From patchwork Wed Apr 9 18:49:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045271 Received: from mail-qv1-f50.google.com (mail-qv1-f50.google.com [209.85.219.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 99F5227703E for ; Wed, 9 Apr 2025 18:53:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224813; cv=none; b=r90HgxLqggHK8luqdS870NmnwYmUWP8q2QBflIMJPs77vqYVTkvGFxODeYUfqKLrdC0t/VS/q9A0G7c5gFef8xeqxNMM81XUwU3lmazA1vHx7crUSAiKJmrIQX1/8EfULzpk5TeO/XbrrQPKCO88UNfETOS3BL7I/TY3t3BLl08= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224813; c=relaxed/simple; bh=pST0Jy42PlsO0MpZv3Tmw04rGz8RTx/Oz6ErubDMxwo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=M8S/v14uZQDaKL9Qsm5KAumDEdc5EG792bC2HlGK2b7R0IhjW7RMvxOQE56EwJM9AuNcKgK4zJWyr9A3KG/iZOSJtc9xPvC9EBliXHHORzc9DM9gt0XOc7kgL8bSLzwtjA8U7fGUm20VXDhoO7kEawd8Sd/nkfvbgjYKhMwL5Zw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=Ijz3mOeC; arc=none smtp.client-ip=209.85.219.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="Ijz3mOeC" Received: by mail-qv1-f50.google.com with SMTP id 6a1803df08f44-6e8f06e13a4so11156386d6.0 for ; Wed, 09 Apr 2025 11:53:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224810; x=1744829610; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=riL1KUp604CYpD1AiWNliF00+qwNhMr/LsXwK6I/EDI=; b=Ijz3mOeCYOdU2GA2D1wzEdTUDjv/ZRKlMR/dP/01ML0nFTLB/rBeuF2E8Wfmqss530 y/487Hj0e8tP2JIXYS0weUINerXes5OIrF3xHWiK4ItbTwgUit4uDJksfI8Iyftz9RhB 71FnfF1CpAH3RlFaAenEJ5BwTOp/tko7YbdroKoSaE9C02v869LLM/jK4k/ciMOFqYPz i4DId0FdCGbuBiRQSrwwkSnsHfmp/lymZC/lp2UYDElXVzqFPiBRAJOMS5QyFHKjWH3F ucnizQL1f8ncPMFrlDZXMWtJF9K84uorrkphcmsz86Mu/2AF5K9jkLsZvfDJszTk2JPq aimA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224810; x=1744829610; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=riL1KUp604CYpD1AiWNliF00+qwNhMr/LsXwK6I/EDI=; b=C9/4mADT5TMvxk+M7TfUQkhXyb9YECvdFMuO6mZe+oXiD00XAlWzRhw2vZF48oUxmX 93MHpdX6077oPINHpj6jTNFBLCm2tty0Uh9HXB/06XN674ALrdKbbWiQ29/KNPowxhE6 cMX/RCvPfb6IP7O3ouLM2WlkrxN93Ej7hJ+AH6vN4s/9q85JP1+e8EBVKpmEakH8JOri 5F/FhmQeFgmI7FUStYz0tkWRzHWRHsIxg3f9Cuwl4Fifs+WC9GpEJ7V96rUQTc8vgUDp T2IfVYp3n28R9g3ha5Cse71HANUVMPjPozUQ2qbslbkJzz0fb7TKi+1UGYGyMxcD1mfv 2Ssw== X-Forwarded-Encrypted: i=1; AJvYcCVLBuaeP5fyLDVFaOEDpkhiBBNTwzqjFLy83l2blbIB5irid8e9/H21DBixu/LTIbXcRyUxY2KrtOJP5ow8H5I=@vger.kernel.org X-Gm-Message-State: AOJu0YxEoo+y0TR1BcoDhrjj5n6VRgBA2cck1g/qs3qKAP1WijOJl232 LxFxc0mcMBuoFVSjrmh4qCQJ7J69OdNQhK8HI2TO8ik3lhYhIVOT1z7gU54/BQ== X-Gm-Gg: ASbGnctyix0jzt6mk7q5QwE1NnpK6gkGCEZ/5uPTtDDMhsWUfT9fvsOykYhUcL1ztx8 jQl3nPjKfxdS6NK6xw+rAm8BbPlQaDmjYcHGqNjjYRHReKsabF1Taz6d+RCWgUZ6z5VMVO5ZumN rPpju8LM6+D9nYML26gkq91q3BF9CnXv69UCDjZfGFfnXkWOaj9uEUC6U8NDvrchwvOZrP/oGsf z00jJOvLu5tG9PKML6Uz/cj5jmCbjU9VOCN4IfR/JdNJJhp2uRGlk4wq1gC9RmFx6xxvw4xNqoH kzoUm4Zh1F1pALh4RGBU9q9Ccwev6oqjV2taumt5WaAzsB9dGFY+XT8fgZ5k/HlAJQg1xJqfkjv Na1WjlV/aVpayBtJ5pzI4 X-Google-Smtp-Source: AGHT+IGGqQ+5TDtMPJUftGLobaOx7r+y0xyJI6orbJraNyiHa62EsNyYAeQTLymIJ5NZ2wzofRrAVg== X-Received: by 2002:a05:6214:29e3:b0:6d9:ac3:e730 with SMTP id 6a1803df08f44-6f0e4c543fcmr8888226d6.5.1744224810451; Wed, 09 Apr 2025 11:53:30 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de9732f1sm10627506d6.44.2025.04.09.11.53.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:30 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 01/29] lsm: split the notifier code out into lsm_notifier.c Date: Wed, 9 Apr 2025 14:49:46 -0400 Message-ID: <20250409185019.238841-32-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3373; i=paul@paul-moore.com; h=from:subject; bh=pST0Jy42PlsO0MpZv3Tmw04rGz8RTx/Oz6ErubDMxwo=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sFrd2BQ5kvOfAZSK6RvKZzIqRR99lLiF2bqN pnGNiXi9MWJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBawAKCRDqIPLalzeJ cwOQD/9bfknkxydw8DwctdBJLYfuqvr64I6HAlZQL5my5A8Wg3Vo1HdGPu6KC3Y53g2Uh1IOPnu 2z+3KL6bAtAzY3vTSt1DzOMeFIwtHRlwl7b13SwzUDNZDjSzjYKvJDrhc5FIdOtA1iRJ165ud9j cOp7hnablMr/sDzHwVZlaS0d4QiN7mtKmcwLxfPrjdimBBmmCFTlxEHbmcacRJmWYAkV6nT7yhZ lhzw68uzYTUCO/jBv4jwC4MntaHJpbNmvvr0xnX08D/drYmAauk3m8WAc70iLiq9p4FzVjIoHzc SH4sfMmLbkSn3lankDvhC7nLg8r7WDDZQr0rhpT7L9YYwMj4HIMh8ILJxsgiEmHMBBmA9F9H0AZ /obaG2I+ts3NWr9Js3Yq00UcR0wwBq0Lw9ev9wp4IvGZcEMsvU0baGLLNBYlR8xVgkCMxgfqN04 f/NhjbSj7EKLI3vXglFkFv+LnOx6hRgLVzofm1uhyLvltJXdkZ3gfCYbJ6dyKFVtZW7oQTTVwcz OhsQlyFY06ybQVOQK92ejGzvNZ0G4NrbK4sKbc1a8xuSDEcsKB/WDVfND+Ste/hT28FYa3eRd44 RtCOjhfd4a5mp+F6aDchV3bg/3ebuLO8EUrKUM1v0u3r5y4FRGigsa4f1zF2p20ok3FKAOCT+yJ u0EBYDe39poS1pQ== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A In an effort to decompose security/security.c somewhat to make it less twisted and unwieldy, pull out the LSM notifier code into a new file as it is fairly well self-contained. No code changes. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- security/Makefile | 2 +- security/lsm_notifier.c | 31 +++++++++++++++++++++++++++++++ security/security.c | 23 ----------------------- 3 files changed, 32 insertions(+), 24 deletions(-) create mode 100644 security/lsm_notifier.c diff --git a/security/Makefile b/security/Makefile index 22ff4c8bd8ce..14d87847bce8 100644 --- a/security/Makefile +++ b/security/Makefile @@ -11,7 +11,7 @@ obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists -obj-$(CONFIG_SECURITY) += security.o +obj-$(CONFIG_SECURITY) += security.o lsm_notifier.o obj-$(CONFIG_SECURITYFS) += inode.o obj-$(CONFIG_SECURITY_SELINUX) += selinux/ obj-$(CONFIG_SECURITY_SMACK) += smack/ diff --git a/security/lsm_notifier.c b/security/lsm_notifier.c new file mode 100644 index 000000000000..c92fad5d57d4 --- /dev/null +++ b/security/lsm_notifier.c @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * LSM notifier functions + * + */ + +#include +#include + +static BLOCKING_NOTIFIER_HEAD(blocking_lsm_notifier_chain); + +int call_blocking_lsm_notifier(enum lsm_event event, void *data) +{ + return blocking_notifier_call_chain(&blocking_lsm_notifier_chain, + event, data); +} +EXPORT_SYMBOL(call_blocking_lsm_notifier); + +int register_blocking_lsm_notifier(struct notifier_block *nb) +{ + return blocking_notifier_chain_register(&blocking_lsm_notifier_chain, + nb); +} +EXPORT_SYMBOL(register_blocking_lsm_notifier); + +int unregister_blocking_lsm_notifier(struct notifier_block *nb) +{ + return blocking_notifier_chain_unregister(&blocking_lsm_notifier_chain, + nb); +} +EXPORT_SYMBOL(unregister_blocking_lsm_notifier); diff --git a/security/security.c b/security/security.c index fb57e8fddd91..477be0a17e3f 100644 --- a/security/security.c +++ b/security/security.c @@ -90,8 +90,6 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = { [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; -static BLOCKING_NOTIFIER_HEAD(blocking_lsm_notifier_chain); - static struct kmem_cache *lsm_file_cache; static struct kmem_cache *lsm_inode_cache; @@ -643,27 +641,6 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, } } -int call_blocking_lsm_notifier(enum lsm_event event, void *data) -{ - return blocking_notifier_call_chain(&blocking_lsm_notifier_chain, - event, data); -} -EXPORT_SYMBOL(call_blocking_lsm_notifier); - -int register_blocking_lsm_notifier(struct notifier_block *nb) -{ - return blocking_notifier_chain_register(&blocking_lsm_notifier_chain, - nb); -} -EXPORT_SYMBOL(register_blocking_lsm_notifier); - -int unregister_blocking_lsm_notifier(struct notifier_block *nb) -{ - return blocking_notifier_chain_unregister(&blocking_lsm_notifier_chain, - nb); -} -EXPORT_SYMBOL(unregister_blocking_lsm_notifier); - /** * lsm_blob_alloc - allocate a composite blob * @dest: the destination for the blob From patchwork Wed Apr 9 18:49:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045274 Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com [209.85.160.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 04C16277809 for ; Wed, 9 Apr 2025 18:53:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224816; cv=none; b=OqjFKCGPYdaTi1Ka8KK1St4XUkMjmQF+eJYfRqDUtDX8HTvZaxadS0fnE4BRGHMJoumOW7EchQ2d3p/qn61kNaHjkcXFzP5XnjrST3baMcbkUyFeW920Shwpff4mQlGn9W5jgdCL9xXdrBwnJwHO1TDKcTEFji1PUoEw9B5RWZs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224816; c=relaxed/simple; bh=Vv6zaja+nlzZMKcWIbJz6kIl5D/B5kPnob5q9LzbTxI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hZSCDOv7EIEixaKCX1PULG7Dao1galu3lRiv/FuAsK1LH/IjrXvZTRe4esJh5ZNrTHAUR+HAvyVmvjJBI+y4pRVdrFuK0+7FJr8qZ0YssQ40j+TZd/yoaG3Z2d4Set1xoEqbpk58jjGkGndlZOfMAscC5ggyucl4AlCEup4fazs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=YKvnoIrV; arc=none smtp.client-ip=209.85.160.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="YKvnoIrV" Received: by mail-qt1-f171.google.com with SMTP id d75a77b69052e-4769aef457bso73726041cf.2 for ; Wed, 09 Apr 2025 11:53:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224812; x=1744829612; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3QFK4EDCurNoDPlQMSA4/iAU96Ea8mwh623BrqTA3Pc=; b=YKvnoIrVnW7krFWUlapAzuERrILIyuTc4/cscmpTRgAMwLnGiClNt6nYU6yKi6Mzyr zDLE7VfX26+eGdAM6YD7kynlr9WnscQScdZhPFVDr3IIU4ODGDBE5ysbQ8LbCPEd+eoW dC5k+QaNKgaXtgL+MnVIwtp/Xps2kuisyz61zpIIL6ijIQAj0uCwd+0v9pKjBKA4mGmd 8YafS08cTd1cMBchfAswtwtRXzp0qbwUgf/pgbYPSv2zxdah8itCWN3yAsSc9LEL5+Zq /G6spZkiyhcQlWHE/6d0kvVEUhTU8Jr+S0DvJzvF0AKoSPHlqOmCCuvzou755DE8XYB0 /Fgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224812; x=1744829612; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3QFK4EDCurNoDPlQMSA4/iAU96Ea8mwh623BrqTA3Pc=; b=dOqwbagrEgEQvbhrgq2MYdYllJWqXeKGopzw6jEHaqgLqSHv8WhqOP84ma7yBUDgi/ vVWBts4aIAZx3HoEJKu3H0zlk5hkqXpLnieckHJ47Gq4Z72he1x8m4jhEEKHRlzrDcJb PdFHAL71J9LAWEavVF4ie8mN/3ahKkDTOGBOpq1h7g5HO8Ogme6z6JdP0yN0qQIdHJkf CfqfKPTuPpS0NGyUCyZpcLrYTy+lDHWTIQzFJI7nAtoRq/JRr4vNsBEU5xs5WWYJOPBt 147hmOKnsHJr9j5VU5Wl5ayAH2wUbmlg4U6WFrq3BLbbl02pMOnQaEVc05Hbn31kPzzS Q3Lg== X-Forwarded-Encrypted: i=1; AJvYcCV+1QHKFY0quO7m66UjUTBQy8Mf9F1M+/3Fo1a65EcY6ttyx5fkESLq25fHQd8JvzzeMkihfsPOV8QDZUGcIDc=@vger.kernel.org X-Gm-Message-State: AOJu0YyR6Q/5cSOBluZSD5pRmVhE0EJ0Yus1xtpixiKrJVfuaQsqk4Nk o2uabw3JIujyghBkULiguMLa5HRpy20D2G/o3B9pskx0cpfSuFv5KJU9RnWXjg== X-Gm-Gg: ASbGncsYgXtX56cT5ftJbSa++qNQEGLeqpUG1ISZA1ZGFtAp/54DwzabPSEXThP2rRL 5Vfx9aF60bD0yGUkWfjnlrVxu5S9NTmo9m4ziYbSfGmnFImj9Cd/RJ/A01BdYqR7V+f9GHeQi5y eLx6zy9FV1mO4yByerqMe5U/6rkkDJIuIQXVw44svH0oXSpWRy6jo85QHaD7Ii1nTQjVQgXjC54 65OxwiLpLOC6Xuj+sKGNAfbXYy9nR2nNMrimbSIbZ98jdy+nrBnJt4bycvM36OgBWvGr7Yb3uxQ 5SBP+CONPBwVIKlPVukLLdzGdGdkDeYphN71pe23960EY/k9asccxdjFd+rLk00OZq1JVCuvV7V ojdDk8z5zqg== X-Google-Smtp-Source: AGHT+IFzvaTsFebYSqpFAQMeKgSQ85s05Ak6UM9icQ5qTxFh7oYYqyuVp/51i+afWL2Rwe3tdvXx/g== X-Received: by 2002:a05:622a:ca:b0:477:41c3:3c59 with SMTP id d75a77b69052e-4795f36f6f6mr62982791cf.40.1744224811502; Wed, 09 Apr 2025 11:53:31 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964ef6f58sm10319431cf.74.2025.04.09.11.53.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:31 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 02/29] lsm: split the init code out into lsm_init.c Date: Wed, 9 Apr 2025 14:49:47 -0400 Message-ID: <20250409185019.238841-33-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=37458; i=paul@paul-moore.com; h=from:subject; bh=Vv6zaja+nlzZMKcWIbJz6kIl5D/B5kPnob5q9LzbTxI=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sF00xjcHYqZo/aKpyCtMT765PZ7bqdIy6HPQ huZz7VahWGJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBdAAKCRDqIPLalzeJ cwQOD/9tUVeHLPSSDJeKU/i4BNegDuA2x8fF9ndTJxnkklr2T9sZsl2GfZsp64Joo3p16s2oQU/ o2EuvDRSjfQKFZ8RofjdWkztLUIRK3kyTKnrbt1buGrZbYUl4HWnypjpsDZxnm1QhA4nygJJInK QPXcdmGs2IjTnBWsbztsMySZmD1AOSBSN5GR9/u3CYEZAib1ew0N+ZsE/QJktgq9Sji8XhLAkjh Gu0xCBEb4nys6YcnRHW+UvfX8jnGSvu0ywA/EMeEmCJiI1IYTnqXkNR9AB+hSaPFugCziWieUJv 2YxuSP5jXRyjMKmTB85v+awe+83mC6/TrxVBcarUwhJ1WulaJLOXhLRqpdjRZaQm2/xCT2p7UqF ub4lcIivH/2rzoCTS2fc4EqB5O/6yCHGYsVyCNCS4+UYP63VagnW8VFw34n4Rqvo6+5s+ObEJu5 qnQyCWj8UyyzzayvtzRFUIJuVFu4dpuzxTuLnzdiF03F63RAXPomJZYDmWSggFp41qjRqVmH9ST SgEkukMyxgzLsBX8EsBMFHegD15ONyKfL3HFL/L192BXoHSIymjOcRrxmth7D5aZjPT9TVuRWAs Ym8q1+n0xZSKWqkMFuMbYfEHd+vXy+RL0uQaJ0I0rJWPw6GAmSxSu+9JOTfKJfoAYVN/S/N2CYC iE2+d5UVb3jLdvA== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Continue to pull code out of security/security.c to help improve readability by pulling all of the LSM framework initialization code out into a new file. No code changes. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- include/linux/lsm_hooks.h | 3 +- security/Makefile | 2 +- security/lsm.h | 22 ++ security/lsm_init.c | 537 ++++++++++++++++++++++++++++++++++ security/security.c | 591 +++----------------------------------- 5 files changed, 595 insertions(+), 560 deletions(-) create mode 100644 security/lsm.h create mode 100644 security/lsm_init.c diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 090d1d3e19fe..eeb4bfd60b79 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -167,11 +167,10 @@ struct lsm_info { __used __section(".early_lsm_info.init") \ __aligned(sizeof(unsigned long)) + /* DO NOT tamper with these variables outside of the LSM framework */ extern char *lsm_names; extern struct lsm_static_calls_table static_calls_table __ro_after_init; -extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; -extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; /** * lsm_get_xattr_slot - Return the next available slot and increment the index diff --git a/security/Makefile b/security/Makefile index 14d87847bce8..4601230ba442 100644 --- a/security/Makefile +++ b/security/Makefile @@ -11,7 +11,7 @@ obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists -obj-$(CONFIG_SECURITY) += security.o lsm_notifier.o +obj-$(CONFIG_SECURITY) += security.o lsm_notifier.o lsm_init.o obj-$(CONFIG_SECURITYFS) += inode.o obj-$(CONFIG_SECURITY_SELINUX) += selinux/ obj-$(CONFIG_SECURITY_SMACK) += smack/ diff --git a/security/lsm.h b/security/lsm.h new file mode 100644 index 000000000000..0e1731bad4a7 --- /dev/null +++ b/security/lsm.h @@ -0,0 +1,22 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * LSM functions + */ + +#ifndef _LSM_H_ +#define _LSM_H_ + +#include + +/* LSM blob configuration */ +extern struct lsm_blob_sizes blob_sizes; + +/* LSM blob caches */ +extern struct kmem_cache *lsm_file_cache; +extern struct kmem_cache *lsm_inode_cache; + +/* LSM blob allocators */ +int lsm_cred_alloc(struct cred *cred, gfp_t gfp); +int lsm_task_alloc(struct task_struct *task); + +#endif /* _LSM_H_ */ diff --git a/security/lsm_init.c b/security/lsm_init.c new file mode 100644 index 000000000000..70e7d4207dae --- /dev/null +++ b/security/lsm_init.c @@ -0,0 +1,537 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * LSM initialization functions + */ + +#define pr_fmt(fmt) "LSM: " fmt + +#include +#include + +#include "lsm.h" + +char *lsm_names; + +/* Pointers to LSM sections defined in include/asm-generic/vmlinux.lds.h */ +extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; +extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; + +/* Boot-time LSM user choice */ +static __initconst const char *const builtin_lsm_order = CONFIG_LSM; +static __initdata const char *chosen_lsm_order; +static __initdata const char *chosen_major_lsm; + +/* Ordered list of LSMs to initialize. */ +static __initdata struct lsm_info *ordered_lsms[MAX_LSM_COUNT + 1]; +static __initdata struct lsm_info *exclusive; + +static __initdata bool debug; +#define init_debug(...) \ + do { \ + if (debug) \ + pr_info(__VA_ARGS__); \ + } while (0) + +static int lsm_append(const char *new, char **result); + +/* Save user chosen LSM */ +static int __init choose_major_lsm(char *str) +{ + chosen_major_lsm = str; + return 1; +} +__setup("security=", choose_major_lsm); + +/* Explicitly choose LSM initialization order. */ +static int __init choose_lsm_order(char *str) +{ + chosen_lsm_order = str; + return 1; +} +__setup("lsm=", choose_lsm_order); + +/* Enable LSM order debugging. */ +static int __init enable_debug(char *str) +{ + debug = true; + return 1; +} +__setup("lsm.debug", enable_debug); + +/* Mark an LSM's enabled flag. */ +static int lsm_enabled_true __initdata = 1; +static int lsm_enabled_false __initdata = 0; +static void __init set_enabled(struct lsm_info *lsm, bool enabled) +{ + /* + * When an LSM hasn't configured an enable variable, we can use + * a hard-coded location for storing the default enabled state. + */ + if (!lsm->enabled) { + if (enabled) + lsm->enabled = &lsm_enabled_true; + else + lsm->enabled = &lsm_enabled_false; + } else if (lsm->enabled == &lsm_enabled_true) { + if (!enabled) + lsm->enabled = &lsm_enabled_false; + } else if (lsm->enabled == &lsm_enabled_false) { + if (enabled) + lsm->enabled = &lsm_enabled_true; + } else { + *lsm->enabled = enabled; + } +} + +static inline bool is_enabled(struct lsm_info *lsm) +{ + if (!lsm->enabled) + return false; + + return *lsm->enabled; +} + +/* Is an LSM already listed in the ordered LSMs list? */ +static bool __init exists_ordered_lsm(struct lsm_info *lsm) +{ + struct lsm_info **check; + + for (check = ordered_lsms; *check; check++) + if (*check == lsm) + return true; + + return false; +} + +/* Append an LSM to the list of ordered LSMs to initialize. */ +static int last_lsm __initdata; +static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) +{ + /* Ignore duplicate selections. */ + if (exists_ordered_lsm(lsm)) + return; + + if (WARN(last_lsm == MAX_LSM_COUNT, "%s: out of LSM static calls!?\n", from)) + return; + + /* Enable this LSM, if it is not already set. */ + if (!lsm->enabled) + lsm->enabled = &lsm_enabled_true; + ordered_lsms[last_lsm++] = lsm; + + init_debug("%s ordered: %s (%s)\n", from, lsm->name, + is_enabled(lsm) ? "enabled" : "disabled"); +} + +/* Is an LSM allowed to be initialized? */ +static bool __init lsm_allowed(struct lsm_info *lsm) +{ + /* Skip if the LSM is disabled. */ + if (!is_enabled(lsm)) + return false; + + /* Not allowed if another exclusive LSM already initialized. */ + if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { + init_debug("exclusive disabled: %s\n", lsm->name); + return false; + } + + return true; +} + +static void __init lsm_set_blob_size(int *need, int *lbs) +{ + int offset; + + if (*need <= 0) + return; + + offset = ALIGN(*lbs, sizeof(void *)); + *lbs = offset + *need; + *need = offset; +} + +static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) +{ + if (!needed) + return; + + lsm_set_blob_size(&needed->lbs_cred, &blob_sizes.lbs_cred); + lsm_set_blob_size(&needed->lbs_file, &blob_sizes.lbs_file); + lsm_set_blob_size(&needed->lbs_ib, &blob_sizes.lbs_ib); + /* + * The inode blob gets an rcu_head in addition to + * what the modules might need. + */ + if (needed->lbs_inode && blob_sizes.lbs_inode == 0) + blob_sizes.lbs_inode = sizeof(struct rcu_head); + lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); + lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); + lsm_set_blob_size(&needed->lbs_key, &blob_sizes.lbs_key); + lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); + lsm_set_blob_size(&needed->lbs_perf_event, &blob_sizes.lbs_perf_event); + lsm_set_blob_size(&needed->lbs_sock, &blob_sizes.lbs_sock); + lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); + lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); + lsm_set_blob_size(&needed->lbs_tun_dev, &blob_sizes.lbs_tun_dev); + lsm_set_blob_size(&needed->lbs_xattr_count, + &blob_sizes.lbs_xattr_count); + lsm_set_blob_size(&needed->lbs_bdev, &blob_sizes.lbs_bdev); +} + +/* Prepare LSM for initialization. */ +static void __init prepare_lsm(struct lsm_info *lsm) +{ + int enabled = lsm_allowed(lsm); + + /* Record enablement (to handle any following exclusive LSMs). */ + set_enabled(lsm, enabled); + + /* If enabled, do pre-initialization work. */ + if (enabled) { + if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { + exclusive = lsm; + init_debug("exclusive chosen: %s\n", lsm->name); + } + + lsm_set_blob_sizes(lsm->blobs); + } +} + +/* Initialize a given LSM, if it is enabled. */ +static void __init initialize_lsm(struct lsm_info *lsm) +{ + if (is_enabled(lsm)) { + int ret; + + init_debug("initializing %s\n", lsm->name); + ret = lsm->init(); + WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); + } +} + +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __ro_after_init; +const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; + +/* Populate ordered LSMs list from comma-separated LSM name list. */ +static void __init ordered_lsm_parse(const char *order, const char *origin) +{ + struct lsm_info *lsm; + char *sep, *name, *next; + + /* LSM_ORDER_FIRST is always first. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->order == LSM_ORDER_FIRST) + append_ordered_lsm(lsm, " first"); + } + + /* Process "security=", if given. */ + if (chosen_major_lsm) { + struct lsm_info *major; + + /* + * To match the original "security=" behavior, this + * explicitly does NOT fallback to another Legacy Major + * if the selected one was separately disabled: disable + * all non-matching Legacy Major LSMs. + */ + for (major = __start_lsm_info; major < __end_lsm_info; + major++) { + if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && + strcmp(major->name, chosen_major_lsm) != 0) { + set_enabled(major, false); + init_debug("security=%s disabled: %s (only one legacy major LSM)\n", + chosen_major_lsm, major->name); + } + } + } + + sep = kstrdup(order, GFP_KERNEL); + next = sep; + /* Walk the list, looking for matching LSMs. */ + while ((name = strsep(&next, ",")) != NULL) { + bool found = false; + + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (strcmp(lsm->name, name) == 0) { + if (lsm->order == LSM_ORDER_MUTABLE) + append_ordered_lsm(lsm, origin); + found = true; + } + } + + if (!found) + init_debug("%s ignored: %s (not built into kernel)\n", + origin, name); + } + + /* Process "security=", if given. */ + if (chosen_major_lsm) { + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (exists_ordered_lsm(lsm)) + continue; + if (strcmp(lsm->name, chosen_major_lsm) == 0) + append_ordered_lsm(lsm, "security="); + } + } + + /* LSM_ORDER_LAST is always last. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->order == LSM_ORDER_LAST) + append_ordered_lsm(lsm, " last"); + } + + /* Disable all LSMs not in the ordered list. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (exists_ordered_lsm(lsm)) + continue; + set_enabled(lsm, false); + init_debug("%s skipped: %s (not in requested order)\n", + origin, lsm->name); + } + + kfree(sep); +} + +static void __init report_lsm_order(void) +{ + struct lsm_info **lsm, *early; + int first = 0; + + pr_info("initializing lsm="); + + /* Report each enabled LSM name, comma separated. */ + for (early = __start_early_lsm_info; + early < __end_early_lsm_info; early++) + if (is_enabled(early)) + pr_cont("%s%s", first++ == 0 ? "" : ",", early->name); + for (lsm = ordered_lsms; *lsm; lsm++) + if (is_enabled(*lsm)) + pr_cont("%s%s", first++ == 0 ? "" : ",", (*lsm)->name); + + pr_cont("\n"); +} + +/** + * lsm_early_cred - during initialization allocate a composite cred blob + * @cred: the cred that needs a blob + * + * Allocate the cred blob for all the modules + */ +static void __init lsm_early_cred(struct cred *cred) +{ + int rc = lsm_cred_alloc(cred, GFP_KERNEL); + + if (rc) + panic("%s: Early cred alloc failed.\n", __func__); +} + +/** + * lsm_early_task - during initialization allocate a composite task blob + * @task: the task that needs a blob + * + * Allocate the task blob for all the modules + */ +static void __init lsm_early_task(struct task_struct *task) +{ + int rc = lsm_task_alloc(task); + + if (rc) + panic("%s: Early task alloc failed.\n", __func__); +} + +static void __init ordered_lsm_init(void) +{ + struct lsm_info **lsm; + + if (chosen_lsm_order) { + if (chosen_major_lsm) { + pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", + chosen_major_lsm, chosen_lsm_order); + chosen_major_lsm = NULL; + } + ordered_lsm_parse(chosen_lsm_order, "cmdline"); + } else + ordered_lsm_parse(builtin_lsm_order, "builtin"); + + for (lsm = ordered_lsms; *lsm; lsm++) + prepare_lsm(*lsm); + + report_lsm_order(); + + init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); + init_debug("file blob size = %d\n", blob_sizes.lbs_file); + init_debug("ib blob size = %d\n", blob_sizes.lbs_ib); + init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); + init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); +#ifdef CONFIG_KEYS + init_debug("key blob size = %d\n", blob_sizes.lbs_key); +#endif /* CONFIG_KEYS */ + init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); + init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); + init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); + init_debug("perf event blob size = %d\n", blob_sizes.lbs_perf_event); + init_debug("task blob size = %d\n", blob_sizes.lbs_task); + init_debug("tun device blob size = %d\n", blob_sizes.lbs_tun_dev); + init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); + init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); + + /* + * Create any kmem_caches needed for blobs + */ + if (blob_sizes.lbs_file) + lsm_file_cache = kmem_cache_create("lsm_file_cache", + blob_sizes.lbs_file, 0, + SLAB_PANIC, NULL); + if (blob_sizes.lbs_inode) + lsm_inode_cache = kmem_cache_create("lsm_inode_cache", + blob_sizes.lbs_inode, 0, + SLAB_PANIC, NULL); + + lsm_early_cred((struct cred *) current->cred); + lsm_early_task(current); + for (lsm = ordered_lsms; *lsm; lsm++) + initialize_lsm(*lsm); +} + +static bool match_last_lsm(const char *list, const char *lsm) +{ + const char *last; + + if (WARN_ON(!list || !lsm)) + return false; + last = strrchr(list, ','); + if (last) + /* Pass the comma, strcmp() will check for '\0' */ + last++; + else + last = list; + return !strcmp(last, lsm); +} + +static int lsm_append(const char *new, char **result) +{ + char *cp; + + if (*result == NULL) { + *result = kstrdup(new, GFP_KERNEL); + if (*result == NULL) + return -ENOMEM; + } else { + /* Check if it is the last registered name */ + if (match_last_lsm(*result, new)) + return 0; + cp = kasprintf(GFP_KERNEL, "%s,%s", *result, new); + if (cp == NULL) + return -ENOMEM; + kfree(*result); + *result = cp; + } + return 0; +} + +static void __init lsm_static_call_init(struct security_hook_list *hl) +{ + struct lsm_static_call *scall = hl->scalls; + int i; + + for (i = 0; i < MAX_LSM_COUNT; i++) { + /* Update the first static call that is not used yet */ + if (!scall->hl) { + __static_call_update(scall->key, scall->trampoline, + hl->hook.lsm_func_addr); + scall->hl = hl; + static_branch_enable(scall->active); + return; + } + scall++; + } + panic("%s - Ran out of static slots.\n", __func__); +} + +/** + * security_add_hooks - Add a modules hooks to the hook lists. + * @hooks: the hooks to add + * @count: the number of hooks to add + * @lsmid: the identification information for the security module + * + * Each LSM has to register its hooks with the infrastructure. + */ +void __init security_add_hooks(struct security_hook_list *hooks, int count, + const struct lsm_id *lsmid) +{ + int i; + + /* + * A security module may call security_add_hooks() more + * than once during initialization, and LSM initialization + * is serialized. Landlock is one such case. + * Look at the previous entry, if there is one, for duplication. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) { + if (lsm_active_cnt >= MAX_LSM_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + lsm_idlist[lsm_active_cnt++] = lsmid; + } + + for (i = 0; i < count; i++) { + hooks[i].lsmid = lsmid; + lsm_static_call_init(&hooks[i]); + } + + /* + * Don't try to append during early_security_init(), we'll come back + * and fix this up afterwards. + */ + if (slab_is_available()) { + if (lsm_append(lsmid->name, &lsm_names) < 0) + panic("%s - Cannot get early memory.\n", __func__); + } +} + +int __init early_security_init(void) +{ + struct lsm_info *lsm; + + for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { + if (!lsm->enabled) + lsm->enabled = &lsm_enabled_true; + prepare_lsm(lsm); + initialize_lsm(lsm); + } + + return 0; +} + +/** + * security_init - initializes the security framework + * + * This should be called early in the kernel initialization sequence. + */ +int __init security_init(void) +{ + struct lsm_info *lsm; + + init_debug("legacy security=%s\n", chosen_major_lsm ? : " *unspecified*"); + init_debug(" CONFIG_LSM=%s\n", builtin_lsm_order); + init_debug("boot arg lsm=%s\n", chosen_lsm_order ? : " *unspecified*"); + + /* + * Append the names of the early LSM modules now that kmalloc() is + * available + */ + for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { + init_debug(" early started: %s (%s)\n", lsm->name, + is_enabled(lsm) ? "enabled" : "disabled"); + if (lsm->enabled) + lsm_append(lsm->name, &lsm_names); + } + + /* Load LSMs in specified order. */ + ordered_lsm_init(); + + return 0; +} diff --git a/security/security.c b/security/security.c index 477be0a17e3f..8d370a4c5e74 100644 --- a/security/security.c +++ b/security/security.c @@ -32,24 +32,7 @@ #include #include -#define SECURITY_HOOK_ACTIVE_KEY(HOOK, IDX) security_hook_active_##HOOK##_##IDX - -/* - * Identifier for the LSM static calls. - * HOOK is an LSM hook as defined in linux/lsm_hookdefs.h - * IDX is the index of the static call. 0 <= NUM < MAX_LSM_COUNT - */ -#define LSM_STATIC_CALL(HOOK, IDX) lsm_static_call_##HOOK##_##IDX - -/* - * Call the macro M for each LSM hook MAX_LSM_COUNT times. - */ -#define LSM_LOOP_UNROLL(M, ...) \ -do { \ - UNROLL(MAX_LSM_COUNT, M, __VA_ARGS__) \ -} while (0) - -#define LSM_DEFINE_UNROLL(M, ...) UNROLL(MAX_LSM_COUNT, M, __VA_ARGS__) +#include "lsm.h" /* * These are descriptions of the reasons that can be passed to the @@ -90,21 +73,29 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = { [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; -static struct kmem_cache *lsm_file_cache; -static struct kmem_cache *lsm_inode_cache; +struct lsm_blob_sizes blob_sizes; -char *lsm_names; -static struct lsm_blob_sizes blob_sizes __ro_after_init; +struct kmem_cache *lsm_file_cache; +struct kmem_cache *lsm_inode_cache; -/* Boot-time LSM user choice */ -static __initdata const char *chosen_lsm_order; -static __initdata const char *chosen_major_lsm; +#define SECURITY_HOOK_ACTIVE_KEY(HOOK, IDX) security_hook_active_##HOOK##_##IDX -static __initconst const char *const builtin_lsm_order = CONFIG_LSM; +/* + * Identifier for the LSM static calls. + * HOOK is an LSM hook as defined in linux/lsm_hookdefs.h + * IDX is the index of the static call. 0 <= NUM < MAX_LSM_COUNT + */ +#define LSM_STATIC_CALL(HOOK, IDX) lsm_static_call_##HOOK##_##IDX -/* Ordered list of LSMs to initialize. */ -static __initdata struct lsm_info *ordered_lsms[MAX_LSM_COUNT + 1]; -static __initdata struct lsm_info *exclusive; +/* + * Call the macro M for each LSM hook MAX_LSM_COUNT times. + */ +#define LSM_LOOP_UNROLL(M, ...) \ +do { \ + UNROLL(MAX_LSM_COUNT, M, __VA_ARGS__) \ +} while (0) + +#define LSM_DEFINE_UNROLL(M, ...) UNROLL(MAX_LSM_COUNT, M, __VA_ARGS__) #ifdef CONFIG_HAVE_STATIC_CALL #define LSM_HOOK_TRAMP(NAME, NUM) \ @@ -155,490 +146,25 @@ struct lsm_static_calls_table #undef INIT_LSM_STATIC_CALL }; -static __initdata bool debug; -#define init_debug(...) \ - do { \ - if (debug) \ - pr_info(__VA_ARGS__); \ - } while (0) - -static bool __init is_enabled(struct lsm_info *lsm) -{ - if (!lsm->enabled) - return false; - - return *lsm->enabled; -} - -/* Mark an LSM's enabled flag. */ -static int lsm_enabled_true __initdata = 1; -static int lsm_enabled_false __initdata = 0; -static void __init set_enabled(struct lsm_info *lsm, bool enabled) -{ - /* - * When an LSM hasn't configured an enable variable, we can use - * a hard-coded location for storing the default enabled state. - */ - if (!lsm->enabled) { - if (enabled) - lsm->enabled = &lsm_enabled_true; - else - lsm->enabled = &lsm_enabled_false; - } else if (lsm->enabled == &lsm_enabled_true) { - if (!enabled) - lsm->enabled = &lsm_enabled_false; - } else if (lsm->enabled == &lsm_enabled_false) { - if (enabled) - lsm->enabled = &lsm_enabled_true; - } else { - *lsm->enabled = enabled; - } -} - -/* Is an LSM already listed in the ordered LSMs list? */ -static bool __init exists_ordered_lsm(struct lsm_info *lsm) -{ - struct lsm_info **check; - - for (check = ordered_lsms; *check; check++) - if (*check == lsm) - return true; - - return false; -} - -/* Append an LSM to the list of ordered LSMs to initialize. */ -static int last_lsm __initdata; -static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) -{ - /* Ignore duplicate selections. */ - if (exists_ordered_lsm(lsm)) - return; - - if (WARN(last_lsm == MAX_LSM_COUNT, "%s: out of LSM static calls!?\n", from)) - return; - - /* Enable this LSM, if it is not already set. */ - if (!lsm->enabled) - lsm->enabled = &lsm_enabled_true; - ordered_lsms[last_lsm++] = lsm; - - init_debug("%s ordered: %s (%s)\n", from, lsm->name, - is_enabled(lsm) ? "enabled" : "disabled"); -} - -/* Is an LSM allowed to be initialized? */ -static bool __init lsm_allowed(struct lsm_info *lsm) -{ - /* Skip if the LSM is disabled. */ - if (!is_enabled(lsm)) - return false; - - /* Not allowed if another exclusive LSM already initialized. */ - if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { - init_debug("exclusive disabled: %s\n", lsm->name); - return false; - } - - return true; -} - -static void __init lsm_set_blob_size(int *need, int *lbs) -{ - int offset; - - if (*need <= 0) - return; - - offset = ALIGN(*lbs, sizeof(void *)); - *lbs = offset + *need; - *need = offset; -} - -static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) -{ - if (!needed) - return; - - lsm_set_blob_size(&needed->lbs_cred, &blob_sizes.lbs_cred); - lsm_set_blob_size(&needed->lbs_file, &blob_sizes.lbs_file); - lsm_set_blob_size(&needed->lbs_ib, &blob_sizes.lbs_ib); - /* - * The inode blob gets an rcu_head in addition to - * what the modules might need. - */ - if (needed->lbs_inode && blob_sizes.lbs_inode == 0) - blob_sizes.lbs_inode = sizeof(struct rcu_head); - lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); - lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); - lsm_set_blob_size(&needed->lbs_key, &blob_sizes.lbs_key); - lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); - lsm_set_blob_size(&needed->lbs_perf_event, &blob_sizes.lbs_perf_event); - lsm_set_blob_size(&needed->lbs_sock, &blob_sizes.lbs_sock); - lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); - lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); - lsm_set_blob_size(&needed->lbs_tun_dev, &blob_sizes.lbs_tun_dev); - lsm_set_blob_size(&needed->lbs_xattr_count, - &blob_sizes.lbs_xattr_count); - lsm_set_blob_size(&needed->lbs_bdev, &blob_sizes.lbs_bdev); -} - -/* Prepare LSM for initialization. */ -static void __init prepare_lsm(struct lsm_info *lsm) -{ - int enabled = lsm_allowed(lsm); - - /* Record enablement (to handle any following exclusive LSMs). */ - set_enabled(lsm, enabled); - - /* If enabled, do pre-initialization work. */ - if (enabled) { - if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { - exclusive = lsm; - init_debug("exclusive chosen: %s\n", lsm->name); - } - - lsm_set_blob_sizes(lsm->blobs); - } -} - -/* Initialize a given LSM, if it is enabled. */ -static void __init initialize_lsm(struct lsm_info *lsm) -{ - if (is_enabled(lsm)) { - int ret; - - init_debug("initializing %s\n", lsm->name); - ret = lsm->init(); - WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); - } -} - -/* - * Current index to use while initializing the lsm id list. - */ -u32 lsm_active_cnt __ro_after_init; -const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; - -/* Populate ordered LSMs list from comma-separated LSM name list. */ -static void __init ordered_lsm_parse(const char *order, const char *origin) -{ - struct lsm_info *lsm; - char *sep, *name, *next; - - /* LSM_ORDER_FIRST is always first. */ - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm->order == LSM_ORDER_FIRST) - append_ordered_lsm(lsm, " first"); - } - - /* Process "security=", if given. */ - if (chosen_major_lsm) { - struct lsm_info *major; - - /* - * To match the original "security=" behavior, this - * explicitly does NOT fallback to another Legacy Major - * if the selected one was separately disabled: disable - * all non-matching Legacy Major LSMs. - */ - for (major = __start_lsm_info; major < __end_lsm_info; - major++) { - if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && - strcmp(major->name, chosen_major_lsm) != 0) { - set_enabled(major, false); - init_debug("security=%s disabled: %s (only one legacy major LSM)\n", - chosen_major_lsm, major->name); - } - } - } - - sep = kstrdup(order, GFP_KERNEL); - next = sep; - /* Walk the list, looking for matching LSMs. */ - while ((name = strsep(&next, ",")) != NULL) { - bool found = false; - - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (strcmp(lsm->name, name) == 0) { - if (lsm->order == LSM_ORDER_MUTABLE) - append_ordered_lsm(lsm, origin); - found = true; - } - } - - if (!found) - init_debug("%s ignored: %s (not built into kernel)\n", - origin, name); - } - - /* Process "security=", if given. */ - if (chosen_major_lsm) { - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (exists_ordered_lsm(lsm)) - continue; - if (strcmp(lsm->name, chosen_major_lsm) == 0) - append_ordered_lsm(lsm, "security="); - } - } - - /* LSM_ORDER_LAST is always last. */ - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm->order == LSM_ORDER_LAST) - append_ordered_lsm(lsm, " last"); - } - - /* Disable all LSMs not in the ordered list. */ - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (exists_ordered_lsm(lsm)) - continue; - set_enabled(lsm, false); - init_debug("%s skipped: %s (not in requested order)\n", - origin, lsm->name); - } - - kfree(sep); -} - -static void __init lsm_static_call_init(struct security_hook_list *hl) -{ - struct lsm_static_call *scall = hl->scalls; - int i; - - for (i = 0; i < MAX_LSM_COUNT; i++) { - /* Update the first static call that is not used yet */ - if (!scall->hl) { - __static_call_update(scall->key, scall->trampoline, - hl->hook.lsm_func_addr); - scall->hl = hl; - static_branch_enable(scall->active); - return; - } - scall++; - } - panic("%s - Ran out of static slots.\n", __func__); -} - -static void __init lsm_early_cred(struct cred *cred); -static void __init lsm_early_task(struct task_struct *task); - -static int lsm_append(const char *new, char **result); - -static void __init report_lsm_order(void) -{ - struct lsm_info **lsm, *early; - int first = 0; - - pr_info("initializing lsm="); - - /* Report each enabled LSM name, comma separated. */ - for (early = __start_early_lsm_info; - early < __end_early_lsm_info; early++) - if (is_enabled(early)) - pr_cont("%s%s", first++ == 0 ? "" : ",", early->name); - for (lsm = ordered_lsms; *lsm; lsm++) - if (is_enabled(*lsm)) - pr_cont("%s%s", first++ == 0 ? "" : ",", (*lsm)->name); - - pr_cont("\n"); -} - -static void __init ordered_lsm_init(void) -{ - struct lsm_info **lsm; - - if (chosen_lsm_order) { - if (chosen_major_lsm) { - pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", - chosen_major_lsm, chosen_lsm_order); - chosen_major_lsm = NULL; - } - ordered_lsm_parse(chosen_lsm_order, "cmdline"); - } else - ordered_lsm_parse(builtin_lsm_order, "builtin"); - - for (lsm = ordered_lsms; *lsm; lsm++) - prepare_lsm(*lsm); - - report_lsm_order(); - - init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); - init_debug("file blob size = %d\n", blob_sizes.lbs_file); - init_debug("ib blob size = %d\n", blob_sizes.lbs_ib); - init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); - init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); -#ifdef CONFIG_KEYS - init_debug("key blob size = %d\n", blob_sizes.lbs_key); -#endif /* CONFIG_KEYS */ - init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); - init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); - init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); - init_debug("perf event blob size = %d\n", blob_sizes.lbs_perf_event); - init_debug("task blob size = %d\n", blob_sizes.lbs_task); - init_debug("tun device blob size = %d\n", blob_sizes.lbs_tun_dev); - init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); - init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); - - /* - * Create any kmem_caches needed for blobs - */ - if (blob_sizes.lbs_file) - lsm_file_cache = kmem_cache_create("lsm_file_cache", - blob_sizes.lbs_file, 0, - SLAB_PANIC, NULL); - if (blob_sizes.lbs_inode) - lsm_inode_cache = kmem_cache_create("lsm_inode_cache", - blob_sizes.lbs_inode, 0, - SLAB_PANIC, NULL); - - lsm_early_cred((struct cred *) current->cred); - lsm_early_task(current); - for (lsm = ordered_lsms; *lsm; lsm++) - initialize_lsm(*lsm); -} - -int __init early_security_init(void) -{ - struct lsm_info *lsm; - - for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { - if (!lsm->enabled) - lsm->enabled = &lsm_enabled_true; - prepare_lsm(lsm); - initialize_lsm(lsm); - } - - return 0; -} - /** - * security_init - initializes the security framework + * lsm_file_alloc - allocate a composite file blob + * @file: the file that needs a blob * - * This should be called early in the kernel initialization sequence. - */ -int __init security_init(void) -{ - struct lsm_info *lsm; - - init_debug("legacy security=%s\n", chosen_major_lsm ? : " *unspecified*"); - init_debug(" CONFIG_LSM=%s\n", builtin_lsm_order); - init_debug("boot arg lsm=%s\n", chosen_lsm_order ? : " *unspecified*"); - - /* - * Append the names of the early LSM modules now that kmalloc() is - * available - */ - for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { - init_debug(" early started: %s (%s)\n", lsm->name, - is_enabled(lsm) ? "enabled" : "disabled"); - if (lsm->enabled) - lsm_append(lsm->name, &lsm_names); - } - - /* Load LSMs in specified order. */ - ordered_lsm_init(); - - return 0; -} - -/* Save user chosen LSM */ -static int __init choose_major_lsm(char *str) -{ - chosen_major_lsm = str; - return 1; -} -__setup("security=", choose_major_lsm); - -/* Explicitly choose LSM initialization order. */ -static int __init choose_lsm_order(char *str) -{ - chosen_lsm_order = str; - return 1; -} -__setup("lsm=", choose_lsm_order); - -/* Enable LSM order debugging. */ -static int __init enable_debug(char *str) -{ - debug = true; - return 1; -} -__setup("lsm.debug", enable_debug); - -static bool match_last_lsm(const char *list, const char *lsm) -{ - const char *last; - - if (WARN_ON(!list || !lsm)) - return false; - last = strrchr(list, ','); - if (last) - /* Pass the comma, strcmp() will check for '\0' */ - last++; - else - last = list; - return !strcmp(last, lsm); -} - -static int lsm_append(const char *new, char **result) -{ - char *cp; - - if (*result == NULL) { - *result = kstrdup(new, GFP_KERNEL); - if (*result == NULL) - return -ENOMEM; - } else { - /* Check if it is the last registered name */ - if (match_last_lsm(*result, new)) - return 0; - cp = kasprintf(GFP_KERNEL, "%s,%s", *result, new); - if (cp == NULL) - return -ENOMEM; - kfree(*result); - *result = cp; - } - return 0; -} - -/** - * security_add_hooks - Add a modules hooks to the hook lists. - * @hooks: the hooks to add - * @count: the number of hooks to add - * @lsmid: the identification information for the security module + * Allocate the file blob for all the modules * - * Each LSM has to register its hooks with the infrastructure. + * Returns 0, or -ENOMEM if memory can't be allocated. */ -void __init security_add_hooks(struct security_hook_list *hooks, int count, - const struct lsm_id *lsmid) +static int lsm_file_alloc(struct file *file) { - int i; - - /* - * A security module may call security_add_hooks() more - * than once during initialization, and LSM initialization - * is serialized. Landlock is one such case. - * Look at the previous entry, if there is one, for duplication. - */ - if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) { - if (lsm_active_cnt >= MAX_LSM_COUNT) - panic("%s Too many LSMs registered.\n", __func__); - lsm_idlist[lsm_active_cnt++] = lsmid; + if (!lsm_file_cache) { + file->f_security = NULL; + return 0; } - for (i = 0; i < count; i++) { - hooks[i].lsmid = lsmid; - lsm_static_call_init(&hooks[i]); - } - - /* - * Don't try to append during early_security_init(), we'll come back - * and fix this up afterwards. - */ - if (slab_is_available()) { - if (lsm_append(lsmid->name, &lsm_names) < 0) - panic("%s - Cannot get early memory.\n", __func__); - } + file->f_security = kmem_cache_zalloc(lsm_file_cache, GFP_KERNEL); + if (file->f_security == NULL) + return -ENOMEM; + return 0; } /** @@ -673,46 +199,11 @@ static int lsm_blob_alloc(void **dest, size_t size, gfp_t gfp) * * Returns 0, or -ENOMEM if memory can't be allocated. */ -static int lsm_cred_alloc(struct cred *cred, gfp_t gfp) +int lsm_cred_alloc(struct cred *cred, gfp_t gfp) { return lsm_blob_alloc(&cred->security, blob_sizes.lbs_cred, gfp); } -/** - * lsm_early_cred - during initialization allocate a composite cred blob - * @cred: the cred that needs a blob - * - * Allocate the cred blob for all the modules - */ -static void __init lsm_early_cred(struct cred *cred) -{ - int rc = lsm_cred_alloc(cred, GFP_KERNEL); - - if (rc) - panic("%s: Early cred alloc failed.\n", __func__); -} - -/** - * lsm_file_alloc - allocate a composite file blob - * @file: the file that needs a blob - * - * Allocate the file blob for all the modules - * - * Returns 0, or -ENOMEM if memory can't be allocated. - */ -static int lsm_file_alloc(struct file *file) -{ - if (!lsm_file_cache) { - file->f_security = NULL; - return 0; - } - - file->f_security = kmem_cache_zalloc(lsm_file_cache, GFP_KERNEL); - if (file->f_security == NULL) - return -ENOMEM; - return 0; -} - /** * lsm_inode_alloc - allocate a composite inode blob * @inode: the inode that needs a blob @@ -743,7 +234,7 @@ static int lsm_inode_alloc(struct inode *inode, gfp_t gfp) * * Returns 0, or -ENOMEM if memory can't be allocated. */ -static int lsm_task_alloc(struct task_struct *task) +int lsm_task_alloc(struct task_struct *task) { return lsm_blob_alloc(&task->security, blob_sizes.lbs_task, GFP_KERNEL); } @@ -812,20 +303,6 @@ static int lsm_bdev_alloc(struct block_device *bdev) return 0; } -/** - * lsm_early_task - during initialization allocate a composite task blob - * @task: the task that needs a blob - * - * Allocate the task blob for all the modules - */ -static void __init lsm_early_task(struct task_struct *task) -{ - int rc = lsm_task_alloc(task); - - if (rc) - panic("%s: Early task alloc failed.\n", __func__); -} - /** * lsm_superblock_alloc - allocate a composite superblock blob * @sb: the superblock that needs a blob From patchwork Wed Apr 9 18:49:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045273 Received: from mail-qt1-f172.google.com (mail-qt1-f172.google.com [209.85.160.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BBC4027703E for ; Wed, 9 Apr 2025 18:53:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224816; cv=none; b=Eaj9OqYOg2TBF1dvufMTz234EADAAnR0GpZhb0Z4e2VCSjt6d97Nl8oEC9qIQzV982YgdBGo+jIm11Na9Cus3p0lgrkxvQvy0fKcfjQui5zIjh1I5fMjNNJgfHMbRvIiX2tfPxz9O14WnRJkbl6ZPebE+5MvvVazF7goiQv+PlU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224816; c=relaxed/simple; bh=r3LlTbBg0v5L6VO7OKEzr0vj9s7D5oPdwgU1H8/sOCc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gOHaVR6NLtRMnTnw4BG1PU6XqD7v5rGmMinTrboaTuU6b6KaSTO7agIGJe/VmjNErhf4ANKcxnlzdXJwL54OQST4FOcsB5jWQpVa7CR2PGh68vbbyazYHtIaK5zfS/kozW+46ACQshFLbjWAWYHK3bcUkQdccYgK9QPY+lBKBE0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=TkrT1mAo; arc=none smtp.client-ip=209.85.160.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="TkrT1mAo" Received: by mail-qt1-f172.google.com with SMTP id d75a77b69052e-4767e969b94so120193631cf.2 for ; Wed, 09 Apr 2025 11:53:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224812; x=1744829612; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bwYwsOs1aQwmbIE5IlUqhyi2oMhQFITmOISMC3oihkg=; b=TkrT1mAobwA0EwWotHI5ggIQbNjZ11E6gh/XDtEpsZLIbaMIg9BVsBIe8ZT0Ut2dWd ZqTK7YveOBT7fRhY9WRPwJg4ebJkmOKL1MmWWMZECoIr/esRAw4+RBSTEh5LweaQlpKN cDNEnGbzD8Xoew0/t/XOfk1RlY54j6eBamctISES/qnEMmPfKimteHOfEusl/ZTAUWde 9YMp7SRvwD1PVkuJiksLfcxCJ+KJxsjUvS28CME9n+RxOUeDtXaZq9EFIMQhEDvahlI7 3ycAcqll79im/6WCo1huBJT01RipmWzfa4RIEmkSzdgHA71++4an14N2NC1/JXNcrQc0 8HNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224812; x=1744829612; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bwYwsOs1aQwmbIE5IlUqhyi2oMhQFITmOISMC3oihkg=; b=WLJylKokKJWH0kSYzLImqc1EJ+yAWPAc9H4IdJom6jFFCwxBCMU7F4BGCcDpPxHvOZ fmFis8LPjwjXTRj55l6O8tcAbqO947KzPAtl4Uk29s3psH2gAMoXs++yj+K5JDr68y5T Ri7TqKEG4d1K0VjHbz9Novo3ki6S6tHjN5fjIiJnL8hHR02wiAO43IaXJdSMYL7LS7s9 5tKxWEGyJmIO1ik0gwJS0q+zrNstIjy80DK2qa+V8Ybfa5dZM/hXnqfgLDzcGztmGEeq Gybnug1G8Pkva4wFi0OxR0ug7lBQu5hxkxXypn9MFq/TcfyhdHKIsQZFWwrSJPEGtkc9 m3mw== X-Forwarded-Encrypted: i=1; AJvYcCUULbw+wsBdhiG9ZznXzkqIU5pi1mfrRcB4GPJRPUc9GEGqzn5XJp+mNLPyUQ5//VjlQvYJOEOBi8h44EIXpXs=@vger.kernel.org X-Gm-Message-State: AOJu0YzT4lvMajIKdndFdmT3ILq4q9xIhJsj4tU/hhdxk8oIADR62+ng 0Xr/MfwLz4YccinuKkRXzfVsDK8mLylXm0ZBCvrqgns0vgEnCyKVvRrPKzwFcQ== X-Gm-Gg: ASbGncv1nWN3iHmhtzfH2Bjewm7ifgV6uSsQ5l7H0PoCYrxyDzNItxbLAk3cCL9MxGP eiD2o/w5hvWDNYGMjAP627LvTv5v0FWL3NWtcOvSbAPAYO5hK0s4t7r2Z3AqsOG02DsVh4FFxH/ hyp+suhlw2HpKIzFCTB9RENuwWWsd1Bu6sGnN1n+GbNWjZ3pUtNzlSlZFouBN7JYjUknNiuel+N p0/hzibNbFvtZpHyMnR8DTvchWgxk4bJYI206VjTS053IR62fxu9DO1fIdVXGz4jmNDai1aTs6A 598MIqDza7BYZS6uJWerCViqUyfKWkHzzAaQaCEAU2q7Snv1U9nFNr9qGxuL/B089wczBdjHFeN NdPubQpFDxA== X-Google-Smtp-Source: AGHT+IGaIUi4G/RR3z11v27jpCnKDvarJVjCRYPeih2X67y6Pf/OUnyXfy7M8ebEujGpSfglKywUMw== X-Received: by 2002:ac8:59cf:0:b0:477:64b0:6a21 with SMTP id d75a77b69052e-479600c1df6mr53978941cf.23.1744224812386; Wed, 09 Apr 2025 11:53:32 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964ef6f58sm10319561cf.74.2025.04.09.11.53.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:32 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 03/29] lsm: simplify prepare_lsm() and rename to lsm_prep_single() Date: Wed, 9 Apr 2025 14:49:48 -0400 Message-ID: <20250409185019.238841-34-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5272; i=paul@paul-moore.com; h=from:subject; bh=r3LlTbBg0v5L6VO7OKEzr0vj9s7D5oPdwgU1H8/sOCc=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sF78za+C6z3zkwal2wB33pphGO6OesCpmiai fvw17kIBj2JAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBewAKCRDqIPLalzeJ c+KrD/9sZpUJPcJF/4YweCjxX3p+LcuF9WIqR1Vf1exq1GPMG8u68zsgT9r7swvCbLodkeykLh9 jCgCYykeANDJSosrHm2P+e/VwCNLTDPpwDekROyWO5TBGPUPga2qkSCe6Z7ra+M1BdctfoE5vLo 6yMx/FJFbUBRpAFpxs+5Dhs+tGqr0X90kctubDGqBPURPSn6m8rA9hUgxAZjNieh1wYm/WIUVe1 0YigZPBgYAu9IPgEVGLr7CxLtl+UgsU2/Hql4PQZFR41v5alNZcinqkEETzYDJHu39g0C2Qi4f6 5StGpRdgNJozZkdqHIcOJ2Fd2FCq+QCFix+goiL04reRUzPdq/g9cdyLatW6sjtWFL6cFXNHQD2 HMbqYMunjtk548Xo6byv+aUg7qInIwcXMsMCsVUlnQrqqo7lxKyIQWn2sj6X6slcfUZig3D6DJy O1UDV4JGA1JE58i5y7WK9e/uiJVRo3KPPweqohQE6N/35kmK/YLsTqulwhErkri6VauAa/4glHT el8NcGC1djZZ14Xj0suHceDV1AoaZuy1PavTNpXzKokbAhuPcU1zHwiu3uvZSkFJbnaAreQGbCV FLEHqmk5ajJtxZ//tHyL5lh5xKvU6R1reDvDbNq6BiSnQBUyCTAHL4WG+kw7SPOW5KHmmbx3AUd f8i7W8vkj+8hdoQ== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- security/lsm_init.c | 103 ++++++++++++++++++-------------------------- 1 file changed, 43 insertions(+), 60 deletions(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index 70e7d4207dae..dffa8dc2da36 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -123,22 +123,6 @@ static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) is_enabled(lsm) ? "enabled" : "disabled"); } -/* Is an LSM allowed to be initialized? */ -static bool __init lsm_allowed(struct lsm_info *lsm) -{ - /* Skip if the LSM is disabled. */ - if (!is_enabled(lsm)) - return false; - - /* Not allowed if another exclusive LSM already initialized. */ - if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { - init_debug("exclusive disabled: %s\n", lsm->name); - return false; - } - - return true; -} - static void __init lsm_set_blob_size(int *need, int *lbs) { int offset; @@ -151,51 +135,50 @@ static void __init lsm_set_blob_size(int *need, int *lbs) *need = offset; } -static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed) +/** + * lsm_prep_single - Prepare the LSM framework for a new LSM + * @lsm: LSM definition + */ +static void __init lsm_prep_single(struct lsm_info *lsm) { - if (!needed) + struct lsm_blob_sizes *blobs; + + if (!is_enabled(lsm)) { + set_enabled(lsm, false); + return; + } else if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { + init_debug("exclusive disabled: %s\n", lsm->name); + set_enabled(lsm, false); return; - - lsm_set_blob_size(&needed->lbs_cred, &blob_sizes.lbs_cred); - lsm_set_blob_size(&needed->lbs_file, &blob_sizes.lbs_file); - lsm_set_blob_size(&needed->lbs_ib, &blob_sizes.lbs_ib); - /* - * The inode blob gets an rcu_head in addition to - * what the modules might need. - */ - if (needed->lbs_inode && blob_sizes.lbs_inode == 0) - blob_sizes.lbs_inode = sizeof(struct rcu_head); - lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); - lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); - lsm_set_blob_size(&needed->lbs_key, &blob_sizes.lbs_key); - lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); - lsm_set_blob_size(&needed->lbs_perf_event, &blob_sizes.lbs_perf_event); - lsm_set_blob_size(&needed->lbs_sock, &blob_sizes.lbs_sock); - lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); - lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); - lsm_set_blob_size(&needed->lbs_tun_dev, &blob_sizes.lbs_tun_dev); - lsm_set_blob_size(&needed->lbs_xattr_count, - &blob_sizes.lbs_xattr_count); - lsm_set_blob_size(&needed->lbs_bdev, &blob_sizes.lbs_bdev); -} - -/* Prepare LSM for initialization. */ -static void __init prepare_lsm(struct lsm_info *lsm) -{ - int enabled = lsm_allowed(lsm); - - /* Record enablement (to handle any following exclusive LSMs). */ - set_enabled(lsm, enabled); - - /* If enabled, do pre-initialization work. */ - if (enabled) { - if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { - exclusive = lsm; - init_debug("exclusive chosen: %s\n", lsm->name); - } - - lsm_set_blob_sizes(lsm->blobs); } + + /* Mark the LSM as enabled. */ + set_enabled(lsm, true); + if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { + init_debug("exclusive chosen: %s\n", lsm->name); + exclusive = lsm; + } + + /* Register the LSM blob sizes. */ + blobs = lsm->blobs; + lsm_set_blob_size(&blobs->lbs_cred, &blob_sizes.lbs_cred); + lsm_set_blob_size(&blobs->lbs_file, &blob_sizes.lbs_file); + lsm_set_blob_size(&blobs->lbs_ib, &blob_sizes.lbs_ib); + /* inode blob gets an rcu_head in addition to LSM blobs. */ + if (blobs->lbs_inode && blob_sizes.lbs_inode == 0) + blob_sizes.lbs_inode = sizeof(struct rcu_head); + lsm_set_blob_size(&blobs->lbs_inode, &blob_sizes.lbs_inode); + lsm_set_blob_size(&blobs->lbs_ipc, &blob_sizes.lbs_ipc); + lsm_set_blob_size(&blobs->lbs_key, &blob_sizes.lbs_key); + lsm_set_blob_size(&blobs->lbs_msg_msg, &blob_sizes.lbs_msg_msg); + lsm_set_blob_size(&blobs->lbs_perf_event, &blob_sizes.lbs_perf_event); + lsm_set_blob_size(&blobs->lbs_sock, &blob_sizes.lbs_sock); + lsm_set_blob_size(&blobs->lbs_superblock, &blob_sizes.lbs_superblock); + lsm_set_blob_size(&blobs->lbs_task, &blob_sizes.lbs_task); + lsm_set_blob_size(&blobs->lbs_tun_dev, &blob_sizes.lbs_tun_dev); + lsm_set_blob_size(&blobs->lbs_xattr_count, + &blob_sizes.lbs_xattr_count); + lsm_set_blob_size(&blobs->lbs_bdev, &blob_sizes.lbs_bdev); } /* Initialize a given LSM, if it is enabled. */ @@ -358,7 +341,7 @@ static void __init ordered_lsm_init(void) ordered_lsm_parse(builtin_lsm_order, "builtin"); for (lsm = ordered_lsms; *lsm; lsm++) - prepare_lsm(*lsm); + lsm_prep_single(*lsm); report_lsm_order(); @@ -499,7 +482,7 @@ int __init early_security_init(void) for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { if (!lsm->enabled) lsm->enabled = &lsm_enabled_true; - prepare_lsm(lsm); + lsm_prep_single(lsm); initialize_lsm(lsm); } From patchwork Wed Apr 9 18:49:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045276 Received: from mail-qt1-f177.google.com (mail-qt1-f177.google.com [209.85.160.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8AD27279330 for ; Wed, 9 Apr 2025 18:53:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224818; cv=none; b=O4i1BfTt7XMYvVUiw5ny5FPEqYanhMHb/RXyLmG61nDX2KdUqiJxBXmEBSRGtOuFNnJdFVq3J8vnM1N323OxNhj2sfzQGg0NvIIZzmDYJMVcuAJ+CRBt/lHUdmmt9+8hsH1W3k5CNN6I0NhyHle0x4K3sak4tnEI/Rzl1GHgq2Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224818; c=relaxed/simple; bh=gpr7tsGitQIMbEcgCwGbviHAdreY0TOHnQ6cCKZK2UY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=cF1RxaAKJkp8ILYZmHVJBHkMUJihLCankkaZytfQGRUIdtEv2LaY4sRbO0oLgG7R08FkstDSLF9BCNBy2cEPoXXoTktE6KvXhJS8xetg2X4+kiJj0RAKYIKqZReFS32m6czfHFhxY/7yhY4tDlhajXLpd36OcugC9okzDdEjXzQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=Ttqwv9Hn; arc=none smtp.client-ip=209.85.160.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="Ttqwv9Hn" Received: by mail-qt1-f177.google.com with SMTP id d75a77b69052e-4774193fdffso101582171cf.1 for ; Wed, 09 Apr 2025 11:53:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224813; x=1744829613; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uyW2hd3CPeNluq5Deagk7Gz7AJbC3npegLBwPU6mSOs=; b=Ttqwv9HnniNCvdqkCDQW/KwY6vqkqcxNEIlFt65C/BZ63tR1xYfmlta9X+kIOajLji 337B1zDcDlylm0cNnfhj79GZu1xScHYmz5twUMVpBqgcCFj2UFua3aw96YwSnKRpAAcc H4X8OYkZ4wCVQceBVN6dEDP0KRhJBvQwAhYQlW0Fm+F78T5AYdN7lkI2vpwLnfN14TK3 x/oJJIrufXimYi0ZpNYiYHYvttit1KtelEL5eOtWG3XNnW5fCfi6UOVPT4nvL2apGHfK ZaiMMcAcwwNRZHbA6cX3iwoPqQZSCk8QcAZ7zcF8+WNEqWF69wuJbcK4BtNKLgp3O9fP wKRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224813; x=1744829613; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uyW2hd3CPeNluq5Deagk7Gz7AJbC3npegLBwPU6mSOs=; b=sOO6R6ZhziFFD8cpCjZfBdUuAMTlJrS7ANpXduDXkbsPQizeiWgamv28hZvMJmAsA6 ur7pwCF5EAalC8pIbSoz84gUv6aYsbF2HsNTTg9tTnZG+AKFiOOLW7QYLxk41hU5wKun FgZHXvP55G82k9y4w9Tn1Dx89AWyfpRFdbOULhlsQS2sttzAN1zXeZd5ximSlLpmT+KU RUoBjlLXEubPKBs9GchYQGALXLg7vIndFECcAHifzqKxhIXN8oFyXNqNpgSzIgTobmk7 WVdQb+aJXej+reZ0YZxSBomdfh63d91LnIbkasYRgA+fdsxPT9huUBZ9U6e3cXcvrpzr oC/w== X-Forwarded-Encrypted: i=1; AJvYcCWwAoWp7/xsc52f397h4jgZgqpxc/1U++w1MJZ/DmEijPuCSOQjPz0KB4ADOYNk60mgblE+HEhAXSio/Zn98QU=@vger.kernel.org X-Gm-Message-State: AOJu0YwS5p7f3bJGI5BZKZvpXg4Bm+SpjoX6Jz+bvZlCFpDUMY+lYPVY SPpsVD3B6i09PYARE+UerdBQn/PIlgvZGfkwsMNLOWHcKbdaDEDR2EOuPz+thA== X-Gm-Gg: ASbGnctXySyI/5DNB1aMaZfp61ZHhMAZuGOBGc21YxH5IjWFi3oeoWmhyNVK5pg1ptm w+NylY5sHHUyZgC53rfyE1SLu4EXnd1ga4WVaKOwbA+dbJpwF58ozGs7AHGPspFl+fkfm4jIn7U WdShmrP0I+JwMUO/r10KzSDxmGzVzmTHSL3RWIyzha7FnQmk8CMOvohrAehl3v6ngYrvje+1LZk JyNJ3irV7T6nfqojIpXS5H5UOIaNJxrYP9QpKnUmLHYXesvWsJmajqy+O8eEe/v/BBaHUp57E0K hDRXatA4MQZtfX39FJlibnbQfY7g0hJfmax481ZF0oy2HJDlyJ+XeS86mALlkvSOq69EeA8zm62 lO6P2P3xWSQ== X-Google-Smtp-Source: AGHT+IElE6XZTnvc8PwrZp+Tvpsb+oUBi9puAZOOHhxs0inLj4RSOmzkhtSEd80tUBKIzcruBlRftA== X-Received: by 2002:a05:622a:1115:b0:476:6b20:2cef with SMTP id d75a77b69052e-47960134f73mr58523681cf.41.1744224813280; Wed, 09 Apr 2025 11:53:33 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964ec504asm10336751cf.62.2025.04.09.11.53.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:32 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 04/29] lsm: simplify ordered_lsm_init() and rename to lsm_init_ordered() Date: Wed, 9 Apr 2025 14:49:49 -0400 Message-ID: <20250409185019.238841-35-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5284; i=paul@paul-moore.com; h=from:subject; bh=gpr7tsGitQIMbEcgCwGbviHAdreY0TOHnQ6cCKZK2UY=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGBx4wuIYQqbtw+d/oiQz36dPSuSfB0GAmp4 QzeVymGZF+JAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBgQAKCRDqIPLalzeJ c8YTD/45zC/x50mbnS+rmFfYNWP9G7OQcwdN2nOZ7WlXXy/epOxNYO9oqUAgfdTzFclLzS6Cx+q JexaE0/dKwgqBmq2/vsiE3r/sVjTKUrVSi2mvqjV51Geb0hAuDMqWaK7eKvfgtNSesynf5tTqT/ lPk4H7BQUeSa97Fkz/Re2+QYIlwCZJkv31vSfm3+qPCk+OerKWhY8VZu51pBC3CLtgNfxyNSljc g3VsZvrWiU/P3TRj41DhNh/VUgqiKVhg1exx4JwxUBmbLRZbgYhaUqW0LHu/WgXW457mPO3udHR jVSiSfQlYR9vvXVhQW2GsXrWG9p6rRCtBrab6nLdRYB0gcWo6WOG4j2ARZ0tq+iu2EUDn0dMZwm mcoV/4DlyCQGlmXSskfG61bAiexiAZk/B4omodClDjdvIKpTOpl5chS2QxM5hbtPnh0sNsYgY0S wMRjIw2dp1yCDaxBAzHHNrAaCbX4GsKPoshHc9bVzaQS4kWd18EblGK+xlDd+rHYOZklSWgeRT5 miwOSwpsajR0EUTPZge4ZD10xkpSK3YhI/lTH8ctR3cKBhcB7p0CdCl7RSivVwDRYyE1iVaibCl RhAe83ZgFLjc4DBqaXDAHX00Y1WEnIyA9PIr1B81EJF9wzWLKrQpe6cM8eFitRA21hLUmGEETFX oAqDnf61MsjtA3w== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore --- security/lsm_init.c | 94 +++++++++++++++++---------------------------- 1 file changed, 36 insertions(+), 58 deletions(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index dffa8dc2da36..407429688f1b 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -32,6 +32,12 @@ static __initdata bool debug; pr_info(__VA_ARGS__); \ } while (0) +#define lsm_order_for_each(iter) \ + for ((iter) = ordered_lsms; *(iter); (iter)++) +#define lsm_early_for_each_raw(iter) \ + for ((iter) = __start_early_lsm_info; \ + (iter) < __end_early_lsm_info; (iter)++) + static int lsm_append(const char *new, char **result); /* Save user chosen LSM */ @@ -96,9 +102,10 @@ static bool __init exists_ordered_lsm(struct lsm_info *lsm) { struct lsm_info **check; - for (check = ordered_lsms; *check; check++) + lsm_order_for_each(check) { if (*check == lsm) return true; + } return false; } @@ -279,56 +286,13 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) kfree(sep); } -static void __init report_lsm_order(void) -{ - struct lsm_info **lsm, *early; - int first = 0; - - pr_info("initializing lsm="); - - /* Report each enabled LSM name, comma separated. */ - for (early = __start_early_lsm_info; - early < __end_early_lsm_info; early++) - if (is_enabled(early)) - pr_cont("%s%s", first++ == 0 ? "" : ",", early->name); - for (lsm = ordered_lsms; *lsm; lsm++) - if (is_enabled(*lsm)) - pr_cont("%s%s", first++ == 0 ? "" : ",", (*lsm)->name); - - pr_cont("\n"); -} - /** - * lsm_early_cred - during initialization allocate a composite cred blob - * @cred: the cred that needs a blob - * - * Allocate the cred blob for all the modules + * lsm_init_ordered - Initialize the ordered LSMs */ -static void __init lsm_early_cred(struct cred *cred) -{ - int rc = lsm_cred_alloc(cred, GFP_KERNEL); - - if (rc) - panic("%s: Early cred alloc failed.\n", __func__); -} - -/** - * lsm_early_task - during initialization allocate a composite task blob - * @task: the task that needs a blob - * - * Allocate the task blob for all the modules - */ -static void __init lsm_early_task(struct task_struct *task) -{ - int rc = lsm_task_alloc(task); - - if (rc) - panic("%s: Early task alloc failed.\n", __func__); -} - -static void __init ordered_lsm_init(void) +static void __init lsm_init_ordered(void) { struct lsm_info **lsm; + struct lsm_info *early; if (chosen_lsm_order) { if (chosen_major_lsm) { @@ -340,10 +304,23 @@ static void __init ordered_lsm_init(void) } else ordered_lsm_parse(builtin_lsm_order, "builtin"); - for (lsm = ordered_lsms; *lsm; lsm++) + lsm_order_for_each(lsm) { lsm_prep_single(*lsm); + } - report_lsm_order(); + pr_info("initializing lsm="); + lsm_early_for_each_raw(early) { + if (is_enabled(early)) + pr_cont("%s%s", + early == __start_early_lsm_info ? "" : ",", + early->name); + } + lsm_order_for_each(lsm) { + if (is_enabled(*lsm)) + pr_cont("%s%s", + lsm == ordered_lsms ? "" : ",", (*lsm)->name); + } + pr_cont("\n"); init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); init_debug("file blob size = %d\n", blob_sizes.lbs_file); @@ -362,9 +339,6 @@ static void __init ordered_lsm_init(void) init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); - /* - * Create any kmem_caches needed for blobs - */ if (blob_sizes.lbs_file) lsm_file_cache = kmem_cache_create("lsm_file_cache", blob_sizes.lbs_file, 0, @@ -374,10 +348,14 @@ static void __init ordered_lsm_init(void) blob_sizes.lbs_inode, 0, SLAB_PANIC, NULL); - lsm_early_cred((struct cred *) current->cred); - lsm_early_task(current); - for (lsm = ordered_lsms; *lsm; lsm++) + if (lsm_cred_alloc((struct cred *)current->cred, GFP_KERNEL)) + panic("%s: early cred alloc failed.\n", __func__); + if (lsm_task_alloc(current)) + panic("%s: early task alloc failed.\n", __func__); + + lsm_order_for_each(lsm) { initialize_lsm(*lsm); + } } static bool match_last_lsm(const char *list, const char *lsm) @@ -479,7 +457,7 @@ int __init early_security_init(void) { struct lsm_info *lsm; - for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { + lsm_early_for_each_raw(lsm) { if (!lsm->enabled) lsm->enabled = &lsm_enabled_true; lsm_prep_single(lsm); @@ -506,7 +484,7 @@ int __init security_init(void) * Append the names of the early LSM modules now that kmalloc() is * available */ - for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { + lsm_early_for_each_raw(lsm) { init_debug(" early started: %s (%s)\n", lsm->name, is_enabled(lsm) ? "enabled" : "disabled"); if (lsm->enabled) @@ -514,7 +492,7 @@ int __init security_init(void) } /* Load LSMs in specified order. */ - ordered_lsm_init(); + lsm_init_ordered(); return 0; } From patchwork Wed Apr 9 18:49:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045275 Received: from mail-qk1-f170.google.com (mail-qk1-f170.google.com [209.85.222.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 71F5A27932F for ; Wed, 9 Apr 2025 18:53:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224817; cv=none; b=Qr/zh+x0/73wdTGB4QuS0ZL5+w/CpYWvh5QsdpTPUpt4wqNskIExhiwRM9QKTZ/Tom02xGIUAm15GfpDxiI22tAf80vHySj4XDtKZ1QWRprKvic/o7SNx6k8YF8s5NDqeFE5bLZgB8ATCfhZqWPXUEfb9QBQLCkWovIlINSzZDc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224817; c=relaxed/simple; bh=suwgQBN2f+WUDLS5qxCVT1JfKZ1u9cWT9DOTBoIM33c=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hRyVDNg9xUhaa7UusXmR30fZ2ArHNobMJd846VXqmPHQKiCQcBK+dmU1gQR7Hh8itWJkhNyg9eT5UeIcVXB6rlQbqAx+Y93Njmce0hSnsn9DrRpszpuyWPtyXSJx/+3NoEv2bHMl9ThVghgh2DmjnCygfzugAEmqap30BTTSKB8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=da+0JmD7; arc=none smtp.client-ip=209.85.222.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="da+0JmD7" Received: by mail-qk1-f170.google.com with SMTP id af79cd13be357-7c597760323so2003785a.3 for ; Wed, 09 Apr 2025 11:53:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224814; x=1744829614; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=y249LSqoR+cxToQEsmQYSigHHJBjh+WrtpsqV/HUcV4=; b=da+0JmD7krNoqVpATVCIYHS/jf9H2/rBeM2nUpUK1R48Bsq6xf8Pr/SciTXQw99+yP e4uTZskyVCZNcjTEtrVQ2gLT60/i0JTuPVsHVDm2t2TGXZ5MjX9qvX6qkmgMGtRb/bww ZHW2htVIPLniHT/2xXSkFEiH1jywRh8zomqm2vCX2E/H9ND2mes9XdAuBIDjPRczdvNx zq/yNXC7QjTCFq0QhoxrO6Zys2eH3gI99EBqODIGIp0vH6baqKOcdFvVBp6GBISJD94n 7N3JkINxzamWWUuMZKb5LD5kliPV3Mnspz/hZPININvcowra0mmgeTRB2W8KjffAT4ru 4KHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224814; x=1744829614; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=y249LSqoR+cxToQEsmQYSigHHJBjh+WrtpsqV/HUcV4=; b=JekCO3Hn85zTZF0N6wKl2k/L0Itp9I+Jfs3p8SluTrSwcxXkXxZgm3AaWO2z/xzE6b bezh2mpaDcUg7XrRHs9t+JduqR2u7MsfsXGhkknhibKHO1XRIrqhBYZLg7cGj3238Hcw JSiYgOtkrjWaikibAeTYfcBKMvAJ81vio3fdpW7uGEx5fa95V91YYJPF/RP2cZkUdLda zTBS6nc4a0TDNmmTmwlmPyCAmDr7UmbwM5dI+f8U/slExi+x4LQd6gCQwNh8CNC3xX13 pnRaKTpUlXKAObwDENU+0sGZq6WqeUngxTM16jAjELP2h1QuXSMk5STdhQOjrJpL3/XK cDoA== X-Forwarded-Encrypted: i=1; AJvYcCVJt7wE7Fa9PnQnQt6uvYZdFAfvd0fMz1+3b32sVfWDi9GTI1l7AWQfveFt0yDiLDTII5DFNvhqXV5u6zE9Qr0=@vger.kernel.org X-Gm-Message-State: AOJu0YyN+ftH3alPB9YdDZcQtY3SZ9FtXdBvqUb/dDe8OIvuqe+Q+zK9 cgAsrxU762sIZDjMZnpjR1dKnOrqnnRqc7aPqZ9QrwuGXkaUD/cunr3+F/SJBzBgfzZM+bgGnwM = X-Gm-Gg: ASbGncv/ovEqdFNpEHcjGSnxrgT7TyiLNVDKgnZeMQd/NRSEUF6NKdWDUusnzxHkKK9 jp4R3Sw/sBPGWG8YF5z19EniN4lJhnoCcpUePgS7yNxORHQ4Lgkz7EOTwU/GKxw/gYRFiy/ed33 MFeIBJxsgUkJrOuslLNKh0pGfK5jDgSr/FyT7wkkmnPJ3HCwupDjzinAvFvTY0meptyGVt4O5ka 4w/M5Ak6JVgiwG8kme5IsX2iel4/cAZyB4OoCmMEXDdxdSqkzRWPZzaDuu42uNhHhoYJY4X1XnO HpRTq7n5RqNLk4GuVay2u/nUOYoc/rQiG0dIbHBI/ZDCaeHrjPkit6QSIBxxar4srnsa7f/6R6R yGuTILRDfEw== X-Google-Smtp-Source: AGHT+IHWWKmhAUAD5QZyMIWCZm1PyBDKbfkAzPSqMi9p8Qt07R79gPO9Hc6qmLm5WdmO1UV6EXv2Eg== X-Received: by 2002:a05:620a:9607:b0:7c7:a537:7ce2 with SMTP id af79cd13be357-7c7a5377ceemr231947385a.32.1744224814412; Wed, 09 Apr 2025 11:53:34 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id af79cd13be357-7c7a10ba65esm106413385a.28.2025.04.09.11.53.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:33 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 05/29] lsm: replace the name field with a pointer to the lsm_id struct Date: Wed, 9 Apr 2025 14:49:50 -0400 Message-ID: <20250409185019.238841-36-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=12306; i=paul@paul-moore.com; h=from:subject; bh=suwgQBN2f+WUDLS5qxCVT1JfKZ1u9cWT9DOTBoIM33c=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGHCEiDm6qt+zIbiQXuhA+Nk1W29JbXEhzUY KE+ZHTqXQCJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBhwAKCRDqIPLalzeJ c/TEEAC8Bpb96EjP7814bYL1nDv3LdIYXy3idkVr6RcbUuvqqAO7X8XTw7gTLJyg+J2tcfMndd+ 9KIvK0nsMBU7w4prrFU5W34e/CrIUS7bnLVVDiMMOO84D4ZWTbW5iPdCxYOAK2wAWm+hOCq1BTR 2TtMLBArrR1ZeVwyi3fXBnnASZdnEtS6yj9Cy8RymK21yx9uXjCp0EelagPG0acfS/M0++c/EfI AXxnYpyiNu2csojc1CApxp/DRSMPJ6EZOGFApz/ROloIsJFiJBbKPWzbFNu1GnX+yprbY/rn+JP OMnLu+oUdNfCxSlvcLRprG/3YWZ4UtV8g/bmsD4oJyUXrKU9YR1SzREM5ofiztEh6VMHlabQE1K c6wzsr6fmLg9CeTiHKRn1v3hri2oTMPfMehB9R93v1A1Ja66wBXpy2dQeo8mcMczJoZyn+xsJVK GtW0nTzhm6uRpkMjdQLn4uF+LcX3JanAJxAVhnZf83NwrzXx9bqofJUGUQyqTLB5UaW+Qe08FM3 hTC6tOnH4OaXS97Oz3GBhiJPG8iZegKnbY4rY6zP/Los9IrZAwQmquY+g4UJyShxJZ6IChvC0pc nxKGyn2KD4rwrvtvrIjYmXsBFw5ZfWxxJe/FpxCCAa2IPkYYu5vy5w6KC15Hrn6GzeggdWBSynM C2T3SoJZqTosa9w== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Reduce the duplication between the lsm_id struct and the DEFINE_LSM() definition by linking the lsm_id struct directly into the individual LSM's DEFINE_LSM() instance. Linking the lsm_id into the LSM definition also allows us to simplify the security_add_hooks() function by removing the code which populates the lsm_idlist[] array and moving it into the normal LSM startup code where the LSM list is parsed and the individual LSMs are enabled, making for a cleaner implementation with less overhead at boot. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- include/linux/lsm_hooks.h | 2 +- security/apparmor/lsm.c | 2 +- security/bpf/hooks.c | 2 +- security/commoncap.c | 2 +- security/integrity/evm/evm_main.c | 2 +- security/integrity/ima/ima_main.c | 2 +- security/ipe/ipe.c | 2 +- security/landlock/setup.c | 2 +- security/loadpin/loadpin.c | 2 +- security/lockdown/lockdown.c | 2 +- security/lsm_init.c | 43 ++++++++++++------------------- security/safesetid/lsm.c | 2 +- security/selinux/hooks.c | 2 +- security/smack/smack_lsm.c | 2 +- security/tomoyo/tomoyo.c | 2 +- security/yama/yama_lsm.c | 2 +- 16 files changed, 31 insertions(+), 42 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index eeb4bfd60b79..4cd17c9a229f 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -149,7 +149,7 @@ enum lsm_order { }; struct lsm_info { - const char *name; /* Required. */ + const struct lsm_id *id; enum lsm_order order; /* Optional: default is LSM_ORDER_MUTABLE */ unsigned long flags; /* Optional: flags describing LSM */ int *enabled; /* Optional: controlled by CONFIG_LSM */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 9b6c2f157f83..a7f6a3274682 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -2272,7 +2272,7 @@ static int __init apparmor_init(void) } DEFINE_LSM(apparmor) = { - .name = "apparmor", + .id = &apparmor_lsmid, .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, .enabled = &apparmor_enabled, .blobs = &apparmor_blob_sizes, diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index db759025abe1..40efde233f3a 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -33,7 +33,7 @@ struct lsm_blob_sizes bpf_lsm_blob_sizes __ro_after_init = { }; DEFINE_LSM(bpf) = { - .name = "bpf", + .id = &bpf_lsmid, .init = bpf_lsm_init, .blobs = &bpf_lsm_blob_sizes }; diff --git a/security/commoncap.c b/security/commoncap.c index 28d4248bf001..e04aa4f50eaf 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -1509,7 +1509,7 @@ static int __init capability_init(void) } DEFINE_LSM(capability) = { - .name = "capability", + .id = &capability_lsmid, .order = LSM_ORDER_FIRST, .init = capability_init, }; diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 0add782e73ba..db8e324ed4e6 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -1175,7 +1175,7 @@ struct lsm_blob_sizes evm_blob_sizes __ro_after_init = { }; DEFINE_LSM(evm) = { - .name = "evm", + .id = &evm_lsmid, .init = init_evm_lsm, .order = LSM_ORDER_LAST, .blobs = &evm_blob_sizes, diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index f3e7ac513db3..55a4f08a2565 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -1251,7 +1251,7 @@ struct lsm_blob_sizes ima_blob_sizes __ro_after_init = { }; DEFINE_LSM(ima) = { - .name = "ima", + .id = &ima_lsmid, .init = init_ima_lsm, .order = LSM_ORDER_LAST, .blobs = &ima_blob_sizes, diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c index 4317134cb0da..2426441181dc 100644 --- a/security/ipe/ipe.c +++ b/security/ipe/ipe.c @@ -92,7 +92,7 @@ static int __init ipe_init(void) } DEFINE_LSM(ipe) = { - .name = "ipe", + .id = &ipe_lsmid, .init = ipe_init, .blobs = &ipe_blobs, }; diff --git a/security/landlock/setup.c b/security/landlock/setup.c index bd53c7a56ab9..47dac1736f10 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -75,7 +75,7 @@ static int __init landlock_init(void) } DEFINE_LSM(LANDLOCK_NAME) = { - .name = LANDLOCK_NAME, + .id = &landlock_lsmid, .init = landlock_init, .blobs = &landlock_blob_sizes, }; diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index 68252452b66c..b9ddf05c5c16 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -271,7 +271,7 @@ static int __init loadpin_init(void) } DEFINE_LSM(loadpin) = { - .name = "loadpin", + .id = &loadpin_lsmid, .init = loadpin_init, }; diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index cf83afa1d879..4813f168ff93 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -168,6 +168,6 @@ DEFINE_EARLY_LSM(lockdown) = { #else DEFINE_LSM(lockdown) = { #endif - .name = "lockdown", + .id = &lockdown_lsmid, .init = lockdown_lsm_init, }; diff --git a/security/lsm_init.c b/security/lsm_init.c index 407429688f1b..d458a365b0d5 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -124,9 +124,10 @@ static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) /* Enable this LSM, if it is not already set. */ if (!lsm->enabled) lsm->enabled = &lsm_enabled_true; - ordered_lsms[last_lsm++] = lsm; + ordered_lsms[last_lsm] = lsm; + lsm_idlist[last_lsm++] = lsm->id; - init_debug("%s ordered: %s (%s)\n", from, lsm->name, + init_debug("%s ordered: %s (%s)\n", from, lsm->id->name, is_enabled(lsm) ? "enabled" : "disabled"); } @@ -154,7 +155,7 @@ static void __init lsm_prep_single(struct lsm_info *lsm) set_enabled(lsm, false); return; } else if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { - init_debug("exclusive disabled: %s\n", lsm->name); + init_debug("exclusive disabled: %s\n", lsm->id->name); set_enabled(lsm, false); return; } @@ -162,7 +163,7 @@ static void __init lsm_prep_single(struct lsm_info *lsm) /* Mark the LSM as enabled. */ set_enabled(lsm, true); if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { - init_debug("exclusive chosen: %s\n", lsm->name); + init_debug("exclusive chosen: %s\n", lsm->id->name); exclusive = lsm; } @@ -194,9 +195,9 @@ static void __init initialize_lsm(struct lsm_info *lsm) if (is_enabled(lsm)) { int ret; - init_debug("initializing %s\n", lsm->name); + init_debug("initializing %s\n", lsm->id->name); ret = lsm->init(); - WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); + WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); } } @@ -231,10 +232,10 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) for (major = __start_lsm_info; major < __end_lsm_info; major++) { if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && - strcmp(major->name, chosen_major_lsm) != 0) { + strcmp(major->id->name, chosen_major_lsm) != 0) { set_enabled(major, false); init_debug("security=%s disabled: %s (only one legacy major LSM)\n", - chosen_major_lsm, major->name); + chosen_major_lsm, major->id->name); } } } @@ -246,7 +247,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) bool found = false; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (strcmp(lsm->name, name) == 0) { + if (strcmp(lsm->id->name, name) == 0) { if (lsm->order == LSM_ORDER_MUTABLE) append_ordered_lsm(lsm, origin); found = true; @@ -263,7 +264,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (exists_ordered_lsm(lsm)) continue; - if (strcmp(lsm->name, chosen_major_lsm) == 0) + if (strcmp(lsm->id->name, chosen_major_lsm) == 0) append_ordered_lsm(lsm, "security="); } } @@ -280,7 +281,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) continue; set_enabled(lsm, false); init_debug("%s skipped: %s (not in requested order)\n", - origin, lsm->name); + origin, lsm->id->name); } kfree(sep); @@ -313,12 +314,12 @@ static void __init lsm_init_ordered(void) if (is_enabled(early)) pr_cont("%s%s", early == __start_early_lsm_info ? "" : ",", - early->name); + early->id->name); } lsm_order_for_each(lsm) { if (is_enabled(*lsm)) pr_cont("%s%s", - lsm == ordered_lsms ? "" : ",", (*lsm)->name); + lsm == ordered_lsms ? "" : ",", (*lsm)->id->name); } pr_cont("\n"); @@ -426,18 +427,6 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; - /* - * A security module may call security_add_hooks() more - * than once during initialization, and LSM initialization - * is serialized. Landlock is one such case. - * Look at the previous entry, if there is one, for duplication. - */ - if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) { - if (lsm_active_cnt >= MAX_LSM_COUNT) - panic("%s Too many LSMs registered.\n", __func__); - lsm_idlist[lsm_active_cnt++] = lsmid; - } - for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; lsm_static_call_init(&hooks[i]); @@ -485,10 +474,10 @@ int __init security_init(void) * available */ lsm_early_for_each_raw(lsm) { - init_debug(" early started: %s (%s)\n", lsm->name, + init_debug(" early started: %s (%s)\n", lsm->id->name, is_enabled(lsm) ? "enabled" : "disabled"); if (lsm->enabled) - lsm_append(lsm->name, &lsm_names); + lsm_append(lsm->id->name, &lsm_names); } /* Load LSMs in specified order. */ diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index 1ba564f097f5..9a7c68d4e642 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -287,6 +287,6 @@ static int __init safesetid_security_init(void) } DEFINE_LSM(safesetid_security_init) = { + .id = &safesetid_lsmid, .init = safesetid_security_init, - .name = "safesetid", }; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e7a7dcab81db..f28a12a0a1c8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7562,7 +7562,7 @@ void selinux_complete_init(void) /* SELinux requires early initialization in order to label all processes and objects when they are created. */ DEFINE_LSM(selinux) = { - .name = "selinux", + .id = &selinux_lsmid, .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, .enabled = &selinux_enabled_boot, .blobs = &selinux_blob_sizes, diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 99833168604e..e09b33fed5f0 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -5282,7 +5282,7 @@ static __init int smack_init(void) * all processes and objects when they are created. */ DEFINE_LSM(smack) = { - .name = "smack", + .id = &smack_lsmid, .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, .blobs = &smack_blob_sizes, .init = smack_init, diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index d6ebcd9db80a..ed0f7b052a85 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -612,7 +612,7 @@ static int __init tomoyo_init(void) } DEFINE_LSM(tomoyo) = { - .name = "tomoyo", + .id = &tomoyo_lsmid, .enabled = &tomoyo_enabled, .flags = LSM_FLAG_LEGACY_MAJOR, .blobs = &tomoyo_blob_sizes, diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 3d064dd4e03f..38b21ee0c560 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -476,6 +476,6 @@ static int __init yama_init(void) } DEFINE_LSM(yama) = { - .name = "yama", + .id = &yama_lsmid, .init = yama_init, }; From patchwork Wed Apr 9 18:49:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045277 Received: from mail-qv1-f43.google.com (mail-qv1-f43.google.com [209.85.219.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC17527935A for ; Wed, 9 Apr 2025 18:53:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.43 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224819; cv=none; b=VkR5M1I9nD9Fb5WytMvLrRcn5zbRnzDgNedkah1vaTWdEqSIV9DBFeK1/7R0dN9BSfIgbaC/Siu2ptTy3EdRTViSrNLcpnCTyGAdfvc1UXPGbsNbfqLAAL6Adg15NeEiNAfPtSQnQ4j41FIQbgsK2FwbhHEznR7eObPtmSFloAg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224819; c=relaxed/simple; bh=cAQQMk+Vt6sewNd7r5cJabqUDfdUGGXs+2Q9EYdMTl0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QYhglXvUmNpIrXZnz/LFA6cuP/7nIGMmrh0Ff8rLZlMkUpPOCgagjSI5o7Jx5y6fXqtDiP/zlSf7yR6EBNLvl8Fa/7CjDzdcwOJooXcBYCA59BliX1t2FMLGfgt5do8osVKB9Rs+5nl4behJ+RMu/e9WyK2BQtfRNu4hIMWgJyY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=ef/fPv60; arc=none smtp.client-ip=209.85.219.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="ef/fPv60" Received: by mail-qv1-f43.google.com with SMTP id 6a1803df08f44-6e8fc176825so58916886d6.0 for ; Wed, 09 Apr 2025 11:53:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224815; x=1744829615; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=j8UNEGBnDjctViFzAeNZ98+Qj49ntmuE/5Qqsa0alp4=; b=ef/fPv60/r3G2z7jcwyi4COMxJukePbCiGXQF1Gu/fewnHhliNz8mZF90txW9DcqW3 gQjK76s5fnpMWa9PoPITjhqAUIhSPjUzBe2TGt7gCbCE5nUil7FelwGYktw2A9a3pYJA CLgC4K7PRz2uQK6q2JDxw9VPDWNaepV7hVqjl44034OJL3+9ZG3Q90ty9KKFD/3IlKF7 FUXpx/Rw6poKylkfNOAcJz31Ncb4yoP0293yjJeu7E1WNIPZe7THGdei6Zt0SCURvsw4 B/WS00Htmm6FIjNvjcmt5o2j0upV5YkOkzpvw3KAzP/hyFByZnNdI6/CaGz+A5hfAIn+ Y5SA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224815; x=1744829615; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=j8UNEGBnDjctViFzAeNZ98+Qj49ntmuE/5Qqsa0alp4=; b=unIK1UZQ0VIqADrCUoJ94ob0Lu1qCT/PK/cDcJoH2josu+jkUmvEsrzfbPtwXtkNmw x4RovM/VZavqeD+/AC//CzPBq6NJ1g4J4a82rDbBgC71NIngTDaakAOYkzjNpXko20G6 peMRBufXlz+oq4k4RKnP+5NLRIXcmIbG5Io70G1/+K+B4P+nY78TpfnZ75ozPdqDC+V9 ZgOHAoh5zermgB/Agq53/TYXMJIUL3dIUZcgCaDtNrST83yte3CAFjiLtR8CSkw1QsjE EFrxpLtZfr4+twNMcKn4bew14yt922uUmjQjMPAn9/e3/YuSqGXG1lXc3t74oOGcgVHU 1+iA== X-Forwarded-Encrypted: i=1; AJvYcCXsBkbcymCxfLhB6TCDd1HzoR+qZx1/YSQMJtGGik50JL+0bmBXWOzeVYqlkoVGygDBPjayoyEEgJCEURF7v8I=@vger.kernel.org X-Gm-Message-State: AOJu0YwF8XXvH6MQPuogYTxEjVQ1A8Y1HGXJ3Q0bshZJhRMYbS21ycNF 33Gvy/mBJyWh5g+2brasffH334VYDMGQybUTDnzFKgUhfloBqbdKzaReWsoE2A== X-Gm-Gg: ASbGncsLNVpqa3bsYvFFNZzuvok36nb9adKPCrNFSVSCgW8YatL4nv1CRzZtVpQuw81 JVQ0m6dM2IHImpIAMduetShrGAlj9+0vZmcdPaEi0DDDLtP0cSd5VxeawALr6RsIilPGck+GETn kxjLCIHM09cncB+kiFGITxIUGx1/o5bCiZwQ3bnUHxS1SSVnuEGHoEweg0T9Q1T22TQ96mcP6JO l+/5vKgb/VhRUctLsXHiMhDAvUqao12tV1eBUaTo+fila12ID5DelsPl8ws/Jqh7lpuZR90jErl 4sKblVTSgDk9wpilnU9rIjySCz7Mbm8SXIby6Pdf674QPtXhuoYHDjQFHAzVGVY1Svwy52mLfD4 wP6HJ0244Ww== X-Google-Smtp-Source: AGHT+IF1EIeERMEIEyvo2n9JxK+aeVmwH9S+aVkJod3eUny8dqJAKr6fct43BFRjaJ12VpzocVn5Iw== X-Received: by 2002:a05:6214:27e5:b0:6d8:ada3:26c9 with SMTP id 6a1803df08f44-6f0e5a26063mr689146d6.10.1744224815418; Wed, 09 Apr 2025 11:53:35 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0dea111b5sm10426366d6.117.2025.04.09.11.53.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:34 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 06/29] lsm: cleanup and normalize the LSM order symbols naming Date: Wed, 9 Apr 2025 14:49:51 -0400 Message-ID: <20250409185019.238841-37-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=7191; i=paul@paul-moore.com; h=from:subject; bh=cAQQMk+Vt6sewNd7r5cJabqUDfdUGGXs+2Q9EYdMTl0=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGNvvFy3me8wmdAt1I5fboN8swUGDytRzhXL p20NwzmOSuJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBjQAKCRDqIPLalzeJ c+i/D/9YxUh19UB8H9azsjHcItUSrWOZOxh89ujZKXQitrtrb6UVAU4hPyN2gBu3QASwgm6dq63 PBxLStkn03/FKeefydiLQYDWr2FBWcPfDGeNRzfwO8y/q39NkahsVEEQo+O6+QChw3ulZYtqrBa PWhuKWSbXOZlzw1Nt/FZ4S17sv18ti/GsrUbitEusu+FpVd4N9HSwNT0nEgDuAI0hhHAwd2dQmS vOBirouHdlG5ekl1NRE/1XENlORh/oqGLlm6J7TAfx5umEhrxMvP8EnJN0V9I6PrHO/Z0ry+F8+ RqnN9AHIc8QKzYoeNMbDq7mabLbWV5qrCQnCmvrjQVKlp7k7aljrjAnHUbxAK5vUI4SwJJClu6p y+Z9hpT/oMXEI74WqVoKDD3+heAsbET5fIzVCDGB8+Lx8H+enx0Y/O6lPY2+Ia5feWBU3BDTBv6 VFo4fyZ9pvE2zPEU7TodqkfG0flF+fB1wvsBU6z9YpEVQFxmyJB/IYDsUbcNrzD+XNvMTnpilFb 6IxEaPP7jSdj8RyW7dvUyrl6aNywV4cnywSfYN3KTja6n6UgVp45rOV5EaYFSUMkRjJBb9Gu7zl R8rMNCVvIB2jD6dGW9x99gj2bs0UQYHZ16IchJhtX7+h6n3EZlca84LMHkDEMq9FDL50A9XcIpf TTPM1seuwDuihWg== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- security/lsm_init.c | 88 +++++++++++++++++++++++++-------------------- 1 file changed, 49 insertions(+), 39 deletions(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index d458a365b0d5..edf2f4140eaa 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -16,14 +16,14 @@ char *lsm_names; extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; -/* Boot-time LSM user choice */ -static __initconst const char *const builtin_lsm_order = CONFIG_LSM; -static __initdata const char *chosen_lsm_order; -static __initdata const char *chosen_major_lsm; +/* Build and boot-time LSM ordering. */ +static __initconst const char *const lsm_order_builtin = CONFIG_LSM; +static __initdata const char *lsm_order_cmdline; +static __initdata const char *lsm_order_legacy; /* Ordered list of LSMs to initialize. */ -static __initdata struct lsm_info *ordered_lsms[MAX_LSM_COUNT + 1]; -static __initdata struct lsm_info *exclusive; +static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; +static __initdata struct lsm_info *lsm_exclusive; static __initdata bool debug; #define init_debug(...) \ @@ -33,36 +33,46 @@ static __initdata bool debug; } while (0) #define lsm_order_for_each(iter) \ - for ((iter) = ordered_lsms; *(iter); (iter)++) + for ((iter) = lsm_order; *(iter); (iter)++) #define lsm_early_for_each_raw(iter) \ for ((iter) = __start_early_lsm_info; \ (iter) < __end_early_lsm_info; (iter)++) -static int lsm_append(const char *new, char **result); - -/* Save user chosen LSM */ -static int __init choose_major_lsm(char *str) +/** + * lsm_choose_security - Legacy "major" LSM selection + * @str: kernel command line parameter + */ +static int __init lsm_choose_security(char *str) { - chosen_major_lsm = str; + lsm_order_legacy = str; return 1; } -__setup("security=", choose_major_lsm); +__setup("security=", lsm_choose_security); -/* Explicitly choose LSM initialization order. */ -static int __init choose_lsm_order(char *str) +/** + * lsm_choose_lsm - Modern LSM selection + * @str: kernel command line parameter + */ +static int __init lsm_choose_lsm(char *str) { - chosen_lsm_order = str; + lsm_order_cmdline = str; return 1; } -__setup("lsm=", choose_lsm_order); +__setup("lsm=", lsm_choose_lsm); -/* Enable LSM order debugging. */ -static int __init enable_debug(char *str) +/** + * lsm_debug_enable - Enable LSM framework debugging + * @str: kernel command line parameter + * + * Currently we only provide debug info during LSM initialization, but we may + * want to expand this in the future. + */ +static int __init lsm_debug_enable(char *str) { debug = true; return 1; } -__setup("lsm.debug", enable_debug); +__setup("lsm.debug", lsm_debug_enable); /* Mark an LSM's enabled flag. */ static int lsm_enabled_true __initdata = 1; @@ -124,7 +134,7 @@ static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) /* Enable this LSM, if it is not already set. */ if (!lsm->enabled) lsm->enabled = &lsm_enabled_true; - ordered_lsms[last_lsm] = lsm; + lsm_order[last_lsm] = lsm; lsm_idlist[last_lsm++] = lsm->id; init_debug("%s ordered: %s (%s)\n", from, lsm->id->name, @@ -154,7 +164,7 @@ static void __init lsm_prep_single(struct lsm_info *lsm) if (!is_enabled(lsm)) { set_enabled(lsm, false); return; - } else if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { + } else if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && lsm_exclusive) { init_debug("exclusive disabled: %s\n", lsm->id->name); set_enabled(lsm, false); return; @@ -162,9 +172,9 @@ static void __init lsm_prep_single(struct lsm_info *lsm) /* Mark the LSM as enabled. */ set_enabled(lsm, true); - if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { + if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !lsm_exclusive) { init_debug("exclusive chosen: %s\n", lsm->id->name); - exclusive = lsm; + lsm_exclusive = lsm; } /* Register the LSM blob sizes. */ @@ -220,7 +230,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) } /* Process "security=", if given. */ - if (chosen_major_lsm) { + if (lsm_order_legacy) { struct lsm_info *major; /* @@ -232,10 +242,10 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) for (major = __start_lsm_info; major < __end_lsm_info; major++) { if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && - strcmp(major->id->name, chosen_major_lsm) != 0) { + strcmp(major->id->name, lsm_order_legacy) != 0) { set_enabled(major, false); init_debug("security=%s disabled: %s (only one legacy major LSM)\n", - chosen_major_lsm, major->id->name); + lsm_order_legacy, major->id->name); } } } @@ -260,11 +270,11 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) } /* Process "security=", if given. */ - if (chosen_major_lsm) { + if (lsm_order_legacy) { for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (exists_ordered_lsm(lsm)) continue; - if (strcmp(lsm->id->name, chosen_major_lsm) == 0) + if (strcmp(lsm->id->name, lsm_order_legacy) == 0) append_ordered_lsm(lsm, "security="); } } @@ -295,15 +305,15 @@ static void __init lsm_init_ordered(void) struct lsm_info **lsm; struct lsm_info *early; - if (chosen_lsm_order) { - if (chosen_major_lsm) { + if (lsm_order_cmdline) { + if (lsm_order_legacy) { pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", - chosen_major_lsm, chosen_lsm_order); - chosen_major_lsm = NULL; + lsm_order_legacy, lsm_order_cmdline); + lsm_order_legacy = NULL; } - ordered_lsm_parse(chosen_lsm_order, "cmdline"); + ordered_lsm_parse(lsm_order_cmdline, "cmdline"); } else - ordered_lsm_parse(builtin_lsm_order, "builtin"); + ordered_lsm_parse(lsm_order_builtin, "builtin"); lsm_order_for_each(lsm) { lsm_prep_single(*lsm); @@ -319,7 +329,7 @@ static void __init lsm_init_ordered(void) lsm_order_for_each(lsm) { if (is_enabled(*lsm)) pr_cont("%s%s", - lsm == ordered_lsms ? "" : ",", (*lsm)->id->name); + lsm == lsm_order ? "" : ",", (*lsm)->id->name); } pr_cont("\n"); @@ -465,9 +475,9 @@ int __init security_init(void) { struct lsm_info *lsm; - init_debug("legacy security=%s\n", chosen_major_lsm ? : " *unspecified*"); - init_debug(" CONFIG_LSM=%s\n", builtin_lsm_order); - init_debug("boot arg lsm=%s\n", chosen_lsm_order ? : " *unspecified*"); + init_debug("legacy security=%s\n", lsm_order_legacy ? : " *unspecified*"); + init_debug(" CONFIG_LSM=%s\n", lsm_order_builtin); + init_debug("boot arg lsm=%s\n", lsm_order_cmdline ? : " *unspecified*"); /* * Append the names of the early LSM modules now that kmalloc() is From patchwork Wed Apr 9 18:49:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045278 Received: from mail-qk1-f177.google.com (mail-qk1-f177.google.com [209.85.222.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7507327935D for ; Wed, 9 Apr 2025 18:53:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224819; cv=none; b=UDRbtmWJpr9kCdwwxfgTYhnKxiWnEoAHplrU4YPTVZtWlNztKj5xPk5FNjh3lZSy2r3RkrLLXmEI2i7i6P59fW/Vs2+sLSkmQop1sbDu7XmBhF6zB/JErWT/7rApfqBwBvo2ypFdtScu2mYssAk83IXj+nt7vCfIz4kHsP6d7mU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224819; c=relaxed/simple; bh=KFsasiNRn/1z1Ik/t9O+JrkG0wsuT47rh8tQ1XBoYQg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FfmgGOQuxFUcwoiQs7dArvrN0UOUrB6YzPx7Td6qtdvMG0BAUohaD7wQbZnJXfQV+edKclVN+dQCX2r12OWtjkdsji6cWQ7eML8RgYNI3/14LcdeCeQfk13T/BNfS8z6T5bdb6MGwND07Ig1kjp6PQmqJRMjy/goNdcYQF8gKdk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=VXlg7xM0; arc=none smtp.client-ip=209.85.222.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="VXlg7xM0" Received: by mail-qk1-f177.google.com with SMTP id af79cd13be357-7c55500d08cso4048485a.0 for ; Wed, 09 Apr 2025 11:53:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224816; x=1744829616; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=LJLTaE+oUP17ucfbeTFIwhnNa4ZodMFgNyM712ECkWE=; b=VXlg7xM01Vu+YrOZskLaommm3NxcTerGhA4W+6s3kqQiqFNYs7DUjFZ9nDPhBGDCNY jsemECSvtopm8Q18DX6LC7vcoNFaToKasw5GTXnWf7h5NLYgyncqfB798AsQr/wdYrWe 3Tb7uJ9Jqf4W03IuE3Cbdgc0Emk8pKwdAv+W/b+NHRx0YCtbSEFLYTqMsvilZNpuqslC 518DUH1Dbwz3qN/xANaTBhl6+iiVOBkHqgwbVQr7kamVwiScxWQX9+DZlTbgH9l3R47e KYj9V/Jr8wt0UiDSNmw4lLBqJsLCTnT6DFoOkhfp+zXNKkgOZBgsFRpMVhXCi5bNH5HB wUoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224816; x=1744829616; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LJLTaE+oUP17ucfbeTFIwhnNa4ZodMFgNyM712ECkWE=; b=UO43woqUvOefq4RBA/X3XHLidiG7AXjgwinYZeB3Jf4+t1f5Oyc6+hxQn+ZWSfF6EL /XlK3yo9/2laKENoAsC+DHKYTs/37Pw8WWRym2OiBb9v4IwXVJDNSwMbD6ktlZ1YMO2Y WoYO8sVlIJfd2tW3D6IlnTXUHweW2RWUkSpxTwRg3IGuxrAibQoaGL6eypUJW2fXh/sz /JwprU46js9V+zy+VPk7ZzUvGVG0+jPtCHxlXEFvw8XD7RjgrKLoTmVZ3DX+FjVJfhvk xecgYzo5LwooWa5ElVv4n6+Jl4dS21JdQyLJC+u+jouW6OAq5tK/WuIkGMYVbCXPWXxn Pu5g== X-Forwarded-Encrypted: i=1; AJvYcCUZ3eoFyJMCjM4F29UOZT2C2lGr1apDRLeYozPHSFf3ogWKttqiXSFmboQTW46zLLs3i/nKgLxRod4Rwhy7hZQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yw4HfXmnWERzmknG/WgPzwI9Yh7+9cvsjFCe1L33qEUNcys5wGX dMZiMlwg9qc2DB71TBtYfVjpwaRvykS9FdXxWXwZoLXSfjP91U6oG8ZllC+0Bg== X-Gm-Gg: ASbGnct4nmX51zCRH+P9NMws3/3+ch0DoXlhDNAj6zRnXWS/m3H4a4afMQqcCfGmyBq jW0kajhvv3MspMLjCEtzO70By84SXbSmEdbmZYuDqHnn7J9JIvhgaCXuGfZXg/tj2KCHAhR5pgv PjeYctw4wuKG0SAVhiC17n+UXPHteVYBgnLHyYARh5NspNC+7Q8Wp4GRWmwqUJU1xppSeQHIpnZ pTVuJW9L1iKY2086lVa/kA8vQSFdPphnEWKZXS+KWSDOKyVWj9ScUibBJ8vo6PpjmAhwArQU4v3 +vKNSIOZmVIxH0j0Nq50uC+cglCSa4okeKIIyxHcGZxwEUIoe9/ClJYsn78gzOKNniD/UDo1Msb rfNuwQ7R5obv79sAsn4Ji X-Google-Smtp-Source: AGHT+IF6i9jk79i1lnBhew3sLdVjuUfx72+rGLC417exG8vWsFKh1Rd+BiDQcc1wJzSrfHcR2QHGWA== X-Received: by 2002:a05:620a:2b8a:b0:7c5:cd0f:5c09 with SMTP id af79cd13be357-7c79cbc9686mr738512885a.7.1744224816335; Wed, 09 Apr 2025 11:53:36 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0dea10697sm10501726d6.108.2025.04.09.11.53.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:35 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 07/29] lsm: rework lsm_active_cnt and lsm_idlist[] Date: Wed, 9 Apr 2025 14:49:52 -0400 Message-ID: <20250409185019.238841-38-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4074; i=paul@paul-moore.com; h=from:subject; bh=KFsasiNRn/1z1Ik/t9O+JrkG0wsuT47rh8tQ1XBoYQg=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGTR9i1qR9/T23mFgutPDw19iGyksSAWvO+/ 40+g2TwkquJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBkwAKCRDqIPLalzeJ c9pvD/4so58JVRFvuGUnYm+kwB48bg+toZDwKdoHi99nNO+yUiYKvQ6tEXgKIZiDB4fEIk5uZl2 ABre8tOp88aUOiTSVjZQ/FTXaIK2/0O5vOgn4XFpC/JIj+iQk0xKcL3lh3iHFA+773KQoFdesc+ oDb8Nf7r4Z09e0VtXJIK0cJzcthFba8HlRbUEYO3iQrzqHLMQhZcr3FHaDCAw9HgBhQV7EJV/6C 26vZi0HY3ALkxfPzUji779qkak0vWeQia1Mm9yNNDp9xxKqq9vuJmZ3MExP3G4Q+aZ3aB1aqqgZ 5y/zflwdH/oUTW6+vs0Wcdx816qGkQgHYmLyDHU2lGS8FRcArdzqPZHvTDbzi5t0dq75/0l9jgL pA7UkE4/vQKLnhfdOkvWtlLQXo3Rv7AiWHmlOnaPx730PLTMJc+ja7j1zvutaMq7R3bTYpnB7xe xH5MmRScCcCfTaG9lJvG7JfHBrPgro3nTs4MTSOki43YXZkZuXo/B7Nj76T3sGodxh9mqflwXzI P4Shpeq/1YsaNWF78rYxsMkC8FSSAtqQdRTmfia11K0RX2UBj86lDYLMO/5gD7jVPUdP8QFQKyx ZvKOqhBXR/nTDa3CdPsXenHKJTml0NSQjTTGQ42e1wjhB3KBUU8WzYqGi+lEnwKvxdDHvbFQJPy kR4VBpbLXYB9smg== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Move the LSM count and lsm_id list declarations out of a header that is visible across the kernel and into a header that is limited to the LSM framework. This not only helps keep the include/linux headers smaller and cleaner, it helps prevent misuse of these variables. During the move, lsm_active_cnt was renamed to lsm_count for the sake of brevity. Signed-off-by: Paul Moore --- include/linux/security.h | 2 -- security/lsm.h | 5 +++++ security/lsm_init.c | 8 +------- security/lsm_syscalls.c | 8 +++++--- security/security.c | 3 +++ 5 files changed, 14 insertions(+), 12 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index cc9b54d95d22..8aac21787a9f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -167,8 +167,6 @@ struct lsm_prop { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; -extern u32 lsm_active_cnt; -extern const struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/lsm.h b/security/lsm.h index 0e1731bad4a7..af343072199d 100644 --- a/security/lsm.h +++ b/security/lsm.h @@ -7,6 +7,11 @@ #define _LSM_H_ #include +#include + +/* List of configured LSMs */ +extern unsigned int lsm_count; +extern const struct lsm_id *lsm_idlist[]; /* LSM blob configuration */ extern struct lsm_blob_sizes blob_sizes; diff --git a/security/lsm_init.c b/security/lsm_init.c index edf2f4140eaa..981ddb20f48e 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -22,8 +22,8 @@ static __initdata const char *lsm_order_cmdline; static __initdata const char *lsm_order_legacy; /* Ordered list of LSMs to initialize. */ -static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; static __initdata struct lsm_info *lsm_exclusive; +static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; static __initdata bool debug; #define init_debug(...) \ @@ -211,12 +211,6 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } -/* - * Current index to use while initializing the lsm id list. - */ -u32 lsm_active_cnt __ro_after_init; -const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; - /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 8440948a690c..3fb0d77ae65c 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,8 @@ #include #include +#include "lsm.h" + /** * lsm_name_to_attr - map an LSM attribute name to its ID * @name: name of the attribute @@ -96,7 +98,7 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size, u32, flags) { - u32 total_size = lsm_active_cnt * sizeof(*ids); + u32 total_size = lsm_count * sizeof(*ids); u32 usize; int i; @@ -112,9 +114,9 @@ SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size, if (usize < total_size) return -E2BIG; - for (i = 0; i < lsm_active_cnt; i++) + for (i = 0; i < lsm_count; i++) if (put_user(lsm_idlist[i]->id, ids++)) return -EFAULT; - return lsm_active_cnt; + return lsm_count; } diff --git a/security/security.c b/security/security.c index 8d370a4c5e74..a3e8dd640b39 100644 --- a/security/security.c +++ b/security/security.c @@ -73,6 +73,9 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = { [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; +unsigned int lsm_count __ro_after_init; +const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; + struct lsm_blob_sizes blob_sizes; struct kmem_cache *lsm_file_cache; From patchwork Wed Apr 9 18:49:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045279 Received: from mail-qt1-f172.google.com (mail-qt1-f172.google.com [209.85.160.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 78FF927BF85 for ; Wed, 9 Apr 2025 18:53:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224820; cv=none; b=HGHmn4lCHuf3dKIzn+0BDK+yVP+CtoZL62ufKay2TiBv3UeLvlwKZPxaz+lynKAsTnP7uwm4948ZMrcCUi+5uyxAAEhSHQkhTTno3Iw8ShGExZpfihdUsrYzar7VXCOF/YjBIwFbwDF31BQeAneoyYH2N6fAl0Ouw8QR/uXptzo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224820; c=relaxed/simple; bh=1NUIa+5KjxYrVyC8+UdcbY2PiKn4glw3Vh9B27xCfbU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=mJkkiuBfYYJzVwiE6L63+YT1TLwz1JwQEFWBJT/QHS3G2Rpqc4AvLqJ4kOcB82ryKDc2yLkT/AwABK1AXhmPXbdNj9C41gyrk1ot9pZc9L+UIXD9nw47L9TCfYo2HOssTYgthUhDu5KEoo/BXT9OYqy609uinp2Utc8TglIJIw0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=OCKCOOuL; arc=none smtp.client-ip=209.85.160.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="OCKCOOuL" Received: by mail-qt1-f172.google.com with SMTP id d75a77b69052e-4769bbc21b0so63933771cf.2 for ; Wed, 09 Apr 2025 11:53:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224817; x=1744829617; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=myeGk1VKg+RuG9Vt8oAIZ4CZoF5fEne+HCtdGHf+1u0=; b=OCKCOOuLINTjd0MXneCu9wYcOhGrgIutXcJGMtSgwW8nlesaiaE8dgHt4/2vjxcrIE FhRyzcoHKCxQfpHN5GqsZQ/LzhCZwvYZnX2kIOM2jrOMRj0tt+4R+rN9SKqn+Lrq8Ufh 29UV/w5fPzQ0fVGn3WakmLpfdokGvnbfHikgdaFtpE8nT7oOWi8yVymss5MJ3Z8Z3ik9 NQQotstDcfw0helm3M12tqeguorG0nLyixdpR1sKcW8k2wnFKYcfTU5pkDfPJVB/W7Pp nNgTGdtRIq69qi070Wn+Psux2BrdQLtKC2Jf4akMXBU7tcKJtiRXtSrwJhXlxd4krR4u hfXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224817; x=1744829617; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=myeGk1VKg+RuG9Vt8oAIZ4CZoF5fEne+HCtdGHf+1u0=; b=es+VUv+1Yn2MItZKatuM9xtknmVjAJTGrZTc4VeA/TaPgS9yWIJ6gR7Hsaap8xm0Gw kpnkRVDZW1lTwa0K3MbBec+BpA7LvoLP/mfCIATZX6Dg5qF7JSiDEfyYThtTExqtrpZY BRKsTNEV3DCysDS/rf+AoLsUmOcPf4Z48b09mBjxNRRqOssq+msvIvu73GD7mAucag6z TF5K2aNfQ69lc+M+nj5VXqDTm8rsWv7nLsBdxNv/7M/pe/VwvFgLcmKnw2aUR4W6L8Ey 9me7H3isjBhhl1mhbxLWvYdVm+KeeQHzAKLmOlh+gtssvEL3iNm4XJzOS+vcbkrnhvN3 18ew== X-Forwarded-Encrypted: i=1; AJvYcCV9lGvpSGUN3mvQ+oPucZpxKq5SGHai/Dx/ln27jJYbYy77aOiaif1+zACNSoqAJUcyKToyZWMMZlG4ZFZI/mo=@vger.kernel.org X-Gm-Message-State: AOJu0YxnrA/77m63ol4tWwga+ngV/NUV6XTmtp8l5DSCSB8HBJChRXCq rBKwxkpvGh2yq96EIaYDBmiJsp24Zl/rKKOlJ26CN9XjuZGVZh1E/1RVwGbSRw== X-Gm-Gg: ASbGncuh2YA13Vfb5jOIUNz8Fyj+1PitfPfZE8k0caU8KYIUQIzuzyXhRWBFvcdhorn dRQvMNWPtKYhojPROphevo5JD/DFy0QmV3LUg/B0cQAHcxA9210BV27mcVtdy+bHFfdQj9+iFi8 TSG7fXdmHc6COYuey0Cfot0bfDqlS0UQPYnhhEb4i9fUMXuW04fxWjjoP7wLp6gtenZQ8cRiO7r jOGp1jGzClIj1DW+NNl52UlxVQiWnSpNpbMnSYHp2/CGsIzJeZsBr2QuDW0+nwqqUjd57XEC2zb 0KYe3/WQaztJasIyW6+8coZ8ngGm3pg9zrTF9FBzAkHAX83ApU5RuBegbbL0p/7W7pezkeFHDrl dLukIMkaMwQ== X-Google-Smtp-Source: AGHT+IF869mOZKjkkllrrLrKf36gaby9+NevM7t7gjgk6kSd4DDLB+ScY5iVQTnMjkAgz0yr5T6k4w== X-Received: by 2002:a05:622a:1355:b0:477:6e8d:6081 with SMTP id d75a77b69052e-4795f2b15f7mr47540421cf.3.1744224817218; Wed, 09 Apr 2025 11:53:37 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964d71c25sm10459981cf.15.2025.04.09.11.53.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:36 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 08/29] lsm: get rid of the lsm_names list and do some cleanup Date: Wed, 9 Apr 2025 14:49:53 -0400 Message-ID: <20250409185019.238841-39-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4306; i=paul@paul-moore.com; h=from:subject; bh=1NUIa+5KjxYrVyC8+UdcbY2PiKn4glw3Vh9B27xCfbU=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGZ8Qx+Hz4VG7LIyRoRI0huhIRkKmkeTJHHt VrxtDvlCrWJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBmQAKCRDqIPLalzeJ c9G5D/9S6JPn8naTO8uu0nZdxUikFgCM8ZUNqwDAt9gGeM8mYoq5/7ogzA11hkvaDWBpQMUaExQ jAjDLTa6ONNqfsKvb/w52zmbdNQuCQn6aYjVjVX51D68Uhb7iCaqCzzOlOACDPY2JCO3GCn6UH9 HGNulCCy5JKEcZkkTD6slyvUHClYchdqCkUuNWQuLW/w8RKraeQyhukRMTKhaEImCnm4lLQSt3t t/sdUnm1eo5pJexzBtWws0XhMG1JXLGdcFL8B0YdRlb/63nQaP9UkWJrrJ2t2nSeZ76N1J+qRsp Tmny5x5ZBlZbCvCTSYEu4XprlTROb1R3knFTFhuZeS4EXtYpB9CwVJO0q/Bq94p6C1GfMqvP5kP RCbf9EBhNZ9W8zn0Yox733fIkkA7lEcTkEwoYGRZUJC2JsWFcuPu8llGyG/UUrvJzo7mS9huuIv Vcy/76P1P5k0BaHeOR4aWVcwp+SqZ7eK29/n2IdA9I5V438Nw5PRMZANKw4cVEZv9Gp3rRcnGCh Wa4bK46+m9bqH8/Bg/A+9OBDBtNPDQPvY2m20+RWX3BJ8LWEdl3IU+QjhqvLURuBSlHkNsxvg6P AHl1CEvULin8DaQXs4+88U6kGD9jzUkNAK67x1lfBDD2JMurfXjQmqPQEcMk2EUSIT82NiO+oZy RBaBfUuTCPcbg/w== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A The LSM currently has a lot of code to maintain a list of the currently active LSMs in a human readable string, with the only user being the "/sys/kernel/security/lsm" code. Let's drop all of that code and generate the string on an as-needed basis when userspace reads "/sys/kernel/security/lsm". Signed-off-by: Paul Moore --- include/linux/lsm_hooks.h | 1 - security/inode.c | 27 +++++++++++++++++++-- security/lsm_init.c | 49 --------------------------------------- 3 files changed, 25 insertions(+), 52 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 4cd17c9a229f..bc477fb20d02 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -169,7 +169,6 @@ struct lsm_info { /* DO NOT tamper with these variables outside of the LSM framework */ -extern char *lsm_names; extern struct lsm_static_calls_table static_calls_table __ro_after_init; /** diff --git a/security/inode.c b/security/inode.c index da3ab44c8e57..49bc3578bd23 100644 --- a/security/inode.c +++ b/security/inode.c @@ -22,6 +22,8 @@ #include #include +#include "lsm.h" + static struct vfsmount *mount; static int mount_count; @@ -343,8 +345,29 @@ static struct dentry *lsm_dentry; static ssize_t lsm_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) { - return simple_read_from_buffer(buf, count, ppos, lsm_names, - strlen(lsm_names)); + int i; + char *str; + ssize_t rc, len = 0; + + for (i = 0; i < lsm_count; i++) + /* the '+ 1' accounts for either a comma or a NUL terminator */ + len += strlen(lsm_order[i]->id->name) + 1; + + str = kmalloc(len, GFP_KERNEL); + if (!str) + return -ENOMEM; + str[0] = '\0'; + + i = 0; + while (i < lsm_count) { + strcat(str, lsm_order[i]->id->name); + if (++i < lsm_count) + strcat(str, ","); + } + + rc = simple_read_from_buffer(buf, count, ppos, str, len); + kfree(str); + return rc; } static const struct file_operations lsm_ops = { diff --git a/security/lsm_init.c b/security/lsm_init.c index 981ddb20f48e..978bb81b58fa 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -10,8 +10,6 @@ #include "lsm.h" -char *lsm_names; - /* Pointers to LSM sections defined in include/asm-generic/vmlinux.lds.h */ extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; @@ -363,42 +361,6 @@ static void __init lsm_init_ordered(void) } } -static bool match_last_lsm(const char *list, const char *lsm) -{ - const char *last; - - if (WARN_ON(!list || !lsm)) - return false; - last = strrchr(list, ','); - if (last) - /* Pass the comma, strcmp() will check for '\0' */ - last++; - else - last = list; - return !strcmp(last, lsm); -} - -static int lsm_append(const char *new, char **result) -{ - char *cp; - - if (*result == NULL) { - *result = kstrdup(new, GFP_KERNEL); - if (*result == NULL) - return -ENOMEM; - } else { - /* Check if it is the last registered name */ - if (match_last_lsm(*result, new)) - return 0; - cp = kasprintf(GFP_KERNEL, "%s,%s", *result, new); - if (cp == NULL) - return -ENOMEM; - kfree(*result); - *result = cp; - } - return 0; -} - static void __init lsm_static_call_init(struct security_hook_list *hl) { struct lsm_static_call *scall = hl->scalls; @@ -435,15 +397,6 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, hooks[i].lsmid = lsmid; lsm_static_call_init(&hooks[i]); } - - /* - * Don't try to append during early_security_init(), we'll come back - * and fix this up afterwards. - */ - if (slab_is_available()) { - if (lsm_append(lsmid->name, &lsm_names) < 0) - panic("%s - Cannot get early memory.\n", __func__); - } } int __init early_security_init(void) @@ -480,8 +433,6 @@ int __init security_init(void) lsm_early_for_each_raw(lsm) { init_debug(" early started: %s (%s)\n", lsm->id->name, is_enabled(lsm) ? "enabled" : "disabled"); - if (lsm->enabled) - lsm_append(lsm->id->name, &lsm_names); } /* Load LSMs in specified order. */ From patchwork Wed Apr 9 18:49:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045280 Received: from mail-qt1-f182.google.com (mail-qt1-f182.google.com [209.85.160.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 96CEC278147 for ; Wed, 9 Apr 2025 18:53:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224821; cv=none; b=iz4dzG3ciQxXc0xutpR/FmweLbuoaPN4OXNoHNzTWn+19rOVKikbgLjmj7vhY/kjORr1XDJkVJ33EF1Ay/LeVDPNUkZ78Wf+1BdUqNbLPSHXgtkoSlsdG5g+Xq8i0hnI/4GAsVL4SGVjn0B5YFfWqbLzCd4/0Rgyby8F3hx6H/Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224821; c=relaxed/simple; bh=RHbnsK02hzjrS8frwf8Vo7FRCVXpRvvKMlPX+QXLt6M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dU2SKvzlfdDsmuy64pFjc9ay3Od9lwDQ7F9AnNucHTcyHOqRsSF64NVstHEL2VnpZ09Phqselw81ZM5Wdv9ZxwRBoCYahPez3S3D2P2VXiWFGkbDsDJYkX3e444pEmwdePHCzI4vcmOZ2AueWFfgnX9mGqnqVDqINz4eLwH7geA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=acZCaTJ9; arc=none smtp.client-ip=209.85.160.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="acZCaTJ9" Received: by mail-qt1-f182.google.com with SMTP id d75a77b69052e-47686580529so75205481cf.2 for ; Wed, 09 Apr 2025 11:53:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224818; x=1744829618; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=tpg8TLVIx5hZyl/UYe7udGyYnbaCZZ3wgmLEvSZScvA=; b=acZCaTJ9yNxf5ravNJ48c4d1ByncY4UhnFHx3h1mbYmmi5hHt/BUsMOw76hLLX+65F UrfPlZcBXrmSBVst8VIIGiog1YtusYIbu5zpgqQEMElLzNu7abXlVXWuIhy4iHDh3Wql zwsPC7pJOSyOJqjbqv7dYT2C/RFK09joN9qbk5i+S84MVDAuMSxWJk+7sy51zYViwd2R 9tAgPYxUQbqiurWO/foAQSuenAZAeo7Nu134B2Yv+WIOky+lkXKN2Roy5eyU4KYYvtC/ JBbezKD7sjw7WSgtf8OccEIOBDr8WDPz1EY5YRYRLQqhuLpdbJa6f3PHgdwDQpRsk806 PH/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224818; x=1744829618; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tpg8TLVIx5hZyl/UYe7udGyYnbaCZZ3wgmLEvSZScvA=; b=lvQadpnywltIGtR3QY+npaZJeAeTw6KTIqLsCkWYqdH+qv8nGKUwVeKDi23YEwYgu1 TjsNaTaBjVWdchpkFn498eaA03cCHYWE9jtfz7p5Aq1BCVTJiXxFOea9Yntz+bib9Hfd 6lekvCNUj5atLHlGK8JMp1YH7imzP/z3ZudzKkhUP99w4s2/vPMlB0/hqDjUcGz6rEt0 MqywpjW6Y+zDBr4P6aAGyedRwjQV048f/RsxWwtyIw7VTCMpSUK55qGrEvPNDXolx/kp feDkzK/WUXsgLrwkb/m5FAcikldIjPe0NSOfzyKxTv5Z+dB9fuxFi+tZEyLaiSMFMhXE p4oA== X-Forwarded-Encrypted: i=1; AJvYcCW8N949A6cKH2d/7ZPoE8WBL6mUcq+UiqIRuRw9LHi/xI2NwOScJMplIj0oxNTWMKmi4zTAX45TO/p422IwHWo=@vger.kernel.org X-Gm-Message-State: AOJu0Yx4HJBPkUkmmMNYIwasARmd3M1ubd0KiXEt77Bfz3/MC7V2XnqP F7mZ5ApDAuq7c2Zj5O9pvHRn/kOQlAEXM/R2eY0esY5VRanR8bvlVIa/KsNuCw== X-Gm-Gg: ASbGncudyg8RxTJzJeMzD53CDrkVKoUby6PRGgDxXUkl5TDYwWUYur2T6THJqeVuYeA xOpqmfBPCFC5eXKGpLVekihkt/VrpIxOypRRKb6XFsBuI7NYL2C9UsYruBxSj7datkaV+YhNvJ1 KCE13TQ3ybtRRGibiDqXOvL2j84gJO46cmqgNIheGzKB3XjzSS0vncILD+Ss5kTc283SDTjX8Vq GqR0rtj4D/K93bHs1WsF8j4H7UiDjdJLPn8Yoqk/k7qirVpYaxcKnzV2fjZuP5JT2ItETQK5o+7 Bti9DdBcwyA4ilm04KbkwY42VrzJP+2cHmX1n3whKySV9TriGSD/ijXSUuzIllsJLwN/LuFyjwZ 2ugY8b8Vivg== X-Google-Smtp-Source: AGHT+IF+jktutGM7t2K+70yLjoc776B9uVK4nz254ga9W22nLte35+XJhIJhJpyDgwBbmzKgTLjp4A== X-Received: by 2002:a05:622a:13c8:b0:478:f00f:4440 with SMTP id d75a77b69052e-4795f34f0f5mr52136721cf.40.1744224818137; Wed, 09 Apr 2025 11:53:38 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964eb988fsm10333751cf.60.2025.04.09.11.53.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:37 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 09/29] lsm: cleanup and normalize the LSM enabled functions Date: Wed, 9 Apr 2025 14:49:54 -0400 Message-ID: <20250409185019.238841-40-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=9182; i=paul@paul-moore.com; h=from:subject; bh=RHbnsK02hzjrS8frwf8Vo7FRCVXpRvvKMlPX+QXLt6M=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGfwTR1SK0PvWqEBfx60PrYjUF0cBqKxzDE+ PrI3Nb38tqJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBnwAKCRDqIPLalzeJ c/KpD/4hO3JmUeVA6LFf3hLgioz+bafp/oGEWTCboLa61p4Fuoi4G9pPzhOlnPFUNJkd1cWP4lS w7VcFoKiePdVuCB2QAEy/5Vy+s3zEP8SD0ShNZTS+JaRSGeVU8dGuKqEDTbaXnixXxdETFKu33k 8oUZOomO0R4mXf6xMhAmER9hY7LHTQ7HvMhdA1b46TwN3kK0dWfJdgBIS+6/YF+yy41/yh8wpmt +iZTmSuXVh3kzjcQklbKPtMw8MmoxUHYh4KxhmSC8DGpbdW0j6Iy4DxaGMJQaQZ2IhM0D99EOKS tAiN3j0Hyd/0snBkAUXd0XWPlAPT0L9dxw4NE1xPiCtc0dhdWCVi9lZeaKVuAwssgl9u13qufXb oNwW5tVeU3/Wra+DEHKjIlxE+NspE3Vzqt3dGnr5nSMNTBMIFxpQRlenwJ0r4BxEFI2YPEDAfXX mOTcvx0Jz5S12+wPDzUD5mGbBAOkUI+VAQMNqnkUKZii2xQbhT59LgxjkcB24zlF5Lg+52LLJ2p gAAxUeDPZOO15lcDvX83GbIOoMnK428d87kNKrng/Gd7VdfS8VBDRepy317d13SQzSWC3nMOzJW lPZuKMg0qeB+UriRzBht5n3oU6l9K6Yq3/hxxSSNYiXN59P7Zz6nrOuf0bmmUrhgmzYf5oLEtqm 2i3UO8Baupu59gQ== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore --- security/inode.c | 9 ++-- security/lsm_init.c | 110 ++++++++++++++++++++++++-------------------- 2 files changed, 63 insertions(+), 56 deletions(-) diff --git a/security/inode.c b/security/inode.c index 49bc3578bd23..f687e22e6809 100644 --- a/security/inode.c +++ b/security/inode.c @@ -351,18 +351,17 @@ static ssize_t lsm_read(struct file *filp, char __user *buf, size_t count, for (i = 0; i < lsm_count; i++) /* the '+ 1' accounts for either a comma or a NUL terminator */ - len += strlen(lsm_order[i]->id->name) + 1; + len += strlen(lsm_idlist[i]->name) + 1; str = kmalloc(len, GFP_KERNEL); if (!str) return -ENOMEM; str[0] = '\0'; - i = 0; - while (i < lsm_count) { - strcat(str, lsm_order[i]->id->name); - if (++i < lsm_count) + for (i = 0; i < lsm_count; i++) { + if (i > 0) strcat(str, ","); + strcat(str, lsm_idlist[i]->name); } rc = simple_read_from_buffer(buf, count, ppos, str, len); diff --git a/security/lsm_init.c b/security/lsm_init.c index 978bb81b58fa..7f2bc8c22ce9 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -10,6 +10,10 @@ #include "lsm.h" +/* LSM enabled constants. */ +int lsm_enabled_true = 1; +int lsm_enabled_false = 0; + /* Pointers to LSM sections defined in include/asm-generic/vmlinux.lds.h */ extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; @@ -72,41 +76,42 @@ static int __init lsm_debug_enable(char *str) } __setup("lsm.debug", lsm_debug_enable); -/* Mark an LSM's enabled flag. */ -static int lsm_enabled_true __initdata = 1; -static int lsm_enabled_false __initdata = 0; -static void __init set_enabled(struct lsm_info *lsm, bool enabled) +/** + * lsm_enabled_set - Mark a LSM as enabled + * @lsm: LSM definition + * @enabled: enabled flag + */ +static void __init lsm_enabled_set(struct lsm_info *lsm, bool enabled) { /* * When an LSM hasn't configured an enable variable, we can use * a hard-coded location for storing the default enabled state. */ - if (!lsm->enabled) { - if (enabled) - lsm->enabled = &lsm_enabled_true; - else - lsm->enabled = &lsm_enabled_false; - } else if (lsm->enabled == &lsm_enabled_true) { - if (!enabled) - lsm->enabled = &lsm_enabled_false; - } else if (lsm->enabled == &lsm_enabled_false) { - if (enabled) - lsm->enabled = &lsm_enabled_true; + if (!lsm->enabled || + lsm->enabled == &lsm_enabled_true || + lsm->enabled == &lsm_enabled_false) { + lsm->enabled = enabled ? &lsm_enabled_true : &lsm_enabled_false; } else { *lsm->enabled = enabled; } } -static inline bool is_enabled(struct lsm_info *lsm) +/** + * lsm_is_enabled - Determine if a LSM is enabled + * @lsm: LSM definition + */ +static inline bool lsm_is_enabled(struct lsm_info *lsm) { if (!lsm->enabled) return false; - return *lsm->enabled; } -/* Is an LSM already listed in the ordered LSMs list? */ -static bool __init exists_ordered_lsm(struct lsm_info *lsm) +/** + * lsm_order_exists - Determine if a LSM exists in the ordered list + * @lsm: LSM definition + */ +static bool __init lsm_order_exists(struct lsm_info *lsm) { struct lsm_info **check; @@ -118,25 +123,29 @@ static bool __init exists_ordered_lsm(struct lsm_info *lsm) return false; } -/* Append an LSM to the list of ordered LSMs to initialize. */ -static int last_lsm __initdata; -static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) +/** + * lsm_order_append - Append a LSM to the ordered list + * @lsm: LSM definition + * @src: source of the addition + */ +static void __init lsm_order_append(struct lsm_info *lsm, const char *src) { /* Ignore duplicate selections. */ - if (exists_ordered_lsm(lsm)) + if (lsm_order_exists(lsm)) return; - if (WARN(last_lsm == MAX_LSM_COUNT, "%s: out of LSM static calls!?\n", from)) - return; + /* Skip explicitly disabled LSMs. */ + if (lsm->enabled && !lsm_is_enabled(lsm)) { + if (WARN(lsm_count == MAX_LSM_COUNT, + "%s: out of LSM static calls!?\n", src)) + return; + lsm_enabled_set(lsm, true); + lsm_order[lsm_count] = lsm; + lsm_idlist[lsm_count++] = lsm->id; + } - /* Enable this LSM, if it is not already set. */ - if (!lsm->enabled) - lsm->enabled = &lsm_enabled_true; - lsm_order[last_lsm] = lsm; - lsm_idlist[last_lsm++] = lsm->id; - - init_debug("%s ordered: %s (%s)\n", from, lsm->id->name, - is_enabled(lsm) ? "enabled" : "disabled"); + init_debug("%s ordered: %s (%s)\n", src, lsm->id->name, + lsm_is_enabled(lsm) ? "enabled" : "disabled"); } static void __init lsm_set_blob_size(int *need, int *lbs) @@ -159,17 +168,17 @@ static void __init lsm_prep_single(struct lsm_info *lsm) { struct lsm_blob_sizes *blobs; - if (!is_enabled(lsm)) { - set_enabled(lsm, false); + if (!lsm_is_enabled(lsm)) { + lsm_enabled_set(lsm, false); return; } else if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && lsm_exclusive) { init_debug("exclusive disabled: %s\n", lsm->id->name); - set_enabled(lsm, false); + lsm_enabled_set(lsm, false); return; } /* Mark the LSM as enabled. */ - set_enabled(lsm, true); + lsm_enabled_set(lsm, true); if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !lsm_exclusive) { init_debug("exclusive chosen: %s\n", lsm->id->name); lsm_exclusive = lsm; @@ -200,7 +209,7 @@ static void __init lsm_prep_single(struct lsm_info *lsm) /* Initialize a given LSM, if it is enabled. */ static void __init initialize_lsm(struct lsm_info *lsm) { - if (is_enabled(lsm)) { + if (lsm_is_enabled(lsm)) { int ret; init_debug("initializing %s\n", lsm->id->name); @@ -218,7 +227,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) /* LSM_ORDER_FIRST is always first. */ for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (lsm->order == LSM_ORDER_FIRST) - append_ordered_lsm(lsm, " first"); + lsm_order_append(lsm, " first"); } /* Process "security=", if given. */ @@ -235,7 +244,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) major++) { if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && strcmp(major->id->name, lsm_order_legacy) != 0) { - set_enabled(major, false); + lsm_enabled_set(major, false); init_debug("security=%s disabled: %s (only one legacy major LSM)\n", lsm_order_legacy, major->id->name); } @@ -251,7 +260,7 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (strcmp(lsm->id->name, name) == 0) { if (lsm->order == LSM_ORDER_MUTABLE) - append_ordered_lsm(lsm, origin); + lsm_order_append(lsm, origin); found = true; } } @@ -264,24 +273,24 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) /* Process "security=", if given. */ if (lsm_order_legacy) { for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (exists_ordered_lsm(lsm)) + if (lsm_order_exists(lsm)) continue; if (strcmp(lsm->id->name, lsm_order_legacy) == 0) - append_ordered_lsm(lsm, "security="); + lsm_order_append(lsm, "security="); } } /* LSM_ORDER_LAST is always last. */ for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (lsm->order == LSM_ORDER_LAST) - append_ordered_lsm(lsm, " last"); + lsm_order_append(lsm, " last"); } /* Disable all LSMs not in the ordered list. */ for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (exists_ordered_lsm(lsm)) + if (lsm_order_exists(lsm)) continue; - set_enabled(lsm, false); + lsm_enabled_set(lsm, false); init_debug("%s skipped: %s (not in requested order)\n", origin, lsm->id->name); } @@ -313,13 +322,13 @@ static void __init lsm_init_ordered(void) pr_info("initializing lsm="); lsm_early_for_each_raw(early) { - if (is_enabled(early)) + if (lsm_is_enabled(early)) pr_cont("%s%s", early == __start_early_lsm_info ? "" : ",", early->id->name); } lsm_order_for_each(lsm) { - if (is_enabled(*lsm)) + if (lsm_is_enabled(*lsm)) pr_cont("%s%s", lsm == lsm_order ? "" : ",", (*lsm)->id->name); } @@ -404,8 +413,7 @@ int __init early_security_init(void) struct lsm_info *lsm; lsm_early_for_each_raw(lsm) { - if (!lsm->enabled) - lsm->enabled = &lsm_enabled_true; + lsm_enabled_set(lsm, true); lsm_prep_single(lsm); initialize_lsm(lsm); } @@ -432,7 +440,7 @@ int __init security_init(void) */ lsm_early_for_each_raw(lsm) { init_debug(" early started: %s (%s)\n", lsm->id->name, - is_enabled(lsm) ? "enabled" : "disabled"); + lsm_is_enabled(lsm) ? "enabled" : "disabled"); } /* Load LSMs in specified order. */ From patchwork Wed Apr 9 18:49:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045282 Received: from mail-qv1-f50.google.com (mail-qv1-f50.google.com [209.85.219.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 64C06279339 for ; Wed, 9 Apr 2025 18:53:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224823; cv=none; b=NJeLfeHL+ezVPO8icOXEBOQJvYyALnRRCnvGtsgwt7rfmTtKW1wbBRWVIGgTroNJJZsZFqpXLhe8r+qPyH9Ep1zbCOMCnAkxZ0KMZQXlKC7X+u7u50+Y8p6pSK0wOdoJbMdc1eW8R7QE+Kei4BXcPVka1hPFrTrqa8wXv6N8S1A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224823; c=relaxed/simple; bh=fcwkPm6l4+RHA9bcjsLXtGXDqmHsJQ/TI+/6NbM7lsU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=g/D8NK6ZHntctGS2AXBoyd/oXxuzfMPlqIslwl71nIGuahAfFoM5hQIxzPOMjfxjz02KdyCOBFQ+OuqzCWHGOi08N+Ii4NV0tBjCmRO9DrWo0yLTzLsWGC8r48qLVBtYHLHHEnbmAqHXN3de+XJ4Fw8Gjt7DtmaksGl+6Ksv2og= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=ZV6xoXJI; arc=none smtp.client-ip=209.85.219.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="ZV6xoXJI" Received: by mail-qv1-f50.google.com with SMTP id 6a1803df08f44-6e8f254b875so68918556d6.1 for ; Wed, 09 Apr 2025 11:53:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224819; x=1744829619; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MxPKniuzPeJsq2MGKkGone5ImmkHqpzxLLYbUnfQegY=; b=ZV6xoXJIqlc85r5WPe65ZPVxZAOW4cAOdlRS4yHE+wVOXOi/UOL0ZlWf9OU8BuMSZM zVtwMYBxQjwgI8CsuoTCBOhQBiusk1vFW8R3wWlTdZ0hdEDc5oNWw1zwHBlVITaFF+Ob lQVN1oY3Hc/YaYMQ43cigQUGESt8QNHWbAGImrT69p+gzTzRcYF8HF1+BvW7uWdGsH0G QEGRzyH37olkh+r3eEH9ntncCsVkEcoD/sDKFzaFSmc321aLY+IdtQeJmDSMe8a1VEJ/ n60UXmM9Z4y+vEbP8rpVaeuStQImjZleV5Ih2EgHJJ/2cfAt64jQ2B/tQXdN68vOcl9S EqWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224819; x=1744829619; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MxPKniuzPeJsq2MGKkGone5ImmkHqpzxLLYbUnfQegY=; b=DSAU+uFmpjRHppCzBN6Y0gfIq6s3IfmJTBfq/Pp2/W17w05zF2N3q6Pfz3VzFcJAYJ EXUiPO/RYJ8OfFTCOQ/MX+hyoI8vtQNoWYQPrmlpo0RJ2zV3U4n4UX7bgBAhFFkDotSO DhnuJ46sJGPfY0R2cRRH87z8v0VkWx+EPGlneiidutniCWnOu+0N2sGHcZ2e6cjZ2XoT tCW2fIYPsm5jz7mWMqE6VCERWhhujPXqBVB4rWUth414o2wlQ8cOyuTUR9tnRTfhuAon pDaAuI0HMoyyVYqPckkzM46B4fl1due6kZPqpLCQpeT22+r8/Yu2eG9aAgK5JEiGbMTG JMCg== X-Forwarded-Encrypted: i=1; AJvYcCVLCCLuzPrAgxqR/Y/2UapxLc0NBVehFWEpZvk5NoFqlW/FGD5K9pTCpgXRYRamtyl2QbJvtyVVXjhWRFBhA2E=@vger.kernel.org X-Gm-Message-State: AOJu0Ywj95S8NCc1/lyxplqEWf1FhlESOr/W3F4n/f1Beu8XRiDYyjOf MFGfF2Q7sAFmWy6/0w7a6KIZ9/RpvtRYXrg4WhIeByCBXc/cjIRjIEAW/+d+rw== X-Gm-Gg: ASbGncsadYsbBvqRmJhyTn0f8h0f++6XnR3aGje/pZiC+klWEzhI2EIu/lclmTjx0eX 6cZOQ+yQGAv6IudzsH9P4V/DyPotukhExAad/nA9T8V1r4Mp3H4Yj6o+SoBP6NPjDLLqn4oy0+i JVhLMKQPWsgfUpwubFdxi4yi8hqBLTDXL9zwl0U5JaK2kE9zXQQzmV2GN8gjMOZj6ZhEHmgKYL0 Z6U3DbUFOiZ0yD6mX3YXF1IuPd9uTZEO3zDog5Xmlm/05SUQeYmJ1FdPgwBSLoaNmljCErlY+69 toKfl7yDjfmNIvRIqyQr1Kh0fpEKjGXJtJv+BbDfSHy8YZ7Wgn2kyTJO/w4b4a/rSH0CmI+rFbp vIkpZy/CPOw== X-Google-Smtp-Source: AGHT+IFIR3NCeybYkanzOUbrcon5hthEoKzgmw9eaRlfGizZ1TDGKtjpdGzHi+gzX0HsB4fZD6CADw== X-Received: by 2002:a05:6214:2468:b0:6d8:9ead:c665 with SMTP id 6a1803df08f44-6f0e5c12010mr394756d6.27.1744224819219; Wed, 09 Apr 2025 11:53:39 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de970befsm10638566d6.27.2025.04.09.11.53.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:38 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 10/29] lsm: cleanup the LSM blob size code Date: Wed, 9 Apr 2025 14:49:55 -0400 Message-ID: <20250409185019.238841-41-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4763; i=paul@paul-moore.com; h=from:subject; bh=fcwkPm6l4+RHA9bcjsLXtGXDqmHsJQ/TI+/6NbM7lsU=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGm5ehreHkrFdt3cc2O4D3ChMptSPmhQWe9j a8tVG3+3ryJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBpgAKCRDqIPLalzeJ cyEXEACh3QYKJTL8c02bX1SpOHevSxfKVTorFYqxJSHLoIUVdt/y0KPitqt0qztltUDWoDaOxOj UArQ/ZMFDt7yZ8+dFTRlxXADs4vSeixDGkVU0/C8mIme02378Gb7h31Szlk4mK1PYg7ytgRDZG4 cIv2tMKqZ8yvTsi1rt/rR61LxQH+ZjnEvV6HW1YPucvwmZ6tCRo8yNGoczTD6HF0KgPcWscIiuz UKDh7GwnQ3/rZhsN/hoOF3HRqynx22VDLqFy6MPledKNULUdk5kEUfh1ajgCkt155P/wAEyYwZ2 gYVV75DTdfqGiSFYutUI7eHlLDTlllM3/Q5KOUrv2sot195sewIvjlf+JSLzWICOJNm3CDZFFc7 N2pEXK2j78XZmRaHEG34KbEbYOGJsr5ttsKyt4eRRej9z/goqJ9jPD8vBHLFPyhi0UKA+y038IY TKMML/2aYqt9j4lkc9ubHeX+T6yrva5/Y4/3JiuJTxCznm1Ydg4y2maPXrzCXNrKCNUOsUpmtR6 Uf7rUCr5pUWnsPrwd1TQ3/ajgqRk53vGif39n5vaW+idhEPN6Uq3QZB3VgMeVMYerokC062F7KU tNz8Ybtm5GQ5TtmlY2Nq75J5yb++fTK5A3wwR2+IDOEzMWaermy34YuUc7GO+hsqhCILUYhjVBx BB5fKjiQf2IAilg== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Convert the lsm_blob_size fields to unsigned integers as there is no current need for them to be negative, change "lsm_set_blob_size()" to "lsm_blob_size_update()" to better reflect reality, and perform some other minor cleanups to the associated code. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- include/linux/lsm_hooks.h | 28 +++++++++++----------- security/lsm_init.c | 50 +++++++++++++++++++++++---------------- 2 files changed, 43 insertions(+), 35 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index bc477fb20d02..a7ecb0791a0f 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -102,20 +102,20 @@ struct security_hook_list { * Security blob size or offset data. */ struct lsm_blob_sizes { - int lbs_cred; - int lbs_file; - int lbs_ib; - int lbs_inode; - int lbs_sock; - int lbs_superblock; - int lbs_ipc; - int lbs_key; - int lbs_msg_msg; - int lbs_perf_event; - int lbs_task; - int lbs_xattr_count; /* number of xattr slots in new_xattrs array */ - int lbs_tun_dev; - int lbs_bdev; + unsigned int lbs_cred; + unsigned int lbs_file; + unsigned int lbs_ib; + unsigned int lbs_inode; + unsigned int lbs_sock; + unsigned int lbs_superblock; + unsigned int lbs_ipc; + unsigned int lbs_key; + unsigned int lbs_msg_msg; + unsigned int lbs_perf_event; + unsigned int lbs_task; + unsigned int lbs_xattr_count; /* num xattr slots in new_xattrs array */ + unsigned int lbs_tun_dev; + unsigned int lbs_bdev; }; /* diff --git a/security/lsm_init.c b/security/lsm_init.c index 7f2bc8c22ce9..9bb4b4fc9888 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -148,16 +148,22 @@ static void __init lsm_order_append(struct lsm_info *lsm, const char *src) lsm_is_enabled(lsm) ? "enabled" : "disabled"); } -static void __init lsm_set_blob_size(int *need, int *lbs) +/** + * lsm_blob_size_update - Update the LSM blob size and offset information + * @sz_req: the requested additional blob size + * @sz_cur: the existing blob size + */ +static void __init lsm_blob_size_update(unsigned int *sz_req, + unsigned int *sz_cur) { - int offset; + unsigned int offset; - if (*need <= 0) + if (*sz_req == 0) return; - offset = ALIGN(*lbs, sizeof(void *)); - *lbs = offset + *need; - *need = offset; + offset = ALIGN(*sz_cur, sizeof(void *)); + *sz_cur = offset + *sz_req; + *sz_req = offset; } /** @@ -186,24 +192,26 @@ static void __init lsm_prep_single(struct lsm_info *lsm) /* Register the LSM blob sizes. */ blobs = lsm->blobs; - lsm_set_blob_size(&blobs->lbs_cred, &blob_sizes.lbs_cred); - lsm_set_blob_size(&blobs->lbs_file, &blob_sizes.lbs_file); - lsm_set_blob_size(&blobs->lbs_ib, &blob_sizes.lbs_ib); + lsm_blob_size_update(&blobs->lbs_cred, &blob_sizes.lbs_cred); + lsm_blob_size_update(&blobs->lbs_file, &blob_sizes.lbs_file); + lsm_blob_size_update(&blobs->lbs_ib, &blob_sizes.lbs_ib); /* inode blob gets an rcu_head in addition to LSM blobs. */ if (blobs->lbs_inode && blob_sizes.lbs_inode == 0) blob_sizes.lbs_inode = sizeof(struct rcu_head); - lsm_set_blob_size(&blobs->lbs_inode, &blob_sizes.lbs_inode); - lsm_set_blob_size(&blobs->lbs_ipc, &blob_sizes.lbs_ipc); - lsm_set_blob_size(&blobs->lbs_key, &blob_sizes.lbs_key); - lsm_set_blob_size(&blobs->lbs_msg_msg, &blob_sizes.lbs_msg_msg); - lsm_set_blob_size(&blobs->lbs_perf_event, &blob_sizes.lbs_perf_event); - lsm_set_blob_size(&blobs->lbs_sock, &blob_sizes.lbs_sock); - lsm_set_blob_size(&blobs->lbs_superblock, &blob_sizes.lbs_superblock); - lsm_set_blob_size(&blobs->lbs_task, &blob_sizes.lbs_task); - lsm_set_blob_size(&blobs->lbs_tun_dev, &blob_sizes.lbs_tun_dev); - lsm_set_blob_size(&blobs->lbs_xattr_count, - &blob_sizes.lbs_xattr_count); - lsm_set_blob_size(&blobs->lbs_bdev, &blob_sizes.lbs_bdev); + lsm_blob_size_update(&blobs->lbs_inode, &blob_sizes.lbs_inode); + lsm_blob_size_update(&blobs->lbs_ipc, &blob_sizes.lbs_ipc); + lsm_blob_size_update(&blobs->lbs_key, &blob_sizes.lbs_key); + lsm_blob_size_update(&blobs->lbs_msg_msg, &blob_sizes.lbs_msg_msg); + lsm_blob_size_update(&blobs->lbs_perf_event, + &blob_sizes.lbs_perf_event); + lsm_blob_size_update(&blobs->lbs_sock, &blob_sizes.lbs_sock); + lsm_blob_size_update(&blobs->lbs_superblock, + &blob_sizes.lbs_superblock); + lsm_blob_size_update(&blobs->lbs_task, &blob_sizes.lbs_task); + lsm_blob_size_update(&blobs->lbs_tun_dev, &blob_sizes.lbs_tun_dev); + lsm_blob_size_update(&blobs->lbs_xattr_count, + &blob_sizes.lbs_xattr_count); + lsm_blob_size_update(&blobs->lbs_bdev, &blob_sizes.lbs_bdev); } /* Initialize a given LSM, if it is enabled. */ From patchwork Wed Apr 9 18:49:56 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045281 Received: from mail-qt1-f180.google.com (mail-qt1-f180.google.com [209.85.160.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2A48027C14A for ; Wed, 9 Apr 2025 18:53:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224822; cv=none; b=W2CFkhJlO0dbBzBXaDY+5IEYpXpdeoHtL03PYEeUxw6yn5Rjl7Ojj76t1xq1sD9Gy17WEsdLAQ3B/SIAff5QDWakgf4HjNJG9L4Bqm8udrpE6SNyMSZaKu+569p2JiJ1/WkD3929KAhEPxgg4Pr7oN/XRii0HLgkYTN+Oqt6PjQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224822; c=relaxed/simple; bh=578od+KOKp0Zt5/G5juxhdeXYFulKkNW5mxLTRLFSTE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YDbeHuRXPIsYzlbbHDcIDb0Vhy/3VQBECqFaahmPfDHVUFSc17QUOBdWeDNzPfBa7G2996Ofh2JsnYOmCYugPKkmI2i6IPXCXFyvxpC1ILqEgHyh5YOigeJvrPIRV04K8b6W20ZJxU9dy33aaVQmJyrRyM7VmPthuMnRWmOs1sM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=N7tekTIm; arc=none smtp.client-ip=209.85.160.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="N7tekTIm" Received: by mail-qt1-f180.google.com with SMTP id d75a77b69052e-47664364628so524431cf.1 for ; Wed, 09 Apr 2025 11:53:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224820; x=1744829620; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=fM+bz3BaSY4cr5+X5vDEIDHe3dga52xK7vJorYPABfU=; b=N7tekTIm/VpWkeqBUSW2G5hY2qUH7PpvqZ6DPRLxqJrbD+HJZ+GAh1QUEdl/ozZwB5 oY9OvYASHq9VQS0DpWok3OQLvNA+uKavJSB8mmuRlZU/uik4l5BPk2mWGGQuvGPOOtFH aRvU0wbufVjm3ccu2YLSCvRoiE/+HGxmE8RwUya1buTh766UI0TM/0FkX+YBkLGuXKIW 8nvjrvq/bRq8aYacU/QBvIuLSHRI+Uz4eApZonyotbs90/PdgjD0b3XuBjF+VkShu941 fA7aokSmGN0A9vY8yOtFU2WC5UYhpmZpAk05ypUYvG+JUT+eJ9+QIpxIfrtBp7TrE+Lr cZDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224820; x=1744829620; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fM+bz3BaSY4cr5+X5vDEIDHe3dga52xK7vJorYPABfU=; b=WBrix2HZ0Nuc0gZGKYx6wl9T+QJZ5Joyb+oX/zZW409AkOthK3naiRQv1LvYEGF1c5 pO94ztw/qJGi/KWi5C77knlJ3H2SBairUN4hhcH6xPX0nr9aQhIv58sHIno8BaSaXODM fveLGUbOrQvAlBccb8SShEzrFQJ6G3SkKsA44h+SayWOL1Ym9OWZA9IOUceBzBwatDGO OviVolrVv6Xv89X4ewFr/avY6ZPA5xwH6Zj5Ih1VrxYE1VZ4D9kHOkf1AjVsssSpuW6j VzvSWPpeF7sWL9X0NxOStVCEu8eL/euknEargIrn1Dj+VOQfXXUHQoZ64Bvf5iVDSU// imMQ== X-Forwarded-Encrypted: i=1; AJvYcCWJCDZuAE8F7iVIWruTCA+MS/PT6NKE4mUxqbK9uaPQSnTzOamYug22eF0y0oOsSxLo0h0nEBBbIcnrISkbmjE=@vger.kernel.org X-Gm-Message-State: AOJu0Yz8n0zJobyb6Zx41tGZrd/EMQV7QQrRFM5cVjatbgX/PPwwATb4 aN4YGTHBevaZ0/9ky8Chkuo4flRRdzTPL0LUVJhABz4WNpD2zFAvwyK3Y8ivTZyvfYwuZMun1R4 = X-Gm-Gg: ASbGncvmRakY4zg4qm7P3tuXYYas7G3dsiFIsiZGqR4AqNqMBtXJMXpiviBvhJiVoUJ ayjHAAiBMXurqEK5O496CTBKIBffi0pNdNkXJ7+rfzTa1OvEyJL2mBMijCYa6SXmKa0a3FLtqlF 7QiSbzWth1xsTxdn1wW452HYG6wgKYw039vzTxpYPKsdNz1S6U+abCPM1FV0Y8KiZ/FUX2qWt2n 5IbHlmTqGslMm4LktCNu3zTVam5xWPYNFbb3fBsf4MqFeGvGanhsMNtZmyzp4+GfQ1TO9aMSOk1 V+jCRQSueCkozQ5ReDQIXiKgIBjhFhtHK8t+bmTZNsGL0adgRLeG4yJC5LEJGtymo/hH/b17Cwn hWpXPeOqFfw== X-Google-Smtp-Source: AGHT+IE/UP+Tgrhv8CukewwDsH4njav3pf0K/xuBK7KpANvlk9kvTIrqyL/7jPJ/3dgc4O2SlpA4Bg== X-Received: by 2002:ac8:5841:0:b0:471:fc73:b656 with SMTP id d75a77b69052e-4796b95122dmr10953001cf.12.1744224820071; Wed, 09 Apr 2025 11:53:40 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964ef607fsm10303201cf.75.2025.04.09.11.53.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:39 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 11/29] lsm: cleanup initialize_lsm() and rename to lsm_init_single() Date: Wed, 9 Apr 2025 14:49:56 -0400 Message-ID: <20250409185019.238841-42-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1717; i=paul@paul-moore.com; h=from:subject; bh=578od+KOKp0Zt5/G5juxhdeXYFulKkNW5mxLTRLFSTE=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGs6dlM6SxnBucmXuaDFaCMCCh8i2n8VNoWz hFMonzWXF2JAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBrAAKCRDqIPLalzeJ c/5wD/sEmeiG2IGjN6YHPlgEIeL7I2ozz5bYdjZvFV8W0QPGA7e6OK1nRE3/kTYeQEZh5y90zIp qPSBV7+sa8V8hFyCgfgOF4viD6qKVdT1dZAV8WPYFyPSBHT6wsplyk+r+y72tyJE3moVJWj1hP4 0/SszWMhwYuedWR7/50VGMMiUMpG7B0ZXhARQV4+j10a3dcluMccLUiltXYu20QoKjhjHhReD/C w9ClkTa7e7DZUUBzwYK4wU8hfwpQa7E2ERPgkvYI6HttbSBA3mdAgG8zRISn7kktxdkuSwVUQUr g1wcJFNgyXQXHRAbFovnvMyhFCg0R3k6/VffjSTrclZLATFZd4dfjkdHEi5S/1bwbgx4TcREhcp HP0j1Golz13++5m7zTjtxRSCYqnZ7z6PsfVM4+VKGk7p1sUkjIeWRv7oAJmEIv3aLYi7/FIiJcD CnwHFmEC6mQxVOzGqepqGARFT7W35I9JHiWtahZ3kDjt8/ZBzrnp7qBYNo/WaV6W4lJW3DGS5zr z2QWWn0GlJJXUJ319zzDbMoMzRzPA0TvwVYPzVKtrCB95NoARwm4aKI/xdxZZi/lxWAzRs+pdfq tdveGfZTSgThrpBEyNsimTnKg383hT7t2cBWBca4WUp6hSS09bX6wFy1wyYEBMaRI+l4DTRAlPQ XR4vGI2bKza/IIw== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen --- security/lsm_init.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index 9bb4b4fc9888..163fc2a1a952 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -214,16 +214,20 @@ static void __init lsm_prep_single(struct lsm_info *lsm) lsm_blob_size_update(&blobs->lbs_bdev, &blob_sizes.lbs_bdev); } -/* Initialize a given LSM, if it is enabled. */ -static void __init initialize_lsm(struct lsm_info *lsm) +/** + * lsm_init_single - Initialize a given LSM + * @lsm: LSM definition + */ +static void __init lsm_init_single(struct lsm_info *lsm) { - if (lsm_is_enabled(lsm)) { - int ret; + int ret; - init_debug("initializing %s\n", lsm->id->name); - ret = lsm->init(); - WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); - } + if (!lsm_is_enabled(lsm)) + return; + + init_debug("initializing %s\n", lsm->id->name); + ret = lsm->init(); + WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); } /* Populate ordered LSMs list from comma-separated LSM name list. */ @@ -374,7 +378,7 @@ static void __init lsm_init_ordered(void) panic("%s: early task alloc failed.\n", __func__); lsm_order_for_each(lsm) { - initialize_lsm(*lsm); + lsm_init_single(*lsm); } } @@ -423,7 +427,7 @@ int __init early_security_init(void) lsm_early_for_each_raw(lsm) { lsm_enabled_set(lsm, true); lsm_prep_single(lsm); - initialize_lsm(lsm); + lsm_init_single(lsm); } return 0; From patchwork Wed Apr 9 18:49:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045283 Received: from mail-qt1-f172.google.com (mail-qt1-f172.google.com [209.85.160.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0372B278150 for ; Wed, 9 Apr 2025 18:53:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224823; cv=none; b=BonTAPIVzokDImHRc3pJqQotDq55LV4G/o6v33VTTLlY6opkOj0u9OurtuFyMd4KkYlBGvwr4DyQcI+6tnk5dr4JAivHnyfzxkOdn1UW2MYeIcgCtb4Epza1jn7lf5mDhhv31nxpVYfEDQzIvXuvmQKxadSphcKsS8o4QSWJK6w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224823; c=relaxed/simple; bh=GDQ3patH56A9RhEqZVZHzhNee3+KKTm6tdMzSkvZ8pU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hcw8yB5zN/bg8VdJSPF7ReP6I9P+eXxIdFM9FaT2tZcXOJiViktlIpF88x5QovOk1rzefxILf+7FyQSibduebKjVp4MN2844/CuSRQriCyltyUlFZ9Nf1Hy+RWilTx2Bx3PG68g5QbtLzViuBABcmDCAlPLhZ+nD9BXHxdD1eT8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=LWzYAFzL; arc=none smtp.client-ip=209.85.160.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="LWzYAFzL" Received: by mail-qt1-f172.google.com with SMTP id d75a77b69052e-476af5479feso69790861cf.2 for ; Wed, 09 Apr 2025 11:53:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224821; x=1744829621; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=CFj14GGZWVRk3rTnUcPsbyI6H25LTwJVhFQZJQhFWBE=; b=LWzYAFzLkGAskcs/xGOpRoBKqoWW6s9IeQsQH0C52om/Rkjndsju9+0kitna2Zdx4E MkKDyrfUmNtoVcEAEv4Ntwtf1I41MqRIpG+vCBiC0TRr18DZAb5gtyfrROlIai7h7HbP Fd1xGcD+Z+9jVhGHAZJ5zWCyHn9knTEQrkkob+AA6XMszcAmfFKXiyGaPdK2PhD2w/co novPOMBYVxslBu3YgivqmvWIoRYeFNUTcwJZNj40iicRkEjzXILxOp+IoMcu4qhxUij4 jUZmyP9aBCTJ9ZWzG9S8evcO7yTbIHEPapkyIpgSVgKNou1iBciSVAfv6JMdFEURDB6y iHRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224821; x=1744829621; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CFj14GGZWVRk3rTnUcPsbyI6H25LTwJVhFQZJQhFWBE=; b=ah8Dd/+UT1nmluNT7hQSnWpG8ogh/Uz/eP5xDFnnhOdkeiFCgtOHZtiYu/VWDcTUUJ k6qA0PQJfq0XoujjALHld4lkWpfX1lcPwEKCydLVECOkLsbtFlZg3QQ9eRtbZ5lbcFDf vFVi5GRIIXodhAt96Pay0dX+0EFSoms7a0okrj9dqkmKC5Zcc5fnUhm11EdUVAFta75m G9Mz5qLSrK+PI+GPydayWl2T7FijFgYFLfCqyQE0V8BLaEpJKP7esQHvUH6PcxjLFG/1 KtigewrjBUVKDUSnLkC4mPxq4xyv3DVGyq6iBqsYpE1U4aZQbCwYIxUbPd/1Uilf9a5K gxZQ== X-Forwarded-Encrypted: i=1; AJvYcCXKidkQrpkO9KMeOPjB8WiIuzl3YMH/tWQx59cbF3GIMF0AKgrFPIyK19dpOOkfnTR4PUvGSgUw4xMerO/oZMw=@vger.kernel.org X-Gm-Message-State: AOJu0YzmeZdroAiyPD58qBOZkHo2Cj64v6iLfJOrJ/fYW/weu8e0AMgP Xq+DDH+7DLvXC3dPVPA4jbCUrb02VsGMxr+vpSHZNgo+311Y8VId3j8TKDxAjg== X-Gm-Gg: ASbGnct2R5w8lP181AwxcdSIb3XMs20niTnJbHtK9wTppNhP2GP+5MqkGVP4Irk3Tyy ZgTbDZIrQxw2aCWVEyn6US/IECTXss7mXCz1A92OGAHJIZpoMwVG5LHy7MBlaPaVKX706Dfl0S/ +m4lC15+M/Uq4v3ILRYcaSBCqYs6SGNvzTpx8aJTJnU+fBYmNI1DVW9hyEHFH/+DQ8fBhn0u25v mJSJZpJMSPzeC6JseMF9S0QJByZJEdPqYqkrYibA5tst+3AmKZqjmnXAXUxyO8LzkAlCudgYXZ1 tT+XoZxKdA4cZgZTGL1hKwyD3ch1+ZTNCNiPPY/lJIoPwzJvIOLzp1I4Z3oREN6euZtIkel0UpU ri8E6eH2AcQ== X-Google-Smtp-Source: AGHT+IFTzmyMQ9p2FmWUI2/O9PnrefJmwWU5semsY5oW9WRr16w43wZAgR7DXh6QX1NkvvkaNrCueA== X-Received: by 2002:ac8:5ac3:0:b0:477:c04:b512 with SMTP id d75a77b69052e-479600a349amr57411931cf.16.1744224820929; Wed, 09 Apr 2025 11:53:40 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964d75b56sm10482841cf.13.2025.04.09.11.53.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:40 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 12/29] lsm: cleanup the LSM ordered parsing Date: Wed, 9 Apr 2025 14:49:57 -0400 Message-ID: <20250409185019.238841-43-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=8760; i=paul@paul-moore.com; h=from:subject; bh=GDQ3patH56A9RhEqZVZHzhNee3+KKTm6tdMzSkvZ8pU=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sGy1rkxQ1IaeMg1pBvKosIqlnhN4dRB3tMT1 YqrF1VOc/mJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBsgAKCRDqIPLalzeJ c/RrD/4rF3KhJOE3kPV3qGx8NmJ2zM6FW+cGBEsRoEtkCh0yx+xwvZbrZ71LpmCsG7oDpGNasf9 VFOPo+Z4LLV9/hgy4AJrk7QWBn37UutngKA8XVgxDwFc3H376mJA66kcQnI01ushxfqTmIf7MJc gCRBJYBiEIlJXdCRhbVLcRBRckB2hqvKxagfZ0RrPRU1rDIJHNJQqwbsOfBBHhrBmRQca2VDrE2 BZFkAGD1jxucc1C+9tyxdsnnE2UmMxejUTJMXUdwilaz+DYWEseGdzU6mFpAm6UX3u0urHbXN14 FYs/yj2Kz5eGhDPDKkKzBuLFsmqmkwJt3MBMai2UPd4Jga8CM4ZuHVbcvUfjETtt1/D3vebZIwk QpzMTKJmx2BESXm2qnpTkbSs+Us1zfsVVTbCmXjfhpAg551r4r8cA8XQ3L6RdXVsNLc8F9rAgC5 VPmS6un4mi7+Tt9lSs57N3APnLOCDgTA2GgOQOSA0V8oKm55yNDAHTR0eQV+sOTEdAuGQhC6eT5 ADAnwDD4Hj1gGOU8037A42Oj38s7K0dlyA/xXYYJkT2vSVgrCA0/zuCnr1c/aVPSYSsAMu4Bx5z m7SKw++Idy7sHd79LHWbfiCEobYNm96dXdWeBZHfEoWaRLkUNLVfGLItQ0xB1JoILw7WWevEExq Rxo/4Nb+B4P0s6g== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore --- security/lsm_init.c | 211 ++++++++++++++++++++++---------------------- 1 file changed, 106 insertions(+), 105 deletions(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index 163fc2a1a952..e07fd4d2a16a 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -36,6 +36,9 @@ static __initdata bool debug; #define lsm_order_for_each(iter) \ for ((iter) = lsm_order; *(iter); (iter)++) +#define lsm_for_each_raw(iter) \ + for ((iter) = __start_lsm_info; \ + (iter) < __end_lsm_info; (iter)++) #define lsm_early_for_each_raw(iter) \ for ((iter) = __start_early_lsm_info; \ (iter) < __end_early_lsm_info; (iter)++) @@ -127,6 +130,10 @@ static bool __init lsm_order_exists(struct lsm_info *lsm) * lsm_order_append - Append a LSM to the ordered list * @lsm: LSM definition * @src: source of the addition + * + * Append @lsm to the enabled LSM array after ensuring that it hasn't been + * explicitly disabled, is a duplicate entry, or would run afoul of the + * LSM_FLAG_EXCLUSIVE logic. */ static void __init lsm_order_append(struct lsm_info *lsm, const char *src) { @@ -135,19 +142,106 @@ static void __init lsm_order_append(struct lsm_info *lsm, const char *src) return; /* Skip explicitly disabled LSMs. */ - if (lsm->enabled && !lsm_is_enabled(lsm)) { - if (WARN(lsm_count == MAX_LSM_COUNT, - "%s: out of LSM static calls!?\n", src)) - return; - lsm_enabled_set(lsm, true); - lsm_order[lsm_count] = lsm; - lsm_idlist[lsm_count++] = lsm->id; + if (lsm->enabled && !lsm_is_enabled(lsm)) + goto out; + + if (WARN(lsm_count == MAX_LSM_COUNT, + "%s: out of LSM static calls!?\n", src)) { + lsm_enabled_set(lsm, false); + goto out; } + if (lsm->flags & LSM_FLAG_EXCLUSIVE) { + if (lsm_exclusive) { + init_debug("exclusive disabled: %s\n", lsm->id->name); + lsm_enabled_set(lsm, false); + goto out; + } else { + init_debug("exclusive chosen: %s\n", lsm->id->name); + lsm_exclusive = lsm; + } + } + + lsm_enabled_set(lsm, true); + lsm_order[lsm_count] = lsm; + lsm_idlist[lsm_count++] = lsm->id; + +out: init_debug("%s ordered: %s (%s)\n", src, lsm->id->name, lsm_is_enabled(lsm) ? "enabled" : "disabled"); } +/** + * lsm_order_parse - Parse the comma delimited LSM list + * @list: LSM list + * @src: source of the list + */ +static void __init lsm_order_parse(const char *list, const char *src) +{ + struct lsm_info *lsm; + char *sep, *name, *next; + + /* Handle any Legacy LSM exclusions if one was specified. */ + if (lsm_order_legacy) { + /* + * To match the original "security=" behavior, this explicitly + * does NOT fallback to another Legacy Major if the selected + * one was separately disabled: disable all non-matching + * Legacy Major LSMs. + */ + lsm_for_each_raw(lsm) { + if ((lsm->flags & LSM_FLAG_LEGACY_MAJOR) && + strcmp(lsm->id->name, lsm_order_legacy)) { + lsm_enabled_set(lsm, false); + init_debug("security=%s disabled: %s (only one legacy major LSM)\n", + lsm_order_legacy, lsm->id->name); + } + } + } + + /* LSM_ORDER_FIRST */ + lsm_for_each_raw(lsm) { + if (lsm->order == LSM_ORDER_FIRST) + lsm_order_append(lsm, "first"); + } + + /* Normal or "mutable" LSMs */ + sep = kstrdup(list, GFP_KERNEL); + next = sep; + /* Walk the list, looking for matching LSMs. */ + while ((name = strsep(&next, ",")) != NULL) { + lsm_for_each_raw(lsm) { + if (!strcmp(lsm->id->name, name) && + lsm->order == LSM_ORDER_MUTABLE) + lsm_order_append(lsm, src); + } + } + kfree(sep); + + /* Legacy LSM if specified. */ + if (lsm_order_legacy) { + lsm_for_each_raw(lsm) { + if (!strcmp(lsm->id->name, lsm_order_legacy)) + lsm_order_append(lsm, src); + } + } + + /* LSM_ORDER_LAST */ + lsm_for_each_raw(lsm) { + if (lsm->order == LSM_ORDER_LAST) + lsm_order_append(lsm, "last"); + } + + /* Disable all LSMs not previously enabled. */ + lsm_for_each_raw(lsm) { + if (lsm_order_exists(lsm)) + continue; + lsm_enabled_set(lsm, false); + init_debug("%s skipped: %s (not in requested order)\n", + src, lsm->id->name); + } +} + /** * lsm_blob_size_update - Update the LSM blob size and offset information * @sz_req: the requested additional blob size @@ -172,26 +266,12 @@ static void __init lsm_blob_size_update(unsigned int *sz_req, */ static void __init lsm_prep_single(struct lsm_info *lsm) { - struct lsm_blob_sizes *blobs; + struct lsm_blob_sizes *blobs = lsm->blobs; - if (!lsm_is_enabled(lsm)) { - lsm_enabled_set(lsm, false); + if (!blobs) return; - } else if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && lsm_exclusive) { - init_debug("exclusive disabled: %s\n", lsm->id->name); - lsm_enabled_set(lsm, false); - return; - } - - /* Mark the LSM as enabled. */ - lsm_enabled_set(lsm, true); - if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !lsm_exclusive) { - init_debug("exclusive chosen: %s\n", lsm->id->name); - lsm_exclusive = lsm; - } /* Register the LSM blob sizes. */ - blobs = lsm->blobs; lsm_blob_size_update(&blobs->lbs_cred, &blob_sizes.lbs_cred); lsm_blob_size_update(&blobs->lbs_file, &blob_sizes.lbs_file); lsm_blob_size_update(&blobs->lbs_ib, &blob_sizes.lbs_ib); @@ -230,86 +310,6 @@ static void __init lsm_init_single(struct lsm_info *lsm) WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); } -/* Populate ordered LSMs list from comma-separated LSM name list. */ -static void __init ordered_lsm_parse(const char *order, const char *origin) -{ - struct lsm_info *lsm; - char *sep, *name, *next; - - /* LSM_ORDER_FIRST is always first. */ - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm->order == LSM_ORDER_FIRST) - lsm_order_append(lsm, " first"); - } - - /* Process "security=", if given. */ - if (lsm_order_legacy) { - struct lsm_info *major; - - /* - * To match the original "security=" behavior, this - * explicitly does NOT fallback to another Legacy Major - * if the selected one was separately disabled: disable - * all non-matching Legacy Major LSMs. - */ - for (major = __start_lsm_info; major < __end_lsm_info; - major++) { - if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && - strcmp(major->id->name, lsm_order_legacy) != 0) { - lsm_enabled_set(major, false); - init_debug("security=%s disabled: %s (only one legacy major LSM)\n", - lsm_order_legacy, major->id->name); - } - } - } - - sep = kstrdup(order, GFP_KERNEL); - next = sep; - /* Walk the list, looking for matching LSMs. */ - while ((name = strsep(&next, ",")) != NULL) { - bool found = false; - - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (strcmp(lsm->id->name, name) == 0) { - if (lsm->order == LSM_ORDER_MUTABLE) - lsm_order_append(lsm, origin); - found = true; - } - } - - if (!found) - init_debug("%s ignored: %s (not built into kernel)\n", - origin, name); - } - - /* Process "security=", if given. */ - if (lsm_order_legacy) { - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm_order_exists(lsm)) - continue; - if (strcmp(lsm->id->name, lsm_order_legacy) == 0) - lsm_order_append(lsm, "security="); - } - } - - /* LSM_ORDER_LAST is always last. */ - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm->order == LSM_ORDER_LAST) - lsm_order_append(lsm, " last"); - } - - /* Disable all LSMs not in the ordered list. */ - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm_order_exists(lsm)) - continue; - lsm_enabled_set(lsm, false); - init_debug("%s skipped: %s (not in requested order)\n", - origin, lsm->id->name); - } - - kfree(sep); -} - /** * lsm_init_ordered - Initialize the ordered LSMs */ @@ -324,9 +324,9 @@ static void __init lsm_init_ordered(void) lsm_order_legacy, lsm_order_cmdline); lsm_order_legacy = NULL; } - ordered_lsm_parse(lsm_order_cmdline, "cmdline"); + lsm_order_parse(lsm_order_cmdline, "cmdline"); } else - ordered_lsm_parse(lsm_order_builtin, "builtin"); + lsm_order_parse(lsm_order_builtin, "builtin"); lsm_order_for_each(lsm) { lsm_prep_single(*lsm); @@ -426,6 +426,7 @@ int __init early_security_init(void) lsm_early_for_each_raw(lsm) { lsm_enabled_set(lsm, true); + lsm_order_append(lsm, "early"); lsm_prep_single(lsm); lsm_init_single(lsm); } From patchwork Wed Apr 9 18:49:58 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045284 Received: from mail-qk1-f170.google.com (mail-qk1-f170.google.com [209.85.222.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D3D0627BF78 for ; Wed, 9 Apr 2025 18:53:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224824; cv=none; b=q58QEXlO1sJkYLDBGs3bO8eYPwTlgAcbCxQBjhFf7v1sfTitjCR+bgcW8T6D/v4q4hdGIMtwNHwM5L7asW5/h//bMIaLwn77Siou79gtEbklGL6IptKAxkq1uL8mNVwgDIYkWAad4hADaxNIWnORuMBqxuK4/0I+meg1VdMcGQY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224824; c=relaxed/simple; bh=qzEYkjSSQT7SHN2iFHggJ9MMMBNBLcrzRuKDbw9m2Yk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FEP9fb0QpGyOD3eeTipLgChUIAtG8tRIKrJv1nlg9tvTUFYMuesQFiTvJBSeS7Rf/2tmBkKo+wZL1Nx1nmtOEOuH+EtL3gxgzmES4Uzc3wouNm9m+dLeVSFBF8V+vytB9eZLjZD/Y+zTKylGd819qULvFrK8XFj7Eil6Fvt39wE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=gMqVmyvM; arc=none smtp.client-ip=209.85.222.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="gMqVmyvM" Received: by mail-qk1-f170.google.com with SMTP id af79cd13be357-7c5b8d13f73so4314585a.0 for ; Wed, 09 Apr 2025 11:53:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224822; x=1744829622; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=q3N2ly/yeq8SeKiTDDeeS8aDfdMzPtTEEqExSghx5EU=; b=gMqVmyvM4DXkIPGGRU82hYDab0Yi041It/Q1TIZX3G7gAK97uZoM5OnNKGCkwXrOGJ UU4yk5OpwKzhla2TIJeZguiPu1HhhtbXi061NXE4Y3VYtMof84BScIBrlfWL4VRweVHT vcxascZ3AglsAFlnxPtRISCpMDUO7l+pdYCn/4HG4Od4iE7aRtrH6YjwAyjJjdR41wQx +Nzb1C0IBqQ6zdgmROnPcPcUQcyVHvsX6ecf4FhF1ND1RLnZ6TIUbCsm/ManTA2Q3BlK x0CmD/j8Slu4Vu3a3+eh35aXZZ80cLGQaADAeRPAVPsdrgAorciNDXYjbeCH+uRBZA9C 8xTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224822; x=1744829622; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=q3N2ly/yeq8SeKiTDDeeS8aDfdMzPtTEEqExSghx5EU=; b=QbIlZJJPI7CMImKrO4E4jWbcdt+PbNnk7ygEAZvl0XrSaL4i0ley4Ghj1zTd9SRumZ hI4AB8edHWmrRpONj4kMAtr2NiRoru4sqmihhobiz+p2kaXz1kfZGlRtzahZrwXzW2UG IN2DrSwG19ArXK4IOwL4ZcNHwyqGVf1IWHtzB7GEP7I1zee7cIbtSDjhQjt+6e0KxAJK BtL1Sx3KRSeqdCdhp4Jr41MHlVkjjNgZz25LK9ARSeG5Y3uBFnvvA7Mi2a1d3ylpNCZ0 SOJZHQwkHaoqyRKMBVX72rOK5o+lxM0jd7hJJNc2pivSP6NYEF4rTng40ZLWDoYk9IOc PjmQ== X-Forwarded-Encrypted: i=1; AJvYcCW4HncsHmk3F/co+pBqxRv957GUFrjlegmZCXbR74+CsmPUZokOJXgvwvcGEKL7V/HM2uRSn3zeXb2UKVTu7O0=@vger.kernel.org X-Gm-Message-State: AOJu0YwJ0yCWyMJkQjushHfJ+Yivk8MpseRBlZET92IaGAYZxwNO9p5c D2cRh1kgykRiN/2hgNrhVY3XpSQp64aOlIHAc5zT67omllyxXfg81pUafCW2pA== X-Gm-Gg: ASbGncsiHjkIea0S3YOw5gWwObgXUb6QL88ATzdflArBaF/tJ1PJjVh9VBBLIvZOhtR /VxIB0ZmbsqdH7ir8YLrdTwvSPzFzB91NBT6D77unMWeVL0PkybYyZWu0sg/ha0luNVhrU0ZJXs xX97rHkwt6tZMAMXAS8jSOkSPz7muyOi5HUAKv39m82N1Bmsvp7vwxDe92PAyutfgCbl8pgcIHV 1qC0S7hYT6jZs8briaWqXUcOJTXpgLZzrfYlrwTfpuUuxTNvNTewWc0vqcSGyt09f6W+kVF1eN0 lH4AlcRJKMEpn4uhjHoJs7KLNVt/Mxykzkq/VLUWsAURfECFWpnZwWllcP7hALozoIzFBJwq77Q GpAqnra1q1w== X-Google-Smtp-Source: AGHT+IH2R1QFDpJ7IptoJ8jPAKU/tn1nZ/FDrssLMBR+YD+UL7EcoRrRp+nWz6yXMBxXlwv1SSRk4A== X-Received: by 2002:a05:620a:c53:b0:7c5:9a6c:b7d3 with SMTP id af79cd13be357-7c79cc31d04mr606759985a.37.1744224821849; Wed, 09 Apr 2025 11:53:41 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id af79cd13be357-7c7a10a397fsm107455785a.7.2025.04.09.11.53.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:41 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 13/29] lsm: fold lsm_init_ordered() into security_init() Date: Wed, 9 Apr 2025 14:49:58 -0400 Message-ID: <20250409185019.238841-44-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=7193; i=paul@paul-moore.com; h=from:subject; bh=qzEYkjSSQT7SHN2iFHggJ9MMMBNBLcrzRuKDbw9m2Yk=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sG4q+YU4s8gjBcl3GN/lIHlWvocxD6euCzjT hCONllu/a+JAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBuAAKCRDqIPLalzeJ c3dlD/0chaUT7KCW3OldpGtsj631H9sbdm9c6Jl/Go6QPIDvEvIqS8JpyLn1KdSI7gHoRjtfeTP EbtFPoX5kAieLNO0Zcl+r8Hz4QcOrncDYuV/gWSkVwMwlVaNEaFP98c0Il8I5nBu5ftlkYstgRo xtSjjAa1yeKQaJyqtBL1mnuYrMoDPMkOXoLyhn1W/UnUZ/jAw7wvljRUDl1g1q+viIlbLOV/ONS zBdCYfTmoi+SCNcbJOiLKvXi5IR6SCRucZVPmKEiPbzW9SEnX48lUhRk9u+AKTYKhmivnmxAarr g+arbliy3WvMmrs0qFY7T6eHfIoD0dAfCgkXHGE4fMkaE56vgvpIlHfxL2RIADhzYoddJ0pxnNb /TMbY+rQ9s1SKgLtGOsuav2pI3VTX4axxToxrXxFE8CmNG6Ny3XkFkt6YKK8bU+BIX0AZh21dQW SgqW4FjT05GDBoWTn4VwZLo3CAWts1d5M5EEwlPMxLcGc5yrh5imMjPnUuB42l4am8ZfzTdIhmo 1gv00uK6F4BS5NYYw5nGQQh/eHHpneZ06pZZih9WTka3cm2YRp/szd8pyazOYVqqq190/5HxtI1 7QNz6a+BpWx7C5CkIDAnu6wQBc+g1HJm5jJTuyR+3i/R8O2B+jUwPTlfb7t8ko0I+/h6bfTIgGC oxUqkZPOnqiVklA== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore --- security/lsm_init.c | 156 ++++++++++++++++++++------------------------ 1 file changed, 72 insertions(+), 84 deletions(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index e07fd4d2a16a..55b3fa82db76 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -18,6 +18,9 @@ int lsm_enabled_false = 0; extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; +/* Number of "early" LSMs */ +static __initdata unsigned int lsm_count_early; + /* Build and boot-time LSM ordering. */ static __initconst const char *const lsm_order_builtin = CONFIG_LSM; static __initdata const char *lsm_order_cmdline; @@ -310,78 +313,6 @@ static void __init lsm_init_single(struct lsm_info *lsm) WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); } -/** - * lsm_init_ordered - Initialize the ordered LSMs - */ -static void __init lsm_init_ordered(void) -{ - struct lsm_info **lsm; - struct lsm_info *early; - - if (lsm_order_cmdline) { - if (lsm_order_legacy) { - pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", - lsm_order_legacy, lsm_order_cmdline); - lsm_order_legacy = NULL; - } - lsm_order_parse(lsm_order_cmdline, "cmdline"); - } else - lsm_order_parse(lsm_order_builtin, "builtin"); - - lsm_order_for_each(lsm) { - lsm_prep_single(*lsm); - } - - pr_info("initializing lsm="); - lsm_early_for_each_raw(early) { - if (lsm_is_enabled(early)) - pr_cont("%s%s", - early == __start_early_lsm_info ? "" : ",", - early->id->name); - } - lsm_order_for_each(lsm) { - if (lsm_is_enabled(*lsm)) - pr_cont("%s%s", - lsm == lsm_order ? "" : ",", (*lsm)->id->name); - } - pr_cont("\n"); - - init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); - init_debug("file blob size = %d\n", blob_sizes.lbs_file); - init_debug("ib blob size = %d\n", blob_sizes.lbs_ib); - init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); - init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); -#ifdef CONFIG_KEYS - init_debug("key blob size = %d\n", blob_sizes.lbs_key); -#endif /* CONFIG_KEYS */ - init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); - init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); - init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); - init_debug("perf event blob size = %d\n", blob_sizes.lbs_perf_event); - init_debug("task blob size = %d\n", blob_sizes.lbs_task); - init_debug("tun device blob size = %d\n", blob_sizes.lbs_tun_dev); - init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); - init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); - - if (blob_sizes.lbs_file) - lsm_file_cache = kmem_cache_create("lsm_file_cache", - blob_sizes.lbs_file, 0, - SLAB_PANIC, NULL); - if (blob_sizes.lbs_inode) - lsm_inode_cache = kmem_cache_create("lsm_inode_cache", - blob_sizes.lbs_inode, 0, - SLAB_PANIC, NULL); - - if (lsm_cred_alloc((struct cred *)current->cred, GFP_KERNEL)) - panic("%s: early cred alloc failed.\n", __func__); - if (lsm_task_alloc(current)) - panic("%s: early task alloc failed.\n", __func__); - - lsm_order_for_each(lsm) { - lsm_init_single(*lsm); - } -} - static void __init lsm_static_call_init(struct security_hook_list *hl) { struct lsm_static_call *scall = hl->scalls; @@ -429,35 +360,92 @@ int __init early_security_init(void) lsm_order_append(lsm, "early"); lsm_prep_single(lsm); lsm_init_single(lsm); + lsm_count_early++; } return 0; } /** - * security_init - initializes the security framework + * security_init - Initializes the LSM framework * * This should be called early in the kernel initialization sequence. */ int __init security_init(void) { - struct lsm_info *lsm; + unsigned int cnt; + struct lsm_info **lsm; + struct lsm_info *early; init_debug("legacy security=%s\n", lsm_order_legacy ? : " *unspecified*"); init_debug(" CONFIG_LSM=%s\n", lsm_order_builtin); init_debug("boot arg lsm=%s\n", lsm_order_cmdline ? : " *unspecified*"); - /* - * Append the names of the early LSM modules now that kmalloc() is - * available - */ - lsm_early_for_each_raw(lsm) { - init_debug(" early started: %s (%s)\n", lsm->id->name, - lsm_is_enabled(lsm) ? "enabled" : "disabled"); - } + if (lsm_order_cmdline) { + if (lsm_order_legacy) { + pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", + lsm_order_legacy, lsm_order_cmdline); + lsm_order_legacy = NULL; + } + lsm_order_parse(lsm_order_cmdline, "cmdline"); + } else + lsm_order_parse(lsm_order_builtin, "builtin"); - /* Load LSMs in specified order. */ - lsm_init_ordered(); + lsm_order_for_each(lsm) + lsm_prep_single(*lsm); + + pr_info("initializing lsm="); + lsm_early_for_each_raw(early) { + if (lsm_is_enabled(early)) + pr_cont("%s%s", + early == __start_early_lsm_info ? "" : ",", + early->id->name); + } + lsm_order_for_each(lsm) { + if (lsm_is_enabled(*lsm)) + pr_cont("%s%s", + lsm == lsm_order ? "" : ",", (*lsm)->id->name); + } + pr_cont("\n"); + + init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); + init_debug("file blob size = %d\n", blob_sizes.lbs_file); + init_debug("ib blob size = %d\n", blob_sizes.lbs_ib); + init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); + init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); +#ifdef CONFIG_KEYS + init_debug("key blob size = %d\n", blob_sizes.lbs_key); +#endif /* CONFIG_KEYS */ + init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); + init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); + init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); + init_debug("perf event blob size = %d\n", blob_sizes.lbs_perf_event); + init_debug("task blob size = %d\n", blob_sizes.lbs_task); + init_debug("tun device blob size = %d\n", blob_sizes.lbs_tun_dev); + init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); + init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); + + if (blob_sizes.lbs_file) + lsm_file_cache = kmem_cache_create("lsm_file_cache", + blob_sizes.lbs_file, 0, + SLAB_PANIC, NULL); + if (blob_sizes.lbs_inode) + lsm_inode_cache = kmem_cache_create("lsm_inode_cache", + blob_sizes.lbs_inode, 0, + SLAB_PANIC, NULL); + + if (lsm_cred_alloc((struct cred *)current->cred, GFP_KERNEL)) + panic("%s: early cred alloc failed.\n", __func__); + if (lsm_task_alloc(current)) + panic("%s: early task alloc failed.\n", __func__); + + cnt = 0; + lsm_order_for_each(lsm) { + /* skip the "early" LSMs as they have already been setup */ + if (cnt++ < lsm_count_early) + continue; + lsm_init_single(*lsm); + } return 0; } From patchwork Wed Apr 9 18:49:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045285 Received: from mail-qv1-f47.google.com (mail-qv1-f47.google.com [209.85.219.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C6FCD27C15F for ; Wed, 9 Apr 2025 18:53:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224825; cv=none; b=c1lItKfE2UQDhxM4XqJvrH1J4T0GMcgwrIyyPKdHOfWMdsK694KUbjJ9bIV3DIkR/aKTxDc/saYAVFcms8eOuITGuQ6rfMSPKlBl8838tJeYtM4FElle5ZDWqTZxTpoRCftsmRv61hqd2Aka4JEwxog8ujz4oBnOaqBYmO6+ME0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224825; c=relaxed/simple; bh=J8s0MQCX1rti68StIWFgrsqpocBfi5qZEsksUWpZxis=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lNsT7i2GxbHOlJ4tkYvpaRJT29lS+kMePzmtHUxFCiEQoQvb6q9gRVcj3TemVMSE3GSxQvoN2l6BGr8Y1/AC65vNU5c4KN46FSMjPkwa012XtMTm54VQ9dIf2DxZOvJDTgIKMaw1OQLOvXWudU7Vjlo/pP6m4ain832M6F533wk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=d4u5oiYb; arc=none smtp.client-ip=209.85.219.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="d4u5oiYb" Received: by mail-qv1-f47.google.com with SMTP id 6a1803df08f44-6f0c30a1cb6so23164626d6.2 for ; Wed, 09 Apr 2025 11:53:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224823; x=1744829623; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HeZKybOSs8+NFkJZkOorGpVfvMZ0pYJDZjai2pWJ8pA=; b=d4u5oiYb5SBvHvUMBDPwTcHp5dsXnnhQyvkK+mKqQc3tZvxKUjuit8ZydID7xmjsbj ka7vrQ5AuOBA3abOYtz9wjOFYXvpL3+AkWgQlhecSCFesxT4pTOfnOL4cINX8II8tFhx y8q/mpN3AWuv3yR/YfUz6X3ucZQ4vwiOcTzSF3lA6Y3FOb4X4KljlIdP5po9kqHVnnzl rwgP+lHc2AG3mzOPXw5z/WJRhhe/JwB8K4aBxbojClvqal4edvJ4ddFM3vE1Q6D/pRow YvMD3Uf/xwGbwA7OcNdMCJ6fHqQW2tpjmfgjG4wy2Ec2AFM0OSua9oZ7SGf3fLkkAgNA vjsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224823; x=1744829623; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HeZKybOSs8+NFkJZkOorGpVfvMZ0pYJDZjai2pWJ8pA=; b=T8V0w2oW6OCp5P7QrNC3+Q/xTe6nZd8pZRurzD5ndJyYNXHHSya6tXr1aCW8853u/c Y6OjVmu5keV67w2mmyIf000OrnM4e6YFEy1VjbaK5XZJfFoibuDVlftJyQJTULDDBC6O 2jy5uL2cWjPRZe+rkldivObdeyJmAqX37T63uk4IHqYc5SjymkRA0hwEItwZEyiwAQnl LtlGQS+vxkD9q1a+2GRcn+M6UbMjvfJFMCOUovweD986W2b0tORJghtb/gcQoHAt0Ogv ezvQUE5am975/+9bmzGtSL4X9qFXqgj8CdADYTcUNt2280oCKUEiisMi29uwsenzDBHa ZD5w== X-Forwarded-Encrypted: i=1; AJvYcCVzRRt1iRU9QXPmDqGMsqgZCRKrPkF/ptDpgiwbGjl1HQwwQR6Zoe1KyyEqBcxisw/F0jPzZ7eHftNA8xLCo2w=@vger.kernel.org X-Gm-Message-State: AOJu0YzGSXBUpBW+YChQ6wK8prdyEoIMLVlJXGxVEe82plN9MkzbToSC Nl83DK+2xqSgKmuWZm9d2JJyn3dyKmBNPps7Q+A6LWsGLKbIROk1gj9106Citw== X-Gm-Gg: ASbGncs64e63HZCEjlf3WnB9uXU9YLOZqGwvBEpoivsCR7sEdbuHbmQ0TZvYYEfr16H h1j01JaDA1D3CRAoKh7esgV8cgZ+ih5fKzRLI1Y6gkqumyv7aVmvHFcqePUJ09jCYyL79ZAurCc CVrIlCJ7DXlioV2zQkdcPQUJXGAqLtbMTu5vDJlJcbGPMyqdWhWPi4AMw4+fHJFAOKqJ4C78Hgu 4CUnCcUWY4s9iIgkyJIv2y/9fOeHyGGl+zht961lGWivP5ak8GXjoHfhYbkFJHBNi6J7iFZIpgA desmkSLFj6DZSBt6UdMByzWtjfx7cUiRD/n2DZNmTF1sJmvh6zB0qJ1d9uEJZorM5mTto4umNB2 wV6a/ghMrnw== X-Google-Smtp-Source: AGHT+IESHnGzNmRVVfPacCj/vkxRHpaeuMhAwSPmcfan8bf0MsKhilZAB1P0leX7AFd/wHfREf45Ng== X-Received: by 2002:a05:6214:500f:b0:6e8:fad6:7104 with SMTP id 6a1803df08f44-6f0e5bf7a6bmr258306d6.35.1744224822725; Wed, 09 Apr 2025 11:53:42 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de970d77sm10619256d6.28.2025.04.09.11.53.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:42 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 14/29] lsm: add missing function header comment blocks in lsm_init.c Date: Wed, 9 Apr 2025 14:49:59 -0400 Message-ID: <20250409185019.238841-45-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=903; i=paul@paul-moore.com; h=from:subject; bh=J8s0MQCX1rti68StIWFgrsqpocBfi5qZEsksUWpZxis=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sG+swr7AIcKgsrGNx3b01lMOqA9ckaYbHdkB tLPkjbIOgqJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBvgAKCRDqIPLalzeJ c4pOD/4iwZ5xEcGorjH8fqDkC59PW1O43qMZWH+uIU1ASOYZSRvLBdrI9VWc5pmswdaw+LgRNWj 3/4F65Osb4v+kK/qHueTrOgEJLjnhhiDANNtGTrgDRHCRSVSStyACKJCYnpJSgfFYLkGMWegURP CtsszZ/hlTxAI+kH2NYeV01p2H1w/bq2c8zq00xS127hDmPBNJ13L2ZWRF//pdUL2W+ixSAKeFB KThZCVFxS2/4sk6s+LBz6Z/D7D8MsQOPvw1bhVWnQP9Ro6jwKo/sYz7fOZnxraMY9yzgyczCVhE I+JkJ3WhDmD9MWdDPWZIZtRqT+AatuEATTHNaml/tvcEKw336cYdSYz/Yoz5e5StQD/C9rLyDAq YVvdXkJEbYN2zlFOJi7oc9STtDQjEzM5DFzIu8aZa7H5RoeRNfdAEiHr+iIZN25Enx5AWjGXEwu OkYLvDxCS4LyJQJ5sKMHN9g0yPlFaRezAdmxGOAjBKWxNaI5bbooB/Fjt9HAHXh2J84IHctuf6Z AjzQ3WnlfZH3xU7kvRhXhkE6ilZdaJQk/JlDTqWlJAaMigj9O84wJ9BU+6z2bgyLbfqWTAS8KnR dA4T+Ohu5ibbuaAgW18KQRbiQIZda+/B0gA8xQ0ooXUz1vyxM+y18jVW2pT7czR8AyHvrUWvc3S jE9TGSeQuAzCq7A== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore --- security/lsm_init.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/security/lsm_init.c b/security/lsm_init.c index 55b3fa82db76..04b1f5e760b1 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -313,6 +313,10 @@ static void __init lsm_init_single(struct lsm_info *lsm) WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); } +/** + * lsm_static_call_init - Initialize a LSM's static calls + * @hl: LSM hook list + */ static void __init lsm_static_call_init(struct security_hook_list *hl) { struct lsm_static_call *scall = hl->scalls; @@ -351,6 +355,9 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, } } +/** + * early_security_init - Initialize the early LSMs + */ int __init early_security_init(void) { struct lsm_info *lsm; From patchwork Wed Apr 9 18:50:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045287 Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com [209.85.160.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3192A27C171 for ; Wed, 9 Apr 2025 18:53:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224828; cv=none; b=JLmqPp4+iZkWxfxrE1qcmrc4tVMCaurqj9wfRnIKCezL5k85Yv4zYTD3B/bWG3iCOE28IdrQeyVKadcOX4lR9tc21QbRG33j52dlSwQ1J9Elt1CZ6X8ArlgNVsfEzzdnL1tvdZ/tiDb7rvSsAYJn60r6OcCxqrUmsV1cDYwAXCg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224828; c=relaxed/simple; bh=/zOcp6vW00K9OLTDKuRlnUWVeOMi2M8xMQFO5DBpqm8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dlGO6QbiSJgVum4RyJfLZUyZMsM5VobpFqgLf0oXbVDrdPmVQ3A+daytHbs+wibjbflo4MBEqqI6/C720mXvyYRrhS7RJOQ5HtaElOkk5rTgDgFb14PKUxmPijOvf5jfA3p0iO6BzzdY7Z0VJYeIh/uJz+rZDc2Texrj6mVYYkY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=FfFeFJlL; arc=none smtp.client-ip=209.85.160.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="FfFeFJlL" Received: by mail-qt1-f171.google.com with SMTP id d75a77b69052e-4774193fdffso101584221cf.1 for ; Wed, 09 Apr 2025 11:53:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224824; x=1744829624; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YVHQG1C6ddsrtK1xivLmHJGGL5ZFOJnUaGXlM9Lc7Wc=; b=FfFeFJlLiU9AJkjYWc8u17pG+xs3UGGwQ49pyOYEfHUV1rXctKsI+zVcGQTipIzBDQ cUxQZIva716V2FR5xjD9p2fSgCg9TeeTyflLrWFWWApIogU1zawiiMFx5F6EN+OonjV9 VePA11UeWwG2XqcjFVi3XJO2TOAV+HoHH6OVBMsQ5S/VwOF6nsf1fX+ohWUyLF7/4kbk zPR52QjuI51VbdmJNksW+AK2tpNWzWBrPaLDaZCB6nt4p8+urGcd4ps+bEozplqgulQg w2yO6dIIeu+k2dUT3o7NXGiWLvSEIVzWHJPYAMoKrezeEx0ZCmYlhbQsb/tmpkGwPpH4 DV4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224824; x=1744829624; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YVHQG1C6ddsrtK1xivLmHJGGL5ZFOJnUaGXlM9Lc7Wc=; b=k+tfrCRrcSzz/PWzIkL9Mwy0VcOSB2sFtwe1Hk96J+bkXsdW06BVzNA/mfaEHsTn9O 8QOJjalJfIWr2WDalLney7hp76UiDLSwQNFwgl/Fc1kkf+OzhsvE4+K2eFv+kG1p0klM 5PSBdXfw6ercAj7sUVIfTyeB0EMtkUVeGIebZQ42QcISR+Ai+2UCnFPj+ej1vN1JwLbg 2CQkhAfbuwCU33xPHEPJSZfK9rL1FMM1qZsXiObVQfXxnkNpJ0nJDSBQ6vDGgc/2aUGz aDcCm1GwOH4yQoo9cwy075Zw1ndFzlyS0BA0BDmZNWCkxH0L036VGIPvR+2mYoYsqhna fLyw== X-Forwarded-Encrypted: i=1; AJvYcCWcadWPGjq+D/xgyvUph7h9hcADQdekdGwNGF/ZjiO9hwiCfdon39wnF6NdGDatC11BVlJnIaq2u1XyPNOvFMg=@vger.kernel.org X-Gm-Message-State: AOJu0Yy0CdupKxdxqd8aLg3JrUwdaiABs8mwX+JMhi83wcYhm/yequgI 4qIFvnY/Eb1aIWIvvjAirO0u00SoUbY9Yz9mpA6K+pI7S8Dt0+mOlgJDWRGA2Q== X-Gm-Gg: ASbGncupPfAnWF8sE+RnAluLr9Rt1I4OLQURGem4GRIKEmg5jmCHBmIYGy1Tp0Hk7vr 1nBjAJvgi9OP7AmIqWl81GY9V3/hpIYFgD5VKjKgbG+7B6zntzV9BOvAoyrjg26zMewRCEsrKOy AkhQ9oeUK2QnuaVzrVOvEFqZ0a0tg8raNYitIVplLez8Wq+n+52klopzUEgS9bwf9JMJOGHbDjS jc99OOGUAap2sCkltM8SM0auFlecR5yHKtYbHWcej9pQKeiYfcq8HAZ7+Tf9obsGppyF/bB6C9Q ZAsw2JBdObhZG7afdaG6+dGhMlDvfhRBx4HNB6B0PrunpU+Ej3V1fdunuX5px2aG6062sUbFvV4 5IoHDYbYVY5hHuxwA/VyW X-Google-Smtp-Source: AGHT+IHq2RugIX4WFOD7M6JwKXBKHkVCFAeiVCQHqswlFJhgNBEKGqnTf6VvFQlUt2Jo/O4eoCMF0w== X-Received: by 2002:ac8:7d4c:0:b0:476:8cad:72d7 with SMTP id d75a77b69052e-4796007888bmr42523341cf.8.1744224823860; Wed, 09 Apr 2025 11:53:43 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964de143csm10415171cf.35.2025.04.09.11.53.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:43 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 15/29] lsm: cleanup the debug and console output in lsm_init.c Date: Wed, 9 Apr 2025 14:50:00 -0400 Message-ID: <20250409185019.238841-46-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=9645; i=paul@paul-moore.com; h=from:subject; bh=/zOcp6vW00K9OLTDKuRlnUWVeOMi2M8xMQFO5DBpqm8=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHExz7JhVCfgvu+Ih/5YNSFjFh8turGzhYHF qPOgqUXmcuJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBxAAKCRDqIPLalzeJ c4gfD/44avckg6JgGRlufNqqKjPFYqQ1kAscZQ08oevz+Z2QV6EfhD8RdjLgz71HRj7r31sytFz D2BrZotzxu/t6dVDbV7pboHsw8y2CV1JTEmgpAba4Xejv9vdFUrWJP5mpX+d75BsQIb1WZ9GbB2 cOkPqr4lTsKVP0bkDxwBnYLVlKlDOK7HThO+OjlstNdf5frannP8yF6tkGUr0D7KXtuO51KBO/y E7ZFLtL8nImTOQKT9vlI1dEmsjcUx0Zd/PplD2gCJO2LW6Fq+DJwdQTlpFWH8NucVHY1uytIBUz 1Pbu75lCfsuOmCSnnR2BkJng+qLMXJmzbgmc/6wB+pj6sPJIzx6y6ut8d/lc83B2g42s4tPKClx PWSTtDbKIn4X2EI0HSSXLcisO3TasfXYTCSRkinq+bsPJuSK4HDBqHNPRZDDZMb8aeTzhZxUSu6 ZCvy7lvYr2wEFRsWQMTlUQMpj8uZ2zoFX7ztheA4SaRbKtJWNXBumXYaKWaFvwaqSgiP92iX+nk 7S8R7ex8kxm9CR9UW8MxTcyXN5OMTmdKuVhyiLIrCd6gnLscDHWuA0jCll3fzS7e/OBpxUMKV6P sQmgZfjodrRpD2TMQ/4MZjMrCMDfODyLE/tqapZjnkzbp2kKhUqBHD1cJP+uWYvMznAgNd8McDO x6HFMQ7otkFEBFw== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A One part of a larger effort to cleanup the LSM framework initialization code. Signed-off-by: Paul Moore --- security/lsm.h | 11 ++++ security/lsm_init.c | 121 +++++++++++++++++++------------------------- security/security.c | 2 + 3 files changed, 66 insertions(+), 68 deletions(-) diff --git a/security/lsm.h b/security/lsm.h index af343072199d..8ecb66896646 100644 --- a/security/lsm.h +++ b/security/lsm.h @@ -6,9 +6,20 @@ #ifndef _LSM_H_ #define _LSM_H_ +#include #include #include +/* LSM debugging */ +extern bool lsm_debug; +#define lsm_pr(...) pr_info(__VA_ARGS__) +#define lsm_pr_cont(...) pr_cont(__VA_ARGS__) +#define lsm_pr_dbg(...) \ + do { \ + if (lsm_debug) \ + pr_info(__VA_ARGS__); \ + } while (0) + /* List of configured LSMs */ extern unsigned int lsm_count; extern const struct lsm_id *lsm_idlist[]; diff --git a/security/lsm_init.c b/security/lsm_init.c index 04b1f5e760b1..aba1253ffc4c 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -30,13 +30,6 @@ static __initdata const char *lsm_order_legacy; static __initdata struct lsm_info *lsm_exclusive; static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; -static __initdata bool debug; -#define init_debug(...) \ - do { \ - if (debug) \ - pr_info(__VA_ARGS__); \ - } while (0) - #define lsm_order_for_each(iter) \ for ((iter) = lsm_order; *(iter); (iter)++) #define lsm_for_each_raw(iter) \ @@ -77,7 +70,7 @@ __setup("lsm=", lsm_choose_lsm); */ static int __init lsm_debug_enable(char *str) { - debug = true; + lsm_debug = true; return 1; } __setup("lsm.debug", lsm_debug_enable); @@ -145,22 +138,28 @@ static void __init lsm_order_append(struct lsm_info *lsm, const char *src) return; /* Skip explicitly disabled LSMs. */ - if (lsm->enabled && !lsm_is_enabled(lsm)) - goto out; + if (lsm->enabled && !lsm_is_enabled(lsm)) { + lsm_pr_dbg("skip previously disabled LSM %s:%s\n", + src, lsm->id->name); + return; + } - if (WARN(lsm_count == MAX_LSM_COUNT, - "%s: out of LSM static calls!?\n", src)) { + if (lsm_count == MAX_LSM_COUNT) { + pr_warn("exceeded maximum LSM count on %s:%s\n", + src, lsm->id->name); lsm_enabled_set(lsm, false); - goto out; + return; } if (lsm->flags & LSM_FLAG_EXCLUSIVE) { if (lsm_exclusive) { - init_debug("exclusive disabled: %s\n", lsm->id->name); + lsm_pr_dbg("skip exclusive LSM conflict %s:%s\n", + src, lsm->id->name); lsm_enabled_set(lsm, false); - goto out; + return; } else { - init_debug("exclusive chosen: %s\n", lsm->id->name); + lsm_pr_dbg("select exclusive LSM %s:%s\n", + src, lsm->id->name); lsm_exclusive = lsm; } } @@ -169,9 +168,7 @@ static void __init lsm_order_append(struct lsm_info *lsm, const char *src) lsm_order[lsm_count] = lsm; lsm_idlist[lsm_count++] = lsm->id; -out: - init_debug("%s ordered: %s (%s)\n", src, lsm->id->name, - lsm_is_enabled(lsm) ? "enabled" : "disabled"); + lsm_pr_dbg("enabling LSM %s:%s\n", src, lsm->id->name); } /** @@ -196,8 +193,8 @@ static void __init lsm_order_parse(const char *list, const char *src) if ((lsm->flags & LSM_FLAG_LEGACY_MAJOR) && strcmp(lsm->id->name, lsm_order_legacy)) { lsm_enabled_set(lsm, false); - init_debug("security=%s disabled: %s (only one legacy major LSM)\n", - lsm_order_legacy, lsm->id->name); + lsm_pr_dbg("skip legacy LSM conflict %s:%s\n", + src, lsm->id->name); } } } @@ -240,8 +237,7 @@ static void __init lsm_order_parse(const char *list, const char *src) if (lsm_order_exists(lsm)) continue; lsm_enabled_set(lsm, false); - init_debug("%s skipped: %s (not in requested order)\n", - src, lsm->id->name); + lsm_pr_dbg("skip disabled LSM %s:%s\n", src, lsm->id->name); } } @@ -308,16 +304,18 @@ static void __init lsm_init_single(struct lsm_info *lsm) if (!lsm_is_enabled(lsm)) return; - init_debug("initializing %s\n", lsm->id->name); + lsm_pr_dbg("initialize LSM %s\n", lsm->id->name); ret = lsm->init(); - WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); + if (ret) + pr_warn("failed to initialize LSM %s with errno %d\n", + lsm->id->name, ret); } /** * lsm_static_call_init - Initialize a LSM's static calls * @hl: LSM hook list */ -static void __init lsm_static_call_init(struct security_hook_list *hl) +static int __init lsm_static_call_init(struct security_hook_list *hl) { struct lsm_static_call *scall = hl->scalls; int i; @@ -329,11 +327,12 @@ static void __init lsm_static_call_init(struct security_hook_list *hl) hl->hook.lsm_func_addr); scall->hl = hl; static_branch_enable(scall->active); - return; + return 0; } scall++; } - panic("%s - Ran out of static slots.\n", __func__); + + return -ENOSPC; } /** @@ -351,7 +350,9 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; - lsm_static_call_init(&hooks[i]); + if (lsm_static_call_init(&hooks[i])) + panic("exhausted LSM callback slots with LSM %s\n", + lsmid->name); } } @@ -382,18 +383,16 @@ int __init security_init(void) { unsigned int cnt; struct lsm_info **lsm; - struct lsm_info *early; - init_debug("legacy security=%s\n", lsm_order_legacy ? : " *unspecified*"); - init_debug(" CONFIG_LSM=%s\n", lsm_order_builtin); - init_debug("boot arg lsm=%s\n", lsm_order_cmdline ? : " *unspecified*"); + if (lsm_debug) { + lsm_pr("built-in LSM list: %s\n", lsm_order_builtin); + lsm_pr("legacy LSM parameter: %s\n", lsm_order_legacy); + lsm_pr("boot LSM parameter: %s\n", lsm_order_cmdline); + } if (lsm_order_cmdline) { - if (lsm_order_legacy) { - pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", - lsm_order_legacy, lsm_order_cmdline); + if (lsm_order_legacy) lsm_order_legacy = NULL; - } lsm_order_parse(lsm_order_cmdline, "cmdline"); } else lsm_order_parse(lsm_order_builtin, "builtin"); @@ -401,36 +400,22 @@ int __init security_init(void) lsm_order_for_each(lsm) lsm_prep_single(*lsm); - pr_info("initializing lsm="); - lsm_early_for_each_raw(early) { - if (lsm_is_enabled(early)) - pr_cont("%s%s", - early == __start_early_lsm_info ? "" : ",", - early->id->name); + if (lsm_debug) { + lsm_pr("blob(cred) size %d\n", blob_sizes.lbs_cred); + lsm_pr("blob(file) size %d\n", blob_sizes.lbs_file); + lsm_pr("blob(ib) size %d\n", blob_sizes.lbs_ib); + lsm_pr("blob(inode) size %d\n", blob_sizes.lbs_inode); + lsm_pr("blob(ipc) size %d\n", blob_sizes.lbs_ipc); + lsm_pr("blob(key) size %d\n", blob_sizes.lbs_key); + lsm_pr("blob(msg_msg)_size %d\n", blob_sizes.lbs_msg_msg); + lsm_pr("blob(sock) size %d\n", blob_sizes.lbs_sock); + lsm_pr("blob(superblock) size %d\n", blob_sizes.lbs_superblock); + lsm_pr("blob(perf_event) size %d\n", blob_sizes.lbs_perf_event); + lsm_pr("blob(task) size %d\n", blob_sizes.lbs_task); + lsm_pr("blob(tun_dev) size %d\n", blob_sizes.lbs_tun_dev); + lsm_pr("blob(xattr) count %d\n", blob_sizes.lbs_xattr_count); + lsm_pr("blob(bdev) size %d\n", blob_sizes.lbs_bdev); } - lsm_order_for_each(lsm) { - if (lsm_is_enabled(*lsm)) - pr_cont("%s%s", - lsm == lsm_order ? "" : ",", (*lsm)->id->name); - } - pr_cont("\n"); - - init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); - init_debug("file blob size = %d\n", blob_sizes.lbs_file); - init_debug("ib blob size = %d\n", blob_sizes.lbs_ib); - init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); - init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); -#ifdef CONFIG_KEYS - init_debug("key blob size = %d\n", blob_sizes.lbs_key); -#endif /* CONFIG_KEYS */ - init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); - init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); - init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); - init_debug("perf event blob size = %d\n", blob_sizes.lbs_perf_event); - init_debug("task blob size = %d\n", blob_sizes.lbs_task); - init_debug("tun device blob size = %d\n", blob_sizes.lbs_tun_dev); - init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); - init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); if (blob_sizes.lbs_file) lsm_file_cache = kmem_cache_create("lsm_file_cache", @@ -442,9 +427,9 @@ int __init security_init(void) SLAB_PANIC, NULL); if (lsm_cred_alloc((struct cred *)current->cred, GFP_KERNEL)) - panic("%s: early cred alloc failed.\n", __func__); + panic("early LSM cred alloc failed\n"); if (lsm_task_alloc(current)) - panic("%s: early task alloc failed.\n", __func__); + panic("early LSM task alloc failed\n"); cnt = 0; lsm_order_for_each(lsm) { diff --git a/security/security.c b/security/security.c index a3e8dd640b39..cbd544d71093 100644 --- a/security/security.c +++ b/security/security.c @@ -73,6 +73,8 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = { [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; +bool lsm_debug __ro_after_init; + unsigned int lsm_count __ro_after_init; const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; From patchwork Wed Apr 9 18:50:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045286 Received: from mail-qv1-f43.google.com (mail-qv1-f43.google.com [209.85.219.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F206827C154 for ; Wed, 9 Apr 2025 18:53:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.43 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224827; cv=none; b=jyuI/13agQGdzGm23o5McjeXCDmqmSG3E36vynxbwJqDHK8rmEbfiDlclDukig7c5qibLl3RJNFt6DDIntQnJMp5u+iIabm0E5Zy8LTm3huKiYwLrGCsjFk3L92dOULzXXBJmhD4aaCeT0RFjm0N8F3/VZg1xyCywM9dx0/4sio= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224827; c=relaxed/simple; bh=m5SDi/Ws99YGf4fQxXOcnXDyD5cqe3LLHIxu36oK/q8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bVR/V4RRqb7Hqbp8Icbi7085scgiaR7JqrjD2P5+QDQAidpQHCh8g3eZtHg3aZ+06WZvRFbkusQYxO+xa2z6sYsUS8t0iT7vaUotOO6FRVT42sBrXRkQ1GzzU2lfP1oixFmOBjv8f5+g+lAyIbxTRTZMpZvT/xw1T5PtXuXM0kQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=Y8IJAB+D; arc=none smtp.client-ip=209.85.219.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="Y8IJAB+D" Received: by mail-qv1-f43.google.com with SMTP id 6a1803df08f44-6e8f8657f29so58504056d6.3 for ; Wed, 09 Apr 2025 11:53:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224825; x=1744829625; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3LwGa6v7K37aPAxJoM9V/ORkpt6P9aeqeyafgjS7XL0=; b=Y8IJAB+DJZ7BbDLN9TdbqpfWx1mdqevwHgaRphZ12fi004z5LiCVzGuWcgPDJfmMcc P6uF8la97ulU+xU6k16KSXX2Qdp+uvElfQjn5Zvy61bor5pCEkmVo6Bn3auMuSPoxU3z 9dE+WAEkYV5eUDOK1e3eE9ljdGQaZG5ZFcVrZI1tzC433P8Bik2ACxIIVbijLAwP+x9t zkNDM8Y+WYjvqkPBaOVvp+x2ooJTgvSpyOXDGFU3kY4GxCK1lL3hsf+VPy5XgOWOxgEs cOJJCUC1TaMioI0Dh3oRzHIWza6noFdXrtb+I4/P7VoBKpdCKrhf6qtKDz3pxt9Uwz19 OPLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224825; x=1744829625; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3LwGa6v7K37aPAxJoM9V/ORkpt6P9aeqeyafgjS7XL0=; b=hl7saz+k/GGQsPxj0w/J18gC1fL7S6vv5LjzHEe5j21oCrV1FzMpbQSB+jBdYnwdx2 r2hkud/55R7uZqyRcsLwIomLgCleLv0hsOU6UrT2S7iJR5cZ5i+ABNNudroRpwpFKDGg uFABrKIvFhXJO+j6CCjEroFgPgS+olsoVHYyP0Vngp1hmRwan6ioZbXjf+gZkfS9LLBK 2+6xx/OCGtseQVNQA26YTkAEnC0W6q9USFkPEzEYr5mYuEDEIxhuxfThWBvVgQwsKQJ4 Yk+wCHUy8P6ZbZLsM0SGPwiIx+OVGAI4ADnCFSVh1EJ7qyz2lbp08bF1ZAOb8VAQmDLw XeLQ== X-Forwarded-Encrypted: i=1; AJvYcCWwBm0k8kTejprUFakLGFXuiCsr5J63PqrHkPZ6+7gx8XgRBUeOtufLPz9aApg7c9qiEqWfhRxEmDGRHwzl07k=@vger.kernel.org X-Gm-Message-State: AOJu0YxjgxQmuk/F9OezeqgEf2yefDhFjg1M2g+S7yvjD6iLoy3IwaNE FtzlTKUa2wwZaZTyle0snePLMMjlu/Tm4rWG3PyQVseInmHodcO2/l7lKcRm0Q== X-Gm-Gg: ASbGncu1rtwMLB0TfkZGWkwwdDVrZsMthkFOZ9gNy1Y8TKOIS4bgKNXqvyx04Wb2z42 k0s52pFG/mRA5SUrbHGazziXJSJMD8LXr4EaD5JOpZSrsvG1qBxfmgQAwO91FXQPNsd7pxGj2LJ 9gm6cAVzN/HiEh1hWTwFb94wl5SVgyvyA/5PLWMiTKOjPULh4pv/bMdM4KtLEQwsciOpQl/aKF6 Ho1FxbMfMpwm7rto6ptbrVsnhwuHVMrpFHKUXAA5WWN/a8uQ6NNYgyfSIG1dlze4aCmSxyvH90W 7s3fB6MPXePr15BaWbw9UNLfjA9yX8xwXXYmpi3qXvi2iaRqAqi/lz924Z2K+zQnUxgrz74qC/W EvzcEnoZomQ== X-Google-Smtp-Source: AGHT+IGgaqmfp5XWsFxY1xA/2lqF9f3q6zJGWlTf8/5spXPhIo85zJjIag/SaVzmO3byEJrZK8qH/w== X-Received: by 2002:a0c:e5c7:0:b0:6e8:f6d2:e074 with SMTP id 6a1803df08f44-6f0e5bf4d63mr515436d6.28.1744224824755; Wed, 09 Apr 2025 11:53:44 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de95f6f5sm10546076d6.7.2025.04.09.11.53.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:44 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 16/29] lsm: output available LSMs when debugging Date: Wed, 9 Apr 2025 14:50:01 -0400 Message-ID: <20250409185019.238841-47-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1491; i=paul@paul-moore.com; h=from:subject; bh=m5SDi/Ws99YGf4fQxXOcnXDyD5cqe3LLHIxu36oK/q8=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHKChmrczEfCENzDC+pQCGE4BSux72u/rOKi LyDwGDcHkWJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bBygAKCRDqIPLalzeJ c0liEACBjtJdV3P9wJwmBVYcpndOIjNNDeoEg5cXOjcXj0zt8UxLXmlzgtSgeqlgViWqhXcJ3/Z gzv8bkkMpYHWMdcKjcgwm4l2g+SYC/54zYW0GbDX+8hYi7vVafzMm0urmzVezfWXf2bWI2kAf0G Vth24pdK4ECfiZbv9ahaQ92l43GP4OeCcTaj8aPJnela4idSxxGqwPLxkKFcsBisW1cxXoXw6/e 9ngPRZjdSheh9EVe+r+yX1xIoCxsfYNylqFvCokCGiq5i2kv/z2QnymzmQdgEPFX2nvPQX4casB skGrc/GdFHexG3OzeqFxqC261T1s2V0H2htV7p1jjYmhNC/Z+cbzjAYzEeTsMEMqcGrYka897lA JfM1K91gFmHdOFixHHdccoGxuc5uaHbJh49SIvfb/lf1StSAQy594dBQOBeZBzqXS4YdV2zfbV3 DUZvBdWDEZbGLKnIGrmvpIXIyzj7+Cd2M+ipufGklHhQJmR/YKM63TzuNA5zCnjgFN30fYbWL/s UKeNtnrVY5cr3Ma1KSnQAVQ3I/v+TQp0Lr6Pp2fH7XjWiXrzlidJWE3BclbBTAWSr9nbYyLxw2Y UFklhUZDe2pkSPWp3bXINAbLuIy8G/zOTDWQEUg1UMiq63moES3c1IDeLttNOMSrQPTgn89CBEB dsPntWBtJ2AJUng== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A This will display all of the LSMs built into the kernel, regardless of if they are enabled or not. Signed-off-by: Paul Moore --- security/lsm_init.