From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 503AEC43217
	for <linux-kernel@archiver.kernel.org>; Thu,  3 Feb 2022 00:07:38 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234317AbiBCAHh (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Wed, 2 Feb 2022 19:07:37 -0500
Received: from sonic312-31.consmr.mail.ne1.yahoo.com ([66.163.191.212]:34446
        "EHLO sonic312-31.consmr.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S232876AbiBCAHe (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 2 Feb 2022 19:07:34 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1643846854; bh=Ofx+zfV9kAlt56YC11tGt2YOtlNVLhFarLMraLNfSiA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=LeaN/Mwf3Fu/46HOknNArm6a2N1vgKXPyhZfO8tIHzTwJnlaIq/7DRWHBWL42hmCfAkvTZvO4iCBpBBKSYgW5+IcdBbAi7lEmvy0VnpG+qe6UCj48/KhB5shN6Ika2lxREDlWGODQX3aOP5e2JSI13yFOXybR8THsPrKAJY9QuXM5FMlrWFil9nW7VFVKv/z9u2leWUw7ja5apI/CYM65XxtifRkWatjUr4DjOfXZa1rPOLEB7bRKHZ9Pd6ktRQqVwk0BmZsJEFRZs6syuOAo7niPW/xjXK9qhIeFFDoEOX8TlXSF2Y+M5f03XWat+QuSC9nxHpHi5bn3jBcxkuXXQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1643846854; bh=USgY/omKIT6FHftzOwuaWl0W1FAmmueUGibLpKVLU3I=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=AfQnVo+duFRtB/eIAFUuaOfhgkT+1cIuJ9ZVfABuRQWm9jhT/VWMMr6lWWSd4TCzHmIeijM59OMr+pAPcwpDF15HiRV74bHPiqsGbdyM6/UBziD4KaTHLKc3pBJM4IMrC1V923cjTQJZuV4zmlsHGCsWCFxVTSidP2PgLBk1VNbCy2/uXp6i21aFkw6b6B4pGygg3ZE3o3NepxPn7FuuM55VWfGdUo0bUc0S95EmzTryuCtfdFlcQZz+c+FGpmWzpAWGVtFRMGlgYmnY+1mJuRimFJX21iwPDkNp3pNOpANDCI0sMT/fNpSNq4jGReaDYvFmRJgpJRGfw6E8k8COCg==
X-YMail-OSG: hyXz7kcVM1kvixrw9v7j9Ra.xOXS4WdN3hT49me5c2dUs5Ojkb9lCBK2feBLNyk
 Fi6iFwTpJRa6b5.I9HtFnfoQNKjRZmPzPtNXGYEqojGdtCf8WgpeEFSVjP7f2PaHMrvc4tmK3Vxo
 0VqLYBTFpl2INboB4eeoRK9cHF_ZH34z0wauLWIOGUcCIN16HCdd3w7LEQ4RrNz8m4VDB9yoYNFI
 .Ljkskt1cDsHHZZPvBmrEHqxZ13xBRW67P0.pAxoeDw_eZTdubP3J8UwMDmMyd0Rlh.vWj8YMQuB
 poXc51JN_6Ui_85VudbtcnS2uruM8ua6vVcKxJiJWXruOT8fqcGn7eQ3q1PgC.WMTH1xKa.e.a9d
 IS0AvoTOxPN_CVv2WwJ8uCl3L_pg1XFcUggLlO_ouLAdK2yt08Hp02nPTkDqdBaLln7EpFspxnoG
 Q7WUk9DnHdIQpeH71bHjLKdmCB_bzi2OrOFjT17uHlXdiY31892xGNv9psbopb5CoQrzcBYDvzDG
 IXLTobLmH2GL1wkaYEOEjwLKvzpIzzlLocIV.804a0YhhNMPR97OdLE0eEqA2JkKyXSVmNp_yelt
 D2o9UQFcZw1tL3P5ZlNBh3htxiJ1vCJB1lNDXuNUQrbvdy.rd_D37wHv8YkbVWCurmwEgU.HQgKS
 wKKsEVwqU2iY90mlEUgn0GRs7c4LLPGsPjCEXcns2NcfOsHZEIpb984uJoDvFrle8Q8n9DnImdh8
 wKrKzHLaQVeIB6qn4v9anzeegez4gzyldbPuoWcGW3oigRY4EO1eusiElg3QP9pxJFqKFoVRWBx5
 SPPclUbH7faiQqEIhEHzVzuq1T7HCmhlaKv8EWE3pn6QHUR9OxSBd_w26_Ee7.kQyxx2PRuk0DKO
 eCWTqrS6e.SHKJkgW.OUwB.VCzUByUBZ8zX8r36IpCFFW2j6aAxk5yPYrGrHQuwiD..FsO320dc7
 NT4_gkwXOiq7KACOyiGWyYZd7AXkwLAD91b9elEtsqjGKEXgmUwP6udv5uqNurz96H.xJh94T7EV
 ipDYLIulRxrfQGvJnUOstek0T4Ka8Y08Y.a4Vfx4GF9TSfhk.OJ24Uhh2jQ9O.VRB.5nROWyNViD
 mqJg8T39RaelwA7ZCa8qtf9NgSd_ui9nmxLbj_QJwlc1cGQBYDT5atjen.neBS5eoRjZPPy3QcQ8
 9IZAKOA6zog1f.alUEQLLDmsrMKmNyAUQ5epc3qiDGoAEYPH.qy8cAzIyv3pkSGCvJdPMqebRm5J
 SF.cCEr10qtGW.frP97d.iP2Bh.fQacXlT0MbX_HHktahimmefLgYNsHOBmXcfkIg94c00SZzHxs
 L4rqKJ5nRQV6qFg6EwmzkCGNYAITQvZuO_T.jPTT2NbFkBze35TN06k0O_JI1vfJCdLepmwJCyOH
 YCt.VvLA9EpGv2etaKM1hoys1S2FXw1itk.W0DavBD8KB61FYbLJq_nrP.JcQ52T7eUpx3qiCuR2
 BQRdWs4pg.MZYEycOBHbrJgRqHW1DDkSJQ_tXnbdSuGsGXviVxTVJaUY7AtuIR6sukylWImcQw06
 6jStfKHQ9bdWU8R_25JPM6Tx49.6n0vInagHq4BjfyCDDxKFxuuWXL0XP3VTsmXMzmyb2xFzPGF7
 YdRAWFcg.cIv6dO3liloQcqTtqfUQZBZnHufw.jZBUfSikRJvlcUz2IwPtwsU4XYnrh_oel0YymZ
 xiZNwPB8D.qyO5WBrXVSDwRRZ7GIuYURdGmRLIQiyCovNFbt89liKCTajVmRL3f2Mx8pK1fybUeg
 Ik0bI9yKR4IctrpXk_VkuDL8.UvVRWX9zsL4rHej1Up9x_CDNJc1XGCHLnir.0Yq94WTga7hXa0U
 DgXB6VF3XGFLEC5EyA6YbZrObwqF0XZsC3r8mQuGlJ4A2JoN0lPo9ErgV2qgbmFZ.pQnx9YLxGu8
 y5t_xqhP8ICZcyXoCdcW6A0WQzkRz.frA3ti9A1la4klIveo5CunmM_2cXfpuL5W2ELc0_lE_VbL
 CoNluaXXCj6JKMtTVaju.jCBDAHuTpAg43X2U1khE3.qYYJf64oQQZwtgNYDBIsVH0bbTU5ywXcS
 ImQbNb4qgoHmv9LvZ9f6Mxo9IjB68fDhy5Y3IGGIjvaFQnXIbZfUaBJ1lqDjStgVn50sS0bQRvoq
 NQbJdmIBuRK9NSqt51ze6LF1JREh0WQYZ7NlAr8p5yyKYGvoJebuCMrzEajocZukmpHHmmeNDPrz
 2.0RDR8XUSxdS7t1G8_rqoEg6HTXDk0jH7CIXLM.Kt5jVDeNvyg3KUANPCXdghqcpAkMPG4iVqrB
 PQw--
X-Sonic-MF: <casey@schaufler-ca.com>
Received: from sonic.gate.mail.ne1.yahoo.com by sonic312.consmr.mail.ne1.yahoo.com with HTTP; Thu, 3 Feb 2022 00:07:34 +0000
Received: by kubenode529.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 7f82dc84f3bd924cb223e5ab9ecb7cf0;
          Thu, 03 Feb 2022 00:07:31 +0000 (UTC)
From:   Casey Schaufler <casey@schaufler-ca.com>
To:     casey.schaufler@intel.com, jmorris@namei.org,
        linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Cc:     casey@schaufler-ca.com, linux-audit@redhat.com,
        keescook@chromium.org, john.johansen@canonical.com,
        penguin-kernel@i-love.sakura.ne.jp, paul@paul-moore.com,
        sds@tycho.nsa.gov, linux-kernel@vger.kernel.org,
        Stephen Smalley <stephen.smalley.work@gmail.com>,
        linux-integrity@vger.kernel.org
Subject: [PATCH v32 12/28] LSM: Use lsmblob in security_inode_getsecid
Date:   Wed,  2 Feb 2022 15:53:07 -0800
Message-Id: <20220202235323.23929-13-casey@schaufler-ca.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20220202235323.23929-1-casey@schaufler-ca.com>
References: <20220202235323.23929-1-casey@schaufler-ca.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Change the security_inode_getsecid() interface to fill in a
lsmblob structure instead of a u32 secid. This allows for its
callers to gather data from all registered LSMs. Data is provided
for IMA and audit.

Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-integrity@vger.kernel.org
Cc: linux-audit@redhat.com
---
 include/linux/security.h            |  7 ++++---
 kernel/auditsc.c                    |  6 +++++-
 security/integrity/ima/ima_policy.c |  7 ++++---
 security/security.c                 | 11 +++++++++--
 4 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index d7781bda147f..b0d1abd082a8 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -455,7 +455,7 @@ int security_inode_getsecurity(struct user_namespace *mnt_userns,
 			       void **buffer, bool alloc);
 int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
 int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
-void security_inode_getsecid(struct inode *inode, u32 *secid);
+void security_inode_getsecid(struct inode *inode, struct lsmblob *blob);
 int security_inode_copy_up(struct dentry *src, struct cred **new);
 int security_inode_copy_up_xattr(const char *name);
 int security_kernfs_init_security(struct kernfs_node *kn_dir,
@@ -1001,9 +1001,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer,
 	return 0;
 }
 
-static inline void security_inode_getsecid(struct inode *inode, u32 *secid)
+static inline void security_inode_getsecid(struct inode *inode,
+					   struct lsmblob *blob)
 {
-	*secid = 0;
+	lsmblob_init(blob, 0);
 }
 
 static inline int security_inode_copy_up(struct dentry *src, struct cred **new)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 2570bf5979e0..6cd15abb99c7 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2248,13 +2248,17 @@ static void audit_copy_inode(struct audit_names *name,
 			     const struct dentry *dentry,
 			     struct inode *inode, unsigned int flags)
 {
+	struct lsmblob blob;
+
 	name->ino   = inode->i_ino;
 	name->dev   = inode->i_sb->s_dev;
 	name->mode  = inode->i_mode;
 	name->uid   = inode->i_uid;
 	name->gid   = inode->i_gid;
 	name->rdev  = inode->i_rdev;
-	security_inode_getsecid(inode, &name->osid);
+	security_inode_getsecid(inode, &blob);
+	/* scaffolding until osid is updated */
+	name->osid = blob.secid[0];
 	if (flags & AUDIT_INODE_NOEVAL) {
 		name->fcap_ver = -1;
 		return;
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 22952efcc0b0..34ecdd7b01f5 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -625,7 +625,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
 		return false;
 	for (i = 0; i < MAX_LSM_RULES; i++) {
 		int rc = 0;
-		u32 osid;
+		struct lsmblob lsmdata;
 
