Received: by 10.223.185.116 with SMTP id b49csp5467201wrg; Wed, 7 Mar 2018 12:15:32 -0800 (PST) X-Google-Smtp-Source: AG47ELsdCmFDVhGggk5UhNPnkNuMvcW33hwElBfnEy+2eCyxLVDUpIFs2c8r5ywvIVmXY09r97sq X-Received: by 10.167.131.86 with SMTP id z22mr23874349pfm.185.1520453732758; Wed, 07 Mar 2018 12:15:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520453732; cv=none; d=google.com; s=arc-20160816; b=COQk/4zJfExt4hp84j71oozStkxhpVWZSLntQKq5m9aNTCgXZ+uzHVApTc5p+bJWiW hmXMItW33Z60KgXj7oDX9Vk339n/43sd5MD8g9UQxj0TbsBT1BAZzhr5eO5Gyfiv71UJ WX87g1J1sudSwaZaH2CaBr127suLPNAhKALH4c4ak/nNjCR4qcn6XjXi9kDLZtO1GTD8 TPOXh++nAfkgXS0Pw9y5+FUjb+C/EDc7dFe3k3Vk1eomsaxpSu/RrwQ61OjvToyYzPMf Xmd0AsUUu6Ao7trk0C0kzt/u+xUG0wJITi7e4W4TTAoX1Cv/HFGLrBI//xUWS6L/CIGA 3v/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dmarc-filter:arc-authentication-results; bh=u9t4DavB8r8KyLFQlFPsZeU034bB5jM/Z/Kk8yr1Y5Y=; b=xkQkN5g7l7WnucXDM9yDjCBhqnyQ5D9H8hdR4JjTmiIE1ibf9q/zqGPigUrM6CEpuP znTC7+o60W1q18oQ3Tzcjn8LIkMP9L/hChb4tyRVCkQsAax6uVM66RMUYTh2iSqFQK7M noW5OcxeZkhbZBu3azri58xVrPL/dWdk92AuFm/u+D7xVOZtFg/UYQ9B1QaHe7TevrsW axHt96gJe7ovE4n1v9rSR9pcV6yAvvPdiM9wvm9NZEQfsO+BbsW0Nt1jQS4wET2DkCWO tJOTBBBCAZ4/Ucu3NsCTCy6XkqCR7kZLsXnXu/xkXZoY4O+Xil4tNlC5uI0voghepIw/ xlhg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k72si11858015pge.131.2018.03.07.12.15.18; Wed, 07 Mar 2018 12:15:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965288AbeCGUOU (ORCPT + 99 others); Wed, 7 Mar 2018 15:14:20 -0500 Received: from mail.kernel.org ([198.145.29.99]:54358 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S935049AbeCGUOQ (ORCPT ); Wed, 7 Mar 2018 15:14:16 -0500 Received: from redbean (ip5f5adbb0.dynamic.kabel-deutschland.de [95.90.219.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 9C40C20685; Wed, 7 Mar 2018 20:14:14 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9C40C20685 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=jeyu@kernel.org Date: Wed, 7 Mar 2018 21:14:11 +0100 From: Jessica Yu To: Jia Zhang Cc: linux-kernel@vger.kernel.org Subject: Re: [PATCH 3/4] module: Support to show the current enforcement policy Message-ID: <20180307201408.ssuzsmbatntk67yz@redbean> References: <1519895346-7961-1-git-send-email-zhang.jia@linux.alibaba.com> <1519895346-7961-3-git-send-email-zhang.jia@linux.alibaba.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <1519895346-7961-3-git-send-email-zhang.jia@linux.alibaba.com> X-OS: Linux redbean 4.15.0-next-20180207 x86_64 User-Agent: NeoMutt/20171215 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +++ Jia Zhang [01/03/18 17:09 +0800]: >/sys/kernel/security/modsign/enforce gives the result of current >enforcement policy of loading module. > >Signed-off-by: Jia Zhang Why is this being added as part of securityfs? AFAIK that's primarily used by LSMs. And we already export sig_enforce to sysfs (See /sys/module/module/parameters/sig_enforce). It already does exactly what your patchset tries to do, it only allows for enablement. Jessica >--- > kernel/module.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 55 insertions(+) > >diff --git a/kernel/module.c b/kernel/module.c >index 79825ea..e3c6c8e 100644 >--- a/kernel/module.c >+++ b/kernel/module.c >@@ -2794,11 +2794,60 @@ static int module_sig_check(struct load_info *info, int flags) > > return err; > } >+ >+#ifdef CONFIG_SECURITYFS >+static ssize_t modsign_enforce_read(struct file *filp, char __user *ubuf, >+ size_t count, loff_t *offp) >+{ >+ char buf[2]; >+ >+ sprintf(buf, "%d", !!sig_enforce); >+ >+ return simple_read_from_buffer(ubuf, count, offp, buf, 1); >+} >+ >+static const struct file_operations modsign_enforce_ops = { >+ .read = modsign_enforce_read, >+ .llseek = generic_file_llseek, >+}; >+ >+static int __init securityfs_init(void) >+{ >+ struct dentry *modsign_dir; >+ struct dentry *enforce; >+ >+ modsign_dir = securityfs_create_dir("modsign", NULL); >+ if (IS_ERR(modsign_dir)) >+ return -1; >+ >+ enforce = securityfs_create_file("enforce", >+ S_IRUSR | S_IRGRP, modsign_dir, >+ NULL, &modsign_enforce_ops); >+ if (IS_ERR(enforce)) >+ goto out; >+ >+ return 0; >+out: >+ securityfs_remove(modsign_dir); >+ >+ return -1; >+} >+#else /* !CONFIG_SECURITYFS */ >+static int __init securityfs_init(void) >+{ >+ return 0; >+} >+#endif > #else /* !CONFIG_MODULE_SIG */ > static int module_sig_check(struct load_info *info, int flags) > { > return 0; > } >+ >+static int __init securityfs_init(void) >+{ >+ return 0; >+} > #endif /* !CONFIG_MODULE_SIG */ > > /* Sanity checks against invalid binaries, wrong arch, weird elf version. */ >@@ -4395,8 +4444,14 @@ void module_layout(struct module *mod, > > static int __init initialize_module(void) > { >+ int ret; >+ > proc_modules_init(); > >+ ret = securityfs_init(); >+ if (unlikely(ret)) >+ return ret; >+ > return 0; > } > module_init(initialize_module); >-- >1.8.3.1 >