[Groovy][PULL] LSM stacking

Wed Oct 7 06:08:24 UTC 2020

This is a refresh to v20 of the LSM stacking patches for groovy.

It reverts several of the previous reverts (feel free to drop original revert and following revert or the revert). And then adds a couple of patches to prep for the newer LSM stacking patches and adds some fixes to apparmor's support of audit rules.

This series is required to fix lp1898280

BugLink: http://bugs.launchpad.net/bugs/1898280

The following changes since commit aaaa95814cb615cf585e8865036787d1e7fa45c1:

  UBUNTU: Ubuntu-5.8.0-20.21 (2020-09-22 15:13:52 -0500)

are available in the Git repository at:

  https://git.launchpad.net/~jjohansen/+git/groovy-lsm-stacking lsm-stacking

for you to fetch changes up to a8479652ad88e279b0fde9cf90ca059e65b3ec39:

  UBUNTU: SAUCE: Audit: Fix for missing NULL check (2020-10-06 19:27:57 -0700)

----------------------------------------------------------------
Casey Schaufler (24):
      UBUNTU: SAUCE: LSM: Infrastructure management of the sock security
      UBUNTU: SAUCE: LSM: Create and manage the lsmblob data structure.
      UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match
      UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as
      UBUNTU: SAUCE: net: Prepare UDS for security module stacking
      UBUNTU: SAUCE: LSM: Use lsmblob in security_secctx_to_secid
      UBUNTU: SAUCE: LSM: Use lsmblob in security_secid_to_secctx
      UBUNTU: SAUCE: LSM: Use lsmblob in security_ipc_getsecid
      UBUNTU: SAUCE: LSM: Use lsmblob in security_task_getsecid
      UBUNTU: SAUCE: LSM: Use lsmblob in security_inode_getsecid
      UBUNTU: SAUCE: LSM: Use lsmblob in security_cred_getsecid
      UBUNTU: SAUCE: IMA: Change internal interfaces to use lsmblobs
      UBUNTU: SAUCE: LSM: Specify which LSM to display
      UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser
      UBUNTU: SAUCE: LSM: Use lsmcontext in security_secid_to_secctx
      UBUNTU: SAUCE: LSM: Use lsmcontext in security_inode_getsecctx
      UBUNTU: SAUCE: LSM: security_secid_to_secctx in netlink netfilter
      UBUNTU: SAUCE: NET: Store LSM netlabel data in a lsmblob
      UBUNTU: SAUCE: LSM: Verify LSM display sanity in binder
      UBUNTU: SAUCE: Audit: Add new record for multiple process LSM attributes
      UBUNTU: SAUCE: Audit: Add a new record for multiple object LSM  attributes
      UBUNTU: SAUCE: LSM: Add /proc attr entry for full LSM context
      UBUNTU: SAUCE: AppArmor: Remove the exclusive flag
      UBUNTU: SAUCE: Audit: Fix for missing NULL check

John Johansen (21):
      Revert "UBUNTU: SAUCE: Revert "apparmor: add support for mapping secids and using secctxes""
      Revert "UBUNTU: SAUCE: Revert "apparmor: Use an IDR to allocate apparmor secids""
      Revert "UBUNTU: SAUCE: Revert "apparmor: fixup secid map conversion to using IDR""
      Revert "UBUNTU: SAUCE: Revert "apparmor: Add a wildcard secid""
      Revert "UBUNTU: SAUCE: Revert "apparmor: Parse secmark policy""
      Revert "UBUNTU: SAUCE: Revert "apparmor: Allow filtering based on secmark policy""
      Revert "UBUNTU: SAUCE: Fix-up af_unix mediation for sock infrastructure management"
      Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the sock security"
      Revert "UBUNTU: SAUCE: apparmor: update flags to no longer be exclusive"
      Revert "UBUNTU: SAUCE: apparmor: add an apparmorfs entry to access current attrs"
      Revert "UBUNTU: SAUCE: Revert "apparmor: add the ability to get a task's secid""
      Revert "UBUNTU: SAUCE: Revert "apparmor: Add support for audit rule filtering""
      Revert "UBUNTU: SAUCE: Revert "apparmor: modify audit rule support to support profile stacks""
      Revert "UBUNTU: SAUCE: Revert "apparmor: fix bad debug check in apparmor_secid_to_secctx()""
      Revert "UBUNTU: SAUCE: Revert "apparmor: add #ifdef checks for secmark filtering""
      Revert "UBUNTU: SAUCE: Revert "apparmor: fix checkpatch error in Parse secmark policy""
      Revert "UBUNTU: SAUCE: Revert "apparmor: Fix warning about unused function apparmor_ipv6_postroute""
      UBUNTU: SAUCE: apparmor: drop prefixing abs root labels with '='
      UBUNTU: SAUCE: apparmor: disable showing the mode as part of a secid to secctx
      UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()
      UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX() to aa_sock()

 Documentation/security/lsm.rst          |  28 ++
 drivers/android/binder.c                |  26 +-
 fs/ceph/xattr.c                         |   6 +-
 fs/nfs/nfs4proc.c                       |   8 +-
 fs/nfsd/nfs4xdr.c                       |  20 +-
 fs/proc/base.c                          |   2 +
 include/linux/audit.h                   |  19 +-
 include/linux/cred.h                    |   3 +-
 include/linux/lsm_hooks.h               |  35 ++-
 include/linux/security.h                | 194 ++++++++++--
 include/net/af_unix.h                   |   2 +-
 include/net/netlabel.h                  |  10 +-
 include/net/scm.h                       |  15 +-
 include/net/xfrm.h                      |   4 +-
 include/uapi/linux/audit.h              |   2 +
 kernel/audit.c                          | 173 ++++++++---
 kernel/audit.h                          |   9 +-
 kernel/auditfilter.c                    |  32 +-
 kernel/auditsc.c                        | 169 +++++++----
 kernel/cred.c                           |  12 +-
 net/ipv4/cipso_ipv4.c                   |  27 +-
 net/ipv4/ip_sockglue.c                  |  12 +-
 net/netfilter/nf_conntrack_netlink.c    |  24 +-
 net/netfilter/nf_conntrack_standalone.c |  11 +-
 net/netfilter/nfnetlink_queue.c         |  28 +-
 net/netfilter/nft_meta.c                |  18 +-
 net/netfilter/xt_SECMARK.c              |   9 +-
 net/netlabel/netlabel_kapi.c            |   6 +-
 net/netlabel/netlabel_unlabeled.c       |  98 +++---
 net/netlabel/netlabel_unlabeled.h       |   2 +-
 net/netlabel/netlabel_user.c            |  13 +-
 net/netlabel/netlabel_user.h            |   2 +-
 net/unix/af_unix.c                      |   6 +-
 security/apparmor/af_unix.c             |   8 +-
 security/apparmor/apparmorfs.c          |  66 ----
 security/apparmor/audit.c               |  90 +++++-
 security/apparmor/include/apparmor.h    |   3 +-
 security/apparmor/include/apparmorfs.h  |   3 -
 security/apparmor/include/audit.h       |   5 +
 security/apparmor/include/label.h       |   2 +-
 security/apparmor/include/net.h         |  10 +
 security/apparmor/include/policy.h      |   3 +
 security/apparmor/include/procattr.h    |   2 +-
 security/apparmor/include/secid.h       |  21 +-
 security/apparmor/label.c               |  14 +-
 security/apparmor/lsm.c                 | 225 ++++++++++++--
 security/apparmor/net.c                 |  68 +++++
 security/apparmor/policy.c              |   5 +-
 security/apparmor/policy_unpack.c       |  67 ++++
 security/apparmor/procattr.c            |  22 +-
 security/apparmor/secid.c               | 152 ++++++++--
 security/bpf/hooks.c                    |  12 +-
 security/commoncap.c                    |   7 +-
 security/integrity/ima/ima.h            |  13 +-
 security/integrity/ima/ima_api.c        |  10 +-
 security/integrity/ima/ima_appraise.c   |   6 +-
 security/integrity/ima/ima_main.c       |  48 +--
 security/integrity/ima/ima_policy.c     |  61 ++--
 security/integrity/integrity_audit.c    |   2 +-
 security/loadpin/loadpin.c              |   8 +-
 security/lockdown/lockdown.c            |   7 +-
 security/safesetid/lsm.c                |   8 +-
 security/security.c                     | 520 +++++++++++++++++++++++++++++---
 security/selinux/hooks.c                |  27 +-
 security/selinux/include/classmap.h     |   2 +-
 security/selinux/include/security.h     |   1 +
 security/selinux/netlabel.c             |   2 +-
 security/selinux/ss/services.c          |   4 +-
 security/smack/smack.h                  |   1 +
 security/smack/smack_lsm.c              |  19 +-
 security/smack/smackfs.c                |  13 +-
 security/tomoyo/tomoyo.c                |   8 +-
 security/yama/yama_lsm.c                |   7 +-
 73 files changed, 1984 insertions(+), 593 deletions(-)