From: Casey Schaufler <casey@schaufler-ca.com>
To: LSM <linux-security-module@vger.kernel.org>,
"James Morris" <jmorris@namei.org>,
"SE Linux" <selinux@tycho.nsa.gov>,
LKLM <linux-kernel@vger.kernel.org>,
"John Johansen" <john.johansen@canonical.com>,
"Kees Cook" <keescook@chromium.org>,
"Tetsuo Handa" <penguin-kernel@i-love.sakura.ne.jp>,
"Paul Moore" <paul@paul-moore.com>,
"Stephen Smalley" <sds@tycho.nsa.gov>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"Alexey Dobriyan" <adobriyan@gmail.com>,
"Mickaël Salaün" <mic@digikod.net>,
"Salvatore Mesoraca" <s.mesoraca16@gmail.com>
Subject: [PATCH v3 04/16] SELinux: Remove cred security blob poisoning
Date: Wed, 19 Sep 2018 17:20:10 -0700 [thread overview]
Message-ID: <de3681aa-3e2e-a3dc-bc1d-9c7edb2f12a6@schaufler-ca.com> (raw)
In-Reply-To: <748c61cb-b6fa-c36d-a7b3-2315ff6292af@schaufler-ca.com>
SELinux: Remove cred security blob poisoning
The SELinux specific credential poisioning only makes sense
if SELinux is managing the credentials. As the intent of this
patch set is to move the blob management out of the modules
and into the infrastructure, the SELinux specific code has
to go. The poisioning could be introduced into the infrastructure
at some later date.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
kernel/cred.c | 13 -------------
security/selinux/hooks.c | 6 ------
2 files changed, 19 deletions(-)
diff --git a/kernel/cred.c b/kernel/cred.c
index ecf03657e71c..fa2061ee4955 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -704,19 +704,6 @@ bool creds_are_invalid(const struct cred *cred)
{
if (cred->magic != CRED_MAGIC)
return true;
-#ifdef CONFIG_SECURITY_SELINUX
- /*
- * cred->security == NULL if security_cred_alloc_blank() or
- * security_prepare_creds() returned an error.
- */
- if (selinux_is_enabled() && cred->security) {
- if ((unsigned long) cred->security < PAGE_SIZE)
- return true;
- if ((*(u32 *)cred->security & 0xffffff00) ==
- (POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))
- return true;
- }
-#endif
return false;
}
EXPORT_SYMBOL(creds_are_invalid);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 9d6cdd21acb6..80614ca25a2b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3920,12 +3920,6 @@ static void selinux_cred_free(struct cred *cred)
{
struct task_security_struct *tsec = selinux_cred(cred);
- /*
- * cred->security == NULL if security_cred_alloc_blank() or
- * security_prepare_creds() returned an error.
- */
- BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);
- cred->security = (void *) 0x7UL;
kfree(tsec);
}
--
2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: casey@schaufler-ca.com (Casey Schaufler)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v3 04/16] SELinux: Remove cred security blob poisoning
Date: Wed, 19 Sep 2018 17:20:10 -0700 [thread overview]
Message-ID: <de3681aa-3e2e-a3dc-bc1d-9c7edb2f12a6@schaufler-ca.com> (raw)
In-Reply-To: <748c61cb-b6fa-c36d-a7b3-2315ff6292af@schaufler-ca.com>
SELinux: Remove cred security blob poisoning
The SELinux specific credential poisioning only makes sense
if SELinux is managing the credentials. As the intent of this
patch set is to move the blob management out of the modules
and into the infrastructure, the SELinux specific code has
to go. The poisioning could be introduced into the infrastructure
at some later date.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
kernel/cred.c | 13 -------------
security/selinux/hooks.c | 6 ------
2 files changed, 19 deletions(-)
diff --git a/kernel/cred.c b/kernel/cred.c
index ecf03657e71c..fa2061ee4955 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -704,19 +704,6 @@ bool creds_are_invalid(const struct cred *cred)
{
if (cred->magic != CRED_MAGIC)
return true;
-#ifdef CONFIG_SECURITY_SELINUX
- /*
- * cred->security == NULL if security_cred_alloc_blank() or
- * security_prepare_creds() returned an error.
- */
- if (selinux_is_enabled() && cred->security) {
- if ((unsigned long) cred->security < PAGE_SIZE)
- return true;
- if ((*(u32 *)cred->security & 0xffffff00) ==
- (POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))
- return true;
- }
-#endif
return false;
}
EXPORT_SYMBOL(creds_are_invalid);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 9d6cdd21acb6..80614ca25a2b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3920,12 +3920,6 @@ static void selinux_cred_free(struct cred *cred)
{
struct task_security_struct *tsec = selinux_cred(cred);
- /*
- * cred->security == NULL if security_cred_alloc_blank() or
- * security_prepare_creds() returned an error.
- */
- BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);
- cred->security = (void *) 0x7UL;
kfree(tsec);
}
--
2.17.1
next prev parent reply other threads:[~2018-09-20 0:20 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-20 0:03 [PATCH v3 00/16] LSM: Module stacking in support of SARA and Landlock Casey Schaufler
2018-09-20 0:03 ` Casey Schaufler
2018-09-20 0:03 ` Casey Schaufler
2018-09-20 0:19 ` [PATCH v3 01/16] procfs: add smack subdir to attrs Casey Schaufler
2018-09-20 0:19 ` Casey Schaufler
2018-09-20 0:19 ` [PATCH v3 02/16] Smack: Abstract use of cred security blob Casey Schaufler
2018-09-20 0:19 ` Casey Schaufler
2018-09-20 0:19 ` [PATCH v3 03/16] SELinux: " Casey Schaufler
2018-09-20 0:19 ` Casey Schaufler
2018-09-20 0:20 ` Casey Schaufler [this message]
2018-09-20 0:20 ` [PATCH v3 04/16] SELinux: Remove cred security blob poisoning Casey Schaufler
2018-09-20 0:20 ` [PATCH v3 05/16] SELinux: Remove unused selinux_is_enabled Casey Schaufler
2018-09-20 0:20 ` Casey Schaufler
2018-09-20 0:20 ` [PATCH v3 06/16] AppArmor: Abstract use of cred security blob Casey Schaufler
2018-09-20 0:20 ` Casey Schaufler
2018-09-20 0:20 ` [PATCH v3 07/16] TOMOYO: " Casey Schaufler
2018-09-20 0:20 ` Casey Schaufler
2018-09-20 17:13 ` Kees Cook
2018-09-20 17:13 ` Kees Cook
2018-09-20 0:20 ` [PATCH v3 08/16] LSM: Infrastructure management of the " Casey Schaufler
2018-09-20 0:20 ` Casey Schaufler
2018-09-20 0:20 ` [PATCH v3 09/16] SELinux: Abstract use of file " Casey Schaufler
2018-09-20 0:20 ` Casey Schaufler
2018-09-20 8:51 ` David Laight
2018-09-20 8:51 ` David Laight
2018-09-20 15:20 ` Casey Schaufler
2018-09-20 15:20 ` Casey Schaufler
2018-09-20 0:21 ` [PATCH v3 10/16] LSM: Infrastructure management of the " Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 17:25 ` Kees Cook
2018-09-20 17:25 ` Kees Cook
2018-09-20 0:21 ` [PATCH v3 11/16] SELinux: Abstract use of inode " Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 0:21 ` [PATCH v3 12/16] Smack: " Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 0:21 ` [PATCH v3 13/16] LSM: Infrastructure management of the inode security Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 0:21 ` [PATCH v3 14/16] LSM: Infrastructure management of the task security blob Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 17:39 ` Kees Cook
2018-09-20 17:39 ` Kees Cook
2018-09-20 0:21 ` [PATCH v3 15/16] LSM: Infrastructure management of the ipc " Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 17:44 ` Kees Cook
2018-09-20 17:44 ` Kees Cook
2018-09-20 0:21 ` [PATCH v3 16/16] LSM: Blob sharing support for S.A.R.A and LandLock Casey Schaufler
2018-09-20 0:21 ` Casey Schaufler
2018-09-20 17:56 ` Kees Cook
2018-09-20 17:56 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=de3681aa-3e2e-a3dc-bc1d-9c7edb2f12a6@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=adobriyan@gmail.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=keescook@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=s.mesoraca16@gmail.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.