From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C22CC433DB for ; Fri, 12 Mar 2021 21:29:22 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8212764F70 for ; Fri, 12 Mar 2021 21:29:21 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8212764F70 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=oracle.com Authentication-Results: mail.kernel.org; spf=tempfail smtp.mailfrom=linux-audit-bounces@redhat.com Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-161-fZjDQW5NMPS4U0YkaaQy8A-1; Fri, 12 Mar 2021 16:29:17 -0500 X-MC-Unique: fZjDQW5NMPS4U0YkaaQy8A-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C16A41015C84; Fri, 12 Mar 2021 21:29:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1B94E19C71; Fri, 12 Mar 2021 21:29:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B2F514A717; Fri, 12 Mar 2021 21:29:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 12CLGrm4018741 for ; Fri, 12 Mar 2021 16:16:53 -0500 Received: by smtp.corp.redhat.com (Postfix) id 38DCB2026D60; Fri, 12 Mar 2021 21:16:53 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 31D322026D65 for ; Fri, 12 Mar 2021 21:16:50 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B80FE185A79C for ; Fri, 12 Mar 2021 21:16:50 +0000 (UTC) Received: from userp2130.oracle.com (userp2130.oracle.com [156.151.31.86]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-427-mDmxXUymNLm2Tsitk33EIQ-1; Fri, 12 Mar 2021 16:16:48 -0500 X-MC-Unique: mDmxXUymNLm2Tsitk33EIQ-1 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 12CGOdZb014743; Fri, 12 Mar 2021 16:27:03 GMT Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71]) by userp2130.oracle.com with ESMTP id 37415rjf2c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 12 Mar 2021 16:27:02 +0000 Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1]) by aserp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 12CGPenS112974; Fri, 12 Mar 2021 16:27:02 GMT Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2176.outbound.protection.outlook.com [104.47.59.176]) by aserp3030.oracle.com with ESMTP id 374katjckr-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 12 Mar 2021 16:27:01 +0000 Received: from SJ0PR10MB4688.namprd10.prod.outlook.com (2603:10b6:a03:2db::24) by SJ0PR10MB4525.namprd10.prod.outlook.com (2603:10b6:a03:2db::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.32; Fri, 12 Mar 2021 16:16:14 +0000 Received: from SJ0PR10MB4688.namprd10.prod.outlook.com ([fe80::50bf:7319:321c:96c9]) by SJ0PR10MB4688.namprd10.prod.outlook.com ([fe80::50bf:7319:321c:96c9%4]) with mapi id 15.20.3933.032; Fri, 12 Mar 2021 16:16:14 +0000 From: Chuck Lever III To: Casey Schaufler Subject: Re: [PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx Thread-Topic: [PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx Thread-Index: AQHXFPVHrl5ddq1dNk6KWoICiuTiwaqAjCCA Date: Fri, 12 Mar 2021 16:16:14 +0000 Message-ID: References: <20210309144243.12519-1-casey@schaufler-ca.com> <20210309144243.12519-18-casey@schaufler-ca.com> In-Reply-To: <20210309144243.12519-18-casey@schaufler-ca.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [68.61.232.219] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b8b661ea-3555-442d-0830-08d8e5722881 x-ms-traffictypediagnostic: SJ0PR10MB4525: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2449 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0 x-microsoft-antispam-message-info: PITH6EVu88l4Dgq6q5olmsvdmJN/HbYCK8tC8dtUvBKehQeCMNO0R9qMvkaEgOwCrQmU/XgYkah/wz5y0bPoiDnoT5abxoO4UgOHlZ8eJkmjBqW7TAz5ZCxqe1/nNL92uqizZ0upbwqgoNRrRegObHvMEL7tfPEUuEClP9tr+6L+fv7K+CcWY6/T5YwjfKgpg+KuhiwFZlpz6Mm2iNej/QlBSLJayBgO9bmhtlYirlBJi1FGcAXtgg5YSyzXmuNEj7SwBtqgHWun4ZzEwQ6qEdJy4Lh+xpR043Y7Kr59Y2tDGoURibdJQZVAXKPYKdbns15WQGv8C1B+IVY4wV1O+YHVV5Jl+NwMt6///0tRlwr3mSPvOwYXePnL8VefABrQjoOIJBnFTTn/po5x3ofvb6kcRlB8NFy26XEg9wlE6zrbQbeFBXZnxOGpB4vJanKtGeAUMBvp6+ex9mlDiabJ76hxoHVo53Z73eIeE3ecG99hl/Vg3/Wk56lPgv5qnHIFGbBSwiwXxUtaeOZP2KxVyvtce6r92RNInfCwfZCPcDzPYCOKvETwoYFtGVufvSMzaFs7x0Tbd6T5O0/iIPZwRF/s3vaVbBmS4hd8Xy+Am0dWOqzhYzS4Bik4mgNCkFvR x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR10MB4688.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(346002)(366004)(396003)(376002)(39860400002)(6916009)(66556008)(66476007)(76116006)(26005)(186003)(66446008)(64756008)(66946007)(91956017)(6486002)(7416002)(86362001)(2906002)(2616005)(478600001)(15650500001)(33656002)(8676002)(4326008)(6512007)(71200400001)(6506007)(53546011)(54906003)(316002)(36756003)(83380400001)(5660300002)(8936002)(45980500001); DIR:OUT; SFP:1101 x-ms-exchange-antispam-messagedata: =?us-ascii?Q?Aab4vVU/8G1AP9MUdWoVht9XiOQKbI/N5Kzx6RUOjE7jJR7ip8DFK0Hq3Sjy?= =?us-ascii?Q?Yx36RtcZkp+xKw7mIN9Tg6xRjFc4Rv2GrpzP7hptzWcFO+eu/3FdJBcW4+AM?= =?us-ascii?Q?uOubPoOymdlsw9S7X/xnn+qmDFuzRxNk/2j7K/PJIyz/p/Y0QNS2zaXI9sjI?= =?us-ascii?Q?Dvo5m5qpkZK6eHIG8u/5yKwRI43fDIYLeFcdTAF2s7FQy6EPOiO0jwW+OkCb?= =?us-ascii?Q?Ot5QO6EyGW/Z4TtEr7ye8JhHaxvM5lmpeayivzrQlir+W3odaI+Q66+tqu8X?= =?us-ascii?Q?4XFKzdQDHyfDd1RXt+Qg0B0OnJtcm/oapdMhg6H5OUekJrVSfFOrJfcE5b1o?= =?us-ascii?Q?I0s56QmpOj/YtwHCJ4PGfCXCcdXmqG1/GaCXD8dTbbNLuhNzuTXeFPQ5tOl1?= =?us-ascii?Q?mGTvNxaDSJPmlDbD3T0Bcdwouv9XJkik0EUD2GmmxyN8dl0zI/N8PvYwP3f2?= =?us-ascii?Q?ekFbZcTJZSmA/6PgrFx6VK7T8jIwxXk3sAtwbK5DK6Aya0DDfhMoX95sXOQ3?= =?us-ascii?Q?o+aDw3ziA4TSqFf6JmoIEJ9XE8ybZwOp6QbfHzLisdW0lkHiCawBqTAsQ4cI?= =?us-ascii?Q?hKBkaBWuL+G6M5kebvw9AcGrUTVs3mQoD+ngmmTEV2wd1JO9OJo1T2nOo4Gj?= =?us-ascii?Q?tsjmDZxEbQIKwXkyChBGJhLbh7VD6IBz8Z7FoUnWuJHHTmAWp8qFt5+Idhm9?= =?us-ascii?Q?/tSPX+9e+/IW/m56sUcqm/f6W7TTxzI9Pay7QnWhZsHFLDMo1vOykAGwX5Nq?= =?us-ascii?Q?WJQ9+SRyZffnVnOt5hsujWNU9FynGgX5u7dK4Ph1qgaM4xdwvklaOCH5VncG?= =?us-ascii?Q?xk8jhgNt3PCM8QkLvH9jTqDB1LNaXW6NsUE38g3CB16FLeVniEcUJUwbjfH+?= =?us-ascii?Q?MXuk45qxdV6OfgMrT3+uFkhSL++PTy5C2YtlnANnELFx0bcDlCIJV4f6Rlel?= =?us-ascii?Q?MzE/1KNDLuFxfQO8UUK+fPwCBmM/NGUhNl3+TpqKwWVZ7eBywcdpQ1UEfxbZ?= =?us-ascii?Q?uHoDIa2r/divaaZd0sMDA7g84BvLtY93z+klTVViTi9w7V8D4aH1iLRoDTKQ?= =?us-ascii?Q?dHVm/bvqmdZD4GjhyZGF9jxmdbZ752iG6ptVPtip7FSwMgNl9Yms6MKkDbl7?= =?us-ascii?Q?pwfgWT7eh/3lAVESIx+x2V+R/xLKo8+/5IltEaGVn/YONtH7lhK4smFRZTmI?= =?us-ascii?Q?6/zbcD2IQ8PzEmV+4ktYDb9ImX74frpnj6CM/dkXCVhfLkN1VgBYrJr7jvQ3?= =?us-ascii?Q?L1/6rQy7QsoMyOrFTJc3Ot7SuD/Uz3lkX7m+PO0yNqG6TjFCS+5YiTjoCkpK?= =?us-ascii?Q?5ZUyVUu4K/scwH490zcx1bmU?= x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ0PR10MB4688.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b8b661ea-3555-442d-0830-08d8e5722881 X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Mar 2021 16:16:14.0457 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: PW+obUibJoh/FJUKCTiXaMiKYYE1v7PRQuEdO1Lvn/k9k9rYsUG1PB03tCbbnypks7hRuJajuUx8B9f3Vgx57A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR10MB4525 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9921 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 suspectscore=0 spamscore=0 phishscore=0 bulkscore=0 malwarescore=0 adultscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103120118 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9921 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 lowpriorityscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 adultscore=0 phishscore=0 spamscore=0 priorityscore=1501 bulkscore=0 clxscore=1011 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103120118 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 12CLGrm4018741 X-loop: linux-audit@redhat.com X-Mailman-Approved-At: Fri, 12 Mar 2021 16:29:08 -0500 Cc: Linux NFS Mailing List , "john.johansen@canonical.com" , SElinux list , James Morris , LKML , Linux Security Module list , "linux-audit@redhat.com" , "casey.schaufler@intel.com" , "sds@tycho.nsa.gov" X-BeenThere: linux-audit@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Linux Audit Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-ID: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi Casey- > On Mar 9, 2021, at 9:42 AM, Casey Schaufler wrote: > > Change the security_inode_getsecctx() interface to fill > a lsmcontext structure instead of data and length pointers. > This provides the information about which LSM created the > context so that security_release_secctx() can use the > correct hook. > > Acked-by: Stephen Smalley > Acked-by: Paul Moore > Reviewed-by: John Johansen > Signed-off-by: Casey Schaufler > Cc: linux-nfs@vger.kernel.org For the NFSD hunks in 15/25 and 17/25: Acked-by: Chuck Lever > --- > fs/nfsd/nfs4xdr.c | 23 +++++++++-------------- > include/linux/security.h | 5 +++-- > security/security.c | 13 +++++++++++-- > 3 files changed, 23 insertions(+), 18 deletions(-) > > diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c > index afccc4f257d0..a796268ec757 100644 > --- a/fs/nfsd/nfs4xdr.c > +++ b/fs/nfsd/nfs4xdr.c > @@ -2727,11 +2727,11 @@ nfsd4_encode_layout_types(struct xdr_stream *xdr, u32 layout_types) > #ifdef CONFIG_NFSD_V4_SECURITY_LABEL > static inline __be32 > nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, > - void *context, int len) > + struct lsmcontext *context) > { > __be32 *p; > > - p = xdr_reserve_space(xdr, len + 4 + 4 + 4); > + p = xdr_reserve_space(xdr, context->len + 4 + 4 + 4); > if (!p) > return nfserr_resource; > > @@ -2741,13 +2741,13 @@ nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, > */ > *p++ = cpu_to_be32(0); /* lfs */ > *p++ = cpu_to_be32(0); /* pi */ > - p = xdr_encode_opaque(p, context, len); > + p = xdr_encode_opaque(p, context->context, context->len); > return 0; > } > #else > static inline __be32 > nfsd4_encode_security_label(struct xdr_stream *xdr, struct svc_rqst *rqstp, > - void *context, int len) > + struct lsmcontext *context) > { return 0; } > #endif > > @@ -2844,9 +2844,7 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, > int err; > struct nfs4_acl *acl = NULL; > #ifdef CONFIG_NFSD_V4_SECURITY_LABEL > - struct lsmcontext scaff; /* scaffolding */ > - void *context = NULL; > - int contextlen; > + struct lsmcontext context = { }; > #endif > bool contextsupport = false; > struct nfsd4_compoundres *resp = rqstp->rq_resp; > @@ -2904,7 +2902,7 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, > bmval0 & FATTR4_WORD0_SUPPORTED_ATTRS) { > if (exp->ex_flags & NFSEXP_SECURITY_LABEL) > err = security_inode_getsecctx(d_inode(dentry), > - &context, &contextlen); > + &context); > else > err = -EOPNOTSUPP; > contextsupport = (err == 0); > @@ -3324,8 +3322,7 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, > > #ifdef CONFIG_NFSD_V4_SECURITY_LABEL > if (bmval2 & FATTR4_WORD2_SECURITY_LABEL) { > - status = nfsd4_encode_security_label(xdr, rqstp, context, > - contextlen); > + status = nfsd4_encode_security_label(xdr, rqstp, &context); > if (status) > goto out; > } > @@ -3346,10 +3343,8 @@ nfsd4_encode_fattr(struct xdr_stream *xdr, struct svc_fh *fhp, > > out: > #ifdef CONFIG_NFSD_V4_SECURITY_LABEL > - if (context) { > - lsmcontext_init(&scaff, context, contextlen, 0); /*scaffolding*/ > - security_release_secctx(&scaff); > - } > + if (context.context) > + security_release_secctx(&context); > #endif /* CONFIG_NFSD_V4_SECURITY_LABEL */ > kfree(acl); > if (tempfh) { > diff --git a/include/linux/security.h b/include/linux/security.h > index d0e1b6ba330d..9dcc910036f4 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -582,7 +582,7 @@ void security_release_secctx(struct lsmcontext *cp); > void security_inode_invalidate_secctx(struct inode *inode); > int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); > int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); > -int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); > +int security_inode_getsecctx(struct inode *inode, struct lsmcontext *cp); > int security_locked_down(enum lockdown_reason what); > #else /* CONFIG_SECURITY */ > > @@ -1442,7 +1442,8 @@ static inline int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 > { > return -EOPNOTSUPP; > } > -static inline int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) > +static inline int security_inode_getsecctx(struct inode *inode, > + struct lsmcontext *cp) > { > return -EOPNOTSUPP; > } > diff --git a/security/security.c b/security/security.c > index 73fb5c6c4cf8..b88f916e0698 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -2337,9 +2337,18 @@ int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) > } > EXPORT_SYMBOL(security_inode_setsecctx); > > -int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) > +int security_inode_getsecctx(struct inode *inode, struct lsmcontext *cp) > { > - return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, ctx, ctxlen); > + struct security_hook_list *hp; > + > + memset(cp, 0, sizeof(*cp)); > + > + hlist_for_each_entry(hp, &security_hook_heads.inode_getsecctx, list) { > + cp->slot = hp->lsmid->slot; > + return hp->hook.inode_getsecctx(inode, (void **)&cp->context, > + &cp->len); > + } > + return -EOPNOTSUPP; > } > EXPORT_SYMBOL(security_inode_getsecctx); > > -- > 2.29.2 > -- Chuck Lever -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit