From patchwork Mon Jan 8 21:36:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jann Horn via Selinux X-Patchwork-Id: 10152055 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 6B764603ED for ; Tue, 9 Jan 2018 13:34:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 60BEA27F98 for ; Tue, 9 Jan 2018 13:34:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 55371284B5; Tue, 9 Jan 2018 13:34:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from UCOL19PA10.eemsg.mail.mil (ucol19pa10.eemsg.mail.mil [214.24.24.83]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0A5D427F98 for ; Tue, 9 Jan 2018 13:34:08 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.46,335,1511827200"; d="scan'208";a="416635564" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by UCOL19PA10.eemsg.mail.mil with ESMTP; 09 Jan 2018 13:34:02 +0000 X-IronPort-AV: E=Sophos;i="5.46,335,1511827200"; d="scan'208";a="7420192" IronPort-PHdr: =?us-ascii?q?9a23=3A4gGLWRP/7ofNYQogHGEl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0L/vyp8bcNUDSrc9gkEXOFd2Cra4c0qyG7eu6CCQp2tWoiDg6aptCVhsI24?= =?us-ascii?q?09vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7?= =?us-ascii?q?Ovr6GpLIj8Swyuu+54Dfbx9HiTahfL9+Nha7oATeusUIhYZpN7o8xAbOrnZUYe?= =?us-ascii?q?pd2HlmJUiUnxby58ew+IBs/iFNsP8/9MBOTLv3cb0gQbNXEDopPWY15Nb2tRbY?= =?us-ascii?q?VguA+mEcUmQNnRVWBQXO8Qz3UY3wsiv+sep9xTWaMMjrRr06RTiu86FmQwLzhS?= =?us-ascii?q?wZKzA27n3Yis1ojKJavh2hoQB/w5XJa42RLfZyY7/Rcc8fSWdHUMlRTShBCZ6i?= =?us-ascii?q?YYUJAeQKIOJUo5Dgq1cSqBezAxSnCuHyxT9SnnL50qM03OYiHwHI2wIuAc4Bvm?= =?us-ascii?q?nMrNj3KasfX+C7zLPWwjXYdP5WxSvx5ZLUfh07vf2BX7R9etfRx0k1EAPFi02d?= =?us-ascii?q?p4v/MDOJyuQNs3aU7uR9XuyukWEnsRtxrSazxscwl4LJmIMVxUrZ/itk3ok1Id?= =?us-ascii?q?y4SEhmYd+rDZBdsDqaOJVyQsMjRWFopSk7x6YauZ+7YCcKyJMnywTZa/ycaYeE?= =?us-ascii?q?+B3jVOGPITphgn9uZbGxhw6q/ES9xeDxWdO43VZXoiZfjNXBuW4B2wbO5sSfVP?= =?us-ascii?q?dx4kOs1SyM2g3T8O1IP104mKvBJ5I/3rI8iJweulnZECDsgkX5lqqWe10h+uiv?= =?us-ascii?q?9uvofK3rpoSZN49okgH+NbkumtCnDeQ4LAcOW2+b9Pyg1LL55035QahKjuYsnq?= =?us-ascii?q?nFsJHVOcQbpqmjDw9Tzokj8AqwAy2j0NQZmXkLNFNFeBSZgIj1I1zCPf/1APil?= =?us-ascii?q?j1msjTtn3e7KM7L/DpnXM3TPiLLhcqx8605Yxgoz19df55dMB7EaPv3zXk7xtN?= =?us-ascii?q?rFDh42KgC72OHnCMh71owCR22PGbSUML/SsFCU5uIvJPOAZIkOuDnnMfQl6Pnu?= =?us-ascii?q?jWEhlV8HYaapxYcXaGy/Hvl+IUWZZnzsjc0dEWcKpAU+SvfniF+FUT5VYna9Rb?= =?us-ascii?q?k85i0lB4K8FofPXIetgKaO3C2jBJ1ZenhGCkyQEXfvb4iEWfUMZziOLc9iiTwE?= =?us-ascii?q?Ur6hS44/1Ry1ug/6z6dnL+XP9S0Fs5LjyMV16/fUlREo+jx+F96d3H2VT2Fogm?= =?us-ascii?q?MIQCc73LhhrkNm1FiD16l4g+BfFdFI5vNGTBk1OoDGw+x9EdDyVRrLfs2VR1a+?= =?us-ascii?q?XtWmHTYxQ8oszN8JZUZ9HcitgQ7H3yqrGLIajaKEBIYz8q7G2HjxPcl9wW7c1K?= =?us-ascii?q?Y9l1kmXtdPNWq+i6Fi6wjcHZTJnl6FmKatcKQTwDTC9HyfzWaUukFXThJwW73f?= =?us-ascii?q?XX8DfkvWscj55kTaQr+vD7QnLhVOycqcJatPdNLpkU9GRff4NdTZe2K+hWGwBR?= =?us-ascii?q?OSybONaIrlYGId3SrHBEgDiQAT8m6MNRIiCSe5v2LeEDtuGErvYkLt9ul+rmi2?= =?us-ascii?q?Tkowzw2Tbk1h0aC5+hgPivyGSPMT36wEtzk7pzVyAlm9w8rcC8CcqAp5YKVcfd?= =?us-ascii?q?Q97U9J1GLYswx9O4KvL7p5i14QbQt4okTu1w9tBYVYi8gqq3EqwxRuJqKEyl9B?= =?us-ascii?q?cCmY3Z/oML3NNmby5Ayva7LR2lzG3taW4L0A6PIkpFXipwGkDU8i821m09VMyH?= =?us-ascii?q?ud6I7KABAVUZLrXUY97wJ6qK3CYikh+4PU0mVhMaquvT/B3NIpGfAoyhW6cNdc?= =?us-ascii?q?N6OECRX+E8oAB8ihMOYqgUSmbgoYPOBO8645J9mpeOac2K6qIulghimrgn5b74?= =?us-ascii?q?B4yE6M8DB8SuHQ1ZYf3/6YxheHVyv7jFq5rs/4g4REai8JHmqjySnkA5VcZrZu?= =?us-ascii?q?coYKF2iuJdG3xtRkiJL3XX5X6kKjDUsc2MC1YRqSc0D93QpI2EQNvHOohDC1zz?= =?us-ascii?q?NxkzAmtKaf2jLBw/j6fhodJmFLXHVijUvrIYWslNAaUlKobw8ylBu5/kv63K5b?= =?us-ascii?q?pKNxLmnWW0hIeTL6L2d8XausrrCCedJA6Is0sSVLV+SxeV6bRaT5oxsGzSzjBX?= =?us-ascii?q?BeySsldz60oJX2hAF6iGeHIHZ0tnrZdtl6xQ3D69zEWf5Rwj0GSTFmiTnWGle8?= =?us-ascii?q?I96p/c+Om5jfsuC+UGShVpJIfCnvzIOAsjG05XdtARGlmPCzgNLnGxAg0SDnz9?= =?us-ascii?q?lqSTnIrBHkb4nv1qS6Kv5nclBzBFDi78p6G4d+kpY/hZwLwnganpSV/XwGkWjv?= =?us-ascii?q?KtVXw6T+Y2QRRTQT2d7a/BDl2FF/LnKO34/5THKdws9lZ9akeGMZxiU97s5RBa?= =?us-ascii?q?eP8bxLgTB1rkC/rQLLbvh3hi0dxuc26H4Gn+EJvxIgziaDDbAUBklVJi/smAqO?= =?us-ascii?q?79ClqqVYenqvfaK31EpkktCrFKuCrR1EWHblZpciGjd97t1lP1LR1H389Jnkd8?= =?us-ascii?q?PWbdIPqBKUiQzNj/VOKJ0vjPoKnjBrOXn6vX040e40kQJh3Z+9vIidJGVi4ri1?= =?us-ascii?q?AhhGOT3pf8kT4C3ijb5CnsaK2ICiBothGjMWU5bzU/KoFi8dtfT9OwaIDjI8tm?= =?us-ascii?q?+RGaDDEg+H9Edms3XPHoizN36NOXkZyc5vSwWcJExDgAEYRTs6kYQ/Fgyww8zh?= =?us-ascii?q?akh57CgL5lHkshtM1v5oNx7nX2fcpAaobik7RYOaLBpR4AFC6VnaMdCC7uJzGC?= =?us-ascii?q?FY+4OuoBaLKmOFewRCFXsJVVCcB1D/Irmu4sHN8+aCCeq4M/vOZrCOpPdQV/iW?= =?us-ascii?q?2J2v1ZFm8CyUNsWVOXliDeM01VZfXXxjHMTZgToPQTQNly3Rd86buAu8+ipvo8?= =?us-ascii?q?Cl6vjqVhjj5Y6VBLtWNtVu+wu7jr2fOO6Vnip5LixY1pwUz3/S1LcfxEISiz1p?= =?us-ascii?q?dzS1H7QArzDCQ7/LmqBNCR4bdyRzNNBT4q0mwgZNPNTXitTv1r53lvQ1EUtKVU?= =?us-ascii?q?T9msG1YswHO2e9NEndC0aTLLSLPjPLw8DtYaOnVb1QguRUtxuqtjadD0DjPy6M?= =?us-ascii?q?lz3zWxCoK+FMgzmRPAZCt4GlbhZtFW/jQcr9ZRKgN9N3iTw2waYohnPRL2IcKi?= =?us-ascii?q?ZzfF9Xor2L8yxYhvR/G2pc7ntqNuSLhyaY7/PFKpYNq/dqDD57l/5B4HQ9zbtZ?= =?us-ascii?q?9iZEROZ6mCHKtN5hv0mmkvWTyjpgSBdOrDdLhIaPvUp8IqXU7YNPVmje/BIK92?= =?us-ascii?q?mQDA4Kp9R9AN31p69Q0sTPlL70KDpa6N3U/MQcB8/SKM+cLXUuLwHmGD/OAwsD?= =?us-ascii?q?VzKrMnvfh0NFmvGI6nKVtoQ6qoTrmJcWULBbW0Y6Fu0EBUl+G9wCOIl4XjUhkb?= =?us-ascii?q?GBjc4I4WGxrB7eRclAuZDHTP2SC+31KDmFlblEewcIwbTgIIQPMY373lZuakN9?= =?us-ascii?q?nIXLBUXQW8tCojdmbgAqo0VA62RxTmo22035cAyt+2MTGeSynhEolgt0ef4t+y?= =?us-ascii?q?v041crOlrKozM9kE8vltr/hTCcaz3xLKCrXYFKESX0sVMxMpD6Qwpvaw29g1Bk?= =?us-ascii?q?Pi/eR71Nl7tgaXxriAjEtJtVB/FcVrNLbwUKxf6LZ/Ulyk9TqiS9xUBa4uvFB4?= =?us-ascii?q?NilBE0fp+stX5A3RxsbMItL6zKOKVJ1kRQhr6JviKwy+8+2hEeJ0cQ/2OJYyMH?= =?us-ascii?q?olYINqMhJyum5exj9xCNmyZZeGgNS/orouhm9kUjNOSc1yjgyaJMKlitN+yDKK?= =?us-ascii?q?OUo2zAlcmSQlwu0EMJlk5F8KN50cclbkqYTUcvzKGeFx4RL8rNNRlVb9ZO9HjU?= =?us-ascii?q?ZSuOqvvCwZZ0P4W7C+DpQvSDu7oTgkKhAAkmBZ8M7tgbEpmqzk7YMd/tLKQZxh?= =?us-ascii?q?U1+ATrOFKFAexUdx2XlTcHpMe/zINq0YRGODESH399MSS257bQoA8mmvyDU8kq?= =?us-ascii?q?Yn0CRIsLKmo2WNGmmy5ep3lAEDi30uceyAie7z/9pj/dAyT9b9tjfvibfglgCN?= =?us-ascii?q?eo9jUj66K2k0LY8o3CJ2HmMtRvosXA6ecbp5mbFfxbVbx9skfam4lfQXylSXXC?= =?us-ascii?q?HsW0J5fqbYkgdNL0CmugXly5lT01U9/7PMyxIaiQnQHoWYFUvZGA0z89M8+wDS?= =?us-ascii?q?sRFApup+4d/qJ8fhcMY4A7YBLysAQ+LaO/Kh+C0tqyW2atNSdWT/5HwOWgYbxX?= =?us-ascii?q?zjYjbu+9yHskVZE01/C5/1MXSpwWiR/T3uqsZ45bUSfvAHNdYBnPqTA/l2d/Ku?= =?us-ascii?q?Y42v0/zw/QsVkALzCLc/RkZ3BGv94mGVyfOml5Cm08R1+YjIrM/BSs36wM8CRB?= =?us-ascii?q?n9ZYy+pFsGLxvpXHejKjRLSrqYnJsyonddUmubd+MZbkIsSdr57egibfQ4POsg?= =?us-ascii?q?KbVC66FvxamtdUICJZT/lImX0lOcIctopb7Eo9TME+KKJTCKM0vLCldSJkDTIO?= =?us-ascii?q?zS8eT46B0iYOjfu827vbkxeQcY4tMB8fvZVDnNQSTTB5bjkZpK+5WIXcj3WERX?= =?us-ascii?q?QTIAcP8QRM4xoNlopqceD/44rHUoNMyz9Qo/J7SSbKGINn913nRWGShlj4Veiu?= =?us-ascii?q?k/ez0QJU0v3szsERWARjBkhF2+ZWikwoJalvK6kXuo7FqCWIdE39vGLpxuurP1?= =?us-ascii?q?xRycrTd13jEoXKqXD8UioH+X0PRI9Pzn7fGY4VkwpjZ6YhvE9ML5y+ekbi+zwk?= =?us-ascii?q?wJxkEKOiVcC2wVYpt3UGSjyrE9pACuFmrEnYVCdjY5+1tJXvI49STXNI+J2Bt1?= =?us-ascii?q?dZl11gMzK+yZpZMMxN/iIAXD1UrjmHutu9VtFD09dsD5AQOtd/p2v9GKRcNZiR?= =?us-ascii?q?uXI2oKbgynvE9D0nrVi12i2zG7emQOJd4WIeAB8lJ2OEqkkgF+Es6Hvd8kjRsl?= =?us-ascii?q?Bo+OdWHrqPjUJvrztmA59BGC1J2m6/L1RvUnZJrv9WKKLLfMxAW/MyfwOgOwQi?= =?us-ascii?q?Ff462EyE5V10kmrkbCxzrARa/zvQUBUzVSkQnrjigyYeqt29NT8cVZ1IcS0rbz?= =?us-ascii?q?3ZJAKDhSBXoBFfZllxVJAXHtlJ57MW0ZZa88fZVUmsLiQFUwB4OQIjzfpTj0hD?= =?us-ascii?q?v1uEeSrFFwqnae7PsgFrfceWtMOpNur28xpHioz9rOA17KEDR3q4mQKzX9zRs4?= =?us-ascii?q?j8ucCUuUeUcqf3LfG8a2fbTDfQlRCwmaskD57S8ijLKwpbN4N1xmc4YZX6Em7L?= =?us-ascii?q?OglGJ7gHKEVFU6B6dc9GrfpeZ8N+f6YJ46BtDAqdRhzzAIyvsOVGLlHLSDTCNS?= =?us-ascii?q?WO7PKwrp/I4LzATejgetaMyGzZQ6J2OZd67Sf0G6vw3Y9Z4Er21e9n9llmRlje?= =?us-ascii?q?LyCBsNPhKxsO5Ma4ckviuoMmHS/KAJhqinXg3UdAeNQLQy2x7JsX0otZ52jqRe?= =?us-ascii?q?J+zEfzrPVY96N45okv/7Bp1cC0KL/QKftAq09nBQOUBgFw+ZUzG2V/Qn1RYusN?= =?us-ascii?q?KPfQYasZjNrhq+bsF6AN7x2V4eNZY8PdJ07dgsm/Fi2cSRtckQcDszEaKAWc1+?= =?us-ascii?q?SCm6BpV8movvT51Vgr41ilKR4K1rZt6pmY+qCQvu/YcwPRzaQYWqjtXs7zoaks?= =?us-ascii?q?u0KW5f0girEOf3d4bBC5H+cGV84S3GHgwbotzSI2HMPJB6jg9+JbV3IlgjLgnI?= =?us-ascii?q?hwH1cXGvMRBreL+JpRn2cmlOzDN90WdK9ClnyJFRG6Dr8I0WSr5DePIGl5nhHO?= =?us-ascii?q?1An9QWW37FLtrC94Ry7Mw83ikkpTWLm3H11dXzG1OU9irTOAIBbotMftuasr9k?= =?us-ascii?q?02NXbktN2Vnmu7JLxXB9H/JMCbISQsoVIXi5sxRsCg2Y8FAte9JdYR/2t4bvTA?= =?us-ascii?q?92OqnShBo71Eh4rF+M2V/OvYHWW4ha2At7qN3CxYymQ/vVwn7tCgLfTO6t2RTv?= =?us-ascii?q?SmyWkeUiB/uxHbUB6tsLzbqFIUNlKX30fXgoAKOctZ3XYg3EH8+OcjWM4z9BlZ?= =?us-ascii?q?FovYZvMDpCr8NyHozluEeNI4SDWe3CVLEV7vFll4Aqc80nrqvM3VjXfQ50EoRo?= =?us-ascii?q?5oekP8hBx3FIs5Jlgv6FgW3ioDCRICaQ2fDLyzGUvlKpYLWlYZZhSaxri6fb03?= =?us-ascii?q?0ldpzrOo/u/TYvR2B7AROfZFkg6OgF9bF4oOsaIEXLJzZ19d9aDQpgj4CIjrRu?= =?us-ascii?q?PmmmQ0Nf20RMBa7M8YumA64gmlWxqv9ZdD7rgciJCSda5Ie5vMs95m70dh+zEP?= =?us-ascii?q?cjZBgB9ljxO2Seocvvzs4sDHsJq07eajTKktSP8N9xcqG2R+j4D9gFQiodHLye?= =?us-ascii?q?hcSpfaiZnk8AxXJX6Fppra2QFmKeUSM4KrYKpg93IfKigROX0OO8aWa/474yNq?= =?us-ascii?q?KzXc+VhCAsIKZdMFM8vAggRUhVPzWLBT7MXXAFmYBJlvd8ow9Wr41Cg18YcgUu?= =?us-ascii?q?bn8DK2I5Hf4E1KP/NHlipsj8jOpOkSwfrVEygX+mKUax16zyKN0ZWNDOzw/eqU?= =?us-ascii?q?wtHOS1wGBjI2U5taJDea9gyoWvG1lI7wXg2J5cH9hpM+dESNRn2+h6kFvaNMHv?= =?us-ascii?q?RGiirlxDReEZr1h/2Nudq29GRXrkFHEJp07RDdGqVfOZV7ORLimsa3Rkh8Ajb/?= =?us-ascii?q?d9zVdxovvuqW3eQM4+RlOkvgZI8bPAgLy7bn5npUVAduTqD5vkqBV+ILeNRmUO?= =?us-ascii?q?/ErmxS6Y94Kq8PIkKSpJrxozdMtVA5HQ4paLgrrjBAcUnOhgJVUb7uuLEckgsc?= =?us-ascii?q?TcJ5uUhUFGKyJm0+6TTHVaBOgaifEvMV9CucTrAUX0VuLCx+Xwu/2I9ydLuxgf?= =?us-ascii?q?BHrmRGkztyoPgu1DxnSgWzuSnop68WwjIg/7e4tDQdtnBfSOWRjTvIA01ZzPsW?= =?us-ascii?q?laccF2ri6VukbXkBbIvz4KFnJcPk9Ykg/3Qwfw4ufygHXeS8ESH/kbmEAouVsN?= =?us-ascii?q?JTnBSNotnBbaevLSgOMbQw0Q7jR3l40gXFgBZo8XcEQja+498gPom9P9gqxjaw?= =?us-ascii?q?E2jBaFkM+r9JsNf2tVMTSes2aFBhwGZk0sWcRC0CXs/PG2Ezjgc6b2VIapRD5g?= =?us-ascii?q?EGF6MwmDaHorFG/h0IYDfTComq4ZffncHU2XQmVtdqwmXWprGZhpM0znJqhsl4?= =?us-ascii?q?7imUuHQdb+bYSdNjAmDv1odDzuzzf/utvf4DSItn0LSuTuQPM8ii+Wuz3ZVlRF?= =?us-ascii?q?WlxrAAEFajN+8D3LjbWT+/SWKEQeSLb3SMnzEhP0/8/RmoNFw3Z9tUoEImN+vC?= =?us-ascii?q?h4Jclxf/Xr9uQSWQv1DbxnQ5MewGbwI2pJunewsSQe4WY+iTO/MjwOU6CFQWdH?= =?us-ascii?q?/JASp2BPOqsV63god0JW9s4UPkbuTx6grmKsedGgEYEY7GqZ584fi6RmOHOX99?= =?us-ascii?q?wxx+JU109+bEF1Qtre9RaJeRksLWh9R8y+IFcO1tMSIlsN4Jho1j8ZWU0NuNcR?= =?us-ascii?q?zJy5b9P83aoviZA/3ZyEQnYX9aUrsfYQzr44U6P9g5W6DcHLdDuhQcH6c6SoQ7?= =?us-ascii?q?N2jt7KF0MB9zcgnJabS2mMbqpeWLaYBPqn/L6FIwMCfcuxoeyvy7TQx7c4qmh3?= =?us-ascii?q?PsL5AsXjhBtcFiCgN6HItTHMMNtwinA5uTmKGhkd+x+lh6tvQMsaXqD/DFytW5?= =?us-ascii?q?0592X5hA6kyBJCzRC7VzgkR5kuSyhe/N0oL/CcPnZdwJVet2T3XbarDYBIW/Kz?= =?us-ascii?q?OPOsX6e0Jc9b6Tzq55AV2tY3X9XqybpGilMulp7l861p1QYuXe1nou4qvd1d+0?= =?us-ascii?q?YHtU9R2utXqYCJwKyVXWGezTQFp7QOCf/Xp5VfkSb4Sppc8BNtstxNXa6A52um?= =?us-ascii?q?dsysyAdo2oslPM110zWpvBNkb1x24nWIBCGxm7ME0xkSeNsXnZAHJBPuC4OMJt?= =?us-ascii?q?h5CTFRWr6E5vzzJ+LlVdE3blEI/CcVMQ3NizMUjTrVpG?= X-IPAS-Result: =?us-ascii?q?A2A8AgBhw1Ra/wHyM5BdGQEBAQEBAQEBAQEBAQcBAQEBAYM?= =?us-ascii?q?ULIFaJ4QHixiNaIJ/iA6OIx6BGANRLYleQBcBAQEBAQEBAQEBaiiCOCQBgkcDA?= =?us-ascii?q?wECIARSAwMJAQESEgIiBAICAwEdEwEFARwZBYgFgg8DFQOiSECMEYFtOoRzglQ?= =?us-ascii?q?NgyISfYMRghUQgzCCeIMhRYUFgmUFkzqPaD2QQYRzDYYIjgGNdIkROYEXIQI1M?= =?us-ascii?q?oEeKggCGAghDz2BFxp5glQcgghXAYg0LIIdAQEB?= Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 09 Jan 2018 13:34:01 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w09DY02v024358; Tue, 9 Jan 2018 08:34:00 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w08LaYRb065768 for ; Mon, 8 Jan 2018 16:36:34 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w08LaXQV009078 for ; Mon, 8 Jan 2018 16:36:35 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1AhAwCe41Nafy0YGNZdHAEBAQQBAQoBA?= =?us-ascii?q?YM8gV0nhAeKJI5bRQEBAQaCMYgLhUyIVoE2A3mFJAKEOj8YAQEBAQEBAQEBEwE?= =?us-ascii?q?BCxaGAQYjBBkBATcBDyUCJgICIRMBBQEcGYoZAwgNA6FuQIsjboFtOoMKAQEFh?= =?us-ascii?q?CsNgSqBRgELHggSfYMRghWBDoIxgniDIUQBhQWCZQGBMQEBkgqPaDMIAQGGDIo?= =?us-ascii?q?yhHMNhgiOAY1yiRE5gRcfa4EeMhojUoEEgSaCRQ8cGYFvVwGIKSyCHQEBAQ?= X-IPAS-Result: =?us-ascii?q?A1AhAwCe41Nafy0YGNZdHAEBAQQBAQoBAYM8gV0nhAeKJI5?= =?us-ascii?q?bRQEBAQaCMYgLhUyIVoE2A3mFJAKEOj8YAQEBAQEBAQEBEwEBCxaGAQYjBBkBA?= =?us-ascii?q?TcBDyUCJgICIRMBBQEcGYoZAwgNA6FuQIsjboFtOoMKAQEFhCsNgSqBRgELHgg?= =?us-ascii?q?SfYMRghWBDoIxgniDIUQBhQWCZQGBMQEBkgqPaDMIAQGGDIoyhHMNhgiOAY1yi?= =?us-ascii?q?RE5gRcfa4EeMhojUoEEgSaCRQ8cGYFvVwGIKSyCHQEBAQ?= X-IronPort-AV: E=Sophos;i="5.46,332,1511845200"; d="scan'208";a="168711" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.34]) by goalie.tycho.ncsc.mil with ESMTP; 08 Jan 2018 16:36:34 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3Aai6P5RT8LskhDhym4uW9IOpr3tpsv+yvbD5Q0YIu?= =?us-ascii?q?jvd0So/mwa6zZR2N2/xhgRfzUJnB7Loc0qyK6/mmCTdLuMvZ+Fk5M7V0Hycfjs?= =?us-ascii?q?sXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aFRrwLxd6?= =?us-ascii?q?KfroEYDOkcu3y/qy+5rOaAlUmTaxe7x/IAmroQnLtcQbj4RuJrsxxxfVv3BFZ/?= =?us-ascii?q?lYyWR0KFyJgh3y/N2w/Jlt8yRRv/Iu6ctNWrjkcqo7ULJVEi0oP3g668P3uxbD?= =?us-ascii?q?SxCP5mYHXWUNjhVIGQnF4wrkUZr3ryD3q/By2CiePc3xULA0RTGv5LplRRP0lC?= =?us-ascii?q?sKMSMy/XrJgcJskq1UvBOhpwR+w4HKZoGVKOF+db7Zcd8DWGZNQtpdWylHD4ih?= =?us-ascii?q?bYUAEvABMP5FoYbyqVUBrxiwBQerCu3v1DFHmmT73bEm3+k7DQ3LxhAsEtAIvX?= =?us-ascii?q?/JrNv1LqASUeWtwafP1zrDc+9W2Tfj54nGbxsvoOuDXahqccXP1UkvCx7Og1KV?= =?us-ascii?q?qYznMDOY1uAAvnOU7+pnUuKvhGonpB9rrjezwccsj5DEi4QIwV7H7SV02Jg5Kc?= =?us-ascii?q?C3RUJhf9KpH4Fcuz+VOodsTc4vQ3lktDgmxrACo5K2fygHxI45yxLCavGLaZaE?= =?us-ascii?q?7g79WOuXPDx2nmhqeKiliBa36UWgyvPzVs2z0FtSoCVIjMDCuHYD2hHN8MaKVu?= =?us-ascii?q?dx80W71TmRyQ/T7/pEIU8umareMZEhw7owmoAWsUTCGi/6gET2jKmIeUU44uWk?= =?us-ascii?q?9fnrb7r8qpOCOIJ4kB/yP6s0lsGwAek0Kg0OUHKa+eS42r3j50r5QLBSg/A4k6?= =?us-ascii?q?bVqYzUK9obqa62DQBb15su5wujAjqpzdgZnWEJIk5FeR+GjoXoO1/DIf7iAfei?= =?us-ascii?q?glmhnytmxv7IM7H9ApjAMHjNnargc7Zg6k9RyRA/wNBD6pJPEL0AIPP+VEHqud?= =?us-ascii?q?zWCh82LQO1z//+BNV4zIweRX6PAq+HP6Lcvl+H/PgvI/OSa48JpDbxMeMq5/nz?= =?us-ascii?q?jX8/hVASY7Kp0YEYaHC/GfRmLEGZbmT2jtgdFmcKuxIyTPb2h12aTT5Te3GyUr?= =?us-ascii?q?on5j4lDIKmDIHDRp2igbGawCe6HoFZZmBBClyWF3fobJ+LV+0DaCKVPM8y2gAD?= =?us-ascii?q?ALygTZIxkBCoqAL10bt7P8LK9SAC85Huzt5446vUjx5h2yZzCpG42n2RT2xr1k?= =?us-ascii?q?wBXSU7wLw39Ul/xQrS+ad/hPNcGJpY4PYfAVRyDoLV0+EvU4O6YQnGZNrcDQ/+?= =?us-ascii?q?Gtg=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B4AgDn4lNafy0YGNZdHAEBAQQBAQoBA?= =?us-ascii?q?YM8gV0nhAeKJI5bRQEBAQaCMYgLhUyIVoE2A3mFJAKEOj8YAQEBAQEBAQEBARI?= =?us-ascii?q?BAQsWXYI4JAGCRwYjBBkBATcBDyUCJgICIRMBBQEcGYoZAwgNA6FpQIsjboFtO?= =?us-ascii?q?oMKAQEFhCoNgSqBRgELHggSfYMRghWBDoIxgniDIUQBhQWCZYEyAQGSCo9oMwg?= =?us-ascii?q?BAYYMijKEcw2GCI4BjXKJETmBFx9rgR4yGiNSgQSBJoJFDxwZgW9XAYgpLIIdA?= =?us-ascii?q?QEB?= X-IPAS-Result: =?us-ascii?q?A0B4AgDn4lNafy0YGNZdHAEBAQQBAQoBAYM8gV0nhAeKJI5?= =?us-ascii?q?bRQEBAQaCMYgLhUyIVoE2A3mFJAKEOj8YAQEBAQEBAQEBARIBAQsWXYI4JAGCR?= =?us-ascii?q?wYjBBkBATcBDyUCJgICIRMBBQEcGYoZAwgNA6FpQIsjboFtOoMKAQEFhCoNgSq?= =?us-ascii?q?BRgELHggSfYMRghWBDoIxgniDIUQBhQWCZYEyAQGSCo9oMwgBAYYMijKEcw2GC?= =?us-ascii?q?I4BjXKJETmBFx9rgR4yGiNSgQSBJoJFDxwZgW9XAYgpLIIdAQEB?= X-IronPort-AV: E=Sophos;i="5.46,332,1511827200"; d="scan'208";a="7406526" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from ucol3cpa07.eemsg.mail.mil ([214.24.24.45]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 08 Jan 2018 21:36:33 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;5b88d6fd-f477-4801-beb1-fa2a8bc081e9 X-EEMSG-check-008: 393121657|UCOL19PA05_EEMSG_MP3.csd.disa.mil X-EEMSG-SBRS: 3.5 X-EEMSG-ORIG-IP: 209.85.216.202 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0DWAgCe41Nah8rYVdFdHAEBAQQBAQoBAYUZJ4QHmH9GAQEGgjGIC4VMiFaBNgN5hSQChDpAFwEBAQEBAQEBARMBAQEKCwkIKC+FJAYjBBkBATcBDyUCJgICIRMBBQEcGYoZAwgNoXFAiyNugW06gwoBAQWEKw2BKoFGKggSfYMRghWBDoIxgniDIUQBhQWCZYEyAQGSCo9oMwgBAYYMijKEcw2GCI4BjXKJETmBFyEBaIEeMhojUoEEgSaCRQ8cggggNwGIKSyCHQEBAQ X-IPAS-Result: A0DWAgCe41Nah8rYVdFdHAEBAQQBAQoBAYUZJ4QHmH9GAQEGgjGIC4VMiFaBNgN5hSQChDpAFwEBAQEBAQEBARMBAQEKCwkIKC+FJAYjBBkBATcBDyUCJgICIRMBBQEcGYoZAwgNoXFAiyNugW06gwoBAQWEKw2BKoFGKggSfYMRghWBDoIxgniDIUQBhQWCZYEyAQGSCo9oMwgBAYYMijKEcw2GCI4BjXKJETmBFyEBaIEeMhojUoEEgSaCRQ8cggggNwGIKSyCHQEBAQ Received: from mail-qt0-f202.google.com ([209.85.216.202]) by ucol19pa05.eemsg.mail.mil with ESMTP; 08 Jan 2018 21:36:31 +0000 Received: by mail-qt0-f202.google.com with SMTP id n31so9752319qtc.2 for ; Mon, 08 Jan 2018 13:36:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:in-reply-to:message-id :references:subject:from:to:cc; bh=gwQnH9qfALkc3YixB18FSHHQmZzQkBa/jPMfMex+0JA=; b=RkdsGGsxd8udI5dSEHKGxZgMetKzt+SbkraIHHnNYOvja2lHVWqP0sXcYNL0QdgTSg vJN56eSIOk+aPzHvduKFYgcAwH4OtFUugxfMYpbydFUgbnqXy6Sbxh2tcPi09Tv21kDm eiHuywxU+zmwA4q5iUV23Dheo+W8Z84AW4fAcORarUHGo8OOgPkDeEvkM4/ZIvglwMm2 s1XdpQPU7gWPyv0BzJJeGMdB3Ary+iFrwJmPt8pMZ43nU/IItd7PVfDYLjkBJSxpBFM6 3W8Ero98j319eCfN5uxAFDw+nlRZ27hJfQemP0mIIoedRBA+/yZo37/3cfe4/LPcR8ZD HFLg== X-Gm-Message-State: AKwxyte7DMfRwUr2oEkRiWXH/yRHugXU+zJjlYEn9m3Cjor2D3VC4HJD RonmyPgJsqGWRa2JR+2IQ+4ayovNI5NDhXi5F2sUBA== X-Google-Smtp-Source: ACJfBoucOxWjZRDLc4KEfBJB1mHQfMWW7lH9wCFSKw+BbYRLsyrqffulCqIP1OBGg7hre9AquwaVbLNUAtkep85wZySS7Q== MIME-Version: 1.0 X-Received: by 10.55.71.8 with SMTP id u8mr10008074qka.14.1515447391728; Mon, 08 Jan 2018 13:36:31 -0800 (PST) Date: Mon, 8 Jan 2018 13:36:20 -0800 In-Reply-To: <20180108213620.170042-1-mjg59@google.com> Message-Id: <20180108213620.170042-2-mjg59@google.com> References: <20180108213620.170042-1-mjg59@google.com> X-Mailer: git-send-email 2.16.0.rc0.223.g4a4ac83678-goog X-EEMSG-check-009: 444-444 To: linux-integrity@vger.kernel.org X-Mailman-Approved-At: Tue, 09 Jan 2018 08:31:59 -0500 Subject: [PATCH V6 2/2] IMA: Support using new creds in appraisal policy X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: From: Matthew Garrett via Selinux Reply-To: Matthew Garrett Cc: Matthew Garrett , linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, Dmitry Kasatkin , Stephen Smalley Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP The existing BPRM_CHECK functionality in IMA validates against the credentials of the existing process, not any new credentials that the child process may transition to. Add an additional CREDS_CHECK target and refactor IMA to pass the appropriate creds structure. In ima_bprm_check(), check with both the existing process credentials and the credentials that will be committed when the new process is started. This will not change behaviour unless the system policy is extended to include CREDS_CHECK targets - BPRM_CHECK will continue to check the same credentials that it did previously. After this patch, an IMA policy rule along the lines of: measure func=CREDS_CHECK subj_type=unconfined_t will trigger if a process is executed and runs as unconfined_t, ignoring the context of the parent process. This is in contrast to: measure func=BPRM_CHECK subj_type=unconfined_t which will trigger if the process that calls exec() is already executing in unconfined_t, ignoring the context that the child process executes into. Signed-off-by: Matthew Garrett Cc: Paul Moore Cc: Stephen Smalley Cc: Eric Paris Cc: selinux@tycho.nsa.gov Cc: Casey Schaufler Cc: linux-security-module@vger.kernel.org Cc: Mimi Zohar Cc: Dmitry Kasatkin Cc: linux-integrity@vger.kernel.org --- Documentation/ABI/testing/ima_policy | 2 +- security/integrity/iint.c | 1 + security/integrity/ima/ima.h | 9 ++++---- security/integrity/ima/ima_api.c | 9 +++++--- security/integrity/ima/ima_appraise.c | 13 ++++++++++- security/integrity/ima/ima_main.c | 42 ++++++++++++++++++++++++++--------- security/integrity/ima/ima_policy.c | 23 ++++++++++++------- security/integrity/integrity.h | 9 ++++++-- 8 files changed, 79 insertions(+), 29 deletions(-) diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy index e76432b9954d..5dc9eed035fb 100644 --- a/Documentation/ABI/testing/ima_policy +++ b/Documentation/ABI/testing/ima_policy @@ -25,7 +25,7 @@ Description: [obj_user=] [obj_role=] [obj_type=]] option: [[appraise_type=]] [permit_directio] - base: func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK] + base: func:= [BPRM_CHECK][MMAP_CHECK][CREDS_CHECK][FILE_CHECK][MODULE_CHECK] [FIRMWARE_CHECK] [KEXEC_KERNEL_CHECK] [KEXEC_INITRAMFS_CHECK] mask:= [[^]MAY_READ] [[^]MAY_WRITE] [[^]MAY_APPEND] diff --git a/security/integrity/iint.c b/security/integrity/iint.c index c84e05866052..62846e331a8b 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -78,6 +78,7 @@ static void iint_free(struct integrity_iint_cache *iint) iint->ima_mmap_status = INTEGRITY_UNKNOWN; iint->ima_bprm_status = INTEGRITY_UNKNOWN; iint->ima_read_status = INTEGRITY_UNKNOWN; + iint->ima_creds_status = INTEGRITY_UNKNOWN; iint->evm_status = INTEGRITY_UNKNOWN; iint->measured_pcrs = 0; kmem_cache_free(iint_cache, iint); diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index d52b487ad259..35fe91aa1fc9 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -177,6 +177,7 @@ static inline unsigned long ima_hash_key(u8 *digest) hook(FILE_CHECK) \ hook(MMAP_CHECK) \ hook(BPRM_CHECK) \ + hook(CREDS_CHECK) \ hook(POST_SETATTR) \ hook(MODULE_CHECK) \ hook(FIRMWARE_CHECK) \ @@ -191,8 +192,8 @@ enum ima_hooks { }; /* LIM API function definitions */ -int ima_get_action(struct inode *inode, int mask, - enum ima_hooks func, int *pcr); +int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, + int mask, enum ima_hooks func, int *pcr); int ima_must_measure(struct inode *inode, int mask, enum ima_hooks func); int ima_collect_measurement(struct integrity_iint_cache *iint, struct file *file, void *buf, loff_t size, @@ -212,8 +213,8 @@ void ima_free_template_entry(struct ima_template_entry *entry); const char *ima_d_path(const struct path *path, char **pathbuf, char *filename); /* IMA policy related functions */ -int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask, - int flags, int *pcr); +int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid, + enum ima_hooks func, int mask, int flags, int *pcr); void ima_init_policy(void); void ima_update_policy(void); void ima_update_policy_flag(void); diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index c7e8db0ea4c0..09a8da070162 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -157,6 +157,8 @@ void ima_add_violation(struct file *file, const unsigned char *filename, /** * ima_get_action - appraise & measure decision based on policy. * @inode: pointer to inode to measure + * @cred: pointer to credentials structure to validate + * @secid: secid of the task being validated * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXEC, * MAY_APPEND) * @func: caller identifier @@ -165,20 +167,21 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * The policy is defined in terms of keypairs: * subj=, obj=, type=, func=, mask=, fsmagic= * subj,obj, and type: are LSM specific. - * func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK + * func: FILE_CHECK | BPRM_CHECK | CREDS_CHECK | MMAP_CHECK | MODULE_CHECK * mask: contains the permission mask * fsmagic: hex value * * Returns IMA_MEASURE, IMA_APPRAISE mask. * */ -int ima_get_action(struct inode *inode, int mask, enum ima_hooks func, int *pcr) +int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, + int mask, enum ima_hooks func, int *pcr) { int flags = IMA_MEASURE | IMA_AUDIT | IMA_APPRAISE; flags &= ima_policy_flag; - return ima_match_policy(inode, func, mask, flags, pcr); + return ima_match_policy(inode, cred, secid, func, mask, flags, pcr); } /* diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index 65fbcf3c32c7..23453a5a86ac 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -50,10 +50,14 @@ bool is_ima_appraise_enabled(void) */ int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func) { + u32 secid; + if (!ima_appraise) return 0; - return ima_match_policy(inode, func, mask, IMA_APPRAISE, NULL); + security_task_getsecid(current, &secid); + return ima_match_policy(inode, current_cred(), secid, func, mask, + IMA_APPRAISE, NULL); } static int ima_fix_xattr(struct dentry *dentry, @@ -86,6 +90,8 @@ enum integrity_status ima_get_cache_status(struct integrity_iint_cache *iint, return iint->ima_mmap_status; case BPRM_CHECK: return iint->ima_bprm_status; + case CREDS_CHECK: + return iint->ima_creds_status; case FILE_CHECK: case POST_SETATTR: return iint->ima_file_status; @@ -106,6 +112,8 @@ static void ima_set_cache_status(struct integrity_iint_cache *iint, case BPRM_CHECK: iint->ima_bprm_status = status; break; + case CREDS_CHECK: + iint->ima_creds_status = status; case FILE_CHECK: case POST_SETATTR: iint->ima_file_status = status; @@ -127,6 +135,9 @@ static void ima_cache_flags(struct integrity_iint_cache *iint, case BPRM_CHECK: iint->flags |= (IMA_BPRM_APPRAISED | IMA_APPRAISED); break; + case CREDS_CHECK: + iint->flags |= (IMA_CREDS_APPRAISED | IMA_APPRAISED); + break; case FILE_CHECK: case POST_SETATTR: iint->flags |= (IMA_FILE_APPRAISED | IMA_APPRAISED); diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 770654694efc..7ddab02ddd68 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -159,8 +159,9 @@ void ima_file_free(struct file *file) ima_check_last_writer(iint, inode, file); } -static int process_measurement(struct file *file, char *buf, loff_t size, - int mask, enum ima_hooks func, int opened) +static int process_measurement(struct file *file, const struct cred *cred, + u32 secid, char *buf, loff_t size, int mask, + enum ima_hooks func, int opened) { struct inode *inode = file_inode(file); struct integrity_iint_cache *iint = NULL; @@ -182,7 +183,7 @@ static int process_measurement(struct file *file, char *buf, loff_t size, * bitmask based on the appraise/audit/measurement policy. * Included is the appraise submask. */ - action = ima_get_action(inode, mask, func, &pcr); + action = ima_get_action(inode, cred, secid, mask, func, &pcr); violation_check = ((func == FILE_CHECK || func == MMAP_CHECK) && (ima_policy_flag & IMA_MEASURE)); if (!action && !violation_check) @@ -284,9 +285,14 @@ static int process_measurement(struct file *file, char *buf, loff_t size, */ int ima_file_mmap(struct file *file, unsigned long prot) { - if (file && (prot & PROT_EXEC)) - return process_measurement(file, NULL, 0, MAY_EXEC, - MMAP_CHECK, 0); + u32 secid; + + if (file && (prot & PROT_EXEC)) { + security_task_getsecid(current, &secid); + return process_measurement(file, current_cred(), secid, NULL, + 0, MAY_EXEC, MMAP_CHECK, 0); + } + return 0; } @@ -305,8 +311,18 @@ int ima_file_mmap(struct file *file, unsigned long prot) */ int ima_bprm_check(struct linux_binprm *bprm) { - return process_measurement(bprm->file, NULL, 0, MAY_EXEC, - BPRM_CHECK, 0); + int ret; + u32 secid; + + security_task_getsecid(current, &secid); + ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, + MAY_EXEC, BPRM_CHECK, 0); + if (ret) + return ret; + + security_cred_getsecid(bprm->cred, &secid); + return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, + MAY_EXEC, CREDS_CHECK, 0); } /** @@ -321,7 +337,10 @@ int ima_bprm_check(struct linux_binprm *bprm) */ int ima_file_check(struct file *file, int mask, int opened) { - return process_measurement(file, NULL, 0, + u32 secid; + + security_task_getsecid(current, &secid); + return process_measurement(file, current_cred(), secid, NULL, 0, mask & (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND), FILE_CHECK, opened); } @@ -398,6 +417,7 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, enum kernel_read_file_id read_id) { enum ima_hooks func; + u32 secid; if (!file && read_id == READING_FIRMWARE) { if ((ima_appraise & IMA_APPRAISE_FIRMWARE) && @@ -420,7 +440,9 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, } func = read_idmap[read_id] ?: FILE_CHECK; - return process_measurement(file, buf, size, MAY_READ, func, 0); + security_task_getsecid(current, &secid); + return process_measurement(file, current_cred(), secid, buf, size, + MAY_READ, func, 0); } static int __init init_ima(void) diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index ee4613fa5840..4321b3bb61ef 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -241,16 +241,17 @@ static void ima_lsm_update_rules(void) * ima_match_rules - determine whether an inode matches the measure rule. * @rule: a pointer to a rule * @inode: a pointer to an inode + * @cred: a pointer to a credentials structure for user validation + * @secid: the secid of the task to be validated * @func: LIM hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * * Returns true on rule match, false on failure. */ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, + const struct cred *cred, u32 secid, enum ima_hooks func, int mask) { - struct task_struct *tsk = current; - const struct cred *cred = current_cred(); int i; if ((rule->flags & IMA_FUNC) && @@ -285,7 +286,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc = 0; - u32 osid, sid; + u32 osid; int retried = 0; if (!rule->lsm[i].rule) @@ -305,8 +306,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, case LSM_SUBJ_USER: case LSM_SUBJ_ROLE: case LSM_SUBJ_TYPE: - security_task_getsecid(tsk, &sid); - rc = security_filter_rule_match(sid, + rc = security_filter_rule_match(secid, rule->lsm[i].type, Audit_equal, rule->lsm[i].rule, @@ -339,6 +339,8 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) return IMA_MMAP_APPRAISE; case BPRM_CHECK: return IMA_BPRM_APPRAISE; + case CREDS_CHECK: + return IMA_CREDS_APPRAISE; case FILE_CHECK: case POST_SETATTR: return IMA_FILE_APPRAISE; @@ -351,6 +353,9 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) /** * ima_match_policy - decision based on LSM and other conditions * @inode: pointer to an inode for which the policy decision is being made + * @cred: pointer to a credentials structure for which the policy decision is + * being made + * @secid: LSM secid of the task to be validated * @func: IMA hook identifier * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) * @pcr: set the pcr to extend @@ -362,8 +367,8 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) * list when walking it. Reads are many orders of magnitude more numerous * than writes so ima_match_policy() is classical RCU candidate. */ -int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask, - int flags, int *pcr) +int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid, + enum ima_hooks func, int mask, int flags, int *pcr) { struct ima_rule_entry *entry; int action = 0, actmask = flags | (flags << 1); @@ -374,7 +379,7 @@ int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask, if (!(entry->action & actmask)) continue; - if (!ima_match_rules(entry, inode, func, mask)) + if (!ima_match_rules(entry, inode, cred, secid, func, mask)) continue; action |= entry->flags & IMA_ACTION_FLAGS; @@ -691,6 +696,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) entry->func = MMAP_CHECK; else if (strcmp(args[0].from, "BPRM_CHECK") == 0) entry->func = BPRM_CHECK; + else if (strcmp(args[0].from, "CREDS_CHECK") == 0) + entry->func = CREDS_CHECK; else if (strcmp(args[0].from, "KEXEC_KERNEL_CHECK") == 0) entry->func = KEXEC_KERNEL_CHECK; diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index e1bf040fb110..d70fd875d62f 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -48,10 +48,14 @@ #define IMA_BPRM_APPRAISED 0x00002000 #define IMA_READ_APPRAISE 0x00004000 #define IMA_READ_APPRAISED 0x00008000 +#define IMA_CREDS_APPRAISE 0x00010000 +#define IMA_CREDS_APPRAISED 0x00020000 #define IMA_APPRAISE_SUBMASK (IMA_FILE_APPRAISE | IMA_MMAP_APPRAISE | \ - IMA_BPRM_APPRAISE | IMA_READ_APPRAISE) + IMA_BPRM_APPRAISE | IMA_READ_APPRAISE | \ + IMA_CREDS_APPRAISE) #define IMA_APPRAISED_SUBMASK (IMA_FILE_APPRAISED | IMA_MMAP_APPRAISED | \ - IMA_BPRM_APPRAISED | IMA_READ_APPRAISED) + IMA_BPRM_APPRAISED | IMA_READ_APPRAISED | \ + IMA_CREDS_APPRAISED) enum evm_ima_xattr_type { IMA_XATTR_DIGEST = 0x01, @@ -108,6 +112,7 @@ struct integrity_iint_cache { enum integrity_status ima_mmap_status:4; enum integrity_status ima_bprm_status:4; enum integrity_status ima_read_status:4; + enum integrity_status ima_creds_status:4; enum integrity_status evm_status:4; struct ima_digest_data *ima_hash; };