From d0c8f0ad5d1ba241470dfa3efbb5b3c1fc22b842 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Wed, 27 Sep 2017 01:13:17 -0400 Subject: [PATCH] UBUNTU: SAUCE: LSM stacking: keep an index for each registered LSM BugLink: http://bugs.launchpad.net/bugs/1763062 Keep an index of the registered LSMs so that it can be used in table lookups and ordering comparisons. pulled from the full LSM stacking patch Signed-off-by: John Johansen Signed-off-by: Seth Forshee --- include/linux/lsm_hooks.h | 1 + security/security.c | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5905d88e9d28..7ddfb6e999f9 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1966,6 +1966,7 @@ struct security_hook_list { struct list_head *head; union security_list_options hook; char *lsm; + int lsm_index; } __randomize_layout; /* diff --git a/security/security.c b/security/security.c index 5439dc346539..4c1fec9f8bc0 100644 --- a/security/security.c +++ b/security/security.c @@ -245,6 +245,11 @@ bool __init security_module_enable(const char *lsm, const bool stacked) #endif } +/* + * Keep the order of major modules for mapping secids. + */ +static int lsm_next_major; + /** * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add @@ -257,8 +262,14 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, char *lsm) { int i; + int lsm_index = lsm_next_major++; + +#ifdef CONFIG_SECURITY_LSM_DEBUG + pr_info("LSM: Security module %s gets index %d\n", lsm, lsm_index); +#endif for (i = 0; i < count; i++) { hooks[i].lsm = lsm; + hooks[i].lsm_index = lsm_index; list_add_tail_rcu(&hooks[i].list, hooks[i].head); } if (lsm_append(lsm, &lsm_names) < 0) -- 2.39.2