Message ID | 20210324191520.125779-1-mic@digikod.net |
---|---|
Headers | show |
Series | Landlock LSM | expand |
On 24/03/2021 20:15, Mickaël Salaün wrote: [...] > diff --git a/security/landlock/object.h b/security/landlock/object.h > new file mode 100644 > index 000000000000..3e5d5b6941c3 > --- /dev/null > +++ b/security/landlock/object.h > @@ -0,0 +1,91 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Landlock LSM - Object management > + * > + * Copyright © 2016-2020 Mickaël Salaün <mic@digikod.net> > + * Copyright © 2018-2020 ANSSI > + */ > + > +#ifndef _SECURITY_LANDLOCK_OBJECT_H > +#define _SECURITY_LANDLOCK_OBJECT_H > + > +#include <linux/compiler_types.h> > +#include <linux/refcount.h> > +#include <linux/spinlock.h> > + > +struct landlock_object; > + > +/** > + * struct landlock_object_underops - Operations on an underlying object > + */ > +struct landlock_object_underops { > + /** > + * @release: Releases the underlying object (e.g. iput() for an inode). > + */ > + void (*release)(struct landlock_object *const object) > + __releases(object->lock); > +}; > + > +/** > + * struct landlock_object - Security blob tied to a kernel object > + * > + * The goal of this structure is to enable to tie a set of ephemeral access > + * rights (pertaining to different domains) to a kernel object (e.g an inode) > + * in a safe way. This implies to handle concurrent use and modification. > + * > + * The lifetime of a &struct landlock_object depends of the rules referring to You should read "depends on"…
On Wed, Mar 24, 2021 at 08:15:18PM +0100, Mickaël Salaün wrote: > From: Mickaël Salaün <mic@linux.microsoft.com> > > Test all Landlock system calls, ptrace hooks semantic and filesystem > access-control with multiple layouts. > > Test coverage for security/landlock/ is 93.6% of lines. The code not > covered only deals with internal kernel errors (e.g. memory allocation) > and race conditions. > > Cc: James Morris <jmorris@namei.org> > Cc: Jann Horn <jannh@google.com> > Cc: Kees Cook <keescook@chromium.org> > Cc: Serge E. Hallyn <serge@hallyn.com> > Cc: Shuah Khan <shuah@kernel.org> > Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com> Reviewed-by: Kees Cook <keescook@chromium.org> -- Kees Cook