[PATCH 0/2] Change LSM registration to work with persistent struct

Sargun Dhillon sargun at sargun.me
Thu May 17 07:00:35 UTC 2018


This patchset breaks out the first patch from my patchset a while ago, which
started introducing external LSMs. One of the ideas was to make the management
of which LSMs are loaded a bit simpler. In the process, I discovered the
following bug:
root at ubuntu:~# dmesg |grep SELinux
[    0.044035] SELinux:  Initializing.
[    0.052063] SELinux:  Starting in permissive mode
[    3.625348] SELinux:  Registering netfilter hooks
root at ubuntu:~# cat /sys/kernel/security/lsm;echo
capability,yama,loadpin,selinux
root at ubuntu:~# echo 1 > /sys/fs/selinux/disable
root at ubuntu:~# dmesg |grep SELinux
[    0.044035] SELinux:  Initializing.
[    0.052063] SELinux:  Starting in permissive mode
[    3.625348] SELinux:  Registering netfilter hooks
[  189.230174] SELinux:  Disabled at runtime.
[  189.230398] SELinux:  Unregistering netfilter hooks
root at ubuntu:~# cat /sys/kernel/security/lsm;echo
capability,yama,loadpin,selinux

After this fix, it makes it so that it will be properly
removed, a la:
root at ubuntu:~# dmesg |grep SELinux
[    0.040169] SELinux:  Initializing.
[    0.048067] SELinux:  Starting in permissive mode
[    3.023873] SELinux:  Registering netfilter hooks
root at ubuntu:~# cat /sys/kernel/security/lsm;echo
capability,yama,loadpin,selinux
root at ubuntu:~# echo 1 > /sys/fs/selinux/disable
root at ubuntu:~# dmesg |grep SELinux
[    0.040169] SELinux:  Initializing.
[    0.048067] SELinux:  Starting in permissive mode
[    3.023873] SELinux:  Registering netfilter hooks
[  136.059277] SELinux:  Disabled at runtime.
[  136.059505] SELinux:  Unregistering netfilter hooks
root at ubuntu:~# cat /sys/kernel/security/lsm;echo
capability,yama,loadpin

This is pretty low-risk, but introduces two minor conflicts to:
[01/23] procfs: add smack subdir to attrs
[21/23] LSM: Multiple concurrent major security modules


Sargun Dhillon (2):
  security: Move LSM registration arguments to struct lsm_info
  security: Convert lsm list file to a seq_file based on lsm_info_head

 include/linux/lsm_hooks.h  | 47 +++++++++++--------------
 security/apparmor/lsm.c    |  5 +--
 security/commoncap.c       |  6 ++--
 security/inode.c           | 56 ++++++++++++++++++++++++++----
 security/loadpin/loadpin.c |  5 ++-
 security/security.c        | 85 +++++++++++++++++++++-------------------------
 security/security.h        | 10 ++++++
 security/selinux/hooks.c   |  7 ++--
 security/smack/smack_lsm.c |  4 ++-
 security/tomoyo/tomoyo.c   |  5 ++-
 security/yama/yama_lsm.c   |  5 ++-
 11 files changed, 146 insertions(+), 89 deletions(-)
 create mode 100644 security/security.h

-- 
2.14.1

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list