* Re: [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes
@ 2021-03-10 21:13 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2021-03-10 21:13 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 5769 bytes --]
CC: kbuild-all(a)lists.01.org
In-Reply-To: <20210309144243.12519-24-casey@schaufler-ca.com>
References: <20210309144243.12519-24-casey@schaufler-ca.com>
TO: Casey Schaufler <casey@schaufler-ca.com>
TO: casey.schaufler(a)intel.com
TO: jmorris(a)namei.org
TO: linux-security-module(a)vger.kernel.org
TO: selinux(a)vger.kernel.org
CC: casey(a)schaufler-ca.com
CC: linux-audit(a)redhat.com
CC: keescook(a)chromium.org
CC: john.johansen(a)canonical.com
CC: penguin-kernel(a)i-love.sakura.ne.jp
CC: paul(a)paul-moore.com
Hi Casey,
I love your patch! Perhaps something to improve:
[auto build test WARNING on nf/master]
[also build test WARNING on linus/master v5.12-rc2]
[cannot apply to pcmoore-audit/next nf-next/master security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Casey-Schaufler/LSM-Infrastructure-management-of-the-sock-security/20210309-234224
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
:::::: branch date: 30 hours ago
:::::: commit date: 30 hours ago
config: x86_64-randconfig-m001-20210308 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
kernel/audit.c:2197 audit_log_object_context() warn: we never enter this loop
Old smatch warnings:
include/linux/security.h:199 lsmblob_init() warn: we never enter this loop
vim +2197 kernel/audit.c
b24a30a7305418 Eric Paris 2013-04-30 2173
853cbd89b58a60 Casey Schaufler 2021-03-09 2174 int audit_log_object_context(struct audit_buffer *ab,
853cbd89b58a60 Casey Schaufler 2021-03-09 2175 struct lsmblob *blob)
853cbd89b58a60 Casey Schaufler 2021-03-09 2176 {
853cbd89b58a60 Casey Schaufler 2021-03-09 2177 int i;
853cbd89b58a60 Casey Schaufler 2021-03-09 2178 int error;
853cbd89b58a60 Casey Schaufler 2021-03-09 2179 bool sep = false;
853cbd89b58a60 Casey Schaufler 2021-03-09 2180 struct lsmcontext lsmdata;
853cbd89b58a60 Casey Schaufler 2021-03-09 2181 struct audit_buffer *lsmab = NULL;
853cbd89b58a60 Casey Schaufler 2021-03-09 2182 struct audit_context *context = NULL;
853cbd89b58a60 Casey Schaufler 2021-03-09 2183
853cbd89b58a60 Casey Schaufler 2021-03-09 2184 /*
853cbd89b58a60 Casey Schaufler 2021-03-09 2185 * If there is more than one security module that has a
853cbd89b58a60 Casey Schaufler 2021-03-09 2186 * object "context" it's necessary to put the object data
853cbd89b58a60 Casey Schaufler 2021-03-09 2187 * into a separate record to maintain compatibility.
853cbd89b58a60 Casey Schaufler 2021-03-09 2188 */
853cbd89b58a60 Casey Schaufler 2021-03-09 2189 if (lsm_multiple_contexts()) {
853cbd89b58a60 Casey Schaufler 2021-03-09 2190 audit_log_format(ab, " obj=?");
853cbd89b58a60 Casey Schaufler 2021-03-09 2191 context = ab->ctx;
853cbd89b58a60 Casey Schaufler 2021-03-09 2192 if (context)
853cbd89b58a60 Casey Schaufler 2021-03-09 2193 lsmab = audit_log_start(context, GFP_KERNEL,
853cbd89b58a60 Casey Schaufler 2021-03-09 2194 AUDIT_MAC_OBJ_CONTEXTS);
853cbd89b58a60 Casey Schaufler 2021-03-09 2195 }
853cbd89b58a60 Casey Schaufler 2021-03-09 2196
853cbd89b58a60 Casey Schaufler 2021-03-09 @2197 for (i = 0; i < LSMBLOB_ENTRIES; i++) {
853cbd89b58a60 Casey Schaufler 2021-03-09 2198 if (blob->secid[i] == 0)
853cbd89b58a60 Casey Schaufler 2021-03-09 2199 continue;
853cbd89b58a60 Casey Schaufler 2021-03-09 2200 error = security_secid_to_secctx(blob, &lsmdata, i);
853cbd89b58a60 Casey Schaufler 2021-03-09 2201 if (error && error != -EINVAL) {
853cbd89b58a60 Casey Schaufler 2021-03-09 2202 audit_panic("error in audit_log_object_context");
853cbd89b58a60 Casey Schaufler 2021-03-09 2203 return error;
853cbd89b58a60 Casey Schaufler 2021-03-09 2204 }
853cbd89b58a60 Casey Schaufler 2021-03-09 2205
853cbd89b58a60 Casey Schaufler 2021-03-09 2206 if (context) {
853cbd89b58a60 Casey Schaufler 2021-03-09 2207 audit_log_format(lsmab, "%sobj_%s=%s",
853cbd89b58a60 Casey Schaufler 2021-03-09 2208 sep ? " " : "",
853cbd89b58a60 Casey Schaufler 2021-03-09 2209 lsm_slot_to_name(i),
853cbd89b58a60 Casey Schaufler 2021-03-09 2210 lsmdata.context);
853cbd89b58a60 Casey Schaufler 2021-03-09 2211 sep = true;
853cbd89b58a60 Casey Schaufler 2021-03-09 2212 } else
853cbd89b58a60 Casey Schaufler 2021-03-09 2213 audit_log_format(ab, " obj=%s", lsmdata.context);
853cbd89b58a60 Casey Schaufler 2021-03-09 2214
853cbd89b58a60 Casey Schaufler 2021-03-09 2215 security_release_secctx(&lsmdata);
853cbd89b58a60 Casey Schaufler 2021-03-09 2216 if (!context)
853cbd89b58a60 Casey Schaufler 2021-03-09 2217 break;
853cbd89b58a60 Casey Schaufler 2021-03-09 2218 }
853cbd89b58a60 Casey Schaufler 2021-03-09 2219
853cbd89b58a60 Casey Schaufler 2021-03-09 2220 if (context)
853cbd89b58a60 Casey Schaufler 2021-03-09 2221 audit_log_end(lsmab);
853cbd89b58a60 Casey Schaufler 2021-03-09 2222
853cbd89b58a60 Casey Schaufler 2021-03-09 2223 return 0;
853cbd89b58a60 Casey Schaufler 2021-03-09 2224 }
853cbd89b58a60 Casey Schaufler 2021-03-09 2225 EXPORT_SYMBOL(audit_log_object_context);
853cbd89b58a60 Casey Schaufler 2021-03-09 2226
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 31463 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes
2021-03-09 14:42 [PATCH v25 00/25] LSM: Module stacking for AppArmor Casey Schaufler
@ 2021-03-09 14:42 ` Casey Schaufler
0 siblings, 0 replies; 3+ messages in thread
From: Casey Schaufler @ 2021-03-09 14:42 UTC (permalink / raw)
To: casey.schaufler, jmorris, linux-security-module, selinux
Cc: casey, linux-audit, keescook, john.johansen, penguin-kernel,
paul, sds, linux-kernel
Create a new audit record type to contain the object information
when there are multiple security modules that may require such data.
This record is linked with the same timestamp and serial number.
An example of the MAC_OBJ_CONTEXTS (1421) record is:
type=UNKNOWN[1421]
msg=audit(1601152467.009:1050):
obj_selinux=unconfined_u:object_r:user_home_t:s0
Not all security modules that can provide object information
do so in all cases. It is possible that a security module won't
apply an object attribute in all cases.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-audit@redhat.com
To: Paul Moore <paul@paul-moore.com>
---
include/linux/audit.h | 7 ++++
include/uapi/linux/audit.h | 1 +
kernel/audit.c | 53 +++++++++++++++++++++++++++
kernel/audit.h | 4 +--
kernel/auditsc.c | 73 +++++++-------------------------------
5 files changed, 75 insertions(+), 63 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 229cd71fbf09..b92ad58bc97d 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -189,6 +189,8 @@ extern void audit_log_path_denied(int type,
extern void audit_log_lost(const char *message);
extern int audit_log_task_context(struct audit_buffer *ab);
+extern int audit_log_object_context(struct audit_buffer *ab,
+ struct lsmblob *blob);
extern void audit_log_task_info(struct audit_buffer *ab);
extern void audit_log_lsm(struct audit_context *context);
@@ -256,6 +258,11 @@ static inline int audit_log_task_context(struct audit_buffer *ab)
{
return 0;
}
+static inline int audit_log_object_context(struct audit_buffer *ab,
+ struct lsmblob *blob)
+{
+ return 0;
+}
static inline void audit_log_task_info(struct audit_buffer *ab)
{ }
static void audit_log_lsm(struct audit_context *context)
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 2a63720e56f6..dbb1dce16962 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -140,6 +140,7 @@
#define AUDIT_MAC_CALIPSO_ADD 1418 /* NetLabel: add CALIPSO DOI entry */
#define AUDIT_MAC_CALIPSO_DEL 1419 /* NetLabel: del CALIPSO DOI entry */
#define AUDIT_MAC_TASK_CONTEXTS 1420 /* Multiple LSM contexts */
+#define AUDIT_MAC_OBJ_CONTEXTS 1421 /* Multiple LSM object contexts */
#define AUDIT_FIRST_KERN_ANOM_MSG 1700
#define AUDIT_LAST_KERN_ANOM_MSG 1799
diff --git a/kernel/audit.c b/kernel/audit.c
index 5b29a350df78..88479459b6e0 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -2171,6 +2171,59 @@ int audit_log_task_context(struct audit_buffer *ab)
}
EXPORT_SYMBOL(audit_log_task_context);
+int audit_log_object_context(struct audit_buffer *ab,
+ struct lsmblob *blob)
+{
+ int i;
+ int error;
+ bool sep = false;
+ struct lsmcontext lsmdata;
+ struct audit_buffer *lsmab = NULL;
+ struct audit_context *context = NULL;
+
+ /*
+ * If there is more than one security module that has a
+ * object "context" it's necessary to put the object data
+ * into a separate record to maintain compatibility.
+ */
+ if (lsm_multiple_contexts()) {
+ audit_log_format(ab, " obj=?");
+ context = ab->ctx;
+ if (context)
+ lsmab = audit_log_start(context, GFP_KERNEL,
+ AUDIT_MAC_OBJ_CONTEXTS);
+ }
+
+ for (i = 0; i < LSMBLOB_ENTRIES; i++) {
+ if (blob->secid[i] == 0)
+ continue;
+ error = security_secid_to_secctx(blob, &lsmdata, i);
+ if (error && error != -EINVAL) {
+ audit_panic("error in audit_log_object_context");
+ return error;
+ }
+
+ if (context) {
+ audit_log_format(lsmab, "%sobj_%s=%s",
+ sep ? " " : "",
+ lsm_slot_to_name(i),
+ lsmdata.context);
+ sep = true;
+ } else
+ audit_log_format(ab, " obj=%s", lsmdata.context);
+
+ security_release_secctx(&lsmdata);
+ if (!context)
+ break;
+ }
+
+ if (context)
+ audit_log_end(lsmab);
+
+ return 0;
+}
+EXPORT_SYMBOL(audit_log_object_context);
+
void audit_log_d_path_exe(struct audit_buffer *ab,
struct mm_struct *mm)
{
diff --git a/kernel/audit.h b/kernel/audit.h
index 4f245c3dac0c..c65f40a1d308 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -78,7 +78,7 @@ struct audit_names {
kuid_t uid;
kgid_t gid;
dev_t rdev;
- u32 osid;
+ struct lsmblob oblob;
struct audit_cap_data fcap;
unsigned int fcap_ver;
unsigned char type; /* record type */
@@ -155,7 +155,7 @@ struct audit_context {
kuid_t uid;
kgid_t gid;
umode_t mode;
- u32 osid;
+ struct lsmblob oblob;
int has_perm;
uid_t perm_uid;
gid_t perm_gid;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 4d0f3fa0bcb0..4a74fc774ada 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -686,14 +686,6 @@ static int audit_filter_rules(struct task_struct *tsk,
if (f->lsm_isset) {
/* Find files that match */
if (name) {
- /*
- * lsmblob_init sets all values in the
- * lsmblob to sid. This is temporary
- * until name->osid is converted to a
- * lsmblob, which happens later in
- * this patch set.
- */
- lsmblob_init(&blob, name->osid);
result = security_audit_rule_match(
&blob,
f->type,
@@ -701,7 +693,6 @@ static int audit_filter_rules(struct task_struct *tsk,
f->lsm_rules);
} else if (ctx) {
list_for_each_entry(n, &ctx->names_list, list) {
- lsmblob_init(&blob, name->osid);
if (security_audit_rule_match(
&blob,
f->type,
@@ -715,8 +706,7 @@ static int audit_filter_rules(struct task_struct *tsk,
/* Find ipc objects that match */
if (!ctx || ctx->type != AUDIT_IPC)
break;
- lsmblob_init(&blob, ctx->ipc.osid);
- if (security_audit_rule_match(&blob,
+ if (security_audit_rule_match(&ctx->ipc.oblob,
f->type, f->op,
f->lsm_rules))
++result;
@@ -1028,7 +1018,6 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
struct lsmblob *blob, char *comm)
{
struct audit_buffer *ab;
- struct lsmcontext lsmctx;
int rc = 0;
ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID);
@@ -1038,15 +1027,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid,
from_kuid(&init_user_ns, auid),
from_kuid(&init_user_ns, uid), sessionid);
- if (lsmblob_is_set(blob)) {
- if (security_secid_to_secctx(blob, &lsmctx, LSMBLOB_FIRST)) {
- audit_log_format(ab, " obj=(none)");
- rc = 1;
- } else {
- audit_log_format(ab, " obj=%s", lsmctx.context);
- security_release_secctx(&lsmctx);
- }
- }
+ if (lsmblob_is_set(blob))
+ rc = audit_log_object_context(ab, blob);
audit_log_format(ab, " ocomm=");
audit_log_untrustedstring(ab, comm);
audit_log_end(ab);
@@ -1273,26 +1255,15 @@ static void show_special(struct audit_context *context, int *call_panic)
context->socketcall.args[i]);
break; }
case AUDIT_IPC: {
- u32 osid = context->ipc.osid;
+ struct lsmblob *oblob = &context->ipc.oblob;
audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho",
from_kuid(&init_user_ns, context->ipc.uid),
from_kgid(&init_user_ns, context->ipc.gid),
context->ipc.mode);
- if (osid) {
- struct lsmcontext lsmcxt;
- struct lsmblob blob;
-
- lsmblob_init(&blob, osid);
- if (security_secid_to_secctx(&blob, &lsmcxt,
- LSMBLOB_FIRST)) {
- audit_log_format(ab, " osid=%u", osid);
- *call_panic = 1;
- } else {
- audit_log_format(ab, " obj=%s", lsmcxt.context);
- security_release_secctx(&lsmcxt);
- }
- }
+ if (lsmblob_is_set(oblob) &&
+ audit_log_object_context(ab, oblob))
+ *call_panic = 1;
if (context->ipc.has_perm) {
audit_log_end(ab);
ab = audit_log_start(context, GFP_KERNEL,
@@ -1435,20 +1406,9 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n,
from_kgid(&init_user_ns, n->gid),
MAJOR(n->rdev),
MINOR(n->rdev));
- if (n->osid != 0) {
- struct lsmblob blob;
- struct lsmcontext lsmctx;
-
- lsmblob_init(&blob, n->osid);
- if (security_secid_to_secctx(&blob, &lsmctx, LSMBLOB_FIRST)) {
- audit_log_format(ab, " osid=%u", n->osid);
- if (call_panic)
- *call_panic = 2;
- } else {
- audit_log_format(ab, " obj=%s", lsmctx.context);
- security_release_secctx(&lsmctx);
- }
- }
+ if (lsmblob_is_set(&n->oblob) &&
+ audit_log_object_context(ab, &n->oblob) && call_panic)
+ *call_panic = 2;
/* log the audit_names record type */
switch (n->type) {
@@ -2038,17 +1998,13 @@ static void audit_copy_inode(struct audit_names *name,
const struct dentry *dentry,
struct inode *inode, unsigned int flags)
{
- struct lsmblob blob;
-
name->ino = inode->i_ino;
name->dev = inode->i_sb->s_dev;
name->mode = inode->i_mode;
name->uid = inode->i_uid;
name->gid = inode->i_gid;
name->rdev = inode->i_rdev;
- security_inode_getsecid(inode, &blob);
- /* scaffolding until osid is updated */
- name->osid = blob.secid[0];
+ security_inode_getsecid(inode, &name->oblob);
if (flags & AUDIT_INODE_NOEVAL) {
name->fcap_ver = -1;
return;
@@ -2394,16 +2350,11 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
{
struct audit_context *context = audit_context();
- struct lsmblob blob;
context->ipc.uid = ipcp->uid;
context->ipc.gid = ipcp->gid;
context->ipc.mode = ipcp->mode;
context->ipc.has_perm = 0;
- security_ipc_getsecid(ipcp, &blob);
- /* context->ipc.osid will be changed to a lsmblob later in
- * the patch series. This will allow auditing of all the object
- * labels associated with the ipc object. */
- context->ipc.osid = lsmblob_value(&blob);
+ security_ipc_getsecid(ipcp, &context->ipc.oblob);
context->type = AUDIT_IPC;
}
--
2.29.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes
@ 2021-03-09 14:42 ` Casey Schaufler
0 siblings, 0 replies; 3+ messages in thread
From: Casey Schaufler @ 2021-03-09 14:42 UTC (permalink / raw)
To: casey.schaufler, jmorris, linux-security-module, selinux
Cc: john.johansen, linux-kernel, linux-audit, sds
Create a new audit record type to contain the object information
when there are multiple security modules that may require such data.
This record is linked with the same timestamp and serial number.
An example of the MAC_OBJ_CONTEXTS (1421) record is:
type=UNKNOWN[1421]
msg=audit(1601152467.009:1050):
obj_selinux=unconfined_u:object_r:user_home_t:s0
Not all security modules that can provide object information
do so in all cases. It is possible that a security module won't
apply an object attribute in all cases.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-audit@redhat.com
To: Paul Moore <paul@paul-moore.com>
---
include/linux/audit.h | 7 ++++
include/uapi/linux/audit.h | 1 +
kernel/audit.c | 53 +++++++++++++++++++++++++++
kernel/audit.h | 4 +--
kernel/auditsc.c | 73 +++++++-------------------------------
5 files changed, 75 insertions(+), 63 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 229cd71fbf09..b92ad58bc97d 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -189,6 +189,8 @@ extern void audit_log_path_denied(int type,
extern void audit_log_lost(const char *message);
extern int audit_log_task_context(struct audit_buffer *ab);
+extern int audit_log_object_context(struct audit_buffer *ab,
+ struct lsmblob *blob);
extern void audit_log_task_info(struct audit_buffer *ab);
extern void audit_log_lsm(struct audit_context *context);
@@ -256,6 +258,11 @@ static inline int audit_log_task_context(struct audit_buffer *ab)
{
return 0;
}
+static inline int audit_log_object_context(struct audit_buffer *ab,
+ struct lsmblob *blob)
+{
+ return 0;
+}
static inline void audit_log_task_info(struct audit_buffer *ab)
{ }
static void audit_log_lsm(struct audit_context *context)
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 2a63720e56f6..dbb1dce16962 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -140,6 +140,7 @@
#define AUDIT_MAC_CALIPSO_ADD 1418 /* NetLabel: add CALIPSO DOI entry */
#define AUDIT_MAC_CALIPSO_DEL 1419 /* NetLabel: del CALIPSO DOI entry */
#define AUDIT_MAC_TASK_CONTEXTS 1420 /* Multiple LSM contexts */
+#define AUDIT_MAC_OBJ_CONTEXTS 1421 /* Multiple LSM object contexts */
#define AUDIT_FIRST_KERN_ANOM_MSG 1700
#define AUDIT_LAST_KERN_ANOM_MSG 1799
diff --git a/kernel/audit.c b/kernel/audit.c
index 5b29a350df78..88479459b6e0 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -2171,6 +2171,59 @@ int audit_log_task_context(struct audit_buffer *ab)
}
EXPORT_SYMBOL(audit_log_task_context);
+int audit_log_object_context(struct audit_buffer *ab,
+ struct lsmblob *blob)
+{
+ int i;
+ int error;
+ bool sep = false;
+ struct lsmcontext lsmdata;
+ struct audit_buffer *lsmab = NULL;
+ struct audit_context *context = NULL;
+
+ /*
+ * If there is more than one security module that has a
+ * object "context" it's necessary to put the object data
+ * into a separate record to maintain compatibility.
