[PATCH 1/6] LSM: Infrastructure management of the sock security

Tue Jul 9 23:29:14 UTC 2024

On 7/9/2024 4:05 PM, Paul Moore wrote:
> On Tue, Jul 9, 2024 at 7:00 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>> On 7/9/2024 12:15 PM, Paul Moore wrote:
>>> On Mon, Jul 8, 2024 at 5:40 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>>>> Move management of the sock->sk_security blob out
>>>> of the individual security modules and into the security
>>>> infrastructure. Instead of allocating the blobs from within
>>>> the modules the modules tell the infrastructure how much
>>>> space is required, and the space is allocated there.
>>>>
>>>> Acked-by: Paul Moore <paul at paul-moore.com>
>>>> Reviewed-by: Kees Cook <keescook at chromium.org>
>>>> Reviewed-by: John Johansen <john.johansen at canonical.com>
>>>> Acked-by: Stephen Smalley <stephen.smalley.work at gmail.com>
>>>> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
>>>> ---
>>>>  include/linux/lsm_hooks.h         |  1 +
>>>>  security/apparmor/include/net.h   |  3 +-
>>>>  security/apparmor/lsm.c           | 17 +------
>>>>  security/apparmor/net.c           |  2 +-
>>>>  security/security.c               | 36 +++++++++++++-
>>>>  security/selinux/hooks.c          | 80 ++++++++++++++-----------------
>>>>  security/selinux/include/objsec.h |  5 ++
>>>>  security/selinux/netlabel.c       | 23 ++++-----
>>>>  security/smack/smack.h            |  5 ++
>>>>  security/smack/smack_lsm.c        | 70 +++++++++++++--------------
>>>>  security/smack/smack_netfilter.c  |  4 +-
>>>>  11 files changed, 133 insertions(+), 113 deletions(-)
>>> ..
>>>
>>>> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
>>>> index 7eed331e90f0..19346e1817ff 100644
>>>> --- a/security/selinux/hooks.c
>>>> +++ b/security/selinux/hooks.c
>>>> @@ -5495,8 +5488,8 @@ static void selinux_sctp_sk_clone(struct sctp_association *asoc, struct sock *sk
>>>>
>>>>  static int selinux_mptcp_add_subflow(struct sock *sk, struct sock *ssk)
>>>>  {
>>>> -       struct sk_security_struct *ssksec = ssk->sk_security;
>>>> -       struct sk_security_struct *sksec = sk->sk_security;
>>>> +       struct sk_security_struct *ssksec = selinux_sock(ssk);
>>>> +       struct sk_security_struct *sksec = selinux_sock(sk);
>>>>
>>>>         ssksec->sclass = sksec->sclass;
>>>>         ssksec->sid = sksec->sid;
>>> That's new :)
>>>
>>> Unfortunately I merged a previous version of this patch into lsm/dev a
>>> couple of weeks ago (see below) which appears to have a bug based on
>>> the changes in this revision (lore link below).  While I'm generally
>>> adverse to popping patches off the lsm/dev branch so as to not upset
>>> any ongoing development work, given that we are at -rc7 it's probably
>>> okay and much cleaner than doing a full revert; I'll remove that
>>> commit now.
>> Sorry 'bout that. I had troubles with kernels built from lsm/dev crashing,
>> so I switched to linus' tree.
> No worries, that's fine, my policy is that I'll typically resolve
> merge conflicts so long as the patches are based on either Linus' or
> the subsystem tree.  In this case it turned out to be a good thing as
> it highlighted the MPTCP omission in the commit merged into lsm/dev.
>
> However, do you have any more detail on the lsm/dev crashes you are
> seeing?  I wonder if it is general v6.10-rc1 instability ...

Alas, no. My VMs just stopped hard, with no panic or traces.
The problem went away with rc3 (I did almost nothing with rc2)
so I shrugged it off and moved on.