From patchwork Tue Dec 12 13:17:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxime Coquelin X-Patchwork-Id: 177349 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7715271vqy; Tue, 12 Dec 2023 05:18:21 -0800 (PST) X-Google-Smtp-Source: AGHT+IHpIT5RkWSvEphqyJPEKAXTdpEPvlt5xba9+NCUh03dGpPeIxKuzWMy/ekcCE37d1blNcwX X-Received: by 2002:a05:6e02:18c7:b0:35d:61e2:16ed with SMTP id s7-20020a056e0218c700b0035d61e216edmr9753635ilu.9.1702387101720; Tue, 12 Dec 2023 05:18:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702387101; cv=none; d=google.com; s=arc-20160816; b=eSxtb0yI+UpBDuS0FVtBLV1oSfF4HSU1YTCr6ItKFJlYWHPPaaAs4vQOQ0Tv15J7IC mQ7M01Jshu0AN1y3CtMK+C56Q+G9VXpwhaYmKnFyZK77QW+0E24wJwNfN9D/C+brXiRc udd5d9/fWY1SB5U7d2kGhuzE2UbQODVPArHmq2wLzqzLhfjNedz0YliLjvTAOgBqR322 7aOU5m197sX+/eLymkTQUzkkUJb8/HdfUfG8ShoM210l3VrRJZ3Ojr+mJsUhOU58rTsX PZPyT1V2Hv1yOV/AafK+MagU6stpOq1lGnsNA6fTOhqUwoRxxnxxma13JIMjobKcjm+A MxPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Kbn/Pj7lGZv5FQhku3s01YJlXyJKSmX12DB6Cc5Zb3k=; fh=LxmBIMHLWtCjcf7wsP7T1D32SQqzEfF7erhVR43RAg4=; b=u6z5SYNynSHQ/NIfEsYkfws3wm4pRpySturXwS2h3lLUuoBLq3cBuHIa9lt10TV/Mx 7mT4hB8UNYseUo1RqETbsb1KFHy5DWORtgX+cr6PvHci6UE5lAnQbQGjKTCx9Cv+w65r E4uZiO7w1KVMmg89c1hGsZngW2IopFSEF5pNKBJErJ5XVRCQgiK2PISCr5Of+iYh80nD irznIpXRL+yHOZp9EjGLcZpZn526sMSiDdZ6Q02/GaiGRbdkNU/bglN5fcFg9ZMw8Sh/ nDsU4BA9fCYGYqOlEeh3bQHcXl0zPrRUkB+DGWb2jaX/uzOdexc96FnlKVfHKoE/ymag oYew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RIDTSKQt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id bz39-20020a056a02062700b005c67e10f240si8127779pgb.312.2023.12.12.05.18.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 05:18:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RIDTSKQt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 578738026F7D; Tue, 12 Dec 2023 05:18:19 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376681AbjLLNRh (ORCPT + 99 others); Tue, 12 Dec 2023 08:17:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53286 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376616AbjLLNRX (ORCPT ); Tue, 12 Dec 2023 08:17:23 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6016F115 for ; Tue, 12 Dec 2023 05:17:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702387048; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Kbn/Pj7lGZv5FQhku3s01YJlXyJKSmX12DB6Cc5Zb3k=; b=RIDTSKQtyt/0vCclYSaCYcw+rEUtEude+BzAiqP0s/4apapYWvMr/0I+nDgOJ3AIWAo4eR wzP+fuNMGVXyaVqoFCLNx+uhIf9TWx1oK37dIpMjDVE1WCdXJo68OoibK6ccmEd52idWjw EXG7BhKfmo0jlqkZKANGIdCxyYUIW2k= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-267-r6trOJMmMXybz5kfVgFA4A-1; Tue, 12 Dec 2023 08:17:24 -0500 X-MC-Unique: r6trOJMmMXybz5kfVgFA4A-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id ED34928EC102; Tue, 12 Dec 2023 13:17:22 +0000 (UTC) Received: from max-p1.redhat.com (unknown [10.39.208.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id C38C31121306; Tue, 12 Dec 2023 13:17:19 +0000 (UTC) From: Maxime Coquelin To: mst@redhat.com, jasowang@redhat.com, xuanzhuo@linux.alibaba.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, stephen.smalley.work@gmail.com, eparis@parisplace.org, xieyongji@bytedance.com, virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, david.marchand@redhat.com, lulu@redhat.com, casey@schaufler-ca.com Cc: Maxime Coquelin Subject: [PATCH v5 1/4] vduse: validate block features only with block devices Date: Tue, 12 Dec 2023 14:17:09 +0100 Message-ID: <20231212131712.1816324-2-maxime.coquelin@redhat.com> In-Reply-To: <20231212131712.1816324-1-maxime.coquelin@redhat.com> References: <20231212131712.1816324-1-maxime.coquelin@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Tue, 12 Dec 2023 05:18:19 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785082257163401488 X-GMAIL-MSGID: 1785082257163401488 This patch is preliminary work to enable network device type support to VDUSE. As VIRTIO_BLK_F_CONFIG_WCE shares the same value as VIRTIO_NET_F_HOST_TSO4, we need to restrict its check to Virtio-blk device type. Acked-by: Jason Wang Reviewed-by: Xie Yongji Signed-off-by: Maxime Coquelin --- drivers/vdpa/vdpa_user/vduse_dev.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/vdpa/vdpa_user/vduse_dev.c b/drivers/vdpa/vdpa_user/vduse_dev.c index 0ddd4b8abecb..0486ff672408 100644 --- a/drivers/vdpa/vdpa_user/vduse_dev.c +++ b/drivers/vdpa/vdpa_user/vduse_dev.c @@ -1671,13 +1671,14 @@ static bool device_is_allowed(u32 device_id) return false; } -static bool features_is_valid(u64 features) +static bool features_is_valid(struct vduse_dev_config *config) { - if (!(features & (1ULL << VIRTIO_F_ACCESS_PLATFORM))) + if (!(config->features & (1ULL << VIRTIO_F_ACCESS_PLATFORM))) return false; /* Now we only support read-only configuration space */ - if (features & (1ULL << VIRTIO_BLK_F_CONFIG_WCE)) + if ((config->device_id == VIRTIO_ID_BLOCK) && + (config->features & (1ULL << VIRTIO_BLK_F_CONFIG_WCE))) return false; return true; @@ -1704,7 +1705,7 @@ static bool vduse_validate_config(struct vduse_dev_config *config) if (!device_is_allowed(config->device_id)) return false; - if (!features_is_valid(config->features)) + if (!features_is_valid(config)) return false; return true; From patchwork Tue Dec 12 13:17:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxime Coquelin X-Patchwork-Id: 177350 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7715326vqy; Tue, 12 Dec 2023 05:18:29 -0800 (PST) X-Google-Smtp-Source: AGHT+IFN2LRr74my7oBUPj8dSvCv/ISzsFSEnZdtwWwEGKJZadN2t0MTtlNUwELu/RVvmh8W+rk2 X-Received: by 2002:a05:6a00:2d9e:b0:6ce:2731:5f70 with SMTP id fb30-20020a056a002d9e00b006ce27315f70mr3204174pfb.47.1702387108695; Tue, 12 Dec 2023 05:18:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702387108; cv=none; d=google.com; s=arc-20160816; b=Oi2Qy+kR+xKiC7idVZenq3p+BGlGI0V+UDN09F6M4zEEn7kHnbl6aAG996U69JMBeI 4NH3kJu/zoqrDTU2tuGcsjmV6ODwGOKWneIBzL94AptRoEQukluOcw2H1wFounSjxPww dmvze3fLhObr/Lsu5ZuwXvlh6iPWf7XCpJ25upoolWuwDuigEwMOSliLAVEuG9qe/6PK XuJeFayJhgUn8GCpyORWZWTf3lHrwWMsZe5wbS7qTwupjdSbLMSG3VEP3HY0iokTOatP JfmvF2+0G5XZoRkFcdw8eBu1IY5rFbIUijWG7Hk/yQir1CfvF4hUGmU9jH5hzDBR8nUh x/Hw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=TaBsHxHFMnJzAJsTX2w35RpbTEwLYs4GFMNgU88u+kY=; fh=LxmBIMHLWtCjcf7wsP7T1D32SQqzEfF7erhVR43RAg4=; b=ImfzZU2BjjNfC3UE7B5UhFPr9I7CbffSUAB96gXh0CgQ9+Ew5kJMU8zDJKCuCm3Zk4 5KsWw5mUq6zfjRHI1EqCalvkvrt2+s92A5HwJc3eVJYE6ZPIUsMC/fJ5dSfI6WFxei+w jXgOq9SAFGg4/sGfQ0ftmERzw+QUwjW7LXSyDBn1z6ASOV4MSGo+XpMS7dYCBbU4+3cQ y75spO8FBMfT5OSjOU/Kad/xt4eIEcwJug/RxJqrgQs84RVlVJjfUCwMO0pbxmVhcgXV rcd/RpnhwKkSYVcNyk8upxazD9TzNSwJW4CRFYA7R2vm/Q9F9Ri0ij5lp3i252mEcrXr GHmA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=R7qBGIDM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from howler.vger.email (howler.vger.email. [23.128.96.34]) by mx.google.com with ESMTPS id c4-20020a63ef44000000b005b834096959si7688937pgk.851.2023.12.12.05.18.