Add three system calls for the Linux Security Module ABI. lsm_get_self_attr() provides the security module specific attributes that have previously been visible in the /proc/self/attr directory. For each security module that uses the specified attribute on the current process the system call will return an LSM identifier and the value of the attribute. The LSM and attribute identifier values are defined in include/uapi/linux/lsm.h LSM identifiers are simple integers and reflect the order in which the LSM was added to the mainline kernel. This is a convention, not a promise of the API. LSM identifiers below the value of 100 are reserved for unspecified future uses. That could include information about the security infrastructure itself, or about how multiple LSMs might interact with each other. lsm_module_list() provides the LSM identifiers, in order, of the security modules that are active on the system. This has been available in the securityfs file /sys/kernel/security/lsm. lsm_set_self_attr() changes the specified LSM attribute. Only one attribute can be changed at a time, and then only if the specified security module allows the change. Patch 0001 changes the LSM registration from passing the name of the module to passing a lsm_id structure that contains the name of the module, an LSM identifier number and an attribute identifier. Patch 0002 adds the registered lsm_ids to a table. Patch 0003 changes security_[gs]etprocattr() to use LSM IDs instead of LSM names. Patch 0004 implements lsm_get_self_attr(). Patch 0005 implements lsm_module_list(). Patch 0006 implements lsm_set_self_attr(). Patch 0007 wires up the syscalls. Patch 0008 implements selftests for the three new syscalls. https://github.com/cschaufler/lsm-stacking.git#lsm-syscalls-6.2-rc2-v5 v5: Correct syscall parameter data types. v4: Restore "reserved" LSM ID values. Add explaination. Squash patches that introduce fields in lsm_id. Correct a wireup error. v3: Add lsm_set_self_attr(). Rename lsm_self_attr() to lsm_get_self_attr(). Provide the values only for a specifed attribute in lsm_get_self_attr(). Add selftests for the three new syscalls. Correct some parameter checking. v2: Use user-interface safe data types. Remove "reserved" LSM ID values. Improve kerneldoc comments Include copyright dates Use more descriptive name for LSM counter Add documentation Correct wireup errors Casey Schaufler (8): LSM: Identify modules by more than name LSM: Maintain a table of LSM attribute data proc: Use lsmids instead of lsm names for attrs LSM: lsm_get_self_attr syscall for LSM self attributes LSM: Create lsm_module_list system call LSM: lsm_set_self_attr syscall for LSM self attributes LSM: wireup Linux Security Module syscalls LSM: selftests for Linux Security Module syscalls Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/lsm.rst | 70 ++++ arch/alpha/kernel/syscalls/syscall.tbl | 3 + arch/arm/tools/syscall.tbl | 3 + arch/arm64/include/asm/unistd.h | 2 +- arch/arm64/include/asm/unistd32.h | 6 + arch/ia64/kernel/syscalls/syscall.tbl | 3 + arch/m68k/kernel/syscalls/syscall.tbl | 3 + arch/microblaze/kernel/syscalls/syscall.tbl | 3 + arch/mips/kernel/syscalls/syscall_n32.tbl | 3 + arch/mips/kernel/syscalls/syscall_n64.tbl | 3 + arch/mips/kernel/syscalls/syscall_o32.tbl | 3 + arch/parisc/kernel/syscalls/syscall.tbl | 3 + arch/powerpc/kernel/syscalls/syscall.tbl | 3 + arch/s390/kernel/syscalls/syscall.tbl | 3 + arch/sh/kernel/syscalls/syscall.tbl | 3 + arch/sparc/kernel/syscalls/syscall.tbl | 3 + arch/x86/entry/syscalls/syscall_32.tbl | 3 + arch/x86/entry/syscalls/syscall_64.tbl | 3 + arch/xtensa/kernel/syscalls/syscall.tbl | 3 + fs/proc/base.c | 29 +- fs/proc/internal.h | 2 +- include/linux/lsm_hooks.h | 18 +- include/linux/security.h | 13 +- include/linux/syscalls.h | 6 + include/uapi/asm-generic/unistd.h | 11 +- include/uapi/linux/lsm.h | 76 ++++ kernel/sys_ni.c | 5 + security/Makefile | 1 + security/apparmor/lsm.c | 9 +- security/bpf/hooks.c | 13 +- security/commoncap.c | 8 +- security/landlock/cred.c | 2 +- security/landlock/fs.c | 2 +- security/landlock/ptrace.c | 2 +- security/landlock/setup.c | 6 + security/landlock/setup.h | 1 + security/loadpin/loadpin.c | 9 +- security/lockdown/lockdown.c | 8 +- security/lsm_syscalls.c | 264 ++++++++++++++ security/safesetid/lsm.c | 9 +- security/security.c | 63 +++- security/selinux/hooks.c | 11 +- security/smack/smack_lsm.c | 9 +- security/tomoyo/tomoyo.c | 9 +- security/yama/yama_lsm.c | 8 +- .../arch/mips/entry/syscalls/syscall_n64.tbl | 3 + .../arch/powerpc/entry/syscalls/syscall.tbl | 3 + .../perf/arch/s390/entry/syscalls/syscall.tbl | 3 + .../arch/x86/entry/syscalls/syscall_64.tbl | 3 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/lsm/Makefile | 12 + tools/testing/selftests/lsm/config | 2 + .../selftests/lsm/lsm_get_self_attr_test.c | 268 ++++++++++++++ .../selftests/lsm/lsm_module_list_test.c | 149 ++++++++ .../selftests/lsm/lsm_set_self_attr_test.c | 328 ++++++++++++++++++ 56 files changed, 1438 insertions(+), 55 deletions(-) create mode 100644 Documentation/userspace-api/lsm.rst create mode 100644 include/uapi/linux/lsm.h create mode 100644 security/lsm_syscalls.c create mode 100644 tools/testing/selftests/lsm/Makefile create mode 100644 tools/testing/selftests/lsm/config create mode 100644 tools/testing/selftests/lsm/lsm_get_self_attr_test.c create mode 100644 tools/testing/selftests/lsm/lsm_module_list_test.c create mode 100644 tools/testing/selftests/lsm/lsm_set_self_attr_test.c -- 2.39.0