Received: by 2002:a5d:9c59:0:0:0:0:0 with SMTP id 25csp2841825iof; Wed, 8 Jun 2022 13:14:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxuKpCa2bwOi0RndlDc1Jas3wMAT/RRb7ikkLWEvD3IJp4zjHesxoWRp4kO1NsNpVptZJsI X-Received: by 2002:a17:90b:3e88:b0:1e8:8d83:8782 with SMTP id rj8-20020a17090b3e8800b001e88d838782mr959065pjb.0.1654719282754; Wed, 08 Jun 2022 13:14:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1654719282; cv=none; d=google.com; s=arc-20160816; b=rUs08JoLr5AnOPQmiKIwauBn/Bv3/FCWPngrjLqMbaE4uqdWmH/GUpUA4xOui0FnHK AjYp0WvfJ/0pjtn6sUyJbpDIsNTHGi57XZx6Gwx87MIgNR0bA2jF1IHjq9I7+9qvQ/j2 FjQ3ghAXlGDoqvhsJGXtP3TSnBmxp4HgEg4bc5hph2qWwPht7PGsxnTTKr8K1KHkMfzv /y+gxkpFYf+NWNNlajQVT5Cp3et5mT8eLXL864LikHA6PnEsVnWESHpfHKvZQMfU+nXp EnP3ENAn+SeWlNMXTfo+sM6+ybu77avWJd9AGuq1tKbOkZE7U4qAY6gUV1T2iWs7tNXQ fQqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:dkim-signature:dkim-filter; bh=euocF9AshgwQ/HeYq7HRbOZg4Tix9Q9xWo3qeMMR15k=; b=PX9vHOfLxfca98Cd01uxq0XW2aUUZhAkzhwRXLRArYiaXgJen9WC17EbhkAWeWEkNX 3GnDzLBEHiIGAFwBT7rzIVQX1cHRzq5PN5NcpOfgaECd3ikfwK52gGJ2NJ3ULwEG/3Fh t1wQlz3qTJcfU7tW9zmj9Jzj+pI6TSqhif89e7M+EPGsdkJbEOXIuzXj1mrl71aco5qU dIFbefU9eCA2lXsKMDH3xX0qFjJJioTI4KpY0e/dvz0Lt3BSaRwClosZxha1RKAp6cKq S/IcFQLvOn6Wc/Rgq5ZZNF7m6RG5/ibXbGB0LafYEJnOY/cHgaULK1g78Po9O34oivSt 4NnQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=IHdxECte; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v69-20020a638948000000b003fb0b7af2d9si29367924pgd.731.2022.06.08.13.14.04; Wed, 08 Jun 2022 13:14:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=IHdxECte; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234691AbiFHTBz (ORCPT + 99 others); Wed, 8 Jun 2022 15:01:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51588 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231942AbiFHTBr (ORCPT ); Wed, 8 Jun 2022 15:01:47 -0400 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id C50E328E32; Wed, 8 Jun 2022 12:01:45 -0700 (PDT) Received: from linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net (linux.microsoft.com [13.77.154.182]) by linux.microsoft.com (Postfix) with ESMTPSA id 6C2EB20BE66F; Wed, 8 Jun 2022 12:01:44 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 6C2EB20BE66F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1654714904; bh=euocF9AshgwQ/HeYq7HRbOZg4Tix9Q9xWo3qeMMR15k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IHdxECteh9neNFSBOclwX21THPS3ic9bHRX+Ye+TCJMt7oOmkpb1d7ruCO4BkQsk6 IdaBTt5YNhaP61aEbp8MHywRIwm34JRjmW+3f0ervXfsfpXstn/ihu8Y9Jff2lNDf2 UND/dV8qiyo/UzBqmo5QKgaSCeQoGh0TJKjWZUOU= From: Deven Bowers To: corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, tytso@mit.edu, ebiggers@kernel.org, axboe@kernel.dk, agk@redhat.com, snitzer@kernel.org, eparis@redhat.com, paul@paul-moore.com Cc: linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-block@vger.kernel.org, dm-devel@redhat.com, linux-audit@redhat.com, roberto.sassu@huawei.com, linux-kernel@vger.kernel.org Subject: [RFC PATCH v8 06/17] uapi|audit: add ipe audit message definitions Date: Wed, 8 Jun 2022 12:01:18 -0700 Message-Id: <1654714889-26728-7-git-send-email-deven.desai@linux.microsoft.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com> References: <1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com> X-Spam-Status: No, score=-19.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_MED, SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL, USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Introduce new definitions to audit.h centered around trust decisions and policy loading and activation, as an extension of the mandatory access control fields. Signed-off-by: Deven Bowers --- v2: + Split evaluation loop, access control hooks, and evaluation loop from policy parser and userspace interface to pass mailing list character limit v3: + Move ipe_load_properties to patch 04. + Remove useless 0-initializations + Prefix extern variables with ipe_ + Remove kernel module parameters, as these are exposed through sysctls. + Add more prose to the IPE base config option help text. + Use GFP_KERNEL for audit_log_start. + Remove unnecessary caching system. + Remove comments from headers + Use rcu_access_pointer for rcu-pointer null check + Remove usage of reqprot; use prot only. + Move policy load and activation audit event to 03/12 v4: + Remove sysctls in favor of securityfs nodes + Re-add kernel module parameters, as these are now exposed through securityfs. + Refactor property audit loop to a separate function. v5: + fix minor grammatical errors + do not group rule by curly-brace in audit record, reconstruct the exact rule. v6: + No changes v7: + Further split audit system patch into two separate patches; one for include/uapi, and the usage of the new defines. + Change audit records to MAC region (14XX) from Integrity region (18XX), as IPE is an effectively a MAC system around authenticity versus an extension to the integrity subsystem. + Generalize the #defines to support the class of trust-based access-control LSMs. v8: + Change audit type: + AUDIT_TRUST_RESULT -> AUDIT_IPE_ACCESS + Remove audit types (replaced by existing types): + AUDIT_TRUST_POLICY_LOAD + AUDIT_TRUST_POLICY_ACTIVATE + AUDIT_TRUST_STATUS --- include/uapi/linux/audit.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h index 7c1dc818b1d5..78b9a04d5b41 100644 --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@ -143,6 +143,7 @@ #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */ #define AUDIT_MAC_CALIPSO_ADD 1418 /* NetLabel: add CALIPSO DOI entry */ #define AUDIT_MAC_CALIPSO_DEL 1419 /* NetLabel: del CALIPSO DOI entry */ +#define AUDIT_IPE_ACCESS 1420 /* IPE Denial or Grant */ #define AUDIT_FIRST_KERN_ANOM_MSG 1700 #define AUDIT_LAST_KERN_ANOM_MSG 1799 -- 2.25.1