From patchwork Sat Nov 11 10:08:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 13453012 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6BD98125A6 for ; Sat, 11 Nov 2023 10:08:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=none Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 214A53AA6 for ; Sat, 11 Nov 2023 02:08:52 -0800 (PST) Received: from fsav315.sakura.ne.jp (fsav315.sakura.ne.jp [153.120.85.146]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 3ABA8oXm035971; Sat, 11 Nov 2023 19:08:50 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav315.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav315.sakura.ne.jp); Sat, 11 Nov 2023 19:08:50 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav315.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 3ABA7mvY035781 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Sat, 11 Nov 2023 19:08:50 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: <2c8eae29-63da-461c-849f-3b08cf5fc7d1@I-love.SAKURA.ne.jp> Date: Sat, 11 Nov 2023 19:08:50 +0900 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH 1/5] LSM: Auto-undef LSM_HOOK macro. Content-Language: en-US From: Tetsuo Handa To: linux-security-module , bpf , KP Singh Cc: Paul Moore , Kees Cook , Casey Schaufler , song@kernel.org, Daniel Borkmann , Alexei Starovoitov , renauld@google.com, Paolo Abeni References: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> In-Reply-To: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> X-Patchwork-Delegate: bpf@iogearbox.net Since all users are doing "#undef LSM_HOOK" immediately after "#include " line, let lsm_hook_defs.h do it. Signed-off-by: Tetsuo Handa --- include/linux/bpf_lsm.h | 1 - include/linux/lsm_hook_defs.h | 3 ++- include/linux/lsm_hooks.h | 2 -- kernel/bpf/bpf_lsm.c | 3 --- security/bpf/hooks.c | 1 - security/security.c | 4 ---- 6 files changed, 2 insertions(+), 12 deletions(-) diff --git a/include/linux/bpf_lsm.h b/include/linux/bpf_lsm.h index 5bbc31ac948c..11544b098c06 100644 --- a/include/linux/bpf_lsm.h +++ b/include/linux/bpf_lsm.h @@ -16,7 +16,6 @@ #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ RET bpf_lsm_##NAME(__VA_ARGS__); #include -#undef LSM_HOOK struct bpf_storage_blob { struct bpf_local_storage __rcu *storage; diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 6ea529e4d9be..4229dee73eba 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -23,7 +23,6 @@ * struct security_hook_heads { * #define LSM_HOOK(RET, DEFAULT, NAME, ...) struct hlist_head NAME; * #include - * #undef LSM_HOOK * }; */ LSM_HOOK(int, 0, binder_set_context_mgr, const struct cred *mgr) @@ -423,3 +422,5 @@ LSM_HOOK(int, 0, uring_override_creds, const struct cred *new) LSM_HOOK(int, 0, uring_sqpoll, void) LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd) #endif /* CONFIG_IO_URING */ + +#undef LSM_HOOK diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index b646f6746147..135b3f58f8d2 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -57,7 +57,6 @@ do { \ union security_list_options { #define LSM_HOOK(RET, DEFAULT, NAME, ...) RET (*NAME)(__VA_ARGS__); #include "lsm_hook_defs.h" - #undef LSM_HOOK void *lsm_callback; }; @@ -87,7 +86,6 @@ struct lsm_static_calls_table { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ struct lsm_static_call NAME[MAX_LSM_COUNT]; #include - #undef LSM_HOOK } __randomize_layout; /** diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c index e14c822f8911..025d05c30f11 100644 --- a/kernel/bpf/bpf_lsm.c +++ b/kernel/bpf/bpf_lsm.c @@ -26,14 +26,11 @@ noinline RET bpf_lsm_##NAME(__VA_ARGS__) \ { \ return DEFAULT; \ } - #include -#undef LSM_HOOK #define LSM_HOOK(RET, DEFAULT, NAME, ...) BTF_ID(func, bpf_lsm_##NAME) BTF_SET_START(bpf_lsm_hooks) #include -#undef LSM_HOOK BTF_SET_END(bpf_lsm_hooks) /* List of LSM hooks that should operate on 'current' cgroup regardless diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index 61433633d235..294d9d152fb0 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -11,7 +11,6 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ LSM_HOOK_INIT_DISABLED(NAME, bpf_lsm_##NAME), #include - #undef LSM_HOOK LSM_HOOK_INIT(inode_free_security, bpf_inode_storage_free), LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; diff --git a/security/security.c b/security/security.c index 5f4e5e6d0989..986aa5e6e29d 100644 --- a/security/security.c +++ b/security/security.c @@ -131,7 +131,6 @@ static __initdata struct lsm_info *exclusive; #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ LSM_DEFINE_UNROLL(DEFINE_LSM_STATIC_CALL, NAME, RET, __VA_ARGS__) #include -#undef LSM_HOOK #undef DEFINE_LSM_STATIC_CALL /* @@ -152,7 +151,6 @@ struct lsm_static_calls_table static_calls_table __ro_after_init = { LSM_DEFINE_UNROLL(INIT_LSM_STATIC_CALL, NAME) \ }, #include -#undef LSM_HOOK #undef INIT_LSM_STATIC_CALL }; @@ -894,9 +892,7 @@ int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, size_t *uctx_len, static const int __maybe_unused LSM_RET_DEFAULT(NAME) = (DEFAULT); #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ DECLARE_LSM_RET_DEFAULT_##RET(DEFAULT, NAME) - #include -#undef LSM_HOOK /* * Hook list operation macros. From patchwork Sat Nov 11 10:09:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 13453013 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6060611703 for ; Sat, 11 Nov 2023 10:09:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=none Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6B0A8D55 for ; Sat, 11 Nov 2023 02:09:46 -0800 (PST) Received: from fsav314.sakura.ne.jp (fsav314.sakura.ne.jp [153.120.85.145]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 3ABA9iGY036118; Sat, 11 Nov 2023 19:09:44 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav314.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav314.sakura.ne.jp); Sat, 11 Nov 2023 19:09:44 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav314.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 3ABA7mvZ035781 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Sat, 11 Nov 2023 19:09:44 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: <65b328da-3013-4b01-b94e-3f1cff927f07@I-love.SAKURA.ne.jp> Date: Sat, 11 Nov 2023 19:09:44 +0900 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH 2/5] LSM: Add a header file containing only arguments of LSM callback functions. Content-Language: en-US From: Tetsuo Handa To: linux-security-module , bpf , KP Singh Cc: Paul Moore , Kees Cook , Casey Schaufler , song@kernel.org, Daniel Borkmann , Alexei Starovoitov , renauld@google.com, Paolo Abeni References: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> In-Reply-To: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> This file is used by security/mod_lsm.c which is added by PATCH 4/5. This file is mechanically generated by the following command. awk 'BEGIN { print "/* SPDX-License-Identifier: GPL-2.0 */" } { if (substr($1, 1, 1) == "#" || substr($1, 1, 1) == "*") { next } LINE = LINE $0; if (index(LINE, ")") > 0) { gsub("*", " ", LINE); gsub("[ \t]+", " ", LINE); sPos = index(LINE, "(") + 1; N = split(substr(LINE, sPos, index(LINE, ")") - sPos), TOKENS, ",") if (N >= 4) { LINE="#define LSM_CALL_ARGS_" substr(TOKENS[3], match(TOKENS[3], "[A-Za-z]")); for (i = 4; i <= N; i++) { nWords = split(TOKENS[i], WORDS, " "); if (i == 4 && WORDS[nWords] == "void") { break; } LINE=LINE " " WORDS[nWords]; if (i < N) { LINE=LINE ","; } } print LINE; } LINE = ""; } }' include/linux/lsm_hook_defs.h > include/linux/lsm_hook_args.h By the way, should this file be automatically generated upon build rather than requiring manual update in-sync with linux/lsm_hook_defs.h ? Signed-off-by: Tetsuo Handa --- include/linux/lsm_hook_args.h | 252 ++++++++++++++++++++++++++++++++++ 1 file changed, 252 insertions(+) create mode 100644 include/linux/lsm_hook_args.h diff --git a/include/linux/lsm_hook_args.h b/include/linux/lsm_hook_args.h new file mode 100644 index 000000000000..0edc0b103d78 --- /dev/null +++ b/include/linux/lsm_hook_args.h @@ -0,0 +1,252 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#define LSM_CALL_ARGS_binder_set_context_mgr mgr +#define LSM_CALL_ARGS_binder_transaction from, to +#define LSM_CALL_ARGS_binder_transfer_binder from, to +#define LSM_CALL_ARGS_binder_transfer_file from, to, file +#define LSM_CALL_ARGS_ptrace_access_check child, mode +#define LSM_CALL_ARGS_ptrace_traceme parent +#define LSM_CALL_ARGS_capget target, effective, inheritable, permitted +#define LSM_CALL_ARGS_capset new, old, effective, inheritable, permitted +#define LSM_CALL_ARGS_capable cred, ns, cap, opts +#define LSM_CALL_ARGS_quotactl cmds, type, id, sb +#define LSM_CALL_ARGS_quota_on dentry +#define LSM_CALL_ARGS_syslog type +#define LSM_CALL_ARGS_settime ts, tz +#define LSM_CALL_ARGS_vm_enough_memory mm, pages +#define LSM_CALL_ARGS_bprm_creds_for_exec bprm +#define LSM_CALL_ARGS_bprm_creds_from_file bprm, file +#define LSM_CALL_ARGS_bprm_check_security bprm +#define LSM_CALL_ARGS_bprm_committing_creds bprm +#define LSM_CALL_ARGS_bprm_committed_creds bprm +#define LSM_CALL_ARGS_fs_context_submount fc, reference +#define LSM_CALL_ARGS_fs_context_dup fc, src_sc +#define LSM_CALL_ARGS_fs_context_parse_param fc, param +#define LSM_CALL_ARGS_sb_alloc_security sb +#define LSM_CALL_ARGS_sb_delete sb +#define LSM_CALL_ARGS_sb_free_security sb +#define LSM_CALL_ARGS_sb_free_mnt_opts mnt_opts +#define LSM_CALL_ARGS_sb_eat_lsm_opts orig, mnt_opts +#define LSM_CALL_ARGS_sb_mnt_opts_compat sb, mnt_opts +#define LSM_CALL_ARGS_sb_remount sb, mnt_opts +#define LSM_CALL_ARGS_sb_kern_mount sb +#define LSM_CALL_ARGS_sb_show_options m, sb +#define LSM_CALL_ARGS_sb_statfs dentry +#define LSM_CALL_ARGS_sb_mount dev_name, path, type, flags, data +#define LSM_CALL_ARGS_sb_umount mnt, flags +#define LSM_CALL_ARGS_sb_pivotroot old_path, new_path +#define LSM_CALL_ARGS_sb_set_mnt_opts sb, mnt_opts, kern_flags, set_kern_flags +#define LSM_CALL_ARGS_sb_clone_mnt_opts oldsb, newsb, kern_flags, set_kern_flags +#define LSM_CALL_ARGS_move_mount from_path, to_path +#define LSM_CALL_ARGS_dentry_init_security dentry, mode, name, xattr_name, ctx, ctxlen +#define LSM_CALL_ARGS_dentry_create_files_as dentry, mode, name, old, new +#define LSM_CALL_ARGS_path_unlink dir, dentry +#define LSM_CALL_ARGS_path_mkdir dir, dentry, mode +#define LSM_CALL_ARGS_path_rmdir dir, dentry +#define LSM_CALL_ARGS_path_mknod dir, dentry, mode, dev +#define LSM_CALL_ARGS_path_truncate path +#define LSM_CALL_ARGS_path_symlink dir, dentry, old_name +#define LSM_CALL_ARGS_path_link old_dentry, new_dir, new_dentry +#define LSM_CALL_ARGS_path_rename old_dir, old_dentry, new_dir, new_dentry, flags +#define LSM_CALL_ARGS_path_chmod path, mode +#define LSM_CALL_ARGS_path_chown path, uid, gid +#define LSM_CALL_ARGS_path_chroot path +#define LSM_CALL_ARGS_path_notify path, mask, obj_type +#define LSM_CALL_ARGS_inode_alloc_security inode +#define LSM_CALL_ARGS_inode_free_security inode +#define LSM_CALL_ARGS_inode_init_security inode, dir, qstr, xattrs, xattr_count +#define LSM_CALL_ARGS_inode_init_security_anon inode, name, context_inode +#define LSM_CALL_ARGS_inode_create dir, dentry, mode +#define LSM_CALL_ARGS_inode_link old_dentry, dir, new_dentry +#define LSM_CALL_ARGS_inode_unlink dir, dentry +#define LSM_CALL_ARGS_inode_symlink dir, dentry, old_name +#define LSM_CALL_ARGS_inode_mkdir dir, dentry, mode +#define LSM_CALL_ARGS_inode_rmdir dir, dentry +#define LSM_CALL_ARGS_inode_mknod dir, dentry, mode, dev +#define LSM_CALL_ARGS_inode_rename old_dir, old_dentry, new_dir, new_dentry +#define LSM_CALL_ARGS_inode_readlink dentry +#define LSM_CALL_ARGS_inode_follow_link dentry, inode, rcu +#define LSM_CALL_ARGS_inode_permission inode, mask +#define LSM_CALL_ARGS_inode_setattr dentry, attr +#define LSM_CALL_ARGS_inode_getattr path +#define LSM_CALL_ARGS_inode_setxattr idmap, dentry, name, value, size, flags +#define LSM_CALL_ARGS_inode_post_setxattr dentry, name, value, size, flags +#define LSM_CALL_ARGS_inode_getxattr dentry, name +#define LSM_CALL_ARGS_inode_listxattr dentry +#define LSM_CALL_ARGS_inode_removexattr idmap, dentry, name +#define LSM_CALL_ARGS_inode_set_acl idmap, dentry, acl_name, kacl +#define LSM_CALL_ARGS_inode_get_acl idmap, dentry, acl_name +#define LSM_CALL_ARGS_inode_remove_acl idmap, dentry, acl_name +#define LSM_CALL_ARGS_inode_need_killpriv dentry +#define LSM_CALL_ARGS_inode_killpriv idmap, dentry +#define LSM_CALL_ARGS_inode_getsecurity idmap, inode, name, buffer, alloc +#define LSM_CALL_ARGS_inode_setsecurity inode, name, value, size, flags +#define LSM_CALL_ARGS_inode_listsecurity inode, buffer, buffer_size +#define LSM_CALL_ARGS_inode_getsecid inode, secid +#define LSM_CALL_ARGS_inode_copy_up src, new +#define LSM_CALL_ARGS_inode_copy_up_xattr name +#define LSM_CALL_ARGS_kernfs_init_security kn_dir, kn +#define LSM_CALL_ARGS_file_permission file, mask +#define LSM_CALL_ARGS_file_alloc_security file +#define LSM_CALL_ARGS_file_free_security file +#define LSM_CALL_ARGS_file_ioctl file, cmd, arg +#define LSM_CALL_ARGS_mmap_addr addr +#define LSM_CALL_ARGS_mmap_file file, reqprot, prot, flags +#define LSM_CALL_ARGS_file_mprotect vma, reqprot, prot +#define LSM_CALL_ARGS_file_lock file, cmd +#define LSM_CALL_ARGS_file_fcntl file, cmd, arg +#define LSM_CALL_ARGS_file_set_fowner file +#define LSM_CALL_ARGS_file_send_sigiotask tsk, fown, sig +#define LSM_CALL_ARGS_file_receive file +#define LSM_CALL_ARGS_file_open file +#define LSM_CALL_ARGS_file_truncate file +#define LSM_CALL_ARGS_task_alloc task, clone_flags +#define LSM_CALL_ARGS_task_free task +#define LSM_CALL_ARGS_cred_alloc_blank cred, gfp +#define LSM_CALL_ARGS_cred_free cred +#define LSM_CALL_ARGS_cred_prepare new, old, gfp +#define LSM_CALL_ARGS_cred_transfer new, old +#define LSM_CALL_ARGS_cred_getsecid c, secid +#define LSM_CALL_ARGS_kernel_act_as new, secid +#define LSM_CALL_ARGS_kernel_create_files_as new, inode +#define LSM_CALL_ARGS_kernel_module_request kmod_name +#define LSM_CALL_ARGS_kernel_load_data id, contents +#define LSM_CALL_ARGS_kernel_post_load_data buf, size, id, description +#define LSM_CALL_ARGS_kernel_read_file file, id, contents +#define LSM_CALL_ARGS_kernel_post_read_file file, buf, size, id +#define LSM_CALL_ARGS_task_fix_setuid new, old, flags +#define LSM_CALL_ARGS_task_fix_setgid new, old, flags +#define LSM_CALL_ARGS_task_fix_setgroups new, old +#define LSM_CALL_ARGS_task_setpgid p, pgid +#define LSM_CALL_ARGS_task_getpgid p +#define LSM_CALL_ARGS_task_getsid p +#define LSM_CALL_ARGS_current_getsecid_subj secid +#define LSM_CALL_ARGS_task_getsecid_obj p, secid +#define LSM_CALL_ARGS_task_setnice p, nice +#define LSM_CALL_ARGS_task_setioprio p, ioprio +#define LSM_CALL_ARGS_task_getioprio p +#define LSM_CALL_ARGS_task_prlimit cred, tcred, flags +#define LSM_CALL_ARGS_task_setrlimit p, resource, new_rlim +#define LSM_CALL_ARGS_task_setscheduler p +#define LSM_CALL_ARGS_task_getscheduler p +#define LSM_CALL_ARGS_task_movememory p +#define LSM_CALL_ARGS_task_kill p, info, sig, cred +#define LSM_CALL_ARGS_task_prctl option, arg2, arg3, arg4, arg5 +#define LSM_CALL_ARGS_task_to_inode p, inode +#define LSM_CALL_ARGS_userns_create cred +#define LSM_CALL_ARGS_ipc_permission ipcp, flag +#define LSM_CALL_ARGS_ipc_getsecid ipcp, secid +#define LSM_CALL_ARGS_msg_msg_alloc_security msg +#define LSM_CALL_ARGS_msg_msg_free_security msg +#define LSM_CALL_ARGS_msg_queue_alloc_security perm +#define LSM_CALL_ARGS_msg_queue_free_security perm +#define LSM_CALL_ARGS_msg_queue_associate perm, msqflg +#define LSM_CALL_ARGS_msg_queue_msgctl perm, cmd +#define LSM_CALL_ARGS_msg_queue_msgsnd perm, msg, msqflg +#define LSM_CALL_ARGS_msg_queue_msgrcv perm, msg, target, type, mode +#define LSM_CALL_ARGS_shm_alloc_security perm +#define LSM_CALL_ARGS_shm_free_security perm +#define LSM_CALL_ARGS_shm_associate perm, shmflg +#define LSM_CALL_ARGS_shm_shmctl perm, cmd +#define LSM_CALL_ARGS_shm_shmat perm, shmaddr, shmflg +#define LSM_CALL_ARGS_sem_alloc_security perm +#define LSM_CALL_ARGS_sem_free_security perm +#define LSM_CALL_ARGS_sem_associate perm, semflg +#define LSM_CALL_ARGS_sem_semctl perm, cmd +#define LSM_CALL_ARGS_sem_semop perm, sops, nsops, alter +#define LSM_CALL_ARGS_netlink_send sk, skb +#define LSM_CALL_ARGS_d_instantiate dentry, inode +#define LSM_CALL_ARGS_getselfattr attr, ctx, size, flags +#define LSM_CALL_ARGS_setselfattr attr, ctx, size, flags +#define LSM_CALL_ARGS_getprocattr p, name, value +#define LSM_CALL_ARGS_setprocattr name, value, size +#define LSM_CALL_ARGS_ismaclabel name +#define LSM_CALL_ARGS_secid_to_secctx secid, secdata, seclen +#define LSM_CALL_ARGS_secctx_to_secid secdata, seclen, secid +#define LSM_CALL_ARGS_release_secctx secdata, seclen +#define LSM_CALL_ARGS_inode_invalidate_secctx inode +#define LSM_CALL_ARGS_inode_notifysecctx inode, ctx, ctxlen +#define LSM_CALL_ARGS_inode_setsecctx dentry, ctx, ctxlen +#define LSM_CALL_ARGS_inode_getsecctx inode, ctx, ctxlen +#define LSM_CALL_ARGS_post_notification w_cred, cred, n +#define LSM_CALL_ARGS_watch_key key +#define LSM_CALL_ARGS_unix_stream_connect sock, other, newsk +#define LSM_CALL_ARGS_unix_may_send sock, other +#define LSM_CALL_ARGS_socket_create family, type, protocol, kern +#define LSM_CALL_ARGS_socket_post_create sock, family, type, protocol, kern +#define LSM_CALL_ARGS_socket_socketpair socka, sockb +#define LSM_CALL_ARGS_socket_bind sock, address, addrlen +#define LSM_CALL_ARGS_socket_connect sock, address, addrlen +#define LSM_CALL_ARGS_socket_listen sock, backlog +#define LSM_CALL_ARGS_socket_accept sock, newsock +#define LSM_CALL_ARGS_socket_sendmsg sock, msg, size +#define LSM_CALL_ARGS_socket_recvmsg sock, msg, size, flags +#define LSM_CALL_ARGS_socket_getsockname sock +#define LSM_CALL_ARGS_socket_getpeername sock +#define LSM_CALL_ARGS_socket_getsockopt sock, level, optname +#define LSM_CALL_ARGS_socket_setsockopt sock, level, optname +#define LSM_CALL_ARGS_socket_shutdown sock, how +#define LSM_CALL_ARGS_socket_sock_rcv_skb sk, skb +#define LSM_CALL_ARGS_socket_getpeersec_stream sock, optval, optlen, len +#define LSM_CALL_ARGS_socket_getpeersec_dgram sock, skb, secid +#define LSM_CALL_ARGS_sk_alloc_security sk, family, priority +#define LSM_CALL_ARGS_sk_free_security sk +#define LSM_CALL_ARGS_sk_clone_security sk, newsk +#define LSM_CALL_ARGS_sk_getsecid sk, secid +#define LSM_CALL_ARGS_sock_graft sk, parent +#define LSM_CALL_ARGS_inet_conn_request sk, skb, req +#define LSM_CALL_ARGS_inet_csk_clone newsk, req +#define LSM_CALL_ARGS_inet_conn_established sk, skb +#define LSM_CALL_ARGS_secmark_relabel_packet secid +#define LSM_CALL_ARGS_secmark_refcount_inc +#define LSM_CALL_ARGS_secmark_refcount_dec +#define LSM_CALL_ARGS_req_classify_flow req, flic +#define LSM_CALL_ARGS_tun_dev_alloc_security security +#define LSM_CALL_ARGS_tun_dev_free_security security +#define LSM_CALL_ARGS_tun_dev_create +#define LSM_CALL_ARGS_tun_dev_attach_queue security +#define LSM_CALL_ARGS_tun_dev_attach sk, security +#define LSM_CALL_ARGS_tun_dev_open security +#define LSM_CALL_ARGS_sctp_assoc_request asoc, skb +#define LSM_CALL_ARGS_sctp_bind_connect sk, optname, address, addrlen +#define LSM_CALL_ARGS_sctp_sk_clone asoc, sk, newsk +#define LSM_CALL_ARGS_sctp_assoc_established asoc, skb +#define LSM_CALL_ARGS_mptcp_add_subflow sk, ssk +#define LSM_CALL_ARGS_ib_pkey_access sec, subnet_prefix, pkey +#define LSM_CALL_ARGS_ib_endport_manage_subnet sec, dev_name, port_num +#define LSM_CALL_ARGS_ib_alloc_security sec +#define LSM_CALL_ARGS_ib_free_security sec +#define LSM_CALL_ARGS_xfrm_policy_alloc_security ctxp, sec_ctx, gfp +#define LSM_CALL_ARGS_xfrm_policy_clone_security old_ctx, new_ctx +#define LSM_CALL_ARGS_xfrm_policy_free_security ctx +#define LSM_CALL_ARGS_xfrm_policy_delete_security ctx +#define LSM_CALL_ARGS_xfrm_state_alloc x, sec_ctx +#define LSM_CALL_ARGS_xfrm_state_alloc_acquire x, polsec, secid +#define LSM_CALL_ARGS_xfrm_state_free_security x +#define LSM_CALL_ARGS_xfrm_state_delete_security x +#define LSM_CALL_ARGS_xfrm_policy_lookup ctx, fl_secid +#define LSM_CALL_ARGS_xfrm_state_pol_flow_match x, xp, flic +#define LSM_CALL_ARGS_xfrm_decode_session skb, secid, ckall +#define LSM_CALL_ARGS_key_alloc key, cred, flags +#define LSM_CALL_ARGS_key_free key +#define LSM_CALL_ARGS_key_permission key_ref, cred, need_perm +#define LSM_CALL_ARGS_key_getsecurity key, buffer +#define LSM_CALL_ARGS_audit_rule_init field, op, rulestr, lsmrule +#define LSM_CALL_ARGS_audit_rule_known krule +#define LSM_CALL_ARGS_audit_rule_match secid, field, op, lsmrule +#define LSM_CALL_ARGS_audit_rule_free lsmrule +#define LSM_CALL_ARGS_bpf cmd, attr, size +#define LSM_CALL_ARGS_bpf_map map, fmode +#define LSM_CALL_ARGS_bpf_prog prog +#define LSM_CALL_ARGS_bpf_map_alloc_security map +#define LSM_CALL_ARGS_bpf_map_free_security map +#define LSM_CALL_ARGS_bpf_prog_alloc_security aux +#define LSM_CALL_ARGS_bpf_prog_free_security aux +#define LSM_CALL_ARGS_locked_down what +#define LSM_CALL_ARGS_perf_event_open attr, type +#define LSM_CALL_ARGS_perf_event_alloc event +#define LSM_CALL_ARGS_perf_event_free event +#define LSM_CALL_ARGS_perf_event_read event +#define LSM_CALL_ARGS_perf_event_write event +#define LSM_CALL_ARGS_uring_override_creds new +#define LSM_CALL_ARGS_uring_sqpoll +#define LSM_CALL_ARGS_uring_cmd ioucmd From patchwork Sat Nov 11 10:10:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 13453014 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EB332125B6 for ; Sat, 11 Nov 2023 10:10:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=none Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9FB643AB9 for ; Sat, 11 Nov 2023 02:10:54 -0800 (PST) Received: from fsav315.sakura.ne.jp (fsav315.sakura.ne.jp [153.120.85.146]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 3ABAAqlE036351; Sat, 11 Nov 2023 19:10:52 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav315.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav315.sakura.ne.jp); Sat, 11 Nov 2023 19:10:52 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav315.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 3ABA7mva035781 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Sat, 11 Nov 2023 19:10:52 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: Date: Sat, 11 Nov 2023 19:10:52 +0900 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH 3/5] LSM: Split LSM_HOOK() into LSM_INT_HOOK() and LSM_VOID_HOOK(). Content-Language: en-US From: Tetsuo Handa To: linux-security-module , bpf , KP Singh Cc: Paul Moore , Kees Cook , Casey Schaufler , song@kernel.org, Daniel Borkmann , Alexei Starovoitov , renauld@google.com, Paolo Abeni References: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> In-Reply-To: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> This patch mechanically converts sed -i -e 's/LSM_HOOK(int,/LSM_INT_HOOK(int,/' -e 's/LSM_HOOK(void,/LSM_VOID_HOOK(void,/' include/linux/lsm_hook_defs.h and inserts #ifndef LSM_INT_HOOK #define LSM_INT_HOOK LSM_HOOK #endif #ifndef LSM_VOID_HOOK #define LSM_VOID_HOOK LSM_HOOK #endif and #undef LSM_INT_HOOK #undef LSM_VOID_HOOK into include/linux/lsm_hook_defs.h. security/mod_lsm.c will define LSM_INT_HOOK and LSM_VOID_HOOK when defining callbacks. By the way, after you saw how PATCH 2/5 and PATCH 3/5 are used by PATCH 4/5, you might think that we could split LSM_HOOK() into more fine grained manner. For example, callbacks that do not need special handling (e.g. security_capable()) could be handled by LSM_INT_HOOK_RETURN0() macro, and callbacks that need special handling (e.g. security_vm_enough_memory_mm()) could be handled by LSM_INT_HOOK_DONT_AUTOGENERATE(). Signed-off-by: Tetsuo Handa --- include/linux/lsm_hook_defs.h | 513 +++++++++++++++++----------------- 1 file changed, 262 insertions(+), 251 deletions(-) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 4229dee73eba..5fcabb3337b3 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -25,402 +25,413 @@ * #include * }; */ -LSM_HOOK(int, 0, binder_set_context_mgr, const struct cred *mgr) -LSM_HOOK(int, 0, binder_transaction, const struct cred *from, + +#ifndef LSM_INT_HOOK +#define LSM_INT_HOOK LSM_HOOK +#endif + +#ifndef LSM_VOID_HOOK +#define LSM_VOID_HOOK LSM_HOOK +#endif + +LSM_INT_HOOK(int, 0, binder_set_context_mgr, const struct cred *mgr) +LSM_INT_HOOK(int, 0, binder_transaction, const struct cred *from, const struct cred *to) -LSM_HOOK(int, 0, binder_transfer_binder, const struct cred *from, +LSM_INT_HOOK(int, 0, binder_transfer_binder, const struct cred *from, const struct cred *to) -LSM_HOOK(int, 0, binder_transfer_file, const struct cred *from, +LSM_INT_HOOK(int, 0, binder_transfer_file, const struct cred *from, const struct cred *to, const struct file *file) -LSM_HOOK(int, 0, ptrace_access_check, struct task_struct *child, +LSM_INT_HOOK(int, 0, ptrace_access_check, struct task_struct *child, unsigned int mode) -LSM_HOOK(int, 0, ptrace_traceme, struct task_struct *parent) -LSM_HOOK(int, 0, capget, const struct task_struct *target, kernel_cap_t *effective, +LSM_INT_HOOK(int, 0, ptrace_traceme, struct task_struct *parent) +LSM_INT_HOOK(int, 0, capget, const struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted) -LSM_HOOK(int, 0, capset, struct cred *new, const struct cred *old, +LSM_INT_HOOK(int, 0, capset, struct cred *new, const struct cred *old, const kernel_cap_t *effective, const kernel_cap_t *inheritable, const kernel_cap_t *permitted) -LSM_HOOK(int, 0, capable, const struct cred *cred, struct user_namespace *ns, +LSM_INT_HOOK(int, 0, capable, const struct cred *cred, struct user_namespace *ns, int cap, unsigned int opts) -LSM_HOOK(int, 0, quotactl, int cmds, int type, int id, const struct super_block *sb) -LSM_HOOK(int, 0, quota_on, struct dentry *dentry) -LSM_HOOK(int, 0, syslog, int type) -LSM_HOOK(int, 0, settime, const struct timespec64 *ts, +LSM_INT_HOOK(int, 0, quotactl, int cmds, int type, int id, const struct super_block *sb) +LSM_INT_HOOK(int, 0, quota_on, struct dentry *dentry) +LSM_INT_HOOK(int, 0, syslog, int type) +LSM_INT_HOOK(int, 0, settime, const struct timespec64 *ts, const struct timezone *tz) -LSM_HOOK(int, 0, vm_enough_memory, struct mm_struct *mm, long pages) -LSM_HOOK(int, 0, bprm_creds_for_exec, struct linux_binprm *bprm) -LSM_HOOK(int, 0, bprm_creds_from_file, struct linux_binprm *bprm, const struct file *file) -LSM_HOOK(int, 0, bprm_check_security, struct linux_binprm *bprm) -LSM_HOOK(void, LSM_RET_VOID, bprm_committing_creds, const struct linux_binprm *bprm) -LSM_HOOK(void, LSM_RET_VOID, bprm_committed_creds, const struct linux_binprm *bprm) -LSM_HOOK(int, 0, fs_context_submount, struct fs_context *fc, struct super_block *reference) -LSM_HOOK(int, 0, fs_context_dup, struct fs_context *fc, +LSM_INT_HOOK(int, 0, vm_enough_memory, struct mm_struct *mm, long pages) +LSM_INT_HOOK(int, 0, bprm_creds_for_exec, struct linux_binprm *bprm) +LSM_INT_HOOK(int, 0, bprm_creds_from_file, struct linux_binprm *bprm, const struct file *file) +LSM_INT_HOOK(int, 0, bprm_check_security, struct linux_binprm *bprm) +LSM_VOID_HOOK(void, LSM_RET_VOID, bprm_committing_creds, const struct linux_binprm *bprm) +LSM_VOID_HOOK(void, LSM_RET_VOID, bprm_committed_creds, const struct linux_binprm *bprm) +LSM_INT_HOOK(int, 0, fs_context_submount, struct fs_context *fc, struct super_block *reference) +LSM_INT_HOOK(int, 0, fs_context_dup, struct fs_context *fc, struct fs_context *src_sc) -LSM_HOOK(int, -ENOPARAM, fs_context_parse_param, struct fs_context *fc, +LSM_INT_HOOK(int, -ENOPARAM, fs_context_parse_param, struct fs_context *fc, struct fs_parameter *param) -LSM_HOOK(int, 0, sb_alloc_security, struct super_block *sb) -LSM_HOOK(void, LSM_RET_VOID, sb_delete, struct super_block *sb) -LSM_HOOK(void, LSM_RET_VOID, sb_free_security, struct super_block *sb) -LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts) -LSM_HOOK(int, 0, sb_eat_lsm_opts, char *orig, void **mnt_opts) -LSM_HOOK(int, 0, sb_mnt_opts_compat, struct super_block *sb, void *mnt_opts) -LSM_HOOK(int, 0, sb_remount, struct super_block *sb, void *mnt_opts) -LSM_HOOK(int, 0, sb_kern_mount, const struct super_block *sb) -LSM_HOOK(int, 0, sb_show_options, struct seq_file *m, struct super_block *sb) -LSM_HOOK(int, 0, sb_statfs, struct dentry *dentry) -LSM_HOOK(int, 0, sb_mount, const char *dev_name, const struct path *path, +LSM_INT_HOOK(int, 0, sb_alloc_security, struct super_block *sb) +LSM_VOID_HOOK(void, LSM_RET_VOID, sb_delete, struct super_block *sb) +LSM_VOID_HOOK(void, LSM_RET_VOID, sb_free_security, struct super_block *sb) +LSM_VOID_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts) +LSM_INT_HOOK(int, 0, sb_eat_lsm_opts, char *orig, void **mnt_opts) +LSM_INT_HOOK(int, 0, sb_mnt_opts_compat, struct super_block *sb, void *mnt_opts) +LSM_INT_HOOK(int, 0, sb_remount, struct super_block *sb, void *mnt_opts) +LSM_INT_HOOK(int, 0, sb_kern_mount, const struct super_block *sb) +LSM_INT_HOOK(int, 0, sb_show_options, struct seq_file *m, struct super_block *sb) +LSM_INT_HOOK(int, 0, sb_statfs, struct dentry *dentry) +LSM_INT_HOOK(int, 0, sb_mount, const char *dev_name, const struct path *path, const char *type, unsigned long flags, void *data) -LSM_HOOK(int, 0, sb_umount, struct vfsmount *mnt, int flags) -LSM_HOOK(int, 0, sb_pivotroot, const struct path *old_path, +LSM_INT_HOOK(int, 0, sb_umount, struct vfsmount *mnt, int flags) +LSM_INT_HOOK(int, 0, sb_pivotroot, const struct path *old_path, const struct path *new_path) -LSM_HOOK(int, 0, sb_set_mnt_opts, struct super_block *sb, void *mnt_opts, +LSM_INT_HOOK(int, 0, sb_set_mnt_opts, struct super_block *sb, void *mnt_opts, unsigned long kern_flags, unsigned long *set_kern_flags) -LSM_HOOK(int, 0, sb_clone_mnt_opts, const struct super_block *oldsb, +LSM_INT_HOOK(int, 0, sb_clone_mnt_opts, const struct super_block *oldsb, struct super_block *newsb, unsigned long kern_flags, unsigned long *set_kern_flags) -LSM_HOOK(int, 0, move_mount, const struct path *from_path, +LSM_INT_HOOK(int, 0, move_mount, const struct path *from_path, const struct path *to_path) -LSM_HOOK(int, -EOPNOTSUPP, dentry_init_security, struct dentry *dentry, +LSM_INT_HOOK(int, -EOPNOTSUPP, dentry_init_security, struct dentry *dentry, int mode, const struct qstr *name, const char **xattr_name, void **ctx, u32 *ctxlen) -LSM_HOOK(int, 0, dentry_create_files_as, struct dentry *dentry, int mode, +LSM_INT_HOOK(int, 0, dentry_create_files_as, struct dentry *dentry, int mode, struct qstr *name, const struct cred *old, struct cred *new) #ifdef CONFIG_SECURITY_PATH -LSM_HOOK(int, 0, path_unlink, const struct path *dir, struct dentry *dentry) -LSM_HOOK(int, 0, path_mkdir, const struct path *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, path_unlink, const struct path *dir, struct dentry *dentry) +LSM_INT_HOOK(int, 0, path_mkdir, const struct path *dir, struct dentry *dentry, umode_t mode) -LSM_HOOK(int, 0, path_rmdir, const struct path *dir, struct dentry *dentry) -LSM_HOOK(int, 0, path_mknod, const struct path *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, path_rmdir, const struct path *dir, struct dentry *dentry) +LSM_INT_HOOK(int, 0, path_mknod, const struct path *dir, struct dentry *dentry, umode_t mode, unsigned int dev) -LSM_HOOK(int, 0, path_truncate, const struct path *path) -LSM_HOOK(int, 0, path_symlink, const struct path *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, path_truncate, const struct path *path) +LSM_INT_HOOK(int, 0, path_symlink, const struct path *dir, struct dentry *dentry, const char *old_name) -LSM_HOOK(int, 0, path_link, struct dentry *old_dentry, +LSM_INT_HOOK(int, 0, path_link, struct dentry *old_dentry, const struct path *new_dir, struct dentry *new_dentry) -LSM_HOOK(int, 0, path_rename, const struct path *old_dir, +LSM_INT_HOOK(int, 0, path_rename, const struct path *old_dir, struct dentry *old_dentry, const struct path *new_dir, struct dentry *new_dentry, unsigned int flags) -LSM_HOOK(int, 0, path_chmod, const struct path *path, umode_t mode) -LSM_HOOK(int, 0, path_chown, const struct path *path, kuid_t uid, kgid_t gid) -LSM_HOOK(int, 0, path_chroot, const struct path *path) +LSM_INT_HOOK(int, 0, path_chmod, const struct path *path, umode_t mode) +LSM_INT_HOOK(int, 0, path_chown, const struct path *path, kuid_t uid, kgid_t gid) +LSM_INT_HOOK(int, 0, path_chroot, const struct path *path) #endif /* CONFIG_SECURITY_PATH */ /* Needed for inode based security check */ -LSM_HOOK(int, 0, path_notify, const struct path *path, u64 mask, +LSM_INT_HOOK(int, 0, path_notify, const struct path *path, u64 mask, unsigned int obj_type) -LSM_HOOK(int, 0, inode_alloc_security, struct inode *inode) -LSM_HOOK(void, LSM_RET_VOID, inode_free_security, struct inode *inode) -LSM_HOOK(int, -EOPNOTSUPP, inode_init_security, struct inode *inode, +LSM_INT_HOOK(int, 0, inode_alloc_security, struct inode *inode) +LSM_VOID_HOOK(void, LSM_RET_VOID, inode_free_security, struct inode *inode) +LSM_INT_HOOK(int, -EOPNOTSUPP, inode_init_security, struct inode *inode, struct inode *dir, const struct qstr *qstr, struct xattr *xattrs, int *xattr_count) -LSM_HOOK(int, 0, inode_init_security_anon, struct inode *inode, +LSM_INT_HOOK(int, 0, inode_init_security_anon, struct inode *inode, const struct qstr *name, const struct inode *context_inode) -LSM_HOOK(int, 0, inode_create, struct inode *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, inode_create, struct inode *dir, struct dentry *dentry, umode_t mode) -LSM_HOOK(int, 0, inode_link, struct dentry *old_dentry, struct inode *dir, +LSM_INT_HOOK(int, 0, inode_link, struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) -LSM_HOOK(int, 0, inode_unlink, struct inode *dir, struct dentry *dentry) -LSM_HOOK(int, 0, inode_symlink, struct inode *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, inode_unlink, struct inode *dir, struct dentry *dentry) +LSM_INT_HOOK(int, 0, inode_symlink, struct inode *dir, struct dentry *dentry, const char *old_name) -LSM_HOOK(int, 0, inode_mkdir, struct inode *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, inode_mkdir, struct inode *dir, struct dentry *dentry, umode_t mode) -LSM_HOOK(int, 0, inode_rmdir, struct inode *dir, struct dentry *dentry) -LSM_HOOK(int, 0, inode_mknod, struct inode *dir, struct dentry *dentry, +LSM_INT_HOOK(int, 0, inode_rmdir, struct inode *dir, struct dentry *dentry) +LSM_INT_HOOK(int, 0, inode_mknod, struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) -LSM_HOOK(int, 0, inode_rename, struct inode *old_dir, struct dentry *old_dentry, +LSM_INT_HOOK(int, 0, inode_rename, struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry) -LSM_HOOK(int, 0, inode_readlink, struct dentry *dentry) -LSM_HOOK(int, 0, inode_follow_link, struct dentry *dentry, struct inode *inode, +LSM_INT_HOOK(int, 0, inode_readlink, struct dentry *dentry) +LSM_INT_HOOK(int, 0, inode_follow_link, struct dentry *dentry, struct inode *inode, bool rcu) -LSM_HOOK(int, 0, inode_permission, struct inode *inode, int mask) -LSM_HOOK(int, 0, inode_setattr, struct dentry *dentry, struct iattr *attr) -LSM_HOOK(int, 0, inode_getattr, const struct path *path) -LSM_HOOK(int, 0, inode_setxattr, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, 0, inode_permission, struct inode *inode, int mask) +LSM_INT_HOOK(int, 0, inode_setattr, struct dentry *dentry, struct iattr *attr) +LSM_INT_HOOK(int, 0, inode_getattr, const struct path *path) +LSM_INT_HOOK(int, 0, inode_setxattr, struct mnt_idmap *idmap, struct dentry *dentry, const char *name, const void *value, size_t size, int flags) -LSM_HOOK(void, LSM_RET_VOID, inode_post_setxattr, struct dentry *dentry, +LSM_VOID_HOOK(void, LSM_RET_VOID, inode_post_setxattr, struct dentry *dentry, const char *name, const void *value, size_t size, int flags) -LSM_HOOK(int, 0, inode_getxattr, struct dentry *dentry, const char *name) -LSM_HOOK(int, 0, inode_listxattr, struct dentry *dentry) -LSM_HOOK(int, 0, inode_removexattr, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, 0, inode_getxattr, struct dentry *dentry, const char *name) +LSM_INT_HOOK(int, 0, inode_listxattr, struct dentry *dentry) +LSM_INT_HOOK(int, 0, inode_removexattr, struct mnt_idmap *idmap, struct dentry *dentry, const char *name) -LSM_HOOK(int, 0, inode_set_acl, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, 0, inode_set_acl, struct mnt_idmap *idmap, struct dentry *dentry, const char *acl_name, struct posix_acl *kacl) -LSM_HOOK(int, 0, inode_get_acl, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, 0, inode_get_acl, struct mnt_idmap *idmap, struct dentry *dentry, const char *acl_name) -LSM_HOOK(int, 0, inode_remove_acl, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, 0, inode_remove_acl, struct mnt_idmap *idmap, struct dentry *dentry, const char *acl_name) -LSM_HOOK(int, 0, inode_need_killpriv, struct dentry *dentry) -LSM_HOOK(int, 0, inode_killpriv, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, 0, inode_need_killpriv, struct dentry *dentry) +LSM_INT_HOOK(int, 0, inode_killpriv, struct mnt_idmap *idmap, struct dentry *dentry) -LSM_HOOK(int, -EOPNOTSUPP, inode_getsecurity, struct mnt_idmap *idmap, +LSM_INT_HOOK(int, -EOPNOTSUPP, inode_getsecurity, struct mnt_idmap *idmap, struct inode *inode, const char *name, void **buffer, bool alloc) -LSM_HOOK(int, -EOPNOTSUPP, inode_setsecurity, struct inode *inode, +LSM_INT_HOOK(int, -EOPNOTSUPP, inode_setsecurity, struct inode *inode, const char *name, const void *value, size_t size, int flags) -LSM_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer, +LSM_INT_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer, size_t buffer_size) -LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid) -LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new) -LSM_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, const char *name) -LSM_HOOK(int, 0, kernfs_init_security, struct kernfs_node *kn_dir, +LSM_VOID_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid) +LSM_INT_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new) +LSM_INT_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, const char *name) +LSM_INT_HOOK(int, 0, kernfs_init_security, struct kernfs_node *kn_dir, struct kernfs_node *kn) -LSM_HOOK(int, 0, file_permission, struct file *file, int mask) -LSM_HOOK(int, 0, file_alloc_security, struct file *file) -LSM_HOOK(void, LSM_RET_VOID, file_free_security, struct file *file) -LSM_HOOK(int, 0, file_ioctl, struct file *file, unsigned int cmd, +LSM_INT_HOOK(int, 0, file_permission, struct file *file, int mask) +LSM_INT_HOOK(int, 0, file_alloc_security, struct file *file) +LSM_VOID_HOOK(void, LSM_RET_VOID, file_free_security, struct file *file) +LSM_INT_HOOK(int, 0, file_ioctl, struct file *file, unsigned int cmd, unsigned long arg) -LSM_HOOK(int, 0, mmap_addr, unsigned long addr) -LSM_HOOK(int, 0, mmap_file, struct file *file, unsigned long reqprot, +LSM_INT_HOOK(int, 0, mmap_addr, unsigned long addr) +LSM_INT_HOOK(int, 0, mmap_file, struct file *file, unsigned long reqprot, unsigned long prot, unsigned long flags) -LSM_HOOK(int, 0, file_mprotect, struct vm_area_struct *vma, +LSM_INT_HOOK(int, 0, file_mprotect, struct vm_area_struct *vma, unsigned long reqprot, unsigned long prot) -LSM_HOOK(int, 0, file_lock, struct file *file, unsigned int cmd) -LSM_HOOK(int, 0, file_fcntl, struct file *file, unsigned int cmd, +LSM_INT_HOOK(int, 0, file_lock, struct file *file, unsigned int cmd) +LSM_INT_HOOK(int, 0, file_fcntl, struct file *file, unsigned int cmd, unsigned long arg) -LSM_HOOK(void, LSM_RET_VOID, file_set_fowner, struct file *file) -LSM_HOOK(int, 0, file_send_sigiotask, struct task_struct *tsk, +LSM_VOID_HOOK(void, LSM_RET_VOID, file_set_fowner, struct file *file) +LSM_INT_HOOK(int, 0, file_send_sigiotask, struct task_struct *tsk, struct fown_struct *fown, int sig) -LSM_HOOK(int, 0, file_receive, struct file *file) -LSM_HOOK(int, 0, file_open, struct file *file) -LSM_HOOK(int, 0, file_truncate, struct file *file) -LSM_HOOK(int, 0, task_alloc, struct task_struct *task, +LSM_INT_HOOK(int, 0, file_receive, struct file *file) +LSM_INT_HOOK(int, 0, file_open, struct file *file) +LSM_INT_HOOK(int, 0, file_truncate, struct file *file) +LSM_INT_HOOK(int, 0, task_alloc, struct task_struct *task, unsigned long clone_flags) -LSM_HOOK(void, LSM_RET_VOID, task_free, struct task_struct *task) -LSM_HOOK(int, 0, cred_alloc_blank, struct cred *cred, gfp_t gfp) -LSM_HOOK(void, LSM_RET_VOID, cred_free, struct cred *cred) -LSM_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old, +LSM_VOID_HOOK(void, LSM_RET_VOID, task_free, struct task_struct *task) +LSM_INT_HOOK(int, 0, cred_alloc_blank, struct cred *cred, gfp_t gfp) +LSM_VOID_HOOK(void, LSM_RET_VOID, cred_free, struct cred *cred) +LSM_INT_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old, gfp_t gfp) -LSM_HOOK(void, LSM_RET_VOID, cred_transfer, struct cred *new, +LSM_VOID_HOOK(void, LSM_RET_VOID, cred_transfer, struct cred *new, const struct cred *old) -LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid) -LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid) -LSM_HOOK(int, 0, kernel_create_files_as, struct cred *new, struct inode *inode) -LSM_HOOK(int, 0, kernel_module_request, char *kmod_name) -LSM_HOOK(int, 0, kernel_load_data, enum kernel_load_data_id id, bool contents) -LSM_HOOK(int, 0, kernel_post_load_data, char *buf, loff_t size, +LSM_VOID_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid) +LSM_INT_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid) +LSM_INT_HOOK(int, 0, kernel_create_files_as, struct cred *new, struct inode *inode) +LSM_INT_HOOK(int, 0, kernel_module_request, char *kmod_name) +LSM_INT_HOOK(int, 0, kernel_load_data, enum kernel_load_data_id id, bool contents) +LSM_INT_HOOK(int, 0, kernel_post_load_data, char *buf, loff_t size, enum kernel_load_data_id id, char *description) -LSM_HOOK(int, 0, kernel_read_file, struct file *file, +LSM_INT_HOOK(int, 0, kernel_read_file, struct file *file, enum kernel_read_file_id id, bool contents) -LSM_HOOK(int, 0, kernel_post_read_file, struct file *file, char *buf, +LSM_INT_HOOK(int, 0, kernel_post_read_file, struct file *file, char *buf, loff_t size, enum kernel_read_file_id id) -LSM_HOOK(int, 0, task_fix_setuid, struct cred *new, const struct cred *old, +LSM_INT_HOOK(int, 0, task_fix_setuid, struct cred *new, const struct cred *old, int flags) -LSM_HOOK(int, 0, task_fix_setgid, struct cred *new, const struct cred * old, +LSM_INT_HOOK(int, 0, task_fix_setgid, struct cred *new, const struct cred * old, int flags) -LSM_HOOK(int, 0, task_fix_setgroups, struct cred *new, const struct cred * old) -LSM_HOOK(int, 0, task_setpgid, struct task_struct *p, pid_t pgid) -LSM_HOOK(int, 0, task_getpgid, struct task_struct *p) -LSM_HOOK(int, 0, task_getsid, struct task_struct *p) -LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid) -LSM_HOOK(void, LSM_RET_VOID, task_getsecid_obj, +LSM_INT_HOOK(int, 0, task_fix_setgroups, struct cred *new, const struct cred * old) +LSM_INT_HOOK(int, 0, task_setpgid, struct task_struct *p, pid_t pgid) +LSM_INT_HOOK(int, 0, task_getpgid, struct task_struct *p) +LSM_INT_HOOK(int, 0, task_getsid, struct task_struct *p) +LSM_VOID_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid) +LSM_VOID_HOOK(void, LSM_RET_VOID, task_getsecid_obj, struct task_struct *p, u32 *secid) -LSM_HOOK(int, 0, task_setnice, struct task_struct *p, int nice) -LSM_HOOK(int, 0, task_setioprio, struct task_struct *p, int ioprio) -LSM_HOOK(int, 0, task_getioprio, struct task_struct *p) -LSM_HOOK(int, 0, task_prlimit, const struct cred *cred, +LSM_INT_HOOK(int, 0, task_setnice, struct task_struct *p, int nice) +LSM_INT_HOOK(int, 0, task_setioprio, struct task_struct *p, int ioprio) +LSM_INT_HOOK(int, 0, task_getioprio, struct task_struct *p) +LSM_INT_HOOK(int, 0, task_prlimit, const struct cred *cred, const struct cred *tcred, unsigned int flags) -LSM_HOOK(int, 0, task_setrlimit, struct task_struct *p, unsigned int resource, +LSM_INT_HOOK(int, 0, task_setrlimit, struct task_struct *p, unsigned int resource, struct rlimit *new_rlim) -LSM_HOOK(int, 0, task_setscheduler, struct task_struct *p) -LSM_HOOK(int, 0, task_getscheduler, struct task_struct *p) -LSM_HOOK(int, 0, task_movememory, struct task_struct *p) -LSM_HOOK(int, 0, task_kill, struct task_struct *p, struct kernel_siginfo *info, +LSM_INT_HOOK(int, 0, task_setscheduler, struct task_struct *p) +LSM_INT_HOOK(int, 0, task_getscheduler, struct task_struct *p) +LSM_INT_HOOK(int, 0, task_movememory, struct task_struct *p) +LSM_INT_HOOK(int, 0, task_kill, struct task_struct *p, struct kernel_siginfo *info, int sig, const struct cred *cred) -LSM_HOOK(int, -ENOSYS, task_prctl, int option, unsigned long arg2, +LSM_INT_HOOK(int, -ENOSYS, task_prctl, int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5) -LSM_HOOK(void, LSM_RET_VOID, task_to_inode, struct task_struct *p, +LSM_VOID_HOOK(void, LSM_RET_VOID, task_to_inode, struct task_struct *p, struct inode *inode) -LSM_HOOK(int, 0, userns_create, const struct cred *cred) -LSM_HOOK(int, 0, ipc_permission, struct kern_ipc_perm *ipcp, short flag) -LSM_HOOK(void, LSM_RET_VOID, ipc_getsecid, struct kern_ipc_perm *ipcp, +LSM_INT_HOOK(int, 0, userns_create, const struct cred *cred) +LSM_INT_HOOK(int, 0, ipc_permission, struct kern_ipc_perm *ipcp, short flag) +LSM_VOID_HOOK(void, LSM_RET_VOID, ipc_getsecid, struct kern_ipc_perm *ipcp, u32 *secid) -LSM_HOOK(int, 0, msg_msg_alloc_security, struct msg_msg *msg) -LSM_HOOK(void, LSM_RET_VOID, msg_msg_free_security, struct msg_msg *msg) -LSM_HOOK(int, 0, msg_queue_alloc_security, struct kern_ipc_perm *perm) -LSM_HOOK(void, LSM_RET_VOID, msg_queue_free_security, +LSM_INT_HOOK(int, 0, msg_msg_alloc_security, struct msg_msg *msg) +LSM_VOID_HOOK(void, LSM_RET_VOID, msg_msg_free_security, struct msg_msg *msg) +LSM_INT_HOOK(int, 0, msg_queue_alloc_security, struct kern_ipc_perm *perm) +LSM_VOID_HOOK(void, LSM_RET_VOID, msg_queue_free_security, struct kern_ipc_perm *perm) -LSM_HOOK(int, 0, msg_queue_associate, struct kern_ipc_perm *perm, int msqflg) -LSM_HOOK(int, 0, msg_queue_msgctl, struct kern_ipc_perm *perm, int cmd) -LSM_HOOK(int, 0, msg_queue_msgsnd, struct kern_ipc_perm *perm, +LSM_INT_HOOK(int, 0, msg_queue_associate, struct kern_ipc_perm *perm, int msqflg) +LSM_INT_HOOK(int, 0, msg_queue_msgctl, struct kern_ipc_perm *perm, int cmd) +LSM_INT_HOOK(int, 0, msg_queue_msgsnd, struct kern_ipc_perm *perm, struct msg_msg *msg, int msqflg) -LSM_HOOK(int, 0, msg_queue_msgrcv, struct kern_ipc_perm *perm, +LSM_INT_HOOK(int, 0, msg_queue_msgrcv, struct kern_ipc_perm *perm, struct msg_msg *msg, struct task_struct *target, long type, int mode) -LSM_HOOK(int, 0, shm_alloc_security, struct kern_ipc_perm *perm) -LSM_HOOK(void, LSM_RET_VOID, shm_free_security, struct kern_ipc_perm *perm) -LSM_HOOK(int, 0, shm_associate, struct kern_ipc_perm *perm, int shmflg) -LSM_HOOK(int, 0, shm_shmctl, struct kern_ipc_perm *perm, int cmd) -LSM_HOOK(int, 0, shm_shmat, struct kern_ipc_perm *perm, char __user *shmaddr, +LSM_INT_HOOK(int, 0, shm_alloc_security, struct kern_ipc_perm *perm) +LSM_VOID_HOOK(void, LSM_RET_VOID, shm_free_security, struct kern_ipc_perm *perm) +LSM_INT_HOOK(int, 0, shm_associate, struct kern_ipc_perm *perm, int shmflg) +LSM_INT_HOOK(int, 0, shm_shmctl, struct kern_ipc_perm *perm, int cmd) +LSM_INT_HOOK(int, 0, shm_shmat, struct kern_ipc_perm *perm, char __user *shmaddr, int shmflg) -LSM_HOOK(int, 0, sem_alloc_security, struct kern_ipc_perm *perm) -LSM_HOOK(void, LSM_RET_VOID, sem_free_security, struct kern_ipc_perm *perm) -LSM_HOOK(int, 0, sem_associate, struct kern_ipc_perm *perm, int semflg) -LSM_HOOK(int, 0, sem_semctl, struct kern_ipc_perm *perm, int cmd) -LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, +LSM_INT_HOOK(int, 0, sem_alloc_security, struct kern_ipc_perm *perm) +LSM_VOID_HOOK(void, LSM_RET_VOID, sem_free_security, struct kern_ipc_perm *perm) +LSM_INT_HOOK(int, 0, sem_associate, struct kern_ipc_perm *perm, int semflg) +LSM_INT_HOOK(int, 0, sem_semctl, struct kern_ipc_perm *perm, int cmd) +LSM_INT_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, unsigned nsops, int alter) -LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) -LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, +LSM_INT_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) +LSM_VOID_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) -LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, +LSM_INT_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, struct lsm_ctx __user *ctx, size_t *size, u32 flags) -LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, +LSM_INT_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, struct lsm_ctx *ctx, size_t size, u32 flags) -LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, +LSM_INT_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) -LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) -LSM_HOOK(int, 0, ismaclabel, const char *name) -LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata, +LSM_INT_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) +LSM_INT_HOOK(int, 0, ismaclabel, const char *name) +LSM_INT_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata, u32 *seclen) -LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) -LSM_HOOK(void, LSM_RET_VOID, release_secctx, char *secdata, u32 seclen) -LSM_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) -LSM_HOOK(int, 0, inode_notifysecctx, struct inode *inode, void *ctx, u32 ctxlen) -LSM_HOOK(int, 0, inode_setsecctx, struct dentry *dentry, void *ctx, u32 ctxlen) -LSM_HOOK(int, 0, inode_getsecctx, struct inode *inode, void **ctx, +LSM_INT_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) +LSM_VOID_HOOK(void, LSM_RET_VOID, release_secctx, char *secdata, u32 seclen) +LSM_VOID_HOOK(void, LSM_RET_VOID, inode_invalidate_secctx, struct inode *inode) +LSM_INT_HOOK(int, 0, inode_notifysecctx, struct inode *inode, void *ctx, u32 ctxlen) +LSM_INT_HOOK(int, 0, inode_setsecctx, struct dentry *dentry, void *ctx, u32 ctxlen) +LSM_INT_HOOK(int, 0, inode_getsecctx, struct inode *inode, void **ctx, u32 *ctxlen) #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) -LSM_HOOK(int, 0, post_notification, const struct cred *w_cred, +LSM_INT_HOOK(int, 0, post_notification, const struct cred *w_cred, const struct cred *cred, struct watch_notification *n) #endif /* CONFIG_SECURITY && CONFIG_WATCH_QUEUE */ #if defined(CONFIG_SECURITY) && defined(CONFIG_KEY_NOTIFICATIONS) -LSM_HOOK(int, 0, watch_key, struct key *key) +LSM_INT_HOOK(int, 0, watch_key, struct key *key) #endif /* CONFIG_SECURITY && CONFIG_KEY_NOTIFICATIONS */ #ifdef CONFIG_SECURITY_NETWORK -LSM_HOOK(int, 0, unix_stream_connect, struct sock *sock, struct sock *other, +LSM_INT_HOOK(int, 0, unix_stream_connect, struct sock *sock, struct sock *other, struct sock *newsk) -LSM_HOOK(int, 0, unix_may_send, struct socket *sock, struct socket *other) -LSM_HOOK(int, 0, socket_create, int family, int type, int protocol, int kern) -LSM_HOOK(int, 0, socket_post_create, struct socket *sock, int family, int type, +LSM_INT_HOOK(int, 0, unix_may_send, struct socket *sock, struct socket *other) +LSM_INT_HOOK(int, 0, socket_create, int family, int type, int protocol, int kern) +LSM_INT_HOOK(int, 0, socket_post_create, struct socket *sock, int family, int type, int protocol, int kern) -LSM_HOOK(int, 0, socket_socketpair, struct socket *socka, struct socket *sockb) -LSM_HOOK(int, 0, socket_bind, struct socket *sock, struct sockaddr *address, +LSM_INT_HOOK(int, 0, socket_socketpair, struct socket *socka, struct socket *sockb) +LSM_INT_HOOK(int, 0, socket_bind, struct socket *sock, struct sockaddr *address, int addrlen) -LSM_HOOK(int, 0, socket_connect, struct socket *sock, struct sockaddr *address, +LSM_INT_HOOK(int, 0, socket_connect, struct socket *sock, struct sockaddr *address, int addrlen) -LSM_HOOK(int, 0, socket_listen, struct socket *sock, int backlog) -LSM_HOOK(int, 0, socket_accept, struct socket *sock, struct socket *newsock) -LSM_HOOK(int, 0, socket_sendmsg, struct socket *sock, struct msghdr *msg, +LSM_INT_HOOK(int, 0, socket_listen, struct socket *sock, int backlog) +LSM_INT_HOOK(int, 0, socket_accept, struct socket *sock, struct socket *newsock) +LSM_INT_HOOK(int, 0, socket_sendmsg, struct socket *sock, struct msghdr *msg, int size) -LSM_HOOK(int, 0, socket_recvmsg, struct socket *sock, struct msghdr *msg, +LSM_INT_HOOK(int, 0, socket_recvmsg, struct socket *sock, struct msghdr *msg, int size, int flags) -LSM_HOOK(int, 0, socket_getsockname, struct socket *sock) -LSM_HOOK(int, 0, socket_getpeername, struct socket *sock) -LSM_HOOK(int, 0, socket_getsockopt, struct socket *sock, int level, int optname) -LSM_HOOK(int, 0, socket_setsockopt, struct socket *sock, int level, int optname) -LSM_HOOK(int, 0, socket_shutdown, struct socket *sock, int how) -LSM_HOOK(int, 0, socket_sock_rcv_skb, struct sock *sk, struct sk_buff *skb) -LSM_HOOK(int, 0, socket_getpeersec_stream, struct socket *sock, +LSM_INT_HOOK(int, 0, socket_getsockname, struct socket *sock) +LSM_INT_HOOK(int, 0, socket_getpeername, struct socket *sock) +LSM_INT_HOOK(int, 0, socket_getsockopt, struct socket *sock, int level, int optname) +LSM_INT_HOOK(int, 0, socket_setsockopt, struct socket *sock, int level, int optname) +LSM_INT_HOOK(int, 0, socket_shutdown, struct socket *sock, int how) +LSM_INT_HOOK(int, 0, socket_sock_rcv_skb, struct sock *sk, struct sk_buff *skb) +LSM_INT_HOOK(int, 0, socket_getpeersec_stream, struct socket *sock, sockptr_t optval, sockptr_t optlen, unsigned int len) -LSM_HOOK(int, 0, socket_getpeersec_dgram, struct socket *sock, +LSM_INT_HOOK(int, 0, socket_getpeersec_dgram, struct socket *sock, struct sk_buff *skb, u32 *secid) -LSM_HOOK(int, 0, sk_alloc_security, struct sock *sk, int family, gfp_t priority) -LSM_HOOK(void, LSM_RET_VOID, sk_free_security, struct sock *sk) -LSM_HOOK(void, LSM_RET_VOID, sk_clone_security, const struct sock *sk, +LSM_INT_HOOK(int, 0, sk_alloc_security, struct sock *sk, int family, gfp_t priority) +LSM_VOID_HOOK(void, LSM_RET_VOID, sk_free_security, struct sock *sk) +LSM_VOID_HOOK(void, LSM_RET_VOID, sk_clone_security, const struct sock *sk, struct sock *newsk) -LSM_HOOK(void, LSM_RET_VOID, sk_getsecid, const struct sock *sk, u32 *secid) -LSM_HOOK(void, LSM_RET_VOID, sock_graft, struct sock *sk, struct socket *parent) -LSM_HOOK(int, 0, inet_conn_request, const struct sock *sk, struct sk_buff *skb, +LSM_VOID_HOOK(void, LSM_RET_VOID, sk_getsecid, const struct sock *sk, u32 *secid) +LSM_VOID_HOOK(void, LSM_RET_VOID, sock_graft, struct sock *sk, struct socket *parent) +LSM_INT_HOOK(int, 0, inet_conn_request, const struct sock *sk, struct sk_buff *skb, struct request_sock *req) -LSM_HOOK(void, LSM_RET_VOID, inet_csk_clone, struct sock *newsk, +LSM_VOID_HOOK(void, LSM_RET_VOID, inet_csk_clone, struct sock *newsk, const struct request_sock *req) -LSM_HOOK(void, LSM_RET_VOID, inet_conn_established, struct sock *sk, +LSM_VOID_HOOK(void, LSM_RET_VOID, inet_conn_established, struct sock *sk, struct sk_buff *skb) -LSM_HOOK(int, 0, secmark_relabel_packet, u32 secid) -LSM_HOOK(void, LSM_RET_VOID, secmark_refcount_inc, void) -LSM_HOOK(void, LSM_RET_VOID, secmark_refcount_dec, void) -LSM_HOOK(void, LSM_RET_VOID, req_classify_flow, const struct request_sock *req, +LSM_INT_HOOK(int, 0, secmark_relabel_packet, u32 secid) +LSM_VOID_HOOK(void, LSM_RET_VOID, secmark_refcount_inc, void) +LSM_VOID_HOOK(void, LSM_RET_VOID, secmark_refcount_dec, void) +LSM_VOID_HOOK(void, LSM_RET_VOID, req_classify_flow, const struct request_sock *req, struct flowi_common *flic) -LSM_HOOK(int, 0, tun_dev_alloc_security, void **security) -LSM_HOOK(void, LSM_RET_VOID, tun_dev_free_security, void *security) -LSM_HOOK(int, 0, tun_dev_create, void) -LSM_HOOK(int, 0, tun_dev_attach_queue, void *security) -LSM_HOOK(int, 0, tun_dev_attach, struct sock *sk, void *security) -LSM_HOOK(int, 0, tun_dev_open, void *security) -LSM_HOOK(int, 0, sctp_assoc_request, struct sctp_association *asoc, +LSM_INT_HOOK(int, 0, tun_dev_alloc_security, void **security) +LSM_VOID_HOOK(void, LSM_RET_VOID, tun_dev_free_security, void *security) +LSM_INT_HOOK(int, 0, tun_dev_create, void) +LSM_INT_HOOK(int, 0, tun_dev_attach_queue, void *security) +LSM_INT_HOOK(int, 0, tun_dev_attach, struct sock *sk, void *security) +LSM_INT_HOOK(int, 0, tun_dev_open, void *security) +LSM_INT_HOOK(int, 0, sctp_assoc_request, struct sctp_association *asoc, struct sk_buff *skb) -LSM_HOOK(int, 0, sctp_bind_connect, struct sock *sk, int optname, +LSM_INT_HOOK(int, 0, sctp_bind_connect, struct sock *sk, int optname, struct sockaddr *address, int addrlen) -LSM_HOOK(void, LSM_RET_VOID, sctp_sk_clone, struct sctp_association *asoc, +LSM_VOID_HOOK(void, LSM_RET_VOID, sctp_sk_clone, struct sctp_association *asoc, struct sock *sk, struct sock *newsk) -LSM_HOOK(int, 0, sctp_assoc_established, struct sctp_association *asoc, +LSM_INT_HOOK(int, 0, sctp_assoc_established, struct sctp_association *asoc, struct sk_buff *skb) -LSM_HOOK(int, 0, mptcp_add_subflow, struct sock *sk, struct sock *ssk) +LSM_INT_HOOK(int, 0, mptcp_add_subflow, struct sock *sk, struct sock *ssk) #endif /* CONFIG_SECURITY_NETWORK */ #ifdef CONFIG_SECURITY_INFINIBAND -LSM_HOOK(int, 0, ib_pkey_access, void *sec, u64 subnet_prefix, u16 pkey) -LSM_HOOK(int, 0, ib_endport_manage_subnet, void *sec, const char *dev_name, +LSM_INT_HOOK(int, 0, ib_pkey_access, void *sec, u64 subnet_prefix, u16 pkey) +LSM_INT_HOOK(int, 0, ib_endport_manage_subnet, void *sec, const char *dev_name, u8 port_num) -LSM_HOOK(int, 0, ib_alloc_security, void **sec) -LSM_HOOK(void, LSM_RET_VOID, ib_free_security, void *sec) +LSM_INT_HOOK(int, 0, ib_alloc_security, void **sec) +LSM_VOID_HOOK(void, LSM_RET_VOID, ib_free_security, void *sec) #endif /* CONFIG_SECURITY_INFINIBAND */ #ifdef CONFIG_SECURITY_NETWORK_XFRM -LSM_HOOK(int, 0, xfrm_policy_alloc_security, struct xfrm_sec_ctx **ctxp, +LSM_INT_HOOK(int, 0, xfrm_policy_alloc_security, struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx, gfp_t gfp) -LSM_HOOK(int, 0, xfrm_policy_clone_security, struct xfrm_sec_ctx *old_ctx, +LSM_INT_HOOK(int, 0, xfrm_policy_clone_security, struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx) -LSM_HOOK(void, LSM_RET_VOID, xfrm_policy_free_security, +LSM_VOID_HOOK(void, LSM_RET_VOID, xfrm_policy_free_security, struct xfrm_sec_ctx *ctx) -LSM_HOOK(int, 0, xfrm_policy_delete_security, struct xfrm_sec_ctx *ctx) -LSM_HOOK(int, 0, xfrm_state_alloc, struct xfrm_state *x, +LSM_INT_HOOK(int, 0, xfrm_policy_delete_security, struct xfrm_sec_ctx *ctx) +LSM_INT_HOOK(int, 0, xfrm_state_alloc, struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) -LSM_HOOK(int, 0, xfrm_state_alloc_acquire, struct xfrm_state *x, +LSM_INT_HOOK(int, 0, xfrm_state_alloc_acquire, struct xfrm_state *x, struct xfrm_sec_ctx *polsec, u32 secid) -LSM_HOOK(void, LSM_RET_VOID, xfrm_state_free_security, struct xfrm_state *x) -LSM_HOOK(int, 0, xfrm_state_delete_security, struct xfrm_state *x) -LSM_HOOK(int, 0, xfrm_policy_lookup, struct xfrm_sec_ctx *ctx, u32 fl_secid) -LSM_HOOK(int, 1, xfrm_state_pol_flow_match, struct xfrm_state *x, +LSM_VOID_HOOK(void, LSM_RET_VOID, xfrm_state_free_security, struct xfrm_state *x) +LSM_INT_HOOK(int, 0, xfrm_state_delete_security, struct xfrm_state *x) +LSM_INT_HOOK(int, 0, xfrm_policy_lookup, struct xfrm_sec_ctx *ctx, u32 fl_secid) +LSM_INT_HOOK(int, 1, xfrm_state_pol_flow_match, struct xfrm_state *x, struct xfrm_policy *xp, const struct flowi_common *flic) -LSM_HOOK(int, 0, xfrm_decode_session, struct sk_buff *skb, u32 *secid, +LSM_INT_HOOK(int, 0, xfrm_decode_session, struct sk_buff *skb, u32 *secid, int ckall) #endif /* CONFIG_SECURITY_NETWORK_XFRM */ /* key management security hooks */ #ifdef CONFIG_KEYS -LSM_HOOK(int, 0, key_alloc, struct key *key, const struct cred *cred, +LSM_INT_HOOK(int, 0, key_alloc, struct key *key, const struct cred *cred, unsigned long flags) -LSM_HOOK(void, LSM_RET_VOID, key_free, struct key *key) -LSM_HOOK(int, 0, key_permission, key_ref_t key_ref, const struct cred *cred, +LSM_VOID_HOOK(void, LSM_RET_VOID, key_free, struct key *key) +LSM_INT_HOOK(int, 0, key_permission, key_ref_t key_ref, const struct cred *cred, enum key_need_perm need_perm) -LSM_HOOK(int, 0, key_getsecurity, struct key *key, char **buffer) +LSM_INT_HOOK(int, 0, key_getsecurity, struct key *key, char **buffer) #endif /* CONFIG_KEYS */ #ifdef CONFIG_AUDIT -LSM_HOOK(int, 0, audit_rule_init, u32 field, u32 op, char *rulestr, +LSM_INT_HOOK(int, 0, audit_rule_init, u32 field, u32 op, char *rulestr, void **lsmrule) -LSM_HOOK(int, 0, audit_rule_known, struct audit_krule *krule) -LSM_HOOK(int, 0, audit_rule_match, u32 secid, u32 field, u32 op, void *lsmrule) -LSM_HOOK(void, LSM_RET_VOID, audit_rule_free, void *lsmrule) +LSM_INT_HOOK(int, 0, audit_rule_known, struct audit_krule *krule) +LSM_INT_HOOK(int, 0, audit_rule_match, u32 secid, u32 field, u32 op, void *lsmrule) +LSM_VOID_HOOK(void, LSM_RET_VOID, audit_rule_free, void *lsmrule) #endif /* CONFIG_AUDIT */ #ifdef CONFIG_BPF_SYSCALL -LSM_HOOK(int, 0, bpf, int cmd, union bpf_attr *attr, unsigned int size) -LSM_HOOK(int, 0, bpf_map, struct bpf_map *map, fmode_t fmode) -LSM_HOOK(int, 0, bpf_prog, struct bpf_prog *prog) -LSM_HOOK(int, 0, bpf_map_alloc_security, struct bpf_map *map) -LSM_HOOK(void, LSM_RET_VOID, bpf_map_free_security, struct bpf_map *map) -LSM_HOOK(int, 0, bpf_prog_alloc_security, struct bpf_prog_aux *aux) -LSM_HOOK(void, LSM_RET_VOID, bpf_prog_free_security, struct bpf_prog_aux *aux) +LSM_INT_HOOK(int, 0, bpf, int cmd, union bpf_attr *attr, unsigned int size) +LSM_INT_HOOK(int, 0, bpf_map, struct bpf_map *map, fmode_t fmode) +LSM_INT_HOOK(int, 0, bpf_prog, struct bpf_prog *prog) +LSM_INT_HOOK(int, 0, bpf_map_alloc_security, struct bpf_map *map) +LSM_VOID_HOOK(void, LSM_RET_VOID, bpf_map_free_security, struct bpf_map *map) +LSM_INT_HOOK(int, 0, bpf_prog_alloc_security, struct bpf_prog_aux *aux) +LSM_VOID_HOOK(void, LSM_RET_VOID, bpf_prog_free_security, struct bpf_prog_aux *aux) #endif /* CONFIG_BPF_SYSCALL */ -LSM_HOOK(int, 0, locked_down, enum lockdown_reason what) +LSM_INT_HOOK(int, 0, locked_down, enum lockdown_reason what) #ifdef CONFIG_PERF_EVENTS -LSM_HOOK(int, 0, perf_event_open, struct perf_event_attr *attr, int type) -LSM_HOOK(int, 0, perf_event_alloc, struct perf_event *event) -LSM_HOOK(void, LSM_RET_VOID, perf_event_free, struct perf_event *event) -LSM_HOOK(int, 0, perf_event_read, struct perf_event *event) -LSM_HOOK(int, 0, perf_event_write, struct perf_event *event) +LSM_INT_HOOK(int, 0, perf_event_open, struct perf_event_attr *attr, int type) +LSM_INT_HOOK(int, 0, perf_event_alloc, struct perf_event *event) +LSM_VOID_HOOK(void, LSM_RET_VOID, perf_event_free, struct perf_event *event) +LSM_INT_HOOK(int, 0, perf_event_read, struct perf_event *event) +LSM_INT_HOOK(int, 0, perf_event_write, struct perf_event *event) #endif /* CONFIG_PERF_EVENTS */ #ifdef CONFIG_IO_URING -LSM_HOOK(int, 0, uring_override_creds, const struct cred *new) -LSM_HOOK(int, 0, uring_sqpoll, void) -LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd) +LSM_INT_HOOK(int, 0, uring_override_creds, const struct cred *new) +LSM_INT_HOOK(int, 0, uring_sqpoll, void) +LSM_INT_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd) #endif /* CONFIG_IO_URING */ +#undef LSM_INT_HOOK +#undef LSM_VOID_HOOK #undef LSM_HOOK From patchwork Sat Nov 11 10:11:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 13453015 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EDA9D11731 for ; Sat, 11 Nov 2023 10:11:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=none Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ECC6B385B for ; Sat, 11 Nov 2023 02:11:39 -0800 (PST) Received: from fsav115.sakura.ne.jp (fsav115.sakura.ne.jp [27.133.134.242]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 3ABABcet036629; Sat, 11 Nov 2023 19:11:38 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav115.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav115.sakura.ne.jp); Sat, 11 Nov 2023 19:11:38 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav115.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 3ABA7mvb035781 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Sat, 11 Nov 2023 19:11:38 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: <39f27c5d-2c41-4f7b-a6e9-740a6af4b364@I-love.SAKURA.ne.jp> Date: Sat, 11 Nov 2023 19:11:38 +0900 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH 4/5] LSM: Add a LSM module which handles dynamically appendable LSM hooks. Content-Language: en-US From: Tetsuo Handa To: linux-security-module , bpf , KP Singh Cc: Paul Moore , Kees Cook , Casey Schaufler , song@kernel.org, Daniel Borkmann , Alexei Starovoitov , renauld@google.com, Paolo Abeni References: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> In-Reply-To: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> TOMOYO security module will use this functionality. By the way, I was surprised to see /proc/kallsyms containing many hundreds of symbols due to assigning "number of LSM hooks" * "number of built-in LSMs" for static call slots. Since the motivation of converting from linked list to static calls was that indirect function calls are slow, I expect that overhead of testing whether the list is empty is negligible. Should this LSM module occupy one set of static call slots (so that list_for_each_entry() is called only when this LSM module is enabled) ? If the overhead of testing list_for_each_entry() on an empty list is negligible, this module does not need to occupy one set of static call slots? I don't have a native hardware that is suitable for performance measurement... Also, since LSM hook assignment is handled by a macro, we could somehow let the hook assignment macro define one static call slot and call the next LSM hook (i.e. move static_call() from security/security.c to individual LSM modules). Then, loop unrolling won't be needed, and total number of symbols reserved for static calls will be reduced to "number of LSM hooks" + "sum of all LSM callbacks which are built-into vmlinux". Side effect of such approach is that kernel stack usage increases due to nested static calls. But since nest level of static calls is very small, kernel stack usage won't become a real problem... Signed-off-by: Tetsuo Handa --- include/linux/lsm_count.h | 2 +- include/linux/lsm_hooks.h | 16 ++++++ include/uapi/linux/lsm.h | 1 + security/Makefile | 2 +- security/mod_lsm.c | 100 ++++++++++++++++++++++++++++++++++++++ security/security.c | 2 +- 6 files changed, 120 insertions(+), 3 deletions(-) create mode 100644 security/mod_lsm.c diff --git a/include/linux/lsm_count.h b/include/linux/lsm_count.h index dbb3c8573959..de8db3c77169 100644 --- a/include/linux/lsm_count.h +++ b/include/linux/lsm_count.h @@ -19,7 +19,7 @@ * Capabilities is enabled when CONFIG_SECURITY is enabled. */ #if IS_ENABLED(CONFIG_SECURITY) -#define CAPABILITIES_ENABLED 1, +#define CAPABILITIES_ENABLED 1, 1, #else #define CAPABILITIES_ENABLED #endif diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 135b3f58f8d2..669ee9406a62 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -215,4 +215,20 @@ extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; extern int lsm_inode_alloc(struct inode *inode); extern struct lsm_static_calls_table static_calls_table __ro_after_init; +/* Definition of all modular callbacks. */ +struct security_hook_mappings { +#define LSM_HOOK(RET, DEFAULT, NAME, ...) \ + struct static_call_key *key_##NAME; \ + RET (*NAME)(__VA_ARGS__); +#include +} /* __randomize_layout is useless here, for this is a "const __initdata" struct. */; + +/* Type of individual modular callback. */ +struct security_hook_list2 { + struct list_head list; + union security_list_options hook; +} __randomize_layout; + +extern int mod_lsm_add_hooks(const struct security_hook_mappings *maps); + #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index f0386880a78e..d458b9a123d1 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -61,6 +61,7 @@ struct lsm_ctx { #define LSM_ID_LOCKDOWN 108 #define LSM_ID_BPF 109 #define LSM_ID_LANDLOCK 110 +#define LSM_ID_MOD_LSM 111 /* * LSM_ATTR_XXX definitions identify different LSM attributes diff --git a/security/Makefile b/security/Makefile index 59f238490665..250b7ba23502 100644 --- a/security/Makefile +++ b/security/Makefile @@ -11,7 +11,7 @@ obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists -obj-$(CONFIG_SECURITY) += security.o +obj-$(CONFIG_SECURITY) += security.o mod_lsm.o obj-$(CONFIG_SECURITYFS) += inode.o obj-$(CONFIG_SECURITY_SELINUX) += selinux/ obj-$(CONFIG_SECURITY_SMACK) += smack/ diff --git a/security/mod_lsm.c b/security/mod_lsm.c new file mode 100644 index 000000000000..f148323b724b --- /dev/null +++ b/security/mod_lsm.c @@ -0,0 +1,100 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +#include + +/* List of registered modular callbacks. */ +static struct { +#define LSM_HOOK(RET, DEFAULT, NAME, ...) struct list_head NAME; +#include +} mod_lsm_dynamic_hooks; + +/* Get LSM_CALL_ARGS_xxx definitions. */ +#include +/* A built-in callback for calling modular "int" callbacks. */ +#define LSM_INT_HOOK(RET, DEFAULT, NAME, ...) \ + static RET mod_lsm_##NAME(__VA_ARGS__) { \ + int RC = DEFAULT; \ + struct security_hook_list2 *P; \ + \ + pr_info_once("Called %s\n", __func__); \ + list_for_each_entry(P, &mod_lsm_dynamic_hooks.NAME, list) { \ + RC = P->hook.NAME(LSM_CALL_ARGS_##NAME); \ + if (RC != 0) \ + break; \ + } \ + return RC; \ + } +/* A built-in callback for calling modular "void" callbacks. */ +#define LSM_VOID_HOOK(RET, DEFAULT, NAME, ...) \ + static RET mod_lsm_##NAME(__VA_ARGS__) { \ + struct security_hook_list2 *P; \ + \ + pr_info_once("Called %s\n", __func__); \ + list_for_each_entry(P, &mod_lsm_dynamic_hooks.NAME, list) { \ + P->hook.NAME(LSM_CALL_ARGS_##NAME); \ + } \ + } +/* Generate all built-in callbacks here. */ +#include + +/* Initialize all built-in callbacks here. */ +#define LSM_HOOK(RET, DEFAULT, NAME, ...) LSM_HOOK_INIT(NAME, mod_lsm_##NAME), +static struct security_hook_list mod_lsm_builtin_hooks[] __ro_after_init = { +#include +}; + +static int mod_lsm_enabled __ro_after_init = 1; +static struct lsm_blob_sizes mod_lsm_blob_sizes __ro_after_init = { }; +static const struct lsm_id mod_lsm_lsmid = { + .name = "mod_lsm", + .id = LSM_ID_MOD_LSM, +}; + +static int __init mod_lsm_init(void) +{ + /* Initialize modular callbacks list. */ +#define LSM_HOOK(RET, DEFAULT, NAME, ...) INIT_LIST_HEAD(&mod_lsm_dynamic_hooks.NAME); +#include + /* Register built-in callbacks. */ + security_add_hooks(mod_lsm_builtin_hooks, ARRAY_SIZE(mod_lsm_builtin_hooks), &mod_lsm_lsmid); + return 0; +} + +DEFINE_LSM(mod_lsm) = { + .name = "mod_lsm", + .enabled = &mod_lsm_enabled, + .flags = 0, + .blobs = &mod_lsm_blob_sizes, + .init = mod_lsm_init, +}; + +/* The only exported function for registering modular callbacks. */ +int mod_lsm_add_hooks(const struct security_hook_mappings *maps) +{ + struct security_hook_list2 *entry; + int count = 0; + + if (!mod_lsm_enabled) { + pr_info_once("Loadable LSM support is not enabled.\n"); + return -EOPNOTSUPP; + } + + /* Count how meny callbacks are implemented. */ +#define LSM_HOOK(RET, DEFAULT, NAME, ...) do { if (maps->NAME) count++; } while (0); +#include + if (!count) + return -EINVAL; + /* Allocate memory for registering implemented callbacks. */ + entry = kmalloc_array(count, sizeof(struct security_hook_list2), GFP_KERNEL); + if (!entry) + return -ENOMEM; + /* Registering imdividual callbacks. */ + count = 0; +#define LSM_HOOK(RET, DEFAULT, NAME, ...) do { if (maps->NAME) { \ + entry[count].hook.NAME = maps->NAME; \ + list_add_tail(&entry[count].list, &mod_lsm_dynamic_hooks.NAME); \ + count++; \ + } } while (0); +#include + return 0; +} +EXPORT_SYMBOL_GPL(mod_lsm_add_hooks); diff --git a/security/security.c b/security/security.c index 986aa5e6e29d..a34530fa042a 100644 --- a/security/security.c +++ b/security/security.c @@ -42,7 +42,7 @@ * The capability module is accounted for by CONFIG_SECURITY */ #define LSM_CONFIG_COUNT ( \ - (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY) ? 2 : 0) + \ (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ From patchwork Sat Nov 11 10:12:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 13453021 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 227E6125B6 for ; Sat, 11 Nov 2023 10:12:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=none Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D16C03862 for ; Sat, 11 Nov 2023 02:12:28 -0800 (PST) Received: from fsav312.sakura.ne.jp (fsav312.sakura.ne.jp [153.120.85.143]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 3ABACRBR036798; Sat, 11 Nov 2023 19:12:27 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav312.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav312.sakura.ne.jp); Sat, 11 Nov 2023 19:12:27 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav312.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 3ABA7mvc035781 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Sat, 11 Nov 2023 19:12:26 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: <360548d7-25b5-43e8-9d6d-d6afd31a1f49@I-love.SAKURA.ne.jp> Date: Sat, 11 Nov 2023 19:12:26 +0900 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH 5/5] LSM: A sample of dynamically appendable LSM module. Content-Language: en-US From: Tetsuo Handa To: linux-security-module , bpf , KP Singh Cc: Paul Moore , Kees Cook , Casey Schaufler , song@kernel.org, Daniel Borkmann , Alexei Starovoitov , renauld@google.com, Paolo Abeni References: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> In-Reply-To: <38b318a5-0a16-4cc2-878e-4efa632236f3@I-love.SAKURA.ne.jp> This patch demonstrates how to use PATCH 4/5. This patch is not for merge. By the way, should mod_lsm_dynamic_hooks be directly exported to LKM-based LSMs rather than exporting mod_lsm_add_hooks() to LKM-based LSMs, so that LKM-based LSMs can check whether hooks which need special considerations (e.g. security_secid_to_secctx() and security_xfrm_state_pol_flow_match()) are in-use and decide what to do? Signed-off-by: Tetsuo Handa --- demo/Makefile | 1 + demo/demo.c | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 demo/Makefile create mode 100644 demo/demo.c diff --git a/demo/Makefile b/demo/Makefile new file mode 100644 index 000000000000..9b2ef5f08392 --- /dev/null +++ b/demo/Makefile @@ -0,0 +1 @@ +obj-m = demo.o diff --git a/demo/demo.c b/demo/demo.c new file mode 100644 index 000000000000..6f6f603b8cd7 --- /dev/null +++ b/demo/demo.c @@ -0,0 +1,25 @@ +#include +#include + +#define LSM_INT_HOOK(RET, DEFAULT, NAME, ...) \ + static RET test_##NAME(__VA_ARGS__) { \ + pr_info_once("Called %s\n", __func__); \ + return DEFAULT; \ + } +#define LSM_VOID_HOOK(RET, DEFAULT, NAME, ...) \ + static RET test_##NAME(__VA_ARGS__) { \ + pr_info_once("Called %s\n", __func__); \ + } +#include + +static const struct security_hook_mappings test_callbacks __initconst = { +#define LSM_HOOK(RET, DEFAULT, NAME, ...) .NAME = test_##NAME, +#include +}; + +static int __init test_init(void) +{ + return mod_lsm_add_hooks(&test_callbacks); +} +module_init(test_init); +MODULE_LICENSE("GPL");