tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

lsm: security_lsmblob_to_secctx module selection

Add a parameter lsmid to security_lsmblob_to_secctx() to identify which
of the security modules that may be active should provide the security
context. If the value of lsmid is LSM_ID_UNDEF the first LSM providing
a hook is used. security_secid_to_secctx() is unchanged, and will
always report the first LSM providing a hook.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
[PM: subj tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>

authored by

Casey Schaufler and committed by
Paul Moore a59076f2 0a561e39

+29 -10
+4 -2
include/linux/security.h
··· 567 567 int security_setprocattr(int lsmid, const char *name, void *value, size_t size); 568 568 int security_ismaclabel(const char *name); 569 569 int security_secid_to_secctx(u32 secid, struct lsm_context *cp); 570 - int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp); 570 + int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp, 571 + int lsmid); 571 572 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); 572 573 void security_release_secctx(struct lsm_context *cp); 573 574 void security_inode_invalidate_secctx(struct inode *inode); ··· 1552 1551 } 1553 1552 1554 1553 static inline int security_lsmprop_to_secctx(struct lsm_prop *prop, 1555 - struct lsm_context *cp) 1554 + struct lsm_context *cp, 1555 + int lsmid) 1556 1556 { 1557 1557 return -EOPNOTSUPP; 1558 1558 }
+2 -2
kernel/audit.c
··· 1473 1473 case AUDIT_SIGNAL_INFO: 1474 1474 if (lsmprop_is_set(&audit_sig_lsm)) { 1475 1475 err = security_lsmprop_to_secctx(&audit_sig_lsm, 1476 - &lsmctx); 1476 + &lsmctx, LSM_ID_UNDEF); 1477 1477 if (err < 0) 1478 1478 return err; 1479 1479 } ··· 2188 2188 if (!lsmprop_is_set(&prop)) 2189 2189 return 0; 2190 2190 2191 - error = security_lsmprop_to_secctx(&prop, &ctx); 2191 + error = security_lsmprop_to_secctx(&prop, &ctx, LSM_ID_UNDEF); 2192 2192 if (error < 0) { 2193 2193 if (error != -EINVAL) 2194 2194 goto error_path;
+5 -3
kernel/auditsc.c
··· 1109 1109 from_kuid(&init_user_ns, auid), 1110 1110 from_kuid(&init_user_ns, uid), sessionid); 1111 1111 if (lsmprop_is_set(prop)) { 1112 - if (security_lsmprop_to_secctx(prop, &ctx) < 0) { 1112 + if (security_lsmprop_to_secctx(prop, &ctx, LSM_ID_UNDEF) < 0) { 1113 1113 audit_log_format(ab, " obj=(none)"); 1114 1114 rc = 1; 1115 1115 } else { ··· 1395 1395 struct lsm_context lsmctx; 1396 1396 1397 1397 if (security_lsmprop_to_secctx(&context->ipc.oprop, 1398 - &lsmctx) < 0) { 1398 + &lsmctx, 1399 + LSM_ID_UNDEF) < 0) { 1399 1400 *call_panic = 1; 1400 1401 } else { 1401 1402 audit_log_format(ab, " obj=%s", lsmctx.context); ··· 1561 1560 if (lsmprop_is_set(&n->oprop)) { 1562 1561 struct lsm_context ctx; 1563 1562 1564 - if (security_lsmprop_to_secctx(&n->oprop, &ctx) < 0) { 1563 + if (security_lsmprop_to_secctx(&n->oprop, &ctx, 1564 + LSM_ID_UNDEF) < 0) { 1565 1565 if (call_panic) 1566 1566 *call_panic = 2; 1567 1567 } else {
+2 -1
net/netlabel/netlabel_user.c
··· 98 98 audit_info->sessionid); 99 99 100 100 if (lsmprop_is_set(&audit_info->prop) && 101 - security_lsmprop_to_secctx(&audit_info->prop, &ctx) > 0) { 101 + security_lsmprop_to_secctx(&audit_info->prop, &ctx, 102 + LSM_ID_UNDEF) > 0) { 102 103 audit_log_format(audit_buf, " subj=%s", ctx.context); 103 104 security_release_secctx(&ctx); 104 105 }
+16 -2
security/security.c
··· 4342 4342 * security_lsmprop_to_secctx() - Convert a lsm_prop to a secctx 4343 4343 * @prop: lsm specific information 4344 4344 * @cp: the LSM context 4345 + * @lsmid: which security module to report 4345 4346 * 4346 4347 * Convert a @prop entry to security context. If @cp is NULL the 4347 4348 * length of the result will be returned. This does mean that the 4348 4349 * length could change between calls to check the length and the 4349 4350 * next call which actually allocates and returns the @cp. 4350 4351 * 4352 + * @lsmid identifies which LSM should supply the context. 4353 + * A value of LSM_ID_UNDEF indicates that the first LSM suppling 4354 + * the hook should be used. This is used in cases where the 4355 + * ID of the supplying LSM is unambiguous. 4356 + * 4351 4357 * Return: Return length of data on success, error on failure. 4352 4358 */ 4353 - int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp) 4359 + int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp, 4360 + int lsmid) 4354 4361 { 4355 - return call_int_hook(lsmprop_to_secctx, prop, cp); 4362 + struct lsm_static_call *scall; 4363 + 4364 + lsm_for_each_hook(scall, lsmprop_to_secctx) { 4365 + if (lsmid != LSM_ID_UNDEF && lsmid != scall->hl->lsmid->id) 4366 + continue; 4367 + return scall->hl->hook.lsmprop_to_secctx(prop, cp); 4368 + } 4369 + return LSM_RET_DEFAULT(lsmprop_to_secctx); 4356 4370 } 4357 4371 EXPORT_SYMBOL(security_lsmprop_to_secctx); 4358 4372