+ */
+ if (lsm_multiple_contexts()) {
+ audit_log_format(ab, " obj=?");
+ context = ab->ctx;
+ if (context)
+ lsmab = audit_log_start(context, GFP_KERNEL,
+ AUDIT_MAC_OBJ_CONTEXTS);
+ }
+
+ for (i = 0; i < LSMBLOB_ENTRIES; i++) {
+ if (blob->secid[i] == 0)
+ continue;
+ error = security_secid_to_secctx(blob, &lsmdata, i);
+ if (error && error != -EINVAL) {
+ audit_panic("error in audit_log_object_context");
+ return error;
+ }
+
+ if (context) {
+ audit_log_format(lsmab, "%sobj_%s=%s",
+ sep ? " " : "",
+ lsm_slot_to_name(i),
+ lsmdata.context);
+ sep = true;
+ } else
+ audit_log_format(ab, " obj=%s", lsmdata.context);
+
+ security_release_secctx(&lsmdata);
+ if (!context)
+ break;
+ }
+
+ if (context)
+ audit_log_end(lsmab);
+
+ return 0;
+}
+EXPORT_SYMBOL(audit_log_object_context);
+
void audit_log_d_path_exe(struct audit_buffer *ab,
struct mm_struct *mm)
{
diff --git a/kernel/audit.h b/kernel/audit.h
index 4f245c3dac0c..c65f40a1d308 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -78,7 +78,7 @@ struct audit_names {
kuid_t uid;
kgid_t gid;
dev_t rdev;
- u32 osid;
+ struct lsmblob oblob;
struct audit_cap_data fcap;
unsigned int fcap_ver;
unsigned char type; /* record type */
@@ -155,7 +155,7 @@ struct audit_context {
kuid_t uid;
kgid_t gid;
umode_t mode;
- u32 osid;
+ struct lsmblob oblob;
int has_perm;
uid_t perm_uid;
gid_t perm_gid;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 4d0f3fa0bcb0..4a74fc774ada 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -686,14 +686,6 @@ static int audit_filter_rules(struct task_struct *tsk,
if (f->lsm_isset) {
/* Find files that match */
if (name) {
- /*
- * lsmblob_init sets all values in the
- * lsmblob to sid. This is temporary
- * until name->osid is converted to a
- * lsmblob, which happens later in
- * this patch set.
- */
- lsmblob_init(&blob, name->osid);
result = security_audit_rule_match(
&blob,
f->type,
@@ -701,7 +693,6 @@ static int audit_filter_rules(struct task_struct *tsk,
f->lsm_rules);
} else if (ctx) {
list_for_each_entry(n, &ctx->names_list, list) {
- lsmblob_init(&blob, name->osid);
if (security_audit_rule_match(
&blob,
f->type,
@@ -715,8 +706,7 @@ static int audit_filter_rules(struct task_struct *tsk,
/* Find ipc objects that match */
if (!ctx || ctx->type != AUDIT_IPC)
break;
- lsmblob_init(&blob, ctx->ipc.osid);
- if (security_audit_rule_match(&blob,
+ if (security_audit_rule_match(&ctx->ipc.oblob,
f->type, f->op,
f->lsm_rules))
++result;
@@ -1028,7 +1018,6 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
struct lsmblob *blob, char *comm)
{
struct audit_buffer *ab;
- struct lsmcontext lsmctx;
int rc = 0;
ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID);
@@ -1038,15 +1027,8 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid,
from_kuid(&init_user_ns, auid),
from_kuid(&init_user_ns, uid), sessionid);
- if (lsmblob_is_set(blob)) {
- if (security_secid_to_secctx(blob, &lsmctx, LSMBLOB_FIRST)) {
- audit_log_format(ab, " obj=(none)");
- rc = 1;
- } else {
- audit_log_format(ab, " obj=%s", lsmctx.context);
- security_release_secctx(&lsmctx);
- }
- }
+ if (lsmblob_is_set(blob))
+ rc = audit_log_object_context(ab, blob);
audit_log_format(ab, " ocomm=");
audit_log_untrustedstring(ab, comm);
audit_log_end(ab);
@@ -1273,26 +1255,15 @@ static void show_special(struct audit_context *context, int *call_panic)
context->socketcall.args[i]);
break; }
case AUDIT_IPC: {
- u32 osid = context->ipc.osid;
+ struct lsmblob *oblob = &context->ipc.oblob;
audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho",
from_kuid(&init_user_ns, context->ipc.uid),
from_kgid(&init_user_ns, context->ipc.gid),
context->ipc.mode);
- if (osid) {
- struct lsmcontext lsmcxt;
- struct lsmblob blob;
-
- lsmblob_init(&blob, osid);
- if (security_secid_to_secctx(&blob, &lsmcxt,
- LSMBLOB_FIRST)) {
- audit_log_format(ab, " osid=%u", osid);
- *call_panic = 1;
- } else {
- audit_log_format(ab, " obj=%s", lsmcxt.context);
- security_release_secctx(&lsmcxt);
- }
- }
+ if (lsmblob_is_set(oblob) &&
+ audit_log_object_context(ab, oblob))
+ *call_panic = 1;
if (context->ipc.has_perm) {
audit_log_end(ab);
ab = audit_log_start(context, GFP_KERNEL,
@@ -1435,20 +1406,9 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n,
from_kgid(&init_user_ns, n->gid),
MAJOR(n->rdev),
MINOR(n->rdev));
- if (n->osid != 0) {
- struct lsmblob blob;
- struct lsmcontext lsmctx;
-
- lsmblob_init(&blob, n->osid);
- if (security_secid_to_secctx(&blob, &lsmctx, LSMBLOB_FIRST)) {
- audit_log_format(ab, " osid=%u", n->osid);
- if (call_panic)
- *call_panic = 2;
- } else {
- audit_log_format(ab, " obj=%s", lsmctx.context);
- security_release_secctx(&lsmctx);
- }
- }
+ if (lsmblob_is_set(&n->oblob) &&
+ audit_log_object_context(ab, &n->oblob) && call_panic)
+ *call_panic = 2;
/* log the audit_names record type */
switch (n->type) {
@@ -2038,17 +1998,13 @@ static void audit_copy_inode(struct audit_names *name,
const struct dentry *dentry,
struct inode *inode, unsigned int flags)
{
- struct lsmblob blob;
-
name->ino = inode->i_ino;
name->dev = inode->i_sb->s_dev;
name->mode = inode->i_mode;
name->uid = inode->i_uid;
name->gid = inode->i_gid;
name->rdev = inode->i_rdev;
- security_inode_getsecid(inode, &blob);
- /* scaffolding until osid is updated */
- name->osid = blob.secid[0];
+ security_inode_getsecid(inode, &name->oblob);
if (flags & AUDIT_INODE_NOEVAL) {
name->fcap_ver = -1;
return;
@@ -2394,16 +2350,11 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
{
struct audit_context *context = audit_context();
- struct lsmblob blob;
context->ipc.uid = ipcp->uid;
context->ipc.gid = ipcp->gid;
context->ipc.mode = ipcp->mode;
context->ipc.has_perm = 0;
- security_ipc_getsecid(ipcp, &blob);
- /* context->ipc.osid will be changed to a lsmblob later in
- * the patch series. This will allow auditing of all the object
- * labels associated with the ipc object. */
- context->ipc.osid = lsmblob_value(&blob);
+ security_ipc_getsecid(ipcp, &context->ipc.oblob);
context->type = AUDIT_IPC;
}
--
2.29.2
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-03-10 21:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-10 21:13 [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2021-03-09 14:42 [PATCH v25 00/25] LSM: Module stacking for AppArmor Casey Schaufler
2021-03-09 14:42 ` [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes Casey Schaufler
2021-03-09 14:42 ` Casey Schaufler
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.