* Re: [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid
@ 2022-06-16 23:28 kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2022-06-16 23:28 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 3560 bytes --]
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
In-Reply-To: <20220609230146.319210-11-casey@schaufler-ca.com>
References: <20220609230146.319210-11-casey@schaufler-ca.com>
TO: Casey Schaufler <casey@schaufler-ca.com>
TO: casey.schaufler(a)intel.com
TO: jmorris(a)namei.org
TO: linux-security-module(a)vger.kernel.org
TO: selinux(a)vger.kernel.org
CC: casey(a)schaufler-ca.com
CC: linux-audit(a)redhat.com
CC: keescook(a)chromium.org
CC: john.johansen(a)canonical.com
CC: penguin-kernel(a)i-love.sakura.ne.jp
CC: paul(a)paul-moore.com
CC: stephen.smalley.work(a)gmail.com
CC: linux-kernel(a)vger.kernel.org
Hi Casey,
I love your patch! Perhaps something to improve:
[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on pcmoore-selinux/next linus/master v5.19-rc2 next-20220616]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220610-080129
base: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
:::::: branch date: 7 days ago
:::::: commit date: 7 days ago
config: x86_64-randconfig-m001-20220613 (https://download.01.org/0day-ci/archive/20220617/202206170730.cJyrAncf-lkp(a)intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
include/linux/security.h:218 lsmblob_value() warn: we never enter this loop
Old smatch warnings:
include/linux/security.h:170 lsmblob_init() warn: we never enter this loop
vim +218 include/linux/security.h
767517968014af Casey Schaufler 2022-06-09 203
86979553fd37a9 Casey Schaufler 2022-06-09 204 /**
86979553fd37a9 Casey Schaufler 2022-06-09 205 * lsmblob_value - find the first non-zero value in an lsmblob structure.
86979553fd37a9 Casey Schaufler 2022-06-09 206 * @blob: Pointer to the data
86979553fd37a9 Casey Schaufler 2022-06-09 207 *
86979553fd37a9 Casey Schaufler 2022-06-09 208 * This needs to be used with extreme caution, as the cases where
86979553fd37a9 Casey Schaufler 2022-06-09 209 * it is appropriate are rare.
86979553fd37a9 Casey Schaufler 2022-06-09 210 *
86979553fd37a9 Casey Schaufler 2022-06-09 211 * Return the first secid value set in the lsmblob.
86979553fd37a9 Casey Schaufler 2022-06-09 212 * There should only be one.
86979553fd37a9 Casey Schaufler 2022-06-09 213 */
86979553fd37a9 Casey Schaufler 2022-06-09 214 static inline u32 lsmblob_value(const struct lsmblob *blob)
86979553fd37a9 Casey Schaufler 2022-06-09 215 {
86979553fd37a9 Casey Schaufler 2022-06-09 216 int i;
86979553fd37a9 Casey Schaufler 2022-06-09 217
86979553fd37a9 Casey Schaufler 2022-06-09 @218 for (i = 0; i < LSMBLOB_ENTRIES; i++)
86979553fd37a9 Casey Schaufler 2022-06-09 219 if (blob->secid[i])
86979553fd37a9 Casey Schaufler 2022-06-09 220 return blob->secid[i];
86979553fd37a9 Casey Schaufler 2022-06-09 221
86979553fd37a9 Casey Schaufler 2022-06-09 222 return 0;
86979553fd37a9 Casey Schaufler 2022-06-09 223 }
86979553fd37a9 Casey Schaufler 2022-06-09 224
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid
@ 2022-06-15 15:02 kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2022-06-15 15:02 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 3560 bytes --]
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
In-Reply-To: <20220609230146.319210-11-casey@schaufler-ca.com>
References: <20220609230146.319210-11-casey@schaufler-ca.com>
TO: Casey Schaufler <casey@schaufler-ca.com>
TO: casey.schaufler(a)intel.com
TO: jmorris(a)namei.org
TO: linux-security-module(a)vger.kernel.org
TO: selinux(a)vger.kernel.org
CC: casey(a)schaufler-ca.com
CC: linux-audit(a)redhat.com
CC: keescook(a)chromium.org
CC: john.johansen(a)canonical.com
CC: penguin-kernel(a)i-love.sakura.ne.jp
CC: paul(a)paul-moore.com
CC: stephen.smalley.work(a)gmail.com
CC: linux-kernel(a)vger.kernel.org
Hi Casey,
I love your patch! Perhaps something to improve:
[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on pcmoore-selinux/next linus/master v5.19-rc2 next-20220615]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220610-080129
base: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
:::::: branch date: 6 days ago
:::::: commit date: 6 days ago
config: x86_64-randconfig-m001-20220613 (https://download.01.org/0day-ci/archive/20220615/202206152226.thfX6MVW-lkp(a)intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
include/linux/security.h:218 lsmblob_value() warn: we never enter this loop
Old smatch warnings:
include/linux/security.h:170 lsmblob_init() warn: we never enter this loop
vim +218 include/linux/security.h
767517968014af Casey Schaufler 2022-06-09 203
86979553fd37a9 Casey Schaufler 2022-06-09 204 /**
86979553fd37a9 Casey Schaufler 2022-06-09 205 * lsmblob_value - find the first non-zero value in an lsmblob structure.
86979553fd37a9 Casey Schaufler 2022-06-09 206 * @blob: Pointer to the data
86979553fd37a9 Casey Schaufler 2022-06-09 207 *
86979553fd37a9 Casey Schaufler 2022-06-09 208 * This needs to be used with extreme caution, as the cases where
86979553fd37a9 Casey Schaufler 2022-06-09 209 * it is appropriate are rare.
86979553fd37a9 Casey Schaufler 2022-06-09 210 *
86979553fd37a9 Casey Schaufler 2022-06-09 211 * Return the first secid value set in the lsmblob.
86979553fd37a9 Casey Schaufler 2022-06-09 212 * There should only be one.
86979553fd37a9 Casey Schaufler 2022-06-09 213 */
86979553fd37a9 Casey Schaufler 2022-06-09 214 static inline u32 lsmblob_value(const struct lsmblob *blob)
86979553fd37a9 Casey Schaufler 2022-06-09 215 {
86979553fd37a9 Casey Schaufler 2022-06-09 216 int i;
86979553fd37a9 Casey Schaufler 2022-06-09 217
86979553fd37a9 Casey Schaufler 2022-06-09 @218 for (i = 0; i < LSMBLOB_ENTRIES; i++)
86979553fd37a9 Casey Schaufler 2022-06-09 219 if (blob->secid[i])
86979553fd37a9 Casey Schaufler 2022-06-09 220 return blob->secid[i];
86979553fd37a9 Casey Schaufler 2022-06-09 221
86979553fd37a9 Casey Schaufler 2022-06-09 222 return 0;
86979553fd37a9 Casey Schaufler 2022-06-09 223 }
86979553fd37a9 Casey Schaufler 2022-06-09 224
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid
@ 2022-06-14 15:45 kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2022-06-14 15:45 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 3539 bytes --]
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
In-Reply-To: <20220609230146.319210-11-casey@schaufler-ca.com>
References: <20220609230146.319210-11-casey@schaufler-ca.com>
TO: Casey Schaufler <casey@schaufler-ca.com>
TO: casey.schaufler(a)intel.com
TO: jmorris(a)namei.org
TO: linux-security-module(a)vger.kernel.org
TO: selinux(a)vger.kernel.org
CC: casey(a)schaufler-ca.com
CC: linux-audit(a)redhat.com
CC: keescook(a)chromium.org
CC: john.johansen(a)canonical.com
CC: penguin-kernel(a)i-love.sakura.ne.jp
CC: paul(a)paul-moore.com
CC: stephen.smalley.work(a)gmail.com
CC: linux-kernel(a)vger.kernel.org
Hi Casey,
I love your patch! Perhaps something to improve:
[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on linus/master v5.19-rc2 next-20220610]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220610-080129
base: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
:::::: branch date: 5 days ago
:::::: commit date: 5 days ago
config: x86_64-randconfig-m001-20220613 (https://download.01.org/0day-ci/archive/20220614/202206142305.9RC7HPYi-lkp(a)intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
New smatch warnings:
include/linux/security.h:218 lsmblob_value() warn: we never enter this loop
Old smatch warnings:
include/linux/security.h:170 lsmblob_init() warn: we never enter this loop
vim +218 include/linux/security.h
767517968014af Casey Schaufler 2022-06-09 203
86979553fd37a9 Casey Schaufler 2022-06-09 204 /**
86979553fd37a9 Casey Schaufler 2022-06-09 205 * lsmblob_value - find the first non-zero value in an lsmblob structure.
86979553fd37a9 Casey Schaufler 2022-06-09 206 * @blob: Pointer to the data
86979553fd37a9 Casey Schaufler 2022-06-09 207 *
86979553fd37a9 Casey Schaufler 2022-06-09 208 * This needs to be used with extreme caution, as the cases where
86979553fd37a9 Casey Schaufler 2022-06-09 209 * it is appropriate are rare.
86979553fd37a9 Casey Schaufler 2022-06-09 210 *
86979553fd37a9 Casey Schaufler 2022-06-09 211 * Return the first secid value set in the lsmblob.
86979553fd37a9 Casey Schaufler 2022-06-09 212 * There should only be one.
86979553fd37a9 Casey Schaufler 2022-06-09 213 */
86979553fd37a9 Casey Schaufler 2022-06-09 214 static inline u32 lsmblob_value(const struct lsmblob *blob)
86979553fd37a9 Casey Schaufler 2022-06-09 215 {
86979553fd37a9 Casey Schaufler 2022-06-09 216 int i;
86979553fd37a9 Casey Schaufler 2022-06-09 217
86979553fd37a9 Casey Schaufler 2022-06-09 @218 for (i = 0; i < LSMBLOB_ENTRIES; i++)
86979553fd37a9 Casey Schaufler 2022-06-09 219 if (blob->secid[i])
86979553fd37a9 Casey Schaufler 2022-06-09 220 return blob->secid[i];
86979553fd37a9 Casey Schaufler 2022-06-09 221
86979553fd37a9 Casey Schaufler 2022-06-09 222 return 0;
86979553fd37a9 Casey Schaufler 2022-06-09 223 }
86979553fd37a9 Casey Schaufler 2022-06-09 224
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid
2022-06-09 23:01 [PATCH v36 00/33] LSM: Module stacking for AppArmor Casey Schaufler
@ 2022-06-09 23:01 ` Casey Schaufler
0 siblings, 0 replies; 5+ messages in thread
From: Casey Schaufler @ 2022-06-09 23:01 UTC (permalink / raw)
To: casey.schaufler, jmorris, linux-security-module, selinux
Cc: casey, linux-audit, keescook, john.johansen, penguin-kernel,
paul, stephen.smalley.work, linux-kernel
There may be more than one LSM that provides IPC data
for auditing. Change security_ipc_getsecid() to fill in
a lsmblob structure instead of the u32 secid. The
audit data structure containing the secid will be updated
later, so there is a bit of scaffolding here.
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-audit@redhat.com
---
include/linux/security.h | 7 ++++---
kernel/auditsc.c | 7 ++++++-
security/security.c | 12 +++++++++---
3 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/include/linux/security.h b/include/linux/security.h
index e8e4a7a1029b..029c23719a5c 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -522,7 +522,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5);
void security_task_to_inode(struct task_struct *p, struct inode *inode);
int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
-void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
+void security_ipc_getsecid(struct kern_ipc_perm *ipcp, struct lsmblob *blob);
int security_msg_msg_alloc(struct msg_msg *msg);
void security_msg_msg_free(struct msg_msg *msg);
int security_msg_queue_alloc(struct kern_ipc_perm *msq);
@@ -1279,9 +1279,10 @@ static inline int security_ipc_permission(struct kern_ipc_perm *ipcp,
return 0;
}
-static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
+static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp,
+ struct lsmblob *blob)
{
- *secid = 0;
+ lsmblob_init(blob, 0);
}
static inline int security_msg_msg_alloc(struct msg_msg *msg)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 58e3f39f47ab..0986ded8e798 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2668,12 +2668,17 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
{
struct audit_context *context = audit_context();
+ struct lsmblob blob;
context->ipc.uid = ipcp->uid;
context->ipc.gid = ipcp->gid;
context->ipc.mode = ipcp->mode;
context->ipc.has_perm = 0;
- security_ipc_getsecid(ipcp, &context->ipc.osid);
+ security_ipc_getsecid(ipcp, &blob);
+ /* context->ipc.osid will be changed to a lsmblob later in
+ * the patch series. This will allow auditing of all the object
+ * labels associated with the ipc object. */
+ context->ipc.osid = lsmblob_value(&blob);
context->type = AUDIT_IPC;
}
diff --git a/security/security.c b/security/security.c
index 552a08750843..1e9c06607c39 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2006,10 +2006,16 @@ int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
return call_int_hook(ipc_permission, 0, ipcp, flag);
}
-void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
+void security_ipc_getsecid(struct kern_ipc_perm *ipcp, struct lsmblob *blob)
{
- *secid = 0;
- call_void_hook(ipc_getsecid, ipcp, secid);
+ struct security_hook_list *hp;
+
+ lsmblob_init(blob, 0);
+ hlist_for_each_entry(hp, &security_hook_heads.ipc_getsecid, list) {
+ if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
+ continue;
+ hp->hook.ipc_getsecid(ipcp, &blob->secid[hp->lsmid->slot]);
+ }
}
int security_msg_msg_alloc(struct msg_msg *msg)
--
2.35.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid
@ 2022-06-09 23:01 ` Casey Schaufler
0 siblings, 0 replies; 5+ messages in thread
From: Casey Schaufler @ 2022-06-09 23:01 UTC (permalink / raw)
To: casey.schaufler, jmorris, linux-security-module, selinux
Cc: john.johansen, linux-kernel, linux-audit
There may be more than one LSM that provides IPC data
for auditing. Change security_ipc_getsecid() to fill in
a lsmblob structure instead of the u32 secid. The
audit data structure containing the secid will be updated
later, so there is a bit of scaffolding here.
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-audit@redhat.com
---
include/linux/security.h | 7 ++++---
kernel/auditsc.c | 7 ++++++-
security/security.c | 12 +++++++++---
3 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/include/linux/security.h b/include/linux/security.h
index e8e4a7a1029b..029c23719a5c 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -522,7 +522,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5);
void security_task_to_inode(struct task_struct *p, struct inode *inode);
int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
-void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
+void security_ipc_getsecid(struct kern_ipc_perm *ipcp, struct lsmblob *blob);
int security_msg_msg_alloc(struct msg_msg *msg);
void security_msg_msg_free(struct msg_msg *msg);
int security_msg_queue_alloc(struct kern_ipc_perm *msq);
@@ -1279,9 +1279,10 @@ static inline int security_ipc_permission(struct kern_ipc_perm *ipcp,
return 0;
}
-static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
+static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp,
+ struct lsmblob *blob)
{
- *secid = 0;
+ lsmblob_init(blob, 0);
}
static inline int security_msg_msg_alloc(struct msg_msg *msg)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 58e3f39f47ab..0986ded8e798 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2668,12 +2668,17 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
{
struct audit_context *context = audit_context();
+ struct lsmblob blob;
context->ipc.uid = ipcp->uid;
context->ipc.gid = ipcp->gid;
context->ipc.mode = ipcp->mode;
context->ipc.has_perm = 0;
- security_ipc_getsecid(ipcp, &context->ipc.osid);
+ security_ipc_getsecid(ipcp, &blob);
+ /* context->ipc.osid will be changed to a lsmblob later in
+ * the patch series. This will allow auditing of all the object
+ * labels associated with the ipc object. */
+ context->ipc.osid = lsmblob_value(&blob);
context->type = AUDIT_IPC;
}
diff --git a/security/security.c b/security/security.c
index 552a08750843..1e9c06607c39 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2006,10 +2006,16 @@ int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
return call_int_hook(ipc_permission, 0, ipcp, flag);
}
-void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
+void security_ipc_getsecid(struct kern_ipc_perm *ipcp, struct lsmblob *blob)
{
- *secid = 0;
- call_void_hook(ipc_getsecid, ipcp, secid);
+ struct security_hook_list *hp;
+
+ lsmblob_init(blob, 0);
+ hlist_for_each_entry(hp, &security_hook_heads.ipc_getsecid, list) {
+ if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
+ continue;
+ hp->hook.ipc_getsecid(ipcp, &blob->secid[hp->lsmid->slot]);
+ }
}
int security_msg_msg_alloc(struct msg_msg *msg)
--
2.35.1
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-06-16 23:28 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-16 23:28 [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2022-06-15 15:02 kernel test robot
2022-06-14 15:45 kernel test robot
2022-06-09 23:01 [PATCH v36 00/33] LSM: Module stacking for AppArmor Casey Schaufler
2022-06-09 23:01 ` [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid Casey Schaufler
2022-06-09 23:01 ` Casey Schaufler
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.