tmakin/tegra-linux-noble
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

UBUNTU: SAUCE: apparmor4.0.0 [34/90]: LSM stacking v39: LSM: Add mount opts blob size tracking

Browse Source 
BugLink: http://bugs.launchpad.net/bugs/2028253

Add mount option data to the blob size accounting in anticipation
of using a shared mnt_opts blob.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
(cherry picked from commit 2247022e3a9378ef8a843a430e74d4e282dbf22c
https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
This commit is contained in:
Casey Schaufler
2023-11-16 10:06:35 -08:00
committed by Paolo Pisati
parent 1ac99b160a
commit 061453d0e6
4 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/linux/lsm_hooks.h
+1
View File
@@ -81,6 +81,7 @@ struct lsm_blob_sizes {
int lbs_msg_msg;
int lbs_task;
int lbs_xattr_count; /* number of xattr slots in new_xattrs array */
int lbs_mnt_opts;
bool lbs_secmark; /* expressed desire for secmark use */
};
security/security.c
+2
View File
@@ -233,6 +233,7 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed)
lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task);
lsm_set_blob_size(&needed->lbs_xattr_count,
&blob_sizes.lbs_xattr_count);
lsm_set_blob_size(&needed->lbs_mnt_opts, &blob_sizes.lbs_mnt_opts);
if (needed->lbs_secmark) {
if (!blob_sizes.lbs_secmark)
blob_sizes.lbs_secmark = true;
@@ -454,6 +455,7 @@ static void __init ordered_lsm_init(void)
init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock);
init_debug("task blob size = %d\n", blob_sizes.lbs_task);
init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count);
init_debug("mnt_opts blob size = %d\n", blob_sizes.lbs_mnt_opts);
/*
* Create any kmem_caches needed for blobs
security/selinux/hooks.c
+1
View File
@@ -7026,6 +7026,7 @@ struct lsm_blob_sizes selinux_blob_sizes __ro_after_init = {
.lbs_sock = sizeof(struct sk_security_struct),
.lbs_superblock = sizeof(struct superblock_security_struct),
.lbs_xattr_count = SELINUX_INODE_INIT_XATTRS,
.lbs_mnt_opts = sizeof(struct selinux_mnt_opts),
.lbs_secmark = true,
};
security/smack/smack_lsm.c
+1
View File
@@ -5065,6 +5065,7 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = {
.lbs_sock = sizeof(struct socket_smack),
.lbs_superblock = sizeof(struct superblock_smack),
.lbs_xattr_count = SMACK_INODE_INIT_XATTRS,
.lbs_mnt_opts = sizeof(struct smack_mnt_opts),
.lbs_secmark = true,
};