From: Kees Cook <keescook@chromium.org>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: paul@paul-moore.com, linux-security-module@vger.kernel.org,
jmorris@namei.org, john.johansen@canonical.com,
penguin-kernel@i-love.sakura.ne.jp,
stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org, mic@digikod.net
Subject: Re: [PATCH v9 02/11] LSM: Maintain a table of LSM attribute data
Date: Fri, 21 Apr 2023 12:20:22 -0700 [thread overview]
Message-ID: <6442e1f7.620a0220.b44ce.7a42@mx.google.com> (raw)
In-Reply-To: <20230421174259.2458-3-casey@schaufler-ca.com>
On Fri, Apr 21, 2023 at 10:42:50AM -0700, Casey Schaufler wrote:
> As LSMs are registered add their lsm_id pointers to a table.
> This will be used later for attribute reporting.
>
> Determine the number of possible security modules based on
> their respective CONFIG options. This allows the number to be
> known at build time. This allows data structures and tables
> to use the constant.
>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Nit below...
> [...]
> @@ -513,6 +531,15 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count,
> {
> int i;
>
> + if (lsm_active_cnt >= LSM_COUNT)
> + panic("%s Too many LSMs registered.\n", __func__);
> + /*
> + * A security module may call security_add_hooks() more
> + * than once. Landlock is one such case.
> + */
> + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid)
> + lsm_idlist[lsm_active_cnt++] = lsmid;
> +
I find this logic hard to parse. I think this might be better, since
lsm_idlist will be entirely initialized to LSM_UNDEF, yes?
/*
* A security module may call security_add_hooks() more
* than once during initialization, and LSM initialization
* is serialized. Landlock is one such case.
*/
if (lsm_idlist[lsm_active_cnt] != lsmid)
lsm_idlist[lsm_active_cnt++] = lsmid;
--
Kees Cook
next prev parent reply other threads:[~2023-04-21 19:20 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20230421174259.2458-1-casey.ref@schaufler-ca.com>
2023-04-21 17:42 ` [PATCH v9 00/11] LSM: Three basic syscalls Casey Schaufler
2023-04-21 17:42 ` [PATCH v9 01/11] LSM: Identify modules by more than name Casey Schaufler
2023-04-21 19:14 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 02/11] LSM: Maintain a table of LSM attribute data Casey Schaufler
2023-04-21 19:20 ` Kees Cook [this message]
2023-04-27 15:31 ` Casey Schaufler
2023-04-23 8:04 ` kernel test robot
2023-04-21 17:42 ` [PATCH v9 03/11] proc: Use lsmids instead of lsm names for attrs Casey Schaufler
2023-04-21 19:21 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 04/11] LSM: syscalls for current process attributes Casey Schaufler
2023-04-21 19:36 ` Kees Cook
2023-04-26 1:12 ` Casey Schaufler
2023-04-22 13:12 ` kernel test robot
2023-04-22 16:59 ` kernel test robot
2023-04-21 17:42 ` [PATCH v9 05/11] LSM: Create lsm_list_modules system call Casey Schaufler
2023-04-21 19:38 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 06/11] LSM: wireup Linux Security Module syscalls Casey Schaufler
2023-04-21 19:38 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 07/11] LSM: Helpers for attribute names and filling an lsm_ctx Casey Schaufler
2023-04-21 19:46 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 08/11] Smack: implement setselfattr and getselfattr hooks Casey Schaufler
2023-04-21 19:49 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 09/11] AppArmor: Add selfattr hooks Casey Schaufler
2023-04-21 19:54 ` Kees Cook
2023-04-22 1:23 ` kernel test robot
2023-04-22 14:55 ` kernel test robot
2023-04-21 17:42 ` [PATCH v9 10/11] SELinux: " Casey Schaufler
2023-04-21 19:57 ` Kees Cook
2023-04-21 17:42 ` [PATCH v9 11/11] LSM: selftests for Linux Security Module syscalls Casey Schaufler
2023-04-21 20:01 ` Kees Cook
2023-04-27 16:00 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6442e1f7.620a0220.b44ce.7a42@mx.google.com \
--to=keescook@chromium.org \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.