Merge tag 'selinux-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux updates from Paul Moore:

 - Add a new SELinux initial SID, SECINITSID_INIT, to represent
   userspace processes started before the SELinux policy is loaded in
   early boot.

   Prior to this patch all processes were marked as SECINITSID_KERNEL
   before the SELinux policy was loaded, making it difficult to
   distinquish early boot userspace processes from the kernel in the
   SELinux policy.

   For most users this will be a non-issue as the policy is loaded early
   enough during boot, but for users who load their SELinux policy
   relatively late, this should make it easier to construct meaningful
   security policies.

 - Cleanups to the selinuxfs code by Al, mostly on VFS related issues
   during a policy reload.

   The commit description has more detail, but the quick summary is that
   we are replacing a disconnected directory approach with a temporary
   directory that we swapover at the end of the reload.

 - Fix an issue where the input sanity checking on socket bind()
   operations was slightly different depending on the presence of
   SELinux.

   This is caused by the placement of the LSM hooks in the generic
   socket layer as opposed to the protocol specific bind() handler where
   the protocol specific sanity checks are performed. Mickaël has
   mentioned that he is working to fix this, but in the meantime we just
   ensure that we are replicating the checks properly.

   We need to balance the placement of the LSM hooks with the number of
   LSM hooks; pushing the hooks down into the protocol layers is likely
   not the right answer.

 - Update the avc_has_perm_noaudit() prototype to better match the
   function definition.

 - Migrate from using partial_name_hash() to full_name_hash() the
   filename transition hash table.

   This improves the quality of the code and has the potential for a
   minor performance bump.

 - Consolidate some open coded SELinux access vector comparisions into a
   single new function, avtab_node_cmp(), and use that instead.

   A small, but nice win for code quality and maintainability.

 - Updated the SELinux MAINTAINERS entry with additional information
   around process, bug reporting, etc.

   We're also updating some of our "official" roles: dropping Eric Paris
   and adding Ondrej as a reviewer.

 - Cleanup the coding style crimes in security/selinux/include.

   While I'm not a fan of code churn, I am pushing for more automated
   code checks that can be done at the developer level and one of the
   obvious things to check for is coding style.

   In an effort to start from a "good" base I'm slowly working through
   our source files cleaning them up with the help of clang-format and
   good ol' fashioned human eyeballs; this has the first batch of these
   changes.

   I've been splitting the changes up per-file to help reduce the impact
   if backports are required (either for LTS or distro kernels), and I
   expect the some of the larger files, e.g. hooks.c and ss/services.c,
   will likely need to be split even further.

 - Cleanup old, outdated comments.

* tag 'selinux-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: (24 commits)
  selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
  selinux: fix style issues in security/selinux/include/initial_sid_to_string.h
  selinux: fix style issues in security/selinux/include/xfrm.h
  selinux: fix style issues in security/selinux/include/security.h
  selinux: fix style issues with security/selinux/include/policycap_names.h
  selinux: fix style issues in security/selinux/include/policycap.h
  selinux: fix style issues in security/selinux/include/objsec.h
  selinux: fix style issues with security/selinux/include/netlabel.h
  selinux: fix style issues in security/selinux/include/netif.h
  selinux: fix style issues in security/selinux/include/ima.h
  selinux: fix style issues in security/selinux/include/conditional.h
  selinux: fix style issues in security/selinux/include/classmap.h
  selinux: fix style issues in security/selinux/include/avc_ss.h
  selinux: align avc_has_perm_noaudit() prototype with definition
  selinux: fix style issues in security/selinux/include/avc.h
  selinux: fix style issues in security/selinux/include/audit.h
  MAINTAINERS: drop Eric Paris from his SELinux role
  MAINTAINERS: add Ondrej Mosnacek as a SELinux reviewer
  selinux: remove the wrong comment about multithreaded process handling
  selinux: introduce an initial SID for early boot processes
  ...

1 files changed, 65 insertions, 64 deletions

diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index 8159fd53c3de..dea1d6f3ed2d 100644
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -13,6 +13,7 @@
  *  Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@redhat.com>
  *  Copyright (C) 2016 Mellanox Technologies
  */
+
 #ifndef _SELINUX_OBJSEC_H_
 #define _SELINUX_OBJSEC_H_
 
@@ -29,122 +30,122 @@
 #include "avc.h"
 
 struct task_security_struct {
-	u32 osid;		/* SID prior to last execve */
-	u32 sid;		/* current SID */
-	u32 exec_sid;		/* exec SID */
-	u32 create_sid;		/* fscreate SID */
-	u32 keycreate_sid;	/* keycreate SID */
-	u32 sockcreate_sid;	/* fscreate SID */
+	u32 osid; /* SID prior to last execve */
+	u32 sid; /* current SID */
+	u32 exec_sid; /* exec SID */
+	u32 create_sid; /* fscreate SID */
+	u32 keycreate_sid; /* keycreate SID */
+	u32 sockcreate_sid; /* fscreate SID */
 } __randomize_layout;
 
 enum label_initialized {
-	LABEL_INVALID,		/* invalid or not initialized */
-	LABEL_INITIALIZED,	/* initialized */
+	LABEL_INVALID, /* invalid or not initialized */
+	LABEL_INITIALIZED, /* initialized */
 	LABEL_PENDING
 };
 
 struct inode_security_struct {
-	struct inode *inode;	/* back pointer to inode object */
-	struct list_head list;	/* list of inode_security_struct */
-	u32 task_sid;		/* SID of creating task */
-	u32 sid;		/* SID of this object */
-	u16 sclass;		/* security class of this object */
-	unsigned char initialized;	/* initialization flag */
+	struct inode *inode; /* back pointer to inode object */
+	struct list_head list; /* list of inode_security_struct */
+	u32 task_sid; /* SID of creating task */
+	u32 sid; /* SID of this object */
+	u16 sclass; /* security class of this object */
+	unsigned char initialized; /* initialization flag */
 	spinlock_t lock;
 };
 
 struct file_security_struct {
-	u32 sid;		/* SID of open file description */
-	u32 fown_sid;		/* SID of file owner (for SIGIO) */
-	u32 isid;		/* SID of inode at the time of file open */
-	u32 pseqno;		/* Policy seqno at the time of file open */
+	u32 sid; /* SID of open file description */
+	u32 fown_sid; /* SID of file owner (for SIGIO) */
+	u32 isid; /* SID of inode at the time of file open */
+	u32 pseqno; /* Policy seqno at the time of file open */
 };
 
 struct superblock_security_struct {
-	u32 sid;			/* SID of file system superblock */
-	u32 def_sid;			/* default SID for labeling */
-	u32 mntpoint_sid;		/* SECURITY_FS_USE_MNTPOINT context for files */
-	unsigned short behavior;	/* labeling behavior */
-	unsigned short flags;		/* which mount options were specified */
+	u32 sid; /* SID of file system superblock */
+	u32 def_sid; /* default SID for labeling */
+	u32 mntpoint_sid; /* SECURITY_FS_USE_MNTPOINT context for files */
+	unsigned short behavior; /* labeling behavior */
+	unsigned short flags; /* which mount options were specified */
 	struct mutex lock;
 	struct list_head isec_head;
 	spinlock_t isec_lock;
 };
 
 struct msg_security_struct {
-	u32 sid;	/* SID of message */
+	u32 sid; /* SID of message */
 };
 
 struct ipc_security_struct {
-	u16 sclass;	/* security class of this object */
-	u32 sid;	/* SID of IPC resource */
+	u16 sclass; /* security class of this object */
+	u32 sid; /* SID of IPC resource */
 };
 
 struct netif_security_struct {
-	struct net *ns;			/* network namespace */
-	int ifindex;			/* device index */
-	u32 sid;			/* SID for this interface */
+	struct net *ns; /* network namespace */
+	int ifindex; /* device index */
+	u32 sid; /* SID for this interface */
 };
 
 struct netnode_security_struct {
 	union {
-		__be32 ipv4;		/* IPv4 node address */
-		struct in6_addr ipv6;	/* IPv6 node address */
+		__be32 ipv4; /* IPv4 node address */
+		struct in6_addr ipv6; /* IPv6 node address */
 	} addr;
-	u32 sid;			/* SID for this node */
-	u16 family;			/* address family */
+	u32 sid; /* SID for this node */
+	u16 family; /* address family */
 };
 
 struct netport_security_struct {
-	u32 sid;			/* SID for this node */
-	u16 port;			/* port number */
-	u8 protocol;			/* transport protocol */
+	u32 sid; /* SID for this node */
+	u16 port; /* port number */
+	u8 protocol; /* transport protocol */
 };
 
 struct sk_security_struct {
 #ifdef CONFIG_NETLABEL
-	enum {				/* NetLabel state */
-		NLBL_UNSET = 0,
-		NLBL_REQUIRE,
-		NLBL_LABELED,
-		NLBL_REQSKB,
-		NLBL_CONNLABELED,
+	enum { /* NetLabel state */
+	       NLBL_UNSET = 0,
+	       NLBL_REQUIRE,
+	       NLBL_LABELED,
+	       NLBL_REQSKB,
+	       NLBL_CONNLABELED,
 	} nlbl_state;
 	struct netlbl_lsm_secattr *nlbl_secattr; /* NetLabel sec attributes */
 #endif
-	u32 sid;			/* SID of this object */
-	u32 peer_sid;			/* SID of peer */
-	u16 sclass;			/* sock security class */
-	enum {				/* SCTP association state */
-		SCTP_ASSOC_UNSET = 0,
-		SCTP_ASSOC_SET,
+	u32 sid; /* SID of this object */
+	u32 peer_sid; /* SID of peer */
+	u16 sclass; /* sock security class */
+	enum { /* SCTP association state */
+	       SCTP_ASSOC_UNSET = 0,
+	       SCTP_ASSOC_SET,
 	} sctp_assoc_state;
 };
 
 struct tun_security_struct {
-	u32 sid;			/* SID for the tun device sockets */
+	u32 sid; /* SID for the tun device sockets */
 };
 
 struct key_security_struct {
-	u32 sid;	/* SID of key */
+	u32 sid; /* SID of key */
 };
 
 struct ib_security_struct {
-	u32 sid;        /* SID of the queue pair or MAD agent */
+	u32 sid; /* SID of the queue pair or MAD agent */
 };
 
 struct pkey_security_struct {
-	u64	subnet_prefix; /* Port subnet prefix */
-	u16	pkey;	/* PKey number */
-	u32	sid;	/* SID of pkey */
+	u64 subnet_prefix; /* Port subnet prefix */
+	u16 pkey; /* PKey number */
+	u32 sid; /* SID of pkey */
 };
 
 struct bpf_security_struct {
-	u32 sid;  /* SID of bpf obj creator */
+	u32 sid; /* SID of bpf obj creator */
 };
 
 struct perf_event_security_struct {
-	u32 sid;  /* SID of perf_event obj creator */
+	u32 sid; /* SID of perf_event obj creator */
 };
 
 extern struct lsm_blob_sizes selinux_blob_sizes;
@@ -158,22 +159,22 @@ static inline struct file_security_struct *selinux_file(const struct file *file)
 	return file->f_security + selinux_blob_sizes.lbs_file;
 }
 
-static inline struct inode_security_struct *selinux_inode(
-						const struct inode *inode)
+static inline struct inode_security_struct *
+selinux_inode(const struct inode *inode)
 {
 	if (unlikely(!inode->i_security))
 		return NULL;
 	return inode->i_security + selinux_blob_sizes.lbs_inode;
 }
 
-static inline struct msg_security_struct *selinux_msg_msg(
-						const struct msg_msg *msg_msg)
+static inline struct msg_security_struct *
+selinux_msg_msg(const struct msg_msg *msg_msg)
 {
 	return msg_msg->security + selinux_blob_sizes.lbs_msg_msg;
 }
 
-static inline struct ipc_security_struct *selinux_ipc(
-						const struct kern_ipc_perm *ipc)
+static inline struct ipc_security_struct *
+selinux_ipc(const struct kern_ipc_perm *ipc)
 {
 	return ipc->security + selinux_blob_sizes.lbs_ipc;
 }
@@ -188,8 +189,8 @@ static inline u32 current_sid(void)
 	return tsec->sid;
 }
 
-static inline struct superblock_security_struct *selinux_superblock(
-					const struct super_block *superblock)
+static inline struct superblock_security_struct *
+selinux_superblock(const struct super_block *superblock)
 {
 	return superblock->s_security + selinux_blob_sizes.lbs_superblock;
 }