From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09ECAC77B61 for ; Fri, 28 Apr 2023 20:34:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346684AbjD1Uev (ORCPT ); Fri, 28 Apr 2023 16:34:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54464 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346651AbjD1Ueo (ORCPT ); Fri, 28 Apr 2023 16:34:44 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A8DE03C26 for ; Fri, 28 Apr 2023 13:34:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714066; bh=6nAgtmk/PEjknCjYSf7RXeIOx5guKIsnj7Ok7tftIWk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=IrkP9mVkYwaDG3skUhaaEGwIQ8uD2njWM4TzVT/7uDLCBYo+uTdCGSZWhONjn66Jb68jIbwc2RcMlZyOroaNeKNZP1l3TuSwCSTicTRjQybB14F3O3/yC6xFo1X7ClfGqzdArvcjm8lFwKpZbz+lGMCTk3t15eR8mbKUGxSdnQm8J0FLnz0Y0uFQOQqH7bH4P9Rf0SgILp7QZ608dk8BLDauITqyljSPsFHGY4113gUJZGJDv7LeIh83mTby7hs2/4aOx39FYWZfBiBjgKzA7+LwJZWaSttjIqCdIno+lnfPg9MN4WbeZK8yMob8y0O+JQewALBHLpRejt2T86Ppzg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714066; bh=Quur1ixasGeqSGliR5EO55rX0etvBgOBMaAo73h+yFD=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=VwxpFN80ai0lI0qpDkrrBCuUzHNogTPHw4/crq8ugeWVv4IcN+iHciUuJXODo9l4wjK8fgMrRGKmbde6wCItTJqnhIOs7BX9WIuTLWEqxth/h5vmOkUKqaR0Is5agtlp7GsoypOKmONuIv4gnx8NY//6UJ4sjVv+q7QkZkoWsBeIXBfGCA3IvCelUBYSLRbs5xcDYcbqBiB9cTYUlSLvf5avz2yUaqzmkfYMYXODf+G/PAsf4+39sWrbqDJfkG/Hjiqimgd56djJIaO2/3S0GjfwDJNj8XC3hgebBTUIA8SRmgu59aaYVp8sN19/6TcZqVhaUgAPuAeV87Gtz/SqYQ== X-YMail-OSG: Y0J1cZQVM1kG_Zy.Odn1u6N3C7AlgYH2PqL_J_lp6b8KU7xQt9L.qFo186ZR.4R fWUp9Ljo.A1d2cReXeyx6EYDvdC4orl.vkXDJVdldkthIo2XU_K5bPXLXyJxK5EtORYSPtRf9GDW 8CtYlQguiDH8epTb55UgdkNG0QwbglBz94jn5XH1Sx1pppQLxEBnDNqYT36NYpIT3A_BICXLpvx2 2BnpCTAfm1n4ldNFjgx25MmoAc65gto6uzlSPQDIurRctjTfSbhphaatOVwSzNIwBiYTUsSQi05j m03PmmrmmV4lxPGKhtvcOMMfbywtmXQL2kEirbyR8CkWXwpxNmAbTSQ58U3yInUH1s5pHMbrQzrl eNVcY2q7tCXSnAYRVB1enfF.0xA3qLZDwoVjbIsDkdNAX6W43a_sGmgRqkFJk_uNLTkslzCkk0PG y99J2bTpr8l7hUiYQKO366YTTymnt4M43QlNl1fvZWR47FIW2aPAthwXcqnTonhc7YlUvpvks9d1 SabqrGfdsuApTj7cAsA__0Xk7hZrp0gtmmE1TOZDL4.nsgQlddnuSa0tBu3QdOT7ll68sz9BK.wH anKBMCSyi4u8dJpf1R12Qz6mXFaAq_eY.bgkBEQTQ.Ss6JvvOr4hgEyfkWrNgd_4ggT_Aw9LHz6v NP_mPcRGSTNeaSRz1zLk1YrgPEG2zSMgZ1QnZ2m1_6Vei0zR55I4nh3Lv34inSdtOliq6UPBecEp ucRgeC8PH2iAm5mGecEcfR_Yg.z5kne0EPjXID0YBSpYKQ2L3BZAiEmnJxFUBAeK77SBnXkaXORG XNebClOBQhCGrAEB6Tkze7WiFtsZnong59sqTEkPKcajB5vdSCvGL51Z9wWwTh3VUVWXtHLwdiBV eC0R5cUgfH_EMdWZi2RykmhHGj5s2Xei8S2AipsRhvPEJQr4D71Pf8ZqkbkjnFF40Aj1sqsIYYnG SgIQWFkWssi6X4TgZ0_HfazWTuLTkVhuwT87Tt8ZTWG4KlTyL_eh4yNNzpVMQqYvDcEpcjc0TEaB 9Xz1xV2HCzf.3N9zdzY2_WtCZqfe4mE2NI.5QSGnpF0BJmdvwCL6XYvjlLBPqlG1wuRdDoNP1u3G VgSbgp9fP7JelnjIVtcyzFrqgyUPfdM0Szv3PbeCpv1_8WffWa9lt4lbQWYEoA0TI63KJ57l9FMY pW5a2.jec7PXaTWGK4k6tG6PEBdtf7UoL4ONnLIxgxOCtaLi64eRBlO62.EhcZjQ0hrF_g_PXRqv UpkFEMjREQ.7sFB1_E9M4rISpcpfaDrxW0svV1t9sNNMRHLXaTXuqwbYmOjNC6gnAv1d_4TcSmGF 3c4CKXrI2tstSdUeK6UQWmR0a6CPjLHNnylFlnKMAkyZYjpwsaEaG9.xACG_wsmOmTVrqbSG3sJH RChlois83FkK_t0D0Rw9vxCpEvzK3bfxWJqZt1iKMofzIdbCahj5smSRBTmhsWQeIINqZG42D0Ll KJiwp1vu4ZiRbTAF0CexqUIhOOwaL0ejciH_.vK6u1gNb9DzAsdFK44rzgJUqi252ZMfEV.HE4yA DEPVqXJienrVX6LyA301APJFifQwxDXz5GDqeJZRHsiQxQcxbbV7VnYGOWRz4djLBmB0A3mim.W1 DXrqISbES7qVpnvosIWCytGRGz1FeTrqEG.b0n1mRZ6XcQYxn4BXz627GHRCN5q3uZqwJBEH_oe8 uUcrIWuiZyLgz.6bu02TSPToKLgKq6Lw4awrCkO6_4JTBHrTk.O4NsftwHFZ7zMBR_7ahRkoFl_Z Xkf4HCpbXOQExXsJgIPPKFnPA6KGP.diUM3eNgZ.l6rmy8reBihmc8bXrLP4lkaqCSqT7BBV9BGE gXJ_ce8JaEi7FKEHrkbWe8zZaaDxnFafEEswNj77wsxopCh8w6Rha7p6imMkHWXrRlH3jvWkUGBx 6_VdTpAKTpIALBId4VMOAecdeQya1Mc2PGITii5kVNn7IHr8AHzyUCVjIStUlxnjUcplHTtaQMUt UR4nTmpC85L1ZiTLAr3lPIdUzPpc6watTM.LJLzCdbL.K9owA283eCGQ.75wg_ySHJkr_TLVv240 pjDdcW26IbRq3WORuzR0U08rFj3UME68AH30wTl37VYlhs.CRscE5hAXVLjl8Fg41nKNiJPjdi1q Zuc.p.u0BKyLfuedxOewGZvRtLXbCviOI.lx5GAKD7DgCP.8XKMgiTqBrx6oEq6_e_MHutNj.SAQ qdFubrHiUR1z7LAclXQYULE8qwq.ebwSYMkAh1pTHFCnPT2FzQOdyMPJiGu_XoWZMZYZKAQ1z2oX VRSd2SLaAteXf_Wf9MDIY5H85ZzeghQ8- X-Sonic-MF: X-Sonic-ID: 57e4a787-5ed1-44d8-ae3c-3aa18cae0fc2 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:34:26 +0000 Received: by hermes--production-ne1-7dbd98dd99-84p8v (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 1804015e38ebd45733da2d1b7adda460; Fri, 28 Apr 2023 20:34:21 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 01/11] LSM: Identify modules by more than name Date: Fri, 28 Apr 2023 13:34:07 -0700 Message-Id: <20230428203417.159874-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module Reviewed-by: Kees Cook --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ MAINTAINERS | 1 + include/linux/lsm_hooks.h | 16 +++++++- include/uapi/linux/lsm.h | 54 ++++++++++++++++++++++++++ security/apparmor/lsm.c | 8 +++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 9 ++++- security/smack/smack_lsm.c | 8 +++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 21 files changed, 216 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspac= e-api/index.rst index f16337bdb852..54c0f54cde89 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -31,6 +31,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm =20 .. only:: subproject and html =20 diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-= api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Linux Security Modules +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/MAINTAINERS b/MAINTAINERS index 0e64787aace8..25d09f6eb3ef 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -18810,6 +18810,7 @@ S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: security/ +F: include/uapi/linux/lsm.h X: security/selinux/ =20 SELINUX SECURITY MODULE diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 6e156d2acffc..c1f00d09033e 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1665,6 +1665,18 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; =20 +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const char *name; + u64 id; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -1673,7 +1685,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; =20 /* @@ -1708,7 +1720,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; =20 extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); =20 #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..f27c9a9cc376 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_UNDEF 0 +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index d6cc4812ca53..d7f22b0cf03f 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include =20 #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_a= fter_init =3D { .lbs_task =3D sizeof(struct aa_task_ctx), }; =20 +static struct lsm_id apparmor_lsmid __lsm_ro_after_init =3D { + .name =3D "apparmor", + .id =3D LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init =3D { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1910,7 +1916,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); =20 /* Report that AppArmor successfully initialized */ apparmor_initialized =3D 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index e5971fa74fd7..b6e71c5a401d 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include =20 static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init =3D { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_r= o_after_init =3D { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; =20 +static struct lsm_id bpf_lsmid __lsm_ro_after_init =3D { + .name =3D "bpf", + .id =3D LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 5bb7d1e96277..69958af95163 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include =20 /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long r= eqprot, =20 #ifdef CONFIG_SECURITY =20 +static struct lsm_id capability_lsmid __lsm_ro_after_init =3D { + .name =3D "capability", + .id =3D LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __lsm_ro_after_init = =3D { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] _= _lsm_ro_after_init =3D { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } =20 diff --git a/security/landlock/cred.c b/security/landlock/cred.c index ec6c37f04a19..2eb1d65f10d6 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_r= o_after_init =3D { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index adcea0fe7e68..fa0e6e76991c 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __l= sm_ro_after_init =3D { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 4c5b9cd71286..eab35808f395 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm= _ro_after_init =3D { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 3f196d2ce4f9..17116c87f268 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ =20 #include #include +#include =20 #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after= _init =3D { .lbs_superblock =3D sizeof(struct landlock_superblock_security), }; =20 +struct lsm_id landlock_lsmid __lsm_ro_after_init =3D { + .name =3D LANDLOCK_NAME, + .id =3D LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; =20 extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; =20 #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index d73a281adf86..d359f2ea1a0a 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include =20 #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" =20 @@ -214,6 +215,11 @@ static int loadpin_load_data(enum kernel_load_data_id = id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } =20 +static struct lsm_id loadpin_lsmid __lsm_ro_after_init =3D { + .name =3D "loadpin", + .id =3D LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init =3D { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -265,7 +271,8 @@ static int __init loadpin_init(void) if (!register_sysctl_paths(loadpin_sysctl_path, loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); =20 return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index a79b985e917e..141a0b94098e 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include =20 static enum lockdown_reason kernel_locked_down; =20 @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __lsm_= ro_after_init =3D { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; =20 +static struct lsm_id lockdown_lsmid __lsm_ro_after_init =3D { + .name =3D "lockdown", + .id =3D LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } =20 diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..86b57785f86e 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" =20 /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *n= ew, const struct cred *old return 0; } =20 +static struct lsm_id safesetid_lsmid __lsm_ro_after_init =3D { + .name =3D "safesetid", + .id =3D LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] =3D { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hoo= ks[] =3D { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); =20 /* Report that SafeSetID successfully initialized */ safesetid_initialized =3D 1; diff --git a/security/security.c b/security/security.c index cf6cc576736f..a482c6048df9 100644 --- a/security/security.c +++ b/security/security.c @@ -504,17 +504,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; =20 for (i =3D 0; i < count; i++) { - hooks[i].lsm =3D lsm; + hooks[i].lsmid =3D lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } =20 @@ -523,7 +523,7 @@ void __init security_add_hooks(struct security_hook_lis= t *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->name, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -2146,7 +2146,7 @@ int security_getprocattr(struct task_struct *p, const= char *lsm, struct security_hook_list *hp; =20 hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm !=3D NULL && strcmp(lsm, hp->lsm)) + if (lsm !=3D NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.getprocattr(p, name, value); } @@ -2159,7 +2159,7 @@ int security_setprocattr(const char *lsm, const char = *name, void *value, struct security_hook_list *hp; =20 hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm !=3D NULL && strcmp(lsm, hp->lsm)) + if (lsm !=3D NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9a5bdfc21314..2ee92d3fb79d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include =20 #include "avc.h" #include "objsec.h" @@ -7032,6 +7033,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *io= ucmd) } #endif /* CONFIG_IO_URING */ =20 +static struct lsm_id selinux_lsmid __lsm_ro_after_init =3D { + .name =3D "selinux", + .id =3D LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this o= rder: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7355,7 +7361,8 @@ static __init int selinux_init(void) =20 hashtab_cache_init(); =20 - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); =20 if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cfcbb748da25..0b466d3b31b7 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" =20 #define TRANS_TRUE "TRUE" @@ -4856,6 +4857,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_afte= r_init =3D { .lbs_superblock =3D sizeof(struct superblock_smack), }; =20 +static struct lsm_id smack_lsmid __lsm_ro_after_init =3D { + .name =3D "smack", + .id =3D LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __lsm_ro_after_init =3D { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5062,7 +5068,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled =3D 1; =20 pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index af04a7b7eb28..7de4fcdcbf90 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ =20 #include +#include #include "common.h" =20 /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } =20 +static struct lsm_id tomoyo_lsmid __lsm_ro_after_init =3D { + .name =3D "tomoyo", + .id =3D LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s =3D tomoyo_task(current); =20 /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info =3D &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 06e226166aab..c56572ec9d50 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include =20 #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *par= ent) return rc; } =20 +static struct lsm_id yama_lsmid __lsm_ro_after_init =3D { + .name =3D "yama", + .id =3D LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __lsm_ro_after_init =3D { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -477,7 +483,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25CF2C77B60 for ; Fri, 28 Apr 2023 20:34:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346656AbjD1Ueq (ORCPT ); Fri, 28 Apr 2023 16:34:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346615AbjD1Uel (ORCPT ); Fri, 28 Apr 2023 16:34:41 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 88FCC3A88 for ; Fri, 28 Apr 2023 13:34:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714066; bh=DTgxbazKa+xgTYBEP6cv64ozuJBWjZnUzEFzm5ov1Hk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=LVitpcrf78vDl611SRonORCfBZUOPpIMS3JmZ6Wl78w0N/lDMCK4rvlJpT1fxIu6BqIZ988v2JKOrzX4HWk7zSUVRKu0S2lKNPhWodGeYuaG8ZiSOBIqz708BS+Eo+SbxoV7FFC51zeR4paoV0Z7S/6gCOOMRqbn73MUYEKfHO5ys30Zjc/kItmhXEaSEompGEKgXNhzv8vMXEcBr0zQ6TKug3ymFyPmiXiap9r1jVYXlg7oBhDFX5jx3Gy5jrqNTxkfT9sUHnjOW1831+i6Y6WS8KSL6ri4WQ7oc1ykDxMk0IaTKQ/iu3B4I4pPqamsBiCU7u9NqWsswtAwMjYPwA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714066; bh=7gh+WYkftXRpDy5bIT2L1xMfVbzeT+5a05mBpDGfoJw=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=g554fwuMQZD4Gqu7a5C/lDuMoO03Os1U2WFXSFbXNb07E7HnwcuL95HoBnlqMfPLMaBZvxQ/6on7U2nxunvxYszQFq8WfMkIJJe61nDYBykN+SIqMAZFjZbEtvD4w0khLoHdCf4Om2RpO0vTxvBeebZvJdN9S/882un+PBooVeKCNweqOjddo7RmmsrJPTcRHpblXbZB4Vy4XNClqTH6jaFH0XStMa/kQkVv6Fr3uVob8p+CfY+2xkqUIhVWEncBca07Q4Ov1bOgz9MBbvHcauCH/EIsyIrfqVN7qeTq3ZVz63TWujKmF8VC+wZ+hl5aJxR+VbaVOF3dk+0GBIXkEw== X-YMail-OSG: pTbcNfgVM1miuLB5r9aToJR.y9KtNAavwOeiED7NKDXgmoYL4eX8TeveV6OE8ma wFFYhSwdAn.54rSZPtcAFX4kMQ3f9Va2bcUNr6wD9AQ9hb2oyqs97QMhAiHrfAD65TdObaj_T7QN _lDatKfUF7ScADnNvEudVm_hGDSipFjDqz9CpUaz9yyUpgsVnqLx7wtSzvm_YUMtFdxfZfrbFXk0 0sBmc1KUmub3l2P513KT4M9WBw9OScgxQfS8BuXj4LnFYxryxvv5HtD7M5cswdzA.C7Sllvib41x 2M2Uvt4OrTPOYqlPV2pJmTocj1t9deNTWbmAaOx1y_PqvRoOqExmhBc.TtWsC9jwEUWLr5sofb1T TIqQhUxlandxGcaSGH0wcN0HmsEufLAdg7y9z.XsT346CG5Ivgc1DV4BPwaoh3mvo9h7FkByIC41 tg6Xkg_5z.TwAVuPwRiiBRxhkwrTVVFiVlgQoP._C0JM0OfADfIm8sJ97afDtSI0uwJW.OjKD_Cc Z42ByAHY9eKdyaUJVOmdqDAOICcgHWn2IoLcAmmaa0H4DcRlrPwn0JpM5UcEZssCiE2iMLFPBtBd e_pNTosNUR8VZXd8OZS3tpn0klQnInft1VoPnq2xYvRKots4YdSUzB13z5w_TIQhNcELXQGX0W5T b.Pvz5b7msuq3sudYpk1MuqodCZoUHERgXqlRzmJlYyLxmUB6VXPITBejfLFQgw..V57Pz0Gq3.Y v2fEWnsQ5Hu1yc_DeuHjmESXU3sHron_5vjypuTe0bd_JDtGk5jEVO08WCZPlEEG0YXCeeFAS6CO Bj.hKaKGpbUEPHKsTstk7UEoLl8TZZiGKlXToEOCHmeCKGHgHavRMz1cy1mHRYXYRghSXNurI7e0 nf9alGXNB4i7D1nPIEKbje9yCE0V.bbnZM4mxjriwxgpCM2N2GmjjgWLrbTqiTxbhGs5ksU8HfDP g9gd7yvgWaSLekOvQPGTWPW4xlfkwGAmh.RK2KZHhqXnf9rAGPcyUZPdbMVD4H.qMl.hRZRY2od2 KrkZxAh2X28qbz9tLD6oOuMVnz6vVKReikjTt9ub4ta5hZW68XaiBUdeTaX9IBUWgPQpfB0LswLY faChfhyEWWCu1BLYvzT5Wlvc4HMdEezz7jY_flywMYtVCWGcW7YRXNNIa9eHYy_CmjUmjcKU5wOO 65sAsDt98ukgiq2ElINvo4d4MC_eHxmcSpCpaXV3Uh55qmyKSZaenzbMcxzdT4BL6ptvEIws_1S8 fwbU0Zd9ejYKldBMAvWn3DKCl5A1F_D2MnPnHTSGGNHTEqDkaIu_605Qs9bs7zJQuvkV27yB12af l5YNSiMyFsDXA8eZcCZVsvqxx9vL33S_QC5glf8uucWg3DUhG0sZC6iWdEHZ6eGrM.I_dVc520VD ouYFg76vQNwqNpR8IBXY1fyr5gUaWcD2jyG4dkf8VMgI0upbxn6RGVfKrv_2Uix.QDitQAy2geLv 7gjip.EZZN109SxkPcKdcXQAPIyKs20Cb4IgC4hE9.3uYgQN4fqobaVSiKnvevENZ6swCDb3_GHe dyTBrKvR6Anv_k2NWGWNanVsyQ7UIvZ9mAxb2adM9DByg0YWkIc6nFhB6ggpb.ZyyhpX2cpLNvy. aJKPoB1ZI65HbLlxDxf8OmESMBUR6GiQA2mgHkLWP1VUQGVbsHjKI9hFFgshkIwdCwQH.rQ.ZJf7 XLTu1Lb.gEoGOj_.tcSTsVkmdlzh4fZ18bE19XS.0K4WXKmpDvc7.hlCVdcBQNMTVxvy5Gxgp6Mj NeGqiAH6VMrrsSB.gvJZ3iDXFsx8OOOhnwsVhvSvYXmMCuo.a6ZQAltCPOft.OGL.aN1jmdFnRCI EHnxLntRlMTHCSLG48ulzYGKqNRqXhQ2S_lur0Rn0GTX_iCmqAdU_jI8hkPGapBV6vRzXrXNCU_i 78pW4V6AVdDNIsmxJ8LE.pKhge1Cm3Ix1zZIRrWOHfPb5RYF9kD312jo1RKgWyAN1M16Hic3dO.G bkfBo7bKIjRPf9.TuqlPwILxgDcffsC7HWZX2P7lWBBKSbiykFzcbAeCS7QuwvjCmMKxnmSKxej3 O.B_AQLwrkaZpr2w022fIAbsKceoy2gxE.0mDBs9LNNlbTT0Mkl9KEsMZ4GvFJoBwqVDUX0Hc1TD 9Ovb2vOdjdc3a_0Htbvg.CnPq_aL9aMS5I0StXugUpz41hcemj.AU6qJ9UmlaXvwmUh6hZqHF.MU viWo5i2i7qP4sYFEaLePtLGMfnQlXjva4zg8k61HS2eOlaJ4iZCJT_h1JDCNGF1o3iEYDQqApVrt 5Cxf8jY5PPV49g48BbnQjcbKJR.guAw-- X-Sonic-MF: X-Sonic-ID: 09290273-147a-4164-a614-04dff17895a5 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:34:26 +0000 Received: by hermes--production-ne1-7dbd98dd99-84p8v (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 1804015e38ebd45733da2d1b7adda460; Fri, 28 Apr 2023 20:34:23 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 02/11] LSM: Maintain a table of LSM attribute data Date: Fri, 28 Apr 2023 13:34:08 -0700 Message-Id: <20230428203417.159874-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook --- include/linux/security.h | 2 ++ security/security.c | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 5984d0d550b4..e70fc863b04a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; =20 extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; =20 /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index a482c6048df9..e390001a32c9 100644 --- a/security/security.c +++ b/security/security.c @@ -35,6 +35,25 @@ /* How many LSMs were built into the kernel? */ #define LSM_COUNT (__end_lsm_info - __start_lsm_info) =20 +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_CONFIG_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) + /* * These are descriptions of the reasons that can be passed to the * security_locked_down() LSM hook. Placing this array here allows @@ -244,6 +263,12 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } =20 +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __lsm_ro_after_init; +struct lsm_id *lsm_idlist[LSM_CONFIG_COUNT] __lsm_ro_after_init; + /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { @@ -513,6 +538,17 @@ void __init security_add_hooks(struct security_hook_li= st *hooks, int count, { int i; =20 + if (lsm_active_cnt >=3D LSM_CONFIG_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + /* + * A security module may call security_add_hooks() more + * than once during initialization, and LSM initialization + * is serialized. Landlock is one such case. + * Look at the previous entry, if there is one, for duplication. + */ + if (lsm_active_cnt =3D=3D 0 || lsm_idlist[lsm_active_cnt - 1] !=3D lsmid) + lsm_idlist[lsm_active_cnt++] =3D lsmid; + for (i =3D 0; i < count; i++) { hooks[i].lsmid =3D lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E4F8AC77B60 for ; Fri, 28 Apr 2023 20:36:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346609AbjD1UgL (ORCPT ); Fri, 28 Apr 2023 16:36:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55720 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346338AbjD1UgF (ORCPT ); Fri, 28 Apr 2023 16:36:05 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C8FF2107 for ; Fri, 28 Apr 2023 13:36:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714161; bh=Z9nxeKbR438LSTP2aAwXWaACuXFQ/LPIBOgaq5Zksx0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=bnEdQcSd09ldghpnj0xWSJm2ZaPyUpq9AJyoeQWcyhZvG9utvW3g/O3qAQ8Opu3a0mE5c1c/7gLdnpVPPJfZdBXmKa2jNQPpshdOkU6MdpFqNZfh7Y0gzGooX2+NPoK3EZiJNElExqTstWweRAbDsWi9StwM6I82OvmjfB5lEZv4qGhZdYHfVbmUuVWZcn/c0llQ525Fj5W4MgmqnHiX/pbl5tfGGCUySR0ZhLGELZoMY58IRRvMB8kwbiautqG52LksUGTmI7Kw2eY/cLXkK4VFuqC/XnX+xA8ziPitsJr2R98HGKzCmS8t+O+SfTTdw9yE04FYEV850luRgucGHA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714161; bh=dOztA4aP/OoVAsXLBz3o36hgyBNVc4KDmZzHOJEb24t=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=dq6EyGl9h7kvN8MFfees9hmbxPDjOFlbHdqIBGLcw6c46Wevbn2B9y8D1z/uHtu8DCzN4znlOJd8AYzrq6ircosObCd1pPrgBjw5T9Ox0n4MGHxlJNCbkjTUEaDZ59Mf8zd52fQi48paU2P8n9ENqAgQTI2EAp+9RlrWFmvH6X6E0NU7nP0ZhJR1Lp27wEEUP9adIITKOMbEkhmcmtqtuNJ+6EjyiiPZuNkXK3FHTNovC6+52qFuQzirEf6w3OgR9+VdGcmKs8gNcXsv2FyZz6H5gk1aTyh5QffjpREVF8fTYSWNlTygNYYEsRTs/AKDbL7g+NuzrRjHph4/Vm7Y9Q== X-YMail-OSG: iTPDWNoVM1lRsIiaBd4O1etERTCAU1GlekRAQdXOnkqokVqIkjckmbN_Cbk3HNp LJW318iMfKYA7_emN4LREsDQdKCe3HnJyPhXG8GtQ6MrS0J9jG8xonx4D0etU.gGBTD_bKhUBkOl MFXaxztneWBu6jEo93H6bvR8EI4kFpi1ObP8JuTxbaqppQ_2MyEDcLlj0P0.w3T1jTk0QNQoKRO7 wVZYnW0XDVSlfPot4_uR5dwm7FquTofk0a9wFyKNcZ3UYdmATCmTsXDOrlfl9klxIEjYsQfaVjWD oBSITcIw4sk0fUiGYPhoVwAQT1Y1hCKFlX44Q0cVZDSlhiZvTaBsphyOFxSGi9RZq0g7mmGPjkWq gUCF7pcJJiLkJZ0YbuNrSMZOzYkFaHFYJOKx17WNJhIi2UDMLp4MekY5biSfb1B2Q_y5MYkDMiPJ JaQqhLPSKlRMXwXND3sYvIl6C0nZs_GUzdqqeMwmh6zmaQ7qSbhbQ_HE9Ykyfc8O0X5t7OT0Oztj .kNgW2kE_wGd2tzpX_EaTRX67arDIwXpMdHsQ4xIAvcgqkVqcOP8.SCssQ_TC57HapUi9mTP2W6_ mvRN9SElZ5s9Zszk951bnKVcDfioes28NlNQGcfgJdadbLrVVTMxYaYLQ26xhYUucOs5SkdoswRe DUVVe4SNdSHqzeI7VekTBny2e6bqJwF40nNFvpOlXkGPYbj25.dg0Y3qCsrq6669tYqIneSS4aJT 3bvqLhDJEU6E8XMubqgC2isdHotK.NBkcaWPb69uTQ4KsdOFNilcZMNoJRw_rcrRHxdeuhzxCH3w fa5fdQsyS1ugnNPikC9_g5WkoO4lxzvdVmaYBEe2HBOMrXKgXrHwJurjzWtQrKIehJLK039BGiet tw0wDgvqNw8LWgfX.0cB.ufLGaexkDxu7qKoRW6eMkuLwc1PKoSyZrW5xv24mMB3VRPkkQM5E6.W T3unQcZ7QBd.gh6Y3QUOKXLP6x4Ih3zKYK7kBCUsR14in9e.v6RR7f2zd3BYsA7h2J9TlfdNvK0V eHBB7WdV54Tts68p41GjQDCXO_VI85W6CAeYdWoIC9ASF1f0vv6vfFYnrLAUdz1pEfFfdm5iC26m Pz4Gp9i0OuRE4._8boFfWskeDInDXu7k6oaeZnKastIocHwBAt4uSujqi8Hz1c3S61xc6udQNRvV AYRM7aqM6S0..kbPOts5xIgwCG4iXCdHBjU88QwaDiuPaHonKtm9oVCXDI8wjeIdRZl.P5D2fPIx AylimqmX4umZSb_pFep17CwrHmjeI88PRZnu.61U1DUuAU6fO1LcpbNMXCaoVZZeG5sVDCJ7vAZ. j3_nP_5vlMTnnFwyKO3H99bNJxQIKo8YpU0Zu8zH1neueNFj6gTL9XEFDAB0xQiBPW0.suO3YbtQ 6PeKcn8UIu3sxH8YScnCk8gs.khivTBiWQ5Z_j2cIrxMSQZk9zwq0PI46_ZpkntzlJI3aEa8Datb IUCct.st6uST46toB7JovzGsi5gfZJuE7C0RmPOwqx4hs3IO9ra1QFwPd.AYc6ExU1oXg0zCM4n. c6GOBFZFaL0fko4L3YKN2DuAvjYM77zmWcsp2qHfPrtd74QfbIBwFLM91YjI9vm0o9h.ROm1Yf0N 5BRWSPsgSRlCV1x3FqzOTUc.5lDDBM5a1cyY8T76UknzllogCzx5kpzIzMs6r_vAqiUlkCGYEdfQ lxNlfdfSWEppAdV09DfwkHsYJexi0VydxIV1ZnrgCnoddWJ_NyYJAF4BCqmGPLuNgEmXrkNimFWt aqsMbFrHv2clSjn3_qMyenfA5l3src7zDkLBDzn5yml_PCZlfMQ4iSnF8BSzQ__qvef0Jshq.jbO vPZFlgmWeZ3GQZMEiwh6esSPYY14GcaMobcgCuQPC9O6Aoq1K8YCwCFNVOsFH4oSwytanvJxarQg .Q_JXUQC98YFECZGAZ5tMPD5PMBk4DhjLX9F25rrDoeLZltakUZAtS64ytleRvkxHNNo5nEDInZ9 Jh3Vp3HB5fz.PaCP_skrFWLsgysSpRPddcT4rf6WMFERLhDMfTiJuV0YkhiQyNt3YdHr.G1ImEMC r55v4Mty5dbKDdkrnp0DX783zVZhbO1tfwaSBWUn1nm2y4Yb0hMraeC9oM1rZT.CMRnwmmneV762 iLfa0ggyVgziJ7W3U98M0VfEHbat7lGTSwqjnDgmGR6eiqSvV0jve7g.JW5n157m.Ush9OprBpqy aV64KCEKelAC3AuizSKnsSXXyIaZt60mzOQZ4lstsXowMocv_3hN.gSt.8wkru3P1sauu8N5AnHs L1uSpMF.JZIzNfCoDlHD7SFx_p9EoBK4- X-Sonic-MF: X-Sonic-ID: eab732d2-10f0-4291-9bed-60134f0b6787 Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:36:01 +0000 Received: by hermes--production-gq1-546798879c-mpgfb (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID ba26e713cb439f1ca91afc1b8b946229; Fri, 28 Apr 2023 20:35:56 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v10 03/11] proc: Use lsmids instead of lsm names for attrs Date: Fri, 28 Apr 2023 13:34:09 -0700 Message-Id: <20230428203417.159874-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Cc: linux-fsdevel@vger.kernel.org Reviewed-by: Serge Hallyn --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 11 +++++------ 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 5e0e0ccd47aa..cb6dec7473fe 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -96,6 +96,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -145,10 +146,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show =3D show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm =3D LSM }) + { .lsmid =3D LSMID }) =20 /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file,= char __user * buf, if (!task) return -ESRCH; =20 - length =3D security_getprocattr(task, PROC_I(inode)->op.lsm, + length =3D security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file= , const char __user * buf, if (rv < 0) goto out_free; =20 - rv =3D security_setprocattr(PROC_I(inode)->op.lsm, + rv =3D security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_a= ttr_dir_inode_ops =3D { \ =20 #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] =3D { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif =20 #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] =3D { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif =20 static const struct pid_entry attr_dir_stuff[] =3D { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; =20 struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index e70fc863b04a..8faed81fc3b4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -473,10 +473,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int= cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const cha= r *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *nam= e, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t = size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1344,14 +1343,14 @@ static inline void security_d_instantiate(struct de= ntry *dentry, struct inode *inode) { } =20 -static inline int security_getprocattr(struct task_struct *p, const char *= lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } =20 -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index e390001a32c9..5a48b1b539e5 100644 --- a/security/security.c +++ b/security/security.c @@ -2176,26 +2176,25 @@ void security_d_instantiate(struct dentry *dentry, = struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); =20 -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *nam= e, + char **value) { struct security_hook_list *hp; =20 hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm !=3D NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid !=3D 0 && lsmid !=3D hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } return LSM_RET_DEFAULT(getprocattr); } =20 -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t = size) { struct security_hook_list *hp; =20 hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm !=3D NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid !=3D 0 && lsmid !=3D hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77F14C77B60 for ; Fri, 28 Apr 2023 20:36:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346577AbjD1UgF (ORCPT ); Fri, 28 Apr 2023 16:36:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55704 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230365AbjD1UgD (ORCPT ); Fri, 28 Apr 2023 16:36:03 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A4122BA for ; Fri, 28 Apr 2023 13:36:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714161; bh=GgOjzkePkJSoFsz+QJcl7OzqBzn70cGDoNq07autlSU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Q2bR/Gdg5Vy8ku3I5mFK009WgVw+KY7x2R/cjrt2tuBirtTJCAcakifdvLIzv4zjANZsc52G3/9Jxozkcdi54uDaBZ2Fupnws7/hynffA5X98CJrFzoLCS6u2ggWFBCC2S+HX3zwej0bzxvv5BnPhg4RrndJBNM4iJh91K728IN9qNesMmVIB/PV0gBjTkoVGGy4geWeXatJdKPZq/yoRWamBTtB5pRmKZxRiwRPJSuuJng+96yC7fSey4nCicuBMTtdRsGmUZAuvOwGlXdcBLUT0Ve/5hmdtp5C0GccEFl9ch2c17wxUqyyA/AGRYA2vpGPrfxdz3bbsBiOjdUy+Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714161; bh=0nLF2t6v0nL/luVom3AJCn3htlGZwbScXkFZkn15Skh=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=VS/x5ExUb+wRIzYWm9jj08ScHJRRZ1MjHYfbxFM5UQFuteyjLmB+lMY9Iyx3PHkZqj75Fswm9tnUG91TFC9wPGq7HFQtHgOfqaUtlZGqLmm2nlR9PLtgh6/bbXwI/73x+TmP1ZzZ68qpxMwRcBzXtFgBlv/O+zEdvC9ypKaRpNRSUsgQhTDz+6fvTCv332sYuC1mRiNUpkSIIjDJ9uYMxctXdE9NTqmSv9bJfPq4JanK2Qd0vqqrjOyjxi94SsWqJ2ZJ1Efep4GXqetO7k7AD02fOYBvsXxVelGwJp7rFI5HKe2u/KBp+qiu96cB7Z9GXsbj77Mmoto8C9zH1di0Ew== X-YMail-OSG: EYDxFlgVM1kVVUZnhBENJW0T4pTGDwN5jWFR8bL.G70kN2x881dyvQhpmXkveWW eH9KSU53tFpNvDvOb3LPa3WhDUR3A.Xi.h7sDMZhhZSnHRB1DUfC9Beb2vjyiPJXAWSXipJIj6iw RaKgnJC4AP6a_mh_SH5O2enp6leKD0HHLztc0Jyb0KG1nztJltTSuptrZ479ZvUulQzpTbkr5SOL fLKkkW1ImnHJFsPU0D23DcWMhkC1q0Ev4qOLLKJeuycgWWylreaPHHoDJ72KSmQuN721bOtvcdA4 1nKgG5HsG_k.6d4p2VTSWIB7lq4m6NLTmkzo9Qj2TC1_yeqCQ2Ke9KNcvsuMZPN34dYpSixQoV9k Wu2NHak1qjk1nuFF18a45Bcymf58D2YF1hnGE6HGSieC1lir63FeUadSaD6RmznCzsWBYUnb0Zbd Sj.8KilIwrM27rBcAdTdVW4hXXX9aFSrrDCF.f_0ALOgi6JCD8ilk3UqwzmKbf9cFpKtPZDs3Sd1 qVwfNRweiGuVkEuyDkRGRyw4oduTgnWR28vFDC.9GBCEnSEIE0ypLM5IaS5Krg6qcKLYPFcgtLG5 z276KdoVWFCXl5JruDZB0tDt..a.HOdmIbWrChgpknabePdeq77zZ946.2e7EV175cYsTyU4DzVc jziRHCeZEYOJrDn74_GSvRfbfrEMyxG.RTYguAvYwVkHqwWB0DGbLcPsAvYsiXNU1UgpykMoT3qa ClHDG6o0L20JPaK1bvsbZJ0mZIPCmgtGcEDwCMDs63kberwLJRLezCLsad9Isvbz1wE3xGwvt9md PvBjiwLGBmfhlk7dIi6iA4JBiTUdakbulY4A96LiNHDud6EFodwb5rSegufeytFrat50Oc27nRrJ iQIj1iT_dT6aJxbyn2LBU2unDzmduFLbbDnQI8uW.jz39UCkFYa4FnxTIl547gn3aZq_pi6_bT8X NHytVECLdWrvVqHq9eB2CjBsfwXs8B5hGtG6A6L478PJG.H.LwVuZAGwCqpOqDpVXEnlZx4b4uM0 7dRSzBG4eeVpfBqPEObrjzHz9iZDunsQiqmrzpxnUhfxrLHZ5GsOVvg5Uo2nT07YtTs0gxwRad4W 8ogC6MV1XTYbXYQt75b6IhdRVLc2l97R7dm9jmXy.t0MhOAC0vaSuyKgznQECmgj7a6k.8y3wFmf s4FglC2N92OT37FRxXZRFH0lLggNWJQTtSXu_htWa5CHAEITReOW9ZE_ckVcTFIE_ZxXdqRZDTYl eaemnidHHo3eTpR_dj5axmgQ9DmQWej7oTUw7U9K46tJielxldMgnLzvFVGJvRzWTcawTVRhHIeO zvQM7ZwzdizOdtEGZyXfkhaKN_ra3ZHlAhP8JmcU0TN5Wk4vOwn3Zt38EYDbdSdJlcqDmI25m.PR g_4qo0dpN3H.fejEJxSd.8C0XPl9Jpbrfe3bB59PtWJ.xF3igMK9hD6vwF_xUiIpFyY8x.I6werF Q4lgO3ukgNUgGrg96oquuI.mIQn_gBlh5yje9XXq7h5fl1lnVMcHkE6Xvh0DrNP1Umkuyi6QAvWG kNxhbwewk0M2ISsA2cpUj_bXh7sJgk0fhFqyRUWVd_GotOgN7Y_mJx9SHVzNSolVg9ASd3ZPhPE0 KRA53QCZkKFNSgUNeCNS8p5VSd3gy54oUTaFleKyeoMUW.Grru.7qMfLpC6MS5AjICgQnlFvRtvA VPIxHd2EU0d98EH0OZaxOnv27kdOFDn8.RspZ3RWFgnMvwcLMgL8uilm8rVbgyzFG1d5AwxSZCue 4goG3oPDwaTBItTWd_K.94JzBQoeRavEOkUsQ2zrqbyPuwtA7IzNIgpA4QamQ2WtJqh7jvYniGD8 COjsiq98MaIMKjdR0hhCQ8yFzyQ4jwwTlrDfz8xGHBsN0SDHQaSCE_z26eLl2Ynr5bk43TAfkixG h72EI3a7Yle4.HFoLPnDuOWJq0ERTiz8gWDuj9KHxXA8FIgIr..38GcIusbVaJEsYp3O9Yc1GS2G YPtrlLnrwxVinEAH6YPIpb6K7A.3U6nhqoF8PI5obB_GqBeCqokUXjQ6CfiVSsX2BQZ9L886AwXB RMjyq4yBLsCzNYrKeZ6V0Ce4xX6EbWs_Vf44QPkyVfaQkANK.hGtnhOijtfa36ds.XFrQI2Wee4I jT7liUSi3qu_XxWaCDuUzQtYNQSWti.1Rf7AH0tOGOrqoLO9BUUFbYdeS70VKPoEV2zLfo96NLT9 4LhIlu__ob1XAvwLuFu9qRgFxxfui_u_riE.02zuBqvMcRYLW_IcGEnG1ytP156bZ9BpJSAEH5.5 shISw359SUttJpA2Y0qYI8TD5zDaHRg-- X-Sonic-MF: X-Sonic-ID: 0e9b0f9f-953e-4d03-ab00-9acc615085a4 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:36:01 +0000 Received: by hermes--production-gq1-546798879c-mpgfb (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID ba26e713cb439f1ca91afc1b8b946229; Fri, 28 Apr 2023 20:35:57 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 04/11] LSM: syscalls for current process attributes Date: Fri, 28 Apr 2023 13:34:10 -0700 Message-Id: <20230428203417.159874-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifies the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge E. Hallyn --- Documentation/userspace-api/lsm.rst | 15 ++++ include/linux/lsm_hook_defs.h | 4 + include/linux/lsm_hooks.h | 9 +++ include/linux/security.h | 19 +++++ include/linux/syscalls.h | 5 ++ include/uapi/linux/lsm.h | 36 +++++++++ kernel/sys_ni.c | 4 + security/Makefile | 1 + security/lsm_syscalls.c | 55 ++++++++++++++ security/security.c | 112 ++++++++++++++++++++++++++++ 10 files changed, 260 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-= api/lsm.rst index 6ddf5506110b..e6c3f262addc 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,21 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. =20 +Kernel interface +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Set a security attribute of the current process +----------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +------------------------------------------------------------ + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 094b76dc7164..32104ff61999 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm= , struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t *size, u32 flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t size, u32 flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *nam= e, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t = size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index c1f00d09033e..457ff953e331 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H =20 +#include #include #include #include @@ -503,6 +504,14 @@ * and writing the xattrs as this hook is merely a filter. * @d_instantiate: * Fill in @inode security information for a @dentry if allowed. + * @getselfattr: + * Read attribute @attr for the current process and store it into @ctx. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. + * @setselfattr: + * Set attribute @attr for the current process. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. * @getprocattr: * Read attribute @name for process @p and store it into @value if allowed. * Return the length of @value on success, a negative value otherwise. diff --git a/include/linux/security.h b/include/linux/security.h index 8faed81fc3b4..806bff425af9 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; =20 /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -473,6 +474,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int= cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags); +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *nam= e, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t = size); @@ -1343,6 +1348,20 @@ static inline void security_d_instantiate(struct den= try *dentry, struct inode *inode) { } =20 +static inline int security_getselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_setselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + return -EOPNOTSUPP; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..9a94c31bf6b6 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; =20 #include @@ -1058,6 +1059,10 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned = long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *c= tx, + size_t *size, __u32 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *c= tx, + size_t size, __u32 flags); =20 /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index f27c9a9cc376..eeda59a77c02 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,36 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H =20 +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + /* * ID tokens to identify Linux Security Modules (LSMs) * @@ -51,4 +81,10 @@ #define LSM_ATTR_PREV 104 #define LSM_ATTR_SOCKCREATE 105 =20 +/* + * LSM_FLAG_XXX definitions identify special handling instructions + * for the API. + */ +#define LSM_FLAG_SINGLE 0x0001 + #endif /* _UAPI_LINUX_LSM_H */ diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..d03c78ef1562 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,10 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); =20 +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) +=3D keys/ =20 # always enable default capabilities obj-y +=3D commoncap.o +obj-$(CONFIG_SECURITY) +=3D lsm_syscalls.o obj-$(CONFIG_MMU) +=3D min_addr.o =20 # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..ee3881159241 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __us= er *, + ctx, size_t, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: reserved for future use + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __us= er *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index 5a48b1b539e5..94b78bfd06b9 100644 --- a/security/security.c +++ b/security/security.c @@ -2176,6 +2176,118 @@ void security_d_instantiate(struct dentry *dentry, = struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); =20 +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: the size of space available to receive the data + * @flags: special handling options. LSM_FLAG_SINGLE indicates that only + * attributes associated with the LSM identified in the passed @ctx be + * reported + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx =3D { .id =3D LSM_ID_UNDEF, }; + u8 __user *base =3D (u8 __user *)ctx; + size_t total =3D 0; + size_t entrysize; + size_t left; + bool toobig =3D false; + int count =3D 0; + int rc; + + if (attr =3D=3D 0) + return -EINVAL; + if (size =3D=3D NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + if ((flags & LSM_FLAG_SINGLE) =3D=3D LSM_FLAG_SINGLE) { + if (!ctx) + return -EINVAL; + if (copy_struct_from_user(&lctx, sizeof(lctx), ctx, left)) + return -EFAULT; + if (lctx.id =3D=3D LSM_ID_UNDEF) + return -EINVAL; + } else if (flags) { + return -EINVAL; + } + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + if (lctx.id !=3D LSM_ID_UNDEF && lctx.id !=3D hp->lsmid->id) + continue; + entrysize =3D left; + if (base) + ctx =3D (struct lsm_ctx __user *)(base + total); + rc =3D hp->hook.getselfattr(attr, ctx, &entrysize, flags); + if (rc =3D=3D -EOPNOTSUPP) { + rc =3D 0; + continue; + } + if (rc =3D=3D -E2BIG) { + toobig =3D true; + left =3D 0; + continue; + } + if (rc < 0) + return rc; + + left -=3D entrysize; + total +=3D entrysize; + count +=3D rc; + } + if (put_user(total, size)) + return -EFAULT; + if (toobig) + return -E2BIG; + if (count =3D=3D 0) + return LSM_RET_DEFAULT(getselfattr); + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @ctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on success, -EINVAL if the input is inconsistent, -EFAULT + * if the user buffer is inaccessible or an LSM specific failure. + */ +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx; + + if (flags) + return -EINVAL; + if (size < sizeof(*ctx)) + return -EINVAL; + if (copy_from_user(&lctx, ctx, sizeof(*ctx))) + return -EFAULT; + if (size < lctx.len || size < lctx.ctx_len + sizeof(ctx) || + lctx.len < lctx.ctx_len + sizeof(ctx)) + return -EINVAL; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) =3D=3D lctx.id) + return hp->hook.setselfattr(attr, ctx, size, flags); + + return LSM_RET_DEFAULT(setselfattr); +} + int security_getprocattr(struct task_struct *p, int lsmid, const char *nam= e, char **value) { --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B195BC77B61 for ; Fri, 28 Apr 2023 20:36:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346686AbjD1UgQ (ORCPT ); Fri, 28 Apr 2023 16:36:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55696 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230365AbjD1UgG (ORCPT ); Fri, 28 Apr 2023 16:36:06 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AC9D12D for ; Fri, 28 Apr 2023 13:36:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714164; bh=3rrx2/4CPchvROU7XfPjU63ZFDXsxZuUk/9nazGCq3E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=QarBwP1cqGeFWbaKZ2C71JNds/uzP0VoVOxSrxp7xUGsHjKyB6uWQS3zFf7rEtsAPLtV1e+K2+xg892OSV4Z3IbPYDa/KJ21ZbBMrlyhTY1AiNLHjzvmrcFpg6JGbQgDscaGzBMSNCqsuAl1Fthd9DhLprR4uf2ONCirleclNjgngzrJpl65uvbWTpkcIV5bUbE0mcSFA80ejPiWemAEz8ApXD4f9Zr+NHtzH27/x7BTBeI23Ai9n4CNHeZB8LRG+UIwB/9DNDMiFwDkJIiL9fuMv3/wyG32bZjzvW0I9UH2QLKvm4xXtTQtnC8omeNWVujAeZkm8YV2BQcRXqzSjA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714164; bh=H37CGhumWx4FB7+rIMRkSjNGRaIDHEZs7VpSPRXrt6Y=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=UEVXPGch/X8yc9DZhmVFWvgABQjAJrZfxlbcPnyUVfpvQ6a4bV6Dh95AHIGMyBD/xmD42KDCd9nY0+p7YENiSw7HeL9FNP5tcGOzTM/Um618UP4UOKJ0qM0SpzCcs1qsgijzZQXfR8cqaC8NNEuhbWEMSAEuynmHk+PA920wGsjOdkzvfrRQo4Y30OMufzaEANYejhOmcpvlftV9kQUHXcmrhDozVTdOjB0i5/6w0mPgcXiyp9WYVYwV5dYmMNXV2IJkrf3WI6ymLQs8zb/jyx2S3suRc8g44m61iyRrpscngkpSj1YPQ6/GCk7wWD7cOrfq/as894z5Z92M9qXheg== X-YMail-OSG: heNZ4NsVM1mFG5yjiEhwstl562EkzWndqoodPUDm3pMTVFFYgRdMCN5inYmbGiG NTIXW2mH1TgDZMUcuc8VgZ592BRitseBsBxf7SCwniI_SlnMHp_pfG29W69tnlPjUEsPCtlaEUg4 0zX1c.chXLTrOzu4eyvxgSLTjgJDTve.H5BvMegvdQaw7rdlejjescvMv.B.qHYYRoEw2LUQ37Dj iu8wl5PXC4HzvD0dBG7njB7LwKunIjtQ9FhVcwYPn1Yqy.fhVRJ_sxN9WDaY_0xi2apif7GOm4OD vtsEULfTyOlG6A1X8IHY5_N6OK7pfaxKTU3R1zQEhWQfuyEHbc5Esk2xrWwUcSSF9zHSdCNPhnEx .hnN9sBXAlXVXOtQD8ozl2V5l6tuaGBt8wyzixYZB1azzQF9Bq5cnrn1QBurO7rHuEL0Y1EdSulj YUwjgtOOXL3MQ5eyxpzP5VR0WddD0AChMukIog5a30X9K2UF6UlgfcINB3JXbcZPoyHhXDXWuduj qHNDTrXO5jWscgu54D6fgq2gQ3WzF7rh2Re7KaV7wO0WS4TF69vaUJWZNkaxeeZyIU5qoXqXdama UGo69SuiMTbqoppLjq7i4MBauL7KN5gLl9R0xoqkrBuTzd8hYkvNnoqYpDj24K3nXZ1EiVQ__3WZ ym3KBe6n6n3JPMXIsswzjPfYeJ2qdXsCIZjcLkGN7rpzHvEJVugga2zqP1QU.O1s2ph4oFRu7.sQ GBGZ7kYiRqQHjMKzVKlSFQA1nPV1rhUl2dPpW7AbhlOwb.wdCRoXBlSa3OGFpJaSjM7_VYP.37fZ 2A3k87dpnEPs6TxoavxYlvFDsha6KYl0nUcV4gJ4DgyzBVc2guuzWniGREjjm_lYfkFJRBjOr57l 6rXNapyaBG2o_90uWfNSiACvhVZ92rZwi4TAriOmNHc8PaUWBwyG5FexlODz9gbBrNv4GSfzMFEJ Xos5tLLOPSJUZ5rexEXZ83AocB5Dfim46nKCXfBi8TzYN3pTqe_nztvdTkUc_Y2I9179jeL1a8he _2uOCidLd_1qsRU8t3Xa049GPaZMcK_1cbvLrNoatAPAIUrH_V78HSv64hI1E40DtDUs.GQfW6ud H3l31HtskXOI__flAEuWtqhJF8cKKgqayREFNWj4lB5mAspLki1ZE7y0MT.P_1Rlad7uNvzgriW3 e2CUnu6B99O6py6W63mApRxttlRwTdMFFHyipOYc618CrnenDLplKevF2JpL1eGSkzW_Zf3PpkS7 DTIZs5zbnYi89ra_QbMrLgWFz0pQPiaS29X3v0ncWdWR7igH0P171bjXi9Eei.Gq.vQd0hxdssAj dw8HenEShT4yZiaHRDQWUtkdbc7FxGZRn.D8tkmvcZZ9TUaAtvfmCiQXFMqQELfe0hRP2MXl.Hrg ggktN4ptKcQnpB.xI3TP2ciE6zFSbnUTfjhvKO_4J2Jl2rHANKmjuzL02f56TuOXiljrRoHO_W.O AsDHIq0rcCoPGXpS3CkUtJeO4BZ9_VeR59be2p_2mLNqsNMe3fKgHB9G2eD6yzO2xsxZgkfKxJPQ ro3dP7UI58bZZMmayDOxizcr4sXAl_yGcd2FCUVWBWzWaAHWbnR9juxSRvfNcFBh0nuiqOtVbU73 7l5jeFW4KkuQhwMADH_LFadabfdrpjT58pzdQ6n4XO6TeSSYahXUD9Nuh1_5RYWYnfsRIC0WuFGy eqz14zNglPdI0GxMdJ3zT4ec.4Uzo2JSjyk8bBwvMEMjAY3OMki2tw66r1qP7tDz5pmR_OAB3Uxe RiNaGltX3Xw6SJQKjbQ3NZyb0theMooglnmrimbyIY1FRgU9k_Jg9lNk5goOQg2Y1OZB3kOYt3ug hCZZ8jfbNjKEm65K82_VVBJqGulCCQJcburrrEoZ.xaWs0l0Xi4.c_k1BpC67l6YOiFLK2QfJDPl lulBHs3qJp7wahSz9bFuwbVEtKCjUwGN4GpGgJn233ek0XYQKiF58fIDyOoEwZrQhVcvf._IYL5s R7pnBN4Wb8CIyXr14tgSe1qhyXS73DOxfpa80TOsV7RXCqq9wPsATbEGoNTpTY1N5doR1hF6eLPK z4ip3Dop7_h0l_7XCUxMfG4D84HpeU6uGCDIBIaklzTdxtLhJMh7qcu5JOtya6ozxwMB8uuYchkJ .6E4vhj.rTViIew48rA2mJ5uy7A5jifXOFkLEnXlVzKRlxcrOCf_5RuepsASX.gv_CfqrVZjDOHG ygBHK5Jnh_RE.RvtdDCe1or5kPW4_Fn3GVWfZqHv7DHVp94zhvTmzHhT.H3c3GkIdV8kdBcrmjaT wwp1bQwVH_0CwbgiYwPs2aQLR6_SpVw-- X-Sonic-MF: X-Sonic-ID: 04ee8b1f-8535-4f91-bcbb-ac5db4472d63 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:36:04 +0000 Received: by hermes--production-gq1-546798879c-mpgfb (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID ba26e713cb439f1ca91afc1b8b946229; Fri, 28 Apr 2023 20:35:59 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 05/11] LSM: Create lsm_list_modules system call Date: Fri, 28 Apr 2023 13:34:11 -0700 Message-Id: <20230428203417.159874-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include choosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge E. Hallyn --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-= api/lsm.rst index e6c3f262addc..9edae18a2688 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current proc= ess .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr =20 +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 9a94c31bf6b6..ddbcc333f3c3 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1063,6 +1063,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int at= tr, struct lsm_ctx *ctx, size_t *size, __u32 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *c= tx, size_t size, __u32 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); =20 /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index d03c78ef1562..ceb3d21a62d0 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); =20 /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index ee3881159241..b89cccb2f123 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -53,3 +53,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, s= truct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size =3D lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) !=3D 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i =3D 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 013B0C77B7E for ; Fri, 28 Apr 2023 20:37:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346647AbjD1Uh4 (ORCPT ); Fri, 28 Apr 2023 16:37:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346313AbjD1Uhw (ORCPT ); Fri, 28 Apr 2023 16:37:52 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 205D2359C for ; Fri, 28 Apr 2023 13:37:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=mXOixrgll6cVOviBFIZW1CU4gIjyQkuFml+qMEmEM8g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Os1y3YNbbYyes1TwX4CiW/XjwaLmLq2iTfnZqdI5UbIMI/0zcCFBHupr5MlMZ9XrzeK4vOny/ZRojXDa3begAM+62YXDas6jA0369SDr9BHv7ox6WdYwuJklZelixynZt0DREv5rDKhIQ0poEN9342MCRrd4nVQRAsKGO2y/W/oZRODInU3rk1Je/zOFDHoon6X6snMYn4SdX5gI/e8ZiA0bD2qJvyCTbQoUZexAUH3TQ0UACGo+CGld3uhXXqcVUZNR7uhmVA12wpOnvNK3MFEx+YQMkT1bjutG387f97HKTEf36Wm5iRwwMTkpJjjTuVQ/gDRNbBKdBYqcqREBZQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=12THlL59PQApAVxbXbrCN0b8JyuxoERBJ55b6/WdQUo=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=OuLhUWH3ndmuWRaTG9/BjWfJ59fVuxpLTzf2dc0vLfIvY2+hvQkdp+gLnz8YyLUC8brZN+/Vq/fCL+O+Lji0L6vNZKq7feuI1FWeSWx2Z1X71As/Ql0OG2c/CZgUkd0DxreQBOzOrchOaQ9ipI6xV80JDFptIccLT5HScUDWL8tXfwEXUBxr2nFl1vuy0kRBJGISMwCc3AidpxyH/0l1Ey9QMv2XhcTnd9PAV3L6WDH1RqzDPjGTSbte8WrZ514YhpTPFPErVud/MhuUvjhS7KgZKq0N35xqN8W885jqyHtPSGWoS+OQiUmT4Af7tWmDaWSWeh21kU48CEM88eFvag== X-YMail-OSG: iouBPhEVM1n785SaJOH_M69cT2wMv43zfY6HejHyzt5VhOnSjkHuO8ILA2aTmyb 0QsNvapXs_0uvhnHfUR06YteJeEgHHSeq8ezgP2d3AgJKZl5QHvNURPgNkDXVgLnWDN7aqgOwCcP zWuk7wFRHqwd4YKuB.vlcGeqosn.I8ahV_MuFerTdRcJKeUieL3rEdIHwtM5AkJ38myLDfu3EnKz 0n5vLrc51RclMjnUYoJA2bw0g2MpMN9bjY095h57zDURzuSHnpO9YnbOCM4_4UFy1gIG2f28.F_Z QfFzZvwm89FW3MA9g21GIkRYMiKR32EC8xbUEiwMFAHS3HIeLhMQ.lNDny5jHUYuUmLf8DF7cLPV AKbJIOt1XL.hT2sVEd6qE601_.2mi62NvG1D_9eitSS_Y2DQyUDj9pB3Bl5WiP0z94Yokwv9NBiv T.qrHDIj5OYwQ_EXMvZNbY1zeKcXhzWc19mtVFTB2cNe0MmKhyuWJVCZN_0kXDHD9EyRhHFdWgOx bzXiCLo97RpDMoBmV4qpKKbPKQ4AV4pPlWsUZx8AzchqsUYjjE_Y7j1yjm1dvRPuCcuAiKuvzSGV DqAtVB6Z4mr57Kd2329nTjU5eLkD18_bUPzXCW43_XKEzT9kp7Gr5OYj4Dj5oyXCATuxAv6Izw5s XzFhiRfOQYOIqC9w4an485aeI7cPY3nhoIEQw7Y8733T8clJ_63tjiXF3tamGYy.l9Q5KtBRJSOh R9UR3MUUv.VDERq4xPG15nSSJxAnNuQ7OnsW5NStqljBTgSF_fhMgPOyu0XZxCnEUbGnor7PoNPZ r.U9X4vQmRgysei4KmpRk1F0yyw9VLUKXAclKA27oktNHoGSrATITu2HBfZqHf6T7rzFq27ylV6A 3ZV0KmjM0fyS.cLGbYxnfDp0pooMHK2HtTDu62rBznCK10RXFZIo3m_y6nGh31iic2w54Fk1cNZs ZctL.VKzVTZ1nWFU39sz4H9jhxt35oc5GL5OlyFcUhD1aq99fAUpvOA6.9s7_DAMJl2E7R7jgXH9 f.2tQ_LE7ZXtY6fWm8ChJddisA6wGl3rXGWpYkqLs.wr5ti7iFQB2vxA8ats8aRb7iU.2Yqb.61q Y7dP4E8SqBj.xwISYJ_Q5ZcPjsU_H_LguuJUn9JGR8jltPbUMQvHOByRK9ALGcPyqlAfS0PkQHUO T_vlSFis.NChkFRqep2jQQlECDLssCrbQPRBVVzsjsdhToM._6lFPQKz.x49A4P2UiipevfR8hii vBCW5gaNILeeejx1zuoHIHNal1HbendOMutz2knB87FwGmuyOBua0DPlKO4BrB6DLzopCy6GDJRK TJsFO_imdTx8g.ZOtLAZvfC.ldg1cvrmNLcyovmXs5WK67Uk3piD8src0zoYkHMjIamBUPjgwdnl Kcu.NEm0cwiOP4HTPLUrWOzuIPKyGWPr3I7eitjCjpBy.3lhSJSm5YlTf_v81i7yD_dLwxtpVAAO YD0EGd_j.Yg2fneyYnBYYpMS_wfUCCIXvbQgLVOvbGDDz9oVpXCjkbJkDAorobE8Z_pwHEHNyieK GTOqUoEYmzVB.5MgWNH_tkd.OiHZWv9ZYqN.nO7OTVolYCophSpMXG_p531cTkn6pMF3wd.SOFUf okT4f_VH93oDa7A7kOTY2I13CwXCCxan6MExC.5EdfFROm2h_xoRL7Vb56D5.UIiUWVzb4kAw9jH P.ggwXIE8IOJj2lwvKci0S_1w74d3cZqHrgHutH8N.VBr5hrM0vsyLicE4z7Q4ce4HRwh5hylybv ypnMcfFgLYB0wWfOJaU9Mi_bPx9EqwdOR1qULDSIFgGO8sS1SA.ATn6gCczpLY3YGczbJOB81WYC 4qYsa9.b9HLPOMdLjytsPHHDoVBN2GfRiLHv8Kz_IoZMHkJ49EixPc9wU49eT75VdlGnIVd68dVg UfnwtU.v4TLuud7J6zB4K2EFduWBpvW0LwjB_WLic4GSvtYWmRFJDcPHPsIlMBi6NeNZGvm.yasO RcFuJM_ovtXbNN7T9sbLPHj2JEhTBLDZbxAwQciF8MDqFjWUGOMHLxjiutmVk2d.g7vK4wbd2KYD CR6jmWN61CCjRfe4Yc1IyVJlbVcW7bBIdbrah1HxZLZ5GP2NaSD22kna1rrYHVnTEnpbJ5Roqg7S F8oK6ofpSyMUDsXL6cn_qp40Hjx7AA8gsWaygDNk1EjCFB5uf53pimSk.2Xz6Bu8KqFJxNLYuEXw juAOCLMrbLVskv13AFIrOjpIoZzwIGKKV0OasyE652U91SwnixD.m8DU8SJl3qar8DFHk_4KC_bH pFpEcUCTjxL0UiBY3i45PjbiRa2y9Z28- X-Sonic-MF: X-Sonic-ID: 4d870f10-17db-4c7a-9f90-3f8f3bb0fe94 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:37:36 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7d01bdce50daaea0f4f6c5183b4a656e; Fri, 28 Apr 2023 20:37:32 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v10 06/11] LSM: wireup Linux Security Module syscalls Date: Fri, 28 Apr 2023 13:34:12 -0700 Message-Id: <20230428203417.159874-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/sys= calls/syscall.tbl index 8ebacf37a8cf..178e2792c251 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_list_modules sys_lsm_list_modules +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..9cda144f9631 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unist= d.h index 037feba03a51..6a28fb91b85d 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) =20 -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 454 #endif =20 #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/uni= std32.h index 604a2053d006..72022ffd5faa 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) =20 /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/sysca= lls/syscall.tbl index 72c929d9902b..c52e9d87f47d 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/sysca= lls/syscall.tbl index b1f3940bc298..31eac3c99d84 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/= kernel/syscalls/syscall.tbl index 820145e47350..5037fa1f74b8 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/s= yscalls/syscall_n32.tbl index 253ff994ed2e..29545b3ec587 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_list_modules sys_lsm_list_modules +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/s= yscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/s= yscalls/syscall_o32.tbl index 8f243e35a7b2..d74fd86de2a2 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_list_modules sys_lsm_list_modules +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/s= yscalls/syscall.tbl index 0e42fceb2d5e..d1a5f3120d6c 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel= /syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/sysca= lls/syscall.tbl index 799147658dee..96b7e6b72747 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_me= mpolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/= syscall.tbl index 2de85c977f54..1a75a599bb55 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/sys= calls/syscall.tbl index 4398cc6fb68d..80b165091f6f 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscal= ls/syscall_32.tbl index 320480a8db4f..130f9feb9eb9 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_list_modules sys_lsm_list_modules +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscal= ls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr =20 # # Due to a historical design error, certain syscalls are numbered differen= tly diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/s= yscalls/syscall.tbl index 52c94ab5c205..2610aba19802 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/u= nistd.h index 45fa180cc56a..93f89fb06ef5 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) =20 +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 =20 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/pe= rf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/per= f/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/a= rch/s390/entry/syscalls/syscall.tbl index 799147658dee..f9257e040109 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_me= mpolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf= /arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr =20 # # Due to a historical design error, certain syscalls are numbered differen= tly --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 434E6C77B60 for ; Fri, 28 Apr 2023 20:38:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346714AbjD1UiH (ORCPT ); Fri, 28 Apr 2023 16:38:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57806 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346543AbjD1Uhy (ORCPT ); Fri, 28 Apr 2023 16:37:54 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8EC7E2D45 for ; Fri, 28 Apr 2023 13:37:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=lQV4qS4iAA6JHAaUPQfN8v1+i+4alOLehWL92wPtJI8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=nh6ET2+Z3QWo0eKhqPUajv4qc1BlJjdmmndr8Wr9QByuLvxdomlYutGSjVLfUdB3IDPFVDcFyFoUUJWuoBobmOuFYutdHf/hTFajOI3ecbJhj11ulyt89hrN5TaUNjjsK9BLo9E8OS0UlvhZbIeVZ84ERGwQ1a4vUHzhckjxrG2lzNxGvgo/Xrlua//wTb1jXjCWCW/V2an4JSu7cEKk21nCkdi0HbKlHxkHyEP6LB4l04ML1kUmS7EDL4/0K9tiOPdbrQLpLy9UHtCbYbq4c9YRwKnn9+pFaodZMf9JtoxA4B7kvrj0/1vwCdhTHzhc2GSSaUocAsz46huMoPhigg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=0bZGVNHEpelPbcy9q8/ySw86NZlcoU9ywmACJ4SdTo3=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=D+fuHVikdk4/nvabeRburQ59/O7Rz/Y5Q8/a8Rp0RZb0GM+Gn6yV8IsjJ5l+PyTRxl7LlQ7t7ekbM+kGk6MgOovJIrYTWbJWRmo4+DfcFPXM2sS/miTOmqZiI9hnKEqGv4bF5wsKgFvoOQNvy9cBdBHT/VsQXo8/ZM5dBeuIB5SkoLCFVVyIt7ODpC7Xfnhuj3gqrl/MAPXqwEmenuKIiaazlu5FUk6osIAYAvZ7fqdSXcQ3fc91dspjRZp/lFADv8Gxn5W8a+H4iiEF34iptziuW+CEM0SEeYCVMucnPzZohr1OhPIQkK7HZKntxM/d5afpkOaI1iG9CURS1prfyQ== X-YMail-OSG: zNodHMAVM1lSS0jBZ_tvQ_3JATjgb6CStAJrEOrrRZdSVPrtz_H8cvx6WUQNtnH Dpd9XLvKY2Cg.WV22ptotbzCZZPDvt9DKjg9qxUqxGCm6mu4lk.zXX.4iLwUOsD5VENQxaKY28ar pyRL33M9i2GS9nJEqNfUulpWMIR68N2u2j1IFVjhlmjOvWCBtjdXJFtEFHOMVsbZJYBqWkf_Vvb0 k2U.KQvoIabZNuzOeODhtMJbt7BjVIH5FTlxtmy6.2Hro.wxA_UxR6NexKdxHgPk_qRb4rVGB65S lMMr0NJ0i3UWQmf9nCITVs7zwBsCM06MCDrOMf.aCa6Au6bGf_0.kewDQZPh8IjW8YLX2SytARs1 K3eMpY27Dh4XuuW_dptiYx0_hp5QL74e1lMSZhomOhukUTMu2Jp1WWFtKx6AcoiI4RI14NX4jR3O LeNdagAAr1IR0RA0AtFcviVg0T6mQAu_idZvMjmWHAQf3p5cuk1pK6gVWWoRP4hm.wPb87Jj73IP Wwm6UB_MtdfmSUqeeWZ5TWnUr8SowYb.aCtfzkfxOfc0EcVyBFV_I.pOtXTWh0KC26BwjGeosOr4 x_2b34lBJry8_R2KQIvKAmRZAqDKdKkIXe0ZsDj.IK.eIyOqQmwxXrc47kqOnFFinwWN8aNpKq29 QQXuxKgN_aq31pOes_mwL7nsUtRWwcudnETqYiiWvYKA78B3Ka1BDyEjq0WoWMhduMvJP8OiDUhc glSubL2BxiT0jkHo0E_ae6YaNkmApTWZ9nomWFAkl8kd5YKZN1SrLkgYZsOky0P0ADIvzTWnNHmF ilcrhsoZ4YdtbcmV56Ahxb7kLkY5.FtiOHEZ3nKKlNglSpqYiRRrpX7fPfVqY8otJGWbE_AENhi5 yYP716VmNSeIEu1YARictitLQyOI79A2774COZzz.9OtxgQiFaOKps_nQl7ZiUyGx7AUAaiMM_AI LrqVOE3jjyyLCK8NMr8WyQjCcULUc1.tJ7lj1KM7ruzYFKciG7LqcIKHh3R8zY7pfQFW6mXw6P1L _M02bjth0cxojCXOVQDVOO.vkO8KeW_fzz9VKwFs5PY2I5O9wayQ05_eqqQgEhRyBKPnQDIEw3Od xvgeouQmkbCx7Efv9BLUCGWCppZBdGfhmsk10MgfwSMnOtbTs9Az_bU8gS1Nw22PKLysORRoppgh qGVyBjJJ5eMJob.lV1imxSmB1mNl6aPECDy4hNYs3_O45Jg0QjsdtyD4bEFWAfOxfSUp_o6SFmhO i4bMMp_o7483.LFsCcgQ8FYkGJ_LDzNcbzfX3faeVEe0DNq0zmDFo5jFlzTjBEJ0pl4_TCsNgmIG 0YG5l9VnkW3dbG8BmEVrFmUiVsz4qhFSs5_4tUI_83kbmg_wFZhRWdIqieQVbfQ.n5FA1.b4rTye 3_DpeczYIFn9TYabQx8liSCe8SOgRKR9lmOk6gjZef1oq_eEmDgO5h0_x_J5nBu57.O9HKw69BtL uwCoDXUwQIpsoFhKVsZ2QiOvkwFBUqTQfJ6r1lfrSLSrHgQw9e2zs9ZX_fJ6V6hs.MyersF59Amm 2uEbtvZdee3wI_Xqh8ynGwZWdXHyvefc0nCeX4InbXgp5_cStSjJVnMxfp.7G9cHKUeaJiNnu96B M_w5gE0BI92Moa0rXylApo1aKgo7vcj08Z7esGZ6GRK7LwC6mpRW8eV2cFmNsekhtkx6FIPd6xc1 2bHKeNyXSHQN7GD.i_YQhRdz_haUZPCPmNHiXt93LceUFfrv2Z0jVvaLZChK_Z8S3_lZsvpP3Czj BpADh8MuuMOpDK9h.hTN20yZqtRFX2u4GiebZZJpvAEwZ1Xwo381BLnC18sDBGjQ_iJFaokRfaEZ _LlfPctTB3.7R.eRx5Rfak57nWp9bNXgFB62hPLk5.3hdG7yftFTAHITI9KLJp5op5JFHmPpVfdP m0afKVc5LEDwcuBqEGIZDFRcoXhvLXmF4ihPzF5KuR3._KBvlrpg1bTtDBdaYQcgvxOVFC7IYvqC pG3JwvW0bOf6ZaA302Q1sPCx6Td8haUseI6mBHZY9KzBVdFc3GxjsW9uhBro5QxULk7gqGu0Of3g _ikX9OE5JQu8p7km.laSVUHDCiZkdZu7ADEH8CVUqvEpe0RBqnP_1y6AeqMZW66zWspSqkC8O6JM tgchAH1usTHpDzDk8nusLxQ3Vh5pwXqM.BpTccjJHrCtz1van8fV6x48w3v5akYu_7mYBQoVKOSS 3w3Hmaxe3OHDSujS.JqBYCvV1GMHH_lsTRxFcYQ7yeGmNoQdKpjJTwoonQDC9XgXvJFoaJDP6MCp jD9AmMLwe8ROwNwzdI.rrNAukDL1low-- X-Sonic-MF: X-Sonic-ID: d9e9296a-feab-4253-ad57-7ec3ba70b136 Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:37:36 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7d01bdce50daaea0f4f6c5183b4a656e; Fri, 28 Apr 2023 20:37:33 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 07/11] LSM: Helpers for attribute names and filling lsm_ctx Date: Fri, 28 Apr 2023 13:34:13 -0700 Message-Id: <20230428203417.159874-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. The .len value is padded to a multiple of 64 bits for alignment. All are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler Reviewed-by: Serge E. Hallyn --- include/linux/security.h | 13 ++++++++++++ security/lsm_syscalls.c | 24 ++++++++++++++++++++++ security/security.c | 44 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 81 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 806bff425af9..36ace59f9171 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -263,6 +263,7 @@ int unregister_blocking_lsm_notifier(struct notifier_bl= ock *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); =20 /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -491,6 +492,8 @@ int security_inode_notifysecctx(struct inode *inode, vo= id *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ =20 static inline int call_blocking_lsm_notifier(enum lsm_event event, void *d= ata) @@ -508,6 +511,11 @@ static inline int unregister_blocking_lsm_notifier(st= ruct notifier_block *nb) return 0; } =20 +static inline u64 lsm_name_to_attr(const char *name) +{ + return LSM_ATTR_UNDEF; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1420,6 +1428,11 @@ static inline int security_locked_down(enum lockdown= _reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *cont= ext, + size_t context_size, u64 id, u64 flags) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_SECURITY */ =20 #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index b89cccb2f123..0b225adfe5f7 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include =20 +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return LSM_ATTR_UNDEF; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index 94b78bfd06b9..8c877d639cae 100644 --- a/security/security.c +++ b/security/security.c @@ -761,6 +761,50 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } =20 +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * The total length is padded to a multiple of 64 bits to + * accomodate possible alignment issues. + * + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM + * if memory can't be allocated. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen =3D ALIGN(struct_size(lctx, ctx, context_size), 8); + int rc =3D 0; + + lctx =3D kzalloc(locallen, GFP_KERNEL); + if (lctx =3D=3D NULL) + return -ENOMEM; + + lctx->id =3D id; + lctx->flags =3D flags; + lctx->ctx_len =3D context_size; + lctx->len =3D locallen; + + memcpy(lctx->ctx, context, context_size); + + if (copy_to_user(ctx, lctx, locallen)) + rc =3D -EFAULT; + + kfree(lctx); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h a= nd * can be accessed with: --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B6947C77B7E for ; Fri, 28 Apr 2023 20:38:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346685AbjD1UiE (ORCPT ); Fri, 28 Apr 2023 16:38:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57794 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346524AbjD1Uhx (ORCPT ); Fri, 28 Apr 2023 16:37:53 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1FF75358D for ; Fri, 28 Apr 2023 13:37:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=LTS1pTx08eLAAQC7xjCKlQuLiNjDTRWf5GssFiZ3X3Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=dXmCcDcZlpul7oDWsaUE4GxMNOLHFh8giIOStCCnhJ2WQglmiHNzJ6mg1tD9/82G0nxITAdKMc+dQYg98H46/Mzm86rCVpxHCd9oll7EKufah4SpECPw4Xa+PGofK+jLTeMLGidXhCcXhO4EPHReXNmfD5scSEVa4reCyjElzlbkIWp0H70cjQdO0uAnF2rYso1/gLzz2ONtyaR6F+v72YTI3q5g8M4N6KcaZmL75xCZPrywTAYnTkdwH0BdqtoSM8YWFwHiCZCo10Fe6HPPAXCgqKO+9Cur2zGpN0jM0pCitCyX0lb08/Yu+fsP9sg/P0g/9XSUqxAsiWF0WSs/0Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=070TMdjvPQoI38f46t+p440WNDJpZ+/IkWhCfQnXmPY=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=WapIk/yBjiL2I6JHvLTgmXcpd04+6ti4guy2Obd/79In336PiVrvLwaXwgMNsWc3v6LM3F3s8CRWg88J/4XVFLRfZravDG1dwgFIaJ+FEk7YCS06kNLhAG+fNkX1MUSOl5VH3h8BPNdB+S23CE7sJ9YxjPgWTndb8y63kzgavEPkf/dVmIRmc2cGY4JHxaQOwU2Mnzb8u2gvmKkV2TXE/0bsuHoVocl1M3tAfQEzobRPPbLOc0A2DEwahChfHQN3sUpsRPcwJncBZblAursVzBTuYlYYW14HBgUzsAVqPsm0DzFCr3uqmJJjywxlz+NcLoGIEZt6/nS5ca3K2DabEw== X-YMail-OSG: KdlNMCMVM1kFzMPptQ_TfMAB2kgg58ysBlmoW_Snia4jc6.W8D3YP2Ub3Nh4mtz IYJpy8b0T2DE8BsMr4iRbCn2C6wpt4XBQqgXnYP1uYuQrg.0VQdjxSOeLjkrUF7Wo9SB2ROY2m28 BLb.DnALQJktzsbwfRZQiVBeLI7jMLKpi8bynejkJ3etHUoC2nlrNJcA9cHTNtMBae4IdOaAVk1m J7nRLDEsoWFAcx1l8vxXEbuokM84Sy0VAjKglgOUcGuIJcctOp3PPV.QFPxHILwvXvl24Sex5kQk TGLLVnDzrYlxIf2JKs1a7Oensam9e7W_REQdlbxrBPdSii6Mhd8ebAJF6nDXocMBci6fKZE4ABjg IEzaqg5lIFvtHmgG_ntOxBdoVLVWJnB8AQ.vmgtfm5K_JJKfe0lmVj3fWGHHNHcMNHDSC52_Ewvi HydA0d_zoz3d6yWtllYDjyfuZyPfdTm85wWkj1yjniL076.NsFX5_4.SeT5.GLIo6YrapBVUAyaL MDjfWsOkQMSdqoywjDGbvcuM3VmleVPYx0nCmy2hF6n7mt1dD8b7nkgPtIgX_CVkU4pTYgH1ScWQ ok8eTMdXiaYo24XkSi1OtKnRfzsMKmJUK7oN0P5P_W3wYOEtMeSWLuDWZfIodIG0qvEmnuH5mm.w y08OquRK8L6gUlc9gfSmb596FK4DPWX4kXyMZLPKr8nS98zkiAoKsqoE8vWx25D0fbcfvqUri7r5 UY9bHEh_3gBcxWCQ7AK9XjoVWzotIge7zUVSG0EjU7cPY8le9O.O5zcjN14caZK1lEewP.lkdkP. fwwMLZySetViKCRujCiTYO0F.vqk2GnFXD4HKxXWkDnE4t2TzAvLKd09XV6mK9qkR32lK9ZCYIYj S8bX.LpL.71MT__YKKvaqDwtfwl3C8aJBsx1v.1qU7eo5AwLiJab2f3O7hxaCTebQKde2sgSNsck kjCDu4Ymdhrjc7aQTc7oi5AyDmaEqx6xbyWnMLt2meZgoAYcUb0OTLD8rsheZOmEqhxE9JuBEhWS baF2c8631RgGcxzQMCoUWgxr13sZZwLocZvQ.6zStGwHzndeyL3g.YK8o.KXPau845Y_X3SMJIMI eUWXTrMmKnC31rCY3wirl0hmi1uUQ.8gfKDD2wF7xmbpX__0AulixZStsTX9xFbTL60GBfp9hY9F PzPQJXFqRrGyP7vCgx07jUGtfCuOs0teg8B5YXog_g7HYMWvCNhTR9C0HYoxhnM3CRS17mE4hg3o h7R06e0FaqrpBlvgO0O1_Z3A2CVS3M2kuwQqp0jDNHP9nVpGGcfTE4yuGXv_gKEZ_zHEnm7r4Gyn HN6kdkLOUmq70B9HEXe.xOOTanCp_j5RlPNLZyOOD1Vqy4oyWxlspU5nobr7P5ZcVT9RdU3NADoU 5tWnvm.6lNOPP93CXwVqK_YkkYHznQ6cc9IW5ta8YasIt_ZRdqfRsHVpiG1BMHzp96_eCYP.rNKz 64iRp1OxKaDAnSpAY7LCcTtczcTn8epu8mpCsczplSLdow4.s_00f0QpHcS18AcZpyUFmi5.9P7n QutR_DWoqThQmvASRMASuLvAittey9GG_sg_E4XQXTwFCI2FEKMvJ_xioDNQjwXzxemUE31mQoci GwtragiHVI5O1sRRa4xB7GgWhPHV70XZaV2bRSBL5fAqRBQ2InGUcGmCpMYM5y.SdfDPgg3PpHL_ keh0tuyxt0.uC0NdgFPzz1gxt4oCJqfMV654xh19KUVk3oADbKOFYkZEpr7TcS4yValP1r4n2nWX JTVYuDxmI7IKA8DlbCSaTKA.7o2qD_uIR3kPqGN9sHArswoD2YoPVMZXlJ.Y2RkBv5PvrKNdB6dn 9nDCE8gQiWEtJoIjUOHWiRpx04ACIlD94c6kv3yAEmz799QOpjMA7My184vni_gh9gD8Ulx_qKmf AcS04pZ98irKL9.fNCJz56zeNRU0xi79EVDxvI992KJkSM_DTz08BKj.mU3s6DtXvsMzU8XYY.rC 69wK04TpDQoVNVQEMNOuTOpkmhQfOCDYDM9rr0UTklEJKePjQy6wIF6DhSDxiG91F1Qz4J22zU7d aln2JcwU1hPJj5.e5CONw7ML53LEOWNNxJcEluIYwo58cNVATag79jeRWc8ijAeB5U1I9eZ6X6y. TVN3_IGpxybtU9NvFXy2JqHubt5ChfIv5.Hpf5oii0ujWKVD0NUaKlifw1lzdT7P5GU9JCtG11o9 rFihe_WKTFiAVmXlb5WTiIGnKIvxJis0lLEu3MiYYKpb0fiKy0AGNaJgZReUtNlNeKa3P0rpRz_n OEgcfCC06jcuUepX_gc7rNwP.PXhdgg-- X-Sonic-MF: X-Sonic-ID: 5606c013-a946-48c9-9074-0d9fcbce0f96 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:37:36 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7d01bdce50daaea0f4f6c5183b4a656e; Fri, 28 Apr 2023 20:37:34 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 08/11] Smack: implement setselfattr and getselfattr hooks Date: Fri, 28 Apr 2023 13:34:14 -0700 Message-Id: <20230428203417.159874-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 106 +++++++++++++++++++++++++++++++++++-- 1 file changed, 101 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0b466d3b31b7..def13357156a 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3552,6 +3552,45 @@ static void smack_d_instantiate(struct dentry *opt_d= entry, struct inode *inode) return; } =20 +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 1, the number of attributes, on success, an error code otherwis= e. + */ +static int smack_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + struct smack_known *skp =3D smk_of_current(); + int total; + int slen; + int rc; + + if (attr !=3D LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen =3D strlen(skp->smk_known) + 1; + total =3D ALIGN(slen + sizeof(*ctx), 8); + if (total > *size) + rc =3D -E2BIG; + else if (ctx) + rc =3D lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, + 0); + else + rc =3D 1; + + *size =3D total; + if (rc >=3D 0) + return 1; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3581,8 +3620,8 @@ static int smack_getprocattr(struct task_struct *p, c= onst char *name, char **val } =20 /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3591,7 +3630,7 @@ static int smack_getprocattr(struct task_struct *p, c= onst char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp =3D smack_cred(current_cred()); struct cred *new; @@ -3605,8 +3644,8 @@ static int smack_setprocattr(const char *name, void *= value, size_t size) if (value =3D=3D NULL || size =3D=3D 0 || size >=3D SMK_LONGLABEL) return -EINVAL; =20 - if (strcmp(name, "current") !=3D 0) - return -EINVAL; + if (attr !=3D LSM_ATTR_CURRENT) + return -EOPNOTSUPP; =20 skp =3D smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3645,6 +3684,61 @@ static int smack_setprocattr(const char *name, void = *value, size_t size) return size; } =20 +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct lsm_ctx *lctx; + int rc; + + lctx =3D kmalloc(size, GFP_KERNEL); + if (lctx =3D=3D NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc =3D -EFAULT; + else if (lctx->ctx_len > size) + rc =3D -EINVAL; + else + rc =3D do_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr =3D lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4955,6 +5049,8 @@ static struct security_hook_list smack_hooks[] __lsm_= ro_after_init =3D { =20 LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), =20 + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), =20 --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AC13C77B60 for ; Fri, 28 Apr 2023 20:39:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346667AbjD1UjS (ORCPT ); Fri, 28 Apr 2023 16:39:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59172 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230001AbjD1UjP (ORCPT ); Fri, 28 Apr 2023 16:39:15 -0400 Received: from sonic305-28.consmr.mail.ne1.yahoo.com (sonic305-28.consmr.mail.ne1.yahoo.com [66.163.185.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE16E2703 for ; Fri, 28 Apr 2023 13:39:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714352; bh=dk6nPx7KI0B1wBtWvhroENMmWyqVzdGGKnyis/dzhBg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=QPrkQ/USPqIEa2AdPgfojFzATG0Mlul8DJUlXTq/pXn2xGWsgVvWT60JXAlzEJLij4WjYbF2o9P5Bab02qGlTV2OnHTaqIm+N5/+ZgQVAyM9GUlKDhwRTOwYwkYfwvY8C8nyaq/YQ+YycrvePsmnN10y9hliuTOrwSF0xaGk4prXKi498Xb7vIFHwNdONniDk2p9sRTq8RYmywMWJQ659VFtKmfW9pQvrMpe5157xC2oW2ua0FD5jTDzefePlqJlV+YLMxXwKJPEt53u0RgEdry7Qb8mcXglZ2Zq2A68uzVy9WKSkRNjLetUxGdbolQ/jdpDQkfmfzre1C3D6vbpwA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714352; bh=tTQ40JbD3iLZfr9Yuei9ZDAV8Zlq+lPRYigpKnhP83P=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=qSLAOvRbHftbubbqcbTalmThuamcQD3VTpT0RlGKlkftqUF7eeF9UfbVv1XBltP7QK53qTkhgLCLgbkUC7SUbcxApleQmNi0bpGPHbIgm+YHtYWelOxwEFXmGdW/kvdeL0A1/0lwKk8ZCOkDEMNtWyms5rTNP+vPMPCyQU8I+ok2kcoUluKVmS+ubL7CBfk5tm35UkN5hfQa1tJZQ/7C39E19sANlNdBvOcVlPOnNPKZVWkp8lO5NYmnVXz/0sSrlnG9NZrBor1DgX4IvwpPZyZATF46noBMVWOUiyqJ94FAFBPfPtQHeQf0DzbfbcdDwqDLW3mdWf4OiwUddPCYRw== X-YMail-OSG: M88q05kVM1lo22HKu9MDCxz6FXEhgKSEkzNPPCRxUw1p2SihmatKAGHepkxu.Ln Z27tRqvyXjPvciM4UELSl60DUbziz9P8G4cQz8WqZM42F8nXiK5kOg8iwTby_qe1AgOm7dAwhNQC XE5FzCNeUm5r0LI756AMueAYUPI5lCAnTih.ph4bGQjpE_zcmvcDT6xwZhsnuQJxdYE6bQk2oTPU jTftpgYTz_ZgCd3iA4BSvZ0QOUOajvRusOU1U.6xIGiUV1VAnNRtD9u30TwKNNwMuNHf3nMYGg85 Wo0ESSvRx61zYDD9cFlLUlnoTtUVxvhW08P.aw45dzH4_.in6gvhs2XIld75szT6yw8UzIetu_oD UQ8T8RGiHCxxL3S8Duxy5oJJl3fBpH_toxkCGPE6W3bNx8pxa6YvxwQSCpdlBN8QR41kmKVHUYcE eGNVSvCDRcLKYUFD.cjIogy_yWKD4tO3zHfdXUmX2TWs_lM_gI_BFBBV7g3rAeI181Jdy69uif3w czczrPEa3t0LFARbK0yRt2LyF1ZHHqxYc8GEZlAK_8_Uq_B.u1qSFSRTTSTXqyDVZY97l9pt1WX. Z6Kj94pJdpwVSUgnG9Fz0UHhO2hzrNaCnfX6blx.FyDwj1B1TOC3jejieW_SsCpJJYuYJvUclxIE _URSwd9ZyyHamIrDiFCzB6kd2y_Vah5AlNY4JFCnJbj1O6M6Gh7WT.En57N1rBWL346BFI8sQFkA ArJ8jPg48iJvzr9yH6F.DIcOsWZbahy0gCsk1_gucLnUBUPrjR5IwK92KACbUNDAGCm6Bb7MnqSb KUvG0S4gACcwQlHgV6ubQOKi9cKnG78lGH5jt5Nys3p5Utd3MYGzXJFAHHSo2g1LXI0Azqcs8ghP ZT5_XORpJ2uJv0xZxhhBljLNHdtzkluPeaw.wlvFW1sXlhsmFHdjC0pjLkb8RRjDJE5YbCNjz0y_ BvAOsDhf4fmxyyvazrxNoTKqokn7URiXbYprM5mr1vRetAqE84agBvA9j_F9QIr9HhzGEyaX0Yy9 HnQCrB5WYf6v6O2uh3YbgyNOEUX0VsHyu5ZQJ7iJ28Mdl_hTMxOPVkXr82t6Ic8BsioMhsy4eeQR 2TS8co_e8hyrT61Ykf3vUHQ4AFz1Xd0ZYgbTrVkdsUcisqz.BOaIKNQNNuXtmKNzTyIbApvbzRW3 iqt9kN5wVASVvqgrAA0rO9KDXtSG.LQtaWYanVkfCDfraWV0UzVh10vk3kdUYG4KRqwf6jrjyP23 9ElqHuKm3QnaGPJLJzG.GQ9jPrm4LYb6FmNYKjFDCj9JbPa73EUexPbNl6r3f8yWIjHhxywv3w5W O_3qDSvTfKemtg9xusviqRLaLXVQZ6v3WGlT0wn4dxqAnU6Ssg9VEkd9rE5Ug8dIkwbHTjyaivgb LOozOwVUIObEY5_fp5fTlcpxdZd4If_hdb3MVisYc2EL7hjgUjSIFTm.Qb8doW3dWeBHhy8qJOlu fpEMCSq0cyOX0xYbKPTelYPaOgzCuy58m2gqKBocI1RbWnnugEU7xSbx9HlzkXiqaSunGsh9V29y 23CDh5iQro_hVR6MeBpDU84ViF8_0ifQZtIYgEyKJ86N0Szon0lU8IZfYXl4GH.O4lxf3au4hMz8 11ave0wOl4h5GzTjKhleKNCUd3CJsN_U4LCIL80nXjpuT6vaEcyNqwzU73jQgBx671OLW7I.XfYt W6uIA5fG6GqhN9imbHDPnU3D82oa.JKcfmU7M4LPDqioz1mJGSB1z9YRmbmVEvLVDnDvp2awNe3O Dzocy3hXdixLGZbolypAlo074twZbpto54LmNlCu53zwX9Wv.Ny5T_eoxbxhpjZ4DST37ciP4oqt QeRq_sjPGlDoqHZYtJWu3SV0Qo8v_jbgTsKMrhoc4A1x6S_f2BkilU5tDN.siTGrCFo1Tk0IZwl1 LJc2JvAHkhuFQmJbJO87TR64sq.MbAkuq3LnJ_cwTtnK8n4jTqzHx44itYLmQy7l6NIUOEfKpXsA d4q0D3CPpz3dFCSywshMkk3ahQ7sI2p0c1DO0_q57OE0ZIQzbFo8I.GHLVo8nvOMntKuPFkElpww cnqtTcFjo7eWWreVVhHsu7wuQuw1N64JiH3t0WG1hLdhWBPYFzI5.kLPoCxrOx_ash2EXDIZlBc2 GoQV48f.ZQCy03_Zb8Yk85qs25J8cc8EgqEtdgfzKXq4E1UQGeXDf5DqSVH8twhKu0Q.rrM7Qs84 mK_S4Dvx6coZn.nlqdx2kObg1GmqCRYuhdlP.z36eL20eGVuiSCs.J39Ti1WyJsX2SanLUdGpxXX ueE.K9RSPul0lNFj7fwKaU5eXt.6h.w-- X-Sonic-MF: X-Sonic-ID: aeb9c94c-1fad-4ece-866b-a9200b180153 Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:39:12 +0000 Received: by hermes--production-bf1-5f9df5c5c4-wvm2h (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7872f02abf9ba03acc5bf1902aa8c755; Fri, 28 Apr 2023 20:39:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 09/11] AppArmor: Add selfattr hooks Date: Fri, 28 Apr 2023 13:34:15 -0700 Message-Id: <20230428203417.159874-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 102 +++++++++++++++++++++++++-- security/apparmor/procattr.c | 10 +-- 3 files changed, 103 insertions(+), 11 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/inclu= de/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H =20 -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); =20 #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index d7f22b0cf03f..6e77e885e167 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,54 @@ static int apparmor_sb_pivotroot(const struct path *ol= d_path, return error; } =20 +static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *= lx, + size_t *size, u32 flags) +{ + int error =3D -ENOENT; + struct aa_task_ctx *ctx =3D task_ctx(current); + struct aa_label *label =3D NULL; + size_t total_len =3D 0; + char *value; + + switch (attr) { + case LSM_ATTR_CURRENT: + label =3D aa_get_newest_label(cred_label(current_cred())); + break; + case LSM_ATTR_PREV: + if (ctx->previous) + label =3D aa_get_newest_label(ctx->previous); + break; + case LSM_ATTR_EXEC: + if (ctx->onexec) + label =3D aa_get_newest_label(ctx->onexec); + break; + default: + error =3D -EOPNOTSUPP; + break; + } + + if (label) { + error =3D aa_getprocattr(label, &value, false); + if (error > 0) { + total_len =3D ALIGN(struct_size(lx, ctx, error), 8); + if (total_len > *size) + error =3D -E2BIG; + else if (lx) + error =3D lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + else + error =3D 1; + } + } + + aa_put_label(label); + + *size =3D total_len; + if (error < 0) + return error; + return 1; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +697,7 @@ static int apparmor_getprocattr(struct task_struct *tas= k, const char *name, error =3D -EINVAL; =20 if (label) - error =3D aa_getprocattr(label, value); + error =3D aa_getprocattr(label, value, true); =20 aa_put_label(label); put_cred(cred); @@ -657,8 +705,7 @@ static int apparmor_getprocattr(struct task_struct *tas= k, const char *name, return error; } =20 -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs =3D NULL, *args =3D value; size_t arg_size; @@ -689,7 +736,7 @@ static int apparmor_setprocattr(const char *name, void = *value, goto out; =20 arg_size =3D size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") =3D=3D 0) { + if (attr =3D=3D LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") =3D=3D 0) { error =3D aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +751,7 @@ static int apparmor_setprocattr(const char *name, void = *value, error =3D aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") =3D=3D 0) { + } else if (attr =3D=3D LSM_ATTR_EXEC) { if (strcmp(command, "exec") =3D=3D 0) error =3D aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") =3D=3D 0) @@ -724,13 +771,54 @@ static int apparmor_setprocattr(const char *name, voi= d *value, =20 fail: aad(&sa)->label =3D begin_current_label_crit_section(); - aad(&sa)->info =3D name; + if (attr =3D=3D LSM_ATTR_CURRENT) + aad(&sa)->info =3D "current"; + else if (attr =3D=3D LSM_ATTR_EXEC) + aad(&sa)->info =3D "exec"; + else + aad(&sa)->info =3D "invalid"; aad(&sa)->error =3D error =3D -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } =20 +static int apparmor_setselfattr(unsigned int attr, struct lsm_ctx __user *= ctx, + size_t size, u32 flags) +{ + struct lsm_ctx *lctx; + int rc; + + if (attr !=3D LSM_ATTR_CURRENT && attr !=3D LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + lctx =3D kmalloc(size, GFP_KERNEL); + if (lctx =3D=3D NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc =3D -EFAULT; + else if (lctx->ctx_len > size) + rc =3D -EINVAL; + else + rc =3D do_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr =3D lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1341,8 @@ static struct security_hook_list apparmor_hooks[] __l= sm_ro_after_init =3D { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), =20 + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), =20 diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..e3857e3d7c6c 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label !=3D NULL && string !=3D NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns =3D labels_ns(label); struct aa_ns *current_ns =3D aa_get_current_ns(); @@ -57,11 +58,12 @@ int aa_getprocattr(struct aa_label *label, char **strin= g) return len; } =20 - (*string)[len] =3D '\n'; - (*string)[len + 1] =3D 0; + if (newline) + (*string)[len++] =3D '\n'; + (*string)[len] =3D 0; =20 aa_put_ns(current_ns); - return len + 1; + return len; } =20 /** --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 98F45C77B60 for ; Fri, 28 Apr 2023 20:39:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346721AbjD1UjZ (ORCPT ); Fri, 28 Apr 2023 16:39:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59250 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346620AbjD1UjU (ORCPT ); Fri, 28 Apr 2023 16:39:20 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 46C1D2724 for ; Fri, 28 Apr 2023 13:39:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714356; bh=R0jF7owPjAofxGFVfe8NSr+6LkFf6NiHHVKy2FUlHAY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=BcDApmNlyB/fJOtFnCI1FpNDkOAuiSaDOHEq5dWpAO/HCI5f37jf2CueDt0kg2EXethm65sS/rMnYp89dCp1qKIufvPDUbzZtuzV4uSKF9dyPd/rk6WtTrCj67zJswQIg2GM2oIQ9hk6yGoVht24vPoEEqb0ZqbJBRBE4/Y+53IdBwyNomZUEwMvD6+2R7lLGJU3NZL1OZcc4ZCTj9gG7dZ/Gflnn9dT5xO3XTRzYZUVVRyQmnRXO5Vc+sRY1B1Ywglyka8DEBFVsbT3a/H8MZu1QuIQZm+KmhQGLxFqnwC0qVVBkRsvi4YYC+TEdkZqPrhXuVQGeZhUDhOiEMl9Ig== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714356; bh=QEcyaAQ2FUOj7y3sSb407ttq4zeqqHhuI1/HOYYhNsz=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=tHjeYELFfknpMIg5tD2NcWmQAL6eW77I8fgmAkqLft19+PaPXo4lQlqQwiRWK+P5aKXZW9AOxlhWhQq8V1iJljj9gkIQYvkJhyH6yGsH/fpEnsM8Rmk4mu18KefulfRvArM2BMxm5p5PwEyZoK+EYhrKSxL9sDeXujgWhXPRBAR99p+YJ06Fdim65AXeVX6gQi33+/JFnd7PM8CB51vbAc/16OhdwHDVuJHLWlVNSkZyqLmX9jBBNm40HPbNaPAv0VyaDQbwGVToPcZgVn0QYlHA/k2/DVjS7KeSCu5vJ+P/xPM25ZnfPhxUEHu6bxH6WQqeb3xMMV6E/1pbSsmlew== X-YMail-OSG: ZcnO2AkVM1liitLb9d.7JkxEeOGA9r5fPiy7MJ0vu0OtqUPevXBhuOnywMMn.76 LsdMFYBjxrBpc8dJ4ccmiXU0dquIvb8klcFmrxLy0A1oldUhF9GYC8ai1XsxjOWfj6M0Pe8R9Slt Tr7z6GXkDi1jxKXc6gadr6Q4odg.nti5JuuAKifOUr.za8gknU4T9HqWeZPiAeG9sTgYzcOo3hQ3 r1cTXU7KsxIfyHF6immuYCbWPEtos7QKwUHNVIx9el98bT5Xp1TqZkgiVEzaBYsHTIB_vw9h54Ov woqrpf.IRR3KhFw7c6np8A6stmqE9xLkVZWAhhrIZZP1uFOHim7KCj2mB9EQFx77o4YgfZbgj7TE b4LbD5mRLHPV6M7KvHKKpC_NpSCKtAvzEHYS53ih6jfEl_VenRoJe5RzF_IyK.cJGHkM701ebJ0n J_xpnQW1avgbAfdAtnO0xGs.3xVH_rSg6U71Zkgp5j95IhNiKURvp_M0cgbAy53cgITTWNxPpb_7 kUfb12vohKtXvv8EZ_6ZGUy9OFtwG6_SK2_6R2dRtByx1rXueSpe6BcOdHwy65gYBzcSS6Px32Hz k3NqEcB0Xhb9rZURFFvLIFjgnlgkhGMXLGFUH59naWXTTiAeCqUw3iXJ4A.Zpq96cYhJV7qioncN r1xBQ_cVZQGu_vFQBn4mb7KjWhC_Azv4OW8JeIxKcRW6xmN3hhxbWgETvR0DItbyUbb2sOW6MCpx Opc73zNkvyb_Gdv0QxnZPcxwwfxgPaPAjyVF80HbYnve8kv48J4wwBMqfLzJVOknlBBZF0kblbID uJjZ1Cd.wm1R0d4U3fg1xWtdK35whr4p40y8.xKGByHS2nvPkIJEgyNV31nAc7UghTvwOqRyvtWb _uwF8WRf6Pg1L8s0LHWaEO0EKRad.jhIl3BSfIeL8r5ERMuPCvVWbeQZ3epyGB2El.lSPUwUQ5Bb L.8slFDf.dgX0w4m7r8ULxb3kow9eyWtezXsIeefdxLQhdPiVUgpb.LWb9rIPS4KNNJ3Yq8zHE.Q NH9OpijgcaiZhlclzfOh13eNa.A5voKTnTCCkRaYFHFQdwkK1RCR0o9njfKOF2xXo_ZycqAYRKW2 IBhWG87W1sd8EJzWgeqviKcUWfC9dWWURH6kCtOWAzwEOZfJK5C.PYJUpb0dTCxBP62b2w7SJNn. TLmMUDAPlZcIbv0WsgxXlMu8pSxaFGwWHoj1Nj9NB2Xie_09XfuFGgpjIw2VJS1q.vrNzE1eegRE 2CL56BdkxHGf5xxO705CBKbiqXqaSQ4YN.wcmp2akRzFEWHHwGG8MMc9wc2.KbMbRQU239T7D4ES U0tA5LMeQvWUjKpS44DSpbDgyOl2iF9mKugTn_g5vgq0A7BkbmueALypAl0Drh2_VqOoEiDLKwhG WIneThRLdOQqh5QqcB4GmVIp8j4nbRW5io54V7GQ7sLqLlsC1UpoaHGXiFrzWB4jbSIsayWHuTNZ 5CYdo9zitBWntgfAuascA5K7_7clCS4LRm37erSI1w4OnbaR0lFpZjVZtfV2D2u_vrxk4uITaMWv KD8XQYV5GSda6PnvHqfjiEtb7zWgC69CeGUa3K.mGZ3DtQ79vi69zfq7UMA384hYps1mvLt8Euui Y0TmKkyfGqvbaafixWqBAOIMZPqJ7.gKDc_Bq.3JkMywRDVxByYGIC3plYBZOr_DgjJiCJ8aMttz oEDDKKk0igIMASnd.JSjlCiR39GW.eYbQgsMm5XsM6CnQblYpY_GLlZj2YX.VEKIW.GAx1jlDswe 6sYf0phvlbMJA1GO.gCn.ZQMQLDuBB6DFqiICyuWWbpeZrUujcFcWbOWiUd_zlPntEZFP3W4vKoV divDmCJdpT2vOdIgTqT80qnHfReivP6jhBT4D.tH4IS8UN3_UTwXilFYqVXZ7ftSFlfyPgli7rL5 752GF.oQT0oBQs3HjmFEq0NR9ErnuiimfLlEkoqTMZHk5Oa1kIwOVZB1iaBRE9fnVit0Cfx9hV1e XlALCsK.OzE_HjF007IcwxpyIdom.UISXc73oM1wGC45Wf7CzPrZcRmFTYahE4LYGETiVOqc66YQ TfBvgn4alicC8WdDqB8g871zwsVYc8WK56bDFnP2VqhA03toTDHDZcCCZ0SvgQ40evfFyDcZyMB7 6FOAPcx_BpMKf2AvfJb7C4ivU3t5YrKtB_i6wGUdfJPgfFXl7tktXYUkXT93NLW89ZtBKB0nEpYy 4uZjUkfp5SMW3XzciJhWZZigO76dcYHbifrx0IoCu.IF96R3di2NbXUUruKY41csutovGF3jLpFt 4FjB0wTMT8sxP02jTuBEIE3N63zDVWA-- X-Sonic-MF: X-Sonic-ID: b7106443-eda9-45df-a9bd-a5edf83173ae Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:39:16 +0000 Received: by hermes--production-bf1-5f9df5c5c4-wvm2h (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7872f02abf9ba03acc5bf1902aa8c755; Fri, 28 Apr 2023 20:39:12 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v10 10/11] SELinux: Add selfattr hooks Date: Fri, 28 Apr 2023 13:34:16 -0700 Message-Id: <20230428203417.159874-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 154 +++++++++++++++++++++++++++++++-------- 1 file changed, 124 insertions(+), 30 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2ee92d3fb79d..e78b955e04f8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6348,8 +6348,8 @@ static void selinux_d_instantiate(struct dentry *dent= ry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } =20 -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, + char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6367,20 +6367,27 @@ static int selinux_getprocattr(struct task_struct *= p, goto bad; } =20 - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid =3D __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid =3D __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid =3D __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid =3D __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid =3D __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid =3D __tsec->sockcreate_sid; - else { - error =3D -EINVAL; + break; + default: + error =3D -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6398,7 +6405,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } =20 -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int selinux_lsm_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6409,28 +6416,36 @@ static int selinux_setprocattr(const char *name, vo= id *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_CURRENT: + error =3D avc_has_perm(&selinux_state, + mysid, mysid, SECCLASS_PROCESS, + PROCESS__SETCURRENT, NULL); + break; + case LSM_ATTR_EXEC: error =3D avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error =3D avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error =3D avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error =3D avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) - error =3D avc_has_perm(&selinux_state, - mysid, mysid, SECCLASS_PROCESS, - PROCESS__SETCURRENT, NULL); - else - error =3D -EINVAL; + break; + default: + error =3D -EOPNOTSUPP; + break; + } if (error) return error; =20 @@ -6442,13 +6457,14 @@ static int selinux_setprocattr(const char *name, vo= id *value, size_t size) } error =3D security_context_to_sid(&selinux_state, value, size, &sid, GFP_KERNEL); - if (error =3D=3D -EINVAL && !strcmp(name, "fscreate")) { + if (error =3D=3D -EINVAL && attr =3D=3D LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; =20 - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] =3D=3D '\0') audit_size =3D size - 1; else @@ -6459,7 +6475,8 @@ static int selinux_setprocattr(const char *name, void= *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=3Dfscreate invalid_context=3D"); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); =20 return error; @@ -6483,11 +6500,11 @@ static int selinux_setprocattr(const char *name, vo= id *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec =3D selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr =3D=3D LSM_ATTR_EXEC) { tsec->exec_sid =3D sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr =3D=3D LSM_ATTR_FSCREATE) { tsec->create_sid =3D sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr =3D=3D LSM_ATTR_KEYCREATE) { if (sid) { error =3D avc_has_perm(&selinux_state, mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6495,9 +6512,9 @@ static int selinux_setprocattr(const char *name, void= *value, size_t size) goto abort_change; } tsec->keycreate_sid =3D sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr =3D=3D LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid =3D sid; - } else if (!strcmp(name, "current")) { + } else if (attr =3D=3D LSM_ATTR_CURRENT) { error =3D -EINVAL; if (sid =3D=3D 0) goto abort_change; @@ -6542,6 +6559,81 @@ static int selinux_setprocattr(const char *name, voi= d *value, size_t size) return error; } =20 +static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *c= tx, + size_t *size, u32 flags) +{ + char *value; + size_t total_len; + int len; + int rc; + + len =3D selinux_lsm_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len =3D ALIGN(struct_size(ctx, ctx, len), 8); + + if (total_len > *size) + rc =3D -E2BIG; + else if (ctx) + rc =3D lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + else + rc =3D 1; + + *size =3D total_len; + if (rc < 0) + return rc; + return 1; +} + +static int selinux_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + int rc; + + lctx =3D kmalloc(size, GFP_KERNEL); + if (lctx =3D=3D NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc =3D -EFAULT; + else if (lctx->ctx_len > size) + rc =3D -EINVAL; + else + rc =3D selinux_lsm_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr =3D lsm_name_to_attr(name); + int rc; + + if (attr) { + rc =3D selinux_lsm_getattr(attr, p, value); + if (rc !=3D -EOPNOTSUPP) + return rc; + } + + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr =3D lsm_name_to_attr(name); + + if (attr) + return selinux_lsm_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) =3D=3D 0); @@ -7183,6 +7275,8 @@ static struct security_hook_list selinux_hooks[] __ls= m_ro_after_init =3D { =20 LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), =20 + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), =20 --=20 2.39.2 From nobody Thu Feb 12 03:18:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3027C77B60 for ; Fri, 28 Apr 2023 20:39:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346711AbjD1UjW (ORCPT ); Fri, 28 Apr 2023 16:39:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346543AbjD1UjT (ORCPT ); Fri, 28 Apr 2023 16:39:19 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4C7AF2D45 for ; Fri, 28 Apr 2023 13:39:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714356; bh=Fp9lrVtrNVicSx7kowMCBpHDobGKxquDxegaCSkzu8A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=DWh4W5dqX9dh/Cxms7m2IETPuiC3mwsPS1Sb2apROnvtyl+ZhLzwNN2VZAHB2HqlqFwenHkRmEFHWDA1SpG2xwvsBrWY0HZhDQLiP+0NnKsB3GjWkE7wA0evkmGOktomF8NHcHGHlVgMb+PygECP/NjuTu8nEptxkV9mXFPouyNz/ObfMrhW6kq/XuLza4DEx/Hd0VGrdkQ7YmwfmxYXfjdjbDsdgR5jtXdtU81ELObsrss4VEqjruO5qMEJbUXffO1WDwVoeBgg1Q/rUQjHWyA1QKl29hu9KYiz02oXvzHACtfNhBMAqKD6tDLcDxMa/0kTBJbPUiTvcskrnJf1Fw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714356; bh=WBAEw8xIiVh6yMXjjVz3UohskO15Hn2Whbz4fRZfldQ=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=feCFo4pTQxE2uMENoEMtUG9HQJFkofZ32Wjob2oWILJEsBa1v6zIYvTBWepXaYmUuIfatcCNsSrUIo6HTUpkZhz/cLb8JZX7Y18JzAjmLtODVSY2aX6/ISXRMiR0xwjijhGWcnrskP0Y+8ZbbEmktbexyIg/KASEsrH7itX4v0LQnAsIcICzsITuSL8XdOTXA/QNfAsQLR9JdAr2uprGWaoAOKpc1ZQOZvoRNLUGWh2Uag29u+kWKJOWqMmhxD79Q1J+UP1FJDygwl4bmUu6cDCBRZJukqcE26l1Vg1TNA+FBomSYPcWllBGPcTlF645Fk/SGUeFhsjiw8lGDiEejw== X-YMail-OSG: PhVyqqsVM1ksKYRdXmfff2h0AX1Qw4uNUiek.zhW.nvDuZCgyhqljpq1ZNNgvrP JFjfeeu6.iHibELWTAI0K8Ildkno.TMVvkf0HvJZSZiW3oESLEYNbjh8ewvDQ0TCmyOk0g3MzPAV A8_idLVYKqdxG5dVIkow_E4B8KSU.VTrm.hhRZzYNongYYP1CWkMwIWd3EJVZmOi90y2yuHc_9YN aWHRUvDLEiJkkkbF_OVekU0Pr_yE7r9hqfuKkES7s044rIqzx.yWDIxdr0BL8boXWMGm8G0jtvnH p.OcjpsFPmONBemQwWnomJsuLOxiwcfuwTiQ4vX7r3iqSA5n2DWh79GOX3jbR9.y.hEWMvWLT7YI WCh7ofRk_.AAF_4r1RwuT7JCvd5XaJV.vz63xZD6sAT.AufPyo.VeCEv4Ftm1p_G.F_nwK40voJ6 OEgZrBB2edzZm78jpZ6XxNSysJr4WzG0UsdGBYmJJkhOfXPDPPXZzOaf9wCJwqE5E5X0bYvekMAk Bx19iN.T8JtD3NddIwZ406OsfInLr.FHkDffKAfPmWwl5qkSj3Q6KnEG5P0Iy6rV0cercc690T6G B5c7KIycOMmSV9tKZauTJQc1DisOKK_.piRL83yjkTuExEa_sOB9DkuOizEjwfFQWOWUScgL5Y4R ohu5Hx8mGBQaDki4pjLA6UfhY_aAkfOZBA1KzDPbN4qaXva.8sE6Ik7R6CBPmOJjS6S_nyXflTfV yi9EOQ9Fxn7q6Cra1rtyFrVV_7B8jHoHhvUsYMtpdCexQvGSb5HFu3BYvTWTag2wxAaPY0bbYRc7 jUG1EHF20MUdYSEGRihT8e0Cbrf0jYxSDMsj.rnsoZ.pzy7afiC6mtjqohYWugHbhKktG8vfZZH. eQqwkd2_TnJ3x4HdpvjFvgrd_kMf0INti5SANMldhMCRobjZb1WRUBHdH3.iA0niu9Qm8kPE1Ytq Eg4vP251n4aCmvSg4vbHU4jSBInUxKFw4zRQ2NUXEcQdFJnbd9kzBYae.tC3liuJN5tmv3fHtqAJ lXPKIerDu2.ziIjwf.5Z3gOWgFVRT1UWCI4g7gBLSZeeg.qg_kStdlv139sdLoDgIPMLr.jgYIfb w5bQ32d5yPpeBoVW9zgVbeB4FhnfxdAHVhMmb9YRtdNn93md.qyDfDjmrqRH396QYp3kApqe1Zpw v6qIhqbsJRAu05Dkn.6blNMmnoulZr1CpNahz2qb7p8ml4NW6G3s8NnZiiJb8tl9Gytj.zWebXTH IdaE04dBx2882bGbgsC4k.oFLRcbTpn84zfx1og6Mtgavaq3EkQPIK6y6HAKz27k3s62j1FU3qzz Ojg0OcuKQLsF8j2JoAhH0W6PeCeq_plBI7AX06tmlMkgYK7EtKknUhkDttMNq5U_yYGfG45RaJOv 0aKY3E7Ny8FgRVWHM5JzNgq57ons7.ltO8UuRlkqB.n0ZVr5eVJGoGrWNljd78biATO7D6.pnQhc 1SdAhEF5IWqe22pTPnJMV_VcdhUjX1OLgnlnr8Ecdh5N2.fiJ3rx6bvVob6fafDN4X1wpbSS6xm_ pJF5fdFntHjBhE73MhdLFVDOMVaLOT..8cXtjftgUMjgUPeyNZEqy2OWR5.hyqw053HEhPsr5Yev TRF3PwwbAjQhCQucUK61sRV6UsB8cqkn.lv6k3qgXhZnVJpyojW1k9ZBnOQARcCxKwuQPe5BJvZe yjxN6DYqDuBt26pby7bQiQzcbLjTq1KbD9VUB1elCE6eiZWiifO8gbVq75bl4QnqWdK_q7Tur4p5 Ov.1ex4LaCD.nycYmx0y3Zas73vooCjCbyhCM90VYIOg1E1qS3xdrH65DwPKg.06x5jM7swU5iFq m8gtIq4u2LuCQaHlq_jsw6L0hRZwi9tc5r05.vsy2ladSvZwf3n1kv3HCONazBrXLzcu2D.CTiWO Qvyavg2yUd8_.UB6IJFauNK1JxZUbOE.eGx5ggzyv6X.3OPFmksPJreUukzyELpW.izYJ95yycIN gnmqxuCzdbA7JXXNeK2FM_zJny7sWXCVCzLVI.Ryij_vnyoh4s7eMDGpBviaiaLOtZVOS5z_MaxU IEoL_Nh36IcbGl0E53W4_Q7jH7IUOIMMgkRxF16N_K5pXkLrdbELc3qw3inTtlZ1x7Vz5AwYqwbS jOSUW8R0OsTRM.otw7vwe0oQuqCVboASC1xLAgIgTddsEEMUco1w27CUVDkKYDjL5bvwV3MqdvUB jOeeLgq2vbHkcVgwYDHq6k8s0MC2bGwaD1mXyH4rmJU.t44V7QoQmI7hyJcRkL4aJlQzP7nQVhsS dGlOytDt_Hs.aMQzZ7OauNlJNeMOx2Q-- X-Sonic-MF: X-Sonic-ID: aa2c239d-22b6-4f6c-bfe6-9c0ee50c93ec Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:39:16 +0000 Received: by hermes--production-bf1-5f9df5c5c4-wvm2h (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7872f02abf9ba03acc5bf1902aa8c755; Fri, 28 Apr 2023 20:39:15 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 11/11] LSM: selftests for Linux Security Module syscalls Date: Fri, 28 Apr 2023 13:34:17 -0700 Message-Id: <20230428203417.159874-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 270 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 153 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 70 +++++ 6 files changed, 508 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Mak= efile index 13a6837a0c6b..b18d133a1141 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -38,6 +38,7 @@ TARGETS +=3D landlock TARGETS +=3D lib TARGETS +=3D livepatch TARGETS +=3D lkdtm +TARGETS +=3D lsm TARGETS +=3D membarrier TARGETS +=3D memfd TARGETS +=3D memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests= /lsm/Makefile new file mode 100644 index 000000000000..f39a75212b78 --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS +=3D -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS :=3D lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/l= sm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=3Dy +CONFIG_SECURITY=3Dy diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/t= esting/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..a62524b17bf7 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,270 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright =C2=A9 2022 Casey Schaufler + * Copyright =C2=A9 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t s= ize) +{ + int fd; + int len; + char *path; + + len =3D strlen(PROCATTR) + strlen(attr) + 1; + path =3D calloc(len, 1); + if (path =3D=3D NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd =3D open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len =3D read(fd, value, size); + if (len <=3D 0) + return -1; + close(fd); + + path =3D strchr(value, '\n'); + if (path) + *path =3D '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp =3D (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *ctx =3D calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + __kernel_size_t size =3D page_size; + + ASSERT_NE(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, NULL, + &size, 0)); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *ctx =3D calloc(page_size, 1); + __kernel_size_t size =3D 1; + + ASSERT_NE(NULL, ctx); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *ctx =3D calloc(page_size, 1); + __kernel_size_t size =3D page_size; + + ASSERT_NE(NULL, ctx); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 1)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *ctx =3D calloc(page_size, 1); + __kernel_size_t size =3D page_size; + + ASSERT_NE(NULL, ctx); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + __kernel_size_t size =3D page_size; + struct lsm_ctx *ctx =3D calloc(page_size, 1); + struct lsm_ctx *tctx =3D NULL; + __u64 *syscall_lsms =3D calloc(page_size, 1); + char *attr =3D calloc(page_size, 1); + int cnt_current =3D 0; + int cnt_exec =3D 0; + int cnt_fscreate =3D 0; + int cnt_keycreate =3D 0; + int cnt_prev =3D 0; + int cnt_sockcreate =3D 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount =3D syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i =3D 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size =3D page_size; + count =3D syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0); + ASSERT_EQ(cnt_current, count); + tctx =3D ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i =3D 1; i < count; i++) { + tctx =3D next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size =3D page_size; + count =3D syscall(__NR_lsm_get_self_attr, LSM_ATTR_EXEC, ctx, + &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx =3D ctx; + if (read_proc_attr("exec", attr, page_size) =3D=3D 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i =3D 1; i < count; i++) { + tctx =3D next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size =3D page_size; + count =3D syscall(__NR_lsm_get_self_attr, LSM_ATTR_FSCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx =3D ctx; + if (read_proc_attr("fscreate", attr, page_size) =3D=3D 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i =3D 1; i < count; i++) { + tctx =3D next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size =3D page_size; + count =3D syscall(__NR_lsm_get_self_attr, LSM_ATTR_KEYCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx =3D ctx; + if (read_proc_attr("keycreate", attr, page_size) =3D=3D 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i =3D 1; i < count; i++) { + tctx =3D next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size =3D page_size; + count =3D syscall(__NR_lsm_get_self_attr, LSM_ATTR_PREV, ctx, + &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx =3D ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i =3D 1; i < count; i++) { + tctx =3D next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size =3D page_size; + count =3D syscall(__NR_lsm_get_self_attr, LSM_ATTR_SOCKCREATE, + ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx =3D ctx; + if (read_proc_attr("sockcreate", attr, page_size) =3D=3D 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i =3D 1; i < count; i++) { + tctx =3D next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/te= sting/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..871d516a7d7d --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,153 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright =C2=A9 2022 Casey Schaufler + * Copyright =C2=A9 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp =3D fopen("/sys/kernel/security/lsm", "r"); + if (fp =3D=3D NULL) + return -1; + if (fread(lsms, 1, size, fp) <=3D 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_list_modules) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *syscall_lsms =3D calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + __kernel_size_t size =3D page_size; + + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *syscall_lsms =3D calloc(page_size, 1); + __kernel_size_t size =3D 1; + + ASSERT_NE(NULL, syscall_lsms); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *syscall_lsms =3D calloc(page_size, 1); + __kernel_size_t size =3D page_size; + + ASSERT_NE(NULL, syscall_lsms); + errno =3D 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + __kernel_size_t size =3D page_size; + __u64 *syscall_lsms =3D calloc(page_size, 1); + char *sysfs_lsms =3D calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count =3D syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp =3D sysfs_lsms; + for (i =3D 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name =3D "capability"; + break; + case LSM_ID_SELINUX: + name =3D "selinux"; + break; + case LSM_ID_SMACK: + name =3D "smack"; + break; + case LSM_ID_TOMOYO: + name =3D "tomoyo"; + break; + case LSM_ID_IMA: + name =3D "ima"; + break; + case LSM_ID_APPARMOR: + name =3D "apparmor"; + break; + case LSM_ID_YAMA: + name =3D "yama"; + break; + case LSM_ID_LOADPIN: + name =3D "loadpin"; + break; + case LSM_ID_SAFESETID: + name =3D "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name =3D "lockdown"; + break; + case LSM_ID_BPF: + name =3D "bpf"; + break; + case LSM_ID_LANDLOCK: + name =3D "landlock"; + break; + default: + name =3D "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp +=3D strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/t= esting/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..ca538a703168 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,70 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright =C2=A9 2022 Casey Schaufler + * Copyright =C2=A9 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx =3D calloc(page_size, 1); + __kernel_size_t size =3D page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, 1, + 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *ctx =3D calloc(page_size, 1); + __kernel_size_t size =3D page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, + size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size =3D sysconf(_SC_PAGESIZE); + char *ctx =3D calloc(page_size, 1); + __kernel_size_t size =3D page_size; + struct lsm_ctx *tctx =3D (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, tctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN --=20 2.39.2