[RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants
Casey Schaufler
casey at schaufler-ca.com
Sat Feb 20 01:49:01 UTC 2021
On 2/19/2021 3:28 PM, Paul Moore wrote:
> As discussed briefly on the list (lore link below), we are a little
> sloppy when it comes to using task credentials, mixing both the
> subjective and object credentials. This patch set attempts to fix
> this by replacing security_task_getsecid() with two new hooks that
> return either the subjective (_subj) or objective (_obj) credentials.
>
> https://lore.kernel.org/linux-security-module/806848326.0ifERbkFSE@x2/T/
>
> Casey and John, I made a quick pass through the Smack and AppArmor
> code in an effort to try and do the right thing, but I will admit
> that I haven't tested those changes, just the SELinux code. I
> would really appreciate your help in reviewing those changes. If
> you find it easier, feel free to wholesale replace my Smack/AppArmor
> patch with one of your own.
A quick test pass didn't show up anything obviously
amiss with the Smack changes. I have will do some more
through inspection, but they look fine so far.
>
> ---
>
> Paul Moore (4):
> lsm: separate security_task_getsecid() into subjective and objective variants
> selinux: clarify task subjective and objective credentials
> smack: differentiate between subjective and objective task credentials
> apparmor: differentiate between subjective and objective task credentials
>
>
> security/apparmor/domain.c | 2 +-
> security/apparmor/include/cred.h | 19 +++++--
> security/apparmor/include/task.h | 3 +-
> security/apparmor/lsm.c | 23 ++++++---
> security/apparmor/task.c | 23 +++++++--
> security/selinux/hooks.c | 85 ++++++++++++++++++--------------
> security/smack/smack.h | 18 ++++++-
> security/smack/smack_lsm.c | 40 ++++++++++-----
> 8 files changed, 147 insertions(+), 66 deletions(-)
>
> --
> Signature
More information about the Linux-security-module-archive
mailing list