From: Casey Schaufler <casey@schaufler-ca.com>
To: casey.schaufler@intel.com, paul@paul-moore.com,
linux-security-module@vger.kernel.org
Cc: casey@schaufler-ca.com, jmorris@namei.org, keescook@chromium.org,
john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp,
stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org, mic@digikod.net
Subject: [PATCH v5 6/8] LSM: lsm_set_self_attr syscall for LSM self attributes
Date: Mon, 9 Jan 2023 10:07:15 -0800 [thread overview]
Message-ID: <20230109180717.58855-7-casey@schaufler-ca.com> (raw)
In-Reply-To: <20230109180717.58855-1-casey@schaufler-ca.com>
Create a system call lsm_set_self_attr() to set a security
module maintained attribute of the current process. Historically
these attributes have been exposed to user space via entries in
procfs under /proc/self/attr.
The attribute value is provided in a lsm_ctx structure. The structure
identifys the size of the attribute, and the attribute value. The format
of the attribute value is defined by the security module, but will always
be \0 terminated if it is a string. The ctx_len value must always be
strlen(ctx)+1 if the value is a string. The flags field is reserved for
future security module specific use and must be 0.
---------------------------
| __u32 id |
---------------------------
| __u64 flags |
---------------------------
| __kernel_size_t ctx_len |
---------------------------
| __u8 ctx[ctx_len] |
---------------------------
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
Documentation/userspace-api/lsm.rst | 3 +++
include/linux/syscalls.h | 2 ++
kernel/sys_ni.c | 1 +
security/lsm_syscalls.c | 41 +++++++++++++++++++++++++++++
4 files changed, 47 insertions(+)
diff --git a/Documentation/userspace-api/lsm.rst b/Documentation/userspace-api/lsm.rst
index e342d75b99ab..c7da13801305 100644
--- a/Documentation/userspace-api/lsm.rst
+++ b/Documentation/userspace-api/lsm.rst
@@ -57,6 +57,9 @@ Get the security attributes of the current process
.. kernel-doc:: security/lsm_syscalls.c
:identifiers: sys_lsm_get_self_attr
+.. kernel-doc:: security/lsm_syscalls.c
+ :identifiers: sys_lsm_set_self_attr
+
.. kernel-doc:: security/lsm_syscalls.c
:identifiers: sys_lsm_module_list
diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
index 9eb4cb6bbeb1..a9f1ec9942af 100644
--- a/include/linux/syscalls.h
+++ b/include/linux/syscalls.h
@@ -1062,6 +1062,8 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l
asmlinkage long sys_lsm_get_self_attr(struct lsm_ctx *ctx, size_t *size,
int flags);
asmlinkage long sys_lsm_module_list(u32 *ids, size_t *size, int flags);
+asmlinkage long sys_lsm_set_self_attr(struct lsm_ctx *ctx, size_t size,
+ int flags);
/*
* Architecture-specific system calls
diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c
index af1fd28c0420..c3884c1c7339 100644
--- a/kernel/sys_ni.c
+++ b/kernel/sys_ni.c
@@ -265,6 +265,7 @@ COND_SYSCALL(mremap);
/* security/lsm_syscalls.c */
COND_SYSCALL(lsm_get_self_attr);
COND_SYSCALL(lsm_module_list);
+COND_SYSCALL(lsm_set_self_attr);
/* security/keys/keyctl.c */
COND_SYSCALL(add_key);
diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
index 92af1fcaa654..026a86674a1f 100644
--- a/security/lsm_syscalls.c
+++ b/security/lsm_syscalls.c
@@ -181,6 +181,47 @@ SYSCALL_DEFINE3(lsm_get_self_attr,
return rc;
}
+/**
+ * sys_lsm_set_self_attr - Set current task's security module attribute
+ * @ctx: the LSM contexts
+ * @size: size of @ctx
+ * @flags: which attribute to set
+ *
+ * Sets the calling task's LSM context. On success this function
+ * returns 0. If the attribute specified cannot be set a negative
+ * value indicating the reason for the error is returned.
+ */
+SYSCALL_DEFINE3(lsm_set_self_attr,
+ struct lsm_ctx __user *, ctx,
+ size_t, size,
+ u32, flags)
+{
+ int rc = -EINVAL;
+ int attr;
+ void *page;
+ struct lsm_ctx *ip;
+
+ if (size > PAGE_SIZE)
+ return -E2BIG;
+ if (size <= sizeof(*ip))
+ return -EINVAL;
+
+ attr = attr_used_index(flags);
+ if (attr < 0)
+ return attr;
+
+ page = memdup_user(ctx, size);
+ if (IS_ERR(page))
+ return PTR_ERR(page);
+
+ ip = page;
+ if (sizeof(*ip) + ip->ctx_len <= size)
+ rc = security_setprocattr(ip->id, lsm_attr_names[attr].name,
+ ip->ctx, ip->ctx_len);
+ kfree(page);
+ return (rc > 0) ? 0 : rc;
+}
+
/**
* sys_lsm_module_list - Return a list of the active security modules
* @ids: the LSM module ids
--
2.39.0
next prev parent reply other threads:[~2023-01-09 18:14 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20230109180717.58855-1-casey.ref@schaufler-ca.com>
2023-01-09 18:07 ` [PATCH v5 0/8] LSM: Three basic syscalls Casey Schaufler
2023-01-09 18:07 ` [PATCH v5 1/8] LSM: Identify modules by more than name Casey Schaufler
2023-01-11 21:00 ` Paul Moore
2023-01-12 0:05 ` Casey Schaufler
2023-01-12 20:30 ` Paul Moore
2023-01-09 18:07 ` [PATCH v5 2/8] LSM: Maintain a table of LSM attribute data Casey Schaufler
2023-01-11 1:58 ` kernel test robot
2023-01-11 21:01 ` Paul Moore
2023-01-12 0:36 ` Casey Schaufler
2023-01-12 20:26 ` Paul Moore
2023-01-09 18:07 ` [PATCH v5 3/8] proc: Use lsmids instead of lsm names for attrs Casey Schaufler
2023-01-11 21:01 ` Paul Moore
2023-01-12 0:37 ` Casey Schaufler
2023-01-09 18:07 ` [PATCH v5 4/8] LSM: lsm_get_self_attr syscall for LSM self attributes Casey Schaufler
2023-01-11 21:07 ` Paul Moore
2023-01-12 1:37 ` Casey Schaufler
2023-01-12 21:37 ` Paul Moore
2023-01-12 14:40 ` Arnd Bergmann
2023-01-12 21:39 ` Paul Moore
2023-02-14 16:48 ` Mickaël Salaün
2023-02-02 4:53 ` Serge Hallyn (shallyn)
2023-02-14 17:41 ` Mickaël Salaün
2023-02-14 18:06 ` Casey Schaufler
2023-01-09 18:07 ` [PATCH v5 5/8] LSM: Create lsm_module_list system call Casey Schaufler
2023-01-11 0:50 ` kernel test robot
2023-01-11 21:07 ` Paul Moore
2023-01-12 1:39 ` Casey Schaufler
2023-01-12 21:43 ` Paul Moore
2023-01-09 18:07 ` Casey Schaufler [this message]
2023-01-09 18:07 ` [PATCH v5 7/8] LSM: wireup Linux Security Module syscalls Casey Schaufler
2023-01-13 9:31 ` Geert Uytterhoeven
2023-01-09 18:07 ` [PATCH v5 8/8] LSM: selftests for " Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230109180717.58855-7-casey@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=casey.schaufler@intel.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.