From patchwork Wed Oct 9 17:32:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828910 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6F8C1E47AF for ; Wed, 9 Oct 2024 17:42:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495762; cv=none; b=lPoJZf25Ow8G7Gz3N71VZIn/uEQEjsXzcFYvX1DpajGxbtB4TryUrq15JfzSpWMnVzimLjxgwEVGwJOIWoNQ2vNqOyMD+3jI3ANOTcTWnZCIrcC+owFeyyaJdyTppFcWbTVZP+iqnViIVtPrQoMILqEJUREqo6tKFYHBpypA5lA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495762; c=relaxed/simple; bh=LokgultzN0WmXDqjvoeWLrKrfvyHfix2qKgCgn/zc7w=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ebcSu+ljkA1BV2B03pTYdzg6KXACfBh05ewWFRUjYW6fAOkkU8zp7le6im2Q5jWv9VnaTcEFyNEviGoyX6bTO3XEq0aOqgnduU9yVncHD+eatb86nLkPsoEXuu+d2JMdKmAgCTyTd/+/Ad6mubvVxACCBoqzLN13DtHxLB9WD30= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=gNqhKoUj; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="gNqhKoUj" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495759; bh=JXR+r2zL+pQ9RpZEjgRmXf0fUPaWRk6ese8bB91Ub9E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=gNqhKoUjADwpl0E+pOmCZyftGgTRJ1oeRi09DLNl8RMkGCbPtzwGur4uAGOPfvz8ZgCCWxTLcXUi1qxd0U4Bn2xo9HJNCKm0wvpV35m+PKdIggnlK2gY9qF9kmwrDUjadiZpXPGODnbGRYDa6ObpFHQr2CBxku6MBOP1zcPq/BkQRA7C3J0EnlRSVOyEN3Q9nMPUlcw5PcjM3ZQH9/+cOuWg/SrDUw1O9/WO8/+TJcW/hcF06ESFG08RsoWN8m6cKTGTdrNvAoM+y5NlOyH+/nPQTpvsj6bb90dl/b4tlHpaspRffk9DzTQnsxchZ6kImpbvATg3Td1Hk/zqbIHuqw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495759; bh=jMCPnjCDUBXSVIw0gB0/uWcgIMaxlmvCumxDVLP29QW=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Q+hQ3KEyz2oa/dWvPtNYqCKtitdNumEJwahg/xMSXl0Fb0su5zpf0k7y23+5pS4vp7HDLB2/V0IdB2JO8V93bwZZMCRVRKJZmhntlf1OGRxw2oDUUjiBGKk8uirOuoOquZrC8kOnOqHAjx4S5OeTMZ/wK+dVhuspoGphPYEjSVB08OZqwW7dStkAzMma47LrLfckankd817SZssTUq/SyBFToGPRsDOQX5rK1ymy20L8KEVbvYwtCCx4R0qCZsx2jBdRzk+C9rxi9pLvgXudRsll2ai/go4EpU3e/66OUKhM9dz1WRyOoq56x6EuT1hplmvSnxe1Xx5OxTiWSZwL8Q== X-YMail-OSG: eYN4iQYVM1n41XBMq4.EVyKQpeLKlUZwfvxzyt6HP0KYLNvsLFqrAllNtqhLWhP Az53i8MIUewh1caEIrf7L3cW5JNuekWer15wHz_XxNYrYRDKv6LauAtIF_u0nkSixHdx5D8cURQA 5hh0fAvRxNL8TbCDLPRI_Iddt1Z9QqOZX66VIa.oFfWi0JeJ3tAnGlZUjqRgO0TzSnddw5c_32kb 5okAFGHejWzpCNZczvhCCoHsWVgIL6QgRgKHwwAYIe3S2Ia03gviLfR4z3Ar9rF0rJKj8cR.EoE4 z091lt3x6i4Ztmx12hPqR3ZbuWTzrulFSYa8JYzpp7a_csBWs1ckkWY8nQEqS4CbAyShEZJFVJcN 3XqKUdAxbcWNFoHdLfphGzhmJ2NeIsfzAXVtNX_75TMWAUC6ba3gd6pyLdLUfBQeqRcIdFu4EP7D atkHhpoSVA6JmNV7ylYloxXRshrQXWzpzO39mF9PaSeaeoo6V_rdwLSJoHjSUaB.ZfILjODq1OT_ sjb_PBTL7CvY0kNu6PZUjN1pOQCMviesX2c5jg8w22vOcPajT_ro7M0a1ylgikZjYk7uqyqprss3 3BNBMR4_alJSMLSAgx5E3ikh_AmEZWFSuchm5rjFwtOB4g6.9BVKkMyCXNf0rfZBrR6oPbxywh_K EA6YRn7DVEK1CYjKHK9z75i0DeEPx_Oam2X.vOA1XBT22rf5VY0TSEfWkOZN0fheRvzVI.fWRHKS jCP6SCoqK6yL.pGomNBhBuTxPj_09pEbyX1YxBFkNEzsjYGjUyH_gGgOETokcoOCAr_3INvG7lgv gRdZpd3R9jVUghTNdQ.fNO27k_PHKMFBs0ax69HGEYnfMWyHfkdpM.PsiP19z9fAhTZXx4lpaFNV 9FSqefI3LOy1QNcX_5sQ273cxoI3x9AfzxNpZQX7uKR.L2a12TJblCQdZaPO9ISwRGJjBhp7jrLo sSe4iR7yfHjZuNX1Ln6YhDaMcmmGxPS9GSzv4NTdYUjibNe3lyO9f.A8cx4f1buGEoDWx9EwqdAH mTxEH5Kx01BDr7kRy4Ae1m6Rx.pqx.7FqW9hwIECenMynyreE9FcS9J90eI5HAO2xHhx3j0ZF273 qrjs0YuFlkrJkLWE9P6hwdstyvV2.wmUHCm0WZAeB.lQk0rynhZCOOF8ngHmjWUfzvexnmGVVFBd b9xwivIV5qH5RDlY937r3Wm6dU65GZZHk598bdATbvFHuDES5JP44mT3yLw.b2oWgvYMDg2FFNQ. GDx_ewp14Vpcwp_Z234mFBhSvgONKwmNyJ_JQaAxSAP6f_kefBExotmBxVQ.cLuY3oLLU8aquRKA .4N5U25jpfodel6OIDDReJG2zLNE368qw_Nlail9UqzykIi2kM.SwUwZ0t.tmdtqNe_kWoXIqbHf GkX.EZIjwb9SMWLV3.mVu8NNG0M8dpmfdnoDum_YvGgC.kwbFmXYSI4u0ZecfS6aVxqDGq8wLQL3 GrjmSFxihpTUaskLMGAHY76Q_VoJKBakNXdUYw2HA..kYbAIUWTYYUc4EXvDy6Gg2MwfhNSesysv VeE6GgN8BtZwC1eQ86REgIdBEF9_J7hf0Kv_jP7rSh6OWrLbv34RkTpzuCgcQeokqTKF6eDh93Ar QDo37uloFRVLQrCEhQI7skpprAkNvOJl.PEe7yRpfCMJYG6wDBfms67vH.PgYtLiNh81.aIA60.P WfL3fOYSgtMiczE7T_KrC1C85z_LNIITFoZ7WzP9ax_tKewTkaQ_XzDDxqXEYJbFGVTmeglUibcp Y3NY6uFr3w2PvZYzQdnuCnh6fg..t73bbnDIDkH_19pl1dFm5DufaQzrbWYONbyp.1zv8Y0kdNLu UfpEYbVjEoVYgsGIQr0IhAyWvaP6ODSE1yBlsoXuqtYsYVvkjdL_3C3ixQKx24gOgAGxngqeOGgF NF9uyIn7lGP.sv3.Wjf436njySvKQGqG7tSF2k_Ii3vHs3niRMk8PASnSk5XYRNQ71JlI9kvx51M 6lt6.SlWJyGO34hYnFKMVhe54ALuu0d8Ma4hQI2o.FcDlOmj6IfG7VikZvx6lthXk9yyeCNnrJ22 e1ny6yjp0wVf0R1xOBOfNyvIuUOxufO6QN7FN6Reduo9XPNm4R6ErcO2yWJpcO33p7RrUWh8k2f. 1xLHItAsZAgjvNwVP1yPsvwhGUKVdQ5Tro31487k0ti9YXWkVtL29jpAP44Q0W1FRNp46EZStwz3 vcq7_wfLFnG1CeWplKAzzh1w_pLOus380Fhz.ifhNBZtn6Dp8ITjYjItxmr8i.GOaeDND_2h5a95 a0JLGft21Uae74G.1fb.scgoPdSInLNysJ3GP31s- X-Sonic-MF: X-Sonic-ID: 8ea8d104-f8f6-4f4b-981e-98d68358a75b Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:42:39 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5fec0e30966313b56a0d7e944fb52df1; Wed, 09 Oct 2024 17:32:27 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, apparmor@lists.ubuntu.com, bpf@vger.kernel.org Subject: [PATCH v4 01/13] LSM: Add the lsm_prop data structure. Date: Wed, 9 Oct 2024 10:32:09 -0700 Message-ID: <20241009173222.12219-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 When more than one security module is exporting data to audit and networking sub-systems a single 32 bit integer is no longer sufficient to represent the data. Add a structure to be used instead. The lsm_prop structure definition is intended to keep the LSM specific information private to the individual security modules. The module specific information is included in a new set of header files under include/lsm. Each security module is allowed to define the information included for its use in the lsm_prop. SELinux includes a u32 secid. Smack includes a pointer into its global label list. The conditional compilation based on feature inclusion is contained in the include/lsm files. Suggested-by: Paul Moore Signed-off-by: Casey Schaufler Cc: apparmor@lists.ubuntu.com Cc: bpf@vger.kernel.org Cc: selinux@vger.kernel.org Cc: linux-security-module@vger.kernel.org Acked-by: John Johansen --- include/linux/lsm/apparmor.h | 17 +++++++++++++++++ include/linux/lsm/bpf.h | 16 ++++++++++++++++ include/linux/lsm/selinux.h | 16 ++++++++++++++++ include/linux/lsm/smack.h | 17 +++++++++++++++++ include/linux/security.h | 20 ++++++++++++++++++++ 5 files changed, 86 insertions(+) create mode 100644 include/linux/lsm/apparmor.h create mode 100644 include/linux/lsm/bpf.h create mode 100644 include/linux/lsm/selinux.h create mode 100644 include/linux/lsm/smack.h diff --git a/include/linux/lsm/apparmor.h b/include/linux/lsm/apparmor.h new file mode 100644 index 000000000000..612cbfacb072 --- /dev/null +++ b/include/linux/lsm/apparmor.h @@ -0,0 +1,17 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * AppArmor presents single pointer to an aa_label structure. + */ +#ifndef __LINUX_LSM_APPARMOR_H +#define __LINUX_LSM_APPARMOR_H + +struct aa_label; + +struct lsm_prop_apparmor { +#ifdef CONFIG_SECURITY_APPARMOR + struct aa_label *label; +#endif +}; + +#endif /* ! __LINUX_LSM_APPARMOR_H */ diff --git a/include/linux/lsm/bpf.h b/include/linux/lsm/bpf.h new file mode 100644 index 000000000000..8106e206fcef --- /dev/null +++ b/include/linux/lsm/bpf.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * BPF may present a single u32 value. + */ +#ifndef __LINUX_LSM_BPF_H +#define __LINUX_LSM_BPF_H +#include + +struct lsm_prop_bpf { +#ifdef CONFIG_BPF_LSM + u32 secid; +#endif +}; + +#endif /* ! __LINUX_LSM_BPF_H */ diff --git a/include/linux/lsm/selinux.h b/include/linux/lsm/selinux.h new file mode 100644 index 000000000000..9455a6b5b910 --- /dev/null +++ b/include/linux/lsm/selinux.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * SELinux presents a single u32 value which is known as a secid. + */ +#ifndef __LINUX_LSM_SELINUX_H +#define __LINUX_LSM_SELINUX_H +#include + +struct lsm_prop_selinux { +#ifdef CONFIG_SECURITY_SELINUX + u32 secid; +#endif +}; + +#endif /* ! __LINUX_LSM_SELINUX_H */ diff --git a/include/linux/lsm/smack.h b/include/linux/lsm/smack.h new file mode 100644 index 000000000000..ff730dd7a734 --- /dev/null +++ b/include/linux/lsm/smack.h @@ -0,0 +1,17 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module interface to other subsystems. + * Smack presents a pointer into the global Smack label list. + */ +#ifndef __LINUX_LSM_SMACK_H +#define __LINUX_LSM_SMACK_H + +struct smack_known; + +struct lsm_prop_smack { +#ifdef CONFIG_SECURITY_SMACK + struct smack_known *skp; +#endif +}; + +#endif /* ! __LINUX_LSM_SMACK_H */ diff --git a/include/linux/security.h b/include/linux/security.h index b86ec2afc691..555249a8d121 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -34,6 +34,10 @@ #include #include #include +#include +#include +#include +#include struct linux_binprm; struct cred; @@ -152,6 +156,22 @@ enum lockdown_reason { LOCKDOWN_CONFIDENTIALITY_MAX, }; +/* scaffolding */ +struct lsm_prop_scaffold { + u32 secid; +}; + +/* + * Data exported by the security modules + */ +struct lsm_prop { + struct lsm_prop_selinux selinux; + struct lsm_prop_smack smack; + struct lsm_prop_apparmor apparmor; + struct lsm_prop_bpf bpf; + struct lsm_prop_scaffold scaffold; +}; + extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; extern u32 lsm_active_cnt; extern const struct lsm_id *lsm_idlist[]; From patchwork Wed Oct 9 17:32:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828911 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F0C301E1C0E for ; Wed, 9 Oct 2024 17:42:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.188.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495764; cv=none; b=CczJNPaBN7owRcZtji1GlY7hZMTHsM1AkqQ72sjkS1A5u2Smv09HvTOGoEyWzcnCfAn0uVoX38JK1wwrinScMji8399CHElef0ojHKlHehUXJ31tNo8AjokZvomJ6xyKbsh9BBpY0nmFNXlmA4zxZJRDgl/cEffs31MwUzap3NA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495764; c=relaxed/simple; bh=q4mjOQYEqtMbTca/19AT8rHt/iY9VcZk7G57jR94iLA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=RNISWlMpzWnFY4tJcZK5u9j/UbjEfYyGdeCXRseaGORq/o/yjw33s/4DgE2EB5/KchTSRDwv5NW4jit0rePqzVXPnhwNOsxXptMQwbNiL0ZnE/KdvPxEsPMLRorR0noBAclQ6t2N0Vx6Yaq8Zynwme4O78p5AsnJiCHLgGxc75s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=FZRvF1gD; arc=none smtp.client-ip=66.163.188.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="FZRvF1gD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495760; bh=Kqe3nwRY7L2FLlJFUpkZB5O0bZMH3MXzPtGSPFBiFDc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=FZRvF1gD3tIkCco4gLV7KT7LCEHqagmNB2zJhNK7adjla9rno9I6cWRwwMDcZRQk2qIDjhi869Lphl/oDw+zI4pxDl/UZyUuJy76j5RGguMu1VysaywpQm0DGgEhiB6sKgpNEbs+G8Lfk/7cbir8vxVX/07sX+CZu+ci10+uaD8Forr/Ik0LUDkQTbdXDfsK7N3MlbiL5BpbQnxEOmK2VXLWM3N+Bih5RJq6faxUrpfe/A4bdnMJXM5c6/ElQ95NMPqAm0DOAWouJgTGWvykhCJJvp/EdftrgJSxj3tNVg1JBm2J4I+Q3+3ucLsb8bgXPRpZbkOZ0sVvV4LI07OoBA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495760; bh=01SoFnmA78whD4gkv//ZRhrsYVFG36lOP2WRvWjmnnf=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=YC1Rg45F1ntg3xwFK6miFp9L09Ltk29zxl5fiRjuUQjro8t5SKQqQ6/FR5nF+64u4HbAoQVUU5B64AeZycgkhd6/BtEbiQsunJ8MmXtRRfqPbST1sH90UDgflRrX4l9JiHyp+yov7wjHNMHoxicgyoqbB1zr1MRApv0k+am1mxAbHK8rRbXlE+O1rMS9h80JuPqOkXnr5DbklORfwAi0Sb0sXZ5N1S/O2hrc/tnavhpCoGrKC1tJx856tTVN8twzM8StoRC4Pvdh3llZv59FMftMaxYxuoNdd8YRhIBMelCoL3fHTIQtud9I6iIZyu0Rt+1Ody2uVtHlEtjNIFK6Cw== X-YMail-OSG: FDKa3.wVM1lebCCsGrhIUdOq37aw17qErvmj9v6JMQSN16p.VvNLvQkLh14mr9U xBPpmU8kENpE8CXVr7z5FWnJGgBXilog.rFkMZFF1oRiVHWTPM0OhiDfHpey81LNZ4leVj3y_1yx jXeifZi0f.GdDaV3UGUUmHl0B82S_dXyOPL9tTC9xyBEmnH2P2We76HVM_iMqtp1koqtqAcR74CE 2rjcn_SES9vi5JFh7HWm6MQdHKmn7ABnRcOvafMETwanYsccwmstihSAC.NxRWufDlGzw8HqaRhK ZacuJ6hRCZhLxuTK62SFFHzUhuty.alvoy0rv7h5EBoQ452Cpu1nszN2Jm945gbeYdA1BPDWYCFZ B_U9r0ovHiO.IepOPUBgubXgpaPwrwwGtG3Uzwf9MXLLopiPfHclk5lxQnY3ku5qq0Dl0YaNqY4_ _tB4AqchtcDJtj6bFD74NE0M35KjEBEuO4fCV7aGg3y5sFsBNiv.QyGDpelk_vvhO6zYT_5eVD5o EYtnJAdZuxxZi69Ea.tcYbHTK3RScaX52hUmaLmu7kY3MjEfP7pcSaC.zWFAWA_OeQATZQMg1URI lTiiXPsMHQKbYFvFrtecCZj1KOzxgOJJOR98oQqbHPwjXoaKSbBJ3g5QInTi7fzMD8gmOPRV.vsJ IXo2Oe.JqNV.84OM1urCtJGurqmOxWmqvrTovKQXnfcPIqpysbm59MsK5EXRE5hvfm4rCd9LXKxP eeQZAuEWSWPnSbTRkLz7j21Jbt8psK.OFpsiPsDOyEhaOvWPgM_XYSg4cxAgJc6vcCPLwMpkiXvW lEUDelS1ZCMENzS9MlyIMRZZ4ksESthkALjt0fRMPEY8DDjClS_cYvzVgqX5ixP6uZot6JbtJGc6 fHaXTlsnQslE_LvlwpO2geOAtB1oVryLoiE4p_D2WOu2uX8omWtT4gyTp7viNzvfDgft4htPVcDx CmLZr9b8DBgLivp9f1S72Gc2z444cKkXrZcaz3yZ2gsqEKsGkTdXFfKnoUCt1hefOGmTmJdlJPcC BCMFnch90R5SbgAesqP_15..kQ.hB7TLNyGLBIQQr0k9aFE5_5oAXLkcNRtCrv3s1X.7akuEA2d2 1mDinqTkpC7LrLfRTbX2SlYomV.azRYRyrStUfDIzFS9OZqi1QU48wyFL7UXpzpodD_ObskcJIj8 kFX6tVyWOwRdomFm7uz0BiDCG..kIinMOcn51bos8qU2PZ7d82zCRJjq3._dBNpartgIaXMHMf6c UMHTaygBXr9zWfqR48QzXezNWFTssmcEHcbglCJfxTaU3.8P4s5UTauc5KvYuy1e94d7grISPgz4 gR6x5g9feks1ExOuMx2.6xzVNsl2C8YJ6yn1Jm5uurc0WG91jf.aghuWaBHHmVUMqrZ8nQhwR4C_ 4xLvoofXR1y9dCWNuLNbe1TAxeM341bfxffHwJq8UHcKsrSVd3mBJdM939yuWjP5MLs9sIZqWhs3 cTdDnrh.z4D_UGuDA17pEXQjC9PQEjbbN8jQbb7c2mmPNGscogyuhTuxZ66xzHMNGsFH1vF0j2gX Y2RC64b2fBPDVUxKy2Vw8ksPUgRRr0Mv6qCga852H6SBm.PHNkDNBeKvqCehpzXFdv1AoGrJe42p AG_oYaQ7Kcme7rDYs8p0dTT1LA9JqivLJ.IMK5NsqdPjMrGcDgkuByd5DVr1_lhwB8n6CmcPlZiO pNqRuyzJCGXqAirdAbufOJGnu_E8Wyk67CAeUKl.KeYd3zUDAHf9biuLbincuYlJHmkwdVV1yLEs rUOTmhKKUolLTuN0cIVymBJ7b1BOdOOu3sArMwA5VqeJhlf2fD6fxXDo4LsrSeg53m80RnQA5VfD zbGQU.wUCqG9GmE.YgqdYK_IBJ47syNlYE2RFPmR8FtZfTKqqKznJfm5XQPrCf0HaOSrir23dwtQ dqwi_aEurkjQ4aVEsT4W_SRiWgolCwguIiekm.dh6jSfoA0YNCvkm3sq5lgU1d8rN5EVhtkOnO3C j8RUsEnYZagyY76N0bIr9Y.jrgGu3CUtQSbeeB485l8fkGNuu7j4bHqMhqrDxeTTV.Q_FJO4h1S8 RVXTxTx4NUWodMDu1TjjfQJe_mfEovHvNleMHzyF4inTb5lX4yPPjasmMmDlTMYAMI6fGumxqT5j UKuu45Lu4D6RJp5nYBLaMPeKtPpraXF_RuNO9zrQuOez54Yf5.79FsDyE0QgVgbEVEde.9C_BgDp 0pLUfO552DZlQ4hhdgwmpVY4gahY_wUXpZCE2SPF2ZHL.9mm5mIrNsDUDWtr4ox.kWxbjBaDC7w3 wDvMr9gsh_145vZlJpAQi._f5O8NZjD864_1Rg5M- X-Sonic-MF: X-Sonic-ID: ed5a5fd5-3af3-47d6-9082-e6de0ac57df8 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:42:40 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5fec0e30966313b56a0d7e944fb52df1; Wed, 09 Oct 2024 17:32:29 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 02/13] LSM: Use lsm_prop in security_audit_rule_match Date: Wed, 9 Oct 2024 10:32:10 -0700 Message-ID: <20241009173222.12219-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the secid parameter of security_audit_rule_match to a lsm_prop structure pointer. Pass the entry from the lsm_prop structure for the approprite slot to the LSM hook. Change the users of security_audit_rule_match to use the lsm_prop instead of a u32. The scaffolding function lsmprop_init() fills the structure with the value of the old secid, ensuring that it is available to the appropriate module hook. The sources of the secid, security_task_getsecid() and security_inode_getsecid(), will be converted to use the lsm_prop structure later in the series. At that point the use of lsmprop_init() is dropped. Signed-off-by: Casey Schaufler --- include/linux/lsm_hook_defs.h | 3 ++- include/linux/security.h | 7 ++++--- kernel/auditfilter.c | 11 +++++++---- kernel/auditsc.c | 18 ++++++++++++++---- security/apparmor/audit.c | 8 ++++++-- security/apparmor/include/audit.h | 2 +- security/integrity/ima/ima.h | 2 +- security/integrity/ima/ima_policy.c | 11 +++++++---- security/security.c | 7 ++++--- security/selinux/include/audit.h | 4 ++-- security/selinux/ss/services.c | 10 +++++++--- security/smack/smack_lsm.c | 11 ++++++++--- 12 files changed, 63 insertions(+), 31 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 9eca013aa5e1..ea7f17e37756 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -416,7 +416,8 @@ LSM_HOOK(void, LSM_RET_VOID, key_post_create_or_update, struct key *keyring, LSM_HOOK(int, 0, audit_rule_init, u32 field, u32 op, char *rulestr, void **lsmrule, gfp_t gfp) LSM_HOOK(int, 0, audit_rule_known, struct audit_krule *krule) -LSM_HOOK(int, 0, audit_rule_match, u32 secid, u32 field, u32 op, void *lsmrule) +LSM_HOOK(int, 0, audit_rule_match, struct lsm_prop *prop, u32 field, u32 op, + void *lsmrule) LSM_HOOK(void, LSM_RET_VOID, audit_rule_free, void *lsmrule) #endif /* CONFIG_AUDIT */ diff --git a/include/linux/security.h b/include/linux/security.h index 555249a8d121..a4f020491e7c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2115,7 +2115,8 @@ static inline void security_key_post_create_or_update(struct key *keyring, int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule, gfp_t gfp); int security_audit_rule_known(struct audit_krule *krule); -int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule); +int security_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *lsmrule); void security_audit_rule_free(void *lsmrule); #else @@ -2131,8 +2132,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) return 0; } -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, - void *lsmrule) +static inline int security_audit_rule_match(struct lsm_prop *prop, u32 field, + u32 op, void *lsmrule) { return 0; } diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 470041c49a44..288a2092fd0d 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1339,8 +1339,8 @@ int audit_filter(int msgtype, unsigned int listtype) for (i = 0; i < e->rule.field_count; i++) { struct audit_field *f = &e->rule.fields[i]; + struct lsm_prop prop = { }; pid_t pid; - u32 sid; switch (f->type) { case AUDIT_PID: @@ -1370,9 +1370,12 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_SEN: case AUDIT_SUBJ_CLR: if (f->lsm_rule) { - security_current_getsecid_subj(&sid); - result = security_audit_rule_match(sid, - f->type, f->op, f->lsm_rule); + /* scaffolding */ + security_current_getsecid_subj( + &prop.scaffold.secid); + result = security_audit_rule_match( + &prop, f->type, f->op, + f->lsm_rule); } break; case AUDIT_EXE: diff --git a/kernel/auditsc.c b/kernel/auditsc.c index cd57053b4a69..aaf672a962d6 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -471,6 +471,7 @@ static int audit_filter_rules(struct task_struct *tsk, const struct cred *cred; int i, need_sid = 1; u32 sid; + struct lsm_prop prop = { }; unsigned int sessionid; if (ctx && rule->prio <= ctx->prio) @@ -681,7 +682,10 @@ static int audit_filter_rules(struct task_struct *tsk, security_current_getsecid_subj(&sid); need_sid = 0; } - result = security_audit_rule_match(sid, f->type, + /* scaffolding */ + prop.scaffold.secid = sid; + result = security_audit_rule_match(&prop, + f->type, f->op, f->lsm_rule); } @@ -696,15 +700,19 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_rule) { /* Find files that match */ if (name) { + /* scaffolding */ + prop.scaffold.secid = name->osid; result = security_audit_rule_match( - name->osid, + &prop, f->type, f->op, f->lsm_rule); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { + /* scaffolding */ + prop.scaffold.secid = n->osid; if (security_audit_rule_match( - n->osid, + &prop, f->type, f->op, f->lsm_rule)) { @@ -716,7 +724,9 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - if (security_audit_rule_match(ctx->ipc.osid, + /* scaffolding */ + prop.scaffold.secid = ctx->ipc.osid; + if (security_audit_rule_match(&prop, f->type, f->op, f->lsm_rule)) ++result; diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c index 6b5181c668b5..87df6fa2a48d 100644 --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -264,13 +264,17 @@ int aa_audit_rule_known(struct audit_krule *rule) return 0; } -int aa_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) +int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) { struct aa_audit_rule *rule = vrule; struct aa_label *label; int found = 0; - label = aa_secid_to_label(sid); + /* scaffolding */ + if (!prop->apparmor.label && prop->scaffold.secid) + label = aa_secid_to_label(prop->scaffold.secid); + else + label = prop->apparmor.label; if (!label) return -ENOENT; diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h index 0c8cc86b417b..e27229349abb 100644 --- a/security/apparmor/include/audit.h +++ b/security/apparmor/include/audit.h @@ -202,6 +202,6 @@ static inline int complain_error(int error) void aa_audit_rule_free(void *vrule); int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule, gfp_t gfp); int aa_audit_rule_known(struct audit_krule *rule); -int aa_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule); +int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule); #endif /* __AA_AUDIT_H */ diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 3c323ca213d4..cdfe8c8c7bac 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -555,7 +555,7 @@ static inline void ima_filter_rule_free(void *lsmrule) { } -static inline int ima_filter_rule_match(u32 secid, u32 field, u32 op, +static inline int ima_filter_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *lsmrule) { return -EINVAL; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 09da8e639239..22a62e675ebc 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -635,7 +635,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; - u32 osid; + struct lsm_prop prop = { }; if (!lsm_rule->lsm[i].rule) { if (!lsm_rule->lsm[i].args_p) @@ -649,15 +649,18 @@ static bool ima_match_rules(struct ima_rule_entry *rule, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - security_inode_getsecid(inode, &osid); - rc = ima_filter_rule_match(osid, lsm_rule->lsm[i].type, + /* scaffolding */ + security_inode_getsecid(inode, &prop.scaffold.secid); + rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); break; case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - rc = ima_filter_rule_match(secid, lsm_rule->lsm[i].type, + /* scaffolding */ + prop.scaffold.secid = secid; + rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); break; diff --git a/security/security.c b/security/security.c index 6875eb4a59fc..deab7f912e12 100644 --- a/security/security.c +++ b/security/security.c @@ -5570,7 +5570,7 @@ void security_audit_rule_free(void *lsmrule) /** * security_audit_rule_match() - Check if a label matches an audit rule - * @secid: security label + * @prop: security label * @field: LSM audit field * @op: matching operator * @lsmrule: audit rule @@ -5581,9 +5581,10 @@ void security_audit_rule_free(void *lsmrule) * Return: Returns 1 if secid matches the rule, 0 if it does not, -ERRNO on * failure. */ -int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule) +int security_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *lsmrule) { - return call_int_hook(audit_rule_match, secid, field, op, lsmrule); + return call_int_hook(audit_rule_match, prop, field, op, lsmrule); } #endif /* CONFIG_AUDIT */ diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h index 168d17be7df3..c745ea2a993d 100644 --- a/security/selinux/include/audit.h +++ b/security/selinux/include/audit.h @@ -41,7 +41,7 @@ void selinux_audit_rule_free(void *rule); /** * selinux_audit_rule_match - determine if a context ID matches a rule. - * @sid: the context ID to check + * @prop: includes the context ID to check * @field: the field this rule refers to * @op: the operator the rule uses * @rule: pointer to the audit rule to check against @@ -49,7 +49,7 @@ void selinux_audit_rule_free(void *rule); * Returns 1 if the context id matches the rule, 0 if it does not, and * -errno on failure. */ -int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule); +int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *rule); /** * selinux_audit_rule_known - check to see if rule contains selinux fields. diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index a9830fbfc5c6..e0c14773a7b7 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3635,7 +3635,7 @@ int selinux_audit_rule_known(struct audit_krule *rule) return 0; } -int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) +int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) { struct selinux_state *state = &selinux_state; struct selinux_policy *policy; @@ -3661,10 +3661,14 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) goto out; } - ctxt = sidtab_search(policy->sidtab, sid); + /* scaffolding */ + if (!prop->selinux.secid && prop->scaffold.secid) + prop->selinux.secid = prop->scaffold.secid; + + ctxt = sidtab_search(policy->sidtab, prop->selinux.secid); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", - sid); + prop->selinux.secid); match = -ENOENT; goto out; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 370fd594da12..535233ad7203 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4757,7 +4757,7 @@ static int smack_audit_rule_known(struct audit_krule *krule) /** * smack_audit_rule_match - Audit given object ? - * @secid: security id for identifying the object to test + * @prop: security id for identifying the object to test * @field: audit rule flags given from user-space * @op: required testing operator * @vrule: smack internal rule presentation @@ -4765,7 +4765,8 @@ static int smack_audit_rule_known(struct audit_krule *krule) * The core Audit hook. It's used to take the decision of * whether to audit or not to audit a given object. */ -static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule) +static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *vrule) { struct smack_known *skp; char *rule = vrule; @@ -4778,7 +4779,11 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule) if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER) return 0; - skp = smack_from_secid(secid); + /* scaffolding */ + if (!prop->smack.skp && prop->scaffold.secid) + skp = smack_from_secid(prop->scaffold.secid); + else + skp = prop->smack.skp; /* * No need to do string comparisons. If a match occurs, From patchwork Wed Oct 9 17:32:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828909 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-26.consmr.mail.ne1.yahoo.com (sonic314-26.consmr.mail.ne1.yahoo.com [66.163.189.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C689E1E3DF5 for ; Wed, 9 Oct 2024 17:42:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.152 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495761; cv=none; b=PGQv/OSPqZgrw/PaHjhsyTgTDbzDmwrlx1dA6IjsWwdQ2/UuEb1kfqO55z1wzKKIBo9Q032l0gFzuIKxbXBGT1vSGStD5dgbeY3lQ/0B1Ok7mjg8PDXW5EPvWXzGhewGu+dRaylqx7A4wiz0v62E/E6xzhlLb9TmPJJqMC2EqmM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495761; c=relaxed/simple; bh=L+nT5A49Zpad39+W45iDZCJnvqQDLPCB/43/jzoByAw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=CZgF9UrY4V2uomwSwWFy0wV4bjTgoTPBWkqz3OPx6ghL47QEP1X7JKhUQBiYuaCDvoHoapfmUDoV3y9cup3RBFH0qPKnLj+79Ri/BoPD228cvPGu7f2dfRvOckWoPFHTu5VBEMnzJ1ijXEAlcRZbfg7qCF2udkFJD8q9hPLN/UM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=tbU9JQai; arc=none smtp.client-ip=66.163.189.152 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="tbU9JQai" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495759; bh=Cpk51SpSswLb8zqj4JWU2D1YDhH9z3g/tkg89qumsLk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=tbU9JQaijTV2gUzeDZEI2GylePl+qqTQ/7Icmv61CJHcVYQkJNt7PY3EVBNawf09mitZyV9g3iETF7kWOQ686iP/khJNdJ+V3s1b8m45tdZ1X+rhoEjusfAP5L3qglZdai0IRaVNvkRCSkIeQytjT+Qd88a+REbVokIka6eIs4VdepBsp+Z4LI3NtkTNl6gt4ZxyPyyd3SaW6sGSozJ2yPf+hp9s5TL+xhBAu+DHhHjDM/PeGH/aaO6QxjFuV2ZG6MkWT2LWI1RG9PHlq5tekp0bbDsjprcijMuVrooCYgPrWcRH6GxUEwNkT0gLjH/D/4pMNrxgxRuLQJ7+UvetkA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495759; bh=MVmbfNqtkDbbWR2nMvOh6s9lnlTnH8EQKZoUWgamG+X=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=XLDfAuMIe6XWwkMnzlAOH8wecXe33HRaesJnV37l7GEkr75pHHva1/B/R0YoTuL4/j3KUjfTej4I1D11nquvBd0pkQuUQEynv/SClHbTmwy1Ot7nFDxCRnn/Q2BYVvZJ0rpdD/eY0kCKZ9HVbNGRtuX9J7C84Kdokp7t97JItmT2NMxof9BKsdLsbaZ+1MZ+bkqLS2eWEja1WBg5UxrGLgYFiSzr8dfKIja/knukzEdWQu/q3znvfnRxR/sfte9xBJN/nahioK+by++QRZXGwzwrLQvEWiku0RriCJfb6BeuaMxGFbkYZHd/ejHdty1ylaAp0srDfjcgSFF4yN5zpg== X-YMail-OSG: xGfZXK8VM1nvmTgwd_UaBD4ReNZ._fOMXmwDfzKyXGsXsZkPgUz4WCmsOydQjNN 4vPt9dSTRoQtYJOaspB6d5Vxt7gRcS_LHYCVPDRJY.TMPhqj0f8_wS0AiVXYiIYLmaWAZHs2MD_C n67_zx_I2oK9exXzOvJW1uTQFAkoglkFBFRhzY9gaVq4nVFDqkUogGAd6Idb.3g..sFz2a.eIho5 jvVPmm_ViIYNdzPnKpeOfQgdapQJXbSMhE57WhQ0vuBYtnLAkMExqdgRPqQPF8dORJQId6MY0UK6 HhvLAnE2wt6mO8U8OOrIULom7Ekm5F7ORn0HP90ov5bqPXyM3oAjmlAy_c1S6UWRKRkbNGM_rUNa 0ltcIME83TqKTBFF8MCktfZjVd2zt398nXYOLR5leATatIINN3X5wcnxAfjd69AIPSisJPSSr46B v01Ipp9lnqF9zGCzXlBdV1iyRyYhjri2rvsYBRUSSgoQ.VbULidPoCEOwBD7CkFlGxP1SK.E6vCA 3vebnYkCsEUpJCyHKB95DZmZAGCF6nGHSptaaxnI2MrOHnULI5RQDPKCxi4xYEgWFCQt3Wp6iSIY 2mOFkO6Hqwg5kkkrLJlc1uUtnd8soVgnOzJ9VLtg22kHZ0GM6YT9k.YbELgImAx626uAnL7A5k4T 5m8wKPIlFc8rAd3rC.z._aSHt7y9cVPZFqQMxnBsEre2NsC8tl6ENITEE9UoEtwglxrg5YGjiL96 GGbKNksBr61Oi4eKP.cCW8f8fKMeEexWqhCGl78gnqNYR1Lw3rLPtoJTnZ8uZYGRdTHxt4mxBXzJ Gxy1BnT8VjQ_snioDaq0MBDbf2HgXbCxnhuVxPROtffUyphi6AnvhLAjajQMMix87wpbA2E537y0 GFN_9cXsOk1zLso_w3vpu98OaH5RYpYg1JGto7sy8xqoEA2mVnwuUkLZnP10IJ7AqwGxGVZ7azDg _Zzp1M2CFUs.0gXlG.1Wd7bKE7cFnnLLPb6LG2E6Dh1BrDQSc2sFp9dSeWhdDLPS5yXKvidL_e5f SGebjGZ22EsDa5m5KM4DgCN_DSIZEhPPKM7Y03YaxVFNx2c3Inq5f22Iqh1YFMZouZzSa1_TDsBM 0.3OMm5nnmUWek24jddvy8igvzy8MmTLTBFCKh7GbNeCfvTrwQ_eDzHOfftJa9vrDLtej6_5yyIU SsK7lffHANSZ1DHFiSwfftOBOMfb3Vhdzjtsfkj10C7od43Ty9cvpSmFh92K8eXtW1hfghXxc4qx HI.hiLIaIz2Q76Ar5q8WtzKwc7MMxyw5MfTFdoFajMpnul2vhtGVGZGbUXTCkLU_nztNmBGhhp6q hqzj7AS_I8eynU67b30le09uvK3llVHgu43Cl8zTRmDDc9Ct4JBTl_OCZR.WqfWVQ7QTJknHNUE8 9EcCHo6btWJMFebbqEBig9_jUYLrFe5vlaOFn95GAUNIe8s8Px1TkeJ1QR4_A8fNE_SujcDCLxHX ESTAPLI5kkUhtWUo4aa3tmcRlfJBw0b55v0xFupaCs8Uy3UhcVCtRuqtltAbWiZRvhCDQT1KO36v oIUlXYXmwNV0kH6w_gJCkm.d0TiLhpMbLv76FfTvP8hxx.tGZh0mPZXjC7zd6dEvjbiXlYIBq73M R_FHqig0nECUxCNFxwlbuPx2IrIWclb9PSp3_ohMR0A9QjWCIj6uZPajpgKRTWdNkvE3tEpuMGxq GryErj3Oz9n.yIt3xwtyv.nyyMf4yJYF9_QyFEUENdIuifRoXFdmm563BMRKWSb_6q7tbGsN.UJY uHx87Qas_KIvp4YeZ.j2fCnN7.AP_d0r3xhRY_abk1TA4FKeefPl2fUPLAXBEbJ1j8L99CTzQmXd JikX9JokLUBndEo4dWdFsv6R_7ORRePmkbYVOB4LihSovcahLlggF1oTZ5lWV7kJMU0YyKSyq7Fy ue6V3fizuacOc8Nzs5nfIg_fFZi20rrhO5ZrIEvayCfjtc_qBwFwxTvKhOzjs0MwdbYdeHfiwEJG oX6FtBxbcwHfyf2aECPTr5a9n3aAYC4fyNFruf1EGYHNoGJZL7zLrjOGudDBOEYzf8UsVuS8CgoO kfdlBtKbRRhPlqbwkUq1uIt6G.lzQ69_mlXpGRNsg7QB5j8E7j7Uoe2LwEe5SHV3Adt2UHRPSqKM 1Z3R077OZOanHJIbJKKyCwNRC93L4YstuTxsoWsFTgu4dU8sRbL1InXnMFSlKNvl8nwEErRUv_8D yRm.Ox6e4VNibcbviyEA30WyQlzGq.idce.Z1ISu39HKXikDMt2GgvHXeBg8madiy8Xqqga7a8_m yiHVloFPKexxOVpYPByS2oVki3UmMfWU_gbVOAwM- X-Sonic-MF: X-Sonic-ID: c36f62ee-4271-4f63-80b7-9b25354e43d1 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:42:39 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5fec0e30966313b56a0d7e944fb52df1; Wed, 09 Oct 2024 17:32:30 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 03/13] LSM: Add lsmprop_to_secctx hook Date: Wed, 9 Oct 2024 10:32:11 -0700 Message-ID: <20241009173222.12219-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add a new hook security_lsmprop_to_secctx() and its LSM specific implementations. The LSM specific code will use the lsm_prop element allocated for that module. This allows for the possibility that more than one module may be called upon to translate a secid to a string, as can occur in the audit code. Signed-off-by: Casey Schaufler --- include/linux/lsm_hook_defs.h | 2 ++ include/linux/security.h | 10 +++++++++- security/apparmor/include/secid.h | 2 ++ security/apparmor/lsm.c | 1 + security/apparmor/secid.c | 25 +++++++++++++++++++++++-- security/security.c | 21 +++++++++++++++++++++ security/selinux/hooks.c | 16 ++++++++++++++-- security/selinux/include/audit.h | 3 ++- security/smack/smack_lsm.c | 31 ++++++++++++++++++++++++++----- 9 files changed, 100 insertions(+), 11 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index ea7f17e37756..ed6ea0b1ec57 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -294,6 +294,8 @@ LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) LSM_HOOK(int, 0, ismaclabel, const char *name) LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata, u32 *seclen) +LSM_HOOK(int, -EOPNOTSUPP, lsmprop_to_secctx, struct lsm_prop *prop, + char **secdata, u32 *seclen) LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) LSM_HOOK(void, LSM_RET_VOID, release_secctx, char *secdata, u32 seclen) LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) diff --git a/include/linux/security.h b/include/linux/security.h index a4f020491e7c..f1c68e38b15d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -535,6 +535,7 @@ int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); +int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, u32 *seclen); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(char *secdata, u32 seclen); void security_inode_invalidate_secctx(struct inode *inode); @@ -1488,7 +1489,14 @@ static inline int security_ismaclabel(const char *name) return 0; } -static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static inline int security_secid_to_secctx(u32 secid, char **secdata, + u32 *seclen) +{ + return -EOPNOTSUPP; +} + +static inline int security_lsmprop_to_secctx(struct lsm_prop *prop, + char **secdata, u32 *seclen) { return -EOPNOTSUPP; } diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h index a912a5d5d04f..cc6d1c9f4a47 100644 --- a/security/apparmor/include/secid.h +++ b/security/apparmor/include/secid.h @@ -26,6 +26,8 @@ extern int apparmor_display_secid_mode; struct aa_label *aa_secid_to_label(u32 secid); int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); +int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen); int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void apparmor_release_secctx(char *secdata, u32 seclen); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index f5d05297d59e..a58b72ed246c 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1517,6 +1517,7 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { #endif LSM_HOOK_INIT(secid_to_secctx, apparmor_secid_to_secctx), + LSM_HOOK_INIT(lsmprop_to_secctx, apparmor_lsmprop_to_secctx), LSM_HOOK_INIT(secctx_to_secid, apparmor_secctx_to_secid), LSM_HOOK_INIT(release_secctx, apparmor_release_secctx), diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 83d3d1e6d9dc..34610888559f 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -61,10 +61,10 @@ struct aa_label *aa_secid_to_label(u32 secid) return xa_load(&aa_secids, secid); } -int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +static int apparmor_label_to_secctx(struct aa_label *label, char **secdata, + u32 *seclen) { /* TODO: cache secctx and ref count so we don't have to recreate */ - struct aa_label *label = aa_secid_to_label(secid); int flags = FLAG_VIEW_SUBNS | FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT; int len; @@ -90,6 +90,27 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) return 0; } +int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) +{ + struct aa_label *label = aa_secid_to_label(secid); + + return apparmor_label_to_secctx(label, secdata, seclen); +} + +int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + struct aa_label *label; + + /* scaffolding */ + if (!prop->apparmor.label && prop->scaffold.secid) + label = aa_secid_to_label(prop->scaffold.secid); + else + label = prop->apparmor.label; + + return apparmor_label_to_secctx(label, secdata, seclen); +} + int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) { struct aa_label *label; diff --git a/security/security.c b/security/security.c index deab7f912e12..1842f1325e77 100644 --- a/security/security.c +++ b/security/security.c @@ -4311,6 +4311,27 @@ int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) } EXPORT_SYMBOL(security_secid_to_secctx); +/** + * security_lsmprop_to_secctx() - Convert a lsm_prop to a secctx + * @prop: lsm specific information + * @secdata: secctx + * @seclen: secctx length + * + * Convert a @prop entry to security context. If @secdata is NULL the + * length of the result will be returned in @seclen, but no @secdata + * will be returned. This does mean that the length could change between + * calls to check the length and the next call which actually allocates + * and returns the @secdata. + * + * Return: Return 0 on success, error on failure. + */ +int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + return call_int_hook(lsmprop_to_secctx, prop, secdata, seclen); +} +EXPORT_SYMBOL(security_lsmprop_to_secctx); + /** * security_secctx_to_secid() - Convert a secctx to a secid * @secdata: secctx diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index fc926d3cac6e..6e88faf3c6e5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6601,8 +6601,19 @@ static int selinux_ismaclabel(const char *name) static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) { - return security_sid_to_context(secid, - secdata, seclen); + return security_sid_to_context(secid, secdata, seclen); +} + +static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + u32 secid = prop->selinux.secid; + + /* scaffolding */ + if (!secid) + secid = prop->scaffold.secid; + + return selinux_secid_to_secctx(secid, secdata, seclen); } static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) @@ -7347,6 +7358,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), + LSM_HOOK_INIT(lsmprop_to_secctx, selinux_lsmprop_to_secctx), LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h index c745ea2a993d..d5b0425055e4 100644 --- a/security/selinux/include/audit.h +++ b/security/selinux/include/audit.h @@ -49,7 +49,8 @@ void selinux_audit_rule_free(void *rule); * Returns 1 if the context id matches the rule, 0 if it does not, and * -errno on failure. */ -int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *rule); +int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, + void *rule); /** * selinux_audit_rule_known - check to see if rule contains selinux fields. diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 535233ad7203..66da7cbcc0b7 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4768,7 +4768,7 @@ static int smack_audit_rule_known(struct audit_krule *krule) static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) { - struct smack_known *skp; + struct smack_known *skp = prop->smack.skp; char *rule = vrule; if (unlikely(!rule)) { @@ -4780,10 +4780,8 @@ static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, return 0; /* scaffolding */ - if (!prop->smack.skp && prop->scaffold.secid) + if (!skp && prop->scaffold.secid) skp = smack_from_secid(prop->scaffold.secid); - else - skp = prop->smack.skp; /* * No need to do string comparisons. If a match occurs, @@ -4814,7 +4812,6 @@ static int smack_ismaclabel(const char *name) return (strcmp(name, XATTR_SMACK_SUFFIX) == 0); } - /** * smack_secid_to_secctx - return the smack label for a secid * @secid: incoming integer @@ -4833,6 +4830,29 @@ static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) return 0; } +/** + * smack_lsmprop_to_secctx - return the smack label + * @prop: includes incoming Smack data + * @secdata: destination + * @seclen: how long it is + * + * Exists for audit code. + */ +static int smack_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, + u32 *seclen) +{ + struct smack_known *skp = prop->smack.skp; + + /* scaffolding */ + if (!skp && prop->scaffold.secid) + skp = smack_from_secid(prop->scaffold.secid); + + if (secdata) + *secdata = skp->smk_known; + *seclen = strlen(skp->smk_known); + return 0; +} + /** * smack_secctx_to_secid - return the secid for a smack label * @secdata: smack label @@ -5192,6 +5212,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), + LSM_HOOK_INIT(lsmprop_to_secctx, smack_lsmprop_to_secctx), LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), From patchwork Wed Oct 9 17:32:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828873 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 344DD16F0E8 for ; Wed, 9 Oct 2024 17:34:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495250; cv=none; b=Ucwv8bFL2ylRPrsQb8GnTc+TYLLijaIQKck2wjP5p+Lc/QketqMKzKQ+iZlvsAgI+UOilES6HQ0DJD49xRikVnHoDfyo9Pv/YvztzkVy9fgoMI896TQ7in6eMjKZFR//kAuPX8XJEXvxh43gKjQ5K2uKn8dIqdm1v+e9GAhwoXM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495250; c=relaxed/simple; bh=FyZL+jVtpf/tYxhn0EH8VQfz1LJ7CjgK0uyii/nDry0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=J4I3XqHPZIq6xwJfhB05S8vVpg/ZfLik3K0YV/lDIljPhZuxfbyK1oOfMu8rrokZwD0Z1UVd3lqn0p4/o8tHHQxJ75yfLUdUMxMZL6wI70lccjpnzNCr/rfXio8KqWD21VRxTHiFRM4iPMOeCYbe+4pR9MAk12eMZVvBSARJOyw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=LvonbgFw; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="LvonbgFw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495246; bh=VYsNlM7MDoh1w0refd1WTiBThNASgo71a3RwWgcl4/0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=LvonbgFw2Rl2IS0tH08gK2X53SH40liToR8GRU/BVeFHW/2jZHPeLR3Z/7OM/fQM4Rv1ydbSBV9lDd7JPNgbHJqBPc2ge3phQa/GNMGyxWx6jon1q+lbBPLDKR+2NaE3sHSeuTkSBnTj7Y07zZQYJzv04CqQ6Fy3KWAiQjM7p6a1AFNhgm5j/AFOFNW8RhxIT0mp+n56TRtVBYUo8s/j/GRwpvkrXHHcAYbBovVS2Cwo+oYeovJOUQGRe5miwSomKYCKLyA4XTM9Zs2KQfzc28a/2SmST0FnpS8z3Rwf6Q81vXf+Z3Io3XwCyPz2F3l8pxNmZKHFGulFKp/XYt/Y4g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495246; bh=F1NHCbXKJMETsP6fWTs1XGS+bnK5mUHVFJIHkOgDe6u=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=qjQe1ZDaHYIIQAQx0EnVwRxcYy36r4murrWvuRBJAiZv+UDU18jWmqCCIK4/ggyjzNqwzBkqvJL0YAo+pcHYHRkaRd0ah25JSpWVHw9ZkO4M3xroCIOv62cQ5ITaA7UzOEM6GpZ+fluZUr8nHNtvzqud9820aSf5qSbym3G1kS5VgGulmQZviqgG+06Qy1MTjTcmZp4ea3zWESK3DIEPzU+Aqy7AByONgF2b4TjBx+8o1uhSoyLo6cfNty9KoF3V4E+UN8dHwwqVJDdtvqgCx2ei+oM/cgF6l53wifQ6cwRkyeO1gHH0MjLNYYlyHPgLGzl8tH+WJxoK5iilxJPhwQ== X-YMail-OSG: iTph0FUVM1kN3HW.L4HLw84AhaHjg3jXRLplpeK83trgzaICP2sCyk1keOXVVnS DG5C0gtMPu33AiXRoBfCOMe2UOFQEYrAUZhRa5mSVn49X4dLInohkoZzsS7ejrAeAd3_wRnoSvCo SvnczOyFEayLtJXPlBM00i5vdl.8hu8XUqxC.8A3yqLjN1zg.tMCgnRxM2xmr8Ap_ObsOfAz7lqs s7H969tIi10uMjqPFyyLgbmyV5BJi1P_bh7ef1jiE.Pck_CKXv78IscTkGjVBKZP3i.oKCMAAN2X g9ABtl1E3BC8FwEKizDji6Kqo2TX3W.An.HdvZdwFgYSNjj9yQorwIV60oiHtWB2uBMmwu5yVXlw DNuitCCYEOMKpT5GELlUEh8yfBMk5Rd_fOJb2Sq63VmM.c9BCAKObrdlOmFuzjs1bhImI_7CljDR mhlhSFEJQwog5.fphVQWmKxARJ8FRYkez5Rt6OM4HqG.hWTz9Dowm1.OJlwSvYvRWcxUKsPHCBDQ uCHNI9sE.idzvvbuINUbfo2PY6Jd8lEmBhDURXOCQHpbFg3MvAg_b_WqtyB3vFHWrqgjUgZbGmzz jJve_HRl4SKgOWaFXSbJuCnDhM57VguVob7AvukQzqU3ZXWFHkagqsBFaduyLUM9vExGRRhq4SUv eMuRL_ABwwCzmNxcLnzAeJ6jQEGPlzp2YLzKa7P9kQzD.DTGGoj_wbS5oe3dzzh4iIbf9nSglOaj FlxHPGeqPN61R8lVm_b_sPSndQ7R1x1zERla.Y_rqEuM5lNvYYLf2lP2VwgtpyFV0YaGLHafHuX5 fW1_Umg4Jr2RPki1rWKuVBo.l4VjAWcgsReGxLZmlhNaY3nC0CJbdGgMY3RgSRSRivhXUiVsXyoq dqYDdDP.pvnVe_BWuqQ5GP.40VE6RZzA6HgZ8AkDJ.gaFpsdYxv5BV3iOun4iQhiMEuGl_N4.n48 LR7YS8dvimuRchKlSkoCtk4qXzZyqM4cgkwDKNrwYSX_OsZvq5EgJq4Ic7C2mOl3VIyPedT.ZYwn 1dESMJan5pl97sFGvgNRCJYLU_lCbJzJr2cpSJwkC6E9Dic.777jC0gbVsD6W3hy01JubAIZpryY xCYqx8Z.A6fhGuk6pUhRLoFfPm7INP_g2p5T_SVLSdO099uR9HygvmoPCmJUHe4j17lbDbeOcGZZ 9nZHWrVfgjudWlUVJY3jlyGkUx0GpatPM7t.mgjXCTOB5npJWOBW47l81of6UNn1_.Jd5hIg0d41 hrileDyNyLuuEly_c.7FSb89Gtg4PFx1qIQXLAgc2ZJyzwBCyTgYF4aK8BieKoxhpzX7ON6ktK4O ef94hUH0uX.7pxcNxwJlQyxb95q01vITs9A32A2dmeJEgMho2IetKWG.nV4OR4qw_TM.5f_amaAe v376YCRj2KysxZThrxaIVwQOwJftXDp5WE.Jfaxa2LtcOYXvHEbowmzLUhNyw8uEAYJ5kl6L4TGl jRko.oUzcyYqpzaOwTVpTp6idZ35ZPBgsVHmt9tY5GdAdU05gDsMWmmHEfpbFGzmMM2LA2pou4QJ IRhHLv_.aJLEL4e9ZDdkPE6Rcb6w5boOkR5s_GArrcP2hAdNqTsjLIRag2TzSSSrozhahW6Sbjny 5a_zImP8_TGM7HUJ.vgyFWqxsl92M_fnlTS7IRewvSdvEfzhb2cpGpRZbhbwcU9u3MOe5qujqnuo dtEhiv19GuH5NUDzRI5k9U5FFR2OumXeWUN8.LxyNZ4LlB43zrzRFr3HAVzIUnKzKEXYz5yyBUb_ zNqhdZHiZ7QaD7VGvAjtTTpH3oWOcg_1AClwxt8TGQwW18TFtR4oECkUsKUFJKefausHA1lLmTJx 6YIZEC8y_qB52uhSJYxxn9fCWWEjBWk0jpdv93C.ZQYuwo3F2j01cS2jzjM6LEY9gUXOB70EMhHY g4cnebk1M5rsYdRxkOjdQ.IbXAohshEmnBxgH2SdijM7tQt74g0CkdCkOZM_3diajNPpzhS5Ndj_ .GQQ7JoiUEZwnwqUkJskmq5T0DIiK3PRywCgLZ0jF6ZTQ5sD5RMVraQvFq4wac.Jw3K46qafcy6s oobxx3lvGIaDMz.pEggQWMNBzKwVZS9wM22KSok.y_TZzZJTBEH0bjTbln87gPtNWeErM_D3sTFw xqFRMCUjeK7dTQFKjXvUYmtiwR1l9SBZNuZioo8FO77QKLHo9MtbYdZaj2jpoFtjJN2rX37RuAsv b65fEDadGxoheDtf1YVyNsp173g6S.a_EFgWab_RqRR5xTGqxB0pBhAovXBBFmvHoQC3f1vD9HTL bJK8GAJgaTGq6_XIjV3TbGwz8xv4.WMtRdS_S X-Sonic-MF: X-Sonic-ID: 16617802-1c8b-43b6-9667-7bf386e0d09e Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:34:06 +0000 Received: by hermes--production-gq1-5d95dc458-6q8w6 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID a7e77129a0d9b2a8b8a48f1f6322a7dc; Wed, 09 Oct 2024 17:34:04 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 04/13] Audit: maintain an lsm_prop in audit_context Date: Wed, 9 Oct 2024 10:32:12 -0700 Message-ID: <20241009173222.12219-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the secid value stored in struct audit_context with a struct lsm_prop. Change the code that uses this value to accommodate the change. security_audit_rule_match() expects a lsm_prop, so existing scaffolding can be removed. A call to security_secid_to_secctx() is changed to security_lsmprop_to_secctx(). The call to security_ipc_getsecid() is scaffolded. A new function lsmprop_is_set() is introduced to identify whether an lsm_prop contains a non-zero value. Signed-off-by: Casey Schaufler --- include/linux/security.h | 24 ++++++++++++++++++++++++ kernel/audit.h | 3 ++- kernel/auditsc.c | 19 ++++++++----------- 3 files changed, 34 insertions(+), 12 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index f1c68e38b15d..5652baa4ca3c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -291,6 +291,19 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id) #ifdef CONFIG_SECURITY +/** + * lsmprop_is_set - report if there is a value in the lsm_prop + * @prop: Pointer to the exported LSM data + * + * Returns true if there is a value set, false otherwise + */ +static inline bool lsm_prop_is_set(struct lsm_prop *prop) +{ + const struct lsm_prop empty = {}; + + return !!memcmp(prop, &empty, sizeof(*prop)); +} + int call_blocking_lsm_notifier(enum lsm_event event, void *data); int register_blocking_lsm_notifier(struct notifier_block *nb); int unregister_blocking_lsm_notifier(struct notifier_block *nb); @@ -552,6 +565,17 @@ int security_bdev_setintegrity(struct block_device *bdev, size_t size); #else /* CONFIG_SECURITY */ +/** + * lsmprop_is_set - report if there is a value in the lsm_prop + * @prop: Pointer to the exported LSM data + * + * Returns true if there is a value set, false otherwise + */ +static inline bool lsm_prop_is_set(struct lsm_prop *prop) +{ + return false; +} + static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) { return 0; diff --git a/kernel/audit.h b/kernel/audit.h index a60d2840559e..d14924a887c9 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -11,6 +11,7 @@ #include #include +#include #include #include #include @@ -160,7 +161,7 @@ struct audit_context { kuid_t uid; kgid_t gid; umode_t mode; - u32 osid; + struct lsm_prop oprop; int has_perm; uid_t perm_uid; gid_t perm_gid; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index aaf672a962d6..e89499819817 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -724,9 +724,7 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - /* scaffolding */ - prop.scaffold.secid = ctx->ipc.osid; - if (security_audit_rule_match(&prop, + if (security_audit_rule_match(&ctx->ipc.oprop, f->type, f->op, f->lsm_rule)) ++result; @@ -1394,19 +1392,17 @@ static void show_special(struct audit_context *context, int *call_panic) audit_log_format(ab, " a%d=%lx", i, context->socketcall.args[i]); break; } - case AUDIT_IPC: { - u32 osid = context->ipc.osid; - + case AUDIT_IPC: audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho", from_kuid(&init_user_ns, context->ipc.uid), from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); - if (osid) { + if (lsm_prop_is_set(&context->ipc.oprop)) { char *ctx = NULL; u32 len; - if (security_secid_to_secctx(osid, &ctx, &len)) { - audit_log_format(ab, " osid=%u", osid); + if (security_lsmprop_to_secctx(&context->ipc.oprop, + &ctx, &len)) { *call_panic = 1; } else { audit_log_format(ab, " obj=%s", ctx); @@ -1426,7 +1422,7 @@ static void show_special(struct audit_context *context, int *call_panic) context->ipc.perm_gid, context->ipc.perm_mode); } - break; } + break; case AUDIT_MQ_OPEN: audit_log_format(ab, "oflag=0x%x mode=%#ho mq_flags=0x%lx mq_maxmsg=%ld " @@ -2642,7 +2638,8 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp) context->ipc.gid = ipcp->gid; context->ipc.mode = ipcp->mode; context->ipc.has_perm = 0; - security_ipc_getsecid(ipcp, &context->ipc.osid); + /* scaffolding */ + security_ipc_getsecid(ipcp, &context->ipc.oprop.scaffold.secid); context->type = AUDIT_IPC; } From patchwork Wed Oct 9 17:32:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828912 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic314-26.consmr.mail.ne1.yahoo.com (sonic314-26.consmr.mail.ne1.yahoo.com [66.163.189.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCD221836D9 for ; Wed, 9 Oct 2024 17:44:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.152 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495858; cv=none; b=ONyO0tUQ6njFLhpEpHIbqIMX605hPHoD7aUehlaLqdW+4lTJ0qijV/4PB1xVKDZA6I283ldVu7AAIyJFxcxvDZu6HvY21Kf875DYB6aAXYXCBhitx9WP1iulCt3E/yc7WQrspYN5yqdHIvwfkItkcYTwZ9O13OSPGu1TJGNoB/c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495858; c=relaxed/simple; bh=XvGWfkmcH7nAMpYK2DdAO1sQmGPj7qas5fPpbNt+Mo8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hWfg38ExtqWwtEKlqBj3tSBSA7KUNTa8GSHFQ/pezZY65T9j+EXUnadjnLLrLdd9a81btP/91wZpllCRqUn1dfb4xbHEYrP4vIpwQ4Pf7ixA1IxfWmfiozu7NaAnGFsN0+3A6cFh6/Z2hCQJY34ZJHIPhfl+fy2AYIiP6hWEFAg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=aDLZOj6u; arc=none smtp.client-ip=66.163.189.152 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="aDLZOj6u" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495856; bh=gzQThXVQy4HIM0mPZcyXyGY6RPyuqTq8g7PaG6aQI1A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=aDLZOj6upPuHSWF2iw/kiVRQnz+imyh7aGSOkjXOxFO/AYYrJXFwaXm3NJBM6D9nbeWIkQRk8ePTLSu9xhnLO1jKCFVf0O7+YGE0TBtij1ft1L4sbLDys/5vb4H9pf0jl1sTIMSUGx/kPz4pMVrgpRIustZtvpf38H9LlwW9/DoMpP+sPeQ2XAupwF1H3iUUGdRQ8tNkZtjnhxql/fBh6D6dPZoQe4+/o+lW1UWHPCL7ZCXeprscV5A7hfbRZNuBdWQdcvSrzvDIza74+lcziaT9X4Lv5TPkDgIE7vyjlcO3kcYHTI0+Xl8ClrtqONpFZfJTeqz5uV8resWH1mo9pQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495856; bh=T/BaLJW8cn6Qu+vcJsi0mEEnGPml6v7y9KN5K0/zC2k=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=qN6Fpc6fsdD4PAFNKNqUnXz/7CUldfSwi19NHgSNurqddvdIIi7DfBFGDnab0spJt61suBWcg5BASecTVY1p5dqRtyvy54jrFwJxuTIXfuRFoCDwtLj/Cnw/KXLB+NLl66P4Zlt17TtMq6ssq4I/dSLU4RNq3FOaOOItOb4wTtxcCEPYI0aLirpiPJg0E3MMREY7LdyYu+Hcp474f7k2fTDKjdZXB0n82n7gjZa5t5X/IfCJxFTwvaShHTMh8V7oJBn63QCjcDsn64LSk/zS8664yKtroIrhPgeVJsMdQk/qCk9mM8R5wi0N3scRDSy752oI/K4pe9EF0PntJ1x7Og== X-YMail-OSG: Uu3ZiBcVM1nrd.RFW_s5F7aGyYYrd11gBauHFzG1mF8wbtd2Kkk4o8TuiEdXcry LACyH5Tr4jz9qZoI89UMnWjamiXvDwNy2XTzpHlqEP2DpANlHwLfjaZ_KjUeL7DfjKcMcI8r8XEx IY.P_wGnTRnAPJL88QGhDvAZB7rQwMKiBdbCa0i2uIgJGbmX_BG0gUzbVuNOuYnFlA_68Y5SJaOL Wtbj4jtnoxr4J6p6c5wmG6_rB52awAXVbLiM.iMStS0aFo0l46A29rs2go0KOy1q8X.7SzoXSPin dnCppWRXi7BX82DgMndqpUF5p5WPGk1260.ai2vgYG0c.wdzRDLGhsuMDT_SFqk_RcqMo9RVOqqk AtnsvLSy5fGtGXCS3xNcCgmC.pZngcrx9LIqT8jRa2GUSgftqwh_6i_gCkGBSaVeUftTQ5goBFyL Y98_.Qbp91weDFfL6z.iQhyPUMxfZVvetRHZovVAAaD2nBEWNvA9CCJ5vbcibGx4lNfcxvYfULiL qQGxWZaggAEoV_42deSwbGO.epho.FAAlhH0Fq3sVJvX_TTVvMoaAdTieNhyVyPJkRpAPZg.iZtU G4FQN5c8FRmy8x6GsHbmrOkP9B.skvo10C2TY3oH58iuQyeR79qHuXz6835IRwWOYej6Qpjg9x_G G2dsj05oT3ANu20H50eUHZe.ed2XIcNTJ0jSEvm9mE0DF2iwdWGSt60RPLFtEaWIWlwHE5EwVRve fzYc_pnpQJVcdaeSTcfmNeAw_NJURdjY3VDyYM.boUt4Dc0RoMdHq4EBwR6S0FgWDaA4aSyJUH7W B586nisljAwi8j73fCvwkYwQ452tCijB8N7eSX.9gpRyh0dPbPNYtIyWZQQiqur9wuTjTwrumQVc 7.VhJ_du7Gf3DTIs.uGlmEYe.XlrPjSc2AAV1g6oRzv6fTYEq0.0T25aJlQm_8Ql3s.Ivkk9uRmI 6I4cE48E8vr8v_baoSV5CAigLJaUBnJtjpYH2ii8GzQ_9dJgZG9D2rEjGFeMmY2ztZm8gwV1yJwa L9Nx5TSVcrizVNEwzzXkwTHyuImRRxdlOvz9XAefZ87vJfh.6CQKINnxclBXduzZWbUlaU5YQlo0 DOxDj0...wPmQbUw8MUnMPO.yaZOFcb_iLoCRzKaXfkDT.uDBsnlBSXWiYf1D4Tw2R61wPolquW_ CxTEO9cBi_gOJNJI5wR5qV7p2qpQuQ1JSRzJSKPrs54aKvELmyqKtlkju1d6nLi.cAMbYLr4qiIf gk6tIySi.SDQxXgn4tqhbipMkaLJPqa25YShjkuo5zfkLyJqPU7mDtsldKomXH8QnvlH.jaWBW2B ucCYv.nw6j8t6f3eW9RwZ9Ybk.mJVmkfEY6ory1z5eJZYXoEN3q7UXR.u5E51yxiXcitlX3UgdvF Kjh4YjkB7.I4W963nVDfY1IpYEEeQZ02ALAh3IBAITC1bSrjFQUcMVNJmz_hUWlf03zoypZOaXL0 w691W8PRgGjjqvrXTkK_G7w_pcdn3B2pLQKLjp4502lnMjggrBEaGYyB43OoxDLtZHHLHSsf_MWT n5q5dkOfQNDxp6A71hyGg7ej1b4tT6A7pa2q3_O_FZSLyy.TKPPuFrM8OHAkAAFFTkStR5hHQT_K jbuCTt_mkBbCyO_i9NzNKNARGEy37aJa3fUKWmDRaOed8qhlYmrGC2Ryx0ttMFkaGzC3Yi5aHrOp CUE_tU8ZOYz1bVT89Nw8WAhvZ4GK4wrLzSw2F9xaNrT8RyU4rdzoz0ScTsUBykap5hNqA54MOIBW KAgH7xzuR20Am13hX3hQbH79zfwKhzr9XCnTtpkjBoNbJxuKdziCC3SZJ8P9ah9_Vw_fsfWSSRJn jo1KEeW6NkNcdxAFxLSFasuR1DtwBzJUBV7K_Q2tv2RYf08ruSOo1s.5W3EqqPqTWlj5Nt11.Kc3 29sf_0rlkGZG3NRz3VzHvSTcsDdqIKBGx6r0R8S.mdXr7RCg5ayNYheIBoLB8L2MmL6Ohl247Vxy hAySe4bjPI2g1Licb3g2X2mAeHJU1apSp01usvghGunmT7391GVQF8skQ6ri9ZcOVgikijIi_5K6 IXPclfp.O2LsfRORXCvjm7TdaKUro1jkcE3tPHdKLmy1pL.wygj1upmE0TfjgjN.56_Vrfcz1I5j .ZqYd9e4XpmABsU2lgiP71gedWovWzJ4AgkVxl_cMEAJY8uhEcjEL4nGKVU.pKlspJmEBszKEMzb L2vtHln1.UiHZUJ5x2bE3FbDlakNaCPIZMEFvzHVF1SLK.v2.uSTpqYztCy3eQmNygbNMW4EMUV6 wuMEnXQVSH1STAyp5FGf8OFWJZ9T.nTGVi4FI2poH X-Sonic-MF: X-Sonic-ID: 3722bc1a-f06c-4595-9938-da4ba0b926cb Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:44:16 +0000 Received: by hermes--production-gq1-5d95dc458-6q8w6 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID a7e77129a0d9b2a8b8a48f1f6322a7dc; Wed, 09 Oct 2024 17:34:06 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, audit@vger.kernel.org Subject: [PATCH v4 05/13] LSM: Use lsm_prop in security_ipc_getsecid Date: Wed, 9 Oct 2024 10:32:13 -0700 Message-ID: <20241009173222.12219-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 There may be more than one LSM that provides IPC data for auditing. Change security_ipc_getsecid() to fill in a lsm_prop structure instead of the u32 secid. Change the name to security_ipc_getlsmprop() to reflect the change. Signed-off-by: Casey Schaufler Cc: audit@vger.kernel.org Cc: linux-security-module@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 4 ++-- include/linux/security.h | 22 +++++++++++++++++----- kernel/auditsc.c | 5 ++--- security/security.c | 14 +++++++------- security/selinux/hooks.c | 9 ++++++--- security/smack/smack_lsm.c | 16 +++++++++------- 6 files changed, 43 insertions(+), 27 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index ed6ea0b1ec57..6ef2a345ea03 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -256,8 +256,8 @@ LSM_HOOK(void, LSM_RET_VOID, task_to_inode, struct task_struct *p, struct inode *inode) LSM_HOOK(int, 0, userns_create, const struct cred *cred) LSM_HOOK(int, 0, ipc_permission, struct kern_ipc_perm *ipcp, short flag) -LSM_HOOK(void, LSM_RET_VOID, ipc_getsecid, struct kern_ipc_perm *ipcp, - u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, ipc_getlsmprop, struct kern_ipc_perm *ipcp, + struct lsm_prop *prop) LSM_HOOK(int, 0, msg_msg_alloc_security, struct msg_msg *msg) LSM_HOOK(void, LSM_RET_VOID, msg_msg_free_security, struct msg_msg *msg) LSM_HOOK(int, 0, msg_queue_alloc_security, struct kern_ipc_perm *perm) diff --git a/include/linux/security.h b/include/linux/security.h index 5652baa4ca3c..15aef5f68e77 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -289,6 +289,17 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id) return kernel_load_data_str[id]; } +/** + * lsmprop_init - initialize a lsm_prop structure + * @prop: Pointer to the data to initialize + * + * Set all secid for all modules to the specified value. + */ +static inline void lsmprop_init(struct lsm_prop *prop) +{ + memset(prop, 0, sizeof(*prop)); +} + #ifdef CONFIG_SECURITY /** @@ -297,7 +308,7 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id) * * Returns true if there is a value set, false otherwise */ -static inline bool lsm_prop_is_set(struct lsm_prop *prop) +static inline bool lsmprop_is_set(struct lsm_prop *prop) { const struct lsm_prop empty = {}; @@ -515,7 +526,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, void security_task_to_inode(struct task_struct *p, struct inode *inode); int security_create_user_ns(const struct cred *cred); int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); -void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); +void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, struct lsm_prop *prop); int security_msg_msg_alloc(struct msg_msg *msg); void security_msg_msg_free(struct msg_msg *msg); int security_msg_queue_alloc(struct kern_ipc_perm *msq); @@ -571,7 +582,7 @@ int security_bdev_setintegrity(struct block_device *bdev, * * Returns true if there is a value set, false otherwise */ -static inline bool lsm_prop_is_set(struct lsm_prop *prop) +static inline bool lsmprop_is_set(struct lsm_prop *prop) { return false; } @@ -1377,9 +1388,10 @@ static inline int security_ipc_permission(struct kern_ipc_perm *ipcp, return 0; } -static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +static inline void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, + struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } static inline int security_msg_msg_alloc(struct msg_msg *msg) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index e89499819817..5019eb32a97f 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1397,7 +1397,7 @@ static void show_special(struct audit_context *context, int *call_panic) from_kuid(&init_user_ns, context->ipc.uid), from_kgid(&init_user_ns, context->ipc.gid), context->ipc.mode); - if (lsm_prop_is_set(&context->ipc.oprop)) { + if (lsmprop_is_set(&context->ipc.oprop)) { char *ctx = NULL; u32 len; @@ -2638,8 +2638,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp) context->ipc.gid = ipcp->gid; context->ipc.mode = ipcp->mode; context->ipc.has_perm = 0; - /* scaffolding */ - security_ipc_getsecid(ipcp, &context->ipc.oprop.scaffold.secid); + security_ipc_getlsmprop(ipcp, &context->ipc.oprop); context->type = AUDIT_IPC; } diff --git a/security/security.c b/security/security.c index 1842f1325e77..f269421c2d72 100644 --- a/security/security.c +++ b/security/security.c @@ -3730,17 +3730,17 @@ int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag) } /** - * security_ipc_getsecid() - Get the sysv ipc object's secid + * security_ipc_getlsmprop() - Get the sysv ipc object LSM data * @ipcp: ipc permission structure - * @secid: secid pointer + * @prop: pointer to lsm information * - * Get the secid associated with the ipc object. In case of failure, @secid - * will be set to zero. + * Get the lsm information associated with the ipc object. */ -void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) + +void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, struct lsm_prop *prop) { - *secid = 0; - call_void_hook(ipc_getsecid, ipcp, secid); + lsmprop_init(prop); + call_void_hook(ipc_getlsmprop, ipcp, prop); } /** diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6e88faf3c6e5..1d43367009ed 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6319,10 +6319,13 @@ static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag) return ipc_has_perm(ipcp, av); } -static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) +static void selinux_ipc_getlsmprop(struct kern_ipc_perm *ipcp, + struct lsm_prop *prop) { struct ipc_security_struct *isec = selinux_ipc(ipcp); - *secid = isec->sid; + prop->selinux.secid = isec->sid; + /* scaffolding */ + prop->scaffold.secid = isec->sid; } static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) @@ -7215,7 +7218,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(userns_create, selinux_userns_create), LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), - LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), + LSM_HOOK_INIT(ipc_getlsmprop, selinux_ipc_getlsmprop), LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 66da7cbcc0b7..fed44b4fc73d 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3435,16 +3435,18 @@ static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) } /** - * smack_ipc_getsecid - Extract smack security id + * smack_ipc_getlsmprop - Extract smack security data * @ipp: the object permissions - * @secid: where result will be saved + * @prop: where result will be saved */ -static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid) +static void smack_ipc_getlsmprop(struct kern_ipc_perm *ipp, struct lsm_prop *prop) { - struct smack_known **blob = smack_ipc(ipp); - struct smack_known *iskp = *blob; + struct smack_known **iskpp = smack_ipc(ipp); + struct smack_known *iskp = *iskpp; - *secid = iskp->smk_secid; + prop->smack.skp = iskp; + /* scaffolding */ + prop->scaffold.secid = iskp->smk_secid; } /** @@ -5140,7 +5142,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_to_inode, smack_task_to_inode), LSM_HOOK_INIT(ipc_permission, smack_ipc_permission), - LSM_HOOK_INIT(ipc_getsecid, smack_ipc_getsecid), + LSM_HOOK_INIT(ipc_getlsmprop, smack_ipc_getlsmprop), LSM_HOOK_INIT(msg_msg_alloc_security, smack_msg_msg_alloc_security), From patchwork Wed Oct 9 17:32:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828874 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic305-27.consmr.mail.ne1.yahoo.com (sonic305-27.consmr.mail.ne1.yahoo.com [66.163.185.