lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-id: <1436353258.2331.0.camel@samsung.com>
Date:	Wed, 08 Jul 2015 13:00:58 +0200
From:	Lukasz Pawelczyk <l.pawelczyk@...sung.com>
To:	Paul Osmialowski <p.osmialowsk@...sung.com>,
	Paul Moore <pmoore@...hat.com>,
	James Morris <james.l.morris@...cle.com>,
	Casey Schaufler <casey@...aufler-ca.com>,
	"Serge E. Hallyn" <serge@...lyn.com>,
	Kees Cook <keescook@...omium.org>,
	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
	Stephen Smalley <sds@...ho.nsa.gov>,
	Neil Brown <neilb@...e.de>,
	Mark Rustad <mark.d.rustad@...el.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Daniel Mack <daniel@...que.org>,
	David Herrmann <dh.herrmann@...glemail.com>,
	Djalal Harouni <tixxdz@...ndz.org>,
	Shuah Khan <shuahkh@....samsung.com>,
	Al Viro <viro@...iv.linux.org.uk>,
	linux-security-module@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-api@...r.kernel.org
Cc:	Karol Lewandowski <k.lewandowsk@...sung.com>,
	Lukasz Skalski <l.skalski@...sung.com>
Subject: Re: [RFC 3/8] lsm: kdbus security hooks

On śro, 2015-07-08 at 12:25 +0200, Paul Osmialowski wrote:
> This is combination of the work by Karol Lewandowski and Paul Moore
> on LSM hooks for kdbus.
> 
> Originates from:
> 
> git://git.infradead.org/users/pcmoore/selinux (branch: working-kdbus)
> commit: 7050f206a79564886938d0edc4e1e9da5972c72d
> 
> https://github.com/lmctl/linux.git (branch: kdbus-lsm-v4.for-systemd
> -v212)
> commit: a9fe4c33b6e5ab25a243e0590df406aabb6add12
> 
> Signed-off-by: Karol Lewandowski <k.lewandowsk@...sung.com>
> Signed-off-by: Paul Moore <pmoore@...hat.com>
> Signed-off-by: Paul Osmialowski <p.osmialowsk@...sung.com>
> ---
>  include/linux/lsm_hooks.h |  67 ++++++++++++++++++++++++++
>  include/linux/security.h  |  99 
> +++++++++++++++++++++++++++++++++++++++
>  security/security.c       | 117 
> ++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 283 insertions(+)
> 
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 9429f05..2a8d8fc 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1297,6 +1297,36 @@
>   *	@inode we wish to get the security context of.
>   *	@ctx is a pointer in which to place the allocated security 
> context.
>   *	@ctxlen points to the place to put the length of @ctx.
> + *
> + * @kdbus_domain_alloc:
> + *	Allocate kdbus domain.
> + * @kdbus_domain_free:
> + *	Deallocate kdbus domain.
> + * @kdbus_bus_alloc:
> + *	Allocate kdbus bus.
> + * @kdbus_bus_free:
> + *	Deallocate kdbus bus.
> + * @kdbus_send:
> + *	Send message.
> + * @kdbus_recv:
> + *	Receive message.
> + * @kdbus_name_acquire:
> + *	Request a well-known bus name to associate with the 
> connection.
> + * @kdbus_name_list:
> + *	Retrieve the list of all currently registered well-known and 
> unique
> + *	names.
> + * @kdbus_ep_create:
> + *	Endpoint create
> + * @kdbus_connect:
> + *	Connect
> + * @kdbus_conn_free:
> + *	Deallocate connection
> + * @kdbus_conn_info:
> + *	Retrieve credentials and properties of the initial creator 
> of the
> + *	connection.
> + * @kdbus_talk:
> + *	Talk to a given peer.
> + *
>   * This is the main security structure.
>   */
>  
> @@ -1520,6 +1550,29 @@ union security_list_options {
>  	int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 
> ctxlen);
>  	int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 
> *ctxlen);
>  
> +	int (*kdbus_domain_alloc)(struct kdbus_domain *domain);
> +	void (*kdbus_domain_free)(struct kdbus_domain *domain);

Shouldn't all of this be inside some #ifdef CONFIG_KDBUS (or whatever
the CONFIG for kdbus is)?

> +
> +	int (*kdbus_bus_alloc)(struct kdbus_bus *bus);
> +	void (*kdbus_bus_free)(struct kdbus_bus *bus);
> +	int (*kdbus_send)(const struct kdbus_conn *conn,
> +			  const struct kdbus_bus *bus);
> +	int (*kdbus_recv)(const struct kdbus_conn *conn,
> +			  const struct kdbus_bus *bus);
> +	int (*kdbus_name_acquire)(const struct kdbus_conn *conn,
> +			  const char *name);
> +	int (*kdbus_name_list)(const struct kdbus_bus *bus);
> +
> +	int (*kdbus_ep_create)(const struct kdbus_bus *bus);
> +	int (*kdbus_ep_setpolicy)(const struct kdbus_bus *bus);
> +
> +	int (*kdbus_connect)(struct kdbus_conn *conn,
> +			     const char *secctx, u32 seclen);
> +	void (*kdbus_conn_free)(struct kdbus_conn *conn);
> +	int (*kdbus_conn_info)(const struct kdbus_conn *conn);
> +	int (*kdbus_talk)(const struct kdbus_conn *src,
> +			  const struct kdbus_conn *dst);
> +
>  #ifdef CONFIG_SECURITY_NETWORK
>  	int (*unix_stream_connect)(struct sock *sock, struct sock 
> *other,
>  					struct sock *newsk);
> @@ -1760,6 +1813,20 @@ struct security_hook_heads {
>  	struct list_head inode_notifysecctx;
>  	struct list_head inode_setsecctx;
>  	struct list_head inode_getsecctx;
> +	struct list_head kdbus_domain_alloc;
> +	struct list_head kdbus_domain_free;
> +	struct list_head kdbus_bus_alloc;
> +	struct list_head kdbus_bus_free;
> +	struct list_head kdbus_send;
> +	struct list_head kdbus_recv;
> +	struct list_head kdbus_name_acquire;
> +	struct list_head kdbus_name_list;
> +	struct list_head kdbus_ep_create;
> +	struct list_head kdbus_ep_setpolicy;
> +	struct list_head kdbus_connect;
> +	struct list_head kdbus_conn_free;
> +	struct list_head kdbus_conn_info;
> +	struct list_head kdbus_talk;
>  #ifdef CONFIG_SECURITY_NETWORK
>  	struct list_head unix_stream_connect;
>  	struct list_head unix_may_send;
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 79d85dd..5f257b9 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -53,6 +53,10 @@ struct msg_queue;
>  struct xattr;
>  struct xfrm_sec_ctx;
>  struct mm_struct;
> +struct kdbus_ep;
> +struct kdbus_bus;
> +struct kdbus_conn;
> +struct kdbus_domain;
>  
>  /* If capable should audit the security request */
>  #define SECURITY_CAP_NOAUDIT 0
> @@ -356,6 +360,28 @@ void security_release_secctx(char *secdata, u32 
> seclen);
>  int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 
> ctxlen);
>  int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 
> ctxlen);
>  int security_inode_getsecctx(struct inode *inode, void **ctx, u32 
> *ctxlen);
> +
> +int security_kdbus_domain_alloc(struct kdbus_domain *domain);
> +void security_kdbus_domain_free(struct kdbus_domain *domain);
> +
> +int security_kdbus_bus_alloc(struct kdbus_bus *bus);
> +void security_kdbus_bus_free(struct kdbus_bus *bus);
> +int security_kdbus_send(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus);
> +int security_kdbus_recv(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus);
> +int security_kdbus_name_acquire(const struct kdbus_conn *conn,
> +				const char *name);
> +int security_kdbus_name_list(const struct kdbus_bus *bus);
> +int security_kdbus_ep_create(struct kdbus_bus *bus);
> +int security_kdbus_ep_setpolicy(struct kdbus_bus *bus);
> +int security_kdbus_connect(struct kdbus_conn *conn,
> +			   const char *secctx, u32 seclen);
> +void security_kdbus_conn_free(struct kdbus_conn *conn);
> +int security_kdbus_conn_info(const struct kdbus_conn *conn);
> +int security_kdbus_talk(const struct kdbus_conn *src,
> +			const struct kdbus_conn *dst);
> +
>  #else /* CONFIG_SECURITY */
>  struct security_mnt_opts {
>  };
> @@ -1105,6 +1131,79 @@ static inline int 
> security_inode_getsecctx(struct inode *inode, void **ctx, u32
>  {
>  	return -EOPNOTSUPP;
>  }
> +
> +static inline int security_kdbus_domain_alloc(struct kdbus_domain 
> *domain)
> +{
> +	return 0;
> +}
> +
> +static inline void security_kdbus_domain_free(struct kdbus_domain 
> *domain)
> +{
> +}
> +
> +static inline int security_kdbus_bus_alloc(struct kdbus_bus *bus)
> +{
> +	return 0;
> +}
> +
> +static inline void security_kdbus_bus_free(struct kdbus_bus *bus)
> +{
> +}
> +
> +static inline int security_kdbus_send(const struct kdbus_conn *conn,
> +				      const struct kdbus_bus *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_recv(const struct kdbus_conn *conn,
> +				      const struct kdbus_bus *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_name_acquire(const struct 
> kdbus_conn *conn,
> +					      const char *name)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_name_list(const struct kdbus_bus 
> *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_ep_create(const struct kdbus_bus 
> *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_ep_setpolicy(const struct kdbus_bus 
> *bus)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_connect(struct kdbus_conn *conn,
> +					 const char *secctx, u32 
> seclen)
> +{
> +	return 0;
> +}
> +
> +static inline void security_kdbus_conn_free(struct kdbus_conn *conn)
> +{
> +}
> +
> +static inline int security_kdbus_conn_info(const struct kdbus_conn 
> *conn)
> +{
> +	return 0;
> +}
> +
> +static inline int security_kdbus_talk(const struct kdbus_conn *src,
> +				      const struct kdbus_conn *dst)
> +{
> +	return 0;
> +}
> +
>  #endif	/* CONFIG_SECURITY */
>  
>  #ifdef CONFIG_SECURITY_NETWORK
> diff --git a/security/security.c b/security/security.c
> index b1e935b..7fb46d1 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -1185,6 +1185,95 @@ int security_inode_getsecctx(struct inode 
> *inode, void **ctx, u32 *ctxlen)
>  }
>  EXPORT_SYMBOL(security_inode_getsecctx);
>  
> +int security_kdbus_domain_alloc(struct kdbus_domain *domain)
> +{
> +	return call_int_hook(kdbus_domain_alloc, 0, domain);
> +}
> +EXPORT_SYMBOL(security_kdbus_domain_alloc);
> +
> +void security_kdbus_domain_free(struct kdbus_domain *domain)
> +{
> +	call_void_hook(kdbus_domain_free, domain);
> +}
> +EXPORT_SYMBOL(security_kdbus_domain_free);
> +
> +int security_kdbus_bus_alloc(struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_bus_alloc, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_bus_alloc);
> +
> +void security_kdbus_bus_free(struct kdbus_bus *bus)
> +{
> +	call_void_hook(kdbus_bus_free, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_bus_free);
> +
> +int security_kdbus_send(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_send, 0, conn, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_send);
> +
> +int security_kdbus_recv(const struct kdbus_conn *conn,
> +			const struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_recv, 0, conn, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_recv);
> +
> +int security_kdbus_name_acquire(const struct kdbus_conn *conn,
> +				const char *name)
> +{
> +	return call_int_hook(kdbus_name_acquire, 0, conn, name);
> +}
> +EXPORT_SYMBOL(security_kdbus_name_acquire);
> +
> +int security_kdbus_name_list(const struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_name_list, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_name_list);
> +
> +int security_kdbus_ep_create(struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_ep_create, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_ep_create);
> +
> +int security_kdbus_ep_setpolicy(struct kdbus_bus *bus)
> +{
> +	return call_int_hook(kdbus_ep_setpolicy, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_ep_setpolicy);
> +
> +int security_kdbus_connect(struct kdbus_conn *conn,
> +			   const char *secctx, u32 seclen)
> +{
> +	return call_int_hook(kdbus_connect, 0, conn, secctx, 
> seclen);
> +}
> +EXPORT_SYMBOL(security_kdbus_connect);
> +
> +void security_kdbus_conn_free(struct kdbus_conn *conn)
> +{
> +	call_void_hook(kdbus_conn_free, conn);
> +}
> +EXPORT_SYMBOL(security_kdbus_conn_free);
> +
> +int security_kdbus_conn_info(const struct kdbus_conn *conn)
> +{
> +	return call_int_hook(kdbus_conn_info, 0, conn);
> +}
> +EXPORT_SYMBOL(security_kdbus_conn_info);
> +
> +int security_kdbus_talk(const struct kdbus_conn *src,
> +			const struct kdbus_conn *dst)
> +{
> +	return call_int_hook(kdbus_talk, 0, src, dst);
> +}
> +EXPORT_SYMBOL(security_kdbus_talk);
> +
>  #ifdef CONFIG_SECURITY_NETWORK
>  
>  int security_unix_stream_connect(struct sock *sock, struct sock 
> *other, struct sock *newsk)
> @@ -1774,6 +1863,34 @@ struct security_hook_heads security_hook_heads 
> = {
>  		LIST_HEAD_INIT(security_hook_heads.inode_setsecctx),
>  	.inode_getsecctx =
>  		LIST_HEAD_INIT(security_hook_heads.inode_getsecctx),
> +	.kdbus_domain_alloc =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_domain_allo
> c),
> +	.kdbus_domain_free =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_domain_free
> ),
> +	.kdbus_bus_alloc =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_bus_alloc),
> +	.kdbus_bus_free =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_bus_free),
> +	.kdbus_send =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_send),
> +	.kdbus_recv =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_recv),
> +	.kdbus_name_acquire =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_name_acquir
> e),
> +	.kdbus_name_list =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_name_list),
> +	.kdbus_ep_create =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_ep_create),
> +	.kdbus_ep_setpolicy =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_ep_setpolic
> y),
> +	.kdbus_connect =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_connect),
> +	.kdbus_conn_free =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_conn_free),
> +	.kdbus_conn_info =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_conn_info),
> +	.kdbus_talk =
> +		LIST_HEAD_INIT(security_hook_heads.kdbus_talk),
>  #ifdef CONFIG_SECURITY_NETWORK
>  	.unix_stream_connect =
>  		LIST_HEAD_INIT(security_hook_heads.unix_stream_conne
> ct),
-- 
Lukasz Pawelczyk
Samsung R&D Institute Poland
Samsung Electronics



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