[PATCH 4/4] LSM: Add a LSM module which handles dynamically appendable LSM hooks.
kernel test robot
lkp at intel.com
Mon Nov 20 22:28:09 UTC 2023
Hi Tetsuo,
kernel test robot noticed the following build warnings:
[auto build test WARNING on bpf/master]
[also build test WARNING on pcmoore-audit/next pcmoore-selinux/next linus/master v6.7-rc2]
[cannot apply to bpf-next/master next-20231120]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Tetsuo-Handa/LSM-Auto-undef-LSM_HOOK-macro/20231120-214522
base: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git master
patch link: https://lore.kernel.org/r/34be5cd8-1fdd-4323-82a3-40f2e7d35db3%40I-love.SAKURA.ne.jp
patch subject: [PATCH 4/4] LSM: Add a LSM module which handles dynamically appendable LSM hooks.
config: arm64-randconfig-002-20231121 (https://download.01.org/0day-ci/archive/20231121/202311210652.jzysT4DZ-lkp@intel.com/config)
compiler: aarch64-linux-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231121/202311210652.jzysT4DZ-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp at intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311210652.jzysT4DZ-lkp@intel.com/
All warnings (new ones prefixed by >>):
>> security/security.c:822: warning: Incorrect use of kernel-doc format: * security_binder_transaction() - Check if a binder transaction is allowed
>> security/security.c:832: warning: Incorrect use of kernel-doc format: * security_binder_transfer_binder() - Check if a binder transfer is allowed
>> security/security.c:842: warning: Incorrect use of kernel-doc format: * security_binder_transfer_file() - Check if a binder file xfer is allowed
>> security/security.c:853: warning: Incorrect use of kernel-doc format: * security_ptrace_access_check() - Check if tracing is allowed
>> security/security.c:868: warning: Incorrect use of kernel-doc format: * security_ptrace_traceme() - Check if tracing is allowed
>> security/security.c:879: warning: Incorrect use of kernel-doc format: * security_capget() - Get the capability sets for a process
>> security/security.c:894: warning: Incorrect use of kernel-doc format: * security_capset() - Set the capability sets for a process
>> security/security.c:908: warning: Incorrect use of kernel-doc format: * security_capable() - Check if a process has the necessary capability
>> security/security.c:922: warning: Incorrect use of kernel-doc format: * security_quotactl() - Check if a quotactl() syscall is allowed for this fs
>> security/security.c:934: warning: Incorrect use of kernel-doc format: * security_quota_on() - Check if QUOTAON is allowed for a dentry
>> security/security.c:943: warning: Incorrect use of kernel-doc format: * security_syslog() - Check if accessing the kernel message ring is allowed
>> security/security.c:954: warning: Incorrect use of kernel-doc format: * security_settime64() - Check if changing the system time is allowed
>> security/security.c:964: warning: Function parameter or member 'ts' not described in 'security_settime64'
>> security/security.c:964: warning: Function parameter or member 'tz' not described in 'security_settime64'
>> security/security.c:964: warning: expecting prototype for security_binder_set_context_mgr(). Prototype was for security_settime64() instead
>> security/security.c:1020: warning: Incorrect use of kernel-doc format: * security_bprm_creds_from_file() - Update linux_binprm creds based on file
>> security/security.c:1040: warning: Incorrect use of kernel-doc format: * security_bprm_check() - Mediate binary handler search
>> security/security.c:1052: warning: expecting prototype for security_bprm_creds_for_exec(). Prototype was for security_bprm_check() instead
>> security/security.c:1075: warning: Incorrect use of kernel-doc format: * security_bprm_committed_creds() - Tidy up after cred install during exec()
>> security/security.c:1087: warning: Incorrect use of kernel-doc format: * security_fs_context_submount() - Initialise fc->security
security/security.c:1097: warning: Incorrect use of kernel-doc format: * security_fs_context_dup() - Duplicate a fs_context LSM blob
security/security.c:1109: warning: Incorrect use of kernel-doc format: * security_fs_context_parse_param() - Configure a filesystem context
security/security.c:1122: warning: Function parameter or member 'fc' not described in 'security_fs_context_parse_param'
security/security.c:1122: warning: Function parameter or member 'param' not described in 'security_fs_context_parse_param'
security/security.c:1122: warning: expecting prototype for security_bprm_committing_creds(). Prototype was for security_fs_context_parse_param() instead
security/security.c:1169: warning: Incorrect use of kernel-doc format: * security_sb_free() - Free a super_block LSM blob
security/security.c:1176: warning: expecting prototype for security_sb_delete(). Prototype was for security_sb_free() instead
security/security.c:1206: warning: Function parameter or member 'security_sb_eat_lsm_opts' not described in 'EXPORT_SYMBOL'
security/security.c:1206: warning: expecting prototype for security_sb_eat_lsm_opts(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:1218: warning: Function parameter or member 'security_sb_mnt_opts_compat' not described in 'EXPORT_SYMBOL'
security/security.c:1218: warning: expecting prototype for security_sb_mnt_opts_compat(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:1230: warning: Function parameter or member 'security_sb_remount' not described in 'EXPORT_SYMBOL'
security/security.c:1230: warning: expecting prototype for security_sb_remount(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:1242: warning: Incorrect use of kernel-doc format: * security_sb_show_options() - Output the mount options for a superblock
security/security.c:1252: warning: Incorrect use of kernel-doc format: * security_sb_statfs() - Check if accessing fs stats is allowed
security/security.c:1262: warning: Incorrect use of kernel-doc format: * security_sb_mount() - Check permission for mounting a filesystem
security/security.c:1280: warning: Incorrect use of kernel-doc format: * security_sb_umount() - Check permission for unmounting a filesystem
security/security.c:1290: warning: Incorrect use of kernel-doc format: * security_sb_pivotroot() - Check permissions for pivoting the rootfs
security/security.c:1300: warning: Incorrect use of kernel-doc format: * security_sb_set_mnt_opts() - Set the mount options for a filesystem
security/security.c:1314: warning: Function parameter or member 'mnt_opts' not described in 'security_sb_set_mnt_opts'
security/security.c:1314: warning: Function parameter or member 'kern_flags' not described in 'security_sb_set_mnt_opts'
security/security.c:1314: warning: Function parameter or member 'set_kern_flags' not described in 'security_sb_set_mnt_opts'
security/security.c:1314: warning: expecting prototype for security_sb_kern_mount(). Prototype was for security_sb_set_mnt_opts() instead
security/security.c:1332: warning: Function parameter or member 'security_sb_clone_mnt_opts' not described in 'EXPORT_SYMBOL'
security/security.c:1332: warning: expecting prototype for security_sb_clone_mnt_opts(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:1345: warning: Incorrect use of kernel-doc format: * security_path_notify() - Check if setting a watch is allowed
security/security.c:1357: warning: Incorrect use of kernel-doc format: * security_inode_alloc() - Allocate an inode LSM blob
security/security.c:1367: warning: Function parameter or member 'inode' not described in 'security_inode_alloc'
security/security.c:1367: warning: expecting prototype for security_move_mount(). Prototype was for security_inode_alloc() instead
security/security.c:1425: warning: Function parameter or member 'security_dentry_init_security' not described in 'EXPORT_SYMBOL'
security/security.c:1425: warning: expecting prototype for security_dentry_init_security(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:1442: warning: Function parameter or member 'security_dentry_create_files_as' not described in 'EXPORT_SYMBOL'
security/security.c:1442: warning: expecting prototype for security_dentry_create_files_as(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:1539: warning: Incorrect use of kernel-doc format: * security_path_mknod() - Check if creating a special file is allowed
security/security.c:1552: warning: Function parameter or member 'dir' not described in 'security_path_mknod'
security/security.c:1552: warning: Function parameter or member 'dentry' not described in 'security_path_mknod'
security/security.c:1552: warning: Function parameter or member 'mode' not described in 'security_path_mknod'
security/security.c:1552: warning: Function parameter or member 'dev' not described in 'security_path_mknod'
security/security.c:1552: warning: expecting prototype for security_inode_init_security_anon(). Prototype was for security_path_mknod() instead
security/security.c:1736: warning: Incorrect use of kernel-doc format: * security_inode_create() - Check if creating a file is allowed
security/security.c:1747: warning: Function parameter or member 'dir' not described in 'security_inode_create'
security/security.c:1747: warning: Function parameter or member 'dentry' not described in 'security_inode_create'
security/security.c:1747: warning: Function parameter or member 'mode' not described in 'security_inode_create'
security/security.c:1747: warning: expecting prototype for security_path_chroot(). Prototype was for security_inode_create() instead
security/security.c:2204: warning: Incorrect use of kernel-doc format: * security_inode_killpriv() - The setuid bit is removed, update LSM state
security/security.c:2216: warning: Incorrect use of kernel-doc format: * security_inode_getsecurity() - Get the xattr security label of an inode
security/security.c:2234: warning: Function parameter or member 'idmap' not described in 'security_inode_getsecurity'
security/security.c:2234: warning: Function parameter or member 'inode' not described in 'security_inode_getsecurity'
security/security.c:2234: warning: Function parameter or member 'name' not described in 'security_inode_getsecurity'
security/security.c:2234: warning: Function parameter or member 'buffer' not described in 'security_inode_getsecurity'
security/security.c:2234: warning: Function parameter or member 'alloc' not described in 'security_inode_getsecurity'
security/security.c:2234: warning: expecting prototype for security_inode_need_killpriv(). Prototype was for security_inode_getsecurity() instead
security/security.c:2319: warning: Incorrect use of kernel-doc format: * security_inode_copy_up() - Create new creds for an overlayfs copy-up op
security/security.c:2330: warning: Function parameter or member 'security_inode_copy_up' not described in 'EXPORT_SYMBOL'
security/security.c:2330: warning: expecting prototype for security_inode_getsecid(). Prototype was for EXPORT_SYMBOL() instead
security/security.c:2377: warning: Incorrect use of kernel-doc format: * security_file_permission() - Check file permissions
security/security.c:2396: warning: Function parameter or member 'file' not described in 'security_file_permission'
security/security.c:2396: warning: Function parameter or member 'mask' not described in 'security_file_permission'
security/security.c:2396: warning: expecting prototype for security_kernfs_init_security(). Prototype was for security_file_permission() instead
security/security.c:2459: warning: Function parameter or member 'security_file_ioctl' not described in 'EXPORT_SYMBOL_GPL'
security/security.c:2459: warning: expecting prototype for security_file_ioctl(). Prototype was for EXPORT_SYMBOL_GPL() instead
security/security.c:2527: warning: Incorrect use of kernel-doc format: * security_file_mprotect() - Check if changing memory protections is allowed
security/security.c:2538: warning: Function parameter or member 'vma' not described in 'security_file_mprotect'
security/security.c:2538: warning: Function parameter or member 'reqprot' not described in 'security_file_mprotect'
security/security.c:2538: warning: Function parameter or member 'prot' not described in 'security_file_mprotect'
security/security.c:2538: warning: expecting prototype for security_mmap_addr(). Prototype was for security_file_mprotect() instead
security/security.c:2559: warning: Incorrect use of kernel-doc format: * security_file_fcntl() - Check if fcntl() op is allowed
security/security.c:2574: warning: Incorrect use of kernel-doc format: * security_file_set_fowner() - Set the file owner info in the LSM blob
security/security.c:2584: warning: Incorrect use of kernel-doc format: * security_file_send_sigiotask() - Check if sending SIGIO/SIGURG is allowed
security/security.c:2599: warning: Incorrect use of kernel-doc format: * security_file_receive() - Check is receiving a file via IPC is allowed
security/security.c:2609: warning: Incorrect use of kernel-doc format: * security_file_open() - Save open() time state for late use by the LSM
security/security.c:2618: warning: expecting prototype for security_file_lock(). Prototype was for security_file_open() instead
security/security.c:2640: warning: Incorrect use of kernel-doc format: * security_task_alloc() - Allocate a task's LSM blob
security/security.c:2649: warning: Function parameter or member 'task' not described in 'security_task_alloc'
security/security.c:2649: warning: Function parameter or member 'clone_flags' not described in 'security_task_alloc'
security/security.c:2649: warning: expecting prototype for security_file_truncate(). Prototype was for security_task_alloc() instead
security/security.c:2781: warning: Incorrect use of kernel-doc format: * security_kernel_create_files_as() - Set file creation context using an inode
security/security.c:2793: warning: Incorrect use of kernel-doc format: * security_kernel_module_request() - Check is loading a module is allowed
security/security.c:2802: warning: Function parameter or member 'kmod_name' not described in 'security_kernel_module_request'
security/security.c:2802: warning: expecting prototype for security_kernel_act_as(). Prototype was for security_kernel_module_request() instead
security/security.c:2922: warning: Incorrect use of kernel-doc format: * security_task_fix_setgid() - Update LSM with new group id attributes
security/security.c:2937: warning: Incorrect use of kernel-doc format: * security_task_fix_setgroups() - Update LSM with new supplementary groups
security/security.c:2950: warning: Incorrect use of kernel-doc format: * security_task_setpgid() - Check if setting the pgid is allowed
security/security.c:2961: warning: Incorrect use of kernel-doc format: * security_task_getpgid() - Check if getting the pgid is allowed
security/security.c:2971: warning: Incorrect use of kernel-doc format: * security_task_getsid() - Check if getting the session id is allowed
security/security.c:2980: warning: Incorrect use of kernel-doc format: * security_current_getsecid_subj() - Get the current task's subjective secid
security/security.c:2987: warning: Function parameter or member 'secid' not described in 'security_current_getsecid_subj'
security/security.c:2987: warning: expecting prototype for security_task_fix_setuid(). Prototype was for security_current_getsecid_subj() instead
security/security.c:3019: warning: Incorrect use of kernel-doc format: * security_task_setioprio() - Check if setting a task's ioprio is allowed
security/security.c:3029: warning: Incorrect use of kernel-doc format: * security_task_getioprio() - Check if getting a task's ioprio is allowed
security/security.c:3038: warning: Incorrect use of kernel-doc format: * security_task_prlimit() - Check if get/setting resources limits is allowed
security/security.c:3050: warning: Incorrect use of kernel-doc format: * security_task_setrlimit() - Check if setting a new rlimit value is allowed
security/security.c:3063: warning: Incorrect use of kernel-doc format: * security_task_setscheduler() - Check if setting sched policy/param is allowed
security/security.c:3073: warning: Incorrect use of kernel-doc format: * security_task_getscheduler() - Check if getting scheduling info is allowed
security/security.c:3082: warning: Incorrect use of kernel-doc format: * security_task_movememory() - Check if moving memory is allowed
security/security.c:3091: warning: Incorrect use of kernel-doc format: * security_task_kill() - Check if sending a signal is allowed
security/security.c:3107: warning: Incorrect use of kernel-doc format: * security_task_prctl() - Check if a prctl op is allowed
security/security.c:3122: warning: Function parameter or member 'option' not described in 'security_task_prctl'
security/security.c:3122: warning: Function parameter or member 'arg2' not described in 'security_task_prctl'
security/security.c:3122: warning: Function parameter or member 'arg3' not described in 'security_task_prctl'
vim +822 security/security.c
20510f2f4e2dab James Morris 2007-10-16 811
1427ddbe5cc1a3 Paul Moore 2023-02-16 812 /**
1427ddbe5cc1a3 Paul Moore 2023-02-16 813 * security_binder_set_context_mgr() - Check if becoming binder ctx mgr is ok
1427ddbe5cc1a3 Paul Moore 2023-02-16 814 * @mgr: task credentials of current binder process
1427ddbe5cc1a3 Paul Moore 2023-02-16 815 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 816 * Check whether @mgr is allowed to be the binder context manager.
1427ddbe5cc1a3 Paul Moore 2023-02-16 817 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 818 * Return: Return 0 if permission is granted.
1427ddbe5cc1a3 Paul Moore 2023-02-16 819 */
79af73079d753b Stephen Smalley 2015-01-21 820
1427ddbe5cc1a3 Paul Moore 2023-02-16 821 /**
1427ddbe5cc1a3 Paul Moore 2023-02-16 @822 * security_binder_transaction() - Check if a binder transaction is allowed
1427ddbe5cc1a3 Paul Moore 2023-02-16 823 * @from: sending process
1427ddbe5cc1a3 Paul Moore 2023-02-16 824 * @to: receiving process
1427ddbe5cc1a3 Paul Moore 2023-02-16 825 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 826 * Check whether @from is allowed to invoke a binder transaction call to @to.
1427ddbe5cc1a3 Paul Moore 2023-02-16 827 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 828 * Return: Returns 0 if permission is granted.
1427ddbe5cc1a3 Paul Moore 2023-02-16 829 */
79af73079d753b Stephen Smalley 2015-01-21 830
1427ddbe5cc1a3 Paul Moore 2023-02-16 831 /**
1427ddbe5cc1a3 Paul Moore 2023-02-16 @832 * security_binder_transfer_binder() - Check if a binder transfer is allowed
1427ddbe5cc1a3 Paul Moore 2023-02-16 833 * @from: sending process
1427ddbe5cc1a3 Paul Moore 2023-02-16 834 * @to: receiving process
1427ddbe5cc1a3 Paul Moore 2023-02-16 835 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 836 * Check whether @from is allowed to transfer a binder reference to @to.
1427ddbe5cc1a3 Paul Moore 2023-02-16 837 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 838 * Return: Returns 0 if permission is granted.
1427ddbe5cc1a3 Paul Moore 2023-02-16 839 */
79af73079d753b Stephen Smalley 2015-01-21 840
1427ddbe5cc1a3 Paul Moore 2023-02-16 841 /**
1427ddbe5cc1a3 Paul Moore 2023-02-16 @842 * security_binder_transfer_file() - Check if a binder file xfer is allowed
1427ddbe5cc1a3 Paul Moore 2023-02-16 843 * @from: sending process
1427ddbe5cc1a3 Paul Moore 2023-02-16 844 * @to: receiving process
1427ddbe5cc1a3 Paul Moore 2023-02-16 845 * @file: file being transferred
1427ddbe5cc1a3 Paul Moore 2023-02-16 846 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 847 * Check whether @from is allowed to transfer @file to @to.
1427ddbe5cc1a3 Paul Moore 2023-02-16 848 *
1427ddbe5cc1a3 Paul Moore 2023-02-16 849 * Return: Returns 0 if permission is granted.
1427ddbe5cc1a3 Paul Moore 2023-02-16 850 */
79af73079d753b Stephen Smalley 2015-01-21 851
e261301c851aee Paul Moore 2023-02-16 852 /**
e261301c851aee Paul Moore 2023-02-16 @853 * security_ptrace_access_check() - Check if tracing is allowed
e261301c851aee Paul Moore 2023-02-16 854 * @child: target process
e261301c851aee Paul Moore 2023-02-16 855 * @mode: PTRACE_MODE flags
e261301c851aee Paul Moore 2023-02-16 856 *
e261301c851aee Paul Moore 2023-02-16 857 * Check permission before allowing the current process to trace the @child
e261301c851aee Paul Moore 2023-02-16 858 * process. Security modules may also want to perform a process tracing check
e261301c851aee Paul Moore 2023-02-16 859 * during an execve in the set_security or apply_creds hooks of tracing check
e261301c851aee Paul Moore 2023-02-16 860 * during an execve in the bprm_set_creds hook of binprm_security_ops if the
e261301c851aee Paul Moore 2023-02-16 861 * process is being traced and its security attributes would be changed by the
e261301c851aee Paul Moore 2023-02-16 862 * execve.
e261301c851aee Paul Moore 2023-02-16 863 *
e261301c851aee Paul Moore 2023-02-16 864 * Return: Returns 0 if permission is granted.
e261301c851aee Paul Moore 2023-02-16 865 */
5cd9c58fbe9ec9 David Howells 2008-08-14 866
e261301c851aee Paul Moore 2023-02-16 867 /**
e261301c851aee Paul Moore 2023-02-16 @868 * security_ptrace_traceme() - Check if tracing is allowed
e261301c851aee Paul Moore 2023-02-16 869 * @parent: tracing process
e261301c851aee Paul Moore 2023-02-16 870 *
e261301c851aee Paul Moore 2023-02-16 871 * Check that the @parent process has sufficient permission to trace the
e261301c851aee Paul Moore 2023-02-16 872 * current process before allowing the current process to present itself to the
e261301c851aee Paul Moore 2023-02-16 873 * @parent process for tracing.
e261301c851aee Paul Moore 2023-02-16 874 *
e261301c851aee Paul Moore 2023-02-16 875 * Return: Returns 0 if permission is granted.
e261301c851aee Paul Moore 2023-02-16 876 */
20510f2f4e2dab James Morris 2007-10-16 877
e261301c851aee Paul Moore 2023-02-16 878 /**
e261301c851aee Paul Moore 2023-02-16 @879 * security_capget() - Get the capability sets for a process
e261301c851aee Paul Moore 2023-02-16 880 * @target: target process
e261301c851aee Paul Moore 2023-02-16 881 * @effective: effective capability set
e261301c851aee Paul Moore 2023-02-16 882 * @inheritable: inheritable capability set
e261301c851aee Paul Moore 2023-02-16 883 * @permitted: permitted capability set
e261301c851aee Paul Moore 2023-02-16 884 *
e261301c851aee Paul Moore 2023-02-16 885 * Get the @effective, @inheritable, and @permitted capability sets for the
e261301c851aee Paul Moore 2023-02-16 886 * @target process. The hook may also perform permission checking to determine
e261301c851aee Paul Moore 2023-02-16 887 * if the current process is allowed to see the capability sets of the @target
e261301c851aee Paul Moore 2023-02-16 888 * process.
e261301c851aee Paul Moore 2023-02-16 889 *
e261301c851aee Paul Moore 2023-02-16 890 * Return: Returns 0 if the capability sets were successfully obtained.
e261301c851aee Paul Moore 2023-02-16 891 */
20510f2f4e2dab James Morris 2007-10-16 892
e261301c851aee Paul Moore 2023-02-16 893 /**
e261301c851aee Paul Moore 2023-02-16 @894 * security_capset() - Set the capability sets for a process
e261301c851aee Paul Moore 2023-02-16 895 * @new: new credentials for the target process
e261301c851aee Paul Moore 2023-02-16 896 * @old: current credentials of the target process
e261301c851aee Paul Moore 2023-02-16 897 * @effective: effective capability set
e261301c851aee Paul Moore 2023-02-16 898 * @inheritable: inheritable capability set
e261301c851aee Paul Moore 2023-02-16 899 * @permitted: permitted capability set
e261301c851aee Paul Moore 2023-02-16 900 *
e261301c851aee Paul Moore 2023-02-16 901 * Set the @effective, @inheritable, and @permitted capability sets for the
e261301c851aee Paul Moore 2023-02-16 902 * current process.
e261301c851aee Paul Moore 2023-02-16 903 *
e261301c851aee Paul Moore 2023-02-16 904 * Return: Returns 0 and update @new if permission is granted.
e261301c851aee Paul Moore 2023-02-16 905 */
20510f2f4e2dab James Morris 2007-10-16 906
e261301c851aee Paul Moore 2023-02-16 907 /**
e261301c851aee Paul Moore 2023-02-16 @908 * security_capable() - Check if a process has the necessary capability
e261301c851aee Paul Moore 2023-02-16 909 * @cred: credentials to examine
e261301c851aee Paul Moore 2023-02-16 910 * @ns: user namespace
e261301c851aee Paul Moore 2023-02-16 911 * @cap: capability requested
e261301c851aee Paul Moore 2023-02-16 912 * @opts: capability check options
e261301c851aee Paul Moore 2023-02-16 913 *
e261301c851aee Paul Moore 2023-02-16 914 * Check whether the @tsk process has the @cap capability in the indicated
e261301c851aee Paul Moore 2023-02-16 915 * credentials. @cap contains the capability <include/linux/capability.h>.
e261301c851aee Paul Moore 2023-02-16 916 * @opts contains options for the capable check <include/linux/security.h>.
e261301c851aee Paul Moore 2023-02-16 917 *
e261301c851aee Paul Moore 2023-02-16 918 * Return: Returns 0 if the capability is granted.
e261301c851aee Paul Moore 2023-02-16 919 */
20510f2f4e2dab James Morris 2007-10-16 920
e261301c851aee Paul Moore 2023-02-16 921 /**
e261301c851aee Paul Moore 2023-02-16 @922 * security_quotactl() - Check if a quotactl() syscall is allowed for this fs
e261301c851aee Paul Moore 2023-02-16 923 * @cmds: commands
e261301c851aee Paul Moore 2023-02-16 924 * @type: type
e261301c851aee Paul Moore 2023-02-16 925 * @id: id
e261301c851aee Paul Moore 2023-02-16 926 * @sb: filesystem
e261301c851aee Paul Moore 2023-02-16 927 *
e261301c851aee Paul Moore 2023-02-16 928 * Check whether the quotactl syscall is allowed for this @sb.
e261301c851aee Paul Moore 2023-02-16 929 *
e261301c851aee Paul Moore 2023-02-16 930 * Return: Returns 0 if permission is granted.
e261301c851aee Paul Moore 2023-02-16 931 */
20510f2f4e2dab James Morris 2007-10-16 932
e261301c851aee Paul Moore 2023-02-16 933 /**
e261301c851aee Paul Moore 2023-02-16 @934 * security_quota_on() - Check if QUOTAON is allowed for a dentry
e261301c851aee Paul Moore 2023-02-16 935 * @dentry: dentry
e261301c851aee Paul Moore 2023-02-16 936 *
e261301c851aee Paul Moore 2023-02-16 937 * Check whether QUOTAON is allowed for @dentry.
e261301c851aee Paul Moore 2023-02-16 938 *
e261301c851aee Paul Moore 2023-02-16 939 * Return: Returns 0 if permission is granted.
e261301c851aee Paul Moore 2023-02-16 940 */
20510f2f4e2dab James Morris 2007-10-16 941
e261301c851aee Paul Moore 2023-02-16 942 /**
e261301c851aee Paul Moore 2023-02-16 @943 * security_syslog() - Check if accessing the kernel message ring is allowed
e261301c851aee Paul Moore 2023-02-16 944 * @type: SYSLOG_ACTION_* type
e261301c851aee Paul Moore 2023-02-16 945 *
e261301c851aee Paul Moore 2023-02-16 946 * Check permission before accessing the kernel message ring or changing
e261301c851aee Paul Moore 2023-02-16 947 * logging to the console. See the syslog(2) manual page for an explanation of
e261301c851aee Paul Moore 2023-02-16 948 * the @type values.
e261301c851aee Paul Moore 2023-02-16 949 *
e261301c851aee Paul Moore 2023-02-16 950 * Return: Return 0 if permission is granted.
e261301c851aee Paul Moore 2023-02-16 951 */
20510f2f4e2dab James Morris 2007-10-16 952
e261301c851aee Paul Moore 2023-02-16 953 /**
e261301c851aee Paul Moore 2023-02-16 @954 * security_settime64() - Check if changing the system time is allowed
e261301c851aee Paul Moore 2023-02-16 955 * @ts: new time
e261301c851aee Paul Moore 2023-02-16 956 * @tz: timezone
e261301c851aee Paul Moore 2023-02-16 957 *
e261301c851aee Paul Moore 2023-02-16 958 * Check permission to change the system time, struct timespec64 is defined in
e261301c851aee Paul Moore 2023-02-16 959 * <include/linux/time64.h> and timezone is defined in <include/linux/time.h>.
e261301c851aee Paul Moore 2023-02-16 960 *
e261301c851aee Paul Moore 2023-02-16 961 * Return: Returns 0 if permission is granted.
e261301c851aee Paul Moore 2023-02-16 962 */
457db29bfcfd1d Baolin Wang 2016-04-08 963 int security_settime64(const struct timespec64 *ts, const struct timezone *tz)
20510f2f4e2dab James Morris 2007-10-16 @964 {
f25fce3e8f1f15 Casey Schaufler 2015-05-02 965 return call_int_hook(settime, 0, ts, tz);
20510f2f4e2dab James Morris 2007-10-16 966 }
20510f2f4e2dab James Morris 2007-10-16 967
e261301c851aee Paul Moore 2023-02-16 968 /**
e261301c851aee Paul Moore 2023-02-16 969 * security_vm_enough_memory_mm() - Check if allocating a new mem map is allowed
e261301c851aee Paul Moore 2023-02-16 970 * @mm: mm struct
e261301c851aee Paul Moore 2023-02-16 971 * @pages: number of pages
e261301c851aee Paul Moore 2023-02-16 972 *
e261301c851aee Paul Moore 2023-02-16 973 * Check permissions for allocating a new virtual mapping. If all LSMs return
e261301c851aee Paul Moore 2023-02-16 974 * a positive value, __vm_enough_memory() will be called with cap_sys_admin
e261301c851aee Paul Moore 2023-02-16 975 * set. If at least one LSM returns 0 or negative, __vm_enough_memory() will be
e261301c851aee Paul Moore 2023-02-16 976 * called with cap_sys_admin cleared.
e261301c851aee Paul Moore 2023-02-16 977 *
e261301c851aee Paul Moore 2023-02-16 978 * Return: Returns 0 if permission is granted by the LSM infrastructure to the
e261301c851aee Paul Moore 2023-02-16 979 * caller.
e261301c851aee Paul Moore 2023-02-16 980 */
20510f2f4e2dab James Morris 2007-10-16 981 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
20510f2f4e2dab James Morris 2007-10-16 982 {
b1d9e6b0646d0e Casey Schaufler 2015-05-02 983 struct security_hook_list *hp;
b1d9e6b0646d0e Casey Schaufler 2015-05-02 984 int cap_sys_admin = 1;
b1d9e6b0646d0e Casey Schaufler 2015-05-02 985 int rc;
b1d9e6b0646d0e Casey Schaufler 2015-05-02 986
b1d9e6b0646d0e Casey Schaufler 2015-05-02 987 /*
b1d9e6b0646d0e Casey Schaufler 2015-05-02 988 * The module will respond with a positive value if
b1d9e6b0646d0e Casey Schaufler 2015-05-02 989 * it thinks the __vm_enough_memory() call should be
b1d9e6b0646d0e Casey Schaufler 2015-05-02 990 * made with the cap_sys_admin set. If all of the modules
b1d9e6b0646d0e Casey Schaufler 2015-05-02 991 * agree that it should be set it will. If any module
b1d9e6b0646d0e Casey Schaufler 2015-05-02 992 * thinks it should not be set it won't.
b1d9e6b0646d0e Casey Schaufler 2015-05-02 993 */
df0ce17331e250 Sargun Dhillon 2018-03-29 994 hlist_for_each_entry(hp, &security_hook_heads.vm_enough_memory, list) {
b1d9e6b0646d0e Casey Schaufler 2015-05-02 995 rc = hp->hook.vm_enough_memory(mm, pages);
b1d9e6b0646d0e Casey Schaufler 2015-05-02 996 if (rc <= 0) {
b1d9e6b0646d0e Casey Schaufler 2015-05-02 997 cap_sys_admin = 0;
b1d9e6b0646d0e Casey Schaufler 2015-05-02 998 break;
b1d9e6b0646d0e Casey Schaufler 2015-05-02 999 }
b1d9e6b0646d0e Casey Schaufler 2015-05-02 1000 }
b1d9e6b0646d0e Casey Schaufler 2015-05-02 1001 return __vm_enough_memory(mm, pages, cap_sys_admin);
20510f2f4e2dab James Morris 2007-10-16 1002 }
20510f2f4e2dab James Morris 2007-10-16 1003
1661372c912d19 Paul Moore 2023-02-07 1004 /**
1661372c912d19 Paul Moore 2023-02-07 1005 * security_bprm_creds_for_exec() - Prepare the credentials for exec()
1661372c912d19 Paul Moore 2023-02-07 1006 * @bprm: binary program information
1661372c912d19 Paul Moore 2023-02-07 1007 *
1661372c912d19 Paul Moore 2023-02-07 1008 * If the setup in prepare_exec_creds did not setup @bprm->cred->security
1661372c912d19 Paul Moore 2023-02-07 1009 * properly for executing @bprm->file, update the LSM's portion of
1661372c912d19 Paul Moore 2023-02-07 1010 * @bprm->cred->security to be what commit_creds needs to install for the new
1661372c912d19 Paul Moore 2023-02-07 1011 * program. This hook may also optionally check permissions (e.g. for
1661372c912d19 Paul Moore 2023-02-07 1012 * transitions between security domains). The hook must set @bprm->secureexec
1661372c912d19 Paul Moore 2023-02-07 1013 * to 1 if AT_SECURE should be set to request libc enable secure mode. @bprm
1661372c912d19 Paul Moore 2023-02-07 1014 * contains the linux_binprm structure.
1661372c912d19 Paul Moore 2023-02-07 1015 *
1661372c912d19 Paul Moore 2023-02-07 1016 * Return: Returns 0 if the hook is successful and permission is granted.
1661372c912d19 Paul Moore 2023-02-07 1017 */
b8bff599261c93 Eric W. Biederman 2020-03-22 1018
1661372c912d19 Paul Moore 2023-02-07 1019 /**
1661372c912d19 Paul Moore 2023-02-07 @1020 * security_bprm_creds_from_file() - Update linux_binprm creds based on file
1661372c912d19 Paul Moore 2023-02-07 1021 * @bprm: binary program information
1661372c912d19 Paul Moore 2023-02-07 1022 * @file: associated file
1661372c912d19 Paul Moore 2023-02-07 1023 *
1661372c912d19 Paul Moore 2023-02-07 1024 * If @file is setpcap, suid, sgid or otherwise marked to change privilege upon
1661372c912d19 Paul Moore 2023-02-07 1025 * exec, update @bprm->cred to reflect that change. This is called after
1661372c912d19 Paul Moore 2023-02-07 1026 * finding the binary that will be executed without an interpreter. This
1661372c912d19 Paul Moore 2023-02-07 1027 * ensures that the credentials will not be derived from a script that the
1661372c912d19 Paul Moore 2023-02-07 1028 * binary will need to reopen, which when reopend may end up being a completely
1661372c912d19 Paul Moore 2023-02-07 1029 * different file. This hook may also optionally check permissions (e.g. for
1661372c912d19 Paul Moore 2023-02-07 1030 * transitions between security domains). The hook must set @bprm->secureexec
1661372c912d19 Paul Moore 2023-02-07 1031 * to 1 if AT_SECURE should be set to request libc enable secure mode. The
1661372c912d19 Paul Moore 2023-02-07 1032 * hook must add to @bprm->per_clear any personality flags that should be
1661372c912d19 Paul Moore 2023-02-07 1033 * cleared from current->personality. @bprm contains the linux_binprm
1661372c912d19 Paul Moore 2023-02-07 1034 * structure.
1661372c912d19 Paul Moore 2023-02-07 1035 *
1661372c912d19 Paul Moore 2023-02-07 1036 * Return: Returns 0 if the hook is successful and permission is granted.
1661372c912d19 Paul Moore 2023-02-07 1037 */
20510f2f4e2dab James Morris 2007-10-16 1038
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
More information about the Linux-security-module-archive
mailing list