From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5727C433FE for ; Wed, 15 Sep 2021 16:49:37 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 770B76113E for ; Wed, 15 Sep 2021 16:49:37 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 770B76113E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=paul-moore.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=redhat.com Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-390-tNdirBZKOEqplysxO6i-Sg-1; Wed, 15 Sep 2021 12:49:34 -0400 X-MC-Unique: tNdirBZKOEqplysxO6i-Sg-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A42EB5074C; Wed, 15 Sep 2021 16:49:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2EEF860FDD; Wed, 15 Sep 2021 16:49:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id AA084180142F; Wed, 15 Sep 2021 16:49:28 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 18FGnQN1004791 for ; Wed, 15 Sep 2021 12:49:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2A85D1112C08; Wed, 15 Sep 2021 16:49:26 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2419E1112C0B for ; Wed, 15 Sep 2021 16:49:23 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3173B185A794 for ; Wed, 15 Sep 2021 16:49:23 +0000 (UTC) Received: from mail-qv1-f43.google.com (mail-qv1-f43.google.com [209.85.219.43]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-255-jDS-bF6wOICJkiHgbR7Uiw-1; Wed, 15 Sep 2021 12:49:21 -0400 X-MC-Unique: jDS-bF6wOICJkiHgbR7Uiw-1 Received: by mail-qv1-f43.google.com with SMTP id 62so2252803qvb.11 for ; Wed, 15 Sep 2021 09:49:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=tZwBVZ5ivrPb6DCSmr/gfWXOF5H7MpGJkku89V1qfH0=; b=DCneGXWbM7VKBcj4hN9qjQTl+b2AzeMWKRUhY/j+AJZ5rOblbYGI3oHUHnNyKb/ejZ wChpPOfLUFB/PHAG0NSM1L6itLoLBs59ROJiil9wdKFIoYLgXfYfYvL99+4T6oTt3r1n HK7+tcRIPs6EtU+HS5CFRTaQf3TmaLxnMvi+kEy1YqULBJNlKBo1rq62lX6U/oHjuDnr YT1y20/eU8LYuXKKeYV9o6OC1EJ4BgVamGvz1xM3Hehe3CF3BR0aiDamg/N/deVjfj61 OqtK9e1arbWdeWBY2GiZwtNOupCckqVX80ni0ZqNePZbugY13Mm9+XcW9ui9PyojXnob GYjw== X-Gm-Message-State: AOAM5335CWuXsTbRZBBsYmurVt44OCIksN/+1p0gmMTrA0bPZWaT8pZX bBouUtZbmm4xwLhNMdzeVAOU X-Google-Smtp-Source: ABdhPJw8vf5IO3EobDwbYHe2XkhMkNPHww7tMzZRabrqUnjoI4PvPa3dInjX+UhLg8nS5HeMJcXDpA== X-Received: by 2002:ad4:55b3:: with SMTP id f19mr727008qvx.16.1631724560204; Wed, 15 Sep 2021 09:49:20 -0700 (PDT) Received: from localhost (pool-96-237-52-188.bstnma.fios.verizon.net. [96.237.52.188]) by smtp.gmail.com with ESMTPSA id h9sm389334qkl.4.2021.09.15.09.49.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Sep 2021 09:49:19 -0700 (PDT) Subject: [PATCH v4 0/8] Add LSM access controls and auditing to io_uring From: Paul Moore To: linux-security-module@vger.kernel.org, selinux@vger.kernel.org, linux-audit@redhat.com, io-uring@vger.kernel.org, linux-fsdevel@vger.kernel.org, Jens Axboe , Pavel Begunkov , Kumar Kartikeya Dwivedi Date: Wed, 15 Sep 2021 12:49:18 -0400 Message-ID: <163172413301.88001.16054830862146685573.stgit@olly> User-Agent: StGit/1.1 MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: linux-audit@redhat.com X-BeenThere: linux-audit@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Linux Audit Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit A quick update to the v3 patchset with a small change to the audit record format (remove the audit login ID on io_uring records) and a subject line fix on the Smack patch. I also caught a few minor things in the code comments and fixed those up. All told, nothing significant but I really dislike merging patches that haven't hit the list so here ya go ... As a reminder, I'm planning to merge these in the selinux/next tree later this week and it would be *really* nice to get some ACKs from the io_uring folks; this patchset is implementing the ideas we all agreed to back in the v1 patchset so there shouldn't be anything surprising in here. For reference the v3 patchset can be found here: https://lore.kernel.org/linux-security-module/163159032713.470089.11728103630366176255.stgit@olly/T/#t Those who would prefer to fetch these patches directly from git can do so using the tree/branch below: git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git (checkout branch "working-io_uring") --- Casey Schaufler (1): Smack: Brutalist io_uring support Paul Moore (7): audit: prepare audit_context for use in calling contexts beyond syscalls audit,io_uring,io-wq: add some basic audit support to io_uring audit: add filtering for io_uring records fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure() io_uring: convert io_uring to the secure anon inode interface lsm,io_uring: add LSM hooks to io_uring selinux: add support for the io_uring access controls fs/anon_inodes.c | 29 ++ fs/io-wq.c | 4 + fs/io_uring.c | 69 +++- include/linux/anon_inodes.h | 4 + include/linux/audit.h | 26 ++ include/linux/lsm_hook_defs.h | 5 + include/linux/lsm_hooks.h | 13 + include/linux/security.h | 16 + include/uapi/linux/audit.h | 4 +- kernel/audit.h | 7 +- kernel/audit_tree.c | 3 +- kernel/audit_watch.c | 3 +- kernel/auditfilter.c | 15 +- kernel/auditsc.c | 469 ++++++++++++++++++++++------ security/security.c | 12 + security/selinux/hooks.c | 34 ++ security/selinux/include/classmap.h | 2 + security/smack/smack_lsm.c | 46 +++ 18 files changed, 646 insertions(+), 115 deletions(-) -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit