Yama: remove needless CONFIG_SECURITY_YAMA_STACKED
Now that minor LSMs can cleanly stack with major LSMs, remove the unneeded
config for Yama to be made to explicitly stack. Just selecting the main
Yama CONFIG will allow it to work, regardless of the major LSM. Since
distros using Yama are already forcing it to stack, this is effectively
a no-op change.
Additionally add MAINTAINERS entry.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
diff --git a/Documentation/security/Yama.txt b/Documentation/security/Yama.txt
index 227a63f..d9ee7d7 100644
--- a/Documentation/security/Yama.txt
+++ b/Documentation/security/Yama.txt
@@ -1,9 +1,7 @@
-Yama is a Linux Security Module that collects a number of system-wide DAC
-security protections that are not handled by the core kernel itself. To
-select it at boot time, specify "security=yama" (though this will disable
-any other LSM).
-
-Yama is controlled through sysctl in /proc/sys/kernel/yama:
+Yama is a Linux Security Module that collects system-wide DAC security
+protections that are not handled by the core kernel itself. This is
+selectable at build-time with CONFIG_SECURITY_YAMA, and can be controlled
+at run-time through sysctls in /proc/sys/kernel/yama:
- ptrace_scope
diff --git a/MAINTAINERS b/MAINTAINERS
index a226416..f8be2f7 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9102,6 +9102,12 @@
S: Supported
F: security/apparmor/
+YAMA SECURITY MODULE
+M: Kees Cook <keescook@chromium.org>
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
+S: Supported
+F: security/yama/
+
SENSABLE PHANTOM
M: Jiri Slaby <jirislaby@gmail.com>
S: Maintained
diff --git a/arch/mips/configs/pistachio_defconfig b/arch/mips/configs/pistachio_defconfig
index 1646cce..642b509 100644
--- a/arch/mips/configs/pistachio_defconfig
+++ b/arch/mips/configs/pistachio_defconfig
@@ -320,7 +320,6 @@
CONFIG_SECURITY=y
CONFIG_SECURITY_NETWORK=y
CONFIG_SECURITY_YAMA=y
-CONFIG_SECURITY_YAMA_STACKED=y
CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_CRYPTO_AUTHENC=y
CONFIG_CRYPTO_HMAC=y
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 9429f05..ec3a6ba 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1881,8 +1881,10 @@
extern int __init security_module_enable(const char *module);
extern void __init capability_add_hooks(void);
-#ifdef CONFIG_SECURITY_YAMA_STACKED
-void __init yama_add_hooks(void);
+#ifdef CONFIG_SECURITY_YAMA
+extern void __init yama_add_hooks(void);
+#else
+static inline void __init yama_add_hooks(void) { }
#endif
#endif /* ! __LINUX_LSM_HOOKS_H */
diff --git a/security/Kconfig b/security/Kconfig
index bf4ec46..e4523789 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -132,7 +132,6 @@
default DEFAULT_SECURITY_SMACK if SECURITY_SMACK
default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO
default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR
- default DEFAULT_SECURITY_YAMA if SECURITY_YAMA
default DEFAULT_SECURITY_DAC
help
@@ -151,9 +150,6 @@
config DEFAULT_SECURITY_APPARMOR
bool "AppArmor" if SECURITY_APPARMOR=y
- config DEFAULT_SECURITY_YAMA
- bool "Yama" if SECURITY_YAMA=y
-
config DEFAULT_SECURITY_DAC
bool "Unix Discretionary Access Controls"
@@ -165,7 +161,6 @@
default "smack" if DEFAULT_SECURITY_SMACK
default "tomoyo" if DEFAULT_SECURITY_TOMOYO
default "apparmor" if DEFAULT_SECURITY_APPARMOR
- default "yama" if DEFAULT_SECURITY_YAMA
default "" if DEFAULT_SECURITY_DAC
endmenu
diff --git a/security/security.c b/security/security.c
index 595fffa..e693ffc 100644
--- a/security/security.c
+++ b/security/security.c
@@ -56,18 +56,13 @@
pr_info("Security Framework initialized\n");
/*
- * Always load the capability module.
+ * Load minor LSMs, with the capability module always first.
*/
capability_add_hooks();
-#ifdef CONFIG_SECURITY_YAMA_STACKED
- /*
- * If Yama is configured for stacking load it next.
- */
yama_add_hooks();
-#endif
+
/*
- * Load the chosen module if there is one.
- * This will also find yama if it is stacking
+ * Load all the remaining security modules.
*/
do_security_initcalls();
diff --git a/security/yama/Kconfig b/security/yama/Kconfig
index 3123e1d..90c605e 100644
--- a/security/yama/Kconfig
+++ b/security/yama/Kconfig
@@ -6,14 +6,7 @@
This selects Yama, which extends DAC support with additional
system-wide security settings beyond regular Linux discretionary
access controls. Currently available is ptrace scope restriction.
+ Like capabilities, this security module stacks with other LSMs.
Further information can be found in Documentation/security/Yama.txt.
If you are unsure how to answer this question, answer N.
-
-config SECURITY_YAMA_STACKED
- bool "Yama stacked with other LSMs"
- depends on SECURITY_YAMA
- default n
- help
- When Yama is built into the kernel, force it to stack with the
- selected primary LSM.
diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index 9ed3250..d3c19c9 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -353,11 +353,6 @@
LSM_HOOK_INIT(task_free, yama_task_free),
};
-void __init yama_add_hooks(void)
-{
- security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks));
-}
-
#ifdef CONFIG_SYSCTL
static int yama_dointvec_minmax(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos)
@@ -396,25 +391,18 @@
},
{ }
};
-#endif /* CONFIG_SYSCTL */
-
-static __init int yama_init(void)
+static void __init yama_init_sysctl(void)
{
-#ifndef CONFIG_SECURITY_YAMA_STACKED
- /*
- * If yama is being stacked this is already taken care of.
- */
- if (!security_module_enable("yama"))
- return 0;
-#endif
- pr_info("Yama: becoming mindful.\n");
-
-#ifdef CONFIG_SYSCTL
if (!register_sysctl_paths(yama_sysctl_path, yama_sysctl_table))
panic("Yama: sysctl registration failed.\n");
-#endif
-
- return 0;
}
+#else
+static inline void yama_init_sysctl(void) { }
+#endif /* CONFIG_SYSCTL */
-security_initcall(yama_init);
+void __init yama_add_hooks(void)
+{
+ pr_info("Yama: becoming mindful.\n");
+ security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks));
+ yama_init_sysctl();
+}