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E055C1E0E16 for ; Wed, 9 Oct 2024 17:34:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.185.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495253; cv=none; b=LxaceNvjmPiFvW52elGeHzcD1VMON4C2C6I762zIKk17LewlTO1ZujygNc53eq17YRHbukzhPClBK2WoA01xjC/+LT9MK/FNpsJOKmNOTW/2fr/y6OuXEMbhBqa+qN7lH2jzfmD8JTU+hkK7XqRnh5Jj03W1x/NTFKbvKXqrMCo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495253; c=relaxed/simple; bh=4P7C6WGa+3DAD3HMQ7qltgx4htUhGEAzSs7puUwwYFU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Xn3VJQtM99JqmfUmaJaj+3ypjUWSnP/IsNGISd0Gj4nUuIqvunzvVoCetoYL8f+DNw5XlWRSfpCJ4UEhVc7eHwmubWNDdgwVxVW8fuNcaA5xUf4RIuCqZKTUZm85lGnsORI6I9Dgd8Cqu9sdvnd1/tnn4qc2fYI+EDRfFH5YNMg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=J+iFItwc; arc=none smtp.client-ip=66.163.185.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="J+iFItwc" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495251; bh=Ri80MgNDcTseaGUsqfIA0tyVfuRU0LoKRoYnob2OWgM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=J+iFItwczlZiRXdZ/QwzwnIiaH6DGZC9stRISMNEgTvFHRUzRbyVxg9ouO05iJqtr3q4B4NM+8uOtoP6dijBoJFzjQnUZJ+ionnMpSz40TAnZ1vqjtJdVP9ZLqb+GncBPTwqCWa2Ub7VxGdgZAL0+AXR1mPp3A04MKOtXzr6EaaAUjiEireDBzT8xaid5qN4mt1PIOZTJ3RNP/v8jf40ELP9QuzYCGsWrXYaGIQ9I8Clp0IV8tRS55mXDjRY0Qpydz75/bK+UUb8AL0WJk6meTDicwgBmL+YUaegBCZNaMATjcD9gb23l7gqIYgU31iFybrBdW9IkYtAkC/krFLteA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495251; bh=+LvK8j1vwCDTYPM1Mmj43JKM2tnho148gZz55FrWoGs=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=QctkixJESEl0WB8fgXqQuqkLCFMs72Le8fXThloUMEFm144yhKYdmbAbwv+RD9mWYakFbt6B5FKpK2uqprGJG+Fx3stKOGMhpRfle21vtJL0EuIxyJQBwrKf3AdIpj7eVT4vH88+qWtgd2vatnKT3bkt2qicYCGKaH/Gyq3FSs4NpEGu63a5BU/gGNyghp8EzW4mZJGK0XMNrlfVHDjSIcTGZ7IwPJjs5cJE6B5po5MG3m13Uii68ITbw1CoGiS6/lkcv+jNhOZ/WNJxU6qXLzcHWKsRBYlN03+Q6Yjq6xtcVHq0j3M4pQXtv3mEDKKzfDzk0oTC4wJgu3XALmEVPA== X-YMail-OSG: 6qG7DtAVM1krpNbgRCjAWDGlXzA47KbP2Bj4gUUM6eqXhQW5PWMCM7bMT0Yn6BV fmJRJ28EHHToAvj1BGWZrgVVVhnsBDEw9BuFQbt4TU5emp2HhQVVK8Ye_AXdDc3D5AOIFElvJ.Ve .9V9xKxbAfZFnZVxWlkNzrZSdS5E2Kn1IaoPPCy0CMC8I7nSE3IC3naIBtY78rYHYO.VNp3KIym7 gATDRwEzyH69IXvbq1eItACK2cSGioQYWcq96P_mms02_KEolQ9Art8L0E57XQNRKP9D.xGGRTXn lqt6od1KoXsE33Eu2R4hnZF1wv_5zsU8vhGwAuxWPEfwfkLWFxjcLsQLNBDrcyh.WpODVPXTSE28 Pc40LLxOTNqaXDn79mPQUa1zguLGL2G0TwSjDjF2ax6Xenz1rNxVo6RE.SD0_U7krJd8bt9r70x0 cabaQ8lNZN06Kdv9lAPYDNn3d1z6zVZfPGuluIFmSIZOorcnvvcqpwsrOONtT8HZzaxJ154YI16L uztu4u0bzAXqEECfImXn_VsiWigwLrZ7Diuuhwg6FXUnB0kzPAhCvkVTiBSXq6a82J4sT0SyATeu d2J7qn3wabCZChMIOXy1XWDlW5wheMqd8PH0rrpdAMNbW9VkOgr_V5rh16XL2P4j9nG3TqbKLTvp iKx2JtMEgU_WlmzZniRSNfdS3kKaBJqQxDBKtsgs11iQss8qYQC5_AYaB1iEJSFPAOedYvgsriY1 AS4YNGRh4D8F1bz9BWoCXQrBygH8.1OijyqOsFQlN0MwFdlctWJ1FnhT41MZlYk227eUmh_TH.kK lnw9ROlMrjp7UO4rH0JGEhxsyeSWSHxQ78abNDknnRprNl1s2CWX57LqyiTv9CzkjLjCxBSPr4U1 ccxKRYod4aZmYabFVlUlr0L8A2qsOGf.B784Jg57GLyZl.KtogB2sx9ZFceKJY.pWakAnlaqAJl7 RI8.vsAy.FKj8CXKWZm7ktgiVL6jwNIbnerc3v4SqiseOVTCeOgZqYl6Q8tv6MfYxTCw4dnd1XKh isMR1M9I8UP_1FR5sXbZhn3dXPzoavN3_SY6mYOVzWvRYAliJ28OBVmNI9qDQLt33947ZabyAVXN z2mSkgYVYsNQspoinpHUbiN7f_u9IhrDGoqyBYzNyuFEFLTgG20qLD4KC714A9irdTKsrTmt2P57 q9vs7a0oaRKHlug4FkVB9xjcSNFk_BkF3o4glOI_eK93SyFUCzo0ixI6ft6K2vN3HMKW6B5QRAyl SHhNupKfj.kaOGzlzKeyB_bPYSAaEHnH9Fd47vv2.WcTkxYa8eWlSuZwBzD0aPZSFhI.FLU2tZEd bUq60PDgthb75E8Py_Oac.rK6CAHgkF7FlRHkwXEWZKxWaaeWFQOd25F09NSiacaNtSPaIz1ZE3a AcyUM9PVHNctCNd9s3v34FAkTcx5RTQfDKLytvrStOs0wjCXzDhZAkxgJdrnR83Qyu84c8GpTV0s .4lsMF1GMmV_O_c7GZRo5GYoo04ungpsz6GatQjA3_GeWWt2BjcYGZD4n9qul1MOEGl3Jr95Hn2k plRd4VtL1tVy.XdBzB6eT8Lx3q6gyza.vtcmubHpKaGXb8S3Uo9uqY4LtKl58FGvMKl9uP1G.WcU 3Q0R3sjUWu9H6E3qBPuPBU6YEXgxgfCQOIEf8dXm_IPnSSr_eAx2wCXxa0mX1CgEUWTJJ.NVvgsa SmYkuTZC1a66NNQ6YM0nsMn3c2FpdOc7kihJOcvGC_1j9SyR.8EV1QniE5s9HPBHmtakGDcSgorw u8AMN4H2SbHwvI4yD1.VCgZIeSU185AvRDztxb_H4t3dv5oo4l8GPKa.ESusvWhWZ5KEtwXNwudW ooS9W9YT7utHeQPtYIe9GydvSCZ_pjgMmBmFvmz_Hl9mBLTqPsTeNJo9tPAJPfNgsSGuRRCUf5TL 4Toi0seWuENQs3NuPEHyBV82UW3oecRWFVrOXno9OXO83Qecj_RT8YaH.lvZSWNKFAQZRYcj4ZZl N4SCFeLVYosGmeDL9riOvfxya6zYmJKBkgYkC9sKilkh_yANDjZXqZyoeZmJ9MI1hs7qqXBN_.nc uU1fgMZ0AdAeuLFir.Z9QeNAzq53Jd7B7wsbnaQ1evDEtUToziFcKptPHNztirXKJlfJaQGcuPYD .rL8i_.p7YLMWJVjCRaeYfIoNiBbU_ETag4eTanspZBUt5GSNanOlYx.WN9E6Bwv6Ie.iyDzo5gK 0I4WPwEhePPnmfoyZr3.JuK2D35A3Kk5ymqbiYzlsNPpP_lIPxDEGFsOtiA-- X-Sonic-MF: X-Sonic-ID: 1cd3087f-f37f-4167-921d-376d99fcc003 Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:34:11 +0000 Received: by hermes--production-gq1-5d95dc458-6q8w6 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID a7e77129a0d9b2a8b8a48f1f6322a7dc; Wed, 09 Oct 2024 17:34:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 06/13] Audit: Update shutdown LSM data Date: Wed, 9 Oct 2024 10:32:14 -0700 Message-ID: <20241009173222.12219-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The audit process LSM information is changed from a secid audit_sig_sid to an lsm_prop in audit_sig_lsm. Update the users of this data appropriately. Calls to security_secid_to_secctx() are changed to use security_lsmprop_to_secctx() instead. security_current_getsecid_subj() is scaffolded. It will be updated in a subsequent patch. Signed-off-by: Casey Schaufler --- kernel/audit.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/kernel/audit.c b/kernel/audit.c index 1edaa4846a47..47c41e6f9ea9 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -123,7 +123,7 @@ static u32 audit_backlog_wait_time = AUDIT_BACKLOG_WAIT_TIME; /* The identity of the user shutting down the audit system. */ static kuid_t audit_sig_uid = INVALID_UID; static pid_t audit_sig_pid = -1; -static u32 audit_sig_sid; +static struct lsm_prop audit_sig_lsm; /* Records can be lost in several ways: 0) [suppressed in audit_alloc] @@ -1473,20 +1473,21 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh, } case AUDIT_SIGNAL_INFO: len = 0; - if (audit_sig_sid) { - err = security_secid_to_secctx(audit_sig_sid, &ctx, &len); + if (lsmprop_is_set(&audit_sig_lsm)) { + err = security_lsmprop_to_secctx(&audit_sig_lsm, &ctx, + &len); if (err) return err; } sig_data = kmalloc(struct_size(sig_data, ctx, len), GFP_KERNEL); if (!sig_data) { - if (audit_sig_sid) + if (lsmprop_is_set(&audit_sig_lsm)) security_release_secctx(ctx, len); return -ENOMEM; } sig_data->uid = from_kuid(&init_user_ns, audit_sig_uid); sig_data->pid = audit_sig_pid; - if (audit_sig_sid) { + if (lsmprop_is_set(&audit_sig_lsm)) { memcpy(sig_data->ctx, ctx, len); security_release_secctx(ctx, len); } @@ -2404,7 +2405,8 @@ int audit_signal_info(int sig, struct task_struct *t) audit_sig_uid = auid; else audit_sig_uid = uid; - security_current_getsecid_subj(&audit_sig_sid); + /* scaffolding */ + security_current_getsecid_subj(&audit_sig_lsm.scaffold.secid); } return audit_signal_info_syscall(t); From patchwork Wed Oct 9 17:32:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828875 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1C8CB1E1026 for ; Wed, 9 Oct 2024 17:34:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495254; cv=none; b=dZbP5dNSKLh0mv6HuVQ3OiBL+kQiCbvUV490YD7xa+zQlVsoMv2hfz+sXAgEjeTT/ci2ZyABvR8Q9FeXy1FyF5s5LAJeN6xg6vYbhjJ9qJLJ15/M0JyqEZrX30lBMVa95e41wYjqapJshQUFP4F9eykEQKrIHVX37hFITYIw61w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495254; c=relaxed/simple; bh=XOqWwT8Y4WA+by5w6/MF2Ii9hd5izJPvrk1mvq11isw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VoFAda5l3uUKXzGpS9abdlBicTcS3MPt7ICYY17UO6Cl+Uk+zmnUaX/Nd6C7vNfUIBD0wzBVgH4qBpsckJcEY6RWNR5JcUtmNcBCnXRFUBk9uA7fWIYrTS6/c+ZDnhzJntoLoPMILGUsPB8gUvUfIp5C4C5Jwvw3PONcd+h6pAw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=atQkuUpv; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="atQkuUpv" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495251; bh=7JHAIfh0Pa5DOT0568myJGVIGhRQmElHuiT10g92Ork=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=atQkuUpvstoCmt86xi9uxNxakXMhrw1NGzp/QgOHSUNtz35XygvaCVVLAcIbcaRC+mGtUM1u/ENdm0JJCWns5QY9K4JYd4f/o/rELXCPPgAD9Gz/Ys07RS/u6KtEU1KGjPsQHJsSTAzQ4BEHsnzd690SWzT4xuCQjk7+wT5zt2AK4XH7w+XaW/JJKEegf63b/dQl3hp35BLLbbdan0+Y6nrY/nw5zZ82f/WmH4p7R3p1vnTY1umh4NzwHclkMeX595nQjBKCTszzfBsPhAE1o+sf55ZVRB1re0GqBCDwueOtOF8kaReQ8pVyeYw2x8cd6JOCu6NSEEumxTN3Yjsvyg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495251; bh=JXD16DqUIch0qdq82Dqfvm8eHQEFAhjjBgDHq8k0/h8=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Df2wovpiocSufXq+kOT9mm8+PBdFhosqyXKlK6fA5yAA+jEjCQcJtnw4p/68dlyssenIOag0spfVpyAmZb4Hhu1wwpg+S0eukmr8twDb2X6AviFn+zapZaAT4SV97FlDXrLQwK3gLiOw/bGrZ4fgvFpSOVDe8GoLssn+pbqiwQSZJWkUsqNF8BC4OjGr1iYABpUYQuae3GeVd03lEdIIKrD8oxYKGh970nql61smnYiNsApXIkyoqLxuWkpA5esVtYviwcD09OD5k6X2UtE9zNMU1t5pDvNidxHC3nalkADPPNySwjeO/yfYP8K8pB9TX7mqaLOPKkfE3Wln3F9YsA== X-YMail-OSG: 6x.KK9wVM1mP8qKR3bHb8IodcDYFopelhZAzVZI9vxNdB0PpMMQpBwHQ91ruDIO 1c.RdLiY6MQf3xy8lX7OyKXfbgKb3plXcef_QkRM3EhqZGCcpGmu8c94JNjtHgNq81yORYAqNhwD My1_Gtj8aaDKcxMWf4q4V2NTauzF6bGNLZNL3veI4X4OX5RwSeDDu6QceZxJSYiQPBogywgyU4fr kIA80SF94UEaRui4cz3Syie9Mic_oeCsMLjJcvLTnunPNV3fz.o3sAygysKvSP64fGppi_xudEDd 0kOIoYFedTeNYq0nUokkNKHdnywNPR9ex74ORiIAyatRvRfcTtcnP.ZwuOIXnmKUIoUXsNNCCE0G 4tDa2eDaHKVxNwEI7TBCw6p5kqOMJn9CxoacM318PlDdiCYJ4wl5uxMPk3oBZmoOvH_IN3zz42xL 6jmX4zch6nmk5QgWxnLqqEVLcs2GKANN_KRgTIhYAnu0E1KlqjDFJXXQv0X6veDRbFMuCFv8AS3T ujbjnd10wVC9mDOiLFMgnx73dyy49E4lYYPGDBHIFpVBulaTCfBqHWeY6BOuEUMCw_5cDCv0ahzj QtbFTM07aPXjjz5Xiz_UjfDXBrIUiFeTblsDr1PsrYBawVJ4vimKm2cNV0ZbLwfpeXEDdNzuxX_J y5IUFx_F1vmDZaP2jP1d8zssO6Nv_Sqkt0I0IxLsm2OmX.h.gw4qNdCJN9k4dTQlQBwvEKJn23lH qJvwBk_PXz5TrvFEA2Lt7O8rji6YOdLKsP20JL4B6zZU.KFbBKEFLcckk5ZzEaqqgu_pic.JQLKM BdQhLUr81ManYy9RZUuxt804PDqFmJSeCCqzFd5N.1WwK3OXFOo_14pgyHpGMKLjM9bMsX6b.vF2 yoN0dkDuCZDQ4wzrmKM7OY372OoaHQPJDmFpzRXIOAlHC9vxh1hgNVEirnVnh8ybGVEmAhUgy7pG IIXiUMdDvVum86VN7ErKtbG4q53Ey_fSrjvofDEQhwMpBcyIrWNrGiChJdy3_.a9pqe2RF5T7_qu 2NYlbjZ3rbuMKkFaZBys_QSGO.Xy60K3M.4SEqIa_yieLfr9tjIJ1tlp7YzjMsb8ftjsGzkrZAmq dh1Ey9qN2sjWIujFBjLfP4F9NsovGi5KDoJDu17q.AwHBkB3Wn.9yFcpcDNdA52Dwwt1W3imYgKC zCD3Mw03pFi0rJUhaUnvgCnQ.ot02i8gwE3oYKmY6yU6sFYFAQuRVrK4JEABKbqbYbMN7CLOEGG_ iO8qF0.NC6lcf8dRnU15f8VWy80HuIbIH2jx00Szciqegr.doRLk5fFluO7JVWlS.SrqWbTVwK0d 78Tt2RR_414iPTU.doVyzX1O_62y6vAgqIyA728sUxZbbdjiPbZX67vhvEEpONZh28PKtzMxvgy_ coQifNQfZXoy_nTBgj1YhMzmp3vv_WtzVgt.dxDm9QU2ogmJkwBzOuNagTIG5hVIxH_MNtfUvYi_ KckC8lLIp8Z_CRAfCiHd1mtfI9xg.SHM._W2m4ZQThMgHax5V5AzKVQ1wjOmzIEi0U72n.az3NdA 2YyCiIX90SfvHLWpVz2Nz0XvgoTczu.mJcFYp.9KMqb3EwmXAbAsegSpL35sizvEAx8F5PNlycMF .hb6kn41bozotRFvRttD5E6q4YUzPK1XQjPZ5YX1nHO6Cm9gdZ8cckYIa1iGw0i4W67TDWnzLAPn eL7rhf4Fdvzk3b0m__Yqznmlks3HudeOGJKjXARqKsSJVIU0ERJaF39zxiTjoyguWkKKpsVAHdfE OhUcriRMNZ9mgEc7fXe417CvErFaGd8SQy_fxicYxAP0ta.LV5_ZUVlkAivnJsxiXADqanNvFkv. jJlRR8psBAyQcLGx4zmBLQ2mB7Oi4vuiT89bY7.NWGS6rr3A7xZDtc4S5LIm7.GcerKZnNLw1n5W VnWB_9tt4lLFFlEsAR6KYxSachujZpZBBn0R0.wEgxDOCnCNHhLQcclDMsTRofkuyIp4ySMeyxBB M6EJEiqKHkYEXcq9r2KEa_OKS5GhFmuSR4bQwZrit7WYqwedOuGj5j2bp7BTWXEkAuPsCTX.SCh9 zWAwmhwU8.by_hlQarPrdq_ywn4neN0BjqCJPMGTSswD6fp2iA7N_AxhX3wXIDpBQDqYMr9jlJ.S PA.pOexMA3P9AyVHDCfq5qgz1aWT5B0FIIiQUdS5.6iclDy0cXD2qokKa0bInIBctyNwG72mnAfe EQncQc0IHAg6ATj1HZpPSRQSCRXXCgMjV4XnRdv9GZBzrlALNFWse5NF9Y0_TzkHwCS5n0__LHFY VfMP1v3OOn5J9MYRE6HE6fZl7rsAJUnAJpVHbsUdf X-Sonic-MF: X-Sonic-ID: 269195a1-dd10-4c53-afdc-64cb6e9fedb6 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:34:11 +0000 Received: by hermes--production-gq1-5d95dc458-6q8w6 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID a7e77129a0d9b2a8b8a48f1f6322a7dc; Wed, 09 Oct 2024 17:34:09 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org, audit@vger.kernel.org Subject: [PATCH v4 07/13] LSM: Use lsm_prop in security_current_getsecid Date: Wed, 9 Oct 2024 10:32:15 -0700 Message-ID: <20241009173222.12219-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the security_current_getsecid_subj() and security_task_getsecid_obj() interfaces to fill in a lsm_prop structure instead of a u32 secid. Audit interfaces will need to collect all possible security data for possible reporting. Signed-off-by: Casey Schaufler Cc: linux-integrity@vger.kernel.org Cc: audit@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 6 +-- include/linux/security.h | 13 +++--- kernel/audit.c | 11 +++-- kernel/auditfilter.c | 3 +- kernel/auditsc.c | 22 ++++++---- net/netlabel/netlabel_unlabeled.c | 5 ++- net/netlabel/netlabel_user.h | 6 ++- security/apparmor/lsm.c | 20 ++++++--- security/integrity/ima/ima.h | 6 +-- security/integrity/ima/ima_api.c | 6 +-- security/integrity/ima/ima_appraise.c | 6 +-- security/integrity/ima/ima_main.c | 59 ++++++++++++++------------- security/integrity/ima/ima_policy.c | 14 +++---- security/security.c | 28 ++++++------- security/selinux/hooks.c | 17 +++++--- security/smack/smack_lsm.c | 25 +++++++----- 16 files changed, 139 insertions(+), 108 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 6ef2a345ea03..8a90fd9ff3c8 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -235,9 +235,9 @@ LSM_HOOK(int, 0, task_fix_setgroups, struct cred *new, const struct cred * old) LSM_HOOK(int, 0, task_setpgid, struct task_struct *p, pid_t pgid) LSM_HOOK(int, 0, task_getpgid, struct task_struct *p) LSM_HOOK(int, 0, task_getsid, struct task_struct *p) -LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid) -LSM_HOOK(void, LSM_RET_VOID, task_getsecid_obj, - struct task_struct *p, u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, current_getlsmprop_subj, struct lsm_prop *prop) +LSM_HOOK(void, LSM_RET_VOID, task_getlsmprop_obj, + struct task_struct *p, struct lsm_prop *prop) LSM_HOOK(int, 0, task_setnice, struct task_struct *p, int nice) LSM_HOOK(int, 0, task_setioprio, struct task_struct *p, int ioprio) LSM_HOOK(int, 0, task_getioprio, struct task_struct *p) diff --git a/include/linux/security.h b/include/linux/security.h index 15aef5f68e77..9bc8153f4e8b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -507,8 +507,8 @@ int security_task_fix_setgroups(struct cred *new, const struct cred *old); int security_task_setpgid(struct task_struct *p, pid_t pgid); int security_task_getpgid(struct task_struct *p); int security_task_getsid(struct task_struct *p); -void security_current_getsecid_subj(u32 *secid); -void security_task_getsecid_obj(struct task_struct *p, u32 *secid); +void security_current_getlsmprop_subj(struct lsm_prop *prop); +void security_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop); int security_task_setnice(struct task_struct *p, int nice); int security_task_setioprio(struct task_struct *p, int ioprio); int security_task_getioprio(struct task_struct *p); @@ -1305,14 +1305,15 @@ static inline int security_task_getsid(struct task_struct *p) return 0; } -static inline void security_current_getsecid_subj(u32 *secid) +static inline void security_current_getlsmprop_subj(struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } -static inline void security_task_getsecid_obj(struct task_struct *p, u32 *secid) +static inline void security_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } static inline int security_task_setnice(struct task_struct *p, int nice) diff --git a/kernel/audit.c b/kernel/audit.c index 47c41e6f9ea9..d2797e8fe182 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -2179,16 +2179,16 @@ void audit_log_key(struct audit_buffer *ab, char *key) int audit_log_task_context(struct audit_buffer *ab) { + struct lsm_prop prop; char *ctx = NULL; unsigned len; int error; - u32 sid; - security_current_getsecid_subj(&sid); - if (!sid) + security_current_getlsmprop_subj(&prop); + if (!lsmprop_is_set(&prop)) return 0; - error = security_secid_to_secctx(sid, &ctx, &len); + error = security_lsmprop_to_secctx(&prop, &ctx, &len); if (error) { if (error != -EINVAL) goto error_path; @@ -2405,8 +2405,7 @@ int audit_signal_info(int sig, struct task_struct *t) audit_sig_uid = auid; else audit_sig_uid = uid; - /* scaffolding */ - security_current_getsecid_subj(&audit_sig_lsm.scaffold.secid); + security_current_getlsmprop_subj(&audit_sig_lsm); } return audit_signal_info_syscall(t); diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 288a2092fd0d..a7de3dabe6e1 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1371,8 +1371,7 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_CLR: if (f->lsm_rule) { /* scaffolding */ - security_current_getsecid_subj( - &prop.scaffold.secid); + security_current_getlsmprop_subj(&prop); result = security_audit_rule_match( &prop, f->type, f->op, f->lsm_rule); diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 5019eb32a97f..6b2b2a8d5647 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -470,7 +470,6 @@ static int audit_filter_rules(struct task_struct *tsk, { const struct cred *cred; int i, need_sid = 1; - u32 sid; struct lsm_prop prop = { }; unsigned int sessionid; @@ -675,15 +674,14 @@ static int audit_filter_rules(struct task_struct *tsk, * fork()/copy_process() in which case * the new @tsk creds are still a dup * of @current's creds so we can still - * use security_current_getsecid_subj() + * use + * security_current_getlsmprop_subj() * here even though it always refs * @current's creds */ - security_current_getsecid_subj(&sid); + security_current_getlsmprop_subj(&prop); need_sid = 0; } - /* scaffolding */ - prop.scaffold.secid = sid; result = security_audit_rule_match(&prop, f->type, f->op, @@ -2730,12 +2728,15 @@ int __audit_sockaddr(int len, void *a) void __audit_ptrace(struct task_struct *t) { struct audit_context *context = audit_context(); + struct lsm_prop prop; context->target_pid = task_tgid_nr(t); context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getsecid_obj(t, &context->target_sid); + security_task_getlsmprop_obj(t, &prop); + /* scaffolding */ + context->target_sid = prop.scaffold.secid; memcpy(context->target_comm, t->comm, TASK_COMM_LEN); } @@ -2751,6 +2752,7 @@ int audit_signal_info_syscall(struct task_struct *t) struct audit_aux_data_pids *axp; struct audit_context *ctx = audit_context(); kuid_t t_uid = task_uid(t); + struct lsm_prop prop; if (!audit_signals || audit_dummy_context()) return 0; @@ -2762,7 +2764,9 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getsecid_obj(t, &ctx->target_sid); + security_task_getlsmprop_obj(t, &prop); + /* scaffolding */ + ctx->target_sid = prop.scaffold.secid; memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); return 0; } @@ -2783,7 +2787,9 @@ int audit_signal_info_syscall(struct task_struct *t) axp->target_auid[axp->pid_count] = audit_get_loginuid(t); axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); - security_task_getsecid_obj(t, &axp->target_sid[axp->pid_count]); + security_task_getlsmprop_obj(t, &prop); + /* scaffolding */ + axp->target_sid[axp->pid_count] = prop.scaffold.secid; memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); axp->pid_count++; diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 9996883bf2b7..5925f48a3ade 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1534,11 +1534,14 @@ int __init netlbl_unlabel_defconf(void) int ret_val; struct netlbl_dom_map *entry; struct netlbl_audit audit_info; + struct lsm_prop prop; /* Only the kernel is allowed to call this function and the only time * it is called is at bootup before the audit subsystem is reporting * messages so don't worry to much about these values. */ - security_current_getsecid_subj(&audit_info.secid); + security_current_getlsmprop_subj(&prop); + /* scaffolding */ + audit_info.secid = prop.scaffold.secid; audit_info.loginuid = GLOBAL_ROOT_UID; audit_info.sessionid = 0; diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h index d6c5b31eb4eb..39f4f6df5f51 100644 --- a/net/netlabel/netlabel_user.h +++ b/net/netlabel/netlabel_user.h @@ -32,7 +32,11 @@ */ static inline void netlbl_netlink_auditinfo(struct netlbl_audit *audit_info) { - security_current_getsecid_subj(&audit_info->secid); + struct lsm_prop prop; + + security_current_getlsmprop_subj(&prop); + /* scaffolding */ + audit_info->secid = prop.scaffold.secid; audit_info->loginuid = audit_get_loginuid(current); audit_info->sessionid = audit_get_sessionid(current); } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index a58b72ed246c..6331bcb35ec0 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -982,17 +982,24 @@ static void apparmor_bprm_committed_creds(const struct linux_binprm *bprm) return; } -static void apparmor_current_getsecid_subj(u32 *secid) +static void apparmor_current_getlsmprop_subj(struct lsm_prop *prop) { struct aa_label *label = __begin_current_label_crit_section(); - *secid = label->secid; + + prop->apparmor.label = label; + /* scaffolding */ + prop->scaffold.secid = label->secid; __end_current_label_crit_section(label); } -static void apparmor_task_getsecid_obj(struct task_struct *p, u32 *secid) +static void apparmor_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { struct aa_label *label = aa_get_task_label(p); - *secid = label->secid; + + prop->apparmor.label = label; + /* scaffolding */ + prop->scaffold.secid = label->secid; aa_put_label(label); } @@ -1503,8 +1510,9 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_free, apparmor_task_free), LSM_HOOK_INIT(task_alloc, apparmor_task_alloc), - LSM_HOOK_INIT(current_getsecid_subj, apparmor_current_getsecid_subj), - LSM_HOOK_INIT(task_getsecid_obj, apparmor_task_getsecid_obj), + LSM_HOOK_INIT(current_getlsmprop_subj, + apparmor_current_getlsmprop_subj), + LSM_HOOK_INIT(task_getlsmprop_obj, apparmor_task_getlsmprop_obj), LSM_HOOK_INIT(task_setrlimit, apparmor_task_setrlimit), LSM_HOOK_INIT(task_kill, apparmor_task_kill), LSM_HOOK_INIT(userns_create, apparmor_userns_create), diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index cdfe8c8c7bac..c0d3b716d11f 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -369,7 +369,7 @@ static inline void ima_process_queued_keys(void) {} /* LIM API function definitions */ int ima_get_action(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, int mask, + const struct cred *cred, struct lsm_prop *prop, int mask, enum ima_hooks func, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos); @@ -400,8 +400,8 @@ const char *ima_d_path(const struct path *path, char **pathbuf, char *filename); /* IMA policy related functions */ int ima_match_policy(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, enum ima_hooks func, - int mask, int flags, int *pcr, + const struct cred *cred, struct lsm_prop *prop, + enum ima_hooks func, int mask, int flags, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos); void ima_init_policy(void); diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 984e861f6e33..c35ea613c9f8 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -165,7 +165,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * @idmap: idmap of the mount the inode was found from * @inode: pointer to the inode associated with the object being validated * @cred: pointer to credentials structure to validate - * @secid: secid of the task being validated + * @prop: properties of the task being validated * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXEC, * MAY_APPEND) * @func: caller identifier @@ -187,7 +187,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * */ int ima_get_action(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, int mask, + const struct cred *cred, struct lsm_prop *prop, int mask, enum ima_hooks func, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos) @@ -196,7 +196,7 @@ int ima_get_action(struct mnt_idmap *idmap, struct inode *inode, flags &= ima_policy_flag; - return ima_match_policy(idmap, inode, cred, secid, func, mask, + return ima_match_policy(idmap, inode, cred, prop, func, mask, flags, pcr, template_desc, func_data, allowed_algos); } diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index 656c709b974f..884a3533f7af 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -73,13 +73,13 @@ bool is_ima_appraise_enabled(void) int ima_must_appraise(struct mnt_idmap *idmap, struct inode *inode, int mask, enum ima_hooks func) { - u32 secid; + struct lsm_prop prop; if (!ima_appraise) return 0; - security_current_getsecid_subj(&secid); - return ima_match_policy(idmap, inode, current_cred(), secid, + security_current_getlsmprop_subj(&prop); + return ima_match_policy(idmap, inode, current_cred(), &prop, func, mask, IMA_APPRAISE | IMA_HASH, NULL, NULL, NULL, NULL); } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 06132cf47016..553a6f54a1e2 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -206,8 +206,8 @@ static void ima_file_free(struct file *file) } static int process_measurement(struct file *file, const struct cred *cred, - u32 secid, char *buf, loff_t size, int mask, - enum ima_hooks func) + struct lsm_prop *prop, char *buf, loff_t size, + int mask, enum ima_hooks func) { struct inode *real_inode, *inode = file_inode(file); struct ima_iint_cache *iint = NULL; @@ -232,7 +232,7 @@ static int process_measurement(struct file *file, const struct cred *cred, * bitmask based on the appraise/audit/measurement policy. * Included is the appraise submask. */ - action = ima_get_action(file_mnt_idmap(file), inode, cred, secid, + action = ima_get_action(file_mnt_idmap(file), inode, cred, prop, mask, func, &pcr, &template_desc, NULL, &allowed_algos); violation_check = ((func == FILE_CHECK || func == MMAP_CHECK || @@ -443,23 +443,23 @@ static int process_measurement(struct file *file, const struct cred *cred, static int ima_file_mmap(struct file *file, unsigned long reqprot, unsigned long prot, unsigned long flags) { - u32 secid; + struct lsm_prop prop; int ret; if (!file) return 0; - security_current_getsecid_subj(&secid); + security_current_getlsmprop_subj(&prop); if (reqprot & PROT_EXEC) { - ret = process_measurement(file, current_cred(), secid, NULL, + ret = process_measurement(file, current_cred(), &prop, NULL, 0, MAY_EXEC, MMAP_CHECK_REQPROT); if (ret) return ret; } if (prot & PROT_EXEC) - return process_measurement(file, current_cred(), secid, NULL, + return process_measurement(file, current_cred(), &prop, NULL, 0, MAY_EXEC, MMAP_CHECK); return 0; @@ -488,9 +488,9 @@ static int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, char *pathbuf = NULL; const char *pathname = NULL; struct inode *inode; + struct lsm_prop prop; int result = 0; int action; - u32 secid; int pcr; /* Is mprotect making an mmap'ed file executable? */ @@ -498,13 +498,13 @@ static int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, !(prot & PROT_EXEC) || (vma->vm_flags & VM_EXEC)) return 0; - security_current_getsecid_subj(&secid); + security_current_getlsmprop_subj(&prop); inode = file_inode(vma->vm_file); action = ima_get_action(file_mnt_idmap(vma->vm_file), inode, - current_cred(), secid, MAY_EXEC, MMAP_CHECK, + current_cred(), &prop, MAY_EXEC, MMAP_CHECK, &pcr, &template, NULL, NULL); action |= ima_get_action(file_mnt_idmap(vma->vm_file), inode, - current_cred(), secid, MAY_EXEC, + current_cred(), &prop, MAY_EXEC, MMAP_CHECK_REQPROT, &pcr, &template, NULL, NULL); @@ -542,15 +542,18 @@ static int ima_bprm_check(struct linux_binprm *bprm) { int ret; u32 secid; + struct lsm_prop prop = { }; - security_current_getsecid_subj(&secid); - ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, - MAY_EXEC, BPRM_CHECK); + security_current_getlsmprop_subj(&prop); + ret = process_measurement(bprm->file, current_cred(), + &prop, NULL, 0, MAY_EXEC, BPRM_CHECK); if (ret) return ret; security_cred_getsecid(bprm->cred, &secid); - return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, + /* scaffolding */ + prop.scaffold.secid = secid; + return process_measurement(bprm->file, bprm->cred, &prop, NULL, 0, MAY_EXEC, CREDS_CHECK); } @@ -566,10 +569,10 @@ static int ima_bprm_check(struct linux_binprm *bprm) */ static int ima_file_check(struct file *file, int mask) { - u32 secid; + struct lsm_prop prop; - security_current_getsecid_subj(&secid); - return process_measurement(file, current_cred(), secid, NULL, 0, + security_current_getlsmprop_subj(&prop); + return process_measurement(file, current_cred(), &prop, NULL, 0, mask & (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND), FILE_CHECK); } @@ -768,7 +771,7 @@ static int ima_read_file(struct file *file, enum kernel_read_file_id read_id, bool contents) { enum ima_hooks func; - u32 secid; + struct lsm_prop prop; /* * Do devices using pre-allocated memory run the risk of the @@ -788,9 +791,9 @@ static int ima_read_file(struct file *file, enum kernel_read_file_id read_id, /* Read entire file for all partial reads. */ func = read_idmap[read_id] ?: FILE_CHECK; - security_current_getsecid_subj(&secid); - return process_measurement(file, current_cred(), secid, NULL, - 0, MAY_READ, func); + security_current_getlsmprop_subj(&prop); + return process_measurement(file, current_cred(), &prop, NULL, 0, + MAY_READ, func); } const int read_idmap[READING_MAX_ID] = { @@ -818,7 +821,7 @@ static int ima_post_read_file(struct file *file, char *buf, loff_t size, enum kernel_read_file_id read_id) { enum ima_hooks func; - u32 secid; + struct lsm_prop prop; /* permit signed certs */ if (!file && read_id == READING_X509_CERTIFICATE) @@ -831,8 +834,8 @@ static int ima_post_read_file(struct file *file, char *buf, loff_t size, } func = read_idmap[read_id] ?: FILE_CHECK; - security_current_getsecid_subj(&secid); - return process_measurement(file, current_cred(), secid, buf, size, + security_current_getlsmprop_subj(&prop); + return process_measurement(file, current_cred(), &prop, buf, size, MAY_READ, func); } @@ -967,7 +970,7 @@ int process_buffer_measurement(struct mnt_idmap *idmap, int digest_hash_len = hash_digest_size[ima_hash_algo]; int violation = 0; int action = 0; - u32 secid; + struct lsm_prop prop; if (digest && digest_len < digest_hash_len) return -EINVAL; @@ -990,9 +993,9 @@ int process_buffer_measurement(struct mnt_idmap *idmap, * buffer measurements. */ if (func) { - security_current_getsecid_subj(&secid); + security_current_getlsmprop_subj(&prop); action = ima_get_action(idmap, inode, current_cred(), - secid, 0, func, &pcr, &template, + &prop, 0, func, &pcr, &template, func_data, NULL); if (!(action & IMA_MEASURE) && !digest) return -ENOENT; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 22a62e675ebc..a96dc3ff6aa0 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -557,7 +557,7 @@ static bool ima_match_rule_data(struct ima_rule_entry *rule, * @idmap: idmap of the mount the inode was found from * @inode: a pointer to an inode * @cred: a pointer to a credentials structure for user validation - * @secid: the secid of the task to be validated + * @prop: LSM properties of the task to be validated * @func: LIM hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * @func_data: func specific data, may be NULL @@ -567,7 +567,7 @@ static bool ima_match_rule_data(struct ima_rule_entry *rule, static bool ima_match_rules(struct ima_rule_entry *rule, struct mnt_idmap *idmap, struct inode *inode, const struct cred *cred, - u32 secid, enum ima_hooks func, int mask, + struct lsm_prop *prop, enum ima_hooks func, int mask, const char *func_data) { int i; @@ -658,8 +658,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule, case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - /* scaffolding */ - prop.scaffold.secid = secid; rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); @@ -723,7 +721,7 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * @inode: pointer to an inode for which the policy decision is being made * @cred: pointer to a credentials structure for which the policy decision is * being made - * @secid: LSM secid of the task to be validated + * @prop: LSM properties of the task to be validated * @func: IMA hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * @flags: IMA actions to consider (e.g. IMA_MEASURE | IMA_APPRAISE) @@ -740,8 +738,8 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * than writes so ima_match_policy() is classical RCU candidate. */ int ima_match_policy(struct mnt_idmap *idmap, struct inode *inode, - const struct cred *cred, u32 secid, enum ima_hooks func, - int mask, int flags, int *pcr, + const struct cred *cred, struct lsm_prop *prop, + enum ima_hooks func, int mask, int flags, int *pcr, struct ima_template_desc **template_desc, const char *func_data, unsigned int *allowed_algos) { @@ -759,7 +757,7 @@ int ima_match_policy(struct mnt_idmap *idmap, struct inode *inode, if (!(entry->action & actmask)) continue; - if (!ima_match_rules(entry, idmap, inode, cred, secid, + if (!ima_match_rules(entry, idmap, inode, cred, prop, func, mask, func_data)) continue; diff --git a/security/security.c b/security/security.c index f269421c2d72..5cdb5b171ff2 100644 --- a/security/security.c +++ b/security/security.c @@ -3492,33 +3492,33 @@ int security_task_getsid(struct task_struct *p) } /** - * security_current_getsecid_subj() - Get the current task's subjective secid - * @secid: secid value + * security_current_getlsmprop_subj() - Current task's subjective LSM data + * @prop: lsm specific information * * Retrieve the subjective security identifier of the current task and return - * it in @secid. In case of failure, @secid will be set to zero. + * it in @prop. */ -void security_current_getsecid_subj(u32 *secid) +void security_current_getlsmprop_subj(struct lsm_prop *prop) { - *secid = 0; - call_void_hook(current_getsecid_subj, secid); + lsmprop_init(prop); + call_void_hook(current_getlsmprop_subj, prop); } -EXPORT_SYMBOL(security_current_getsecid_subj); +EXPORT_SYMBOL(security_current_getlsmprop_subj); /** - * security_task_getsecid_obj() - Get a task's objective secid + * security_task_getlsmprop_obj() - Get a task's objective LSM data * @p: target task - * @secid: secid value + * @prop: lsm specific information * * Retrieve the objective security identifier of the task_struct in @p and - * return it in @secid. In case of failure, @secid will be set to zero. + * return it in @prop. */ -void security_task_getsecid_obj(struct task_struct *p, u32 *secid) +void security_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop) { - *secid = 0; - call_void_hook(task_getsecid_obj, p, secid); + lsmprop_init(prop); + call_void_hook(task_getlsmprop_obj, p, prop); } -EXPORT_SYMBOL(security_task_getsecid_obj); +EXPORT_SYMBOL(security_task_getlsmprop_obj); /** * security_task_setnice() - Check if setting a task's nice value is allowed diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 1d43367009ed..7d6ffd3483a8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4169,14 +4169,19 @@ static int selinux_task_getsid(struct task_struct *p) PROCESS__GETSESSION, NULL); } -static void selinux_current_getsecid_subj(u32 *secid) +static void selinux_current_getlsmprop_subj(struct lsm_prop *prop) { - *secid = current_sid(); + prop->selinux.secid = current_sid(); + /* scaffolding */ + prop->scaffold.secid = prop->selinux.secid; } -static void selinux_task_getsecid_obj(struct task_struct *p, u32 *secid) +static void selinux_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { - *secid = task_sid_obj(p); + prop->selinux.secid = task_sid_obj(p); + /* scaffolding */ + prop->scaffold.secid = prop->selinux.secid; } static int selinux_task_setnice(struct task_struct *p, int nice) @@ -7203,8 +7208,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_setpgid, selinux_task_setpgid), LSM_HOOK_INIT(task_getpgid, selinux_task_getpgid), LSM_HOOK_INIT(task_getsid, selinux_task_getsid), - LSM_HOOK_INIT(current_getsecid_subj, selinux_current_getsecid_subj), - LSM_HOOK_INIT(task_getsecid_obj, selinux_task_getsecid_obj), + LSM_HOOK_INIT(current_getlsmprop_subj, selinux_current_getlsmprop_subj), + LSM_HOOK_INIT(task_getlsmprop_obj, selinux_task_getlsmprop_obj), LSM_HOOK_INIT(task_setnice, selinux_task_setnice), LSM_HOOK_INIT(task_setioprio, selinux_task_setioprio), LSM_HOOK_INIT(task_getioprio, selinux_task_getioprio), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index fed44b4fc73d..e74e22c4232f 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2239,30 +2239,35 @@ static int smack_task_getsid(struct task_struct *p) } /** - * smack_current_getsecid_subj - get the subjective secid of the current task - * @secid: where to put the result + * smack_current_getlsmprop_subj - get the subjective secid of the current task + * @prop: where to put the result * * Sets the secid to contain a u32 version of the task's subjective smack label. */ -static void smack_current_getsecid_subj(u32 *secid) +static void smack_current_getlsmprop_subj(struct lsm_prop *prop) { struct smack_known *skp = smk_of_current(); - *secid = skp->smk_secid; + prop->smack.skp = skp; + /* scaffolding */ + prop->scaffold.secid = skp->smk_secid; } /** - * smack_task_getsecid_obj - get the objective secid of the task + * smack_task_getlsmprop_obj - get the objective data of the task * @p: the task - * @secid: where to put the result + * @prop: where to put the result * * Sets the secid to contain a u32 version of the task's objective smack label. */ -static void smack_task_getsecid_obj(struct task_struct *p, u32 *secid) +static void smack_task_getlsmprop_obj(struct task_struct *p, + struct lsm_prop *prop) { struct smack_known *skp = smk_of_task_struct_obj(p); - *secid = skp->smk_secid; + prop->smack.skp = skp; + /* scaffolding */ + prop->scaffold.secid = skp->smk_secid; } /** @@ -5130,8 +5135,8 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_setpgid, smack_task_setpgid), LSM_HOOK_INIT(task_getpgid, smack_task_getpgid), LSM_HOOK_INIT(task_getsid, smack_task_getsid), - LSM_HOOK_INIT(current_getsecid_subj, smack_current_getsecid_subj), - LSM_HOOK_INIT(task_getsecid_obj, smack_task_getsecid_obj), + LSM_HOOK_INIT(current_getlsmprop_subj, smack_current_getlsmprop_subj), + LSM_HOOK_INIT(task_getlsmprop_obj, smack_task_getlsmprop_obj), LSM_HOOK_INIT(task_setnice, smack_task_setnice), LSM_HOOK_INIT(task_setioprio, smack_task_setioprio), LSM_HOOK_INIT(task_getioprio, smack_task_getioprio), From patchwork Wed Oct 9 17:32:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828889 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AAD71137C37 for ; Wed, 9 Oct 2024 17:35:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.188.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495350; cv=none; b=t3IbVy+OjXgtfjimBWRsIOEaVtcUNh1Hz3RYv7qs4VJJjokEel2YAl2dJq7NEaMeG2cuUOorOS4ugb9xv8zykpkoADgb8ktsF0SPxpCx6kDujfGq807v3r7966LF+N1IGDlNguAJP97wlcvgnTQyvq/8bYfOWDxV4dwwioUFID0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495350; c=relaxed/simple; bh=5x0nxYzIRH1ATHb1j7OJCfXq7lDDWl3xwqmB9yuEuRo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Q3Jr5uAfgafju5A2kfc26mq6XvSJ4cD+KCwUZG6t0qYGyI7ZcUJMcKhAeh3vjUBLhBFMzH83+lMClDDnmqPIllNS4plB7vDWaQLngzQNTh+T3hzvrcDWOBRvflWwHCknxr2Yq1FMKR+14sVJR2HMK2V9vKFjyLp1SBAH71e1TXw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=nb/lfLL5; arc=none smtp.client-ip=66.163.188.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="nb/lfLL5" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495347; bh=xGS32vK4zqUy1jW80fWK8+QQou1Alo2nnw9Z4ZdIf2o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=nb/lfLL53uOEKlNgUrPsMnCcYgUUWboHK5LJvJLGVycaqKd78XcZ+MhJuUQo6S8GydLNTyLYmoh8b7WYfpxge4LiXh+eZeYrcRZEpQOJUPGuPHGQr/n2KAhzrdwi3g/QrD7RjJ1xSLTszSHdkvRtAPmnn3KrpQ8TBbOQxtE6MxbowfU/34wo2wRS/PK9tRE0j0EbFtda3Smvnu2MxAprOPJG5M3j6bTF/BHQM4topjqN+dDrpyGmegOafJEi6HX0AnFK3pVQ64MB4kN3eibXW33IiW7ZWkQwwrLoa6P6/6vIGLXa5ifjJDMh+XSdoDxBqg5CAxLEhp3hZOFByIud4w== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495347; bh=Wut4H/2YR7QIM0pLGdCpucXgdG4wRM9S3tdRQHWZm5m=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Fl3lUyeil6Cydtys8LSD5+DIK9gUZqov4wxC3zyFl1HifkdSdbGpO70cD9A1g0h48Vg/Aj9s7x4aFJYRHlBIv1Mi75CKt7krJ5gWQMZ3i8Uj5LEC/5ubSxs9YHKhAU8gBYszw10i6r+6bZfQbjjwrUfgPvTVZ0v98znhlh+R02VjxZGqZoYd5uzW90taIkufLvRbNZlym0fZ8K5wbv9lmR4t00mReIVJzUhPp9L3DiE2BCZcywrrjV58X7bUPzUU3/imsOR+8QUizeiiHB1v4kDJq0gsNjNzK3ltBznApjrK3fO31IbTid8Glk0QyEB9mmgtyVxgXQeif80Nr471LQ== X-YMail-OSG: GM1vGecVM1muzW9EsI8QAql8.AZAh1E1nlAX8WIgcvWavaOKIndWGq2Zva9Zz4Y ULZLDZ9pjzD_UwCqlgkrPcLTE3sKP2kmGCWzLciDBmEUEUZ4Xp4h1jRH1vMhUJf7DLlxsoaTeOwP cw9pARcOABFFtvh_4tffg9HyWLG0ZU9Oc8DMLQLo086QugrKjDehH75JphB1tUQ8GFAX4pX3lp5C l5.DGzmAnML1Zps3rQLGxkMFN7h4YNxhGChMwnyI41bieScxJow26d5YrhLqjO9Rd32uVVi2sgi1 EQ3F9yJ1aDTy7vxBxC_x..Vzqpb0ao9JfJ.TGho7dDArd5nzAUwA9UJ6P6nJnMBQ4HLzhv9l0nd_ Kt8MRUBxaf3UbXRz26FHkTH4HMgK556heMFgOUmFeJAMHx_EEHvIKAPph0kj6c4m0WybzOp4DGBI yOJ4vhCK0nmfaXvv0M9QGM3CoOWPD3Sg5xfjYty_.efi5UV7pXZ8Vd4vgw4a3lFOsbfijCLbmKso WP477rQ5CULM.MnZc04o37frZN3c3mxfuXRFmgTY_bKBvKlpIF7FajRj4ll.lMNeZ8w7Wxqm5yVn 2Pm75iIIGQvz01cHcxRXbPbJ7JelrMiolI8qeS7RDE7wIbX2mCCLNfijK2zVhNNIA6COXy3CQ5A8 dr3U8bRNguAWAuE7Pg2V.cDY9.t0cX9RG8X5GZ2tZiq2s1JPyLlOIFXW2w.wQb4fVsYdpKwQUi0C e9HMGFKFgSFasOSWln2BxZhylwd7rgO3y4QIFu604WDgt64Y4a3UR3Alm4sUFl72r8V70Xj0k_eg AJmfPwLrbKVp3WwXT9BCsgWopxKHvdiTsTA02D9GakDYjZCozcllx7RxFKVmfQLpb8DKLn03xdH0 DIMjVap0jnaVmovRWtzIK8Ddf_MN1DLYgMKdMIU63_AuprgXVbkd5aQyC8XJxonMRBi_tuaSvIHm 6BXW3upoAHqJ617.g6iIOTMO2ptlDZS8Fc2V4mpxCb_nk5USf5vjVPfZ4U3BUuSGgb3lfFvsV0nY jxF7ajL3..aQnD1QVPEaEKIe3N5kkripJ.7v4iSqr9M7UF2v2t4zgAYCP3QEI2W87y00glnt_6Ul V6MLRkkP9Nw1.zVLL8Ga57Tq9tuwv2ZtZr2bF8WkqLkKBVsPKFiT6eajfR573Hwq2WPEwmBOeVey 2lgrO4RGM_PVu.n.f0j1bmZFDLz6Bc3vcEKsoda8j2DDMjp2ZjpnaGKxwGN4bN1DvUi5VhGGAUcg xTC9co6spsPjD0vNcKJ9F.SZfzE2mN6PjP.CYALoJCghLXjMMv9WkuHNmw7kaTBJtMShv_m294W0 l7uNH3NUHSmZVCnH6cMtoQHTIXP8UDWXvgMdyRQtnuY.qs17He.8spSChpIPu_LH3JIrFhi8rLFt x7YGm19jpwrk5M9pGazhrOeeLfg8qv33M.B0J4moIcTzbgh_fAOCQG204IXrUqBil8Updv9U.oSL iLNJ3zOkesPMbD7AUJNcPyDoYcSXQKa2cSdKtsHG.NhKiEM0zlaXAsjxYyG4307HLh6TYw5vKkAs s83qY_hdkh6E.bFSwttabjZwTHYEHOPEMriP9IwBvWXFW9Xp_pjmTaCJKXIoMZvWVEl3YfX1UV51 6FQ0aPEv1EsluMrL83aPqJDPUWevks0qmtLqrpEbqXe_dOsaaIjQx1rqfSBOwuyTA_24fxHBl4wk W4c7ujLR2XDY5_EGTB5nhdrVWhsLFGFJIy.eOyQ3K_9INOc5lSlDpycsxCySaMaocf0BNuzyz_lP 56k012LMtaUG9npaYbJKJp8f2X76KcHAKC7zKGvpWJfT0EGpPb7FVxn5VG7rcOcYQ1ykebpD3NjV hJ0qyUeuPQSX6BG74k9OFqB7ljnnHGXtmAgX_E9ENl3S9IRwMDge_vnPTvS9YHHPPaHT3pvFOrrk UzTPI9yl2rI4i0zUo1jzJiKSCBlRfNoMQGeJ6NFUNP8nPOboGQWsaNodWtLg7VCiiyTMvwAbbmZC X2IL89a53y40or8CeWs_klzVm6ZFMhJ0zuzLqBTz64WaoTluJXv3_6W1DPaIB_80ZPHCGVsmhz6U H8kRwcblGvAeLhb4Ih9ySPnFGofoKrEDfPmT3s0GrQ1rJ6CMYn3vQ4P62eTyfF211Ly802qaSfhn TDaLoA1tFPG6x5HXXIG0UXLkQSqfH0IC05j7N6K0V8SvvggikLP1Y3qRlorgSPfyGDldkxkZPGwX k4iV3TR3xlNFh87E.IIWDcm9U0I.MqyBWngMuNz4Zi6FliMLYpxzMbfHVwYYe4svHhHwfdqH0qSk YVuEqYrNCqZDNm0CY0x5lpp1wsLB6j57_IhQEFuvZ X-Sonic-MF: X-Sonic-ID: f9cdb05e-6123-4694-bd50-d937e37bbcec Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:35:47 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 502c2859a32e83ed73c2b19ff921ebf0; Wed, 09 Oct 2024 17:35:42 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org Subject: [PATCH v4 08/13] LSM: Use lsm_prop in security_inode_getsecid Date: Wed, 9 Oct 2024 10:32:16 -0700 Message-ID: <20241009173222.12219-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the security_inode_getsecid() interface to fill in a lsm_prop structure instead of a u32 secid. This allows for its callers to gather data from all registered LSMs. Data is provided for IMA and audit. Change the name to security_inode_getlsmprop(). Signed-off-by: Casey Schaufler Cc: linux-integrity@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 3 ++- include/linux/security.h | 7 ++++--- kernel/auditsc.c | 6 +++++- security/integrity/ima/ima_policy.c | 3 +-- security/security.c | 11 +++++------ security/selinux/hooks.c | 15 +++++++++------ security/smack/smack_lsm.c | 12 +++++++----- 7 files changed, 33 insertions(+), 24 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 8a90fd9ff3c8..23ad7e4f8c67 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -176,7 +176,8 @@ LSM_HOOK(int, -EOPNOTSUPP, inode_setsecurity, struct inode *inode, const char *name, const void *value, size_t size, int flags) LSM_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer, size_t buffer_size) -LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, inode_getlsmprop, struct inode *inode, + struct lsm_prop *prop) LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new) LSM_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, struct dentry *src, const char *name) diff --git a/include/linux/security.h b/include/linux/security.h index 9bc8153f4e8b..2b19ef5d799c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -452,7 +452,7 @@ int security_inode_getsecurity(struct mnt_idmap *idmap, void **buffer, bool alloc); int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); -void security_inode_getsecid(struct inode *inode, u32 *secid); +void security_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop); int security_inode_copy_up(struct dentry *src, struct cred **new); int security_inode_copy_up_xattr(struct dentry *src, const char *name); int security_inode_setintegrity(const struct inode *inode, @@ -1076,9 +1076,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer, return 0; } -static inline void security_inode_getsecid(struct inode *inode, u32 *secid) +static inline void security_inode_getlsmprop(struct inode *inode, + struct lsm_prop *prop) { - *secid = 0; + lsmprop_init(prop); } static inline int security_inode_copy_up(struct dentry *src, struct cred **new) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 6b2b2a8d5647..372302f0528b 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2276,13 +2276,17 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { + struct lsm_prop prop; + name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getsecid(inode, &name->osid); + security_inode_getlsmprop(inode, &prop); + /* scaffolding */ + name->osid = prop.scaffold.secid; if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index a96dc3ff6aa0..dbfd554b4624 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -649,8 +649,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - /* scaffolding */ - security_inode_getsecid(inode, &prop.scaffold.secid); + security_inode_getlsmprop(inode, &prop); rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type, Audit_equal, lsm_rule->lsm[i].rule); diff --git a/security/security.c b/security/security.c index 5cdb5b171ff2..5e76e35dda09 100644 --- a/security/security.c +++ b/security/security.c @@ -2724,16 +2724,15 @@ int security_inode_listsecurity(struct inode *inode, EXPORT_SYMBOL(security_inode_listsecurity); /** - * security_inode_getsecid() - Get an inode's secid + * security_inode_getlsmprop() - Get an inode's LSM data * @inode: inode - * @secid: secid to return + * @prop: lsm specific information to return * - * Get the secid associated with the node. In case of failure, @secid will be - * set to zero. + * Get the lsm specific information associated with the node. */ -void security_inode_getsecid(struct inode *inode, u32 *secid) +void security_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { - call_void_hook(inode_getsecid, inode, secid); + call_void_hook(inode_getlsmprop, inode, prop); } /** diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7d6ffd3483a8..a9f8d10062b5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3503,15 +3503,18 @@ static int selinux_inode_listsecurity(struct inode *inode, char *buffer, size_t return len; } -static void selinux_inode_getsecid(struct inode *inode, u32 *secid) +static void selinux_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { struct inode_security_struct *isec = inode_security_novalidate(inode); - *secid = isec->sid; + + prop->selinux.secid = isec->sid; + /* scaffolding */ + prop->scaffold.secid = isec->sid; } static int selinux_inode_copy_up(struct dentry *src, struct cred **new) { - u32 sid; + struct lsm_prop prop; struct task_security_struct *tsec; struct cred *new_creds = *new; @@ -3523,8 +3526,8 @@ static int selinux_inode_copy_up(struct dentry *src, struct cred **new) tsec = selinux_cred(new_creds); /* Get label from overlay inode and set it in create_sid */ - selinux_inode_getsecid(d_inode(src), &sid); - tsec->create_sid = sid; + selinux_inode_getlsmprop(d_inode(src), &prop); + tsec->create_sid = prop.selinux.secid; *new = new_creds; return 0; } @@ -7174,7 +7177,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(inode_getsecurity, selinux_inode_getsecurity), LSM_HOOK_INIT(inode_setsecurity, selinux_inode_setsecurity), LSM_HOOK_INIT(inode_listsecurity, selinux_inode_listsecurity), - LSM_HOOK_INIT(inode_getsecid, selinux_inode_getsecid), + LSM_HOOK_INIT(inode_getlsmprop, selinux_inode_getlsmprop), LSM_HOOK_INIT(inode_copy_up, selinux_inode_copy_up), LSM_HOOK_INIT(inode_copy_up_xattr, selinux_inode_copy_up_xattr), LSM_HOOK_INIT(path_notify, selinux_path_notify), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e74e22c4232f..5c3cb2837105 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1649,15 +1649,17 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, } /** - * smack_inode_getsecid - Extract inode's security id + * smack_inode_getlsmprop - Extract inode's security id * @inode: inode to extract the info from - * @secid: where result will be saved + * @prop: where result will be saved */ -static void smack_inode_getsecid(struct inode *inode, u32 *secid) +static void smack_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { struct smack_known *skp = smk_of_inode(inode); - *secid = skp->smk_secid; + prop->smack.skp = skp; + /* scaffolding */ + prop->scaffold.secid = skp->smk_secid; } /* @@ -5110,7 +5112,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(inode_getsecurity, smack_inode_getsecurity), LSM_HOOK_INIT(inode_setsecurity, smack_inode_setsecurity), LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity), - LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid), + LSM_HOOK_INIT(inode_getlsmprop, smack_inode_getlsmprop), LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security), LSM_HOOK_INIT(file_ioctl, smack_file_ioctl), From patchwork Wed Oct 9 17:32:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828890 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic306-26.consmr.mail.ne1.yahoo.com (sonic306-26.consmr.mail.ne1.yahoo.com [66.163.189.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E32041D4176 for ; Wed, 9 Oct 2024 17:35:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.88 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495352; cv=none; b=e2y5VsYR0UqGnqD7Pjz3VHtTigV2nQo2+H6lyvIFyFdTbQBnasUay3LurFnYKqJPCa6BguF68zgfteT2sgnaGZC+3zMeOrIrkTpX6leREK0WYeSQUoBlEvWhN2Or4mWGMYwJyC7rcToJA1hBUdZ2qTLac/wOk3/2A3jlBWhuNyI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495352; c=relaxed/simple; bh=8lc+7LE68DiZStdNT+SsbwiHqdHBM83bYfeJA0aXVds=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=IbyYj7CQZueQWkNc61g0NH3gtOcAQjVqcFQnJTZO/9e04m5GWzybJYqCentPt39WTrDgn1hpjAWmfE8Xp7fqabeduOCCSqqLQhxUJyumD3GKutpr7ltNhTzggElcdm0btw1fUGhgrCbcHXYQG9tqA28Gh51xH7D/fFwq6RKohS8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=PxjcbnxT; arc=none smtp.client-ip=66.163.189.88 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="PxjcbnxT" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495349; bh=dSKF4YjsFZbJKDV20QBxq17uyW97kaIyIuj5Z7hhKuY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=PxjcbnxTUkQdAsG9fZ5r6/II4L7+daLDUHPlqZrK6FdMTU6AEt74ovE7Ej98dgES5D5K38nhjnPTcN4p/EHl2mp1VkJVcZHsUGeprFdYr26DJVPb0V7TfF02lx8qTuIon89SqHcLzguIt1ecYUCYxb08dZPkXV3bC6pubMeJbz7qU1IrejUmAt1LZ+PxXHG5ARx4fix6wCUCK0+VcYowo0Rp2KtKbwKfuSk67wwwDCJZv4GnM82eKfEA7hl7l5efUwyZy0nRj2bvqvoPkfD+CHvFdwjEuDGAUuOY6hBG5BhOjhDteFbWTs7nRXGgDQwPOUWaPrVhbwymVPm1wUyxcA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495349; bh=5TTLdVaaiPovqpivGD+oEQnNCWAtmjU/Ll9+9OBk3B+=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=GWdaxbxtHIyvSw7RJnhLlrN5Ai968yRCuXTuiIAMa7FhWyCgA9nlBWLMHlHaP2w8//ZLKllDZQfP/1kTi1I6KBoKKRHeKBYO8xjoEPny8MvK9/ZjdHwts2x6vjsjG59JmC4EEEgWWlpm4QySKrejmwnZZoNnGGbVElTYscvl4TG+6e9hjn1aBMFtMtA+M+kXd8CfdkoP/AnL6rivCno2GkzTiRuQRx+9V7w0paLjz5piIHaPJCvZV0SiSTeVb48Rdmcx+mcICw/Y+R/Cby4Y7dMSgQFMWhR+Y4onkXRTXhQe9HZ/ZtkAqKPcEIdb6lbN0pZ4viIq8YMsX45hSwVIDA== X-YMail-OSG: LnzsonQVM1kh96vfkGHfbJeR49fG1FCqr3DSyE9rgbKWWBIXoB8hL9Vm5hbVUdf IErK607zqzw8etgU3KXp5vF4ZBFv9p6X_9CvCjymvQmyqL_x5tEm73Qy8KxYrJYWqbBKg5_FHH4e 3YYUOa50wUruEIEesn3HCLPz.2zoLaxReQV1XBBBlBVGCDMlDkfY.yEF3g0OJjEHByqwz9Gb67Zy 4EooPpcxg3TTad1a1DQo3wXseC_z2eQmGW37MfKpleluNntBrf.tGTAVbhmCyAzXyj7Xk4bPQrwa Uo3x1uZlFeJV9HPh07YE7o1az9S2HNsRrtkuucxTGrpNeZewHJNRC0p_SbvMWGbRQPxKw9pYNwrc ixmkHx_zRgcG0t5waaRXDDaCw7Lp9OoxDwgspCCqlSFC83Kgh5zjA7_ztz7iA7ZrII.NyMr.lJF2 zZuOIrot20mV5iyfkcp6uEXSl26F3nJXF4FQbhx0nG4hwy1Npu9yqjA44mxhWDuNHN6ly8oH1GUa WOagRNv9w5uUUnt30SIP4ng7kunLxbsX52PwkEIyG2fGIhW5zBuJlhiJXLupNuLK0CKCXGKBNYJA _ZfLgSujMXNNIHKYQiMJ6wxTeMLVi3lwH7BYBiLzR23llo7E2n6ctY94rU3hcOUojD204stoZYT0 Zc1yXKrOsyahF7T_PnROcKc12tiBPmKZlbw5syLwVZPz.1_bLcEY_Zy1cwLsGxpzLnhuR59bygnV 7wV4cq.BMCKFNqVvpP7qGnUdRzCyewxbNi1mdv1sSDR0Ihhw4X96gKh38jVWZJuV4FGes6eT2D6B XNkc_eEvJe93gnsUp8U99Q0JTstsQCUOYX9z6bGdHg8CfOjsw0V_yN14AhcF3aDH9ZHGkQ.MQuck 5xEfXJFhFssjoG6wF7YZmdi2Bt8bzULD12sAZHj9Bi3M1iK.IQk.hDu.sz_9_QB13l11yUQ1GVar igRgRRrJ01HJfRCjxbuRgh8SrEljMNK_idS8HxCiFQQjDgVfnBVxpqoFRuhooik2r2FMeZ6RCNc1 XinW0NzZ8xOY8N_rm5dgU4Aiz9oVYRBEmQPrC3CeBR5u75G_uM_Dr84wH8HAixls1FDn.PTWFlpi ZgKf15Rj2.YlpJ5puGPcR7LKI8aGRCSIiXllE0B1oi8dgvLp6857OGuBUl2fVEAII8VRrvcw2po3 oZ8.Myv1yRtG9mXOA8IVPpuTBPhyfA7Rd1s5ouZnsPKEmQB_ZooS440o.0F3LDn1SPX0y8xhHfC. khse9rav1yQCCwfssFbVdK4E_QVzWFEqOu5WXBcHyUTpu4hSyHq90uw0CUMk4OYSSdWh6GxhhMeR IgCZ1dDnvxvGkczBVnYs8SPcKlK4yim5Vm8iJ4oIKEs3YDMQCzB0CPy0xljfQbcPuEykgA6smTTD RbzfsX0OY4oP2BHILV7CpxE8pJ2A8t2PSC2ALcit3GzRFi2suYMJn6W6P7VpOvpnkZyH3_nt75TF XNzoFVh4KL71L75DhzTeo0vluRO_AcUSJfC5470Y8QMLd.K9YHT98YSeRXXRP3X1q3iWdBw3fYZb nlneYrb6gzMwPu2bmInsdLoUYXUpv_Mop0kWYAVTThpxOIELw_YYTMar98cuh_0BWUs.z4In0Bkl ooBOYPNPAeibxDY9xfR.4V9XZefVd5Y8nN__lEPFWwCkX9N_2gBlyXewsNSjyNzXv6s910b9s6kH x9KrofrvlsY6C6Q.5GR9wPgw2IpLU8m.ffEZ.8oS9FdUCoUIH.DgDIST4O6.N_l2AGTrXOLK8B2_ mTBD8rNigneDKHSU9l3_akCTBxxHP0tjl_YkWAcPXBLQHy00ktqfMBuGHfeup0zFicI_JgrpFNr7 6NkNV00bklPOAXnbtJILW5wdF4pbKYAjI213iNygMEd3hLW88UwSwDKoPSLHbHl7odyXy8Lh0Ud6 jjlZk6lKnOZV2B6Tc2IbYWxv_mH9eiLWCRspQX6ETSe_bbgVrDqQw5tN7eeoyUsulPAyDjkWPP4a g98QHhwYv.1wPj60SRMEmFqj18yf.Y3Y.q5qZ2vAtQf9H0bjJvlG.pKajH.1oumPESLqsIunQRTP GB1NEE9_rHiCId.5bJrDC7y16C1y78azPDlNY4x8tK8DZygl6KvFnbD.CiDZ8jU2uljfL_.ZSPos 3s3TbXbN1IE2DfYgggYeExC06zZLhCqdOXs5Eded13JU3MUSnMqht6Fe1c_4rfF1FAcCNt4rAuCL 7NNZrL0ZJ1sbVYkGRXNbnB2WoURko19cTz0KiDKf52w_Anw1wym03h5590vHv5_iwvk7XLRjjcKA bK_boMKAJFNH8ww0Qtmv4KMKxzEn5LTMy8d9g.wmm5g-- X-Sonic-MF: X-Sonic-ID: 063a13ac-3647-47c8-adff-6f53c7c50ffd Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:35:49 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 502c2859a32e83ed73c2b19ff921ebf0; Wed, 09 Oct 2024 17:35:44 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 09/13] Audit: use an lsm_prop in audit_names Date: Wed, 9 Oct 2024 10:32:17 -0700 Message-ID: <20241009173222.12219-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the osid field in the audit_names structure with a lsm_prop structure. This accommodates the use of an lsm_prop in security_audit_rule_match() and security_inode_getsecid(). Signed-off-by: Casey Schaufler --- kernel/audit.h | 2 +- kernel/auditsc.c | 20 +++++--------------- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/kernel/audit.h b/kernel/audit.h index d14924a887c9..8e6f886a83a4 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -82,7 +82,7 @@ struct audit_names { kuid_t uid; kgid_t gid; dev_t rdev; - u32 osid; + struct lsm_prop oprop; struct audit_cap_data fcap; unsigned int fcap_ver; unsigned char type; /* record type */ diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 372302f0528b..53fbd2e5d934 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -698,19 +698,15 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_rule) { /* Find files that match */ if (name) { - /* scaffolding */ - prop.scaffold.secid = name->osid; result = security_audit_rule_match( - &prop, + &name->oprop, f->type, f->op, f->lsm_rule); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { - /* scaffolding */ - prop.scaffold.secid = n->osid; if (security_audit_rule_match( - &prop, + &n->oprop, f->type, f->op, f->lsm_rule)) { @@ -1562,13 +1558,11 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, from_kgid(&init_user_ns, n->gid), MAJOR(n->rdev), MINOR(n->rdev)); - if (n->osid != 0) { + if (lsmprop_is_set(&n->oprop)) { char *ctx = NULL; u32 len; - if (security_secid_to_secctx( - n->osid, &ctx, &len)) { - audit_log_format(ab, " osid=%u", n->osid); + if (security_lsmprop_to_secctx(&n->oprop, &ctx, &len)) { if (call_panic) *call_panic = 2; } else { @@ -2276,17 +2270,13 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { - struct lsm_prop prop; - name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getlsmprop(inode, &prop); - /* scaffolding */ - name->osid = prop.scaffold.secid; + security_inode_getlsmprop(inode, &name->oprop); if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; From patchwork Wed Oct 9 17:32:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828892 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 95D6C1E0B7B for ; Wed, 9 Oct 2024 17:35:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.188.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495355; cv=none; b=K9bspBLKj83A/xg/wGrIhCFcLOLF5ILzBjCZVbctxo4qA9mNCENErKm6LT4ZPezXdo0D9goKrOPX3U0nOsurs9qYOYPzQNRSQ336BUw2LLToXOdBEi5ckoVbJKClBYvLikjXP8QJxXvhVd0gSh362AWQsUy5jroIc2Zz0U7dIDQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495355; c=relaxed/simple; bh=vI/KtDb/Q5HuZSYihR4Tw8nHAj69pfOU6/bAMMsgkOg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VqEGxXAI7siKWDFh0r6la2Ey/U4+uxr4aiR4Dt8zQdGRBP1sP1VY+YhSEVrQsiKNreMej2vVezxOYulfvANDQDt6UylMX97UZTmmsZJk9A5VTMxqe8hpkbH3WhqJIuPPTKH163IlDcD0UJEjtovLquJ6i8+T8jQ85N8sifY5EcU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=bD7xpXz4; arc=none smtp.client-ip=66.163.188.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="bD7xpXz4" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495352; bh=yWZJMVK1UkNKcLb5fb2Tu7Uy+QV20ZmGPbjZRVxv1RU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=bD7xpXz4j3J0Nfi3aB1oSrzpBOPSiom3zRirUwPuzNDyMV9+5T5PsBO5Fwo1dJx7zVs5+y22hCzft6D9j6r8wZM+qSkwBpdNKw4pfG/x7KZiXCkT2UNCbLM/zaLO4V+wb3NVT9dubMMVCGbTDXqE/ouJEEzfERHZ5oWiOdajaaWUN0MEcxx0WBW1uJ6kpDpjCGEiuLLxIYxOaVWzxsvIehtqrng9sGPXZIpkkfNCgDwcJiBfazgesegXgQwSPx7Ed5iI/gnyJU70gpADDaeNjUgn3/tCnXv7I+8t9EWo7JETB1TdXbOdIWDZ2Auzyw0BmaD+jdz+U4w1RvB75ad61g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495352; bh=1hVpS8GA6RWf++kM+qbXfjHxNAiYQGKXApTld0xNAWU=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ny5dwCdtNkT+CTjPWUSWIlugt+zS+k2KgsHDtflGB8dq7vy5mlokzT9txZ/WiIPplVHOq8qvmMU5YSESDHnLP27jQg7AkhjdoPyVdiN6e57JCz8+8qo9aSuCu/AgvpGIklvFjjuxURflebljc/weDqMXHsSvEG/rUpMHGOmBA/JszjZde87MHzG1kIdE/By19AkkClSOuPl34UJ7ZsAS897/sBuJukwK9G9L4WRx3X/BsozUOBQuOxyWnS5qjSY/uDez+y/w667pVx5IQkNFR2uItLIOBd1sWh8dPFtpOApv/VtjxOO6gGGdlGVroAB9oLWlKq7rDi+OqKsXi+SVew== X-YMail-OSG: UCgrDJEVM1kkYE4lQGVD_c_ClAEaK8XWrS2zQfwSnUxfdsp_jRWh0emdqqsb1Il NalNQQtYEs7AX3uSKBsUQkFDiBwAYhCTF6GVBjaPp5CJg97dwB3dQELkVIHVQEB7KXRc5DTJuF1x 33LzgyjNdxbPvBWOjwQJxHOSWMb.GyA3Y2zzkQ73UeCUcJGD1RXIEMEXMPUG9XwWLtlPmQ.c7nLf bbwlIRw.r.BzGjeatKMEWQH.tG346rP6Kh63WPzt30_tLXPBjTSuw31ccttbmuB6YNyHkbJS9n.C r7vu2VOToDavCctXpUt84jSJh_zYQVGGK1eBJX9uyjtGPTAHPlpH_KcBPkl9Is2.YQef1TkRdeAw zPqyo2sSw0uIl4ktvoEcW9J1UVqWJgON4VLEtMdTgOCpxdUSyXxwpnUK5FNpr8gGPMADG.OILTh6 RagT1J4RgceT59W75wxu58cgg75mhRCNHe40s.njjKAKqOk0XVm7YNfKzXvyiwNFbLEkK9W.JApc sXmpxbq.fP7NNRfkUk15rsMAoNAFU6Vdg28AUI7qvqDczYfreeuOFiHr6S4NyRu.0MA_auHTaXQF ksS2Ys_O3KsgLQWLgKJXzYPhxR6e0guxLpZn8dLpgZ1lrhXPpq5Y52XVALTyc7YjPrIe0tWEDBYm ZfVC_b0vQMxOCVSAl9ho1KNzSJsYug.RcMgsMMTgwlgzAQgmuciHC5g4psxXe3XiEhkJs2bsw6xt wVOtxVIksEJVFOFfjScn6mPlTw8A7YbI2kUdWqa1MHNNOEW8IwGKPtdtDpJqDtEqVxKxK6666bQv YoZGPJZ5K3qT0tCmQ6vERuUQthIw5CpR8_Zgz10XXLLxkWs96M0QXbDsQRYcPBbIWCQxuA4azzwv nuwsX9UkUUKNTHB3AxEXrcYmVnprUG4xlkqence6Ec9kqByCHjmnr670MSQmJamWeO_pCqgb0jJb l9o27_FymGlYLCBTvbaMd5HeYWgScbi9st4pzi_o_GXpcJArNvE82PD24CFoG_OE_RfKRsid.uxY 7_atxGVmsTKouMiHFZo0YPl6y9snGImv6ALB6rF6hwbqINb_dlKSGn0q1PGHsXInRpklhlKB_e16 P18XP29oe4y2wTjIRBTDIfowseoj4iH2QSyjYLfQtFvBXbR5pY1f8bTZeR5rqlG6Fvh9peLgW5ZS W5J._54JVkeK5ld1QOqj.9.ztsVB.4EMyM3jdqBKN_4v8NDMLT8ZJWkn4hMh4QvaYC3fIWCXiCNG ZxPyf0amvvVehKwMhGbrgkXIvSy3OjNDI9HxxWGuy5ZnrQYXaeQCP3.CQJCuMKfqR0SD_AkUg0om buooruitx7JXQvaxXErepb1ry5Uzfi.lHP0_E0a481_iNsdcYXcV2Zcthq38Rcr6R4kJwMk4_EUL RkA3EPYfCLJx0WKQDkcrr7AdN0pf4yz6FVuM0aw3IKzmKui6ZATdZhRRNC_6yvTuTq.ZUPRYbO8b 7Le2YnocLBjRkUQyXxP_zjXa_MLhW8jjUQ3gisNXl.DaxdzPpNe6OfyG7U0Aga0F0twD9d8VJKOK TW0HyOpdV18.wpLkTxgS9TKBO5f9B3MdpeTism.7eT0N4VL7ryfhWoQfekgOZKhbXdKBvojNQ.GE wVbcNub_ZZbCfk31y9KuLcDQO8jXvHZd5LoY8DhslmMnqHsJULgLyUXgEdlaWy8k6oQsw5w9.WJ6 kaVFRxCv_SRSmoXstN0vXMKBWoXE7CYX0jyhKhG6UL8Bfjs64lf_5Ityr0YOtjj1JwTu6kR.EF_v g32uEr1gikbuc5uwR2Ih1pGs1R_ylqC.j9yKKC8iKkcMSnyzY9EYs83meU9mGDZDTW5D62Lz5Bro IQDQ8hr8.tnESfDa0_8vKeFV8hwqgwDVs2G94bZIWOlwdjnAgivbUR2Q_knaxi7H41TYVlG3qE_d GxcYEUuWwJl5dWI2.5VimRWrPMpEbK23FbPnNPgHr.0NW7_9wewNggpNK_68JzVGga9pcevXkTKo FP__AM6ROAqbp9iSJ4cog3KQE1MacdoaPXu8o1C1dWXmXqlkFQjEvaGEvUl30mjah4Dc9GwWGGwT SnwyFsS3H_fGnvQIk2wizsmcipkkyFmsVeqZyigGpV8P6LkkKu0m7svnL5w.FaZRtDW3SDDuxrHg oEVAujVwz8SBvWwKTpTgdpZ9CBcb04zOE.oZadcAerd8l5WiSQHoSMptlkbiVrI2Clvb0kwXyq4t hl7o941SahAuEPDEHsaxDOeNn.PCMWkBcukr6a_lDNq2pLifJW2JY1CSBTcl0IAet8lMdix7gddM Av.eC3wogwi7tuWEOPiQvhsJ1F60QX_5.rVfgohg58Pm.57bPDQ-- X-Sonic-MF: X-Sonic-ID: 4762dc73-d0e5-40aa-b744-42b9cdfb572c Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:35:52 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 502c2859a32e83ed73c2b19ff921ebf0; Wed, 09 Oct 2024 17:35:47 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org, audit@vger.kernel.org Subject: [PATCH v4 10/13] LSM: Create new security_cred_getlsmprop LSM hook Date: Wed, 9 Oct 2024 10:32:18 -0700 Message-ID: <20241009173222.12219-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Create a new LSM hook security_cred_getlsmprop() which, like security_cred_getsecid(), fetches LSM specific attributes from the cred structure. The associated data elements in the audit sub-system are changed from a secid to a lsm_prop to accommodate multiple possible LSM audit users. Signed-off-by: Casey Schaufler Cc: linux-integrity@vger.kernel.org Cc: audit@vger.kernel.org Cc: selinux@vger.kernel.org --- include/linux/lsm_hook_defs.h | 2 ++ include/linux/security.h | 5 +++++ security/integrity/ima/ima_main.c | 7 ++----- security/security.c | 15 +++++++++++++++ security/selinux/hooks.c | 8 ++++++++ security/smack/smack_lsm.c | 18 ++++++++++++++++++ 6 files changed, 50 insertions(+), 5 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 23ad7e4f8c67..eb2937599cb0 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -218,6 +218,8 @@ LSM_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old, LSM_HOOK(void, LSM_RET_VOID, cred_transfer, struct cred *new, const struct cred *old) LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid) +LSM_HOOK(void, LSM_RET_VOID, cred_getlsmprop, const struct cred *c, + struct lsm_prop *prop) LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid) LSM_HOOK(int, 0, kernel_create_files_as, struct cred *new, struct inode *inode) LSM_HOOK(int, 0, kernel_module_request, char *kmod_name) diff --git a/include/linux/security.h b/include/linux/security.h index 2b19ef5d799c..acd2e5d1b0ff 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -488,6 +488,7 @@ void security_cred_free(struct cred *cred); int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); void security_transfer_creds(struct cred *new, const struct cred *old); void security_cred_getsecid(const struct cred *c, u32 *secid); +void security_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop); int security_kernel_act_as(struct cred *new, u32 secid); int security_kernel_create_files_as(struct cred *new, struct inode *inode); int security_kernel_module_request(char *kmod_name); @@ -1229,6 +1230,10 @@ static inline void security_cred_getsecid(const struct cred *c, u32 *secid) *secid = 0; } +static inline void security_cred_getlsmprop(const struct cred *c, + struct lsm_prop *prop) +{ } + static inline int security_kernel_act_as(struct cred *cred, u32 secid) { return 0; diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 553a6f54a1e2..91154bb05900 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -541,8 +541,7 @@ static int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, static int ima_bprm_check(struct linux_binprm *bprm) { int ret; - u32 secid; - struct lsm_prop prop = { }; + struct lsm_prop prop; security_current_getlsmprop_subj(&prop); ret = process_measurement(bprm->file, current_cred(), @@ -550,9 +549,7 @@ static int ima_bprm_check(struct linux_binprm *bprm) if (ret) return ret; - security_cred_getsecid(bprm->cred, &secid); - /* scaffolding */ - prop.scaffold.secid = secid; + security_cred_getlsmprop(bprm->cred, &prop); return process_measurement(bprm->file, bprm->cred, &prop, NULL, 0, MAY_EXEC, CREDS_CHECK); } diff --git a/security/security.c b/security/security.c index 5e76e35dda09..0003d5ace5cc 100644 --- a/security/security.c +++ b/security/security.c @@ -3272,6 +3272,21 @@ void security_cred_getsecid(const struct cred *c, u32 *secid) } EXPORT_SYMBOL(security_cred_getsecid); +/** + * security_cred_getlsmprop() - Get the LSM data from a set of credentials + * @c: credentials + * @prop: destination for the LSM data + * + * Retrieve the security data of the cred structure @c. In case of + * failure, @prop will be cleared. + */ +void security_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop) +{ + lsmprop_init(prop); + call_void_hook(cred_getlsmprop, c, prop); +} +EXPORT_SYMBOL(security_cred_getlsmprop); + /** * security_kernel_act_as() - Set the kernel credentials to act as secid * @new: credentials diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a9f8d10062b5..438dfa17faae 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4037,6 +4037,13 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid) *secid = cred_sid(c); } +static void selinux_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop) +{ + prop->selinux.secid = cred_sid(c); + /* scaffolding */ + prop->scaffold.secid = prop->selinux.secid; +} + /* * set the security data for a kernel service * - all the creation contexts are set to unlabelled @@ -7203,6 +7210,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid), + LSM_HOOK_INIT(cred_getlsmprop, selinux_cred_getlsmprop), LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 5c3cb2837105..52cc6a65d674 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2150,6 +2150,23 @@ static void smack_cred_getsecid(const struct cred *cred, u32 *secid) rcu_read_unlock(); } +/** + * smack_cred_getlsmprop - get the Smack label for a creds structure + * @cred: the object creds + * @prop: where to put the data + * + * Sets the Smack part of the ref + */ +static void smack_cred_getlsmprop(const struct cred *cred, + struct lsm_prop *prop) +{ + rcu_read_lock(); + prop->smack.skp = smk_of_task(smack_cred(cred)); + /* scaffolding */ + prop->scaffold.secid = prop->smack.skp->smk_secid; + rcu_read_unlock(); +} + /** * smack_kernel_act_as - Set the subjective context in a set of credentials * @new: points to the set of credentials to be modified. @@ -5132,6 +5149,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(cred_prepare, smack_cred_prepare), LSM_HOOK_INIT(cred_transfer, smack_cred_transfer), LSM_HOOK_INIT(cred_getsecid, smack_cred_getsecid), + LSM_HOOK_INIT(cred_getlsmprop, smack_cred_getlsmprop), LSM_HOOK_INIT(kernel_act_as, smack_kernel_act_as), LSM_HOOK_INIT(kernel_create_files_as, smack_kernel_create_files_as), LSM_HOOK_INIT(task_setpgid, smack_task_setpgid), From patchwork Wed Oct 9 17:32:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828891 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 51DBD1DEFF0 for ; Wed, 9 Oct 2024 17:35:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.184.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495354; cv=none; b=BwJzzKSB8mrrz36rcsfyEN/pEm6x4d8rHPMb5LDihOsHdzCNFOkBERPgXVNH0wnHcao46gyQPGer3ZjmNMVTqVcD1Eq9I743PNZf7ZNgPeX/wSqHqm/P808//lTQsRZJbxWgwFWCTbsGtxUlxgxlo8mkG9UlTaaQYR4psKlEKKA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495354; c=relaxed/simple; bh=aUW4xA+Wx1ncwxJVWsFDXPzjBY+M2H/fWTJDCHhD/qY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MmxgiZtezqb+hJRD+mAPKpfggGD1NmA0sjcR6m2YKGur+jS9fcoafc+1yUeXDnjw4vYZaxVf19uLJwNzEtrqLuN+rcfgWFYZkRDml05+OGmjriakUeAEFlb6lJ4nZ7mWZxUUqqfZ5Y5Xdo4NbvhzWX4/isjBTP5mF9V0b7Ofqrs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=T0Qy+NES; arc=none smtp.client-ip=66.163.184.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="T0Qy+NES" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495351; bh=+Hv67XsvWeSVX0aZAA+tmxcn6ViNbCsachPardsd6lc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=T0Qy+NESnXLapWafrx5rq6SXKE3YbJd9xYdb4YSeTepTMNtDv4kZO7LfKAZiOqvzMpYNgzC5WNAbt+1GL2IjNa6aNzqPNzvOZxzEV+QUrsDeo14ePUMttfDI154dvf0NCJmgE+S5lPD2gPIX6sNrDm5qvCMzJXE9FK0oPWDQv9SKja7Wfx+1VzRh8Jp8B6DWhwgRJcvEv4AW9rWjEhJWIDDRb9F10moAYui8SQYnJJKQ7I7MTYit/tS8VwaM0IMefaPOCI9A1A4Pa7NTKOIIG20NwD/Uh9jv7o4haVdiMFBWIJyNG2udOT422uT/qJNWpBpDjJF1rYyJpeiBOaMkBQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495351; bh=5Cw+UtjBCGcSqu54YQiePqvNkTnSVLcz/9Ty1GuhUdR=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=W39rHLJrncluKzLsPZgLxjQN9DlKoQFMTDdu0BWsJlxlGV3ZUNaNE37KKWg8BEnWszzY76yo6d6Jw+5vaMIaHmCMhJS5qCUE7f8nZDQVQSjIK6Pltw7949ntWNodP5b2jLIosOLtQL+r2l4xjHkoLREM4QlRYODGANbpUY+fH7N2PsUKGJ3SOeJ21IU6Go3F+7eU13RT+mxNhNzr16iJnMtvlOS+g2ULKGDydkDxVfwaEzAqpF4cAVI/efl4BcOJTkQpJ+ezRevwW/4aJh8yXH7XWmjmrIMuxP1qaJplyb0vpjU6qwUPWfUs5FC5nOxpZrfbTDDothgmf4oIGd+s4Q== X-YMail-OSG: Ybi2eCMVM1kukE.0PO0CVVVO.g3AVRwv09WjEXvst6DTnj9VgicWVV4ScQLXmOn O2V.uYrNr3TuN0WEKM6HeXl69K2tdVYT8uIuGODPQGnf390bBROK.9q35Sy7jipwge.R6pu.lbaH TnIvuWc9jhHK2Ye1lIIG_gaj.oW5urzC7BvQbXaRFyHVzTnYdZmaNhvs9lCv.BYepCrYTA.b6nt6 kPYZ2Q2NzIldrzJUeykDkvhLz1c2s8d3L78J.adr13huu6C0Y6q3FulWKB8drpPB3XKmuL2fPgy. KJUVbgySDxvYDR6svreyJ6wBZBKqwveBtSiaJ4MqPM4TQnpkGzJjSnZHFtrpmGltok5bnZ64Lifi CIspkmAl4vXVQjgl986aBnDiArojazvKrw2dVGYwVyJjP3gSJj1JHlecg9klp4Y72DjLtULtb0Xf RbytX4qKMxTWPwg76HZeXTrqD0bYny6lOZmrVl52QFpzy9PKH3IJ5fBTC.bEUrm1VkrTqHcFmK3i JDu7T6eOJvc3crQRVhfN8YZ3POMkzrn1vZAgi48Gb8zB5Lh6zOTrKDju7zepNEN9_Rr1QFZl4AEV OYlRR.t3mIqmIPbDfs2BxWJQQmUVS.x4RxixQ54F_L.ZxmtoAYHSMpsQJa1sU2IyumhMb82Yj7Bp FMulyUmfQ6aS821heKm9BWnfEVtUktL8qzvt0fZKvX3V.At7FVXqiuuyVXtMLXhFf19CVlOzXzQB .BltL3q1bz1hA4KWo6dEa802m.IwYkieMxXOnDwPfX_zCGszsBPmm1T5Kjez0iWlVHQvLHCVaeEi yc1AIgG.Bm5qfAexk7hLjfJ4FBIKsd_A.TSSU8CIwzsBlQSCNd_o_RuDNclBNbzdbFjFenmc9b2E Us4rRcTB8Z.nU9hXZkSp5_EioWfw36PY7b4QfIqzubbWY.lw_k2mFuJsGn9a6KhRe0LOTQ7oQe9p .33hRkdddulz5HWkgIo_5JtpohdbNQa39SndD5tc0Cog51i_rB_ylZ23ErXJTTD_fDL9dJD4644k IiUojFL9RHvLrhXTOLomqEH7XDGTCRW4dCS0PMwxFsI50ZpfRrowYxHqkOgIml_eksj94iGiHo4M zDQ5G7SOy7IO4RRyd9uOlkiE1IdW292pLrZZHz_z5UMa7pDz__jIv0pEQYboWMo8GZ7IaNEaobVq pcFbdivTY8FxKg7iTJrEaYiueKNuBKLiLRK9OMh5sSmUcKQpbtVhMj9Q5skucfyYZlpvnY3KNVB4 KWpodm4FP3cshWDTBuZfqGEKdDDumeNHINwNSrTUM7XuxShotMv3B2s.n62yWpRWsy.Zz..kHn2M fk.tj8630539K1SAA7wcBOqOGDvlqk1XCGp7OhV_YYe2Vxm_m76g8blKB3MJoNfgzPql9XpdnufH 6FDDjNkHiT.Ev6raXxdno3L_7DQA4gAwtlVh78SZWD02I4QHSzo8CWpfeAP.pkgUNrHT6wXTz1wo zCIZF53CXYcUPRGewpGqfk6I3k0ebhlcs_BtOvJTaa5M1vkvLHQXmp2j60YavsJM.N2SnOTuxQcR 809.Qh_eQ3pJWctGgoaDhMoN6UVtYY8_A7G58mBEAj842FooJSLscCDqgYNfsvy_.LT6zFU_Ghpc 961AyksO4KS8LrIHnXjAbC7PnBFCfxsRLQxE4M8UONW9rIjXdWN1VMoXTtSUw65K.F_6DSdFLa_b RGvp01q_PSi67BtZOVyTycjzPCp5F39w4XZUTjrmtYQPtZrLsMFuGpqaExWxaaaRF2xprw.NaTEx KA0gyEYSt6jhq1Xar7sPZvZAXxYbGPPt_iNp0egyMJOfgtFC5JJ5XIAUrR7C6dXDVhyGJIMuUEzY aURhu4q829K.58lzppqHMGjYvAA_vmNVKNfDjz0pLlD78UgWEDQIyKTtfCNySz89elqKjJe5Is_p zAX_i_UDny32MHWk2sDo994dgj8e.Qu8.tNbv19op9efvCriIQBoopPb664TXLrl8JeXOGYYAQUN ngrE3Diei_cirhMx1vSde6wh.Lt4odTyJV8_01DxGe89jG1qLtsNHWMUFQSE9G4qgBF3kgNwKxhj sbxCMr0put.Zgm0Uj89g1wR7fU8X2dOMHDD4QtxJaD_Thq3Wu8xnlGaXQr8KSIeP0yykhrmD2JYQ z4tyqnKLa3C76PUK6j90eszlragPNWbdryslyIOLGTfxhyLKlqjjjMrYnoxsn7J5KwRFwSWFKBVu VieuLxcxwR7X_7Qc34jAWHhZ8SHkLAMIJVV80rTGhrJO3qfDl2sOSThaOsgzRBU8QkUhhlxRWXLp nHBOM6uWdL2XDEhfmrd1KP0ZnfUilD_s9rkzu74zpWmAK7m4- X-Sonic-MF: X-Sonic-ID: 007089bb-01d0-41eb-980b-00009281c11c Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:35:51 +0000 Received: by hermes--production-gq1-5d95dc458-rvnnh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 502c2859a32e83ed73c2b19ff921ebf0; Wed, 09 Oct 2024 17:35:48 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 11/13] Audit: Change context data from secid to lsm_prop Date: Wed, 9 Oct 2024 10:32:19 -0700 Message-ID: <20241009173222.12219-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Change the LSM data stored in the audit transactions from a secid to an LSM prop. This is done in struct audit_context and struct audit_aux_data_pids. Several cases of scaffolding can be removed. Signed-off-by: Casey Schaufler --- kernel/audit.h | 2 +- kernel/auditfilter.c | 1 - kernel/auditsc.c | 31 ++++++++++++------------------- 3 files changed, 13 insertions(+), 21 deletions(-) diff --git a/kernel/audit.h b/kernel/audit.h index 8e6f886a83a4..0211cb307d30 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -144,7 +144,7 @@ struct audit_context { kuid_t target_auid; kuid_t target_uid; unsigned int target_sessionid; - u32 target_sid; + struct lsm_prop target_ref; char target_comm[TASK_COMM_LEN]; struct audit_tree_refs *trees, *first_trees; diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index a7de3dabe6e1..bceb9f58a09e 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1370,7 +1370,6 @@ int audit_filter(int msgtype, unsigned int listtype) case AUDIT_SUBJ_SEN: case AUDIT_SUBJ_CLR: if (f->lsm_rule) { - /* scaffolding */ security_current_getlsmprop_subj(&prop); result = security_audit_rule_match( &prop, f->type, f->op, diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 53fbd2e5d934..f28fd513d047 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -100,7 +100,7 @@ struct audit_aux_data_pids { kuid_t target_auid[AUDIT_AUX_PIDS]; kuid_t target_uid[AUDIT_AUX_PIDS]; unsigned int target_sessionid[AUDIT_AUX_PIDS]; - u32 target_sid[AUDIT_AUX_PIDS]; + struct lsm_prop target_ref[AUDIT_AUX_PIDS]; char target_comm[AUDIT_AUX_PIDS][TASK_COMM_LEN]; int pid_count; }; @@ -1019,7 +1019,7 @@ static void audit_reset_context(struct audit_context *ctx) ctx->target_pid = 0; ctx->target_auid = ctx->target_uid = KUIDT_INIT(0); ctx->target_sessionid = 0; - ctx->target_sid = 0; + lsmprop_init(&ctx->target_ref); ctx->target_comm[0] = '\0'; unroll_tree_refs(ctx, NULL, 0); WARN_ON(!list_empty(&ctx->killed_trees)); @@ -1093,8 +1093,9 @@ static inline void audit_free_context(struct audit_context *context) } static int audit_log_pid_context(struct audit_context *context, pid_t pid, - kuid_t auid, kuid_t uid, unsigned int sessionid, - u32 sid, char *comm) + kuid_t auid, kuid_t uid, + unsigned int sessionid, struct lsm_prop *prop, + char *comm) { struct audit_buffer *ab; char *ctx = NULL; @@ -1108,8 +1109,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); - if (sid) { - if (security_secid_to_secctx(sid, &ctx, &len)) { + if (lsmprop_is_set(prop)) { + if (security_lsmprop_to_secctx(prop, &ctx, &len)) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1778,7 +1779,7 @@ static void audit_log_exit(void) axs->target_auid[i], axs->target_uid[i], axs->target_sessionid[i], - axs->target_sid[i], + &axs->target_ref[i], axs->target_comm[i])) call_panic = 1; } @@ -1787,7 +1788,7 @@ static void audit_log_exit(void) audit_log_pid_context(context, context->target_pid, context->target_auid, context->target_uid, context->target_sessionid, - context->target_sid, context->target_comm)) + &context->target_ref, context->target_comm)) call_panic = 1; if (context->pwd.dentry && context->pwd.mnt) { @@ -2722,15 +2723,12 @@ int __audit_sockaddr(int len, void *a) void __audit_ptrace(struct task_struct *t) { struct audit_context *context = audit_context(); - struct lsm_prop prop; context->target_pid = task_tgid_nr(t); context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &prop); - /* scaffolding */ - context->target_sid = prop.scaffold.secid; + security_task_getlsmprop_obj(t, &context->target_ref); memcpy(context->target_comm, t->comm, TASK_COMM_LEN); } @@ -2746,7 +2744,6 @@ int audit_signal_info_syscall(struct task_struct *t) struct audit_aux_data_pids *axp; struct audit_context *ctx = audit_context(); kuid_t t_uid = task_uid(t); - struct lsm_prop prop; if (!audit_signals || audit_dummy_context()) return 0; @@ -2758,9 +2755,7 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &prop); - /* scaffolding */ - ctx->target_sid = prop.scaffold.secid; + security_task_getlsmprop_obj(t, &ctx->target_ref); memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); return 0; } @@ -2781,9 +2776,7 @@ int audit_signal_info_syscall(struct task_struct *t) axp->target_auid[axp->pid_count] = audit_get_loginuid(t); axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &prop); - /* scaffolding */ - axp->target_sid[axp->pid_count] = prop.scaffold.secid; + security_task_getlsmprop_obj(t, &axp->target_ref[axp->pid_count]); memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); axp->pid_count++; From patchwork Wed Oct 9 17:32:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828893 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic306-26.consmr.mail.ne1.yahoo.com (sonic306-26.consmr.mail.ne1.yahoo.com [66.163.189.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F38AA1A2630 for ; Wed, 9 Oct 2024 17:37:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.88 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495446; cv=none; b=rzKAeVDJHi+I0RLNqaJJ35latrKgX7AWtVu77UtbXUMar16HyDJUDBIGIeEwjZQ23L2XK5UWtf1Sj4fW2vAA0I7ATmt6ZJXeTK+Ky9FZqpiWlrX9CH2flR2rMR7ShoHVqbLWBGVTf3BWrL1V2WMo6Q9LpNLKuPFAYWEMGQXSAqo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495446; c=relaxed/simple; bh=n8xyTzrmBZezDTvSLBbtjqQTqiD+k0fdNEINQvEQTH4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=B6OPJGtJXhBuKgds9n+1UzCDeJfpPtrcLSKVbeIpYJn9PZu9Rlk1fJ4JDU0I+XtyeKMjSdsVEN1T4e2Pp29GrRCwA8iUxeZQxhMZneFDojffXAMMimUPM4DJs419LNrHslDPrZyjFBN4YJC5IW+QaG5pI2J2Mfca/u5l88seLOg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=SmaNgUp/; arc=none smtp.client-ip=66.163.189.88 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="SmaNgUp/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495444; bh=4VJXnDeZn7m1qqxsSxoGUKvK9NPmCZzpWqWUKtknIMY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=SmaNgUp/V9Kbtr4TSCHhqLYGcBLr8d95CAelGjIAjQysuwbZUQbLstNuFcZ+N2+celmV7PzfB87CiYoZaYBmPbODYE8THSaLiwwct3Rx+oRTgdtgoMzm4E+UzA4DfPnlVVVRoLa2BNMt58xPyte0GTWuwL+wMa64iD2V3+Paq5crPpzsE/NtABCC7WxjDlwnekSzPscKMxbO+2E53HLcuB5MWjJHE3q7vWeYClzqk3dW4NtPncokWg1IO0axnBOgMLwR2mtco1D8SuCoqLGahTYFPAM84IWCvM6d92rVleH7AJrwrx/kBNSEuNs9w2RLmjecTX1v5GQQxnXsAFChVA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495444; bh=PB4NVMNskdAgFsmPysH9qrfIuwMnccDyRzVIGG1vKXY=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=fZBMYhzWJm5PuBhXs5nOuUJ1rOiP4xUEc0GTeDzt7+ic6bjO4boASpbmdUeVwB1gGwmqb/97h2j5WXKMA+pecSkTpBg6egakGP7rJpb89TcLUJXAPz+e9QjFxTMdwyY8HnP9BFN1mx79xeTypcOxUumYvyz467dYybP+w2aUt9HCdkoZ81oLK+LOaPxvtftJrHoeAYKUNEyK5zscHL8/Ck8gCLdfsu43Gfu8BJCysZJE6vW3Z41ByL2u9rZ4GNguW80Ht41B8wj+piKz4kyew46UBhIlSP7ndHUrI9CFfjhL8V9Hz56SldvTnxkUva2bPdLhaixZnXcjOtZEmgbvrQ== X-YMail-OSG: KNDBrVcVM1lpSeiuhnjDXZIhcfJFJE3bu_5.x4WCmVQ6Dbgvx0G4VVjs2si0ZQW HvgRhUiLJFneLxXQvlaAjXr4MZPvdNjwLEQZdUUgMGUyCWs9uGWsrCTSU7pQ.L4.dzgiGYC7RADd aB9A.LmGquKHdlJsk_IoBuVKQOv5wdnXb.Q9sdllJdCycKFwV3LlHMsAxB0KDTK4QZS96buat8I. sa.G3ML9slNofXjhHZe2wbqI9JMF_Pj3UrTwbGgKlyBldjnBAYOpGs8XaGoSCSd76aRn7Micw4Sw 0axaCxsZ3DXyKdI2zJoTO6MKSum7fX9fqUX.ha4KAhCgdaqavtxTlKI.gFnBiIwqBetwz8FY5mAf Sljld7Tzt4ZRbGEOXIzR9x97TGO4rw1AS78s02AjS.k0S6c3arNEcuvbbv25oUlO4ABrLz8m6WbL sDGNSRca7oen7y3U8p8CRsub.SCrYCNwkEUtFI9lmNRdx7xngy570EPQ08mO3sr5RQpn2shm3vqj jTiWZmGiS2RBcfJeEI8m2URVxT.4jLFTrFcj9E_hlvakxxKYRpn4Ag7fBvZHHCdG7HOqPABJwnyQ zGB2rhDKkqJl2tHPDPaFWC07zcSRboGXUMMaJXGIfVUYZkq.DYUMw0n97lXJkRWZozuf3EETc47V i4UUfvSRMPiXG5o1AkmlbzTg8rxCDBkhqSkrimWys43U5vomZxH80NZq3vztW02CUCHhAomKzn6l nBrGZVnuCzrDlyMsZhZlf24P1jugfG34gi.RSU68Tyg0xjBLY5R1NOekjqrND4WMxo1XMBUcs1Xf H_3DkjKzckyPVRTsccY1L3ax43JypPTmwf36cIt0f9x.NZ_SLV9YndWnSyOp5AVeXinW_bVdT2Qi V1KeXZssE3ayINGkLGeFpQnqVhjhdyDSP7p1XZFArIWdYw07MHbhQZHmq8NogXZ2I.ChjcPbyx1S puBLpK58BQnED7IM3Z1Y_e5q_AP9oXvM49s446CC4sfdhBKoQUwQSRLjSqjLa8ZEVp5Efsm_hX8C bUA08oj4ptPPeJQ.PQhmT2bfY5rwsBGvb891DhuY03h011sEBOVB3K_fCYWpusRm8jX.U7Y7zRHy kljmQfg8d4NP95nDk9H3bEBUHlEgC7kPrZpSvQ0EsR7e7q.mrnjR0oya516H_l9hLKmhPmpbXCWL Gn2SJCdgAiAGzIs_DI774ghSVtTZ0ih.d82stHhUVUJM3fEcsU9pJDCYHP.aiCEMtfJdMjaf9G8g cVRocXFkx7oerU9op4upyGpAP3Fz8VN683W3Ect4S40kPnDDcqMhgvNvqai.2w3bE7z97rzVldjv URYWWa1vBSry7Bf6AiZx5wn9bwuNdEs_p89cCsgYaS5Ss.UnLgrD1l8yqZlQcO8Gr7Bb3IIO1G51 A.VOi_WybjLjY9NTGt5ayeTG6ENw_BoDU8DhhulJXa3sPmWTF4T8563fv9omi.3xKeHCpNh8SFsa W4vR.qKpNMc1icesC1c057K35mY8pND062Vk64rwG7IZgYky1VUPlBlIBl27hAbUrbQEl6Ssj0s8 hWEBQKpwFTTzMMca.uf9CBL41Wg1gHPSzTC5tM5CIa_C8cqR9MQMjCWgPdMMVHdc3qQ.jHqmIovX DHJkGDfD.LzljtY.VYfFj1a8zYVgdcK.7y2svWDvFUg6TQ1RnKsyzLD6jPa6jRypv_.YpOjZ4NWX MKhv87svN8iZyz.ucud99ONDtIk.D4s8fuMYCS7IjicGvvXyPrALBLYIS.1Nwv1fyOVE4B3Jf1W6 TgwhWN5KrtCaCBbcRo5A0Q4jkqqEBBJMXK8JtV1JziRuW4fnnVwLQnT0D6RNOpO0.dl61GzBUE1s oQz.00nKjKmfeVUDk3Xov8F8w.ToT8uyiSBEZlwQJVXuBi7.iHLJwJ6BSmi5PnnWJMeuGjOBFSs0 xSW5s7zKc9feBE5g64jz.3RFgpNMS4pZ7N0y4CjDV07WRBLiODG.opvHcGW7gHlJVnq7QrZxkqos x2yfTwEDJwmuID4goLyuLi6Y0fQictAgQoJoe2uBprr9h6V_rXQ7X67wnjrHbdtsFaIVKRMzRBvC VI3AD.yJ49QvsSa4MI1Go80TXukBLA.5T0xJlR0J64pSjQNLPIy_uEqiJcO3GJFgKJIrEt9Lxvx_ qzGOX6lCpL.CSJGsyCbzsKfeaNPjOjrWYu0g78QjjFyCsxTW2ajpe9flRHXiJZbBcmQQ.zmE2XXD SitzMrMlI.mGBzyfvWpiq04K8U7po3GZ46Mm_VBuYZX636ewNdc2z4S8J_mMf2OqnjYOpcExhwT9 zr3cE5bTo8jgWFLVKM3SHVX71j9CJxK3XC_jic1kw5muA3Nw- X-Sonic-MF: X-Sonic-ID: 0e80faf5-cfea-4eb1-bbe1-72173aad2bf9 Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:37:24 +0000 Received: by hermes--production-gq1-5d95dc458-xmcnd (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 934db59ff91b58b27af467a3ec48d37e; Wed, 09 Oct 2024 17:37:23 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 12/13] Use lsm_prop for audit data Date: Wed, 9 Oct 2024 10:32:20 -0700 Message-ID: <20241009173222.12219-13-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Replace the secid in the netlbl_audit structure with an lsm_prop. Remove scaffolding that was required when the value was a secid. Signed-off-by: Casey Schaufler --- include/net/netlabel.h | 2 +- net/netlabel/netlabel_unlabeled.c | 5 +---- net/netlabel/netlabel_user.c | 7 +++---- net/netlabel/netlabel_user.h | 6 +----- security/smack/smackfs.c | 4 +--- 5 files changed, 7 insertions(+), 17 deletions(-) diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 529160f76cac..8de8344ee93c 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -97,7 +97,7 @@ struct calipso_doi; /* NetLabel audit information */ struct netlbl_audit { - u32 secid; + struct lsm_prop prop; kuid_t loginuid; unsigned int sessionid; }; diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 5925f48a3ade..1bc2d0890a9f 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1534,14 +1534,11 @@ int __init netlbl_unlabel_defconf(void) int ret_val; struct netlbl_dom_map *entry; struct netlbl_audit audit_info; - struct lsm_prop prop; /* Only the kernel is allowed to call this function and the only time * it is called is at bootup before the audit subsystem is reporting * messages so don't worry to much about these values. */ - security_current_getlsmprop_subj(&prop); - /* scaffolding */ - audit_info.secid = prop.scaffold.secid; + security_current_getlsmprop_subj(&audit_info.prop); audit_info.loginuid = GLOBAL_ROOT_UID; audit_info.sessionid = 0; diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 3ed4fea2a2de..81635a13987b 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -98,10 +98,9 @@ struct audit_buffer *netlbl_audit_start_common(int type, from_kuid(&init_user_ns, audit_info->loginuid), audit_info->sessionid); - if (audit_info->secid != 0 && - security_secid_to_secctx(audit_info->secid, - &secctx, - &secctx_len) == 0) { + if (lsmprop_is_set(&audit_info->prop) && + security_lsmprop_to_secctx(&audit_info->prop, &secctx, + &secctx_len) == 0) { audit_log_format(audit_buf, " subj=%s", secctx); security_release_secctx(secctx, secctx_len); } diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h index 39f4f6df5f51..d4c434956212 100644 --- a/net/netlabel/netlabel_user.h +++ b/net/netlabel/netlabel_user.h @@ -32,11 +32,7 @@ */ static inline void netlbl_netlink_auditinfo(struct netlbl_audit *audit_info) { - struct lsm_prop prop; - - security_current_getlsmprop_subj(&prop); - /* scaffolding */ - audit_info->secid = prop.scaffold.secid; + security_current_getlsmprop_subj(&audit_info->prop); audit_info->loginuid = audit_get_loginuid(current); audit_info->sessionid = audit_get_sessionid(current); } diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 5dd1e164f9b1..1401412fd794 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -182,11 +182,9 @@ static inline void smack_catset_bit(unsigned int cat, char *catsetp) */ static void smk_netlabel_audit_set(struct netlbl_audit *nap) { - struct smack_known *skp = smk_of_current(); - nap->loginuid = audit_get_loginuid(current); nap->sessionid = audit_get_sessionid(current); - nap->secid = skp->smk_secid; + nap->prop.smack.skp = smk_of_current(); } /* From patchwork Wed Oct 9 17:32:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13828894 X-Patchwork-Delegate: paul@paul-moore.com Received: from sonic306-26.consmr.mail.ne1.yahoo.com (sonic306-26.consmr.mail.ne1.yahoo.com [66.163.189.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDB7E1E04AA for ; Wed, 9 Oct 2024 17:37:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.88 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495451; cv=none; b=We4rTszyrgnbi147L2yyou7TV+fxJi4IyRVtIY46Xqnvuzvp/vbCUc9sMJJiGu5OaLom4wzIklshLJaP7lN2XJ4qrcqYPmXSzmGAZ5K8XDtKCfNLVKxWwiQELqu5rIL5yy7O3EcwbNuwa+fgxjlW56hxmqfwlJtjikfdsvuYYbk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728495451; c=relaxed/simple; bh=lMOK5KOAfNPQW7erRNtalTcnH2NWLJtaSuwOlE9FteU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YvC0jmHWBJ+JdFWhXN5DKXFvzhlFI6Me9WtGjrzQxxoxKj6e8ZK1mzqI2sM3t2Ix/j51olIkT5U4bcjYXAV4h5b31QwqvnirRbpjhydAxKJEznoOKjt5nUEWeo7pj4J88TSWfML3MFQUHW0bxtWxGMSHdWVLg6vKQQIigEsJxwg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=fP/MgI1W; arc=none smtp.client-ip=66.163.189.88 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="fP/MgI1W" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495449; bh=/+bNDlC2zxAcxrtS4Ze9mN8zJjtzFTDuPxQWb8z8RAQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=fP/MgI1W12YKPt8UFStIaZvs4e9miNgqOhe/EIv6yhH/5vnH8ZerOHaC0DcxaHBeu8mE1oiw2NCREBQxb+xB8+KAKhYk4VkMmY4Zv4RGKI065JubYyG+ORlFRWRGM599kbPwb1NvUqXeWIl8aUVJw+NUPycR/yYVJyX6hxwGLHzNH2ZQKZCj+XcYX1KpqnZ29v5m6jvbDr8cOPnhsEYJvTcFNSf1dyIPrFO/oLNBKGmwTOYknC5mJdcLdN8FQGLDRNOF908GMumeWMyvxat/nq/8ui3VwXOk26IwiySv2nGzc6L2pijrP29ZxJhbzn6Iu56Y+QhQypeExMWdPYWJog== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1728495449; bh=Htht49EkIR+K4FdG1KIb+t90frJj+QK2sAYlxjlIWas=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DqSfXNftVM6NevcXZyGE/v3Ta8I1ek5kIgQeVA/Ud4Im1R4LBlJvllaughNY+sPTGodcdAKFUnUSFYvwE3ySxE8We+iw8lxmomcY1b23tDLGh2PD6MOMsiIqtX9c6A5VLlcXVk6n2l4t+VXjkXl/lcl8IE1FwjymaVWMp1+EpHljJGNykud7TvGFKE6MGwigku91gqaqJTfsFIuSMokpAqciQPYT4AKplkNmsweXNR3rLg209Cbo4USFK8y5bVKT15pJ8pfgEM3IV6cgzjmNd77rRUa1pfOnVQs50BXXQWcIivcOGg2UkTcQr8aJ+e/lqmtCcdpyhOhNcO+l/eDMyQ== X-YMail-OSG: kKdKUrIVM1leXplsEw6EHmV3WwclcGjlit6cTNFx3O4LPMbf2fZ.ayR10QdLHvD pcQmTu7epI5Q6RpTaqHhmghmbwO0UyL8LeDZCz1oCEItTLgsANHG.0HeMUkGW0Ygcbqw.n5VsexE ORKWII0b.2pIM5J4_u6rN3PdzP54aFv8ctV92CCr75eC9qIQw1Fa2kD0a1aU_orhnBUtvG7RA0rg NA2_rG8r3aKtzB3a9JPqe_wPhYloqKYOYSTzQ0kpuwxxXB1KBUZtW3BYbW6UQN9TxSpwsrfFVEih V5nfvMmFwzrO7DlZm4nUDHtMNKPqgHJ1Bl2svEJOsoyFlVYKQ1PJia4Y3i9GYOWNqDr8mR4CYqQz z_mQ2RYIoaDrHM9m8DldF3sUwT1c69t8mI3P3wwYGBzlsKBH8elmgWVTLhRaWWBHOfzwt3ER66Wx mjGH3s91.x9OJpnWaRvDL94MTFeupr57uDK2ltmNAjQQbGEi6y.OWSKhquEk5zk_iPMK89XOzb8z 4i7Vr9Pxm4.FuXcLxGU81Uvw4JUurC.UKzBsLn_KfsuKT92VQlB_lVDqX9pTSCYLt6M6VBLXy2AG Hze8hWBDLcpz8IZMbx1X6Gx_N_ogfKX57BqLtw833l_z6puzIoT1KHw.OLRsKjuYzxIK7rz7D7_k KsYnxEnXsk5JjZmx9DAdMcMkVyJiWxc7SsXDymA80PTB2iya_a_A7PqHfXoUQ3IaWHUlO_Bb0pX0 yxF47rnXlkH2p6qZ.JzbKoivHEY6WxY2qn7YKTr5.hk5AtrxGugY7PXPoJqYMB8hcHZdBnnaCyxa eqhh7OkES.kONrd9zhB7nYe8RuQOM4GXg0s3o6D8frMcfrbkBs8ITnCp929aUG1AkRXKRepmr9Ar blyuKMAzloOj_a5VGG_EFeaTQHXdj4Q_._fJ92m9YhSq20EXZnm2jbIkzNarO3ePUZW9Obzh7BI3 lr0F1W9_j7mzRpXcb24GiSWJL0CyjIE23kZr4ZLJenQnF9ljjGEO1Xr9bNiB4dao0KA44UP8KAoL QCyIhKlstNcFkBX0WFaeLtD9o9TYLIouh0Ic1bZlNe8D1DX2rNN_luicIqYtvskI3rgb55HXxMig R6C970ye7qcB2cUVGUhnO6ibHl0iKLVyTN1.jnmvx67Ek19vPju7QaDsvZ.DC.UXMe5A6K9VvUb1 E.C3fU23.YTYz4Xd_Zn99zNhJ865rfbqifY_n9YbNazA6HfCnfmWe5m.CvVzfZCHs4mq708I.zcK u.H6V5Oek0EK24U7yVgqdPiamGQFr983.lzj5h.oZJV7Qj8HIYerQi.GRoBXYyyxsCHSnoYMZ1hP tmzHerkFUHqnDJG8K07XOr9yJ8D_.iayDd0VTttph7vYhwmIktnQnXaUadihNQqo_7.RedO9nNbL crc88XBTNtrt7Zi7w_8JJl8j9OQYOtkZqYMeCTc9dl7QPmP1LCjMYkMQLj05pVYqyCuJZ91XQA8N Sy_7e.OSVN1TBh.v17svuwj2BO9d2uvCJsevXzo4_5StmZ6jMhfryaSbmvGW5nH9.p8GVwKXQ3is 1WmG32j7s7HumS5HIlFPj88srWUvcgxXjJpWOsoaHNfKkip99Knt9LC5.EW9S2i04lwdri.QLo.L y8Wwx5uzRU4z3SG4HqgW.Y0ieoRNng97MZCL1jfNaOYornlu4hU4fpng7tX8gkFs4SYZmk6Tlstn RKCG22Tta8En2xkD8oH.rGMNyGxupsysy05BYv5y72iFrzjLq.pSvvONcdCrYM3snheWKKJ3Ag.h osFM7zOMQYZ0LWHvqakBFSTS0rh5Y6wFBCxKOwOXibsuO1x9X41G6AXOfgy8qUbknEFmLJr3yYPP 1D2.L2HbDNRk_.swXhB08uVXR0pioQ4RwxPjXsRqLcVDOt_QQWiwguG63nL1HJWIaRtGmUJFelUV Yru4fU0hUM_mLiPGcimK8BcqdBP1iTSGPy29kLrzr7TyIG.LEQMkf6vTWEupMRLnn0z4qi.CLWK8 DaGOTmw82Ig1WDXoms_1Fc54vkCwXNdkC7LnhOBhUc4CvfRqx2DCMwlNQZqxsXik9bhp62F.Y.6T gudGd7z41UvqkB2.IEq5d_A1HHxNI3Gu45IayXsPxWYC7wBH3bPoIp1tfjTZMjLaztZ9e0cuRGpC htHU6CYrPEuweHErkMP0ehAk2A8sztzz7xFWGhYzX0C37mu0UzEZkz0iX5k0ci7uwm7SfQ_ddzjb zjzVNTOw3CMRHRiQMSlxS6dozK28wC1l2hlsyysKVBqEVvgsxQkviRWj9QE9zZwMKNiieHOO49LO XEHd_C03doJA_kchAGWc..Tn9tislatp04l4yL13GlfMmyCp2 X-Sonic-MF: X-Sonic-ID: 507da6d7-95df-46cc-8d01-c2d2ff63acdf Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Wed, 9 Oct 2024 17:37:29 +0000 Received: by hermes--production-gq1-5d95dc458-xmcnd (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 934db59ff91b58b27af467a3ec48d37e; Wed, 09 Oct 2024 17:37:24 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 13/13] LSM: Remove lsm_prop scaffolding Date: Wed, 9 Oct 2024 10:32:21 -0700 Message-ID: <20241009173222.12219-14-casey@schaufler-ca.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20241009173222.12219-1-casey@schaufler-ca.com> References: <20241009173222.12219-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Remove the scaffold member from the lsm_prop. Remove the remaining places it is being set. Signed-off-by: Casey Schaufler --- include/linux/security.h | 6 ------ security/apparmor/audit.c | 6 +----- security/apparmor/lsm.c | 4 ---- security/apparmor/secid.c | 6 +----- security/selinux/hooks.c | 18 +----------------- security/selinux/ss/services.c | 4 ---- security/smack/smack_lsm.c | 33 ++++----------------------------- 7 files changed, 7 insertions(+), 70 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index acd2e5d1b0ff..fd690fa73162 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -156,11 +156,6 @@ enum lockdown_reason { LOCKDOWN_CONFIDENTIALITY_MAX, }; -/* scaffolding */ -struct lsm_prop_scaffold { - u32 secid; -}; - /* * Data exported by the security modules */ @@ -169,7 +164,6 @@ struct lsm_prop { struct lsm_prop_smack smack; struct lsm_prop_apparmor apparmor; struct lsm_prop_bpf bpf; - struct lsm_prop_scaffold scaffold; }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c index 87df6fa2a48d..73087d76f649 100644 --- a/security/apparmor/audit.c +++ b/security/apparmor/audit.c @@ -270,11 +270,7 @@ int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) struct aa_label *label; int found = 0; - /* scaffolding */ - if (!prop->apparmor.label && prop->scaffold.secid) - label = aa_secid_to_label(prop->scaffold.secid); - else - label = prop->apparmor.label; + label = prop->apparmor.label; if (!label) return -ENOENT; diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 6331bcb35ec0..1edc12862a7d 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -987,8 +987,6 @@ static void apparmor_current_getlsmprop_subj(struct lsm_prop *prop) struct aa_label *label = __begin_current_label_crit_section(); prop->apparmor.label = label; - /* scaffolding */ - prop->scaffold.secid = label->secid; __end_current_label_crit_section(label); } @@ -998,8 +996,6 @@ static void apparmor_task_getlsmprop_obj(struct task_struct *p, struct aa_label *label = aa_get_task_label(p); prop->apparmor.label = label; - /* scaffolding */ - prop->scaffold.secid = label->secid; aa_put_label(label); } diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index 34610888559f..6350d107013a 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -102,11 +102,7 @@ int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, { struct aa_label *label; - /* scaffolding */ - if (!prop->apparmor.label && prop->scaffold.secid) - label = aa_secid_to_label(prop->scaffold.secid); - else - label = prop->apparmor.label; + label = prop->apparmor.label; return apparmor_label_to_secctx(label, secdata, seclen); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 438dfa17faae..025b60c5b605 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3508,8 +3508,6 @@ static void selinux_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) struct inode_security_struct *isec = inode_security_novalidate(inode); prop->selinux.secid = isec->sid; - /* scaffolding */ - prop->scaffold.secid = isec->sid; } static int selinux_inode_copy_up(struct dentry *src, struct cred **new) @@ -4040,8 +4038,6 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid) static void selinux_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop) { prop->selinux.secid = cred_sid(c); - /* scaffolding */ - prop->scaffold.secid = prop->selinux.secid; } /* @@ -4182,16 +4178,12 @@ static int selinux_task_getsid(struct task_struct *p) static void selinux_current_getlsmprop_subj(struct lsm_prop *prop) { prop->selinux.secid = current_sid(); - /* scaffolding */ - prop->scaffold.secid = prop->selinux.secid; } static void selinux_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop) { prop->selinux.secid = task_sid_obj(p); - /* scaffolding */ - prop->scaffold.secid = prop->selinux.secid; } static int selinux_task_setnice(struct task_struct *p, int nice) @@ -6339,8 +6331,6 @@ static void selinux_ipc_getlsmprop(struct kern_ipc_perm *ipcp, { struct ipc_security_struct *isec = selinux_ipc(ipcp); prop->selinux.secid = isec->sid; - /* scaffolding */ - prop->scaffold.secid = isec->sid; } static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) @@ -6625,13 +6615,7 @@ static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, u32 *seclen) { - u32 secid = prop->selinux.secid; - - /* scaffolding */ - if (!secid) - secid = prop->scaffold.secid; - - return selinux_secid_to_secctx(secid, secdata, seclen); + return selinux_secid_to_secctx(prop->selinux.secid, secdata, seclen); } static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e0c14773a7b7..07ba5b3643dd 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3661,10 +3661,6 @@ int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vru goto out; } - /* scaffolding */ - if (!prop->selinux.secid && prop->scaffold.secid) - prop->selinux.secid = prop->scaffold.secid; - ctxt = sidtab_search(policy->sidtab, prop->selinux.secid); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 52cc6a65d674..0c476282e279 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1655,11 +1655,7 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, */ static void smack_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) { - struct smack_known *skp = smk_of_inode(inode); - - prop->smack.skp = skp; - /* scaffolding */ - prop->scaffold.secid = skp->smk_secid; + prop->smack.skp = smk_of_inode(inode); } /* @@ -2162,8 +2158,6 @@ static void smack_cred_getlsmprop(const struct cred *cred, { rcu_read_lock(); prop->smack.skp = smk_of_task(smack_cred(cred)); - /* scaffolding */ - prop->scaffold.secid = prop->smack.skp->smk_secid; rcu_read_unlock(); } @@ -2265,11 +2259,7 @@ static int smack_task_getsid(struct task_struct *p) */ static void smack_current_getlsmprop_subj(struct lsm_prop *prop) { - struct smack_known *skp = smk_of_current(); - - prop->smack.skp = skp; - /* scaffolding */ - prop->scaffold.secid = skp->smk_secid; + prop->smack.skp = smk_of_current(); } /** @@ -2282,11 +2272,7 @@ static void smack_current_getlsmprop_subj(struct lsm_prop *prop) static void smack_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop) { - struct smack_known *skp = smk_of_task_struct_obj(p); - - prop->smack.skp = skp; - /* scaffolding */ - prop->scaffold.secid = skp->smk_secid; + prop->smack.skp = smk_of_task_struct_obj(p); } /** @@ -3466,11 +3452,8 @@ static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) static void smack_ipc_getlsmprop(struct kern_ipc_perm *ipp, struct lsm_prop *prop) { struct smack_known **iskpp = smack_ipc(ipp); - struct smack_known *iskp = *iskpp; - prop->smack.skp = iskp; - /* scaffolding */ - prop->scaffold.secid = iskp->smk_secid; + prop->smack.skp = *iskpp; } /** @@ -4805,10 +4788,6 @@ static int smack_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER) return 0; - /* scaffolding */ - if (!skp && prop->scaffold.secid) - skp = smack_from_secid(prop->scaffold.secid); - /* * No need to do string comparisons. If a match occurs, * both pointers will point to the same smack_known @@ -4869,10 +4848,6 @@ static int smack_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, { struct smack_known *skp = prop->smack.skp; - /* scaffolding */ - if (!skp && prop->scaffold.secid) - skp = smack_from_secid(prop->scaffold.secid); - if (secdata) *secdata = skp->smk_known; *seclen = strlen(skp->smk_known);