Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932520AbbGHLBH (ORCPT <rfc822;w@1wt.eu>);
	Wed, 8 Jul 2015 07:01:07 -0400
Received: from mailout3.w1.samsung.com ([210.118.77.13]:50080 "EHLO
	mailout3.w1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753783AbbGHLBD (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 8 Jul 2015 07:01:03 -0400
MIME-version: 1.0
Content-type: text/plain; charset=UTF-8
X-AuditID: cbfec7f4-f79c56d0000012ee-c6-559d02ec4a6b
Content-transfer-encoding: 8BIT
Message-id: <1436353258.2331.0.camel@samsung.com>
Subject: Re: [RFC 3/8] lsm: kdbus security hooks
From: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
To: Paul Osmialowski <p.osmialowsk@samsung.com>,
        Paul Moore <pmoore@redhat.com>,
        James Morris <james.l.morris@oracle.com>,
        Casey Schaufler <casey@schaufler-ca.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Kees Cook <keescook@chromium.org>,
        Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>,
        Stephen Smalley <sds@tycho.nsa.gov>, Neil Brown <neilb@suse.de>,
        Mark Rustad <mark.d.rustad@intel.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Daniel Mack <daniel@zonque.org>,
        David Herrmann <dh.herrmann@googlemail.com>,
        Djalal Harouni <tixxdz@opendz.org>,
        Shuah Khan <shuahkh@osg.samsung.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-api@vger.kernel.org
Cc: Karol Lewandowski <k.lewandowsk@samsung.com>,
        Lukasz Skalski <l.skalski@samsung.com>
Date: Wed, 08 Jul 2015 13:00:58 +0200
In-reply-to: <1436351110-5902-4-git-send-email-p.osmialowsk@samsung.com>
References: <1436351110-5902-1-git-send-email-p.osmialowsk@samsung.com>
 <1436351110-5902-4-git-send-email-p.osmialowsk@samsung.com>
X-Mailer: Evolution 3.16.3 (3.16.3-2.fc22)
X-Brightmail-Tracker: H4sIAAAAAAAAA02RbUhTYRiGe3fOzo7DwXGpvRkorg/B8gsiXqKkP9VLBIZmoRS59KCiU9lU
	skHNTKwVapoJumXtFOXMjM3UZmbNL2qiq6WFmJUmpKgznfiVmXNE/rt47vt5uOChCbGN9KGT
	0zJZeZo0VUIJScufLlvQBE8bHcrN+aChhiUKXVkZJxFn80Z5XB2FCkciUe6MlkDdN2RI05PL
	Q8b5axSymTQUmr45TCHN5CSFWqpUJCqeeE2gyqtTfDTbvyRAbc0cgXqtPQJU5pgmUfVyI4V6
	V7r4h7xwpeo9iUeLSwW4vzkGv6jV8zD3coyHW7VPBPjxUrsA/xodIHF90RcBtr/qo3BhvR7g
	jlYdhY0WJX5evsrHswZfbPgxyTvhESs8kMCmJmez8pDwOGGStaCPyuhhL7QPPiJU4HOUGrjR
	kNkLv9bnES72htahOkoNhLSYeQjgyvJ14AxEjAdcKB0i1YCmCcYPtn9IcY4JJgCW3NURrv4s
	gA/UiwJXPwz+zn/Hc/JmJhQ2tr0lnUyt8by1ZX3Bkxnjw9rF28B1KRZ2N1atW5DMTmjOm+M7
	2Y3BsKRTs74sZvIB1H/0dJkGwsLlW1QxYCo2+FX896vY4HcPEHrgxWbFZyjOJ8rCghVSmSIr
	LTE4Pl1mAK5XO5oA17nfDBgaSNxF+IwmWsyXZityZGYAaULiKTJZ10aiBGnORVaefk6elcoq
	zGAbTUq2iLQm+0kxkyjNZFNYNoOV/0t5tJuPCnjFhcYN37l8OIbvd9x9JFLe9MbuWND1hhsN
	1KX4KLvDnwvkju04OyDt++6/qjTojvTct+SyNnVReExv13h50aZ9xojhgzWmUY1lCm3NP+37
	zciWt9x/OhPssWtQH2X72caSC5+Cagqqy0JOKRePRjRw25OfNccqA+q0TMfuPRJSkSQNCyTk
	Culf9uP5K+YCAAA=
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 12836
Lines: 420

On śro, 2015-07-08 at 12:25 +0200, Paul Osmialowski wrote:
> This is combination of the work by Karol Lewandowski and Paul Moore
> on LSM hooks for kdbus.
> 
> Originates from:
> 
> git://git.infradead.org/users/pcmoore/selinux (branch: working-kdbus)
> commit: 7050f206a79564886938d0edc4e1e9da5972c72d
> 
> https://github.com/lmctl/linux.git (branch: kdbus-lsm-v4.for-systemd
> -v212)
> commit: a9fe4c33b6e5ab25a243e0590df406aabb6add12
> 
> Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
> Signed-off-by: Paul Moore <pmoore@redhat.com>
> Signed-off-by: Paul Osmialowski <p.osmialowsk@samsung.com>
> ---
>  include/linux/lsm_hooks.h |  67 ++++++++++++++++++++++++++
>  include/linux/security.h  |  99 
> +++++++++++++++++++++++++++++++++++++++
>  security/security.c       | 117 
> ++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 283 insertions(+)
> 
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 9429f05..2a8d8fc 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1297,6 +1297,36 @@
>   *	@inode we wish to get the security context of.
>   *	@ctx is a pointer in which to place the allocated security 
> context.
>   *	@ctxlen points to the place to put the length of @ctx.
> + *
> + * @kdbus_domain_alloc:
> + *	Allocate kdbus domain.
> + * @kdbus_domain_free:
> + *	Deallocate kdbus domain.
> + * @kdbus_bus_alloc:
> + *	Allocate kdbus bus.
> + * @kdbus_bus_free:
> + *	Deallocate kdbus bus.
> + * @kdbus_send:
> + *	Send message.
> + * @kdbus_recv:
> + *	Receive message.
> + * @kdbus_name_acquire:
> + *	Request a well-known bus name to associate with the 
> connection.
> + * @kdbus_name_list:
> + *	Retrieve the list of all currently registered well-known and 
> unique
> + *	names.
> + * @kdbus_ep_create:
> + *	Endpoint create
> + * @kdbus_connect:
> + *	Connect
> + * @kdbus_conn_free:
> + *	Deallocate connection
> + * @kdbus_conn_info:
> + *	Retrieve credentials and properties of the initial creator 
> of the
> + *	connection.
> + * @kdbus_talk:
> + *	Talk to a given peer.
> + *
>   * This is the main security structure.
>   */
>  
> @@ -1520,6 +1550,29 @@ union security_list_options {
>  	int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 
> ctxlen);
>  	int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 
> *ctxlen);
>  
> +	int (*kdbus_domain_alloc)(struct kdbus_domain *domain);
> +	void (*kdbus_domain_free)(struct kdbus_domain *domain);

Shouldn't all of this be inside some #ifdef CONFIG_KDBUS (or whatever
the CONFIG for kdbus is)?

> +
> +	int (*kdbus_bus_alloc)(struct kdbus_bus *bus);
> +	void (*kdbus_bus_free)(struct kdbus_bus *bus);
> +	int (*kdbus_send)(const struct kdbus_conn *conn,
> +			  const struct kdbus_bus *bus);
> +	int (*kdbus_recv)(const struct kdbus_conn *conn,
> +			  const struct kdbus_bus *bus);
> +	int (*kdbus_name_acquire)(const struct kdbus_conn *conn,
> +			  const char *name);
> +	int (*kdbus_name_list)(const struct kdbus_bus *bus);
> +
> +	int (*kdbus_ep_create)(const struct kdbus_bus *bus);
> +	int (*kdbus_ep_setpolicy)(const struct kdbus_bus *bus);
> +
> +	int (*kdbus_connect)(struct kdbus_conn *conn,
> +			     const char *secctx, u32 seclen);
> +	void (*kdbus_conn_free)(struct kdbus_conn *conn);
> +	int (*kdbus_conn_info)(const struct kdbus_conn *conn);
> +	int (*kdbus_talk)(const struct kdbus_conn *src,
> +			  const struct kdbus_conn *dst);
> +
>  #ifdef CONFIG_SECURITY_NETWORK
>  	int (*unix_stream_connect)(struct sock *sock, struct sock 
> *other,
>  					struct sock *newsk);
> @@ -1760,6 +1813,20 @@ struct security_hook_heads {
>  	struct list_head inode_notifysecctx;
>  	struct list_head inode_setsecctx;
>  	struct list_head inode_getsecctx;
> +	struct list_head kdbus_domain_alloc;
> +	struct list_head kdbus_domain_free;
> +	struct list_head kdbus_bus_alloc;
> +	struct list_head kdbus_bus_free;
> +	struct list_head kdbus_send;
> +	struct list_head kdbus_recv;
> +	struct list_head kdbus_name_acquire;
> +	struct list_head kdbus_name_list;
> +	struct list_head kdbus_ep_create;
> +	struct list_head kdbus_ep_setpolicy;
> +	struct list_head kdbus_connect;
> +	struct list_head kdbus_conn_free;
> +	struct list_head kdbus_conn_info;
> +	struct list_head kdbus_talk;
>  #ifdef CONFIG_SECURITY_NETWORK
>  	struct list_head unix_stream_connect;
>  	struct list_head unix_may_send;
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 79d85dd..5f257b9 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -53,6 +53,10 @@ struct msg_queue;
>  struct xattr;
>  struct xfrm_sec_ctx;
>  struct mm_struct;
> +struct kdbus_ep;
> +struct kdbus_bus;
> +struct kdbus_conn;
> +struct kdbus_domain;
>  
>  /* If capable should audit the security request */
>  #define SECURITY_CAP_NOAUDIT 0
> @@ -356,6 +360,28 @@ void security_release_secctx(char *secdata, u32 
> seclen);
>  int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 
> ctxlen);
>  int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 
> ctxlen);
>  int security_inode_getsecctx(struct inode *inode, void **ctx, u32 
> *ctxlen);
> +
> +int security_kdbus_domain_alloc(struct kdbus_domain *domain);
> +void security_kdbus_domain_free(struct kdbus_domain *domain);
> +
> +int security_kdbus_bus_alloc(struct kdbus_bus *bus);
> +void security_kdbus_bus_free(struct kdbus_bus *bus);
> +int security_kdbus_send(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus);
> +int security_kdbus_recv(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus);
> +int security_kdbus_name_acquire(const struct kdbus_conn *conn,
> +				const char *name);
> +int security_kdbus_name_list(const struct kdbus_bus *bus);
> +int security_kdbus_ep_create(struct kdbus_bus *bus);
> +int security_kdbus_ep_setpolicy(struct kdbus_bus *bus);
> +int security_kdbus_connect(struct kdbus_conn *conn,
> +			   const char *secctx, u32 seclen);
> +void security_kdbus_conn_free(struct kdbus_conn *conn);
> +int security_kdbus_conn_info(const struct kdbus_conn *conn);
> +int security_kdbus_talk(const struct kdbus_conn *src,
> +			const struct kdbus_conn *dst);
> +
>  #else /* CONFIG_SECURITY */
>  struct security_mnt_opts {
>  };
> @@ -1105,6 +1131,79 @@ static inline int 
> security_inode_getsecctx(struct inode *inode, void **ctx, u32
>  {
>  	return -EOPNOTSUPP;
>  }
> +
> +static inline int security_kdbus_domain_alloc(struct kdbus_domain 
> *domain)
> +{
> +	return 0;
> +}
> +
> +static inline void security_kdbus_domain_free(struct kdbus_domain 
> *domain)
> +{
> +}
> +
> +static inline int security_kdbus_bus_alloc(struct kdbus_bus *bus)
> +{
> +	return 0;
> +}
> +
> +static inline void security_kdbus_bus_free(struct kdbus_bus *bus)
> +{
> +}
> +
> +static inline int security_kdbus_send(const struct kdbus_conn *conn,
> +				      const struct kdbus_bus *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_recv(const struct kdbus_conn *conn,
> +				      const struct kdbus_bus *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_name_acquire(const struct 
> kdbus_conn *conn,
> +					      const char *name)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_name_list(const struct kdbus_bus 
> *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_ep_create(const struct kdbus_bus 
> *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_ep_setpolicy(const struct kdbus_bus 
> *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_connect(struct kdbus_conn *conn,
> +					 const char *secctx, u32 
> seclen)
> +{
> +	return 0;
> +}
> +
> +static inline void security_kdbus_conn_free(struct kdbus_conn *conn)
> +{
> +}
> +
> +static inline int security_kdbus_conn_info(const struct kdbus_conn 
> *conn)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_talk(const struct kdbus_conn *src,
> +				      const struct kdbus_conn *dst)
> +{
> +	return 0;
> +}
> +
>  #endif	/* CONFIG_SECURITY */
>  
>  #ifdef CONFIG_SECURITY_NETWORK
> diff --git a/security/security.c b/security/security.c
> index b1e935b..7fb46d1 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -1185,6 +1185,95 @@ int security_inode_getsecctx(struct inode 
> *inode, void **ctx, u32 *ctxlen)
>  }
>  EXPORT_SYMBOL(security_inode_getsecctx);
>  
> +int security_kdbus_domain_alloc(struct kdbus_domain *domain)
> +{
> +	return call_int_hook(kdbus_domain_alloc, 0, domain);
> +}
> +EXPORT_SYMBOL(security_kdbus_domain_alloc);
> +
> +void security_kdbus_domain_free(struct kdbus_domain *domain)
