From: Casey Schaufler <casey@schaufler-ca.com>
To: casey.schaufler@intel.com, jmorris@namei.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Cc: keescook@chromium.org, john.johansen@canonical.com,
penguin-kernel@i-love.sakura.ne.jp, paul@paul-moore.com,
sds@tycho.nsa.gov
Subject: [PATCH v12 21/25] Audit: Add subj_LSM fields when necessary
Date: Mon, 16 Dec 2019 14:36:17 -0800 [thread overview]
Message-ID: <20191216223621.5127-22-casey@schaufler-ca.com> (raw)
In-Reply-To: <20191216223621.5127-1-casey@schaufler-ca.com>
Add record entries to identify subject data for all of the
security modules when there is more than one.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
cc: netdev@vger.kernel.com
cc: linux-audit@redhat.com
---
drivers/android/binder.c | 2 +-
include/linux/audit.h | 1 +
include/linux/security.h | 9 ++++-
include/net/scm.h | 3 +-
kernel/audit.c | 40 ++++++++++++++++++-
kernel/audit_fsnotify.c | 1 +
kernel/auditfilter.c | 1 +
kernel/auditsc.c | 10 +++--
net/ipv4/ip_sockglue.c | 2 +-
net/netfilter/nf_conntrack_netlink.c | 4 +-
net/netfilter/nf_conntrack_standalone.c | 2 +-
net/netfilter/nfnetlink_queue.c | 2 +-
net/netlabel/netlabel_unlabeled.c | 11 ++++--
net/netlabel/netlabel_user.c | 2 +-
net/xfrm/xfrm_policy.c | 2 +
net/xfrm/xfrm_state.c | 2 +
security/integrity/ima/ima_api.c | 1 +
security/integrity/integrity_audit.c | 1 +
security/security.c | 51 +++++++++++++++++++++++--
19 files changed, 124 insertions(+), 23 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 3c5eee35aae6..c9324c094888 100644
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -3107,7 +3107,7 @@ static void binder_transaction(struct binder_proc *proc,
size_t added_size;
security_task_getsecid(proc->tsk, &blob);
- ret = security_secid_to_secctx(&blob, &lsmctx);
+ ret = security_secid_to_secctx(&blob, &lsmctx, LSMBLOB_DISPLAY);
if (ret) {
return_error = BR_FAILED_REPLY;
return_error_param = ret;
diff --git a/include/linux/audit.h b/include/linux/audit.h
index f9ceae57ca8d..2ce0e8da3922 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -161,6 +161,7 @@ extern void audit_log_path_denied(int type,
extern void audit_log_lost(const char *message);
extern int audit_log_task_context(struct audit_buffer *ab);
+extern void audit_log_task_lsms(struct audit_buffer *ab);
extern void audit_log_task_info(struct audit_buffer *ab);
extern int audit_update_lsm_rules(void);
diff --git a/include/linux/security.h b/include/linux/security.h
index d0fab9f5dddf..536db4dbfcbb 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -180,6 +180,8 @@ struct lsmblob {
#define LSMBLOB_INVALID -1 /* Not a valid LSM slot number */
#define LSMBLOB_NEEDED -2 /* Slot requested on initialization */
#define LSMBLOB_NOT_NEEDED -3 /* Slot not requested */
+#define LSMBLOB_DISPLAY -4 /* Use the "display" slot */
+#define LSMBLOB_FIRST -5 /* Use the default "display" slot */
/**
* lsmblob_init - initialize an lsmblob structure.
