lsm: cleanup the debug and console output in lsm_init.c

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Move away from an init specific init_debug() macro to a more general
lsm_pr()/lsm_pr_cont()/lsm_pr_dbg() set of macros that are available
both before and after init. In the process we do a number of minor
changes to improve the LSM initialization output and cleanup the code
somewhat.

Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johhansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

Paul Moore 5 months ago 5137e583 45070533

+66 -70

3 changed files

expand all

security

lsm.h

lsm_init.c

security.c

+11

security/lsm.h

··· 6 6 #ifndef _LSM_H_ 7 7 #define _LSM_H_ 8 8 9 + #include <linux/printk.h> 9 10 #include <linux/lsm_hooks.h> 10 11 #include <linux/lsm_count.h> 12 + 13 + /* LSM debugging */ 14 + extern bool lsm_debug; 15 + #define lsm_pr(...) pr_info(__VA_ARGS__) 16 + #define lsm_pr_cont(...) pr_cont(__VA_ARGS__) 17 + #define lsm_pr_dbg(...) \ 18 + do { \ 19 + if (lsm_debug) \ 20 + pr_info(__VA_ARGS__); \ 21 + } while (0) 11 22 12 23 /* List of configured LSMs */ 13 24 extern unsigned int lsm_active_cnt;

+53 -70

security/lsm_init.c

··· 30 30 static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; 31 31 static __initdata struct lsm_info *lsm_exclusive; 32 32 33 - static __initdata bool debug; 34 - #define init_debug(...) \ 35 - do { \ 36 - if (debug) \ 37 - pr_info(__VA_ARGS__); \ 38 - } while (0) 39 - 40 33 #define lsm_order_for_each(iter) \ 41 34 for ((iter) = lsm_order; *(iter); (iter)++) 42 35 #define lsm_for_each_raw(iter) \ ··· 70 77 */ 71 78 static int __init lsm_debug_enable(char *str) 72 79 { 73 - debug = true; 80 + lsm_debug = true; 74 81 return 1; 75 82 } 76 83 __setup("lsm.debug", lsm_debug_enable); ··· 136 143 return; 137 144 138 145 /* Skip explicitly disabled LSMs. */ 139 - if (lsm->enabled && !lsm_is_enabled(lsm)) 140 - goto out; 146 + if (lsm->enabled && !lsm_is_enabled(lsm)) { 147 + lsm_pr_dbg("skip previously disabled LSM %s:%s\n", 148 + src, lsm->id->name); 149 + return; 150 + } 141 151 142 - if (WARN(lsm_active_cnt == MAX_LSM_COUNT, 143 - "%s: out of LSM static calls!?\n", src)) { 152 + if (lsm_active_cnt == MAX_LSM_COUNT) { 153 + pr_warn("exceeded maximum LSM count on %s:%s\n", 154 + src, lsm->id->name); 144 155 lsm_enabled_set(lsm, false); 145 - goto out; 156 + return; 146 157 } 147 158 148 159 if (lsm->flags & LSM_FLAG_EXCLUSIVE) { 149 160 if (lsm_exclusive) { 150 - init_debug("exclusive disabled: %s\n", lsm->id->name); 161 + lsm_pr_dbg("skip exclusive LSM conflict %s:%s\n", 162 + src, lsm->id->name); 151 163 lsm_enabled_set(lsm, false); 152 - goto out; 164 + return; 153 165 } else { 154 - init_debug("exclusive chosen: %s\n", lsm->id->name); 166 + lsm_pr_dbg("select exclusive LSM %s:%s\n", 167 + src, lsm->id->name); 155 168 lsm_exclusive = lsm; 156 169 } 157 170 } ··· 166 167 lsm_order[lsm_active_cnt] = lsm; 167 168 lsm_idlist[lsm_active_cnt++] = lsm->id; 168 169 169 - out: 170 - init_debug("%s ordered: %s (%s)\n", src, lsm->id->name, 171 - lsm_is_enabled(lsm) ? "enabled" : "disabled"); 170 + lsm_pr_dbg("enabling LSM %s:%s\n", src, lsm->id->name); 172 171 } 173 172 174 173 /** ··· 236 239 if (!lsm_is_enabled(lsm)) 237 240 return; 238 241 239 - init_debug("initializing %s\n", lsm->id->name); 242 + lsm_pr_dbg("initializing %s\n", lsm->id->name); 240 243 ret = lsm->init(); 241 244 WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret); 242 245 } ··· 263 266 if ((lsm->flags & LSM_FLAG_LEGACY_MAJOR) && 264 267 strcmp(lsm->id->name, lsm_order_legacy)) { 265 268 lsm_enabled_set(lsm, false); 266 - init_debug("security=%s disabled: %s (only one legacy major LSM)\n", 267 - lsm_order_legacy, lsm->id->name); 269 + lsm_pr_dbg("skip legacy LSM conflict %s:%s\n", 270 + src, lsm->id->name); 268 271 } 269 272 } 270 273 } ··· 307 310 if (lsm_order_exists(lsm)) 308 311 continue; 309 312 lsm_enabled_set(lsm, false); 310 - init_debug("%s skipped: %s (not in requested order)\n", 311 - src, lsm->id->name); 313 + lsm_pr_dbg("skip disabled LSM %s:%s\n", src, lsm->id->name); 312 314 } 313 315 } 314 316 ··· 315 319 * lsm_static_call_init - Initialize a LSM's static calls 316 320 * @hl: LSM hook list 317 321 */ 318 - static void __init lsm_static_call_init(struct security_hook_list *hl) 322 + static int __init lsm_static_call_init(struct security_hook_list *hl) 319 323 { 320 324 struct lsm_static_call *scall = hl->scalls; 321 325 int i; ··· 327 331 hl->hook.lsm_func_addr); 328 332 scall->hl = hl; 329 333 static_branch_enable(scall->active); 330 - return; 334 + return 0; 331 335 } 332 336 scall++; 333 337 } 334 - panic("%s - Ran out of static slots.\n", __func__); 338 + 339 + return -ENOSPC; 335 340 } 336 341 337 342 /** ··· 350 353 351 354 for (i = 0; i < count; i++) { 352 355 hooks[i].lsmid = lsmid; 353 - lsm_static_call_init(&hooks[i]); 356 + if (lsm_static_call_init(&hooks[i])) 357 + panic("exhausted LSM callback slots with LSM %s\n", 358 + lsmid->name); 354 359 } 355 360 } 356 361 ··· 383 384 { 384 385 unsigned int cnt; 385 386 struct lsm_info **lsm; 386 - struct lsm_info *early; 387 - unsigned int first = 0; 388 387 389 - init_debug("legacy security=%s\n", lsm_order_legacy ? : " *unspecified*"); 390 - init_debug(" CONFIG_LSM=%s\n", lsm_order_builtin); 391 - init_debug("boot arg lsm=%s\n", lsm_order_cmdline ? : " *unspecified*"); 388 + if (lsm_debug) { 389 + lsm_pr("built-in LSM list: %s\n", lsm_order_builtin); 390 + lsm_pr("legacy LSM parameter: %s\n", lsm_order_legacy); 391 + lsm_pr("boot LSM parameter: %s\n", lsm_order_cmdline); 392 + } 392 393 393 394 if (lsm_order_cmdline) { 394 - if (lsm_order_legacy) { 395 - pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", 396 - lsm_order_legacy, lsm_order_cmdline); 395 + if (lsm_order_legacy) 397 396 lsm_order_legacy = NULL; 398 - } 399 397 lsm_order_parse(lsm_order_cmdline, "cmdline"); 400 398 } else 401 399 lsm_order_parse(lsm_order_builtin, "builtin"); ··· 400 404 lsm_order_for_each(lsm) 401 405 lsm_prepare(*lsm); 402 406 403 - pr_info("initializing lsm="); 404 - lsm_early_for_each_raw(early) { 405 - if (lsm_is_enabled(early)) 406 - pr_cont("%s%s", 407 - first++ == 0 ? "" : ",", early->id->name); 407 + if (lsm_debug) { 408 + lsm_pr("blob(cred) size %d\n", blob_sizes.lbs_cred); 409 + lsm_pr("blob(file) size %d\n", blob_sizes.lbs_file); 410 + lsm_pr("blob(ib) size %d\n", blob_sizes.lbs_ib); 411 + lsm_pr("blob(inode) size %d\n", blob_sizes.lbs_inode); 412 + lsm_pr("blob(ipc) size %d\n", blob_sizes.lbs_ipc); 413 + lsm_pr("blob(key) size %d\n", blob_sizes.lbs_key); 414 + lsm_pr("blob(msg_msg)_size %d\n", blob_sizes.lbs_msg_msg); 415 + lsm_pr("blob(sock) size %d\n", blob_sizes.lbs_sock); 416 + lsm_pr("blob(superblock) size %d\n", blob_sizes.lbs_superblock); 417 + lsm_pr("blob(perf_event) size %d\n", blob_sizes.lbs_perf_event); 418 + lsm_pr("blob(task) size %d\n", blob_sizes.lbs_task); 419 + lsm_pr("blob(tun_dev) size %d\n", blob_sizes.lbs_tun_dev); 420 + lsm_pr("blob(xattr) count %d\n", blob_sizes.lbs_xattr_count); 421 + lsm_pr("blob(bdev) size %d\n", blob_sizes.lbs_bdev); 422 + lsm_pr("blob(bpf_map) size %d\n", blob_sizes.lbs_bpf_map); 423 + lsm_pr("blob(bpf_prog) size %d\n", blob_sizes.lbs_bpf_prog); 424 + lsm_pr("blob(bpf_token) size %d\n", blob_sizes.lbs_bpf_token); 408 425 } 409 - lsm_order_for_each(lsm) { 410 - if (lsm_is_enabled(*lsm)) 411 - pr_cont("%s%s", 412 - first++ == 0 ? "" : ",", (*lsm)->id->name); 413 - } 414 - pr_cont("\n"); 415 - 416 - init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); 417 - init_debug("file blob size = %d\n", blob_sizes.lbs_file); 418 - init_debug("ib blob size = %d\n", blob_sizes.lbs_ib); 419 - init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); 420 - init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); 421 - #ifdef CONFIG_KEYS 422 - init_debug("key blob size = %d\n", blob_sizes.lbs_key); 423 - #endif /* CONFIG_KEYS */ 424 - init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); 425 - init_debug("sock blob size = %d\n", blob_sizes.lbs_sock); 426 - init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); 427 - init_debug("perf event blob size = %d\n", blob_sizes.lbs_perf_event); 428 - init_debug("task blob size = %d\n", blob_sizes.lbs_task); 429 - init_debug("tun device blob size = %d\n", blob_sizes.lbs_tun_dev); 430 - init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); 431 - init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev); 432 - init_debug("bpf map blob size = %d\n", blob_sizes.lbs_bpf_map); 433 - init_debug("bpf prog blob size = %d\n", blob_sizes.lbs_bpf_prog); 434 - init_debug("bpf token blob size = %d\n", blob_sizes.lbs_bpf_token); 435 426 436 427 if (blob_sizes.lbs_file) 437 428 lsm_file_cache = kmem_cache_create("lsm_file_cache", ··· 430 447 SLAB_PANIC, NULL); 431 448 432 449 if (lsm_cred_alloc((struct cred __rcu *)current->cred, GFP_KERNEL)) 433 - panic("%s: early cred alloc failed.\n", __func__); 450 + panic("early LSM cred alloc failed\n"); 434 451 if (lsm_task_alloc(current)) 435 - panic("%s: early task alloc failed.\n", __func__); 452 + panic("early LSM task alloc failed\n"); 436 453 437 454 cnt = 0; 438 455 lsm_order_for_each(lsm) {

security/security.c

··· 73 73 [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", 74 74 }; 75 75 76 + bool lsm_debug __ro_after_init; 77 + 76 78 unsigned int lsm_active_cnt __ro_after_init; 77 79 const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; 78 80