From: serue@us.ibm.com
To: lkml <linux-kernel@vger.kernel.org>
Cc: Chris Wright <chrisw@osdl.org>,
Stephen Smalley <sds@epoch.ncsc.mil>,
James Morris <jmorris@redhat.com>, Andrew Morton <akpm@osdl.org>,
Michael Halcrow <mhalcrow@us.ibm.com>,
David Safford <safford@watson.ibm.com>,
Reiner Sailer <sailer@us.ibm.com>,
Gerrit Huizenga <gerrit@us.ibm.com>
Subject: [patch 11/12] lsm stacking v0.2: /proc/$$/attr/ sharing
Date: Thu, 30 Jun 2005 14:55:04 -0500 [thread overview]
Message-ID: <20050630195504.GK23538@serge.austin.ibm.com> (raw)
In-Reply-To: <20050630194458.GA23439@serge.austin.ibm.com>
This patch enables sharing of the /proc/<pid>/attr files. Input and
output now takes the form of
"whatever_data_is_expected (module_name)"
For writes, the data section (minus " (module_name)") is sent to the
module identified as "module_name". For reads, stacker appends the
" (module_name)" to whatever modules send. If any module returns
an error other than -EINVAL, that error and no data is returned.
If data is written to a procattr file without " (module_name)"
the data is sent to the selinux module.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
---
stacker.c | 125 +++++++++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 100 insertions(+), 25 deletions(-)
Index: linux-2.6.13-rc1/security/stacker.c
===================================================================
--- linux-2.6.13-rc1.orig/security/stacker.c 2005-06-30 15:32:43.000000000 -0500
+++ linux-2.6.13-rc1/security/stacker.c 2005-06-30 15:40:19.000000000 -0500
@@ -966,24 +966,116 @@ static void stacker_d_instantiate (struc
CALL_ALL(d_instantiate,d_instantiate(dentry,inode));
}
+/*
+ * Query all LSMs.
+ * If all return EINVAL, we return EINVAL. If any returns any other
+ * error, then we return that error. Otherwise, we concatenate all
+ * modules' results.
+ */
static int
stacker_getprocattr(struct task_struct *p, char *name, void *value, size_t size)
{
- if (!selinux_module)
- return -EINVAL;
- if (!selinux_module->module_operations.getprocattr)
+ struct module_entry *m;
+ int len = 0, ret;
+ int found_noneinval = 0;
+
+
+ if (list_empty(&stacked_modules))
return -EINVAL;
- return selinux_module->module_operations.getprocattr(p, name, value, size);
+
+ rcu_read_lock();
+ stack_for_each_entry(m, &stacked_modules, lsm_list) {
+ if (!m->module_operations.getprocattr)
+ continue;
+ rcu_read_unlock();
+ ret = m->module_operations.getprocattr(p, name,
+ value+len, size-len);
+ rcu_read_lock();
+ if (ret == -EINVAL)
+ continue;
+ found_noneinval = 1;
+ if (ret < 0) {
+ memset(value, 0, len);
+ len = ret;
+ break;
+ }
+ if (ret == 0)
+ continue;
+ len += ret;
+ if (len+m->namelen+4 < size) {
+ char *v = value;
+ if (v[len-1]=='\n')
+ len--;
+ len += sprintf(value+len, " (%s)\n", m->module_name);
+ }
+ }
+ rcu_read_unlock();
+
+ return found_noneinval ? len : -EINVAL;
+}
+
+static struct module_entry *
+find_active_lsm(const char *name, int len)
+{
+ struct module_entry *m, *ret = NULL;
+
+ rcu_read_lock();
+ stack_for_each_entry(m, &stacked_modules, lsm_list) {
+ if (m->namelen == len && !strncmp(m->module_name, name, len)) {
+ ret = m;
+ break;
+ }
+ }
+
+ rcu_read_unlock();
+ return ret;
}
-static int stacker_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
+/*
+ * We assume input will be either
+ * "data" - in which case it goes to selinux, or
+ * "data (mod_name)" in which case the data goes to module mod_name.
+ */
+static int
+stacker_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
{
+ struct module_entry *callm = selinux_module;
+ char *realv = (char *)value;
+ size_t dsize = size;
+ int loc = 0, end_data = size;
- if (!selinux_module)
+ if (list_empty(&stacked_modules))
return -EINVAL;
- if (!selinux_module->module_operations.setprocattr)
+
+ if (dsize && realv[dsize-1] == '\n')
+ dsize--;
+
+ if (!dsize || realv[dsize-1]!=')')
+ goto call;
+
+ dsize--;
+ loc = dsize-1;
+ while (loc && realv[loc]!='(')
+ loc--;
+ if (!loc)
+ goto call;
+
+ callm = find_active_lsm(realv+loc+1, dsize-loc-1);
+ if (!callm)
+ goto call;
+
+
+ loc--;
+ while (loc && realv[loc]==' ')
+ loc--;
+
+ end_data = loc+1;
+call:
+ if (!callm || !callm->module_operations.setprocattr)
return -EINVAL;
- return selinux_module->module_operations.setprocattr(p, name, value, size);
+
+ return callm->module_operations.setprocattr(p, name, value, end_data) +
+ (size-end_data);
}
/*
@@ -1048,23 +1140,6 @@ out:
return ret;
}
-static struct module_entry *
-find_active_lsm(const char *name, int len)
-{
- struct module_entry *m, *ret = NULL;
-
- rcu_read_lock();
- stack_for_each_entry(m, &stacked_modules, lsm_list) {
- if (m->namelen == len && !strncmp(m->module_name, name, len)) {
- ret = m;
- break;
- }
- }
-
- rcu_read_unlock();
- return ret;
-}
-
/*
* Currently this version of stacker does not allow for module
* unregistering.
next prev parent reply other threads:[~2005-06-30 20:34 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-30 19:44 [patch 0/12] lsm stacking v0.2: intro serue
2005-06-30 19:48 ` [patch 1/12] lsm stacking v0.2: don't default to dummy_##hook serue
2005-06-30 19:48 ` [patch 2/12] lsm stacking v0.2: replace void* security with hlist serue
2005-06-30 19:49 ` [patch 3/12] lsm stacking v0.2: introduce security_*_value API serue
2005-06-30 19:49 ` [patch 4/12] lsm stacking v0.2: stacker documentation serue
2005-06-30 19:50 ` [patch 5/12] lsm stacking v0.2: actual stacker module serue
2005-07-01 2:32 ` James Morris
2005-07-01 19:24 ` serge
2005-07-01 20:35 ` Greg KH
2005-07-03 0:24 ` serge
2005-07-03 18:25 ` Tony Jones
2005-07-03 18:53 ` James Morris
2005-07-03 19:09 ` Tony Jones
2005-07-03 20:44 ` [PATCH] securityfs Greg KH
2005-07-04 12:39 ` serge
2005-07-04 15:53 ` serge
2005-07-05 6:07 ` Greg KH
2005-07-06 12:25 ` serge
2005-07-06 6:52 ` James Morris
2005-07-06 7:04 ` Greg KH
2005-07-06 12:29 ` Stephen Smalley
2005-07-06 15:35 ` James Morris
2005-07-06 16:06 ` Stephen Smalley
2005-07-06 16:16 ` Greg KH
2005-07-06 18:01 ` Chris Wright
2005-07-06 22:08 ` serue
2005-07-06 22:22 ` Greg KH
2005-07-06 23:32 ` serge
2005-07-07 17:30 ` serge
2005-07-07 17:48 ` Greg KH
2005-07-07 18:27 ` serue
2005-07-07 22:46 ` serge
2005-07-07 23:06 ` Greg KH
2005-07-07 23:12 ` serue
2005-07-08 20:44 ` serue
2005-07-08 20:49 ` Greg KH
2005-07-08 21:03 ` Chris Wright
2005-07-04 3:18 ` [patch 5/12] lsm stacking v0.2: actual stacker module Tony Jones
2005-07-04 11:51 ` serge
2005-07-04 19:37 ` Tony Jones
2005-07-04 20:06 ` serge
2005-07-04 20:41 ` Tony Jones
2005-07-05 18:17 ` serge
2005-07-08 21:43 ` serue
2005-07-08 22:12 ` serue
2005-07-11 14:40 ` Stephen Smalley
2005-07-11 17:51 ` serue
2005-07-11 19:03 ` Stephen Smalley
2005-07-13 16:39 ` serue
2005-07-13 18:27 ` serue
2005-06-30 19:51 ` [patch 6/12] lsm stacking v0.2: stackable capability lsm serue
2005-06-30 19:52 ` [patch 7/12] lsm stacking v0.2: selinux: update security structs serue
2005-06-30 19:53 ` [patch 8/12] lsm stacking v0.2: selinux: use security_*_value API serue
2005-06-30 19:53 ` [patch 9/12] lsm stacking v0.2: selinux: remove secondary support serue
2005-06-30 19:54 ` [patch 10/12] lsm stacking v0.2: hook completeness verification serue
2005-06-30 19:55 ` serue [this message]
2005-06-30 19:55 ` [patch 12/12] lsm stacking v0.2: update seclvl for stacking serue
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050630195504.GK23538@serge.austin.ibm.com \
--to=serue@us.ibm.com \
--cc=akpm@osdl.org \
--cc=chrisw@osdl.org \
--cc=gerrit@us.ibm.com \
--cc=jmorris@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mhalcrow@us.ibm.com \
--cc=safford@watson.ibm.com \
--cc=sailer@us.ibm.com \
--cc=sds@epoch.ncsc.mil \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).