From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <vt@altlinux.org>
Date: Fri, 8 Aug 2025 22:21:53 +0300
From: Vitaly Chikunov <vt@altlinux.org>
To: ALT Linux kernel packages development <devel-kernel@lists.altlinux.org>
Message-ID: <ckxjp3x3k6x2oz2hfkihtlz6wg@altlinux.org>
References: <20250808085403.211094-1-mcpain@altlinux.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20250808085403.211094-1-mcpain@altlinux.org>
Subject: Re: [d-kernel] [PATCH] kiosk: add secureexec parameter
X-BeenThere: devel-kernel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux kernel packages development
 <devel-kernel@lists.altlinux.org>
List-Id: ALT Linux kernel packages development
 <devel-kernel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel-kernel>,
 <mailto:devel-kernel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel-kernel>
List-Post: <mailto:devel-kernel@lists.altlinux.org>
List-Help: <mailto:devel-kernel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel-kernel>,
 <mailto:devel-kernel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Aug 2025 19:21:53 -0000
Archived-At: <http://lore.altlinux.org/devel-kernel/ckxjp3x3k6x2oz2hfkihtlz6wg@altlinux.org/>
List-Archive: <http://lore.altlinux.org/devel-kernel/>
List-Post: <mailto:devel-kernel@altlinux.org>

Oleg,

On Fri, Aug 08, 2025 at 11:54:03AM +0300, mcpain@altlinux.org wrote:
> From: Oleg Solovyov <mcpain@altlinux.org>
> 
> if set to 0, secureexec will not be set, defaults to 1
> 
> secureexec is toggled by `kiosk` package when processing profiles in
> `kiosk-profiles` package:
> 
> U /path/to/executable - secureexec is set
> u /path/to/executable - secureexec is unset
> ---
>  security/kiosk/kiosk_lsm.c | 21 +++++++++++++++++++--
>  1 file changed, 19 insertions(+), 2 deletions(-)
> 
> diff --git a/security/kiosk/kiosk_lsm.c b/security/kiosk/kiosk_lsm.c
> index 18f810a1ce0f..af5206781863 100644
> --- a/security/kiosk/kiosk_lsm.c
> +++ b/security/kiosk/kiosk_lsm.c
> @@ -24,6 +24,7 @@
>  #define MAX_PATH 1024
>  
>  struct kiosk_list_struct {
> +	int secureexec;
>  	struct path path;
>  	struct list_head list;
>  };
> @@ -62,6 +63,7 @@ enum kiosk_attrs {
>  	KIOSK_NOATTR = 0,
>  	KIOSK_ACTION,
>  	KIOSK_DATA,
> +	KIOSK_SECUREEXEC,
>  	__KIOSK_MAX_ATTR,
>  	KIOSK_MAX_ATTR = __KIOSK_MAX_ATTR - 1,
>  };
> @@ -74,10 +76,13 @@ static struct nla_policy kiosk_policy[KIOSK_MAX_ATTR + 1] = {
>  		.type = NLA_STRING,
>  		.len = sizeof(pathbuf) - 1
>  	},
> +	[KIOSK_SECUREEXEC] = {
> +		.type = NLA_S16,
> +	},
>  };
>  
>  static int kiosk_add_item(struct list_head *list, char *filename,
> -		struct rw_semaphore *sem)
> +		int secureexec, struct rw_semaphore *sem)
>  {
>  	struct kiosk_list_struct *item, *tmp;
>  	int mode;
> @@ -106,12 +111,16 @@ static int kiosk_add_item(struct list_head *list, char *filename,
>  	down_write(sem);
>  	list_for_each_entry(tmp, list, list) {
>  		if (item->path.dentry == tmp->path.dentry) {

Полагаю, это для вех ядер где есть kiosk.

> +			if (tmp->secureexec != secureexec) {
> +				tmp->secureexec = secureexec;
> +			}

(Избыточная логика.)

Applied, thanks

>  			up_write(sem);
>  			path_put(&item->path);
>  			kfree(item);
>  			return 0;
>  		}
>  	}
> +	item->secureexec = secureexec;
>  	list_add_tail(&item->list, list);
>  	up_write(sem);
>  
> @@ -212,12 +221,16 @@ static int kiosk_list_items(struct list_head *list, struct rw_semaphore *sem,
>  static int kiosk_genl_doit(struct sk_buff *skb, struct genl_info *info)
>  {
>  	int action;
> +	int secureexec;
>  
>  	if (info->attrs[KIOSK_DATA])
>  		strscpy(pathbuf, nla_data(info->attrs[KIOSK_DATA]), sizeof(pathbuf));
>  	else
>  		pathbuf[0] = '\0';
>  
> +	secureexec = info->attrs[KIOSK_SECUREEXEC] ?
> +		nla_get_s16(info->attrs[KIOSK_SECUREEXEC]) : 1;
> +
>  	action = info->attrs[KIOSK_ACTION] ?
>  		nla_get_s16(info->attrs[KIOSK_ACTION]) : -1;
>  
> @@ -243,7 +256,7 @@ static int kiosk_genl_doit(struct sk_buff *skb, struct genl_info *info)
>  		return 0;
>  	}
>  	case KIOSK_USERLIST_ADD:
> -		return kiosk_add_item(&user_list, pathbuf, &user_sem);
> +		return kiosk_add_item(&user_list, pathbuf, secureexec, &user_sem);
>  	case KIOSK_USERLIST_DEL:
>  		return kiosk_remove_item(&user_list, pathbuf,
>  					 &user_sem);
> @@ -297,6 +310,10 @@ static int kiosk_bprm_check_security(struct linux_binprm *bprm)
>  		down_read(&user_sem);
>  		list_for_each_entry(node, &user_list, list) {
>  			if (bprm->file->f_path.dentry == node->path.dentry) {
> +				if (node->secureexec == 0) {
> +					bprm->secureexec = 0;
> +					pr_notice_ratelimited("Kiosk: %s will not be treated securely\n", bprm->filename);
> +				}
>  				up_read(&user_sem);
>  				return 0;
>  			}
> -- 
> 2.50.1
> 
> _______________________________________________
> devel-kernel mailing list
> devel-kernel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel-kernel