From: Paul Moore <paul.moore@hp.com>
To: netdev@vger.kernel.org, linux-security-module@vger.kernel.org,
selinux@tycho.nsa.gov
Subject: [RFC PATCH v1 0/2] The Long Lost TUN LSM Hooks
Date: Tue, 04 Aug 2009 17:21:46 -0400 [thread overview]
Message-ID: <20090804211304.10798.65601.stgit@flek.lan> (raw)
While drivers in general aren't good places for LSM hooks the TUN driver is
a bit different because of how it handles sockets and network traffic. The
problem lies in the fact that the TUN driver creates a sock structure to use
when sending network traffic but the sock is never put through the same LSM
setup/control as other sock structures on the system which makes enforcing
security on TUN generated traffic difficult for some LSMs. This patch set
adds three new LSM hooks, all specific to the TUN driver (none of the existing
hooks made sense, trust me we tried), to control and monitor the creating and
attachment of TUN devices.
The necessary support for SELinux is also included in this patch with support
for Smack and TOMOYO absent; although I suspect there will be no changes needed
for either of those LSMs.
--
NOTE: These patches are truly RFC, please let me know how you feel about these
new hooks. I've booted a kernel with these changes but I'm having some
problems today with my Rawhide/KVM test machine so I'm having mixed luck
testing this - no regressions, but no real TUN testing either.
---
Paul Moore (2):
selinux: Support for the new TUN LSM hooks
lsm: Add hooks to the TUN driver
drivers/net/tun.c | 41 ++++++++-------
include/linux/security.h | 34 +++++++++++++
security/commoncap.c | 26 ++++++++++
security/security.c | 18 +++++++
security/selinux/hooks.c | 76 +++++++++++++++++++++++++++-
security/selinux/include/av_inherit.h | 1
security/selinux/include/av_permissions.h | 22 ++++++++
security/selinux/include/class_to_string.h | 1
security/selinux/include/flask.h | 1
security/selinux/include/security.h | 2 +
security/selinux/selinuxfs.c | 3 +
security/selinux/ss/services.c | 3 +
12 files changed, 207 insertions(+), 21 deletions(-)
next reply other threads:[~2009-08-04 21:22 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-04 21:21 Paul Moore [this message]
2009-08-04 21:21 ` [RFC PATCH v1 1/2] lsm: Add hooks to the TUN driver Paul Moore
2009-08-05 13:03 ` Eric Paris
2009-08-05 14:13 ` Serge E. Hallyn
2009-08-05 21:58 ` Paul Moore
2009-08-06 2:15 ` Serge E. Hallyn
2009-08-06 14:24 ` Paul Moore
2009-08-06 15:52 ` Serge E. Hallyn
2009-08-06 16:25 ` Paul Moore
2009-08-06 18:38 ` Serge E. Hallyn
2009-08-04 21:22 ` [RFC PATCH v1 2/2] selinux: Support for the new TUN LSM hooks Paul Moore
2009-08-05 13:06 ` Eric Paris
2009-08-05 0:43 ` [RFC PATCH v1 0/2] The Long Lost TUN LSM Hooks James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090804211304.10798.65601.stgit@flek.lan \
--to=paul.moore@hp.com \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).