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/security/lsm_init.c b/security/lsm_init.c index aba1253ffc4c..8e00afeb84cf 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -363,6 +363,8 @@ int __init early_security_init(void) { struct lsm_info *lsm; + /* NOTE: lsm_pr_dbg() doesn't work here as lsm_debug is not yet set */ + lsm_early_for_each_raw(lsm) { lsm_enabled_set(lsm, true); lsm_order_append(lsm, "early"); @@ -385,9 +387,24 @@ int __init security_init(void) struct lsm_info **lsm; if (lsm_debug) { - lsm_pr("built-in LSM list: %s\n", lsm_order_builtin); + struct lsm_info *i; + + cnt = 0; + lsm_pr("available LSMs: "); + lsm_early_for_each_raw(i) + lsm_pr_cont("%s%s(E)", (cnt++ ? "," : ""), i->id->name); + lsm_for_each_raw(i) + lsm_pr_cont("%s%s", (cnt++ ? "," : ""), i->id->name); + lsm_pr_cont("\n"); + + lsm_pr("built-in LSM config: %s\n", lsm_order_builtin); + lsm_pr("legacy LSM parameter: %s\n", lsm_order_legacy); lsm_pr("boot LSM parameter: %s\n", lsm_order_cmdline); + + /* see the note about lsm_pr_dbg() in early_security_init() */ + lsm_early_for_each_raw(i) + lsm_pr("enabled LSM early:%s\n", i->id->name); } if (lsm_order_cmdline) { From patchwork Wed Apr 9 18:50:02 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045288 Received: from mail-qk1-f169.google.com (mail-qk1-f169.google.com [209.85.222.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F3C0627C175 for ; Wed, 9 Apr 2025 18:53:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224828; cv=none; b=AEP13Y7pFWavYh7BDw5kfKG+GLwbs75j7iqmojTU97dS7vkxiCuS+hZr4u0xjQ6ZZQ8F0B05/iobuiU9z4aUxO0/sOTYsnEBW6UVfw0SHSJcOsJMcSZiueL6UwScag7vPFQFbavrVDUWVLXiTMOj9QiPEvyWL/ii7HsryOrIsRM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224828; c=relaxed/simple; bh=XtVvlYRWblGkknMxfv+0u+Iq02pAOnDokKRM2FiShT4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fH+OO7gov27lPAWbgTJ80K65Ut722Siis5kXlKm/6yWxIQOOTII9zno0wFTCmRVbhTxoUWBvd3Wg5KyuI0eLD8f75gllBWTBy+MpQT8HNE8l9mx1LX/2VpqduKqeyN9ozzEFZpKy700LtSxAax9xOkH2lWAY84GQtnC85Hpt9tA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=bABg+TkN; arc=none smtp.client-ip=209.85.222.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="bABg+TkN" Received: by mail-qk1-f169.google.com with SMTP id af79cd13be357-7c58974ed57so1038285a.2 for ; Wed, 09 Apr 2025 11:53:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224826; x=1744829626; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WiYgLl5uDhdQl6bgeaSF1pb+X4c4kmb/z637fZ12vBc=; b=bABg+TkNnbtkLFqk/dxIoxhs+A8RzY61I7acLGLIGV2vTiDgDkEwSKB82Y1OCnpcrV T/HCrjTjCW/78k7lAmaxTsA6l4btWW6uKrMA0L9abEClFw+oVf3/ZvKeN2EQGyq7e9EL vK6/HVTe9/mgmXEnmeF6h+MpJNPetWpGJeLrN/7BbAbm7J6wgbcU6sclrmFeetwkp24d AEvMRTrO5Bc3zgAmU2pEhnV8JXthA55hAwfKVbGwuWe9mDFyQ3AfpmIWmpQhDU1M/Lwv RSCvrIxhHZsA4Py5AW35Q+FgnQ+WHJp/RoeNNac97J6i9RoVrVprTCSq1NxU/z9AXrZx X6Uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224826; x=1744829626; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WiYgLl5uDhdQl6bgeaSF1pb+X4c4kmb/z637fZ12vBc=; b=FxKhcCCN36Kuyx85xX8TKri9OdreWJq0LG9vYAdoqTNmG9NnkCO1TerXjbF6TqNlwH sH2EeLELH7yZ3EOeEGzQP67QzRs7hoqTAjgTdGb1+2TGEGxnDT3cmOVy3LXVXrQTUWNK 3tPPJQNe2ofzT/OlB/jRC85tdx1UIoszMsRVJwB8jjC7H/ACv1kbwvv7aL9piEcWDFxW 6cdYaPNLzdUL8UWj21yy+oYkcwyON5KsZ9fnHbqstvrS0ed0sicMiS292FxQ5loZ1Mi1 XA6h/kpzS+4pf5YBu3DCLx9DZuHdXFmhdhetPbAeMVYucsgaOZfSLw8rqPyj3oI/KRCo EWqw== X-Forwarded-Encrypted: i=1; AJvYcCXqQEzhm9cgVO8exbG3MtVkqkDvpacCn+TGHzLLFNf2epsO+XpzJI4WzSe0iFWTS32EXbiPlaDHz83JAm2ungg=@vger.kernel.org X-Gm-Message-State: AOJu0YzNo/SYpIarbxZRBz5TyLEDpF8EyPqQ7hkA927JBkbgS/BjBnWZ EP//FcdAfltJsQ+9cng1MT94jY50anh5P0hpnNDsIMwkbWbnhGj1D5CwfMpd6w== X-Gm-Gg: ASbGncsNXfNaDVNrgtkbWs4lErmrloDB8BfHOuEtgYrISrocwn5ezNEc5X4O0fnCsFd pCdeXLCGmFdX+2BCqgbe9PEBBG36mwBhTYTO5c+A1mWqicy0sNpewNxA90q5qj2DksTnqgC58MT t3A8C4nIIPrf75TWNDWBqvfGHhY5YNYtplztyfF9jsGJ666+ZePhfUbmnPD8rU6HgWil5DxDcfo yk1Bo8GBI0R6hNWcyzN+xcQaYn+TRuOfFFIEwEXyQj+QtK0hkCwIssvC6Rb+2oIBlmgf5qcKHes wdjgshCzktI17h1LPZi1gGf0Vo/MEH+vehTZAdkYA4ndXjMRVT2J1I0JyH4vwQzsB0aGEXTrBqR 7A4Wa1kli4Q== X-Google-Smtp-Source: AGHT+IEstbFu3PL/cbUHeUSev6rcgIuGMR1geIV1sucvr8fjrY/zJYpai452XgMdp2eTPzdTSZOr1A== X-Received: by 2002:a05:620a:2484:b0:7c5:562d:cd02 with SMTP id af79cd13be357-7c79cc356b7mr584073585a.41.1744224825767; Wed, 09 Apr 2025 11:53:45 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id af79cd13be357-7c7a11c9ffesm106634785a.72.2025.04.09.11.53.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:45 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 17/29] lsm: introduce an initcall mechanism into the LSM framework Date: Wed, 9 Apr 2025 14:50:02 -0400 Message-ID: <20250409185019.238841-48-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5184; i=paul@paul-moore.com; h=from:subject; bh=XtVvlYRWblGkknMxfv+0u+Iq02pAOnDokKRM2FiShT4=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHQ+Moqr3n7R64wGhRt/UGOmMdC+5MJlDSx8 8OmCZZcNTGJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB0AAKCRDqIPLalzeJ c57FEADj5jUlkFCqXxTiPtSD4o6Qnmx1TwCb2o+mS3u5Tw4nSO9+R66f8yIppWkiMoK8qOI2EC+ v9x+Al/BrRTYnoM5RD5p5/DhfZ6DGx6/s9r6FtRgXOtSIpPXW2aEJQsnHzDdSwQkZoBugDkn4LE 2BPU9w4MKU5TFTUBOE+kSaMEpeCawtM4TLol2DD1Ct/R849T7B50zDgcvPaUhp3vDxIjZAvljWB 7CwHYdsHOhTU+RIi1/jG4/w4wmnAgeo+19dKNdu7rTa6yqjGOeXMkCPMalmIq7Ut0huuf7T15bP hmFEsnJq9OmgQLnyKiR1f868pY5dWxxiQ/PrORnHiuFZKtfeeCkEyh60ZXKOTD/Iq0tOxvb/wG/ XOQibSEEj1vUhlWYCft/D5KePpupRp8lzzKvk1zsK73pgTq56Qzij/k1YwDy/sEHkypZ9YXuWkV YftgErcpYMyLp64Bix/Qp22PcvgkjRrOLwhAteQHnMSuMxfoiNuODr3/IYAvcqu6i1QvSgB8jw0 qRkXG+iidTfUBTUQDuPtnbURcBfudtL5ERl/FDpGxvf69W0a5EIz78G2XQ6b4HgoaeDDtNlOBsH m9hFdNHzfURLvUfYxkEl7JJevreUDiIzZ0e0dPOcVcWjqOa1UbvXXJv3KS/o4kq4CuhcfQd1KFS 3GLCrcrpeqgqzCA== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Currently the individual LSMs register their own initcalls, and while this should be harmless, it can be wasteful in the case where a LSM is disabled at boot as the initcall will still be executed. This patch introduces support for managing the initcalls in the LSM framework, and future patches will convert the existing LSMs over to this new mechanism. Only initcall types which are used by the current in-tree LSMs are supported, additional initcall types can easily be added in the future if needed. Signed-off-by: Paul Moore Reviewed-by: Kees Cook --- include/linux/lsm_hooks.h | 33 ++++++++++++--- security/lsm_init.c | 89 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 117 insertions(+), 5 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index a7ecb0791a0f..0d2c2a017ffc 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -148,13 +148,36 @@ enum lsm_order { LSM_ORDER_LAST = 1, /* This is only for integrity. */ }; +/** + * struct lsm_info - Define an individual LSM for the LSM framework. + * @id: LSM name/ID info + * @order: ordering with respect to other LSMs, optional + * @flags: descriptive flags, optional + * @blobs: LSM blob sharing, optional + * @enabled: controlled by CONFIG_LSM, optional + * @init: LSM specific initialization routine + * @initcall_pure: LSM callback for initcall_pure() setup, optional + * @initcall_early: LSM callback for early_initcall setup, optional + * @initcall_core: LSM callback for core_initcall() setup, optional + * @initcall_subsys: LSM callback for subsys_initcall() setup, optional + * @initcall_fs: LSM callback for fs_initcall setup, optional + * @nitcall_device: LSM callback for device_initcall() setup, optional + * @initcall_late: LSM callback for late_initcall() setup, optional + */ struct lsm_info { const struct lsm_id *id; - enum lsm_order order; /* Optional: default is LSM_ORDER_MUTABLE */ - unsigned long flags; /* Optional: flags describing LSM */ - int *enabled; /* Optional: controlled by CONFIG_LSM */ - int (*init)(void); /* Required. */ - struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */ + enum lsm_order order; + unsigned long flags; + struct lsm_blob_sizes *blobs; + int *enabled; + int (*init)(void); + int (*initcall_pure)(void); + int (*initcall_early)(void); + int (*initcall_core)(void); + int (*initcall_subsys)(void); + int (*initcall_fs)(void); + int (*initcall_device)(void); + int (*initcall_late)(void); }; #define DEFINE_LSM(lsm) \ diff --git a/security/lsm_init.c b/security/lsm_init.c index 8e00afeb84cf..75eb0cc82869 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -39,6 +39,27 @@ static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; for ((iter) = __start_early_lsm_info; \ (iter) < __end_early_lsm_info; (iter)++) +#define lsm_initcall(level) \ + ({ \ + int _r, _rc = 0; \ + struct lsm_info **_lp, *_l; \ + lsm_order_for_each(_lp) { \ + _l = *_lp; \ + if (!_l->initcall_##level) \ + continue; \ + lsm_pr_dbg("running %s %s initcall", \ + _l->id->name, #level); \ + _r = _l->initcall_##level(); \ + if (_r) { \ + pr_warn("failed LSM %s %s initcall with errno %d\n", \ + _l->id->name, #level, _r); \ + if (!_rc) \ + _rc = _r; \ + } \ + } \ + _rc; \ + }) + /** * lsm_choose_security - Legacy "major" LSM selection * @str: kernel command line parameter @@ -458,3 +479,71 @@ int __init security_init(void) return 0; } + +/** + * security_initcall_pure - Run the LSM pure initcalls + */ +static int __init security_initcall_pure(void) +{ + return lsm_initcall(pure); +} +pure_initcall(security_initcall_pure); + +/** + * security_initcall_early - Run the LSM early initcalls + */ +static int __init security_initcall_early(void) +{ + return lsm_initcall(early); +} +early_initcall(security_initcall_early); + +/** + * security_initcall_core - Run the LSM core initcalls + */ +static int __init security_initcall_core(void) +{ + return lsm_initcall(core); +} +core_initcall(security_initcall_core); + +/** + * security_initcall_subsys - Run the LSM subsys initcalls + */ +static int __init security_initcall_subsys(void) +{ + return lsm_initcall(subsys); +} +subsys_initcall(security_initcall_subsys); + +/** + * security_initcall_fs - Run the LSM fs initcalls + */ +static int __init security_initcall_fs(void) +{ + return lsm_initcall(fs); +} +fs_initcall(security_initcall_fs); + +/** + * security_initcall_device - Run the LSM device initcalls + */ +static int __init security_initcall_device(void) +{ + return lsm_initcall(device); +} +device_initcall(security_initcall_device); + +/** + * security_initcall_late - Run the LSM late initcalls + */ +static int __init security_initcall_late(void) +{ + int rc; + + rc = lsm_initcall(late); + lsm_pr_dbg("all enabled LSMs fully activated\n"); + + return rc; +} +late_initcall(security_initcall_late); From patchwork Wed Apr 9 18:50:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045289 Received: from mail-qk1-f171.google.com (mail-qk1-f171.google.com [209.85.222.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BB7D327C178 for ; Wed, 9 Apr 2025 18:53:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224829; cv=none; b=bm4jTsk1Kcot4PFhE+bwIyQDohvMqNkEtlunzCmNbUhjX4isMTeEksIGREtnTCZhzL8DW/HzhCXt7twVu2Y6Y++Hox3G6ifL2d628JFJM3pNPCZA6pJ+YvxyvNkHd/dfWY3jv6y6YLxUlgq2OuVgwK8dmQ/OFZlSYxvwuDkH8s0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224829; c=relaxed/simple; bh=U0J8daT5qbdY0XH0/6KwMZfXF6KoGXdJq3T5B3kThVs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=EZ2JGuR83KIIH2CzRU39d7IH12vJKtcTYEg9Xwp6bzdwAfBjVnOwV8JTFD/82DXofzochTvxIdJ3mZi1FbOopn5zopnTOfS+69YY2L1byfbs47QiBx9ocmnM4RX6O4qwj0QSyh4a6Y+6fy9w2PuRehWJjMWkqi6W7XgjC20UGEM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=MlUMReY1; arc=none smtp.client-ip=209.85.222.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="MlUMReY1" Received: by mail-qk1-f171.google.com with SMTP id af79cd13be357-7c54f67db99so113480185a.1 for ; Wed, 09 Apr 2025 11:53:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224826; x=1744829626; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XOHKz9d/qjT2CE9duhaUIeD9jISgOoKf1CYvh/h5rto=; b=MlUMReY1lCgQD/eolgpi9Nr2raLx8fyK/f/5UFvFpjgpC+ghisy+6p8O9hvspmDe7h ZxD2q9eEHqdyI4QOCghfzrj9w5sqG3+Bpl9jFIhbYI+msYw9pLQdV9CxYdkQ77QE3AkP uKoU6SFRCvV38f6t1iv5r/MncgpusEajtdgBYvgIE8UePHbsaMyIsJD+maZ9fd2pepIb iYIQDO6q3xBPNHRG+FiqNyGVrqkTDlguV5JOk7b8zAwmTBz3OWuUVX4dF02YU4dOYNiR QWf3wJMVAtivjAyvIEy2xf9IpB2Q6Yr4mYdo0FEBlBqj0sm+tzkuoRdoqTDj01kn44k6 MY7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224826; x=1744829626; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XOHKz9d/qjT2CE9duhaUIeD9jISgOoKf1CYvh/h5rto=; b=sfvOtB/9vAf6AcOrvo6/Ik2eel//PES9meea59oLA6/BVvwd0LegLBhQ3evOkUGBpE +8Pg6OXCr2l7/oQzBNDM69Mixa1+9XkYH0Glj5yS32sHkD2ovX+dsWh1/S7A0z5hNx4i CLQht2Rrnuaqxojb0lKgOWDuz2Bu/DczcGo2O/DhvtOh2sh7xSHp/dbcr4ObSTI/HCyL SbPKGtkhJDvgrHNoSIbqJ4+z5ZcxPqsOKdrmbSb6PaA59Qf2XzaQUXFnIBYq1qH2NdTQ fvdwNMIbRHl52V4oYS0+6qhGDH2D/wDx0tZUhmrTSven2lSBWVV1vPYETIfVkcU71UfK /DNQ== X-Forwarded-Encrypted: i=1; AJvYcCXwFTy89wpitZKMzDXMjA7FvIXU1z/hKzgyTmY5O3Sts++xTwdjG8Pa1CYThpXsJL2l6+JvLFqGi9WvB7YA9ec=@vger.kernel.org X-Gm-Message-State: AOJu0YzA5M4M74nfYsYbeMwKTYhpLwm3V5qo2evI1VZxqwmedUFl6tYW 9DMT12Shsb81sl77orH16FdgHsqIIYqtMErzgdPZ+PqkY52X/FlZKNOXcPx/Iw== X-Gm-Gg: ASbGncvcHW0Ft6qdxnWu055PT/67Un4bX4VpmCePYAoCum3pDJRnGmjvJoyxqYKCri3 I317N8282EKiGCUj1Qe7fNDiGXZYGIPgjAJQIGQ0rNTBGuwN/OaE5XXDcxPR5sbzWMeAAOWyRs6 p17On+AD045SNDp/YJoxuqOGuEGEkKlx68Viz66AcM98LTMygV/40ya7UlQR7xtg8t0XwjqtyCX oF8GqSblpfknqqCO9JW9acEI7TSNSn72c0ReDtp4HYw+A6zy/QU0AVoOhK6P2frGpRmh30WPJXm S34yFQgq7lgpcdAgxdvq64MyQU7BV1p/R7X9NZc58UmVSzqMkDzbFBXLegIxcOgHNoB6j7g8nfC TPmzyBRhIcA== X-Google-Smtp-Source: AGHT+IG+c6drXp3nozaPsjXztwAoOvjGgCaW6rE/tB4NQI4PpZiDxVdOYrpKlKJ0q3cSZYNhC4QBsQ== X-Received: by 2002:a05:620a:258d:b0:7c0:b384:77bb with SMTP id af79cd13be357-7c7a65e1ce2mr100060285a.14.1744224826739; Wed, 09 Apr 2025 11:53:46 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id af79cd13be357-7c7a11c9bd0sm105448885a.85.2025.04.09.11.53.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:46 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 18/29] loadpin: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:03 -0400 Message-ID: <20250409185019.238841-49-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1169; i=paul@paul-moore.com; h=from:subject; bh=U0J8daT5qbdY0XH0/6KwMZfXF6KoGXdJq3T5B3kThVs=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHWJoStLswLfKePDDr3dsFYxt6C8v3Zk7goC HEKVxevRFKJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB1gAKCRDqIPLalzeJ c2KMEACm7+2OCx2kQ5fG7StRMJW/3n1wX/suF7NH5uiAbGUkQgRDyX3aohGr/TNR1vI0WuBxcxd iKIdGrsFiPSGjQVFKWdgQmAA3zJYwHttMd+uS5G03hIGriID5uLDqrsS0x6/jkN9X1IrTgMWXNd 17OyZ6e4fOYvenc0FEn7YTz5Z1RIBC6zdeMSw8A9U1FFGzWltu8mkyQlTnwBBxQonW7ZZ5TLER+ t40CYiSURQJOBUllsApcrEz5+N64liy92cl726YpbmPrw159omGFxwf5WBG1rn11ERliOAlCRxZ qBo/r24HBp56gtHYSSLiVtKUziOqdVTPKEnhCRXJSx1U5ilJF1Sp1wMa+Biem4oqq1ujXQsK/Km 9Ezmy1vpGCuwmTeoZbWXfJO0K8iq2RSRD9RwpaTvcekvWqCbjOJb6AzQ5aaGAs+NI5QulV59d7J QnQrF2hKccrPBWm9TZrQi8k2S2oAstftdKSDzu57BCqJHT1QweyWXYUhN2TUneUPDNLJXfQ2xX3 IJXNGatmzo6V8malwATvZD5r8vEkCJlosykEOhY1nye5NsnenufsZPDWX7fEBy97J1T3oxhmTTP dUpVwCuOnSmTvsyqvwMopHrPMGloXaQBXAtRfVLJSbkgyDmaYBBntNgyOGRo2Y18lN5XoXHL/gG hT8O2jpwYddoTog== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore Reviewed-by: Kees Cook Acked-by: Kees Cook --- security/loadpin/loadpin.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index b9ddf05c5c16..273ffbd6defe 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -270,11 +270,6 @@ static int __init loadpin_init(void) return 0; } -DEFINE_LSM(loadpin) = { - .id = &loadpin_lsmid, - .init = loadpin_init, -}; - #ifdef CONFIG_SECURITY_LOADPIN_VERITY enum loadpin_securityfs_interface_index { @@ -434,10 +429,16 @@ static int __init init_loadpin_securityfs(void) return 0; } -fs_initcall(init_loadpin_securityfs); - #endif /* CONFIG_SECURITY_LOADPIN_VERITY */ +DEFINE_LSM(loadpin) = { + .id = &loadpin_lsmid, + .init = loadpin_init, +#ifdef CONFIG_SECURITY_LOADPIN_VERITY + .initcall_fs = init_loadpin_securityfs, +#endif /* CONFIG_SECURITY_LOADPIN_VERITY */ +}; + /* Should not be mutable after boot, so not listed in sysfs (perm == 0). */ module_param(enforce, int, 0); MODULE_PARM_DESC(enforce, "Enforce module/firmware pinning"); From patchwork Wed Apr 9 18:50:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045290 Received: from mail-qt1-f178.google.com (mail-qt1-f178.google.com [209.85.160.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F4B627C148 for ; Wed, 9 Apr 2025 18:53:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224830; cv=none; b=OyPijDZuwUu2RSgmpm5QvN0PrQwmu/Rrc5bDi5LKX1dzFuIzEte6GtO6TJeA+asZpBSNckc4QYCVxKFBhk8JVHFhPBErm4aXJ4ls0ItnDnbtNJsa2KJfVkmpJ/sgpsOzj4uUw2NJLxZSswzd2/etwiCT3Ge8zmMU3kffvXRLFV0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224830; c=relaxed/simple; bh=aZmsIvJPoI4ngYmXJWeXgF8y2oOlPMmKtKzq1MSs1DE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YI+THjffkyYhfymbcxNcoZXJ0Y3vCz0Cnh5zW87Yupe4krnD+hINMQe/mClmzn65wTQk5HXwFefQzvM7AlruH1hQwg9K6w0g94VR7HbUYKfZJiIoyfIP4byRuKyf020Ehtp2xJqKelep+C9Nh7m8Fzd0z5GrAO/UOTjndz7qJ/o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=Tqoe9yd9; arc=none smtp.client-ip=209.85.160.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="Tqoe9yd9" Received: by mail-qt1-f178.google.com with SMTP id d75a77b69052e-476af5479feso69792121cf.2 for ; Wed, 09 Apr 2025 11:53:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224827; x=1744829627; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0frXzb7FQ4unUv7hadq0SfdHmMnKmLmjlk2MSpCAis4=; b=Tqoe9yd9L05LucWrnguG82ECWN47AzV1zDI1m9MAgp13yEvWHvA+ngzw+BVMLjJ55w BsCpXVCy6l/aLNetiXEyPn/7JECS2Eh7GssTVY6NBNmCRR0MVqDmhFpuBuhfi326GzJk wqLAEGqrucv9BUM5LWvlVXYC3o4/T7PJNzoJh6ss4tzOdkPxYvFFOhV+8Wjm19bEtpLP p8qYGeAnAk6xOVvT9XvVMcU2icEsQJKxWp9xKv9x/LqpJhyrtWsjWn9CKQYJByJ8ZtF3 Im62uF1m/pw773cLUu+nSdwpwtqUh5o+vVuw2RmfYgyspBpLnydcZ5Kulg72aB5a6Qu5 SHcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224827; x=1744829627; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0frXzb7FQ4unUv7hadq0SfdHmMnKmLmjlk2MSpCAis4=; b=tFdQ+f8NFN0Rh12jShte/TqSj1pgn7jYWyl79khFItr5CtnPuwQVzBsBy3CDhQJWG8 UmSYK86xmUdCzP22LgTe92ZlGewPHpCKbWMzzwTIteGkF5/1YJ4cSEQOvoKX529l7gnS EQ1ADIsTtsHM3leP1OkwE4s6gMc8xGzkUXKYx7MC/LtAnaq6+m2SzNgNO6m3Kx7jdC0w 3CAlvYRXeZSP2xq9DXlsg8Ol/u9sOYVXBzTqOWCVEmc1UTFnYXzycViaIeffwiKj1RuK EECJjLzshXuXSh7cTp4zOdhJ/nbbfBMvihMI3LknCgS4eV/cDjIk3uprlFS6jFfPbxgd yd/Q== X-Forwarded-Encrypted: i=1; AJvYcCXOEdMPALZlA/9L/7Sa7rd9lqOalhSibVi/qYvtIV/hmlXrh+5HnvauI1P5h4wc7GUc0eufyJ3fgjum0CFYOtg=@vger.kernel.org X-Gm-Message-State: AOJu0YyTXoH7BnQgiJp4eU2JNE83ImvoXUrpL8FXzK0BnC9xoRdBiQtA LUM+ZV+SuwQYjvUw5+LX52I0LYut99JgZ6rgb98+9HqhH7q4dg4p0BQ2BgnwFw== X-Gm-Gg: ASbGncv64AV1W1QBb+ULmglTBZD7CMdcbXRZVd1dBW4cWm4fp2gWGFdNC4LUQkCxxk1 ZPn46qBxVO76P2tqwjH+zb+WS6LUctcNMwfAnMUS3snuB20CwuLT85K9EH3X3cjSysvN6fo76cB cbXhsfwcpPuy4r1QsU9SiUW/QQigso/UqXeDBCK0ExIzL09Hl/xrwx6Z+gkKLw0gHaD7ibTDjm0 YSdjGnkaiGlQRDW0CaZhKsqG/JmZU15J4ekzbNwhPLINlxBPJRO8vU/r+bNc7SP/hbH24cKh0q4 UuN0CDrGEkiQk9ERTFxW7FkxepwY/wEAStWkJD03nBaw8UuT4if3KgF/sfAKNxkz3LhAOBMIfYa V1NmegszVMw== X-Google-Smtp-Source: AGHT+IGM3GNaeeJGL2gDIPHXC+k23Jbk/TbMdo4kNoHgoR36g+QYaYkUm4L98mVKKwoC7nghpRZPpQ== X-Received: by 2002:a05:622a:11d4:b0:476:903c:822e with SMTP id d75a77b69052e-479600c2978mr57671031cf.27.1744224827573; Wed, 09 Apr 2025 11:53:47 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964ef7283sm10257671cf.68.2025.04.09.11.53.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:47 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 19/29] ipe: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:04 -0400 Message-ID: <20250409185019.238841-50-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1483; i=paul@paul-moore.com; h=from:subject; bh=aZmsIvJPoI4ngYmXJWeXgF8y2oOlPMmKtKzq1MSs1DE=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHcccWtngsU8Cc84kYdEf9bgvv0CHwM4v1BC 0cgx2uWnuqJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB3AAKCRDqIPLalzeJ cxYcD/9+8juKSTsg1WDIkPvMtLDYg1N/UF0f6RqwFmfnoPtH4gJN2rVLNdLp343bq+uZIWhjT5Y sod1rK5biX0sWHs9qmHHFp5+3uGXYDIAyFcALVc5exOCacHkFgdISykduCLLvHb45jKXpTobdSz Uv5s2xMUAKWhcWKlvoBku3Bq1A2bB0w14eca3ndSDzzsk5wKNi9Onja5WDAiAvWdyjPEQRj9Kj+ C37ZlTJc3WlH7faMncbhAjwiuAJwUQDsiOPG2GQ63Sf1GzBo8LDCQ9eMqRJhaoOzsz1CVgJeW4I 56JIs+m4HqvHNGBD9mtVU7rvG9VHwsbdB+uMEtYFSRfZFc37ZkHYB06K7M7takz0uLSPDZKHgfV gke6QlDwoJgPy36OVDcz8W39PZX67hJrmXUx0G1wB/ynhYXt8ygKmLHWZdDxDoZCCmGbNZEzaty AVfucVA+eVkMJ9RrcYHZxv3WRh3vq7bwMhxDi6VORaxNSDFREOEhzEmHG63ahksayaz5apkf3Ri QF/rsrUrUXI7HD7v+ZhndrwPo3gbr+GzcdriefXf4ScabZzjHPEDEVsY1E5fQz6hSE1Nd/mlF/7 HKETphgdAm9rpD0w3MB8Uv3OEqtkfnak/DiYjzBC3VIiypzWRcnOarBE+lUXwKsA8x5QmTazKHd HpLQWAC4uJcZ1Rg== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore Reviewed-by: Kees Cook Tested-by: Fan Wu Acked-by: Fan Wu --- security/ipe/fs.c | 4 +--- security/ipe/ipe.c | 1 + security/ipe/ipe.h | 2 ++ 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/security/ipe/fs.c b/security/ipe/fs.c index 5b6d19fb844a..e4437c70ed3d 100644 --- a/security/ipe/fs.c +++ b/security/ipe/fs.c @@ -187,7 +187,7 @@ static const struct file_operations enforce_fops = { * Return: %0 on success. If an error occurs, the function will return * the -errno. */ -static int __init ipe_init_securityfs(void) +int __init ipe_init_securityfs(void) { int rc = 0; struct ipe_policy *ap; @@ -243,5 +243,3 @@ static int __init ipe_init_securityfs(void) securityfs_remove(root); return rc; } - -fs_initcall(ipe_init_securityfs); diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c index 2426441181dc..71644748ed56 100644 --- a/security/ipe/ipe.c +++ b/security/ipe/ipe.c @@ -95,4 +95,5 @@ DEFINE_LSM(ipe) = { .id = &ipe_lsmid, .init = ipe_init, .blobs = &ipe_blobs, + .initcall_fs = ipe_init_securityfs, }; diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h index fb37513812dd..25cfdb8f0c20 100644 --- a/security/ipe/ipe.h +++ b/security/ipe/ipe.h @@ -23,4 +23,6 @@ struct ipe_bdev *ipe_bdev(struct block_device *b); struct ipe_inode *ipe_inode(const struct inode *inode); #endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */ +int ipe_init_securityfs(void); + #endif /* _IPE_H */ From patchwork Wed Apr 9 18:50:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045291 Received: from mail-qv1-f42.google.com (mail-qv1-f42.google.com [209.85.219.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD05D27C84F for ; Wed, 9 Apr 2025 18:53:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224831; cv=none; b=Wm3lF+6alKTZKbD42DxXBk6ehsMSQzMoXOOQP4vsgz6PxaoB34JSH5K6x3Yf5bVLuanirtuuWdi4nBUQlh1PgcJeSQDaRMcS5vDbNBiIP7VuVabhqJlg+CeAwLzdx6Lcq86554NJa2vTK4b06GG5I30vZqgrNpkKyrbCqu6IYI4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224831; c=relaxed/simple; bh=AVkJRjtNhqXhyUlfGVNTrUMP8tB9qm5nbyF0thgK/JU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=L3EJASPqeamwl4yD8bJM5GBZ2p/Dn8rQBhG8Esrp0rEkFc1Jlgt3TS1KN0APah2HbJewWPoYIgpoZVPMm5socN+43q+ciY+JmsnCbq9nEkFgGCPLgdUUN1cMBAuPuptk8uJa68MXGtcpgtt70zv/I1IC6Dt7k2o90lMDQ87o+Zs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=HdD5mXjx; arc=none smtp.client-ip=209.85.219.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="HdD5mXjx" Received: by mail-qv1-f42.google.com with SMTP id 6a1803df08f44-6ed0cc5eca4so11765666d6.1 for ; Wed, 09 Apr 2025 11:53:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224828; x=1744829628; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VKO29QV8yek+caUxIhnywepsP3FQanTvQ8hfSVxZoMM=; b=HdD5mXjxQX7FsbEwP4WkXckCmmwws0HYW4RfZHgTC0lM1ZzVOfcb1JaeSzOf/q+9YF I91aL0epn9KJhTeYe2caGurMjA3cQpbvou43oBTUv67LuGaALhv8Zp8DUIDsvC4iXYRL bZSQE0qAiFq0YUALIXdVMrDfAwF5LO2gYKmnr/Har6pbItTvnth02ZfWu1pUZw/PnMq3 1QSocebQiJSexpE+efqfkhdXHzrXtCI39mTZF2WSL6W8Zgk55pw4eaGMSmmX+sdpfT5l d7IJL+X8sHIKc1AyMU1Cn+BFEfT/VprrvbkKaIDKx4/tZ+hosUMjew2Kfgx7liweTGvR NWhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224828; x=1744829628; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VKO29QV8yek+caUxIhnywepsP3FQanTvQ8hfSVxZoMM=; b=V5hOly8t7I3b60ujaHwDKfv/ehoBUv9ghX8FY3f96CR7SUNCrFUXxsPCC+g8O6B3TO TAJX/Z0BvPr1VYGkXyV+4FSzpyQZeWFymGZDE8+HDxh1vcUBNfd4Nh3/L08Hnu1BZN4G 5BRfU8TzmAFaRyWxwRJJFG65QvPsE6cJW+dyyPPHl0clHqGYw6AefBQkyGdc4r/AOQiy EwvEKlIBLEbK7qspAGwEJOmdpoPiywmKotK20D4DjwLw8HDwKi6lX7UW0zQOt+6jGfJ6 WAuBeZPvWzJ+g0E2WF+lOoaYNiboa5Al6oRSY4QAfxFPlRYsnSxwO4ES3naOjt9LPXFC D5Tg== X-Forwarded-Encrypted: i=1; AJvYcCWgu0omYGV1XosAaD3PTcVc9ofmuMg4KG7RADG9xkhPiRnLCecQy7lcjtl8m2K9DBPlLSWqMg1Gub5RdWM74Bk=@vger.kernel.org X-Gm-Message-State: AOJu0YzSwRODdqJvksApCWkh9nuCuhhvkYvg1MrNeUZHn047z4fiqMZx O2nr8xDLROh5hl859gJTA+huhSy9GnIotLm66m7/OTdMEm+6cYBqjVSRQpQamw== X-Gm-Gg: ASbGncvLAHONXDZlOGsE6v16YCerVGo9j+L4fSLf1N7hQmmuKprcpq7HFDV8NSYY4+I Fw5jYhLe9A3RsCrEbxhUyWshtORK8EbEcBZ49DMqECCdt5X56TOqUapJTASktMWiXf/4Tjhk2/D EtvRKocHUkxPu1Kj8YwPQ3Sx9JiVUcPkQwbuNsHBc8mZqb1UhywMe2n2MzSAPMhQ4EXh8oREc56 tKUr+fWI0rm1eLaATy+XXBEtg5fqscc4D52uv0ufSACeDkom+Tzi81R5h/Yc+s5Nbwk9PyJoyqU OO0MEEnIEr6bkKSzW3gbmx31ABWrAWThm2gng1aCVdW2mjKG/EvnTxTYqth41yw4r21n9WCxfnU /+RjfSMUiPA== X-Google-Smtp-Source: AGHT+IGKMAYZQN2V76MHT3Js6gITRLB6/iF8KnmrzKiRhKmZSw8tQwBa3BrqLH4QaSEYiEHiRDo1lw== X-Received: by 2002:ad4:5993:0:b0:6ea:d503:6cfd with SMTP id 6a1803df08f44-6f0e4d04e59mr9943876d6.19.1744224828399; Wed, 09 Apr 2025 11:53:48 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de98088dsm10479746d6.58.2025.04.09.11.53.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:48 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 20/29] smack: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:05 -0400 Message-ID: <20250409185019.238841-51-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2917; i=paul@paul-moore.com; h=from:subject; bh=AVkJRjtNhqXhyUlfGVNTrUMP8tB9qm5nbyF0thgK/JU=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHiys+u8M003Mml32kBFN+BOJZVTyVEBEHBj 0HLFBNfBdKJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB4gAKCRDqIPLalzeJ cym7D/0cO1r1L2sdyvHjCYfW98sk0Zr7C2IQOTybQtrf3CEyTX556gVxI7u0yaAGyFGJ7wTyBiN Tv0iaPq/MEstauti5dq5iOAcgZxmM8JqBbaTF489G2jODPQPZ0DRe2JKeV1PIJbW7z4LS4vNXMh sXuDOClT5cLJxPAZXK1jMLMmV38TB7tXZz3dXnNsLpil/tEqosw2iuthX/TOKNRfb+20vqty7mL AsnKQ+0egsonYJQu5BcLeurySXBfjqRuRcwjvsV6+4/QlM1wdVVo8wndbwKV9dkwlFh5GjEoN1d ztu8QcE0aq/LbEl5XZlhJrHf7V2w4kYwCHhMVihgf3YgHh+r3CPSqDqv1y3uVWnd9ydS9zW1uOL mltFax4XfE2WNeDrykY3vGPbHUri7vXIZCR90dj5/l1v+QnxKaq2j9/XNYPqaX6QInu+sGbWJO/ y/tugf9vWo1UGmXX5ClBR/zoiaiS40Y3TLKtjoITmpR1tQf9mJSpsug3eg32YbEr/nvzZEfXjz4 ITIvHlRUeOj0osAi3wx/lnSY+4uTspUFQDECDNPVBt2jZAHji2sDJxwZNFQseJZKkFAzW9MUtsL 9ItubyJeodzYOvxKi5bery3E5E/aKgaB/cWcMfTacaaKyGa0+wJxqKAG1apKl3pjPYd4oNgJy9j OyuqAL+gWyw8Byg== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A As the LSM framework only supports one LSM initcall callback for each initcall type, the init_smk_fs() and smack_nf_ip_init() functions were wrapped with a new function, smack_initcall() that is registered with the LSM framework. Signed-off-by: Paul Moore --- security/smack/smack.h | 6 ++++++ security/smack/smack_lsm.c | 16 ++++++++++++++++ security/smack/smack_netfilter.c | 4 +--- security/smack/smackfs.c | 4 +--- 4 files changed, 24 insertions(+), 6 deletions(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index bf6a6ed3946c..709e0d6cd5e1 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -275,6 +275,12 @@ struct smk_audit_info { #endif }; +/* + * Initialization + */ +int init_smk_fs(void); +int smack_nf_ip_init(void); + /* * These functions are in smack_access.c */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e09b33fed5f0..80b129a0c92c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -5277,6 +5277,21 @@ static __init int smack_init(void) return 0; } +static int smack_initcall(void) +{ + int rc, rc_tmp; + + rc_tmp = init_smk_fs(); + if (rc_tmp) + rc = rc_tmp; + + rc_tmp = smack_nf_ip_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + return rc; +} + /* * Smack requires early initialization in order to label * all processes and objects when they are created. @@ -5286,4 +5301,5 @@ DEFINE_LSM(smack) = { .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, .blobs = &smack_blob_sizes, .init = smack_init, + .initcall_device = smack_initcall, }; diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c index 8fd747b3653a..17ba578b1308 100644 --- a/security/smack/smack_netfilter.c +++ b/security/smack/smack_netfilter.c @@ -68,7 +68,7 @@ static struct pernet_operations smack_net_ops = { .exit = smack_nf_unregister, }; -static int __init smack_nf_ip_init(void) +int __init smack_nf_ip_init(void) { if (smack_enabled == 0) return 0; @@ -76,5 +76,3 @@ static int __init smack_nf_ip_init(void) printk(KERN_DEBUG "Smack: Registering netfilter hooks\n"); return register_pernet_subsys(&smack_net_ops); } - -__initcall(smack_nf_ip_init); diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 90a67e410808..d33dd0368807 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -2980,7 +2980,7 @@ static struct vfsmount *smackfs_mount; * Returns true if we were not chosen on boot or if * we were chosen and filesystem registration succeeded. */ -static int __init init_smk_fs(void) +int __init init_smk_fs(void) { int err; int rc; @@ -3023,5 +3023,3 @@ static int __init init_smk_fs(void) return err; } - -__initcall(init_smk_fs); From patchwork Wed Apr 9 18:50:06 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045292 Received: from mail-qv1-f47.google.com (mail-qv1-f47.google.com [209.85.219.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54499279357 for ; Wed, 9 Apr 2025 18:53:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224832; cv=none; b=tXAyR7JxKCEkJYC75qsUInOzattQfPUyNL8uuHUwL4tXNonJqjcklAheQDgBHlyEwyjx87S7FCdZFzc4RqIzvh4eaPivy6kNNyT0c/ileLfvXQGcNaFpOMPhOYECJERG3Tu1CIJrD+KsX6iTG4jrx51zlbknNVlhso1BXiCkSXg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224832; c=relaxed/simple; bh=ncP3ipv/bV6iSyC9l86b4mFrIDnsVn2iRTu/Di2SXUk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=P/MpZQrcAd1+65a7mIgHOrkJA9gPxiMp/lRSKOupjlvTDJZwvE0pfufgTAx+ArfSpkT03RHld8VgOJdyY/72nyk7BHYGf9GqP8TOnDh41yI6Qi/nK9O78K8ddBnjlzTxAFD6FpoTaIij1wT5HrYRRWOotxKBl7YhiUT8T23CiH0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=W/LggYET; arc=none smtp.client-ip=209.85.219.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="W/LggYET" Received: by mail-qv1-f47.google.com with SMTP id 6a1803df08f44-6e8fb83e137so63322876d6.0 for ; Wed, 09 Apr 2025 11:53:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224829; x=1744829629; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5sXS9/0vT6l4p41gXbqSfGFGiz2UswVqMs3yG5LFyNk=; b=W/LggYETnLpTLb0g9Ue+wdRfslprOAjhBy0PNhyciVkcc/uALWRtz5g0h04B5rZFLx YxOEpPJ2bGxIdC5Sn573x7txiQoOtn8AEwsFwiuNYVwsfgsmOBUvPaO0gESZmmG8duMZ 4l+ECvAUg9uWuVzaV3wOMr0rVsVmL/benCYs4E9Ym7YWmh0+g0Nc55vX4pU5Cf0CGpbG yLUJSVJTyuDvyHstM/GSThZiYwW+6bN3U/p/cBzjO6Pbn+YfjDx1YERKjPNZjpAOMHDn 4weI12tTh1AV5ueWM/8KryXOZqh0PpLn2bip5BjQIv1SgbLOp7wI095LHGtP/cPbHkj7 DLEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224829; x=1744829629; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5sXS9/0vT6l4p41gXbqSfGFGiz2UswVqMs3yG5LFyNk=; b=mxEtuJMzzuZcNCSxFB46DV9k2igplN7pZGJgWW204cg76jTIK+g4ppkBYdJvj369lf EkKoNa1r/b5/A2EIbKrYf8Z7qlen/E7+jdl3pTIDJCHb8mBXzfisljuP8qgby9mZ5a+V UhgbHIivQytWlgxbkr/szJP+PKgiGIopLaTKNqc3QTzlp/GfLNqsKVz4yE0vDuNAtj+V C+hFbVYsBR5ZeSuVXWIIKNFyuY28NqUvsyTtqPMlDfZhS1EaSq4B4ph+wGcpBSyAWeJu 7hdxHlLYzog5NsSGtIeGcT0IKZfHi74xnFVfIQT9AnWK21K24oJRq0szTj+NOHkbbKc0 YNZw== X-Forwarded-Encrypted: i=1; AJvYcCUiNwfshGWPxHCiGrtx/T/vFacPAbz8IQLPucyIyZJyXGAvJDbfcU+p/EZnnm4t39WfLvxRy7v/GfWTOZN1CSE=@vger.kernel.org X-Gm-Message-State: AOJu0YxV/FSAA9n/tp7XBprwYCJaIV4GorftTQhV0VB4/zO54m+aozVP gkm9dj8JGkp5bmHDbX8T3nnWK/hbdpzZd3okBZM9DG4d7w6GfJmQtfFG5nXdhA== X-Gm-Gg: ASbGncuWr07EGZgFZ1nes/uFR2ClGSWdMAPtuQFS2AtVE3aBrFD0h4PLwPbUPXHEs0f OXMU82ffHegRq56Jbur8tUNu9Z5SE97l5dNUVf9Xxpk6yK7IVvdpeWWsyjXlTvAFVO+0Gvzxab2 w+DuBbQRIc7j5tq7heApgyDsFuHJO4CIHggTP9gPjalgNbkPPu/8eBMLPwE9ds0PDJfgVE/o2jL 5guSwReZiIyLBjzz2N1TwyYVabGywZeWhGOpdNSa8qh+jyL7ei0UrEUjfl8l/5MXF5ldQ+l7iZk 5xZsb11ZynAiHDJ3FY3DK/7j/5f+1EUl+Qs0ER+zjE8nHbXvCpFTTLZzRaD0Yov8vUELBBTEgMk LG5VsI4Grl+/iELT2p1Zi X-Google-Smtp-Source: AGHT+IGikOQWcj33KIm5rOskseWH/Yr6wXc7U+ofTbx3SIVskx7NHnm6yUKGbKIPuI6qNIrMd7NHZA== X-Received: by 2002:a05:6214:d8d:b0:6e8:f166:b19e with SMTP id 6a1803df08f44-6f0e5a7764fmr726926d6.17.1744224829253; Wed, 09 Apr 2025 11:53:49 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de95f8besm10578896d6.10.2025.04.09.11.53.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:48 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 21/29] tomoyo: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:06 -0400 Message-ID: <20250409185019.238841-52-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1727; i=paul@paul-moore.com; h=from:subject; bh=ncP3ipv/bV6iSyC9l86b4mFrIDnsVn2iRTu/Di2SXUk=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHoju/juiH/zVZi9WwQKm+CMvHYUamYCfM6H 9mASMylxUOJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB6AAKCRDqIPLalzeJ c/WbEADf0j6M1iz4BcrNyNfco3AIMMOUeG94gDrwdaYGx0kQ26rRMWRKjyseQ6+Kn6ZAJzATNzT SHBx+ON6VTqMHm8cVtMET2Es0dOVG8ZBf7NF2e4WPP5KfROq7OI7YGMzZLBhHP/UOilArfMT5Iy GqMpA8Hx1LEoC2rxvxtZqVcLMuiBWW7jn4ta/L/0+W25JAmhHY4+G+HFXOFOuCDxPy/4Ru2X33F oMA0GQQVsTWKRIZSBRZZNHrLGWNYHoSGYRNygbf25G3AbE3pvr+Kg4mmtdi61IXtFriUEIMVzHB V57rkGShdnV88dG3FM2farEGXWwkB0hsTLDkWxmH8PL0KyRqvKEYM81U/dpg/Od0qW1IdD+hUy6 oPiRuvdBounRwNQTK0GCGvbY+Ub49xOvgI09tg9Dw8sDFlNdT7kfV9DjIYPsDKYBkMxuhFDTI0Z +vFa0rb3awovFPra5a9LA2EViyasxmzDUP+C1ukFdc3MhmPPFNuc4dsb9QqsbujhNzhpMrGj1TH WHOawO5bhZ5mtdPKoNQgB5yf2GLZcwHH9YPhMlNINkFcNnyTTjjEBF8P774dYasB9ReTykiyZ5Y 42Cb7gikVJg8rbZF5aWuyOgsSvLtnrFG1zeg+c3TnwQ7diJx8j+mXG5ZN5zqBaJiLphX4tNu/dV bvkltXm/UQgAU4A== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore Reviewed-by: Kees Cook --- security/tomoyo/common.h | 2 ++ security/tomoyo/securityfs_if.c | 4 +--- security/tomoyo/tomoyo.c | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 0e8e2e959aef..3b2a97d10a5d 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h @@ -924,6 +924,8 @@ struct tomoyo_task { /********** Function prototypes. **********/ +int tomoyo_interface_init(void); + bool tomoyo_address_matches_group(const bool is_ipv6, const __be32 *address, const struct tomoyo_group *group); bool tomoyo_compare_number_union(const unsigned long value, diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c index 7e69747b2f77..33933645f5b9 100644 --- a/security/tomoyo/securityfs_if.c +++ b/security/tomoyo/securityfs_if.c @@ -233,7 +233,7 @@ static void __init tomoyo_create_entry(const char *name, const umode_t mode, * * Returns 0. */ -static int __init tomoyo_interface_init(void) +int __init tomoyo_interface_init(void) { struct tomoyo_domain_info *domain; struct dentry *tomoyo_dir; @@ -269,5 +269,3 @@ static int __init tomoyo_interface_init(void) tomoyo_load_builtin_policy(); return 0; } - -fs_initcall(tomoyo_interface_init); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index ed0f7b052a85..a015cf0c4a00 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -617,4 +617,5 @@ DEFINE_LSM(tomoyo) = { .flags = LSM_FLAG_LEGACY_MAJOR, .blobs = &tomoyo_blob_sizes, .init = tomoyo_init, + .initcall_fs = tomoyo_interface_init, }; From patchwork Wed Apr 9 18:50:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045294 Received: from mail-qt1-f177.google.com (mail-qt1-f177.google.com [209.85.160.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 698AC278149 for ; Wed, 9 Apr 2025 18:53:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224833; cv=none; b=V/PYEslNXWpIYb8CVTJVuG+/ZpgO1ddbAqkZQvm0CyFp+dptQ5Nt8Mt5yOwBjExTe9o9IoZpHSCu64vCB36S88/PZOv3NwsEyyL4VDq7PpnqqFbzlvn+Iu4CtIp6ARi0I4CV2EdF9wYMChUNbqbAD3P3OhkC3Kt6SzoF5AIWEeU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224833; c=relaxed/simple; bh=ApRTJHP3nnJAjZEel9K+GvPb3rr0j6am0sMw9Kt41Lc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jQV69jRm1dDGJh3CZNw7vyKl6wQ0/pGeHmzycnjnWmmUgtRgLHRSSPh/qMOmREc72S2HSVXABb+ZhCIVjtvDYYX+FF9sOVWZ0R3qH/lpneZMu82gs4FdnybL7IgJNlNn5M69rtdQg5Qv+m57Z7FA8fCkT6r3SjNvzIF+ICEYhBo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=cIRRjgji; arc=none smtp.client-ip=209.85.160.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="cIRRjgji" Received: by mail-qt1-f177.google.com with SMTP id d75a77b69052e-477296dce8dso70158211cf.3 for ; Wed, 09 Apr 2025 11:53:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224830; x=1744829630; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=cb1UzoeDrUAtaptT6ufvlujinhVhnpVPzpxEo5c3TZ8=; b=cIRRjgjibheY29FpaOu9VaryaTgZBwWNlL35FPxNJjp4rUmjQSjDDOt1vwVGvvnskJ j05AZV2KecODG47U0u2xRe8znYK5vK9Ye6ByZJV/vweyqnkRiEeqhwJiEMNfVtr+YTND VBtFhNQgbuvvAbzLlGaTtBX9XFNi8G2UNjJ58BrDc5ajj/idLRwygWsw/0nSu3LybiuK FsQivAWL+m5bt24cURTDopz+EY6N/WeYP+HgS4MjoNwtIdTy0NU+E7e/Z+IZYDiYMiRM neSX9wl/uC/i1+LAYd4qECVhzmxL4EK4LLvidqLuGTVjrYgtOt9uFuE9AHAVmdqvFMgc 1EBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224830; x=1744829630; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cb1UzoeDrUAtaptT6ufvlujinhVhnpVPzpxEo5c3TZ8=; b=Q81AYVxAVpUoegzpKJl+ylvp3cscGAwBw3lgKYHm6Y+X3WXdeKVPHQC9hbtrOwINMQ UuGLihKf4clHLr0eLCDwQn7zJ0X+9Qz3Jt9mrts0rR4pZs4YiTXFgalSzavj17oo0I2b lozv8b5sI9/VFBlsKCYJZxyl0pykhKjH8mIH9I9gVXolJUI5C5ruPLXLx+vWnxw92Skf 4+ij2qCouc53dalY5AQ3w2BvYyXnXxu5Gt67EM8YMT7L+Oz2hJAll916gT+FU0t1JR41 1PtARP0729u9FnTrdA6r7e8OusWpU7kEx7hC2HBW5fyTUoZvlAknMcVulyCWWyNQQigl QTeg== X-Forwarded-Encrypted: i=1; AJvYcCUqdHmc31ikObmqL2GMy3Dca0/LXj0AVgu84J0v+8eKCRtEis9oBEuhliQR/VIGKjUPmEPmqHRi7AiJ9ccd/Ic=@vger.kernel.org X-Gm-Message-State: AOJu0Ywwz1TI2ZMFOYipu4yAvkV7sXeGW9wdVvbtX2Z2neX9aAmlJDT6 HZObGZcdFHwLWPmrfb3XvQwV6NIofLXuMljKFaRbDr8lLm8it4MKJoRH5dzpTQ== X-Gm-Gg: ASbGnctjZrqMV4Na1NhxvtSQFDx/bbJ00nCkPAug+ZyXJdzKB+JpkWERWZ25hhDxyve FXEx7yy/YNaZnOlYKVMbX1UPnitEz+2Uvlb1uBTNH0oyBjSfotvOMzVihB+GRuREqu72CljgGmk PO0fFYIX8TKyd27e0INE6DEi6m60fvYvAGkxQGGsbFSx5h/DeDG2C/USPePGdGc8DY9fjBZu/Q6 UlhnaTP3KvxNIBuGMMv6T3BE32BXiTMQL50AImnDw4D26FFKxbI+DhcMaSLRnJxFMVanGH8DaXZ fioTD+bLAgFJeGf8eLWNJORxBNIIS1e12ccXkcYAGc4Mr77ANoNWJDkEp9uwmfpLX54C4yDjo2F CjEtHz62kgQ== X-Google-Smtp-Source: AGHT+IHWJwxR8jMogD/fSGoa/CWBNTRcOeWbfqXUPgXrQmIL/bl6N7pnAKKxRzFmTst3onulpE5kfg== X-Received: by 2002:a05:6214:23c8:b0:6e8:feae:929c with SMTP id 6a1803df08f44-6f0e5ac27f0mr566686d6.21.1744224830161; Wed, 09 Apr 2025 11:53:50 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0dea2186csm10444416d6.123.2025.04.09.11.53.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:49 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 22/29] safesetid: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:07 -0400 Message-ID: <20250409185019.238841-53-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1734; i=paul@paul-moore.com; h=from:subject; bh=ApRTJHP3nnJAjZEel9K+GvPb3rr0j6am0sMw9Kt41Lc=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sHuO8qs0Kplr4XEiQFOq7N91C8f9aD/G+zla 4l9lgn41KCJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB7gAKCRDqIPLalzeJ c3nOEACSTIJJdI2vHKuXlfwTlrsp93s4wVYXXPlNAcPLJiwpjg06/tph4qDy7SOWy0uxU47VSgj IacsIdwLSgxIAEiGmQrpkv8Xx8sNW2goL165LYw3hELx7qJIDxxjIIPnOuyM87MkgGofowjc64S ji7U3XQkRPJVB2MvfXGuV7OmfikzEjTT+2RaE9sgZ6C4be68ZqPCdUxi7RWkB5fkpaRDHsZG5vF RZRt5+/Mo+51wxYOEFMzYFF9gtSIrrqfesq4XkrNa3yq4CeG3J+aBOPzWZInu4o9xTuxDlpoJVu +YK95xEtAkatBf7VulmWyXg90Yda+F6MW0QCAkm36YuntiDZbrWD4mClhiRRZ1NAIuoo4tHrsfd gnEnh+T4hz12WVuslbiBY97cna2Su2Q4301XdLDrrtgiVk6mT0LqL7DxgtsuV1HHORVUxLU019r 95KDD1p6RMky/N4fZ6acI9JqkF1fi2nYuQ9vS8tRsiJfeBhHx0ZzU8zLFP0BDdySyjU1O0PvTq7 hBbaVCsK2GqumhsV9H8WNJzuus4yfMiCtUGOJbDp+2QV6qdUisUGylT81fSDaM3VwjukDXQRbPh 7a2Zmrp4wRbHP2A7sMCiBVku/zEGb56TtgkkqIRnRJ1qbyiJ0/z0f+7mQni7plWfCFZ+mMxzT5I vSGGHZkITDiC75A== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore Reviewed-by: Kees Cook Acked-by: Micah Morton --- security/safesetid/lsm.c | 1 + security/safesetid/lsm.h | 2 ++ security/safesetid/securityfs.c | 3 +-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index 9a7c68d4e642..d5fb949050dd 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -289,4 +289,5 @@ static int __init safesetid_security_init(void) DEFINE_LSM(safesetid_security_init) = { .id = &safesetid_lsmid, .init = safesetid_security_init, + .initcall_fs = safesetid_init_securityfs, }; diff --git a/security/safesetid/lsm.h b/security/safesetid/lsm.h index d346f4849cea..bf5172e2c3f7 100644 --- a/security/safesetid/lsm.h +++ b/security/safesetid/lsm.h @@ -70,4 +70,6 @@ enum sid_policy_type _setid_policy_lookup(struct setid_ruleset *policy, extern struct setid_ruleset __rcu *safesetid_setuid_rules; extern struct setid_ruleset __rcu *safesetid_setgid_rules; +int safesetid_init_securityfs(void); + #endif /* _SAFESETID_H */ diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c index 8e1ffd70b18a..ece259f75b0d 100644 --- a/security/safesetid/securityfs.c +++ b/security/safesetid/securityfs.c @@ -308,7 +308,7 @@ static const struct file_operations safesetid_gid_file_fops = { .write = safesetid_gid_file_write, }; -static int __init safesetid_init_securityfs(void) +int __init safesetid_init_securityfs(void) { int ret; struct dentry *policy_dir; @@ -345,4 +345,3 @@ static int __init safesetid_init_securityfs(void) securityfs_remove(policy_dir); return ret; } -fs_initcall(safesetid_init_securityfs); From patchwork Wed Apr 9 18:50:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045293 Received: from mail-qv1-f52.google.com (mail-qv1-f52.google.com [209.85.219.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF4E227C84F for ; Wed, 9 Apr 2025 18:53:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.52 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224833; cv=none; b=tBsiKNGD3+uHYF3/m4UZQg7gEbuK9yW2Gt76w/Z0kwwD8R/Jj+Zu+6ObMxqYZjWapW8H4nLH35+e/Xvcqs6xHmxWxjwklQLn6BvDzOlacnq8pfTKSr4PzD0xsxujwso4TTVdYTfpT8JN8OROKC6DYJyVWjHVALv1laFQdmyz/qQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224833; c=relaxed/simple; bh=o9kemQg2ZrcZ++q3g/lVrPZOr+jvZkLZMu//o1GFu5E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ssDxmf8WnQoUf2Z2vhjaH22JSv7NzZ4Mr108Doa5hbAsLyIIhTmGNNWSd8EZ4W//mLSQdIG5CZmvI8VFgKuY6MbdJmHBLd3Z//qWpNtdB/2OD1gwp0sJx3ePJ/xdEmkj250AtrkbY7TS1oq6wCffEcAeKUx1NtgnFV5ODrfOQB0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=G1a+k6Ja; arc=none smtp.client-ip=209.85.219.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="G1a+k6Ja" Received: by mail-qv1-f52.google.com with SMTP id 6a1803df08f44-6ecfbf1c7cbso119531836d6.2 for ; Wed, 09 Apr 2025 11:53:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224831; x=1744829631; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5gq/nNyMiHZBvGSIX/mJ97n45zcpCP+F85FIHz03xjw=; b=G1a+k6JaaqG9O0j7MNju4IWQkRpQge5FRvBIOxORQbie3BR+GcRSPa8cvmVozw8MYT logS59QCLl8mGho7JFEmV31PGLoCr8hAgN2RiCAftrY455ikmDh2+OiBjiiZzwawASHw Y4U5sc5eKvNvB9Rj2K2bu5knqfbqZBHgPBcfySMm/qWMZjk2ocAezyAXBASSKFwR77EI Nj6p/3kjvB3koAlqWLAYTk5Kz41QjjPRM6aGWS+ejYNj+o+UED9U6A6pIpx8hFtLbvc+ 12iij14bqAuexP6Q1UZckbYrMXyvI2JQF8XqXv2fJVusAZWOAqsag/exp4MD9NKD9N3f Ntgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224831; x=1744829631; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5gq/nNyMiHZBvGSIX/mJ97n45zcpCP+F85FIHz03xjw=; b=V96hiS3GL+uLuweziN4sAfV0+LduRJziKQ9mtxgWQhROf3sRR1+3U+zy1KVNLalBem v/JDDkDhOB+U6hk9dmmo49UGI4wtUQvCQrMDZrDlT4DrM0gbiDxijoaadP1J2o362J58 gsyDE2qFUEOLewFwC6eCvXKSslFDBJ77VOpQoR5NQ+73p5rGhgAysL0CdJIuo1ELNG1U rL7TKBhSKl7DAB1KW/wke1l/qFlHZNLwCnTx5v/00O7B741J6Z5YMw3qPPbaJ/6EBnT0 U67pccHNVqJnuTuNbQhjgITfDeplvPiyxKvOxEtsCS88bV/cQ1W4GOpxM2qNZh4PGb6G C5CA== X-Forwarded-Encrypted: i=1; AJvYcCX+dh0RZ4oaNcMxDXzLZ2bBbBe4+JSjbQnqb73s6B1NCEt31PikKkdAgBTIZZmsoEwmuaJjDTGex1Ez7d6WoiY=@vger.kernel.org X-Gm-Message-State: AOJu0Yw0QCEA5QgvvrZud6sZtYXk3vAOsGqJO6Q0SJh4FePZInf48aKg inipOttbmvLm60V/M1z8nKKMO8ksbHUQ6NbXJLivMWxLfzfQyYevQEzsL3i0bw== X-Gm-Gg: ASbGncsFj/oay4X4cm/R+AwtGh4Q01m4+X3g/JM/EU9j25/uO7+sPmcumQD7qEIaGoX 8RpDnLfgXH4QYcpdj9qysHHnjuuCJwaFx7St256a8kg9racqGjhy7fVwCuEsCY/EPhPoEY9L3cs 1aX9EK92IUvESH82vKI0ja/RDlS3Ur/a62RlEkGmPJ3SVYel+/WlCFoUY+pQlzFFrZI/vXzUgWc Isri8jSpDxDo6Ij7UwluCwWRQHZ5moKVZJFWHPm/umnvLLGXOM6tAQ1X+bE7CmjT83BvAkO5BhR O1GgprCVEjtw9j9ravfk5mK4xOuAjIV1CtPswVKZwUYvN1/PuneLsADfEo1f9myHJdNvpjJZga3 wDZ+sribeDg== X-Google-Smtp-Source: AGHT+IERc47YhNjd68qKisl3YeXLOV6qZiNUCE9Ko7pcD1uZwQwJOKkg6wSZglwrVrKmilNNAGJuzA== X-Received: by 2002:a05:6214:500e:b0:6e8:f99c:7939 with SMTP id 6a1803df08f44-6f0e5c4f53cmr364166d6.44.1744224831065; Wed, 09 Apr 2025 11:53:51 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0dea07f3esm10479066d6.76.2025.04.09.11.53.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:50 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 23/29] apparmor: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:08 -0400 Message-ID: <20250409185019.238841-54-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3522; i=paul@paul-moore.com; h=from:subject; bh=o9kemQg2ZrcZ++q3g/lVrPZOr+jvZkLZMu//o1GFu5E=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sH03vin1FJAZpmk4yWHgdyKl0i3IYbWfCCjq 30OtauprY6JAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB9AAKCRDqIPLalzeJ c+14EADA1cR6Q/zr76e0c/96sV2AcfOQEoH+DEP8AgzvuEqodGyhZtP3555kNnu9iHrpw5NYGRg CMTnHuOIN3ILgP+KoUhfdQnmOFEUcORJFTPnL7+YT0dH4fWXTgFedGOEiq3+Yv/iP5VHvIVBg4p O3aU9hAmQQLFJ3PhnUNVAkGx3i9hmJ/OmTi68+pju7OF2FXL2/JPNNCXmF+nBI+vAkR7drGn/qk OyXutUnOOtDAuGWxbwm17tJFcuVJ9RWsg9lVN2ugqf94q0v9422QgcJNwJYHkE8SnRibL3pdu6h zuOVJ9kHtgZiw81K2QNTuimaojrHWOmGdC56kU3HDmlWRlGSfPM7Q3GkcWorxeZ7Ol5GfI9uBGX l+L2YaeiFFGE0xrcrq7WvWlkrdYn9HdQnyc8bz6kDp0sKpQ/yMR9YsRvIr8wflgxde2pVWaI3/d dZhFyJ3Ny917pu1YnaKetFstt4+U+UlXH70UWyh87hWi8WPuou2nvqnyUN+maRbpZGj/NqYpuyk wJraLkumWEPBr4bse8xkNevdWY6toA124oQG2RXhOAsYU3d+8of3MLOLnozBb+uPUf4MyvinH6n +ewpOjJy2fCl5YjuK9skj9ndgZUX4mf0DYXZGpfVONzlm71JL6qepc0+IHzXXcZZY6AldT9BCV5 IigqMnvdQqIAmWQ== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore Reviewed-by: Kees Cook --- security/apparmor/apparmorfs.c | 4 +--- security/apparmor/crypto.c | 4 +--- security/apparmor/include/apparmorfs.h | 2 ++ security/apparmor/include/crypto.h | 1 + security/apparmor/lsm.c | 9 ++++++++- 5 files changed, 13 insertions(+), 7 deletions(-) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 6039afae4bfc..0a7550a5bceb 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -2632,7 +2632,7 @@ static const struct inode_operations policy_link_iops = { * * Returns: error on failure */ -static int __init aa_create_aafs(void) +int __init aa_create_aafs(void) { struct dentry *dent; int error; @@ -2711,5 +2711,3 @@ static int __init aa_create_aafs(void) AA_ERROR("Error creating AppArmor securityfs\n"); return error; } - -fs_initcall(aa_create_aafs); diff --git a/security/apparmor/crypto.c b/security/apparmor/crypto.c index aad486b2fca6..e4395c1bfac5 100644 --- a/security/apparmor/crypto.c +++ b/security/apparmor/crypto.c @@ -99,7 +99,7 @@ int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start, return error; } -static int __init init_profile_hash(void) +int __init init_profile_hash(void) { struct crypto_shash *tfm; @@ -119,5 +119,3 @@ static int __init init_profile_hash(void) return 0; } - -late_initcall(init_profile_hash); diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h index 1e94904f68d9..dd580594dfb7 100644 --- a/security/apparmor/include/apparmorfs.h +++ b/security/apparmor/include/apparmorfs.h @@ -104,6 +104,8 @@ enum aafs_prof_type { #define prof_dir(X) ((X)->dents[AAFS_PROF_DIR]) #define prof_child_dir(X) ((X)->dents[AAFS_PROF_PROFS]) +int aa_create_aafs(void); + void __aa_bump_ns_revision(struct aa_ns *ns); void __aafs_profile_rmdir(struct aa_profile *profile); void __aafs_profile_migrate_dents(struct aa_profile *old, diff --git a/security/apparmor/include/crypto.h b/security/apparmor/include/crypto.h index 636a04e20d91..f3ffd388cc58 100644 --- a/security/apparmor/include/crypto.h +++ b/security/apparmor/include/crypto.h @@ -13,6 +13,7 @@ #include "policy.h" #ifdef CONFIG_SECURITY_APPARMOR_HASH +int init_profile_hash(void); unsigned int aa_hash_size(void); char *aa_calc_hash(void *data, size_t len); int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start, diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index a7f6a3274682..2fefaab6349f 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -31,6 +31,7 @@ #include "include/audit.h" #include "include/capability.h" #include "include/cred.h" +#include "include/crypto.h" #include "include/file.h" #include "include/ipc.h" #include "include/net.h" @@ -2146,7 +2147,6 @@ static int __init apparmor_nf_ip_init(void) return 0; } -__initcall(apparmor_nf_ip_init); #endif static char nulldfa_src[] = { @@ -2277,4 +2277,11 @@ DEFINE_LSM(apparmor) = { .enabled = &apparmor_enabled, .blobs = &apparmor_blob_sizes, .init = apparmor_init, + .initcall_fs = aa_create_aafs, +#if defined(CONFIG_NETFILTER) && defined(CONFIG_NETWORK_SECMARK) + .initcall_device = apparmor_nf_ip_init, +#endif +#ifdef CONFIG_SECURITY_APPARMOR_HASH + .initcall_late = init_profile_hash, +#endif }; From patchwork Wed Apr 9 18:50:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045295 Received: from mail-qt1-f177.google.com (mail-qt1-f177.google.com [209.85.160.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 035BB27C861 for ; Wed, 9 Apr 2025 18:53:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224834; cv=none; b=X39H39c4CQYGZvL2helmaSZtorM+XU8u3n6+O/9K7hhvJHsL5epK0c8B/77Jw4ovToXiPVsk7mMPDFWbQt9NLe1K4ClokaRhBnAfx4x9XsORqVDTk7hPLPswhD+vMsoVe2S6nkLcFDr5G+Y0G4X+1ZYvuChyMSwlRYxoVRxtbYs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224834; c=relaxed/simple; bh=MkPoYwIG4TinjPfNk0EXrsRLK59ADeRUmFIT97JZOE0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=s9vRqATdw+yXQ2xVLZ7G67OO7TsFk2OcJZCjz235B2E3EHcM6ZdEI1YGjOwy+awxgykv+cwv2TH++U73oGIRhnummp4Pt3t0zYoXxEUDZWyz89piO93buY5ihO4FWlgTKIKimVpZWG9ZezFLMRN/uXYdugn5QhZAfIMgDBXmI/w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=B4B8KgAN; arc=none smtp.client-ip=209.85.160.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="B4B8KgAN" Received: by mail-qt1-f177.google.com with SMTP id d75a77b69052e-477282401b3so72173871cf.1 for ; Wed, 09 Apr 2025 11:53:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224832; x=1744829632; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MpBxHpsE71g/suNoRLUwEmP3N3oQiPkN9k6/6tTBThM=; b=B4B8KgANTO2yMHa4TLnCd7wW9aprQd1uLNDJqAGyqZttnLaxWL9lv7pxK/OfibSkpF 2IZAosKKF44VVLw3o+Ue9afWSUy2g9LDKaa3JyOCsRsY92f6S8bFjcuT0VYbiajqzb+d HYkaYUx/gX4kzY6Yr5uQTcepv0zlFp7aJ9rIQVKlIIjhBkmUa6Qp2dZJ8HlzYX7ZMJpu xqM1gXbaW/BMqE4Yw1Cvi66D4kvr5PBHE/rhsZi5AaWUsaiT36wjy1xV+rTdFJMkI9C3 QQUl+hK3d3wHEwORezgDTZp3MA7mrBarFVXwv6P0FlojDv1DOj/+h+ji6wdZg2zTkMuu uHhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224832; x=1744829632; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MpBxHpsE71g/suNoRLUwEmP3N3oQiPkN9k6/6tTBThM=; b=D8S6STN7FeRalhvNyHqllJgW1nBZP2CGh4+hUef6eVTy1QpUmF7S3+6pYbzfQZ4uHE fgpWfG4Gd7kfntii5wdjGcwe8CK/LpzD4Zs6QYbgy13xmWvci9fZ6PepdR6f68xufg+K zey7/JpbDw6fERzhDslGzZL4yz8hL0k64QbXmnRUmpd66cSLeDgnpjg1TqCycJ5INUCK CFjz/C1eTyV4lgo0JSoP2Pw5Gz9JIijz3FHTE5zWEXqush3wy0nJgQIGp9cQpj2TfSzf N/FG4PRwwxLLe6bwOioNY2tP8Yh5YB3Z6+yVySzijyzUTNLMHYOp2I8hHOcCZLRx4C6b GCWw== X-Forwarded-Encrypted: i=1; AJvYcCWYX3nmdXvXkHNW1A+JCAdklWtErMLLFNna+w12rJ/WEqCaSQDGf670zG12pBuFc6XfJ6M3p1ga3qXP39nY+f0=@vger.kernel.org X-Gm-Message-State: AOJu0YwcRK3yStHQRO5zrE695rePaOwbnTGCGeHPUFHh6hUouP8GZENq SigG/TofKBvlI7QlKWKRl8WaxzUuxMZ1vyubiGOZ9/UkW0lf2tlgw/ck/ysOXw== X-Gm-Gg: ASbGnctWQ7WIUuCLNtcd8hK0noWAZIV3R8DdK8ftmKBz6kGFA6mE3VncTQYvKzgAgJc Fm8IYI/Mjxb9+8kqV7rt95AiA1KdTrsGfOGQsSpAdSGzkHawFVcBRqWZGpSinOi1m6n/snCeYOv 4pVRFRBhnHyKgwWNKelSIF7NWDPTBJhx0nCoT1bx4LMmrV+bprmMCV6SeIPpAgLOi0Cn6OIsH4a oGwTpdU++GKNTQJJGyoYYkqbSiotAl5KCuQ3RUl2j7b7firAtTI1d6P42X222eeJaa/NwkGsxP9 N0lO0evSYVJQk3KptoEKRjraEwSPJ3g/DJGPVhKBpX9uQKK79T4cee39XBLwdbpTU4/TMsN2sUR 2y9n8+uB+bA== X-Google-Smtp-Source: AGHT+IGKjEcW8b/8GPzhZUHT1zNIKNgDIj/v7fuhXJr44NKDkgr4AuVO0W+EG6FcVrakZVdFk11qZA== X-Received: by 2002:ac8:5844:0:b0:476:80ce:a61f with SMTP id d75a77b69052e-4795f3598ffmr68385611cf.39.1744224832022; Wed, 09 Apr 2025 11:53:52 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964da3c4asm10539011cf.21.2025.04.09.11.53.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:51 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 24/29] lockdown: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:09 -0400 Message-ID: <20250409185019.238841-55-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=734; i=paul@paul-moore.com; h=from:subject; bh=MkPoYwIG4TinjPfNk0EXrsRLK59ADeRUmFIT97JZOE0=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sH7zz2TyyNFtvO3UgRZnEV312ilpaAUNyWAI hQx5NGZYJCJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bB+wAKCRDqIPLalzeJ cwNwEACfZo0wxnpfxkfjEszjRYFP9SCK/ie6gsYwcnTay9PKHXK8dv/Z4Hkt3MEWRmw3yIhWk2x 7bhGuKKRKWE4yrAbvkiEtFiApt10TVNU8JbiwrAJ6tVn2P47KPw0xGf70X5FLCvTKepz/k6+n9h D9jcyIOM5XE5nOUB6ojFqnLxOH/6C1QbrYBsg9238A1T1MVqk438tnlXYt1vQ5shxMM5nMYRGjQ yLAFBk9r5KP6f81vUEOVBA9gi2FgAYt1tWfUxWlOdUmTb7b0zAH/FL5K3Hga5NWgt2L/sr8D4Yb jBSh0HFxlXRGUe+ImUxEmqjZAREIwIP6KZuN4Q1hItmkTijpeY30koe3NF+o3f1+M/NvlC/I6xw alM7u43vHu5uP+1ehpTTS4VkdeDfv2a5Z86Mk/fZ7c0k+gDkaDBIuFEpnDuIGKxeoRZkIUut7zH kNg1TRNxeU4HxyJ9kSvhuX+VzgunlavA7XD6KFeQA3rrscdJPiLTQPT+NKxCKxrJ+7MxO5WKkCM ovXoKMxLPvHVbTbBYiPkhmOUEOsBcCQie+JGS6MTZSQlgyqAH3/l9O/s19FdSZO4OeAHQyGZb0U rt9tBhntZiEZ4EzbFllxU1uO+BhsfCtmhPWzQpWqYdAeSXS94BWyheG32ouvcy9XiUH1co/8qVn uNrcYeQ+acXJCew== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Signed-off-by: Paul Moore Reviewed-by: Kees Cook --- security/lockdown/lockdown.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 4813f168ff93..8d46886d2cca 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -161,8 +161,6 @@ static int __init lockdown_secfs_init(void) return PTR_ERR_OR_ZERO(dentry); } -core_initcall(lockdown_secfs_init); - #ifdef CONFIG_SECURITY_LOCKDOWN_LSM_EARLY DEFINE_EARLY_LSM(lockdown) = { #else @@ -170,4 +168,5 @@ DEFINE_LSM(lockdown) = { #endif .id = &lockdown_lsmid, .init = lockdown_lsm_init, + .initcall_core = lockdown_secfs_init, }; From patchwork Wed Apr 9 18:50:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045296 Received: from mail-qt1-f172.google.com (mail-qt1-f172.google.com [209.85.160.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4BB7D278149 for ; Wed, 9 Apr 2025 18:53:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224836; cv=none; b=e+L/RHifiZS33UtdeYYunmP0Nwxq5DI/y4CS1Z67x+Zfb0iRaeUYkzkbF1/PRfa+boZDCwYuqq5QUdoIQ9rysmp6LcLKlc4flXPOe5PqtsWDEFTnC+kxpqCY6xtlNDCxSXJpVUEqR+RbARMXMA6DCDeCcJi3HOJDwlo8qLjO3tk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224836; c=relaxed/simple; bh=qSinNT/tx+AFMXq4mOAmrQ6OXexHwQ1Obc6kW4yKz08=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NAg5l7JxrY+UeE7e4b9dEd0uzFXSMddnyUBtpBLNPp3YxbiC87Re4y9s/PVOdtpOudtxZbuJ2oKa0RnaZIqHPIyt1emZamA2RvJwrFro0P5mjQlA9GLwepGw75KC/7x0NQKb3dCZC/21Vcf1tLueYOJT6Hve5rdmtiHIAdHWlhc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=clA59IMI; arc=none smtp.client-ip=209.85.160.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="clA59IMI" Received: by mail-qt1-f172.google.com with SMTP id d75a77b69052e-4774d68c670so97084241cf.0 for ; Wed, 09 Apr 2025 11:53:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224833; x=1744829633; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=R7F+J7CLv0Q7TKcdsCSnDPPpdWK10ZRyc/PbHcMRk/Y=; b=clA59IMIgKYjNos5GixO2LJYlqJetGzTF/hrk4AB51BarPU6I/c9yhJS4W18YI3sP/ WnNH/HN1C79cnJbiRG8H3hobHJTbeTJ7M3IzQ+7OFiRJrJOrUSDfYAgHI5SPzmOXgYQ8 blfTgS0FPP9IW4s7BOLyx8R2P7zp2iR/jVRVGQGRSpIBMz2nW0V54HIiY2W/lXpUc8R0 zC53Sc97pfWO6r+rqr0EgO/1oVHMV4oea62fl7YliUdK8ct4NXBmlj2FQkLOv01kxO52 18enDS+JEmTUGNSh2xLvvEIfXEOW1ffMaLmAJ4iQ4K/CYMVgFr0gqwV3g2uqMeI9c/if hPmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224833; x=1744829633; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R7F+J7CLv0Q7TKcdsCSnDPPpdWK10ZRyc/PbHcMRk/Y=; b=Z332xpDgsgRa+A5jlSKpBGscjtScz+NX1M/QvJS0kNr1uHK98+J43h+jHEtU7W8sfp g45e3Wr74Bv5C/fmY1bYSUNF5Ch370jQMaOTgQslUxCDQmjXjXztbQc6zxhyteR8g5Q1 Mx1nGh1EkuvsLwDkARnqg+Oa+mBvTZdf6kxqUpWni3CDnLEWELNwuxgFDuVoBv7gOPnw 1cpWVLDlBWEVfl9jLALBeEAC/7bu9Kinkb/MpiSaYO8ySscz6u6BujT4A1/AwoO1dzPT mcIIcFjHaM++ps31mN/OwFSkKyR+m5v1P2KeainQhVPckY8lMg7YzznZE2iPqg1YAVD6 Vd4A== X-Forwarded-Encrypted: i=1; AJvYcCWmWhvcAOmtd3B6jPgMDqFOt1teiBvmHViw8c/w1C0uYTFruB8q5Ulm7yhSYgn8Edet2Oa5ZeAUl3z42tvDIGU=@vger.kernel.org X-Gm-Message-State: AOJu0Yymf1pi2OzTmPKpPar2YB85hEmwPPh2jURB0rkXMzau5Qkk4NyO x2W5UIS2kn+tY8Hpc6WYe2JYDQ4Wl27hhoPiUyvWBxwpK2RhFbkCmcsZ7Ay5+g== X-Gm-Gg: ASbGncsz7dFDlZS3vzIrZMm9MIEsicLr+4s2FYrrGB+jL+T43JbiBOgELWHdgUwyvNH deVTiRd77GEWHJLzQbz1Ugq/bQqtBTg/wgPkkrc9nL1dhz7m1NyWMkaSsbnf+OCqREzW8cn6S1I YdH65cgMUcR4R3g4PcTGNiPO2RFzKCoxdgMi1Ul/qo0Uo4Q3tg9nGAtaH+Ys9yNgbX77hVfj5Qp 3mwiA4n2lTF7ePff8WCopFR+ZZnVn2NoWYFoZNjgvm0xhx3x27G0w4M2pGwvQso1uO8ZpMgQqJw m/zZjMT8ZIJXiR6v+4HMEfUGawABQIcOv46as81Ir1CwCgX5W0Fe3q/JKnMkBdCDmZ4krGXF+cE EdAJwYc8CCA== X-Google-Smtp-Source: AGHT+IH8j+L3/WyowCHdZ+Lpg6i+z+njJlPi3PEm69Uk5bk5N1/ViqjQ2L4JUW0jWazX/KM5DcXLPw== X-Received: by 2002:ac8:7dd1:0:b0:476:aa36:d674 with SMTP id d75a77b69052e-479600c0adamr57068541cf.28.1744224832898; Wed, 09 Apr 2025 11:53:52 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id d75a77b69052e-47964ef799csm10296181cf.77.2025.04.09.11.53.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:52 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 25/29] ima,evm: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:10 -0400 Message-ID: <20250409185019.238841-56-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=13008; i=paul@paul-moore.com; h=from:subject; bh=qSinNT/tx+AFMXq4mOAmrQ6OXexHwQ1Obc6kW4yKz08=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sIBY2NMysmrJycfEVkky+9RGdUyFZimt4PfU HcMklsmSqGJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bCAQAKCRDqIPLalzeJ cynREACJKuiuDtFmEhBelYW8gr2pM/SehiGMWVwHzORAOnCmMiu9oHKiCqLsa5CakgfcyHC9tcb 28T4o0cS7gxWQpppRBSy43MKe2KDxz656x77UztAuHhOYubdyvSlC+ReR+8TXwQr25NIYR/nX9N v6DkWGCjAHKNsi1rYzDq1E3CDuuwLAUp20gFA3UjTI1e8wPXxSsGPu+i6z8vVMKkNOkQRr9mfBJ zU1G4sOVPH76SThD1rR7foAq9i4n5pjTHrKF9Ym4Chk7wx8yAOB5nyOQRTKVB7ocPB8hdHRMAQG PvKPK/Rmd9XaLmjSrixc9Wh9/0B4xVE7WoOZfuTx+LJupJV0hbFSjh2nO2ie78NMtdN5XiIUlRB qBYZyPqBM7rYt8Eze12OTDnJVXX1IzxWgz61JW9iVIAmVojR0fVb2Ya83L1Nvl2hROX1ERtg8fk 3vvMD2s9gIFEm8dbKVRDVKiXisVASvkyfO8/RPFis5T8ETeKRUMhKMeq7EZ8lVVdtzKj+CtedM/ Dnud8+m82aiIH4V3mMaqLgQiEH/xeaxQT2LFaxnv+bgfFfo+bMbmcNyRIu4+LvVfkoPiVhTWa2H ydhBe1wcsqFQEKtxUUB4m1x9wx3rPn4eu5L7IsEmN6zQYtP3IpR7mFCoHVPYo50NkbeDfr6NywE TW+wngHjRR/U5kw== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A This patch converts IMA and EVM to use the LSM frameworks's initcall mechanism. There were two challenges to doing this conversion: the first simply being the number of initcalls across IMA and EVM, and the second was the number of resources shared between the two related, yet independent LSMs. The first problem was resolved by the creation of two new functions, integrity_device_init() and integrity_late_init(), with each focused on calling all of the various IMA/EVM initcalls for a single initcall type. The second problem was resolved by registering both of these new functions as initcalls for each LSM and including code in each registered initcall to ensure it only executes once. Signed-off-by: Paul Moore --- security/integrity/Makefile | 2 +- security/integrity/evm/evm_main.c | 7 +- security/integrity/iint.c | 4 +- security/integrity/ima/ima_main.c | 7 +- security/integrity/ima/ima_mok.c | 4 +- security/integrity/initcalls.c | 97 +++++++++++++++++++ security/integrity/initcalls.h | 23 +++++ .../integrity/platform_certs/load_ipl_s390.c | 4 +- .../integrity/platform_certs/load_powerpc.c | 4 +- security/integrity/platform_certs/load_uefi.c | 4 +- .../platform_certs/machine_keyring.c | 4 +- .../platform_certs/platform_keyring.c | 14 ++- 12 files changed, 147 insertions(+), 27 deletions(-) create mode 100644 security/integrity/initcalls.c create mode 100644 security/integrity/initcalls.h diff --git a/security/integrity/Makefile b/security/integrity/Makefile index 92b63039c654..6ea330ea88b1 100644 --- a/security/integrity/Makefile +++ b/security/integrity/Makefile @@ -5,7 +5,7 @@ obj-$(CONFIG_INTEGRITY) += integrity.o -integrity-y := iint.o +integrity-y := iint.o initcalls.o integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index db8e324ed4e6..770d0411da2b 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -25,6 +25,7 @@ #include #include #include +#include "../initcalls.h" #include "evm.h" int evm_initialized; @@ -1112,7 +1113,7 @@ void __init evm_load_x509(void) } #endif -static int __init init_evm(void) +int __init init_evm(void) { int error; struct list_head *pos, *q; @@ -1179,6 +1180,6 @@ DEFINE_LSM(evm) = { .init = init_evm_lsm, .order = LSM_ORDER_LAST, .blobs = &evm_blob_sizes, + .initcall_device = integrity_device_init, + .initcall_late = integrity_late_init, }; - -late_initcall(init_evm); diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 068ac6c2ae1e..a4b88d67ff43 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -11,6 +11,7 @@ */ #include #include "integrity.h" +#include "initcalls.h" struct dentry *integrity_dir; @@ -42,7 +43,7 @@ void __init integrity_load_keys(void) evm_load_x509(); } -static int __init integrity_fs_init(void) +int __init integrity_fs_init(void) { integrity_dir = securityfs_create_dir("integrity", NULL); if (IS_ERR(integrity_dir)) { @@ -58,4 +59,3 @@ static int __init integrity_fs_init(void) return 0; } -late_initcall(integrity_fs_init) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 55a4f08a2565..1687badafb48 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -27,6 +27,7 @@ #include #include #include +#include "../initcalls.h" #include "ima.h" @@ -1180,7 +1181,7 @@ static int ima_kernel_module_request(char *kmod_name) #endif /* CONFIG_INTEGRITY_ASYMMETRIC_KEYS */ -static int __init init_ima(void) +int __init init_ima(void) { int error; @@ -1255,6 +1256,6 @@ DEFINE_LSM(ima) = { .init = init_ima_lsm, .order = LSM_ORDER_LAST, .blobs = &ima_blob_sizes, + .initcall_device = integrity_device_init, + .initcall_late = integrity_late_init, }; - -late_initcall(init_ima); /* Start IMA after the TPM is available */ diff --git a/security/integrity/ima/ima_mok.c b/security/integrity/ima/ima_mok.c index 95cc31525c57..4374fb6cc66d 100644 --- a/security/integrity/ima/ima_mok.c +++ b/security/integrity/ima/ima_mok.c @@ -14,6 +14,7 @@ #include #include #include +#include "../initcalls.h" struct key *ima_blacklist_keyring; @@ -21,7 +22,7 @@ struct key *ima_blacklist_keyring; /* * Allocate the IMA blacklist keyring */ -static __init int ima_mok_init(void) +int __init ima_mok_init(void) { struct key_restriction *restriction; @@ -46,4 +47,3 @@ static __init int ima_mok_init(void) panic("Can't allocate IMA blacklist keyring."); return 0; } -device_initcall(ima_mok_init); diff --git a/security/integrity/initcalls.c b/security/integrity/initcalls.c new file mode 100644 index 000000000000..de39754a1c2c --- /dev/null +++ b/security/integrity/initcalls.c @@ -0,0 +1,97 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Platform certificate / keyring initcalls + * + */ + +#include + +#include "initcalls.h" + +/** + * integrity_device_init - device_initcalls for IMA/EVM + * + * This helper function wraps all of the device_initcalls for both IMA and EVM. + * It can be called multiple times, e.g. once from IMA and once from EVM, + * without problem as it maintains an internal static state variable which + * ensures that any setup/initialization is only done once. + */ +int __init integrity_device_init(void) +{ + int rc = 0, rc_tmp; + static bool setup = false; + + if (setup) + return 0; + setup = true; + +#if defined(CONFIG_INTEGRITY_PLATFORM_KEYRING) + rc_tmp = platform_keyring_init(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + +#if defined(CONFIG_INTEGRITY_MACHINE_KEYRING) + rc_tmp = machine_keyring_init(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + +#if defined(CONFIG_IMA_BLACKLIST_KEYRING) + rc_tmp = ima_mok_init(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + + return rc; +} + +/** + * integrity_late_init - late_initcalls for IMA/EVM + * + * This helper function wraps all of the late_initcalls for both IMA and EVM. + * It can be called multiple times, e.g. once from IMA and once from EVM, + * without problem as it maintains an internal static state variable which + * ensures that any setup/initialization is only done once. + */ +int __init integrity_late_init(void) +{ + int rc = 0, rc_tmp; + static bool setup = false; + + if (setup) + return 0; + setup = true; + +#if defined(CONFIG_LOAD_UEFI_KEYS) + rc_tmp = load_uefi_certs(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + +#if defined(CONFIG_LOAD_IPL_KEYS) + rc_tmp = load_ipl_certs(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + +#if defined(CONFIG_LOAD_PPC_KEYS) + rc_tmp = load_powerpc_certs(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + + rc_tmp = integrity_fs_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = init_ima(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = init_evm(); + if (!rc && rc_tmp) + rc = rc_tmp; + + return rc; +} diff --git a/security/integrity/initcalls.h b/security/integrity/initcalls.h new file mode 100644 index 000000000000..dce16abb3b8a --- /dev/null +++ b/security/integrity/initcalls.h @@ -0,0 +1,23 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#ifndef PLATFORM_CERTS_INITCALLS_H +#define PLATFORM_CERTS_INITCALLS_H + +int machine_keyring_init(void); +int platform_keyring_init(void); + +int load_uefi_certs(void); +int load_ipl_certs(void); +int load_powerpc_certs(void); + +int integrity_fs_init(void); + +int init_ima(void); +int init_evm(void); + +int ima_mok_init(void); + +int integrity_device_init(void); +int integrity_late_init(void); + +#endif diff --git a/security/integrity/platform_certs/load_ipl_s390.c b/security/integrity/platform_certs/load_ipl_s390.c index c7c381a9ddaa..3bf91d925614 100644 --- a/security/integrity/platform_certs/load_ipl_s390.c +++ b/security/integrity/platform_certs/load_ipl_s390.c @@ -10,12 +10,13 @@ #include #include #include "../integrity.h" +#include "../initcalls.h" /* * Load the certs contained in the IPL report created by the machine loader * into the platform trusted keyring. */ -static int __init load_ipl_certs(void) +int __init load_ipl_certs(void) { void *ptr, *end; unsigned int len; @@ -33,4 +34,3 @@ static int __init load_ipl_certs(void) } return 0; } -late_initcall(load_ipl_certs); diff --git a/security/integrity/platform_certs/load_powerpc.c b/security/integrity/platform_certs/load_powerpc.c index c85febca3343..2904559e485b 100644 --- a/security/integrity/platform_certs/load_powerpc.c +++ b/security/integrity/platform_certs/load_powerpc.c @@ -14,6 +14,7 @@ #include #include "keyring_handler.h" #include "../integrity.h" +#include "../initcalls.h" #define extract_esl(db, data, size, offset) \ do { db = data + offset; size = size - offset; } while (0) @@ -56,7 +57,7 @@ static __init void *get_cert_list(u8 *key, unsigned long keylen, u64 *size) * keyring and the blacklisted X.509 cert SHA256 hashes into the blacklist * keyring. */ -static int __init load_powerpc_certs(void) +int __init load_powerpc_certs(void) { void *db = NULL, *dbx = NULL, *data = NULL; void *trustedca; @@ -156,4 +157,3 @@ static int __init load_powerpc_certs(void) return rc; } -late_initcall(load_powerpc_certs); diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c index d1fdd113450a..52c180704674 100644 --- a/security/integrity/platform_certs/load_uefi.c +++ b/security/integrity/platform_certs/load_uefi.c @@ -12,6 +12,7 @@ #include #include "../integrity.h" #include "keyring_handler.h" +#include "../initcalls.h" /* * On T2 Macs reading the db and dbx efi variables to load UEFI Secure Boot @@ -157,7 +158,7 @@ static int __init load_moklist_certs(void) * keyring and the UEFI blacklisted X.509 cert SHA256 hashes into the blacklist * keyring. */ -static int __init load_uefi_certs(void) +int __init load_uefi_certs(void) { efi_guid_t secure_var = EFI_IMAGE_SECURITY_DATABASE_GUID; efi_guid_t mok_var = EFI_SHIM_LOCK_GUID; @@ -235,4 +236,3 @@ static int __init load_uefi_certs(void) return rc; } -late_initcall(load_uefi_certs); diff --git a/security/integrity/platform_certs/machine_keyring.c b/security/integrity/platform_certs/machine_keyring.c index a401640a63cd..b49eb2bab7a2 100644 --- a/security/integrity/platform_certs/machine_keyring.c +++ b/security/integrity/platform_certs/machine_keyring.c @@ -7,8 +7,9 @@ #include #include "../integrity.h" +#include "../initcalls.h" -static __init int machine_keyring_init(void) +int __init machine_keyring_init(void) { int rc; @@ -19,7 +20,6 @@ static __init int machine_keyring_init(void) pr_notice("Machine keyring initialized\n"); return 0; } -device_initcall(machine_keyring_init); void __init add_to_machine_keyring(const char *source, const void *data, size_t len) { diff --git a/security/integrity/platform_certs/platform_keyring.c b/security/integrity/platform_certs/platform_keyring.c index bcafd7387729..84a8e4309f06 100644 --- a/security/integrity/platform_certs/platform_keyring.c +++ b/security/integrity/platform_certs/platform_keyring.c @@ -13,6 +13,7 @@ #include #include #include "../integrity.h" +#include "../initcalls.h" /** * add_to_platform_keyring - Add to platform keyring without validation. @@ -37,10 +38,12 @@ void __init add_to_platform_keyring(const char *source, const void *data, pr_info("Error adding keys to platform keyring %s\n", source); } -/* - * Create the trusted keyrings. +/** + * platform_keyring_init - Create the trusted keyrings. + * + * Must be initialised before we try and load the keys into the keyring. */ -static __init int platform_keyring_init(void) +int __init platform_keyring_init(void) { int rc; @@ -51,8 +54,3 @@ static __init int platform_keyring_init(void) pr_notice("Platform Keyring initialized\n"); return 0; } - -/* - * Must be initialised before we try and load the keys into the keyring. - */ -device_initcall(platform_keyring_init); From patchwork Wed Apr 9 18:50:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045297 Received: from mail-qv1-f41.google.com (mail-qv1-f41.google.com [209.85.219.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 090F927C861 for ; Wed, 9 Apr 2025 18:53:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224837; cv=none; b=KGNksxmKqQVRMTSyQC+SgGngzwIMiSfeRm8ibj2LzcSDbVyNhSBt8Dnx2lM6DI4kzwIFNGeygwaw4EnCwQ3mHGv0Ijz7e3iTBcGDk205JZ4J46/eBTSboUUoFuq/jGsBV/DNuK3Gz5XRa/Aij/wTiI1cYb037ECqv+OdWYP5TDo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224837; c=relaxed/simple; bh=utztmI35MpdP47rjxg0B2XjEZ9UWOwImBPwZUXo9w+w=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ciISnNryV/G1GQY8P+JOi7pKBR2s1lJiCORoBmIBPbSENKqCKW2YWEZFnChlLvWtPkkl4asXc+3GK3zchQymDhdFDYG52cOowRmQlBWak1uJIQ+Zm8b93khi+9SOjJLJFunpayAvIiZ3MxAsPCpFa/siWg/ywCthC1Ck9sviI+Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=Jxs6a4yq; arc=none smtp.client-ip=209.85.219.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="Jxs6a4yq" Received: by mail-qv1-f41.google.com with SMTP id 6a1803df08f44-6e8f6970326so69134976d6.0 for ; Wed, 09 Apr 2025 11:53:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224834; x=1744829634; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=fi2ZbxP1dCxAkMqJls0a7AvY5T+kQXoKTuD9ZugI9O0=; b=Jxs6a4yqdMaewRKM1DFFcakJWQDuNlDj2RpB8Fc/4HBXEr4Ha5QejtX0SQm09k4gH2 T2VG4dTFJY2+stV6SmDpNym2DGnp36SQk9iyE4oD6spjDhznVineOvVCDb4nt6BrFvVH PE6oGHrj2GeydMRBgUW+OwrakPbI95F2B1hF6lYPYDQ1Eb3mB5EcKwsBExjmqceBjB+v tTx9rcxFhRzEk1gE63EVTnADD2oXZsd17joY2HOPuCwP/YqO0AjJDri94wJ6tn/eZBfs 2eVBpROeeXLZ9LWcY0pG0X1XxrgALi66yyAvr1gimgEKR4Ks6TrGOEMHUAQfVK20/l8L OW8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224834; x=1744829634; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fi2ZbxP1dCxAkMqJls0a7AvY5T+kQXoKTuD9ZugI9O0=; b=SgLNnHULOBUAHFu3MkWkRZuVKtBdITJln2p/4YSKRK8G7de+tI/lDM/qJK40G7CWM2 Syz/oaOo20zFqz4hHWu1Fklxk+K47LrkwkqPvAadg8qQO5i51SdzXShCq6v+meJL6Znh 0U4S69mbmGfWxDoYXxJr2dxAVzCY163swrdfcfaceZYiOVqP9eEonOEIRDznIsaK/pek fc0oQohdkEkHIZJTUX1QitZFA3SmnYbrKYxZsdMj4d2+b+eloMPQ9WSQx7dN/GFGLxVG dMXdODYGG2mWAM9V5O40m6uEBc8yJ07LMdNwJDd/ZwxbmL4BJFprFSIDF/Y6/Yaq+pXn wW0w== X-Forwarded-Encrypted: i=1; AJvYcCUQCRuwwXs/ouDYliiFmBR9KoDCGzzI44PVTtsEEW/ytLjbGiEyn3dkmemXiDK9IFdjg13zS/1CW/WhjpWPPyE=@vger.kernel.org X-Gm-Message-State: AOJu0YyGgtvE6N4zQ+oO7KJWHoL62DmHoLqqzVNn7yv2QtPz+BE/vjN4 VFTsT1ygeINISDPrl/Hxhjd7dQcgjvA6DQd6OGH9e96/qIzw/xSAkH0vAD7GDw== X-Gm-Gg: ASbGnctkPGP9ah35MDtNP1sHR/3hkgueU24K2k5vaQigWpXbg4CujaWw8QpM5ZyiEQA f6k2PpnPnrro5JTPV1QKSCuol6A1dMXI2c0rkJOCpoEkrR093OjEFggFxHfuJ9jp6nxT8lExoxd 08ShipbSqfd5HCWvLQcJKrOGZIDCs0mGA9Y13UWibfK4evtvcbvVk6bsMbxFgpyEclfrcMD77kC 2jBoewPjL26rbKCaX4wpwzQb1Emzxh2sDHe2O0QAbNxg+5WjsiY4VDtVUuWt9GIROmSYmNob/i+ XiwwSVAn1gnL2T0/Smfcg7t9b7/D+pbeDUW84q5GeNy/eQ/n95b8Ci/vpdlbLia89nmAPBi7L8t BxDnO+8jK0dWPphDslu1B X-Google-Smtp-Source: AGHT+IFl66cH2RPOfrpETumLCEBM5Q5jzQ5/Cpv5i0rzGC0zuvYeprgQ/1/FXLHgr/Q4H7qe9913Yw== X-Received: by 2002:a05:6214:252c:b0:6e4:4085:9f72 with SMTP id 6a1803df08f44-6f0e5a67103mr742576d6.7.1744224833948; Wed, 09 Apr 2025 11:53:53 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0dea107a3sm10467746d6.114.2025.04.09.11.53.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:53 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 26/29] selinux: move initcalls to the LSM framework Date: Wed, 9 Apr 2025 14:50:11 -0400 Message-ID: <20250409185019.238841-57-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=10675; i=paul@paul-moore.com; h=from:subject; bh=utztmI35MpdP47rjxg0B2XjEZ9UWOwImBPwZUXo9w+w=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sII2T89dnUOGapoKo7YIS43SbOGs1ek/wqFy Re6iuI6meKJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bCCAAKCRDqIPLalzeJ c8aWEAClRdwnan2ftM0+IAQ9rlfu+hkp88V5wXZ5vnX4E62Wq7OB+9t1zquaqVAWXJCWudAuN1b a9ZaGZ95p8KONGykdvsNSJo6a3OuCSgsMU7ssFgW8XV34327OCLef4z4FVIz2peFbtAZsUeL8D3 1N/nhzvML5mYrPK54Gn5MCphFojDJ4oIwt+yQwgvlBvJO63gz4q2HeHvOk3E/SZSBUsyHsWzSdk Q5Y75IDXLTvCtVBy0JAvwkiUXztUVR0iPVmiJxnXF+Q9VqbtIROkI02cjONlASzQHwuVy1yTAiH CMVced8V9KEGI3c6W+0TXwEV74Ng61oZKFXsH10inYzL8PFTkavC1AfTT/Es8UtDv7lbnQx0Yj5 srytN/imfEm1+kX0fmVnWkhWfG6ZYPwPIjtZFvC07GjVjDuwt2WCrthQyF4gHTeHzkx9WeQvn2T DjmUuruDKsWc5JgWBUuIobk38fMN4Iyy30Fgf0FpA1nRor/yTd6kj3epvD/Ch7u0st9fRH1UKWK whJPXsWpfZls3K1vZtoHtAGehRNgAmzIb8N2CEaPGljJMMXwB+HWfJI0Vas4G1r4Aoaq79Q54hE CFCO+O7d5M1Lj0xq20K7GGkAJ1cwlH+c64AACErheXwEOIAyY4E7WOwbHiiy6kvQIjhpgA12Bxp xQYjiP7KyFj9n+w== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A SELinux currently has a number of initcalls so we've created a new function, selinux_initcall(), which wraps all of these initcalls so that we have a single initcall function that can be registered with the LSM framework. Signed-off-by: Paul Moore --- security/selinux/Makefile | 2 +- security/selinux/hooks.c | 9 +++-- security/selinux/ibpkey.c | 5 ++- security/selinux/include/audit.h | 5 +++ security/selinux/include/initcalls.h | 19 +++++++++++ security/selinux/initcalls.c | 50 ++++++++++++++++++++++++++++ security/selinux/netif.c | 5 ++- security/selinux/netlink.c | 5 ++- security/selinux/netnode.c | 5 ++- security/selinux/netport.c | 5 ++- security/selinux/selinuxfs.c | 5 ++- security/selinux/ss/services.c | 26 ++++----------- 12 files changed, 101 insertions(+), 40 deletions(-) create mode 100644 security/selinux/include/initcalls.h create mode 100644 security/selinux/initcalls.c diff --git a/security/selinux/Makefile b/security/selinux/Makefile index 66e56e9011df..72d3baf7900c 100644 --- a/security/selinux/Makefile +++ b/security/selinux/Makefile @@ -15,7 +15,7 @@ ccflags-y := -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include ccflags-$(CONFIG_SECURITY_SELINUX_DEBUG) += -DDEBUG selinux-y := avc.o hooks.o selinuxfs.o netlink.o nlmsgtab.o netif.o \ - netnode.o netport.o status.o \ + netnode.o netport.o status.o initcalls.o \ ss/ebitmap.o ss/hashtab.o ss/symtab.o ss/sidtab.o ss/avtab.o \ ss/policydb.o ss/services.o ss/conditional.o ss/mls.o ss/context.o diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f28a12a0a1c8..95b2399b1f4d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -95,6 +95,7 @@ #include #include +#include "initcalls.h" #include "avc.h" #include "objsec.h" #include "netif.h" @@ -7535,6 +7536,10 @@ static __init int selinux_init(void) if (avc_add_callback(selinux_lsm_notifier_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC LSM notifier callback\n"); + if (avc_add_callback(selinux_audit_rule_avc_callback, + AVC_CALLBACK_RESET)) + panic("SELinux: Unable to register AVC audit callback\n"); + if (selinux_enforcing_boot) pr_debug("SELinux: Starting in enforcing mode\n"); else @@ -7567,6 +7572,7 @@ DEFINE_LSM(selinux) = { .enabled = &selinux_enabled_boot, .blobs = &selinux_blob_sizes, .init = selinux_init, + .initcall_device = selinux_initcall, }; #if defined(CONFIG_NETFILTER) @@ -7628,7 +7634,7 @@ static struct pernet_operations selinux_net_ops = { .exit = selinux_nf_unregister, }; -static int __init selinux_nf_ip_init(void) +int __init selinux_nf_ip_init(void) { int err; @@ -7643,5 +7649,4 @@ static int __init selinux_nf_ip_init(void) return 0; } -__initcall(selinux_nf_ip_init); #endif /* CONFIG_NETFILTER */ diff --git a/security/selinux/ibpkey.c b/security/selinux/ibpkey.c index 48f537b41c58..2609913f338a 100644 --- a/security/selinux/ibpkey.c +++ b/security/selinux/ibpkey.c @@ -23,6 +23,7 @@ #include #include +#include "initcalls.h" #include "ibpkey.h" #include "objsec.h" @@ -219,7 +220,7 @@ void sel_ib_pkey_flush(void) spin_unlock_irqrestore(&sel_ib_pkey_lock, flags); } -static __init int sel_ib_pkey_init(void) +int __init sel_ib_pkey_init(void) { int iter; @@ -233,5 +234,3 @@ static __init int sel_ib_pkey_init(void) return 0; } - -subsys_initcall(sel_ib_pkey_init); diff --git a/security/selinux/include/audit.h b/security/selinux/include/audit.h index d5b0425055e4..5989f8dd1e86 100644 --- a/security/selinux/include/audit.h +++ b/security/selinux/include/audit.h @@ -15,6 +15,11 @@ #include #include +/** + * XXX + */ +int selinux_audit_rule_avc_callback(u32 event); + /** * selinux_audit_rule_init - alloc/init an selinux audit rule structure. * @field: the field this rule refers to diff --git a/security/selinux/include/initcalls.h b/security/selinux/include/initcalls.h new file mode 100644 index 000000000000..6674cf489473 --- /dev/null +++ b/security/selinux/include/initcalls.h @@ -0,0 +1,19 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * SELinux initcalls + */ + +#ifndef _SELINUX_INITCALLS_H +#define _SELINUX_INITCALLS_H + +int init_sel_fs(void); +int sel_netport_init(void); +int sel_netnode_init(void); +int sel_netif_init(void); +int sel_netlink_init(void); +int sel_ib_pkey_init(void); +int selinux_nf_ip_init(void); + +int selinux_initcall(void); + +#endif diff --git a/security/selinux/initcalls.c b/security/selinux/initcalls.c new file mode 100644 index 000000000000..81f01f8ad215 --- /dev/null +++ b/security/selinux/initcalls.c @@ -0,0 +1,50 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * SELinux initcalls + */ + +#include + +#include "initcalls.h" + +/** + * selinux_initcall - Perform the SELinux initcalls + * + * Used as a device initcall in the SELinux LSM definition. + */ +int __init selinux_initcall(void) +{ + int rc = 0, rc_tmp = 0; + + rc_tmp = init_sel_fs(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = sel_netport_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = sel_netnode_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = sel_netif_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = sel_netlink_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + rc_tmp = sel_ib_pkey_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + +#if defined(CONFIG_NETFILTER) + rc_tmp = selinux_nf_ip_init(); + if (!rc && rc_tmp) + rc = rc_tmp; +#endif + + return rc; +} diff --git a/security/selinux/netif.c b/security/selinux/netif.c index 43a0d3594b72..69f660721dc8 100644 --- a/security/selinux/netif.c +++ b/security/selinux/netif.c @@ -22,6 +22,7 @@ #include #include +#include "initcalls.h" #include "security.h" #include "objsec.h" #include "netif.h" @@ -261,7 +262,7 @@ static struct notifier_block sel_netif_netdev_notifier = { .notifier_call = sel_netif_netdev_notifier_handler, }; -static __init int sel_netif_init(void) +int __init sel_netif_init(void) { int i; @@ -276,5 +277,3 @@ static __init int sel_netif_init(void) return 0; } -__initcall(sel_netif_init); - diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c index 1760aee712fd..eb40e4603475 100644 --- a/security/selinux/netlink.c +++ b/security/selinux/netlink.c @@ -17,6 +17,7 @@ #include #include +#include "initcalls.h" #include "security.h" static struct sock *selnl __ro_after_init; @@ -105,7 +106,7 @@ void selnl_notify_policyload(u32 seqno) selnl_notify(SELNL_MSG_POLICYLOAD, &seqno); } -static int __init selnl_init(void) +int __init sel_netlink_init(void) { struct netlink_kernel_cfg cfg = { .groups = SELNLGRP_MAX, @@ -117,5 +118,3 @@ static int __init selnl_init(void) panic("SELinux: Cannot create netlink socket."); return 0; } - -__initcall(selnl_init); diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c index 5c8c77e50aad..11b5eac30641 100644 --- a/security/selinux/netnode.c +++ b/security/selinux/netnode.c @@ -30,6 +30,7 @@ #include #include +#include "initcalls.h" #include "netnode.h" #include "objsec.h" @@ -287,7 +288,7 @@ void sel_netnode_flush(void) spin_unlock_bh(&sel_netnode_lock); } -static __init int sel_netnode_init(void) +int __init sel_netnode_init(void) { int iter; @@ -301,5 +302,3 @@ static __init int sel_netnode_init(void) return 0; } - -__initcall(sel_netnode_init); diff --git a/security/selinux/netport.c b/security/selinux/netport.c index 2e22ad9c2bd0..d1c12f58a628 100644 --- a/security/selinux/netport.c +++ b/security/selinux/netport.c @@ -29,6 +29,7 @@ #include #include +#include "initcalls.h" #include "netport.h" #include "objsec.h" @@ -220,7 +221,7 @@ void sel_netport_flush(void) spin_unlock_bh(&sel_netport_lock); } -static __init int sel_netport_init(void) +int __init sel_netport_init(void) { int iter; @@ -234,5 +235,3 @@ static __init int sel_netport_init(void) return 0; } - -__initcall(sel_netport_init); diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 47480eb2189b..88d16c1dbb5a 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -35,6 +35,7 @@ /* selinuxfs pseudo filesystem for exporting the security policy API. Based on the proc code and the fs/nfsd/nfsctl.c code. */ +#include "initcalls.h" #include "flask.h" #include "avc.h" #include "avc_ss.h" @@ -2131,7 +2132,7 @@ static struct file_system_type sel_fs_type = { struct path selinux_null __ro_after_init; -static int __init init_sel_fs(void) +int __init init_sel_fs(void) { struct qstr null_name = QSTR_INIT(NULL_FILE_NAME, sizeof(NULL_FILE_NAME)-1); @@ -2175,5 +2176,3 @@ static int __init init_sel_fs(void) return err; } - -__initcall(init_sel_fs); diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e431772c6168..d84a496e5f7f 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3534,6 +3534,13 @@ struct selinux_audit_rule { struct context au_ctxt; }; +int selinux_audit_rule_avc_callback(u32 event) +{ + if (event == AVC_CALLBACK_RESET) + return audit_update_lsm_rules(); + return 0; +} + void selinux_audit_rule_free(void *vrule) { struct selinux_audit_rule *rule = vrule; @@ -3784,25 +3791,6 @@ int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vru return match; } -static int aurule_avc_callback(u32 event) -{ - if (event == AVC_CALLBACK_RESET) - return audit_update_lsm_rules(); - return 0; -} - -static int __init aurule_init(void) -{ - int err; - - err = avc_add_callback(aurule_avc_callback, AVC_CALLBACK_RESET); - if (err) - panic("avc_add_callback() failed, error %d\n", err); - - return err; -} -__initcall(aurule_init); - #ifdef CONFIG_NETLABEL /** * security_netlbl_cache_add - Add an entry to the NetLabel cache From patchwork Wed Apr 9 18:50:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045298 Received: from mail-qv1-f54.google.com (mail-qv1-f54.google.com [209.85.219.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF09927C878 for ; Wed, 9 Apr 2025 18:53:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.54 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224837; cv=none; b=jVvYORrUv03DuncvxZ/u1x9QlFREYuqgD/X3G7EVL7mMevYSzwFm06AZ3QDokedYjqBgQkDbaH9pKeYVC1W7tr1urZQP6f6Wi/c7eX16HB8p6nx0vTqj4lqMvSJh1G1y/lao/gg4CDcMinMAYpdLkqRuItGJnGEAhd+A0uhPQEY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224837; c=relaxed/simple; bh=PrN0eKET272MqYvpyKfbTsLvpxVkWcKMDEl17osJyFs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=F+uG2Vmtn5DLuVJ1bSmUKtqD8aopFYp0DSv9GZ/n1+CnhAsIb6payyHI1U5lJ07ZpvrABrx+GUo6moYKpTNJx7kpwu0Ow4Gy176XMOZAWWTy6zo/Jz2JboLbVQDJjrgRlg7j/AQgr48L7w8yyQ6hIJUK8yzUHMkH97jsuOeoQtM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=EaUXia/m; arc=none smtp.client-ip=209.85.219.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="EaUXia/m" Received: by mail-qv1-f54.google.com with SMTP id 6a1803df08f44-6ed0cc5eca4so11766686d6.1 for ; Wed, 09 Apr 2025 11:53:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224835; x=1744829635; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kATB6b7rfxqvL0cXzYWVDgnxVdpmTKsX9O+BlcwUWW0=; b=EaUXia/mBZVBBhMbdBNZAkAPkmW7/V4qQNNoRW38C/gpwjTPI3XAjv1+eAp2pi4MCa crVlwFOgSI9Bfx/czxKa3I4QSdPW6BS5M1ama8uPcWQJ9yHHZvQ7745Cy59oUtBVq2O1 /Ppqg7TnrX/i4eBahJckgJO7fBfF6aF9L4uaiJRDtUHr+ZnuJdtBYLymQ88WTEAQ1NnZ B4QuopTZlr+cVU6wilY9hjtVaNd6wjskpE9JyZzCU5WQEW6rVlvjxPx3hpqdAkirhz54 hOi0DIfnLCgveSd+9YwXXhvrkHKcyTsqDc5lSEJq+/A6Eh+Edo39x5gjqyTMklAAVp9N y0sA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224835; x=1744829635; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kATB6b7rfxqvL0cXzYWVDgnxVdpmTKsX9O+BlcwUWW0=; b=t6t3v7cnuVO50zinxPasQNNnT4FNKBmeKHvGvRGSKRprxHGi9o7DsvqlATF5OM4MCK 4YQ7ks4juVGaTpMfn6vFMDeHhi5x/ogDh3g1gfZWZo/Fn4vqDispDLD3RlqXzmW9SEmd xHD99k2nAWDlIpFyhJUKHzMG9LsJdbSDpRF0zroq2uYKmTmbfyYcu4RZ1wn3PxtSWWfP jDtNKyvK26jlQpcfna35uIo2gMypqbZeyOop582dCfyHT5hWE2wbVZb3E9IkriOvlEDl uI6SnjrxWc/kF8wRQRANe4FX5v5AxwQLNZF73A/gpqz3CjwvV/5V3A0R6uycZGih7ObS EPgw== X-Forwarded-Encrypted: i=1; AJvYcCW9pm2Zy9veGUniO9S/bIra4pSiUB8qR8Qk/p1ZCXXmTOAAH+qpysWxGaqLVLX+bUdKvfEvD6YCt/DvjnllzyQ=@vger.kernel.org X-Gm-Message-State: AOJu0YxrHAFIfyxSX68Yb36yEz/fGDHtf/Lv/dJg6Z1i5D8DUWm+xVCw 40CKwC0B+mWFHPKw1/W+hCrYa+bPIvbjYEk0+LOZcDax5YeRpCK2wrfA6Le3TA== X-Gm-Gg: ASbGnctkMmYsTBc0Th881j2uy/fewwclzA4TL3P/aFO+EchG8wb1M/QqyD17SdW0mwS uxy1tlVQBFvdEO4qbKYA/W2CyIzpSTHXjK4ZvB6mWptyWPD7tRWNV3GdDdz9pyQn7iuCmRd3vZH Ypy7ey7iOYesc79Sc5A/tCv5gRX9wR/V4Oky8Q85a4gQShzJClcrzPT28AggswBFGZQNLmxRaVp oTMqcvF1ZssMmgqa4bRbeqj0t7Mq9aM6oGS1oJa6snr893pmnhougoB63kbe3p/bu8+amdFTmL6 Yft5NYt/Iy46LJnktR76+/66H/2jYyBHjpuV+R7JKzY0VIT25i5r1SlVYszlFvS6PtLMvqQMTZz tlRg/QCm5mw== X-Google-Smtp-Source: AGHT+IEemC50KA/WyRHDEgLiWRsHI0RRXRXGr8ZGg4VJ6LThazDHrCCsoVbGLWt+McOXildVKh51Lw== X-Received: by 2002:ad4:504c:0:b0:6e2:383f:4acd with SMTP id 6a1803df08f44-6f0e4c7f873mr9893526d6.7.1744224834852; Wed, 09 Apr 2025 11:53:54 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id af79cd13be357-7c7a10ba74bsm106575785a.30.2025.04.09.11.53.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:54 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 27/29] lsm: consolidate all of the LSM framework initcalls Date: Wed, 9 Apr 2025 14:50:12 -0400 Message-ID: <20250409185019.238841-58-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2798; i=paul@paul-moore.com; h=from:subject; bh=PrN0eKET272MqYvpyKfbTsLvpxVkWcKMDEl17osJyFs=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sIPi3POvhOt2pY5xdpdJT2VBGb5TQ6QlFVu1 pjLw27Jb26JAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bCDwAKCRDqIPLalzeJ c7h1D/9bnJjmcuDTeSIQESIabJvH4KNhWLg4YzqOI/sU8P+OAvAW7fF2SD4n390qfH0v9MO3hli 830/HKjpk5NAZv2hVj2JqZWrnBR0zYcanselNm5d7k1Bc0p3bmN7R4fnZm0Nyoy5JkKWCvjjMtZ TGFshBhE5jvFEqb9W7Szs8A+qM4Nt9B2NqZkSfwN5+AsJvxesBoqg7675a3tDgXSHw8BzpuSun3 uRl7gIkgxptSXQzt9+KSnFCCwUF71Lz/MiaHFlLKo99amklfPsB83bArpDtCWInojRVEIk/f2v4 gpXAlIlW+WyPiSlGXevb1fXcV9GAQTpQfAsK+vaf2nH3S6o7yfPz6c1wC8nZHCRWbxQUooli1r0 Ica4Iby3EtavtMxdvz0tcCnkaw/dgUyXG/L1dQkKzSwVLzQOwaiw2NuoQUk7YMcC0CpCE9s6K9H EtqUPxUSowPjKd3YIbUuAwcV9EX2BfeVv7SPz+GsYA0uZ73K2zfargaKf3YgQ/1azVOWz4aXVRl kaW+5shHpKmTm77tcclL4NbryLowtMgXKah6v7HwzRZ4IevAtF9khPYVTvRzed29qxS+LYLtiFA LFS4LZ2BIlUEAxZEuumoYSH8Jvo5/q8V5MTHiME/8vf0lTZkEKsZKU3oKPY/UfEDr9TW3gTxZf8 N5K4JluwMBddtow== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A The LSM framework itself registers a small number of initcalls, this patch converts these initcalls into the new initcall mechanism. Signed-off-by: Paul Moore --- security/inode.c | 3 +-- security/lsm.h | 4 ++++ security/lsm_init.c | 14 ++++++++++++-- security/min_addr.c | 5 +++-- 4 files changed, 20 insertions(+), 6 deletions(-) diff --git a/security/inode.c b/security/inode.c index f687e22e6809..671c66c147bc 100644 --- a/security/inode.c +++ b/security/inode.c @@ -375,7 +375,7 @@ static const struct file_operations lsm_ops = { }; #endif -static int __init securityfs_init(void) +int __init securityfs_init(void) { int retval; @@ -394,4 +394,3 @@ static int __init securityfs_init(void) #endif return 0; } -core_initcall(securityfs_init); diff --git a/security/lsm.h b/security/lsm.h index 8ecb66896646..c432dc0c5e30 100644 --- a/security/lsm.h +++ b/security/lsm.h @@ -35,4 +35,8 @@ extern struct kmem_cache *lsm_inode_cache; int lsm_cred_alloc(struct cred *cred, gfp_t gfp); int lsm_task_alloc(struct task_struct *task); +/* LSM framework initializers */ +int securityfs_init(void); +int min_addr_init(void); + #endif /* _LSM_H_ */ diff --git a/security/lsm_init.c b/security/lsm_init.c index 75eb0cc82869..c0881407ca3f 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -485,7 +485,12 @@ int __init security_init(void) */ static int __init security_initcall_pure(void) { - return lsm_initcall(pure); + int rc_adr, rc_lsm; + + rc_adr = min_addr_init(); + rc_lsm = lsm_initcall(pure); + + return (rc_adr ? rc_adr : rc_lsm); } pure_initcall(security_initcall_pure); @@ -503,7 +508,12 @@ early_initcall(security_initcall_early); */ static int __init security_initcall_core(void) { - return lsm_initcall(core); + int rc_sfs, rc_lsm; + + rc_sfs = securityfs_init(); + rc_lsm = lsm_initcall(core); + + return (rc_sfs ? rc_sfs : rc_lsm); } core_initcall(security_initcall_core); diff --git a/security/min_addr.c b/security/min_addr.c index df1bc643d886..40714bdeefbe 100644 --- a/security/min_addr.c +++ b/security/min_addr.c @@ -4,6 +4,8 @@ #include #include +#include "lsm.h" + /* amount of vm to protect from userspace access by both DAC and the LSM*/ unsigned long mmap_min_addr; /* amount of vm to protect from userspace using CAP_SYS_RAWIO (DAC) */ @@ -54,11 +56,10 @@ static const struct ctl_table min_addr_sysctl_table[] = { }, }; -static int __init init_mmap_min_addr(void) +int __init min_addr_init(void) { register_sysctl_init("vm", min_addr_sysctl_table); update_mmap_min_addr(); return 0; } -pure_initcall(init_mmap_min_addr); From patchwork Wed Apr 9 18:50:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045299 Received: from mail-qv1-f51.google.com (mail-qv1-f51.google.com [209.85.219.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DA6F627CB00 for ; Wed, 9 Apr 2025 18:53:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.51 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224839; cv=none; b=KmT1bfTDSIdz+Dr31dXLQ7aetTM351bQvIO/MiVIWUBTVf9vP69mHsrwv/N+obNKaibMc0qCLUQTPLrPQQf8fN99aTB/guATV804qlWeC8qz7zW3vEdDxA+0XRJ9W7fRdFXBYcsPypL1MmN9dLxj83zbKahxTw7RdY6oYNg5BG8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224839; c=relaxed/simple; bh=EOhKFjWPk2W+JME5T82mhmndtBkKJ4lU4BvvjUFikbE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VAlpkpupmWqSkYbF07t8na7WghIXa/DfM3L81CSMo6rJs4j0sXwXORM8IKhoV4MaNokIaNjB+RCllZYaniuw6RJ77VgH5eGNnLvJRmoADIwEwIcBTv/rctcrCpKriwGGWpNKx96Xmzyd17ssLNubXVaHP7WqiWo3tbybOPXn700= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=CsTLtt5V; arc=none smtp.client-ip=209.85.219.51 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="CsTLtt5V" Received: by mail-qv1-f51.google.com with SMTP id 6a1803df08f44-6ecf0e07947so658446d6.0 for ; Wed, 09 Apr 2025 11:53:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224836; x=1744829636; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FznqwKTb5apAKN7+PdryvYkHD8cDOK5T7aoHaw7NUu0=; b=CsTLtt5Vw0RXkken0N8YjsPORF8mLyHFZ0YXh/8IbHm44jrOdpKe6MDn6jvI2WPG2w w86XA9Ia6zquksFtR5r0aErwZLEfDVxGkqhgWtWF453+g+4wkWtEbweADVmhwcbFMwmn SD/LsqvvLZdZQpVVBX/N/kSplrKirdbSHXlbdisQQQBoGQV81GnJKiiU+ijmfzl/GahL J+dP/AM6JbH7WRIAWHnnbq8cFgR+ibIqocWO5F3mfehzv1vxIQ9HvGmsQhIsQHSiEKTi +oWF1vf24K1MsMuUZsSHmyNyuF2wNOHrFOQdYF3AjitEh85qtBD5AYVWNukCziwlwyx8 PyQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224836; x=1744829636; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FznqwKTb5apAKN7+PdryvYkHD8cDOK5T7aoHaw7NUu0=; b=G7G6HymczU8PpHjZi126YZXCtHTKiJlfc3wEcE5cLqR7RJzY+oFX5J0Jf1mcuSAxSC OMNvuf2l9FbsVGJx8rtUG5rZ0Lp/M2UBEL1eU7VBk4tTIG6vTTjF5J+JT2xx8TnScDE6 uvU6gQJXL3KCbR8qzCpYsBLVcKAbC9bamXBZs9ifao4dIGkh85JrNXowiG8mkVlqo9TH GaF5SqV23e5Jzc4TvFwlqMMS7aAtDcuuRj64uSW/yAsj8ECGjIDcRUMhNOcHdWhDhil+ YiDKxb3DUx6oH71F3ilofk8FzSmiIWa8ePylxvkeokEP4PW0DhamTVgxHign1DV34N5g mfMA== X-Forwarded-Encrypted: i=1; AJvYcCVJ8x1BG0ZiW1ysH0CKrYjvmIlKgokXU56lGGeIWaPevzo1hWumooo+8PWwpDanQ8zXJiBlnaF+C571RGlirFs=@vger.kernel.org X-Gm-Message-State: AOJu0YxVePH23xd8RlkO7QlwriIDw6wRgbFtXUhAC7cRL1ifm7q3zJoN D8UABfHSE7uErDvwO4wq9btu3E05XVmzDmy2TKz2Rc3y3VCfN13y9ttjQyl/eg== X-Gm-Gg: ASbGncsZuLyT69DC9ocIP0v5zro/DgjKqrrtDGe3TKMeKvV+JLjFVC9gn2w1fy+cjkj i2qr0+0rZhPJnAzMmwWWP1D1ZSavT8FpkEDvf7A0wXOw89RxwgDaXYqdjS7Lg8xccoRSkFaRI+s WEU6MTpNqUoVVXbJvoohzR65gg4yMy8CT5426SjCX6msYW9JtvAthUO2R/zpnxV0GQ4Vo7TRwLw hv7lN5TFQEuriuXepHMyjV7GKz3fOwoyiDb21R8b2m8bQt4UfouxmwtwIEqSK8hi6c9KErs8//V +RmttOLqAR3tf79aBP9Eqwq7EgHr6cIWguJ52lubPAdtsyrr2NEjCTdqW0npXp3vyQacEF2a/L8 YatT7jqbQfA== X-Google-Smtp-Source: AGHT+IFcpDIpn9yzoagNWWHWb0KRZQDu1+LHtagATeLv2Xto1aKeAbvvTuZ3Ieu6WEHXP5eExSlB2Q== X-Received: by 2002:a0c:da0b:0:b0:6e1:715f:cdf5 with SMTP id 6a1803df08f44-6f0e4cd95d2mr9685806d6.15.1744224835695; Wed, 09 Apr 2025 11:53:55 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id 6a1803df08f44-6f0de95fdd1sm10572126d6.18.2025.04.09.11.53.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:55 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 28/29] lsm: add a LSM_STARTED_ALL notification event Date: Wed, 9 Apr 2025 14:50:13 -0400 Message-ID: <20250409185019.238841-59-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=974; i=paul@paul-moore.com; h=from:subject; bh=EOhKFjWPk2W+JME5T82mhmndtBkKJ4lU4BvvjUFikbE=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sIVMDPtmaBS3eTRatijsag/DCisyb4Lmzoy2 Rs47FQHppuJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bCFQAKCRDqIPLalzeJ c/RFD/4o3uzOvFwpzkMnP8y/Ozb/Np5gbUiHvWCt3vtNSOHqvzf0kuvVf7K5dmKldtN9VG7Fezu fWYpsoGhZq1z49oePGfOIAM4XWj0xIayB/J7ufugfCI31/BQHMPk34mgdIpFiRlFjMTJD1KFpWg ZYWf+18CAuYoS9wIZmHMJlsCWtYzYOXy/ahoakG3nmIJ4Z+GmMq+ofY3qFV4zo2Eo6v+61VGyNZ Uq6hHMbSW2PfT0Is3JBP2lOhMOmnFKkhRKKCwDoLihPwYTIQdtu+qaK7y8LC7ucVTU0cAXT6RGL eFpYPjQJaKBmUvbBLfxv5Tc42Uv7cWQ+q1qfZo5bHyN48RutQHFZVbvJ1D7JWF0vsgj114lQaeZ m7Mu4Gms3TrcFwXePRReawxy9shpXmPvBOZQxu1ZRpfm9M+jkSy6x4QzBNaWT5LogVX85zm3m8A 7ibswbi2ktT2WSqTN3qF9mYhOoMAKnaEGmvyWG/7hPZTAHtTZx9SMnExdo1qacaqvgfKszoEnqK IGORQ4NgoeRN3eDQ//A1nhOVv5t2+yBkmRYY36PlyByhrLMSyspPDATpYz+WAEnV70rUObVJ8Xe BYGN0lmKkTl2Eketjbl9HRhYZkElCMGP+VjXuLOBTTDLVDMDDP4fF1NBNSYKygjirwv9SRmxVEc osl1Vp92YTaoFUg== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Add a new LSM notifier event, LSM_STARTED_ALL, which is fired once at boot when all of the LSMs have been started. Signed-off-by: Paul Moore Reviewed-by: Kees Cook --- include/linux/security.h | 1 + security/lsm_init.c | 1 + 2 files changed, 2 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 8aac21787a9f..a0ff4fc69375 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -85,6 +85,7 @@ struct timezone; enum lsm_event { LSM_POLICY_CHANGE, + LSM_STARTED_ALL, }; struct dm_verity_digest { diff --git a/security/lsm_init.c b/security/lsm_init.c index c0881407ca3f..cad6d243a2a6 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -553,6 +553,7 @@ static int __init security_initcall_late(void) rc = lsm_initcall(late); lsm_pr_dbg("all enabled LSMs fully activated\n"); + call_blocking_lsm_notifier(LSM_STARTED_ALL, NULL); return rc; } From patchwork Wed Apr 9 18:50:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 14045300 Received: from mail-qk1-f174.google.com (mail-qk1-f174.google.com [209.85.222.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AEA1B27CB0D for ; Wed, 9 Apr 2025 18:53:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224840; cv=none; b=Tx1o01CaFQdUS74m+xic+dtSAOM0ij4DKapbE3bEyjsnUP/Y2ntxzeZr+XrIpfj6VeuKFXau+FAT++sM2tUvge4qGJ+IKCEgCfdt/ITrI2BF6OJAJt+c/Fh5neX/V/4Fh1n4JLo7527Byb/2StjB5JCYCzSQs0vS9LBK4eD19Lk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744224840; c=relaxed/simple; bh=sA9hFu6yxQ2fxu1Aay8jzwhRLhp2Y5W1l64str1QuyU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=juxzVeJ+R6oG46Ze7M89pRhe7yVFxsRUogefvnw3iUIJcuAeNp8b18N0LkGxfmL+rg9SaqUBshxLywjN2jvANEBi5zExiAwJWkrQg+R4HmSyonP30U0FpLi4Nw2K7uXbKMzuzwPkuPoBBdHdKoeMTo8EAo4TYcHjafQisSbL+b4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=bgyjikM+; arc=none smtp.client-ip=209.85.222.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="bgyjikM+" Received: by mail-qk1-f174.google.com with SMTP id af79cd13be357-7c5a88b34a6so943085a.3 for ; Wed, 09 Apr 2025 11:53:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1744224836; x=1744829636; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9KR59u0DidL2Cq6sqSkjIG2B+LoZiP5bmcIUOEIwRHY=; b=bgyjikM+OFLpE0YMQHFfu9QNy6oJeOBYGupE/r/53iq8Oeuc4Bzjk0A1cu/H2m5IrV 4qu43tGhzcRyV1xX0zBmg7QxsrUXyAy1rQ4j5P7PoK+chyH+gegLmjd7snziF1XhMVCq hGP/FZ4/B8SHFSs+0+LbUsqHeNooPekHJyjxI/Zw0NAhGLii7X+CtBurJ8iNESQWsG74 72O+XKc+UVEiTmlS4xHmUwozctVgygmS/OsQ8DKen5XmEPeWbHNxqqvnmgaIz3C5byph 9xcUbwn04MZGT1mrhHIn9FEXRvdyUdjwYB/szI1tIAX81h8rq7mX51UdIRwpyklRywl6 Dr3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744224836; x=1744829636; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9KR59u0DidL2Cq6sqSkjIG2B+LoZiP5bmcIUOEIwRHY=; b=JsvWUVtsLUhH90JU0vROfUeqlaokq+l7p09dpBC9LxYzO8iEmOZoqgAvsm16acD/WX w7GV+3jjslxaGiwxAPCtz0aLXlWQJUTphgVXR4LFqmgXO7gpZEz/Rh4JYNmdri3T+TaZ 6IRasMAhVqzOFlrXhmoFtVUW99T6XUJGCtPVecyfSfokk/CQJkIlO0McgWSPtw8m8sZf 8Z5Si3N0FYEbCQP/qUSVmvBO/hZwyCgUWxZNfrGjarkne8LNnwdWuC8OYkY1sNS7Jaca oujTX10lCKrKXlBKpDMoU2I9+HerneBaIBha3A+Suug8U28xC4kvShZvVtL+BEWUIu9b +XbA== X-Forwarded-Encrypted: i=1; AJvYcCWXSAs5HXyaCusznK2U+oduZtXW/kTiBSZ8lGZZB+LVWdBWyeRVyqUNR3woNBrfg7WpQrfZwRdCLjTozF0MZYs=@vger.kernel.org X-Gm-Message-State: AOJu0YwuoVXyUTzElUqcUTz6IuMrX7g7PHvVl7EJulITtKBNFRMRwPLj eCdjC2Aoeg9ULgapAPpCjuUmkh889cJdqm1jbWdAfLv/5jMr6GDVmh6NZA3niQ== X-Gm-Gg: ASbGncvx19lradye/ESPhPGXyiv5n/58FctQW+nqAGYPtDI93zWhhDkBQzb9HmIW0CA Z6cANpJ1bqAYrdEhB6q/ROVUjs5/VkPU41dE0BiZwJX3vu7RWGRYA+clBYUD5hqyfAGMyuLCLH9 s8eywWfAuO9eONEgAHfqCUo6+7kN4baPRW5R+D4gCBAjrvV9bbVRMaWFZWz6rK1HHcSSqfD/80r hNonOxgoUIjOxSxOFxcyLrCoNdgT8IxiAm6+//DrT9x2BKCLL4D2cSUto4tdoQHvzyYOI8peuan Lejg5ocHxHMjVPIGZKY59VBF3voZgIScozDTsmM08UQz8XgJCXKx04sUThfbcHwHK7IJ4VaXZj0 j7EPVRe2HXg== X-Google-Smtp-Source: AGHT+IEmXwh8PMSvwNhNQdoQ5rDpIlhn0mK3qwkmY7f14ZzwIUqabp/1BQUBWzRJalPwMdRa9xnctA== X-Received: by 2002:a05:620a:19a7:b0:7c5:5d4b:e63c with SMTP id af79cd13be357-7c79dea5a60mr531660085a.47.1744224836571; Wed, 09 Apr 2025 11:53:56 -0700 (PDT) Received: from localhost (pool-71-126-255-178.bstnma.fios.verizon.net. [71.126.255.178]) by smtp.gmail.com with UTF8SMTPSA id af79cd13be357-7c7a11e69edsm105421785a.91.2025.04.09.11.53.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Apr 2025 11:53:56 -0700 (PDT) From: Paul Moore To: linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org Cc: John Johansen , Mimi Zohar , Roberto Sassu , Fan Wu , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , =?utf-8?q?G=C3=BCnt?= =?utf-8?q?her_Noack?= , Kees Cook , Micah Morton , Casey Schaufler , Tetsuo Handa Subject: [RFC PATCH 29/29] lsm: add support for counting lsm_prop support among LSMs Date: Wed, 9 Apr 2025 14:50:14 -0400 Message-ID: <20250409185019.238841-60-paul@paul-moore.com> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250409185019.238841-31-paul@paul-moore.com> References: <20250409185019.238841-31-paul@paul-moore.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=9758; i=paul@paul-moore.com; h=from:subject; bh=sA9hFu6yxQ2fxu1Aay8jzwhRLhp2Y5W1l64str1QuyU=; b=owEBbQKS/ZANAwAIAeog8tqXN4lzAcsmYgBn9sIcbMe8gohBFeR3748PsPRVkHOc/35km4sRr I+9MXZ3tJKJAjMEAAEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCZ/bCHAAKCRDqIPLalzeJ c4/uD/48/3OekZ3eSzC6s+GQ38Lz8gFwBEBQXwZfWDx4Z1h9kquTi1sintb3X0IFq1CfzBBqFA6 y6eseRq9oGNJonBBx00VC2bzZZuRFX7Rg10xgqa8e0uJHZkkfkbhrfqdOyBJ8lp22q6SGlgPqAc XPs/4Xs06gaAr7X4exV5MlPZpCcF8s9Clut0U7AnKlvto8kveg7GqZGwzIuFS6PKbVR5sYcZeDM T1UCg2UFX9D2+3uE2Jw5oYiJzDZn2xADu/qUjM1PX1+qLR+uBAT78IrcQtPOTWAzOZRvwuASHXI rzTBhjBnAxsNVDbDRXjLLZdeB80DNvgPfzqR0Yat8NsV4XJw5RR8Adl2Eh0iFM8u01HM6peWT+3 PXp96C3U8l1CJ1QjSbKdm457X7WRLuG+eUi+TNjB2rMaqLx7m9zitKws6JlPEowEHfjeLyPsfx1 TNFGHId3NEb0RVu0Q3/M7W+D5mbht/dyssffxWW0cloE1QGx5YSe/Eu/theLopGUSjDpN6SXeGd 6JAFzEuI6HMP5j7AUaEuCZlcKlRuAkcyk1yGjOktAje7rDWt83sJaonWtxbDa0VznMe4LjqTU52 2bq33T5mdM9+u4ivtA194VQYHulJvdLbgDn1edrR1fA+ZVfOYk9wcgwVLhRleuX2Yri/H19wySv hd0P0WTYrfaDJEw== X-Developer-Key: i=paul@paul-moore.com; a=openpgp; fpr=7100AADFAE6E6E940D2E0AD655E45A5AE8CA7C8A Add two new variables, lsm_count_prop_subj and lsm_count_prop_obj, to count the number of lsm_prop entries for subjects and objects across all of the enabled LSMs. Future patches will use this to continue the conversion towards the lsm_prop struct. Signed-off-by: Paul Moore --- include/linux/lsm_hooks.h | 6 ++++++ security/apparmor/lsm.c | 1 + security/bpf/hooks.c | 1 + security/commoncap.c | 1 + security/integrity/evm/evm_main.c | 1 + security/integrity/ima/ima_main.c | 1 + security/ipe/ipe.c | 1 + security/landlock/setup.c | 1 + security/loadpin/loadpin.c | 1 + security/lockdown/lockdown.c | 1 + security/lsm.h | 4 ++++ security/lsm_init.c | 6 ++++++ security/safesetid/lsm.c | 1 + security/security.c | 3 +++ security/selinux/hooks.c | 1 + security/smack/smack_lsm.c | 1 + security/tomoyo/tomoyo.c | 1 + security/yama/yama_lsm.c | 1 + 18 files changed, 33 insertions(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0d2c2a017ffc..5bc144c5f685 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -71,16 +71,22 @@ struct lsm_static_calls_table { #undef LSM_HOOK } __packed __randomize_layout; +#define LSM_ID_FLG_NONE 0x00000000 +#define LSM_ID_FLG_PROP_SUBJ 0x00000001 +#define LSM_ID_FLG_PROP_OBJ 0x00000002 + /** * struct lsm_id - Identify a Linux Security Module. * @lsm: name of the LSM, must be approved by the LSM maintainers * @id: LSM ID number from uapi/linux/lsm.h + * @flags: LSM flags, see LSM_ID_FLG_XXX * * Contains the information that identifies the LSM. */ struct lsm_id { const char *name; u64 id; + u32 flags; }; /* diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 2fefaab6349f..db8592bed189 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1428,6 +1428,7 @@ struct lsm_blob_sizes apparmor_blob_sizes __ro_after_init = { static const struct lsm_id apparmor_lsmid = { .name = "apparmor", .id = LSM_ID_APPARMOR, + .flags = LSM_ID_FLG_PROP_SUBJ, }; static struct security_hook_list apparmor_hooks[] __ro_after_init = { diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index 40efde233f3a..c72df6ff69f7 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -18,6 +18,7 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { static const struct lsm_id bpf_lsmid = { .name = "bpf", .id = LSM_ID_BPF, + .flags = LSM_ID_FLG_PROP_SUBJ | LSM_ID_FLG_PROP_OBJ, }; static int __init bpf_lsm_init(void) diff --git a/security/commoncap.c b/security/commoncap.c index e04aa4f50eaf..fab692104c87 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -1479,6 +1479,7 @@ int cap_mmap_addr(unsigned long addr) static const struct lsm_id capability_lsmid = { .name = "capability", .id = LSM_ID_CAPABILITY, + .flags = LSM_ID_FLG_NONE, }; static struct security_hook_list capability_hooks[] __ro_after_init = { diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 770d0411da2b..b3a3324f48b1 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -1162,6 +1162,7 @@ static struct security_hook_list evm_hooks[] __ro_after_init = { static const struct lsm_id evm_lsmid = { .name = "evm", .id = LSM_ID_EVM, + .flags = LSM_ID_FLG_NONE, }; static int __init init_evm_lsm(void) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 1687badafb48..d98e7815175b 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -1237,6 +1237,7 @@ static struct security_hook_list ima_hooks[] __ro_after_init = { static const struct lsm_id ima_lsmid = { .name = "ima", .id = LSM_ID_IMA, + .flags = LSM_ID_FLG_NONE, }; static int __init init_ima_lsm(void) diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c index 71644748ed56..7d9cdbc3d23a 100644 --- a/security/ipe/ipe.c +++ b/security/ipe/ipe.c @@ -24,6 +24,7 @@ static struct lsm_blob_sizes ipe_blobs __ro_after_init = { static const struct lsm_id ipe_lsmid = { .name = "ipe", .id = LSM_ID_IPE, + .flags = LSM_ID_FLG_NONE, }; struct ipe_superblock *ipe_sb(const struct super_block *sb) diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 47dac1736f10..5c8d5693c4c7 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -25,6 +25,7 @@ bool landlock_initialized __ro_after_init = false; const struct lsm_id landlock_lsmid = { .name = LANDLOCK_NAME, .id = LSM_ID_LANDLOCK, + .flags = LSM_ID_FLG_NONE, }; struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = { diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index 273ffbd6defe..05a842c36fd8 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -211,6 +211,7 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) static const struct lsm_id loadpin_lsmid = { .name = "loadpin", .id = LSM_ID_LOADPIN, + .flags = LSM_ID_FLG_NONE, }; static struct security_hook_list loadpin_hooks[] __ro_after_init = { diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 8d46886d2cca..a2396b67bfe4 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -79,6 +79,7 @@ static struct security_hook_list lockdown_hooks[] __ro_after_init = { static const struct lsm_id lockdown_lsmid = { .name = "lockdown", .id = LSM_ID_LOCKDOWN, + .flags = LSM_ID_FLG_NONE, }; static int __init lockdown_lsm_init(void) diff --git a/security/lsm.h b/security/lsm.h index c432dc0c5e30..d1d54540da98 100644 --- a/security/lsm.h +++ b/security/lsm.h @@ -24,6 +24,10 @@ extern bool lsm_debug; extern unsigned int lsm_count; extern const struct lsm_id *lsm_idlist[]; +/* LSM property configuration */ +extern unsigned int lsm_count_prop_subj; +extern unsigned int lsm_count_prop_obj; + /* LSM blob configuration */ extern struct lsm_blob_sizes blob_sizes; diff --git a/security/lsm_init.c b/security/lsm_init.c index cad6d243a2a6..c2ef4db055db 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -6,6 +6,7 @@ #define pr_fmt(fmt) "LSM: " fmt #include +#include #include #include "lsm.h" @@ -189,6 +190,11 @@ static void __init lsm_order_append(struct lsm_info *lsm, const char *src) lsm_order[lsm_count] = lsm; lsm_idlist[lsm_count++] = lsm->id; + if (lsm->id->flags & LSM_ID_FLG_PROP_SUBJ) + lsm_count_prop_subj++; + if (lsm->id->flags & LSM_ID_FLG_PROP_OBJ) + lsm_count_prop_obj++; + lsm_pr_dbg("enabling LSM %s:%s\n", src, lsm->id->name); } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index d5fb949050dd..ac25674376fe 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -265,6 +265,7 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old static const struct lsm_id safesetid_lsmid = { .name = "safesetid", .id = LSM_ID_SAFESETID, + .flags = LSM_ID_FLG_NONE, }; static struct security_hook_list safesetid_security_hooks[] = { diff --git a/security/security.c b/security/security.c index cbd544d71093..2b9dde02f4de 100644 --- a/security/security.c +++ b/security/security.c @@ -78,6 +78,9 @@ bool lsm_debug __ro_after_init; unsigned int lsm_count __ro_after_init; const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; +unsigned int lsm_count_prop_subj __ro_after_init; +unsigned int lsm_count_prop_obj __ro_after_init; + struct lsm_blob_sizes blob_sizes; struct kmem_cache *lsm_file_cache; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 95b2399b1f4d..1dc4b3987af4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7200,6 +7200,7 @@ static int selinux_uring_allowed(void) static const struct lsm_id selinux_lsmid = { .name = "selinux", .id = LSM_ID_SELINUX, + .flags = LSM_ID_FLG_PROP_SUBJ | LSM_ID_FLG_PROP_OBJ, }; /* diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 80b129a0c92c..d04667a42f91 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -5042,6 +5042,7 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = { static const struct lsm_id smack_lsmid = { .name = "smack", .id = LSM_ID_SMACK, + .flags = LSM_ID_FLG_PROP_SUBJ | LSM_ID_FLG_PROP_OBJ, }; static struct security_hook_list smack_hooks[] __ro_after_init = { diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index a015cf0c4a00..0a030cbdf424 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -547,6 +547,7 @@ static void tomoyo_task_free(struct task_struct *task) static const struct lsm_id tomoyo_lsmid = { .name = "tomoyo", .id = LSM_ID_TOMOYO, + .flags = LSM_ID_FLG_NONE, }; /* tomoyo_hooks is used for registering TOMOYO. */ diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 38b21ee0c560..e4a6cf663177 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -419,6 +419,7 @@ static int yama_ptrace_traceme(struct task_struct *parent) static const struct lsm_id yama_lsmid = { .name = "yama", .id = LSM_ID_YAMA, + .flags = LSM_ID_FLG_NONE, }; static struct security_hook_list yama_hooks[] __ro_after_init = {