From patchwork Wed Sep 15 16:49:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 12496859 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5A17C433F5 for ; Wed, 15 Sep 2021 16:49:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A2A76610E9 for ; Wed, 15 Sep 2021 16:49:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229715AbhIOQus (ORCPT ); Wed, 15 Sep 2021 12:50:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36386 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229711AbhIOQuk (ORCPT ); Wed, 15 Sep 2021 12:50:40 -0400 Received: from mail-qv1-xf29.google.com (mail-qv1-xf29.google.com [IPv6:2607:f8b0:4864:20::f29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 726B8C061766 for ; Wed, 15 Sep 2021 09:49:21 -0700 (PDT) Received: by mail-qv1-xf29.google.com with SMTP id g11so2291049qvd.2 for ; Wed, 15 Sep 2021 09:49:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=subject:from:to:date:message-id:user-agent:mime-version :content-transfer-encoding; bh=tZwBVZ5ivrPb6DCSmr/gfWXOF5H7MpGJkku89V1qfH0=; b=GmYCadx8bMhGbpmSXQkaENi2AwpsDk4eicoMJAb8ftUwKq8x4RRfBTKM3YrGwJXIcK LTK6/KOqdno7n7n/55XdVcVV23K7/9TedZipQAkrJVt9BcIZsNpl8JYvQOP7jTlkWoeS IAmFraZ0WZGN9UOPi3qaJYgrE/bpl69T7juHgOdJBV+YMrSOGrQL5mY0nPqzlJKsHlgc W/BkFiRcn58ZyCHY7Y7xVr20AzfPaXsL5J3W/BakFi4bUrDljf6RTA71kzPXXaoC+SAP MWjc7HE3QZxgCn6M3Npq4lqaLjnXSGmIz5KB953JeZ90Cshp3gYGTGfKAu0Z2sGSNpnf T+jw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=tZwBVZ5ivrPb6DCSmr/gfWXOF5H7MpGJkku89V1qfH0=; b=Rrn9EmHtdsr/RYdzQaSWQwVNABqnOfJcDXVaf99p3ORT+qIAITpZ5WG3oQ7u29foVV iHyMZMUB+wAu7X/01pEw8lkm582qyZfx5vRquXcTCX8VngWROfoVYW/pSSZDGQbG/Fq0 a4J/muZqDF6UtGFnZTnLxw4K9e5Qju6ZuH1bUd9gBbHz971Z1zpFaLq5wsFTGfYrIRrT HSENa/oYArreoGSP+sSaulsVDjK+y3RYWWrmKuT6AQWTKPY0YK+rBoaO4it+YV8VtKpp 1yWPOo0YXrCt4B7tCWBheI7u6EMCAEJc6Up4HGAmbcqRw1XzoLRrK0pS8Gcp/PKLCrKp Nntw== X-Gm-Message-State: AOAM5300/OJ94vr/3tGGatOlrlQgQqyjQVDeQ0pUROhTJffWqEdcLPVt PdIIjiAdw0a2FMgdLW2PQtnCcGXnHRQi X-Google-Smtp-Source: ABdhPJw8vf5IO3EobDwbYHe2XkhMkNPHww7tMzZRabrqUnjoI4PvPa3dInjX+UhLg8nS5HeMJcXDpA== X-Received: by 2002:ad4:55b3:: with SMTP id f19mr727008qvx.16.1631724560204; Wed, 15 Sep 2021 09:49:20 -0700 (PDT) Received: from localhost (pool-96-237-52-188.bstnma.fios.verizon.net. [96.237.52.188]) by smtp.gmail.com with ESMTPSA id h9sm389334qkl.4.2021.09.15.09.49.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Sep 2021 09:49:19 -0700 (PDT) Subject: [PATCH v4 0/8] Add LSM access controls and auditing to io_uring From: Paul Moore To: linux-security-module@vger.kernel.org, selinux@vger.kernel.org, linux-audit@redhat.com, io-uring@vger.kernel.org, linux-fsdevel@vger.kernel.org, Jens Axboe , Pavel Begunkov , Kumar Kartikeya Dwivedi Date: Wed, 15 Sep 2021 12:49:18 -0400 Message-ID: <163172413301.88001.16054830862146685573.stgit@olly> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: A quick update to the v3 patchset with a small change to the audit record format (remove the audit login ID on io_uring records) and a subject line fix on the Smack patch. I also caught a few minor things in the code comments and fixed those up. All told, nothing significant but I really dislike merging patches that haven't hit the list so here ya go ... As a reminder, I'm planning to merge these in the selinux/next tree later this week and it would be *really* nice to get some ACKs from the io_uring folks; this patchset is implementing the ideas we all agreed to back in the v1 patchset so there shouldn't be anything surprising in here. For reference the v3 patchset can be found here: https://lore.kernel.org/linux-security-module/163159032713.470089.11728103630366176255.stgit@olly/T/#t Those who would prefer to fetch these patches directly from git can do so using the tree/branch below: git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git (checkout branch "working-io_uring") --- Casey Schaufler (1): Smack: Brutalist io_uring support Paul Moore (7): audit: prepare audit_context for use in calling contexts beyond syscalls audit,io_uring,io-wq: add some basic audit support to io_uring audit: add filtering for io_uring records fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure() io_uring: convert io_uring to the secure anon inode interface lsm,io_uring: add LSM hooks to io_uring selinux: add support for the io_uring access controls fs/anon_inodes.c | 29 ++ fs/io-wq.c | 4 + fs/io_uring.c | 69 +++- include/linux/anon_inodes.h | 4 + include/linux/audit.h | 26 ++ include/linux/lsm_hook_defs.h | 5 + include/linux/lsm_hooks.h | 13 + include/linux/security.h | 16 + include/uapi/linux/audit.h | 4 +- kernel/audit.h | 7 +- kernel/audit_tree.c | 3 +- kernel/audit_watch.c | 3 +- kernel/auditfilter.c | 15 +- kernel/auditsc.c | 469 ++++++++++++++++++++++------ security/security.c | 12 + security/selinux/hooks.c | 34 ++ security/selinux/include/classmap.h | 2 + security/smack/smack_lsm.c | 46 +++ 18 files changed, 646 insertions(+), 115 deletions(-)