[PATCH security-next v5 29/30] LSM: Introduce enum lsm_order

[PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 03/30] LSM: Rename .security_initcall section to .lsm_info · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 02/30] vmlinux.lds.h: Avoid copy/paste of security_init section · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 04/30] LSM: Remove initcall tracing · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 01/30] LSM: Correctly announce start of LSM initialization · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 08/30] LSM: Record LSM name in struct lsm_info · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 05/30] LSM: Convert from initcall to struct lsm_info · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 09/30] LSM: Provide init debugging infrastructure · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 11/30] LSM: Introduce LSM_FLAG_LEGACY_MAJOR · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 12/30] LSM: Provide separate ordered initialization · Kees Cook <hidden> · 2018-10-11
Re: [PATCH security-next v5 12/30] LSM: Provide separate ordered initialization · Mimi Zohar <zohar@linux.ibm.com> · 2018-11-02
Re: [PATCH security-next v5 12/30] LSM: Provide separate ordered initialization · Kees Cook <hidden> · 2018-11-02
Re: [PATCH security-next v5 12/30] LSM: Provide separate ordered initialization · Mimi Zohar <zohar@linux.ibm.com> · 2018-11-05
[PATCH security-next v5 13/30] LoadPin: Rename boot param "enabled" to "enforce" · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 21/30] LSM: Refactor "security=" in terms of enable/disable · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 16/30] LSM: Build ordered list of LSMs to initialize · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 15/30] LSM: Lift LSM selection out of individual LSMs · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 14/30] LSM: Plumb visibility into optional "enabled" state · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 10/30] LSM: Don't ignore initialization failures · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 06/30] vmlinux.lds.h: Move LSM_TABLE into INIT_DATA · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 07/30] LSM: Convert security_initcall() into DEFINE_LSM() · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 18/30] LSM: Introduce "lsm=" for boottime LSM selection · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 24/30] selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 30/30] capability: Initialize as LSM_ORDER_FIRST · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 25/30] LSM: Add all exclusive LSMs to ordered initialization · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 23/30] apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUE · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 22/30] LSM: Separate idea of "major" LSM from "exclusive" LSM · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 19/30] LSM: Tie enabling logic to presence in ordered list · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 20/30] LSM: Prepare for reorganizing "security=" logic · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 28/30] Yama: Initialize as ordered LSM · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 27/30] LoadPin: Initialize as ordered LSM · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 26/30] LSM: Split LSM preparation from initialization · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 17/30] LSM: Introduce CONFIG_LSM · Kees Cook <hidden> · 2018-10-11
[PATCH security-next v5 29/30] LSM: Introduce enum lsm_order · Kees Cook <hidden> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · James Morris <jmorris@namei.org> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · James Morris <jmorris@namei.org> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Jordan Glover <hidden> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · John Johansen <john.johansen@canonical.com> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Jordan Glover <hidden> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · John Johansen <john.johansen@canonical.com> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Jordan Glover <hidden> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · John Johansen <john.johansen@canonical.com> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Casey Schaufler <casey@schaufler-ca.com> · 2018-10-23
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-23
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Casey Schaufler <casey@schaufler-ca.com> · 2018-10-23
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Casey Schaufler <casey@schaufler-ca.com> · 2018-10-24
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Kees Cook <hidden> · 2018-10-24
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-14
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-20
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Jordan Glover <hidden> · 2018-10-11
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · John Johansen <john.johansen@canonical.com> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · Jordan Glover <hidden> · 2018-10-12
Re: [PATCH security-next v5 00/30] LSM: Explict ordering · John Johansen <john.johansen@canonical.com> · 2018-10-12

STALE2752d

From: Kees Cook <hidden>
Date: 2018-10-11 00:26:59
Also in: linux-arch, linux-doc, lkml
Subsystem: security subsystem, the rest · Maintainers: Paul Moore, James Morris, "Serge E. Hallyn", Linus Torvalds

In preparation for distinguishing the "capability" LSM from other LSMs, it
must be ordered first. This introduces LSM_ORDER_MUTABLE for the general
LSMs and LSM_ORDER_FIRST for capability. In the future LSM_ORDER_LAST
for could be added for anything that must run last (e.g. Landlock may
use this).

Signed-off-by: Kees Cook <redacted>
---
 include/linux/lsm_hooks.h | 6 ++++++
 security/security.c       | 9 ++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 833ec0f03795..97898679a505 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h

@@ -2042,8 +2042,14 @@ extern void security_add_hooks(struct security_hook_list *hooks, int count,
 #define LSM_FLAG_LEGACY_MAJOR	BIT(0)
 #define LSM_FLAG_EXCLUSIVE	BIT(1)
 
+enum lsm_order {
+	LSM_ORDER_FIRST = -1,	/* This is only for capabilities. */
+	LSM_ORDER_MUTABLE = 0,
+};
+
 struct lsm_info {
 	const char *name;	/* Required. */
+	enum lsm_order order;	/* Optional: default is LSM_ORDER_MUTABLE */
 	unsigned long flags;	/* Optional: flags describing LSM */
 	int *enabled;		/* Optional: controlled by CONFIG_LSM */
 	int (*init)(void);	/* Required. */

diff --git a/security/security.c b/security/security.c
index 2eb8afdd945d..004938eb8e70 100644
--- a/security/security.c
+++ b/security/security.c

@@ -174,6 +174,12 @@ static void __init ordered_lsm_parse(const char *order, const char *origin)
 	struct lsm_info *lsm;
 	char *sep, *name, *next;
 
+	/* LSM_ORDER_FIRST is always first. */
+	for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {
+		if (lsm->order == LSM_ORDER_FIRST)
+			append_ordered_lsm(lsm, "first");
+	}
+
 	sep = kstrdup(order, GFP_KERNEL);
 	next = sep;
 	/* Walk the list, looking for matching LSMs. */

@@ -181,7 +187,8 @@ static void __init ordered_lsm_parse(const char *order, const char *origin)
 		bool found = false;
 
 		for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {
-			if (strcmp(lsm->name, name) == 0) {
+			if (lsm->order == LSM_ORDER_MUTABLE &&
+			    strcmp(lsm->name, name) == 0) {
 				append_ordered_lsm(lsm, origin);
 				found = true;
 			}

-- 
2.17.1

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help