| Message ID | 20231107134012.682009-6-roberto.sassu@huaweicloud.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:aa0b:0:b0:403:3b70:6f57 with SMTP id k11csp241022vqo;
Tue, 7 Nov 2023 05:43:07 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IH39sOwZCPVCT9OF7imcY9Zj8YdJsAyPqgACvgsKfVculHw3NThTkGP0pZ2JmwCLr5SwXU/
X-Received: by 2002:a05:6870:6c17:b0:1ef:8517:ef6b with SMTP id
na23-20020a0568706c1700b001ef8517ef6bmr3076130oab.43.1699364587151;
Tue, 07 Nov 2023 05:43:07 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1699364587; cv=none;
d=google.com; s=arc-20160816;
b=u04JOTkK2lgoNKVaRKoJ7tGczmtydFMpR3n0r3cNfhLzof5Wvo8Ywe61Uo/AUEMknA
M2wT+1wZsP8He4k0AqQH1ztopug5YeeYhFgDk6HORW0Ocxc+MlX2KnfZz7zu1mamn+NK
LJxMWP1WOaOtH4yaVPCg880V3T7mUgaHJJR3FOrS7EcruFkr6JWzRr2iu/CyfkLmgD5U
nzDTE0hj4YEN7cuyLqgspW5074mCYsURScYZNbMCyNKI7EK3ZROPII5WA6tihLLoCa/5
BfaKuqLnSDEfGnyAKSvnPrAumNnSzPSwS9rhCzVK446mjA8iKILo0Jc1RWGcjD45TufZ
sOWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from;
bh=QxplhpffaFaULdubT3V63+euJyG4h5yR9+RW/y+5Plo=;
fh=0rZLbnWdi2+NGBdOm6VruOyaOm+3xLh8SfjCEj+mrTI=;
b=BWONt3NBeLj0QnsiKZNZES08P9Y5HPEw7JCPccYHToqhC0NOr8UB6U8T55iknQA7eQ
gBgpr5q9UN7vjTNybz7M6UwjfgrVZNz5p+ou2Be0W19fNIMKU4KSHOIPgk5TYnMqo7Cq
NFobSz5Hv+7pj/Gh7+xCqQPC7JmUh1u5j9/V4YPZq/pyn6500+zoFSyhJ5qaqIBZ5hEw
fHe3wB1AY3d2U2c3Dg5nW9Uog207mqdOldohTBlCzcq0r/3dppDuM8GnCAiex2y3JFc3
GEhodkB5MXOYl1YExQWCLGKmJtpYVHyrenprBYiBW9LOGEwq1odYrNjpdQi/9iO6IUzc
32pg==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.33 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33])
by mx.google.com with ESMTPS id
g8-20020a656cc8000000b005a0018ec786si1755805pgw.854.2023.11.07.05.43.06
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 07 Nov 2023 05:43:07 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.33 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by lipwig.vger.email (Postfix) with ESMTP id D218C801BF74;
Tue, 7 Nov 2023 05:43:04 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S234524AbjKGNmo (ORCPT <rfc822;lhua1029@gmail.com> + 32 others);
Tue, 7 Nov 2023 08:42:44 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44250 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S234279AbjKGNmm (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 7 Nov 2023 08:42:42 -0500
Received: from frasgout11.his.huawei.com (frasgout11.his.huawei.com
[14.137.139.23])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B8B5511D;
Tue, 7 Nov 2023 05:42:38 -0800 (PST)
Received: from mail02.huawei.com (unknown [172.18.147.228])
by frasgout11.his.huawei.com (SkyGuard) with ESMTP id
4SPpwC1d8vz9y50D;
Tue, 7 Nov 2023 21:29:15 +0800 (CST)
Received: from huaweicloud.com (unknown [10.204.63.22])
by APP2 (Coremail) with SMTP id GxC2BwDHdmBmPkplW202AA--.56782S7;
Tue, 07 Nov 2023 14:42:10 +0100 (CET)
From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: viro@zeniv.linux.org.uk, brauner@kernel.org,
chuck.lever@oracle.com, jlayton@kernel.org, neilb@suse.de,
kolga@netapp.com, Dai.Ngo@oracle.com, tom@talpey.com,
paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
zohar@linux.ibm.com, dmitry.kasatkin@gmail.com,
dhowells@redhat.com, jarkko@kernel.org,
stephen.smalley.work@gmail.com, eparis@parisplace.org,
casey@schaufler-ca.com, mic@digikod.net
Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-integrity@vger.kernel.org, keyrings@vger.kernel.org,
selinux@vger.kernel.org, Roberto Sassu <roberto.sassu@huawei.com>,
Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH v5 05/23] ima: Align ima_post_read_file() definition with LSM
infrastructure
Date: Tue, 7 Nov 2023 14:39:54 +0100
Message-Id: <20231107134012.682009-6-roberto.sassu@huaweicloud.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20231107134012.682009-1-roberto.sassu@huaweicloud.com>
References: <20231107134012.682009-1-roberto.sassu@huaweicloud.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-CM-TRANSID: GxC2BwDHdmBmPkplW202AA--.56782S7
X-Coremail-Antispam: 1UD129KBjvJXoW7Cw4ftr1DJFyxAF43trWkZwb_yoW8uF1rp3
Z8Ka4UGrZYgry8CF97Ja9xA34rWr9FgF4UWFZ3W3sIqF17Xr1qvrZxCF1q9r1rKrWkArn0
93yqgrZIk3WUtrJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
9KBjDU0xBIdaVrnRJUUUBvb4IE77IF4wAFF20E14v26rWj6s0DM7CY07I20VC2zVCF04k2
6cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28IrcIa0xkI8VA2jI8067AKxVWUAV
Cq3wA2048vs2IY020Ec7CjxVAFwI0_Xr0E3s1l8cAvFVAK0II2c7xJM28CjxkF64kEwVA0
rcxSw2x7M28EF7xvwVC0I7IYx2IY67AKxVWUCVW8JwA2z4x0Y4vE2Ix0cI8IcVCY1x0267
AKxVW8Jr0_Cr1UM28EF7xvwVC2z280aVAFwI0_Gr0_Cr1l84ACjcxK6I8E87Iv6xkF7I0E
14v26r4UJVWxJr1le2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrV
C2j2WlYx0E2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE
7xkEbVWUJVW8JwACjcxG0xvY0x0EwIxGrwACI402YVCY1x02628vn2kIc2xKxwCF04k20x
vY0x0EwIxGrwCFx2IqxVCFs4IE7xkEbVWUJVW8JwC20s026c02F40E14v26r1j6r18MI8I
3I0E7480Y4vE14v26r106r1rMI8E67AF67kF1VAFwI0_GFv_WrylIxkGc2Ij64vIr41lIx
AIcVC0I7IYx2IY67AKxVWUCVW8JwCI42IY6xIIjxv20xvEc7CjxVAFwI0_Gr1j6F4UJwCI
42IY6xAIw20EY4v20xvaj40_Jr0_JF4lIxAIcVC2z280aVAFwI0_Jr0_Gr1lIxAIcVC2z2
80aVCY1x0267AKxVW8Jr0_Cr1UYxBIdaVFxhVjvjDU0xZFpf9x07UZo7tUUUUU=
X-CM-SenderInfo: purev21wro2thvvxqx5xdzvxpfor3voofrz/1tbiAgAOBF1jj5IbbQAAsd
X-CFilter-Loop: Reflected
X-Spam-Status: No,
score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]);
Tue, 07 Nov 2023 05:43:04 -0800 (PST)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1781912921378928613
X-GMAIL-MSGID: 1781912921378928613
|
| Series |
security: Move IMA and EVM to the LSM infrastructure
|
|
Commit Message
Roberto Sassu
Nov. 7, 2023, 1:39 p.m. UTC
From: Roberto Sassu <roberto.sassu@huawei.com> Change ima_post_read_file() definition, by making "void *buf" a "char *buf", so that it can be registered as implementation of the post_read_file hook. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> --- include/linux/ima.h | 4 ++-- security/integrity/ima/ima_main.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)
Comments
On 11/7/2023 5:39 AM, Roberto Sassu wrote: > From: Roberto Sassu <roberto.sassu@huawei.com> > > Change ima_post_read_file() definition, by making "void *buf" a > "char *buf", so that it can be registered as implementation of the > post_read_file hook. > > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> > Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > --- > include/linux/ima.h | 4 ++-- > security/integrity/ima/ima_main.c | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/include/linux/ima.h b/include/linux/ima.h > index 678a03fddd7e..31ef6c3c3207 100644 > --- a/include/linux/ima.h > +++ b/include/linux/ima.h > @@ -30,7 +30,7 @@ extern int ima_post_load_data(char *buf, loff_t size, > enum kernel_load_data_id id, char *description); > extern int ima_read_file(struct file *file, enum kernel_read_file_id id, > bool contents); > -extern int ima_post_read_file(struct file *file, void *buf, loff_t size, > +extern int ima_post_read_file(struct file *file, char *buf, loff_t size, > enum kernel_read_file_id id); > extern void ima_post_path_mknod(struct mnt_idmap *idmap, > struct dentry *dentry); > @@ -108,7 +108,7 @@ static inline int ima_read_file(struct file *file, enum kernel_read_file_id id, > return 0; > } > > -static inline int ima_post_read_file(struct file *file, void *buf, loff_t size, > +static inline int ima_post_read_file(struct file *file, char *buf, loff_t size, > enum kernel_read_file_id id) > { > return 0; > diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c > index b3f5e8401056..02021ee467d3 100644 > --- a/security/integrity/ima/ima_main.c > +++ b/security/integrity/ima/ima_main.c > @@ -803,7 +803,7 @@ const int read_idmap[READING_MAX_ID] = { > * On success return 0. On integrity appraisal error, assuming the file > * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. > */ > -int ima_post_read_file(struct file *file, void *buf, loff_t size, > +int ima_post_read_file(struct file *file, char *buf, loff_t size, > enum kernel_read_file_id read_id) > { > enum ima_hooks func;
diff --git a/include/linux/ima.h b/include/linux/ima.h index 678a03fddd7e..31ef6c3c3207 100644 --- a/include/linux/ima.h +++ b/include/linux/ima.h @@ -30,7 +30,7 @@ extern int ima_post_load_data(char *buf, loff_t size, enum kernel_load_data_id id, char *description); extern int ima_read_file(struct file *file, enum kernel_read_file_id id, bool contents); -extern int ima_post_read_file(struct file *file, void *buf, loff_t size, +extern int ima_post_read_file(struct file *file, char *buf, loff_t size, enum kernel_read_file_id id); extern void ima_post_path_mknod(struct mnt_idmap *idmap, struct dentry *dentry); @@ -108,7 +108,7 @@ static inline int ima_read_file(struct file *file, enum kernel_read_file_id id, return 0; } -static inline int ima_post_read_file(struct file *file, void *buf, loff_t size, +static inline int ima_post_read_file(struct file *file, char *buf, loff_t size, enum kernel_read_file_id id) { return 0; diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index b3f5e8401056..02021ee467d3 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -803,7 +803,7 @@ const int read_idmap[READING_MAX_ID] = { * On success return 0. On integrity appraisal error, assuming the file * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. */ -int ima_post_read_file(struct file *file, void *buf, loff_t size, +int ima_post_read_file(struct file *file, char *buf, loff_t size, enum kernel_read_file_id read_id) { enum ima_hooks func;