On Thu, Jun 23, 2016 at 3:52 PM, Dan Jurgens <danielj@xxxxxxxxxxxx> wrote: > From: Daniel Jurgens <danielj@xxxxxxxxxxxx> > > Add nine new hooks > 1. Allocate security contexts for Infiniband QPs. > 2. Free security contexts for Infiniband QPs. > 3. Allocate security contexts for Infiniband MAD agents. > 4. Free security contexts for Infiniband MAD agents. > 5. Enforce QP access to Pkeys > 6. Enforce MAD agent access to Pkeys > 7. Enforce MAD agent access to Infiniband End Ports for sending Subnet > Management Packets (SMP) > 8. A hook to register a callback to receive notifications of > security policy or enforcement changes. Restricting a QPs access to > a pkey will be done during setup and not on a per packet basis > access must be enforced again. > 9. A hook to unregister the callback. > > Signed-off-by: Daniel Jurgens <danielj@xxxxxxxxxxxx> > Reviewed-by: Eli Cohen <eli@xxxxxxxxxxxx> > --- > include/linux/lsm_hooks.h | 71 ++++++++++++++++++++++++++++++++++++++++ > include/linux/security.h | 63 +++++++++++++++++++++++++++++++++++ > include/rdma/ib_verbs.h | 4 +++ > security/Kconfig | 9 +++++ > security/security.c | 83 +++++++++++++++++++++++++++++++++++++++++++++++ > 5 files changed, 230 insertions(+) I'd recommend putting the IB hook calls into this patch as well, it helps make the hooks a bit more concrete as you can see where, and how they are called. > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 7ae3976..6b47c8d 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -8,6 +8,7 @@ > * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) > * Copyright (C) 2015 Intel Corporation. > * Copyright (C) 2015 Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > + * Copyright (C) 2016 Mellanox Techonologies > * > * This program is free software; you can redistribute it and/or modify > * it under the terms of the GNU General Public License as published by > @@ -876,6 +877,50 @@ > * associated with the TUN device's security structure. > * @security pointer to the TUN devices's security structure. > * > + * Security hooks for Infiniband > + * > + * @ib_qp_pkey_access: > + * Check permission to access a pkey when modifing a QP. > + * @subnet_prefix the subnet prefix of the port being used. > + * @pkey the pkey to be accessed. > + * @qp_sec pointer to the ib_qp_security structure. > + * @ib_mad_agent_pkey_access: > + * Check permission to access a pkey when transmiting and receiving MADS. > + * @subnet_prefix the subnet prefix of the port being used. > + * @pkey the pkey to be accessed. > + * @mad_agent pointer to the ib_mad_agent structure. > + * @ib_end_port_smp: > + * Check permissions to send and receive SMPs on a end port. > + * @dev_name the IB device name (i.e. mlx4_0). > + * @port_num the port number. > + * @mad_agent pointer to the ib_mad_agent structure. > + * @ib_qp_alloc_security: > + * Allocate and attach a security structure to the qp_sec->q_security > + * field. The q_security field is initialized to NULL when the structure > + * is allocated. A separate QP security structure is used instead of the > + * QP structure because when a QP is destroyed the memory is freed by the > + * hardware driver. That operation can fail so the security info must be > + * maintained until the destroy completes successfully. > + * @qp_sec contains the ib_qp_security structure to be modified. > + * Return 0 if operation was successful. > + * @ib_mad_agent_alloc_security: > + * Allocate and attach a security structure to the mad_agent->m_security > + * field. The m_security field is initialized to NULL when the structure > + * is allocated. > + * @mad_agent contains the ib_mad_agent structure to be modified. > + * Return 0 if operation was successful. > + * @ib_qp_free_security: > + * Deallocate and clear the qp_sec->q_security field. > + * @qp_sec contains the ib_qp_security structure to be modified. > + * @ib_mad_agent_free_security: > + * Deallocate and clear the mad_agent->m_security field. > + * @mad_agent contains the ib_mad_agent structure to be modified. > + * @register_ib_flush_callback: > + * Provide a way for security modules to notify ib_core of policy changes. > + * @callback function pointer to call when policy changes. > + * @unregister_ib_flush_callback: > + * Unregister the callback function. > + * > * Security hooks for XFRM operations. > * > * @xfrm_policy_alloc_security: -- paul moore security @ redhat _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
