Re: [PATCH v3] LSM: use 32 bit compatible data types in LSM syscalls.
From: Paul Moore <paul@paul-moore.com>
Date: 2024-03-13 22:37:41
Also in:
linux-security-module, lkml
On Wed, Mar 13, 2024 at 4:07 PM Paul Moore [off-list ref] wrote:
On Mar 13, 2024 Casey Schaufler [off-list ref] wrote:quoted
LSM: use 32 bit compatible data types in LSM syscalls. Change the size parameters in lsm_list_modules(), lsm_set_self_attr() and lsm_get_self_attr() from size_t to u32. This avoids the need to have different interfaces for 32 and 64 bit systems. Cc: stable@vger.kernel.org Fixes: a04a1198088a: ("LSM: syscalls for current process attributes") Fixes: ad4aff9ec25f: ("LSM: Create lsm_list_modules system call") Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reported-and-reviewed-by: Dmitry V. Levin [off-list ref] --- include/linux/lsm_hook_defs.h | 4 ++-- include/linux/security.h | 8 ++++---- security/apparmor/lsm.c | 4 ++-- security/lsm_syscalls.c | 10 +++++----- security/security.c | 12 ++++++------ security/selinux/hooks.c | 4 ++-- security/smack/smack_lsm.c | 4 ++-- tools/testing/selftests/lsm/common.h | 6 +++--- tools/testing/selftests/lsm/lsm_get_self_attr_test.c | 10 +++++----- tools/testing/selftests/lsm/lsm_list_modules_test.c | 8 ++++---- tools/testing/selftests/lsm/lsm_set_self_attr_test.c | 6 +++--- 11 files changed, 38 insertions(+), 38 deletions(-)Okay, this looks better, I'm going to merge this into lsm/stable-6.9 and put it through the usual automated testing as well as a kselftest run to make sure everything there is still okay. Assuming all goes well and no one raises any objections, I'll likely send this up to Linus tomorrow. Thanks everyone!
Unfortunately it looks like we have a kselftest failure (below). I'm pretty sure that this was working at some point, but it's possible I missed it when I ran the selftests previously. I've got to break for a personal appt right now, but I'll dig into this later tonight. # timeout set to 45 # selftests: lsm: lsm_get_self_attr_test # TAP version 13 # 1..6 # # Starting 6 tests from 1 test cases. # # RUN global.size_null_lsm_get_self_attr ... # # OK global.size_null_lsm_get_self_attr # ok 1 global.size_null_lsm_get_self_attr # # RUN global.ctx_null_lsm_get_self_attr ... # # lsm_get_self_attr_test.c:49:ctx_null_lsm_get_self_attr:Expected -1 (-1) != r c (-1) # # ctx_null_lsm_get_self_attr: Test terminated by assertion # # FAIL global.ctx_null_lsm_get_self_attr # not ok 2 global.ctx_null_lsm_get_self_attr # # RUN global.size_too_small_lsm_get_self_attr ... # # OK global.size_too_small_lsm_get_self_attr # ok 3 global.size_too_small_lsm_get_self_attr # # RUN global.flags_zero_lsm_get_self_attr ... # # OK global.flags_zero_lsm_get_self_attr # ok 4 global.flags_zero_lsm_get_self_attr # # RUN global.flags_overset_lsm_get_self_attr ... # # OK global.flags_overset_lsm_get_self_attr # ok 5 global.flags_overset_lsm_get_self_attr # # RUN global.basic_lsm_get_self_attr ... # # OK global.basic_lsm_get_self_attr # ok 6 global.basic_lsm_get_self_attr # # FAILED: 5 / 6 tests passed. # # Totals: pass:5 fail:1 xfail:0 xpass:0 skip:0 error:0 not ok 1 selftests: lsm: lsm_get_self_attr_test # exit=1 -- paul-moore.com