@@ -48,7 +48,7 @@ LSM_HOOK(int, 0, quota_on, struct dentry *dentry)
LSM_HOOK(int, 0, syslog, int type)
LSM_HOOK(int, 0, settime, const struct timespec64 *ts,
const struct timezone *tz)
-LSM_HOOK(int, 0, vm_enough_memory, struct mm_struct *mm, long pages)
+LSM_HOOK(int, 1, vm_enough_memory, struct mm_struct *mm, long pages)
LSM_HOOK(int, 0, bprm_creds_for_exec, struct linux_binprm *bprm)
LSM_HOOK(int, 0, bprm_creds_from_file, struct linux_binprm *bprm, struct file *file)
LSM_HOOK(int, 0, bprm_check_security, struct linux_binprm *bprm)
@@ -1036,9 +1036,7 @@ int security_settime64(const struct timespec64 *ts, const struct timezone *tz)
*/
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
{
- struct security_hook_list *hp;
- int cap_sys_admin = 1;
- int rc;
+ int cap_sys_admin;
/*
* The module will respond with a positive value if
@@ -1047,13 +1045,8 @@ int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
* agree that it should be set it will. If any module
* thinks it should not be set it won't.
*/
- hlist_for_each_entry(hp, &security_hook_heads.vm_enough_memory, list) {
- rc = hp->hook.vm_enough_memory(mm, pages);
- if (rc <= 0) {
- cap_sys_admin = 0;
- break;
- }
- }
+ cap_sys_admin = call_int_hook_ignore_default(vm_enough_memory, 1, mm,
+ pages);
return __vm_enough_memory(mm, pages, cap_sys_admin);
}
@@ -4922,24 +4915,13 @@ int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
struct xfrm_policy *xp,
const struct flowi_common *flic)
{
- struct security_hook_list *hp;
- int rc = LSM_RET_DEFAULT(xfrm_state_pol_flow_match);
-
/*
- * Since this function is expected to return 0 or 1, the judgment
- * becomes difficult if multiple LSMs supply this call. Fortunately,
- * we can use the first LSM's judgment because currently only SELinux
- * supplies this call.
- *
- * For speed optimization, we explicitly break the loop rather than
- * using the macro
+ * The module will respond with a 1 value if
+ * it thinks there is a match. If all of the modules
+ * agree we consider the match succesfull.
*/
- hlist_for_each_entry(hp, &security_hook_heads.xfrm_state_pol_flow_match,
- list) {
- rc = hp->hook.xfrm_state_pol_flow_match(x, xp, flic);
- break;
- }
- return rc;
+ return call_int_hook_ignore_default(xfrm_state_pol_flow_match,
+ 1, x, xp, flic);
}
/**
The vm_enough_memory and xfrm_state_pol_flow_match behavior is somewhat similar, as both possibly need to reconciliate multiple LSM return value to a take a single decision. Currently xfrm_state_pol_flow_match has a simple implementation leveraging the fact that only a LSM is supposed to implement such hook. This patch extend xfrm_state_pol_flow_match() to possibly cope with multiple hooks alike what vm_enough_memory is currently doing, switch both hooks to use the call_int_hook_ignore_default helper and change the default hook return value to 1. Overall the above should not lead to any functional change. After this change, LSM returning the LSM_RET_DEFAULT value will become a no-op for the mentioned hooks. Signed-off-by: Paolo Abeni <pabeni@redhat.com> --- include/linux/lsm_hook_defs.h | 2 +- security/security.c | 34 ++++++++-------------------------- 2 files changed, 9 insertions(+), 27 deletions(-)