| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 08 Jul 2015 13:00:58 +0200
From: Lukasz Pawelczyk <l.pawelczyk@...sung.com>
To: Paul Osmialowski <p.osmialowsk@...sung.com>,
Paul Moore <pmoore@...hat.com>,
James Morris <james.l.morris@...cle.com>,
Casey Schaufler <casey@...aufler-ca.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Kees Cook <keescook@...omium.org>,
Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
Stephen Smalley <sds@...ho.nsa.gov>,
Neil Brown <neilb@...e.de>,
Mark Rustad <mark.d.rustad@...el.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Daniel Mack <daniel@...que.org>,
David Herrmann <dh.herrmann@...glemail.com>,
Djalal Harouni <tixxdz@...ndz.org>,
Shuah Khan <shuahkh@....samsung.com>,
Al Viro <viro@...iv.linux.org.uk>,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-api@...r.kernel.org
Cc: Karol Lewandowski <k.lewandowsk@...sung.com>,
Lukasz Skalski <l.skalski@...sung.com>
Subject: Re: [RFC 3/8] lsm: kdbus security hooks
On śro, 2015-07-08 at 12:25 +0200, Paul Osmialowski wrote:
> This is combination of the work by Karol Lewandowski and Paul Moore
> on LSM hooks for kdbus.
>
> Originates from:
>
> git://git.infradead.org/users/pcmoore/selinux (branch: working-kdbus)
> commit: 7050f206a79564886938d0edc4e1e9da5972c72d
>
> https://github.com/lmctl/linux.git (branch: kdbus-lsm-v4.for-systemd
> -v212)
> commit: a9fe4c33b6e5ab25a243e0590df406aabb6add12
>
> Signed-off-by: Karol Lewandowski <k.lewandowsk@...sung.com>
> Signed-off-by: Paul Moore <pmoore@...hat.com>
> Signed-off-by: Paul Osmialowski <p.osmialowsk@...sung.com>
> ---
> include/linux/lsm_hooks.h | 67 ++++++++++++++++++++++++++
> include/linux/security.h | 99
> +++++++++++++++++++++++++++++++++++++++
> security/security.c | 117
> ++++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 283 insertions(+)
>
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 9429f05..2a8d8fc 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1297,6 +1297,36 @@
> * @inode we wish to get the security context of.
> * @ctx is a pointer in which to place the allocated security
> context.
> * @ctxlen points to the place to put the length of @ctx.
> + *
> + * @kdbus_domain_alloc:
> + * Allocate kdbus domain.
> + * @kdbus_domain_free:
> + * Deallocate kdbus domain.
> + * @kdbus_bus_alloc:
> + * Allocate kdbus bus.
> + * @kdbus_bus_free:
> + * Deallocate kdbus bus.
> + * @kdbus_send:
> + * Send message.
> + * @kdbus_recv:
> + * Receive message.
> + * @kdbus_name_acquire:
> + * Request a well-known bus name to associate with the
> connection.
> + * @kdbus_name_list:
> + * Retrieve the list of all currently registered well-known and
> unique
> + * names.
> + * @kdbus_ep_create:
> + * Endpoint create
> + * @kdbus_connect:
> + * Connect
> + * @kdbus_conn_free:
> + * Deallocate connection
> + * @kdbus_conn_info:
> + * Retrieve credentials and properties of the initial creator
> of the
> + * connection.
> + * @kdbus_talk:
> + * Talk to a given peer.
> + *
> * This is the main security structure.
> */
>
> @@ -1520,6 +1550,29 @@ union security_list_options {
> int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32
> ctxlen);
> int (*inode_getsecctx)(struct inode *inode, void **ctx, u32
> *ctxlen);
>
> + int (*kdbus_domain_alloc)(struct kdbus_domain *domain);
> + void (*kdbus_domain_free)(struct kdbus_domain *domain);
Shouldn't all of this be inside some #ifdef CONFIG_KDBUS (or whatever
the CONFIG for kdbus is)?
> +
> + int (*kdbus_bus_alloc)(struct kdbus_bus *bus);
> + void (*kdbus_bus_free)(struct kdbus_bus *bus);
> + int (*kdbus_send)(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus);
> + int (*kdbus_recv)(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus);
> + int (*kdbus_name_acquire)(const struct kdbus_conn *conn,
> + const char *name);
> + int (*kdbus_name_list)(const struct kdbus_bus *bus);
> +
> + int (*kdbus_ep_create)(const struct kdbus_bus *bus);
> + int (*kdbus_ep_setpolicy)(const struct kdbus_bus *bus);
> +
> + int (*kdbus_connect)(struct kdbus_conn *conn,
> + const char *secctx, u32 seclen);
> + void (*kdbus_conn_free)(struct kdbus_conn *conn);
> + int (*kdbus_conn_info)(const struct kdbus_conn *conn);
> + int (*kdbus_talk)(const struct kdbus_conn *src,
> + const struct kdbus_conn *dst);
> +
> #ifdef CONFIG_SECURITY_NETWORK
> int (*unix_stream_connect)(struct sock *sock, struct sock
> *other,
> struct sock *newsk);
> @@ -1760,6 +1813,20 @@ struct security_hook_heads {
> struct list_head inode_notifysecctx;
> struct list_head inode_setsecctx;
> struct list_head inode_getsecctx;
> + struct list_head kdbus_domain_alloc;
> + struct list_head kdbus_domain_free;
> + struct list_head kdbus_bus_alloc;
> + struct list_head kdbus_bus_free;
> + struct list_head kdbus_send;
> + struct list_head kdbus_recv;
> + struct list_head kdbus_name_acquire;
> + struct list_head kdbus_name_list;
> + struct list_head kdbus_ep_create;
> + struct list_head kdbus_ep_setpolicy;
> + struct list_head kdbus_connect;
> + struct list_head kdbus_conn_free;
> + struct list_head kdbus_conn_info;
> + struct list_head kdbus_talk;
> #ifdef CONFIG_SECURITY_NETWORK
> struct list_head unix_stream_connect;
> struct list_head unix_may_send;
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 79d85dd..5f257b9 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -53,6 +53,10 @@ struct msg_queue;
> struct xattr;
> struct xfrm_sec_ctx;
> struct mm_struct;
> +struct kdbus_ep;
> +struct kdbus_bus;
> +struct kdbus_conn;
> +struct kdbus_domain;
>
> /* If capable should audit the security request */
> #define SECURITY_CAP_NOAUDIT 0
> @@ -356,6 +360,28 @@ void security_release_secctx(char *secdata, u32
> seclen);
> int security_inode_notifysecctx(struct inode *inode, void *ctx, u32
> ctxlen);
> int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32
> ctxlen);
> int security_inode_getsecctx(struct inode *inode, void **ctx, u32
> *ctxlen);
> +
> +int security_kdbus_domain_alloc(struct kdbus_domain *domain);
> +void security_kdbus_domain_free(struct kdbus_domain *domain);
> +
> +int security_kdbus_bus_alloc(struct kdbus_bus *bus);
> +void security_kdbus_bus_free(struct kdbus_bus *bus);
> +int security_kdbus_send(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus);
> +int security_kdbus_recv(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus);
> +int security_kdbus_name_acquire(const struct kdbus_conn *conn,
> + const char *name);
> +int security_kdbus_name_list(const struct kdbus_bus *bus);
> +int security_kdbus_ep_create(struct kdbus_bus *bus);
> +int security_kdbus_ep_setpolicy(struct kdbus_bus *bus);
> +int security_kdbus_connect(struct kdbus_conn *conn,
> + const char *secctx, u32 seclen);
> +void security_kdbus_conn_free(struct kdbus_conn *conn);
> +int security_kdbus_conn_info(const struct kdbus_conn *conn);
> +int security_kdbus_talk(const struct kdbus_conn *src,
> + const struct kdbus_conn *dst);
> +
> #else /* CONFIG_SECURITY */
> struct security_mnt_opts {
> };
> @@ -1105,6 +1131,79 @@ static inline int
> security_inode_getsecctx(struct inode *inode, void **ctx, u32
> {
> return -EOPNOTSUPP;
> }
> +
> +static inline int security_kdbus_domain_alloc(struct kdbus_domain
> *domain)
> +{
> + return 0;
> +}
> +
> +static inline void security_kdbus_domain_free(struct kdbus_domain
> *domain)
> +{
> +}
> +
> +static inline int security_kdbus_bus_alloc(struct kdbus_bus *bus)
> +{
> + return 0;
> +}
> +
> +static inline void security_kdbus_bus_free(struct kdbus_bus *bus)
> +{
> +}
> +
> +static inline int security_kdbus_send(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_recv(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_name_acquire(const struct
> kdbus_conn *conn,
> + const char *name)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_name_list(const struct kdbus_bus
> *bus)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_ep_create(const struct kdbus_bus
> *bus)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_ep_setpolicy(const struct kdbus_bus
> *bus)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_connect(struct kdbus_conn *conn,
> + const char *secctx, u32
> seclen)
> +{
> + return 0;
> +}
> +
> +static inline void security_kdbus_conn_free(struct kdbus_conn *conn)
> +{
> +}
> +
> +static inline int security_kdbus_conn_info(const struct kdbus_conn
> *conn)
> +{
> + return 0;
> +}
> +
> +static inline int security_kdbus_talk(const struct kdbus_conn *src,
> + const struct kdbus_conn *dst)
> +{
> + return 0;
> +}
> +
> #endif /* CONFIG_SECURITY */
>
> #ifdef CONFIG_SECURITY_NETWORK
> diff --git a/security/security.c b/security/security.c
> index b1e935b..7fb46d1 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -1185,6 +1185,95 @@ int security_inode_getsecctx(struct inode
> *inode, void **ctx, u32 *ctxlen)
> }
> EXPORT_SYMBOL(security_inode_getsecctx);
>
> +int security_kdbus_domain_alloc(struct kdbus_domain *domain)
> +{
> + return call_int_hook(kdbus_domain_alloc, 0, domain);
> +}
> +EXPORT_SYMBOL(security_kdbus_domain_alloc);
> +
> +void security_kdbus_domain_free(struct kdbus_domain *domain)
> +{
> + call_void_hook(kdbus_domain_free, domain);
> +}
> +EXPORT_SYMBOL(security_kdbus_domain_free);
> +
> +int security_kdbus_bus_alloc(struct kdbus_bus *bus)
> +{
> + return call_int_hook(kdbus_bus_alloc, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_bus_alloc);
> +
> +void security_kdbus_bus_free(struct kdbus_bus *bus)
> +{
> + call_void_hook(kdbus_bus_free, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_bus_free);
> +
> +int security_kdbus_send(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus)
> +{
> + return call_int_hook(kdbus_send, 0, conn, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_send);
> +
> +int security_kdbus_recv(const struct kdbus_conn *conn,
> + const struct kdbus_bus *bus)
> +{
> + return call_int_hook(kdbus_recv, 0, conn, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_recv);
> +
> +int security_kdbus_name_acquire(const struct kdbus_conn *conn,
> + const char *name)
> +{
> + return call_int_hook(kdbus_name_acquire, 0, conn, name);
> +}
> +EXPORT_SYMBOL(security_kdbus_name_acquire);
> +
> +int security_kdbus_name_list(const struct kdbus_bus *bus)
> +{
> + return call_int_hook(kdbus_name_list, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_name_list);
> +
> +int security_kdbus_ep_create(struct kdbus_bus *bus)
> +{
> + return call_int_hook(kdbus_ep_create, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_ep_create);
> +
> +int security_kdbus_ep_setpolicy(struct kdbus_bus *bus)
> +{
> + return call_int_hook(kdbus_ep_setpolicy, 0, bus);
> +}
> +EXPORT_SYMBOL(security_kdbus_ep_setpolicy);
> +
> +int security_kdbus_connect(struct kdbus_conn *conn,
> + const char *secctx, u32 seclen)
> +{
> + return call_int_hook(kdbus_connect, 0, conn, secctx,
> seclen);
> +}
> +EXPORT_SYMBOL(security_kdbus_connect);
> +
> +void security_kdbus_conn_free(struct kdbus_conn *conn)
> +{
> + call_void_hook(kdbus_conn_free, conn);
> +}
> +EXPORT_SYMBOL(security_kdbus_conn_free);
> +
> +int security_kdbus_conn_info(const struct kdbus_conn *conn)
> +{
> + return call_int_hook(kdbus_conn_info, 0, conn);
> +}
> +EXPORT_SYMBOL(security_kdbus_conn_info);
> +
> +int security_kdbus_talk(const struct kdbus_conn *src,
> + const struct kdbus_conn *dst)
> +{
> + return call_int_hook(kdbus_talk, 0, src, dst);
> +}
> +EXPORT_SYMBOL(security_kdbus_talk);
> +
> #ifdef CONFIG_SECURITY_NETWORK
>
> int security_unix_stream_connect(struct sock *sock, struct sock
> *other, struct sock *newsk)
> @@ -1774,6 +1863,34 @@ struct security_hook_heads security_hook_heads
> = {
> LIST_HEAD_INIT(security_hook_heads.inode_setsecctx),
> .inode_getsecctx =
> LIST_HEAD_INIT(security_hook_heads.inode_getsecctx),
> + .kdbus_domain_alloc =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_domain_allo
> c),
> + .kdbus_domain_free =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_domain_free
> ),
> + .kdbus_bus_alloc =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_bus_alloc),
> + .kdbus_bus_free =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_bus_free),
> + .kdbus_send =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_send),
> + .kdbus_recv =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_recv),
> + .kdbus_name_acquire =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_name_acquir
> e),
> + .kdbus_name_list =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_name_list),
> + .kdbus_ep_create =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_ep_create),
> + .kdbus_ep_setpolicy =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_ep_setpolic
> y),
> + .kdbus_connect =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_connect),
> + .kdbus_conn_free =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_conn_free),
> + .kdbus_conn_info =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_conn_info),
> + .kdbus_talk =
> + LIST_HEAD_INIT(security_hook_heads.kdbus_talk),
> #ifdef CONFIG_SECURITY_NETWORK
> .unix_stream_connect =
> LIST_HEAD_INIT(security_hook_heads.unix_stream_conne
> ct),
--
Lukasz Pawelczyk
Samsung R&D Institute Poland
Samsung Electronics
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists