From: John Johansen <john.johansen@canonical.com>
To: Casey Schaufler <casey@schaufler-ca.com>,
casey.schaufler@intel.com, jmorris@namei.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Cc: keescook@chromium.org, penguin-kernel@i-love.sakura.ne.jp,
paul@paul-moore.com, sds@tycho.nsa.gov
Subject: Re: [PATCH v4 21/23] Audit: Store LSM audit information in an lsmblob
Date: Thu, 27 Jun 2019 14:37:50 -0700 [thread overview]
Message-ID: <6306c2d0-6bcd-9947-7b85-0ac346aee408@canonical.com> (raw)
In-Reply-To: <20190626192234.11725-22-casey@schaufler-ca.com>
On 6/26/19 12:22 PM, Casey Schaufler wrote:
> Change the audit code to store full lsmblob data instead of
> a single u32 secid. This allows for multiple security modules
> to use the audit system at the same time. It also allows the
> removal of scaffolding code that was included during the
> revision of LSM interfaces.
>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
> ---
> kernel/audit.h | 6 +++---
> kernel/auditsc.c | 40 +++++++++++++---------------------------
> 2 files changed, 16 insertions(+), 30 deletions(-)
>
> diff --git a/kernel/audit.h b/kernel/audit.h
> index 29e29c6f4afb..a8dd479e9556 100644
> --- a/kernel/audit.h
> +++ b/kernel/audit.h
> @@ -91,7 +91,7 @@ struct audit_names {
> kuid_t uid;
> kgid_t gid;
> dev_t rdev;
> - u32 osid;
> + struct lsmblob olsm;
> struct audit_cap_data fcap;
> unsigned int fcap_ver;
> unsigned char type; /* record type */
> @@ -148,7 +148,7 @@ struct audit_context {
> kuid_t target_auid;
> kuid_t target_uid;
> unsigned int target_sessionid;
> - struct lsmblob target_lsm;
> + struct lsmblob target_lsm;
> char target_comm[TASK_COMM_LEN];
>
> struct audit_tree_refs *trees, *first_trees;
> @@ -165,7 +165,7 @@ struct audit_context {
> kuid_t uid;
> kgid_t gid;
> umode_t mode;
> - u32 osid;
> + struct lsmblob olsm;
> int has_perm;
> uid_t perm_uid;
> gid_t perm_gid;
> diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> index 0478680cd0a8..ec8872430fb6 100644
> --- a/kernel/auditsc.c
> +++ b/kernel/auditsc.c
> @@ -646,17 +646,15 @@ static int audit_filter_rules(struct task_struct *tsk,
> if (f->lsm_rule) {
> /* Find files that match */
> if (name) {
> - lsmblob_init(&blob, name->osid);
> result = security_audit_rule_match(
> - &blob,
> + &name->olsm,
> f->type,
> f->op,
> f->lsm_rule);
> } else if (ctx) {
> list_for_each_entry(n, &ctx->names_list, list) {
> - lsmblob_init(&blob, n->osid);
> if (security_audit_rule_match(
> - &blob,
> + &n->olsm,
> f->type,
> f->op,
> f->lsm_rule)) {
> @@ -668,8 +666,7 @@ static int audit_filter_rules(struct task_struct *tsk,
> /* Find ipc objects that match */
> if (!ctx || ctx->type != AUDIT_IPC)
> break;
> - lsmblob_init(&blob, ctx->ipc.osid);
> - if (security_audit_rule_match(&blob,
> + if (security_audit_rule_match(&ctx->ipc.olsm,
> f->type, f->op,
> f->lsm_rule))
> ++result;
> @@ -955,7 +952,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
> from_kuid(&init_user_ns, uid), sessionid);
> if (lsmblob_is_set(blob)) {
> if (security_secid_to_secctx(blob, &lsmctx)) {
> - audit_log_format(ab, " obj=(none)");
> + audit_log_format(ab, " obj=?");
> rc = 1;
> } else {
> audit_log_format(ab, " obj=%s", lsmctx.context);
> @@ -1187,19 +1184,17 @@ static void show_special(struct audit_context *context, int *call_panic)
> context->socketcall.args[i]);
> break; }
> case AUDIT_IPC: {
> - u32 osid = context->ipc.osid;
> + struct lsmblob *olsm = &context->ipc.olsm;
>
> audit_log_format(ab, "ouid=%u ogid=%u mode=%#ho",
> from_kuid(&init_user_ns, context->ipc.uid),
> from_kgid(&init_user_ns, context->ipc.gid),
> context->ipc.mode);
> - if (osid) {
> + if (lsmblob_is_set(olsm)) {
> struct lsmcontext lsmcxt;
> - struct lsmblob blob;
>
> - lsmblob_init(&blob, osid);
> - if (security_secid_to_secctx(&blob, &lsmcxt)) {
> - audit_log_format(ab, " osid=%u", osid);
> + if (security_secid_to_secctx(olsm, &lsmcxt)) {
> + audit_log_format(ab, " obj=?");
> *call_panic = 1;
> } else {
> audit_log_format(ab, " obj=%s", lsmcxt.context);
> @@ -1346,13 +1341,11 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n,
> from_kgid(&init_user_ns, n->gid),
> MAJOR(n->rdev),
> MINOR(n->rdev));
> - if (n->osid != 0) {
> - struct lsmblob blob;
> + if (lsmblob_is_set(&n->olsm)) {
> struct lsmcontext lsmctx;
>
> - lsmblob_init(&blob, n->osid);
> - if (security_secid_to_secctx(&blob, &lsmctx)) {
> - audit_log_format(ab, " osid=%u", n->osid);
> + if (security_secid_to_secctx(&n->olsm, &lsmctx)) {
> + audit_log_format(ab, " obj=?");
> if (call_panic)
> *call_panic = 2;
> } else {
> @@ -1906,17 +1899,13 @@ static inline int audit_copy_fcaps(struct audit_names *name,
> void audit_copy_inode(struct audit_names *name, const struct dentry *dentry,
> struct inode *inode, unsigned int flags)
> {
> - struct lsmblob blob;
> -
> name->ino = inode->i_ino;
> name->dev = inode->i_sb->s_dev;
> name->mode = inode->i_mode;
> name->uid = inode->i_uid;
> name->gid = inode->i_gid;
> name->rdev = inode->i_rdev;
> - security_inode_getsecid(inode, &blob);
> - /* scaffolding until osid is updated */
> - name->osid = blob.secid[0];
> + security_inode_getsecid(inode, &name->olsm);
> if (flags & AUDIT_INODE_NOEVAL) {
> name->fcap_ver = -1;
> return;
> @@ -2266,14 +2255,11 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
> void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
> {
> struct audit_context *context = audit_context();
> - struct lsmblob blob;
> context->ipc.uid = ipcp->uid;
> context->ipc.gid = ipcp->gid;
> context->ipc.mode = ipcp->mode;
> context->ipc.has_perm = 0;
> - security_ipc_getsecid(ipcp, &blob);
> - /* scaffolding on the [0] - change "osid" to a lsmblob */
> - context->ipc.osid = blob.secid[0];
> + security_ipc_getsecid(ipcp, &context->ipc.olsm);
> context->type = AUDIT_IPC;
> }
>
>
next prev parent reply other threads:[~2019-06-27 21:38 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-26 19:22 [PATCH v4 00/23] LSM: Module stacking for AppArmor Casey Schaufler
2019-06-26 19:22 ` [PATCH v4 01/23] LSM: Infrastructure management of the superblock Casey Schaufler
2019-06-26 19:22 ` [PATCH v4 02/23] LSM: Infrastructure management of the sock security Casey Schaufler
2019-06-26 19:22 ` [PATCH v4 03/23] LSM: Infrastructure management of the key blob Casey Schaufler
2019-06-26 19:22 ` [PATCH v4 04/23] LSM: Create and manage the lsmblob data structure Casey Schaufler
2019-06-26 23:39 ` John Johansen
2019-06-27 17:43 ` Casey Schaufler
2019-06-26 19:22 ` [PATCH v4 05/23] LSM: Use lsmblob in security_audit_rule_match Casey Schaufler
2019-06-26 23:07 ` Kees Cook
2019-06-26 23:45 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 06/23] LSM: Use lsmblob in security_kernel_act_as Casey Schaufler
2019-06-26 23:07 ` Kees Cook
2019-06-26 23:47 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 07/23] net: Prepare UDS for secuirty module stacking Casey Schaufler
2019-06-26 23:07 ` Kees Cook
2019-06-26 23:48 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 08/23] LSM: Use lsmblob in security_secctx_to_secid Casey Schaufler
2019-06-26 23:07 ` Kees Cook
2019-06-26 23:50 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 09/23] LSM: Use lsmblob in security_secid_to_secctx Casey Schaufler
2019-06-26 23:07 ` Kees Cook
2019-06-26 23:51 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 10/23] LSM: Use lsmblob in security_ipc_getsecid Casey Schaufler
2019-06-26 23:08 ` Kees Cook
2019-06-26 23:53 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 11/23] LSM: Use lsmblob in security_task_getsecid Casey Schaufler
2019-06-26 23:08 ` Kees Cook
2019-06-26 23:55 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 12/23] LSM: Use lsmblob in security_inode_getsecid Casey Schaufler
2019-06-26 23:08 ` Kees Cook
2019-06-26 23:56 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 13/23] LSM: Use lsmblob in security_cred_getsecid Casey Schaufler
2019-06-26 23:09 ` Kees Cook
2019-06-26 23:57 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 14/23] IMA: Change internal interfaces to use lsmblobs Casey Schaufler
2019-06-26 23:09 ` Kees Cook
2019-06-26 23:58 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 15/23] LSM: Specify which LSM to display Casey Schaufler
2019-06-26 23:12 ` Kees Cook
2019-06-27 21:33 ` John Johansen
2019-06-28 14:45 ` Stephen Smalley
2019-06-28 16:15 ` Casey Schaufler
2019-06-28 18:08 ` John Johansen
[not found] ` <CAB9W1A1nwE7WBZqTe-GV8xNb83_B2ybV7cco++nfMjtDz9NJrg@mail.gmail.com>
2019-06-29 1:01 ` Fwd: " Stephen Smalley
2019-06-29 19:45 ` Casey Schaufler
2019-07-02 0:49 ` James Morris
2019-07-02 1:20 ` Casey Schaufler
2019-06-26 19:22 ` [PATCH v4 16/23] LSM: Use lsmcontext in security_secid_to_secctx Casey Schaufler
2019-06-26 23:14 ` Kees Cook
2019-06-27 21:34 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 17/23] " Casey Schaufler
2019-06-26 23:15 ` Kees Cook
2019-06-27 3:53 ` Kees Cook
2019-06-27 16:29 ` Casey Schaufler
2019-06-27 17:17 ` Kees Cook
2019-06-27 17:36 ` Casey Schaufler
2019-06-27 21:34 ` John Johansen
2019-06-27 21:36 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 18/23] LSM: Use lsmcontext in security_dentry_init_security Casey Schaufler
2019-06-26 23:15 ` Kees Cook
2019-06-27 21:34 ` John Johansen
2019-06-28 10:07 ` Ondrej Mosnacek
2019-06-26 19:22 ` [PATCH v4 19/23] LSM: Use lsmcontext in security_inode_getsecctx Casey Schaufler
2019-06-26 23:16 ` Kees Cook
2019-06-27 21:36 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 20/23] LSM: security_secid_to_secctx in netlink netfilter Casey Schaufler
2019-06-26 23:16 ` Kees Cook
2019-06-27 21:37 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 21/23] Audit: Store LSM audit information in an lsmblob Casey Schaufler
2019-06-26 23:16 ` Kees Cook
2019-06-27 21:37 ` John Johansen [this message]
2019-06-26 19:22 ` [PATCH v4 22/23] NET: Store LSM netlabel data in a lsmblob Casey Schaufler
2019-06-26 23:18 ` Kees Cook
2019-06-27 21:38 ` John Johansen
2019-06-26 19:22 ` [PATCH v4 23/23] AppArmor: Remove the exclusive flag Casey Schaufler
2019-06-26 23:18 ` Kees Cook
2019-06-27 2:22 ` James Morris
2019-06-27 3:28 ` Kees Cook
2019-06-27 3:44 ` John Johansen
2019-06-27 3:49 ` James Morris
2019-06-27 21:38 ` John Johansen
2019-06-26 21:04 ` [PATCH v4 00/23] LSM: Module stacking for AppArmor Kees Cook
2019-06-26 21:11 ` John Johansen
2019-06-26 23:04 ` Kees Cook
2019-06-26 21:25 ` Casey Schaufler
2019-06-27 2:41 ` James Morris
2019-06-27 2:46 ` James Morris
2019-06-27 3:45 ` James Morris
2019-06-27 4:10 ` James Morris
2019-06-27 17:07 ` Kees Cook
2019-06-27 18:10 ` James Morris
2019-06-27 3:51 ` Kees Cook
2019-06-27 21:52 ` John Johansen
2019-06-27 22:33 ` Casey Schaufler
2019-06-27 23:16 ` James Morris
2019-06-27 23:44 ` John Johansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6306c2d0-6bcd-9947-7b85-0ac346aee408@canonical.com \
--to=john.johansen@canonical.com \
--cc=casey.schaufler@intel.com \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=sds@tycho.nsa.gov \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).