> +{
> +	call_void_hook(kdbus_domain_free, domain);
> +}
> +EXPORT_SYMBOL(security_kdbus_domain_free);
> +
> +int security_kdbus_bus_alloc(struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_bus_alloc, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_bus_alloc);
> +
> +void security_kdbus_bus_free(struct kdbus_bus *bus)
> +{
> +	call_void_hook(kdbus_bus_free, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_bus_free);
> +
> +int security_kdbus_send(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_send, 0, conn, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_send);
> +
> +int security_kdbus_recv(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_recv, 0, conn, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_recv);
> +
> +int security_kdbus_name_acquire(const struct kdbus_conn *conn,
> +				const char *name)
> +{
> +	return call_int_hook(kdbus_name_acquire, 0, conn, name);
> +}
> +EXPORT_SYMBOL(security_kdbus_name_acquire);
> +
> +int security_kdbus_name_list(const struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_name_list, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_name_list);
> +
> +int security_kdbus_ep_create(struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_ep_create, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_ep_create);
> +
> +int security_kdbus_ep_setpolicy(struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_ep_setpolicy, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_ep_setpolicy);
> +
> +int security_kdbus_connect(struct kdbus_conn *conn,
> +			   const char *secctx, u32 seclen)
> +{
> +	return call_int_hook(kdbus_connect, 0, conn, secctx, 
> seclen);
> +}
> +EXPORT_SYMBOL(security_kdbus_connect);
> +
> +void security_kdbus_conn_free(struct kdbus_conn *conn)
> +{
> +	call_void_hook(kdbus_conn_free, conn);
> +}
> +EXPORT_SYMBOL(security_kdbus_conn_free);
> +
> +int security_kdbus_conn_info(const struct kdbus_conn *conn)
> +{
> +	return call_int_hook(kdbus_conn_info, 0, conn);
> +}
> +EXPORT_SYMBOL(security_kdbus_conn_info);
> +
> +int security_kdbus_talk(const struct kdbus_conn *src,
> +			const struct kdbus_conn *dst)
> +{
> +	return call_int_hook(kdbus_talk, 0, src, dst);
> +}
> +EXPORT_SYMBOL(security_kdbus_talk);
> +
>  #ifdef CONFIG_SECURITY_NETWORK
>  
>  int security_unix_stream_connect(struct sock *sock, struct sock 
> *other, struct sock *newsk)
> @@ -1774,6 +1863,34 @@ struct security_hook_heads security_hook_heads 
> = {
>  		LIST_HEAD_INIT(security_hook_heads.inode_setsecctx),
>  	.inode_getsecctx =
>  		LIST_HEAD_INIT(security_hook_heads.inode_getsecctx),
> +	.kdbus_domain_alloc =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_domain_allo
> c),
> +	.kdbus_domain_free =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_domain_free
> ),
> +	.kdbus_bus_alloc =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_bus_alloc),
> +	.kdbus_bus_free =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_bus_free),
> +	.kdbus_send =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_send),
> +	.kdbus_recv =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_recv),
> +	.kdbus_name_acquire =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_name_acquir
> e),
> +	.kdbus_name_list =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_name_list),
> +	.kdbus_ep_create =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_ep_create),
> +	.kdbus_ep_setpolicy =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_ep_setpolic
> y),
> +	.kdbus_connect =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_connect),
> +	.kdbus_conn_free =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_conn_free),
> +	.kdbus_conn_info =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_conn_info),
> +	.kdbus_talk =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_talk),
>  #ifdef CONFIG_SECURITY_NETWORK
>  	.unix_stream_connect =
>  		LIST_HEAD_INIT(security_hook_heads.unix_stream_conne
> ct),
-- 
Lukasz Pawelczyk
Samsung R&D Institute Poland
Samsung Electronics



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/