On Tue, Nov 15, 2022 at 12:57 PM Roberto Sassu <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > include/linux/lsm_hooks.h reports the result of the LSM infrastructure to > the callers, not what LSMs should return to the LSM infrastructure. > > Clarify that and add that returning 1 from the LSMs means calling > __vm_enough_memory() with cap_sys_admin set, 0 without. > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > Reviewed-by: KP Singh <kpsingh@xxxxxxxxxx> > --- > include/linux/lsm_hooks.h | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 4ec80b96c22e..f40b82ca91e7 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -1411,7 +1411,9 @@ > * Check permissions for allocating a new virtual mapping. > * @mm contains the mm struct it is being added to. > * @pages contains the number of pages. > - * Return 0 if permission is granted. > + * Return 0 if permission is granted by LSMs to the caller. LSMs should > + * return 1 if __vm_enough_memory() should be called with > + * cap_sys_admin set, 0 if not. I think this is a nice addition, but according to the code, any value greater than zero will trigger the caller-should-have-CAP_SYS_ADMIN behavior, not just 1. I suggest updating the comment. -- paul-moore.com
