From: "Serge E. Hallyn" <serge@hallyn.com>
To: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Alexey Dobriyan <adobriyan@gmail.com>,
Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@amacapital.net>,
Arnd Bergmann <arnd@arndb.de>,
Casey Schaufler <casey@schaufler-ca.com>,
David Howells <dhowells@redhat.com>,
Eric Dumazet <edumazet@google.com>,
Eric Paris <eparis@parisplace.org>,
Fabian Frederick <fabf@skynet.be>,
Greg KH <gregkh@linuxfoundation.org>,
James Morris <james.l.morris@oracle.com>,
Jiri Slaby <jslaby@suse.com>, Joe Perches <joe@perches.com>,
John Johansen <john.johansen@canonical.com>,
Jonathan Corbet <corbet@lwn.net>,
Kees Cook <keescook@chromium.org>,
Mauro Carvalho Chehab <mchehab@osg.samsung.com>,
NeilBrown <neilb@suse.de>, Oleg Nesterov <oleg@redhat.com>,
Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@
Subject: Re: [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments
Date: Thu, 30 Jul 2015 16:50:30 -0500 [thread overview]
Message-ID: <20150730215030.GC13589@mail.hallyn.com> (raw)
In-Reply-To: <1437732285-11524-4-git-send-email-l.pawelczyk@samsung.com>
On Fri, Jul 24, 2015 at 12:04:37PM +0200, Lukasz Pawelczyk wrote:
> setprocattr hook for Smack's label_map attribute needs to know the
> capabilities of file opener. Add those credentials to the hook's
> arguments.
>
> While at it add documentation on get/setprocattr hooks.
>
> Signed-off-by: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
> ---
> fs/proc/base.c | 2 +-
> include/linux/lsm_hooks.h | 18 ++++++++++++++++--
> include/linux/security.h | 7 +++++--
> security/apparmor/lsm.c | 5 +++--
> security/security.c | 6 ++++--
> security/selinux/hooks.c | 2 +-
> security/smack/smack_lsm.c | 4 ++--
> 7 files changed, 32 insertions(+), 12 deletions(-)
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index e5ac827..775372c 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2458,7 +2458,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf,
> if (length < 0)
> goto out_free;
>
> - length = security_setprocattr(task,
> + length = security_setprocattr(task, file->f_cred,
> (char*)file->f_path.dentry->d_name.name,
> (void*)page, count);
> mutex_unlock(&task->signal->cred_guard_mutex);
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index d347e66..1751864 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1220,6 +1220,20 @@
> * Return 0 if @name is to be handled by seq, EOPNOTSUPP if getprocattr()
> * should be used. Other errors will be passed to user-space.
> *
> + * @getprocattr:
> + * Get a value of a proc security attribute in /proc/$PID/attr/.
> + * @p a task associated with the proc file.
> + * @name a name of the file in question.
> + * @value a pointer where to return the attribute's value.
> + *
> + * @setprocattr:
> + * Set a value of a proc security attribute in /proc/$PID/attr/.
> + * @p a task associated with the proc file.
> + * @f_cred credentials of a file's opener.
> + * @name a name of the file in question.
> + * @value a pointer where a value to set is kept.
> + * @size a number of bytes to read from the @value pointer.
> + *
> * @secid_to_secctx:
> * Convert secid to security context. If secdata is NULL the length of
> * the result will be returned in seclen, but no secdata will be returned.
> @@ -1540,8 +1554,8 @@ union security_list_options {
> int (*getprocattr_seq)(struct task_struct *p, const char *name,
> const struct seq_operations **ops);
> int (*getprocattr)(struct task_struct *p, char *name, char **value);
> - int (*setprocattr)(struct task_struct *p, char *name, void *value,
> - size_t size);
> + int (*setprocattr)(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size);
> int (*ismaclabel)(const char *name);
> int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
> int (*secctx_to_secid)(const char *secdata, u32 seclen, u32 *secid);
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 3090bb2..f0d2914 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -348,7 +348,8 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode);
> int security_getprocattr_seq(struct task_struct *p, const char *name,
> const struct seq_operations **ops);
> int security_getprocattr(struct task_struct *p, char *name, char **value);
> -int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size);
> +int security_setprocattr(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size);
> int security_netlink_send(struct sock *sk, struct sk_buff *skb);
> int security_ismaclabel(const char *name);
> int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
> @@ -1071,7 +1072,9 @@ static inline int security_getprocattr(struct task_struct *p, char *name, char *
> return -EINVAL;
> }
>
> -static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
> +static inline int security_setprocattr(struct task_struct *p,
> + const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> return -EINVAL;
> }
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index dec607c..1212927 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -518,8 +518,9 @@ static int apparmor_getprocattr(struct task_struct *task, char *name,
> return error;
> }
>
> -static int apparmor_setprocattr(struct task_struct *task, char *name,
> - void *value, size_t size)
> +static int apparmor_setprocattr(struct task_struct *task,
> + const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> struct common_audit_data sa;
> struct apparmor_audit_data aad = {0,};
> diff --git a/security/security.c b/security/security.c
> index e348e38..88a3b78 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -1137,9 +1137,11 @@ int security_getprocattr(struct task_struct *p, char *name, char **value)
> return call_int_hook(getprocattr, -EINVAL, p, name, value);
> }
>
> -int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
> +int security_setprocattr(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> - return call_int_hook(setprocattr, -EINVAL, p, name, value, size);
> + return call_int_hook(setprocattr, -EINVAL, p, f_cred,
> + name, value, size);
> }
>
> int security_netlink_send(struct sock *sk, struct sk_buff *skb)
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 564079c..3e1b9f7 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -5556,7 +5556,7 @@ invalid:
> return -EINVAL;
> }
>
> -static int selinux_setprocattr(struct task_struct *p,
> +static int selinux_setprocattr(struct task_struct *p, const struct cred *f_cred,
> char *name, void *value, size_t size)
> {
> struct task_security_struct *tsec;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index d962f88..cdcabf4 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3450,8 +3450,8 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value)
> *
> * Returns the length of the smack label or an error code
> */
> -static int smack_setprocattr(struct task_struct *p, char *name,
> - void *value, size_t size)
> +static int smack_setprocattr(struct task_struct *p, const struct cred *f_cred,
> + char *name, void *value, size_t size)
> {
> struct task_smack *tsp;
> struct cred *new;
> --
> 2.4.3
next prev parent reply other threads:[~2015-07-30 21:50 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1437732285-11524-1-git-send-email-l.pawelczyk@samsung.com>
2015-07-24 10:04 ` [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 04/11] lsm: inode_pre_setxattr hook Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 05/11] smack: extend capability functions and fix 2 checks Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 07/11] smack: abstraction layer for 2 common Smack operations Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 08/11] smack: misc cleanups in preparation for a namespace patch Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 09/11] smack: namespace groundwork Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 10/11] smack: namespace implementation Lukasz Pawelczyk
2015-07-24 10:04 ` [PATCH v3 11/11] smack: documentation for the Smack namespace Lukasz Pawelczyk
[not found] ` <1437732285-11524-12-git-send-email-l.pawelczyk@samsung.com>
2015-07-29 15:25 ` Serge E. Hallyn
[not found] ` <20150729152550.GC19285-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org>
2015-07-29 16:10 ` Lukasz Pawelczyk
2015-07-29 16:13 ` Lukasz Pawelczyk
2015-07-29 16:24 ` Lukasz Pawelczyk
2015-07-29 16:37 ` Serge E. Hallyn
2015-07-29 17:05 ` Lukasz Pawelczyk
2015-07-30 19:11 ` Serge E. Hallyn
[not found] ` <1437732285-11524-3-git-send-email-l.pawelczyk@samsung.com>
2015-07-30 21:49 ` [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook Serge E. Hallyn
2015-08-21 5:14 ` Paul Moore
2015-08-21 9:30 ` Lukasz Pawelczyk
[not found] ` <1437732285-11524-4-git-send-email-l.pawelczyk@samsung.com>
2015-07-30 21:50 ` Serge E. Hallyn [this message]
[not found] ` <1437732285-11524-5-git-send-email-l.pawelczyk@samsung.com>
2015-07-30 21:56 ` [PATCH v3 04/11] lsm: inode_pre_setxattr hook Serge E. Hallyn
2015-07-31 9:43 ` Lukasz Pawelczyk
[not found] ` <1437732285-11524-6-git-send-email-l.pawelczyk@samsung.com>
2015-07-30 22:10 ` [PATCH v3 05/11] smack: extend capability functions and fix 2 checks Serge E. Hallyn
[not found] ` <1437732285-11524-7-git-send-email-l.pawelczyk@samsung.com>
2015-07-30 22:42 ` [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog Serge E. Hallyn
[not found] ` <1437732285-11524-2-git-send-email-l.pawelczyk@samsung.com>
2015-07-30 21:30 ` [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations Serge E. Hallyn
2015-07-31 9:28 ` Lukasz Pawelczyk
2015-08-01 3:48 ` Serge E. Hallyn
2015-08-03 11:34 ` Lukasz Pawelczyk
2015-08-04 1:38 ` Kees Cook
2015-08-21 5:04 ` Paul Moore
2015-08-21 15:56 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150730215030.GC13589@mail.hallyn.com \
--to=serge@hallyn.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=casey@schaufler-ca.com \
--cc=corbet@lwn.net \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=edumazet@google.com \
--cc=eparis@parisplace.org \
--cc=fabf@skynet.be \
--cc=gregkh@linuxfoundation.org \
--cc=james.l.morris@oracle.com \
--cc=joe@perches.com \
--cc=john.johansen@canonical.com \
--cc=jslaby@suse.com \
--cc=keescook@chromium.org \
--cc=l.pawelczyk@samsung.com \
--cc=luto@amacapital.net \
--cc=mchehab@osg.samsung.com \
--cc=neilb@suse.de \
--cc=oleg@redhat.com \
--cc=paul@paul-moore.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).