All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Mickaël Salaün" <mic@digikod.net>
To: Kees Cook <keescook@chromium.org>
Cc: "James Morris" <jmorris@namei.org>,
	"Jann Horn" <jannh@google.com>,
	"Serge E . Hallyn" <serge@hallyn.com>,
	"Al Viro" <viro@zeniv.linux.org.uk>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Andy Lutomirski" <luto@amacapital.net>,
	"Anton Ivanov" <anton.ivanov@cambridgegreys.com>,
	"Arnd Bergmann" <arnd@arndb.de>,
	"Casey Schaufler" <casey@schaufler-ca.com>,
	"David Howells" <dhowells@redhat.com>,
	"Jeff Dike" <jdike@addtoit.com>,
	"Jonathan Corbet" <corbet@lwn.net>,
	"Michael Kerrisk" <mtk.manpages@gmail.com>,
	"Richard Weinberger" <richard@nod.at>,
	"Shuah Khan" <shuah@kernel.org>,
	"Vincent Dagonneau" <vincent.dagonneau@ssi.gouv.fr>,
	kernel-hardening@lists.openwall.com, linux-api@vger.kernel.org,
	linux-arch@vger.kernel.org, linux-doc@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-kselftest@vger.kernel.org,
	linux-security-module@vger.kernel.org, x86@kernel.org,
	"Mickaël Salaün" <mic@linux.microsoft.com>
Subject: Re: [PATCH v30 08/12] landlock: Add syscall implementations
Date: Wed, 24 Mar 2021 16:03:36 +0100	[thread overview]
Message-ID: <9062d586-8fa7-a972-9615-ca3a5fe38cef@digikod.net> (raw)
In-Reply-To: <380d65b2-f515-f3f5-5d57-7f99c528e5c7@digikod.net>


On 19/03/2021 22:53, Mickaël Salaün wrote:
> 
> On 19/03/2021 20:06, Kees Cook wrote:
>> On Tue, Mar 16, 2021 at 09:42:48PM +0100, Mickaël Salaün wrote:
>>> From: Mickaël Salaün <mic@linux.microsoft.com>

[...]

>>> +/**
>>> + * sys_landlock_create_ruleset - Create a new ruleset
>>> + *
>>> + * @attr: Pointer to a &struct landlock_ruleset_attr identifying the scope of
>>> + *        the new ruleset.
>>> + * @size: Size of the pointed &struct landlock_ruleset_attr (needed for
>>> + *        backward and forward compatibility).
>>> + * @flags: Must be 0.
>>> + *
>>> + * This system call enables to create a new Landlock ruleset, and returns the
>>> + * related file descriptor on success.
>>> + *
>>> + * Possible returned errors are:
>>> + *
>>> + * - EOPNOTSUPP: Landlock is supported by the kernel but disabled at boot time;
>>> + * - EINVAL: @flags is not 0, or unknown access, or too small @size;
>>> + * - E2BIG or EFAULT: @attr or @size inconsistencies;
>>> + * - ENOMSG: empty &landlock_ruleset_attr.handled_access_fs.
>>> + */
>>> +SYSCALL_DEFINE3(landlock_create_ruleset,
>>> +		const struct landlock_ruleset_attr __user *const, attr,
>>> +		const size_t, size, const __u32, flags)
>>> +{
>>> +	struct landlock_ruleset_attr ruleset_attr;
>>> +	struct landlock_ruleset *ruleset;
>>> +	int err, ruleset_fd;
>>> +
>>> +	/* Build-time checks. */
>>> +	build_check_abi();
>>> +
>>> +	if (!landlock_initialized)
>>> +		return -EOPNOTSUPP;
>>> +
>>> +	/* No flag for now. */
>>> +	if (flags)
>>> +		return -EINVAL;
>>> +
>>> +	/* Copies raw user space buffer. */
>>> +	err = copy_min_struct_from_user(&ruleset_attr, sizeof(ruleset_attr),
>>> +			offsetofend(typeof(ruleset_attr), handled_access_fs),
>>
>> The use of offsetofend() here appears to be kind of the "V1", "V2", ...
>> sizes used in other extensible syscall implementations?
> 
> ruleset_attr is an extensible argument.

offsetofen() is used to set the minimum size of a valid argument. This
code will then not change with future extended ruleset_attr.

  reply	other threads:[~2021-03-24 15:04 UTC|newest]

Thread overview: 50+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-16 20:42 [PATCH v30 00/12] Landlock LSM Mickaël Salaün
2021-03-16 20:42 ` [PATCH v30 01/12] landlock: Add object management Mickaël Salaün
2021-03-19 18:13   ` Kees Cook
2021-03-19 18:57     ` Mickaël Salaün
2021-03-16 20:42 ` [PATCH v30 02/12] landlock: Add ruleset and domain management Mickaël Salaün
2021-03-19 18:40   ` Kees Cook
2021-03-19 19:03     ` Mickaël Salaün
2021-03-19 19:15       ` Kees Cook
2021-03-24 20:31       ` James Morris
2021-03-25  9:29         ` Mickaël Salaün
2021-03-23  0:13   ` Jann Horn
2021-03-16 20:42 ` [PATCH v30 03/12] landlock: Set up the security framework and manage credentials Mickaël Salaün
2021-03-19 18:45   ` Kees Cook
2021-03-19 19:07     ` Mickaël Salaün
2021-03-16 20:42 ` [PATCH v30 04/12] landlock: Add ptrace restrictions Mickaël Salaün
2021-03-19 18:45   ` Kees Cook
2021-03-16 20:42 ` [PATCH v30 05/12] LSM: Infrastructure management of the superblock Mickaël Salaün
2021-03-19 17:24   ` Kees Cook
2021-03-16 20:42 ` [PATCH v30 06/12] fs,security: Add sb_delete hook Mickaël Salaün
2021-03-19 17:24   ` Kees Cook
2021-03-16 20:42 ` [PATCH v30 07/12] landlock: Support filesystem access-control Mickaël Salaün
2021-03-18 23:10   ` James Morris
2021-03-19 18:57   ` Kees Cook
2021-03-19 19:19     ` Mickaël Salaün
2021-03-23 19:30       ` Mickaël Salaün
2021-03-23  0:13   ` Jann Horn
2021-03-23 15:55     ` Mickaël Salaün
2021-03-23 17:49       ` Jann Horn
2021-03-23 19:22         ` Mickaël Salaün
2021-03-24  3:10           ` Jann Horn
2021-03-16 20:42 ` [PATCH v30 08/12] landlock: Add syscall implementations Mickaël Salaün
2021-03-19 19:06   ` Kees Cook
2021-03-19 21:53     ` Mickaël Salaün
2021-03-24 15:03       ` Mickaël Salaün [this message]
2021-03-16 20:42 ` [PATCH v30 09/12] arch: Wire up Landlock syscalls Mickaël Salaün
2021-03-16 20:42 ` [PATCH v30 10/12] selftests/landlock: Add user space tests Mickaël Salaün
2021-03-19 17:56   ` Kees Cook
2021-03-19 18:41     ` Mickaël Salaün
2021-03-19 19:11       ` Kees Cook
2021-03-19 21:57         ` Mickaël Salaün
2021-03-16 20:42 ` [PATCH v30 11/12] samples/landlock: Add a sandbox manager example Mickaël Salaün
2021-03-19 17:26   ` Kees Cook
2021-03-16 20:42 ` [PATCH v30 12/12] landlock: Add user and kernel documentation Mickaël Salaün
2021-03-19 18:03   ` Kees Cook
2021-03-19 18:54     ` Mickaël Salaün
2021-03-23 19:25       ` Mickaël Salaün
2021-03-24 16:21       ` Mickaël Salaün
2021-03-18 23:26 ` [PATCH v30 00/12] Landlock LSM James Morris
2021-03-18 23:26   ` James Morris
2021-03-19 15:52   ` Mickaël Salaün

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9062d586-8fa7-a972-9615-ca3a5fe38cef@digikod.net \
    --to=mic@digikod.net \
    --cc=akpm@linux-foundation.org \
    --cc=anton.ivanov@cambridgegreys.com \
    --cc=arnd@arndb.de \
    --cc=casey@schaufler-ca.com \
    --cc=corbet@lwn.net \
    --cc=dhowells@redhat.com \
    --cc=jannh@google.com \
    --cc=jdike@addtoit.com \
    --cc=jmorris@namei.org \
    --cc=keescook@chromium.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=mic@linux.microsoft.com \
    --cc=mtk.manpages@gmail.com \
    --cc=richard@nod.at \
    --cc=serge@hallyn.com \
    --cc=shuah@kernel.org \
    --cc=vincent.dagonneau@ssi.gouv.fr \
    --cc=viro@zeniv.linux.org.uk \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.