From patchwork Thu Dec 29 23:34:47 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083872 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D5F8C3DA7D for ; Thu, 29 Dec 2022 23:35:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234267AbiL2XfQ (ORCPT ); Thu, 29 Dec 2022 18:35:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44288 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234274AbiL2XfM (ORCPT ); Thu, 29 Dec 2022 18:35:12 -0500 Received: from sonic305-28.consmr.mail.ne1.yahoo.com (sonic305-28.consmr.mail.ne1.yahoo.com [66.163.185.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EF88C167E4 for ; Thu, 29 Dec 2022 15:35:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672356910; bh=CnN+H2ZTRJVu/KXylK8cvbTT8rFy980l3zVQ2+6Las8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=TXSyjBEjA8QUfYaPLddm9HULRCUPtobDi1LPyA7xCyL46YXcNudvoBfUfDRF3YHDo10CPogZM+lIzH3pxZxk7yVZR9HgmFpQzosdAAncu9mT7+QEyE4DMFvKw0SGMxmSrMqwJttaDGoNM/a45lahTFuX6I2jS8s58XKhlZAnyM6uofclItZ1BjGHgRGk7vCR6G1ccY51yCFgLMhnp+cYbZm+U+js5ewcSkr4d99OoT56ze3NRrgnncFW5q5gfo6o8cT/47393ir8KiQtAX6gEX/NrVfyLffJj8Kf3FCqvpZ/8tzW1o7roxdwuBR/9FUh0CTaUCXuWovu0uY/iGhq4g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672356910; bh=6LySEZDO2kCTn/muEBcqmOC/km4HCfAdcbChj8A+dmS=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Fn9lmj5bgIqzXoDF6+Z/I/QBTmoNaV6wx7u3cNA/SzsJZd01uu5JFCN98QvsVOg88Ek6p2lGKHY9AVO7Cgk31/Zbirv8xvA4nuFpXlT++UMNfUUyh6Fdtltuw348udPd/fj/XgCylisgd5YxrFoGKfd384huOWNkSweOrkk2QTJmpaWk5gM1rY0YH4R9KgKvQ5fHLZ5VtxEI8iUkNclECYL+TuN7B9mEUhChTkMSug6KjV6W77wJst2VuqCuNkupKE9u7DRYV+rFqG+yTkEcas/zxyw/3a5xFntLcEEjuHfwiiuhXDH7g/rYkS8ReZERexdpA79tFNs1tpBiThnI1w== X-YMail-OSG: SDPhq74VM1l9kpyT4gGJNhXwdohYVL4qEcUYnA0F2RBznBprE0rsoR58cRN2l9p hkfdR.Ut6w2Wh8O5BHBKtLhYXUgLxujX1jyKDnhm2qYRbWNK_Xs8zhgW.r.UmlcW4t5vOiumgaFs cUNE0cyVRxZhDk9O2pj9fD24Y11VE2eaOn6YzydxEecEqTFtO.YdoHnO9jIgNMzKKuA428.LJUPL NHEHqIy_NnGvtfzphXxY1BK9Z_27dUOKrv.zt2ORwB7vHDId04rO0LWU2OcbuKrWA2lYQuSmbNJO pKZ9jImGqhpu2e0g8.Lgu8CB31mwly0KaWEOez25vKMgj5iW3iBi.sc1QmmLCUZybSDY_eUsbdk5 j3Fn40yuu4P_biYqX61Oyi0c4xFdAzn.LrvFytFhtacMJMXW2wvED2a8YJJsOc7aMDcHakzByFhN .KEU1FWnzNaIFv5r6NcNPxCKK61hgzaiRknIK8ZPH5I2wChYqr9xKu4LJzrjDpg5WUx_JO3NfwsD ahMzJzFhgtl3KYwz_XFq4dQ9KPH0nbQ6ZPVh306Y8GmPG_ImjbNB6yisltwAvy8CG5xu1U00vdkz Dp7wHrsIA3FzTvv4fBHBrLy7PHU6nTIXsz8Y1i5SJ5WqLqixpLeP8bPoN6F8miFkpOHMdwighhSK exmqwi2xo7PO9qjifFL.whjVo9ZqW.Zb2SKvYbHIDiavao325GaPYlxXZs.jinlpUy9N07aYz.BR WeM4BDjP8YdNunxnqMpSsNLpInaT6yyVP5iYE1b1IkC55yUChaRK__k6KcvmAKJVB.PljeMSU2gh 0TuLU4PGMmNWmZ6CaaC6qPluH7vlxmNYoyprKffcJ__OhhBYzNAFZ34msZ3j9FxgMw1euVQXo_It ZvwchJirLMlcAQvzjsNbXy13COwTfjmCd0gLMrGJ2IgHr9FlVX2r9lS5urQNDuLCkPgSTlyr6qkr sRshXzS6FuXhxggvKPYzWJ60fEaUlpHNt4JOyoRP924zuoUA1ZYPpPQ7j27fJovFOu6rD6OcSXOW IMTCnk3eHF5GEsKj4rLhkLHGuc3s4xnX28svtD44Tnp9hbKmhJSgg.GlHEmLiF13YAHAyr7FQkp. RGH.DOjDK4ZBYyypwx55p_KbEfGhZha.YBJ_oXMjs.u5Zg9PSd8FlIV873UCv_05uE5R9MXqONtI W.Hyuo2G2TMLtQ4qpyKGAvdpKkrtJsg_c9smA1QtINEvQUcWSewaImnZqe6RN94kuCX4NrrgIJLZ qA5PCYlyTQAv2eS6HiS.VGdDdyiX9CmJaxjRpBx7eoSHdfoF9HmLQYE90acZzV4sLYqH.v_g7JnI C7hiEoCNyBkZ29rN6VS__qOb7d6iFILJMzdeuv.pwo_DspvrYhZrVppW5XRQvmj2kf6zewq9sW6c C6C9.OoHRuG0xNqL.TOHHmhdfdz19p1HcSAtFWMVHi1DadzWbjoRyBoL9OChxPzeX6IW.a95.3Dv 5KGKWNTYJCuFKUPUiJBcYPHQ3xpQyGYcyz5XF8PoZ1MM.g1Owh0erPQTKFkR78op5kZ_AftkYLWz bM340ZDnFvK8xLDtP5BI1V50nniG7Hjxy4HASGaZZ4QbUjh5yTdCvKtUy2CB5G4952WwBEdLd6vG EJ5czKmn.ceTOixxuA0SNuDn6hwJRBw3objpZYDWwFExSKtifnF8_D7EeXCtwa6E5I.fCwT18Hu2 sTID1nYAWJ96DEu8xYKIMfbrzWyt5IO5Xmv.bu7By_eo4.ZiQK2SNFnV_f7m6.RVwUe0OGQzbHBb qIJNxe9fhVQ5NyPkv1b6pXsgEAnZgTQ5bkCCdS5k9KcQvU4L23YC7UUQvcE3md9WltME_hmL.AXg Z00Z_m_qd5ndToe2P4qrL4FHJg7TlVNvVwys28jUkRcCYNP8raEIozJnWyK_x8Y0mYSunH4dr6qT Gt6_uYRSvAdb5xLA5_A5a6IAgFb7dNeOOqbaoJrZ1TEiJPRqG30S69SLHwWQWE6DQZQIih_37V4k 6qDBGp8DLsKA3k5l2VrCcLOlFUcV.fK7MXJsRlNcX95sU2jShcxq0Mij1fos_v6caDcAdKBdhgOa ASZcyfGNQjhmOtRNN5LKxtloKK_oobYxwPG10WtE9x2y5aODR2ZM4wNZD6RVK.j8RGcG5Mdw.EZ5 Eqtfm.ltaYW5vGzX1LI7HUW3KfZPdbIIBRNABsVEH7cVSyAbCIM2THa6qxE4AO3Ok6VLCMd4bTxl sRH9EN0qBEb6sE1TR9O3Roh56hsclStvumaWUsEGmpY4zTViTtDg1kay_9XFFk4ztmqxHe.19IAU 3KYSiSwaErgd0p3M1cr4- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:35:10 +0000 Received: by hermes--production-gq1-d898c4779-9jfqr (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 6aa36badf2bf5369937c84807e956853; Thu, 29 Dec 2022 23:35:05 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 1/8] LSM: Identify modules by more than name Date: Thu, 29 Dec 2022 15:34:47 -0800 Message-Id: <20221229233454.43880-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs_used" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ include/linux/lsm_hooks.h | 18 ++++++++- include/uapi/linux/lsm.h | 55 +++++++++++++++++++++++++++ security/apparmor/lsm.c | 9 ++++- security/bpf/hooks.c | 13 ++++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 11 +++++- security/smack/smack_lsm.c | 9 ++++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 20 files changed, 226 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index f16337bdb852..54c0f54cde89 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -31,6 +31,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0a5ba81f7367..6f2cabb79ec4 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1665,6 +1665,20 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - identify a Linux Security Module. + * @lsm: Name of the LSM. Must be approved by the LSM maintainers. + * @id: LSM ID number from uapi/linux/lsm.h + * @attrs_used: Which attributes this LSM supports. + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const u8 *lsm; + u32 id; + u64 attrs_used; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -1673,7 +1687,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; /* @@ -1708,7 +1722,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..61a91b7d946f --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,55 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID values to identify security modules. + * A system may use more than one security module. + * + * A value of 0 is considered invalid. + * Values 1-99 are reserved for future use. + * The interface is designed to extend to attributes beyond those which + * are active today. Currently all the attributes are specific to the + * individual modules. The LSM infrastructure itself has no variable state, + * but that may change. One proposal would allow loadable modules, in which + * case an attribute such as LSM_IS_LOADABLE might identify the dynamic + * modules. Another potential attribute could be which security modules is + * associated withnetwork labeling using netlabel. Another possible attribute + * could be related to stacking behavior in a namespaced environment. + * While it would be possible to intermingle the LSM infrastructure attribute + * values with the security module provided values, keeping them separate + * provides a clearer distinction. + */ +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX values identify the /proc/.../attr entry that the + * context represents. Not all security modules provide all of these + * values. Some security modules provide none of them. + */ +#define LSM_ATTR_CURRENT 0x0001 +#define LSM_ATTR_EXEC 0x0002 +#define LSM_ATTR_FSCREATE 0x0004 +#define LSM_ATTR_KEYCREATE 0x0008 +#define LSM_ATTR_PREV 0x0010 +#define LSM_ATTR_SOCKCREATE 0x0020 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index c6728a629437..63ea2a995987 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1217,6 +1218,12 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static struct lsm_id apparmor_lsmid __lsm_ro_after_init = { + .lsm = "apparmor", + .id = LSM_ID_APPARMOR, + .attrs_used = LSM_ATTR_CURRENT | LSM_ATTR_PREV | LSM_ATTR_EXEC, +}; + static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1912,7 +1919,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index e5971fa74fd7..20983ae8d31f 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,19 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +/* + * slot has to be LSMBLOB_NEEDED because some of the hooks + * supplied by this module require a slot. + */ +struct lsm_id bpf_lsmid __lsm_ro_after_init = { + .lsm = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 1164278b97fd..76c5a0af95d6 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1445,6 +1446,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static struct lsm_id capability_lsmid __lsm_ro_after_init = { + .lsm = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1469,7 +1475,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index ec6c37f04a19..2eb1d65f10d6 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index adcea0fe7e68..fa0e6e76991c 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 4c5b9cd71286..eab35808f395 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 3f196d2ce4f9..9104133d04ca 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +struct lsm_id landlock_lsmid __lsm_ro_after_init = { + .lsm = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index 110a5ab2b46b..d5c1373a096d 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -203,6 +204,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static struct lsm_id loadpin_lsmid __lsm_ro_after_init = { + .lsm = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -250,7 +256,8 @@ static int __init loadpin_init(void) pr_info("ready to pin (currently %senforcing)\n", enforce ? "" : "not "); parse_exclude(); - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index a79b985e917e..e8c41a0caf7d 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static struct lsm_id lockdown_lsmid __lsm_ro_after_init = { + .lsm = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..8d0742ba045d 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static struct lsm_id safesetid_lsmid __lsm_ro_after_init = { + .lsm = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index d1571900a8c7..07a8fe7f92bf 100644 --- a/security/security.c +++ b/security/security.c @@ -504,17 +504,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -523,7 +523,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->lsm, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -2145,7 +2145,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.getprocattr(p, name, value); } @@ -2158,7 +2158,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 3c5be76a9199..7398819a0036 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -7032,6 +7033,13 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static struct lsm_id selinux_lsmid __lsm_ro_after_init = { + .lsm = "selinux", + .id = LSM_ID_SELINUX, + .attrs_used = LSM_ATTR_CURRENT | LSM_ATTR_EXEC | LSM_ATTR_FSCREATE | + LSM_ATTR_KEYCREATE | LSM_ATTR_PREV | LSM_ATTR_SOCKCREATE, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7355,7 +7363,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 9a82a15685d1..8918b52cff43 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4856,6 +4857,12 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static struct lsm_id smack_lsmid __lsm_ro_after_init = { + .lsm = "smack", + .id = LSM_ID_SMACK, + .attrs_used = LSM_ATTR_CURRENT, +}; + static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5062,7 +5069,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index af04a7b7eb28..a4658fb5ef0e 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static struct lsm_id tomoyo_lsmid __lsm_ro_after_init = { + .lsm = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 06e226166aab..2487b8f847f3 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static struct lsm_id yama_lsmid __lsm_ro_after_init = { + .lsm = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -477,7 +483,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Thu Dec 29 23:34:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083873 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 40160C3DA79 for ; Thu, 29 Dec 2022 23:35:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234296AbiL2Xfb (ORCPT ); Thu, 29 Dec 2022 18:35:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234288AbiL2XfP (ORCPT ); Thu, 29 Dec 2022 18:35:15 -0500 Received: from sonic310-31.consmr.mail.ne1.yahoo.com (sonic310-31.consmr.mail.ne1.yahoo.com [66.163.186.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C1A517580 for ; Thu, 29 Dec 2022 15:35:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672356912; bh=qFFxEtuz8a8J8LhylVuJUet5WZ/AIBJeqrF6DdEsivY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=j+E7ZkcM27O1QCtHcMr8Tec3AkM6Tv89wPakP7hoWjA2WfGPG5YHDs8ncveRw3K8mYgLXHojuoBHtDJ1/1R+QPQh9/LHePzhMRPumSC9b7iVxxyBcKNtJcSSKg814HOAdmVw5FfSbNnruA9niFi1SAU59Pnm1OeJQBc/yXwQY4d5WUkiuS+UGS9Qobptbmk0r2HEuZCUnwseaAEPn+cYorDf17hwIxGMGL6Ih13pdlDaLBJhYKeXH1WYiFLP9zB3X4DmN3nOrQqw/YZqpkEjjYZJPZi2kvDgZuHJ8LQ3+eS7la1kU1UbbkABio0+o+tzZ8pHQo+bcWId0EJ6doJr7Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672356912; bh=sq99rR1srJmjvmbuU0gmzal5ursakDxjp3eVlvLIcGh=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=nO4pectbb+0RsPRgtBmXfAD60GCFfj54qqaD5SyyfiOckiO/w1fdYK3VYOetJZVMKvteKEIbMWQFthEOT8JVSXoOhMo000dYynyYIcqbBRlarLb2RCnlig7FwauaIOJE98cEbiUlVguGZAkmlJVAcNkugeYRoov8ZAipYK8w059RqYSBwq74hIPSTiHl0dvjXBGY1r4GfLDpZTmxTsnzUp1LDyuWK/ilcy6AYgFZNH6SrLrsBHPWa21zl783H4OXsuOm76SJnxy4hsJSwM60h5Q19L8I+R4UA+ho4VhwUidVfw0Q9YW2p5DyF0sE80yoXrxs8bh74GDYxJ/R5ZQB7Q== X-YMail-OSG: 9Qcyj5QVM1kmMDjkHPAjl6wdIBSEeZsAZsj7AZDnGnU0eGc90a.8gVVpT_4PlsL wb1HKHtfzkfg5_7acCkN9bPHyKMuYg.x7UqzdxQS5Pt3LGfcTkzXLpjLZwaeKiNvTvu.YEgAEEfi 11C4MmpJizimxXJMj4mv6FnXeRiUg6Q7fX5atuWBTIbea_npHI_8UXNa4GrWZgh9aMh08zTGNKQx 8alERNd40Ehw91L0BeRuFOfu9GwYw.f63skv9i1SsQxabbWpfeU3FlT4.Es36n3Jq9T9rWwBkUGU xsUKGHDX3I3y_leJIqwa.bcaoxMQ7UQk6tZvetBEU1aYP154RExBV.a7qWt8clPOGCxzKXRTswSv vXaHXzxGO6xwsjeCvXGrkbaaNHXhXQxUqizQRT91D6nHn1Pgusafl4ebmBTHDWXXn2c6dLRw_A.I Rf0r7AMwxws3I37JzOoS673zrEdWYeto9OqsEzeZ3s95JDfMdlVvJApxXCRjYuPzS89Z4qQG3cBd YVaua9MnycC1IBMNMd6RghXvIYxP7o5O1zfvz_jNSfVk7MMMDTswzfpUJejqeihVrQXL_3JIaeer kZJTcE7LwJTxFVGLAbC6DC1eOmjFR.BRtYE5xP00iAuzA8Q1KJFmzCZPXmaD4FRa3c80V_WC.NXl 1gdlr.ofTrT7ibUJyJQ6ETeJu_K92e_k5y_lf8RW1kgmVI2XSpqIFynZ_wXoRPIpRdedjcrh93Po N5B1I0EMKetT55Ks8krFGMiMF9RNTpkRCwv5oq3c.X91pOuLSq9E73j4qokTDKAV1zkch2JJfW5k APC73KpPhuKc0Qvz.G5JUC1FpANisIoqChUk529jD5JaWJM43IdvCJhkkhX2zU.3f9YvBx3ColST 6hcA_VA6405TEYlIyvWjWMrs9Ha4bPjk_qoHIpBgFqGL7i.4tbgfHnp5gcwCZNHYWA9FDzpU0sbZ 40qjgxjut0QWLyMedyArsUvbchezQwmwA_z_LuPLzfxxgwOHD570m8vIPfc1ZOSp3vzn1hFnOBox WTyg2ocDJ8DrF1JXzg_h6FxnRGui4rrnMF0B2drU27xTZ7P31l4raBQTc3fUbsPpoXRxxp9YmtHX UJHB5TSIi0PO_P6X8hsnxMyuTQt98E7iARx7D75bA1mB1Z7Do9HD0gIFDdriew3Euy9uE53cnRzs MVo0tpkqbWeQwtfyW8BtKqtPbBuiDrvIMHNBHA4DEAbgflQQS3E.8L9pi3kIkKPCMHpsr0jF.NGK 6GNyh8tnxD6iyyR85v2fMLa3JDQbX2SZqbvWGMkxO_daXciPzgb.LLXAttwysPmrOXwotEKRMdbu D.5vI69JHpnQ2ytuiamx0z1gDSO4sIbLMafsLMeyB07nHAk_iPClq19O48R8qznSTr6J8EINN75r tPJ0.JfDR_qqASW3.SPkaByGC52xoBvpNgL4GJVqTcJd.HKn4z5k8dKcKgC1KF8EOG5c0YFWL7Wl tBynJG91d1Nw506dr1zYRr8l0jhc0Eo2wLQ9lulyVvd9Ml6KLFYwZdExlyA.26Ru9xXRgOW2zxle N6T2C3gTJ4W1MDbUD_uCl_2cAgzqijJi54Io6JzHijgw8O83liyZuebN8ePQIW7LznXTehEGp5Rf St3o9Rw36DWsHFMWs4qPAWgaHrHOiT2jcyYqg2ai0PnnTv8XqluXJ_D0uIJqVidLNCpVzf602RzT em4IZh_n1fzi2cPhBFpmpm3uOXxPw4gFpzFmfb.SfPgwF72QXWeWRbjKuyY9X18_iZSZlVFGs9hg q4YGwkfldA__gBvF8T6TAs6R8SZYy4BEe2oe1fTCdrzT3DQnrsvOqyn4k5gunBLbkWJiEGCVe42u k2ZkghhoMfFlNi_PRlmb3xy3maeZL6JVsHJ39icV0GYko1gRU9ivtMHDKX2lGh8VXT2Zlo7iP.MS RjqS5cnP.lXJHKy6_4_J0GgX1gv69wXpmtkogF4YwVLWgXZXPYCmppdd9lByLb0rEXoJquYQ5f4f zDzCsXHma_cphFrP4Pmtop9YiL6SSZAUQHp2w5ocTUceiOEwOYP3EIBkxJpk6P5_AE1KeYnNeTXn DA_NhcvHQHxR4bEnkx3QtaqvA1FJ5vT0M1KtTVB5AVD495Az12n_O.9BBQXjqMJJK5PHtPrk000o qlb1mp1qtbgydRwlCweek8xL1lpJsDXox_o1s7hendwumatzO54d_UIMOSRERJZs4HB3nw_yhpiN ILwJnafrZYQJTCh79QUtDm9.Dd9CEfAkiHQb0a00EgY3WzsfAyu6PDj9vvjl9RZ9uSe4XryvOorT hACUZaN_ag1tFZUoA1g-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:35:12 +0000 Received: by hermes--production-gq1-d898c4779-9jfqr (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 6aa36badf2bf5369937c84807e956853; Thu, 29 Dec 2022 23:35:06 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 2/8] LSM: Maintain a table of LSM attribute data Date: Thu, 29 Dec 2022 15:34:48 -0800 Message-Id: <20221229233454.43880-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Signed-off-by: Casey Schaufler --- include/linux/security.h | 18 ++++++++++++++++++ security/security.c | 18 ++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 5b67f208f7de..e70d546acf3d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -139,6 +139,24 @@ enum lockdown_reason { extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +/* The capability module is accounted for by CONFIG_SECURITY */ +#define LSMID_ENTRIES ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) + +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; + /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts); diff --git a/security/security.c b/security/security.c index 07a8fe7f92bf..4acb14500bc3 100644 --- a/security/security.c +++ b/security/security.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #define MAX_LSM_EVM_XATTR 2 @@ -341,6 +342,12 @@ static void __init report_lsm_order(void) pr_cont("\n"); } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __lsm_ro_after_init; +struct lsm_id *lsm_idlist[LSMID_ENTRIES] __lsm_ro_after_init; + static void __init ordered_lsm_init(void) { struct lsm_info **lsm; @@ -388,6 +395,7 @@ static void __init ordered_lsm_init(void) for (lsm = ordered_lsms; *lsm; lsm++) initialize_lsm(*lsm); + init_debug("lsm count = %d\n", lsm_active_cnt); kfree(ordered_lsms); } @@ -513,6 +521,16 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + /* + * A security module may call security_add_hooks() more + * than once. Landlock is one such case. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt -1] != lsmid) + lsm_idlist[lsm_active_cnt++] = lsmid; + + if (lsm_active_cnt > LSMID_ENTRIES) + panic("%s Too many LSMs registered.\n", __func__); + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Thu Dec 29 23:34:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083886 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D1726C3DA79 for ; Thu, 29 Dec 2022 23:36:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234149AbiL2Xgs (ORCPT ); Thu, 29 Dec 2022 18:36:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45406 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234016AbiL2Xgr (ORCPT ); Thu, 29 Dec 2022 18:36:47 -0500 Received: from sonic305-28.consmr.mail.ne1.yahoo.com (sonic305-28.consmr.mail.ne1.yahoo.com [66.163.185.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DAE3910FDD for ; Thu, 29 Dec 2022 15:36:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357005; bh=KX7zkZBp7l2N6LQXje2QMwa2gNSim7yyh6UG4FUkUF0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=uc50UwulxgAu58w6QoDI5F3YFxGnrJZDfQkBeovPGBqko2oAJlvfH5UrzI4cQXoATfI3q7ZoX4Ag4KWHYVp4Zm1Mi6H6slgq2phq/Lqajt6P6rM+3MWeM0Tnur5iJgXrROUNEt5OXrMCSfTpvkaCrasJ+GFBGFpIqugzp3AOA1vcBDu7bTC17wKNx18G0q76daD1KN9PTxAQgeyaNISyJK5iN/tU1ACYkabrQ5USdSQbh/SQDU43jEyXRA/b0RKLkIS9X/qw6RW9+CIU7jXhdeC7QT5sGJcITRjkKKsNVwo49rvqoLeyh1lUZ8NWAo07b2E8mDYK3cNjINlkR1aKHA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357005; bh=5siTqCkMZhl7EPjmtvcYXVp4wf4GBa2tKpAXrSwUY+R=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=c3gYhLQmmGtgpe3VWrxW5KAXUulnJ6XeaLmtZdTO/iux+8gdFsEHeZFxnlppWqvs+RmhZm9hZrudLVTx8sI81OnIs4acvy+QnDlWv7DNEkS+LTfkEi4u1Jbm04T7W0/ukIMZ8D2xxrekgg+6A7KmQnO0WO6GVWESpHI6fTxHUTtQbR4qHt2nTABX0GQCWF/B7nDfEacwU/abLdochxo13mQaxG+GD1JzqAtJXhP8zE+4UEb42/7OqY+pGBtuNkx9BaaGBH5FkI1LPlDhozJ1xxV+OV8AohWTTlXCUBu4DrMTbIi84C/spXFIfklqJWND+9zb/5GRCwHWh4S8oGBfJA== X-YMail-OSG: rfnpcZ0VM1nkfoQtImrlwySptKCmE94Q.ic5B2yMX50bkK1hNjKp.p6dYCIBA_V hNUiNcL9V8L80omcga3yXBmSTSAcSYqOaC5q81kuqUVreygH66If5nO_l8_7gVp9Y_y7P2VuALK6 G4qat3tLACygqhqegI.In7AP9GwuSS7b2.j9cBnHqCPAOd7Oo_tPEfJwqnQZscZp9KP559JIATR2 0hx4A70jtRMGBZUFOz8SZLNk4DYe9WxHYAEYkiEunw_7kaYHEIfGoDKbcI_EdF2YjOnRPQQeNCSO lO7One3asupJOanlAVLKryNwaaauyaNv1R53MTkZOH_4fFkC.5C64a_ot05ccI3EuWkEH8Jpbxet vQ0prPfFhCkwhdnjAX_W6B69t526ffSplAr_DURiwMGB.FprJULAv73GwH1TmJnYnGwBuGea8Ku1 92pVooU_8WoXk3GvEuPFSmKziHSJBwMHMMxk5lesZhEpw0hCxASsX77GO0F5JWLBk.KfDZEvZWnm 42sF3gac.Edzm_ijxS87mVttAtyaALWDHEBT59VBKiwEH615ZeptKpqUTypF1WZoqb4dajQE0ZEO 3MRqpdetmC4pTEv8HO1.rmGb_EapfgElFD2bzmL2sZN2TEYPDud.naIATQ1H1BX9vf5cLjhEPsHL NAuvThHHAs1DIC8hFSpSRKsiv7oGAhFS5CAPC0D.Cw9GAstSDjRACSV4bJuCA6x4.yB37gQvcaLM Fd3Wp2mLoRpy0ob5p7jgYD_q6W9V1TytxVn9qRbsTMx93gPCsAhQG64WCdhnsv1ppJNJZlKHg8wG YqZ4lzdRYomFlSQfeA3FCLwWb9N7G0iHxR9yFnIAFuJtKmnHhdNDpFMcWnGJ88wr3Qg9rdI9PM1b Ti4E0r.vCJead3eTtt.ARvhYkAM9bBcOdpDiVpTTEfyVjjo1BE3RJrEDR4Yr_ps6RFh0lj7AXZ7K Ju9QGxxmyx1u4i8wncfViTa2KNZ7dSoT8eE7xV_0j..pG81PnqHDIQtw0Bb1xTphSLiqJvPVzSce g9jE6tJoClyTqMMF41Z9WPs5gmKiOeDErhC9YWFOyVh4IwUB5DBanYkmNowU88sJTf9J_BP1e2ko MZc2_jcA6ftZ3c8ZYFUAFqtyoIqDIs1q42sqmMe2R2wKsM15YLRIaOAvF3pfBd_lxqIUMX9.JR9p FVpIeMVaVfL4iixsFRhcHfTkGv3Mj2QsCgASdIP1EKeZcXhIPHugEpFOQpOG68bNtXOL9Gin2.Be jNxBzEfNLLVzC0hZ4O18ijvIBog2GaFrfjfWBNkXy.xHDYBGS4L8fvg9.tYTDy.INZB7_3BW04pG lcxi5WpJf3Fh4ue8CrEoe6TJ2kUCBNxS7S3iLNlQP9spq1OLO5Dv38ANYX_s7K8.d6cqoAC3ovFn sk9dQFVqN5m.YZb9IA9yppIRzqt7nFz1pQGPtjqts5FE7qFtyzz2x_zOlfYFdZfup41d4f9WqfCZ ibOfOQwxsbhuXq80KkBKcwaMveBSjwGfMZfk0ZBLb8uKC7Bc_UFqvM_SZGY1Lnkk9KlbbBuv_apg Hay6LdQ899MTVUj4HWgqj_uCr7iTNpUoiAGYh5qFD.ipm9bjBhrMzaRBXbWPRf675xii9uvfM2k3 XIyi0Qz49uqiBUSZygOrJKITWYuNiUiJzV7zQwdXOvPuo6dtOcVM7t7UWIBiqb7LKtIsRMkEAYKw G0cNdhmlUYJU4rjRayTvpw0G4CL4odaZO8GxOEQejDuwz_Q4QA7nkZ7YNmh1ya0StiFfZ5lMoyEC aMdHbZbRZ1pWZ9EfX.L.L27rR7HmuBt_P7YpWdmFqp8YVmnbfjFz6Fa8AsCz1q7WmuHiG_KW1WpB xgGzZo38u.4vvluvmpLKJAIbEuUajG3SZ5W_cr1GQsu2TG3l0ZRYCfcFsD_nh26dHiwcchWHdawo p6RH3B2LT6jlX_9GajVMsAdmgr_wEopBFKyVUNVSc5xzmVDshM6oZy2ju9v_zj2_jlbuihF5pvyF 6moRC4ZXfzGVlAtVjFTtgKM2XEhAk6DEGmv7loM7LwsCBa_D2ZBdZPfk91Nj4WqB5yyuFGz5Nthl 375IfGLUIl_eyA38VtHTI7r3YKZVjH0jUW4iGAFgHB1rKSVHacWq98jfD8LPsMLlxGFZ131YHfTH 1gC.vKHQJWx2QWUAYfsnPJKyYonbVRljgrYBd7EmPdcEdpPHSNj7rBBU3w7UYh1j5D0xf2mekpaY SUBlW2FC3Ns6P2awgKt6wQelckIecQWG1FCMiTSNfGw-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:36:45 +0000 Received: by hermes--production-bf1-5458f64d4-x4bxm (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2c9ed6e23ac4176228a90f5214b07a1b; Thu, 29 Dec 2022 23:36:42 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v4 3/8] proc: Use lsmids instead of lsm names for attrs Date: Thu, 29 Dec 2022 15:34:49 -0800 Message-Id: <20221229233454.43880-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 11 +++++------ 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 9e479d7d202b..9328b6b07dfc 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -96,6 +96,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -145,10 +146,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(0, "current", 0666), + ATTR(0, "prev", 0444), + ATTR(0, "exec", 0666), + ATTR(0, "fscreate", 0666), + ATTR(0, "keycreate", 0666), + ATTR(0, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index b701d0207edf..18db9722c81b 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index e70d546acf3d..18a481fef7fe 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -491,10 +491,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1362,14 +1361,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 4acb14500bc3..dfbb236fcc39 100644 --- a/security/security.c +++ b/security/security.c @@ -2157,26 +2157,25 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } return LSM_RET_DEFAULT(getprocattr); } -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Thu Dec 29 23:34:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083887 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 96746C46467 for ; Thu, 29 Dec 2022 23:37:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234085AbiL2Xgz (ORCPT ); Thu, 29 Dec 2022 18:36:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45482 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234310AbiL2Xgx (ORCPT ); Thu, 29 Dec 2022 18:36:53 -0500 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BA1711743F for ; Thu, 29 Dec 2022 15:36:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357010; bh=yIZDL+loWhQ91i9wAobBmT2TNK2xy2hYrhpQg0egCv8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=GBjaJ5qKnutn15t3Oeb220VDuWziVT3qHpR7OvWg8Yxo3L+JOUc1UtGZIUQDLGnUxz7nscFqBbivXOIa4mvGumlDLTdoUij2VT2zNNdLN0iET26D5H6omAt+X7GBkFMoRd3wPhoNAONgXfzZ2xqXk9WweMPufgTQSa3tYXn8BfBmEJ4mPn6UtB6DbpZFNfzx/VbjQA9GPraB4E2tHq3DY9Aw8vvuh36jhJj90TrsZuSQz5jDaxC4FgLV7vBjkInXxv0QZ67OHF4X0SjIhj0NzyPl6Zesz9+MOxkdpNY23QYoAQrtgJ9DKSmPtswgTwhcPl98Tuv0PQJf4TelmZGghg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357010; bh=LeGO85OMFRKdRZudytXKPrHuvkqLsJnj/M5v99SEm04=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=NOfyEA3sgd+P7syRDzplL6suA+NOXjXRspS/DYx3I8RgKYuuuc+7eG50O2XvjOTIw0DpsMAr0+Z0P0VKkauuZRB9KDi1zXigxiTSXBWcQ54AnU/7mzudUPPPQDO1j4yR6J6GB+cDAh/Yn0HV7g+5+Z1WPlKEVxkFcpIq9JjXIIcFHotUq9mlvJgte37n+8MObYJ2BXdkjW+5sFJMiM9OArrB1pA3pEpwNyDM+7/Sr+yk68OMVfBawLvtsGYZNXie5qxOLDVxr+FR6+qQuTZ8QIrVeOv3CNd5BTZq8qk5tH+37+rfMtXOiBX4gLqlVGYm4D8QQ1hiD35WbCBeH0tKNQ== X-YMail-OSG: bHwmwTQVM1nAqqtx6vuNUi2HelT4W55Wqx4n.WaEDa9KYcUBHF5u5ZQnODwWQEQ 4O8u7qTuYdmKik0sHaBbEIEXEzfQG9MREaqzhB21TXuL1ia6CbV9ICgDx12RsTxy05BtqRfSYriu 1UqjcUAEj8eGy0oBwNm4NeQr9kMtELE42USwpFRSATpq5q9EtEzU_3RR_qCrgMGV_qaLt76Rjxg7 ikoSJacbtMJYmxIV9k7_Xrq.xreRwZPl_jXmFpeg8jgtkxsjffbOLYO8WAlDrhAjcnDsoC1Q3WTD mv9TGm01X9mTGl7.AaOhOmtOBv0TAv1YIK0VMj9iSJrDEQAS1q90JCPaZ_fG3RptI3ujlZ_CfZj5 TmQrYIC502Ka..cPnD63u.EYMSc_UNQUxQRyHbaD.717AeZ9xE6KgdjuW10boYT7M1Ly4Su_.QLS Er0_268NF0pdeZQ7WX7ruREPYCMmEDw8YOtx8R6yyNiHHn_87xAPEpZ1h2GfoSfyaizFfMP56nbh I4Vk.CbaRjPJQPR0ODlH8468Tv7ETrdVqVimMbqcv2TZRmJyswDLc1FjhSRDX_t2oWk.WRp4hDwg 1.5oQHAeJrjH0mdURrhkYcJpuqZqySCLTg3ErU1o9rzGFjXxkGREvxmbHTyCwm58VALN605c3REI .iDDHZqRLQewOrNAfwO2DAdNaaZ5DLDC8HxTGi5Ql_Y0TNQ.UqaWZ2YLVXTyLAMJsK7j7ClV8u4U gvZ325pKKxyqRB2CuTin0RyNL6QTfmiH5W3UzQWj91fYkSkHBqabFkuD1slm_gB3oLWEMSHNlnV7 mf5uX070MohtTMYsnCcFkAg5OHMWaRjoh80W.3fj2Qk8DdXGs3AwFJ0Nj.ht9_g6HhRY9NYg19A. RCFX09Se8oBS3biY5x37sC6i0gS2FZjrEQml2RuSoxln2BX09Z.A6y6Rc05a3j_sapXijxUu4Pej 11uZyEDKzmbssyAPvSZXitrsGNnP3ogG0YK9Azufv8Pn_WCzug8vYjdXA6IeJRVazsN2V57x1DPe lmN2krvXzDjGJG1MN6RnGm8NzjTHqtdXe3ewNZ02YXH7e1mwXH4MPrxK_imXUPUlaOgrtn.WwhX1 VqF917tVzylwOrOa1q5Si.ptdyac4BPYrSFeDn6AO1IFCh2ZL0ewltpWGgxTCf.pqbrfcvKpqjxT PkMeJQBdHXZ1HbG7bhwGKtPIvEhWyRCaZAz3WArgk9my_QPAxqNqh2AI2HUEMRQIgZ88WiM1bkk5 .fMMc1KnJlh_Ay2BlyGxUbXhnR7j9dt_xwYLRM6QBAruO24jPViRak4j6_hOrjEhrVYu5dMc6D7Z UNRqcoFTp.pOlXRsbbwCgh7xLdgoR.H4KFAHMhMevFHAOlM4Xyibmsgcw8gKUU1z8OyG211gXM4F vW_sm1Y4chK4dZ2AXoqgEL7KQ3HeFKa.LxEe9MTv4XMYzj1iCrQxwCNLccPi7UKD00a31q8gF8k9 UE43J9F4ezlohrF8NAvrdrgc8QCAroSkbxR8FbsIz7OLQ0R9EJGKUgKfXDNrbl1NBQE9hR8E18eD tlb_Ehy5ETFlCjxoJKQ0jG1L4t3cy5lp0LQXPrnWqoxJ.mgYETptRRhivuRn8Lcq1c30_rNdwvj4 a2aX.atiY30Ut0yPH6tH4kF.PPQLEOW3ef7eWnsszc5g16gk_gcYSBVl0Azc7vPX2e49uAQxC.bI hrwG7rEZ5MEGWo57AKnBWDqgtsuNFURjcXPAXeAcMeEGbid3zDRPlNENffeIn7D2jeR0Mh9hlp5m RwPi7spMKL1ag35.cKWZgZOpJn15QlrFxoWjChAJ_PRoxifCAYjsaW9I.F0KZf6E71e1L923RkLy gaU7tTrjVqSz1H2xxu5RaPaNqkwxZv52GntcP1l7ZpYZ45U8hIhkXdqs5GXHEJr7i99_775fndCK j6PNJPBH_h9TipL6YS_8.4_RPv0hneX_KCwU2xYOnUOGQsc65..dHu.0.bkRaofdYTlncDI4uZMy PIP1QPKbUgFRlklujSgtSKkJLAllvCabG0TQ3M05tCGj1E_RjG26Fx8ijAcyG4EsiUc58pqTWWP2 N0dRXnXMMYlnoz56jMoPHOvbcLSyboRvEdSrvBzY78v.1LBwdYPgkMV88K8xROpzp453X2VJ3mAz UZUVxt6hO0xFQVVSIuQG57rCrBXvm1Tw_Fc3X9uYj4inddLCNZjcL8Vjv2gM.zxV9Z1l8CVYkcLS 5bh_OC9bBBgB.M1M_F48X8seui2uhUT.JR3b0vV_u X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:36:50 +0000 Received: by hermes--production-bf1-5458f64d4-x4bxm (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2c9ed6e23ac4176228a90f5214b07a1b; Thu, 29 Dec 2022 23:36:45 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 4/8] LSM: lsm_get_self_attr syscall for LSM self attributes Date: Thu, 29 Dec 2022 15:34:50 -0800 Message-Id: <20221229233454.43880-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. Attributes are provided as a collection of lsm_ctx structures which are placed into a user supplied buffer. Each structure identifys the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module, but will always be \0 terminated. The ctx_len value will always be strlen(ctx)+1. --------------------------- | __u32 id | --------------------------- | __u64 flags | --------------------------- | __kernel_size_t ctx_len | --------------------------- | __u8 ctx[ctx_len] | --------------------------- | __u32 id | --------------------------- | __u64 flags | --------------------------- | __kernel_size_t ctx_len | --------------------------- | __u8 ctx[ctx_len] | --------------------------- Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 9 ++ include/linux/syscalls.h | 3 + include/uapi/linux/lsm.h | 21 ++++ kernel/sys_ni.c | 3 + security/Makefile | 1 + security/lsm_syscalls.c | 182 ++++++++++++++++++++++++++++ 6 files changed, 219 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 6ddf5506110b..98a0c191b499 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,15 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. +Kernel interface +================ + +Get the security attributes of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..a89205c70ffa 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; #include @@ -1058,6 +1059,8 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size, + int flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index 61a91b7d946f..8674d8c6b326 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,27 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context + * @id: the LSM id number, see LSM_ID_XXX + * @flags: context specifier and LSM specific flags + * @ctx_len: the size of @ctx + * @ctx: the LSM context, a nul terminated string + * + * @ctx in a nul terminated string. + * (strlen(@ctx) < @ctx_len) is always true. + * (strlen(@ctx) == @ctx_len + 1) is not guaranteed. + */ +struct lsm_ctx { + __u32 id; + __u64 flags; + __kernel_size_t ctx_len; + __u8 ctx[]; +}; + /* * ID values to identify security modules. * A system may use more than one security module. diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..7b2513d5605d 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,9 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..c109a0dc18fe --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,182 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct attrs_used_map { + char *name; + int attrs_used; +}; + +static const struct attrs_used_map lsm_attr_names[] = { + { .name = "current", .attrs_used = LSM_ATTR_CURRENT, }, + { .name = "exec", .attrs_used = LSM_ATTR_EXEC, }, + { .name = "fscreate", .attrs_used = LSM_ATTR_FSCREATE, }, + { .name = "keycreate", .attrs_used = LSM_ATTR_KEYCREATE, }, + { .name = "prev", .attrs_used = LSM_ATTR_PREV, }, + { .name = "sockcreate", .attrs_used = LSM_ATTR_SOCKCREATE, }, +}; + +static int attr_used_index(u32 flags) +{ + int i; + + if (flags == 0) + return -EINVAL; + + for (i = 0; i < ARRAY_SIZE(lsm_attr_names); i++) + if ((lsm_attr_names[i].attrs_used & flags) == flags) + return i; + + return -EINVAL; +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: which attribute to return + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE3(lsm_get_self_attr, + struct lsm_ctx __user *, ctx, + __kernel_size_t __user *, size, + __u32, flags) +{ + int i; + int rc = 0; + int len; + int attr; + int count = 0; + void *curr; + char *cp; + char *np; + char **interum_ctx; + size_t total_size = 0; + struct lsm_ctx *ip; + struct lsm_ctx *interum; + struct lsm_ctx *final = NULL; + + attr = attr_used_index(flags); + if (attr < 0) + return attr; + + interum = kzalloc(ARRAY_SIZE(lsm_attr_names) * lsm_active_cnt * + sizeof(*interum), GFP_KERNEL); + if (interum == NULL) + return -ENOMEM; + ip = interum; + + interum_ctx = kzalloc(ARRAY_SIZE(lsm_attr_names) * lsm_active_cnt * + sizeof(*interum_ctx), GFP_KERNEL); + if (interum_ctx == NULL) { + kfree(interum); + return -ENOMEM; + } + + for (i = 0; i < lsm_active_cnt; i++) { + if ((lsm_idlist[i]->attrs_used & + lsm_attr_names[attr].attrs_used) == 0) + continue; + + len = security_getprocattr(current, lsm_idlist[i]->id, + lsm_attr_names[attr].name, + &cp); + if (len <= 0) + continue; + + ip->id = lsm_idlist[i]->id; + ip->flags = lsm_attr_names[attr].attrs_used; + interum_ctx[count] = cp; + + /* + * A security module that returns a binary attribute + * will need to identify itself to prevent string + * processing. + * + * At least one security module adds a \n at the + * end of a context to make it look nicer. Change + * that to a \0 so that user space doesn't have to + * work around it. + * + * Security modules have been inconsistent about + * including the \0 terminator in the size. If it's + * not there make space for it. + * + * The length returned will reflect the length of + * the string provided by the security module, which + * may not match what getprocattr returned. + */ + np = strnchr(cp, len, '\n'); + if (np != NULL) + *np = '\0'; + ip->ctx_len = strnlen(cp, len) + 1; + total_size += sizeof(*interum) + ip->ctx_len; + ip++; + count++; + } + + if (count == 0) + goto free_out; + + final = kzalloc(total_size, GFP_KERNEL); + if (final == NULL) { + rc = -ENOMEM; + goto free_out; + } + + curr = final; + ip = interum; + for (i = 0; i < count; i++) { + memcpy(curr, ip, sizeof(*interum)); + curr += sizeof(*interum); + if (ip->ctx_len > 1) + memcpy(curr, interum_ctx[i], ip->ctx_len - 1); + curr += ip->ctx_len; + ip++; + } + + if (get_user(len, size)) { + rc = -EFAULT; + goto free_out; + } + if (total_size > len) { + rc = -ERANGE; + if (put_user(total_size, size) != 0) + rc = -EFAULT; + goto free_out; + } + if (copy_to_user(ctx, final, total_size) != 0 || + put_user(total_size, size) != 0) + rc = -EFAULT; + else + rc = count; + +free_out: + for (i = 0; i < count; i++) + kfree(interum_ctx[i]); + kfree(interum_ctx); + kfree(interum); + kfree(final); + return rc; +} From patchwork Thu Dec 29 23:34:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083888 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32F04C3DA7A for ; Thu, 29 Dec 2022 23:37:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234286AbiL2XhV (ORCPT ); Thu, 29 Dec 2022 18:37:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45484 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234319AbiL2Xgy (ORCPT ); Thu, 29 Dec 2022 18:36:54 -0500 Received: from sonic310-31.consmr.mail.ne1.yahoo.com (sonic310-31.consmr.mail.ne1.yahoo.com [66.163.186.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F69210FF3 for ; Thu, 29 Dec 2022 15:36:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357012; bh=nXuYCBxN4Zmh9IPWHGdwx157B1zGKh55272CrsdwG88=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=cFmUyHHo4cSiSAhl84uzkmvW6nphZiHwW7+ZeQ9AdzKhZ3dFBkdMB9NoeUTR9qXZiwO7R/XcWIwfwY2TNXVZpXz0Q7h/T/RN5DSCNAsJSveB4Y0BTIH0LMLFswkeF3xD3j1Ol9RvuM1L6VeIPvUlAQVrnofvyeQzJPdq0+Pc401N+djhR8rHSzEvKpS2csPKIirlIWqkmwq8UihUo5kdtNwb59BmNosuMo7GaBKYcSYYzeEMd7WJXaL6wct7/RAUBY7x+SIiNLc4n8hFI+YtDAMlVDy+ikiuZrY6fUkwA+WKyRJ28+NkfuvSeX5G5JqMwr/V/1b6zrJdLBPqYNgsXA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357012; bh=ICwp+xM9QxAlmAG6BB6zrRN5SYpylzaRB47F+tKZfPp=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=gzYcRC2pLO1kIMGhc0rsItFCPon1mAqnswGUkRFCnQxD0vnBPpVM6on4kmTHQ6qPVPbMMuvvEDn2m1voKMemHt55viI8n+0O11LLevocj/98uEef8/CD9lyCbV7dffTko9SCx9HYt83wxQp1y2iYlxifCk50pvyZLoawpNZvft4Ubojpp49JX58QfvnTJw9yVBdPb7kkjusNj2321Fvckza3u4m34VS1BnH/V0CTbhCpjJEi6c3/GSz9XuwyCyI0k3dnhnsIhHwGXpNkC9Rsh6LVmV8Hg1p7fo0Ca9fmGYV3gQpTHMYhq92v55tDdxIRtnmWwnWSBUWIigyJcx/a1Q== X-YMail-OSG: _sWu6zwVM1knPpwLX4.ZIAvnGh0VpVbKuQEWdSA.E6j.w8MlZZ.Hw_70TMRoXiq Unu_ZNxbaEAMtAOK5z1nfa9GMioWcjUCKWJFpngfLff2aDT6YjB9HtxjKaPtYnkWPB6KSGkq2TtZ BbeCXUP7FYchn0z5CF717JIM3rXcfk6ZMTYmEevHj35KKGEdiNNTany5OSN6EWBStg_g.BLWjTGq u9vYPx9oPQ2Awr99TeUkjcNdyZZ2skQyf5jsBiBuaF5ot.RFl4SCfwLUW.lH49qGufK2Of9Jg0SE jxUzUQ4jncSikHHtDcLMeJtEbuIwPMKRafAsrH.asLulZhahTDXQZpS5zYoHFzP4imMXSfUcl47v iREIZBpf2NxrmLxHlJlY_TprgvJB.Qo2SuuoX1Rar5NYxrhWUt1qpTxFWJ.hPWTPmPb_3jXcxFCH _gb5_untj1SxAZrwkuZCnJTav9q8INfvLvZT.isjKbBD7ZtEhKvn2zvytSjytd6HjqESeUpZ4PcC WfuWQ6VgeJNR16Qis5QubkElYYIoCRbLvdFURJeclR6wX6WXOmqkGMvQcziO.tiJcPErN.zrywpR zrn.9PerrWfrNrOifYtVkukzrvjyiKE4wsgw3nqmQUWyQHou2PjlQ0zJJyBp73SLx2D55mbruwfR EJmIJ3mxV8T0D_S4Zue0WvaEpbrcQzUdFWJVqWmMlL.xbXuVlBJEVtXV3sfeClMaUFcmIbbb8aBC 2OVuOAIsnO0PaGVvt43VCWQ4rPgLv5EFtUiws.PQm8YF6EGpO9Hpn9Opc18fwuPEnIvmYSbKaQqR _msG0OnRNVCqGTPQUWbnRXHOHk.lyO2JggxclcvnJNvXOik.szanrZGJMeESTUD.GNfKBy8LLAOG MkE8sD6sbMK3NINaeMiCMP.4534SXWZPC.k4OGsfyg6dxURxB3l1suCBbB0k2S0PMbwnzfLdxOC8 kukKUEmUMqMb.fOz.x7VJjZIiRCjbHP.b86EKLddlydunFEkT94U_pqsRLXMyWNRkYd9dXT6WFx2 _HXYeaqWd2XgANsiCL7o_Vl8ncLxf.hlkYJ3Y07Y5OkRaGeU0zPVVIzua_aq9hkhxzNPKrnXm5yX 3O.gssMUgb8YWnpQwHRpVT_8W0h15vyRXe3EArFxD5.CUnrSRTuU1lvGY_VZZy_gCz1wQjuCUj9C fDSRBU94UNumGSUtrkqZnXipj461kOj3hp8HjJSVKknqHiGlVWdTrM8Nr89LuPBaJiJ0PJzg9.9_ K_AfelbEaFM3RJinOUN7gO.R3zrtbCPFU7CQ1kZ8Z6kaB1r.RWw2RwtWlbrwCpplpecaGPkIsfVm JaxkxrWcjL5FzFMnwoZeu5rzfTA4sr04R12kk6pnFgHZ.pzLSrMa2brHgfxeW.0h4PDgq17MEZzS vTq.UZlit8jK3vLuleyqGyF8FKcZDl4VW89ygrbZ5iC60.EmlyudkMcLmgCfXu50DuHjrIubShnZ T9hAYQYNAzjBJJZAhuRGEw91EV4JyLrMt4TKicVxx79ClQBH9COX6IQtgJcwpssE81rD3LoM2Srm BGSfiTYdh9zT_G6mJt130mvaSOThs1QetjVgCws7B4hGjF4m7TDdpS6o9HwH5cWUDThelar25_0W YmuOZVLtHgaT8_rH1isXx.hpDGKeO0TNpu2CKUivsUFs2mzIpokdtrb1PrNKx7rXFH8SjMDQQX91 i6rHu5SGUI.xg1C9.yrnKmzatrzRaoZbNzTIuTnCqhEp6mP4TvAPGPODJDlIKfiKcXdN_OFcOgIv oSWQWARi2QsH6mURHqEtfFQ6G1C8mpnz1pADLT0rI4pF37huI2f6gRQ0V_s6wg2ZJkqKZcmYluLQ axEGmDKnyD3_.4gAQ6LO2iY3O5LNffu55jk_DepL.E0Gno2GxvKsN_iYA7QNGEHyiGhrKj0Tg8y1 HYErJQAL5AGVXUKdIRSBQnONNmbBDf8tTJSlp_ZA.1kn8qs37JnlOSQa0LmSZ7gD1UAJpUrivwmh dLYaOYKgE9sW0BafhDdG6lGHhies5cnDCJdePZFBQGz.s2Y2vFYsWaB2e0tdEwOiTpl2c3SL3ILY ybPey5nxAJMErWpOlzjTTNQHaVSkvkGliZRBAak2_MolML8r9yXJdy3a5hbUuUTR2dk83BBjhjxe gt3U9HYLXKpqpaPtnm51qGEE3w00906Y_x6U1nOgWBoo.iSVKgAeQQOmFjjv3E1.e7incoR0b3x1 7nN30zOD0YArwJV6JoGosN6RvgndbhLQC33nR2Zv8 X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:36:52 +0000 Received: by hermes--production-bf1-5458f64d4-x4bxm (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2c9ed6e23ac4176228a90f5214b07a1b; Thu, 29 Dec 2022 23:36:47 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 5/8] LSM: Create lsm_module_list system call Date: Thu, 29 Dec 2022 15:34:51 -0800 Message-Id: <20221229233454.43880-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include chosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++ 4 files changed, 46 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 98a0c191b499..e342d75b99ab 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -57,6 +57,9 @@ Get the security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_module_list + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index a89205c70ffa..9eb4cb6bbeb1 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1061,6 +1061,7 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l unsigned long flags); asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size, int flags); +asmlinkage long sys_lsm_module_list(u32 *ids, size_t *size, int flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 7b2513d5605d..af1fd28c0420 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -264,6 +264,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_module_list); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index c109a0dc18fe..3838cdf66310 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -180,3 +180,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr, kfree(final); return rc; } + +/** + * sys_lsm_module_list - Return a list of the active security modules + * @ids: the LSM module ids + * @size: size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_module_list, + __u32 __user *, ids, + size_t __user *, size, + __u64, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Thu Dec 29 23:34:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083889 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ACED9C3DA7D for ; Thu, 29 Dec 2022 23:39:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234246AbiL2Xi6 (ORCPT ); Thu, 29 Dec 2022 18:38:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46818 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234276AbiL2Xi3 (ORCPT ); Thu, 29 Dec 2022 18:38:29 -0500 Received: from sonic310-31.consmr.mail.ne1.yahoo.com (sonic310-31.consmr.mail.ne1.yahoo.com [66.163.186.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 624F510FDD for ; Thu, 29 Dec 2022 15:38:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357107; bh=qDe7dJsVo2SzNvD/njTcHvmCWggB3sey+6Knm0SuJ/M=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=BG+aSkEzkUgDAcAqLxI124SDRQiPfRaJ9xHMCJA6PWG9NRiUp6KgQBNN+sMVWpXvyfidlivH1ZQMViHRo214cWcqVfXYPaPQk1efYLC1DHs943XcvT2e6ERDzCsS2uKWWkGVvfFBQstVLSUTlGwCQm0fGq3WE6qr8xOp62n2H4s9H3TX0aGy3Ahg9BvPJfmfFeimVFQ3ZmoI15RZiwEo+raq6mU5Lp5jVACy2iwNDURZunOONHuaqx98ARPpvHjIMKABn2719fVkKPp69v4Hp3Gb++P6ZulduuOyWrc/aH9qVx89YUOh4gtv+DpJRGy4OgdUjDVCDbHO/vnEySlSEw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357107; bh=JP8RdJaSlRdwEQld6o0kJYv7K/BnKJ8+Gj7PN1uNpQy=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=PPe09Twrsgf4rua65JtZI4n4+zoNkXOz9xLalxHev1gi0u0ujtEmQexx5IysHGtAjEQ4bs3S/2hc9dinkByBTXAPdP/aqFDl0IxmujMS5X32EzyRMA6co/msthnh44ydHaloP5R8bVpR2grxRjxtGn/WL2yHKi8o+oAO47mhbBg2Hwg7h9Gak7HPN/HhloSg89JaqOLGRClsJHKhlN/O2qdfk5Ac3YPpBlSWESELXxB7XktJUQGpwjwlRzl5wrrxXAl+KQOtmf4NQy57rjEr0cyEqgvG+byDktFYWEfYpizVkqw2Bj0fhyf6upcbjfAl60NCRo8Omad35PVPb6LJXA== X-YMail-OSG: wXm0mGkVM1kMm8VGgCpwQUrjfs.AO4tkamYnDTkQYwXbsJMVn9PlzYlNR3oTdga 10RL29YnUVuzaQFjMOJ4LQQ3l0vlIh7oCDpPTXC58pK.GjLAt9Zu6d2HmgG6xgzN3Ze0urfLi9Sq yR_VdIXW0qIZ.Sq6QMyDhQogl9dBRBx4i3bNAHubgMNMNZaHEmhHMoNrkFMWzYqUm_shSnxI7VbF