Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp770810ybl; Fri, 30 Aug 2019 07:00:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqwMN/I3YTgav1S5lxY4t9OSDgdia2YkPiY1E0HuX1ibaQa2ZBHc6bdrK/9rUu4UE+QD41An X-Received: by 2002:a17:90a:77c9:: with SMTP id e9mr14956678pjs.141.1567173617050; Fri, 30 Aug 2019 07:00:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567173617; cv=none; d=google.com; s=arc-20160816; b=WCYrE5GLoQQ75VPOSyYwUbsR0OCcCi4VyoO4/d9mJm3sCheplrZmxax5JF2Hrd1cc4 oEh4YshM6emsLkkXlMRYn/OI7bBsF7to9J4PXadPYJHhAv+o7LL3UMjDXS5Nipu7M5vy mlxjrjYiB3riYjbo1oGXsMYpbVPL1a3pPCTmCbzi3H2Plegw3ujSOJ+tMhMriIrxdBxW TY/CYS+KOXHcNYyOvg4nepFZRZDvvBYnlHJsVaC0//qDZQ5xvkyEjEXF3tJTqrQ3feUA LHr119DBAJDZvXTke9QRyjQukmGMLLGhQZjhU2tigFnCWyzRIXU+FZGERyMbR8N1Cmuy u8yA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:cc:to:from :subject:organization; bh=YqJrdOgGnQlltQRl3arC1hY/g4mbj0rl36B10bMr+PM=; b=GoJSs5Hoj819i/H/0UJ/XRg/JaS5x/vl3WMjDRbf7DbIKHMYsx05E+dR93rXwBCykq Yrzq8G4UgAXzEHYzpY7wM06zXbcReX5j21hawSk/h0lSEhnoHg6VS5gIs8MZ+nRZBdra o+/OHxCo2r3NHrB80G7mKGyr5Ti/dWp0M1RjLDhsbtuGnAYRG+y55816dWpCmfRiS/mT urfk1RXzyl3C/8ND2NYct5IL9xgnhY7bi1yQprEa2VSEnRoR4S03mxkK1sAVKyo//96q 5TstiabjmZnqRCSRcZ0jEbChs1PDnr/onyZVj/KPnO7c7c2MfUhsaueu84OKlhCuAamo 4hrw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 185si5971104pfa.40.2019.08.30.07.00.02; Fri, 30 Aug 2019 07:00:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728445AbfH3N6p (ORCPT + 99 others); Fri, 30 Aug 2019 09:58:45 -0400 Received: from mx1.redhat.com ([209.132.183.28]:57144 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727888AbfH3N6o (ORCPT ); Fri, 30 Aug 2019 09:58:44 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EE25D51EE8; Fri, 30 Aug 2019 13:58:43 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-120-255.rdu2.redhat.com [10.10.120.255]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7D65961376; Fri, 30 Aug 2019 13:58:41 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7] From: David Howells To: viro@zeniv.linux.org.uk Cc: dhowells@redhat.com, Casey Schaufler , Stephen Smalley , Greg Kroah-Hartman , nicolas.dichtel@6wind.com, raven@themaw.net, Christian Brauner , dhowells@redhat.com, keyrings@vger.kernel.org, linux-usb@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org, linux-block@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 30 Aug 2019 14:58:40 +0100 Message-ID: <156717352079.2204.16378075382991665807.stgit@warthog.procyon.org.uk> In-Reply-To: <156717343223.2204.15875738850129174524.stgit@warthog.procyon.org.uk> References: <156717343223.2204.15875738850129174524.stgit@warthog.procyon.org.uk> User-Agent: StGit/unknown-version MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Fri, 30 Aug 2019 13:58:44 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Implement the watch_key security hook to make sure that a key grants the caller View permission in order to set a watch on a key. For the moment, the watch_devices security hook is left unimplemented as it's not obvious what the object should be since the queue is global and didn't previously exist. Signed-off-by: David Howells --- security/selinux/hooks.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 74dd46de01b6..a63249ad98ab 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6533,6 +6533,17 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) *_buffer = context; return rc; } + +#ifdef CONFIG_KEY_NOTIFICATIONS +static int selinux_watch_key(struct key *key) +{ + struct key_security_struct *ksec = key->security; + u32 sid = cred_sid(current_cred()); + + return avc_has_perm(&selinux_state, + sid, ksec->sid, SECCLASS_KEY, KEY_NEED_VIEW, NULL); +} +#endif #endif #ifdef CONFIG_SECURITY_INFINIBAND @@ -6965,6 +6976,9 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(key_free, selinux_key_free), LSM_HOOK_INIT(key_permission, selinux_key_permission), LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), +#ifdef CONFIG_KEY_NOTIFICATIONS + LSM_HOOK_INIT(watch_key, selinux_watch_key), +#endif #endif #ifdef CONFIG_AUDIT