linux/security
David Howells 8c0637e950 keys: Make the KEY_NEED_* perms an enum rather than a mask
Since the meaning of combining the KEY_NEED_* constants is undefined, make
it so that you can't do that by turning them into an enum.

The enum is also given some extra values to represent special
circumstances, such as:

 (1) The '0' value is reserved and causes a warning to trap the parameter
     being unset.

 (2) The key is to be unlinked and we require no permissions on it, only
     the keyring, (this replaces the KEY_LOOKUP_FOR_UNLINK flag).

 (3) An override due to CAP_SYS_ADMIN.

 (4) An override due to an instantiation token being present.

 (5) The permissions check is being deferred to later key_permission()
     calls.

The extra values give the opportunity for LSMs to audit these situations.

[Note: This really needs overhauling so that lookup_user_key() tells
 key_task_permission() and the LSM what operation is being done and leaves
 it to those functions to decide how to map that onto the available
 permits.  However, I don't really want to make these change in the middle
 of the notifications patchset.]

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
cc: Paul Moore <paul@paul-moore.com>
cc: Stephen Smalley <stephen.smalley.work@gmail.com>
cc: Casey Schaufler <casey@schaufler-ca.com>
cc: keyrings@vger.kernel.org
cc: selinux@vger.kernel.org
2020-05-19 15:42:22 +01:00
..
apparmor .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
bpf bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
integrity Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity 2020-04-02 14:49:46 -07:00
keys keys: Make the KEY_NEED_* perms an enum rather than a mask 2020-05-19 15:42:22 +01:00
loadpin proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
lockdown security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
safesetid security/safesetid: Replace rcu_swap_protected() with rcu_replace_pointer() 2019-10-30 08:45:57 -07:00
selinux keys: Make the KEY_NEED_* perms an enum rather than a mask 2020-05-19 15:42:22 +01:00
smack keys: Make the KEY_NEED_* perms an enum rather than a mask 2020-05-19 15:42:22 +01:00
tomoyo .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
yama proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
commoncap.c Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-07-09 12:24:21 -07:00
device_cgroup.c device_cgroup: Export devcgroup_check_permission 2019-10-07 15:11:38 -05:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
Kconfig.hardening meminit fix 2019-07-28 12:33:15 -07:00
lsm_audit.c security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
Makefile bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c keys: Make the KEY_NEED_* perms an enum rather than a mask 2020-05-19 15:42:22 +01:00