--- v15
+++ v28
@@ -21,28 +21,43 @@
Because IMA uses the audit rule functions it is
affected as well.
+Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
+Acked-by: Paul Moore <paul@paul-moore.com>
+Acked-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
+Cc: <bpf@vger.kernel.org>
+Cc: linux-audit@redhat.com
+Cc: linux-security-module@vger.kernel.org
+Cc: selinux@vger.kernel.org
+To: Mimi Zohar <zohar@linux.ibm.com>
+To: Mickaël Salaün <mic@linux.microsoft.com>
---
include/linux/audit.h | 4 +-
include/linux/lsm_hooks.h | 12 ++++-
- include/linux/security.h | 66 ++++++++++++++++++++++++--
- kernel/auditfilter.c | 27 ++++++-----
- kernel/auditsc.c | 12 ++---
+ include/linux/security.h | 67 ++++++++++++++++++++++++--
+ kernel/auditfilter.c | 24 +++++-----
+ kernel/auditsc.c | 13 +++--
security/apparmor/lsm.c | 7 ++-
+ security/bpf/hooks.c | 12 ++++-
security/commoncap.c | 7 ++-
- security/integrity/ima/ima_policy.c | 34 +++++++++-----
+ security/integrity/ima/ima_policy.c | 40 +++++++++++-----
+ security/landlock/cred.c | 2 +-
+ security/landlock/fs.c | 2 +-
+ security/landlock/ptrace.c | 2 +-
+ security/landlock/setup.c | 5 ++
+ security/landlock/setup.h | 1 +
security/loadpin/loadpin.c | 8 +++-
security/lockdown/lockdown.c | 7 ++-
security/safesetid/lsm.c | 8 +++-
- security/security.c | 72 ++++++++++++++++++++++++-----
+ security/security.c | 74 ++++++++++++++++++++++++-----
security/selinux/hooks.c | 8 +++-
security/smack/smack_lsm.c | 7 ++-
security/tomoyo/tomoyo.c | 8 +++-
security/yama/yama_lsm.c | 7 ++-
- 16 files changed, 238 insertions(+), 56 deletions(-)
+ 22 files changed, 265 insertions(+), 60 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h
-index f9ceae57ca8d..8e1c759fd1ff 100644
+index 82b7c1116a85..418a485af114 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -11,6 +11,7 @@
@@ -51,9 +66,9 @@
#include <linux/ptrace.h>
+#include <linux/security.h>
#include <uapi/linux/audit.h>
-
- #define AUDIT_INO_UNSET ((unsigned long)-1)
-@@ -64,8 +65,9 @@ struct audit_field {
+ #include <uapi/linux/netfilter/nf_tables.h>
+
+@@ -65,8 +66,9 @@ struct audit_field {
kuid_t uid;
kgid_t gid;
struct {
@@ -65,11 +80,11 @@
};
u32 op;
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
-index c2b1af29a8f0..7eb808cde051 100644
+index afd3b16875b0..c61a16f0a5bc 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
-@@ -2077,6 +2077,14 @@ struct security_hook_heads {
- #endif
+@@ -1570,6 +1570,14 @@ struct security_hook_heads {
+ #undef LSM_HOOK
} __randomize_layout;
+/*
@@ -83,7 +98,7 @@
/*
* Security module hook list structure.
* For use with generic list macros for common operations.
-@@ -2085,7 +2093,7 @@ struct security_hook_list {
+@@ -1578,7 +1586,7 @@ struct security_hook_list {
struct hlist_node list;
struct hlist_head *head;
union security_list_options hook;
@@ -92,7 +107,7 @@
} __randomize_layout;
/*
-@@ -2114,7 +2122,7 @@ extern struct security_hook_heads security_hook_heads;
+@@ -1614,7 +1622,7 @@ extern struct security_hook_heads security_hook_heads;
extern char *lsm_names;
extern void security_add_hooks(struct security_hook_list *hooks, int count,
@@ -102,10 +117,10 @@
#define LSM_FLAG_LEGACY_MAJOR BIT(0)
#define LSM_FLAG_EXCLUSIVE BIT(1)
diff --git a/include/linux/security.h b/include/linux/security.h
-index 64b19f050343..8c2751763c52 100644
+index 24eda04221e9..7655bfce4b96 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
-@@ -130,6 +130,64 @@ enum lockdown_reason {
+@@ -133,6 +133,65 @@ enum lockdown_reason {
extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];
@@ -117,7 +132,8 @@
+#define LSMBLOB_ENTRIES ( \
+ (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \
+ (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \
-+ (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0))
++ (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \
++ (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0))
+
+struct lsmblob {
+ u32 secid[LSMBLOB_ENTRIES];
@@ -128,7 +144,7 @@
+#define LSMBLOB_NOT_NEEDED -3 /* Slot not requested */
+
+/**
-+ * lsmblob_init - initialize an lsmblob structure.
++ * lsmblob_init - initialize an lsmblob structure
+ * @blob: Pointer to the data to initialize
+ * @secid: The initial secid value
+ *
@@ -170,7 +186,7 @@
/* These functions are in security/commoncap.c */
extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
int cap, unsigned int opts);
-@@ -1781,8 +1839,8 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer)
+@@ -1881,8 +1940,8 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer)
#ifdef CONFIG_SECURITY
int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule);
int security_audit_rule_known(struct audit_krule *krule);
@@ -181,7 +197,7 @@
#else
-@@ -1798,12 +1856,12 @@ static inline int security_audit_rule_known(struct audit_krule *krule)
+@@ -1898,12 +1957,12 @@ static inline int security_audit_rule_known(struct audit_krule *krule)
}
static inline int security_audit_rule_match(u32 secid, u32 field, u32 op,
@@ -197,7 +213,7 @@
#endif /* CONFIG_SECURITY */
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
-index b0126e9c0743..3a44abf4fced 100644
+index db2c6b59dfc3..a2340e81cfa7 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -74,7 +74,7 @@ static void audit_free_lsm_field(struct audit_field *f)
@@ -209,28 +225,19 @@
}
}
-@@ -517,7 +517,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
- entry->rule.buflen += f->val;
-
+@@ -519,9 +519,10 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
+ goto exit_free;
+ }
+ entry->rule.buflen += f_val;
++ f->lsm_isset = true;
+ f->lsm_str = str;
err = security_audit_rule_init(f->type, f->op, str,
- (void **)&f->lsm_rule);
+ f->lsm_rules);
/* Keep currently invalid fields around in case they
* become valid after a policy reload. */
if (err == -EINVAL) {
-@@ -528,8 +528,10 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
- if (err) {
- kfree(str);
- goto exit_free;
-- } else
-+ } else {
-+ f->lsm_isset = true;
- f->lsm_str = str;
-+ }
- break;
- case AUDIT_WATCH:
- str = audit_unpack_string(&bufp, &remain, f->val);
-@@ -767,7 +769,7 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
+@@ -774,7 +775,7 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
return 0;
}
@@ -239,7 +246,7 @@
* re-initialized. */
static inline int audit_dupe_lsm_field(struct audit_field *df,
struct audit_field *sf)
-@@ -781,9 +783,9 @@ static inline int audit_dupe_lsm_field(struct audit_field *df,
+@@ -788,9 +789,9 @@ static inline int audit_dupe_lsm_field(struct audit_field *df,
return -ENOMEM;
df->lsm_str = lsm_str;
@@ -251,7 +258,7 @@
/* Keep currently invalid fields around in case they
* become valid after a policy reload. */
if (ret == -EINVAL) {
-@@ -835,7 +837,7 @@ struct audit_entry *audit_dupe_rule(struct audit_krule *old)
+@@ -842,7 +843,7 @@ struct audit_entry *audit_dupe_rule(struct audit_krule *old)
new->tree = old->tree;
memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount);
@@ -260,13 +267,14 @@
* the originals will all be freed when the old rule is freed. */
for (i = 0; i < fcount; i++) {
switch (new->fields[i].type) {
-@@ -1353,10 +1355,11 @@ int audit_filter(int msgtype, unsigned int listtype)
+@@ -1358,11 +1359,12 @@ int audit_filter(int msgtype, unsigned int listtype)
case AUDIT_SUBJ_TYPE:
case AUDIT_SUBJ_SEN:
case AUDIT_SUBJ_CLR:
- if (f->lsm_rule) {
+ if (f->lsm_isset) {
- security_task_getsecid(current, &sid);
+ security_task_getsecid_subj(current,
+ &sid);
result = security_audit_rule_match(sid,
- f->type, f->op, f->lsm_rule);
+ f->type, f->op,
@@ -274,7 +282,7 @@
}
break;
case AUDIT_EXE:
-@@ -1383,7 +1386,7 @@ int audit_filter(int msgtype, unsigned int listtype)
+@@ -1389,7 +1391,7 @@ int audit_filter(int msgtype, unsigned int listtype)
return ret;
}
@@ -283,7 +291,7 @@
{
struct audit_entry *entry = container_of(r, struct audit_entry, rule);
struct audit_entry *nentry;
-@@ -1415,7 +1418,7 @@ static int update_lsm_rule(struct audit_krule *r)
+@@ -1421,7 +1423,7 @@ static int update_lsm_rule(struct audit_krule *r)
return err;
}
@@ -292,7 +300,7 @@
* It will traverse the filter lists serarching for rules that contain LSM
* specific filter fields. When such a rule is found, it is copied, the
* LSM field is re-initialized, and the old rule is replaced with the
-@@ -1430,7 +1433,7 @@ int audit_update_lsm_rules(void)
+@@ -1436,7 +1438,7 @@ int audit_update_lsm_rules(void)
for (i = 0; i < AUDIT_NR_FILTERS; i++) {
list_for_each_entry_safe(r, n, &audit_rules_list[i], list) {
@@ -302,27 +310,27 @@
err = res;
}
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
-index 4effe01ebbe2..0c239c29a9d5 100644
+index 8dd73a64f921..acbd896f54a5 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
-@@ -638,14 +638,14 @@ static int audit_filter_rules(struct task_struct *tsk,
+@@ -671,14 +671,13 @@ static int audit_filter_rules(struct task_struct *tsk,
match for now to avoid losing information that
may be wanted. An error message will also be
logged upon error */
- if (f->lsm_rule) {
+ if (f->lsm_isset) {
if (need_sid) {
- security_task_getsecid(tsk, &sid);
+ security_task_getsecid_subj(tsk, &sid);
need_sid = 0;
}
result = security_audit_rule_match(sid, f->type,
- f->op,
+- f->op,
- f->lsm_rule);
-+ f->lsm_rules);
++ f->op, f->lsm_rules);
}
break;
case AUDIT_OBJ_USER:
-@@ -655,21 +655,21 @@ static int audit_filter_rules(struct task_struct *tsk,
+@@ -688,21 +687,21 @@ static int audit_filter_rules(struct task_struct *tsk,
case AUDIT_OBJ_LEV_HIGH:
/* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR
also applies here */
@@ -347,7 +355,7 @@
++result;
break;
}
-@@ -680,7 +680,7 @@ static int audit_filter_rules(struct task_struct *tsk,
+@@ -713,7 +712,7 @@ static int audit_filter_rules(struct task_struct *tsk,
break;
if (security_audit_rule_match(ctx->ipc.osid,
f->type, f->op,
@@ -357,10 +365,10 @@
}
break;
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
-index 61b24f4eb355..146d75e5e021 100644
+index 4113516fb62e..392e25940d1f 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
-@@ -1147,6 +1147,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = {
+@@ -1161,6 +1161,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = {
.lbs_sock = sizeof(struct aa_sk_ctx),
};
@@ -372,7 +380,7 @@
static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check),
LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme),
-@@ -1847,7 +1852,7 @@ static int __init apparmor_init(void)
+@@ -1862,7 +1867,7 @@ static int __init apparmor_init(void)
goto buffers_out;
}
security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks),
@@ -381,11 +389,36 @@
/* Report that AppArmor successfully initialized */
apparmor_initialized = 1;
+diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c
+index e5971fa74fd7..7a58fe9ab8c4 100644
+--- a/security/bpf/hooks.c
++++ b/security/bpf/hooks.c
+@@ -15,9 +15,19 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = {
+ LSM_HOOK_INIT(task_free, bpf_task_storage_free),
+ };
+
++/*
++ * slot has to be LSMBLOB_NEEDED because some of the hooks
++ * supplied by this module require a slot.
++ */
++struct lsm_id bpf_lsmid __lsm_ro_after_init = {
++ .lsm = "bpf",
++ .slot = LSMBLOB_NEEDED
++};
++
+ static int __init bpf_lsm_init(void)
+ {
+- security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf");
++ security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks),
++ &bpf_lsmid);
+ pr_info("LSM support for eBPF active\n");
+ return 0;
+ }
diff --git a/security/commoncap.c b/security/commoncap.c
-index f4ee0ae106b2..9dcfd2a0e891 100644
+index 3f810d37b71b..628685cf20e3 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
-@@ -1339,6 +1339,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot,
+@@ -1443,6 +1443,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot,
#ifdef CONFIG_SECURITY
@@ -397,7 +430,7 @@
static struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(capable, cap_capable),
LSM_HOOK_INIT(settime, cap_settime),
-@@ -1363,7 +1368,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
+@@ -1467,7 +1472,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
static int __init capability_init(void)
{
security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks),
@@ -407,22 +440,28 @@
}
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
-index 453427048999..624ed1a34842 100644
+index fd5d46e511f1..5c40677e881c 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
-@@ -75,7 +75,7 @@ struct ima_rule_entry {
+@@ -80,7 +80,7 @@ struct ima_rule_entry {
bool (*fowner_op)(kuid_t, kuid_t); /* uid_eq(), uid_gt(), uid_lt() */
int pcr;
struct {
- void *rule; /* LSM file metadata specific */
-+ void *rules[LSMBLOB_ENTRIES];
- void *args_p; /* audit value */
++ void *rules[LSMBLOB_ENTRIES]; /* LSM file metadata specific */
+ char *args_p; /* audit value */
int type; /* audit type */
} lsm[MAX_LSM_RULES];
-@@ -84,6 +84,16 @@ struct ima_rule_entry {
+@@ -90,6 +90,22 @@ struct ima_rule_entry {
struct ima_template_desc *template;
};
++/**
++ * ima_lsm_isset - Is a rule set for any of the active security modules
++ * @rules: The set of IMA rules to check
++ *
++ * If a rule is set for any LSM return true, otherwise return false.
++ */
+static inline bool ima_lsm_isset(void *rules[])
+{
+ int i;
@@ -436,31 +475,31 @@
/*
* Without LSM specific knowledge, the default policy can only be
* written in terms of .action, .func, .mask, .fsmagic, .uid, and .fowner
-@@ -258,9 +268,11 @@ __setup("ima_appraise_tcb", default_appraise_policy_setup);
+@@ -335,9 +351,11 @@ static void ima_free_rule_opt_list(struct ima_rule_opt_list *opt_list)
static void ima_lsm_free_rule(struct ima_rule_entry *entry)
{
int i;
+ int r;
for (i = 0; i < MAX_LSM_RULES; i++) {
-- kfree(entry->lsm[i].rule);
+- ima_filter_rule_free(entry->lsm[i].rule);
+ for (r = 0; r < LSMBLOB_ENTRIES; r++)
-+ kfree(entry->lsm[i].rules[r]);
++ ima_filter_rule_free(entry->lsm[i].rules[r]);
kfree(entry->lsm[i].args_p);
}
- kfree(entry);
-@@ -295,8 +307,8 @@ static struct ima_rule_entry *ima_lsm_copy_rule(struct ima_rule_entry *entry)
- security_filter_rule_init(nentry->lsm[i].type,
- Audit_equal,
- nentry->lsm[i].args_p,
-- &nentry->lsm[i].rule);
+ }
+@@ -388,8 +406,8 @@ static struct ima_rule_entry *ima_lsm_copy_rule(struct ima_rule_entry *entry)
+
+ ima_filter_rule_init(nentry->lsm[i].type, Audit_equal,
+ nentry->lsm[i].args_p,
+- &nentry->lsm[i].rule);
- if (!nentry->lsm[i].rule)
-+ nentry->lsm[i].rules);
++ &nentry->lsm[i].rules[0]);
+ if (!ima_lsm_isset(nentry->lsm[i].rules))
pr_warn("rule for LSM \'%s\' is undefined\n",
- (char *)entry->lsm[i].args_p);
+ nentry->lsm[i].args_p);
}
-@@ -465,7 +477,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,
+@@ -578,7 +596,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
int rc = 0;
u32 osid;
@@ -469,25 +508,24 @@
if (!rule->lsm[i].args_p)
continue;
else
-@@ -479,7 +491,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,
- rc = security_filter_rule_match(osid,
- rule->lsm[i].type,
- Audit_equal,
-- rule->lsm[i].rule);
-+ rule->lsm[i].rules);
+@@ -591,14 +609,14 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
+ security_inode_getsecid(inode, &osid);
+ rc = ima_filter_rule_match(osid, rule->lsm[i].type,
+ Audit_equal,
+- rule->lsm[i].rule);
++ rule->lsm[i].rules);
break;
case LSM_SUBJ_USER:
case LSM_SUBJ_ROLE:
-@@ -487,7 +499,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,
- rc = security_filter_rule_match(secid,
- rule->lsm[i].type,
- Audit_equal,
-- rule->lsm[i].rule);
-+ rule->lsm[i].rules);
+ case LSM_SUBJ_TYPE:
+ rc = ima_filter_rule_match(secid, rule->lsm[i].type,
+ Audit_equal,
+- rule->lsm[i].rule);
++ rule->lsm[i].rules);
+ break;
default:
break;
- }
-@@ -872,7 +884,7 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
+@@ -994,7 +1012,7 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
{
int result;
@@ -496,18 +534,18 @@
return -EINVAL;
entry->lsm[lsm_rule].args_p = match_strdup(args);
-@@ -883,8 +895,8 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
- result = security_filter_rule_init(entry->lsm[lsm_rule].type,
- Audit_equal,
- entry->lsm[lsm_rule].args_p,
-- &entry->lsm[lsm_rule].rule);
+@@ -1004,8 +1022,8 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
+ entry->lsm[lsm_rule].type = audit_type;
+ result = ima_filter_rule_init(entry->lsm[lsm_rule].type, Audit_equal,
+ entry->lsm[lsm_rule].args_p,
+- &entry->lsm[lsm_rule].rule);
- if (!entry->lsm[lsm_rule].rule) {
-+ entry->lsm[lsm_rule].rules);
++ &entry->lsm[lsm_rule].rules[0]);
+ if (!ima_lsm_isset(entry->lsm[lsm_rule].rules)) {
pr_warn("rule for LSM \'%s\' is undefined\n",
- (char *)entry->lsm[lsm_rule].args_p);
-
-@@ -1585,7 +1597,7 @@ int ima_policy_show(struct seq_file *m, void *v)
+ entry->lsm[lsm_rule].args_p);
+
+@@ -1812,7 +1830,7 @@ int ima_policy_show(struct seq_file *m, void *v)
}
for (i = 0; i < MAX_LSM_RULES; i++) {
@@ -516,12 +554,72 @@
switch (i) {
case LSM_OBJ_USER:
seq_printf(m, pt(Opt_obj_user),
+diff --git a/security/landlock/cred.c b/security/landlock/cred.c
+index 6725af24c684..56b121d65436 100644
+--- a/security/landlock/cred.c
++++ b/security/landlock/cred.c
+@@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
+ __init void landlock_add_cred_hooks(void)
+ {
+ security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
+- LANDLOCK_NAME);
++ &landlock_lsmid);
+ }
+diff --git a/security/landlock/fs.c b/security/landlock/fs.c
+index 97b8e421f617..319e90e9290c 100644
+--- a/security/landlock/fs.c
++++ b/security/landlock/fs.c
+@@ -688,5 +688,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
+ __init void landlock_add_fs_hooks(void)
+ {
+ security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
+- LANDLOCK_NAME);
++ &landlock_lsmid);
+ }
+diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c
+index f55b82446de2..54ccf55a077a 100644
+--- a/security/landlock/ptrace.c
++++ b/security/landlock/ptrace.c
+@@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
+ __init void landlock_add_ptrace_hooks(void)
+ {
+ security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
+- LANDLOCK_NAME);
++ &landlock_lsmid);
+ }
+diff --git a/security/landlock/setup.c b/security/landlock/setup.c
+index f8e8e980454c..759e00b9436c 100644
+--- a/security/landlock/setup.c
++++ b/security/landlock/setup.c
+@@ -23,6 +23,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = {
+ .lbs_superblock = sizeof(struct landlock_superblock_security),
+ };
+
++struct lsm_id landlock_lsmid __lsm_ro_after_init = {
++ .lsm = LANDLOCK_NAME,
++ .slot = LSMBLOB_NOT_NEEDED,
++};
++
+ static int __init landlock_init(void)
+ {
+ landlock_add_cred_hooks();
+diff --git a/security/landlock/setup.h b/security/landlock/setup.h
+index 1daffab1ab4b..38bce5b172dc 100644
+--- a/security/landlock/setup.h
++++ b/security/landlock/setup.h
+@@ -14,5 +14,6 @@
+ extern bool landlock_initialized;
+
+ extern struct lsm_blob_sizes landlock_blob_sizes;
++extern struct lsm_id landlock_lsmid;
+
+ #endif /* _SECURITY_LANDLOCK_SETUP_H */
diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
-index ee5cb944f4ad..86317e78899f 100644
+index b12f7d986b1e..b569f3bc170b 100644
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
-@@ -180,6 +180,11 @@ static int loadpin_load_data(enum kernel_load_data_id id)
- return loadpin_read_file(NULL, (enum kernel_read_file_id) id);
+@@ -192,6 +192,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents)
+ return loadpin_read_file(NULL, (enum kernel_read_file_id) id, contents);
}
+static struct lsm_id loadpin_lsmid __lsm_ro_after_init = {
@@ -532,7 +630,7 @@
static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security),
LSM_HOOK_INIT(kernel_read_file, loadpin_read_file),
-@@ -227,7 +232,8 @@ static int __init loadpin_init(void)
+@@ -239,7 +244,8 @@ static int __init loadpin_init(void)
pr_info("ready to pin (currently %senforcing)\n",
enforce ? "" : "not ");
parse_exclude();
@@ -543,7 +641,7 @@
}
diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c
-index 5a952617a0eb..924292f7bfcd 100644
+index 87cbdc64d272..4e24ea3f7b7e 100644
--- a/security/lockdown/lockdown.c
+++ b/security/lockdown/lockdown.c
@@ -75,6 +75,11 @@ static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = {
@@ -568,10 +666,10 @@
}
diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c
-index 7760019ad35d..950dfb7f931e 100644
+index 963f4ad9cb66..0c368950dc14 100644
--- a/security/safesetid/lsm.c
+++ b/security/safesetid/lsm.c
-@@ -149,6 +149,11 @@ static int safesetid_task_fix_setuid(struct cred *new,
+@@ -241,6 +241,11 @@ static int safesetid_task_fix_setgid(struct cred *new,
return -EACCES;
}
@@ -582,8 +680,8 @@
+
static struct security_hook_list safesetid_security_hooks[] = {
LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid),
- LSM_HOOK_INIT(capable, safesetid_security_capable)
-@@ -157,7 +162,8 @@ static struct security_hook_list safesetid_security_hooks[] = {
+ LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid),
+@@ -250,7 +255,8 @@ static struct security_hook_list safesetid_security_hooks[] = {
static int __init safesetid_security_init(void)
{
security_add_hooks(safesetid_security_hooks,
@@ -594,32 +692,32 @@
/* Report that SafeSetID successfully initialized */
safesetid_initialized = 1;
diff --git a/security/security.c b/security/security.c
-index 4ee63826c116..67c8116d8711 100644
+index 335c313a668d..5f1b281511f2 100644
--- a/security/security.c
+++ b/security/security.c
-@@ -340,6 +340,7 @@ static void __init ordered_lsm_init(void)
- init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg);
- init_debug("sock blob size = %d\n", blob_sizes.lbs_sock);
- init_debug("task blob size = %d\n", blob_sizes.lbs_task);
-+ init_debug("lsmblob size = %zu\n", sizeof(struct lsmblob));
+@@ -344,6 +344,7 @@ static void __init ordered_lsm_init(void)
+ init_debug("sock blob size = %d\n", blob_sizes.lbs_sock);
+ init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock);
+ init_debug("task blob size = %d\n", blob_sizes.lbs_task);
++ init_debug("lsmblob size = %zu\n", sizeof(struct lsmblob));
/*
* Create any kmem_caches needed for blobs
-@@ -467,21 +468,36 @@ static int lsm_append(const char *new, char **result)
+@@ -471,21 +472,38 @@ static int lsm_append(const char *new, char **result)
return 0;
}
+/*
+ * Current index to use while initializing the lsmblob secid list.
+ */
-+static int lsm_slot __initdata;
++static int lsm_slot __lsm_ro_after_init;
+
/**
* security_add_hooks - Add a modules hooks to the hook lists.
* @hooks: the hooks to add
* @count: the number of hooks to add
- * @lsm: the name of the security module
-+ * @lsmid: the the identification information for the security module
++ * @lsmid: the identification information for the security module
*
* Each LSM has to register its hooks with the infrastructure.
+ * If the LSM is using hooks that export secids allocate a slot
@@ -631,6 +729,8 @@
{
int i;
++ WARN_ON(!lsmid->slot || !lsmid->lsm);
++
+ if (lsmid->slot == LSMBLOB_NEEDED) {
+ if (lsm_slot >= LSMBLOB_ENTRIES)
+ panic("%s Too many LSMs registered.\n", __func__);
@@ -645,7 +745,7 @@
hlist_add_tail_rcu(&hooks[i].list, hooks[i].head);
}
-@@ -490,7 +506,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count,
+@@ -494,7 +512,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count,
* and fix this up afterwards.
*/
if (slab_is_available()) {
@@ -654,7 +754,7 @@
panic("%s - Cannot get early memory.\n", __func__);
}
}
-@@ -1938,7 +1954,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
+@@ -2070,7 +2088,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
struct security_hook_list *hp;
hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) {
@@ -663,7 +763,7 @@
continue;
return hp->hook.getprocattr(p, name, value);
}
-@@ -1951,7 +1967,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value,
+@@ -2083,7 +2101,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value,
struct security_hook_list *hp;
hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
@@ -672,7 +772,7 @@
continue;
return hp->hook.setprocattr(name, value, size);
}
-@@ -2415,7 +2431,24 @@ int security_key_getsecurity(struct key *key, char **_buffer)
+@@ -2576,7 +2594,24 @@ int security_key_getsecurity(struct key *key, char **_buffer)
int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
{
@@ -698,7 +798,7 @@
}
int security_audit_rule_known(struct audit_krule *krule)
-@@ -2423,14 +2456,31 @@ int security_audit_rule_known(struct audit_krule *krule)
+@@ -2584,14 +2619,31 @@ int security_audit_rule_known(struct audit_krule *krule)
return call_int_hook(audit_rule_known, 0, krule);
}
@@ -712,7 +812,7 @@
+ if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
+ continue;
+ hp->hook.audit_rule_free(lsmrule[hp->lsmid->slot]);
-+ }
++ }
}
-int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule)
@@ -735,10 +835,10 @@
#endif /* CONFIG_AUDIT */
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
-index de64cfba91f0..22b882867dd2 100644
+index e2c4a1fd952f..f84b6c274a10 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
-@@ -6864,6 +6864,11 @@ static int selinux_perf_event_write(struct perf_event *event)
+@@ -7101,6 +7101,11 @@ static int selinux_perf_event_write(struct perf_event *event)
}
#endif
@@ -750,7 +850,7 @@
/*
* IMPORTANT NOTE: When adding new hooks, please be careful to keep this order:
* 1. any hooks that don't belong to (2.) or (3.) below,
-@@ -7171,7 +7176,8 @@ static __init int selinux_init(void)
+@@ -7414,7 +7419,8 @@ static __init int selinux_init(void)
hashtab_cache_init();
@@ -761,11 +861,11 @@
if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET))
panic("SELinux: Unable to register AVC netcache callback\n");
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index f6c2ec5b60b7..12e01d450dd4 100644
+index 1ee0bf1493f6..5c10ad27be37 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
-@@ -4577,6 +4577,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
- .lbs_sock = sizeof(struct socket_smack),
+@@ -4694,6 +4694,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
+ .lbs_superblock = sizeof(struct superblock_smack),
};
+static struct lsm_id smack_lsmid __lsm_ro_after_init = {
@@ -776,7 +876,7 @@
static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check),
LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme),
-@@ -4775,7 +4780,7 @@ static __init int smack_init(void)
+@@ -4893,7 +4898,7 @@ static __init int smack_init(void)
/*
* Register with LSM
*/
@@ -786,10 +886,10 @@
pr_info("Smack: Initializing.\n");
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
-index 716c92ec941a..f1968e80f06d 100644
+index b6a31901f289..e8f6bb9782c1 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
-@@ -529,6 +529,11 @@ static void tomoyo_task_free(struct task_struct *task)
+@@ -521,6 +521,11 @@ static void tomoyo_task_free(struct task_struct *task)
}
}
@@ -801,7 +901,7 @@
/*
* tomoyo_security_ops is a "struct security_operations" which is used for
* registering TOMOYO.
-@@ -581,7 +586,8 @@ static int __init tomoyo_init(void)
+@@ -573,7 +578,8 @@ static int __init tomoyo_init(void)
struct tomoyo_task *s = tomoyo_task(current);
/* register ourselves with the security framework */
@@ -812,7 +912,7 @@
s->domain_info = &tomoyo_kernel_domain;
atomic_inc(&tomoyo_kernel_domain.users);
diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
-index 94dc346370b1..0f0cf7136929 100644
+index 06e226166aab..a9639ea541f7 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -421,6 +421,11 @@ static int yama_ptrace_traceme(struct task_struct *parent)
@@ -837,5 +937,5 @@
return 0;
}
--
-2.24.1
+2.31.1