From patchwork Tue Sep 10 18:41:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799239 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 17F2E1A38F9 for ; Tue, 10 Sep 2024 18:51:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994302; cv=none; b=ipbLDk8BhbqZxpQrFsGWXZZkuhSXQM8r2fFMg62ousWoiMBE7TaIP7cDQGg0cxYTGz95nT1lP3EUK6lgWU7VqlgT0JYHqvZ64T3ZtA2a0AmYFHSl8QZq6ZnkKooY0/B6H/zNt7lwPdkiPJhKwtUDHmKsEQrD1ZSzsU6vvWHJ9yk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994302; c=relaxed/simple; bh=iXfhEisxb2+IWqPf8Qmd7+F48D2xzLyfyaflSJ7SQYo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=B9VClwBpCXJVMgRkyeCvUy94B1l/190uldPrcNyXK1uofaiAx4/gERY7zYWgmspnLs6nfvIqBkw05M/fTS9GXOTaqUnbUTEF1ikFnImWOLvPRl5EKlDi0PE+bAoszto5nczECeKwb6+KW10PhmrIxnAG52THBNv96e8AMxTTKog= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=iu0davLr; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="iu0davLr" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994300; bh=hE2XLxKY+ItLaGKEYikD9qRUNGyt4d0i6XrIOITfYq4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=iu0davLrzfYLrTQ25/IZtpRjfA+XWwp/+PJ1FpHG8mU8k+WjW9n2Pw3JtB5cCs/9xwEGb3XTtLrvFBhlNrOKqXUcQ0P4MybeZUHu3gI5rX2KiYta4YNw2d7pW7I01seIZntwoSjCuR128l6dMskpt/BxGwOdPisJVfwEoWtFct9SUbrVB6lPvQIjUv4XgztMRDlG1cpmOqaD9+PBlQBsu2469OwtjCRRQGnR/XazHcrjUvrQ9YFUEyvUQyQea/K+5de9udJMbQTWjavfzCQSOhodmNah6d9UA/a8oSWHihmymIijp4iDKU6qmGhrX+GcFxj0/5k18Ya1ttdKAzvvkA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994300; bh=6+dPrJNQ6nLAHy5D6UcvDYwz/oYvYo1VF+kGdWTK6Hu=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Ux7uabBeop2LRJZ7eFJ54pMDhik7po9+9PNMp6q6id1lDoX3Ee0EZAKeMdkebnyxOj24M3TA80/NTnKRcFwcXgbnnkKGRxpRTL0VUo668aPNjr2kcxRKKjfQ56jZK6snBAHnljuAgsv0q8U8pQ/5Dm0a12E1GtMWeJilOg19bdAQf/bl8F2642y4pldbj27PaSaAwYoUSPDRu1IexRCy9Ag/EZ4/eUgCakDICic3JV5Ptn3Cs1rHwjJodCX4M/Md1fVknJHbiXaSdrFjTKiUZfiOnPSk1SHlRUmlFXwEWkMi1FLqYiNN3FDIIRpg6uU8IJ5p6FKwrZmHVcO7Tscycw== X-YMail-OSG: lYsK.8gVM1mhUSBIE.5ARCA_jMSVJfJ3x60AfolUYHGmnP_bku7kMTV3CtECNxn FgS0e020Uhksp0G1m7AlynBsiKEeM1dctUk2zHoSP5Yu1ioDo0GsiShqxGLQNQZwQODlZKKaji5w PfgkZq6pOij3.8qJaN19zyphN4VXjmXvq.NjWTPpmY3py_L8i2VI9Nxfj2KT796Tz9AFwwL1lhG4 .Wao0mQ4lxf7BdnE5ys_8XYx6vmDqaGnPmRIW0B9gEEZbthPz_Cn.NhEPNdAU1.TOveDo212qWrT oZT_is_Md8GjvZFaiNSqva7J5ru5d3pXgnc5z4poWYcZmlyypymlhjZmkh0ACz__eLqdq2Uven7P wlHF1gzNto8Nav2As9BC7CKo0YeTgsZ3jyGl8xKtzmul4txbDoh0vz_PCvtRueh0yXKPKmYUvw1b 2m16lrHzGYRztn_r6zS2QbSGJAEF.BVtDFFXO6ZPJNHrsBC_gg2pjn9qrB19GrfcBn1kfNcwwUMO 8Gdlm7GDwLsyKrMo2ZWnDjikCxyxKi4C_JzqvSgnx_vi4jyTUALlNBIwI0kJaV4kHAURhJhGFm1F Xnb9VCbdkiDV7PdLJwDdVyYTaj8Fihq2jVXjlkM_b5oZ7zBHCuGx3ke0hvUqX0H2cn_8MMcs3mlE .0xwtouVCtsF06UJbIRJjzfFqHwzQ1dbex1QUU4dTQaUi.lOLmrrWW5fpURQhDTU92lPXQ6XRfQA 9oxpdt3Awdfzm58N5GhcNTHOE.wljkRvD5wo12NoJ41uCgWIEpOG9kO1tHU9TR2ghwhp1rnKYnhc 5fGCvoSowJvW137jnfzFD0pzZqtgaCss0.hd.CDckJWWJi7e2ijuAqR5GycHd_aGESHG6AhFDUTR QTX4I0lqFVfjFhCnfYvLn2n2WUSJEd_gXsAjYOOAkzFZ3t2kRRoU9UADZCcCFsmLCdlyGUnucTIx dJRvSo6PZlEb6N9f.JTLQ7ZPSeIVbpVTvAmKaK20SOKSdmbdLzZwbn0_f2pXXN4usKExhW9SUIqM cOByB5mdTsZLyKOHX4vk49nkXWkyCrpccO7Rx9cuoohGIdOqeHrUpK9HpreDy9aZiVsLVwGNI7P. .qM.M96X45Hg7.JGyJr6uFKL_mtiaZnl5kIyGOaxfTUQaDZUKcJUZ3AX6Pxe0tf.VWwVK1wk23Dg uxIzfD0NjCfUjoIvrWna.g6SBVjbZRqa76pwA6WJbm2r0AmKD45AmQz0DXCiclTNIKf5A3shuDG2 Aj1dS5kPAXB.nArf3QdDYvR8cx45dhp8fgRwhZmdntHgw0GfS5MxRU.ZxdvxBySZ1Y760pUU9cKa NYU5q1Dp1oizsp_HSYPq4da4ypNgXd4RK9Npvs8kmPuTYgkUlbOzF8SgdLaKJq4lBafyD7ozdDdW TFmke5roYc.QmDj5O8JS4U5O0LK6.ErMOWo.JVnxsAJBbK0.A0WcEcu_FC2zb1Gv5oNY0weBRLQv 6IFhBDutOmX0QMv_lhlf2hamN6eu3sWdtF53Q1k2sj_gHRGIiw_RvWptGZ_XBQdA3H2Tt034opSv WwaZfdxjgFCYz5JKdpdpiZ4_4lNpw4NJH_ptx6pXDGDmcYpL7xYB0PxoK7Jq09sr_8JukJN_X2U. 9.40W4oyt6DOXrdfzzEJqkQffFhTDQdiGQmVSQAt4zB6RImZSar3oBtyIN_iTX0nAwxXF.oMX8qS grzxOoL9GpgqscNFkHhA_BhemBnkW6eM7byCCxdxrOKNLumeft4pBr9tcZrcSZsFhJYv0Q5mXjaa mSgG9MV48IGhM_tpWwT5eS9ocExE9wb_hvrY4GwfV.Ef0OJW0BaT5j9BkosuPSac221m9s48BoND w2pNSWcjlRfm5iPX4k7EIo3dzOE_RdfhIQaecLzYDzJO27jxwfZWVGgDPlUU5bnxAlZIauQwHoYB ylEEBetC3MyGz1YlwKJ2L1Rj08MlMttelw76R.bC1n4UqVH1LBRgy2EBTihRGhdsxTd4T6kspSt6 fJ7if2I4kbdisTGxnrHW04Y9rTEqkDyQ1ZHdMJdiEB1pM6tXK.jxrfz1mdLWnmkvvHhbtiMZVfPh 8ZeCANfZN4eNvKPPQug9a_WusZDpZzEsHz.zOxGAX.AhVGzdgVHCwSrLiCPYB9QUz4CVL2yVJVxC WM3FAPOBarCz6M4nhWUsUieZ47QwnCSTECZpk7Pg4kHD.QUqZnCQsXYZDSklAaWrw.FIa1ZHpWPj PjO30jrnahGYSOB60wXG0kOnb78zaG4GPvCSZWXCVR7cT5Suk_DKuSgD_P8Ll9_Si0p7pMRrBHeF a9G5cW0M..4wch5wVjB_x2k7FZvTvMuJEPhS7 X-Sonic-MF: X-Sonic-ID: 2352b9a3-2409-4959-89b3-d3c615c9372b Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:51:40 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 0f4d83cf88f6912abe79246c392d6ed4; Tue, 10 Sep 2024 18:41:31 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, apparmor@lists.ubuntu.com, bpf@vger.kernel.org Subject: [PATCH v3 01/13] LSM: Add the lsm_prop data structure. Date: Tue, 10 Sep 2024 11:41:13 -0700 Message-ID: <20240910184125.224651-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 When more than one security module is exporting data to audit and networking sub-systems a single 32 bit integer is no longer sufficient to represent the data. Add a structure to be used instead. The lsm_prop structure definition is intended to keep the LSM specific information private to the individual security modules. The module specific information is included in a new set of header files under include/lsm. Each security module is allowed to define the information included for its use in the lsm_prop. SELinux includes a u32 secid. Smack includes a pointer into its global label list. The conditional compilation based on feature inclusion is contained in the include/lsm files. Suggested-by: Paul Moore Signed-off-by: Casey Schaufler Cc: apparmor@lists.ubuntu.com Cc: bpf@vger.kernel.org Cc: selinux@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- include/linux/lsm/apparmor.h | 17 +++++++++++++++++ include/linux/lsm/bpf.h | 16 ++++++++++++++++ include/linux/lsm/selinux.h | 16 ++++++++++++++++ include/linux/lsm/smack.h | 17 +++++++++++++++++ include/linux/security.h | 20 ++++++++++++++++++++ 5 files changed, 86 insertions(+) create mode 100644 include/linux/lsm/apparmor.h create mode 100644 include/linux/lsm/bpf.h create mode 100644 include/linux/lsm/selinux.h create mode 100644 include/linux/lsm/smack.h diff --git a/include/linux/lsm/apparmor.h b/include/linux/lsm/apparmor.h new file mode 100644 index 000000000000..612cbfacb072 --- /dev/null +++ b/include/linux/lsm/apparmor.h @@ -0,0 +1,17 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * AppArmor presents single pointer to an aa_label structure. + */ +#ifndef __LINUX_LSM_APPARMOR_H +#define __LINUX_LSM_APPARMOR_H + +struct aa_label; + +struct lsm_prop_apparmor { +#ifdef CONFIG_SECURITY_APPARMOR + struct aa_label *label; +#endif +}; + +#endif /* ! __LINUX_LSM_APPARMOR_H */ diff --git a/include/linux/lsm/bpf.h b/include/linux/lsm/bpf.h new file mode 100644 index 000000000000..8106e206fcef --- /dev/null +++ b/include/linux/lsm/bpf.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * BPF may present a single u32 value. + */ +#ifndef __LINUX_LSM_BPF_H +#define __LINUX_LSM_BPF_H +#include + +struct lsm_prop_bpf { +#ifdef CONFIG_BPF_LSM + u32 secid; +#endif +}; + +#endif /* ! __LINUX_LSM_BPF_H */ diff --git a/include/linux/lsm/selinux.h b/include/linux/lsm/selinux.h new file mode 100644 index 000000000000..9455a6b5b910 --- /dev/null +++ b/include/linux/lsm/selinux.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * SELinux presents a single u32 value which is known as a secid. + */ +#ifndef __LINUX_LSM_SELINUX_H +#define __LINUX_LSM_SELINUX_H +#include + +struct lsm_prop_selinux { +#ifdef CONFIG_SECURITY_SELINUX + u32 secid; +#endif +}; + +#endif /* ! __LINUX_LSM_SELINUX_H */ diff --git a/include/linux/lsm/smack.h b/include/linux/lsm/smack.h new file mode 100644 index 000000000000..ff730dd7a734 --- /dev/null +++ b/include/linux/lsm/smack.h @@ -0,0 +1,17 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * Smack presents a pointer into the global Smack label list. + */ +#ifndef __LINUX_LSM_SMACK_H +#define __LINUX_LSM_SMACK_H + +struct smack_known; + +struct lsm_prop_smack { +#ifdef CONFIG_SECURITY_SMACK + struct smack_known *skp; +#endif +}; + +#endif /* ! __LINUX_LSM_SMACK_H */ diff --git a/include/linux/security.h b/include/linux/security.h index 1390f1efb4f0..1027c802cc8c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -34,6 +34,10 @@ #include #include #include +#include +#include +#include +#include struct linux_binprm; struct cred; @@ -140,6 +144,22 @@ enum lockdown_reason { LOCKDOWN_CONFIDENTIALITY_MAX, }; +/* scaffolding */ +struct lsm_prop_scaffold { + u32 secid; +}; + +/* + * Data exported by the security modules + */ +struct lsm_prop { + struct lsm_prop_selinux selinux; + struct lsm_prop_smack smack; + struct lsm_prop_apparmor apparmor; + struct lsm_prop_bpf bpf; + struct lsm_prop_scaffold scaffold; +}; + extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; extern u32 lsm_active_cnt; extern const struct lsm_id *lsm_idlist[]; From patchwork Tue Sep 10 18:41:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799240 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0DEB61A7058 for ; Tue, 10 Sep 2024 18:51:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.188.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994306; cv=none; b=MQZaovyZhTn/ewTuU89pAigjR67qrgYzjLYnPY7bEasdAGFhAtPEbnsVeQbLXmTQZb4jiZxNukxRSGVb0hngCG3rEpwHLIZY5oKhFuTY5tvpXTnDks8eRJQo4uZtaVgYjQgEs+tdDMxnhKFIW36Ip9KOBFYb8YHYch5AiGakMHw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994306; c=relaxed/simple; bh=7qc9JorSmfWVdJq1DUXlimW1CCPnpxmdmIckk8hSH4s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qz+crkduxIIzS1lFbcvSVdNCC3uLZX8N0nGdh2aqxN4sor7Z7Sa+ptLVSjY/ecxYGAxtvAd3pCAr11rbbSysy1bVKXLE+9XYn4bglfGNJHfA1/LVuGOFn2EAfsD4gOSsDX8JUMMTS0Xovw8g9NTyAv52VKA7HWlWQo6cXPTzqOk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=AXUKTCOa; arc=none smtp.client-ip=66.163.188.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="AXUKTCOa" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994303; bh=eNIqODIwb5Z0TaDBShDLo+MG6VB6WqmyGov2loH/JmY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=AXUKTCOa1j508cSN/cbwBQQhzH9nEiELSsnXc2lP06BI4k1AwxChReaIQc6G5XogqWJACODndBTr7lVZXziIHmv/PGt9u/G5STosjnG66orC1iXT3pSx4IxUkv8CofFBJ0KTTBWz/ToWEa9XuM6FXAawJL/78bMyA1CwCApihC9oBIr7AxXWTcwFl7DXvodTAJnM0L0/bcm4U68Ncrac0t73wkxTyGnke2sHA67XdwVbSY1ZMJiBwrN5cGOsvg1wH293tI2NqHfh0wj2kqA2+EHaXt66uOjBIKsMzTspnb2ZS+v7SbTAzjHNJjhAwj+6HwQCa5N+/IcJDAiyBUA1Zw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994303; bh=JzCraK5PY7i+YFL0s6+8X6eikm/HIY92H3yDlMu06MW=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=CSirtA9XoAUAxQeHrh3Ina45nkoR9Qwz3hBPIIoRMVu+3U8abdW1+l+pr6CvcO/rD/WerW8fwYDSWcdIfpaSQ+SMF7EczD3RiDaFO0lQ4p1NMY8dY0FXNHT+pa3Md3SGxGYS0w4bXhcCPeEJ1cdmLc4XzsxTTVb6R66rCp/mT8s/uafTnQyWOpS41OwslvMfcdc73+o9/Yqq8oa0cISBXpnaHYeDWaxa/u/OlSPtLokoOuYOKqKdLrcehyFFFTV5b+JnMI6nVfPRd1Jrjz4swSeMnh1weeXXiGCM/Lm6lUQY/d88LURjdov7ZggziixmTNNOMY0bMaLA6QoUbXLmkw== X-YMail-OSG: 0ZlHBbAVM1ktOebx5eObZw8W33wctSfPcf1Mkajr4Njw.1y2aRoF45zmCvP0VqF fdVMdOw9Hmx8YU2L8fVIuuH6v1vrcVtsjqoSSd4_HlkAVVj47UTHkxzo4PsLLB3iwQ02IbFjTugt cxelbIWtdChg1bFK1e.6fCir3Gbsa3zBhM6Whm9VVE6n6Mk1138VbdHeNFOSoGtTsycc1FbEejTM uSP1e5JH8OZK5axeuHV9iSGYnevf_FpnmW0B4h5iPtqCKR1df8E6GeSQtzcQi1uUjtDoQ3eTnxmU zIS9tcjZipb7sJTPpHuqYCNH9bf3UcYUd59QGMSyJ6qT.fsqGsmcOO0zD_GxkjheRSxD8Ni5nb1i 6XOCWYZmqPGJcJQDu2_POOP0AIGordJYnVoEFF8DVbJNsjzVDsY9VsupzJMvX0MbT.7uJeBu4Y6U TRXODwEyq7Jh6migOvKxxexp_GIHxiFeViPux2L0.FGOSr0So13dI7HaOJzUzGQVAlNeIZfdLUyc MMe3WJNe91vZbLr8AzPt2jK9mQJ9Ii8hVfw1_PPp0RBgb2Phavk7mHJ8yZyUinsm7Z5pe.l4hg7A GaZbBylctDxXpIafnBuWbUm0egPEfQ7__GdlogxgQZAlLYyqbMl4EYMzFEmcHmd66gh7tzdXZeV8 O7CqhSNCMbLOPOVseLZlbxTTMrj0Vxji.t4IMwHhsFzBXU8gH2I77t4p1bxHxMXGaQSq1EVEvuDV 6tB4IvsIWLpMwEDb7Rp59btyJPFNlqYOUPbxGjj1aGhQ3o6.turf3SleS6kK00TAz2hThFRJtKIh 6J09V52kx26b8YxrBEC3lo2HCwQE19CRNIac56UGRfi6INomb7OAjb1xW7GR8noXSsQgPs9SScIK RwzfXR.QNW6lIqcopCMxoWi3g6XBgpueTxeRSlsMQep1FXWJguNvVnMUNeD5R9QUC74Af24bMWLa vlW1FQtxQM7u238jz0Q6W0xR8NfAhFNxgfz2SzeqcFCtcNLMGEqMOTDxXqunlxWtWWVdwjy1xyQt FgBx_n5KzAw5GQQOFrHsk7Jflupd5LuUK_O.41ke9Q0OmTtjQ_6HV44gQ.smbbsMcC0UDAnzwvya QQcnNF0Sy.WRcOEJXuNcubvyFyiaUZKaBPSYfmuklB1F_NKevRv2Hnzx5IB_ssI74h_MlKZAMn0t uVkuMHRlfYxEfWyEcJd87bphC1kayrafseKNoOgmtdbLwFv5A9gvU7x0Rlu0jgrzyoLjv4I09vQi 8AOkXlb1.1s3Z2azsAVmfwjMO3w18SA5Vei2BztWE27zpYkpwol9Xl0pezFfmT6Od7vGhPF0hPKg GO5sZE8M1xK6EJGcMw7QAREMoX2tWS8zOImMkCuIXrVgkBM7FLVjjw.iG3f76l53jtxAkY5f7QVH 3GpjFCmKt9aTbYBNay8PbfdXMwMbmD13hbLEEiInQ14yqaNa4sDCYTIkfqkhfWKshpQSzeSrGN_T 3ngsK_LZWLoc0qzY6xXZ80iNG2WJQm4qKHJ01dzG.aU5NsEIdf2xRMPF7S8KgLke7gkJWzx0GJsR Ll43fIcf_AwcNy4RRvYyw.0VWmzxzAQjX8U0XPg.IA2dRqJWqUyuKiqcP2j9KXDb0io5rkXwmbqo CkQ4iQx5hrkLZuKVfeh984E8JkiOimiSuEdzkpreY_mkyo98W8dSiLMTcC4UlX1pJ0M8Ud89Z6Zu DLo2pQJSZ8opCvOvMb0XA_c8CuhTfAs8.eCdGUkQk5HrGKYYfWOvPycIj.HwrIn4eZGXY3A5tVjW GznfwV7kJeBtteEb.lBXt213FUnmLGlgAfSoH.L.lW3waohatwEOEDIn1ESU3yAPIrHGuw1VgpPE __dWTzufvMrUtDuWMysHCX7MX_fvKXV4gbK8fAFXpQfw.Kib.LSU.wEQswuox4ie2.lvjs_lfF.n ZYKXIqBcVnUhojIOvsajm.ew.yExWTHdx_D4DZCNRSh54Fq44.lYZ2IUbh1M6sqJiXBZhQo7ZIeW kOneskisb9KmH6kLSaOc4HZLpg_s.aC3jfruBM27aXS0qqel7bXTr9swvhlYatyfGLTrHnGiS4sg 0npOZoVat8B62fks2KUzS9vg2cJEIALbXt7vRA4YXOXsFLL0mktSNQgMQtteXb149xlDEnnbSrlk TAz1z5LWi0_NfnkHGhnjFba.TThfIuKAXiHPvPnQVrtD6k1pxWLzRBwSkmTb6kr633XnA8_tTbTF WmyepDGkCPVAhgIAFnxkW4l5IczcoMrryf6D3do_yr1fKANJNKxX2PxwKKMCtiCXGrS37zvd3hP7 PVVXNTwC0U.CEM7tzI1o2tqA1tU1XJEh9y2nI X-Sonic-MF: X-Sonic-ID: 84a4c829-496f-43a6-9fbb-99adbec75e1d Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:51:43 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 0f4d83cf88f6912abe79246c392d6ed4; Tue, 10 Sep 2024 18:41:32 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 02/13] LSM: Use lsm_prop in security_audit_rule_match Date: Tue, 10 Sep 2024 11:41:14 -0700 Message-ID: <20240910184125.224651-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the secid parameter of security_audit_rule_match to a lsm_prop structure pointer. Pass the entry from the lsm_prop structure for the approprite slot to the LSM hook. Change the users of security_audit_rule_match to use the lsm_prop instead of a u32. The scaffolding function lsmprop_init() fills the structure with the value of the old secid, ensuring that it is available to the appropriate module hook. The sources of the secid, security_task_getsecid() and security_inode_getsecid(), will be converted to use the lsm_prop structure later in the series. At that point the use of lsmprop_init() is dropped. Signed-off-by: Casey Schaufler --- include/linux/lsm_hook_defs.h | 3 ++- include/linux/security.h | 7 ++++--- kernel/auditfilter.c | 11 +++++++---- kernel/auditsc.c | 18 ++++++++++++++---- security/apparmor/audit.c | 8 ++++++-- security/apparmor/include/audit.h | 2 +- security/integrity/ima/ima.h | 2 +- security/integrity/ima/ima_policy.c | 11 +++++++---- security/security.c | 7 ++++--- security/selinux/include/audit.h | 4 ++-- security/selinux/ss/services.c | 10 +++++++--- security/smack/smack_lsm.c | 11 ++++++++--- 12 files changed, 63 insertions(+), 31 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 855db460e08b..0cc3c34f5bdf 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -416,7 +416,8 @@ LSM_HOOK(void, LSM_RET_VOID, key_post_create_or_update, struct key *keyring, LSM_HOOK(int, 0, audit_rule_init, u32 field, u32 op, char *rulestr, void **lsmrule, gfp_t gfp) LSM_HOOK(int, 0, audit_rule_known, struct audit_krule *krule) -LSM_HOOK(int, 0, audit_rule_match, u32 secid, u32 field, u32 op, void *lsmrule) +LSM_HOOK(int, 0, audit_rule_match, struct lsm_prop *prop, u32 field, u32 op, + void *lsmrule) LSM_HOOK(void, LSM_RET_VOID, audit_rule_free, void *lsmrule) #endif /* CONFIG_AUDIT */ diff --git a/include/linux/security.h b/include/linux/security.h index 1027c802cc8c..736fb1f87bf4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2071,7 +2071,8 @@ static inline void security_key_post_create_or_update(struct key *keyring, int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule, gfp_t gfp); int security_audit_rule_known(struct audit_krule *krule); -int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule); +int security_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *lsmrule); void security_audit_rule_free(void *lsmrule); #else @@ -2087,8 +2088,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) return 0; } -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, - void *lsmrule) +static inline int security_audit_rule_match(struct lsm_prop *prop, u32 field, + u32 op, void *lsmrule) { return 0; } diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index d6ef4f4f9cba..5b47571ae4ee 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1339,8 +1339,8 @@ int audit_filter(int msgtype, unsigned int listtype) for (i = 0; i < e->rule.field_count; i++) { struct audit_field *f = &e->rule.fields[i]; + struct lsm_prop prop = { }; pid_t pid; - u32 sid; switch (f->type) { case AUDIT_PID: @@ -1370,9 +1370,12 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_SEN: case AUDIT_SUBJ_CLR: if (f->lsm_rule) { - security_current_getsecid_subj(&sid); - result = security_audit_rule_match(sid, - f->type, f->op, f->lsm_rule); + /* scaffolding */ + security_current_getsecid_subj( + &prop.scaffold.secid); + result = security_audit_rule_match( + &prop, f->type, f->op, + f->lsm_rule); } break; case AUDIT_EXE: diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 6f0d6fb6523f..effb1a7e0405 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -471,6 +471,7 @@ static int audit_filter_rules(struct task_struct *tsk, const struct cred *cred; int i, need_sid = 1; u32 sid; + struct lsm_prop prop = { }; unsigned int sessionid; if (ctx && rule->prio <= ctx->prio) @@ -681,7 +682,10 @@ static int audit_filter_rules(struct task_struct *tsk, security_current_getsecid_subj(&sid); need_sid = 0; } - result = security_audit_rule_match(sid, f->type, + /* scaffolding */ + prop.scaffold.secid = sid; + result = security_audit_rule_match(&prop, + f->type, f->op, f->lsm_rule); } @@ -696,15 +700,19 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_rule) { /* Find files that match */ if (name) { + /* scaffolding */ + prop.scaffold.secid = name->osid; result = security_audit_rule_match( - name->osid, + &prop, f->type, f->op, f->lsm_rule); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { + /* scaffolding */ + prop.scaffold.secid = n->osid; if (security_audit_rule_match( - n->osid, + &prop, f->type, f->op, f->lsm_rule)) { @@ -716,7 +724,9 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - if (security_audit_rule_match(ctx->ipc.osid, + /* scaffolding */ + prop.scaffold.secid = ctx->ipc.osid; + if (security_audit_rule_match(&prop, f->type, f->op, f->lsm_rule)) ++result; diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c index 6b5181c668b5..87df6fa2a48d 100644 --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -264,13 +264,17 @@ int aa_audit_rule_known(struct audit_krule *rule) return 0; } -int aa_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) +int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) { struct aa_audit_rule *rule = vrule; struct aa_label *label; int found = 0; - label = aa_secid_to_label(sid); + /* scaffolding */ + if (!prop->apparmor.label && prop->scaffold.secid) + label = aa_secid_to_label(prop->scaffold.secid); + else + label = prop->apparmor.label; if (!label) return -ENOENT; diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h index 0c8cc86b417b..e27229349abb 100644 --- a/security/apparmor/include/audit.h +++ b/security/apparmor/include/audit.h @@ -202,6 +202,6 @@ static inline int complain_error(int error) void aa_audit_rule_free(void *vrule); int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule, gfp_t gfp); int aa_audit_rule_known(struct audit_krule *rule); -int aa_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule); +int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule); #endif /* __AA_AUDIT_H */ diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index c51e24d24d1e..f17213520c36 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -555,7 +555,7 @@ static inline void ima_filter_rule_free(void *lsmrule) { } -static inline int ima_filter_rule_match(u32 secid, u32 field, u32 op, +static inline int ima_filter_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *lsmrule) { return -EINVAL; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 09da8e639239..22a62e675ebc 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -635,7 +635,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; - u32 osid; + struct lsm_prop prop = { }; if (!lsm_rule->lsm[i].rule) { if (!lsm_rule->lsm[i].args_p) @@ -649,15 +649,18 @@ static bool ima_match_rules(struct ima_rule_entry *rule, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - security_inode_getsecid(inode, &osid); - rc = ima_filter_rule_match(osid, lsm_rule->lsm[i].type, + /* scaffolding */ + security_inode_getsecid(inode, &prop.scaffold.secid); + rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); break; case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - rc = ima_filter_rule_match(secid, lsm_rule->lsm[i].type, + /* scaffolding */ + prop.scaffold.secid = secid; + rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); break; diff --git a/security/security.c b/security/security.c index 8cee5b6c6e6d..e06817ef4304 100644 --- a/security/security.c +++ b/security/security.c @@ -5399,7 +5399,7 @@ void security_audit_rule_free(void *lsmrule) /** * security_audit_rule_match() - Check if a label matches an audit rule - * @secid: security label + * @prop: security label * @field: LSM audit field * @op: matching operator * @lsmrule: audit rule @@ -5410,9 +5410,10 @@ void security_audit_rule_free(void *lsmrule) * Return: Returns 1 if secid matches the rule, 0 if it does not, -ERRNO on * failure. */ -int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule) +int security_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *lsmrule) { - return call_int_hook(audit_rule_match, secid, field, op, lsmrule); + return call_int_hook(audit_rule_match, prop, field, op, lsmrule); } #endif /* CONFIG_AUDIT */ diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h index 29c7d4c86f6d..7313c92d479b 100644 --- a/security/selinux/include/audit.h +++ b/security/selinux/include/audit.h @@ -41,7 +41,7 @@ void selinux_audit_rule_free(void *rule); /** * selinux_audit_rule_match - determine if a context ID matches a rule. - * @sid: the context ID to check + * @prop: includes the context ID to check * @field: the field this rule refers to * @op: the operator the rule uses * @rule: pointer to the audit rule to check against @@ -49,7 +49,7 @@ void selinux_audit_rule_free(void *rule); * Returns 1 if the context id matches the rule, 0 if it does not, and * -errno on failure. */ -int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule); +int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *rule); /** * selinux_audit_rule_known - check to see if rule contains selinux fields. diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e33e55384b75..74b1aafda399 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3633,7 +3633,7 @@ int selinux_audit_rule_known(struct audit_krule *rule) return 0; } -int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) +int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) { struct selinux_state *state = &selinux_state; struct selinux_policy *policy; @@ -3659,10 +3659,14 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) goto out; } - ctxt = sidtab_search(policy->sidtab, sid); + /* scaffolding */ + if (!prop->selinux.secid && prop->scaffold.secid) + prop->selinux.secid = prop->scaffold.secid; + + ctxt = sidtab_search(policy->sidtab, prop->selinux.secid); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", - sid); + prop->selinux.secid); match = -ENOENT; goto out; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 4164699cd4f6..7868268032a3 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4776,7 +4776,7 @@ static int smack_audit_rule_known(struct audit_krule *krule) /** * smack_audit_rule_match - Audit given object ? - * @secid: security id for identifying the object to test + * @prop: security id for identifying the object to test * @field: audit rule flags given from user-space * @op: required testing operator * @vrule: smack internal rule presentation @@ -4784,7 +4784,8 @@ static int smack_audit_rule_known(struct audit_krule *krule) * The core Audit hook. It's used to take the decision of * whether to audit or not to audit a given object. */ -static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule) +static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *vrule) { struct smack_known *skp; char *rule = vrule; @@ -4797,7 +4798,11 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule) if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER) return 0; - skp = smack_from_secid(secid); + /* scaffolding */ + if (!prop->smack.skp && prop->scaffold.secid) + skp = smack_from_secid(prop->scaffold.secid); + else + skp = prop->smack.skp; /* * No need to do string comparisons. If a match occurs, From patchwork Tue Sep 10 18:41:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799241 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 09B571A7053 for ; Tue, 10 Sep 2024 18:51:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994306; cv=none; b=IEnqBstB2VPgBsIXmRC4gc81m3ZKjr5ytu4gbeithoUVADf/A/FLzXneqB3WrGV/VfZk41wrkwoEr7PlVZ0L4OWkSI4TTaB0hDldyw4QTao7JSr/GN+McQwYCkXSL5zvzkcQZNPDy4DGyrtD3OfMkH08DJ2zCTqdOKXvya3OlW8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994306; c=relaxed/simple; bh=ejnAuWIHVexXxu18WYWJt5kKSKxQqOLzSBGyObEZr2o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=IPVNlCn9xIF5VTDsJd9lYj7KyXvaAHfDF+t6MnxG2D+OOeXjVJIfKHkiiGs9BBhFwDzV5kgkhaxQTq2XAyJ78UNj5+HL0PBQbwArVZ8VAySoHNpGi+vmAIKF5CRg34TranclVWUyjCHdtoNZW90LYcSzaYP6ksSrwE6VpHbb0J4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=JDxciSjs; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="JDxciSjs" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994303; bh=yetfcEk9Cj1mlws0zXp2G1FIRM0kq2ASdKolf6IS0Cg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=JDxciSjslOmGjQ4xGeGRTskTd2PEUeDkR6N6/EUrnMOBYhWow39CTSAPQ8lpLyde6zfFG24I/sRNPGihwUbFnenZZs6xVnyc4G3F3GmzeS9+TzC0+0+Nf3wArV7Ea5bhjU2EKbrCvM25itIef8aPCw9RyAKRF7QcXljulRcdggF7+kKaWoS5TEiqE9/O3nY2kKWzBPt9dUO+x1z8H0XjE+7uq2zUSd83DiypLM9FoEQIO6sLRH4dyba0BxKLvbUSuD4mJEic3Js4Jng6UApYo6xgHy6IRMpQ6KfWd58hGFiL7GwUmxY6i7R0a2Ou7cHE9PIvmyj5d/NQqoWypFFyJQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994303; bh=s84I4e9r8991G4JThpbxzzUVmoHKeeHLHu36CjP8Gfc=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ppL4I2zr3ZBo6ck/zsk54xTfcbEm73Li4yJlHx2U74p6+oTYJ4LrH110JVN/B5j8tpFGDec/wFNztH2FyFtoehHbTypVBkB/AN0YpFeMYKz0EJBisU+y+ZDgp2NOrOBO5GfQlIDRplpCQ1G+1HL3sVL8ubIjN4JqDFgADQW/GDQXyxaccImRGatiU0IoNBn3COhTPc8paJRSpNBd4/nIikcQkyuBbo1tA8q/3k4+SllinaqJl6dw35VDBZw9EwMLF7++62W2XzZto1sgCwQohzXUx9SAsIpg22eju8+YAiMbnGIvzSSm9dNB6173PCBTjEwZp/m0GTIA8S89hTnFUQ== X-YMail-OSG: FAsP6LcVM1n1fjlt588087qkrVLPc4BEyzb732vSi9fMnmKhZsKJLjTNnBEFcFc YpbqKCspsD1YpBR5WfyckR6bPLP2kLiT7KbU.G1aBZN.3m5kCU6enOXhCD7rX4ilPoWWozZ4pcBl kAPpibwXPepZfRhkVwUOo432juxuAMoKyrU7Citm6cVuggmd4YywYGPv1McyU_SClAPN9m.giq.k ZYOG0vbA0broseOJoEADz_OJFBcXgMnpH_05JmF9d9e3PiqI5uJshKvM_ntol6DYgrmNh5D4B.PN ODHjvGSKpTsOhQyEBNYZptB83H42LQySFHCrxURyTbzRGKiyTequ8FZ.vujlL9ikvwy2NryKBbZT C4dl8t0.ln_4JMK5efGPfHkyryGW2tu.hG1TiSxVmyuvYNOGsYNxdPQB0dQQaaVUaBEP4.UlHQoF 7oJ.D.mNFqxid0A2XwNrhbaeezU8M6f8IPgZya5mhBqszxJyvR9hD8Wfz5IcqwAMSvaDPXZDcAT2 JpanjMKhKwy3hEUNadREuD.O5e_Hn29O4QtteqPqhATJ0F9MnLxdrnZKkpKBE1BEi79REkKjdpk1 g2hZjBkdbBl.acBjt0ZFp14JaXRvgA6DS.iIBNUqpDJJoERBvxs12ubPSBJcqdR.tMzLvccWWJ._ snT0rn64rtcn3JGeD3NkWvF0Hdw9_nVzRHA5QwYjLwd3okKw.gbvBRTid1RaLyyDzW_mbXSNMF7W ufLSGoPy7dfrQIK6PiLDKVKR9.IZXcARYpHWswIOVr1WKp2D6peu0IzWl60_XrDAkjM14BCa5PNc 5smmZ5Z5U9Gu0Uzf0LTTbmwbjExMlyl1PsSphBDrxM46yLvh7sSDF13.8Mdd4EO368.Nto5Z89td eJTdNRyaOQXa6ero2Tx9WvKF86UOso17IQKbms_moxPHX8RnP4pFv8EUz.n6URYkZkINHPPI_Upb RVccTxisxl_EZDcsuXAlxA9eZA5xuFl3cM0mIjSaVXTE30Cp34I_K4byAxvhdMjOmEkQLtdxaZFa fxTxqyF6Rqxh6DhrAAXR2fX_KdOei7viYH3ZIdgf7QxzapsBqoqziWoztbVnj5B9RQNdfAIXRwiM cRPk3IJPxZSQsC.quqaZUt10GafxsSFvBxiaF0XG45uFdd.h8Kke9BomAC5zCaBvOYuz0l1qDMG5 MzMPL28cbaV3sJUjgrjWVu1X2fEuUJ_sSDc7U8P46AvIzNNu13YW7daKBe3mcB073Er7fheKNO8E XCfBpDqdRexmQf25FblsoE5kMcKuf.njmZq9MKd80myjCbKpRr5HinPT0TU3hY6B_F5RWhgjrYdC XfaFjd22IHhhaXlynjEnCmX_7tJLc.ukk.MFNu4yIIzd7PoesG4WD.IfTvYsHrM6fAa4axbh4vW. KWeg8VXAN8H4w8wfiRayw2prHPqIQ5ScGQcs9Kg6uWdxLdBR2FDnOAqntxfg1onP8AXycwKAHKI3 QjS8ktUSQCiEblu.dLs3vvM_9fQ2G7COQMQpYwre3TkjI8cY3tnkGLeSoGqrohyJwkk5NgIOAMxx sh9jAOcTRj7nFfvvr_SXHPm.kKoQxnIpopyPqpBNjvDpRxIvf_G52sj5.64WuvrP96gH8rihd6QP dFkse37WtHOkuGA2sMi_wCJD6is4ksa88OoBqfYIbsgHUNWfpf18IG6L4Nt0TIxmRolH2haRTrIP i4.B.xv1E8SfciyOc9bWQamjnOkzcngqX9h7u4VU0q8GO4ywv3vT1hdO26BvEzo93H61COt3AMw5 JRgtdyO6J2.NWo2aYOJXC7sIusHLDQtiUAbeTjlNUbUDiKwRc.NTN.AG5uX2.PxXet.h7EDBmpOC 8zWroIiD1Zb3mCrTVFGv5rc1uRgdZbmXKog1RJLZ.vwWGqWpVn9zVpnKdSyPxAV2lvVUYRy9r4pf GGxkEiTJW_4_ItLESpLU.rHWSwcf9q63U5iW7IdbrcVYEADChCvekeK6iQKrCBiQjLLZ2lEYpgav 378wRfifYB0p.eOMMBXypDhvZ3Ql4QCaiefM2gkMDqdbXTrJxqbq7h_Zrdy5hO7cZVk1tTdPkKUx rQf4r.XsDNRehVFI65DrlhwBWF3a9QDI4NmM4qA7C1s5SfYQxB50QTd.68fpNiIuNml44XEbcg2Q Cwo5H4xC3rX5HbQ_k.9SWrRAEoMzQttMcZs7FGvFlii58IFF6k3XNP46wdULh5xKkBLQcbq7U5HV GugAWOpuu_14N0gHFJgLLpHbXqhMCHmJE8ek4iyx9PglilFkFv68NFG8Lnc_H9gh3DWBHU0gptag CDXUYudVumpNiLewP.NnUgkPzUi3hTjOvfQp0 X-Sonic-MF: X-Sonic-ID: 7e13bc5d-c7f5-4308-9c96-df23430a8da5 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:51:43 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 0f4d83cf88f6912abe79246c392d6ed4; Tue, 10 Sep 2024 18:41:34 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 03/13] LSM: Add lsmprop_to_secctx hook Date: Tue, 10 Sep 2024 11:41:15 -0700 Message-ID: <20240910184125.224651-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add a new hook security_lsmprop_to_secctx() and its LSM specific implementations. The LSM specific code will use the lsm_prop element allocated for that module. This allows for the possibility that more than one module may be called upon to translate a secid to a string, as can occur in the audit code. Signed-off-by: Casey Schaufler --- include/linux/lsm_hook_defs.h | 2 ++ include/linux/security.h | 10 +++++++++- security/apparmor/include/secid.h | 2 ++ security/apparmor/lsm.c | 1 + security/apparmor/secid.c | 25 +++++++++++++++++++++++-- security/security.c | 21 +++++++++++++++++++++ security/selinux/hooks.c | 16 ++++++++++++++-- security/selinux/include/audit.h | 3 ++- security/smack/smack_lsm.c | 31 ++++++++++++++++++++++++++----- 9 files changed, 100 insertions(+), 11 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 0cc3c34f5bdf..f53323e52fe1 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -291,6 +291,8 @@ LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) LSM_HOOK(int, 0, ismaclabel, const char *name) LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata, u32 *seclen) +LSM_HOOK(int, -EOPNOTSUPP, lsmprop_to_secctx, struct lsm_prop *prop, + char **secdata, u32 *seclen) LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) LSM_HOOK(void, LSM_RET_VOID, release_secctx, char *secdata, u32 seclen) LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) diff --git a/include/linux/security.h b/include/linux/security.h index 736fb1f87bf4..1c3768c9cf30 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -520,6 +520,7 @@ int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); +int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, u32 *seclen); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(char *secdata, u32 seclen); void security_inode_invalidate_secctx(struct inode *inode); @@ -1461,7 +1462,14 @@ static inline int security_ismaclabel(const char *name) return 0; } -static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static inline int security_secid_to_secctx(u32 secid, char **secdata, + u32 *seclen) +{ + return -EOPNOTSUPP; +} + +static inline int security_lsmprop_to_secctx(struct lsm_prop *prop, + char **secdata, u32 *seclen) { return -EOPNOTSUPP; } diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index a912a5d5d04f..cc6d1c9f4a47 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -26,6 +26,8 @@ extern int apparmor_display_secid_mode; struct aa_label *aa_secid_to_label(u32 secid); int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); +int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen); int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 808060f9effb..ad2499bff591 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1532,6 +1532,7 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { #endif LSM_HOOK_INIT(secid_to_secctx, apparmor_secid_to_secctx), + LSM_HOOK_INIT(lsmprop_to_secctx, apparmor_lsmprop_to_secctx), LSM_HOOK_INIT(secctx_to_secid, apparmor_secctx_to_secid), LSM_HOOK_INIT(release_secctx, apparmor_release_secctx), diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 83d3d1e6d9dc..34610888559f 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -61,10 +61,10 @@ struct aa_label *aa_secid_to_label(u32 secid) return xa_load(&aa_secids, secid); } -int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static int apparmor_label_to_secctx(struct aa_label *label, char **secdata, + u32 *seclen) { /* TODO: cache secctx and ref count so we don't have to recreate */ - struct aa_label *label = aa_secid_to_label(secid); int flags = FLAG_VIEW_SUBNS | FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT; int len; @@ -90,6 +90,27 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) return 0; } +int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +{ + struct aa_label *label = aa_secid_to_label(secid); + + return apparmor_label_to_secctx(label, secdata, seclen); +} + +int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + struct aa_label *label; + + /* scaffolding */ + if (!prop->apparmor.label && prop->scaffold.secid) + label = aa_secid_to_label(prop->scaffold.secid); + else + label = prop->apparmor.label; + + return apparmor_label_to_secctx(label, secdata, seclen); +} + int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) { struct aa_label *label; diff --git a/security/security.c b/security/security.c index e06817ef4304..859b37e51796 100644 --- a/security/security.c +++ b/security/security.c @@ -4192,6 +4192,27 @@ int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) } EXPORT_SYMBOL(security_secid_to_secctx); +/** + * security_lsmprop_to_secctx() - Convert a lsm_prop to a secctx + * @prop: lsm specific information + * @secdata: secctx + * @seclen: secctx length + * + * Convert a @prop entry to security context. If @secdata is NULL the + * length of the result will be returned in @seclen, but no @secdata + * will be returned. This does mean that the length could change between + * calls to check the length and the next call which actually allocates + * and returns the @secdata. + * + * Return: Return 0 on success, error on failure. + */ +int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + return call_int_hook(lsmprop_to_secctx, prop, secdata, seclen); +} +EXPORT_SYMBOL(security_lsmprop_to_secctx); + /** * security_secctx_to_secid() - Convert a secctx to a secid * @secdata: secctx diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 55c78c318ccd..a2da81d0d5f5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6610,8 +6610,19 @@ static int selinux_ismaclabel(const char *name) static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) { - return security_sid_to_context(secid, - secdata, seclen); + return security_sid_to_context(secid, secdata, seclen); +} + +static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + u32 secid = prop->selinux.secid; + + /* scaffolding */ + if (!secid) + secid = prop->scaffold.secid; + + return selinux_secid_to_secctx(secid, secdata, seclen); } static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) @@ -7388,6 +7399,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), + LSM_HOOK_INIT(lsmprop_to_secctx, selinux_lsmprop_to_secctx), LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h index 7313c92d479b..a60a3e2635fd 100644 --- a/security/selinux/include/audit.h +++ b/security/selinux/include/audit.h @@ -49,7 +49,8 @@ void selinux_audit_rule_free(void *rule); * Returns 1 if the context id matches the rule, 0 if it does not, and * -errno on failure. */ -int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *rule); +int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *rule); /** * selinux_audit_rule_known - check to see if rule contains selinux fields. diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7868268032a3..1f478bb08779 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4787,7 +4787,7 @@ static int smack_audit_rule_known(struct audit_krule *krule) static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) { - struct smack_known *skp; + struct smack_known *skp = prop->smack.skp; char *rule = vrule; if (unlikely(!rule)) { @@ -4799,10 +4799,8 @@ static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, return 0; /* scaffolding */ - if (!prop->smack.skp && prop->scaffold.secid) + if (!skp && prop->scaffold.secid) skp = smack_from_secid(prop->scaffold.secid); - else - skp = prop->smack.skp; /* * No need to do string comparisons. If a match occurs, @@ -4833,7 +4831,6 @@ static int smack_ismaclabel(const char *name) return (strcmp(name, XATTR_SMACK_SUFFIX) == 0); } - /** * smack_secid_to_secctx - return the smack label for a secid * @secid: incoming integer @@ -4852,6 +4849,29 @@ static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) return 0; } +/** + * smack_lsmprop_to_secctx - return the smack label + * @prop: includes incoming Smack data + * @secdata: destination + * @seclen: how long it is + * + * Exists for audit code. + */ +static int smack_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + struct smack_known *skp = prop->smack.skp; + + /* scaffolding */ + if (!skp && prop->scaffold.secid) + skp = smack_from_secid(prop->scaffold.secid); + + if (secdata) + *secdata = skp->smk_known; + *seclen = strlen(skp->smk_known); + return 0; +} + /** * smack_secctx_to_secid - return the secid for a smack label * @secdata: smack label @@ -5208,6 +5228,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), + LSM_HOOK_INIT(lsmprop_to_secctx, smack_lsmprop_to_secctx), LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), From patchwork Tue Sep 10 18:41:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799219 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic305-27.consmr.mail.ne1.yahoo.com (sonic305-27.consmr.mail.ne1.yahoo.com [66.163.185.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1CC62195FF0 for ; Tue, 10 Sep 2024 18:43:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.185.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993794; cv=none; b=DxSFfga0aQmDEsc8VBpWtmKs1nejv9OfUaKSFYwNGMLWpZgzSluCkzBKT4BYLZAcHjVKt6kAjRV/2xNF4sW+qgJvMHUn2lNsV36hVcXmeJZ1CoFf1LNEcMwy8PAQ1JCyZa0fpV/l9Zl+A2vkuwW5VoSHwLIr1tuYE3k6WR9UZo0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993794; c=relaxed/simple; bh=VGjyx9B/Z4+kocDkhqMO+H/zICDuO+jZ0NcWrDxEWE8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=WPrsYOfB8kmRe1UQ2gH4ahaLOa07JCeJ2UBqB+QjU5Z9kV61PBb0LqE6iM+D+foei4tHmVHxCIt43RuTLbcbW0ATYt6lJR8wQ5W9yvZntF6x9eKXpdKq+20jzP1nKsVAVhoh3B/thNjPwrEAhA5JCjQjLTw/jlz6tM89vKFiUg0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=o1CcYAEg; arc=none smtp.client-ip=66.163.185.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="o1CcYAEg" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993791; bh=D5unLbLL6pg0Re2Ov6tBETKGM6evFCb7Pkbv24KcTZ4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=o1CcYAEgG02tssR04bQ2CUFanhWNypLIRuzY4Eu0FKgQ+huqtQnQn6x8lARr9gnyGW/+918akh5zHudbbiIcIWqDXhftw/YiMgobQvAw5dozUG+BUhE7ZaADRGfgu2TvXGKZgsNdEHQCl0HBMLBfS0RqxaOvL6+lFwu+qt+4mV0FUVsEV3GrO+y+w9Eh0eWtr2OWPAqQv4jNNOckcvAaCWYQrpnvt5OmRk/x8cE1HdlNoKv6r+hrd2JJSZ8RbXcp9h2e9LqX2njH1XpuhU2rWAwtO2bo7Jjx7lVeeP0lmCsURN3UEHWiX1Az7CMn3H2W5MlqPn/q7cVDjB0sUp65Kw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993791; bh=O+NocvRdikTpSo+L3h9APPt4G7T7zT7S92Bqww+oJOf=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Ae30PAX/XS6EiccnX4GBeeqYu4qPWmgXbfMa3pfBVaNQGrU85cTR5wARXmVgIQag5Eu895ljaX6QX6W6hHlHRgW14hhN8HXuHHV7DEyi6AG5wbjfjFGJzLLjHmdxn+FtSbYF3q+tAgjWopV6ED71Psoh7Tz1z9lstj2KKVhj84O4PdMKl1ArehupFPBV5hbs/1JK/rCxCDZL7IM+hV9H36AgcFABUHeaARPkHxF4UWu49avJ+rN6ETKq5xFtb3kut2AcMiqJ/h3N6RO7qU0j2sGH7htydopFeDv71KJHFeY0CuS1m4B9Atw1RqtLMZHJE/LynAc5berYT6Jw0pmsJA== X-YMail-OSG: .PsKYZgVM1lyw8vg4IibopsqWCVcisrp9DlqO6HoJQw0HVo5PvlSRFOPyVBBrLI tm7rgz1dK4Vu90A6V28jm7xe1WdCH9keHb3lMBP.KTgA2vMvgVxeOppkjLEIofJTv0uUPHBQMx1s K8.xApGRsmfrOvHQDlmB7MgzylrDtqIpRRQuAfJtjjVOEUq.F4tM3XSXh1dxfIKaYlD9qNIjRAGj 4f_1BCqRZVMAa.Qo9_BhgqM7EX0deP5SkcUeKmXrrC0RONH6B1eT_UfKPAF0ynqZeqtm8w8YJgB4 jsNqecxck8Rv7sDFVyBdlFXYAJsRyzuewDD0GaykioYO5Y_pq0d9SSe1u4QZUzjAVR3tTPUedY1t 2NXL9sP.Kws3u03pw43OySw.EZGSXuyu_CcPUw9mV2fKn4FMOfKnT9Q_PhIW0gHdQF9KL1WNlcMn 4_Lg2y4u1wcPdFTl8fPl4vMIgKWHsqNKGRUzRKa.TSs.0yNJxxzvc97MqrZr4sekiYL9R0uSzH0U RlXNXzJwEGKh_B2qfd4OM3NieFV2fiYbjguM6O3747HqKWBZbI7VmH4ZtPnCbVypzxFTfmZUJLPT hRsL_Jv4aRG65NCLwTgLXhtrel3JhtezHuN1BSOhLgVN0QiXJRBwySyvxznADVAQgbeTzC.GRw6d g8a9aang4ZEIFirOzv1ebmhzVMSF71whBBOERn03WFnRVYpuSZVMvnZ7E_Sv9hBZasj7fp2dEOAN GC6SkUAX_gD.dyAFEEIfnIVDQotcVBQtPiuHMYusy99bsi7hHymv9ItgvgpomYqf8pVjQ3QcLtsb mwnI7hROXqjpuSzBLz2ku8T_jIxU0SCgCk0tNuJsIDu8eIihQqcOtwFdMZyXmBbjZrVliAZ5xVLg G0nhSGdUpiqHdR1vG_UnVLqPgLXuo_.hGyfzkw_ao2X3hqLbD3H7Htxhswo7FI5XhrobpUGvdhWA ICEKNmtcfIROY16onWbzkDNO7P..kuGbE1XzMC_dIHW.S3chcUOcv001JQI2dcOeCGET731mgj7j 1UkLWJziwUYtvcCLLwt449k0b8NxUcpxBCbnfrO3bR6qSpZuQYwq6PLPPYlx3pRSdHxVWG3dH52B UezDsmOMGNDYOvmp5ui4aTzuAT1Szs1yeTSZU4fV3Qp4qGrjY5bCAa9.0IkH4Psw9ssX6srm5DSA U_4gPf21AdBlha_Zd2XBjYXIKvtLjDwaA2p5xP_Rfw5Bo.DykzEa3kQ.9uj7h2JuqbKLGBttcIue gJs0Bec7rGNuekFh3jYCgS2lPBE727h4NcKPcJH7mV_jsbz725ByxzO73qcwcQ7u1zv8w_uPW4LS tGCbUEiLleYvBsQSGYa7kCIC1KLwdR2vjwejYhQymzxOkHnNxaSq4XSbgpM0Mpvj5.SVbti2rylc 4pObI5lWY8xcJt_7uWDy_MkYDI58PWG55Yv_dpKhw.111LTm6zfBRTm1PS2BcE8CUxEWZwQUTHfF q08XFJUBHKUr1_F6U1i_fbEfwmQBjrIEOeSX9cjlkV3RgI2IxAlieM4nr115IaUHmNAKYEoyE6TG V1kYiyikvzXJGn5jjzrl3NavRTz0JaNNHVN._BAU28dVab1f6WH0bWr2urtGtE6q0nbUzWHJ3xwy M10M3m6o2urQuZSAAFP.0.YXUMoV9QYXKPIn3nmhvHP.dz9ZftFXMNQMw10XqipmBwZz4vLXM24b pkHSpQxaKJ.7NCxHJI9_yap9MqPiGyPjnef2tzyernoPHBuFhtWrZG.lBQU9m4mEbcL4c8WsZW4n f4Vqx8tlQ8NiTwmyjlej.wuLGOivH7R9.DK.Cw54JCyhOosowEp441JvOChS7wMG0CESRYZBrlhv VnHpNTKFukHW29DmVVcGuduqyGMdg0OP_mxQrgqd.HxKso.RIn.MqFrglqP2fGH2bFFsF_yuO03N yThd.R6wgJfj2nRaDfhAhNqV91prdLjc6R85h8ufXGxneKJpLqRKlj5MfCvOlT7tvdPd.nFpk4hS 2vKPmDP8Jokr_yTXb_6vMiZSdD6F4lKHWehKBwFdVVrPmLVl_FOPrD3PzTYIEHc1fZ4ihOfVZnF. ghBCVACy7URyuJTOHI5OefHT6_zSnJxqm3RUyjW6tqXd2xR3IUREYssa.sMwAY6PL5XlGpCq.p.7 K674jk8IPufzjKy9dPBQW9d305gZ8EmvAoaPj3xnyCdnqudD9T36prWZbDSWNmEIc1IpAsDy9x91 9NcDtMjTgWE2fcvR._Lu956RIVYC97hOJ.yI1gKv.zAcLYG154A4oKJTuKObSqiWjOT_De9AFOJ0 ic_whHmMM27UhRrQM.LPqfGZVm9gVobZRm7UY X-Sonic-MF: X-Sonic-ID: 90301bce-3976-442a-a013-829a0a5019e8 Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:43:11 +0000 Received: by hermes--production-gq1-5d95dc458-4tw7n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID bfec55394db9c3ecf7e1196118de0a4c; Tue, 10 Sep 2024 18:43:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 04/13] Audit: maintain an lsm_prop in audit_context Date: Tue, 10 Sep 2024 11:41:16 -0700 Message-ID: <20240910184125.224651-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the secid value stored in struct audit_context with a struct lsm_prop. Change the code that uses this value to accommodate the change. security_audit_rule_match() expects a lsm_prop, so existing scaffolding can be removed. A call to security_secid_to_secctx() is changed to security_lsmprop_to_secctx(). The call to security_ipc_getsecid() is scaffolded. A new function lsmprop_is_set() is introduced to identify whether an lsm_prop contains a non-zero value. Signed-off-by: Casey Schaufler --- include/linux/security.h | 24 ++++++++++++++++++++++++ kernel/audit.h | 3 ++- kernel/auditsc.c | 19 ++++++++----------- 3 files changed, 34 insertions(+), 12 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 1c3768c9cf30..d739a4cf43d3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -279,6 +279,19 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id) #ifdef CONFIG_SECURITY +/** + * lsmprop_is_set - report if there is a value in the lsm_prop + * @prop: Pointer to the exported LSM data + * + * Returns true if there is a value set, false otherwise + */ +static inline bool lsm_prop_is_set(struct lsm_prop *prop) +{ + const struct lsm_prop empty = {}; + + return !!memcmp(prop, &empty, sizeof(*prop)); +} + int call_blocking_lsm_notifier(enum lsm_event event, void *data); int register_blocking_lsm_notifier(struct notifier_block *nb); int unregister_blocking_lsm_notifier(struct notifier_block *nb); @@ -532,6 +545,17 @@ int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len, void *val, size_t val_len, u64 id, u64 flags); #else /* CONFIG_SECURITY */ +/** + * lsmprop_is_set - report if there is a value in the lsm_prop + * @prop: Pointer to the exported LSM data + * + * Returns true if there is a value set, false otherwise + */ +static inline bool lsm_prop_is_set(struct lsm_prop *prop) +{ + return false; +} + static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) { return 0; diff --git a/kernel/audit.h b/kernel/audit.h index a60d2840559e..d14924a887c9 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -11,6 +11,7 @@ #include #include +#include #include #include #include @@ -160,7 +161,7 @@ struct audit_context { kuid_t uid; kgid_t gid; umode_t mode; - u32 osid; + struct lsm_prop oprop; int has_perm; uid_t perm_uid; gid_t perm_gid; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index effb1a7e0405..014d23370384 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -724,9 +724,7 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - /* scaffolding */ - prop.scaffold.secid = ctx->ipc.osid; - if (security_audit_rule_match(&prop, + if (security_audit_rule_match(&ctx->ipc.oprop, f->type, f->op, f->lsm_rule)) ++result; @@ -1394,19 +1392,17 @@ static void show_special(struct audit_context *context, int *call_panic) audit_log_format(ab, " a%d=%lx", i, context->socketcall.args[i]); break; } - case AUDIT_IPC: { - u32 osid = context->ipc.osid; - + case AUDIT_IPC: audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", from_kuid(&init_user_ns, context->ipc.uid), from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); - if (osid) { + if (lsm_prop_is_set(&context->ipc.oprop)) { char *ctx = NULL; u32 len; - if (security_secid_to_secctx(osid, &ctx, &len)) { - audit_log_format(ab, " osid=%u", osid); + if (security_lsmprop_to_secctx(&context->ipc.oprop, + &ctx, &len)) { *call_panic = 1; } else { audit_log_format(ab, " obj=%s", ctx); @@ -1426,7 +1422,7 @@ static void show_special(struct audit_context *context, int *call_panic) context->ipc.perm_gid, context->ipc.perm_mode); } - break; } + break; case AUDIT_MQ_OPEN: audit_log_format(ab, "oflag=0x%x mode=%#ho mq_flags=0x%lx mq_maxmsg=%ld " @@ -2642,7 +2638,8 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp) context->ipc.gid = ipcp->gid; context->ipc.mode = ipcp->mode; context->ipc.has_perm = 0; - security_ipc_getsecid(ipcp, &context->ipc.osid); + /* scaffolding */ + security_ipc_getsecid(ipcp, &context->ipc.oprop.scaffold.secid); context->type = AUDIT_IPC; } From patchwork Tue Sep 10 18:41:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799244 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic305-27.consmr.mail.ne1.yahoo.com (sonic305-27.consmr.mail.ne1.yahoo.com [66.163.185.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8545D1A7050 for ; Tue, 10 Sep 2024 18:53:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.185.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994406; cv=none; b=Iihdko+3YryuZX1M/WRHTFGbKFPA8xK/6tJ7tgSE61/YLWMhjBtRvTz4fNEkXOYdDi3/RXfd0+BXuL4hGv0o7t2muojdgSx5w0k966GP8XyRYLqWhYMHRwsHEc5sEx+pcPe2pCPxCAZY/iNuyvkDsHlsxIwqzgaQskNsiO1G+74= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994406; c=relaxed/simple; bh=IoX9nQjI2oP0imTJJZDHPStaBUxY820d4vgsxZmjUYo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JCcIumGipV0Kizvq8PfpUUR/eu64szIkYX/D3M8nQqb42cbXWi6kHSIuEx6/Vpzk0H89s1aEYoDSZMWMNwo65jHAVkA6Xq9r6mhDyO9ewKNP0cT05JbdF48gTlmJ+I7vfTsd6VUOuEWz2UgNrIRJBv0YX4rcWwTwLhS0YZGucrE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=r+OUhHZX; arc=none smtp.client-ip=66.163.185.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="r+OUhHZX" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994403; bh=snRkCW1CoQhwTkFHaGmHmPb0/0EzthT9FmZrwfJIwtA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=r+OUhHZX/WxM123FVmw/ZHYYNymeAiyA0IRkAlCfcnFJjHi3rAUZ0R324nRJRsX129Mxqzh0GGzdwMHqVp8wLpLbHqd0pOGdONR285maaRWUyImaTavtW+CwprulNF2z5Cz/MegevHLpu93g+F03OF8eMhaayUJIkOsBMUaJm5IMht+eA9NTn69Zfdo85JpErLP0mjhMU9ydxBC++WOZu4jk7c2DGe2xn9Yt+a/j791ROBFb7fG21JofIcoprZhMi86m/GmiobUtHf/GA10F8L0IQ2obFCHKQOtQbMgHLRj3JPHBmb5iAZt5rO0a78s5A9PzaKT9pLYN8myZJCtF3w== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994403; bh=xe8b5ob5emCGcH67ecnHr5pDWDMKRAG51bHC2CtKBZl=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=gTLMYkTxYeQW1XDalS3E4+HmCOYkc7yDB31arBz7UhplxzRLuK1eoLzWObtpGibF8ZFtzfBQtJFeUr0CL47IE8/YS9adCEx/dWOMNKsEZr7kBjYg5xXI9y5u0LNfaWnSL+X1LcwXCxG+zNRmE84pp0pU9iuTePjkipsCOZazNP+cX6PdiN1F2QOvY5Rlgtaa7k2g7gKOtng9OAP3JiaC71rkZJdSgNWpYS3/0RqrUCqBr9l5UYGXWhybP7gdts11Pd909eVa+mjnSFL8fqq3M1dONkV3POIvChFWApsOmzE5Z3B/ORZk5wJO5lDb4vrplDFfXEK0scwKBoi33/uonQ== X-YMail-OSG: DWhATRMVM1newNlpUoJ0rvExXh0dXCALrF8_47tYcXZh0O22LarfIyporiWjKZq .P6J6WqLusmVB8kqPHBHoYzUN.gyl.IY4LJIMEnMi9xfy_HycMJTmEdY6jGDGpMK91cdtuJFqrOg .e2RxFgbip2LaZxQYN3vX22YqGd_qqBg7Y3Am3xo.MrFEHiC9EifgfCRrKhIKaVpwZ3C4H2isnE4 xaJFmchs91.epl0eLiWgGmV0v5fVNeZdTFUSTqCcGakkhDpXeOSEb5U7bsN9kxxQD.rpYKMDacY7 6RSk_rb457fqj1.1O9ho.Z_Sx1DZTo9XpZnngeS97_._5wmEVvks4N5x5OtmSwfLOjCXeAVk06rw Q9EpRguli_YpFbmiMsEaTC0jwVs.LIvPBpSoHCZNX8W9D1PfRUqfcHwa5ip9Al2ud0cvX..v3U4X 2dBwcITtMHVu05Nq0Oofw6A8AA5v6sFwsCyfUf6NLlUIrDXw0aFv3SscZxGvLuhekGbvnGfozOnR fd2YW3webPo07WTzZfK3Sv9f6bOtdEgBEnoilMxy4cQUVXejVY4UA1889Aoe51CGVUjm9hotj92W 5l3VOlMMXXc1QUn0kSVqHYGMG.7QJeivGKVBdi7CjQ2HPvsu9fRQLCCPkIbL2Cy8Yld4SK50bPpO 4syF29ccgIJlfu.FMI48CL8KkZPuzlBxHJwbYbnrTK84lcma56Rg1437fMVCwjjnJOisLDUGehK3 HcFoIm1x.ZkNnkFE84WzYwf9u5GsVyeiq0N9yygW7Vkof0K2FgHnJrNRYbxLCoG9uveYQvr.g4J_ NE_OCe_wGKtNUf8tAc5rl379yvYBrvWZbzlE3HIXN79DMzv_2JgCN6KlftENlpyQa05r9VJh8qm5 F2ATOzqGecpIjOWfTevTm.FNcsh.aYuHWmMsiJ4UOiYztLf12UMu0LacZP1Mq5LnUcbLJCvtyABh wYr2wvAlauuQJubLIuGZUykFg0_kPQiIL9wub5hPZjhgxmcpR1hCgJe0yQuZj3O.tAATf9W922FR eIp.HmSr78JvgNWODJksVC91a24Ui0CKDFNCGTP2G5QMqCOe4Kgj9C0tJSjnCD6oYBRO7X7NFvL3 oDpBVVABomtydpLUT90jMHnl6LtvSau_U7Bx11pQ_zFcUfc6ReSIxy6KRIa_sPUOdNZ.n4NQptaU AmEEoZ4Y.95EW8KSwRpDtLZ4YKPo5FDzI0tJGtNTqorZLE2oSq8W8wgYLCvRurW09eA_p4ypilUR JAia2t1SwgL9SumsMaBInZfapqE7L9IU9sfhNAb9NYs5Q6y2vhBANZOqVoflJHirvpkmx3Qb3DCB 9AhPMlO5OpCtjMku8ZIOJFb1wBw5K.r.NT06UNNjOuDeYEeimTrimUkJSjWAp7G0HlcFKyVTIrxY TjgPBa50w0d4dUolu7bZzIxfSBoDXmdal5HJEW_URfLXTXLddAg8cJdVlSj9ergBaYvFReCdP_Of YKj5T7K.gnK05iQdJA2uZ2sR_lKU3I9dYplmkLf.CHgy3PZUs6gFCD0rd6MPaboXlhnjgL73fUOe cUGb5XRs3qsav9Duk7Z6ctNEl9GKLHO6QXGokh1xJH4whdTZzaurkP8rW_f19dvT9jrJh581IGdB XmmGmdw9LTG1Z.ysSflhuSMAi9ibWRpJc2UX_9ZMtGw5sXYXaWrHcE0oVSzfGqXXYwWHmAempst6 bP9n3I20LyN1RHUFqH751J8cPzT4nr8ARSh3DMy71jmsTmmfi6DCHHLVWLbb_Dn7FWnJ4kwt.._F 0ZXUz6Kz6eB2RMED1YFe.DWbqU2fPArh37hkIY0VyJhAvUumY7MNQt8GqWCIjexayx9ddA.lJ0mG .TDuhucTPCx7CghYs5rU3ITGx_2hH5KpIms5aPEijaIO64rwWF0A8EE5WCSG1WYIVRxTl6IePq.9 lGEJBNbumX6kFYVK.0wQvrtm9AkadhhyezbxYijXLySxI8rjoWc9Z15wqJ.BXntBSGbqc3R8Hr8u X1ctgvuD2.IxHzLAtVH2rCm8fr_2tgaqagNZPNxL08ZbErdj.rQrBuv9mSKcjOc_Nnj3aHdmotNM TTHuXhlBtoePVxdp_Tobz0t.F1_ziYINvid0Bz5sXPEg0KVu9KoML_QAEyyBCD8_zZt0_xIsIzcd BlcdP9U5KZmlQMMdf_jlHnsk3dDRyvp0Ok9JYmMftJzZsE1N8nYb1Lx5RmmBLpbmVoS4XsfW69Lq yBNr0nOxaf8X9HA8gnk7hgSbxtb2ixEzLOJHW0WrbS7nA5MsX8jKYSAxqAE77MHAaSwRzM7TISP9 hVUlf5_UIuNopGkl3vHB61Bw_VTmHveOymXcuL1Q- X-Sonic-MF: X-Sonic-ID: 5dba500b-dbef-4d20-9d04-e54cd028f336 Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:53:23 +0000 Received: by hermes--production-gq1-5d95dc458-4tw7n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID bfec55394db9c3ecf7e1196118de0a4c; Tue, 10 Sep 2024 18:43:10 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, audit@vger.kernel.org Subject: [PATCH v3 05/13] LSM: Use lsm_prop in security_ipc_getsecid Date: Tue, 10 Sep 2024 11:41:17 -0700 Message-ID: <20240910184125.224651-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 There may be more than one LSM that provides IPC data for auditing. Change security_ipc_getsecid() to fill in a lsm_prop structure instead of the u32 secid. Change the name to security_ipc_getlsmprop() to reflect the change. Signed-off-by: Casey Schaufler Cc: audit@vger.kernel.org Cc: linux-security-module@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 4 ++-- include/linux/security.h | 22 +++++++++++++++++----- kernel/auditsc.c | 5 ++--- security/security.c | 14 +++++++------- security/selinux/hooks.c | 9 ++++++--- security/smack/smack_lsm.c | 16 +++++++++------- 6 files changed, 43 insertions(+), 27 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index f53323e52fe1..315bbe1f63fc 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -253,8 +253,8 @@ LSM_HOOK(void, LSM_RET_VOID, task_to_inode, struct task_struct *p, struct inode *inode) LSM_HOOK(int, 0, userns_create, const struct cred *cred) LSM_HOOK(int, 0, ipc_permission, struct kern_ipc_perm *ipcp, short flag) -LSM_HOOK(void, LSM_RET_VOID, ipc_getsecid, struct kern_ipc_perm *ipcp, - u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, ipc_getlsmprop, struct kern_ipc_perm *ipcp, + struct lsm_prop *prop) LSM_HOOK(int, 0, msg_msg_alloc_security, struct msg_msg *msg) LSM_HOOK(void, LSM_RET_VOID, msg_msg_free_security, struct msg_msg *msg) LSM_HOOK(int, 0, msg_queue_alloc_security, struct kern_ipc_perm *perm) diff --git a/include/linux/security.h b/include/linux/security.h index d739a4cf43d3..c8f020cf2a84 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -277,6 +277,17 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id) return kernel_load_data_str[id]; } +/** + * lsmprop_init - initialize a lsm_prop structure + * @prop: Pointer to the data to initialize + * + * Set all secid for all modules to the specified value. + */ +static inline void lsmprop_init(struct lsm_prop *prop) +{ + memset(prop, 0, sizeof(*prop)); +} + #ifdef CONFIG_SECURITY /** @@ -285,7 +296,7 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id) * * Returns true if there is a value set, false otherwise */ -static inline bool lsm_prop_is_set(struct lsm_prop *prop) +static inline bool lsmprop_is_set(struct lsm_prop *prop) { const struct lsm_prop empty = {}; @@ -500,7 +511,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, void security_task_to_inode(struct task_struct *p, struct inode *inode); int security_create_user_ns(const struct cred *cred); int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); -void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); +void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, struct lsm_prop *prop); int security_msg_msg_alloc(struct msg_msg *msg); void security_msg_msg_free(struct msg_msg *msg); int security_msg_queue_alloc(struct kern_ipc_perm *msq); @@ -551,7 +562,7 @@ int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len, * * Returns true if there is a value set, false otherwise */ -static inline bool lsm_prop_is_set(struct lsm_prop *prop) +static inline bool lsmprop_is_set(struct lsm_prop *prop) { return false; } @@ -1350,9 +1361,10 @@ static inline int security_ipc_permission(struct kern_ipc_perm *ipcp, return 0; } -static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +static inline void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, + struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } static inline int security_msg_msg_alloc(struct msg_msg *msg) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 014d23370384..3e051014484c 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1397,7 +1397,7 @@ static void show_special(struct audit_context *context, int *call_panic) from_kuid(&init_user_ns, context->ipc.uid), from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); - if (lsm_prop_is_set(&context->ipc.oprop)) { + if (lsmprop_is_set(&context->ipc.oprop)) { char *ctx = NULL; u32 len; @@ -2638,8 +2638,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp) context->ipc.gid = ipcp->gid; context->ipc.mode = ipcp->mode; context->ipc.has_perm = 0; - /* scaffolding */ - security_ipc_getsecid(ipcp, &context->ipc.oprop.scaffold.secid); + security_ipc_getlsmprop(ipcp, &context->ipc.oprop); context->type = AUDIT_IPC; } diff --git a/security/security.c b/security/security.c index 859b37e51796..410bf69af427 100644 --- a/security/security.c +++ b/security/security.c @@ -3611,17 +3611,17 @@ int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag) } /** - * security_ipc_getsecid() - Get the sysv ipc object's secid + * security_ipc_getlsmprop() - Get the sysv ipc object LSM data * @ipcp: ipc permission structure - * @secid: secid pointer + * @prop: pointer to lsm information * - * Get the secid associated with the ipc object. In case of failure, @secid - * will be set to zero. + * Get the lsm information associated with the ipc object. */ -void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) + +void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, struct lsm_prop *prop) { - *secid = 0; - call_void_hook(ipc_getsecid, ipcp, secid); + lsmprop_init(prop); + call_void_hook(ipc_getlsmprop, ipcp, prop); } /** diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a2da81d0d5f5..10c7fc61a786 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6328,10 +6328,13 @@ static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag) return ipc_has_perm(ipcp, av); } -static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +static void selinux_ipc_getlsmprop(struct kern_ipc_perm *ipcp, + struct lsm_prop *prop) { struct ipc_security_struct *isec = selinux_ipc(ipcp); - *secid = isec->sid; + prop->selinux.secid = isec->sid; + /* scaffolding */ + prop->scaffold.secid = isec->sid; } static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) @@ -7252,7 +7255,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(userns_create, selinux_userns_create), LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), - LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), + LSM_HOOK_INIT(ipc_getlsmprop, selinux_ipc_getlsmprop), LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 1f478bb08779..7926f40bc7db 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3442,16 +3442,18 @@ static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) } /** - * smack_ipc_getsecid - Extract smack security id + * smack_ipc_getlsmprop - Extract smack security data * @ipp: the object permissions - * @secid: where result will be saved + * @prop: where result will be saved */ -static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid) +static void smack_ipc_getlsmprop(struct kern_ipc_perm *ipp, struct lsm_prop *prop) { - struct smack_known **blob = smack_ipc(ipp); - struct smack_known *iskp = *blob; + struct smack_known **iskpp = smack_ipc(ipp); + struct smack_known *iskp = *iskpp; - *secid = iskp->smk_secid; + prop->smack.skp = iskp; + /* scaffolding */ + prop->scaffold.secid = iskp->smk_secid; } /** @@ -5157,7 +5159,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_to_inode, smack_task_to_inode), LSM_HOOK_INIT(ipc_permission, smack_ipc_permission), - LSM_HOOK_INIT(ipc_getsecid, smack_ipc_getsecid), + LSM_HOOK_INIT(ipc_getlsmprop, smack_ipc_getlsmprop), LSM_HOOK_INIT(msg_msg_alloc_security, smack_msg_msg_alloc_security), From patchwork Tue Sep 10 18:41:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799242 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A4BB1A3BCA for ; Tue, 10 Sep 2024 18:53:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.188.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994403; cv=none; b=aWVy9+PX0ih3agHFLkGbiv5OVTfUk0kGj8UKYkK3seTs/7nV0XB3BHmSwFl7MhsNmEbUcitYVmRtUupnMVbB+YRpkuJ285SNMvIfOSjxTMY8HC1yX3W4k5aFWwtQLXtS3KAhIQbo7SSBmdi7hhSaGmo8WIOpXuJJ1LVRBMoSiww= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994403; c=relaxed/simple; bh=O1e6CxiQWsxzIs5u1fUQ5DgKXDjgs0NeAacNWiPIWIc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nK08/KlFHBmd4uifzYz4QxUdZq7kMpLI3yQdgVcTwXa7ezSydpwwcc9dUjPRMlUBIByvGKY/iGvalkp9N4z0myghc6S0RGUq4uEWdJZMLl+SEP5s808ZDMwM55gxYKIcWBrVB2IMNwq5lCYXM2gfWFq0og72LdKhuG1EZxC4YSg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=Lgc4XTgF; arc=none smtp.client-ip=66.163.188.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="Lgc4XTgF" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994401; bh=QKTsziIRFsRzMH5ovaK8Q7qXH6nN4F+gv9JsbGYKPkY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Lgc4XTgFfcA0ichUpfcAP8Etvc4Zrk0OGquhuCkzNYCGWYegK6x9ZvpMf4FzgV6FE8zmTlnhin/3axX3FqKCrwh3Yr9afQQ/WoyP7+cC987lVPdAoaE9kJDDZyfS7ggexoUAs3tqQb6qu0Ys22HhsVxcgG/WVHMA9FbP8Jh1fdFK0PTH4yotcqPrMAkNjziss4B7IdE/P4NR55PUFbWbzoXhd2Wd4nca+uT4HfLx4MdmIM49NMtYyGJiaJhdfry/FnkWqEdfAowF6gaYFYg1BVccIVqy7q6JL05KHPE+iPYzinWKk4d9Usghvf7C1gYDzbmSbocpOVO+Tp1W10JlKQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994401; bh=nnk5Fch83PwbG1WfzFbquBkxAQ9iJSDmnyo7CKVAR6/=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=nTIAm6NK3MIcVNsEy1SH96u8ArCyZxFAI7/zJ2JXFpgLHcZoN91zqKET0JO8MEX/ShXbgJC6QOFl5A+WgEi+AWz3cPwk/T6pnr733CBr1BPk0mcR4vWXPf84Y43yOPDHdxHK7nJxznaDhIg4x1hqwUuyszzCtENeM7Qk+pLpCxh9X7sp+/x0R/WJ72BAhd2C5y9Mkvz3PRKtxWaePFEmzfaHGc6eAuMN78fAwB19e0RWn0219RRDTZ8dQ9LZJ7S3I46QVWC3SPCfP4qcEvKHju265Y4wtLRP3N89IvQyPUyDqk7XHqTXsIoyLFYZiYsUuIbSDP8FN/xscfdoALrMig== X-YMail-OSG: tRIHen4VM1mqjtoG6p13Une9Y.FnWY2s58GHldXl6WcNckBZQ86GermMyasFJiZ AJRvBuuEvpMOlFAAcRvtdDXCXhL4bow34DXJuT_fMAD9iUHofS_IH5VL.XENjDNmrMV6yeNonwMf .NeZGv61xI2o0qsxIVrmCW1Blb4ndeuPTuXTqA3xtqFEtw5Y9.ig84belsH4phuPs94OHdHf.XfU 7e8DzivBPnRme5cZV5yNADs6MC6k4WHdQVFJt0vQ8c2N_6_96XLHRMsJYA4KHDAK2SNZFJcA6rE7 rsXFwdIk0XJIDzjad8kvQvYqmLxVlcMX4KGHUR0CU1hH8bDEGrKle7IRO8e.ozN2rcBGEYdkN2rA Xs69G3iO5cTq9ygeTQ8Si1pBu38qeZ6DvRRBHi3iEABdQwXlWNS6pNpVUhY2asG4a40Mp0L4L5om 8MmiqazIE59ZbBBZRbsCAzI1u4NUKZss26wj5wgwy69aFXeyeK964PIuzdx5eJCXCmf_6KuaLYWD 6npPT5jYYyP9PNCiot.9avDYANOYjW21axysBvEtIWfdSAC0ucOaJu4c6X_WMnEqFCElbPt6mbWq _GNTcYlkPIPwcJ20cSKdVoAkPpX31i09OGfch6GWtskNL3z6sb7JcMN9.yKzk_VFiCIPefiC2UKR EYe787uduHcrHX9GRA4XRJmt8hg3WEJPcIIlAVsuXCu_TG0D57dtNPBHDBDZgthpA8dDhNBPN5vy iirRy17vZjSekFI3bzN_DpkMi6N7eqZ2xTEoOLhr3flzHj08HmHesN3vXwRzWtq7CZcy8lYJijmP ynPBzfUk_o_JLrWJPwqk41g1evdunfjENostVE1gIgJLMXFMNnhss15lHAXPtb.LJ87V3F1QNfdI ecvIsjODFXUpgDb31tYjIBwW0qfAd2zJOmYpcAzVwICJnU0DdXM1f3NERvn5_uYzKrlkhP7BjZ8E .o1qzBm51egAAemf060ZtJjiZMS5Wzr5B9SXTFbN05eowLn4noWnJvF0pMQZGmmVXmJuwM.J9w7p nIdx5o_QK6FV0qyJMqBLCZW7.QOtQSnYAQPvKum6Cn90bj9SZ30EsQnBRgw7X1qutBKWIc66ChFm hKaHv0Bi68czDmYDNKzKGNxZ62A6rbHdO2k9u7zbAiM37tps.vGgMD6g9THbj8tmrRCGslAXQ3KN XxsozpOoCvuXwgYPmps2tq85fDikA1.jONuLeg2S3yQzi.taHTAcD98mek8OjucEp3EjSS4E7V0y 6Sb_BgHM4oymd8gCj_ErSCl9HOg.YaSeQiSS0dX8kXIh2futbF3.6d4sQ5BgtJpa1ed4duNihjZt IvMw25VUKWeNqdIY9rlsM74oo7fKtahw9ujaQxHSf8uHZLhdjvW2hJ2MdjmYDElMEJDPXFO96Qeu 7_OR9ISc7iDaaoLYxlgA5IV_lyt4OilKpVaXzfcCMoKlxpSJ.fxdBTwNfLMlBQhcItPm_czO_EBV lZXT8LTV17ruXE1DXthHVRkzQBxLQCq6C4rKIsFhIuFy0AVOkpxsXcbOe4VDOdrFK5vamDsUM4ot TrKtmZS9AuXnguaqkQ7K6mgvlASmhqfaLwCiN8HHGGD6SWmERmgZcTKzXBRT5NnmLgeCQ4EF1bCq 1BrofbmmRyZK8Z2hTkDR8NHd.Bi1OZrAnMdYBDJQORlSN0A4m4VM0qopdcqSbVj0IgBhWeqYt6Md uGwsxtzHWsQ3WDMWgjeEtbL.4iBGKqJecqcgTcGXd4CxwmVmW.VHxwdhFnMNSCDViRManL7B_d0U Oe5bg5YOXtnEE4W3dIyv_vqYmf4sqH0Roq7wgUO0BlMGbxmrn_JCai5RQFe9POpBNZeCm87Xitol joXT48w97nDtRtBnFxTTpQ4N5WUt1nI6Do.1yKmPu3f8cUUHSEwg6E9Xo_u2w5.8a6gO.9zpvZiB FIMMRzY25_wi.0Y__.Yul5GKPfoWecUq1JqDzv2D5dCowaz6KIig69ukrjYybtDb3vbBVXyVB88r DNycx8fIzz.zjlHYgE2vmzWVYGBS3ohW.CN20A4YjaYf6GRf15c_a2Y2OdlLUaiB8PapxglvJ6Ky MXCBqY2A76jM5exsIENHU1LVXhzFwlTnuckEIG13NtSo4wIIsADCmJmQlPUuQQurCIPfeQoWue8V aT432DafhV4NGW3PGnut_HedWFkMmMMfNZ_fbhZkfwFke4CVMk_6pNIJzYUC084ZcKj2PbUhmUaY RvJjwp3EjBv7tVwAeFy8YbY9N250pHC4HpzLr7suj1mKP1Vo.rvDbVQvE3837721dq3n2gultZMN CHM.7Bc.9StRELCnOzSr6FxD44BWCnNFcaBRb X-Sonic-MF: X-Sonic-ID: c78cf519-8b4c-4ce3-a490-f15f738434dd Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:53:21 +0000 Received: by hermes--production-gq1-5d95dc458-4tw7n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID bfec55394db9c3ecf7e1196118de0a4c; Tue, 10 Sep 2024 18:43:12 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 06/13] Audit: Update shutdown LSM data Date: Tue, 10 Sep 2024 11:41:18 -0700 Message-ID: <20240910184125.224651-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The audit process LSM information is changed from a secid audit_sig_sid to an lsm_prop in audit_sig_lsm. Update the users of this data appropriately. Calls to security_secid_to_secctx() are changed to use security_lsmprop_to_secctx() instead. security_current_getsecid_subj() is scaffolded. It will be updated in a subsequent patch. Signed-off-by: Casey Schaufler --- kernel/audit.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/kernel/audit.c b/kernel/audit.c index e7a62ebbf4d1..70f76fed254b 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -123,7 +123,7 @@ static u32 audit_backlog_wait_time = AUDIT_BACKLOG_WAIT_TIME; /* The identity of the user shutting down the audit system. */ static kuid_t audit_sig_uid = INVALID_UID; static pid_t audit_sig_pid = -1; -static u32 audit_sig_sid; +static struct lsm_prop audit_sig_lsm; /* Records can be lost in several ways: 0) [suppressed in audit_alloc] @@ -1473,20 +1473,21 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh, } case AUDIT_SIGNAL_INFO: len = 0; - if (audit_sig_sid) { - err = security_secid_to_secctx(audit_sig_sid, &ctx, &len); + if (lsmprop_is_set(&audit_sig_lsm)) { + err = security_lsmprop_to_secctx(&audit_sig_lsm, &ctx, + &len); if (err) return err; } sig_data = kmalloc(struct_size(sig_data, ctx, len), GFP_KERNEL); if (!sig_data) { - if (audit_sig_sid) + if (lsmprop_is_set(&audit_sig_lsm)) security_release_secctx(ctx, len); return -ENOMEM; } sig_data->uid = from_kuid(&init_user_ns, audit_sig_uid); sig_data->pid = audit_sig_pid; - if (audit_sig_sid) { + if (lsmprop_is_set(&audit_sig_lsm)) { memcpy(sig_data->ctx, ctx, len); security_release_secctx(ctx, len); } @@ -2404,7 +2405,8 @@ int audit_signal_info(int sig, struct task_struct *t) audit_sig_uid = auid; else audit_sig_uid = uid; - security_current_getsecid_subj(&audit_sig_sid); + /* scaffolding */ + security_current_getsecid_subj(&audit_sig_lsm.scaffold.secid); } return audit_signal_info_syscall(t); From patchwork Tue Sep 10 18:41:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799243 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic305-27.consmr.mail.ne1.yahoo.com (sonic305-27.consmr.mail.ne1.yahoo.com [66.163.185.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6D3EA1A4B6E for ; Tue, 10 Sep 2024 18:53:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.185.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994404; cv=none; b=fON1lY83nJmwzFBPSsg8EuqvRLNyYJs5Ev7SG5iXlOVtbXQpfli5D4ton09t4ClmclPxDXtmDnj96Dxh+IvNBJpESnrT0LC8H5O4S2luHyzuQJ+kVo1K2g0XLeIRfNCqu97fow8zzZ2wxwiOftwUpZqP5CYD6g2Rau4TdK8cbeA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725994404; c=relaxed/simple; bh=cLI3aKf+4jLGtNwJ6c6JZmiMRAyr0hjuM2LtPmh5hG8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=T72+P+cZkh3Gsoy1gFU2rWKyDS1GJQLMVoc3kVv5Y7gB9H7mJM021qNsEQh2/KgO0OADbxFa8zkp7ku/qxle6VHWV/u1QurJoJQuAxqD0QkBzUCM9fyJUjXXCyDbJ+GLm2wEojB4uUmqYyC1iEazGMoFd4DgOFfShLjkh1x4oP4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=MLBQ3iYF; arc=none smtp.client-ip=66.163.185.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="MLBQ3iYF" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994401; bh=roEXD5uoszGAHqWo6NbdEc1ATm+VzTvo0S9RDjTnkBM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=MLBQ3iYFegNfPOsMyv5bcH+oRftQRICTFtQA9Bwn8KJDNgeCXixkFhZoGaeF2Mpax4JPMUJFcm6gDwAKM80xz1ozC6EcmTmA5Zv8lFb3pKfujbddda3AgaSwlXghEzwoWQ7z9uhZ/8kL8Qi5n9dv5kKzl5qDLq49GenswgkPcjuLouRat+t+LNF5y1XP3X/uLy4BCzB04/WInVIS/5IGuZP8Hh7aeLmC4kuxf6SzdyqmCYb3dr39wOoZLkcPpPxQwpaRtYHRw353nZLB/4OZWpq+ydbB7t97wn3QbAW2SCMeMmvgGHxt7xScHo2ARwqLZIoHfMaueXBbeGryCsOcBw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725994401; bh=T0zn0ZDgPDMtqhwxzSD9E7k5c2jnYMcG3hbWjYQcf8p=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=o/WLrt/QzwYcVCiKvxtMYKiqJy4FgXbkkTIAuxrcGP4y2mj9wqkFy06UXrR5nX+VD9ra49JnalAc4XYNnkjf3XQnOfn+cTDCJc9Enz8HrTgMyo9aKgnbUCq0TeupgNL4tluotShMvvGvJcQQz9dPMWS5tGKtwJqITQgSCEDY88qbjJXUQxQxKgpVux0MRY5mmApKubEk9+Z5h5vQYD3CVXuOCHko0ux+9Hus5fqVFhd/7pnB5FX1sGJKiqgK1LkSQeTMlDPZVT3s5EuPWG5A2/6lSXtWRc7BKrQ3TdIMej4CLHcG1+daRVkEXc7OQaa5IP1x+FqsUwnfVjiBW6qmgw== X-YMail-OSG: 8BFFVDMVM1n12u7XppaBGidVuNG4bDRIoBvu8lwN9cpmWwR1.nLMKe5DHYLO247 YG4AddTC01McK.S4uc3iefTpglrFyeAiqmwlRNWSo4NeYD8_1vEKXjKhRyIRsw8Aa8YshPTPg3d5 hBpkjWOIrNg4N71WrGycoyCxXih_i574BGlDJ6OJZVz34SZmOnv3Dvjf0_50OghLrE100U6f8HrF OPXDcRHDMXm5x6MsthyUuDYOYxv2d5wD_cdCLe9AM5922xnhfJ6A8GiD14s4prnnLtGP90Jnpqhy JYDgxXri0Iv5RD91.ct1cdiyPc5VMHtwijdqcef4IhLzwEOb6bapNp2zsqZip5IeaN.KM4AebjGp MX.LIa0kUQmsfrzzLlePtljCUTP2gWQIvlRQAwjpA5dX3nBFgVsmR6.z5laaQITGwsJEKd4LEd9E BOreEYyF7WGXgz5llZmXTgF6yq9JieA9tXWMmYHvhmJz_jw6DpwZ0OZbv_kLJT3gXS96HyqjbYB9 bttRn9bJSu5l8YG94hOBn7beYeyjG8.CdbSZN99LIPxg8jz8X8WZyC8YDfhEI2beDx.J1pDpeQ8. 0klP2QRdo59hJgJTT3dTCtvRd.nllci6v2te_wuW3xt.KB68op5Yifh425DGvaFfkgRsCwMasdJj xQGxklvZx1DPjU3hyKB6RZy.nmo9ne96gPyJMNNlEXVgnTkRG3hr7a5oTMkDbGqHSVEmxgyGEE2O cnCS4Dbw08BrLq1Wzw12gUw5TFDOC90Uign7qxN29DcagVqvWMwj8jZJN.r5crOflV_sm8oL9l2i 2.Du3xExRbtGVz5o7PvPMptL.MyIqVj00..04AJoq5Zc6gzjPpvu6LPaToNlOlrDT6mz6kdsDW7N hHiHUHNrmDUB1R6XKwk.lxD_ckyP7XNQ4M5aUG2oyTOk0gwwXz2eE61FdwwwvIY9zUsazOpNmhlz 7OSjWVW2a2Fm.dxOKo4k.st1KK1r3e5UfyyyQDgK79aEXlJBkdcWZN9HJwP3FVuTX3vtK3xP3Ocy xjfcPJwFxFy6zdFSbx2hjJOtnEHOOlwesU2tH2BB.yZyY8SNJ0v61wbRlzRLyLlVux7OCXJefpST oo5zPWY7KtEF5z1cvTrug4bl__kCrIM3Ca_TkuuCzurRUMIskgfJku7Ce3_XCcYLIpkOzRKaL6rG 419QN1Wgu0M5.lB6nvkU6Y2Xpy5ZwAatpvHg3EAUPbcU6hDY7lzHL0PPIHZpyNTEgBSYRt7Cq9CC GShBW1.iCBy8kavjw.m9sduv8DwP.mBeCUEch0C2tekFeuJNI5bekdSCStMHzZ1TInVXwfeQbxfo Mgnq9GxlBDXrCtVJjF2eH4eac4A9qg8D_knaH.usGMZEWxYK6Zie_X3x2byuwXZM8_hQPfwBs9Nh u_os2uTPmaMgAS9AwyB1Ww9gwHWwNcUNuCEUWcDeQGeiIWRR.TKG8fRO2VyCuUMvggvkIIdFyWTV 4bWx.qYveE0QTRD6A3ysk_4oueC2pfRplMB.F9t6rP0NaBbfuoxj5LvrZBh6JRAOOEZ8hUGxzx_s _1GaPYRjkB9udEonLK9izFqyjqqDTKD.G7lyTGTao6CK1ZNJ.h9gjaXSAhJisuvkkr4CdUNNAMAE _d52ISN0oLPUgRH2sZp4o7kTpbHzggMJIEUgSybAVdh3nDUxIg2ESFdD61HwQ2yw4.r.fKUQPLfN 6bXmbuup6xSnDL3pmqdkSpCq24zFShrThBGBy.B6ObIqXl8Q4AJ.IY_mS7l5OMHX2qSyQCZQDdRL vQQmRPYOSZpqHKhIY5p4BwLyHtCOgKbteOVxqjHe..j5KerKifbpw1DBTxpKqRx7jOWpae5_x5nr 1yrWCYnqhV.y8ypk8PlS0fwVHEzuRRamMYJbTw3STx7EUSPUh_M8mh7WYwc9e_Qjwozeb95_EXLv T.rFws1Ad4kX8n4Q1oXUfivGbHkQUa5zoS9_IK11CRkLOgBHgq5EqKwAqy2l5_py7b8XsykWrj0i uUm5CdtdmE6wz3BH5.u40ZRxfyh0Pl7ww_CnGm4K.KnWdZGRoXHAAsrFNGrjkGiTK6H3KjAAad5v EpL.HmSFzT41FaxsJY9tsCiu5eDJ3KbNwLQCE0haRFX8iTBoUbua0DvsmQZo2YD2lfPl8KCrHqyU aw1YtI95ArN9JqEnKHk5n19am_jAwxpNchiKmShgnXPiKVLWLAeZeL_4VOPsMq7GQMpY4DY0ahfN WOh5w1RA5ggY.N5M7KgTtcxHdZ9w3BVhZiiU06npTw3ALA42.EhCGpxKGMGA- X-Sonic-MF: X-Sonic-ID: 06cbb0af-efb0-40b5-a83d-9fb6ea77838b Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:53:21 +0000 Received: by hermes--production-gq1-5d95dc458-4tw7n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID bfec55394db9c3ecf7e1196118de0a4c; Tue, 10 Sep 2024 18:43:13 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org, audit@vger.kernel.org Subject: [PATCH v3 07/13] LSM: Use lsm_prop in security_current_getsecid Date: Tue, 10 Sep 2024 11:41:19 -0700 Message-ID: <20240910184125.224651-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the security_current_getsecid_subj() and security_task_getsecid_obj() interfaces to fill in a lsm_prop structure instead of a u32 secid. Audit interfaces will need to collect all possible security data for possible reporting. Signed-off-by: Casey Schaufler Cc: linux-integrity@vger.kernel.org Cc: audit@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 6 +-- include/linux/security.h | 13 +++--- kernel/audit.c | 11 +++-- kernel/auditfilter.c | 3 +- kernel/auditsc.c | 22 ++++++---- net/netlabel/netlabel_unlabeled.c | 5 ++- net/netlabel/netlabel_user.h | 6 ++- security/apparmor/lsm.c | 20 ++++++--- security/integrity/ima/ima.h | 6 +-- security/integrity/ima/ima_api.c | 6 +-- security/integrity/ima/ima_appraise.c | 6 +-- security/integrity/ima/ima_main.c | 59 ++++++++++++++------------- security/integrity/ima/ima_policy.c | 14 +++---- security/security.c | 28 ++++++------- security/selinux/hooks.c | 17 +++++--- security/smack/smack_lsm.c | 25 +++++++----- 16 files changed, 139 insertions(+), 108 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 315bbe1f63fc..e53d29c3ca1c 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -232,9 +232,9 @@ LSM_HOOK(int, 0, task_fix_setgroups, struct cred *new, const struct cred * old) LSM_HOOK(int, 0, task_setpgid, struct task_struct *p, pid_t pgid) LSM_HOOK(int, 0, task_getpgid, struct task_struct *p) LSM_HOOK(int, 0, task_getsid, struct task_struct *p) -LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid) -LSM_HOOK(void, LSM_RET_VOID, task_getsecid_obj, - struct task_struct *p, u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, current_getlsmprop_subj, struct lsm_prop *prop) +LSM_HOOK(void, LSM_RET_VOID, task_getlsmprop_obj, + struct task_struct *p, struct lsm_prop *prop) LSM_HOOK(int, 0, task_setnice, struct task_struct *p, int nice) LSM_HOOK(int, 0, task_setioprio, struct task_struct *p, int ioprio) LSM_HOOK(int, 0, task_getioprio, struct task_struct *p) diff --git a/include/linux/security.h b/include/linux/security.h index c8f020cf2a84..07c0e635f124 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -492,8 +492,8 @@ int security_task_fix_setgroups(struct cred *new, const struct cred *old); int security_task_setpgid(struct task_struct *p, pid_t pgid); int security_task_getpgid(struct task_struct *p); int security_task_getsid(struct task_struct *p); -void security_current_getsecid_subj(u32 *secid); -void security_task_getsecid_obj(struct task_struct *p, u32 *secid); +void security_current_getlsmprop_subj(struct lsm_prop *prop); +void security_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop); int security_task_setnice(struct task_struct *p, int nice); int security_task_setioprio(struct task_struct *p, int ioprio); int security_task_getioprio(struct task_struct *p); @@ -1278,14 +1278,15 @@ static inline int security_task_getsid(struct task_struct *p) return 0; } -static inline void security_current_getsecid_subj(u32 *secid) +static inline void security_current_getlsmprop_subj(struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } -static inline void security_task_getsecid_obj(struct task_struct *p, u32 *secid) +static inline void security_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } static inline int security_task_setnice(struct task_struct *p, int nice) diff --git a/kernel/audit.c b/kernel/audit.c index 70f76fed254b..399f66557dfa 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -2179,16 +2179,16 @@ void audit_log_key(struct audit_buffer *ab, char *key) int audit_log_task_context(struct audit_buffer *ab) { + struct lsm_prop prop; char *ctx = NULL; unsigned len; int error; - u32 sid; - security_current_getsecid_subj(&sid); - if (!sid) + security_current_getlsmprop_subj(&prop); + if (!lsmprop_is_set(&prop)) return 0; - error = security_secid_to_secctx(sid, &ctx, &len); + error = security_lsmprop_to_secctx(&prop, &ctx, &len); if (error) { if (error != -EINVAL) goto error_path; @@ -2405,8 +2405,7 @@ int audit_signal_info(int sig, struct task_struct *t) audit_sig_uid = auid; else audit_sig_uid = uid; - /* scaffolding */ - security_current_getsecid_subj(&audit_sig_lsm.scaffold.secid); + security_current_getlsmprop_subj(&audit_sig_lsm); } return audit_signal_info_syscall(t); diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 5b47571ae4ee..7589845cb9ee 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1371,8 +1371,7 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_CLR: if (f->lsm_rule) { /* scaffolding */ - security_current_getsecid_subj( - &prop.scaffold.secid); + security_current_getlsmprop_subj(&prop); result = security_audit_rule_match( &prop, f->type, f->op, f->lsm_rule); diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 3e051014484c..b976b88c19c3 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -470,7 +470,6 @@ static int audit_filter_rules(struct task_struct *tsk, { const struct cred *cred; int i, need_sid = 1; - u32 sid; struct lsm_prop prop = { }; unsigned int sessionid; @@ -675,15 +674,14 @@ static int audit_filter_rules(struct task_struct *tsk, * fork()/copy_process() in which case * the new @tsk creds are still a dup * of @current's creds so we can still - * use security_current_getsecid_subj() + * use + * security_current_getlsmprop_subj() * here even though it always refs * @current's creds */ - security_current_getsecid_subj(&sid); + security_current_getlsmprop_subj(&prop); need_sid = 0; } - /* scaffolding */ - prop.scaffold.secid = sid; result = security_audit_rule_match(&prop, f->type, f->op, @@ -2730,12 +2728,15 @@ int __audit_sockaddr(int len, void *a) void __audit_ptrace(struct task_struct *t) { struct audit_context *context = audit_context(); + struct lsm_prop prop; context->target_pid = task_tgid_nr(t); context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getsecid_obj(t, &context->target_sid); + security_task_getlsmprop_obj(t, &prop); + /* scaffolding */ + context->target_sid = prop.scaffold.secid; memcpy(context->target_comm, t->comm, TASK_COMM_LEN); } @@ -2751,6 +2752,7 @@ int audit_signal_info_syscall(struct task_struct *t) struct audit_aux_data_pids *axp; struct audit_context *ctx = audit_context(); kuid_t t_uid = task_uid(t); + struct lsm_prop prop; if (!audit_signals || audit_dummy_context()) return 0; @@ -2762,7 +2764,9 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getsecid_obj(t, &ctx->target_sid); + security_task_getlsmprop_obj(t, &prop); + /* scaffolding */ + ctx->target_sid = prop.scaffold.secid; memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); return 0; } @@ -2783,7 +2787,9 @@ int audit_signal_info_syscall(struct task_struct *t) axp->target_auid[axp->pid_count] = audit_get_loginuid(t); axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); - security_task_getsecid_obj(t, &axp->target_sid[axp->pid_count]); + security_task_getlsmprop_obj(t, &prop); + /* scaffolding */ + axp->target_sid[axp->pid_count] = prop.scaffold.secid; memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); axp->pid_count++; diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 9996883bf2b7..5925f48a3ade 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1534,11 +1534,14 @@ int __init netlbl_unlabel_defconf(void) int ret_val; struct netlbl_dom_map *entry; struct netlbl_audit audit_info; + struct lsm_prop prop; /* Only the kernel is allowed to call this function and the only time * it is called is at bootup before the audit subsystem is reporting * messages so don't worry to much about these values. */ - security_current_getsecid_subj(&audit_info.secid); + security_current_getlsmprop_subj(&prop); + /* scaffolding */ + audit_info.secid = prop.scaffold.secid; audit_info.loginuid = GLOBAL_ROOT_UID; audit_info.sessionid = 0; diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h index d6c5b31eb4eb..39f4f6df5f51 100644 --- a/net/netlabel/netlabel_user.h +++ b/net/netlabel/netlabel_user.h @@ -32,7 +32,11 @@ */ static inline void netlbl_netlink_auditinfo(struct netlbl_audit *audit_info) { - security_current_getsecid_subj(&audit_info->secid); + struct lsm_prop prop; + + security_current_getlsmprop_subj(&prop); + /* scaffolding */ + audit_info->secid = prop.scaffold.secid; audit_info->loginuid = audit_get_loginuid(current); audit_info->sessionid = audit_get_sessionid(current); } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index ad2499bff591..824a85d2ee85 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -982,17 +982,24 @@ static void apparmor_bprm_committed_creds(const struct linux_binprm *bprm) return; } -static void apparmor_current_getsecid_subj(u32 *secid) +static void apparmor_current_getlsmprop_subj(struct lsm_prop *prop) { struct aa_label *label = __begin_current_label_crit_section(); - *secid = label->secid; + + prop->apparmor.label = label; + /* scaffolding */ + prop->scaffold.secid = label->secid; __end_current_label_crit_section(label); } -static void apparmor_task_getsecid_obj(struct task_struct *p, u32 *secid) +static void apparmor_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { struct aa_label *label = aa_get_task_label(p); - *secid = label->secid; + + prop->apparmor.label = label; + /* scaffolding */ + prop->scaffold.secid = label->secid; aa_put_label(label); } @@ -1518,8 +1525,9 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_free, apparmor_task_free), LSM_HOOK_INIT(task_alloc, apparmor_task_alloc), - LSM_HOOK_INIT(current_getsecid_subj, apparmor_current_getsecid_subj), - LSM_HOOK_INIT(task_getsecid_obj, apparmor_task_getsecid_obj), + LSM_HOOK_INIT(current_getlsmprop_subj, + apparmor_current_getlsmprop_subj), + LSM_HOOK_INIT(task_getlsmprop_obj, apparmor_task_getlsmprop_obj), LSM_HOOK_INIT(task_setrlimit, apparmor_task_setrlimit), LSM_HOOK_INIT(task_kill, apparmor_task_kill), LSM_HOOK_INIT(userns_create, apparmor_userns_create), diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index f17213520c36..791f71036893 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -369,7 +369,7 @@ static inline void ima_process_queued_keys(void) {} /* LIM API function definitions */ int ima_get_action(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, int mask, + const struct cred *cred, struct lsm_prop *prop, int mask, enum ima_hooks func, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos); @@ -400,8 +400,8 @@ const char *ima_d_path(const struct path *path, char **pathbuf, char *filename); /* IMA policy related functions */ int ima_match_policy(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, enum ima_hooks func, - int mask, int flags, int *pcr, + const struct cred *cred, struct lsm_prop *prop, + enum ima_hooks func, int mask, int flags, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos); void ima_init_policy(void); diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 984e861f6e33..c35ea613c9f8 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -165,7 +165,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * @idmap: idmap of the mount the inode was found from * @inode: pointer to the inode associated with the object being validated * @cred: pointer to credentials structure to validate - * @secid: secid of the task being validated + * @prop: properties of the task being validated * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXEC, * MAY_APPEND) * @func: caller identifier @@ -187,7 +187,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * */ int ima_get_action(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, int mask, + const struct cred *cred, struct lsm_prop *prop, int mask, enum ima_hooks func, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos) @@ -196,7 +196,7 @@ int ima_get_action(struct mnt_idmap *idmap, struct inode *inode, flags &= ima_policy_flag; - return ima_match_policy(idmap, inode, cred, secid, func, mask, + return ima_match_policy(idmap, inode, cred, prop, func, mask, flags, pcr, template_desc, func_data, allowed_algos); } diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index 656c709b974f..884a3533f7af 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -73,13 +73,13 @@ bool is_ima_appraise_enabled(void) int ima_must_appraise(struct mnt_idmap *idmap, struct inode *inode, int mask, enum ima_hooks func) { - u32 secid; + struct lsm_prop prop; if (!ima_appraise) return 0; - security_current_getsecid_subj(&secid); - return ima_match_policy(idmap, inode, current_cred(), secid, + security_current_getlsmprop_subj(&prop); + return ima_match_policy(idmap, inode, current_cred(), &prop, func, mask, IMA_APPRAISE | IMA_HASH, NULL, NULL, NULL, NULL); } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index f04f43af651c..254ab465a4a6 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -206,8 +206,8 @@ static void ima_file_free(struct file *file) } static int process_measurement(struct file *file, const struct cred *cred, - u32 secid, char *buf, loff_t size, int mask, - enum ima_hooks func) + struct lsm_prop *prop, char *buf, loff_t size, + int mask, enum ima_hooks func) { struct inode *real_inode, *inode = file_inode(file); struct ima_iint_cache *iint = NULL; @@ -232,7 +232,7 @@ static int process_measurement(struct file *file, const struct cred *cred, * bitmask based on the appraise/audit/measurement policy. * Included is the appraise submask. */ - action = ima_get_action(file_mnt_idmap(file), inode, cred, secid, + action = ima_get_action(file_mnt_idmap(file), inode, cred, prop, mask, func, &pcr, &template_desc, NULL, &allowed_algos); violation_check = ((func == FILE_CHECK || func == MMAP_CHECK || @@ -443,23 +443,23 @@ static int process_measurement(struct file *file, const struct cred *cred, static int ima_file_mmap(struct file *file, unsigned long reqprot, unsigned long prot, unsigned long flags) { - u32 secid; + struct lsm_prop prop; int ret; if (!file) return 0; - security_current_getsecid_subj(&secid); + security_current_getlsmprop_subj(&prop); if (reqprot & PROT_EXEC) { - ret = process_measurement(file, current_cred(), secid, NULL, + ret = process_measurement(file, current_cred(), &prop, NULL, 0, MAY_EXEC, MMAP_CHECK_REQPROT); if (ret) return ret; } if (prot & PROT_EXEC) - return process_measurement(file, current_cred(), secid, NULL, + return process_measurement(file, current_cred(), &prop, NULL, 0, MAY_EXEC, MMAP_CHECK); return 0; @@ -488,9 +488,9 @@ static int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, char *pathbuf = NULL; const char *pathname = NULL; struct inode *inode; + struct lsm_prop prop; int result = 0; int action; - u32 secid; int pcr; /* Is mprotect making an mmap'ed file executable? */ @@ -498,13 +498,13 @@ static int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, !(prot & PROT_EXEC) || (vma->vm_flags & VM_EXEC)) return 0; - security_current_getsecid_subj(&secid); + security_current_getlsmprop_subj(&prop); inode = file_inode(vma->vm_file); action = ima_get_action(file_mnt_idmap(vma->vm_file), inode, - current_cred(), secid, MAY_EXEC, MMAP_CHECK, + current_cred(), &prop, MAY_EXEC, MMAP_CHECK, &pcr, &template, NULL, NULL); action |= ima_get_action(file_mnt_idmap(vma->vm_file), inode, - current_cred(), secid, MAY_EXEC, + current_cred(), &prop, MAY_EXEC, MMAP_CHECK_REQPROT, &pcr, &template, NULL, NULL); @@ -542,15 +542,18 @@ static int ima_bprm_check(struct linux_binprm *bprm) { int ret; u32 secid; + struct lsm_prop prop = { }; - security_current_getsecid_subj(&secid); - ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, - MAY_EXEC, BPRM_CHECK); + security_current_getlsmprop_subj(&prop); + ret = process_measurement(bprm->file, current_cred(), + &prop, NULL, 0, MAY_EXEC, BPRM_CHECK); if (ret) return ret; security_cred_getsecid(bprm->cred, &secid); - return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, + /* scaffolding */ + prop.scaffold.secid = secid; + return process_measurement(bprm->file, bprm->cred, &prop, NULL, 0, MAY_EXEC, CREDS_CHECK); } @@ -566,10 +569,10 @@ static int ima_bprm_check(struct linux_binprm *bprm) */ static int ima_file_check(struct file *file, int mask) { - u32 secid; + struct lsm_prop prop; - security_current_getsecid_subj(&secid); - return process_measurement(file, current_cred(), secid, NULL, 0, + security_current_getlsmprop_subj(&prop); + return process_measurement(file, current_cred(), &prop, NULL, 0, mask & (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND), FILE_CHECK); } @@ -768,7 +771,7 @@ static int ima_read_file(struct file *file, enum kernel_read_file_id read_id, bool contents) { enum ima_hooks func; - u32 secid; + struct lsm_prop prop; /* * Do devices using pre-allocated memory run the risk of the @@ -788,9 +791,9 @@ static int ima_read_file(struct file *file, enum kernel_read_file_id read_id, /* Read entire file for all partial reads. */ func = read_idmap[read_id] ?: FILE_CHECK; - security_current_getsecid_subj(&secid); - return process_measurement(file, current_cred(), secid, NULL, - 0, MAY_READ, func); + security_current_getlsmprop_subj(&prop); + return process_measurement(file, current_cred(), &prop, NULL, 0, + MAY_READ, func); } const int read_idmap[READING_MAX_ID] = { @@ -818,7 +821,7 @@ static int ima_post_read_file(struct file *file, char *buf, loff_t size, enum kernel_read_file_id read_id) { enum ima_hooks func; - u32 secid; + struct lsm_prop prop; /* permit signed certs */ if (!file && read_id == READING_X509_CERTIFICATE) @@ -831,8 +834,8 @@ static int ima_post_read_file(struct file *file, char *buf, loff_t size, } func = read_idmap[read_id] ?: FILE_CHECK; - security_current_getsecid_subj(&secid); - return process_measurement(file, current_cred(), secid, buf, size, + security_current_getlsmprop_subj(&prop); + return process_measurement(file, current_cred(), &prop, buf, size, MAY_READ, func); } @@ -967,7 +970,7 @@ int process_buffer_measurement(struct mnt_idmap *idmap, int digest_hash_len = hash_digest_size[ima_hash_algo]; int violation = 0; int action = 0; - u32 secid; + struct lsm_prop prop; if (digest && digest_len < digest_hash_len) return -EINVAL; @@ -990,9 +993,9 @@ int process_buffer_measurement(struct mnt_idmap *idmap, * buffer measurements. */ if (func) { - security_current_getsecid_subj(&secid); + security_current_getlsmprop_subj(&prop); action = ima_get_action(idmap, inode, current_cred(), - secid, 0, func, &pcr, &template, + &prop, 0, func, &pcr, &template, func_data, NULL); if (!(action & IMA_MEASURE) && !digest) return -ENOENT; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 22a62e675ebc..a96dc3ff6aa0 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -557,7 +557,7 @@ static bool ima_match_rule_data(struct ima_rule_entry *rule, * @idmap: idmap of the mount the inode was found from * @inode: a pointer to an inode * @cred: a pointer to a credentials structure for user validation - * @secid: the secid of the task to be validated + * @prop: LSM properties of the task to be validated * @func: LIM hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * @func_data: func specific data, may be NULL @@ -567,7 +567,7 @@ static bool ima_match_rule_data(struct ima_rule_entry *rule, static bool ima_match_rules(struct ima_rule_entry *rule, struct mnt_idmap *idmap, struct inode *inode, const struct cred *cred, - u32 secid, enum ima_hooks func, int mask, + struct lsm_prop *prop, enum ima_hooks func, int mask, const char *func_data) { int i; @@ -658,8 +658,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule, case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - /* scaffolding */ - prop.scaffold.secid = secid; rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); @@ -723,7 +721,7 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * @inode: pointer to an inode for which the policy decision is being made * @cred: pointer to a credentials structure for which the policy decision is * being made - * @secid: LSM secid of the task to be validated + * @prop: LSM properties of the task to be validated * @func: IMA hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * @flags: IMA actions to consider (e.g. IMA_MEASURE | IMA_APPRAISE) @@ -740,8 +738,8 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * than writes so ima_match_policy() is classical RCU candidate. */ int ima_match_policy(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, enum ima_hooks func, - int mask, int flags, int *pcr, + const struct cred *cred, struct lsm_prop *prop, + enum ima_hooks func, int mask, int flags, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos) { @@ -759,7 +757,7 @@ int ima_match_policy(struct mnt_idmap *idmap, struct inode *inode, if (!(entry->action & actmask)) continue; - if (!ima_match_rules(entry, idmap, inode, cred, secid, + if (!ima_match_rules(entry, idmap, inode, cred, prop, func, mask, func_data)) continue; diff --git a/security/security.c b/security/security.c index 410bf69af427..1e603e055c9f 100644 --- a/security/security.c +++ b/security/security.c @@ -3373,33 +3373,33 @@ int security_task_getsid(struct task_struct *p) } /** - * security_current_getsecid_subj() - Get the current task's subjective secid - * @secid: secid value + * security_current_getlsmprop_subj() - Current task's subjective LSM data + * @prop: lsm specific information * * Retrieve the subjective security identifier of the current task and return - * it in @secid. In case of failure, @secid will be set to zero. + * it in @prop. */ -void security_current_getsecid_subj(u32 *secid) +void security_current_getlsmprop_subj(struct lsm_prop *prop) { - *secid = 0; - call_void_hook(current_getsecid_subj, secid); + lsmprop_init(prop); + call_void_hook(current_getlsmprop_subj, prop); } -EXPORT_SYMBOL(security_current_getsecid_subj); +EXPORT_SYMBOL(security_current_getlsmprop_subj); /** - * security_task_getsecid_obj() - Get a task's objective secid + * security_task_getlsmprop_obj() - Get a task's objective LSM data * @p: target task - * @secid: secid value + * @prop: lsm specific information * * Retrieve the objective security identifier of the task_struct in @p and - * return it in @secid. In case of failure, @secid will be set to zero. + * return it in @prop. */ -void security_task_getsecid_obj(struct task_struct *p, u32 *secid) +void security_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop) { - *secid = 0; - call_void_hook(task_getsecid_obj, p, secid); + lsmprop_init(prop); + call_void_hook(task_getlsmprop_obj, p, prop); } -EXPORT_SYMBOL(security_task_getsecid_obj); +EXPORT_SYMBOL(security_task_getlsmprop_obj); /** * security_task_setnice() - Check if setting a task's nice value is allowed diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 10c7fc61a786..ebab856c8748 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4161,14 +4161,19 @@ static int selinux_task_getsid(struct task_struct *p) PROCESS__GETSESSION, NULL); } -static void selinux_current_getsecid_subj(u32 *secid) +static void selinux_current_getlsmprop_subj(struct lsm_prop *prop) { - *secid = current_sid(); + prop->selinux.secid = current_sid(); + /* scaffolding */ + prop->scaffold.secid = prop->selinux.secid; } -static void selinux_task_getsecid_obj(struct task_struct *p, u32 *secid) +static void selinux_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { - *secid = task_sid_obj(p); + prop->selinux.secid = task_sid_obj(p); + /* scaffolding */ + prop->scaffold.secid = prop->selinux.secid; } static int selinux_task_setnice(struct task_struct *p, int nice) @@ -7240,8 +7245,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_setpgid, selinux_task_setpgid), LSM_HOOK_INIT(task_getpgid, selinux_task_getpgid), LSM_HOOK_INIT(task_getsid, selinux_task_getsid), - LSM_HOOK_INIT(current_getsecid_subj, selinux_current_getsecid_subj), - LSM_HOOK_INIT(task_getsecid_obj, selinux_task_getsecid_obj), + LSM_HOOK_INIT(current_getlsmprop_subj, selinux_current_getlsmprop_subj), + LSM_HOOK_INIT(task_getlsmprop_obj, selinux_task_getlsmprop_obj), LSM_HOOK_INIT(task_setnice, selinux_task_setnice), LSM_HOOK_INIT(task_setioprio, selinux_task_setioprio), LSM_HOOK_INIT(task_getioprio, selinux_task_getioprio), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7926f40bc7db..03d0ac37b210 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2239,30 +2239,35 @@ static int smack_task_getsid(struct task_struct *p) } /** - * smack_current_getsecid_subj - get the subjective secid of the current task - * @secid: where to put the result + * smack_current_getlsmprop_subj - get the subjective secid of the current task + * @prop: where to put the result * * Sets the secid to contain a u32 version of the task's subjective smack label. */ -static void smack_current_getsecid_subj(u32 *secid) +static void smack_current_getlsmprop_subj(struct lsm_prop *prop) { struct smack_known *skp = smk_of_current(); - *secid = skp->smk_secid; + prop->smack.skp = skp; + /* scaffolding */ + prop->scaffold.secid = skp->smk_secid; } /** - * smack_task_getsecid_obj - get the objective secid of the task + * smack_task_getlsmprop_obj - get the objective data of the task * @p: the task - * @secid: where to put the result + * @prop: where to put the result * * Sets the secid to contain a u32 version of the task's objective smack label. */ -static void smack_task_getsecid_obj(struct task_struct *p, u32 *secid) +static void smack_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { struct smack_known *skp = smk_of_task_struct_obj(p); - *secid = skp->smk_secid; + prop->smack.skp = skp; + /* scaffolding */ + prop->scaffold.secid = skp->smk_secid; } /** @@ -5147,8 +5152,8 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_setpgid, smack_task_setpgid), LSM_HOOK_INIT(task_getpgid, smack_task_getpgid), LSM_HOOK_INIT(task_getsid, smack_task_getsid), - LSM_HOOK_INIT(current_getsecid_subj, smack_current_getsecid_subj), - LSM_HOOK_INIT(task_getsecid_obj, smack_task_getsecid_obj), + LSM_HOOK_INIT(current_getlsmprop_subj, smack_current_getlsmprop_subj), + LSM_HOOK_INIT(task_getlsmprop_obj, smack_task_getlsmprop_obj), LSM_HOOK_INIT(task_setnice, smack_task_setnice), LSM_HOOK_INIT(task_setioprio, smack_task_setioprio), LSM_HOOK_INIT(task_getioprio, smack_task_getioprio), From patchwork Tue Sep 10 18:41:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799220 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A2621A4F28 for ; Tue, 10 Sep 2024 18:44:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.188.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993895; cv=none; b=tLLti8ZmsmxeUljExShU2v/AzpO2cqRklgdWfBu1uV/kYx79Tb1kpBOPj3ETUZAdYTZwdET/BWXAxndM2SoNN5yX2EBbAJmyq50OdJxpG2RKQQ+2gJrdEk8le4kREOsmmiq4JnUvXROwiYf6yN72Q/I6OVPX364UCfBlf0Qiusg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993895; c=relaxed/simple; bh=S46SS+R0nyCLxubgW8sJKqFsdTdpBILZWRQpPxgNBv8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=mxes9WfJJgsuVh0W1uy7AdLAjBQ7mTMbNL4ugB/ASWfgkX2bxaQ+kZIaOraJdoWkTqLihp5cAPszHvUmP6ULHwXU7w+XHMUMSWf7lOR9iJf0AitKJtxxTbTJa5MOYckfmgxm8+myb97LbU/uZ7cWIoNOWgqPKtnK+0Z5mMMTrQw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=Qy+c/LwY; arc=none smtp.client-ip=66.163.188.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="Qy+c/LwY" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993891; bh=YqNuSh7G2a8CxdUWt/MHjs+OoDWEq+Ghbbp+RwiCg94=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Qy+c/LwY9CIPqKiY7PkOwV/CXbVu+95yCz+QeShHdYBx1E6PhHw1niU782R4mOd0AWtqy3lI3EQZR1lUUlr8WjExYJv9gZE57YyWBCQtBzd5SOqFaeYkyVDBDqzI64tJGo7tmG47M4yeZkKaJFn03JrazIlAd+dryOqIvaAMayS0TQSxUx9a61Ddcj+dYl1UQ2AD9uE3hkT01b5VbUyrZZM+6gtuNHxRyL3ij5SrpS42DPABVZJ6cJkux/1MX5yuOeLTQ/jzFPW38il/XAUEnCIhqAINgkMO7mqLsDq/ojLqDqCYny5ka17WppWJINDGO+I3ADhJzpqHe2dw6qKtPg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993891; bh=lklpdxNugB6jvdpRPRkah82wsa+46Km5W3J5Z7T5hUb=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ZW6oXiMqfM5dXtVJdRMWuI8RJv7pwlbGfb1PP2Zk57PlHWvZmiuuULEghCdcFNKB0UTl/j4gO/Fw9iWTAuZOk5YFYdcg2UkbLQapGDYAet+B5HiFjz+vrLQVQb6yBPJOFDpuMHQ3h4QmHD4aLUR6SP/EB4Ve5GKc5AeRLtbgwBGUtpieo4DFMGvpNmJEUZzCVzEFgPkdN435vHI33Kmi8FTQ1cmE8FFBlF7I3fSCUcUT8hIFbyDJtbtFI68YDQPYUo0xOZCPmfa6sI9fBLJ53/cv98+kkSXeSp0T2llKAa1cxctcPWzYljbEALpt+2XmvkhTbABwbKq3+uvGZo9cnA== X-YMail-OSG: mrnCfe8VM1ndptQyUo7.dfho88kwHtQwSlRUf2mzaexdVs0xwHr6Gch.2gp8nW1 QhSmh8TG5uZHEx1Xm3DEw76T..qom2xBy6snqkiRf0jWP_z9b0Lavdd_8X1l.CPwJWivDKAk827j EuVaHVIsjJr.bl5Qh.WCpiXGPwbq.7o98zPFsUaUek8i_4UW103XwGuPqDXmQIqDmD_ynepQ3nE. ZmCUl.XFOPpmKL6jk_AtO9z5pjbAqche1GjiZgzzKIs74NCIHmO25.KimzVG28RJFB.a4gATKsrc FIn4puOjby7j5YUEQrl0XbBb55lKRrlppIRws.bG2qnpLM1vycp91aqIhRHH2Ac9g602p2z5W2xs V85W32vaf4pRqzxq0efqs3HtTVH4o5Z10uvm3Yc3qCwSBS7Jd2hoH9CTmLKpxAeB1ZPy2WI57hP4 Pm3bOdHdk48Wsm2gZx5495CNbzq_kDdYUyWmmADnY2mTWOU7qbBCFAQDa5Sueh8xpgUBSYTBIPFo A41CEg5CyqNpaDwcL4XzmQLic7CTedCTWmbmQZ3s4Cwm.LxLxPV27V7Ih3h8rARBH2FIWnvc5032 6RFjQCLo42ftCVWErkwz0.SMsAjfhS2G_Pj_S5y6X6zalQROtDL0q2.Ri.dUFttie7jX.rwdUe14 yWNg_1VustoP3hBQPySJbjEypsEqVMZQj7xVM_8iRUliAjQweThgoB2IiQsSR2b_E1bcjcgQ5Ahy P9W1xgtx8zOK4Sf6dGU2VumcECGQayRMYnsG2BVRK4XXDnRtPrlu0GPcizqqcBR2fe6Onz9qKlKk IFfCUO2mtVAFdHvEYn99mCuGHd9N1aiNCkJ5nr1z_e0w7R4VsmMgy43kcugDalqu8jr7u.F9qz5e T0D7Q2R5ApUTDADALnai4AL66.rZ0B_fXCrK2RXnnmyMltiQSPVx1.G3NlvCj8Gb7WM8Ja99TM1E S6z6vrxdfxCNj.OjzQki69mNecu0DTaVcHAp1d3pysHlN8CKr6TPXa99grkvSrVu2y.9wjF1PzDJ 8F2guyQm54.pbAYXKmho_m9jV45O.0xNFAbXLym9Ix8ow8vaEsjSQYdE53373D1iWwL1pKe4zojR uXBaQRKAPbTIbdNSU4RsW.AuoatmF7wVI4FRG_ro2isCPpsIh_xZVG3u7okr8O4PY9f8Q15TzyLV a4kTIpkVhKrdS9Vg9YyOLTSIKUPlvx1Sw5i3Dh9tActKVMMUzrCmgnyFTWwsuwAslAHpAVNBnKPq WI1x1LFj3tAVJy73zNRDiyWCXnYz_d5P7g4b1MrnmTa.ORSxKKO9w5GNo6SlpkHTsDpNZ6Ax78c4 sThbaA.Q4GCKHQLBOfVKLGcZtpzzZfX22aEiBDe7B.MYhwBU_Ocdj8PbPcyaP_m83wjemWHAW0Y5 Sx4ZIjaXh7hyF043iEbCZ2ooesf3v9ucQtUvzinukuOgQetFCGKf_EDhOnHGoP47MRJDjG7W33tR Nap9OSriOCoLRgT25DYddz1KEIGRm_p4oVWkY9XKm5k0qoJ2hDtYFxa.9MqaB..yRzseqFWzKCgn W5QattrtOAK42OyfaSdsiX.MMyvjyiBgQdXZg1togYPhOjQ6g8l1GflGioC1pis81qzNEIGiK_Pl r_Unklat8xbVFKz5cSftV64XiwjdKr8oaEYJVe57E_uNWNdZXOcN1hUNZ0AwG2ueEqFBA.rXFe8T S9ozp2xXfC2GmsjLE1DocFNmcFLuZFyvaaPv0rNoBYInKbe.91ZotWCR6zEBgtT8fK6tubRWBBad 3vkzWAmdW6.DBxra6MJ7WAgffH7WVdL4xNPZgWotaXBLM3JaKImJSTj8XlEiIFuuwEeszxPMEp8W OPzFep20QSoG7byD3q1voNPe1DhLZyBqX38DluqrQNjyPTucQBhvPmvG.eThp.fFjNht7kTzZx4S QVAJoafXwEGtl9TMVz5YOpt..0xaLdfWzOdRs4IHGy5ayPpe8D.C30y4JSOeUhyMoyK9ud_kjvjn cigInEJhTxzfXp6_lul1hnDcshPEivtpvzPDI1BlmLw0qkwaFc9cNUHqLv9ZPPaH_rsGyaYX9Jn. zDcwUZoCYQMGm8iwyTghlJLOyzJwV6TS.u1fgjraOWp1OgvgD6w1WxswQiJOGNt.iiLA_XQk1VJk 21b3.CgkU8maoUqmvD_q8JtmfBGt6o18QuMMqcEl_kHk4s_ksiljBwzIjv5x0nqaKDukc3p6VCfl blcr0GT2x3hR_Ly6mCwvWs3w8lIDvBbiI9VtYBXkKruDU6KGJepPQ5ghMy8cYagg- X-Sonic-MF: X-Sonic-ID: a3b68d7a-0e10-4468-9641-d8e70b3343dc Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:44:51 +0000 Received: by hermes--production-gq1-5d95dc458-s958r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 52d00b93a233ef9d46e84b01a7384b7d; Tue, 10 Sep 2024 18:44:47 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org Subject: [PATCH v3 08/13] LSM: Use lsm_prop in security_inode_getsecid Date: Tue, 10 Sep 2024 11:41:20 -0700 Message-ID: <20240910184125.224651-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the security_inode_getsecid() interface to fill in a lsm_prop structure instead of a u32 secid. This allows for its callers to gather data from all registered LSMs. Data is provided for IMA and audit. Change the name to security_inode_getlsmprop(). Signed-off-by: Casey Schaufler Cc: linux-integrity@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 3 ++- include/linux/security.h | 7 ++++--- kernel/auditsc.c | 6 +++++- security/integrity/ima/ima_policy.c | 3 +-- security/security.c | 11 +++++------ security/selinux/hooks.c | 15 +++++++++------ security/smack/smack_lsm.c | 12 +++++++----- 7 files changed, 33 insertions(+), 24 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index e53d29c3ca1c..75131153f89e 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -175,7 +175,8 @@ LSM_HOOK(int, -EOPNOTSUPP, inode_setsecurity, struct inode *inode, const char *name, const void *value, size_t size, int flags) LSM_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer, size_t buffer_size) -LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, inode_getlsmprop, struct inode *inode, + struct lsm_prop *prop) LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new) LSM_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, struct dentry *src, const char *name) diff --git a/include/linux/security.h b/include/linux/security.h index 07c0e635f124..6c50dfd70e81 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -440,7 +440,7 @@ int security_inode_getsecurity(struct mnt_idmap *idmap, void **buffer, bool alloc); int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); -void security_inode_getsecid(struct inode *inode, u32 *secid); +void security_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop); int security_inode_copy_up(struct dentry *src, struct cred **new); int security_inode_copy_up_xattr(struct dentry *src, const char *name); int security_kernfs_init_security(struct kernfs_node *kn_dir, @@ -1056,9 +1056,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer, return 0; } -static inline void security_inode_getsecid(struct inode *inode, u32 *secid) +static inline void security_inode_getlsmprop(struct inode *inode, + struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } static inline int security_inode_copy_up(struct dentry *src, struct cred **new) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index b976b88c19c3..8302c8f44cd4 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2276,13 +2276,17 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { + struct lsm_prop prop; + name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getsecid(inode, &name->osid); + security_inode_getlsmprop(inode, &prop); + /* scaffolding */ + name->osid = prop.scaffold.secid; if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index a96dc3ff6aa0..dbfd554b4624 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -649,8 +649,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - /* scaffolding */ - security_inode_getsecid(inode, &prop.scaffold.secid); + security_inode_getlsmprop(inode, &prop); rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); diff --git a/security/security.c b/security/security.c index 1e603e055c9f..2365626a3365 100644 --- a/security/security.c +++ b/security/security.c @@ -2622,16 +2622,15 @@ int security_inode_listsecurity(struct inode *inode, EXPORT_SYMBOL(security_inode_listsecurity); /** - * security_inode_getsecid() - Get an inode's secid + * security_inode_getlsmprop() - Get an inode's LSM data * @inode: inode - * @secid: secid to return + * @prop: lsm specific information to return * - * Get the secid associated with the node. In case of failure, @secid will be - * set to zero. + * Get the lsm specific information associated with the node. */ -void security_inode_getsecid(struct inode *inode, u32 *secid) +void security_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { - call_void_hook(inode_getsecid, inode, secid); + call_void_hook(inode_getlsmprop, inode, prop); } /** diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ebab856c8748..1db4ecfea764 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3505,15 +3505,18 @@ static int selinux_inode_listsecurity(struct inode *inode, char *buffer, size_t return len; } -static void selinux_inode_getsecid(struct inode *inode, u32 *secid) +static void selinux_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { struct inode_security_struct *isec = inode_security_novalidate(inode); - *secid = isec->sid; + + prop->selinux.secid = isec->sid; + /* scaffolding */ + prop->scaffold.secid = isec->sid; } static int selinux_inode_copy_up(struct dentry *src, struct cred **new) { - u32 sid; + struct lsm_prop prop; struct task_security_struct *tsec; struct cred *new_creds = *new; @@ -3525,8 +3528,8 @@ static int selinux_inode_copy_up(struct dentry *src, struct cred **new) tsec = selinux_cred(new_creds); /* Get label from overlay inode and set it in create_sid */ - selinux_inode_getsecid(d_inode(src), &sid); - tsec->create_sid = sid; + selinux_inode_getlsmprop(d_inode(src), &prop); + tsec->create_sid = prop.selinux.secid; *new = new_creds; return 0; } @@ -7211,7 +7214,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(inode_getsecurity, selinux_inode_getsecurity), LSM_HOOK_INIT(inode_setsecurity, selinux_inode_setsecurity), LSM_HOOK_INIT(inode_listsecurity, selinux_inode_listsecurity), - LSM_HOOK_INIT(inode_getsecid, selinux_inode_getsecid), + LSM_HOOK_INIT(inode_getlsmprop, selinux_inode_getlsmprop), LSM_HOOK_INIT(inode_copy_up, selinux_inode_copy_up), LSM_HOOK_INIT(inode_copy_up_xattr, selinux_inode_copy_up_xattr), LSM_HOOK_INIT(path_notify, selinux_path_notify), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 03d0ac37b210..8c362fe2871c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1649,15 +1649,17 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, } /** - * smack_inode_getsecid - Extract inode's security id + * smack_inode_getlsmprop - Extract inode's security id * @inode: inode to extract the info from - * @secid: where result will be saved + * @prop: where result will be saved */ -static void smack_inode_getsecid(struct inode *inode, u32 *secid) +static void smack_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { struct smack_known *skp = smk_of_inode(inode); - *secid = skp->smk_secid; + prop->smack.skp = skp; + /* scaffolding */ + prop->scaffold.secid = skp->smk_secid; } /* @@ -5127,7 +5129,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(inode_getsecurity, smack_inode_getsecurity), LSM_HOOK_INIT(inode_setsecurity, smack_inode_setsecurity), LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity), - LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid), + LSM_HOOK_INIT(inode_getlsmprop, smack_inode_getlsmprop), LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security), LSM_HOOK_INIT(file_ioctl, smack_file_ioctl), From patchwork Tue Sep 10 18:41:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799221 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 97EDD1A4F39 for ; Tue, 10 Sep 2024 18:44:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993896; cv=none; b=IQCnp1OSBwyS9IvIGm5SnXeOuokY/YnonydKaW2eNwquuzCvdILocMjIFzjvZ6AGDg59UsC8vyjK8XiRMR1yauqdJCjEsWoUQFTmHXu13U9ajCXCE5yuDOEIcCMTaQvQoarW+zqAjHJaedlz7eL00DHse9BE41fOdrhL7FfentQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993896; c=relaxed/simple; bh=hqc3TZRMP1PD2mJh19BK0UIVktdahRiV2R+hnZAo5iM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fzi7yWXCdISvZIP/DzdrIFgNmiji4+kP2IR0q+q06awLgoPdI3IA8QPIIR5q5MpyrNeJeDUopXLCoLC2s4ybTRn40qIFLu7VAVTpUQ6pnkgTY4hfX4s4DDiDpTpGAVAO80Q5pCKiznu98io1yRVqiQj2Xyx+CSJLrdxH1Qk0k/4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=RNTPdRNK; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="RNTPdRNK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993893; bh=P/ZrrntebfjX9fvINT7ujS9u+gREomSsDH9S52nl05I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=RNTPdRNKsmqKOBbbhbLyhv4/nfERM5B4hK80fw/Fcas7w7FEwVtPGZ7ROrCGqRTR9vEBF7cZAlF/+t7diKid8c6TW3qkboBEkV4lK4Htpbq57dqLwW5dpXSKws0Foso2Bao43nz77M4Pq3jPwnQ2MblHBoedfsPJNYFzi1geuBJQgzbX//PQI5opQHwzU3nYMVvzGlRlzVYZl79sXS3EyZF3ygtYvIytiYcWl9RzPqPQz8teWp+sZ1PYgSsIzjmUXudGSrTKk+7ERw2W2+IxlJOnS/RymhgNHx8fKtVwk24Bw1JvyUJgBJXkPxDBKGRmd2QMkQskI0TH5ch7QikJ7A== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993893; bh=uCdoqU08AkRTcAuxmLlgLpNyv1KjNf8ukv+Uql1fN5e=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=CUeYFjVyDj/kVJQiiQL3Cv4zgVhqpqBnMY1vdqh7t6B0lcbtyfIzd0jdKn5GOqbIOQH+ZJt+Y89YSYM3GOl7ttYfbgeCjjAxqtSJ4JGpaJM8Po2hSsGGjTxz3qeKJDvGWDDdPtCZ1IDNTU/rGL0jl9uQkct8oGXtDKoJPDPCJXZgMdwwfqDBXPXas9ok0IdOHBvAB3eVJDRsoxgjGG5GFGP0ZEZmcJ1Pn9arNONo5/ITa8gsrs0kzPlgfFZ5eid09XVuAHnQSXVHdkxtI5TdiQWDXcysoSk5/U2xfUklqQUGlRgVOrcGoxe47WhAZsrx7dysu6WrwrusXjLRDTDoBg== X-YMail-OSG: 4JoJZb0VM1nVVyJwgH7JPBqloS.bQoGiT9e7LoIawgX2_2UO0_LpYBEciOXsCxR x2rLq_nBlCan62eyS2vy7oaE5Pwd.JydABamr8v9nXxIKUs3EyBAot6kjQotcqYI.yONn5A8fq00 WPVAU30_rOgHcillxNKmeMqAvlMXlqvekqucATP8h3CztzJ8e2K3Wb1yPLupkiqTo_cFi8.yBqT2 GymYkoP9uCcD7MmS5kyH_oqZs6rcvecY_zh6goje2h9x1L6xVc_dEjj_Yc4zRVAWyip.amqM9Frz MTaXLT5SZ92HHwymHa2Kw7F94k1qXvC019A.K6hc54o2uFPoK9IRc.rzYGUqgtbc8tH0eDp8Q7Qs fmqxkvuVK86A4bW9njnA1f6vdJRlGFqv9qUrSllwliEAe4gAa3lviBv__gFPo7OubyMAOICY91mk MTycaWG1PWW.HZOmYqroHsO4XF.aqjHFgKMWhkoyHR2RJv7J7bKZ98aFO7PkNphPDvNxmAjrI00L oFjcSgsPNgnD9lNthYCJOikhXdR6Qf7VcCQkKl1NLBglqKjqVilTRfV4uIXi.zCiT9Indvw87yhN NsQ3QxL1szp7le2upopVbVXOyhdS0V0iftxX_0tgE0GUu9yy.EEIVU_bR.K.qlHDLbYrGgpyebYx uXDudKPKjDppjheHETz_olPm_fccX1Bvq6Z03LeoN3U6.LbWJ8o3woObdBzWc83SFd3Y4jtYyBR4 IXUQzervHew2jhnZZuhDjbKg_m3oxxk0X9.XnqXMRUSK.U7u0PsCn_WYRWMi7vRVNOo.34JxsnIA _xGmS6SN8f8osN31r0glZktTx.qhdmz1tLuHTAX5cpw46LVKzVmIiFsbcNBZ_ieLoYo2ategcHgV BN8CRuj9owojwVqY6Oo3Bewpn17t0XyZD8tiCFenuUTZynZRkRhsr5HoIZAMoOuAX_2fClLkL4bK 83usnEStt30u2rfFKxXn.n89XPvEvF6LLZV7_Dan_8L6ID4skV2qeTS.WAd3UPLKUspi.MuEVwqt q_isVcLfgJHpUuMlqOTlVCC2QuBsbWFVLQMneG5JmUHlpdB4F3XOf3efWN1Ad8mfVDT3G11RSo7Y RhB3XBV8ILCEWtfjiWDvFQBLQUEigjYzE3odoZ8dim3ulwt0nkdOSjNOtGb5eEh8w4Xe32twS5jA 3KY_EsYBXP5KNY6FMf1Ix91Qb3Us55w1pVQWUPUI9Cyrlk9IeWPEhlEozAyQeK0gJCkHjvBN6aZP MiLzTekWKqyEW3fdcbEzmOyPabo1I81CMV8xglmKAOJ28S.bypBpqLiaqOCZglbZwLHKr7orQr8S hXbMzVKvatYubFBrR.wpC96dbNKPmib4AwOlqei3kpCV3LnIogGCaef.biAU56EAVYFt2EVMoTjs Jg.sAaOeC22AzlOLU1b0S_6B.GSN0PXhuNAVlz85pFSS5Opyt1S3eCre3Nrl4mgd4NZKs5rMESGh wcG_XeGF4DSzorGz9nAOQZdcE7XFs1BUlvUxDv0_Lm8IU4hic09KOtUlR9b9qAIudMI959PtoLQ3 UCnDxGlc9ENhTyx543o6jrBXy0bXbE54T5No3EnacqHgkOCtVt2K07UA13fj.78f_qQz9rULHR5e X4CnCvCdXJs5wq3nyktk0CCJe1LFlGcSn0aRqF0xabFmI3Gs_NXA5jJ670m8pcUoGgYqvJAXNWBT Xvl61HJO3RjF7zvT557DGqHqo6qTqqFFiwQtfo_K2sNnFup8dS6jvftZ2OWw5BBN9xJbyL0P_rMv vyG.PqGOq_25Nz21N_EykImANyZ8lya74IYsI_RZ2iBBuWATWnh8AJQSQp4VWiljR16umGkD9h0j p9sC.hBsxAQT1zeJTyOeU9dujX.wbR8kMVd3h7kxRKBeELPaWyuCcLOO32pjPSW.9yqjfaMnaDt. c.4ebAm3VlhBxyXi4mlJosrluVOhmJAcrojwtu7ZEk3SExMZtxRrvJPKF5W.3BUZPxCbcxRoFM1s MZrLrFuywD4T4YkNcRCbL9hFRv2f3XlCMMRDPnH8Mdl77PI.Ts9UTtBx.rqh.XKSaA0GIWCXcMbP QW_w2qrRlPfcHDbCKqkni3f96ltv2deCLiPCFLargeXW6sGTkJDZpUlQQj8notHEGk67B29DJ5.P 3U9t80ikIrZiYh7CdCsa5tjlIQybHjQggloTPUIKmTCJFiqmpJtUcDWLHFtrKQ7PugaHRg8N4JZf J6r0mckKwWm0_10Z6cD0veRWCN1bG8PmdzyrKlz4LVcLW8FK9b6J9qPbZwd4GXCumXaTZ_2y4VeP UztGtn7_wuIHpwzHeSQHOWsDVsyPwek6N8QH2We7q7g-- X-Sonic-MF: X-Sonic-ID: 7822645a-bf19-4e3b-b32d-4f39caa388fb Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:44:53 +0000 Received: by hermes--production-gq1-5d95dc458-s958r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 52d00b93a233ef9d46e84b01a7384b7d; Tue, 10 Sep 2024 18:44:49 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 09/13] Audit: use an lsm_prop in audit_names Date: Tue, 10 Sep 2024 11:41:21 -0700 Message-ID: <20240910184125.224651-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the osid field in the audit_names structure with a lsm_prop structure. This accommodates the use of an lsm_prop in security_audit_rule_match() and security_inode_getsecid(). Signed-off-by: Casey Schaufler --- kernel/audit.h | 2 +- kernel/auditsc.c | 20 +++++--------------- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/kernel/audit.h b/kernel/audit.h index d14924a887c9..8e6f886a83a4 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -82,7 +82,7 @@ struct audit_names { kuid_t uid; kgid_t gid; dev_t rdev; - u32 osid; + struct lsm_prop oprop; struct audit_cap_data fcap; unsigned int fcap_ver; unsigned char type; /* record type */ diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 8302c8f44cd4..0ff78ad7c97b 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -698,19 +698,15 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_rule) { /* Find files that match */ if (name) { - /* scaffolding */ - prop.scaffold.secid = name->osid; result = security_audit_rule_match( - &prop, + &name->oprop, f->type, f->op, f->lsm_rule); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { - /* scaffolding */ - prop.scaffold.secid = n->osid; if (security_audit_rule_match( - &prop, + &n->oprop, f->type, f->op, f->lsm_rule)) { @@ -1562,13 +1558,11 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, from_kgid(&init_user_ns, n->gid), MAJOR(n->rdev), MINOR(n->rdev)); - if (n->osid != 0) { + if (lsmprop_is_set(&n->oprop)) { char *ctx = NULL; u32 len; - if (security_secid_to_secctx( - n->osid, &ctx, &len)) { - audit_log_format(ab, " osid=%u", n->osid); + if (security_lsmprop_to_secctx(&n->oprop, &ctx, &len)) { if (call_panic) *call_panic = 2; } else { @@ -2276,17 +2270,13 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { - struct lsm_prop prop; - name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getlsmprop(inode, &prop); - /* scaffolding */ - name->osid = prop.scaffold.secid; + security_inode_getlsmprop(inode, &name->oprop); if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; From patchwork Tue Sep 10 18:41:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799223 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C0ED1A76BD for ; Tue, 10 Sep 2024 18:44:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993898; cv=none; b=D44dnEcksS/cdxKnHenkjF+w0DgYuyTCYAc8XfpQ7WyZVhnsK+5n48FXq2V1xNMDVpntc0svp2Yd3nr33r8WyVNRATrmsATvuubvsyMS5FP/PU/tujBL+5P+whOjdmRreYMDajQfGUiRPjWHQXphfD06TdeYJV/cUE5Lqa9R6qE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993898; c=relaxed/simple; bh=JBK1O7fXK6QgQ/VoAl2pmxxHL+v5oNMWDFuZVFUUO44=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QnDZGdW+Ned56WEdGWShIx8jy3V9pznQdqY6EhhRTnC8V80j9+pzwY6sc/gAPu4QvyC0MbUt9lw+HtXeLD31UQ3UdPD8+JOIGaEZHvCg1HmP1Sny5oFsv796ZLxKh+p+uGbonf3fpY+ndLgpi7doygOUnS8vGhsaLxGx+v104JI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=tDEDDjrz; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="tDEDDjrz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993895; bh=vy7GpGeQRSJudL4lBO0JXn1r1cbYVq1uqkvmngtU074=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=tDEDDjrzaAtVae8I0cDm2WOaCFdiIXDzY9QtveTX2uBtgXC53v3hhtK2FHMqlUH/BZrjDqmdL6BS7fTx2qVIRyqN48X62hFWtf4PY80vrYUgdTHJ9vDw73GW7BPZiDt7b4WeXcha/HJXHt6q02XXvxXBM6QbmvX0ELr4kTOiTbfrD0CotjPDnMkBjE1kpe7D4eDAEEDmDSmV9rIfG7yRvZF5Q2VvCPI2C/clTPfwfAkzolUUXWc/SKLOTYeOs4YAx0DuE5CUInX/4Se7IDYABrZp6BJnjpD4pJlVJuMrP3HibWeQCgvtzIqWY8RCqZiyGWCqNMI2AuxEyfdL99iPpg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993895; bh=JKtPrtR1XRhAJr8PvnPXMY0cEAVMwyqQ4u2FSD1pVms=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=SWt+cV4LieYrJXmG0aESHk2YKm8BJOne0CoMjTrtjH1nZgmkaJPSxKYcE43ndFiH5mbYMFZtvsZaP7UyPpQqAXhujIId/+ovNWNejkhsXDPvzvtAKvvlHwjRRyZ0PRGwHnwr0e7qcNwAN4fSmbhQ21qCHJ49nvsLE7Bm6tClaX2XYShAmfm+QAl+GEV+S1CbZczoyQprDKNH8lpreFov2tZqW9nvCBVpkUGcFCMI6uLQwCR2Q7OAE7WjQ9IFrLkuUvLpTtsht3rHJt7ulRbmh1tbrS/93w/6uQBtLOTECu0A1tT19yLqgxFY6sPgsjv0OBfGy1W7aDj/M2VzJNcSXw== X-YMail-OSG: VaM3YXQVM1kY4DlBhIKQOh0niUSKSy22PJ9eUHTc9OCl0lNw3xjABJd8bdIePRT W3RBCMOQwFP1ryodHtdplyUhZy5EKCBDN2Gwdk1b67pERq6OfwhOliL4tBggjvMDzzBNR38QjdFd 82RFvEUMe9ezoWrVeH2VfK4Gs_SVuEGe_jCusLG2wChSFpTLXtyzOPRI4nb.w7XtSWDniFxmtQYZ qV.CbM8_VLrsv38Q8PwM89pfF0pgYmwHJRbc4CEdzlg2iKsCym2cW__00LNLJhJJCcbB5XQ1o9iA cuug.xz2xxNRpy_dnj5dkvV9DDyZCBFez5xq915I2aFI4nfjIrxMi.0OOnWCDG_kML9cwvXgcBs. Rb8gVCaqAt7KL1besrQkZ3kChm9rvoFJl9peJqE2UYYvSLOvZaYRVvCbRcVPliggTlCuqnLqLUCQ OOuStl850FjYeb_4FAQOkjuHubkg.JTXjJmiKypJhuVqQE.ROh36VNbW5WIuTI7sjosGKAVyuxfD btfFPggU16vYjmgPXGIYh1WCZO4o9OBwGGoZoZe6E8vrs.NflNlrVgcTqXsUyJKmmAnP6MtpIAax MqeGgmJK81qtGGLXeGUToDLnH8cWUsMOR8he27c1BEI_4gza43FOKNM.bZODqk1Ww5GYxMWJdfM0 IFdYMMKYmX9PaeLwhf1TOQlhB6797bosWvQJokXcCceLwSfn167RnyFcdhpNw_eVVGMYikKFAAoc hH8yppcF5yxEpTOomirJ1ho2tfDPAj9IyD_LTRKln_utXOaaXcWhivOJ3dM0DTMj77soxEp.gvlS wa0ui7gGyu7SVjvhw3IbmH2eSIAQ_qc0ITnvZCvyDIR3UaAAw00bCuihgSAK8bFA8JsUXW7vObLM yh7BADJdtjMWHAmNFbncWj1LSOJFJ0.bcKFgEnQoxnIYjKb5Wt73GivVKX2rBfFBUBlJZmTCqus3 HfRjkQq6PE5r6PjiJlhDub04f7RK9lZlTltG.IxXvFMFwpgfabmUyGN0e8laJY3ld8j1BxRNb0eo 0NabZY0JdJS_ywmcE_qcZbmgDRVCk3E_tQSfhtBJUcCPt3K7l8Ms7tLaZR6zKSK_sQfWjkxcnAeU XAt.Uyu9Bno.lGda2TIJZ7DfF8xYGDkRoDSPrtcNaJb4.ZG.5wXtkKd8uvjHaI2gZUffFmcr0cWd FjPHDszApEFv1NPQVh.0IuqcjMcJMdzNbXm2MSIyUqVWNo7MBTYShW15JKl63S_x8vBQG1ANXzZ2 N4IYawDysmun6kYY4quc3tMjIlxoLY675IZhlYqGKO0bRmmMsTqilWqBKWiaSAXG2HH57r.xFK13 gEe4AAcYsVts8xv5l_Oh1NQTz6hG54ZhHFUyepdcx_wXy0sm7MdLaJSeCGmq9BE88pFDGP1BwL20 f24KjwsET7Ad3F63qtFzBBrE87HYOYN3iaZ8YeNOpxbDPic.EJIjea6zy7urHUFvtTFH6MqarMKa ldjokJ.oW0EaNn9.M7hwPXj71szdMNz4nhXAUBDmVNsjJ57CtgKGYtZMpp6BT6upGfpdnqsqVqOq 9CMm7L2cb6Kxw5TXGTdo9gF6figbjL1L2tE9tHMGxMzo1zDnCp.J_UGbgZ0AXHhXzSeJhKu85Ho3 cE9LpOK6UuaKYVxl_8lht1bfxlRHUrVFr7_2AnpYwmjO_skhrIRGGAsEKS1BTc.g3V.k8MjeBEZE yMQ.FTkshmzp07F4DXqeVxmJU3g8eek2F2mPdqxuOvJPZJHAO8XI6cpOAeLO37ZZ89bUj3PlQIMe hRWUJq3VKbctDdt0DU1F7u2Umo6lsdNPOPkgsp9mU8pu6UB0XoF0CjgfU.eb81gLSuPsLHRzweM. AUa7QSbef8lAThbdU3QOQzY.dEgoOLN_byezO.uaLynj56So96qxBevQ01Dq6lJnWGPgc.3Awpf8 iNfPbizRDwoQqjooZSNEPR3Z52Oj4uiPZ5jlg8S3trryvnkF3j4TTYJaEEwgxr2JbPdDVhzMaman 3RMCWQveRe0zE75UfmZOPRAhFUzcow4fa0WksptBvPm1z0cwiKDmqdpv9nHUFZzh4TrKyZQBCVuf xfu7m49nRY1g1pf6avZgFjaVWShroG_pVrqQAzcu6kh23ZwX5pC6qYHrr1jl0eLBDqKG_7zEadvY XgRLaZhUV1_Bp0JidDrIoCHDzFSkY0MMRKAfSJYO3AG_58OMJKHyL_vsODqnXV1ovQw.CFgh5Eiu qmHmFaehmXCIHnmpY.8ATQxPcX8RKAF_FvFUG2Wo77pOWpFTLbnh1jhCkDg3r.1wvutO.Xwoy6ds YR1tlM7ve3nhNiq76v0Hx5zaRfXUfKuCaH4v4UIgi8J8b2Q-- X-Sonic-MF: X-Sonic-ID: 26045f67-62b7-4c91-9a7e-f99aa3966052 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:44:55 +0000 Received: by hermes--production-gq1-5d95dc458-s958r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 52d00b93a233ef9d46e84b01a7384b7d; Tue, 10 Sep 2024 18:44:50 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org, audit@vger.kernel.org Subject: [PATCH v3 10/13] LSM: Create new security_cred_getlsmprop LSM hook Date: Tue, 10 Sep 2024 11:41:22 -0700 Message-ID: <20240910184125.224651-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Create a new LSM hook security_cred_getlsmprop() which, like security_cred_getsecid(), fetches LSM specific attributes from the cred structure. The associated data elements in the audit sub-system are changed from a secid to a lsm_prop to accommodate multiple possible LSM audit users. Signed-off-by: Casey Schaufler Cc: linux-integrity@vger.kernel.org Cc: audit@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 2 ++ include/linux/security.h | 5 +++++ security/integrity/ima/ima_main.c | 7 ++----- security/security.c | 15 +++++++++++++++ security/selinux/hooks.c | 8 ++++++++ security/smack/smack_lsm.c | 18 ++++++++++++++++++ 6 files changed, 50 insertions(+), 5 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 75131153f89e..75b3f5c7cb6d 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -215,6 +215,8 @@ LSM_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old, LSM_HOOK(void, LSM_RET_VOID, cred_transfer, struct cred *new, const struct cred *old) LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, cred_getlsmprop, const struct cred *c, + struct lsm_prop *prop) LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid) LSM_HOOK(int, 0, kernel_create_files_as, struct cred *new, struct inode *inode) LSM_HOOK(int, 0, kernel_module_request, char *kmod_name) diff --git a/include/linux/security.h b/include/linux/security.h index 6c50dfd70e81..ed13cf5bbe1f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -473,6 +473,7 @@ void security_cred_free(struct cred *cred); int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); void security_transfer_creds(struct cred *new, const struct cred *old); void security_cred_getsecid(const struct cred *c, u32 *secid); +void security_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop); int security_kernel_act_as(struct cred *new, u32 secid); int security_kernel_create_files_as(struct cred *new, struct inode *inode); int security_kernel_module_request(char *kmod_name); @@ -1202,6 +1203,10 @@ static inline void security_cred_getsecid(const struct cred *c, u32 *secid) *secid = 0; } +static inline void security_cred_getlsmprop(const struct cred *c, + struct lsm_prop *prop) +{ } + static inline int security_kernel_act_as(struct cred *cred, u32 secid) { return 0; diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 254ab465a4a6..09ed06598805 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -541,8 +541,7 @@ static int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, static int ima_bprm_check(struct linux_binprm *bprm) { int ret; - u32 secid; - struct lsm_prop prop = { }; + struct lsm_prop prop; security_current_getlsmprop_subj(&prop); ret = process_measurement(bprm->file, current_cred(), @@ -550,9 +549,7 @@ static int ima_bprm_check(struct linux_binprm *bprm) if (ret) return ret; - security_cred_getsecid(bprm->cred, &secid); - /* scaffolding */ - prop.scaffold.secid = secid; + security_cred_getlsmprop(bprm->cred, &prop); return process_measurement(bprm->file, bprm->cred, &prop, NULL, 0, MAY_EXEC, CREDS_CHECK); } diff --git a/security/security.c b/security/security.c index 2365626a3365..137ceea105a6 100644 --- a/security/security.c +++ b/security/security.c @@ -3153,6 +3153,21 @@ void security_cred_getsecid(const struct cred *c, u32 *secid) } EXPORT_SYMBOL(security_cred_getsecid); +/** + * security_cred_getlsmprop() - Get the LSM data from a set of credentials + * @c: credentials + * @prop: destination for the LSM data + * + * Retrieve the security data of the cred structure @c. In case of + * failure, @prop will be cleared. + */ +void security_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop) +{ + lsmprop_init(prop); + call_void_hook(cred_getlsmprop, c, prop); +} +EXPORT_SYMBOL(security_cred_getlsmprop); + /** * security_kernel_act_as() - Set the kernel credentials to act as secid * @new: credentials diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 1db4ecfea764..a523f38faca0 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4029,6 +4029,13 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid) *secid = cred_sid(c); } +static void selinux_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop) +{ + prop->selinux.secid = cred_sid(c); + /* scaffolding */ + prop->scaffold.secid = prop->selinux.secid; +} + /* * set the security data for a kernel service * - all the creation contexts are set to unlabelled @@ -7240,6 +7247,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid), + LSM_HOOK_INIT(cred_getlsmprop, selinux_cred_getlsmprop), LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 8c362fe2871c..4d236a5ea5c6 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2150,6 +2150,23 @@ static void smack_cred_getsecid(const struct cred *cred, u32 *secid) rcu_read_unlock(); } +/** + * smack_cred_getlsmprop - get the Smack label for a creds structure + * @cred: the object creds + * @prop: where to put the data + * + * Sets the Smack part of the ref + */ +static void smack_cred_getlsmprop(const struct cred *cred, + struct lsm_prop *prop) +{ + rcu_read_lock(); + prop->smack.skp = smk_of_task(smack_cred(cred)); + /* scaffolding */ + prop->scaffold.secid = prop->smack.skp->smk_secid; + rcu_read_unlock(); +} + /** * smack_kernel_act_as - Set the subjective context in a set of credentials * @new: points to the set of credentials to be modified. @@ -5149,6 +5166,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(cred_prepare, smack_cred_prepare), LSM_HOOK_INIT(cred_transfer, smack_cred_transfer), LSM_HOOK_INIT(cred_getsecid, smack_cred_getsecid), + LSM_HOOK_INIT(cred_getlsmprop, smack_cred_getlsmprop), LSM_HOOK_INIT(kernel_act_as, smack_kernel_act_as), LSM_HOOK_INIT(kernel_create_files_as, smack_kernel_create_files_as), LSM_HOOK_INIT(task_setpgid, smack_task_setpgid), From patchwork Tue Sep 10 18:41:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799222 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 77D021A76AE for ; Tue, 10 Sep 2024 18:44:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993898; cv=none; b=AY5JFlwek4XuhxwrqKVfsN80ksTP55n3bKHbPWuk/i5HDK+jWVMf1J7nRtKUrbY9cOiNI38mcpZ3AvHMxkMxovR5z0WoU3LbAHiPENVVl2iW82FGneWZnigGh8o5rYQilruQCZJz91YFagB1tBYHOYc6mWAVdN1a4XD+9QfrzO0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993898; c=relaxed/simple; bh=sGltIXfkynShpVqjz2ClAXpQvxLVAHMhGG5s9l6wHX0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=G1IcTHhBrYRIKBEaKi2ITqSb0N5RiZ+4f0aqbz02pnTj0X7upWaqZ/j2+KemRyIA8dDYUtvIz1qKQTaQzoHAoWCfevy9SpT1Wq/Vdgr8W3Fe6p853fmZXsDLrd0TrW7UBhOMmsJesKqKhgaxOL5te57YLHvqOKIA0jpH3G5CRiM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=oiSyleAV; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="oiSyleAV" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993895; bh=IKqSZ0+4nxuHpoVrc8hYw+S1iLCZ6SQZzlkRqqhU5T0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=oiSyleAVNCxmyT0gUSJtQRSZob+LBLn7QTFZtnTRWAL/zjGovowOQLecoN38/Q605d6VooMamXbUIQYLJNLBKv1cJmAUByjsagPylyn8Q5jdCzcAI1N8OhIBCxnmXzyDo0OwahTjTo6WhYi28FLFRR3GcReDlz2LSgHOZyYtZNoOMYVxwZGI7iTKUHnGAxIXPt37+LQKDieV4LdonCysmlleUjqcqIFGwX/b+iCyBpRLN9fmaz6Fgt2scfBr00zKKCAhNvJ9ZxcxX3Dmoas1HGJUesCE3r03DxralbnhK860i0o8x4R+lpKSqatep3OVTb7D7omPKETRecOip2XyWw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993895; bh=g41Y5YFI++8ocF3Kr3QG2W39mIbCYAUPOtbRZCv7Zo2=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DwLXevG/Nak2TKzY+772d8RL+d6vvDJjn5mbn6N9VSg9WS1Zk75nesEtoPeU6ECKAvhAsOySIGSPqZV0OF3vcxj+9YwF32pv5TCfYHUtvu0/wzIl8lkjM3yj2+YOKikOyX7q009nvw0vWULO7mAvRRQRREAte7R7MBxsCQFsRtipIf4Z1lgbW+EM5qKZdM/5GBAnOiyoGdyb4G2dg9Hc8YEmBVef/VsWOchV3wz+Tu18k6A32/TsTbg3XENnaZ8pG30GM9HCxE2MTEpMB/QcQJHQkBWVWtrYcdqULoIw7WrG0xHhyrzquYgDab90ntD6BZ6j/Tdbt800uQ41144uyQ== X-YMail-OSG: 02zfvYMVM1nmQDYRI_uDPa2bTSpttFPKH8VvWU94S5ZIO.8s6zr3BuAZqOKeaWG eeF41uuRcDPBsh5G1J619teSCzPctqMJCymzZulAHa4OrqMZiJJMQFOZP0yV8np9qMo4Qp8bADky laPNNeA8Lr8gvzx3h9aPOwHnS0YGCa.1e9UnKiido1GcAYbPHFHf2SL2vu1B7hdRMWdAXfUuJb0_ wlcMvD188BCvqLVYpK0KDibRLhPttocgAEjrfARmqdOx8EDMkhwaV2B8bsYJ2lWY4dLaKFbIPbQH h4G_Bugs0haQlXRvxzNGCbEuVPHS3feOjaKeZuWHT3MFdrZiAGdNltU6tvuYzNeL3Pt_NJRgeWuC CNi6s7XopO_rLPMEpuOUvfq6Kjk._XVdg3HfDWb6vecirfYzqvwzsoymzPC85D0thxOzysqZClNm 95cMlHmdWlaD6crCAlY8m0gcb8cIhhRig98on4erfuSjPLfaZU83bLHuhvPnWbjmcYWWCzCXQnR9 oUtQw11bdYCgjeimAJwwwHwHHhICVvmbsKPAj.sFbcMxkvKEZtNI7DRLB8hyQK2d3aXc2RjQoh0C K6iLdEOpWTmC3Z7ljH4oEgnA96px8u7TzMuLisOSF2jEEiuPDUqKPtbLNHDrMnIYrg8u1KN0feMm Z6f6MWoBnPrnPSHUMzeYj28pc_QQPbqUD.SSVkolYua6BjshKiRM2xPSeEtA6B1l_BsLqfeORZ7g PyzAs96BFq5Ygd4czAgMttn4.UakkEDhgiwLiD7jYZATtTxKcbIQ8qxkJU3gpf6QoDRxzjDy41dR yOvr.Wfg9sAmE1HWhjYpT7ZEhDZLd4vFRYjhOstxbA5b94O0KoHFw.FzVs3SqVCy1nndMunimA6G jnkeTFCP16vJmdcrnjHlOuaAnzOGRIsLTJCzcXf_IKNZtt6YUsCriLpwsmVL.s6dHX4zYwuVSnuy _gBz0cs9M5dxhhvmtO3pXr8RvAWnL2_Q7RND6OR6wvfGhlw9y9c_0hUfaf1kxedkfGbfDdCyGd_0 cd_G0B00dpj27l7d9pJQl8RJWNVzVOmX9.PuFDoyCm4PBGOdhGqXOIL2c4BVyh.XX8O_5nbLgDFo XS1yftgQrpcxyVTsSuY8u9h2zpBT0g1sQFbC0ansLjpOygwGtHaYrVALbn8._jHnTzopdHcQ74Ty 5Bg3qwNscCLLDoTrbBH4xAKYOGWHWZsffUKH92h4mRNp_9SbHkkpxbOB1WbDPuWkB8ndLjbja2lj aj0tXbaWBokz60GWBoRN_Hk68.0Ju_rxSr4aleWqvGx2VvbdqLG77B3A0qCtLqKGLv5DTet68_CR gOvYi6s4a4igYIml37bYNi3TPsFsLWJT74K3Zhal_kG28WErIWPo02iTg8Ci2BrmbS_EyinpewAe fNQCgLNVQOYO5zdujf..ornBD_DR4jbCmqcU3uHokUpaskiy.ZtnQdjLUZz7ImTignFJNXbN0SVI WfO.fHvE6p4BBHZP6rC4XvCippBn5gw2HOX4l6vUK3h.iprxpUghwVoRBdXyxO4JbvWFrfctt1nn hpwCy7uCoRjKRizSwPU7Mnxsfs1u_8W3KSvGjwIi3APwFS5JFd_Ya6cpuufrFR3ujJ8A_S9K.UWM LiiF4am5AT6SLKPaUlmCzC1lK807b664n5BuWqwIF92m74IMlsifHH1d2hC0P5jNXfaQf2U8MIKU Bxbzjur9g7u88ttK0Cc8QhredOEBLdF5h2e.CDTv1jW5_EIPH6.w8O8Kv4GcYvc9GOTQEyJ1NxiJ 0jcCptN46a_Wts0MQzUS0FjUc3TyoYxMgUyuH4T8kU8ceKgLo4kxObO3YDjolc9gtaNWHwEZ3NI0 KhYM7jI1RpAHdloxy9sjvlYyI4BQxNqtofwq0tqdw.WDmYPj5nEAZIuFCLsfy_kFeAAeaZBCbsrj gIkZew1FxznArh7_y6UYBTAHjkucX64aikgtJrDJ.OpxajX023WVySgyag0TyZixRopAbhS96e11 JacjKaDa6tYOieP9y91Ey3FNpGSmSU6YBIiSFK6J5vN1xKHVhz4CcYhd7AdHdew3V76ujpqwgztf wcYepsFkeWgkVHKugQ71OS6L0dC4oJwCNOfhv04OZ4VIGbcwWVL6e2Uba5Md.Qn8Eb5BQebKOl6u 1SwEo0bzh18FbyLPjaazqHXe0KPdsONAKxuuyh9XKdlkBGlVF0yc2s2BT5j8EGHSBhdrO8G9UwNY FwBNxKojICzqFANzdNb2pRi6lN6hf3Qe3fFZ19OO8i6l4LGJI7aHv_tlU.E9bseXUil0oXj55dzG HpVonZOXc0n.4zk7.JY4KlqZkDs6z9Uw6PhSVVJdeApZDNg-- X-Sonic-MF: X-Sonic-ID: ca303ed3-37fb-4265-8236-3e0313d55ac4 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:44:55 +0000 Received: by hermes--production-gq1-5d95dc458-s958r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 52d00b93a233ef9d46e84b01a7384b7d; Tue, 10 Sep 2024 18:44:52 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 11/13] Audit: Change context data from secid to lsm_prop Date: Tue, 10 Sep 2024 11:41:23 -0700 Message-ID: <20240910184125.224651-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the LSM data stored in the audit transactions from a secid to an LSM prop. This is done in struct audit_context and struct audit_aux_data_pids. Several cases of scaffolding can be removed. Signed-off-by: Casey Schaufler --- kernel/audit.h | 2 +- kernel/auditfilter.c | 1 - kernel/auditsc.c | 31 ++++++++++++------------------- 3 files changed, 13 insertions(+), 21 deletions(-) diff --git a/kernel/audit.h b/kernel/audit.h index 8e6f886a83a4..0211cb307d30 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -144,7 +144,7 @@ struct audit_context { kuid_t target_auid; kuid_t target_uid; unsigned int target_sessionid; - u32 target_sid; + struct lsm_prop target_ref; char target_comm[TASK_COMM_LEN]; struct audit_tree_refs *trees, *first_trees; diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 7589845cb9ee..1d8381191ffa 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1370,7 +1370,6 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_SEN: case AUDIT_SUBJ_CLR: if (f->lsm_rule) { - /* scaffolding */ security_current_getlsmprop_subj(&prop); result = security_audit_rule_match( &prop, f->type, f->op, diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 0ff78ad7c97b..3d3a7cbc6c5e 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -100,7 +100,7 @@ struct audit_aux_data_pids { kuid_t target_auid[AUDIT_AUX_PIDS]; kuid_t target_uid[AUDIT_AUX_PIDS]; unsigned int target_sessionid[AUDIT_AUX_PIDS]; - u32 target_sid[AUDIT_AUX_PIDS]; + struct lsm_prop target_ref[AUDIT_AUX_PIDS]; char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; int pid_count; }; @@ -1019,7 +1019,7 @@ static void audit_reset_context(struct audit_context *ctx) ctx->target_pid = 0; ctx->target_auid = ctx->target_uid = KUIDT_INIT(0); ctx->target_sessionid = 0; - ctx->target_sid = 0; + lsmprop_init(&ctx->target_ref); ctx->target_comm[0] = '\0'; unroll_tree_refs(ctx, NULL, 0); WARN_ON(!list_empty(&ctx->killed_trees)); @@ -1093,8 +1093,9 @@ static inline void audit_free_context(struct audit_context *context) } static int audit_log_pid_context(struct audit_context *context, pid_t pid, - kuid_t auid, kuid_t uid, unsigned int sessionid, - u32 sid, char *comm) + kuid_t auid, kuid_t uid, + unsigned int sessionid, struct lsm_prop *prop, + char *comm) { struct audit_buffer *ab; char *ctx = NULL; @@ -1108,8 +1109,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); - if (sid) { - if (security_secid_to_secctx(sid, &ctx, &len)) { + if (lsmprop_is_set(prop)) { + if (security_lsmprop_to_secctx(prop, &ctx, &len)) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1778,7 +1779,7 @@ static void audit_log_exit(void) axs->target_auid[i], axs->target_uid[i], axs->target_sessionid[i], - axs->target_sid[i], + &axs->target_ref[i], axs->target_comm[i])) call_panic = 1; } @@ -1787,7 +1788,7 @@ static void audit_log_exit(void) audit_log_pid_context(context, context->target_pid, context->target_auid, context->target_uid, context->target_sessionid, - context->target_sid, context->target_comm)) + &context->target_ref, context->target_comm)) call_panic = 1; if (context->pwd.dentry && context->pwd.mnt) { @@ -2722,15 +2723,12 @@ int __audit_sockaddr(int len, void *a) void __audit_ptrace(struct task_struct *t) { struct audit_context *context = audit_context(); - struct lsm_prop prop; context->target_pid = task_tgid_nr(t); context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &prop); - /* scaffolding */ - context->target_sid = prop.scaffold.secid; + security_task_getlsmprop_obj(t, &context->target_ref); memcpy(context->target_comm, t->comm, TASK_COMM_LEN); } @@ -2746,7 +2744,6 @@ int audit_signal_info_syscall(struct task_struct *t) struct audit_aux_data_pids *axp; struct audit_context *ctx = audit_context(); kuid_t t_uid = task_uid(t); - struct lsm_prop prop; if (!audit_signals || audit_dummy_context()) return 0; @@ -2758,9 +2755,7 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &prop); - /* scaffolding */ - ctx->target_sid = prop.scaffold.secid; + security_task_getlsmprop_obj(t, &ctx->target_ref); memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); return 0; } @@ -2781,9 +2776,7 @@ int audit_signal_info_syscall(struct task_struct *t) axp->target_auid[axp->pid_count] = audit_get_loginuid(t); axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &prop); - /* scaffolding */ - axp->target_sid[axp->pid_count] = prop.scaffold.secid; + security_task_getlsmprop_obj(t, &axp->target_ref[axp->pid_count]); memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); axp->pid_count++; From patchwork Tue Sep 10 18:41:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799231 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DCC331A7050 for ; Tue, 10 Sep 2024 18:46:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993991; cv=none; b=jAVoq/SZkoU2Dl9WXGuQV4VCVhp9xpYYLLRXfh3yAXZmtfvCYeZs8bzZEt+uhTRhz0t3j0Vkb11V61InKuqU72Z3rz5y4RBsK1CfRup2C5Zlf6MAgdbaIR665xorV8shGhqsxebjpFYQGOxO0GooPR/hI7eHa+g6NGrQGAfNvdQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993991; c=relaxed/simple; bh=W8OMc9fA8HTKz0dHEFvJzgL10u/y0wf0V4o6lElOSA0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qku+jtWKyRjHXJQcrksxc09/Pfo7HSIOMaQtnVtxh5EYzxn9L9q11mS+cn3FPmGcAEqa27CCoOH2e8W5e82Jzu7c56Q6lQYEMhzaoFkCJlr8x1ezwyp+pzsvCJW0g1megKa9yjfO5YvscEQElEbjfjcxt4CiMbCNds/ydpKV0tE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=JVRnUfRe; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="JVRnUfRe" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993989; bh=2pQtCQM2s12nVMZLCkPLb0og5s9GLCbFsCXEqZw75Vo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=JVRnUfReQYQtOu1DAvndnBQIat3ySXmxjO1q0B5ATq+k/NzpNqmNxR3Qqbo0PWjPHRy4PPFiW4FMANZcvjq6OgIQe/K/rZXoWkldTRAw3dwK+JuLwuNKT53obNYHWU7zNg1IiYtvAA2oGA+sjHjmogxSswe8riWklHFhu6Pu3XzSjsYWWjwjODM0SUm6+ZSPIAcr55QIBuL5R0Hr4scmyCroMf5TEmJrg1wCngfce6wGg+K6oQOZB3tAqGaRYSPKe8mB9j4UZwPOTBpWjTOMRIxkpv8kWR2Y1fbu4ChZrn1SPhtUlI2+HqIVjRTZM68znTfN4WlqJJ+VQ0Hm9G7Ekg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993989; bh=YCyhaDyNxCf12Qtutsn37lGTWeBHNa89MxegxEWHeDA=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Wq9kigslxWWQKHtZOnzNKPEbrdLl1tsjmzidgxT4d1t109raRmb4Aoz7xy6zx8pQXwkv979qHjMDRFATN6vubXjN47BjBP/1oB7s49Vj/olnB0M8M85YZ+n6N8c2dNOqHVnB4Bx56G4ksylmnJ4ZTb5U8HzYBsCf94A/4bd+JutpJLhwBkcXxetMUBX18Rvb2vrZedhc/q+eTm+52mdGWesihyh6VLyl4mQYBRFRAQP7gjyEcASKdaUjzMMZ8sqBYUXoF0egfLmgr2Nyol293FKSiENBqPpWBgh1Do2xVMi2zggcQsH0GDYMwQHsY18X30lSuKgnqWUpauMcqcVlHw== X-YMail-OSG: A7OECvcVM1l7ys5ey4fo3Wip2mB0SnfUGWVtdNkzO9hGiilPU7racTZ1V7OfaHI qBEkZyLn.wxNxVvO4mmgzGvEQeVHo504AEMmwt_8Z83v1p2B38UzJC4tyvN_odppeNKLj7VILhFK CAAzWb9n1jvjBVYwOgYhHCM.F2.6wx3XeacLccGgQRGd7CSyuBh.8IjZUTf9Oy5p6P7B.Ox3KGbe OhwSBBmTmvBdFQcpUHPCEUQqb0jSfvdQ3NhH4b7Io3HUmW1XkH5E6pm8JvsrxzqsdD27Vzheq5Lt NNm.pWK3r20PWX13VEX.4aFPNIhyN6z3Z42ZPoktEUe7IG78lamDElyQ75pYuRyGuOYPv9VmXrLb 4reiZQfm6mYETDGI0dPW7zdY2NTxuxz_GTbgLrvDrVc0JhfWgXQc7d1akwO7Xnq6npAY4cba7gbL kwbUFnZ5yjqRK_D7kUMiUeRLzHlYIPoaEO86T3Tr8QawumhhmmbKkLPce3cix59fMlDdmvjlsQ9Z 6VMhQEW0WjQephdr9PuC6OkVsE4X.Z9i3WKzqZ7soT6GDVpAEXNDZsUBLdk1oxU1IeEthfApsOh. 