Received: by 2002:a17:90a:bc8d:0:0:0:0 with SMTP id x13csp1511636pjr; Mon, 18 May 2020 15:06:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwagqbdAcFLBx46UkaZs+mWbi1yrvIT218+SS/q0kJ0GavSCNeoldm1z4E01iy+JaF9tZ+p X-Received: by 2002:a17:907:1106:: with SMTP id qu6mr17227150ejb.321.1589839590897; Mon, 18 May 2020 15:06:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589839590; cv=none; d=google.com; s=arc-20160816; b=kzYe0r6fNDea/DbbGQuO4P4VhKTNlLNUrCkPECkJ0ffEgFsJhJApDc/haZGsEAHfd2 eyzhaLNauDpwA9gnOCoRQEpFT3N/R9aeDFbNMsdUUC7D/Dq1/yBeCM0tOuZJ774a5AGR XnxM2IbGlmAhYivetL6wuNMSUICcjZ4s6vXjLApncHu60xS2shPGKuTAyWAOGFFjOeX/ XH7FpsWHUggJkLRmUn8K0rFBZAGX60DAjFV/iLppUyI60yoOe5evcDGdDi8awKulNZMD 4lNoXSXBFcQGWzwXoP8UG1QILLCymz5+1/+sD1otBhMa/Sb8CCwuAQfIxG/yEHX6sRQk CCuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:from:references:cc:to:subject:dkim-signature; bh=w2GNADR29FSgPiHfCduH+ZLBT4nS5ZBtv5uk2h/Vz5Y=; b=xBFbeRYxqHhKkQtHgYzq9BYfDEBp+ZTZGf7Zh2ozP7Z23XuUepuxy6hUzYhe8x518z LbvRD4P5rKsKQy0GIZhS80mOeRMfYr1Pr7LQA1ShJ1f8tMf1KUuUYH5yTXI0FFRrfDQW jS/5msAFUs0u9nAczp8ZFLJofdF1PxCoR9qgOLYHcm0xKWFT588CulVfJf4yjoJiblRB ks43GGlFfkc4RPX+DvvbZ+j02Dp74pcHVND+epMEXIwx0s6MgYE2/gTs0/l9HJJW/Hf7 hXW5CDOrLAlddF9VlsAH6C1oSuBfluD5TegFSCvQDPlGU1XJxxcJkAOfR4VzYhZunimP TRDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Buwh9S0d; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q18si6943344ejf.417.2020.05.18.15.06.06; Mon, 18 May 2020 15:06:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Buwh9S0d; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728115AbgERWCP (ORCPT + 99 others); Mon, 18 May 2020 18:02:15 -0400 Received: from sonic307-16.consmr.mail.ne1.yahoo.com ([66.163.190.39]:32784 "EHLO sonic307-16.consmr.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726640AbgERWCP (ORCPT ); Mon, 18 May 2020 18:02:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1589839333; bh=w2GNADR29FSgPiHfCduH+ZLBT4nS5ZBtv5uk2h/Vz5Y=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=Buwh9S0dbCi+tZIQqs+SF0dxlTd5yebOlUwUyGY99e7PPgoNQAElipsPMuFeUh4MMeALZ9zul3/5S6FAOoUX1OXJwMCHkLZ4OnHCd5sH6n/aKDv+8A81G7SqleD84wQ3ZG4eSJ+20wBInlyWOLTz911KdfJOE1s9ZbcPyXt7vTqZfFSVvyvGm/uzYgYpRSYNf2hYkUHG1zantRKbftXzuo3Y4TSquIctUSu0JHpaYNZTf7yTSaC+3XjO/u6XDKwyXOjFJykELUvE//0zuHb7Eks7C0774RUiboi9YKRyY4GL07XFL8MzyQj7N2dMwwIIOvpD5DlAzuLVppkxQi3DKw== X-YMail-OSG: LTWQmxQVM1m4gPSvrOIoe.jWoyKnOdwfylVIrDlXFm9Yni5sJZ3UwfgMqPRQ5Xz PXZAbcAZUJPFcsnJL6kLPuse.pJr0thq09lQvz_7eIB2OPeNNNkwBIkiOX_Vwr8emUKmME5tdtIJ jzHlCNdt.y8juHjWRy9pICpKMJZSUldh5Db0ny9qqCm1GbnTfd61epnWlLqS6vS__hQAJ9yYuFAw gTzTE2104ctN4xvqIcc_RR9KmFWewIcQUn3bJFWnZuRpuYW_S2d.HfV13738VRTjp1plDE7kGL7r 7DLpSjaQmzBVW5cxYquVN45srvYe0intAKujbO8bP8lObvNFtHGc6cKEb0TLdM0WAESmwz9zPpG9 363FyOEF2bMKfpvqmJFKl..abSFx59ytMSJpQJZX8kmFEqE1v4aNQD3RJqNzD_TQNGTu1apIFVJE TWOBEV8f4._g55c07eGLYPkM8azkc2RI.YRmSr8AZPl0rYzNCp8L6Y6eMe9E7BS1nTTmS6NWDf5i Z1B.2uNnfpgugm3eRlTQG30YQX4iP6QjWls4ISYDZTVzsF6z3KUWC_0cO0N34QsNU6kVfGwD86it W9L6KFmLzDUac.WjkJVXbznzVg8atEutuFEkNZpJCQRNa66L8fXfj9d.TDV1f3mku8_NX5iskO7Y eHUExuWpmo6mjAffH_IJPnpB5SdHLfldsG2pVhImLxjWYe5Z94XppBJsjshHy4q_ny__cOuMFVtO f0u5dIuJXFPE9gVTHEFdwkULe2kv8OPkLI3VjXzHI4GKTrl2vzLwgd6FLDiMZC0BNbEJhdz_sA_e d1Lh2mW2A5YPsgg3zmHwd2Mh4mrF_Qv.TxPqp7aX1OM4trP32bmiPlDdGZG3cH1euDM2zTi3RGGR gVLU4Dc4duDs5yPS8bNlIrqW2Rdfp6OiUfFo61LTWsnldzZcAvHqkgRVIZAKZWziI38IU5T2Ru_y XKe5CR7vkpOnDV9J5mgdXnOTz0DXSJREP7olpXmLhp2qC1s2tfNz5yF18MWfMP9D3kk87qty0JXI x8OBCs.Ngr2QCX6nKt532PDUjGNBxd0OaXB4dn6._EF23NxsY0Fl1Qn_cOAtLooG_IuuQlWvutB0 QPSRC6vGQ87l6MA3iFXh24HZ5OUe40xlCn0UkLhbNWPoPft5_.jiOMsb2909zIxJF4.Q7sMyfIK_ CICbb8XsSva7oX1bW0pbNOwt3MWSKeApnKOp2J0AaOdgp.iDLftJW95ODxgMLrJdizp4SUnHLc3R EnfHcadnGEhaKt2_H7VY5MwADvEHtFgleSWrjlAt.j6PYJn5XC1DzddV5Y3MqDASKNSq6aLskM2q BuPdj1MZr4dqJjDD1f6riF00D6sMNeQL4neUXhKz0EZqfs3kSpLTPgoaKjYtOC26KvCNvDdxZZS1 oVKw5b0iOHIWA_fnGotjkQhIAv6e5x_wkwOs.Mn2c7.wKpRJWCt8IVJD7 Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Mon, 18 May 2020 22:02:13 +0000 Received: by smtp402.mail.ne1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 42800f23a3e897a736c226c69e116c36; Mon, 18 May 2020 22:02:10 +0000 (UTC) Subject: Re: [PATCH] security: fix the default value of secid_to_secctx hook To: "Schaufler, Casey" , Arnd Bergmann , Alexei Starovoitov Cc: James Morris , Anders Roxell , Alexei Starovoitov , Daniel Borkmann , LKML , Network Development , bpf , linux-security-module , Casey Schaufler References: <20200512174607.9630-1-anders.roxell@linaro.org> From: Casey Schaufler Autocrypt: addr=casey@schaufler-ca.com; keydata= mQINBFzV9HABEAC/mmv3jeJyF7lR7QhILYg1+PeBLIMZv7KCzBSc/4ZZipoWdmr77Lel/RxQ 1PrNx0UaM5r6Hj9lJmJ9eg4s/TUBSP67mTx+tsZ1RhG78/WFf9aBe8MSXxY5cu7IUwo0J/CG vdSqACKyYPV5eoTJmnMxalu8/oVUHyPnKF3eMGgE0mKOFBUMsb2pLS/enE4QyxhcZ26jeeS6 3BaqDl1aTXGowM5BHyn7s9LEU38x/y2ffdqBjd3au2YOlvZ+XUkzoclSVfSR29bomZVVyhMB h1jTmX4Ac9QjpwsxihT8KNGvOM5CeCjQyWcW/g8LfWTzOVF9lzbx6IfEZDDoDem4+ZiPsAXC SWKBKil3npdbgb8MARPes2DpuhVm8yfkJEQQmuLYv8GPiJbwHQVLZGQAPBZSAc7IidD2zbf9 XAw1/SJGe1poxOMfuSBsfKxv9ba2i8hUR+PH7gWwkMQaQ97B1yXYxVEkpG8Y4MfE5Vd3bjJU kvQ/tOBUCw5zwyIRC9+7zr1zYi/3hk+OG8OryZ5kpILBNCo+aePeAJ44znrySarUqS69tuXd a3lMPHUJJpUpIwSKQ5UuYYkWlWwENEWSefpakFAIwY4YIBkzoJ/t+XJHE1HTaJnRk6SWpeDf CreF3+LouP4njyeLEjVIMzaEpwROsw++BX5i5vTXJB+4UApTAQARAQABtChDYXNleSBTY2hh dWZsZXIgPGNhc2V5QHNjaGF1Zmxlci1jYS5jb20+iQJUBBMBCAA+FiEEC+9tH1YyUwIQzUIe OKUVfIxDyBEFAlzV9HACGwMFCRLMAwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQOKUV fIxDyBG6ag/6AiRl8yof47YOEVHlrmewbpnlBTaYNfJ5cZflNRKRX6t4bp1B2YV1whlDTpiL vNOwFkh+ZE0eI5M4x8Gw2Oiok+4Q5liA9PHTozQYF+Ia+qdL5EehfbLGoEBqklpGvG3h8JsO 7SvONJuFDgvab/U/UriDYycJwzwKZuhVtK9EMpnTtUDyP3DY+Q8h7MWsniNBLVXnh4yBIEJg SSgDn3COpZoFTPGKE+rIzioo/GJe8CTa2g+ZggJiY/myWTS3quG0FMvwvNYvZ4I2g6uxSl7n bZVqAZgqwoTAv1HSXIAn9muwZUJL03qo25PFi2gQmX15BgJKQcV5RL0GHFHRThDS3IyadOgK P2j78P8SddTN73EmsG5OoyzwZAxXfck9A512BfVESqapHurRu2qvMoUkQaW/2yCeRQwGTsFj /rr0lnOBkyC6wCmPSKXe3dT2mnD5KnCkjn7KxLqexKt4itGjJz4/ynD/qh+gL7IPbifrQtVH JI7cr0fI6Tl8V6efurk5RjtELsAlSR6fKV7hClfeDEgLpigHXGyVOsynXLr59uE+g/+InVic jKueTq7LzFd0BiduXGO5HbGyRKw4MG5DNQvC//85EWmFUnDlD3WHz7Hicg95D+2IjD2ZVXJy x3LTfKWdC8bU8am1fi+d6tVEFAe/KbUfe+stXkgmfB7pxqW5Ag0EXNX0cAEQAPIEYtPebJzT wHpKLu1/j4jQcke06Kmu5RNuj1pEje7kX5IKzQSs+CPH0NbSNGvrA4dNGcuDUTNHgb5Be9hF zVqRCEvF2j7BFbrGe9jqMBWHuWheQM8RRoa2UMwQ704mRvKr4sNPh01nKT52ASbWpBPYG3/t WbYaqfgtRmCxBnqdOx5mBJIBh9Q38i63DjQgdNcsTx2qS7HFuFyNef5LCf3jogcbmZGxG/b7 yF4OwmGsVc8ufvlKo5A9Wm+tnRjLr/9Mn9vl5Xa/tQDoPxz26+aWz7j1in7UFzAarcvqzsdM Em6S7uT+qy5jcqyuipuenDKYF/yNOVSNnsiFyQTFqCPCpFihOnuaWqfmdeUOQHCSo8fD4aRF emsuxqcsq0Jp2ODq73DOTsdFxX2ESXYoFt3Oy7QmIxeEgiHBzdKU2bruIB5OVaZ4zWF+jusM Uh+jh+44w9DZkDNjxRAA5CxPlmBIn1OOYt1tsphrHg1cH1fDLK/pDjsJZkiH8EIjhckOtGSb aoUUMMJ85nVhN1EbU/A3DkWCVFEA//Vu1+BckbSbJKE7Hl6WdW19BXOZ7v3jo1q6lWwcFYth esJfk3ZPPJXuBokrFH8kqnEQ9W2QgrjDX3et2WwZFLOoOCItWxT0/1QO4ikcef/E7HXQf/ij Dxf9HG2o5hOlMIAkJq/uLNMvABEBAAGJAjwEGAEIACYWIQQL720fVjJTAhDNQh44pRV8jEPI EQUCXNX0cAIbDAUJEswDAAAKCRA4pRV8jEPIEWkzEACKFUnpp+wIVHpckMfBqN8BE5dUbWJc GyQ7wXWajLtlPdw1nNw0Wrv+ob2RCT7qQlUo6GRLcvj9Fn5tR4hBvR6D3m8aR0AGHbcC62cq I7LjaSDP5j/em4oVL2SMgNTrXgE2w33JMGjAx9oBzkxmKUqprhJomPwmfDHMJ0t7y39Da724 oLPTkQDpJL1kuraM9TC5NyLe1+MyIxqM/8NujoJbWeQUgGjn9uxQAil7o/xSCjrWCP3kZDID vd5ZaHpdl8e1mTExQoKr4EWgaMjmD/a3hZ/j3KfTVNpM2cLfD/QwTMaC2fkK8ExMsz+rUl1H icmcmpptCwOSgwSpPY1Zfio6HvEJp7gmDwMgozMfwQuT9oxyFTxn1X3rn1IoYQF3P8gsziY5 qtTxy2RrgqQFm/hr8gM78RhP54UPltIE96VywviFzDZehMvuwzW//fxysIoK97Y/KBZZOQs+ /T+Bw80Pwk/dqQ8UmIt2ffHEgwCTbkSm711BejapWCfklxkMZDp16mkxSt2qZovboVjXnfuq wQ1QL4o4t1hviM7LyoflsCLnQFJh6RSBhBpKQinMJl/z0A6NYDkQi6vEGMDBWX/M2vk9Jvwa v0cEBfY3Z5oFgkh7BUORsu1V+Hn0fR/Lqq/Pyq+nTR26WzGDkolLsDr3IH0TiAVH5ZuPxyz6 abzjfg== Message-ID: <9d0eb6c6-803a-ff3a-5603-9ad6d9edfc00@schaufler-ca.com> Date: Mon, 18 May 2020 15:02:09 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: en-US X-Mailer: WebService/1.1.15960 hermes_yahoo Apache-HttpAsyncClient/4.1.4 (Java/11.0.6) Content-Length: 3062 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/18/2020 2:43 PM, Schaufler, Casey wrote: >> -----Original Message----- >> From: linux-kernel-owner@vger.kernel.org > owner@vger.kernel.org> On Behalf Of Arnd Bergmann >> Sent: Saturday, May 16, 2020 1:05 AM >> To: Alexei Starovoitov >> Cc: James Morris ; Anders Roxell >> ; Alexei Starovoitov ; Danie= l >> Borkmann ; LKML ; >> Network Development ; bpf >> >> Subject: Re: [PATCH] security: fix the default value of secid_to_secct= x hook > I would *really* appreciate it if discussions about the LSM infrastruct= ure > where done on the linux-security-module mail list. (added to CC). > >> On Sat, May 16, 2020 at 1:29 AM Alexei Starovoitov >> wrote: >>> On Thu, May 14, 2020 at 12:47 PM Alexei Starovoitov >>> wrote: >>>> On Thu, May 14, 2020 at 12:43 PM James Morris >>>> wrote: >>>>> On Wed, 13 May 2020, Alexei Starovoitov wrote: >>>>> >>>>>> James, >>>>>> >>>>>> since you took the previous similar patch are you going to pick th= is >>>>>> one up as well? >>>>>> Or we can route it via bpf tree to Linus asap. >>>>> Routing via your tree is fine. >>>> Perfect. >>>> Applied to bpf tree. Thanks everyone. >>> Looks like it was a wrong fix. >>> It breaks audit like this: >>> sudo auditctl -e 0 >>> [ 88.400296] audit: error in audit_log_task_context >>> [ 88.400976] audit: error in audit_log_task_context >>> [ 88.401597] audit: type=3D1305 audit(1589584951.198:89): op=3Dset >>> audit_enabled=3D0 old=3D1 auid=3D0 ses=3D1 res=3D0 >>> [ 88.402691] audit: type=3D1300 audit(1589584951.198:89): >>> arch=3Dc000003e syscall=3D44 success=3Dyes exit=3D52 a0=3D3 a1=3D7ffe= 42a37400 >>> a2=3D34 a3=3D0 items=3D0 ppid=3D2250 pid=3D2251 auid=3D0 uid=3D0 gid=3D= 0 euid=3D0 suid=3D0 >>> fsuid=3D0 egid=3D0 sgid=3D0 fsgid=3D0 tty=3DttyS0 se) >>> [ 88.405587] audit: type=3D1327 audit(1589584951.198:89): >>> proctitle=3D617564697463746C002D650030 >>> Error sending enable request (Operation not supported) >>> >>> when CONFIG_LSM=3D has "bpf" in it. >> Do you have more than one LSM enabled? It looks like >> the problem with security_secid_to_secctx() is now that it >> returns an error if any of the LSMs fail and the caller expects >> it to succeed if at least one of them sets the secdata pointer. security_secid_to_secctx() is not currently stackable (I'm looking at 5.7-rc6) even for this simple case. call_int_hook() does bail-on-fail and will try all hooks registered, looking for a failure. You need to replace the call_int_hook() with an explicit hlist_for_each_entry(), as is done in security_inode_getsecurity(). >> >> The problem earlier was that the call succeeded even though >> no LSM had set the pointer. >> >> What is the behavior we actually expect from this function if >> multiple LSM are loaded? >> >> Arnd