "block_suspend", \ "audit_read", "perfmon", "bpf", "checkpoint_restore" -#if CAP_LAST_CAP > CAP_CHECKPOINT_RESTORE -#error New capability defined, please update COMMON_CAP2_PERMS. -#endif - /* * Note: The name for any socket class should be suffixed by "socket", * and doesn't contain more than one substr of "socket". @@ -181,6 +174,18 @@ const struct security_class_mapping secclass_map[] = { { NULL } }; +#ifdef __KERNEL__ /* avoid this check when building host programs */ + +#include + +#if CAP_LAST_CAP > CAP_CHECKPOINT_RESTORE +#error New capability defined, please update COMMON_CAP2_PERMS. +#endif + +#include + #if PF_MAX > 46 #error New address family defined, please update secclass_map. #endif + +#endif /* __KERNEL__ */ diff --git a/security/selinux/include/initial_sid_to_string.h b/security/selinux/include/initial_sid_to_string.h index 99b353b2abb4..f683a78b21fd 100644 --- a/security/selinux/include/initial_sid_to_string.h +++ b/security/selinux/include/initial_sid_to_string.h @@ -1,7 +1,5 @@ /* SPDX-License-Identifier: GPL-2.0 */ -#include - static const char *const initial_sid_to_string[] = { NULL, /* zero placeholder, not used */ "kernel", /* kernel / SECINITSID_KERNEL */ From patchwork Fri Aug 9 12:19:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahiro Yamada X-Patchwork-Id: 13758748 X-Patchwork-Delegate: paul@paul-moore.com Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E2BC1194A40; Fri, 9 Aug 2024 12:20:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723206024; cv=none; b=sxJ4M/qCXVxEaY19yGzffPYhYgMHfTHGiAFmIkYdbeipxvw80BiRaS+zVd393dTI6fEQjLdXwcnVAAfvo+sdnqbbKjRLu/C5T5XpLFO8uAOkHuYueLvg6ozMUjrk0nolU86XlTJZKoCSIpyCWTVo6fbHZQTOREHzrfcUSO/8YJ8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723206024; c=relaxed/simple; bh=h+ds7OiVeWdJ4ojS6Mrf3Z/P231oCN+JkfXtJwD8qVI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UrQILL8ww2G8fSghyWJng7mVS0w5+gQbD+t6m2f5jxp3wP4VLLwDr1mw7zC7qRP8iDrymsXOxHiCXzdqDvM/IWhwXczJ172XiTMEhRLLQ4t/PddRQAlL9zVh/E00ecKI+HxMqpw78xc13D350UQ3ou7myNYVSGuADoymOfcdrdA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fSVtUbdi; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fSVtUbdi" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 77C01C4AF12; Fri, 9 Aug 2024 12:20:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1723206023; bh=h+ds7OiVeWdJ4ojS6Mrf3Z/P231oCN+JkfXtJwD8qVI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fSVtUbdi3hzcn2DpKZVl9V/Xpc8ffvqVX8/H/Gx2fG9aZl0LUTYIit0yhwT++xR+j SW2r8GMNjGO/fs64kq8S1gEczckn/w3LPp1BUAbVhkdD7aRvJZhYA6aqG8IoUdYqQp towgUBsHPA0H1UqsQ2zwmVC+5M93SrTqzgZYnCIMMi4lD+nrzCQQMrBmiyvYLTxf4b ll/BN1MuXPOR2Vucos8Q3IjPJqjQ7IpS6zzlktUJE1yQYai2j6mfVnuwq5uCupbJd4 G+NREDSeeXvNnIKvVSlzf+/KJeAtPYk0ZOguiocc6IsVJM4uSSGwU11duDmdfoI2RY NCNKu7Locyqmw== From: Masahiro Yamada To: Paul Moore , linux-security-module@vger.kernel.org Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, Daniel Gomez , Masahiro Yamada , Ondrej Mosnacek , Stephen Smalley , selinux@vger.kernel.org Subject: [PATCH 2/2] selinux: move genheaders to security/selinux/ Date: Fri, 9 Aug 2024 21:19:02 +0900 Message-ID: <20240809122007.1220219-3-masahiroy@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240809122007.1220219-1-masahiroy@kernel.org> References: <20240809122007.1220219-1-masahiroy@kernel.org> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This tool is only used in security/selinux/Makefile. There is no reason to keep it under scripts/. Signed-off-by: Masahiro Yamada --- scripts/remove-stale-files | 3 +++ scripts/selinux/Makefile | 2 +- scripts/selinux/genheaders/.gitignore | 2 -- scripts/selinux/genheaders/Makefile | 3 --- security/selinux/.gitignore | 1 + security/selinux/Makefile | 7 +++++-- .../selinux/genheaders => security/selinux}/genheaders.c | 0 7 files changed, 10 insertions(+), 8 deletions(-) delete mode 100644 scripts/selinux/genheaders/.gitignore delete mode 100644 scripts/selinux/genheaders/Makefile rename {scripts/selinux/genheaders => security/selinux}/genheaders.c (100%) diff --git a/scripts/remove-stale-files b/scripts/remove-stale-files index f38d26b78c2a..4e7d25668a98 100755 --- a/scripts/remove-stale-files +++ b/scripts/remove-stale-files @@ -20,4 +20,7 @@ set -e # yard. Stale files stay in this file for a while (for some release cycles?), # then will be really dead and removed from the code base entirely. +# moved to security/selinux/genheaders +rm -f scripts/selinux/genheaders/genheaders + rm -f *.spec diff --git a/scripts/selinux/Makefile b/scripts/selinux/Makefile index 59494e14989b..4b1308fa5732 100644 --- a/scripts/selinux/Makefile +++ b/scripts/selinux/Makefile @@ -1,2 +1,2 @@ # SPDX-License-Identifier: GPL-2.0-only -subdir-y := mdp genheaders +subdir-y := mdp diff --git a/scripts/selinux/genheaders/.gitignore b/scripts/selinux/genheaders/.gitignore deleted file mode 100644 index 5fcadd307908..000000000000 --- a/scripts/selinux/genheaders/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -# SPDX-License-Identifier: GPL-2.0-only -genheaders diff --git a/scripts/selinux/genheaders/Makefile b/scripts/selinux/genheaders/Makefile deleted file mode 100644 index 866f60e78882..000000000000 --- a/scripts/selinux/genheaders/Makefile +++ /dev/null @@ -1,3 +0,0 @@ -# SPDX-License-Identifier: GPL-2.0 -hostprogs-always-y += genheaders -HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include diff --git a/security/selinux/.gitignore b/security/selinux/.gitignore index 168fae13ca5a..01c0df8ab009 100644 --- a/security/selinux/.gitignore +++ b/security/selinux/.gitignore @@ -1,3 +1,4 @@ # SPDX-License-Identifier: GPL-2.0-only av_permissions.h flask.h +/genheaders diff --git a/security/selinux/Makefile b/security/selinux/Makefile index c47519ed8156..86f0575f670d 100644 --- a/security/selinux/Makefile +++ b/security/selinux/Makefile @@ -36,7 +36,10 @@ quiet_cmd_genhdrs = GEN $(addprefix $(obj)/,$(genhdrs)) # see the note above, replace the $targets and 'flask.h' rule with the lines # below: # targets += $(genhdrs) -# $(addprefix $(obj)/,$(genhdrs)) &: scripts/selinux/... +# $(addprefix $(obj)/,$(genhdrs)) &: $(obj)/genheaders FORCE targets += flask.h -$(obj)/flask.h: scripts/selinux/genheaders/genheaders FORCE +$(obj)/flask.h: $(obj)/genheaders FORCE $(call if_changed,genhdrs) + +hostprogs := genheaders +HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include diff --git a/scripts/selinux/genheaders/genheaders.c b/security/selinux/genheaders.c similarity index 100% rename from scripts/selinux/genheaders/genheaders.c rename to security/selinux/genheaders.c