@@ -221,6 +223,8 @@ static inline bool lsmblob_equal(struct lsmblob *bloba, struct lsmblob *blobb)
return !memcmp(bloba, blobb, sizeof(*bloba));
}
+const char *security_lsm_slot_name(int slot);
+
/* These functions are in security/commoncap.c */
extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
int cap, unsigned int opts);
@@ -530,7 +534,8 @@ int security_setprocattr(const char *lsm, const char *name, void *value,
size_t size);
int security_netlink_send(struct sock *sk, struct sk_buff *skb);
int security_ismaclabel(const char *name);
-int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp);
+int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp,
+ int display);
int security_secctx_to_secid(const char *secdata, u32 seclen,
struct lsmblob *blob);
void security_release_secctx(struct lsmcontext *cp);
@@ -1334,7 +1339,7 @@ static inline int security_ismaclabel(const char *name)
}
static inline int security_secid_to_secctx(struct lsmblob *blob,
- struct lsmcontext *cp)
+ struct lsmcontext *cp, int display)
{
return -EOPNOTSUPP;
}
diff --git a/include/net/scm.h b/include/net/scm.h
index 4a6ad8caf423..8b5a4737e1b8 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -96,7 +96,8 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc
int err;
if (test_bit(SOCK_PASSSEC, &sock->flags)) {
- err = security_secid_to_secctx(&scm->lsmblob, &context);
+ err = security_secid_to_secctx(&scm->lsmblob, &context,
+ LSMBLOB_DISPLAY);
if (!err) {
put_cmsg(msg, SOL_SOCKET, SCM_SECURITY,
diff --git a/kernel/audit.c b/kernel/audit.c
index 224c7b4a1bc0..d40f64a47c4b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -392,6 +392,7 @@ static int audit_log_config_change(char *function_name, u32 new, u32 old,
if (rc)
allow_changes = 0; /* Something weird, deny request */
audit_log_format(ab, " res=%d", allow_changes);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
return rc;
}
@@ -1097,6 +1098,7 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
audit_log_format(ab, " feature=%s old=%u new=%u old_lock=%u new_lock=%u res=%d",
audit_feature_names[which], !!old_feature, !!new_feature,
!!old_lock, !!new_lock, res);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
@@ -1347,6 +1349,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
size--;
audit_log_n_untrustedstring(ab, data, size);
}
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
break;
@@ -1361,6 +1364,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
msg_type == AUDIT_ADD_RULE ?
"add_rule" : "remove_rule",
audit_enabled);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
return -EPERM;
}
@@ -1374,6 +1378,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
audit_log_common_recv_msg(audit_context(), &ab,
AUDIT_CONFIG_CHANGE);
audit_log_format(ab, " op=trim res=1");
+ audit_log_task_lsms(ab);
audit_log_end(ab);
break;
case AUDIT_MAKE_EQUIV: {
@@ -1409,6 +1414,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
audit_log_format(ab, " new=");
audit_log_untrustedstring(ab, new);
audit_log_format(ab, " res=%d", !err);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
kfree(old);
kfree(new);
@@ -1418,7 +1424,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
len = 0;
if (lsmblob_is_set(&audit_sig_lsm)) {
err = security_secid_to_secctx(&audit_sig_lsm,
- &context);
+ &context, LSMBLOB_FIRST);
if (err)
return err;
}
@@ -1477,6 +1483,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
" old-log_passwd=%d new-log_passwd=%d res=%d",
old.enabled, s.enabled, old.log_passwd,
s.log_passwd, !err);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
break;
}
@@ -2055,6 +2062,33 @@ void audit_log_key(struct audit_buffer *ab, char *key)
audit_log_format(ab, "(null)");
}
+void audit_log_task_lsms(struct audit_buffer *ab)
+{
+ int i;
+ const char *lsm;
+ struct lsmblob blob;
+ struct lsmcontext context;
+
+ /*
+ * Don't do anything unless there is more than one LSM
+ * with a security context to report.
+ */
+ if (security_lsm_slot_name(1) == NULL)
+ return;
+
+ security_task_getsecid(current, &blob);
+
+ for (i = 0; i < LSMBLOB_ENTRIES; i++) {
+ lsm = security_lsm_slot_name(i);
+ if (lsm == NULL)
+ break;
+ if (security_secid_to_secctx(&blob, &context, i))
+ continue;
+ audit_log_format(ab, " subj_%s=%s", lsm, context.context);
+ security_release_secctx(&context);
+ }
+}
+
int audit_log_task_context(struct audit_buffer *ab)
{
int error;
@@ -2065,7 +2099,7 @@ int audit_log_task_context(struct audit_buffer *ab)
if (!lsmblob_is_set(&blob))
return 0;
- error = security_secid_to_secctx(&blob, &context);
+ error = security_secid_to_secctx(&blob, &context, LSMBLOB_FIRST);
if (error) {
if (error != -EINVAL)
goto error_path;
@@ -2173,6 +2207,7 @@ void audit_log_path_denied(int type, const char *operation)
audit_log_format(ab, "op=%s", operation);
audit_log_task_info(ab);
audit_log_format(ab, " res=0");
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
@@ -2223,6 +2258,7 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
oldloginuid, loginuid, tty ? tty_name(tty) : "(none)",
oldsessionid, sessionid, !rc);
audit_put_tty(tty);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
diff --git a/kernel/audit_fsnotify.c b/kernel/audit_fsnotify.c
index f0d243318452..7f8c4b1a2884 100644
--- a/kernel/audit_fsnotify.c
+++ b/kernel/audit_fsnotify.c
@@ -126,6 +126,7 @@ static void audit_mark_log_rule_change(struct audit_fsnotify_mark *audit_mark, c
audit_log_untrustedstring(ab, audit_mark->path);
audit_log_key(ab, rule->filterkey);
audit_log_format(ab, " list=%d res=1", rule->listnr);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 19cfbe716f9d..bf28bb599b6d 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1103,6 +1103,7 @@ static void audit_log_rule_change(char *action, struct audit_krule *rule, int re
audit_log_format(ab, " op=%s", action);
audit_log_key(ab, rule->filterkey);
audit_log_format(ab, " list=%d res=%d", rule->listnr, res);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 6d273183dd87..e0dd643e9b13 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -973,7 +973,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
from_kuid(&init_user_ns, auid),
from_kuid(&init_user_ns, uid), sessionid);
if (lsmblob_is_set(blob)) {
- if (security_secid_to_secctx(blob, &lsmctx)) {
+ if (security_secid_to_secctx(blob, &lsmctx, LSMBLOB_FIRST)) {
audit_log_format(ab, " obj=(none)");
rc = 1;
} else {
@@ -1218,7 +1218,8 @@ static void show_special(struct audit_context *context, int *call_panic)
struct lsmblob blob;
lsmblob_init(&blob, osid);
- if (security_secid_to_secctx(&blob, &lsmcxt)) {
+ if (security_secid_to_secctx(&blob, &lsmcxt,
+ LSMBLOB_FIRST)) {
audit_log_format(ab, " osid=%u", osid);
*call_panic = 1;
} else {
@@ -1370,7 +1371,7 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n,
struct lsmcontext lsmctx;
lsmblob_init(&blob, n->osid);
- if (security_secid_to_secctx(&blob, &lsmctx)) {
+ if (security_secid_to_secctx(&blob, &lsmctx, LSMBLOB_FIRST)) {
audit_log_format(ab, " osid=%u", n->osid);
if (call_panic)
*call_panic = 2;
@@ -1479,6 +1480,7 @@ static void audit_log_exit(void)
audit_log_task_info(ab);
audit_log_key(ab, context->filterkey);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
for (aux = context->aux; aux; aux = aux->next) {
@@ -2602,6 +2604,7 @@ void audit_core_dumps(long signr)
return;
audit_log_task(ab);
audit_log_format(ab, " sig=%ld res=1", signr);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
@@ -2628,6 +2631,7 @@ void audit_seccomp(unsigned long syscall, long signr, int code)
audit_log_format(ab, " sig=%ld arch=%x syscall=%ld compat=%d ip=0x%lx code=0x%x",
signr, syscall_get_arch(current), syscall,
in_compat_syscall(), KSTK_EIP(current), code);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 27af7a6b8780..10b418029cdd 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -138,7 +138,7 @@ static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
if (err)
return;
- err = security_secid_to_secctx(&lb, &context);
+ err = security_secid_to_secctx(&lb, &context, LSMBLOB_DISPLAY);
if (err)
return;
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 255bcb886a2f..b2f522b39a1a 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -334,7 +334,7 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct)
struct lsmcontext context;
lsmblob_init(&blob, ct->secmark);
- ret = security_secid_to_secctx(&blob, &context);
+ ret = security_secid_to_secctx(&blob, &context, LSMBLOB_DISPLAY);
if (ret)
return 0;
@@ -649,7 +649,7 @@ static inline int ctnetlink_secctx_size(const struct nf_conn *ct)
struct lsmcontext context;
lsmblob_init(&blob, ct->secmark);
- ret = security_secid_to_secctx(&blob, &context);
+ ret = security_secid_to_secctx(&blob, &context, LSMBLOB_DISPLAY);
if (ret)
return 0;
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index 8969754d7fe9..0ff2b8300c28 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -177,7 +177,7 @@ static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct)
struct lsmcontext context;
lsmblob_init(&blob, ct->secmark);
- ret = security_secid_to_secctx(&blob, &context);
+ ret = security_secid_to_secctx(&blob, &context, LSMBLOB_DISPLAY);
if (ret)
return;
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index a1296453d8f2..b6f71be884e8 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -314,7 +314,7 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsmcontext *context)
if (skb->secmark) {
/* Any LSM might be looking for the secmark */
lsmblob_init(&blob, skb->secmark);
- security_secid_to_secctx(&blob, context);
+ security_secid_to_secctx(&blob, context, LSMBLOB_DISPLAY);
}
read_unlock_bh(&skb->sk->sk_callback_lock);
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index 3b0f07b59436..60a7665de0e3 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -436,7 +436,8 @@ int netlbl_unlhsh_add(struct net *net,
unlhsh_add_return:
rcu_read_unlock();
if (audit_buf != NULL) {
- if (security_secid_to_secctx(lsmblob, &context) == 0) {
+ if (security_secid_to_secctx(lsmblob, &context,
+ LSMBLOB_FIRST) == 0) {
audit_log_format(audit_buf, " sec_obj=%s",
context.context);
security_release_secctx(&context);
@@ -491,7 +492,8 @@ static int netlbl_unlhsh_remove_addr4(struct net *net,
if (dev != NULL)
dev_put(dev);
if (entry != NULL &&
- security_secid_to_secctx(&entry->lsmblob, &context) == 0) {
+ security_secid_to_secctx(&entry->lsmblob, &context,
+ LSMBLOB_FIRST) == 0) {
audit_log_format(audit_buf, " sec_obj=%s",
context.context);
security_release_secctx(&context);
@@ -551,7 +553,8 @@ static int netlbl_unlhsh_remove_addr6(struct net *net,
if (dev != NULL)
dev_put(dev);
if (entry != NULL &&
- security_secid_to_secctx(&entry->lsmblob, &context) == 0) {
+ security_secid_to_secctx(&entry->lsmblob, &context,
+ LSMBLOB_FIRST) == 0) {
audit_log_format(audit_buf, " sec_obj=%s",
context.context);
security_release_secctx(&context);
@@ -1122,7 +1125,7 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd,
lsmb = (struct lsmblob *)&addr6->lsmblob;
}
- ret_val = security_secid_to_secctx(lsmb, &context);
+ ret_val = security_secid_to_secctx(lsmb, &context, LSMBLOB_FIRST);
if (ret_val != 0)
goto list_cb_failure;
ret_val = nla_put(cb_arg->skb,
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 951ba0639d20..1941877fd16f 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -100,7 +100,7 @@ struct audit_buffer *netlbl_audit_start_common(int type,
lsmblob_init(&blob, audit_info->secid);
if (audit_info->secid != 0 &&
- security_secid_to_secctx(&blob, &context) == 0) {
+ security_secid_to_secctx(&blob, &context, LSMBLOB_FIRST) == 0) {
audit_log_format(audit_buf, " subj=%s", context.context);
security_release_secctx(&context);
}
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index f2d1e573ea55..bd2b36a83e66 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -4206,6 +4206,7 @@ void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, bool task_valid)
xfrm_audit_helper_usrinfo(task_valid, audit_buf);
audit_log_format(audit_buf, " res=%u", result);
xfrm_audit_common_policyinfo(xp, audit_buf);
+ audit_log_task_lsms(audit_buf);
audit_log_end(audit_buf);
}
EXPORT_SYMBOL_GPL(xfrm_audit_policy_add);
@@ -4221,6 +4222,7 @@ void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
xfrm_audit_helper_usrinfo(task_valid, audit_buf);
audit_log_format(audit_buf, " res=%u", result);
xfrm_audit_common_policyinfo(xp, audit_buf);
+ audit_log_task_lsms(audit_buf);
audit_log_end(audit_buf);
}
EXPORT_SYMBOL_GPL(xfrm_audit_policy_delete);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index f3423562d933..bfb8402cb28d 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -2642,6 +2642,7 @@ void xfrm_audit_state_add(struct xfrm_state *x, int result, bool task_valid)
xfrm_audit_helper_usrinfo(task_valid, audit_buf);
xfrm_audit_helper_sainfo(x, audit_buf);
audit_log_format(audit_buf, " res=%u", result);
+ audit_log_task_lsms(audit_buf);
audit_log_end(audit_buf);
}
EXPORT_SYMBOL_GPL(xfrm_audit_state_add);
@@ -2656,6 +2657,7 @@ void xfrm_audit_state_delete(struct xfrm_state *x, int result, bool task_valid)
xfrm_audit_helper_usrinfo(task_valid, audit_buf);
xfrm_audit_helper_sainfo(x, audit_buf);
audit_log_format(audit_buf, " res=%u", result);
+ audit_log_task_lsms(audit_buf);
audit_log_end(audit_buf);
}
EXPORT_SYMBOL_GPL(xfrm_audit_state_delete);
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index 1ab769fa7df6..252dc00700e8 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -363,6 +363,7 @@ void ima_audit_measurement(struct integrity_iint_cache *iint,
audit_log_format(ab, " hash=\"%s:%s\"", algo_name, hash);
audit_log_task_info(ab);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
iint->flags |= IMA_AUDITED;
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index 5109173839cc..bca89ae72e3d 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -54,5 +54,6 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
audit_log_format(ab, " ino=%lu", inode->i_ino);
}
audit_log_format(ab, " res=%d", !result);
+ audit_log_task_lsms(ab);
audit_log_end(ab);
}
diff --git a/security/security.c b/security/security.c
index bca092dd4f00..d0b57a7c3b31 100644
--- a/security/security.c
+++ b/security/security.c
@@ -449,7 +449,31 @@ static int lsm_append(const char *new, char **result)
* Pointers to the LSM id structures for local use.
*/
static int lsm_slot __lsm_ro_after_init;
-static struct lsm_id *lsm_slotlist[LSMBLOB_ENTRIES];
+static struct lsm_id *lsm_slotlist[LSMBLOB_ENTRIES] __lsm_ro_after_init;
+
+/**
+ * security_lsm_slot_name - Get the name of the security module in a slot
+ * @slot: index into the "display" slot list.
+ *
+ * Provide the name of the security module associated with
+ * a display slot.
+ *
+ * If @slot is LSMBLOB_INVALID return the value
+ * for slot 0 if it has been set, otherwise NULL.
+ *
+ * Returns a pointer to the name string or NULL.
+ */
+const char *security_lsm_slot_name(int slot)
+{
+ if (slot == LSMBLOB_INVALID)
+ slot = 0;
+ else if (slot >= LSMBLOB_ENTRIES || slot < 0)
+ return NULL;
+
+ if (lsm_slotlist[slot] == NULL)
+ return NULL;
+ return lsm_slotlist[slot]->lsm;
+}
/**
* security_add_hooks - Add a modules hooks to the hook lists.
@@ -2159,13 +2183,32 @@ int security_ismaclabel(const char *name)
}
EXPORT_SYMBOL(security_ismaclabel);
-int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp)
+int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp,
+ int display)
{
struct security_hook_list *hp;
- int display = lsm_task_display(current);
memset(cp, 0, sizeof(*cp));
+ /*
+ * display either is the slot number use for formatting
+ * or an instruction on which relative slot to use.
+ */
+ if (display == LSMBLOB_DISPLAY)
+ display = lsm_task_display(current);
+ else if (display == LSMBLOB_FIRST)
+ display = LSMBLOB_INVALID;
+ else if (display < 0) {
+ WARN_ONCE(true,
+ "LSM: security_secid_to_secctx unknown display\n");
+ display = LSMBLOB_INVALID;
+ } else if (display >= lsm_slot) {
+ WARN_ONCE(true,
+ "LSM: security_secid_to_secctx invalid display\n");
+ display = LSMBLOB_INVALID;
+ }
+
+
hlist_for_each_entry(hp, &security_hook_heads.secid_to_secctx, list) {
if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
continue;
@@ -2176,7 +2219,7 @@ int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp)
&cp->context, &cp->len);
}
}
- return 0;
+ return -EOPNOTSUPP;
}
EXPORT_SYMBOL(security_secid_to_secctx);
--
2.20.1
next prev parent reply other threads:[~2019-12-16 22:38 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20191216223621.5127-1-casey.ref@schaufler-ca.com>
2019-12-16 22:35 ` [PATCH v12 00/25] LSM: Module stacking for AppArmor Casey Schaufler
2019-12-16 22:35 ` [PATCH v12 01/25] LSM: Infrastructure management of the sock security Casey Schaufler
2019-12-17 17:23 ` Stephen Smalley
2019-12-16 22:35 ` [PATCH v12 02/25] LSM: Create and manage the lsmblob data structure Casey Schaufler
2019-12-17 17:30 ` Stephen Smalley
2019-12-19 21:11 ` Mimi Zohar
2019-12-19 21:44 ` Casey Schaufler
2019-12-16 22:35 ` [PATCH v12 03/25] LSM: Use lsmblob in security_audit_rule_match Casey Schaufler
2019-12-17 17:34 ` Stephen Smalley
2019-12-17 22:01 ` Casey Schaufler
2019-12-17 23:47 ` Kees Cook
2019-12-18 0:28 ` Casey Schaufler
2019-12-18 13:16 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 04/25] LSM: Use lsmblob in security_kernel_act_as Casey Schaufler
2019-12-17 17:37 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 05/25] net: Prepare UDS for security module stacking Casey Schaufler
2019-12-17 17:41 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 06/25] LSM: Use lsmblob in security_secctx_to_secid Casey Schaufler
2019-12-17 17:51 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 07/25] LSM: Use lsmblob in security_secid_to_secctx Casey Schaufler
2019-12-17 18:01 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 08/25] LSM: Use lsmblob in security_ipc_getsecid Casey Schaufler
2019-12-17 18:02 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 09/25] LSM: Use lsmblob in security_task_getsecid Casey Schaufler
2019-12-17 18:11 ` Stephen Smalley
2019-12-17 18:26 ` Casey Schaufler
2019-12-16 22:36 ` [PATCH v12 10/25] LSM: Use lsmblob in security_inode_getsecid Casey Schaufler
2019-12-17 18:13 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 11/25] LSM: Use lsmblob in security_cred_getsecid Casey Schaufler
2019-12-17 18:23 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 12/25] IMA: Change internal interfaces to use lsmblobs Casey Schaufler
2019-12-17 18:26 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 13/25] LSM: Specify which LSM to display Casey Schaufler
2019-12-18 15:17 ` Stephen Smalley
2019-12-18 16:32 ` Casey Schaufler
2019-12-16 22:36 ` [PATCH v12 14/25] LSM: Ensure the correct LSM context releaser Casey Schaufler
2019-12-18 15:53 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 15/25] LSM: Use lsmcontext in security_secid_to_secctx Casey Schaufler
2019-12-18 16:06 ` Stephen Smalley
2019-12-18 19:33 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 16/25] LSM: Use lsmcontext in security_dentry_init_security Casey Schaufler
2019-12-18 16:16 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 17/25] LSM: Use lsmcontext in security_inode_getsecctx Casey Schaufler
2019-12-18 17:02 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 18/25] LSM: security_secid_to_secctx in netlink netfilter Casey Schaufler
2019-12-18 17:10 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 19/25] NET: Store LSM netlabel data in a lsmblob Casey Schaufler
2019-12-18 17:41 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 20/25] LSM: Verify LSM display sanity in binder Casey Schaufler
2019-12-18 17:43 ` Stephen Smalley
2019-12-16 22:36 ` Casey Schaufler [this message]
2019-12-18 17:55 ` [PATCH v12 21/25] Audit: Add subj_LSM fields when necessary Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 22/25] Audit: Include object data for all security modules Casey Schaufler
2019-12-18 18:02 ` Stephen Smalley
2019-12-16 22:36 ` [PATCH v12 23/25] NET: Add SO_PEERCONTEXT for multiple LSMs Casey Schaufler
2019-12-18 18:28 ` Stephen Smalley
2019-12-18 19:12 ` Stephen Smalley
2019-12-18 20:50 ` Stephen Smalley
2019-12-19 12:19 ` Simon McVittie
2019-12-19 13:47 ` Stephen Smalley
2019-12-19 15:00 ` Stephen Smalley
2019-12-19 16:48 ` Simon McVittie
2019-12-19 17:02 ` Stephen Smalley
2019-12-19 19:27 ` John Johansen
2019-12-19 20:51 ` Casey Schaufler
2019-12-19 21:41 ` John Johansen
2019-12-19 19:21 ` John Johansen
2019-12-16 22:36 ` [PATCH v12 24/25] LSM: Add /proc attr entry for full LSM context Casey Schaufler
2019-12-16 22:36 ` [PATCH v12 25/25] AppArmor: Remove the exclusive flag Casey Schaufler
[not found] <20191224231339.7130-1-casey@schaufler-ca.com>
2019-12-24 23:13 ` [PATCH v12 21/25] Audit: Add subj_LSM fields when necessary Casey Schaufler
2019-12-24 23:18 [PATCH v12 00/25] LSM: Module stacking for AppArmor Casey Schaufler
2019-12-24 23:19 ` [PATCH v12 21/25] Audit: Add subj_LSM fields when necessary Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191216223621.5127-22-casey@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=casey.schaufler@intel.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=sds@tycho.nsa.gov \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.