From nobody Mon Sep 15 20:49:56 2025
Received: from sonic303-27.consmr.mail.ne1.yahoo.com
 (sonic303-27.consmr.mail.ne1.yahoo.com [66.163.188.153])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 899322F60B9
	for <linux-kernel@vger.kernel.org>; Sat, 16 Aug 2025 16:42:03 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=66.163.188.153
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755362525; cv=none;
 b=aoxcejdp7c6p/Nqjqb6bmV8r5csKnvnmu7ql2MFz6V5pyGnehg4SsKsQ54CXzpjyrb9V3RxtiBtfcOt4PcGYAJgU3AixWOErcbwhIHcy2Y44fwEQ/is50g1ycf7QNGWUQQaSqcYpR0hGzWmvFr9GOoH6WAoz6wrEXsCdMq7PFeg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755362525; c=relaxed/simple;
	bh=LdSH0wZXA0d9ZO+V9BqGuMWnBUCrEK/3MhTgmFMbuTk=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=SZeDYGvd614hMFsOnkjW9Xkn7NEowH7F7Kcnj+LH4ZaV1SdZc1de3t6lOGPcVOwLR6L0bLrEarBXJwAqQOrtGf0CPT3jEmkTtS5UE1iQIoidveBasA1x1E8lDH8oJGJuwaBWAWSjt3JGoLoH5jY+71mXRbzLf2f/J2IrEMJdtVQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com;
 spf=none smtp.mailfrom=schaufler-ca.com;
 dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b=fzND00tT; arc=none smtp.client-ip=66.163.188.153
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=none smtp.mailfrom=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b="fzND00tT"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362517; bh=D0lcggDIluX3CxfaaRR5GM2Q348797+wJXjQGm4ExYY=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To;
 b=fzND00tTwqvQQj0Z4sB62wJEF+MNwfas750XEwQuZ7B7PxkKfqu2ZKXRa9lcoTiwsM9kpwFTEfcbDBSy3FsSn3TzTQG/9u0rcSUBepzHOjoRlpXROKG7Ia2fKEAGgAMnHbINxh/jG2SD/yM5uOW1Xg/Bq0KbDIF8Bb/KTTwTXsX+9hb3xvHX7+Z6JLNHhQ0II//lT1uInGMheYZ6WzFseWHD7Fi5EqugtQZQd2GDjtqnuCxtalkbSIkV4inf/e23yF+PvjJ93VdJEXooKt/3mN4BO9+o7PNJ/aUw93BMFhXgnmthLRVLDIHC40xvC23ZEqDR1xubWfeP91Ha56zl5A==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362517; bh=iAYOMfjvuoRciCFSqB/hofsrDh8lNHnHo95pMviXXuK=;
 h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
 b=Z+b/ZJep2PExnm1+9XuaxnwoS+XhcDG2Id1JXaYMlplnVCZHK6pRJDeovL6kRxs01fI1lK7GloLrBifjpX2Z9UVRbBUB3NM+Nfp/Iu0RfpsyLYCUZIgwTyZltbFOSBHL9AHeorfpJhqn/W8F1mm/vjyUta/yHDAi2/ArOj0RBu1Uunzj8Hs3Dhn6aqUSaMGkyIfXj0WWNIJegXyzLQb7r8ZKlEhKKmsgO0FVZ5ouf1TjRdYqMYNBpeRQq1QUKsF2iuj5YQBE/Y6J0GBCrNLN6dThvuycHqL1OQuFpcyEcybklDqvYX/8cMqZepJ8LjW7EykgAWCGFD2yA4Fdvn9yCA==
X-YMail-OSG: njfaFDwVM1kpElMw3IxHcCdSmMk0xxNZM8fo3fmoe4rb1yVz3CRicBZeGgJ.Nli
 R41nJq37h9.OatlgxMLXI6JQrvUmE_W2Y9C87JwWMC6jQSqor3iknKl7bigDKbMIExVFMCQeI8oZ
 .kvFKBWHjIE0O_ydfvw7mKHQQYhEYYiWxI4j3zjMPjJJlH3AJjRu_L6zWEp1Y6icXjATgrOxe9h0
 yCWXs.Ukxa17qeN7PPgpRmIEmpFgME5xfQccfmLvFai2.UNte82twjbnfyts1JKgZiq0vrVo2hci
 Fdt7.efE5XbCyh4uCmgM2ve80av4oDPQSfxNYmvl5ryLLizPpkpUiAiAYENrHnY.mqIP5dEBDwmm
 DC6kGOnukkdzXiiZUnj8vJG5zfp_jaqCrhKyUCFM66x6Jd87Pqg.MIs.aWPbppVZVmynDrF_C.RQ
 t8Tvbz3LHXWreJ6zwNq3FGb0PDqw83jql3CiG4mhCdymjOebRtbPdUSdE3iqMu7NVFc8Dti8ZZyp
 RuY3fnTmrT6SPB_LfZ4atTNrwEcn7ew_MFjvowhSPYAJQSdh8xSGu6DJmkS2bHwyZHMWDklgmv3J
 dQI_ze1hBOjBTfTdAFYhhDYpeNFOJowLpfb6cUuyz6pZRQ18P4vkuHQGrffer0jWgNglvVMHSdR3
 Ir8x6xoTPr.R7rHUweutq3Z2hMM9OjHAPtsLKa0rSxHbSsCXv0gr3DB7PEwjlsiJy1AzARFR4Uco
 GvGE.Wo9mx_G_BISX7JvFElustO6FnBlpJKjnZipNdQ7muGAkbzLPfUPWBgnHSRamkHdLVKvwAr7
 GYczr4HmQzUw0rJ31fcT.3g822AGPJ_ozBGX8caabYXFfcvUKTSfJ7AJdV4W.VQP.DOvaIF2Fj.k
 7qmZSQ.kowjjqSahhkv6Gd9OOyGidXMkCyaLcfJefA8vfFhxQDs8WzddDsA0U31scpWfSlXGdwf3
 4y6eq6BvP8rov6rbqclmxBoQ01LM4iYAYKrbgUDuSgsCiiwI3aks5OsEyD1KUZVyPqh_god5atng
 iaF5RG.A6Oe4YF5ekF3Kbmvob.0FVmEdB804umCOXz7M79oWytusI2wa.6xxDTdDOHWfRIatHOLX
 jkHWj9uF32g6TnNrgi__iQShRwNeDZscyQswRchOHoH4fGp.HZW1gtYC7KwWRWnK0.izTm__1L6u
 IkSl3AgAyxVHuH2Vm518lR4YgGBScTV1cUjzR0oiIyE3z._mXD9pMrEyytFyATmML80naRINbSaT
 qXDGt.ZvN2T81Z9adpgdnC8cly_prcVrkKq8kDIoacbb5NfY_7MQSYs_EG9uSymwleauk3bxbgsk
 _xL8kyjcvEYaIpii_VoCF0aHt.JWYKuPCwA4ZARwGFtjNa.0N8.8K4YHNClWg3NpVEcAKzrBdicu
 SqwRmDqt5cBSSEAqmHkGbbmFWmz.zKR4IIidlBPsBKTssQjL4sVJz7pxnF4.hkMb4A66E6BDLT_q
 P7BmrlsKg3sJmQSbijQcM_wO4_pOR9n82o8CCT5VbGBzelz8DV_DN7lL9ZuSoQ.Egjnj.TXqdvQ4
 zM31SrREFZXB2TEHFNPAeJ5AUr5edpS4zbEsKBt5xsR.DCNKKLb__ZsSgJoHRAcvf3cRM1sg89ce
 QSkQui39D.Eq8l.WlR3k_018yARydmAz10lN9mk0TmK_f24OnOKntMfEZtvvdFPduDEhSec5pdWz
 O.Fcny7dU438ogCBZ_urRWVmo4bY4DktKsND6ZxhFY0ZVM.PuMG1CO2So1mUXsYHCy0Q6B9o67yn
 EtXqmAaoRBoqo4ZeQbLugIyhy7XjIcRxqgSrN700zj7ZMVwahlxsoETfOy3zjjNEabc7U5hIq2qM
 n0osCLE7wsN3aufQcy.1eLjr_QBm083RXl5c8VZdEI1BAzlb.aC1SgqKmfo1ES4QahhLAM3Mz4aW
 asRTPQrbt5Y2.80JMIf91GheFkJB1M398DSZeSYiydSbpO0G7xOelVsaesUISYgpHiynimXBEKaS
 hxpQtbwiEmyWoET69xxLy.wLasEvZDRaVpssFQuERXpOHpEfpnvcQKViPSQXgVSDgJHK9Cpy3gM5
 kHVzuNDcgF3gERWdbMFJrOiHFGNU.T1fdArzN.5MHdFMavAeWeKT2WsYEmsF2cZDUBHB68ld9F0L
 mLsqNNGygPmLmNdJ88EBe_aJSyC_s6Q4x_VmoeQtQTrda5KYOZtEDVGErEftnRM1trRKEJQnJxgh
 tnR28nOiFLuIbaIISRVP9zzDUakgCtrQYML0bdKsIRd1waU98fTM7MMaGbQD3owO9FIk6O0LJ8YT
 wPSYvtGZLKyXlSDzEsInf1adK
X-Sonic-MF: <casey@schaufler-ca.com>
X-Sonic-ID: 27f2f0f8-8167-4224-b0b6-64b5e33f7407
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic303.consmr.mail.ne1.yahoo.com with HTTP; Sat, 16 Aug 2025 16:41:57 +0000
Received: by hermes--production-gq1-74d64bb7d7-5qmwx (Yahoo Inc. Hermes SMTP
 Server) with ESMTPA ID 12cf07a2fbb9800c7a9ea9632f3a0835;
          Sat, 16 Aug 2025 16:41:54 +0000 (UTC)
From: Casey Schaufler <casey@schaufler-ca.com>
To: casey@schaufler-ca.com,
	paul@paul-moore.com,
	eparis@redhat.com,
	linux-security-module@vger.kernel.org,
	audit@vger.kernel.org
Cc: jmorris@namei.org,
	serge@hallyn.com,
	keescook@chromium.org,
	john.johansen@canonical.com,
	penguin-kernel@i-love.sakura.ne.jp,
	stephen.smalley.work@gmail.com,
	linux-kernel@vger.kernel.org,
	selinux@vger.kernel.org
Subject: [PATCH v5 1/5] Audit: Create audit_stamp structure
Date: Sat, 16 Aug 2025 09:41:36 -0700
Message-ID: <20250816164140.6045-2-casey@schaufler-ca.com>
X-Mailer: git-send-email 2.50.1
In-Reply-To: <20250816164140.6045-1-casey@schaufler-ca.com>
References: <20250816164140.6045-1-casey@schaufler-ca.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Replace the timestamp and serial number pair used in audit records
with a structure containing the two elements.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 kernel/audit.c   | 17 +++++++++--------
 kernel/audit.h   | 13 +++++++++----
 kernel/auditsc.c | 22 +++++++++-------------
 3 files changed, 27 insertions(+), 25 deletions(-)

diff --git a/kernel/audit.c b/kernel/audit.c
index 61b5744d0bb6..547967cb4266 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1833,11 +1833,11 @@ unsigned int audit_serial(void)
 }
=20
 static inline void audit_get_stamp(struct audit_context *ctx,
-				   struct timespec64 *t, unsigned int *serial)
+				   struct audit_stamp *stamp)
 {
-	if (!ctx || !auditsc_get_stamp(ctx, t, serial)) {
-		ktime_get_coarse_real_ts64(t);
-		*serial =3D audit_serial();
+	if (!ctx || !auditsc_get_stamp(ctx, stamp)) {
+		ktime_get_coarse_real_ts64(&stamp->ctime);
+		stamp->serial =3D audit_serial();
 	}
 }
=20
@@ -1860,8 +1860,7 @@ struct audit_buffer *audit_log_start(struct audit_con=
text *ctx, gfp_t gfp_mask,
 				     int type)
 {
 	struct audit_buffer *ab;
-	struct timespec64 t;
-	unsigned int serial;
+	struct audit_stamp stamp;
=20
 	if (audit_initialized !=3D AUDIT_INITIALIZED)
 		return NULL;
@@ -1916,12 +1915,14 @@ struct audit_buffer *audit_log_start(struct audit_c=
ontext *ctx, gfp_t gfp_mask,
 		return NULL;
 	}
=20
-	audit_get_stamp(ab->ctx, &t, &serial);
+	audit_get_stamp(ab->ctx, &stamp);
 	/* cancel dummy context to enable supporting records */
 	if (ctx)
 		ctx->dummy =3D 0;
 	audit_log_format(ab, "audit(%llu.%03lu:%u): ",
-			 (unsigned long long)t.tv_sec, t.tv_nsec/1000000, serial);
+			 (unsigned long long)stamp.ctime.tv_sec,
+			 stamp.ctime.tv_nsec/1000000,
+			 stamp.serial);
=20
 	return ab;
 }
diff --git a/kernel/audit.h b/kernel/audit.h
index 0211cb307d30..4d6dd2588f9b 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -99,6 +99,12 @@ struct audit_proctitle {
 	char	*value;	/* the cmdline field */
 };
=20
+/* A timestamp/serial pair to identify an event */
+struct audit_stamp {
+	struct timespec64	ctime;	/* time of syscall entry */
+	unsigned int		serial;	/* serial number for record */
+};
+
 /* The per-task audit context. */
 struct audit_context {
 	int		    dummy;	/* must be the first element */
@@ -108,10 +114,9 @@ struct audit_context {
 		AUDIT_CTX_URING,	/* in use by io_uring */
 	} context;
 	enum audit_state    state, current_state;
-	unsigned int	    serial;     /* serial number for record */
+	struct audit_stamp  stamp;	/* event identifier */
 	int		    major;      /* syscall number */
 	int		    uring_op;   /* uring operation */
-	struct timespec64   ctime;      /* time of syscall entry */
 	unsigned long	    argv[4];    /* syscall arguments */
 	long		    return_code;/* syscall return code */
 	u64		    prio;
@@ -263,7 +268,7 @@ extern void audit_put_tty(struct tty_struct *tty);
 extern unsigned int audit_serial(void);
 #ifdef CONFIG_AUDITSYSCALL
 extern int auditsc_get_stamp(struct audit_context *ctx,
-			      struct timespec64 *t, unsigned int *serial);
+			     struct audit_stamp *stamp);
=20
 extern void audit_put_watch(struct audit_watch *watch);
 extern void audit_get_watch(struct audit_watch *watch);
@@ -304,7 +309,7 @@ extern void audit_filter_inodes(struct task_struct *tsk,
 				struct audit_context *ctx);
 extern struct list_head *audit_killed_trees(void);
 #else /* CONFIG_AUDITSYSCALL */
-#define auditsc_get_stamp(c, t, s) 0
+#define auditsc_get_stamp(c, s) 0
 #define audit_put_watch(w) do { } while (0)
 #define audit_get_watch(w) do { } while (0)
 #define audit_to_watch(k, p, l, o) (-EINVAL)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 78fd876a5473..528b6d2f5cb0 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -994,10 +994,10 @@ static void audit_reset_context(struct audit_context =
*ctx)
 	 */
=20
 	ctx->current_state =3D ctx->state;
-	ctx->serial =3D 0;
+	ctx->stamp.serial =3D 0;
+	ctx->stamp.ctime =3D (struct timespec64){ .tv_sec =3D 0, .tv_nsec =3D 0 };
 	ctx->major =3D 0;
 	ctx->uring_op =3D 0;
-	ctx->ctime =3D (struct timespec64){ .tv_sec =3D 0, .tv_nsec =3D 0 };
 	memset(ctx->argv, 0, sizeof(ctx->argv));
 	ctx->return_code =3D 0;
 	ctx->prio =3D (ctx->state =3D=3D AUDIT_STATE_RECORD ? ~0ULL : 0);
@@ -1917,7 +1917,7 @@ void __audit_uring_entry(u8 op)
=20
 	ctx->context =3D AUDIT_CTX_URING;
 	ctx->current_state =3D ctx->state;
-	ktime_get_coarse_real_ts64(&ctx->ctime);
+	ktime_get_coarse_real_ts64(&ctx->stamp.ctime);
 }
=20
 /**
@@ -2039,7 +2039,7 @@ void __audit_syscall_entry(int major, unsigned long a=
1, unsigned long a2,
 	context->argv[3]    =3D a4;
 	context->context =3D AUDIT_CTX_SYSCALL;
 	context->current_state  =3D state;
-	ktime_get_coarse_real_ts64(&context->ctime);
+	ktime_get_coarse_real_ts64(&context->stamp.ctime);
 }
=20
 /**
@@ -2508,21 +2508,17 @@ EXPORT_SYMBOL_GPL(__audit_inode_child);
 /**
  * auditsc_get_stamp - get local copies of audit_context values
  * @ctx: audit_context for the task
- * @t: timespec64 to store time recorded in the audit_context
- * @serial: serial value that is recorded in the audit_context
+ * @stamp: timestamp to record
  *
  * Also sets the context as auditable.
  */
-int auditsc_get_stamp(struct audit_context *ctx,
-		       struct timespec64 *t, unsigned int *serial)
+int auditsc_get_stamp(struct audit_context *ctx, struct audit_stamp *stamp)
 {
 	if (ctx->context =3D=3D AUDIT_CTX_UNUSED)
 		return 0;
-	if (!ctx->serial)
-		ctx->serial =3D audit_serial();
-	t->tv_sec  =3D ctx->ctime.tv_sec;
-	t->tv_nsec =3D ctx->ctime.tv_nsec;
-	*serial    =3D ctx->serial;
+	if (!ctx->stamp.serial)
+		ctx->stamp.serial =3D audit_serial();
+	*stamp =3D ctx->stamp;
 	if (!ctx->prio) {
 		ctx->prio =3D 1;
 		ctx->current_state =3D AUDIT_STATE_RECORD;
--=20
2.50.1
From nobody Mon Sep 15 20:49:56 2025
Received: from sonic315-26.consmr.mail.ne1.yahoo.com
 (sonic315-26.consmr.mail.ne1.yahoo.com [66.163.190.152])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3B65228D85D
	for <linux-kernel@vger.kernel.org>; Sat, 16 Aug 2025 16:41:58 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=66.163.190.152
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755362522; cv=none;
 b=CgxxiC1vZp9wGHTZI9Mr6WOwQ41i73ssk7Jc8ROGrOx91BrJOiBuaYdMcKdZAbqJvmJAFNTm1Tw0/yziuZkC0H2eJLpsslXiiiEwpHByl/tsFNhfShdhbkuX6NwKAFemKYDNvp/0FyBGh5ivI5luPlBDTbJjrpkN4ex8HMVFOoU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755362522; c=relaxed/simple;
	bh=6PjmHY4cpAHpOARa8kLOQ1jiAFaJnl7h2LGdmKUvhLw=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=srXMFmUc4K3bjcIFx5mMqtiGSrutW/YwkmCmT2eA7DARZxU0puRUZkCneXjlu0FLslMiphwPz4rs3HoLTDH//RE7UGmkss3NmHUc3pdLyaPsztJAV+IuFISHS8h+5FNuj5xqXQmPcVi8MWNp9y5tMX1oylTxmdYYz6j3xZILbdI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com;
 spf=none smtp.mailfrom=schaufler-ca.com;
 dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b=VuepXiiW; arc=none smtp.client-ip=66.163.190.152
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=none smtp.mailfrom=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b="VuepXiiW"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362518; bh=jQ2l4IGcb1jUpQ9XYp/bJiyWkpV23maYwL0DEquE310=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To;
 b=VuepXiiWT/d8fQX3So9J8c9IGbd+aUts4mcQbnvnxVoQsNv1y8855dOkw1OOuVqcRMXmfrhtyhP1kFtwW+9NLiCDA4gGJ2EKRr5yyPA3EBTF/NM7a7xfZhLycd8sH1BJUm/wjGUxhbEhtbOr+iHpHOXnNlS3uB2NhobrtdqaDPbSpzayMpX2GEdslSsYC8JDhlvN/eONcsrysNrr8YixWI2oXVWiz8TDerwzjm6UNrkO5O4XNCZXkO3pf2K+HqVwgeNvgbJO0jG/djkd4wVhqZM39Q+p5Me7i+LdDa2lSL7Ful+8GA5+64z/wos4+vSaibzeI2V3KDYHcQYDokSp3Q==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362518; bh=dVN8Tud5OvumkkgcAUJiq43P1jr1vQUmWD1mB6HrNVm=;
 h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
 b=WRKAHU3TxAWgqoxMst709ojdjE/8MzYyGGQZ5k7zRM3s5mOWfgXddrZptSz36PdrFo8n/6Oi0PIdo68gYF9Oubh1MeuE3lHqZzBRwWKtYsSVSn8Bue/ONw2hgMUlRl6uylg2lDLP0VI1g+nNzPmTRZgr1sYcaRmQKnuD18O+juavBJIVD0RiIAi0z6qQh3taSv9H3tIWUa0+6rfFYVkHZGWmJG2cIJRKPg6xGXl5FmCJzETkZPYvidZTpPlIUXZs83ur36wpqGQeJMdZHEigd7dtq7KrpgwhBOuQEG9w2DAVqNPAvqvDOeOGBIiRmDp7uyUq1+sDWhS2ffWzcCKBNg==
X-YMail-OSG: qAUq0WAVM1ltfFDokGvW1INue4gnqrSZaKufFroNcnoL2NWj3aJK67KgBnfpwQQ
 NbyHXUYKG8v6mTzu3TzD7m7mB7HF_4MYc8BLN5Ngp27tEW_UR.4ByyqCdOnUOjswxJulBsb0V9G0
 UpJNdJRPWd5zEfub_L5CQuyqQa5YlOcM_hIF3fxArX2Nx1tlUG2ymqF2nhxmvr8fCputo.gwgRBv
 3LSKpkxzOO5cr9by1HjjB2qFJdlKfW1fMGQvVQrz7qtRP3oE5FLhWFe2IqYuJlE3C1MV9ZmJI4Ky
 El_7KDWzXAtX83jHD.7SojEi.VZp7XIhDn6SBLIyWbj8f6bkkD1KJSbPtJaUcryrIkvJROFR5DHH
 aGEZhqJm1xWXE.a3qHemkIGvm5aIBq0eXFYQNa9I5.tL0Cm9KYeKwGr1lomGJ7HsgSdh8DB5hOoW
 YQ.vBxcUT_jXplU8T9vEl7FeAreVlHDoOTASR4dDEGcCkx2a.KiGJcc8JX8cLz8_UK67WlhQfSAX
 yDxPcnV0_GYbVcWDfcXc6Q2cJhKIV2F60j6MDajYXaa6HdWTVCw9BlMMZa9_eHudD208LHsKwt55
 mcWxIhnQyfS.ilZt8K7BLLGMF6UYeYgHipOU52NyhX1rtZ4gdGXFBAw1NNX5Dd4nA7E.jwlZJ.h_
 64RstEZHNjfM98tPyN0JGx9l487tUfYvicUgTdKqQi0mSYvdQ3kp8K8UVxdAIkTl.bLaTvgoV2fD
 xrxkGw0fPDbg8U5Jw5MQjloi53k2GhC8FxOJJiAJ_nXmIrcEMryjt9SO7aIAahd.ubXsYqNiAm72
 nAFt2yznDZ1QkjTgYylHIRGeUMOjWMHkoG7HwO2_os95TRcAJRqzr35Y9ISIHgc2wW_tB0Iz553G
 SYxPM8NRi_wIn13m576vw4ormi7lnlIWOSJeDLX1qr2OSAttkyBg.DsylkvANAYJNKEdOqLPuelh
 0kSPAHtOHzpyzEweXcPbrLxeAY2u_djkQebI7Zgusc0.e9WIdYixQSuok.954yTodnomHZj4.ZMy
 0Hs4fT.5NIZQ_7m67sDphJ3O6H.orspF3SnEYlejZokZkUd13_qHnCwS.Ttkql.r2pjz39vRE5fR
 8Gdb4jAmgoOXedMjMtHqHQfMY4cKRGtXMwVwHT_1bIZ3cheMc3K0_9GMeHavpH9JwMiQeb1tNOUs
 hb.yAtZpmpAlb09hgQJwvEdXPPDuqQ6ehYKCFCQ2HF5lZA9C0MmRSr8VWH.TiWxWfZLEaNdzd2CN
 bjKN83ltZ_jZUauYrNWQc.XiSteRXoo6mla4Dx4q8T9jeFTQKe1kwKK67gBDBjKIcgb3K10DvjX_
 QkQAFybYkPlVkfZnlgMzkUryYS4_bAmNwB_l7leyYOQ.C_b_EUtn_6UOE38cHf_.g.UTYqHRk527
 kQmgwo8SalBKaV4GeROJ6eIyXl3bht7X2uCsTKtYorwvQeSGiq86LTAmzfYOHkojpzDwTxiy2LE2
 qUIPrjt5JqNx64TlIuYQewD4eAM.idHtj3Uc3d969rMIEzGMgLkgIrZWxkULS70AFGM2O.vSuGqI
 Iapp2X.EDlDtmmzDY9vh6ibl.y1xIPIBWR9RgutWKJT9hNJ5bYmqtGa3EIBKPxALv3I_em8EOUNI
 0EsZ3Svqc8eXP9r2mLMVfGQLmvPny1s6DVPyqYPh56vwHyLZnXKny5G9otpfGLx9R.n0w.9ji7IU
 Y9L2gkHutSg7B3uIbMYCpd.1xsSsjnGRzC4LDX4xKVguEOIkww4xRMjXmfefu6xBIMpOP9Zs5POF
 5qc8Gue4aD_ZZi7KWWNKUTtiMPoKgdxgTkyHWPbYLD0la5nrXTJtRTWMnOrOhgYhFycRLJro8Dry
 kWPnpbwni.rtpjqfL36sXuTUEX6ZythgJDVT0Kh_SgnYkxSBiECDKuYueQq_H0uvLpdfSsmHevgd
 tH7gVuraQddv_KhCl62UfXx_iQAsydAbv3toY7Zyc5.bStSAKrOGa1XPEdD2LHRbGA_EqLT9bdlW
 Ogua8ysIF9CjPppIfrPSk4tUx_zFavfd9vg_Ba49kYP1sLRedgEDW1UKihwEF5CPsfw1rACGdDjt
 Fp6XvjnOCFNvz4aKv5vVvyuNorTjmO35qGngXYgQbSGGQw9D.A4wOJ6hTjrdXDA59sm71Aje4wZV
 PgsRhKaihdT3jK5PzqPuzliycPkHJRM0p3LK8t5na.cbkkwVa4tLoGQ6wioVOoXTf36H1rFpn5Hc
 Ffk0Sj7Z.cpXsAc_7wa.ilCqMZzixpMoDiajboggJXMSNQrgvZr3cWxowEkfVOz0JpS5gt7ub_9L
 _BR5d25ARFoupawjGjzbxpQNhgkI-
X-Sonic-MF: <casey@schaufler-ca.com>
X-Sonic-ID: cb959517-86d2-44bb-8bad-46ddce210943
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic315.consmr.mail.ne1.yahoo.com with HTTP; Sat, 16 Aug 2025 16:41:58 +0000
Received: by hermes--production-gq1-74d64bb7d7-5qmwx (Yahoo Inc. Hermes SMTP
 Server) with ESMTPA ID 12cf07a2fbb9800c7a9ea9632f3a0835;
          Sat, 16 Aug 2025 16:41:55 +0000 (UTC)
From: Casey Schaufler <casey@schaufler-ca.com>
To: casey@schaufler-ca.com,
	paul@paul-moore.com,
	eparis@redhat.com,
	linux-security-module@vger.kernel.org,
	audit@vger.kernel.org
Cc: jmorris@namei.org,
	serge@hallyn.com,
	keescook@chromium.org,
	john.johansen@canonical.com,
	penguin-kernel@i-love.sakura.ne.jp,
	stephen.smalley.work@gmail.com,
	linux-kernel@vger.kernel.org,
	selinux@vger.kernel.org
Subject: [PATCH v5 2/5] LSM: security_lsmblob_to_secctx module selection
Date: Sat, 16 Aug 2025 09:41:37 -0700
Message-ID: <20250816164140.6045-3-casey@schaufler-ca.com>
X-Mailer: git-send-email 2.50.1
In-Reply-To: <20250816164140.6045-1-casey@schaufler-ca.com>
References: <20250816164140.6045-1-casey@schaufler-ca.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add a parameter lsmid to security_lsmblob_to_secctx() to identify which
of the security modules that may be active should provide the security
context. If the value of lsmid is LSM_ID_UNDEF the first LSM providing
a hook is used. security_secid_to_secctx() is unchanged, and will
always report the first LSM providing a hook.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 include/linux/security.h     |  6 ++++--
 kernel/audit.c               |  4 ++--
 kernel/auditsc.c             |  8 +++++---
 net/netlabel/netlabel_user.c |  3 ++-
 security/security.c          | 18 ++++++++++++++++--
 5 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index c032ec4e95ff..5fbe38521938 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -564,7 +564,8 @@ int security_getprocattr(struct task_struct *p, int lsm=
id, const char *name,
 int security_setprocattr(int lsmid, const char *name, void *value, size_t =
size);
 int security_ismaclabel(const char *name);
 int security_secid_to_secctx(u32 secid, struct lsm_context *cp);
-int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *=
cp);
+int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *=
cp,
+			       int lsmid);
 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
 void security_release_secctx(struct lsm_context *cp);
 void security_inode_invalidate_secctx(struct inode *inode);
@@ -1536,7 +1537,8 @@ static inline int security_secid_to_secctx(u32 secid,=
 struct lsm_context *cp)
 }
=20
 static inline int security_lsmprop_to_secctx(struct lsm_prop *prop,
-					     struct lsm_context *cp)
+					     struct lsm_context *cp,
+					     int lsmid)
 {
 	return -EOPNOTSUPP;
 }
diff --git a/kernel/audit.c b/kernel/audit.c
index 547967cb4266..226c8ae00d04 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1473,7 +1473,7 @@ static int audit_receive_msg(struct sk_buff *skb, str=
uct nlmsghdr *nlh,
 	case AUDIT_SIGNAL_INFO:
 		if (lsmprop_is_set(&audit_sig_lsm)) {
 			err =3D security_lsmprop_to_secctx(&audit_sig_lsm,
-							 &lsmctx);
+							 &lsmctx, LSM_ID_UNDEF);
 			if (err < 0)
 				return err;
 		}
@@ -2188,7 +2188,7 @@ int audit_log_task_context(struct audit_buffer *ab)
 	if (!lsmprop_is_set(&prop))
 		return 0;
=20
-	error =3D security_lsmprop_to_secctx(&prop, &ctx);
+	error =3D security_lsmprop_to_secctx(&prop, &ctx, LSM_ID_UNDEF);
 	if (error < 0) {
 		if (error !=3D -EINVAL)
 			goto error_path;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 528b6d2f5cb0..322d4e27f28e 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1109,7 +1109,7 @@ static int audit_log_pid_context(struct audit_context=
 *context, pid_t pid,
 			 from_kuid(&init_user_ns, auid),
 			 from_kuid(&init_user_ns, uid), sessionid);
 	if (lsmprop_is_set(prop)) {
-		if (security_lsmprop_to_secctx(prop, &ctx) < 0) {
+		if (security_lsmprop_to_secctx(prop, &ctx, LSM_ID_UNDEF) < 0) {
 			audit_log_format(ab, " obj=3D(none)");
 			rc =3D 1;
 		} else {
@@ -1395,7 +1395,8 @@ static void show_special(struct audit_context *contex=
t, int *call_panic)
 			struct lsm_context lsmctx;
=20
 			if (security_lsmprop_to_secctx(&context->ipc.oprop,
-						       &lsmctx) < 0) {
+						       &lsmctx,
+						       LSM_ID_UNDEF) < 0) {
 				*call_panic =3D 1;
 			} else {
 				audit_log_format(ab, " obj=3D%s", lsmctx.context);
@@ -1560,7 +1561,8 @@ static void audit_log_name(struct audit_context *cont=
ext, struct audit_names *n,
 	if (lsmprop_is_set(&n->oprop)) {
 		struct lsm_context ctx;
=20
-		if (security_lsmprop_to_secctx(&n->oprop, &ctx) < 0) {
+		if (security_lsmprop_to_secctx(&n->oprop, &ctx,
+					       LSM_ID_UNDEF) < 0) {
 			if (call_panic)
 				*call_panic =3D 2;
 		} else {
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 0d04d23aafe7..6d6545297ee3 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -98,7 +98,8 @@ struct audit_buffer *netlbl_audit_start_common(int type,
 			 audit_info->sessionid);
=20
 	if (lsmprop_is_set(&audit_info->prop) &&
-	    security_lsmprop_to_secctx(&audit_info->prop, &ctx) > 0) {
+	    security_lsmprop_to_secctx(&audit_info->prop, &ctx,
+				       LSM_ID_UNDEF) > 0) {
 		audit_log_format(audit_buf, " subj=3D%s", ctx.context);
 		security_release_secctx(&ctx);
 	}
diff --git a/security/security.c b/security/security.c
index 8a4e0f70e49d..2cc832dc8a45 100644
--- a/security/security.c
+++ b/security/security.c
@@ -3774,17 +3774,31 @@ EXPORT_SYMBOL(security_secid_to_secctx);
  * security_lsmprop_to_secctx() - Convert a lsm_prop to a secctx
  * @prop: lsm specific information
  * @cp: the LSM context
+ * @lsmid: which security module to report
  *
  * Convert a @prop entry to security context.  If @cp is NULL the
  * length of the result will be returned. This does mean that the
  * length could change between calls to check the length and the
  * next call which actually allocates and returns the @cp.
  *
+ * @lsmid identifies which LSM should supply the context.
+ * A value of LSM_ID_UNDEF indicates that the first LSM suppling
+ * the hook should be used. This is used in cases where the
+ * ID of the supplying LSM is unambiguous.
+ *
  * Return: Return length of data on success, error on failure.
  */
-int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *=
cp)
+int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *=
cp,
+			       int lsmid)
 {
-	return call_int_hook(lsmprop_to_secctx, prop, cp);
+	struct lsm_static_call *scall;
+
+	lsm_for_each_hook(scall, lsmprop_to_secctx) {
+		if (lsmid !=3D LSM_ID_UNDEF && lsmid !=3D scall->hl->lsmid->id)
+			continue;
+		return scall->hl->hook.lsmprop_to_secctx(prop, cp);
+	}
+	return LSM_RET_DEFAULT(lsmprop_to_secctx);
 }
 EXPORT_SYMBOL(security_lsmprop_to_secctx);
=20
--=20
2.50.1
From nobody Mon Sep 15 20:49:56 2025
Received: from sonic315-26.consmr.mail.ne1.yahoo.com
 (sonic315-26.consmr.mail.ne1.yahoo.com [66.163.190.152])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3B6BB2D7D53
	for <linux-kernel@vger.kernel.org>; Sat, 16 Aug 2025 16:41:58 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=66.163.190.152
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755362523; cv=none;
 b=TU4Ygulbtg7Ns8BWV9Ox76+0y0qX0lc1C+KU4UhltPHm58HWMbX5jm8SKq9lVjhivRl4OxC0HV0CEp2dKIy9XDn+TVLhrfgjZyL/cGcbGNUkpO9hL9LaeQzWxS/Rgh7jPibhHBz+4VhM76h8Rpe1ow5JdLJNytlpdMc9SwQe2Bg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755362523; c=relaxed/simple;
	bh=RZsczI2qKPb6wpwHpGXqFXe64UEJThjrE35pdwN6uMQ=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=nPuZu7ZbXbS5Y/lO6q2t8X+Pg7K0tIJxz5gnBCdo9q1NkT+c3R2qNflXYi4hnuOthkhxKeD8YRVOWYU3TmQr6RBFOXusOGXFYqcpElE1WTRQlLnM9aWRPZXDe7yaBrb2VBBggy7D8tirmmWUKTXb0nsfI26zWR492LrD4e5t+mk=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com;
 spf=none smtp.mailfrom=schaufler-ca.com;
 dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b=re0fXTH4; arc=none smtp.client-ip=66.163.190.152
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=none smtp.mailfrom=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b="re0fXTH4"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362518; bh=NmjJjDbE529xR/k66oAME0ljhZKXuXg4AmefI3c/uRQ=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To;
 b=re0fXTH4kSYu/JM1fGphiwF4bV52KMjDepQNFsy8wFLnQvAxNX1/ur90ErBM7nbp2b4a+lqykn+z8IDlYGj8USMtGFLN1fGkDbA2lkATxIPvos4LXumCscGkVov7qnapylMxLb8ouk/9z5OhZMnXuJqk59j7a7LNiqL690HSUyFFjorH6gJNk59z2ElkDXhNMfvm9pRBDo3fo1a652n0rvqrs//BqhODPwjYxdff6p3t9g+w3vDVG2pAzfORdp/3VGn07NG3O6VjEnAdqHe1AGd7KtrR9P5yNSo8IABEvfxnHBjHClVuLKiPvxyhbrxntlw9Il3Pgx3YT1uRjiot7g==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362518; bh=qAaTLdTCQS2iAeMJSuFXi36jMuNK7Bk80/D13ofdbXg=;
 h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
 b=je0Xn2sHgiOTqeYsQimXoRGjYQEH1oM6iAZI1mNLetsKVniqi9LHVrVCsGfLg0MqhkVLGmxODCJoG1xMZO8l68oMbJ7s/lcWiIzIpY0xXSK/c15BXyyb3k3YTJewBsRMDj2QdYN43h8sS0eBtvC3uM1RqjQfNZOgX14oa3zqMX0Gf7gFV63OfnDPq7Qm+Hd5z2HavDMZrFwFikODNlwJdJx97NzvQnYW3Y8RVpQIOKvKxN2HLVV0fgY1gTsex5NeKquBQmXogC23UVg+pDckIaHNEUQBa20r/ec/HFZZxEgIy/j1CpLN389+VNWS1EcVlDd1fDtw8YQ/Nm1a1nh18A==
X-YMail-OSG: 2OeQPGkVM1n9j7.a2ZnWVyhRc8fSQlbK4EfLvyL5MF7ePVeUad3JE9D6rqOsxxU
 XEqNVNBBxbOfTLdWAcU1h7gh.fj9e7O4SVdZw5MJIae0_gN0fR0Eep0DdlEzl5PYrg7DfH_QPSYn
 24buimFANtXhnF5ARxI7peN2AbbyhEXLVCo0WmiFsqWZx.nL7yesbfk6SKB9hyHwcjuLDsNhfz6P
 I7fa2deEx60jhKXaggRpBHkJghCN3D9hDAOO6u0UyKSW.DJb_6At.VxO06JCllKVYRZJGv2JC6Ln
 lkDYUximOI0Py9BSOZFn.L4IWGWHf1mKTcCOYieEd.NgpwRYMyihMJwh_7kHXQb5J3kswtLqJZig
 .oJW80yVa7Qzrhw975wy7fUNcnQuDjbC8i5igqnZKN6h8roXNcvsfNZgCUQISzDE7s4plx5JPKye
 Od8hIGOiykZLObShe7eJH_N3HIJ29VgHJcqRGz3_Ftw1pUZ9U5INQ04atVr4.9nTDIVNHNf8u.xH
 GWhWW0wqEKzWY7bWDk51rhM7whoJ004FMuPgMf0s8eLDwMuN267vLhkRIH42hQE6DiXnmoazTkE.
 rQX7u0oPpPjX512AfS57KkJdIyUNEt5U.aF5UmYX6yoavoDHkGxoEwR4r9ceZgwwnajbl3ZL40NQ
 JsytZYWRHcMN9nDXrzbFLFC8i3nDPm2.7Y_ea4e6rPTQHeBr2.Rdp3OYQESwR1.3m25RRjEOlRcq
 caaU9ajKCMK0zZHdLp_HnR8UOAnRMNrrHB2i2NxEAQq3LKt9dToFfYTJH.IJX0iCKKaf.oZOWwqa
 ISdfG8rYryYGjdt7Wm3B_g8l7TbPFULaTgT5_CXSxOOGF.GMs6SqPXneEJ0Rd1XoVh0SqBl1Zm3o
 KiVPakHptD83yPNDGN7LixCpKf7m25NX8IbNmNxyy3qPog_A1rIlFXjri6UmmEgbkuxX_k2bcH82
 yQjbxVdeyV4CLhIGX8ZrBJtEtDM8nnGBTxQKyFj5Q5KVnzzB.zJPGTYTeG2FcrWtMySUhQvAEwyK
 piTAVIGMWO3nyH6JxL3L4I5l6bbuPfhgxqYNmlSi3gPavbms01p6aD.gNyDx8Ox7cA9Nu4UXhhsE
 aC5dJH8QO7EYeqpXo1tRMFn9aedWzsOxtDDXLc9V0HJhGC9hyQESjR0jqCBFPRPYw7X0UUu8X5u8
 IYKdYO_GamdYtXqXgjK7iHuxQ9ACkE_E9dvLsyy5LOvsWuigXkOOVSdxoc5eKwFK.dm0ZtMZ8q5P
 gUtOpfuxUHzkB0vRveg13IqFljVZ3EZaBNCNw_yXmc93hgS4fbplfnn6MtsLq7gd_qnNN6gDHeJL
 LiRDOT36WOJYZqLHqettFW3PDQs.iYSy.4pTh1DrvIiJm4fPD8N9zKlM_.F_ddFme01i8FzZKX7x
 gsevifcSIp1SrLlAwWP1icVc4vVTL.ZccJR5XPe09VgSJkVGvU18MgBNxAm39kSL0jqLeu6bZnCh
 jbTTaWqzTASjiKKcUXbPV2avtpc1kbqmPdp0MJcX_9k5jj_xvPB_KGv.Rk349Szs4ZNfKJGwyseJ
 _iu1GoGqLAzuN7QLLm1NB44XoMO5R52SBbBB.kgwnIztBeORw7stIJHa_oOmxAKrdObToSdTKpzM
 Kii6tyNhpZgEWsycUMEWot9_VrxbKDtZOpMgTx1n.ALzhuGW4WUgPk50yLaCvGXeHhxxjmMMOQjN
 IMmW8qQrLFJ3JQ897WHmgWfO5nZzd_ug72NNDEEsvA1BFA3n0sb9Q5FhgCL.k2b2vXXZ_0ldVeWp
 aSdUkHUQdwBnCjic3qm_mYcuf6VSuzSvFvGRjGpm244i_jyjLrXXjEd7pQeOEuZOK5jdMECsRcTm
 pN.Jl8O3f0C0Avkd3H2ztFmoj6Iu0raf_zOThg9y_lY7uL1TLieJ92OU8kNGXN5ARQ2oTJFGGs2i
 6s63NPyKQTzanIo_0EvBV0rTIBCyV7_hOzQ8p.N8lRnFycw7EXR4pseuBHVZ6x3ADGkZ1fVP_17J
 dZRVqzbTI5cN8Q7k9g.68nw9kv8o0ayj6oiTi0ulk7dkNTDuIJVsdrW8paDTzLSv2KciM3XLg8EW
 n8RQ.SPdlxN.Bp_8mLefTg4Otm2LtRlzjkRrwrCkJa1Wp1J8MiE9V9I8HaCUw5kPf8_eoMoS_Wip
 wNkaekkBNnh8mwd5LTNdX4om_KokXnNrXBaR6Ml4HN9Ix1yBiDIwUkmI3gtvwG0mQn_Y8JdxRx1m
 liBTDpsHV9RPTFVv5nzcXs_UqKFSY8r8uIXRp1dHPlfq0_tVs.ELvVPBmFr_U6lHmgW8GGoZ5CzJ
 tRKx4Uy0vyO0CoZa8YDNrZzbusg5.
X-Sonic-MF: <casey@schaufler-ca.com>
X-Sonic-ID: 1e946f18-5119-436b-875c-4cf553b1f614
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic315.consmr.mail.ne1.yahoo.com with HTTP; Sat, 16 Aug 2025 16:41:58 +0000
Received: by hermes--production-gq1-74d64bb7d7-5qmwx (Yahoo Inc. Hermes SMTP
 Server) with ESMTPA ID 12cf07a2fbb9800c7a9ea9632f3a0835;
          Sat, 16 Aug 2025 16:41:57 +0000 (UTC)
From: Casey Schaufler <casey@schaufler-ca.com>
To: casey@schaufler-ca.com,
	paul@paul-moore.com,
	eparis@redhat.com,
	linux-security-module@vger.kernel.org,
	audit@vger.kernel.org
Cc: jmorris@namei.org,
	serge@hallyn.com,
	keescook@chromium.org,
	john.johansen@canonical.com,
	penguin-kernel@i-love.sakura.ne.jp,
	stephen.smalley.work@gmail.com,
	linux-kernel@vger.kernel.org,
	selinux@vger.kernel.org
Subject: [PATCH v5 3/5] Audit: Add record for multiple task security contexts
Date: Sat, 16 Aug 2025 09:41:38 -0700
Message-ID: <20250816164140.6045-4-casey@schaufler-ca.com>
X-Mailer: git-send-email 2.50.1
In-Reply-To: <20250816164140.6045-1-casey@schaufler-ca.com>
References: <20250816164140.6045-1-casey@schaufler-ca.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Replace the single skb pointer in an audit_buffer with a list of
skb pointers. Add the audit_stamp information to the audit_buffer as
there's no guarantee that there will be an audit_context containing
the stamp associated with the event. At audit_log_end() time create
auxiliary records as have been added to the list. Functions are
created to manage the skb list in the audit_buffer.

Create a new audit record AUDIT_MAC_TASK_CONTEXTS.
An example of the MAC_TASK_CONTEXTS record is:

    type=3DMAC_TASK_CONTEXTS
    msg=3Daudit(1600880931.832:113)
    subj_apparmor=3Dunconfined
    subj_smack=3D_

When an audit event includes a AUDIT_MAC_TASK_CONTEXTS record the
"subj=3D" field in other records in the event will be "subj=3D?".
An AUDIT_MAC_TASK_CONTEXTS record is supplied when the system has
multiple security modules that may make access decisions based on a
subject security context.

Refactor audit_log_task_context(), creating a new audit_log_subj_ctx().
This is used in netlabel auditing to provide multiple subject security
contexts as necessary.

Suggested-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 include/linux/audit.h        |  16 +++
 include/uapi/linux/audit.h   |   1 +
 kernel/audit.c               | 207 +++++++++++++++++++++++++++++------
 net/netlabel/netlabel_user.c |   9 +-
 security/apparmor/lsm.c      |   3 +
 security/lsm.h               |   4 -
 security/lsm_init.c          |   5 -
 security/security.c          |   3 -
 security/selinux/hooks.c     |   3 +
 security/smack/smack_lsm.c   |   3 +
 10 files changed, 202 insertions(+), 52 deletions(-)

diff --git a/include/linux/audit.h b/include/linux/audit.h
index 0050ef288ab3..fb54c1119947 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -37,6 +37,8 @@ struct audit_watch;
 struct audit_tree;
 struct sk_buff;
 struct kern_ipc_perm;
+struct lsm_id;
+struct lsm_prop;
=20
 struct audit_krule {
 	u32			pflags;
@@ -147,6 +149,9 @@ extern unsigned compat_signal_class[];
 #define AUDIT_TTY_ENABLE	BIT(0)
 #define AUDIT_TTY_LOG_PASSWD	BIT(1)
=20
+/* bit values for audit_cfg_lsm */
+#define AUDIT_CFG_LSM_SECCTX_SUBJECT	BIT(0)
+
 struct filename;
=20
 #define AUDIT_OFF	0
@@ -185,6 +190,7 @@ extern void		    audit_log_path_denied(int type,
 						  const char *operation);
 extern void		    audit_log_lost(const char *message);
=20
+extern int audit_log_subj_ctx(struct audit_buffer *ab, struct lsm_prop *pr=
op);
 extern int audit_log_task_context(struct audit_buffer *ab);
 extern void audit_log_task_info(struct audit_buffer *ab);
=20
@@ -210,6 +216,8 @@ extern u32 audit_enabled;
=20
 extern int audit_signal_info(int sig, struct task_struct *t);
=20
+extern void audit_cfg_lsm(const struct lsm_id *lsmid, int flags);
+
 #else /* CONFIG_AUDIT */
 static inline __printf(4, 5)
 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
@@ -245,6 +253,11 @@ static inline void audit_log_key(struct audit_buffer *=
ab, char *key)
 { }
 static inline void audit_log_path_denied(int type, const char *operation)
 { }
+static inline int audit_log_subj_ctx(struct audit_buffer *ab,
+				     struct lsm_prop *prop)
+{
+	return 0;
+}
 static inline int audit_log_task_context(struct audit_buffer *ab)
 {
 	return 0;
@@ -269,6 +282,9 @@ static inline int audit_signal_info(int sig, struct tas=
k_struct *t)
 	return 0;
 }
=20
+static inline void audit_cfg_lsm(const struct lsm_id *lsmid, int flags)
+{ }
+
 #endif /* CONFIG_AUDIT */
=20
 #ifdef CONFIG_AUDIT_COMPAT_GENERIC
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 9a4ecc9f6dc5..8cad2f307719 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -148,6 +148,7 @@
 #define AUDIT_IPE_POLICY_LOAD	1422	/* IPE policy load */
 #define AUDIT_LANDLOCK_ACCESS	1423	/* Landlock denial */
 #define AUDIT_LANDLOCK_DOMAIN	1424	/* Landlock domain status */
+#define AUDIT_MAC_TASK_CONTEXTS	1425	/* Multiple LSM task contexts */
=20
 #define AUDIT_FIRST_KERN_ANOM_MSG   1700
 #define AUDIT_LAST_KERN_ANOM_MSG    1799
diff --git a/kernel/audit.c b/kernel/audit.c
index 226c8ae00d04..c7dea6bfacdd 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -54,6 +54,7 @@
 #include <net/netlink.h>
 #include <linux/skbuff.h>
 #include <linux/security.h>
+#include <linux/lsm_hooks.h>
 #include <linux/freezer.h>
 #include <linux/pid_namespace.h>
 #include <net/netns/generic.h>
@@ -81,6 +82,11 @@ static u32	audit_failure =3D AUDIT_FAIL_PRINTK;
 /* private audit network namespace index */
 static unsigned int audit_net_id;
=20
+/* Number of modules that provide a security context.
+   List of lsms that provide a security context */
+static u32 audit_subj_secctx_cnt;
+static const struct lsm_id *audit_subj_lsms[MAX_LSM_COUNT];
+
 /**
  * struct audit_net - audit private network namespace data
  * @sk: communication socket
@@ -195,8 +201,10 @@ static struct audit_ctl_mutex {
  * to place it on a transmit queue.  Multiple audit_buffers can be in
  * use simultaneously. */
 struct audit_buffer {
-	struct sk_buff       *skb;	/* formatted skb ready to send */
+	struct sk_buff       *skb;	/* the skb for audit_log functions */
+	struct sk_buff_head  skb_list;	/* formatted skbs, ready to send */
 	struct audit_context *ctx;	/* NULL or associated context */
+	struct audit_stamp   stamp;	/* audit stamp for these records */
 	gfp_t		     gfp_mask;
 };
=20
@@ -278,6 +286,27 @@ static pid_t auditd_pid_vnr(void)
 	return pid;
 }
=20
+/**
+ * audit_cfg_lsm - Identify a security module as providing a secctx.
+ * @lsmid: LSM identity
+ * @flags: which contexts are provided
+ *
+ * Description:
+ * Increments the count of the security modules providing a secctx.
+ * If the LSM id is already in the list leave it alone.
+ */
+void audit_cfg_lsm(const struct lsm_id *lsmid, int flags)
+{
+	int i;
+
+	if (flags & AUDIT_CFG_LSM_SECCTX_SUBJECT) {
+		for (i =3D 0 ; i < audit_subj_secctx_cnt; i++)
+			if (audit_subj_lsms[i] =3D=3D lsmid)
+				return;
+		audit_subj_lsms[audit_subj_secctx_cnt++] =3D lsmid;
+	}
+}
+
 /**
  * audit_get_sk - Return the audit socket for the given network namespace
  * @net: the destination network namespace
@@ -1776,10 +1805,13 @@ __setup("audit_backlog_limit=3D", audit_backlog_lim=
it_set);
=20
 static void audit_buffer_free(struct audit_buffer *ab)
 {
+	struct sk_buff *skb;
+
 	if (!ab)
 		return;
=20
-	kfree_skb(ab->skb);
+	while ((skb =3D skb_dequeue(&ab->skb_list)))
+		kfree_skb(skb);
 	kmem_cache_free(audit_buffer_cache, ab);
 }
=20
@@ -1795,6 +1827,10 @@ static struct audit_buffer *audit_buffer_alloc(struc=
t audit_context *ctx,
 	ab->skb =3D nlmsg_new(AUDIT_BUFSIZ, gfp_mask);
 	if (!ab->skb)
 		goto err;
+
+	skb_queue_head_init(&ab->skb_list);
+	skb_queue_tail(&ab->skb_list, ab->skb);
+
 	if (!nlmsg_put(ab->skb, 0, 0, type, 0, 0))
 		goto err;
=20
@@ -1860,7 +1896,6 @@ struct audit_buffer *audit_log_start(struct audit_con=
text *ctx, gfp_t gfp_mask,
 				     int type)
 {
 	struct audit_buffer *ab;
-	struct audit_stamp stamp;
=20
 	if (audit_initialized !=3D AUDIT_INITIALIZED)
 		return NULL;
@@ -1915,14 +1950,14 @@ struct audit_buffer *audit_log_start(struct audit_c=
ontext *ctx, gfp_t gfp_mask,
 		return NULL;
 	}
=20
-	audit_get_stamp(ab->ctx, &stamp);
+	audit_get_stamp(ab->ctx, &ab->stamp);
 	/* cancel dummy context to enable supporting records */
 	if (ctx)
 		ctx->dummy =3D 0;
 	audit_log_format(ab, "audit(%llu.%03lu:%u): ",
-			 (unsigned long long)stamp.ctime.tv_sec,
-			 stamp.ctime.tv_nsec/1000000,
-			 stamp.serial);
+			 (unsigned long long)ab->stamp.ctime.tv_sec,
+			 ab->stamp.ctime.tv_nsec/1000000,
+			 ab->stamp.serial);
=20
 	return ab;
 }
@@ -2178,31 +2213,128 @@ void audit_log_key(struct audit_buffer *ab, char *=
key)
 		audit_log_format(ab, "(null)");
 }
=20
-int audit_log_task_context(struct audit_buffer *ab)
+/**
+ * audit_buffer_aux_new - Add an aux record buffer to the skb list
+ * @ab: audit_buffer
+ * @type: message type
+ *
+ * Aux records are allocated and added to the skb list of
+ * the "main" record. The ab->skb is reset to point to the
+ * aux record on its creation. When the aux record in complete
+ * ab->skb has to be reset to point to the "main" record.
+ * This allows the audit_log_ functions to be ignorant of
+ * which kind of record it is logging to. It also avoids adding
+ * special data for aux records.
+ *
+ * On success ab->skb will point to the new aux record.
+ * Returns 0 on success, -ENOMEM should allocation fail.
+ */
+static int audit_buffer_aux_new(struct audit_buffer *ab, int type)
+{
+	WARN_ON(ab->skb !=3D skb_peek(&ab->skb_list));
+
+	ab->skb =3D nlmsg_new(AUDIT_BUFSIZ, ab->gfp_mask);
+	if (!ab->skb)
+		goto err;
+	if (!nlmsg_put(ab->skb, 0, 0, type, 0, 0))
+		goto err;
+	skb_queue_tail(&ab->skb_list, ab->skb);
+
+	audit_log_format(ab, "audit(%llu.%03lu:%u): ",
+			 (unsigned long long)ab->stamp.ctime.tv_sec,
+			 ab->stamp.ctime.tv_nsec/1000000,
+			 ab->stamp.serial);
+
+	return 0;
+
+err:
+	kfree_skb(ab->skb);
+	ab->skb =3D skb_peek(&ab->skb_list);
+	return -ENOMEM;
+}
+
+/**
+ * audit_buffer_aux_end - Switch back to the "main" record from an aux rec=
ord
+ * @ab: audit_buffer
+ *
+ * Restores the "main" audit record to ab->skb.
+ */
+static void audit_buffer_aux_end(struct audit_buffer *ab)
+{
+	ab->skb =3D skb_peek(&ab->skb_list);
+}
+
+/**
+ * audit_log_subj_ctx - Add LSM subject information
+ * @ab: audit_buffer
+ * @prop: LSM subject properties.
+ *
+ * Add a subj=3D field and, if necessary, a AUDIT_MAC_TASK_CONTEXTS record.
+ */
+int audit_log_subj_ctx(struct audit_buffer *ab, struct lsm_prop *prop)
 {
-	struct lsm_prop prop;
 	struct lsm_context ctx;
+	char *space =3D "";
 	int error;
+	int i;
=20
-	security_current_getlsmprop_subj(&prop);
-	if (!lsmprop_is_set(&prop))
+	security_current_getlsmprop_subj(prop);
+	if (!lsmprop_is_set(prop))
 		return 0;
=20
-	error =3D security_lsmprop_to_secctx(&prop, &ctx, LSM_ID_UNDEF);
-	if (error < 0) {
-		if (error !=3D -EINVAL)
-			goto error_path;
+	if (audit_subj_secctx_cnt < 2) {
+		error =3D security_lsmprop_to_secctx(prop, &ctx, LSM_ID_UNDEF);
+		if (error < 0) {
+			if (error !=3D -EINVAL)
+				goto error_path;
+			return 0;
+		}
+		audit_log_format(ab, " subj=3D%s", ctx.context);
+		security_release_secctx(&ctx);
 		return 0;
 	}
-
-	audit_log_format(ab, " subj=3D%s", ctx.context);
-	security_release_secctx(&ctx);
+	/* Multiple LSMs provide contexts. Include an aux record. */
+	audit_log_format(ab, " subj=3D?");
+	error =3D audit_buffer_aux_new(ab, AUDIT_MAC_TASK_CONTEXTS);
+	if (error)
+		goto error_path;
+
+	for (i =3D 0; i < audit_subj_secctx_cnt; i++) {
+		error =3D security_lsmprop_to_secctx(prop, &ctx,
+						   audit_subj_lsms[i]->id);
+		if (error < 0) {
+			/*
+			 * Don't print anything. An LSM like BPF could
+			 * claim to support contexts, but only do so under
+			 * certain conditions.
+			 */
+			if (error =3D=3D -EOPNOTSUPP)
+				continue;
+			if (error !=3D -EINVAL)
+				audit_panic("error in audit_log_task_context");
+		} else {
+			audit_log_format(ab, "%ssubj_%s=3D%s", space,
+					 audit_subj_lsms[i]->name, ctx.context);
+			space =3D " ";
+			security_release_secctx(&ctx);
+		}
+	}
+	audit_buffer_aux_end(ab);
 	return 0;
=20
 error_path:
-	audit_panic("error in audit_log_task_context");
+	audit_panic("error in audit_log_subj_ctx");
 	return error;
 }
+EXPORT_SYMBOL(audit_log_subj_ctx);
+
+int audit_log_task_context(struct audit_buffer *ab)
+{
+	struct lsm_prop prop;
+
+	security_current_getlsmprop_subj(&prop);
+	return audit_log_subj_ctx(ab, &prop);
+}
 EXPORT_SYMBOL(audit_log_task_context);
=20
 void audit_log_d_path_exe(struct audit_buffer *ab,
@@ -2411,6 +2543,26 @@ int audit_signal_info(int sig, struct task_struct *t)
 	return audit_signal_info_syscall(t);
 }
=20
+/**
+ * __audit_log_end - enqueue one audit record
+ * @skb: the buffer to send
+ */
+static void __audit_log_end(struct sk_buff *skb)
+{
+	struct nlmsghdr *nlh;
+
+	if (audit_rate_check()) {
+		/* setup the netlink header, see the comments in
+		 * kauditd_send_multicast_skb() for length quirks */
+		nlh =3D nlmsg_hdr(skb);
+		nlh->nlmsg_len =3D skb->len - NLMSG_HDRLEN;
+
+		/* queue the netlink packet */
+		skb_queue_tail(&audit_queue, skb);
+	} else
+		audit_log_lost("rate limit exceeded");
+}
+
 /**
  * audit_log_end - end one audit record
  * @ab: the audit_buffer
@@ -2423,25 +2575,16 @@ int audit_signal_info(int sig, struct task_struct *=
t)
 void audit_log_end(struct audit_buffer *ab)
 {
 	struct sk_buff *skb;
-	struct nlmsghdr *nlh;
=20
 	if (!ab)
 		return;
=20
-	if (audit_rate_check()) {
-		skb =3D ab->skb;
-		ab->skb =3D NULL;
+	while ((skb =3D skb_dequeue(&ab->skb_list)))
+		__audit_log_end(skb);
=20
-		/* setup the netlink header, see the comments in
-		 * kauditd_send_multicast_skb() for length quirks */
-		nlh =3D nlmsg_hdr(skb);
-		nlh->nlmsg_len =3D skb->len - NLMSG_HDRLEN;
-
-		/* queue the netlink packet and poke the kauditd thread */
-		skb_queue_tail(&audit_queue, skb);
+	/* poke the kauditd thread */
+	if (audit_rate_check())
 		wake_up_interruptible(&kauditd_wait);
-	} else
-		audit_log_lost("rate limit exceeded");
=20
 	audit_buffer_free(ab);
 }
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 6d6545297ee3..0da652844dd6 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -84,7 +84,6 @@ struct audit_buffer *netlbl_audit_start_common(int type,
 					       struct netlbl_audit *audit_info)
 {
 	struct audit_buffer *audit_buf;
-	struct lsm_context ctx;
=20
 	if (audit_enabled =3D=3D AUDIT_OFF)
 		return NULL;
@@ -96,13 +95,7 @@ struct audit_buffer *netlbl_audit_start_common(int type,
 	audit_log_format(audit_buf, "netlabel: auid=3D%u ses=3D%u",
 			 from_kuid(&init_user_ns, audit_info->loginuid),
 			 audit_info->sessionid);
-
-	if (lsmprop_is_set(&audit_info->prop) &&
-	    security_lsmprop_to_secctx(&audit_info->prop, &ctx,
-				       LSM_ID_UNDEF) > 0) {
-		audit_log_format(audit_buf, " subj=3D%s", ctx.context);
-		security_release_secctx(&ctx);
-	}
+	audit_log_subj_ctx(audit_buf, &audit_info->prop);
=20
 	return audit_buf;
 }
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index db8592bed189..a74825eebba0 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -2251,6 +2251,9 @@ static int __init apparmor_init(void)
 	security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks),
 				&apparmor_lsmid);
=20
+	/* Inform the audit system that secctx is used */
+	audit_cfg_lsm(&apparmor_lsmid, AUDIT_CFG_LSM_SECCTX_SUBJECT);
+
 	/* Report that AppArmor successfully initialized */
 	apparmor_initialized =3D 1;
 	if (aa_g_profile_mode =3D=3D APPARMOR_COMPLAIN)
diff --git a/security/lsm.h b/security/lsm.h
index d1d54540da98..c432dc0c5e30 100644
--- a/security/lsm.h
+++ b/security/lsm.h
@@ -24,10 +24,6 @@ extern bool lsm_debug;
 extern unsigned int lsm_count;
 extern const struct lsm_id *lsm_idlist[];
=20
-/* LSM property configuration */
-extern unsigned int lsm_count_prop_subj;
-extern unsigned int lsm_count_prop_obj;
-
 /* LSM blob configuration */
 extern struct lsm_blob_sizes blob_sizes;
=20
diff --git a/security/lsm_init.c b/security/lsm_init.c
index c2ef4db055db..54166688efff 100644
--- a/security/lsm_init.c
+++ b/security/lsm_init.c
@@ -190,11 +190,6 @@ static void __init lsm_order_append(struct lsm_info *l=
sm, const char *src)
 	lsm_order[lsm_count] =3D lsm;
 	lsm_idlist[lsm_count++] =3D lsm->id;
=20
-	if (lsm->id->flags & LSM_ID_FLG_PROP_SUBJ)
-		lsm_count_prop_subj++;
-	if (lsm->id->flags & LSM_ID_FLG_PROP_OBJ)
-		lsm_count_prop_obj++;
-
 	lsm_pr_dbg("enabling LSM %s:%s\n", src, lsm->id->name);
 }
=20
diff --git a/security/security.c b/security/security.c
index 2cc832dc8a45..678b261e91de 100644
--- a/security/security.c
+++ b/security/security.c
@@ -78,9 +78,6 @@ bool lsm_debug __ro_after_init;
 unsigned int lsm_count __ro_after_init;
 const struct lsm_id *lsm_idlist[MAX_LSM_COUNT];
=20
-unsigned int lsm_count_prop_subj __ro_after_init;
-unsigned int lsm_count_prop_obj __ro_after_init;
-
 struct lsm_blob_sizes blob_sizes;
=20
 struct kmem_cache *lsm_file_cache;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b00c2627286a..81b66b4d9695 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -7594,6 +7594,9 @@ static __init int selinux_init(void)
 	/* Set the security state for the initial task. */
 	cred_init_security();
=20
+	/* Inform the audit system that secctx is used */
+	audit_cfg_lsm(&selinux_lsmid, AUDIT_CFG_LSM_SECCTX_SUBJECT);
+
 	default_noexec =3D !(VM_DATA_DEFAULT_FLAGS & VM_EXEC);
 	if (!default_noexec)
 		pr_notice("SELinux:  virtual memory is executable by default\n");
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 46ef5ece991c..9a76821b7191 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -5268,6 +5268,9 @@ static __init int smack_init(void)
 	/* initialize the smack_known_list */
 	init_smack_known_list();
=20
+	/* Inform the audit system that secctx is used */
+	audit_cfg_lsm(&smack_lsmid, AUDIT_CFG_LSM_SECCTX_SUBJECT);
+
 	return 0;
 }
=20
--=20
2.50.1
From nobody Mon Sep 15 20:49:56 2025
Received: from sonic310-30.consmr.mail.ne1.yahoo.com
 (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id EBC6A2EBDDB
	for <linux-kernel@vger.kernel.org>; Sat, 16 Aug 2025 16:42:00 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=66.163.186.211
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755362522; cv=none;
 b=ZzShfQ7K99lYSMzNGUrLoQgkdWxOU8eR0PH1/vSb7Q3tJsKksw0w8mvd6poXN2qSlUsodNdR0UpQ4nav1hFHwU9PQHawIsnruzw5+7TEK+b7TqEJirhdHNkPZS8YK25NSoZmaPqeQOgbMviHAQT5xQET+zxcM0eR9x2kySYAniU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755362522; c=relaxed/simple;
	bh=IfyU0SLKhVx4/evH4GZoQneZPuk9OIpaNSSabTsfFxo=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=QD7Fc4de5ikFxrNqE7obzn6A1Z3eXd2JzZJBoMRQNgn3/GiGUCH36r40tuxrd0lVumQvnPt7gJsQ/RhxPexG7cdOEERlgYHhNANZu+09nrihpiV6YHiCzget/o75maTQ0cq02QXmLblAp3UO/+eGOsvclu+y50Bn+cdUdWfj2f0=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com;
 spf=none smtp.mailfrom=schaufler-ca.com;
 dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b=ZctXdS7V; arc=none smtp.client-ip=66.163.186.211
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=none smtp.mailfrom=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b="ZctXdS7V"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362520; bh=fY+bnHMn1zvihdkur8/hjRqH2qCiWCld0D1nWQRQIQk=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To;
 b=ZctXdS7Vei2WaPC0PV5/VEPrq12NM0LRW5l//omX9peartivXWNxHd4w63ovoe8m6f81LV+7cq21xtT4OT+TdK64piK/Cl+wiX3Ujkel3978IscUG+sPjCGYlirnvN4hFpFDeXbb3o4G34zxVXsRHmLnx2wmWgLIV1A/RKKZskzlWRT2c9wKmL6xBG1qO/Kcplpv+H9ENfE1VAWt8L7asn2eFRfWYUoJ1gyjc1Kx6CdlF52BT0t+OaoHrFy8KM3DTeYmI276rCR1zRMuoH/46ZPGnHC3hXregfVbprawy2UmRFlwJE/PnCDeTdZUx5/b5poQZCCtGXGrOg/A6rTcFA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362520; bh=LbayN2cdKXH4dOY63ex4uyZbhEOi7agd57tfRfnrm/U=;
 h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
 b=DmOlX6qBdnZm/Jqri/uSglaGlBB+JfCskAMK/KC3VHf9gPa+sr5oa3JuQSE6m2JjwG9TjoOMXjR9OGAFnFATX699o8ZTtECHNwQGjb9GeDc57IDH25Av7xXPTY0TJhe7+Lrp7W9wpaan0PVwoRnCnRB/zmvdiplcTq8BuMJrteB9hZkmPkY8gjLDHiBfekgXF6f+TJvtWev2Wc/1jfwVExRMnAsrAEOZirwKH7nYTCxiJE9rpl3MuAlBrkC/IpVq2KrGB3zzLt0r+5Gy7v40X6xQTt4DeCSQBky/yTBsViRbC0Q2MF/hd1Pm2C+3ECGaEbSQONzEZUm3q5c9UcHk/Q==
X-YMail-OSG: Eh8n8gIVM1k9N3KPs4TySABCYcvWEvOLX67P9EH3fK4H6fQA.pktdSmyrB0Sx.s
 rAHI29DRWMPpiBMg1MVFGBVksG4EfJ572QU22VsDljCIdKgvs6kWSdYHUrxkd8VEk.ceK1h51wk3
 TsKU3XuuCmNFHYWUOkgu_ePXCNGvAJgbzt6qakeNUSGt9SvF7aBe1FT5wPXFfAJ6yhMOSb9dLzwN
 ySLZyCIUvJD2WGw1KJUBhtuiv1VCrMADkcMhn9lt8EoKa_clLcWIIidxcnKFsvTUuJC0lOdImeMQ
 FnkZmW_id41C4AW6sy7D95tyESpTQY_bZqYM0WXlzKA6EenlGxHzIGctXc8T1SLVRezcTMP4aXyg
 .8jZrlX0l5kDe8XcrYTWV7RkU_ui95Y45ZCIyKCG5zjIy8GT_KZd0H2iK._ZlL3Iug1tRE6rUMr5
 rU8UzA2i4kOpgMnpq65fYLX_gLvgf3ZQP3rYcRpz68Nm3dQlrk.fAJ1URULbj.Bl95gVSOrozAry
 x.rZemwLhrEiyskNvF34OYmIa7ad9VD9_0SDG_bvIBrbpkZx.IPh4pfH8NdbVE6kd9.6px.w62tY
 5c.yBU3A.6mRukcVoCnwBWfXKG.XqXwFuVtsrX0sN.hdFl5tdgyY7pt2q3yIQjvTWkQulQaLNe3y
 uLnVCnzdGvsZXNUR2vYpl0PY8t8qB.Xf_3N_BQKtk.IRSzbTU.q3u7RSt5.GrZAQtvEeJobMOdS3
 XTPnKo8T9zpQezcMk5Tc.0ebMFihbLFy0K0DBHy_718ihqhQqTwulrk9x6E0YZy05P4osM_IDls1
 v6dix38ZSuzPe3oogLQBK.owgHsQh6ItC.Zj6r0Z8zd_e8xBfpztQS5TlVFiLP1DO5YgfIYqYLN6
 583ZEPSB0oXZ2uK_lgk_17xJryik5R.FxnMHWz96PHVGM49n_PpaVxB_CYO1lsF_5esuta0voFI6
 HYnswvtBDtyCmXI5two9y8rSTnn2EnoexvvyVNB7y0oEiVEKCPu73rEMbwE1ydzxLhYVvvUit.fg
 _z.MIZMbaynsJJWUEQcEdo9IKWgwGTqu8hRMQbWnLva1JqKApQcOXhLYJXjH19yO0f6sUxVZgPHb
 DT5Z8Es0cwZPVxUaBAtXxfrFC84nfZJCmO22kOpjPqzKAClFEOk9yiefEyKMLc5qDZdvwm_5Fvue
 _3SB_NIclr.LETW8G2v3KFghotZZe2HXv7qJUHiX_b6oXn0FCI.rrSmRaRm.ffMyW.QjeDpEDCGl
 1DGOLiaYeV1Pqbd6H9ScVRR9H_lhith2LCNKBOoi8GwJAnNlkfy.2SJosBBF7G_5GHWMCR3c9b.9
 XYDivXbEn7M1LpAGcIYe8HyFhy8jyTzb3_ppRWUCtjCw1CpgVTz7o9qaw_atgJcIgiFnA14q4W52
 bYDwWBE17T6Ky667F_fvE1b7n664_GjnvDQgV7UAtEcEq5RelcTlOLKe6Yrzy4FoosT5MKtFankk
 3RyGxfh.fuA69h.RDrJTuCptI4koFzDAHC1WFarEBoEnHSmLrDQrPLmqUZRx70UOqNfwxwjNXr6o
 LJ9ij93Eh8iqfpj_H2G87OID3XzXFZDecMViqNL1B8KsyWg9Wsuz4TKMxbwQdNCsZbJNmMvGLU07
 E44U4yU3ONgeh9zyU828Ljj1ZOnSx9nsqtAvWeEsoiaS461vLHNYw74nRZhZzkqeUowlnjMSOIg0
 9gwcDB5QuBXQwWexppnUTxoh5MbN0r9paIjAFsBcWpWESG8ZB0Y7iV4t0_VfqEgslStVd1qmiEuH
 Bj0JDysG5BMok6MJlz6okp6gwzHiUTTtbmIbPy34znhyFdvZIY.xCUzsbZ2ju.fDLwi4r8C7EPfs
 RSw0rhKTaDlfO5ZVPmioqyE.Dqrm21K82ruRGJRbPD_PUf2B2ve_wwuq1153NxmEH2ZxgfbqsEF1
 kx.bidhCZFdQt_XRG65qgQ6hcbSvdzTvLh.TyXuD5iPir.KGqgG1hyuYpgVko8HDVwxl5Xwq.kh8
 cx_XJ1M6EzDP8nO99yVOkUnZ3K8XHmUmWIsZQo05a4bltz3Px77QKBHSJpZLEXE0CgYk46xIOaOR
 pIzNZ9v.Ziyj3jbAot_NeqEOVVFXXaMmce7gcRbTBL.GGlqE0vNnJwkNx8dKv82QMBFOACjv7F9T
 QfBfcrVeZgL6IOfZ0DmFgmRNtz19i3fTyM5PVHzoHvewC7ztrf2AvPw37KyWhbUG8xoCyvtTXKXa
 .h1lyswBKXPjYcXxF5I8zDqTCWdb16RXJfUhhlnPbdo7rHt_69aQXa5AxhULsPg._ikDmdWdVf1f
 .3CePD4EnuXLOSHzX7M_PAdGj3Fs-
X-Sonic-MF: <casey@schaufler-ca.com>
X-Sonic-ID: ad2a0721-8dc7-4b24-ad2d-9848e8b27c9e
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic310.consmr.mail.ne1.yahoo.com with HTTP; Sat, 16 Aug 2025 16:42:00 +0000
Received: by hermes--production-gq1-74d64bb7d7-5qmwx (Yahoo Inc. Hermes SMTP
 Server) with ESMTPA ID 12cf07a2fbb9800c7a9ea9632f3a0835;
          Sat, 16 Aug 2025 16:41:58 +0000 (UTC)
From: Casey Schaufler <casey@schaufler-ca.com>
To: casey@schaufler-ca.com,
	paul@paul-moore.com,
	eparis@redhat.com,
	linux-security-module@vger.kernel.org,
	audit@vger.kernel.org
Cc: jmorris@namei.org,
	serge@hallyn.com,
	keescook@chromium.org,
	john.johansen@canonical.com,
	penguin-kernel@i-love.sakura.ne.jp,
	stephen.smalley.work@gmail.com,
	linux-kernel@vger.kernel.org,
	selinux@vger.kernel.org
Subject: [PATCH v5 4/5] Audit: Fix indentation in audit_log_exit
Date: Sat, 16 Aug 2025 09:41:39 -0700
Message-ID: <20250816164140.6045-5-casey@schaufler-ca.com>
X-Mailer: git-send-email 2.50.1
In-Reply-To: <20250816164140.6045-1-casey@schaufler-ca.com>
References: <20250816164140.6045-1-casey@schaufler-ca.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Fix two indentation errors in audit_log_exit().

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 kernel/auditsc.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 322d4e27f28e..84173d234d4a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1780,15 +1780,16 @@ static void audit_log_exit(void)
 						  axs->target_sessionid[i],
 						  &axs->target_ref[i],
 						  axs->target_comm[i]))
-				call_panic =3D 1;
+			call_panic =3D 1;
 	}
=20
 	if (context->target_pid &&
 	    audit_log_pid_context(context, context->target_pid,
 				  context->target_auid, context->target_uid,
 				  context->target_sessionid,
-				  &context->target_ref, context->target_comm))
-			call_panic =3D 1;
+				  &context->target_ref,
+				  context->target_comm))
+		call_panic =3D 1;
=20
 	if (context->pwd.dentry && context->pwd.mnt) {
 		ab =3D audit_log_start(context, GFP_KERNEL, AUDIT_CWD);
--=20
2.50.1
From nobody Mon Sep 15 20:49:56 2025
Received: from sonic310-30.consmr.mail.ne1.yahoo.com
 (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9E01D2F90E8
	for <linux-kernel@vger.kernel.org>; Sat, 16 Aug 2025 16:42:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=66.163.186.211
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1755362527; cv=none;
 b=XUBgBa4EEI8MlZJAi41eSoPpyj3pE5OVkadYbJXPO87iEat4xBViHsH06qC3ZLZCx7fLpRzT481VfZxrwNfybGcdLuM+uk4o7Ho+X576XYGwM+sBGEGKDXtk1qLo2DaOgD01xj5taecvRFA6sXwDIQ32B7oOpdNWAwzCGPdhz9Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1755362527; c=relaxed/simple;
	bh=yfa9Le4lb5zMC3IdsYbIy/yKf7bgxgvAd+uGw9L5SvA=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=fS7fw6G+ARfILwWbq2eKw3yjjtubfJG9dnIhcoXRRb8ofzLi2RO6vlshnvL+q1RTzjB3QTPAOOJHQwVFgaZlzpsAyPoG0vN/UemoNhNvUNt74TBX5lHcfJX99rijgLR7oC1ZsL8KvB7qMx1y9uYoALHDP3TYE4//OY8CyrnHl/M=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com;
 spf=none smtp.mailfrom=schaufler-ca.com;
 dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b=ZNXQVlYb; arc=none smtp.client-ip=66.163.186.211
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=none smtp.mailfrom=schaufler-ca.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=yahoo.com header.i=@yahoo.com
 header.b="ZNXQVlYb"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362525; bh=dYaM+pd3yzaz1nKx5VENYoAhmPuQyeNRspRVe9Ly1ho=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To;
 b=ZNXQVlYb/nGdcqsHI+W/ZlEb0tqX7Dcjqf3FnOFToxR1ZzUb7qncU3thIX5NVr2n2XsXjcQoL6bBXGFDZSj/m5EnRa2V2kCmwGKcyP5R9LFnJlvaAf1QPbu3hrA/zGTazBMaxLrwBBbk2mp25esN6O8fIxsq4SkElWky21i48TBf+WCtAFRJ3rRnRh8fEhQwXmojnImdZJZVTGyNE4NZpCMxYIentOr1LG0j+CpoGfijKsDabsEkSd+obj7NYY2IpZ9A543sLNGd/BgSa3Z/bTTg8a8hfAnA5kAHxepv6o4i6h5eLyvRfsIzeG0nCswpQe/XECQMpz/sZ7Fxg6hfuQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1755362525; bh=H/82xlQyFg8EvPmRJb7TmJAPO3iLNbtwBQNDQaxqXVb=;
 h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
 b=qPPCoeeLfVOocbsNEsTdWW9YzvsmcgGi/HsE/8zpelwPUFOTuCiYvV6k78e8rj02GeomD4noy5rDHeF3FaR3nAgtAj/IldQSjirKcTx/NunCVvt5OROLaNVgmJfUNY0ekcK4KxPn0m8SOq4jyoQfwOtwG/YnFp9vVOv/JkKsOD5zyiZK98QpXKqde4duzExdNi1veQcGFMa8Ro01hg7i6qNo8LhBs/AgCzEHo/3DLNDaqIlfil40TEEBN+/NakvOEMUH/uI2pIlp+nf2UjhSQE+gU2K5bzxmCopZD++P71i5o3p01B6WWzl57BjSLM6xlMb5MXjAf1n68yDZLX57NQ==
X-YMail-OSG: 7w1Yc9QVM1l6XRZVm9sqZpRtP7KLcVEYt1n14_jZlB0YOMP.ENW38X0ed0M4_Be
 ioJIK6MHc2KYRlZRFWTdyNg3_0Ygqr97qn8PbZJzKrx08ERrzixKYkkoAvx0.aFbxgaWvS3AY.Pa
 0QuR5Ci_NAbB_A5mU2k3ktLDc7T4_uvxJnp3ly2TavoV.R37pnmvJipgIinbeo2g9oRxc70TZQMz
 3Df_fOjgF1mvl861QTO12BhWVWZJhIVmL3Qe5xTU8zedcW1y8zFcWPF9KfGgy07LhhIyqP7b7ciu
 Ri2yhTgwrVMdpXAQnuiH5H.YQVREE5Q8n5NLuWFOku9EuFUkGq8HUsu6l58K_LTl3m9iJHgfBg2i
 yZ7aq2JNA5Xzc_ENfRdrfBXDud.Dd6PnOhDQ.6l4aatLog_PzOHTR7tyn6gW2QJkYSARN2WTmind
 IhsjjOnSt8wavwJN51c0QeooAcKiBeHbKjUlU6sC4_Ej_T7idx5R5ckrXNQxSXuBtw723h7fftNZ
 ls8estrce.iNPgcC5i0jCerb7LVDx5CkZtiejsKVCXJYELHpnpfz.Dz8qs3JGv5B7ngVaRKFvRKq
 enD3x6CuCKLLt4JHo98aJnKxpo._g1yz7SW.E1JXFltie_taxBICRFzc2Mlx91dUTd2ix5E_tSCW
 xT8FGy56pSDAj3jU2.Ve8Jv7Xq3YfjI9q4rzribODQ6DGHQYgFPxi3MdCK0es3jvmR1fn2D44NSU
 Rkfkbq5L0yTlGd3JfcE_c8j0CzbRXgM6xPPhjkkdH8_Sn4kAP33svuBgHCZI6lU1GvqH8VkxA6oX
 qz6r2KtjXtEFlGxCX3DIxgoqV_MyCAI7FNGBLmEiiEMuQ0wPHtGLOPP_pQ1_sWhSfLMkoC4V1ASS
 4ZXgFTia73z9T0KDr2EHAJLMq4lkQ1v.aMz3gWRGShxPbbrXLDZERXU3RT_2BZUcP7uM4_kdIdpR
 qGpd35s4vaDv3m42Qj_Q_KI8Vm_eT7d9fs3Z9e_mV11V0wpUI0hp3W8y54PoSgxgbinek6SwEZGT
 t82lu56N_BcDxbVoKxq5QwMbEMdKPPQ_xusiEzCZCKDAv_ruNk3Znb8EBqrK16dxDIWAnbTX3bX3
 nViequ9Cs7ERdVGJtcIHfANX6LRUgCrimqai5MY7VSGmHdE4HZhrZF7CPyy2JUtOAZMoaOEb3qEo
 0RWHgzlQgXYCL7t0wB63u8oRmiPdNbqLJPV1UuiyjsBUSUac1svCzLRrYfw1LqLOwq1PuzvtNO.z
 rS7XvGYxZOaTbXeUohc_5et_0QxKnAjYbO255JTfhziIhR4cQlrOcAWUnlatu7Nou6iXykU1LgRY
 Aep8q.i53NH.bf6XbtZkf3Bp5DhkS.pcRQYRZwILBB.Cne88jmacVAyiTUTww5_znp.CSSe2GqP0
 lCZg8I5RU2d6PmOMcrdCTWXmUyjeAwonkPcS_GOMBc9ZXzpG4ULiYWHcSo.l3otIHBHpEXwg9JdX
 Ngz9INtoSvWB.EbvkWj5S43kM807xhLuACcXeGjlhNxbNzUn2ZpeicKe3LHkdNBP59gx9kIwmJbg
 JoFUehcblzUfH6gqO0Me1nRpKGbodJ6pritVO_eM2P_6dsTcyDtkyju9ufAgNbnSVh3QsfnkaDaG
 EYNxZ_no5rXI_lTR5PP2B3W8ZZXTDDewVmyF5CxCuAeQwhBJpXejjKmGl_jnIguZ2N6BuhZwk2yN
 nvpTDzqbxaBtUbvNeqI2BAWTFJroJZyYj6A7ZVkgeYtTFuczQwSMPs_QjzGTlRLJkHVXviZ3.lJF
 JxcJBHSlHbifqHzf7PsjdMOeceg6unlXWAEV9iiRDjS.GgwDkxlDvtrYiW5HAFSKNcdZ_tkDtCCy
 u1tW4fgR0BcAkv.akpYO.9Z.cMN8MPPV3SpwNYLILWk8EDmmnzCDc89b2FncYzHfSE2FtmULAqGL
 cdi9T7ZBV8S1Y87LCTXKbO3FfoA9XanKARCcaU.dPaaS2Pxlg4Ftf5a3ABbf7e26SinE0qjFwgos
 FSHxdo46AVH7Ol0l4ZQr2Ltqss06Zmd59qpLeEKIAvyj0AtwCIC_r7mlSeQm4THSIfab3tQLO2Pg
 Auya7Y9OJoT6hWvXYHLnnJcHPup7YbyeEcFPpuVeyIWAWwzLjXBFw3HyXSL9vwJCg7ZHRm7eI7a.
 Pf5RVIK4PIWVxc1BHNqgsLJ3U7u.JzKKB9p5QdjePCUGeWciEjvtXMVcXO1I1nFE7ebTkije_Sno
 fzVN_tUF8zcgHA2NZdLX0EiO127YaxWPFlZ2N3w_AJWStOp1_rNugYYJwbn0xnJ.0DNacqBe.nuD
 DjvMvEYQ8EIHfqmD0FvHd2n1stLIJ
X-Sonic-MF: <casey@schaufler-ca.com>
X-Sonic-ID: d67f07ed-e3ba-48e2-87c3-23613d8c5b0d
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic310.consmr.mail.ne1.yahoo.com with HTTP; Sat, 16 Aug 2025 16:42:05 +0000
Received: by hermes--production-gq1-74d64bb7d7-5qmwx (Yahoo Inc. Hermes SMTP
 Server) with ESMTPA ID 12cf07a2fbb9800c7a9ea9632f3a0835;
          Sat, 16 Aug 2025 16:41:59 +0000 (UTC)
From: Casey Schaufler <casey@schaufler-ca.com>
To: casey@schaufler-ca.com,
	paul@paul-moore.com,
	eparis@redhat.com,
	linux-security-module@vger.kernel.org,
	audit@vger.kernel.org
Cc: jmorris@namei.org,
	serge@hallyn.com,
	keescook@chromium.org,
	john.johansen@canonical.com,
	penguin-kernel@i-love.sakura.ne.jp,
	stephen.smalley.work@gmail.com,
	linux-kernel@vger.kernel.org,
	selinux@vger.kernel.org
Subject: [PATCH v5 5/5] Audit: Add record for multiple object contexts
Date: Sat, 16 Aug 2025 09:41:40 -0700
Message-ID: <20250816164140.6045-6-casey@schaufler-ca.com>
X-Mailer: git-send-email 2.50.1
In-Reply-To: <20250816164140.6045-1-casey@schaufler-ca.com>
References: <20250816164140.6045-1-casey@schaufler-ca.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Create a new audit record AUDIT_MAC_OBJ_CONTEXTS.
An example of the MAC_OBJ_CONTEXTS record is:

    type=3DMAC_OBJ_CONTEXTS
    msg=3Daudit(1601152467.009:1050):
    obj_selinux=3Dunconfined_u:object_r:user_home_t:s0

When an audit event includes a AUDIT_MAC_OBJ_CONTEXTS record
the "obj=3D" field in other records in the event will be "obj=3D?".
An AUDIT_MAC_OBJ_CONTEXTS record is supplied when the system has
multiple security modules that may make access decisions based
on an object security context.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 include/linux/audit.h      |  7 +++++
 include/uapi/linux/audit.h |  1 +
 kernel/audit.c             | 58 +++++++++++++++++++++++++++++++++++++-
 kernel/auditsc.c           | 38 +++++--------------------
 security/selinux/hooks.c   |  4 ++-
 security/smack/smack_lsm.c |  4 ++-
 6 files changed, 78 insertions(+), 34 deletions(-)

diff --git a/include/linux/audit.h b/include/linux/audit.h
index fb54c1119947..56944fbc1e58 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -151,6 +151,7 @@ extern unsigned compat_signal_class[];
=20
 /* bit values for audit_cfg_lsm */
 #define AUDIT_CFG_LSM_SECCTX_SUBJECT	BIT(0)
+#define AUDIT_CFG_LSM_SECCTX_OBJECT	BIT(1)
=20
 struct filename;
=20
@@ -191,6 +192,7 @@ extern void		    audit_log_path_denied(int type,
 extern void		    audit_log_lost(const char *message);
=20
 extern int audit_log_subj_ctx(struct audit_buffer *ab, struct lsm_prop *pr=
op);
+extern int audit_log_obj_ctx(struct audit_buffer *ab, struct lsm_prop *pro=
p);
 extern int audit_log_task_context(struct audit_buffer *ab);
 extern void audit_log_task_info(struct audit_buffer *ab);
=20
@@ -258,6 +260,11 @@ static inline int audit_log_subj_ctx(struct audit_buff=
er *ab,
 {
 	return 0;
 }
+static inline int audit_log_obj_ctx(struct audit_buffer *ab,
+				    struct lsm_prop *prop)
+{
+	return 0;
+}
 static inline int audit_log_task_context(struct audit_buffer *ab)
 {
 	return 0;
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 8cad2f307719..14a1c1fe013a 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -149,6 +149,7 @@
 #define AUDIT_LANDLOCK_ACCESS	1423	/* Landlock denial */
 #define AUDIT_LANDLOCK_DOMAIN	1424	/* Landlock domain status */
 #define AUDIT_MAC_TASK_CONTEXTS	1425	/* Multiple LSM task contexts */
+#define AUDIT_MAC_OBJ_CONTEXTS	1426	/* Multiple LSM objext contexts */
=20
 #define AUDIT_FIRST_KERN_ANOM_MSG   1700
 #define AUDIT_LAST_KERN_ANOM_MSG    1799
diff --git a/kernel/audit.c b/kernel/audit.c
index c7dea6bfacdd..63c69db43172 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -85,7 +85,9 @@ static unsigned int audit_net_id;
 /* Number of modules that provide a security context.
    List of lsms that provide a security context */
 static u32 audit_subj_secctx_cnt;
+static u32 audit_obj_secctx_cnt;
 static const struct lsm_id *audit_subj_lsms[MAX_LSM_COUNT];
+static const struct lsm_id *audit_obj_lsms[MAX_LSM_COUNT];
=20
 /**
  * struct audit_net - audit private network namespace data
@@ -305,6 +307,12 @@ void audit_cfg_lsm(const struct lsm_id *lsmid, int fla=
gs)
 				return;
 		audit_subj_lsms[audit_subj_secctx_cnt++] =3D lsmid;
 	}
+	if (flags & AUDIT_CFG_LSM_SECCTX_OBJECT) {
+		for (i =3D 0 ; i < audit_obj_secctx_cnt; i++)
+			if (audit_obj_lsms[i] =3D=3D lsmid)
+				return;
+		audit_obj_lsms[audit_obj_secctx_cnt++] =3D lsmid;
+	}
 }
=20
 /**
@@ -1142,7 +1150,6 @@ static int is_audit_feature_set(int i)
 	return af.features & AUDIT_FEATURE_TO_MASK(i);
 }
=20
-
 static int audit_get_feature(struct sk_buff *skb)
 {
 	u32 seq;
@@ -2337,6 +2344,55 @@ int audit_log_task_context(struct audit_buffer *ab)
 }
 EXPORT_SYMBOL(audit_log_task_context);
=20
+int audit_log_obj_ctx(struct audit_buffer *ab, struct lsm_prop *prop)
+{
+	int i;
+	int rc;
+	int error =3D 0;
+	char *space =3D "";
+	struct lsm_context ctx;
+
+	if (audit_obj_secctx_cnt < 2) {
+		error =3D security_lsmprop_to_secctx(prop, &ctx, LSM_ID_UNDEF);
+		if (error < 0) {
+			if (error !=3D -EINVAL)
+				goto error_path;
+			return error;
+		}
+		audit_log_format(ab, " obj=3D%s", ctx.context);
+		security_release_secctx(&ctx);
+		return 0;
+	}
+	audit_log_format(ab, " obj=3D?");
+	error =3D audit_buffer_aux_new(ab, AUDIT_MAC_OBJ_CONTEXTS);
+	if (error)
+		goto error_path;
+
+	for (i =3D 0; i < audit_obj_secctx_cnt; i++) {
+		rc =3D security_lsmprop_to_secctx(prop, &ctx,
+						audit_obj_lsms[i]->id);
+		if (rc < 0) {
+			audit_log_format(ab, "%sobj_%s=3D?", space,
+					 audit_obj_lsms[i]->name);
+			if (rc !=3D -EINVAL)
+				audit_panic("error in audit_log_obj_ctx");
+			error =3D rc;
+		} else {
+			audit_log_format(ab, "%sobj_%s=3D%s", space,
+					 audit_obj_lsms[i]->name, ctx.context);
+			security_release_secctx(&ctx);
+		}
+		space =3D " ";
+	}
+
+	audit_buffer_aux_end(ab);
+	return error;
+
+error_path:
+	audit_panic("error in audit_log_obj_ctx");
+	return error;
+}
+
 void audit_log_d_path_exe(struct audit_buffer *ab,
 			  struct mm_struct *mm)
 {
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 84173d234d4a..0c28fa33d099 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1098,7 +1098,6 @@ static int audit_log_pid_context(struct audit_context=
 *context, pid_t pid,
 				 char *comm)
 {
 	struct audit_buffer *ab;
-	struct lsm_context ctx;
 	int rc =3D 0;
=20
 	ab =3D audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID);
@@ -1108,15 +1107,9 @@ static int audit_log_pid_context(struct audit_contex=
t *context, pid_t pid,
 	audit_log_format(ab, "opid=3D%d oauid=3D%d ouid=3D%d oses=3D%d", pid,
 			 from_kuid(&init_user_ns, auid),
 			 from_kuid(&init_user_ns, uid), sessionid);
-	if (lsmprop_is_set(prop)) {
-		if (security_lsmprop_to_secctx(prop, &ctx, LSM_ID_UNDEF) < 0) {
-			audit_log_format(ab, " obj=3D(none)");
-			rc =3D 1;
-		} else {
-			audit_log_format(ab, " obj=3D%s", ctx.context);
-			security_release_secctx(&ctx);
-		}
-	}
+	if (lsmprop_is_set(prop) && audit_log_obj_ctx(ab, prop))
+		rc =3D 1;
+
 	audit_log_format(ab, " ocomm=3D");
 	audit_log_untrustedstring(ab, comm);
 	audit_log_end(ab);
@@ -1392,16 +1385,8 @@ static void show_special(struct audit_context *conte=
xt, int *call_panic)
 				 from_kgid(&init_user_ns, context->ipc.gid),
 				 context->ipc.mode);
 		if (lsmprop_is_set(&context->ipc.oprop)) {
-			struct lsm_context lsmctx;
-
-			if (security_lsmprop_to_secctx(&context->ipc.oprop,
-						       &lsmctx,
-						       LSM_ID_UNDEF) < 0) {
+			if (audit_log_obj_ctx(ab, &context->ipc.oprop))
 				*call_panic =3D 1;
-			} else {
-				audit_log_format(ab, " obj=3D%s", lsmctx.context);
-				security_release_secctx(&lsmctx);
-			}
 		}
 		if (context->ipc.has_perm) {
 			audit_log_end(ab);
@@ -1558,18 +1543,9 @@ static void audit_log_name(struct audit_context *con=
text, struct audit_names *n,
 				 from_kgid(&init_user_ns, n->gid),
 				 MAJOR(n->rdev),
 				 MINOR(n->rdev));
-	if (lsmprop_is_set(&n->oprop)) {
-		struct lsm_context ctx;
-
-		if (security_lsmprop_to_secctx(&n->oprop, &ctx,
-					       LSM_ID_UNDEF) < 0) {
-			if (call_panic)
-				*call_panic =3D 2;
-		} else {
-			audit_log_format(ab, " obj=3D%s", ctx.context);
-			security_release_secctx(&ctx);
-		}
-	}
+	if (lsmprop_is_set(&n->oprop) &&
+	    audit_log_obj_ctx(ab, &n->oprop))
+		*call_panic =3D 2;
=20
 	/* log the audit_names record type */
 	switch (n->type) {
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 81b66b4d9695..11cd452c970b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -7595,7 +7595,9 @@ static __init int selinux_init(void)
 	cred_init_security();
=20
 	/* Inform the audit system that secctx is used */
-	audit_cfg_lsm(&selinux_lsmid, AUDIT_CFG_LSM_SECCTX_SUBJECT);
+	audit_cfg_lsm(&selinux_lsmid,
+		      AUDIT_CFG_LSM_SECCTX_SUBJECT |
+		      AUDIT_CFG_LSM_SECCTX_OBJECT);
=20
 	default_noexec =3D !(VM_DATA_DEFAULT_FLAGS & VM_EXEC);
 	if (!default_noexec)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 9a76821b7191..5fe4b53fa40b 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -5269,7 +5269,9 @@ static __init int smack_init(void)
 	init_smack_known_list();
=20
 	/* Inform the audit system that secctx is used */
-	audit_cfg_lsm(&smack_lsmid, AUDIT_CFG_LSM_SECCTX_SUBJECT);
+	audit_cfg_lsm(&smack_lsmid,
+		      AUDIT_CFG_LSM_SECCTX_SUBJECT |
+		      AUDIT_CFG_LSM_SECCTX_OBJECT);
=20
 	return 0;
 }
--=20
2.50.1