From patchwork Tue Apr 11 15:59:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207774 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EE844C77B70 for ; Tue, 11 Apr 2023 15:59:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230490AbjDKP7m (ORCPT ); Tue, 11 Apr 2023 11:59:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50918 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229789AbjDKP7h (ORCPT ); Tue, 11 Apr 2023 11:59:37 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F051A3594 for ; Tue, 11 Apr 2023 08:59:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228770; bh=MclJyXAA2yISrZD6ZjSt2x9nQg7FwhjnWDY+AGuMMY4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=d6jvNcr6cCV7CIj5ubyBHt5UVkcj3dAKqyK5NQ55jZgxerCCsc5GHEEdRoi4F0KzPQCY4oAX3BMpPiyLh1HR9wiER3pv7LPx2aQgiPl1nURFYxfJrvHFyxRoyyd0H4KvZJISkCL0+zdxSpRis7r5w+v8tnI5tuteQ5FjzFa5xvUTqIyAjBY0orkZF2uopHewhZZq0OLK2z1uPrQgoTFOB2uDkLmKl/4sj50ixfaCgBz7yOiokOeUh1YJQoInHKpH5uOQzNFAkGH26aecUGcJLK6QxXpGKKFn9yL70xFh/2nxQ8Pr3ual+dy8CMRm849zEBC282TG0KnkTJkKIOU0iw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228770; bh=B96Nck+OyVlXcL8nbgh5b2sXUm5uOuMXxBCUkGPC/MU=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=csA6snq6XuLNtEzPuGyW936ZW/s0fXAMH+FMuVD/tpaieJeN5n3HIcjNeuTFH3LnAnrI2dhS/3oioSb+Fk4K34qL5Gikm9dRy1jO5jGq7ycs0+S0XxYtco/tYcuKuaw/ijh67vGCp/arjJhbUuJZuiuW8ao9eeSVm9wgvqSx9Pe0SWYX+sxpfhULprD8dEU9taQki6M7ETzbow+8t06xM3S36zn8xfTsyfwI695WZbHzLwUPEsL9SAjJck044I6PgVprNJORgd1TpyclhzjXKfXG8hLJblylEOrSZbmv7MxPv6oJNMO29T2eMBLSJUYY5yfnR5p632stf58pNj2TNA== X-YMail-OSG: 1tDOlTQVM1nqbRsGgC8nNyvOULH4J_Qof9iGDXILwAr.KYLxYEiCLphfln4xri2 twyfw8hxtlVFM5HajmJvl8h6SkLZTUIMH9.gcI_FArFnm4MhPzsBQ2LTTkv4S5EXKps4xMWtpXkW imCG0RQwCPanwiWVS_o2jFcFu1NtzXatOLY90wJjKt3ymZaBv8zfcqOrz.sZ9HURqXs_PycP8ZqV g8x2c6sJh.CcaZPJvVSP7hEUbd_uWVpW7pquB3SEvV3SdDkxQ7w5uyg.hI3TFwelEzWmiEEfG_iY 2293W4OjwL0ZLax41yRGV8shRNJGrVnxkNhxdcxNSAOh32TRm6YFaaMvtue1q1CmpMfIqPtRpSj7 QwYXNfTOucCsWbI5WKzLdq6szSlSy7jg0QAiXewPwN_NPpgMvgfa8726bc2rjTh84Q6ShyVE5wIS LIHdmW2frRdNsyS5NNfOl3Mml0ALK_E_bmDjyYujZ1fCgSsMYVCx9K9obIsiSwLeMt9Lkk6lTBRc 9qW7heu7u1ZGUBVGB7KtOJzKnR1o0.rQrf9mwa7K5DzLgMu022TAPX6uLE6o3ZzWoZoemSj0qm.J V3CX5BkI04hPo6rxx5ZAbWSbjjJ_vc4MDnSO65hWiOJbhVzWzNX.mXYrm9MkBsuZYwJ1IMNaKu2J xs4aiG.lOjKZMH1leJABCw5SVOgY03YOR4gk13o3QJt7_9xhs.Yj66TnfTMa29O8I8.1ktcYSLvO vaAZ5IZdnyfpLUl5TYSdGfeF_eZmCHZ.vWjcOr72TAep6UI89hGbBRauHebOC9e35bR55KxpULJL G_Wk5eZl5LiNGUZTUq0_JzavJJldXIOEzd3JJKI6S4QHK6kYYUSBKxSEm2vk1pr_l1g6eHj5TdHB d4MQoBs0CTW6UhFhBeQDEUyT842iQ6rxahqvBQYONoX3vgTse13joDtXDDkbRvMlZKba0ZFa4Xco wpJdcz5AY5Eylfk0et68qiNLZ1M_MijIuOBW8eSLF2v9xgdG00vNJqyBR8ksMZrDkBeGL4nopLk7 3t4WZPLUKVm9EQVm90W3ZExYVL3omQHzBpw2GiwNjGhW4I0VSe3I_dtzzaqaSPdPoxLrCbk3amT9 nRWu2KO.eJf4yFePuzuaEvrgPpCsXmYhVSvp9b3NapFkOW5YmO5SSqwMUhcrHV4RF65hub3PWUa5 XY4kjXBB7XjZy81kVtrERDaSk78LlDvY3Wu.79yEgcv1nkkrDzzGDVR7yaoz43ynIMiBOLcr.WeJ POjfwMt5lj2HcLnqZyOHCPNOnGOLMZ0QtxcnWkwK3I_QzogTdpMPxAy3nFjyS.hO7Ud.WogIlF5b W3b1ilT3TGPLLoHLkkXgULtbO57AO2fpcAmugXX5r9jqJW98aJuh7kVUacKTMJiWH3oyY7HcxjKR IfoJC6WVRND6ucU3Yi5fwHGQ1t86Q2FTUSly.WiTF8uJsSrJTFXPSt2wDUwQEejou0HO1xoncdx1 zKIoZaF0.u5u1Nc8WdTdLVLocldqTM2ph9_iN2mKdGwBNDAdfJNC3A6yja_WMnKxY61bLv.bFp_0 lCgPo0tX7MjrYLTl8RhRe3hyo55lnxR63tlrtKY6xiwovRGiO4tQLSMqnBQ1VU6TizkFVuKs.fgy vKgzY0c.l9A1ZiDq4g3lMGTXUimLPqlj.BOS6ifZ8ecx2cFUM0eU6ouPVGWlCLNDVVTcvB1mjJ7n yiZM6u5q_0DS0F_YBNI46GHroC.WJJUjXEzoEqSasvXtE2X3GF_KG040gajZrxaxz_JzzTiDVb0O EfG.HH6alpXpc_4HF9saE48Y.nS_8.Kake4rF9Xj9l0Svvg9P7RSaygriwgHciWAXMyRlEcaEa2i M7SKCzdQF_qOYiuzjSp.JvTw7EcC9dQbTSh.ZH.Tfy58VuIHyjetU3eMOmcb353rmJMyNGTEzLRY OpGsVzGKgkQEyGYKeMZQ874lokrOYOOGZlT_jhpauFuDR3rV2_IqUcLMmjoO1ByikAYPeaxvlv3v wb2Ze21bRAJ4N4YGCapCqqSYmExlChgztz7CCysbuWgfnMmufvDeGSDHF29tYO8eKZFIQaDEh_fz qJ8i7DZjU_56ToWqiO39gaaTRXXm4yrfskwGnb.o8.Q.Q_YKp_0YC51jGmFPzXxrplmNQaUQcvwO YOBt104y1VVmBueptGRu_yHJ2pt8JvyRDkdhexvIAH82ZuE_9SA5hYKvtqe8T7fN6Tarn7XmbBXj OFvOy9lZ7UgwzDmUmkfwhisdutifMN_EnlHIm8wptT5Y0POjTXYEORMQ9vH5Fx.2MpX_7OOF3Jxx xxkZvkvKeV_tIW3Db9BE- X-Sonic-MF: X-Sonic-ID: 820e11d8-f14a-4978-af89-75e7e413c9c8 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 15:59:30 +0000 Received: by hermes--production-bf1-5f9df5c5c4-84ds6 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID bb1a3f7a7b49e6371e007077b829a9fe; Tue, 11 Apr 2023 15:59:29 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 01/11] LSM: Identify modules by more than name Date: Tue, 11 Apr 2023 08:59:11 -0700 Message-Id: <20230411155921.14716-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ MAINTAINERS | 1 + include/linux/lsm_hooks.h | 16 +++++++- include/uapi/linux/lsm.h | 54 ++++++++++++++++++++++++++ security/apparmor/lsm.c | 8 +++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 9 ++++- security/smack/smack_lsm.c | 8 +++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 21 files changed, 216 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index f16337bdb852..54c0f54cde89 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -31,6 +31,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/MAINTAINERS b/MAINTAINERS index 90abe83c02f3..782394b006f5 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -18810,6 +18810,7 @@ S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: security/ +F: include/uapi/linux/lsm.h X: security/selinux/ SELINUX SECURITY MODULE diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 6e156d2acffc..8e6ba0a9896e 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1665,6 +1665,18 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const u8 *lsm; + u64 id; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -1673,7 +1685,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; /* @@ -1708,7 +1720,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..f27c9a9cc376 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_UNDEF 0 +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index d6cc4812ca53..ce6ccb7e06ec 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __lsm_ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static struct lsm_id apparmor_lsmid __lsm_ro_after_init = { + .lsm = "apparmor", + .id = LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1910,7 +1916,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index e5971fa74fd7..5232c80be5b3 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +static struct lsm_id bpf_lsmid __lsm_ro_after_init = { + .lsm = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 5bb7d1e96277..bbc0a210506a 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static struct lsm_id capability_lsmid __lsm_ro_after_init = { + .lsm = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index ec6c37f04a19..2eb1d65f10d6 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index adcea0fe7e68..fa0e6e76991c 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 4c5b9cd71286..eab35808f395 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 3f196d2ce4f9..9104133d04ca 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +struct lsm_id landlock_lsmid __lsm_ro_after_init = { + .lsm = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index d73a281adf86..556d43e37177 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -214,6 +215,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static struct lsm_id loadpin_lsmid __lsm_ro_after_init = { + .lsm = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -265,7 +271,8 @@ static int __init loadpin_init(void) if (!register_sysctl_paths(loadpin_sysctl_path, loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index a79b985e917e..e8c41a0caf7d 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static struct lsm_id lockdown_lsmid __lsm_ro_after_init = { + .lsm = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..8d0742ba045d 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static struct lsm_id safesetid_lsmid __lsm_ro_after_init = { + .lsm = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index cf6cc576736f..58828a326024 100644 --- a/security/security.c +++ b/security/security.c @@ -504,17 +504,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -523,7 +523,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->lsm, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -2146,7 +2146,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.getprocattr(p, name, value); } @@ -2159,7 +2159,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9a5bdfc21314..9403aee75981 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -7032,6 +7033,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static struct lsm_id selinux_lsmid __lsm_ro_after_init = { + .lsm = "selinux", + .id = LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7355,7 +7361,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cfcbb748da25..3cf862fcbe08 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4856,6 +4857,11 @@ struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static struct lsm_id smack_lsmid __lsm_ro_after_init = { + .lsm = "smack", + .id = LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5062,7 +5068,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index af04a7b7eb28..a4658fb5ef0e 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static struct lsm_id tomoyo_lsmid __lsm_ro_after_init = { + .lsm = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 06e226166aab..2487b8f847f3 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static struct lsm_id yama_lsmid __lsm_ro_after_init = { + .lsm = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -477,7 +483,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Tue Apr 11 15:59:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207775 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94448C76196 for ; Tue, 11 Apr 2023 15:59:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230041AbjDKP75 (ORCPT ); Tue, 11 Apr 2023 11:59:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51630 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231229AbjDKP7s (ORCPT ); Tue, 11 Apr 2023 11:59:48 -0400 Received: from sonic305-27.consmr.mail.ne1.yahoo.com (sonic305-27.consmr.mail.ne1.yahoo.com [66.163.185.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E65424EDA for ; Tue, 11 Apr 2023 08:59:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228776; bh=gX2htUbJVQu70tjeZK7/GhWqFSnOffI4/UYVqiCQJFs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Ue2NVC7KffB9z5iV3j554EVJlVB0/9qe1bPpUoFomjAcJyXMCAGvDe+DpzPhql/fLcvy3RJUljAQPYy3PFamsxhw4F5zZxpMOS2FQKJZmrpMG8F5tI3uGy2xFbHSeHGHB3r8UdkeIYw/y4cUcDWnZ93im69ISefUZpTRGPiRKKIU3IpM1afMs76ri/pMa0Em0Z02XifPkEQzkVQAWnZZ/Bp5AUKMA6E3YCOE75HL6sjzFp3HoCjqC4tpvBu4E99d1GTCQEB+Ue9kBBqaOql14CLaGZ77e/u+uf85Rk0e6kI5jcj9zRkFlYGkX8P0XBY5bLqB2GN3ULK5zwnDKlXG+A== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228776; bh=ONirwGak/GEi45uod0w1iuYoDXABE08JVrQWgjmETtj=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=m/cQ34un0rx+JC6BjPu/XLk+v2JxYp1VbxFCxC7G+jDDJ69Fb8P2T0rqfry2EVLb5ZmwDw6uO7g/XAolzNYUBXfqVlAdGsmQK5VJHyZZVBQBcMh7jyR7VDX1oiK5+4AvDhTupvnj53/EMeZ+Zilna8yJ8HK2fTCtZFASaLm1QIJYLjCm+OuFDLYSP2gFuQ5aKoSNJM4eM7Svr8YdW5yx3ZwE5fZYLJUtYIwYcqr6YWvLnsitQpXYd7nfaYiOjYgZgB74JN0/6m+EySDT4mD6aZmPwiLfMJpqbsGxhW+A6+GiacSNMXoz4G6LZZJXbEFEFACL403bIxvpev7uXLPRcg== X-YMail-OSG: mE6zsHcVM1ksw8BrjaAQ.js3WKJQ6X7MxmAVF7iq4YRjlJ59JBeH4vejlB2_4du 1E8aQy8jS0z0XFTPYY.GpzNzCXy3Uy03g1X45ksH62DpL.f8960jOdaoqa7_tY95anAIuNhcJm5y Zn4L3LFE2jSTs6jb_omA_juxlfaB1c3GiwMx9OdHlMpFt87r9gOlQcDQUtcHPyUxb.SusShwZS7t VLYaGFgNNkYYTqKvoqfcfBlBgNCMxOYRkK.k9mkfjfBVW3mm8YX6AKIxh9YfuK_p.9Yxztb3wNLX oJqJAhdxJ.1USJzv22WJefaT8PaeEVVPqZ_M_fjRwZ11Lw3oJdNWN0C.eYwR2sU4Zis1AX_W13FV dsZGySADE4mycEU8rtCahCF7o7iQBew2WLWkjtE5c0vr8uZKgeqSib9Dfj0zsTP8GRiAaYcz9xYW TxQRv7CRmG47Ux3iVm7UyjrYB2O56KFQ.4Ns9wRwLK1tGfaJRhIJ2ZAZ7htFQhHGFroZqYxmRkZ. j6ois.UqxpXsAaa1crxdTVOndKusYQn6EUtFAFrknRI8eZ086QMn1F05DpdpQh.Xk1eBsWyPpx4A 7amzgFvMMRf5ocREo9r4XXrYWhWPu_MCu8.FOC.xIHZtRE1u18l4GKUdXaLE4U9DxJHNOeEFflOw yHtFcXmx2sBwuJmNBSHNQfQY9b3YA4uF6SKwsIeWMrlVyNBBcCHlV1zDcKLHpFh82D7LiCIodsSa THjrWm2WufLkWfR2wuggcwd0iRUmzwvEP0RiXpEXxv1EC.Zk.zF1oguDs9ztRvdlObVG8U8DvVzg o4xwsX2ad.6Kbd7gX.xql7wyCOLCIDVKSwGogjm7w6BMAT1sFdGouofXWlW8k2sWdvB8ba2eCu0k uwWt80L.utJSPmWkOb9XKCJWh3P1n4p2CQYi4woI9s1YTozRb9oRU1vF8KneWLCkMLdZXy6DdAf9 ETuA0Md58waUa2XYeVSXqrfz3uFpgua6hp01E1ZfotGsxfwnpMNO7.AfjOwuf6E9eL6Am.Z2Su4X nWQQxZyDWQD0hR5wkRzo8UMFv4o3pc6y2xVCv7KoCokSafwomtYxU7G.CUNt8a8eIj0ZLGnA3CRC JQ8IhwrKYEbttlNpovLeDf1AMQryZJRDw5Hwar.xgy4D1m2B_gg9AjdDBKg7g6gGymfI8psMMQqV 0HcmfKMT9fJZmgYe3XR4xP39L5TgJV1LbnjBePQKHUhSDIQziqdcAKF38CVoDIVsngyKkqPc32w5 4aZp6VRoD6hCWYcKrudAh4a50_eUbzEVmC8ffu2MgMYWkKrdxHOUxShL4riLBR7LLZNp.EGyidXN Nl8qDXdS8AzyUyibqyt6C4teX.t2IIS_voMQa7nhC64nLRS6OAcV31ZOseo.z6UNW1stCwx_VH8J 3sGgQlPiC.6d36p.8YnDRgc3hs4G_nwLNjhAh_bwYE.nTvyiNx7yP.JufTZ_4S8NKJUFlNJfRVp. inua7.wRvjuIJgK3ySzPxvEk0FOrAWGqMYtA73BI7BPLoeGGJ2vQQ7ys7W9BRhQMr.UKOzPypuGB g7.PtTVIzh2yylEjRsqHaj3vEWHsRQt48fwyxVvCFC32_O6Im7D9JFiov6LXpoJJb4iMshsURqx8 OqI.pzKltv1nRCnWcjXkgCFtfSslGMo9hzz5iLqz.z33e9Ap160ZaiODQNthsAsNQh4GOgapljUY 938F9yzIysKUzVc9UM.fUNYotBet8bS2WWCKuM5q_oRREJVyTZwiDh44wPznU.OylHs2RnpDVQOJ t6KJshLVqqP7_zp5M1_zv6Yha6uBvPSjvgyW9byadTaiO_jp12J1O3JtrbtJWDy5XjlvMMjUFwPc jNEmjIwUkLpk03BRxS9WA0P0JhFXPjzrVsL.nWqaZYqopE2DCQWXdMZ_6nHj7Tsk3K4ZPA.DvZl7 ET_AKNl3HNuJkdRMrnOFvfJh8DSnwojHLWshHzxN9R_O9nY3GQfUfQW2Dhy7Sl5qSMHFjx2KxwJQ Fr2MCxY19cOr1qwc4MpgM8o0blI7DCan3g6Al6C2ySRbRnJnIEh7VAOjtZBXhsoyKT6gUv2.fbJ3 _VAh0eu9AS2cYzIduweuHC52K9tcevBcpgwxNGaC9vu6EpMcclzEmR7IM_32yBE4jVMtQU.kL_1E 3efKBUZFWsrMS.0T8b0fLkJzIBPWFHIen9AkyHkh.uSmIslTdsiJw177ybQRJ3Eymvfz4KRv8ipb EO6P_TOpnZPBXjv1ZoKuSJDkkWMUJmjav44Z_W6c- X-Sonic-MF: X-Sonic-ID: c44af405-3986-4b1f-84e8-fe4ddbf60659 Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 15:59:36 +0000 Received: by hermes--production-bf1-5f9df5c5c4-84ds6 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID bb1a3f7a7b49e6371e007077b829a9fe; Tue, 11 Apr 2023 15:59:31 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 02/11] LSM: Maintain a table of LSM attribute data Date: Tue, 11 Apr 2023 08:59:12 -0700 Message-Id: <20230411155921.14716-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler --- include/linux/security.h | 2 ++ security/security.c | 43 ++++++++++++++++++++++++++++++++-------- 2 files changed, 37 insertions(+), 8 deletions(-) diff --git a/include/linux/security.h b/include/linux/security.h index 5984d0d550b4..e70fc863b04a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index 58828a326024..3f98e5171176 100644 --- a/security/security.c +++ b/security/security.c @@ -28,12 +28,29 @@ #include #include #include +#include #include #define MAX_LSM_EVM_XATTR 2 -/* How many LSMs were built into the kernel? */ -#define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) /* * These are descriptions of the reasons that can be passed to the @@ -90,7 +107,7 @@ static __initdata const char *chosen_major_lsm; static __initconst const char * const builtin_lsm_order = CONFIG_LSM; /* Ordered list of LSMs to initialize. */ -static __initdata struct lsm_info **ordered_lsms; +static __initdata struct lsm_info *ordered_lsms[LSM_COUNT + 1]; static __initdata struct lsm_info *exclusive; static __initdata bool debug; @@ -341,13 +358,16 @@ static void __init report_lsm_order(void) pr_cont("\n"); } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __lsm_ro_after_init; +struct lsm_id *lsm_idlist[LSM_COUNT] __lsm_ro_after_init; + static void __init ordered_lsm_init(void) { struct lsm_info **lsm; - ordered_lsms = kcalloc(LSM_COUNT + 1, sizeof(*ordered_lsms), - GFP_KERNEL); - if (chosen_lsm_order) { if (chosen_major_lsm) { pr_warn("security=%s is ignored because it is superseded by lsm=%s\n", @@ -387,8 +407,6 @@ static void __init ordered_lsm_init(void) lsm_early_task(current); for (lsm = ordered_lsms; *lsm; lsm++) initialize_lsm(*lsm); - - kfree(ordered_lsms); } int __init early_security_init(void) @@ -513,6 +531,15 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + if (lsm_active_cnt >= LSM_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + /* + * A security module may call security_add_hooks() more + * than once. Landlock is one such case. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) + lsm_idlist[lsm_active_cnt++] = lsmid; + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Tue Apr 11 15:59:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207776 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E9F3C77B70 for ; Tue, 11 Apr 2023 16:01:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230412AbjDKQBV (ORCPT ); Tue, 11 Apr 2023 12:01:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53672 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231143AbjDKQBN (ORCPT ); Tue, 11 Apr 2023 12:01:13 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 248265251 for ; Tue, 11 Apr 2023 09:01:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228867; bh=K+a5p1KobxbILIuOL5gclfCciFK1XsNuzUGzThBlXOY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=TIxu4doak7mkZNVVlHTLO9nAz10GhNdl2ObtVdTtsiFQzgX06cZu5u/wwTvJEW8Uxc1mAaF27/128PV2iTnKTtNEfupwHiDwkEm4+SwF8K7JzbFyFfAh/LcVNkxI1ZCvKxRkoyIJ5RxxQPiTH6J0M3+OilDXs9QVcxGfAThL3qxlthaD1Fx+nmegDN+cQxj/zpjgoE1WnapCOKFvDgyUxo5nmrm32MWPZZQFLMPrYLZ2/IlqemEpZo8BPI5Gt9VXvZeyGGS9t1Vtqzr9YncFuqLEPxcl/ofONeRtgV+T2d/YINgjbHAUvVI3fEZltb35oo8O6B3/Hg2dpcvlnIXrNg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228867; bh=9kRzBjf7wB+5mAPA+BbUvyHaUFRjASqjpjxQDELQm4I=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=D1xwfVXcivTXbG50YoPNRTwbWILJhJnhQqwP+5q0yxpg851VIVhpxT1wHrtpZ/9Lg4ESYb6GNkfdzKEA8mLdY3HPNerVuF6keKJqb6Fo5ohmzDk48Y/0P9gRNxqZPsk8IUYJqdUwwD8lE9OMOSLzjm2VkxqCwEz13JttL0jOe/RQgniXzhu4ATaupsupbPZuqe6BnxCTA7A6G/XpO/FDSFtrSQQBCPSF0fbi6+jZacE8DnHextncDTwKKSjN6REhD5HmhymnxJ7SFNHBlz9g3+vVFJGSeqk6FwcKCeX2+b9ik+CQgdLQNfuFsl0hbbbja77ztMFxp7WNN7S3+2BiUA== X-YMail-OSG: og7B8O0VM1nOvGuqRQVR7VXpUpKhds.p9QNHZCUJidk1NDsIfVlNEr_utktFFRb EVAB0Qk7yPPX6.r06Y8HGTK_zpUpLxjNNcx1995jISmNwFEkdnatD1RE0MI1PUkQDB_SfKmRVEmA LfaK3WR72jyFadrpxZ0l3HHfXwu2SxTC1mAEmcMwpcFq9nSO02XEVoXtcsQS_VVIYv6eCetsFnBn WNu2_FwcZVfoyhZgo9T8IUBFTNqUrusMHB_DG.Mm3xtVhYF44hEp3XQ9nEZ.Dx_JxOEZ.hGYXcAu j14EmUPys46Bn2TDWd9aZvomQrBMRYnwczG8RhsexhiFxrV2Em6ZGcuELJncsWa784GWGw.zXim0 RopKTwbVCery0Bu_.rjsdtz4RUYOMjUON4..sCMwHPRRxLmU0QI8L_l3lMSu3q8to91yOGNVUGic LAEh00S0Oddb1KXS8yDpDdIiAIFsWK3f.7tGk1AhZ1ezYFdsreuioq3lv.CJGWTLsXN4tHJ_ekTQ lcOkb_9RrfmQwVIDUuDZvkqcJ96CN_DwvksA6I8eBV76.jxDOq1157SZw_Z7G.hvcxiFsRDgojjL 0u6xwTVAmh755zaoaos23njfA_J_0kFP.0whaVkVKp7l6xB0DaShiEE_A4e79XRkgEFjxd9b9AAO Hooi4j0sXwZMHSt_xEiACazku8KZQek6ULDSfpV7v1zYiiI_aj3tslBgvF6J.AN..O.WaO8bQ8K5 iowOs499xO1LjoqAwvW9zjm9gO.rF9ytXSammKoDT9sGToVw4Ek7sduVkOUc4gtDPL2BdGB4pYRL 027u3zjGq1DH4YsCGsh.ECftF3az1mABtVffbxwTz1P5Ow0MXzFWiLelcqPYheG7THMnEL226bIh 0buqq0o_mBAAY3h1o9KGTuTImVAXC.4RdC3ZZjGSRqM4app0tEE8vFWC.MJI0LlLSZVdNvbXKXNH THtDyYtUfsatUE3FFdlsa20X8YXnWzGfQLCJbb9vTUGsrsC0o8W9sf9HhhEunohnVvEkY3Dm8S7k A4t9IcAyjrh7OS09Q5gbPMZG8iYrOmqKpnm_X9ob6lx6Nu2xblxPlmoFgfR8UKrRBcmaTmKu3lnC LFEYoVAR5wsFYxi2IMs1OKr5aN2V33j189omOSZsw1AjSTf1D.1WgLAc4FscscbbF.OzzyPU5da2 nlbzsnust.ut2u4ndhrM4wZWp1K98LjtNfPXyL_2rBb3qAcipsIOS1OryE7xMY7fgCJhSGDo85Kg 8Lc1W_uFS_URY3awyWos6t6UwQs6A55GnYeoH6TpnvdNUe0kylPI9U8uAWLteLb8PUX2um5Pqw0c 4BgscpyrF7GjXfJS6N2B.wcPzi.p7d8MX9aY1K_3HOuAAiHeyY5uti3xrTal6mn0hB_1V3c2Ip3Y akEBltbFM9Y9kdbUIEtm4ehwtflYdLG0OQzj1OlX1rZYcF8LjVcJMmRYSdtpDokRxgbAlL1SeQJY W41h9M0bR3EtEONmAHxdF7fp1I3NVi8vChBI4MoowBBbAs.s3FQBTHneRX9OHfSaqSIhExr7Eype ouGRdzbB78r2XTz3HICYJUh6czy_ZgGgFjplRn5fG_g1IinduQQlgLuD9MB_HfHRyqpa.JS2OzMc zeDgWk77FyGyI1Lx7uXTE1easFqtP9aKN4fny2D7rQcrfA8ReDK1PKQA9Zjp_McGQExRaIQRfESJ uZ0KG0QfvVatDp8YqCcvLJOMzGJ.JTTcbjptzPAS4gbIl6yB7_VevTIpI26aFSPyLX7SvWFjVWq1 vFcr3Rt3hD8UZe0QPQuASEUGh8yEoAriUV6XvdkxZm59p9hQkKqhSd21_5tr4B_J2pWZzjES9s.Z 03NB99wTKyqchRn1sGn2G6bMZudcOlKWsKoMas3hvbBnPp1M2VJ4ZjYBzGP7Yx8ndNfpLtio7ti6 Ch2Z8jSnySdHsRIkyejy.t9iO0ioezoHA04WZfBwz.hM8lwvbEhNMWGdSza_PFanSM1XwBmnH13E dgIf14XM_2M7v0tZSbBzsRnjUQMQdMtO50JEN70V.bFLG4XyldqlN3fAN.NEwkoUC1pMsO9BmXvR Llv0twPL6S2ic74OLqehNA8LODii.OUsj__pqEstPq3Zuf6Jc7n_hA819aKNHRbkr8UiLYRSbE0d U1.2SM_6XZ5Rl93wVrSE4_89aHr7xwAzz9vFOXzK11XFDRJMMWZl922IJJA53y8Jr4YgX3D5hfIP KHtyAOOV65qVrYu4DX8aBbjxExR.Y4APKtfVWlskDwL5UddrcJMAfzk6dYJHhCRbd_M1n2L3ePbf ZwOz.lgeFzpImpGXMkzM- X-Sonic-MF: X-Sonic-ID: 5feadeb4-7c34-4ca0-aad9-dcd39bdb2cfb Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:01:07 +0000 Received: by hermes--production-gq1-546798879c-7rgpc (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8b8bac55a2979a45d5da198554da66f8; Tue, 11 Apr 2023 16:01:04 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v8 03/11] proc: Use lsmids instead of lsm names for attrs Date: Tue, 11 Apr 2023 08:59:13 -0700 Message-Id: <20230411155921.14716-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 11 +++++------ 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 5e0e0ccd47aa..cb6dec7473fe 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -96,6 +96,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -145,10 +146,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index e70fc863b04a..8faed81fc3b4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -473,10 +473,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1344,14 +1343,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 3f98e5171176..38ca0e646cac 100644 --- a/security/security.c +++ b/security/security.c @@ -2167,26 +2167,25 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } return LSM_RET_DEFAULT(getprocattr); } -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Tue Apr 11 15:59:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207777 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7E15C76196 for ; Tue, 11 Apr 2023 16:01:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230195AbjDKQBi (ORCPT ); Tue, 11 Apr 2023 12:01:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53608 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230288AbjDKQBT (ORCPT ); Tue, 11 Apr 2023 12:01:19 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58F3259F1 for ; Tue, 11 Apr 2023 09:01:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228870; bh=Jl6rq02bdphKTQdFm7Ar/p8AmQJ98WaQ5YycmxGnzYo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=hnmPLbctBquKwe/uSbPP8RPCBMeviEgyXZc7daTpu7B3s4UZi/UYynmubbMTL/Lam7f1UQWUgAJQg+PdTp6RuItAkHwLkraH/CP/Jzzgz1n1LLRU05rDix/u3C23Gqyk36ci0HjIV0YPIbFw4XZwoHDgGjdhNQem0OH2CiXzS3+VrBKDdXIc/XAj7D77kZBd7L1u1JtoDiKgVTBmWSmkXciwGD5sy8Xz3cxypWv+N72Y0eTCXzWJ4Kaw7gKofGvN/2lfsYKyNVePN0s+4GLodTXb3lOo/iZLdhuDDxGZXf9hPF9HzB6H9/42TodZ+j6rmpAz86raQzI2HGDpmMYg/g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228870; bh=06352eLYNGkTB/9jIMqSccyGtUgOKJzASWRziGvKa24=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=kU24K4XKHxHS6LyQbyvK4F8u09E8FeSZneRrHDMWlVH7KGmUWnkhCcJD2bkZ8AKlmcr+5IaGAVH9BTQwFmwCN3Wc3BO1dxCEfOfaBwN7pdQd3St7nRry8cHJE8KnHVbX5D5sUwIgosUpIXLq6RP5MA9AtaiHDwtZG40oH4ikNvT0i19cqmbcbtJKvHyOf79xLuDf7BTqQHnRSuG37WHiQbHDgUqzYidBNF8Cs6UZKFes0nCZj0UHvQJ3LmO7n3yobWBVaqHinlJ+/Th2Lay8mH1JktBfjGFDo6bywjPiNppAu04S7WHeIEFlBxrVfbeZbcKmXMFOKj3MK87Bjwpj9g== X-YMail-OSG: rYAsnVEVM1ka9oFWhpe7doBIrXMCrumtBo3TOAdobDZkzFtl.tBdHpiI.iwQ1My ma_Rj_CnaANjVr0x_..M7ESbk7pjBl.tDaDFPBQX1dAnUZlyzO6z4EJf12Fb5onSJywfpGsRARjf Ur9Ss0adkBVxtT2W_U4lENcH900ELt1TqlsxY6zhogUjn_Vxd57UQsRSv1UsCp7yq9IP8vRUzK6r bAAxr2B25g0MDgJpcIPP5EPRNaquthoZHC7Xwi.ihh3O7bhpOzRj1mrHaozm.Ic3uiRGTAhSwmQl Y5ehroEiMhes1AOOrca1U5JXO6QcUOpLRAM6qmbtj._613_i8xL87pKkjxtkcl.Pf48fZdm04KP0 va.MHKK4Bmfwcc1Mb8A9BwfJNJWXeScoJK6_Imyvn0iAwIrkaQlpvxzjlwxv8Zdz91QYqFgemr.W WaD51QSFFrVvcDHmXn4LqQNfc64VPhNAsBpQQxbNEZxLdsD.yxOUWjftAUNTDQwv9TsyWeAOOFpM U435IyFEmFTW1mJV7XeSJYmykkDqW7PajGZOrYTV2EeFWEZuTGYjEezUKg0rfV_yqh_O_8B9.dWi P4tfeoL6koljwP64r4tEJSLlHU7bjYA78WvPWgjtuWA1jR5z26rVSyYljqDsBhNOEXQiDEHprM_D raoYU9yDNSDszV1F694sjxLqVn_whgd1XOeEVYHOUsFwAqlX.48aNbGF60bkz_EU0xhdjtry2Xxa JPprX7RhS7hzFT2xOcHJnF1uKd4NkkhCk2ecs0O6Gwx.H2nlORhOlEsjc_TYaznY3oeI7K5yW6Xz W4KnSDpfJ3G4NJxhRFi9GgPvtieVjWd7AjXKntMIS54hWpUDDo_M7vyv3XlJPZuwkvZu1c7lI7QF wQSYb_SMn_YDVRPAKMbHZUH7tal1.qL4.y_148_Bd_2n40SY_NdBDidQhpIYpA9zxUjy92WA6_aT rK8v5cOj5yMMnedQaw1Jnohn.bNZUmdtQm4v7nraLf7VUKT0tgkKkMqCzo3G2X8b_Pc2VyWydFSc 3A9DUYYRPQn3hv17cQA4sOBFL6upYQ..XXznw84LHt.NM2em_rT0KHru14XwZkKBI2Muvjqfih.N kJ.CmSQbhz47NLluWTJs_8dwnt1ddCPrNqjeAYtSE70L7fH1LwOGbbMAxfmnsr4CXbaMiLRS.lHm odIEN4U.ihuRBPjt2wrjcDp1D_HkO3JBMvkPcjqhLbAH7_vEbFQKWk1P3p5Ni7TPy_GqpSAUEBfM 9V9ruEgTN0SIJkA5ibSN3IfgVAq_RG65GfOgLUp5ZIhuEiXXEUst8HgHdshZka0KKZ2.LaCF17Qo BR_rEz40DN7_xCDAgrkgCF5ScoYvUgsTAWmvR0ECzTZtDPKRUlbXpUqIxQ49E5GWzElX6y1kTJ5k ytLq..XOh17JKqdhY8pT3Ut9n3uZK0eqEHyDqMH8sfs9WUnURXHs6tjRrKiMqvV6N_wbpfmF4ux9 4vSZaAsV1lMQaXXaD.sA0DIWHlV.lM.AiOjRU1GE0YAGp67cuX3JynBZM93p6NfXy_JS4P_qGJIf WkE8OIZ_fWrACCkcOcRbb4uHdegAccLFrmtRaJwqiFZBqRAQ_Sd5LrimDP2b1s4q9OJnSOBwmJf_ OfRGXY742Sbi4rLkvzmiK4oHf31_EgGVxv9xuMGJzktAsI3k37nT2L38gOooVz2945ioAh5RVp8I MKKZ00WFmOQQjeK4wzuiW5XQwRlOgs8AGB9JDmuaS8HU4PmhzNt9I.imbRHTQAhPalfHCoSmQmdv TCjdmzO_Im16vUIMx13Ue880_x13wEPTsN5bCPZCaMULisFznRPj7PXUNxDfK_h6RDsyY9LV58KK 5E9mhI1yqvnvJVNIGJrAWE70l3jJhw6B4XUBG7lhkIfw8Bp0zmcd_LUQdcV5yzTHjFBD4Hy_v2D6 n9yfbv5dba0BO3nk5lqrEQHE.obaaykgiyhsNhgfaJuUWBt7YBcARDkKAC7y38O4F5.kHOjtwgwH zm3C0paTB8LPj5On9m68LM.fnK68UoJ4pUStyueO5qDiWf3VxmXldiX9Z2oCDpb_PBTUtfsuO06g GOQweNCXlYAvf4MA37_cKDkgnMppx0vvtD8bApOEFYCXC8sEOYKbdhwv7vf3K14ixQRx2pLfkg0O UVFTbmkxlu6giXCusIPzi4Gx4vze4yeGrWUPTcU.E.eAqcsQ5CVgnv3eMMmy7sIdxfhetLHUtrMc 2BcAm8fZCRHZdBRO2FqxKWfDUe_B7CFwZD_sOeG4By2mlrxDxL6gEN0XZoKWoHVtjwa0UdwayUvl AD84YiWRDPUmTnnswzH_u X-Sonic-MF: X-Sonic-ID: fc2cdb44-b8ab-4ef3-b9ef-4e92dfa26b3f Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:01:10 +0000 Received: by hermes--production-gq1-546798879c-7rgpc (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8b8bac55a2979a45d5da198554da66f8; Tue, 11 Apr 2023 16:01:06 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 04/11] LSM: syscalls for current process attributes Date: Tue, 11 Apr 2023 08:59:14 -0700 Message-Id: <20230411155921.14716-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifies the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 15 +++++ include/linux/lsm_hook_defs.h | 4 ++ include/linux/lsm_hooks.h | 9 +++ include/linux/security.h | 19 ++++++ include/linux/syscalls.h | 5 ++ include/uapi/linux/lsm.h | 30 +++++++++ kernel/sys_ni.c | 4 ++ security/Makefile | 1 + security/lsm_syscalls.c | 55 ++++++++++++++++ security/security.c | 98 +++++++++++++++++++++++++++++ 10 files changed, 240 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 6ddf5506110b..b45e402302b3 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,21 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. +Kernel interface +================ + +Set a security attribute of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +-------------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation ======================== diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 094b76dc7164..7177d9554f4a 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, u32 __user flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t size, u32 __user flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 8e6ba0a9896e..ed38ad5eb444 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include @@ -503,6 +504,14 @@ * and writing the xattrs as this hook is merely a filter. * @d_instantiate: * Fill in @inode security information for a @dentry if allowed. + * @getselfattr: + * Read attribute @attr for the current process and store it into @ctx. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. + * @setselfattr: + * Set attribute @attr for the current process. + * Return 0 on success, -EOPNOTSUPP if the attribute is not supported, + * or another negative value otherwise. * @getprocattr: * Read attribute @name for process @p and store it into @value if allowed. * Return the length of @value on success, a negative value otherwise. diff --git a/include/linux/security.h b/include/linux/security.h index 8faed81fc3b4..f7292890b6a2 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -473,6 +474,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 __user flags); +int security_setselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user size, u32 __user flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1343,6 +1348,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 __user flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, + size_t __user size, u32 __user flags) +{ + return -EOPNOTSUPP; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..97487d66dca9 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; #include @@ -1058,6 +1059,10 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + __u32 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index f27c9a9cc376..b10dfab8a4d9 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,36 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + /* * ID tokens to identify Linux Security Modules (LSMs) * diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..d03c78ef1562 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,10 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..feee31600219 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: reserved for future use + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index 38ca0e646cac..bfe9a1a426b2 100644 --- a/security/security.c +++ b/security/security.c @@ -2167,6 +2167,104 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: the size of space available to receive the data + * @flags: reserved for future use, must be 0 + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 __user flags) +{ + struct security_hook_list *hp; + u8 __user *base = (u8 __user *)ctx; + size_t total = 0; + size_t entrysize; + size_t left; + bool toobig = false; + int count = 0; + int rc; + + if (attr == 0) + return -EINVAL; + if (flags) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + entrysize = left; + if (base) + ctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, ctx, &entrysize, flags); + if (rc == -EOPNOTSUPP) { + rc = 0; + continue; + } + if (rc == -E2BIG) { + toobig = true; + left = 0; + break; + } + if (rc < 0) + return rc; + + left -= entrysize; + total += entrysize; + count += rc; + } + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + if (put_user(total, size)) + return -EFAULT; + if (toobig) + return -E2BIG; + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @ctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on success, -EINVAL if the input is inconsistent, -EFAULT + * if the user buffer is inaccessible or an LSM specific failure. + */ +int security_setselfattr(unsigned int __user attr, struct lsm_ctx __user *ctx, + size_t __user size, u32 __user flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx; + + if (flags) + return -EINVAL; + if (size < sizeof(*ctx)) + return -EINVAL; + if (copy_from_user(&lctx, ctx, sizeof(*ctx))) + return -EFAULT; + if (size < lctx.len || size < lctx.ctx_len + sizeof(ctx) || + lctx.len < lctx.ctx_len + sizeof(ctx)) + return -EINVAL; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx.id) + return hp->hook.setselfattr(attr, ctx, size, flags); + + return LSM_RET_DEFAULT(setselfattr); +} + int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { From patchwork Tue Apr 11 15:59:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207778 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 95CBDC77B73 for ; Tue, 11 Apr 2023 16:01:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230168AbjDKQBl (ORCPT ); Tue, 11 Apr 2023 12:01:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52954 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231136AbjDKQBV (ORCPT ); Tue, 11 Apr 2023 12:01:21 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 42986527A for ; Tue, 11 Apr 2023 09:01:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228872; bh=WWKn71lrpv08tQFC3mFllZTwYCHaZAApwvOSNdmKIP0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=kmXCCjWXxAgPgnSYBrmJw1VKxSeQhbExt02NPShwmWLIfwfQX7FoJ/oHa7JBCI8AqjYwPWmG2TviCfX4ewzdiBDynDwdZEGjEOVnU/Pt/xNEbgBvkzypRQVY1B8UiAi+rekgQizu1F4Tq1/EIhv0+uTuPXewU26wIIVAjARWJwYTyMM7r+a4CbP7FviTn8jaWxSryH70aYfsoqand6lPBSiHq0ZO5D/oBn8K3/QXviM91lhoY1rUMd9T0yx+5LAKYMv/w92th8xlbf8d3JivdnRQk0xFxBGiUmS6EpEM7JL8VBfy8YVAYznNJ20PoldD2WVPHw0TOvCrRcH+p2C0aA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228872; bh=kZ6Y5O5nW9K2etas3eFy+njSD+OGSaNSE0PtLyy1AvC=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=H4rGROfAvT6dH4WJhaKYkEy7YKgOz6W6T8CidJWPC2hR3JWmLrPJ8D6/BdEX1WnJdIikrEOwI2qXrf5D1rzkpXBnxcBRQFFcEvkfHlC0qwcJ78Qi7MVNPfmzqXYjx8i4gayYb3Lz2uVCvHATSK4qX75uGVEKkim25IdDrE7dVwwztgG9b6JPJQNsOFlgUlJtGpRL6zUzb1clF2OuF6AThcbuKrukbHaiid/mBqn4NN+arhbOBYtou1X9Htv2r9oDmFVCkJJUvupJt9AIGLryiEdDfTwpFB1XXOlhTJpyNakoJzxJn1Dy9kPriHa2JpW7IfLUFRI0cTUvRUqy+BqYtA== X-YMail-OSG: KXP0MigVM1lG0a1i7D3qtSMY7A1_FdV.yzsjRwyw_bBQ8_.Ag4CuC52iPA4wKh3 yz6nW0oQWbYNk3HLnikqsjsXpSBedRk772TpxvWRkM_gJxNM626__mvmnJA1fJf0PmoQ5AUvvLh6 zYOLIEPvOgNxVxPMMaLr82bsXxUOq7tL0a_BK6bCp6jeFy1oV70RQlF4uyNKOBlS_K0aLm5ef7Gh ecm5ddE5KpHjKzdS1srwM_uoC3qDng78.bIxty6vI5v8R5U0WR1fFYHsUjE2mz8SEvP_b_Kd8GV7 SR55HTy78KFtpASQIqErWTypKCeNi_D7Uql8F4MCSiGAJ_6p.eswvy4yKLyQ1jHNoezluawifmg0 4BUZEJgcXUXiwcos2uLFflto7o4of67IQkcjwzu.g0FE8lzyK1JF1lD_7W8xnjG5YGvPGvEZJ.AX 1aPchRu_UttOMbJ62xc2Ma7mo.wz50lsFeX..RTr.RvSfIBFs7Kv7JR082vCmzIY7V69ueEy1LTe hGEcZpjz0v0euz3cCL8xJidEDAaU6SZqKJnFgdM1qcWeynobm2ydot7KClT.19H_M3G5L7imFFVx VI66rTfm0SeX7BFP2B_rZ0c2G6GRQOiOt8qha7jrKYu0ULWn9Ip0xKVN35m9_H72a25Zad20JXkA cnPIkOrXhSGtbons6PqJJBnZ9kXN5iibKvi5WzR5MtYCN.Jqx2U0.belFDsQkxyLtCiyEEcQqc8L Hk1S5tA5Jq1yQ8wY2Rq.Y6sY1fAuKzWSvJu2susUz8BOdK5lXUpLzYuAQDUCRgqP4Jg0AMSyeUr6 Ja8WYc01F2B444d.y0jhEZ6IRhUHH5DBH7sT7pzMcej9ZDa2NImU5E3U4sL51ymDVZVIEhYqPBsl bApgQfE1XNUpdchic7LZ7kOFW.TI0Ka9.66k4Wl5brlzYQrzxwMfl4nEkdcW00JCOTYyXmJDAEqt i_xoARaJMBqSbm4SLaiGStqm8p60d0DdHFd9L3VzMmB0VSM7V.grh9YTUqAMLKUKSUa023JUO.CK tk5bXiwPjNcCBCQdIJtXMNJYk2Ib1e3B84a9Xzo5Fbozg_5rBfuhcfW7rHynezpsW9e5Nrw_bbMe RCpqxiWBSVDMn8oHGFklUobUKPmmBgLqPXXP12pMrXyItgtqsDitUN9k9R0D329qCRk2ZM.ueBwZ ygK7cGyutgv3ysaVaqm0QOCAKpXtZkrOMYY5ikSWj8Lawk4sy_O98PoJN.xmsy7dFpAYSYxZ2EhK 5plL7JBFVxyks8nVb3scwVnLfXJ_wooIEhuGnDNLKGcjxRl9Ju2xhKjA5fS5lPoZ3aLePNi.0UZx QONmGbioM6yUnfjUmzLwrJVNwt.2WeBrrgH4qnMKFlHwzEyuhe9VtyRS1IDHTfF34acV6OKRzGro g3Cq6fH3Q2ZF9cut1JhZiWue738LJ6WpFKjuVw.Vf.GrBh1j8Y7lNzSWO.oGZVz8ogh.k6MqqLLU qZvK5d5x71E3IvDJt0SvrBKLGB..fwJOfb911qgGmHz764LgJiv1kp1x9RA2Oe1MNAwNAqEVJvME kQkyKadJ25y5k1jWH3ORZBqb0BfyibqH4pfgJQ3eTxbjnCXFQJTnmp6_bTi4wkqpT91VFv44Sjx2 I16a6342sK9kM1i1fMWlxcvNxrxQd3EyLhrzmGSiNBkIvj3T3TGJ_iP2uwAJolBfxeAFN1U0DiNt jHE69nrFT32yblLwHMjtR9U6EbHMTMAtQU7fpHJQ7ljC6a7IPLS05DtV4HTHurQpNIuOUvGgjQK0 D1jbg0_3rtkHm4EcSXe.ZDxVixh9_YUlFIBGTCh6fKI6CX1KZODNjgeTw8Cfo.4lUcg0yNknpkhL TLDwLPOZ1SBltT2mTZlfGdiqm38hQVXIrpEbjo_cBYh.c4q3Feqc5RPxotS9juNJP5AejqEpr__q EjvYI9Egip12T4Nhfa6uNouVrDp9rFZYp1BEZfw9HkViabZ81iAdykZpNJzmJt79crM3.Xe9fDbC wZhhEjPRJaNzWBwlC2XqzDP9A7eazRC6hCgsbU9c47kD94FG85m27zv5tdIdHAXBCEDknrZXRjqf u13I0FCRh.Wqi7_K4M6pfRCrzL.wb7mjRduwvhf8Oic6gEHIZZ.n703Kmo4ZcZ6Zv3ZFI3Q8ikYC FDY3.VF119NMOcOtkkRMqZEZUgPIdlMnlAjLc9LWPNLQtxJ.2UIlU7Ac2aLJRrwomZN2gD_WfVTf 5pEjoArOPZgMbA5OU3LgQdbrjgPBRl1mgfZIdETlcsCfNqQp9ealPd_N63PojXOrZ2Mqrk_WfOCT f_2HeJer6QVzhbPn2jw-- X-Sonic-MF: X-Sonic-ID: a41358ba-f0f1-4e3f-8679-9a601b73b58c Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:01:12 +0000 Received: by hermes--production-gq1-546798879c-7rgpc (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8b8bac55a2979a45d5da198554da66f8; Tue, 11 Apr 2023 16:01:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 05/11] LSM: Create lsm_list_modules system call Date: Tue, 11 Apr 2023 08:59:15 -0700 Message-Id: <20230411155921.14716-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include choosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index b45e402302b3..a86e3817f062 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 97487d66dca9..6f6525364288 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1063,6 +1063,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t *size, __u32 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, __u32 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index d03c78ef1562..ceb3d21a62d0 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index feee31600219..6efbe244d304 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -53,3 +53,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Tue Apr 11 15:59:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207780 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 919BAC77B6F for ; Tue, 11 Apr 2023 16:03:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229926AbjDKQC7 (ORCPT ); Tue, 11 Apr 2023 12:02:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55460 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229573AbjDKQCv (ORCPT ); Tue, 11 Apr 2023 12:02:51 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7B8B59FA for ; Tue, 11 Apr 2023 09:02:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228964; bh=n+nfYo19BWLbmagFYV+BUdXi84gdWWt8aRqNcziYgZQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=qYHjnhrg4vn/TJJLWIElRksg/acFR7Et5Vs9O7f8LqpG1wm7WRswKIaEhqtByUw4K9LX2bvWdBWCu6fu/iKom7RoSGKtoFU3HQKdbQjRMN8UL7Tuqkg1XZxsVG7jMIAS4nw658Rpl4uYXNCCiSB5Y39xSjENP2wGbMcPcBCs9uz2YCTohIEGBKPdDmwj5Ci/2ORwhtgOq1X+frWocmPIGCs8myxJUMYPdOiksBr7HmtEmFpB8k8I2sISMUs/pqJULUncjw8c5Pcyd+eXP3MIwR09luoHr18d9vD/n23kT5cIG0/B2H5pka0ucU+b6NNFJyudCMVvmMwpF4nbcC1o7g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228964; bh=D95uD+pe/vWom+hV2y3BnbCuhuq73HvcvxaPjkhZXkG=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=RR8ApD3AlD5a+ZgMIfyctGuacFIX1+S/LqhSDh0pX1IxMGrpM92mz71l4mBsCwP4Ut8HtQ/LU68Eacrk1QeBBykVFTkgRiuFDGBYSnRBg/BVVtOBoc3aTY7t/EHwco789ylUq7Qaw+HXyFPb9t/NGwSO8b1kak+WjDUYotu8IyVN4o4Eqi3S684ZCuCBe1m+F15Y75IGZT3mbMMZJsmongbWmWaibFIKGjttoBcwsG+X7uLXx+vcaJEg3Qm3I3jvzQQlzRUHQhIz5yhhPj/J482s0e+bWSeQdP3TQgYfjr+HrVbVxdVeKmfiCroDuhUvJudOVnHbSTkdLig53yo7Gw== X-YMail-OSG: OQyckBgVM1m3GXi2e47HB0bNUSbQ1f__yKOusoDAvybNyisNUhlbEfhm7APzvGa 32LmaasalSxDSwY8JonscTU6kyOTH.cUnxi28yr7zdyxu0VF_j6PhxDjyFcNmx1w0WJj4i69jXB2 e5y.un5qxQd4ouZcTmy0vukN.wQRBHS.Q1GD4pdUq.y_to6wfJ6oeI2ONcti4h945ke1Do_FHr3Z hG_n9Av0ou..MVrl0.Z8pikYsiPkvXIj9i6nAfWxo1qUPox7fDDpGXNH.Q2BeqfCXC4.CROAik_Z RMSv0bteWff8pUGQ9c2mAutJKx6eAZ_xs88RycH3WzWZAvlSliZmxcxCJ_gyGrXCSaT3IrPuOXe5 jwnbQQGdaHSMu3Lm6gDWcOsA0UPmL6PhB_XUutl1ffBue3HvtCrXuecvNGs.hgeAKR.X8TFcywcr xX2laFm6Ev_KHIwWU9n72GYsM8UjNluLK3E_3_JkhKG9y_XrJ5BdgAtxGk4JQbGRGesBxnjRMj79 619ctnOR1c4koj_VGuKoVUy1JTaCXowb3cjLaiRQLqvw8H2FIN33gONdnSQg8SD7boKwOycQPn9j BO5qHmey16uR6CqIPNLqoEYBJeKsb3AkVHw1jdq0P04yY56BhRnvfE1fJUaXlSTUtz5LV.Xj7urs hN8BORGzjXhtALnbHWIPT_G.dA07tNHMgbiLT5pH_RbU21cG2DB61b6STTnFW25CQlx24tDHzatz len2gk4gjDUvBEOIXBePH.muSsKGClV94xboCR7.AQuUJnCoymBArDgnvqQg0BM5SbIIxekp6xE5 YPxImLTr368iPZydSFjVMkKDmvKK8J_E5E9U3LGfjYQUEXETuiDhNNIYp4.FhvCzpr1Q4Ya4pjN1 5VdKRgJ1Dm1rgBUfwF3_QHJz5VchruWB.Q_Z1Z_5UiPb8UWCKbC_mmL6ltv9Z5UqvSM8cj4JYk8C Yuv39pQJv5PXcoyZigCpCZ2d8RdFmAblHAlcTtojJ79owXOAuDPNk44z8bLzWqtPp8qRitYLCLK0 91hjuIyyzTigSrq2ZHcfGuG9E3FPimthK.0UnGqXiHmx9xKbK2ARd8NQNGov2LJj49ISlEgLBz6k YRIEl0meJegXNBFaDCR82pDIQQ7eL43k2nKXH90mhhTQ3RKd6kRqTv7UzadBJHqcOYGcu0ytYkvB imZFV4scULrEzhKB1gb6J2EfAWiIvJQcanWgqQgymj0F3Rlcwm5l.5L5jkgnCiJ0LjnJ.Jd.zaHI Yco4.XFvMakkUqJPAYf4g4HgQvfKl6FtjO19e5sjLfREs5E16cd2tIT8Xe_9_lqRjlSdcQl6_z.X AD2_eMlhtPo1KmgVoNO3HA4eHTnL8_VaS2C.x1Vt.VT7fWB7_ejTuuALHUfHKcHrkvaixULIaCp7 VuZpa.L9.daxI75GCvcvuiKFBMLtfHPvLQNOY5XzUHBgQpEXnfcv.EswswHnM0BNM5ayp3nXTdBA kdDG7ty49Z5cC3.b03V9EAoCJK6lxAneHUQxuxOqn__dWnEEoVJMsWYAR5xcaHuBHaAwYvo67qdN nfugOm.Y2cscRvr.V_hIiXbiUloSwMI1hcUz12nWn6lXXOvMwDyqK5d7Cz8Z2_8Xo.Mhjd.C3Zoj 6X70drb3PNkFSo5J8wvysoKU8be3YRc.ein9YtwxW4MFpmO6WBYmkySkGtFz0986e16P54fI9cng 1MVPJiAQY_RhzCW4EWzMJmYiR9uasp0I6REJJztjc7PQsa2AOsoUPgOC9Mblf_OusjA4KnTESl0X moKF1OR_m8G_yHKNSciVickBvTXC5doTrekcZYZCfp62rhFhLVUCqhh8vphZ6CK4qmkuu0DrEDAg FDdVxlJDPouPBcUxN6kELpUpl.jZ.XxhZs4eB4Klny_ayKWNFqsTztIz_.QQjtmBNqETOSfpx_sZ 8nYv71M616E0CkQzXaYCDvQgbEy446k0ChfNQ7KaFquCku1gTIz3BQwNXD1Uptx9GMqXC7q37tqy bNl3zNvzEIHPklmfm8SR_bqYX8dAR0IvPVknbkf7_cBGt2zkKZXjW33sIY_HyBG3oSwuY2.LleUh yTvP3AKuPxNY9Mx23Mtb8Kaes6YNcYbHO8qUPCb07ISV9MdN_26zzWlE6RCEBnWFX_.2I._Qx.BI U1xw0yOblXc_LieOVjtweverW6Hvcg5ogsAVqDHakKB2jAAFx4xYxIA4GGqs4__695wv3uD6iKIV vjV0OLG0M0eCxPH1Vi5bxfzwyqw0h6mcKsz0pRFTFwcvtDasKCt7KXWzqbfn82zfntgQvOOhVhV9 AAMb3xFuJ0VReqU6U9gRVxQ-- X-Sonic-MF: X-Sonic-ID: ffc5f436-0120-48fb-9dc7-ece7ffb16ce5 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:02:44 +0000 Received: by hermes--production-gq1-546798879c-8jjxz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID db610f21750abb164e44e985bdddbdbc; Tue, 11 Apr 2023 16:02:41 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v8 06/11] LSM: wireup Linux Security Module syscalls Date: Tue, 11 Apr 2023 08:59:16 -0700 Message-Id: <20230411155921.14716-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 8ebacf37a8cf..178e2792c251 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_list_modules sys_lsm_list_modules +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..9cda144f9631 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 037feba03a51..6a28fb91b85d 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 454 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index 604a2053d006..72022ffd5faa 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index 72c929d9902b..c52e9d87f47d 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index b1f3940bc298..31eac3c99d84 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 820145e47350..5037fa1f74b8 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 253ff994ed2e..29545b3ec587 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_list_modules sys_lsm_list_modules +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 8f243e35a7b2..d74fd86de2a2 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_list_modules sys_lsm_list_modules +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index 0e42fceb2d5e..d1a5f3120d6c 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index 799147658dee..96b7e6b72747 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 2de85c977f54..1a75a599bb55 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index 4398cc6fb68d..80b165091f6f 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 320480a8db4f..130f9feb9eb9 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_list_modules sys_lsm_list_modules +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 52c94ab5c205..2610aba19802 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 45fa180cc56a..93f89fb06ef5 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index 799147658dee..f9257e040109 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently From patchwork Tue Apr 11 15:59:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207779 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1AB04C76196 for ; Tue, 11 Apr 2023 16:03:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229518AbjDKQDC (ORCPT ); Tue, 11 Apr 2023 12:03:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54716 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229758AbjDKQCx (ORCPT ); Tue, 11 Apr 2023 12:02:53 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7596F5B93 for ; Tue, 11 Apr 2023 09:02:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228967; bh=eVJCxni8t17GQw5ZIij4Oj+s+3OY2bEqnDuxl2+sidc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=pt1HehdKWtsmzyalhzLfpEYh7OEw90jubYS1SAKcXbLEL+7Bpv8qXlmow8JXfQoBpa8eDyegGUBxG9sVDTHp5AVVnV3In7JPByfcXyTM8ZKOynEJt1laOTbuocmeRmAZ1ev6M8W0sJH0AjIsp/qfsMMRktlgULH9wrVG9g6RmkZd2w6Tm0QvWG3f36fYM4nq0FFem8YN1o8Dc+Ctu9O2p8niVCzOCt7Bpgvk8Dhbs4fv+tjntjpplYdzqTihHt15Ks3w23CeTAs2pSexgH7bMqsbTimL1oKx7k1dxm1kOdjDFmOAq+vpn4jGcKAQQv7n2KTwKLBauIUZSiUY76IJvg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228967; bh=ni6MZigs777zJf57zSD3kUps4dyE9EeDqrYym54MiBx=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Pat711mieyQa49gyxkDR8b/F9FiV+LFgGxiIi3TZfVYrhkIkRz3FiT1upB0wM2VPuHPjlFPAoiKt/F8ol7JSHEaCnBqSQuebWz1CMCIBo26+jLYbYu3dYsRS2DO0qB6NFwDxmOjQ1O5TmNigleVDY2DLNygWL3xsth/UVPbvkRttpZFsOnOEtVOXU0kj9If6n52s8xsCu8aUgBs0jXH4YUmPe3OhEiL0DwT3B7culK9n7BOz3/q1hBSsW+4JJYDuH7/bjnoTVfPO4VTf5qoDhidhiua6XLiuqsgfASkXLeFYr+5AesYe/ZWbvFpdCVkfaHeh+1ljN+pMAQZKF1KTng== X-YMail-OSG: nLJG26YVM1lpusnXHY6JuS9mk3T2z4DkJbZBvVN5W4.X7Fe7qayZ5IlKC6zfcpp gjGj_r_dDFVd3NYlPa2VHcRrxsKf5.DqLxCvzr51jDmwrVQVRAqNTVI_D8UPrtDzRumZ1jItX7Zb HK0nDBoQbl2TjeBB9FMkuiZi9ctqQpZXRVzQT.b529Rbx6kvq80QWwFpgqPUwDMRfF2IPNcC8PqC ZhpjnzNq4EKz4ZXOto6eKkyVgz726PFCsl8nPzbEtZhvhQo5TBg_NiU4anPnuY1m3b6Heh6c2B6q QEO6ZWiKDC0FYJlKio7xPkRTaJzHTkzofGb4dFzhaPBabFuWe7vS7fslGWKuMu7GIndqpDF0fmy5 UGGPijDGLCDBCC.Icgs9o2B.xkCbgQVGNWr7oDzjgsOnaAOtI3WmVvfLiqiX_U6.nxTgOSr6H0yy 26B9eUxoK_VHazoBuuoRiQYW9UijXLYUMM1uwtkKkyBxlEflfL_OTXDLmUCrP1pQz5adX8bi0O1w UXmIyg3q2sX5kcam1..7TWej4AAYATEKlAEDpVACXliTWG16kOTdFZG9EK1gE3IXFB_UhdxEHwqk W1EY_40P90wuQk2D4ndWa98rOwVHk9LFV1l.J3_k9C.vyeHwqRdt8PEpzFDSJRWUJepOJhjkMZpp nGvbmDtM6KEvmgsnkfYQ9mWn4gF0RBfFZ6tgIwbuKZavLsceukd_0kiO.0I2Ip2Cz5q.3fVe1Jnh qZ8.Ve52cupxswopxjoHfpv_5ZpF.WgN_MKNtLZDMrHWelgHWb4mAJ1OqNN4B9FCx_kaEotuGAEI Mvn7XQU6KR88u9LyNjCbIn6eK5EuUZLr8T317Gate0UWDnmxLNjgYj2i9K8lf8e0nHB50ZoO4aD6 WMa2VN0nfEAtD77YFN8m71Rhnmgv1uqx.S0rO383SKHMIuho0xT_LkdoyFBbpBC5vXxTJlhPPc8_ Q5YNhpD4CwdQg5gC85_8Dy7H_REQW4QdMZMgDl1qOU9EjKrKcB1NTR2ayGLl3qdK2LG25GPH7RlT B.ByO0rGWleY_DY1QdEJ_lq4s0Mmj7cEz.uujX_keXpf66PGY6wYYiVSQsQ3ubcPZuuN3bBlIUaB 9Y7TDCWyQpVX709IPPd7kSodJ5Hro1Z1_HLaJvjtZCIdfdzygpN7MtDJIWQfED1_oJra7HbdBVpP kHx9y38ZR8TYrXJ4vFtlAKf8OiIQxN9hITn_iDItCI1VVPHwRjfNmh1trAmdl4FVCcprvR.TNiZj 3s3GBauNhPH1Q8nvc4uKixXyWnl2KCAP_tgdVgt5J73Qv5jajvr.N9ktjq16fA1UAP7pPTWTCCUQ 04ph0zfY2k0iVJwDQhGvOS1qyDqNpVrfYmcNxh73Dk5JEqGdKbGq29Kn3QaPq4zpJ7xhtco2tj3. DLMgJVevZpiWhaZFkjEWJDkWfRWnRc6gU0rmpCoDvnup.o4Q6TU_p1D8t74fGUS19.PElVv9RGb_ FsYQjObHu75LA9my.1bFp9mortGFCNiCnFm.RdCSSMGGFXkTKCqunx_YxxwECfa5T3PBwAxQWC5H mbISjvn0raNfYmwiCH6v_y9_yvYRK3dgp49zMdPHojBvSLMx4_17BSZBrFSOIkOrJO78CNjmJznx bJz5ARt8znsDbfHUUwQSrs66ZdNp1yrzfw7pY7iUOgYFd3PIKzbS.vrDMWCa4h0J1JeU.2eMZAf5 kJ105CGz6G304rjG4BpmIAm5Cj3vFnxijB6eG5NkIX0rMOYW4pS3wOktKqRbUEN0zW8VZCL5gO3i 92vE_flR7MBnCDC_UTsR07JUcuOkR4iXSFnrrf42NuIOTRdKApm6L1pyOBiO6_tOCwRHMko7Sw_x t5CZYnH3rSm6H2hHLBfzY7QNGbczfOJH14e.pXcE6w_Krx4w7QBqpNcKo31e4UyXQT4Vg_vSAmMS AghGnetXvY2GIknt.G2NFecXyPwdgpJHUV9oQyYdE48SlMn9u2W2K1e8RKWOltLlo75be.fSkFVw Tm0tiiPol4gvlpTtz_UniK7TbX_oh0gF_7H83RC4qqVuYUyzTN.g2sadR4ZvtRhhNM1LS9t9H2IN s58Dxcd5MDaYVfgD4334QMQedOOc_7apOdmgghfnHQnxub6LxlD2J7DE4_38bFF1gL2NTnAoutxm 4H4zOK0Yhb_GUbdfDtzyQyZ7gdlXRmO6ViphLqdHuCOmo0i8Ndt8eju9a4kL8KjrkouH3x4G8jA2 OiRtQ6qgJflMOBw1Lj2CVBw6ENN39oaf3bllQGT3HMt53amb.ShKKE7Sn0es4fIn.WhEd_99YdPk MpwbHfgeGGei40PP6pnCj X-Sonic-MF: X-Sonic-ID: a332e174-cf4f-4f4b-a698-63b22f1da40a Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:02:47 +0000 Received: by hermes--production-gq1-546798879c-8jjxz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID db610f21750abb164e44e985bdddbdbc; Tue, 11 Apr 2023 16:02:44 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 07/11] LSM: Helpers for attribute names and filling an lsm_ctx Date: Tue, 11 Apr 2023 08:59:17 -0700 Message-Id: <20230411155921.14716-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. The .len value is padded to a multiple of the size of the structure for alignment. All are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler --- include/linux/security.h | 13 +++++++++++ security/lsm_syscalls.c | 24 ++++++++++++++++++++ security/security.c | 48 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index f7292890b6a2..c96fb56159e3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -263,6 +263,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -491,6 +492,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -508,6 +511,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return 0; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1420,6 +1428,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return 0; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 6efbe244d304..67106f642422 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return 0; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index bfe9a1a426b2..453f3ff591ec 100644 --- a/security/security.c +++ b/security/security.c @@ -752,6 +752,54 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * The total length is padded to an integral number of lsm_ctx. + * + * Returns 0 on success, -EFAULT on a copyout error. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen; + u8 *composite; + int rc = 0; + + locallen = sizeof(*ctx); + if (context_size) + locallen += sizeof(*ctx) * ((context_size / sizeof(*ctx)) + 1); + + composite = kzalloc(locallen, GFP_KERNEL); + if (composite == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)composite; + lctx->id = id; + lctx->flags = flags; + lctx->ctx_len = context_size; + lctx->len = locallen; + + memcpy(composite + sizeof(*lctx), context, context_size); + + if (copy_to_user(ctx, composite, locallen)) + rc = -EFAULT; + + kfree(composite); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Tue Apr 11 15:59:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207781 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3564DC77B73 for ; Tue, 11 Apr 2023 16:03:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229789AbjDKQDF (ORCPT ); Tue, 11 Apr 2023 12:03:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57076 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229831AbjDKQCy (ORCPT ); Tue, 11 Apr 2023 12:02:54 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C44955BAC for ; Tue, 11 Apr 2023 09:02:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228969; bh=DzhA7/LUTIBJEs4B2XsOB0fLmfe0l7h4ZsRz2ZAhV5Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=SfP5GCfwZYi9AMjrqfna4YtY+41+VRRyX1rSrt5Xq8PdlZNfTZabp6tEBDqpnWGdiPvxvq1LkGoQ/bJI8NqNzRJ6x3lGIrFEqW3WaWA4otesYIWKkz+wL8dGL++NG1u1uErrEbWDEmijAKs12VFhlBKIJIfP668R0r7oUiis9yYF+DzsZQ5nfuXYAKLwGbBX6meEHa4hfD9Aon6MGqRoq+80X63KtJ7Ok/RxYsuHdZ3bk/VkhIkeNB6BSKmZZnB3G376lJyHnYRrioD2UtWvsJdTsFIGK9pHSGCM66GMURN4pSLMk514+xOJUgH7j8hfjpYOpAwjRuBIXD1WZkMdhQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681228969; bh=AcRKlhpQZh0gmQK+a2fNEbbz8BL4JHI7u4Owxp9tZ2v=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=J0fc1mC1Z7AclRy2Fwdg5bAX9mS54PmbJI41NDWQjiQRZoIg6oZU6S3FAJia5z/PvnVXpFAbRoq5VWtH3WuQAzWMq0PK/S75DXwcaRPAVcIjDZtN2K/MXUfSl+NReJY/Sb6OmC9p6zdCiv43WABRr5givuvvZGoZt3RcxozO69g695kx08YnJ03nSbBbHMzsy80xfyynhRs7C+OiJ5F0fv2jv28w3bJjoQYejQehxm37Zbd4e6SbVIOOg4OPo/JPaUxeX9pUkdBnf8seGwEJi+Zb4jTInTHWi6lpVqA+lehYKRwVoXRdkB5L4MHJ0/Ai1t1E+vniJaSjO+kesURT7w== X-YMail-OSG: HIGiL5oVM1mQgWU7ENlymT.LAIh_2slGH4QqwYIK8EK_I9j25dGgmGAc67xF6pC 2xwImZc0qacliySaA.UeJEcgPxwGj_llfh8ckozX1QPGDno2CPd721YR_OwpfifU9fwavnZ1WXvQ BRlpMwaiSg5N49wGg15PfgKFEUOpLKcSqkJPz7VCcpUHiPbO53oboCxqsBAjguhPVKppW.vgW1jn UkBOT2eYEzaQV_F5Qpx0c.wJGFPDuq9qlFQHt1yFEmffz_TX0G.Ce_jACk1HHCykh1s8Wd8oHEfS 57fowSf_.i2.jjO5AC7SAUoL.Te7vIrWmLevo7PP0jdD86afhNyoXaV_LTYUeShmfnXJkWDSboqu 2uwI.UWtLC8EYBdNeRTmKmX8cyYif8zei9HP3bGlnKayjkpHPaosCfxmA3If60gM3HNmlgqYssz5 XIF2HKYqYq9ux.9UZJpFVIA0So4KmK4DkX0qZHNPoiditWWWXuwTGAOmru6erfGDcrCCr1m0zB3h L_e3dxfAwBnTJX0JxJxDK6bS.iXzGBlB2.CqfrboY7agAK5F0DzsyynqyhlZn1HEXVMT_2wzoeoy YbNpqLtf6NzdIN3BD8zIPZTmTRZpy0FABev0jTXiuoOUuuhJgCET2WHqko9aH4Q8dryfPhf2M56i ABaHwMI9RSj1kn2t..Oawnf.2MuoWrUFaZPBYV3LnFcvyXCN11wP.nnQa4rLZTYlVcVWgU6UtBhv g5_gsN5WzvjunqXXwW_VFw0VlqNkdSExkmuETtBKwS4WikpC_dqYDAip.codZk3n9t1B5UejiC0q mr8JGPbtDOPWqXo6cIioL6UVTvgRbPk1lW6.1S80ZfCUWzxEi4xmk4jCKwZCPtwZ2CAi8b9h3Vts jm8QQ5JW9rJrvNzZBntzG9SwSF9_47k9w_lovV5WFpmcS48cB7anh7ztnu7AwoOew7.s1aegxxH7 rB_kWNaBdN5CcC7fYs869DxKd7XwMsepc_pZjfnQywc7i2f5clFNGrSdaHlkNOoR3v0jAbx9dKFP 2M_YCceQJLl5OpEY_jP2g.jTl9mYRT.YVNbrvgMzKH50SwnGyrusaaGt.vyxYYkoa0rJmbvNuBkx Z9GSbvgt.rw7rI0om1gqwI.LjcJyUIKuG9HX57Hh0h_XdmnNZLxCyNxMpYwD_1ZqQIZYRrFprFVI h6KNHWkShBoAa1VTt74v_QY1gWO9yLLXBVAaM0vHvwtzzbB5g14i2Yh_9rWeeBod9nCWuu9tt.Uw YoNmnkw7pQYf_xv8YHc1T4KdUMGSNNoAZ2m9CVNP6dhIPa03LF0ORDBTcSsmHLbK41Lf7xO.D8HO ysSr.5E9e1O357M0LrwrovwLJtpaIka0E7HXgcUGENCoRBPAY4I5N0tvPxNeV77WvKTkGdTFhfLq zyKXekPSTecb0C0De79v2it7mUWVzbK1txyEoFnuTcy5lvZABgAzSGAlK4OhDxc8Ixg8q8pZdDr_ 8DcEannpGgKzYeSWfYAvwaxsZenIqtQAmSpDFFcjY_N_1GG3cioDO6wOQ4oB3asYub9J2dJ6TYmu jc07q54xpVTOs1QagKs6NsI8n5Nta0e_OKcjoGl9xYnA5feQOITQ1xZLqgRr2ZfP009TgDnxamn6 XLdFuJIajh73uy0EFsmpCIrQrzUQuYLWtR29zR_8k5Td.gusAWrJ5TRTibO2yGnKLRzPQcqW3_lV 3.vTSvlCG8bbCIRuaoH3Ra6anVcU4RfuDpIoPOCdEHpOON22TXaVp9K1fVA0xEpoB9Ybj6TsB5mo txJeqV7uVTeht.5fjrAqaawNQBBh1u.8VFiKH.dgZMhR0.kCT2jT9KpTaqb_khk_B3k_E31Dd0gS bGBz3DDEH_hfr1X8.D2dVebJSsBshKym7D32h9.Q.KYXz18hA1p9CoJLbBFhA61o2neQTeuyB1f. Bj8oWfhOvG63Pxyf6t.Ggw5dO8MH2RtzM2EXbuVQF1b6pf6Llj.iUWgfsKk02ghN0XRzRHHivCZC PhwDRdDMjZyxv0_Q4xpbKK7ispUo9uJGqk0zs.BhnUJjbzSU4ukdu7qJJOFZE3amMBPdA.0VNJfe 9_YMhvD8nZ2MQpyNwld5RmccPHBEQdjkZAiE6c2939fARFFiytyCfKISRnBE00RIREml6z4QRp30 nC7AWvHSubwSSPE07fcHbYZUbOF0PXa4dp5Nidvu_Da7nemSqMsK84CfWxXABWr8438zNR9Xd2wM Q98vmY0HZtKVUxTc9RfitWBlMzQbQ8pq0fGFaas6wCQOfjTgLoyeV4qI_haMgforg0BvvLLMnr1z qOglq8Da6OozrYF5tasZm X-Sonic-MF: X-Sonic-ID: c2c4dbb1-733a-490c-8408-9f9137a53af5 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:02:49 +0000 Received: by hermes--production-gq1-546798879c-8jjxz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID db610f21750abb164e44e985bdddbdbc; Tue, 11 Apr 2023 16:02:45 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 08/11] Smack: implement setselfattr and getselfattr hooks Date: Tue, 11 Apr 2023 08:59:18 -0700 Message-Id: <20230411155921.14716-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 105 +++++++++++++++++++++++++++++++++++-- 1 file changed, 100 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 3cf862fcbe08..0068bab21f64 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3552,6 +3552,41 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 1, the number of attributes, on success, an error code otherwise. + */ +static int smack_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, + u32 __user flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc = 1; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = slen + sizeof(*ctx); + if (total > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, 0); + + *size = total; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3581,8 +3616,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3591,7 +3626,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3605,8 +3640,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3645,6 +3680,64 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4955,6 +5048,8 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Tue Apr 11 15:59:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207782 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2308BC76196 for ; Tue, 11 Apr 2023 16:05:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229664AbjDKQFD (ORCPT ); Tue, 11 Apr 2023 12:05:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32822 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230252AbjDKQEy (ORCPT ); Tue, 11 Apr 2023 12:04:54 -0400 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 331865FC9 for ; Tue, 11 Apr 2023 09:04:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681229062; bh=5cndsL/h+/3U/Q0ql7j5W14e1wNptrEJlKAKU6QpGOQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=ReddnUZFXbAZGwEs9jeiU17PnxbeQsF03lIAXgqTXOIy+Q6M1gGEKdRpBx3sSwFDVCLgGzjvDxik//iQQSzqKH1cVQC8Z3tr3C8eUBDPKVqj9yA4DiMPL542BTN+se5KDJih5tWpH0d74rw6VQu/qP4aAiAq5yYcxBaQ1/6BcuYoYJjUkxPwe47q5wUSDLF/XDAzXgnR4IAKyLT8gx4zQ5QNGEOBZxdFGXz2USKs37yPVneLDELrw1Rt9wGyOBz6mC2p1uQS+ACdvPolGvuSHJmVTD0r2lTuzXAdmOixFNQENVrvk4qlPmbnezfah9YuSxjHt2e+Y61XYjc470HxZw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681229062; bh=RxdOnSSu18EZ+TNyMdTtQOxhQ3YiHM0M3ddio2NPqU8=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=hC6hrFr/3RG0ODtlpl/W4GWMVdVJ04oMTVnUb5HXF5fT1u198mFxy+q5O7LJ/olPB6BFoemNTSlQDR2IN28+CUUp2yhn9sfz70ZQ7k6wcrPPLpzzHvJwhVMLqgpKh2pjJpT4w3Hv4l0jZQy0jw2LM3fe0Me+vFesJ7V5P7BmkN12wekBvgVN7r5obn00KkdKGxi3jC4zBvH7xDBq+OLNN/XhAzL4JkwWudyF9iwOs3mwDGwO9cC9jAymcQKK521eYsMXP+ykzKZbmmC427mi3gKanEFMV2pEHFfYzbIpm6XyQxWlUb3C7YlC4+62QBg6qffAq+BhI50ILHLZOag/Rw== X-YMail-OSG: tmqrSYYVM1lx4t0u5d9IHUjZqmDBPBaYB6l80LbAQvCeUM4.oY.6DefbqY9zArS kfHpw73rVDkWqhntSKUoHXUy1xzNas6Ufs0ppVohGgfy6G48b3ggOeDt9mXpm6ZlU9EJ_zRYz9Jz hs5yHRcOc2veGbd0eDTKN0PiNRZ_oInK4R4He8xDWdJlS4WPgklPIF2xn5rBVTFXdEHWuU6YDiNF o1DPOo1YsRCvYLB.2dsbjyiI2xcWa9qU729rYPAnwqUVLqnonXMuNhh.LZO2M9Dc0vclbZs_5gQ_ pUEbRSSbTCCE4qjRus_V11CKgGSXEyy1byeISNpPvPKn6UPlGKwEHc.0zdpD5D0GBcqvsVxKBm2u NDwGwf2qkVIKZgRXi59j8p7d_ZnkhVWi38GeNpa8TSMKTeomiFX7_fIVuupgoHafy2RXkzz3E8Ob cyk3heE123Hlxe7J4Ql2gLT8b.JICgpInEoZB_e6xnsBD4TxSzK8tsav8lBL7hA_2jh32cSqZoFZ Tzb7NMCt4aYlWQKe0DZetF8g7vcjL56ThJ9Yitohc6iMMw2YRbX7PYuUFMonx74sWXhyJ2Dc3jHE ZammvTwIjHsGwL3qRb55xZfEbEUcAarE3f_k3KSM.BQmZaWfBMxLrTFx42R.DOmJFc3A9FI98W0E Pfc6DGn4bas0tOnuda4X3.XWWaOWSGqoNvgh8N7uRJ.Dg1MyecWQE5ixfnGfHHdWp.Fqq1yunw0v v.gtMkEKNkMEY9GAgB0S4QVoIpIWP8.fRrEWFwh_duIy4fiB0yPgi4qKa.vsWHiHuNlgwiB9J5MO jTYWjmMVsL3gJIJGSaS4nKN1asVs471Po_7QCXddfflkmyLL6n4SE.Cifg_6QGOL4DxS17Mn7qjC NDiAkhoofkciW2C29wkkhOJz7suk.RQF3T6zclMWfqjp10WFG5UA1bZAYWkj59RhaETP12gC7TzY qH5XAh_fAL2Qmkgja78XgBIH7RAscWoTHrwZQsUbsfwuSmxNyajduiyaKEIYOjS.CQwa7Epevewo Xd_maEvWPrwOBTh7Ert5atAG4gGmkSbTe3sjBhqpc6ZpZ8oDDMaF6A319MuVTW0ZvB9tN1VqUyuE 8lxFPLaf3bl9apv5580s5pkU9X3C39sqbbzKTZKVGHY9iuP.R4fwKTPPTphUhbWwxHOpCHvNoyIq xGbVdYsOzng2xSeLPJakRJvpC2LGym_6MLENy0Z2GHzSxUOkTGRQwHoIQhz5HUvepNB5u0DDF8Mp hsJ2XjXLNgvxG2LvIf5..aN2JwHO2ZT0mLva1V80D2DBRYR7VfK7u4qmTEFjSpY6HjEyM5wMF_1B TcvQj6NCuFIhefz5J350ole9v2yVuV6N4r5OJOtK01gjTePb2EBhylNd.xo6vHWlFEtdcbvrBhfB M9VFlPbpxbx2GdoYWujpY66pcXZH1LXqMyL72QZbpvlWy8K3TIExebzjBKIfS_5J4dz6UHYN8pKl bvGKvyKRDj3k6BDZNp1M6WOfIGJqFX_fAUrNHjbhCJYKAvRcY6TWB5JDu_V5ZBslMQreH8OXdU4d 8Z5HxfPOvu8tO_eQr88A5qOQVA8nVMF8e7fS4pvm.2Jz0UJ0X_9mRZdn16MZ57696WncLkbzFr4L Fd4H0pHvducFWnQA65z9NFKBehnqsNOOcBq7zlCAWE.yP1tKVks89bNc1_BiaqVBcbs4Dazjmqu2 p.oNedRb2l2IsSpaiobfXPiSqaRM5Ev6OebEFk62stUSQ_91jjAJpTgKvGoKYt6P.IQQYrGxsk8s sCkJjidDvBza62nnH.I0Hw.WrhJ54YYMH53b7MDbYRvsUBNxCNqtHl9DxIl9OU4h.QNId.WcAti3 lHNvgfxrzMctGwuoSqGTltcOGUQkToQ57ENBaosM_3FNRqYzJ8qO5zid3wIP1PSWO4ySH3iQ5mOJ 8S5SqKhXg5sdG2H.kJ_.6ao.5qSkggCoZI0QuTAGXtuZRGQDfrDq_0kNRDqC8NDWGojy1oxOjiKx 9l9XGVPQSgWqjiDFEL0.aZeWCgsjG4KcXUvuT.b3lKcSUXZx9nh1L6HkRJF6SabMx8EcjPKxrGXH 38uJX8KEJdINqE3WdMwlm0kXcbE7cK3m0PipG01TVCjTTMuoy.ZycOE7DzplnGHo6k2XfW6f_v17 dcNWcTX6dPJ4C9sovCY6.q1cppSSPC6N6jYst90OOEIGVvTg2Y64fJQu5s05RzxDlUROTO4ZPRJL QiL6oIbf.t8P.SqBq0JYoWpCzUxWuq0DYKbV.1R6LKPMSMJiJBhUhGzwaUlOz_UcyY82ZAaz1Hzx aLZ3IEl7dmXrI1yReM_fR X-Sonic-MF: X-Sonic-ID: 9d5435b2-197f-4d3f-ac90-8c1e432da217 Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:04:22 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8ad5be559bf25ba1172230271ff09c70; Tue, 11 Apr 2023 16:04:18 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 09/11] AppArmor: Add selfattr hooks Date: Tue, 11 Apr 2023 08:59:19 -0700 Message-Id: <20230411155921.14716-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 96 ++++++++++++++++++++++++++-- security/apparmor/procattr.c | 11 +++- 3 files changed, 99 insertions(+), 10 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index ce6ccb7e06ec..16ae61cec26a 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,45 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *lx, size_t *size, + u32 __user flags) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len; + char *value; + + if (attr == LSM_ATTR_CURRENT) + label = aa_get_newest_label(cred_label(current_cred())); + else if (attr == LSM_ATTR_PREV && ctx->previous) + label = aa_get_newest_label(ctx->previous); + else if (attr == LSM_ATTR_EXEC && ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + else + error = -EOPNOTSUPP; + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = error + sizeof(*ctx); + if (total_len > *size) + error = -E2BIG; + else + lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + } + } + + aa_put_label(label); + + *size = total_len; + if (error > 0) + return 1; + return error; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +688,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -657,8 +696,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -689,7 +727,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +742,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -724,13 +762,57 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + if (attr != LSM_ATTR_CURRENT && attr != LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1335,8 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..196f319aa3b2 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,10 +58,14 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); + + if (newline) + return len; return len + 1; } From patchwork Tue Apr 11 15:59:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207783 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02AFEC77B73 for ; Tue, 11 Apr 2023 16:05:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229725AbjDKQFD (ORCPT ); Tue, 11 Apr 2023 12:05:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32830 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230300AbjDKQEz (ORCPT ); Tue, 11 Apr 2023 12:04:55 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 030445FD1 for ; Tue, 11 Apr 2023 09:04:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681229064; bh=OYEWbDwa77VV0DiFMy0qZhXisBYPcCl+ZGFYdH9xhkc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=UlDQ3pu702b7bOpZIvsUOHFXznb41BLn0I7Cb0vDehmXcH4KtfQ8HMCAHvSZ9lc+72kcbqmt2/a6alLua62kTM38rgLSPPtXMwcZdjwwC5jRDYH/iLqqdwYtHG5I8/HEHZYcWMg278L2QMlL3aCX7DeAFGdukZYXsSIhqjnf31JKdazThNPS+5+cgZkKDswfalAxUEJpjysNGU7Q30ghmwsmMScU1EtTC+Fwis5u64BusZnx7TtXqOZzvPupGsgU6DapQG81RhsXp8QG6Q7VKpQETkIUwcW8oXn+G9xQzKWFAM1cMeIf9x0Jv8w2aZ3lF4OrU/6pmNkH63SMvcwIJA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681229064; bh=vZDCAhC9dZGtVF7ZkCq94Kee49SBy7LMLbJgH07fY02=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=RGNJ6fpg5tb2ug9FSinsRsbd6Ase5CQsYAvIZy9G7JFq9rEQUKhlvhXLshsohRCBnt7FQNDkT4yGzVqvvKgtkh4UzOV2UB4DTTLs5GEU2aRD+ikk8GuULhO3IMbjgvn7pZRGHeLh7HdR+fgMDY9PpAIYxq4h42NIkRpmmdAXXiFeHm/sX+ti2BeolkUqDuu5hOPqtjDsftyHKkMafIhRfsfT2Jg1qyO4u4TkcFYTXiXTesGcyNdGIwdvMDaYLa3UWWh5rM1g9GWHSzNmX9/o9CNRcEG4yrRPiPeuWDkpRvOE2xqBlebbfWshtflDmS3JmwwONOQf9ZlW21PHePLg6A== X-YMail-OSG: 0h.h4wkVM1lvSPwhV5Om0rovAGtXqSKlHLPvc2TTKJe262wNkRqjSEihoHIVWMj CejoAStPMwr0Ucs_d_ZVCclb6xI0ywtvp5lY7UMkypzpnk8ZUkdvXBhMzPS4Fp9eeXLKSnUXPgVR Wa8R0rx91qHFXx0C8iFrhdSuuxVU.6mtkf_diXAAb5fzDc2rMLFtihuxWsbXURRHnlfquvr7Dqy. Ndw7A82wjuf6VJGf_vMTHFZ5zt3OH5G8rS13YzXLUY5xfFsGJmiigGS7uHdLC4PHEELJaicEZGhM jdlYkAM7COFOIPFDXJ1oaMDX67VPM4NQh5ZTqjATp3d8ppP3lXWKysScZR3TfHzlcSjL26nKynrV lOp7xEH4pbEH_tiddrYxT9miaAbMDgzWPGOLkNjcmJlxs.YSl8ojdeiqRZ7F2d03TV0..9ls4XG5 .fQDuvqu9D3pmSp64Bv78xt2BYYMQRmaSHL8DCcOfhGFFz0JZ45N2ty34SlBJVsC2miwMbTYMUcs RGK66CHVgbL7wPuJyP3swTRkzR_oiHcIX7HsOVAWHqFxNDCDx2bOVLWK6o7vhXzCcsUBo_YhY2zJ iLaoxjvfZr1aqICZCTApnkipx50lkeg1a_RiQcTwrj2IKxNIl2lvFn_fXn5_fevmOSDkmf2J.43s _rwwlOe1l0gFnqqz90nplfyUChJDdE7xpdB.31tb8.NS09NvNc6ya6ySnJIr_oS5qQqmvnb9SqN6 yfKyD1bEoqrqOoGs74NwHiGGcTDzA5gu2ZBVZ1bFA8quAtdQ_dCoO.it9PMnGSH6o2Bp2MQ8mMrU wrSyRRbfPMSH9ISnea_DqzfhOgW5vw62LxslKLsoHYbmOkkpTosDwBTS7xt42AdHUme2OnghWEbB DeczXGoALK83UJkFMadUvGcGDafRrPBgELrkeIsyN4jmOzGt0pvHTMjtr1AQRLsgLvPlEmjaMzUv 63bsXfvKoXPs5ubJEK1OyEQ3YiaT5EfCvKkxT_j_5_zGBKnNpS0RnROZ7gcHujDA5YskgjMsn932 o7OSf8J6sLC2FddsWHvwU5dGgor7AUd0MBZGKCpvg6VTBn0o1kJ35kPaIxaNkmd9cawNyqdVYuAu iw.OL7gHtv62a6b7SqQQzOU1zPGE55P3T5a49PIWO9g2w4QUL3lBNg00cecTgWjLFHDx0IhwyG1O Znsk.QVZsteJTcU0EnPIPduUKmWbuNgDKmmP.pbN3oWThhTI3F3WaTDiG7n20Lnnr8wjdjw1ZP7g n2onyVBAij470uCzeS9Lh.PqEMSThTmjn.Uhwx3RCOWvpQJRtm4pKiIX4OfmAAIpdFjoaHqng2Fr Axj4Y8h.2Oc60x_CYkKF.bT48RU0jNs.Yf2C8YaDY4YIAy5ERW7CfRFvBEJtRRFP3Vrkiimq6mM5 9S3XtH32t3WWQByw29N8VETdtu7wd4OoPcNiMJuZjCp_P2oA5GNy28Pp9XiBs.lYXbg1NGxqCBIL sTlHV5lTtLszrS8N9IwXTQsDVkF1IR90r0UwIXVpI0E3O.xK5GI.NsYy1JbEEY37tiQXxr2dxnjo wIPyjVgj0GwDD5r8psW44R.GLsj3lc3mY6RQZtvLb3gkc.k.nimGRv2lOjLSOOVXjES0n4MTlva0 zVSUiNpY94iYkJONgsoFjN3qFuXcP3V3l8TxDW4vYMzBM.w7kZZQPNOWHsvhk._fWEkIjZaOgGNu 6lYx0VYWuqpt4cNgXn.9_wIFYdYpTdMYgUdnS9xdfLisOWXU8FMSzN6uGDpD32ZMuLMdelz_lQGv 80mBcruR4gQ7ZTXemupuhLAdkKD1j5nKfVU2PwZIQW7UOufPWb5E2.KFFML.HLAs0B0lU11oQDXR K_zp4UtbA8_QSQtRzridGzfEF9RWcxm_O9ktGZJAx9BWVceLZfDWntjIj61RAUxzXXD.Np2g9s3N 8f59giouS61tILEea4qt3PtJI5nHqTCHvqbBJ7PYXN1kWbi78WZk_YJAsZTNOdYbPavE.ZMX9L96 2iE99OLyTJnknvcAww3wH4sFb5TNFCzcIiiLN8OpAC03iQWWsnSxqn8ofP1BK4k19.kNs1zejWcL FhloSCXKi.dghri5.w4q691BrvhJ9AYjkZX6MloliIZtCktAos9_QWIqqiYLq7yFdUgUoTTi9GHY oogW_uWVuWQG.z86ov.lJEbiGHsvvqgRgjFPfEYoLXVr9.uKZiyUokclknf7snHwutkol1Ux2o4n tA8XcSzE0Yj_uP0bVAlfXNBi65vN08F3NxC_lBjTceRZS0n0uRlcKc_uRO9hpOrNNRSeXduPwMaB oILtTyTJu3yg0LM6.FNIsWdv5G3URVCM- X-Sonic-MF: X-Sonic-ID: 1b92b82b-97f7-4c6f-b54a-ad58e6a66573 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:04:24 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8ad5be559bf25ba1172230271ff09c70; Tue, 11 Apr 2023 16:04:20 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v8 10/11] SELinux: Add selfattr hooks Date: Tue, 11 Apr 2023 08:59:20 -0700 Message-Id: <20230411155921.14716-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 153 +++++++++++++++++++++++++++++++-------- 1 file changed, 123 insertions(+), 30 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9403aee75981..beb1d6f5e000 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6348,8 +6348,8 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, + char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6367,20 +6367,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6398,7 +6405,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int selinux_lsm_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6409,28 +6416,36 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_CURRENT: + error = avc_has_perm(&selinux_state, + mysid, mysid, SECCLASS_PROCESS, + PROCESS__SETCURRENT, NULL); + break; + case LSM_ATTR_EXEC: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(&selinux_state, mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) - error = avc_has_perm(&selinux_state, - mysid, mysid, SECCLASS_PROCESS, - PROCESS__SETCURRENT, NULL); - else - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; + break; + } if (error) return error; @@ -6442,13 +6457,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(&selinux_state, value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6459,7 +6475,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6483,11 +6500,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(&selinux_state, mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6495,9 +6512,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6542,6 +6559,80 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, + u32 __user flags) +{ + char *value; + size_t total_len; + int len; + int rc = 1; + + len = selinux_lsm_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = len + sizeof(*ctx); + + if (total_len > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + + *size = total_len; + return rc; +} + +static int selinux_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = selinux_lsm_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr = lsm_name_to_attr(name); + int rc; + + if (attr) { + rc = selinux_lsm_getattr(attr, p, value); + if (rc != -EOPNOTSUPP) + return rc; + } + + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return selinux_lsm_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7183,6 +7274,8 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Tue Apr 11 15:59:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13207784 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26225C77B6F for ; Tue, 11 Apr 2023 16:05:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230026AbjDKQFJ (ORCPT ); Tue, 11 Apr 2023 12:05:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33292 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230339AbjDKQE5 (ORCPT ); Tue, 11 Apr 2023 12:04:57 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B8505FE7 for ; Tue, 11 Apr 2023 09:04:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681229064; bh=S+X9faI1UmSQJmjfpLORvXGBJioOwUVw04kUef1iOVE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Clr3bXUMgPtCcgCISClthbDbeoMF9RjQA98XJ5NtmbfQwR3GjdyQHZyTX+W4YBDFImNK/siTMfjfhQQvqmik8bwNH0HWeZ32NJrK5xTVkpRDFb4HLUQcz52eprD24zIG+2883LioyoLGtm/dPAq6cl6ttXKHas6lhhGPaPjKM4ikJsaZ96NwjRXmyCJAiRw5WxBbvVWYOvFnuIrxxUJ20N7jO9SuX70rwtCANjNfW2LHUKtj6L/RM3DqfccnTWr6WlTnJ/cOPgcNCbozygJqgdcxi2ePwhhQ2rTjY89o5QVc5w+4L5jHOrpAoLoBhi6s1uLUlYY64p06ZoTRbT9G0A== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1681229064; bh=Xp30FmuN2TS3I5nRjpF2UhHrTuNE/vJoxZk24JNBs/R=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=FFTpk0YRBbqCr0jkWZmuNsST/7lrKUPrZ1fHopghJz+JPvO3t5iuREx3TDjmTqxfW2kEt0nSNEpV7WzhNzb3un4zooLy8FT/b+qXF3iwppbmLAp8hitGWBbaKBJyE14OvFD4ineDyqSv8KNM2MnShFyuKcILKGfcCGL+N3FP+GWzFoxbV9/pcccP5eyPOmwW33U508hQPc4VMjthkmYLA+2DqW3rqbZjY4MmAnEdzJ7EXJdcFcGlqQjWa6PnkW72r43YDCkjb2fKjX3l25ysZxAn8iwlvYIp/AZWNi89CEC7FhIruAvSQcyjNyYpCyhKS0ANzj/TGjS6IkU8tb14bQ== X-YMail-OSG: 2lruQdUVM1l.BzUoqL4aGvJY9oYSI61._hm.xI66vwT_fq1GOzdf3vywORnPfgg Mx.Ag03xkFHT4JnfG4.Xk58Uuej_2gP9fC01T1cdrcJ0fNPN2UmQvjQD8v1aezrbN8gPvVPFf4Pr MDxZusAtfMTiU14FCB3Jw2wT.3o7.9o4pDb5vWkVxMOQlBwa2_OSBnynk59Xs.8aAlyn3Ikc3oZC vxL3QStsNdKC60qLD_jvJvaeIueJUN8WVuxNy_l4b5kbd.uRFKAJW0mTCDINGdwz8hePz4JXlo3l 8VRVz.y7qS37cH5e.HLEMDY6JDrdYM3BSrYHvaOdAvNO5D.1MJsXPaUju.4JrAgNivzVgdMXYIa2 AoFYhnQpenIVlBeIyI5WYQ1JAFeXh9fGSQfigvbAS_5Yt83PhW_htDU6CmQd2_s_M.NlBOEK3QBo yzo0etq2F_rOnU1T7ORCe1QgMHv.gicGA5DorN0OJ49cxvQ.v4HC3nyjFIqMkAdm5XLIWKdC8nLH U1EfSqhB3CFrPWCKEL.myhypnyylRW6qgyMCqB6Zps4Tvrq4vUrcUDh9CyHx_RVypgw0xf3LKLEh XzA6zGDn.bgiTQkgV9BkI8ioifkOQuCSTpW0w4sfd0TbfrS997sShhAi0kxHZ2WWO_GK21naIR_z XbXMb49qi9ziqxNasQBrjKjj7wh_mLjx_JDGKRyyWp2Xkxa7gs29crwUtzfCV5KAiQZfbsdsQfpx yeuCw4ZJ1QXpoNiMGXUDrOof5Hwgqt9Zy.0iKrIM4JLt0uje.nF4X2U9lX9GZcB66gBudBaendmN viSqadUFSCSQinm9QWXfzvuslcguNGGBV94d7h92132fAmfaL95.3Qw6BwGFy9ullSh.61ezDbgL yp_2yozhEWP8RXM_72JhYFRgjilXCGo4ubF1sli.iXxEnxnwGYvfezFGfCum2deEzP4MdbbTsJTD Gk.dLEQLMTIBGhB1xNZhGAvys6HPVZ2NDpzejSDPjv9gfjzYZ_gmdjUlPCciZUwLLJxEtISJ9z7R ojLWwxrAw_vfbF.iDjHXWgW_ILH8bJNeTzbDPunpmiqIaWjkT4RAkWOYCw.lXcaw8Xp.UPGCYM8W qgVAPEOjupPgHYbBsWlkVOGkaL756sjMfnNzK3Pq0bKRmLeYRpkmwJFrKPkGLzLfnk90M_vnXv.3 FVVAtaSyWwlH0OFLcsvkC3IWx9q1uhbcWPFqyTz2xQ72QuT_aVmsru5OxPgE.O9RXGGwV2mdchVC Qv7lY34tFNHN0.4Zos_nWtc4r3Ap_Fq2JIwFgOxHs0uQPWZqWTy0Fbl2kYveTMXz.MHHXC1U6BXe 9h7CQ.6OALGb.mkxlBb36IKfsztTYl3ySWTW_xg3LYeHMNgV1jDqNbfK1d.l3aetsHCPzplQWaYk TzNAtxrp642vLso7AccT2c6SBZqmscLG4cn7XYBEc49KltD2wQ3W3.Qn__ZWsSpe36qEt471HWjp 1MgF2ThbcDzrxOuPt8IfPOBrng.Ef5SS6_TxMYs6blAwtiJvCJI.wpfYFDws.zrjGG48ib0J48np NCasfcMyT8rO6kAKHbhYthVsloCLnRmt3t.KcO0_hWoq7rqaIoJ5_wxP3eXs7qP_t_Q45VlRMXEs 35jheAPLpAeXKbQuQhLidr6Qbbemu4yYxiaPUnyMwvGpdp1.I_5LQtdYvv2OIVdK8Kw9a7BQV6wX ECWY72RZFYjjUV3TQeRBl59C43dYpQ18fjVJ9oUOENk9bcncB7lGjd9CY69ZZ0YQX16mKZmQjStD wqvNqv0VcHiEBWLIOC4Xh4D_Qzt_jCpclb9wTJcKLTZatTsM1oLckWwtDlFqECFrmLEgJe4AR3KT NkfdEmnToEtrWF2BG9v2FNtMb6v1RER9SGwUuwQVAFOB1PU.xPI6Zs1Pi0UyqGml_Es7cHk8qveM YKQvJzHhiYW4NqwqiykY9Yfq_Dwr6FxIYZzFkiwcNJ3mBPR.bxGz6eTgf06HfcW3Y9GF1C7Vb0dA HqUxQU8dNM5REFpMNq4YXji6259OiKUr98x.x7PfG9hG6d0Zq8egW9HHEdD8YeoRNRYWQCc1qq9L z2gov32RmuODuDwgVNaXc3.YoqSusLbV7QlZqOAUgeJ8M_AWQm2.hDm1QXqhT_Xr3JsiMx_.m67g bTGNI7b2Zm2q910x16qcL3hcHa9rU6JUuPXeiMYD.9CchZzhakeIoF0jHre1uSovDVmGyXCFbRT. wiREyH6QCJENQ42Hmnem7B_7VjbbJ2YPgoBTjQ5PRdBnPTXrkh3FzfX8mZoxV.LH2ahHLlsYGe__ iOygY7kTx49mApcRUN7871qrhc0lmBqk- X-Sonic-MF: X-Sonic-ID: b3828b3c-fca7-4fff-8706-39836bcb4b00 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Tue, 11 Apr 2023 16:04:24 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8ad5be559bf25ba1172230271ff09c70; Tue, 11 Apr 2023 16:04:21 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v8 11/11] LSM: selftests for Linux Security Module syscalls Date: Tue, 11 Apr 2023 08:59:21 -0700 Message-Id: <20230411155921.14716-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230411155921.14716-1-casey@schaufler-ca.com> References: <20230411155921.14716-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 268 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 149 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 70 +++++ 6 files changed, 502 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 13a6837a0c6b..b18d133a1141 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -38,6 +38,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..f39a75212b78 --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..2c61a1411c54 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,268 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + if (len <= 0) + return -1; +fprintf(stderr, "len=%d\n", len); + close(fd); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_NE(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, NULL, + &size, 0)); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 1)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_EXEC, ctx, + &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_FSCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_KEYCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_PREV, ctx, + &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_SOCKCREATE, + ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..3ec814002710 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,149 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..ca538a703168 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,70 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, 1, + 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, + size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, tctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN