From patchwork Wed Aug 2 17:44:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130035 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp633145vqx; Wed, 2 Aug 2023 11:03:45 -0700 (PDT) X-Google-Smtp-Source: APBJJlFGuJnr5WlkQdRJ2MFo+2va0YUPiG3jc5yIfNid4CmWRl9qLLZ4fzkFt1M3rXcWSOclZu4y X-Received: by 2002:a17:902:ce83:b0:1bc:17ab:8d68 with SMTP id f3-20020a170902ce8300b001bc17ab8d68mr11939610plg.16.1690999424712; Wed, 02 Aug 2023 11:03:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690999424; cv=none; d=google.com; s=arc-20160816; b=fNoOkNb1gm8LMWI6wBo/3s4RrCkvrs0UJ+9rEhUiWyAtm4hz5cla31oAbNhxEmvq3T 7BcTGn7vbce9i8mH1TzeYwfB2/WArK3rNZ7BrBbxci0Y5vrbHkUNdU+F4eI4UeYv3CYS 7WND4N2ouYtrNQ4Fwps32c+WZpaebXOWPYpVxGQg/RKGlaRc0GrAbrznQPdcpZekiqkn i+Evt/4ys04O0ogQfI1l5PojkTjWXbvML5wISQq1dSiiaKkSjtYhOkN5OsE4VP4L2n/t aIm3qlV/TQeKvEeHps8MGEQGwJnkh1ufvkpwjjsT5B7jaCMpjef3z8qvxPUkGQpc3Okw iuIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=A6mBf0PznOnjsH4Cba6KEUzaZF6cjM9jVGUhLmag6CU=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=fsLyFnT2kXdBBJFOqc8AQJ8+gsJb7jA72ZEarakxCcBKH/OR6WbbuQf+RvrI253Sei hs/bblU9ukBjIhPQfSkFrhPc/5c4MIFLsP0PKsBenOBq6TsYF+1vdkAsPfAb2rYCs8yf F0F9K5N5FaHKLOPLrF9xgoUbZOFOVwywYeTQpSx+7ZkgxCx5pyelWPmiM6u1n0ESt8fX NybIOMcEZg2QcxBQ0HlIXoiqKEfgxL6kDJ0yZxDmtz22b3of+1WM3vRLJELpGefLmDD6 5k8z/PQx45oHZcKSVqh+EBp/E22DX7zc15CfI+zLBu95GOwwaGkojX+olI0GeZRDP0f/ Hp1Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="MbzXD/Bv"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h5-20020a170902f54500b001bb20380bf9si11487780plf.545.2023.08.02.11.03.30; Wed, 02 Aug 2023 11:03:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="MbzXD/Bv"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233449AbjHBRo5 (ORCPT + 99 others); Wed, 2 Aug 2023 13:44:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36276 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233777AbjHBRoq (ORCPT ); Wed, 2 Aug 2023 13:44:46 -0400 Received: from sonic316-26.consmr.mail.ne1.yahoo.com (sonic316-26.consmr.mail.ne1.yahoo.com [66.163.187.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B4053170D for ; Wed, 2 Aug 2023 10:44:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998282; bh=A6mBf0PznOnjsH4Cba6KEUzaZF6cjM9jVGUhLmag6CU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=MbzXD/Bvb+Hmqp00RBO0RNE5/wYhV6pEA0Oxtk/ztsSWeCQqOD7cbgpwXyJaSOo0Y8DqRe8EDvdNFj7wJSGqI8T/b56rs3PPyBRc7Tz39u0QO5NCtEYjg6pA2LOsepPC8WtQ7+x1uTHnFw9887QK2xYGGko2NK/k5tux2Rh/f3dRCPxYo9jbUod/155mrs2GtBhWD4SlwvIovTdg7q4VY92/oev4iT+6Wmr6SkI9Wqk5YtfCK9n29lAPggOIuyTRofxoTrsk1xWhxNIG685ViOgx2SpMWk4/CBdmRiP6vFhFacQYouS0nD2hNCKEs0ZLMDRGSMAjWjdXYVSYerHcFg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998282; bh=uDtwqe/r6cp/vL9O5jCXlp3+1w6KGL1Dzghmvcrl+Po=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=gJQGf1K+3ywqogNte4eBXyLQZ7VOofopL+JpJEbUPp5Fd11c23AMufHLIpzEjPmuEAB4zQ3EtdCDND23UbrZS+R3IxJLUa2OnStAsIFzjnGe7aWZKpVOmAMlEP1Q1fedBgAdnn0Bxj7yGpEPtnzIQ12PNPNQhQpx+0xpegnK/ciitr0BQqkUaVny2ysz8chcSduwdn3Sd14wWjfvPWtnn63vsv/cCT8YptGhFXPY3U8WzN4vqnCmeB4AfQayIn5MKpLQtnvp5jfkwuoopeMbaHFQm4KLd2WHuGdld8pDMUhBLBkdvh6N6oyIyeiYNRnECVfbGs/f8uBtvCTVAy7Lfw== X-YMail-OSG: 0OI.3PMVM1m4iWg2fji92h3D_M0DKixR5TDcHOEvkepleGCu2ZXTdk.4q39Igik BCq5uIgSrZPirXoupCVHE32wZB4TFcLEg21xk1lqbsPqy52xViHz1A5Fg9mWKbXGwS3R2uCXR.p7 ry5mdJO.S93YaCufttw6XfHqLbmU3wjs0Kd2Mtc.jeWQfS7hF.MQrOMYbpbhPhviOv_ZAP6i69bz CBz4MWR.jW6GVltn02QvxZQ75eiekjokmGSxnL6YJNL25v07PEoLaxbo.3DBFr8X9OUrIfCEZbaE WRs203X0A29tluxkztoAr.BqpiPAB9qIC.zIJMRX7cfKPC_3F16BohdraKcLx0Y_qtmlmax3Em.Q LzkZqYjV9Gr5WRpjWtAbdO5f7plnVL8t4OqgljBp9urIDXvUXchQwziEIfIAakjRzV6Nswj6oYFo DM.IM8bDc7LtcbIoocmmvkiZQ5wqYU5QzudBTnQX3RQ1kT6DLNXvt3sKZiNstf_D4IU9Rr0f3hE4 rfspEu90SyGjzgx074v0o96PRhCW6hxRjIOPoJh.AleVWorCGxiZpsbAYyKZtVra7lYp.jFi3ee9 nRZqTIiHhlo0FfkFP2CZ50OBayfKh7gauqbKjR2jNmC38q2qs_76FX8FUqCcGYRzxfuDOeGBQ1a2 G.bBsGFmotwn1_fa3g2RRiO6FL9FNRXZSNapAFzSJjdPup_ozdzt6j5jE7Xsx4IA3ukW46TLdq5I frH_M0wLHSSAZr2ZiizDvc5X2MlGGxzoxP5YqiVAHKLeExA_WTc81UFQu9yF2TM.4hdtIjKr0DRL RajByiuVWchTrdAoTtVDUjtVNs8m4U8PtJWu_mDae4CshMx_LyxtDduI0d8ZpM4Fj28wH8IzIvks wiMYnCUPvEW8eumLCmcx.TC1ipBqdF9GY_sVKKR3Z8ekxPFZxnQkIVpujPve6X3jqM5avOjQYTgu nl.A8Mepcbwda37npPRDJjtPNdYT9kt07hdZWMOrxrgxI7UBx9y5JbZjDoDGMj_c5kwmFRP6HmR2 Gm0M8x3bVvkzgFa9iVIU36J1HlTwyETqxUwIbE0XWlJh0i8F2_.qSObZR81dg4aoDZ1A7lbXrI1J JsG9CoBFs70.Tdl90tygY9mrNYGFNMqDNj4qjS9f.rWL7CybMWU_GaCQUMTTQ3SEjX_cMYq1SECs xSRNlJhHKmfDjSucgqGdA6nh1nJO1u0SIaIzxHidOV1Rbpx6DmCz.3LHn6wGeOnNKMrbRb.Z9Cab pglFXQcRuimLf.NALIfMsKJlfLuqVB4J3EwDPwySttPhwfArg_qv8KNdPOH0KH56DoQezuc28bL4 UyWS7mh7Tm2qmLhgNvtCh8RjSH667rJxFrpiSzamhLJqBpHxGa7nA1QYwrKQU4Hfrgg8BTj7MmKx OkIdEPBHJPtnsdhwjp8CCGFUZ03J3RlPnhQXJjwsnfmj6INqtl83.ed7uoUJEV9OKfTO_1neUHcK Mdztke4.ue2EFlbo9U4Sr84iGONQXsJKevJHk7YKnfatIcMzrR4uX7jCyhhQTb9ooGf77O_kzMVu KOiehlrVX9JxCWzmdufNNKAZNvbWq.jexMAWz9OGYxucmT5asgVy3LZ9sogr.WZqa_6BAGRjWbY_ aHsEPxQ15X4MJQamkdXxzeU9RMuEBQTJ71nl_3I7sxKe3YRydsd0QTj4830i0jmwPOOGdqzJZuDx WvJcrU1.QAV_oEyStwyT33JjQ_IE8N3u.1M6fXxqeX4emhA8tDDi0x19Y1CT14Cfp91nnKzDqikF s32AoMw2tZjH4DeF0sEQFbuizkc1XzM.Dn4nRXMWEitia_YulXmAZ_t85RCXWZJbAiXUvWlSk6aC LqKdkRwnr5K6.yIMX19.rs3.0zxwNmdVrc2tcDRcflEi00VIDMhQPB1H8sJQT8w4i4vI3HQfpH36 mTpZiPV36hO2Rn_92BB92Nq8.3u.uCLHjxm3zdjNG7G0mHMcmI3f_v45fMk3TIXpMVSdiv_PDjFJ kwZxyPfBRSWPsouzzmwwZD4lo9a7IK_hnYTMN28e9DumU7BNeHwppf7nZmBczOJjA2hamLhkxO.T Z_t7l6L.A1gPzdyqcVtoUKVI3Vr3I3IGN4S3S1Q2rBvrTicJHavnmxw95KCI3qGL4Tc4iyKW39pb 0kkRxcgcMfz2S0j3QBIFKa95jCKW3c4HAma8_VSwQgKH7uQzmoXhF3BWhuZCHa7HitWeW0Ct17o5 8GkCcbuRBPdgcEuWp.49HrfC8rIcvdeQGZl7sViVALZN44ts_x8203xbzVq3glrUv.YIKXyE02fa ipWp1KkGIcZitgtl3Xw-- X-Sonic-MF: X-Sonic-ID: 6fa78a8f-fd8d-4543-b293-ae269e61f885 Received: from sonic.gate.mail.ne1.yahoo.com by sonic316.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:44:42 +0000 Received: by hermes--production-gq1-7d844d8954-psjqr (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 839fbc661e28c041ce8f4c5628604c14; Wed, 02 Aug 2023 17:44:41 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 01/11] LSM: Identify modules by more than name Date: Wed, 2 Aug 2023 10:44:24 -0700 Message-ID: <20230802174435.11928-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773141413015319771 X-GMAIL-MSGID: 1773141413015319771 Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: Mickael Salaun Reviewed-by: John Johansen --- Documentation/userspace-api/index.rst | 1 + MAINTAINERS | 1 + include/linux/lsm_hooks.h | 16 ++++++++++++++-- security/apparmor/lsm.c | 8 +++++++- security/bpf/hooks.c | 9 ++++++++- security/commoncap.c | 8 +++++++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 ++++++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++++++- security/lockdown/lockdown.c | 8 +++++++- security/safesetid/lsm.c | 9 ++++++++- security/security.c | 12 ++++++------ security/selinux/hooks.c | 9 ++++++++- security/smack/smack_lsm.c | 8 +++++++- security/tomoyo/tomoyo.c | 9 ++++++++- security/yama/yama_lsm.c | 8 +++++++- 19 files changed, 107 insertions(+), 21 deletions(-) diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index 72a65db0c498..b5fa29c077eb 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -32,6 +32,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/MAINTAINERS b/MAINTAINERS index d516295978a4..aca4db11dd02 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19156,6 +19156,7 @@ L: linux-security-module@vger.kernel.org (suggested Cc:) S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git +F: include/uapi/linux/lsm.h F: security/ X: security/selinux/ diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ab2b2fafa4a4..5f7d8caacc00 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -41,6 +41,18 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const char *name; + u64 id; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -49,7 +61,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + const struct lsm_id *lsmid; } __randomize_layout; /* @@ -84,7 +96,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + const struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index c9463bd0307d..bfd049c3fd22 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static const struct lsm_id apparmor_lsmid = { + .name = "apparmor", + .id = LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1904,7 +1910,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index cfaf1d0e6a5f..57b9ffd53c98 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +static const struct lsm_id bpf_lsmid = { + .name = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index ab5742ab4362..4e94075656e9 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static const struct lsm_id capability_lsmid = { + .name = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] __ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index 13dff2a31545..786af18c4a1c 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index 1c0c198f6fdb..db5ebecfbf02 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 8a06d6c492bf..2bfc533d36e4 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 0f6113528fa4..aab13750edde 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +const struct lsm_id landlock_lsmid = { + .name = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..c4252d46d49d 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern const struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index ebae964f7cc9..9fbc90f0e65b 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -208,6 +209,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static const struct lsm_id loadpin_lsmid = { + .name = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -259,7 +265,8 @@ static int __init loadpin_init(void) if (!register_sysctl("kernel/loadpin", loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 68d19632aeb7..f2bdbd55aa2b 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static const struct lsm_id lockdown_lsmid = { + .name = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index 5be5894aa0ea..1ba564f097f5 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static const struct lsm_id safesetid_lsmid = { + .name = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index b720424ca37d..feaae09581dc 100644 --- a/security/security.c +++ b/security/security.c @@ -512,17 +512,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + const struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -531,7 +531,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->name, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -3778,7 +3778,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.getprocattr(p, name, value); } @@ -3803,7 +3803,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d06e350fedee..c900813fc8f7 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -6929,6 +6930,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static const struct lsm_id selinux_lsmid = { + .name = "selinux", + .id = LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7250,7 +7256,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 6e270cf3fd30..f3e4b26c8a87 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4871,6 +4872,11 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static const struct lsm_id smack_lsmid = { + .name = "smack", + .id = LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5077,7 +5083,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 25006fddc964..9dc8e64890bc 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static const struct lsm_id tomoyo_lsmid = { + .name = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 2503cf153d4a..49dc52b454ef 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static const struct lsm_id yama_lsmid = { + .name = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -471,7 +477,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Wed Aug 2 17:44:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130111 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp684583vqx; Wed, 2 Aug 2023 12:39:55 -0700 (PDT) X-Google-Smtp-Source: APBJJlGcatEleADRHtuM+o68zGOxhY5wkWwWE7dQfjYFNukrrvCV9NmkezK8sBajnF0TozDXJH09 X-Received: by 2002:a05:6870:5622:b0:1bf:2aa4:ab0f with SMTP id m34-20020a056870562200b001bf2aa4ab0fmr4230462oao.31.1691005194691; Wed, 02 Aug 2023 12:39:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691005194; cv=none; d=google.com; s=arc-20160816; b=QHxLm7r3hPrnEeaIvhZaOv4rjaHclksY2GdyzRCvE546Um0Om0hCf2eITrZsgwS8Pp mpAu6US+aQ3rzagG1ORiz/HUCUDk1kgf1xlPT6sCtstl0K8TgA8kdrvn/p9JVedYJqqu Ln3Q8b3ivnVZcTJqamfdZl2yO7CjFPjN8kbZm2pI3/PRT3Lb7C+473VQ0Q6ISpDO9Cj2 mfueYiDBSf0iXgqVvR01eZPd7rbYmYjxeY22IcPRBE/vlu0uFnShuTbSS1XLMOhvq9CB CbXTT+Ra5k9u3+mmiaLLU5XDR0Ne18b9rcOEkwJl7OQLnSmB8NMcLKENtF/x1OCXCkiE mLJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ToC+SC5FgpVH1bMwFJ4SomOW39/rLrbS89hxS3BAGhk=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=KzsvKN4lQCWBi4SkykfeiYVKhqgWld7GLqfAzzh10b5XD5Ix1mCsJtncz2tIFiUT7M SO3spBdoJRuVESScAYWfCcjHBFUfZ6jcZto26qKJjIIkyCx+rdLPxpBFUJayqXm2SFyc xk+yUlCkErZjFR9KeTmh+eCUqjTVP5OOoFgXPf+WYh5tLXwhJa0lKqVXjfQ5wvymOZn7 GbTDNH/OG/vuEKXIo7CyHMIkjhGpUNQfw6nE1Grc1/V4SylPMsnHEOqboPKx6u59f0QC DacUbsQQ0O07qKhkgtczXQnP3wGhaPEP+asAWvyBDjMoOMBLPh1+HfeZWCRDaEalbhOR VjCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=j10ToaCh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f5-20020a635545000000b0056399efdbdcsi2045617pgm.846.2023.08.02.12.39.41; Wed, 02 Aug 2023 12:39:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=j10ToaCh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231816AbjHBRpD (ORCPT + 99 others); Wed, 2 Aug 2023 13:45:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36314 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233782AbjHBRos (ORCPT ); Wed, 2 Aug 2023 13:44:48 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0908C173A for ; Wed, 2 Aug 2023 10:44:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998286; bh=ToC+SC5FgpVH1bMwFJ4SomOW39/rLrbS89hxS3BAGhk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=j10ToaCh3Xkb2u+AZwrCYZKaSGdHKnLwxuroIVAEEDtk+e+5G6SIzZN25Xjfj58pp5mFs5OPUY8lVvD8XIQyCl59ZHnOxpXirMYwRDQBFW7Fi870uSSeYeuaHKL04tRGCp+xsxWEaea9fbtySf5s/x1+nFJo5rNyx8avmXGI76Ko3iFqlXb8vZQR8AXE2kEviifMufYkMRKQ9jKUl2YiddxB0BiP/+apOTPVAnqT7jiVl5+BS+nMAOwIkmJN6gasZ6PDkeZjPFBSAfLC3nuKQ9CAp32ei9UQExUFug+/3BqzUsygYzNrAnad0ExNCpKwMYNCeD0myBOFY55DsCM92w== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998286; bh=ZHTlAUptwH2igMnYQ3BV9OGV3cb7oAoxuRmMOPRs4j/=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=aKJACkIO84YJ9CYuxV/YQpvICTwt5DI9NADpR+qcOzvSXPsFoeeC12rAiaHmWMAZHG7egryBjxuSrlpCor/UiVItSAhEvbIysSSpJdnMpaTETMqPmumroJRR50KYVGMlfn7wXjSfMm2eKwRsOZKA54ipU4Bec+38lMe/kg2K57Y6LNt2+5VyO5xxNHkvjV65YEvqAUJvZ3aKNTSGIqyF2UbU9lnzHHsflWxqj/Ul4ZE653O4pGSjemoB0oiimEzgnbiS6RwSQCDzA3fatutBDmXmIGLBYC0VBRGaT9XrtJBK0emXICVHAJZ9qz3occcCyBmTkD6kvThcj7qeH9j4GA== X-YMail-OSG: TKkGTagVM1mvN9I3wCAqCytbgC_iQUrEN9ir8FtHCwQCdGd7iVlTd6h62jryj.9 Bk8ofJjZ9yXIO2nQM3gQXpCnzfK_FAhVIe5UR5dadNn9edqiZdXBpBvLM80QnHEMto_yWDQkoiac toRCt6SaRcZzlXfruD_B77Cy_StwtylydmNIShom_YsyMCiiU363Wx9ZfinfQIqQSaagqa6ZqIwZ sikwjpHL0kgZ6gUWWd0_gECWIjEM82aTY6yqLOktIUnfEq6KYHAvICpOUiLnPH5ATDaAwRfcDn6e hHeocTHW39wXIk.XnPDuw6lwoVMrkujXMr2zxZf9P9vnUJMRMpO4nt83mzRNALzjACMCwX2ElGip _SguUCp9oxVlBle4QUpjrG3kvW6UtHNtZQJ8qgBKEr0Rv3lyaFZCR9UGn9vza35SsoX0E4dGHLZW MKOgaEc0.rwtOaQFFKwApMj_ZoGhR_EJnG1KI1c.voCIhB.8fclHs7DnNb22XjRquz6NWeodqlkQ NuI0ryhg12V60rFoxCkGrBEfuxMzGtXGh_LZKKmpUGNzcVVZNF.GOsbxo39BYH3XMQ8AoOUiEfzC lYsXGY0Yo4hier9wcJJ8xWnbkYd_m2S9HAyDr.5Z_K4Wq.Tjw_P2JvSGre.f.snzIurpfJFl0FTR H0ClAob9SwxLlacQ6CIrqdc53M_ypBhMWE23pvvnJv9coPxf0LfbfHjJBq7rhIYn3e_iViwxVZNi _ORLiww5Ab0leuKaIBuVdNOzXXClMmLtDQyxSQaioR_NiN8AO46zpflJ_ks1Zy0XTepO.dw7Kkzk 7lFfDygmq8cgjaJzZwUbGKEybWfg.VvPXbN2AkXEYtWU9YkaqsCq9eEnP1LiMHrzo161SiiKCfnC d_CfuEZE0Fv1H7mlcwrSgMIWMpiJ9oZnZHam7mUmNF3PlE.t6tNSjDqtz4uN7MXH5FSQ7owYm7op b7g9OYvsvtMeVIjGJhvKBQC5TZsZ50DIgwkF7VvvATJUt3NQGZQOsy2DUAdSPQSjt7TCxgOv01Do lrh_ZNy58ageulI2Ksag8jqtgaLvA5zi2dOeUGYwD5xsg2Rz424mAd.xP3VPrDm0Ozfszh6f1nkd 1UAPAp6DgU991VDzurE_BTXFlIaccOzVFlHSuODXg5KweCLewtgNzHCqXVOKD9eU8Gm1UWgz9REU K5ZnnPhn8qAOvTZNXp726oCvtItGgSLbJho0791I_b1CrHv.968ZfQxpqNdhOpJnbaaiH5j152fQ 51Xb1YfrktSYqet8wr8fHyS26vg1CaXOm6ww35kfrUnQIfoOsKZwdjHz6gD2KOmPQSGDijWRVTwA 72cqnSTRwoqEpSXmZyTj_.fXgwMxinI6KSkt27A6pSwUB.sdsRvplxrXg.qYZWe45MAHJshLMW3n ZsTIjlICEd1MoOQ6iU7HFqe2ZdtOC1JD7.lx3I8eCbwejq0oc_fgybTGQVw9p70WLNRGFpPJHcHn 4diKDoBazKZcJQD2KoiuI3hSbZS_BFFpeuu5XrUn7N0Mjy0b.gni5tRZ2TA73Qz75ppUE_dir8vJ EpShvwLG6CE5mAB0vX8EdvHgzQvTjD8XueIHqcvR8OYPUJNZHLPHfl58LtwAorzEnHKZ9yZXHZJw v4KDASZocOoCJmN.oUyPi7lzgLYW9y3LViGHX2aZ9fpigqyi34z9FXFtCYALisbhAs7Oo0c1cjYz YZCBFW3_yq3dLN_5aJ_x_Qj23ESpWSna48SsWTrswAcNwaFGPf8LntE_p3B1GnRWm8R_bS258HEb j9mrn0pF2gYHlpmF35PiutGkoOScQ4pB8f7Y8AVvtaWatUjUNWCrNaNf0B9vD1rv4CRPp1pnSH1Q wg9d1M99dKgcppPF9poGkM8RWS2WAJ5Hzp8w4FCx_NHPlsEDLC5kq57wsgxhb4Z.i2kQrf_JQFKk fvRRZN7XSe9fKi2nIMalg5Aoh4MpVQAtQWOqz1QKWb90bPPt7wIwGjgFRFuyofFvQ0yJMKAHZmKP qGihEetmL4v0eav4GfUvi1HnD7ztTRFT4pa.b7WqzGBhTxzsxVmv89k6rSaL05RwMmmWT4B9fGrq sTzM0q5gmrN_J0Dv1aegYEo6LhUmac6m8gnzxjqdmtuC3YdvOMoD9BeTqqhQWpg7Kp_3Y3uxdJtF .QtF4aH2E_ZBgAOIUpHsDvGxZcH6Ya1oWTu2UGqVCOvmRZp5vOO66PLkxGZUAPaa5JOMWtS9hiTk MngtvroZOJr.14IHlx9_9WWMziYiARUVQKR8EUq4RRbnDcsmie2y3iyQ4CzVuDvcTp9hxLTy8GSe npkBBpsJkuJsjRfv2 X-Sonic-MF: X-Sonic-ID: 427dd040-a3fe-46a8-a4cf-987a71033c9c Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:44:46 +0000 Received: by hermes--production-gq1-7d844d8954-psjqr (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 839fbc661e28c041ce8f4c5628604c14; Wed, 02 Aug 2023 17:44:43 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 02/11] LSM: Maintain a table of LSM attribute data Date: Wed, 2 Aug 2023 10:44:25 -0700 Message-ID: <20230802174435.11928-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773147462834967089 X-GMAIL-MSGID: 1773147462834967089 As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: John Johansen --- include/linux/security.h | 2 ++ security/security.c | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 32828502f09e..a20a4ceda6d9 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern const struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index feaae09581dc..87b70a55a028 100644 --- a/security/security.c +++ b/security/security.c @@ -36,6 +36,25 @@ /* How many LSMs were built into the kernel? */ #define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_CONFIG_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) + /* * These are descriptions of the reasons that can be passed to the * security_locked_down() LSM hook. Placing this array here allows @@ -245,6 +264,12 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __ro_after_init; +const struct lsm_id *lsm_idlist[LSM_CONFIG_COUNT] __ro_after_init; + /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { @@ -521,6 +546,18 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + /* + * A security module may call security_add_hooks() more + * than once during initialization, and LSM initialization + * is serialized. Landlock is one such case. + * Look at the previous entry, if there is one, for duplication. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) { + if (lsm_active_cnt >= LSM_CONFIG_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + lsm_idlist[lsm_active_cnt++] = lsmid; + } + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Wed Aug 2 17:44:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130037 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp636989vqx; Wed, 2 Aug 2023 11:09:09 -0700 (PDT) X-Google-Smtp-Source: APBJJlH10PB+pB/vlQMcf/GGj1dJet5Pij7/KVj2+dGXdpe4plo9Dh2u1llFtit18coSOHyOdRei X-Received: by 2002:a17:902:f54a:b0:1bc:c82:935a with SMTP id h10-20020a170902f54a00b001bc0c82935amr10791583plf.33.1690999749294; Wed, 02 Aug 2023 11:09:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690999749; cv=none; d=google.com; s=arc-20160816; b=EnRWDLu1sNGwr8pmLBL4GrNDzTUjjQaGJkEl9RW3j7ZSBo95BlmmXh04hNOwQipMzE gofVrvOl8GzzgL9/+MeeJo0Y8K7K7XwvFTDU7rdX05SBCN5aLW6OLYoFSSBDJjWnVdtQ LSJF3LvjmsWamleCskZNupPDFV7rVJ9nSeKpH3VTbT+Np8QnsOuNnpZrFoz5eJ+hGAjO 1w0vJHYefVT0PN9kC8kYnfAmY+VcmRhBs6sv5GhX8qTi+lUSJec3KYLyeswbSjZGZShC 8QCbt136o0W8q87k8JDQRA1QNhoj+JxBm+nSoFltREmyxR7XJnH40swfOmmo6tRofpB3 3W5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=iaQolsl3sFRyW5C1He9kXXrK37N5lEsFb/9+BTkGmFg=; fh=0sU59JsE1Y0wqX+NJr5BP7PhrfizGHtI2ZHNvWH6orQ=; b=CpKc9YL68qhf+PPbdtBIr3eo2YggTGC8UZfJs+WFDCrGbM6iisdmVq9MJPMpMapo+8 arqwqXGMa1LaNh87yi7YgAuDBU1VWP4kCvU5DEnNEJEuSctTIYxvzgXGLpVbpP3btu7N 1warQq8/s4SV4KN4lzHmyyunmjW82tXIkkpq5wg1L2jXYiUD2cjY3pTlINRaE2x3a9hX avDHFk1KKYn1XB0Bm7t2UuFwOa2WAi/EqdpkJovyzTeuaS091lHN3nTPXFSlsS1s1sFX Ss9tkBY8l2I6SKDCjuxY7/Pw2dpaTSNUSacDmVF5kyptd+ddF2DJq0sVS1EiFM31zj4B ht8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="V/dQEF1k"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t18-20020a170902e85200b001b8c4021be9si11769465plg.397.2023.08.02.11.08.40; Wed, 02 Aug 2023 11:09:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="V/dQEF1k"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232381AbjHBRq5 (ORCPT + 99 others); Wed, 2 Aug 2023 13:46:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233850AbjHBRqy (ORCPT ); Wed, 2 Aug 2023 13:46:54 -0400 Received: from sonic316-26.consmr.mail.ne1.yahoo.com (sonic316-26.consmr.mail.ne1.yahoo.com [66.163.187.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EAA252D74 for ; Wed, 2 Aug 2023 10:46:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998383; bh=iaQolsl3sFRyW5C1He9kXXrK37N5lEsFb/9+BTkGmFg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=V/dQEF1kOhNPyHofyT0gg2h2tx9RiGs8xjpsXJTVCtaQCryfjIV/o0GAQ4uMa1Jlyvc1S7PSHHQ5tOuidTY+pk4Um2k/lq8171n8fSV3Ww1+rtSOv2E6o5B9UnTMkK5t+Ex1nBM2L+ZqjYkEG2jTPyzWFLOt3gZ1E8f7i9Jmn2y6xqu10xZqPYcsOvwIkFntd7s2LVo4vRvQjqUs8o5TlkboIcF+c/lmdzrfGcAYuqkj5aGEWxTmF8pBZa41BxTllFYRi+4P3rVBrGrwB8H4bBTHybFxzZiuww+yLSw/wVFnAj1iA74l+5V0QY3LR0Dr/Cr4F4PTacnFSRejFGSeNw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998383; bh=u2my3CohSbo13xziLaVtDHzR6Ptf0wTHKjyQVu8PBBR=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ex8JE0R5qhc0rac9FiQhLXrb6f5pUlYrl77xSnPx67koGg1FB/C4DREhvUPwB2h7bBznt0NyI2fEmHTmKghQ+PvxsE3KUmfKNHKerWC7K2TnGF6g+SBC8BlSB59ZPtQlGHUFvnJl6HCg51XwmckkIBC3b6pqvJ2cQpxbY9sSO0Cv219AxMUl6Zb97odIUSBNkW7M2jM9cMtyDRvbu2QohQf7n19DsTWA7XuWp6/DE1lVY26wI87YSRiV1GPvqZVtJsqV2FacDKSw5LBCogEkjqcU7tkceixFhYKOYIDE7bJLef4sbgsi9ZRKjVQtAGWFjcGAJJTCPQAMS7vq933wLA== X-YMail-OSG: iPGTO.wVM1keLaDBUoKuDAhqFN3vtRLoukHHj1gacSHG8SnRNeKdhxg7hTBd1LU FxzW.UvOiXJd7j_bpr9wwFrIRBkNB7iuiXSvsBgaQmEAYzJzAyTrutO_.AbFKLTTWHuL6ptUPN4s .7qjDNZ4H2Tue4BcrxvUDTkMFEA27YsfiepOG6JnU0KnZ0YKT97r_nEQ9qeW.rv1x77_Y1kqYv_G 2sucrz.DrOAmBuw14ACcV7SplWcb5cDhhGnmVQAFacbacG2MAFPcwmZjTKU3xMCHNgsvd9hlV_jA crLmpNioe..rf7lK8R2JIoy3eQwnc1zjvMGzmByseoy_J6ToA3O1KSp0CJr_gMsVMS7_XKXdOTzU E0izgZBXTRcLO8cf7UE1SZqA5KCl1qYzPSOtfNVWLMxGGoFSLeyM1LG1BYo4Sx5OFr.LgRo9s4zR UDH439WDxiQwIMO.pv_c6HvhoVA.r1MAEKCakaekZyt4pLuC7ydMwqPfLeO.zt_63Bi0CLJinsTT ji1V2cV4Mbq09CIN2VpH3cOTypEfl3.wWZ7knGl3J3VRx5VAEDf3BbQt3BVEBQAO09hTCdJkhZKW b0dnnagVmPzfg.GlGw37WOJR4q0oq2dzushjyCMSIVePTvZrU_GkoNT.UG_DkvqnZ7TjiS_LNWix 1UPMMTdbcmP1PxTxN6pOchaawAfbarmHxgoE4w7JFUR_NbmDnikNUD4N2OyEWRuxWCl7mCILOCLo hpmA.1cGAQMf3NqpGusd4.ee9e7g0mxrO5TYqVIHF6c9gk4QxohrCz83ULhSBrwPzJTVJYLDpGsj LFbgzAFzS4imC2SV2723xa8pdMWoSwI1SbTHNP8_fB1QGAfIE7mYOiyyHZbeBBnHtkxliedyF5Xm 5Me8Kcx.0ZBLC.HY525FQvf0OK_Ne150DuIACc1M9kyI0Eaoxv6VJddyK9Ij0s0OjAFrmnqcCo_P H1Ow.q6PDYJ0bAy3p3wJ87PnS_Yh_Et07RsLuwTkL7q8T4Q8xghmElFOOCX1zNKVqSFkwC_T92QP h4JX4.RiFbKlxl4h3_51XVmeBv8RxUdcMW.ADkZFlScypvZAMCg9SmoHgyCamXP42IVjWMooQEoP rBpDm8fbUN2PIzeUG0Qch00Af7b.TTEBfLSlbjk7dw5aOkn0zXz.zpkhUNIw5euZGpFmir5eSVeZ w9BVffwnz92Ioj27OEFI9gupHuVPjFo1hleKl0JwfR56j4nlABmwfW5GHPpB.OqwXAsi0zmTluLJ L4K8ik8Yxt_mcKt_oOEI.ZvYErsmKGaos9v.jW8IKsihB3Xq9K7bZldFAZ12PIyrKz4z_GgWf7sq S.EJ5THtDLWpZEii0r1ZxcixgoJE3eeH.mzyuAVSev9rp0na0..qUIJbF3BjvzozDM7R0_N1QGII dPUL1Kc7AcNzaj5i43fC07XnZs3jj79z7RiNStR1VvuTIeqJxVXgi7yjfr_wyMUw0LcIjC6EayRR P2.MZyDSRB58frHWXvC3qJV9shagwMhUges2nOPoH.oRvQ.aDZ1QGKBY0FWhuvJallRf9P5QQkhg SCKJUUU9dcWl69TvPCKlUkU3ZWToJxwNj6HX2q_DnI_ZChe0XW7mLnxKsw8W5FqXKIHGjuArEhiK QhcsSyysb2VOvBptNOwZQOoh9eHiz3ys1mJvhfc.HvWearV6AJ2i9jYldKgtLQkie_UBw6oBLcS4 B3TdU_ahegUTLFwA7_ebX4vu45e1bex5fK1YQtNvPO3hQurekwjxNGHk1rrFbyXzN0dDq8oNzHfz WuwVcsf8Bi_9Uojq0KfhHlxiEdFPjL7ttMuzABohaBp3_lCmJl4g97S4RK0lJdJ8qs6GfbfQ91ZZ lfiV5LM5C8V8KLSMY9tozlhII54e8gqew3EU.MmA5ZhaXySJA.TxMmtrmVpbwTYZ7WNdEN6YTs2w ymJYIT3.df8tt1zZqzE92ZUat0jLbcks2RpRL71BCd0ckn.ydKDxyAzy25CP._fm8Y6zYJOjROZR NzvAz6f9E_V968kU2sJ.x0nrMGnagQMPlUCipndQRPwFnFz9YUD5UYeos6jAj_bAOi60.QyepTa4 QqrPN5Ri1Y1eNizWcSbSJvkZAbRbEXfHbU1NFnGsExo7fqgLQNFxHPzkzkHjwraR.TgO9KvxCRxg EZa7ZD2o4T7wUagTuvseI86REIMPepY05E2DGxD_NvCEcWddhjf.GwUnmmklwklgc.W24N6tMi5i WAZumxt8fUbp6U7m1ZAqHKSoSPSiTFBoNWLpttAowtyqr5.fF3genAJSYOjERmd0sJeoTHqehmkA HXe.ahe9igeA.t6UAVg-- X-Sonic-MF: X-Sonic-ID: 68ffcf8b-d10b-453e-bb7f-4324b32ce5bb Received: from sonic.gate.mail.ne1.yahoo.com by sonic316.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:46:23 +0000 Received: by hermes--production-bf1-7c4db57b6-4hrkz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 49a3a41e5715f67667cdb3b18eebd6de; Wed, 02 Aug 2023 17:46:17 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v13 03/11] proc: Use lsmids instead of lsm names for attrs Date: Wed, 2 Aug 2023 10:44:26 -0700 Message-ID: <20230802174435.11928-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773141753122863506 X-GMAIL-MSGID: 1773141753122863506 Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: Mickael Salaun Cc: linux-fsdevel@vger.kernel.org Reviewed-by: John Johansen --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 15 +++++++-------- 4 files changed, 28 insertions(+), 29 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 05452c3b9872..f999bb5c497b 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -97,6 +97,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -146,10 +147,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index a20a4ceda6d9..b5fd3f7f4cd3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -470,10 +470,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1332,14 +1331,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 87b70a55a028..5e9cd548dd95 100644 --- a/security/security.c +++ b/security/security.c @@ -3801,7 +3801,7 @@ EXPORT_SYMBOL(security_d_instantiate); /** * security_getprocattr() - Read an attribute for a task * @p: the task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @@ -3809,13 +3809,13 @@ EXPORT_SYMBOL(security_d_instantiate); * * Return: Returns the length of @value on success, a negative value otherwise. */ -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } @@ -3824,7 +3824,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, /** * security_setprocattr() - Set an attribute for a task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @size: attribute value size @@ -3834,13 +3834,12 @@ int security_getprocattr(struct task_struct *p, const char *lsm, * * Return: Returns bytes written on success, a negative value otherwise. */ -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Wed Aug 2 17:44:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130125 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp706868vqx; Wed, 2 Aug 2023 13:25:14 -0700 (PDT) X-Google-Smtp-Source: APBJJlEPqBiNE1GmImHjlCQT2LgjZstgVBIKrxfYV+tEvyqOLJ3jIBndkCfeUx3R9PITv9IcUp2m X-Received: by 2002:a05:6a21:998c:b0:13d:7aa3:aa72 with SMTP id ve12-20020a056a21998c00b0013d7aa3aa72mr13683424pzb.5.1691007913820; Wed, 02 Aug 2023 13:25:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691007913; cv=none; d=google.com; s=arc-20160816; b=I6MlQuN111P4Bfaz6j6ictiq8gfu/ADST+wRcEAFSAPJI0+OOrNpGfOHjIBOdGHfIj 3Cl1ogipWqr71/h7hGV4D+CGwI6IzK+nHTn23RtPC2zw8kLZ8maZX/Yr4y5q5e7g7CpR A7khXqUMpBLEMOfyLpBSm8xTDmlLYRpw2DWM/rqIpDLIC1XR6y/ZUPOGUgmqxeHr4bZD TFuJrk/VP6BGjVUvNjOwPDOp016lpRyS7vVXyLnwpR3RrV2rej+fY+NXpcmeapoiFNZB u5Ka9J7DZI+s5uMZRMX+EonWrvoa8yISMRL+TXEau4STYnKGDdvcvCb+IVo98lHv+2+B xPWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=uZc+MJKnm/BXANfaxK7gQt6Nw8eojtSaMlCWNkfATAc=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=bJwQX+Wc6nxdQIl/4QxUKcNlSljJilPi1OMe4wUfbo1/Zq+dnqLzJfC6jGrY627zOY mOtmKn4xU5Or7LYuM/onT9qgYYBG2fHIv/V4g+SypxgYcM5w4PGPpSRO6oTq9UZA+5cH c8ASUxLot0Ouf/oCtK7LKVUHIHj8rGUAZsQDg5Lzl8y94h0+yizCtcOrFeVDkVTHvDuo uzHIN9wMD7/CCC0NIDViuPsohj/RX8I8kZNJF6Tn3Mc9VPq4WFhAD4rDLq/IkBpymcRi urC2oga+/lng9eMCj9+Fz4kVgA95TLmN1u3VT1ogTT3y8quQkR5n/ND1eVViOBtC+hZl TEYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="Etx5IFe/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ck5-20020a056a00328500b0067b51fca490si11181779pfb.248.2023.08.02.13.25.00; Wed, 02 Aug 2023 13:25:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b="Etx5IFe/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234007AbjHBRrP (ORCPT + 99 others); Wed, 2 Aug 2023 13:47:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38626 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233925AbjHBRrH (ORCPT ); Wed, 2 Aug 2023 13:47:07 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6DBB23598 for ; Wed, 2 Aug 2023 10:46:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998386; bh=uZc+MJKnm/BXANfaxK7gQt6Nw8eojtSaMlCWNkfATAc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Etx5IFe/BHMp1iQV5NJpbEW95vHl/B445Gdp4wH7b32X1iAthi4+17clcd32/roph99rBAL+NH0GxTujEeX5Lv7PkJm8cjvMveJl7Q89F+xGX7lcB0lGIF+qC8Xvnx34sCRCA2PEzCPoIlutiFRlKyA4hB8mX0sBy837klRYidTmqiO4xOk5xHEh5yqPC3YFYAzeHrslTIo4Ej31iwMxF+M3gUJ82UCvyIADjtkBgT+nJfrDiZxLCnyJrpHlFWLeVe33ET6+cw3esSv2obEwieSdHRYgg7jwzFlgTaWFd8bLMJc5d+8Mf+ieawwV4lEPqcu+8+5w4BWKDmHKurKjAQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998386; bh=/L4COYQ3d4j16mx5eVu4E6gTXdyeAG7gbVGWPNXDI88=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=UJq/zjNh98EGYeEOlSGfVDLtSHAU19cJ1Lgkci0WiuxUZNzddY2IWJhnHXXfHn2s5Jw8tJ9cSA+eMyA8623AdpCBnYkqS/EfTpqT5xJi/TXEiGK0bb23rwNit41q04CwPZ8XNICr7/R1NBRG1hFGa0/Ycl6OFXGGJaAUYBiRadmNZhC1o0jrG19LSziwsMGkjQLVZgXBM7rYtZDC7LK0/lZBs9DRwB8iqWJYSw7qh3kjDSw2nZj5hAlnY2K9AXCXYeb/tHQPJ5eTLJt6/r86u57RTzAyZScCdd50fGhotcfgT9ItM8UP3aohUtsMZClE7AMGDGijgM7HTOBkNXSnzA== X-YMail-OSG: g9XArv8VM1kudSpHQKdzx8TLrbzsDDdG.sOyRBocrDYdWrPhESO785DVA6Mybh6 _V0Gn4th4w7PTdo1c9d34cD2RQ0Uesylnmdg5Jw8BmUbc.FGQvb7psinTJGvagVZcuy8QJEPFVEJ r9.fLf9VVANdNYjtN0MlGeO_E77ItHjqMApC4M7radQ.6J.4dDyURXZWkmSmulmD8tRRmz4gwCVi xlHhI9dKagSgOGYaPLZ8EIYs4Fj.2p3f3GesdQLN_RcjQfvZoWT5oUQ8jxbCxxyn7MsgmJHRHYc2 y2kh9HxI6iEeiAGQVsXIwcMOQb2lc887V5h.4xXzLizhll3XP5z.f5bQkEQrlQV9.ZW37TuuSRqC UXEHwF9.1YnxzYj7njck4qERRrLVPGMXS7p2veKbX8GaU0bcOYOWzUX.zKr8AhZ2v9O8bmMpY5xD pbq86PF0nMbIYTdNEuSnGIpDbFPoHZDUFTbo0z.gBnQnOWbgfsLsoYKoZ0cN74RTDnjHir6Ez3uM wfiuaCugEpgEVni.EqUEW0yzgWE24j5s234P.uOY6H7YLOR7yV9IxK187nC_SPzFolZF5vjrUgdc a6o2JraNxL0xbM7OHsrEZOK15nD4Wu1C4fNEN1IQH4ugO_ABfSDn0sa4LvmqtHrLdKcuSVn7zRn3 cOTb2LxplLngdpqoYNinlpOXsSuV1lVfbG4J0Zjj2F502GP63iS5qqDP_zS2h34whb.GNVwu8lFF wRUXAJ615rI5k.A3OTcXTXOeTscIOHR.IFOu7reVg2HOkDGnN1H8IX9egQ48rkc4Urb.wZZdSb_q .UOOl4kgAIocNeVTBeeWKIWr8bFMbuZhhEYrIuu0HPHvdqqWVRsHvB3bk28B20ak8jpeRse1_lnv v_.cjspqC1MG2NSRJkhVykbdKY7jY3EI9iB4RrjxRdknn8rNtCBdrUTPwRbXFWwOiid6uZ64384t 1U5EQiUhdE9go9UaKjCLkEFPkIQx024HJ_85l18yHinJRg6KCIUfJTE.op95tAY60p1WVmJCn9.h bu2B0hU8YOOqJD_KIz7Elw_5HE6neRpJWpyqDBcu1rtZgBOi4EYRxFpriWkKJGdvSak5WtKIHsAL AMhRt_7RF3S1WVqgCen91gpG8w62gJOTyHdWz2vGxiuNe_v5FjowjpdCg9mSF8yFMqwiBSUjmGZ1 _imJz3mUkuSHoNIHNRHcP11bMv35QrEkzA03qAOz8Ai0rD100nS0pF4sWu0BcSjCIkQGaDz_4zVT hC4WfoURmdRgXXbOVII_dFei23SXFUA80UhCa9XpT0xv.SrUIaNffS5D6_PZG1O7KMcPnMMUvafG u.Z0xIxN0o599FRJwV8MErpJpvV_cS0WY.yKeneKT8NMTncgztK7wlclw.PqToR6LG98vYCLC5Nu 9znOQ5C8q_FmK_DzeSqFG7qEq.UFDsZdKqHRpAUpTuEYBLZKKLlZ4i3SB9fIGPjSO4X0bQ6SwxTQ gWsrtxVWyZ423NduD6U9pab.RKhZRSbxua4AENEd3U.U.YbEo_WBd72Nezuk2vhWqYj0by1l_R3v Lztgt91X_a86Mo4V5ERv74d8OkYjQAXufH.cxPIRO2gMP4AObIo8ZHqWTxT6Fruv7RiqkyEKP2c_ 8vzOAxU9cey0pN8YY08cXobitFdcDSA8dsRmjz5hatsMIb267hnaegeWHjDV0vP9vmf36cRfT3ew SP7GEyo_6790febLV0iAJJLk5kQC3mEIG2H3FTp2hq.YFMzr6neNNQnjNN6s17xpph.XPsWwiafo Apiou4SPdO_MvgFj8wK9McO6CZw66cUkFXwCMaEt3kUgrTHdVcIhhWysYV.CFd1swUOeOC3iZybV 2KXXPJBM8V3E4MZWWVGDBpI3cvNSqZCMOT8HyYu1t5_Lqm_Dr4lk0SPULB5t8ptw7QjomOUP677B ASOfmpMiy84hvr.pZs9.H_zlatClQ1ouXTJ3VFSDgtYMWqjdKAwCTLSZMkeUyZ3N9hFEgX07cY0x i0AAjAgJkDze2o1qiPxIv30Upauso..GzwHqRgD.B2It4eeKI5LSC1yotulHOFZvdLh5JRTymLpy 7Px3sApZ4t3BDfWSCnSqDNy5fR8jxaoItjnTJxZGafz9tUZn1HyeFRn_BmaAJG9J5p8RYSYOQYlg WElkw40TUiYlgOAojTnh1uciDNyPcJV6aGzjIgsXyKA2HOQySY6yvUBDxCU_zgNSZigVuW0us4NL Qd4XEwuTvrQlEnU5SfKxTi5ljDMeF6joEiACGzg-- X-Sonic-MF: X-Sonic-ID: c542e6b9-7384-4f37-bb0f-f8a230afe973 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:46:26 +0000 Received: by hermes--production-bf1-7c4db57b6-4hrkz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 49a3a41e5715f67667cdb3b18eebd6de; Wed, 02 Aug 2023 17:46:20 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 04/11] LSM: syscalls for current process attributes Date: Wed, 2 Aug 2023 10:44:27 -0700 Message-ID: <20230802174435.11928-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773150313984974833 X-GMAIL-MSGID: 1773150313984974833 Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifies the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: John Johansen --- Documentation/userspace-api/lsm.rst | 70 ++++++++++++++++ include/linux/lsm_hook_defs.h | 4 + include/linux/lsm_hooks.h | 1 + include/linux/security.h | 19 +++++ include/linux/syscalls.h | 5 ++ include/uapi/linux/lsm.h | 90 ++++++++++++++++++++ kernel/sys_ni.c | 2 + security/Makefile | 1 + security/lsm_syscalls.c | 55 ++++++++++++ security/security.c | 125 ++++++++++++++++++++++++++++ 10 files changed, 372 insertions(+) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..f8499f3e2826 --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,70 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: July 2023 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Kernel interface +================ + +Set a security attribute of the current process +----------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +------------------------------------------------------------ + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 7308a1a7599b..6dffac59dfe3 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t *size, u32 flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, + struct lsm_ctx *ctx, size_t size, u32 flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5f7d8caacc00..0662e5c2cd06 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include diff --git a/include/linux/security.h b/include/linux/security.h index b5fd3f7f4cd3..0d882cb221f4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -470,6 +471,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags); +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1331,6 +1336,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_setselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + return -EOPNOTSUPP; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 03e3d0121d5e..a3938850752a 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; struct cachestat_range; struct cachestat; @@ -953,6 +954,10 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l asmlinkage long sys_cachestat(unsigned int fd, struct cachestat_range __user *cstat_range, struct cachestat __user *cstat, unsigned int flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, __u32 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..eeda59a77c02 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,90 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_UNDEF 0 +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +/* + * LSM_FLAG_XXX definitions identify special handling instructions + * for the API. + */ +#define LSM_FLAG_SINGLE 0x0001 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 781de7cc6a4e..8b96cd01b485 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -170,6 +170,8 @@ COND_SYSCALL(landlock_add_rule); COND_SYSCALL(landlock_restrict_self); COND_SYSCALL(fadvise64_64); COND_SYSCALL_COMPAT(fadvise64_64); +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); /* CONFIG_MMU only */ COND_SYSCALL(swapon); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..ee3881159241 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: reserved for future use + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index 5e9cd548dd95..cde7f3a13e7c 100644 --- a/security/security.c +++ b/security/security.c @@ -3798,6 +3798,131 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: pointer to the size of space available to receive the data + * @flags: special handling options. LSM_FLAG_SINGLE indicates that only + * attributes associated with the LSM identified in the passed @ctx be + * reported + * + * A NULL value for @ctx can be used to get both the number of attributes + * and the size of the data. + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx = { .id = LSM_ID_UNDEF, }; + u8 __user *base = (u8 __user *)ctx; + size_t total = 0; + size_t entrysize; + size_t left; + bool toobig = false; + int count = 0; + int rc; + + if (attr == LSM_ATTR_UNDEF) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + if ((flags & LSM_FLAG_SINGLE) == LSM_FLAG_SINGLE) { + if (!ctx) + return -EINVAL; + if (copy_struct_from_user(&lctx, sizeof(lctx), ctx, left)) + return -EFAULT; + if (lctx.id == LSM_ID_UNDEF) + return -EINVAL; + } else if (flags) { + return -EINVAL; + } + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + if (lctx.id != LSM_ID_UNDEF && lctx.id != hp->lsmid->id) + continue; + entrysize = left; + if (base) + ctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, ctx, &entrysize, flags); + if (rc == -EOPNOTSUPP) { + rc = 0; + continue; + } + if (rc == -E2BIG) { + toobig = true; + left = 0; + continue; + } + if (rc < 0) + return rc; + + left -= entrysize; + total += entrysize; + count += rc; + } + if (put_user(total, size)) + return -EFAULT; + if (toobig) + return -E2BIG; + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @ctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on success, -EINVAL if the input is inconsistent, -EFAULT + * if the user buffer is inaccessible or an LSM specific failure. + */ +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx *lctx; + int rc = LSM_RET_DEFAULT(setselfattr); + + if (flags) + return -EINVAL; + if (size < sizeof(*ctx)) + return -EINVAL; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(&lctx, ctx, size)) + return -EFAULT; + + if (size < lctx->len || size < lctx->ctx_len + sizeof(ctx) || + lctx->len < lctx->ctx_len + sizeof(ctx)) + return -EINVAL; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx->id) { + rc = hp->hook.setselfattr(attr, lctx, size, flags); + break; + } + + kfree(lctx); + return rc; +} + /** * security_getprocattr() - Read an attribute for a task * @p: the task From patchwork Wed Aug 2 17:44:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130042 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp638558vqx; Wed, 2 Aug 2023 11:11:38 -0700 (PDT) X-Google-Smtp-Source: APBJJlELGBrsPdEUElGH4SaLiE+kdrymvXpe7iapOn5/Tl4H03CWs4PVynuMU83dnvyLIjb6neep X-Received: by 2002:a05:6a00:3a02:b0:682:3126:961a with SMTP id fj2-20020a056a003a0200b006823126961amr17474258pfb.5.1690999898133; Wed, 02 Aug 2023 11:11:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690999898; cv=none; d=google.com; s=arc-20160816; b=yAaBPJCM0IZOBsc88EFx5nU9IsXWksolwxh25CiW4D3Z3fU9QJyOKn4/IfaPU36YrM d1AVywGvrUj+xGx0IWaUJvIS80xEAMWllvsaW2Zl4NKdM8LSl173GQNy1wb+lzypsnoF SU58GKzLZcdsreTBaDbNdH5o3qExGZ2GgppviJ0yH3h3zwekFLFYOKwUvfLQMaL3DOXu r72Mub4MjazcrRFxPB/lT7d6kQWEkRRlXUqV3/3OaRJ1oWB+aUp+SAR08zz0sztvHFQ7 tFD2xpZRlwiBojxDgwsIsXXHCbjzSuHJ8bJfN+BXg93R6dW6uSbgyWjh5p34IyLAwXyd SYxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Y1fV31WoZBdOWHfVRCFl5XIEKdH7s/vbHNDfKMxPA8Q=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=sMHktfuyEgT9vEhQXtAwvU7LOWS0RkczL1eoxv4QMigAsBmRBjHcsbqCiD8ue7e1vt WhdYjUJNGQzqj125nMcRaWE/8XK8AQ1ryMc7o777hMA2GVUipYJ7wmcYgZs7AWozxBGp o555ql47k+GIJG/fslxNidFTbNnbggtuv13gw+yjkNUu0ubbtdJszUkNGG5ooQ55N+wE 7BK4AN2QyeSbfshzF2451m56DX1jMHf5h40m35JAvEQxR9qWUxBZ/XMT6oO5kTqYD5rI WjrTrvaAby+Le4eL+RoGS1blU+aq3b2tUBWBI/rJT23GJs7VBCA5frhCW/A4+/zW/Vzw KB9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Jr3Aj1VU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dw27-20020a056a00369b00b00686f9327e71si10522751pfb.359.2023.08.02.11.11.24; Wed, 02 Aug 2023 11:11:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Jr3Aj1VU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233978AbjHBRrL (ORCPT + 99 others); Wed, 2 Aug 2023 13:47:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38614 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233850AbjHBRrG (ORCPT ); Wed, 2 Aug 2023 13:47:06 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89334358C for ; Wed, 2 Aug 2023 10:46:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998386; bh=Y1fV31WoZBdOWHfVRCFl5XIEKdH7s/vbHNDfKMxPA8Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Jr3Aj1VUXkzyMebTtF4qRYV1cEaqSxhUTDLVqZq9xTq+55jhT2n22SUv2OOCb9dkfJiZZL+Q2X6hKnhC64yrVov7ABkIYEl1qMKr/y/1Diflbs+hnsH+N/rjNbjNJskr5Djr0DPkcLtp1E9JSs2AtX/2jKvGMH56BOhID8YDj9LL4nJb+Mcvf1hUS+LBXokFEruSlMqc8pcZFILL9wc7Oq9gYCjKKk30C32eU4BCdKJmEOjd5c+3v09NpYrXUvSpB/r/JdU8sg6uqpiSOkdCnsyC2UQM3PzA3asId7y8+YJn050wTmrfDDznSiXX00cfCs5k51vKSBQmk8sq8/kUgw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998386; bh=PQ3R8ejLbUqn7UDREfls3q6QZa+4XyICXqpqmVmbt5v=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=QLoPAH/zfNq3IwBGddxNZQNSYg8B1cVUhHPz4btDjbTtJVASwY2yFweAL/N06FJRCcRxZTYC6w2LPjJshipmONGESA3tPzRh3/ETU4ra/pDfgQmreuj0Dmt2hYvlGQCzkvj/sR9K3uHkwHv4F+j7jByiDGX80TaHNZXnRfVWtFiwUuvan9MI6bRJK7kUS07rucQGXy+irUHBrpwjrsmaaJpO79iTOs4j1HxLVbdyUCLF7azqRcY0V/FIjaDmsBFesSK3eYHXLU3Z5Pg9sT09E20XeSo8nP2218mGmNmq/Quat/8i88MQVGI4FOs6BEFRffcWwdbiYn3zzqz5qRUnFQ== X-YMail-OSG: T6z1KTwVM1nb9rkn0bLYY5ra5YFGH8lfa85Zu0MXPQzFioctG.ifeJ6VC_ngVoc EEoHe6O.tfufRtKy9DUJOLG9BwG4TaP2BiK4TLEfMloEdBp5hWSvQhahsSQY6uR1TTXJQzFsGSKG KIietpIPiYJ8bLw9iep0Jn.Xor94jpJqmiHf3EGI3buh0Ym0JU9xepxJJle0N7WRgYA1StwJFYQD 16kqqIBLrP.O7ER_IN1reGKozEey4arw9YGZ.0JpHgolbQiFtPec7kST3iLdD.jJZ7BepdUtNpfQ B0ijyy1Kdrj.7gDpx_r9bxYoNTTs7BfzdTiIuWrb98Pe_4xeRoSOZWBbw81lDxRTfWbVzKRDxttk 2ItndpQW5KwI7VwFB7YC69t6fuD2wYr4lRoJCAlt.PR.XTzxJblJn91Slz7I0lc5NozeLOHnl4_6 eVYkM90PAaIK_Lt48_AAixPUmjor6kvNyQ5qUknzCVmwKJirlW0ARcpp5GSut4EOjI9Wrj_kPKeW QSq.GYXHh7Fp4SuGsjfinIs7ugonoP2V_7nbr3f5Vv3Kgt7Xc4jv93DR7o3jV1LUCb9XOHfAm9Ib vEH7p.iZAFFoaPReTZYF44HKZalYilNxYCwzTqCrDdNmmNqIRGKFi1kuqvk6JCmO0OjbDRcoe2O9 RqVAGWgmR.omH9gRWYFZY8Kw_Lc3ayzx0TAs9tyJci8vi_RRjmv7m_wlYxx2pVux5dMj8YwSaXu6 1fBdFO9wqHmvnZd2mL5FYhOXyo7jONMsy8z_KD7pcglHkijCTGvHyMqKII4ill4b44fIbyo4koZi Rqt1qICgNIxTnwR6ArMxQJtIYoYGnNB5i_Umitx.aMl8Psb6hhBqypdhpkd5p9VOPW2pUzrU2.jZ ewS3hILiwkr0oPoBEacwV2YfTprzn9Af_xF1mUUY7_c_tSczNzNlyg1k8t3xAd1qGiNHw5.4mry4 HtANIeXud04h.m.JrleBkm8hZKeQMBkYKpyt5qVFupDe.fQvphCppgi..JpXNrSQzC27Kdq7ADvn cWwUIvEeBzfbLTHGCrSL.J0dY9J1W6Qy30J2AZMNU3YCIvEyCDdSTV5e.aX5EG_2eoS.mBEXJi3t 4UGDo5eFJMSaLXyaSlc_lnKIYMbk7ljubmF0sTd.1.EDSYoNew8TWn5olitfDEM2GJKFveyOdto8 5DMgREQKl3NJnvIgp3SYrrjwIkFqvyWXFe2bR8Wu8bnEalKcJS2jL8CnWT.Ko5dYck8gUbSl7mpS IiEwgd2mlKhe668.9LtpVsQZZ1tk0WKNmZLzvtmwtsqM21FrzqMzictBsj4W4sxskkXjVVNsA7Ze BsDsJXGkf.6swZ32LR3MHVNDB46VHmgL33cD3.iOs6TdpteWumzh8rZ_6UkrPZRoiKUFqimMOPDX Cerrk0ejxCBDpoZS115jXGiYiloGQYoJI4r5x8GocM0CQ8zp5JiVeLYU_YzEpUKNoP5xZmcqZRPq appVJqAI1CrXLM6vwvdQkyTZqJfQO_GU2T9HkznCXX5VplY_7Uy9.D8AIjHXrzLIKipSabgSieRg ostsYpkUpGuuJLsVp92gIMkqoXtRLuDf0EX2al6xHaOkvmNZrfWIoSZG31.pp71w_8.8qWRev7MW 2WNPUIKeayHl63oweppoa9b8vSGW2ifpEwYiqE4a44k_1uqJMTrWGAdLrrSLAzTkf.TEt6Oju8ab 42gWVZ4iPH375DeYpixXGx6G4cjjds01n6hycen3LSKsKX4tIMoqJZ5NrrdBFagzb8rCdB9XQOdp 4SAl_QT9lSMrlfnaRr.s8Hhm2ir6.pl8Kx8g.Dm5OqbhXRH_akLA25FT43.Hmhws9NpAKrzTHTLw eiV8a0RLicmsk9gEKGA9NpjzOYfZynCOA7lH5Fkpu1RgCp9pImmwvF3TKPDOUNqlxDqDLHjRlEzp OfS45B3lYkXG2Qc.0.oc2jGa9Z5.IlKH8IDbhYroyxVkGbp_YrWeed6AyQhog9RnwSOjfZUfXZjN Ts343wfuYaOgZMLfVwCDx9JMYQGR.83dlXa7lL0YHZJiWgd45ahZ8Altn2n_LrKRDC4uiAnlKUff ltkvUkqy8lipAxj7WzoG8OnOkWBxsFLnAMck0z.OooH6EBqEeWXy4fU35j2qvwMe0UyqRjGh6JRy ximEDYohq5vCpevV9l.A8mLc6f87zLu9Sq5z7AQ4jODYeNmBGpULyMsXyvJVDDrVVUtPg6cglGnM F1.rJsWS6rAKjWP9_wOMx8Ij81tTpxZNppbBU X-Sonic-MF: X-Sonic-ID: e6279b4d-1066-4855-acaa-946166353edd Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:46:26 +0000 Received: by hermes--production-bf1-7c4db57b6-4hrkz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 49a3a41e5715f67667cdb3b18eebd6de; Wed, 02 Aug 2023 17:46:23 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 05/11] LSM: Create lsm_list_modules system call Date: Wed, 2 Aug 2023 10:44:28 -0700 Message-ID: <20230802174435.11928-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773141909348159830 X-GMAIL-MSGID: 1773141909348159830 Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include choosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: John Johansen --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index f8499f3e2826..a76da373841b 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index a3938850752a..4e1596b5c300 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -958,6 +958,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t *size, __u32 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t size, __u32 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 8b96cd01b485..7663ef16c07e 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -172,6 +172,7 @@ COND_SYSCALL(fadvise64_64); COND_SYSCALL_COMPAT(fadvise64_64); COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); /* CONFIG_MMU only */ COND_SYSCALL(swapon); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index ee3881159241..f03f2d17ab49 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -53,3 +53,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: pointer to size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Wed Aug 2 17:44:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130116 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp685968vqx; Wed, 2 Aug 2023 12:43:06 -0700 (PDT) X-Google-Smtp-Source: APBJJlGqJWdCSiPplVPDMoImW8fBc06tTwuiqY6gDIhPGP/jpTlsAOwY/+W7sn+iXIR+uGGcERj6 X-Received: by 2002:a05:6a20:4413:b0:13b:9aa9:447a with SMTP id ce19-20020a056a20441300b0013b9aa9447amr18272298pzb.54.1691005385627; Wed, 02 Aug 2023 12:43:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691005385; cv=none; d=google.com; s=arc-20160816; b=EObBHR4ylOkjsRXZVd/g3kAjvrQg2RbTBk2vUY/uqkI0hfZKvrg3i545cr/H+s0sN3 q1u2t0yT1Wmww4TmxGVwZ69Abt+8RdFcxo2LEHjg/KmpX4rmWliWKhgUEn2igISoTrDg to7kxWj4D0cdKDc+Wro+F3bHOl3deaHL/hkSwzSrZejh/umu5DUHzogsKTUikztiztyW OIbyUxXwa5buaswsYx332I0RHX6BH9175BuZtl8mA9GlYPeYSEP9MJcztt90T3Er2iz8 lz+0fZTqira55SzAVFGA5BnRmTQTLY4/CKyx2cGV0gZzto5F+5OJ4iujRRmPnJENaifz L4zA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=H+gqT93pGMpLYzs7aWs5HvBFQTz7T+NliWq7UTrCds4=; fh=Xfu72P8IfS28PXQJoaJnz9HAWSFXUkyhiqanneSj7NA=; b=RfYWAUVpUyB9kYfnrTfLVft/A/91CZ7UQFgN10g7VIlrb1H6aN2kV26p8KfT0cN2NZ s3egFW+FIeIayGO5846jXtQFo9tfbMZDg4fsF1ur54NS0PO+JHSyMFsUHBX79TzmRD8l C2YDR3M/MiS95q5e0FOWWWr5hfGI7Fg/B4mwDIi7D97Lo9/EURJjprAUZdq2o3i8MNwG yFyZ1A9fh3aHYQb3z7cGlo4abZO2/vzRA4o3HEhqsA1blqW+50VhAfZgTcvC2kY+bGEu CH0H4L0uwYQY3/PkZ55rXDMAC6FJzPRG8WfhzaAF/1hkaQy0Ecaz96aTgSZuKD210Zay 63mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=aiEjsECQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y12-20020a1709029b8c00b001b9e39f8e21si10318012plp.127.2023.08.02.12.42.48; Wed, 02 Aug 2023 12:43:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=aiEjsECQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230352AbjHBRsk (ORCPT + 99 others); Wed, 2 Aug 2023 13:48:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39386 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233911AbjHBRsR (ORCPT ); Wed, 2 Aug 2023 13:48:17 -0400 Received: from sonic302-28.consmr.mail.ne1.yahoo.com (sonic302-28.consmr.mail.ne1.yahoo.com [66.163.186.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B95B02D70 for ; Wed, 2 Aug 2023 10:47:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998479; bh=H+gqT93pGMpLYzs7aWs5HvBFQTz7T+NliWq7UTrCds4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=aiEjsECQej+3GwX3+70to6ATa0DmgyyXjRIA4eDyf/nw+ai/JzkYsxUO/EdO6h4U8P/+S9KK9z5TQxT8AZMLly+v3fNIo83XMag5c9ePaPBIiM/dyHcs/in2qIOT6ISCPhH4CVu5zwcJvM0AHBdonVwRXt3KpuE7aYP6MkYQN1boy5pnbPkEnf5O46FYsy8gkse0zLYP6zj9iSbGVWN60/AfBeKRSizaUCellFoFBLWtSLm0buBQpqqjuWIKCxm8mf/4jvGpx5iDMve9MgxgHeLrsewryHp8rB5HndMuZBp4Y8qMhoRJQiSFWOW9I9GBEJhS8+Lhejwv4JxvYnNmpA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998479; bh=b/tTbfoN/M8SwCV8Ev1gMVdg9sKtzVCI6xU3vjA4ipT=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ksGns/vZ/6RirHdw9lOo3Woz3Sup7m0WXed4//I+S3Nq5wjtVbHVugeIpXxzTTyatKadTXy2o5GQie3FisdBjSX8+LHgb5HIY85cy9Ar5wANjBsdUIR9JfP46KIq9gURbQLqcR4AAnWWK+4RNS6PfaKtAgs1gH6fK5ZXJgsBrFEPm/aQ/686rc5ekLMVxfhatqoDvnfLTzsnzXuadq3UecilnOHb+yguRMD7FqzsOVPBKeOKYexn1CRgE42MQdEqlJDwq8g9+5MWIIWmZrOt+6qkjUorXq0Y0gmn6OBlGbIIHx91+vX4Pw8b76prNiunUkA5LPuvvK/0kJvX3a5NbA== X-YMail-OSG: bUAUj58VM1nm0_VDlPQLCEqwSjpUgzBrwTdz2UnJk1XiDIM19YtBlbeFVfBGsSt USqVjnBFgMp.b0Sc5DvuoP8V4lBzW1QLGL6NTYI_SuUqzhWyhDDaeeFo5cURVas3q73oa50ynHOP YRhljzmfLCp_49LA2.l.6IB.NvgjjWdOvQVIwsXNc54MMDAOC5eNz5oqiWxqwn1oYdJ7PLavGvAX N_haSk5ETYyaU6BvgLB5TGulYnFmcKtSYYgp8sWXzyGNG74yWOqP0PukJfUyBgchuRCHambqSwU3 YlmBvAW7axvYzyy8D._du1L7qXan3bNd0SAowNQwk8hGVs4RGfXlrzi8MnYvxEyE_5utzB.pf_rO 5DCwtOW_MKUXh4Tfaan02TjOfD6tL3eorvEPmdyg9EEsadmASA_koyCIEKullDCfAL8zqDneSicN N4a5b4vNpBD6yfFJS3Ncc7uj9GPmpvYo4zplzHg1yo.FPtCc00G18r5Qc7E_vRG5FtiiSJI4H920 2MGsiqONFcKDj6tjBjzUJt_BzTDpM_Hwyu1P3pTdckuMcg2ug2Fw0i40d4NFke18ww9TUObHuMcs MrPjMTQBuGUHkPQYh5g4aC46ggzdJaqh_yb4bX1RfSdcPAI2s0X_6CJdNT9bpceQNJQ_6hQ6VIw7 5dFjH3LQAhE.E5sfn5U3e7vpGeap1jpu1uLDF7Xe8bGuIi30gncpNl5mTtO0eAXJzEotv.VILqs7 9cw6.yFbtfdDznb.nV8MVw4XiS4J1OSzzV5XAxfrFvcQzf4.VeTL2RA3q9zXj13OQdGDZRXckgRf GjtKp8cSVOtkglJ0xHVygEDU19Ao0c2xVZ1lEE03VVAVT5p4Hq5Owz1yMXpt4qAZUFxBgbrZUYp1 JkaNrem_lLw.o5.iRkoPpmhMCVzRHrkcyIE6GI97qlObnpGdGE9PPhweGVk0gqdl26H0zDioWDHh QKMnwIY5F4ub41gMEqj6ltdPEtUoZit5QtiaWpHxSOeIG_nSJtSv3r4z87t4YYEdyRc3NGv6IM8C izFdWMduPuiYBtUp.7KgyOnPPxSTXDt9sMd6GgHihld4kD80H9hkg.yU5Q1V8xa4sJWFezyXXglm jbZqJKxl68t7IPXyzhuAKNlXCJXkWBgDbaABAGCoKbFPldZnW1ucj68NGohydF9MJM63Agpa2OEE s1C7cbrJQa0axQzugVlchXAtZ6V.4hMbXN1uJPRnXSzEM8in3smQ36CKen3mtHQpEc4GH5L3eIsg l2o17e72SdJfRHoJPLkV3ATRzQzO3L4ZWKuE3tWrANVafpwVWtp4._JGms3HE0QV6KcHrdXbrj8c TcIPTF8vOGGcsNczhe3iBY_YwokKSqgJD36UfJgyOLEPy5Jk3LZxcX7S1v6csm6Ukha.bJ3V5FZs KyMX.Q2jzb6BC1vFPjoJi3Yfopi73zA7qWL9hDfFdNJoFkNV5tdLJuuB5USjpeiwW9Rcac.nf3OP PYRhuLexm1TcmI1O984IrBDSMTGtyHm2ASdA.qezYw73kov4maZgM3cZSnBZ1xafFcgUEfOV4d5B oS7lM.LsWUCRGOgik_mScmfLQhw_TjuLpewXrIegPHU_KZnwxowL1Uzvg5t5EC5QA0HZQ24DOl9G tjFjf0UZfZxk.bYUBBuWfx1hjDhpLHpiOWWMRq5Js_UkJNCNcr33wMgywW4xlIt1OsRLhIzsf_Ir fds_KH652NqSX_zgBwKZ9GJO5tpgIdru5exUBvi6y.XZ5GaMOHh7OguLknbRKHQ13Gzuc0OOESYC EH6nSIzTnDG85m1n1S0YYZboQc_djjSmFdbToDdNYUxuPAMYENgVyi1Oz2240_Tzh2YNjccXKtaU vzy7ophtnfiIbbMSBaqR7VuDHzzOmBBX4_ZSWf1fxrgsBerEfUEVAF0NoASkDWSSjdwVs4fQFayb Hv92go6pN1PO9LAsUCDgMtHIibXEBT5cnq0OAIYlBlrZhT0M_S7_itT_YoVvVs5DbaXyXzhowyIn x8XMmGXzE_Tp8YsEhBQLS33e9u6zO0c4vVInBFCF9OjEcRjUeNLxgZs6BXmxzF7COOTzJJUCVrV2 ObAQjdhpSQNl4wY36VbITrTzIxphQAP8mQs3oBrEMun1TDcolbfX8ZjIRceJbpS6FDKXpYIpjMZY RAXQZ65xEJTc4lYfVMLdp9Zna659SZmo6kjKW.9Y6pmaUkz5_odjwBPqt.jbjDgqtFh1ikLniAnX qpWagFIxemlTOc4_wV90TAagUmefju.FEOJy8ZVKtRsIkKe9NoNsw7NYRqozRTbJLXfQO8F.iIXA _tDBWbYUHbeZNGZMHuA-- X-Sonic-MF: X-Sonic-ID: 1ef6f890-2890-4c9f-a3d7-98e0644e2656 Received: from sonic.gate.mail.ne1.yahoo.com by sonic302.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:47:59 +0000 Received: by hermes--production-gq1-7d844d8954-t8s9w (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 9cf20a3b1a5c807479089b2cf544b53b; Wed, 02 Aug 2023 17:47:57 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v13 06/11] LSM: wireup Linux Security Module syscalls Date: Wed, 2 Aug 2023 10:44:29 -0700 Message-ID: <20230802174435.11928-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773147663235545319 X-GMAIL-MSGID: 1773147663235545319 Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org Reviewed-by: John Johansen --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 9 ++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 75 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 1f13995d00d7..bb00aecf1dc4 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -491,3 +491,6 @@ 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall 561 common cachestat sys_cachestat +562 common lsm_get_self_attr sys_lsm_get_self_attr +563 common lsm_set_self_attr sys_lsm_set_self_attr +564 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index 8ebed8a13874..a148e71905a7 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -465,3 +465,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 64a514f90131..63a8a9c4abc1 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 452 +#define __NR_compat_syscalls 455 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index d952a28463e0..df214b7ec5dd 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -909,6 +909,12 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) #define __NR_cachestat 451 __SYSCALL(__NR_cachestat, sys_cachestat) +#define __NR_lsm_get_self_attr 452 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) +#define __NR_lsm_list_modules 454 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index f8c74ffeeefb..1b53f9d28514 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -372,3 +372,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index 4f504783371f..f7a91d458f0c 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -451,3 +451,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 858d22bf275c..2b24b19a9bec 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -457,3 +457,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 1976317d4e8b..0ff4072ed024 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -390,3 +390,6 @@ 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node 451 n32 cachestat sys_cachestat +452 n32 lsm_get_self_attr sys_lsm_get_self_attr +453 n32 lsm_set_self_attr sys_lsm_set_self_attr +454 n32 lsm_list_modules sys_lsm_list_modules diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index cfda2511badf..9c38818dd9f9 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -366,3 +366,6 @@ 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 n64 cachestat sys_cachestat +452 n64 lsm_get_self_attr sys_lsm_get_self_attr +453 n64 lsm_set_self_attr sys_lsm_set_self_attr +454 n64 lsm_list_modules sys_lsm_list_modules diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 7692234c3768..a07e1ba91511 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -439,3 +439,6 @@ 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node 451 o32 cachestat sys_cachestat +452 o32 lsm_get_self_attr sys_lsm_get_self_attr +453 032 lsm_set_self_attr sys_lsm_set_self_attr +454 o32 lsm_list_modules sys_lsm_list_modules diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index a0a9145b6dd4..36cc0130ee1d 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index 8c0b08b7a80e..fe2ba9e8a413 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -538,3 +538,6 @@ 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index a6935af2235c..fe3fc23697b0 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -454,3 +454,6 @@ 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 97377e8c5025..319968dccde9 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -454,3 +454,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index faa835f3c54a..9ca3fb4c05de 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -497,3 +497,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index bc0a3c941b35..4caa3c415528 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -456,3 +456,6 @@ 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node 451 i386 cachestat sys_cachestat +452 i386 lsm_get_self_attr sys_lsm_get_self_attr +453 i386 lsm_set_self_attr sys_lsm_set_self_attr +454 i386 lsm_list_modules sys_lsm_list_modules diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index 227538b0ce80..c5f85f93e80b 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -373,6 +373,9 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 2b69c3c035b6..509379512c27 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -422,3 +422,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index fd6c1cb585db..b5588efc0933 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -820,8 +820,15 @@ __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) #define __NR_cachestat 451 __SYSCALL(__NR_cachestat, sys_cachestat) +#define __NR_lsm_get_self_attr 452 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) +#define __NR_lsm_list_modules 454 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + #undef __NR_syscalls -#define __NR_syscalls 452 +#define __NR_syscalls 455 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index cfda2511badf..9c38818dd9f9 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -366,3 +366,6 @@ 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 n64 cachestat sys_cachestat +452 n64 lsm_get_self_attr sys_lsm_get_self_attr +453 n64 lsm_set_self_attr sys_lsm_set_self_attr +454 n64 lsm_list_modules sys_lsm_list_modules diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index 8c0b08b7a80e..fe2ba9e8a413 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -538,3 +538,6 @@ 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index a6935af2235c..a18e9d7cf92b 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -454,3 +454,6 @@ 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index 227538b0ce80..c5f85f93e80b 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -373,6 +373,9 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules # # Due to a historical design error, certain syscalls are numbered differently From patchwork Wed Aug 2 17:44:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130074 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp664373vqx; Wed, 2 Aug 2023 12:02:06 -0700 (PDT) X-Google-Smtp-Source: APBJJlHZZQtOVH7vKStlLskVz7hgldM4j8b9/Ukzt2AvhbAwILwEkb6aoPv88ryuphzHiblb3SWb X-Received: by 2002:a05:6a20:938c:b0:13b:79db:e222 with SMTP id x12-20020a056a20938c00b0013b79dbe222mr18579225pzh.53.1691002926193; Wed, 02 Aug 2023 12:02:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691002926; cv=none; d=google.com; s=arc-20160816; b=JpP+ZY56vYeeD8Rf7zrO+UU44gdpWfBBqwrEqOock/5mLkWwP+wbwbM+GlQ54ImINb J0bnUkeg5WqFaWoFzUiBo4asW8By8wNSvVjxUyuzpglVeZhOUXIIOjN9u057vhFkDiWO X/mRAXuoMK4lKqHcHfXWVs4ML0iSkXwedlOIpQmt7IhR9kZJKh3bTORKSUR9T8xHRLeS 9lOX/Ul396Q78gTSsArXeMv5xm9kzI7UFs1mbttA/gca3xrmedxdclef9iRRCqfFoiEJ pSijnazNf4kMaEsbj9iZH5K/o9jP9UKRhtZaNd99vUJaAgjDX7ykE5rBMgdG0vPzy8YU 21ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Bqvmvro4aAZS2a+tdLb2NZiYYDGjE4eh/yVeJTod7Ck=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=yIv1v2156HEl48Sc4aUld5ZYI441Q8wjrGDIKI/tB3Y3uBho6IPIuKMaMQak0x8AcI 1RmKs3ITb+5HpqQF/aqpVNFe6GmKR+NuV2kvSrjdtTGzWpV2WWzHOpwNFyGDv82biZGu Z6/2O7tXGgwygyD3T4ZV/8Jj3beyrgd5DFiNiaootxCRBNh4hJGucz7bRLG+kdln8E1C GjC6RAES8UUpIk6y7EUTnMi7R2xbLofomuEFhZ+mfNIr03DtFpKGF9wvW3Q1L7P9gta5 9brMVz8mXCmO/Ya9jXtiah7DOWRvAnBTlr5VJEY3jBDaCG6FELJpm1KWlzgYYw8bpQxn 8UTg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=LufJ1UnZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w128-20020a628286000000b00686ee44513bsi11083328pfd.124.2023.08.02.12.01.47; Wed, 02 Aug 2023 12:02:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=LufJ1UnZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233949AbjHBRsn (ORCPT + 99 others); Wed, 2 Aug 2023 13:48:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39438 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233925AbjHBRsS (ORCPT ); Wed, 2 Aug 2023 13:48:18 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 702BC30C0 for ; Wed, 2 Aug 2023 10:48:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998481; bh=Bqvmvro4aAZS2a+tdLb2NZiYYDGjE4eh/yVeJTod7Ck=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=LufJ1UnZzKL//NvLgIYAlaSrkAnt9MZhXKzoYo0RhQiG85ed82Bx/RJSKZwdkO30rHkdymvkqzUShTBVlqXC+5jKvmjKt8+3AmvNW9WHlRxRxb7SmnmKBBY/ctgfZwG4Tv2BiTqhRkG/vPzHzD0RmolRKaHsVezomSAllyxmLNTKbAuWeRpxDSn7N4rQ4GSgrUPc/4ms/4OGMglL+akTFZxECmxmpp3PsFhHNqEudg5T2JZV0t1AqpGQgTOyFubtr0l7BfMKFI6g+c2vHNj5LRaVtPOfS7WUHUu0fimihnEPk+y/aVlPj9Y1bIXgYQuflXF0ZO3+XXKB0P2imJsOUA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998481; bh=lUZEcSqoqsO3WJh39E6Hb3StZmsVIETByHfyb1nqeWG=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=exP97waVpyBY8RbhqUlKuQ9X6w8abrKe7cAX/ByLPohED5tvBavIgbYSIRAL4VOqzpzuj7tbHv1M6tfZrTOD1bJYK/RfCgInQqV0FSCkDINyAUEt76DG6JDwsQyTcC0B12FnLFVaeKjGz6WFaOD6YT2BHSyXnKF7679wLYJcl89S5XYSf8p1+Aihm5sg+1VTkdeEMl33pdh7iT3Fj0H5ha+inLjURBPi09se2jEgDTbTagJ+Nc5aKxH8WV0YfcA+x4ijBGBblqdyjeJPHAeXIPyf0WftR1Y+iBi+V9sF1S5UgsGpog35RuzltXcYS/sVtJ8vMTFdGTqy4VL9wqZZog== X-YMail-OSG: vFXWvg0VM1nRViHeKmrmN.eoSiakjOo6_aM5h4nh2m6SbNtiuGDSMApJK4LtnrF sZgd_aDQltT1atpYzePTdH44BTVeHpnktfQNGNxW35bn82AoNhAgP2aO_ZpVJnSkXtpFXmT2QwMA i7eCjxEFybEQgHzGsru_Kghfg4bkLOl4j.MaQobXhkvIrQrcOcjNYj3GRfyfMWWFr3vFBxNrR7LM BQwtfXtGwddbH8d1U238i25lu9sj_72OATprfbH6doZ6xU5gQqZFMB2P4SNTSull.IMY1li6mwzo Wf4NxDPNKXjCXeH9cGat9QVTULA5CliC9O0TCesBUBJGM6MR2sCKxvXsM49f0dIl78fpR4aY75Xn VvpHVFC_33ujnJTbIbjEYhAhr2DghcS4wt5.KknYd1u2afIub7q.TO9OMu6Q2_P6MzhDEJiZdKfa FsJlFfcrTsTwkNq191XZd6flyfmbrWzkG2on4qGS_3xGM70cnJ0dx6Mis6tKOQV6VMFID6u.ZHmb uSH0xgf_H5gOYVR7PsaDprr.rOEgmy_TNZ8azLaRHF3CCMis0pD_Avifc4H4PnKL4DmeFkKY6v_v FEcL_sBSyQqFufK2Nf_6J7rt2UX4taVU7DhNE8TcAvjBFXDz_Td96fX_vLR0xi42Y7N3tUBMNhA1 uvyNzZQC5SyDn7evljpfDnWABtjeSR1vrL2VdNPuQP3ehEdkGEUQSuDX8XSr0WHICszKh_X4_GsF IYigJuqG_ISwoYsqO2F5_JeR53_w78Y2z35IrCdMsk1pRakt4uwX9U4t.nFf0IVXF.A1hg4GIHLr zstjViVqc69E6UfLclQKZZLWkeujHxAygpVnccWs39hoakwRhXH1xYzNqq3L.AURRjU3KD6iMNrn v53B_m.7uOoY1A.CdZXSO9tnFLxnTexViBC4.V1zqoTxIhFS4urbm6x5uxLP0dG8tiO0Q8FuHPHH dO6oSkG6OkJrvauTts._FHI73dHK5SueApFVQHkNqBoqPTXM5wshDvUA6E46Qe43makw1TooT8tL mecBdbJk3Ww7zWKSQiSqb2Pn2wMr0OUVU0Mg.AuttWnLwhn1m_CCcJx24A0fNGXLZCW6w6q5zxpv HvbU9FN42AzsZiKg7Fyi4LvE1IzcmBobOhJtGW3Uf93TimyQ2M9OS0fvgYBV61o3WowgRv4d3CfF jzvj_5bS3e1zS.JBJDPto4DjJ9Xjq6eB8wUUgvexfNzc77NWfHi_jICt08dDAztvjQPsjikZTTGp 53cLdQsqmX_VxlqkrY3mHxc9sOxwDWjRtMIQnrb3LN1qBAuqEFPZgQGsyLopLN_U5bJayt3hKQs_ aL89_ysE66L22zaAhV4XyomgiliTVeEHk32D5D6ipfqLfy7hwQZLiXOCTAefZ2CjhfeCu7U8__s8 a5_2qRLeqdgLcVQlIRx2Z7yWg7Jdv1.FO7nN9.YpMdDYXA_dEcbyNQo.VH4XvL8VaBMfP_HCyAx_ 4g2VFnYWirspv.5S3doyjBEhS8LOMYn3LOY_lBruaj29QbkX5n8C1tgVcZvfpLccFaQkg8rC6M0j 2pHF4dpT5.N0RcofvYHIZQIs7lZ7FpTwgA_01gj3o_Epcu6tgV0hi2Og6vqSu.fluCg6JyZYQSFl iw8Winvdwk0HD.sE6XZxInpdECSougdCnTd_yZ7oxo8LSNn_4dwcuzq8jmR6vTTX3hHy8DdVN8Mb oCWgvfpv51Kq0RGeLeZYhzSa5BekPvvjxyatTfN0fZsfeflyA7CwPvx7KapILHMniwFyEa24_qkl kGD4ZVDVYmEkCrsmFHjK6Wi5mU2fCK6P9e27mUrAVi8lc6Q1j2G3jmvE7Mag4iP3qvsKDsIChJNl hQpgPQxm3LBaMrQiCYE1th1e4ELN1663lG9Kgo0XeI_NdoFDzp2oyD84T0mlZ3_ospsHWa3lKYr0 Wq1agwMI5lK8AmxHa0TXMIO2OuwJf9F70NVX6Q1TThyv3De4hJL0FeqL6rv1VVAn25K.W4KMfDy_ iNpYgGwVGXuNkAzUx5_RPzmchDhkCQKFo1.oy4J8LvhsekAHsV0k0z9nIWoYsVjR0kbKFBLPVb5r UN8jlEY.e0fWTWdEeiLJlBpqL_qsfLOyjD1Sz8FJl5v.E8Silj1Ez.slrFl3vY0SwHZhBn_Y7RPb tjZg1bFaz.qb9l_mhxOcY3_wS32iB4gFZhiexgPfgpAVbMGv74tc8j9rPhSs.9DFzI7s_xMZTld5 PRUeCdYRKO0Ye14TdzKe6elMQ1hmw5hrNM7GFHtseQa4AxRbT5pTZWNcvyRDjJpHlbIgcDHwZhVj lkBn2Ts7U6WH1jgQW X-Sonic-MF: X-Sonic-ID: 6165fa16-f8ce-4019-927b-f4d96006686c Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:48:01 +0000 Received: by hermes--production-gq1-7d844d8954-t8s9w (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 9cf20a3b1a5c807479089b2cf544b53b; Wed, 02 Aug 2023 17:47:58 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 07/11] LSM: Helpers for attribute names and filling lsm_ctx Date: Wed, 2 Aug 2023 10:44:30 -0700 Message-ID: <20230802174435.11928-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773145084748917619 X-GMAIL-MSGID: 1773145084748917619 Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. Both are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler Reviewed-by: Serge Hallyn Reviewed-by: John Johansen --- include/linux/security.h | 14 ++++++++++++++ security/lsm_syscalls.c | 24 +++++++++++++++++++++++ security/security.c | 41 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 79 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 0d882cb221f4..817cf28dbf8a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -32,6 +32,7 @@ #include #include #include +#include struct linux_binprm; struct cred; @@ -263,6 +264,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -488,6 +490,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -505,6 +509,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return LSM_ATTR_UNDEF; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1408,6 +1417,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index f03f2d17ab49..bc22f05e2d8c 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return LSM_ATTR_UNDEF; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index cde7f3a13e7c..f1038686ebd0 100644 --- a/security/security.c +++ b/security/security.c @@ -770,6 +770,47 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM + * if memory can't be allocated. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen = struct_size(lctx, ctx, context_size); + int rc = 0; + + lctx = kzalloc(locallen, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + lctx->id = id; + lctx->flags = flags; + lctx->ctx_len = context_size; + lctx->len = locallen; + + memcpy(lctx->ctx, context, context_size); + + if (copy_to_user(ctx, lctx, locallen)) + rc = -EFAULT; + + kfree(lctx); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Wed Aug 2 17:44:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130051 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp645970vqx; Wed, 2 Aug 2023 11:24:52 -0700 (PDT) X-Google-Smtp-Source: APBJJlHS6hG8q5UJVPOy1U64chVb6VkLQw+tnQJXr9QlPMjRlf932peM88OS6uvpWbMhnmiJ/fa6 X-Received: by 2002:a2e:6a0e:0:b0:2b9:f007:990f with SMTP id f14-20020a2e6a0e000000b002b9f007990fmr5212784ljc.51.1691000692186; Wed, 02 Aug 2023 11:24:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691000692; cv=none; d=google.com; s=arc-20160816; b=nPCUzK/WOczQKHD4j+9dXuvrdZ2gA3WEjaS4qdkrnI5A1tyFPqLYA8IehMUd0vEihs dwy0RjTtRAsUeP0MZ3idjoJ4ZxQQOwsoLT7r8CdOkKqNvnWYDqj0EkE8BdpczMn2iAsJ 1KqAi5WaaniYeqOI5O4NP9rSkqS/patKW8P4VFpDOqaI8SQUU0HooV07r4Mjk22b7FEI p0EEyuzxkzijlSaxK2Hlcv3ijQC+DNICt38bqyUeWWJgZssz3W+vxkSJsvFAUJbx8yij 9AyAdT/N2rC37nvAHORy3wpbRL2g24Pl1DRaJP732UeZEIBC8zeFnVawCVUKcgUijLVg IheA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UBydeHMvtYkBeF7n7pDG2UzAIQcaUbq2whax6Z+5Xks=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=zbWoQL194z8c02m77zki9QS6DJsN6V0zK0ZVlEdNEexGK9UE5NQQ650j9YjAmRy8zA mX9LcWgoGP5G9pqfERXdjLLlwu10k4IPMao9M+r++KSIwB+AFQX0fT8Q8IhhVZzPAfvK bCkKyl43nW/nfUKCQUDaztFHy50bdS/qWhgFRdczkWEYoOiKLhgoRpssqyIDsjWqSHi5 KYUp7GXgefXdZyNqkchTwWrSwQewAXiAvTHi4SwK/lWoXHYQtWMxkOdasMQKuHo5AtvI KHhv47e+s4/EutSqyZZDB7qCBOCwRTIyIa9GVESGi6++bnGu4vdxTy9wzlixiT1zUzx3 FP7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Qronr+Dh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l12-20020a1709066b8c00b009928c9d9971si11491104ejr.875.2023.08.02.11.24.28; Wed, 02 Aug 2023 11:24:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Qronr+Dh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233958AbjHBRsz (ORCPT + 99 others); Wed, 2 Aug 2023 13:48:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39868 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233968AbjHBRsV (ORCPT ); Wed, 2 Aug 2023 13:48:21 -0400 Received: from sonic315-26.consmr.mail.ne1.yahoo.com (sonic315-26.consmr.mail.ne1.yahoo.com [66.163.190.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5FD4430CA for ; Wed, 2 Aug 2023 10:48:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998482; bh=UBydeHMvtYkBeF7n7pDG2UzAIQcaUbq2whax6Z+5Xks=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Qronr+Dhhrq+VxP9HxVFkRvT5wEJ9ddg8jIAnVTi0gkKDrvlIe6ZqBm/XJ1qflOr6C3vuoUqalq/1PhYpK/I0N4tUU9uUwxUAQsWi+p19Y0rP59FrFCo7i7/HkX3051hhyn7Tctpmq/ZmROZzO0LQ49edjdtN87byJsIMIZslqZURN3iWm7lgx7qgF8Ovf5vauvzx8ZuYshWzd1lAbVjHT/qvnKv2FzKr2CGsiL9G59JHsTO4JnYDDoTppNu069uKVWP878PFOv7h1rnInyGP6sEJhGv4H0QsshnJ9FxRAuLtYRrPB45vu9dXXz9X79Z8Yi2kYHWSwg/MbNunFfNlA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998482; bh=n5cDMKvgPsGNxqBG8/kwxhfcpTecafznk/335PK2ToA=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DNrdOPWcUIUsaDTo/yxRRMNjrXozub1kFyPmMjObdP7taz0ZNmgr1+YR4mfP46/T3kN3Vp41nh+HR8uB+3gPUgNPpYxU+pU/u5JtGNBaLt6r6j81AuoJcSENsoazdNu335Jxn9CEw0kHJiu0ailhAIinedhbVvN0/bJxh/Yjw5DEpsTZYdwfM9f943n2SAbZbBQfXG2vL+rgNMOw9MnG485CZYM1cVhK+c8ScHiblB7MbLiO3XNTkp4z8HgwVZB//khfHeew+9IC13565oQJajJbra+d4jvXDkF1Kw6EvLxRR2qjux4Ghm0W2YyIUSb7rTI4yddXzDOfba/nA5/7ZQ== X-YMail-OSG: GdfqacoVM1kWTHYabMjT5dv7btICj_a8ty2WjEGU8R58qbow3ptrDPsreVaSrRk mfEcBaO4fsbb5fZb_pnCenUlVaNJKD.q2x0_s4vG8TxWX.XPb5mV9MGlWDU5uA_T6oQ1CSOXSSbO qzQjftKYWfzH2M3p7tBfMSYhdqkLNUC.Ao_ScGWZL6WZ9ru_diqlvH73x06xcqmJqJ5usO2pVhr5 H7lmqb0mFLG4bog53NqrihQ2m.NTwCTpC583H0.z7FDlTsn9emL7keA1HcRBHKiezmDswoPqAU.. JHsVEwJRfQ7Y4tZIakBTKC4NIh1TtGwj9Y05sU2LF8usuaKWDl8GslD_y4MFOT46fkJB_HBALece GZm6JD0Y0t2ZAIsknZYQ0Au8nVghHMc0Iyee2nSBWfMcBfJiD34h0QYdM3eImQA_yr2C4pth5R8L _l5VGKMnFwfozG77IehB25vAY5HCfF8qhe3g9bmHIB9oUpEnc80PkDQ3t.lq429DHatu5VFQntKs _6BegsHQ30jGeLNVhqAlfUtnhFzs.JjZgrhuoq8QsazjEysPn9B32qwyN1Zu.gMvrcxDwvWzEFFz bx5cGnl0cazx.yFeej7xSKWmC5cJkTldZwsWbeL3w3cOpFiuYnYSNdbcIbUyDrWH_eYWABm8o_FU vq1qdlmngw1kf2U4aPxXL4264ScT.0nM1qqWMvvPHZr6_Ges0dv6EVwxNubw_Bu3BOOSNomZgAnY G0W9ZnNHGh7wUkGdl7DNGhrE3JavovFcXm3MA_cpG5tsptnnUVuB6yN3tlutm.yaRd0UwNMqoO09 C1TKYzHo9S3C6oKci8OY92V8ftHCVL.GomT3fKyZSiG_H23pB2.LHk512mbcdubnZUZahy0o2XHE AbpcyCd1PLhWmMy4VANBj5dpeKPKbDo3aGAuLnmIwS0BgR97HCEhzTc6KZqiVub2LKfm5tj2MVnv CBq5tnvnxaOjxj6i9VZjR_26H.XEla7XsuPu85aa6GTe6r8pmpyBsV3cyGvob4_F8kB4s0CALKXT N_wki4ObcDiiR3qqI2c_o3SJ7CWnpbuBlPEytPC5Z35cZpQf18CSadWU_O8k6nr6y18vYBl4LqzP Sm6jSZRP2gXfSBP0ujTqEfKrFSFGlWTpXh5y9XZsUnWc8ofzUPHS_EKBcppVnqDbtL8noesQ_HFE N_9gDT_MbUXqP19t9MygyHvzAgkRoYjS4mE3ugWAGihXoR.F8_7MvkvGRd3APUocshRqS_PSD4Tm aXyb3fGcL4UxD.sCbFYqp2Akmu5K8fjI140DB9w1ssaYmEJuEhCC9Z1JeklA1jiAzFmwlihy.sX9 azLa2nbvxwiEI_pPqNt5kiAB8_ALUJfFXtahfYZj8AJxYaZw6R0vrE04qQK8k.RWBl.RFnGdXBXe IkKtjGr0Bpw125yFvOv0lmAaPnzbjHZn41E4ceIy1rQUgVWSlW6sYtFgwsbMFB81MRTf7ylp1wlF JqAg9Ew2xXh8H_g.ncVahXyGOWkIWd5flFWADQI3r_WN5bRJoESCV9H8Z.DF_6BJwW1T3R4fqwEF BsZU0yHlRrj0OTZuvO8lmQXj1UoY15jFwq_QQCAfzI0tfgrPipxVLtirLcjRY77eJZeP.GvceGZX zy0XGoK_UgG7D5NWT0__Xx08T2Mfcw90gKq.nOyUhvaqVqzr0OzBN.n6R4yzwE1Iik6dBN6vj.ms nFVs50xWNiA3VL5BWTNoj0wCvXVDcCt7bSUV6Gh.PLkPJb1p06tdDZyFSIzF72h2onDFEGWkOj6c FlrimnawxhwejJCVJFLbbGnqvBfYVQSH4JEEG7gxcopoD11vN46KnYvThGVXd8wnqheWtYlFsKIJ ZWDbK2_Ui4SzRjQaNYaigddkr1zfbBp3NjgU2byw4gAUg2j0qzyo7O_q9FarlrRisKoHMDjv9l.S ddw57yK6V1MfF0thYkCL_zIs6aJuKUrW_X1.UhaGDN9OtPnWK4uhNc_WUik4xuLfXDMpzbEt1OqO Vq3zUa99oq.0hZEiwVfQGxA9q0klFcx7kVjzS0Iv0Dbi5DeHzuSOOPFNuYyAs_9bNqaiSmOi0tZ4 752MBMmTIJd3mZ9wcomzSql.ujfS6bvC9oPrBRDm2.YyQIftHTETHtuS7UTCxXoHf8YdUlR7S3BW o0vkeHxpbD3uJCM7t_4tiKMcJedUPhjDDn1s._5nMOz0N9GDjbxbHZn_MLk8r3X9.B1Dk1cA49mX _RdzCW0BuEGGTzWVSF3CQCLpOQ8OQO4IXdmRCQ_zClszKJElbT5FuSCn2ClDVjS7mjy3wuUcem8M AnW0VWY74q.MCsQM- X-Sonic-MF: X-Sonic-ID: 1277751b-e00f-4eba-9dd8-58d13e86187c Received: from sonic.gate.mail.ne1.yahoo.com by sonic315.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:48:02 +0000 Received: by hermes--production-gq1-7d844d8954-t8s9w (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 9cf20a3b1a5c807479089b2cf544b53b; Wed, 02 Aug 2023 17:48:00 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 08/11] Smack: implement setselfattr and getselfattr hooks Date: Wed, 2 Aug 2023 10:44:31 -0700 Message-ID: <20230802174435.11928-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773142741540811054 X-GMAIL-MSGID: 1773142741540811054 Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen --- security/smack/smack_lsm.c | 94 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 89 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index f3e4b26c8a87..71c773fff971 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3565,6 +3565,45 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 1, the number of attributes, on success, an error code otherwise. + */ +static int smack_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = ALIGN(slen + sizeof(*ctx), 8); + if (total > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, + 0); + else + rc = 1; + + *size = total; + if (rc >= 0) + return 1; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3594,8 +3633,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3604,7 +3643,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3618,8 +3657,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3658,6 +3697,49 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, u32 flags) +{ + int rc; + + rc = do_setattr(attr, ctx->ctx, ctx->ctx_len); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr != LSM_ATTR_UNDEF) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4970,6 +5052,8 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Wed Aug 2 17:44:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130073 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp663568vqx; Wed, 2 Aug 2023 12:01:04 -0700 (PDT) X-Google-Smtp-Source: APBJJlFYfs4e8KEnpY/U2LDCDu0Gyt+qYPQjJXBJtSx9WhNxMLYN9eCKpnHEnBVJeZm6Bmf/wYSc X-Received: by 2002:a17:90b:3c4:b0:268:2746:5c07 with SMTP id go4-20020a17090b03c400b0026827465c07mr14849214pjb.43.1691002864054; Wed, 02 Aug 2023 12:01:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691002864; cv=none; d=google.com; s=arc-20160816; b=vVK+B7eVPTk15o9ODcxk7oDWds8Dwvo/QbYn0jmTlto4MwezBQ3TkPXw9aUSBMcYHu 0UwVKGgcYzsUQtEGUKnk81ZgOjDeCK+JPI70KGGdpOcUvchO6dlsYfSeRstqhA/zdR4P ghid6J2wGj4rcw2wkPL3G3io/bL/bXC264pRHXOiCiq9jeXmm6udF+dKqgXt0bafvKgn p4MfY+ofjmjdGvLH5++DepA1Oi79xsPQrIiNb0Reb7goVoeLGVFaC7NYuBUDkk950O+l 7et8YeMU7VRpN9NEBnkF/kx+2TlxNrbniibtTLx+wWK7swf5IEZf3ep6+8yuX/VmEN3u vVIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1z4JIHZm4iFDoZgr2SE/Rwlkjm9zpKdJXxkkP4ltcr8=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=EiYf/NH110q139esdjsbv+FcgQ5LYWVM27N4B4Qqp+zJnDnQJx1K3x1hxZIE0vOAcl vkCYbdfHkKZsYdzsRH6x7xrA/Hap/xItTMBrU2CbYj94DVWtAT48nVeheds9ihrN00ej zvREEkQ/r3SPOTApDeOXLYLTLi3YcgsvkkCJmfxjhTKb9+H3M7Dw6czn6W1wdioCy4mM t7ITrZ9/ux4rgFUqXJP+rwMmrMOHXvlisC+QE87K4xhblko/HHeFTZ3ctiZ3WI7eQ2YP jlwl1xoKUuyGK1joJ4161Y39Tjrp46jFxJVtUoY45VXC6xoenlnmwHP5LHXT+pZ8Hx7b 1OLw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Ya4849+E; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h18-20020a17090adb9200b002634a8e3220si1572030pjv.65.2023.08.02.12.00.48; Wed, 02 Aug 2023 12:01:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=Ya4849+E; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233959AbjHBRvY (ORCPT + 99 others); Wed, 2 Aug 2023 13:51:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40008 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234082AbjHBRus (ORCPT ); Wed, 2 Aug 2023 13:50:48 -0400 Received: from sonic315-26.consmr.mail.ne1.yahoo.com (sonic315-26.consmr.mail.ne1.yahoo.com [66.163.190.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F04791FF3 for ; Wed, 2 Aug 2023 10:50:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998578; bh=1z4JIHZm4iFDoZgr2SE/Rwlkjm9zpKdJXxkkP4ltcr8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Ya4849+EibzjiYC6YiBGwSSn3hrQiTvFBuCwN1z9Y142YQD7mpkxzO15ZT9+ygtJ5rgKW0ErA7OkuRaC76myRfOPxWC/CgIIbik62msyyVyfCjhNIwovPfdcG1bHltnnPUL9WXlATO3APULkkimgSxUiFY4YFGKX22dxPMUE7g8vqKmAqj7CUSuiV8nOd25lzq4SE7K067IvU/rHOTeE+ooue8OnOtGq/sFJ2NzbIdeuPc5VpJbWS+FdR6Z9DPOcm1cpT3MfaXbjUJG4AKlGzs1Hqbe6/pU/h7WOIxxF5SPHW4Co1kxp+WVTCTdmyyidDVIFJMF/pS6CJzTnTMFMFA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998578; bh=bOXpcUw4fHfXosFGEw3mClIfJtv5DvZGIp5zMC9Pu9m=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=kVZW6WaWDG20sR1XeGAhb84VPgG1iiICYQuM+dyWpCHZkyCJCudF7U2LmpIpytuYy1CL6s14f8dZLoOlCoQ7hHVchNAnr4w1PEQ1UzYxqYYbXs+m8JCSA+mPWl/lUGm4sKHC7fJ+fbyXM4Dvz1YBe6h+tSjDd1JP/0rV5D14+g/v1QjYVZNRltsBUcBeFYD8W95NoPPPo/Coj4BnUCdDFlJKWyiuX1NTaGtnmhS1LU0N4P6ZlYCsiAAnYpVUhu4f2qa+P1632dOjlUUq92SZCANRrjcItf4Rhns3F6nDpenjNL6hJjv0NqTf/9w5xDdXwBceUV1pnZXanX0TI6Q+uA== X-YMail-OSG: Z9o4sn4VM1lUq1.nMo31d1OxXYCvtZNr8s4VI1hGquFl6QBwarjcMSnMw_ql.yl 3d9yoPSF05SfULSCvZKtUaGz_RHPIxsARICHdfRD1AOWsTKi4yPbMA.S5k3_OrqKi_hoYFQPpSFP mCpJhleyAzjbYCawADMqo1ojI3oBSbJ4hCtwTHILbddlNy2VzCJiCpkN1KRt2_q4F.QXmVV.NjnA mM9OCBOIp.bGFR4hAJFxt3ELFQzWIqkixhO3qbPXqMT_Pkm1x6TiGBD3dwLM_glOzNopoFQy__P9 4gi5CEo5hC2g666kyNkHyBHUJ9EhRNwlTjKn.9RhxVAkvvWZbolsRsMxnWpdBmQJJd0Oz.5ugNrs 5mbuHdaCsYwpERX3SwgeeCbku.RarfPusoI1cse9Kg4EmFBVa7Yokw0FrEQZVB1O0O3DRWe3p1a3 g9kHhMwOo9XYo64n14XOWpyb_.81a1Iv8MinJcu_dpfkNDiCEFKrhqKu1Di37hMyyCtRiKlfNdtB vd5v.iNkmbRtIpBRo41mtb__NepPQ_TvXmmg8h.MBW7hqYj_r2o2fPWhvIwaKjCbwHdj23cZETao Yhzz7K5BC0SiXxdgKPFJqS6QfeedTxpB3KomsLj7RZYHEuoyMAK2Huqyoe8hxkGO9dTiHhRoDd1D tBPi97FXIruw8M4u73T.WWQprXIkbFOeZk8mx5xDvnH2.BwpNRN4e5IA45Q1v.rnNXmb_4RkEuPZ d_3e5VNZdIFCeiS4QI_Q.B5Csr8U1L6dDCpNjZyz7DiJCf._Mj.CgX7wrT03GOyZm7pEEitPYR6r 8bVphPuwKToIl_akWRXEhbWK0tM.RXOimCtEKmDAwWT1XDf2v0X8M7WEeHJbt541x.ytpYXPNxx_ 6rYLqhpjNQMiUTSiOFQfyYNR9nqMBVhhXi_Uie7a_nr9sykBefudf7G0hWES2C9WZ6qYbd0av3Cn Tsi6ur0giULQ4Z27cXgu7lDiumO_L3e4hrnFUOCYWZSskxJTapvhR23_Q8650txZ1ZPztTaTfCcN zi1KrNEISNzOIfj8Knn3HrFZGgp1xbeNO703EDLbYugQaUq6x_9oNqo0_sh4D5E.0UqsTooM2M57 _FlXGWsXFRiq4ot06fHIdqm8LKRYF41w4kKo.4e8cId4KdbHIgXNBUCzZbCdSsqtqFOY.MtmKufw _r_NiyoHMyKiARDttboFhnxLKubAuUwhbUrcefF4S4exyOx3NZ6zyzM0wXDSHVNGaopwLwR47DIM eSHKlwKwoN3CJDHXv8_xubKrLfjOlNfgQ2qAbJGd96cmaOOU6iSh88nfJg9XVaXecyy6QdMnvxmD Rihfludsvzmf8u7As2cWLnyz2zymbvxZJggftgjOGculCg6yMtYyyLZzwl_WcRUzGekC.wF3tJ28 dkFczx2iBsmxIsB0aDgwKW1MloctjIWeuq1a9TZsMciojbvS8Umv4_fLn17ntO1RNWvk0bLgc3oo 1loEP5RcQBKEE0fRZ8xccf.AIVALjLPQ0IapQDs3ieI4I4.RcFbP5MroSQHCNURbfrwEF57Bip3o R6d9mYecdJpIRyno4Y9ETvPbGt1K3R9Dej11Hw5SRmJNR7F7JZXKQqkAiBlsoPxBbFxncCxbUHa7 fvaCxKkex8gNMp0UaMfNhZBjim_BaJOFbX6X39Du4aUqJDcHzumtpX_SyvzA8Giz3Q5y_deTv4o3 xSFzqBI1.F2SLtGPbubodnEzwYw5Pmo8F8hZgrlEOeR0RTsPfLLWB_PV.0b1cJDDXkuu38O1kQnE ZpuaruhqHbHSYn..AySxfebZ71wB1nO8pJ1t2..phlavRjN4JA3tRKAz9KVTIJtVQRaeS8Esw8za akoJ2ccEohPxpk6hxKrRnAIT9YC8db2PCDJ0r3TnQiGJtzuZc63JPQrWABUoCVyP6YXTsvDtis1U tDX7qfhPgJfIeIWWY.CL2N7IYq1E0CUqWQYdY7Hw1vQAMhWNV_JCHZBdsrQoRQzb6K3aVYUaMkqu 8ig0EVFwQn61m.0BrJE5bV.f26DepnG507qESzsn17IsCuh0bmLfPfAwldic0lHRksbKG04vSinK xAA8t0Tcke743BVl61Ti3oPbpwaaP_yiODenLPIpldisuMtzMmJ0PnUyKivedQZjd0P1H3YpUmIN ykueReD4hSiOLd5QuRlobfyVTahGciUKbAJJ0Ky7wDcw8VAzptTkuUVWDp9weFoDWQs6.mjh9fKZ mFWzj6o8wyxVh9FipXFO5xHB6wIJOJj9wIDz0dRyHb3gcsDWjhyagSefqS3ExZ1Q6IR9Xd2MLsH1 JxHDlEWF18fjJZInrh5GOn50- X-Sonic-MF: X-Sonic-ID: 5e9be14c-e0e3-4c9f-a8c6-35d62f10c7ad Received: from sonic.gate.mail.ne1.yahoo.com by sonic315.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:49:38 +0000 Received: by hermes--production-gq1-7d844d8954-l5pzx (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 6a2fae4a0e3a5f2539f1465356d53db3; Wed, 02 Aug 2023 17:49:33 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 09/11] AppArmor: Add selfattr hooks Date: Wed, 2 Aug 2023 10:44:32 -0700 Message-ID: <20230802174435.11928-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773145018816187160 X-GMAIL-MSGID: 1773145018816187160 Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: John Johansen Acked-by: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 91 ++++++++++++++++++++++++++-- security/apparmor/procattr.c | 10 +-- 3 files changed, 92 insertions(+), 11 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index bfd049c3fd22..cd54e5ecb46a 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,55 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, + size_t *size, u32 flags) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len = 0; + char *value; + + switch (attr) { + case LSM_ATTR_CURRENT: + label = aa_get_newest_label(cred_label(current_cred())); + break; + case LSM_ATTR_PREV: + if (ctx->previous) + label = aa_get_newest_label(ctx->previous); + break; + case LSM_ATTR_EXEC: + if (ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + break; + default: + error = -EOPNOTSUPP; + break; + } + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = ALIGN(struct_size(lx, ctx, error), 8); + if (total_len > *size) + error = -E2BIG; + else if (lx) + error = lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + else + error = 1; + } + kfree(value); + } + + aa_put_label(label); + + *size = total_len; + if (error < 0) + return error; + return 1; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +698,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -657,8 +706,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -689,7 +737,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +752,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -724,13 +772,42 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, u32 flags) +{ + int rc; + + if (attr != LSM_ATTR_CURRENT && attr != LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + rc = do_setattr(attr, ctx->ctx, ctx->ctx_len); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1330,8 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..e3857e3d7c6c 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,11 +58,12 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); - return len + 1; + return len; } /** From patchwork Wed Aug 2 17:44:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130106 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp683973vqx; Wed, 2 Aug 2023 12:38:28 -0700 (PDT) X-Google-Smtp-Source: APBJJlHwSryXGaV5ro/uPTRR2e/jhhXUkDC9/rKIEoJgr1b82658HgpTwixzFl+fcbj0R1bLCL6b X-Received: by 2002:a17:903:1112:b0:1bb:b30e:4364 with SMTP id n18-20020a170903111200b001bbb30e4364mr16411721plh.39.1691005108083; Wed, 02 Aug 2023 12:38:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691005108; cv=none; d=google.com; s=arc-20160816; b=nkN47oe6G56AyKeB+DcfinFErdfpOuKb1w9SJnOUeMujZXf3Oqxg1JwTCJ/DJ1eFxm toqfngxJsWqFsQ9epQddmES1xf4PuR16k4ZWTtvcz/gUe66Lb1lh5rbsSHmCvqVt5dto +9fHvTlGLTj2PzxVyfjQp1FJ8xb8PH4eMOrOQ7uWUneX5D+dsm1MhKcL8ykF930cebkU 67io41tVT54ujeOzMVVLBTy1VQPIRZCVxwL9yCqA/+RASqndJ4svUy53GguJw+jp7NFR h8VvhDI8uodb2ablu1MSWvD0T5+Os3xwbnJMhsl+qgvJSyDCPtcuuGm30BGqWZDuV+CQ 4Jnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=7+Se1+Ef5nv1L5D0ZYy5ttVjUz7zz9DskE81Pzn1f2s=; fh=v9RxzBGLMdjHfxEFNGrgpGYZJV1UVy0zTd79hL/cpu4=; b=nnkd2IjPMMY+6IyAH9wba7eYHGwvLs7Xt6mACXTzr8drr+RuE17kfvwg8MaXXTRoux LQ3I+aGt5QpKI55FrD+hkew9a8LUCgUSCnz+BXxK4mWSOEyN/YINH1ecL5KgtnXVQHeJ 2gik0zj4xEhl9O6/YLDkde+hkKGvUuNJDze5ghzSRHzbg2DoTgjNQRKFHmEsjJO2OS0U ZDxxJWPRmhJ34YJHuMiDcma13LvR702/I/2y2VYuNFvA/ywAvpNYB4KHqql9dQ71MPcm cAw69sSSS/LnhRFC6fxw75oeR4zNG3BucVb8+bRLqNDkGJ/jwLSl77tyGLkHd4k/h35o s8qg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=qZIx+UGA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c10-20020a170903234a00b001b8805f98e9si4301432plh.452.2023.08.02.12.38.14; Wed, 02 Aug 2023 12:38:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=qZIx+UGA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232478AbjHBRvU (ORCPT + 99 others); Wed, 2 Aug 2023 13:51:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39982 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232920AbjHBRuq (ORCPT ); Wed, 2 Aug 2023 13:50:46 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5E64B3C3D for ; Wed, 2 Aug 2023 10:49:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998576; bh=7+Se1+Ef5nv1L5D0ZYy5ttVjUz7zz9DskE81Pzn1f2s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=qZIx+UGAsF/q3yBkxwWiLY/tIU3wGTLYkQZ4ABNrIz+WrogeWMIw65CQ+6DW1Mw9MTPZYMhnXUmp12hJ9mAOTCb7CHZ5EUiySUVV26ZQbRIMu3hozUpy5K0MnkHjrBdBsvsfWQQ04uL/P9s1CCYH7bsWyM8H8UWPvl2c47UtB1BP4GgVoWDEWXUfj23WTaU/vfAXkwJI24dfOYMpjjb7Yp44vQlXeDMrFLKqfDKvFrrH6LLDS2r49UOLRQL7nR9oYkqqFoe5SGmC2d53GdmH/XrCNPo0bBCAKyTlHM4yPlgO5A+tvM3Dy0qtJNGpwjMaGPnpqeUWIzwOT46rnG1eyg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998576; bh=wU7xfLI4hi0p4/9Hm8Mf+VzD72RutSPiUUBUwzRd/Y5=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=bCLXIh/SR9oMOR3UTwV8u5NM2qozhN8gtDA8CDAUbfLQyJVxRTbJ5/6n2uG4skdTnEcclKElzHJ/xL4jGQakDm19tzS4GweAaFmr0E9aIbuIqd8cCJ5dkrGrIHX4aCFBxRLZyngRZ11raT2Sen8T2DaRgO5vT+1WZTIYCZ92G+QfmHK4rxFEqRcZtZPN/6tUP3OY1ZYS529fYNxaCMsipo1u7rRxP/fxw88wNBzxpiaH1QzbF7Ob2ufbsVpu6SINsBsW39iUhzhXBWeIpEzLAR0fcsuBzv4V6ec3u0eNUwLxwJnUogsTYIyeF6qfA8BSiEjZ7kNAHGfVHRYxu4hoOQ== X-YMail-OSG: PpRoHtYVM1kL6Fdpcxx6CR5GzkNgG2N8f.KbOR41IjWQPxyGYnIB1gM1Rqmgh9j OFcS1u_BoOk4Tr4ajCnI2T1jSvSn8Vqh7kz4ygti083bGn9aURvEec3wldpDJunvAlYEwRC22Qcc Qt0Bc_T_MViQJF7aNxuotai4K0QadPPLCTzuGh6D9LgC41XT.Vvp7QHEmRaWsK4cK7UF6Pm8heW. QACliooASQkAQGXNq7nkMzMIuyuuxApv57cPGqMH18Sxnoz4vQsUoL6E4EbOdZDBUZDofRSlPSxm FTxa.g3psdZzQFS.7P1ohQkaa9D3aW6wzyATPkRO5GdKNOfMFLZaQ_byjSdv_Nv_Oxuy5oTD9q7A 8pKwRB02Md9_iAW3O_v_If1Mmxyak3E9KdZj_VuteA3CJAzT.vDz_KKsQQgW655LIbro3Cc7gZTM 8NiLVroAswU.f5H_7AgsuAkWFXCDd2g0VjEZeoN4oPn2uTXZXoAMR72X7.53_dhhy1ezjQmjLzDh naXV6yCvG7Q3uZKjS4JneVvaHs2FhPGfX.2o8H7.lQAIka6BpR83qMJeC9mtNFYX5Q_jLAus0qOv SUn0CZAgBVuubc_o7O3rxmQnVnxO9iZFdxo0olp5tWP9rtc9wybgl9eWn3VvdKdCEFUFOa9zgOFU Isptm06ivV8FXrK1Vrz2up3q9GWlE.UFqQOxwR2JZfomH8DZEEANr7y7bSfGBE54nL0MDtPfJfjJ 4XC2PqyTo9kgXmpNHB1Yj9BDoCYOnkorb7eWddkjceZdjBZLJ.k1hySmaelKXfkdpWBME9Vb1wmV saXnNb765nDv18P10kzSLAltOeJskll0lCJOG9EMcbWOFHOwR_u2sXI0hduKR_s7G1.KEINJZIyH aqJUgbhYGRqiZrH7TNd9cwOtGVVfsG9uF74iRiAXkWA3rXjhdiT_2RLYe14aJnVM0elg.LnC1I91 HN7N0nozo15uYIOXSLr42IrmEtu69vWvi1LlV_qHgvn30pAIEdoffgrGFtPeia9_5ABuLdH0geVs lFbDWouswjETA0K9IyoWQ4YP6EgsiDE0qfKe9ValjT9QpxDUWu5H2eywdtKrG.jOJ2SJQzLxshou e9hXPTHHXOUuhUHqxfNJvF3xo0avdkmEK5GlU68NSKXO1CFTb7yGyIMS3dfjLD1A5MROhMi89m5B RD.O3j2Fd7o257kBu4RDfatQA.wIhYnXP_lTzXfwNMx9GHP6rbivEqHioVNFKpOgoszx62r76jwS zKGJcuN.RYpRv3mSLoYuo7O8muPKvKcu4UIiy2OQ2kgRZQwMYWs8QnpVaZDjrowLxHQsFRIr7qJQ PoGJ0zxha7uHlUav4QzCBrHYn973ttEYrnZ5h1hyhs.A3BR7ZEurAK59bYKqEEIwl0GeTIT6We6S MsssyKcKZ_ZRGw_w3Ay6FBq4vyJBND7ZBRpLnqqLO14bKfJuI2ql6iN5loNS5Wt75ihGblWJ2eZg 84ENiz8KLk.4gzA0QVje__CZUCWbDSd85SCtHsKr3_hKckaZlV4JcPHJGNY6NYveao3VtX5nW6SF vL1M5QZTNq5Boyd5i7TZP9P3qcd4qnrRo8QJthdRuNoEXQBh4I3PrnWNQ9pngV08XeqWR4tb7k7B 4rEW_VtPCsw1uQrWruAgN7SJMPl976zWWxi7YtiiwNxRxnQWv5z0iwo.6XqqyWlLmflsh7D43XdS HXKiADyMG45rFQ0YoeX.NowkdNp5OMtDcE81KbgHVV4NSfxKKL1DiW9ot2wagHuqqc5kRfb5b3GO 5eko7do6PDr7jvQiKC.JA2CYMyXmR1kD5.07wdHekZl.asN9AOiNpmC8FfUAOsaFecgOqSRuAx6I MN_hMmJOMJrVoIqec7R5E7Ur017Vq0UtS5sWyCYeeGMLkqCxaPcznaLYpt2SMl1stSO2i5xn_P46 Dkpe2TUHZN1l.xgYy9qlM5ztOPQWO2aN8sSNIEiMYUb0fENbRbq6sswCgRexCBRb.2Ez2YbWBIGo xUk1TxXruCcdXxLS.Xo7JcRuASAm7tXopq52IKVnY0biMFVe2O21u5aBJUqSfRmxjyvW0r1NdNUQ xgOKbYsu.Q.3wxg8DI4HI9Zx_ckAysvrYm8yqMyi4L5XC6TbdsARTwjroasl0Qv3hN83kFAticf4 FaoNpe1TyYB0YYF.QqkXnYnA10uzDklFZ5EHIzVELX7X3dDyN1hts8mwVo9M2XTZ1s2OTaVhAvFC WC1pwq4XzHrpKej2CQud1fzkiJaaMZUijEHFQCHRMoMv3tNUfVY93ua72kiRc7A_qsH7sQ5otcs0 syFDiBkYK.uWx4Aao5aeNcupo3Bp7 X-Sonic-MF: X-Sonic-ID: b02ce2e0-359c-4f18-823b-92ae002194e0 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:49:36 +0000 Received: by hermes--production-gq1-7d844d8954-l5pzx (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 6a2fae4a0e3a5f2539f1465356d53db3; Wed, 02 Aug 2023 17:49:35 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v13 10/11] SELinux: Add selfattr hooks Date: Wed, 2 Aug 2023 10:44:33 -0700 Message-ID: <20230802174435.11928-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773147372226277601 X-GMAIL-MSGID: 1773147372226277601 Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 136 +++++++++++++++++++++++++++++++-------- 1 file changed, 109 insertions(+), 27 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c900813fc8f7..f66a28f672b2 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6265,8 +6265,8 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, + char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6283,20 +6283,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6314,7 +6321,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int selinux_lsm_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6325,23 +6332,31 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_EXEC: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) + break; + case LSM_ATTR_CURRENT: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETCURRENT, NULL); - else - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; + break; + } if (error) return error; @@ -6353,13 +6368,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6370,7 +6386,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6393,11 +6410,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6405,9 +6422,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6449,6 +6466,69 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + char *value; + size_t total_len; + int len; + int rc; + + len = selinux_lsm_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = ALIGN(struct_size(ctx, ctx, len), 8); + + if (total_len > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + else + rc = 1; + + kfree(value); + *size = total_len; + if (rc < 0) + return rc; + return 1; +} + +static int selinux_setselfattr(unsigned int __user attr, struct lsm_ctx *ctx, + size_t __user size, u32 __user flags) +{ + int rc; + + rc = selinux_lsm_setattr(attr, ctx->ctx, ctx->ctx_len); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr = lsm_name_to_attr(name); + int rc; + + if (attr) { + rc = selinux_lsm_getattr(attr, p, value); + if (rc != -EOPNOTSUPP) + return rc; + } + + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return selinux_lsm_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7080,6 +7160,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Wed Aug 2 17:44:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 130093 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp679963vqx; Wed, 2 Aug 2023 12:30:42 -0700 (PDT) X-Google-Smtp-Source: APBJJlF2wxoFrXM2ygmqy6dIPaCgmaPfEjDsoV5GZJSKD4r3fJjOpeu9JHRbV3QzI/SiIsJ5JYWu X-Received: by 2002:a17:902:ea82:b0:1bb:79b4:d45e with SMTP id x2-20020a170902ea8200b001bb79b4d45emr14012601plb.69.1691004642086; Wed, 02 Aug 2023 12:30:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691004642; cv=none; d=google.com; s=arc-20160816; b=YSyZH6HjzEPT6cEjHphMyZnPIQ1nXi46q1km1sSTiixc6F5mA12mgVklovTKTcejSE UnMsRO2uBjPA6i/2fR5v0gEBA5IQE40PLxL1u4GXlRxvk8/qPtUv1AoCibDIM2zvFJsl J8PF5Pt05CUFt+6OIcPk3tUlcZJnz4tRuucZLuMecDmi3Qp9lyDOgsYiASyZ2RVSk14L B+IWa3bGHSpOwXHe4q/E7EtGxcmPUNCT5ZsNrzfm0joqEQWyghiM0y9b0lQ857GDfgqe GOYTd8HD7Iiema2QG5aE8wbs3LiPqioCqvjnBNXgvaF9SxulFE2Qqa1bfskjSH3eMhvD WpUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=EHUe7DseksUqbUQVVRcgp/deEuFWo6dpSz/lsCkwGLo=; fh=arL9UBRJHFsofiiQd44aZRxxzO7fu/grwMh4D2tbp88=; b=LbmNGMkbIcfxTkztq3/iT3x04rqwz7+xz47Ouy2tI0IieJJeE8YtJdm22xvwK+xBkG VqL9UM0OHoltp/8co5VqPICaZqcWOQOjk2aewTWCvg8QCTz40FlB1ga+sYrAQhT82wml Z0VeF1POWrElXC50xEPH5gZmT1agrk3eYfLNMSwrFtz9fOFRO9V8aC75n0nLpJerN8Ni c5SneQ6hxjrW5HWu1O8WLe60lXm36u76TDx+x4Vrl4XfTJeen1wbWvmYybrNteqD9+zn tLFyU8NSlK2xVMGSpfZfC4ZILvD1tdtUoFf4MY/jo2YLhiNZ474T7Y7sm5iHGewuWmqh cTow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=mq1V+wRn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t13-20020a170902e1cd00b001bb9b0e64casi10851641pla.63.2023.08.02.12.30.27; Wed, 02 Aug 2023 12:30:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=mq1V+wRn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231238AbjHBRvf (ORCPT + 99 others); Wed, 2 Aug 2023 13:51:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231845AbjHBRuw (ORCPT ); Wed, 2 Aug 2023 13:50:52 -0400 Received: from sonic315-26.consmr.mail.ne1.yahoo.com (sonic315-26.consmr.mail.ne1.yahoo.com [66.163.190.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 293874228 for ; Wed, 2 Aug 2023 10:50:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998583; bh=EHUe7DseksUqbUQVVRcgp/deEuFWo6dpSz/lsCkwGLo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=mq1V+wRnfalQg+hDIs91JAiOBFWpoGtU3x3mT/7R8g4fKs4dIXxLcHLaoxQPwN6nd5hjlF4dDKShBW28tLNk2vbmq4AIBzSiKUVkykbDcylBz0XNDZ3mMTpVxTOaY8kzEcD6O/5glK0j57EaunOnbisPrf788ZfRWq5DwT4AO9t0ZYZETXRxCmVn7nuUc11BC7NudRDPi13E5xwVKk2f+VkT34NhGPq1X2PiRdRZl/rKjNC97SvVT1tUPE258+CGm9+/shEqMALuZDc7bpzhZ2Dx4V+dvLG/MH/S8EB1tKpzopzkQ89xDjtrJt3D2taJzkU+Nl/uiu6zPj52ZlCULg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1690998583; bh=pRaG9LwybZCpb3vsKwbI7nz4Co4oVYLrocM+90ECRny=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=jcDR0rkVkUdJT/jxZ47SluSoQBYPEcyyEEiKaOyN0rxuP+sNEopw24Ym4zF0FN1luYa4OkV8pSCwrPijyA/MDGDlbweN/aqsiR53E5mlxgOLfuK5avIOY2QT6D4/Uudp5chzkGEbHi0zLblIlYQJZCyn45/gx8qGhwhjRfyx6YkVku6U+7TFdBweEIwZcNrvylAvtgHKwVl+YLAvHsTYJDGS4bLuCKooQ7kLtROSM6UCuwL6oz5d4QDcdUuTuRyD9QHcUBkaLmfGYDbp7B+v5ECmFjfX5ZdNpNdxJ3dcR1Vv1NKsj+tuoY4Ei7gdilo2mGZGnHM7FVQKCh3knthhqg== X-YMail-OSG: Z1z.4I4VM1kQ9sRAwbXt2.t09MNt_XloARUb5rfysjPYJq3pJDUssxRdWHV85t5 xUDWXDeeEIE9AIsEIFkZTMEHfiyJIycry8OJLfTCIelPWi9JI0diFa8B4Afkv78RCLrLhKHXZCQN anuCHJj95fEUr5njgaKsUSR663Rejy3e6l8WdrrWRHej5vHqtofx2IqKQLhTGTPz3tahFdmsQUBl yIPX65niKI8osi349svMhm7kYrbIs2t3q2JaO9rFZGumFRSnM55mmmGHHJ83mNKqsTlyDB4tCo3Q 4F2mfAf9VPlUF8PceoJFYMh1D.wtcwdxLwN6u33GuPPeONsmQzBUv0tHCBiVAzNaxTbtWmBW_ElO ZY8ztMiHbz.KIH0wOsJLtBgOlj15bklNmhPWcQM4X51F0QBgj5d9QU3DCLomMsj5Gx7pdYaJPypL suTEBXBUHS28gcCPOkCLCkrq4jXhLNho76RS6kBBDMQVL1TSZ4W2BJdjY3ZYXp3CUnBSx85oH.xh DVZtcO0ZxrBOKt49_6BgrTM97tk_GLMxccbcmWyJMd_0GPLDuJFC3QtoElkDC_vo1pRxbW84rBP. tEil201JMX5LHWZTMcNkMWts_OR_ck2hBrWp16f79P8Y5V8B4QuGs0bFSabG8OdUNXYmbTnS7MMO lhkVNqZxY0fUVs761R17.SyuKPfcFvBwyvhUOYubr8shgAVJISK2tqOaGulHIg2MzuGAsi99w6PU uQwpZFsLygG9vsX_RH5wQkNcFumBNRkQq45AI_Pyjkgnv8NPEVHS3slsw4t5u269u3pSk8l.EAdm nliZ6jjLDx2gZTbFT7U9QhSAJ8n0edxt9sJxiGohN1x_pAQrrLMySwLnefH4MMMKmH_vxbhbpFYE HvhYZXnwLxY4Gz2L9ioYLRG7tL7OI3QWa3mGKEIP_h0N9LOxQgb0lBCNyEUPLQ14GvlGhKsVRqYF uMTwcfxsYJIeH4XbSxzQElrhx2gmqC8_iePRTctc7UZrd9ngi7dZIDDOJlCjYHqfx29aWnJfR.Ew pLLmmZDSG2oJ1s8HB2Q9C7v0YG2LRv1L87OiNHNUh_imerCp9DDFWcdilgrmVzgcncsfx4XLbIv2 Wevwm.krqoQLuOXU_AJG0n5_Sx_8NVZIlJneiUeyQxpfta_tjA89IHg_i2TMipUh8U5jxqlUfNWD TV10JNQ818LZPGYDXYpudv8sDiq71JMWbcJcCCZQU_aDEILmyuS0Rd7HWnZd30ziMO1T7n8C0wus sVQ8eS.BYxepgEjVc0aylZ5IbNSwURjPvhPGVerIhqi11KTAkFbLy862CM09cEYxW6bpIZ8rQ_Oi vktyf0KwoXwOptgHEyvMeZC8971qodgudXMzgcs7zVeO1UBQlw3Ux96LzkIXcf5w6A4ccSxyDLSh MMb9_BIphNimZA94NLkk4JKyN2AYOgNSV.euLL59qFEPro2VWoJJua1tKael_uEwskBGTC2NxkTx 58TbtdH1manna8CQ70wl3FxvfaCR55wS6N2wVuTyT9g8jGy.IJjxXaIQInQQKnLiLW.8H28a2sBm .W1eBhtsrRaa.oWybyYtiXdRtX4Z_Au_CakXU8JAj8tyQquxiVE9oIfQ8fweFucjeSHmcQNQkcOr HYWszFaoQjW5CtG2dMQ6pp8wz.Aykr8m2Ylzy5_vV1cwjWiamn1MdLo8fpv2adBTNxAZfjHhDMfj jciTHQpulFXakbTvXLw2rn7ucSHTA_tjbxAtClAArfmT61VALmGOF_yqzKtIj5NGz5sEfrr44xXm O7JMmjdBV5kvJ7zGrSRaMPIvz_PZb.xfjFX_R31YoAt9e7VIGpFQUnkFBncKYsqsL6961XWBiPOC mGvoCV8fEKsQtBa5AFIRoLN7D6AEflQaKa06HwR4l1d68u2SGO9araoNvyXvmhiY9656vSOEDQn1 7iXiGqYtskhBMfdasf5kps6Lq_05CPbyxGQBJIiq4Vcu.M9Q9GoxA_cfzXm8xicGo4Lz7EX2nBlU msbClpZzN1wOl5l3_GwLSy_hXbTvYEVERTS7reTznoISYHx3aZrplwVLSymmNWNC486UPc2ytff4 gDgJDS33kyIjMOuesoEEROJGVFg_PORiNhabBgq8rpHbWsYU85fYEzeOfXF2PzX9FoPX07pV4Q8d qfd1pn8vKmXfXhqEVWX9Cq9Ipg6Vwrgq6l1pVpzxcf7VnDwZmxXrh3dLK9Ku_MB4.0.ZlpG298PC o7pgfWO5FQ3MhVJ45eLWQRWl3TtAZisWPvvkn2E._s9CMpZsW8HUBCquGsMUYI_fmPkE1ZlXud6D mUV_vAQ.8F3xMN.N1RfBuvNy1si4- X-Sonic-MF: X-Sonic-ID: 0c7cbfe3-b789-4385-94a5-14dcef45030c Received: from sonic.gate.mail.ne1.yahoo.com by sonic315.consmr.mail.ne1.yahoo.com with HTTP; Wed, 2 Aug 2023 17:49:43 +0000 Received: by hermes--production-gq1-7d844d8954-l5pzx (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 6a2fae4a0e3a5f2539f1465356d53db3; Wed, 02 Aug 2023 17:49:36 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v13 11/11] LSM: selftests for Linux Security Module syscalls Date: Wed, 2 Aug 2023 10:44:34 -0700 Message-ID: <20230802174435.11928-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230802174435.11928-1-casey@schaufler-ca.com> References: <20230802174435.11928-1-casey@schaufler-ca.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773146883622039843 X-GMAIL-MSGID: 1773146883622039843 Add selftests for the three system calls supporting the LSM infrastructure. This set of tests is limited by the differences in access policy enforced by the existing security modules. Signed-off-by: Casey Schaufler --- MAINTAINERS | 1 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 19 ++ tools/testing/selftests/lsm/common.c | 81 ++++++ tools/testing/selftests/lsm/common.h | 33 +++ tools/testing/selftests/lsm/config | 3 + .../selftests/lsm/lsm_get_self_attr_test.c | 240 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 140 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 74 ++++++ 9 files changed, 592 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/common.c create mode 100644 tools/testing/selftests/lsm/common.h create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/MAINTAINERS b/MAINTAINERS index aca4db11dd02..c96f1c388d22 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19158,6 +19158,7 @@ W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: include/uapi/linux/lsm.h F: security/ +F: tools/testing/selftests/lsm/ X: security/selinux/ SELINUX SECURITY MODULE diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 666b56f22a41..bde7c217b23f 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -39,6 +39,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..bae6c1e3bba4 --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) +LOCAL_HDRS += common.h + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): + +$(OUTPUT)/lsm_get_self_attr_test: lsm_get_self_attr_test.c common.c +$(OUTPUT)/lsm_set_self_attr_test: lsm_set_self_attr_test.c common.c +$(OUTPUT)/lsm_list_modules_test: lsm_list_modules_test.c common.c + +EXTRA_CLEAN = $(OUTPUT)/common.o diff --git a/tools/testing/selftests/lsm/common.c b/tools/testing/selftests/lsm/common.c new file mode 100644 index 000000000000..db9af9375238 --- /dev/null +++ b/tools/testing/selftests/lsm/common.c @@ -0,0 +1,81 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * + * Copyright © 2023 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include "common.h" + +#define PROCATTR "/proc/self/attr/" + +int read_proc_attr(const char *attr, char *value, size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + if (len <= 0) + return -1; + close(fd); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +int read_sysfs_lsms(char *lsms, size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +int attr_lsm_count(void) +{ + char *names = calloc(sysconf(_SC_PAGESIZE), 1); + int count = 0; + + if (!names) + return 0; + + if (read_sysfs_lsms(names, sysconf(_SC_PAGESIZE))) + return 0; + + if (strstr(names, "selinux")) + count++; + if (strstr(names, "smack")) + count++; + if (strstr(names, "apparmor")) + count++; + + return count; +} diff --git a/tools/testing/selftests/lsm/common.h b/tools/testing/selftests/lsm/common.h new file mode 100644 index 000000000000..cd0214a3eeb2 --- /dev/null +++ b/tools/testing/selftests/lsm/common.h @@ -0,0 +1,33 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * + * Copyright © 2023 Casey Schaufler + */ + +#ifndef lsm_get_self_attr +static inline int lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags) +{ + return syscall(__NR_lsm_get_self_attr, attr, ctx, size, flags); +} +#endif + +#ifndef lsm_set_self_attr +static inline int lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, __u32 flags) +{ + return syscall(__NR_lsm_set_self_attr, attr, ctx, size, flags); +} +#endif + +#ifndef lsm_list_modules +static inline int lsm_list_modules(__u64 *ids, size_t *size, __u32 flags) +{ + return syscall(__NR_lsm_list_modules, ids, size, flags); +} +#endif + +extern int read_proc_attr(const char *attr, char *value, size_t size); +extern int read_sysfs_lsms(char *lsms, size_t size); +int attr_lsm_count(void); diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..1c0c4c020f9c --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,3 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y +CONFIG_SECURITYFS=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..74c65aae1fcc --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,240 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "common.h" + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + int rc; + + rc = lsm_get_self_attr(LSM_ATTR_CURRENT, NULL, &size, 0); + + if (attr_lsm_count()) { + ASSERT_NE(-1, rc); + ASSERT_NE(1, size); + } else { + ASSERT_EQ(-1, rc); + } +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = 1; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, 0)); + if (attr_lsm_count()) { + ASSERT_EQ(E2BIG, errno); + } else { + ASSERT_EQ(EOPNOTSUPP, errno); + } + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, 1)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, + &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, 0); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_EXEC, ctx, &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_FSCREATE, ctx, &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_KEYCREATE, ctx, &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_PREV, ctx, &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_SOCKCREATE, ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..445c02f09c74 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,140 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright © 2022 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "common.h" + +TEST(size_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __u64 *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __u64 *syscall_lsms = calloc(page_size, 1); + size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __u64 *syscall_lsms = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = lsm_list_modules(syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..d0f5b776c548 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,74 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "common.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, ctx); + if (attr_lsm_count()) { + ASSERT_LE(1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, + 0)); + } + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT, ctx, 1, 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, ctx); + if (attr_lsm_count()) { + ASSERT_LE(1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, + 0)); + } + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT, ctx, size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + if (attr_lsm_count()) { + ASSERT_LE(1, lsm_get_self_attr(LSM_ATTR_CURRENT, tctx, &size, + 0)); + } + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, + size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN