Change the security_inode_getsecid() interface to fill in a
lsmblob structure instead of a u32 secid. This allows for its
callers to gather data from all registered LSMs. Data is provided
for IMA and audit.

Reviewed-by: Kees Cook <keesc...@chromium.org>
Reviewed-by: John Johansen <john.johan...@canonical.com>
Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
Acked-by: Paul Moore <p...@paul-moore.com>
Signed-off-by: Casey Schaufler <ca...@schaufler-ca.com>
Cc: linux-integr...@vger.kernel.org
Cc: linux-audit@redhat.com
---
 include/linux/security.h            |  7 ++++---
 kernel/auditsc.c                    |  6 +++++-
 security/integrity/ima/ima_policy.c |  4 +---
 security/security.c                 | 11 +++++++++--
 4 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index 9fc245c1f739..e8d73b0220e4 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -441,7 +441,7 @@ int security_inode_killpriv(struct dentry *dentry);
 int security_inode_getsecurity(struct inode *inode, const char *name, void 
**buffer, bool alloc);
 int security_inode_setsecurity(struct inode *inode, const char *name, const 
void *value, size_t size, int flags);
 int security_inode_listsecurity(struct inode *inode, char *buffer, size_t 
buffer_size);
-void security_inode_getsecid(struct inode *inode, u32 *secid);
+void security_inode_getsecid(struct inode *inode, struct lsmblob *blob);
 int security_inode_copy_up(struct dentry *src, struct cred **new);
 int security_inode_copy_up_xattr(const char *name);
 int security_kernfs_init_security(struct kernfs_node *kn_dir,
@@ -968,9 +968,10 @@ static inline int security_inode_listsecurity(struct inode 
*inode, char *buffer,
        return 0;
 }
 
-static inline void security_inode_getsecid(struct inode *inode, u32 *secid)
+static inline void security_inode_getsecid(struct inode *inode,
+                                          struct lsmblob *blob)
 {
-       *secid = 0;
+       lsmblob_init(blob, 0);
 }
 
 static inline int security_inode_copy_up(struct dentry *src, struct cred **new)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 62e2e6de5486..7883b8ac8ea4 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1966,13 +1966,17 @@ static void audit_copy_inode(struct audit_names *name,
                             const struct dentry *dentry,
                             struct inode *inode, unsigned int flags)
 {
+       struct lsmblob blob;
+
        name->ino   = inode->i_ino;
        name->dev   = inode->i_sb->s_dev;
        name->mode  = inode->i_mode;
        name->uid   = inode->i_uid;
        name->gid   = inode->i_gid;
        name->rdev  = inode->i_rdev;
-       security_inode_getsecid(inode, &name->osid);
+       security_inode_getsecid(inode, &blob);
+       /* scaffolding until osid is updated */
+       name->osid = blob.secid[0];
        if (flags & AUDIT_INODE_NOEVAL) {
                name->fcap_ver = -1;
                return;
diff --git a/security/integrity/ima/ima_policy.c 
b/security/integrity/ima/ima_policy.c
index 265184921eef..ab66266fe932 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -575,7 +575,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule, 
struct inode *inode,
                return false;
        for (i = 0; i < MAX_LSM_RULES; i++) {
                int rc = 0;
-               u32 osid;
                struct lsmblob lsmdata;
 
                if (!ima_lsm_isset(rule, i)) {
@@ -588,8 +587,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, 
struct inode *inode,
                case LSM_OBJ_USER:
                case LSM_OBJ_ROLE:
                case LSM_OBJ_TYPE:
-                       security_inode_getsecid(inode, &osid);
-                       lsmblob_init(&lsmdata, osid);
+                       security_inode_getsecid(inode, &lsmdata);
                        rc = ima_filter_rule_match(&lsmdata, rule->lsm[i].type,
                                                   Audit_equal,
                                                   rule->lsm[i].rules);
diff --git a/security/security.c b/security/security.c
index 3f0a3aedad19..9241245a9d4b 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1489,9 +1489,16 @@ int security_inode_listsecurity(struct inode *inode, 
char *buffer, size_t buffer
 }
 EXPORT_SYMBOL(security_inode_listsecurity);
 
-void security_inode_getsecid(struct inode *inode, u32 *secid)
+void security_inode_getsecid(struct inode *inode, struct lsmblob *blob)
 {
-       call_void_hook(inode_getsecid, inode, secid);
+       struct security_hook_list *hp;
+
+       lsmblob_init(blob, 0);
+       hlist_for_each_entry(hp, &security_hook_heads.inode_getsecid, list) {
+               if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot))
+                       continue;
+               hp->hook.inode_getsecid(inode, &blob->secid[hp->lsmid->slot]);
+       }
 }
 
 int security_inode_copy_up(struct dentry *src, struct cred **new)
-- 
2.25.4

--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit

Reply via email to