From: Casey Schaufler <casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
To: Lukasz Pawelczyk
<l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>,
"David S. Miller" <davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>,
"Eric W. Biederman"
<ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>,
"Serge E. Hallyn" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>,
Al Viro <viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>,
Alexey Dobriyan
<adobriyan-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Calvin Owens <calvinowens-b10kYP2dOMg@public.gmane.org>,
David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Eric Dumazet <edumazet-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
Eric Paris <eparis-FjpueFixGhCM4zKIHC2jIg@public.gmane.org>,
Greg Kroah-Hartman
<gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>,
James Morris
<james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>,
Jann Horn <jann-XZ1E9jl8jIdeoWH0uzbU5w@public.gmane.org>,
Jiri Slaby <jslaby-IBi9RG/b67k@public.gmane.org>,
Joe Perches <joe-6d6DIl74uiNBDgjK7y7TUQ@public.gmane.org>,
John Johansen
<john.johansen-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>,
Jonathan Corbet <corbet-T1hC0tSOHrs@public.gmane.org>,
Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>,
Mauro Carvalho Chehab
<mchehab-JPH+aEBZ4P+UEJcrhfAQsw@public.gmane.org>,
NeilBrown <neilb-l3A5Bk7waGM@public.gmane.org>,
Paul Moore <paul-r2n+y4ga6xFZroRs9YW3xA@public.gmane.org>Serge
Cc: Lukasz Pawelczyk <havner-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Subject: Re: [PATCH v4 03/11] lsm: add file opener's cred to a setprocattr arguments
Date: Thu, 29 Oct 2015 15:49:59 -0700 [thread overview]
Message-ID: <5632A297.5050608@schaufler-ca.com> (raw)
In-Reply-To: <1444826525-9758-4-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
On 10/14/2015 5:41 AM, Lukasz Pawelczyk wrote:
> setprocattr hook for Smack's label_map attribute needs to know the
> capabilities of file opener. Add those credentials to the hook's
> arguments.
>
> While at it add documentation on get/setprocattr hooks.
>
> Signed-off-by: Lukasz Pawelczyk <l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
> Acked-by: Serge Hallyn <serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
Acked-by: Casey Schaufler <casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
> ---
> fs/proc/base.c | 2 +-
> include/linux/lsm_hooks.h | 18 ++++++++++++++++--
> include/linux/security.h | 7 +++++--
> security/apparmor/lsm.c | 5 +++--
> security/security.c | 6 ++++--
> security/selinux/hooks.c | 2 +-
> security/smack/smack_lsm.c | 4 ++--
> 7 files changed, 32 insertions(+), 12 deletions(-)
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index 9ec88b8..2b38969 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2447,7 +2447,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf,
> if (length < 0)
> goto out_free;
>
> - length = security_setprocattr(task,
> + length = security_setprocattr(task, file->f_cred,
> (char*)file->f_path.dentry->d_name.name,
> (void*)page, count);
> mutex_unlock(&task->signal->cred_guard_mutex);
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 7049db0..4f16640 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1220,6 +1220,20 @@
> * Return 0 if @name is to be handled by seq, EOPNOTSUPP if getprocattr()
> * should be used. Other errors will be passed to user-space.
> *
> + * @getprocattr:
> + * Get a value of a proc security attribute in /proc/$PID/attr/.
> + * @p a task associated with the proc file.
> + * @name a name of the file in question.
> + * @value a pointer where to return the attribute's value.
> + *
> + * @setprocattr:
> + * Set a value of a proc security attribute in /proc/$PID/attr/.
> + * @p a task associated with the proc file.
> + * @f_cred credentials of a file's opener.
> + * @name a name of the file in question.
> + * @value a pointer where a value to set is kept.
> + * @size a number of bytes to read from the @value pointer.
> + *
> * @secid_to_secctx:
> * Convert secid to security context. If secdata is NULL the length of
> * the result will be returned in seclen, but no secdata will be returned.