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 05:18:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=R7qBGIDM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 237A8809B451; Tue, 12 Dec 2023 05:18:26 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376638AbjLLNRn (ORCPT + 99 others); Tue, 12 Dec 2023 08:17:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47610 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376676AbjLLNRY (ORCPT ); Tue, 12 Dec 2023 08:17:24 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3250411D for ; Tue, 12 Dec 2023 05:17:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702387049; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TaBsHxHFMnJzAJsTX2w35RpbTEwLYs4GFMNgU88u+kY=; b=R7qBGIDMF4nktJo9QlRXC6ufm0Nx89Sbz8xbIOx9lSkV366p6qqU1sVsgstkeI+vOIcqmy 2Hys5DcBiAkeq1773LdfRSaikpLv6/PQz5S8nJ9WhDu7dkTgfugMdHG7jba5Fu7TCa8Y8J pmzAVlwoneaOYJ6ZrLqElouxgfE+NIw= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-443-l1dVKqVbNjSHXwliPbYvYA-1; Tue, 12 Dec 2023 08:17:27 -0500 X-MC-Unique: l1dVKqVbNjSHXwliPbYvYA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 79687868A21; Tue, 12 Dec 2023 13:17:26 +0000 (UTC) Received: from max-p1.redhat.com (unknown [10.39.208.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 445881121306; Tue, 12 Dec 2023 13:17:23 +0000 (UTC) From: Maxime Coquelin To: mst@redhat.com, jasowang@redhat.com, xuanzhuo@linux.alibaba.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, stephen.smalley.work@gmail.com, eparis@parisplace.org, xieyongji@bytedance.com, virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, david.marchand@redhat.com, lulu@redhat.com, casey@schaufler-ca.com Cc: Maxime Coquelin Subject: [PATCH v5 2/4] vduse: Temporarily disable control queue features Date: Tue, 12 Dec 2023 14:17:10 +0100 Message-ID: <20231212131712.1816324-3-maxime.coquelin@redhat.com> In-Reply-To: <20231212131712.1816324-1-maxime.coquelin@redhat.com> References: <20231212131712.1816324-1-maxime.coquelin@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Tue, 12 Dec 2023 05:18:26 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785082264546567624 X-GMAIL-MSGID: 1785082264546567624 Virtio-net driver control queue implementation is not safe when used with VDUSE. If the VDUSE application does not reply to control queue messages, it currently ends up hanging the kernel thread sending this command. Some work is on-going to make the control queue implementation robust with VDUSE. Until it is completed, let's disable control virtqueue and features that depend on it. Signed-off-by: Maxime Coquelin --- drivers/vdpa/vdpa_user/vduse_dev.c | 37 ++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/drivers/vdpa/vdpa_user/vduse_dev.c b/drivers/vdpa/vdpa_user/vduse_dev.c index 0486ff672408..fe4b5c8203fd 100644 --- a/drivers/vdpa/vdpa_user/vduse_dev.c +++ b/drivers/vdpa/vdpa_user/vduse_dev.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #include "iova_domain.h" @@ -46,6 +47,30 @@ #define IRQ_UNBOUND -1 +#define VDUSE_NET_VALID_FEATURES_MASK \ + (BIT_ULL(VIRTIO_NET_F_CSUM) | \ + BIT_ULL(VIRTIO_NET_F_GUEST_CSUM) | \ + BIT_ULL(VIRTIO_NET_F_MTU) | \ + BIT_ULL(VIRTIO_NET_F_MAC) | \ + BIT_ULL(VIRTIO_NET_F_GUEST_TSO4) | \ + BIT_ULL(VIRTIO_NET_F_GUEST_TSO6) | \ + BIT_ULL(VIRTIO_NET_F_GUEST_ECN) | \ + BIT_ULL(VIRTIO_NET_F_GUEST_UFO) | \ + BIT_ULL(VIRTIO_NET_F_HOST_TSO4) | \ + BIT_ULL(VIRTIO_NET_F_HOST_TSO6) | \ + BIT_ULL(VIRTIO_NET_F_HOST_ECN) | \ + BIT_ULL(VIRTIO_NET_F_HOST_UFO) | \ + BIT_ULL(VIRTIO_NET_F_MRG_RXBUF) | \ + BIT_ULL(VIRTIO_NET_F_STATUS) | \ + BIT_ULL(VIRTIO_NET_F_HOST_USO) | \ + BIT_ULL(VIRTIO_F_ANY_LAYOUT) | \ + BIT_ULL(VIRTIO_RING_F_INDIRECT_DESC) | \ + BIT_ULL(VIRTIO_RING_F_EVENT_IDX) | \ + BIT_ULL(VIRTIO_F_VERSION_1) | \ + BIT_ULL(VIRTIO_F_ACCESS_PLATFORM) | \ + BIT_ULL(VIRTIO_F_RING_PACKED) | \ + BIT_ULL(VIRTIO_F_IN_ORDER)) + struct vduse_virtqueue { u16 index; u16 num_max; @@ -1782,6 +1807,16 @@ static struct attribute *vduse_dev_attrs[] = { ATTRIBUTE_GROUPS(vduse_dev); +static void vduse_dev_features_filter(struct vduse_dev_config *config) +{ + /* + * Temporarily filter out virtio-net's control virtqueue and features + * that depend on it while CVQ is being made more robust for VDUSE. + */ + if (config->device_id == VIRTIO_ID_NET) + config->features &= VDUSE_NET_VALID_FEATURES_MASK; +} + static int vduse_create_dev(struct vduse_dev_config *config, void *config_buf, u64 api_version) { @@ -1797,6 +1832,8 @@ static int vduse_create_dev(struct vduse_dev_config *config, if (!dev) goto err; + vduse_dev_features_filter(config); + dev->api_version = api_version; dev->device_features = config->features; dev->device_id = config->device_id; From patchwork Tue Dec 12 13:17:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxime Coquelin X-Patchwork-Id: 177348 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7715211vqy; Tue, 12 Dec 2023 05:18:14 -0800 (PST) X-Google-Smtp-Source: AGHT+IHbKIbwWpjACsovFLfo2TkxjLgdsEsTqYKbse0u5GaItj1Q/2X/MfzXU4dqeuQAX64grojg X-Received: by 2002:a17:90b:4fc1:b0:286:d453:300a with SMTP id qa1-20020a17090b4fc100b00286d453300amr2295155pjb.83.1702387093821; Tue, 12 Dec 2023 05:18:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702387093; cv=none; d=google.com; s=arc-20160816; b=h60kaeKevgo3IFMK3BIZsHZjnnLg+7dttLu3XfnfvsmJaK/gYhuUoKui1CWlF9xbJs 5LmFwXH1e7GdGEaCjrrB1hdgsYf6VOzsYPiSZXExudkFxoZMQZeod1QeOIOaZMsP73XE GKzTmStboC+lX26nVzdaGb6GzVb2HE9KqJ4Y8PzMvFwme0abW2+intN8wInxR5Sxhh6w ep0PbUDtK2yVtchn50qPwytdKm2QvQIFHcjXrPMSOMWBZsV/tg+wE6R1IPzRXuIbzyr+ QG3ps3VDsWfgvGCx/3boO0itlpeHgu3+6zfArwaHXKe/xm51KkMOEmW8UOvyUQ+lPVen pq1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=o0LIMgKiGBHNSKD8IIuTa7bPbj2RQDP2uV1SsEiFHOg=; fh=LxmBIMHLWtCjcf7wsP7T1D32SQqzEfF7erhVR43RAg4=; b=tdN28XJkEiMjaV3Inm3O5jprDwQ7TNuJ7roEwQ7ZCDkjcLEkFLxIsi2VzTZJENLD/H Ytk1fXBWUtB93PHRRPlysO3dtZNoChrD6dPjLMiFzKPvWHn+Yu7bCbnDRkeIUH7+wqEm aN0XzP0MzYlj05PmyL1DDgp7IcmgtFA8xfPkvOPodbPOPyu2giR5RvKPuO4vifKzJrua VEyk35huTOZIxnuXqzs4Viajnc2rLn5Gq8Tu2Chmm9QcPNufhiZuJ+iZgXmM/XvImq+L cerp5eSPeR7JPzmz8+aiVnWhYP3KP2tLu84kivd7x+8L1b4Ci7H2b2UlBqVlprb5Rb7/ gReQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SPhjUlnG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id b12-20020a17090a9bcc00b002865a80ceb3si9211383pjw.2.2023.12.12.05.18.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 05:18:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SPhjUlnG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 974F2804C4A1; Tue, 12 Dec 2023 05:18:11 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376700AbjLLNRv (ORCPT + 99 others); Tue, 12 Dec 2023 08:17:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53486 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376689AbjLLNRa (ORCPT ); Tue, 12 Dec 2023 08:17:30 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 844041A8 for ; Tue, 12 Dec 2023 05:17:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702387054; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=o0LIMgKiGBHNSKD8IIuTa7bPbj2RQDP2uV1SsEiFHOg=; b=SPhjUlnGPqs5kDa4l/waamJHx4odZztdVWqqSr+hKSIy7FmPAffxUtUr7AnSD0tYOZXg7Y bHEfT/Muz7z2d3XGkRbZ7evl4Zs/A+mXfqhL+6zHPZTHhwaFXYW4zgHde1YIHGaPx03Xiq 92gJRhc2DNAppavSelxALj7MvV0lz0Y= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-134-Grc6b-i-Ngq40wcOj_AIMg-1; Tue, 12 Dec 2023 08:17:30 -0500 X-MC-Unique: Grc6b-i-Ngq40wcOj_AIMg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E213D28EC10B; Tue, 12 Dec 2023 13:17:29 +0000 (UTC) Received: from max-p1.redhat.com (unknown [10.39.208.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id C3E4E1121306; Tue, 12 Dec 2023 13:17:26 +0000 (UTC) From: Maxime Coquelin To: mst@redhat.com, jasowang@redhat.com, xuanzhuo@linux.alibaba.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, stephen.smalley.work@gmail.com, eparis@parisplace.org, xieyongji@bytedance.com, virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, david.marchand@redhat.com, lulu@redhat.com, casey@schaufler-ca.com Cc: Maxime Coquelin Subject: [PATCH v5 3/4] vduse: enable Virtio-net device type Date: Tue, 12 Dec 2023 14:17:11 +0100 Message-ID: <20231212131712.1816324-4-maxime.coquelin@redhat.com> In-Reply-To: <20231212131712.1816324-1-maxime.coquelin@redhat.com> References: <20231212131712.1816324-1-maxime.coquelin@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 12 Dec 2023 05:18:11 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785082249296627941 X-GMAIL-MSGID: 1785082249296627941 This patch adds Virtio-net device type to the supported devices types. Initialization fails if the device does not support VIRTIO_F_VERSION_1 feature, in order to guarantee the configuration space is read-only. Acked-by: Jason Wang Reviewed-by: Xie Yongji Signed-off-by: Maxime Coquelin --- drivers/vdpa/vdpa_user/vduse_dev.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/vdpa/vdpa_user/vduse_dev.c b/drivers/vdpa/vdpa_user/vduse_dev.c index fe4b5c8203fd..fa62825be378 100644 --- a/drivers/vdpa/vdpa_user/vduse_dev.c +++ b/drivers/vdpa/vdpa_user/vduse_dev.c @@ -166,6 +166,7 @@ static struct workqueue_struct *vduse_irq_bound_wq; static u32 allowed_device_id[] = { VIRTIO_ID_BLOCK, + VIRTIO_ID_NET, }; static inline struct vduse_dev *vdpa_to_vduse(struct vdpa_device *vdpa) @@ -1706,6 +1707,10 @@ static bool features_is_valid(struct vduse_dev_config *config) (config->features & (1ULL << VIRTIO_BLK_F_CONFIG_WCE))) return false; + if ((config->device_id == VIRTIO_ID_NET) && + !(config->features & (1ULL << VIRTIO_F_VERSION_1))) + return false; + return true; } @@ -2068,6 +2073,7 @@ static const struct vdpa_mgmtdev_ops vdpa_dev_mgmtdev_ops = { static struct virtio_device_id id_table[] = { { VIRTIO_ID_BLOCK, VIRTIO_DEV_ANY_ID }, + { VIRTIO_ID_NET, VIRTIO_DEV_ANY_ID }, { 0 }, }; From patchwork Tue Dec 12 13:17:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxime Coquelin X-Patchwork-Id: 177347 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7715203vqy; Tue, 12 Dec 2023 05:18:13 -0800 (PST) X-Google-Smtp-Source: AGHT+IHPLvPUi8Nz8eIPpl3xHrOl0pg9V/WGz2ij7kq4oJ23uTujP1eXsrCp/tJknbPtSnUjxH59 X-Received: by 2002:a05:6a20:72a2:b0:18b:acc8:a5ed with SMTP id o34-20020a056a2072a200b0018bacc8a5edmr9047413pzk.8.1702387092640; Tue, 12 Dec 2023 05:18:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702387092; cv=none; d=google.com; s=arc-20160816; b=lct1WrpubFUx9V/IHf9DU3nXGJWCnHZeBY3X5mkBafOPi2eWP7kXb5WkWZkmaIyGjO O7bN64+SnfxRcw9hqj0xd1WeYr5qbXms4KmcqkIMWgRpVd0akXXdAjAJhdV18YaXT9b2 zocmxjq3j460s4jtR/1K8D6HKAKlN52yeMy1+0syn/cNGpakHPYw7fUL5AEpj5bJV2hL k/g5Z/gVrdw2ADJWksW0R1zMI3WCa+fnM/JwuBw9k1H+FMFgFhti2GdT/DGxzmclTcON AY24gLR8b1SFiJ6yL30F1mlsoK73nS68qHlQZRX7ui4gfAOw26+EIg9TXUTg4WYCDMe2 tWHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=I+u1S2AY/jEGnaBOw0WBoMATED3t5u4RyQxPWcyrfwg=; fh=LxmBIMHLWtCjcf7wsP7T1D32SQqzEfF7erhVR43RAg4=; b=bGx/prUW2AWfA7XEfm9oXTf4qzVf9noBoEZcS7Tr4kpYISK7GJdHv2aDa/QkaWQvyK OfEisjFdD5H01uhGDb1tFWzf9bVSNn70MZMGtHtE+X3nE7mBQimFQzjY7jHWNOZkrqxg 5YJnbxIuyJdJq8RhrjLq1X3X9oclVdsK8bVDwezkyAwZoLXo8gjtcPV7WlHuZss77/Wy sapsJVhy4oIyu8cDe6gcqvNBnb41eK0gNR82+qCzLhYsEy76oWI5c+GHfAvLHnq1mWw6 9w14nNAe3AVYPX8Ltw3JjTDTOYEJ2JG59puGXfgBvBs2XPK1pG1l7WrEMJ0FOFG8lKPX Qc0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ExqaaPmK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id d28-20020a631d5c000000b005bd39fc1ebesi7691885pgm.223.2023.12.12.05.18.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 05:18:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ExqaaPmK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id D8973809FA04; Tue, 12 Dec 2023 05:18:08 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376654AbjLLNSA (ORCPT + 99 others); Tue, 12 Dec 2023 08:18:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47636 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376674AbjLLNRm (ORCPT ); Tue, 12 Dec 2023 08:17:42 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B33F1197 for ; Tue, 12 Dec 2023 05:17:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1702387057; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=I+u1S2AY/jEGnaBOw0WBoMATED3t5u4RyQxPWcyrfwg=; b=ExqaaPmKwFJ8zDuyYBjpmRwzekFmNLNvXNqA69XKUlKZLVTGRqq7gLWBUhT0wX0QqDLK4B 4wJlnBiuDJjV7O0QA5QyRpyzCaD0Xd4F3XYNO/gurZeXcy9WkQ2xy4eoG5+d/xRhD3ffb8 h733sqmxe6YmWNy4EY0PXEhjYODafw4= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-673-4GXjYFpzO-GvKEOSKHlLSA-1; Tue, 12 Dec 2023 08:17:34 -0500 X-MC-Unique: 4GXjYFpzO-GvKEOSKHlLSA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 576E984A298; Tue, 12 Dec 2023 13:17:33 +0000 (UTC) Received: from max-p1.redhat.com (unknown [10.39.208.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 39C001121312; Tue, 12 Dec 2023 13:17:30 +0000 (UTC) From: Maxime Coquelin To: mst@redhat.com, jasowang@redhat.com, xuanzhuo@linux.alibaba.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, stephen.smalley.work@gmail.com, eparis@parisplace.org, xieyongji@bytedance.com, virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, david.marchand@redhat.com, lulu@redhat.com, casey@schaufler-ca.com Cc: Maxime Coquelin Subject: [PATCH v5 4/4] vduse: Add LSM hook to check Virtio device type Date: Tue, 12 Dec 2023 14:17:12 +0100 Message-ID: <20231212131712.1816324-5-maxime.coquelin@redhat.com> In-Reply-To: <20231212131712.1816324-1-maxime.coquelin@redhat.com> References: <20231212131712.1816324-1-maxime.coquelin@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 12 Dec 2023 05:18:09 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785082248178273548 X-GMAIL-MSGID: 1785082248178273548 This patch introduces a LSM hook for devices creation, destruction (ioctl()) and opening (open()) operations, checking the application is allowed to perform these operations for the Virtio device type. Signed-off-by: Maxime Coquelin --- MAINTAINERS | 1 + drivers/vdpa/vdpa_user/vduse_dev.c | 13 ++++++++++++ include/linux/lsm_hook_defs.h | 2 ++ include/linux/security.h | 6 ++++++ include/linux/vduse.h | 14 +++++++++++++ security/security.c | 15 ++++++++++++++ security/selinux/hooks.c | 32 +++++++++++++++++++++++++++++ security/selinux/include/classmap.h | 2 ++ 8 files changed, 85 insertions(+) create mode 100644 include/linux/vduse.h diff --git a/MAINTAINERS b/MAINTAINERS index a0fb0df07b43..4e83b14358d2 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -23040,6 +23040,7 @@ F: drivers/net/virtio_net.c F: drivers/vdpa/ F: drivers/virtio/ F: include/linux/vdpa.h +F: include/linux/vduse.h F: include/linux/virtio*.h F: include/linux/vringh.h F: include/uapi/linux/virtio_*.h diff --git a/drivers/vdpa/vdpa_user/vduse_dev.c b/drivers/vdpa/vdpa_user/vduse_dev.c index fa62825be378..59ab7eb62e20 100644 --- a/drivers/vdpa/vdpa_user/vduse_dev.c +++ b/drivers/vdpa/vdpa_user/vduse_dev.c @@ -8,6 +8,7 @@ * */ +#include "linux/security.h" #include #include #include @@ -30,6 +31,7 @@ #include #include #include +#include #include "iova_domain.h" @@ -1442,6 +1444,10 @@ static int vduse_dev_open(struct inode *inode, struct file *file) if (dev->connected) goto unlock; + ret = -EPERM; + if (security_vduse_perm_check(VDUSE_PERM_OPEN, dev->device_id)) + goto unlock; + ret = 0; dev->connected = true; file->private_data = dev; @@ -1664,6 +1670,9 @@ static int vduse_destroy_dev(char *name) if (!dev) return -EINVAL; + if (security_vduse_perm_check(VDUSE_PERM_DESTROY, dev->device_id)) + return -EPERM; + mutex_lock(&dev->lock); if (dev->vdev || dev->connected) { mutex_unlock(&dev->lock); @@ -1828,6 +1837,10 @@ static int vduse_create_dev(struct vduse_dev_config *config, int ret; struct vduse_dev *dev; + ret = -EPERM; + if (security_vduse_perm_check(VDUSE_PERM_CREATE, config->device_id)) + goto err; + ret = -EEXIST; if (vduse_find_dev(config->name)) goto err; diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index ff217a5ce552..3930ab2ae974 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -419,3 +419,5 @@ LSM_HOOK(int, 0, uring_override_creds, const struct cred *new) LSM_HOOK(int, 0, uring_sqpoll, void) LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd) #endif /* CONFIG_IO_URING */ + +LSM_HOOK(int, 0, vduse_perm_check, enum vduse_op_perm op_perm, u32 device_id) diff --git a/include/linux/security.h b/include/linux/security.h index 1d1df326c881..2a2054172394 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -32,6 +32,7 @@ #include #include #include +#include struct linux_binprm; struct cred; @@ -484,6 +485,7 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int security_vduse_perm_check(enum vduse_op_perm op_perm, u32 device_id); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -1395,6 +1397,10 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int security_vduse_perm_check(enum vduse_op_perm op_perm, u32 device_id) +{ + return 0; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/include/linux/vduse.h b/include/linux/vduse.h new file mode 100644 index 000000000000..7a20dcc43997 --- /dev/null +++ b/include/linux/vduse.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _LINUX_VDUSE_H +#define _LINUX_VDUSE_H + +/* + * The permission required for a VDUSE device operation. + */ +enum vduse_op_perm { + VDUSE_PERM_CREATE, + VDUSE_PERM_DESTROY, + VDUSE_PERM_OPEN, +}; + +#endif /* _LINUX_VDUSE_H */ diff --git a/security/security.c b/security/security.c index dcb3e7014f9b..150abf85f97d 100644 --- a/security/security.c +++ b/security/security.c @@ -5337,3 +5337,18 @@ int security_uring_cmd(struct io_uring_cmd *ioucmd) return call_int_hook(uring_cmd, 0, ioucmd); } #endif /* CONFIG_IO_URING */ + +/** + * security_vduse_perm_check() - Check if a VDUSE device type operation is allowed + * @op_perm: the operation type + * @device_id: the Virtio device ID + * + * Check whether the Virtio device creation is allowed + * + * Return: Returns 0 if permission is granted. + */ +int security_vduse_perm_check(enum vduse_op_perm op_perm, u32 device_id) +{ + return call_int_hook(vduse_perm_check, 0, op_perm, device_id); +} +EXPORT_SYMBOL(security_vduse_perm_check); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index feda711c6b7b..18845e4f682f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -21,6 +21,8 @@ * Copyright (C) 2016 Mellanox Technologies */ +#include "av_permissions.h" +#include "linux/vduse.h" #include #include #include @@ -92,6 +94,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -6950,6 +6953,34 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static int selinux_vduse_perm_check(enum vduse_op_perm op_perm, u32 device_id) +{ + u32 requested_op, requested_type, sid = current_sid(); + int ret; + + if (op_perm == VDUSE_PERM_CREATE) + requested_op = VDUSE__CREATE; + else if (op_perm == VDUSE__DESTROY) + requested_op = VDUSE__DESTROY; + else if (op_perm == VDUSE_PERM_OPEN) + requested_op = VDUSE__OPEN; + else + return -EINVAL; + + ret = avc_has_perm(sid, sid, SECCLASS_VDUSE, requested_op, NULL); + if (ret) + return ret; + + if (device_id == VIRTIO_ID_NET) + requested_type = VDUSE__NET; + else if (device_id == VIRTIO_ID_BLOCK) + requested_type = VDUSE__BLOCK; + else + return -EINVAL; + + return avc_has_perm(sid, sid, SECCLASS_VDUSE, requested_type, NULL); +} + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7243,6 +7274,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { #ifdef CONFIG_PERF_EVENTS LSM_HOOK_INIT(perf_event_alloc, selinux_perf_event_alloc), #endif + LSM_HOOK_INIT(vduse_perm_check, selinux_vduse_perm_check), }; static __init int selinux_init(void) diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index a3c380775d41..b0a358cbac1c 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -256,6 +256,8 @@ const struct security_class_mapping secclass_map[] = { { "override_creds", "sqpoll", "cmd", NULL } }, { "user_namespace", { "create", NULL } }, + { "vduse", + { "create", "destroy", "open", "net", "block", NULL} }, { NULL } };