From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=dUMc=OE=redhat.com=linux-audit-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,
	MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 534D5C433FE
	for <linux-audit@archiver.kernel.org>; Tue, 14 Sep 2021 03:33:07 +0000 (UTC)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id B84C560EE7
	for <linux-audit@archiver.kernel.org>; Tue, 14 Sep 2021 03:33:06 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org B84C560EE7
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=paul-moore.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=redhat.com
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-237-a417TexvMTqjsquX3tLdrg-1; Mon, 13 Sep 2021 23:33:04 -0400
X-MC-Unique: a417TexvMTqjsquX3tLdrg-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CABA41084685;
	Tue, 14 Sep 2021 03:33:00 +0000 (UTC)
Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 1D2E55C1D1;
	Tue, 14 Sep 2021 03:33:00 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2BD4D1800FE4;
	Tue, 14 Sep 2021 03:32:59 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
	[10.11.54.6])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 18E3Wvin022259 for <linux-audit@listman.util.phx.redhat.com>;
	Mon, 13 Sep 2021 23:32:57 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 6BF45217B403; Tue, 14 Sep 2021 03:32:57 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 66612217B401
	for <linux-audit@redhat.com>; Tue, 14 Sep 2021 03:32:54 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
	[205.139.110.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id BFBFD18A01A5
	for <linux-audit@redhat.com>; Tue, 14 Sep 2021 03:32:54 +0000 (UTC)
Received: from mail-qv1-f42.google.com (mail-qv1-f42.google.com
	[209.85.219.42]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-556-nLU2iJJmNdSlM6KrMI-gWQ-1; Mon, 13 Sep 2021 23:32:53 -0400
X-MC-Unique: nLU2iJJmNdSlM6KrMI-gWQ-1
Received: by mail-qv1-f42.google.com with SMTP id 93so7578381qva.7
	for <linux-audit@redhat.com>; Mon, 13 Sep 2021 20:32:53 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20210112;
	h=x-gm-message-state:subject:from:to:date:message-id:user-agent
	:mime-version:content-transfer-encoding;
	bh=cTYGJOk0HtZnk34GmZSZev++L+Eu6A0VdG3w2gebSSk=;
	b=fQsSwogYapNJ3w7N1AcN1zdtx12+A1ckEcVVaLThAgFZvvqHpjsEp3PQ8v6POCzPrz
	9uIurLcDze6h+N8pEezWtYm88DXZ02afq9U6YNjf3O0cEXx4QvwquZm9Vf/sXm1J/9+7
	za+mb7xLADm3sbuPJdXCZHGG/4TfZx2URzuDeYQyhqQLS61gvyJUdZbYaxeaG92aamfa
	qIKl5S4ThpYIwYrote9iU/GtRnohER6mdddk7+MfAAtC7dk03zSWuHjzXaRza+oneGjP
	6dU7liNxzSg7sKnybQ5jsq9WP3Ng8yd5/nXUEqJEpQJ0/ODOqy1lxOWOULqEfX6UVDS2
	8SWQ==
X-Gm-Message-State: AOAM53192HnvSwitWCLnOSX3V7DJM80/+sOUIYM3NnEOr4A7w46vfZ4l
	69v1aauv+GcKsXihBeRzrg5j
X-Google-Smtp-Source: ABdhPJw+SiTYfZXvJV4HBrp1gH+biruQ+EkihhZGcestyrwuN5RpAdbhg6etlOTa5sQB3RWIxy/v5A==
X-Received: by 2002:ad4:470e:: with SMTP id k14mr3192394qvz.55.1631590372558; 
	Mon, 13 Sep 2021 20:32:52 -0700 (PDT)
Received: from localhost (pool-96-237-52-188.bstnma.fios.verizon.net.
	[96.237.52.188]) by smtp.gmail.com with ESMTPSA id
	h68sm6975543qkf.126.2021.09.13.20.32.51
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Mon, 13 Sep 2021 20:32:51 -0700 (PDT)
Subject: [PATCH v3 0/8] Add LSM access controls and auditing to io_uring
From: Paul Moore <paul@paul-moore.com>
To: linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
	linux-audit@redhat.com, io-uring@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, Jens Axboe <axboe@kernel.dk>,
	Pavel Begunkov <asml.silence@gmail.com>,
	Kumar Kartikeya Dwivedi <memxor@gmail.com>
Date: Mon, 13 Sep 2021 23:32:51 -0400
Message-ID: <163159032713.470089.11728103630366176255.stgit@olly>
User-Agent: StGit/1.1
MIME-Version: 1.0
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: linux-audit@redhat.com
X-BeenThere: linux-audit@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Linux Audit Discussion <linux-audit.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

As promised, here is revision #3 of the io_uring/LSM/audit patchset.
The changes from revision #2 are minimal and noted in the individual
patches; they are mostly focused on removing debug/dev code and
scary "BEWARE, DEVELOPMENT PATCH!" language from the commit
descriptions.

With plenty of good discussion happening on the initial RFC posting,
and the second revision incorporating all the feedback garnering no
objections, I plan to merge this patchset into the selinux/next tree
later this week.  Jens, Pavel, it would nice if I could get your ACK
on the io_uring patches before I merge them.

For those of you who may be seeing this for the first time, the
second RFC revision of the patchset can be found in the archives at
the link below:
https://lore.kernel.org/linux-security-module/162871480969.63873.9434591871437326374.stgit@olly/

... and the initial draft RFC can be found here:
https://lore.kernel.org/linux-security-module/162163367115.8379.8459012634106035341.stgit@sifl/

Those who would prefer to fetch these patches directly from git can
do so using the tree/branch below:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
 (checkout branch "working-io_uring")

-Paul

---

Casey Schaufler (1):
      Smack: Brutalist io_uring support with debug

Paul Moore (7):
      audit: prepare audit_context for use in calling contexts beyond syscalls
      audit,io_uring,io-wq: add some basic audit support to io_uring
      audit: add filtering for io_uring records
      fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
      io_uring: convert io_uring to the secure anon inode interface
      lsm,io_uring: add LSM hooks to io_uring
      selinux: add support for the io_uring access controls


 fs/anon_inodes.c                    |  29 ++
 fs/io-wq.c                          |   4 +
 fs/io_uring.c                       |  69 +++-
 include/linux/anon_inodes.h         |   4 +
 include/linux/audit.h               |  26 ++
 include/linux/lsm_hook_defs.h       |   5 +
 include/linux/lsm_hooks.h           |  13 +
 include/linux/security.h            |  16 +
 include/uapi/linux/audit.h          |   4 +-
 kernel/audit.h                      |   7 +-
 kernel/audit_tree.c                 |   3 +-
 kernel/audit_watch.c                |   3 +-
 kernel/auditfilter.c                |  15 +-
 kernel/auditsc.c                    | 477 ++++++++++++++++++++++------
 security/security.c                 |  12 +
 security/selinux/hooks.c            |  34 ++
 security/selinux/include/classmap.h |   2 +
 security/smack/smack_lsm.c          |  46 +++
 18 files changed, 654 insertions(+), 115 deletions(-)

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit