From patchwork Tue Sep 17 23:51:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13806504 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic305-28.consmr.mail.ne1.yahoo.com (sonic305-28.consmr.mail.ne1.yahoo.com [66.163.185.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F1D71607B2 for ; Tue, 17 Sep 2024 23:52:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.185.154 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617140; cv=none; b=AMCHx2avRLWe1cTb9oDPmyCGpEGdK3rT2TKpQfLtzBNAwm+rx5F+IjDbBWwSjXACAZY7FfkAwjah64YFVepaGXN+Nov+0QmKKqoKyK1/2JrmvzFi/gZsBqN45ExFr8Jh0uWSClhzHykD1QE3homdMbhYvTS/BC97oM+UWi0SJ48= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617140; c=relaxed/simple; bh=pou8xUe0C7VTTiS9qE5Y569/pWfKE9WiY5Fqfo6ibco=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=KoyjuulZEPstQ909UmVC/38UZbZII57/K7OHykptFrI+Vx5N0bbXtTr9+bypY1yTXgTh2WhJmgJHSaJML5XVxWHxUFp5pDqcokK3l9tGIfdViWgINjgvuGiVKL7BC9fqTCxk/9lRox0L/fcHqAnKLEWO9eLZznH/0LQlJSVvw6I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=DaOBpihI; arc=none smtp.client-ip=66.163.185.154 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="DaOBpihI" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617130; bh=BGWO/pKS2OfUbZ0HvCCtljkvg31m71b2sydeASh6V04=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=DaOBpihI/7OoGbqzNbej6A1Wx33NC9jsSFSvrzjylv1AYLlN6cUjl8H9hTwpGVPwKKwVcuFl8qiD1zWrFaAjKyQst0ZcWMGVKk8nCbgq3WEXOJc729qRGcuzlcM5QzZ7ExqPYPooSjs22uTuYmeyaUmMvnF7Wvs/vQ5/yX7Knx1jXn4RrKKNq1gdWGwe72NzWBg6oox2/tdicA3pwMZ1Zkcz1s83PEez5RpWZP2G1xeJqSWN7b2mxR+rmB5WGE2Tm/UJ7KV+gupLKicR041i99d0mKBo0EGBFC4Hmh1FM/PwERegXZWteGQBRqeQ6cCFvdPOdiKZBj1BGUqI6++HDg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617130; bh=sZe524PhSk8Okdcd66JU/NWJPnN2y/nKpMp9nkw8iNX=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=kQHrnJ6O8NSOHSU1uDl/VGMnTq55v0Kzl5jqN5ZDAyZHSA2x8LgdLfk0jBbm7PowV0sK1BlAEQCIJBJcYn7zvLibWdPTEeW4V4A1R47VsXUZS+HlbqWQvG+UMS9xrB+SlE0/CSTSX3WyqIM3aZUbnF69hX90ayf4YcU7CkzH6pVnb0wDQZBotJuNf5zIBtduBBXIAS4dQCwr0wGo8Q4mzA8Q8CpzhnCs2QMsI5YoJIR5U7boK/QlCPT5YH7OgPxQbUAEl+HeNq1XPZWXNLNDUaHO/kWx8f8GkK+qJG/AqTYtspO362m6EOpcYf/16nCVkoMu7P1UW311qGwuixGbcA== X-YMail-OSG: rwP75fsVM1naRvjTGTUmAJGPatOYKoTxJjyR0reRf4sxmgxexndYDRvGO16l5S6 pbhM4Vd8Ld.qugLu_2dNGGQzUpZc0xU62wvItpy91JsLMaljQqvlDUHXbYRK_0xMyH_LdwKU2JkM EKA7dsHVpAAwJLCQmFQvtq0kRtq2wBiEIo138nDTP0Qzk3tcdNqwGbAAhMWTQN3HtootvcuQc4br o9aDaX6pCZhiTuh6LuANzE9FQMwW7RtuwCiwXZI_3BDvPRSUxrAZ33X0zwiSzasS5iBVb1KtA._A awpCSHTODKqhO46aHHy8xgkgoEWM1Zacnpyh_e3hpUdVUwdVWUs3bsWpaZvYBi2F8323NN6re5lt NA2eaf4_d.W4KY0sTbLYhMQxTdejd_e1N0.VshP6ohWuukxL1KNTbnqEfXMFpvRqh.taHRAMlOf. VG76Dvr5HO4a6.f69yPwKhs..SGcbE8xDQ5hwxWUdA8y4UwAwQpdzw2XADLiKWvlWo8w9Q4v3zM2 i5qly0cSMWLXIPsqhE7IAxprIu4SyPTKo8SkVE2i3oGG18u87MDyb6IpJkpMJYlOd7m4pFz7OjsC xmzppbeBDu499347Jfi.oOY4kEgWSYvi4UajwAy4KjV7.RPqa1RfaYz9oovtsqWqgH06QMYzfzHy qpJGbBr.B5oD5qvH6F0iulxBClWn.qkrRH_2apvhdhdSttexh0C.2IyHRAuGw4tuJPFJENkn9vc1 0UqKwfWYN7eMFNJLL5F82TJ4E62kBZjDnsupLxB3jMI23VBTQZFlzp5vEVvh.M6jHVopKah31SE5 JxTiRGMpa4ktTf_nK8hCQ42DREJMz0GuVy5ve0RkdGTvEgV8onojQpkb_pUBM__0vMjyKNCuNokL e708iI1C21ZTbJBlSI4XZKPfvhOMAzOMVMEFb1T.JqmYCmSs3aftA10Cps4i3XAig.SLNrbvMOyf 4nQJPPf0kal5fdWoceWTffhHOD0BjJjDyFrzqAQh6GK9bft4khXbiu5kMKxhQ4wHKgZom78JTXcp 9pAj_5HYI7axKLpVfiGAtiNh2zI5pmVz1Me03h44Z5F0sRqLtim4I71ATs_Vom6jZOgwrwhDStNV UrM6q6NdYRGwZkBmO2lXazvlnf1bTzW5N13VSdDl8wp3BvJGrcjn17Ujz99_H9bv3nGr_07mSJxJ X8hwouUlBaRWjyK8pu0gzigb34rGNWa.g6HPhFLSYPsPeMOpJK1EdgV7s3xEKGX7QoZ63gp0di0l L0erfEh5_ofsC4i_8GIrvQstOIVCogwpAeEhljs4w.htrPTC4s4f_1beOQTPOqJ7MMPL2JZ2mFmg 5OT_B9pKqp8O3pRDb3P2iKH0xDcMS1tGz_zPE5JQOo0Qsg7e29yfZc6MX3JLtQ2Re5gpSu_D5wMV RDLy2A4ihx3YQlfc5khJaLrGT89JK9fCpr6UCznkeOf4rwQdQSQJqizv.ONS.R9RUT5D1FuB9wU0 8uo5Y076bagB22Re4S5wMpAyl7hl2Gxd55AIEFgVk_vKWGt2jHahyE11u8lPJJtBB0MnpOKbxT7U RIGVw51TER952LVLprvwv_nNFd6omoltrBv.zQc7SiBOG.dfmHET1imd9bHSR0ZpOupvTvpO4nMw h7hc_uDV6SWYNYvwUWGGY7DSakEWoh_aXHJbyMFrAHV2tFkoWs4TZvXtKBWTNT0wyNpIhzwgFlqa AV31jtNNq9pyCazd2.47BRp6kBjtg2gbTmfOpGJSCf1.bSj2LxToAIqAQrT7qRU_gWBepSMVJnNa PtOvbGcwKHnQO6UVi1xHFwGoyp.nD5w7KGc.4QyEgGSSIuVrTh6KvCxsHOCz_BRFt9GeRfLec8ET x2l43PGP6QwXqFkX7hNWffHhFyoOpky.v7Z_pfJhwQe5yz8d1iE.8JPALyePPEmuGYZ_XT36S3ym BmC..grdQxXOSk0BYW9QwmbpnR6WSGfl3TBm0jB99OQKWjPqPWRqNWJryz3QQVJ_sNETXwKe98n7 ds9Y3L4IHMqdNuSLn4huP5lZz5GfMCOV6hk2akoJt13TQHzJJOu0RjfJNM2tJZ.62UN3jg259fi5 3KbQ6DN0QuXF6pdtG66.P7024h8urlHVXWubERRp81uosa8bivdm8X0g3KG_R6GxZZJh142HGrdd WiGclDGTHtAdb3za2t7KF57_rwD5ZbBiE3C0aQMmkTUckkAZMLCnucImDOtQzh8cKFhgJcR6o_sp gxg8yxOI_fk02P4A7srwM8705iW63dnX6KoJLE7DzbGaHFsZTipDv9oPDQBdE X-Sonic-MF: X-Sonic-ID: 8bb36148-d7b7-4cec-9731-341893fb31fc Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Sep 2024 23:52:10 +0000 Received: by hermes--production-gq1-5d95dc458-vkwd9 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2b3a84955471b9061a763fb967f12395; Tue, 17 Sep 2024 23:52:06 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, netdev@vger.kernel.org, audit@vger.kernel.org, netfilter-devel@vger.kernel.org, Todd Kjos Subject: [PATCH 1/5] LSM: Replace context+len with lsm_context Date: Tue, 17 Sep 2024 16:51:58 -0700 Message-ID: <20240917235202.32578-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240917235202.32578-1-casey@schaufler-ca.com> References: <20240917235202.32578-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the (secctx,seclen) pointer pair with a single lsm_context pointer to allow return of the LSM identifier along with the context and context length. This allows security_release_secctx() to know how to release the context. Callers have been modified to use or save the returned data from the new structure. security_secid_to_secctx() and security_lsmproc_to_secctx() will now return the length value on success instead of 0. Signed-off-by: Casey Schaufler Cc: netdev@vger.kernel.org Cc: audit@vger.kernel.org Cc: netfilter-devel@vger.kernel.org Cc: Todd Kjos Reviewed-by: Todd Kjos --- drivers/android/binder.c | 5 ++- include/linux/lsm_hook_defs.h | 5 ++- include/linux/security.h | 9 +++--- include/net/scm.h | 5 ++- kernel/audit.c | 9 +++--- kernel/auditsc.c | 16 ++++------ net/ipv4/ip_sockglue.c | 4 +-- net/netfilter/nf_conntrack_netlink.c | 8 ++--- net/netfilter/nf_conntrack_standalone.c | 4 +-- net/netfilter/nfnetlink_queue.c | 27 +++++++--------- net/netlabel/netlabel_unlabeled.c | 13 +++----- net/netlabel/netlabel_user.c | 3 +- security/apparmor/include/secid.h | 5 ++- security/apparmor/secid.c | 26 +++++++-------- security/security.c | 34 +++++++++----------- security/selinux/hooks.c | 23 +++++++++++--- security/smack/smack_lsm.c | 42 +++++++++++++++---------- 17 files changed, 118 insertions(+), 120 deletions(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index b32416f8f9cd..59081edb3370 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -3289,9 +3289,8 @@ static void binder_transaction(struct binder_proc *proc, size_t added_size; security_cred_getsecid(proc->cred, &secid); - ret = security_secid_to_secctx(secid, &lsmctx.context, - &lsmctx.len); - if (ret) { + ret = security_secid_to_secctx(secid, &lsmctx); + if (ret < 0) { binder_txn_error("%d:%d failed to get security context\n", thread->pid, proc->pid); return_error = BR_FAILED_REPLY; diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 418611f21831..95c7640919ba 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -292,10 +292,9 @@ LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) LSM_HOOK(int, 0, ismaclabel, const char *name) -LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata, - u32 *seclen) +LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, struct lsm_context *cp) LSM_HOOK(int, -EOPNOTSUPP, lsmprop_to_secctx, struct lsm_prop *prop, - char **secdata, u32 *seclen) + struct lsm_context *cp) LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) LSM_HOOK(void, LSM_RET_VOID, release_secctx, struct lsm_context *cp) LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) diff --git a/include/linux/security.h b/include/linux/security.h index 432bd4763703..2604ea16cd6d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -569,8 +569,8 @@ int security_getprocattr(struct task_struct *p, int lsmid, const char *name, int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); -int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); -int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, u32 *seclen); +int security_secid_to_secctx(u32 secid, struct lsm_context *cp); +int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(struct lsm_context *cp); void security_inode_invalidate_secctx(struct inode *inode); @@ -1530,14 +1530,13 @@ static inline int security_ismaclabel(const char *name) return 0; } -static inline int security_secid_to_secctx(u32 secid, char **secdata, - u32 *seclen) +static inline int security_secid_to_secctx(u32 secid, struct lsm_context *cp) { return -EOPNOTSUPP; } static inline int security_lsmprop_to_secctx(struct lsm_prop *prop, - char **secdata, u32 *seclen) + struct lsm_context *cp) { return -EOPNOTSUPP; } diff --git a/include/net/scm.h b/include/net/scm.h index f75449e1d876..22bb49589fde 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -109,10 +109,9 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc int err; if (test_bit(SOCK_PASSSEC, &sock->flags)) { - err = security_secid_to_secctx(scm->secid, &ctx.context, - &ctx.len); + err = security_secid_to_secctx(scm->secid, &ctx); - if (!err) { + if (err >= 0) { put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, ctx.len, ctx.context); security_release_secctx(&ctx); diff --git a/kernel/audit.c b/kernel/audit.c index 32a9864c648b..5ae0b26e5d92 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1473,9 +1473,8 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh, case AUDIT_SIGNAL_INFO: if (lsmprop_is_set(&audit_sig_lsm)) { err = security_lsmprop_to_secctx(&audit_sig_lsm, - &lsmctx.context, - &lsmctx.len); - if (err) + &lsmctx); + if (err < 0) return err; } sig_data = kmalloc(struct_size(sig_data, ctx, lsmctx.len), @@ -2188,8 +2187,8 @@ int audit_log_task_context(struct audit_buffer *ab) if (!lsmprop_is_set(&prop)) return 0; - error = security_lsmprop_to_secctx(&prop, &ctx.context, &ctx.len); - if (error) { + error = security_lsmprop_to_secctx(&prop, &ctx); + if (error < 0) { if (error != -EINVAL) goto error_path; return 0; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index f2fed7a37e22..268117628a2c 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1109,7 +1109,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); if (lsmprop_is_set(prop)) { - if (security_lsmprop_to_secctx(prop, &ctx.context, &ctx.len)) { + if (security_lsmprop_to_secctx(prop, &ctx) < 0) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1370,7 +1370,6 @@ static void audit_log_time(struct audit_context *context, struct audit_buffer ** static void show_special(struct audit_context *context, int *call_panic) { - struct lsm_context lsmcxt; struct audit_buffer *ab; int i; @@ -1393,16 +1392,14 @@ static void show_special(struct audit_context *context, int *call_panic) from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); if (lsmprop_is_set(&context->ipc.oprop)) { - char *ctx = NULL; - u32 len; + struct lsm_context lsmctx; if (security_lsmprop_to_secctx(&context->ipc.oprop, - &ctx, &len)) { + &lsmctx) < 0) { *call_panic = 1; } else { - audit_log_format(ab, " obj=%s", ctx); - lsmcontext_init(&lsmcxt, ctx, len, 0); - security_release_secctx(&lsmcxt); + audit_log_format(ab, " obj=%s", lsmctx.context); + security_release_secctx(&lsmctx); } } if (context->ipc.has_perm) { @@ -1563,8 +1560,7 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, if (lsmprop_is_set(&n->oprop)) { struct lsm_context ctx; - if (security_lsmprop_to_secctx(&n->oprop, &ctx.context, - &ctx.len)) { + if (security_lsmprop_to_secctx(&n->oprop, &ctx) < 0) { if (call_panic) *call_panic = 2; } else { diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index a8180dcc2a32..dadbf619b20f 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -136,8 +136,8 @@ static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) if (err) return; - err = security_secid_to_secctx(secid, &ctx.context, &ctx.len); - if (err) + err = security_secid_to_secctx(secid, &ctx); + if (err < 0) return; put_cmsg(msg, SOL_IP, SCM_SECURITY, ctx.len, ctx.context); diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index e02e088b8794..5a93804e5cdb 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -360,8 +360,8 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) struct lsm_context ctx; int ret; - ret = security_secid_to_secctx(ct->secmark, &ctx.context, &ctx.len); - if (ret) + ret = security_secid_to_secctx(ct->secmark, &ctx); + if (ret < 0) return 0; ret = -1; @@ -669,8 +669,8 @@ static inline int ctnetlink_secctx_size(const struct nf_conn *ct) #ifdef CONFIG_NF_CONNTRACK_SECMARK int len, ret; - ret = security_secid_to_secctx(ct->secmark, NULL, &len); - if (ret) + ret = security_secid_to_secctx(ct->secmark, NULL); + if (ret < 0) return 0; return nla_total_size(0) /* CTA_SECCTX */ diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 5f7fd23b7afe..502cf10aab41 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -175,8 +175,8 @@ static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct) struct lsm_context ctx; int ret; - ret = security_secid_to_secctx(ct->secmark, &ctx.context, &ctx.len); - if (ret) + ret = security_secid_to_secctx(ct->secmark, &ctx); + if (ret < 0) return; seq_printf(s, "secctx=%s ", ctx.context); diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index aaf54900de3c..e43767c35930 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -470,18 +470,18 @@ static int nfqnl_put_sk_classid(struct sk_buff *skb, struct sock *sk) return 0; } -static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata) +static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsm_context *ctx) { u32 seclen = 0; #if IS_ENABLED(CONFIG_NETWORK_SECMARK) + if (!skb || !sk_fullsock(skb->sk)) return 0; read_lock_bh(&skb->sk->sk_callback_lock); if (skb->secmark) - security_secid_to_secctx(skb->secmark, secdata, &seclen); - + seclen = security_secid_to_secctx(skb->secmark, ctx); read_unlock_bh(&skb->sk->sk_callback_lock); #endif return seclen; @@ -559,8 +559,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, enum ip_conntrack_info ctinfo = 0; const struct nfnl_ct_hook *nfnl_ct; bool csum_verify; - struct lsm_context scaff; /* scaffolding */ - char *secdata = NULL; + struct lsm_context ctx; u32 seclen = 0; ktime_t tstamp; @@ -635,8 +634,8 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, } if ((queue->flags & NFQA_CFG_F_SECCTX) && entskb->sk) { - seclen = nfqnl_get_sk_secctx(entskb, &secdata); - if (seclen) + seclen = nfqnl_get_sk_secctx(entskb, &ctx); + if (seclen >= 0) size += nla_total_size(seclen); } @@ -775,7 +774,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, if (nfqnl_put_sk_classid(skb, entskb->sk) < 0) goto nla_put_failure; - if (seclen && nla_put(skb, NFQA_SECCTX, seclen, secdata)) + if (seclen && nla_put(skb, NFQA_SECCTX, ctx.len, ctx.context)) goto nla_put_failure; if (ct && nfnl_ct->build(skb, ct, ctinfo, NFQA_CT, NFQA_CT_INFO) < 0) @@ -803,10 +802,8 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, } nlh->nlmsg_len = skb->len; - if (seclen) { - lsmcontext_init(&scaff, secdata, seclen, 0); - security_release_secctx(&scaff); - } + if (seclen >= 0) + security_release_secctx(&ctx); return skb; nla_put_failure: @@ -814,10 +811,8 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, kfree_skb(skb); net_err_ratelimited("nf_queue: error creating packet message\n"); nlmsg_failure: - if (seclen) { - lsmcontext_init(&scaff, secdata, seclen, 0); - security_release_secctx(&scaff); - } + if (seclen >= 0) + security_release_secctx(&ctx); return NULL; } diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 8303bbcfc543..dfda9ea61971 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -437,8 +437,7 @@ int netlbl_unlhsh_add(struct net *net, unlhsh_add_return: rcu_read_unlock(); if (audit_buf != NULL) { - if (security_secid_to_secctx(secid, &ctx.context, - &ctx.len) == 0) { + if (security_secid_to_secctx(secid, &ctx) >= 0) { audit_log_format(audit_buf, " sec_obj=%s", ctx.context); security_release_secctx(&ctx); } @@ -491,8 +490,7 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, addr->s_addr, mask->s_addr); dev_put(dev); if (entry != NULL && - security_secid_to_secctx(entry->secid, &ctx.context, - &ctx.len) == 0) { + security_secid_to_secctx(entry->secid, &ctx) >= 0) { audit_log_format(audit_buf, " sec_obj=%s", ctx.context); security_release_secctx(&ctx); } @@ -550,8 +548,7 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, addr, mask); dev_put(dev); if (entry != NULL && - security_secid_to_secctx(entry->secid, &ctx.context, - &ctx.len) == 0) { + security_secid_to_secctx(entry->secid, &ctx) >= 0) { audit_log_format(audit_buf, " sec_obj=%s", ctx.context); security_release_secctx(&ctx); } @@ -1122,8 +1119,8 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd, secid = addr6->secid; } - ret_val = security_secid_to_secctx(secid, &ctx.context, &ctx.len); - if (ret_val != 0) + ret_val = security_secid_to_secctx(secid, &ctx); + if (ret_val < 0) goto list_cb_failure; ret_val = nla_put(cb_arg->skb, NLBL_UNLABEL_A_SECCTX, diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index f5e7a9919df1..0d04d23aafe7 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -98,8 +98,7 @@ struct audit_buffer *netlbl_audit_start_common(int type, audit_info->sessionid); if (lsmprop_is_set(&audit_info->prop) && - security_lsmprop_to_secctx(&audit_info->prop, &ctx.context, - &ctx.len) == 0) { + security_lsmprop_to_secctx(&audit_info->prop, &ctx) > 0) { audit_log_format(audit_buf, " subj=%s", ctx.context); security_release_secctx(&ctx); } diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index 8b92f90b6921..550a8d3ed527 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -25,9 +25,8 @@ struct aa_label; extern int apparmor_display_secid_mode; struct aa_label *aa_secid_to_label(u32 secid); -int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); -int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, - u32 *seclen); +int apparmor_secid_to_secctx(u32 secid, struct lsm_context *cp); +int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp); int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void apparmor_release_secctx(struct lsm_context *cp); diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 8d9ced8cdffd..5d92fc3ab8b4 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -61,23 +61,21 @@ struct aa_label *aa_secid_to_label(u32 secid) return xa_load(&aa_secids, secid); } -static int apparmor_label_to_secctx(struct aa_label *label, char **secdata, - u32 *seclen) +static int apparmor_label_to_secctx(struct aa_label *label, + struct lsm_context *cp) { /* TODO: cache secctx and ref count so we don't have to recreate */ int flags = FLAG_VIEW_SUBNS | FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT; int len; - AA_BUG(!seclen); - if (!label) return -EINVAL; if (apparmor_display_secid_mode) flags |= FLAG_SHOW_MODE; - if (secdata) - len = aa_label_asxprint(secdata, root_ns, label, + if (cp) + len = aa_label_asxprint(&cp->context, root_ns, label, flags, GFP_ATOMIC); else len = aa_label_snxprint(NULL, 0, root_ns, label, flags); @@ -85,26 +83,28 @@ static int apparmor_label_to_secctx(struct aa_label *label, char **secdata, if (len < 0) return -ENOMEM; - *seclen = len; + if (cp) { + cp->len = len; + cp->id = LSM_ID_APPARMOR; + } - return 0; + return len; } -int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +int apparmor_secid_to_secctx(u32 secid, struct lsm_context *cp) { struct aa_label *label = aa_secid_to_label(secid); - return apparmor_label_to_secctx(label, secdata, seclen); + return apparmor_label_to_secctx(label, cp); } -int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, - u32 *seclen) +int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp) { struct aa_label *label; label = prop->apparmor.label; - return apparmor_label_to_secctx(label, secdata, seclen); + return apparmor_label_to_secctx(label, cp); } int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) diff --git a/security/security.c b/security/security.c index 4f73cc52ad5d..58f5fe1eb6c0 100644 --- a/security/security.c +++ b/security/security.c @@ -4190,40 +4190,36 @@ EXPORT_SYMBOL(security_ismaclabel); /** * security_secid_to_secctx() - Convert a secid to a secctx * @secid: secid - * @secdata: secctx - * @seclen: secctx length + * @cp: the LSM context * - * Convert secid to security context. If @secdata is NULL the length of the - * result will be returned in @seclen, but no @secdata will be returned. This + * Convert secid to security context. If @cp is NULL the length of the + * result will be returned, but no data will be returned. This * does mean that the length could change between calls to check the length and - * the next call which actually allocates and returns the @secdata. + * the next call which actually allocates and returns the data. * - * Return: Return 0 on success, error on failure. + * Return: Return length of data on success, error on failure. */ -int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +int security_secid_to_secctx(u32 secid, struct lsm_context *cp) { - return call_int_hook(secid_to_secctx, secid, secdata, seclen); + return call_int_hook(secid_to_secctx, secid, cp); } EXPORT_SYMBOL(security_secid_to_secctx); /** * security_lsmprop_to_secctx() - Convert a lsm_prop to a secctx * @prop: lsm specific information - * @secdata: secctx - * @seclen: secctx length + * @cp: the LSM context * - * Convert a @prop entry to security context. If @secdata is NULL the - * length of the result will be returned in @seclen, but no @secdata - * will be returned. This does mean that the length could change between - * calls to check the length and the next call which actually allocates - * and returns the @secdata. + * Convert a @prop entry to security context. If @cp is NULL the + * length of the result will be returned. This does mean that the + * length could change between calls to check the length and the + * next call which actually allocates and returns the @cp. * - * Return: Return 0 on success, error on failure. + * Return: Return length of data on success, error on failure. */ -int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, - u32 *seclen) +int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp) { - return call_int_hook(lsmprop_to_secctx, prop, secdata, seclen); + return call_int_hook(lsmprop_to_secctx, prop, cp); } EXPORT_SYMBOL(security_lsmprop_to_secctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2b027c08168f..01e44a14d3d4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6616,15 +6616,28 @@ static int selinux_ismaclabel(const char *name) return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); } -static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static int selinux_secid_to_secctx(u32 secid, struct lsm_context *cp) { - return security_sid_to_context(secid, secdata, seclen); + u32 seclen; + u32 ret; + + if (cp) { + cp->id = LSM_ID_SELINUX; + ret = security_sid_to_context(secid, &cp->context, &cp->len); + if (ret < 0) + return ret; + return cp->len; + } + ret = security_sid_to_context(secid, NULL, &seclen); + if (ret < 0) + return ret; + return seclen; } -static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, - u32 *seclen) +static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, + struct lsm_context *cp) { - return selinux_secid_to_secctx(prop->selinux.secid, secdata, seclen); + return selinux_secid_to_secctx(prop->selinux.secid, cp); } static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e5b47342c274..e85efe894ac3 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4836,22 +4836,35 @@ static int smack_ismaclabel(const char *name) return (strcmp(name, XATTR_SMACK_SUFFIX) == 0); } +/** + * smack_to_secctx - fill a lsm_context + * @skp: Smack label + * @cp: destination + * + * Fill the passed @cp and return the length of the string + */ +static int smack_to_secctx(struct smack_known *skp, struct lsm_context *cp) +{ + int len = strlen(skp->smk_known); + + if (cp) { + cp->context = skp->smk_known; + cp->len = len; + cp->id = LSM_ID_SMACK; + } + return len; +} + /** * smack_secid_to_secctx - return the smack label for a secid * @secid: incoming integer - * @secdata: destination - * @seclen: how long it is + * @cp: destination * * Exists for networking code. */ -static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static int smack_secid_to_secctx(u32 secid, struct lsm_context *cp) { - struct smack_known *skp = smack_from_secid(secid); - - if (secdata) - *secdata = skp->smk_known; - *seclen = strlen(skp->smk_known); - return 0; + return smack_to_secctx(smack_from_secid(secid), cp); } /** @@ -4862,15 +4875,10 @@ static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) * * Exists for audit code. */ -static int smack_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, - u32 *seclen) +static int smack_lsmprop_to_secctx(struct lsm_prop *prop, + struct lsm_context *cp) { - struct smack_known *skp = prop->smack.skp; - - if (secdata) - *secdata = skp->smk_known; - *seclen = strlen(skp->smk_known); - return 0; + return smack_to_secctx(prop->smack.skp, cp); } /** From patchwork Tue Sep 17 23:51:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13806505 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7ED05192D73 for ; Tue, 17 Sep 2024 23:52:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617143; cv=none; b=GIVnSume2d33hT4fwzqu+YvcguaSYgddqXInCoIT3utlsw5T7NjRt+3LgUjo8GU6g8k7zu95ugvRxiOAnU1ZAL4N0z4VooTVvo3oDtToyubd+Yjyr0m4ZRhWM1TWw3clI8iQD9kfezbusreQBE1pf5lQBZP2Fy5a0CamL7VvKnM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617143; c=relaxed/simple; bh=ZJapXEMnEXjgBf06xr4rChcIXxCqKNBmTicTTIaZzMw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=HSUAGGq4025dAaHFJ+QN5RsGjHGpB0oj8B57LaMjecZ6N2JSnA9PZLE0GH73ZxAsm2TKqTeN+jm9aH06Ky58MFZDmyGB5sJmNz4X05b/qtea24XaVRQIbWkkkpArEGUQDxwCs3Qro7rQySl2WKxW9c5waMlifFxoX/e9OqGqmJs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=hn/ISBsz; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="hn/ISBsz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617134; bh=HwhEZurlYPiZoyXWG+yVjdL1lvyaBQOOmbnCAkgpOgU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=hn/ISBszt/ucqkndJ37AwhMFcS2RPrSLt3sUfJ114vhXf72zEBCMn1ehEth4NnvWiFXFdbX1iDXK56+iNqCU3xo72KZZD4ylDmp1Z6JQoJu/i3D2g+uzQ9yhi3ymAVaffNaEhN42kLsBVD4RoneCppEAuB8TPz4pVrNredQDqgnxoKJvL2ky8OU4FhViMgNHXuBhFGt7l2hL6eE9BlK/tlThHi4cZMXtCViQp49FrLTB6Nqdag1mlAqGHMbQI3EQF/n1Z0SkOGaD2S9iURhkE8nhmvbd7ZbjIbbAFlqSblxbWVAXULQ4ofxIm1/YoJThk/o4VRMqtaM15Ro+zTjsSg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617134; bh=lISlh75gMieUPMDXvfvrMaj4OjKFG8pVzDeO6XmhFKy=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=CTniH1a1A/DnU5wi+pg/Z1XXzRFpmIPxHwRak7XPEo1GiVqvrJZK1FHqLfuduO3TYQYbspWyjktOh2IWSFgr7bZnolew7BjNzwFYZ7dzAuc5yxOP/hgw9gMTbr+B88QgMM9Z6YOHSM+jYjqip6mv7braUBYlwW6U0ZkjSHyw8z2pHmsvpcqSmOiEulflS4SIcUucXadvcgyF6s2kND9BVz3TERW9QAMiRFh/eFW5t0Gu/19r9iH51xKhsCiQbnhL6xCGiT5BUBufdt4kkki6mru7MAAakTJ3X53LBug2l35G7gXb7vv8rh2Tyjrk/MnH7BBCMEvSyAn0s/drX3K43Q== X-YMail-OSG: PjiI3z4VM1lDQy1_qkAqfZw0aQe2txnsei_yB7idHvq3SRDsjusSVAKXkRR_2IW 4DH8pY7kC9iPqnKEnh_409WSyKCD1UDUd9XJqKrgb9COOKggEypinafxN7QfwrkqglNM3uXI8ncl Im4SAwemauBsLvVQjC1iQ0wR0ukWOkKoK8D5utTeM6suq_TYbBqnK0SEO6nMl83KsElLANWqcQmF PJAbBs61tkV1Voyr_VbvV4f0JmhfawrD9RFqptxiLxGBaQ1FdeOnltGiqKKp27Ipw6YLIKlQxqRU mQFPjdKgpyYkNo1gG.cpf9qHKQ9rkdcMbmXaZ1wIZrg4gtUlh7fqrj6dCnFRjA.2uAG1R4ecmhpi 3LjFbU8O646NsaQKOzm2jF8Dm8txPXUnmot5iC5Cm6qbVQWCjcTDF5KU1c_qqBEGr_3Vrl0L6HKd QIV7OXM0YtPLA1eQdy9WV6__WusJw0rz13ji2.FkS4HoOB3loDRDwNB74jNtkAujE19v2aDf3XnR 3laQRdX_otpwi9P90uy0An1bzzOKt7po0ov1as3FJlwroFhgUs3eJGqJM7yp2OtCjlMosp24IVmH 1COYffCKB9Jk7fri.3LDk3td8VDFvwGYX5mblu0kjKI9d1eM3eUL7VSBL5K6lkGqcieOvV6gJ7l7 LS2kSGVIzMEXi7UNoGj48nDF2OwrmsB8Ch32n6gcuDJhm_taAEGY_fV8u0WQshI9FN1sFjJHH1z2 iCfUDpaJTpEiI.hGXzb.QWUQDc3scXw4v5AADzJcLBJeZAl3biM_9K5nx5jwJWET_sZOH_jeyhsy wGimvYxE2ykE7PyECVgmdw9ZNGIdHZDZtJMtUcNZBiTTJOKePXZl.1PjqGp.2AqIlUOZtV7AIxxm VVuBYbqzLZvPEusHBhOF7c8Md5JsALyh3lErhFqPvNJ_97xBaQXDQIQRJYZ3q7ym.eMUgPgFpxlc Yi6svVbz6vUBeB61mPoxevbpUVnDJGlICioGT45Fm2VnDQZyEwxGPovVOOdN9uoRTldES2XM7LXP mzTXnX3WjFGsKrKqW4EJKWIILIuhAEx71Dyd60aR_nJSRsiZJUapBWNfHhXIlVLwdmJa_uyUyNmM P9Ky5xw7m_WHBCIrWGaIM7rb_Sswdw8O4ptrDLGHcDQdxZnXXML7_M_Bx2NS5WM3HR.u6aKn5exa W79bBLDFaO7i7GLDdd4s7WAAOGSXBFtX10Ipi.BJkTuOcFwl7.w_TnT6bS5t_m0ILnuPJT8fOIi_ 2NAUNsX0Q1x_RtmuBZQy9IkdinlbGPWLt2CBGCkcxQtebKisI2hG_hNzLWY1VvE2Qm34ddm37N4z qMxCWlId35q9Capjpo3AQ8sgrUKir00Mq.Ih2v360a_Uc.NRCnnRim98g7q_6OignaeqijNsAGyq 0dhWdIQ3tO8CiE44Lsqy.D1jDInIsTphnTMFpAtWcGmiorecsUTOdJ0xp1xaPp7J65S1QSd_Y1kP 8hor8Oaw2JfOKSYyKdY_GZ_k_.E..PalE9bSGwTBbjF136YBtWC76KH.5oT8pLofqwa2hEJLI1vI Uw8jTwb9uRn0EHnHXuWn5xPSwGJq5H2uKu9e8LhPhqbm8USYJpWDw3QeNXhRNq6hJ4yUaIE9ZKqK 7S9Bpiv7JsywAH71gc275nD_4j8FkcWm0VtN4ewNPPGsK9342rkZ_FE2FQQIdkW8kmsBc.VrfMoY rcwRO_DT42yR1zRL.tLG5jEvL5NLTCgxMn07PAJTpm8bGA0kPZawKFQuujsWAch9mRA0Gh.DwN_x .Xyp6fA5xdA_yzxeUsdSqyfd6PdbW.O3l0B8xIYKJybz_c9K3yCa2UZ39Uyq3bsTAPxgYAaeoyW2 Jpjhp15QMIh_GUyoxZ8utpMyjVW8Z8vbVsNMpYU8bKxD3sznTXysZajTzwkfQSgsSFJwRVzMByss TLsc6hMQZz2g6qx_DREwSEuIp0e1mjdyzme.1bm83sbJca_LcrW.Img_SWSGedq1Zc80FqL2x2bT 81VijF8I.QkOswk8sT3.hcyfuqyRdm4WLP_4z7FjxbA.sGC3G.R3Fi8ptkcJYosZhceCLOkydUIu Y8GbuUwTl1ddMY_ixQVY3vF.9_4Ew93fZCfFexXnazl6v3had.HCd9d5wHPWZdvqyhVF8zqM.VLK Kdq8F6kuJyiVv5LJGlU6LM53q2iW38dUHRNDxfhlShk6biypSbRh9RYbZ36L7coF3QVAapaoumQG 9Cbk2mh8bDRMy_py1C3OlQlyQG6WzTah324uUSQNa5lnttjE4Qq8wjyB8Vi_TVSJbf8Q_tCYr357 eCocGmW2t95xAqkNdauxxZFpD9lhBghMgdZdhUdM- X-Sonic-MF: X-Sonic-ID: 0366572a-28d2-41bb-b886-5bf0c27a477b Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Sep 2024 23:52:14 +0000 Received: by hermes--production-gq1-5d95dc458-vkwd9 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2b3a84955471b9061a763fb967f12395; Tue, 17 Sep 2024 23:52:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-nfs@vger.kernel.org Subject: [PATCH 2/5] LSM: Use lsm_context in security_inode_getsecctx Date: Tue, 17 Sep 2024 16:51:59 -0700 Message-ID: <20240917235202.32578-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240917235202.32578-1-casey@schaufler-ca.com> References: <20240917235202.32578-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the security_inode_getsecctx() interface to fill a lsm_context structure instead of data and length pointers. This provides the information about which LSM created the context so that security_release_secctx() can use the correct hook. Signed-off-by: Casey Schaufler Cc: linux-nfs@vger.kernel.org --- fs/nfsd/nfs4xdr.c | 25 +++++++++---------------- include/linux/lsm_hook_defs.h | 4 ++-- include/linux/security.h | 5 +++-- security/security.c | 12 ++++++------ security/selinux/hooks.c | 10 ++++++---- security/smack/smack_lsm.c | 7 ++++--- 6 files changed, 30 insertions(+), 33 deletions(-) diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index c797cd7b2148..97d9875246fe 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -2835,11 +2835,11 @@ static __be32 nfsd4_encode_nfsace4(struct xdr_stream *xdr, struct svc_rqst *rqst #ifdef CONFIG_NFSD_V4_SECURITY_LABEL static inline __be32 nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, - void *context, int len) + const struct lsm_context *context) { __be32 *p; - p = xdr_reserve_space(xdr, len + 4 + 4 + 4); + p = xdr_reserve_space(xdr, context->len + 4 + 4 + 4); if (!p) return nfserr_resource; @@ -2849,13 +2849,13 @@ nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, */ *p++ = cpu_to_be32(0); /* lfs */ *p++ = cpu_to_be32(0); /* pi */ - p = xdr_encode_opaque(p, context, len); + p = xdr_encode_opaque(p, context->context, context->len); return 0; } #else static inline __be32 nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, - void *context, int len) + struct lsm_context *context) { return 0; } #endif @@ -2938,8 +2938,7 @@ struct nfsd4_fattr_args { struct nfs4_acl *acl; u64 size; #ifdef CONFIG_NFSD_V4_SECURITY_LABEL - void *context; - int contextlen; + struct lsm_context context; #endif u32 rdattr_err; bool contextsupport; @@ -3394,8 +3393,7 @@ static __be32 nfsd4_encode_fattr4_suppattr_exclcreat(struct xdr_stream *xdr, static __be32 nfsd4_encode_fattr4_sec_label(struct xdr_stream *xdr, const struct nfsd4_fattr_args *args) { - return nfsd4_encode_security_label(xdr, args->rqstp, - args->context, args->contextlen); + return nfsd4_encode_security_label(xdr, args->rqstp, &args->context); } #endif @@ -3617,12 +3615,11 @@ nfsd4_encode_fattr4(struct svc_rqst *rqstp, struct xdr_stream *xdr, args.contextsupport = false; #ifdef CONFIG_NFSD_V4_SECURITY_LABEL - args.context = NULL; if ((attrmask[2] & FATTR4_WORD2_SECURITY_LABEL) || attrmask[0] & FATTR4_WORD0_SUPPORTED_ATTRS) { if (exp->ex_flags & NFSEXP_SECURITY_LABEL) err = security_inode_getsecctx(d_inode(dentry), - &args.context, &args.contextlen); + &args.context); else err = -EOPNOTSUPP; args.contextsupport = (err == 0); @@ -3659,12 +3656,8 @@ nfsd4_encode_fattr4(struct svc_rqst *rqstp, struct xdr_stream *xdr, out: #ifdef CONFIG_NFSD_V4_SECURITY_LABEL - if (args.context) { - struct lsm_context scaff; /* scaffolding */ - - lsmcontext_init(&scaff, args.context, args.contextlen, 0); - security_release_secctx(&scaff); - } + if (args.context.context) + security_release_secctx(&args.context); #endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ kfree(args.acl); if (tempfh) { diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 95c7640919ba..8090952b989e 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -300,8 +300,8 @@ LSM_HOOK(void, LSM_RET_VOID, release_secctx, struct lsm_context *cp) LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) LSM_HOOK(int, 0, inode_notifysecctx, struct inode *inode, void *ctx, u32 ctxlen) LSM_HOOK(int, 0, inode_setsecctx, struct dentry *dentry, void *ctx, u32 ctxlen) -LSM_HOOK(int, -EOPNOTSUPP, inode_getsecctx, struct inode *inode, void **ctx, - u32 *ctxlen) +LSM_HOOK(int, -EOPNOTSUPP, inode_getsecctx, struct inode *inode, + struct lsm_context *cp) #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) LSM_HOOK(int, 0, post_notification, const struct cred *w_cred, diff --git a/include/linux/security.h b/include/linux/security.h index 2604ea16cd6d..94bcb4c69a9c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -576,7 +576,7 @@ void security_release_secctx(struct lsm_context *cp); void security_inode_invalidate_secctx(struct inode *inode); int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); -int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); +int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp); int security_locked_down(enum lockdown_reason what); int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len, void *val, size_t val_len, u64 id, u64 flags); @@ -1564,7 +1564,8 @@ static inline int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 { return -EOPNOTSUPP; } -static inline int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +static inline int security_inode_getsecctx(struct inode *inode, + struct lsm_context *cp) { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index 58f5fe1eb6c0..5a739279ed49 100644 --- a/security/security.c +++ b/security/security.c @@ -4312,17 +4312,17 @@ EXPORT_SYMBOL(security_inode_setsecctx); /** * security_inode_getsecctx() - Get the security label of an inode * @inode: inode - * @ctx: secctx - * @ctxlen: length of secctx + * @cp: security context * - * On success, returns 0 and fills out @ctx and @ctxlen with the security - * context for the given @inode. + * On success, returns 0 and fills out @cp with the security context + * for the given @inode. * * Return: Returns 0 on success, error on failure. */ -int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { - return call_int_hook(inode_getsecctx, inode, ctx, ctxlen); + memset(cp, 0, sizeof(*cp)); + return call_int_hook(inode_getsecctx, inode, cp); } EXPORT_SYMBOL(security_inode_getsecctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 01e44a14d3d4..159837b4ee41 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6687,14 +6687,16 @@ static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) ctx, ctxlen, 0); } -static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +static int selinux_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { - int len = 0; + int len; len = selinux_inode_getsecurity(&nop_mnt_idmap, inode, - XATTR_SELINUX_SUFFIX, ctx, true); + XATTR_SELINUX_SUFFIX, + (void **)&cp->context, true); if (len < 0) return len; - *ctxlen = len; + cp->len = len; + cp->id = LSM_ID_SELINUX; return 0; } #ifdef CONFIG_KEYS diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e85efe894ac3..b443859948e9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4918,12 +4918,13 @@ static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) ctx, ctxlen, 0); } -static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +static int smack_inode_getsecctx(struct inode *inode, struct lsm_context *cp) { struct smack_known *skp = smk_of_inode(inode); - *ctx = skp->smk_known; - *ctxlen = strlen(skp->smk_known); + cp->context = skp->smk_known; + cp->len = strlen(skp->smk_known); + cp->id = LSM_ID_SMACK; return 0; } From patchwork Tue Sep 17 23:52:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13806506 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD40A192D92 for ; Tue, 17 Sep 2024 23:52:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617143; cv=none; b=t9lKWZAoGJnSiy/UURrXeHc58NO8Vq0SwtmMOGM6b/xpCK/hidDZwg8GY1AombQyOb6+yOs9RYyigMhBcTohWUPHx0TpI0kQvHsEDm3ZxIKZg2Nq6JOoWax+8t2MCQZ+bm2GByy5SsRsbCyC6cHZa/Yvx96O+I7+pV9kIbzGVmg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617143; c=relaxed/simple; bh=TvMfGpuNmuHfE6/XkTQaEHZLIHs+wYB3vWh5QXj2QUA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MtntmWn1zOjwbN4HTe2guR8WyXFOjjHHNv3uh8Ldbxy1FRom2CYanpenuCP1XZNw3xBo5Mtrc2Dkckis4i7TAn8F+TBYi5hB7hYzl+FRifm1mkC4V3rNuR3p+38Ptpj7WfGWlVFDoH675j+yrBmJZXu0Z9/ozg1YXmbkyj5Ym/k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=UcPml4XE; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="UcPml4XE" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617134; bh=MNpQztIp64MFTCT2V7aLKEPsQbqe9BTTTPEOJA6EgLs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=UcPml4XEKr59mWLjC48z/7ui4XHqmnekvV6DMswQr5xEKlomIMV709fAwRY3Suv16Rl+tALCTcsbRTm2umzBNstPELI48fs/e9hVkK8+B2hhBmpjO1gB+tNMLgPQ4S104Cbfdr+ZM+w59BKzjlUb3Oqil9VeKZ1uaVVr5yfeYeZUlmxyL/zXdS1NE5ZOQXjzfubg36MIeWuV7zIIZ+Zx/T7WrS05Q1vMmwPJl3QNXCTOJwrzVP1B/LsI+H7atZz5N8dXz+hiotsiiAXT/wVPtIEpCt3ZOnAzbd4D9CUKwTUaZ1PynACyRcQazHyjDk+Czl48QB/4Y1zzQm+IBCXBPw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617134; bh=SSMiXYDF57h8sm5CGiu+cA3P8GObemjt5P4BjT0dFw6=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ZJspLEPzht7NXYPDGobEY0NkyNb8/78dwMlme9DpFxHkD53YF6FOhGDbb77z4AFFy783CQvaw37Cd6bvPqgaPgc/FiIgUJSUlRhENJp6vj+eNrd3/LMb0cI4LyBTlNllBSSz/dOGKWTa+M0jtlTpbSMg1ABlzhr1oatgqthzS6P3zaxiAlkDBU2siYFRaQD/z764Rb/tNQU5QrNw9li5Z/roxjA3Zw2QTO+YPq/gsHduLA/QqbHuZN3evsg7S/i86LAyeJE5KX8Dx/3V6IRTEdQELPw9iK0eAznkfTfVyZO58lu7hW1p1qXO50WhFR/3iAH5j/aQLxIHYgEpo9rWNA== X-YMail-OSG: YHFW6mEVM1l7bPE7uLBwUL6PPgVUoFy8h56zPwmDXRuN7ps87H_lxvojNJ__K.G Qi1_zF.yDD9aKPBavvoP1wcTqq0_PI8N6ttl_H4_CjGwSd_2zPHyvgeWewVRncNTUz3ks8UEqrzg qyKfhgeyq6IJKpdng0Daz4qfyoH52BWWfRXghUFCCl1YK8ZMjwQr5eBnI3jPVtBZf.dgukFIxyJw Y8zRRF8hgYLPzF_lnRvdM2NLksLDPsnnq1vSoBThaRjQbpsYRaZlxyL.VD4kqXzm3wZ976F0VCQ2 z5jqyh45mMne6FB4C453eMgBO3HjmMf42ls7F8uwTXCoMzhH68c8SqJ7LDAZN0cmcYexitCdt7d_ prf.8rbqeNJa5.BPJpMqnFClu7cMvEU2019yKGmh.m1FoHc6XT9HtuW9pX2SfHQACUzobnlyu6eS 6rPsFYz.m9fbIgXdO8YZPs4xefH108dSMdMkgkNafFo0H.M8maAZLg_E71XWgmH4_vhv7VB.NRJw fNZPaslPLa66heVSXieyiJLV4gojmnLoVmiop3DrQV_xlC0_d45l4v67RuySgkklK5NQaQZIy6o0 hJZSGB3UfZNFpv9kw7wvAN.ioutNpEhjC2v6IsuUlBftUGzT8x5GE_csH4O25KMs38gbqtMqm2EQ BytGIhjV40y7SD58AFg9sxbwzZUPOfW6fgpmpjQ7_BTJNshHOA8kyJkhpUhK5WZi56hQ_rEyDtqT h48jTE.Qv2iOsn267t4hoYyT0Hg45l1mO.91VPQct4MUKx3fxAsLWNM1lHVpgxaHrTj23yKoI.EG c8d9opqQEy4R_6BU7WjHIxUq8dOs9Ifhc1QEInMYJw9PUGdgi8hLAvz4JFZlQrlhmL.Rc8n6xpOS fV4XkG5yXNdOVehMdCN7w_Ra2U6DQ.6b5AWIJhQQJgCy5TT30dT2RSn6fpziK6.npjP0QX5n6YdX YzWjRklIrBQA33rmIpV.vhwFbqEzwZ1sp_5mUpYZk27YHkf34HnptRAj_cmE32_cDX2onHQnUxuF sXk_OnTcxuEaIr0BC49wAeCpNSR.14Eg5wHQILucLg1kOoknK5ptDLCOIRVqzZQo4j.4KCzFaJ3O MKtBtEeDzTYlud77yNi01LnvyvewaV3oNrDZC0INO.5BT0nANmO9X9cYFPyN6xZMq44WoNNC3Plo ByuedVV79ZKRzP6Z.nqFSezYGoAeBionHPH_J0FuR6JjRSgBnjw2RzmfTUPI9VCyv4VUxxYNi8jo v1C82SkAXr9muQwncHrXvVdRH6jO84wwVZRY4xKd4LI1NSojcKbKXVByO3vi75ahYnFiVTpkZpQo BP1pCbPvzWd3TvtSSNvb2gQ3c0SxcylVC72kDRIqKuqNr_5neACAPW0eDGG0U01sA90IHtQV6Ki0 FRMwfFgh.8vIQSPPvlxcsuBVIlhVdB_NSHjHwrji_7j236VwCyyVNrGSv17hpToiqwt.Nd4cgv.8 ASCsoujjZM8h8RjWSSF1t_eerzcFzEIPc5otlD1FHW4LN4mO7WRhnZUDGtikr6O.WFMQ9Wymbpqv 6x4aEXiNwB0RaXGXPmNFOras6jES.1ezwgXDYTajNbRjyif75WYBHwyIz2bWX8yqnDS1FDIoxTDF VT62vMKYJwSlspKDuaJsF2MunlqI8ftPWhZnixp8h4x72BQI3bbOogsAG3fwfuVVE1zIGAzILu93 gOZWuB2iVSj_ldkPtA_phu_PS0SyZwerpj_u4Sm9jNm84t7flR6i1KaNO0drAqFJWe9JPnSJwCRb GVfBIr.OJCABIZLeOFri7Gw1JlPz4eZIiNZ2a79.D7e2kt_pCU3lW4SBuQ1LBqppjnuXM7h5ymfM SCHiO_FZE9eKiA8dM_7SQxeatQFDoUoyw1KVYEzSCFnJhckj1GZgvM0AYARjU_jMk8zQg88_CfkC a2OeNd0xhIzjAuzwpN3IuMGsFCzxOL2Oh8TWMZ6bc6ciPzp2afRXllFWTEyoCtGBFLaEI1v_McT8 LU0gqC90OGTE9oO4PvearxHAXQQfMYqSlsFEYmOyJxpaeiusk_.U7NRmZjJQn16Ms7sW4KFwmoLI I_KHC5BjXxklpKtzX.1AkPKdo4wCyNAH4cV5X9ukQCf7lI6I8ScZ3n3zNonEd0PQ1K4J9WU2LCJZ CXfEdVaEhBnNtiDgjkMJ8m.wLcNQ8eMSE6bUO__fGktA3wDNUip7E3y92wVd2ItePYTCQEPgnVpj U7hScIi2ikN32JqUjJ3_.AbbW4kX.0MljB8n2EN6kcku_xIm0R3ojDv3Rt451W54ipYYEovssml3 wIBW954k91QZ_uyB.FK_CP5KyugolCc0i8FWRP5Y- X-Sonic-MF: X-Sonic-ID: a18b1d7b-3996-4d23-b591-483c8b327bcd Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Sep 2024 23:52:14 +0000 Received: by hermes--production-gq1-5d95dc458-vkwd9 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2b3a84955471b9061a763fb967f12395; Tue, 17 Sep 2024 23:52:10 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, ceph-devel@vger.kernel.org, linux-nfs@vger.kernel.org Subject: [PATCH 3/5] LSM: lsm_context in security_dentry_init_security Date: Tue, 17 Sep 2024 16:52:00 -0700 Message-ID: <20240917235202.32578-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240917235202.32578-1-casey@schaufler-ca.com> References: <20240917235202.32578-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the (secctx,seclen) pointer pair with a single lsm_context pointer to allow return of the LSM identifier along with the context and context length. This allows security_release_secctx() to know how to release the context. Callers have been modified to use or save the returned data from the new structure. Special care is taken in the NFS code, which uses the same data structure for its own copied labels as it does for the data which comes from security_dentry_init_security(). In the case of copied labels the data has to be freed, not released. The scaffolding funtion lsmcontext_init() is no longer needed and is removed. Signed-off-by: Casey Schaufler Cc: ceph-devel@vger.kernel.org Cc: linux-nfs@vger.kernel.org --- fs/ceph/super.h | 3 +-- fs/ceph/xattr.c | 16 ++++++---------- fs/fuse/dir.c | 35 ++++++++++++++++++----------------- fs/nfs/dir.c | 2 +- fs/nfs/inode.c | 17 ++++++++++------- fs/nfs/internal.h | 8 +++++--- fs/nfs/nfs4proc.c | 22 +++++++++------------- fs/nfs/nfs4xdr.c | 22 ++++++++++++---------- include/linux/lsm_hook_defs.h | 2 +- include/linux/nfs4.h | 8 ++++---- include/linux/nfs_fs.h | 2 +- include/linux/security.h | 26 +++----------------------- security/security.c | 9 ++++----- security/selinux/hooks.c | 9 +++++---- 14 files changed, 80 insertions(+), 101 deletions(-) diff --git a/fs/ceph/super.h b/fs/ceph/super.h index 6e817bf1337c..0a6f61e247a7 100644 --- a/fs/ceph/super.h +++ b/fs/ceph/super.h @@ -1135,8 +1135,7 @@ struct ceph_acl_sec_ctx { void *acl; #endif #ifdef CONFIG_CEPH_FS_SECURITY_LABEL - void *sec_ctx; - u32 sec_ctxlen; + struct lsm_context lsmctx; #endif #ifdef CONFIG_FS_ENCRYPTION struct ceph_fscrypt_auth *fscrypt_auth; diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c index f7996770cc2c..0b9e1f385d31 100644 --- a/fs/ceph/xattr.c +++ b/fs/ceph/xattr.c @@ -1383,8 +1383,7 @@ int ceph_security_init_secctx(struct dentry *dentry, umode_t mode, int err; err = security_dentry_init_security(dentry, mode, &dentry->d_name, - &name, &as_ctx->sec_ctx, - &as_ctx->sec_ctxlen); + &name, &as_ctx->lsmctx); if (err < 0) { WARN_ON_ONCE(err != -EOPNOTSUPP); err = 0; /* do nothing */ @@ -1409,7 +1408,7 @@ int ceph_security_init_secctx(struct dentry *dentry, umode_t mode, */ name_len = strlen(name); err = ceph_pagelist_reserve(pagelist, - 4 * 2 + name_len + as_ctx->sec_ctxlen); + 4 * 2 + name_len + as_ctx->lsmctx.len); if (err) goto out; @@ -1432,8 +1431,9 @@ int ceph_security_init_secctx(struct dentry *dentry, umode_t mode, ceph_pagelist_encode_32(pagelist, name_len); ceph_pagelist_append(pagelist, name, name_len); - ceph_pagelist_encode_32(pagelist, as_ctx->sec_ctxlen); - ceph_pagelist_append(pagelist, as_ctx->sec_ctx, as_ctx->sec_ctxlen); + ceph_pagelist_encode_32(pagelist, as_ctx->lsmctx.len); + ceph_pagelist_append(pagelist, as_ctx->lsmctx.context, + as_ctx->lsmctx.len); err = 0; out: @@ -1446,16 +1446,12 @@ int ceph_security_init_secctx(struct dentry *dentry, umode_t mode, void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx) { -#ifdef CONFIG_CEPH_FS_SECURITY_LABEL - struct lsm_context scaff; /* scaffolding */ -#endif #ifdef CONFIG_CEPH_FS_POSIX_ACL posix_acl_release(as_ctx->acl); posix_acl_release(as_ctx->default_acl); #endif #ifdef CONFIG_CEPH_FS_SECURITY_LABEL - lsmcontext_init(&scaff, as_ctx->sec_ctx, as_ctx->sec_ctxlen, 0); - security_release_secctx(&scaff); + security_release_secctx(&as_ctx->lsmctx); #endif #ifdef CONFIG_FS_ENCRYPTION kfree(as_ctx->fscrypt_auth); diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 2b0d4781f394..6f95cd92e089 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -466,29 +466,29 @@ static int get_security_context(struct dentry *entry, umode_t mode, { struct fuse_secctx *fctx; struct fuse_secctx_header *header; - void *ctx = NULL, *ptr; - u32 ctxlen, total_len = sizeof(*header); + struct lsm_context lsmctx = { }; + void *ptr; + u32 total_len = sizeof(*header); int err, nr_ctx = 0; - const char *name; + const char *name = NULL; size_t namelen; err = security_dentry_init_security(entry, mode, &entry->d_name, - &name, &ctx, &ctxlen); - if (err) { - if (err != -EOPNOTSUPP) - goto out_err; - /* No LSM is supporting this security hook. Ignore error */ - ctxlen = 0; - ctx = NULL; - } + &name, &lsmctx); + + /* If no LSM is supporting this security hook ignore error */ + if (err && err != -EOPNOTSUPP) + goto out_err; - if (ctxlen) { + if (lsmctx.len) { nr_ctx = 1; namelen = strlen(name) + 1; err = -EIO; - if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || ctxlen > S32_MAX)) + if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || + lsmctx.len > S32_MAX)) goto out_err; - total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + ctxlen); + total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + + lsmctx.len); } err = -ENOMEM; @@ -501,19 +501,20 @@ static int get_security_context(struct dentry *entry, umode_t mode, ptr += sizeof(*header); if (nr_ctx) { fctx = ptr; - fctx->size = ctxlen; + fctx->size = lsmctx.len; ptr += sizeof(*fctx); strcpy(ptr, name); ptr += namelen; - memcpy(ptr, ctx, ctxlen); + memcpy(ptr, lsmctx.context, lsmctx.len); } ext->size = total_len; ext->value = header; err = 0; out_err: - kfree(ctx); + if (nr_ctx) + security_release_secctx(&lsmctx); return err; } diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 4cb97ef41350..83e420bbcba6 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -809,7 +809,7 @@ static int nfs_readdir_entry_decode(struct nfs_readdir_descriptor *desc, int ret; if (entry->fattr->label) - entry->fattr->label->len = NFS4_MAXLABELLEN; + entry->fattr->label->lsmctx.len = NFS4_MAXLABELLEN; ret = xdr_decode(desc, entry, stream); if (ret || !desc->plus) return ret; diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index b4914a11c3c2..056ddc876cb5 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -358,14 +358,15 @@ void nfs_setsecurity(struct inode *inode, struct nfs_fattr *fattr) return; if ((fattr->valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL) && inode->i_security) { - error = security_inode_notifysecctx(inode, fattr->label->label, - fattr->label->len); + error = security_inode_notifysecctx(inode, + fattr->label->lsmctx.context, + fattr->label->lsmctx.len); if (error) printk(KERN_ERR "%s() %s %d " "security_inode_notifysecctx() %d\n", __func__, - (char *)fattr->label->label, - fattr->label->len, error); + (char *)fattr->label->lsmctx.context, + fattr->label->lsmctx.len, error); nfs_clear_label_invalid(inode); } } @@ -381,12 +382,14 @@ struct nfs4_label *nfs4_label_alloc(struct nfs_server *server, gfp_t flags) if (label == NULL) return ERR_PTR(-ENOMEM); - label->label = kzalloc(NFS4_MAXLABELLEN, flags); - if (label->label == NULL) { + label->lsmctx.context = kzalloc(NFS4_MAXLABELLEN, flags); + if (label->lsmctx.context == NULL) { kfree(label); return ERR_PTR(-ENOMEM); } - label->len = NFS4_MAXLABELLEN; + label->lsmctx.len = NFS4_MAXLABELLEN; + /* Use an invalid LSM ID as this should never be "released". */ + label->lsmctx.id = LSM_ID_UNDEF; return label; } diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h index 5902a9beca1f..93911f3133ab 100644 --- a/fs/nfs/internal.h +++ b/fs/nfs/internal.h @@ -353,13 +353,15 @@ nfs4_label_copy(struct nfs4_label *dst, struct nfs4_label *src) if (!dst || !src) return NULL; - if (src->len > NFS4_MAXLABELLEN) + if (src->lsmctx.len > NFS4_MAXLABELLEN) return NULL; dst->lfs = src->lfs; dst->pi = src->pi; - dst->len = src->len; - memcpy(dst->label, src->label, src->len); + /* Use an invalid LSM ID as lsmctx should never be "released" */ + dst->lsmctx.id = LSM_ID_UNDEF; + dst->lsmctx.len = src->lsmctx.len; + memcpy(dst->lsmctx.context, src->lsmctx.context, src->lsmctx.len); return dst; } diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 18888588a642..293307042c20 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -124,12 +124,11 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry, label->lfs = 0; label->pi = 0; - label->len = 0; - label->label = NULL; + label->lsmctx.len = 0; + label->lsmctx.context = NULL; err = security_dentry_init_security(dentry, sattr->ia_mode, - &dentry->d_name, NULL, - (void **)&label->label, &label->len); + &dentry->d_name, NULL, &label->lsmctx); if (err == 0) return label; @@ -138,12 +137,8 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry, static inline void nfs4_label_release_security(struct nfs4_label *label) { - struct lsm_context scaff; /* scaffolding */ - - if (label) { - lsmcontext_init(&scaff, label->label, label->len, 0); - security_release_secctx(&scaff); - } + if (label) + security_release_secctx(&label->lsmctx); } static inline u32 *nfs4_bitmask(struct nfs_server *server, struct nfs4_label *label) { @@ -6246,7 +6241,7 @@ static int _nfs4_get_security_label(struct inode *inode, void *buf, size_t buflen) { struct nfs_server *server = NFS_SERVER(inode); - struct nfs4_label label = {0, 0, buflen, buf}; + struct nfs4_label label = {0, 0, {buf, buflen, -1} }; u32 bitmask[3] = { 0, 0, FATTR4_WORD2_SECURITY_LABEL }; struct nfs_fattr fattr = { @@ -6274,7 +6269,7 @@ static int _nfs4_get_security_label(struct inode *inode, void *buf, return ret; if (!(fattr.valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL)) return -ENOENT; - return label.len; + return label.lsmctx.len; } static int nfs4_get_security_label(struct inode *inode, void *buf, @@ -6351,7 +6346,8 @@ static int nfs4_do_set_security_label(struct inode *inode, static int nfs4_set_security_label(struct inode *inode, const void *buf, size_t buflen) { - struct nfs4_label ilabel = {0, 0, buflen, (char *)buf }; + struct nfs4_label ilabel = {0, 0, + {(char *)buf, buflen, -1}}; struct nfs_fattr *fattr; int status; diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c index 7704a4509676..db86b9cea716 100644 --- a/fs/nfs/nfs4xdr.c +++ b/fs/nfs/nfs4xdr.c @@ -1162,7 +1162,7 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, } if (label && (attrmask[2] & FATTR4_WORD2_SECURITY_LABEL)) { - len += 4 + 4 + 4 + (XDR_QUADLEN(label->len) << 2); + len += 4 + 4 + 4 + (XDR_QUADLEN(label->lsmctx.len) << 2); bmval[2] |= FATTR4_WORD2_SECURITY_LABEL; } @@ -1194,8 +1194,9 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, if (label && (bmval[2] & FATTR4_WORD2_SECURITY_LABEL)) { *p++ = cpu_to_be32(label->lfs); *p++ = cpu_to_be32(label->pi); - *p++ = cpu_to_be32(label->len); - p = xdr_encode_opaque_fixed(p, label->label, label->len); + *p++ = cpu_to_be32(label->lsmctx.len); + p = xdr_encode_opaque_fixed(p, label->lsmctx.context, + label->lsmctx.len); } if (bmval[2] & FATTR4_WORD2_MODE_UMASK) { *p++ = cpu_to_be32(iap->ia_mode & S_IALLUGO); @@ -4280,11 +4281,11 @@ static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap, return -EIO; bitmap[2] &= ~FATTR4_WORD2_SECURITY_LABEL; if (len < NFS4_MAXLABELLEN) { - if (label && label->len) { - if (label->len < len) + if (label && label->lsmctx.len) { + if (label->lsmctx.len < len) return -ERANGE; - memcpy(label->label, p, len); - label->len = len; + memcpy(label->lsmctx.context, p, len); + label->lsmctx.len = len; label->pi = pi; label->lfs = lfs; status = NFS_ATTR_FATTR_V4_SECURITY_LABEL; @@ -4292,10 +4293,11 @@ static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap, } else printk(KERN_WARNING "%s: label too long (%u)!\n", __func__, len); - if (label && label->label) + if (label && label->lsmctx.context) dprintk("%s: label=%.*s, len=%d, PI=%d, LFS=%d\n", - __func__, label->len, (char *)label->label, - label->len, label->pi, label->lfs); + __func__, label->lsmctx.len, + (char *)label->lsmctx.context, + label->lsmctx.len, label->pi, label->lfs); } return status; } diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 8090952b989e..6b671f4ada03 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -83,7 +83,7 @@ LSM_HOOK(int, 0, move_mount, const struct path *from_path, const struct path *to_path) LSM_HOOK(int, -EOPNOTSUPP, dentry_init_security, struct dentry *dentry, int mode, const struct qstr *name, const char **xattr_name, - void **ctx, u32 *ctxlen) + struct lsm_context *cp) LSM_HOOK(int, 0, dentry_create_files_as, struct dentry *dentry, int mode, struct qstr *name, const struct cred *old, struct cred *new) diff --git a/include/linux/nfs4.h b/include/linux/nfs4.h index f9df88091c6d..002cf1bff00a 100644 --- a/include/linux/nfs4.h +++ b/include/linux/nfs4.h @@ -15,6 +15,7 @@ #include #include +#include #include #include @@ -44,10 +45,9 @@ struct nfs4_acl { #define NFS4_MAXLABELLEN 2048 struct nfs4_label { - uint32_t lfs; - uint32_t pi; - u32 len; - char *label; + uint32_t lfs; + uint32_t pi; + struct lsm_context lsmctx; }; typedef struct { char data[NFS4_VERIFIER_SIZE]; } nfs4_verifier; diff --git a/include/linux/nfs_fs.h b/include/linux/nfs_fs.h index 039898d70954..47652d217d05 100644 --- a/include/linux/nfs_fs.h +++ b/include/linux/nfs_fs.h @@ -457,7 +457,7 @@ static inline void nfs4_label_free(struct nfs4_label *label) { #ifdef CONFIG_NFS_V4_SECURITY_LABEL if (label) { - kfree(label->label); + kfree(label->lsmctx.context); kfree(label); } #endif diff --git a/include/linux/security.h b/include/linux/security.h index 94bcb4c69a9c..c9c4845da3a6 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -225,25 +225,6 @@ struct lsm_context { int id; /* Identifies the module */ }; -/** - * lsmcontext_init - initialize an lsmcontext structure. - * @cp: Pointer to the context to initialize - * @context: Initial context, or NULL - * @size: Size of context, or 0 - * @id: Which LSM provided the context - * - * Fill in the lsmcontext from the provided information. - * This is a scaffolding function that will be removed when - * lsm_context integration is complete. - */ -static inline void lsmcontext_init(struct lsm_context *cp, char *context, - u32 size, int id) -{ - cp->id = id; - cp->context = context; - cp->len = size; -} - /* * Values used in the task_security_ops calls */ @@ -397,8 +378,8 @@ int security_sb_clone_mnt_opts(const struct super_block *oldsb, int security_move_mount(const struct path *from_path, const struct path *to_path); int security_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, - const char **xattr_name, void **ctx, - u32 *ctxlen); + const char **xattr_name, + struct lsm_context *lsmcxt); int security_dentry_create_files_as(struct dentry *dentry, int mode, struct qstr *name, const struct cred *old, @@ -863,8 +844,7 @@ static inline int security_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, const char **xattr_name, - void **ctx, - u32 *ctxlen) + struct lsm_context *lsmcxt) { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index 5a739279ed49..020e7a89de16 100644 --- a/security/security.c +++ b/security/security.c @@ -1631,8 +1631,7 @@ void security_inode_free(struct inode *inode) * @mode: mode used to determine resource type * @name: name of the last path component * @xattr_name: name of the security/LSM xattr - * @ctx: pointer to the resulting LSM context - * @ctxlen: length of @ctx + * @lsmctx: pointer to the resulting LSM context * * Compute a context for a dentry as the inode is not yet available since NFSv4 * has no label backed by an EA anyway. It is important to note that @@ -1642,11 +1641,11 @@ void security_inode_free(struct inode *inode) */ int security_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, - const char **xattr_name, void **ctx, - u32 *ctxlen) + const char **xattr_name, + struct lsm_context *lsmctx) { return call_int_hook(dentry_init_security, dentry, mode, name, - xattr_name, ctx, ctxlen); + xattr_name, lsmctx); } EXPORT_SYMBOL(security_dentry_init_security); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 159837b4ee41..e56403659164 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2871,8 +2871,8 @@ static void selinux_inode_free_security(struct inode *inode) static int selinux_dentry_init_security(struct dentry *dentry, int mode, const struct qstr *name, - const char **xattr_name, void **ctx, - u32 *ctxlen) + const char **xattr_name, + struct lsm_context *cp) { u32 newsid; int rc; @@ -2887,8 +2887,9 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode, if (xattr_name) *xattr_name = XATTR_NAME_SELINUX; - return security_sid_to_context(newsid, (char **)ctx, - ctxlen); + cp->id = LSM_ID_SELINUX; + return security_sid_to_context(newsid, (char **)cp->context, + &cp->len); } static int selinux_dentry_create_files_as(struct dentry *dentry, int mode, From patchwork Tue Sep 17 23:52:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13806508 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6AF61925AE for ; Tue, 17 Sep 2024 23:53:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617232; cv=none; b=tCFOOBA8MJHOOh3J+THDYUpqRAvSW3QY9qIKknxRylaXQf0UfF3LVzqShk/SKVoraDRfVSe85sb2b83KtnZI0EuO+uz3ZKDB983xyVAQTKTePNevncoPDd0hTfJ7/0jVtoclbcjL2mq1oB1sIOfrGRR8n0DGdz4AmHRJHnbmD/E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617232; c=relaxed/simple; bh=0ubI3dLuiFvQb7cQkSFUkzrhPW2VRR0XtYlRe5c/A60=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=mUVh2vgqXliWQtfK7KBYw/H7d4EB1INMj535592Dpqe8h9QJRrB/a20JpQ2Ozy7mMV+/BARlE+q2c695StAZ4ssEuA+Vw8n0ipnRspwYzXzTgZ5qpj4mac9OBRo+9u8N05dYOdfNvxd+dJ10pFdLIPBasK9BSu5vNqeG9RhVNU8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=WNu/t09m; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="WNu/t09m" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617229; bh=j5lakjbtg6bbgJzgWkUYPqrQ2XuCHA+KwbbiISmMicI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=WNu/t09mU2N8i4PkfTkEorYUtEYxQNFyyM2ShL7vIjDgCXAHd9DabnUMLYn7b8YOkY1DodoOzRF113LhMfhbbgw4iHRkK/Ek5wiZMUHH0i5u7rvXXRUyZhQOfL08APHIY4LaDqdHNzLCHIA39ofUAGz/OCTjpMsz9RBxxyYs1XP0r9dhUvS5xPkKEQ2k7yYNwXJafj9ryBCvxHLisnQ8tm5YYw0q3N5yh68yCP04Sy4q6yTjbGg8Ex0NwLpksxgPP28hVUCDOcnDkYiyPTHXkMvcVwEJFwYZLK/PUQi1gJl+9e6o04x7hKZZxk4GsMpQQNlX8WIegXSpwZDPKrOoyQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617229; bh=Ep+ZvFh/ISGZYSQyDBEElpQcODGAFa1l29UXn8gjXqq=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DyhLhibN3kHXKunzSbhQhmdqH6bfH6AAELUjx8HFM47oWAn8KECvLh5j4odUJ9FTAI+1O8xMxS81WBGtxsihLX3YfgCvNNiElxl8a+ffQwoJgHmVA89CL0aP9xiyUxZWNknBDay4JWZBQx9Q/AfqjjbmY1EUfJ8Hn+e78QoRXzuT8HXCSf0IP8Ob3+2QvCSIgIxRj/WH59fJXnJO4HCWCcekAbgU0DF6rrdlhmPjXDmL8d+B7ib3wrqwrZWDvHgTjj0FnDKwqc5t8kwZZC++b1hWuHBfz+Zjl+tZM/juqRMFbecFlfOfXDcF8FY0lc9SBNC4WoJNaPkla2IvG7rkZQ== X-YMail-OSG: .ZBEx4UVM1nKn6icJg7.3tZY.4kGS1ASyixUXTBoSQBGIDUNvgs91IEUs4r2fF7 MApKyHx8ptZsx66BFTqbbZHwnoE2eWw1XioGkidXDseDiIuTc_hqu7WOzFoVJ3GMxvkrCK.sCLsf IfinirnwhI5cxocxc0DQlUG5Z3AkTWiNoKY20_JEuCkJvuSD3xsXZn1LEC6GGwPv3Rl_ARYnlFsw Q.04riznMw_ortdimgsZWA0rjlrAnrYjzoGl67xApDz6tESQPZvnkbF4gPAw1HGFcn4Z3Qxw.NOo 3WtxwKYiWRkQfWlTXEjJ7YAn9YsCudBc5RIaF26JXo0TB0HUxAy1PVFscYv7cgUDSw3ro.nWPBNx tAfdZBvyBAcO4cfldJqyTX5sBKFVO8ibb.B6jtTUaZ99gA8jJ_WRfQb1BfU3IF1m5ZELxJmH87he zDhf3UAAHE6Fx0am3xVOsIQvbe8XZ41hII8UhtvvPb4PXhCt96Tmxh3hS5o_0iGzkiDPW7mp4rd8 oYb5vvf1WTQSgv3RUrUqH3ctaq_FSlS7Mft6sF41omRB9oaD8N0wtIvOk7.nI4iybqqi6w4sTvu6 lnpl2L_LagZ2ZCPfAhU7R0UVhGLxfBx6g4pc5qRnuTpLzTxhrfTBq3nPB1Nz8UybTjEW63BsHHpP EtQ1aYJpFGit9xifV5d5KhtVQf7UCVNYTu7vNOMvBc_Gom8dxruf6TLOJePmv8DQoiGW._lC2w0G KIm7_ima60SXdsAii.eP5cultdrdhJIwjGtBDWrN7IzTTkJjahniZLsyxCGx_xpPnLRTPPFXWJjm NPoNOzZRC1V_2fNf527j2qoRxdSP_UUSMbpnVuvCBLULQM_c5jVmO7AYxFuCm8TeC3Rri7e3Hlun NyM997vYTY2K9fjrgppLDMcAGgZ06qwQaKRCSf.JwdMpT7KAuuCMJljSU5fnN3kHVMcw1GWHrlLg 3LBPz3LxY4wSLe3PLg7Aa7V9Se7LjH_5uLt7Lo.HVlXf9p_XahfUMMTKIpftuB6iUSi.PD3T10Fd VfUnMHTWddWLifCcprGxR_fcPEOBphuydfWAO1d77ulkDBj4hVWiNGPJyEk946X_c4q7niCm7qnz 05zPForwwaq5TC6MHKzxSdhRgzbGV7LjBmcr25nqpGD7MGoUBSuNgvqucP3w1PSKZSrl2dPHQPT. qfAMVaSv5SHctXUeuCiIZwk6yWU.TptGAEKd._ibmVh9Xx4LOgSPGvDe7HBchdheL.sInZc.z2si lQOu45ztX89mWONGE8HwSPDMNdfS_5qZEZiOOJflz0NzNElF7CRxj7FvVBp9BpZkEpUioz8QpPjt qnSh.3sxn3XQD1Hg65N0BCnWY0.BKunWjJu9j3_.Y1A6i_c6FjSTGSGK7pDsXdx6mzQzHpqiolTi AkU5aLWQCap_JB.SBSEEbLEjwJKzCIEMQ3XgWCwmLfUYcyrYauJIy4dLGsmPB_Dn2ZcdfDQYUl9W Ls6z74vNWoEOAvdFcL5je3SV9VFx7FvJPDUyXSakYo24B3oaUVWtLC8_tTNZwJny4kZfzJecohSZ gNMxpsCbj63W_cKOtF6IvO9SkGaWjtRvbTS1hY__Ek1Fh4zcZ3y3sMyoQWXcXSVg7yj3YOTC94Uf 8FGuRR.tS1nkRUJyHoe8k6Jg0YWbQvDjPnWtPZ.4QvDsoFru7c1h9GmpiC3p_JizoA6RSRIjIOPw adHXzFpYl9FvqKde3uOCQJe2yhkGrYrfUBFdm5GFQ2R1LduaAeAxr7oQ62dVxyQyPWGSHO1fiyWC YvXmB19VeHIJ9lCbDfU_mu1eBQ7CmvxuOUU5Nx0V_8.1oQJXx6.xIYJ0WQh8_kcsbl9n93TQJ6Xi qucWg8DcsbjUXzrAZWydtDdfeJNRBKGIW13GlbRl0fcR.l4Xp88eOon2YuHYpub6hjbsnLaBH53G PqgQz6ylFeqRe_zQ6Ee0FpAkCIow3iGP0EajwXTBm254kZgotcirP8lDWMPuEu4xsgBETd0p40aP Cn5hT9ztY3QMrHsXIfQIERx4kWobIZPfXVlhdmNqGvcfNADhSUqjjsmmmSvU3f1_6AqZz5GkkVCS 5mbUDbrosrMaXoztZfCQmHXL1ztj6Z7YFnmPY1ZNRiCzOnWZK9HB1pJUli_jkDuHTeP4lFGHgrbP GdPfU83AmkrTt..I6ww.pA0fpqd0W027HA61gfOOFGi91m_ouvvXqy2NoAy1oVPs7TOrFnXpdl8e s2noqDsEjXTDnhb2_P3OZBCIRoUC9_yUHBaUvB_DeY2hY5tXXgRp4HWXIXK7BHmO6lWpc9ixvUJT tmx3PSYVvod_TdTROdfxAG3OVmfiY5GMBUQ-- X-Sonic-MF: X-Sonic-ID: cf539a59-42e7-4664-afc7-13ba7b38f727 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Sep 2024 23:53:49 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 41ac41609d6122fff099bda257412a4d; Tue, 17 Sep 2024 23:53:44 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH 4/5] LSM: secctx provider check on release Date: Tue, 17 Sep 2024 16:52:01 -0700 Message-ID: <20240917235202.32578-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240917235202.32578-1-casey@schaufler-ca.com> References: <20240917235202.32578-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Verify that the LSM releasing the secctx is the LSM that allocated it. This was not necessary when only one LSM could create a secctx, but once there can be more than one it is. Signed-off-by: Casey Schaufler --- security/apparmor/secid.c | 10 ++-------- security/selinux/hooks.c | 10 ++-------- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 5d92fc3ab8b4..974f802cbe5a 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -122,14 +122,8 @@ int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) void apparmor_release_secctx(struct lsm_context *cp) { - /* - * stacking scaffolding: - * When it is possible for more than one LSM to provide a - * release hook, do this check: - * if (cp->id == LSM_ID_APPARMOR || cp->id == LSM_ID_UNDEF) - */ - - kfree(cp->context); + if (cp->id == LSM_ID_APPARMOR) + kfree(cp->context); } /** diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e56403659164..93188e124f99 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6649,14 +6649,8 @@ static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) static void selinux_release_secctx(struct lsm_context *cp) { - /* - * stacking scaffolding: - * When it is possible for more than one LSM to provide a - * release hook, do this check: - * if (cp->id == LSM_ID_SELINUX || cp->id == LSM_ID_UNDEF) - */ - - kfree(cp->context); + if (cp->id == LSM_ID_SELINUX) + kfree(cp->context); } static void selinux_inode_invalidate_secctx(struct inode *inode) From patchwork Tue Sep 17 23:52:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13806507 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6AAC192595 for ; Tue, 17 Sep 2024 23:53:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617231; cv=none; b=pQIZw+dbvwRp4+ITygMhkNra9FNHf/AF6ACarJdv08vScvh68+V1juVQB+/tvCtYE+ce3AXUwRDWJ9Rd1+MpjZ4pbNCyp3kPb7WEtFIYdGMMpBdQ5qu+c/HjnCQ97z6phytX+iYVsabTIYlnqx7K2e0djHYZolXF9u2m1fY9c9k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1726617231; c=relaxed/simple; bh=pkiJFK4UWzbihdSQP0/vZjet04jCTlLQiH9p+ugfN30=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jCm5jx/DPMmoiP0CjfSH1mpAwVgeecbM8YPSTQPVt0qpx3OLk6dI5+FJYZAJz6eq0k5XT2uRDXXgX3LiMP61NyXvon1Urw47PwzurHqKr7uRLH3pL/2mefVcPkn70UVx4vrzUMmmNMLYiN8OQjVWNXuAFG1mKqfzVHtWpFGRzy8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=aN8vqmnN; arc=none smtp.client-ip=66.163.189.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="aN8vqmnN" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617229; bh=rLl2LsJz48bPh17xjOUIrSgVKkITvgpZAh47LFR7xMg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=aN8vqmnNvDZ9BXRzktIgzepVFtdZlUF4dPa1lIpwYmmOT1vXW/R4wv6k4ODw1Qzy9PDOiVp1pxP4Z7/DpGy0Rm1r1Ps4nTmWfjO00YRbQN5U73RztbNJ8j5KXpo8ODCe2gCaoKxQJaG94z7PyL06NoyPjc0M1bNhtfDnDmXH5IM1ZLm0pG+X/j0ukg2GRZSJsRgw67vPp0blbsapjaZXnVWdp0y7O9bo8ZcspL6/Y2Z0V852O3cSC+keGzh9YKjmkdFBZgFPdN6qCdt1Z5lg1Q9F2UxrJQviSyQcp/SZJ3SunBVjZ7nyj9WtqsECiZVkYGhvoDIlnYVv6Zvn9AQ3zw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1726617229; bh=nzurJyaw6wgzma+7cmEzE6ah9+uczsB0t0PcMV6REn8=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=LKU9+0/gvBKTcCFnLN7LCno1U/mJ7fcHeVCpO9lYHh/76ImSMiIJ61ieoS2n9apfzPY0mGF/n/rV128jmEEcCcyiVeDzejZxDActMvXnmx4HP582HBFMqXKwv6KfNjSMug5BjgWFGjjZzbdEsk2lMYM1GVQ0N4k7Le9728p20NhlHRWnRbvYnb/CFWVox6lyCh8A3lDSmQMc3Onzlo9xPYVGg4ns4fj92umBbMwOCGuflwaw+oMgvyR/9WX855pu6UCeSWi/UEf3EsSaL8SqnXwmnScBTRYggvTT0so83c+YQYePQsqVk76nxlGVUEKJYmUs6Gm3VhpQdkhZuLUyXQ== X-YMail-OSG: 9eU7_wcVM1laETl53qEnKCSjr0kkFXb.xJgXYCSOr6MkDXYTAMXOSuvSlWqlLZf JLhBbiiC18K2VxlKHIuX4404UpN_C8eGNK.aBdNX__bIgb9VVQkWbxX4osFhUlLdnKF40l6.l241 n5FU6e.gJlcH.lv0NhxHjFRIppcs4sK1HlvoAzysImgdaNiVuD2NvWuVAYR6oHtI26VUxe29w6jM KIHoz6uIvFpCs7IOkoLvlJMic.DU_zNs26z4VbBTCQNMJ8GdPX6dY7BEN2Qs5SpIgkqMTD8Ujfqm UHrvRAh3C6i.gLjWDzaWvdOJ2nF4b5AbHFbk.DomhQD_Dq2xxF5G2H5LDB0oXNkwGIL3xGXxDxZ1 I.lYHNxsgmdO54NpIMvS5h7HymIcsHN1XRYVTdxchoZ.3tOknWdBdtzPcqHtNzJz4xDQZrC1_K1u KTpeNT2peNRAAqUU9yJOmVx1q0HnQhxaAfUBhlVZWpIO6jE1QbAYvzGVOHoKUBxdRziaJaygE_hQ jhTFBW9hSrqwESUmgISL1arujRb5VSdVZly5BXIX.mW2wo9iAqOFhBYssAYrPtnraLCsOWXbEQTf fWY.n0KQ8UxFyr6hvAlGmOs1VjZ2kHU9m8YNwssFf6vlxGEmC5Wtf5gJv.Q6R0BXPPbYvcLaGaHu VK_1Einto98Wk28eUuOaPAFaAadKQlZDrXASEZQNLh1BhQNnI5bh5MHf32GTBUmLzsM7k0DTGRLF gVF1wBLuj.DGGIGF1xR5Ws5X84nxrqQ1hIyHANTT1N34GOE6K.X81wNIXqQwaD94tN2Y8LmJsWeD DVDRvLTV9sc0xKBHRMWso5eNmfNmghAB2zlUhRHXXaqRTvpjJ58cIIrDthWc_TF.NW.lFkQIvaj_ wmGIftu1AApaPAdlzHx.1eR2vg4RYqUwz3homsCl0tlbsViID0oHMTMAWyXL4vzsqo0hYOJemf.2 bGTN_Qej_EMEQzsYzuxnoakmeWDtoMinN9lvKe6KU7q8QOI0mlGSAYk7Wam_H.KjCj5r31xTjDCc Az.LASenrltwT4_69Vfno07cyIs_AIvmiVMWJsIv2iROFk4dheP3oGWxNkuy9eEJksw2Ho19Gy5m jYMCLqOrbbJoA9xIHaDGMW0ojd3sSzLzc3Pip0IsXyNeAgxyz_kp7joe5nBf4y3YHl.LdHQSwZzc BZ4ZICkW54Qy1kH1bKOuBgsOXDG984wZVUp69p76TxsxL1BqEnKNTMnlvdYy6K7vswn7NUpVQ0_K 4W5ctq8tA7op1GAAThDezp_3Xev3NqRQOICIFSM5H3YOce8IvQ6EZapcQUIlZhfCIfjeD.RsdtjH GcS34MyJtl6jNUPllYRZc2iolWJgjKrvBQHYlLOCb1SSThgCvP5BfZaE2xTlWH8wd28MvdJLsM54 hSNgeP8cQMokZuP2qcdMoCxbBJskHKXvNu7T0kb4KC2p5k1P_DoCry_mnNe9uwz4fmZozCasooiD vEZB_XIYdIUFFmnI9L544wRL9lwU2G_0ZjL7bZYyAHhxc9lyNjZxNf.DBrLU22ztjNDcn88hnTN. heO0ZDZcdo4yQWuSp.M1BF7Jb1aJfsWQGzkZ4Uaj8g6G88TPkwwHMonfOmLe5EcKmDR2XGUdydVr Bx4nLJamTDNmLUOp00bcBP_sMUWbTmD3pczhjTrvQSSXn3W9R_1Hg5RYXAAwfOlR1fMPmHp41ArJ n01e2Xmxbm36acFAxvxqfxDUN1aoSNiNfw5B6gRTbqbWNkXLYAw1dSL2RH2LMpp.gp8CGOdSzwcf ObMO5HvuVpAOam5c3hKSmSgN9v3LKc.PmogDXPNj8U0QGYdyuA4lcFLwLbC3ssHuluQfzkGWh85v A4x.QNQuei2U2uCGi11Y.Pzo5XPMCxYUQd.z983kRNeiwIjebFKJMz.DytRY8hpvcO4oAQkAWMW0 .WviA7EyDMQvvY8iSS1vxiC0Zh_O5EZ.ZdrhY86THG0h8kiYsx7nzQ5onmMn3wNFgst9AX0H0Yl8 PQyI12a4mzsBf6Yt46HbmS7t.J6uAyeI7DXgJx7lxa64Fwl5oDanQ8He_ny0eRkz1UisZvOoDtBZ F7.6Xu0PsqB8_E1IAJgtjsC8tHX4L8drGoQslh9ebj_OcDxPwsYyGH918e2vw3JMwMuHURB4r1M9 jlP_nVRk21b81vGjY4WJxBcszfFrcrI3w2hostNs9xsPnYDhGVFF7e5KRVAReZCSwRZlA7Yf6yp1 b73x6vGDntWCd1aJoCEtdOx85kGPLWW6OceWdQSU4veYnLuQA6yZKT_Z1VjWuXxrfkHt0eMSuK46 qlGSo_Jd5fVdYHCuQe08E8ce43OQ1TXsbp.w- X-Sonic-MF: X-Sonic-ID: 9f23d04c-1822-4eae-a91e-9d5266c6a30e Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Sep 2024 23:53:49 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 41ac41609d6122fff099bda257412a4d; Tue, 17 Sep 2024 23:53:45 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH 5/5] LSM: Use lsm_context in security_inode_notifysecctx Date: Tue, 17 Sep 2024 16:52:02 -0700 Message-ID: <20240917235202.32578-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240917235202.32578-1-casey@schaufler-ca.com> References: <20240917235202.32578-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Use the lsm_context structure in the security_inode_notifysecctx() interface. Its sole user is already using lsm_context to store the data. Signed-off-by: Casey Schaufler --- fs/nfs/inode.c | 3 +-- include/linux/lsm_hook_defs.h | 3 ++- include/linux/security.h | 4 ++-- security/security.c | 7 +++---- security/selinux/hooks.c | 5 +++-- security/smack/smack_lsm.c | 6 +++--- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index 056ddc876cb5..4323a39c14c1 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -359,8 +359,7 @@ void nfs_setsecurity(struct inode *inode, struct nfs_fattr *fattr) if ((fattr->valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL) && inode->i_security) { error = security_inode_notifysecctx(inode, - fattr->label->lsmctx.context, - fattr->label->lsmctx.len); + &fattr->label->lsmctx); if (error) printk(KERN_ERR "%s() %s %d " "security_inode_notifysecctx() %d\n", diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 6b671f4ada03..0216aeb4a3fd 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -298,7 +298,8 @@ LSM_HOOK(int, -EOPNOTSUPP, lsmprop_to_secctx, struct lsm_prop *prop, LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) LSM_HOOK(void, LSM_RET_VOID, release_secctx, struct lsm_context *cp) LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) -LSM_HOOK(int, 0, inode_notifysecctx, struct inode *inode, void *ctx, u32 ctxlen) +LSM_HOOK(int, 0, inode_notifysecctx, struct inode *inode, + struct lsm_context *cp) LSM_HOOK(int, 0, inode_setsecctx, struct dentry *dentry, void *ctx, u32 ctxlen) LSM_HOOK(int, -EOPNOTSUPP, inode_getsecctx, struct inode *inode, struct lsm_context *cp) diff --git a/include/linux/security.h b/include/linux/security.h index c9c4845da3a6..1b1411fff6ac 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -555,7 +555,7 @@ int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(struct lsm_context *cp); void security_inode_invalidate_secctx(struct inode *inode); -int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); +int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, struct lsm_context *cp); int security_locked_down(enum lockdown_reason what); @@ -1536,7 +1536,7 @@ static inline void security_inode_invalidate_secctx(struct inode *inode) { } -static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +static inline int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp); { return -EOPNOTSUPP; } diff --git a/security/security.c b/security/security.c index 020e7a89de16..44639d193ecd 100644 --- a/security/security.c +++ b/security/security.c @@ -4268,8 +4268,7 @@ EXPORT_SYMBOL(security_inode_invalidate_secctx); /** * security_inode_notifysecctx() - Notify the LSM of an inode's security label * @inode: inode - * @ctx: secctx - * @ctxlen: length of secctx + * @ctx: LSM context * * Notify the security module of what the security context of an inode should * be. Initializes the incore security context managed by the security module @@ -4280,9 +4279,9 @@ EXPORT_SYMBOL(security_inode_invalidate_secctx); * * Return: Returns 0 on success, error on failure. */ -int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +int security_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) { - return call_int_hook(inode_notifysecctx, inode, ctx, ctxlen); + return call_int_hook(inode_notifysecctx, inode, cp); } EXPORT_SYMBOL(security_inode_notifysecctx); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 93188e124f99..382c63d67743 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6665,10 +6665,11 @@ static void selinux_inode_invalidate_secctx(struct inode *inode) /* * called with inode->i_mutex locked */ -static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +static int selinux_inode_notifysecctx(struct inode *inode, + struct lsm_context *cp) { int rc = selinux_inode_setsecurity(inode, XATTR_SELINUX_SUFFIX, - ctx, ctxlen, 0); + cp->context, cp->len, 0); /* Do not return error when suppressing label (SBLABEL_MNT not set). */ return rc == -EOPNOTSUPP ? 0 : rc; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index b443859948e9..1dfc4292ea15 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4906,10 +4906,10 @@ static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) * Now that there's a list such a hook adds cost. */ -static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) +static int smack_inode_notifysecctx(struct inode *inode, struct lsm_context *cp) { - return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, ctx, - ctxlen, 0); + return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, cp->context, + cp->len, 0); } static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)