--- v19
+++ v28
@@ -23,28 +23,41 @@
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Paul Moore <paul@paul-moore.com>
+Acked-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
+Cc: <bpf@vger.kernel.org>
+Cc: linux-audit@redhat.com
+Cc: linux-security-module@vger.kernel.org
+Cc: selinux@vger.kernel.org
+To: Mimi Zohar <zohar@linux.ibm.com>
+To: Mickaël Salaün <mic@linux.microsoft.com>
---
include/linux/audit.h | 4 +-
include/linux/lsm_hooks.h | 12 ++++-
- include/linux/security.h | 66 ++++++++++++++++++++++++--
+ include/linux/security.h | 67 ++++++++++++++++++++++++--
kernel/auditfilter.c | 24 +++++-----
- kernel/auditsc.c | 12 ++---
+ kernel/auditsc.c | 13 +++--
security/apparmor/lsm.c | 7 ++-
+ security/bpf/hooks.c | 12 ++++-
security/commoncap.c | 7 ++-
security/integrity/ima/ima_policy.c | 40 +++++++++++-----
+ security/landlock/cred.c | 2 +-
+ security/landlock/fs.c | 2 +-
+ security/landlock/ptrace.c | 2 +-
+ security/landlock/setup.c | 5 ++
+ security/landlock/setup.h | 1 +
security/loadpin/loadpin.c | 8 +++-
security/lockdown/lockdown.c | 7 ++-
security/safesetid/lsm.c | 8 +++-
- security/security.c | 72 ++++++++++++++++++++++++-----
+ security/security.c | 74 ++++++++++++++++++++++++-----
security/selinux/hooks.c | 8 +++-
security/smack/smack_lsm.c | 7 ++-
security/tomoyo/tomoyo.c | 8 +++-
security/yama/yama_lsm.c | 7 ++-
- 16 files changed, 242 insertions(+), 55 deletions(-)
+ 22 files changed, 265 insertions(+), 60 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h
-index 3fcd9ee49734..aabbbe6d9296 100644
+index 82b7c1116a85..418a485af114 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -11,6 +11,7 @@
@@ -53,9 +66,9 @@
#include <linux/ptrace.h>
+#include <linux/security.h>
#include <uapi/linux/audit.h>
-
- #define AUDIT_INO_UNSET ((unsigned long)-1)
-@@ -64,8 +65,9 @@ struct audit_field {
+ #include <uapi/linux/netfilter/nf_tables.h>
+
+@@ -65,8 +66,9 @@ struct audit_field {
kuid_t uid;
kgid_t gid;
struct {
@@ -67,10 +80,10 @@
};
u32 op;
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
-index b4bcafc79e0b..c9f792066d86 100644
+index afd3b16875b0..c61a16f0a5bc 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
-@@ -1532,6 +1532,14 @@ struct security_hook_heads {
+@@ -1570,6 +1570,14 @@ struct security_hook_heads {
#undef LSM_HOOK
} __randomize_layout;
@@ -85,7 +98,7 @@
/*
* Security module hook list structure.
* For use with generic list macros for common operations.
-@@ -1540,7 +1548,7 @@ struct security_hook_list {
+@@ -1578,7 +1586,7 @@ struct security_hook_list {
struct hlist_node list;
struct hlist_head *head;
union security_list_options hook;
@@ -94,7 +107,7 @@
} __randomize_layout;
/*
-@@ -1575,7 +1583,7 @@ extern struct security_hook_heads security_hook_heads;
+@@ -1614,7 +1622,7 @@ extern struct security_hook_heads security_hook_heads;
extern char *lsm_names;
extern void security_add_hooks(struct security_hook_list *hooks, int count,
@@ -104,10 +117,10 @@
#define LSM_FLAG_LEGACY_MAJOR BIT(0)
#define LSM_FLAG_EXCLUSIVE BIT(1)
diff --git a/include/linux/security.h b/include/linux/security.h
-index 0a0a03b36a3b..591dae299c6f 100644
+index 24eda04221e9..7655bfce4b96 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
-@@ -131,6 +131,64 @@ enum lockdown_reason {
+@@ -133,6 +133,65 @@ enum lockdown_reason {
extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];
@@ -119,7 +132,8 @@
+#define LSMBLOB_ENTRIES ( \
+ (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \
+ (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \
-+ (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0))
++ (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \
++ (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0))
+
+struct lsmblob {
+ u32 secid[LSMBLOB_ENTRIES];
@@ -130,7 +144,7 @@
+#define LSMBLOB_NOT_NEEDED -3 /* Slot not requested */
+
+/**
-+ * lsmblob_init - initialize an lsmblob structure.
++ * lsmblob_init - initialize an lsmblob structure
+ * @blob: Pointer to the data to initialize
+ * @secid: The initial secid value
+ *
@@ -172,7 +186,7 @@
/* These functions are in security/commoncap.c */
extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
int cap, unsigned int opts);
-@@ -1820,8 +1878,8 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer)
+@@ -1881,8 +1940,8 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer)
#ifdef CONFIG_SECURITY
int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule);
int security_audit_rule_known(struct audit_krule *krule);
@@ -183,7 +197,7 @@
#else
-@@ -1837,12 +1895,12 @@ static inline int security_audit_rule_known(struct audit_krule *krule)
+@@ -1898,12 +1957,12 @@ static inline int security_audit_rule_known(struct audit_krule *krule)
}
static inline int security_audit_rule_match(u32 secid, u32 field, u32 op,
@@ -199,7 +213,7 @@
#endif /* CONFIG_SECURITY */
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
-index a10e2997aa6c..f9a632ae7be1 100644
+index db2c6b59dfc3..a2340e81cfa7 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -74,7 +74,7 @@ static void audit_free_lsm_field(struct audit_field *f)
@@ -253,13 +267,14 @@
* the originals will all be freed when the old rule is freed. */
for (i = 0; i < fcount; i++) {
switch (new->fields[i].type) {
-@@ -1358,10 +1359,11 @@ int audit_filter(int msgtype, unsigned int listtype)
+@@ -1358,11 +1359,12 @@ int audit_filter(int msgtype, unsigned int listtype)
case AUDIT_SUBJ_TYPE:
case AUDIT_SUBJ_SEN:
case AUDIT_SUBJ_CLR:
- if (f->lsm_rule) {
+ if (f->lsm_isset) {
- security_task_getsecid(current, &sid);
+ security_task_getsecid_subj(current,
+ &sid);
result = security_audit_rule_match(sid,
- f->type, f->op, f->lsm_rule);
+ f->type, f->op,
@@ -267,7 +282,7 @@
}
break;
case AUDIT_EXE:
-@@ -1388,7 +1390,7 @@ int audit_filter(int msgtype, unsigned int listtype)
+@@ -1389,7 +1391,7 @@ int audit_filter(int msgtype, unsigned int listtype)
return ret;
}
@@ -276,7 +291,7 @@
{
struct audit_entry *entry = container_of(r, struct audit_entry, rule);
struct audit_entry *nentry;
-@@ -1420,7 +1422,7 @@ static int update_lsm_rule(struct audit_krule *r)
+@@ -1421,7 +1423,7 @@ static int update_lsm_rule(struct audit_krule *r)
return err;
}
@@ -285,7 +300,7 @@
* It will traverse the filter lists serarching for rules that contain LSM
* specific filter fields. When such a rule is found, it is copied, the
* LSM field is re-initialized, and the old rule is replaced with the
-@@ -1435,7 +1437,7 @@ int audit_update_lsm_rules(void)
+@@ -1436,7 +1438,7 @@ int audit_update_lsm_rules(void)
for (i = 0; i < AUDIT_NR_FILTERS; i++) {
list_for_each_entry_safe(r, n, &audit_rules_list[i], list) {
@@ -295,27 +310,27 @@
err = res;
}
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
-index 468a23390457..bafa03a5c866 100644
+index 8dd73a64f921..acbd896f54a5 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
-@@ -649,14 +649,14 @@ static int audit_filter_rules(struct task_struct *tsk,
+@@ -671,14 +671,13 @@ static int audit_filter_rules(struct task_struct *tsk,
match for now to avoid losing information that
may be wanted. An error message will also be
logged upon error */
- if (f->lsm_rule) {
+ if (f->lsm_isset) {
if (need_sid) {
- security_task_getsecid(tsk, &sid);
+ security_task_getsecid_subj(tsk, &sid);
need_sid = 0;
}
result = security_audit_rule_match(sid, f->type,
- f->op,
+- f->op,
- f->lsm_rule);
-+ f->lsm_rules);
++ f->op, f->lsm_rules);
}
break;
case AUDIT_OBJ_USER:
-@@ -666,21 +666,21 @@ static int audit_filter_rules(struct task_struct *tsk,
+@@ -688,21 +687,21 @@ static int audit_filter_rules(struct task_struct *tsk,
case AUDIT_OBJ_LEV_HIGH:
/* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR
also applies here */
@@ -340,7 +355,7 @@
++result;
break;
}
-@@ -691,7 +691,7 @@ static int audit_filter_rules(struct task_struct *tsk,
+@@ -713,7 +712,7 @@ static int audit_filter_rules(struct task_struct *tsk,
break;
if (security_audit_rule_match(ctx->ipc.osid,
f->type, f->op,
@@ -350,10 +365,10 @@
}
break;
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
-index f1c365905d5e..432915c1d427 100644
+index 4113516fb62e..392e25940d1f 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
-@@ -1152,6 +1152,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = {
+@@ -1161,6 +1161,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = {
.lbs_sock = sizeof(struct aa_sk_ctx),
};
@@ -365,7 +380,7 @@
static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check),
LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme),
-@@ -1852,7 +1857,7 @@ static int __init apparmor_init(void)
+@@ -1862,7 +1867,7 @@ static int __init apparmor_init(void)
goto buffers_out;
}
security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks),
@@ -374,11 +389,36 @@
/* Report that AppArmor successfully initialized */
apparmor_initialized = 1;
+diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c
+index e5971fa74fd7..7a58fe9ab8c4 100644
+--- a/security/bpf/hooks.c
++++ b/security/bpf/hooks.c
+@@ -15,9 +15,19 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = {
+ LSM_HOOK_INIT(task_free, bpf_task_storage_free),
+ };
+
++/*
++ * slot has to be LSMBLOB_NEEDED because some of the hooks
++ * supplied by this module require a slot.
++ */
++struct lsm_id bpf_lsmid __lsm_ro_after_init = {
++ .lsm = "bpf",
++ .slot = LSMBLOB_NEEDED
++};
++
+ static int __init bpf_lsm_init(void)
+ {
+- security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf");
++ security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks),
++ &bpf_lsmid);
+ pr_info("LSM support for eBPF active\n");
+ return 0;
+ }
diff --git a/security/commoncap.c b/security/commoncap.c
-index 59bf3c1674c8..959a9f96b7f1 100644
+index 3f810d37b71b..628685cf20e3 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
-@@ -1341,6 +1341,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot,
+@@ -1443,6 +1443,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot,
#ifdef CONFIG_SECURITY
@@ -390,7 +430,7 @@
static struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(capable, cap_capable),
LSM_HOOK_INIT(settime, cap_settime),
-@@ -1365,7 +1370,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
+@@ -1467,7 +1472,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
static int __init capability_init(void)
{
security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks),
@@ -400,25 +440,25 @@
}
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
-index e493063a3c34..a442b8940e93 100644
+index fd5d46e511f1..5c40677e881c 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
-@@ -73,7 +73,7 @@ struct ima_rule_entry {
+@@ -80,7 +80,7 @@ struct ima_rule_entry {
bool (*fowner_op)(kuid_t, kuid_t); /* uid_eq(), uid_gt(), uid_lt() */
int pcr;
struct {
- void *rule; /* LSM file metadata specific */
-+ void *rules[LSMBLOB_ENTRIES];
- void *args_p; /* audit value */
++ void *rules[LSMBLOB_ENTRIES]; /* LSM file metadata specific */
+ char *args_p; /* audit value */
int type; /* audit type */
} lsm[MAX_LSM_RULES];
-@@ -82,6 +82,22 @@ struct ima_rule_entry {
+@@ -90,6 +90,22 @@ struct ima_rule_entry {
struct ima_template_desc *template;
};
+/**
+ * ima_lsm_isset - Is a rule set for any of the active security modules
-+ * @rules: The set of IMA rules to check.
++ * @rules: The set of IMA rules to check
+ *
+ * If a rule is set for any LSM return true, otherwise return false.
+ */
@@ -435,31 +475,31 @@
/*
* Without LSM specific knowledge, the default policy can only be
* written in terms of .action, .func, .mask, .fsmagic, .uid, and .fowner
-@@ -256,9 +272,11 @@ __setup("ima_appraise_tcb", default_appraise_policy_setup);
+@@ -335,9 +351,11 @@ static void ima_free_rule_opt_list(struct ima_rule_opt_list *opt_list)
static void ima_lsm_free_rule(struct ima_rule_entry *entry)
{
int i;
+ int r;
for (i = 0; i < MAX_LSM_RULES; i++) {
-- kfree(entry->lsm[i].rule);
+- ima_filter_rule_free(entry->lsm[i].rule);
+ for (r = 0; r < LSMBLOB_ENTRIES; r++)
-+ kfree(entry->lsm[i].rules[r]);
++ ima_filter_rule_free(entry->lsm[i].rules[r]);
kfree(entry->lsm[i].args_p);
}
- kfree(entry);
-@@ -293,8 +311,8 @@ static struct ima_rule_entry *ima_lsm_copy_rule(struct ima_rule_entry *entry)
- security_filter_rule_init(nentry->lsm[i].type,
- Audit_equal,
- nentry->lsm[i].args_p,
-- &nentry->lsm[i].rule);
+ }
+@@ -388,8 +406,8 @@ static struct ima_rule_entry *ima_lsm_copy_rule(struct ima_rule_entry *entry)
+
+ ima_filter_rule_init(nentry->lsm[i].type, Audit_equal,
+ nentry->lsm[i].args_p,
+- &nentry->lsm[i].rule);
- if (!nentry->lsm[i].rule)
-+ nentry->lsm[i].rules);
++ &nentry->lsm[i].rules[0]);
+ if (!ima_lsm_isset(nentry->lsm[i].rules))
pr_warn("rule for LSM \'%s\' is undefined\n",
- (char *)entry->lsm[i].args_p);
+ nentry->lsm[i].args_p);
}
-@@ -463,7 +481,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,
+@@ -578,7 +596,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
int rc = 0;
u32 osid;
@@ -468,25 +508,24 @@
if (!rule->lsm[i].args_p)
continue;
else
-@@ -477,7 +495,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,
- rc = security_filter_rule_match(osid,
- rule->lsm[i].type,
- Audit_equal,
-- rule->lsm[i].rule);
-+ rule->lsm[i].rules);
+@@ -591,14 +609,14 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
+ security_inode_getsecid(inode, &osid);
+ rc = ima_filter_rule_match(osid, rule->lsm[i].type,
+ Audit_equal,
+- rule->lsm[i].rule);
++ rule->lsm[i].rules);
break;
case LSM_SUBJ_USER:
case LSM_SUBJ_ROLE:
-@@ -485,7 +503,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,
- rc = security_filter_rule_match(secid,
- rule->lsm[i].type,
- Audit_equal,
-- rule->lsm[i].rule);
-+ rule->lsm[i].rules);
+ case LSM_SUBJ_TYPE:
+ rc = ima_filter_rule_match(secid, rule->lsm[i].type,
+ Audit_equal,
+- rule->lsm[i].rule);
++ rule->lsm[i].rules);
+ break;
default:
break;
- }
-@@ -872,7 +890,7 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
+@@ -994,7 +1012,7 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
{
int result;
@@ -495,18 +534,18 @@
return -EINVAL;
entry->lsm[lsm_rule].args_p = match_strdup(args);
-@@ -883,8 +901,8 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
- result = security_filter_rule_init(entry->lsm[lsm_rule].type,
- Audit_equal,
- entry->lsm[lsm_rule].args_p,
-- &entry->lsm[lsm_rule].rule);
+@@ -1004,8 +1022,8 @@ static int ima_lsm_rule_init(struct ima_rule_entry *entry,
+ entry->lsm[lsm_rule].type = audit_type;
+ result = ima_filter_rule_init(entry->lsm[lsm_rule].type, Audit_equal,
+ entry->lsm[lsm_rule].args_p,
+- &entry->lsm[lsm_rule].rule);
- if (!entry->lsm[lsm_rule].rule) {
-+ entry->lsm[lsm_rule].rules);
++ &entry->lsm[lsm_rule].rules[0]);
+ if (!ima_lsm_isset(entry->lsm[lsm_rule].rules)) {
pr_warn("rule for LSM \'%s\' is undefined\n",
- (char *)entry->lsm[lsm_rule].args_p);
-
-@@ -1585,7 +1603,7 @@ int ima_policy_show(struct seq_file *m, void *v)
+ entry->lsm[lsm_rule].args_p);
+
+@@ -1812,7 +1830,7 @@ int ima_policy_show(struct seq_file *m, void *v)
}
for (i = 0; i < MAX_LSM_RULES; i++) {
@@ -515,12 +554,72 @@
switch (i) {
case LSM_OBJ_USER:
seq_printf(m, pt(Opt_obj_user),
+diff --git a/security/landlock/cred.c b/security/landlock/cred.c
+index 6725af24c684..56b121d65436 100644
+--- a/security/landlock/cred.c
++++ b/security/landlock/cred.c
+@@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
+ __init void landlock_add_cred_hooks(void)
+ {
+ security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
+- LANDLOCK_NAME);
++ &landlock_lsmid);
+ }
+diff --git a/security/landlock/fs.c b/security/landlock/fs.c
+index 97b8e421f617..319e90e9290c 100644
+--- a/security/landlock/fs.c
++++ b/security/landlock/fs.c
+@@ -688,5 +688,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
+ __init void landlock_add_fs_hooks(void)
+ {
+ security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
+- LANDLOCK_NAME);
++ &landlock_lsmid);
+ }
+diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c
+index f55b82446de2..54ccf55a077a 100644
+--- a/security/landlock/ptrace.c
++++ b/security/landlock/ptrace.c
+@@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
+ __init void landlock_add_ptrace_hooks(void)
+ {
+ security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
+- LANDLOCK_NAME);
++ &landlock_lsmid);
+ }
+diff --git a/security/landlock/setup.c b/security/landlock/setup.c
+index f8e8e980454c..759e00b9436c 100644
+--- a/security/landlock/setup.c
++++ b/security/landlock/setup.c
+@@ -23,6 +23,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = {
+ .lbs_superblock = sizeof(struct landlock_superblock_security),
+ };
+
++struct lsm_id landlock_lsmid __lsm_ro_after_init = {
++ .lsm = LANDLOCK_NAME,
++ .slot = LSMBLOB_NOT_NEEDED,
++};
++
+ static int __init landlock_init(void)
+ {
+ landlock_add_cred_hooks();
+diff --git a/security/landlock/setup.h b/security/landlock/setup.h
+index 1daffab1ab4b..38bce5b172dc 100644
+--- a/security/landlock/setup.h
++++ b/security/landlock/setup.h
+@@ -14,5 +14,6 @@
+ extern bool landlock_initialized;
+
+ extern struct lsm_blob_sizes landlock_blob_sizes;
++extern struct lsm_id landlock_lsmid;
+
+ #endif /* _SECURITY_LANDLOCK_SETUP_H */
diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
-index ee5cb944f4ad..86317e78899f 100644
+index b12f7d986b1e..b569f3bc170b 100644
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
-@@ -180,6 +180,11 @@ static int loadpin_load_data(enum kernel_load_data_id id)
- return loadpin_read_file(NULL, (enum kernel_read_file_id) id);
+@@ -192,6 +192,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents)
+ return loadpin_read_file(NULL, (enum kernel_read_file_id) id, contents);
}
+static struct lsm_id loadpin_lsmid __lsm_ro_after_init = {
@@ -531,7 +630,7 @@
static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security),
LSM_HOOK_INIT(kernel_read_file, loadpin_read_file),
-@@ -227,7 +232,8 @@ static int __init loadpin_init(void)
+@@ -239,7 +244,8 @@ static int __init loadpin_init(void)
pr_info("ready to pin (currently %senforcing)\n",
enforce ? "" : "not ");
parse_exclude();
@@ -567,10 +666,10 @@
}
diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c
-index 7760019ad35d..950dfb7f931e 100644
+index 963f4ad9cb66..0c368950dc14 100644
--- a/security/safesetid/lsm.c
+++ b/security/safesetid/lsm.c
-@@ -149,6 +149,11 @@ static int safesetid_task_fix_setuid(struct cred *new,
+@@ -241,6 +241,11 @@ static int safesetid_task_fix_setgid(struct cred *new,
return -EACCES;
}
@@ -581,8 +680,8 @@
+
static struct security_hook_list safesetid_security_hooks[] = {
LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid),
- LSM_HOOK_INIT(capable, safesetid_security_capable)
-@@ -157,7 +162,8 @@ static struct security_hook_list safesetid_security_hooks[] = {
+ LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid),
+@@ -250,7 +255,8 @@ static struct security_hook_list safesetid_security_hooks[] = {
static int __init safesetid_security_init(void)
{
security_add_hooks(safesetid_security_hooks,
@@ -593,18 +692,18 @@
/* Report that SafeSetID successfully initialized */
safesetid_initialized = 1;
diff --git a/security/security.c b/security/security.c
-index d2366c694cd8..17d701cd7f69 100644
+index 335c313a668d..5f1b281511f2 100644
--- a/security/security.c
+++ b/security/security.c
-@@ -340,6 +340,7 @@ static void __init ordered_lsm_init(void)
- init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg);
- init_debug("sock blob size = %d\n", blob_sizes.lbs_sock);
- init_debug("task blob size = %d\n", blob_sizes.lbs_task);
-+ init_debug("lsmblob size = %zu\n", sizeof(struct lsmblob));
+@@ -344,6 +344,7 @@ static void __init ordered_lsm_init(void)
+ init_debug("sock blob size = %d\n", blob_sizes.lbs_sock);
+ init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock);
+ init_debug("task blob size = %d\n", blob_sizes.lbs_task);
++ init_debug("lsmblob size = %zu\n", sizeof(struct lsmblob));
/*
* Create any kmem_caches needed for blobs
-@@ -467,21 +468,36 @@ static int lsm_append(const char *new, char **result)
+@@ -471,21 +472,38 @@ static int lsm_append(const char *new, char **result)
return 0;
}
@@ -618,7 +717,7 @@
* @hooks: the hooks to add
* @count: the number of hooks to add
- * @lsm: the name of the security module
-+ * @lsmid: the the identification information for the security module
++ * @lsmid: the identification information for the security module
*
* Each LSM has to register its hooks with the infrastructure.
+ * If the LSM is using hooks that export secids allocate a slot
@@ -630,6 +729,8 @@
{
int i;
++ WARN_ON(!lsmid->slot || !lsmid->lsm);
++
+ if (lsmid->slot == LSMBLOB_NEEDED) {
+ if (lsm_slot >= LSMBLOB_ENTRIES)
+ panic("%s Too many LSMs registered.\n", __func__);
@@ -644,7 +745,7 @@
hlist_add_tail_rcu(&hooks[i].list, hooks[i].head);
}
-@@ -490,7 +506,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count,
+@@ -494,7 +512,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count,
* and fix this up afterwards.
*/
if (slab_is_available()) {
@@ -653,7 +754,7 @@
panic("%s - Cannot get early memory.\n", __func__);
}
}
-@@ -1989,7 +2005,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
+@@ -2070,7 +2088,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
struct security_hook_list *hp;
hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) {
@@ -662,7 +763,7 @@
continue;
return hp->hook.getprocattr(p, name, value);
}
-@@ -2002,7 +2018,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value,
+@@ -2083,7 +2101,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value,
struct security_hook_list *hp;
hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
@@ -671,7 +772,7 @@
continue;
return hp->hook.setprocattr(name, value, size);
}
-@@ -2494,7 +2510,24 @@ int security_key_getsecurity(struct key *key, char **_buffer)
+@@ -2576,7 +2594,24 @@ int security_key_getsecurity(struct key *key, char **_buffer)
int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
{
@@ -697,7 +798,7 @@
}
int security_audit_rule_known(struct audit_krule *krule)
-@@ -2502,14 +2535,31 @@ int security_audit_rule_known(struct audit_krule *krule)
+@@ -2584,14 +2619,31 @@ int security_audit_rule_known(struct audit_krule *krule)
return call_int_hook(audit_rule_known, 0, krule);
}
@@ -734,10 +835,10 @@
#endif /* CONFIG_AUDIT */
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
-index 7f312714d96a..1c821bec7472 100644
+index e2c4a1fd952f..f84b6c274a10 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
-@@ -6929,6 +6929,11 @@ static int selinux_perf_event_write(struct perf_event *event)
+@@ -7101,6 +7101,11 @@ static int selinux_perf_event_write(struct perf_event *event)
}
#endif
@@ -749,7 +850,7 @@
/*
* IMPORTANT NOTE: When adding new hooks, please be careful to keep this order:
* 1. any hooks that don't belong to (2.) or (3.) below,
-@@ -7240,7 +7245,8 @@ static __init int selinux_init(void)
+@@ -7414,7 +7419,8 @@ static __init int selinux_init(void)
hashtab_cache_init();
@@ -760,11 +861,11 @@
if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET))
panic("SELinux: Unable to register AVC netcache callback\n");
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index 4f9023f7f219..d4655dec2d70 100644
+index 1ee0bf1493f6..5c10ad27be37 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
-@@ -4649,6 +4649,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
- .lbs_sock = sizeof(struct socket_smack),
+@@ -4694,6 +4694,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
+ .lbs_superblock = sizeof(struct superblock_smack),
};
+static struct lsm_id smack_lsmid __lsm_ro_after_init = {
@@ -775,7 +876,7 @@
static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check),
LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme),
-@@ -4848,7 +4853,7 @@ static __init int smack_init(void)
+@@ -4893,7 +4898,7 @@ static __init int smack_init(void)
/*
* Register with LSM
*/
@@ -785,10 +886,10 @@
pr_info("Smack: Initializing.\n");
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
-index f9adddc42ac8..e5848069af34 100644
+index b6a31901f289..e8f6bb9782c1 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
-@@ -523,6 +523,11 @@ static void tomoyo_task_free(struct task_struct *task)
+@@ -521,6 +521,11 @@ static void tomoyo_task_free(struct task_struct *task)
}
}
@@ -800,7 +901,7 @@
/*
* tomoyo_security_ops is a "struct security_operations" which is used for
* registering TOMOYO.
-@@ -575,7 +580,8 @@ static int __init tomoyo_init(void)
+@@ -573,7 +578,8 @@ static int __init tomoyo_init(void)
struct tomoyo_task *s = tomoyo_task(current);
/* register ourselves with the security framework */
@@ -811,7 +912,7 @@
s->domain_info = &tomoyo_kernel_domain;
atomic_inc(&tomoyo_kernel_domain.users);
diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
-index 536c99646f6a..c582757669f6 100644
+index 06e226166aab..a9639ea541f7 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -421,6 +421,11 @@ static int yama_ptrace_traceme(struct task_struct *parent)
@@ -836,5 +937,5 @@
return 0;
}
--
-2.24.1
+2.31.1