From patchwork Thu Jun 29 19:55:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297257 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 23F82EB64DD for ; Thu, 29 Jun 2023 19:55:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232209AbjF2Tzs (ORCPT ); Thu, 29 Jun 2023 15:55:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59920 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231631AbjF2Tzq (ORCPT ); Thu, 29 Jun 2023 15:55:46 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31CBD2680 for ; Thu, 29 Jun 2023 12:55:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068541; bh=wgtdZkkOjJUexz8+RxUBfp40TMcnceo+7I6pOOcmSOE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=adYF/oCr7+Qm3f/gQVdwrIr6VaYLilpT2ukC2p3pfaEDtTLfNMamq9vXpJ85XwKSoIXCPeFYd8L63SN/ubk9IoLRmw7ivlgl3dQWwCK4XmQ3T2jPnE/t46GMRolynSNLgEU46G/Z+uZvoR+03VbcqHTUtcWR2zd7uM1pnp/ZQOWv5puFpTLYnUFj0porJ/InAnE7Z64Nk3QlodUhaVRS7TD6kQoNoiMUBj9hHDaa/QOpE3D7oiywEscOEk0fzoq9vHSVuXFkcqSgx3sUBbaCrvwUbb7EDIkWB+aw6WcPAD813w+d+LlE/aXAsNFsnKq73+GiW3eaqoxS2Us7IzMq0w== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068541; bh=lxykeEXVpMgtwXn2iQd59AUZ2pkLvby6tD5M4pG2WFX=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=uAkEjLUa+7ko0GeRHcj6Uxc0bKOZUJDAQm2uEY9q/pzYKKgtHG06/xiXYt2qRnVN4BJlkpzLacyhccRvPjzZOxpsA29Xa950C7UwBB3C6dJwkwlx0Lu58FE7tV0/kj8m2T/bGh4y0SneYqTarssKOTiyYxI2vBAkM+NQ0h35aplC444LZVf5bZ4h/vo0L0WFBrVZ/2dTqvSM1FzoYPsrZYp2cBw+/PSVPTUfjJ/BdPbc5qHvVumT8mq0Hz4kWXsunhrwhycnZgf8hkLn0XA/AtqBuWktrfEOd1tuWms1PpsUexmR2GRdVQuZU7oKMNsHhrypgywilJC4u4nh+VyYOQ== X-YMail-OSG: 4iH5sI8VM1lL0U99BB.SOYDcOTPt1SJ2Ncsb5BrrK50N1cVJhJOceh9el1ch5p7 2A_korJ36mqHE9bxke604C5mwXH1_lXx5fQtsTk0YgeVWePeGkcwE35YjZpjhf3fVWsun2qHzBlW qs3WxbpCNlx7mz_4mo.5l_XxXJ9y5pSfJbAsUqRDbn1H4IiVaCqEgbbJSeHtiqWcOr0rsjK8RxQ3 zUTbMkbh6JhZfUfOgy.Ij59NLve.yFg4lSPRbDG3vRwes5q1Cu4FKMqn5r4Ky3p_cAF9XGCfpIF5 PJyhAMPuElkrk7WOsoIbFT05Cx5S6o14xEutdsFhk60NaC1TFOGEaGvVxqTMN7Od.IlMkCMB2zOT QpGPsgCfSsjtJVaEv2UWjdgmYIfL.CST4VePQHSZJHqyy70zpRJWVXW6gLp9ox3Sj1H_vhkNiuP1 w01KpZ_coPDGPNei6l8TczN5LYgOIMXd41cZ8b16sYA1664DkGwXg0D9dgo9mLpW1r01QdD7jso1 bYr5pGy_W8WFWVnud5M0bXVG4U6IVq.TbPJnf44KAroxerLs3tFLKp7SqloeAQAvUeXlC9ihPQd6 gdUB8fBNL5WRgz_A1ZER.tRvhIBACYL5tzRcGHI_dUy5w3kYbTWnGtqEWFQmqu0Y2kUia9NTw2ut 3cvDX3.jWLPmSHJpDCLvsv22UzsrcT8w74w.wRfC8C_Qwjcb7riCmjipTFACUqBDtWpRsVRP8BCZ t9ZdCj_897dq1ne4aSBHzMzXtr7IO3eEvQV8.zPLNzald3o4QZOVgtchpueW34V4bE.yJ5OuhFOc yeZ8HF46pB3iGHV..3L3amKBEjRsVNwtw3qCoApXF4AuWNeL246Xt8uxPjIt7seu1efLX82FOxds ZLfHMEEm3KXxSHMC9eLPAGBbg_8hKlLHJxSoWxoMMYnJJZbHOghPbhSCLn.5nhvuNUw67mea2Yls gcEs_2gvzb7zA2FdUHUS3uoHgq44UI0RDwM_GW0bRtrLhnlMsSe5NdV77I01QRm6GAdVjA0BDP2K pPliZyGBE_7vhLloHB1q5JSjwqHiPtAthB31CPrTLhgH2ptEwFDVE2S810pbCK0Nj7ClGH5bhRmH RYu.ne2s8pbnsl3GFZ.GBoabMmPv1PqO_M2dimE7.9EP7nEhBUcxH7heMgV_NrW0FqO8RKPk0bzE D1bhK2qprzZx59X.mgAwwwcUWs6sNPC4lzrS7DJci1xQIJteA08wfkW5V5NdkXDpMxDqsxhFBayW KcQ.CciskUQsp4ysw4hm0tmMY8a70A8Aht8MjfE2ASyuo2yy8GQps2QZkozkYy86lxrPbAlvRAZH u1QPCTcIftiYGv9PoKqa8.3vMXcfD5svhJkxhDdWD8MdPkLdqMtKkZcJ6Nv3pKcO2wDOV5sFWQ1A 7qaLRSfyuoJg2hLUzd0f7z6cv.f0CYJzWZPt4d5XfIXAFEpfuX_s710xAWTrj2XP8peOd9O6uCTY ozHmfzZuaW5nl6wNTKqVRk_x62Y88dWMIR..3CmTjwP.klHjO_gcQWTd.WpHQH1mBrvi.1qV4CCb jJI8DUQ3dj2jAJHOEevPw11jOVJn81Ya8Z867HKep_VN8J49VrWoWTh32akC9yL7UeFH3.AGx8mO pq_2zJT1lSFj6ek18lIdpmGXOtn5PKvmf7R7J18EJRael1VHabcdbRO.1g2nHuRXaNYM4ttBEEj1 _omfihNa2Lpf0ot40RZRm0e8KjDKUd4rvQOdtz_mNevnuhEOKkTbFeZ4uLEyEmKvfkDLL61bzY6J RN.GFgJpTFpvsaOP33EVf.vxVNtdP_4oI7GkLp7ooVwuYdbvBovBcAsDHJaaPOYQEiuRpVFY1JTg sSl4hjYkRvSzbAYHd0Syh5nahdEOS0_Sqibeo.eLRU1pfOQh2w6J5FFlgwS1Soppd3sTuQSK6xeE 2oPy59ltDSdNvcZ2JXtRL8owozHrn4w78TX8D1.7U96vJ46qN5X9hHF.xE1WBYUX0kyGfdx5CQti wXrTvq9GkBKGfoO3HWgmRBRIu3u7LPmt8GJkRRYPoDeb9XP0ZJddb_jTD9baun5erX4jengH5URU XSWy1f90ZtyUVMXfO_lxgCxSSbUHhfVOunX4kwCvOKeWHLgqK0VosjMOTqWC8hmrvsnA5G4HqFUF 0CqvdrWSyLExqq.SYH7mg_BZAzhYDqaw9dQMjgbZz4fOHtSwAMoK50VaqmWIFwb2oeduSBbYJ1S3 Jr5u2eQveAupK30fuxwZRWXXt6wOfXYArnng6sqrwbJeXfTBT1_e70t9056RAN.H5mHVJTLEK4mK gpYbFI76HwnCAMDz6rjc- X-Sonic-MF: X-Sonic-ID: 66413678-1751-4148-83c9-082994ab9e43 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:55:41 +0000 Received: by hermes--production-gq1-5748b5bccb-dgd7m (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8413d56f5114fad294c4c94233ef2643; Thu, 29 Jun 2023 19:55:39 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 01/11] LSM: Identify modules by more than name Date: Thu, 29 Jun 2023 12:55:25 -0700 Message-Id: <20230629195535.2590-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: Mickaël Salaün --- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 55 +++++++++++++++++++++++++++ MAINTAINERS | 1 + include/linux/lsm_hooks.h | 16 +++++++- include/uapi/linux/lsm.h | 54 ++++++++++++++++++++++++++ security/apparmor/lsm.c | 8 +++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 9 ++++- security/smack/smack_lsm.c | 8 +++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 21 files changed, 216 insertions(+), 21 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index 72a65db0c498..b5fa29c077eb 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -32,6 +32,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..6ddf5506110b --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,55 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: November 2022 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/MAINTAINERS b/MAINTAINERS index 35e19594640d..92911df464da 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19007,6 +19007,7 @@ S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: security/ +F: include/uapi/linux/lsm.h X: security/selinux/ SELINUX SECURITY MODULE diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ab2b2fafa4a4..fba8881d2bb5 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -41,6 +41,18 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const char *name; + u64 id; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -49,7 +61,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + struct lsm_id *lsmid; } __randomize_layout; /* @@ -84,7 +96,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..f27c9a9cc376 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_UNDEF 0 +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index f431251ffb91..308cb3a281c3 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +static struct lsm_id apparmor_lsmid __ro_after_init = { + .name = "apparmor", + .id = LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1904,7 +1910,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index cfaf1d0e6a5f..7e7bdc1b7979 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +static struct lsm_id bpf_lsmid __ro_after_init = { + .name = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index 0b3fc2f3afe7..44c2577105f7 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +static struct lsm_id capability_lsmid __ro_after_init = { + .name = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] __ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index 13dff2a31545..786af18c4a1c 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index 1c0c198f6fdb..db5ebecfbf02 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 8a06d6c492bf..2bfc533d36e4 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 0f6113528fa4..f5ec82a1c381 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +struct lsm_id landlock_lsmid __ro_after_init = { + .name = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..38bce5b172dc 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index ebae964f7cc9..14202ee4a362 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -208,6 +209,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +static struct lsm_id loadpin_lsmid __ro_after_init = { + .name = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -259,7 +265,8 @@ static int __init loadpin_init(void) if (!register_sysctl("kernel/loadpin", loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 68d19632aeb7..aa109b5811d9 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +static struct lsm_id lockdown_lsmid __ro_after_init = { + .name = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index e806739f7868..24bbab457623 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +static struct lsm_id safesetid_lsmid __ro_after_init = { + .name = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index d5ff7ff45b77..e56714ef045a 100644 --- a/security/security.c +++ b/security/security.c @@ -512,17 +512,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -531,7 +531,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->name, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -3778,7 +3778,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.getprocattr(p, name, value); } @@ -3803,7 +3803,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 79b4890e9936..49ec74bc006c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -6890,6 +6891,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +static struct lsm_id selinux_lsmid __ro_after_init = { + .name = "selinux", + .id = LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7210,7 +7216,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7a3e9ab137d8..cf847cfe5ed8 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4840,6 +4841,11 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +static struct lsm_id smack_lsmid __ro_after_init = { + .name = "smack", + .id = LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5046,7 +5052,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 25006fddc964..e2efc94ec481 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +static struct lsm_id tomoyo_lsmid __ro_after_init = { + .name = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 2503cf153d4a..31b52685e041 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +static struct lsm_id yama_lsmid __ro_after_init = { + .name = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -471,7 +477,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Thu Jun 29 19:55:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297258 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6C4F8EB64D9 for ; Thu, 29 Jun 2023 19:55:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232055AbjF2Tzt (ORCPT ); Thu, 29 Jun 2023 15:55:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59936 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230415AbjF2Tzs (ORCPT ); Thu, 29 Jun 2023 15:55:48 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D38712707 for ; Thu, 29 Jun 2023 12:55:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068546; bh=NYp4azd3Uz7RQOxZaDyrAnb61SrqOWxbcsrJ/D0nyuU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=jnj+dvAp7M/3+2FTdPS6Wz3sUaKVn8wz6QyNKWmGC81fXIn3rZE6iz8mF0sr+ksL1JW5PPeDZNhsq+Qzdvl5lCfSQlJFDmgHXvwlTCcOB3bYvc7woNebiSZsRg8QljmMzKmSdyGaVTeNbtvKaDKItKKeR/Dp2ZeNB6Zo0dlRc54/3XCqjL7VJBWZPdRp0n9WPgi9MY63AEPlT6D3HjQF9TC8hEnItTzlEcuC7uPCkPockrE4Yap4RFkxTweBiCLFYjohFcNmAzHg1XNtCZBLpwIS2t4BU7ptJS2EQSwoXdfYW1MvRDv9xSwOfd1fS9gctfbtJD9t7MQq6UcQX/9nDQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068546; bh=rO1uwvRyEHFp4nda4SHOYsZpbhVoSAuE5S6xv1cMITb=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=MSAt1pyiQFJ8PKcO9PC3QSv6BHa+7fXb0m/kqFglNoztIT2aJJ5oAlOmMBvoHqilxnJrSNen229J7V5EHaTRTe6FPZTh8nm46ka4QtFMPKBXZhoGdLTRJ68g77T3RBt5AB1+kvp9XgFz91fw3KcAEjsukhlOnG3quL5PzAufg6BrR0suJG4V4b810rmlaFyL91pOVCPWkUfJq3F0z9/HzEBcWlnZu0sU6xqJVwAKqOxlUr0GjpqOSyXd/yYar4nqVCuot3WpBAVTWpYIOhfTAdGB5NiyeSJWONSeR5LIievwl9grDnQ/H9JVE1/ZDdmf0fwjW7vcWlRs++Gw+mAOog== X-YMail-OSG: GGAN998VM1lMT3iB0nykBV9EbZyFY23Nqmb4cgsty1rkSgnXJjo9yBVi0cVtt_0 aSa_qXrWkK1j2PLY4mv_vuIVkKvaptgsrN3FAKgZSqjjlOJMFBjg5Z.ndZzCYsqsayPxlshNbyLU cTRXl4Y7wdhhgaqkB3_O4cKdFknivMQb1EbYbhKk_pomTxby55SHRnIOmdlpxgGRL4_mCjKgwKNj F6Gz1STkrsW38Hgi5CnE6qTG1i7Hh9dGp7HsCGAGsjwUz2lwaNmPJMy31tQZFVzdxJa4O6wbjcj9 5ghLhqdrTVm2WWdSyBZfCOpvlLGWq36L6aNMKh6Fd_T_hr2T_fi_99EZ11KUVbT7KGDBuzJiCeWl CDsr_pyI.eqUl7vLzK.O2rt2nzRnPok2RE1MjxGZngv70wj1V2ej2pqhcR5VYY.LqxvxfsVNLEha 7pdgeetm5tK0wxKuEf61_GBEUDXzvE8EnnQ_CILQqGCevZ1zGIKEgNos4MLK7.tBW6Mb2nZZdQ0G T3npq25oBcocpyg6HVBnvwM3JOuE2feOPsZgdqz8b92D8be26bFqhVIjcr8W85CQMitBJ50a0b88 i_v6oUMdTLkuxeF7iZwVgI8KKF9sXPi7b1lgeWmJBKYmLSpMA0dXU7yFAiZYMZk1mI4fmKY5dBGu 0HYDFi5GtFHx.bcvfNckiAvjFEeCBOJT96SnKfmTg1jMWjJP11.0slI3Kn.fC_2Tz7DwwDUb07b8 jrJ4ugDchKw5gs052NChizOV8lemONx8_G5Yo6nlJBi4fZzkVxPqwOGIPeQx.TPEvFFUaukUUoEp IfnMAYw4ke4boFBUJ5vyl7zpSTddAkU96g28ouN_LhvXctAvNn417rE9WcGL3A1T7JitI3eXMwEL 057y7iwRUwjsZvGm2r31hiddZUh8sWLwGFu1LI4MzI56SJvi8wo7T00u8xafERgG2ikyOLbY0gTt 6317w4oY9pRYvTfgQsHEuntDD5gOJHwdby5_PR4ENdtrE782uF8Si1HuO8lgJ0DKoundUfjfKVRo AXV4CfKvZsmJObX00q0JT6WLOKqM0xNO_jZ58_GsUFlEGN1.l9rTIaBPEZZuP5t6N.JV1U7QDtno lJPVk4PKe2KPtxESnMgW8n8lyoWC4dhdxK9kf_oxmtyoBz6Ch0Rbpvu_RlR3eJqynFgYC5nysMyi 8YPRAjcBCK80TIyU46.vRcnAPyQJo3YJnV22H2T8crEB9SLLS3ZtDk0QAVZfzLaeBfbYh3oMy2v_ 7lZgj26OztB5C4rRfRjkAQZODz54CE0cWWO4sOgo9hcZd8fStC7oku3smjl_n31nryNSIu1SXoMA d2XuEAo2CZB2PbJuJD.kw_ZzISWtcZSYXXnjlG5ygUUfoh1NRCDbwnQaWb0e0wqtjD0nZoUbrdZV vBu_xXTtxAmuGtyKv8URrD8D2wkoP43a_eUZar6Qwpn2omdmHAnSbkW7RN9egDvrhJmaOcSvfkHA OcCg7brcCSj2uJNoAnjeNq0h4tmvw5g1xi8lOXGXQik6HAIqemODNK8xtj3R7cfKCZm28aURgz_p adeGlPttnIgs_PsMCWL0FZda0.5zY7zIJAY.y4pXBlQtRNRTw9kuwOfnpTSTgIp2ZEP.rno5dcxU Q1IoLSU3C9Em1qywwo1BB37PYYzX7Fjk8UzOAtetABjd2JtpI4h3tWhIFVLtWDyv8_dt9qvTjvDb ttM6OfsmiHW9kVh.xYbYM2r84roqPOApd1k.3s6gA.ivsbUU86Yl2TlMCoQfH_2C.N82yTwmXaap v.0UMUMrJy2X2uR_jg6rnioO_XtYjxzKN389rdb_QUfSBwd0qTyT5rhHJBaUgppusOSnot_7NnJ. TO1FKC35uSF_exMb.SAKpt3il5A_BAAItiH1GQVn0SExCC.GQeR2Eoq8D8H3B5kL6hIcyXv6jzxA cIBh71RTBUaP4Y_5LyC1pleoH09t6twfmxqZ9ZHGHgoKloA5TgnRp3wvqm10q4HE.313ty1DN0fo OUIvtI.r6ueS3qouGSc0iIhWY1JLpEGYDeRGDyZuaJL2g9jvnGNjcjWe8VrkLMldLvGAMXKzAW4W NOteCSUgwPyoHvN3a_suu22J3Gm_iQQPRU4MvS6.KfGVfOPBeYNGiVfALZMZxDlf2Hq5dA.sBhep oisa1rjjsZzCzDj3i_Ia1LqtqKk.KlQNt.oTbAOIPzboWkyCrlKDA2lFDYIv1Uiwq1alR1wz__4z pCYNgdON9JCT3K6sbTIpY_EtPxEiJ_eUtUYwSKMt0jnHJYsD_FXCDkU0LLzoHKFYLLDJhEwKjD5H _.N2rXUSJOOdN8HCdJQ-- X-Sonic-MF: X-Sonic-ID: 321971ba-191d-4943-9b4a-875b6893b00f Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:55:46 +0000 Received: by hermes--production-gq1-5748b5bccb-dgd7m (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 8413d56f5114fad294c4c94233ef2643; Thu, 29 Jun 2023 19:55:41 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 02/11] LSM: Maintain a table of LSM attribute data Date: Thu, 29 Jun 2023 12:55:26 -0700 Message-Id: <20230629195535.2590-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- include/linux/security.h | 2 ++ security/security.c | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index e2734e9e44d5..569b1d8ab002 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index e56714ef045a..5a699e47478b 100644 --- a/security/security.c +++ b/security/security.c @@ -36,6 +36,25 @@ /* How many LSMs were built into the kernel? */ #define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_CONFIG_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) + /* * These are descriptions of the reasons that can be passed to the * security_locked_down() LSM hook. Placing this array here allows @@ -245,6 +264,12 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __ro_after_init; +struct lsm_id *lsm_idlist[LSM_CONFIG_COUNT] __ro_after_init; + /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { @@ -521,6 +546,18 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + /* + * A security module may call security_add_hooks() more + * than once during initialization, and LSM initialization + * is serialized. Landlock is one such case. + * Look at the previous entry, if there is one, for duplication. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) { + if (lsm_active_cnt >= LSM_CONFIG_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + lsm_idlist[lsm_active_cnt++] = lsmid; + } + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Thu Jun 29 19:55:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297259 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9EBCAC001B0 for ; Thu, 29 Jun 2023 19:57:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232126AbjF2T5Z (ORCPT ); Thu, 29 Jun 2023 15:57:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231681AbjF2T5Y (ORCPT ); Thu, 29 Jun 2023 15:57:24 -0400 Received: from sonic303-28.consmr.mail.ne1.yahoo.com (sonic303-28.consmr.mail.ne1.yahoo.com [66.163.188.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B86912D60 for ; Thu, 29 Jun 2023 12:57:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068640; bh=/IXLwjq399ERRdbBU9bkxssM1yB35DCfDaZBrMF7pwg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=XdLqXxHvBtN/WC5TBCPeGeU9RVqEgErf/ma4QXVPyLSorT4cbFnb3Qk2OJ4g7u4+2TfvmO09mHZSY7YLHbsr+DDCkfD2Wgrt29wzQnVH/1f1Rtj7ynniFP66CICaGriOYWjeu550xGnju3ZcMBBLkkLaBmH99fBy5XDB6On8eEheBNDNS7JD2NVRws1Y1WjERaB9i7L1el+RBI6rKF0R6czeHW0Ja8ZYIkwEwznXTypo/FlHojn7/krOdXGRtDL8xuuXc+2ljDz3vJDcsXPMPzivVC5+Mw6CDBGw6VFGn5zGQ1V50q0+Knw7h599gzfz/QrOaAmJ+84X9yxS08YHPQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068640; bh=lUhJW2HXqOcpkQvKFZtcRFZgM8iA7o3EiwVAqMivPwk=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=CqIGIdBtiPNlRfm4sP2F6a+UiJPKxlDH8nPxrg8WLc3tt0+WqfGYhZkzN+qoqGlksSvJuUbtZF1b5NaswNIIaZ36i7EZo/3K/izOM3lMvATwfQZWB7TSmwcNyTRr2hB63M6KYTTAcTmsP+HZzA35AyESIhn+4N7gWoajgW7M8viPLI7oD17O+fOzAh8NU0RkML+4SvFXvBMVJriOWXOYdjx7PvB6LyGL4v+YhmackTq/A7jfHIKkj2RhxQHFobKnPaSl841UsSiKKO2Me20kUfA57BWX/gtX7WfHBDQwfvq7Aw2lh7dKQy4rYSp8Ae2Zj/ZOO5FX0gFfHaKloWhjMQ== X-YMail-OSG: ZYbzpZcVM1nwbtn8IEcDnbEFLD.9xA91wps9QwNSuPFzjh1YOUGNUn7IMU0Fiy_ 1w3WKT9TlICfdLzX7d9jeSOzits0CRxwXVUzyDwHtwy_EI6kQnh0yMhUfyYNcbMFCl46KAZDz6pb uUjUDfLFEXCHB9WKfLQX9q4LjavBKUSFfETLIEXplM2UlJ8Krn4KNdr7l498Firk4LV3qTpusYFI 1IIz0yNJ4eMl8Bp5vy_WSd05yPgLl_8ltkrvD8dPeFf9Iq53At67aAwFEC9HCoLxESomA1lZkR.w qv740nySsIu4aq3LAA1sHsVDvEk52TeUA3W.4xznO4nao8qBs2fTN3L_bxy6_wL_UZueJGVIaTUY XPMxpKGUBs5HIVnQep148zJ66H91J9SlgyyXVRQJmwJpevW1ifIOcPIGdVARB7maNt5epSz_Mleb EnvfMAo57qNxksONrUm1HsNMCBcEf3CbxcZZOI3JyvOvGenbvfBa3zDB84_1_lFr21ux2RojVEDJ nWNIhU_JR9yCFe.90dtCjcJO7Ccj.Q5iSrIc5E8Dl2h5NrT0jaEe57l3jOdA66umZaJ3o1O2vICu GQ4gAVVxndF6Vd6p1gug.bsxgcTZI.Gfso4sBt4mpqfXBomUYiZwq2s5rheT3FezLmE5nj8zFwtX H9LCh_YVmzPBTlol5kz6oVSEJecXx.ypGKsyHgZfsqz2_iJFmxP02YOytyEPuZStC1guTEYWOkn7 eHIk3DcAzRPWC_7HrneYmrQTECDCmJESG3b8hIj4z2hhKAXAebITq.sA3.SUX5FVkFSqvnN1J_C4 D8wHtYkOCGljLsuc1CvviriHi80u3gpKfyyezB26PZa52CYex4319i.l6AA3Shs6SSDNF7frNFf2 4TmAk_ulXlK5ZQxnAhybt6GdJ0kj4saOQJUcaqCXsdUcmkechMXESjNcfUrX_FO1WCCB36xzUoFQ 6j3gIA.rpZNtuoKp54Mb7izGlYn0AXBux6UaXCwZjIHIaK9VbBWCWD_dOvGd12kO0n4Re3CbzUvO EM4wAxXG3FD2bLzH3IUMZNhwKknyBmsGnSD5M51UqX2_USfviuxsyguJLmaZC56PCJjlrYeGocUT uoNNpnwcAc68_zN15GKCG8WZHubqlilsaEGNILxSI8PVhXMZHIcf14XyEjIejlzGE1KmAhlpG_Th Dj1Ajw9vxxubI9h0GCN1LQvwz0fAtx7kUAbUdwTDYGM1cEmdI8o.NNCX0lIyHTf7nUmlk2Mwirw4 bCUExIW5m5hC1CkzgeJLkgdSYlMd0GsZTJKeQckri5JvUrAojtjCe3IWw0bCrz58YvHqrnsi9erA LqRLHgmKhDkYTUBCeevSzmhNKNC9IePgUa8DF.DvDCbvDHxHtZa_vhG8KSm3mivxO7PQLH2P22r4 0Mv1f7DEZDz4ASHZufZ4j9orNDzuPK5e7KSdPQr2Cjr8v50xYt.BBNbF4P17icnWb49iYkhjbMsg 29zA3Uuz1KWYyxjyHlW.NO9oNMhN1aw._ax1l9tnHs55Otn4hfnzwNj70LKYEY2Y_7nNA.1XZavM zDv7NIsWlW1qFaUTKUzlyMgBNUkCKK_4ApELnzF1ub1B7dZZDJ3Kbg1aofxSAO3v3rkLX7OuZdLJ ufNnHDUsAB2RzkSnJTPWZ3B3ruAeD9x4trYNBtlrr5Wm3kf5x0Tc3lYTcEiBKH5Y5inStS.xucPl HDuRBr951bPXkeDA92C3ubPXPAm5ovQEa2ke5SfADBjyXwe8xxljFtzquVhAf2dlzxQgIsbuf4Qa O038KmWy6L6w8gjsIGLtkv4hIMCqERRxxIQUsTyzQqBQzIXss5j9KWQUmTAeIvecNPw.1J8BG9C4 POIO3OURuqfzKTeTWXcGmaWTWb3NZBMqkhFwMwj3g2qTDAXTGV7wyizgaoPJ1ug58icnhIUaJXct RGfnKszgEIR8DI5W_Mi3.osDwnjrFB8Eb0wiJCsbq4tcUVXaPOZdl2dyhLc41qzAz7usCSHhy9nP W7QPBTXaSWl3t9ZcNWnjvOxTyFmw372_bUkglblmJuaNF1bPRLDJH0nXzk23JDxnQItHDpC1KbHz mrJE37Ahvp3KppQZIcYQncbxq6yCHMhn4kGPDpMKU0NW_LHRtj9GT.mulaNrW4uODmug0oHagwqd OzcpR5_uFtzWaCYAH6NYdNFtQOpIKc0RkctbseZ2Hse_LKzdsYFEd3ulGlbKez9HqaZmpL.rOFSG oHnvEK2s4KPIKVVY66744t5ydyPVLw8YR5i0hudkA08EF99se9f03F1.4UzRnV_4i8S5irtCx4ZP JpVtBuVcLsQk5lfcGC9o- X-Sonic-MF: X-Sonic-ID: 0ca98f84-4f47-46c3-bb52-b1a3fdfdeb79 Received: from sonic.gate.mail.ne1.yahoo.com by sonic303.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:57:20 +0000 Received: by hermes--production-ne1-6d679867d5-xspjz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2b963465d429516eabd169bf0e2fe051; Thu, 29 Jun 2023 19:57:14 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v12 03/11] proc: Use lsmids instead of lsm names for attrs Date: Thu, 29 Jun 2023 12:55:27 -0700 Message-Id: <20230629195535.2590-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Cc: linux-fsdevel@vger.kernel.org Reviewed-by: Mickaël Salaün --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 15 +++++++-------- 4 files changed, 28 insertions(+), 29 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 05452c3b9872..f999bb5c497b 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -97,6 +97,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -146,10 +147,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index 569b1d8ab002..945101b0d404 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -470,10 +470,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1332,14 +1331,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 5a699e47478b..d942b0c8e32f 100644 --- a/security/security.c +++ b/security/security.c @@ -3801,7 +3801,7 @@ EXPORT_SYMBOL(security_d_instantiate); /** * security_getprocattr() - Read an attribute for a task * @p: the task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @@ -3809,13 +3809,13 @@ EXPORT_SYMBOL(security_d_instantiate); * * Return: Returns the length of @value on success, a negative value otherwise. */ -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } @@ -3824,7 +3824,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, /** * security_setprocattr() - Set an attribute for a task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @size: attribute value size @@ -3834,13 +3834,12 @@ int security_getprocattr(struct task_struct *p, const char *lsm, * * Return: Returns bytes written on success, a negative value otherwise. */ -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Thu Jun 29 19:55:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297261 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76F20C001B0 for ; Thu, 29 Jun 2023 19:57:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232279AbjF2T5a (ORCPT ); Thu, 29 Jun 2023 15:57:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60272 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231949AbjF2T50 (ORCPT ); Thu, 29 Jun 2023 15:57:26 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 551D830C4 for ; Thu, 29 Jun 2023 12:57:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068641; bh=MZMUg+XbbnzRTetKDpG7DwFCfO6NfPMYSVkBQ9EQDmU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=QggH3JNLExMXi16QHmLJ5uh/WEFjN4EZhW7sB9daHOhPr4r606HtTrTDIx7qZG5qPeWDqat8VrC3WnjrLicQFSbY91lYWOwGcE6DmfG9szApduoCdj3gYgONHVVT8G4XRLJWMpcRwUOIedcobns3vmQELE/8LoAwlcQpN6Sng+D2Rob2z7B7DrwI+i67T9Cp6UT/Aj8UT8Sva9MTDmKFCgr9AVfCcbnSQuQuWttnK2BMnAzNOB2dV1wCjncnaM9rZ9L0TOOFMmlBGfpu/KTM2VvegHY1YrHe+JVM4PTx9PUW4UMtBUG+M6HtrEreJ07mCk/hcAGTpl9tz4v4QgE+Fg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068641; bh=yC3Sj7kAc+IpcMTxMfiBpb4Q9qlaVqtK2Inqtt1nJxa=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=Vup1IELBLdUlVZaRBJI8S8C5j0fCp5Zw8q8mh4DXuYqI5eYDj7QVUiT0hvOqLTS90HRAEaulMe+xnZ/ci5XNrBOUzDagrVxEdRyggJtfmD15IJIrw5XKnEbmGzFLumFVSNQDItQ2FbtacS+LjxMfvIikMhjpMIB1yd59bqJG+PF8jJd9qxUucgzEtDhlT/vAoe5oJxrU8gnFj5KpWRZT1Fsik9vUQHQRs7q/bJ3DKnJUX/kGvyMwKJmQCGrCE2g/s4Pp/n1CA2weTYonkzCQpDmPcIybPhovf/m3/yXdd2BqtbRyUe9kICNX78tlxyQiMNcEG3Tn8m7Je7Z66GFGbg== X-YMail-OSG: QsvdtiIVM1msB77Pm3C6VkDtof0ExtZlwk9OgQoBr5Qon7blUeQwLqRIYDHHhc8 QBsUoiKDBH2oa0b93lr2Tiqp4qgj6yK6mNsoz5B6hocdO7I8wbzKlQaxIeJKzMvLJD519742wSfO EGoAy_6I.GUUKxB14HZAcvfifsfv9Re4c2Rq3aO3msm7Skv7CDfxC68F3MaXLzIGH0eT5Df_OFC9 SBgo6aRBlBN7hfa47CJIMnUFDU3EHuNkWu..5Nigr02GRxjOpYv41FUnHGSKDSAaeU075ES4PiuX h4AULdUOzui65oVFETolDbwiX1XDusDzylPR56t_zclgk4nzdq1RXdDzFdJewPLaoZAGGVTr9BMu cGGbK_TE.q7nB3UyVd4JJAJLQDFKI3azMecWNrdwWH8FIbcAe2bgSAMoXWdKO6UeFcuGdwqHIaZ. BBd2t2OwPeAXzlPFQOpD41NT0fh_TDo8QAfVIjewcvKA9_azWvds1wFGwC9eLdqS4o73l2oKLViY f2UqGz7sqju3mFJvTL75l2za416usGptgLo5muprzZEwJ4Gu.Wc2W.38vmonGNAnZr2DYroHQ9nm 83WcRtK.TVuNXhJFhLssobt5pOlfdClObDKwXICZGjlqspdZnqIoME1NKxBldSGscNssyryfvY.6 T1.iarD7qfM2dWeD7lEFqCSCW7Y8Eoz93053zoqlg.NJqud_3zk0FnKFuW12I3oeXZL5QXzU9F4E n0P2JPHeuGobVcVahAVcA1AfBlRp09BfBE7H58osvrtJpFnb4EnxjVCjaBg8mANT8AnEQsOlIlBA AvpWUNOfEsTWLuMo4IaHcnHLX.Z11V1wUOslXJTSJ8P7pzFlMHbLlQ0NE_8j6WrmRb4DpgpN1J_E nyAeVpALGzOeTMmCw3HYCHU3eSZntjoGjYISSZ0eMgJGJzST91oDd2lLlPxQdi5xr1FYO7Ard9x3 wJh1cVTqb_P5oklfyz4HNsKJhWxLJ4BansprpLzCnp_JRikZazo3EW91jwblSpjycYGtOEWQWRHq wCWY3q9Kva1rhcnvUBmPScOPkfCts_.Uu6KfR8K3Ldko8C4S0fVS5AL_sdrqvVeUiMRpADin1jm0 2BTZvjSOBwQChN4_hl5o_L2t4HFfPKZEBoU9j09C793yROXYKRk65se.urKdkA8S8gwPYSYPuPQl __EXTXh5O2kvuy8aKGDSBvCjXqUMh845XlH3zh01_iaubpPL7d9vzU9WYJJ9gx5uQDKxZ2xuSGEE G5KLDJlSuTAVCly_QquiWOriJPEA6EaiBKrzBJKCEOuKGPPTZ9bkfaqcEMT0h5Pb5uH.3d0y1ivp SabOlTp90Pvp1Nm1ZqGCT7nV91Nw3EYcZAn59_D4sHZwE0_.FiqlSQmq6RhFegBPGv_RemSMT48T Kpw7nKLgdrufdTFjOqQI4F2rx9MlSf7802T3Bi9TC2vrpSTwA8nuxb.bvArg0z3SyHC_OT.ztZrD UcC2BY9Za6ulQ6tCfRi5TGpmU.Sn7L5O5tiObW_Itp2JEy9aJpaVyKWGswD9ILPWUNM8KtVm7OTo awu0owxcOq3nE4TC5UrkxYcZKS.tpJmUhy5yi_25ttLoiE1iU_tDX0IZ1X7.iCXUcocal384190V 0ZVu.R3QPbhXwjVol5lVuA6Ll7U1x7rNvr.6.JcETGalANrN3B8.uvlWhJ.qVbOzLMGG.KhLpNgA B6tHmNlL9X_RhPTU48.C13KvBjgK5C3kVnlHKOkC83iWwXZuGjX7QLnpxybVsAliNrY0CYpcJki5 bCThzQd_eBy42hgNM6C8H.FriwOG.xmqI1oZkg7CTfB7j_vqCUs9jcyu7.WBHktCIuxbO9rHeuEu FivFWNfmGwRuYUoit06Axmp7nzISE74Auz29vIIPZc8GGylJyaFWMSI4O.99DLlWmxzMHxXxUiD. PzHk4EeNLKp2XuScjKJ52_ulSb54_qpDoYLwUqt4f0Png1mfrU3Jzb8OImF0kt9m7rOa32ZP3rtK VkSklBbFG13In3pDRb0NI3H6Kc1s2AbodiQJot5KNJxjADmii8NMBtmk18Cy_lPe8sdDiDpCeaPs ZO3pAJ6jJNYn8KybMYnDvgocu45hP1BYp7CVSqA3KbaWCkP14CCgncsMJXvGJW7.kblnZd1EqHZD JNFGrWo2WAKgnH4.X4U6BrziDQK3bRJDXMFGO_x9JYfRzOf4bME207yKhcYWO83LZdiZFgT7hflY aFvYd_RodFlskB31Zl_2IUlHDImNgsw8CCzwHjKHZu1XVzvMwrXk9XX9Ni86zbrZLzdtq7FHfTmj 8XWue.XdAhZe.nxTknQ-- X-Sonic-MF: X-Sonic-ID: 110d219f-2dd0-4fd0-b9c0-c42288fa2e59 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:57:21 +0000 Received: by hermes--production-ne1-6d679867d5-xspjz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2b963465d429516eabd169bf0e2fe051; Thu, 29 Jun 2023 19:57:16 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 04/11] LSM: syscalls for current process attributes Date: Thu, 29 Jun 2023 12:55:28 -0700 Message-Id: <20230629195535.2590-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifies the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- Documentation/userspace-api/lsm.rst | 15 ++++ include/linux/lsm_hook_defs.h | 4 + include/linux/lsm_hooks.h | 1 + include/linux/security.h | 19 +++++ include/linux/syscalls.h | 5 ++ include/uapi/linux/lsm.h | 36 +++++++++ kernel/sys_ni.c | 4 + security/Makefile | 1 + security/lsm_syscalls.c | 55 ++++++++++++++ security/security.c | 112 ++++++++++++++++++++++++++++ 10 files changed, 252 insertions(+) create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index 6ddf5506110b..e6c3f262addc 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -48,6 +48,21 @@ creating socket objects. The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. This is supported by the SELinux security module. +Kernel interface +================ + +Set a security attribute of the current process +----------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +------------------------------------------------------------ + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + Additional documentation ======================== diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 6bb55e61e8e8..f69a7863dbe2 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t *size, u32 flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t size, u32 flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index fba8881d2bb5..9a3ae6b33d7b 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include diff --git a/include/linux/security.h b/include/linux/security.h index 945101b0d404..475d0abfebda 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -470,6 +471,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags); +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1331,6 +1336,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_setselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + return -EOPNOTSUPP; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 33a0ee3bcb2e..9a94c31bf6b6 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; #include @@ -1058,6 +1059,10 @@ asmlinkage long sys_memfd_secret(unsigned int flags); asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long len, unsigned long home_node, unsigned long flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, __u32 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index f27c9a9cc376..eeda59a77c02 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,36 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + /* * ID tokens to identify Linux Security Modules (LSMs) * @@ -51,4 +81,10 @@ #define LSM_ATTR_PREV 104 #define LSM_ATTR_SOCKCREATE 105 +/* + * LSM_FLAG_XXX definitions identify special handling instructions + * for the API. + */ +#define LSM_FLAG_SINGLE 0x0001 + #endif /* _UAPI_LINUX_LSM_H */ diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 860b2dcf3ac4..d03c78ef1562 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -262,6 +262,10 @@ COND_SYSCALL_COMPAT(recvmsg); /* mm/nommu.c, also with MMU */ COND_SYSCALL(mremap); +/* security/lsm_syscalls.c */ +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); + /* security/keys/keyctl.c */ COND_SYSCALL(add_key); COND_SYSCALL(request_key); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..ee3881159241 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx, updated on return + * @flags: reserved for future use + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index d942b0c8e32f..199db23581f1 100644 --- a/security/security.c +++ b/security/security.c @@ -3798,6 +3798,118 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: pointer to the size of space available to receive the data + * @flags: special handling options. LSM_FLAG_SINGLE indicates that only + * attributes associated with the LSM identified in the passed @ctx be + * reported + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx = { .id = LSM_ID_UNDEF, }; + u8 __user *base = (u8 __user *)ctx; + size_t total = 0; + size_t entrysize; + size_t left; + bool toobig = false; + int count = 0; + int rc; + + if (attr == LSM_ATTR_UNDEF) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + if ((flags & LSM_FLAG_SINGLE) == LSM_FLAG_SINGLE) { + if (!ctx) + return -EINVAL; + if (copy_struct_from_user(&lctx, sizeof(lctx), ctx, left)) + return -EFAULT; + if (lctx.id == LSM_ID_UNDEF) + return -EINVAL; + } else if (flags) { + return -EINVAL; + } + + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + if (lctx.id != LSM_ID_UNDEF && lctx.id != hp->lsmid->id) + continue; + entrysize = left; + if (base) + ctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, ctx, &entrysize, flags); + if (rc == -EOPNOTSUPP) { + rc = 0; + continue; + } + if (rc == -E2BIG) { + toobig = true; + left = 0; + continue; + } + if (rc < 0) + return rc; + + left -= entrysize; + total += entrysize; + count += rc; + } + if (put_user(total, size)) + return -EFAULT; + if (toobig) + return -E2BIG; + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @ctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @ctx. + * + * Returns 0 on success, -EINVAL if the input is inconsistent, -EFAULT + * if the user buffer is inaccessible or an LSM specific failure. + */ +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx; + + if (flags) + return -EINVAL; + if (size < sizeof(*ctx)) + return -EINVAL; + if (copy_from_user(&lctx, ctx, sizeof(*ctx))) + return -EFAULT; + if (size < lctx.len || size < lctx.ctx_len + sizeof(ctx) || + lctx.len < lctx.ctx_len + sizeof(ctx)) + return -EINVAL; + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx.id) + return hp->hook.setselfattr(attr, ctx, size, flags); + + return LSM_RET_DEFAULT(setselfattr); +} + /** * security_getprocattr() - Read an attribute for a task * @p: the task From patchwork Thu Jun 29 19:55:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297260 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 37AEFEB64DD for ; Thu, 29 Jun 2023 19:57:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232255AbjF2T50 (ORCPT ); Thu, 29 Jun 2023 15:57:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60256 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231949AbjF2T5Z (ORCPT ); Thu, 29 Jun 2023 15:57:25 -0400 Received: from sonic313-15.consmr.mail.ne1.yahoo.com (sonic313-15.consmr.mail.ne1.yahoo.com [66.163.185.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D87C52D66 for ; Thu, 29 Jun 2023 12:57:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068640; bh=a7U5kwce0MDhdLD5TI5KgXeRpWWUTH9I4CiTtqUWD1k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=WXRBz/GJbtY+MaNHvqGK+c4ppNWGy1I1cN2fN3B+9wkDplvFK5Fgbuzj97QV6DwVsRGDD05GVZbWwTmUnU12K3LFcgu1Ub6tfpQhev6KVRy7lSHFpKxSenyNbilKRMJ4LvJMPtxPhOWqOSJb2ZPbBwz156KCzD9aB9822dwGcr2yOCQzs4kSqgZTSlRp07nhjavIIC54zOEPnLHlFjtWi9oE5PsRr3DNKH22gtDcI9QYK0OKSwRpwEE63+R1gIj0JItJp6E1TLYT+KmDrNV2fBx1VC5H4M66TPaL5taCBbh3t9heCWXI5LFGPHAzj91yXnqF3RoP6r6wzRCynuq+Vg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068640; bh=EaMOISBbHBCszTzoDoO1bgN+VnS9hZJApDum4XMNZur=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=pKH7E5jzP4hu9FFaYX+a+7p4xGKNAmyDOeTBugUVzruEjKmXd2K3f+Z/YFAdEGPY80mG/uvvJxcKGm5+wvPm45tLW1zeuo0ar3/E2CJkuE8Kph5/QSMgxWLVhoCk0qpcv+wM3aLB3u2skl3KzVfKe9LazN+ztoSFQXTOQcorZkSw8yyxIUlM+6fWOqlJObfhxZdxx2+slkB+n8Efa9jZzYM1cliCBadW74XZ7B//jahWwIwO2Zn0zdH4G3CAAa+OXp3zw66o2h+jRhICSe25sSEecTra3F0RcIChl8eZ8uF8KQCxK3ng0iae94GO5JPtN/mhUhDNcfGQ+DrSFSi9RA== X-YMail-OSG: dybT4VYVM1kZ7H_j.PcgTrxOs8KluT9J3qmWOhvN5221bKGZwFX_zDazO05AyXC 1FD2e8WL3QPeBq32BFC_iXZw.0wSJV04jZ_mS1QTxqXAOaqcI0Mjv_H9D0YTBMKqdOArENl28pQt v2uwSXIfErxAShIDWWwbcktr0aL9OwH23EOAurI7RispPjcVqUwh7b2ScQarmSXLZm5QhlYWEt9o 4lTJlSVNaFnXQ6e4ulElA5pSIUnTFo9yg0dz4C0z7wri_mRAcw3r5C4XnSCiiND71uRwZcyTmmEF 7iwFwzlM2twOUGRjRUSaHSSprOwWiTlHiOlzKefMvIgzholUa3SYagE57zPgvh_Wjcf8KpqwQ0ex wZfMdyOTljwp.AzhEnL_Ko4hPM6G4t0YXt.3Haseuq2O8baEkEvsnJbxDC31f.UEsmeO7cGoH_RO KP5OUPT_9K.qsLfnLUVT3ELLBSU7TxTocZQeaeyRGgKEQmCMO.dhHRNDE5AtbOsCkIzQ.6r7P_fn EWTobBEA3BN4BJz8j0gwWMk0UBbpIMl_4vB6uUgpZqVO4fmto.os52IZI.6X636NOXqhM9BXTGpX od314hJmnzebLTZriGVMKRyf3eI4mNFRKY7FOq2j9PtrDwUs_B1Nl94Mt6s1cYP5qkF_c97TXqqp ZZLPiLg3oHz5Z.idtK_gC6b3gLIy_qTBFBli.ECpcIC5k.bsfKEb2RCv8upsZyF1Yy4PXRNlDqn3 OAajguQU5wzap8QED.vs5UBWkfAcaBGcURTVUYVcNiUPh06068C09STOFQysCuIN9_2ncafAKnGy M3gfPsQ9EstEWeHhHXTJ9Zsj5HMBf5w9yItCGQ8QDHroFc.kEmPqcuTtp_0UHLlUmqY1qyH6cC3C 5P_.vgx8HxQ0_MzJrarASfyTruiXEjRCJ7OlRXlOWYoYiIm_U87juytnQmD5QJOYx7UhoF0JrbcB Qx0M_9bAwC_TJ9sWtcg7fxPuJl.FvtMBMHqOaqoqcvbTclFhgKyTMsZNpkVVFnFdJc2PEsosmYJE 71XIpVhoC9kRjzrQXJsY0olobjWGmNNXPdO5GPMB8JqzPF98H5jfKOa3Idv_KNMzT_0Jl020q7Wg n4jMtbtP7iBmB8Mqm3cWT.52GvYBEZBvGroXUh_b9Hk7QhAdOorOA5puutLIyfDizShfqKh2Lvdw IZsuAnrZOBXYXVFOdD46y09u5u0miQxDsF_RtpgATvnwkFxdseqFAqt23WMb6RIcqb_gyyMPCo.s diftrxJ4gCUPcrUajg2Vba1GoNTu7yC35YvdKmr1ZGJNjEegWqACAInH44JvuhERDGf3UK43i08G Uqm0sQeg8vh5ORVrxYhxyg7kQJ09Dyk7dcMwI9_t5RZXVrXG9t7gtSeAfw0wizvpSg0fae8M8wEI 3yIE.hgj49xTsaniDzOPzlWoEiqP5OKRaCvHUP2uzvis7BpRjBIv6NVfTYuGlI2ut8wOGXsrePdK OTMT2MtFmfTPBx9ntuCNQfWDO0dZJkoZ5yKlFGfKR3FQQ5OODsiE.Lx4cAzgjq46lzfH4vTSRhT. vNK1NPKeJ8h8gTeQM5t13fn4DkGbkuHrDtjy95Cagr0VRENbhkPOXPa5OcVoNbym7S1iYy3VXkOl .aR39CSv6hmUI_PvYDtVkWSEfRN09AQ.KPdvCnEMknmDWTaN4dOu8ox2OWJxursXyy0pxmWrR4Mm hAmIZdfpJxxOZhuGbQZQG4jj1TE37ioqd.Rj5a9ZaAXc0cORnl0rIwhdtmOVkpLr00keRQ_W9J2j S2l9sadIWr1HduS60ugspCclIXEb4bLq08RwAEkWO02FZ0EWmEhsRmLz0yGD7ASIGe.1UPqAuGrc hAdV5HxRqopx4Gcc.cXbqe5DFvcUatJeS0irk_jUduN7k6V_aOodCMbUcltEJgM4c6CqHuJR5pUm 9f65AqSjbzqo0klpbQzRe1rN601Q9ZnF6ssvxsy0UpIyYrlLZLzWR6latU.Xjjl7fPBb375wElqm y8.05FUzt_7_jpdNF2FBCMQE4qyR_QRskkj1fYaktD.7WJIbk7gB.hEj_eGflT6zPcR9YWWNQduo juggp5JPrQ.BZq_hwDszkjUuHf0aT.LNVOnvoXw__JAbX9sFoSLXVLqrH1idAYscSie0uVU4KmoD alAokaLa7PcVN8wf2CS4kPGbsOQW6he.VEdmRUKTMzTY0phhx7eeKCWb6x5baxR0FOFE.m3OhJbX oAKzmfoRmKENoVG_kYhtm3PEpfVScgiLQCJn4cvKjaZnd2n_Bf.AGhX8VV9Kq6fnMhgu0OppcxjT 7pflerBefqPIwvaG27w-- X-Sonic-MF: X-Sonic-ID: 53baf225-18aa-46c7-9057-20dacc56e931 Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:57:20 +0000 Received: by hermes--production-ne1-6d679867d5-xspjz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2b963465d429516eabd169bf0e2fe051; Thu, 29 Jun 2023 19:57:17 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 05/11] LSM: Create lsm_list_modules system call Date: Thu, 29 Jun 2023 12:55:29 -0700 Message-Id: <20230629195535.2590-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include choosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index e6c3f262addc..9edae18a2688 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 9a94c31bf6b6..ddbcc333f3c3 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1063,6 +1063,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t *size, __u32 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t size, __u32 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index d03c78ef1562..ceb3d21a62d0 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -265,6 +265,7 @@ COND_SYSCALL(mremap); /* security/lsm_syscalls.c */ COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); /* security/keys/keyctl.c */ COND_SYSCALL(add_key); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index ee3881159241..f03f2d17ab49 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -53,3 +53,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: pointer to size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Thu Jun 29 19:55:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297262 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B2940C001B0 for ; Thu, 29 Jun 2023 19:59:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232178AbjF2T67 (ORCPT ); Thu, 29 Jun 2023 15:58:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60874 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232288AbjF2T66 (ORCPT ); Thu, 29 Jun 2023 15:58:58 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 632ED2D60 for ; Thu, 29 Jun 2023 12:58:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068734; bh=FiSJ77jYAoKaRKSbgJjT5LXLQjle/FfkTkkjxIVH/ZQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=b831eR/aXPnu+5HuxxkSdOFY1hKRjJlUsnNYtughQYM8gWfCp/5WGMoimxVLzNuu3a1HHo7BXYfN5/ndNwt0HVUKzzi369h2H70PUYDOQDcYEFdiaL6+8plf4TR/OYVCjnv2sjVRAwsRdG/jBP6nwl9huSnD50w1L9PHnjXIf3cS0xwHYxSHUh9xMmeJtLrz9Zw1RvKdd3wnxy1CfknehnatN3OTYdw9DgJqDwx07seBKixHRvBdGmOGxtMMhZCpIDqOzgeZw5ldBsLMw0vzmrY2ZiZ0GxEa2ZIzwModXiyRB1ajv8kt3xNBWm7vPMZq7EwQ7iQ+HbiqI1ydx1ZlZg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068734; bh=3NHxG3k/1W3apaM5CACVRf4uau5EDYKSgZVzBrhSPHp=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=OxkE4uhwDk9AURUlrTpLv3X+jJAr+4/Srx2IKk7EhkGMNfSHL/yJ0gFU4LVR4zAub5tIgpRUzY26rhJAQD57OwmUetKY4RWYtTtHRLjkWFJJLVgueNVz2uktxIJmvru94ajy4Dq7k1a3GIVR544FvjUlQSVSYEKGbQ5kDR0tW40GGx5K/nzf7eKpVnSvXBiRaZY4LiJPfeFC6+BsmyMgdDhfZ8xg2shq5FvMAx/41VmdKkzNBBlybnsHOY0/Zu0OgGCZYERT9n7ujyOfu4D7PExAEEBMpH7sIClJkYUh4WIUb3E6ohoKYL+ZFBh00ybjoNEQPbxIIsmmNUtgeMOwLg== X-YMail-OSG: ot9aY84VM1mKcLkv0bkWgATdl16pj_kn5ZcFDvAfm3UuZnSLXT9tsd5j21FCoDu 4sMSNWMejKKM_BaDMdBw_bRWdfyZ0aaqeLjokLVD1QQ9G4DePtObH_QhlbFaFsiY7Jrrbc2h4QGB CKdU6VNSi0GzR5NdhhKbgi7J4aZkIG9EyyJEUdYU7ZZCaNnSwaTBj2X9RjNyvfLzw.dReLzluMtD HnH9Lfrbs2oJoJXacUbNxOLYHE0Hd72Got95tF6R0.dWIZF54vxQXASKsyfWV2D0FREm4Jroi.VY zSV07cmhKLfFpDtWXvQQvcGhEBIgrn3cYhpP_ExbRU.tLIJuM1wfgJpKSIePJLl4I77r.EEqltB0 cRJKcvEfEi0KFI92amRh_LzzznDbKEHsciUV1aXzHGHM4NxW3K5G3Pto4tcMdwUKLTsyHxaJlsdG CmcRYbXhvqGnwvo1dWrbwwLwxjmRA77k17vMVCD9PWKtA7KXIWVyXIuoMcarHF4p4dtuegVU9oAF cHUUJ6sOc9SrsNz51CgxKcby7wMqcHubITFZl3NstRkbD8bxcB7K01BsYBk2KDOqIUTA3R0_4yBi maz9CwOvXJN_Hp4aZI1MseRsVxRenhF2EcVHHAV9BSrPyAvl8JktHJJ0.kwt8uHgefp2JJ4gIOZk .WK_aHpeQ1HBBhzH5OyD3hzHYmfyKitWbmvid8q5RH8o7wbj12lFRwRHh1IFEX.JjoEF9D665iSW zzvg_bEB6M2lVlJozQRc8SfAl_TysbnkOqs09zZx0uKj243dehZzSEqo6Xc56aNvoDqppS60Rr0S RfxcIh3X2LbTzjXbbNNTCdU8ybTsDSkcm3agafoHGo51EGbzbXGzNzeCaJmSxFpRqeJWEhsP3Tvm iTl7KwrA.ZHx0Ura1A4o0ebj4zGDJf3lCkEez4BI0iU.GVJ4CqvjC2dLkXsAgdLMaAmxhN16_rJX vUp6SqkjzjUW8lP0cnMBJ2KyodpQiAtQOpIwM859ZZh6xEQT1HZask4CG7BqEG2iu96HOISxZkf4 RekkrdhIAWs.sR4tI_Hv2tRvN.sQA4lBvM0SSMi9zXMr0npabnl2OWxKgePAGDWn7dpa4U6Y7H0U fNg9I5tH7rfyWgJDENGduKHTbD6bbAb_vpj8T3_rKfB65NvsPmnarI6FC75YBJlbNie5A3XjWd_. H6ED3xdJ1LLym7u7K5hxQHL_FtgpUTCJjiaNt.niMbW03.Dl8DeMqN7kTlHeJuBBwtcBb6J.N6Px MNIwJK6hH9JeiRyTp0ivWBqHxtow.ApWH8YxhNrAY5Al8S_Rpfz8qG2QmvWqa6YJuIx6k6mFxnMt BUcRHRnr1czyP9soc4_PIV0AS2VYFnkgZR3g32Ltb64HcNFvJ2hHjtonpl5dt6mc2_FrIxG_oe28 h1eNa3hekq8J5TM.RuFanhThyMNkTU64UloikMuLQr6O18Z4657dDsNGipqyXEUsd1Vb_8eDO56c LbnLkwekSwjT5P4TVx5omqIMV.v_fy3cBhzg6xfC6Vwi0USAmXess0z7kj4Vt5LW_VowCT5OlQWf 3TBLohdxAXFqCss1bOFSURebIl5ghdE0KlRD5EBvtmhxQGWrGRgAlFIE1l.K9VLXX.4_u2UZOueH jTBqnMYiQRxTOqvm6pfsS.q7E42eyutfxioncq7wlchJhZYOEVp6gheHaqiMPiE6O_iYvDyWm4.D QhYp3SfzkJ1TiF0D6k8AhzGLrvHq0z9h9jvj4IgdA2JECxiXzjlaIlZEqUi4g1lTP3Rk1Ot1h4X7 gqUp_LnjDA_sI7p1IWs6GE6qnvy5YQkRTdRMjCdW9ZR0IMGayMcq7.ZGuFwmoVx4KZxu3A68Cz6s Faz0HbTmepdWMSSxEmeoUZNjB69tb7mSG.gTaU2.5yMwVCXZczpLtLlMVhZWoPTnejjeWEuhzFpA GO9FDBsVTU4ZvrbMWLJA7W0em_m_Zx0Iy0q9GVsNOyZ0I6J3r6rbpJUpm1H7.TS4HtleS9zhmwCv 7PC3F1FoZ7.LWHkoKYmY3G9IGskykyivlF.zk0OsmPAO6b_TR4MYkCwqe6E1nc3UMc9auLLAIxl7 slQVTfVXzh45UmLpw4d_CaEddgGB9PdU_DxCEXfpYr77zlnJhPAr1QZSt4mDBEgOwbsaMZszTmET a4pH7voQSQwXLipKV6go6t.USfeHZbeiTMq5ildH3HDnP7xHYCCAwBEidzrDF46VTj_F1hCRR1OL u3CBSyIBoarSDj0rmZdpPSHHocjinPwxeVAPyJ3p2rmGZ6PIpvpVPRuFjHnuxsikAlrfxqGxiY97 _KDx4nGIQiyvovxcbwKU- X-Sonic-MF: X-Sonic-ID: ac27b92a-e435-4907-8af4-8873bcfa3710 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:58:54 +0000 Received: by hermes--production-bf1-5d96b4b9f-dbx7v (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 179208bf33e8d1ee67f1c353255c48d0; Thu, 29 Jun 2023 19:58:52 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v12 06/11] LSM: wireup Linux Security Module syscalls Date: Thu, 29 Jun 2023 12:55:30 -0700 Message-Id: <20230629195535.2590-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 11 ++++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 77 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 8ebacf37a8cf..178e2792c251 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -490,3 +490,6 @@ 558 common process_mrelease sys_process_mrelease 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall +561 common lsm_get_self_attr sys_lsm_get_self_attr +562 common lsm_list_modules sys_lsm_list_modules +563 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index ac964612d8b0..9cda144f9631 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -464,3 +464,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 037feba03a51..6a28fb91b85d 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 451 +#define __NR_compat_syscalls 454 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index 604a2053d006..72022ffd5faa 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -907,6 +907,12 @@ __SYSCALL(__NR_process_mrelease, sys_process_mrelease) __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index 72c929d9902b..c52e9d87f47d 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -371,3 +371,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index b1f3940bc298..31eac3c99d84 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 820145e47350..5037fa1f74b8 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -456,3 +456,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 253ff994ed2e..29545b3ec587 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -389,3 +389,6 @@ 448 n32 process_mrelease sys_process_mrelease 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 n32 lsm_get_self_attr sys_lsm_get_self_attr +452 n32 lsm_list_modules sys_lsm_list_modules +453 n32 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 8f243e35a7b2..d74fd86de2a2 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -438,3 +438,6 @@ 448 o32 process_mrelease sys_process_mrelease 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node +451 o32 lsm_get_self_attr sys_lsm_get_self_attr +452 o32 lsm_list_modules sys_lsm_list_modules +453 032 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index 0e42fceb2d5e..d1a5f3120d6c 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -448,3 +448,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index b68f47541169..7511e05b785d 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 2de85c977f54..1a75a599bb55 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index 4398cc6fb68d..80b165091f6f 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -496,3 +496,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 320480a8db4f..130f9feb9eb9 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -455,3 +455,6 @@ 448 i386 process_mrelease sys_process_mrelease 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node +451 i386 lsm_get_self_attr sys_lsm_get_self_attr +452 i386 lsm_list_modules sys_lsm_list_modules +453 i386 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 52c94ab5c205..2610aba19802 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -421,3 +421,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 45fa180cc56a..93f89fb06ef5 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -886,8 +886,17 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) #define __NR_set_mempolicy_home_node 450 __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) +#define __NR_lsm_get_self_attr 451 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) + +#define __NR_lsm_list_modules 452 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) + #undef __NR_syscalls -#define __NR_syscalls 451 +#define __NR_syscalls 454 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index 3f1886ad9d80..8492aa4a771f 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -365,3 +365,6 @@ 448 n64 process_mrelease sys_process_mrelease 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 n64 lsm_get_self_attr sys_lsm_get_self_attr +452 n64 lsm_list_modules sys_lsm_list_modules +453 n64 lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index a0be127475b1..a414fe8c069b 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -537,3 +537,6 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index b68f47541169..36a52d54d987 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -453,3 +453,6 @@ 448 common process_mrelease sys_process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index c84d12608cd2..96dd45bc5988 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -372,6 +372,9 @@ 448 common process_mrelease sys_process_mrelease 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node +451 common lsm_get_self_attr sys_lsm_get_self_attr +452 common lsm_list_modules sys_lsm_list_modules +453 common lsm_set_self_attr sys_lsm_set_self_attr # # Due to a historical design error, certain syscalls are numbered differently From patchwork Thu Jun 29 19:55:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297263 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 40AD6EB64D9 for ; Thu, 29 Jun 2023 19:59:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232369AbjF2T7F (ORCPT ); Thu, 29 Jun 2023 15:59:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60900 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232311AbjF2T7B (ORCPT ); Thu, 29 Jun 2023 15:59:01 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 293472D52 for ; Thu, 29 Jun 2023 12:59:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068739; bh=VDC7nSb24+TiQjjwtfbSyQDZ6atY+2bn2kkmV6iO130=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=X6utnhH2CbigCO/704tZ8do7uKV7H7fEsx73z+2iwiXzeDWsMDi6m5k25n76XuBhRKlG50MTYUUVT/xpabMR6/MVbCMQW/pb89CGrpAv+SRUApmCDt7hybtevj16qgJZMQDkn1vMFe83wHgvpxK0qZx8iiQjd/k/XoxSwzHGmCzcbuH0jOuQCL41+6PGuhniVAgwrHJ/YEn6htOm19l6UfoEDytRDQjD8Oof5t8/sBvM4oPg04+uJX26CD8CZmDUuIZ1x2MotzgQYHLgyopvwOVtYO1a9sKRRoYDN8V/F+HaMd7f6DUoaiNUPmyfGyYfSnP0eHhOdYBgeKl4V3pWFA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068739; bh=1DFK0hdy92/LnwyeY33pVbqXS24sXmzmoyFQ3Hl8eJF=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=IK1+wbfEXQ5n6/xIz0KHo8u1A4lGVMemlMepIgFg6/znIQYFjnrjEzmrbe9tczqzGqKVfyiBAELjY94nXjK/p6kp/83fgAlAfA/QyJkyEOhrdE1LXDI2OQOqa8ToMhm47uTaZYFbl4PyZJzSqt9CnzMYu9qZcfdF+SUeGbWUo1n3Ghoo8gT6BhCjsOcernXRTbKkMJlToaATOxOYyYja1hVxo6M/pEVNZLJ1SNpm8WJhNluomoDtEISHM+9AzJ+TgWHp//x2h2oq923jDNTeMTYlIkGk4ttjPZjZC4wlCHPzTYGgSLEqlgFzwgOfwI3cawWCOJdcxbZdQPv99QB5uA== X-YMail-OSG: VCkSsXEVM1m3jPoY8hzMJ68cN_lvbI3F11sMDI3tVndrKr5xuwypN1peuaEL8Cp 7XCK3HPrtqD6.GJXRo6k7H3jbD3QXmClNiPh3Kd2wIIN6M09EVZA1Ffo9_b7nNHLgTSU947H0Hbd 0uoq147.KBreXPE9ew87ognWPGocO_MT98.rrYWytgxAVnN8xmQrafXyao1lxB2HGcdIl3hPuU8d W5L2X2xKyZaS0AW4otrrcZjxBGEat7WAl2Vcd.U02CDLNSyy27cXTAT_caKsCWMaYMJU82Ir46lS MJxO8KfzzQ6kuvoyu3YHFs6xajpV_IF.6Zu3aLkiWpG15o0_4J1Rmb6F2KxCnbHU3JYk4Ofof2hd Xeu4voUyrPFlYMU02bRCQTSPqyTOFYwf4Qr0fGKiV6bldXjmWvZzw6.6r_34K2JZZIJqatLi.WbA yl8XMEsA32iLHhbiPmfNHPQLHHH8oiwUh9nySid_65an1OjOjV.RHhu3jZwcd3GV4dZ53wc03Cgd wmrv3jassDzg6HX4nh_rkZMrPzTrDPOgblEZL7LtIlu7todMVyh3BaPD2kYNE8In.uLxnUG33equ .D9cUTTnMuxQ0e84OL4OgPTgEmfwzvSnSA3j8ae4E1rTZnT4W7Fp_fbvDC0GR6fE44M0qoCO4ml3 KA_M6EDBQLmNs9Ng3SvFZaAb3uZkUApl2EXoDBhzHlwQU3iQc7_JZt_7ES97B4wfbi7X2pLHvqY. YD4gyzojqx17DWvmR22.PRz9C_lxvXIl9YvxXNPwaKBCt8CRpjWZR_wUCw99zqLlxE1rhLQm26xk f4B4o.ga8erfJV62smbl7EFtTJctyR4pKaHN0kAXEMhsIp.nDkPcDXFEUJtGuoKOCEaGoYWbQvvT OzSIPGDOF.39NmLAJ2tPkenNTz6XB_zgmDPc_edbUIW5p1xK1mtVTPcA4K7k6u5v6ZwPDFKhrd0u 4KMg7yArGrJz45WAsvQ0lXTVtY_rZzlYKsA3akVfP42Gzwc32BF_5R0E1ZZ7grMUDk_u0VidXmFi iZOhg7rqZG.sHic6WxsPQaN6kGPabG0lb05lei_8Uw9ytpjJMNaMmVqWcdzmBtv0Af1tCETfUIvd OuAJXS5zwNtIWZfuSVpkt9cELpc2Y14LXmkasHMIRyEcKT.VLGg6fr5BfQHyWFwH6a_6bzaY9hcj zFeooLXZDtH0UWuVLHS0tJevTYv4I9Jg8zMPTIw27Uwdwjdi4OsC1s7OPN89UicyN18Yzpju2SJO iRLW1dpQ6SphxFg.BGloYU7zfQQSBTf_5esgKLn36DWgVrbdGuuEjHmcxQY_Ojc2BxYTF8b9QJaC 6I3g4aFwrP2SFIUmuW7a9zzkeXeybv2J7ggFJilPHxMvJprbzVS5Zoup3t6C0etvxXrQQXqi6tSZ YzwaO2HqKA1bAFfFTx6O5iCIeWk7.CuxLDin0ZtH8GNiw1PA1FgNRqZcCse6Gima1fSGxB.OPIEx dlAFOh8Lp_2sE_R_5iu4hOIXkgBbd9VLM670BIyiogdSRo4hx8AE6Dsn5UFA6FKryDALkLcC.lMR dwo6yFOshdTkiW2R0p7sXAww5A7V75k7Rr84tBRjfV5ecVPXBQV4FM0vi3LBPEGzQDEamMQ7mVbv PAWw3Dc9EQmw7f9kIm69rIUkxT00XVRNPhUqZ5fTTwHMhVqZ1DFw8jTX4evfXhSGI.3pluB28RHl XXLQpBHNSp74LYLRZ8DjwLr1fBSPaiXisnrRiG30uTqVkt9aALvv3qo7.ofi34E8pV6TGmCGl13A sGMyQTGsd3VpdrLTxWXatjWpr4qI5J_D70RTG7aI69f8B6PL2ndOpw.saR4sV1M6m0L7_iTUZSjI NGSBYrVcMfEtLWF3Xg3LFt7IZm5bptrWq2WfS2OM5x8DTu5c8y6l7Ui_mG.nAX7CkbPns8mqfGS3 6786LjQCo8sC6PuRKPV.kRgCRycX8ToxjbIFCGCI_AcXyMu.L3gAsVkfpWDJ6I7yMkT4exOHSA1v 6cJOy.fVcJB.45XxddlCNEM_baLC0c81w.3DL4vrW3jb7OeRDg4hi3jiWU.SRXcWK7iCARQsj5TJ Jg_KsrLglld7qEgajyZilEhNe8N0WRvjtOvgI7x9OrG6BljPba1Whd20FIL10CFt6aj5xv3FWJaV A2ZwkZ9zl.5T.Ld.e0coZ5iewHhn4o52IGlJ4R4ZgHGFTZjwBRPIxRY1HzoRWuz1qoht8QLziWbW XMBrO36oGMtkr5B1.BJr2_Wm9v_oGfc4Qlem5rDYQfEb4ggM7BCuL1nbbbgJqcwzVOOvV1iVP6PQ AqvbanouOvacBWKmVwws- X-Sonic-MF: X-Sonic-ID: a913fd76-249a-4faa-b59d-caf7740e2ff0 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:58:59 +0000 Received: by hermes--production-bf1-5d96b4b9f-dbx7v (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 179208bf33e8d1ee67f1c353255c48d0; Thu, 29 Jun 2023 19:58:54 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 07/11] LSM: Helpers for attribute names and filling lsm_ctx Date: Thu, 29 Jun 2023 12:55:31 -0700 Message-Id: <20230629195535.2590-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. All are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler Reviewed-by: Serge Hallyn --- include/linux/security.h | 14 +++++++++++++ security/lsm_syscalls.c | 24 ++++++++++++++++++++++ security/security.c | 44 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 82 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 475d0abfebda..75ac91223c2d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -32,6 +32,7 @@ #include #include #include +#include struct linux_binprm; struct cred; @@ -263,6 +264,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -488,6 +490,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -505,6 +509,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return LSM_ATTR_UNDEF; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1408,6 +1417,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index f03f2d17ab49..bc22f05e2d8c 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return LSM_ATTR_UNDEF; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index 199db23581f1..72ad7197b2c9 100644 --- a/security/security.c +++ b/security/security.c @@ -770,6 +770,50 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * The total length is padded to a multiple of 64 bits to + * accomodate possible alignment issues. + * + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM + * if memory can't be allocated. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen = struct_size(lctx, ctx, context_size); + int rc = 0; + + lctx = kzalloc(locallen, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + lctx->id = id; + lctx->flags = flags; + lctx->ctx_len = context_size; + lctx->len = locallen; + + memcpy(lctx->ctx, context, context_size); + + if (copy_to_user(ctx, lctx, locallen)) + rc = -EFAULT; + + kfree(lctx); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Thu Jun 29 19:55:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297264 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1533FC001B3 for ; Thu, 29 Jun 2023 19:59:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232384AbjF2T7M (ORCPT ); Thu, 29 Jun 2023 15:59:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60908 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232348AbjF2T7C (ORCPT ); Thu, 29 Jun 2023 15:59:02 -0400 Received: from sonic313-15.consmr.mail.ne1.yahoo.com (sonic313-15.consmr.mail.ne1.yahoo.com [66.163.185.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0088B2D70 for ; Thu, 29 Jun 2023 12:59:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068740; bh=lB5ScsLeZipeYbWB53q9EtR+VBviso3GISiFZDLC1tU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=kKYcAq42/GvzhValfB64otUu/gJo/+yHfhd1vV5djelghBiPA8taSojf7CMPDX/qtd4XrF3I05h2AxcI/xiFxbZqZ2mePtF+BizNGzCHti0PoIXs2uPBx8Gri359jABn62Oa6BgwM963rR50X1bpo7IZsYQR26oO3AbLFOfKIamzLtsXxjFegPlAGELuUDY1euUZG1afkq8YB/P1qebv0DNEeM3g6hpizc1muQg9jX+vroJ6Ej8ls0VPm/p55icTaEOC4kiIZnlTdF6CLB6RASSwdZBXbkTKXkjBsKxS0dl46hi3MAMVHOEjqhj3FgmBtKZTWUyHIK0HRm6iW9H+kQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068740; bh=FbFR4UK41Jj1PS6b4T8YimEPCcktJJVZdza2S1b9tl8=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=CvSWk1f1dQVefWBkmLsJicqjPhrSbZ7oLoFfGxunXtCa7i65E0MAltmCRQq+qDRus58/iuiCKFZMFbBLduywK7ROntgKDEEhfx3qLYdTJKXfBJF3NE3FX7mO/qRhKqdbFhXuxUcPwg17o6V91iDELRPQ97wDQZiPtxeg5Z/QdqkUZ+AYkITJpXBOdRreSYxUIA1QvmdP7eJrxFfX/9C3brAywGW6NhVzst5vC2frh3U2uWl9wftRdiYX0Hb65nFrKiNQrPUuheVZFLmLosFuLbzQQLl7Sg5NWczL7Wud6jBfENRl628l7uOKT2HvRbwlA9hGMh/s1vOmhgAbklRn+g== X-YMail-OSG: QiyV49wVM1n0EJDPbuAUYW3calWZdB8dYjaIyZHLN.fDIf8DDqoMN2RexbuNTSU f1qAv1k0qTEl01fJxyfjSS9KcaBMgAH5HVboVF_bSwJv4ylJnOug9F9XhLAcPjOiTKZYS71KDcIi A29noVuA3bOjys9S7X0Bk.2cusOkdtpHipfZkcLZW07y0pYnQVf2h57dr7bOWy5PPFpjff.IVxRk Gkkpwhsgl6NvvfTnUF8DK9UwM0jsNlm3o1137DUoK0h72EuM_.s.cgE1wlpMC1DQnYpyHJkhT0M1 qxpfF7HBjB6PJcTetfPxNC3mZHx.3eFDVD1UmcwQfysxC.F.qkoajRCTRClSOsiI3y7hSHoOc7s8 s_RCLod5cLZT9Nb47JI8SFbgdxwDHveCFQPSHaCgdx1F3jQ1EZpJg1LNu1cGfnBJiQSSVjqtty30 5AMkYL8wvMqNl6VOV97lLdKjipXShZS0doyHVq4EK4usj70u3eogETWHfB49bOPWZPfvKckVmm1w rz3Fkm9R89XQKQk2JBLBdHx7baLdDVvM4vdSbWO_qjVxn1uFFfWT406OtbT_MbKYEYGkf0U3dVa7 5C_ARnL1UCW50i1kbm5AXxNHogNQPArawqckUoCBvHjs.yUwh2QwxLhiz_UCPjo4SP2ol2ReKdON suGbQqKi__POjWu9lzhHqza88gKFQV_omHRmGjyt5VoRO.8i_d6E2EyMpQ8Q70KmfosJk5kblTbI Yxj.4oQ9INNMR0wICOzW19qZrpym_6PdX00e6nmmI6dPlNFvwvwHMk0rphf7M6zuYrRm5lsmOZG6 1GJksWlG5VU2M2D3RNVIpnW3y.aPvC8.BQAoLI5qM4CQdi32t.5XkO0vjrOeSzMHQ4iwzZf_ufyF cH.uVaGCf7VboA4O7A_u5lMM4M9dVIjqzK7YYIRq13Tx5H6dWTuIpLqBco5HCFMsl4fROmjcRjZW u03lAgqtZpmwyb6apV2r1ILZ6rXBMGa6rPUnHhKYCOO3_O_sLsAQWRVDCBcuF4s9GEPM_BgPD1tq 0_01mLQya2VbYRYao3WD4QkT7SC2JwYPsscjXSp89ulTl7UPPGOd8u0GfQf9TPkBdrKImP8qRiaL l0SDJIDWtUOkCmO0x8XezQF9N6iUFZbOhIi0G8tIR13a1_664Bycg9v3irW6FqFmtoKzzKzPrYqD _cuClTmRIDKdK41pOyTGykJOmb4lb7iXmRRIn5zd9S4RQv9qP7Z8BvBQG_mye109s11aeNgGYY5A amjDiUmjg8oA.kStuUqyGCzlS0H9W8mI3kkpOyemxMFUXxYiEL9xdpTrH0hFp2hnxjR0PgDmgCGs Bfptt7jzDH9rSWs.DY_jnuGFwswpLs18effcQx_FO_VVHkxIOcuVQAFpWtrb3YYp8We3DyrS9JVc K0DT7x62ez10fxNv1OKoAOsK.foYlK..Lt.J2LCknIacgmF2fAi9W.AudkbQVd.__qU9_WLSHnQy yl.c7A2Ql_c2vuulnJoD2yV4N27HES46PM9QSLZbuzoxNrEY3h5tCAHw8HT.uC1eg_cVh9wC.guV yWuMHGiqe0YkK5lCcG06JoViRtdkeO_xTcZl1HQ3vBwRoJ.beUx7qt1DSTQqbGB73O.s.dKCsz0h eDBsRnLrn1GLr_aV7VlTWNQKN8q22dVLJWhM4HzH1eeyzaBE05MIOkNOmNaEyeJX.y3YsL_RUgRz 7jzUceRv7Y1qM0FsSkeNKKmDys4xI_6EdxKJUKqRx8sc4XTHU7pJnZlLrCv73V7Ug90GoitISR66 mTEvqXvwRSGkN3QJ5pSDrLCdJ.Dx_1RRkt0W3xDST5MyXKmIJ.6nFQ2gbbY5p0qLpy9ZMm_vc4Wr 8O0o9RApsUH26pDv4qwrGBup_sW4dV_k5JpZTYmE4igSKWqko2EaYIKyXov9tasayX93S2UspxAa HjSP6lq6FxJ8ARwI07YBrlXHfdDMjzDF3DtuE.yZQ_ErBfE3qmxFmgXXeVZflpcjfesJGi8oU762 wNH31nBpXI7WfMeo21xa5ml5faVgtrcG6ygs9VJl5NA0Mf30cBj6RvV8N7Os8kaUnZkr6YlgJxjH MHscOs9Dht9R85ICKhjbpMeeFel2z4_.AgKShKLWPHbnEtZ6DR1oQvh0w3fDBv2Kff5M7rAory.i jWLMk9g_DLtUZJbKpR_5hrKEID1WEA89w4sPiClUdQ4ceiIeiWH0Mvi4FKogOTp44DQZWdJTlgrE lpVR91JeWih_.puLsa6Uu0nbUf7nK57sgekx2mXd1tYO4m2M8.Aa7VfQnZjOx_MWzbhh1jUDGwPl vtho01fqvlwSfdq3nRw-- X-Sonic-MF: X-Sonic-ID: be22d627-ac22-4559-9992-2bc50d686d2d Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 19:59:00 +0000 Received: by hermes--production-bf1-5d96b4b9f-dbx7v (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 179208bf33e8d1ee67f1c353255c48d0; Thu, 29 Jun 2023 19:58:57 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 08/11] Smack: implement setselfattr and getselfattr hooks Date: Thu, 29 Jun 2023 12:55:32 -0700 Message-Id: <20230629195535.2590-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 106 +++++++++++++++++++++++++++++++++++-- 1 file changed, 101 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cf847cfe5ed8..4a84639e9db9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3536,6 +3536,45 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 1, the number of attributes, on success, an error code otherwise. + */ +static int smack_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = ALIGN(slen + sizeof(*ctx), 8); + if (total > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, + 0); + else + rc = 1; + + *size = total; + if (rc >= 0) + return 1; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3565,8 +3604,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3575,7 +3614,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3589,8 +3628,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3629,6 +3668,61 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct lsm_ctx *lctx; + int rc; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -E2BIG; + else + rc = do_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr == LSM_ATTR_UNDEF) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4939,6 +5033,8 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Thu Jun 29 19:55:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297265 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F1A9EB64D9 for ; Thu, 29 Jun 2023 20:01:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232554AbjF2UBH (ORCPT ); Thu, 29 Jun 2023 16:01:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232478AbjF2UAj (ORCPT ); Thu, 29 Jun 2023 16:00:39 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E4FDF35AE for ; Thu, 29 Jun 2023 13:00:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068834; bh=FecLkrXox/1UtDMuj0YVSfxHtwMaEWW93HEIoUhvMVY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=eXo+5TKvNKfwg1J3yxpHvu7BjkAs8LVtruGj65k7/BFH8A4GnorEiz7Njw0qcX50MXgrjahRrMKEt2LXiiZXSNLhSdIoEqn4VcsxuW6UvB5W7N+c3IQd2hZwJiLCQXC/GQqbG+TBo0do4GWjvM6hozJ2zTXwRhgVi8HtwmUE/03/w0vmblpgsv7Y/UKSqaDrULysEM/hnw+pfIbIu+aFyq3MaIfBxMfwZl5jNdAnj2Gm1fyNGvMiixNeFJ/upyaaJavTX4mhJMhf1oCgtmdQqiwUFqCe/BPP8O3mgBa6+ZRQoDxp7cpYBBcy4SQPo4Zy6oHYUoip/BK5wS2GeqjECg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068834; bh=/FIFpSsqOuo/7DEPmlLjOR/69mZ7RdgDOzIvF9vNnNK=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=AfzthcwYn6W8PjDJZn3SanCleE2R2EQ+LWBVSolfucgvYgBIAr4BPSVhKgblCSuTgPIptRkP4NkXKZL1bLJUp6v7IIkd4I9QGyzSfF5jypngy8gh8dGhLtAqE67YecYFj0RkX6JpRePA2zPnb09M18C1MzV43QHaOi+9RrTuxt/2LTWyI3ABZzNyAvy9bAFLszuJcE/3ho04d1ZO/m0LGPn6exwxBtadntaDw0uKZMY9oH3gEgVOuPBdmmaM5hlgld7tUIUQquhM/u4HLvHTzw+kpDyoYBDJXuziO4J8FyTnmjk9MVJbHEJaOkR0sFTWCkdMrnuzhz+gUAEABS3jaw== X-YMail-OSG: 6_.qGKsVM1nL8omVAgVL1yFNQlFJ4MGY17DWjYpuQCGqkNcO9rm9kCM3QnfZQo7 OiPQSnJXKnplZaoLrdvx42Vm3yi2qF_aE_2Csf99I23bRYQY5ALrtqehudIAIINM8_Av2aMVLhhO gDU66UXWky3SomeG9.PnE4AHuq5jX42M8Q1GFC.7IkJNoH8ef9aAtDyhdow.vzC.sKUvB5JM6JYC hW2TcbjLGN2lchzJwGdkZJFQFhjSxIgJIzHtHXZ6lpySh6bOYBdhwTCXIjPgYmPdnCf7Sh2P8eNu WxtJQGr02bB_RAGO2LS9d_v48jSBY.Nd72AQVdBA_.uByNMM3OTpArDbAOjeyrUQ48XHVBa0t4Yl LfbSJkNG8b14d9QDTKqXi_OJXy_xwxvukCP.LL0nGfRY8Afd5G6rtiv94zj1NTgeWLCp_OtZ7O8h dfPe3CgjPn_7stsBWAbuzv3CwDhbm1_QKIx4CAw0gqK39pks5oxIqHYH6sn6xL3M8wqmmLVQb1.I 8a_V1nnqLEX1bM79zLxHdBN26yOwvkJuFiZqScM_PLK75vsSDKN426wKokfg_Zf_cE8FH5BLbdc3 RoeCeyw8YDg0FlGMBu0jajg2vlbfolRGy9iJqalttW0yUy87FGEKAygl0x_FHYoWj4e.bCgxHML. bA5EZFtehyKwxk6JNfXsEG9sKf6ppDLP3lNL6hY63qp..d1DlM.k.nOO0JA4rYuXUIHAmj68HaAr LqQxBwr2vnxMTCthV_U.s1rb1qxKtXcxtYfszKi6.ARuICbvkqTD5NN8JZF_gYMrs5yBGYy_eiZ1 HTPr5dCyxeOisnzYC_uR8p2R.wY.qQwvmoTEMOvrQV4N3V0Dm41rzcODyP88zTlhm9kK4AJzlSDB OLjJ6Voq2Q_8.kZn6wv4dzvOMJhNGqWW4GNgAlAfysdsjh5v3XKTteKAHywfki3dKz6tKxxfvxSX YtjAYGjOHsk0oW90PDxC1jLatlmfY27JY.SwT3L2Ubm1xFOsdS9pNPJc4_ei7.vFpUm2ldNZRUHK iWVZtxQrgZSZKwnQNGhLcy6Mk50fb65drauu2WuAlmQlItn5NOf3A9XROy8RkMujNM4lfBHFWxne RSdR33VTATYkUveRF.RYvahvaqYWE1HtHMQ9UG2AevqH3A9I45l94xBh0hmJydAhHTd9ItDgHypy A9uctYH0gLk1T7lTWsEhE7wzYi8cRNg5JgmTSApPfnu_MvgucMe5H3QBdvp39HBhfyPUoN_xnAfp NviOgR5qS0hAxBEerAygy3JRqVFVhh_ddWU5Et1e3TqcFTSegXu0UCUnXBSEBRG1G36hLppXiVFC 9Orumh8a7M0osOUDSS6D.baS1lx6J0Jc66kMSA09V23lcnb7whmIWM8KCV6ROto.Fm9.KFU0U1gx UkWC_2PWFhQTVk6QhEeuE5luyimmckKxlQTCaRE6ZQxF9r.2Gr2hI3jwY0Ovr3T0bzg2eRUOytY_ 1_6Wnb1D_xIOVlsEsctr7zfhLjiw60V9.W5ji_1qll95tvS3yn2SKseIyWncYodB5LEXauglSnSM eTwv03QzVZAvaqEZI42YjgLGtcTk9P_rSNaO6s.B.pluWUo.cpEBzi6xKz6_kRLEDAe1xOGXDWhH BGDXlEF15k6MKaiF51QgNoqDB7HcvJ6UQCX4YYYZTpSIXyYVLvS7Yi6DUVoPoEZUjtp8xjg185Pj Tr4XALtQFgcPf7FqN_nMf9NVCqzoafDHApsEN4U27IFTSRgdXZirJWF5H3GdrT8cgRizQtLamAb7 V24OAeTSLHzB65BHNvdSLS8Dhgb.j9dKLWWvHR6ZmqlGqnDMOZuNLzS5KdoCbFM7viekVOStSt.a so9Gey.UnTJe31lwyR_JIf_1SxLmI8z97E_aeroRlB5zX5F0R3JyfBIicz4D6iS2MJP__wz0YdWS EpOAfqlDXHDDLYnnFW.DuLzxG2jlrjb6ISY0T3VwmgIH7J82PJ4GQpYmt880HPJkp3ocNQOGICcj RK12vFDXl0kw0lw5UfoDQ_F7Pp1nspmjYFxtKmStwizX0PCp4JV0yZssl0LJ5tlHaomBdMqYJZJN wVQSN9QN0YENj3IStNlr7a8fv54QcM.tNNU8suFzOcNDYXtIxzZ2epmfyW9kYC3Q02lRqWVBpAo7 BA1uDj1gudMS2UrrofywxZQ55Gx1W69xS91IuEetqdkWPdohnBIBbNsjJAQttbPOQoK_HQIn6M3m y.ly4ellfHtFOGvHgnNu4ED7ZmogWvoFa2xT_JXb1TlTPDYtB3e5_..3rW0LqcAIUuw5YKiQFJo6 nx3F6hRBmevnT6P0V05follZpLYQ- X-Sonic-MF: X-Sonic-ID: a34986ca-e6ee-49fb-a32b-5d35c826c077 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 20:00:34 +0000 Received: by hermes--production-ne1-6d679867d5-5vpxd (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3de0d904516dfd44a291f116baddfae9; Thu, 29 Jun 2023 20:00:30 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 09/11] AppArmor: Add selfattr hooks Date: Thu, 29 Jun 2023 12:55:33 -0700 Message-Id: <20230629195535.2590-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 102 +++++++++++++++++++++++++-- security/apparmor/procattr.c | 10 +-- 3 files changed, 103 insertions(+), 11 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 308cb3a281c3..7d99d5be4c12 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,54 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, + size_t *size, u32 flags) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len = 0; + char *value; + + switch (attr) { + case LSM_ATTR_CURRENT: + label = aa_get_newest_label(cred_label(current_cred())); + break; + case LSM_ATTR_PREV: + if (ctx->previous) + label = aa_get_newest_label(ctx->previous); + break; + case LSM_ATTR_EXEC: + if (ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + break; + default: + error = -EOPNOTSUPP; + break; + } + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = ALIGN(struct_size(lx, ctx, error), 8); + if (total_len > *size) + error = -E2BIG; + else if (lx) + error = lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + else + error = 1; + } + } + + aa_put_label(label); + + *size = total_len; + if (error < 0) + return error; + return 1; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +697,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -657,8 +705,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -689,7 +736,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +751,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -724,13 +771,54 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + struct lsm_ctx *lctx; + int rc; + + if (attr != LSM_ATTR_CURRENT && attr != LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = do_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1341,8 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..e3857e3d7c6c 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,11 +58,12 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); - return len + 1; + return len; } /** From patchwork Thu Jun 29 19:55:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297279 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7A2FEB64DD for ; Thu, 29 Jun 2023 20:01:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232653AbjF2UBS (ORCPT ); Thu, 29 Jun 2023 16:01:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33362 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232494AbjF2UAn (ORCPT ); Thu, 29 Jun 2023 16:00:43 -0400 Received: from sonic314-27.consmr.mail.ne1.yahoo.com (sonic314-27.consmr.mail.ne1.yahoo.com [66.163.189.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 474733A87 for ; Thu, 29 Jun 2023 13:00:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068836; bh=3KfYzQZSdHbYQjB0V2Ilq3MFhzyKnWJ15K+bVlsg+sU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=XDzQndu0bp2CWwC4HpE4SCi//nKD5Kos4/Z9vAkXNON329uBDeRamYCy9Nut3lYZULOVMUAeS5G4TKeGVe5C+pNN7ZYeHRgasW/7Ml5GxJy780XiM11/x5JONp73tpH+eARk0rTuiJhGhaDPkOltVcdHW6SoAKe2hHJH4FkeHvJDZNaBnaGavDjRyww1cwo5BqV3AStX0uHNRGR6k6Z4nl8biGhnFWpHoeVSIcY0cTKWnIkmkBJMilnO/oDAH9ydFjIhDLp+hG9HvoEMRdVn0ls6QnTXDzG0Hz0AJggaBXQ4PVch2YssYfZFhubrt77te7EQHfBuH8ngEimyl3s+MA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068836; bh=Mr0R1ALZp1488b6yrqlnLm8iUD2MhEmnFV4c90EdltV=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=PdSbe0MExPsn2r3McRu7u6eH75svq2WrJLQvnDJN4VRaBTe2u+ZiBXB7qqMVnVYeS66EqqlehPpt+h1o72v6x75Z6cfua4lUAy0mSpEfr0Xl+qWikfYMAAQxMQWsobzF3C4yJsl/Upbef0Il6QB8nweTBcoOZzR9Sd2wC5khOWQ9Hp3tZPpgs3QVW9EkEHuMLfQQ5/wUk76JasRr+9hZwRYCDNlYzp6yGxVUknG5HUwqAAAhk0MVtwXAGQmJrLYIECJae2Ypgo9eNuiWxfk/+OmVbCfxUb1RUq7RXAe3NhnSjQR2kgPGDSSh0yDSu4zwDH1XlJL0DHKofz6mfHswFw== X-YMail-OSG: tlu69aQVM1mZwufp.7msBK1qmeW9uzgJA2ewmWjSySWiaDoWWzPpF9LfOwjJ4Yi JrOjEKVDhvQARdZcm4q2TZyg2VWaFeDRYDt6cQjsf4ZUdF7Zsw9Wgf5UgTCIDXxPnWgeaOUHxaXb NL7jdSPU75FkENOeRz__UOtNxdM9ogHedDc5YierDWVWn.BJyqUM2RYLoVRqtyPhLAu7PK6SZiCh rgRH6mOHZtNFfb8BwQwY.fqRYvZLl_ZhcLhBma3GjIFmDPZw.UC4pkmiyiA4qHRqUGUFADx83yWM 1swLL0bZH.lm8icp1ZNN2WDVMaaDzDdfzKHdbNd6VznMymTBXYXaNaq7g7V8gHITjSiaGIqj9xQY nrInsgjFVyEF0EsFdain4eDqxNL1X263EIkERWpgAqG8xngFMg3IVfHvl66RMpNH7NORPLIn9D3j HhmAY6H9_LbUEHw7TXgFjSHvk.dJ.kKeaeW4mGI4Qap0QxlWwnGVZsoeoq_vvlcfk0rPM6MOCksY r4RrxhdkIAQorBw1B2tJKYrOvHvmHANMC_n908PyiRY29FZcSX0snqZcxotEiWKpidlj_Z5qH.jm fJqXV09xpqYMiQX3Yst4KsQIygDn.3UMC7FDBWhLOUwvNVXcu37pj48p2xVl9aIYDYxvQRsGRbM0 yyhgb1rjb.hDWXzIFtH7LraY.2WXsdjvUn_gv71zVFlmYAN8PyUvj5UwulWNUnDz4ZOp1bZjRl47 XFwba5fkE0LCN0W21RIRWgu5gMm5rV3NvZm2dg_TenMNXmragnZYWCYJhevCM_AAmkGQ6kgGSiLl 89SyELIf.wgJz9bcROVuveNXnWQf0RU5W2rEzpIftgcQEBib4JUK0RIETadj4yIby4v8XQbIEos2 cUB5WoQleTnusTgTh3.ZLCFaT8JeCcHE9Uttm61J.F4vCOHiqiKs8.vtP9Uz0v.AITS37KXFsYai hY5yIv7Yc8BqA3c0wYkYb8pHjgBqdBtdFlklxCgS_InCToSy3IQ..uDZxWqmsBH0wk161n3RZ3ga _s3JG.vYAGYvxp9LCYAM6pxiVeRqJaud_odpS4w5mxtSRQyif6UT4QSkWUM3zji5siS4ZcR99IZ5 09YiNJ6iKLyH0vdKrBlO.Ru6pK1Fb0HQOE0n9.o983Oh7uMuB7BOhBNKTZfE.TOG35p5RoTTvECV rAHcNNV9B0XVMEaGgS_UzflDP9jEpJtfv8CCgJuEInFGWrgWF3oue9G6qJsN9jhckE9BcrBs0qpX FJaDgwYZnw7zSnf1RdoYaDSreqC9v3QL6ijLe76Qr7WI8afpshTdB9a.lHs.0yehgQskpVbKz_cs m8C72Bzm0OkHSnA.x5d5qb0OpwDgjX_FsWY4EoYeKl3TwT_.2JvqivRGI3d.65KE0F05Q_xfZ3wU A.Izdi0LgTG0IjIQ9oCp8hbTtPwZ7ZdEms1TWFowRqygLPgKR2VYrk._do.7TN7cQbDAmeLwBjoB FswGolqvBFkoOooor7_RpT_0HR6.tDnpDYmyA_SS8d7QfXo.dai8hFxRN6253ggIZ6eggGr1Gs_L cy8gNLBR_CUYVWb992iLIrDWGhG9ggngg5SU0s.n54r6tlmWc2.8tco7kPKwMV1tmqPD6_31w4HP YjMihrXo0basjMUOHcfxO.CHOMGFiYTAqe08qWVwlrfPumxxMwV3JNbF.WG2ag03agjYqZukmIOI qTZlg60bmKFBkN2EQrrJN.mzL8E7.1Wlq0oSJYW7LhvUvPboirZhl1zz6nWjTZOvkILOpXV.2wRb _L_x9ZuRKz_kt_xIMZVe_dO1CsIXVCcVwrs5ILet3_o_GbpyOH99ZiA19FamouEJ4Q_VkKU0i8ua C_NakNNVuPCt0xNsjVtQk..vFiwypV4krLRcV_RsXoboYbt5YyUwlFl2cf.uFZkZ41lIaVj.b9Qo 8hrDZrV8qZglQDiO3vXksZ1XLYdGaKvQZGZ2YeVzZTW4fHRCPNVPw46AqsRnwQkFaZk9Pk_5NTQi BULwy0LenZqUZtRnsr9FU5MlBhvNzfqQ8pajcU4.a.XLCy3o7aBaIm34qhQtZjUMibEdNcyV30mP C0AOfXqARcdFJ8HLdc5G0JRmAIoe7RzwfqLGetxpZzf_FwRgi3qYBxFJaSKfuSb7Q8kLIuK86faR rGi52AgneQwwXTkazWJSpUseenW9xLjSD.AHuET_I5lng6DhPIJ5vhL.6qksb2T6wHdYNSaf1qwt gRWD.lz3_XRypSk2lFcSfW5u9lxaF0gjKDz8oK2pqXDye3m5N7vpDV2CSpkhCOuzJd5sJQ2HJRr3 WXEg7RYsSfTOZCrDiLpueMZ7o.OgwaDQ- X-Sonic-MF: X-Sonic-ID: 89ca7050-aac3-4c82-be97-7d994c83ee28 Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 20:00:36 +0000 Received: by hermes--production-ne1-6d679867d5-5vpxd (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3de0d904516dfd44a291f116baddfae9; Thu, 29 Jun 2023 20:00:32 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v12 10/11] SELinux: Add selfattr hooks Date: Thu, 29 Jun 2023 12:55:34 -0700 Message-Id: <20230629195535.2590-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 148 ++++++++++++++++++++++++++++++++------- 1 file changed, 121 insertions(+), 27 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 49ec74bc006c..a4a536552717 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6226,8 +6226,8 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, + char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6244,20 +6244,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6275,7 +6282,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int selinux_lsm_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6286,23 +6293,31 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_EXEC: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) + break; + case LSM_ATTR_CURRENT: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETCURRENT, NULL); - else - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; + break; + } if (error) return error; @@ -6314,13 +6329,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6331,7 +6347,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6354,11 +6371,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6366,9 +6383,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6410,6 +6427,81 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + char *value; + size_t total_len; + int len; + int rc; + + len = selinux_lsm_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = ALIGN(struct_size(ctx, ctx, len), 8); + + if (total_len > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + else + rc = 1; + + *size = total_len; + if (rc < 0) + return rc; + return 1; +} + +static int selinux_setselfattr(unsigned int __user attr, + struct lsm_ctx __user *ctx, size_t __user size, + u32 __user flags) +{ + struct lsm_ctx *lctx; + int rc; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, ctx, size)) + rc = -EFAULT; + else if (lctx->ctx_len > size) + rc = -EINVAL; + else + rc = selinux_lsm_setattr(attr, lctx->ctx, lctx->ctx_len); + + kfree(lctx); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr = lsm_name_to_attr(name); + int rc; + + if (attr) { + rc = selinux_lsm_getattr(attr, p, value); + if (rc != -EOPNOTSUPP) + return rc; + } + + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return selinux_lsm_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7041,6 +7133,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Thu Jun 29 19:55:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13297280 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B97DCEB64DD for ; Thu, 29 Jun 2023 20:01:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232495AbjF2UBb (ORCPT ); Thu, 29 Jun 2023 16:01:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232566AbjF2UAp (ORCPT ); Thu, 29 Jun 2023 16:00:45 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4F5632D66 for ; Thu, 29 Jun 2023 13:00:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068839; bh=DKeEkj8ly1FqNoGt8EcMyRH/A0S4Wx+vordwNsS8AI8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=OpLJNFKeMrk4FtOwzj07hFndorz6L4PyEXVH0nKNQaapvKt6acOTfe7lMmfxNdiQkT2VsVDc6AHWz+7jSqz68iQy7Ven07fXjbPrT4xdhKwBy2rLEwqtlZziprYXYhxuw6RTuxe/xbS4foGjNn6Cv/uIbrhye2nL7NjfbrqTijydesPLsWCY+u6iRERHt7Jt5KKgnxB/hZbcmrMNwiVD5fhQ3S6Fn79h2mnFTk9DkKiTWsyStrPkzF8b/r5h7VSBMLsRuaXV8aaS+S4KPI7UICXaXSnx0N5j9ikjS8Cet3o+y7c+qSzYoRzn8C1aFEHprafNP+hqAnOGzYDAg19YKA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1688068839; bh=iotjg8uy680CCTiYi9vcSAn9fLlOEP37xJ7QcN3JyV5=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=gfeO6sbZt1wQ6MixYOsxJDJ9m9cg8ffBABEhsIlbAVjtZUQzZfypARvyJDHbEMwBozKuzw/yQJuCMRoAHF8ilJZvfbHo/U/o0SgWailU/FVNkCxCEPmRP9kbWoxOCEb4RowI0C3LOl+RzUagTNbrd6qBJEgdOiTyqf3oagH/z43PtT8WWlKHQtxkciZEYFIlwf+5t8b5YYuyxpkVY7szjghEKRKgQq/PbnXFR6SUJzJ4fD7a+kwc6A9Gjx7c7AifDOOlaY7vqVb816tZx/IMZfxOByUUt9IheeTYJ/egCN11RsgsJ0p1h1Br7Xb9LWmT1Ptu2YccGGOKKV0R45/4/w== X-YMail-OSG: TVXKOb0VM1mT1_tdk7PTH_dkWhF7qrsSGp.Hhz5CXdcGLCt.MYH8DtWnWnbq9Qa gA1Tlr7fvEEG4IolC2oVKGKETtftweFfx6EuShavyfvUfCNOngzTXmWOQJzEUnqXmwJ6Pjhe0gxH Ob4ISaIEBIOFbFDHITHgDGP45is9Cgzh9dxBlxyvm9lM5uaWt9yPoAmgxFvxHHSZX6IMDWp9SECd nLuRMAehYG_U9KOHpgFSlKxJ78yZz069A4qxoOmRwmNsZr5jChVtYjPEYolDKYmARXgdbsJYcXwp KK9b7ppMUO8_gtXtuzKuMWCkmxduXtsuSseH1QRa9CHWGa0SWx3x93iTNWXROIaLUz1PrztaMm67 .S2gt4G1oplmVFADUM5ZWDtyZ31b3AKR1wlz.Y6B.igmdSM2Yri04HKOmnI8Rf.SfKs58ktPuuG9 alx0p1040GKWggzkrJgPShinWW6ujUdAJ0gL8ZK9TO_iKR2P.EdN9Hi6PhTvfVB.9xhgGN01AC50 1Cxa0f_Byli.6qgQt2wcErdtPm4SipgC7JDoozt015.EEjrJOORubigXmrsf22wNKyFfwrvwN6kG AMgYSYEJlY3_B6_IoJDmibhV0VwYQjoBWqq74CWhbFru01xYD85tpIeagu7p_BckPmm0XebD0wrw oGSaYlhjvpXj6FEfiYSH3Y6ScZbUWB8fFpKZmTLpO_87gy4cksJKOeKOO4W46l5mEBGhDAkMZ5.M aiR.NAsJrUckKxBzwCCSgXMQx8_vfSxZ_20nZdsKC2yiWCwYwktDfN1_.iwHXG8G0V8i4RtVV.aP KRBtAiaaBRESWZf2.SzzxBXbHlkTXqBA9bYD.zywi3xASNiQneGM5KXp8JxBRqNWQJI1vy9a2zmx x_J3dZSa.ghh_vRKdA.LC6CfQs2VlzS3VaClHr2aCMoXGJA.jd_8XxYIaicmEdOcQBtylLXzyOSY L.fsUhNRV42lfbDtumqjG34WhjO12Xl86UAS1I4nFo2GKh_BXiwG6BEQUp9qEP4hX0uTSuIgPWe. AaU8AQAu_P.0aWPxed2RPp8ymVLhHD3l1SM7IEgm_d4yZRhyW4j_gxUkEwOG5Aaer5MsLj.4x_1y cFL3x4DwTGYOgBEWqiPEmvSncyapalIWZWBHovs3nIYlaMjN2cSFmsOzJMbrzli3nlFdiiIylKkS jxTSTJYouzLPAu4AF2KlNxKMzUa6hignpbokCmj5IwXtshvZDZziYti7a3pLjtKAYTDTnvSfwoko oJj2yZKbfbGFgtTGgTdA3yMx0ihzt6tG2LKZjgYUAPa7GKw_G45HcZ.pDqvPMSJbfNJTedRzJqG5 upt1I2X0120ENh0KYSWVWKPASpyBrb6OamNVgvSJT2tp6jFjpNXBWFiWPjJbDz9CgwnRGV.VdBhl YVu2JVq2ji0QTAilHnMD_y0yIOcStoeekwYkdEfP1f4hLAoWBbD_X7jTBxpK_82tOl1P5ZTrx0zm 153L26fynIXENaFb1RaW5yG.B3_QNjOgy9sPvHzMhaA4IqKoNFx.YaFAvOy9RUzdzup2FOH6.9Hh FB_sY3.pjRUwYS0QQHqYkzctyVIY7aedLg.bG6MYxShGjut25bS03MCwmTDw_Cdiwy7bkj5O7wY9 7ZOZyNMFpvhC4je03nhFI1BG8jdjz8E.0q8AeArx59ZJpUOIN9H1niA3wX3ys23ndi6AIeoqlpyB gYww_Ozs3fx_9zHxJTgXfzv4PeBXtd64S6jBWlba1MW2Jj3TtfrNM6PvovVIdcpZgjOaikpKvkWG vMHXP7_DUBB4Y673NpeUtsFoWfnf9O9CfCv9uC7JQMrmFS5jEyf0A.gR74EuFvme7hA.qGfXyjj7 AGL.TqxtDETb9htdRVW5C5JgEHy1eQQwDx6MvQLKv6XC2hnQ26lOf7yM6xRoC9lYyZi9ll9adjGF 32vzUIoEzn_cmj_bXjKklYjfdzhU5z1ZubVBjolzVrWKJw4l2fC1sWqEK6jclvGeV8umEJnsiZDx SJqJ0KYkXEJA0aZXvs73lD9rqLZ_ZqorTPd499wz709b03EZtJr08yIHtCS1EtZurboV967.bMMH yfx82L3Il2FZjpfSrEDzXPIKHxivdC58dE48xTzDqRCf8Ad3jiSVvi5D2_THHllnjLUKAlhCuvIp 7mrG7PyWC0CHlikrgfhTzYJ94ODFR9JdBmwJ6JwHzAE4k6PNwrCk6Cln5.POEfwTpT3wojbcpbvh l3swupc_h8bQ5cLpQUFP3meiE3uyCaAK5NCkeRafK384tHFSo29b5FLNWhKUg9m.4WIEAhU1EzSv QzXg54OBlCGtUGGEvpy1ITMV1ncR6Mw-- X-Sonic-MF: X-Sonic-ID: f4eba601-69cb-4c92-be90-6761b481aff0 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Thu, 29 Jun 2023 20:00:39 +0000 Received: by hermes--production-ne1-6d679867d5-5vpxd (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3de0d904516dfd44a291f116baddfae9; Thu, 29 Jun 2023 20:00:34 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v12 11/11] LSM: selftests for Linux Security Module syscalls Date: Thu, 29 Jun 2023 12:55:35 -0700 Message-Id: <20230629195535.2590-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230629195535.2590-1-casey@schaufler-ca.com> References: <20230629195535.2590-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add selftests for the three system calls supporting the LSM infrastructure. Signed-off-by: Casey Schaufler --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 270 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 153 ++++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 70 +++++ 6 files changed, 508 insertions(+) create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 90a62cf75008..2b91df264ada 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -38,6 +38,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..f39a75212b78 --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(TEST_GEN_PROGS): diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..afb887715f64 --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,2 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..a62524b17bf7 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,270 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +#define PROCATTR "/proc/self/attr/" + +static int read_proc_attr(const char *attr, char *value, __kernel_size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + if (len <= 0) + return -1; + close(fd); + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + ASSERT_NE(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, NULL, + &size, 0)); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 1)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_get_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_EXEC, ctx, + &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_FSCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_KEYCREATE, ctx, + &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_PREV, ctx, + &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = syscall(__NR_lsm_get_self_attr, LSM_ATTR_SOCKCREATE, + ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..871d516a7d7d --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,153 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +static int read_sysfs_lsms(char *lsms, __kernel_size_t size) +{ + FILE *fp; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + if (fread(lsms, 1, size, fp) <= 0) + return -1; + fclose(fp); + return 0; +} + +TEST(size_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *syscall_lsms = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, syscall(__NR_lsm_list_modules, syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __kernel_size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..ca538a703168 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,70 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + * Copyright © 2022 Intel Corporation + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, 1, + 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, ctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, LSM_ATTR_CURRENT, ctx, + size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + __kernel_size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + ASSERT_GE(1, syscall(__NR_lsm_get_self_attr, LSM_ATTR_CURRENT, tctx, + &size, 0)); + ASSERT_EQ(-1, syscall(__NR_lsm_set_self_attr, + LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN