Re: [PATCH] security: selinux: Change return type to vm_fault_t
On Sat, Apr 14, 2018 at 11:32 AM, Souptick Joarderwrote: > Use new return type vm_fault_t for fault handler > in struct vm_operations_struct. > > Signed-off-by: Souptick Joarder > Reviewed-by: Matthew Wilcox > --- > security/selinux/selinuxfs.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Merged, thanks. > diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c > index 00eed84..dfc31c6 100644 > --- a/security/selinux/selinuxfs.c > +++ b/security/selinux/selinuxfs.c > @@ -418,7 +418,7 @@ static ssize_t sel_read_policy(struct file *filp, char > __user *buf, > return ret; > } > > -static int sel_mmap_policy_fault(struct vm_fault *vmf) > +static vm_fault_t sel_mmap_policy_fault(struct vm_fault *vmf) > { > struct policy_load_memory *plm = vmf->vma->vm_file->private_data; > unsigned long offset; > -- > 1.9.1 -- paul moore www.paul-moore.com
SELinux next branch rebased to v4.17-rc1
A quick heads-up that selinux/next has been rebased on top of Linus' latest and greatest. No need to rebase patches that you've already sent to the list, but please use selinux/next (or v4.17-rc1) for any new work. Thanks. -- paul moore www.paul-moore.com
Re: [PATCH ghak46 V1] audit: normalize MAC_STATUS record
On Monday, April 16, 2018 10:11:01 AM EDT Richard Guy Briggs wrote: > On 2018-04-16 09:26, Ondrej Mosnacek wrote: > > 2018-04-10 1:34 GMT+02:00 Richard Guy Briggs: > > > There were two formats of the audit MAC_STATUS record, one of which was > > > more standard than the other. One listed enforcing status changes and > > > the other listed enabled status changes with a non-standard label. In > > > addition, the record was missing information about which LSM was > > > responsible and the operation's completion status. While this record > > > is > > > only issued on success, the parser expects the res= field to be > > > present. > > > > > > old enforcing/permissive: > > > type=MAC_STATUS msg=audit(1523312831.378:24514): enforcing=0 > > > old_enforcing=1 auid=0 ses=1 old enable/disable: > > > type=MAC_STATUS msg=audit(1523312831.378:24514): selinux=0 auid=0 ses=1 > > > > > > List both sets of status and old values and add the lsm= field and the > > > res= field. > > > > > > Here is the new format: > > > type=MAC_STATUS msg=audit(1523293828.657:891): enforcing=0 > > > old_enforcing=1 auid=0 ses=1 enabled=1 old-enabled=1 lsm=selinux res=1 > > > > > > This record already accompanied a SYSCALL record. > > > > > > See: https://github.com/linux-audit/audit-kernel/issues/46 > > > Signed-off-by: Richard Guy Briggs > > > --- > > > > > > security/selinux/selinuxfs.c | 11 +++ > > > 1 file changed, 7 insertions(+), 4 deletions(-) > > > > > > diff --git a/security/selinux/selinuxfs.c > > > b/security/selinux/selinuxfs.c > > > index 00eed84..00b21b2 100644 > > > --- a/security/selinux/selinuxfs.c > > > +++ b/security/selinux/selinuxfs.c > > > @@ -145,10 +145,11 @@ static ssize_t sel_write_enforce(struct file > > > *file, const char __user *buf,> > > > > if (length) > > > > > > goto out; > > > > > > audit_log(current->audit_context, GFP_KERNEL, > > > AUDIT_MAC_STATUS, > > > > > > - "enforcing=%d old_enforcing=%d auid=%u ses=%u", > > > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" > > > + " enabled=%d old-enabled=%d lsm=selinux res=1", > > > > This is just a tiny nit but why does "old_enforcing" use an underscore > > and "old-enabled" a dash? Shouldn't the style be consistent across > > fields? Well, we have this thing called the field dictionary: https://github.com/linux-audit/audit-documentation/blob/master/specs/fields/ field-dictionary.csv If a field exists, we should reuse it and follow the exact formatting for the value side. In this case, old_enforcing is in the dictionary. So, it should be used. > Yes, but my understanding is a preference for underscore, and not to > change existing field names. > > Steve? When you are gluing 2 words together, I prefer a dash. But, in this case we alreday have precedent that the field name exists, so we should reuse it. -Steve > > Just my two cents... > > These details are worth noticing, thank you. > > > > new_value, selinux_enforcing, > > > from_kuid(_user_ns, > > > audit_get_loginuid(current)), > > > > > > - audit_get_sessionid(current)); > > > + audit_get_sessionid(current), selinux_enabled, > > > selinux_enabled);> > > > > selinux_enforcing = new_value; > > > if (selinux_enforcing) > > > > > > avc_ss_reset(0); > > > > > > @@ -272,9 +273,11 @@ static ssize_t sel_write_disable(struct file > > > *file, const char __user *buf,> > > > > if (length) > > > > > > goto out; > > > > > > audit_log(current->audit_context, GFP_KERNEL, > > > AUDIT_MAC_STATUS, > > > > > > - "selinux=0 auid=%u ses=%u", > > > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" > > > + " enabled=%d old-enabled=%d lsm=selinux res=1", > > > + selinux_enforcing, selinux_enforcing, > > > > ^ also here > > > > > from_kuid(_user_ns, > > > audit_get_loginuid(current)), > > > > > > - audit_get_sessionid(current)); > > > + audit_get_sessionid(current), 0, 1); > > > > > > } > > > > > > length = count; > > > > Ondrej Mosnacek > > - RGB > > -- > Richard Guy Briggs > Sr. S/W Engineer, Kernel Security, Base Operating Systems > Remote, Ottawa, Red Hat Canada > IRC: rgb, SunRaycer > Voice: +1.647.777.2635, Internal: (81) 32635 > > -- > Linux-audit mailing list > linux-au...@redhat.com > https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH 5/5] libselinux: remove unused variable usercon
On 04/16/2018 11:30 AM, William Roberts wrote: On Mon, Apr 16, 2018 at 5:34 AM, Stephen Smalleywrote: On 04/13/2018 08:40 PM, William Roberts wrote: In general this series looks fine. However, checkpatch.pl is complaining about DOS line endings in your patches: For example: ERROR: DOS line endings #325: FILE: libselinux/src/label_file.h:281: +^I^Iint alloc_stems = data->alloc_stems * 2 + 16;^M$ If needed, dos2unix can be used to strip them. However, I think git am takes care of this for you. FYI your patches are staged here: https://github.com/SELinuxProject/selinux/pull/93 If no one nacks them, ill merge latter this week. Thanks. These patches look good to me. Thanks, Jim On Fri, Apr 13, 2018 at 1:34 PM, Nicolas Iooss wrote: In getconlist.c, main() does not use usercon. Remove this variable. Signed-off-by: Nicolas Iooss --- libselinux/utils/getconlist.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/libselinux/utils/getconlist.c b/libselinux/utils/getconlist.c index abfe2c742bfb..5ac0ca85075c 100644 --- a/libselinux/utils/getconlist.c +++ b/libselinux/utils/getconlist.c @@ -19,7 +19,7 @@ static __attribute__ ((__noreturn__)) void usage(const char *name, const char *d int main(int argc, char **argv) { - char **list, *usercon = NULL, *cur_context = NULL; + char **list, *cur_context = NULL; char *user = NULL, *level = NULL; int ret, i, opt; @@ -69,7 +69,6 @@ int main(int argc, char **argv) freeconary(list); } - free(usercon); free(level); return 0; -- 2.17.0 -- James Carter National Security Agency
Re: [PATCH 5/5] libselinux: remove unused variable usercon
On Mon, Apr 16, 2018 at 5:34 AM, Stephen Smalleywrote: > On 04/13/2018 08:40 PM, William Roberts wrote: >> In general this series looks fine. >> >> However, checkpatch.pl is complaining about DOS line endings in your patches: >> >> For example: >> ERROR: DOS line endings >> #325: FILE: libselinux/src/label_file.h:281: >> +^I^Iint alloc_stems = data->alloc_stems * 2 + 16;^M$ > > If needed, dos2unix can be used to strip them. However, I think git am takes > care of this for you. > FYI your patches are staged here: https://github.com/SELinuxProject/selinux/pull/93 If no one nacks them, ill merge latter this week. Thanks. >> >> >> >> >> >> On Fri, Apr 13, 2018 at 1:34 PM, Nicolas Iooss wrote: >>> In getconlist.c, main() does not use usercon. Remove this variable. >>> >>> Signed-off-by: Nicolas Iooss >>> --- >>> libselinux/utils/getconlist.c | 3 +-- >>> 1 file changed, 1 insertion(+), 2 deletions(-) >>> >>> diff --git a/libselinux/utils/getconlist.c b/libselinux/utils/getconlist.c >>> index abfe2c742bfb..5ac0ca85075c 100644 >>> --- a/libselinux/utils/getconlist.c >>> +++ b/libselinux/utils/getconlist.c >>> @@ -19,7 +19,7 @@ static __attribute__ ((__noreturn__)) void usage(const >>> char *name, const char *d >>> >>> int main(int argc, char **argv) >>> { >>> - char **list, *usercon = NULL, *cur_context = NULL; >>> + char **list, *cur_context = NULL; >>> char *user = NULL, *level = NULL; >>> int ret, i, opt; >>> >>> @@ -69,7 +69,6 @@ int main(int argc, char **argv) >>> freeconary(list); >>> } >>> >>> - free(usercon); >>> free(level); >>> >>> return 0; >>> -- >>> 2.17.0 >>> >>> >> >
Re: [PATCH ghak46 V1] audit: normalize MAC_STATUS record
2018-04-16 16:11 GMT+02:00 Richard Guy Briggs: > On 2018-04-16 09:26, Ondrej Mosnacek wrote: >> 2018-04-10 1:34 GMT+02:00 Richard Guy Briggs : >> > There were two formats of the audit MAC_STATUS record, one of which was >> > more >> > standard than the other. One listed enforcing status changes and the >> > other listed enabled status changes with a non-standard label. In >> > addition, the record was missing information about which LSM was >> > responsible and the operation's completion status. While this record is >> > only issued on success, the parser expects the res= field to be present. >> > >> > old enforcing/permissive: >> > type=MAC_STATUS msg=audit(1523312831.378:24514): enforcing=0 >> > old_enforcing=1 auid=0 ses=1 >> > old enable/disable: >> > type=MAC_STATUS msg=audit(1523312831.378:24514): selinux=0 auid=0 ses=1 >> > >> > List both sets of status and old values and add the lsm= field and the >> > res= field. >> > >> > Here is the new format: >> > type=MAC_STATUS msg=audit(1523293828.657:891): enforcing=0 old_enforcing=1 >> > auid=0 ses=1 enabled=1 old-enabled=1 lsm=selinux res=1 >> > >> > This record already accompanied a SYSCALL record. >> > >> > See: https://github.com/linux-audit/audit-kernel/issues/46 >> > Signed-off-by: Richard Guy Briggs >> > --- >> > security/selinux/selinuxfs.c | 11 +++ >> > 1 file changed, 7 insertions(+), 4 deletions(-) >> > >> > diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c >> > index 00eed84..00b21b2 100644 >> > --- a/security/selinux/selinuxfs.c >> > +++ b/security/selinux/selinuxfs.c >> > @@ -145,10 +145,11 @@ static ssize_t sel_write_enforce(struct file *file, >> > const char __user *buf, >> > if (length) >> > goto out; >> > audit_log(current->audit_context, GFP_KERNEL, >> > AUDIT_MAC_STATUS, >> > - "enforcing=%d old_enforcing=%d auid=%u ses=%u", >> > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" >> > + " enabled=%d old-enabled=%d lsm=selinux res=1", >> >> This is just a tiny nit but why does "old_enforcing" use an underscore >> and "old-enabled" a dash? Shouldn't the style be consistent across >> fields? > > Yes, but my understanding is a preference for underscore, and not to > change existing field names. Ah, I just noticed that the field is already used elsewhere in the code, so it makes sense to keep it the same. I thought at first that it is just a typo. > > Steve? > >> Just my two cents... > > These details are worth noticing, thank you. > >> > new_value, selinux_enforcing, >> > from_kuid(_user_ns, >> > audit_get_loginuid(current)), >> > - audit_get_sessionid(current)); >> > + audit_get_sessionid(current), selinux_enabled, >> > selinux_enabled); >> > selinux_enforcing = new_value; >> > if (selinux_enforcing) >> > avc_ss_reset(0); >> > @@ -272,9 +273,11 @@ static ssize_t sel_write_disable(struct file *file, >> > const char __user *buf, >> > if (length) >> > goto out; >> > audit_log(current->audit_context, GFP_KERNEL, >> > AUDIT_MAC_STATUS, >> > - "selinux=0 auid=%u ses=%u", >> > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" >> > + " enabled=%d old-enabled=%d lsm=selinux res=1", >> > + selinux_enforcing, selinux_enforcing, >> >> ^ also here >> >> > from_kuid(_user_ns, >> > audit_get_loginuid(current)), >> > - audit_get_sessionid(current)); >> > + audit_get_sessionid(current), 0, 1); >> > } >> > >> > length = count; >> >> Ondrej Mosnacek > > - RGB > > -- > Richard Guy Briggs > Sr. S/W Engineer, Kernel Security, Base Operating Systems > Remote, Ottawa, Red Hat Canada > IRC: rgb, SunRaycer > Voice: +1.647.777.2635, Internal: (81) 32635 -- Ondrej Mosnacek Associate Software Engineer, Security Technologies Red Hat, Inc.
Re: [PATCH ghak46 V1] audit: normalize MAC_STATUS record
On 2018-04-16 09:26, Ondrej Mosnacek wrote: > 2018-04-10 1:34 GMT+02:00 Richard Guy Briggs: > > There were two formats of the audit MAC_STATUS record, one of which was more > > standard than the other. One listed enforcing status changes and the > > other listed enabled status changes with a non-standard label. In > > addition, the record was missing information about which LSM was > > responsible and the operation's completion status. While this record is > > only issued on success, the parser expects the res= field to be present. > > > > old enforcing/permissive: > > type=MAC_STATUS msg=audit(1523312831.378:24514): enforcing=0 > > old_enforcing=1 auid=0 ses=1 > > old enable/disable: > > type=MAC_STATUS msg=audit(1523312831.378:24514): selinux=0 auid=0 ses=1 > > > > List both sets of status and old values and add the lsm= field and the > > res= field. > > > > Here is the new format: > > type=MAC_STATUS msg=audit(1523293828.657:891): enforcing=0 old_enforcing=1 > > auid=0 ses=1 enabled=1 old-enabled=1 lsm=selinux res=1 > > > > This record already accompanied a SYSCALL record. > > > > See: https://github.com/linux-audit/audit-kernel/issues/46 > > Signed-off-by: Richard Guy Briggs > > --- > > security/selinux/selinuxfs.c | 11 +++ > > 1 file changed, 7 insertions(+), 4 deletions(-) > > > > diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c > > index 00eed84..00b21b2 100644 > > --- a/security/selinux/selinuxfs.c > > +++ b/security/selinux/selinuxfs.c > > @@ -145,10 +145,11 @@ static ssize_t sel_write_enforce(struct file *file, > > const char __user *buf, > > if (length) > > goto out; > > audit_log(current->audit_context, GFP_KERNEL, > > AUDIT_MAC_STATUS, > > - "enforcing=%d old_enforcing=%d auid=%u ses=%u", > > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" > > + " enabled=%d old-enabled=%d lsm=selinux res=1", > > This is just a tiny nit but why does "old_enforcing" use an underscore > and "old-enabled" a dash? Shouldn't the style be consistent across > fields? Yes, but my understanding is a preference for underscore, and not to change existing field names. Steve? > Just my two cents... These details are worth noticing, thank you. > > new_value, selinux_enforcing, > > from_kuid(_user_ns, > > audit_get_loginuid(current)), > > - audit_get_sessionid(current)); > > + audit_get_sessionid(current), selinux_enabled, > > selinux_enabled); > > selinux_enforcing = new_value; > > if (selinux_enforcing) > > avc_ss_reset(0); > > @@ -272,9 +273,11 @@ static ssize_t sel_write_disable(struct file *file, > > const char __user *buf, > > if (length) > > goto out; > > audit_log(current->audit_context, GFP_KERNEL, > > AUDIT_MAC_STATUS, > > - "selinux=0 auid=%u ses=%u", > > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" > > + " enabled=%d old-enabled=%d lsm=selinux res=1", > > + selinux_enforcing, selinux_enforcing, > > ^ also here > > > from_kuid(_user_ns, > > audit_get_loginuid(current)), > > - audit_get_sessionid(current)); > > + audit_get_sessionid(current), 0, 1); > > } > > > > length = count; > > Ondrej Mosnacek - RGB -- Richard Guy Briggs Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635
[PATCH] security: selinux: Change return type to vm_fault_t
Use new return type vm_fault_t for fault handler in struct vm_operations_struct. Signed-off-by: Souptick JoarderReviewed-by: Matthew Wilcox --- security/selinux/selinuxfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 00eed84..dfc31c6 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -418,7 +418,7 @@ static ssize_t sel_read_policy(struct file *filp, char __user *buf, return ret; } -static int sel_mmap_policy_fault(struct vm_fault *vmf) +static vm_fault_t sel_mmap_policy_fault(struct vm_fault *vmf) { struct policy_load_memory *plm = vmf->vma->vm_file->private_data; unsigned long offset; -- 1.9.1
Re: [PATCH ghak46 V1] audit: normalize MAC_STATUS record
2018-04-10 1:34 GMT+02:00 Richard Guy Briggs: > There were two formats of the audit MAC_STATUS record, one of which was more > standard than the other. One listed enforcing status changes and the > other listed enabled status changes with a non-standard label. In > addition, the record was missing information about which LSM was > responsible and the operation's completion status. While this record is > only issued on success, the parser expects the res= field to be present. > > old enforcing/permissive: > type=MAC_STATUS msg=audit(1523312831.378:24514): enforcing=0 old_enforcing=1 > auid=0 ses=1 > old enable/disable: > type=MAC_STATUS msg=audit(1523312831.378:24514): selinux=0 auid=0 ses=1 > > List both sets of status and old values and add the lsm= field and the > res= field. > > Here is the new format: > type=MAC_STATUS msg=audit(1523293828.657:891): enforcing=0 old_enforcing=1 > auid=0 ses=1 enabled=1 old-enabled=1 lsm=selinux res=1 > > This record already accompanied a SYSCALL record. > > See: https://github.com/linux-audit/audit-kernel/issues/46 > Signed-off-by: Richard Guy Briggs > --- > security/selinux/selinuxfs.c | 11 +++ > 1 file changed, 7 insertions(+), 4 deletions(-) > > diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c > index 00eed84..00b21b2 100644 > --- a/security/selinux/selinuxfs.c > +++ b/security/selinux/selinuxfs.c > @@ -145,10 +145,11 @@ static ssize_t sel_write_enforce(struct file *file, > const char __user *buf, > if (length) > goto out; > audit_log(current->audit_context, GFP_KERNEL, > AUDIT_MAC_STATUS, > - "enforcing=%d old_enforcing=%d auid=%u ses=%u", > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" > + " enabled=%d old-enabled=%d lsm=selinux res=1", This is just a tiny nit but why does "old_enforcing" use an underscore and "old-enabled" a dash? Shouldn't the style be consistent across fields? Just my two cents... > new_value, selinux_enforcing, > from_kuid(_user_ns, audit_get_loginuid(current)), > - audit_get_sessionid(current)); > + audit_get_sessionid(current), selinux_enabled, > selinux_enabled); > selinux_enforcing = new_value; > if (selinux_enforcing) > avc_ss_reset(0); > @@ -272,9 +273,11 @@ static ssize_t sel_write_disable(struct file *file, > const char __user *buf, > if (length) > goto out; > audit_log(current->audit_context, GFP_KERNEL, > AUDIT_MAC_STATUS, > - "selinux=0 auid=%u ses=%u", > + "enforcing=%d old_enforcing=%d auid=%u ses=%u" > + " enabled=%d old-enabled=%d lsm=selinux res=1", > + selinux_enforcing, selinux_enforcing, ^ also here > from_kuid(_user_ns, audit_get_loginuid(current)), > - audit_get_sessionid(current)); > + audit_get_sessionid(current), 0, 1); > } > > length = count; > -- > 1.8.3.1 > > -- > Linux-audit mailing list > linux-au...@redhat.com > https://www.redhat.com/mailman/listinfo/linux-audit -- Ondrej Mosnacek Associate Software Engineer, Security Technologies Red Hat, Inc.
Re: [PATCH 5/5] libselinux: remove unused variable usercon
On 04/13/2018 08:40 PM, William Roberts wrote: > In general this series looks fine. > > However, checkpatch.pl is complaining about DOS line endings in your patches: > > For example: > ERROR: DOS line endings > #325: FILE: libselinux/src/label_file.h:281: > +^I^Iint alloc_stems = data->alloc_stems * 2 + 16;^M$ If needed, dos2unix can be used to strip them. However, I think git am takes care of this for you. > > > > > > On Fri, Apr 13, 2018 at 1:34 PM, Nicolas Ioosswrote: >> In getconlist.c, main() does not use usercon. Remove this variable. >> >> Signed-off-by: Nicolas Iooss >> --- >> libselinux/utils/getconlist.c | 3 +-- >> 1 file changed, 1 insertion(+), 2 deletions(-) >> >> diff --git a/libselinux/utils/getconlist.c b/libselinux/utils/getconlist.c >> index abfe2c742bfb..5ac0ca85075c 100644 >> --- a/libselinux/utils/getconlist.c >> +++ b/libselinux/utils/getconlist.c >> @@ -19,7 +19,7 @@ static __attribute__ ((__noreturn__)) void usage(const >> char *name, const char *d >> >> int main(int argc, char **argv) >> { >> - char **list, *usercon = NULL, *cur_context = NULL; >> + char **list, *cur_context = NULL; >> char *user = NULL, *level = NULL; >> int ret, i, opt; >> >> @@ -69,7 +69,6 @@ int main(int argc, char **argv) >> freeconary(list); >> } >> >> - free(usercon); >> free(level); >> >> return 0; >> -- >> 2.17.0 >> >> >