From patchwork Fri Jun 16 16:50:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283028 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5C3B0EB64D7 for ; Fri, 16 Jun 2023 16:51:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345795AbjFPQvQ (ORCPT ); Fri, 16 Jun 2023 12:51:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37262 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234497AbjFPQvN (ORCPT ); Fri, 16 Jun 2023 12:51:13 -0400 Received: from sonic314-26.consmr.mail.ne1.yahoo.com (sonic314-26.consmr.mail.ne1.yahoo.com [66.163.189.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 538CE30F9 for ; Fri, 16 Jun 2023 09:51:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934261; bh=xtaTUCsWeUOKxQea3fpqE+5C4wkEfybhK4xKLVuBALk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=c7Nt6pT3Fy67mJKjYO/EUmgftHnio6OVg4fMDgkQee+EGnogYWTi3IeYS4smZJq+fx/dekJ7Y8vQxl6j92z+7Iohww4WUKKO1JkzRJmOTY2ooUduxep7/AjP44qJUR2ieNMzs1lRi6hkfGtq/LVg6qEKanvmJZHf5/cNpFlVJf+alCnzJAH06PiT/vA4HWVg0rNvxlsZ9/27keCXQ6XcogDJlzRIoXm4HM1RFpdr4Vg8XQuhN6n32oaP6nrNYgBFUuy35rD/NRj6l0pEyQ7iMPoDCrmd7joq/Ifw9XWVjufUBJk1H+xKeQxNj/z/h2HUUWviMWQNxFBAtN2bVOgdjw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934261; bh=O5KNuwURTLgi9e5hl2CtOF4urLZBo+hCwnZ/UcaaMY0=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=B5DfIYyliZb3OOrGljBXVnjcgkGeDq9yUmMltpw1jaALk9wpM/6CxcqtNsFSMrcq+DoyvHiQAjDMb7FXOtT7bEF3DhIit3RUdmTLsLebYSeGibsz19klebozcQz+hjAfIGeafp0MB+8oxYXOfwn7RYwvw0A69qoVio1M78d2gaJIHEPDNqFsNKjlbWX35n3Zwxf0AiGxsvZI6iQ7tczg0qJS+i5f9It+N6MMRQu4ZMRZDDk2oX8/zd8n8I2S88GrrUWjtFCcn72BQOPelK7J/57/knjbiB7lYjWWBCuOWFHC6ziDc4VwKNNm2c3X7aK+9Yr28V6f2zVLaQdo45Ct+w== X-YMail-OSG: uJeW8FIVM1kvBynR2OoQKqAGCcPeaVvUEs7lWtTvqVk_X_hWLbeSy2LfIjw6Ic3 RrNzz8YV9gNSDe9NiluwywGF2jgAidpiRoI9YAiV8php62a10W1vUFvO1GR8NlswhK7xfYILOFQy KyweoiTdK_7SN14aC_X9Vnw9Ym4Du2pkH1SJBMsv8S4VuImfWjocS4o36p7m5fJ63C93ObFF063K oya1WQVtQbEpl5VsrVgoYlK3JTnrVEDeLrhhuAYzKKmE7CG9Itt1Do_KN.fxHxmSDA0hO6Jy1NWd gHgtErlhp6Qlu4fz.Ghk_nXZlxgkKc7sznWjlK0QyjvUNgpEaQ9Do3X3nfkG_UNKJx6h.dFKTZCT K2pUYrlBWSlVWZ.pQ0WloEwPO.M_agcKclPk3NxVXoV4jy6p.ivs9HH7PidJ6Vf_S.rzhzX.LQU9 AmtU265MpIOGzwOXfiQVqnrNzrwh1TpcsIhMclnWsZDo3wDR_4ogRxjCLPTgqUQaf0FuboVCZJbt P2IA63Yk3wUMJmx7R1OX0EuQI872NvE8txL7xbQRZkDBbrTqV9r89JvU13dchqEA5N0uQVoIY9sp 6fzCOwhgXWUIEicLmL_loLxkKuihfC8ngc38B_KpCrneryMA7H3p.a.3FnzyH3bkkB3izqNBwK5O IzCV4AHFzwxEVtLmk.bXJSAX9bRNCMVXiBurQzYMjuzPX9MIuyolg_2gMveacs6xgvxEmxFA3jAd _vpbbhNJcZhHx6kQChb3EVV8Lskf9Jor_iN6sblkcvu3qaPe4AyFqLP82gwEkn7JCk3RoAtzHPRW 4x9H__12m.Y_w0H_KilawR8LpqF5FzEnCyRfoTcJMKgWxgtrD0ko0p.qbQViAoMhg71fTS1ix15k BZprQt4gr22kAsc2v_pISWuT9buQw5if3AxebxpmxZmnuM67Rf4LkYrRB46twmCQaVZ57IEK0jBv MPpZnx3Bt9uYoyazKMu6QlssPVXHlFC34rwP9CBebHPof6D1M.roUwpk5rSZpCVTXaSf1Jwd50Cf TCiuWbGM9muv_nqeSkL2J7LxFKN0m_OypVuFdUq610rIc9y0pli8fefwTnzqVRlM9j95x.HwCvPL p7qrJUQLDM2cNFtCjDOdzQnKcYIdQVgZT2gk8sGF_9i4rJ5EDHz_7ZrH3xcJIHX5q4gEf.O0w3jC JCfz1tfoKi5Nsv4dbV3gUg8Gq.UoQUsnOh8q6DiqyYWWWDcMWOkh8GPVomyEocpuCfltQr2p1P5A drdMlpCa32A9vPbkG1muKJQn57w_uG8.UiQQko__Sq7NmEhLiQujnvocgzt8k7jf7JpC4CIt1lcA H7p3g8.dDHJX2UM4mjC3hqj7hC0picU.VDmut3JrsJn2AGbv4NHVcnysaULqYgMUvLvlHa0BVqBU txA8Aql.V8DUoOuIkXR6iBBKq3VMd1JgnJ1pCzwVlsnWJAusxIAwvTgyh502.2CpQ.Uq.P6NbEBz ThodBzktjXLCNBuO2XGaX2WbCU.mUR_EQBYHOAH9QLop8lTa51Y7JUH0m61wl7HyoJp7juegfsOG tgX2YRntl7fx6Z3RRTHSzDQPeeGr5z.Rq9wO8XS5Cg1nhvBTcuoRY_WsAZEArXDNIYDBidePD0h4 byZ7VB4.78ffSNDMFvK7PNzQoU7bhIVusU_q_PTUDVcacOymI3ZB5OCaW5oSt7mdWe_z8MS_qpKH hujg08tNuDSzd44ZOdSwtTwuP2jctX3bMbLkp6yrppFG3.AbHIRgyhfymcfxidxLfYZ8FrhJVsZC UVK9vCXNAbKOfbSo7pAT.OORJonG6FgjAxrgFndxMIQfWPGK0kFozHZS73i3m95d7sKEGLlfElsm ZG3UUldoRMrZDjaWQqUMjOyQMTixa2SkNhBz5se9sBbqEzSmA4lBFrPBadMwv24qA4pRoSvsR2SZ n8IGNAwMMBmjkHyGBiX0yoNzJ.aHN0A.KOBtK9zn3lfW6Dwobna30U7vfgvR8TJIdgje_lKfoQkL zMWk0In0O2YHYJeTi9jzBxNC.Wo4k9H2R6zhV7P3nm2ybDkt3hvXZ_phG_KP8uxNrK2hP14VBx5O o1RyP8xpgAN3MGNkQo5aSJJssX.9sVucv7gvC9T0xFUj5sVryyqjxW6xpQXQY66.oCQ4E.W3zEaw 2EIIZn59gOwwD5ZCiZvlxKknkFFDtRkuwxzIz3Bmju4Br2G3zggNd0BmN2q9AVIVOkkK78c0mBAY ecyKByEBlQqtAWF1TGnLryUdduWbXJpBvOSHPczDps6rnZKRev0b0XRUvE7UMOjZ03yY03op1LNk keurbQfURaxEh7DKO_w-- X-Sonic-MF: X-Sonic-ID: c9ad50f1-8465-44c9-a44f-388c081ec71f Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:51:01 +0000 Received: by hermes--production-ne1-574d4b7954-tvjss (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID b70d58d7ec5b436008cc3a1dab4c00b9; Fri, 16 Jun 2023 16:51:00 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 01/11] LSM: Identify modules by more than name Date: Fri, 16 Jun 2023 09:50:45 -0700 Message-Id: <20230616165055.4705-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ MAINTAINERS | 1 + include/linux/lsm_hooks.h | 16 +++++++- include/uapi/linux/lsm.h | 54 ++++++++++++++++++++++++++ security/apparmor/lsm.c | 8 +++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 9 ++++- security/smack/smack_lsm.c | 8 +++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 21 files changed, 216 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index 72a65db0c498..b5fa29c077eb 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -32,6 +32,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/MAINTAINERS b/MAINTAINERS index 7e0b87d5aa2e..5e326a6355a3 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -18965,6 +18965,7 @@ S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: security/ +F: include/uapi/linux/lsm.h X: security/selinux/ SELINUX SECURITY MODULE diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ab2b2fafa4a4..fba8881d2bb5 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -41,6 +41,18 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const char *name; + u64 id; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -49,7 +61,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; /* @@ -84,7 +96,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..f27c9a9cc376 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_UNDEF 0 +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index f431251ffb91..308cb3a281c3 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static struct lsm_id apparmor_lsmid __ro_after_init = { + .name = "apparmor", + .id = LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1904,7 +1910,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index cfaf1d0e6a5f..7e7bdc1b7979 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +static struct lsm_id bpf_lsmid __ro_after_init = { + .name = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 0b3fc2f3afe7..44c2577105f7 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static struct lsm_id capability_lsmid __ro_after_init = { + .name = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] __ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index 13dff2a31545..786af18c4a1c 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index 1c0c198f6fdb..db5ebecfbf02 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 8a06d6c492bf..2bfc533d36e4 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 0f6113528fa4..f5ec82a1c381 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +struct lsm_id landlock_lsmid __ro_after_init = { + .name = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index ebae964f7cc9..14202ee4a362 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -208,6 +209,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static struct lsm_id loadpin_lsmid __ro_after_init = { + .name = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -259,7 +265,8 @@ static int __init loadpin_init(void) if (!register_sysctl("kernel/loadpin", loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 68d19632aeb7..aa109b5811d9 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static struct lsm_id lockdown_lsmid __ro_after_init = { + .name = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..24bbab457623 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static struct lsm_id safesetid_lsmid __ro_after_init = { + .name = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index d5ff7ff45b77..e56714ef045a 100644 --- a/security/security.c +++ b/security/security.c @@ -512,17 +512,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -531,7 +531,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->name, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -3778,7 +3778,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.getprocattr(p, name, value); } @@ -3803,7 +3803,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 79b4890e9936..49ec74bc006c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -6890,6 +6891,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static struct lsm_id selinux_lsmid __ro_after_init = { + .name = "selinux", + .id = LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7210,7 +7216,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7a3e9ab137d8..cf847cfe5ed8 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4840,6 +4841,11 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static struct lsm_id smack_lsmid __ro_after_init = { + .name = "smack", + .id = LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5046,7 +5052,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 25006fddc964..e2efc94ec481 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static struct lsm_id tomoyo_lsmid __ro_after_init = { + .name = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 2503cf153d4a..31b52685e041 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static struct lsm_id yama_lsmid __ro_after_init = { + .name = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -471,7 +477,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Fri Jun 16 16:50:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283030 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 101A8EB64D7 for ; Fri, 16 Jun 2023 16:51:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345720AbjFPQvT (ORCPT ); Fri, 16 Jun 2023 12:51:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37510 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345207AbjFPQvO (ORCPT ); Fri, 16 Jun 2023 12:51:14 -0400 Received: from sonic313-14.consmr.mail.ne1.yahoo.com (sonic313-14.consmr.mail.ne1.yahoo.com [66.163.185.37]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B6B543599 for ; Fri, 16 Jun 2023 09:51:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934264; bh=hommsA3BOKWH8JPrcSGmlsvcDXkkKM3xWdtpA/dVKf4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Pn/vnY0+uG5t9Ag4oOmqOIhBpc6yq4/6RmCcUqgLRFOCfipDcosS6dMp4sVX8t14v0B1hf3BnJHrVqrOovRE5svCuXI25qNRoUxW+egTaGcEdR2xO+aVOpkp/PAm6uUvTSFoAHMvF5nzVVgliVyuD4faDekkH0nYjxCSA7GMc3RQ+kb1NE355O7MlDkrszq0OqgCWMi0puEAgdFl49FT9m9+UKsvDchVTSXu7EGiQYiVoWpCL0ZlEAodsILeUVs7W+5I4Tatg5Nj14bwbuBGnoH7qMwqSKhMjduz7H0fMwEvyqF5FPA0jVFm6xERjgHn7ORu0y00VK/2aC22oG95Mw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934264; bh=hhCwww0P+VUEB7CgtXYOeaqiKmrYtJmfDukbl2sYzhX=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=qK0itaXv8pUws/vHzImGZhUp3mg0cw2rV2TcVLnQICFFy79JYalAZi6vt3vW8/8BdCsXeaKPntzdwO+zKAfltGdXD6S7IVbprx+VdszGdvidojFbBUIXcAvmfW+vy1I+X8iTrgNYH38gAqF5ONvwvj2OprAmqCGHVbKWYqTBZu2tFQxeF7T6s95VdSJqKJJ5LMYQEf+lmmhWB8uLzkjPr3Mz894ybZxZAckdmdMlhH8JvP2qHKnPdP164hFxxJ7s4v2GCnngLRKeDDszrrUC8yNAXpZpKsZsuAsfLj6m0LJ4Kx6ZzSv8DkJLuLDwoxkrYSbQ5p0SN7u0fBPoLE+Fyg== X-YMail-OSG: aFLgZj8VM1lE.dZ6WhidqFrc84AZbm_cJZloUYl7MKO8cvfnq9qhXCHos8.VEoD fW8f39IxPeChYkuSsUrcmY695InR66xBHYsyeJ1pd5cdLKSnSzbAVHphfxxyARVxpQVnV5_Y3HQo bW8PV7czqMNhW4EKMvqeEcvcqDgSySxTywDIDhXt.YZj9aSF66lVDrAJ4xiJX4mwCNw3O9Cn.59x udzkMPOTh7pYBC1bfIyCgjgw2kKXRCD2qHi9WEpdXJGGz6Dg20oBUvP5tmxXWslylxSkQEiwGbHN Uo7Cdkk7Po6vh.F56VQofTUc6LoHLObLKTsHUYyffpKjQqOo7grQ2nBKEh6IyYltmHL9EpP4CPp3 hOTsKmuKkwtga6sY4axcdA6CAL.3SUFVa0jFlCnJhDIz8HpatKbiECR.EgvCTLr5CPLNIPHmklGS BKBnARfUg.NsdzlPzgEBIA1m_kI7.fwql_HFnAfsep0DmVxTYSDhsM7kXVLoTKi_pzbySU2tly6r cv_k05cWl4Gg3xIr96xuC7G5YNB.IICyzVg8fGXTY4JLTt0fH6.EmmjopcwMBae7fHInyx2s2sS2 pJtaYpoHm5YhwGEPKKhB0yPMdv8QNMjvKt66TQAfcrEReOsgLmdLw41mb5xDeXiMGf3PM5YPaTby Y.ekys8NdQghGgEX84azwlOIiylcQYe5_dGponi9YqMVX_8AclehselNArTv3o_htXWpJv2xQIO8 128grGf6sRLpSeGcSgRvtWLZ4Z.e008PX7rxP1YfMo1Qkh8S1zmjKZ4e0WphoDdfmUO0VkWEa3z1 RQAgEl3LG7jtjR6cSBaik5FZ9DuGirvYP3nrO1D_cNVH_2wQ4QNtzWABB8qbRQRZnNvK5zyMgEBJ _ydALLTuX_B02pzpgAhSRCwkT08qXhtX5n3W.VUzPuUgtbh4hZpJI_Y5QIfCls6CJAsoOmEJDN6N kikRiG_smML5SikdlfVyDotFdyuX0ou0gAhIoFav0rPRSAS8Cy1pQHEKL3ZiTMfY3i.7kTQXufbn e9_6vkTMk62BwLSTqEYqXqDWkr1iRrxPBuWi94lwcbvzQm9J8zb0.979JwLYhx6aFBAt12RHUwUP bI2e9kEIrMJomX1chQPvjbMFk8Bo0m_xmZPkNZyvdCgH3MLdxx3.3t7M4FPsMCVmfrrquPMB2vDN e5CJfCvgnHMmV3Kz2G9wYK1IQmSXsuyjCyvLQC_6pNaXTQf2LPMzYOkp3kMFr197wMTRo26jpNJg vmT5dDJGPWtf_DzAI8.OgUaCMGSapyPr_V_uyUi5EiD5ZlPS7jkB0wrHwEGoO9btXrLFzVrA53i6 UhK5ZsGVvD.JnR.mkFXXiDdponD3BUQsYIE3ti20tY7lZ6Z.CLkO2HPZd288HHpY6WlCocYXHpjV LoQRQeWof7yFZ8OyrG1E51mj.kYWmQ4PlSef_.9elguEw6_ZcB6TTM7asR0e2auEu1_9EhqGj7Kg l9znGOT2L7JdG_o926haPEfN4PvJ7wibkuIMNI3rf.wVYNweRKCqIsgAuqFNZHxSlaYghxEnNQzd b.jNfo8UHqJ9JW3GmDD2wtwAt29dUyJ.vcQmB8Gzbd07r34QguW2r.MxDUS.nUBUvzcWgMoAMViI 3iNBusfwwE4pDcHZf.TXr2wtz_5fn3KRBj_C7Qui12KYRxk6VHn1Y1aDvkFm9ucSvOnA1OCPuFol a3pvMtglXi1P7jdWmAudP.9sOZng6.Fab5poFhnP5gFB4VltHHRaEKpD7qHgjvEh9Wmf7pt0uDr1 gbpqhCnD6ksBXomLYhS4vFjvF2Tzvv1lhqk.Qz3pJTUBGhsDs4zsSGOgaw_G2ehZ76ynCPb_ZYXG X9OMQibtVi03gOer77GG0uHnHnFGT3wV2dsJ4oSlFKiNdQ5oRp8nhzeV8AXijdfhG_JfrUp3pvBd mwbOulhIqtMjH.wHDvM0rMf1912YLSGQPRd0ZWuawEKZS_m1JlzCQd4tnMoc3dByNl_pjZMYKeTJ W0VPa.ulFVWSByCXc9YWxdRT.7zzOWpG5TpB7O.SyJWPNTcyxAcZEjT3cS8_j3uc8WWzv.7W7rfo Gl1KmFI1nYPeSBH8mSwhQCG5WTFBBNIFsQq9KcrL93begJ2z4kX37RNrhHVqhGjElvb4i6DManse U9rjEp0lrXUDFGefPFPLhw10j4FIYgmNgOpR3kQykgAfbFlD4rlL5YuV5wTdX2KgS6B5wwjaBbd0 NRL6c9EX3W.4a_9dpDkingO4NOuu2VgV1hXxDvdg46iXLEpoGI9kQQnWpJkpy3fJiq8lhMvK4HfQ NE066TeL7QuUBhio- X-Sonic-MF: X-Sonic-ID: 6763a677-41eb-4da2-9e44-5040b023e185 Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:51:04 +0000 Received: by hermes--production-ne1-574d4b7954-tvjss (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID b70d58d7ec5b436008cc3a1dab4c00b9; Fri, 16 Jun 2023 16:51:01 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 02/11] LSM: Maintain a table of LSM attribute data Date: Fri, 16 Jun 2023 09:50:46 -0700 Message-Id: <20230616165055.4705-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- include/linux/security.h | 2 ++ security/security.c | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index e2734e9e44d5..569b1d8ab002 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index e56714ef045a..39c5225603cf 100644 --- a/security/security.c +++ b/security/security.c @@ -36,6 +36,25 @@ /* How many LSMs were built into the kernel? */ #define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_CONFIG_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) + /* * These are descriptions of the reasons that can be passed to the * security_locked_down() LSM hook. Placing this array here allows @@ -245,6 +264,12 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __ro_after_init; +struct lsm_id *lsm_idlist[LSM_CONFIG_COUNT] __ro_after_init; + /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { @@ -521,6 +546,17 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + if (lsm_active_cnt >= LSM_CONFIG_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + /* + * A security module may call security_add_hooks() more + * than once during initialization, and LSM initialization + * is serialized. Landlock is one such case. + * Look at the previous entry, if there is one, for duplication. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) + lsm_idlist[lsm_active_cnt++] = lsmid; + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Fri Jun 16 16:50:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283033 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57FAEC001B1 for ; Fri, 16 Jun 2023 16:54:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345756AbjFPQyZ (ORCPT ); Fri, 16 Jun 2023 12:54:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37484 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345890AbjFPQyL (ORCPT ); Fri, 16 Jun 2023 12:54:11 -0400 Received: from sonic303-27.consmr.mail.ne1.yahoo.com (sonic303-27.consmr.mail.ne1.yahoo.com [66.163.188.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2364630FF for ; Fri, 16 Jun 2023 09:52:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934358; bh=DNWNKvtAd3be3OOMSbgYgPBEP6oRo5dkBW/l7tcDaJU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Z4vN6IMY8F8UeX+EhYfztwB4NqBYVIc5Xc6xPaCDdH1bYnoBhxA+WfR88KqJAGMlUotL9ioEcs2iy+eCyqbU72Szvxfl9s0cZRTnT0Xmkuyni48fdxREMd1PQUdvb6ZMtYRYZdDL0iaw+Y92c69hU9W0PYiNkvA0uxpaLUtdPbDdrOhN/sj5nFHuo919pQ6iMIpEp8eXmi1IC7KCOzOhBRqpqiVDeB9lg8TuVCT7d3quvbeanCN4z2AST/1VpiRDN9vl5QRjG5XGXYIwBB89r4mp8TSdM4CXjSpBj8WGPkWOOJMPeZZe/fhjlW9Sxb7+Cdwb+da16jx5hR8qiFuFFw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934358; bh=t+4IUkWeiK0dDuOvCw0N9CnVzq99glyCiHMU9RRJM/v=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=o6VeiKp58yWQPY2ULVmYqa/+neV2gbBgJpyKRmD9+JJuL4qiF749gt/RtfycJWDAJ64wh2kF/g1+SdBVLkclMLIZ9JBl+QdRaUtDAOMMG3vEL94Tqa79bkpPgzOj9u+QznkUpIRDDKJA0IU+3ItMPlj1biF+pE2nr9yxoM+66l6qcLmvvrHT54Vq2l7NodfmRYhi3OyedNJ37l/s3AEbIE4/eu4svjoUigZoXqmKBQ2wcL4GJSWnQa2K7mf8/xnXtuBx+TiOkDwrcNDphlaQ+O6ZkvX4k6RIaqHGD17qhoH7niJw8+a5Ph8yKVWMaAO7RickJimJ5updqnTEOgJJ0Q== X-YMail-OSG: VxzDtF4VM1n8TFIQSOxNI4ADqjlPRBVFmfa3rjDQmYtxgQ5_15vKMPVGkZzViES YSclR0gLknANztxulLBdAykwx80VWagX3FdjnJ_MKCYwGsEeSFIcRJfik30BKCf_IeGZ7jcdHn85 HJtfueh1cwGRzpfYijTgK7RkXy3LpYh2upX76.23MzubFYINiJ5uIqWmc51lenV0hl6qdhkT.Q_i Gxo3XxjSV38Nwr5mH2sK9_E2TMTVdryH4zeH.ykX3JYTA5SYwR87Jnyn7pmaz4Bhfg9f6pltinEZ lhgN24l895vnjdoQdigtV.O0iM8cRPammqeLHItY4JlUdL3LqoOCQ086YT..CWBvy_5ox8x_LlDS yEcY3xd_cTMpr.PLYBQlxvNsqOYFGlehvHtpt7cyYqXOfgdery5.cm3iUpigAdoKH1iDIYP5pgeB DoqBMkv6MkBdgXa5Ve6oDh56UMx9VCkpOwA5JjNwH9yTAZar4uThSmAseRS4fZbS092ErempnPrb uGObkWDkStqzw0eoEqjYlu2sjsYL57lU9m8Lz3XUaV_0jE.YVUPPahXNwjSx0FxekuXhVdjxELdV zd1gVW1.e5orhZ8JZSLziJKI5vs5TYnjjSsiDpG3sLLHzO4TvALrzwgeo7NPfOZu0eTIh3WuHV3M OKRbt3Ookepw4_xzuuMZaeyQSdTmN5UasybbzAhiiReMFB1pUcd3Ie2MZDkiaMt8r7hfKn5uv8Sh 9pAqMYR3DabKZCG9zzGI12zC63LWzGDi2IrdP6upQm6jhpyH0yM3N_BsRRWHZgy2x2iFdyjsN2RU l3gUHNImJHkHoF93TL7XtctbC3xf1e9V47ppgUOr3CNH.wDWH3Ad4eFUZuR0pvg0GYfZVVjtxVBY 1MtI3OZec_GpC..skCkgIpMoLtqWMBN5.MkRqs2KNaAgd_z0W_6u0ZcVzWecmLO3K9wqFA310gq0 UWOByUom_mgApI5JylqhkAECGXIBqSVlleKtapMTtoeKusWQBH0a6BmIyRH0a_b7B2mJz1ET5MgQ TrsrFMh1dsdejDrmIad07aQH0LvZSPb9QBvOmZklkCb605HUsl_TNrX8Y.tBTVd69WKsPbUQxIxB rIFshIlSeX43oBkrSzq_dPlN6Gi7gxN6mObPCVelZfJWI6hniniT0GEQeSrdPw4o6ninlaPv4Cnu SnuCUzBxlcdjEzjShVK_6J9Jw_pg3IMs8PUr2RoK.61vECUM2S9Ppee.GriZwwqB.2N6tOc86C9l 6V8tWLtYEQB80P.H0uYjHqqO_fhajLZiTUDaAiQC1Nd6XWxENVU8_iSnmiG2Sy28fb1SflCUWULw uMmRLFSFl1IW7JKXahWS4czON3g4pBFcmRHPAhE_NO3BJ.rC0ggJIRlkokEC58joGjAztn6Pt0TI WsDBPc4ovMls29ZaMIbd8ADidkyV0Vz4HuPselDakdQO.pQRnC_sranFxVXc85vjlNBlL9d4R7UZ vSpiNEc5K05x.wcCyzhbS0LvmagxxwoX.NJo_97Fz9tI9F8rt99Up0_7KYKOqebhFkyj1doRzKTO JxCofSBOaXVQJfHU3tTJtAvGNX0thb58U57xqLGr4g9_8AAQRuwLTKlPRuiNFEVXlfA7_y8sYydS _lm1PKMH64YOKe58pO1kICmVCbiP70miX3Z.xRJUJmLuA705X7k8fYp_2IWx08vsqDtF6zTejg71 6mjGct3oB0Vk1lc0beha7pKSjjIP7dc1YQkWkIf9mHEdT2iv54a8z3Haw0JDb9lCmlWKzFbtaWlC ciAMciJWc44IPQxNyU9ytr64FHhlaoz8uK0pNBb7WcuUiShHRXw7YO7ZiAcRb9r0aI1tFkvyuvOm tQ7UwH1Cb2yKwbRqKMe1Ulf5JOLRT6PJd.Id1I_3MTipoBZtE642QO7v_oly4mrqB0d_xHLyMzzt hg65ja.NYUY.zKVZJclrACuHifguHkqovZPdpD4.jX6ui0uLcpno9OsYW0pdUgftZzgKRQhEB740 kFCUpvopxPBdkXlm3N_GsVUv1x03tfS5bCxHaiwg0K2S25iJWwKhKLK3OBi6.uFiA6H8WtaW3qI5 PYR0OK.2g4RwtQtPTJmwdGKodzaFHJKMWfv8lChWisDBUohsuXGQna1xunjpDAkEY3SIC6FjVQ5R Jhn44cBLT3bhizYueygskcOlNWWgjP3Qtt_SHyXwa7.8DWmQTeRwcwSdsvCSxs3tpBgLr0ckfHmD htzmb4HlA18K.3FLoA1_VwRtw8YFB1UWl8TtE6psOLKa73z8i098sGhBiwAjiryyzzdjNwNXDJTe Vr6x.dx_J3r5.bd1xKrQ- X-Sonic-MF: X-Sonic-ID: f81caaeb-5d63-4e09-8ab8-35021b7add7c Received: from sonic.gate.mail.ne1.yahoo.com by sonic303.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:52:38 +0000 Received: by hermes--production-ne1-574d4b7954-r69wt (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 46e5733d7b6da7b60f76f64d6170c2d9; Fri, 16 Jun 2023 16:52:34 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v11 03/11] proc: Use lsmids instead of lsm names for attrs Date: Fri, 16 Jun 2023 09:50:47 -0700 Message-Id: <20230616165055.4705-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 15 +++++++-------- 4 files changed, 28 insertions(+), 29 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 05452c3b9872..f999bb5c497b 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -97,6 +97,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -146,10 +147,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index 569b1d8ab002..945101b0d404 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -470,10 +470,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1332,14 +1331,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 39c5225603cf..501c0884ec03 100644 --- a/security/security.c +++ b/security/security.c @@ -3800,7 +3800,7 @@ EXPORT_SYMBOL(security_d_instantiate); /** * security_getprocattr() - Read an attribute for a task * @p: the task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @@ -3808,13 +3808,13 @@ EXPORT_SYMBOL(security_d_instantiate); * * Return: Returns the length of @value on success, a negative value otherwise. */ -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } @@ -3823,7 +3823,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, /** * security_setprocattr() - Set an attribute for a task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @size: attribute value size @@ -3833,13 +3833,12 @@ int security_getprocattr(struct task_struct *p, const char *lsm, * * Return: Returns bytes written on success, a negative value otherwise. */ -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Fri Jun 16 16:50:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283031 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E1BCEB64D8 for ; Fri, 16 Jun 2023 16:54:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345805AbjFPQyX (ORCPT ); Fri, 16 Jun 2023 12:54:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38578 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345870AbjFPQyI (ORCPT ); Fri, 16 Jun 2023 12:54:08 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01C274C0D for ; Fri, 16 Jun 2023 09:52:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934357; bh=SISrEF7dfcQb5ImkQtt8tiV4gey3h75Xjoz2C6oe6hM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=OJ2Bx+RmydJI0TqR0K/xONp78I5h6OmXE45j7MVzr07i0VM6saLk0D1gZsLPO9EInfKDqMc2cqLvqdT4MCvZH/CwT8ZTkqiIliHuZb/jo4q4ErpVzlc3tr6+Q9SLMJubwkE8kf+bBt0I3pQ/yj0zhv01CBoho8z/PNVM0JS/QAv4B0rJKo7GbV9nUfPnl5PnQPAbdJjEunpbH5k0sn9SVhPzoTcXFeteegDeykmn5RMUe26jMyP36ckHhjn7gWmFoUaZjztG9V2LwZpPmV4Yot2I0NJZmzMpLaSO5Wd85i6eVb1ckjMP2ReMuNPd+bs8dJAaPQrofDz/DQHXKwKbCQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934357; bh=qjdVfySiO1qX7pIe1auJ2poOSJWyKuIgteX6gA00gaV=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=QCXfwP7CEjrDnWT7V7zTCgp6AaCDpUCic5N1N7MGbOAr8iujMW5qn5l2C0RBoPiR/7Sin/vib5c/UykZVhwDKOLJ2H43x0MTyM2qQ8vIFwFDmp5uiiiRKCcWfGX8ARta4Th3w3bdqU0Ma9D+qE4AlEvM0HSwTSWgIeeRKLq4jP8PCkuOM5d7qelUxSFKLFRxsb3lL2FhnFr1oJlcMApJ3N9HEJ8rW4N4njN4V/eiDX1UtKXF/lEhZrgTi+Fy69U5uDGArehNF0k1/sGEAf/Wu+wLPyRZgSSMbNFZ2vn1cA4znb4oWwlNTyyZ+imZpXQopbLjyCkas2T8SzyiZNhcjA== X-YMail-OSG: EUEKHwEVM1lhdL5_Sp868_6aJV4c8dEQvL.mHSTr_BV6S2OEatiCBKH5KEtDh.Z q6dGTilVWclWy8LvGZbs4EbFGmZEfLjuOp0t34x9WFo5fO7EfubLUT9ty7CRgiB3McJFWYlfvOuT muEcNPvv.xbpEWCRfMGVwyeCkUX7vRUmbahiuMHapJ.KyWU3mjC9R_m2Hz0panVmx8j.bIwTJwmu PPO37G_Dcd9aSwyQBSyUkF8ndM01hR6XWSN5zY._H5lILfquok0jajtR3KUyEqS8Mw6TokhOs2Y. ixgxIan3MOoB6Uchg7Ng4X9VcAEhyv_pjynUEaiCUA0o81I6sX9yY0dmfgnTQuNO0rq60Szs_q9n EYT3ZCvDuQvNzz_LP_g6WN71eBzlQVEI2TgzpRlxCj.kjt5g5mllVbPW2bFdb0EaUEq6OeF_1aOC rufmRErRos7CGEgr9rsNWe6pkzFbFGF81e3a8Dg542SCE.YfASRpMzDY3THru90dHm7lh2fuMdnN oFRQouxZ9ZhOnEkz94LF8bm6qLfo6t3srQckP_Zw3qQvNtM.GiSicY4LU65L1T5RhXkrrdf3EtYN o6eckJvi3RCpu5OqaHrktLoCJgLTxjb_dyccnyLGwBX2PQqORqsY00T3hRCl57A.LBbJIstfWXTI wbJgXaLuZL.KOayKd5.2wqxbJUtrDLJDx.QiJJ5P5UJvk8SxPmK.wfszVukVJbpsDE7zjrN7QTCk XZMgLD0UV6Fr4REme6bC9PdV2XNOVYF4.gN31Jiqy17.NBbkGf19xPe4yszLPANTUBkUeMXSs7XP FooXlqIABJYFUhKus0sENkh7K1g1olMr83X2dxzsWvbgIp7FPC_VeBSzaBGcI9QX.jC7hAJgNqXt 6CzWt_5PnondqNdExUu6vwE9wu7JdzAykCikz2MQdO3K2jTUs_t5jyEU2iBIYAtduHOnjd8Z8cHi f95tzA9pb.t_2lST.js0FxYzXMLi6x7PdFUcmoDvj9dJKl2B1XKps5aqk0w8QCUoQ0mf9vOxQPYP RDpxLWRUd.1vM61zIwFPHUBsnb23Tw3vCm5ZvHmySBYnjocmlsiBye.10XmDUt3an7r9jKOMywG4 bB4SmT5mQY_MJaoHl9zLZOBq8HNpkwjrnqqJODpcSphdkHWxaUQ6eJJd3ghKOAWv2AKzUVm3m8LC FghOHJh0STuGwHZfCqkTsqwdn68j0sKFJT8.E.eNoJ4JLUsCKMUuCX7ekpBJviVUWuBUq8FlNEb7 d8W6gqedNVF5ok8fy2.upN02RvXC.adNVrPlwSIFPpYDDe.XfBeafcBeEQ.zI3DQgW47OMDsrpQQ eeOfVXX_K2rbyeGENtJrYvSQCue89an7sNvm4KSJPkOcEax6MQyVxWqbazC6yTqk5D_9lEL.gMzE JHteEAD1srPU0hHppQEuMM6I.NabCNXCviHO0LWvIvC7B5PubB869SeUMfX.lj0nWEnDTiX192.X V4iiWdT9_k8gYmJQJsBjTpWdhmS58Y5MPYRzbsSgTloyc1OcOL4lmkapMe6cF.JgS7iUIqP6Tzwt 21jUFum1WaGwRrHle07xVriallE6RdY_EiSifEvlpRNYWkPjN10R8bHM_YXhzjrK0xMzNW.NiFhV HSLTnKRS_Uf6OR2.Kv3SVMsYK95fFqr9ehTPYWDoPsQRoiO5aii_IXEMm7zUfmdRgteRFBdUqdSH k5TjU44GrRZlA9AYDzZRHpquhv35xiLZige71yIDY7Sd_z4l2tLcBWCmoA8QqHlqyTL2bLxuFIjC BPmWZwJj6BYPf47RroeoKcJEW_aMRpxievmXPTvTu9WUsfXe4cqz3oBCXARLHr9A92q6oPFiMQMW iR1h_ASzTIetJ7jjT6VrHMBlByHOBUE5K5RKn2l6Ln3T73rFM39vCB3oQW2sMRmE9pUK0_p4US4A LjdtEV0NME4skS.JKLxp1UKSmXD7DLODnX3.cqbjw5139isaSxZf78UH5UoGm96dYxLZ_6ao4nJ7 O8A4oZbDp.CA960hQAeZ9oL1YmGAAMGwOlLBVa6SLR_Z356FukSyvTHy03BydK21w4FrqeG5pHRL ymg57.BMIBWzhkjjfCeDo3NEt9TWVLDBnsG_3GRfzl_hM9JvxlKIMZ5fqL.TPCBXsYnyvuZRrzgS 6rzQNpLtNWnS5du7IvvORtx49mqaUVlRlzvKuzyYZUHOoGMW8wRo2WThzHCAqYd1ipbKuext7S3c cUjai0Kd._PIyttzGDfE5C36XUJ79gyLsZfTfbBZDG70QI77NMRX7iVu0Ch9Lvzp4pKNiXtn2EFh l_B19VGPxfopPP0WZ X-Sonic-MF: X-Sonic-ID: f593fcb2-e8e0-4032-805a-72024d8172b9 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:52:37 +0000 Received: by hermes--production-ne1-574d4b7954-r69wt (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 46e5733d7b6da7b60f76f64d6170c2d9; Fri, 16 Jun 2023 16:52:35 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 04/11] LSM: syscalls for current process attributes Date: Fri, 16 Jun 2023 09:50:48 -0700 Message-Id: <20230616165055.4705-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifies the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- Documentation/userspace-api/lsm.rst | 15 ++++ include/linux/lsm_hook_defs.h | 4 + include/linux/lsm_hooks.h | 1 + include/linux/security.h | 19 +++++ include/linux/syscalls.h | 5 ++ include/uapi/linux/lsm.h | 36 +++++++++ kernel/sys_ni.c | 4 + security/Makefile | 1 + security/lsm_syscalls.c | 55 ++++++++++++++ security/security.c | 112 ++++++++++++++++++++++++++++ 10 files changed, 252 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 6ddf5506110b..e6c3f262addc 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,21 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. +Kernel interface +================ + +Set a security attribute of the current process +----------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +------------------------------------------------------------ + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation ======================== diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 6bb55e61e8e8..f69a7863dbe2 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t *size, u32 flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t size, u32 flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index fba8881d2bb5..9a3ae6b33d7b 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include diff --git a/include/linux/security.h b/include/linux/security.h index 945101b0d404..475d0abfebda 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -470,6 +471,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags); +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1331,6 +1336,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_setselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + return -EOPNOTSUPP; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..9a94c31bf6b6 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; #include @@ -1058,6 +1059,10 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, __u32 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index f27c9a9cc376..eeda59a77c02 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,36 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + /* * ID tokens to identify Linux Security Modules (LSMs) * @@ -51,4 +81,10 @@ #define LSM_ATTR_PREV 104 #define LSM_ATTR_SOCKCREATE 105 +/* + * LSM_FLAG_XXX definitions identify special handling instructions + * for the API. + */ +#define LSM_FLAG_SINGLE 0x0001 + #endif /* _UAPI_LINUX_LSM_H */ diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..d03c78ef1562 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,10 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..ee3881159241 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: reserved for future use + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index 501c0884ec03..ca196b585996 100644 --- a/security/security.c +++ b/security/security.c @@ -3797,6 +3797,118 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: pointer to the size of space available to receive the data + * @flags: special handling options. LSM_FLAG_SINGLE indicates that only + * attributes associated with the LSM identified in the passed @ctx be + * reported + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx = { .id = LSM_ID_UNDEF, }; + u8 __user *base = (u8 __user *)ctx; + size_t total = 0; + size_t entrysize; + size_t left; + bool toobig = false; + int count = 0; + int rc; + + if (attr == LSM_ATTR_UNDEF) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + if ((flags & LSM_FLAG_SINGLE) == LSM_FLAG_SINGLE) { + if (!ctx) + return -EINVAL; + if (copy_struct_from_user(&lctx, sizeof(lctx), ctx, left)) + return -EFAULT; + if (lctx.id == LSM_ID_UNDEF) + return -EINVAL; + } else if (flags) { + return -EINVAL; + } + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + if (lctx.id != LSM_ID_UNDEF && lctx.id != hp->lsmid->id) + continue; + entrysize = left; + if (base) + ctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, ctx, &entrysize, flags); + if (rc == -EOPNOTSUPP) { + rc = 0; + continue; + } + if (rc == -E2BIG) { + toobig = true; + left = 0; + continue; + } + if (rc < 0) + return rc; + + left -= entrysize; + total += entrysize; + count += rc; + } + if (put_user(total, size)) + return -EFAULT; + if (toobig) + return -E2BIG; + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @ctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on success, -EINVAL if the input is inconsistent, -EFAULT + * if the user buffer is inaccessible or an LSM specific failure. + */ +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx; + + if (flags) + return -EINVAL; + if (size < sizeof(*ctx)) + return -EINVAL; + if (copy_from_user(&lctx, ctx, sizeof(*ctx))) + return -EFAULT; + if (size < lctx.len || size < lctx.ctx_len + sizeof(ctx) || + lctx.len < lctx.ctx_len + sizeof(ctx)) + return -EINVAL; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx.id) + return hp->hook.setselfattr(attr, ctx, size, flags); + + return LSM_RET_DEFAULT(setselfattr); +} + /** * security_getprocattr() - Read an attribute for a task * @p: the task From patchwork Fri Jun 16 16:50:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283032 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3CD0EB64DA for ; Fri, 16 Jun 2023 16:54:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345713AbjFPQyY (ORCPT ); Fri, 16 Jun 2023 12:54:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37872 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345896AbjFPQyL (ORCPT ); Fri, 16 Jun 2023 12:54:11 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 55DC74C19 for ; Fri, 16 Jun 2023 09:52:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934358; bh=a7U5kwce0MDhdLD5TI5KgXeRpWWUTH9I4CiTtqUWD1k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=fpSYqntLMg0lBxTkPVPQ1X5G4agkRaH5m5OrHkWgLETYPNhYYbjgdw0Rf81+35xnVSK6YaPtxUNmBMoP2eUzhOtZVDmXaENnrceVVOjZuUEeElZPJvbmBiUaD97x9kTWwkgW+i97D1wXknX+9A3AfB2B37agz+8Q4nxxLmVYGgGs8fyXL+gaQqV/enuvezWD6sov1gNyCR4GqkZaMH1KWkaplWQRcYEP5aZT/w2Dsg4iY/2tAgfdOmEmIVk6iz+uugIy4J2W7VaCqgR/yPrpXwiAhe3i4S7bTV/frgxDKrq1w4zfurNBN0K+kJZ2raaaaxI1VwdVH8WhmNiwp4+OkA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934358; bh=YphU5KR5Hg8e4cmicgkZI/+gnwKjtnhUYJ//Uc/kmSA=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=rcf86PE7uNwCh6hW4a4RQ8Rhspl7haxb+DPecG7y2QBf1v3aG3nOLt5Vv0OyX+3RliaTdOuxmRBSRNOqMpb3CUEzN7+9DjZdKuWM1j8FFeewnfeNX7wRpJoL5YndB5YLBQop/u/yhvK5+CdcWxRBITpEUq5w3vCGZI8dMGSUZK1YaIZjZGpjCbxSGQgO/kgLQw2pdt/QqSO/3efFl6sLKoctHYKRy2yF7x5RAz6jo8U7pjXBa4zceTHChkUhmhTbcK0qO4WbbrhLIz17x4mmydNb0zAEPcr/0rxG2otuaA4s805Y/qp5HtncyAxH4oqWs0GcbQ8V9qh3QwI9HqGJ8A== X-YMail-OSG: ER.NFd0VM1lfe39OZ2bRl2TvE0CUIuiYYvKfbn19dtYMDjWGRnx89avom.jE6.p 5OiDQ3CLwHX4ZdjHOvD0PGJDvd_n7lyre4f.WNo2NDJnoDNnIvDlGtHMsjhcwLy_Xx8Ry7al8gaA vblVUviYLeK4pi472o5jThANHutacM6Nl7M6WUw7Jxnhl0muvK_TvKM461pyGM76IvVEa70tr.qY PJ9EXDEO1uJD1bHPOxm8zfFYUv3L5lh3KIRmQ6krqphDlKo9HYysGEJrPUzHyKxsm0I_YOI53Xee BEfB.xEr3ffShd.cbxoA0jXKdkIZg3s031rv1KPJ6Lz2QVafASR..hIwtOOujnqH4KqqTgSE3PDs jJcHgus.HZ7KlRcmSoG1b5SWsO1wQPmQc9OMMDYiqiX83ni_IgoHcJpKspzB3ukvUuz0lmvnsE6I XRKkSl.b9vCjJDMp0NdyQMDjJfdadTNH_KLGB_yEhzpPwto9rFLptWty2WFypJmQzfKw4YcusAnM 1wmhMojdtYkeL4kWFHj1LPU8B4vHy1J6YpXzdMvA7Mz6B.NgR8_I9IY3Pw.J1ObG.U6VpnzLtAzo ht1PCB4UBGShCSU8qHjdE28syKw35i2s4P8yf9sSWcUd64bMICHORKEzRuX4l1wKG06V5PqphV.N umegDy2ibunl4H_PvNHoCsuDd2EbW2z1tnpFjne.LL7uy9ROyWNAKWyNskMlYsYT3J_B4oo8fgyY Vpma86Nunb56BrxJ4CzMa9vWVLmUhDv2LB41oi8sJJOZXLuNrBa9cYoAmAQF_JUSh6iwv8boOUKT vFBo5xyapY9NFkd4lu5LLDph.LNuZ8twhom71BnpzyFeQsQgyW7bHIvJOepPbmWYZKty7MqgNCBG W9f4Rg.ceRikRvmcVY5rc9YkyPesHmA7cITC57zwMsbOpAn9SrYsJBYqKrT3Y.Jv5BxrK7zazgRB ndU7UyUOfFyCgpAGI52bWSC1ztHKiAfA_qDa2rOK.Z1FiyrXi4.HfmouFdNdjVMPsNk7RFWvuGX1 IfrdhrRX9vZxOU75DBiCUnNI4bYdUuIwLBisLNsTSw6L65mcnuNuMAKureIAqrGb_fXNhVtR63nJ 3xEcmQey.sPTgUSVBO7vRP8M.eknmYSEeA.rf8ni8Gw7JpKwSZgB7946WdO3VzSe7bmJOfvPuiES pZBYIXgnxeGSWJl1qngL3XcJYG_g5RZD7njsXU.Q8TuSrGfA604lFm5dwr6RqMUXw2YqFhT7ZXQA eKoEtf2giyq2zeaqgdyn_nu2JA8DvQebMeO_K3kSJkBW.ieJ6PavIHGxd.1TFiSy1jws3bCmfPRu IaLaNXNcf3vX8mEd3Lf8HjxR0MPKc6IwDJZXH0xZYImsjUvPOfAtPPfrtJZGUYRWpOp_k.rL4._e 5v3f8Z.RQDv59BnNm9o0irqhWE7w9YQposmwOrrkmwt_IVkRndhCgcmG83GgTkWE6MKcYQJ9viaX ..rM556yhsbrp4ZWbuRMjc2R3aLOpexzfwr.BwNP9RVJbPgtUG32Dnx4cZ.cUnzZFb3zygkf4vzg 2byWUE241w8ZSVdUIIVykpdeRV5GtERfajFcSmGLP0Z3LUetFkJCI16CWogb3dxvBrCL_zNkCVch 4ranVeCyWHHo5zkTYt4Jbs1N9CTaook7RvNYBSShMwBJFjBko_yYjr9J1gtB7deLnHm6vOfCdU7l 6YnZHTEJmCd9fMPV1GWRwPfi5Ydsq_Pa9GWY7KZoGhYCK51hRhtxvPee3uiZtqyyz0QBiEZy3sCG l93FCbKazQWajJHYIfI_MRGnHsbkKke5Z43etBS7CVocUqXpowBIOLh8fC2MuMIyhTAJCBhdkwDr bxfB6a_JhZ.gerYk09GTWaPZVVihibiq06UgZ18f4BR6nTPuAZ.53kMDF9XVQj2Nv8b.ZnNoBhRo xiLYJJr2tBHoP1kTV6HSD2yJw_unsNIwpxnJl73M95GBq2utzTlB8w27wOwexANDXsaIOPh2YB0d TX_5Q7GPxO30Z4JpFD.LyPR3.8h.1voGJF4h9oVmeqcxlfRmZVxCCTsMf1xzHMQ1y6VkCJwr.Tyw ODGMeXwhthmGj6dzCfum2lkJ62GSNB5LpBIt3Yt9UOObqEslND.UCT6belEiqoVc2kFhESdTijCo 4z3t1VE47F7FedsmI9iaGvprf.gIyo7zyQzC.hWA2.cqaEUQolhHjYDA.dRq5cKpkLdYyx2nsHOX W.7uz6LFcoihAm24kUQKLS7l6CnLYi2WjhUXcys4- X-Sonic-MF: X-Sonic-ID: af51e64a-94d9-4f38-9baf-a8101001c30e Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:52:38 +0000 Received: by hermes--production-ne1-574d4b7954-r69wt (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 46e5733d7b6da7b60f76f64d6170c2d9; Fri, 16 Jun 2023 16:52:36 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 05/11] LSM: Create lsm_list_modules system call Date: Fri, 16 Jun 2023 09:50:49 -0700 Message-Id: <20230616165055.4705-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include choosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index e6c3f262addc..9edae18a2688 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 9a94c31bf6b6..ddbcc333f3c3 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1063,6 +1063,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t *size, __u32 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t size, __u32 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index d03c78ef1562..ceb3d21a62d0 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index ee3881159241..f03f2d17ab49 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -53,3 +53,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: pointer to size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Fri Jun 16 16:50:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283034 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94E97C0015E for ; Fri, 16 Jun 2023 16:56:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346023AbjFPQ4S (ORCPT ); Fri, 16 Jun 2023 12:56:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37742 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345796AbjFPQ4E (ORCPT ); Fri, 16 Jun 2023 12:56:04 -0400 Received: from sonic314-26.consmr.mail.ne1.yahoo.com (sonic314-26.consmr.mail.ne1.yahoo.com [66.163.189.