Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp8164980rwb; Tue, 6 Dec 2022 15:06:08 -0800 (PST) X-Google-Smtp-Source: AA0mqf7PBdZsTtaRZWBR7iJ0qrxBpYHB6wvDuA+YHA5BlWuLDz3hWTPMoBFizJG9ikh/M2dfMBc/ X-Received: by 2002:a17:90a:2ec5:b0:213:9451:1775 with SMTP id h5-20020a17090a2ec500b0021394511775mr104744644pjs.90.1670367968528; Tue, 06 Dec 2022 15:06:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670367968; cv=none; d=google.com; s=arc-20160816; b=BLwePJTM0li1eFkVOt8/TlVUFDC1qSG5Z55K93FRxarLdUgYaQqfSzEDD+sGgD5syc bciJffCg5jQS/zTPtoVWTI3D80TX7mZDh9/d6f+40O76zRl5jCFBzKX10WbCeSZ4CnCq BcwPU680YqvyF08lmE7J1iHrjW65qp7HqhrUfVsEtiOMPkapqU840yXVAOSAxSo3YUWz qXEEf2bIghAw2dCEAfJf5gFQidfDlC/21fdxYu+8oQ/PX2iOsQrz+DpOMJCPkJyf5zXa HDrBbvjGk/5Ko64YQoY31EynxTkGd9XIGbWw7Py8ATjqTC3Xgfg1GnEmKNhRUdrQFM9e fcNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=tUncIJZdU3nK+S56v04n1fL0wk5o09HIUop9m+sJlw0=; b=ZHWOcWjiaYDj9SYrHRwKxAite4Qu7i/S0TYtCzUQr4EwG6QjGAi5b/hbSqSC3p0UyH wMNfzGsWPU80z7oXCqgB9ddgxgeHzIk7ZZx8QDX9OmrbWsESL9gO9dU/6AjORU3opgEA uC/FHqRc5+Twct2/5GLH5YjkyyNVsJhvR/d7I3S45n6E8gx9Q1qHeDkS65nSewnP6E+S 8VZ8ymrgkX7KYJwWwQJ+YRst0qRGzcgOxalylkP3bipfHpkwsmIQvGYHmNpjvP8xBgMf Q+BPxzLA2Mb1IDPKwKQqpfhZ8jnaEvSiDOltdff+geGd49jIxNNklFOBVYcDvmMKYw5b MXDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=KCE2zO6W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k5-20020a170902c40500b00189b421fff1si16405153plk.432.2022.12.06.15.05.33; Tue, 06 Dec 2022 15:06:08 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=KCE2zO6W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229606AbiLFWvq (ORCPT + 78 others); Tue, 6 Dec 2022 17:51:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42356 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229456AbiLFWvn (ORCPT ); Tue, 6 Dec 2022 17:51:43 -0500 Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A1A74A06D for ; Tue, 6 Dec 2022 14:51:39 -0800 (PST) Received: by mail-pg1-x52e.google.com with SMTP id w37so14684981pga.5 for ; Tue, 06 Dec 2022 14:51:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=tUncIJZdU3nK+S56v04n1fL0wk5o09HIUop9m+sJlw0=; b=KCE2zO6WNGzf3yEIA1kux+zo1nW27TLp92iRh/dPKdvOZQ5vjFtjBb5EueG2bhihV+ zh5QunEVtbIOtbScWf/RNta3+l4QrtzP/vM6YwjqwDjYy6jqw1x7LRzhyoH3WHnE+YjF MiQwtpMrw74Ydp+9+9VdILT+Wh+ToPbNiT7RR2M711doeBOyBTfBwk7Fd2dsve+InNmN clnJ74mLhrgnlF4s8QPHoTtibjRhHXX7TXwobGjYUgWp6fPTHnh5FJRVZ2kzNVq0N9OU 5AeoUS8k6I2vRTqlLBlUB/vVm8zJblwAOMrslWf//wR1UO9uVaupfApokSCi7g8zle0/ K/MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tUncIJZdU3nK+S56v04n1fL0wk5o09HIUop9m+sJlw0=; b=tjiUmAcMNL8vsk04KRnVENewfXsUnoTD8FvCHh5tOb3f6tM/fVWHYkdllug6Ehtpza mnUxP58eFlLaVN2f+BRGuNqDJY7R3AQVJsskqxdlCYpg66wiCDquH6vUPj3ufc4ZTfcM a8fRErNGW1eLAVM3CHyYFz3fy7l/ifBrqF8hvK7DIw+MTsqNvDCH7xt9flkOhAUwiRJY Ssg716dw50DvkouwxmHuufIn81BLIkra/3N/4KxRsLvpcX3M6QxvtkDkMQdlk2J9J7W5 MxSQiA4/0S1L4y35ES4+Eqgo9IjsBoNuPQ6ewTDNndkQk4UsEzOCGxDX/GFl9Ja4Ku5t Pwwg== X-Gm-Message-State: ANoB5plLxVV3hArFu7s4oOPuaOPkaz8B/7yIM4Xog5RFhhVmoOI2240C 8TDdfv1oo0AW3JdgXJUV015n9HTOIp1zkO1qYmoV X-Received: by 2002:a62:1616:0:b0:576:af2d:4c5f with SMTP id 22-20020a621616000000b00576af2d4c5fmr15934390pfw.23.1670367098777; Tue, 06 Dec 2022 14:51:38 -0800 (PST) MIME-Version: 1.0 References: <20221128144240.210110-1-roberto.sassu@huaweicloud.com> <20221128144240.210110-2-roberto.sassu@huaweicloud.com> In-Reply-To: <20221128144240.210110-2-roberto.sassu@huaweicloud.com> From: Paul Moore Date: Tue, 6 Dec 2022 17:51:27 -0500 Message-ID: Subject: Re: [PATCH v2 1/2] lsm: Clarify documentation of vm_enough_memory hook To: Roberto Sassu Cc: casey@schaufler-ca.com, omosnace@redhat.com, john.johansen@canonical.com, kpsingh@kernel.org, bpf@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Roberto Sassu Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 28, 2022 at 9:43 AM Roberto Sassu wrote: > > From: Roberto Sassu > > include/linux/lsm_hooks.h reports the result of the LSM infrastructure to > the callers, not what LSMs should return to the LSM infrastructure. > > Clarify that and add that if all LSMs return a positive value > __vm_enough_memory() will be called with cap_sys_admin set. If at least one > LSM returns 0 or negative, it will be called with cap_sys_admin cleared. > > Signed-off-by: Roberto Sassu > --- > include/linux/lsm_hooks.h | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) Thanks Roberto. Normally I don't like merging patches this close to the merge window, but as this is a comment-only fix that makes an important clarification I'm going to make an exception here and merge it into lsm/next. > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 2831efebde69..c35e260efd8c 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -1398,7 +1398,11 @@ > * Check permissions for allocating a new virtual mapping. > * @mm contains the mm struct it is being added to. > * @pages contains the number of pages. > - * Return 0 if permission is granted. > + * Return 0 if permission is granted by the LSM infrastructure to the > + * caller. If all LSMs return a positive value, __vm_enough_memory() will > + * be called with cap_sys_admin set. If at least one LSM returns 0 or > + * negative, __vm_enough_memory() will be called with cap_sys_admin > + * cleared. > * > * @ismaclabel: > * Check if the extended attribute specified by @name > -- > 2.25.1 -- paul-moore.com