Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp2663860rwr; Fri, 28 Apr 2023 13:53:00 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7RtUyhChkp89vkDWwq67UPkaOHOKKOJNv9c69SQAI2mu7XMIgFRt+UEdzkZtZJQqzHR5DQ X-Received: by 2002:a05:6a00:288e:b0:641:3e9f:289f with SMTP id ch14-20020a056a00288e00b006413e9f289fmr684108pfb.0.1682715180290; Fri, 28 Apr 2023 13:53:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682715180; cv=none; d=google.com; s=arc-20160816; b=0L6zreoE6AZa3Qfs+tYOHy+I88s2fmWfP1v1j/wugq/hQAPqAjvckb+dRt4exTWEZ4 SllbfGAuS6DUmiUfYyN8UBSnl/Hg1YbBzqK788MD/iGD9ig0yB3s+5ctppS7N34nF4ul pKPKlK6mXP5OOChlc57LTDRC7CIa02TZMTegt07xV3SF7NkgqLiiHIixZuunGc4B3l/a pUicZrN0DrckQ/dhhjEQ0/oxbYNWI1VugrzfqR0mOXEHhR24mle7hOqy4OOIPc6dmdgC ye1sSa6+zPQaFL22niV3h0QllPL1hv3qQ2NDNOsP6rpnYOKTciVosDlrVtSKc5Ik2O1o w/5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lQV4qS4iAA6JHAaUPQfN8v1+i+4alOLehWL92wPtJI8=; b=ZzDopHTktYqaQacPCX+tgyGStsLjaWx0YE4cqHIiIrokkabdGfqtbuMigjhrMzKrfj 3G65YDhddunshXwQaVWCoWmlSjE9BMr0eVypLKdy4JLM06Oq+pteSIqODdDNdQzKThb3 J32GD5o41ZGpa72moEkh88hqUSaOuw+fKzTSC8DuJVoTW8OK88ciFkUg1YwcB0O9VDKN az7j/WB5Lg621TaDAVVnjlJaNK+ViImviKaDWBQ2+Gu1+KgTTCitqN9q7byrqPsID0+b lVghuaxagf0CCI4y2VcoBEzUnmepHs01kTVJPQi+huHj3pt3nA3+4No/uxbrtgFLrCuU Jenw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=nh6ET2+Z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u64-20020a638543000000b005250ac2d7c9si15575461pgd.693.2023.04.28.13.52.46; Fri, 28 Apr 2023 13:53:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=nh6ET2+Z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346710AbjD1UiG (ORCPT + 99 others); Fri, 28 Apr 2023 16:38:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57806 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346543AbjD1Uhy (ORCPT ); Fri, 28 Apr 2023 16:37:54 -0400 Received: from sonic307-15.consmr.mail.ne1.yahoo.com (sonic307-15.consmr.mail.ne1.yahoo.com [66.163.190.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8EC7E2D45 for ; Fri, 28 Apr 2023 13:37:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=lQV4qS4iAA6JHAaUPQfN8v1+i+4alOLehWL92wPtJI8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From:Subject:Reply-To; b=nh6ET2+Z3QWo0eKhqPUajv4qc1BlJjdmmndr8Wr9QByuLvxdomlYutGSjVLfUdB3IDPFVDcFyFoUUJWuoBobmOuFYutdHf/hTFajOI3ecbJhj11ulyt89hrN5TaUNjjsK9BLo9E8OS0UlvhZbIeVZ84ERGwQ1a4vUHzhckjxrG2lzNxGvgo/Xrlua//wTb1jXjCWCW/V2an4JSu7cEKk21nCkdi0HbKlHxkHyEP6LB4l04ML1kUmS7EDL4/0K9tiOPdbrQLpLy9UHtCbYbq4c9YRwKnn9+pFaodZMf9JtoxA4B7kvrj0/1vwCdhTHzhc2GSSaUocAsz46huMoPhigg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1682714256; bh=0bZGVNHEpelPbcy9q8/ySw86NZlcoU9ywmACJ4SdTo3=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=D+fuHVikdk4/nvabeRburQ59/O7Rz/Y5Q8/a8Rp0RZb0GM+Gn6yV8IsjJ5l+PyTRxl7LlQ7t7ekbM+kGk6MgOovJIrYTWbJWRmo4+DfcFPXM2sS/miTOmqZiI9hnKEqGv4bF5wsKgFvoOQNvy9cBdBHT/VsQXo8/ZM5dBeuIB5SkoLCFVVyIt7ODpC7Xfnhuj3gqrl/MAPXqwEmenuKIiaazlu5FUk6osIAYAvZ7fqdSXcQ3fc91dspjRZp/lFADv8Gxn5W8a+H4iiEF34iptziuW+CEM0SEeYCVMucnPzZohr1OhPIQkK7HZKntxM/d5afpkOaI1iG9CURS1prfyQ== X-YMail-OSG: zNodHMAVM1lSS0jBZ_tvQ_3JATjgb6CStAJrEOrrRZdSVPrtz_H8cvx6WUQNtnH Dpd9XLvKY2Cg.WV22ptotbzCZZPDvt9DKjg9qxUqxGCm6mu4lk.zXX.4iLwUOsD5VENQxaKY28ar pyRL33M9i2GS9nJEqNfUulpWMIR68N2u2j1IFVjhlmjOvWCBtjdXJFtEFHOMVsbZJYBqWkf_Vvb0 k2U.KQvoIabZNuzOeODhtMJbt7BjVIH5FTlxtmy6.2Hro.wxA_UxR6NexKdxHgPk_qRb4rVGB65S lMMr0NJ0i3UWQmf9nCITVs7zwBsCM06MCDrOMf.aCa6Au6bGf_0.kewDQZPh8IjW8YLX2SytARs1 K3eMpY27Dh4XuuW_dptiYx0_hp5QL74e1lMSZhomOhukUTMu2Jp1WWFtKx6AcoiI4RI14NX4jR3O LeNdagAAr1IR0RA0AtFcviVg0T6mQAu_idZvMjmWHAQf3p5cuk1pK6gVWWoRP4hm.wPb87Jj73IP Wwm6UB_MtdfmSUqeeWZ5TWnUr8SowYb.aCtfzkfxOfc0EcVyBFV_I.pOtXTWh0KC26BwjGeosOr4 x_2b34lBJry8_R2KQIvKAmRZAqDKdKkIXe0ZsDj.IK.eIyOqQmwxXrc47kqOnFFinwWN8aNpKq29 QQXuxKgN_aq31pOes_mwL7nsUtRWwcudnETqYiiWvYKA78B3Ka1BDyEjq0WoWMhduMvJP8OiDUhc glSubL2BxiT0jkHo0E_ae6YaNkmApTWZ9nomWFAkl8kd5YKZN1SrLkgYZsOky0P0ADIvzTWnNHmF ilcrhsoZ4YdtbcmV56Ahxb7kLkY5.FtiOHEZ3nKKlNglSpqYiRRrpX7fPfVqY8otJGWbE_AENhi5 yYP716VmNSeIEu1YARictitLQyOI79A2774COZzz.9OtxgQiFaOKps_nQl7ZiUyGx7AUAaiMM_AI LrqVOE3jjyyLCK8NMr8WyQjCcULUc1.tJ7lj1KM7ruzYFKciG7LqcIKHh3R8zY7pfQFW6mXw6P1L _M02bjth0cxojCXOVQDVOO.vkO8KeW_fzz9VKwFs5PY2I5O9wayQ05_eqqQgEhRyBKPnQDIEw3Od xvgeouQmkbCx7Efv9BLUCGWCppZBdGfhmsk10MgfwSMnOtbTs9Az_bU8gS1Nw22PKLysORRoppgh qGVyBjJJ5eMJob.lV1imxSmB1mNl6aPECDy4hNYs3_O45Jg0QjsdtyD4bEFWAfOxfSUp_o6SFmhO i4bMMp_o7483.LFsCcgQ8FYkGJ_LDzNcbzfX3faeVEe0DNq0zmDFo5jFlzTjBEJ0pl4_TCsNgmIG 0YG5l9VnkW3dbG8BmEVrFmUiVsz4qhFSs5_4tUI_83kbmg_wFZhRWdIqieQVbfQ.n5FA1.b4rTye 3_DpeczYIFn9TYabQx8liSCe8SOgRKR9lmOk6gjZef1oq_eEmDgO5h0_x_J5nBu57.O9HKw69BtL uwCoDXUwQIpsoFhKVsZ2QiOvkwFBUqTQfJ6r1lfrSLSrHgQw9e2zs9ZX_fJ6V6hs.MyersF59Amm 2uEbtvZdee3wI_Xqh8ynGwZWdXHyvefc0nCeX4InbXgp5_cStSjJVnMxfp.7G9cHKUeaJiNnu96B M_w5gE0BI92Moa0rXylApo1aKgo7vcj08Z7esGZ6GRK7LwC6mpRW8eV2cFmNsekhtkx6FIPd6xc1 2bHKeNyXSHQN7GD.i_YQhRdz_haUZPCPmNHiXt93LceUFfrv2Z0jVvaLZChK_Z8S3_lZsvpP3Czj BpADh8MuuMOpDK9h.hTN20yZqtRFX2u4GiebZZJpvAEwZ1Xwo381BLnC18sDBGjQ_iJFaokRfaEZ _LlfPctTB3.7R.eRx5Rfak57nWp9bNXgFB62hPLk5.3hdG7yftFTAHITI9KLJp5op5JFHmPpVfdP m0afKVc5LEDwcuBqEGIZDFRcoXhvLXmF4ihPzF5KuR3._KBvlrpg1bTtDBdaYQcgvxOVFC7IYvqC pG3JwvW0bOf6ZaA302Q1sPCx6Td8haUseI6mBHZY9KzBVdFc3GxjsW9uhBro5QxULk7gqGu0Of3g _ikX9OE5JQu8p7km.laSVUHDCiZkdZu7ADEH8CVUqvEpe0RBqnP_1y6AeqMZW66zWspSqkC8O6JM tgchAH1usTHpDzDk8nusLxQ3Vh5pwXqM.BpTccjJHrCtz1van8fV6x48w3v5akYu_7mYBQoVKOSS 3w3Hmaxe3OHDSujS.JqBYCvV1GMHH_lsTRxFcYQ7yeGmNoQdKpjJTwoonQDC9XgXvJFoaJDP6MCp jD9AmMLwe8ROwNwzdI.rrNAukDL1low-- X-Sonic-MF: X-Sonic-ID: d9e9296a-feab-4253-ad57-7ec3ba70b136 Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Fri, 28 Apr 2023 20:37:36 +0000 Received: by hermes--production-ne1-7dbd98dd99-vd22t (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 7d01bdce50daaea0f4f6c5183b4a656e; Fri, 28 Apr 2023 20:37:33 +0000 (UTC) From: Casey Schaufler To: casey@schaufler-ca.com, paul@paul-moore.com, linux-security-module@vger.kernel.org Cc: jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Subject: [PATCH v10 07/11] LSM: Helpers for attribute names and filling lsm_ctx Date: Fri, 28 Apr 2023 13:34:13 -0700 Message-Id: <20230428203417.159874-8-casey@schaufler-ca.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230428203417.159874-1-casey@schaufler-ca.com> References: <20230428203417.159874-1-casey@schaufler-ca.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add lsm_name_to_attr(), which translates a text string to a LSM_ATTR value if one is available. Add lsm_fill_user_ctx(), which fills a struct lsm_ctx, including the trailing attribute value. The .len value is padded to a multiple of 64 bits for alignment. All are used in module specific components of LSM system calls. Signed-off-by: Casey Schaufler --- include/linux/security.h | 13 ++++++++++++ security/lsm_syscalls.c | 24 ++++++++++++++++++++++ security/security.c | 44 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 81 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index 806bff425af9..36ace59f9171 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -263,6 +263,7 @@ int unregister_blocking_lsm_notifier(struct notifier_block *nb); /* prototypes */ extern int security_init(void); extern int early_security_init(void); +extern u64 lsm_name_to_attr(const char *name); /* Security operations */ int security_binder_set_context_mgr(const struct cred *mgr); @@ -491,6 +492,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -508,6 +511,11 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb) return 0; } +static inline u64 lsm_name_to_attr(const char *name) +{ + return LSM_ATTR_UNDEF; +} + static inline void security_free_mnt_opts(void **mnt_opts) { } @@ -1420,6 +1428,11 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index b89cccb2f123..0b225adfe5f7 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,30 @@ #include #include +/** + * lsm_name_to_attr - map an LSM attribute name to its ID + * @name: name of the attribute + * + * Returns the LSM attribute value associated with @name, or 0 if + * there is no mapping. + */ +u64 lsm_name_to_attr(const char *name) +{ + if (!strcmp(name, "current")) + return LSM_ATTR_CURRENT; + if (!strcmp(name, "exec")) + return LSM_ATTR_EXEC; + if (!strcmp(name, "fscreate")) + return LSM_ATTR_FSCREATE; + if (!strcmp(name, "keycreate")) + return LSM_ATTR_KEYCREATE; + if (!strcmp(name, "prev")) + return LSM_ATTR_PREV; + if (!strcmp(name, "sockcreate")) + return LSM_ATTR_SOCKCREATE; + return LSM_ATTR_UNDEF; +} + /** * sys_lsm_set_self_attr - Set current task's security module attribute * @attr: which attribute to set diff --git a/security/security.c b/security/security.c index 94b78bfd06b9..8c877d639cae 100644 --- a/security/security.c +++ b/security/security.c @@ -761,6 +761,50 @@ static int lsm_superblock_alloc(struct super_block *sb) return 0; } +/** + * lsm_fill_user_ctx - Fill a user space lsm_ctx structure + * @ctx: an LSM context to be filled + * @context: the new context value + * @context_size: the size of the new context value + * @id: LSM id + * @flags: LSM defined flags + * + * Fill all of the fields in a user space lsm_ctx structure. + * Caller is assumed to have verified that @ctx has enough space + * for @context. + * + * The total length is padded to a multiple of 64 bits to + * accomodate possible alignment issues. + * + * Returns 0 on success, -EFAULT on a copyout error, -ENOMEM + * if memory can't be allocated. + */ +int lsm_fill_user_ctx(struct lsm_ctx __user *ctx, void *context, + size_t context_size, u64 id, u64 flags) +{ + struct lsm_ctx *lctx; + size_t locallen = ALIGN(struct_size(lctx, ctx, context_size), 8); + int rc = 0; + + lctx = kzalloc(locallen, GFP_KERNEL); + if (lctx == NULL) + return -ENOMEM; + + lctx->id = id; + lctx->flags = flags; + lctx->ctx_len = context_size; + lctx->len = locallen; + + memcpy(lctx->ctx, context, context_size); + + if (copy_to_user(ctx, lctx, locallen)) + rc = -EFAULT; + + kfree(lctx); + + return rc; +} + /* * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and * can be accessed with: -- 2.39.2