Commit 121cc35c authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'lsm-pr-20251201' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm 

Pull LSM updates from Paul Moore:

 - Rework the LSM initialization code

   What started as a "quick" patch to enable a notification event once
   all of the individual LSMs were initialized, snowballed a bit into a
   30+ patch patchset when everything was done. Most of the patches, and
   diffstat, is due to splitting out the initialization code into
   security/lsm_init.c and cleaning up some of the mess that was there.
   While not strictly necessary, it does cleanup the code signficantly,
   and hopefully makes the upkeep a bit easier in the future.

   Aside from the new LSM_STARTED_ALL notification, these changes also
   ensure that individual LSM initcalls are only called when the LSM is
   enabled at boot time. There should be a minor reduction in boot times
   for those who build multiple LSMs into their kernels, but only enable
   a subset at boot.

   It is worth mentioning that nothing at present makes use of the
   LSM_STARTED_ALL notification, but there is work in progress which is
   dependent upon LSM_STARTED_ALL.

 - Make better use of the seq_put*() helpers in device_cgroup

* tag 'lsm-pr-20251201' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: (36 commits)
  lsm: use unrcu_pointer() for current->cred in security_init()
  device_cgroup: Refactor devcgroup_seq_show to use seq_put* helpers
  lsm: add a LSM_STARTED_ALL notification event
  lsm: consolidate all of the LSM framework initcalls
  selinux: move initcalls to the LSM framework
  ima,evm: move initcalls to the LSM framework
  lockdown: move initcalls to the LSM framework
  apparmor: move initcalls to the LSM framework
  safesetid: move initcalls to the LSM framework
  tomoyo: move initcalls to the LSM framework
  smack: move initcalls to the LSM framework
  ipe: move initcalls to the LSM framework
  loadpin: move initcalls to the LSM framework
  lsm: introduce an initcall mechanism into the LSM framework
  lsm: group lsm_order_parse() with the other lsm_order_*() functions
  lsm: output available LSMs when debugging
  lsm: cleanup the debug and console output in lsm_init.c
  lsm: add/tweak function header comment blocks in lsm_init.c
  lsm: fold lsm_init_ordered() into security_init()
  lsm: cleanup initialize_lsm() and rename to lsm_init_single()
  ...
parents 7fc2cd2e 9a948eef

include/linux/lsm_hooks.h

+47 −26
Original line number Diff line number Diff line
@@ -102,23 +102,23 @@ struct security_hook_list { 
 * Security blob size or offset data.

 */

struct lsm_blob_sizes {

	int lbs_cred;

	int lbs_file;

	int lbs_ib;

	int lbs_inode;

	int lbs_sock;

	int lbs_superblock;

	int lbs_ipc;

	int lbs_key;

	int lbs_msg_msg;

	int lbs_perf_event;

	int lbs_task;

	int lbs_xattr_count; /* number of xattr slots in new_xattrs array */

	int lbs_tun_dev;

	int lbs_bdev;

	int lbs_bpf_map;

	int lbs_bpf_prog;

	int lbs_bpf_token;

	unsigned int lbs_cred;

	unsigned int lbs_file;

	unsigned int lbs_ib;

	unsigned int lbs_inode;

	unsigned int lbs_sock;

	unsigned int lbs_superblock;

	unsigned int lbs_ipc;

	unsigned int lbs_key;

	unsigned int lbs_msg_msg;

	unsigned int lbs_perf_event;

	unsigned int lbs_task;

	unsigned int lbs_xattr_count; /* num xattr slots in new_xattrs array */

	unsigned int lbs_tun_dev;

	unsigned int lbs_bdev;

	unsigned int lbs_bpf_map;

	unsigned int lbs_bpf_prog;

	unsigned int lbs_bpf_token;

};



/*
@@ -151,13 +151,36 @@ enum lsm_order { 
	LSM_ORDER_LAST = 1,	/* This is only for integrity. */

};



/**

 * struct lsm_info - Define an individual LSM for the LSM framework.

 * @id: LSM name/ID info

 * @order: ordering with respect to other LSMs, optional

 * @flags: descriptive flags, optional

 * @blobs: LSM blob sharing, optional

 * @enabled: controlled by CONFIG_LSM, optional

 * @init: LSM specific initialization routine

 * @initcall_pure: LSM callback for initcall_pure() setup, optional

 * @initcall_early: LSM callback for early_initcall setup, optional

 * @initcall_core: LSM callback for core_initcall() setup, optional

 * @initcall_subsys: LSM callback for subsys_initcall() setup, optional

 * @initcall_fs: LSM callback for fs_initcall setup, optional

 * @nitcall_device: LSM callback for device_initcall() setup, optional

 * @initcall_late: LSM callback for late_initcall() setup, optional

 */

struct lsm_info {

	const char *name;	/* Required. */

	enum lsm_order order;	/* Optional: default is LSM_ORDER_MUTABLE */

	unsigned long flags;	/* Optional: flags describing LSM */

	int *enabled;		/* Optional: controlled by CONFIG_LSM */

	int (*init)(void);	/* Required. */

	struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */

	const struct lsm_id *id;

	enum lsm_order order;

	unsigned long flags;

	struct lsm_blob_sizes *blobs;

	int *enabled;

	int (*init)(void);

	int (*initcall_pure)(void);

	int (*initcall_early)(void);

	int (*initcall_core)(void);

	int (*initcall_subsys)(void);

	int (*initcall_fs)(void);

	int (*initcall_device)(void);

	int (*initcall_late)(void);

};



#define DEFINE_LSM(lsm)							\
@@ -170,11 +193,9 @@ struct lsm_info { 
		__used __section(".early_lsm_info.init")		\

		__aligned(sizeof(unsigned long))





/* DO NOT tamper with these variables outside of the LSM framework */

extern char *lsm_names;

extern struct lsm_static_calls_table static_calls_table __ro_after_init;

extern struct lsm_info __start_lsm_info[], __end_lsm_info[];

extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[];



/**

 * lsm_get_xattr_slot - Return the next available slot and increment the index

include/linux/security.h

+1 −2
Original line number Diff line number Diff line
@@ -85,6 +85,7 @@ struct timezone; 


enum lsm_event {

	LSM_POLICY_CHANGE,

	LSM_STARTED_ALL,

};



struct dm_verity_digest {
@@ -167,8 +168,6 @@ struct lsm_prop { 
};



extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];

extern u32 lsm_active_cnt;

extern const struct lsm_id *lsm_idlist[];



/* These functions are in security/commoncap.c */

extern int cap_capable(const struct cred *cred, struct user_namespace *ns,

security/Makefile

+1 −1
Original line number Diff line number Diff line
@@ -11,7 +11,7 @@ obj-$(CONFIG_SECURITY) += lsm_syscalls.o 
obj-$(CONFIG_MMU)			+= min_addr.o



# Object file lists

obj-$(CONFIG_SECURITY)			+= security.o

obj-$(CONFIG_SECURITY)			+= security.o lsm_notifier.o lsm_init.o

obj-$(CONFIG_SECURITYFS)		+= inode.o

obj-$(CONFIG_SECURITY_SELINUX)		+= selinux/

obj-$(CONFIG_SECURITY_SMACK)		+= smack/

security/apparmor/apparmorfs.c

+1 −3
Original line number Diff line number Diff line
@@ -2649,7 +2649,7 @@ static const struct inode_operations policy_link_iops = { 
 *

 * Returns: error on failure

 */

static int __init aa_create_aafs(void)

int __init aa_create_aafs(void)

{

	struct dentry *dent;

	int error;
@@ -2728,5 +2728,3 @@ static int __init aa_create_aafs(void) 
	AA_ERROR("Error creating AppArmor securityfs\n");

	return error;

}
 


fs_initcall(aa_create_aafs);

security/apparmor/crypto.c

+1 −2
Original line number Diff line number Diff line
@@ -53,10 +53,9 @@ int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start, 
	return 0;

}



static int __init init_profile_hash(void)

int __init init_profile_hash(void)

{

	if (apparmor_initialized)

		aa_info_message("AppArmor sha256 policy hashing enabled");

	return 0;

}
 
late_initcall(init_profile_hash);