diff v29→v28 (patch 10) | series

Inter-revision diff: patch 10

Comparing v29 (message) to v28 (message)
--- v29
+++ v28
@@ -6,7 +6,7 @@
 
 Reviewed-by: Kees Cook <keescook@chromium.org>
 Reviewed-by: John Johansen <john.johansen@canonical.com>
-Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
+Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
 Acked-by: Paul Moore <paul@paul-moore.com>
 Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
 Cc: linux-integrity@vger.kernel.org
@@ -20,13 +20,13 @@
  kernel/auditsc.c                      | 25 ++++++------
  net/netlabel/netlabel_unlabeled.c     |  5 ++-
  net/netlabel/netlabel_user.h          |  6 ++-
- security/integrity/ima/ima_appraise.c | 12 +++---
- security/integrity/ima/ima_main.c     | 55 +++++++++++++++------------
+ security/integrity/ima/ima_appraise.c | 10 +++--
+ security/integrity/ima/ima_main.c     | 56 +++++++++++++++------------
  security/security.c                   | 25 +++++++++---
- 10 files changed, 94 insertions(+), 80 deletions(-)
+ 10 files changed, 94 insertions(+), 79 deletions(-)
 
 diff --git a/drivers/android/binder.c b/drivers/android/binder.c
-index 42bcf22d1e50..d17a34445dcd 100644
+index 3e97a6de5e80..96dd728809ef 100644
 --- a/drivers/android/binder.c
 +++ b/drivers/android/binder.c
 @@ -2710,7 +2710,6 @@ static void binder_transaction(struct binder_proc *proc,
@@ -56,10 +56,10 @@
  		if (ret) {
  			return_error = BR_FAILED_REPLY;
 diff --git a/include/linux/security.h b/include/linux/security.h
-index e674a6cdab46..de70742c30d6 100644
+index 886128899d5f..4070cef152f7 100644
 --- a/include/linux/security.h
 +++ b/include/linux/security.h
-@@ -501,8 +501,8 @@ int security_task_fix_setgid(struct cred *new, const struct cred *old,
+@@ -500,8 +500,8 @@ int security_task_fix_setgid(struct cred *new, const struct cred *old,
  int security_task_setpgid(struct task_struct *p, pid_t pgid);
  int security_task_getpgid(struct task_struct *p);
  int security_task_getsid(struct task_struct *p);
@@ -70,7 +70,7 @@
  int security_task_setnice(struct task_struct *p, int nice);
  int security_task_setioprio(struct task_struct *p, int ioprio);
  int security_task_getioprio(struct task_struct *p);
-@@ -1198,14 +1198,16 @@ static inline int security_task_getsid(struct task_struct *p)
+@@ -1197,14 +1197,16 @@ static inline int security_task_getsid(struct task_struct *p)
  	return 0;
  }
  
@@ -237,10 +237,10 @@
  	axp->pid_count++;
  
 diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
-index 51cb4fce5edf..15b53fc4e83f 100644
+index 5cbbc469ac7c..098d0a1a3330 100644
 --- a/net/netlabel/netlabel_unlabeled.c
 +++ b/net/netlabel/netlabel_unlabeled.c
-@@ -1562,11 +1562,14 @@ int __init netlbl_unlabel_defconf(void)
+@@ -1564,11 +1564,14 @@ int __init netlbl_unlabel_defconf(void)
  	int ret_val;
  	struct netlbl_dom_map *entry;
  	struct netlbl_audit audit_info;
@@ -274,10 +274,10 @@
  	audit_info->sessionid = audit_get_sessionid(current);
  }
 diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
-index dbba51583e7c..2fedda131a39 100644
+index ef9dcfce45d4..e3d903d6e5e7 100644
 --- a/security/integrity/ima/ima_appraise.c
 +++ b/security/integrity/ima/ima_appraise.c
-@@ -71,15 +71,17 @@ bool is_ima_appraise_enabled(void)
+@@ -71,14 +71,16 @@ bool is_ima_appraise_enabled(void)
  int ima_must_appraise(struct user_namespace *mnt_userns, struct inode *inode,
  		      int mask, enum ima_hooks func)
  {
@@ -288,23 +288,21 @@
  		return 0;
  
 -	security_task_getsecid_subj(current, &secid);
--	return ima_match_policy(mnt_userns, inode, current_cred(), secid,
--				func, mask, IMA_APPRAISE | IMA_HASH, NULL,
--				NULL, NULL, NULL);
+-	return ima_match_policy(mnt_userns, inode, current_cred(), secid, func,
+-				mask, IMA_APPRAISE | IMA_HASH, NULL, NULL, NULL);
 +	security_task_getsecid_subj(current, &blob);
 +	/* scaffolding the .secid[0] */
 +	return ima_match_policy(mnt_userns, inode, current_cred(),
 +				blob.secid[0], func, mask,
-+				IMA_APPRAISE | IMA_HASH, NULL, NULL, NULL,
-+				NULL);
++				IMA_APPRAISE | IMA_HASH, NULL, NULL, NULL);
  }
  
  static int ima_fix_xattr(struct dentry *dentry,
 diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
-index 465865412100..c327f93d3962 100644
+index 287b90509006..29befd24b945 100644
 --- a/security/integrity/ima/ima_main.c
 +++ b/security/integrity/ima/ima_main.c
-@@ -405,12 +405,13 @@ static int process_measurement(struct file *file, const struct cred *cred,
+@@ -388,12 +388,13 @@ static int process_measurement(struct file *file, const struct cred *cred,
   */
  int ima_file_mmap(struct file *file, unsigned long prot)
  {
@@ -322,7 +320,7 @@
  	}
  
  	return 0;
-@@ -436,9 +437,9 @@ int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
+@@ -419,9 +420,9 @@ int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
  	char *pathbuf = NULL;
  	const char *pathname = NULL;
  	struct inode *inode;
@@ -333,22 +331,23 @@
  	int pcr;
  
  	/* Is mprotect making an mmap'ed file executable? */
-@@ -446,11 +447,11 @@ int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
+@@ -429,11 +430,12 @@ int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
  	    !(prot & PROT_EXEC) || (vma->vm_flags & VM_EXEC))
  		return 0;
  
 -	security_task_getsecid_subj(current, &secid);
 +	security_task_getsecid_subj(current, &blob);
  	inode = file_inode(vma->vm_file);
++	/* scaffolding */
  	action = ima_get_action(file_mnt_user_ns(vma->vm_file), inode,
 -				current_cred(), secid, MAY_EXEC, MMAP_CHECK,
--				&pcr, &template, NULL, NULL);
+-				&pcr, &template, NULL);
 +				current_cred(), blob.secid[0], MAY_EXEC,
-+				MMAP_CHECK, &pcr, &template, NULL, NULL);
++				MMAP_CHECK, &pcr, &template, NULL);
  
  	/* Is the mmap'ed file in policy? */
  	if (!(action & (IMA_MEASURE | IMA_APPRAISE_SUBMASK)))
-@@ -486,10 +487,12 @@ int ima_bprm_check(struct linux_binprm *bprm)
+@@ -469,10 +471,12 @@ int ima_bprm_check(struct linux_binprm *bprm)
  {
  	int ret;
  	u32 secid;
@@ -364,7 +363,7 @@
  	if (ret)
  		return ret;
  
-@@ -510,10 +513,11 @@ int ima_bprm_check(struct linux_binprm *bprm)
+@@ -493,10 +497,11 @@ int ima_bprm_check(struct linux_binprm *bprm)
   */
  int ima_file_check(struct file *file, int mask)
  {
@@ -379,7 +378,7 @@
  				   mask & (MAY_READ | MAY_WRITE | MAY_EXEC |
  					   MAY_APPEND), FILE_CHECK);
  }
-@@ -689,7 +693,7 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id,
+@@ -672,7 +677,7 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id,
  		  bool contents)
  {
  	enum ima_hooks func;
@@ -388,7 +387,7 @@
  
  	/*
  	 * Do devices using pre-allocated memory run the risk of the
-@@ -709,8 +713,9 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id,
+@@ -692,8 +697,9 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id,
  
  	/* Read entire file for all partial reads. */
  	func = read_idmap[read_id] ?: FILE_CHECK;
@@ -400,7 +399,7 @@
  				   0, MAY_READ, func);
  }
  
-@@ -739,7 +744,7 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size,
+@@ -722,7 +728,7 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size,
  		       enum kernel_read_file_id read_id)
  {
  	enum ima_hooks func;
@@ -409,7 +408,7 @@
  
  	/* permit signed certs */
  	if (!file && read_id == READING_X509_CERTIFICATE)
-@@ -752,9 +757,10 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size,
+@@ -735,9 +741,10 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size,
  	}
  
  	func = read_idmap[read_id] ?: FILE_CHECK;
@@ -423,16 +422,16 @@
  }
  
  /**
-@@ -882,7 +888,7 @@ int process_buffer_measurement(struct user_namespace *mnt_userns,
+@@ -859,7 +866,7 @@ void process_buffer_measurement(struct user_namespace *mnt_userns,
  	int digest_hash_len = hash_digest_size[ima_hash_algo];
  	int violation = 0;
  	int action = 0;
 -	u32 secid;
 +	struct lsmblob blob;
  
- 	if (digest && digest_len < digest_hash_len)
- 		return -EINVAL;
-@@ -905,9 +911,10 @@ int process_buffer_measurement(struct user_namespace *mnt_userns,
+ 	if (!ima_policy_flag)
+ 		return;
+@@ -879,9 +886,10 @@ void process_buffer_measurement(struct user_namespace *mnt_userns,
  	 * buffer measurements.
  	 */
  	if (func) {
@@ -442,14 +441,14 @@
  		action = ima_get_action(mnt_userns, inode, current_cred(),
 -					secid, 0, func, &pcr, &template,
 +					blob.secid[0], 0, func, &pcr, &template,
- 					func_data, NULL);
- 		if (!(action & IMA_MEASURE) && !digest)
- 			return -ENOENT;
+ 					func_data);
+ 		if (!(action & IMA_MEASURE))
+ 			return;
 diff --git a/security/security.c b/security/security.c
-index f6760b25fed0..74a7fb981904 100644
+index c38816ef9778..458fded340ab 100644
 --- a/security/security.c
 +++ b/security/security.c
-@@ -1905,17 +1905,30 @@ int security_task_getsid(struct task_struct *p)
+@@ -1904,17 +1904,30 @@ int security_task_getsid(struct task_struct *p)
  	return call_int_hook(task_getsid, 0, p);
  }
`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help