8TwmRc.BuMq2wkO2iqylDG0QYWGnKkTfz7vBr0Y94uaNH1q7.zrIDQzahuUtFqvcXR85ijRhuGIh 3cf_Tzs6pfHcXVhRrL3YtCB2aYY28XAZfGSpjuyQCP7T62WebGSLFok54LOTu_4hGm6hPaNRhypm F_WNswqJJKLgGU.D8IxmSpUdufUqYA4KAzD2qXLqIasRI6RcFpwsIfZtJWEtrlqry7wasVURuOr. JZGX6HhNZeVE4B48KDVg9WWbjlHt4SqkQWts4d5LY2cACUJQVh3DxVJ7fSfJe2KCuYMvm0Whmlcp GOI7KaWnntzMpxhAhRKi6ElyP9nH8T.z4LnkKZhhYx05Hlov7K57Ys3FAyYAMmz_zeV_GQ5Z7oO5 uCPk_UjSLQ3gc_mlapuNRd.ttsqsKu6gpC3qx7pH2rtxBO9WRDgXoclF1ZF1V9zZn.G2B3UnB3LT IOny.fe1wxS7_._n3ML1l6JRKscttHojk3zGweYq8ThL_6Zs3JuEYZYVzYowgVOC6nTUZPJp.vv6 5ZbnQ.a34tM2dTlOBwe6k_ZzoSnZZfoiOwF1CwbyhKf_NseOH_RvMaA6SsQbMlG79cscEw4mSlGA YCa_2BmGrOJ0DHCC5r7BmoQqy8fpCRPn0CZnlCPbdooA__uCXFIXRGJ3QgS9Q9N8wSnYy.o0w.Da A55qC_DSB1vHjPBqHJqr_je2CvbAGc2DjxL8AyMg0zOZvS94UAcwA.C1a8dv5WLhjwq_vQ5DuUj9 luGOZZku93Vg_0Ue7zwgi9ICLdgboT2aqku5bPK8QPkJITuMxJnBaESPQbHYu.I5jZH3IxwfMs4j mple5ga1Dav.PROk7K8.Lx6XLbxmipMgsBRJze33NYkVjEZA9yE9GP3fFxPR8AWMFrffCT1FUKv1 THAI_pJtWekttpXA16OoxE0ko.PaAhb5LHOBJxajMoiC9WMXBUELzgGXCD8.zYm2NPKwqq_N94rb OsBMasRCZGYsZU2EPm0CoA2fMBPfGBiHE3V9NNOCf1oheFwKX3MvgEV5CPXOk1T38f8S17cQVoC. WdfPunECSa7QRSDCmD9VBdmkBWmO5uyr5lHEW2ryTsGF5Z91r0dmBHqJyUaqd6Jdh8ITEqP.Qm3Z 7TnvEFbCdWp9T40g_sNeZaV_4_WmCsvpXR.hKHQj27A3DRlLmgt0lsSmBdAnoOYCY6BcsJI7BhpC CIwvHKAYHTfU1VtGHTywO7rtJqsMxvxSFxdutFpYzenHpupwaEWwRiYKkah9nKTbMyGJpoP7Pc7i V6v40WnvWOq84hRhw2K_WUARDfom0pRe1fyfSHzR7x1MjEi9opOzykxjd_K5zhAFROyIcRXDsuiC 5hhNEzLVcBiYCwe3TTUQs0zlWPaj9hWt6UiwryOwGeHsj7yRKJlGZC2G5Hmh_QozIJ0lo02mz2Zq wrUZASTxplXy8kCvRTAPrlHrmc3vVVJ9Rkx0NaYN8XOSJD3j1er_k4fTuayo46TrBtCMxtIdk7B1 ICILsQSjRYSMPFLXuXumQ0R7WMRxgKSqVFj.j5NiRfMICmeEJxSw71lo49oMY4nLZc640CJmcxQ3 wzvHl5paMLEnBNbLKD_0WCs8JH4hOdpmlFs_GZV1CVmUm9OHM.pA7mmzfrjOzt4mD7b7QekULlJl HYCQ2bXenU_PObd7rW1anDPlgA6fEIdu4ZxfqGWMsqElTDMmhawaveFwxRtUP1ObA9K4bvgZRxDf yk.BkSDNQlUdRRKkhp7lsD9_y2PwxV8f.l_7co5pusfaPW2E- X-Sonic-MF: X-Sonic-ID: ca65378f-48c5-481e-9bac-d2b9d7e6188b Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:46:29 +0000 Received: by hermes--production-gq1-5d95dc458-rx7kt (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2439121b4758407954183c0b5224f0f9; Tue, 10 Sep 2024 18:46:26 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 12/13] Use lsm_prop for audit data Date: Tue, 10 Sep 2024 11:41:24 -0700 Message-ID: <20240910184125.224651-13-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the secid in the netlbl_audit structure with an lsm_prop. Remove scaffolding that was required when the value was a secid. Signed-off-by: Casey Schaufler --- include/net/netlabel.h | 2 +- net/netlabel/netlabel_unlabeled.c | 5 +---- net/netlabel/netlabel_user.c | 7 +++---- net/netlabel/netlabel_user.h | 6 +----- security/smack/smackfs.c | 4 +--- 5 files changed, 7 insertions(+), 17 deletions(-) diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 654bc777d2a7..37f5a290f040 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -97,7 +97,7 @@ struct calipso_doi; /* NetLabel audit information */ struct netlbl_audit { - u32 secid; + struct lsm_prop prop; kuid_t loginuid; unsigned int sessionid; }; diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 5925f48a3ade..1bc2d0890a9f 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1534,14 +1534,11 @@ int __init netlbl_unlabel_defconf(void) int ret_val; struct netlbl_dom_map *entry; struct netlbl_audit audit_info; - struct lsm_prop prop; /* Only the kernel is allowed to call this function and the only time * it is called is at bootup before the audit subsystem is reporting * messages so don't worry to much about these values. */ - security_current_getlsmprop_subj(&prop); - /* scaffolding */ - audit_info.secid = prop.scaffold.secid; + security_current_getlsmprop_subj(&audit_info.prop); audit_info.loginuid = GLOBAL_ROOT_UID; audit_info.sessionid = 0; diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 3ed4fea2a2de..81635a13987b 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -98,10 +98,9 @@ struct audit_buffer *netlbl_audit_start_common(int type, from_kuid(&init_user_ns, audit_info->loginuid), audit_info->sessionid); - if (audit_info->secid != 0 && - security_secid_to_secctx(audit_info->secid, - &secctx, - &secctx_len) == 0) { + if (lsmprop_is_set(&audit_info->prop) && + security_lsmprop_to_secctx(&audit_info->prop, &secctx, + &secctx_len) == 0) { audit_log_format(audit_buf, " subj=%s", secctx); security_release_secctx(secctx, secctx_len); } diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h index 39f4f6df5f51..d4c434956212 100644 --- a/net/netlabel/netlabel_user.h +++ b/net/netlabel/netlabel_user.h @@ -32,11 +32,7 @@ */ static inline void netlbl_netlink_auditinfo(struct netlbl_audit *audit_info) { - struct lsm_prop prop; - - security_current_getlsmprop_subj(&prop); - /* scaffolding */ - audit_info->secid = prop.scaffold.secid; + security_current_getlsmprop_subj(&audit_info->prop); audit_info->loginuid = audit_get_loginuid(current); audit_info->sessionid = audit_get_sessionid(current); } diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index e22aad7604e8..96e7cfc45e21 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -182,11 +182,9 @@ static inline void smack_catset_bit(unsigned int cat, char *catsetp) */ static void smk_netlabel_audit_set(struct netlbl_audit *nap) { - struct smack_known *skp = smk_of_current(); - nap->loginuid = audit_get_loginuid(current); nap->sessionid = audit_get_sessionid(current); - nap->secid = skp->smk_secid; + nap->prop.smack.skp = smk_of_current(); } /* From patchwork Tue Sep 10 18:41:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13799232 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic306-26.consmr.mail.ne1.yahoo.com (sonic306-26.consmr.mail.ne1.yahoo.com [66.163.189.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 20F441A707B for ; Tue, 10 Sep 2024 18:46:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.88 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993994; cv=none; b=UDlAkPskPA6TGHYdGxAnmul3wcSqFEP0PZIsELbawsFdbCr/q14QagTmyvG4CBf9sgVgW5VRXDcCg+eRwpoGnQfsYyQzk1cl96gvJW31Jo8FsbW/1v+s29oS+HHDs4QGifuRUJkqOWaaz4syz3NWsQTqpQssniGzaukMM/TeUP4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725993994; c=relaxed/simple; bh=2qqQ0z3D+2ZjCCq07OJJJlzqS2fA4B7I9fk5In9Guvw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GYqKTQz800mL92LCHfWoO+01PJcVCQb1HfbBgajkS5xdfYtM3aDBqO2Fz7EQ+bDqcAn1mpGcIP+/upObKLaHdR7BWDgSTEnLMloLioXJDt7Dd1qh/F8Kg6/OJLCm3rvt7/0ZRCxFqNPfeE+ixS1Kx0c35qgTWe3RTbGtCHy96JQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=HocppcJD; arc=none smtp.client-ip=66.163.189.88 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="HocppcJD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993992; bh=3E0uhKbbsti/31w7Y2vn8vl2KCCg7vNL8Prj7v5QvvM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=HocppcJDuUDoI5MTgXavveIxmLWxfQrbTf1mJrCIYKCtoooN7FP9KPSCRkjoN70wgL1nt7GpH4N6uIvgGRjo8Il3OmWpyWXxWqA5csC4ODldmSSSPdxTp9wH4cQ+x6zwx6dRujtNh4yNHuH8B4eJ8OUWK1nnaeYIysoq0YQBvMgDYtwiVs7sea9vHHxVRgFEGVHpKzZKcnf+ouysN7hye0gNJOT9K6ONrkcN33r9HHwn7vT9tDut1KsywE1fDeeDELrXWq7+AxOdDRq0CKkgSPBtO41K8HFMjeYy0FNqZmNmtP00Ksgt7fOs2R2IGq/IsSOLTir46oK1TRAZriuxRA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1725993992; bh=m8oMulnKYQb/AESAh3/zts2m12AJ/Vc62CVThC18uOP=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Y4cMh8Q4mKX5ZqMRXMC/mebzxGmuXUS9saAaSM9KxK4pjV5v95DtDaFSY+5UrBmLQ/Q/EgmO0lWj244lVa+AZt4yP30A8ycuaOTBBm9Xg6x39OntvH3i/lvTcMHCJ6gvDCN+I+xEhqmANVl+H4q8pDkrzmS8Unrhat7IoWei+UEz6MYsZNTUzI7tZ0twrVhGfbKCocZGJgg3XF096nKEcBRpU/XIlByeKtOtMcyMwA3MmbpI5dfUnoRG6uYKbW9wZcGKPUfaSzpvfePEZO4l1IJZeryDJBPfMYCHiW9MKMCdUh7DsvX4z2saEh8/A3ONI49m0CqZ4yE/1gL1+psLeg== X-YMail-OSG: XImXzEYVM1miACWdEvitI4BuG19vLEgJEeW1Po4o0fmct88cOsZl3UTw9eaqnJl Z2BO0XvPkBXvzd1b9AkfO4renWur3NNJvdKMtVSuJifF4uqK2_yApEDMfBq4qhFbwyZS1flZg3LE ULcoPuFWB4hp4FuvVlWlGIUBgTPctvPIdsEjlrHRylwtXcNqO6C6OK_WhIOhGD3y3q3QBlnq2fOe mL.dcf.f1KxjJYYl05OIcO6eTybvTKb53efdOloziu6OLvt1zGOWqpqVHUv0LjMZwbYrEndBeRyZ Adv.RoTEkj4MwQNPrx4o87iwe_fEnLk9LLDTCTYdC726KL_IQp5.niHk8m3AhZf3gOQ16JNGv_vK YB18giQdEZaEUb5RnEG5aqep8CU6YFUmqfYmqUzEgP0vwV7Lhs4JN.CY_hEuzQvNE03i2f1_bSWN htINe7aNv0Qo10ii4gAUey34mgbvTqXmZ7xlnf2Y1CaixSW0YGpNGaPvjG_eK8xk_51oBEF8Jxk2 ocD0f0rN_Y2mBETrBmlGo_s81lSWdnvNUSJqu7RNRW2P9iRu85Q.XJTEsOvmo6PUIoGveoknMezt RUZ3O0J6wL2s28E2uXr21rIHg1sNHEElbjWWpP2JX8ATXTNqUKW61cEJbCDWS4YEKGPRc1QmhW8D oEBNoUPwmCdldcvVL8.ajkrfdEJJpn6lLDr8IUo54_MPPkn2k95.QulG8IEhnGNc.7Fcv.7aq7OD FFh8PlcBOcgFA8IRSiC_uQ0sF1n5zC1LLtXcDhSwtTmgFsGNWkt88oH8E8uR1BQ6ek8YNtsmOkks 6us8zhV1A1qaCJrok01BC5Szhg2xkUuMJUkn9udKWTpnSmYYVianJRiG_dJGINljC98U1Ezq98tv TRGRd_ZKqTrVQqiu0ZSOClXwbXHlDl6STfzwTt.4BulvjHO61l4IqS9y75UjCXbc8St1XJeaBC3E cIdabb021gIlscmwKOJHnt7N_.Ssphl6Q6MDmOeN_PkMLWYgR5OiJJY.4Fw.9IdtFENcPiGVBjC6 ghJQG0039mal6uTJBQs10yMPhIIpuDTZSHzS.B2Xma0TYXxfp4xgEIpKe8U3mCNsMi_2AEr5Z5e2 qd50PZubfM4cJykI5yDL.g9T_LHzVlprRG5SGU.j5stKP.qxLeh3aZhp7v4xlgfTrH1E2JQQWfsg ilgQ2rH7DpRoqokHUv2KfHniqz6p1Mw2QXg3DBQZCpwyeWuJKctrPgc81zDikSt1o3bk3MxxPahH D9S7nTUlnzWl8pUJ2dEZ4YbdEvsCArUWiivbNtg_JKs_7ORRH5LPk6bCz.5Qbwk15.kYx7RxkegV rvmwRy9xfLJedijx886TtqtrkKrGPDin.Jp6tjXk6uXn_aenaOsa7iLW5iQioR6XwDyRTmSN6fgv ZoKWCYZRrZAyaIyPeA7_iX5Y2B1F5moU0qdNIIgLj5tvADQ3RPeYjT7YNvVUa4OBUrAPJ.hLsWi4 gizWunNPHJeI7vvlgC.vMvQ5qNVpjJRaIGle81D4PpX1988MSI6TfUmdRnCMyPY93t.ucpNqT4uN VIqkXqoLPVuEOEq3eUXAetgDOTj8ehEj27n2fqdsGLuRbgj1HMwf.9xMs7pQ2yTz6LNV_FKFD15X crxctLPjPgPyz_bQsUiMKNG3wOWE7njOZDD_N7GylHciG5NdVqMNHWcIUN7buv9txD0oxfixDjaE vrS_vABEhpXFlCESXzWgNN1ow1PcFQc1QhVpdB0VaxegK.IWBNVLc1mIO5vuhwU0hmKpklW43GgZ ObT_uUcBDKbsp3it29TPI3hKen1A2wosl5cfyQpoDsQ_u_N2H1rOAn.j.l4U3QbQyP11tbgDFR1L dPZ8R5U5RB5W6E6uXsruF2oLGJthMjsUv5iKX8Hb47mfV720kwtB6N8NDQK17swFhsmmAmRm6yTP LyLnQBjaky4H1XCqAj5rMyU4e_MFbq.s5k2iboUox6mIeHtrZDpKSv6tKP1lBd3cLC_G0XXPpb1y Oa5Q8pETULkshA4c3gdvEnTBgBy4HPPQSgMZiKyPeMCFG5uh8N9TlFMw_JRb5xSqaizPFOF3TJAt JyOjnKiGy3yuSePfv7F2fxKsdmAzSTZzWwcwBLm3cA6T8O1GYiHeJOgqXAAv27_ePNgruPiTodGx j6KajWAjvrgTwZvpFPg0zS2sAhmNELMvqulBqm51GdHRsXYNOgt5dkD0Su73yYsZRQ40lX3akTcv Gqsf9YqLuUreu6AK.1BA6OxncCISA0JtQH3Ji5tx.dVUQNLWvMY3aS8Ji2jrDoHjMXztgW2G0ERV lXKupt_4U.kQCYO2m3DGNtg4AASSDpiQeRI8gY4Y1ds_7l8pn X-Sonic-MF: X-Sonic-ID: e3b90c14-4915-4e9e-ac5f-a48a4646717c Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Tue, 10 Sep 2024 18:46:32 +0000 Received: by hermes--production-gq1-5d95dc458-rx7kt (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2439121b4758407954183c0b5224f0f9; Tue, 10 Sep 2024 18:46:27 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v3 13/13] LSM: Remove lsm_prop scaffolding Date: Tue, 10 Sep 2024 11:41:25 -0700 Message-ID: <20240910184125.224651-14-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240910184125.224651-1-casey@schaufler-ca.com> References: <20240910184125.224651-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Remove the scaffold member from the lsm_prop. Remove the remaining places it is being set. Signed-off-by: Casey Schaufler --- include/linux/security.h | 6 ------ security/apparmor/audit.c | 6 +----- security/apparmor/lsm.c | 4 ---- security/apparmor/secid.c | 6 +----- security/selinux/hooks.c | 18 +----------------- security/selinux/ss/services.c | 4 ---- security/smack/smack_lsm.c | 33 ++++----------------------------- 7 files changed, 7 insertions(+), 70 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index ed13cf5bbe1f..86610ae0a9d2 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -144,11 +144,6 @@ enum lockdown_reason { LOCKDOWN_CONFIDENTIALITY_MAX, }; -/* scaffolding */ -struct lsm_prop_scaffold { - u32 secid; -}; - /* * Data exported by the security modules */ @@ -157,7 +152,6 @@ struct lsm_prop { struct lsm_prop_smack smack; struct lsm_prop_apparmor apparmor; struct lsm_prop_bpf bpf; - struct lsm_prop_scaffold scaffold; }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c index 87df6fa2a48d..73087d76f649 100644 --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -270,11 +270,7 @@ int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) struct aa_label *label; int found = 0; - /* scaffolding */ - if (!prop->apparmor.label && prop->scaffold.secid) - label = aa_secid_to_label(prop->scaffold.secid); - else - label = prop->apparmor.label; + label = prop->apparmor.label; if (!label) return -ENOENT; diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 824a85d2ee85..e2e83519d5c3 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -987,8 +987,6 @@ static void apparmor_current_getlsmprop_subj(struct lsm_prop *prop) struct aa_label *label = __begin_current_label_crit_section(); prop->apparmor.label = label; - /* scaffolding */ - prop->scaffold.secid = label->secid; __end_current_label_crit_section(label); } @@ -998,8 +996,6 @@ static void apparmor_task_getlsmprop_obj(struct task_struct *p, struct aa_label *label = aa_get_task_label(p); prop->apparmor.label = label; - /* scaffolding */ - prop->scaffold.secid = label->secid; aa_put_label(label); } diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 34610888559f..6350d107013a 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -102,11 +102,7 @@ int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, { struct aa_label *label; - /* scaffolding */ - if (!prop->apparmor.label && prop->scaffold.secid) - label = aa_secid_to_label(prop->scaffold.secid); - else - label = prop->apparmor.label; + label = prop->apparmor.label; return apparmor_label_to_secctx(label, secdata, seclen); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a523f38faca0..3177d39faf79 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3510,8 +3510,6 @@ static void selinux_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) struct inode_security_struct *isec = inode_security_novalidate(inode); prop->selinux.secid = isec->sid; - /* scaffolding */ - prop->scaffold.secid = isec->sid; } static int selinux_inode_copy_up(struct dentry *src, struct cred **new) @@ -4032,8 +4030,6 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid) static void selinux_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop) { prop->selinux.secid = cred_sid(c); - /* scaffolding */ - prop->scaffold.secid = prop->selinux.secid; } /* @@ -4174,16 +4170,12 @@ static int selinux_task_getsid(struct task_struct *p) static void selinux_current_getlsmprop_subj(struct lsm_prop *prop) { prop->selinux.secid = current_sid(); - /* scaffolding */ - prop->scaffold.secid = prop->selinux.secid; } static void selinux_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop) { prop->selinux.secid = task_sid_obj(p); - /* scaffolding */ - prop->scaffold.secid = prop->selinux.secid; } static int selinux_task_setnice(struct task_struct *p, int nice) @@ -6348,8 +6340,6 @@ static void selinux_ipc_getlsmprop(struct kern_ipc_perm *ipcp, { struct ipc_security_struct *isec = selinux_ipc(ipcp); prop->selinux.secid = isec->sid; - /* scaffolding */ - prop->scaffold.secid = isec->sid; } static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) @@ -6634,13 +6624,7 @@ static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, u32 *seclen) { - u32 secid = prop->selinux.secid; - - /* scaffolding */ - if (!secid) - secid = prop->scaffold.secid; - - return selinux_secid_to_secctx(secid, secdata, seclen); + return selinux_secid_to_secctx(prop->selinux.secid, secdata, seclen); } static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 74b1aafda399..14c583d171fc 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3659,10 +3659,6 @@ int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vru goto out; } - /* scaffolding */ - if (!prop->selinux.secid && prop->scaffold.secid) - prop->selinux.secid = prop->scaffold.secid; - ctxt = sidtab_search(policy->sidtab, prop->selinux.secid); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 4d236a5ea5c6..e5b47342c274 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1655,11 +1655,7 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, */ static void smack_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { - struct smack_known *skp = smk_of_inode(inode); - - prop->smack.skp = skp; - /* scaffolding */ - prop->scaffold.secid = skp->smk_secid; + prop->smack.skp = smk_of_inode(inode); } /* @@ -2162,8 +2158,6 @@ static void smack_cred_getlsmprop(const struct cred *cred, { rcu_read_lock(); prop->smack.skp = smk_of_task(smack_cred(cred)); - /* scaffolding */ - prop->scaffold.secid = prop->smack.skp->smk_secid; rcu_read_unlock(); } @@ -2265,11 +2259,7 @@ static int smack_task_getsid(struct task_struct *p) */ static void smack_current_getlsmprop_subj(struct lsm_prop *prop) { - struct smack_known *skp = smk_of_current(); - - prop->smack.skp = skp; - /* scaffolding */ - prop->scaffold.secid = skp->smk_secid; + prop->smack.skp = smk_of_current(); } /** @@ -2282,11 +2272,7 @@ static void smack_current_getlsmprop_subj(struct lsm_prop *prop) static void smack_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop) { - struct smack_known *skp = smk_of_task_struct_obj(p); - - prop->smack.skp = skp; - /* scaffolding */ - prop->scaffold.secid = skp->smk_secid; + prop->smack.skp = smk_of_task_struct_obj(p); } /** @@ -3473,11 +3459,8 @@ static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) static void smack_ipc_getlsmprop(struct kern_ipc_perm *ipp, struct lsm_prop *prop) { struct smack_known **iskpp = smack_ipc(ipp); - struct smack_known *iskp = *iskpp; - prop->smack.skp = iskp; - /* scaffolding */ - prop->scaffold.secid = iskp->smk_secid; + prop->smack.skp = *iskpp; } /** @@ -4824,10 +4807,6 @@ static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER) return 0; - /* scaffolding */ - if (!skp && prop->scaffold.secid) - skp = smack_from_secid(prop->scaffold.secid); - /* * No need to do string comparisons. If a match occurs, * both pointers will point to the same smack_known @@ -4888,10 +4867,6 @@ static int smack_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, { struct smack_known *skp = prop->smack.skp; - /* scaffolding */ - if (!skp && prop->scaffold.secid) - skp = smack_from_secid(prop->scaffold.secid); - if (secdata) *secdata = skp->smk_known; *seclen = strlen(skp->smk_known);