On Mon, Mar 8, 2021 at 2:25 PM Richard Guy Briggs <rgb(a)redhat.com> wrote:
On 2021-02-19 18:29, Paul Moore wrote:
> Of the three LSMs that implement the security_task_getsecid() LSM
> hook, all three LSMs provide the task's objective security
> credentials. This turns out to be unfortunate as most of the hook's
> callers seem to expect the task's subjective credentials, although
> a small handful of callers do correctly expect the objective
> credentials.
>
> This patch is the first step towards fixing the problem: it splits
> the existing security_task_getsecid() hook into two variants, one
> for the subjective creds, one for the objective creds.
>
> void security_task_getsecid_subj(struct task_struct *p,
> u32 *secid);
> void security_task_getsecid_obj(struct task_struct *p,
> u32 *secid);
>
> While this patch does fix all of the callers to use the correct
> variant, in order to keep this patch focused on the callers and to
> ease review, the LSMs continue to use the same implementation for
> both hooks. The net effect is that this patch should not change
> the behavior of the kernel in any way, it will be up to the latter
> LSM specific patches in this series to change the hook
> implementations and return the correct credentials.
>
> Signed-off-by: Paul Moore <paul(a)paul-moore.com>
Audit: Acked-by: Richard Guy Briggs <rgb(a)redhat.com>
Reviewed-by: Richard Guy Briggs <rgb(a)redhat.com>
Thanks Richard, I added your review tag to the LSM, SELinux, and Smack patches.
--
paul moore
www.paul-moore.com