LSM: Make the Labeled IPsec hooks more stack friendly

The xfrm_get_policy() and xfrm_add_pol_expire() put some rather large structs on the stack to work around the LSM API. This patch attempts to fix that problem by changing the LSM API to require only the relevant "security" pointers instead of the entire SPD entry; we do this for all of the security_xfrm_policy*() functions to keep things consistent. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Paul Moore <paul.moore@hp.com> 2008-04-12 22:07:52 -0400
committer: David S. Miller <davem@davemloft.net> 2008-04-12 22:07:52 -0400
commit: 03e1ad7b5d871d4189b1da3125c2f12d1b5f7d0b (patch)
tree: 1e7f291ac6bd0c1f3a95e8252c32fcce7ff47ea7 /include/linux/security.h
parent: 00447872a643787411c2c0cb1df6169dda8b0c47 (diff)
1 files changed, 24 insertions, 24 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index c673dfd4dffc..f5eb9ff47ac5 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -910,24 +910,24 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 * Security hooks for XFRM operations.
 *
 * @xfrm_policy_alloc_security:
- *      @xp contains the xfrm_policy being added to Security Policy Database
+ *      @ctxp is a pointer to the xfrm_sec_ctx being added to Security Policy
- *      used by the XFRM system.
+ *      Database used by the XFRM system.
 *      @sec_ctx contains the security context information being provided by
 *      the user-level policy update program (e.g., setkey).
 *      Allocate a security structure to the xp->security field; the security
 *      field is initialized to NULL when the xfrm_policy is allocated.
 *      Return 0 if operation was successful (memory to allocate, legal context)
 * @xfrm_policy_clone_security:
- *      @old contains an existing xfrm_policy in the SPD.
+ *      @old_ctx contains an existing xfrm_sec_ctx.
- *      @new contains a new xfrm_policy being cloned from old.
+ *      @new_ctxp contains a new xfrm_sec_ctx being cloned from old.
- *      Allocate a security structure to the new->security field
+ *      Allocate a security structure in new_ctxp that contains the
- *      that contains the information from the old->security field.
+ *      information from the old_ctx structure.
 *      Return 0 if operation was successful (memory to allocate).
 * @xfrm_policy_free_security:
- *      @xp contains the xfrm_policy
+ *      @ctx contains the xfrm_sec_ctx
 *      Deallocate xp->security.
 * @xfrm_policy_delete_security:
- *      @xp contains the xfrm_policy.
+ *      @ctx contains the xfrm_sec_ctx.
 *      Authorize deletion of xp->security.
 * @xfrm_state_alloc_security:
 *      @x contains the xfrm_state being added to the Security Association
@@ -947,7 +947,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      @x contains the xfrm_state.
 *      Authorize deletion of x->security.
 * @xfrm_policy_lookup:
- *      @xp contains the xfrm_policy for which the access control is being
+ *      @ctx contains the xfrm_sec_ctx for which the access control is being
 *      checked.
 *      @fl_secid contains the flow security label that is used to authorize
 *      access to the policy xp.
@@ -1454,17 +1454,17 @@ struct security_operations {
 #endif  /* CONFIG_SECURITY_NETWORK */
 #ifdef CONFIG_SECURITY_NETWORK_XFRM
-        int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp,
+        int (*xfrm_policy_alloc_security) (struct xfrm_sec_ctx **ctxp,
                        struct xfrm_user_sec_ctx *sec_ctx);
-        int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new);
+        int (*xfrm_policy_clone_security) (struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx);
-        void (*xfrm_policy_free_security) (struct xfrm_policy *xp);
+        void (*xfrm_policy_free_security) (struct xfrm_sec_ctx *ctx);
-        int (*xfrm_policy_delete_security) (struct xfrm_policy *xp);
+        int (*xfrm_policy_delete_security) (struct xfrm_sec_ctx *ctx);
        int (*xfrm_state_alloc_security) (struct xfrm_state *x,
                struct xfrm_user_sec_ctx *sec_ctx,
                u32 secid);
        void (*xfrm_state_free_security) (struct xfrm_state *x);
        int (*xfrm_state_delete_security) (struct xfrm_state *x);
-        int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 fl_secid, u8 dir);
+        int (*xfrm_policy_lookup)(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir);
        int (*xfrm_state_pol_flow_match)(struct xfrm_state *x,
                        struct xfrm_policy *xp, struct flowi *fl);
        int (*xfrm_decode_session)(struct sk_buff *skb, u32 *secid, int ckall);
@@ -2562,16 +2562,16 @@ static inline void security_inet_conn_established(struct sock *sk,
 #ifdef CONFIG_SECURITY_NETWORK_XFRM
-int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx);
+int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx);
-int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new);
+int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctxp);
-void security_xfrm_policy_free(struct xfrm_policy *xp);
+void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx);
-int security_xfrm_policy_delete(struct xfrm_policy *xp);
+int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx);
 int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx);
 int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
                                      struct xfrm_sec_ctx *polsec, u32 secid);
 int security_xfrm_state_delete(struct xfrm_state *x);
 void security_xfrm_state_free(struct xfrm_state *x);
-int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir);
+int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir);
 int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
                                       struct xfrm_policy *xp, struct flowi *fl);
 int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid);
@@ -2579,21 +2579,21 @@ void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl);
 #else   /* CONFIG_SECURITY_NETWORK_XFRM */
-static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
+static inline int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx)
 {
        return 0;
 }
-static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
+static inline int security_xfrm_policy_clone(struct xfrm_sec_ctx *old, struct xfrm_sec_ctx **new_ctxp)
 {
        return 0;
 }
-static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
+static inline void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx)
 {
 }
-static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
+static inline int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx)
 {
        return 0;
 }
@@ -2619,7 +2619,7 @@ static inline int security_xfrm_state_delete(struct xfrm_state *x)
        return 0;
 }
-static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir)
+static inline int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir)
 {
        return 0;
 }
author	Paul Moore <paul.moore@hp.com>	2008-04-12 22:07:52 -0400
committer	David S. Miller <davem@davemloft.net>	2008-04-12 22:07:52 -0400
commit	03e1ad7b5d871d4189b1da3125c2f12d1b5f7d0b (patch)
tree	1e7f291ac6bd0c1f3a95e8252c32fcce7ff47ea7 /include/linux/security.h
parent	00447872a643787411c2c0cb1df6169dda8b0c47 (diff)

diff --git a/include/linux/security.h b/include/linux/security.h index c673dfd4dffc..f5eb9ff47ac5 100644 --- a/include/linux/security.h +++ b/include/linux/security.h
@@ -910,24 +910,24 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
910	* Security hooks for XFRM operations.	910	* Security hooks for XFRM operations.
911	*	911	*
912	* @xfrm_policy_alloc_security:	912	* @xfrm_policy_alloc_security:
913	* @xp contains the xfrm_policy being added to Security Policy Database	913	* @ctxp is a pointer to the xfrm_sec_ctx being added to Security Policy
914	* used by the XFRM system.	914	* Database used by the XFRM system.
915	* @sec_ctx contains the security context information being provided by	915	* @sec_ctx contains the security context information being provided by
916	* the user-level policy update program (e.g., setkey).	916	* the user-level policy update program (e.g., setkey).
917	* Allocate a security structure to the xp->security field; the security	917	* Allocate a security structure to the xp->security field; the security
918	* field is initialized to NULL when the xfrm_policy is allocated.	918	* field is initialized to NULL when the xfrm_policy is allocated.
919	* Return 0 if operation was successful (memory to allocate, legal context)	919	* Return 0 if operation was successful (memory to allocate, legal context)
920	* @xfrm_policy_clone_security:	920	* @xfrm_policy_clone_security:
921	* @old contains an existing xfrm_policy in the SPD.	921	* @old_ctx contains an existing xfrm_sec_ctx.
922	* @new contains a new xfrm_policy being cloned from old.	922	* @new_ctxp contains a new xfrm_sec_ctx being cloned from old.
923	* Allocate a security structure to the new->security field	923	* Allocate a security structure in new_ctxp that contains the
924	* that contains the information from the old->security field.	924	* information from the old_ctx structure.
925	* Return 0 if operation was successful (memory to allocate).	925	* Return 0 if operation was successful (memory to allocate).
926	* @xfrm_policy_free_security:	926	* @xfrm_policy_free_security:
927	* @xp contains the xfrm_policy	927	* @ctx contains the xfrm_sec_ctx
928	* Deallocate xp->security.	928	* Deallocate xp->security.
929	* @xfrm_policy_delete_security:	929	* @xfrm_policy_delete_security:
930	* @xp contains the xfrm_policy.	930	* @ctx contains the xfrm_sec_ctx.
931	* Authorize deletion of xp->security.	931	* Authorize deletion of xp->security.
932	* @xfrm_state_alloc_security:	932	* @xfrm_state_alloc_security:
933	* @x contains the xfrm_state being added to the Security Association	933	* @x contains the xfrm_state being added to the Security Association
@@ -947,7 +947,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
947	* @x contains the xfrm_state.	947	* @x contains the xfrm_state.
948	* Authorize deletion of x->security.	948	* Authorize deletion of x->security.
949	* @xfrm_policy_lookup:	949	* @xfrm_policy_lookup:
950	* @xp contains the xfrm_policy for which the access control is being	950	* @ctx contains the xfrm_sec_ctx for which the access control is being
951	* checked.	951	* checked.
952	* @fl_secid contains the flow security label that is used to authorize	952	* @fl_secid contains the flow security label that is used to authorize
953	* access to the policy xp.	953	* access to the policy xp.
@@ -1454,17 +1454,17 @@ struct security_operations {
1454	#endif /* CONFIG_SECURITY_NETWORK */	1454	#endif /* CONFIG_SECURITY_NETWORK */
1455		1455
1456	#ifdef CONFIG_SECURITY_NETWORK_XFRM	1456	#ifdef CONFIG_SECURITY_NETWORK_XFRM
1457	int (xfrm_policy_alloc_security) (struct xfrm_policy xp,	1457	int (xfrm_policy_alloc_security) (struct xfrm_sec_ctx *ctxp,
1458	struct xfrm_user_sec_ctx *sec_ctx);	1458	struct xfrm_user_sec_ctx *sec_ctx);
1459	int (xfrm_policy_clone_security) (struct xfrm_policy old, struct xfrm_policy *new);	1459	int (xfrm_policy_clone_security) (struct xfrm_sec_ctx old_ctx, struct xfrm_sec_ctx **new_ctx);
1460	void (xfrm_policy_free_security) (struct xfrm_policy xp);	1460	void (xfrm_policy_free_security) (struct xfrm_sec_ctx ctx);
1461	int (xfrm_policy_delete_security) (struct xfrm_policy xp);	1461	int (xfrm_policy_delete_security) (struct xfrm_sec_ctx ctx);
1462	int (xfrm_state_alloc_security) (struct xfrm_state x,	1462	int (xfrm_state_alloc_security) (struct xfrm_state x,
1463	struct xfrm_user_sec_ctx *sec_ctx,	1463	struct xfrm_user_sec_ctx *sec_ctx,
1464	u32 secid);	1464	u32 secid);
1465	void (xfrm_state_free_security) (struct xfrm_state x);	1465	void (xfrm_state_free_security) (struct xfrm_state x);
1466	int (xfrm_state_delete_security) (struct xfrm_state x);	1466	int (xfrm_state_delete_security) (struct xfrm_state x);
1467	int (xfrm_policy_lookup)(struct xfrm_policy xp, u32 fl_secid, u8 dir);	1467	int (xfrm_policy_lookup)(struct xfrm_sec_ctx ctx, u32 fl_secid, u8 dir);
1468	int (xfrm_state_pol_flow_match)(struct xfrm_state x,	1468	int (xfrm_state_pol_flow_match)(struct xfrm_state x,
1469	struct xfrm_policy xp, struct flowi fl);	1469	struct xfrm_policy xp, struct flowi fl);
1470	int (xfrm_decode_session)(struct sk_buff skb, u32 *secid, int ckall);	1470	int (xfrm_decode_session)(struct sk_buff skb, u32 *secid, int ckall);
@@ -2562,16 +2562,16 @@ static inline void security_inet_conn_established(struct sock *sk,
2562		2562
2563	#ifdef CONFIG_SECURITY_NETWORK_XFRM	2563	#ifdef CONFIG_SECURITY_NETWORK_XFRM
2564		2564
2565	int security_xfrm_policy_alloc(struct xfrm_policy xp, struct xfrm_user_sec_ctx sec_ctx);	2565	int security_xfrm_policy_alloc(struct xfrm_sec_ctx *ctxp, struct xfrm_user_sec_ctx sec_ctx);
2566	int security_xfrm_policy_clone(struct xfrm_policy old, struct xfrm_policy new);	2566	int security_xfrm_policy_clone(struct xfrm_sec_ctx old_ctx, struct xfrm_sec_ctx *new_ctxp);
2567	void security_xfrm_policy_free(struct xfrm_policy *xp);	2567	void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx);
2568	int security_xfrm_policy_delete(struct xfrm_policy *xp);	2568	int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx);
2569	int security_xfrm_state_alloc(struct xfrm_state x, struct xfrm_user_sec_ctx sec_ctx);	2569	int security_xfrm_state_alloc(struct xfrm_state x, struct xfrm_user_sec_ctx sec_ctx);
2570	int security_xfrm_state_alloc_acquire(struct xfrm_state *x,	2570	int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
2571	struct xfrm_sec_ctx *polsec, u32 secid);	2571	struct xfrm_sec_ctx *polsec, u32 secid);
2572	int security_xfrm_state_delete(struct xfrm_state *x);	2572	int security_xfrm_state_delete(struct xfrm_state *x);
2573	void security_xfrm_state_free(struct xfrm_state *x);	2573	void security_xfrm_state_free(struct xfrm_state *x);
2574	int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir);	2574	int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir);
2575	int security_xfrm_state_pol_flow_match(struct xfrm_state *x,	2575	int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
2576	struct xfrm_policy xp, struct flowi fl);	2576	struct xfrm_policy xp, struct flowi fl);
2577	int security_xfrm_decode_session(struct sk_buff skb, u32 secid);	2577	int security_xfrm_decode_session(struct sk_buff skb, u32 secid);
@@ -2579,21 +2579,21 @@ void security_skb_classify_flow(struct sk_buff skb, struct flowi fl);
2579		2579
2580	#else /* CONFIG_SECURITY_NETWORK_XFRM */	2580	#else /* CONFIG_SECURITY_NETWORK_XFRM */
2581		2581
2582	static inline int security_xfrm_policy_alloc(struct xfrm_policy xp, struct xfrm_user_sec_ctx sec_ctx)	2582	static inline int security_xfrm_policy_alloc(struct xfrm_sec_ctx *ctxp, struct xfrm_user_sec_ctx sec_ctx)
2583	{	2583	{
2584	return 0;	2584	return 0;
2585	}	2585	}
2586		2586
2587	static inline int security_xfrm_policy_clone(struct xfrm_policy old, struct xfrm_policy new)	2587	static inline int security_xfrm_policy_clone(struct xfrm_sec_ctx old, struct xfrm_sec_ctx *new_ctxp)
2588	{	2588	{
2589	return 0;	2589	return 0;
2590	}	2590	}
2591		2591
2592	static inline void security_xfrm_policy_free(struct xfrm_policy *xp)	2592	static inline void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx)
2593	{	2593	{
2594	}	2594	}
2595		2595
2596	static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)	2596	static inline int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx)
2597	{	2597	{
2598	return 0;	2598	return 0;
2599	}	2599	}
@@ -2619,7 +2619,7 @@ static inline int security_xfrm_state_delete(struct xfrm_state *x)
2619	return 0;	2619	return 0;
2620	}	2620	}
2621		2621
2622	static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir)	2622	static inline int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir)
2623	{	2623	{
2624	return 0;	2624	return 0;
2625	}	2625	}