From: Konstantin Andreev <andreev@swemel.ru>
To: casey@schaufler-ca.com
Cc: linux-security-module@vger.kernel.org
Subject: [PATCH 2/2] smack: show msgrcv() subject task in audit
Date: Mon, 11 May 2026 03:17:17 +0300 [thread overview]
Message-ID: <20260511001717.3522345-3-andreev@swemel.ru> (raw)
In-Reply-To: <20260511001717.3522345-1-andreev@swemel.ru>
When a task msgrcv()'es some message the SMACK audit log message
looks like:
fn=smk_tskacc_msq action=denied subject="bar" object="foo" requested=rw
pid=456 comm="mrcv" ipc_key=2
fn=smk_tskacc_msq action=granted subject="bar" object="foo" requested=rw
pid=519 comm="mrcv" ipc_key=2
where pid= is a pid of a “current” task which calls smk_tskacc_msq().
Usually, the caller of smk_tskacc_msq() is also a subject task
which determines its own permission. In the example above
the 'mrcv' process has label 'bar' and wants "rw" for label "foo".
However, when sender task delivers message using
ipc/msg.c`pipelined_send():
` security_msg_queue_msgrcv(,, msr->r_tsk,,)
` smp_store_release(&msr->r_msg, msg)
“current” task and “subject” task differ, and
the “subject” task is missed from the audit message.
This patch adds two fields, subj_pid and subj_comm,
into the audit message:
fn=smk_tskacc_msq action=granted subject="bar" object="foo" requested=rw
subj_pid=564 subj_comm="mrcv" pid=577 comm="msnd" ipc_key=2
Signed-off-by: Konstantin Andreev <andreev@swemel.ru>
---
security/smack/smack.h | 1 +
security/smack/smack_access.c | 9 +++++++++
security/smack/smack_lsm.c | 2 ++
3 files changed, 12 insertions(+)
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 9b9eb262fe33..551fcf2a1832 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -261,6 +261,7 @@ struct smack_audit_data {
char *subject;
char *object;
char *request;
+ struct task_struct *subj_tsk;
int result;
};
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index 350b88d582b3..fb85356266e5 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -331,6 +331,15 @@ static void smack_log_callback(struct audit_buffer *ab, void *a)
audit_log_format(ab, " labels_differ");
else
audit_log_format(ab, " requested=%s", sad->request);
+
+ if (sad->subj_tsk) {
+ char comm[TASK_COMM_LEN];
+
+ audit_log_format(ab, " subj_pid=%d subj_comm=",
+ task_tgid_nr(sad->subj_tsk));
+ audit_log_untrustedstring(ab,
+ get_task_comm(comm, sad->subj_tsk));
+ }
}
/**
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 3146fa83c2f1..6f6ff9b20981 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -3383,6 +3383,8 @@ smk_tskacc_msq(struct task_struct *tsk, struct kern_ipc_perm *isp, int access)
#ifdef CONFIG_AUDIT
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
ad.a.u.ipc_id = isp->id;
+ if (!tsk_is_current)
+ ad.sad.subj_tsk = tsk;
#endif
rc = smk_tskacc(tsp, msp, access, &ad);
rc = smk_bu_tsk_to_obj(tsk, tsp, "msq", msp, access, rc);
--
2.47.3
prev parent reply other threads:[~2026-05-11 0:26 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-11 0:17 [PATCH 0/2] smack: fix incorrect task context in smack_msg_queue_msgrcv Konstantin Andreev
2026-05-11 0:17 ` [PATCH 1/2] " Konstantin Andreev
2026-05-11 0:17 ` Konstantin Andreev [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260511001717.3522345-3-andreev@swemel.ru \
--to=andreev@swemel.ru \
--cc=casey@schaufler-ca.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox