Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp15039608rwb; Mon, 28 Nov 2022 07:24:13 -0800 (PST) X-Google-Smtp-Source: AA0mqf6n7RdZaAYCxkJDmk+T0GM0Kg0picyr9DtciaF8zwU2QhUK++Eb0ph7T76rO7SgVh3oaDa3 X-Received: by 2002:a50:fe11:0:b0:46b:2327:7c5d with SMTP id f17-20020a50fe11000000b0046b23277c5dmr5834084edt.386.1669649053117; Mon, 28 Nov 2022 07:24:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669649053; cv=none; d=google.com; s=arc-20160816; b=Nd2KhxwMreatEKslhyZr1HY/rBx/Ntm876Ex3SWzgpuLStuuS6bSSFpDut53P+GaOF Ct5pAWtn0/X1LzM8l/eZLt6GDJBTJrZ3hVOOQjHISjFh0aycROFYR4st9HryEU7Snpgt rEIgOKVnpE2VAEuXgQezs6t5Q7nCb8wkNh2/98HcIZHSNO9uVpWM9KQhxD39j2+xflvj Ugh83ZxMc7dXhppqP6UPyzX5nzld7ApeP43UYmovinZlyYUQnVdghjgW7GxQum0vQKmy 7s899eKOqXt5eHkdJ+kGmFxXSPF/4bdF8f3vUREhhCO3jSnA+cV5R+RtZmr3wXmehPzZ QHZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=B+CIFjeK2Gm1+bYTp4QjAFhusRhoDc5jzpiwynxUMyE=; b=07ZFaxpRGjlzhTwZyrI5/Ucy5xuu/JIkprjEszsPZxA3hsiD0VX+6BG/GzFpVtlga9 pRsLq4oA7tjIrCUVmg39p74j/rNAzyx42BI3hUrKs8TQSnyqTv2MRQIE+DeGXDdjFrpj RCJGPVVGPm8O/l+TASOZlL6SVitcyphzORMXGWzctN3cCv1Au42LOu2lquOE63mpm1h2 tvkcfVAWCCdFcE1f78cjwrOUhJ+lhwCDFI8dOMLFsHVZeSuEPqW4fOv8cWhPWFfIgFHP Uqb++hqKpJZX+0UmAJsIw7fN00fLOTu6t4CiHZnYoul0UVJmA/O2NRTYD+wexjSqoh4+ 76bg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id sg33-20020a170907a42100b0078d4a0c77f9si10641051ejc.458.2022.11.28.07.23.49; Mon, 28 Nov 2022 07:24:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232651AbiK1Ons (ORCPT + 84 others); Mon, 28 Nov 2022 09:43:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35494 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232628AbiK1OnO (ORCPT ); Mon, 28 Nov 2022 09:43:14 -0500 Received: from frasgout13.his.huawei.com (frasgout13.his.huawei.com [14.137.139.46]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 564CE766E; Mon, 28 Nov 2022 06:43:13 -0800 (PST) Received: from mail02.huawei.com (unknown [172.18.147.228]) by frasgout13.his.huawei.com (SkyGuard) with ESMTP id 4NLShG2FLNz9v7Yt; Mon, 28 Nov 2022 22:36:14 +0800 (CST) Received: from huaweicloud.com (unknown [10.204.63.22]) by APP1 (Coremail) with SMTP id LxC2BwC3oG3iyIRjL9qiAA--.42928S3; Mon, 28 Nov 2022 15:42:54 +0100 (CET) From: Roberto Sassu To: paul@paul-moore.com, casey@schaufler-ca.com, omosnace@redhat.com, john.johansen@canonical.com, kpsingh@kernel.org Cc: bpf@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Roberto Sassu Subject: [PATCH v2 1/2] lsm: Clarify documentation of vm_enough_memory hook Date: Mon, 28 Nov 2022 15:42:39 +0100 Message-Id: <20221128144240.210110-2-roberto.sassu@huaweicloud.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221128144240.210110-1-roberto.sassu@huaweicloud.com> References: <20221128144240.210110-1-roberto.sassu@huaweicloud.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CM-TRANSID: LxC2BwC3oG3iyIRjL9qiAA--.42928S3 X-Coremail-Antispam: 1UD129KBjvJXoW7uFyxGF1kGF4Utw15Ar1DKFg_yoW8Gr45pF WkWrsxKr1v9ry3C397Cana9w43Ww4ruryUt34DW3s8Z3WftrnFgr48Gr47Xr9Fyr4vkan8 KFW2kw4rWw1jyFJanT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUU9Eb4IE77IF4wAFF20E14v26ryj6rWUM7CY07I20VC2zVCF04k2 6cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28IrcIa0xkI8VA2jI8067AKxVWUGw A2048vs2IY020Ec7CjxVAFwI0_JFI_Gr1l8cAvFVAK0II2c7xJM28CjxkF64kEwVA0rcxS w2x7M28EF7xvwVC0I7IYx2IY67AKxVWUJVWUCwA2z4x0Y4vE2Ix0cI8IcVCY1x0267AKxV WxJVW8Jr1l84ACjcxK6I8E87Iv67AKxVW8JVWxJwA2z4x0Y4vEx4A2jsIEc7CjxVAFwI0_ Gr0_Gr1UM2AIxVAIcxkEcVAq07x20xvEncxIr21l5I8CrVACY4xI64kE6c02F40Ex7xfMc Ij6xIIjxv20xvE14v26r106r15McIj6I8E87Iv67AKxVWUJVW8JwAm72CE4IkC6x0Yz7v_ Jr0_Gr1lF7xvr2IYc2Ij64vIr41lc7CjxVAaw2AFwI0_GFv_Wryl42xK82IYc2Ij64vIr4 1l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUJVWUGwC20s026x8GjcxK 67AKxVWUGVWUWwC2zVAF1VAY17CE14v26r1q6r43MIIYrxkI7VAKI48JMIIF0xvE2Ix0cI 8IcVAFwI0_Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I0E14v26F4j6r4UJwCI42IY6xAIw20E Y4v20xvaj40_Jr0_JF4lIxAIcVC2z280aVAFwI0_Jr0_Gr1lIxAIcVC2z280aVCY1x0267 AKxVW8JVW8JrUvcSsGvfC2KfnxnUUI43ZEXa7IU0xsqJUUUUU== X-CM-SenderInfo: purev21wro2thvvxqx5xdzvxpfor3voofrz/1tbiAQAKBF1jj4X7EgACsQ X-CFilter-Loop: Reflected X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Roberto Sassu include/linux/lsm_hooks.h reports the result of the LSM infrastructure to the callers, not what LSMs should return to the LSM infrastructure. Clarify that and add that if all LSMs return a positive value __vm_enough_memory() will be called with cap_sys_admin set. If at least one LSM returns 0 or negative, it will be called with cap_sys_admin cleared. Signed-off-by: Roberto Sassu --- include/linux/lsm_hooks.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 2831efebde69..c35e260efd8c 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1398,7 +1398,11 @@ * Check permissions for allocating a new virtual mapping. * @mm contains the mm struct it is being added to. * @pages contains the number of pages. - * Return 0 if permission is granted. + * Return 0 if permission is granted by the LSM infrastructure to the + * caller. If all LSMs return a positive value, __vm_enough_memory() will + * be called with cap_sys_admin set. If at least one LSM returns 0 or + * negative, __vm_enough_memory() will be called with cap_sys_admin + * cleared. * * @ismaclabel: * Check if the extended attribute specified by @name -- 2.25.1