On Fri, May 31, 2019 at 04:09:26PM -0700, Casey Schaufler wrote:
> When more than one security module is exporting data to
> audit and networking sub-systems a single 32 bit integer
> is no longer sufficient to represent the data. Add a
> structure to be used instead.
>
> Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
Thoughts below...
> ---
> include/linux/security.h | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 49f2685324b0..81f9f79f9a1e 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -76,6 +76,18 @@ enum lsm_event {
> LSM_POLICY_CHANGE,
> };
>
> +/* Data exported by the security modules */
> +struct lsm_export {
> + u32 selinux;
> + u32 smack;
> + u32 apparmor;
> + u32 flags;
> +};
I think it might make more logical sent to leave flags at the start.
While I don't expect to add more fields, I find it surprising that
it is at the end. :)
-Kees
> +#define LSM_EXPORT_NONE 0x00
> +#define LSM_EXPORT_SELINUX 0x01
> +#define LSM_EXPORT_SMACK 0x02
> +#define LSM_EXPORT_APPARMOR 0x04
> +
> /* These functions are in security/commoncap.c */
> extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
> int cap, unsigned int opts);
> --
> 2.19.1
>
--
Kees Cook
