From patchwork Mon Aug 28 19:57:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368275 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3355AC83F18 for ; Mon, 28 Aug 2023 19:59:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233518AbjH1T6j (ORCPT ); Mon, 28 Aug 2023 15:58:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42004 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233510AbjH1T6R (ORCPT ); Mon, 28 Aug 2023 15:58:17 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C867318B for ; Mon, 28 Aug 2023 12:58:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252691; bh=BrMgKFHSVNP5CrDkVUVa2SZP10MKWh8EoB12/ueWI8Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=o4RLKr1JsItZK2QllPDLHBL9sYdIiPAYm2NTEt/JlxYUSWdUzirEkG1/3/RBHErP/wXCBLRoXKv5jvlJ2zp9CBZn7kJ4XFOOwiVu0nhOj1Myd4lLlg4SGYQUMBv7wMQWy3y07syQS/VySwe4Pp4TSTXkAC2WGMaDlz4X7aRkIxWzgKVhRLjvbNWYZvfJxAbi1EUwnrYJN55IhT8DG1LpNi9QM5UmEmX4Tv02k9zNaWOKGnyGheDXA5F30PmK8msvmcPaME8c1/4W8uaI63o+G0SlXSM2nrfMqCmlK0qpk4UyKwO6dQy6PEvv3KrMDqlUazKOwW7ketguZvfpYk1zaA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252691; bh=d97lBTdafOXpSaml/TJthHRBDEqe49YayDQgc8jYSGG=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=qapNW5quf6pEIfOdCNL/MK3qIHa4XAF36blGckzZQ5ULxA6Hr2JyeTHJEOzRw5joFU3jPiHfyGNQzsm+5QWbpzPfgQaVw7O0epMt12Wj4BoHoVEedoQ8V+PbHjtGvul4o6eFwphfe54FUquL3YMAmNRZT+GTobX3nV8rgREAXj4sU1aQBanntkj7ZcmSuZhVf+wxnJWN8XumgT0wKiICCmeI17DYrAmu93an2zScCPKAbCWpK3lCncYnFOVY3Z5yyuCPj4MXBlsFZiO5hQM9JIlt3alTqElg/NY1eDLlO3+bPOgXy5PnZy2AVYp8hi1F9pDByxDlYri5efkMLL/fSg== X-YMail-OSG: 0rXJMNAVM1nTgIkkJlvrp_LCnxL_U8USoH6I6upB43DeZLBGIPhwS5j6OHsVc_s OTTyY8O3qA_k4K2tpiXAdih9nnNP_kqhx0iZkmxdbbENO509se1PWb3z8ORmp5O7T9yMffbpVL8V f_w7we8gSPhyOmFnykzHahzcIJgqTfJ1SOioiCBVtxh7PqnxVlysZ8GgUQMTmg0Cjiy7wx9bJge1 dNenGSFrAGP.DkbXvamcDwlsyoX0Cdn3Bzb31JWZ5.XnuYgMER5U6CKyLzg.DHUIskm74oIwye_P JJWT5UBeEvZraivBC1A9bgwwVhttHrxdMK7LEPxD5Cz_7vtjfe0MVIcB.wvuZfuyjmNHSvF.UtN7 5qXDT75WQeGjAatjDReUqWCjk5HEPdOsKk0TGZHWc.Qlbwlpc9rD2j9uZGTD8HGQdpllmhkELBjc oy8b73Y2F.Rlslr8FrdNnC2bbAk.InMvsSVsoZdXf.7qJTuQpFdqpBBFArWjgJZjZKgLyRMuBowf 1vLzPVj8zqkRPER3bsUg59ljyRl7km9Mi70FQ9ADpA2_F2O2Tp0YR3z538ds_R0JpxDIZD_OwWH4 phqGjl2dNKhII.s35ihs2P_iemGvtNPxTDHSr9s87d5We2dGjusWTTTFcYTsJy_lt4I7yQDKuVgd jFOYAwzLCWX09EK0vCwIxvK7VanaaQyI3go3rhB5.mEMN7QDzgU15IGV146MV3gpccst35oEXmSC VtlHFyTLQJHMsIKhPbn1n2skzOifHKiAtxC0VcwwnQlFr4r4XpfO33da7Nx0EpphgLiCwpXUg5fS cE6gw8NdxdW_DIERB7Oidohb1lj69VCBArUhL2Nz8H73aGIpyK0l0c7AhS.WD6as1p2CQEU9JFnA _5ZigNzSE2X.E_hPtRtuYco9oEn1qIT2bkUB2njJatpiL5TapTltnq5TuKz8KDoZKe8j5iYnQZf6 V.lta9lLw9nDuSUYzT8unAhdcS1KtyP_k_OhK.dXRjDTI3Z_xFFPTlc45UjO.8LuNODLP7ar88XF Jtix.irvwOQBkn9VJAaXBnHLx9Kuidvro4nezKM32nAtfJbW41zxeIRY19vpnqbLnOjSdefCOTKd j5xuS3kcRuTe4YxFaU1aYCCLqqY3ZM3sW75xPajh9GBPfnPCdrF4xt9VSUj5JSWrsxg_SL9qsDQs aryO4yesvlSBMh0jkrz.22nYC_dTem2oHzc9zjXyaTjZhdtYhDz1aghgthKo5LiSKy0SYaXagxKV 9ynkOgnjLvEo_GreB0wWREjrV_8IrMXR4HxvDjXv9gMVqzCc1w8NY7pYsynBuQV4lTR6uSHPrDyx 26kzJBh_GL_ghb_iR5MtsYk1uaKa.iNyVllrZPmhAnMHCDBuOvYMQwez5qnQn8QfU8mBeTR9gfKL u7TgtK4iEiVxPG9gx8R7YtPTF42wNtthv94O0bgFjAbdpp1goAAswSo4GmATK7ZV8q1rXEyYdKmh 60targFa_UHs0KgAcHugtz9Co9bK0dk5w8XX6QsD2wl_3F17vosrl_wk1f7N3C.AA5bwRuxFgMhm zK4fgdGFXMuCZ._Qp7isdgpuyIuhki3FSPrmH8YUI7q8aUsvlRPAt9ldQGBY9uKa3dAfsMmTeTPA OevEpRvVFRo5rA_U9pbQ2EaaQYcYYN37RAEbXJ6C2Sz6sfJb.WO6qwlUFb33JUlmHgUSY7rGaaBG bnrIh9kKNN19I.eeYxpCWK8o2gFyZk6s7yZ7dvAwBq6ZCW0F2S0_37oVkbZm.chTMvZLTXU_CBKH VeCc5Xg078rIf53ytHFDAPzvUH80pf9qpDvycO_6l7U2AqUu3LkyhDge9c60y6jxiFbWjJSn0oAB javmsiSSPClB4t3xyClXPGaKMYq0rhDEuc6Z32.mJpBtJCsrpCCq6aBXLeNG4ei6.JtIcIHK1VZZ NNPFoPM3.pbmm4HyPkYjABnEvi3b3fZV89Odw6h0LCCHaFR_FQYQnxeD4Ypee73kR0a5_I2i7GFM Mv43NX1TNpK8v1Tlfqx3ioN41ZNXq3zHdurdi7Qr.yp9WzjZZ5b0NWUrbd7_xzfAid9zIUNHuwpM RWrfdtoJARyca.L.IcbUWSnvlC48I_J_13Ptjw9uNRPOfky2hZqJRvIvhB13rDSa_GWW9EKCu8qf CXsfP8E7Dt8pmhlwGZkvsoVUI0Vm4BVo.RDO38K7gfwEv21U2BEgQ8WiAVsuU9191pbPOOsyI_o_ tlnWlu8MT2.iwK3oC.kcCyHIKYokMGuieKzJ1nMA0GIW4KluuubPexihFT_EkW2v_dXwNKL8XJYt .Zeqa_oCW0r.nBH8- X-Sonic-MF: X-Sonic-ID: 56550873-6819-4fe9-b63f-d66bae0bef9c Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 19:58:11 +0000 Received: by hermes--production-gq1-6b7c87dcf5-rj4xx (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5b607809d087525ffd4c5fd459fa4399; Mon, 28 Aug 2023 19:58:08 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 01/11] LSM: Identify modules by more than name Date: Mon, 28 Aug 2023 12:57:51 -0700 Message-ID: <20230828195802.135055-2-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a struct lsm_id to contain identifying information about Linux Security Modules (LSMs). At inception this contains the name of the module, an identifier associated with the security module and an integer member "attrs" which identifies the API related data associated with each security module. The initial set of features maps to information that has traditionaly been available in /proc/self/attr. They are documented in a new userspace-api file. Change the security_add_hooks() interface to use this structure. Change the individual modules to maintain their own struct lsm_id and pass it to security_add_hooks(). The values are for LSM identifiers are defined in a new UAPI header file linux/lsm.h. Each existing LSM has been updated to include it's LSMID in the lsm_id. The LSM ID values are sequential, with the oldest module LSM_ID_CAPABILITY being the lowest value and the existing modules numbered in the order they were included in the main line kernel. This is an arbitrary convention for assigning the values, but none better presents itself. The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. This may include attributes of the LSM infrastructure itself, possibly related to namespacing or network attribute management. A special range is identified for such attributes to help reduce confusion for developers unfamiliar with LSMs. LSM attribute values are defined for the attributes presented by modules that are available today. As with the LSM IDs, The value 0 is defined as being invalid. The values 1-99 are reserved for any special case uses which may arise in the future. Signed-off-by: Casey Schaufler Cc: linux-security-module Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: Mickael Salaun Reviewed-by: John Johansen --- Documentation/userspace-api/index.rst | 1 + MAINTAINERS | 1 + include/linux/lsm_hooks.h | 16 +++++++- include/uapi/linux/lsm.h | 54 +++++++++++++++++++++++++++ security/apparmor/lsm.c | 8 +++- security/bpf/hooks.c | 9 ++++- security/commoncap.c | 8 +++- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 +++ security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 ++++- security/lockdown/lockdown.c | 8 +++- security/safesetid/lsm.c | 9 ++++- security/security.c | 12 +++--- security/selinux/hooks.c | 9 ++++- security/smack/smack_lsm.c | 8 +++- security/tomoyo/tomoyo.c | 9 ++++- security/yama/yama_lsm.c | 8 +++- 20 files changed, 161 insertions(+), 21 deletions(-) create mode 100644 include/uapi/linux/lsm.h diff --git a/Documentation/userspace-api/index.rst b/Documentation/userspace-api/index.rst index 72a65db0c498..b5fa29c077eb 100644 --- a/Documentation/userspace-api/index.rst +++ b/Documentation/userspace-api/index.rst @@ -32,6 +32,7 @@ place where this information is gathered. sysfs-platform_profile vduse futex2 + lsm .. only:: subproject and html diff --git a/MAINTAINERS b/MAINTAINERS index d590ce31aa72..f7fa85ba9a56 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19154,6 +19154,7 @@ L: linux-security-module@vger.kernel.org (suggested Cc:) S: Supported W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git +F: include/uapi/linux/lsm.h F: security/ X: security/selinux/ diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ab2b2fafa4a4..5f7d8caacc00 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -41,6 +41,18 @@ struct security_hook_heads { #undef LSM_HOOK } __randomize_layout; +/** + * struct lsm_id - Identify a Linux Security Module. + * @lsm: name of the LSM, must be approved by the LSM maintainers + * @id: LSM ID number from uapi/linux/lsm.h + * + * Contains the information that identifies the LSM. + */ +struct lsm_id { + const char *name; + u64 id; +}; + /* * Security module hook list structure. * For use with generic list macros for common operations. @@ -49,7 +61,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - const char *lsm; + const struct lsm_id *lsmid; } __randomize_layout; /* @@ -84,7 +96,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm); + const struct lsm_id *lsmid); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h new file mode 100644 index 000000000000..f27c9a9cc376 --- /dev/null +++ b/include/uapi/linux/lsm.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Linux Security Modules (LSM) - User space API + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#ifndef _UAPI_LINUX_LSM_H +#define _UAPI_LINUX_LSM_H + +/* + * ID tokens to identify Linux Security Modules (LSMs) + * + * These token values are used to uniquely identify specific LSMs + * in the kernel as well as in the kernel's LSM userspace API. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ID_UNDEF 0 +#define LSM_ID_CAPABILITY 100 +#define LSM_ID_SELINUX 101 +#define LSM_ID_SMACK 102 +#define LSM_ID_TOMOYO 103 +#define LSM_ID_IMA 104 +#define LSM_ID_APPARMOR 105 +#define LSM_ID_YAMA 106 +#define LSM_ID_LOADPIN 107 +#define LSM_ID_SAFESETID 108 +#define LSM_ID_LOCKDOWN 109 +#define LSM_ID_BPF 110 +#define LSM_ID_LANDLOCK 111 + +/* + * LSM_ATTR_XXX definitions identify different LSM attributes + * which are used in the kernel's LSM userspace API. Support + * for these attributes vary across the different LSMs. None + * are required. + * + * A value of zero/0 is considered undefined and should not be used + * outside the kernel. Values 1-99 are reserved for potential + * future use. + */ +#define LSM_ATTR_UNDEF 0 +#define LSM_ATTR_CURRENT 100 +#define LSM_ATTR_EXEC 101 +#define LSM_ATTR_FSCREATE 102 +#define LSM_ATTR_KEYCREATE 103 +#define LSM_ATTR_PREV 104 +#define LSM_ATTR_SOCKCREATE 105 + +#endif /* _UAPI_LINUX_LSM_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index c9463bd0307d..6ff020ff3fcb 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -1215,6 +1216,11 @@ struct lsm_blob_sizes apparmor_blob_sizes __ro_after_init = { .lbs_task = sizeof(struct aa_task_ctx), }; +const struct lsm_id apparmor_lsmid = { + .name = "apparmor", + .id = LSM_ID_APPARMOR, +}; + static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, apparmor_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, apparmor_ptrace_traceme), @@ -1904,7 +1910,7 @@ static int __init apparmor_init(void) goto buffers_out; } security_add_hooks(apparmor_hooks, ARRAY_SIZE(apparmor_hooks), - "apparmor"); + &apparmor_lsmid); /* Report that AppArmor successfully initialized */ apparmor_initialized = 1; diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c index cfaf1d0e6a5f..91011e0c361a 100644 --- a/security/bpf/hooks.c +++ b/security/bpf/hooks.c @@ -5,6 +5,7 @@ */ #include #include +#include static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ @@ -15,9 +16,15 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_free, bpf_task_storage_free), }; +const struct lsm_id bpf_lsmid = { + .name = "bpf", + .id = LSM_ID_BPF, +}; + static int __init bpf_lsm_init(void) { - security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); + security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), + &bpf_lsmid); pr_info("LSM support for eBPF active\n"); return 0; } diff --git a/security/commoncap.c b/security/commoncap.c index ab5742ab4362..f95ac3f5110f 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -25,6 +25,7 @@ #include #include #include +#include /* * If a non-root user executes a setuid-root binary in @@ -1440,6 +1441,11 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY +const struct lsm_id capability_lsmid = { + .name = "capability", + .id = LSM_ID_CAPABILITY, +}; + static struct security_hook_list capability_hooks[] __ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), @@ -1464,7 +1470,7 @@ static struct security_hook_list capability_hooks[] __ro_after_init = { static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), - "capability"); + &capability_lsmid); return 0; } diff --git a/security/landlock/cred.c b/security/landlock/cred.c index 13dff2a31545..786af18c4a1c 100644 --- a/security/landlock/cred.c +++ b/security/landlock/cred.c @@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_cred_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/fs.c b/security/landlock/fs.c index 1c0c198f6fdb..db5ebecfbf02 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -1307,5 +1307,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_fs_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c index 8a06d6c492bf..2bfc533d36e4 100644 --- a/security/landlock/ptrace.c +++ b/security/landlock/ptrace.c @@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __ro_after_init = { __init void landlock_add_ptrace_hooks(void) { security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks), - LANDLOCK_NAME); + &landlock_lsmid); } diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 0f6113528fa4..aab13750edde 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -8,6 +8,7 @@ #include #include +#include #include "common.h" #include "cred.h" @@ -24,6 +25,11 @@ struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), }; +const struct lsm_id landlock_lsmid = { + .name = LANDLOCK_NAME, + .id = LSM_ID_LANDLOCK, +}; + static int __init landlock_init(void) { landlock_add_cred_hooks(); diff --git a/security/landlock/setup.h b/security/landlock/setup.h index 1daffab1ab4b..c4252d46d49d 100644 --- a/security/landlock/setup.h +++ b/security/landlock/setup.h @@ -14,5 +14,6 @@ extern bool landlock_initialized; extern struct lsm_blob_sizes landlock_blob_sizes; +extern const struct lsm_id landlock_lsmid; #endif /* _SECURITY_LANDLOCK_SETUP_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index ebae964f7cc9..842487df691a 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -20,6 +20,7 @@ #include #include #include +#include #define VERITY_DIGEST_FILE_HEADER "# LOADPIN_TRUSTED_VERITY_ROOT_DIGESTS" @@ -208,6 +209,11 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents) return loadpin_check(NULL, (enum kernel_read_file_id) id); } +const struct lsm_id loadpin_lsmid = { + .name = "loadpin", + .id = LSM_ID_LOADPIN, +}; + static struct security_hook_list loadpin_hooks[] __ro_after_init = { LSM_HOOK_INIT(sb_free_security, loadpin_sb_free_security), LSM_HOOK_INIT(kernel_read_file, loadpin_read_file), @@ -259,7 +265,8 @@ static int __init loadpin_init(void) if (!register_sysctl("kernel/loadpin", loadpin_sysctl_table)) pr_notice("sysctl registration failed!\n"); #endif - security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), + &loadpin_lsmid); return 0; } diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 68d19632aeb7..cd84d8ea1dfb 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -13,6 +13,7 @@ #include #include #include +#include static enum lockdown_reason kernel_locked_down; @@ -75,6 +76,11 @@ static struct security_hook_list lockdown_hooks[] __ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), }; +const struct lsm_id lockdown_lsmid = { + .name = "lockdown", + .id = LSM_ID_LOCKDOWN, +}; + static int __init lockdown_lsm_init(void) { #if defined(CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY) @@ -83,7 +89,7 @@ static int __init lockdown_lsm_init(void) lock_kernel_down("Kernel configuration", LOCKDOWN_CONFIDENTIALITY_MAX); #endif security_add_hooks(lockdown_hooks, ARRAY_SIZE(lockdown_hooks), - "lockdown"); + &lockdown_lsmid); return 0; } diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c index 5be5894aa0ea..f42d5af5ffb0 100644 --- a/security/safesetid/lsm.c +++ b/security/safesetid/lsm.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "lsm.h" /* Flag indicating whether initialization completed */ @@ -261,6 +262,11 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old return 0; } +const struct lsm_id safesetid_lsmid = { + .name = "safesetid", + .id = LSM_ID_SAFESETID, +}; + static struct security_hook_list safesetid_security_hooks[] = { LSM_HOOK_INIT(task_fix_setuid, safesetid_task_fix_setuid), LSM_HOOK_INIT(task_fix_setgid, safesetid_task_fix_setgid), @@ -271,7 +277,8 @@ static struct security_hook_list safesetid_security_hooks[] = { static int __init safesetid_security_init(void) { security_add_hooks(safesetid_security_hooks, - ARRAY_SIZE(safesetid_security_hooks), "safesetid"); + ARRAY_SIZE(safesetid_security_hooks), + &safesetid_lsmid); /* Report that SafeSetID successfully initialized */ safesetid_initialized = 1; diff --git a/security/security.c b/security/security.c index b720424ca37d..feaae09581dc 100644 --- a/security/security.c +++ b/security/security.c @@ -512,17 +512,17 @@ static int lsm_append(const char *new, char **result) * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add * @count: the number of hooks to add - * @lsm: the name of the security module + * @lsmid: the identification information for the security module * * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - const char *lsm) + const struct lsm_id *lsmid) { int i; for (i = 0; i < count; i++) { - hooks[i].lsm = lsm; + hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); } @@ -531,7 +531,7 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, * and fix this up afterwards. */ if (slab_is_available()) { - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm_append(lsmid->name, &lsm_names) < 0) panic("%s - Cannot get early memory.\n", __func__); } } @@ -3778,7 +3778,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.getprocattr(p, name, value); } @@ -3803,7 +3803,7 @@ int security_setprocattr(const char *lsm, const char *name, void *value, struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsm)) + if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) continue; return hp->hook.setprocattr(name, value, size); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d06e350fedee..931348c79cde 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -92,6 +92,7 @@ #include #include #include +#include #include "avc.h" #include "objsec.h" @@ -6929,6 +6930,11 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) } #endif /* CONFIG_IO_URING */ +const struct lsm_id selinux_lsmid = { + .name = "selinux", + .id = LSM_ID_SELINUX, +}; + /* * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: * 1. any hooks that don't belong to (2.) or (3.) below, @@ -7250,7 +7256,8 @@ static __init int selinux_init(void) hashtab_cache_init(); - security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); + security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), + &selinux_lsmid); if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) panic("SELinux: Unable to register AVC netcache callback\n"); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 6e270cf3fd30..d2dfef74e4e2 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -43,6 +43,7 @@ #include #include #include +#include #include "smack.h" #define TRANS_TRUE "TRUE" @@ -4871,6 +4872,11 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = { .lbs_superblock = sizeof(struct superblock_smack), }; +const struct lsm_id smack_lsmid = { + .name = "smack", + .id = LSM_ID_SMACK, +}; + static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), @@ -5077,7 +5083,7 @@ static __init int smack_init(void) /* * Register with LSM */ - security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack"); + security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), &smack_lsmid); smack_enabled = 1; pr_info("Smack: Initializing.\n"); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 25006fddc964..556f8daecb07 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -6,6 +6,7 @@ */ #include +#include #include "common.h" /** @@ -542,6 +543,11 @@ static void tomoyo_task_free(struct task_struct *task) } } +const struct lsm_id tomoyo_lsmid = { + .name = "tomoyo", + .id = LSM_ID_TOMOYO, +}; + /* * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -595,7 +601,8 @@ static int __init tomoyo_init(void) struct tomoyo_task *s = tomoyo_task(current); /* register ourselves with the security framework */ - security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); + security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), + &tomoyo_lsmid); pr_info("TOMOYO Linux initialized\n"); s->domain_info = &tomoyo_kernel_domain; atomic_inc(&tomoyo_kernel_domain.users); diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 2503cf153d4a..5cdff292fcae 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -18,6 +18,7 @@ #include #include #include +#include #define YAMA_SCOPE_DISABLED 0 #define YAMA_SCOPE_RELATIONAL 1 @@ -421,6 +422,11 @@ static int yama_ptrace_traceme(struct task_struct *parent) return rc; } +const struct lsm_id yama_lsmid = { + .name = "yama", + .id = LSM_ID_YAMA, +}; + static struct security_hook_list yama_hooks[] __ro_after_init = { LSM_HOOK_INIT(ptrace_access_check, yama_ptrace_access_check), LSM_HOOK_INIT(ptrace_traceme, yama_ptrace_traceme), @@ -471,7 +477,7 @@ static inline void yama_init_sysctl(void) { } static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); - security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); + security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), &yama_lsmid); yama_init_sysctl(); return 0; } From patchwork Mon Aug 28 19:57:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368274 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0DE08C83F17 for ; Mon, 28 Aug 2023 19:59:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232640AbjH1T6j (ORCPT ); Mon, 28 Aug 2023 15:58:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233518AbjH1T6R (ORCPT ); Mon, 28 Aug 2023 15:58:17 -0400 Received: from sonic309-27.consmr.mail.ne1.yahoo.com (sonic309-27.consmr.mail.ne1.yahoo.com [66.163.184.153]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3B3F819A for ; Mon, 28 Aug 2023 12:58:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252692; bh=86NOatTwcSpk7wyjUbIzSnDgLk93pV2eDbNg2QFxdBU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=n216jDejC6V0X4xzJWC2DIA7/ZMjgho+jMlyFew95DZlS5JoUIyIIodoGNqBt2ZBEfJw1PIdz+mHBKV8BEacw6JxfYvq3Ufzd8bCbjUFD32S0JbHdfz3RIDcg5chH3W9b42KikX7qcjk4x6I3tPE2ODzq2eqEESMS/GGUM/iFeXyNKlYvPxPeY+qfAG1P21Nmu5Ipg5PWeYJodBH7Cm+qZnUc7YSCjafvO62+78wiHVNtpUANW4Cdl7v2LL0ZwzjonEL7Td/xD+EoiiIBvd4L++yL7zw6CHtxujOny/7vclWhxxPfhTuR9avHxo7NJVQRVGtk/HflrGAjQbtI3PETg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252692; bh=do/uNzKh/XPJBakq4yI32UUCweSNheGPYM0MPPJk1og=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=PE2g8JraxfoAfuipj17DGRnK3jXSB3NwhsB73rlxBYT1wTM3EmEcCmZYYlI8gYa4SC+g9GB4nNEa+RRb+1CsqAsjomZKs0JPK2a9zvPRQgfnLjdWObjLey6Ds6PztAFh2MzYOrj24sa8MRCWWa2ZiNXRCw9wChzJBtYbsnjimViCHNW60WHxOkwadS4yrwAsArSXAf5eC8CY2QiK09zu8UlEouvZsMXu2c9kzbN98mICXXCTystloK9RcJ1N8D/8IWigX5UPib4n2sRabC6s5C55AyMMuK0Gj9PNaJ55a6pCMAQqLhLd2U5oAkv3Z/3fczPUyA2rj/3fxy2weewb0Q== X-YMail-OSG: CyRRcEEVM1kADcGXnyKucPw4UtEIBKgxZ_LpAiaf8nJtBGHFnhyf6Nkbx6oP.wx xSbeQWqYahLm69RKdHbGpc2VXIq9vZxTZG1a5l1u0wLWRlFCyZB6eHTeBHXR.Bblis_h76v47BsR OdKgqyK7U1Egtxk0Iz7nZgSgxy.1R8SPfS6rVnOoJ1N24hM6LOLEq_dTTKARuIPhNAIK6mW8Hrc5 IcqTl08HON5_JewhdAGSpFL3_h3G6ymqmkFWP0LMLc0oo0d5IML2u2daNUyajzC.F8G37R2IpmcF mxS_Yt1rxRRVt6wcXopRIqM1M9sYFE.ADjRQKOIm7mcPxDdZnzHlkENSKvDgRp97zAX5WIj4sP13 VHnS2PynqUXZh2fDeStldSg00fIrroO233sQuYNYBZRTL8J9tHw3PQ2G2q1J01l6ISaNy_ImQaVm DbOH1v8nS7I80tQvnsAY4rUTVU3GTMGljdpX9QH7KYjU6mPluMXDjQtXbTuFig4Tz1mH9spaHlEE ht16yEJfHxDCLzExlFRnZo6P7QHfevz9Ah_.78tx_ivlWuA2n1fB6_VmHGEMVelAkpMXioZBDNdg x7vDtr8qVqgf_Jx6gFW7z7kGtX5yxQ25nA_Rb0bhrjJ8FiB_H._lR8api__0uPVpPtQAsdao3V7o 3xLqrprNdf8xNiIXWWSvWb4d6LK31144Xz.XHsx0WNcWNL4WROF7YseKvHULSDWDVxSQz44EIHxv sLlNmILoANjc3.ldmLtTjqhbZVt7zIP1oAyepVayLIwTp6C.RhiBc5SD59KPBoBRCJJzQZBftpHB piemQurQaB5cg2fWOJF9wlAiNp7ou_zmhWkfok6swXspmL9qaMU5OBffohXLIQZv9BZLWRijPTEu RGncv376_.1Q9B06tU9iOi8YMvSopSH6mg3omZFhixwg_DEsPnCWiBnhUbHzzuhVusZdrbyTx.QE R38P5khADAWDEyEYHNaQl.ejpgLrgWh4t0HxEWXUhM1L2Yo6Vy0qjz94foRpMV.e.Md..aAbMF3z f01Nv9sM0_10OM1vL_JJ34yv_59UDEN0YmeF.3ZugZhe5Y7aSONzoxIjIIP092SrCtK2prGs6Dkl B3FqL.gy0SU2ShHC69i1yHDORSGBnZ_kuqPs97heanY4OzMz9Qybto8RnLEKRhdCWn7ZrTKiOO5c krcJ_fEQ_qjR0KZVPclnROtarQYSkvT6zn_0wK4q6BYpjHbWAg0scoNVgen_yMjDCLpUho_fi2vS Jk6niQdBsvOr_uQpoMiR37Y__roezWEPixWusLs1yNOo_pDsm_SJhcngD2ds_oLhDE4d9yakStQw lw3zXnPPS4makSY1by3RhN9EXlJYkR4PGSIKP.fFXJlom1iubs.Kr1pX5E8Jb0AQpTXnUYcBXiAM cx3wpjbvK3IhtWiVmqiQAHqGzL70DdHs2QVGVSb1AndCVr4R.YOPe8rv13kR92ypaK0lZH7ZUm1P 5SkX2o2Zlvd6lTz0NXUEmepd_e.KZeXmp6G1FpfY9kYQ1uUhq0dRF.vb6QfDUrXTPOwDdX0my4ut uQweRZh8BKbuaKX8Q3vP.gCAOGZUVjwBrz4k1f6FjbYzHxfJNlMs60ssnpXL.7e69P9qiJM9JScZ A1UAAK47aN9gvjgKW12mfvhA7mhQhEmLqnj52_UX35HYtyhwoD9IKzdw8EbTv0cMvcP9L6AQYbqK lDuY8fDz9YyP9dRS0icUZnBhUYjHSQ1PGjxNR2VG5X21ZvLfJ2zUboqaLtrZVW0BRxpCmK7_alSh qWi.ZdzcCBr6giQejJWIn.ifTNZagv7WSX4MtUalpkleNZpjQin3yAS4evk3nCWixKUZfBdyB8Be xWIRwyXhKQR54T_3gBZctmpFT8eBfEKhHlgfQRsyy2SNH_VpDC_cnla67_3inB34CLhzAJdclLPC bA.Z_f97i3HsSqGh9FEMPxkY_r18dDkKyGYu80gEk7Pj2vS.tQqLcEZy65.hp0baOgNPyWGn2OZy z6UMnwcrt7qqGgBBxbrIui05WWrmbAiWRsE0ASuwLdloVI_ttEg.xlM4V712ads.y0pgCDEGRqvc 4PcntEpbU6Ow_.30DILNcjjop.0b7xAXfI38Cqfbgxoeh722JphOli4ExE3Mqfeft13rx6FZBjcr mDrHFZ5GbYE4y3TpkXgd8vDd3c6wjajN_EhMowSy23ZiPmFI._HiMZ13m76zZuj2vlarIn2mLTvN NRgg7nZikL1U6BNJWg7XogY_zZ6rg.YcSZ_2pKLx5htJY8.pgjDl7mwbxdIDDPm4mIVZo3Zcv4Nt sgbZVG95TJwL06Xur X-Sonic-MF: X-Sonic-ID: df643134-b983-4a28-8b89-9f5ea3933991 Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 19:58:12 +0000 Received: by hermes--production-gq1-6b7c87dcf5-rj4xx (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5b607809d087525ffd4c5fd459fa4399; Mon, 28 Aug 2023 19:58:09 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 02/11] LSM: Maintain a table of LSM attribute data Date: Mon, 28 Aug 2023 12:57:52 -0700 Message-ID: <20230828195802.135055-3-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: As LSMs are registered add their lsm_id pointers to a table. This will be used later for attribute reporting. Determine the number of possible security modules based on their respective CONFIG options. This allows the number to be known at build time. This allows data structures and tables to use the constant. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: Mickael Salaun Reviewed-by: John Johansen --- include/linux/security.h | 2 ++ security/security.c | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 32828502f09e..a20a4ceda6d9 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -138,6 +138,8 @@ enum lockdown_reason { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; +extern u32 lsm_active_cnt; +extern const struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/security.c b/security/security.c index feaae09581dc..3c0342410531 100644 --- a/security/security.c +++ b/security/security.c @@ -36,6 +36,25 @@ /* How many LSMs were built into the kernel? */ #define LSM_COUNT (__end_lsm_info - __start_lsm_info) +/* + * How many LSMs are built into the kernel as determined at + * build time. Used to determine fixed array sizes. + * The capability module is accounted for by CONFIG_SECURITY + */ +#define LSM_CONFIG_COUNT ( \ + (IS_ENABLED(CONFIG_SECURITY) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SELINUX) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SMACK) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_TOMOYO) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_IMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_APPARMOR) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_YAMA) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOADPIN) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_SAFESETID) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_BPF_LSM) ? 1 : 0) + \ + (IS_ENABLED(CONFIG_SECURITY_LANDLOCK) ? 1 : 0)) + /* * These are descriptions of the reasons that can be passed to the * security_locked_down() LSM hook. Placing this array here allows @@ -245,6 +264,12 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } +/* + * Current index to use while initializing the lsm id list. + */ +u32 lsm_active_cnt __ro_after_init; +const struct lsm_id *lsm_idlist[LSM_CONFIG_COUNT]; + /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { @@ -521,6 +546,18 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count, { int i; + /* + * A security module may call security_add_hooks() more + * than once during initialization, and LSM initialization + * is serialized. Landlock is one such case. + * Look at the previous entry, if there is one, for duplication. + */ + if (lsm_active_cnt == 0 || lsm_idlist[lsm_active_cnt - 1] != lsmid) { + if (lsm_active_cnt >= LSM_CONFIG_COUNT) + panic("%s Too many LSMs registered.\n", __func__); + lsm_idlist[lsm_active_cnt++] = lsmid; + } + for (i = 0; i < count; i++) { hooks[i].lsmid = lsmid; hlist_add_tail_rcu(&hooks[i].list, hooks[i].head); From patchwork Mon Aug 28 19:57:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368330 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 13D59C83F11 for ; Mon, 28 Aug 2023 20:40:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229640AbjH1Ujw (ORCPT ); Mon, 28 Aug 2023 16:39:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233598AbjH1UAX (ORCPT ); Mon, 28 Aug 2023 16:00:23 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E393EE60 for ; Mon, 28 Aug 2023 12:59:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252791; bh=9bBL0SSvraIoWhKG8mEdrfeN0p2i0Zm9X3YxMUEQ2nk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=MhHIQF6cMVaR6iiopY+w2mZFdDdKXpVbdVsY84TGAoME3VMtN0j1gBJybmzugo49W4oTAZuX4dx6K9/HQEUzGGVtThwhIhK++LbGEF9DosD8nmKlUR6FIeqzfAEASIAvbi2kQqMn+R+6XFShHRgWaIiSZMA7Q2kWfWquO0Tg4D/FynCdkMfw+yQVxX1LJ557o20oBfVj1xh7zeZRx7cR07MWgI+OG31BG/w+6ff6vDE8oqvrLmIzda9RG/G4ssyBgEnkZ4HAiSpAc9p23WH1Xeg3S1kEXVaAEh4wMMzm0tR4Kc3/zvz30aes9/9QDjTs0Fv4CxmPp7sYB95/GqVrAQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252791; bh=gX6R6UuwC4i1QptNc0KJH3TdTyV3S3OnIlNhPSdwzuH=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=lExvP2mO4qplACA5dsEJhNTO7W5szP88CKvxurOl+B+gGbUabwDcPOxAfZn30ASz9TVnwEIcZ54Bl9hBZJJGGxKZyg6uhXAMSrfxo6EKQpQeztSzFxzFlACnShBUc3leh5Hnv/yRlfrF0wQ8ixDCATcyRsHA/8oyTOR77xm9sKOZbCrvvLVE1DwdWK9p53yIhTpQhRTZNTsUcb3XzKb2rEZGAkH62hbxya8BHSeHr+uCJnMk8lJh34Pd7V2WCJJn+519EYz/mxC/JD8L4orriYlsZdKfMKzT7B35gkV3CTqmQE27n2nd2jLgAl9N9IRAcEYW2qSilLPpWmb3B+cfbQ== X-YMail-OSG: TKxkARUVM1nInNlgVK_9rC.EzQljUBgdwdmtF7pSr2ctgZbizL55fQciV36wUlV aICPrl411MotTy9daF_r.fktA.M8WPaU5sgubry4CHOmvopan3MxCJ3rZg9gLm1QZD_lA87T9daD C32u8FOlaOOe717.Xb08ZpLm8JZCRUlSQM1ZmwmgGdvNnkXRmaWQwj8LMQky5Ck57g_4ZG4KRWfX szK3gWLb98GLhSAz6dvZpxC2vsVuiqm5r_NEuYCkEAef.QXji11DfU2h6guHmG_gd8kI5CCMX4NN 8P0PGxjnedrSFQQIL9bgfruEaJHFUwL4ct3zGTUqjUshmmuBPkIk7WMdwKNh2rwC0svrIMJhNO4m 35Q4N11OF0x_hG7Og_gr49cG0dXAgL9eleXO9B98Zib03LMI5IIguz8QkNH03jjTuAoUDBW2pa8w v4bcERIdTwb5dVz_QyXChUgISnYNW2svLZlD.xZrFTIXqA3GHLXY2.HfUkw496FhHxOBFDnb_272 LPlZxlib7YEOPF6a9Rwzq7jHAtW3_mGV2bRdtzdrGwzBD93jdBp2xh_kkCfTOGqq4QCu4LRbha7g X2rYrLRSq2tD2pX66VSC82vHNbwX4snDLA.DcDWWgfrB6UmS8IEK9p8g7VaUtSfU21RTnoBazixX 3mkKbZd7ep0e1hUW1Ul8mH0qG2nHeRxOrmqvPKI9.s5BZjxLxf1AJY2zsEiMKDguKpJAi.j_2ZVf QaRus1N1w6w_Ds8Ve5EV9q8oUJ_Jra3ksFVVxbD_w8kYk3yAnGF.kixk8qygxjicMJlE.dLJ82cT q0ZKkZbWG.cMu4RZ18fCSfiE09yZErdUYz0G3Jl1mXWn_QvRhGaCK705iqms2hNEOp3HYR70WiS1 0tX2xRHu.AIWSbu8is.nDz1cTWOco37jKJJV0FBT7d6CYGNb4VMd7awnENSakcVEOyWNzrabN.zc t3k_h5HHRxWSVZiX7IawEXQDO2tNjJprspFfanxMIRnDu5VRIhM3nARY6ZF201iWOqMX7dqj.xTs hW7b37Wu2NTt3KjLT4CqjqO2vktAS9PvqjHo3Th0TBVesbkt5A7Vog7iQFATZHD3QARxR5AoFOe1 CV8dRwqey6z1b.EESzDki7Cro3JxIV9Sn4JSDw._P_7XZpPPZjJjGgGkiqwM8PH4Yvl.kCDHCSlq dR2Tvcau35VAhjjm_68mUo9Htnf96KC_WlUyO0OS3kaKGvm2iynge6WSUhh1uVmTzgTKxNUHdFAF sPQWOzV0YyelmrEGwa56eLSnC5obRYtVYFK_Niiay3mV4yDL6xJZdJdf.GJji0pyvedkmxYn5wXl GrU.pKA_52sXmJJFuSp3IEcSZFJp2Z36TYJ5nhxvNhcstmSPmLw3ueEEPn.98UkqC4xVdshPpa5f fF6jgkoeef8HiiFoKlNq0kWjZ2S4zmo.QllPQMvoJ.KSZMZ2_jG5oppduRpem0kP84lxkJI8SZCm 4IbXPbKRVr7nGc.LJ.ddJya5ukqMxuX5S4nKbldX0IZeCWQyMAyTxfaCZGegpITMfSvMJvDKyBEO C7w8xd8_qDbRqqogsXPlP7KrUwWUaqV_XTkSlFKLhwIOVBFUyNrmnkY2RlDU0zCDVa3Qm7E2WW4X TCW.KQfL.GQrT1aikb7lFKM_yNgKoVW6lxWiTOYE8pV7pFuC56985dO5zLKsvuy0bIPjCNBqLuKh uw3XH2fGWPX3ZNDh2KuPFcGn5piBaCbsPb6AuKrB5lY0Tudvt.WIuF5wBANuB2rBAaL2Z9uShoDt DJhglog4MJj77gayXl.L91O5wg5uORU5qfWL1liaEtx7X6MQd97rOSzBb0dzKHy0EJSB7LuLQu1U OfFuqsn_Al_bQ9Ix9fRmpiPj.ddIDn8yNH2KLkQLKaygKtclmyXWAn6izwfyn2o763Ab54qT43DJ qss6TxI48X4tR5VBNL04B98iIGG45als.0MmOH9R4_SVrj3nnWrfd1ygP1Wp94Sgcx82RUJ0g92Y T3gdyJJ8bNFt01FROa53foK2nswWV4IbZlkNeFM8DbweNFOGxNDOwebnnQr2wGICLjKv_e9tSrs6 tbLBlp6QVTCBnkv9WtVG0xwl66jEMbusGafT71cm3Oh6lurZ.FAxEC5aoxm2suzgv8G3LvtYBT4G .4FZie9lzTkMg6s0YpFaBA4W6zLakAjl7SG8RSdsUD4fyjzd4UPU2.PqRYWQl3iNM7GUjzaRRKZe 50DGOiSzZc_CX5fflIzj2wFnZ1qLH8pNRiUAsgLQADw9.suotnisrumsjQWJCF8e_z2deF6KR1As mLgvfX4W_Sa1fwVnj7K4- X-Sonic-MF: X-Sonic-ID: c3928164-679d-4496-a295-5bbe78276782 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 19:59:51 +0000 Received: by hermes--production-bf1-865889d799-x5klk (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 4fa193a662e8d287c56340453369fa5e; Mon, 28 Aug 2023 19:59:45 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-fsdevel@vger.kernel.org Subject: [PATCH v14 03/11] proc: Use lsmids instead of lsm names for attrs Date: Mon, 28 Aug 2023 12:57:53 -0700 Message-ID: <20230828195802.135055-4-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Use the LSM ID number instead of the LSM name to identify which security module's attibute data should be shown in /proc/self/attr. The security_[gs]etprocattr() functions have been changed to expect the LSM ID. The change from a string comparison to an integer comparison in these functions will provide a minor performance improvement. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: Mickael Salaun Reviewed-by: John Johansen Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 29 +++++++++++++++-------------- fs/proc/internal.h | 2 +- include/linux/security.h | 11 +++++------ security/security.c | 15 +++++++-------- 4 files changed, 28 insertions(+), 29 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 9df3f4839662..42a02375fb5f 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -97,6 +97,7 @@ #include #include #include +#include #include #include "internal.h" #include "fd.h" @@ -146,10 +147,10 @@ struct pid_entry { NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_single_file_operations, \ { .proc_show = show } ) -#define ATTR(LSM, NAME, MODE) \ +#define ATTR(LSMID, NAME, MODE) \ NOD(NAME, (S_IFREG|(MODE)), \ NULL, &proc_pid_attr_operations, \ - { .lsm = LSM }) + { .lsmid = LSMID }) /* * Count the number of hardlinks for the pid_entry table, excluding the . @@ -2730,7 +2731,7 @@ static ssize_t proc_pid_attr_read(struct file * file, char __user * buf, if (!task) return -ESRCH; - length = security_getprocattr(task, PROC_I(inode)->op.lsm, + length = security_getprocattr(task, PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, &p); put_task_struct(task); @@ -2788,7 +2789,7 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf, if (rv < 0) goto out_free; - rv = security_setprocattr(PROC_I(inode)->op.lsm, + rv = security_setprocattr(PROC_I(inode)->op.lsmid, file->f_path.dentry->d_name.name, page, count); mutex_unlock(¤t->signal->cred_guard_mutex); @@ -2837,27 +2838,27 @@ static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \ #ifdef CONFIG_SECURITY_SMACK static const struct pid_entry smack_attr_dir_stuff[] = { - ATTR("smack", "current", 0666), + ATTR(LSM_ID_SMACK, "current", 0666), }; LSM_DIR_OPS(smack); #endif #ifdef CONFIG_SECURITY_APPARMOR static const struct pid_entry apparmor_attr_dir_stuff[] = { - ATTR("apparmor", "current", 0666), - ATTR("apparmor", "prev", 0444), - ATTR("apparmor", "exec", 0666), + ATTR(LSM_ID_APPARMOR, "current", 0666), + ATTR(LSM_ID_APPARMOR, "prev", 0444), + ATTR(LSM_ID_APPARMOR, "exec", 0666), }; LSM_DIR_OPS(apparmor); #endif static const struct pid_entry attr_dir_stuff[] = { - ATTR(NULL, "current", 0666), - ATTR(NULL, "prev", 0444), - ATTR(NULL, "exec", 0666), - ATTR(NULL, "fscreate", 0666), - ATTR(NULL, "keycreate", 0666), - ATTR(NULL, "sockcreate", 0666), + ATTR(LSM_ID_UNDEF, "current", 0666), + ATTR(LSM_ID_UNDEF, "prev", 0444), + ATTR(LSM_ID_UNDEF, "exec", 0666), + ATTR(LSM_ID_UNDEF, "fscreate", 0666), + ATTR(LSM_ID_UNDEF, "keycreate", 0666), + ATTR(LSM_ID_UNDEF, "sockcreate", 0666), #ifdef CONFIG_SECURITY_SMACK DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 9dda7e54b2d0..a889d9ef9584 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -92,7 +92,7 @@ union proc_op { int (*proc_show)(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); - const char *lsm; + int lsmid; }; struct proc_inode { diff --git a/include/linux/security.h b/include/linux/security.h index a20a4ceda6d9..b5fd3f7f4cd3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -470,10 +470,9 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); -int security_getprocattr(struct task_struct *p, const char *lsm, const char *name, +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size); +int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); @@ -1332,14 +1331,14 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } -static inline int security_getprocattr(struct task_struct *p, const char *lsm, +static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { return -EINVAL; } -static inline int security_setprocattr(const char *lsm, char *name, - void *value, size_t size) +static inline int security_setprocattr(int lsmid, char *name, void *value, + size_t size) { return -EINVAL; } diff --git a/security/security.c b/security/security.c index 3c0342410531..82253294069c 100644 --- a/security/security.c +++ b/security/security.c @@ -3801,7 +3801,7 @@ EXPORT_SYMBOL(security_d_instantiate); /** * security_getprocattr() - Read an attribute for a task * @p: the task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @@ -3809,13 +3809,13 @@ EXPORT_SYMBOL(security_d_instantiate); * * Return: Returns the length of @value on success, a negative value otherwise. */ -int security_getprocattr(struct task_struct *p, const char *lsm, - const char *name, char **value) +int security_getprocattr(struct task_struct *p, int lsmid, const char *name, + char **value) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.getprocattr(p, name, value); } @@ -3824,7 +3824,7 @@ int security_getprocattr(struct task_struct *p, const char *lsm, /** * security_setprocattr() - Set an attribute for a task - * @lsm: LSM name + * @lsmid: LSM identification * @name: attribute name * @value: attribute value * @size: attribute value size @@ -3834,13 +3834,12 @@ int security_getprocattr(struct task_struct *p, const char *lsm, * * Return: Returns bytes written on success, a negative value otherwise. */ -int security_setprocattr(const char *lsm, const char *name, void *value, - size_t size) +int security_setprocattr(int lsmid, const char *name, void *value, size_t size) { struct security_hook_list *hp; hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) { - if (lsm != NULL && strcmp(lsm, hp->lsmid->name)) + if (lsmid != 0 && lsmid != hp->lsmid->id) continue; return hp->hook.setprocattr(name, value, size); } From patchwork Mon Aug 28 19:57:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368331 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55623C71153 for ; Mon, 28 Aug 2023 20:40:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229913AbjH1Ujy (ORCPT ); Mon, 28 Aug 2023 16:39:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51772 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233581AbjH1UAT (ORCPT ); Mon, 28 Aug 2023 16:00:19 -0400 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C269E56 for ; Mon, 28 Aug 2023 12:59:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252790; bh=HCIySn/1FKI3yeDY1naM2LdltXRa1H636L7BVhL2cJo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=lFpS8wUzuFEEcL4kma80MY9s+sAkio8CMafwoamhGWdsttdrWMyoUveu8E0fe1g8g1N6J/o5wldSN6ih6Vem1LuHCKKuApCXoqGDhNXeGpfL8AM7oHc5XvfYRcwriSO5uwx/jcXllmIB05oSCLcgN9H0kK8mbgd9UL1ul+vj68z32dsv+XI4nl4vveMpkzn3Ln7qcmE27o7RhxDMkgS+02pbXOescPXZPa7VU4mB6h1BIUk9WeXSUurJMmaQghl02q7vA0w3QKYIj7QKlnB2R6VZZMD4ipZu/gafk+BNEYXqFGLzNUh7Rmt94UC5p/3rxd8l6hNiy2cReSrgOaUIZA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252790; bh=urR5AKNWQCLxBi7dWZHsE31hyrPkomVwWr7cs4YnzZx=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=A97Mkz2daPNGa7S7tjiMhxy2q+1dHVRHARV8+Ak6QIgJCwGmVliVv8kaofnD1FPoITXg/Sjasb4Wr2qWAPG1NpkTQIioUv1Pouzbv/mYXRlM5G7wBynZDzvNtwy0iWs3MRjrbYK7wctnZdBngz0GcR5+ZYlrlzMni1OBuHToFkh0Zt3xPeigmzCFzJEbHC6RGZBTqjG5ce3282lJtPQkke118B1x7gw9N7RtuI2TRio7l6pVFyLNpLaMogEqS9LGCrJq6Ihy+8BWpeS0kOXI09FvansoMJWKTeSPM+GkS343AqfcLJgB/LS2EQm2ZlcaDPE5ki5DN1um96/bKGMmqw== X-YMail-OSG: YhkHmAkVM1m0jDlQHLtn2YlDHxfvE5rtb6XGf1AI10TnB_Zk0Bp6U45QYe9YZh9 ck.LxiUwMQwGjX_rXpJANiruQuBujoCKekARsj0wIKBtkFQzFEx7vuWK614VJ28DqOVvuc9Yj2dn s2FCGyoW0hmXvhFLL9cLfVvl1Y.wD2OkILi_nh99QV9JlBvrft8Whn0N.1dZNfcbdJXx3_wByxPl CZxzCK2v0T1kPI9HIkhhMKcNhDhQGYhDmmWMwcflcEUzEN6m8xJRHQ_oVOgChdWwFs_7bqpIm2Rd nrpJ4D9RSZDginPbkWqWmPaIFQGgEtnAZq1G3O8s.k7jMcdwVKMWuQaFms36lFiWc9KcU7MC6H.B E5KAj5m7ennJDj56hlm5jxcjgGm_LzhGt4KuP0.ZboeYBNZ_d6pfSy7klhc1sG6p8eDUh2AH9umk tI25Cc2pU43Vl8Wh.ZQhEPuPxn61yKtBQo9e7YWbWbfSMTXI1huAxTMmnGodtNNjy6QMvF3Co65n DkWm0DF_5KM9IaeYZAwdSIDDcitIWk6SBDu08Li6noO5RLEv_rC8jcy6Gc7Btf8908RSq4p3Glxd ixUSf7BkZJHlEqp7h7bjosoQc807kMjWVeybVUZvCRATRKKE0V.ARq6bl5yvwjpmbjNvwENig_HR Pm31ww9NsSzhAVBseUcDAmVz9gBnukG5p4Yf6gkr4QBq4mPwsVO33C39FhqemoLGIXUq36MDvoZ2 moQNPAQ3QlAQ6prYgmIx30msJ6gAqJOJq6QdyJA12TGD6GIegy3Vo.L99qrWUKcKPbJdiYnpia0h B1O3fyp0ZcVk.TNwUlLG4he83MhS9HQqj3wY35ve4Dzsys7YeI7vgXgue2NgbZSRhxDHrKHc8SJT _8hcD7aXN4XDNJdX67n_PS4CJqc1_iBMkN1e6nHOssy9oxUSHtc_8Kv_7ME4jr6_IFLfUJLy3_xh GsUFnSqyDtt16EEMuUxZk0DUV.6_zQOkCpE6arzY_uIAu6ydbE3jGgRz8_6okMrBRQdYWoUtDd40 gSbLa333NMeBUIOzwbCXeYMhIFK0MrFGUn0hbJTZuX0LkWsQYjgzq2WwZI.3Fv2XbkHpwEIQx5ee JGYGQobUe1aHshTphKiEs1LkRfgUqHNr8B8biW35CRlEZBksLTbXBBcP7FISbwEUlfC6QdwljiU9 JAueg7ckH91jd1dBHNvNhNFC5SKdqkFiw6if839nL9m.GnVwOoaWz1bUk2VcG4yesT8iW1T5LnSK vmdZiXbcD5qj66nrIVWmBywH4djN1n67zzx3J0bwDHknnuyuWhJfua63A3KunH9q.kScB0m5Gcaa QPDqyQ6vwgshy.tmVY1jvXsJGjE8a2xIli_F0i03rpqmN.4wKV7xWbw_WU3.R1BvJY9mRk1PHztn UdqgD9txn8IlmBR4ERTp1VtxCC4JtQ8uR4r8OJtZRa86Ic5WoqUrLK8ir6TMBIJYDlSmzCI1Wb4g FHfuYbaJ94a7Tt9F2LpFXdky5opgi.MRhuAFnswBAC_k5R0JC.4TPHNb4jWh_KUM8y9khQhTBv0X wSor6q4N_.BgchAxrHftLT55T7T9rWBLLRri8P6Q1VQ1aNLdcRyEOK7eyhIhUEv25_6iyGEBMfk1 2gTr0MTW4ILwyx01ANZIT3iW33FbXeMx5n__WtZkp_URZad9WuPCkrT6TTroO2Gj0Ks25dBffSFy PPxnJs.eRhmCEwCjmxaZlNCnKUugy6QHeu0no1vUfr5cfM6Lkog_is6UT7kmkyrE0th8e37vICdX 0QtHMo5ROS33qSSd46x1WR8Bx6uxd0TcHK7ulzaThnICu0yemvpkTdQKhnHk3SacPEu4Xv4WgcMR 9rmWR8yhppixFoipwNl.AzOk.UWP.NQkaGO8xzW9BQlDEMaKtytiMCbRp4S07ZsCodEfojPiHoM6 5F13wBSrrhris764RchbiTOMfP5Mbsx6tYCd1T5v3ZVVZL3lbHvda6gKT4s.x0MvP1q1pDARqsSp PmrixneIdDKfhEaDFqXTcMnnXctN5ImkklI5H0m9B3dYAKS684FZ7WgZ2JyqJdE4p3mtpNsaM4md VsHvOKF5vn206kUtTINTAvA35uIJvUvLDrWbM2wAvwlx07RGwC0_OZynXENRrAHrakFboRpOgP0C Nw3kAtedO634fopfM_OxSVK2mSsIap5RDssvRxL_QDgxR9b1kBfvzv_PeqvOB219Ur7tqJSkGNfu 0LaY9ObZqrjvjx_r5t_AlvAUkTqruPqxGXoBRVSeUCf2zxOxybAuxyl7_4CbtdjNPvmuwJDwAcuF 29fR39l.WZ_PitkZBtg-- X-Sonic-MF: X-Sonic-ID: 468d03e6-880f-4db0-b2ac-c34562176d52 Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 19:59:50 +0000 Received: by hermes--production-bf1-865889d799-x5klk (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 4fa193a662e8d287c56340453369fa5e; Mon, 28 Aug 2023 19:59:47 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 04/11] LSM: syscalls for current process attributes Date: Mon, 28 Aug 2023 12:57:54 -0700 Message-ID: <20230828195802.135055-5-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call lsm_get_self_attr() to provide the security module maintained attributes of the current process. Create a system call lsm_set_self_attr() to set a security module maintained attribute of the current process. Historically these attributes have been exposed to user space via entries in procfs under /proc/self/attr. The attribute value is provided in a lsm_ctx structure. The structure identifies the size of the attribute, and the attribute value. The format of the attribute value is defined by the security module. A flags field is included for LSM specific information. It is currently unused and must be 0. The total size of the data, including the lsm_ctx structure and any padding, is maintained as well. struct lsm_ctx { __u64 id; __u64 flags; __u64 len; __u64 ctx_len; __u8 ctx[]; }; Two new LSM hooks are used to interface with the LSMs. security_getselfattr() collects the lsm_ctx values from the LSMs that support the hook, accounting for space requirements. security_setselfattr() identifies which LSM the attribute is intended for and passes it along. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: John Johansen --- Documentation/userspace-api/lsm.rst | 70 +++++++++++++ include/linux/lsm_hook_defs.h | 4 + include/linux/lsm_hooks.h | 1 + include/linux/security.h | 19 ++++ include/linux/syscalls.h | 5 + include/uapi/linux/lsm.h | 36 +++++++ kernel/sys_ni.c | 2 + security/Makefile | 1 + security/lsm_syscalls.c | 57 +++++++++++ security/security.c | 146 ++++++++++++++++++++++++++++ 10 files changed, 341 insertions(+) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 security/lsm_syscalls.c diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst new file mode 100644 index 000000000000..f8499f3e2826 --- /dev/null +++ b/Documentation/userspace-api/lsm.rst @@ -0,0 +1,70 @@ +.. SPDX-License-Identifier: GPL-2.0 +.. Copyright (C) 2022 Casey Schaufler +.. Copyright (C) 2022 Intel Corporation + +===================================== +Linux Security Modules +===================================== + +:Author: Casey Schaufler +:Date: July 2023 + +Linux security modules (LSM) provide a mechanism to implement +additional access controls to the Linux security policies. + +The various security modules may support any of these attributes: + +``LSM_ATTR_CURRENT`` is the current, active security context of the +process. +The proc filesystem provides this value in ``/proc/self/attr/current``. +This is supported by the SELinux, Smack and AppArmor security modules. +Smack also provides this value in ``/proc/self/attr/smack/current``. +AppArmor also provides this value in ``/proc/self/attr/apparmor/current``. + +``LSM_ATTR_EXEC`` is the security context of the process at the time the +current image was executed. +The proc filesystem provides this value in ``/proc/self/attr/exec``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/exec``. + +``LSM_ATTR_FSCREATE`` is the security context of the process used when +creating file system objects. +The proc filesystem provides this value in ``/proc/self/attr/fscreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_KEYCREATE`` is the security context of the process used when +creating key objects. +The proc filesystem provides this value in ``/proc/self/attr/keycreate``. +This is supported by the SELinux security module. + +``LSM_ATTR_PREV`` is the security context of the process at the time the +current security context was set. +The proc filesystem provides this value in ``/proc/self/attr/prev``. +This is supported by the SELinux and AppArmor security modules. +AppArmor also provides this value in ``/proc/self/attr/apparmor/prev``. + +``LSM_ATTR_SOCKCREATE`` is the security context of the process used when +creating socket objects. +The proc filesystem provides this value in ``/proc/self/attr/sockcreate``. +This is supported by the SELinux security module. + +Kernel interface +================ + +Set a security attribute of the current process +----------------------------------------------- + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_set_self_attr + +Get the specified security attributes of the current process +------------------------------------------------------------ + +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_get_self_attr + +Additional documentation +======================== + +* Documentation/security/lsm.rst +* Documentation/security/lsm-development.rst diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 7308a1a7599b..6dffac59dfe3 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -261,6 +261,10 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm *perm, struct sembuf *sops, LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb) LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry, struct inode *inode) +LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr, + struct lsm_ctx __user *ctx, size_t *size, u32 flags) +LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr, + struct lsm_ctx *ctx, size_t size, u32 flags) LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name, char **value) LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5f7d8caacc00..0662e5c2cd06 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -25,6 +25,7 @@ #ifndef __LINUX_LSM_HOOKS_H #define __LINUX_LSM_HOOKS_H +#include #include #include #include diff --git a/include/linux/security.h b/include/linux/security.h index b5fd3f7f4cd3..0d882cb221f4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -60,6 +60,7 @@ struct fs_parameter; enum fs_value_type; struct watch; struct watch_notification; +struct lsm_ctx; /* Default (no) options for the capable function */ #define CAP_OPT_NONE 0x0 @@ -470,6 +471,10 @@ int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, unsigned nsops, int alter); void security_d_instantiate(struct dentry *dentry, struct inode *inode); +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags); +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t size, u32 flags); int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value); int security_setprocattr(int lsmid, const char *name, void *value, size_t size); @@ -1331,6 +1336,20 @@ static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) { } +static inline int security_getselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t __user *size, u32 flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_setselfattr(unsigned int attr, + struct lsm_ctx __user *ctx, + size_t size, u32 flags) +{ + return -EOPNOTSUPP; +} + static inline int security_getprocattr(struct task_struct *p, int lsmid, const char *name, char **value) { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 03e3d0121d5e..a3938850752a 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -71,6 +71,7 @@ struct clone_args; struct open_how; struct mount_attr; struct landlock_ruleset_attr; +struct lsm_ctx; enum landlock_rule_type; struct cachestat_range; struct cachestat; @@ -953,6 +954,10 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l asmlinkage long sys_cachestat(unsigned int fd, struct cachestat_range __user *cstat_range, struct cachestat __user *cstat, unsigned int flags); +asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags); +asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, __u32 flags); /* * Architecture-specific system calls diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h index f27c9a9cc376..eeda59a77c02 100644 --- a/include/uapi/linux/lsm.h +++ b/include/uapi/linux/lsm.h @@ -9,6 +9,36 @@ #ifndef _UAPI_LINUX_LSM_H #define _UAPI_LINUX_LSM_H +#include +#include + +/** + * struct lsm_ctx - LSM context information + * @id: the LSM id number, see LSM_ID_XXX + * @flags: LSM specific flags + * @len: length of the lsm_ctx struct, @ctx and any other data or padding + * @ctx_len: the size of @ctx + * @ctx: the LSM context value + * + * The @len field MUST be equal to the size of the lsm_ctx struct + * plus any additional padding and/or data placed after @ctx. + * + * In all cases @ctx_len MUST be equal to the length of @ctx. + * If @ctx is a string value it should be nul terminated with + * @ctx_len equal to `strlen(@ctx) + 1`. Binary values are + * supported. + * + * The @flags and @ctx fields SHOULD only be interpreted by the + * LSM specified by @id; they MUST be set to zero/0 when not used. + */ +struct lsm_ctx { + __u64 id; + __u64 flags; + __u64 len; + __u64 ctx_len; + __u8 ctx[]; +}; + /* * ID tokens to identify Linux Security Modules (LSMs) * @@ -51,4 +81,10 @@ #define LSM_ATTR_PREV 104 #define LSM_ATTR_SOCKCREATE 105 +/* + * LSM_FLAG_XXX definitions identify special handling instructions + * for the API. + */ +#define LSM_FLAG_SINGLE 0x0001 + #endif /* _UAPI_LINUX_LSM_H */ diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 781de7cc6a4e..8b96cd01b485 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -170,6 +170,8 @@ COND_SYSCALL(landlock_add_rule); COND_SYSCALL(landlock_restrict_self); COND_SYSCALL(fadvise64_64); COND_SYSCALL_COMPAT(fadvise64_64); +COND_SYSCALL(lsm_get_self_attr); +COND_SYSCALL(lsm_set_self_attr); /* CONFIG_MMU only */ COND_SYSCALL(swapon); diff --git a/security/Makefile b/security/Makefile index 18121f8f85cd..59f238490665 100644 --- a/security/Makefile +++ b/security/Makefile @@ -7,6 +7,7 @@ obj-$(CONFIG_KEYS) += keys/ # always enable default capabilities obj-y += commoncap.o +obj-$(CONFIG_SECURITY) += lsm_syscalls.o obj-$(CONFIG_MMU) += min_addr.o # Object file lists diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c new file mode 100644 index 000000000000..226ae80d9683 --- /dev/null +++ b/security/lsm_syscalls.c @@ -0,0 +1,57 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * System calls implementing the Linux Security Module API. + * + * Copyright (C) 2022 Casey Schaufler + * Copyright (C) 2022 Intel Corporation + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * sys_lsm_set_self_attr - Set current task's security module attribute + * @attr: which attribute to set + * @ctx: the LSM contexts + * @size: size of @ctx + * @flags: reserved for future use + * + * Sets the calling task's LSM context. On success this function + * returns 0. If the attribute specified cannot be set a negative + * value indicating the reason for the error is returned. + */ +SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t, size, u32, flags) +{ + return security_setselfattr(attr, ctx, size, flags); +} + +/** + * sys_lsm_get_self_attr - Return current task's security module attributes + * @attr: which attribute to return + * @ctx: the user-space destination for the information, or NULL + * @size: pointer to the size of space available to receive the data + * @flags: special handling options. LSM_FLAG_SINGLE indicates that only + * attributes associated with the LSM identified in the passed @ctx be + * reported. + * + * Returns the calling task's LSM contexts. On success this + * function returns the number of @ctx array elements. This value + * may be zero if there are no LSM contexts assigned. If @size is + * insufficient to contain the return data -E2BIG is returned and + * @size is set to the minimum required size. In all other cases + * a negative value indicating the error is returned. + */ +SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, + ctx, size_t __user *, size, u32, flags) +{ + return security_getselfattr(attr, ctx, size, flags); +} diff --git a/security/security.c b/security/security.c index 82253294069c..aa4ade1f71b9 100644 --- a/security/security.c +++ b/security/security.c @@ -3798,6 +3798,152 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode) } EXPORT_SYMBOL(security_d_instantiate); +/** + * security_getselfattr - Read an LSM attribute of the current process. + * @attr: which attribute to return + * @uctx: the user-space destination for the information, or NULL + * @size: pointer to the size of space available to receive the data + * @flags: special handling options. LSM_FLAG_SINGLE indicates that only + * attributes associated with the LSM identified in the passed @ctx be + * reported. + * + * A NULL value for @uctx can be used to get both the number of attributes + * and the size of the data. + * + * Returns the number of attributes found on success, negative value + * on error. @size is reset to the total size of the data. + * If @size is insufficient to contain the data -E2BIG is returned. + */ +int security_getselfattr(unsigned int attr, struct lsm_ctx __user *uctx, + size_t __user *size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx lctx = { .id = LSM_ID_UNDEF, }; + u8 __user *base = (u8 __user *)uctx; + size_t total = 0; + size_t entrysize; + size_t left; + bool toobig = false; + bool single = false; + int count = 0; + int rc; + + if (attr == LSM_ATTR_UNDEF) + return -EINVAL; + if (size == NULL) + return -EINVAL; + if (get_user(left, size)) + return -EFAULT; + + if (flags) { + /* + * Only flag supported is LSM_FLAG_SINGLE + */ + if (flags & LSM_FLAG_SINGLE) + return -EINVAL; + if (uctx && + copy_struct_from_user(&lctx, sizeof(lctx), uctx, left)) + return -EFAULT; + /* + * If the LSM ID isn't specified it is an error. + */ + if (lctx.id == LSM_ID_UNDEF) + return -EINVAL; + single = true; + } + + /* + * In the usual case gather all the data from the LSMs. + * In the single case only get the data from the LSM specified. + */ + hlist_for_each_entry(hp, &security_hook_heads.getselfattr, list) { + if (single) { + if (count > 0) + break; + if (lctx.id != hp->lsmid->id) + continue; + } + entrysize = left; + if (base) + uctx = (struct lsm_ctx __user *)(base + total); + rc = hp->hook.getselfattr(attr, uctx, &entrysize, flags); + if (rc == -EOPNOTSUPP) { + rc = 0; + continue; + } + if (rc == -E2BIG) { + toobig = true; + left = 0; + total += entrysize; + continue; + } + if (rc < 0) + return rc; + + left -= entrysize; + total += entrysize; + count += rc; + } + if (put_user(total, size)) + return -EFAULT; + if (toobig) + return -E2BIG; + if (count == 0) + return LSM_RET_DEFAULT(getselfattr); + return count; +} + +/** + * security_setselfattr - Set an LSM attribute on the current process. + * @attr: which attribute to set + * @uctx: the user-space source for the information + * @size: the size of the data + * @flags: reserved for future use, must be 0 + * + * Set an LSM attribute for the current process. The LSM, attribute + * and new value are included in @uctx. + * + * Returns 0 on success, -EINVAL if the input is inconsistent, -EFAULT + * if the user buffer is inaccessible or an LSM specific failure. + */ +int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx, + size_t size, u32 flags) +{ + struct security_hook_list *hp; + struct lsm_ctx *lctx; + int rc = LSM_RET_DEFAULT(setselfattr); + + if (flags) + return -EINVAL; + if (size < sizeof(*lctx) || size > PAGE_SIZE) + return -EINVAL; + + lctx = kmalloc(size, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + if (copy_from_user(lctx, uctx, size)) { + rc = -EFAULT; + goto free_out; + } + + if (size < lctx->len || size < lctx->ctx_len + sizeof(*lctx) || + lctx->len < lctx->ctx_len + sizeof(*lctx)) { + rc = -EINVAL; + goto free_out; + } + + hlist_for_each_entry(hp, &security_hook_heads.setselfattr, list) + if ((hp->lsmid->id) == lctx->id) { + rc = hp->hook.setselfattr(attr, lctx, size, flags); + break; + } + +free_out: + kfree(lctx); + return rc; +} + /** * security_getprocattr() - Read an attribute for a task * @p: the task From patchwork Mon Aug 28 19:57:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368276 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A14DDC83F1D for ; Mon, 28 Aug 2023 20:01:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233588AbjH1UAu (ORCPT ); Mon, 28 Aug 2023 16:00:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37616 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233705AbjH1UAg (ORCPT ); Mon, 28 Aug 2023 16:00:36 -0400 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1D91D1A6 for ; Mon, 28 Aug 2023 13:00:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252795; bh=zBGG0Z0RxU0ZNNk7pSWrIsOALLqk89mqFtOrYHgPhQ8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=AB/3Kofy0NtRJDTcBXp4xlCYWVF7AitTZ3Nh9T5BcYfUQrDToZPDZaGmBelQNGzEZrXpMjlR14I4eN80kQrliHLoevnCUyWCc1Y7EiYlJJ3dalvedtnEQ5B9H0Xwbd69BUGsv9Yd1seeHq6ue6hREjU2I7KZT7lRH7eL16fb88jGZCjzH6qjDtAwqypd263Rl/Wq+BLL6gxTYJeoVJ2biXZzi8F9fhM6AG+55Sj097Y4kWfKpJDP759lZSjisWM9ScB1DmrC4r/mUYvZ8GYFkMYf1OuPAUFvT6lzNkggFJAvu1rp7GrO8mAwwgalh1SRiFNqlmu6zjjCFEgsjHxDyw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252795; bh=lVvbZCKT5PMFWPW+4plIYpvpHcRe5a7xFpGfASG01Du=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=NnaAR8kcCqt7ZG4HChfQdBiHtsK0ifjHFdOFFN7mLpu6+9FH9Q62s2yxXZVbeHaQqCf0LK//uNjRAljeQpbS4wqQ2p9Y4jLEJm5aykd68Yx3KMzMhXKEpS/uPgCF81EW0ifwYLaOa+64nQN1K1qR54IK9h9OV7iHapkbwDZUK05woKcPZChi+ToXDvhVq+bJdXZVVo3v/Zm3Ez2dF4CDY5MdtWUaMp7c5umyFcB4Busn7Xuq0gASNWoc6qkRfAt+fx4f/b5N5R+iXtC2IHFH15Lb8Ggq+aMGZ1nOyw6K8kZXF1zsrKjE4UCuZ5gnoz/+Gf2radqcgoMxxYLO2jh2CA== X-YMail-OSG: 3pIdc54VM1ktsmYGZHG5EUv3GSaNeIIa4DIJUnZSsArGZjwSrCr8wx4Av_YBM5n FHRlxYXoKMWWfsDWinSEmuzTpLY4J85JcelSNUFYEcUK_GyERtOVDEE9MoumWksI4zZowO8MtyHg aq8fmCmJ1mSWL173Ta4VO_efFxFQWElHHzkvJMERPRGK5h4NDkcwNbKBs6cYk4Tq5.hhy9V6cx8p oRV_DI7HSW2w6Tp9bBpHOEsFA.2xoJIzssQanqwnocGzE1AkwLF4rvWWkG0.DtQ2pNmwApMl53p0 mwG0HsrHAfs5vvCX7F8JXkdBL94i3Vni7dM_6XNaUVe8aGCdtSeyn4JDVPa_5pyALntioILrwtVg BX5WYn23_jg7FpfERvCnJs5ExGi9PjFNYBuup3LSiB.5DBmlReTbGJxOVrKU3IA3AsHr13DiGF83 5DaNIJPNjmaemr0lY2e9B6mqvYLSQ7RAA6ZWrxAuGp0bxA4VhWZL6gHmmgOAlWa9lB0MfGOZiYQj SHsX74VtWlg.0U9WEDgHyX25oF3W.lTq01Gj1JsW9nRRJXK00ABJfObDxG8aJPlD1.46tjA5rUcV r3zKSc8wxKiD2lcjQHXIqulPhhqVYIlpx022H0gtWJKHHjJ8E7tml2DvhsYWMGZfGpZnyL4vGUiG DdBdZg9eZV9l4mjc4.66LEhH9w6afQvuM5H5j2uhbvr07uagLWr9Ce0yGTxB45hF16oEf6Ru._mf 42A8RmuU428ewnWpUD9ph33v9XAaFz8wS5.p_8bEaJGAK71w5ndh8qls7Ax30aO4zDbVPYHDfZUI BzxQKYlVxm8hp17HfUXKmdQIcvFpMi26c7sYDldNH4.N6o0ld9wpP3BrIpujk.gl.IkxhzdfJ.vZ cGZSmXkszquIYxNkPIhiaQ49GrPk3eAQAf8yBEXvBItagWwea.4JClZ2tehuuBf2vRBLJr1P6qG9 DeiNLMKn70mg3Hemf4t2WzC3ZFscllap77Ij1gHfOMz3VIeL4VNL2UNTrBQ3hT9nIhsJE3oR3Prq OmEwqheDGEZIQcGO0zhurCFxZqfBImVdYnQcZKlpRTbDx5CcXPJOiCOKMgaJ5MhjCG8A6DzEOAzR dyKs9d2neBJwM8zMpyWedgx7mfwpIv4z7vru4JSuu1hZnh23EQ2dd04jeFfIm27zP9zRRLjUmtLb 50f9uS1Nx_3z6xs1CMJlpazN7xAcr2uru7V.h1a.bnez5bOSmzvRuAx9xBbXjfm9zn9vIOL6IJeV 1afhj.FJdXiCyIEPUPpiGqZ96tmZiX1EranM0TEnYPNn9DVPCo0MQPEPa43SPdPqyvt.DrAwNPv2 GToGev9ds9aBo1x90pjhoNH.fiu1dXB6vuC0nHR0s5SUhhwWwkIwKqUJtXTkUMbpOHw643f5r5LL wt_XybK_9KyWN_e8yr9oYpg4OAIGadc_yrWgr8dO0YKtqymJ.FYuGMMizz9lc4xxmSURWkBWeX3n 1Mz_JUGMRmRrU_ikXSgSnFFNooG5uxwCmha.zcDWQokvlZ0tZ5GJgSzvTdsp4QMnPcxhRc.aM_rE vNxfAomAe3T0scfgkqMRbjk7.LZC9ocUmSSwbr2I.aqfkNPoXqb1gXVQJ5TLxxdmKdTjNqN4IF3y lRYht68lP97MhVU_nGL5XY1HsLJ7JjwUPnHwBnBIZXtIveK6Q18oRvZ3wIuZ5u8ysUhJTIx1ZkPj HfDuSGBEoTuGKsQfFTxbAUBCGsvXv_iHy.8zcDlSU.4lprKLvWp9OOBfUVRrh.5OiNNqNYu6LtQ0 zqotv_7OyEJfUNr6vO.PprTFgFHCuekVLzK1QL4Tily2Fg2sXFIzJP2Rm9NMuWmLzjfFF6inF8Xp dfbzl7ZkAXk6suSQ8qy6_IrUOZzFqw.ED0iWoPtlLF.Hs4PGxY9Pi.rQ.hrsvsiZFmvKc1lNAyRX _aQtHOBZXQVwCSxK0KP7yTG.BiW_iqWTV5suofnuU2FC.1bBVVdpDvjNp66KM.t924KP507h59WO xv5zW9awiNnELV17E0CnhAjXI6y_y7AwIfFVIAHrnDHgv0cjAl01xuPZOCd18FWzvEZIs1M1xmRi rM2W8hfwUO0oamFmB.snteoy2vFcEIe9Lox7uHYFVFKLMqVaNdcN.CzfaYydy9bUio1aANdyu4dH 6HTE_QeDZSZ8C6y_NntgI7M8v2Nh9RRKRSNSFeSVaWr3Qas06CkZpFj5CdRtyLW5jEDzk3424XrA GnU0rcEa9odAqu7XEzPSbgIWaOlGlfdSiO5f5nxTwEp2zyZDIeAgITRBOr7Pdl3bqt3moKFzIiuP JcSjBsY915qef34s- X-Sonic-MF: X-Sonic-ID: 8675275e-9b15-4279-8e87-84f83365935c Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 19:59:55 +0000 Received: by hermes--production-bf1-865889d799-x5klk (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 4fa193a662e8d287c56340453369fa5e; Mon, 28 Aug 2023 19:59:50 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 05/11] LSM: Create lsm_list_modules system call Date: Mon, 28 Aug 2023 12:57:55 -0700 Message-ID: <20230828195802.135055-6-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Create a system call to report the list of Linux Security Modules that are active on the system. The list is provided as an array of LSM ID numbers. The calling application can use this list determine what LSM specific actions it might take. That might include choosing an output format, determining required privilege or bypassing security module specific behavior. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Reviewed-by: Serge Hallyn Reviewed-by: John Johansen --- Documentation/userspace-api/lsm.rst | 3 +++ include/linux/syscalls.h | 1 + kernel/sys_ni.c | 1 + security/lsm_syscalls.c | 39 +++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+) diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst index f8499f3e2826..a76da373841b 100644 --- a/Documentation/userspace-api/lsm.rst +++ b/Documentation/userspace-api/lsm.rst @@ -63,6 +63,9 @@ Get the specified security attributes of the current process .. kernel-doc:: security/lsm_syscalls.c :identifiers: sys_lsm_get_self_attr +.. kernel-doc:: security/lsm_syscalls.c + :identifiers: sys_lsm_list_modules + Additional documentation ======================== diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index a3938850752a..4e1596b5c300 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -958,6 +958,7 @@ asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t *size, __u32 flags); asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, size_t size, __u32 flags); +asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags); /* * Architecture-specific system calls diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 8b96cd01b485..7663ef16c07e 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -172,6 +172,7 @@ COND_SYSCALL(fadvise64_64); COND_SYSCALL_COMPAT(fadvise64_64); COND_SYSCALL(lsm_get_self_attr); COND_SYSCALL(lsm_set_self_attr); +COND_SYSCALL(lsm_list_modules); /* CONFIG_MMU only */ COND_SYSCALL(swapon); diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 226ae80d9683..329aaca5efc0 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -55,3 +55,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *, { return security_getselfattr(attr, ctx, size, flags); } + +/** + * sys_lsm_list_modules - Return a list of the active security modules + * @ids: the LSM module ids + * @size: pointer to size of @ids, updated on return + * @flags: reserved for future use, must be zero + * + * Returns a list of the active LSM ids. On success this function + * returns the number of @ids array elements. This value may be zero + * if there are no LSMs active. If @size is insufficient to contain + * the return data -E2BIG is returned and @size is set to the minimum + * required size. In all other cases a negative value indicating the + * error is returned. + */ +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size, + u32, flags) +{ + size_t total_size = lsm_active_cnt * sizeof(*ids); + size_t usize; + int i; + + if (flags) + return -EINVAL; + + if (get_user(usize, size)) + return -EFAULT; + + if (put_user(total_size, size) != 0) + return -EFAULT; + + if (usize < total_size) + return -E2BIG; + + for (i = 0; i < lsm_active_cnt; i++) + if (put_user(lsm_idlist[i]->id, ids++)) + return -EFAULT; + + return lsm_active_cnt; +} From patchwork Mon Aug 28 19:57:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368289 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 484E1C83F12 for ; Mon, 28 Aug 2023 20:03:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233590AbjH1UC5 (ORCPT ); Mon, 28 Aug 2023 16:02:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51962 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233619AbjH1UC2 (ORCPT ); Mon, 28 Aug 2023 16:02:28 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AC1D9CD6 for ; Mon, 28 Aug 2023 13:02:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252891; bh=H+gqT93pGMpLYzs7aWs5HvBFQTz7T+NliWq7UTrCds4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=AuF6E+moujbLNq9PS3WzGSdy8FcIoWl28R+vBWjKtsJhETFBCGW4ENflWCH1Ef5nB2wzeqq9OAz9jvOXCWAmP29tn/oDLZOxL9es5FqqL3BthKlSfz2sLSY2/BXBG2zmXM2V0gsue77KCwqPh9DCDo6IPIG4AARcCE6T2MlEMbqCvxMQ4hO1xmxE8G5mVqaBVoSXsWa+p7VFyjxoWjp68hDhzsRBiHzLDgOn/GPCiGeK0nR1zEBUyNu8pagg0mmf0/7gnG0ym4NLf5dIz7hAfNk2EK8On0xSI+qGEE0xlZi4cBO08HqJY2wRnSX8KcJcyXESv+JrgAO4nAPmKmcxkA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252891; bh=haFV8EykDXQMtQ6Q2Bjej24mcW6VbNW1jCO0bYjlZPO=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=UAI3z2EAWl8Y79ECtQ3/sLYF3jg/YUD+xH5G5SnAa8NkMMzohlexJ5fm6eBF698MzLpFLXMjfIEHkcqq9ZD5vaoLxcgcR7hzVSjfFLRdmXq10Hddj5IxDtpaPOPQGEgKvyHx26plMY+noSOq3Lu42DiCYCf7DmvYbu+c6gmvZdjGfE5yxSajZl0Obl9DDuX5T9B5M/4RDkM5O5CuiHrOcd0UiK2vDCc1RCIRQqG7pJT9o3ZFliUtUggIkcpRPFnwLW6KlvDPZ+Kzyj2kcyQwoPrho3etQX29oA1FVjyDw1C9HgHGVYeecaHgf4RHOcUy4jnXuces2ZjAw8lYfqYXaA== X-YMail-OSG: JNJxwRgVM1mV0t3YYgOA9GGcqeWzwuDjilJbdrpyfd13fSVxL2ivYB459kDyf7F _4n97MFnweg0SsiyYGyV39mO.o6QBWDPVp0mT_uQX9l7q3KZthTvCc3pPUcTtboKaF1T7HgUgSIf 2SGZnCstQU9_QgZqmSB35iWOXQ8joumBLD_JopO1lxhAKiQzaUYqW9SC51kSvlJkUlwIVKhWypTf .jm2NrA5H7bKTCGD29YhWlm9bzgIa2Np5eynGgUG_P5DKCrj5nGjGSht9v_uIHhj8CDnrkXPBkla 9yj2PEVuuSUYNH5euS72iwViOIBXg5Nn6SJns0LaXl4Md3wzRoF8E6sYgfT4SYslt5aKoT9v3L2g I.M78XOP32Vxa0itY.UKGDwfbR.lU0AtqYvgFRuaoe761vJlNXCs6_EgIzF6h1xERKZGC80Xz2Lc IVqezvdLs22eJyIqQC25FPWBAqLbknjEumTWG4sDHZgERN2Qw.MS7wkDdcc2M.bw0FgtzQytHycB cdNZENRidBl5Ytn2qcZ3njI_Zf7NNygI6j8nKFok8LBnvPoSOzlhfdhKtnZtWgaHSxJ2LguWAHur lViX9bijzobfDIVVGwPP.8Yv6cxmFbFJjmqagyijMx3Ha.VxYmrob8.OlGeMIQe2rv7HUSMhbr9n tOISzX4Z59HfRDPFd23RN0OTx3VRAbV7a7g7yBmgTrEtlMg43LtobxZXdPq3UYPWx412pX5wSyqJ MaVgGTntE4Fnp6w_Uk_KG_Dqao5h.vrNpUxQCijD_QYcGn_6xBk9kzbynOXWziyhsdqfxlJ4Z0bK hNTfDMRJEMTOPm7MT.XpQajeEvscz56ugIPTdzRsvFhqnVVVfxscEHuMRabCbs6cU0uXhJbtyagr hndY23G73ZYRbsmG7abvP0EoBB_16ZLrN_4wwKvxPgccYD7pL0T41kgR5c4hDUD8cQdmmogypLbb I8jmNaNCemd7hZYcY3G7djsvEQjCzKak80EnE_BxugHZ6XJjqukJs3jjwZVTprSbYxPcv2FhumQi HupV_sRrIr8m5KSImxjy3fV2CW0gCM7MTRiXy5HtZRrljS2B3TcHAzO6ahps.iA6f_QJBxqM0mrY ri8x_Q5a1wuh.yv1lkygAF7V647By7jxI2jlddj5d1uAPSazOMpctB12aRz2ohVDVcjCA7kJCDRm Qpjb2UCMo9.3lLu9X2D_Rp4ZQbnxhCpZT44xdu3mc1uY0ji7NTZX0jU9jTa6sG.JLX.8g4LqIh0m XprzxTU54H3z2Gr9Ys_oAVPratqxlDXBTl7_Wdq06n1ZXzsf7T.9Pnqqa8mvrbogXbXm25vlSS9Z BzLKj3228rDeOEDDu2WWXySAMht9zOyYgtGCFNXC1NW2t3aJq761gV6uMCXK4yiN0G4IEHbeZtj2 1uQuz4kKWwNVHtkdrr.W7ndK5Uu0TCkuos8rlp4Vt6Z2N6UZRM5hNQUrEC998._Q5xOukPmXimj6 X8kMTRJ.ZsNBm_hoL41SC1JsBC2Y0zzBhwsHTOBoJ7Xyk0bODoxlxoeHjdZ1bjlTwK3eD.daQzsD v.8tPRttCG.EuuNIpeE9IEpzqpVqtqr8FIYewdUkWUD0iMqllhsHlZJ3LzAcOmDvL0sPNaQvgu8R 6qafOFCvA0URf.rjYyEqznvnfwk7qVjUEJxZX5H9AAme3R3x0SWv9wvhOKtItkZonu7e7k8FFyyd cyTim7GYhFGO0Suf2u8xu74o9kRRx7GlvcKurNfezjuw8FGoGBsQhUze9N8VNZ_YsbnZduehHDlN yWIdbeFTk4.tWK40rXlYI0omgPPcAen812CDShktBI6CMnctAW3kZXN8xyG9bcsdYNTVj_ZfW52x E9qbHuFZ1y4H37QB6m1OflOD2lynhBDhkZUElkaCYEdFU5eIOTAEkjcBsaUKYyDb6QUDSdddG1vY TLzDTpZIvCzGw2LM09nwBrnxKcc2WPepmH5TPVISGVW9P9vxjX1Bm7fTaXTFeA.h0xLfV207skCd UXXN58Uncz1gsykShAp1vIT0a7LQZg6UWhElGxWSz14aNCYu8p5QD06Vfafscl2uL06uUtcW0uuH aO_zq1__5sbBU6Sy3NBmi9Hsuo9KfpHIB7cyYrJ6wfRWL67oh1l_olRq6pfo35ZBsyg6pTgf43v6 3qX0CObmrtLpJqBsuUu8VyBUW5oByGyDUWG5DZ_v23bVLRVR3R_fjcATmAd0rqFL5adyJSyIC7pQ EuJTjKYhYvgqoaRjxmg3z67p44uYBa_Fb99K58KEHwjctxskYhH57AmMjQrozYmHugs3eAR8u_Jo j7kMfw22XNdCLyghBTAM- X-Sonic-MF: X-Sonic-ID: b5774d0b-8639-4901-a9e4-987c528b17d9 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 20:01:31 +0000 Received: by hermes--production-bf1-865889d799-xc84r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 41e108e68e35436397144cebae3e0d39; Mon, 28 Aug 2023 20:01:25 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, Geert Uytterhoeven , Arnd Bergmann Subject: [PATCH v14 06/11] LSM: wireup Linux Security Module syscalls Date: Mon, 28 Aug 2023 12:57:56 -0700 Message-ID: <20230828195802.135055-7-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Wireup lsm_get_self_attr, lsm_set_self_attr and lsm_list_modules system calls. Signed-off-by: Casey Schaufler Reviewed-by: Kees Cook Acked-by: Geert Uytterhoeven Acked-by: Arnd Bergmann Cc: linux-api@vger.kernel.org --- arch/alpha/kernel/syscalls/syscall.tbl | 3 +++ arch/arm/tools/syscall.tbl | 3 +++ arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 ++++++ arch/ia64/kernel/syscalls/syscall.tbl | 3 +++ arch/m68k/kernel/syscalls/syscall.tbl | 3 +++ arch/microblaze/kernel/syscalls/syscall.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n32.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_n64.tbl | 3 +++ arch/mips/kernel/syscalls/syscall_o32.tbl | 3 +++ arch/parisc/kernel/syscalls/syscall.tbl | 3 +++ arch/powerpc/kernel/syscalls/syscall.tbl | 3 +++ arch/s390/kernel/syscalls/syscall.tbl | 3 +++ arch/sh/kernel/syscalls/syscall.tbl | 3 +++ arch/sparc/kernel/syscalls/syscall.tbl | 3 +++ arch/x86/entry/syscalls/syscall_32.tbl | 3 +++ arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ arch/xtensa/kernel/syscalls/syscall.tbl | 3 +++ include/uapi/asm-generic/unistd.h | 9 ++++++++- tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl | 3 +++ tools/perf/arch/powerpc/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/s390/entry/syscalls/syscall.tbl | 3 +++ tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 3 +++ 23 files changed, 75 insertions(+), 2 deletions(-) diff --git a/arch/alpha/kernel/syscalls/syscall.tbl b/arch/alpha/kernel/syscalls/syscall.tbl index 1f13995d00d7..bb00aecf1dc4 100644 --- a/arch/alpha/kernel/syscalls/syscall.tbl +++ b/arch/alpha/kernel/syscalls/syscall.tbl @@ -491,3 +491,6 @@ 559 common futex_waitv sys_futex_waitv 560 common set_mempolicy_home_node sys_ni_syscall 561 common cachestat sys_cachestat +562 common lsm_get_self_attr sys_lsm_get_self_attr +563 common lsm_set_self_attr sys_lsm_set_self_attr +564 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index 8ebed8a13874..a148e71905a7 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -465,3 +465,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/arm64/include/asm/unistd.h b/arch/arm64/include/asm/unistd.h index 64a514f90131..63a8a9c4abc1 100644 --- a/arch/arm64/include/asm/unistd.h +++ b/arch/arm64/include/asm/unistd.h @@ -39,7 +39,7 @@ #define __ARM_NR_compat_set_tls (__ARM_NR_COMPAT_BASE + 5) #define __ARM_NR_COMPAT_END (__ARM_NR_COMPAT_BASE + 0x800) -#define __NR_compat_syscalls 452 +#define __NR_compat_syscalls 455 #endif #define __ARCH_WANT_SYS_CLONE diff --git a/arch/arm64/include/asm/unistd32.h b/arch/arm64/include/asm/unistd32.h index d952a28463e0..df214b7ec5dd 100644 --- a/arch/arm64/include/asm/unistd32.h +++ b/arch/arm64/include/asm/unistd32.h @@ -909,6 +909,12 @@ __SYSCALL(__NR_futex_waitv, sys_futex_waitv) __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) #define __NR_cachestat 451 __SYSCALL(__NR_cachestat, sys_cachestat) +#define __NR_lsm_get_self_attr 452 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) +#define __NR_lsm_list_modules 454 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) /* * Please add new compat syscalls above this comment and update diff --git a/arch/ia64/kernel/syscalls/syscall.tbl b/arch/ia64/kernel/syscalls/syscall.tbl index f8c74ffeeefb..1b53f9d28514 100644 --- a/arch/ia64/kernel/syscalls/syscall.tbl +++ b/arch/ia64/kernel/syscalls/syscall.tbl @@ -372,3 +372,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/m68k/kernel/syscalls/syscall.tbl b/arch/m68k/kernel/syscalls/syscall.tbl index 4f504783371f..f7a91d458f0c 100644 --- a/arch/m68k/kernel/syscalls/syscall.tbl +++ b/arch/m68k/kernel/syscalls/syscall.tbl @@ -451,3 +451,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/microblaze/kernel/syscalls/syscall.tbl b/arch/microblaze/kernel/syscalls/syscall.tbl index 858d22bf275c..2b24b19a9bec 100644 --- a/arch/microblaze/kernel/syscalls/syscall.tbl +++ b/arch/microblaze/kernel/syscalls/syscall.tbl @@ -457,3 +457,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/mips/kernel/syscalls/syscall_n32.tbl b/arch/mips/kernel/syscalls/syscall_n32.tbl index 1976317d4e8b..0ff4072ed024 100644 --- a/arch/mips/kernel/syscalls/syscall_n32.tbl +++ b/arch/mips/kernel/syscalls/syscall_n32.tbl @@ -390,3 +390,6 @@ 449 n32 futex_waitv sys_futex_waitv 450 n32 set_mempolicy_home_node sys_set_mempolicy_home_node 451 n32 cachestat sys_cachestat +452 n32 lsm_get_self_attr sys_lsm_get_self_attr +453 n32 lsm_set_self_attr sys_lsm_set_self_attr +454 n32 lsm_list_modules sys_lsm_list_modules diff --git a/arch/mips/kernel/syscalls/syscall_n64.tbl b/arch/mips/kernel/syscalls/syscall_n64.tbl index cfda2511badf..9c38818dd9f9 100644 --- a/arch/mips/kernel/syscalls/syscall_n64.tbl +++ b/arch/mips/kernel/syscalls/syscall_n64.tbl @@ -366,3 +366,6 @@ 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 n64 cachestat sys_cachestat +452 n64 lsm_get_self_attr sys_lsm_get_self_attr +453 n64 lsm_set_self_attr sys_lsm_set_self_attr +454 n64 lsm_list_modules sys_lsm_list_modules diff --git a/arch/mips/kernel/syscalls/syscall_o32.tbl b/arch/mips/kernel/syscalls/syscall_o32.tbl index 7692234c3768..a07e1ba91511 100644 --- a/arch/mips/kernel/syscalls/syscall_o32.tbl +++ b/arch/mips/kernel/syscalls/syscall_o32.tbl @@ -439,3 +439,6 @@ 449 o32 futex_waitv sys_futex_waitv 450 o32 set_mempolicy_home_node sys_set_mempolicy_home_node 451 o32 cachestat sys_cachestat +452 o32 lsm_get_self_attr sys_lsm_get_self_attr +453 032 lsm_set_self_attr sys_lsm_set_self_attr +454 o32 lsm_list_modules sys_lsm_list_modules diff --git a/arch/parisc/kernel/syscalls/syscall.tbl b/arch/parisc/kernel/syscalls/syscall.tbl index a0a9145b6dd4..36cc0130ee1d 100644 --- a/arch/parisc/kernel/syscalls/syscall.tbl +++ b/arch/parisc/kernel/syscalls/syscall.tbl @@ -450,3 +450,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index 8c0b08b7a80e..fe2ba9e8a413 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -538,3 +538,6 @@ 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/s390/kernel/syscalls/syscall.tbl b/arch/s390/kernel/syscalls/syscall.tbl index a6935af2235c..fe3fc23697b0 100644 --- a/arch/s390/kernel/syscalls/syscall.tbl +++ b/arch/s390/kernel/syscalls/syscall.tbl @@ -454,3 +454,6 @@ 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules diff --git a/arch/sh/kernel/syscalls/syscall.tbl b/arch/sh/kernel/syscalls/syscall.tbl index 97377e8c5025..319968dccde9 100644 --- a/arch/sh/kernel/syscalls/syscall.tbl +++ b/arch/sh/kernel/syscalls/syscall.tbl @@ -454,3 +454,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/sparc/kernel/syscalls/syscall.tbl b/arch/sparc/kernel/syscalls/syscall.tbl index faa835f3c54a..9ca3fb4c05de 100644 --- a/arch/sparc/kernel/syscalls/syscall.tbl +++ b/arch/sparc/kernel/syscalls/syscall.tbl @@ -497,3 +497,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index bc0a3c941b35..4caa3c415528 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -456,3 +456,6 @@ 449 i386 futex_waitv sys_futex_waitv 450 i386 set_mempolicy_home_node sys_set_mempolicy_home_node 451 i386 cachestat sys_cachestat +452 i386 lsm_get_self_attr sys_lsm_get_self_attr +453 i386 lsm_set_self_attr sys_lsm_set_self_attr +454 i386 lsm_list_modules sys_lsm_list_modules diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index 227538b0ce80..c5f85f93e80b 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -373,6 +373,9 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules # # Due to a historical design error, certain syscalls are numbered differently diff --git a/arch/xtensa/kernel/syscalls/syscall.tbl b/arch/xtensa/kernel/syscalls/syscall.tbl index 2b69c3c035b6..509379512c27 100644 --- a/arch/xtensa/kernel/syscalls/syscall.tbl +++ b/arch/xtensa/kernel/syscalls/syscall.tbl @@ -422,3 +422,6 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index fd6c1cb585db..b5588efc0933 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -820,8 +820,15 @@ __SYSCALL(__NR_set_mempolicy_home_node, sys_set_mempolicy_home_node) #define __NR_cachestat 451 __SYSCALL(__NR_cachestat, sys_cachestat) +#define __NR_lsm_get_self_attr 452 +__SYSCALL(__NR_lsm_get_self_attr, sys_lsm_get_self_attr) +#define __NR_lsm_set_self_attr 453 +__SYSCALL(__NR_lsm_set_self_attr, sys_lsm_set_self_attr) +#define __NR_lsm_list_modules 454 +__SYSCALL(__NR_lsm_list_modules, sys_lsm_list_modules) + #undef __NR_syscalls -#define __NR_syscalls 452 +#define __NR_syscalls 455 /* * 32 bit systems traditionally used different diff --git a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl index cfda2511badf..9c38818dd9f9 100644 --- a/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl +++ b/tools/perf/arch/mips/entry/syscalls/syscall_n64.tbl @@ -366,3 +366,6 @@ 449 n64 futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 n64 cachestat sys_cachestat +452 n64 lsm_get_self_attr sys_lsm_get_self_attr +453 n64 lsm_set_self_attr sys_lsm_set_self_attr +454 n64 lsm_list_modules sys_lsm_list_modules diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index 8c0b08b7a80e..fe2ba9e8a413 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -538,3 +538,6 @@ 449 common futex_waitv sys_futex_waitv 450 nospu set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules diff --git a/tools/perf/arch/s390/entry/syscalls/syscall.tbl b/tools/perf/arch/s390/entry/syscalls/syscall.tbl index a6935af2235c..a18e9d7cf92b 100644 --- a/tools/perf/arch/s390/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/s390/entry/syscalls/syscall.tbl @@ -454,3 +454,6 @@ 449 common futex_waitv sys_futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules sys_lsm_list_modules diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index 227538b0ce80..c5f85f93e80b 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -373,6 +373,9 @@ 449 common futex_waitv sys_futex_waitv 450 common set_mempolicy_home_node sys_set_mempolicy_home_node 451 common cachestat sys_cachestat +452 common lsm_get_self_attr sys_lsm_get_self_attr +453 common lsm_set_self_attr sys_lsm_set_self_attr +454 common lsm_list_modules sys_lsm_list_modules # # Due to a historical design error, certain syscalls are numbered differently From patchwork Mon Aug 28 19:57:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368291 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 98F52C83F11 for ; Mon, 28 Aug 2023 20:03:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233616AbjH1UC6 (ORCPT ); Mon, 28 Aug 2023 16:02:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52040 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233632AbjH1UCa (ORCPT ); Mon, 28 Aug 2023 16:02:30 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 83490CD3 for ; Mon, 28 Aug 2023 13:02:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252892; bh=Oreco0LF0y2+87Gi8hDvxZqi5x4vlnmmNzHzWTtMaek=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=dBTB/CLtUy49MZPHyuldYYqx/hYG9xd3TMA22ZktcvsOWgxHo70NhORZDomVPSHETak2FQvhZxiLWxFRLi/bw6uhE8/savxmKtOQGOwkfZTF7URaGZXFZJvKdKbCEZpIPCgT6wJ545YD1i4shcz7x9cvxsWQkzzKGLYhe4vDXwQmROLsK8cglnnO0XKdbitJTO0UWxZSdEBLulgXPWF40t843dOh44+YujwiKqlP8Ua+U68VJ/nzqixiVzkgn0QzKPF7hcVkt//lb094m1xfW2o/AMQN9OU8BTqhIRaMODAKIujyTeeZ+gDxRidtXKWOLIvPt5J5aGriHbvt37SG2A== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252892; bh=iyAsjsOIrbpE4SvFgYmsEIT6JPJ1UE0as1WRa/anQ5A=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=eO2CzBQLew+dGZApdgXm5UL4lT/EmRnrdaFaoRmFh1n4XTHLjMLh8JJPYceQ454N03p1pOnioQ20sACPNNLn/l8dPzVzjKp0IgUzbVyR6Ze9yoz3F+I7usswa9qYM+RwakJ7lvwKYhubgxKTR+GsjmVhmyVTs4shnbfqG0puy+wT6SkVQleUhUh7GFpoTsZLMsfs62NRzsabAu7LlumsR588mu+4Et4Wz01JWPLHtanbnHwbHkPH6RSNGKmuDAoZZLHlb7SNQZvOGiIGKp013OEXNiX1RdFEid4BrtGgmqTC3fpDEJAXwet62BOyNbfarPSXuYL5Z6kN+nrCis7F+g== X-YMail-OSG: 6v1rDR0VM1kHQBCEKuNQaUyxk7csQYN8b9Iy7DO2BlS.iLGR_AQepzJ.JGyouha FbbjHJndIWtrSh7hqUQKCouXljQvSjFTDL9LEMEXdocRCEnfXKeQLcgNWdrs3fWI_ETwvdS_OmDi XrG_agQOio49eKfYM36T9Cpjd14qw.wBQZgVmDVyIulekE7ZA4Sn0W1XC0eIaqECbyzI_8GynIBf 9zDGGqE_Mc6BaAbfwG8pQVNkjOTqZUozfAnBX94M70WpvpitUAbITcy8oH_rTKhchgyq8CxR83An jT9WjAXUzoopDBBrrmVO2EVY89fU9Nnven7KaSCD4L3Hq.oRyupSy6rtZfJnxM7SLdQRGaAKQNyt qKJazDouPC.gAly6lpm6silgO6ZLiIuPJ6uWib3yO_ueD1O8.WyM0VjicfXYb1oGRPtez7.09cYc ShBLiP1nm_WAZfSFmo5Vo2aHKK6urMIG0z0ILN4VeGAUYV.gzS9UztuHWg0cJNCczMlPwwV6Bg4. SYE49.sAh47Hwnuiai4mXeKEgd67kQRuhrCAeiWeWZfMWza3FbNtJx7PuJR8cuSP5NBo6ZAoWPGy 1fdeWBvb98D0_7NVYqqx2VkUBjIxxCEdMDb5_jhT.8Nw4pxcKNpyxqYi9KOWOdHQwfAbS4WuygUV 3FQFcSusP98IKFGRKP2kAomAO53ENaE6A8Z94W_6Ro9C5F24h1xLylOfiXz3.Ba0PHCiPGuvoXCL nCI4R7zY5tsiLpvCmW53rj7oAXFgm2vZhZjgrQX2V2YzsWANChKoTm8rO1yU_zdabWrwjwELPnEL gHI_WWYrqOCNSN8hx2IoNoiEmX8IO4aiC2uifBuFOP80l2izdA6my_F4ELEC.b9o9SBppJy50S7o s31byNdbiGLBAL.7vAnHZx_S9ujTmQNvrNQ7G36V.UKfnrxDZTxhyfSN.Kgv6u6RV4FgeVn88sK5 0yOVZqkjfO1Zc7N1igLFnvfBG25EOiS5s0TgOS.rvDEY6pjuZhbFT2cjfvyD95Sy2az3apXGQAl7 5JyGawCufiqyeMIFl_fkC40E6CV4qeo9u.NEyHU5R8Gi2.Pz4vtpL_2mCxCmk2HKFvppM4Lf67zv 7aVIILhyEs8yGOoHdu0V2yovqfWjFkXH9mDOAERGgleZTpENt1NirswYFzufqCezVLZ_kek04y3x VdRtOlsAhR5REkv6WZG9nW98GuSWgEleSW5RJzBamMweksrTJxwcULCT_wJg.1KOu5wkSYwR99Wa THBQ6U_V1sfTed1PBJybh6r_aSImmEdT04LvyMH94kAPxlTYOuTvlpNbQAGN9OSOWrkgACU_kcci j6o_POGYHZkGgFXe6j.S4q3pYN5JsmTJYLvC7Y3IFBUujC_ELR0ZpLesnpZ.ZBREvcnuHa0s3rr8 SWhgQn46JYyxasB.u89sY2aFjH16aZNK0SExtNMbNvEqjYv.VO_XjYN8qJWRy3vnxtiVhhdl9Fgm o4F_zmT7k_lKCMymC5fSQu.7UscbH_FHnvW0hI65HFy1vvVfXWw_w1l.HBuxej7FuHnCkxTuDZz0 KrpLmOPp7RBSms97ZmTC3hbSlpNkE88muWh4DjKYXobkWW5rAv7eVmuoRLZCjj10iLaPHOnLeUCM 280nuNRplV4CsB94MLnYfaNTeNax.8mlcxps4IezAm0wG7qmPChH_deOQLHqJiySaApTCsiMn0lj FIY2FuaeRib8hgeDYfru6FEaBqjcYA3uq3lS.7Heof5NfDLkOwn5NJugXRbnZSDw9AnebVb3RMpB Qw3mKK9WhT5EyiNXWx1cCNFIpg2rLgMG8flyyW3LKODYym9g4jnyLe3IAAotxeYmStKNrYJeaLmh zffnBiVRyQcj0CiXTC49TjdHIZoj4nonUFiqCYFtmxVhGdpCEKsprW22XmBB6Oy3G63Pd2SdqClE PDaCHgilYWB3d3x1jL8j2ORaqVHtroJFbRiAuf1khDCfLSdFKpRtsuftw2I23pORlDfTwL_UCcxn y8704L55UKW4hApJ1wZ6599iaUF25dC5aPVL0SbeeeJtH01pOB74S7CdUpz5n3tRaZTPIdPjCg.4 YToZOBSZdpW4NpzU.1pAUF3jyAlqoVK2pPanaPtIhzjcobfMa3FMlez3B_nqoqTOzyyNXxQ6Dp6R lTdaKdFH_3lo1N7Ta84zpi7fo6bJJAGa1jnLd7oBqwl6puTQw.f1pCDmqAr7MvyUQipPjv3xvuj. FWBeQCcqRTfrxmBh91QhwRQ6Bzmm3vifvt7b8xg-- X-Sonic-MF: X-Sonic-ID: dfd8f45e-a7b8-4b6e-bbc7-5da8826f8a30 Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 20:01:32 +0000 Received: by hermes--production-bf1-865889d799-xc84r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 41e108e68e35436397144cebae3e0d39; Mon, 28 Aug 2023 20:01:28 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 07/11] LSM: Helpers for attribute names and filling lsm_ctx Date: Mon, 28 Aug 2023 12:57:57 -0700 Message-ID: <20230828195802.135055-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. Both are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen Reviewed-by: Serge Hallyn --- include/linux/security.h | 14 ++++++++++++++ security/lsm_syscalls.c | 24 +++++++++++++++++++++++ security/security.c | 41 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 79 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 0d882cb221f4..817cf28dbf8a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -32,6 +32,7 @@ #include #include #include +#include struct linux_binprm; struct cred; @@ -263,6 +264,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -488,6 +490,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -505,6 +509,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return LSM_ATTR_UNDEF; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1408,6 +1417,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 329aaca5efc0..5d391b1f7e69 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return LSM_ATTR_UNDEF; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index aa4ade1f71b9..1cd3123a18f8 100644 --- a/security/security.c +++ b/security/security.c @@ -770,6 +770,47 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM + * if memory can't be allocated. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen = struct_size(lctx, ctx, context_size); + int rc = 0; + + lctx = kzalloc(locallen, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + lctx->id = id; + lctx->flags = flags; + lctx->ctx_len = context_size; + lctx->len = locallen; + + memcpy(lctx->ctx, context, context_size); + + if (copy_to_user(ctx, lctx, locallen)) + rc = -EFAULT; + + kfree(lctx); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: From patchwork Mon Aug 28 19:57:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368290 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D80CDC83F18 for ; Mon, 28 Aug 2023 20:03:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233617AbjH1UC6 (ORCPT ); Mon, 28 Aug 2023 16:02:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53764 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233652AbjH1UCf (ORCPT ); Mon, 28 Aug 2023 16:02:35 -0400 Received: from sonic310-30.consmr.mail.ne1.yahoo.com (sonic310-30.consmr.mail.ne1.yahoo.com [66.163.186.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 772871B1 for ; Mon, 28 Aug 2023 13:02:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252895; bh=c9gbUKDKCtAgVvj9/FjFK28NvQAqbhjz1AgV7p+i+4Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=GLLy4Pmx/bshjTSXOliBNJlWBPHducqZYmaf/xbhTR3E2x+n+IiGJIGA6jZCUfekLmDi8pkaF00BpPaT41wGZiwtBhrbouRdTHMDC36vpSEFfBJpErPWq3Gg3pAxZsyy1jgNwg8qM6rZEfTqs9mzWtv5OP+r0C+F+ZbrYTudj8KC0u39S7G75h5iu7A7EHuMmvp7N7svUKzwuZE4PvIlZue4NMR69ei6goRu9CtQnwpGtSkPmqotO1YDrqowtwvEIBBn/wu1IaZGmdrkc4KNgA030S06YADmrujUMzKKg0XKeYAD2K5rSFUyW3e4yQcxptyXASm5C3eNukiKQTW0hg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252895; bh=J6i7tBpc+ZB+IsVOA2QByfrEnLTAVSELaHpwuOA2Xij=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=E/6fXxeW5uJx0nYmH1EUeyFJPYTVzxEyqi8lVCj46xSfRZmJGWDOGg/Jnr/3/C/KJeV8vybsaj3jH+C8uyppB0sAS8zWcMWRJFAo4JmltL0ILtwPjWsG+qb4SaJ84mtt0ytAl+ppvUHmTXkyK94GlDs0eCfAdCxt3OUkTd4niKkV544J383zyL1xhfKBHQbCeRE4oDTznQOCPxx+osfUA+4LcxT0VHZzuMiVcI/hMhCXJ8SjEyV18kNGm4w0tlq8m8sjBHV7Hm8QxpvlrlNguanqESRTSPZr6iwJXEs3bsL65017USjoS+k8Cg5k41WBmoM4JHOsJfKYUbA7MKbYoA== X-YMail-OSG: IEWijHEVM1kSIGGWXBX9vyHb3C6upUTQToOKdQvKbFH6ahr.MT2sfTpEBkpkeCM AD.x328CU6o7srPrSpWwm3UvEGBKQmvG5.RObxIO_CN0_Ihb1Ut8Vgd0hu8QY00t857qHbQIEj4p IwkNiF4qNdpbCjRnG7ZhqljVdcLXI6FMj5FGv88LKj5rXnlcc3z22CiIJn9eYai_aUtCrmC_M7zk W8cnd.HUHw2ry.Q0bVTIT6CiNieOqggm2eFN9o4pb38ULLDblx9luzDbK61KJVPwVwFwLc1NJri7 5tSHKEHs_DvW3lTlfl.uuiLYyDQLdRviYpVHMYktcvZ9WewkE8yl9KNRpy1m0sHDj5WADXuUKvqg PIAbSZEErPj1oedNC0y2KY0fkMVUj0cD9rfa6JfKf9Jf4iD5R1Hvv8jhVYDDsMnKdI8bpSO.xwhJ axKyhmQSoqYRtf3fF1W1UoFu1GjFlKMIw6DmERMKXfurRFjdhUyIughDEJI3K4rtJVfJSP7XXbp6 ZtfzpFtN9iQiFJlXaOo.bZgvVsO0739G9hh7ivOsdIuawxKw9DjyDaErLH2VzsNxITAJBDc_ccth Mf4kgtkxKxzdTJB6fzY76ave5BhxuTBhMLoSvpQSzLKps1TRpVgSH.zsuKdg9ZtsumxmFuULgMDT nylbCgFUFaSMJyK9.jyKJK6cW2cy5QVeqwAA3aXEjh_oHw8XUycAztpOW9gk3etwdk06Y5ogcLvR oaQ_PKbVJobH3d2KXEVree5vPp2zriCY4QZhltYi35KctEDT4vCwB8TNROAbFVEMtGlfAncbUVmK 9B1NQ8LZEeDjxuGNfG1STVjEGQ99fSreZLOVfCJpeRbao8dQ8smTm4RbdLcej.8yOurhPDFHPN.0 P_RGtXHuifBuLwdiUv5KX7hyoCayB6hfDV3pPAPmZ.byaCoI29gVuftVM2u7A3s2W3f7SWqbXwd1 IlBRci3uGGvmJZ1yDd8aThherOzYjlo.dtjYn0ay1cW._PQgQeUvj.GVLAvgf9_8wuyy1RGKcuUJ o_8GQ4iPXMK1VR3kKH4bDohXx79QgdLcvpECTVC.8IAOiRY2l3Nq55YHcdxZItPAvHIs6jNYNXRG 58Sx_yeInk7tyrKT..1BeyAYJ3qCffg0yzJQFwCmSrMxxk1vKsFBlpqsNsYQBLoSZ4EzM9e2JGnR vun.eFav6XLaLGPMqHzYndQ9cexdwQvKJZdYfu.Nz1wYSKsy2xzsdoDrpHRSiXEHTqwiWJqtdt5e LUmqjAkB0PmQasSGFnQi3UQz1H8TlRUCXlFv9QJTpYQlXpm7GC3rXDWHvoRYMh3mAUHvCE66w8Xd J0eA26r4ymP_YV9ccaiKxipc7sRgimBMT2YR5qvYOTkl7cC.gaa9bQJrGMbayM7i.OrfSdpKkrN4 BDH.PoH_ISsMisPhC_Qt2zSsrpzjCFzU5Z63.sx5Qp3lG5hZmWKmPr.Yh0jbSbMDBRTn2zq.LdG6 MDXE8QC8FuSJYBaxMMhoFVUlNe.3PTexmFO9mLmcniOd2DxvXTbWN4NPd7hbstqACeuGBeoJV9qz yYlRd4G4rtFFwyBl4L8b3VSZgoN0OCBB3AOB5ZVIb7DCMI0TUQhXtP77Cy9C_bVtcEHUJiy7KNBB WqDv86uUMPAmBQaF.ZYtZp8eDtn3AEj32eCigWheRkGF5EljzcaSGRjSPWJJJ7H8oYFMLktGTqaw z.W2Hz82OnIpXNWA8V2PQc8FbTDctD1sWuuzoSj59B_qXe3GBfBjygkH1dyzb0eC7Cq_xPliJCqD 5_vhnLL40WqmXXhcB2gxivifDf5qEmAK9PkiEUkk9MihevVCs3O_7mUgU1xqKeqEysETLKt40n79 X9GRXBajp3qCOn4M0gbdIQfx9WbzkSkz4wNg_XlO0X9_Pqo7CC5y09e3o99fI2zVfkkVE66hEzxs 2okfr1PwkTE_b2SadGOPuWLsex5eKeouC4uEtUu6wg87JrlO4lw3ZuMcGZ40YIssjjS67I2Zp9cy D0oKcBa8ErO9hGhbqTEYVDEjdj0NDTbBXpFNrVmp4ZigNR_gFAxUrc4bN3sOTPj58Mnf8Pde9.qD 929q3uZKGaXf0r24uCnd6eS7nMOaU9N5_yLw41BgvqMBhQg0TK4.zEM12QFcwJriyiEMERi6RRwk EzGV6VziXHcSnDgMrZdXSoeLTQhjc.Bt2wm412IAgYWGI8I5TPRyhpkgwXPKVmbUlJFDByTD66dg OAcE5hTcTy5SFkQTBIgXy7di5g4TX5Af.bp7UOvAOWsGhCiJNhOObh7eAlCZiVyVpL2GcK3mdYS6 ZzSYfKiSIhaN4g62bvjo- X-Sonic-MF: X-Sonic-ID: 884e8dc7-9432-4337-8f4e-5a4e2a2adba1 Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 20:01:35 +0000 Received: by hermes--production-bf1-865889d799-xc84r (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 41e108e68e35436397144cebae3e0d39; Mon, 28 Aug 2023 20:01:30 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 08/11] Smack: implement setselfattr and getselfattr hooks Date: Mon, 28 Aug 2023 12:57:58 -0700 Message-ID: <20230828195802.135055-9-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Implement Smack support for security_[gs]etselfattr. Refactor the setprocattr hook to avoid code duplication. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen --- security/smack/smack_lsm.c | 95 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 90 insertions(+), 5 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index d2dfef74e4e2..1bbe0f9f9fde 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3565,6 +3565,46 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) return; } +/** + * smack_getselfattr - Smack current process attribute + * @attr: which attribute to fetch + * @ctx: buffer to receive the result + * @size: available size in, actual size out + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns the number of attributes on success, an error code otherwise. + * There will only ever be one attribute. + */ +static int smack_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + struct smack_known *skp = smk_of_current(); + int total; + int slen; + int rc; + + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; + + slen = strlen(skp->smk_known) + 1; + total = ALIGN(slen + sizeof(*ctx), 8); + if (total > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, skp->smk_known, slen, LSM_ID_SMACK, + 0); + else + rc = 1; + + *size = total; + if (rc >= 0) + return 1; + return rc; +} + /** * smack_getprocattr - Smack process attribute access * @p: the object task @@ -3594,8 +3634,8 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val } /** - * smack_setprocattr - Smack process attribute setting - * @name: the name of the attribute in /proc/.../attr + * do_setattr - Smack process attribute setting + * @attr: the ID of the attribute * @value: the value to set * @size: the size of the value * @@ -3604,7 +3644,7 @@ static int smack_getprocattr(struct task_struct *p, const char *name, char **val * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(const char *name, void *value, size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { struct task_smack *tsp = smack_cred(current_cred()); struct cred *new; @@ -3618,8 +3658,8 @@ static int smack_setprocattr(const char *name, void *value, size_t size) if (value == NULL || size == 0 || size >= SMK_LONGLABEL) return -EINVAL; - if (strcmp(name, "current") != 0) - return -EINVAL; + if (attr != LSM_ATTR_CURRENT) + return -EOPNOTSUPP; skp = smk_import_entry(value, size); if (IS_ERR(skp)) @@ -3658,6 +3698,49 @@ static int smack_setprocattr(const char *name, void *value, size_t size) return size; } +/** + * smack_setselfattr - Set a Smack process attribute + * @attr: which attribute to set + * @ctx: buffer containing the data + * @size: size of @ctx + * @flags: unused + * + * Fill the passed user space @ctx with the details of the requested + * attribute. + * + * Returns 0 on success, an error code otherwise. + */ +static int smack_setselfattr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, u32 flags) +{ + int rc; + + rc = do_setattr(attr, ctx->ctx, ctx->ctx_len); + if (rc > 0) + return 0; + return rc; +} + +/** + * smack_setprocattr - Smack process attribute setting + * @name: the name of the attribute in /proc/.../attr + * @value: the value to set + * @size: the size of the value + * + * Sets the Smack value of the task. Only setting self + * is permitted and only with privilege + * + * Returns the length of the smack label or an error code + */ +static int smack_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr != LSM_ATTR_UNDEF) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * smack_unix_stream_connect - Smack access on UDS * @sock: one sock @@ -4970,6 +5053,8 @@ static struct security_hook_list smack_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, smack_d_instantiate), + LSM_HOOK_INIT(getselfattr, smack_getselfattr), + LSM_HOOK_INIT(setselfattr, smack_setselfattr), LSM_HOOK_INIT(getprocattr, smack_getprocattr), LSM_HOOK_INIT(setprocattr, smack_setprocattr), From patchwork Mon Aug 28 19:57:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368293 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68461C83F18 for ; Mon, 28 Aug 2023 20:04:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232109AbjH1UDc (ORCPT ); Mon, 28 Aug 2023 16:03:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47064 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233730AbjH1UDW (ORCPT ); Mon, 28 Aug 2023 16:03:22 -0400 Received: from sonic313-15.consmr.mail.ne1.yahoo.com (sonic313-15.consmr.mail.ne1.yahoo.com [66.163.185.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 99F3ED9 for ; Mon, 28 Aug 2023 13:03:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252988; bh=aU7TbA4srC4O/mkH7MA73Us9gBHIFBXBeNrnqlHFtaA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=l3+IRFMaghBexZF76IbrJQr76uSCg/KxTKeEYDa7OqVZcIScTm5bIPzXS/rm/6VWZDmRaahaPii7QaWsC6oXTa0M4YR2saO5HvojMcdy7CWMPYw0OZ3wtn5niXzy1REVM19RJUOCvUocN07DqelgBz/IKHbzq5kAm3e52cIho6due3SZgh/jo4UfpPzwNp5YI7mc7vQun5MDk7ZfZt5M2iOT//U7CFNrnN/jhC2DkuR4tykz8fL1a3YVXP3C80OAFvxzPz539njlh4ZOxTNuPy2I6uVVVbNBPKmlmHHm6dfW88hXvZrSsjrkaiHLxjR8E7BaCgKwpMLcY1qrBDRH7w== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252988; bh=7pdxPlHpS27mhZoYwt1KeWP1wvKoXCR9ugMpV2p+XOm=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=RLUydUFXmaymybpKwkvvKhnc0wGZz/gJuGhl5S2m/iqGOWlOk12ToJqW3slJUb2nvgVFR8fKFiSPE+EnEsrMwnY/ucJ6I7K/g7gR8Q162qCThFOYBXXnHcaKiwcRAk7jia4hYRlNmoqHSnjw08brKERt198rgWosvRg2GlCHcVn7dR65eYgg+z2q1kvvGB0OU6JoxbNrDUIP7MOXC8YXRA0GVmgqaBGtCcxAJ8sT8Mqk13uRA+lHMqqr4oJA4ckrwi0fruS4vFxommLwHsKcgNZOeLwxDb4iAzpY+gBu6gQAx0k6IPm8+Icd5lg3bEHmyBFX8p6dslPnYn/EIGJSgQ== X-YMail-OSG: qU9bn3sVM1mWM4c1_pp3hxTgKFbXFVa3OYxEiiEGMo8gZBPriOthI79A5FZdqW9 Pyx84brBHMsg4fvAc5IRpd4lioLT_BopO3kegjSx7UXa5YQ6k.xAMHyYW7DOujFoVonkEgtxeCXX vzmH_K1Rzek8f26ewggju2MqXwr9w6XRLMhVWer8HWPcMfCQ4it7wGrf.GhgNLEOMmQBX6hEqTRM 9z5STrvWnt9vH5rAagno.08cS_RB5avOs2erpyPZlfpgz_8L2L5m9rP5l7aQGItkcAVP0V4CJNhu zcyDhztHDUBBDrxvjl.M8kqHcavYFeo28IszdOdijBVX8CMQf_6UQ5M8U3hdOWIjG.KsEnMyHJSa zDt_U.OPX4ctnvd278KWR15FzWTZhnMVqILPOn3pIbj3PQVPfYbO2zU71cZFpOtu32GIxu8tap0V kbM5JJ0XFgwlLiFQZiYWzRaVgN4Z5y7P_YYVBOaHLVQYHK2rVxwfY2LRjtjt95O521VJRAerge6T wseaeciWiQYRC_0kibt_RqKlp9RLbZrRIPIKot_gE3W8uRzRVgRoIyV81QVbtchuGGKtanSA.UyA 2oxjQuCbC0r.GaZ6ElRfZ2uLBpu5QG2l2_PM3BcAbQJPA7skADimrlS34BbCe3ussFVda7WfNRDo SIPFGSPlfzxtes6sJ.RPvRgP3I2utVdxQkuIQKw7XpsqJqJaaGH6HpYuNDZ.rTkVg35TDCBdWKLz nPI4xGzjR1xSPm8YKL3DHd9rKHWwQlIa9MVyyO3r0k2IXW2gcBdruI2kn0X3Inc6txE0.wFx4gOh BT1vQ63hVFgTj4IwyelpUypjQQS7qNk1cH6QVmynMOJFHnZ6KfEm4nnigb.QjnuIwSB9GTrroDN8 Y3qSQHyb9X3E0JX6QXRd5rxSR_sTvK_ecy2vbU_wlKi2KMZwlZlC202yO7V57FJzA0nvY3I5rSqa wJhJjC56mEQ_dByybSI2P8LSokvfFiVJArZS6lhSnVZ4Q_.Vfl8uMcQppEkXcLv7jiZnKwF7wiZk feik6X1_ZydMo7Yc.wNFOU6Bn00LU9PKb3P8EHVwX57D0H0ooIpZQYsEMukIWvxjpZclPm.oHuL9 PEPf0iDtdUrrXmeOTQ9Iyh1f0h.b9Fn9ytwRj_JPfYrWWHLZVftvsJp0WnCywBmaNdj1Z6rufGn_ 7EPSvpUenjU9YUosxBYzui1_WAp_mVsKzp8T6K4kj6gu1EeJtrBl2jmJWTKpHCQq_3gdaReG5bW7 VIaMdFA_JbNEcEmN_JNkcvcFGo1ecGg6ZMchLB3V62NSFHGcxI5mX.aKLq.7RUstwGLV7_9p5cOW hOI9r2JVceT9MEhswlBP71Bf9Q2J1KY8A1gMNKeOlroEwv4W8AumibgQzUmBgcbbpOulMwSYmYza LzoY9eaDfthUziHuQCJaY08iJQr4LJ3HKWD8elFv6bFs7_2EKrumKIvw6e28eF7Q6tz2mTN.UfOE 9xViVGdV.v77oIZkYql0tZnZLX.d4SqWNtrw0A3tdJTluDsAOuubOTcrqC4AnORFq0ko93CZoBQ7 tQ5vASEM_M9xlOS1CHQVbXHgK3xY9lqtIhI04gbSdMpA5HDw.iz3BiBSaRAc29h4O12h.cRmcygR qHS970cB70KUIXaIyZuJ9kPgx4YdFUjQIJfi.s4aV.P3unlq47Yue6xuur.GOaMAdxjKycQKVAi2 0X6MEDTB4v477GNJusgTW_OcB2KntZCmVv_m3Fl4EKQ.8vIUjky3Cx89YVUaEGKhOApx.rBBopkK LostXR65zhkpMzE8Pa60rNaG4Jeq3WiNgTXXKm0jWj.uA1jpfpgLbdVWSU_w_0xjd2JEezI3gcUZ 6qqBCwLDWtjf5Jml7JC07HAwcv5T_0x9G_FF8UboghPwQekZcsy9J..GElsbm819JcJQ07azQVQG 4USlU._lkBqf6L0Gp61sXeW4TtuVqgdEpEaudW1BKb6R_UfQVxaEkvz_6_qB1QY.p1hbijqqUQjz AHum6HGWDaXQtWc9ZL0byD4lvv8VG8MXozp76zjNLc1mCsHF5l5CV5CLnoCDG6fhJleYvlDd7RbH F8hnEfTlqK95DqDJ0HbVSnYPuxMcfEUx6X9JzFfZhpkN1oEFXcHReUn873fMHLiTTtcY.7qfr5oL FTOCq5soZVeFF88gq3GG.Xb6UlbVi00.gyAPhkzZbAwlzzdFr.1086uR9QAzyaSly5oxmTZbUxZ_ N3wGXl1uNUx4eRXhIjOwirII7LPdDT2DRIYG_PR0qM.e1Vg-- X-Sonic-MF: X-Sonic-ID: 1d27e4a5-13d1-4dd4-a0b5-ebcb7f6da7c4 Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 20:03:08 +0000 Received: by hermes--production-gq1-6b7c87dcf5-6x8bf (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 29138cd0d16732a579d2f4720912c9a5; Mon, 28 Aug 2023 20:03:04 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 09/11] AppArmor: Add selfattr hooks Date: Mon, 28 Aug 2023 12:57:59 -0700 Message-ID: <20230828195802.135055-10-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Acked-by: John Johansen Cc: John Johansen --- security/apparmor/include/procattr.h | 2 +- security/apparmor/lsm.c | 91 ++++++++++++++++++++++++++-- security/apparmor/procattr.c | 10 +-- 3 files changed, 92 insertions(+), 11 deletions(-) diff --git a/security/apparmor/include/procattr.h b/security/apparmor/include/procattr.h index 31689437e0e1..03dbfdb2f2c0 100644 --- a/security/apparmor/include/procattr.h +++ b/security/apparmor/include/procattr.h @@ -11,7 +11,7 @@ #ifndef __AA_PROCATTR_H #define __AA_PROCATTR_H -int aa_getprocattr(struct aa_label *label, char **string); +int aa_getprocattr(struct aa_label *label, char **string, bool newline); int aa_setprocattr_changehat(char *args, size_t size, int flags); #endif /* __AA_PROCATTR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 6ff020ff3fcb..0f77ce0a59dd 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -630,6 +630,55 @@ static int apparmor_sb_pivotroot(const struct path *old_path, return error; } +static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, + size_t *size, u32 flags) +{ + int error = -ENOENT; + struct aa_task_ctx *ctx = task_ctx(current); + struct aa_label *label = NULL; + size_t total_len = 0; + char *value; + + switch (attr) { + case LSM_ATTR_CURRENT: + label = aa_get_newest_label(cred_label(current_cred())); + break; + case LSM_ATTR_PREV: + if (ctx->previous) + label = aa_get_newest_label(ctx->previous); + break; + case LSM_ATTR_EXEC: + if (ctx->onexec) + label = aa_get_newest_label(ctx->onexec); + break; + default: + error = -EOPNOTSUPP; + break; + } + + if (label) { + error = aa_getprocattr(label, &value, false); + if (error > 0) { + total_len = ALIGN(struct_size(lx, ctx, error), 8); + if (total_len > *size) + error = -E2BIG; + else if (lx) + error = lsm_fill_user_ctx(lx, value, error, + LSM_ID_APPARMOR, 0); + else + error = 1; + } + kfree(value); + } + + aa_put_label(label); + + *size = total_len; + if (error < 0) + return error; + return 1; +} + static int apparmor_getprocattr(struct task_struct *task, const char *name, char **value) { @@ -649,7 +698,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, error = -EINVAL; if (label) - error = aa_getprocattr(label, value); + error = aa_getprocattr(label, value, true); aa_put_label(label); put_cred(cred); @@ -657,8 +706,7 @@ static int apparmor_getprocattr(struct task_struct *task, const char *name, return error; } -static int apparmor_setprocattr(const char *name, void *value, - size_t size) +static int do_setattr(u64 attr, void *value, size_t size) { char *command, *largs = NULL, *args = value; size_t arg_size; @@ -689,7 +737,7 @@ static int apparmor_setprocattr(const char *name, void *value, goto out; arg_size = size - (args - (largs ? largs : (char *) value)); - if (strcmp(name, "current") == 0) { + if (attr == LSM_ATTR_CURRENT) { if (strcmp(command, "changehat") == 0) { error = aa_setprocattr_changehat(args, arg_size, AA_CHANGE_NOFLAGS); @@ -704,7 +752,7 @@ static int apparmor_setprocattr(const char *name, void *value, error = aa_change_profile(args, AA_CHANGE_STACK); } else goto fail; - } else if (strcmp(name, "exec") == 0) { + } else if (attr == LSM_ATTR_EXEC) { if (strcmp(command, "exec") == 0) error = aa_change_profile(args, AA_CHANGE_ONEXEC); else if (strcmp(command, "stack") == 0) @@ -724,13 +772,42 @@ static int apparmor_setprocattr(const char *name, void *value, fail: aad(&sa)->label = begin_current_label_crit_section(); - aad(&sa)->info = name; + if (attr == LSM_ATTR_CURRENT) + aad(&sa)->info = "current"; + else if (attr == LSM_ATTR_EXEC) + aad(&sa)->info = "exec"; + else + aad(&sa)->info = "invalid"; aad(&sa)->error = error = -EINVAL; aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL); end_current_label_crit_section(aad(&sa)->label); goto out; } +static int apparmor_setselfattr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, u32 flags) +{ + int rc; + + if (attr != LSM_ATTR_CURRENT && attr != LSM_ATTR_EXEC) + return -EOPNOTSUPP; + + rc = do_setattr(attr, ctx->ctx, ctx->ctx_len); + if (rc > 0) + return 0; + return rc; +} + +static int apparmor_setprocattr(const char *name, void *value, + size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return do_setattr(attr, value, size); + return -EINVAL; +} + /** * apparmor_bprm_committing_creds - do task cleanup on committing new creds * @bprm: binprm for the exec (NOT NULL) @@ -1253,6 +1330,8 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = { LSM_HOOK_INIT(file_lock, apparmor_file_lock), LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), + LSM_HOOK_INIT(getselfattr, apparmor_getselfattr), + LSM_HOOK_INIT(setselfattr, apparmor_setselfattr), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c index 197d41f9c32b..e3857e3d7c6c 100644 --- a/security/apparmor/procattr.c +++ b/security/apparmor/procattr.c @@ -20,6 +20,7 @@ * aa_getprocattr - Return the label information for @label * @label: the label to print label info about (NOT NULL) * @string: Returns - string containing the label info (NOT NULL) + * @newline: indicates that a newline should be added * * Requires: label != NULL && string != NULL * @@ -27,7 +28,7 @@ * * Returns: size of string placed in @string else error code on failure */ -int aa_getprocattr(struct aa_label *label, char **string) +int aa_getprocattr(struct aa_label *label, char **string, bool newline) { struct aa_ns *ns = labels_ns(label); struct aa_ns *current_ns = aa_get_current_ns(); @@ -57,11 +58,12 @@ int aa_getprocattr(struct aa_label *label, char **string) return len; } - (*string)[len] = '\n'; - (*string)[len + 1] = 0; + if (newline) + (*string)[len++] = '\n'; + (*string)[len] = 0; aa_put_ns(current_ns); - return len + 1; + return len; } /** From patchwork Mon Aug 28 19:58:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368294 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C15AEC83F17 for ; Mon, 28 Aug 2023 20:03:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233603AbjH1UDc (ORCPT ); Mon, 28 Aug 2023 16:03:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47108 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233735AbjH1UDY (ORCPT ); Mon, 28 Aug 2023 16:03:24 -0400 Received: from sonic311-30.consmr.mail.ne1.yahoo.com (sonic311-30.consmr.mail.ne1.yahoo.com [66.163.188.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 119A618D for ; Mon, 28 Aug 2023 13:03:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252991; bh=up/aA7/QNfJGLVpclvQeY9aOOs+lf7Mo3aokP1R6FkY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=gSAy572FTfDr7GfVeQFgFjB1lx0IYFXlpkiuqTh6DIbLu/J0ThGu756noPQKMIXIetayfPnarUZ3lv5sxKtxRilj/GDKTawlhZXqs3gwi8pjOjhcl/iAO2EwrFI/yJluWeklDd7viwRUuZCPFvO32txXNhcqCnMjdF7JOE4e8FjYJqqHnjXr+rRDycV9heGWJ6tThuyoZCLrICPWJLi4dsb5xvT0I/CCLf1JXez1LfEw/Db9BJ6ySfApoM+xdWF/lRldrOHWpbHfLRgw8fZlHaq0v8MGb4WSDiljNqIwYoaMAtUt8VY1ZsOZbcKKU9lkI25JjX2iJhUlG6KRnhMevw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252991; bh=5Uys4xcrkWcUJ+jzrbRey5oSUeQJFk0DjjzonVrl11y=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=bCa+ynLRdw/15lKl/4Y+4xu8p6YeP+g82ZCiBfx6rf9DuLAWG1eSdra9BEUvWF0DFmh9MyNkU7F++4GEYA37jxA0THscwPg7U0RMkDTeDlDUWcNQq4WQZssHh9d9OTanqHX3+gy0q7WjBwNpcCTIOxxQXckOksQw5G/dQsR3OqnTcW5abcz2vASmiaLY6vBydYKfgezo5K0qaXbuKFq+ndLk5Gp/AaXLjGKXYUV4eAG0VX/XygKKMJ8nWBeE+HS6haepjjkNrn39pvMeZ2ypA8lO06v0/P4xxx4jWPSnAvU6ZFH4+V6EaHXBgyKa4H7+CjvazfEShKZLdWsdMR+fSQ== X-YMail-OSG: 9sJOiAQVM1m9INDAdDKTLB1ydO.5XYpJU5VTEKKPBzRRhD8A6SoFwkuDKT3F1lW vcyl1AVZJsy.hGmqdYIGYaDJFZROzZ6AaW6Lm_gij1JH1GoZHW5L2AcUeiQ0SGPepTJ6RB5QA.wz ahH6fExifbof6CHthZQEE6TyK.STDSS4vmRYIZCl6ZZ.U2GndDAeGCthYd__j_a8COzSG_TrcGaV xtGjxrhy8IG78wTddaK8ZM8f2e6qAHWF.X1aKaf..J7K8vEG1IivZsTIPkSXis4MvEK3Cloj9MOy 7lqNo17vfiDE3wPX83GIbtJVFbVx2L6HLwdOW50U.kFceCzM8Z.mVHNXEFp6kP89W0N_dEWKZx7W E2beuEdFA4ib7G0Mejx5hnlIzl3Sw0ejuVnay4KNg_9XZxR95Ui_JNxWaYEAc_v2Yu.ZsBnFkbm3 _JCfQXx.R2sDGT3.yU9i.59wuoz0D3c11muRfz9jho.ZBPaqcmasuVkE5u0.4pS.C.yzJ0RFyXJs yweqp7naptUE6uiyoHbo2xSHI6Fn7jx5313kA_5RFDUskPlygktY8RRueZ_LeGC5Or_Og34SzBpN FSAXlcZcCOBftvhmfK1E3pe2AwXT66Nod.dFVU4EZld.p5k52DAsAzVMMIU88OlhT6iTyjxQ5QJm XW0sitgorLwd5azuwSklbW7ouzZ.5zlHSS5AE63tbxbcL1H0JsuXfQ7.eHwwNEqjqPL4Qq7ToMkJ UOLf9EHSpfUo0LpurS64YYS_B.JLVImO7LlLLffxkUn.pQI79xpAkRj45B30O2B.pIHOHuFM0VGE s7H.U7DgTEsqwXx8jb1rLVIY_C9K2I7YCjb1faaGe4uMORHTjKeokk8T0Y6Obm3EgaqbKvHNF.xJ 0Kg8eTjsK0f2m09sltIzfddZLSiG5FS7Wb2Zyvjrd2BE13fz1UWcjqtsF3IKJehZLEmJgSCJU7fR Wc7nwC_tyrQhccMwHJMMpTeSuMAfhOBycEkWWPyB87volv.txGpGf.do3vAEJkkB.XX.T0P9s8pn SH0Hg8Q1gCCU5BZ_buTOuCucwUaG.hebvbi_SJ7nBHyZ4bitBd9qboyWU.qUC7Ey5hZfrmytAiP2 cqDqUEkWkCWpjGzEm9kVquE1D7EzT7bPN5HyOXlv7XsF4MmF3lud9Pxf0wQwke4aHYpj2Bu.X6mU WhCsETfhvQhaO2KMREoZfI6Ut4cFyCN9IjCnYHqCk1rbi0khPXgnsjH.e8xA_gFhFHFLMAkpXVnr CmDGeUOkgT0osalgHFlfnrMHurE8jJnv74eIdictMUlWt_oQ61z4fXnfdPsa5Pa71KxtIm519BI3 4Z6lzDicnSdpgJpO8ckiN4zd13YMMSs74CvxKjINmkN_k0xH4tPTW058spDS8Olx6XBd7kA5xCmP WBb6VpX3HObmxPFW5XQWUGBnX8Bgl.VBBaeK7nJ.l1iC9ZwvQeFmxuo7NwCSozEB2ElZlZLMT0XC K3bL51EUkPBn0DHjua.hyahuTb6mMW_EH2y6JRv4jeD.kGW7XxcZ1yaj56835HAG6MEd4pFdn_47 YGBhTSOHIg8PsRw1DK_nsIorhNVsRPkSIppFsH6amBAMSqDWaGX.hsCiFj0k22Hwe.CKEcHmzW0E 9YvG96y3uakZCla4ZQDmoRNvFWQLEtWLqTS9.gCpuGdm9wFgggYuBaQAxO.RrnUN7XMDequnmddq 4OOWWP.mqSplI63eGO7ThGUMqTRe89VeR3KuHxqHtkeG9R7qjMJLeSvTdHEhOwNozm395Pz91VbI N2ZxQYqZS7uYHM_Yz0FtOyKl1nzfH0aSvuHcjptbYfPBkwt_LZW5DNeK2ICv64AQpAbvCvEaWOBs VBtyuoJMHDA4Fk7v55rJvUmPObpOclQ5W__zONSyQ3CdssQVdClXXvk05gnjpvwNQ0q4Gm30ztfR TmkN9.SbDjozTQNWpBNnhVQEHq.2zw2gkDa4GiVujtfO1Uo8fP0.uTW5faccVDC6.Zvur0nBEfxh mWxsD6lWDrWxr1wz.CO17tCasPz1lS6hZIO9.swQK.H1j90Hfp2sSq272wOizRGpqLXy6IijAHBS IyaSI9fZG4bbWhlIghNrnVqGVv5E6Mfz.L_PNJjGaFcxEROxIZe6aNP1lLftMo5qftNhfKN_bAyH kCi8XGXxAHp1tXbmhOD1cYne3Z3HEAHkWo0N_CWbfhTaBTy7N3z6EyUO6rtCdQTvT.n3NhflmiJj 7oNQdJOpDDAG5wRbqy5XmOjqrC1LmJ8TR_FkSAGFsI4EmW7kHctMt5fB4ZmGvCPhwjOVnHqRQubW 7LMXm40DG.8.H4R.H.8Z2BE4lnuqD X-Sonic-MF: X-Sonic-ID: f9a0cff6-2dda-4811-a3f3-093bc8258692 Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 20:03:11 +0000 Received: by hermes--production-gq1-6b7c87dcf5-6x8bf (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 29138cd0d16732a579d2f4720912c9a5; Mon, 28 Aug 2023 20:03:05 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, selinux@vger.kernel.org Subject: [PATCH v14 10/11] SELinux: Add selfattr hooks Date: Mon, 28 Aug 2023 12:58:00 -0700 Message-ID: <20230828195802.135055-11-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add hooks for setselfattr and getselfattr. These hooks are not very different from their setprocattr and getprocattr equivalents, and much of the code is shared. Signed-off-by: Casey Schaufler Cc: selinux@vger.kernel.org Cc: Paul Moore --- security/selinux/hooks.c | 134 +++++++++++++++++++++++++++++++-------- 1 file changed, 107 insertions(+), 27 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 931348c79cde..97de4e7c46bf 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6265,8 +6265,8 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) inode_doinit_with_dentry(inode, dentry); } -static int selinux_getprocattr(struct task_struct *p, - const char *name, char **value) +static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, + char **value) { const struct task_security_struct *__tsec; u32 sid; @@ -6283,20 +6283,27 @@ static int selinux_getprocattr(struct task_struct *p, goto bad; } - if (!strcmp(name, "current")) + switch (attr) { + case LSM_ATTR_CURRENT: sid = __tsec->sid; - else if (!strcmp(name, "prev")) + break; + case LSM_ATTR_PREV: sid = __tsec->osid; - else if (!strcmp(name, "exec")) + break; + case LSM_ATTR_EXEC: sid = __tsec->exec_sid; - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: sid = __tsec->create_sid; - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: sid = __tsec->keycreate_sid; - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: sid = __tsec->sockcreate_sid; - else { - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; goto bad; } rcu_read_unlock(); @@ -6314,7 +6321,7 @@ static int selinux_getprocattr(struct task_struct *p, return error; } -static int selinux_setprocattr(const char *name, void *value, size_t size) +static int selinux_lsm_setattr(u64 attr, void *value, size_t size) { struct task_security_struct *tsec; struct cred *new; @@ -6325,23 +6332,31 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) /* * Basic control over ability to set these attributes at all. */ - if (!strcmp(name, "exec")) + switch (attr) { + case LSM_ATTR_EXEC: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETEXEC, NULL); - else if (!strcmp(name, "fscreate")) + break; + case LSM_ATTR_FSCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETFSCREATE, NULL); - else if (!strcmp(name, "keycreate")) + break; + case LSM_ATTR_KEYCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETKEYCREATE, NULL); - else if (!strcmp(name, "sockcreate")) + break; + case LSM_ATTR_SOCKCREATE: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, NULL); - else if (!strcmp(name, "current")) + break; + case LSM_ATTR_CURRENT: error = avc_has_perm(mysid, mysid, SECCLASS_PROCESS, PROCESS__SETCURRENT, NULL); - else - error = -EINVAL; + break; + default: + error = -EOPNOTSUPP; + break; + } if (error) return error; @@ -6353,13 +6368,14 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) } error = security_context_to_sid(value, size, &sid, GFP_KERNEL); - if (error == -EINVAL && !strcmp(name, "fscreate")) { + if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { if (!has_cap_mac_admin(true)) { struct audit_buffer *ab; size_t audit_size; - /* We strip a nul only if it is at the end, otherwise the - * context contains a nul and we should audit that */ + /* We strip a nul only if it is at the end, + * otherwise the context contains a nul and + * we should audit that */ if (str[size - 1] == '\0') audit_size = size - 1; else @@ -6370,7 +6386,8 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) if (!ab) return error; audit_log_format(ab, "op=fscreate invalid_context="); - audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_n_untrustedstring(ab, value, + audit_size); audit_log_end(ab); return error; @@ -6393,11 +6410,11 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) checks and may_create for the file creation checks. The operation will then fail if the context is not permitted. */ tsec = selinux_cred(new); - if (!strcmp(name, "exec")) { + if (attr == LSM_ATTR_EXEC) { tsec->exec_sid = sid; - } else if (!strcmp(name, "fscreate")) { + } else if (attr == LSM_ATTR_FSCREATE) { tsec->create_sid = sid; - } else if (!strcmp(name, "keycreate")) { + } else if (attr == LSM_ATTR_KEYCREATE) { if (sid) { error = avc_has_perm(mysid, sid, SECCLASS_KEY, KEY__CREATE, NULL); @@ -6405,9 +6422,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) goto abort_change; } tsec->keycreate_sid = sid; - } else if (!strcmp(name, "sockcreate")) { + } else if (attr == LSM_ATTR_SOCKCREATE) { tsec->sockcreate_sid = sid; - } else if (!strcmp(name, "current")) { + } else if (attr == LSM_ATTR_CURRENT) { error = -EINVAL; if (sid == 0) goto abort_change; @@ -6449,6 +6466,67 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) return error; } +static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx, + size_t *size, u32 flags) +{ + char *value; + size_t total_len; + int len; + int rc = 0; + + len = selinux_lsm_getattr(attr, current, &value); + if (len < 0) + return len; + + total_len = ALIGN(struct_size(ctx, ctx, len), 8); + + if (total_len > *size) + rc = -E2BIG; + else if (ctx) + rc = lsm_fill_user_ctx(ctx, value, len, LSM_ID_SELINUX, 0); + + kfree(value); + *size = total_len; + if (rc < 0) + return rc; + return 1; +} + +static int selinux_setselfattr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, u32 flags) +{ + int rc; + + rc = selinux_lsm_setattr(attr, ctx->ctx, ctx->ctx_len); + if (rc > 0) + return 0; + return rc; +} + +static int selinux_getprocattr(struct task_struct *p, + const char *name, char **value) +{ + unsigned int attr = lsm_name_to_attr(name); + int rc; + + if (attr) { + rc = selinux_lsm_getattr(attr, p, value); + if (rc != -EOPNOTSUPP) + return rc; + } + + return -EINVAL; +} + +static int selinux_setprocattr(const char *name, void *value, size_t size) +{ + int attr = lsm_name_to_attr(name); + + if (attr) + return selinux_lsm_setattr(attr, value, size); + return -EINVAL; +} + static int selinux_ismaclabel(const char *name) { return (strcmp(name, XATTR_SELINUX_SUFFIX) == 0); @@ -7080,6 +7158,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), + LSM_HOOK_INIT(getselfattr, selinux_getselfattr), + LSM_HOOK_INIT(setselfattr, selinux_setselfattr), LSM_HOOK_INIT(getprocattr, selinux_getprocattr), LSM_HOOK_INIT(setprocattr, selinux_setprocattr), From patchwork Mon Aug 28 19:58:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 13368292 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 973F9C83F15 for ; Mon, 28 Aug 2023 20:03:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231626AbjH1UDa (ORCPT ); Mon, 28 Aug 2023 16:03:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47176 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233741AbjH1UD0 (ORCPT ); Mon, 28 Aug 2023 16:03:26 -0400 Received: from sonic317-38.consmr.mail.ne1.yahoo.com (sonic317-38.consmr.mail.ne1.yahoo.com [66.163.184.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61CCB1B1 for ; Mon, 28 Aug 2023 13:03:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252992; bh=NMqYtLgXItMJ8wXuC/GuaE3Kf9k8LrGktkI9+3eBY5Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=IRmwwv1l3e94nvrTmONpvkU7Pnya2GpBqWNuk82HKw5+xaEfbY/RLQSUtzLIM6cwfgmUfo4TZG+zoVof84jryJ57S6hUnP1GNr0BRoGju5H6t9TpXXbkp+7uaaF5n6FyEjbospGLwivRLOwIOpfahhDD/xln3ikLtTxE0WdwTVgumzBzrdYpa1t6lvwOPLLlgCsaDvvRqNN9o2fKG86e5ypVGOrRg/Mrbxj4kTIRFNYlAWLn+CstQz2sJAxJDT9Qj5dgAI27Iv8HduVlnSRcrb7XiKYZTJYKwj0apq+7MTwKLgp67zfsIKStRugd0iNr2sqVA+3sEac0uU2Dpgg5fw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1693252992; bh=y4FtJx9Wsy9oC/F9PZZM7HSeHUWYSBtq8xGVNbr07Rw=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=sV3M2JKJiOk66PoDNhpvdbFqBZtK0V5T+sd/Zb7d/kwdn+N65EjDPMjDae7xXCbjtRoBkfguoItgj3ZRJfxmVrZzo0bYpXSr7+TilcxemCBzPDuCjdz1BRM0ZHVOivzElc+lkrugiVpUj7bZap2SevdoYoYw1DzchsSYrxovfUjV3ULdr43oAhu65Z1eVwyvXrjYkwk4yww3u8uK7Q7IC/KOM/Ggb6VJz/7mNXjiTvp1c3IHzBCx96WRJxOPFW2bvGDHzzh5UIvwTWiSFr+QPPNd7q5hGJx+cocbsiY4dLqxk2FP+oumSvgi26BxDQJ3M2EqjJ0hwmH+FiB9icYgug== X-YMail-OSG: j2VPz2UVM1mHolda.UYIjEUXe2QeQTY9HD7U5FTHbgavptQFysV1MQfE2k7NjjD dqMtlYbCN4Ggy0eQQyw31xBaLVNPRTdO_Dhw00gQvVrsll.50THdGAixnQ1sUiKwS2Tj_gAlF7VN n_aZAx3MZoujUzx1Mp_twptuobXZECnl0CKi93fMIzWIeUpfnoFi2jvNRx26GgNJt7RXmFu0t5Pt 6zimeg76iNunWKZs61SNVouLL.LRNtLwMJYHiJE8Ke4m0uJiuuNKL_uNdvdzPFAM3qxYXKqxXRVA 1oqRvsuuTsOcCeWsAudJPYYivWCObfdhKmefNQb5eet8GvDtFtzYe8ZSJ3K0bhlFpq4U3PVY0y97 8tR33i39FW28aNUrcWbAe89aOQCpI1FqIpcoci6k9qjKynjme.e8xPFqf9zJM6Ldpnqwrx9oOsTJ PXEPZLtnrtT.OHMyML23kw4lbMr9vo6PKWsLyQWVmLv6dLUE_iiq__LRAt_PEnS_2wGJ1By6Bvw6 PNonxriGJmAOP5FZ8f6aqKgxIpzM1eETYchRXgCGE9yoIdtuLEETSDS5hYiGZq4IGcGvRSuJFF8y v5vAW5hNBZ.vC2wauUdf.JWLslAGsnCWlTvpMrvcKYdP6Zc1.wgN9NOfKz_ji2RJko5mwVUJc895 sP24js6QBNGlmwXcwoRS3Lnj_R9p6F1w2sRhV0uLSiBHEuylvwJAd1as_dg9Pb1gOYdCeGbKWZ1S zosfbe3h9pYiYYEb4KVJNweDafUoMbSHhrYq9QJYqtE2aqYV3By8BPxqd9GzbovRg69LDg6bdwQb Z3dWgNE3HtdTzK82wPqTXZqae3guCY79OcZeWtQ3UxCSG8.z8QMpM4bFwQ5r.rpR0534O.3t1Y_4 TuMbF1BEQS67tWXzp5LSIw0ScNoqvEJo8hoDEsXCv.PQLhEbLyM8LgAWxpQuU.JYFuiVE2tL9v4Z 9zkuji0Vcc6dX6tDKKRrCIlOBcvI52OytMErTUHC_C16cPNrhWf5uPYYlt4_Vwl2UsC6UIHK_UIZ 7NwzcB5bT9vKvjUNpLDWWtbFT8DqmScV1.H7ApjBWVPrmlsH0lbrtXLTZx6wsBNijy5u5VcKuigC VGmd0PfP3cBqp3hyeP5S7N2E55y7tKij6JSIKfoec.qcQdAh2cP4ZzMRn8J72Tj72Gh_.9r8GYkX ZY3lil2_yGNZwXWHG.dD4VOEU83__x2k.1PYV5qDZT8ElXtkuB.d9JcAIxtsBjXK2oBVbnh.VnV. stvoTP2nRyAsqIDs8sQuKRmA2.mGp80f.LinhwB.CLcFhWunx6b1i0ZXOmS9cFtySAWQprfm7fxm IZEY3zTt9JO8_.dGMEWRO9Ii7iiDL0F46BJY6_9QoJAfItBMQlVlRrDL1dsn0pELKNlKCichrlNl JATrxIJ8CMZvk8zokwdMaa1PuXe4QhtHQ4WOkP29r83iskd_RQ.LljBLjTDDOdY7DrlKpmjTfG2c gtQlY7eJ3s1mmB3bJ82HikEmtrABZSyEpsVlT3C22b2AiDmXGmsCyhWtKzjxOPjSibLbeN7rrePL .yQJHPRYvKAAPXHc61KunHus2HO1jrMiUNMh2txdEsyByp__Hjc_.LkgpQHJRbRpNEB0zIcO3LLR MCks2pJvhYxsjYlEMOR21WSCzDrUHSiapRaOiNalSEck5DwmvyZ6QKcHzdkD05AISONN6fq_yOKR id1PH_SE4AxoGumB3XwNuyhm7zARLFZrL7escPfKqFL7USJ05wL176mWSbGFQlF7KIiOpoq3DBHK UACI.x8XIQ7ImONC4NzYf2JQiJdeapM1Eb98nLKDelRhiOKOxVtUmRl4mj2W9atoIgl58v4BVRfh NjT16TlCyaIZHb5d_gK3wlABgYw7dShj8URfI6P74SMQfNWs6AoCUUeopMrphR7DWfX1QDh0AhpW zRKQhUxAsR5P_mGcuw_en_2T1O06rUZSSGpRGGzV5orJsuOUM0yUvN9cYiSso.Ny6SxYRHCd_hRx 5UP3nI7h0JCOy2nXnrvLmN6GU1RJ6bN_yrQaw_8lUPv3q5g.4mr8qqYAz1UtYQuCFUxeNOqqvyS. xWfXujfn17sCfE3EtT.lAcwR4KJ7ItD.W6YQbU9Ar13gysGElL5eZtIQeRDeQ9Cnis8vU3bDCNhv pCtGcT.4gAolabOLLLjbYnKR_rzvq3O6jffhN6TyNKeiAcPWyW68UzOP6O.ymoHaxWfWMHN379BY WrdivPHM95njIB.HtxiHQterdambwCRYrDOCG7DUdgS5QmeiMUZ9gTInu0A1rRo4p_nqA19A_UGL xfH1SPNksXC8Rxe6zT4btc10pSc8- X-Sonic-MF: X-Sonic-ID: f8954986-0e28-4003-8d3b-fcd647ed39ee Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Mon, 28 Aug 2023 20:03:12 +0000 Received: by hermes--production-gq1-6b7c87dcf5-6x8bf (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 29138cd0d16732a579d2f4720912c9a5; Mon, 28 Aug 2023 20:03:07 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v14 11/11] LSM: selftests for Linux Security Module syscalls Date: Mon, 28 Aug 2023 12:58:01 -0700 Message-ID: <20230828195802.135055-12-casey@schaufler-ca.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230828195802.135055-1-casey@schaufler-ca.com> References: <20230828195802.135055-1-casey@schaufler-ca.com> MIME-Version: 1.0 Precedence: bulk List-ID: Add selftests for the three system calls supporting the LSM infrastructure. This set of tests is limited by the differences in access policy enforced by the existing security modules. Signed-off-by: Casey Schaufler --- MAINTAINERS | 1 + security/security.c | 2 +- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/.gitignore | 1 + tools/testing/selftests/lsm/Makefile | 17 ++ tools/testing/selftests/lsm/common.c | 89 ++++++ tools/testing/selftests/lsm/common.h | 33 +++ tools/testing/selftests/lsm/config | 3 + .../selftests/lsm/lsm_get_self_attr_test.c | 275 ++++++++++++++++++ .../selftests/lsm/lsm_list_modules_test.c | 140 +++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 74 +++++ 11 files changed, 635 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/lsm/.gitignore create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/common.c create mode 100644 tools/testing/selftests/lsm/common.h create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_list_modules_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c diff --git a/MAINTAINERS b/MAINTAINERS index f7fa85ba9a56..11ea4810207e 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19156,6 +19156,7 @@ W: http://kernsec.org/ T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git F: include/uapi/linux/lsm.h F: security/ +F: tools/testing/selftests/lsm/ X: security/selinux/ SELINUX SECURITY MODULE diff --git a/security/security.c b/security/security.c index 1cd3123a18f8..d17cf0cae8e4 100644 --- a/security/security.c +++ b/security/security.c @@ -3880,7 +3880,7 @@ int security_getselfattr(unsigned int attr, struct lsm_ctx __user *uctx, /* * Only flag supported is LSM_FLAG_SINGLE */ - if (flags & LSM_FLAG_SINGLE) + if (flags != LSM_FLAG_SINGLE) return -EINVAL; if (uctx && copy_struct_from_user(&lctx, sizeof(lctx), uctx, left)) diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 666b56f22a41..bde7c217b23f 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -39,6 +39,7 @@ TARGETS += landlock TARGETS += lib TARGETS += livepatch TARGETS += lkdtm +TARGETS += lsm TARGETS += membarrier TARGETS += memfd TARGETS += memory-hotplug diff --git a/tools/testing/selftests/lsm/.gitignore b/tools/testing/selftests/lsm/.gitignore new file mode 100644 index 000000000000..bd68f6c3fd07 --- /dev/null +++ b/tools/testing/selftests/lsm/.gitignore @@ -0,0 +1 @@ +/*_test diff --git a/tools/testing/selftests/lsm/Makefile b/tools/testing/selftests/lsm/Makefile new file mode 100644 index 000000000000..3f80c0bc093d --- /dev/null +++ b/tools/testing/selftests/lsm/Makefile @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# First run: make -C ../../../.. headers_install + +CFLAGS += -Wall -O2 $(KHDR_INCLUDES) +LOCAL_HDRS += common.h + +TEST_GEN_PROGS := lsm_get_self_attr_test lsm_list_modules_test \ + lsm_set_self_attr_test + +include ../lib.mk + +$(OUTPUT)/lsm_get_self_attr_test: lsm_get_self_attr_test.c common.c +$(OUTPUT)/lsm_set_self_attr_test: lsm_set_self_attr_test.c common.c +$(OUTPUT)/lsm_list_modules_test: lsm_list_modules_test.c common.c + +EXTRA_CLEAN = $(OUTPUT)/common.o diff --git a/tools/testing/selftests/lsm/common.c b/tools/testing/selftests/lsm/common.c new file mode 100644 index 000000000000..9ad258912646 --- /dev/null +++ b/tools/testing/selftests/lsm/common.c @@ -0,0 +1,89 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * + * Copyright © 2023 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include "common.h" + +#define PROCATTR "/proc/self/attr/" + +int read_proc_attr(const char *attr, char *value, size_t size) +{ + int fd; + int len; + char *path; + + len = strlen(PROCATTR) + strlen(attr) + 1; + path = calloc(len, 1); + if (path == NULL) + return -1; + sprintf(path, "%s%s", PROCATTR, attr); + + fd = open(path, O_RDONLY); + free(path); + + if (fd < 0) + return -1; + len = read(fd, value, size); + + close(fd); + + /* Ensure value is terminated */ + if (len <= 0 || len == size) + return -1; + value[len] = '\0'; + + path = strchr(value, '\n'); + if (path) + *path = '\0'; + + return 0; +} + +int read_sysfs_lsms(char *lsms, size_t size) +{ + FILE *fp; + size_t red; + + fp = fopen("/sys/kernel/security/lsm", "r"); + if (fp == NULL) + return -1; + red = fread(lsms, 1, size, fp); + fclose(fp); + + if (red <= 0 || red == size) + return -1; + lsms[red] = '\0'; + return 0; +} + +int attr_lsm_count(void) +{ + char *names = calloc(sysconf(_SC_PAGESIZE), 1); + int count = 0; + + if (!names) + return 0; + + if (read_sysfs_lsms(names, sysconf(_SC_PAGESIZE))) + return 0; + + if (strstr(names, "selinux")) + count++; + if (strstr(names, "smack")) + count++; + if (strstr(names, "apparmor")) + count++; + + return count; +} diff --git a/tools/testing/selftests/lsm/common.h b/tools/testing/selftests/lsm/common.h new file mode 100644 index 000000000000..d404329e5eeb --- /dev/null +++ b/tools/testing/selftests/lsm/common.h @@ -0,0 +1,33 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Linux Security Module infrastructure tests + * + * Copyright © 2023 Casey Schaufler + */ + +#ifndef lsm_get_self_attr +static inline int lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t *size, __u32 flags) +{ + return syscall(__NR_lsm_get_self_attr, attr, ctx, size, flags); +} +#endif + +#ifndef lsm_set_self_attr +static inline int lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx, + size_t size, __u32 flags) +{ + return syscall(__NR_lsm_set_self_attr, attr, ctx, size, flags); +} +#endif + +#ifndef lsm_list_modules +static inline int lsm_list_modules(__u64 *ids, size_t *size, __u32 flags) +{ + return syscall(__NR_lsm_list_modules, ids, size, flags); +} +#endif + +extern int read_proc_attr(const char *attr, char *value, size_t size); +extern int read_sysfs_lsms(char *lsms, size_t size); +int attr_lsm_count(void); diff --git a/tools/testing/selftests/lsm/config b/tools/testing/selftests/lsm/config new file mode 100644 index 000000000000..1c0c4c020f9c --- /dev/null +++ b/tools/testing/selftests/lsm/config @@ -0,0 +1,3 @@ +CONFIG_SYSFS=y +CONFIG_SECURITY=y +CONFIG_SECURITYFS=y diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c new file mode 100644 index 000000000000..e0e313d9047a --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c @@ -0,0 +1,275 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_get_self_attr system call + * + * Copyright © 2022 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "common.h" + +static struct lsm_ctx *next_ctx(struct lsm_ctx *ctxp) +{ + void *vp; + + vp = (void *)ctxp + sizeof(*ctxp) + ctxp->ctx_len; + return (struct lsm_ctx *)vp; +} + +TEST(size_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, NULL, 0)); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(ctx_null_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + int rc; + + rc = lsm_get_self_attr(LSM_ATTR_CURRENT, NULL, &size, 0); + + if (attr_lsm_count()) { + ASSERT_NE(-1, rc); + ASSERT_NE(1, size); + } else { + ASSERT_EQ(-1, rc); + } +} + +TEST(size_too_small_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = 1; + + ASSERT_NE(NULL, ctx); + errno = 0; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, 0)); + if (attr_lsm_count()) { + ASSERT_EQ(E2BIG, errno); + } else { + ASSERT_EQ(EOPNOTSUPP, errno); + } + ASSERT_NE(1, size); + + free(ctx); +} + +TEST(flags_zero_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + __u64 *syscall_lsms = calloc(page_size, 1); + size_t size; + int lsmcount; + int i; + + ASSERT_NE(NULL, ctx); + errno = 0; + size = page_size; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, + LSM_FLAG_SINGLE)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + ASSERT_NE(NULL, syscall_lsms); + + for (i = 0; i < lsmcount; i++) { + errno = 0; + size = page_size; + ctx->id = syscall_lsms[i]; + + if (syscall_lsms[i] == LSM_ID_SELINUX || + syscall_lsms[i] == LSM_ID_SMACK || + syscall_lsms[i] == LSM_ID_APPARMOR) { + ASSERT_EQ(1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, + &size, LSM_FLAG_SINGLE)); + } else { + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, + &size, + LSM_FLAG_SINGLE)); + } + } + + free(ctx); +} + +TEST(flags_overset_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size; + + ASSERT_NE(NULL, ctx); + + errno = 0; + size = page_size; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT | LSM_ATTR_PREV, ctx, + &size, 0)); + ASSERT_EQ(EOPNOTSUPP, errno); + + errno = 0; + size = page_size; + ASSERT_EQ(-1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, + LSM_FLAG_SINGLE | + (LSM_FLAG_SINGLE << 1))); + ASSERT_EQ(EINVAL, errno); + + free(ctx); +} + +TEST(basic_lsm_get_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + struct lsm_ctx *ctx = calloc(page_size, 1); + struct lsm_ctx *tctx = NULL; + __u64 *syscall_lsms = calloc(page_size, 1); + char *attr = calloc(page_size, 1); + int cnt_current = 0; + int cnt_exec = 0; + int cnt_fscreate = 0; + int cnt_keycreate = 0; + int cnt_prev = 0; + int cnt_sockcreate = 0; + int lsmcount; + int count; + int i; + + ASSERT_NE(NULL, ctx); + ASSERT_NE(NULL, syscall_lsms); + + lsmcount = syscall(__NR_lsm_list_modules, syscall_lsms, &size, 0); + ASSERT_LE(1, lsmcount); + + for (i = 0; i < lsmcount; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_SELINUX: + cnt_current++; + cnt_exec++; + cnt_fscreate++; + cnt_keycreate++; + cnt_prev++; + cnt_sockcreate++; + break; + case LSM_ID_SMACK: + cnt_current++; + break; + case LSM_ID_APPARMOR: + cnt_current++; + cnt_exec++; + cnt_prev++; + break; + default: + break; + } + } + + if (cnt_current) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, 0); + ASSERT_EQ(cnt_current, count); + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("current", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_exec) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_EXEC, ctx, &size, 0); + ASSERT_GE(cnt_exec, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("exec", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_fscreate) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_FSCREATE, ctx, &size, 0); + ASSERT_GE(cnt_fscreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("fscreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_keycreate) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_KEYCREATE, ctx, &size, 0); + ASSERT_GE(cnt_keycreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("keycreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + if (cnt_prev) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_PREV, ctx, &size, 0); + ASSERT_GE(cnt_prev, count); + if (count > 0) { + tctx = ctx; + ASSERT_EQ(0, read_proc_attr("prev", attr, page_size)); + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + } + if (cnt_sockcreate) { + size = page_size; + count = lsm_get_self_attr(LSM_ATTR_SOCKCREATE, ctx, &size, 0); + ASSERT_GE(cnt_sockcreate, count); + if (count > 0) { + tctx = ctx; + if (read_proc_attr("sockcreate", attr, page_size) == 0) + ASSERT_EQ(0, strcmp((char *)tctx->ctx, attr)); + } + for (i = 1; i < count; i++) { + tctx = next_ctx(tctx); + ASSERT_NE(0, strcmp((char *)tctx->ctx, attr)); + } + } + + free(ctx); + free(attr); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c new file mode 100644 index 000000000000..445c02f09c74 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c @@ -0,0 +1,140 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_list_modules system call + * + * Copyright © 2022 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "common.h" + +TEST(size_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __u64 *syscall_lsms = calloc(page_size, 1); + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, NULL, 0)); + ASSERT_EQ(EFAULT, errno); + + free(syscall_lsms); +} + +TEST(ids_null_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(NULL, &size, 0)); + ASSERT_EQ(EFAULT, errno); + ASSERT_NE(1, size); +} + +TEST(size_too_small_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __u64 *syscall_lsms = calloc(page_size, 1); + size_t size = 1; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, &size, 0)); + ASSERT_EQ(E2BIG, errno); + ASSERT_NE(1, size); + + free(syscall_lsms); +} + +TEST(flags_set_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + __u64 *syscall_lsms = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, syscall_lsms); + errno = 0; + ASSERT_EQ(-1, lsm_list_modules(syscall_lsms, &size, 7)); + ASSERT_EQ(EINVAL, errno); + ASSERT_EQ(page_size, size); + + free(syscall_lsms); +} + +TEST(correct_lsm_list_modules) +{ + const long page_size = sysconf(_SC_PAGESIZE); + size_t size = page_size; + __u64 *syscall_lsms = calloc(page_size, 1); + char *sysfs_lsms = calloc(page_size, 1); + char *name; + char *cp; + int count; + int i; + + ASSERT_NE(NULL, sysfs_lsms); + ASSERT_NE(NULL, syscall_lsms); + ASSERT_EQ(0, read_sysfs_lsms(sysfs_lsms, page_size)); + + count = lsm_list_modules(syscall_lsms, &size, 0); + ASSERT_LE(1, count); + cp = sysfs_lsms; + for (i = 0; i < count; i++) { + switch (syscall_lsms[i]) { + case LSM_ID_CAPABILITY: + name = "capability"; + break; + case LSM_ID_SELINUX: + name = "selinux"; + break; + case LSM_ID_SMACK: + name = "smack"; + break; + case LSM_ID_TOMOYO: + name = "tomoyo"; + break; + case LSM_ID_IMA: + name = "ima"; + break; + case LSM_ID_APPARMOR: + name = "apparmor"; + break; + case LSM_ID_YAMA: + name = "yama"; + break; + case LSM_ID_LOADPIN: + name = "loadpin"; + break; + case LSM_ID_SAFESETID: + name = "safesetid"; + break; + case LSM_ID_LOCKDOWN: + name = "lockdown"; + break; + case LSM_ID_BPF: + name = "bpf"; + break; + case LSM_ID_LANDLOCK: + name = "landlock"; + break; + default: + name = "INVALID"; + break; + } + ASSERT_EQ(0, strncmp(cp, name, strlen(name))); + cp += strlen(name) + 1; + } + + free(sysfs_lsms); + free(syscall_lsms); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c new file mode 100644 index 000000000000..e9712c6cf596 --- /dev/null +++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c @@ -0,0 +1,74 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Linux Security Module infrastructure tests + * Tests for the lsm_set_self_attr system call + * + * Copyright © 2022 Casey Schaufler + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include "../kselftest_harness.h" +#include "common.h" + +TEST(ctx_null_lsm_set_self_attr) +{ + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT, NULL, + sizeof(struct lsm_ctx), 0)); +} + +TEST(size_too_small_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, ctx); + if (attr_lsm_count()) { + ASSERT_LE(1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, + 0)); + } + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT, ctx, 1, 0)); + + free(ctx); +} + +TEST(flags_zero_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + struct lsm_ctx *ctx = calloc(page_size, 1); + size_t size = page_size; + + ASSERT_NE(NULL, ctx); + if (attr_lsm_count()) { + ASSERT_LE(1, lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, + 0)); + } + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT, ctx, size, 1)); + + free(ctx); +} + +TEST(flags_overset_lsm_set_self_attr) +{ + const long page_size = sysconf(_SC_PAGESIZE); + char *ctx = calloc(page_size, 1); + size_t size = page_size; + struct lsm_ctx *tctx = (struct lsm_ctx *)ctx; + + ASSERT_NE(NULL, ctx); + if (attr_lsm_count()) { + ASSERT_LE(1, lsm_get_self_attr(LSM_ATTR_CURRENT, tctx, &size, + 0)); + } + ASSERT_EQ(-1, lsm_set_self_attr(LSM_ATTR_CURRENT | LSM_ATTR_PREV, tctx, + size, 0)); + + free(ctx); +} + +TEST_HARNESS_MAIN