From 6be8750b4cba8c37170f46b29841d112f1be749b Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 1 Dec 2018 22:42:44 -0500 Subject: LSM: lift parsing LSM options into the caller of ->sb_kern_mount() This paves the way for retaining the LSM options from a common filesystem mount context during a mount parameter parsing phase to be instituted prior to actual mount/reconfiguration actions. Reviewed-by: David Howells Signed-off-by: Al Viro --- fs/super.c | 24 ++++++++++++++++-------- include/linux/lsm_hooks.h | 3 ++- include/linux/security.h | 6 ++++-- security/security.c | 5 +++-- security/selinux/hooks.c | 24 +++--------------------- security/smack/smack_lsm.c | 23 +++-------------------- 6 files changed, 31 insertions(+), 54 deletions(-) diff --git a/fs/super.c b/fs/super.c index 6654de035893..8d9c9199832d 100644 --- a/fs/super.c +++ b/fs/super.c @@ -1246,17 +1246,26 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data) { struct dentry *root; struct super_block *sb; - char *secdata = NULL; int error = -ENOMEM; + struct security_mnt_opts opts; + + security_init_mnt_opts(&opts); if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) { - secdata = alloc_secdata(); + char *secdata = alloc_secdata(); if (!secdata) - goto out; + return ERR_PTR(-ENOMEM); error = security_sb_copy_data(data, secdata); + if (error) { + free_secdata(secdata); + return ERR_PTR(error); + } + + error = security_sb_parse_opts_str(secdata, &opts); + free_secdata(secdata); if (error) - goto out_free_secdata; + return ERR_PTR(error); } root = type->mount(type, flags, name, data); @@ -1277,7 +1286,7 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data) smp_wmb(); sb->s_flags |= SB_BORN; - error = security_sb_kern_mount(sb, flags, secdata); + error = security_sb_kern_mount(sb, flags, &opts); if (error) goto out_sb; @@ -1291,14 +1300,13 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data) "negative value (%lld)\n", type->name, sb->s_maxbytes); up_write(&sb->s_umount); - free_secdata(secdata); + security_free_mnt_opts(&opts); return root; out_sb: dput(root); deactivate_locked_super(sb); out_free_secdata: - free_secdata(secdata); -out: + security_free_mnt_opts(&opts); return ERR_PTR(error); } diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index aaeb7fa24dc4..c7f67341fd1d 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1463,7 +1463,8 @@ union security_list_options { void (*sb_free_security)(struct super_block *sb); int (*sb_copy_data)(char *orig, char *copy); int (*sb_remount)(struct super_block *sb, void *data); - int (*sb_kern_mount)(struct super_block *sb, int flags, void *data); + int (*sb_kern_mount)(struct super_block *sb, int flags, + struct security_mnt_opts *opts); int (*sb_show_options)(struct seq_file *m, struct super_block *sb); int (*sb_statfs)(struct dentry *dentry); int (*sb_mount)(const char *dev_name, const struct path *path, diff --git a/include/linux/security.h b/include/linux/security.h index d170a5b031f3..f2f88e41f35f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -250,7 +250,8 @@ int security_sb_alloc(struct super_block *sb); void security_sb_free(struct super_block *sb); int security_sb_copy_data(char *orig, char *copy); int security_sb_remount(struct super_block *sb, void *data); -int security_sb_kern_mount(struct super_block *sb, int flags, void *data); +int security_sb_kern_mount(struct super_block *sb, int flags, + struct security_mnt_opts *opts); int security_sb_show_options(struct seq_file *m, struct super_block *sb); int security_sb_statfs(struct dentry *dentry); int security_sb_mount(const char *dev_name, const struct path *path, @@ -565,7 +566,8 @@ static inline int security_sb_remount(struct super_block *sb, void *data) return 0; } -static inline int security_sb_kern_mount(struct super_block *sb, int flags, void *data) +static inline int security_sb_kern_mount(struct super_block *sb, int flags, + struct security_mnt_opts *opts) { return 0; } diff --git a/security/security.c b/security/security.c index 04d173eb93f6..b5fc8e1e849c 100644 --- a/security/security.c +++ b/security/security.c @@ -395,9 +395,10 @@ int security_sb_remount(struct super_block *sb, void *data) return call_int_hook(sb_remount, 0, sb, data); } -int security_sb_kern_mount(struct super_block *sb, int flags, void *data) +int security_sb_kern_mount(struct super_block *sb, int flags, + struct security_mnt_opts *opts) { - return call_int_hook(sb_kern_mount, 0, sb, flags, data); + return call_int_hook(sb_kern_mount, 0, sb, flags, opts); } int security_sb_show_options(struct seq_file *m, struct super_block *sb) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 4bd6f9435e2f..ba229d4a64d3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2897,30 +2897,12 @@ out_bad_option: goto out_free_opts; } -static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) +static int selinux_sb_kern_mount(struct super_block *sb, int flags, + struct security_mnt_opts *opts) { - char *options = data; const struct cred *cred = current_cred(); struct common_audit_data ad; - int rc = 0; - struct security_mnt_opts opts; - - security_init_mnt_opts(&opts); - - if (!data) - goto out; - - BUG_ON(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA); - - rc = selinux_parse_opts_str(options, &opts); - if (rc) - goto out_err; - -out: - rc = selinux_set_mnt_opts(sb, &opts, 0, NULL); - -out_err: - security_free_mnt_opts(&opts); + int rc = selinux_set_mnt_opts(sb, opts, 0, NULL); if (rc) return rc; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 73e41797960e..1d465ae3d11c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -859,27 +859,10 @@ static int smack_set_mnt_opts(struct super_block *sb, * * Returns 0 on success, an error code on failure */ -static int smack_sb_kern_mount(struct super_block *sb, int flags, void *data) +static int smack_sb_kern_mount(struct super_block *sb, int flags, + struct security_mnt_opts *opts) { - int rc = 0; - char *options = data; - struct security_mnt_opts opts; - - security_init_mnt_opts(&opts); - - if (!options) - goto out; - - rc = smack_parse_opts_str(options, &opts); - if (rc) - goto out_err; - -out: - rc = smack_set_mnt_opts(sb, &opts, 0, NULL); - -out_err: - security_free_mnt_opts(&opts); - return rc; + return smack_set_mnt_opts(sb, opts, 0, NULL); } /** -- cgit v1.2.3