[0/2] lsm: introduce and use security_mptcp_add_subflow()

Message ID	cover.1671054577.git.pabeni@redhat.com (mailing list archive)
Headers	show Return-Path: <linux-security-module-owner@kernel.org> From: Paolo Abeni <pabeni@redhat.com> To: linux-security-module@vger.kernel.org Cc: Paul Moore <paul@paul-moore.com>, selinux@vger.kernel.org, mptcp@lists.linux.dev Subject: [PATCH 0/2] lsm: introduce and use security_mptcp_add_subflow() Date: Wed, 14 Dec 2022 23:01:56 +0100 Message-Id: <cover.1671054577.git.pabeni@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	lsm: introduce and use security_mptcp_add_subflow() \| expand [0/2] lsm: introduce and use security_mptcp_add_subflow() [1/2] security, lsm: Introduce security_mptcp_add_subflow() [2/2] selinux: Implement mptcp_add_subflow hook

Message ID

cover.1671054577.git.pabeni@redhat.com (mailing list archive)

Headers

From: Paolo Abeni <pabeni@redhat.com>
To: linux-security-module@vger.kernel.org
Cc: Paul Moore <paul@paul-moore.com>, selinux@vger.kernel.org,
        mptcp@lists.linux.dev
Subject: [PATCH 0/2] lsm: introduce and use security_mptcp_add_subflow()
Date: Wed, 14 Dec 2022 23:01:56 +0100
Message-Id: <cover.1671054577.git.pabeni@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

lsm: introduce and use security_mptcp_add_subflow() | expand

Message

Paolo Abeni Dec. 14, 2022, 10:01 p.m. UTC

This series is an attempt to solve the LSM labeling breakage
reported here:

https://lore.kernel.org/linux-security-module/CAHC9VhSQnhH3UL4gqzu+YiA1Q3YyLLCv88gLJOvw-0+uw5Lvkw@mail.gmail.com/

As per previous discussion, a new LSM hook is introduced and
invoked by the mptcp code to let LSMs set the appropriate label
for the newly created subflow.

I'm not sure the chosen hook name is a perfect fit, any suggestion
more then welcome.
The new hook requires both the mptcp socket reference and the
subflow socket reference, even if the provided LSM implementation
for selinux ends-up accessing only the subflow socket. Possibly
other LSM implementation could need or use the addtional parameter.

Paolo Abeni (2):
  security, lsm: Introduce security_mptcp_add_subflow()
  selinux: Implement mptcp_add_subflow hook

 include/linux/lsm_hook_defs.h |  1 +
 include/linux/lsm_hooks.h     |  9 +++++++++
 include/linux/security.h      |  6 ++++++
 net/mptcp/subflow.c           |  6 ++++++
 security/security.c           |  5 +++++
 security/selinux/hooks.c      | 30 ++++++++++++++++++++++++++++++
 6 files changed, 57 insertions(+)

Comments

Paolo Abeni Dec. 14, 2022, 10:13 p.m. UTC | #1

On Wed, 2022-12-14 at 23:01 +0100, Paolo Abeni wrote:
> This series is an attempt to solve the LSM labeling breakage
> reported here:
> 
> https://lore.kernel.org/linux-security-module/CAHC9VhSQnhH3UL4gqzu+YiA1Q3YyLLCv88gLJOvw-0+uw5Lvkw@mail.gmail.com/
> 
> As per previous discussion, a new LSM hook is introduced and
> invoked by the mptcp code to let LSMs set the appropriate label
> for the newly created subflow.
> 
> I'm not sure the chosen hook name is a perfect fit, any suggestion
> more then welcome.
> The new hook requires both the mptcp socket reference and the
> subflow socket reference, even if the provided LSM implementation
> for selinux ends-up accessing only the subflow socket. Possibly
> other LSM implementation could need or use the addtional parameter.

I forgot to mention this has been tested vs the reproducer described in
the above link and vs the mptcp self-tests.

Cheers,

Paolo