From: Casey Schaufler <casey@schaufler-ca.com> To: casey.schaufler@intel.com, linux-audit@redhat.com Subject: [PATCH v15 10/23] LSM: Use lsmblob in security_inode_getsecid Date: Fri, 21 Feb 2020 16:04:01 -0800 [thread overview] Message-ID: <20200222000407.110158-8-casey@schaufler-ca.com> (raw) In-Reply-To: <20200222000407.110158-1-casey@schaufler-ca.com> Change the security_inode_getsecid() interface to fill in a lsmblob structure instead of a u32 secid. This allows for its callers to gather data from all registered LSMs. Data is provided for IMA and audit. Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> cc: linux-integrity@vger.kernel.org --- include/linux/security.h | 7 ++++--- kernel/auditsc.c | 6 +++++- security/integrity/ima/ima_policy.c | 4 +--- security/security.c | 11 +++++++++-- 4 files changed, 19 insertions(+), 9 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index b5ffb2286bcf..62e095c34bcf 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -411,7 +411,7 @@ int security_inode_killpriv(struct dentry *dentry); int security_inode_getsecurity(struct inode *inode, const char *name, void **buffer, bool alloc); int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); -void security_inode_getsecid(struct inode *inode, u32 *secid); +void security_inode_getsecid(struct inode *inode, struct lsmblob *blob); int security_inode_copy_up(struct dentry *src, struct cred **new); int security_inode_copy_up_xattr(const char *name); int security_kernfs_init_security(struct kernfs_node *kn_dir, @@ -926,9 +926,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer, return 0; } -static inline void security_inode_getsecid(struct inode *inode, u32 *secid) +static inline void security_inode_getsecid(struct inode *inode, + struct lsmblob *blob) { - *secid = 0; + lsmblob_init(blob, 0); } static inline int security_inode_copy_up(struct dentry *src, struct cred **new) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 3e5ccb7a46d1..b55e66c2451d 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1931,13 +1931,17 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { + struct lsmblob blob; + name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getsecid(inode, &name->osid); + security_inode_getsecid(inode, &blob); + /* scaffolding until osid is updated */ + name->osid = blob.secid[0]; if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index ad48b7b60cff..5c3270050dd8 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -475,7 +475,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; - u32 osid; struct lsmblob blob; if (!ima_lsm_isset(rule->lsm[i].rules)) { @@ -488,8 +487,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - security_inode_getsecid(inode, &osid); - lsmblob_init(&blob, osid); + security_inode_getsecid(inode, &blob); rc = security_filter_rule_match(&blob, rule->lsm[i].type, Audit_equal, diff --git a/security/security.c b/security/security.c index 85cdd24abcd6..116800662a0f 100644 --- a/security/security.c +++ b/security/security.c @@ -1418,9 +1418,16 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer } EXPORT_SYMBOL(security_inode_listsecurity); -void security_inode_getsecid(struct inode *inode, u32 *secid) +void security_inode_getsecid(struct inode *inode, struct lsmblob *blob) { - call_void_hook(inode_getsecid, inode, secid); + struct security_hook_list *hp; + + lsmblob_init(blob, 0); + hlist_for_each_entry(hp, &security_hook_heads.inode_getsecid, list) { + if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot)) + continue; + hp->hook.inode_getsecid(inode, &blob->secid[hp->lsmid->slot]); + } } int security_inode_copy_up(struct dentry *src, struct cred **new) -- 2.24.1
WARNING: multiple messages have this Message-ID (diff)
From: Casey Schaufler <casey@schaufler-ca.com> To: casey.schaufler@intel.com, linux-audit@redhat.com Subject: [PATCH v15 10/23] LSM: Use lsmblob in security_inode_getsecid Date: Fri, 21 Feb 2020 16:04:01 -0800 [thread overview] Message-ID: <20200222000407.110158-8-casey@schaufler-ca.com> (raw) Message-ID: <20200222000401.JFYmeV6sNwUBHfFKo0mYgvOqDaXPXSVVKsQ3NK7wI6Y@z> (raw) In-Reply-To: <20200222000407.110158-1-casey@schaufler-ca.com> Change the security_inode_getsecid() interface to fill in a lsmblob structure instead of a u32 secid. This allows for its callers to gather data from all registered LSMs. Data is provided for IMA and audit. Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> cc: linux-integrity@vger.kernel.org --- include/linux/security.h | 7 ++++--- kernel/auditsc.c | 6 +++++- security/integrity/ima/ima_policy.c | 4 +--- security/security.c | 11 +++++++++-- 4 files changed, 19 insertions(+), 9 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index b5ffb2286bcf..62e095c34bcf 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -411,7 +411,7 @@ int security_inode_killpriv(struct dentry *dentry); int security_inode_getsecurity(struct inode *inode, const char *name, void **buffer, bool alloc); int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); -void security_inode_getsecid(struct inode *inode, u32 *secid); +void security_inode_getsecid(struct inode *inode, struct lsmblob *blob); int security_inode_copy_up(struct dentry *src, struct cred **new); int security_inode_copy_up_xattr(const char *name); int security_kernfs_init_security(struct kernfs_node *kn_dir, @@ -926,9 +926,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer, return 0; } -static inline void security_inode_getsecid(struct inode *inode, u32 *secid) +static inline void security_inode_getsecid(struct inode *inode, + struct lsmblob *blob) { - *secid = 0; + lsmblob_init(blob, 0); } static inline int security_inode_copy_up(struct dentry *src, struct cred **new) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 3e5ccb7a46d1..b55e66c2451d 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1931,13 +1931,17 @@ static void audit_copy_inode(struct audit_names *name, const struct dentry *dentry, struct inode *inode, unsigned int flags) { + struct lsmblob blob; + name->ino = inode->i_ino; name->dev = inode->i_sb->s_dev; name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; name->rdev = inode->i_rdev; - security_inode_getsecid(inode, &name->osid); + security_inode_getsecid(inode, &blob); + /* scaffolding until osid is updated */ + name->osid = blob.secid[0]; if (flags & AUDIT_INODE_NOEVAL) { name->fcap_ver = -1; return; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index ad48b7b60cff..5c3270050dd8 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -475,7 +475,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; - u32 osid; struct lsmblob blob; if (!ima_lsm_isset(rule->lsm[i].rules)) { @@ -488,8 +487,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_OBJ_USER: case LSM_OBJ_ROLE: case LSM_OBJ_TYPE: - security_inode_getsecid(inode, &osid); - lsmblob_init(&blob, osid); + security_inode_getsecid(inode, &blob); rc = security_filter_rule_match(&blob, rule->lsm[i].type, Audit_equal, diff --git a/security/security.c b/security/security.c index 85cdd24abcd6..116800662a0f 100644 --- a/security/security.c +++ b/security/security.c @@ -1418,9 +1418,16 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer } EXPORT_SYMBOL(security_inode_listsecurity); -void security_inode_getsecid(struct inode *inode, u32 *secid) +void security_inode_getsecid(struct inode *inode, struct lsmblob *blob) { - call_void_hook(inode_getsecid, inode, secid); + struct security_hook_list *hp; + + lsmblob_init(blob, 0); + hlist_for_each_entry(hp, &security_hook_heads.inode_getsecid, list) { + if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot)) + continue; + hp->hook.inode_getsecid(inode, &blob->secid[hp->lsmid->slot]); + } } int security_inode_copy_up(struct dentry *src, struct cred **new) -- 2.24.1 -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
next prev parent reply other threads:[~2020-02-22 0:05 UTC|newest] Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top [not found] <20200222000407.110158-1-casey.ref@schaufler-ca.com> 2020-02-22 0:03 ` [PATCH v15 00/23] LSM: Module stacking for AppArmor Casey Schaufler 2020-02-22 0:03 ` Casey Schaufler 2020-02-22 0:03 ` [PATCH v15 01/23] LSM: Infrastructure management of the sock security Casey Schaufler 2020-02-22 0:03 ` Casey Schaufler 2020-02-22 0:03 ` [PATCH v15 02/23] LSM: Create and manage the lsmblob data structure Casey Schaufler 2020-02-22 0:03 ` Casey Schaufler 2020-03-06 20:55 ` Paul Moore 2020-02-22 0:03 ` [PATCH v15 03/23] LSM: Use lsmblob in security_audit_rule_match Casey Schaufler 2020-02-22 0:03 ` Casey Schaufler 2020-03-06 22:01 ` Paul Moore 2020-03-09 23:58 ` Casey Schaufler 2020-03-10 0:55 ` Paul Moore 2020-02-22 0:03 ` [PATCH v15 07/23] LSM: Use lsmblob in security_secid_to_secctx Casey Schaufler 2020-02-22 0:03 ` Casey Schaufler 2020-03-07 1:17 ` Paul Moore 2020-02-22 0:03 ` [PATCH v15 08/23] LSM: Use lsmblob in security_ipc_getsecid Casey Schaufler 2020-02-22 0:03 ` Casey Schaufler 2020-03-07 1:21 ` Paul Moore 2020-02-22 0:04 ` [PATCH v15 09/23] LSM: Use lsmblob in security_task_getsecid Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler [this message] 2020-02-22 0:04 ` [PATCH v15 10/23] LSM: Use lsmblob in security_inode_getsecid Casey Schaufler 2020-02-22 0:04 ` [PATCH v15 11/23] LSM: Use lsmblob in security_cred_getsecid Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-03-07 1:36 ` Paul Moore 2020-02-22 0:04 ` [PATCH v15 12/23] IMA: Change internal interfaces to use lsmblobs Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-02-22 0:04 ` [PATCH v15 14/23] LSM: Ensure the correct LSM context releaser Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-02-22 0:04 ` [PATCH v15 15/23] LSM: Use lsmcontext in security_secid_to_secctx Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-03-07 2:01 ` Paul Moore 2020-02-22 0:04 ` [PATCH v15 20/23] Audit: Add subj_LSM fields when necessary Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-03-07 2:18 ` Paul Moore 2020-03-07 2:24 ` Paul Moore 2020-03-10 1:25 ` Casey Schaufler 2020-03-10 21:46 ` Paul Moore 2020-02-22 0:04 ` [PATCH v15 21/23] Audit: Include object data for all security modules Casey Schaufler 2020-02-22 0:04 ` Casey Schaufler 2020-03-07 2:31 ` Paul Moore 2020-03-09 17:45 ` Casey Schaufler 2020-03-09 17:59 ` Paul Moore 2020-03-09 23:01 ` Casey Schaufler 2020-03-10 21:42 ` Paul Moore 2020-02-27 17:29 ` [PATCH v15 00/23] LSM: Module stacking for AppArmor Casey Schaufler 2020-03-03 17:22 ` Casey Schaufler 2020-03-03 17:54 ` Paul Moore 2020-03-03 17:58 ` Casey Schaufler 2020-03-06 17:14 ` Steve Grubb 2020-03-09 17:15 ` Casey Schaufler 2020-02-14 23:41 Casey Schaufler 2020-02-14 23:41 ` [PATCH v15 10/23] LSM: Use lsmblob in security_inode_getsecid Casey Schaufler
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200222000407.110158-8-casey@schaufler-ca.com \ --to=casey@schaufler-ca.com \ --cc=casey.schaufler@intel.com \ --cc=linux-audit@redhat.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.