Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932718AbbDKKre (ORCPT ); Sat, 11 Apr 2015 06:47:34 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:50895 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751706AbbDKKra (ORCPT ); Sat, 11 Apr 2015 06:47:30 -0400 Message-ID: <5528FBB5.7040805@canonical.com> Date: Sat, 11 Apr 2015 03:47:17 -0700 From: John Johansen Organization: Canonical User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Tetsuo Handa , casey@schaufler-ca.com CC: jmorris@namei.org, james.l.morris@oracle.com, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, pmoore@redhat.com, sds@tycho.nsa.gov, eparis@redhat.com, keescook@chromium.org Subject: Re: [PATCH 0/7 v21] LSM: Multiple concurrent LSMs References: <54FE4553.3000209@schaufler-ca.com> <201504102024.HGF17141.SOFFJQOMOFtHLV@I-love.SAKURA.ne.jp> In-Reply-To: <201504102024.HGF17141.SOFFJQOMOFtHLV@I-love.SAKURA.ne.jp> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 9118 Lines: 274 On 04/10/2015 04:24 AM, Tetsuo Handa wrote: > This patchset seems to be blocked for waiting for an ACK from AppArmor > people. John, can you give us ACK? > yep, I've been through the patches a couple of times, and run our regression tests, etc. I'll keep stressing it for a few days but I don't expect anything to fallout from that. Acked-by: John Johansen > Apart from ACK from John, I wrote a cleanup patch (shown below) which > we might want to append to this patchset, though we anyway need to > refresh this patchset with commit 58bc19542455 in linux-next.git included. > ---------------------------------------- >>From 49f753bb197ed2dda9c7958b5acf9d5458d102ef Mon Sep 17 00:00:00 2001 > From: Tetsuo Handa > Date: Fri, 10 Apr 2015 13:57:45 +0900 > Subject: [PATCH] Cleanups for LSM: Multiple concurrent LSMs > > (1) Move definition of SECURITY_NAME_MAX from include/linux/security.h and > include/linux/lsm_hooks.h to security/security.c. > > (2) Drop "#ifdef CONFIG_SECURITY" from include/linux/lsm_hooks.h because > all files which include this file depend on CONFIG_SECURITY=y. > > (3) Drop comment of removed "union security_list_options"->name member. > > (4) Drop cap_netlink_send() which always returns 0. > > (5) Simplify security_add_hooks(), and move it from security/security.c > to include/linux/lsm_hooks.h as an inline function. > > (6) Move prototype of yama_add_hooks() and capability_add_hooks() from > include/linux/security.h to include/linux/lsm_hooks.h, and mark them > as __init functions. > > (7) Move security_delete_hooks() from security/security.c to > security/selinux/hooks.c. > > (8) Update comment of prototype of commoncap functions. > > Signed-off-by: Tetsuo Handa > --- > include/linux/lsm_hooks.h | 33 +++++++++++++++------------------ > include/linux/security.h | 17 ++--------------- > security/commoncap.c | 7 +------ > security/security.c | 28 +++------------------------- > security/selinux/hooks.c | 8 ++++++++ > security/yama/yama_lsm.c | 2 +- > 6 files changed, 30 insertions(+), 65 deletions(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index c86aaf0..3b805de 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -25,19 +25,10 @@ > #define __LINUX_LSM_HOOKS_H > > #include > - > -/* Maximum number of letters for an LSM name string */ > -#define SECURITY_NAME_MAX 10 > - > -#ifdef CONFIG_SECURITY > +#include > +#include > > /** > - * Security module identifier. > - * > - * @name: > - * A string that acts as a unique identifier for the LSM with max number > - * of characters = SECURITY_NAME_MAX. > - * > * Security hooks for program execution operations. > * > * @bprm_set_creds: > @@ -1859,14 +1850,20 @@ struct security_hook_list { > > extern struct security_hook_heads security_hook_heads; > > +static inline void security_add_hooks(struct security_hook_list *hooks, > + int count) > +{ > + int i; > + > + for (i = 0; i < count; i++) > + list_add_tail_rcu(&hooks[i].list, hooks[i].head); > +} > + > /* prototypes */ > -extern int security_module_enable(const char *module); > -extern void security_add_hooks(struct security_hook_list *hooks, int count); > -#ifdef CONFIG_SECURITY_SELINUX_DISABLE > -extern void security_delete_hooks(struct security_hook_list *hooks, int count); > +extern int __init security_module_enable(const char *module); > +extern void __init capability_add_hooks(void); > +#ifdef CONFIG_SECURITY_YAMA_STACKED > +void __init yama_add_hooks(void); > #endif > > -#endif /* CONFIG_SECURITY */ > - > #endif /* ! __LINUX_LSM_HOOKS_H */ > - > diff --git a/include/linux/security.h b/include/linux/security.h > index 04e2a3e..337105f 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -55,9 +55,6 @@ struct xattr; > struct xfrm_sec_ctx; > struct mm_struct; > > -/* Maximum number of letters for an LSM name string */ > -#define SECURITY_NAME_MAX 10 > - > /* If capable should audit the security request */ > #define SECURITY_CAP_NOAUDIT 0 > #define SECURITY_CAP_AUDIT 1 > @@ -70,10 +67,7 @@ struct audit_krule; > struct user_namespace; > struct timezone; > > -/* > - * These functions are in security/capability.c and are used > - * as the default capabilities functions > - */ > +/* These functions are in security/commoncap.c */ > extern int cap_capable(const struct cred *cred, struct user_namespace *ns, > int cap, int audit); > extern int cap_settime(const struct timespec *ts, const struct timezone *tz); > @@ -101,7 +95,6 @@ extern int cap_task_setscheduler(struct task_struct *p); > extern int cap_task_setioprio(struct task_struct *p, int ioprio); > extern int cap_task_setnice(struct task_struct *p, int nice); > extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); > -extern void capability_add_hooks(void); > > struct msghdr; > struct sk_buff; > @@ -116,8 +109,6 @@ struct xfrm_state; > struct xfrm_user_sec_ctx; > struct seq_file; > > -extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); > - > #ifdef CONFIG_MMU > extern unsigned long mmap_min_addr; > extern unsigned long dac_mmap_min_addr; > @@ -1078,7 +1069,7 @@ static inline int security_setprocattr(struct task_struct *p, char *name, void * > > static inline int security_netlink_send(struct sock *sk, struct sk_buff *skb) > { > - return cap_netlink_send(sk, skb); > + return 0; > } > > static inline int security_ismaclabel(const char *name) > @@ -1653,9 +1644,5 @@ static inline void free_secdata(void *secdata) > { } > #endif /* CONFIG_SECURITY */ > > -#ifdef CONFIG_SECURITY_YAMA_STACKED > -void yama_add_hooks(void); > -#endif > - > #endif /* ! __LINUX_SECURITY_H */ > > diff --git a/security/commoncap.c b/security/commoncap.c > index b7f341f..fe76865 100644 > --- a/security/commoncap.c > +++ b/security/commoncap.c > @@ -53,11 +53,6 @@ static void warn_setuid_and_fcaps_mixed(const char *fname) > } > } > > -int cap_netlink_send(struct sock *sk, struct sk_buff *skb) > -{ > - return 0; > -} > - > /** > * cap_capable - Determine whether a task has a particular effective capability > * @cred: The credentials to use > @@ -1005,7 +1000,7 @@ struct security_hook_list capability_hooks[] = { > LSM_HOOK_INIT(vm_enough_memory, cap_vm_enough_memory), > }; > > -void capability_add_hooks(void) > +void __init capability_add_hooks(void) > { > security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks)); > } > diff --git a/security/security.c b/security/security.c > index be10ea4..e9d7171 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -29,6 +29,9 @@ > > #define MAX_LSM_EVM_XATTR 2 > > +/* Maximum number of letters for an LSM name string */ > +#define SECURITY_NAME_MAX 10 > + > /* Boot-time LSM user choice */ > static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = > CONFIG_DEFAULT_SECURITY; > @@ -1888,28 +1891,3 @@ struct security_hook_heads security_hook_heads = { > LIST_HEAD_INIT(security_hook_heads.audit_rule_free), > #endif /* CONFIG_AUDIT */ > }; > - > -void security_add_hooks(struct security_hook_list *hooks, int count) > -{ > - struct security_hook_list *shp; > - int i; > - > - for (i = 0; i < count; i++) { > - INIT_LIST_HEAD(&hooks[i].list); > - shp = list_last_entry(hooks[i].head, > - struct security_hook_list, list); > - list_add_rcu(&hooks[i].list, &shp->list); > - } > -} > - > -#ifdef CONFIG_SECURITY_SELINUX_DISABLE > - > -void security_delete_hooks(struct security_hook_list *hooks, int count) > -{ > - int i; > - > - for (i = 0; i < count; i++) > - list_del_rcu(&hooks[i].list); > -} > - > -#endif /* CONFIG_SECURITY_SELINUX_DISABLE */ > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index 3fd8610..cea78f2 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -6161,6 +6161,14 @@ static void selinux_nf_ip_exit(void) > #ifdef CONFIG_SECURITY_SELINUX_DISABLE > static int selinux_disabled; > > +static void security_delete_hooks(struct security_hook_list *hooks, int count) > +{ > + int i; > + > + for (i = 0; i < count; i++) > + list_del_rcu(&hooks[i].list); > +} > + > int selinux_disable(void) > { > if (ss_initialized) { > diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c > index a6b876d..9ed3250 100644 > --- a/security/yama/yama_lsm.c > +++ b/security/yama/yama_lsm.c > @@ -353,7 +353,7 @@ static struct security_hook_list yama_hooks[] = { > LSM_HOOK_INIT(task_free, yama_task_free), > }; > > -void yama_add_hooks(void) > +void __init yama_add_hooks(void) > { > security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks)); > } > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/