Received: by 2002:a05:6a10:6d25:0:0:0:0 with SMTP id gq37csp1564707pxb; Mon, 13 Sep 2021 00:02:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxvgulRAVYRVkCD7hte3lyXlgVbEUJLoPVMCxeKdU/DaN/8KwgefZypIYDN7MafB849woND X-Received: by 2002:a92:de41:: with SMTP id e1mr3675329ilr.85.1631516567271; Mon, 13 Sep 2021 00:02:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631516567; cv=none; d=google.com; s=arc-20160816; b=HJJ5DFhu18ABsSui2nIqFH6MvBsjFc9v9aVUtj0n+IsnfbY1/+6Wk13+mEZn66bik0 NCG6thCGblDxgeqEdUKIAAfvWymJLp7QJuNo8RHcR0AkXvoBgjgNf+G/RuzSC9s6L/lJ vZBNeYn1oywUF742KkF9z2V65Uq2b/GeL1fyahCBdWLlpihO1/2sePlE5fSqjPsu5poO f4aLFzMBtw2Ct1CvB/CLTmGURzBlzyad9FoAvBUJ7HDk9alNN04rnb40phD8XG5WAhSR 42MFbTyEkQ484z+XBZ5qrMtT+c6B92/RFqqvcUrx/OlVLbjaoU+h3mFbzykXIZhV5nQj MzSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:organization:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date; bh=s7Ag+GwU/mGn0q0HGo3CGfmhBWv0M0EH3wKbGsP+6SM=; b=p7wzCdsd+WaJTpYkPKpIDs80RRM/T0ixdy6C/35lIjgeu/msH0sEyZ78M2rEq6Xsjv tzQFk8Pa5hUpir3MnzZ+uRuqIxeW/Maw5jqXNqUs2gQe+bfVItnJvZFY1TK6/ST1WOk8 FB9Ds4t23VXveC5zVcU5W/tSicVezUiK4mxWBq0lSViGtgWgF3tohqnGAgaN1hqBOcQW 1M5z1pFzBnJNykCSC/n/6TlBKEQQzk0uiFFUQIDjga24xg4fUzPy1LnQTHSdbhnIQ+L/ yjm9gqERLIMEU1x+ZYQopOEoTSYBXwRMJnRNxKbgD5wgU63+yOs9JaF51VGRsphBZVf1 DuIg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r11si6290349ilc.144.2021.09.13.00.02.35; Mon, 13 Sep 2021 00:02:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237496AbhIMHCJ (ORCPT + 99 others); Mon, 13 Sep 2021 03:02:09 -0400 Received: from a.mx.secunet.com ([62.96.220.36]:52864 "EHLO a.mx.secunet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237454AbhIMHCI (ORCPT ); Mon, 13 Sep 2021 03:02:08 -0400 X-Greylist: delayed 356 seconds by postgrey-1.27 at vger.kernel.org; Mon, 13 Sep 2021 03:02:07 EDT Received: from localhost (localhost [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 9052A2019C; Mon, 13 Sep 2021 08:54:55 +0200 (CEST) X-Virus-Scanned: by secunet Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id opzlf57cRu9C; Mon, 13 Sep 2021 08:54:54 +0200 (CEST) Received: from mailout2.secunet.com (mailout2.secunet.com [62.96.220.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by a.mx.secunet.com (Postfix) with ESMTPS id B6A202057E; Mon, 13 Sep 2021 08:54:54 +0200 (CEST) Received: from cas-essen-02.secunet.de (unknown [10.53.40.202]) by mailout2.secunet.com (Postfix) with ESMTP id B0A6E80004A; Mon, 13 Sep 2021 08:54:54 +0200 (CEST) Received: from mbx-essen-01.secunet.de (10.53.40.197) by cas-essen-02.secunet.de (10.53.40.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.14; Mon, 13 Sep 2021 08:54:54 +0200 Received: from moon.secunet.de (172.18.26.121) by mbx-essen-01.secunet.de (10.53.40.197) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.14; Mon, 13 Sep 2021 08:54:53 +0200 Date: Mon, 13 Sep 2021 08:54:46 +0200 From: Antony Antony To: Eugene Syromiatnikov CC: Steffen Klassert , Herbert Xu , "David S. Miller" , Antony Antony , Christian Langrock , Nicolas Dichtel , , Paul Moore , Stephen Smalley , "Eric Paris" , , , "Dmitry V. Levin" , Subject: Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage Message-ID: <20210913065446.GA2611@moon.secunet.de> Reply-To: References: <20210912122234.GA22469@asgard.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <20210912122234.GA22469@asgard.redhat.com> Organization: secunet User-Agent: Mutt/1.10.1 (2018-07-13) X-ClientProxiedBy: cas-essen-02.secunet.de (10.53.40.202) To mbx-essen-01.secunet.de (10.53.40.197) X-EXCLAIMER-MD-CONFIG: 2c86f778-e09b-4440-8b15-867914633a10 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Thanks! Acked-by: Antony Antony -antony On Sun, Sep 12, 2021 at 14:22:34 +0200, Eugene Syromiatnikov wrote: > Commit 2d151d39073a ("xfrm: Add possibility to set the default to block > if we have no policy") broke ABI by changing the value of the XFRM_MSG_MAPPING > enum item, thus also evading the build-time check > in security/selinux/nlmsgtab.c:selinux_nlmsg_lookup for presence of proper > security permission checks in nlmsg_xfrm_perms. Fix it by placing > XFRM_MSG_SETDEFAULT/XFRM_MSG_GETDEFAULT to the end of the enum, right before > __XFRM_MSG_MAX, and updating the nlmsg_xfrm_perms accordingly. > > Fixes: 2d151d39073a ("xfrm: Add possibility to set the default to block if we have no policy") > References: https://lore.kernel.org/netdev/20210901151402.GA2557@altlinux.org/ > Signed-off-by: Eugene Syromiatnikov > --- > v2: > - Updated SELinux nlmsg_xfrm_perms permissions table and selinux_nlmsg_lookup > build-time check accordingly. > > v1: https://lore.kernel.org/lkml/20210901153407.GA20446@asgard.redhat.com/ > --- > include/uapi/linux/xfrm.h | 6 +++--- > security/selinux/nlmsgtab.c | 4 +++- > 2 files changed, 6 insertions(+), 4 deletions(-) > > diff --git a/include/uapi/linux/xfrm.h b/include/uapi/linux/xfrm.h > index b96c1ea..26f456b1 100644 > --- a/include/uapi/linux/xfrm.h > +++ b/include/uapi/linux/xfrm.h > @@ -213,13 +213,13 @@ enum { > XFRM_MSG_GETSPDINFO, > #define XFRM_MSG_GETSPDINFO XFRM_MSG_GETSPDINFO > > + XFRM_MSG_MAPPING, > +#define XFRM_MSG_MAPPING XFRM_MSG_MAPPING > + > XFRM_MSG_SETDEFAULT, > #define XFRM_MSG_SETDEFAULT XFRM_MSG_SETDEFAULT > XFRM_MSG_GETDEFAULT, > #define XFRM_MSG_GETDEFAULT XFRM_MSG_GETDEFAULT > - > - XFRM_MSG_MAPPING, > -#define XFRM_MSG_MAPPING XFRM_MSG_MAPPING > __XFRM_MSG_MAX > }; > #define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1) > diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c > index d59276f..94ea2a8 100644 > --- a/security/selinux/nlmsgtab.c > +++ b/security/selinux/nlmsgtab.c > @@ -126,6 +126,8 @@ static const struct nlmsg_perm nlmsg_xfrm_perms[] = > { XFRM_MSG_NEWSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, > { XFRM_MSG_GETSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_READ }, > { XFRM_MSG_MAPPING, NETLINK_XFRM_SOCKET__NLMSG_READ }, > + { XFRM_MSG_SETDEFAULT, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, > + { XFRM_MSG_GETDEFAULT, NETLINK_XFRM_SOCKET__NLMSG_READ }, > }; > > static const struct nlmsg_perm nlmsg_audit_perms[] = > @@ -189,7 +191,7 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) > * structures at the top of this file with the new mappings > * before updating the BUILD_BUG_ON() macro! > */ > - BUILD_BUG_ON(XFRM_MSG_MAX != XFRM_MSG_MAPPING); > + BUILD_BUG_ON(XFRM_MSG_MAX != XFRM_MSG_GETDEFAULT); > err = nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms, > sizeof(nlmsg_xfrm_perms)); > break; > -- > 2.1.4 >