Skip to content

Commit 5591fd5

Browse files
torvaldstorvalds
committed
Merge tag 'lsm-pr-20241112' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
Pull lsm updates from Paul Moore: "Thirteen patches, all focused on moving away from the current 'secid' LSM identifier to a richer 'lsm_prop' structure. This move will help reduce the translation that is necessary in many LSMs, offering better performance, and make it easier to support different LSMs in the future" * tag 'lsm-pr-20241112' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: lsm: remove lsm_prop scaffolding netlabel,smack: use lsm_prop for audit data audit: change context data from secid to lsm_prop lsm: create new security_cred_getlsmprop LSM hook audit: use an lsm_prop in audit_names lsm: use lsm_prop in security_inode_getsecid lsm: use lsm_prop in security_current_getsecid audit: update shutdown LSM data lsm: use lsm_prop in security_ipc_getsecid audit: maintain an lsm_prop in audit_context lsm: add lsmprop_to_secctx hook lsm: use lsm_prop in security_audit_rule_match lsm: add the lsm_prop data structure
2 parents 8ffc7db + 8afd8c8 commit 5591fd5

31 files changed

Lines changed: 470 additions & 228 deletions

MAINTAINERS

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20804,6 +20804,7 @@ Q: https://patchwork.kernel.org/project/linux-security-module/list
2080420804
B: mailto:linux-security-module@vger.kernel.org
2080520805
P: https://github.com/LinuxSecurityModule/kernel/blob/main/README.md
2080620806
T: git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
20807+
F: include/linux/lsm/
2080720808
F: include/linux/lsm_audit.h
2080820809
F: include/linux/lsm_hook_defs.h
2080920810
F: include/linux/lsm_hooks.h

include/linux/lsm/apparmor.h

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
/* SPDX-License-Identifier: GPL-2.0 */
2+
/*
3+
* Linux Security Module interface to other subsystems.
4+
* AppArmor presents single pointer to an aa_label structure.
5+
*/
6+
#ifndef __LINUX_LSM_APPARMOR_H
7+
#define __LINUX_LSM_APPARMOR_H
8+
9+
struct aa_label;
10+
11+
struct lsm_prop_apparmor {
12+
#ifdef CONFIG_SECURITY_APPARMOR
13+
struct aa_label *label;
14+
#endif
15+
};
16+
17+
#endif /* ! __LINUX_LSM_APPARMOR_H */

include/linux/lsm/bpf.h

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
/* SPDX-License-Identifier: GPL-2.0 */
2+
/*
3+
* Linux Security Module interface to other subsystems.
4+
* BPF may present a single u32 value.
5+
*/
6+
#ifndef __LINUX_LSM_BPF_H
7+
#define __LINUX_LSM_BPF_H
8+
#include <linux/types.h>
9+
10+
struct lsm_prop_bpf {
11+
#ifdef CONFIG_BPF_LSM
12+
u32 secid;
13+
#endif
14+
};
15+
16+
#endif /* ! __LINUX_LSM_BPF_H */

include/linux/lsm/selinux.h

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
/* SPDX-License-Identifier: GPL-2.0 */
2+
/*
3+
* Linux Security Module interface to other subsystems.
4+
* SELinux presents a single u32 value which is known as a secid.
5+
*/
6+
#ifndef __LINUX_LSM_SELINUX_H
7+
#define __LINUX_LSM_SELINUX_H
8+
#include <linux/types.h>
9+
10+
struct lsm_prop_selinux {
11+
#ifdef CONFIG_SECURITY_SELINUX
12+
u32 secid;
13+
#endif
14+
};
15+
16+
#endif /* ! __LINUX_LSM_SELINUX_H */

include/linux/lsm/smack.h

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
/* SPDX-License-Identifier: GPL-2.0 */
2+
/*
3+
* Linux Security Module interface to other subsystems.
4+
* Smack presents a pointer into the global Smack label list.
5+
*/
6+
#ifndef __LINUX_LSM_SMACK_H
7+
#define __LINUX_LSM_SMACK_H
8+
9+
struct smack_known;
10+
11+
struct lsm_prop_smack {
12+
#ifdef CONFIG_SECURITY_SMACK
13+
struct smack_known *skp;
14+
#endif
15+
};
16+
17+
#endif /* ! __LINUX_LSM_SMACK_H */

include/linux/lsm_hook_defs.h

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -176,7 +176,8 @@ LSM_HOOK(int, -EOPNOTSUPP, inode_setsecurity, struct inode *inode,
176176
const char *name, const void *value, size_t size, int flags)
177177
LSM_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer,
178178
size_t buffer_size)
179-
LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid)
179+
LSM_HOOK(void, LSM_RET_VOID, inode_getlsmprop, struct inode *inode,
180+
struct lsm_prop *prop)
180181
LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new)
181182
LSM_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, struct dentry *src,
182183
const char *name)
@@ -217,6 +218,8 @@ LSM_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old,
217218
LSM_HOOK(void, LSM_RET_VOID, cred_transfer, struct cred *new,
218219
const struct cred *old)
219220
LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid)
221+
LSM_HOOK(void, LSM_RET_VOID, cred_getlsmprop, const struct cred *c,
222+
struct lsm_prop *prop)
220223
LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid)
221224
LSM_HOOK(int, 0, kernel_create_files_as, struct cred *new, struct inode *inode)
222225
LSM_HOOK(int, 0, kernel_module_request, char *kmod_name)
@@ -235,9 +238,9 @@ LSM_HOOK(int, 0, task_fix_setgroups, struct cred *new, const struct cred * old)
235238
LSM_HOOK(int, 0, task_setpgid, struct task_struct *p, pid_t pgid)
236239
LSM_HOOK(int, 0, task_getpgid, struct task_struct *p)
237240
LSM_HOOK(int, 0, task_getsid, struct task_struct *p)
238-
LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid)
239-
LSM_HOOK(void, LSM_RET_VOID, task_getsecid_obj,
240-
struct task_struct *p, u32 *secid)
241+
LSM_HOOK(void, LSM_RET_VOID, current_getlsmprop_subj, struct lsm_prop *prop)
242+
LSM_HOOK(void, LSM_RET_VOID, task_getlsmprop_obj,
243+
struct task_struct *p, struct lsm_prop *prop)
241244
LSM_HOOK(int, 0, task_setnice, struct task_struct *p, int nice)
242245
LSM_HOOK(int, 0, task_setioprio, struct task_struct *p, int ioprio)
243246
LSM_HOOK(int, 0, task_getioprio, struct task_struct *p)
@@ -256,8 +259,8 @@ LSM_HOOK(void, LSM_RET_VOID, task_to_inode, struct task_struct *p,
256259
struct inode *inode)
257260
LSM_HOOK(int, 0, userns_create, const struct cred *cred)
258261
LSM_HOOK(int, 0, ipc_permission, struct kern_ipc_perm *ipcp, short flag)
259-
LSM_HOOK(void, LSM_RET_VOID, ipc_getsecid, struct kern_ipc_perm *ipcp,
260-
u32 *secid)
262+
LSM_HOOK(void, LSM_RET_VOID, ipc_getlsmprop, struct kern_ipc_perm *ipcp,
263+
struct lsm_prop *prop)
261264
LSM_HOOK(int, 0, msg_msg_alloc_security, struct msg_msg *msg)
262265
LSM_HOOK(void, LSM_RET_VOID, msg_msg_free_security, struct msg_msg *msg)
263266
LSM_HOOK(int, 0, msg_queue_alloc_security, struct kern_ipc_perm *perm)
@@ -294,6 +297,8 @@ LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size)
294297
LSM_HOOK(int, 0, ismaclabel, const char *name)
295298
LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata,
296299
u32 *seclen)
300+
LSM_HOOK(int, -EOPNOTSUPP, lsmprop_to_secctx, struct lsm_prop *prop,
301+
char **secdata, u32 *seclen)
297302
LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid)
298303
LSM_HOOK(void, LSM_RET_VOID, release_secctx, char *secdata, u32 seclen)
299304
LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode)
@@ -416,7 +421,8 @@ LSM_HOOK(void, LSM_RET_VOID, key_post_create_or_update, struct key *keyring,
416421
LSM_HOOK(int, 0, audit_rule_init, u32 field, u32 op, char *rulestr,
417422
void **lsmrule, gfp_t gfp)
418423
LSM_HOOK(int, 0, audit_rule_known, struct audit_krule *krule)
419-
LSM_HOOK(int, 0, audit_rule_match, u32 secid, u32 field, u32 op, void *lsmrule)
424+
LSM_HOOK(int, 0, audit_rule_match, struct lsm_prop *prop, u32 field, u32 op,
425+
void *lsmrule)
420426
LSM_HOOK(void, LSM_RET_VOID, audit_rule_free, void *lsmrule)
421427
#endif /* CONFIG_AUDIT */
422428

include/linux/security.h

Lines changed: 82 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,10 @@
3434
#include <linux/sockptr.h>
3535
#include <linux/bpf.h>
3636
#include <uapi/linux/lsm.h>
37+
#include <linux/lsm/selinux.h>
38+
#include <linux/lsm/smack.h>
39+
#include <linux/lsm/apparmor.h>
40+
#include <linux/lsm/bpf.h>
3741

3842
struct linux_binprm;
3943
struct cred;
@@ -152,6 +156,16 @@ enum lockdown_reason {
152156
LOCKDOWN_CONFIDENTIALITY_MAX,
153157
};
154158

159+
/*
160+
* Data exported by the security modules
161+
*/
162+
struct lsm_prop {
163+
struct lsm_prop_selinux selinux;
164+
struct lsm_prop_smack smack;
165+
struct lsm_prop_apparmor apparmor;
166+
struct lsm_prop_bpf bpf;
167+
};
168+
155169
extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];
156170
extern u32 lsm_active_cnt;
157171
extern const struct lsm_id *lsm_idlist[];
@@ -269,8 +283,32 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id)
269283
return kernel_load_data_str[id];
270284
}
271285

286+
/**
287+
* lsmprop_init - initialize a lsm_prop structure
288+
* @prop: Pointer to the data to initialize
289+
*
290+
* Set all secid for all modules to the specified value.
291+
*/
292+
static inline void lsmprop_init(struct lsm_prop *prop)
293+
{
294+
memset(prop, 0, sizeof(*prop));
295+
}
296+
272297
#ifdef CONFIG_SECURITY
273298

299+
/**
300+
* lsmprop_is_set - report if there is a value in the lsm_prop
301+
* @prop: Pointer to the exported LSM data
302+
*
303+
* Returns true if there is a value set, false otherwise
304+
*/
305+
static inline bool lsmprop_is_set(struct lsm_prop *prop)
306+
{
307+
const struct lsm_prop empty = {};
308+
309+
return !!memcmp(prop, &empty, sizeof(*prop));
310+
}
311+
274312
int call_blocking_lsm_notifier(enum lsm_event event, void *data);
275313
int register_blocking_lsm_notifier(struct notifier_block *nb);
276314
int unregister_blocking_lsm_notifier(struct notifier_block *nb);
@@ -408,7 +446,7 @@ int security_inode_getsecurity(struct mnt_idmap *idmap,
408446
void **buffer, bool alloc);
409447
int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
410448
int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
411-
void security_inode_getsecid(struct inode *inode, u32 *secid);
449+
void security_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop);
412450
int security_inode_copy_up(struct dentry *src, struct cred **new);
413451
int security_inode_copy_up_xattr(struct dentry *src, const char *name);
414452
int security_inode_setintegrity(const struct inode *inode,
@@ -444,6 +482,7 @@ void security_cred_free(struct cred *cred);
444482
int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp);
445483
void security_transfer_creds(struct cred *new, const struct cred *old);
446484
void security_cred_getsecid(const struct cred *c, u32 *secid);
485+
void security_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop);
447486
int security_kernel_act_as(struct cred *new, u32 secid);
448487
int security_kernel_create_files_as(struct cred *new, struct inode *inode);
449488
int security_kernel_module_request(char *kmod_name);
@@ -463,8 +502,8 @@ int security_task_fix_setgroups(struct cred *new, const struct cred *old);
463502
int security_task_setpgid(struct task_struct *p, pid_t pgid);
464503
int security_task_getpgid(struct task_struct *p);
465504
int security_task_getsid(struct task_struct *p);
466-
void security_current_getsecid_subj(u32 *secid);
467-
void security_task_getsecid_obj(struct task_struct *p, u32 *secid);
505+
void security_current_getlsmprop_subj(struct lsm_prop *prop);
506+
void security_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop);
468507
int security_task_setnice(struct task_struct *p, int nice);
469508
int security_task_setioprio(struct task_struct *p, int ioprio);
470509
int security_task_getioprio(struct task_struct *p);
@@ -482,7 +521,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
482521
void security_task_to_inode(struct task_struct *p, struct inode *inode);
483522
int security_create_user_ns(const struct cred *cred);
484523
int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
485-
void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
524+
void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp, struct lsm_prop *prop);
486525
int security_msg_msg_alloc(struct msg_msg *msg);
487526
void security_msg_msg_free(struct msg_msg *msg);
488527
int security_msg_queue_alloc(struct kern_ipc_perm *msq);
@@ -515,6 +554,7 @@ int security_setprocattr(int lsmid, const char *name, void *value, size_t size);
515554
int security_netlink_send(struct sock *sk, struct sk_buff *skb);
516555
int security_ismaclabel(const char *name);
517556
int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
557+
int security_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, u32 *seclen);
518558
int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
519559
void security_release_secctx(char *secdata, u32 seclen);
520560
void security_inode_invalidate_secctx(struct inode *inode);
@@ -531,6 +571,17 @@ int security_bdev_setintegrity(struct block_device *bdev,
531571
size_t size);
532572
#else /* CONFIG_SECURITY */
533573

574+
/**
575+
* lsmprop_is_set - report if there is a value in the lsm_prop
576+
* @prop: Pointer to the exported LSM data
577+
*
578+
* Returns true if there is a value set, false otherwise
579+
*/
580+
static inline bool lsmprop_is_set(struct lsm_prop *prop)
581+
{
582+
return false;
583+
}
584+
534585
static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data)
535586
{
536587
return 0;
@@ -1020,9 +1071,10 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer,
10201071
return 0;
10211072
}
10221073

1023-
static inline void security_inode_getsecid(struct inode *inode, u32 *secid)
1074+
static inline void security_inode_getlsmprop(struct inode *inode,
1075+
struct lsm_prop *prop)
10241076
{
1025-
*secid = 0;
1077+
lsmprop_init(prop);
10261078
}
10271079

10281080
static inline int security_inode_copy_up(struct dentry *src, struct cred **new)
@@ -1172,6 +1224,10 @@ static inline void security_cred_getsecid(const struct cred *c, u32 *secid)
11721224
*secid = 0;
11731225
}
11741226

1227+
static inline void security_cred_getlsmprop(const struct cred *c,
1228+
struct lsm_prop *prop)
1229+
{ }
1230+
11751231
static inline int security_kernel_act_as(struct cred *cred, u32 secid)
11761232
{
11771233
return 0;
@@ -1249,14 +1305,15 @@ static inline int security_task_getsid(struct task_struct *p)
12491305
return 0;
12501306
}
12511307

1252-
static inline void security_current_getsecid_subj(u32 *secid)
1308+
static inline void security_current_getlsmprop_subj(struct lsm_prop *prop)
12531309
{
1254-
*secid = 0;
1310+
lsmprop_init(prop);
12551311
}
12561312

1257-
static inline void security_task_getsecid_obj(struct task_struct *p, u32 *secid)
1313+
static inline void security_task_getlsmprop_obj(struct task_struct *p,
1314+
struct lsm_prop *prop)
12581315
{
1259-
*secid = 0;
1316+
lsmprop_init(prop);
12601317
}
12611318

12621319
static inline int security_task_setnice(struct task_struct *p, int nice)
@@ -1332,9 +1389,10 @@ static inline int security_ipc_permission(struct kern_ipc_perm *ipcp,
13321389
return 0;
13331390
}
13341391

1335-
static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
1392+
static inline void security_ipc_getlsmprop(struct kern_ipc_perm *ipcp,
1393+
struct lsm_prop *prop)
13361394
{
1337-
*secid = 0;
1395+
lsmprop_init(prop);
13381396
}
13391397

13401398
static inline int security_msg_msg_alloc(struct msg_msg *msg)
@@ -1468,7 +1526,14 @@ static inline int security_ismaclabel(const char *name)
14681526
return 0;
14691527
}
14701528

1471-
static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
1529+
static inline int security_secid_to_secctx(u32 secid, char **secdata,
1530+
u32 *seclen)
1531+
{
1532+
return -EOPNOTSUPP;
1533+
}
1534+
1535+
static inline int security_lsmprop_to_secctx(struct lsm_prop *prop,
1536+
char **secdata, u32 *seclen)
14721537
{
14731538
return -EOPNOTSUPP;
14741539
}
@@ -2095,7 +2160,8 @@ static inline void security_key_post_create_or_update(struct key *keyring,
20952160
int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule,
20962161
gfp_t gfp);
20972162
int security_audit_rule_known(struct audit_krule *krule);
2098-
int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule);
2163+
int security_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op,
2164+
void *lsmrule);
20992165
void security_audit_rule_free(void *lsmrule);
21002166

21012167
#else
@@ -2111,8 +2177,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule)
21112177
return 0;
21122178
}
21132179

2114-
static inline int security_audit_rule_match(u32 secid, u32 field, u32 op,
2115-
void *lsmrule)
2180+
static inline int security_audit_rule_match(struct lsm_prop *prop, u32 field,
2181+
u32 op, void *lsmrule)
21162182
{
21172183
return 0;
21182184
}

include/net/netlabel.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,7 @@ struct calipso_doi;
9797

9898
/* NetLabel audit information */
9999
struct netlbl_audit {
100-
u32 secid;
100+
struct lsm_prop prop;
101101
kuid_t loginuid;
102102
unsigned int sessionid;
103103
};

0 commit comments

Comments
 (0)