diff options
| author | Paul Moore <paul@paul-moore.com> | 2024-10-03 16:43:39 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2024-10-04 11:41:22 -0400 |
| commit | c5e3cdbf2afedef77b64229fd0aed693abf0a0c4 (patch) | |
| tree | da8242dc49c3aaa94c68b366a8bd8d87a8fdb8bc /security/tomoyo/common.h | |
| parent | 9852d85ec9d492ebef56dc5f229416c925758edc (diff) | |
tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support
This patch reverts two TOMOYO patches that were merged into Linus' tree
during the v6.12 merge window:
8b985bbfabbe ("tomoyo: allow building as a loadable LSM module")
268225a1de1a ("tomoyo: preparation step for building as a loadable LSM module")
Together these two patches introduced the CONFIG_SECURITY_TOMOYO_LKM
Kconfig build option which enabled a TOMOYO specific dynamic LSM loading
mechanism (see the original commits for more details). Unfortunately,
this approach was widely rejected by the LSM community as well as some
members of the general kernel community. Objections included concerns
over setting a bad precedent regarding individual LSMs managing their
LSM callback registrations as well as general kernel symbol exporting
practices. With little to no support for the CONFIG_SECURITY_TOMOYO_LKM
approach outside of Tetsuo, and multiple objections, we need to revert
these changes.
Link: https://lore.kernel.org/all/0c4b443a-9c72-4800-97e8-a3816b6a9ae2@I-love.SAKURA.ne.jp
Link: https://lore.kernel.org/all/CAHC9VhR=QjdoHG3wJgHFJkKYBg7vkQH2MpffgVzQ0tAByo_wRg@mail.gmail.com
Acked-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/tomoyo/common.h')
| -rw-r--r-- | security/tomoyo/common.h | 72 |
1 files changed, 0 insertions, 72 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 4f6c52a9f478..0e8e2e959aef 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h @@ -978,7 +978,6 @@ int tomoyo_get_mode(const struct tomoyo_policy_namespace *ns, const u8 profile, int tomoyo_init_request_info(struct tomoyo_request_info *r, struct tomoyo_domain_info *domain, const u8 index); -int __init tomoyo_interface_init(void); int tomoyo_mkdev_perm(const u8 operation, const struct path *path, const unsigned int mode, unsigned int dev); int tomoyo_mount_permission(const char *dev_name, const struct path *path, @@ -1215,14 +1214,10 @@ static inline void tomoyo_put_group(struct tomoyo_group *group) * * Returns pointer to "struct tomoyo_task" for specified thread. */ -#ifdef CONFIG_SECURITY_TOMOYO_LKM -extern struct tomoyo_task *tomoyo_task(struct task_struct *task); -#else static inline struct tomoyo_task *tomoyo_task(struct task_struct *task) { return task->security + tomoyo_blob_sizes.lbs_task; } -#endif /** * tomoyo_same_name_union - Check for duplicated "struct tomoyo_name_union" entry. @@ -1289,71 +1284,4 @@ static inline struct tomoyo_policy_namespace *tomoyo_current_namespace(void) pos = srcu_dereference((head)->next, &tomoyo_ss); \ for ( ; pos != (head); pos = srcu_dereference(pos->next, &tomoyo_ss)) -#ifdef CONFIG_SECURITY_TOMOYO_LKM - -#define LSM_HOOK(RET, DEFAULT, NAME, ...) typedef RET (NAME##_t)(__VA_ARGS__); -#include <linux/lsm_hook_defs.h> -#undef LSM_HOOK - -struct tomoyo_hooks { - cred_prepare_t *cred_prepare; - bprm_committed_creds_t *bprm_committed_creds; - task_alloc_t *task_alloc; - task_free_t *task_free; - bprm_check_security_t *bprm_check_security; - file_fcntl_t *file_fcntl; - file_open_t *file_open; - file_truncate_t *file_truncate; - path_truncate_t *path_truncate; - path_unlink_t *path_unlink; - path_mkdir_t *path_mkdir; - path_rmdir_t *path_rmdir; - path_symlink_t *path_symlink; - path_mknod_t *path_mknod; - path_link_t *path_link; - path_rename_t *path_rename; - inode_getattr_t *inode_getattr; - file_ioctl_t *file_ioctl; - file_ioctl_compat_t *file_ioctl_compat; - path_chmod_t *path_chmod; - path_chown_t *path_chown; - path_chroot_t *path_chroot; - sb_mount_t *sb_mount; - sb_umount_t *sb_umount; - sb_pivotroot_t *sb_pivotroot; - socket_bind_t *socket_bind; - socket_connect_t *socket_connect; - socket_listen_t *socket_listen; - socket_sendmsg_t *socket_sendmsg; -}; - -extern void tomoyo_register_hooks(const struct tomoyo_hooks *tomoyo_hooks); - -struct tomoyo_operations { - void (*check_profile)(void); - int enabled; -}; - -extern struct tomoyo_operations tomoyo_ops; - -/* - * Temporary hack: functions needed by tomoyo.ko . This will be removed - * after all functions are marked as EXPORT_STMBOL_GPL(). - */ -struct tomoyo_tmp_exports { - struct task_struct * (*find_task_by_vpid)(pid_t nr); - struct task_struct * (*find_task_by_pid_ns)(pid_t nr, struct pid_namespace *ns); - void (*put_filesystem)(struct file_system_type *fs); - struct file * (*get_mm_exe_file)(struct mm_struct *mm); - char * (*d_absolute_path)(const struct path *path, char *buf, int buflen); -}; -extern const struct tomoyo_tmp_exports tomoyo_tmp_exports; -#define find_task_by_vpid tomoyo_tmp_exports.find_task_by_vpid -#define find_task_by_pid_ns tomoyo_tmp_exports.find_task_by_pid_ns -#define put_filesystem tomoyo_tmp_exports.put_filesystem -#define get_mm_exe_file tomoyo_tmp_exports.get_mm_exe_file -#define d_absolute_path tomoyo_tmp_exports.d_absolute_path - -#endif /* defined(CONFIG_SECURITY_TOMOYO_LKM) */ - #endif /* !defined(_SECURITY_TOMOYO_COMMON_H) */ |