From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D19DEC433E0 for ; Thu, 4 Mar 2021 00:45:12 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 178B164E46 for ; Thu, 4 Mar 2021 00:45:11 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 178B164E46 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=paul-moore.com Authentication-Results: mail.kernel.org; spf=tempfail smtp.mailfrom=linux-audit-bounces@redhat.com Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-199-qI8FZuNRMj2gdCk8DSiMWg-1; Wed, 03 Mar 2021 19:45:09 -0500 X-MC-Unique: qI8FZuNRMj2gdCk8DSiMWg-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1689780403D; Thu, 4 Mar 2021 00:45:05 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DF04210013D6; Thu, 4 Mar 2021 00:45:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5165E4A7C6; Thu, 4 Mar 2021 00:45:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1240iv8i012053 for ; Wed, 3 Mar 2021 19:44:57 -0500 Received: by smtp.corp.redhat.com (Postfix) id 89FAE2167D61; Thu, 4 Mar 2021 00:44:57 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 83C322167D60 for ; Thu, 4 Mar 2021 00:44:54 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6A8CF186E242 for ; Thu, 4 Mar 2021 00:44:54 +0000 (UTC) Received: from mail-ej1-f48.google.com (mail-ej1-f48.google.com [209.85.218.48]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-337-GFC0xCMdNbmID_V3b-1krA-1; Wed, 03 Mar 2021 19:44:52 -0500 X-MC-Unique: GFC0xCMdNbmID_V3b-1krA-1 Received: by mail-ej1-f48.google.com with SMTP id mm21so45662083ejb.12 for ; Wed, 03 Mar 2021 16:44:51 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g2lURl+ATX2YUjr5q4pNGyS+/f3qF3dd8poyz9I0yIQ=; b=IN/rGrM2f0Bh3cr44TGUGG6gbJzUsy12d9rC7dYfrjlpJqNhBrkRv+3aomK5Tviybb 3EZmpxBHWMSAo7jvUpqGBUkP02VV4u7qCO6KD0TcW52jkVwOv21odCJ3WQn5tkWrf5IG N2BJYTHBtW85eekjXijO25pqD40H+l+bm945oZPqtOqHOew5RtomEVtVtYv2wOR7+vPV kI+sCBXOnjNXLlnQNjp9b38XeUV0JtfBlgC/RX5sbr6pQLCXzDchkxcjkG6/oMbH7SoM fmlxij68wwlh/bKpp1tEX97v18aoHXb/kUlLktFYVFaFAF4WLZS82E2JtNjEP9Q5dhMO xU/w== X-Gm-Message-State: AOAM533ZwlTMxpx0vbqUpiAkkT3r0ZftZP3UH1+kbgSiprFR8rwIRNAM 4rOOqliNH5hNBlxHhxDd3nPpDqQjqMJVArpTNVvp X-Google-Smtp-Source: ABdhPJwMWPIfRXVxIBCOjcbnyugYHup2arm1/+oo2mo11V8E1LS5uXyCS7vTs7sOAcv3T7QPJc0OjZwXwqq4GYlQLJs= X-Received: by 2002:a17:906:a443:: with SMTP id cb3mr1388093ejb.542.1614818690832; Wed, 03 Mar 2021 16:44:50 -0800 (PST) MIME-Version: 1.0 References: <161377712068.87807.12246856567527156637.stgit@sifl> <161377734508.87807.8537642254664217815.stgit@sifl> In-Reply-To: From: Paul Moore Date: Wed, 3 Mar 2021 19:44:40 -0500 Message-ID: Subject: Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants To: John Johansen X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: linux-audit@redhat.com Cc: selinux@vger.kernel.org, linux-security-module@vger.kernel.org, linux-audit@redhat.com X-BeenThere: linux-audit@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Linux Audit Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit On Sun, Feb 21, 2021 at 7:51 AM John Johansen wrote: > On 2/19/21 3:29 PM, Paul Moore wrote: > > Of the three LSMs that implement the security_task_getsecid() LSM > > hook, all three LSMs provide the task's objective security > > credentials. This turns out to be unfortunate as most of the hook's > > callers seem to expect the task's subjective credentials, although > > a small handful of callers do correctly expect the objective > > credentials. > > > > This patch is the first step towards fixing the problem: it splits > > the existing security_task_getsecid() hook into two variants, one > > for the subjective creds, one for the objective creds. > > > > void security_task_getsecid_subj(struct task_struct *p, > > u32 *secid); > > void security_task_getsecid_obj(struct task_struct *p, > > u32 *secid); > > > > While this patch does fix all of the callers to use the correct > > variant, in order to keep this patch focused on the callers and to > > ease review, the LSMs continue to use the same implementation for > > both hooks. The net effect is that this patch should not change > > the behavior of the kernel in any way, it will be up to the latter > > LSM specific patches in this series to change the hook > > implementations and return the correct credentials. > > > > Signed-off-by: Paul Moore > > So far this looks good. I want to take another stab at it and give > it some testing Checking in as I know you said you needed to fix/release the AppArmor patch in this series ... is this patch still looking okay to you? If so, can I get an ACK at least on this patch? -- paul moore www.paul-moore.com -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit