On 9/24/2020 1:51 AM, Richard Haines wrote:
The GTP security hooks are explained in: Documentation/security/GTP.rst
Signed-off-by: Richard Haines richard_c_haines@btinternet.com
Documentation/security/GTP.rst | 39 ++++++++++++++++++++++++++++++++ Documentation/security/index.rst | 1 + include/linux/lsm_hook_defs.h | 3 +++ include/linux/lsm_hooks.h | 16 +++++++++++++ include/linux/security.h | 19 ++++++++++++++++ security/security.c | 18 +++++++++++++++ 6 files changed, 96 insertions(+) create mode 100644 Documentation/security/GTP.rst
diff --git a/Documentation/security/GTP.rst b/Documentation/security/GTP.rst new file mode 100644 index 000000000..e307d0b59 --- /dev/null +++ b/Documentation/security/GTP.rst @@ -0,0 +1,39 @@ +.. SPDX-License-Identifier: GPL-2.0
+============================= +GPRS Tunneling Protocol (GTP) +=============================
+GTP LSM Support +===============
+Security Hooks +-------------- +For security module support, three GTP specific hooks have been implemented::
- security_gtp_dev_add()
- security_gtp_dev_del()
- security_gtp_dev_cmd()
+security_gtp_dev_add() +~~~~~~~~~~~~~~~~~~~~~~ +Allows a module to allocate a security structure for a GTP device. Returns a +zero on success, negative values on failure. +If successful the GTP device ``struct gtp_dev`` will hold the allocated +pointer in ``void *security;``.
+security_gtp_dev_del() +~~~~~~~~~~~~~~~~~~~~~~ +Allows a module to free the security structure for a GTP device. Returns a +zero on success, negative values on failure.
+security_gtp_dev_cmd() +~~~~~~~~~~~~~~~~~~~~~~ +Allows a module to validate a command for the selected GTP device. Returns a +zero on success, negative values on failure. The commands are based on values +from ``include/uapi/linux/gtp.h`` as follows::
+``enum gtp_genl_cmds { GTP_CMD_NEWPDP, GTP_CMD_DELPDP, GTP_CMD_GETPDP };`` diff --git a/Documentation/security/index.rst b/Documentation/security/index.rst index 8129405eb..cdbdaa83b 100644 --- a/Documentation/security/index.rst +++ b/Documentation/security/index.rst @@ -16,3 +16,4 @@ Security Documentation siphash tpm/index digsig
- GTP
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 2a8c74d99..a994417fb 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -322,6 +322,9 @@ LSM_HOOK(int, 0, sctp_bind_connect, struct sock *sk, int optname, struct sockaddr *address, int addrlen) LSM_HOOK(void, LSM_RET_VOID, sctp_sk_clone, struct sctp_endpoint *ep, struct sock *sk, struct sock *newsk) +LSM_HOOK(int, 0, gtp_dev_add, void **security)
This should be gtp_dev_alloc by convention.
+LSM_HOOK(int, 0, gtp_dev_del, void *security)
This should be gtp_dev_free by convention.
+LSM_HOOK(int, 0, gtp_dev_cmd, void *security, enum gtp_genl_cmds cmd)
Please pass a pointer to the structure that contains the security blob, not the pointer to the blob itself in these hooks.
#endif /* CONFIG_SECURITY_NETWORK */
#ifdef CONFIG_SECURITY_INFINIBAND diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 9e2e3e637..3d6888d51 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -982,6 +982,22 @@
- This hook can be used by the module to update any security state
- associated with the TUN device's security structure.
- @security pointer to the TUN devices's security structure.
- @gtp_dev_add:
- This hook allows a module to allocate a security structure for a GTP
- device.
- @security pointer to a security structure pointer.
change per earlier comments.
- Returns a zero on success, negative values on failure.
- @gtp_dev_del:
- This hook allows a module to free the security structure for a GTP
- device.
- @security pointer to the GTP device's security structure.
change per earlier comments.
- Returns a zero on success, negative values on failure.
- @gtp_dev_cmd:
- This hook allows a module to free the security structure for a GTP
- device.
- @security pointer to the GTP device's security structure.
change per earlier comments.
- @cmd contains the GTP command.
- Returns a zero on success, negative values on failure.
- Security hooks for SCTP
diff --git a/include/linux/security.h b/include/linux/security.h index 0a0a03b36..67ff43afa 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -30,6 +30,7 @@ #include <linux/err.h> #include <linux/string.h> #include <linux/mm.h> +#include <linux/gtp.h>
struct linux_binprm; struct cred; @@ -1365,6 +1366,9 @@ int security_sctp_bind_connect(struct sock *sk, int optname, struct sockaddr *address, int addrlen); void security_sctp_sk_clone(struct sctp_endpoint *ep, struct sock *sk, struct sock *newsk); +int security_gtp_dev_add(void **security); +int security_gtp_dev_del(void *security); +int security_gtp_dev_cmd(void *security, enum gtp_genl_cmds cmd);
#else /* CONFIG_SECURITY_NETWORK */ static inline int security_unix_stream_connect(struct sock *sock, @@ -1582,6 +1586,21 @@ static inline void security_sctp_sk_clone(struct sctp_endpoint *ep, struct sock *newsk) { }
+static inline int security_gtp_dev_add(void **security) +{
- return 0;
+}
+static inline int security_gtp_dev_del(void *security) +{
- return 0;
+}
+static inline int security_gtp_dev_cmd(void *security, enum gtp_genl_cmds cmd) +{
- return 0;
+} #endif /* CONFIG_SECURITY_NETWORK */
#ifdef CONFIG_SECURITY_INFINIBAND diff --git a/security/security.c b/security/security.c index 70a7ad357..63b656848 100644 --- a/security/security.c +++ b/security/security.c @@ -2304,6 +2304,24 @@ void security_sctp_sk_clone(struct sctp_endpoint *ep, struct sock *sk, } EXPORT_SYMBOL(security_sctp_sk_clone);
+int security_gtp_dev_add(void **security) +{
- return call_int_hook(gtp_dev_add, 0, security);
+} +EXPORT_SYMBOL(security_gtp_dev_add);
+int security_gtp_dev_del(void *security) +{
- return call_int_hook(gtp_dev_del, 0, security);
+} +EXPORT_SYMBOL(security_gtp_dev_del);
+int security_gtp_dev_cmd(void *security, enum gtp_genl_cmds cmd) +{
- return call_int_hook(gtp_dev_cmd, 0, security, cmd);
+} +EXPORT_SYMBOL(security_gtp_dev_cmd);
#endif /* CONFIG_SECURITY_NETWORK */
#ifdef CONFIG_SECURITY_INFINIBAND