On Wed, Nov 16, 2022 at 9:06 AM Roberto Sassu <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > On Tue, 2022-11-15 at 21:11 -0500, Paul Moore wrote: > > On Tue, Nov 15, 2022 at 12:57 PM Roberto Sassu > > <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > > > include/linux/lsm_hooks.h reports the result of the LSM infrastructure to > > > the callers, not what LSMs should return to the LSM infrastructure. > > > > > > Clarify that and add that returning 1 from the LSMs means calling > > > __vm_enough_memory() with cap_sys_admin set, 0 without. > > > > > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > Reviewed-by: KP Singh <kpsingh@xxxxxxxxxx> > > > --- > > > include/linux/lsm_hooks.h | 4 +++- > > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > > > index 4ec80b96c22e..f40b82ca91e7 100644 > > > --- a/include/linux/lsm_hooks.h > > > +++ b/include/linux/lsm_hooks.h > > > @@ -1411,7 +1411,9 @@ > > > * Check permissions for allocating a new virtual mapping. > > > * @mm contains the mm struct it is being added to. > > > * @pages contains the number of pages. > > > - * Return 0 if permission is granted. > > > + * Return 0 if permission is granted by LSMs to the caller. LSMs should > > > + * return 1 if __vm_enough_memory() should be called with > > > + * cap_sys_admin set, 0 if not. > > > > I think this is a nice addition, but according to the code, any value > > greater than zero will trigger the caller-should-have-CAP_SYS_ADMIN > > behavior, not just 1. I suggest updating the comment. > > Ok, yes. Thanks. Also, this is an unrelated patch and you can probably send it independently, especially since the other changes will now land mostly via BPF. > > Roberto >
