From patchwork Wed Feb 22 20:08:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60674 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp788630wrd; Wed, 22 Feb 2023 12:12:43 -0800 (PST) X-Google-Smtp-Source: AK7set+0XZ8G7s8lVAFhBZOcNU9EsJdL3EpcmEtVQS2OmaglPEPAhqj2gHDUXcYbTRZWOzLtgPuY X-Received: by 2002:a17:90b:390d:b0:236:9eef:e285 with SMTP id ob13-20020a17090b390d00b002369eefe285mr11922573pjb.35.1677096763465; Wed, 22 Feb 2023 12:12:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677096763; cv=none; d=google.com; s=arc-20160816; b=D+sRnTGzAwMTAUCo/vKUHXQJnwZr5xbXYDaejboPWmAzrQ0RJXF3c5BvWYMPX/uFmN kK8MIp9rA20YVOeNz0K5ILliE2jKscq7wFep7OypjP4Kcsc29vQas24fiko3Lj8OabqS eGNZsw5ZQURvHKBAUwLPhUFIC8Q4hkDuAOlH/vHpiuL2wJPpjifOlYRg9obI0Gkp7v/T 1tdiotvTVh6YsAMIbflzwMqVtTJglkaLQQ1GXz/lzT94+U+7dUxTKciiB1v5tGXowxRg Q+szQjmK344I2TSoLBpluK1oFJ9jpIscY5bMkaJKJOQbSIBu2/tU/CjMWW6lQ/jY5T0l RxWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SqdMKqCI8Cn0YYZJLouKSt9wPnH6U8YEZfO76W1jilM=; b=ehDY5+e7A93XXLFcw/VZRxcaffzib4YWxtRZQcAeIEQ5tYVqjw1oTQLXY2sF04yG9O KPLks5s1UG5ch8Qwx9CwvgoY1sTHEkGQRhbQ0O9FSIPZP6Fisl3LQp9n678+0ihD9nkZ 18BskKsinepIUyj1GJdB2zkFTD1cs++cqJU5PcGjKXVUJBVEtx1NUADTUKotyPgoyyl5 YRiGdx5cvi4CdqVTQwbBDF+NcXCJgmdnERZr3jiu4ZOsjSwwrJf3BZr6Fl9TFUchZzTl xeYiQKnxmhjFNC+5lXNRNs5pTx9YC92YVSE6SYwCCGCIr0bmO2w3S0CC4YsxBqW2xxY0 5hGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=N4+x1sz1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cl3-20020a17090af68300b00233af8acdc6si5690516pjb.137.2023.02.22.12.12.30; Wed, 22 Feb 2023 12:12:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=N4+x1sz1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231939AbjBVUJR (ORCPT + 99 others); Wed, 22 Feb 2023 15:09:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50454 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231567AbjBVUJA (ORCPT ); Wed, 22 Feb 2023 15:09:00 -0500 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4CDCC16AD2 for ; Wed, 22 Feb 2023 12:08:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096530; bh=SqdMKqCI8Cn0YYZJLouKSt9wPnH6U8YEZfO76W1jilM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=N4+x1sz1VBY/s31POkggaYmrvrIunlrERs5P3VHgVbOk55lbFsaqGiuJsjdZssuGuPbQ+8RJNQ5zfsTRfzCGPTNraAL/m62tJmrB+MjZPbIeitfW0s5afbZfweEwIyAyfETGu5EOZEjZtdri6UK3W8ad9vz5Nr6h9fAqz1l64oPVbuelHdnvE610jeosEmdl6830y6JA9m5Xz9KSC50xJhq5rUEEPqEvqJmG0gt1c4H1njdGvrIevkeoeug5EoPcz5YOOGcayriJycgVP54QZuTxNVQHt/PosAQdGgnhpYkkXMPROapIbNwFsnK4TDbhBtdIWU+Dt5ABrdB+JSP3zQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096530; bh=BCKcsq0lxIuH1Qwh70G+YEdwxXBKjQIs5DgnIVPCVba=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=KZFMM6bbwsVvxPeeIX69KMkJBPVFZekBm3VlHLneiWS5B54LGQS8PayvhBdhs7gSWXZmcZMg0KT1bm3tHyfPX3Ake2MhvDeoR+Agtv4185Z61p5UTgU6O1TfWl/9rER/CAb0t7+ryoY1UlmwdaplIJtP9I6/JF8jq+JJduoB06se44DZ8UEqxeu/CbuX5SBVZrr/5yyFOP2xzZ65qeJVgTm53Wc9n0+YPWMoov0g9YS+/hcIPTZg5jK0vYJP22At1bv3TGABfSRl2cye4DQRYkFkbrIOP8ilQxw3zo6dr8GtAjpQCTXtlKqfptWv0IHTW0XfDZm2/g70rN8ZCGWo+A== X-YMail-OSG: 7KdPFRsVM1lFKkAZBz0FUc7KYSAk1svjF.7acqYnReRR2zcpJuwC9FKJNaQETFD Eye.TUGQIADhyW68u6H1dbIKF1xm7wfqBR3p6tIgBgg1ZTKYDu18odC6vta1AlFy32uuQBhiw6LZ sJyCyLD7IujVOPswDjyUee_.t1bUQ8Kl7DXVW4.ROzHRpVti2pzbT.f_bQCnyS6p1MWsAx7KA0vy .XVLQFZ0Nui.za99nmYRGRyI8G4jgHTofACIySk.ZGJNgsKPGlTWAXMwxacBoIbxbgxSWu89.kh. FIleURX_FSFZ3Kvoeyw_ycgHtkIc.awUfP3PCJSCxW8xJKzmeIsiLECtoyEN.jdKwxP8jRH9EDPv kKn7cRMjzy7HR_NFE0usab2HDK72aCjy.NUhmRCH32mwXtsIqWqE.Q73Br9L8PBkGHMGCNeKwcGV nFXnzO2WY0vqiRgVL25XjA.CHTgCQHx5o1f4WEs1hitMyfbI2QEZ0p2Yo2_Vvq95IzQsDutTj3Sv GbbHDt_rowNEqKHFpL3yCxlyn9Ksi8lp5W7XOymM8Qd5sec.aEd8CciHUG42BAB99x2v4l6TnUYy EhBgVr6ZFvCqLHG9Y1gvQHow4fqHOQkJBLVw9mW4DuPHW5XOId32i4oCYiaNR1udiDaou7bEh4IS 9ihGoQc0HfCqkY9us4yNpbAcfljuss_WqN9D9oB9WY3D7O.Y09tekiKKUT6tnwEGQTfzmm9yqq0I zcn8lGAcxwIWCJSZt.JvBk.eLMemph76HaoHbQvy7eLME_9qCTM3jE2NIxWl9IX443rAicJp6a6K ww5K1U1e1MIWcL80yiu9HVrZMi4JJ.VtuWv.SnmtnpAIOpEsx9apb5s9L0zTjJ_dbT.4qoLEn_3t cqRzE..JV4nwhKaIrPLdcnd88Xfm.XzQTdyBUAw6t5L5UWecHUmUqekCSnIu9F69XVHPbsps63v5 MsjpYG1R2vegLmAjO.BK982z46iFYmEeJCGdQe7Hy7HEA.EW5ywC8ib8GJugXQ5Edx28qsQpJpth ncZ9l0sVE6ibsV3VbAWTYpcUnJzw3hnn88B_XCNSlds7T4QIgg6uKtJ0BJH8QZrDxiHjbZIZk2HD okHbnI4jx_P9ibw_32Tefc7n5OFDxR6.dLYiLZHirGtAtGYco8Uyuc5Q4wNcz1596vl_Gny9yFQd 9tZKiUPcniJhtM5_5d2OBlXCBwgUHw_qsp3i1KubiWdT9Qhmp9_XRKy.mBa4CbUB6LfGxZUWKJYa bADJurt32EMyOL4hN1I3FxVQ604cziDrMaLkMhjjlGZwfzq3MVYceLJghSJRuUGoFM6bECDeembO pemm.jWn9x7ucLXaqleoX1STkUAqn_y1GTqeaqeWrbB13spMUcOqYnW1PRzOz2ttPfNIqgVdRnhd NAOaEzqOQRAVlmZct6leRg9_tL9_k3zt.BwJSeJnejyHfuNH3rqmgL6Yyc7DhFTn6.VBszqLJP5K 1kzbmO0U6qzCbcARU.On_jpvATp_V94OVKqdCSsqWrvruc.9DxRSi8_zWeSn1wYs2_7BoBkVJfLt r09gIBrtbAJvhD79Wq0RweXlwYyAhjxypHXurr1q0OwJZswh2LO4Uu2T4y7pp_4CJOARsuacKyXv aqowI7ild0vyWJWqELrnLPG0X2llAdXn0peovxXE.7jf221Pa_m_HW2Yo4l81fwLgyR0kdBjYevN domjzuuXSj5zJMddtQxiWhw01Snn9eHHVKtld3EmiDMrR3bXumDOFB6JQZwfguQEVCgL8WWPZs1l 9p_Pe9XlSOoz7gZH1lLp2LFiUW0VtpINEpfjFkEMTqtTw7yOp_X7CjlwX4JM1F_hV0xc1t2LT7Ic wQUZEblRAapBCV27A94eGb6aSifPP9uC_4_5opB.sn6OVQC1EO09GJf6bmP_dzPeQ6pQiVyjPTUf uSwJekrwI3sscyrrh42b1fgj6Scp8Eh3yBXHL7nF3U4LWylTVpCozVcFFG9tgo1BGd4X1xYCCNFz so1XXszymZ60t2H61rl_w0sJ.TVJN87uW_4plIWvP8Yzdl4_Xc54BajFVa8s8ME0_XQIIr4xLXox _Gz4ECs.I.wGpl5Zf7fR7TdRGmCUMz_q.jp_6I4fqNIuEEc6We_Obz1eknuTzhMTMse6Gn.0bgxE PZq8Bm_2H89ZrC6qs5AW4FIu3wIJgiMeiskXWeRrwAuuH09U1DD.4xgK5KPECiGWvgr3ucUlM3zY rnsI2OtRO4J4OHFA7Wi8Hui1AMCvYDW.zoo3nZkStCw-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:08:50 +0000 Received: by hermes--production-ne1-746bc6c6c4-z5pmw (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 38997703594d64a58154546cd21056fe; Wed, 22 Feb 2023 20:08:49 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 01/11] LSM: Identify modules by more than name Date: Wed, 22 Feb 2023 12:08:28 -0800 Message-Id: <20230222200838.8149-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758563416235158819?= X-GMAIL-MSGID: =?utf-8?q?1758563416235158819?= Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ MAINTAINERS | 1 + include/linux/lsm_hooks.h | 18 ++++++++- include/uapi/linux/lsm.h | 49 ++++++++++++++++++++++++ security/apparmor/lsm.c | 9 ++++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 11 +++++- security/smack/smack_lsm.c | 9 ++++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 21 files changed, 217 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index f16337bdb852..54c0f54cde89 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -31,6 +31,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/MAINTAINERS b/MAINTAINERS index 39ff1a717625..3fe73ddc32c5 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -18820,6 +18820,7 @@ S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: security/ +F: include/uapi/linux/lsm.h X: security/selinux/ SELINUX SECURITY MODULE diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0a5ba81f7367..98acafc60f47 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1665,6 +1665,20 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * @attrs: which attributes this LSM supports + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const u8 *lsm; + u64 id; + u64 attrs; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -1673,7 +1687,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; /* @@ -1708,7 +1722,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..523748cae615 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,49 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + */ +#define LSM_ATTR_CURRENT 0x0001 +#define LSM_ATTR_EXEC 0x0002 +#define LSM_ATTR_FSCREATE 0x0004 +#define LSM_ATTR_KEYCREATE 0x0008 +#define LSM_ATTR_PREV 0x0010 +#define LSM_ATTR_SOCKCREATE 0x0020 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index c6728a629437..0c2f4d47af42 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1217,6 +1218,12 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static struct lsm_id apparmor_lsmid __lsm_ro_after_init = { + .lsm = "apparmor", + .id = LSM_ID_APPARMOR, + .attrs = LSM_ATTR_CURRENT | LSM_ATTR_PREV | LSM_ATTR_EXEC, +}; + static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1912,7 +1919,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index e5971fa74fd7..5f3c6dcb6850 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +struct lsm_id bpf_lsmid __lsm_ro_after_init = { + .lsm = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 1164278b97fd..76c5a0af95d6 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1445,6 +1446,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static struct lsm_id capability_lsmid __lsm_ro_after_init = { + .lsm = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1469,7 +1475,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index ec6c37f04a19..2eb1d65f10d6 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index adcea0fe7e68..fa0e6e76991c 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 4c5b9cd71286..eab35808f395 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 3f196d2ce4f9..9104133d04ca 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +struct lsm_id landlock_lsmid __lsm_ro_after_init = { + .lsm = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index 110a5ab2b46b..d5c1373a096d 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -203,6 +204,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static struct lsm_id loadpin_lsmid __lsm_ro_after_init = { + .lsm = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -250,7 +256,8 @@ static int __init loadpin_init(void) pr_info("ready to pin (currently %senforcing)\n", enforce ? "" : "not "); parse_exclude(); - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index a79b985e917e..e8c41a0caf7d 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static struct lsm_id lockdown_lsmid __lsm_ro_after_init = { + .lsm = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..8d0742ba045d 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static struct lsm_id safesetid_lsmid __lsm_ro_after_init = { + .lsm = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index d1571900a8c7..07a8fe7f92bf 100644 --- a/security/security.c +++ b/security/security.c @@ -504,17 +504,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -523,7 +523,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->lsm, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -2145,7 +2145,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.getprocattr(p, name, value); } @@ -2158,7 +2158,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 3c5be76a9199..5cb09986a2dc 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -7032,6 +7033,13 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static struct lsm_id selinux_lsmid __lsm_ro_after_init = { + .lsm = "selinux", + .id = LSM_ID_SELINUX, + .attrs = LSM_ATTR_CURRENT | LSM_ATTR_EXEC | LSM_ATTR_FSCREATE | + LSM_ATTR_KEYCREATE | LSM_ATTR_PREV | LSM_ATTR_SOCKCREATE, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7355,7 +7363,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 9a82a15685d1..a27157910fe7 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4856,6 +4857,12 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static struct lsm_id smack_lsmid __lsm_ro_after_init = { + .lsm = "smack", + .id = LSM_ID_SMACK, + .attrs = LSM_ATTR_CURRENT, +}; + static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5062,7 +5069,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index af04a7b7eb28..a4658fb5ef0e 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static struct lsm_id tomoyo_lsmid __lsm_ro_after_init = { + .lsm = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 06e226166aab..2487b8f847f3 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static struct lsm_id yama_lsmid __lsm_ro_after_init = { + .lsm = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -477,7 +483,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Wed Feb 22 20:08:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60678 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp791194wrd; Wed, 22 Feb 2023 12:18:14 -0800 (PST) X-Google-Smtp-Source: AK7set8QCDpTWKTRI2+8M7MjYAZVyag7+upKcxrGBc4LSrbDK455O3bxgqEg1rSYBPjCNvUX80qf X-Received: by 2002:a05:6a00:18a9:b0:594:1f1c:3d3b with SMTP id x41-20020a056a0018a900b005941f1c3d3bmr12139584pfh.16.1677097094335; Wed, 22 Feb 2023 12:18:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677097094; cv=none; d=google.com; s=arc-20160816; b=WcHpFwGqdMm193vxCRYkxbmCrl5d1VKLzg5l5Dw1DYyNF2UICCQZAapV1CxfAMgCE3 bTBxWw2SoEGHp+TDxBGuo6k0Y6ubqIxWnjnEQ/HawojTs9C2+9loxK9gqhv6wHFg1Jmf 4xyfFaH+fsE97yOCuRaVgMebKWEtud5zpliBR9Kmc5qcAGte4cYyIemYsUuRWlDVEdmy qEtfbRXqfp+YhtBCRDR/PpbWT1Kl4bfCrM8XMa5f1lnEQ5NdGfOKS40OG6G3TPNdHv4s WN/oUSnxCF/thOJ/8JKVR7B9k0MQYfoDh3HYHG6v49HcamvKcabE4bMjffh9lCBw1MKI SovA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SfaO9YNX2ggCyqh2Ryd/ehKKDPY2SHSxQhS09vx2DrE=; b=dmHwd2smSYxDEpqV+gR49X+NeQLBJlD/wHzztMAETW+KBdc8fDgml0sDOFZ/6hm7KH DwKp9G2dw5hHg7WNRObtIG8KLOpj0J6IpixN82kB2KXRurwIpS2yypDVg6WjudMroBLY NA8Qx3928QIvKv2hRpkUWSWRWS8AbWXNRmWzcyLsiRuTiXOwUVJYDWydwMIDXoTaErnN o5PJbA+BLgH/uiILraF9uQxxifitn7HCvqJWUWWdZXqCZ2zzxD1NMy+paulNfsY8ifyP TPHpSlRZnV128l18BxlsX9QHZMM1oBLW8yJWuRBlCJ97o+w6Y3l6wH2YKHkbVZbUK00p Ew5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=I1GJgPCA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h187-20020a62dec4000000b005a8d4f27a2esi21896704pfg.50.2023.02.22.12.18.00; Wed, 22 Feb 2023 12:18:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=I1GJgPCA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231901AbjBVUJI (ORCPT + 99 others); Wed, 22 Feb 2023 15:09:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50458 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231500AbjBVUI7 (ORCPT ); Wed, 22 Feb 2023 15:08:59 -0500 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C4DBD1A490 for ; Wed, 22 Feb 2023 12:08:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096532; bh=SfaO9YNX2ggCyqh2Ryd/ehKKDPY2SHSxQhS09vx2DrE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=I1GJgPCABsraOo8Dn4/ofn8WzmKVt7Dl+2lBZ9E3cOJKeWtOckap1zRdeonNnrG0O/SixlXlpdL9RAuwc257fX1BMVgyF2e47xA4fKvaUpunlEh3BmJQOE3QbTYizXnscS+2iCEh/ceESKqsjNwZIue63GSYQRzxDCOn2wFP39whl+hnKUR1ZpV9eRiEt8rNw8N2Aa5SraNeCPS74x4fgjB8fO7s3wfqS/URwtaI9vDGX10e4b6CyzUZAOrZeClbWY/yhx1ctDEc7dp83qgHYDzvYTIQzV/5Yne+W0Qy6lXm7ne0yZGJIk2ydvV/MypvHuY2LSsVeRKRxa/X90BWBg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096532; bh=nTrhMU7KjMsspPITVNZQx6DAfX1D4fu7wEUSY12U12c=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=jVR+techqqeB4b4pMYa0VX+WTrDSNZfs5x5POZV8XsCP/NBFMSGwVLHUNXOQfqcjRGhuU1ykVnGTChzDX27RFFqNwZSBgHIddIfpvehnKWpPNOlF1muu4zV/XFe3RcCsWQQ3XuRmAi1ncbMng3Rfxgt2ewY992+6sRp3ABaJn8JGBoRl4RqXGkaclG1RSH+CzLGohq5Lj/VJArA7eO/Uiulo6TM7Q4owjInqsVAl4A/E6YtijmrnIFTHCq/H31xdu44x29jOMCDA3kxl+dwnFC6HZnKg19DkusIMaVdlIX3ymC/nrdSRyiyR+3AB4txHN1Fa9xQJl+nIYwkQrH9rFQ== X-YMail-OSG: EX8mdDkVM1k8pKw.ioimmG8G7gkIkK63ATUH6.8JR9Blk.FrRUaSo4w7AXEauJx X_9emoyaJOioHAVFMP.VzOrZponoUPvZOguN1agUpWsUPwkE1AfuF8uU.tNcPc2cbfU5QE8kpedI KoBiEujc5Lzn5IHteLeDTFShTdje7qFg3qVvCaV7pg3WPicl0hqPtk7CQ4WoAgf9xHCt6odbxf8b azuJsbMnHSM3sutoBmG49cIb5YzKkhQW.qjG9JchENOQGBBr6qHcfj87FfyAa_FykckDms32zxSB HgKtAkDKdAMAoDVio6meRimNyIQ82v7k6xrO_wQqEeTRP4eU6F.sQ4s28A7rz1HtybzH6ZH2Yw7g z92odHxFVzTBr7DKTIwwamOeTIQ2R5TqeJxhBaCXPHzJw4LlvZqY7WhHR5eYuSPIC_vk_W8KeqZC SPm3IoPZVtq.faYfGqVcug8iqy85sn2kodMG8DXvOCfQpDiPNWbSeYwUFVrHShvJwvNoN8u6zma3 fNGLcq1dFhqxUU9m9RAhtKTwHAWDgUbcW_J45ZNB9k8SLlq9bvliiq0jdkaPRd4MXO_2H9ZwpOem r51ngSmZZTh8ja8SkrjWzDBuXF_yzHevssP0_5aqtMzrCQUoKc0588UyadsfUmGb5_hqQgJG2fr. tGlUjYXrFOGxXebOz1K7C03VLQaG8XCmUtSnceJRdHVOh9SxCnZdwlMfUT3f2_3LAhzTDzNefWJl B8YzNQB94WC7VuYRmGMlB8eojSfPJD5kfVSa84mL__iufq5zYdwriq_yVPMGtFPUSheh_sCMxbTY Mge0HVIxk1A06VYMOalcxTdEIcKpYm1yCBCClTDFKkWseBZEyCo8fHvdvZThn0TCpNeYNriD2TTO 6WCNOLG8PbbrtTkKMYRzU8d8Df.0PP5SMGDwziJCKb2sKpo2oD.mvO4dfT_X2lRhHtVDet62Ojtd HXajGRIBbTabMoUJxC.Xt.llTtGt.6PonvtnFImY7KgRnbkyxyUlH5AB9AE7mZk.Bj1mYHZLqL72 Qx09n2VN7D2dJQxZInDC7Wx8yU1t0E6vDQKfjXgMaFh4l16XP2lj01xelZE9WCR_wLtNbzUhDDc_ vfFb7gLo.Ls7s0KL7Ef7YZ3JN2u8eEjeBPyJ2Utjt6d9tNd78Gld7MqBoU5jXcQUOt2M0HO6ExI6 F7Dkjq7hMG08RmnkH0WQJNzZF8Nq4tHna3eprHjGvIzZJrFcD291bPt6XvMF9pnksP0IN1.nBGra vMPSEMQ702DA1tH4DedqqfATbNQ2q_3Ur3ntEdyYD_f38EUw4Y26i0DuqTgbpF3p7j9ywl8P2aFo I0RH_xjk5Zqin0qHzSsAw9UnoYDYQGlWWkycoiT6VtZkaT_80xOQepynlTErVqG3ZCJ341VDgeso lko.mpXRnFsWQlwJph0AmUo5ob9TB_hOYif2waLF3A3cT6_m8rrbdOmtStsJ05if2skooPH_Rqyw il5mHOQha1moYohgjexObzQvaXE8X4BW59DCmv8K_K3_lsaplP5_0X_qZlkXSrOvz8ooIT0TqyZo Fbh46MNoj6_9pdug41dJycQYfyFREr4E3PwgJnr_TJ8LIJsM5z3krFBEOacuP_zFZSMrtIOGYt2X Y._j4pBTQ6xYXTkwuKBLgqyQps.w8QtTa2Id70pNwYQL.LKfaKnbiULCBDjWPBKewjwVwcEfvoaE pdE21n57cbvE_9sYOZVjgJshVAIfz_UFila74dCYAhJ4F862Qip4lK8Wj0ANQg2Dr044dyIpBUkM Sx_cl5bBB1jWdK0e1JeCHfW3woXX1xhSulPJvrkyH9UN3E.ayvEVlDKsrJ59G5Ok7VFrgcOve02G krTBmSu_kqUjgG.YQShGESyH9jxOXXGGMji5S9VNBDxRJN395nNRcRHCo4PwgQJDyjcGMdbV4k_k sitUyhXzUmYhlALosh3T38rZ5IaAchCBGZSWdEqbcyVnJ6dGGl6ZrZ8KXWhK9e22hAqpvHD_mWE4 axeY7YHY3cfH9dWYGS6jc5qSgrhVucuvG1OWv1qpSczuvWY89HKcn30DA7jyGdobJ_Z92SmsIB0S 7x4aIUpFWJ.nc29LpcR7RGN4XVhLuypRc375qLGGPSQw3pZ.vuiXemsiqmbQGDZCWVC8f7mvLCzo JrCmYALBTDWNnfMzNTOQ4MQt8YUuCXmq9y2rF_7JSzXW1Ki2OraQK7Aa2lVLVdkUMzwMf_KCxRHC 8U0ksndi7UN.PYtWvzuhzBJO2jJYLV.qHfhQ89LH.YMOKpqH5L_TZgbx_M9NvpgnoXNux3YQk9qY sD2HAe44zhOjRjV6GQTc- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:08:52 +0000 Received: by hermes--production-ne1-746bc6c6c4-z5pmw (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 38997703594d64a58154546cd21056fe; Wed, 22 Feb 2023 20:08:51 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 02/11] LSM: Maintain a table of LSM attribute data Date: Wed, 22 Feb 2023 12:08:29 -0800 Message-Id: <20230222200838.8149-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758563762743601640?= X-GMAIL-MSGID: =?utf-8?q?1758563762743601640?= As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler --- include/linux/security.h | 2 ++ security/security.c | 44 ++++++++++++++++++++++++++++++++-------- 2 files changed, 38 insertions(+), 8 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 5b67f208f7de..33ed1860b96f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index 07a8fe7f92bf..4b81734ae9bd 100644 --- a/security/security.c +++ b/security/security.c @@ -28,12 +28,29 @@ #include #include #include +#include #include #define MAX_LSM_EVM_XATTR 2 -/* How many LSMs were built into the kernel? */ -#define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) /* * These are descriptions of the reasons that can be passed to the @@ -90,7 +107,7 @@ static __initdata const char *chosen_major_lsm; static __initconst const char * const builtin_lsm_order = CONFIG_LSM; /* Ordered list of LSMs to initialize. */ -static __initdata struct lsm_info **ordered_lsms; +static __initdata struct lsm_info *ordered_lsms[LSM_COUNT]; static __initdata struct lsm_info *exclusive; static __initdata bool debug; @@ -341,13 +358,16 @@ static void __init report_lsm_order(void) pr_cont("\n"); } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __lsm_ro_after_init; +struct lsm_id *lsm_idlist[LSM_COUNT] __lsm_ro_after_init; + static void __init ordered_lsm_init(void) { struct lsm_info **lsm; - ordered_lsms = kcalloc(LSM_COUNT + 1, sizeof(*ordered_lsms), - GFP_KERNEL); - if (chosen_lsm_order) { if (chosen_major_lsm) { pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", @@ -387,8 +407,6 @@ static void __init ordered_lsm_init(void) lsm_early_task(current); for (lsm = ordered_lsms; *lsm; lsm++) initialize_lsm(*lsm); - - kfree(ordered_lsms); } int __init early_security_init(void) @@ -513,6 +531,16 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + /* + * A security module may call security_add_hooks() more + * than once. Landlock is one such case. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) + lsm_idlist[lsm_active_cnt++] = lsmid; + + if (lsm_active_cnt > LSM_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Wed Feb 22 20:08:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60675 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp789489wrd; Wed, 22 Feb 2023 12:14:23 -0800 (PST) X-Google-Smtp-Source: AK7set+vtr2AZf/NJ7ukwlxm+NUnFiZw83fzLwsoFAVAYlXpZmJUAh5t2CRjlZoPTxDE0rji9HUH X-Received: by 2002:a17:902:d48b:b0:19a:a810:51b with SMTP id c11-20020a170902d48b00b0019aa810051bmr11000190plg.63.1677096863582; Wed, 22 Feb 2023 12:14:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677096863; cv=none; d=google.com; s=arc-20160816; b=oYlY2sQ8x4Ffmkjne29xy0A/MUkRw6er1E6hV9JLMby4cnMz2RUzFKkvY/3EIuLW13 XO+riulcHPb2SZ+DsGlOIMfIihsmBmxfR/n5ANwRgfTsoafIdDmSoeJYE/rjhyze6lgT OKYOGvNk5n/MIuoR6YkqpetWc6Ki/wO1XWXpk4h/j8gjm94tQQjctL9bJktHgyK40cPN pNPDv9bVf5jwyyqWkrpOqZZ+aVEgDn/EqRQf8NKCDWzaCKuZ7m+h2Nd/GuJKp4V8ophJ CCJ4UiSWnV+0ukt+WEFBEe9prgbpOCIen1VVWLltEBoIuAIZmG7gtFQZeBdzRzOFvt2j gKEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=B5Ym+ZhpD8jge0qIBetXq+jxFEPE1o7Man05K2zRvxU=; b=bSMo2dOVtYOUh0CkLQ6UTGxqb8VNRDH/f89a6at1ZBnDrIYPa4nsbvK1nmedrcyK8R /oIDE/d00LykO9XsPnx7t6WHQnNNUYqlgsNIMxp7E1C51oXcEOxrm7dPbjAGxTjEuG0q vhxbgflWHdRR4VNbkeLlMScVx78lM56b2AAjTL0ICX4XUSJvKuJKEFKqQApYJMzv5Y4l N9vdXHcYGHwgv6UtwAOiCfJQdQS0jo5xaNTs9k4VjqBA9QHuTJIFbkjwoem19U/bkr6f ka/YxTa2OzN5ilM1WU0iBnfWl3hKI/7ZcoH4q2voecf3U7GgGe6B5T69lBIeGWSuUBLP 4GoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=qz6vJGLb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id lf16-20020a170902fb5000b0019ad833e5b4si292567plb.60.2023.02.22.12.14.10; Wed, 22 Feb 2023 12:14:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=qz6vJGLb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231976AbjBVUKc (ORCPT + 99 others); Wed, 22 Feb 2023 15:10:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231799AbjBVUK3 (ORCPT ); Wed, 22 Feb 2023 15:10:29 -0500 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 299D6367DC for ; Wed, 22 Feb 2023 12:10:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096625; bh=B5Ym+ZhpD8jge0qIBetXq+jxFEPE1o7Man05K2zRvxU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=qz6vJGLbS21pwR6VoiTJSQd91DvoKOysKWt2khlPtQxPjI+ppXex+mRvrhkxm4fHlT6crlWLbFQQOBw6PYmKSsdAg6udl3P+APPIv4uaP964efTr42RC9x1EM0PGJq46vuy/h18v3CBgBWhJ06JK/Us3gA3x24Olrd1jftkniIUdNUj2eMPis7juzAuKs0wSBK6PRztbcXQgI6C162M6FAteJ5UMzifPtuWvN6KJwx7XzoEwfnXRnAyImxQscpvV2kBoV3vuA+5Xcpyu2SvhlJEYg8TRr3FcYx9d76c3D+jf67WzRQKQlv9dTwe934bzoPwNiS5MPEN2fd0atTnTBA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096625; bh=O4iBGhIl3ETBCMncjd0xYZq8gcAMRUe+DGnOFlY6hY8=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=p+x+rTpesRWquOfIyPPWPtqJJsxp+giSfJ84tdBr+OdTTRE8yW5SaI0r4wAZYv5Q4yWknLrMXTpxDucTTgTCBFUEwPA1i5l8dDmdbiW1UHjKhdoR16hYIEfRTfOGYwD4t7++5nBcKUrOC73W6K0pAV7hyURrfm3WfDo5PDC+jS8yomayG17LEjHulvIBs0oB04KgqF5OCN4MXBkhR9s5LQ1bLFPLmhzWd08yuRsGBbP+gCsDMcD8ySHS2DmnqPbUHaXgy6FoNBnWMXhcbAh+gmBfuVw5rSvqvSWzjIHgqfR8nk2KHEh2U0Ph5Qo9yyIrP1QcBnluzoNHJPfv+9GvQA== X-YMail-OSG: D0ixvOAVM1ktltEt9bSxHoS.4MQl9Nb5ORCxa2BpKjuMTLrSN3APjpe9xfhej1F TDKWk1sKzw17KUZjcBTDBqkXd779Hsfz2dxitxo7IfrRuDOUCNp5RlikshBmeAGgEl0Pp28AwSck BjyTT9w.hoY.cmplkhNoQm6ppYm4EHh_vYmzhOAmcxn2zGdIN2XxRNe7Nojp3F4BJT9JgyvqbV9y c_fXnuLgncatCPDF60COP6tURFrvI3_kVaOjlvi8ae9z3DTAukVqyUugFiujHij1TWgmJTmXjNok xQ2ISyCekwSUUpk72TV0IL325rO2jLIQJ0o8O2JJtg9Zfm5StsvMF_W_rtXg3Z3_y5quU50pUQcU a7wdR.iPwvZd8wDjqb8T5Js5mPOprb9vIeN_O9aKytmV5y30PMmXNJ7eS3T8iTpDUsQnMiG5kczj nzfW83Mfh1jqDGIfrP2iSXuNzBYHbXd69xyXqRyLlvbv0JrED0FPiqzFRIWeuoDf3cVvT5fBctyE yTSy3SVYex1cHFN0sd8KHN1ORKCs1jvWOKUfVxf5icp1P4DLjkhfM1It59UPPA8Aq962PT8KnOp6 iMi.wEvlqQ90xOOjo48IKYfMGIwX88PhgOVt4fWr89NhiWp_0loHlr_4t0_TbVXU88UplQ1Z2ysE dr9eG_NIIOj3zTNBvDwwQ7L3cAzi0LCbvvNl_qG7xUJp9q0_kUlBuUbMWZKY0cEM1aK5yNoCDOFu tbReegAIpAd2m01wH9JTRpKoOFST7AM._KUWAXCKeqiPD5.0GiLPkCiaSrcHCirxDFKhzaTyU1Db yDqqyPn76ElkMq8VLzuIWkY0oPRu.ndcp5_zcpvyHF8XtjILputDpEUVgXixqPAH6tK78FoXtlMQ tlrjIsV8E00b1aIi11MMvhJtnmslm96KRmA.c66rQG7O076FyHwlkiXErqQc5EHrcL.o5SW2hocL .ooYi9W1cydRS5Fb0Yk2CRTr7AYcqiXe6Q3q9a6tpNiwb0UN4uC1cyacM7.zcEWN5nsKZOqab8ip 6hxLXsS6nAzj7LjwGjadfYen4ZJZdWBjWaONnCRtlTbAnE8b3cEamt35eVReMtTPir4h.XwSQDfB .nBay4pk6nQJKqtcgOjb9eXx1WjslMGz5awO1MSDlW0NIjyfsHZBYjG0RYIcFKgKjui5LeXskhf3 xU9kuCD0KKHBY3c2QA_R5HvUvtx1D0fi9aiStTS9_nMeZxi8VsL6hHuEYpBiCqva4AbALMcZGS8M gBhv4uaVdjxE0PHlQgEQztNU93rWvQWsPPW1RWejBjZh6XiafCWLF31B6JW8kXvyk_LDRjkUywLR Gh7Tg0s57q7fgKeS4JH.z_7H6vScormtyGRS_JvXhAREO3TtosgiFjFVGyMQyUqLgubXXYhmVlct d5f7jxlen9DS760xc7ppWPNvPzUd7ZLJf2qnTS8clT8Y8qoIq7IlaGJuxux5nKuhHYyvtFKQ8KO9 PUHZZfL4p..PG_y0ROZj3p1Jdq2qPkOYrgxFGLSRXE1YmmJf0kO6_yBi.drR6eS1bQyHlGj89hyx dA3wsYjbptvCPpDWTvzVtGOkaW6dJtu9SqLb4qLStdbS3bhlJC_SCpnOZ_njUhb6xRKHV0gytHGY ZFIULOHSA6ZvhimUUvJ49AoTbci9i.vnkU2JaYfa6SG_gkalyRKjttOYqWLyo5ywQMkQCI0aSzPd 8CS91MM179m0yujeXlCFImnRI7_Cage04voGh545JMosO0pZDDHgAC9u5CY1EALaK6mf9rgmShu_ 8ovGRRQ.K4qldkzmXx3eIfmp0LfQoTAP70cbIAHTBIVDE81JlhF89oYCoq8W56B7BWgfLMZxfz.C F5EfNUaIOe.tHqqna5NZpKqGP80qnInIsQDPTEvmGQpF_TvmZu8YGUaTUB5DxOE_FDTstPp4Q8Bi iW1PGwISiVIMR7IT2DuHw6n3hWfvAo_W2LMOmGIIw5LvFsWJdDwDEVuhEqdWN6MTa3m20FUJvBhB HSE6K09TPFEdL1KYSZyR0KSYjE0L57NK5COK8fWf6TrwFc4_fA1FJ.hdqWxvUdEbuDPnArUQhnWf 429Mv7IB2xd9.ZHNMP0Uv7lwOt4ELDqsohcg_26Hn5JaE3ynFO30S_lCHImgg8x8PCMLCwmzMBsz YVPDC.68NKH9VYfBbbnSUzu4Ib5dlmsDvizOdnEW6JZjWSCrs3W7r2GtZU.z9dBjBZo3amLVsmNX jvoMJZggFhweYYp8l7L7WWUyGftOtwb2x95qI6lpBTufBonLkRYWwjRA2nT585NCAXHvUdX0gnJV aTzbutcMKAGW5bJYdwYIwRQ-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:10:25 +0000 Received: by hermes--production-ne1-746bc6c6c4-sslbc (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 54abe124e3c28d3626a364ed2359f9f6; Wed, 22 Feb 2023 20:10:24 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v6 03/11] proc: Use lsmids instead of lsm names for attrs Date: Wed, 22 Feb 2023 12:08:30 -0800 Message-Id: <20230222200838.8149-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758563520940344393?= X-GMAIL-MSGID: =?utf-8?q?1758563520940344393?= Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 11 +++++------ 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 9e479d7d202b..4c8c886d214f 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -96,6 +96,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -145,10 +146,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index b701d0207edf..18db9722c81b 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index 33ed1860b96f..2d09e818a7d1 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -475,10 +475,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1346,14 +1345,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 4b81734ae9bd..3308d7c8a20b 100644 --- a/security/security.c +++ b/security/security.c @@ -2167,26 +2167,25 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } return LSM_RET_DEFAULT(getprocattr); } -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Wed Feb 22 20:08:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60682 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp797972wrd; Wed, 22 Feb 2023 12:33:22 -0800 (PST) X-Google-Smtp-Source: AK7set8Wx68d2ooFgHF9ggKJVmTncFcfvrC88EWOWaoCRjwe7mnXGGtV4wzGGBPTWHATRhEKR5Tt X-Received: by 2002:aa7:9e87:0:b0:5cb:ee71:5069 with SMTP id p7-20020aa79e87000000b005cbee715069mr7384253pfq.16.1677098001696; Wed, 22 Feb 2023 12:33:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677098001; cv=none; d=google.com; s=arc-20160816; b=lW1rc9wmuJC5Ps4vnVJgFF1nEEd1vyjKfSDaa3+BlxvJ1BcompepyxvxalemS8C6Uk lu3RfEsVLWgmELG/wFPAhXjyT0wa+TnOwU/K7TynzxwJIJ2DeNMtsSau2OsWCtfSJzfl CTwAXID5hxzj2ne3XRAzP6GAN/UQnAH3UGdUrQVu/2rWIWDP4n/yeI5vjeRPP4zywR9e 7IDTm2GSAgn3mNi5Q011XL/KXHs80RU54cq8vFL+JonGjDOjxS44EJGGvYpiIyS3Q5oA 2wHTdcEPfetBCg6yxh4ydw4wjxiOsrHc0FlO+illrKbvdZihgYBYTLGY66FNYnb9GxQF 1L0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ac2DH240ccP70tJ7aTNlZ4rvLLgiO47GgOWabCeHZ/E=; b=Kq5+5jI44iym7uR+dKAdIE4bc4xjol663AEFKKa6Zb/dpJYqhGib9ZBURnS5trYaSx VXamrulhDWX2dU17NVZh6xQJcWEtETb1x/fam9Xyr5m6M1fcNAZRjo1mYChv8AjtFlZW d29/K3EBwyvUaxzZZPUSEVckboLSjx+yfklx0sCY8JV6N9SH7RotQtPnnApUij1zDxDG YmfLOcaahakD59jlE7VsdngWzGbl4AxL1zAQ88a83MD8Fxl4eFIkr3Ys/YNDqCGf1gqt r8QC0OCDar4mA7quYzOpSMtcPOOKgpuMXjSLhg4N8u/MQnIlU/r2ED2FLydoMPzFHiDQ qu/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="YQR/zqeH"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t140-20020a635f92000000b00502effd3bb9si1181384pgb.521.2023.02.22.12.33.02; Wed, 22 Feb 2023 12:33:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="YQR/zqeH"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232129AbjBVUKf (ORCPT + 99 others); Wed, 22 Feb 2023 15:10:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52552 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231820AbjBVUKa (ORCPT ); Wed, 22 Feb 2023 15:10:30 -0500 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F0CE742BCC for ; Wed, 22 Feb 2023 12:10:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096627; bh=ac2DH240ccP70tJ7aTNlZ4rvLLgiO47GgOWabCeHZ/E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=YQR/zqeHerEekl3NalfENeRNV+4+u3Y9Kx5aAH4oIUpJsiedSMopPCanDh5vwiYy5oAvwXteDj3Ml4NNHnzRKAb3jTgQ+j9cxdV7PGPqv/qOQA07yHBD3Q/IN++ho/cUp6T3grRa3aUiZ9N7o780n2unFHtY06dinXKRG6Vj69ubfts2KrK7bDrRVilJROhHGpvcONTAhT78n15TK0cgWe5KqtHW1j8x3iVsWtFNNy7k+YM/weWYJkClpb8OFAOUoOGcHbWuPhpPycgKUQ5aaRMsRapM61W+q4o9t0p7HqT5X4lsWuyuuYWibBaF1InPpXXdWCNClfS0eje9ybnVYA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096627; bh=sInyFTdkVO659IWKuYXw81DE8LPZDH6qzGqQKVVtyC5=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=mff6revjclh/UE2DdIvO+pUauC+YfGavDAdK1S7SDbOkoLoq3MYvPsbEp6Jiqiw29rlHl6Ieo0cZSyMwfjtehzhgm9ZVaDrEtgjWZhqTnqEFoS6pAzKjtnBKaoRVmUwoaK1XegXZn+YFm+p25yPh3n6JoKI3aMQXR+B6x0QWwpWoOdBgfUfDV1HWqHnbqTGcWrCejiHtECTd38N4go9wKEaOhRfDREZo6Le25/nO+n4cCtnmqI1UBXlBK4HHHtMCOykgw+p+JqA+OpeZRGZEp+gUEiil613aNBTiG+bgn3393eYkM4qAwM2m9RdSkZgvgu6vYzmZbwrxL4xAQ2/9WA== X-YMail-OSG: 0fhnapoVM1nroGpJ3ONILGNDUI84hYbikw5LbgqyMWu3zCSDdqMnfVZFGidIjig 54T9tDADywPyjfgHomUxqgPXFu3.cZ.E9DOA8t9ret_eWe8HkMAz0pz2hr3ZbPD8ljwUFh2hTvlK kN.cpv6lBHDuBYd7OaTlb90.vfnwvPTqTb8yFFyAg7BU_RfZl3xEjuN7b8HcDflXihP_EAemRc7P eIvcytf47szCnggV4r3o.YtmyXQytavFMaUfGiKFQP4dwVPmOUPgi8nES.s_mQ1v8r3xFgqq2Dpt ZBPKYwU4D0MIzM7d2girzixdGiYRmplhNl8wnmnDtl_FIgYnAjZ4mSAkAmtSQ46qMrbUBDRBJwId X4W.mF.RWZ11_7eJB_ns0B3A9RC6llwqa.V_uqFxtAYOHavCN5Pg6YMArXCFxYC7v7WBuKDdE9dK DKTLZ1Kycc3E9r3SEdi7DMncm62.zH6Lz1SAdG5c69tOdQZdIbxXj5byTLYrDJ8TkRpllMSsHfIR HFIkK7xCVUBhDwOZZqDU7N98svlwId1fYOVCnLOE_ujo6Jo.C10mR3N2WEokS_r4B87Pxdw1B2g5 F81p0ZpqJExtTRdsLOq84ySlp2ksTg_m_QUCF_8mGh2rgskNRkWgTrHFj0FJaUZJ5KxWonpRpjmR 1HRsizE8d0NbKzO3TMDuaxX5jSa80UNfjykTcRmo8x5kg_wKMbnt97lIPOOT0wuIsXsIz3EIfhnD yltuXuf0adiUBbrln5pSzkJYX8DVjhUk_9f21lpO1X_mZH4XWp3f0YA_Qo36CZR9.njeUMrINL7I hpm7Mn4GfY3WKjJ4rYSNd3sIe_FzYQj1Qggf5V9oVx9RaVHCdcVFFOs5zzSgFlMCOwMV0oRqR7_z j0xP2z2cbXKtSPSUQN3IEpHcG5Dd5OatiJ5qAY_AhdDD.TJOsY7SVylVRblo0mTOlk5jjD6TG2b8 x.KGCr7YYJfrEMhKGYuDfjedZV1pUHoL.zOHj_qPOxSLXaSG4bRTwlpeoshWsgJlfo6lXWUMCT6Q QHjWcoovDz8JvJ9OHKCMfQ97bmZboEOQUa7sQHoMcLor02oGZg5p9rkOrFv43rNk8W74sPrwKAr5 qpDLUIW0z..t2ZAM4Y6mvNspV7xpbPOBD6NdfGR3xEfISNc7rFtbaUOUT4xKXOupLVP8AQMKOEZ0 Qp1EJyKtkqU1lCZfA1PtWMwEnirZwrmaRWIP65VixlGlMGlRKPquEKg.2RZ6LQIhcRX.gReahzah F3Gov9sUJz5iPa05XXWf6HbIR37sjuVA6oBI8OjTkiqV8ut2rVUk4n_EAlL9SFMRC.sf1K.7FxKP xZwHIKKGmZ_LgnSfwh9O_c7FcytYt29KoYoUzTSYcGbyZRqB62qG3xPhtqGXNjASdS2b3U4ZHSMV yE0k5lCeDsEMQFUZNZgKk_E7wQ36.OFtpDn6oPFmnmplFHxkyBECpXhnyhy0TO_gzcAp447aKblF zgmKvfJLDj7YWlruiG0gou.5DIoC_TqmnLO.UNxo0Mmk97vEXfwd4L_Cq5SYHJS8UPXpUhO2TdcS nNhqrgWlJWjt0eGwMOMTBi5hIgBGffjq_EJ_FEn06YtgiHmczHU.WBgAhlDQeznpfUrA4gIu4bNJ ckT1TA7kK9nZThIB7JR2M5Dvi.Yve_ieSepnvvSL5a_XQimeLiq7042nAhetRQXxQTKmw.6hnPxg Uz.m7Di51bxjL5BZfk1oWxjOmCglRejUc8BaytRAOPIDcCz_0vYqEeMzlG1wq_wutnvMXbaChcEI EsbgqoKXsc9nuF8w2f4tyj4.OeA9lHLK6wO3YqwP29ZLBQhxpDQDeKDWUL.OLhZuAUcL9KCYyzKr HolepMM2_3Rlw_KLCnyXwr3qcw0jp3gM2V_jM9NaOLCYlAsGhw9PB8rALVGgUcgUF6ihmrcF1qrW wjGrDSi94_KHpaAAYetaJNPK6wK4wlBto2kYlCoB9jJGzv86ORueTI5eUcEqXKzAxFpSBiCd1b2j 1hg0eqOeW2wDYC2qbWCY3foCCtb7uXZWcBus5Ly9X426XpH0sOoQ_R_52o9JG.v5vSWHB.FEC8ms Bq5VKPwmbHp_95gBGiBJQlDOGTy3Lww7R.9FIzyfbHQAOrJH7FuFgjlSBsRowPsAnNjyC3YWs29D iUDWoT5605D14tWrkK_Nwhn30ofUBH0tGYtPUQ0X_pHZNcUhzcdb47R0Fc8Nv6Tm1P9EtDgBB7Bi ZYaLVP0Tz3r1bZNycw7Sl7gJMpadF30zaSumxJQ7hAw-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:10:27 +0000 Received: by hermes--production-ne1-746bc6c6c4-sslbc (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 54abe124e3c28d3626a364ed2359f9f6; Wed, 22 Feb 2023 20:10:26 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 04/11] LSM: syscalls for current process attributes Date: Wed, 22 Feb 2023 12:08:31 -0800 Message-Id: <20230222200838.8149-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758564714343637083?= X-GMAIL-MSGID: =?utf-8?q?1758564714343637083?= Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifys the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 15 ++++ include/linux/lsm_hook_defs.h | 4 ++ include/linux/lsm_hooks.h | 9 +++ include/linux/security.h | 19 +++++ include/linux/syscalls.h | 4 ++ include/uapi/linux/lsm.h | 33 +++++++++ kernel/sys_ni.c | 4 ++ security/Makefile | 1 + security/lsm_syscalls.c | 104 ++++++++++++++++++++++++++++ security/security.c | 82 ++++++++++++++++++++++ 10 files changed, 275 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 6ddf5506110b..b45e402302b3 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,21 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. +Kernel interface +================ + +Set a security attribute of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation ======================== diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index ed6cb2ac55fa..a834bc2311bf 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, u64 __user attr, + struct lsm_ctx __user *ctx, size_t *size) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, u64 __user attr, + struct lsm_ctx __user *ctx, size_t size) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 98acafc60f47..36cd1692b82b 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include @@ -503,6 +504,14 @@ * and writing the xattrs as this hook is merely a filter. * @d_instantiate: * Fill in @inode security information for a @dentry if allowed. + * @getselfattr: + * Read attribute @attr for the current process and store it into @ctx. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. + * @setselfattr: + * Set attribute @attr for the current process. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. * @getprocattr: * Read attribute @name for process @p and store it into @value if allowed. * Return the length of @value on success, a negative value otherwise. diff --git a/include/linux/security.h b/include/linux/security.h index 2d09e818a7d1..21971a635b6a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -475,6 +476,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user *size); +int security_setselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user size); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1345,6 +1350,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(u64 __user attr, + struct lsm_ctx __user *ctx, + size_t __user *size); +{ + return -EINVAL; +} + +static inline int security_setselfattr(u64 __user attr, + struct lsm_ctx __user *ctx, + size_t __user size); +{ + return -EINVAL; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..1ef2a3de8ae0 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; #include @@ -1058,6 +1059,9 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size, + __u64 flags); +asmlinkage long sys_lsm_set_self_attr(struct lsm_ctx *ctx, __u64 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index 523748cae615..7850fed28998 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,39 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + +#include +#include + /* * ID tokens to identify Linux Security Modules (LSMs) * diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..d03c78ef1562 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,10 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..b89c4e7d009e --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,104 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct attrs_map { + char *name; + int attrs; +}; + +static const struct attrs_map lsm_attr_names[] = { + { + .name = "current", + .attrs = LSM_ATTR_CURRENT, + }, + { + .name = "exec", + .attrs = LSM_ATTR_EXEC, + }, + { + .name = "fscreate", + .attrs = LSM_ATTR_FSCREATE, + }, + { + .name = "keycreate", + .attrs = LSM_ATTR_KEYCREATE, + }, + { + .name = "prev", + .attrs = LSM_ATTR_PREV, + }, + { + .name = "sockcreate", + .attrs = LSM_ATTR_SOCKCREATE, + }, +}; + +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Look the given @name up in the table of know attribute names. + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(lsm_attr_names); i++) + if (!strcmp(name, lsm_attr_names[i].name)) + return lsm_attr_names[i].attrs; + return 0; +} + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: which attribute to set + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE3(lsm_set_self_attr, struct lsm_ctx __user *, ctx, size_t __user, + size, u64, flags) +{ + return security_setselfattr(flags, ctx, size); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: which attribute to return + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE3(lsm_get_self_attr, struct lsm_ctx __user *, ctx, + size_t __user *, size, u64, flags) +{ + return security_getselfattr(flags, ctx, size); +} diff --git a/security/security.c b/security/security.c index 3308d7c8a20b..6823a6cb32a9 100644 --- a/security/security.c +++ b/security/security.c @@ -2167,6 +2167,88 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: the size of space available to receive the data + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user *size) +{ + struct security_hook_list *hp; + void __user *base = (void *)ctx; + size_t total = 0; + size_t this; + size_t left; + int count = 0; + int rc; + + if (attr == 0) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + if ((hp->lsmid->attrs & attr) != attr) + continue; + this = left; + if (base) + ctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, ctx, &this); + if (rc == -E2BIG) + left = 0; + else if (rc == 0) + left -= this; + else + return rc; + total += this; + count++; + } + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + if (put_user(total, size)) + return -EFAULT; + if (rc) + return rc; + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to return + * @ctx: the user-space source for the information + * @size: the size of the data + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on seccess, an LSM specific value on failure. + */ +int security_setselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user size) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx; + + if (size < sizeof(*ctx)) + return -EINVAL; + if (copy_from_user(&lctx, ctx, sizeof(*ctx))) + return -EFAULT; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx.id) + return hp->hook.setselfattr(attr, ctx, size); + + return LSM_RET_DEFAULT(setselfattr); +} + int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { From patchwork Wed Feb 22 20:08:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60677 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp789598wrd; Wed, 22 Feb 2023 12:14:38 -0800 (PST) X-Google-Smtp-Source: AK7set/QYdefwU0Q61hqAz9MBxwc3sxYodld9O1ASIsztLAsi/fXE8kksoeWWp0JyEQIzPUV54/l X-Received: by 2002:a05:6a20:7fa7:b0:cc:b57:9136 with SMTP id d39-20020a056a207fa700b000cc0b579136mr469780pzj.57.1677096878393; Wed, 22 Feb 2023 12:14:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677096878; cv=none; d=google.com; s=arc-20160816; b=l9WbEgo0jPhvnf9LDISJY66pKdRzq/lMcfVXXHk0HKfmeszB1Cw8b3bu6F1I5oYngd ayfnClp/F8NsX8ppZF3yqa1XhDw7K/P2zXVAwJuKi+UV17glJqwa4oXsgZ3970fLQH5F NR8jb/qVFsorUB5Ngx3ZHvvrvgk/aD1FVY8mzAyx5h9j7Jy0rGAD9Vhlrv0Urzxjjb9A oTH7tO0Bb0XYgc7ktdrf2htg/Dyf1DWLGl0bhM5Lu+lqfik9LFkAb9zBzX/oLUoD4Bxt +tEjOtdz6qqecHcpIZoruhU5LwZv1pQFCpiyzAcTrBzN++o+KnOG36l7Msgz0IfJA6S7 MtvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=cLBTpt6/NHbOeQZSABD5CvjjuowdS3zG8TJWG0C3m/w=; b=dWUk/nhtcVd63Qp9+RjlGrH3tJrW61tKlA3ZwqTsdsD3vzN68l9ks6DngDITFo3dnh V+BX91Bc9LouXrCHW0CKc79z5Go0jLR5kKhdlUKd/ol2iNapQmgKq5Oh5U2VBu5uc5pF ytWksqOQ8RcuJ2Y9zlOOjAzes1SONv9eZNvZZ/CZC2/2X/Ff20h5iUHemF8MWrllSPzX Le3lIR1BX4JeWcN2skhp2KI6C4IhclIFO/4wU9g42Pf6kR/XNZX7pUqDSoyjNaHLocdp QG6sjwElfPzd8ceFDFZI/lw4EcyJ3Ne4ddbS5tq7YbVEj9HvAR720Jp1mk6yZ5k/MiYb PZ2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=ACNMP4j1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s131-20020a632c89000000b00502efeb73e1si1088159pgs.717.2023.02.22.12.14.25; Wed, 22 Feb 2023 12:14:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=ACNMP4j1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232085AbjBVUKo (ORCPT + 99 others); Wed, 22 Feb 2023 15:10:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52690 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232083AbjBVUKd (ORCPT ); Wed, 22 Feb 2023 15:10:33 -0500 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D48842BDF for ; Wed, 22 Feb 2023 12:10:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096630; bh=cLBTpt6/NHbOeQZSABD5CvjjuowdS3zG8TJWG0C3m/w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=ACNMP4j1CRZGACEYyfZWEUUBOXIHo5NhvYaCKiyIIrS6noFY3LpolRrHyScxs2oUuS4tKktoJbdQ4ROYIaYMv78ZCG8ppnD/2l7iZTBuvah9GRRZRSJU0gI6GgGJXRJkMHnD/DOie8eC0ZS953NEegJFhPlAXVcwGIlmUwrIHvP7BvJ1Wh5niqyJA+OtPXB1IBXtCwKunelN7vS4iEWzYVgS5KJYjt2/57dXZUgvs0oi7RMQ0fBeD891uebCad5KIFIx9gjZe+l1E7/g/23HdWetdCBRgShqz9PEIPZ2JDGAQG/zB5qGwN7IQJJ75D6WrfB/TT9mkcoh3M6lICVB8g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096630; bh=3Lc2OpvLEgFV8OSzHa1MI5RAVClTBAiLNlHjmaXlnpF=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=CsFLXX5+Az7MWhZw8AUThwQHBi6pMjK5FhSxe2VoH21ePXhQCns5JHnuQ1NArrdoq+wsc3O9f4vsnjWH0En0tiOIb8QbCv3yIExrMiPrNgvU0iFyoFszsdCsn6C9m1x5Ikdewrsntv4yjWAS5TIX5gdWiWkMB1pFk0WGhdoxk7pa4DpkTWO+yvOcuVyDNywULjXgKPXpoMrrkN8ei5vB2tuYhvn/4bb/pqvLzea7Bzn71M5lb7vHADQzNDuDRwMZkcJB5ZC9J+p4XXt5d1M57b3N841KhitcamOYC781OMGl9i3HfCFfxpytemxUfdp8kDIcsOZWpv3naBMlypNc+w== X-YMail-OSG: HPxt4BMVM1n1c3DfMCYkM_8T9PyRMm8SM65fb5e38_CMAhhdlWZaNNjcWox3Y9h LN7Sed8F_GEdKDVJcPbg7H6DAV9OqHmkty16iFa5nBr2ZujlNPr9dxNi4aEaUGua8h1fMFFPgz4f hcyuz_iFQAI_XDWSWOAQiQzxG2gDwoZFdFAjKzyOjLvT26sZjdX46DIaOS0c_phyYma0P_iChLYD XUhl1weFhn4qJHDENef8FjdTC5ISXX0UL.foaWVEH7rJ6T4M91MHuArGPB_eKZZO8j0L15UuUDnx KakZUbJ6PMTgX7sxnsHxzdcPCHlFdnAPVhXSCVrlfkk.fmNZGjLEwrbKHeSmHevo5eVHttSiJTes 0Z6LgGblj10vaB7r6BCbbN8DfueuNuafDCmnOvpDyr1POLrKdODsfMn1OQxA571mYEfFUeff4CYE 9cx7WIEcFQF22gaAXNI_IZBhxBK95zg43Z9RYOkA.m_9DtjN8q.RAX9nlQPYnC5VZtM9QvL_y25J cToNhcpuHMT1QoNjFvvYBGfWCPLOlIKZI7d6YnH_n7fVmfnbH5.bHPZIWusLnJF5fd6eyBLOywbS rwfehiImuk4lf2Nqb6fOqFR2Abpe5pWSMV0pipGovJA2bd7uliZ2M_umdj1wo4ft54E2brk8PMjB NsKvB5QF.8Hw06F_yNwc9mSdUovJtRtuN59Y9bUMf6PyxSpt60qwq8A1JvxgUmv64okaB6yRxyOG 4aCaUGG69KuBOE7CsTX1j4x8sBLUjejpx91qHL75jBARJ75Q5cmtgrT7Ly1JtN21CE3KNo_5N7xa .wcK0FtPfvwosSw8wP_5l0BPJfEz97Q0TWP0UeCLu0_8JvKHGLZIt8w7dvnZFQge3_DvRQhBXQY3 ZsUObdRUOd8WMCl2dqbrXCpfTr78RFMzKNZGlP9rrO.l12VeMCx0cS9vm53a7Q7179sy6tAtiSku HAIqhWeanXtvZylscFlScdnY20tTjMCezA0XsWiwunBNLqN3_O8ksYIEPtgHowN0PU0eq2nCqhV7 Pz6_lOUjuAiYEAJbYMSlx4qZJzJlYCM8K90pY6gKzCGN1NWOWWMq0fk79l4TOCzQmKUB0.A_4GN_ pQvb5WO3LY7Z3UOWDOYMpWekY.5RYp7uvkv5YD3x.8.2zpjg_CKFjy5h8fF0FfwHVIxDK6KzcUdY tjOB0qJHsmbvDGk_tQKqRScDSdvCLF.YWZ0.I7mj0pP6tBbhTTmw64QkpV4hzsQbVTs7wy1K8i3d TQzr66tnLr8qCtj8q23nMgrWeldPBKJw4pvPx1y9WroKRu4cS5N6_XPaHWNVOn_riFRboQQRqm4t B6M0B6i9wIvxxlnshX2ciy_uyvkmEzSrCXNvPxVjuD_bn77rYrh8r3EcBSzuDdG4iV6y72D3.veu pakEvY9Lx0WHF2mRD0bi5_ZKEfbB6AxPo.4HJueEe73wVFvAC17sZTo_J6futkbaOE6ZuCMG3Nze LxuJyX6XrYUGDU9r4M75LIpCSFkvXYF74GPw841Dv0YOztnQuF8.Y_FGne0fUQ6sfWnX5JzRGEVZ dA273byesLRJmCaSkL_RywN823eojIYRCnk6VptBpcOVh5rE30NUI9JMD4ItjNqPu_NkZXIuDwJ4 vkCTGxp00gQrBDRpOwvtNMUD_ov79IdnwXLXHY8v.9TxDyFTlHlzz33h8YE_Mu31DKj..pgzdh.6 Nazb4OaoJn1nO01LZlmud3gBSL78kvZKrI2M3v.H0JAJYyzuwUQiA0YFPnJAEmg0JZGUBKIGHSsG uXHhgoaJMUZ80IiOmScpiYCVz9jQiHqUyqoMPfJkAy9CNMZ25016tN3bH7wlSzo97_imm.u2BIDd vnKzkXmckBrsEQFgEt3mzWfNDztIkinrOf5JLkUDEpUJYdELesgHw4hWlhd1XAQdWcK1Xe.Y3.eb rKed7aBmL2QQMcp3IN7YeIi_xcmskTMIUSKF66rx5AqrWrGtZMsM8yJgncAp.q2Xbu2MgXne.0_g XDrt54zhW0PPfno_YxgYKiABfwfqLNIcQc_DNwF1hEBM1QGJE9HFzsORA13a3a10bUBMTDv_l45T mSZa6crfyHINKmjvWbfWaLr04LvTCJ5bTEiOwUe2B4APfQ0_na1jPkYOYRFZxVggPu8bMAzSartV tHxr6pL5aDoEhtaQZgpewoNAaPOmnRQxr4_5.QotMlkBlB7FFd8Ca.VbBt1k6HKFOCQygrppbp.f Wxf5TGHTNe5BTpF8nMRvozTD7Z6BQoc_0X8Tkk4gj515gMgnzKLCQiT4TEWzf3wvK_YKOAN_3kyT yl.mNm2Xu66ZdAKVta14- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:10:30 +0000 Received: by hermes--production-ne1-746bc6c6c4-sslbc (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 54abe124e3c28d3626a364ed2359f9f6; Wed, 22 Feb 2023 20:10:27 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 05/11] LSM: Create lsm_module_list system call Date: Wed, 22 Feb 2023 12:08:32 -0800 Message-Id: <20230222200838.8149-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758563536306768723?= X-GMAIL-MSGID: =?utf-8?q?1758563536306768723?= Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include chosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 3 ++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 43 ++++++++++++++++++++++++++++- 4 files changed, 47 insertions(+), 1 deletion(-) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index b45e402302b3..ecdf1acd15b1 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_module_list + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 1ef2a3de8ae0..9c947022a411 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1062,6 +1062,7 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size, __u64 flags); asmlinkage long sys_lsm_set_self_attr(struct lsm_ctx *ctx, __u64 flags); +asmlinkage long sys_lsm_module_list(u64 *ids, size_t *size, int flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index d03c78ef1562..32784e271fa5 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_module_list); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index b89c4e7d009e..ccd3b236670b 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -19,7 +19,7 @@ struct attrs_map { char *name; - int attrs; + u64 attrs; }; static const struct attrs_map lsm_attr_names[] = { @@ -102,3 +102,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr, struct lsm_ctx __user *, ctx, { return security_getselfattr(flags, ctx, size); } + +/** + * sys_lsm_module_list - Return a list of the active security modules + * @ids: the LSM module ids + * @size: size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_module_list, + u64 __user *, ids, + size_t __user *, size, + u64, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Wed Feb 22 20:08:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60685 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp800854wrd; Wed, 22 Feb 2023 12:39:31 -0800 (PST) X-Google-Smtp-Source: AK7set9L5yaEm/Y93XkBEz9cfzQ7Koqb2Hwma5iaGGBD9a/Gtbf0Lkma+uteC6pBfNJ2N8nbzQ7E X-Received: by 2002:a17:902:c411:b0:19a:9833:708 with SMTP id k17-20020a170902c41100b0019a98330708mr12069607plk.64.1677098370712; Wed, 22 Feb 2023 12:39:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677098370; cv=none; d=google.com; s=arc-20160816; b=qJcnoynAju4NKZIgEFi1NqcWnb5pTMvweDCrrhkNvt804jzvr5eeM36Kf1QordVKEW ot58AxkGtmtkAQRqmbSAcdGyW10MQhCw6cLPdsFMbQVRAhK2Yiksc3LUOais8mt0FRb0 B0+TmA3N9CuETrG25KakWoqzm+diElRBrmxWWoYaux4PjXXmKysGNRjiOyIQ+mBZfHqq inz2+4FoqTBUbhqugOATKB98mGGrHV/DBdK+xAKODunOtoZsNAcVc2YkZt6sAB8HYsyh vv2HoVKTETN0ROTVJleqFxhPhv/oWentxzw71+D6iV1impux0eKm1H+0UPKN9gD93Pko Syfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=jAyOzaeZKkMIznekU8PEdLn+tbPrgLQ7vd2ljII3D98=; b=ud6q0UnKstmk3ZG3ZTRBtuR9PCfX6XayOGQuxApH3W5+/8fE6+bMeap2pKkCdHRl+/ RnGzSlszzeARAPsAvrUZyDPpNnLcyJXYnfLeRhSqry8YYNXOV3Qk79Dg1xBvISksm/9g YxSjhB9KPIhYUxDRE2zulewQIGzxn1nsoOqtDqVjbRMNOSi1+d0QZxWmPjqpIbahFexS TE3syR46PKIlBKVwOnP304Dglv0Zesr7/D72T0UvztEY8OkHRtgNni5JWEDEr+nbysFC 8YakQMpTQRLinalHqfHtU2I80kDvUO85JN1HsSiQyAG7S5lq9oy/CYLgOO7GS+AdkLEb m9yg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=XwQ7NHMU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q9-20020a170902bd8900b0019a96d3b45fsi14230447pls.490.2023.02.22.12.39.17; Wed, 22 Feb 2023 12:39:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=XwQ7NHMU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232243AbjBVUM1 (ORCPT + 99 others); Wed, 22 Feb 2023 15:12:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229592AbjBVUMY (ORCPT ); Wed, 22 Feb 2023 15:12:24 -0500 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4837536FC8 for ; Wed, 22 Feb 2023 12:12:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096726; bh=jAyOzaeZKkMIznekU8PEdLn+tbPrgLQ7vd2ljII3D98=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=XwQ7NHMUw9KzSPAlrHhy8s2uLTGqvVaT8e6eM2VYR9ICuZK83IbPWa0G9jBgYZCv+OMRss/wpg7kz6Rz7sDOQfR9uFoVI4BR8f/hOzzRxmNSQAOrsBlAAZRkN2c+iPAU6iR7r3KjsbM8D3L55m17F3bmUEGvrpfYAm0Kzc59uT1uZX1E6QCSzyhnzUuDFplhH+m7lfrUmoTfbm2JgVJMkMTzE77/vsBnt0w/hlKQINcVKGCq4aJfo+C3Q7DgfGdD5AiumPwBttYn/Evv2b6EhhDjj/SnH8QeKtXxJzHEZ+bjC5S5c1z19jrVQEMCM6eOtyiPqNHLZ9J9NllegoFWPA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096726; bh=LIemH4qSZn95DrwGgnHnHVWuHkNyjijIhzQ28bSKDuv=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=BtG11a2CTmJZwz4fo2XMwN253tHxjHcCWrKFweieZhMl2fIsO2Ee9oHqCNkdMKtXFObx6KpW1UBnZ6fP6eKNjPalAIh2x5U6MxwuRx/Zh+uVtO9Scy9TPIMYtTK7pnb0zk6NSvfho80Sgqk3ZhUdvz8E8VGiCpuB9mZrYFC2G7zgJp0PsHmGmoTWnl6mj+9JKUMWfChHmMc0WtI6YH9FI4SK2XxISj4uFZGQ0sDvlwyK1XS79arituk0ND4CG9gp0UZ7CSvHR9zfVGYw8DltX4fpP4FKIb+MdirMsKJ/79cDLq5aloHmOrl6QwbfZrEEB72i3svwC0xBpnNmLX/qUw== X-YMail-OSG: CPSjKm0VM1nNCra6CyeNCqRwKZVcydZ.3TY0Az_ekN3Rnq_SDlesljAgoOsC0mX UawyGxaUSuw0CkY7ODpD15xmEpOkHGFVoLzEwTNP6fT7Lln40QYZpVIVg3fSHk._k.cEBl1Y66Mx DrY3cTl0GcMPnOb5sc5b0jhmL2N_1lsDb5Tu82w4Vezwtuc9uBBbiRcWasnkBgKoDcvT77fRvFqN ueEaGGhRrlhzY03GmoPV3GWxKhBzUlobkSbIWrRIszqCTBU5sZ3RKqJx7g6rVIvc7uGkMdjDBA1. l3jIV5s9NSzWMKdZUkPT23tKL0BI6YrPvfn7lffCKeuQRJ9mRHA3K6_QCJD_iZLULj6gHeYX1yE8 hDh9oqvGgERRgQG2I5VrFE8W3hOkah6Ys9LdpJBd3A8640bToBQof6IjF4eWi9dR86zlDysBsGM6 oLVfutXc2UbOw.Hqg3F1jzMFNh1wLQaKcX5xIQRWETzGtYYSkNXOZGMjf6Eu5FMLZ5I5yJQRLnWn IzzNucOEXHwXp_IWzwSrAfX4Zv.Q.7P4NmlFKvc.YAlmk5.bF2W0qQdxAWGjfhHy1gRYmXFt3IhK gJkh4vE5508Oi_JYgxiSzybWHZhUcVkU.paXu.ngI_V9SDHLHqRdyRvPoBK1jxzV.ieT9MF3ZsZ3 EKhC8boxdiEopqQkYYkt6R3sJKPyqajbvXfdFUefH28St9SQIcz63r1Jk9j05P5PtkMo.5zviIT. 9PyUoQDTEg.vM9NqS4wwzefOQRTmJvbOxyUBW4UMiOYBVSeapGEyQ5aSaCDDhl0qPoVAqdPywRSE GOmQ.K8K5FyFVeYaAwCing6NYs_twtPzlEGk3QhDTln1uX7YAnLpHppRT31Haz1r6HXrIPkdakAA 8f3.GdmCt4EeDGNHJLahZ9RRrpgEohGF0VSJhUq69lu2_Vthn86vbdTz7zS8Kp6CNJrHojVLtjl1 FcOqFZwD4SvVR8E2HOZ9nJ3xxNMotOu6AyAHrCKGEaj1AXRIq5YRzvXSypZsffj7cdrEj2N.vaMi 7K77n35BuNtXZT5t.m8KXFuBdeZb85uoR98L5Yi2hwYLYWSS5oUiADh7ccIphLvJHtxYiM3hf4H1 mFD4.RJFZldhxf3wt1R.C2mdf.fyNdh2NIGkQ3w8S8B5Km64MfbTpJ8AJz9hi87rLw0QV7OACpVH kI.zKrvc9m0XFsSGhdTeSvx1LsjxZ_fVy95N0pvz7xpQr7hPzXmOtsWZgMDQARSA6I4Sn5CItSUo SAwGeDhMrdtBes3T8qK7jPO6P6sMgXDF.P3U3i6PKyVjhDMWQkTLvT.8r3qn.NHr1cup_BEPM6Xs npAOejPvzMMrbXGWa3ekv.UV0rams9._kVrY7fWzGfYYjuPXj5qmU7g7zrQzJaHSjjjnaG7ghVj4 _vAtZT9ZHw0mgJWgS0o3316QwtD2XXboqlTzJAqwOGM_82T7hN3uIDK8sn07_SwUIsejelzv2x58 4oZ7r5qjBrAAPw62dBLQBERh7oofZlQbtnD0sZPJlC6.oS3igJqjo08aIojY3bGGRVt76xUOSVTR HNiHoYuk4BGso1qyI7EkHfIBTUhvUZtQUO.l_XVzc0VBpXM_ujM8VzyHLD.mAn2EH_7cKo6sBzrC tHuOSRNcZtYnhpA6mFoCyxhuPEYELp0EoHVPKklgONrlLNyfQaNkaRLVI8Z642MXUqqIOO2Rfsrh wFmG5y6f2X2g7N4YP55uTANBZ4nVADx2nEQZ.V9kyed7Kp7wFpZiYRWBiWx5agiFtqs2As50aNgk krPVQTb13RYkQyFkmYNMTRSbOXTQ4Mlo469Ydj0o9aX5uaIAfIPT4gnO56.abl6qRk8I0gnL03GW 1iY6B69yq9pIxRGRzakzeiJq8WShDQ5HeSWyyt4YU6I_aPTSOQYsj7e5Mb_I0NUbLS9.r_vavmAO sYKbThhk4eEu4sb1cXUt1OS0psEVPxoe0pw0Ma7TcH4MVCtRedGp0676aCzqd7FbhCIuYy.H_tiS vJA2OmbrzZq.kF8O3OMPt8puE2tV2AHQ8ZXivsHZ7XbzTMR7KL0NsjYCt4MTRRGyZoPbkD7b5oOt kb0DOcdbSR1QrnLnHk6OJdqgf6KTf1ndr9TcdJ064v13OSt_7aVqRhvjrZrw4lkSKz52cLzFcaSh ohKTkH7cbde2bWewRyLnxOhHGpafzkEdUoHx0m8.wpZ9LW6gycYmEyfDjLNRRs0pH_7pNothikIO qn8s5Ah1_Nj_ist90.8yjNg_vw3QD9y2VNcLP.8U6MsraJ4gV54iYGvj150nuXb1vpW0ArmjhU0T bwu6iyEV6CvQtrBS8Ctbr X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:12:06 +0000 Received: by hermes--production-gq1-655ddccc9-czwwz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID c7ef53d340a8069498e39800c60f4cda; Wed, 22 Feb 2023 20:12:01 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 06/11] LSM: wireup Linux Security Module syscalls Date: Wed, 22 Feb 2023 12:08:33 -0800 Message-Id: <20230222200838.8149-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758565101373109746?= X-GMAIL-MSGID: =?utf-8?q?1758565101373109746?= Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_module_list system calls. Signed-off-by: Casey Schaufler Cc: linux-api@vger.kernel.org Acked-by: Geert Uytterhoeven [m68k] Acked-by: Arnd Bergmann --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 8ebacf37a8cf..002e6a39fcb1 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_module_list sys_lsm_module_list +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..dca80a2d3927 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 037feba03a51..6a28fb91b85d 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 454 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index 604a2053d006..cb4b3149024d 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_module_list 452 +__SYSCALL(__NR_lsm_module_list, sys_module_list) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index 72c929d9902b..1a5d560a1317 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index b1f3940bc298..0b7b01c90315 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 820145e47350..b69d57014c7b 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 253ff994ed2e..7c1ca6241b90 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_module_list sys_lsm_module_list +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index 3f1886ad9d80..99453966d179 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_module_list sys_lsm_module_list +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 8f243e35a7b2..4ddb0ff66793 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_module_list sys_lsm_module_list +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index 0e42fceb2d5e..5ab1a5b22d8e 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index a0be127475b1..8d31bb83d6a2 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index 799147658dee..bb7597be2e4f 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 2de85c977f54..43d468742916 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index 4398cc6fb68d..c7791c7bdde4 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 320480a8db4f..4f2e6577466e 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_module_list sys_lsm_module_list +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..3a7866f72042 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 52c94ab5c205..e0a5b61c1f1a 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 45fa180cc56a..3659b2b02f5a 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_module_list 452 +__SYSCALL(__NR_lsm_module_list, sys_lsm_module_list) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..99453966d179 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_module_list sys_lsm_module_list +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..8d31bb83d6a2 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index 799147658dee..d69bd5550b46 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..3a7866f72042 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently From patchwork Wed Feb 22 20:08:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60676 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp789502wrd; Wed, 22 Feb 2023 12:14:25 -0800 (PST) X-Google-Smtp-Source: AK7set/Jhr4PjfMgw8EvefzXB2apclSIURXNG/GywuKmpk1Gfb0uFGeobeDcwwvdc5Ctb9OylT0d X-Received: by 2002:a17:90b:1041:b0:237:5c37:e834 with SMTP id gq1-20020a17090b104100b002375c37e834mr558339pjb.33.1677096865200; Wed, 22 Feb 2023 12:14:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677096865; cv=none; d=google.com; s=arc-20160816; b=n8mSAFPaRBewvJZ6tXO44OLUtVPLB/B4AzyK5RLSmMvQD5DfsP20LUkHqVQiMetSJd YuDl1hP8UMyR7rFV+SOrpQJHQ4j2ahxUawC8qK4Hs1sVzJuJuNqz6p8DFwgSsrWDfxDS 1kzCfrzNtJHFXkPKKIWlX/DRhElIGx0eKUYGKt4+6S1VTeb8x9YhgBs3gPN5Jf+5D8v5 0UquhCezrzskJ8P6tDMKSFqE1YjRk6Q/F7BfBPee6z7PyCp2hfxQYNLSMeF8I0TLeNc6 /7xht22uFCLO+WwJbMQSoQmSuMSDpJbXI8VD+EueBqgcQyH0rysl80aLnYoC52QaFVbo 655g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=fthiYvLncNlVuBP+yA6Q96UdSkL4BSkWn6sXm412xjg=; b=CGogLW1RFyX7iWfFQtKUzGUTOa3xEXfitl+l8/a1Dy8qRvX5Cvwj49cMLP59wXhAfI cblt/7qN/Dv4D+S3iJa23u/3qjNSaAbUcc4a+9aJEKSdpB8sdPohkokqe1/CdTyh/TUN /SDypzTWNbRXgojqjbPO3zHbeYB4uzt9hCii+AWg80o/Ag1rLkqVEeM7LHDvJv3GDBri bcyhFDFlJqOUEsUitbgrEVfkQNk9ALSCa3ZjmaBpLbc4XcnwpPz1xMI1TBW1Qon61cO7 FD6rgN4b5kT5OEHYTY1cGGmMIz+G9PBzXzDlfeNO9/c14CAtq1TbRppVKg7oFsGbGsy9 XGGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=neAVVCSO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q32-20020a17090a752300b00233c7c617e7si7796530pjk.101.2023.02.22.12.14.12; Wed, 22 Feb 2023 12:14:25 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=neAVVCSO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232356AbjBVUM3 (ORCPT + 99 others); Wed, 22 Feb 2023 15:12:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54974 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230406AbjBVUMZ (ORCPT ); Wed, 22 Feb 2023 15:12:25 -0500 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 167CA457E5 for ; Wed, 22 Feb 2023 12:12:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096727; bh=fthiYvLncNlVuBP+yA6Q96UdSkL4BSkWn6sXm412xjg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=neAVVCSOCkpAsaEzGqU+1mbl2uWVgZYpeb1VKAozNaaR2jWnOeiLluQ48mqTgRl9DCVSeBQQlM0gLSaHoffOcig6+Lfw37cV5Eb0zPhgiOTBqM7UnVZ+GmINeFF/p3wmA8a88rraAsEkS5unFa32dm9pVRX/cz7+SeukbpPIPsf+eygq0V8GsF2MGE8Ymw+yGQ1tybz5yAtWX/GsIYhkRViwQHqJ3qoaprmxt0QsXns3qjehxcTkeo6ENVOOJfL3gpuNCINE4ewGrhDGZQT6Mox/Y9GemG0S/iEWu1srlv7OFYlEMiJf2GrTwUwTU3pa3Ip+H7li3b/SBHXA8JllEQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096727; bh=GmD5paehzcpdsx0FBd3/qIFT8uCUQOOlAVlCBVSGjfw=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=tA1U2MTJOIMhaHHzE551LGiW/gQUmlxmvaLYqUmOugwTaVUIOEZ6etF7mrSaqsqlRGT3NQNTRnjDpV2AQ+BaS9CfPIsBviy7SecFaL14v7nTek7yKsPjuzN2sfJKVapA2bCFnmiTKWSqqC6XUOVGCeCvdoHaekDhRJKKrkCm7UppQnDj4SnE4L4rGJhMQOQNGZALkV1YmGbkyYhrukenZ4HXHfKt0B1qxrf+d/BE+uDWeVA1ffTJMxoPmuNpIdpS+kC83bCNGYy0aneLHJqhSepbGBEi7IHcHP+QFcykVKVts0loxVtLP2PL7nLnRm9fFNaePuj1gTjlH3mrek1vuQ== X-YMail-OSG: LUllRFcVM1lYw74ni8BIfyzClfM6G5qx.kx6jVk_BIG7wNV3ME2Boqk8fnJbvox iaFTNdCettjPq.R0BrUDZ8dwiRPEvfz9eb7S9cXnjAMe34zn7yaBFRnDYEumArB9KLENJgR_5kJo RCgC2f401GsKfwmRkBsFBz10B0nkZ5donE_DEM2tpclZEoEuuNt7LLUOmzz4AIfR9z9b_Hlx8vBU PD_RuA2HxNczrRplSoa4jBk488ISEk0C0PRM.vdEg5Ldz07U4RjpQBLpz5X4qKZI9EThPPSjH6kd Hu4UDXdh_XpA2k1s8EUQ5_IDXzrWqM1YFsqZKFpW0cRY5iVu9FUhW_qW6aqRLjIekvlGotLqnTk9 LSOYp0RZPXy8QPfE1Bu0HOY2s1Vv5pBn.Mi2gTv5.MpaVBr.LjNEfjFaR0psFt1TP_J2jihOqrJ6 OarBx.D1u7hZFpR4ED8yvgvoCn9JoXQoAQ_vcgZJxX5JFuUfykNqMfiSIKsPI2tRA0as8ZXQ56rg tc9RP.8yTPs2yV_lBD4.PZyQl0XqmUj8CHecIxmIesaQDVRnKRZJC_3kWKeYcl0BoEMDvQRntdaY LPkFtnxLRc9ttn2RQ9Qo2zc7ib6lKWbcGxsR5DL_E.Ud60VLX8Q7ZdSlUycgW21WEopQAM63hqz1 7Qv3reoiaat7nKlWgernQeOJ0tIikXGcJ3bYuTzTZpkXQgU7wL2Ko7q0.4GkW9qYoYuYHDosoawc qb.PcLsAz7zUAV7plmmE32AKbWw0FtMjFJC8HeRiKxqcQ0IruqSJ0ylAHlgVn1ZEznb4or46Q5m1 mFV2pw8YNuOVLLBnC.qgywzKUi34a1k5QIWZeoBQ8qR7mN9u6i8t90J1qTmDY.JK6ri.DEQ4Ojhk cwaZc7hF3LtItOkSVcElPDlBI1xjC9WxciVG_PFbFpQFTHyk4eUt_CxVKQ6AC4ybzFh3j5wDYZNC MUyZEFdgdrhWAP.bSiR6BhPIUG.NPrRbo1.ljrxWTSQAwi29xmuBRpywZIpyqE_3wVUnrdJ0G.Pv ertTD0ZL1074nF7KBBB1hIsxPGG7VdwzU2xhy9ofabA3sIlLDhZ5Tnh.oqJI9diDqg9Qlt4CX.sT UYZ9fyUUfcNAY4QyQrhXSX0WSRLQeLuUw.vN8PtiTJ2SVeWmotXVZ3q10GXEFqn96VKxfW4W8EZy aTw2RjUpmbseqF7UVSnb9H7OKHy_vsJyTWR8u9BI9l.Rl_xPqIRgBUGGOckV9EoPJtV5iMol0r_I kEpHPJugWcQRbIC2Rv78lSxoeLG6e6wOjItP5W6xQg9riZVddNF6pVeRA8PkijRRXLvBkYGIdV0O Cm5YFkq_eYrtQ867JU2apfNOHpACLEUHIH1.Vn3jj.Wn3BhlCkrCJBEBYG5T8Fz73V.z5qzeRpky YqIbo2Ub3ZCfjFxvYqG7sRPGyRJBEb6hV3Aj9zhU1N5klTryWK67bmOvs27T4wIyYWiC953x6M2n crk2sUZISMcaF2oA3ViDp4YWXG50ck.tSCWdqFo.wXpJguzIDO12WMzLIyyeObV42tjpXk1Zm8Xp X8aJ6k3_n2y3QUinEzT8D6Sdj6xoodOVOyZdkXeKeCatSKozJTuvztmJy.JeKE9lQfWEabg14dLH hUS9uE4VEOeWiAyTDQLRDBdAJ7gqsl7OUM_hlFzoujZ5wMWwQD7m2.IoG0_Lre9rfKj5up5_TrSg AtfOHNzqtBPe_Yol2iF0KEA4TWvBzRLuP2GN5C9lOTAf6.WoBkytjHGcC23jLzbknMqp44dB4EKc 9U12PzezLd_FmKXZhdh2XcQ.rZB9OwQMqwEeilWrJ2_82r1k2uUSw4lPCl9ZPnM2QFKYCYhLRWpm DtmkxFpg18wtbypPAooqrLUQzpi43H4cfL6l_8wEwb796aDu41nK73eTAyW6QywxLaG7FJiJ.Sic hrx5yuWukldLeE7lPBbOk_cpzAlVBZ.PmMe8EJ2JBo03FwdAPmZTFhcuxfVNPr3_Z5f7zuf1QTN_ CX9c0Wjmlho5ATpqkKvbjEMraC.NAwZ6eZc0mWnBnJXWn5iPvPFrL90KKki2te4rXCzT._ZCOavk ynjMWCrxQXgGs.geJd4IRYInpwHiT7xlWzbXvNxoKuQPkDYju1NgVba6lGsqanEyoBNwUAfgEU2y N_WjfXnn3tiMlnJ5Mpsz8t7hhHBPTxrHwmhZzaju6awoj7VmgvpUYJCxzb80KSmqOCFKpFJpe.p1 bs0YqWrjmGo9wU._Ho7JhC2qRu9bPwTqwRcCA_LuVdatpHLIl1zBpYLAhgLyRj73tI9jA3DgSJfg uH9cS7wjms0xU1m62kZT2sA-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:12:07 +0000 Received: by hermes--production-gq1-655ddccc9-czwwz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID c7ef53d340a8069498e39800c60f4cda; Wed, 22 Feb 2023 20:12:02 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 07/11] LSM: Helpers for attribute names and filling an lsm_ctx Date: Wed, 22 Feb 2023 12:08:34 -0800 Message-Id: <20230222200838.8149-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758563522079598875?= X-GMAIL-MSGID: =?utf-8?q?1758563522079598875?= Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. Both are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler --- include/linux/security.h | 13 +++++++++++++ security/security.c | 31 +++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 21971a635b6a..bf615981b147 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -264,6 +264,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -493,6 +494,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -510,6 +513,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return 0; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1422,6 +1430,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return 0; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/security.c b/security/security.c index 6823a6cb32a9..48c883c8d340 100644 --- a/security/security.c +++ b/security/security.c @@ -753,6 +753,37 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * Returns 0 on success, -EFAULT on a copyout error. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx local; + void __user *vc = ctx; + + local.id = id; + local.flags = flags; + local.ctx_len = context_size; + local.len = context_size + sizeof(local); + vc += sizeof(local); + if (copy_to_user(ctx, &local, sizeof(local))) + return -EFAULT; + if (context_size > 0 && copy_to_user(vc, context, context_size)) + return -EFAULT; + return 0; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Wed Feb 22 20:08:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60683 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp799953wrd; Wed, 22 Feb 2023 12:37:34 -0800 (PST) X-Google-Smtp-Source: AK7set9M6gTtQP7LVl1JVNqQlSRVErAK8wiglTzWlaHcrTwjG5pv+CCPU2DHMvEIF5lh/GAU5u6J X-Received: by 2002:a17:90b:224f:b0:234:236f:1a8d with SMTP id hk15-20020a17090b224f00b00234236f1a8dmr12510639pjb.14.1677098254246; Wed, 22 Feb 2023 12:37:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677098254; cv=none; d=google.com; s=arc-20160816; b=Kwj/2Vrjlz4ttO3BYCvOOctgKA6Tv0gdsoU1pBw5IcyNHOLHVWw0BEiGfivr+LPBUf JJlInK5UFaB2ZjokuqiKcT+25TXbcnbJR9ZWH5de1v7Sltj7mcQ8ZIY0jQscofG8DN9s ijd+OHQhOPRwo2z9u1sD5odNhsbeNEiZR43LZ8ndS1/dGJ2dXzUQVpsoXOWCCk7TR4VJ 66oeWhXpb2wUdbI0bZ++zIteqmMntQLiO5b16HnHz8TRUSRQtkqRLSNxCPnE5Ktl53I/ ziyGzAJxzy8oOGofa3aWX4r2xWXDeu3h5ywqXDFm7JXANO/UBrhy4bixkhpF/vpp/ETC t5UQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=hLBaZjUXwmhUYgtYRVIYEfvWuAN4OPHpAcavTV07HcY=; b=IATKmI9aG+M0TKZ5JQuUYRhf8vlI9VQFOx1vLcTM0ogULqxC/0KHVhPJyapMj1ZZSD n81DcmtV+Mp0eBfuUfBGuN6I0zsyyf3wmgqwWAMlIUDTZDRvGcPXB9leLwp3cBh0NJzh 3aexSoOLRLk16DldEPR1EpV8IuYaEvfYexV5XqOds4Q5cC7ZDLWBLnuSZAWYZLARUDDe Dtx0ICWMFbD5BD9xSzg6BfrhlExuru6p+wSeptCPBC+GWfv3fG23IiSYLdogLW8h+1Ea dDWLzVnmR1MxSNlTxt+W22cISz/l0AG27yGCLtQnLNfYTn1l5F5bb5MWmVGn2sEegeMK hPgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=dLAafU7N; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fu19-20020a17090ad19300b00234067cd607si12043641pjb.79.2023.02.22.12.36.56; Wed, 22 Feb 2023 12:37:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=dLAafU7N; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232468AbjBVUMh (ORCPT + 99 others); Wed, 22 Feb 2023 15:12:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54990 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232127AbjBVUMZ (ORCPT ); Wed, 22 Feb 2023 15:12:25 -0500 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 16A1C457E6 for ; Wed, 22 Feb 2023 12:12:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096727; bh=hLBaZjUXwmhUYgtYRVIYEfvWuAN4OPHpAcavTV07HcY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=dLAafU7NGMwgcFnxyi8vueUU7UWmJ3oyu5RF65XeqEUF3Ed+bN6/iVDZEACW10Y/DoyIDOPt0Gb8UMUZhEsav5XLOxXXDWHDWKda6I2yYT9I3tvVFepJ1KJg0fbQxgOF3K/Q91a3eA5SYutNb6E5WIn8oGQfdL3N6H5UpE4VmlgQoiZwUX67dS3Oi3RIux2NOI63iauCPQL7gNBqa1xbNHKVYnkvTO06dEVEDRehMCbBLRpA4isO+34IdFf27j7cEqnPrfc1PJ2vCUKQ5EFGqZNsXxCz0QGbJMWdNnCbezpuYEAGrUKfGAotx5Zlbk/rrxtlNN00fhQOkLt8cMSSlg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096727; bh=JPCTIuQgL4QQQVor2O4I1hayx1ILlhI6y9e3HfkcmaD=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=XGVdI6wfhc61KOTVUsyo6LMDebmL0tlmsi58bowh1qdOjK652onCvrxFar9r4Jdo3NGIpm2mU9ZA2W119Dfk9zoMBP5YhFQ2xSDSRse6+gHYoGyYzI9dZYbfkJZhmeLSn5o6YGgz62012jXZvFbYQTtEJXLM9AfyiF+MLIeAxUrnEc1iRIMDA/RY36k8Io6RorZd4RMOh8xcM9qGBSisIGiI7f3tc+GZwyMlmUvgzEtmBOsZg7GbLikihAzCpw2Tq15NG7eccSZyfe4JQ6t3YpbgDx5f9+uRh15J38qkQefJgqHA0cwXTb8kZINx1QJxBlMId8LpWKLikbtWD+dH0g== X-YMail-OSG: aBXDzS8VM1kgzWECH82Ia5IDwcIAB4G6knIF3eB2OrUOYOfGfcuSYih_GAZVeIE hqUJ41UekEFHhbEQut5KgdCrDnmZi3G_AC7H3zle.26o5C.IxIfI5i_x9YZHncADZeaO0_iVX5H0 flQBhqD5EjUukkXgJkkKcbSMpFhvaYVLgVa0rCPpBj0oTxg7yc5B79XDM98dyHzNM7n_rnGPOY6Z jeQWvxedFVoe3d18H.FymB.u2jtr1Pp_P5Utb8N3B58Lp9gBie8HBA_Xu3WX5iKforYCAnjTQ7DN m8C4lo4xgCSJB7vwi2b5kebB3PQTrr.D57oCpdVxlaE0YahovE0enN4otbx23slyNQCkygkgeFJb jSfy0cuZKOnBiMbx3kTO5.yjtZnF4zrYQ_4pev..aByE8j43Q6VViKY1RJaLRlDkPVClrGUKIaPl 27saDQfWJTzplo2qEStUJnwhMmnbgu.AlUQRb.PPUl4U5u0zNLGfJ1U7vI_3eaogcXAtR1utlwCZ 1_YNIFIepgVMDCaLze7cQ7pZ2uNzw2OWHhUAkWJMev4_dI.BkQu8Bl5FcEeT0fzlERc.3Zhi8vtS BZdcrYGoBbjslv5tK.FHxW3mGNYslXgNAFpDbr0x10P9EflsM0LQV2QMIu043XV2aVj8waOZiQf6 desHq0OYHADp_geBOaQCs48oDbU5O.sLbutefBqV5ieeRL04QBqDq28fxrDrS1x0eeuljESzlio_ dlrusfVL50lgHStho7sy4.e9ndEUmadyuAng8WfQLy2bIw.sp16IsmDMRM.pkByw0AVIqURjFr9j wQyKCpl5vSx6XcbwtZgvsSNsr8dtcln9Dn4OINtk8b13eapRhsRwiXlI8S0mSlZBeu.zsbQO_7b2 j193fgSnDU.MdRbgv.1Itsgrar0Kk.viesZH2.VZMQxyHTjSuqv4O2znXDlBWig0OnQES8t5mRE_ KlKfnamDQ0MZ2uIPbCCJoSnuADHopVkSpaON44wh7GQZ1Ufl8grb86UyxupIwo3k6vY7lwtdPXJu Ml9ZPF6.eOd8FRRYXueWQGtFQYJyGMPz0aP7g1pYMF28kvBc.kioordz608bK_g4xqT8OnPAgcJX EDQfSFKKJuVboYTbsruPgA9IkDEne3iCiH9UoigGxKPOCfTlLzh54y1HDijpnz3deMW.RtfoQkB1 0ncXN8JXTnakO8NzLJt632gmnBFYPZjnu5gJEzBsWHwmw3f5T9HnBODIFEimZcNC_vx_pQ2VEhCp qMhGXP4nEnEX9Tx_4E9V73qA8YfVzoWfnEqsiaQDfLlAbtsP9OTixdGPBHoxq22bt6w7Hx0JMgmG HZdkGIHBKwHm0xzS5hpr3QQgdanMnLz.JwLwoH4HAxP1iVsOOTbK0KKtTk8k0AW_qkc6MmjoUjGU WPjgFpTYgLEtpyhViROd6vrIUG8ZI9aASbwHMBoMbD2etAcWyOkY_GBiMi710NPRQUVALbLMcXhL yVXuZOyGKXtkKvSF8NOmnj.Hw.N7t9lkSg_HQTjQEHhUqVvNObTrX_Dwl0N17wWrjziWyCmjRwT. cfZwsuGuyPJRpaFz4p8yUmyNJx3uzn4QOFqoARm9UgmvFR6aYRUNOP7srOpBXlbOcDbrTjxpCCQJ J9LTtPnL1V36WPD_9jTvOGE_J1LDphpulrFpm6DLEsg8hJnommFznbNlpby0BUymVMbrkLPamth8 sHVUm.Qin_gWHr.lD2YtoJNTQxmpF0Lmj.xr3.h59yINa3fvlMcYsoJHyZoLJCDKF.XqcnB1tkiE TxppSeUGHD5Ou1Q3xvr7mYMlpuXI9tH3uWDnEhY2WJQj6JUOqmy0rS6u3UXhS._M5.5Qm9A9g3N2 n7G4k9ZX2oZc3WyiGBGvBfVSamq5qYxePusyZnvlkQpOih0u4dOVlrmGOe_l8uwlhuPbD1_jQHVf BAMTjiydMkrsA3WA5.QWRfiOSWlTJdbCKtwf33wR.1z9okM14RVdvLPAdxgZiroQQbVmElYWx8MJ c3vTUAfMeGF8mCGIx3RwlEG6ua31KMIjmsmPPe.a3XJAiqJ45e9rgPXaf5jSZ3BmHcmiTgwH_PoJ Z9vvLmiWarMNYuZ99MmdTakh2wVkRgj7VQre5MmScJSF8isK60a0nW5Vh4RdrOq.IhalA.gqrlxX ADFtSHFscY0.1pvQlEh_ZfZVWeqsMbnLBCdUINqxyL7jzJen44u8UoEkwCiQCPUz_FJd6uAu155Q fOdQpbU5z1LJKGETewbgi18CfqnEeOVa.DwuzAumeJ06jBNcs99TfHG3V1XDHAEqS_FcpSI69V3b GXcJN_11hH4.LETafhSZNcg-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:12:07 +0000 Received: by hermes--production-gq1-655ddccc9-czwwz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID c7ef53d340a8069498e39800c60f4cda; Wed, 22 Feb 2023 20:12:04 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 08/11] Smack: implement setselfattr and getselfattr hooks Date: Wed, 22 Feb 2023 12:08:35 -0800 Message-Id: <20230222200838.8149-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758564978683541034?= X-GMAIL-MSGID: =?utf-8?q?1758564978683541034?= Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 87 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 83 insertions(+), 4 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index a27157910fe7..b4cadc7244ab 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3552,6 +3552,38 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @p: the object task + * @name: the name of the attribute in /proc/.../attr + * @value: where to put the result + * + * Places a copy of the task Smack into value + * + * Returns the length of the smack label or an error code + */ +static int smack_getselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t *size) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc = 0; + + if (attr != LSM_ATTR_CURRENT) + return -EINVAL; + + slen = strlen(skp->smk_known) + 1; + total = slen + sizeof(*ctx); + if (total > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, 0); + + *size = total; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3581,8 +3613,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3591,7 +3623,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3605,7 +3637,7 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) + if (attr != LSM_ATTR_CURRENT) return -EINVAL; skp = smk_import_entry(value, size); @@ -3645,6 +3677,51 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +static int smack_setselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user size) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4956,6 +5033,8 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Wed Feb 22 20:08:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60681 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp797590wrd; Wed, 22 Feb 2023 12:32:36 -0800 (PST) X-Google-Smtp-Source: AK7set8UMmvPlp3EKaKtpy5doNvvjL4wPRw2wifoUyqowK12ZGlQanehdnVYxazakT3+o8Ow2wIY X-Received: by 2002:a17:90a:194c:b0:234:384f:79c with SMTP id 12-20020a17090a194c00b00234384f079cmr10069722pjh.33.1677097955634; Wed, 22 Feb 2023 12:32:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677097955; cv=none; d=google.com; s=arc-20160816; b=gTEckxhq19aUm5APWIYbBFCx5PASR0o1+mbn/q0evywyL/F6tfl9/o4PaVUZxdWEy7 fmzhAKxeH72o/2+7wdi7PiNeCNbKd7gK+qebzjkfGSArgcEYSFQXmHoRvZnxIsxcY+B6 9s66dlTSoFoXDt99Xkpr4961BUBl7z6Fs1rr/iIAGvc43MQB/je71cyuXKoCTboeaE9z XsCVV1yRWF6gIKgSs52ayTPBfdUL8d1xizf96cmvj5IfrVkpQWEProzAJOXmuEUIWZGI 3OKYERK0B+hHvb+/HWPh81O6dQQ6joY8+R51kB52gKOBQ/Mf4rxEh6Fle+zYdGRa9/p0 SPVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Wgj5Sp6u+Y6W+BvkFLWWh2yamvz1LXAbvb5Al4WnpS8=; b=K054EuHQxUn5X+xVhzJZrotIAPT6fE//PsN577NYJgFwE3vgzBJLh8szBvguv2b19C OojIq+hwLUSZeZlm4kCPAwLg6IJoWPz2Toy9XNHS0rcUBf249CuA0F311AmuavW0rF8m aBiQvECyGKeNM4iZsPThKHHWdpaovjxuqEhoxwCWNntz5FzW6IE3vlqOOjunz7K6J4FQ pvMQ0f4xDcYOLRdtbELkJd551JLAX7WerjshaLYJVnbe6aT9giN1cQwHXyD2nQa0B3Xf sVhK8tAosEEdwfG6gdheR6KE+U/bGpU+xxT3XEDbxyA75cJpvLADLrlGPz7MULXdb+S/ irww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=VLr33BIL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o90-20020a17090a0a6300b002341fe2f578si8303250pjo.138.2023.02.22.12.32.22; Wed, 22 Feb 2023 12:32:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=VLr33BIL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232440AbjBVUN6 (ORCPT + 99 others); Wed, 22 Feb 2023 15:13:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232083AbjBVUNy (ORCPT ); Wed, 22 Feb 2023 15:13:54 -0500 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 550FB11665 for ; Wed, 22 Feb 2023 12:13:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096821; bh=Wgj5Sp6u+Y6W+BvkFLWWh2yamvz1LXAbvb5Al4WnpS8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=VLr33BIL6OweOIl5Bdy3e9uvXHnxKk4FWC47Y1QNbnTvL6iV3f0BWQHGdSLLGVbVi/B78GiVDZXQLD/gjFpyfHZazapIUegaAi2h4YAVA4LF13ZsPSyqLoqf3WslpnwYoFdjwCDL7TcmY87pM8Q1r/rE4OMpUk+UaJCByMgvSyHSywnJ9TmZruda4XxDZiEWS+T00U4pHNJNFKa+5A/m46hUUDimm0jaA4S+Ci5xpLBKySEw4AbanhkxpmGnKoD3U4IDJvFIeHTjXfKnNjw3eVxxYc1uThLsxtzGTB4bCb8zIf+Zh6XbKmy4xEgsqs5CegIeNACA+0ucwnpzduJLcQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096821; bh=de+9KgLNyifh2atvF39PQxDQhK0cOxoyN+jVLnC0y3j=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=KxVBOHcWD0IxeOIELCe0WXjwdGWqNp0YhtxkP5b9llfrA7JVyJ3iNbdLXKd1ZwPwlDeX58TvEmDDj3DgqDQ1eTpEqWnB62MZExhCR3YBKECFE36TwfgluJ1YolwELm3zkWQ4tDW0/SmIoEcSvGZ9NIyLVJdo4kwbQSKAXKDapoYgWi2JQx6TkXEFjK/CgGdzTkOgOq/sDzy/fwXe5LWJMHV3MqdrbPB0/LXNCcealjxbbfxGr4lIMZmtmbb4wyo3JVByBiMkLIqXl55NqmKcYK9OIooR8cD289CiSaSyX5mOSa3YLTEc/xaeR8I6JbhEWSB1JcdQaVsk4VgoSaLMjQ== X-YMail-OSG: _S3I2vgVM1mgT9csDFMIqDIgbDDMHawfddMdTBSl2HlgeU.oW9Ai7fiytqt2hUK IbIq3xcgsNAq5Bz4HBWI3M3Zybxg2VGTlyGrx1RJajJr45hrvZh7MpX72hNqdk.hDyoA4YVW1Nvb 8zU42ZzYtG8QCO101Mz4outNni3UtuCslCBAnX2tgiJQtu2soHwDpdZh81FMgO1VigCRjhKky5Cs afFKkVTGBp2Cn.9LytgXgjvW4qwn..umvfPgGV9B5wmk02pfq7sKBPtsc5IQtI0szAihDy0JHMMC 5XPVw6CIbqwP8dJkwZtx4PDxumZRF0.OOPRA_0rQqnIxggqHkTxCaLG.p1HVF3BXslk1BsnjwAwP C.HHlm7cPCz..SdXLSowRepQPo94KZTrYsumTpugwjv_bSXgoS5f6BLb2Bm1WM9R_x5PdTXMNCw0 oRQyZqQd4ILd2jOHEr02vcJL1TmMEAJ_aAZeW2LkSv9LDcyb_ykcBiuflBEdeeNQ7YkgXrtjWHo5 CzcBIXv.B9MhraQc28SN_NebGvRbPP1eDSc8sKquqSqIf5QuaicCqwbqTJFBcyNg6WNN1hc4bsUq o7DHRNwdy9RwTZxKfJ5QJ24zVEAR74uX864AbLaf1BhojXUVhEe4V_lu07KBZRRC6RKUOpbpXBUw YpRrPDoHbm9hIeq_aDbyaRIIjp0BJLegjlnwPzGw766JjWf1ctA5vNUXHjInAOzSp_r51ZuTIIlb cp_7f4j2l34gGV7GLOfegfEaULco_jQRU5YLzoRBYTSNvGo5F5SYQ_bXr0WWt9yY.cSDWJqZWXXT rUU.msKFIJt03VWmAaSkDED.hoK8xEAZ0d5ur1v872ZPsb9JqtLiSQPut.WwChHt4uwkKJwKceBK 3LseVJC77UytjSw7BRhbGDIwJNicKF7Wm6Hc4LEMNPKTKDbcdJvN2BuPHAAD3yS_cIRO1IJdqxpP pVZdnuCOMGa1Vgkgw42Z.DWo0WfauO7iuvp8xkRJ9UOuqtYt_H24fyq5BQ8kICb7FA26CsDL4as4 LvIzkAAaIwhAQsE68R7zJ2Dty0bGiYNY_sWbOA8tiGS.smV0BzFDRhDKHooGuY5kb0VTryrdLO8L 7D17rE.XQ4JMlV0KvrJsOP6D7tpQ6yMK8kBgambLQRZoDmbVp_6AAYZzEeYa7LPQEoTisyMfPsHj OoYaSp3dybOINhQULfpiMe48UTAz9vFMChrl4DULU2JahOCjkxhkn3qY..kQB3sklrmNx9eHFTVg CRchoNOrnPt1uwbkoqQIQ.lZcY6hLpYWN38vQonBFDv4pPxpwpRpK0v0rz589pPDGkFv4qOUzhC_ kHxxKXgfuuFHDkicOZj3rgTWLz21p_cCb7pdAeJcfxPA3h.u26GAxZljkMCi4m593jJRqSd_909T dIAAjZ.V_1HGadYdVYmLy3sw.sdQfDDLRijow3B_ep._DoAuipM_IQwqRbX_iS4byFF1HncUiEql 8CMTMlMoU9S1sM2l8tLVMfNfcuLeWh6YKh1OHOeKdPzGnqBPb8_3NQNwk8XiailBCRHFRABouNFD oAoMK3xz5ps.AEgKsuAREwVC.ZJ0Ythr.niAIwLCaNcNuOeJe_bGYg197xb_Qiyv0ZJur_zU603y KOF3mYgm_a_4pjPOwH63Dx3AarpDjG_coR8LNnW0Jfa2pq2oNG6FIplx5Y55_vEJet7LLdX3W4AF BuEoo4wlw9g0T42O_rL_mMhs4BLzksrKzgObIsa7rF8g.Z4CpexAfE6m0XLOwSAtl7IlmXdP1pVx v6eSduTj48CGm6W4f4lWMK.ThBf8mZC5bsyVtRPlfBq_HonV4E0yE24Cm1K2r6g3I0tI83NA_855 mq2VOCLRv_P9vOiOqMjUTdIzHzZBMNhr8lIa5sqQCx4AIzvA_W8SvmYHKv7LfKXQuGrcU5SUa4zx WYsl34hszW_y9PkID2V07myIEVZ3eVPS5wQQtOcZyX4wK2TPni4UJE431rdG.YYQuR12DgLdab.g XTK7_bSHYTXDEe21FOLz6hx8N8pD4yemUk2QrBHAlrj5vj2.a2inwSUIgmlGPGv3g5QPZGj8J6w8 VsTrU_uPHQp6gARztzI_rVIipxmO5W8jhJn6D3HGuJf66eiz6GFfXRvfxoQ245BdPamRjtgzNmsA NyC96T_BItuBkvrjCQ3ANyMKZmmMFHaWbJAIuaB34rXKXw38NOSr.GyBV6zZNWOmdu0cuINABTkr CFeTz6WhaX6sePiYG0L0OBCjxCUbeSdDd5GnjjV7AADn31FZc X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:13:41 +0000 Received: by hermes--production-bf1-57c96c66f6-7l94f (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 79c399884146b9399d6b4aa8aeb66e6a; Wed, 22 Feb 2023 20:13:39 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 09/11] AppArmor: Add selfattr hooks Date: Wed, 22 Feb 2023 12:08:36 -0800 Message-Id: <20230222200838.8149-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758564665896357164?= X-GMAIL-MSGID: =?utf-8?q?1758564665896357164?= Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 91 ++++++++++++++++++++++++++-- security/apparmor/procattr.c | 11 +++- 3 files changed, 94 insertions(+), 10 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 0c2f4d47af42..165fffff095a 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -632,6 +632,44 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(u64 __user attr, struct lsm_ctx __user *lx, + size_t *size) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len; + char *value; + + if (attr == LSM_ATTR_CURRENT) + label = aa_get_newest_label(cred_label(current_cred())); + else if (attr == LSM_ATTR_PREV && ctx->previous) + label = aa_get_newest_label(ctx->previous); + else if (attr == LSM_ATTR_EXEC && ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + else + error = -EOPNOTSUPP; + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = error + sizeof(*ctx); + if (total_len > *size) + error = -E2BIG; + else + lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + } + } + + aa_put_label(label); + + *size = total_len; + if (error > 0) + return 0; + return error; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -651,7 +689,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -659,8 +697,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -691,7 +728,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -706,7 +743,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -726,13 +763,53 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user size) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1256,6 +1333,8 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..196f319aa3b2 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,10 +58,14 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); + + if (newline) + return len; return len + 1; } From patchwork Wed Feb 22 20:08:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60679 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp795211wrd; Wed, 22 Feb 2023 12:27:26 -0800 (PST) X-Google-Smtp-Source: AK7set/dmw9/r7+7w/CnS+2dfmiBpO4OCQzCC1I6kt0NbQo8QoiBMy6hLFhMPR7APErK1oLotiYc X-Received: by 2002:a17:907:b16:b0:884:ab29:bd0b with SMTP id h22-20020a1709070b1600b00884ab29bd0bmr17962241ejl.69.1677097646435; Wed, 22 Feb 2023 12:27:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677097646; cv=none; d=google.com; s=arc-20160816; b=Ft6+2h+e4u9coBZVcklyJwlXJgj+xaptuPr+5mSIMLXQYzy2xJAQl75ETjvBY8madM fbR7gdTz6iTbGsx84Ne1hTx1EW5nOfkVM2leZWI4C5xc+/rbDRgcYvOPFUWb/JaRwUEB h995bQEWQ1JgbfikcuMXsMUt65fwGys9TEr7vCQ+5/zDtprRkk88wSydEH8oNTwVRADp X4kL403I48EJltaDzOIkcmQvNSoMofxtpVb+lEyAhtyi8ObwhjuQZJp+jnjxmbTMxGBY ZuWjw3tft8YGAgI9NvDIQqnqewldwGtbkZ8yFcLajONeOC2yRYAws/9wTCsSCeLrrDQW lwag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lJyVgPk32lT9oIbOIjScWjIYoZ0R+o/EuqdAuivGGTE=; b=wTiK4a8iyEIv6G2nyhrffBJFcQnnRd2dkUOaO4+J16qK5jb9rrB0x4miEamNkw0iDj 0KQRYoYkkX5xO/aedn+sw2a65fr4ldohyRMvyfYWB4Uwdr2dd3GFXxYm2TI7Qr+wFYnu TQSEkMg6cAacn+1Q2UGx+aRP54Wk7Enhr5yEFrr+7EgM4IEAZmG7Kl5Eq+5aUqIbA9PA sml5o0s23EMCCxy9fuDhg/haM8gzGaFCv+WmoFd5UtB8MNqgk7ZopK8IvjTIVjqWabkR IU/Ih069wMDN99zBIcG0mErURKwOsCD+RTgoEEu26yV1dZqytqds182+Rfg6ejaLERQe cHgQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=hIGaGXJI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fg23-20020a1709069c5700b008cf5cc8f9a2si10408482ejc.741.2023.02.22.12.27.01; Wed, 22 Feb 2023 12:27:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=hIGaGXJI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232318AbjBVUOB (ORCPT + 99 others); Wed, 22 Feb 2023 15:14:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57882 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232300AbjBVUN4 (ORCPT ); Wed, 22 Feb 2023 15:13:56 -0500 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8766218A97 for ; Wed, 22 Feb 2023 12:13:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096822; bh=lJyVgPk32lT9oIbOIjScWjIYoZ0R+o/EuqdAuivGGTE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=hIGaGXJIwdDjvRvi0J6sW84TTLzT1CFUUhRBUmgbIXA7VerjwkLRM8hSO95JoIAgSjiPa1OWIPjfh7PpDAMBTLvdpcimmzRjgH/UWT8C9pCM6sttD2887vjbyIpn49pp6FDjr/5vlaBB5Bo395n62+XOq41HJ9bWDJOFtGle2PfmP8iXiwS4++YxaSmWSESc1phO/xG0jrclGLwLqq2TPfvMFIKiAuh9mG/ggIQ7rADn6lE0AKnFPv7iX8OFl1tDIj1YfPhnwts4qjo+Ub7IEbrvK2vTxeVm0fdNDod83JN4BGjqW7S+StC8V+BAHkoXGC+SLcpIBT04A2RVvuoplA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096822; bh=Gx99V2Hhsvp9kW5lrZJ7PAr7uxJqc4kjaErTlxPh9uT=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=BLMIXUGhGB6rZRS9Wx8vwdH2QBXpV86kyyZfAqH+F70128Wr/5vThmJfQtd/WPuhK1lwDclBuGAhBNWauUSSbX6roxQ6lTe/azcs+gZozb4tZwbnETcmRZ2XfRJeZic5FGnPs7aQHlZL6fUYk2D59d9QSVt8X7P7mqddydyCd4eG1Gb44WP0o0KbalJNpav0fW7Aqp8hwAGP+dblf3WLITIjEOVi8TiO71w1Tl75V2w0EEznwq6kI6VPDSpRUue1XTFz5Obe45CIK9KbJdyBCIEz36UZEUvL5hStYCuh9D4vXftl1kD//oDv86fS4jFmSxBW4VzJf7L4MJVRRpI6zA== X-YMail-OSG: 4sN5RKgVM1nVFnyLtwdSS8ENBBlSJ1i0U02JCo978Socz6rjImomwzSi4WuC.xz R1BW2qn3e53tDHPV7x1cLwpXWbOJItios7wF9E5kJufhXWmHjiXztfIJYKiXmN5nfJdKdez7iLOF umu5x_INQbN5hXfpTor32onPP1xwmwS6.U.NVKBj5jAEOp.2OB0x1IyJ09AKI2fKG2SPii9J7z.A Xwx23DObDPPzXcAMUtqOeSrugptqK6mP.ZQPHS9oa5AjNPiLIbwnI6KciWLrv..tuiCt9dC.4wmq 8Q93UQM.slP0UFmLAKkWXTlcsCRvmXEmfeQtuFN2zRyAWrKjbzL2HJo_KqZ4qXaDBt__c2SW7lp1 2.MuyEnThXE7iOpdU3jY_qTXVFLHKeQqpnqbJv5CC9fm_Zk_roPF_ZIIPbMPCAmzt_F998dDCy4h LDRR5_J29Y52BGU4CN6bRR4lbyo9oNBmSczOxya2fEPsZX9JHVm8yXWhYvooBQ9VDaP6TurwXmCZ Twxl7_c5fhZ.QIyXBaPIqoiWmLS5l18hJliMNPQek4My5aDoWVUQr2zrbpxQz5PS1PjI7Py69qw6 MDcLzg3RH09LHAwKWo5IkWu9XMU232HmbM7vxLam5CG2WZag.ydUrPTPeNtajg5Z7M0f3fC_nQ1G 4liMV1HWzK0FJjLlp9oIMQe.LMTY6baoaHOfAp0aCQTgaGmDSzgb_2Pmud6iBVuUxAiQzJqDKHN1 HkkIuprC5o7HuCRRrxYeOrP0g7nxlHhAeGSfWpqoLunwzTmyQO99.JSm6vY4Sv6HKQedcQpTVdlt 3eh1_yrujyysZBQe3es7jHDVc7cI4_NLI_UU3BgjBZfMXWc67xTRAXQFFOFGCC1apog_z3gvadiF 5k2PmCpEnFcueJ38y2fj1ZQAAGGX3cpToPkEgnNexPEXfikCvzf_pIh3MCA9MXZcEUhZZBc.1hbW .biXljhCkU9zDiHYi.JvbtwkRvZl3LdDauuR4kL2EkVdkpT45ZT26rdkBYlcusRuPRxAe2OiLyBc SfiKSga.AN5qVJswaQDS7Fy6VzTZWRnNLFBYydrexEm36Qp.MwY6zVuxwCRlnicl0GWvGuN_XX58 zWZzyyBsvEEhopaK29ZQWPnssIDggjLuLWJlw0DPclYSn1zyyj4zj4xhEgZcVPTQfTridJ0gsgkU _sfJkHqjw6tuLdwXnlzprbHN_LZGuhtt4nRTHgaLuqLjuMKnoWkav1QZH2mn5imiv9eD2HIWTn6u pCfQ7AuqaELHUyfAAD07R6vMTMXd6xfdNJ5ECcHNmAs4W_mhimIfUqnRus1Ms9t_eViFxOk16fuT 0kYW7u4Z_6MUc7QtPyZ.YoLHGNdvzm3vr8HQGdDL_3j7l1kJuFJj.Q1AOn8IGgmfdFiEiMxax1cf E3C_gbzgQdaDew4Rwb3NwLD3amQsOcak.oi1.8pE49b8Xpb0aFV6GOa0VSyEd5KkogolCMro694k Lvuti77Pr_P2TRThEvXS.XKjq9kQ2mQ7DXgbGKuPC.6_m3aXbkTL9T3ePqBNgw4Tn2ii387WtsAa YgYRg.xdij72I_6YfgNvOr.gi2NPPEU0aPns_b1h97kyQhu8bnRWPXRDU1w2EjcvafMaUKDPagS. woArQAdgJZV8.T9mvRQO_BXExhYsOhXciHQeIJRLFUdu1VksBiJx7kfzumfnUz.DSXU6qNu_OCtd L9MWrNKAM93QSoPWJxT_NnZyDOLzk3jV6v6Eli2dPwhgc4GQDRU5wQWyamg0o1TDgYTI6YE1Xg41 TaoQ25phqGWn15h7dO.g6LAMjFPm2BhPNNm67ViB_n8InFIPgOnS8ej0Ii.SHHiYe7ZUVim4LnwY dsGWiTyhiNLWjsLSRgW3E.JbBCbJwd5NJYUuWsozt_yl5vBuhjRI2ttVWBXp5Q15kQg4g5gDBvj6 GE6DvCQ20gyh5wwM0QNxv6o_yhikDPEIC.YHl5Z9Vv4fVjrmv4uTH1lqNDY1C9CZOfDJ.G_OBhaP nkFPQaWT8uk4kufzMQX7nCEiLH_WMQabgv8SW1CT8TKXB5oMmvE8zherFGjeotJctFINP3WLtqMM gjhIj05V.FgwVFQOj1FOLfcEgzUEwR4EKRvjEQEtkWupvC2fGWjMWkOq1TMjHdCE4PQstWMz80gz xpjpQGqDM9vPrlyXDZDvnHdGA2gZtXDeCRjHbYJjgsyFZi.RgjI9qevYDvqVaXxTlKIrbkB_93De 9Qy45fk8bi88m7XznSoPlZIam74x.fMdSIeA.xyjx4qiMTup0 X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:13:42 +0000 Received: by hermes--production-bf1-57c96c66f6-7l94f (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 79c399884146b9399d6b4aa8aeb66e6a; Wed, 22 Feb 2023 20:13:41 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 10/11] SELinux: Add selfattr hooks Date: Wed, 22 Feb 2023 12:08:37 -0800 Message-Id: <20230222200838.8149-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758564341633849122?= X-GMAIL-MSGID: =?utf-8?q?1758564341633849122?= Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler --- security/selinux/hooks.c | 143 +++++++++++++++++++++++++++++++-------- 1 file changed, 114 insertions(+), 29 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5cb09986a2dc..b95bbd7bb662 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6348,8 +6348,7 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int do_getattr(u64 attr, struct task_struct *p, char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6367,20 +6366,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6398,7 +6404,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6409,28 +6415,36 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_CURRENT: + error = avc_has_perm(&selinux_state, + mysid, mysid, SECCLASS_PROCESS, + PROCESS__SETCURRENT, NULL); + break; + case LSM_ATTR_EXEC: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) - error = avc_has_perm(&selinux_state, - mysid, mysid, SECCLASS_PROCESS, - PROCESS__SETCURRENT, NULL); - else + break; + default: error = -EINVAL; + break; + } if (error) return error; @@ -6442,13 +6456,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(&selinux_state, value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6459,7 +6474,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6483,11 +6499,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(&selinux_state, mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6495,9 +6511,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6542,6 +6558,73 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t *size) +{ + char *value; + int total_len; + int len; + int rc = 0; + + len = do_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = len + sizeof(*ctx); + + if (total_len > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + + *size = total_len; + return rc; +} + +static int selinux_setselfattr(u64 __user attr, struct lsm_ctx __user *ctx, + size_t __user size) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + u64 attr = lsm_name_to_attr(name); + + if (attr) + return do_getattr(attr, p, value); + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7185,6 +7268,8 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Wed Feb 22 20:08:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 60684 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp799952wrd; Wed, 22 Feb 2023 12:37:34 -0800 (PST) X-Google-Smtp-Source: AK7set9Yk8z5LAiG0VLdYmVRbeQ0zw1/Be7lIeIQuH/lHy3S/3FOtsdUQtSyn4P8yha24p0DNHN4 X-Received: by 2002:a17:902:d50d:b0:196:704e:2c9a with SMTP id b13-20020a170902d50d00b00196704e2c9amr13688342plg.22.1677098254227; Wed, 22 Feb 2023 12:37:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677098254; cv=none; d=google.com; s=arc-20160816; b=b1c9jkuahVr2Ahs9f0/Ifap7ovm06rLSk4j2CHvOtNwzormCPCEozM4mH5qR3feTVo EzhP5hg0tAZk3oTk5XQEiEQW9GM0QMq18r1Lf16OXHFhRIe+shU7e3S1MTnOEcQP/5Uq UxXxnnowGo+GoWXAnqM2VQAyqFQHAB/nLCgUFcF0qTt8Ovm5r8vep4oNGjEu9o6Tk91v 46ApbZoiz3eWzutGAdhjby9WSYiIHWrXJurrwS05ICzC4rJ/NJgE1dBiklYqyy7wdDkI jahwpmeKZQXpGU084EB4MNEJFVKURDS4/e4jYVK0EuUr3rETlmxrHbXhWqIL6DLXge3A reow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=fxR5hRSnSj4iuuOMlfoNf1rNYVWYPnTjd85lVz74gYI=; b=LyGlKbgynJS8mz36UmvVdXGfQAQ2ae2tjK+J8/XC5lTSfs7MtfeGn/AIcGNzIg/ii8 tvtXdmtaMyiPs3ZGxLp4zwUKIjtTvkMey8QZA7mt346kOV/MXGvPNNvjhXsyUAmcCsZ9 b31qdY/Ug3Yryx/QJla74L4X5g7+9eG16zefw7gdfO2y2YDkd7Jd/Pj1o33lKh92sqhB 0qPidPbi3EGCVRAIz/6+8Aq7N6a4/7xZHqfwJanUQiValTD2LCZBBNCwhD/BobzWd+2J v5PvOw7aiP5VUjkuC7d4fS7NCRqq1jiHaTrF8ScBzJco9l+Etd9c+xNSC85Tp/JOBkjr zcSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=fdPPY+Uf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f12-20020a170902684c00b0019ad3a672d8si10370294pln.83.2023.02.22.12.36.56; Wed, 22 Feb 2023 12:37:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=fdPPY+Uf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232562AbjBVUOI (ORCPT + 99 others); Wed, 22 Feb 2023 15:14:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57858 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232455AbjBVUN6 (ORCPT ); Wed, 22 Feb 2023 15:13:58 -0500 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7DE6824CB7 for ; Wed, 22 Feb 2023 12:13:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096826; bh=fxR5hRSnSj4iuuOMlfoNf1rNYVWYPnTjd85lVz74gYI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=fdPPY+UfCiaNbpGgWDJbKAVKhwnqOGxnMzPSLlxvkJkyh4DsrDc2DsNg9uj2W9HzVsjjVWG0SYRzF99381wt163AvUHcviGXwWBPUOmL185ngrQWkKWjwbTdzVpvE/tSEsEbjF+kymIbm9IzHwbWLN3nq6xvYYBw7E4XRd54OW2NaQyUL71ym+Ibb60YoGFggWyhplmcpxoo7UcsE+ZISSf4ch7hY0avrW6QS3dD+XJSEv48jR/+9+aTtqzARAV3mJYv+WzEjbUYbyEyZPur/aZvyKqOcK2JnneO9EitaeiXdt8/ocegQACdsyMuUMTxOHWsy8Fwn1TMpIKQ4/cUoA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1677096826; bh=ih7/x7ZQ02ZadUTwdJJ47Z/2vTw/HKr5wLkrHi/3Kmr=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ON0Xwmk/Oq3eW7yYXek9oSqMb8I1MKvzHA6zERFjqd8G1pRxnaKUoe324WHizqmm5BZ+gZ8glaLZd2aDkeGOZIlKjr1JnMnQAX9eW26s5SB7658QiR5s4BuT+DqzmftnBQ8ACcX/Z9fnjATSoTBCz6H44V7/bJEwWjB33Dfw5FGiD9oZz4RpMZkmxd4bjakAiEkP0drsFvMSbgqCVK/JO8oQA4hIHWuxIjhYkzsRgWKNnVYfChnGFi1UKXQFPjIYC7AnXKf6ejENxP+i7Rdk8om8oj5idUBmz23fXPZiOuZzsQJMt5KDW2Cn443zk6P3yg8kk0XAL9MGxZTHJgUpbA== X-YMail-OSG: bqGU2SIVM1nBdNh6CeTBREKEenySN0HGam5EFywe.lVpbjeGuzHa9biVtN4.2r3 xiIMjstgTWPPdsu8Bhr8_NvXZpLbkLZ4b29Qg.JlJLREEdS3E27LKEEBNNfgQZjXsCl7BbSo19fJ 84PuyfbOxUdLiU3gGcM6ToUeX6rjlXW5W8ck6TtMZJffN32EKYjuIAUvSAGiMG9Ns.km8Hulm2NI wkHX51gVAFmxiUw7gLGJZWihz6PIQDMxcb2k16nxkieWfct71iH4Pu2mGtt1PIxhDUcDWVOKFRot 8gnRORsdYqiZcWYOQ5Vee4XCM6dBynG4zQlDt4QYGw4Q2rBYzusGapuhsS1TyMEnJVh5YVXtPw6C Mj1iWH7LStDfUB.C1RtybnLipgLJRdUelFP_dcS9MpSfBdPfUa0TXEoh85.wOIPKq34J5FArxY9j F7zT9LLDp5MSsASwja3rSGVUr9z93fFg4xZNngIjPX1NBBOtNkUFwj3n0f94FifdD4Bjy8mz2DOb o04947KvZN4vOVTvTsgHLPq_7mVUcoTAJ9i3N2MBuahqFjdkLugVPKhaI0_KlHTh1Wtle66YAxw. QmueymytPR9synrmJGYOSlifG.U8kNFByd.dXKcTsbrK3VGsgYPD1X3Wt8bovdudBiOQnGawWhKA xeaBSLdjE68rfRbWOp5wzUGMY6N6qgGx2G2oUtU5NSkxk5.1dZWSVK57UYtutzU6FXrHoV6Cdmjt DvWzYxE34wQyAa5PgxzyBcLNogb7traGmefSyQp81R_fdSvNXO.KMFEGaA4Dsx2445yfZAbOetby TUDR0_dnefF04zLZPqpKJUWT9v8PunBFiGeN9lpTzP_C0PLv_bjXcNIkyWOPwh_ocogYEnGab7zQ wSuM7_DAps7XtyceesVHtEBISC.3OKhfUfOrrOcMSyURX7RQDiBYjktVH.JLrrSq3s8Z3FtWnySq wMrMKtblH7ZVTo7EIwkjYmC.WwNeCRS_dlM6wjj0b80ir1HXxubTKfo3nh_jj4O.RYmzauhZ0y4c hlAiW4eLs_5de11osUE01.mJKgji21YFETgn0XXLmH4c0RGcTRwLx0ApVhcNjwQ.aCFAocI8UxFc w5dhMnmAkDOP.188.TyNvkebs.LyHg2vCdA5qHqWyTMMA7uPDsb8YjGcUq1kJABFDNOjfqZg09Ss kp3D2ihu1N_EZAi.NcG6WTOSkXOJ4GrLV6gsfBSlZMIare41aa80cXObfECvyw5nDl4xBtiWIh3q 4o.Mg_3O51QfwFmuLi_tYqARK_rKZAP0U0Mp_W5yq6tKGqQDk_zk6x9S4YS95amtVhKLVwh9CoN3 jRXlzJVCZrLeUv92kCp8xA7qnXENsn2eG8YX0ICH3PX4WRLWgGR1tohNBvTNlg435IYRbx61VsL0 37Fkovj4BUhP9PqK6YgLSW3G25iS5LvoPqr5NLnG.iL8kYPtDHeB8KmxYed9Yqec61h8y8dKsuUR Jcuf9f6FTUqGWcZeFVnrEJ3w_UQjQgEXaybjKWJgw.3o2Ip3IJzVUjPDwdNaouxq8CRM4Sc99TYB nMDiKjHXNuf58lBhIbZ067gJtPtjrDYNcYBCVO2H7j4AV78hlwgblYRgoWXk.c5za1YFoblYnpPA VJRzIYWZXPBOokpWW8tTR1Jz68ReWK6StQon15HFfq8d7fkxLFbNFeyfXcq_CCdBxUj2m6bRjdfm 2Zsf6ZRI0Z0utSxSrF2bfzUdiwKVIwyVR0eGpcYnLjs01DW8LWzsFa4T6EQorF1_OgjnuWw.U9te qCUc5dwfH1f7EGDWZUNDQNes_8tAR0haw41NbXePZ4vsl3uf5NYVEL7dPNi4ITWD3VP.U07raWW9 jcR2.36l5RRjgfPrzekYKY.FSFRXN5hV_yd63rHD6FylighrSh3fVgTiTNNXdq24Q4RuTEik1eJF pKmNXpxI6PDPpMrwU17.wwr3hNcECsejB5P5uAXzjkXc7e5n0oHAAibS0.6FFCJOCUlDQRHOO2Dz ELAqOk2oMK2BOSUPystvTob7dIYope3XOotU_P0dJznsPE1IsTTIbLSylzIKt4gzqLNV46TY4FeS SReYo9w3PekQLhcEaZJGshN.G44OicheuxkuDET_zBQxSl9XZHsP.AWa4SXd84QA9fHsQrTuLP_x IkBaqf3TSYxXTEuMcLngF5ZNPchwGLCOwV6kzWaIXalDip5EqQXCBIvUQYI0XCnydUhnHNrBAvmC psdgeAt3R4YLtBCVGFB2_jWoZ2Pe2sg_uYp0yWQRNtR9xdHamq8nm9mewDIhw1qRTzrBkJhkFq1U SUXsoDZXcqeWYhHDEb3X8FlzETg-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 22 Feb 2023 20:13:46 +0000 Received: by hermes--production-bf1-57c96c66f6-7l94f (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 79c399884146b9399d6b4aa8aeb66e6a; Wed, 22 Feb 2023 20:13:44 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v6 11/11] LSM: selftests for Linux Security Module syscalls Date: Wed, 22 Feb 2023 12:08:38 -0800 Message-Id: <20230222200838.8149-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230222200838.8149-1-casey@schaufler-ca.com> References: <20230222200838.8149-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758564978811563999?= X-GMAIL-MSGID: =?utf-8?q?1758564978811563999?= Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 267 ++++++++++++++++++ .../selftests/lsm/lsm_module_list_test.c | 149 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 69 +++++ 6 files changed, 500 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_module_list_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 41b649452560..ea58c5018529 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -37,6 +37,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..d567ea9756ea --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_module_list_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..72f02a210fa6 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,267 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + if (len <= 0) + return -1; +fprintf(stderr, "len=%d\n", len); + close(fd); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, NULL, + LSM_ATTR_CURRENT)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_NE(-1, syscall(__NR_lsm_get_self_attr, NULL, &size, + LSM_ATTR_CURRENT)); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, &size, 0)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT | LSM_ATTR_PREV)); + ASSERT_EQ(EOPNOTSUPP, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_module_list, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_EXEC); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_FSCREATE); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_KEYCREATE); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_PREV); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_SOCKCREATE); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_module_list_test.c b/tools/testing/selftests/lsm/lsm_module_list_test.c new file mode 100644 index 000000000000..96120b0aed18 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_module_list_test.c @@ -0,0 +1,149 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_module_list system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = syscall(__NR_lsm_module_list, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..22f5c8664c5f --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,69 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, NULL, + sizeof(struct lsm_ctx), LSM_ATTR_CURRENT)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, ctx, 1, + LSM_ATTR_CURRENT)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, ctx, size, 0)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, tctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_CURRENT | LSM_ATTR_PREV)); + + free(ctx); +} + +TEST_HARNESS_MAIN