diff options
| author | Alice Ryhl <[email protected]> | 2024-09-15 14:31:31 +0000 |
|---|---|---|
| committer | Christian Brauner <[email protected]> | 2024-09-30 13:02:28 +0200 |
| commit | 94d356c0335f95412575c4fa3954b48722359c8a (patch) | |
| tree | 9f21692b4f6fe76157970dfdbcda5a994dbf054d /rust/kernel/cred.rs | |
| parent | a3df991d3d0648dabf761cee70bc1a1ef874db8b (diff) | |
rust: security: add abstraction for secctx
Add an abstraction for viewing the string representation of a security
context.
This is needed by Rust Binder because it has a feature where a process
can view the string representation of the security context for incoming
transactions. The process can use that to authenticate incoming
transactions, and since the feature is provided by the kernel, the
process can trust that the security context is legitimate.
This abstraction makes the following assumptions about the C side:
* When a call to `security_secid_to_secctx` is successful, it returns a
pointer and length. The pointer references a byte string and is valid
for reading for that many bytes.
* The string may be referenced until `security_release_secctx` is
called.
* If CONFIG_SECURITY is set, then the three methods mentioned in
rust/helpers are available without a helper. (That is, they are not a
#define or `static inline`.)
Reviewed-by: Benno Lossin <[email protected]>
Reviewed-by: Martin Rodriguez Reboredo <[email protected]>
Reviewed-by: Trevor Gross <[email protected]>
Reviewed-by: Gary Guo <[email protected]>
Signed-off-by: Alice Ryhl <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Acked-by: Paul Moore <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Signed-off-by: Christian Brauner <[email protected]>
Diffstat (limited to 'rust/kernel/cred.rs')
| -rw-r--r-- | rust/kernel/cred.rs | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/rust/kernel/cred.rs b/rust/kernel/cred.rs index acee04768927..92659649e932 100644 --- a/rust/kernel/cred.rs +++ b/rust/kernel/cred.rs @@ -52,6 +52,14 @@ impl Credential { unsafe { &*ptr.cast() } } + /// Get the id for this security context. + pub fn get_secid(&self) -> u32 { + let mut secid = 0; + // SAFETY: The invariants of this type ensures that the pointer is valid. + unsafe { bindings::security_cred_getsecid(self.0.get(), &mut secid) }; + secid + } + /// Returns the effective UID of the given credential. pub fn euid(&self) -> bindings::kuid_t { // SAFETY: By the type invariant, we know that `self.0` is valid. Furthermore, the `euid` |