From nobody Thu Oct 9 10:51:54 2025 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5C3C2550D4 for ; Tue, 17 Jun 2025 21:01:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.186.211 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750194085; cv=none; b=tiARp0EiZ61CRj15zhPsgS9C2lpvyKBmYIE3ic1fbWYK53qtt5g4XBvRBEOL3deErWWdXsob02diltZsPrba1rRmy0w1PiRU0B5otp5Dt5QwIgZO3bfyM23ogMjVA2Z4+oIzEoBw0ejs6AZphqRnykX9OOTzVOBDAt10uVh53Go= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750194085; c=relaxed/simple; bh=ghH64xmkgNd+dDopUniwnekT0RE9latD+FOfh10y87g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=e5RhIs3wo0MvKjQ/IQ+6CdGe1RrnDQfv6sgevXqhwWvglsJGqujmlAJIiRcq57N72w5rw0GsAjtGgtN7jEGVcMV2C85Km/adBXI9F7r5mw+iTRnyF9H74r8RUOV7ti2ieCf/hQ7xwyg7vPA2/xt2mkG9ZCMaDGeGoXW6/E/NBaA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=p/kyiD1W; arc=none smtp.client-ip=66.163.186.211 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="p/kyiD1W" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1750194075; bh=HWbDnsmfiSVNjE+s03/Jh+DgFFx34sqaBnVJGk10ek0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=p/kyiD1W46HVYkxHIE8W/FQnqwdaBtkIMS7KTgZrYgrbX9X3fy/54vytpQA3Ae+GsqvfrAhBMbrvnq3A/+G4+yzODJpNzb9m2wICwF9oeLqxn2fup8wGMWQCo7TXdIFSpchjKPlKx3CvjEWGoW3leJUT0SEJgoPNt1CetnSQH67oW4WvK9zxsickd1iDEA2Uil7IWi25/BPUeeTwRgs+SBhE/aH60wKqSHujV4JcwPQKiPQQr+1Us5kq47TZn4VxTBrwMhW0QDpsmLmHGzEjC75WKy6q4yZ3j1jglXUPw/RAdrMzGDDWh59s0cDKsqZZaIWqqeDnxzWlK+kdrMP8mw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1750194075; bh=IuGIt9h3jLFnDCz699D8qip7p+A7PrMB7VqWRav1Vq3=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=l3AjtVzt2LclLG6KXoTolp23+Bv4LrlpdU4FDFeQIkFr51Ic/IyQUpsfmfo3fr/AVOaCDtn1urH2A8KY1qruapWFAdgB6j+uijetTIZ1shSB6QthFMk4uUgZj/foqx5B2WyPuPMXn/cQZjLYvh/XCYqjRX65OvKcGCBPv4SXFg8dNo1b7cBZuAPSjBJ9c/s8MXQEChwEx68saS3YzPGnBuWKkmp4U+i9kN8gZl3I/UAyoHJWPi+9KGS5+pedoj6bKlt+jGRNajBK+L8suRNrU76QFPjcFgBn4gtYW0UFgu0iG11qv4jOc1O0ZR0hMpysIFFsDD/nQCUi2Rt2k1yypA== X-YMail-OSG: aZOH5UgVM1mMDVdfiaoGo.3430_kscFtQlQGPcy6zuYh2egrJJKAcSjQEhCiXXu JZA7RyU65KSnKESgJup1Iu.FRjGPYJmLKu1sow3gwnV.Eo6AvZOZGekmiHXvUQSKQzEdrIN0yBUo rBWBwj7u5We0TSKB70i6B4BcIopCHAFoYNdeUC8Cabf.y4TeZJMoRET81jlT8PU1QhW5u_3qsOtP opVVuvNdAltsxiAuts3ZglwIwrZBJhlVfpfyP3f0piATqq1fHkQDc9.VkYQ6RUO_BaINvPaWMJLF k5gQ7_ifK3bMK386BceCw0s8gEJDvgNqPo0n.XedNqjlv24.R1gJKctusJEL5C6xzf2raMRV5WgU pczSa15xiTmAbY1V_L5jkdUG3y98e4W1PQ7ohefcm9kh_2H8x8xthQXbO6RiZf.MI8sbmmto2x3b Qg4prFULqARlJTZKhJCVO9..c35Ga9adqizJb7yGQUEk_yK9votHJbH6.N3QfirjvCo3KvflXufQ OHMdlb570X2kO1gw_y7hcGN6ZBtB1sIRiiX4sQ_chLoxfkl.4nNWWVQk5aZRHrD9qbU9_5BVZC8T uRF5G_agFdEW4s0oCsi3Dbxmnwqpv0pFKV4gX1HYZ6DCwkRFu6rlUxLevz_A0jww5pgBO_mDHyb_ HuJHtaS4oK6kQ4G5D.dWqIHeB844EOkD7tvCbCPRB6F8ZZ08xL_eERpgsIJKUpNHYEXxLhWTzZQS 0974kUjpy23IzPVOvOSAJ6WRHc.7_KNu2HuqMf7oJP4_oRpHJkboJkibwqfB9k0S_RhSf36ev.ui 5hSaC_8zNow.idS6vy_IeOcpPJQNAuPzP_Yz9thJUGiGxii1m_CxXi_kbBeibQXww3vdc5ZNEiSX dkeqXB8O6ywThC.v0Rd8Oi9nbthm3lR1tUzghSH4MXkLxysYNRIgH1HXKgqI2k3XgWhu9zFkL1gN SLOvIN_kvEw_yNC_tPqctmDjGGGjCYTQWkjkGswdvjX_Cg8gkQTbuf3_syCteH.DIym.nVF5TevG Tzi50sbhkhU.u205KcyBGP2.S9l8MOGRjX3woxIG2ujRpyEhLWxfq_O5GQ0Oz1MnA4duf_DrRZrq K8_VL_y8BDgmVtPHH0dXKSCBR.d3LwC6EpoeEoASCxdCb19M4R_RavTLeehE46aEh_hkw1Ecb9Cq 4h33jFY8.qU2NPyuz_O1Q4GoobsyrfiUzS1VGbn4Ey_cBIv1iTwuNVnd5wTkdj3pXAvl8GrYISsh 19Y2du8hSMMU_9o.MtWqUz3NykqGjPkxFrnh5Gvfh1Htf_E9gcEuQ1JeUE95zsgkrSGVS3SZsWbf T4vaXlXdbUq2GdoQhbio00J35ZKResDuv0S6k.HJxviUFUpc0u08IpAW0E7HVZf6MbWXtAbVUssS MOjjunZFnPGtdhVjdRLyXo8ev9Ap9xqac6O.b0i7SzPWMz66OQVNFJ0MATxX1rbuxvVCtzI_OlFc Py_vQm3j2.KCv6HSexUbl80ct1LU7McLwnqJ_S2MFuHX9kEihhaWRuqKYhMF0sVSrVMpxkUxAX5a P8bczJYzf3EJVEU4ZpLHT9xS1aKl48GwfDz_GuBX0IpZ81qMpjGbTzq_j.sswZaMKXYZVGLWhbcl J.y2A2QYJmnhY17ksphbxTJ5AqBWEwZ0L_Xa6TCpjYBtZwrDlEEaE5f0LIzEUoF2kEuMMRX8gdUg 6ZOWehyee2eG.mfV3_ENiLqdOvO0LNaKckg8oHQpUIFqnTK1__OG4p.bVhXG.x_LQkWHuJCM_8H8 JZD7wOWspbMrgrqJXpioD0h.3qdjZi67RSn4om2fG7gUNaLPmdxqGA2EtxhCzj27C48eK6zbAj0I arVzQZ7g0dPu1vj1htT7W.3ZMpFNeqD5RJiQ3uKyY1NOHFOLXLQ.vAzVoceCahmjxxKELQYXjViL XwN7no3YWAQ_QyoPFt3Xuy3kGysirk5cfzs8rBH3lT87Dk2ZCA.8NlNboRhZNwEF7XS7THb28v5U ANuG3bSxuKgWu3GaW6XcbmWVeOP9RIEjKNL7qknCM951CVRghji2LbjXPE3N8S35NXiPzPGzIbT2 kU2KQ905jrzbQ_lXy_Y420hdaVHdlOssQZvPLyjwtJjXTx9UBet3sb59ua28EU7kzl3si9q1es9Y MgGXSZYMAsFhDsZd3pGchjtnCMQZwWKmFgl_cZE9HEs2yjZ2bqc_n6352AeqH4N8hipJ5AwN6iBh aHF7Dme_U1i16yN.HPaRbLOinilhMIOoZ9NKudkzz119UJGqxeibOTJQssWJmCjaKBfAgfExS1OL U14HOOC.264AGk64YL8dTl0keWA-- X-Sonic-MF: X-Sonic-ID: 9e07d5c4-3b5b-4029-b31f-209175d0a2ed Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Jun 2025 21:01:15 +0000 Received: by hermes--production-gq1-74d64bb7d7-f4j4n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5c2f63bee58180d330568dcd5f1b3323; Tue, 17 Jun 2025 21:01:11 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, eparis@redhat.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org Subject: [PATCH 1/3] LSM: Add mount opts blob size tracking Date: Tue, 17 Jun 2025 14:01:03 -0700 Message-ID: <20250617210105.17479-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20250617210105.17479-1-casey@schaufler-ca.com> References: <20250617210105.17479-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add mount option data to the blob size accounting in anticipation of using a shared mnt_opts blob. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 1 + security/lsm_init.c | 2 ++ security/selinux/hooks.c | 1 + security/smack/smack_lsm.c | 1 + 4 files changed, 5 insertions(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5bc144c5f685..9741c76e4654 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -122,6 +122,7 @@ struct lsm_blob_sizes { unsigned int lbs_xattr_count; /* num xattr slots in new_xattrs array */ unsigned int lbs_tun_dev; unsigned int lbs_bdev; + unsigned int lbs_mnt_opts; }; =20 /* diff --git a/security/lsm_init.c b/security/lsm_init.c index c2ef4db055db..26c9bdd5f851 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -318,6 +318,7 @@ static void __init lsm_prep_single(struct lsm_info *lsm) lsm_blob_size_update(&blobs->lbs_xattr_count, &blob_sizes.lbs_xattr_count); lsm_blob_size_update(&blobs->lbs_bdev, &blob_sizes.lbs_bdev); + lsm_blob_size_update(&blobs->lbs_mnt_opts, &blob_sizes.lbs_mnt_opts); } =20 /** @@ -459,6 +460,7 @@ int __init security_init(void) lsm_pr("blob(tun_dev) size %d\n", blob_sizes.lbs_tun_dev); lsm_pr("blob(xattr) count %d\n", blob_sizes.lbs_xattr_count); lsm_pr("blob(bdev) size %d\n", blob_sizes.lbs_bdev); + lsm_pr("blob(mnt_opts) size %d\n", blob_sizes.lbs_mnt_opts); } =20 if (blob_sizes.lbs_file) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index b00c2627286a..88cd1d56081a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7160,6 +7160,7 @@ struct lsm_blob_sizes selinux_blob_sizes __ro_after_i= nit =3D { .lbs_xattr_count =3D SELINUX_INODE_INIT_XATTRS, .lbs_tun_dev =3D sizeof(struct tun_security_struct), .lbs_ib =3D sizeof(struct ib_security_struct), + .lbs_mnt_opts =3D sizeof(struct selinux_mnt_opts), }; =20 #ifdef CONFIG_PERF_EVENTS diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 46ef5ece991c..44bd92410425 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -5030,6 +5030,7 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_ini= t =3D { .lbs_sock =3D sizeof(struct socket_smack), .lbs_superblock =3D sizeof(struct superblock_smack), .lbs_xattr_count =3D SMACK_INODE_INIT_XATTRS, + .lbs_mnt_opts =3D sizeof(struct smack_mnt_opts), }; =20 static const struct lsm_id smack_lsmid =3D { --=20 2.47.0 From nobody Thu Oct 9 10:51:54 2025 Received: from sonic306-28.consmr.mail.ne1.yahoo.com (sonic306-28.consmr.mail.ne1.yahoo.com [66.163.189.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C70C2EF9A4 for ; Tue, 17 Jun 2025 21:11:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.90 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750194685; cv=none; b=JIOzYhXVhSFQ4Xr3UpFF4DIsTdg3uDjJt2lYk6YlPGr+CN5XlFebSJpbqBGmL1LS7gbt9kBOfcsdUo72ICcOXtG2c8+Yg52Gi1OH9ZhYKaXFWzdpZWc4/+/xCaO91qS0u7MRFf7h33NaIxtTOwurDsxYAVRI9TtnN3eg5uq9jHk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750194685; c=relaxed/simple; bh=3EF3D8lxhYBlqw7KGLuw5Y8urL6gCeC0wkh6ms1vr/U=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sCIJqJ7Dk5XSI7WAXyd+bX+3kJp4YS5bySGURkEkiMkV5KFIDjvMU92334XfPqPP0v8sdz5s2lJLnLR69bbuczlL8axEk42kJ2VYbSIZmc39KZiZbyri3PICkl32dztUWKZQGEXEefI51Kr0iNAnlph9GWNXnOVlBVDezBT62uw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=Pa+M/RR6; arc=none smtp.client-ip=66.163.189.90 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="Pa+M/RR6" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1750194683; bh=sI0i54Q4pL0t0o09OtuuQYl63AX6B0X/7Bb5sWduo1M=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Pa+M/RR6iU7hAwMp/7NCOBq4LBQZiWyn0Fn3u4jA5k0WAQHrs3D7SK0vOGqgM7ZBwH2IDYNisjae8VuAv6Zcb3poD8/9Ct+/h/53bRMPVLsifRtQWVJ+ygdouOIi8agk26ZIx3ImVsgrbFDIFt6rUiq2ptFBGIHD0cBPGOCIZfLA3iyK7TwtNr/AghVTVqtSF9sSsRxaMt7zTo1PssW3x+rAzxqA3VnvKBZ7IjNP7oTPgIjECVFbqam0TWBapYf4+had8ooKKnCU/Dre7YqKxMtaODdQQ/7BoCfNMWTDXSi96lZqeOJKHZ61gm2Gskr86nN/kKvqBbDdQLWtteQ7wA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1750194683; bh=Q0l4opBfQtuDqmgAVj+1KYhdFluXZwDurgVRap4nFfA=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=EwAxzhYjetyZ2PMYriMn/rvdeaZHKuDtOkipKD0hYCqcKK79ybmY7ycYpXSYnIO4PR0zlWvxtudqULYvg9TXaEvFvunJIVY4lWwum/5EnH4IEOapnXgQe8DoOqei6UCLVH9eZeDI2VQY+sLBtFi+scL5gcR40FeOMOhjzPInflTDjoTlkvTcEzPplPBBdQ2Qy0f5xqrzoDEske4BYQoM3CZ+DZ/VNRC3KfV/tNsX1NleU9bDYdONG46e9VqH6gy/h/0D1aivhi+K1na0ibDYBsm0lYJP/7tEq9Y0aXb3cjkSRD8t5MwrUvKRVfelYnIDg9PWa2sQnjIGv3kCh6wYNg== X-YMail-OSG: WVXAjfAVM1mkEldlz9wEfK0d10JfUleHyKeLmjZd6QENEv7lmiRyz3YOfgFj9Xu HAl2l7kyWjjAtoO8om1hY.GJ85uBqfbjROQcDRDUjjRmNZA4laSbFEVLP016xLB75WSPitfPb2VF uHst.xuFQZ2lJRIwmh67Ay91QtClcD1q3fuPwzRJtLDqPSFda1mPPm.cK8F2RmiohWezj1cxy_R7 5Ki.iPOgzBOGENeP_1lyZaERQ0OqWsEKNU5CMd5DNtV7r0Tsz8E478mx4Ddv0ZuUn1eE5AEta_qK FjNeRJwc5tsumlvjmuM7G4yG77z5aVZ2q.YOoSESk77D9ecJHPXvfFMQIIjWsJOJFGftldWFONPG L7R0ve3Bwpb5OFcVPuZQ2iqNw0jPkDfbPGXen3BSBBSL_.VVrnOGjh37Qjggt2CbybclDnSj3pkn cQmDBezLbcZBGTtJ7KlKnPhBfYRW9.YrECyUWxA5KtZGjK0ef.si_lS1.Z08jsPJR8QOyHyS3gLp P6xl3FFYWjOK0Hexzl2pF8CKRts.u6kix3N._9.gT3AhSnUbchppMJjMQjsiDf38JI5Xp4DweoZI R397EBWQdalgs5EJ5P04yn98UDJ5erG51rI7Vq.RUAdz7kInhuACR7lVopmRiO_i3MdprO5k0A0d 0tEq2R52KKYNXrIGd..0dQRPFAZUZhO3d7hItLUKU_LKztTAPQUlKkdYKCZLyUt5B5.Il_2W7iqq TaBF44oQM7kzgovSlCyth7PjmuIsmCVOO.m.YlPfcbLG7SL8qDF930TvJpSKnyhtEn2JFsb3gq59 7rUvK0MVeX28EJNp.U3ugDR5m4027aw4xZl3XAK.vpAWl_0ZyN7xho8VnCsrQIG9.csOBOeQr7An Nj0bB__ExFsFHiFi0_D75.hI_WqqdG6EB0IZsrojcZZ_isj_HaSCqV7J4EQqtlA.bW8lPnpZCjYZ MuW2_U8pt9EA5E3RVdjIubkvW.eoBvQan3.zfL9ZY7fPr0xAqAH4lThdALOnUD9.4GCLBn5.X1Qn J0obV0U2hRkyNKJr0_ncSD87hlqDS.9mkA2OcF.sspcUjOnnDhWUuqNtxWrWZP6I0BXrW.NGS0_p C9MV5o3CHnIYZp4A261WnrxY8IX888MpRB3uo7ezj9USacR64er2QRZ9FEhqtyZdXKnJoU2Frklx NIVEdKhSX51akAcgArXhQ0c3Qn_KJ3Rh04zbglpGa5rannEftg.biICxX4LGlrbV7PRGXGlPPhOW vnP.NshYvSFOAt7wTFiD7lhPnexLLM17e8zbeDNFbp3.ZlVeB3LfFy6cH9KVZFG5ngEJipZRyLf1 9qOd5s6wwKzkPHfzaJNmBQPDg_Z.oaFNqfsl6MC7_f3SgJHEHtb_ZdOp9s55PaqbE_4gYauK098G nImpzXhjiIq7ShHuviAEjxb7TrrN06cnluB0nNum31drhsOhX4gRWN7uXmJBd.l70YnpTQsUkhW5 vS.zWKAvrEjCUNTVQzkFhAG3jPBarhW1nRxlUkI8uqy85FocGNVoMNWLumkVge5H4faPvWQqyidn qXp3x6yDXluGaZ7HMJgAOtd1YVcl3gCzncH4Af3p3cuD2lwk4TAMHjBnqvsuaRrQtxKCsZmzMbU6 qT2cRpQgSjGmRZm6w43js9D.OqF1vQCxLPuW6ONyPdOSWD9C5NlKksTlbeWBQ9g0zURCnQhlG257 A8F6n3uULS0T5sKSLXgFuh8YxJSspbUwpRqRSHCs13jnT7Wn6hmxlK5mV9Mxrklat0BkpCAzr1Bi 6F9C73AaNKToQQhF8LJYQD0NOWPAl9sMe5Tdwqu6YbbGWbnBr.JxyTMeHApPf.5RhBXRDr2R1gBU ddGMgn5wxkflL128xzhGM7LMZn61e8SqwPdLUTJ6QGMtnWj1YldJ0cbSlWIkiLBbBf0D5SxasAFl Cz7EL828ucSjUL9YnHluf3fWURIcOFJ0Tx_C0mGeTgNWXodyRsSCNazw_me8Epo9AeFlIRg5Ygaq MTZQRGcXtgxYuCV4bq7ID9s2LGD91dSA4bmLkB0QNOj8tmcmWowSmqqKZ_nSAC6hSdiSR0v.T6Z. X8RRxmwVMtvp472J8gY3O88Uy_6e.U._kG8rGueGxaqYxeWXw8dQDvNHma66cHMN.9UdkyNHMqy6 AKzZk5ErDIj8Lw37gdV.0SZ3KdIa_orHFCIzCvgJGvcK74fkpHcmNxiilYIiAfk.okBPI9y5xvCb WzRbwTkcYE3mpNe.eEOvTjgEr1.NCbHMyZHpF09bbU9qOr1jSg6M7spmQs7LqXz5Ztxzz_oOJzkj b.VVaHuVFiCB.eFl6tUqqo8ZBzLk- X-Sonic-MF: X-Sonic-ID: bca69091-4de3-476a-9a95-1eb54be5ef1f Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Jun 2025 21:11:23 +0000 Received: by hermes--production-gq1-74d64bb7d7-f4j4n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5c2f63bee58180d330568dcd5f1b3323; Tue, 17 Jun 2025 21:01:12 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, eparis@redhat.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org Subject: [PATCH 2/3] LSM: allocate mnt_opts blobs instead of module specific data Date: Tue, 17 Jun 2025 14:01:04 -0700 Message-ID: <20250617210105.17479-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20250617210105.17479-1-casey@schaufler-ca.com> References: <20250617210105.17479-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Replace allocations of LSM specific mount data with the shared mnt_opts blob. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 1 + security/security.c | 12 ++++++++++++ security/selinux/hooks.c | 10 +++++++--- security/smack/smack_lsm.c | 4 ++-- 4 files changed, 22 insertions(+), 5 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 9741c76e4654..1871ebc5833b 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -219,4 +219,5 @@ static inline struct xattr *lsm_get_xattr_slot(struct x= attr *xattrs, return &xattrs[(*xattr_count)++]; } =20 +extern void *lsm_mnt_opts_alloc(gfp_t priority); #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/security.c b/security/security.c index 8a4e0f70e49d..ec61fb7e6492 100644 --- a/security/security.c +++ b/security/security.c @@ -904,6 +904,18 @@ void security_sb_free(struct super_block *sb) sb->s_security =3D NULL; } =20 +/** + * lsm_mnt_opts_alloc - allocate a mnt_opts blob + * @priority: memory allocation priority + * + * Returns a newly allocated mnt_opts blob or NULL if + * memory isn't available. + */ +void *lsm_mnt_opts_alloc(gfp_t priority) +{ + return kzalloc(blob_sizes.lbs_mnt_opts, priority); +} + /** * security_free_mnt_opts() - Free memory associated with mount options * @mnt_opts: LSM processed mount options diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 88cd1d56081a..f7eda0cce68f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2808,7 +2808,7 @@ static int selinux_fs_context_submount(struct fs_cont= ext *fc, if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT))) return 0; =20 - opts =3D kzalloc(sizeof(*opts), GFP_KERNEL); + opts =3D lsm_mnt_opts_alloc(GFP_KERNEL); if (!opts) return -ENOMEM; =20 @@ -2830,8 +2830,12 @@ static int selinux_fs_context_dup(struct fs_context = *fc, if (!src) return 0; =20 - fc->security =3D kmemdup(src, sizeof(*src), GFP_KERNEL); - return fc->security ? 0 : -ENOMEM; + fc->security =3D lsm_mnt_opts_alloc(GFP_KERNEL); + if (!fc->security) + return -ENOMEM; + + memcpy(fc->security, src, sizeof(*src)); + return 0; } =20 static const struct fs_parameter_spec selinux_fs_parameters[] =3D { diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 44bd92410425..1d456df40096 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -622,7 +622,7 @@ static int smack_fs_context_submount(struct fs_context = *fc, struct smack_mnt_opts *ctx; struct inode_smack *isp; =20 - ctx =3D kzalloc(sizeof(*ctx), GFP_KERNEL); + ctx =3D lsm_mnt_opts_alloc(GFP_KERNEL); if (!ctx) return -ENOMEM; fc->security =3D ctx; @@ -673,7 +673,7 @@ static int smack_fs_context_dup(struct fs_context *fc, if (!src) return 0; =20 - fc->security =3D kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL); + fc->security =3D lsm_mnt_opts_alloc(GFP_KERNEL); if (!fc->security) return -ENOMEM; =20 --=20 2.47.0 From nobody Thu Oct 9 10:51:54 2025 Received: from sonic306-28.consmr.mail.ne1.yahoo.com (sonic306-28.consmr.mail.ne1.yahoo.com [66.163.189.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C6A42EBBAB for ; Tue, 17 Jun 2025 21:11:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.163.189.90 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750194685; cv=none; b=rZ3NnuNzr6RBlzpD1F5017P5roSTe315xlWBrHOv/SsnW9QNVv+6Uj2YMXtEL1xaY/cZiNIVFNwqtBpg+odsdZzTkmtwTOMlPtSF9v9Cb2lqlf5L4Vp7OcOYDDMoELSloMf7U5cwR+zCana9hA5VP3aranRs0VSfIk8GlWkaPvo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750194685; c=relaxed/simple; bh=s6Zlbdl8RXwqc2QBqLF39ACjWvYfI+KbaL3DtQhXQ0U=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LlvBn6eYzLzL2j0YNiFy7rrf19DcEtL0sTA6Il7u5HiFtiERlnBP4IWvgcwIv+PMVNzprVnv2twM2nihZckaI1SwvWOSH1krZxVMsLYzEf04KCCn7ddWX34x2o5gazPMBZQTMGFf0Jc09sHijBZg+WlSxVAQVMLD/oxcGopXJdc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com; spf=none smtp.mailfrom=schaufler-ca.com; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b=MwZSrMmU; arc=none smtp.client-ip=66.163.189.90 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=schaufler-ca.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com header.b="MwZSrMmU" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1750194683; bh=xkBYRFAHX7ZhFADk14XFnsgj0mIElQL2qR7XvnrGWF8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=MwZSrMmUGgZi1W4Bd0oPFHhSsXcX9wzn5fW7i0cU4CPB0PFCpxbn1ZaXZEUDICSmC1BcvbtJmC5j/ZREErgZ+/RUwyYYHmqvWFqjBXGhIbO3Qk75XOF0L7YxnxHY8UCtoaqPApK5ENcnSjY/jhbjCBLZaDN0vQzIajWNEn48M2Xr+RzSu7nO0r1rUI++QltgpDqY3NEwezlRI8PSTyy8ldXwkYoItPD+g+skggiV+xDkbSVZFx7+ROT0xY1woZ2cG8Z+a4q3Mau9pf3nDWsy31q5CqVcvmvuAVAVRgm3WzRR92qPa/hxSkBri3sXtA8IomcNxoFXsX8GB8WiqAkRgg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1750194683; bh=s7TX8Ruh14bgzZW8w8wjHsCJIwt4Dccs9rkHwfDINvG=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=nYV9ABjx+yPtmkM/mTsmee7xW2YfM+xdlxjbWPwfk7aoq7joUSC0zTGsqNAlUNEb0xJGPq50hYErlywqzZTXMEBFJ4YOoIcuIKaWg7quV+OOtrXSXLSmdtJtvfS1cgwtmibZX0y4263Haf/p0lnvydtzq41Ww/QE+ENxuvM/eOWI0fYdmuetZPKlkvau+ApxtMJkEVvtLWoJE+npWaLuAPpzBsc7KbFdFF52kwHOAlHibx7MH3uo87dCB6tavROiTzqQrCKCORsZMZwWyR/C4VuhebIJM+dz9tr5kBI9jDP+U24QSleGe8QIjoOnQ3CTN3JLZWl2AoqG8/hjTsYXNg== X-YMail-OSG: KZRtb5YVM1lVDF9XgijnLRCF2Xol2vu1vFyI_i2uLuYWS9r62LW3OEcXWxsP6wr 3_QzUJJQ_A2pqzm_OVNaFaJHOFfiEJUB882XtfgCuWwCUxe_wps1lxyA7mrHc6AMb_U7IHGnQveX YNN.vkZ2ycfWZpwfgjTnEPcrEs96aRX83CZi7b1m5NWghXP3IKoFFuWhpk2KJzB53YaKKCaA4bA2 H9n2K6GYSwZaGD9bUz.qAdu036bMw55AR1R_Yb8_84.EfGkUy8y3jNjHFMv8DZ91t8cjL30ngC5j 6dMHU9Jo3q2dNsZdQJpeE0NtH6NwVfFVEDdxuVHwoQvr8mcPbkfsdoeoXqKcQ1AFhN3s8KNFxwpj tzLo3eC9pXmIvnsTi2H9e5.w_4G80q_2CJhAKSui8P52Ah5SutOex4_JV6anTgl9D4Rh.okqCkPN eIbVOrr2rWOYkPiBok79vVYtyZzyUX8j29dxw0UtmuOMJMWw23GAe_eDVl7xAoWnpLqSw6yGx2hf q179kaHDeOSeiRf_pofl3s92aA3hPUflKb_87KQ7wIx.NScTIHqdlgfvofI2g.ZRcWxDVu92.Wf9 N1ZtjUvC9lVroYAT9JxcY.m_fXZ1nQlwqEkpZSxeLt2EN3n6bv3OCAIDNyx1KPuX9u2S.tCAIjot Va.BZ6PE5V2Rjh_gFlRnCBFzLYYbgHI6GuODeTS19WH7cXZX9Twb8nxhf4OgRKjA8DDps4yTRXZz fvxX7upR4wn8b6CAVdo995RFrTJEqghApcTPhZ5zS1S9eN7WkW4Ga5aCcc_KV_El86uAdRPM.ulU vhJUMouHyjq6iSnkYKZPbkbnv44NEGaee28Q4dJqn_9lYze7iZ_VFS4PJ04HdEN6NCInUi_d79Gq tGQQakmxnaUQnXMjL0sf48dn1DdQy._57oSLcBNd3hkzGbPaCGy9pF_iGVJwRzlhM6GGApXc2Vt3 dJbA1FDK3qReNp2E0RoQ0o4xUe7I.8hGd_hUwbE6_zixYsrGOGzWAvukgjNk1P3eIbKnXAU68aoc ckQ.r90TGDvRttHskLLAxWecsagXHvKEKef0R7c8mt24Tuk9d5b25CHW3tmw2NsJ2gFRdJtT7RBG hYgVi1zX8otdendmprOVwY6xBCYkSEhWSMRBVK8kw9WvusEVgNEVZnJ2LEiNwz0V.YXKIp89jWNI 9xOv4rY_mVy.njTxgg7n3PNQY0g30cgTtjw1SK5YMHxMbDiwpmqp.TCPk96hbOEskG7XH.Uns9qn n0sJa6uBgPvYVcwhEE7w6tip8dnno_ZJcYBbQXBOPpngy4W5ekRrE76JoJyXwMib7Hg036frG0F9 HCUaYQWX6ITbjf6eRQkkI3lvZ98dJGp_AR5faXMHaEGYy4.zPE08p13KaGpjsQ.2hT0RMpFZb3GY FVMn7aUOIQGgkfpf3nHZtn7jhClp6kehRVLKF6zupbkr._IHp3l.WMrH7xrduGlHFoXUfcNx4qCh oUyFAPgYakmKDZ72RhYXSMPSN0pY9kkNoOhq.Zs9FtDttPkUAPdAIP0QZSIynjMEj2z9E.554kgw nKUTV7Mu2k.bA_nnl8bYv2NhyYXRyao3xYwIDaiUeaXoFN7OcxQEjotptaJQ6bE48pCyuO_Qkk1Q cOUxL1wMpqbqjf__fwBy0kqKUtnq_lscAlbsm0e2GlkqOuLdBchT.Dh.SYp3_jJ_U9KBOmRwa.pc hLRKF01GaxckjpZvVZxc1UPK6wTClLd837nhHAeCnu1LA.WP2mx7Aev4WzDE0RZvC_Pewa3VEDR1 coIhpfPY5FZvxXb0N230eUg5mm4YqHxQDgNQ3V1rfGbxbI8HLjj__5IAsEKw7N9o_6LYzJsKf4.w _9I4DLP0Ea1reJd.J9.ktdNlEXv7rkPH509nS9K1jX0K17nsUfEX06NPT2JqhNZM1OHWX.BcyF46 DO0NgClvf6geIkhHAU0IWawc2hsG72gb2Pk5SG.QeupqR3Xlv19oUJSn4AB.xxC_gTxXzcMbDRjd hFPvgF34jRI7JIBmZg1K6XjGyAqjHg9DYphlXW53165czptIp9uPctDBOfYqUBBSkvyRdw4_DnI3 X5gbo50ZEgPCgi1yfxMoPGS0uM9sQIlKsT5Mq9iE7URUsTmDcmTxI9FFvFckmqzEjSDNHQ2DA7xf bhbZWjGoNVmepRESXrQnkq4WRaqqQxqPcqVz5Za2K9zbi54n0CeOxRAts5EF9HtPtB34a4F120bV c3IrowqtY13FYBJzGbB7FP2sh8pq7DNmWki7b3EynaW0lvYboJ4Sx5pWQk.jfwbJz0UPt2fE042b pK09WEF2aW8LGUxEYQiWGw9Ysfpjd X-Sonic-MF: X-Sonic-ID: 7d08d374-ec9d-4edb-9e4d-1b9affbe8ac1 Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Tue, 17 Jun 2025 21:11:23 +0000 Received: by hermes--production-gq1-74d64bb7d7-f4j4n (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5c2f63bee58180d330568dcd5f1b3323; Tue, 17 Jun 2025 21:01:14 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, eparis@redhat.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, selinux@vger.kernel.org Subject: [PATCH 3/3] LSM: Infrastructure management of the mnt_opts security blob Date: Tue, 17 Jun 2025 14:01:05 -0700 Message-ID: <20250617210105.17479-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20250617210105.17479-1-casey@schaufler-ca.com> References: <20250617210105.17479-1-casey@schaufler-ca.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move management of the mnt_opts->security blob out of the individual security modules and into the security infrastructure. Blobs are still allocated within the modules as they are only required when mount options are present. The modules tell the infrastructure how much space is required, and the space is allocated if needed. Modules can no longer count on the presence of a blob implying that mount options specific to that module are present, so flags are added to the module specific blobs to indicate that this module has options. Signed-off-by: Casey Schaufler --- security/security.c | 14 ++++----- security/selinux/hooks.c | 58 +++++++++++++++++++++++------------- security/smack/smack_lsm.c | 61 ++++++++++++++++++++++++++------------ 3 files changed, 85 insertions(+), 48 deletions(-) diff --git a/security/security.c b/security/security.c index ec61fb7e6492..01fa3b5336b0 100644 --- a/security/security.c +++ b/security/security.c @@ -843,17 +843,14 @@ int security_fs_context_parse_param(struct fs_context= *fc, struct fs_parameter *param) { struct lsm_static_call *scall; - int trc; - int rc =3D -ENOPARAM; + int rc; =20 lsm_for_each_hook(scall, fs_context_parse_param) { - trc =3D scall->hl->hook.fs_context_parse_param(fc, param); - if (trc =3D=3D 0) - rc =3D 0; - else if (trc !=3D -ENOPARAM) - return trc; + rc =3D scall->hl->hook.fs_context_parse_param(fc, param); + if (rc !=3D -ENOPARAM) + return rc; } - return rc; + return -ENOPARAM; } =20 /** @@ -927,6 +924,7 @@ void security_free_mnt_opts(void **mnt_opts) if (!*mnt_opts) return; call_void_hook(sb_free_mnt_opts, *mnt_opts); + kfree(*mnt_opts); *mnt_opts =3D NULL; } EXPORT_SYMBOL(security_free_mnt_opts); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f7eda0cce68f..b00c78e0a650 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -378,15 +378,28 @@ static void inode_free_security(struct inode *inode) } =20 struct selinux_mnt_opts { + bool initialized; u32 fscontext_sid; u32 context_sid; u32 rootcontext_sid; u32 defcontext_sid; }; =20 +static inline struct selinux_mnt_opts *selinux_mnt_opts(void *mnt_opts) +{ + if (mnt_opts) + return mnt_opts + selinux_blob_sizes.lbs_mnt_opts; + return NULL; +} + static void selinux_free_mnt_opts(void *mnt_opts) { - kfree(mnt_opts); + struct selinux_mnt_opts *opts; + + if (mnt_opts) { + opts =3D selinux_mnt_opts(mnt_opts); + opts->initialized =3D false; + } } =20 enum { @@ -641,7 +654,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, const struct cred *cred =3D current_cred(); struct superblock_security_struct *sbsec =3D selinux_superblock(sb); struct dentry *root =3D sb->s_root; - struct selinux_mnt_opts *opts =3D mnt_opts; + struct selinux_mnt_opts *opts =3D selinux_mnt_opts(mnt_opts); struct inode_security_struct *root_isec; u32 fscontext_sid =3D 0, context_sid =3D 0, rootcontext_sid =3D 0; u32 defcontext_sid =3D 0; @@ -657,7 +670,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, mutex_lock(&sbsec->lock); =20 if (!selinux_initialized()) { - if (!opts) { + if (!opts || !opts->initialized) { /* Defer initialization until selinux_complete_init, after the initial policy is loaded and the security server is ready to handle calls. */ @@ -695,7 +708,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, * also check if someone is trying to mount the same sb more * than once with different security options. */ - if (opts) { + if (opts && opts->initialized) { if (opts->fscontext_sid) { fscontext_sid =3D opts->fscontext_sid; if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, @@ -1004,7 +1017,7 @@ static int selinux_sb_clone_mnt_opts(const struct sup= er_block *oldsb, */ static int selinux_add_opt(int token, const char *s, void **mnt_opts) { - struct selinux_mnt_opts *opts =3D *mnt_opts; + struct selinux_mnt_opts *opts; u32 *dst_sid; int rc; =20 @@ -1019,12 +1032,12 @@ static int selinux_add_opt(int token, const char *s= , void **mnt_opts) return -EINVAL; } =20 - if (!opts) { - opts =3D kzalloc(sizeof(*opts), GFP_KERNEL); - if (!opts) + if (!*mnt_opts) { + *mnt_opts =3D lsm_mnt_opts_alloc(GFP_KERNEL); + if (!*mnt_opts) return -ENOMEM; - *mnt_opts =3D opts; } + opts =3D selinux_mnt_opts(*mnt_opts); =20 switch (token) { case Opt_context: @@ -1051,6 +1064,7 @@ static int selinux_add_opt(int token, const char *s, = void **mnt_opts) WARN_ON(1); return -EINVAL; } + opts->initialized =3D true; rc =3D security_context_str_to_sid(s, dst_sid, GFP_KERNEL); if (rc) pr_warn("SELinux: security_context_str_to_sid (%s) failed with errno=3D%= d\n", @@ -2650,10 +2664,7 @@ static int selinux_sb_eat_lsm_opts(char *options, vo= id **mnt_opts) return 0; =20 free_opt: - if (*mnt_opts) { - selinux_free_mnt_opts(*mnt_opts); - *mnt_opts =3D NULL; - } + selinux_free_mnt_opts(*mnt_opts); return rc; } =20 @@ -2704,13 +2715,13 @@ static int selinux_sb_mnt_opts_compat(struct super_= block *sb, void *mnt_opts) =20 static int selinux_sb_remount(struct super_block *sb, void *mnt_opts) { - struct selinux_mnt_opts *opts =3D mnt_opts; + struct selinux_mnt_opts *opts =3D selinux_mnt_opts(mnt_opts); struct superblock_security_struct *sbsec =3D selinux_superblock(sb); =20 if (!(sbsec->flags & SE_SBINITIALIZED)) return 0; =20 - if (!opts) + if (!opts || !opts->initialized) return 0; =20 if (opts->fscontext_sid) { @@ -2808,9 +2819,13 @@ static int selinux_fs_context_submount(struct fs_con= text *fc, if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT))) return 0; =20 - opts =3D lsm_mnt_opts_alloc(GFP_KERNEL); - if (!opts) - return -ENOMEM; + if (!fc->security) { + fc->security =3D lsm_mnt_opts_alloc(GFP_KERNEL); + if (!fc->security) + return -ENOMEM; + } + opts =3D selinux_mnt_opts(fc->security); + opts->initialized =3D true; =20 if (sbsec->flags & FSCONTEXT_MNT) opts->fscontext_sid =3D sbsec->sid; @@ -2818,14 +2833,14 @@ static int selinux_fs_context_submount(struct fs_co= ntext *fc, opts->context_sid =3D sbsec->mntpoint_sid; if (sbsec->flags & DEFCONTEXT_MNT) opts->defcontext_sid =3D sbsec->def_sid; - fc->security =3D opts; return 0; } =20 static int selinux_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) { - const struct selinux_mnt_opts *src =3D src_fc->security; + const struct selinux_mnt_opts *src =3D selinux_mnt_opts(src_fc->security); + struct selinux_mnt_opts *dst; =20 if (!src) return 0; @@ -2834,7 +2849,8 @@ static int selinux_fs_context_dup(struct fs_context *= fc, if (!fc->security) return -ENOMEM; =20 - memcpy(fc->security, src, sizeof(*src)); + dst =3D selinux_mnt_opts(fc->security); + memcpy(dst, src, sizeof(*src)); return 0; } =20 diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 1d456df40096..e88de89a5bc1 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -544,6 +544,7 @@ static int smack_sb_alloc_security(struct super_block *= sb) } =20 struct smack_mnt_opts { + bool initialized; const char *fsdefault; const char *fsfloor; const char *fshat; @@ -551,24 +552,37 @@ struct smack_mnt_opts { const char *fstransmute; }; =20 +static inline struct smack_mnt_opts *smack_mnt_opts(void *mnt_opts) +{ + if (mnt_opts) + return mnt_opts + smack_blob_sizes.lbs_mnt_opts; + return NULL; +} + static void smack_free_mnt_opts(void *mnt_opts) { - kfree(mnt_opts); + struct smack_mnt_opts *opts; + + if (mnt_opts) { + opts =3D smack_mnt_opts(mnt_opts); + opts->initialized =3D false; + } } =20 static int smack_add_opt(int token, const char *s, void **mnt_opts) { - struct smack_mnt_opts *opts =3D *mnt_opts; + struct smack_mnt_opts *opts; struct smack_known *skp; =20 - if (!opts) { - opts =3D kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL); - if (!opts) + if (!s) + return -EINVAL; + + if (!*mnt_opts) { + *mnt_opts =3D lsm_mnt_opts_alloc(GFP_KERNEL); + if (!*mnt_opts) return -ENOMEM; - *mnt_opts =3D opts; } - if (!s) - return -ENOMEM; + opts =3D smack_mnt_opts(*mnt_opts); =20 skp =3D smk_import_entry(s, 0); if (IS_ERR(skp)) @@ -601,6 +615,7 @@ static int smack_add_opt(int token, const char *s, void= **mnt_opts) opts->fstransmute =3D skp->smk_known; break; } + opts->initialized =3D true; return 0; =20 out_opt_err: @@ -622,10 +637,12 @@ static int smack_fs_context_submount(struct fs_contex= t *fc, struct smack_mnt_opts *ctx; struct inode_smack *isp; =20 - ctx =3D lsm_mnt_opts_alloc(GFP_KERNEL); - if (!ctx) - return -ENOMEM; - fc->security =3D ctx; + if (!fc->security) { + fc->security =3D lsm_mnt_opts_alloc(GFP_KERNEL); + if (!fc->security) + return -ENOMEM; + } + ctx =3D smack_mnt_opts(fc->security); =20 sbsp =3D smack_superblock(reference); isp =3D smack_inode(reference->s_root->d_inode); @@ -655,6 +672,7 @@ static int smack_fs_context_submount(struct fs_context = *fc, return -ENOMEM; } } + ctx->initialized =3D true; return 0; } =20 @@ -668,16 +686,21 @@ static int smack_fs_context_submount(struct fs_contex= t *fc, static int smack_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) { - struct smack_mnt_opts *dst, *src =3D src_fc->security; + struct smack_mnt_opts *src; + struct smack_mnt_opts *dst; =20 + src =3D smack_mnt_opts(src_fc->security); if (!src) return 0; =20 - fc->security =3D lsm_mnt_opts_alloc(GFP_KERNEL); - if (!fc->security) - return -ENOMEM; + if (!fc->security) { + fc->security =3D lsm_mnt_opts_alloc(GFP_KERNEL); + if (!fc->security) + return -ENOMEM; + } =20 - dst =3D fc->security; + dst =3D smack_mnt_opts(fc->security); + dst->initialized =3D src->initialized; dst->fsdefault =3D src->fsdefault; dst->fsfloor =3D src->fsfloor; dst->fshat =3D src->fshat; @@ -787,7 +810,7 @@ static int smack_set_mnt_opts(struct super_block *sb, struct superblock_smack *sp =3D smack_superblock(sb); struct inode_smack *isp; struct smack_known *skp; - struct smack_mnt_opts *opts =3D mnt_opts; + struct smack_mnt_opts *opts =3D smack_mnt_opts(mnt_opts); bool transmute =3D false; =20 if (sp->smk_flags & SMK_SB_INITIALIZED) @@ -820,7 +843,7 @@ static int smack_set_mnt_opts(struct super_block *sb, =20 sp->smk_flags |=3D SMK_SB_INITIALIZED; =20 - if (opts) { + if (opts && opts->initialized) { if (opts->fsdefault) { skp =3D smk_import_entry(opts->fsdefault, 0); if (IS_ERR(skp)) --=20 2.47.0