LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Casey Schaufler <casey@schaufler-ca.com>
To: Stephen Smalley <sds@tycho.nsa.gov>,
	LSM <linux-security-module@vger.kernel.org>,
	LKLM <linux-kernel@vger.kernel.org>,
	Paul Moore <paul@paul-moore.com>,
	SE Linux <selinux@tycho.nsa.gov>,
	"SMACK-discuss@lists.01.org" <SMACK-discuss@lists.01.org>,
	John Johansen <john.johansen@canonical.com>,
	Kees Cook <keescook@chromium.org>,
	Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
	James Morris <jmorris@namei.org>
Subject: Re: [PATCH 10/23] LSM: Infrastructure management of the inode security
Date: Mon, 14 May 2018 09:32:28 -0700	[thread overview]
Message-ID: <906d5338-0021-740d-36dc-0f32b2c36f55@schaufler-ca.com> (raw)
In-Reply-To: <a38fb118-8c72-e18d-e55a-48fdc40e21f4@tycho.nsa.gov>

On 5/14/2018 8:04 AM, Stephen Smalley wrote:
> On 05/10/2018 08:53 PM, Casey Schaufler wrote:
>> From: Casey Schaufler <casey@schaufler-ca.com>
>> Date: Thu, 10 May 2018 14:23:27 -0700
>> Subject: [PATCH 10/23] LSM: Infrastructure management of the inode security
>>  blob
>>
>> Move management of the inode->i_security blob out
>> of the individual security modules and into the security
>> infrastructure. Instead of allocating the blobs from within
>> the modules the modules tell the infrastructure how much
>> space is required, and the space is allocated there.
>>
>> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
>> ---
>>  include/linux/lsm_hooks.h         |  3 ++
>>  security/security.c               | 85 +++++++++++++++++++++++++++++++++++++--
>>  security/selinux/hooks.c          | 32 +--------------
>>  security/selinux/include/objsec.h |  5 +--
>>  security/smack/smack_lsm.c        | 70 +++++---------------------------
>>  5 files changed, 99 insertions(+), 96 deletions(-)
>> <SNIP>
>> diff --git a/security/security.c b/security/security.c
>> index b414186ad45f..02df9b608b7e 100644
>> --- a/security/security.c
>> +++ b/security/security.c
>> @@ -41,6 +41,7 @@ struct security_hook_heads security_hook_heads __lsm_ro_after_init;
>>  static ATOMIC_NOTIFIER_HEAD(lsm_notifier_chain);
>>  
>>  static struct kmem_cache *lsm_file_cache;
>> +static struct kmem_cache *lsm_inode_cache;
>>  
>>  char *lsm_names;
>>  static struct lsm_blob_sizes blob_sizes;
>> @@ -98,6 +99,10 @@ int __init security_init(void)
>>  		lsm_file_cache = kmem_cache_create("lsm_file_cache",
>>  						   blob_sizes.lbs_file, 0,
>>  						   SLAB_PANIC, NULL);
>> +	if (blob_sizes.lbs_inode)
>> +		lsm_inode_cache = kmem_cache_create("lsm_inode_cache",
>> +						    blob_sizes.lbs_inode, 0,
>> +						    SLAB_PANIC, NULL);
>>  	/*
>>  	 * The second call to a module specific init function
>>  	 * adds hooks to the hook lists and does any other early
>> @@ -108,8 +113,9 @@ int __init security_init(void)
>>  #ifdef CONFIG_SECURITY_LSM_DEBUG
>>  	pr_info("LSM: cred blob size       = %d\n", blob_sizes.lbs_cred);
>>  	pr_info("LSM: file blob size       = %d\n", blob_sizes.lbs_file);
>> +	pr_info("LSM: inode blob size      = %d\n", blob_sizes.lbs_inode);
>>  	pr_info("LSM: task blob size       = %d\n", blob_sizes.lbs_task);
>> -#endif
>> +#endif /* CONFIG_SECURITY_LSM_DEBUG */
>>  
>>  	return 0;
>>  }
>> @@ -285,6 +291,13 @@ void __init security_add_blobs(struct lsm_blob_sizes *needed)
>>  	lsm_set_size(&needed->lbs_cred, &blob_sizes.lbs_cred);
>>  	lsm_set_size(&needed->lbs_file, &blob_sizes.lbs_file);
>>  	lsm_set_size(&needed->lbs_task, &blob_sizes.lbs_task);
>> +	/*
>> +	 * The inode blob gets an rcu_head in addition to
>> +	 * what the modules might need.
>> +	 */
>> +	if (needed->lbs_inode && blob_sizes.lbs_inode == 0)
>> +		blob_sizes.lbs_inode = sizeof(struct rcu_head);
>> +	lsm_set_size(&needed->lbs_inode, &blob_sizes.lbs_inode);
>>  }
>>  
>>  /**
>> @@ -348,6 +361,46 @@ void lsm_early_task(struct task_struct *task)
>>  		panic("%s: Early task alloc failed.\n", __func__);
>>  }
>>  
>> +/**
>> + * lsm_inode_alloc - allocate a composite inode blob
>> + * @inode: the inode that needs a blob
>> + *
>> + * Allocate the inode blob for all the modules
>> + *
>> + * Returns 0, or -ENOMEM if memory can't be allocated.
>> + */
>> +int lsm_inode_alloc(struct inode *inode)
>> +{
>> +	if (!lsm_inode_cache) {
>> +		inode->i_security = NULL;
>> +		return 0;
>> +	}
>> +
>> +	inode->i_security = kmem_cache_zalloc(lsm_inode_cache, GFP_KERNEL);
> Should be GFP_NOFS (and was that way in SELinux and Smack).

Yes, you're correct. I'll make the change.


  reply	other threads:[~2018-05-14 16:32 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-11  0:30 [PATCH 00/23] LSM: Full security module stacking Casey Schaufler
2018-05-11  0:52 ` [PATCH 01/23] procfs: add smack subdir to attrs Casey Schaufler
2018-05-11  0:52 ` [PATCH 02/23] Smack: Abstract use of cred security blob Casey Schaufler
2018-05-11  0:52 ` [PATCH 03/23] SELinux: " Casey Schaufler
2018-05-11  0:52 ` [PATCH 04/23] LSM: Infrastructure management of the cred security Casey Schaufler
2018-05-11  0:52 ` [PATCH 05/23] SELinux: Abstract use of file security blob Casey Schaufler
2018-05-11  0:53 ` [PATCH 06/23] LSM: Infrastructure management of the file security Casey Schaufler
2018-05-11  0:53 ` [PATCH 07/23] LSM: Infrastructure management of the task security Casey Schaufler
2018-05-11  0:53 ` [PATCH 08/23] SELinux: Abstract use of inode security blob Casey Schaufler
2018-05-11  0:53 ` [PATCH 09/23] Smack: " Casey Schaufler
2018-05-11  0:53 ` [PATCH 10/23] LSM: Infrastructure management of the inode security Casey Schaufler
2018-05-14 15:04   ` Stephen Smalley
2018-05-14 16:32     ` Casey Schaufler [this message]
2018-05-11  0:54 ` [PATCH 11/23] LSM: Infrastructure management of the superblock Casey Schaufler
2018-05-11  0:54 ` [PATCH 12/23] LSM: Infrastructure management of the sock security Casey Schaufler
2018-05-11  0:54 ` [PATCH 13/23] LSM: Infrastructure management of the ipc security blob Casey Schaufler
2018-05-11  0:54 ` [PATCH 14/23] LSM: Infrastructure management of the key " Casey Schaufler
2018-05-11  0:55 ` [PATCH 15/23] LSM: Mark security blob allocation failures as unlikely Casey Schaufler
2018-05-11  0:55 ` [PATCH 16/23] LSM: Sharing of security blobs Casey Schaufler
2018-05-11  0:55 ` [PATCH 17/23] LSM: Allow mount options from multiple security modules Casey Schaufler
2018-05-11  0:55 ` [PATCH 18/23] LSM: Use multiple secids in security module interfaces Casey Schaufler
2018-05-11  0:55 ` [PATCH 19/23] LSM: Use multiple secids in LSM interfaces Casey Schaufler
2018-05-11  0:55 ` [PATCH 20/23] LSM: Move common usercopy into Casey Schaufler
2018-05-14 15:12   ` Stephen Smalley
2018-05-14 16:53     ` Stephen Smalley
2018-05-14 18:55       ` Casey Schaufler
2018-05-11  0:56 ` [PATCH 21/23] LSM: Multiple concurrent major security modules Casey Schaufler
2018-05-11  0:56 ` [PATCH 22/23] LSM: Fix setting of the IMA data in inode init Casey Schaufler
2018-05-11  0:56 ` [PATCH 23/23] Netfilter: Add a selection for Smack Casey Schaufler
2018-05-11  0:58 ` [PATCH 00/23] LSM: Full security module stacking Casey Schaufler
2018-05-11 20:25 ` [PATCH 24/23] LSM: Functions for dealing with struct secids Casey Schaufler

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=906d5338-0021-740d-36dc-0f32b2c36f55@schaufler-ca.com \
    --to=casey@schaufler-ca.com \
    --cc=SMACK-discuss@lists.01.org \
    --cc=jmorris@namei.org \
    --cc=john.johansen@canonical.com \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=penguin-kernel@i-love.sakura.ne.jp \
    --cc=sds@tycho.nsa.gov \
    --cc=selinux@tycho.nsa.gov \
    --subject='Re: [PATCH 10/23] LSM: Infrastructure management of the inode security' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).