From patchwork Wed Mar 15 22:46:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176715 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F07D6C61DA4 for ; Wed, 15 Mar 2023 22:47:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232132AbjCOWrP (ORCPT ); Wed, 15 Mar 2023 18:47:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38978 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230467AbjCOWrO (ORCPT ); Wed, 15 Mar 2023 18:47:14 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A0581632E for ; Wed, 15 Mar 2023 15:47:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920430; bh=pEstzg/u008kONiqpgOVZQ8GHJvILid9d0mq9cdi4dA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=XqFqKHIFyGHZ0tPv0OW1YrCUVBlLQFwJW3H/7SIjsrKnpa3XeeT9d4aDbM/CXFG1XCjizGvwGziF1sgASYw9WdwABUkcMVgV39p2VfkxIP6KeWa0REyQ0VNdQWJR/breIjqbN0OepHJFFT67E4ho24GlImxE4dJoBwliuALZ/bQPI6aCd24hn+VixMsly9rPd4DCNUaLSlsf6xiwlRZdMMKDrqSf32dWkCdQ9Tx4RIXiYAtSRs1vxBCRZotAc/Dl5s7HXNLKr7+dOnt5VMTK4yFNZZGAunVqyaoqSrNeXUEeQUN4L1NOLQRjIqQLy6oCuimofwhQkTWZdT8sO7ckCQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920430; bh=mPq2QL027tCFw7stLgjDzANJjX/Hxqm1KCOIdo25At8=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=VHwH6QcJjNLMVK2iuGyFhortXlNbp0pceodiGKku0c+Nyf21yAz1lYstarqxy6IZjuX3wBXNDoGs2S9D1M0dUOVm4ke+gzzAJeJbBzsWHWCfFFnF7eZ9GdACXn1wi4lYUujbng86aJ8I2JRGzSaJvJmO4J5vFpP3RUQLv1XxYgY47/DyfoLXG6FrNuW65Zo604+7PsHVSR+0c9mNfb4DXY23y0kcOiL1/tx36r2n1GmSolSuVt2pwLjtz/pPkJDwKDO7Ng1VXUY29qgITDdH5ntb1T/Mt+Aj/vFGhgN36qCqaz+C6UZdeK4yPKyK0HhYi0yg0/UoBvUMOX9EQfdsMA== X-YMail-OSG: utuPxt0VM1m91RtiHuiu5WjYhXdHTNgSdlUmC9158n_rFDa6jvHq0a6kQxO1ZN3 vQ6Y8PiVGK3KibqSWZRIeCVXskjxob6_UL0gGKMrcYpfnAGmqg_D_yPr0wJWtjEOuXJNFwtggP6C TcVlAPYNZW0_zh8a6zZU.ca0o43TpvWi7I1RZHOwmuZtb392i98ZM.fQpfe0ez46mRDsm5odXQbm 6iWJEFSR4oY3FTN6c7_BVqTDlMCUW4y6Jg8qKgJjKRZ9RO2fCOC5FH...eXVipkwB2FkFBMT2rdE cirC3_9vsm2EpKC6lXgGoQ5pFNZOtg6I0eufQk6yuAunZ.1w3VbV8Gg8EtZuq8NlXE7xgvjpK9_p zVRZMNSrQonzZ6rJLePaNnQ7zfstiEa4EcHSPhpDSXc40ytcQseZsbpolDEj3nP7LBhs600cBEDC d0YMxKJV21WzdIIGeo.akBI5YbMA4fILGgeaaYfWxkIaf96Jv727SroMMXwLOmUcgF57MgsK9ky7 YUm5tDwft2bv0EY0QO1AQduis0OSD3iL.nU5yjZotE27Iax6p5zKmO2gDCWG7b2HCZCCoWMLQe5m fHKEsPmNYZCcgZNUNn7LQ4bdyV3fU4Yl13JQvgkZ9aPMBN2zBMjBQ3u4RQUNdiyEVZ1Juglwg2Wz TvhLVUdXhf65eleTehtxckcXEPXiRLyEeSux4cx6ybWen8lhsJzkUu4LS8X_Bk2eiVEce_shf9ZJ 8BQ8PON1VknbUgrJxDNs.riiEH2hi.5yx7dgSSTi_PXIR7RV9fGl5Rl30AJG6TZE2kJoenbTR3gV HU3snAA3_4prsCnSHR7yEPPuQAq5OtXsWN2SfBfws7tz_qvdy2Pi7pGDeBeRtJC40EJY5_3XROCF qg6B2HDsmbybqA4gy40K6CVCyz7UuhhBwNVjy6il8fuuDnRA0eB1qqSY.cybyUvMvQ54o3uEzNkx VtvElWSijCJ8kl.pzxxHrxYuUhqmuVIVp6HdIEA.8rxqACJi2HT986Af2gvC8bohsqcODC7CLZZj vvqyjvqXoMrGTIdatvkjLjAjD0Htm9WYcpFp3iaiUSoZjuCrM7eBsSAw.0.6l_8FIDfMfroBqzjL 8vpL8mtPEaZgdTPo6i3.GKSgpnCfG19QLSWY8HWYs6i7RduO6BNSqGVGn4JrRhpYkST.MG7lGJu9 v55vmTXxNWmoQCuNXSwSizBi4Fs5Jn4bDZCY7FaJbsl1tG2H46.tGW94gO7no2sM6NuraYm8zaSm gxacZDS4WPNPrFkyM1q3keEbwU2Lu9OE1pgK57hTvr6yXoEndSiZoIRKi_YB_O6l71cmrDkVAMhj dZ28TuUxzTlK0.lPAE3xgbt2z81Xa1Ed0rTbl4wIuuj9XDoJUbesjCrECvB5vBC9QJ0FWR2yCqon ughexVqhNKlN.2klbPx0yaqOHTIKX9YlB0cM.Rr0RQCnlXlwR3NgwWFDd6VBAqBDbXH0goUwkKGy SKQ2RHZ.K_f3vKW6CvXOIOfWznZYXlV5.3SX49c6s9ompnCdnRy9d9WWzMClQTP7wgeOo0qC_16h hYs_HEWTtx89sYE59ewm6.SsDD1lKk2.zHFgBqNpqKPpU3Vg4teoNfgr4Y2IVQzmTmOyOlkTf1wU o.M8uDc37OSezqMMsxsR0AAaS3DI5nctsBpZe._.LYfUrWwhUBXiSM_8McTtbMevPoJ7j8J56RVL yMAU7tOVabAp_EPGZfCqB5hrpJMfosN2k6zeAksPC29WGRUo2DBE9ZdsV_mgvX1bOarZ2a4LmEEb WMET.ubqsagu6ZXmlUoY2sGAQkKR9EASFrShc32dZZ_NR0S4HZBTekYUjRsbLnqR_a35J2OGM89F WYuKFf6q5VRCVbvBzz9.LgMoqDaj4p_7smerupCn9zGj3bc1eaxt1x7owRJl5ixgtuPFPXiEXpsA 2XqFe3TqMFjz6iWDiawkYU.k0GLO5ZZyslxyM9ipcrmowzk_nHTFleEsCWXxF_t82dWAEttrI0CB JCy003A3JBWEDKCvCMEty8WQGhJ0.atd7SMiN4D0Gi0bBdmE_XGJBKvhBgTFC1hLF2X4ivjiI7yh jJ9uDD4pMMedxWpMcjXfJI6jLCxzU1UtqrX6M8wh3uXuwDfLn_OF6zQueSErDUwt05gTln.IIuyh mO0Ga2QUl5gS6ldjI_H67DmCZTdzr5dq1G9vIgsK99NEQykdfQXlNfD2wXaVYaDnzIgzBwKGKpJ9 YYZCPxLASwKJcDKlOBwmJZAq5os78robjaIpVfmU- X-Sonic-MF: X-Sonic-ID: dec84eb8-5929-4463-a44a-98eef6b8955d Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:47:10 +0000 Received: by hermes--production-ne1-759c9b8c64-7lgm5 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID a598a9259311ec92faa24ca803c3eea5; Wed, 15 Mar 2023 22:47:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 01/11] LSM: Identify modules by more than name Date: Wed, 15 Mar 2023 15:46:54 -0700 Message-Id: <20230315224704.2672-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ MAINTAINERS | 1 + include/linux/lsm_hooks.h | 18 ++++++++- include/uapi/linux/lsm.h | 53 ++++++++++++++++++++++++++ security/apparmor/lsm.c | 8 +++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 9 ++++- security/smack/smack_lsm.c | 8 +++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 21 files changed, 217 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index f16337bdb852..54c0f54cde89 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -31,6 +31,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/MAINTAINERS b/MAINTAINERS index ec57c42ed544..9700ea3ff3da 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -18813,6 +18813,7 @@ S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: security/ +F: include/uapi/linux/lsm.h X: security/selinux/ SELINUX SECURITY MODULE diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 6e156d2acffc..32285ce65419 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1665,6 +1665,20 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * @attrs: which attributes this LSM supports + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const u8 *lsm; + u64 id; + u64 attrs; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -1673,7 +1687,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; /* @@ -1708,7 +1722,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..aa3e01867739 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,53 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index d6cc4812ca53..ce6ccb7e06ec 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static struct lsm_id apparmor_lsmid __lsm_ro_after_init = { + .lsm = "apparmor", + .id = LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1910,7 +1916,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index e5971fa74fd7..5232c80be5b3 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +static struct lsm_id bpf_lsmid __lsm_ro_after_init = { + .lsm = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 5bb7d1e96277..bbc0a210506a 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static struct lsm_id capability_lsmid __lsm_ro_after_init = { + .lsm = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index ec6c37f04a19..2eb1d65f10d6 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index adcea0fe7e68..fa0e6e76991c 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 4c5b9cd71286..eab35808f395 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 3f196d2ce4f9..9104133d04ca 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +struct lsm_id landlock_lsmid __lsm_ro_after_init = { + .lsm = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index d73a281adf86..556d43e37177 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -214,6 +215,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static struct lsm_id loadpin_lsmid __lsm_ro_after_init = { + .lsm = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -265,7 +271,8 @@ static int __init loadpin_init(void) if (!register_sysctl_paths(loadpin_sysctl_path, loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index a79b985e917e..e8c41a0caf7d 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static struct lsm_id lockdown_lsmid __lsm_ro_after_init = { + .lsm = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..8d0742ba045d 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static struct lsm_id safesetid_lsmid __lsm_ro_after_init = { + .lsm = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index cf6cc576736f..58828a326024 100644 --- a/security/security.c +++ b/security/security.c @@ -504,17 +504,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -523,7 +523,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->lsm, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -2146,7 +2146,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.getprocattr(p, name, value); } @@ -2159,7 +2159,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9a5bdfc21314..9403aee75981 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -7032,6 +7033,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static struct lsm_id selinux_lsmid __lsm_ro_after_init = { + .lsm = "selinux", + .id = LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7355,7 +7361,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cfcbb748da25..3cf862fcbe08 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4856,6 +4857,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static struct lsm_id smack_lsmid __lsm_ro_after_init = { + .lsm = "smack", + .id = LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5062,7 +5068,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index af04a7b7eb28..a4658fb5ef0e 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static struct lsm_id tomoyo_lsmid __lsm_ro_after_init = { + .lsm = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 06e226166aab..2487b8f847f3 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static struct lsm_id yama_lsmid __lsm_ro_after_init = { + .lsm = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -477,7 +483,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Wed Mar 15 22:46:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176716 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52583C7618D for ; Wed, 15 Mar 2023 22:47:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232409AbjCOWrR (ORCPT ); Wed, 15 Mar 2023 18:47:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38998 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232297AbjCOWrQ (ORCPT ); Wed, 15 Mar 2023 18:47:16 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 69E8619F28 for ; Wed, 15 Mar 2023 15:47:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920431; bh=/2Zaeol0Iwtqz9/tpey1RWc75JtXtsn2fpgSNdIqNQA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=NFbl1xxKOyLrCN4zovN3yckiRFtVY2GhrDVEWGjEPhA/3OluAjezmPo/HjsW/CZ98KKRqXEyDUd0nd2M98NP2a34FzwGOPsojfZuKKuKtIH2+Pz7TPek6tkXn96t2/+IFiQXMEWNSZaemNw7H1MCsKwNBOEqBsnvDjX5e94sYjlwTabbRiqHYLOc145fAoQVG81oiBZOqV9rB4kfGzeYPHbDNCdNPOLwUCwYX3XrNSTqnkRCnNXREfZlFX6V2wIlYqITwC/fyvzkXuokLV9lguF3nOG4QNCZG6JIcuPNwSriXf1UhOFxXADs2/mqrptw07HH3jAxWJF6JcwxBfYT3g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920431; bh=J6vSfVr/MTJi5KhH/Y3rVysZMb6/3fwsPG7N3l21tCv=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DPXXs5gqqJRbRRwo9f9CkEYlV2YTaoXwF0RW7v6JyYdhhA7Qxr322dm801l93RssXfsqmuMISPs5X28ZlFRBSBRdsBZfHa6gwRk690H40loBY4W6mhYlDDZdQvT605iEdralL8bEVbEuNJXAHtYGBo6G6ruVf10poRCZhF/O/92D2H0I5oPnJoEGMNBTT+kiZnU/FfBDlvNLrQJNbAlaP+Lq8R+r9tggz3sq7o1baSEVAYOCgAm4x40BsfR+0YWimb3VSb0vowMGYytVymQQ0aji/s+PoUKiwgswDO52MGhSuRTZ7bZqFeorezd15G9xlaVvQHY7vu0auPh82gS6ng== X-YMail-OSG: sk1nTLEVM1llPfrptzFLedbwuJf82y1ZUKjnUrhN8r5iyXXQffH8Kg2A6hGPZcT coTGplhQpTAhpY6IfyeGYXi1SdpXNTnWP93S1zHuTbl12oicQ_qUNGOHJhuKe6.FAGipY7Dnyy1G cp2JhPf.gs16YQejDRjYKrzRqBhPvuJww.ra5GVV0sBoLpDJWjfSHVMy_UmhSLxh.CvP2_xSGe3F SeuUC0meugq.F0LwJ13Fxbs.uyppeUZ4tKjpz37e9BsfNN7DsTTjCQIBAjUXaW_iMx1MD7tPMPSU apB_OYfCB7jkrXcpYHKMis8YYdPPElFOPU9JsJGppw4NzkVlqfHewyz7uuWh_b80pDrQNgH46hTm T4M4o3g4Nsp1GXQe6te.ZWTe0KMLeB95JeSJpadEWGutwiS3qJYl30je4V.1QLAaKXTR3rfviloo x_Tj76uCx4qPU4A8qb0CEsOG3il8JPPgLQieHTT31YY_Gykg6VsulJ3Y1uBoLcjIWTcwqLrvrFMe P1dvs8LIz.FMlzYhw3uIEvvkorpMk8HGUxqJwdyTWjycvQXVsufXyD4j5_JUjR4G.d3vIRnbvhbx S_mlvnI4vrl3mWAJ8.JRyP34JwX19NDqhF1MNMA2ZD5vfVCtjdPo_r8wCTmButSHwtRVqNyZOA4C F16G6F6xp1FGuIu4ispj09QyEgNUvuWFAfa_stiQoYHVANG2EVGk4TZYKFIsp94szY0J7._aeL2b 2JWxXUKfomK6frcVcX9jxRnFmYFlT6iCk7QLXYeeuYeCdMHSlvitSUpk9.wTIffmCIfg4_97vR3c .pciW.3wXVpPf_fDGxS5vNZgG6XuUq0m49pwrkhnKMfzsnxBEQYw1U2mdHf2WCUqwlDOO8M7MStx Cmqrx5k4sHA2oTBhWJufSd2JJCLV9KIX8D_JglStjMksIH7h2bkU04VljQ57S7Hoop5DsEwd7wkv jNNfX6HFKOibogOrFGQUJMIGYUJP9G9CQHcsd.kBuUCV_wucMtCu6OadJxu_TLdwCQBkEk7daFgt GzFe4O_6dwP1ghmA8hGrYWvLVpLj.9uvvmSLLkvaz45k5mk.BX2WYSh8M7er5upQBfPlwY1mKuqX 2.Eu5pSLLjD4MY_TotnTa7ZqQllNA71e9NhyGKFhAS.qMWXWGzexNAEvZFuq4CU_BLB7yRM9bg.b ei6AKNJRKBDfhFekTZtQ4uA7RXQlB9EYWG97PbZXcGKv9Yyd._NDez2fsjd.Y.vY.7a3DjJ2_OaX X9k6zWRRZDzOU4GISZj7O0SmrVW1Sgb3Mow74NqbZ6MWKCtb3XqmIpfVVuMOGydhu2JgXYMGHUha oStRqChDTezvuuI2lZdrg2doQZ4lcw08st0kyx3vbdwI5eVMD6abwvcW3zMfTKhF_Lwg9zavPKvk 2MHX1H44JIZnQXYM1QIb8JNYnNwJTeI8zVcEU_Gyx35iCfrkkrzBLlAybp_rGnWzcOxU20EjVgl7 4O_1uWx7OeGGlRS6jS3608pl3d2U6tZvKI0UzDql2WDG6EyBpmOTHrougEID4QFcoy_ke2ImNq9. DwAXrzriqZb2gXE3_kgFb2jn8b6E212LJlKDY3CpKaMq3f6u5SVLIBX.rF9S9gN4pALnQ71Efozw mworCNMOZoiibjDVr_G_eMtmHB5GxPvajnRwSgcjnglK7fAmm5tba9wbM1wtBoNTlVDTArfFQT45 cJnGsaRta55vyKFI8JRaLorsABim7MXkiBjjQK9tI3a4s120kJcrwWPMSjTbFIvyB9Ir2DNRRimw 1ti.cJpqZhBSkPjXs2191J65FDeTDRk59xovInUFT.40fcuaK8xJqq7Zq1GjaOva2WqGeTfsIvGI .nvS_u3QV.ZXxYOYExIKKwf2MBl6Tca5Bo8SOvXgc8xqfJhsroZhUxhg7npXz_FyTIuc3dJZiXts 4TLR4Uy45a..tE.AziNn8bwxcW9ouCa2OTNbjlmpv0essUvusZMneY_Asf99p_.c34V.aqDXi_IT OSMDsvIsSObpKKM1snubZNSkdAEwkkWANb5Oy9OFUulRpmYWvS_SK3x8ZDTVVUs63PMoG4zIthWf y_S2bPQvAgrGKOtIHHJVM3pYHTTAetIkGIjqybBNmk7S30giOYqGVtSuPjMfo2zHhFoIz6whvImd uOc2pTj6LlAlbCwIzwAOMkxIlg0JYARumqMlRrduqHbjBgRFmhiky.MK070vQp7Xe8RQIfOT1TaV 35ZrqcbamRVTgoo23e9uoxzfOv_EUjQo03VqrOlf263sjOyZNUwtog7BEvHQ1s5QLSRPqRmFbw5b 63P6pf3D3SU.FRrdc X-Sonic-MF: X-Sonic-ID: e2c54d68-96e3-4789-9ebf-6f68938f13ff Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:47:11 +0000 Received: by hermes--production-ne1-759c9b8c64-7lgm5 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID a598a9259311ec92faa24ca803c3eea5; Wed, 15 Mar 2023 22:47:09 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 02/11] LSM: Maintain a table of LSM attribute data Date: Wed, 15 Mar 2023 15:46:55 -0700 Message-Id: <20230315224704.2672-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler --- include/linux/security.h | 2 ++ security/security.c | 44 ++++++++++++++++++++++++++++++++-------- 2 files changed, 38 insertions(+), 8 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 5984d0d550b4..e70fc863b04a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index 58828a326024..aa84b1cf4253 100644 --- a/security/security.c +++ b/security/security.c @@ -28,12 +28,29 @@ #include #include #include +#include #include #define MAX_LSM_EVM_XATTR 2 -/* How many LSMs were built into the kernel? */ -#define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) /* * These are descriptions of the reasons that can be passed to the @@ -90,7 +107,7 @@ static __initdata const char *chosen_major_lsm; static __initconst const char * const builtin_lsm_order = CONFIG_LSM; /* Ordered list of LSMs to initialize. */ -static __initdata struct lsm_info **ordered_lsms; +static __initdata struct lsm_info *ordered_lsms[LSM_COUNT]; static __initdata struct lsm_info *exclusive; static __initdata bool debug; @@ -341,13 +358,16 @@ static void __init report_lsm_order(void) pr_cont("\n"); } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __lsm_ro_after_init; +struct lsm_id *lsm_idlist[LSM_COUNT] __lsm_ro_after_init; + static void __init ordered_lsm_init(void) { struct lsm_info **lsm; - ordered_lsms = kcalloc(LSM_COUNT + 1, sizeof(*ordered_lsms), - GFP_KERNEL); - if (chosen_lsm_order) { if (chosen_major_lsm) { pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", @@ -387,8 +407,6 @@ static void __init ordered_lsm_init(void) lsm_early_task(current); for (lsm = ordered_lsms; *lsm; lsm++) initialize_lsm(*lsm); - - kfree(ordered_lsms); } int __init early_security_init(void) @@ -513,6 +531,16 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + /* + * A security module may call security_add_hooks() more + * than once. Landlock is one such case. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) + lsm_idlist[lsm_active_cnt++] = lsmid; + + if (lsm_active_cnt > LSM_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Wed Mar 15 22:46:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176720 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BFFA7C61DA4 for ; Wed, 15 Mar 2023 22:48:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232492AbjCOWsx (ORCPT ); Wed, 15 Mar 2023 18:48:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231911AbjCOWsv (ORCPT ); Wed, 15 Mar 2023 18:48:51 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDDE5231E6 for ; Wed, 15 Mar 2023 15:48:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920525; bh=FMVFAxqJdW5LB5HmBRy6lGCH894a+0dyKnb8QZDxt3I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=aAznSEjc2F6NJ7uaMR1ZQi9modsveslJXmjOAyZvMCjrknsnnMTc0DzyR2Cc+H9ui1iXlsRFGtCl4eSRMAX9GoXH/NYHDxoQq+fi7dwTkh8cz1dUjf5TRse8Iy6zjcYLvOYtmikR4/wD55uVkuLsfjnvk1o6dPn0Sl3miBFpu7iuVPrXXVIPyX3ouJrs4LUOWhBcrD6LNG6nPWS2Fk+BTY8RkFSzFdMbliIS60SkWMwrVjfxrh95ErLW3QNI8kgQkIitMy7CpUwC+MOhM0dZp7xpi6zvVpCLjtsRpSysDeTPXwkdLpS8+dgt8NAbhRfO4IchgmwwItJjDHpPh/LoyQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920525; bh=d7lVY9W9tMwABm0YRNC6vvbP/sryM4aC9W5mkbzmsn5=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=sI+ncWp1O1/gNyH1pNZ0WwAsgbblYeP7ojpdAeUV4PcfHapgEztmtiKvWtPqffGMcUyLT405/gq++0+Qe3GpKCMGm4dAznvupWSx7Btb7jMg15ZPA/sZVeBl7X6XfoSt84/wbcqZbkefoLPuCK5eXIYdMOklHVE2/QHpRlCxmE7+V/aC8aYGA81yDQ+06YnrJe8sHFz1FrbzOLKWLTcKT76EnUpXd51L9XDX26SZh8u+3Q2gI1T7X4uCN0Tug8J9/rkKrV6fH6zg7GNf/86ZJ9US/pidUAyyGsgWLLk8tO6C33vQs2u4WNajt55HbFUToS1YMrczeuDeMUqKJbweCQ== X-YMail-OSG: Lph3bxgVM1mae997hMuryZDgdzOaxVB_4hRDRazerWErtgI8l7o7Sr708Ugsq5p qqb2S.W9TWL5AtPJZn_eD8jbW.rp6FilF_A3zb6GeJNSvQn34FJkSV0qzW7NN6Fq6Q.D8Mn1aAwJ umDn500aAQpssjiDp7s8rYFVhv9XNiTT9hh_YVSsmCsxn1wiazjy7Y4E_fi019dcUQoIRv_WrbuB VKV14qiczBT7aHIdwatGt2SyKH3cXdE_DTU20eirZ03NtejQzPCwO26FYcErEbfCI5Dd0soarkFP LKfOJMYAOBY3eS_o2S78YWcMz_FUpuzp4YwEbXHWxY3fKGG_F7pyGM04I43xb9X8is8pEBKogHKl reFoCAka_xg2TQQGOwiNCMp2LH2WygN1pPDDQ1T63b5e378lgl7wSZtG.arr2FSfCqqX7SmGNqb5 cg4ZUZskEqFo_2KkBkxrvn2mgU5UvlO_d.g4B0ZbPp4XE1VixdocA6eDo7UbMPWzzXJ371hhzMug C5k5yNnP64IR6MZtR2gU0.kIvoGomP1FT3qK.GdPisT6a3PfWj95zyMaEumqKiF7Wh55wDspvI0A 6083qPXHJ__TZ1PvX4Tb8R642y30YZ3H0waVLTRgzeFBUwIxFIc1EDJWGMQ__e7PHsgUkmmO23wX IUzkKr6LHdaXZGkF6i_YY6JcDBUL6cg3waBlqgzWskKHyNnhsD_4PumHu_xNAIRzXgo1SwN_e5rS PrUnigj7U2b4WELoQMZEcH_bfOA3r1t6shc0uqWDMlOirTDEhTm_JkPDqwoUQ1.hQHm2qnw4FpVR T5wu6i_x9L4M1J2_EAUG_MuBZbZXo0Vtt8CduXQJQwePC8nXQkc4ILSexnXQBD57GvSXiCmKB6UB eQK.SvuHaxhKMtvXN4swkDf8vnvbbR_RGP6IqOX.q8VyMOSJ24r5vy3xn8OgLa1aC0VKShNGkewp g_bBxy55yIUhA6zRT.nzvjrXIRltIlvgfdBMe_U2_AhebdnYsf8UZlaoCWUqb2cesZBSYlcG63Aw rGX8edHRrpusrZ6Ytp_K8Bs_haeUu_i0dD2Kwb12k29dCzmbyNQmvJmuGvFvus53rn79RZM87oqu S_aVAh6FZad9QeO9fow2WGnkyqQu0Q6KMDFt_AqJwu31NMICaezE8eFhtAt5qCxW0YNo16q1_P77 UE7HVaHcQn3skUrEoqFWUR8LU8FwD_RuPgk0hwtowtyrZgACX2kd4SL99rW0Ja6QEUNut5NJjCPN cy.NZitFACmYv6edvhmN7LEet2q9m_QLg6iZ6RYr2RbUEUhK02NmMjO456jo4Pj3jEmxpbWB0gBr prEFiVYWkBqewvVwa8TerxaEIITjXVpnqZ1ZQfvRNsxzRO6niT1I4tarRSvUoHnzboCr4MwkHtfz VuzIhd3yyh6KwRnobHZrtvY6Apavx8Hy4VCC5rXvP8Sy4g5uCx3M2KBN.1T7OrtR0Pu8gATct1LK cMr9MIw4jkN9NInQKbkttjCi5CtaTNy38lRfhHXO7Td06SwiIl.KEf5ZOBAiyBckPdihDoPnlw2Z fPmc85Cp61fsRGKNQ_zUedrk9TMxI9rkoqB3xH053BvIQ12tiF_wKg3CDy0JmPuNzvnJ5EWDLZdx 4K5F1TFw3B6OnDlVysOoN0CgiTKjUz.RzYNQ42vFodKlsRkLWedPSPbB.fWMP4xlrF61oGtwiODM F8mWGGv58yfG151E4MCAMExwbYlJ2Mu9Qywf62TYzNinzIhbyCfJAGoCzxhGV9Cx6mgyRlcwVUxe P_ZbUwYcdUUctBKf3Z6mQPA36C0Cja6hqVmZqCrFuXG1W.WP86OkQv17Dqbit_ON8FoGXpTsy3yF nZr0O7e1JkR4_6OqIuwNLwfsmOQUnmx.xWng0nBVGMfyXxouf56gMniMXVwPaPjnt3vB.rTgEXLa mi31HtfAvVLiLgZ1lMahtHKLW7iSMWKbTE5_wJ9Wz.6kBAyK7gtfP3vyOIuWh3MvGjkuTuaj3vNT p0KVTdhw0H1VRghKIz8WcGtbs6MV6kRL931eCc_713I.VbTLCtyKYd0JsdhpDbeG_6x5Kg6Und3X PRkUDZcIeCizRmT7EggKOIwGoBzZLsYS4fFYmUMlJnvBwVKwLCBnTgEdBwiydnF9N7Enp0ihqZKB .VZQf2gfYM_Q94wnGTMYKt4GMZinmRbjC1cSDLnqtCsgGONBe8Xv1dJudIes9ZgLWyM_YB4wpmS0 epBB.0qarynn9VZIaOXj9Ohv3w1xS0JZBw6hSEMMb1bSv3uL_dBLlgVPrMMkHpBqZUoJ7RMhe4l7 1Co9lUW1rxcpjl18L.7s- X-Sonic-MF: X-Sonic-ID: b353b499-8fc4-4618-9168-04fbbc2ead2b Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:48:45 +0000 Received: by hermes--production-gq1-6cf7749bc8-pgxdl (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 85e66b2f7435f9f3ba08ad33962dc8cf; Wed, 15 Mar 2023 22:48:42 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v7 03/11] proc: Use lsmids instead of lsm names for attrs Date: Wed, 15 Mar 2023 15:46:56 -0700 Message-Id: <20230315224704.2672-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 11 +++++------ 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 5e0e0ccd47aa..cb6dec7473fe 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -96,6 +96,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -145,10 +146,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index e70fc863b04a..8faed81fc3b4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -473,10 +473,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1344,14 +1343,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index aa84b1cf4253..87c8796c3c46 100644 --- a/security/security.c +++ b/security/security.c @@ -2168,26 +2168,25 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } return LSM_RET_DEFAULT(getprocattr); } -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Wed Mar 15 22:46:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176721 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B642C6FD1D for ; Wed, 15 Mar 2023 22:48:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232208AbjCOWs5 (ORCPT ); Wed, 15 Mar 2023 18:48:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42120 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230124AbjCOWsw (ORCPT ); Wed, 15 Mar 2023 18:48:52 -0400 Received: from sonic313-15.consmr.mail.ne1.yahoo.com (sonic313-15.consmr.mail.ne1.yahoo.com [66.163.185.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D25A12CFC1 for ; Wed, 15 Mar 2023 15:48:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920527; bh=JFySRqQrJL7h9xbnsNV+/zhW0Q6Tup4sDm7okJzv8pM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=REUpUd3L3AS+6yFDeO6UthCBpOD9J2bG7rf8MHUElwV4SHIu5VNyra4D/XBINKDwRFUe9p5MWyS3t8Y7L8e5SXTM0f3aM6jEy+es/fwF+2J/wylEEIiCtjV/8E/fRsyPKnOyKvNGr+AoDLxQuykMfRItAklgR21ni9cu9XVNYpgDqnVe+YfWeFRyVyJ64IFloJuJtwUlRdyvfdlCyYw4hwC/yd0iW8YEUMsuixxOn5Wt1ZEkyM9NAjnRjhCO6i92/I/lovS4B/jNUJPt1ekma0yrsT56UNmSLMQRXRb3i62aDuLAOwIlf1l3Zrq6BagGd1sVmttS6di2hW0ZkJk2uA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920527; bh=5glQw0N2+V0YHjBbPWBx/B0LYIlRLxZp8G8GesbokXF=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=pNM379B3+k0wrxJ0JsaZjpozY5I4M9JJsqM2f2wcq3zH59ZMzPOOKUyS7Wh8bqCKSa9BwB5om2IA+1LZV6f+Z1oS8GXN5iqxPhvYJf5ZC3OnNjTy5yP5c+VJuFjZbY9NMLqj5iNWSu92WpJ6JT5dN+51gcEeF9VKeSPsPrheNC+gKZLdliLsJo2KyrU8Z9cMvUOnLBBCBJFQ2rSAyCxuq8Dn1R0hLm3MLgepqA1ESj19ThUA190vTAlNvzVY0px7yecNQ5sKDPMSOMzXwHvJNeaCrI0nvFjXDGSFg/3um6u0GF6YM1poD5K7aA5a9ZRyf/LAlavIkVuuHQ5Rn0OKWw== X-YMail-OSG: EXzz8Q4VM1lLrQKzhWXy2RrDEHrJ99VSdQvuYPWUAZjfx8g4FZ6.Zcpi2B9CZ93 vReq_FJdHKm3C.uuCSRNjs7Gc5JLpLyPfyH_6E0Addxn0_HS64Z9.Ndr7Jin0.kRo1oOKj_7GGav neBl4FRt8MrU7vdz8BJp9qqRwB_J3shIVggC3qo6t66qMaBy2H.pGw4sOaUPW9BOY5QiLpt90wPY pMQcTr3QHjuGWEwnmdjYJpzqWAwJGJ2Vp99O5lNBTRXhhPufnrrwWuh.jw3g6reyXjNBB7_jAW6D DfES9K52Yzvp5VPSkLs.Xp2_Xki8_11yAhRs1h8qMVokpaIcood68yv1lCYrYBjG3s08U39JmWU1 3bNqramsSqUnStscIY6M3MllvZK6Xzq3mFY4oUI4uWCl_PZvGnN8IRfeq7ahZ_R.FQW06qGeVa_C Opvs9FmkZKkJ1QmJSlCkCgUi2xY40qoSOvYqTVJJANOGeBYmB8MdROX6h5K0hX9wtWgt9K5zg4zt m3R6N7r5lNUBLHSJq_KIIWrWBdLicCTR8Sz9BPvRajUnDAHEoDv2jT6NpV3RMTJRE9iuUp37YKms O9uC2FXVrcsAAZka7ZZSBiqd6bd7kmmUTcmZKZEkA0r1lF5rv8q7hQelg2kzrJTUNxX1UqBPyQeV tJHHuITH9G1GYDIemTngKlsoQo3Y65JqdPVXDlbeJ3SNMvtxn9EjVohC3lx3Ay4OMV8VQAvd4Mw9 H8tahsvbJLrWiA800NQCdCbKxXklJNvPPuto24J1Ua.oXw57g9cmpk3gmcCzNgXAdxDxY.2h.5TR _qGU9f.JGoTOigCJsqTt8d0Fhyk9tx1Rw0wgdnw2XYxQhYQQWNiWeKF8nHW3dgNN6R2MnBjTZNpu .OQ0OeqO2jXfbZZC2qRHlIp_IfubKbCx5wUdRBD1f5vDJaXGJ8fdvqVdVmTH7ALTi2gyuto6rssw LQGQ68XW.Iy1TIr_S83HgKWfiOlOxWTirGeJGSloLDDr9I1gDdqLuOqXQlTy0Pdk6dK1f3tbQBUR UvuxJ_7DchgcB2MweHGxlMI2zHlj2La9B0flQ94lv1CmzLBkzvQ2Yz89.DWb5_BSlhDKUPic4a2v cHpdms8qcSiYwtXhyjG.rtSDE65dGhhvue4LBtgRRLzMJuIgNuLGbTqjofWVVXYowq40_eZZ.YMX AwiqOBVqxpf6RqaXarITVFU6yADTskAuHYPDcTw8xwe38Gue57Qgc5IwJCNaJFQFpT.opp6u6DNt fxlFrqZhGfGq_jZzb6yJrN7FBdVqq0eXd186M3iA_he_gBW7KjxIUTfDjM.Wrg1CI.N.MgJArKU7 0LPdu.b1unNzGmXR7cr1dAXPmYwzTN5NL5svDUGKfJvm0rM3Txab87H537Oll9R67OxNMsBP5.Lc GXGSTraJ6omNPY6cx0L0WvXk.31k8Udmr1ntb8lpF7NAL7e5KSOQuwU8NNbD3VE9cgJrJFag67vw qmB6yqbYOqPLE2STbnoOVW9h3wBGdnGtc0GSfC1Cjf15Ow5mov_SE20aMl0AF7KVG.OKigp_CjaZ 5JjAJ6mGnZYpDn3WUEI4Z9OYljp1KSkjEmpT065.mGmKqU6o54sXUNiz5IDlCJiWWz9VV2MIJVQZ BIdJtyiVib_5jDS2SFrVPTEMrKnEX288OADoXp9Yy6PDGn_rsqZGjUzex36DCMUR5.pPwDLczvgh coy0TGVtrbASPiwhJj5t9AVvqLBsDkbq4TE.9SzaJlIgqF2DybQt9jMRBBj9Md8PqlqptDicsSuy NpU3BZM4ZKLU3kG6P2gkwNzSAA5oJVTUVMZi8ftJefcwQvXSpMmjlM3JFCXisEIZM19zwgK2MagH fwy4OuQJtmxkXP8wpqjO4r6QfRQt.7Kew2FUx5.KU5DBrLkCjhuKfBAU6qsoCf3y6JDIGAHhJvAr UmJ8QeOrb.FHGLVk7augAz4HWUg8B9HeZcWbSFfQ16UdvKjNhm.ubWVYrlhG81Nl3VbWfbCv1rXT umWXB42DaDGaei4iaQ3JCey0j6P56top0y.aDzmPnCm.HmjmkkjnUeLUH_ECbJsJb6zSAKT5_DW5 qTeqBe75IfMT1t1VYqCtksICR3uuuEK9U.cAVbl1SGXlToQDzajrpo8Pkp8Q2XTFolZgDQvrVDSv RTIY6742rOyxXiogay5NTmo4aBovEB4l5qQA.B6FK6xdZkWKomXJKJt0qjuTuYt3NCPTZcwB0R4g RWWy_Yv7_P4auHtkvgsc8UuKGMeh1R.kLBzvhYUBg X-Sonic-MF: X-Sonic-ID: d138cd13-5a04-4596-9d2a-112633e510bd Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:48:47 +0000 Received: by hermes--production-gq1-6cf7749bc8-pgxdl (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 85e66b2f7435f9f3ba08ad33962dc8cf; Wed, 15 Mar 2023 22:48:43 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 04/11] LSM: syscalls for current process attributes Date: Wed, 15 Mar 2023 15:46:57 -0700 Message-Id: <20230315224704.2672-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifys the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 15 +++++ include/linux/lsm_hook_defs.h | 4 ++ include/linux/lsm_hooks.h | 9 +++ include/linux/security.h | 19 ++++++ include/linux/syscalls.h | 5 ++ include/uapi/linux/lsm.h | 33 ++++++++++ kernel/sys_ni.c | 4 ++ security/Makefile | 1 + security/lsm_syscalls.c | 55 ++++++++++++++++ security/security.c | 97 +++++++++++++++++++++++++++++ 10 files changed, 242 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 6ddf5506110b..b45e402302b3 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,21 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. +Kernel interface +================ + +Set a security attribute of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation ======================== diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 094b76dc7164..7177d9554f4a 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, u32 __user flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t size, u32 __user flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 32285ce65419..3c2c4916bd53 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include @@ -503,6 +504,14 @@ * and writing the xattrs as this hook is merely a filter. * @d_instantiate: * Fill in @inode security information for a @dentry if allowed. + * @getselfattr: + * Read attribute @attr for the current process and store it into @ctx. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. + * @setselfattr: + * Set attribute @attr for the current process. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. * @getprocattr: * Read attribute @name for process @p and store it into @value if allowed. * Return the length of @value on success, a negative value otherwise. diff --git a/include/linux/security.h b/include/linux/security.h index 8faed81fc3b4..329cd9d2be50 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -473,6 +474,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 __user flags); +int security_setselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user size, u32 __user flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1343,6 +1348,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 __user flags) +{ + return -EINVAL; +} + +static inline int security_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, + size_t __user size, u32 __user flags) +{ + return -EINVAL; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..3feca00cb0c1 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; #include @@ -1058,6 +1059,10 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u64 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + __u64 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index aa3e01867739..adfb55dce2fd 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,39 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + +#include +#include + /* * ID tokens to identify Linux Security Modules (LSMs) * diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..d03c78ef1562 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,10 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..feee31600219 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: reserved for future use + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index 87c8796c3c46..2c57fe28c4f7 100644 --- a/security/security.c +++ b/security/security.c @@ -2168,6 +2168,103 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: the size of space available to receive the data + * @flags: reserved for future use, must be 0 + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 __user flags) +{ + struct security_hook_list *hp; + void __user *base = (void *)ctx; + size_t total = 0; + size_t this; + size_t left; + bool istoobig = false; + int count = 0; + int rc; + + if (attr == 0) + return -EINVAL; + if (flags != 0) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + this = left; + if (base) + ctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, ctx, &this, flags); + switch (rc) { + case -EOPNOTSUPP: + rc = 0; + continue; + case -E2BIG: + istoobig = true; + left = 0; + break; + case 0: + left -= this; + break; + default: + return rc; + } + total += this; + count++; + } + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + if (put_user(total, size)) + return -EFAULT; + if (rc) + return rc; + if (istoobig) + return -E2BIG; + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @ctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on success, an LSM specific value on failure. + */ +int security_setselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user size, u32 __user flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx; + + if (flags != 0) + return -EINVAL; + if (size < sizeof(*ctx)) + return -EINVAL; + if (copy_from_user(&lctx, ctx, sizeof(*ctx))) + return -EFAULT; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx.id) + return hp->hook.setselfattr(attr, ctx, size, flags); + + return LSM_RET_DEFAULT(setselfattr); +} + int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { From patchwork Wed Mar 15 22:46:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176722 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B6552C6FD1D for ; Wed, 15 Mar 2023 22:49:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232684AbjCOWtL (ORCPT ); Wed, 15 Mar 2023 18:49:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42180 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232474AbjCOWsx (ORCPT ); Wed, 15 Mar 2023 18:48:53 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE4F15C9C4 for ; Wed, 15 Mar 2023 15:48:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920530; bh=y2ulZX5HPWLjVTnkJKznPL5ti+mZPGs/63iAPQjgXrE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Q641/elMvTEptBImUUm0sObbu+6xJ1Xd5HJEmWyfyFCJSjWUhDaR2+11MvNwmuGiAB9bdELnGJ0EIkLFbwwTYuRIsRLHB642xoagCf4WM4D06E1KXE3rTrhDRvbfy1lmfB3HQJrf/mE7NSg91rZ5xK/NH/BTmzi4Fq1YuJmUGRKis9Ul4nK1bQrjZ/dbWF/o5DcT5sA5UhwCsQH7hU+q7fqpeDBO3yPIDHedCgzUd6hZ+IJTyTi168EBNqQ/WkI6QauSxsVSLuuVs7qnkI1V4utoA3TbaHBrAOIzJJGp3oD8XjRtw6XgwkeTGd3JLsjjS1wU6AbMbaNZs6DSHkx2yA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920530; bh=dsiqecXhFfYD/DCDjn/KlQk2FvftMUN5mUrKLqDj6G0=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=tcJNPIB7Qfd93CdWiojth54lmoAH5qVwa73mwsb/WT3urDtMAyS1kN6Dw+irLkEHtfHfJ8+rvYgnImVpJCfJ3VkZrJ+QHw2tJeq/g+oaPzAPERcVsqjLHPKUxqq6GtggwSanaczc9JWOcE/6+D+kKfonyaVUEVKjnYHIjegiU0aSO97NYHxLzBKSEnyCRAsPeW94BAJKfTSEY3clLpkbM+thTREqX62/1pfpTUe7AVmsALEMwRHsTNgNxw5GviVDWzHiSenLlmuRJxVnsv27G8icHW9a8/zXg9RapOq/cGVf/h974LhWze3bpT/lk4kxX+qYsciwGs2F4pf64xHkIg== X-YMail-OSG: Kuw3dOsVM1moKQ4kFti9zwy2CqiE5mEJtgcmzrKHqD8xMvtKrT5n3J_E1G.PeCm kUD8neMqQdv1bM7trGEcgZL7bNMSImCRGv_Md3ZiryVLQsvd.F4_eizcYiHm_YtToYBdJqncz1AL lhg4RrQ7qzwA1HdbtMzuMZQE5M1ST.97OGtVh1GEUcIOcZfBLcwE37up9uwyc8L2kFT2gLy1Z1oj 7sDALXq9ken7PErHCDrf54vlfIXQAM_089r29GgUdB7HVXTGPuElQ23Q3GxdDu..wtPhTKSlHqZT LR4eOkGAgcn2ialTSi0vRtMdTLCmZGg7JoEsFoRtW38u61ummuo4UM.5R2fkf2k3CfoZUitP5FZ_ SyCXsvWrc23vHzSDK4VXArTgmoIpdR2m3Vafi5Erd1_QI2cV6uLpJmT92PeH1hEblXbQ1R4Y00vG Oc4Otr_Klhq7VtWW8We3pbJapen1JYTRNtP5DAK4cPbshq9cc9zyb54CzkwuKWG0nwNxSU8JiVEh 5XxePT_1FvznHReTasHIb4tln_EfiqMUcpBmLbF1x2vuyC9vLACRearxYx8KN9LsPdlJHYjOCYIQ ksDe6562dn1a60ByaHMxcyWFloI2qslOHUEupsYTpgUrk05e4Ku0mfmzRxXa1jWMADnz0PZYriwP 63P5RSBLEWBwAwoXetlLOCwhJ0Nm2wxogn3vUV7bGZni.gHBzeWJMmz9iVuMehmLZd6ZCcTrUJXm l0i6D_5KtBXeVNAKCweYpSWTZPuvzDyNhjEXGfBzflHuCLsgFzBpmtgBeKEgntlXezWapsQrMYdb BAlVI5.ZiW2JhBr8X6_euneqkRZoekJu3OTFjRuoXlnJDsUQPG7tlcgqHhYD6DhqXiLrmhrs3gdI AQTVws_IpR1kUSD45l66N.M7OC1fsx_22QtZXAqVw09YClskgPJIbP5ppMiT1msLlucufRXaT1be LQKDRn57CrweNRq566kEhNuTWMFGhbcpcWCYG1b_SvtHv2o874_xwvA0xjpQQSy.YvIq_4cMxPzg w9Wkf09MsljcAT_KgylLjuwuxMWz3RtvGzdnTtPKIQIF8Mjc09oLP87kZ9S9rKdnYcD3DAvszOIQ YUEQtlp.h2XtqDeHNQa2nBE30vma2OMPxsO.mLnceihK4l5m8YUCPDQ1TZwR1fobbdVHAMPCj6RS nQ2axZhTzqpIN1._NOLp_nnnpyQHjMMFr5BomG0D7c6Y4c6ll1_.7C6IDboowJYHY4KjpYzV.95X l5mEndAQHN4WlAN.7vj8IpdwJ0iIW2qxokIBZWMtML1DVTPTftcLmNNvcjjiowLPL4OANfZCj6Ck XOtTj411vmDP3vesI7Pzxb4MCDcBsIQNg.Ivvza1ol6fn5QFloGJjbs_DSYXaZz4GDD6nacNUCAk 7Z6jXdiZvtq0eS580zEI4J9GquZZ6GmKlEZYPNZKimUJmCSwBgseDQrRZgUQ4SEmW5sPb.ClFSI1 9ikRVm43Ew6iYY39JpxabW6H20vG5WCwSA_KGZWcpOXV6.IgmXS9b.AxC5ylaWYtOC3fjQIIOUNe mOCSK4jWbWwlyEqdQ6KoJdVHz529XMaIrWEZI_dcvelILRuKy3zTZAritMHeg7z8HtCp4rgw1iHT Sl6GsYpANlbJRN.6EnuRNlrogN74taxouo06SVXfZ9EqwhQvQ7TRAAEDAN5auRgz2vufzIM95HJI Qt9hD4uhz3hVFyhyujR2ROXVyu9RYi71O5jQZIaB4e4jzrKvk0o06BaVad4iC1L7n_9RYYUA8DMl 9G5KTy_s4iI.HOHX4xoqL7F5Nx_JXMfW_D4UPYw8nZ4J6sCVzy2FNoSfbZ5WF3oFnl1hI_P3q.Oz qcbsjMm_qRnK32317RQaSV9b4D.zcMkB.GCeafW8aNyohZVoLv1etGQZ.DrnadCLiJ5F07uGsa4n 1WLo_SKyqgD6m23Kxj7Tn7jLuC.MUbz8.UCyYr25X3hyctLrOdkmD7ocNFOU6RpIVw.iEyoq7o0i Ue8X5mTdMeu4BUB1NGYcVoWUiwfhDlskyoGvx26cvon9wmwARsMj1NtV9r7Ely1ObXT8CxRf0rmm Dy7rdM2Ub15twU2P.CmsqgcC58qewTLwWnqtIrcrjbASvht57Sh1Tx29u2VOcA56JjUj_Nu7xlTl PjUADHubJ..Sa2DlWGH66fVGo09OD_W5gpWPnwA.07r3qVfw3MZlbatKavYxCdPaHMxj8mIhkNq1 i0.P9Bsbu5RZoVY6yRYCMxcdYF6kLcXG2DzST6uHErHIpRnyAFC.440T5ad_VJqE3HDg4iprZXGg VpHm0heiDei.Pbp53jQ-- X-Sonic-MF: X-Sonic-ID: 3e96d903-ca0c-45fd-afcc-dd77f5cffd57 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:48:50 +0000 Received: by hermes--production-gq1-6cf7749bc8-pgxdl (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 85e66b2f7435f9f3ba08ad33962dc8cf; Wed, 15 Mar 2023 22:48:45 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 05/11] LSM: Create lsm_list_modules system call Date: Wed, 15 Mar 2023 15:46:58 -0700 Message-Id: <20230315224704.2672-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include chosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index b45e402302b3..a86e3817f062 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 3feca00cb0c1..f755c583f949 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1063,6 +1063,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t *size, __u64 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, __u64 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index d03c78ef1562..ceb3d21a62d0 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index feee31600219..6efbe244d304 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -53,3 +53,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Wed Mar 15 22:46:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176723 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A70A9C7618A for ; Wed, 15 Mar 2023 22:51:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229598AbjCOWvW (ORCPT ); Wed, 15 Mar 2023 18:51:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229459AbjCOWvU (ORCPT ); Wed, 15 Mar 2023 18:51:20 -0400 Received: from sonic313-15.consmr.mail.ne1.yahoo.com (sonic313-15.consmr.mail.ne1.yahoo.com [66.163.185.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3CFA52366E for ; Wed, 15 Mar 2023 15:50:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920622; bh=n+nfYo19BWLbmagFYV+BUdXi84gdWWt8aRqNcziYgZQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=egmmBtT2yz/kdx0X8OgEnTQNUjF7fXkWtBG7iOZRi7bw0+XqqipRlQzNVjuiEmWOurXVKdlCyQm4QjZWVWxVJeMAVjc6jpzRl5TebP1cAOkm4b6+VXXym9ABpz0FeaCVUu106oluaGu0pQhoO8wW4uRY4WRfPt/26hbnMuJ8oOK/KRkxIIkDCzwCVTk4fV6yrZcyklzVu5/kBRzhO3r96aNgVN1BylksLi+m4TJB6KKQCMPy668NK6sIdg1Fsd4clEYJ8dUb0P7ILkJ9/XaaUeBqXyCnvvVzVg6X54zaHh9WHXDeCWnglOaL8HFeDhbhktsOb7EMytWkkTW+bmOPTQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920622; bh=Q5zAFTRI4+/aVqaGOT4ZwUmJoz9mFlEYQ5NvGAgvllz=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=FJLE1nylCYt9yfQexJrHIrLB+Ja/Wq36nkkq1X/Qy79ydFytalkyvwlYWQSOi6Jgb+2+sMReojwZT2akTmN9LJiNkcwG5+yVb7orIwO40X4kaHzDWVo+CfuUHPSj1vexL1OODH9Wwo17hc5MXbwctdHL5Pd1JTqjns6wMFFKpT9NIfqDVY4oGbkilHKecVjHjlWr7UrW7XBB7PK3uMNQFMzItoSX2B25S+2OKeFPsX+9T9lI0bKd9+SjF9Tljz95VLfYiJ3FsUTUek0qeV3OMijqpJfRC4V7qAM6dYXkEmHPI7e0YPPl5p0bmJVcB5gmXzfs76qn08QM9mPqZLZUXQ== X-YMail-OSG: ZT4h6OwVM1m2kMLXg8MIv6mFy1XCXYZVJZUh.ELZirjE12ObZyDAi1xM7PhKoXF _M08YoP0a_gNZ.aqS37jxDmaF_wEhjMJeAUTtPuf7WnBP7pHfhvoM8kljx1NS_kOPq__gm_e5kTT 6yZ4HnGCECfPQEt9qX9PYBjWYuTTzEcW6aWI6guGPL6eK7X8jvz0XHayYZOfBS1YBjZhfgARGXQ0 WBglutjKMDXdZpexDeXeAsLnJ.L7CvUhIjCukXB234VdpTITSIw5McOYNfvs3L_Wqfk8ZeAn4coX xGmqyYtR2v7XX7bwXGxq7NQ3lEvZtk5pgY0b0qANzt9uocWWjgt_pcHOA.0fPG3PWHx.Kd8MKDR3 oLl.L9ftoztIxcjq7K43CiR8EpVA7MQSibhSeJfzvgei53g7FJTH00xdEMgfvWaid9jLBPGrRzIe Irr1ohShoIimRwmJXZt2g1Cahd1bMU1e267t3K4046GIohsQsIO4oqsLIyq.nvU4h3ExhwmglJzo Bdagj9ge3CFv0T.CR9FKIh3Q5EH7Pulp3Pa6Nv49AGZYTeCuVkzgKsaFbUDxE8hEBjEizPe6tYrf NA55TtsFVFZZzvICiAY68VvRP1mrjVCAVigZvKwJtsPSH6JmzELfiI3ncN0o56D4dknPBU1wR_L_ QPvKvSER8cSqIFb1ck92qxLr4vRKwyfbvQCFPockVZ9oI.vh3TOi018foZjA1wnaMsqIqKesK4T2 Ez9NLZZgCZQJdOBMC_CBcVZB5kJKS.u61.lwsh.r6i78kNm5BdE6CNT5q.v43PbAFCnDRBiFZXI7 ZRqqJ4GjVBO1Fr8Yg.r2xQh2bZLvcblDL0wPhTI2Xtg1XdiSOXyDtiZbEnaGYFpkz0TWPk42DmN. .Nz.F9uTvXIjDcYH_k.1Fy.VCqDiTa2h3rDievSsEfOUqzLJ47rcLkV3spkdDCAia9TVSBVqaP0R M_pN5Dk.aQtf8jHJ8pctLPFzoam9s5RKCLIVETMx_bunexV3EtiHHEfIL5WHlZg34TAInhvTtnw3 NFzXktcY9HDSwl.ddYdEZXjxBkM5PSxwWRbttr3WV8C0xYbnSjwvxxI0VaoWcryqtaAGjD_Dk2YI 1GE3k84aj5dSYULJIVA.A4JEvC8CwVL7i_TojeK6V1s4FAjjFKc6jy35Zg.pSdUzCp3ev3OuZFSn uE4qlFpgw_BZYt7y9_x6oIgIsHe2PtGsfUaxJn0zgnXuN4uaS50DztEplf6yXCJXA4HWtYjqkKeC dXfBxEicrsYjaO.jZsENcm7JruIjdxBQ2ofiiXBZobl3Req0e5bDzI48FnvbJY.cQ1g_zKrXRJR0 hPM4zvQCfUWlElxnagEfhBMw.saC_D_R.Z5entakbSUtkRjzRACyrRaaoop9TjDB5lWB_0Rg7UK2 IVgQoehj90CI9IUKnGkj3BSpOD77eSEQO6OuUIgOEdybdd_z0v.H5.uRm9v0feXf3_chLIS69l0q f9qVmoSCsnxnQAopGKVSKKh7EjJUYmI9rXfttqqRWI2T1sDclJJ6TJwsjIZ6QprGLZ.kc.sLcVYl up7K.jodydl1h_zF3ZokDvH36LUOqq1b57PAQWssc.1nofZeG3WOg2ajHwiG478ZSy0CGwIvN_5c JafcgGdPliWWtUOeCBX9h3MLREzzJzeiKeY5LuVPCW05ONdInZ5KyIR2je_NW1PfONSfO3.dWzhQ 7v.MHbxqeiSOBuGRMER3d0Lv25gwv5DLWj76zImBtaXzgGE2ACjDxfGn9jFFqZghntmzgd10Dcug ML_iuu8SUalvO44_SZq5xM6ba30B_ixCCuMxxA9dPtlSBVSuZH3tO_Qw2sVGk4nYaKJlXJwqzoQU dnpyX2CJHypomwlN.EoaFIkg6CNLDkwx.F4GZ2BN1YhgMXLKb4vM7e8fjak.R4TRwvkLcSEt7N.D ufseYOILEmIQAqEhPJKzAadrieUqBtg1koojwNJeDeJVe7BA49FKtyQLT9WWCQicidOMbwMhPwbR WzZUK_V5TrOeWolulhd7AtjSRfsy5kpzSoDoJgfnG7YGJ2fon_nBpFWANzRFpLwf84S7_SiKH_Jh P0J4kuZVveUyRZfyoKQpVi4rmq9heNGm1y38p1C_a0uWMRlNOr9GE1sYD19MRuUqEqUDIa0LJlhs 0FFwVHaKzQRpZYJEQ5dkG5hz_hfaRQ_O.yyGApkaqUq4wsevPqrcN.dpT67diqQTK4GM_MPJ4eTH 6RvMElNbcv19CqkJSUoRID4JQSRouMpBV7At2v1gZMw-- X-Sonic-MF: X-Sonic-ID: 5a72994a-c379-4955-b00a-975ddc2f73f1 Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:50:22 +0000 Received: by hermes--production-bf1-777648578f-mpdrm (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 50e2f089a68eaebcc40c76391bc13d32; Wed, 15 Mar 2023 22:50:19 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v7 06/11] LSM: wireup Linux Security Module syscalls Date: Wed, 15 Mar 2023 15:46:59 -0700 Message-Id: <20230315224704.2672-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 8ebacf37a8cf..178e2792c251 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_list_modules sys_lsm_list_modules +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..9cda144f9631 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 037feba03a51..6a28fb91b85d 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 454 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index 604a2053d006..72022ffd5faa 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index 72c929d9902b..c52e9d87f47d 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index b1f3940bc298..31eac3c99d84 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 820145e47350..5037fa1f74b8 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 253ff994ed2e..29545b3ec587 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_list_modules sys_lsm_list_modules +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 8f243e35a7b2..d74fd86de2a2 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_list_modules sys_lsm_list_modules +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index 0e42fceb2d5e..d1a5f3120d6c 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index 799147658dee..96b7e6b72747 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 2de85c977f54..1a75a599bb55 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index 4398cc6fb68d..80b165091f6f 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 320480a8db4f..130f9feb9eb9 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_list_modules sys_lsm_list_modules +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 52c94ab5c205..2610aba19802 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 45fa180cc56a..93f89fb06ef5 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index 799147658dee..f9257e040109 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently From patchwork Wed Mar 15 22:47:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176725 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA09CC7618D for ; Wed, 15 Mar 2023 22:51:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232460AbjCOWva (ORCPT ); Wed, 15 Mar 2023 18:51:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47678 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232493AbjCOWv1 (ORCPT ); Wed, 15 Mar 2023 18:51:27 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5CA7F27997 for ; Wed, 15 Mar 2023 15:50:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920627; bh=iOXNKeJzMcKJmHYMnw6KavWs/Fn7DObPOeEurKOnwpE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Iurpvham6ycqSSOXCkko2LlwD8dTg62HpCQ3oasx8UF3hW6g+0DDnrrHBKZeMb2A4ojCIrmAyjqEzBDsXf3kfgsMZ7f1I4bQ5H4oP3JG4l2kyOlrfrPiXHvs2tZdYci0MBWVFz30vWIim2t5wFQTebNOad6f3lQXrGzNK/Wrgxl0dlUHfLBO0P99AHIvqEkiKpNr6PW89ULbrLHDkvgVYM+Z/EY4W4NPadC5YX02HKDrAS+rRlblziGzlQztGX3vc4B554XMiYSEfPdgkEGJlUsEnaO31qLwOYL6VX0MUAmcnS3HhyBqvXuIkUMUynKAfB6S3vP19brSfQRu6bdEGw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920627; bh=MeNtSSqaIbKawRDtgUERAoJZpzOiiuSjYSBt0+7uQ80=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DFfcOcU+sK9P88R0EhcpSZdH/nbtjuOOni4C/n6GMs2FknHhZY1BGIuiWNJZmPMrze9HJdB0zTnkuF1XsG+fq3qHZ8oDfjDfslgquwoK0yqrxEcGCd1ol3Jd132gKWe0joFsmLaWd+oReNaZ5hyZG6SkpGOQs/DO/GSd/DKeF9N4mycyg4EnCFjSa187ttN88V7070wPLVJiziezr1khd+7D7En6IiWCLteIUd+6r+c4gaIa0HDFavIuwfZaEA4S1wi5mkNesxhFAg9AL00GGk/PffIEQYSXNwIIwfBrqve0r421mbiLteF6C64ciBHHz7fGHl0mfh6gcb1slI6NVw== X-YMail-OSG: VNuHjVUVM1nWpZv.HX_1Lrx93NAoyPbqGRVK9unYFMDj4InAJjauhsZuXfc0w6a PPCXlNImomlZ0n9sS2Dz2JAPjjB4Nl7Zo3YtYbtdlyUDVAL8rssBiLTidEby9GvJInbAf8PrIPuh 6VPoYFjbnyOtYnVevLZ86x_1xxrnE0VBwND6r4M2GKa2vFeW02s3bqZqPTWTupK4yrSWF.PWrMme epgHiQowchn2I1IDJ_WEvIUgP9TY.hRtjTSPd1gaHK4k1tAvmLThuwu.SCCLil_S42rnulbzEkaE Se2rtvOd5u3QjKRy1yWxj5eav6kCJPaWUNnwTmv47BaWadfqUlfEsLw_H2OSLLBD4x9yXAdYtEw4 GayddkmqEpv3r5iu4JNoCs23MJc5Mz1mqqtX4jUfeSvQLFtq1H.Hc8KUu4Ff4YTTp0zdYzfPvBQV QbveOkf6zhYSfSf_B99RkjB0Wu.OJQofZZn3XGV5xI8NfTjxZQ_mok5n8Kgyi4U7f1OFStz0kOhu LOAeBXbIjuZr0uXm3bSWCAtad338MLBeW4eP7opmN2Et6Q5FlgyMxR8pnHs.E9_zhC5Kk24F9Vgs hegjyPAHENubPDcIHwsj4TYQo242BXMmnMoMiqIHEsIHsLnfLXA6eQ7pqgUSCmx1BPFvDvMDI20d IqKd8zcTiOjksmQ_zK1TnN20JfEHysZ_HcLt.vmaXi3bs0W7OEQ1uciH6iCDvwGtQOnfGmNg7gFA CpBX5r9UynE88FCikneT1iEmNEud7YdH.WutiqFqolGdCl0KiQQ0BGoQBFb7WWgDC4_7Kt6x8_6E 2pnHUDF9hSl7VhJdWUtH77JXqw5kBCY90QfFwwb2Pp1EmSyg2R3mTC0doA8rsWg_HXugILZCOTqm 2BXvoh4rjI8N1gbzGPSAagpxAwym8ARtNesYfXj8DyoPjhTnOF9QN3_znLpf11UPNQGvb9d4A2E_ W.NjtG1q1ZqRR0hPp_nhzq_2dYP8Y_hJ2_poW1CIYVDRrPITykjYIFsIX10GEOGzyvO4_SdoSgPS xu6taApz0I3fyWyO67Bewc.mwJs6.XgfL54eWjq1ZhSjKV8XjH7evZA2XWXJHc.DVbbDJvJcSEQA H3moJMq4BVNoFj1rAo8f2BfGfxSTvKjQcCwyof3AdX4EdS_j9J.YuFCo9MOT1avB.AkFBB61OuIr 9dFUNFnuxj8mdNyRZsfVpUr3qoKxrOJGAVJ1HtARz0_mz2YeEkQrTscyIAk95znxA29hp52SONp. o8M3MaYZwcRblQlxdAcLE.umltQ7gE.htpCwC7HeZM2Wl4MPNDi3qqGq9.uVe6vuJ5.M7ZzRWSPb 7JOfbZQJ8FYQzDc2E0RR1bGKHDqdV0V3WWfE1UdFNC7RI0hEnb6US2yMpOiLIAz7arAyXxf65b1j 7F8o0KFcezShaYFBoCPMIpKtPrBivvF4MKbENcnHnFi5RnBwS2HXBbzmYaOvya.ZMt6Pa7PGN.M5 jy.RTKX6Rc.APuTAH8DGWeCwvXinsLpfbUGG1rn7zGI8HgR1OCl3HLJdLDuuChICtGUMOjMZBzDf kVfZSzW8x0naso8bMgnzXFILFgn.nuxjp2Y5y6qqDC_eyCESbk4vA7AAdh5piKT8SpgkrywcZJLF ClJz8Fh1.JH6jo7Q_LSvymTCY7u_HrnBpyc6IbApZW7Uk.X.rxtMsf5cbb5hbP_iYprwZKjMs67g y3nEDjPQ7bIlbodaMT2CokGWAZDv9SKiRhKwUDZ53e1k7GYzgLcmr04RpYZdVv1IG.2nPgNqyCB7 5nOypnT4Rje2.OebxKK4JWWPpi5NcBRmyT76PNpEOKFrW2uRVfvhd0Mg53IVNwkocxj__6F_mKg6 PitfDyX1fKXmE80WOTRnv.utrXX.I03xejpmgsUW0pVCMLNuT53qiJuNMK7PQMT5X7fwOLbJB8Wd FZl5ClxER7ZXp2MStsuQIe1zzvzww4jJi.yfYHK0xdEh67JcTu9y_mjvmhC7r2pyMSpFRaUSrz77 qZLdTGc1i67elQLswWlF897N0nHCsPUjLG2BQGYH5J9TAAE6GWeWXt7HmEDapzteqncl4KGk1bWU DO3qvdT3N.mpW8bFCN.Pn2DM4MhH2VyvFEx1l9mxSAoaM4rcG0ILR28HmRECB.2xVx6Z9k2xr5WT nO2f7awihbZsqQqa_84ubHY5RJpVVOT6MeMOu7VtpLEnFRXS_9DEf2hYGf1TTlMSIPC7mVz5_fS0 hFhWJNTDmdEdgeVJZqRJwYEM6.wDsJ.BSGqgJCTTa X-Sonic-MF: X-Sonic-ID: bd2ea56c-66c7-4243-89d2-b3d3e39a8c79 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:50:27 +0000 Received: by hermes--production-bf1-777648578f-mpdrm (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 50e2f089a68eaebcc40c76391bc13d32; Wed, 15 Mar 2023 22:50:22 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 07/11] LSM: Helpers for attribute names and filling an lsm_ctx Date: Wed, 15 Mar 2023 15:47:00 -0700 Message-Id: <20230315224704.2672-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. All are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler --- include/linux/security.h | 13 ++++++++++ security/lsm_syscalls.c | 51 ++++++++++++++++++++++++++++++++++++++++ security/security.c | 31 ++++++++++++++++++++++++ 3 files changed, 95 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 329cd9d2be50..a5e860d332b5 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -263,6 +263,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -491,6 +492,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -508,6 +511,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return 0; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1420,6 +1428,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return 0; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 6efbe244d304..55d849ad5d6e 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,57 @@ #include #include +struct attr_map { + char *name; + u64 attr; +}; + +static const struct attr_map lsm_attr_names[] = { + { + .name = "current", + .attr = LSM_ATTR_CURRENT, + }, + { + .name = "exec", + .attr = LSM_ATTR_EXEC, + }, + { + .name = "fscreate", + .attr = LSM_ATTR_FSCREATE, + }, + { + .name = "keycreate", + .attr = LSM_ATTR_KEYCREATE, + }, + { + .name = "prev", + .attr = LSM_ATTR_PREV, + }, + { + .name = "sockcreate", + .attr = LSM_ATTR_SOCKCREATE, + }, +}; + +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Look the given @name up in the table of know attribute names. + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(lsm_attr_names); i++) + if (!strcmp(name, lsm_attr_names[i].name)) + return lsm_attr_names[i].attr; + return 0; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index 2c57fe28c4f7..f7b814a3940c 100644 --- a/security/security.c +++ b/security/security.c @@ -753,6 +753,37 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * Returns 0 on success, -EFAULT on a copyout error. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx local; + void __user *vc = ctx; + + local.id = id; + local.flags = flags; + local.ctx_len = context_size; + local.len = context_size + sizeof(local); + vc += sizeof(local); + if (copy_to_user(ctx, &local, sizeof(local))) + return -EFAULT; + if (context_size > 0 && copy_to_user(vc, context, context_size)) + return -EFAULT; + return 0; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Wed Mar 15 22:47:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176724 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5472BC7618A for ; Wed, 15 Mar 2023 22:51:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232564AbjCOWv3 (ORCPT ); Wed, 15 Mar 2023 18:51:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47680 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232460AbjCOWv1 (ORCPT ); Wed, 15 Mar 2023 18:51:27 -0400 Received: from sonic310-31.consmr.mail.ne1.yahoo.com (sonic310-31.consmr.mail.ne1.yahoo.com [66.163.186.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 128A537730 for ; Wed, 15 Mar 2023 15:51:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920629; bh=ylaVWORBqgwPnX0cgeH09/nXwfkOMqqqp/PkB18uv1U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=bDT0NCTmkwaabsc+dcWygREluI023CSk+HKwrCy6iF88QGmWlBGIDBcjKhwEESscZtxe8a3B3Ljo5F0G2CbMQrZcyyTkma5YcaKFLHhjG6QG/C1fn/UvTqS/WBiRm31dfImMk/Kb8ajtZ6q4d3K2arYF5OiHUV8jtgRGsgLcpunwfZXUc2z8m5TDesFbs755wMIiykeIkpxsIhT1t+irZ8V1BFzJm4MHckzWagM93RZLMSArnTbcWkXwGo/lqXERSA4JiIzPP0NkL11tYvcFMu2n0lEB41Ywv7w4NxIgi4lMiKTKB61th4F9fQ90fIYZZM5309LAEMzamN4tgoJRNQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920629; bh=9tL6T/4ms/E8+fo52yhFKb4PRZOxTyEzM+nwd1U4NCb=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=tOYEB8Gmbh959qP0LI7I/+eZD/eHi4U44GhVlpaeTXhGaI4wEqJ1+rtimEVHpxh7DAL6Ff9Z30/dN2Cf2Q9+CDSPHWX32x+Qot7o8HLVnG6lYpN46y1maGmtjV4gTaZA/SiwtxHxbO1WypJJ0cv6cQSmhtoEX99yW5yJnYeUeS6IQZfQbW06Xr9VZZICO9JRg+lM8WoStp0NTnco/lN4m7cR2TkmRRAyuqYiiEHyIubW5PMiSHBG+Iw3wWdCDaxtlsuYr92QaJQ0BSksLEr3pfLXEvSYf8aBXKcEqT07IEPMQDWExkv9zkBzPtvdi+7/L8YyHLSLFRbqOFfL/xpBMQ== X-YMail-OSG: uk.YOLsVM1lzVQLKKkeK6BAIE8kK_x4GHzQoGCYf8UtdwcttCYQO0PK1y0JJ5TU GeP_.F_PYtpjQmnqAlMccArqQskswFZsyOQlNJZFU400J0LamIJFotg7dP5I3IKcmqTfVO1wtb61 GzJ89iUTlOfOYt0EwDryzY8YHpCREa9tMgB1N0Cs1N0q7iDN77rA.mX9XrpUOf6sEmsYIRszIgyv N_w8HYF6koZPNaXUgJS4VdGZtipolgOY1DZ_Efv00QqnPFvnkXQJ0KBg_JsHi47J5OVoGTYG53NB birwG2TS10DY5.6qAvfrQtCM3NXRxIdWWs_4Xj2uQ7yxxPEgIQcFRS8WCqWoBNeJzwbfbXEsKK8. b744MJfRRcX94iKklDHLMmTBsx11WLW9EoercTFXOIfinU8agMjmdrF6PeLx7TW3sPjqQIyFJWNF SX2oXNGPpLuQ1D.XrLBMzSf.JDnVut9OhpEIXONJ_RyKMJKFY9tDVYfxIxGEwTxW9SIfqsg09gtF ZEaGxM6rpX63o8M8I2RD7zB0ZSzCT4AM8KNQFD9blh21MF6bXuDN5z3vvD.qiOu2N2L8ccU0Th9s sp_m7UlILEgZ3SJToQSiG6UrvPT.jXSiW0wrwExGpjUs7JCWa9ob7i79wCrsvmJmomfhsM8qEiVk iXe4YNdKrxCe4s89GRJQDiIcMU9uqBUssbPcDs8Ci03hyCNPrJa0t9HuM9odfPOaJ.kaLE.2U3p7 3cedVdEwhglrJda8wS4lHSlSQQaaSH94__sIalGoQasmnb2ZjoofgJddBFoDBvlCfY7RXkiswd4V EO3WBjvmq3MF9djqDDeJdiu1t2120dxV5dUQaW3IrrfHhYA3fC8frdDa9eU1GP11IyMFY.dhaHnS JdP4ZoOQ7mHHrhDGLJToOWEkG7Gt5DllIvpFeqprQjBXCB1QaBcsh6YnLFkO9VTlxAWeiC23cLQ8 KihYklfg2ARlKh.5WIBrcIROn5XFkhYBfacvY_7luEBmIkly2zWlidY1iMGM7WV67vQEefvELLV9 eeZFpr17mMr4BzzFQcgSXyOMMe0ayZXzAUlVMHl4ZHnINds6oTQcrMXzO_mCaFkUYO.tij_FJKt6 H0bQUMasm1lmov2b6cvR9sjN8hNQCbg9UuCgPqfVpu7xwBuMbAd7Lml.HADNcabpHUClE_ojB2yr Aj_X4IC.xk0JVNEeRKilJKxQ7BGNdXWYoIVLvI2sdOS83e56IR.am41_ItGr8gb.eXPpQyoWN6lW HYmTvsRgbnDPrYisRzkjcyQQAOv5i2FihgyKc0Re_PGUw9hyhJe4NkTOGxZLZ16wUkHEphTdfzR2 aAzWbE.XSen0nSbJZEr.Bu5FwT.bz4RyXk9cxTXfLcrYEnZTTX3I0EtZq6S7eKMz35sJDA0VVeYm apJMYY5NTqfsNWDIJnEN7Rpmxp1Bvd7EghQDYtgeKj_zzSO35d2lM3bhK7p_3pSTdF7wbuXWPOHI C4Lx4GZFrk3Ik.cl7VMesexL_dF0bTMO83NCVnp4MgV_QBAmXuXLdKW5m7oGtX2d6zeCklHJkuVt LmsldkoQopwIyusKwMTDrLz66A2bc8MjgrvPSReBVlKUYNJKRCa7DJOr95ID9BJfkTttPTxfE_h. GIdsmFc_FH2xu2K5D_Uk3H8EhgXP0nOf99a6._RQDIGU5rl__WQTKeUaXlt4H8wc618QRP9r5gg0 LIZyA3SxMUL2QIuOBcUKPwTTtz5XB0kiwp9YKGs2WYwh68xj9T6xmTd_PFhsMlsOPE658IwIegq5 u2qsuDwoffIvphLqwLBrH0scVO2gk7VgaKYstf5.tSBpFKy9Vk92a2yGSzB9U8JFVs32KaTLEofY hlNV78fm2btY7QPynKTQ78btQhn5rHyPk4k4HadyBd3FY9VA6OTEvVkyidg7j_4vDMLtaDaGwJ2u tZkd2azNdPIchNi5WkJPMtXj18QVZjx8VbTkRmnqP0sIqmQl9dB6u3bV7Uc2DmFactby2vroBO3x hm9fi_YhoHj3sbrAQxcLKg7DNnPpDPeDkJfMC0R.EBL.Xo0jpwfvhVxhO.XzKLzTXnLPKkA3yGQe 9chE1bSh0MY2vkCLucT3FCVhZ6a6Qy1XAidApfEY34sfn6JIJrpUEZ4CtOy7sow33AShsPW5UL6V cIMbLEWGiFXt0c3mPD6V8fqDv.xrZt7_6GJSFdfN1wBbMqKMcx6a1qVEgOvYvXoCKDclgaFPLad6 9Yu4tNr6DP3Mm6PYrHib9ppw64qPDncLrouE84h6FEll.iQQhbbpOBNBKgNTC8s9TQL8U5Cbog3P 9KnS2Wemh9CQDeLiktYM- X-Sonic-MF: X-Sonic-ID: 10223a3d-1f1d-4cf4-bc64-10581ecf481b Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:50:29 +0000 Received: by hermes--production-bf1-777648578f-mpdrm (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 50e2f089a68eaebcc40c76391bc13d32; Wed, 15 Mar 2023 22:50:24 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 08/11] Smack: implement setselfattr and getselfattr hooks Date: Wed, 15 Mar 2023 15:47:01 -0700 Message-Id: <20230315224704.2672-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 105 +++++++++++++++++++++++++++++++++++-- 1 file changed, 100 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 3cf862fcbe08..b3e72b82ced9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3552,6 +3552,41 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, + u32 __user flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc = 0; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = slen + sizeof(*ctx); + if (total > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, 0); + + *size = total; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3581,8 +3616,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3591,7 +3626,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3605,8 +3640,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3645,6 +3680,64 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4955,6 +5048,8 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Wed Mar 15 22:47:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176726 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7428CC6FD1D for ; Wed, 15 Mar 2023 22:52:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231911AbjCOWwt (ORCPT ); Wed, 15 Mar 2023 18:52:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49864 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232495AbjCOWwt (ORCPT ); Wed, 15 Mar 2023 18:52:49 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8612B5A1B1 for ; Wed, 15 Mar 2023 15:52:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920722; bh=B09EiwchNV6YTvmCE/oHLsdbUhYDjx8mM9x6SbeTmaM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=j8vj3AF1gHG4J2T7ssj6QyOSPAw58701NwOD5ZWRIrk7xTqjj7+tz7ubVxY9Dsw6iAM0a9uGGynpEDvz42B+LHt8JkKdAijGiXCz+f5HWwaQz8QRmqAqxiS/yfi1WrE2uEQTeU6E7wRteUJ9FTuZQQLb0HZ4XNIwxFYWwPUTrrJocFG84GLh7Mr8qszmQHx3/kwcwJkmw537EkiXUk2Wu5lCUvUx8g3YkFol1dIoWKJUQ/02dkyiDbUy3dmTHpa6hDhQPogklGMY0QvCDa++FBUcgOGVqIVR268wsrTF2Wx8Xj+Nubfh6YgLoD/q5RkO316Y85T+cdRqRAGCGY608Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920722; bh=fkLHABuAEr6vfNfQj2iRo1PVZfmesthOjcey3a+tbQ7=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=kA9lvIX2P4nQzmQJ+UwuHqGUkWSVJ9elCy4nMIV15r7h0Wke/hGv2y4fgpyz7lg+ar2TBcZAb9gmIPkqf+QQydXlDNLDUVOv0niRTVND2hNvbo95hSw1oeYE4nFCsb8wMlHllKJ/4DYP9Dq1czHjjVdZ6BnInZCZHRYSeq1lUDE0EZMzfQE2ir0l+oQAqyfee3QhvuuthXOM956PoAuJnhew5TiSBnO7rS91MVDcpqi0Gq0hQO8sNdI12kfRAizpfUhOWOhzqUGJPMUtJ/NQ3JLMGX6os7bQgqgVGHoQb0O27Ws64gWTEFtuZGz00hqOLf7yDJhOIk5OEWZgFo6RQA== X-YMail-OSG: QkdYhKsVM1lKZrkUB8fRzKn7nLZicpkauiJjfCTPNcLJMdAmfqlEhmg5r1Qfvn. CCSG9BBL3nt8zvU.AqepJDsBYR33zcB5Tk5USfeTxvL8lgONvRA_HDDSpwUv5BepVHlJLUKpMdiS qE.6xGxIeU6oUykk_WYYwu.l8xsUQj68mRnCI92k8rHkF1meY9CpLZgT4GZ21M6Bc3.dTpyuf2dh tDkDlf_X2.zZ1_yAkn6SegE_77YRvikTySWm04zRukOdy1Nfixgw3fPRcdg96ZNxUwXM5WxCh6jD RiwqryNieuIXFrXWLAPSVoO4QS6pm5bb4_7z9GARFIvRRuTCUqjocSQdZprT_Xi3rySmILFS70HV lPkhrBqYwWgn_otzH8PNRU1pelNLjHE4w8EMze5xaMxz5stMYarBwESvLhywVxeqbeo7D7ODHyqh 8wDww5nhNX.Ry3jBhYzk07q6MkUfaxzfZiTnRUH92FOvrlY.3htrGXm4BdQZV0BWLQy5XGGpChI6 phuMHTg4aB09jpMaRNguC6c6UoiVIyqfHSzSQERc2L412pwj4Eafu75T7NuZqjW._fz4itBOfBsT Yj8f4Jd9CUq0sPgwrYhcIq8_Ek8p1x7nD10gQHOQvtHx7DBwG.2.JUfd_vsFL_bCePqvTbT3XJGQ M8Ch7vlsDDljPZMsUyNWCEZ9Uq5hTQZBzR5Sp8rYiGMY9Ig31HjPs8GIbs_pIfoMJh53ChWrP9xn BofE0sI_ct7LZMroAKN7fDce4uT2u.4rl.MrdT9Kk8XgkZ3gZPMYMEgueoseZ2g8TQRNAZC2umPd NFmSkuL.UdmrpkFDFAaP.gi7AT1Jy1TKLekWkM4Ud3R9AKhwYNFOJr4aZxzSODJVhN21xDmrk6By NOdsxeFj5lct6uY3nCCW6FWaYWvkboCPyLM.dxI91tzEpvT7e0mTsMMbGkd4rUO5Ee8Cx3PagPc3 sZc3H5DgVON3VKf0NJsfETZfDGz3COe5m639ZDMT.URr3HA0cJQuTkkynlLrUaULc0QhRTouhGS4 .JPd6hHaaoK1HxzaU0GYwvNq63kNgyH1pzZf.t4WofZyzG18dMGxWpzsrbkul2jcOhIJhnEwSSN9 hEcwVRIaGoEpXZai60Vbh2Sag7.Im9u2ni3U_.1mMDLW6HdqcMaPTAJlhR9anGZgju.XxDUldJ0C EmJTBgMC55HLQ.i08FAXS7d9UI4ygwX_XO_0lkfIRCm5f1c3F1E9TgoxnWL4cjaFLMtD1DBGwsng CpSdHQ8voF7cwLOT_TVTKx5aTo0tUhTTEy2iDNbw5utjpLt2KLJomKrlVSrLlp60k_2.AkCPCR1y Hs8miTzS0efJn.It8OOC0VuONOAui4tfEeNV1QgyUCC3wlvESutYHVbizdQNl03jZLf8D8TUax_0 jfkv5Es6vHBmMXp7gS85fI0oNzU._lmyAcPdIzzkKEU6B7ztDUyMLquN46nxf4NgZwhQZk9QIqoW YYBUJQwHtq5W10PkgIiAqulofIvGP69MTfxjmQWjoXHQ1XOwHsd_aKSKAxly7akA0Hpvl8T6L8__ r3.QcfIcAIAfNMwkpTAO8tpGKpAihzv3U7kM3EEIPYCDryS9g8bp4h18EQQ0oVz2lxDA5gvAIFxF l8f7iILxUqp.a9M_gEHm0fGIJ57Rid6BN9bF8lysRSIyLwfYdgFi9fF.d3chPuSjztLM7_dZnw1B eFJ_9IjcrRnfYnHnoGYGZo8kFpRx6AGfGQ1ztXe6o_5d.GeZ8s9.n26nYo0jlt6GCB7px4UBqjLQ tw7TxO1.iLExi_Wlyky4wYuHPh1mqjCtEWjr01BZ7wQ.P03G9JbG0nWLGRzsBxzpLsU2En4GB97L JQN1AYfJgaoS6LZXF7kmifTtKVewoV6gJi4fE8iUq6E2JhqJoVRFkEBDgpQbt7O_0cJ05JemQwh5 0dGRpahh64kLLkZpAdoFuU3.cTp8o0lDGCrr.CROuz5pP0dXRNfMiArdwaaj_VbtOVc9PEIi2Pmm XnZarHSgmJpFlHYSnT1FZYRR4G82UZhUeQwmop9hfA.m4vfoDm_LRLejEzYIJsEuZyiobYzNNtuN 6vQmrug21QVm0dBrlQibFyfC9trUfTn.2I3.H_FL5q9.FRG4.j6aXFTZ_Rtbi4gEgTvCVucXFOvW XNixdRpE_WMYw6Qeb6v9OVw5Pr_lgpDMRnhuiIOUCsL8HGSLfnaee8hXn6uB0_8cLPJdM9_LueGJ M7GzpIeHPSYjkG6LzWpXFz9mRw9OFBMCcjilGw72ce0ca5yNZ9v3cnQGXbwLVYEWDlLn9RbF2oOC ZURFzuozZpD6e_kMNuZU- X-Sonic-MF: X-Sonic-ID: b01352bf-ca7c-4695-9c4b-10a0b96c7307 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:52:02 +0000 Received: by hermes--production-ne1-759c9b8c64-2fnfh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3519737f64e89c1a78f5fee6524d3fd8; Wed, 15 Mar 2023 22:51:59 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 09/11] AppArmor: Add selfattr hooks Date: Wed, 15 Mar 2023 15:47:02 -0700 Message-Id: <20230315224704.2672-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 96 ++++++++++++++++++++++++++-- security/apparmor/procattr.c | 11 +++- 3 files changed, 99 insertions(+), 10 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index ce6ccb7e06ec..89ee9d71791c 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,45 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *lx, size_t *size, + u32 __user flags) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len; + char *value; + + if (attr == LSM_ATTR_CURRENT) + label = aa_get_newest_label(cred_label(current_cred())); + else if (attr == LSM_ATTR_PREV && ctx->previous) + label = aa_get_newest_label(ctx->previous); + else if (attr == LSM_ATTR_EXEC && ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + else + error = -EOPNOTSUPP; + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = error + sizeof(*ctx); + if (total_len > *size) + error = -E2BIG; + else + lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + } + } + + aa_put_label(label); + + *size = total_len; + if (error > 0) + return 0; + return error; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +688,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -657,8 +696,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -689,7 +727,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +742,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -724,13 +762,57 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + if (attr != LSM_ATTR_CURRENT && attr != LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1335,8 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..196f319aa3b2 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,10 +58,14 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); + + if (newline) + return len; return len + 1; } From patchwork Wed Mar 15 22:47:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176727 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33A2FC7618D for ; Wed, 15 Mar 2023 22:52:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232666AbjCOWww (ORCPT ); Wed, 15 Mar 2023 18:52:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232654AbjCOWwv (ORCPT ); Wed, 15 Mar 2023 18:52:51 -0400 Received: from sonic307-16.consmr.mail.ne1.yahoo.com (sonic307-16.consmr.mail.ne1.yahoo.com [66.163.190.39]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8477C5BDBC for ; Wed, 15 Mar 2023 15:52:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920724; bh=if+hZ2DN4xtsEpQ7eGOO9abOIZ8e6G3kT7BOtEafrW4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=JDUCL2ydGoT4nop6+kyL/hf41xPMge8Y84ksxst+iE1XhxAuDI5ma6Lu3G3cFv1UKtvWovhfAerMoPbyHs4B9FFPFF4sl0jJ79s0H5GCu3uzBI2WL7GlrwT0GIvJL/xw22A8GdOPihpoHOt6si39mxZW0+QxPoCMgALpLepaLOGG4mSGX6WYzwPyaM3NtLehenjfzPUR8VA2zN6e6tSVTC1RfYZXjE4/oNosdaq/d4a3QhfM8T83k7XWHAlLgf5Wc2j7p6kGa1r5fFWN2XLySQnpMcICejWpkuUu8hbL863ZZT8V16rBywQ3PyrywQna/xsFXvL3d2ds7svgNiyj8Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920725; bh=jVEP8q4W5vwO1zMf7ZzeN6CGJWILPyziyt71bfVfhq+=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=ocLjPv+GDU3yt2Go4mBLmZB6o/v69VJ8dSJBKiWnPMAbP7nYv15kXccXTJ3gZMrU5uSd+VEyGLTHSF65gpQnce49xbFbmB9AWUz3N3DRD0JrZ9Br3fxfpLkiK/3CnB0Yp2L5RSGklF+wdXG/2Dfz/duCmOZtENgXXZOdFB4fBKTnudqbtZQDoFzoZvxTJ8yFfLdlgpQgRiKWp6ardk3cpi8Z9VpSe+tXgoIfwiHgEpSohs0iLZK+Yv6aGmGdmtL30Ex9ikawlMk0qkQxlacz7zr7RzWdRUEfva/dCJSU0V+ltX3fpqcwXUZHRBN4WSlmIgY29dUpm1OVEX3UawdoAg== X-YMail-OSG: Ww5itYoVM1njYCJfDWxNLthinP6bHmqq4Jg4TYHRdiusab_QwW8ShWhTqod0qUp P1LmovhADG7PWk0lujbtGm1CfddF1Vab_v1CHwEo6xOrq6tILHA00VjsNxd5bNh1785oa91Z9TET z9SgcjJSki.khfoW01GdpKrCq2P7F8kRn9hKts_uRy.qeqHJD8_wAFRBIaLLWo1.trUOEQjHCMrF yKbGQq1nR8.kptzAmimTvnWRakchvfE3EyolzQTWbUaLJ.vdtLL.jjRXAS.YM7zJMKG_oYdFeb2i NKeFXW6ZWYnIWZeN6ZhG2dJStnH8ovhitRgPaNDOwt.qJeQ1kE_zSlCP.Q.oHX9WG8CIDUY3pb06 sfIjuawDTIPF0AaFEO.WEzIeB37tAqO0MwrrwcG.jVDECH_Jv497UAFmO6kfuI1ZTTR3GV.aEO31 tFQ3YS9WwLKQsuFD19VbQ0f8NEsLlRgabRyXdw8ECFt.kz5kkaAmfVTN7yrU8kDloCL0xpcBbHvX DFCDz6pA7_cgVcpDLS6dhGEUILNmw84xULfg8aNlNaSa8ZT6FMsaf8Pq4KqDrbnQ6pzSOxsHHOVy KN6lpvP3sSimOJC8AMi2YnLsm3oMiLZKKv9EYq5msoSP4S38lxSpqsHFnpXrHa9PKzYlUNK4sR5b H.58j22H2N6ykIYLU57qhcXhSU2rrIFvZ3w3wJ6kuNNkBX8Fg6_gT_jJ5ixhJ3HlgHDR_EUWkHC1 YMarN2.DNH2m0jd.o1iS6caeEwQaiFwPeF9brHNocAT7kuNMiUqe61GvMp1wZbCHIFTdrjRBM9NY tA6ngUdfxD5_pSBpV3_rLo3584H0k9wm4hCi_pFWs6PV14StaTv12b6.p9SD3nYDJRW5yWCIP4Jc tu_2Z1Y8aPu2uJuaBDR0bQHkOs1CrdYPeid0trQ2t26hU3cBMY0Sm.l52PmNomTCUz2FRYea7fYf ylylGgar7eJtqA6uGTKcFvN8fMFd6bGuFvwc5En0BjDU6Xy.MeecIxifmxGDG.qf2Ar3dKkZ7w5q xtXjw3ZaBui_qMKuOd7I0m2GIoz3h9Cxg0TActP7wvi.iaDOWWWjURsKfIRXsH3XqrZI8.yGj5z8 nLhpdssWdrrENTjPkWiroMEX.SkkkTKQtwQHfkoHgpFP5NXQpG7SkcNj51UvycPMb.8sXj7Be48e YG4k3.xeGzukR6y2S1FBPS29oKl5wQZQ5G59VwEJiCQd69cBAiCHa9lDBTQcogMF5e8uGgofHbtX x6hjvhc9Iy2ikK9g77nrDc8eM106W.AEewdwm7KyP.Sqs_ulXdi_g9KiZkZbO9pJmJqYNoaWT923 f4PhXYeW17KApkfB1Zlh9DydaqaaruUBjnKoBGHgq1Lc5MZA20F7nFXz1pr.icBWkn7HvD9wgK0P JJDLkIAEYK7eli8JOkHCgPpmfJTEuyHYZfcIq517CJ29_GcF8p5N.cQeMS7detv4Gq0r.Wv5tbBC b6gH1Jeh4dLO0igr6v45gtV4QvFAfkiJv1s_0w4HPj8jsgS7hb_gcs.QNjW9LbbW7gOLeTxZCeds 0Hu6SnWtyD9xJfeEdG5YtDuqdPDh4Ut_TBPX3UkXYQBV0RWvGJSBktE9n6ks8J.8Hk9NZm9SzGaN 8jN12s5U5Ic7mEdD8kr13KYY6x5qBZ6S4E7Oh0l3KC1ONF8Gt4giKSJSL4.9QyWqgjIVwDvaSxn_ o4rR1nwQEgKIm6OR52JP_3MiK0uqE64wIkYjmn.zboXL960gDBFixUxCBuAEM_RFUf7fuCVOkEGO zX6Ii8wULhkU0hX.izLGH79WaDvILBdDomra56bRu9FzObgfWcq_wIXgnMOsy7t4aGBU192hDg0X ck9Qzgdz8yeTHz7Nr_zxI_ygsRCG5r3_h.Xdq6n85.bX1zWeJgv93YtSPyF2BVZr.htuhpNz63Za 1iQx46ewcT9ADeiRj7hEWviCzUDT5.oKSs.5Ro3KU9C7FMgNzMrkO.A8ssQXqSkNLyAWIyy.v1W0 c0w586Yv3clh49KD0llIbh66yOeVnkgItdv.8IKzunMaL7NmeiLdD931Xw8CTg0OQtyuwcBQ.IID ybxSZLrV2VpLTVGbo4EXOJYuo.4gvHToW9cbvFuL7w0b0HnXv2jJArgLQxz80ke8lBxKh5LXPhxx X.cbUNbOjrtwAVWTWr_i1Q.5p9R.Tus8Q5N74xlbjrZPX3UUe7QbKntfSiLPa5inRny6n3kW_Mus _oAaAxgxF0YXmzkEyH9vUKlUFgT9oOUq2V3YEIzbFOoV6EEMZ5kEaO3VGGXuJSIzTdGidIJFiYUe ZOs70fKqTffdYjSbWT3HEOxcnXKwr X-Sonic-MF: X-Sonic-ID: 1a0fd68d-3764-4dd3-932e-1a4ff284b6ab Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:52:04 +0000 Received: by hermes--production-ne1-759c9b8c64-2fnfh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3519737f64e89c1a78f5fee6524d3fd8; Wed, 15 Mar 2023 22:52:00 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v7 10/11] SELinux: Add selfattr hooks Date: Wed, 15 Mar 2023 15:47:03 -0700 Message-Id: <20230315224704.2672-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 147 +++++++++++++++++++++++++++++++-------- 1 file changed, 117 insertions(+), 30 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9403aee75981..8896edf80aa9 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6348,8 +6348,7 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int do_getattr(unsigned int attr, struct task_struct *p, char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6367,20 +6366,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6398,7 +6404,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6409,28 +6415,36 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_CURRENT: + error = avc_has_perm(&selinux_state, + mysid, mysid, SECCLASS_PROCESS, + PROCESS__SETCURRENT, NULL); + break; + case LSM_ATTR_EXEC: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) - error = avc_has_perm(&selinux_state, - mysid, mysid, SECCLASS_PROCESS, - PROCESS__SETCURRENT, NULL); - else - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; + break; + } if (error) return error; @@ -6442,13 +6456,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(&selinux_state, value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6459,7 +6474,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6483,11 +6499,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(&selinux_state, mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6495,9 +6511,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6542,6 +6558,75 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, + u32 __user flags) +{ + char *value; + size_t total_len; + int len; + int rc = 0; + + len = do_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = len + sizeof(*ctx); + + if (total_len > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + + *size = total_len; + return rc; +} + +static int selinux_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr = lsm_name_to_attr(name); + + if (attr) + return do_getattr(attr, p, value); + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7183,6 +7268,8 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Wed Mar 15 22:47:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13176728 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BA4F6C61DA4 for ; Wed, 15 Mar 2023 22:53:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232776AbjCOWxH (ORCPT ); Wed, 15 Mar 2023 18:53:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50218 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232773AbjCOWw6 (ORCPT ); Wed, 15 Mar 2023 18:52:58 -0400 Received: from sonic313-15.consmr.mail.ne1.yahoo.com (sonic313-15.consmr.mail.ne1.yahoo.com [66.163.185.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4247161317 for ; Wed, 15 Mar 2023 15:52:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920727; bh=S+X9faI1UmSQJmjfpLORvXGBJioOwUVw04kUef1iOVE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Hs3+/4+iTjb1ocn8twuJIWqoFL04kEUqVWMsHQXfY3Kf0D0fJT6tGZfWI7BYv2pE8w56yxph34kcCueUEqs7/0E0OonpEPeSe0GSBXgsSy1SrgwKqj8yDtahPSKYjo+kARqGc5FTVq/MLRumFZPvrHyspbIurT/KCW7OKHGxy1d/J5vNgkfo8OizK0D9BgnXnyNVPVUKTvE92j4f9ybYakv9JjnCpqMNnk0PG7Ry84WDQdLb8KU8yIorjmsX8IgaB0hxskPiXWfyklsagGbUAT96IxzLkjQla2fzO8eRaCmP4QLFQ05m99K9Va1Is3DzWz3zDEQQYTvvXLwRxpHE7A== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1678920727; bh=fFCTZbTi8jy+dGzrV07t+WMfg/f6ocTvXIVTyLJ7QLK=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=YSTMDEi1N4PcKih2QalU4DwZZYwcZxPG4PGLmAA7H83u7egHgiovj7IzP9/YSHjVQ76O1n6L+SkbTMziLnUsiVU9LXhyN/oxZr4Tu+lmDBsilQupe+uOpwmWKEtIwFsHRnsLxdyIsmczHA/qWEk6t37rsgAIX6ONsg5VhpnpW9E4Q33naukUY7drocFQbXQl5TeX9Y32o2SKqyDGSTsqFym4FNDB/9h92uTNyLFMHtBBUQmxWAy3d9K7uaBKnhlZ+6UGoVQlTF3q3qRPqcUBcxT7sMQaHGDyRY1E4Pfl+NEcWO5I6emLMhDScBv6rL/u3mqYcAhUkCLdlTx6PzhA/w== X-YMail-OSG: CPqUl40VM1kBVXbl44.BmA53yJLNoT3EPCZFYF6qyEtnu1sKn0p2TJYvXe8vzAC 17IeHz2RJ638ygWGGoTbdz66qwzKOAvpg5hayAV2eYaaOeyjiGFVI0pBVfHmD5iMVqRlR8p7inbV Xu9st1UUUjUY5AzEUYMX5JutbfRVHYf_LFXh1276S7N38KzdsCNCH7bGUEFgidv2zLrpyZ6rGuw_ ZI.Id3qVDqkrKdVLkFkdhOeseg14H9dzY_IPRqjt3TYa8GlKnrSxCSU.B70dlaIGplcDb6tqsk_F PBMFeQhvbmYQc4MCJ_8MMpxS._8XLqPn_ei.qEKMbi7xgCQ7quKa8JWjXpFeZy6mOEdOeRj3fH_V Ey5whr3yyz1KaK98TpShz4TFbLAh3ViMLZL010Ucy_3kXiWNZA.0aAa7D2h3uhsojRRbCuq_1FFC .Ht1Mw4N8wKD5FaP1BYp.XfBWLadu18KO8fb0eMYTeOqWKzxlstdStGn1lh2ruZYMsTVmfJypHvF 9OoTmcsMV53T1iQBWB12fSUzhmiPSOlOP57Df.Bc77KIKMwkW6mnfOyLkcIQ10XMl00.DIs5hEiS HL3Vm8jujt6KtK_KC1CK_GBa8sx8Z2h9UNawevQRRHWRcQjbQmWIiE319xZfU2OulDHxb8XRmpHv .fNm8eIl1UZOXiPwAvQIfIrXgkhID7yUWA8Clfc1_h7Zx8e9HmrSJw2wxuJb402aK7zR7zy_D6Wx RUHnhlzCaoXt37fl_N_.3.4wg15hJlgLGRB8k7Ii1DevM5hs69NgQMHAEIqdBSNoEwPk23lZkyFE St81X0a4UL3KPaWI7VJ0ZO_8k72ukIY.daKksGDOaazXUtN3D4sgjg6eCHGUsyIR6n.x3WAc3zuq 4cNz5hggUsUTn9pVEf840KU_KfTZgSYQdsJ_gNmCXe8bh3V5dsj6e1fbL1t4c4kcXIlgXxG.iaO2 .RvDI8piExyuMgUJK5Yn9mQHfSGUVsM_Q2hpY15aPJYKIb7nQIpbKqvjzGKvCPAAS7KpW3YMFyGT tqUM3SIkayzW_NjhlBvauJd4n5iyYyz9fRvYNSWkSb3Z7hTAOYruBuZigrbyCeNa4YLff.xiefmy 3ZaIauBTJN2Wi63guhixS8F5LenUYopVNWFsDGCx.jju5AIx6sbXMy6phL8n.1BINmnZAm1w5JHV 0Xg8oVSS60.oU9PSKQ.TbssJCus05oApnFAc7qNC8jkLOqwqzAtNtT.zvaBQPfsDrAyAvkReegnX eqBZbWjOgtVo0nxxlY7ePap8ffzmHfp57.V7uayS3MdRGAuYGhkLsmOU2TurmfSLnbfiixH4Us5T tlAxhOgqoz3xpHdW2oKwY2UEUkPn.xW8gShWf5jWARuOZuM7quGYtcvzejtoVmBptgpG26J_ppU7 bft9NiWJxRyOsnYGFiSPhphu9aJjHfEyAphFZ8wlNaOhD4bIuY94_EhhPgvrKgiWqJKJ42uQUfdp rQzbHn6eqh0kP.Ud5dDJP4DWnYF9Ll2y6X0ii6luWoQ2BjBkEXQG9YgV_uTmLjhZ8_0tJ_XlG1Gn tpuPBJKSHugdBb3MpBGH77iBLKaH5jW2n1QIbYEFGOJgthptFYWLVZWcca.L3AJSdmMCGY9d5QwV OGEaZGJpbSGlC.IfTnzr4rKDLnHNpuKjQ6LuzNCvnpDBP_UDVskpUU.8YvgB.TDJkk1zjuK20.LK TOHoQnkwjhUgbTCR1EXCda1.s2_1XH00lfuQIuYfamSXkYGVpp8Kxetb.Oj9Q0XfRKgjbWymXHHp Pw16mhRJk0MCOof4nj4bIlOzO.w5XBP3Y36A1jJH9jlMmK3JQJ3mr6J5WJuEqlJCbIh_Zi7ccA72 leepV0fDgTdqYxBCynDHRZYRl1MFrhZ5Aer_18zVrxiy_IH6VrKfboUSK4R41i3glx9OPD5LTbNO x4EPWDgJZHvMkRssyK8BaOZ7NEH7qyiVIuP4Dp8K21c0vu9iowB0NQbYEKQNnMKIKhkXavovEYDB OJQlSzzzou3xTEFniLDomw4771jW8E4mJdAcndu13uRqmPt5pLb6GQ.iNunHr_fJdFjLNJu8JFZ9 TWGqSoyT2bM8oB.77XchikTy2sB6CJhIFh2zyU.dVaiatg2rXtHq2XK2Kz3NyZdYyn_DsI2oPIr8 x.uAwA7Fuxv1Wz2nbxec6SkgJQjUq0B5D_mGS3K9HykUS1k2Oy3IqQkzXPhIC.SM0TdBurQq0Unw Km.zeuWCB.zjsNC7oRl.jfg99iBBun30DKZZhV2cg2gPC4dUZQyl447Ml6xUT8tHqCveudGQWew3 Csv44YUqEfPMSLCbEGs7QjRG96LYRcQ-- X-Sonic-MF: X-Sonic-ID: 13f74364-41bf-4c80-87bd-467470b1a429 Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Wed, 15 Mar 2023 22:52:07 +0000 Received: by hermes--production-ne1-759c9b8c64-2fnfh (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3519737f64e89c1a78f5fee6524d3fd8; Wed, 15 Mar 2023 22:52:04 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v7 11/11] LSM: selftests for Linux Security Module syscalls Date: Wed, 15 Mar 2023 15:47:04 -0700 Message-Id: <20230315224704.2672-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230315224704.2672-1-casey@schaufler-ca.com> References: <20230315224704.2672-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 268 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 149 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 70 +++++ 6 files changed, 502 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 13a6837a0c6b..b18d133a1141 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -38,6 +38,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..f39a75212b78 --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..2c61a1411c54 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,268 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + if (len <= 0) + return -1; +fprintf(stderr, "len=%d\n", len); + close(fd); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_NE(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, NULL, + &size, 0)); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 1)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_EXEC, ctx, + &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_FSCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_KEYCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_PREV, ctx, + &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_SOCKCREATE, + ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..3ec814002710 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,149 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..ca538a703168 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,70 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, 1, + 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, + size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, tctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN