From: Casey Schaufler <casey@schaufler-ca.com>
To: Paul Moore <paul@paul-moore.com>
Cc: selinux@vger.kernel.org, linux-security-module@vger.kernel.org,
Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
Date: Sat, 20 Nov 2021 09:54:22 -0800 [thread overview]
Message-ID: <332675a2-e9f1-4dab-551e-226418439abc@schaufler-ca.com> (raw)
In-Reply-To: <CAHC9VhRx4KSMunuijEF+Bf7GzmBr7zXKwwW2mhOgTg8DfOCsWw@mail.gmail.com>
On 11/20/2021 7:06 AM, Paul Moore wrote:
> On Fri, Nov 19, 2021 at 7:42 PM Casey Schaufler <casey@schaufler-ca.com> wrote:
>> On 11/19/2021 2:52 PM, Paul Moore wrote:
>>> On Wed, Sep 29, 2021 at 3:17 PM Paul Moore <paul@paul-moore.com> wrote:
>>>> The security_task_getsecid_subj() LSM hook invites misuse by allowing
>>>> callers to specify a task even though the hook is only safe when the
>>>> current task is referenced. Fix this by removing the task_struct
>>>> argument to the hook, requiring LSM implementations to use the
>>>> current task. While we are changing the hook declaration we also
>>>> rename the function to security_current_getsecid_subj() in an effort
>>>> to reinforce that the hook captures the subjective credentials of the
>>>> current task and not an arbitrary task on the system.
>>>>
>>>> Signed-off-by: Paul Moore <paul@paul-moore.com>
>>>> ---
>>>> include/linux/lsm_hook_defs.h | 3 +--
>>>> include/linux/lsm_hooks.h | 8 +++-----
>>>> include/linux/security.h | 4 ++--
>>>> kernel/audit.c | 4 ++--
>>>> kernel/auditfilter.c | 3 +--
>>>> kernel/auditsc.c | 10 +++++++++-
>>>> net/netlabel/netlabel_unlabeled.c | 2 +-
>>>> net/netlabel/netlabel_user.h | 2 +-
>>>> security/apparmor/lsm.c | 13 ++++++++++---
>>>> security/integrity/ima/ima_appraise.c | 2 +-
>>>> security/integrity/ima/ima_main.c | 14 +++++++-------
>>>> security/security.c | 6 +++---
>>>> security/selinux/hooks.c | 19 +++----------------
>>>> security/smack/smack.h | 16 ----------------
>>>> security/smack/smack_lsm.c | 9 ++++-----
>>>> 15 files changed, 48 insertions(+), 67 deletions(-)
>>> I never saw any comments, positive or negative, on this patch so I'll
>>> plan on merging it early next week. If you've got objections, now is
>>> the time to speak up.
>> It's OK by me.
>>
>> Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
> Thanks Casey. Are you okay with the AppArmor tweak mentioned by Serge and John?
Yes.
next prev parent reply other threads:[~2021-11-20 17:54 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-29 19:17 [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() Paul Moore
2021-09-29 19:19 ` Paul Moore
2021-11-19 22:52 ` Paul Moore
2021-11-19 23:23 ` Serge E. Hallyn
2021-11-19 23:59 ` John Johansen
2021-11-20 15:04 ` Paul Moore
2021-11-20 0:42 ` Casey Schaufler
2021-11-20 15:06 ` Paul Moore
2021-11-20 17:54 ` Casey Schaufler [this message]
2021-11-22 23:12 ` Paul Moore
2021-11-22 23:25 ` Serge E. Hallyn
2021-11-23 0:40 ` Casey Schaufler
2021-11-23 3:14 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=332675a2-e9f1-4dab-551e-226418439abc@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox