From: "Mickaël Salaün" <mic@digikod.net>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: paul@paul-moore.com, linux-security-module@vger.kernel.org,
jmorris@namei.org, serge@hallyn.com, keescook@chromium.org,
john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp,
stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org
Subject: Re: [PATCH v15 07/11] LSM: Helpers for attribute names and filling lsm_ctx
Date: Tue, 3 Oct 2023 16:28:01 +0200 [thread overview]
Message-ID: <20231003.Ic1FohLoc8Ph@digikod.net> (raw)
In-Reply-To: <20230912205658.3432-8-casey@schaufler-ca.com>
On Tue, Sep 12, 2023 at 01:56:52PM -0700, Casey Schaufler wrote:
> Add lsm_name_to_attr(), which translates a text string to a
> LSM_ATTR value if one is available.
>
> Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including
> the trailing attribute value.
>
> Both are used in module specific components of LSM system calls.
>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
> Reviewed-by: John Johansen <john.johansen@canonical.com>
> Reviewed-by: Serge Hallyn <serge@hallyn.com>
Reviewed-by: Mickaël Salaün <mic@digikod.net>
> ---
> include/linux/security.h | 14 ++++++++++++++
> security/lsm_syscalls.c | 24 +++++++++++++++++++++++
> security/security.c | 41 ++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 79 insertions(+)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 8831d7cf0a6b..e567f910a1c2 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -32,6 +32,7 @@
> #include <linux/string.h>
> #include <linux/mm.h>
> #include <linux/sockptr.h>
> +#include <uapi/linux/lsm.h>
>
> struct linux_binprm;
> struct cred;
> @@ -264,6 +265,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb);
> /* prototypes */
> extern int security_init(void);
> extern int early_security_init(void);
> +extern u64 lsm_name_to_attr(const char *name);
>
> /* Security operations */
> int security_binder_set_context_mgr(const struct cred *mgr);
> @@ -490,6 +492,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen);
> int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen);
> int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen);
> int security_locked_down(enum lockdown_reason what);
> +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context,
> + size_t context_size, u64 id, u64 flags);
> #else /* CONFIG_SECURITY */
>
> static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data)
> @@ -507,6 +511,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb)
> return 0;
> }
>
> +static inline u64 lsm_name_to_attr(const char *name)
> +{
> + return LSM_ATTR_UNDEF;
> +}
> +
> static inline void security_free_mnt_opts(void **mnt_opts)
> {
> }
> @@ -1415,6 +1424,11 @@ static inline int security_locked_down(enum lockdown_reason what)
> {
> return 0;
> }
> +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context,
> + size_t context_size, u64 id, u64 flags)
> +{
> + return -EOPNOTSUPP;
> +}
> #endif /* CONFIG_SECURITY */
>
> #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE)
> diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
> index 329aaca5efc0..5d391b1f7e69 100644
> --- a/security/lsm_syscalls.c
> +++ b/security/lsm_syscalls.c
> @@ -17,6 +17,30 @@
> #include <linux/lsm_hooks.h>
> #include <uapi/linux/lsm.h>
>
> +/**
> + * lsm_name_to_attr - map an LSM attribute name to its ID
> + * @name: name of the attribute
> + *
> + * Returns the LSM attribute value associated with @name, or 0 if
> + * there is no mapping.
> + */
> +u64 lsm_name_to_attr(const char *name)
> +{
> + if (!strcmp(name, "current"))
> + return LSM_ATTR_CURRENT;
> + if (!strcmp(name, "exec"))
> + return LSM_ATTR_EXEC;
> + if (!strcmp(name, "fscreate"))
> + return LSM_ATTR_FSCREATE;
> + if (!strcmp(name, "keycreate"))
> + return LSM_ATTR_KEYCREATE;
> + if (!strcmp(name, "prev"))
> + return LSM_ATTR_PREV;
> + if (!strcmp(name, "sockcreate"))
> + return LSM_ATTR_SOCKCREATE;
> + return LSM_ATTR_UNDEF;
> +}
> +
> /**
> * sys_lsm_set_self_attr - Set current task's security module attribute
> * @attr: which attribute to set
> diff --git a/security/security.c b/security/security.c
> index 0d179750d964..9136a4c3b0bc 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -771,6 +771,47 @@ static int lsm_superblock_alloc(struct super_block *sb)
> return 0;
> }
>
> +/**
> + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure
> + * @ctx: an LSM context to be filled
> + * @context: the new context value
> + * @context_size: the size of the new context value
> + * @id: LSM id
> + * @flags: LSM defined flags
> + *
> + * Fill all of the fields in a user space lsm_ctx structure.
> + * Caller is assumed to have verified that @ctx has enough space
> + * for @context.
> + *
> + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM
> + * if memory can't be allocated.
> + */
> +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context,
> + size_t context_size, u64 id, u64 flags)
> +{
> + struct lsm_ctx *lctx;
> + size_t locallen = struct_size(lctx, ctx, context_size);
> + int rc = 0;
> +
> + lctx = kzalloc(locallen, GFP_KERNEL);
> + if (lctx == NULL)
> + return -ENOMEM;
> +
> + lctx->id = id;
> + lctx->flags = flags;
> + lctx->ctx_len = context_size;
> + lctx->len = locallen;
> +
> + memcpy(lctx->ctx, context, context_size);
> +
> + if (copy_to_user(ctx, lctx, locallen))
> + rc = -EFAULT;
> +
> + kfree(lctx);
> +
> + return rc;
> +}
> +
> /*
> * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and
> * can be accessed with:
> --
> 2.41.0
>
next prev parent reply other threads:[~2023-10-03 14:28 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20230912205658.3432-1-casey.ref@schaufler-ca.com>
2023-09-12 20:56 ` [PATCH v15 00/11] LSM: Three basic syscalls Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 01/11] LSM: Identify modules by more than name Casey Schaufler
2023-09-15 11:32 ` Tetsuo Handa
2023-09-15 17:53 ` Casey Schaufler
2023-09-16 6:32 ` Tetsuo Handa
2023-09-17 16:38 ` Casey Schaufler
2023-09-20 10:20 ` Tetsuo Handa
2023-09-20 15:08 ` Kees Cook
2023-09-23 4:46 ` Tetsuo Handa
2023-09-24 1:58 ` Kees Cook
2023-09-24 11:06 ` Tetsuo Handa
2023-09-24 19:48 ` Kees Cook
2023-10-05 12:58 ` Tetsuo Handa
2023-10-20 19:52 ` Casey Schaufler
2023-10-21 12:20 ` Tetsuo Handa
2023-10-21 14:11 ` Casey Schaufler
2023-10-29 10:57 ` Tetsuo Handa
2023-10-29 18:00 ` Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 02/11] LSM: Maintain a table of LSM attribute data Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 03/11] proc: Use lsmids instead of lsm names for attrs Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 04/11] LSM: syscalls for current process attributes Casey Schaufler
2023-10-03 14:09 ` Mickaël Salaün
2023-10-06 1:04 ` Paul Moore
2023-10-09 15:36 ` Mickaël Salaün
2023-10-09 16:04 ` Paul Moore
2023-10-10 9:14 ` Mickaël Salaün
2023-10-10 13:10 ` Paul Moore
2023-09-12 20:56 ` [PATCH v15 05/11] LSM: Create lsm_list_modules system call Casey Schaufler
2023-10-03 14:27 ` Mickaël Salaün
2024-03-12 10:16 ` Dmitry V. Levin
2024-03-12 13:25 ` Paul Moore
2024-03-12 15:27 ` Casey Schaufler
2024-03-12 17:06 ` Paul Moore
2024-03-12 17:44 ` Casey Schaufler
2024-03-12 18:09 ` Paul Moore
2024-03-12 18:28 ` Dmitry V. Levin
2024-03-12 21:50 ` Kees Cook
2024-03-12 22:06 ` Casey Schaufler
2024-03-12 22:06 ` Paul Moore
2024-03-12 22:17 ` Casey Schaufler
2024-03-12 23:17 ` Paul Moore
2023-09-12 20:56 ` [PATCH v15 06/11] LSM: wireup Linux Security Module syscalls Casey Schaufler
2023-10-03 14:27 ` Mickaël Salaün
2023-09-12 20:56 ` [PATCH v15 07/11] LSM: Helpers for attribute names and filling lsm_ctx Casey Schaufler
2023-10-03 14:28 ` Mickaël Salaün [this message]
2023-09-12 20:56 ` [PATCH v15 08/11] Smack: implement setselfattr and getselfattr hooks Casey Schaufler
2023-10-03 14:28 ` Mickaël Salaün
2023-10-20 19:40 ` Casey Schaufler
2023-10-20 19:42 ` Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 09/11] AppArmor: Add selfattr hooks Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 10/11] SELinux: " Casey Schaufler
2023-09-12 20:56 ` [PATCH v15 11/11] LSM: selftests for Linux Security Module syscalls Casey Schaufler
2023-10-03 14:28 ` Mickaël Salaün
2023-10-12 22:07 ` [PATCH v15 00/11] LSM: Three basic syscalls Paul Moore
2023-10-13 21:55 ` Paul Moore
2023-10-16 12:04 ` Roberto Sassu
2023-10-16 15:06 ` Paul Moore
2023-10-17 7:01 ` Roberto Sassu
2023-10-17 15:58 ` Paul Moore
2023-10-17 16:07 ` Roberto Sassu
2023-10-18 9:31 ` Roberto Sassu
2023-10-18 13:09 ` Mimi Zohar
2023-10-18 14:14 ` Roberto Sassu
2023-10-18 16:35 ` Paul Moore
2023-10-18 20:10 ` Mimi Zohar
2023-10-18 20:40 ` Paul Moore
2023-10-19 7:45 ` Roberto Sassu
2023-10-20 16:36 ` Casey Schaufler
2023-10-19 8:49 ` Roberto Sassu
2023-11-13 4:03 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231003.Ic1FohLoc8Ph@digikod.net \
--to=mic@digikod.net \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=serge@hallyn.com \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.