Thread (32 messages) 32 messages, 8 authors, 2023-02-14

Re: [PATCH v5 5/8] LSM: Create lsm_module_list system call

From: Paul Moore <paul@paul-moore.com>
Date: 2023-01-11 21:10:34
Also in: linux-security-module, lkml 

On Mon, Jan 9, 2023 at 1:09 PM Casey Schaufler [off-list ref] wrote:
Create a system call to report the list of Linux Security Modules
that are active on the system. The list is provided as an array
of LSM ID numbers.

The calling application can use this list determine what LSM
specific actions it might take. That might include chosing an
output format, determining required privilege or bypassing
security module specific behavior.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 Documentation/userspace-api/lsm.rst |  3 +++
 include/linux/syscalls.h            |  1 +
 kernel/sys_ni.c                     |  1 +
 security/lsm_syscalls.c             | 41 +++++++++++++++++++++++++++++
 4 files changed, 46 insertions(+)
...
quoted hunk ↗ jump to hunk
diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
index 55e8bf61ac8a..92af1fcaa654 100644
--- a/security/lsm_syscalls.c
+++ b/security/lsm_syscalls.c
@@ -180,3 +180,44 @@ SYSCALL_DEFINE3(lsm_get_self_attr,
        kfree(final);
        return rc;
 }
+
+/**
+ * sys_lsm_module_list - Return a list of the active security modules
+ * @ids: the LSM module ids
+ * @size: size of @ids, updated on return
+ * @flags: reserved for future use, must be zero
+ *
+ * Returns a list of the active LSM ids. On success this function
+ * returns the number of @ids array elements. This value may be zero
+ * if there are no LSMs active. If @size is insufficient to contain
+ * the return data -E2BIG is returned and @size is set to the minimum
+ * required size. In all other cases a negative value indicating the
+ * error is returned.
+ */
+SYSCALL_DEFINE3(lsm_module_list,
+               u32 __user *, ids,
+               size_t __user *, size,
+               u64, flags)
+{
+       size_t total_size = lsm_active_cnt * sizeof(*ids);
+       size_t usize;
+       int i;
+
+       if (flags)
+               return -EINVAL;
+
+       if (get_user(usize, size))
+               return -EFAULT;
+
+       if (put_user(total_size, size) != 0)
+               return -EFAULT;
+
+       if (usize < total_size)
+               return -E2BIG;
+
+       for (i = 0; i < lsm_active_cnt; i++)
+               if (put_user(lsm_idlist[i]->id, ids++))
+                       return -EFAULT;
+
+       return lsm_active_cnt;
+}
Similar to my comments in 4/8, I would probably create a new LSM hook
for this syscall so that the lsm_ctx is passed through the LSM layer
directly to the target LSM:

  int security_sys_setselfattr(u64 attr, struct lsm_ctx __user *ctx,
size_t len);

--
paul-moore.com
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help