On 2/19/2021 3:28 PM, Paul Moore wrote: > As discussed briefly on the list (lore link below), we are a little > sloppy when it comes to using task credentials, mixing both the > subjective and object credentials. This patch set attempts to fix > this by replacing security_task_getsecid() with two new hooks that > return either the subjective (_subj) or objective (_obj) credentials. > > https://lore.kernel.org/linux-security-module/806848326.0ifERbkFSE@x2/T/ > > Casey and John, I made a quick pass through the Smack and AppArmor > code in an effort to try and do the right thing, but I will admit > that I haven't tested those changes, just the SELinux code. I > would really appreciate your help in reviewing those changes. If > you find it easier, feel free to wholesale replace my Smack/AppArmor > patch with one of your own. A quick test pass didn't show up anything obviously amiss with the Smack changes. I have will do some more through inspection, but they look fine so far. > > --- > > Paul Moore (4): > lsm: separate security_task_getsecid() into subjective and objective variants > selinux: clarify task subjective and objective credentials > smack: differentiate between subjective and objective task credentials > apparmor: differentiate between subjective and objective task credentials > > > security/apparmor/domain.c | 2 +- > security/apparmor/include/cred.h | 19 +++++-- > security/apparmor/include/task.h | 3 +- > security/apparmor/lsm.c | 23 ++++++--- > security/apparmor/task.c | 23 +++++++-- > security/selinux/hooks.c | 85 ++++++++++++++++++-------------- > security/smack/smack.h | 18 ++++++- > security/smack/smack_lsm.c | 40 ++++++++++----- > 8 files changed, 147 insertions(+), 66 deletions(-) > > -- > Signature