| Message ID | 20230421174259.2458-9-casey@schaufler-ca.com (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | LSM: Three basic syscalls | expand |
On Fri, Apr 21, 2023 at 10:42:56AM -0700, Casey Schaufler wrote: > Implement Smack support for security_[gs]etselfattr. > Refactor the setprocattr hook to avoid code duplication. > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > --- > security/smack/smack_lsm.c | 105 +++++++++++++++++++++++++++++++++++-- > 1 file changed, 100 insertions(+), 5 deletions(-) > > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index 3cf862fcbe08..902b39c187bf 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -3552,6 +3552,41 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) > return; > } > > +/** > + * smack_getselfattr - Smack current process attribute > + * @attr: which attribute to fetch > + * @ctx: buffer to receive the result > + * @size: available size in, actual size out > + * @flags: unused > + * > + * Fill the passed user space @ctx with the details of the requested > + * attribute. > + * > + * Returns 1, the number of attributes, on success, an error code otherwise. > + */ > +static int smack_getselfattr(unsigned int __user attr, > + struct lsm_ctx __user *ctx, size_t *size, > + u32 __user flags) > +{ > + struct smack_known *skp = smk_of_current(); > + int total; > + int slen; > + int rc = 1; > + > + if (attr != LSM_ATTR_CURRENT) > + return -EOPNOTSUPP; > + > + slen = strlen(skp->smk_known) + 1; > + total = ALIGN(slen + sizeof(*ctx), 8); > + if (total > *size) > + rc = -E2BIG; > + else > + lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, 0); > + > + *size = total; > + return rc; > +} > + > /** > * smack_getprocattr - Smack process attribute access > * @p: the object task > @@ -3581,8 +3616,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val > } > > /** > - * smack_setprocattr - Smack process attribute setting > - * @name: the name of the attribute in /proc/.../attr > + * do_setattr - Smack process attribute setting > + * @attr: the ID of the attribute > * @value: the value to set > * @size: the size of the value > * > @@ -3591,7 +3626,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val > * > * Returns the length of the smack label or an error code > */ > -static int smack_setprocattr(const char *name, void *value, size_t size) > +static int do_setattr(u64 attr, void *value, size_t size) > { > struct task_smack *tsp = smack_cred(current_cred()); > struct cred *new; > @@ -3605,8 +3640,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) > if (value == NULL || size == 0 || size >= SMK_LONGLABEL) > return -EINVAL; > > - if (strcmp(name, "current") != 0) > - return -EINVAL; > + if (attr != LSM_ATTR_CURRENT) > + return -EOPNOTSUPP; > > skp = smk_import_entry(value, size); > if (IS_ERR(skp)) > @@ -3645,6 +3680,64 @@ static int smack_setprocattr(const char *name, void *value, size_t size) > return size; > } > > +/** > + * smack_setselfattr - Set a Smack process attribute > + * @attr: which attribute to set > + * @ctx: buffer containing the data > + * @size: size of @ctx > + * @flags: unused > + * > + * Fill the passed user space @ctx with the details of the requested > + * attribute. > + * > + * Returns 0 on success, an error code otherwise. > + */ > +static int smack_setselfattr(unsigned int __user attr, > + struct lsm_ctx __user *ctx, size_t __user size, "size_t __user" isn't valid: it's not a pointer. > + u32 __user flags) > +{ > + struct lsm_ctx *lctx; > + void *context; Why is "context" used here at all? Can't this entirely be lctx? > + int rc; > + > + context = kmalloc(size, GFP_KERNEL); > + if (context == NULL) > + return -ENOMEM; > + > + lctx = (struct lsm_ctx *)context; > + if (copy_from_user(context, ctx, size)) > + rc = -EFAULT; > + else if (lctx->ctx_len > size) > + rc = -EINVAL; > + else > + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); There is no "second lctx", please pass lctx->ctx instead. > + > + kfree(context); > + if (rc > 0) > + return 0; > + return rc; > +} > + > +/** > + * smack_setprocattr - Smack process attribute setting > + * @name: the name of the attribute in /proc/.../attr > + * @value: the value to set > + * @size: the size of the value > + * > + * Sets the Smack value of the task. Only setting self > + * is permitted and only with privilege > + * > + * Returns the length of the smack label or an error code > + */ > +static int smack_setprocattr(const char *name, void *value, size_t size) > +{ > + int attr = lsm_name_to_attr(name); > + > + if (attr) > + return do_setattr(attr, value, size); > + return -EINVAL; > +} > + > /** > * smack_unix_stream_connect - Smack access on UDS > * @sock: one sock > @@ -4955,6 +5048,8 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { > > LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), > > + LSM_HOOK_INIT(getselfattr, smack_getselfattr), > + LSM_HOOK_INIT(setselfattr, smack_setselfattr), > LSM_HOOK_INIT(getprocattr, smack_getprocattr), > LSM_HOOK_INIT(setprocattr, smack_setprocattr), > > -- > 2.39.2 >
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 3cf862fcbe08..902b39c187bf 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3552,6 +3552,41 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 1, the number of attributes, on success, an error code otherwise. + */ +static int smack_getselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t *size, + u32 __user flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc = 1; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = ALIGN(slen + sizeof(*ctx), 8); + if (total > *size) + rc = -E2BIG; + else + lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, 0); + + *size = total; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3581,8 +3616,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3591,7 +3626,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3605,8 +3640,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3645,6 +3680,64 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + void *context; + int rc; + + context = kmalloc(size, GFP_KERNEL); + if (context == NULL) + return -ENOMEM; + + lctx = (struct lsm_ctx *)context; + if (copy_from_user(context, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx + 1, lctx->ctx_len); + + kfree(context); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4955,6 +5048,8 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr),
Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> --- security/smack/smack_lsm.c | 105 +++++++++++++++++++++++++++++++++++-- 1 file changed, 100 insertions(+), 5 deletions(-)