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 66F3E49E3 for ; Fri, 16 Jun 2023 09:54:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934457; bh=LGpkSE3eSGN3DmhL5xui24FcYxygPFbwX7hTxGSBCrc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=MFuTgekalnCWq9n0caisCwCEPiaW6BVoityzYbd/q+EeEaTN48K9aHxBsAYJ9TszI64UOLnXkPsIl9DrVPf/5upCds/n762ZGG+RbHgAYd3SwmM/NrmCcAOIMUaEYzmvTH9oKdssAaigSALJGY8/Fx5S87VhAU/NaMyYQNqD1GyrVaTvCyEYJ4gDHAYvlckG6iPIH42/pERiTjGyKkD5h3g2mCw2bqrQc9EXIur8nIwLOEGDTl5zr9FrbuVj+ft8qYOCdtleYDULrOuiAMl4afqqdwLa/8PwNhdAMJ607ScbJvvQNrbZ6k/e5y5gLm6FEToH0VUPptKRltvHGLrPPQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934457; bh=HvrrFP1tLanih7R5guLX2MpuVFIG1AOHGFPlYxCnW6c=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=eHgOXVRsBkQq/qa5hLeOiMQBLWemIRDmd6yJKZAJgQrcRtMBh/NNGBjn+fYa3NcXmjyVMszFgyywLoSinaUkWkrzQK9cvFXHJhLqdUqQ9rHTwSVi9C2NokM6Q5olJ3z/iiMyS+BffhrrUItNck5um/zbYfeVhYmV20mw+tV55XMF4n5OnSms1QoYEjI7PwWUwYQv4Hxkcq8ax4dW2BLp4zBM8vh0LNYRWrOvhNiMqi/AuXQpxfqPh3ua3o6qMfSymI4EBAtGXMp9hg7r/sjRIK5JiPYazZht3GS3k5Lrxd7P3MYPBJrUurVqKeqNah/5vIDZ3sagYoqY7+PZbD/qwQ== X-YMail-OSG: mEDqTgUVM1mbeJY2SMuWeg2ZEDFkknnMO39X0bjKXUmyDPycU7MNhDZM3Uw5MlA Fd55c5nnnUxFFgIG9YDbrtjNjdpFUqw.OXejP16tEUTNNIYALd3ro_2W8GRMno0JdVQ_OEEUvKjN KriWQC5pmEZ4b6qzuxpUZJs9UT1Q8v9fq0Y6EkCB6JgvGEUHTjtG5PI_KLaus5zcM5mE93Y_AzYG MO5e7S.N1fuFYVAPehwILJbb6rWwUwjXzrJHynBC0yCQ5kGQ6J6ehW7vWipcD9Rewu5WmOo8m.U_ ZNlT7wU.FM4BHf7IkhdNhio2uI9JBfQBEFvwo7tiDzuHC6vtMmZqdPh.F3Uqjl6YA9JhRTA724pI 4QjbwDFXzPCU5m7npqrS69gpB9ZSjBSb2QIrZf6DGRUOk9y9lLbvZDLxL.haYAZ1MKcRX4RL.toi MbBF94YW0GUQXKEaDX2bQ.FU3ZjkiMzfhCCaWLT8rg.rrW7m3IH.RD7ANj5FgBQhq2y9P6I4ahBh C4NSL1i48gzlYxn4nLnYQgq.9ojSQwbPT5o1iZAabzS_lPI7BZu07hjaTnj4ZjJfe05vJHPpE5Jj 82mX_SkMgw4EFwphCIdWyQCAepBgen5EUL.A_.tnM.dyjgfLcDEFGpdfTd.CVq1EEUIrBueEFRVA 2xyJRwUhzg_9xU3pmJU9amzeaxu_e0NrUKJRjCjmXJAqmwvF4G.ltpMawJMC7kZF6tCddjzBCTR. P8mc9MwEhxnBHVdQWpONT0zzPgV1HCQ2Bv0hto0YsMkE1yJK39Rp0AbiL5IJISN8sE.C6BrLVX.Y N8XrP.UTG5FGrXPwbT2BE9uO2Cih31fSQMvAG9R_OxhKE2LTKea7opxqkQ3._42KG4DE.V256Yh7 o9kVxHtdJOiBHUItGmupvyrQNfJUUNNohXYy6MMb6lKvOkNQTG_wyQn0J4qY2z2yVrKfZKQNoRam qSU6L4VxEqNipeE1zQC.BcEw4oTZzrzt0ehcbHWMJnZybxKx7awmuEHU6fahQrSC4YvZ.nJLacXM ye2g8DYhik6uLVM26YW_gJI3gyLbHqqR0mhVpWFBQnRkQFlCrwOm45M2VIDCV_rL7ZYihgqIlppo .y.gaIITj2.LJkyIu3cvq.DBquggy7cSh1trYGQBt0qls6l_uRKs_IgY2BJsW1c5onl4mk_Iz980 Qnj.0yh3_NkQFvC9zrimf.iO6g1ngCp4ZX0lvTgD80DDIoxyHdL3IdLqFKm1ymCGMx1v9KYUO0sS KPaeoXhp1FjLW6C4lOTCVUC3c0tqFq60rzWFtS4ENOXOlSHRjML8s3z5diaU9n4n2G6wvTpqRTkx HxDeSU6A_2pUNRzAAxSejnEEdihpuy9MVLGlqJDqDh7hVSUD7Vtf_B9p1JCz4Qq9LX4l0duaI8Gk kt0xDU9fUQB15IAoC8rNP.wECq13mK5EgQ1T9bjoNl7EyygCPRCmeL1mdczB8TgC_NmwefpUEaMy qxPbvI8OboHTx1ZlEXXXY09yRhX5M.YcGdpYl5vOsS92yBa96mOnbHXKCSDLy9p5ynE.MhCMcZJf G4HHzo9bmHxtdZhZH4uuNoGiSOphtz1sLUhdez7RXmlQQc2JnEGo_PvOSQVSsJUXbEn2dwZMUGB2 riKlGzgplA1XaznQPnE71na.aNPK33K8kAmBz_..bJIo0_66OIkUG3DmPeNcgcttmOZ3S_q.pbp_ pdqQdacrtbigopTDzP6K3BtpBgiO9kvh8PSv51ZZLb9pq_32NyytZaWRF8zN9pVx9yfsad6KOqII HmKeaZE.WBTmI5.U8lH3MZ.2dTpkNWzfUna__404wJqsw8yEllH_cu7FvFFd9qT1ZGm4.hBFcqYe MnLmkeuq9n49CvURZ2KPfzSqlwSGJJBW0RU4Z7_5DEq7vcglrx5W2egBBcXQTaDrRvc6lDZRQ7WH oWnHZZU56ou2CwYbU15dOtC2mqjidZNZgtnUIdSijnsSLDzWQUFpEc7I4kMg_lAHo.lM974hnDSt 78oVPABefgUcTKdQIpCu.7xN3DVVkDxWBWodxF06.ibhJnMC1mPCvygtcXljHzPMx6z7.OXopJ9G 1D1o04.DrHpi3_KKtb8GbfJAQHni81XxLlTVdavXDeeny3RjsdYlGYxLL6sDtwdp9N7fsYwbZByd VDTfdKQsKeCCa9Hidt48Zvlj2x72Ysdknqx.fpsqL9gSrD2KqZtaAO9u5fkQgO.apDDgzT.d7rrT xOgJN1XGaUMFuAgZBMPJc3IuSm.LgBZkZBH2F5OX477QWY1._tsAYIAnp1.6G2pYiO8UH6DOUp2_ CKmeNR3TyIMTKHxs0.H6xNw-- X-Sonic-MF: X-Sonic-ID: a7ac7d53-122d-4a52-a361-3568c44cbf3b Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:54:17 +0000 Received: by hermes--production-bf1-54475bbfff-xmg9w (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5d8e982db405aaa142ed4c0fa62627c5; Fri, 16 Jun 2023 16:54:12 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v11 06/11] LSM: wireup Linux Security Module syscalls Date: Fri, 16 Jun 2023 09:50:50 -0700 Message-Id: <20230616165055.4705-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 8ebacf37a8cf..178e2792c251 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_list_modules sys_lsm_list_modules +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..9cda144f9631 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 037feba03a51..6a28fb91b85d 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 454 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index 604a2053d006..72022ffd5faa 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index 72c929d9902b..c52e9d87f47d 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index b1f3940bc298..31eac3c99d84 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 820145e47350..5037fa1f74b8 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 253ff994ed2e..29545b3ec587 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_list_modules sys_lsm_list_modules +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 8f243e35a7b2..d74fd86de2a2 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_list_modules sys_lsm_list_modules +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index 0e42fceb2d5e..d1a5f3120d6c 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index b68f47541169..7511e05b785d 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 2de85c977f54..1a75a599bb55 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index 4398cc6fb68d..80b165091f6f 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 320480a8db4f..130f9feb9eb9 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_list_modules sys_lsm_list_modules +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 52c94ab5c205..2610aba19802 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 45fa180cc56a..93f89fb06ef5 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index 799147658dee..f9257e040109 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently From patchwork Fri Jun 16 16:50:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283035 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61ACEEB64D7 for ; Fri, 16 Jun 2023 16:56:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345929AbjFPQ4d (ORCPT ); Fri, 16 Jun 2023 12:56:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38578 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345926AbjFPQ4H (ORCPT ); Fri, 16 Jun 2023 12:56:07 -0400 Received: from sonic313-14.consmr.mail.ne1.yahoo.com (sonic313-14.consmr.mail.ne1.yahoo.com [66.163.185.37]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F423449F7 for ; Fri, 16 Jun 2023 09:54:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934459; bh=hkkICAMFOno7zoAkCOb8c92hBVZqHMjIHuFkSovWfEs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=AD8JUZakTlHp0laJVuze9Ur5+xKR8xJm6iowsiHPoODOZO9ULuUYzhAUWc4Q0lPZ7VktMdTGUS2FiSUroUYv4/mY9J/H8NMrUlumA0aZjDjcwVadDma/F0hsKTpDulTwtPylYM8sXFwzXd6e8IExqjcoFm4TeDSmAAf1wX4JNrIJsc1SrEhYmKH93vb31ZHR1R34N0kon0f/W+09NCsTwqkmTX6jV89ruuACISwguED/S+PxOipAH4f2s1Qj1T6RO8jnjKToTgcmRSwq9Jzp+7OL5HDDF0kJsZJ83a0iuZV3kXeDpsfPhD6rpDXeGAHEuzAc+BAl05gT+/YC8LFzww== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934459; bh=J3JgBdXEw2MVf5zcfstPG+gAsFEEyV6mUjQMBrbNJwL=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=NtiCARAFSa3S2Md3+mz8+6+5xE3imvaBiOx7BzOfGWJNJ5Du2DrMbprO+NJKaAWNdkcAbSIMEyY3ND+85xwiisyGFn4o5aXI+ZLouBKT62XVPRvHEM/bXblaITjdx7cqiWdb6pS9GqX8KMjWLy/exDKUIyb1Pj5WPNW4QNZ37bjXqfgqRNXplFAmYzm0xCbkzkVo3sXy0CihLQ3w0+YSEE8r7Y+6mM1b4gxCCtgLrYy+g+WHa/7aU1EIFFTnU/L5G9k6MtSKAZ7TcbmQuFq8dfHmVZc7+64DIWFFuZ5X0M1ELRZZh0ijaW4mZKa+XmAYqvmy4sQMMoXElLeN81irHA== X-YMail-OSG: x_wBpOoVM1mebXjvuSUbgGv52H1lXeDB0Ox8ZvrpMWPMWHLxKsK2CjcGiya07YH cRA9v1NViw.Y49X63wUUr5rLmLS4ql_bGNsw70YMgveyqH8IWjDNr6OLE3IGtXguVzYwCmPrLnCS ngH5IbfJ5ZcBBydfe5j59Ncv_.rDAST_wew6RRmFFegUGkEaJHTpc_afruKCn57t42Vwz_nnByg. mb_HnFMM7DWfFh._nhVLYChdmsfyL8wraxmOJAazZh7unk7kDLmPCh0_RI9DgdD.fBdLATji_5ka 8ka2WjBol5xbD.iT58SYiNsCy0JM3FoZzXkkbXfzH2NUyrkVfB1GNBfFb5I0MFkaW4yhYSbI_ZDH PjzgqrKrA4AzvHU3AR6ehaCjlxfUvb9A80gXUbyGQwC443yb.AZhCa9J7L2x5gSz3vdYDr_eYmsi w93XqnDfHhoylHJ_jGomiKquOBoGXg2YaZcmwyXNmtqb1h1lbSNUBrQr4YzVR_E8_sxEYl6l0icl wDNInR2SA4SUvoKuwQSKcz9GeFfiDAoNdCZVo8N__y6ZMK.VQVqnKzCOvqa7ip20z58PlSGx6nxR 02.NEKWodTRlnoJMXKjYt1rmnUUPSdHcQ20PUWxhCQoqT8D5JuKZRBviZsLnfS10T755BHeRTTRI qGLfUCKsS5NjtQ5FtX_tBLUGRkhz0yNE784zJnQHmLrdQNzoGkw6OekZPHBj27OGKwIc7jEwBw8P bWAL43UAadkVOPhP4NC3hc2nGSYMByxQ8fA3XVfvMeckqp7ZQlPQsOS9DXup0ucmc5JztF8Xpqkz Ir.FetICdcosTtr8XG4DnjLGvDycOFZUwGVvZ_0G2xtNUnVKh7C6NJSktHWBWteGkx92t_TD5lz2 V5PN0Bn8UFX8lCfX6SO_EUaeZjR4ruRvogMT6TNz7ddz7yEx.rq65cKhymOtCcMydC5y1yIRAy5V KcbRTLidxlKahnBtynMLfX6uDBjoxPcIDD43LwQA9SJHnbCNmKVABlA1v.F24GSoNcgEvVwDjXqF CbjOxLMkdvf7Gf7EN4H5AuYp2zQIIDp0jlnNj2cvTC93ohBx4OXNI0j_AtrgHDOv2PWDRPIt7Zwi wUwHqryqQWqx8hd_XPRXUWiEe203qhwhvYefGch.8uL93bVzjTmYdNwCdd64RJGmOvPHprPjZHGf r2jTOrS9RryWfhJVg0qbaP5ZthyfFK6J4dzOFgN5nVKDuHyNfGhKBmWtMaEkDhLpT9JXZKcgTuGe U627a7JULXsuXBVD1l9Btjk715Die4Cv6YnjV4vkQ0.xt4IsuDFd.ipq11qskDAUoUc1.RXutWh2 DzrupQioxVWrcGWH2m4.2WfoYTos6XeUJm9M3AxEzmo5.OoAlRCjtj0Fn5L_5fmQIixh6.W0V5Um rMJs0Je9LUxYCODajVenJJsK2A0gW..eTkYIceFAHnHn8p9ZIAsMg2yzhZkMuWOI.5tuu9XIdbR5 2u5kp5eEDrhKeqa_iMjnOFaYIc_8iA_IfjQYgoDZjMdm.4Un9zv88Wf.kbGqC186Pr_qaNBmAUqH 8MyspH3NeYuFQT_eNVVlWOXkQBrsdzsSajiF664lvWIoMjbEPXgaGm7rWK2TpYO72lpnvRv_OewD YiX6j9_TyLbECEux2ej6aPDQrXweY7B8HpuX_S_xVEAyIKd9R.B_nAazCVmBbLa0KD.369BIH2hd GEA8Tp8leU0aFnaYCE6nI6Ri9lrg6N_vpkkYGix3a7PIx_5PJds.IdqkwJJIVQoqq7PZcBaIzXeL fWqblTm7P.lbZLwHnFPiTdzqpizbtTd7JMQx0kquxU84HRwd2i4SbJvwOkMr9AsINgnBJNCQQpgp xNfUEbRN3NJecMmSJbTmlV5pt8SS08wTd5if34wnxB2vb6c1Us25Pcu4lLBzKvVGqxf3c3Ey9FHT FoKxP4uAuhJY1XWtCZWOZzVKL.CTrIlDPJ_1IYI7LFDXOSYHhAhmxb_K4XqrgXu7k.kdCS9sOosz qXDnlBIsSXLNL.P.TCRbmSYSwm6ep.BNwjpjZjDfAdhT3PUDp0yZCSLB1qjnHW3uDdeoGCsZoVn4 pH0g.KtQcXBq.fXc9kjnE1K9bkxTgzLZmegjwPnXW7rplItUDZE51kZLEkPt33O.w_WTJx_wF2Wv tx1yqT5rrT3XPHr02Hfmho2hJibi1BhrR1DCq3xGvVHYkMoKllUI2NN0lCWy9IDJXVCcFORr5n4E cAlAMqijw8scPVIRR8MnXHAyR77fmz7c_alRAF969RD0_Q44pMN27wRJgwyoi7CSXa43DrSVMEpr eru0cdP2WQAv7X_MSAv8Y X-Sonic-MF: X-Sonic-ID: d358cff8-b066-4f37-be52-f5d74aed472e Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:54:19 +0000 Received: by hermes--production-bf1-54475bbfff-xmg9w (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5d8e982db405aaa142ed4c0fa62627c5; Fri, 16 Jun 2023 16:54:15 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 07/11] LSM: Helpers for attribute names and filling lsm_ctx Date: Fri, 16 Jun 2023 09:50:51 -0700 Message-Id: <20230616165055.4705-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. All are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler Reviewed-by: Serge Hallyn Reviewed-by: Kees Cook --- include/linux/security.h | 14 +++++++++++++ security/lsm_syscalls.c | 24 ++++++++++++++++++++++ security/security.c | 44 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 82 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 475d0abfebda..75ac91223c2d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -32,6 +32,7 @@ #include #include #include +#include struct linux_binprm; struct cred; @@ -263,6 +264,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -488,6 +490,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -505,6 +509,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return LSM_ATTR_UNDEF; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1408,6 +1417,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index f03f2d17ab49..bc22f05e2d8c 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return LSM_ATTR_UNDEF; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index ca196b585996..3d8c3c3a6d92 100644 --- a/security/security.c +++ b/security/security.c @@ -769,6 +769,50 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * The total length is padded to a multiple of 64 bits to + * accomodate possible alignment issues. + * + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM + * if memory can't be allocated. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen = struct_size(lctx, ctx, context_size); + int rc = 0; + + lctx = kzalloc(locallen, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + lctx->id = id; + lctx->flags = flags; + lctx->ctx_len = context_size; + lctx->len = locallen; + + memcpy(lctx->ctx, context, context_size); + + if (copy_to_user(ctx, lctx, locallen)) + rc = -EFAULT; + + kfree(lctx); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Fri Jun 16 16:50:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283036 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4B475EB64D7 for ; Fri, 16 Jun 2023 16:56:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345965AbjFPQ4r (ORCPT ); Fri, 16 Jun 2023 12:56:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345966AbjFPQ4K (ORCPT ); Fri, 16 Jun 2023 12:56:10 -0400 Received: from sonic303-27.consmr.mail.ne1.yahoo.com (sonic303-27.consmr.mail.ne1.yahoo.com [66.163.188.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 243754C0A for ; Fri, 16 Jun 2023 09:54:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934463; bh=lB5ScsLeZipeYbWB53q9EtR+VBviso3GISiFZDLC1tU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=Xc8Ij6KPmF9jWIsBgq3+QfXQj0p5jf4b6ZZHhfb02QcHpfEGg+BULOK/M9onKNWl127x2EAPNWDX7J8Vy8w+ExbcA2bvSD/Pk9RdqHXvoWo3hek2T3P8jrJvObF8BW6S39gr9EiT41LnTmonJL2AZGq/Bb7cEH/JmZId3aQMlbF+/wnRWVNNFyt7F+aS9z4LY+KlaJNffXapOGWXvKcO92VpqGJmkRBovtXiELoZOA0cimtSnbvxLrsoj7RLyuxsS57YsRt5uy9uQpD7hNR8tLzoLmTHQvr9gFtdbvd5Lgdq2qCFUaT5yFdwQ1QAorgyCJ/eTifRi34u0vVGaJOvow== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934463; bh=rye4agGzn22BYoEahjru6FROdJ8+68lU84OHhqMDXwX=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=DhYUznzxVRbE0LGJGDrt7jfEZGFPY+2BUczrREuZnIEEZFmLohXVKQfVCY0DTM+wDFh18XFsSYIA/ZDx5oqR5ixSsJV2sUS9T9/tGPKTXchYiMRAH0aaD2veE5yBO9oWQtnwruW8hRfrZbr3TnPecHwChiilVI51tniVuuDYlCdhhPmgGvbC/oJi5Ovql0A9dgEDIDIPAQavYpW+jhqMU/Dl6dgfK4BpHFOQC0IdUFm233TdoNbJxVAcFGWKg6TSb6AJM2+cLPvC7yIro378jwbh49rv39cSooLmxmxEzLBkKw3N9Ba56YLDUlCAp5vwlUU7K8ySY9OonFWDadpPSQ== X-YMail-OSG: mH8G8lYVM1lPnJg.BFfuhwVX.VP4fqPx.bhhIfvt1wBIxfm50aHTIU9hmEiigRx uM2SEFATfUFcbV5vA84NuytvsOILOTP0DWobo72g8o6fK3JZ1pWn1kT54gK8okWzP7_NJyMehPPO 0UDsthRdCE1QJQh0UYvukH2XkejwK20Q3UcECbP41uH7URIR5wK9uQITUWVou8dIIOrqcrpcg0oE JSpYXyMHRWOv9sxjwUl9P_IBsTlZsP1RQLqevE4aLnBbVJmluxBtyLJ6xIPGLrCpSzIS4NRBT8yj PXSyiZ8b3hLnBrhJC_5lXag0ilUenJ4Go8WA.EsNibq4R5pYJhgHxT53bcRLfKtK4YGr4z4f_3Rm 8YnfVETeP8q0J14Erhi5CNtaaLluRB2n.ys5GQXHPL5OBSs3ObkBXDIg5J82HmVfAQOrridVgusw 6PvG7U6ya49bGUsbfA23quscwj5NhvBXSpxXlW6xDlY26huAPgfxrZLl3YMl0Bl6W5rT9vNKO8en _sJhvpUmgpKuVF4fEh9aTyPVZRh7v0SqplOx16Zd1iBftfkgvip18ZfY.6GzWXUITaHi1rTpH12A jSNcrAPObVUEP8IdhiXfdlSQukBtIkURaSuJYs2Q28xrGYjxenVqospyYmTAMu1voCbrYE1lP5P0 0FAzQpBQ5fzZKE6aQc7PUfs.GroHPRrSFuzEyRTC8QFA8K5qnBmDNX4YId.ry4fUgOfsvlSZ7Sbj _qxpx0aAU5M3AjWfIMLsuveuTObaCyd3p0o4yO4JDsnGvbwvQJvdWQpsVsb.3RmocL1hmwMgQY2i 3CfII172om592CKY4W22aIxD2Y8OXhQxmt9MblYWqbwcfJyQuJqgCC6c1hex0_G6OF57HJkwhPSr nA8X8G59RY.WFtVcNihfGAw.FnWC0_w9NxYj88vT0pPlDKQzgxjjNLrIbSsgkTAW3RCWaQhSMHJw 6xv_p5Mib3_DJyXog7Wq8j83WycDHewMr0kaK1LlOtC7yEofiTkPGo35njAY8FSL2vEKN0JtBwiB DzIlkUdNHkZYin20sXxiJrnRs21Vta3LI1RNrnvQvu5G5F_CrJAxTNrKIjeNmE5WTl8c7.5NwPNc 94L4k2lsohNAdAc7UIGBTNZr1o7fAV0k65Yd6ajUxGYtBlZGvuXRQA6Hk569QSpGxNZdd6uqns5q _EkvH3aAOZBzCAVzPanV_EyAKvsPB8pTBpUWX_MDOZTbPAMA8ENy9pJaqpeWWgURhzUfTejK.KPE Ffs_JgXhxS3t3DHbkbjC6vsRJUzFNxfVh010W9.t7t3eGuHnzlzY_F5zEbJkI7.iq2xOa9plYjUE aTuLETo10zWgTRVTAG3hDQYQV43.dByL7TcjNVohg0DtfZHKvGklWQxToFzSYfyWqWwiHu3HQV9y 8qiIEPAuiF_AgmoMlbwaw3bP2f6AF5lXlyXrMwtkJIL_pQB7Z86W7NbGiJ3xXRh7CZVWIczOf6wX 2qYR_U1LzLQgO21IdBsz8kfkwvVPMSAonUjrjcAlQbB4oNfn1h.0_zVv6GblQimOzpjp_BuWZVM4 YU4LkNjjM9WXOqpYGzGwsb8M0AMnzTo5BKFCdQqeM.58rSzTjIZUlGKnrG5pWjLbNf55qA5qTsTm yy.3per2UeK828SObYck4pKCE6wXLl8R51MzANmAtSJloTepBNgFPYwdDLF_jRDrPDiU9n9VKT.3 6aGde_nF6blEpIAuG2GhGnLhrQZoqgXYmf.UFSS1JHSSRf3Mad.NIk3F4cIZrtieDlr.vNyEyRau flzHO39LeL6Z7NTWY7eqfmU6FPw2jl2FlVAL_ucC7pqKY9KINQNk_GHl9zGA1Bfi9eYAvHitQY3H TqtShnERgOUXn.j2qExTW3jkq6U6f0fpjDhd.UtG.yPdu3ZX_qz0uvYmobLr0X9B3Z7tiicTWNKr k7wnYlKE3QvZlYpyob8NaOLUyt7cP3hHIDW7K4DHMNiQ1JUv9W9QQ0aGxgzy.oXJ4HQ.Go9T67Vs 6b1sMS7ZTbL.ETr9qABJCkOnL822_eLfALydX_h9rj5t4v7MPQ2sbYSXeylUMR0Lxzcv7EtWXYHg n4kZavFBL5S9FrB7pEKfxudC63RiQldRXHTql2yjvN2v1xT7XglEY.bpHs8jO4g_rq2WAzh9iXKB NFU30QNNe5eGIIUItHR0dvoX3XpFNCGz5LYMm9n_nTJ31V_rSxTVh0peCJgwTGaHK9M7Eb83fw8z DqYJyaSNqJOqpLm8tpZD9ERDkL2qsuSZtu33g4Kf_a1RF9Dc3rk6MU_S_c.XAQhJy_hy5eRQlXNT 0FJFfQtD6kudIVC.lpRnXDA-- X-Sonic-MF: X-Sonic-ID: 50f3c41d-dee8-4955-98c3-b1eb4c687315 Received: from sonic.gate.mail.ne1.yahoo.com by sonic303.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:54:23 +0000 Received: by hermes--production-bf1-54475bbfff-xmg9w (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5d8e982db405aaa142ed4c0fa62627c5; Fri, 16 Jun 2023 16:54:17 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 08/11] Smack: implement setselfattr and getselfattr hooks Date: Fri, 16 Jun 2023 09:50:52 -0700 Message-Id: <20230616165055.4705-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 106 +++++++++++++++++++++++++++++++++++-- 1 file changed, 101 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cf847cfe5ed8..4a84639e9db9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3536,6 +3536,45 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 1, the number of attributes, on success, an error code otherwise. + */ +static int smack_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = ALIGN(slen + sizeof(*ctx), 8); + if (total > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, + 0); + else + rc = 1; + + *size = total; + if (rc >= 0) + return 1; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3565,8 +3604,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3575,7 +3614,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3589,8 +3628,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3629,6 +3668,61 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct lsm_ctx *lctx; + int rc; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -E2BIG; + else + rc = do_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr == LSM_ATTR_UNDEF) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4939,6 +5033,8 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Fri Jun 16 16:50:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283037 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 548DFEB64DA for ; Fri, 16 Jun 2023 16:58:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345956AbjFPQ6C (ORCPT ); Fri, 16 Jun 2023 12:58:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43420 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232001AbjFPQ5m (ORCPT ); Fri, 16 Jun 2023 12:57:42 -0400 Received: from sonic314-26.consmr.mail.ne1.yahoo.com (sonic314-26.consmr.mail.ne1.yahoo.com [66.163.189.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BCDC04685 for ; Fri, 16 Jun 2023 09:55:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934557; bh=FecLkrXox/1UtDMuj0YVSfxHtwMaEWW93HEIoUhvMVY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=mmcZRF9YZI5VEGmyO+WaQtwlK2OyGjkLIM26SassX5sxpO+zIysBnWJsBcuSYNsDU5t3rim6GporegVy+qJE6P0QhU0i6wMK51jN+0+UO54ulOolL6j0MPNVhUrlpxZYpCK8zvW59a69yFvOk9HxITUMdVvoqy9+k9YixAyb0VHY9kE3aT70tXS+sOr0fAZZmNVFeD7ugtxk0tfH3eu3JXJ1e8CHtT5UAq/72ia3VnNAO6W5vY/G+1SSR82CjIo02ChYA85TMuIZcXN1W4z5zYnGN5AFfu0K3BY85PbL2J70VPosUvTaNrpduquSmjHR1tOXlkyWPj35rglEgUSe8Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934557; bh=6Nx1q2xRMO4tClgtvSWM7k/rLC7lQYxo8ewBA6OtKZa=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=GHN3JEjOi9UkqQpjF9PRqVzd+1M0++c6yMIfLp62iLZXlA4AkoRuEpbsL/00O//x4SNAfuDSFZNeO7E9kcNeRTKwSbVs+MshKQbhXQUXn/qzPBvWtZKzlRmbJctA1KI12vKWdga2dHTIVRmkAKfCOUqRO7o+DFA/rkwti6VGkRLZDmWyIsXEOLe7S+3bBQrHNk9PRKAf0luviqRXgc4Mpwy0t51IX2ueAJcA8uQt0n8e3FGT6NKjH8Qm3rnzSBcvkQr0V50vV+kdQyl6ihUueX9zXEj853ykLloWr/GIulojUt7hh2C7qQWWeQirZrmuQ4OXjkWlFAFRWafgjQUk8w== X-YMail-OSG: vYKTuTwVM1lL2xcygy9G9Z2GOhN_5cGkZ6.mumUfAr.yTfF.yx5XXY70jlb3Otg vjgocsbEkU7BxbWhh1abOLpCPmQhACN4NbyIcLYaFHX.AXHTbLkojBcr1lu6zaElqiOBmlkJlJpp qSu6S0fn_2rBo8TgsyT30ejZQfOXXygj2.yMXrzMUPPj3u7l0VUjJyRkfNhFcrSAQ1exLrjhZ_wv EIzIuVMChUtq_RB5_.aphwjGUeAyJaQIHLki5r3jQ1AkbVrpszJ8KXMRpa24iMRu48NfH82C2sAO nOh8SdKA7EgKznBRFKJr_IgKBGG0FsRuF7EqbYWW4KeWy4g5B76w2.1AW0FRYrX.0Af7k2WqLQg7 g6X_gSJoC9YoMEbUcnpt70i0K7rsTTia4dZSMurwSEQRRVzo6tqIbbF6xcHoCldkUBj7g47bFa2F R7xgcXgRNJjI05eXtWmPBnYZn2a8atTOtJVY7X_LZDVGplF1zTJz7GdNjo.398GIJhwEzeq8LDm. qicX949XJyjZTwIbjUz_khiFw0cm9yCXHDkqDEKDdnVGqIsa0gsfV6snsWxnDLuScXLEHOxT0WpC 6tYhDLIdW4QUrvE8a8.5ojHwLTVtGzLPcxv6py5Vg8SoKfQTHyv7X1pWMTO3Ko3rwGyxK9wqkFwh rnh6eMtJu4McopSic5aUD3RlFFL_sYD3NSxwCpJkR21tgD2SfeSyiWzX9eR0JTBU3VSbYI98f_Rc adBGNIzaHPlYTu1yeZjTTG8MXSRhyqSwlKlg1J5.pZMqCGTmrieTv3WWz0id0QyI1yixtwhNNjhm v3vUemyKLBTmxhMilQQNsF_LTiWCC.Afzeo1QBRc.IRet.CVguXWhvWFHcdiM_5T86.wAjxnc1TX aoPi.c_LEUOF1k43HfJnbjpLSoU2pj11leb7bZwSPbXWddqTtEhMdIFVbZl4R2pzmfFkvGVPS5Py L8k5LcrSzZqrDQfcQm77hmvClBIxkM19KX1sXmfIGsmbIaVqzFvAdxAlW2oA.2e_3JiW2PBsXMXc fuMG_Bp_p7ryYfQftfcirt1.61mKGgv9uzy_n4BG9xvPPBnTVBPYRFHyCV7yETe960kB9HSW6Z24 ajq8oolhokBPzxYU8O0UpsNb.vH0x5ncBrBb4prvFw7sl7drVW7dn2H6.cfWQZIl5aMV9d4HnMKe vvNN_aq.mk0bS7VK0uXmARykMi9MKPXnHlaaDDewOddQrLM1sRD6LLoGowTrZOhr_MEKVtTYHa9P Hwyx7O0VGrd720QeRcpO7TQ4tQrgzhRKf8dWZjTFQSPkRdKNrW3VfGEk6WDJQ4apBPsV4JCJtrv1 lwfo.jHW4wfLja.4YwagGzFnAPMpEnAANfPOQ_d7rJ8IYtNAZrvb0TmwNxJD9q4FMSZa9Op61xU. 13Q5hMTXfxoSXyA.cdFBodTpy4G84lf7JipeHO6DrhdzIKvZFnnqnc3swRQFtZ4lVdVdfseH7WLZ 0M_2aka7kUX5soxOqanZXuUIpVC_Osd7mxm4dbw3rQsbPp_3khSNDX2n7LveeUIQ.r7t74La3cgp rRrXDnW2w.b6tkAUUIDESpZMsmUeMZo2nxWpc0JpSHdkA3l0ko7A4Ur9MxIZzDEQv.jUyu7T39Wv MS_mwu7Eg8O2GDS3zVsE4r9TcJGloucsGufpDXxk79Cf7ULqpv33e_XfpKCRS5N.rjyS_AOgv9d8 zoKabaEkypFhmQQ7cB8s2Xaz3_U4rDQwVVrIeDAEZMZFHJpnFkQRm3I_rL1_V8aDFzUn.6t_d70A LqjOfLc29yaaz5hKL3qRmnFs0nawaaX74mJSdbZ2M2tBFg3uNhpydd1HE3n0fKx4Eggl9JiHnaFq MhZ1ljwf0D4AoHWecphe5DXDTiSjFHe3sWsL3Fxxoe.VjLOyoqcA1v0JkEFcabvntfv8c3i8W_GV 2GuwuOs._T4Wj53mT8nUWyXqNuo70mNR.QR_X8PASFQb2aGBojwLqeyA6NdIY09k.eiPmtEvzsCI JTWa52dtKt.g_fJSr8WP1dITBEr1hO49WA5q2miMN99QG0MMiJEq3iQp1eIWjh6ZJsdecE2PzyC1 W01qX1Rc2Moom_JJinfgE6YMjeXO7leM2dYASSRZIc7q0FFrycPWxTFbNuUwzsYEefdicyENZtwO vVrLZRRCQ6PNNMl7n4t_eGeGsa5rsbv_lN_KXQHs.Ogmvzg01J22Ob0ycEaC8Dzh38BQV9cV164I bydt8zOU6B40Op8yjGQeoV1CW2Yx96EA7m3KtkAQDpsEnDO1Hzm_ksxoKZCl.DVGzEqaE5qlxSeA NM5aX_WMtkG7JUr_3sqvcTBOqtg-- X-Sonic-MF: X-Sonic-ID: 01e9bdaa-6fbc-4341-9811-8352d54af609 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:55:57 +0000 Received: by hermes--production-ne1-574d4b7954-tvjss (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8aab4ebac04292db835fd6d81244177c; Fri, 16 Jun 2023 16:55:52 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 09/11] AppArmor: Add selfattr hooks Date: Fri, 16 Jun 2023 09:50:53 -0700 Message-Id: <20230616165055.4705-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 102 +++++++++++++++++++++++++-- security/apparmor/procattr.c | 10 +-- 3 files changed, 103 insertions(+), 11 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 308cb3a281c3..7d99d5be4c12 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,54 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, + size_t *size, u32 flags) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len = 0; + char *value; + + switch (attr) { + case LSM_ATTR_CURRENT: + label = aa_get_newest_label(cred_label(current_cred())); + break; + case LSM_ATTR_PREV: + if (ctx->previous) + label = aa_get_newest_label(ctx->previous); + break; + case LSM_ATTR_EXEC: + if (ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + break; + default: + error = -EOPNOTSUPP; + break; + } + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = ALIGN(struct_size(lx, ctx, error), 8); + if (total_len > *size) + error = -E2BIG; + else if (lx) + error = lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + else + error = 1; + } + } + + aa_put_label(label); + + *size = total_len; + if (error < 0) + return error; + return 1; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +697,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -657,8 +705,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -689,7 +736,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +751,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -724,13 +771,54 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct lsm_ctx *lctx; + int rc; + + if (attr != LSM_ATTR_CURRENT && attr != LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1341,8 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..e3857e3d7c6c 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,11 +58,12 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); - return len + 1; + return len; } /** From patchwork Fri Jun 16 16:50:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283038 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A46AEB64D8 for ; Fri, 16 Jun 2023 16:58:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345957AbjFPQ6D (ORCPT ); Fri, 16 Jun 2023 12:58:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43444 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345964AbjFPQ5n (ORCPT ); Fri, 16 Jun 2023 12:57:43 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E2479468D for ; Fri, 16 Jun 2023 09:55:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934557; bh=3KfYzQZSdHbYQjB0V2Ilq3MFhzyKnWJ15K+bVlsg+sU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=pW3koTkDB55Q7fKjgheLlFOImcUnn6twslQTVxnLBv0ijl9Fmk1ih2S/k9PTdQ8xNRUPTC5SEVnlhW6UiUHcebtHjIoSJrSjSuMhQKvyn2suPEyrw4z80gG7yDeiIlCjaL/kiUZ+ygunsblU1YcS46mX2WmCAdYGizfvX/SG98KrajOky/VU7cyQnZF/EMVNVVh+s6RvvZRHCROHLJ7j+8QxFo9WuWfL9LdKUCISlsBGsIPa9igEs0lK8R9plYXFLboxviF+1ZRBwrUWjfT6EMuJBDcuFcaFsEQwnxhSbqp+4RoKVOPf71Ev/ePXd11qkJzHy0SnQ0PqKZ9M1SVMrw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934557; bh=LYVqupBZG03jat7NE2oFGCjbV2g/Jb3wL5M/XTDh/FO=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=QQ4iZrcVJeJxR8BYDVnyGJixw+NvsSyqu5c0/lyfRSlLCM5qhzP7pAV1XJwQ2o2/xf2C0aix3/gohLjV+aQLF3jU03oECl48CrMPsrclX9vBDzyMyF6NSBjEe+rSwMfPs2BUyUMBeOkqAFPDgI0fjB1rDGfkB8TWC5FD22smNYt7aXqks3XsFB/CLLMgtDhlezB2ob1vPoRqXZdh0BcOFEg1aMdc5ifhLU+9p3LBjrMv3154JgaWsTS2Rf5Ww01kEZ6bVxjbgfumgKjCz9cnpwTCBkcgiVRCo/vFjtZOQoVZdT4/YCZQojqbVzdF9avLgeAJvocY+5/GS5EsDGWXIQ== X-YMail-OSG: iividokVM1m8tpceTRFA9lrwKdf1XkSt6oFM3b.y33AT3vVnUIlxzWjk1MTJQ.H cRSn9yDVEWGezLn_beWFtuK.xnpaahRoaaYRcztSjk9TKr9ROJiL14fQ9v1JuEVhPHW9bpiSbeyD 9_rtGOw_l.mCtppm5NRa_6Gg9W9Lo43tfJKIGKO.6G_LSr6_E.VL781yr8mEk1Ad0YhCdLd1U_Ff Hf2oNxIR8SXwVMH7ioofKByX46HNGtmPhQfoEYhW8LV3Prq.NVpFrsbvOcpiKG_G9vkiINwlZTDR JW8pNyBbhq0A7Vyks9ZNd7i6s.NWY1cx65k9BLd1jQbjfIq6Jfgisml80K3hnX1SYICbv.4rw6Ds .RusM_0mDaDQFQT7CBgPmFcUbOvECV4KyFzyOQFNiMfdUPfX8H.bK09NDHDlXhpKxOHLwemExHVg 2nNHKdIU0UtdMn6XOKrfRns.L4EArQaaaga_yICphvAW5mBHlYg5zFuuReGCdPMM2E8JKS36WmWK lLk2AnQYviDbeedA1861.AQuYFg1O8lAhtp71ZVL2xqk2Ymw5_D7lS5wNYoYUfBlGyTUEWUl1I2d 1r1LqV12UEGFZRvq6KOrjut3XVuZneeTsldphcaAzvZ6iNgYwmMgJDlhPGGx7xxvr7a2wb3VKdXb rIIXKPu.4CXZiGhYnom6doA6lAu4414sXmRIoCPBJlFksskXDBPtEARBZB2ZPhvFyXtD52x96BDa Wr_dBA_6vOKfUGhkneybjRgfaIVcWoop20ozJfInZLpTrBF43F0hXnoKOpc_bpi2tYe4sV_AWknG A.o9TOVbi6VW1CtpLzpsExMAZmdj9jVCQUMpy_CDDS3nlQt_CBAwWM_EJbIT5g9VrAF0xfmRa_9W o6CxARBE3dQAVBxvfnNJZ55NVjdlD0KUzH6UqyjGgOYadVhwysDZ7SD.xFDKg2UJ8xD1I5t3nO58 uRykReaey4OfjU43mXcIQWTS1dxaLmTm6v_dVhZ1w1O4bGkrX8W7BQqozirXasufUVbNVVTqxfJZ bQF8ULWQrTls8awWKD9MKsEtC3j8N23uH.7iPuHWyAHV.sg8lLcqVzQh3_Q1CDeSuyUAege5SsL3 Co7VQUY6IY4mxy3.jQE_tlQwKE14KwnGeun0dvWcoKwkM2tB2VsI7rIuTlJVxo9TKP5bbhA0L3Gf 21izp_HQulyUlUZi0L9IQrFovyeOcl7tVxgxsIZzjwHLkEmCAU6rQvD2jbHxiU0viIIn7DdIz9ab 9OYT2pzzCfweSRzfBoJpPlPxnGvkUXqWENRyrIrdg7uj9XshIuujJQXmJsUN8nJiwDtrpQ958Gq4 ZOHiyghly3jkXwtDlx4QyAFAM7qG_CwGS4YbfJigYUySEXwYQgoQ3Gr5BP.W6dgolFH6HSQalD2s B1SdycDQtrG0vmS6mD98McYIMdb1CV9Eym6qSPzNG0Zeig4O1fiR1eV3PXTujQCM5V2dJr2fgvBI hcYefkerPzBIu5vZ9YwPPKUy1Oo4CKaI_JiVZ.p41Gm1bMB8yWGDNyIwmJkoXyhv7kF0kGmiXwcA XRTxDOy6gZbSt7ly1h_UY3_o70MKkF1Pd6oDNcvsngH4Zy9Y_GstDXc3fw8hT0Lr8sdzSmlhLtSk DDJnapfGGMbcbYf5_MbogXMsIPvQXa2HfKzASIvyIr.4dSnAlAjnCS6SDMFFXKarpzTcwF0Hzyuc t3CEvbssiOfQMkJgmi6IVaq_ZSvkn0ryL1yKaYSBvg_IThAhw9A6i60j2ZnHH32MB1FAmDS6tiRR ZhEFYiMPIjokzzAPW2EmWpnVPvDaX7YRH9MgQWZ9yd3LmdlJHvuPz95mS2vYVFkYYMDfwx_2ZYYL fH0T1aTdlkHTHvIaGOg5qHlJx2WwXvjrQ47TTacXVFgOszKHBXNkuuwRhKlD4WieLc_ajqN7Ksw0 h_JnEwhwECQm.x_Qp9uXOnwOAvmWunrifI3CTczC1nm6az26b_i0iONpFrSK38q3JPISHTVjt.jj .E8cFZ.PvnO_GoVW0xrI.teSkpe.DZ76AyBRcIkUtuVkUoz2NgLE01WQLJKt86Vr9SafyvLPhOPl GEJNfy44QtVTTR9RkhfxSbqSGoeQEBa9HuTPk94XKF0qMlcZ1LZu91_1yxeO3a0F0iO59CZ7DymZ onoCYT92SGwYZmbPmtHIAqKD26S5NMBLgeDtCwrR2nCuno8ZM.TINVjCC_Q_rlFohyRdAsH0cxRU NtHb4C46BsjNabdGg5j2wVYujvYdSr0TwGK2Wdln.3L1pLtwhJXemWaKwvgSmVB2HkAUU1Bn3Hol A1ogFVctPbQ82qvny.Q0TU1PDqC3C X-Sonic-MF: X-Sonic-ID: 6ca35e08-3069-48c7-89e1-9e4c8c84f532 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:55:57 +0000 Received: by hermes--production-ne1-574d4b7954-tvjss (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8aab4ebac04292db835fd6d81244177c; Fri, 16 Jun 2023 16:55:53 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v11 10/11] SELinux: Add selfattr hooks Date: Fri, 16 Jun 2023 09:50:54 -0700 Message-Id: <20230616165055.4705-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 148 ++++++++++++++++++++++++++++++++------- 1 file changed, 121 insertions(+), 27 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 49ec74bc006c..a4a536552717 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6226,8 +6226,8 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, + char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6244,20 +6244,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6275,7 +6282,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int selinux_lsm_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6286,23 +6293,31 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_EXEC: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) + break; + case LSM_ATTR_CURRENT: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETCURRENT, NULL); - else - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; + break; + } if (error) return error; @@ -6314,13 +6329,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6331,7 +6347,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6354,11 +6371,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6366,9 +6383,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6410,6 +6427,81 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + char *value; + size_t total_len; + int len; + int rc; + + len = selinux_lsm_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = ALIGN(struct_size(ctx, ctx, len), 8); + + if (total_len > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + else + rc = 1; + + *size = total_len; + if (rc < 0) + return rc; + return 1; +} + +static int selinux_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + int rc; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = selinux_lsm_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr = lsm_name_to_attr(name); + int rc; + + if (attr) { + rc = selinux_lsm_getattr(attr, p, value); + if (rc != -EOPNOTSUPP) + return rc; + } + + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return selinux_lsm_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7041,6 +7133,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Fri Jun 16 16:50:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13283039 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8C5FFEB64D7 for ; Fri, 16 Jun 2023 16:58:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346067AbjFPQ6F (ORCPT ); Fri, 16 Jun 2023 12:58:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343594AbjFPQ5n (ORCPT ); Fri, 16 Jun 2023 12:57:43 -0400 Received: from sonic314-26.consmr.mail.ne1.yahoo.com (sonic314-26.consmr.mail.ne1.yahoo.com [66.163.189.152]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CBD0E468A for ; Fri, 16 Jun 2023 09:55:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934557; bh=DKeEkj8ly1FqNoGt8EcMyRH/A0S4Wx+vordwNsS8AI8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=P2rO/j5QhZeH7Pbr5fYbKMwqVTW4/r5NdmM1RUA4zbkwPTe10nPrAdpEipKqwUnE32cBzi6VMSZj4n/vEq7ycFW8KgnZJ12EzuP2sb+kxv4CH+sHC09X8f2BGkM+mZ4bYRmbODsQio0zY5mdwe/adlAwnxlYqMAsOWpNhR2ooF/aTO/Utyks+FO5pbNQR1ZSmJwFaHIf542YRxFZs4rO3wFGaQAxc3KqUevFHQDmM3Qdfhdf51FLmVsfYdLezIEPd32DlGvEChJgVzfz3SzT/LZcaMiY4xfL4bhj0m0bONOOm3GnSwaCZkhPzrWv2iiDbr3mOLdsXf8SKUOKqgk9cA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1686934557; bh=+dJCeVqDOZom3NyNCMpdGrNX4EJxe609uqAgJzmF/o2=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=jAmNOMBoUCH/hFreQi9RcL2OFuKrr1+Mpui6VQnD1yuDobj0loNQg3yRh5Stws1Wc+qRWY9sFX05YLvgM8f6hBqZHFWKddacvlZijuL2U1b+1BFM0VScqSmVhUNZqCxt2uboW0A5FNQof39xOek9f8ohFP3FVmVX0ujv812HQb+pbUexkEt40rpoKHEkdmUx5zTe3JeDMeL5ZgPJywyxqXtWB+/Cjkq5Cl6d0e5ebb/TximX4uPF3eiIhxPgENZzdJ5LMXJRjeEC7ZnZVU1vSi47zreCrQR0AK/GOk1GfZKhJrzJc2B48Vhn1Hg5+XfrKqh+2tx3ZjB+F/v2vQVoRg== X-YMail-OSG: Ohs6QeAVM1lTbF8Jw0rV20k64JcLJt1skAV8uUWL8zITK6jv77KvUbUJLneybtK vfXm0v6vhTM9lc2qyw6aNJvwKPfMzFIJ.8CRPbOZ7T94mkKPkNLCZdHEtODjk1DjMdWNcSuzf2CW scLzqAij1KatRsT7LrUjPw8nCaQPlfUZKpv4LB_IXBqs4_upskPTOTmMTrFS0nU3PiwHJUsYCA9B pcmUNwvP62FhCsc.j3m15QUIwZElvSOb7ceV0zSRIs9SPGuVZE1HOE2WdtKU8Exxz5wr42yQCYw7 Wa5aQMp5foCArjqqBy8palpXp5mYc6PuotMMhdbkfYnNBMV1EnDF2bmh.G7Oj.nEcdZATwsbeGRE _7.uUd61OMEQnGAstmnNRwQWCBEdlPw7aHnAmZ19I.p1as2dI62dx7EjgPfCG_Lg5.bbTylAKFvH FUL3WzHN23PASe1w1zMxHBiFWpFfMkJzrGrQ9.CxNy_9ZbPN2K8UllK8vZI5abQtBTV2b_2m61_B Pt9u0.12yQZpvNKWLZ0qkua7GPzi_BUfMp8UXcna0ajcqSzmitFP4SsV7rowncxfrdl3c8UEPnyY nvIPK12Y3R0Q18ql2YhHXcNuHNC3VcK0kSeKOxxvFBmr1E2tjCEjvgteJPMypFCC7ltGTE4jYtIP h5DJ0HL4TjhZZEkeiRuXvHRlJowT5Ei_jyACqiEpNQlBUcWh0LsJxFmV3mjKl2ODY59_2ZfzJkvB Tf78fW2TPZMbKP3itCquhLT32ceYWxuCBQK5Xgg6j8qW5E_nt9q17kgENASvo5.SuMCRsEDSNvZi fMjc75T7TfpRDq_aNrT4Dcta4AuWxgY3vvEIeHjOImrIVAXHOMDnNOCS9DQ_lh9w08dFiJL.pko. 7tnXt.cL58kI0xXSNfAwY4BWClD203atlB3O.0VZhV9D.WJMzURb23Mcrkd7BbWLpQGEZ_F_mZkR NFJbygcDb2tTyv9AJY1pD0Kvanqztkgt55i_GzAZVGGnyJSFVQZEpZ8XhHAiZUfZEGyoo2jSvY_d TQ3GK9Lw8SFvZHa2pBf0LP4uGrsZnWcSbQPE3kMr.khz.Hpb4jtsHaXNfuZYpShn5INr9yhb44KM bVLOVBOfKKp83.062xeg4qxLRd0fWqhVkC_qKvJGMHRbQkpYCP4kLSK17OIuKxS5duHXS.w2IlA7 175dR6H4RIqOKPExf0Y_SMJmnZ2rJ72RcRxhPBwkOY3ei.5pbjB1RghEfXWjlkGD4l.y1Y4mUnG_ Z1WcY699Nfkxz9KXDmQZ0Q4g97b9wg9wZ885c65n78z36ALC4jr6shcGJcVKT4ttU6g.fekS2eJl 7lSbqnYPAQUHJV3fDrBDGlNWft7CDmpXb6l9t2nqusjQAZdZhHue7SuAHnaZ7PsRG2A8HBFpCpLz 5ujdkAn_uSh0uSSZZu6yvYxUNSNaTT.EZOvj8T5cq5x9qXc4Ed7icodGnKAfdyVjmw841aSLHKPJ 9ma4PXQPt.FUnjhzSImpaik5wzA4h1xXQWCIu6yqGhs4D9ym1ri954A8Khex3v_SsBnACqlw3Z6k ig7we1qd.BVX0EPvn_L5eg4fxtlNwIhlmPU8DYy2e0McBbry9RIK0A2.Vf3dYLwPf_Q7WF9DFy2R C_yRFSBC3NkDnAiaS2IvK_lUjZypu88Md.nMytNApM4Qwm50cJ.GLCPN0mIiR1Sxy3PXFWaDKaDU Iht.2MEtpPXRr0HjMBsdVVGzAEWeqv7Mwxf3Mry1FhVdKmByt4hoWiPshd2_XUQautmpzxMA0jBg zRe1S6zyoGKwzFfG66JA6xll69v008dJ7M2UhKDPWfKVaDp0Gb9Gm0bywiSEVn24EMyUjIMFsVdk a44Yxs0VBBMbmiE26FRhT96ujcauiRa_KXExOmk9PygR_yldvMIXa1JrtqeknACOWjDFwuW734.G nlJUwNQPiUf02BvaKHGS4qf.lRzsueX_Z2sGUDaXGGKlj55BuVhB7TewdiDBxcqgB7N1Ud0sWb3D v.nT86BHKEbGoF7EJXzfYeJjousPUddghzKZVFl_arc4swf_t5Hc9ztvpmKHPMwvPg8H5CYyBlAq inUybHrDPhYonUmp.PDPY3bsxGICQCfvFh7sEWKAc8IqI0pE4RXiuvMFpIUACyFMYj.3cRFJakuC 9JRVbOb4l_TfGK9baSKvZnXDLbdzkajb0vKkn7IC2FI9K.esRvsIz2XfSImGB.Z6UD64HZux2pFL I0fCE9Y2cVZjk7A9m0iVIUSbOFICYRyomnSFLP0693jC5mUaGTqbH_Wzr9ugYCcPAhxeSNcswrkx sEdbYoLF27PJTz8kbzl6vKoWAIH4- X-Sonic-MF: X-Sonic-ID: 45070aca-a207-409e-808a-bd05ac5e6327 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Fri, 16 Jun 2023 16:55:57 +0000 Received: by hermes--production-ne1-574d4b7954-tvjss (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8aab4ebac04292db835fd6d81244177c; Fri, 16 Jun 2023 16:55:54 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v11 11/11] LSM: selftests for Linux Security Module syscalls Date: Fri, 16 Jun 2023 09:50:55 -0700 Message-Id: <20230616165055.4705-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com> References: <20230616165055.4705-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 270 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 153 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 70 +++++ 6 files changed, 508 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 90a62cf75008..2b91df264ada 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -38,6 +38,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..f39a75212b78 --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..a62524b17bf7 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,270 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + if (len <= 0) + return -1; + close(fd); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_NE(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, NULL, + &size, 0)); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 1)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_EXEC, ctx, + &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_FSCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_KEYCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_PREV, ctx, + &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_SOCKCREATE, + ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..871d516a7d7d --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,153 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..ca538a703168 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,70 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, 1, + 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, + size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, tctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN