Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 2/2] selinux: use netlink_receive hook
@ 2019-08-21 13:46 Jeff Vander Stoep
  2019-08-23  1:44 ` kbuild test robot
  2019-08-23  1:54 ` kbuild test robot
  0 siblings, 2 replies; 3+ messages in thread
From: Jeff Vander Stoep @ 2019-08-21 13:46 UTC (permalink / raw)
  To: netdev, linux-security-module, selinux; +Cc: Jeff Vander Stoep

Add the nlmsg_readpriv permission to netlink_route socket class.
Currently this is only used to restrict MAC address access.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
---
 security/selinux/hooks.c            | 6 ++++++
 security/selinux/include/classmap.h | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 74dd46de01b6..2ab89a73f663 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -5825,6 +5825,11 @@ static unsigned int selinux_ipv6_postroute(void *priv,
 
 #endif	/* CONFIG_NETFILTER */
 
+static int selinux_netlink_receive(struct sock *sk, struct sk_buff *skb)
+{
+	return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
+}
+
 static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb)
 {
 	return selinux_nlmsg_perm(sk, skb);
@@ -6765,6 +6770,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(syslog, selinux_syslog),
 	LSM_HOOK_INIT(vm_enough_memory, selinux_vm_enough_memory),
 
+	LSM_HOOK_INIT(netlink_receive, selinux_netlink_receive),
 	LSM_HOOK_INIT(netlink_send, selinux_netlink_send),
 
 	LSM_HOOK_INIT(bprm_set_creds, selinux_bprm_set_creds),
diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
index 201f7e588a29..3726c61a3dd1 100644
--- a/security/selinux/include/classmap.h
+++ b/security/selinux/include/classmap.h
@@ -115,7 +115,7 @@ struct security_class_mapping secclass_map[] = {
 	  { COMMON_IPC_PERMS, NULL } },
 	{ "netlink_route_socket",
 	  { COMMON_SOCK_PERMS,
-	    "nlmsg_read", "nlmsg_write", NULL } },
+	    "nlmsg_read", "nlmsg_write", "nlmsg_readpriv", NULL } },
 	{ "netlink_tcpdiag_socket",
 	  { COMMON_SOCK_PERMS,
 	    "nlmsg_read", "nlmsg_write", NULL } },
-- 
2.23.0.rc1.153.gdeed80330f-goog


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH 2/2] selinux: use netlink_receive hook
  2019-08-21 13:46 [PATCH 2/2] selinux: use netlink_receive hook Jeff Vander Stoep
@ 2019-08-23  1:44 ` kbuild test robot
  2019-08-23  1:54 ` kbuild test robot
  1 sibling, 0 replies; 3+ messages in thread
From: kbuild test robot @ 2019-08-23  1:44 UTC (permalink / raw)
  To: Jeff Vander Stoep
  Cc: kbuild-all, netdev, linux-security-module, selinux, Jeff Vander Stoep

[-- Attachment #1: Type: text/plain, Size: 3117 bytes --]

Hi Jeff,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on linus/master]
[cannot apply to v5.3-rc5 next-20190822]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Jeff-Vander-Stoep/rtnetlink-gate-MAC-address-with-an-LSM-hook/20190823-071253
config: i386-defconfig (attached as .config)
compiler: gcc-7 (Debian 7.4.0-10) 7.4.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=i386 

If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <lkp@intel.com>

All error/warnings (new ones prefixed by >>):

   In file included from include/linux/sched.h:12:0,
                    from include/linux/tracehook.h:46,
                    from security/selinux/hooks.c:27:
   security/selinux/hooks.c: In function 'selinux_netlink_receive':
>> arch/x86/include/asm/current.h:18:17: error: passing argument 1 of 'sock_has_perm' from incompatible pointer type [-Werror=incompatible-pointer-types]
    #define current get_current()
                    ^
>> security/selinux/hooks.c:5830:23: note: in expansion of macro 'current'
     return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
                          ^~~~~~~
   security/selinux/hooks.c:4422:12: note: expected 'struct sock *' but argument is of type 'struct task_struct *'
    static int sock_has_perm(struct sock *sk, u32 perms)
               ^~~~~~~~~~~~~
>> security/selinux/hooks.c:5830:32: warning: passing argument 2 of 'sock_has_perm' makes integer from pointer without a cast [-Wint-conversion]
     return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
                                   ^~
   security/selinux/hooks.c:4422:12: note: expected 'u32 {aka unsigned int}' but argument is of type 'struct sock *'
    static int sock_has_perm(struct sock *sk, u32 perms)
               ^~~~~~~~~~~~~
>> security/selinux/hooks.c:5830:9: error: too many arguments to function 'sock_has_perm'
     return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
            ^~~~~~~~~~~~~
   security/selinux/hooks.c:4422:12: note: declared here
    static int sock_has_perm(struct sock *sk, u32 perms)
               ^~~~~~~~~~~~~
   cc1: some warnings being treated as errors

vim +/sock_has_perm +18 arch/x86/include/asm/current.h

f0766440dda7ac include/asm-x86/current.h      Christoph Lameter 2008-05-09  17  
c6f5e0acd5d12e arch/x86/include/asm/current.h Brian Gerst       2009-01-19 @18  #define current get_current()
f0766440dda7ac include/asm-x86/current.h      Christoph Lameter 2008-05-09  19  

:::::: The code at line 18 was first introduced by commit
:::::: c6f5e0acd5d12ee23f701f15889872e67b47caa6 x86-64: Move current task from PDA to per-cpu and consolidate with 32-bit.

:::::: TO: Brian Gerst <brgerst@gmail.com>
:::::: CC: Tejun Heo <tj@kernel.org>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 28074 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH 2/2] selinux: use netlink_receive hook
  2019-08-21 13:46 [PATCH 2/2] selinux: use netlink_receive hook Jeff Vander Stoep
  2019-08-23  1:44 ` kbuild test robot
@ 2019-08-23  1:54 ` kbuild test robot
  1 sibling, 0 replies; 3+ messages in thread
From: kbuild test robot @ 2019-08-23  1:54 UTC (permalink / raw)
  To: Jeff Vander Stoep
  Cc: kbuild-all, netdev, linux-security-module, selinux, Jeff Vander Stoep

[-- Attachment #1: Type: text/plain, Size: 3307 bytes --]

Hi Jeff,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on linus/master]
[cannot apply to v5.3-rc5 next-20190822]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Jeff-Vander-Stoep/rtnetlink-gate-MAC-address-with-an-LSM-hook/20190823-071253
config: s390-debug_defconfig (attached as .config)
compiler: s390-linux-gcc (GCC) 7.4.0
reproduce:
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # save the attached .config to linux build tree
        GCC_VERSION=7.4.0 make.cross ARCH=s390 

If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <lkp@intel.com>

All errors (new ones prefixed by >>):

   In file included from include/linux/sched.h:12:0,
                    from include/linux/tracehook.h:46,
                    from security/selinux/hooks.c:27:
   security/selinux/hooks.c: In function 'selinux_netlink_receive':
>> arch/s390/include/asm/current.h:17:17: error: passing argument 1 of 'sock_has_perm' from incompatible pointer type [-Werror=incompatible-pointer-types]
    #define current ((struct task_struct *const)S390_lowcore.current_task)
                    ^
   security/selinux/hooks.c:5830:23: note: in expansion of macro 'current'
     return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
                          ^~~~~~~
   security/selinux/hooks.c:4422:12: note: expected 'struct sock *' but argument is of type 'struct task_struct *'
    static int sock_has_perm(struct sock *sk, u32 perms)
               ^~~~~~~~~~~~~
   security/selinux/hooks.c:5830:32: warning: passing argument 2 of 'sock_has_perm' makes integer from pointer without a cast [-Wint-conversion]
     return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
                                   ^~
   security/selinux/hooks.c:4422:12: note: expected 'u32 {aka unsigned int}' but argument is of type 'struct sock *'
    static int sock_has_perm(struct sock *sk, u32 perms)
               ^~~~~~~~~~~~~
   security/selinux/hooks.c:5830:9: error: too many arguments to function 'sock_has_perm'
     return sock_has_perm(current, sk, NETLINK_ROUTE_SOCKET__NLMSG_READPRIV);
            ^~~~~~~~~~~~~
   security/selinux/hooks.c:4422:12: note: declared here
    static int sock_has_perm(struct sock *sk, u32 perms)
               ^~~~~~~~~~~~~
   cc1: some warnings being treated as errors

vim +/sock_has_perm +17 arch/s390/include/asm/current.h

^1da177e4c3f41 include/asm-s390/current.h Linus Torvalds 2005-04-16  16  
^1da177e4c3f41 include/asm-s390/current.h Linus Torvalds 2005-04-16 @17  #define current ((struct task_struct *const)S390_lowcore.current_task)
^1da177e4c3f41 include/asm-s390/current.h Linus Torvalds 2005-04-16  18  

:::::: The code at line 17 was first introduced by commit
:::::: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Linux-2.6.12-rc2

:::::: TO: Linus Torvalds <torvalds@ppc970.osdl.org>
:::::: CC: Linus Torvalds <torvalds@ppc970.osdl.org>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 20136 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, back to index

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-21 13:46 [PATCH 2/2] selinux: use netlink_receive hook Jeff Vander Stoep
2019-08-23  1:44 ` kbuild test robot
2019-08-23  1:54 ` kbuild test robot

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org linux-security-module@archiver.kernel.org
	public-inbox-index linux-security-module


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/ public-inbox