Message ID | 20230109180717.58855-6-casey@schaufler-ca.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp2301481wrt; Mon, 9 Jan 2023 10:12:54 -0800 (PST) X-Google-Smtp-Source: AMrXdXtpSONWnEq+674yo+1Vikp/uMOJXDsqBw39XQzmx6td3aT47BYbJ+fXjPqrDRup0wJSitcn X-Received: by 2002:a17:902:7891:b0:193:250e:3182 with SMTP id q17-20020a170902789100b00193250e3182mr7769447pll.67.1673287974390; Mon, 09 Jan 2023 10:12:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673287974; cv=none; d=google.com; s=arc-20160816; b=bFK1j/9OEP0Bk9Ch+1ULXUn4Xg83hsrezeFMoiO1gwyhDhXME7dsH8Ljmcc8HvnvnP KGInJgJqZvYav16ewDetpypm6POePTkiKYAPLejjgqaPjPILL9QKR6Z2a6KPs/NN2kze Tw9pKf753wI8gNSn17dyGGHWcIGNefOi9w4bbOSd1Lc/yq14yqXj1laW2OY4Sr4wSeO8 V0zi0BvSjIn8MNGAh6gqnMmaHdy1RB/Jh5r8HrlsM6GF6z+a27MdrXznROmMEDgkZbtl s9AJkC3cxm2hBPYQIbwxm+5mqeByCD6bQslx0fApaUpP3ceBsR8j7b8QzToxqFy4VpZ9 JH0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=G0wcZ/Rhqtww1ThfnjNfR8i7612RX9e/53Euok8eGoU=; b=nrypHvBfBGf+F5pV+Ytzkr0Aj73d5JGYv2Ure/MPcQ+K6CQFjymUWEVOwKgOk91yOX i/HKdo7+toslAimYsG5wrP/HQx2IIUMfsLI5titMrcT56udF16Z0/7N3ReKoN3rFnUsx +ZPf8ipKuxonyDdyfFICbrKm1EzGaBnYKChTCrcfrbpUBfFeDH4s1LL0lbosLta/d72/ J7gpoMP7Umw5Q5jXlnkR/wB6zzF/SI/BEElyLPkIwrFHmRmdOc9TVaIdATquaDywXhoV AHFRwC2iNW/5GuhBRTeADrAM1d6R52NHWLb+ePp9BbFDBNPMN8IIjC7uLftYPggi/3m7 o4hQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=ApGS7m61; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x4-20020a1709029a4400b001926e41c963si9077665plv.31.2023.01.09.10.12.41; Mon, 09 Jan 2023 10:12:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=ApGS7m61; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237181AbjAISKt (ORCPT <rfc822;syz17693488234@gmail.com> + 99 others); Mon, 9 Jan 2023 13:10:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57338 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237453AbjAISJm (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 9 Jan 2023 13:09:42 -0500 Received: from sonic305-27.consmr.mail.ne1.yahoo.com (sonic305-27.consmr.mail.ne1.yahoo.com [66.163.185.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CE5332625 for <linux-kernel@vger.kernel.org>; Mon, 9 Jan 2023 10:09:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1673287749; bh=G0wcZ/Rhqtww1ThfnjNfR8i7612RX9e/53Euok8eGoU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=ApGS7m61xDImekYfFyRyApsd5HupFOAf3KZwQ1e2BEbtm/5yYiLicaWxGGkKgCpJsqXeRufi60Crz59uyzaUKO+bck6Kvh0J2wk2kTeCoVI7o14W99ch4c1qXPXaQ6Ll49efBlrQc65phuWy8rDJbgPYUhvxP+6gsgnuLgOUqGiEWTlsuHYNHCcS/4qVH3RBNNY0D2QfboW+eh5lgf9Wsutz4SDPX1kJJUdgrz2moCpzzzzTE9v2oT3YdJ96n/Y55PbzDhI8jTj0b+qr5xI5DxMZhtc4TThOzASpfPZXoqF6okwyYhLbESONoiCEtRAqTxeGBvk8/YbwyN84jB5KCg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1673287749; bh=jAIbvs3dRmHTfBGydXVimzpWt4T1dI3y/d5pnvLP9Ba=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=UrOoFaSPcWLUnDHGSucq+eErvSNAWVLFdc9B6wpPVqnEKyNXUACeyOAUvl6xtLii6HP3FO4SWTz5wYqvtYYaEFE8tkRT972AaiysLieF+qS3omxqSt7pVjbrYKvZJBBUmpZQSuENLWAIjodAtF056MF2UipGJoiVvGLnXmorTkjjT6/etQ//jDttkL8axvUo7ty4XPTNKZRLJHqNMs0kqJEPiVAE6155N2cD1cFTGXuZrO3FpCS40CvdQN32BJnEj/RKqWbKO/ml/rxWdk9drYVzuKVU9c8HEtto5ahLUI6EaGiEvYBiKzP0ScIrcyI2OZltNAJ5Yx+XUchIFUGzYQ== X-YMail-OSG: 6QWsHTsVM1nS2OHkK70OB5.wQ1P_T6c2zo0Wsx.qxqGW3GrQZddvMtVoTParOrF FIBO__N6yD3DguRNZ7.X0dsujtOemLhFsG4zilMXkUgFkPYtyZd0VNbK5VF2bIaDqrepfhBqQb.5 yN4Xydm9vUvlsfyFr6pejokkUkqxjtPMFP4UyTw_EryAJu3qkN37KZbDEdD.wTRQl57PEGqHKX9A B9jhvkxqQFmZuIV3gu62KhhrQhJJZVUxy4aB0vo_cTfnV_PWBSNQmGfEtsCFxkISl1SKqiiUHGlI ww6f4LisENIiZ7UZUfENXg5uK9HLzumMMD8PH4nxJngX5kvAw8GwhTlfaXSuNMe7IsZfMKInC2Sm Ny2QwFs2H7yILRpG5mM3EL5gnRAamFCwmQvy6M5CNlvhALkd126vPhpB5yIuo493Et1YUOAIQiAk SAkp9lTogZZo.oRo2GYPO8I_ta.lhc6pMkIgdLOGHKmhZHsdJtrsc7uG21V8GoZ6ma2i2E9MHcNJ jX.j_iU9E9oSTLY8UJ9rqIuunQOrErrtngrWH3yPvKMEtv8Cfk_v4XPkK61WbA52uP8th9Umf8FB rTgGFDq9GmiY_yp9uutG.GhupYRA8PnKrFIE8CZcWR5lqVJNToRZA_YokWKyLUv.Ufo9qCFySOq7 VfIak4dIao_D1oFmKpabZOhkZOvj8JBdK_g2SgF7FUl._gvdtHszG6PnEyTXgBK0VhnWMaUEb1jx Im8mXe_bTP5wYT3jpfVRmmeucM6AKW4tx.Xm2dgvvPVpvTGoP.uJOBtrlZ_kJSqivvvzhMCvnhV_ KVvEpwiOMi3E5ANWXpJxA6ik8_js19Vzicfg80cE9RTULdnDHujQU8emtNXdqM8mLC1vhAt5ec1Y 3kgZQIBAJhfApNXiKLm9HcTAm426aIWoEQwtOmLIEY_aRB7aSY8oj7zpcwr2AYIfISNqqwkmokOF hN.Lrag57Xz6elC34fJQktYv7bakMCmpE2HrmMZNBXrP91DI3HEcYSsNbzh1NUzCnZKWrx3mJZh6 KEIzsGV8LaPXmkDKSncwPg.qCGUyk_3_l6AMWD.jCk7hX1ihUMNFZ_.DzIz6udD8QTIvs1E5Ay3W QMrkC6tWn2grVEcOcxkey_527XvOmVBctLiBD1n35U1AD8UtaPKrqGFyO9jcq2ZNNFc3q4TkEIMT T4eBsyabj6RuxHyQH.kuLBbIPLgBlWmbWqfANqz3FFs4Z4kNy8qFmjiPEMMbl_WCA9yO4Zfxlv3O OGzxHAKIC.fPXzcB9yuykRSEWeLuNnmwjGgPcPTbYGv3TZK3r7Y32bgC7kZCXYqwGfpyFJVlh4vW 9v.SkujQHYJW1NgCmtzN.sgcmHpHJyCJq9007lCpDRgQeMVWfNWmDsnwWumPjipTDzvMn.djC6en BERSdsQ.v4jmaSILwN0n.7Kc5CRjbw3ZPBaSpfHXTwJiD5YGYQ._3DVPr9CXKicxu5gXFpBdjSNn H8UhgK9jBe.iWRBDG3NEZmxN4Yl2envAIrleYPUmvYWR2Y6uclyo3e_AwWyDGF0wPhX_K1Tj34uJ nexlaSCNvn3ocnmqOogKSAKpofaSmN7.XdeTFFmZB1jIQAlobhGcZ6pU1BW8zFs6ulfsADXpNRgg l.ycG1_fJuqIViN0kQnLmn2hvHUfQw5lN2XZemnF9Ae.oMVBMjLxYlqN_ut2BZQ.DgEICdp9buZm WF6lVKXihjy6YHUncy1mJxiU5AKTg_S4A5IWZ0L2UX6ttCmtAX7Omkc3Hxd1BLZr.O4ueehlP4IW qfoYdqPblD3rqng.YbXqyBD7Wo8JRcqutxDom4R6xdAZ1MO0AJ_paM2n9I4XosF_uYWBOFumOLSf VAEWmjRIl8kf.YgG_PnDnG3Ai7CTPWcpU1rIk8ccqvKsgQaBH.aPuRzJgv4vrJIMfXsi7FGD8VEj pScpa68OamHIXXmBWQIVMZ8Lu00GGXvWwuI5tsXabAQ9Ad65WA1r7XmVJgHIQtsKm5CMEgB0u6u2 7Ytfj6mv6zIqP3UvzNNYG4b2BeilNzcVo4Tw1Skln1sG12J23cQNcXNyLBgp9UxC5kByvDDQpvYd 0TLDovtgVBZrgc4Aw8kgsnUsNwI1EIqlCPXlQXtXC00u6qVFwynV338IbrCgVk5B1XJ0GW0AkHr9 _fXNEfMlKRfG0sXQez2ctB2QU1zojIECTFl6WsM.UVD7P7ue.Zy1mDiYZD4nL18I_GIDmSXw7soq QqidYRizVhTRrPjbwP.dHxjCY5p47VHOz.ZEQ7LmpIBTU8xjd63VXHzf8jJsnRh7tGbHy7ykMnyC IliELc29XwSzmCRrK02Bm X-Sonic-MF: <casey@schaufler-ca.com> Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Mon, 9 Jan 2023 18:09:09 +0000 Received: by hermes--production-ne1-7b69748c4d-474lb (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3be57d1d3a3d9a781b586d3784815f58; Mon, 09 Jan 2023 18:09:05 +0000 (UTC) From: Casey Schaufler <casey@schaufler-ca.com> To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v5 5/8] LSM: Create lsm_module_list system call Date: Mon, 9 Jan 2023 10:07:14 -0800 Message-Id: <20230109180717.58855-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230109180717.58855-1-casey@schaufler-ca.com> References: <20230109180717.58855-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1754569611037529330?= X-GMAIL-MSGID: =?utf-8?q?1754569611037529330?= |
Series |
LSM: Three basic syscalls
|
|
Commit Message
Casey Schaufler
Jan. 9, 2023, 6:07 p.m. UTC
Create a system call to report the list of Linux Security Modules
that are active on the system. The list is provided as an array
of LSM ID numbers.
The calling application can use this list determine what LSM
specific actions it might take. That might include chosing an
output format, determining required privilege or bypassing
security module specific behavior.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
Documentation/userspace-api/lsm.rst | 3 +++
include/linux/syscalls.h | 1 +
kernel/sys_ni.c | 1 +
security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++
4 files changed, 46 insertions(+)
Comments
Hi Casey,
I love your patch! Yet something to improve:
[auto build test ERROR on tip/perf/core]
[also build test ERROR on acme/perf/core shuah-kselftest/next shuah-kselftest/fixes linus/master v6.2-rc3 next-20230110]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/LSM-Maintain-a-table-of-LSM-attribute-data/20230110-030739
patch link: https://lore.kernel.org/r/20230109180717.58855-6-casey%40schaufler-ca.com
patch subject: [PATCH v5 5/8] LSM: Create lsm_module_list system call
config: microblaze-randconfig-r011-20230108
compiler: microblaze-linux-gcc (GCC) 12.1.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/intel-lab-lkp/linux/commit/681c9be927fbd6bf90025a20cbf8e47fc2635063
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Casey-Schaufler/LSM-Maintain-a-table-of-LSM-attribute-data/20230110-030739
git checkout 681c9be927fbd6bf90025a20cbf8e47fc2635063
# save the config file
mkdir build_dir && cp config build_dir/.config
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=microblaze olddefconfig
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=microblaze SHELL=/bin/bash
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
All errors (new ones prefixed by >>):
In file included from security/lsm_syscalls.c:15:
include/linux/syscalls.h:243:25: error: conflicting types for 'sys_lsm_get_self_attr'; have 'long int(struct lsm_ctx *, size_t *, u32)' {aka 'long int(struct lsm_ctx *, unsigned int *, unsigned int)'}
243 | asmlinkage long sys##name(__MAP(x,__SC_DECL,__VA_ARGS__)) \
| ^~~
include/linux/syscalls.h:229:9: note: in expansion of macro '__SYSCALL_DEFINEx'
229 | __SYSCALL_DEFINEx(x, sname, __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~
include/linux/syscalls.h:220:36: note: in expansion of macro 'SYSCALL_DEFINEx'
220 | #define SYSCALL_DEFINE3(name, ...) SYSCALL_DEFINEx(3, _##name, __VA_ARGS__)
| ^~~~~~~~~~~~~~~
security/lsm_syscalls.c:61:1: note: in expansion of macro 'SYSCALL_DEFINE3'
61 | SYSCALL_DEFINE3(lsm_get_self_attr,
| ^~~~~~~~~~~~~~~
include/linux/syscalls.h:1062:17: note: previous declaration of 'sys_lsm_get_self_attr' with type 'long int(struct lsm_ctx *, size_t *, int)' {aka 'long int(struct lsm_ctx *, unsigned int *, int)'}
1062 | asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size,
| ^~~~~~~~~~~~~~~~~~~~~
>> include/linux/syscalls.h:243:25: error: conflicting types for 'sys_lsm_module_list'; have 'long int(u32 *, size_t *, u64)' {aka 'long int(unsigned int *, unsigned int *, long long unsigned int)'}
243 | asmlinkage long sys##name(__MAP(x,__SC_DECL,__VA_ARGS__)) \
| ^~~
include/linux/syscalls.h:229:9: note: in expansion of macro '__SYSCALL_DEFINEx'
229 | __SYSCALL_DEFINEx(x, sname, __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~
include/linux/syscalls.h:220:36: note: in expansion of macro 'SYSCALL_DEFINEx'
220 | #define SYSCALL_DEFINE3(name, ...) SYSCALL_DEFINEx(3, _##name, __VA_ARGS__)
| ^~~~~~~~~~~~~~~
security/lsm_syscalls.c:197:1: note: in expansion of macro 'SYSCALL_DEFINE3'
197 | SYSCALL_DEFINE3(lsm_module_list,
| ^~~~~~~~~~~~~~~
include/linux/syscalls.h:1064:17: note: previous declaration of 'sys_lsm_module_list' with type 'long int(u32 *, size_t *, int)' {aka 'long int(unsigned int *, unsigned int *, int)'}
1064 | asmlinkage long sys_lsm_module_list(u32 *ids, size_t *size, int flags);
| ^~~~~~~~~~~~~~~~~~~
vim +243 include/linux/syscalls.h
bed1ffca022cc8 Frederic Weisbecker 2009-03-13 217
6c5979631b4b03 Heiko Carstens 2009-02-11 218 #define SYSCALL_DEFINE1(name, ...) SYSCALL_DEFINEx(1, _##name, __VA_ARGS__)
6c5979631b4b03 Heiko Carstens 2009-02-11 219 #define SYSCALL_DEFINE2(name, ...) SYSCALL_DEFINEx(2, _##name, __VA_ARGS__)
6c5979631b4b03 Heiko Carstens 2009-02-11 @220 #define SYSCALL_DEFINE3(name, ...) SYSCALL_DEFINEx(3, _##name, __VA_ARGS__)
6c5979631b4b03 Heiko Carstens 2009-02-11 221 #define SYSCALL_DEFINE4(name, ...) SYSCALL_DEFINEx(4, _##name, __VA_ARGS__)
6c5979631b4b03 Heiko Carstens 2009-02-11 222 #define SYSCALL_DEFINE5(name, ...) SYSCALL_DEFINEx(5, _##name, __VA_ARGS__)
6c5979631b4b03 Heiko Carstens 2009-02-11 223 #define SYSCALL_DEFINE6(name, ...) SYSCALL_DEFINEx(6, _##name, __VA_ARGS__)
1a94bc34768e46 Heiko Carstens 2009-01-14 224
609320c8a22715 Yonghong Song 2017-09-07 225 #define SYSCALL_DEFINE_MAXARGS 6
609320c8a22715 Yonghong Song 2017-09-07 226
bed1ffca022cc8 Frederic Weisbecker 2009-03-13 227 #define SYSCALL_DEFINEx(x, sname, ...) \
99e621f796d7f0 Al Viro 2013-03-05 228 SYSCALL_METADATA(sname, x, __VA_ARGS__) \
bed1ffca022cc8 Frederic Weisbecker 2009-03-13 229 __SYSCALL_DEFINEx(x, sname, __VA_ARGS__)
bed1ffca022cc8 Frederic Weisbecker 2009-03-13 230
2cf0966683430b Al Viro 2013-01-21 231 #define __PROTECT(...) asmlinkage_protect(__VA_ARGS__)
1bd21c6c21e848 Dominik Brodowski 2018-04-05 232
e145242ea0df6b Dominik Brodowski 2018-04-09 233 /*
e145242ea0df6b Dominik Brodowski 2018-04-09 234 * The asmlinkage stub is aliased to a function named __se_sys_*() which
e145242ea0df6b Dominik Brodowski 2018-04-09 235 * sign-extends 32-bit ints to longs whenever needed. The actual work is
e145242ea0df6b Dominik Brodowski 2018-04-09 236 * done within __do_sys_*().
e145242ea0df6b Dominik Brodowski 2018-04-09 237 */
1bd21c6c21e848 Dominik Brodowski 2018-04-05 238 #ifndef __SYSCALL_DEFINEx
bed1ffca022cc8 Frederic Weisbecker 2009-03-13 239 #define __SYSCALL_DEFINEx(x, name, ...) \
bee20031772af3 Arnd Bergmann 2018-06-19 240 __diag_push(); \
bee20031772af3 Arnd Bergmann 2018-06-19 241 __diag_ignore(GCC, 8, "-Wattribute-alias", \
bee20031772af3 Arnd Bergmann 2018-06-19 242 "Type aliasing is used to sanitize syscall arguments");\
83460ec8dcac14 Andi Kleen 2013-11-12 @243 asmlinkage long sys##name(__MAP(x,__SC_DECL,__VA_ARGS__)) \
e145242ea0df6b Dominik Brodowski 2018-04-09 244 __attribute__((alias(__stringify(__se_sys##name)))); \
c9a211951c7c79 Howard McLauchlan 2018-03-21 245 ALLOW_ERROR_INJECTION(sys##name, ERRNO); \
e145242ea0df6b Dominik Brodowski 2018-04-09 246 static inline long __do_sys##name(__MAP(x,__SC_DECL,__VA_ARGS__));\
e145242ea0df6b Dominik Brodowski 2018-04-09 247 asmlinkage long __se_sys##name(__MAP(x,__SC_LONG,__VA_ARGS__)); \
e145242ea0df6b Dominik Brodowski 2018-04-09 248 asmlinkage long __se_sys##name(__MAP(x,__SC_LONG,__VA_ARGS__)) \
1a94bc34768e46 Heiko Carstens 2009-01-14 249 { \
e145242ea0df6b Dominik Brodowski 2018-04-09 250 long ret = __do_sys##name(__MAP(x,__SC_CAST,__VA_ARGS__));\
07fe6e00f6cca6 Al Viro 2013-01-21 251 __MAP(x,__SC_TEST,__VA_ARGS__); \
2cf0966683430b Al Viro 2013-01-21 252 __PROTECT(x, ret,__MAP(x,__SC_ARGS,__VA_ARGS__)); \
2cf0966683430b Al Viro 2013-01-21 253 return ret; \
1a94bc34768e46 Heiko Carstens 2009-01-14 254 } \
bee20031772af3 Arnd Bergmann 2018-06-19 255 __diag_pop(); \
e145242ea0df6b Dominik Brodowski 2018-04-09 256 static inline long __do_sys##name(__MAP(x,__SC_DECL,__VA_ARGS__))
1bd21c6c21e848 Dominik Brodowski 2018-04-05 257 #endif /* __SYSCALL_DEFINEx */
1a94bc34768e46 Heiko Carstens 2009-01-14 258
On Mon, Jan 9, 2023 at 1:09 PM Casey Schaufler <casey@schaufler-ca.com> wrote: > > Create a system call to report the list of Linux Security Modules > that are active on the system. The list is provided as an array > of LSM ID numbers. > > The calling application can use this list determine what LSM > specific actions it might take. That might include chosing an > output format, determining required privilege or bypassing > security module specific behavior. > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > --- > Documentation/userspace-api/lsm.rst | 3 +++ > include/linux/syscalls.h | 1 + > kernel/sys_ni.c | 1 + > security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++ > 4 files changed, 46 insertions(+) ... > diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c > index 55e8bf61ac8a..92af1fcaa654 100644 > --- a/security/lsm_syscalls.c > +++ b/security/lsm_syscalls.c > @@ -180,3 +180,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr, > kfree(final); > return rc; > } > + > +/** > + * sys_lsm_module_list - Return a list of the active security modules > + * @ids: the LSM module ids > + * @size: size of @ids, updated on return > + * @flags: reserved for future use, must be zero > + * > + * Returns a list of the active LSM ids. On success this function > + * returns the number of @ids array elements. This value may be zero > + * if there are no LSMs active. If @size is insufficient to contain > + * the return data -E2BIG is returned and @size is set to the minimum > + * required size. In all other cases a negative value indicating the > + * error is returned. > + */ > +SYSCALL_DEFINE3(lsm_module_list, > + u32 __user *, ids, > + size_t __user *, size, > + u64, flags) > +{ > + size_t total_size = lsm_active_cnt * sizeof(*ids); > + size_t usize; > + int i; > + > + if (flags) > + return -EINVAL; > + > + if (get_user(usize, size)) > + return -EFAULT; > + > + if (put_user(total_size, size) != 0) > + return -EFAULT; > + > + if (usize < total_size) > + return -E2BIG; > + > + for (i = 0; i < lsm_active_cnt; i++) > + if (put_user(lsm_idlist[i]->id, ids++)) > + return -EFAULT; > + > + return lsm_active_cnt; > +} Similar to my comments in 4/8, I would probably create a new LSM hook for this syscall so that the lsm_ctx is passed through the LSM layer directly to the target LSM: int security_sys_setselfattr(u64 attr, struct lsm_ctx __user *ctx, size_t len); -- paul-moore.com
On 1/11/2023 1:07 PM, Paul Moore wrote: > On Mon, Jan 9, 2023 at 1:09 PM Casey Schaufler <casey@schaufler-ca.com> wrote: >> Create a system call to report the list of Linux Security Modules >> that are active on the system. The list is provided as an array >> of LSM ID numbers. >> >> The calling application can use this list determine what LSM >> specific actions it might take. That might include chosing an >> output format, determining required privilege or bypassing >> security module specific behavior. >> >> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> >> --- >> Documentation/userspace-api/lsm.rst | 3 +++ >> include/linux/syscalls.h | 1 + >> kernel/sys_ni.c | 1 + >> security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++ >> 4 files changed, 46 insertions(+) > .. > >> diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c >> index 55e8bf61ac8a..92af1fcaa654 100644 >> --- a/security/lsm_syscalls.c >> +++ b/security/lsm_syscalls.c >> @@ -180,3 +180,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr, >> kfree(final); >> return rc; >> } >> + >> +/** >> + * sys_lsm_module_list - Return a list of the active security modules >> + * @ids: the LSM module ids >> + * @size: size of @ids, updated on return >> + * @flags: reserved for future use, must be zero >> + * >> + * Returns a list of the active LSM ids. On success this function >> + * returns the number of @ids array elements. This value may be zero >> + * if there are no LSMs active. If @size is insufficient to contain >> + * the return data -E2BIG is returned and @size is set to the minimum >> + * required size. In all other cases a negative value indicating the >> + * error is returned. >> + */ >> +SYSCALL_DEFINE3(lsm_module_list, >> + u32 __user *, ids, >> + size_t __user *, size, >> + u64, flags) >> +{ >> + size_t total_size = lsm_active_cnt * sizeof(*ids); >> + size_t usize; >> + int i; >> + >> + if (flags) >> + return -EINVAL; >> + >> + if (get_user(usize, size)) >> + return -EFAULT; >> + >> + if (put_user(total_size, size) != 0) >> + return -EFAULT; >> + >> + if (usize < total_size) >> + return -E2BIG; >> + >> + for (i = 0; i < lsm_active_cnt; i++) >> + if (put_user(lsm_idlist[i]->id, ids++)) >> + return -EFAULT; >> + >> + return lsm_active_cnt; >> +} > Similar to my comments in 4/8, I would probably create a new LSM hook > for this syscall so that the lsm_ctx is passed through the LSM layer > directly to the target LSM: > > int security_sys_setselfattr(u64 attr, struct lsm_ctx __user *ctx, > size_t len); That seems like a whole lot of work when you can just look it up in an existing table. > -- > paul-moore.com
On Wed, Jan 11, 2023 at 8:39 PM Casey Schaufler <casey@schaufler-ca.com> wrote: > On 1/11/2023 1:07 PM, Paul Moore wrote: > > On Mon, Jan 9, 2023 at 1:09 PM Casey Schaufler <casey@schaufler-ca.com> wrote: > >> Create a system call to report the list of Linux Security Modules > >> that are active on the system. The list is provided as an array > >> of LSM ID numbers. > >> > >> The calling application can use this list determine what LSM > >> specific actions it might take. That might include chosing an > >> output format, determining required privilege or bypassing > >> security module specific behavior. > >> > >> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > >> --- > >> Documentation/userspace-api/lsm.rst | 3 +++ > >> include/linux/syscalls.h | 1 + > >> kernel/sys_ni.c | 1 + > >> security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++ > >> 4 files changed, 46 insertions(+) > > .. > > > >> diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c > >> index 55e8bf61ac8a..92af1fcaa654 100644 > >> --- a/security/lsm_syscalls.c > >> +++ b/security/lsm_syscalls.c > >> @@ -180,3 +180,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr, > >> kfree(final); > >> return rc; > >> } > >> + > >> +/** > >> + * sys_lsm_module_list - Return a list of the active security modules > >> + * @ids: the LSM module ids > >> + * @size: size of @ids, updated on return > >> + * @flags: reserved for future use, must be zero > >> + * > >> + * Returns a list of the active LSM ids. On success this function > >> + * returns the number of @ids array elements. This value may be zero > >> + * if there are no LSMs active. If @size is insufficient to contain > >> + * the return data -E2BIG is returned and @size is set to the minimum > >> + * required size. In all other cases a negative value indicating the > >> + * error is returned. > >> + */ > >> +SYSCALL_DEFINE3(lsm_module_list, > >> + u32 __user *, ids, > >> + size_t __user *, size, > >> + u64, flags) > >> +{ > >> + size_t total_size = lsm_active_cnt * sizeof(*ids); > >> + size_t usize; > >> + int i; > >> + > >> + if (flags) > >> + return -EINVAL; > >> + > >> + if (get_user(usize, size)) > >> + return -EFAULT; > >> + > >> + if (put_user(total_size, size) != 0) > >> + return -EFAULT; > >> + > >> + if (usize < total_size) > >> + return -E2BIG; > >> + > >> + for (i = 0; i < lsm_active_cnt; i++) > >> + if (put_user(lsm_idlist[i]->id, ids++)) > >> + return -EFAULT; > >> + > >> + return lsm_active_cnt; > >> +} > > Similar to my comments in 4/8, I would probably create a new LSM hook > > for this syscall so that the lsm_ctx is passed through the LSM layer > > directly to the target LSM: > > > > int security_sys_setselfattr(u64 attr, struct lsm_ctx __user *ctx, > > size_t len); > > That seems like a whole lot of work when you can just look it up > in an existing table. D'oh! Sorry, this comment was intended for patch 6/8, the lsm_set_self_attr() syscall patch. I agree, it would be very silly to have a dedicated hook for lsm_module_list() :)
diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 98a0c191b499..e342d75b99ab 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -57,6 +57,9 @@ Get the security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_module_list + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index a89205c70ffa..9eb4cb6bbeb1 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1061,6 +1061,7 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l unsigned long flags); asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size, int flags); +asmlinkage long sys_lsm_module_list(u32 *ids, size_t *size, int flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 7b2513d5605d..af1fd28c0420 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -264,6 +264,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_module_list); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 55e8bf61ac8a..92af1fcaa654 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -180,3 +180,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr, kfree(final); return rc; } + +/** + * sys_lsm_module_list - Return a list of the active security modules + * @ids: the LSM module ids + * @size: size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_module_list, + u32 __user *, ids, + size_t __user *, size, + u64, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +}