Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3727472pxb; Mon, 9 Nov 2020 20:45:30 -0800 (PST) X-Google-Smtp-Source: ABdhPJzY8VB0jcIk6FLNAvh6hRafS9uol+ASk04y1JC3reN4tujhrXq9WMBJ7J3okOO5E2J+dHFS X-Received: by 2002:aa7:cc0e:: with SMTP id q14mr19040488edt.181.1604983530734; Mon, 09 Nov 2020 20:45:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604983530; cv=none; d=google.com; s=arc-20160816; b=Hi3QwApGHQ0BqMTHiOpvR243FN+kdcFFhEIKxna/2zWbmAVWcfxN0wfKUcnVS96na6 uT7Kxog8t8aJFw4pUGpa5s7olZkzX0fOP6fRy2LSQ1mj6zqQ9nWXchOBLF2L7OJbCL0f Gtqv1tSnLsBMHhvGOTxdRA+PWWJlnPJpP3e574TlPVfTXhLl8jKWtdMupLFb7d0waXQe FF3oB/5jeZNECgrf+Ul6W8c3kiE1ajdaHqZi1m1dLgDPPELYZ6T4aLL7xkZek9hGjh7f PY5/LIK95CNIBJn8SjSzvo1mhhiLzuWpfsb0pRjQEECOh7J+uAHrEYR25124ZtnDWeO4 lpHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=uB8yRgz4Yfc+PyWs6KPp+6oBAyx4aszGLqvtMMzX3E0=; b=mbEn2y7FtQ/VErhXwuUeyKso7FzPTgfG2Z93iIFugBwNufc+ThZxVVRdtIVECBwtzi 2EKYehcbANDk3LYew5pCoFuP1+1+zcOA88oVedwZCTuSJ5AwMV/wmuqDiiZ2tBRJVisE zTpQJEQU4pjUc5eL9VPXN4Ew36usBMltT7YKipDFpwoCd5lbd+e0dmgPqo3ARYLusvCx plmdUKmc8pR+bduGqW/5IPf0P0gGKMWX1XlDxqsHwF2SugfRA70ZbCuLgXywz9sdPbT8 L05kTBFapyFQHR6k5w0MM2UM5tjc6+AxlbSUd2v6/+zI4HF1W+qaz+nSRx1Zr2UR15ol bDow== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j6si8515918edr.531.2020.11.09.20.45.06; Mon, 09 Nov 2020 20:45:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730482AbgKJEne (ORCPT + 99 others); Mon, 9 Nov 2020 23:43:34 -0500 Received: from www262.sakura.ne.jp ([202.181.97.72]:52667 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729885AbgKJEne (ORCPT ); Mon, 9 Nov 2020 23:43:34 -0500 Received: from fsav103.sakura.ne.jp (fsav103.sakura.ne.jp [27.133.134.230]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 0AA4h6ag067872; Tue, 10 Nov 2020 13:43:06 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav103.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav103.sakura.ne.jp); Tue, 10 Nov 2020 13:43:06 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav103.sakura.ne.jp) Received: from [192.168.1.9] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 0AA4h5rr067869 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Tue, 10 Nov 2020 13:43:06 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Subject: Re: [PATCH v3 1/2] security: add fault injection capability To: Aleksandr Nogikh , jmorris@namei.org, serge@hallyn.com, akinobu.mita@gmail.com Cc: andreyknvl@google.com, dvyukov@google.com, elver@google.com, glider@google.com, keescook@google.com, casey@schaufler-ca.com, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Aleksandr Nogikh References: <20201029183526.2131776-1-aleksandrnogikh@gmail.com> <20201029183526.2131776-2-aleksandrnogikh@gmail.com> From: Tetsuo Handa Message-ID: <04d8c32a-06cd-d71a-43d9-47b1de6c7684@i-love.sakura.ne.jp> Date: Tue, 10 Nov 2020 13:43:06 +0900 User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.4.1 MIME-Version: 1.0 In-Reply-To: <20201029183526.2131776-2-aleksandrnogikh@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020/10/30 3:35, Aleksandr Nogikh wrote: > +#ifdef CONFIG_FAIL_LSM_HOOKS > + > +static struct { > + struct fault_attr attr; > + int retval; > +} fail_lsm_hooks = { > + .attr = FAULT_ATTR_INITIALIZER, > + .retval = -EACCES > +}; > + > +static int __init setup_fail_lsm_hooks(char *str) > +{ > + return setup_fault_attr(&fail_lsm_hooks.attr, str); > +} > +__setup("fail_lsm_hooks=", setup_fail_lsm_hooks); > + > +static int lsm_hooks_inject_fail(void) > +{ > + return should_fail(&fail_lsm_hooks.attr, 1) ? fail_lsm_hooks.retval : 0; > +} > + > +#ifdef CONFIG_FAULT_INJECTION_DEBUG_FS > + > +static int __init fail_lsm_hooks_debugfs(void) > +{ > + umode_t mode = S_IFREG | 0600; > + struct dentry *dir; > + > + dir = fault_create_debugfs_attr("fail_lsm_hooks", NULL, > + &fail_lsm_hooks.attr); > + debugfs_create_u32("retval", mode, dir, &fail_lsm_hooks.retval); Since production kernels will use CONFIG_FAIL_LSM_HOOKS=n, we won't need to worry about userspace ABI. Reviewed-by: Tetsuo Handa By the way, fail_lsm_hooks.retval is "signed int" but debugfs_create_u32() handles "unsigned int". Do we want to allow lsm_hooks_inject_fail() to inject arbitrary !IS_ERR_VALUE() values? > + return 0; > +}