> @@ -1540,8 +1554,8 @@ union security_list_options {
> int (*getprocattr_seq)(struct task_struct *p, const char *name,
> const struct seq_operations **ops);
> int (*getprocattr)(struct task_struct *p, char *name, char **value);
> - int (*setprocattr)(struct task_struct *p, char *name, void *value,
> - size_t size);
> + int (*setprocattr)(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size);
> int (*ismaclabel)(const char *name);
> int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
> int (*secctx_to_secid)(const char *secdata, u32 seclen, u32 *secid);
> diff --git a/include/linux/security.h b/include/linux/security.h
> index dddea2f..12bd011 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -348,7 +348,8 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode);
> int security_getprocattr_seq(struct task_struct *p, const char *name,
> const struct seq_operations **ops);
> int security_getprocattr(struct task_struct *p, char *name, char **value);
> -int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size);
> +int security_setprocattr(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size);
> int security_netlink_send(struct sock *sk, struct sk_buff *skb);
> int security_ismaclabel(const char *name);
> int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
> @@ -1071,7 +1072,9 @@ static inline int security_getprocattr(struct task_struct *p, char *name, char *
> return -EINVAL;
> }
>
> -static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
> +static inline int security_setprocattr(struct task_struct *p,
> + const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> return -EINVAL;
> }
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index dec607c..1212927 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -518,8 +518,9 @@ static int apparmor_getprocattr(struct task_struct *task, char *name,
> return error;
> }
>
> -static int apparmor_setprocattr(struct task_struct *task, char *name,
> - void *value, size_t size)
> +static int apparmor_setprocattr(struct task_struct *task,
> + const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> struct common_audit_data sa;
> struct apparmor_audit_data aad = {0,};
> diff --git a/security/security.c b/security/security.c
> index da2bcd4..abfc207 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -1132,9 +1132,11 @@ int security_getprocattr(struct task_struct *p, char *name, char **value)
> return call_int_hook(getprocattr, -EINVAL, p, name, value);
> }
>
> -int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
> +int security_setprocattr(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> - return call_int_hook(setprocattr, -EINVAL, p, name, value, size);
> + return call_int_hook(setprocattr, -EINVAL, p, f_cred,
> + name, value, size);
> }
>
> int security_netlink_send(struct sock *sk, struct sk_buff *skb)
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index e4369d8..470eff8 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -5603,7 +5603,7 @@ invalid:
> return -EINVAL;
> }
>
> -static int selinux_setprocattr(struct task_struct *p,
> +static int selinux_setprocattr(struct task_struct *p, const struct cred *f_cred,
> char *name, void *value, size_t size)
> {
> struct task_security_struct *tsec;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index c2d66ca..c439370 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3549,8 +3549,8 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value)
> *
> * Returns the length of the smack label or an error code
> */
> -static int smack_setprocattr(struct task_struct *p, char *name,
> - void *value, size_t size)
> +static int smack_setprocattr(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> struct task_smack *tsp;
> struct cred *new;
next prev parent reply other threads:[~2015-10-29 22:49 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-14 12:41 [PATCH v4 00/11] Smack namespace Lukasz Pawelczyk
[not found] ` <1444826525-9758-1-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-14 12:41 ` [PATCH v4 01/11] user_ns: 3 new LSM hooks for user namespace operations Lukasz Pawelczyk
[not found] ` <1444826525-9758-2-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:49 ` Casey Schaufler
2015-10-14 12:41 ` [PATCH v4 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook Lukasz Pawelczyk
[not found] ` <1444826525-9758-3-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:49 ` Casey Schaufler
2015-10-14 12:41 ` [PATCH v4 03/11] lsm: add file opener's cred to a setprocattr arguments Lukasz Pawelczyk
[not found] ` <1444826525-9758-4-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:49 ` Casey Schaufler [this message]
2015-11-10 4:16 ` Al Viro
[not found] ` <20151110041625.GA19875@ZenIV.linux.org.uk>
[not found] ` <20151110041625.GA19875-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-11-10 10:15 ` Lukasz Pawelczyk
2015-10-14 12:41 ` [PATCH v4 04/11] lsm: inode_pre_setxattr hook Lukasz Pawelczyk
2015-10-14 12:41 ` [PATCH v4 05/11] smack: extend capability functions and fix 2 checks Lukasz Pawelczyk
[not found] ` <1444826525-9758-6-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:50 ` Casey Schaufler
2015-10-14 12:42 ` [PATCH v4 06/11] smack: don't use implicit star to display smackfs/syslog Lukasz Pawelczyk
2015-10-14 12:42 ` [PATCH v4 07/11] smack: abstraction layer for 2 common Smack operations Lukasz Pawelczyk
[not found] ` <1444826525-9758-8-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:51 ` Casey Schaufler
2015-10-14 12:42 ` [PATCH v4 08/11] smack: misc cleanups in preparation for a namespace patch Lukasz Pawelczyk
2015-10-14 12:42 ` [PATCH v4 09/11] smack: namespace groundwork Lukasz Pawelczyk
[not found] ` <1444826525-9758-10-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:51 ` Casey Schaufler
2015-10-14 12:42 ` [PATCH v4 10/11] smack: namespace implementation Lukasz Pawelczyk
2015-10-14 12:42 ` [PATCH v4 11/11] smack: documentation for the Smack namespace Lukasz Pawelczyk
[not found] ` <1444826525-9758-12-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:52 ` Casey Schaufler
2015-11-09 15:40 ` [PATCH v4 00/11] " Lukasz Pawelczyk
[not found] ` <1444826525-9758-5-git-send-email-l.pawelczyk@samsung.com>
[not found] ` <1444826525-9758-5-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:50 ` [PATCH v4 04/11] lsm: inode_pre_setxattr hook Casey Schaufler
2015-11-05 5:16 ` John Johansen
[not found] ` <1444826525-9758-7-git-send-email-l.pawelczyk@samsung.com>
[not found] ` <1444826525-9758-7-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:50 ` [PATCH v4 06/11] smack: don't use implicit star to display smackfs/syslog Casey Schaufler
[not found] ` <1444826525-9758-9-git-send-email-l.pawelczyk@samsung.com>
[not found] ` <1444826525-9758-9-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:51 ` [PATCH v4 08/11] smack: misc cleanups in preparation for a namespace patch Casey Schaufler
[not found] ` <1444826525-9758-11-git-send-email-l.pawelczyk@samsung.com>
[not found] ` <1444826525-9758-11-git-send-email-l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-10-29 22:52 ` [PATCH v4 10/11] smack: namespace implementation Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5632A297.5050608@schaufler-ca.com \
--to=casey-isgtlc1asvqwg2llvl+j4a@public.gmane.org \
--cc=adobriyan-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=calvinowens-b10kYP2dOMg@public.gmane.org \
--cc=corbet-T1hC0tSOHrs@public.gmane.org \
--cc=davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org \
--cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=edumazet-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
--cc=eparis-FjpueFixGhCM4zKIHC2jIg@public.gmane.org \
--cc=gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org \
--cc=havner-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org \
--cc=jann-XZ1E9jl8jIdeoWH0uzbU5w@public.gmane.org \
--cc=joe-6d6DIl74uiNBDgjK7y7TUQ@public.gmane.org \
--cc=john.johansen-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org \
--cc=jslaby-IBi9RG/b67k@public.gmane.org \
--cc=keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
--cc=l.pawelczyk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org \
--cc=luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=mchehab-JPH+aEBZ4P+UEJcrhfAQsw@public.gmane.org \
--cc=neilb-l3A5Bk7waGM@public.gmane.org \
--cc=paul-r2n+y4ga6xFZroRs9YW3xA@public.gmane.org \
--cc=serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox