Commit 21953eb1 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'lsm-pr-20230626' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm 

Pull lsm updates from Paul Moore:

 - A SafeSetID patch to correct what appears to be a cut-n-paste typo in
   the code causing a UID to be printed where a GID was desired.

   This is coming via the LSM tree because we haven't been able to get a
   response from the SafeSetID maintainer (Micah Morton) in several
   months. Hopefully we are able to get in touch with Micah, but until
   we do I'm going to pick them up in the LSM tree.

 - A small fix to the reiserfs LSM xattr code.

   We're continuing to work through some issues with the reiserfs code
   as we try to fixup the LSM xattr handling, but in the process we're
   uncovering some ugly problems in reiserfs and we may just end up
   removing the LSM xattr support in reiserfs prior to reiserfs'
   removal.

   For better or worse, this shouldn't impact any of the reiserfs users,
   as we discovered that LSM xattrs on reiserfs were completely broken,
   meaning no one is currently using the combo of reiserfs and a file
   labeling LSM.

 - A tweak to how the cap_user_data_t struct/typedef is declared in the
   header file to appease the Sparse gods.

 - In the process of trying to sort out the SafeSetID lost-maintainer
   problem I realized that I needed to update the labeled networking
   entry to "Supported".

 - Minor comment/documentation and spelling fixes.

* tag 'lsm-pr-20230626' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
  device_cgroup: Fix kernel-doc warnings in device_cgroup
  SafeSetID: fix UID printed instead of GID
  MAINTAINERS: move labeled networking to "supported"
  capability: erase checker warnings about struct __user_cap_data_struct
  lsm: fix a number of misspellings
  reiserfs: Initialize sec->length in reiserfs_security_init().
  capability: fix kernel-doc warnings in capability.c
parents 729b39ec 4be22f16

MAINTAINERS

+1 −1
Original line number Diff line number Diff line
@@ -14727,7 +14727,7 @@ NETWORKING [LABELED] (NetLabel, Labeled IPsec, SECMARK) 
M:	Paul Moore <paul@paul-moore.com>

L:	netdev@vger.kernel.org

L:	linux-security-module@vger.kernel.org

S:	Maintained

S:	Supported

W:	https://github.com/netlabel

F:	Documentation/netlabel/

F:	include/net/calipso.h

fs/reiserfs/xattr_security.c

+1 −0
Original line number Diff line number Diff line
@@ -67,6 +67,7 @@ int reiserfs_security_init(struct inode *dir, struct inode *inode, 


	sec->name = NULL;

	sec->value = NULL;

	sec->length = 0;



	/* Don't add selinux attributes on xattrs - they'll never get used */

	if (IS_PRIVATE(dir))

include/uapi/linux/capability.h

+3 −2
Original line number Diff line number Diff line
@@ -41,11 +41,12 @@ typedef struct __user_cap_header_struct { 
	int pid;

} __user *cap_user_header_t;



typedef struct __user_cap_data_struct {

struct __user_cap_data_struct {

        __u32 effective;

        __u32 permitted;

        __u32 inheritable;

} __user *cap_user_data_t;

};

typedef struct __user_cap_data_struct __user *cap_user_data_t;





#define VFS_CAP_REVISION_MASK	0xFF000000

kernel/capability.c

+2 −0
Original line number Diff line number Diff line
@@ -467,6 +467,7 @@ EXPORT_SYMBOL(file_ns_capable); 
/**

 * privileged_wrt_inode_uidgid - Do capabilities in the namespace work over the inode?

 * @ns: The user namespace in question

 * @idmap: idmap of the mount @inode was found from

 * @inode: The inode in question

 *

 * Return true if the inode uid and gid are within the namespace.
@@ -481,6 +482,7 @@ bool privileged_wrt_inode_uidgid(struct user_namespace *ns, 


/**

 * capable_wrt_inode_uidgid - Check nsown_capable and uid and gid mapped

 * @idmap: idmap of the mount @inode was found from

 * @inode: The inode in question

 * @cap: The capability in question

 *

security/commoncap.c

+10 −10
Original line number Diff line number Diff line
@@ -314,7 +314,7 @@ int cap_inode_need_killpriv(struct dentry *dentry) 
 * the vfsmount must be passed through @idmap. This function will then

 * take care to map the inode according to @idmap before checking

 * permissions. On non-idmapped mounts or if permission checking is to be

 * performed on the raw inode simply passs @nop_mnt_idmap.

 * performed on the raw inode simply pass @nop_mnt_idmap.

 *

 * Return: 0 if successful, -ve on error.

 */
@@ -522,7 +522,7 @@ static bool validheader(size_t size, const struct vfs_cap_data *cap) 
 * the vfsmount must be passed through @idmap. This function will then

 * take care to map the inode according to @idmap before checking

 * permissions. On non-idmapped mounts or if permission checking is to be

 * performed on the raw inode simply passs @nop_mnt_idmap.

 * performed on the raw inode simply pass @nop_mnt_idmap.

 *

 * Return: On success, return the new size; on error, return < 0.

 */
@@ -630,7 +630,7 @@ static inline int bprm_caps_from_vfs_caps(struct cpu_vfs_cap_data *caps, 
 * the vfsmount must be passed through @idmap. This function will then

 * take care to map the inode according to @idmap before checking

 * permissions. On non-idmapped mounts or if permission checking is to be

 * performed on the raw inode simply passs @nop_mnt_idmap.

 * performed on the raw inode simply pass @nop_mnt_idmap.

 */

int get_vfs_caps_from_disk(struct mnt_idmap *idmap,

			   const struct dentry *dentry,
@@ -1133,7 +1133,7 @@ int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags) 
		break;



	case LSM_SETID_FS:

		/* juggle the capabilties to follow FSUID changes, unless

		/* juggle the capabilities to follow FSUID changes, unless

		 * otherwise suppressed

		 *

		 * FIXME - is fsuser used for all CAP_FS_MASK capabilities?
@@ -1184,10 +1184,10 @@ static int cap_safe_nice(struct task_struct *p) 
}



/**

 * cap_task_setscheduler - Detemine if scheduler policy change is permitted

 * cap_task_setscheduler - Determine if scheduler policy change is permitted

 * @p: The task to affect

 *

 * Detemine if the requested scheduler policy change is permitted for the

 * Determine if the requested scheduler policy change is permitted for the

 * specified task.

 *

 * Return: 0 if permission is granted, -ve if denied.
@@ -1198,11 +1198,11 @@ int cap_task_setscheduler(struct task_struct *p) 
}



/**

 * cap_task_setioprio - Detemine if I/O priority change is permitted

 * cap_task_setioprio - Determine if I/O priority change is permitted

 * @p: The task to affect

 * @ioprio: The I/O priority to set

 *

 * Detemine if the requested I/O priority change is permitted for the specified

 * Determine if the requested I/O priority change is permitted for the specified

 * task.

 *

 * Return: 0 if permission is granted, -ve if denied.
@@ -1213,11 +1213,11 @@ int cap_task_setioprio(struct task_struct *p, int ioprio) 
}



/**

 * cap_task_setnice - Detemine if task priority change is permitted

 * cap_task_setnice - Determine if task priority change is permitted

 * @p: The task to affect

 * @nice: The nice value to set

 *

 * Detemine if the requested task priority change is permitted for the

 * Determine if the requested task priority change is permitted for the

 * specified task.

 *

 * Return: 0 if permission is granted, -ve if denied.