Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp1108080ybk; Sat, 16 May 2020 01:07:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyn3DlyQTRwJzwE//0sWxvO5VFf8CQ3RUkm+U00OkCWGL2fBguFpUTrYdiEaGR4Q4zEKDe5 X-Received: by 2002:a17:906:4c8e:: with SMTP id q14mr6699020eju.208.1589616432670; Sat, 16 May 2020 01:07:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589616432; cv=none; d=google.com; s=arc-20160816; b=dSUKYYg6V3J6dzWEVE/jsjZfmxLPYWkl2BnArNo5hM48KIUtzqyPB/008F+AuBzMHe zQNxKke119dMJgdSTPngr8fa5TwV6g5YdHOVQVdX9uaHZpE5oQO4wA0l7ROpjWN4mnnE QhEIaPzB2XQyqbC+CeKiw2S2W2OgtUzAGU6kWeBj2dMB5J6hCWlArsP1pA11xgXgVVEC S2iD9XmrGTMyW4NIsVDY3PmMmTocf4HakfdEG8AFOTQUEd/puKKhcCISaEccXlgeu2eO uvV0f/N4w6KwhYIzOqsT4P6SmtxzcD+fKFgXNbX9tab91olmFWMrN0NiJtHORAPpGVjz 8ijQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=yFm19SX4lkIU0sEbOsKLFCjvvTWu9D/IWnhHTqvwzgQ=; b=k2IedrPuq2tQVE4JJvVuVOdyXCYJbqLP2kKd9bwLBuOA4+aW/VZPdnASoWPNwRrvY9 FdTV+oPTFSIA2wUgKt9NAB6/S6vyavRVm0ijy2jGOzqtkEAQ9BTU8ooak/oObqi1k3Ej 3tIKDVGL07zw1hVK9f6jx1x7hnx6XrZhDJ7TO03J5FGdFFidHwcHGxKUccssQfXsjr6T TDJA1XZp7UQ40i+GF1x65GfUlUzVVqjZDcrsQ7M8OgIB9UFWWVtd1dfUjReMHbXQb/ai YR/38HD0L0Y4b3SDp7Huoab2PzzVQYgjER60W35Nx9tiZQzc72k9p3hc6mGoLx0OLlrs urIQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 63si840818edn.276.2020.05.16.01.06.46; Sat, 16 May 2020 01:07:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726425AbgEPIFV (ORCPT + 99 others); Sat, 16 May 2020 04:05:21 -0400 Received: from mout.kundenserver.de ([212.227.126.131]:42295 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726202AbgEPIFS (ORCPT ); Sat, 16 May 2020 04:05:18 -0400 Received: from mail-qt1-f169.google.com ([209.85.160.169]) by mrelayeu.kundenserver.de (mreue009 [212.227.15.129]) with ESMTPSA (Nemesis) id 1MOzKm-1jjnzE1jmG-00PLfI; Sat, 16 May 2020 10:05:16 +0200 Received: by mail-qt1-f169.google.com with SMTP id l1so4048449qtp.6; Sat, 16 May 2020 01:05:16 -0700 (PDT) X-Gm-Message-State: AOAM532VibKF4/2/BF6/1duo02ZNy9/sYzv0Xb1UmSyVhdTnzJqWN7rh idN0POucJzbMeRxBjhbMqDuDk/Iq7vjDX71EkvQ= X-Received: by 2002:aed:2441:: with SMTP id s1mr7403983qtc.304.1589616315121; Sat, 16 May 2020 01:05:15 -0700 (PDT) MIME-Version: 1.0 References: <20200512174607.9630-1-anders.roxell@linaro.org> In-Reply-To: From: Arnd Bergmann Date: Sat, 16 May 2020 10:04:58 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] security: fix the default value of secid_to_secctx hook To: Alexei Starovoitov Cc: James Morris , Anders Roxell , Alexei Starovoitov , Daniel Borkmann , LKML , Network Development , bpf Content-Type: text/plain; charset="UTF-8" X-Provags-ID: V03:K1:AqpyKWFvkSAq/chYHJ1S6aFi63tGfszEKAkHOotjMzvBtowJs6y C227rx/0GQGqSl/wm//F/dud78C3k6WYyTK4jUqeqlxG5GJlfhTN6Y65xq4I9Xjvh9WOhQR 81VKpJrO2VMsFnskPWf43X/PPjtfo0sgKhjgoAahIiZhGvSWXUCuSXPKxc4n7NEq/XM/MiT AiveJ68sn0EJGq+FXljGw== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:Ef8iDSEESXM=:AizQ6/FlKghmVlvGaER7GE taNsyzHdlicKO3ETUrtIfcTFHlMLpZGKVHPJqeFMg6xIO8lgff272vptSiiEt0ojTKxkySzvC HD61gLRc/RcI4gQIswx/k0QjpXz8X1uQsY1GArObaWZweKr9gE3uexcY+LPxTQzGvnff/vBeD xiVu2nv6lEjZiTFJ1nTxO8RPwTmC7CDGavazirOzfdFwq2VDoypGXsQojbhWISvUYL0RG3MiN 1TxxEGIO/aNtlxrhHGBcvQl5yUcFtmK0lCR69Y1MJXzVBFf5zzKwf0y2yDe4C/GKmDuyR4rax OjZbOhdo3p95DH90gIU87itdsMPiet5kpm32xT0k13S+kw90eGp6ZCgPZ3uR2q/agm/5fCOQF HCNt3gH2TZma6rSVAXQ5gbtjdktmP1y9JoxUSkb90e+59+Ru3PKGdDSLmFDHs4RXX7sSW523e 6r2Q0STGhNvNYiDmK2k6g0d+OC1tdLrUCFNCsiPkwNw2snXBSTwB6IqKMuUujNID6eky/5CT+ D96AKhP6PvgS3YvLvT3ie2YUMXf2rUzH5yk1WLjDSECeLvI3Ofnc8i8Eo0rxDJrZ9nDJZltX2 OE1sw5H6FKMpckB0Xsk55/uB/AKz17tx9RxTKk4JDobDugC/crG3Y96n9y7kKkApQyoty3PWv fdO0thGG/W3ZYXZFUQDgdCouosXQ+vY4Lsnnx6KBvczIoBIgMZv8JOW4lvFCbuC4EW4wU1iGk aCHyDK11JggIFBJL9wnEWE8Ymb71DpBjfyd/CsJ6WqSyOF2sES/i5p1rdcZvx7UV+9ChFS0Ga uI7uZsUq2lM59TDHVYh5Z4cc6y8+0TRJKuMAtlNpp+2PWiJSOw= Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, May 16, 2020 at 1:29 AM Alexei Starovoitov wrote: > > On Thu, May 14, 2020 at 12:47 PM Alexei Starovoitov > wrote: > > > > On Thu, May 14, 2020 at 12:43 PM James Morris > > wrote: > > > > > > On Wed, 13 May 2020, Alexei Starovoitov wrote: > > > > > > > James, > > > > > > > > since you took the previous similar patch are you going to pick this > > > > one up as well? > > > > Or we can route it via bpf tree to Linus asap. > > > > > > Routing via your tree is fine. > > > > Perfect. > > Applied to bpf tree. Thanks everyone. > > Looks like it was a wrong fix. > It breaks audit like this: > sudo auditctl -e 0 > [ 88.400296] audit: error in audit_log_task_context > [ 88.400976] audit: error in audit_log_task_context > [ 88.401597] audit: type=1305 audit(1589584951.198:89): op=set > audit_enabled=0 old=1 auid=0 ses=1 res=0 > [ 88.402691] audit: type=1300 audit(1589584951.198:89): > arch=c000003e syscall=44 success=yes exit=52 a0=3 a1=7ffe42a37400 > a2=34 a3=0 items=0 ppid=2250 pid=2251 auid=0 uid=0 gid=0 euid=0 suid=0 > fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 se) > [ 88.405587] audit: type=1327 audit(1589584951.198:89): > proctitle=617564697463746C002D650030 > Error sending enable request (Operation not supported) > > when CONFIG_LSM= has "bpf" in it. Do you have more than one LSM enabled? It looks like the problem with security_secid_to_secctx() is now that it returns an error if any of the LSMs fail and the caller expects it to succeed if at least one of them sets the secdata pointer. The problem earlier was that the call succeeded even though no LSM had set the pointer. What is the behavior we actually expect from this function if multiple LSM are loaded? Arnd