[RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants

Paul Moore paul at paul-moore.com
Wed Feb 24 00:03:52 UTC 2021


On Tue, Feb 23, 2021 at 9:14 AM Mimi Zohar <zohar at linux.ibm.com> wrote:
> On Mon, 2021-02-22 at 15:58 -0800, Casey Schaufler wrote:
> > On 2/20/2021 6:41 AM, Paul Moore wrote:
> > > On Fri, Feb 19, 2021 at 8:49 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
> > >> On 2/19/2021 3:28 PM, Paul Moore wrote:
> > >>> As discussed briefly on the list (lore link below), we are a little
> > >>> sloppy when it comes to using task credentials, mixing both the
> > >>> subjective and object credentials.  This patch set attempts to fix
> > >>> this by replacing security_task_getsecid() with two new hooks that
> > >>> return either the subjective (_subj) or objective (_obj) credentials.
> > >>>
> > >>> https://lore.kernel.org/linux-security-module/806848326.0ifERbkFSE@x2/T/
> > >>>
> > >>> Casey and John, I made a quick pass through the Smack and AppArmor
> > >>> code in an effort to try and do the right thing, but I will admit
> > >>> that I haven't tested those changes, just the SELinux code.  I
> > >>> would really appreciate your help in reviewing those changes.  If
> > >>> you find it easier, feel free to wholesale replace my Smack/AppArmor
> > >>> patch with one of your own.
> > >> A quick test pass didn't show up anything obviously
> > >> amiss with the Smack changes. I have will do some more
> > >> through inspection, but they look fine so far.
> > > Thanks for testing it out and giving it a look.  Beyond the Smack
> > > specific changes, I'm also interested in making sure all the hook
> > > callers are correct; I believe I made the correct substitutions, but a
> > > second (or third (or fourth ...)) set of eyes is never a bad idea.
> >
> > I'm still not seeing anything that looks wrong. I'd suggest that Mimi
> > have a look at the IMA bits.
>
> Thanks, Casey, Paul.  The IMA changes look fine.  IMA policy rules are
> normally written in terms of a file's LSM labels, the obj_type, so
> hopefully this change has minimal, if any, impact.

Thanks Mimi I appreciate the additional review.  Would you mind
sending your ACK for the IMA related patches in the patchset?

-- 
paul moore
www.paul-moore.com



More information about the Linux-security-module-archive mailing list