From f09c296ebf407f98f4ca70892e612b54484bf663 Mon Sep 17 00:00:00 2001 From: Yangtao Li Date: Thu, 1 Nov 2018 11:55:08 -0400 Subject: [PATCH 1/7] tomoyo: fix small typo Signed-off-by: Yangtao Li Acked-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index d3d9d9f1edb0..badffc8271c8 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -106,7 +106,7 @@ void tomoyo_convert_time(time64_t time64, struct tomoyo_time *stamp) * @string: String representation for permissions in foo/bar/buz format. * @keyword: Keyword to find from @string/ * - * Returns ture if @keyword was found in @string, false otherwise. + * Returns true if @keyword was found in @string, false otherwise. * * This function assumes that strncmp(w1, w2, strlen(w1)) != 0 if w1 != w2. */ From 4f83d5ea643af8892459d9852c88f3892201b864 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Sun, 9 Dec 2018 15:36:33 -0500 Subject: [PATCH 2/7] security: integrity: make ima_main explicitly non-modular The Makefile/Kconfig entry controlling compilation of this code is: obj-$(CONFIG_IMA) += ima.o ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ ima_policy.o ima_template.o ima_template_lib.o security/integrity/ima/Kconfig:config IMA security/integrity/ima/Kconfig- bool "Integrity Measurement Architecture(IMA)" ...meaning that it currently is not being built as a module by anyone. Lets remove the couple traces of modular infrastructure use, so that when reading the driver there is no doubt it is builtin-only. We also delete the MODULE_LICENSE tag etc. since all that information is already contained at the top of the file in the comments. Cc: Mimi Zohar Cc: Dmitry Kasatkin Cc: James Morris Cc: "Serge E. Hallyn" Cc: linux-ima-devel@lists.sourceforge.net Cc: linux-security-module@vger.kernel.org Signed-off-by: Paul Gortmaker Signed-off-by: James Morris --- security/integrity/ima/ima_main.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 1b88d58e1325..adaf96932237 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -1,4 +1,6 @@ /* + * Integrity Measurement Architecture + * * Copyright (C) 2005,2006,2007,2008 IBM Corporation * * Authors: @@ -19,7 +21,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt -#include +#include #include #include #include @@ -560,6 +562,3 @@ static int __init init_ima(void) } late_initcall(init_ima); /* Start IMA after the TPM is available */ - -MODULE_DESCRIPTION("Integrity Measurement Architecture"); -MODULE_LICENSE("GPL"); From a79860800e0b500902baf745c259625e48a403db Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Sun, 9 Dec 2018 15:36:30 -0500 Subject: [PATCH 3/7] keys: remove needless modular infrastructure from ecryptfs_format Even though the support can be modular, only one file needs to use all the macros like MODULE_AUTHOR, MODULE_LICENSE etc. Only the one responsible for registering/removal with module_init/module_exit needs to declare these. In this case, that file is "encrypted.c" and it already has the MODULE_LICENSE that we are removing here. Since the file does EXPORT_SYMBOL, we add export.h - and build tests show that module.h (which includes everything) was hiding an implicit use of string.h - so that is added as well. Cc: Mimi Zohar Cc: David Howells Cc: James Morris Cc: "Serge E. Hallyn" Cc: linux-integrity@vger.kernel.org Cc: keyrings@vger.kernel.org Cc: linux-security-module@vger.kernel.org Signed-off-by: Paul Gortmaker Signed-off-by: James Morris --- security/keys/encrypted-keys/ecryptfs_format.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/security/keys/encrypted-keys/ecryptfs_format.c b/security/keys/encrypted-keys/ecryptfs_format.c index 6daa3b6ff9ed..efac03047919 100644 --- a/security/keys/encrypted-keys/ecryptfs_format.c +++ b/security/keys/encrypted-keys/ecryptfs_format.c @@ -15,7 +15,8 @@ * the Free Software Foundation, version 2 of the License. */ -#include +#include +#include #include "ecryptfs_format.h" u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok) @@ -77,5 +78,3 @@ int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok, return 0; } EXPORT_SYMBOL(ecryptfs_fill_auth_tok); - -MODULE_LICENSE("GPL"); From 3aafb1fbe654fce86e79e10b3dc496b50cb04284 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Sun, 9 Dec 2018 15:36:32 -0500 Subject: [PATCH 4/7] security: integrity: make evm_main explicitly non-modular The Makefile/Kconfig entry controlling compilation of this code is: obj-$(CONFIG_EVM) += evm.o evm-y := evm_main.o evm_crypto.o evm_secfs.o security/integrity/evm/Kconfig:config EVM security/integrity/evm/Kconfig: bool "EVM support" ...meaning that it currently is not being built as a module by anyone. Lets remove the couple traces of modular infrastructure use, so that when reading the driver there is no doubt it is builtin-only. We also delete the MODULE_LICENSE tag etc. since all that information is already contained at the top of the file in the comments. Cc: Mimi Zohar Cc: James Morris Cc: "Serge E. Hallyn" Cc: linux-ima-devel@lists.sourceforge.net Cc: linux-security-module@vger.kernel.org Signed-off-by: Paul Gortmaker Signed-off-by: James Morris --- security/integrity/evm/evm_main.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 7f3f54d89a6e..5ecaa3d6fe0b 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -16,7 +16,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt -#include +#include #include #include #include @@ -592,6 +592,3 @@ static int __init init_evm(void) } late_initcall(init_evm); - -MODULE_DESCRIPTION("Extended Verification Module"); -MODULE_LICENSE("GPL"); From 876979c9308b7228cdaf6785909c57eebc85d911 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Sun, 9 Dec 2018 15:36:29 -0500 Subject: [PATCH 5/7] security: audit and remove any unnecessary uses of module.h Historically a lot of these existed because we did not have a distinction between what was modular code and what was providing support to modules via EXPORT_SYMBOL and friends. That changed when we forked out support for the latter into the export.h file. This means we should be able to reduce the usage of module.h in code that is obj-y Makefile or bool Kconfig. The advantage in removing such instances is that module.h itself sources about 15 other headers; adding significantly to what we feed cpp, and it can obscure what headers we are effectively using. Since module.h might have been the implicit source for init.h (for __init) and for export.h (for EXPORT_SYMBOL) we consider each instance for the presence of either and replace as needed. Cc: James Morris Cc: "Serge E. Hallyn" Cc: John Johansen Cc: Mimi Zohar Cc: Dmitry Kasatkin Cc: David Howells Cc: linux-security-module@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: keyrings@vger.kernel.org Signed-off-by: Paul Gortmaker Signed-off-by: James Morris --- security/apparmor/apparmorfs.c | 2 +- security/commoncap.c | 1 - security/integrity/evm/evm_crypto.c | 2 +- security/integrity/evm/evm_posix_acl.c | 1 - security/integrity/evm/evm_secfs.c | 2 +- security/integrity/iint.c | 2 +- security/integrity/ima/ima_api.c | 1 - security/integrity/ima/ima_appraise.c | 2 +- security/integrity/ima/ima_fs.c | 2 +- security/integrity/ima/ima_init.c | 2 +- security/integrity/ima/ima_policy.c | 2 +- security/integrity/ima/ima_queue.c | 1 - security/keys/encrypted-keys/masterkey_trusted.c | 1 - security/keys/gc.c | 1 - security/keys/key.c | 2 +- security/keys/keyctl.c | 1 - security/keys/keyring.c | 2 +- security/keys/permission.c | 2 +- security/keys/proc.c | 1 - security/keys/process_keys.c | 1 - security/keys/request_key.c | 2 +- security/keys/request_key_auth.c | 1 - security/keys/user_defined.c | 2 +- security/security.c | 2 +- 24 files changed, 14 insertions(+), 24 deletions(-) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 8963203319ea..3f80a684c232 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/security/commoncap.c b/security/commoncap.c index 18a4fdf6f6eb..232db019f051 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -9,7 +9,6 @@ #include #include -#include #include #include #include diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 8c25f949ebdb..77ef210a8a6b 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -15,7 +15,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt -#include +#include #include #include #include diff --git a/security/integrity/evm/evm_posix_acl.c b/security/integrity/evm/evm_posix_acl.c index 46408b9e62e8..7faf98c20373 100644 --- a/security/integrity/evm/evm_posix_acl.c +++ b/security/integrity/evm/evm_posix_acl.c @@ -9,7 +9,6 @@ * the Free Software Foundation, version 2 of the License. */ -#include #include #include diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c index 77de71b7794c..015aea8fdf1e 100644 --- a/security/integrity/evm/evm_secfs.c +++ b/security/integrity/evm/evm_secfs.c @@ -17,7 +17,7 @@ #include #include -#include +#include #include #include "evm.h" diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 1ea05da2323d..88f04b3380d4 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -16,7 +16,7 @@ * using a rbtree tree. */ #include -#include +#include #include #include #include diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 99dd1d53fc35..67dfbd1af3ca 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -12,7 +12,6 @@ * Implements must_appraise_or_measure, collect_measurement, * appraise_measurement, store_measurement and store_template. */ -#include #include #include #include diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index deec1804a00a..2e11e750a067 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -8,7 +8,7 @@ * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2 of the License. */ -#include +#include #include #include #include diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index 3183cc23d0f8..0af792833f42 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -20,7 +20,7 @@ #include #include -#include +#include #include #include #include diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index 59d834219cd6..6bb42a9c5e47 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -17,7 +17,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt -#include +#include #include #include #include diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 8c9499867c91..3778dc396193 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -10,7 +10,7 @@ * - initialize default measure policy rules * */ -#include +#include #include #include #include diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c index b186819bd5aa..0e41dc1df1d4 100644 --- a/security/integrity/ima/ima_queue.c +++ b/security/integrity/ima/ima_queue.c @@ -21,7 +21,6 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt -#include #include #include #include "ima.h" diff --git a/security/keys/encrypted-keys/masterkey_trusted.c b/security/keys/encrypted-keys/masterkey_trusted.c index cbf0bc127a73..dc3d18cae642 100644 --- a/security/keys/encrypted-keys/masterkey_trusted.c +++ b/security/keys/encrypted-keys/masterkey_trusted.c @@ -15,7 +15,6 @@ */ #include -#include #include #include #include diff --git a/security/keys/gc.c b/security/keys/gc.c index 7207e6094dc1..634e96b380e8 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -9,7 +9,6 @@ * 2 of the Licence, or (at your option) any later version. */ -#include #include #include #include diff --git a/security/keys/key.c b/security/keys/key.c index d97c9394b5dd..44a80d6741a1 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -9,7 +9,7 @@ * 2 of the License, or (at your option) any later version. */ -#include +#include #include #include #include diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 18619690ce77..e8093d025966 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -9,7 +9,6 @@ * 2 of the License, or (at your option) any later version. */ -#include #include #include #include diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 41bcf57e96f2..eadebb92986a 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -9,7 +9,7 @@ * 2 of the License, or (at your option) any later version. */ -#include +#include #include #include #include diff --git a/security/keys/permission.c b/security/keys/permission.c index f68dc04d614e..06df9d5e7572 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c @@ -9,7 +9,7 @@ * 2 of the License, or (at your option) any later version. */ -#include +#include #include #include "internal.h" diff --git a/security/keys/proc.c b/security/keys/proc.c index 5af2934965d8..d2b802072693 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c @@ -9,7 +9,6 @@ * 2 of the License, or (at your option) any later version. */ -#include #include #include #include diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index d5b25e535d3a..8b8994920620 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -9,7 +9,6 @@ * 2 of the License, or (at your option) any later version. */ -#include #include #include #include diff --git a/security/keys/request_key.c b/security/keys/request_key.c index 114f7408feee..301f0e300dbd 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -11,7 +11,7 @@ * See Documentation/security/keys/request-key.rst */ -#include +#include #include #include #include diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c index 424e1d90412e..87ea2f54dedc 100644 --- a/security/keys/request_key_auth.c +++ b/security/keys/request_key_auth.c @@ -11,7 +11,6 @@ * See Documentation/security/keys/request-key.rst */ -#include #include #include #include diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c index 9f558bedba23..5666fe0352f7 100644 --- a/security/keys/user_defined.c +++ b/security/keys/user_defined.c @@ -9,7 +9,7 @@ * 2 of the License, or (at your option) any later version. */ -#include +#include #include #include #include diff --git a/security/security.c b/security/security.c index 04d173eb93f6..d670136dda2c 100644 --- a/security/security.c +++ b/security/security.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include #include #include From 1072bd678547f8663cfb81a22fdb50c589e4976e Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Sun, 9 Dec 2018 15:36:31 -0500 Subject: [PATCH 6/7] security: fs: make inode explicitly non-modular The Makefile/Kconfig entry controlling compilation of this code is: security/Makefile:obj-$(CONFIG_SECURITYFS) += inode.o security/Kconfig:config SECURITYFS security/Kconfig: bool "Enable the securityfs filesystem" ...meaning that it currently is not being built as a module by anyone. Lets remove the couple traces of modular infrastructure use, so that when reading the driver there is no doubt it is builtin-only. We also delete the MODULE_LICENSE tag etc. since all that information is already contained at the top of the file in the comments. The removal of module.h uncovered a couple previously hidden implicit header requirements which are now included explicitly. Cc: James Morris Cc: "Serge E. Hallyn" Cc: linux-security-module@vger.kernel.org Signed-off-by: Paul Gortmaker Signed-off-by: James Morris --- security/inode.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/security/inode.c b/security/inode.c index 8dd9ca8848e4..b7772a9b315e 100644 --- a/security/inode.c +++ b/security/inode.c @@ -13,7 +13,8 @@ */ /* #define DEBUG */ -#include +#include +#include #include #include #include @@ -341,7 +342,4 @@ static int __init securityfs_init(void) #endif return 0; } - core_initcall(securityfs_init); -MODULE_LICENSE("GPL"); - From b49d564344f773d8afee982153c8493e5f2eaf38 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Fri, 14 Dec 2018 16:48:07 -0500 Subject: [PATCH 7/7] security: integrity: partial revert of make ima_main explicitly non-modular In commit 4f83d5ea643a ("security: integrity: make ima_main explicitly non-modular") I'd removed after assuming that the function is_module_sig_enforced() was an LSM function and not a core kernel module function. Unfortunately the typical .config selections used in build testing provide an implicit presence, and so normal/typical build testing did not immediately reveal my incorrect assumption. Cc: Mimi Zohar Cc: Dmitry Kasatkin Cc: James Morris Cc: "Serge E. Hallyn" Cc: linux-ima-devel@lists.sourceforge.net Cc: linux-security-module@vger.kernel.org Reported-by: Randy Dunlap Signed-off-by: Paul Gortmaker Signed-off-by: James Morris --- security/integrity/ima/ima_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index adaf96932237..616a88f95b92 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -21,7 +21,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt -#include +#include #include #include #include