[RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants

Casey Schaufler casey at schaufler-ca.com
Thu Mar 4 02:21:25 UTC 2021


On 3/3/2021 4:46 PM, Paul Moore wrote:
> On Mon, Feb 22, 2021 at 6:59 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>> On 2/20/2021 6:41 AM, Paul Moore wrote:
>>> On Fri, Feb 19, 2021 at 8:49 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>>>> On 2/19/2021 3:28 PM, Paul Moore wrote:
>>>>> As discussed briefly on the list (lore link below), we are a little
>>>>> sloppy when it comes to using task credentials, mixing both the
>>>>> subjective and object credentials.  This patch set attempts to fix
>>>>> this by replacing security_task_getsecid() with two new hooks that
>>>>> return either the subjective (_subj) or objective (_obj) credentials.
>>>>>
>>>>> https://lore.kernel.org/linux-security-module/806848326.0ifERbkFSE@x2/T/
>>>>>
>>>>> Casey and John, I made a quick pass through the Smack and AppArmor
>>>>> code in an effort to try and do the right thing, but I will admit
>>>>> that I haven't tested those changes, just the SELinux code.  I
>>>>> would really appreciate your help in reviewing those changes.  If
>>>>> you find it easier, feel free to wholesale replace my Smack/AppArmor
>>>>> patch with one of your own.
>>>> A quick test pass didn't show up anything obviously
>>>> amiss with the Smack changes. I have will do some more
>>>> through inspection, but they look fine so far.
>>> Thanks for testing it out and giving it a look.  Beyond the Smack
>>> specific changes, I'm also interested in making sure all the hook
>>> callers are correct; I believe I made the correct substitutions, but a
>>> second (or third (or fourth ...)) set of eyes is never a bad idea.
>> I'm still not seeing anything that looks wrong. I'd suggest that Mimi
>> have a look at the IMA bits.
> Assuming you are still good with these changes Casey, any chance I can
> get an ACK on the LSM and Smack patches?

Yes. You can add my:

Acked-by: Casey Schaufler <casey at schaufler-ca.com>

to both.



More information about the Linux-security-module-archive mailing list