Yama: remove needless CONFIG_SECURITY_YAMA_STACKED

Now that minor LSMs can cleanly stack with major LSMs, remove the unneeded
config for Yama to be made to explicitly stack. Just selecting the main
Yama CONFIG will allow it to work, regardless of the major LSM. Since
distros using Yama are already forcing it to stack, this is effectively
a no-op change.

Additionally add MAINTAINERS entry.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>

diff --git a/Documentation/security/Yama.txt b/Documentation/security/Yama.txt
index 227a63f018a27dfcbad74264d68655499ada6b78..d9ee7d7a6c7fdada4a84f95309b879f4ec099d1c 100644 (file)
--- a/Documentation/security/Yama.txt
+++ b/Documentation/security/Yama.txt
@@ -1,9 +1,7 @@
-Yama is a Linux Security Module that collects a number of system-wide DAC
-security protections that are not handled by the core kernel itself. To
-select it at boot time, specify "security=yama" (though this will disable
-any other LSM).
-
-Yama is controlled through sysctl in /proc/sys/kernel/yama:
+Yama is a Linux Security Module that collects system-wide DAC security
+protections that are not handled by the core kernel itself. This is
+selectable at build-time with CONFIG_SECURITY_YAMA, and can be controlled
+at run-time through sysctls in /proc/sys/kernel/yama:
 
 - ptrace_scope
 

diff --git a/MAINTAINERS b/MAINTAINERS
index a2264167791acd0d309b1097937ad1ba8aa36cb8..f8be2f7971975870d377e9d11dff171c15e7fee1 100644 (file)
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9102,6 +9102,12 @@ T:       git git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
 S:     Supported
 F:     security/apparmor/
 
+YAMA SECURITY MODULE
+M:     Kees Cook <keescook@chromium.org>
+T:     git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
+S:     Supported
+F:     security/yama/
+
 SENSABLE PHANTOM
 M:     Jiri Slaby <jirislaby@gmail.com>
 S:     Maintained

diff --git a/arch/mips/configs/pistachio_defconfig b/arch/mips/configs/pistachio_defconfig
index 1646cce032c34aa17d41dd8c51fe25a6d803d6ac..642b50946943ccebd0fc24b9e4b6cc06c4a90d63 100644 (file)
--- a/arch/mips/configs/pistachio_defconfig
+++ b/arch/mips/configs/pistachio_defconfig
@@ -320,7 +320,6 @@ CONFIG_KEYS=y
 CONFIG_SECURITY=y
 CONFIG_SECURITY_NETWORK=y
 CONFIG_SECURITY_YAMA=y
-CONFIG_SECURITY_YAMA_STACKED=y
 CONFIG_DEFAULT_SECURITY_DAC=y
 CONFIG_CRYPTO_AUTHENC=y
 CONFIG_CRYPTO_HMAC=y

diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 9429f054c323961aa8bf15d91c9650ec48314f1b..ec3a6bab29de3ac499637a1d848f7cd5c6d80c32 100644 (file)
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1881,8 +1881,10 @@ static inline void security_delete_hooks(struct security_hook_list *hooks,
 
 extern int __init security_module_enable(const char *module);
 extern void __init capability_add_hooks(void);
-#ifdef CONFIG_SECURITY_YAMA_STACKED
-void __init yama_add_hooks(void);
+#ifdef CONFIG_SECURITY_YAMA
+extern void __init yama_add_hooks(void);
+#else
+static inline void __init yama_add_hooks(void) { }
 #endif
 
 #endif /* ! __LINUX_LSM_HOOKS_H */

diff --git a/security/Kconfig b/security/Kconfig
index bf4ec46474b6319ec6ca035b44d21439f98ea461..e45237897b435f8fbf64950f580b9730f79eb1f4 100644 (file)
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -132,7 +132,6 @@ choice
        default DEFAULT_SECURITY_SMACK if SECURITY_SMACK
        default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO
        default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR
-       default DEFAULT_SECURITY_YAMA if SECURITY_YAMA
        default DEFAULT_SECURITY_DAC
 
        help
@@ -151,9 +150,6 @@ choice
        config DEFAULT_SECURITY_APPARMOR
                bool "AppArmor" if SECURITY_APPARMOR=y
 
-       config DEFAULT_SECURITY_YAMA
-               bool "Yama" if SECURITY_YAMA=y
-
        config DEFAULT_SECURITY_DAC
                bool "Unix Discretionary Access Controls"
 
@@ -165,7 +161,6 @@ config DEFAULT_SECURITY
        default "smack" if DEFAULT_SECURITY_SMACK
        default "tomoyo" if DEFAULT_SECURITY_TOMOYO
        default "apparmor" if DEFAULT_SECURITY_APPARMOR
-       default "yama" if DEFAULT_SECURITY_YAMA
        default "" if DEFAULT_SECURITY_DAC
 
 endmenu

diff --git a/security/security.c b/security/security.c
index 595fffab48b0a27077efa75ec9dd64e6983ae2d9..e693ffcf9266e067e5677d02f01739aa340cec1c 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -56,18 +56,13 @@ int __init security_init(void)
        pr_info("Security Framework initialized\n");
 
        /*
-        * Always load the capability module.
+        * Load minor LSMs, with the capability module always first.
         */
        capability_add_hooks();
-#ifdef CONFIG_SECURITY_YAMA_STACKED
-       /*
-        * If Yama is configured for stacking load it next.
-        */
        yama_add_hooks();
-#endif
+
        /*
-        * Load the chosen module if there is one.
-        * This will also find yama if it is stacking
+        * Load all the remaining security modules.
         */
        do_security_initcalls();
 

diff --git a/security/yama/Kconfig b/security/yama/Kconfig
index 3123e1da2fedb037a55077884d84461ac5971b1b..90c605eea8921546a4e58f55bccb1d19fbdec88f 100644 (file)
--- a/security/yama/Kconfig
+++ b/security/yama/Kconfig
@@ -6,14 +6,7 @@ config SECURITY_YAMA
          This selects Yama, which extends DAC support with additional
          system-wide security settings beyond regular Linux discretionary
          access controls. Currently available is ptrace scope restriction.
+         Like capabilities, this security module stacks with other LSMs.
          Further information can be found in Documentation/security/Yama.txt.
 
          If you are unsure how to answer this question, answer N.
-
-config SECURITY_YAMA_STACKED
-       bool "Yama stacked with other LSMs"
-       depends on SECURITY_YAMA
-       default n
-       help
-         When Yama is built into the kernel, force it to stack with the
-         selected primary LSM.

diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index 9ed32502470e9bc1d776d5d925ee48be587baa17..d3c19c970a06bf35789cd8444971e7421a00c8ca 100644 (file)
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -353,11 +353,6 @@ static struct security_hook_list yama_hooks[] = {
        LSM_HOOK_INIT(task_free, yama_task_free),
 };
 
-void __init yama_add_hooks(void)
-{
-       security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks));
-}
-
 #ifdef CONFIG_SYSCTL
 static int yama_dointvec_minmax(struct ctl_table *table, int write,
                                void __user *buffer, size_t *lenp, loff_t *ppos)
@@ -396,25 +391,18 @@ static struct ctl_table yama_sysctl_table[] = {
        },
        { }
 };
-#endif /* CONFIG_SYSCTL */
-
-static __init int yama_init(void)
+static void __init yama_init_sysctl(void)
 {
-#ifndef CONFIG_SECURITY_YAMA_STACKED
-       /*
-        * If yama is being stacked this is already taken care of.
-        */
-       if (!security_module_enable("yama"))
-               return 0;
-#endif
-       pr_info("Yama: becoming mindful.\n");
-
-#ifdef CONFIG_SYSCTL
        if (!register_sysctl_paths(yama_sysctl_path, yama_sysctl_table))
                panic("Yama: sysctl registration failed.\n");
-#endif
-
-       return 0;
 }
+#else
+static inline void yama_init_sysctl(void) { }
+#endif /* CONFIG_SYSCTL */
 
-security_initcall(yama_init);
+void __init yama_add_hooks(void)
+{
+       pr_info("Yama: becoming mindful.\n");
+       security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks));
+       yama_init_sysctl();
+}