On Tue, 2022-11-15 at 21:11 -0500, Paul Moore wrote: > On Tue, Nov 15, 2022 at 12:57 PM Roberto Sassu > <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > include/linux/lsm_hooks.h reports the result of the LSM infrastructure to > > the callers, not what LSMs should return to the LSM infrastructure. > > > > Clarify that and add that returning 1 from the LSMs means calling > > __vm_enough_memory() with cap_sys_admin set, 0 without. > > > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > Reviewed-by: KP Singh <kpsingh@xxxxxxxxxx> > > --- > > include/linux/lsm_hooks.h | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > > index 4ec80b96c22e..f40b82ca91e7 100644 > > --- a/include/linux/lsm_hooks.h > > +++ b/include/linux/lsm_hooks.h > > @@ -1411,7 +1411,9 @@ > > * Check permissions for allocating a new virtual mapping. > > * @mm contains the mm struct it is being added to. > > * @pages contains the number of pages. > > - * Return 0 if permission is granted. > > + * Return 0 if permission is granted by LSMs to the caller. LSMs should > > + * return 1 if __vm_enough_memory() should be called with > > + * cap_sys_admin set, 0 if not. > > I think this is a nice addition, but according to the code, any value > greater than zero will trigger the caller-should-have-CAP_SYS_ADMIN > behavior, not just 1. I suggest updating the comment. Ok, yes. Thanks. Roberto