 		if (!rule->lsm[i].rule) {
 			if (!rule->lsm[i].args_p)
@@ -637,8 +637,9 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
 		case LSM_OBJ_USER:
 		case LSM_OBJ_ROLE:
 		case LSM_OBJ_TYPE:
-			security_inode_getsecid(inode, &osid);
-			rc = ima_filter_rule_match(osid, rule->lsm[i].type,
+			security_inode_getsecid(inode, &lsmdata);
+			rc = ima_filter_rule_match(lsmdata.secid[rule->which],
+						   rule->lsm[i].type,
 						   Audit_equal,
 						   rule->lsm[i].rule,
 						   rule->which);
diff --git a/security/security.c b/security/security.c
index e33fa677181d..0253c925a272 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1553,9 +1553,16 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer
 }
 EXPORT_SYMBOL(security_inode_listsecurity);
 
-void security_inode_getsecid(struct inode *inode, u32 *secid)
+void security_inode_getsecid(struct inode *inode, struct lsmblob *blob)
 {
-	call_void_hook(inode_getsecid, inode, secid);
+	struct security_hook_list *hp;
+
+	lsmblob_init(blob, 0);
+	hlist_for_each_entry(hp, &security_hook_heads.inode_getsecid, list) {
+		if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
+			continue;
+		hp->hook.inode_getsecid(inode, &blob->secid[hp->lsmid->slot]);
+	}
 }
 
 int security_inode_copy_up(struct dentry *src, struct cred **new)
-- 
2.31.1


From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-audit-bounces@redhat.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 8C778C433EF
	for <linux-audit@archiver.kernel.org>; Thu,  3 Feb 2022 00:07:46 +0000 (UTC)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-372-uVdNhZFLP5CwEfV8XWeA3Q-1; Wed, 02 Feb 2022 19:07:42 -0500
X-MC-Unique: uVdNhZFLP5CwEfV8XWeA3Q-1
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CD65A835B4E;
	Thu,  3 Feb 2022 00:07:38 +0000 (UTC)
Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id A1FBC46977;
	Thu,  3 Feb 2022 00:07:38 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 641E44BB7C;
	Thu,  3 Feb 2022 00:07:38 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com
	[10.11.54.8])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 21307a5L032149 for <linux-audit@listman.util.phx.redhat.com>;
	Wed, 2 Feb 2022 19:07:37 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id DD9C1C080AD; Thu,  3 Feb 2022 00:07:36 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id D9648C080AA
	for <linux-audit@redhat.com>; Thu,  3 Feb 2022 00:07:36 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id BF1091044598
	for <linux-audit@redhat.com>; Thu,  3 Feb 2022 00:07:36 +0000 (UTC)
Received: from sonic312-31.consmr.mail.ne1.yahoo.com
	(sonic312-31.consmr.mail.ne1.yahoo.com [66.163.191.212]) by
	relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	us-mta-355-83NhGpfAMfu8J5oUHde3UQ-1; Wed, 02 Feb 2022 19:07:35 -0500
X-MC-Unique: 83NhGpfAMfu8J5oUHde3UQ-1
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
	t=1643846854; bh=USgY/omKIT6FHftzOwuaWl0W1FAmmueUGibLpKVLU3I=;
	h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
	b=AfQnVo+duFRtB/eIAFUuaOfhgkT+1cIuJ9ZVfABuRQWm9jhT/VWMMr6lWWSd4TCzHmIeijM59OMr+pAPcwpDF15HiRV74bHPiqsGbdyM6/UBziD4KaTHLKc3pBJM4IMrC1V923cjTQJZuV4zmlsHGCsWCFxVTSidP2PgLBk1VNbCy2/uXp6i21aFkw6b6B4pGygg3ZE3o3NepxPn7FuuM55VWfGdUo0bUc0S95EmzTryuCtfdFlcQZz+c+FGpmWzpAWGVtFRMGlgYmnY+1mJuRimFJX21iwPDkNp3pNOpANDCI0sMT/fNpSNq4jGReaDYvFmRJgpJRGfw6E8k8COCg==
X-YMail-OSG: hyXz7kcVM1kvixrw9v7j9Ra.xOXS4WdN3hT49me5c2dUs5Ojkb9lCBK2feBLNyk
	Fi6iFwTpJRa6b5.I9HtFnfoQNKjRZmPzPtNXGYEqojGdtCf8WgpeEFSVjP7f2PaHMrvc4tmK3Vxo
	0VqLYBTFpl2INboB4eeoRK9cHF_ZH34z0wauLWIOGUcCIN16HCdd3w7LEQ4RrNz8m4VDB9yoYNFI
	.Ljkskt1cDsHHZZPvBmrEHqxZ13xBRW67P0.pAxoeDw_eZTdubP3J8UwMDmMyd0Rlh.vWj8YMQuB
	poXc51JN_6Ui_85VudbtcnS2uruM8ua6vVcKxJiJWXruOT8fqcGn7eQ3q1PgC.WMTH1xKa.e.a9d
	IS0AvoTOxPN_CVv2WwJ8uCl3L_pg1XFcUggLlO_ouLAdK2yt08Hp02nPTkDqdBaLln7EpFspxnoG
	Q7WUk9DnHdIQpeH71bHjLKdmCB_bzi2OrOFjT17uHlXdiY31892xGNv9psbopb5CoQrzcBYDvzDG
	IXLTobLmH2GL1wkaYEOEjwLKvzpIzzlLocIV.804a0YhhNMPR97OdLE0eEqA2JkKyXSVmNp_yelt
	D2o9UQFcZw1tL3P5ZlNBh3htxiJ1vCJB1lNDXuNUQrbvdy.rd_D37wHv8YkbVWCurmwEgU.HQgKS
	wKKsEVwqU2iY90mlEUgn0GRs7c4LLPGsPjCEXcns2NcfOsHZEIpb984uJoDvFrle8Q8n9DnImdh8
	wKrKzHLaQVeIB6qn4v9anzeegez4gzyldbPuoWcGW3oigRY4EO1eusiElg3QP9pxJFqKFoVRWBx5
	SPPclUbH7faiQqEIhEHzVzuq1T7HCmhlaKv8EWE3pn6QHUR9OxSBd_w26_Ee7.kQyxx2PRuk0DKO
	eCWTqrS6e.SHKJkgW.OUwB.VCzUByUBZ8zX8r36IpCFFW2j6aAxk5yPYrGrHQuwiD..FsO320dc7
	NT4_gkwXOiq7KACOyiGWyYZd7AXkwLAD91b9elEtsqjGKEXgmUwP6udv5uqNurz96H.xJh94T7EV
	ipDYLIulRxrfQGvJnUOstek0T4Ka8Y08Y.a4Vfx4GF9TSfhk.OJ24Uhh2jQ9O.VRB.5nROWyNViD
	mqJg8T39RaelwA7ZCa8qtf9NgSd_ui9nmxLbj_QJwlc1cGQBYDT5atjen.neBS5eoRjZPPy3QcQ8
	9IZAKOA6zog1f.alUEQLLDmsrMKmNyAUQ5epc3qiDGoAEYPH.qy8cAzIyv3pkSGCvJdPMqebRm5J
	SF.cCEr10qtGW.frP97d.iP2Bh.fQacXlT0MbX_HHktahimmefLgYNsHOBmXcfkIg94c00SZzHxs
	L4rqKJ5nRQV6qFg6EwmzkCGNYAITQvZuO_T.jPTT2NbFkBze35TN06k0O_JI1vfJCdLepmwJCyOH
	YCt.VvLA9EpGv2etaKM1hoys1S2FXw1itk.W0DavBD8KB61FYbLJq_nrP.JcQ52T7eUpx3qiCuR2
	BQRdWs4pg.MZYEycOBHbrJgRqHW1DDkSJQ_tXnbdSuGsGXviVxTVJaUY7AtuIR6sukylWImcQw06
	6jStfKHQ9bdWU8R_25JPM6Tx49.6n0vInagHq4BjfyCDDxKFxuuWXL0XP3VTsmXMzmyb2xFzPGF7
	YdRAWFcg.cIv6dO3liloQcqTtqfUQZBZnHufw.jZBUfSikRJvlcUz2IwPtwsU4XYnrh_oel0YymZ
	xiZNwPB8D.qyO5WBrXVSDwRRZ7GIuYURdGmRLIQiyCovNFbt89liKCTajVmRL3f2Mx8pK1fybUeg
	Ik0bI9yKR4IctrpXk_VkuDL8.UvVRWX9zsL4rHej1Up9x_CDNJc1XGCHLnir.0Yq94WTga7hXa0U
	DgXB6VF3XGFLEC5EyA6YbZrObwqF0XZsC3r8mQuGlJ4A2JoN0lPo9ErgV2qgbmFZ.pQnx9YLxGu8
	y5t_xqhP8ICZcyXoCdcW6A0WQzkRz.frA3ti9A1la4klIveo5CunmM_2cXfpuL5W2ELc0_lE_VbL
	CoNluaXXCj6JKMtTVaju.jCBDAHuTpAg43X2U1khE3.qYYJf64oQQZwtgNYDBIsVH0bbTU5ywXcS
	ImQbNb4qgoHmv9LvZ9f6Mxo9IjB68fDhy5Y3IGGIjvaFQnXIbZfUaBJ1lqDjStgVn50sS0bQRvoq
	NQbJdmIBuRK9NSqt51ze6LF1JREh0WQYZ7NlAr8p5yyKYGvoJebuCMrzEajocZukmpHHmmeNDPrz
	2.0RDR8XUSxdS7t1G8_rqoEg6HTXDk0jH7CIXLM.Kt5jVDeNvyg3KUANPCXdghqcpAkMPG4iVqrB
	PQw--
X-Sonic-MF: <casey@schaufler-ca.com>
Received: from sonic.gate.mail.ne1.yahoo.com by
	sonic312.consmr.mail.ne1.yahoo.com with HTTP;
	Thu, 3 Feb 2022 00:07:34 +0000
Received: by kubenode529.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP
	Server) with ESMTPA ID 7f82dc84f3bd924cb223e5ab9ecb7cf0; 
	Thu, 03 Feb 2022 00:07:31 +0000 (UTC)
From: Casey Schaufler <casey@schaufler-ca.com>
To: casey.schaufler@intel.com, jmorris@namei.org,
	linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Subject: [PATCH v32 12/28] LSM: Use lsmblob in security_inode_getsecid
Date: Wed,  2 Feb 2022 15:53:07 -0800
Message-Id: <20220202235323.23929-13-casey@schaufler-ca.com>
In-Reply-To: <20220202235323.23929-1-casey@schaufler-ca.com>
References: <20220202235323.23929-1-casey@schaufler-ca.com>
MIME-Version: 1.0
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.85 on 10.11.54.8
X-loop: linux-audit@redhat.com
Cc: john.johansen@canonical.com, linux-kernel@vger.kernel.org,
	linux-audit@redhat.com, linux-integrity@vger.kernel.org, sds@tycho.nsa.gov
X-BeenThere: linux-audit@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Linux Audit Discussion <linux-audit.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Change the security_inode_getsecid() interface to fill in a
lsmblob structure instead of a u32 secid. This allows for its
callers to gather data from all registered LSMs. Data is provided
for IMA and audit.

Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-integrity@vger.kernel.org
Cc: linux-audit@redhat.com
---
 include/linux/security.h            |  7 ++++---
 kernel/auditsc.c                    |  6 +++++-
 security/integrity/ima/ima_policy.c |  7 ++++---
 security/security.c                 | 11 +++++++++--
 4 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index d7781bda147f..b0d1abd082a8 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -455,7 +455,7 @@ int security_inode_getsecurity(struct user_namespace *mnt_userns,
 			       void **buffer, bool alloc);
 int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
 int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
-void security_inode_getsecid(struct inode *inode, u32 *secid);
+void security_inode_getsecid(struct inode *inode, struct lsmblob *blob);
 int security_inode_copy_up(struct dentry *src, struct cred **new);
 int security_inode_copy_up_xattr(const char *name);
 int security_kernfs_init_security(struct kernfs_node *kn_dir,
@@ -1001,9 +1001,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer,
 	return 0;
 }
 
-static inline void security_inode_getsecid(struct inode *inode, u32 *secid)
+static inline void security_inode_getsecid(struct inode *inode,
+					   struct lsmblob *blob)
 {
-	*secid = 0;
+	lsmblob_init(blob, 0);
 }
 
 static inline int security_inode_copy_up(struct dentry *src, struct cred **new)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 2570bf5979e0..6cd15abb99c7 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2248,13 +2248,17 @@ static void audit_copy_inode(struct audit_names *name,
 			     const struct dentry *dentry,
 			     struct inode *inode, unsigned int flags)
 {
+	struct lsmblob blob;
+
 	name->ino   = inode->i_ino;
 	name->dev   = inode->i_sb->s_dev;
 	name->mode  = inode->i_mode;
 	name->uid   = inode->i_uid;
 	name->gid   = inode->i_gid;
 	name->rdev  = inode->i_rdev;
-	security_inode_getsecid(inode, &name->osid);
+	security_inode_getsecid(inode, &blob);
+	/* scaffolding until osid is updated */
+	name->osid = blob.secid[0];
 	if (flags & AUDIT_INODE_NOEVAL) {
 		name->fcap_ver = -1;
 		return;
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 22952efcc0b0..34ecdd7b01f5 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -625,7 +625,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
 		return false;
 	for (i = 0; i < MAX_LSM_RULES; i++) {
 		int rc = 0;
-		u32 osid;
+		struct lsmblob lsmdata;
 
 		if (!rule->lsm[i].rule) {
 			if (!rule->lsm[i].args_p)
@@ -637,8 +637,9 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
 		case LSM_OBJ_USER:
 		case LSM_OBJ_ROLE:
 		case LSM_OBJ_TYPE:
-			security_inode_getsecid(inode, &osid);
-			rc = ima_filter_rule_match(osid, rule->lsm[i].type,
+			security_inode_getsecid(inode, &lsmdata);
+			rc = ima_filter_rule_match(lsmdata.secid[rule->which],
+						   rule->lsm[i].type,
 						   Audit_equal,
 						   rule->lsm[i].rule,
 						   rule->which);
diff --git a/security/security.c b/security/security.c
index e33fa677181d..0253c925a272 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1553,9 +1553,16 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer
 }
 EXPORT_SYMBOL(security_inode_listsecurity);
 
-void security_inode_getsecid(struct inode *inode, u32 *secid)
+void security_inode_getsecid(struct inode *inode, struct lsmblob *blob)
 {
-	call_void_hook(inode_getsecid, inode, secid);
+	struct security_hook_list *hp;
+
+	lsmblob_init(blob, 0);
+	hlist_for_each_entry(hp, &security_hook_heads.inode_getsecid, list) {
+		if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
+			continue;
+		hp->hook.inode_getsecid(inode, &blob->secid[hp->lsmid->slot]);
+	}
 }
 
 int security_inode_copy_up(struct dentry *src, struct cred **new)
-- 
2.31.1

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit