Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook

[PATCH 0/3] lsm: introduce lsm_manage_policy() syscall · Maxime Bélair <hidden> · 2025-05-06
[PATCH 3/3] AppArmor: add support for lsm_manage_policy · Maxime Bélair <hidden> · 2025-05-06
[PATCH 1/3] Wire up the lsm_manage_policy syscall · Maxime Bélair <hidden> · 2025-05-06
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Song Liu <song@kernel.org> · 2025-05-07
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Maxime Bélair <hidden> · 2025-05-07
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2025-05-07
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Mickaël Salaün <mic@digikod.net> · 2025-05-09
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · John Johansen <john.johansen@canonical.com> · 2025-05-11
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Song Liu <song@kernel.org> · 2025-05-08
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Mickaël Salaün <mic@digikod.net> · 2025-05-09
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · John Johansen <john.johansen@canonical.com> · 2025-05-11
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · Mickaël Salaün <mic@digikod.net> · 2025-05-12
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · John Johansen <john.johansen@canonical.com> · 2025-05-17
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 1/3] Wire up the lsm_manage_policy syscall · kernel test robot <hidden> · 2025-05-07
[PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Maxime Bélair <hidden> · 2025-05-06
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Song Liu <song@kernel.org> · 2025-05-07
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Maxime Bélair <hidden> · 2025-05-07
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2025-05-07
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Maxime Bélair <hidden> · 2025-05-07
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Paul Moore <paul@paul-moore.com> · 2025-05-07
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Casey Schaufler <casey@schaufler-ca.com> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Mickaël Salaün <mic@digikod.net> · 2025-05-09
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Casey Schaufler <casey@schaufler-ca.com> · 2025-05-09
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-11
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-11
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2025-05-08
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · John Johansen <john.johansen@canonical.com> · 2025-05-09
Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook · kernel test robot <hidden> · 2025-05-07

From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: 2025-05-07 10:40:32
Also in: linux-security-module, lkml

On 2025/05/06 23:32, Maxime Bélair wrote:

quoted hunk ↗ jump to hunk

diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
index dcaad8818679..b39e6635a7d5 100644
--- a/security/lsm_syscalls.c
+++ b/security/lsm_syscalls.c

@@ -122,5 +122,10 @@ SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size,
 SYSCALL_DEFINE5(lsm_manage_policy, u32, lsm_id, u32, op, void __user *, buf, u32
 		__user *, size, u32, flags)
 {
-	return 0;
+	size_t usize;
+
+	if (get_user(usize, size))
+		return -EFAULT;
+
+	return security_lsm_manage_policy(lsm_id, op, buf, usize, flags);
 }

syzbot will report user-controlled unbounded huge size memory allocation attempt. ;-)

This interface might be fine for AppArmor, but TOMOYO won't use this interface because
TOMOYO's policy is line-oriented ASCII text data where the destination is switched via
pseudo‑filesystem's filename; use of filename helps restricting which type of policy
can be manipulated by which process.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help