Commit 8a23c9e1 authored by Paul Moore's avatar Paul Moore
Browse files

selinux,smack: properly reference the LSM blob in security_watch_key() 



Unfortunately when we migrated the lifecycle management of the key LSM
blob to the LSM framework we forgot to convert the security_watch_key()
callbacks for SELinux and Smack.  This patch corrects this by making use
of the selinux_key() and smack_key() helper functions respectively.

This patch also removes some input checking in the Smack callback as it
is no longer needed.

Fixes: 5f8d28f6 ("lsm: infrastructure management of the key security blob")
Reported-by: default avatar <syzbot+044fdf24e96093584232@syzkaller.appspotmail.com>
Tested-by: default avatar <syzbot+044fdf24e96093584232@syzkaller.appspotmail.com>
Reviewed-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent ea7e2d5e

security/selinux/hooks.c

+1 −1
Original line number Diff line number Diff line
@@ -6720,7 +6720,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) 
#ifdef CONFIG_KEY_NOTIFICATIONS

static int selinux_watch_key(struct key *key)

{

	struct key_security_struct *ksec = key->security;

	struct key_security_struct *ksec = selinux_key(key);

	u32 sid = current_sid();



	return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, KEY__VIEW, NULL);

security/smack/smack_lsm.c

+3 −10
Original line number Diff line number Diff line
@@ -4629,16 +4629,9 @@ static int smack_watch_key(struct key *key) 
{

	struct smk_audit_info ad;

	struct smack_known *tkp = smk_of_current();

	struct smack_known **blob = smack_key(key);

	int rc;



	if (key == NULL)

		return -EINVAL;

	/*

	 * If the key hasn't been initialized give it access so that

	 * it may do so.

	 */

	if (key->security == NULL)

		return 0;

	/*

	 * This should not occur

	 */
@@ -4653,8 +4646,8 @@ static int smack_watch_key(struct key *key) 
	ad.a.u.key_struct.key = key->serial;

	ad.a.u.key_struct.key_desc = key->description;

#endif

	rc = smk_access(tkp, key->security, MAY_READ, &ad);

	rc = smk_bu_note("key watch", tkp, key->security, MAY_READ, rc);

	rc = smk_access(tkp, *blob, MAY_READ, &ad);

	rc = smk_bu_note("key watch", tkp, *blob, MAY_READ, rc);

	return rc;

}

#endif /* CONFIG_KEY_NOTIFICATIONS */