Linux-audit Archive on lore.kernel.org
 help / color / Atom feed
* [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants
@ 2021-02-19 23:28 Paul Moore
  2021-02-19 23:29 ` [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants Paul Moore
                   ` (4 more replies)
  0 siblings, 5 replies; 39+ messages in thread
From: Paul Moore @ 2021-02-19 23:28 UTC (permalink / raw)
  To: Casey Schaufler, John Johansen
  Cc: selinux, linux-security-module, linux-audit

As discussed briefly on the list (lore link below), we are a little
sloppy when it comes to using task credentials, mixing both the
subjective and object credentials.  This patch set attempts to fix
this by replacing security_task_getsecid() with two new hooks that
return either the subjective (_subj) or objective (_obj) credentials.

https://lore.kernel.org/linux-security-module/806848326.0ifERbkFSE@x2/T/

Casey and John, I made a quick pass through the Smack and AppArmor
code in an effort to try and do the right thing, but I will admit
that I haven't tested those changes, just the SELinux code.  I
would really appreciate your help in reviewing those changes.  If
you find it easier, feel free to wholesale replace my Smack/AppArmor
patch with one of your own.

---

Paul Moore (4):
      lsm: separate security_task_getsecid() into subjective and objective variants
      selinux: clarify task subjective and objective credentials
      smack: differentiate between subjective and objective task credentials
      apparmor: differentiate between subjective and objective task credentials


 security/apparmor/domain.c       |  2 +-
 security/apparmor/include/cred.h | 19 +++++--
 security/apparmor/include/task.h |  3 +-
 security/apparmor/lsm.c          | 23 ++++++---
 security/apparmor/task.c         | 23 +++++++--
 security/selinux/hooks.c         | 85 ++++++++++++++++++--------------
 security/smack/smack.h           | 18 ++++++-
 security/smack/smack_lsm.c       | 40 ++++++++++-----
 8 files changed, 147 insertions(+), 66 deletions(-)

--
Signature

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit


^ permalink raw reply	[flat|nested] 39+ messages in thread

end of thread, back to index

Thread overview: 39+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-19 23:28 [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants Paul Moore
2021-02-19 23:29 ` [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants Paul Moore
2021-02-20  2:55   ` James Morris
2021-02-20 14:44     ` Paul Moore
2021-03-04 10:04       ` Jeffrey Vander Stoep
2021-03-04 23:43         ` Paul Moore
2021-03-10  8:21           ` Jeffrey Vander Stoep
2021-03-11  1:56             ` Paul Moore
2021-02-21 12:51   ` John Johansen
2021-02-21 22:09     ` Paul Moore
2021-03-04  0:44     ` Paul Moore
2021-03-10  0:28       ` Paul Moore
2021-03-10  3:09         ` John Johansen
2021-02-24 16:49   ` Mimi Zohar
2021-03-08 19:25   ` Richard Guy Briggs
2021-03-10  0:23     ` Paul Moore
2021-03-10  1:03   ` John Johansen
2021-03-11  1:55     ` Paul Moore
2021-02-19 23:29 ` [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials Paul Moore
2021-02-21 12:55   ` John Johansen
2021-03-08 19:26   ` Richard Guy Briggs
2021-03-10  3:05   ` John Johansen
2021-03-11  4:32     ` Paul Moore
2021-03-17 22:56       ` Paul Moore
2021-02-19 23:29 ` [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials Paul Moore
2021-02-21 12:56   ` John Johansen
2021-03-08 19:26   ` Richard Guy Briggs
2021-03-10  1:04   ` John Johansen
2021-02-19 23:29 ` [RFC PATCH 4/4] apparmor: " Paul Moore
2021-02-21 12:57   ` John Johansen
2021-02-21 22:12     ` Paul Moore
2021-02-20  1:49 ` [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants Casey Schaufler
2021-02-20 14:41   ` Paul Moore
2021-02-22 23:58     ` Casey Schaufler
2021-02-23 14:14       ` Mimi Zohar
2021-02-24  0:03         ` Paul Moore
2021-03-04  0:46       ` Paul Moore
2021-03-04  2:21         ` Casey Schaufler
2021-03-04 23:41           ` Paul Moore

Linux-audit Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-audit/0 linux-audit/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-audit linux-audit/ https://lore.kernel.org/linux-audit \
		linux-audit@redhat.com
	public-inbox-index linux-audit

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.redhat.linux-audit


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git