KpBOrS7S3ou3OFPlN.HJyTSVsQ2YcChaiYd3tEMUnpgXKJNmb8Kzk5guSWI._MFCiTBEnGLRCTSV Y.Tff5KYmAjiEqSirDkF79t.TbTydqjRMpRKaJeNNy5BSc33s43cB_UvdaVrprkXRQWJHStLsIgS 8YY9v6ZKiZhvVRbj92cx9Si4fWs4hSp1CTu2HaiAfrD2h8i2ax_f818DdDnRgC5pwdlgXZ_SM7Tn hG86WZt0IG17H0C62KCTqUUvclJ6yu9j.6Bfn3qzPnxfBpJCDEA2RekqVoDM5xbvhXPYhCtkzvnl aJ5r78fKeC30VZ4WZge_ULD3xNIINTd.tSxNBTtTqmVS_UYsr_p3d18DH4E0LPvCjBmPvtcy3Cny 2gIZBP95P_FSg3V26P3rux97XBzNJ05H9ozwxSfoTd.kl3hsSdoVMg8IGJHZlhR58oLVON3DvTeN dj1p4ZfFtC_W7wJl8e_JnJtXMveFubwfi4b7Z24LJK0rYxG4O8xJli0x72_Nmvm2sWVixfFVfCsF UtHtFv07ISc8o8BVvaojk6tVbpzU1xIYRQOTDb9Eye4IM5nsPn0SQnzQWW.o5Ax4JPrPYoYn6Vvm 0OlbfcnJV6SJFB1CeK7m4Z.0x8WhSr.sSrZcdc_IQpbqNon3Omm6hZrf0aasz07C1bpHYcWqqPb0 7CXKfo398jCmU_CbqRBFFw1IjJTjStzLzrJKIJEuaTJxsaeAT3Ivl66RJJyKLjUGt5.ipKUa_Y7G z8Zv53zV5z8LYbG1nNQZ5u9dKrTbjxHkTe3xOr407DUYzGiAxJ4kAuPU8uieyDaDeZy7LvlgsQeP 2qEJtO.l6PjNaH3zhexFmcKbUIN4KHnyxsgEOuEk61QH0aa4xjYz_zW03rZ.djWakezKAc50jYDq Z1mvx5it33Y3Lfv.lKx9FEdWgvk2bhUInjn0mU7mNAlt9jvNMa9Hco9fsLab7dUr3Y_1zFz5OxsA Bz1jpsK.QBgzKAGGMQOOByKGi0tK8ASguY_yOfXOMycb7F5ElsUtlIxJVw.e719APRV4ki.HUn02 DTSMJ44npTZjoIA_6vQ88.Wz10Qv.PrNltr5Sw4BnFAB.yWTEUVdILwnDMSiZvKZYiFAXdwTbYJ8 tXZ2Ddr5C2l4H9fw9MleMv62_lfx.CC09t2emqM5kFGWiZzOG7KsdMg4.SByaI_mLrf4hstdA9GW BxIdW.bZ7WciwnTdMPlwz1KhtYHjKkeKiTSrSp8o6ske2N79F63N2bgQAjkeQVmyg8949KCk9oqb 8fOuZqu9.KDg3_.ZTk2JPB9mnybOKEnr5uXotyA0MuwxUyc8Yy4iBDMPUdqUDVA9zwIU1keq10BW flvdDaEXKpGQHYWXj3mzEjxi.tovAH74f1ezUjt5fHiWlZBzTdrF57llUbrJgVgiiABtZdaeS3Kx NunAvi9.4_4WWeg3f0AEx5MIkcqjDuiYSbdXpU_L7GwpxdbPNma7lFkk.qCeIDdZL6C.78Pocf9p cCtNax_ER1t_F71rcrNpSUQxrE1862283vpC.JLgnE4877Kyz4o3fEYuiY8KZRVeqxP.LreQuYnp vsyr9jO8qKdXPUvO2Fq0.hblJJMmG7jrZNWp3ve5AZ2YBODRzfRqSt.RjINkC77ZIR34UwZa.QiD Y1gAe1S_CtFqrDoupWzJzPM0WvcmSyTAgTsOdCpO8wjaf7LJwCSw_wuoJ4HqApIHqvlyQRCRJkLL 7Z61MKkayIQJATj9XI7YmJ2rWLf2KOPCuKjBrsQEVGCQSWlDzN9OjQnrZ2JkvfEsHeAoicz1LPaG PHVLibsALqy9IPu.AeOI4tu7czaUFn5ZIk3WNsrOnQ.0XfJzd5I5uDQ8__5ENqXJgOZAeqjGSkZU l114kdvPTuAfsfMWi1gnLyP_xlVwyMyYU5DFJOFrkhUhdoS3moDhJVrHktzUtGtJiMzigIMpoPi8 48etdmb2KRdPtriMzL2Ak6vkT4QHsQ5kZJFB94_is4JO6f9V3g8WE.HyqM9jl34ZFrrRZVVJoPko irAK1R3ej0K2yhOHdXWu7hu5ptS7QKhjgEqtOg5Q- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:38:27 +0000 Received: by hermes--production-gq1-d898c4779-kmgvg (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID c30ab77c0fba0515bdb50273bd82270d; Thu, 29 Dec 2022 23:38:25 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 6/8] LSM: lsm_set_self_attr syscall for LSM self attributes Date: Thu, 29 Dec 2022 15:34:52 -0800 Message-Id: <20221229233454.43880-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifys the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module, but will always be \0 terminated if it is a string. The ctx_len value must always be strlen(ctx)+1 if the value is a string. The flags field is reserved for future security module specific use and must be 0. --------------------------- | __u32 id | --------------------------- | __u64 flags | --------------------------- | __kernel_size_t ctx_len | --------------------------- | __u8 ctx[ctx_len] | --------------------------- Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 2 ++ kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index e342d75b99ab..c7da13801305 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -57,6 +57,9 @@ Get the security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_module_list diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 9eb4cb6bbeb1..a9f1ec9942af 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1062,6 +1062,8 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size, int flags); asmlinkage long sys_lsm_module_list(u32 *ids, size_t *size, int flags); +asmlinkage long sys_lsm_set_self_attr(struct lsm_ctx *ctx, size_t size, + int flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index af1fd28c0420..c3884c1c7339 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_module_list); +COND_SYSCALL(lsm_set_self_attr); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 3838cdf66310..b0dc11e7d3df 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -181,6 +181,47 @@ SYSCALL_DEFINE3(lsm_get_self_attr, return rc; } +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: which attribute to set + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE3(lsm_set_self_attr, + struct lsm_ctx __user *, ctx, + __kernel_size_t, size, + __u32, flags) +{ + int rc = -EINVAL; + int attr; + void *page; + struct lsm_ctx *ip; + + if (size > PAGE_SIZE) + return -E2BIG; + if (size <= sizeof(*ip)) + return -EINVAL; + + attr = attr_used_index(flags); + if (attr < 0) + return attr; + + page = memdup_user(ctx, size); + if (IS_ERR(page)) + return PTR_ERR(page); + + ip = page; + if (sizeof(*ip) + ip->ctx_len <= size) + rc = security_setprocattr(ip->id, lsm_attr_names[attr].name, + ip->ctx, ip->ctx_len); + kfree(page); + return (rc > 0) ? 0 : rc; +} + /** * sys_lsm_module_list - Return a list of the active security modules * @ids: the LSM module ids From patchwork Thu Dec 29 23:34:53 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083890 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8616FC3DA79 for ; Thu, 29 Dec 2022 23:39:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234141AbiL2Xi5 (ORCPT ); Thu, 29 Dec 2022 18:38:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46844 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234285AbiL2Xic (ORCPT ); Thu, 29 Dec 2022 18:38:32 -0500 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3AB89FDC for ; Thu, 29 Dec 2022 15:38:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357110; bh=4wRAVNsYsojyGknEyx2xkWB+QA9Ai0fa1Y8YXkdOvU0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=ZGuZYKSfNSXO1H34e2HeHCN8Xyx1406Ytk+O9pUTs+DDpIYFFO3Ly0nLPD2DMrOpjmGV9ypvW/ks8gDkteZBoGr3VgLwETtGebVSoGTkNXU2LGAXJ0yijI+xJKDd1Atyq2J8rdF+cqprxMxcFCUsk45/l+lUwSVMBFgi+alm7COYU8gXfS1cgjJXM17Wza2Qo8ylueDz9znZbu9sIaaqGi6g/5JFGLl26rBc9vE+aLFp5uPS9Gwqw4LjTOnWtr2UqjDy7jI5bO/MYSfeOqrtAEMU7C/CJ0QEUt8xpm7J+LEhmEKy/aEOA/Co+T6KJ3FIflYi+9/694GUO0qAOJ9bgw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357110; bh=p9qk78XADwt01b/4agJ7BzeCDdmHo2QojO/EkGxnlAy=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Kph0AHY1hZnji5rJ5z48CxfKUu5PnpAwYCoZyMcSn5RJzg5ekPcOMFiF5GjkW/ytQC2yaOysRXBK4kX8P8kjFo0qEOGuM5yvO6Y4FtTGif9T7+12t6Y4UtRw/MGhsoRtKhE52CoT/tUlVbPm7uKn6q9W3aai4mGAhDlWff3je/bKGi1xIRDdKVA6D3EfuQSHbPNQ8cFpuaW3KHzXwQpeGAMKThl/tRY6ZsEuP68AYud7WHk3Cek4sWPp5KpNIF75UGA8FY5LWaQZgvGUZE1cRaYKJebCgwU/ju6Sma5xGtgYNnzNA863jllMQPSY+vCMf1LdwONmYYTDd2syyAzAFA== X-YMail-OSG: risgtHYVM1k7SyQMIndgL1T7rCS5IuH_MflEThQv2G4r_ArO8.hDkcsgwJNZi47 04aYp9hdxe5XwGGvNRUQ3BZdxWqxe4mAJFILwDtkXnLx4KUUTv_XBhG0RClowz0y7OFG.M5ozcDn tb8u3vvY9Vm1gXr.QF5k4HI7hLILqh202rkTtcosvBfdUAz1R0a.z3YuIczQZHSCJFxJGKmKaca3 PRz37ZrY97c_ecEytxkRqdTYeRKoDOyj15guRceIpw_TNMgDCt7kl0FklB7MhOFxT0m57F3wStnQ 0nhyL9DPTaCkBP5VgwMXcsD5ne5LbI3qjJAb.N.3ziOSYaLkvTgLL6_YSoaO8ns3MNvm15j0X8dP 8PIrvG4jZzGRLmpQoTwQ4qs2w4WHQfvXl0C4VD5djz9bsaktK3J6Swi07CtE5TRlpuzZGFaOcxbp zvtTzJNGW7ZkD3YtCCKE0KhxKfyZMncL0_TFdZ2k.veJA0aQSmNrzaJ_on3RAnUWZ.zE_NaFyMo. dhZsV7XvBg6qMwNj8ZapXkciMGK.WytBgGowOq937YjVUwx5TVWwgbP8iz17c0wzkEjJTAtEqxJ. JfuiuL5j3AyGLJY0y9mGsUAUrLWj.n0pLCNO430Z.gjteKXUlRMrFP3hf4fDU_NZWwyDSV.v4d1Z E.5DrcpHSbJrWDOIp7YZ47BMYgXWF7xrf6sgpBTCHNminvN9XoqMJMCQrwejh5p5W9QV5EQHuF5n 8o7zeOXOz9fqfpcEiKpKpV_9c_JZLCdVJqeRyEHDdNMrOslVq9_JUevR0M7Q.pJObkeZVmVULGjA 6me6jOZ9k1d27_oSxghR6hBzHGIxkT4soEpHmI7DyxnwVP5i0uagFOeSsT7ZTa__IJ9M23IvVDgj iowR1tB.zSkoWm2gwos2GPRgR4SxO9ll3O6Ae3o0qIbIZHbXecukBGRNVkJxFGLH4mzyy.W.gsfe jYinnxitQhAMJ.ebxVWbTA8GMQaUYZvTgIWhCMXHi7Xt18i0slz7nOHRf6UrNJObjr3x_MKyFmfD QtiMr7r2SpU2I9qnw0.vynhDz9hfqOs0p.I2fvc7PQ8FBrxAfu.7KynHu_lallSOqV3Qo3Bi75Fk mMZIkSQwV6GmDjzkc.TM6RcWzCLNv_HZjX9l5j4dEEmKw1cMHnCgPWo2hH1.SrZPKeCiRU_ZtsOV WEQqSy6q3TbOCC6KZ1s8a1dOAbvWiN34LNWeesHytBeVWEMeS0m_Z2Lrq9NiEWb743u56JGdj_JG V1O3cEmmbbvLGz16obH1lC3BFGMBjzY1B274Y6TrosGSaIlHeVPvXVuqjjsN1G0KyPcmJ771_BPg EolvVTA2he23er9Enj.8DkBXDv1bSlm6SZCESwnJuFiV4p2NVDDuVQUIv6KFakx6XLCnzifLJY.K 5dbSO.i1YYYZ_naGKB9XKdpWh8dv.6Rz3.d.lY0j3jv3IllnEXkYssXQwJC4lVu4XCjpWnm5N3rX GSmtcegt2M4bEs2oLkoJsoPF5QTFKTGxbL92HGGlUGqtWJDIGdVeilv4.rWhRj1zZ.g8mtWrMtUw F59w0cvAIm7TbFsG0J.zLzzADOmgMrAeRBKUH5Sl6Nx_4gvm4wgWEJxt0pZQab1XqDnc2Kz2.sBC 4nX0HmSwxa59rMdcMHcsJCDHxQfT35unVWn.Ez1wCp.mQNvZJ0vl0GrkshCk33c0e2FPiKnC3umb OWUTkXXmbzwCe3qkVcSVBDeFPMP9pjjkW21Ly2mpgZgHNmxmB1ywYIlgElVqIvKfYMyJFqGtB0U0 SEeguQ3XC1WAeyyxBkUaU5B2FOeqFQvoRwO0Uoyf81JsDbATKqudfqETFOCNgA9m_hNyHKaVtlri Vg3ixJwazO4XCSqCF8Ac9SDnRQ.4xuWS0J1j3RB4UtR9NhBSS4CcvHx.W5DDPUrASpSCQ4YrqiTo 8gY6aHrUhOX79CBcJyVDFdCi1Do2zqMlYXUOQj623QLVeV67r1f95NMz66Vz6qCIRx9WaXnnW2Xo 4FWGf.LQwJzCLwgYEGzBykdwh.NY4cEi_T9mj.QxiHd.3rdulPWbDX_2hhFlRDG1aYY1S6EEvnC7 hgRg0RRfifA_GkeN4RZOCuvR4V3JsNg7uXNmqdhAzCGdxDKQ67qPqqAfcYA4.dKcn9vqjAs7vw6l 7m7m_AFiP.HBzvy0JtEf_uI7X64wHs7DNG9i9Kw01yTFHdnhAxRkO3Ng_2r87voa51gjbUugZX8o 0VbpBRe5yP.9T1HroTNGIRcxxkP9tiIgY1wzFQPk76Sdku94T_zfkbSE7iJuMDurLojs1VrEwuBP oMWCNFzxgCXhFp6GpPrQ- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:38:30 +0000 Received: by hermes--production-gq1-d898c4779-kmgvg (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID c30ab77c0fba0515bdb50273bd82270d; Thu, 29 Dec 2022 23:38:26 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 7/8] LSM: wireup Linux Security Module syscalls Date: Thu, 29 Dec 2022 15:34:53 -0800 Message-Id: <20221229233454.43880-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_module_list system calls. Signed-off-by: Casey Schaufler Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 8ebacf37a8cf..002e6a39fcb1 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_module_list sys_lsm_module_list +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..dca80a2d3927 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 037feba03a51..bd77253b62e0 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 453 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index 604a2053d006..cb4b3149024d 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_module_list 452 +__SYSCALL(__NR_lsm_module_list, sys_module_list) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index 72c929d9902b..1a5d560a1317 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index b1f3940bc298..0b7b01c90315 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 820145e47350..b69d57014c7b 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 253ff994ed2e..7c1ca6241b90 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_module_list sys_lsm_module_list +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index 3f1886ad9d80..99453966d179 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_module_list sys_lsm_module_list +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 8f243e35a7b2..4ddb0ff66793 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_module_list sys_lsm_module_list +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index 0e42fceb2d5e..5ab1a5b22d8e 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index a0be127475b1..8d31bb83d6a2 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index 799147658dee..bb7597be2e4f 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 2de85c977f54..43d468742916 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index 4398cc6fb68d..c7791c7bdde4 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 320480a8db4f..4f2e6577466e 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_module_list sys_lsm_module_list +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..3a7866f72042 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 52c94ab5c205..e0a5b61c1f1a 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 45fa180cc56a..3659b2b02f5a 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_module_list 452 +__SYSCALL(__NR_lsm_module_list, sys_lsm_module_list) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..99453966d179 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_module_list sys_lsm_module_list +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..8d31bb83d6a2 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index 799147658dee..d69bd5550b46 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..3a7866f72042 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_module_list sys_lsm_module_list +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently From patchwork Thu Dec 29 23:34:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13083891 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C3376C53210 for ; Thu, 29 Dec 2022 23:39:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234266AbiL2Xi7 (ORCPT ); Thu, 29 Dec 2022 18:38:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46860 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234294AbiL2Xif (ORCPT ); Thu, 29 Dec 2022 18:38:35 -0500 Received: from sonic310-31.consmr.mail.ne1.yahoo.com (sonic310-31.consmr.mail.ne1.yahoo.com [66.163.186.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3412C7667 for ; Thu, 29 Dec 2022 15:38:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357112; bh=TMEsHu4LlAJ0jeoKtnejUwfMeI4bpUXByg0YCSHhEkQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=DzWsG2UAgvZbB5Xa/ZzSg3Z8Y8GXtVWs2yq1Jbtb2EZnOFytLUg3v/+pjXZ2wINRv+f7ElbWM76Zh5aue/FXJvDwnphTG/9B8Ni0udk+Y9h9VvCT8/ipcLZ3OwnQ++faW3plxCdQYUQZbQOtL4HTiMgdALq3B8DPWWec47c9R68kzYFc1sD1J1lA52qLcCHx0Q3rjmBTd5ceLXeJ4yHEW2PtFet0ZIPhctdbTPG7vjja5VO2Y/sZ2k8TJ9K9DPfy4hVG5YsbvvG3FVqsOkSJ7HujX6MqV/KFJanY5Cswf27edKVdQcnFVRyrIxZomgloPe/0tmxdIxn3v3DHcp8jMA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1672357112; bh=GH3Js6+VifG7f9b9HSWA9JswyIB6iSBJo2wC4y6utex=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=swh4JEATnCBuArJhSrtC5uoOKTFiwxyGMpNhEltSWVabK2Iw85zDCFxVfQZ4z7Um9LqAe0FrhzT4qCUsDCvED6aJK5vVcnZbqf1nh8bpmp2sLba/TcqSZjXOwrhC6pSjuc1WPe8qgdUM73GgjUV+cKl9uu0xvuiIys8LohcZFiemtViBhfYzUzzP04OXaLSOvK4xm9cB55cA5v+kPKlTyeQXINOFqPt+TurE97Ckq1rAynLNqCqS5ukRDROWh1OLwf3g1nx5NQuPbuoxHN/1zkcmCflds4JHL+Y6vog+gyr1eLFd+imbj5SD4aizWvnuJKufCRR6MrSO75CPCELI/Q== X-YMail-OSG: QfpDx8kVM1leyKB.V6XadyPH1cz6P_XTCoerHCrP1TsiLJcPsh.G3VTabsPISLE k_cr9xmkQjyZC5HQ1ZQ0lsGVAfPzIqIlL3.Drg868kpdziw9nbnd9aWipYm8vCycPWx1EHeHsduL ouOo43AtFvQwX8oYa2QzQghYfCVJKAHNQhJSDneSrYVisWS8TjUVoRUL6sSscUwSIlM3m_.DsnTN FqKNa.I2_FD8Crhka3IsWvqjA5fUGBdSekM_alzE7KWGQmZkN7q.Yx1G8uy6nlfv0FzlPKSSh6yt bnyJGBQRYzRiQllWbXm_GZscB.jaLE5.tZlI605vnFrZ_9ekWsz8c8op6CnD59Ug.TupVls0DEjs X5ynp962cEC5UU7k0_Y68Dpsb35evUMSK.BglTn6jxxzf2Sog9r4oCkJvMlfqFNbu8IKJgP5lM5f aAQLOX1wbxWB.A8UfGVgoulBx2Nb.p7rVMbXskAW4nwWmJj5Q2DZSqW1RmntWNXtiy4RsdYYfnC2 _egKGcF1qaTqFetucehXp9WhugAf2I46jnSnLucQIUXTu9gFEZuoj.kurMTcfFJK0ekCx2SadKrF q7MV9KtOOPMeo8Oxzf501mzNAYKG8.qYpVYRtxVBaUmVgvj9_P8mYTTPpLRYQWo7Orwc9ubB84RB L_7nE4nV3Y5o_hzzxdLeeWEWJB81EOnXdKhAI1zC84By_OXBT8MW8ZV2a08uy81cN6pf9py3aY_p U2JBy_Si9DW.voOmgjP5IOrdND2ewCpDYBvuT.Hzd1KEVnPB7OuCEDE9y35ehJ2Qg5r2srjrCkCG aR3mZio5dzw4F4qMoDGISKxJL8vvbiggeiSUz_ukjpLr1uFH_.NrnnT0vCjoF5TqIxV8euBjgmrc taK8HDi0J9XqlhJ7dT_3f_d9gK_qwmub4jNxgF8Tg7LoRvklmqoAXFkmnAonPjJUBIOHUKHRH184 Si_Rus2HLGW3VOH8iOkg12RBGtnP1JXyYmZlOwHh3tbRD6nrt6XXcrbi6naqQzGxnD8U5B37DsFF EkvziYs1hO4EibN.kzvGPQ1.FDtSfyDSuA8pu_Quqk5DB2IMaSh6sPwMw79pDTmE4JXtqri1qDJj qZf8JcnT3AZB_o55t9skR5mM1ZJ3iqvlRIJFpBT3h8DCSmp9TBdEBL.KOdHzLY1vBerlpQ7pbfZH XV7FJbRYjVnZ4Roqe1CCObxqe.SFDNzhP8eGFKRbaoDvF66pHa1N.3K.QATH8wleNUJXdAGIZ74t ESugkm0QpPg4R8Q6w9qKGkp1TqSJvV6gzchtTPmFH50q8Qxfv0Kv3GXZT7JuPGk5qvv38SV87Dz_ QNYinY3TSHRJkEobQ54qwgRmnpyhhqqcxgO06sC817OUshGZxay9Q4bCFHmLyx7ZrJ8acJ1yCK_y 9PZ0XVO_gHgCHkZ9msqR7dpcjBo4CrL8LNVEmfYDu7xavnFUCbmHGg90ELyPwID138P3sHGLtbiK S1OIJZ_y9fuq0lsZY9hFSJqEQLDl.nq7DCYiOT5G1KCeo86pcx4c1ylH8b747jkqARPnXPDzVgkh _jvjoNKEMmEiELeTHh8f_R1K9863Tc8hBMg0pBgZd280ykXsviv0_yqcagYVOZSWowVbvDm8vpp2 iaQGCJ.zVyMuXFuFzlUuN6rp405vaPN1UIfNsFh9J_IxZkHKxd4JY._lz3k_RO3LRVvMTcQ50GlD ktfhDofyR61zhbGIDX62rKrT1gbtipHGurVJ6H44tGf3k3PBWHKflS41_xHGVmg6iMZfc6le6X_E RMd6pNwzEw707wbdg6u_mP5hUcxwNh_2h1VKGI7AoBMlkdB6jE5W_YgI2hMf0jnLJMJRPzV8Mgxr jd2xXOkW83dexamB0yM0NhU1TsaOIRu3yhFQ3Fz.npmZi3kvl2FI5liPQhBDL6uireqwJMBNhjHK 70x9XVaZ1.PXPN1bnoM.19ro9DM.uiuknZq.ZyXG1NT5cXcEUM60ME9qiaahmp920RM_VHnrwj0m SFt6XN9rK6tMWKzF_JPRIqtXzKz2DRpW8dEWKdYCXcYkQY9xl6tglv6E5rvhSYaFo5LaupMdKLAW WpE2TZc_X5Cel..ArP0QcUUa8N4VfKeLu9Mnwa9v8P9gQr3hfoQ4bwh.CrRs_w0luP6uSI2ITwwp YK4m8G0.kT2xM3DaPvuSrgicJL8IxiwSQ67D2FBCMemKLg1h4895aiUm3EVL4vsLELc3FPr9NJkd DWjkfBWhdbeh3E4npYOTpPR3fXLJEo9sXjuyFo1IcjePrrNTE8MgdWNDJ3xaRwEDyt6FlNIy9FLW fw94ikIlwyM99utOa7s9U X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Dec 2022 23:38:32 +0000 Received: by hermes--production-gq1-d898c4779-kmgvg (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID c30ab77c0fba0515bdb50273bd82270d; Thu, 29 Dec 2022 23:38:28 +0000 (UTC) From: Casey Schaufler To: casey.schaufler@intel.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v4 8/8] LSM: selftests for Linux Security Module syscalls Date: Thu, 29 Dec 2022 15:34:54 -0800 Message-Id: <20221229233454.43880-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221229233454.43880-1-casey@schaufler-ca.com> References: <20221229233454.43880-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 268 ++++++++++++++ .../selftests/lsm/lsm_module_list_test.c | 149 ++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 328 ++++++++++++++++++ 6 files changed, 760 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_module_list_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 41b649452560..ea58c5018529 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -37,6 +37,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..d567ea9756ea --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_module_list_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..6f7f72c25cda --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,268 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t size) +{ + FILE *fp; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fp = fopen(path, "r"); + free(path); + + if (fp == NULL) + return -1; + if (fread(value, 1, size, fp) <= 0) + return -1; + fclose(fp); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, NULL, + LSM_ATTR_CURRENT)); + ASSERT_EQ(EFAULT, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, NULL, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(ERANGE, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, &size, 0)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT | LSM_ATTR_PREV)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u32 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_module_list, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_EXEC); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("exec", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_FSCREATE); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("fscreate", attr, + page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_KEYCREATE); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("keycreate", attr, + page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_PREV); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_SOCKCREATE); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("sockcreate", attr, + page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_module_list_test.c b/tools/testing/selftests/lsm/lsm_module_list_test.c new file mode 100644 index 000000000000..c5675598b2a4 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_module_list_test.c @@ -0,0 +1,149 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_module_list system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_module_list, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_module_list) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + __u32 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = syscall(__NR_lsm_module_list, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..86f8a5952471 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,328 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static struct lsm_ctx *next_ctx(struct lsm_ctx *tctx) +{ + void *vp; + + vp = (void *)tctx + sizeof(*tctx) + tctx->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, NULL, _SC_PAGESIZE, + LSM_ATTR_CURRENT)); + ASSERT_EQ(EFAULT, errno); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, ctx, 1, + LSM_ATTR_CURRENT)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, ctx, size, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, tctx, &size, + LSM_ATTR_CURRENT)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_CURRENT | LSM_ATTR_PREV)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(basic_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx; + __u32 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + bool active_apparmor = false; + bool active_selinux = false; + bool active_smack = false; + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int rc; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_module_list, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + active_selinux = true; + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + active_smack = true; + cnt_current++; + break; + case LSM_ID_APPARMOR: + active_apparmor = true; + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_CURRENT); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + + for (i = 0; i < count; i++) { + switch (tctx->id) { + case LSM_ID_SELINUX: + ASSERT_EQ(active_selinux, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_CURRENT); + ASSERT_EQ(0, rc); + tctx->ctx[0] = 'X'; + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_CURRENT); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + case LSM_ID_SMACK: + ASSERT_EQ(active_smack, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_CURRENT); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EPERM, errno); + break; + case LSM_ID_APPARMOR: + ASSERT_EQ(active_apparmor, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_CURRENT); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + default: + } + tctx = next_ctx(tctx); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_EXEC); + ASSERT_GE(cnt_exec, count); + tctx = ctx; + + for (i = 0; i < count; i++) { + switch (tctx->id) { + case LSM_ID_SELINUX: + ASSERT_EQ(active_selinux, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_EXEC); + ASSERT_EQ(0, rc); + tctx->ctx[0] = 'X'; + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_EXEC); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + case LSM_ID_APPARMOR: + ASSERT_EQ(active_apparmor, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_EXEC); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EPERM, errno); + break; + default: + break; + } + tctx = next_ctx(tctx); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_PREV); + ASSERT_GE(cnt_prev, count); + tctx = ctx; + + for (i = 0; i < count; i++) { + switch (tctx->id) { + case LSM_ID_SELINUX: + ASSERT_EQ(active_selinux, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_PREV); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + tctx->ctx[0] = 'X'; + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_PREV); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + case LSM_ID_APPARMOR: + ASSERT_EQ(active_apparmor, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_PREV); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EPERM, errno); + break; + default: + break; + } + tctx = next_ctx(tctx); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_FSCREATE); + ASSERT_GE(cnt_fscreate, count); + tctx = ctx; + + for (i = 0; i < count; i++) { + switch (tctx->id) { + case LSM_ID_SELINUX: + ASSERT_EQ(active_selinux, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_FSCREATE); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + tctx->ctx[0] = 'X'; + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_FSCREATE); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + default: + break; + } + tctx = next_ctx(tctx); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_KEYCREATE); + ASSERT_GE(cnt_keycreate, count); + tctx = ctx; + + for (i = 0; i < count; i++) { + switch (tctx->id) { + case LSM_ID_SELINUX: + ASSERT_EQ(active_selinux, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_KEYCREATE); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + tctx->ctx[0] = 'X'; + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_KEYCREATE); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + default: + break; + } + tctx = next_ctx(tctx); + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, ctx, &size, + LSM_ATTR_SOCKCREATE); + ASSERT_GE(cnt_sockcreate, count); + tctx = ctx; + + for (i = 0; i < count; i++) { + switch (tctx->id) { + case LSM_ID_SELINUX: + ASSERT_EQ(active_selinux, true); + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_SOCKCREATE); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + tctx->ctx[0] = 'X'; + rc = syscall(__NR_lsm_set_self_attr, tctx, size, + LSM_ATTR_SOCKCREATE); + ASSERT_EQ(-1, rc); + ASSERT_EQ(EINVAL, errno); + break; + default: + break; + } + tctx = next_ctx(tctx); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN