From patchwork Tue Dec 13 03:05:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 32613 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp2606386wrr; Mon, 12 Dec 2022 19:19:38 -0800 (PST) X-Google-Smtp-Source: AA0mqf4HHWt8nkUvN/DQSWr/amOsATXWpDnnyS8xkoA07vZu9q8NOlio+lc/Z/M2MiK165baHS/w X-Received: by 2002:a17:906:647:b0:7ad:d7f9:38b8 with SMTP id t7-20020a170906064700b007add7f938b8mr15981139ejb.57.1670901578367; Mon, 12 Dec 2022 19:19:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670901578; cv=none; d=google.com; s=arc-20160816; b=dj6yJ4JajiwKZEBan9ByvvjU5o13S7quCyQxUmlsZsgyCf18mXtE9MRMeN637u4bxv zGU5mI3IfSfSi2beWmA7INXOVeo481Hei5JHOyZG/yx4LoiVMmdMzGt8HBCFhBer50Ga NBEDJqnsXZgSy2Vap4M3QvXyLpFNP9BXrcMCBymFiIBcxR5A/gNRyOrG8COT8Dh4skqI NevfxV6UvMUURJ8h7VtQidAtyO4IwPbMBUNK7Q10s5BB9Q2NS87bUHkyetQ4eHkisyzH xUk10IoeinPnJIVYNzkKJQHVxK0rbWMuJdtE5GQvcWO6oZ0K1nUT/qbzemLkav5x9rZ0 8XRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:mime-version :dkim-signature; bh=4sc2qPCALaTdyLsOHLpgYVFt+YsFy8ieVdQHGJ4OT/M=; b=dKuGsUw4rMnjGC3MHPyRTUSwAivev/0gGiD4XEobrkZI1z87CGdFhzodb5hOIzlC54 J+Ri4niCSlls9+n+LRMEmGoykdkM8chrfHsrMnn1GL0TiMUvncwHG7OyfM6dcoEYkJ1o d1F3KRff2W6tNMdUtqbbbQK2dJ1oD/w//5+GpkpbHRz7P8OC9J7ZvFgGivbVN8+lLXcn g/2FUBCLAsd6MUGy4TIKULzdesFaz1Z/EyLP11PYH6vSHDRXJ6h1TwHY+dcmpUYrbeZd hsMykQpXSYhF+eH1O0ZLzLeOGOMh27P6x1Fg66M+B57CP0REc7yeHq/wNdqvtlc8OhYY BvQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=dF5ydFef; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dm2-20020a170907948200b007bf5128a8ecsi6600148ejc.466.2022.12.12.19.19.14; Mon, 12 Dec 2022 19:19:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=dF5ydFef; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234459AbiLMDGe (ORCPT + 99 others); Mon, 12 Dec 2022 22:06:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234430AbiLMDGH (ORCPT ); Mon, 12 Dec 2022 22:06:07 -0500 Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8D19D1E3FE for ; Mon, 12 Dec 2022 19:06:00 -0800 (PST) Received: by mail-pf1-x431.google.com with SMTP id 124so1333695pfy.0 for ; Mon, 12 Dec 2022 19:06:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=4sc2qPCALaTdyLsOHLpgYVFt+YsFy8ieVdQHGJ4OT/M=; b=dF5ydFeffCjIh3e1rDsgjtpr6ZOPhTDFqYM/CGPrPH3oa0LsQ0nfD+Jjad2PYPjwoY hvUCOVSa8ZBx7+V3UmGf/9FfFbskeQJJeSCSGsjHpax+fozIVifJ9/50qIkMn0v9EyYu ysFws4TnvhFK1DjeACImxTPHI2WYXwXMRsxapQxNGJkRXSbzY7q/f91Kgt7sj0+B/Cmy YEN72H/uA2AeBuQNY26NdVvDNluzUYEk3UKAX6Y8sVp47nDZdE6QunMhk6KY+UvcG1FT lQJ1/UgTtDDgL9WYQ80YlY3xzHt5Nu/oPsvE287Mz8enmwh4vneVBhnSH7/k/x0IkuiA oxoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=4sc2qPCALaTdyLsOHLpgYVFt+YsFy8ieVdQHGJ4OT/M=; b=Wgksf4Z2+EtPB57MKDOhEf18sazkqRmj9VZEvI8SMX2QFnysnkQDQUL+sOfsA+KHeN 1T2G15uRYUue5+yijmCVgpdw/5bwOU6fuHh96feo4ZIAw1utiyLND0Pdy+UBZeTzWiee GzyyZ4DaUGztI20JDeBnrc5hAvOq3Hltodb8ytzoc+vKdw/o9SVeNzLsmuzH2eTRSM8D R1oNJCQn+TcPZk2425e7f+gkvInGeMLPBBKX4dofNngqhGo3vQtz61DUpzns50QPniQS cjldvob4h/x0d8AGei2LEcSOdmqL6jmNqbOD1kPfSMjQIR4JIfdMU6pPmmw/xvhRc3zt vg0g== X-Gm-Message-State: ANoB5pma3fy0SLf2V58LQ/yjoR7vtfILdk3ELUVCuKQUcSKPvt3OOXPI A7z8V7xqdCs8zHFWG8KJ5s38ZAOgdq1KPrd+r+67 X-Received: by 2002:a63:4424:0:b0:477:96e2:9065 with SMTP id r36-20020a634424000000b0047796e29065mr69942852pga.533.1670900759958; Mon, 12 Dec 2022 19:05:59 -0800 (PST) MIME-Version: 1.0 From: Paul Moore Date: Mon, 12 Dec 2022 22:05:49 -0500 Message-ID: Subject: [GIT PULL] LSM patches for v6.2 To: Linus Torvalds Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1752067293701123341?= X-GMAIL-MSGID: =?utf-8?q?1752067293701123341?= Hi Linus, Here is the LSM pull request for Linux v6.2, the highlights are below, but I first wanted to mention that like the SELinux pull request there are merge conflicts due to patches that were merged during the v6.1-rcX cycle. You can fix those up yourself or you can pull the tag below which has the fixes and has been sanity tested today; if you need something else from me to sort out the merge conflict, let me know. * tags/lsm-pr-20221212.merge Now for the highlights: * Improve the error handling in the device cgroup such that memory allocation failures when updating the access policy do not potentially alter the policy. * Some minor fixes to reiserfs to ensure that it properly releases LSM-related xattr values. * Update the security_socket_getpeersec_stream() LSM hook to take sockptr_t values. Previously the net/BPF folks updated the getsockopt code in the network stack to leverage the sockptr_t type to make it easier to pass both kernel and __user pointers, but unfortunately when they did so they didn't convert the LSM hook. While there was/is no immediate risk by not converting the LSM hook, it seems like this is a mistake waiting to happen so this patch proactively does the LSM hook conversion. I should mention that Alexei Starovoitov has NACK'd this patch because it touches the network stack (!?) and presumably because he objects to the __user pointer annotations in general. * Convert vfs_getxattr_alloc() to return an int instead of a ssize_t and cleanup the callers. Internally the function was never going to return anything larger than an int and the callers were doing some very odd things casting the return value; this patch fixes all that and helps bring a bit of sanity to vfs_getxattr_alloc() and its callers. * More verbose, and helpful, LSM debug output when the system is booted with "lsm.debug" on the command line. There are examples in the commit description, but the quick summary is that this patch provides better information about which LSMs are enabled and the ordering in which they are processed. * General comment and kernel-doc fixes and cleanups. -Paul --- The following changes since commit 9abf2313adc1ca1b6180c508c25f22f9395cc780: Linux 6.1-rc1 (2022-10-16 15:36:24 -0700) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git tags/lsm-pr-20221212 for you to fetch changes up to 577cc1434e4cc1342c3df6d6a3c85136ab335c81: lsm: Fix description of fs_context_parse_param (2022-12-09 12:22:56 -0500) ---------------------------------------------------------------- lsm/stable-6.2 PR 20221212 ---------------------------------------------------------------- Bo Liu (1): audit: Fix some kernel-doc warnings Gaosheng Cui (1): lsm: remove obsoleted comments for security hooks Kees Cook (1): LSM: Better reporting of actual LSMs at boot Paul Moore (3): fs: edit a comment made in bad taste lsm: make security_socket_getpeersec_stream() sockptr_t safe lsm,fs: fix vfs_getxattr_alloc() return type and caller error paths Roberto Sassu (4): reiserfs: Add missing calls to reiserfs_security_free() lsm: Clarify documentation of vm_enough_memory hook lsm: Add/fix return values in lsm_hooks.h and fix formatting lsm: Fix description of fs_context_parse_param Wang Weiyang (1): device_cgroup: Roll back to original exceptions after copy failure fs/reiserfs/namei.c | 4 + fs/reiserfs/xattr_security.c | 2 +- fs/xattr.c | 5 +- include/linux/fs_context.h | 2 +- include/linux/lsm_hook_defs.h | 2 +- include/linux/lsm_hooks.h | 241 +++++++++++++++--------- include/linux/security.h | 11 +- include/linux/xattr.h | 6 +- net/core/sock.c | 3 +- security/apparmor/domain.c | 3 +- security/apparmor/lsm.c | 29 ++-- security/commoncap.c | 22 ++- security/device_cgroup.c | 33 +++- security/integrity/evm/evm_crypto.c | 5 +- security/integrity/evm/evm_main.c | 7 +- security/integrity/ima/ima.h | 5 +- security/integrity/ima/ima_appraise.c | 6 +- security/integrity/ima/ima_main.c | 6 +- security/integrity/ima/ima_template_lib.c | 11 +- security/lsm_audit.c | 1 + security/security.c | 51 +++++-- security/selinux/hooks.c | 13 +- security/smack/smack_lsm.c | 19 +-- 23 files changed, 296 insertions(+), 191 deletions(-) -- paul-moore.com