LSM stacking in next for 6.1?

Fri Sep 2 23:57:24 UTC 2022

On 9/2/2022 4:14 PM, Casey Schaufler wrote:
> On 9/2/2022 2:30 PM, Paul Moore wrote:
> ...
>> I think it's time to think about a proper set of LSM syscalls.
> At the very least we need a liblsm that preforms a number of useful
> functions

Which would include at least these. I used a different prefix so as
to avoid confusion with Paul's proposal. As these aren't syscalls they
may allocate memory. All can be done today.

struct lsm_context {
	char *lsm;	/* security module name */
	char *context;	/* value for this security module */
};

struct lsm_contexts {
	int count;
	struct lsm_context contexts[];	/* I think this is ok these days */
}

/*
 * lsm_self_contexts - get the security context of this process
 *
 * Returns an allocated lsm_contexts structure, or NULL on error.
 */
struct lsm_contexts *lsm_self_contexts(void)

/*
 * lsm_pid_contexts - get the security context of a process
 * @pid: process id of interest
 *
 * Returns an allocated lsm_contexts structure, or NULL on error.
 */
strcut lsm_contexts *lsm_pid_contexts(int pid)

/*
 * lsm_get_path_contexts - get the security context of a file
 * @path: path of interest
 *
 * Returns an allocated lsm_contexts structure, or NULL on error.
 */
struct lsm_contexts *lsm_get_path_contexts(char *path)

/*
 * lsm_set_path_contexts - set the security context of a file
 * @path: path of interest
 * @ctx: the context
 *
 * Note: needs to have deterministic behavior if 1st entry can be set
 * but 2nd can't.
 *
 * Returns 0 on success, a security module specific error on failure.
 */
int lsm_set_path_contexts(char *path, struct *lsm_contexts)

/*
 * lsm_free_contexts - free a lsm_contexts structure.
 */
void lsm_free_contexts(struct *lsm_contexts)

Also needs interfaces for SO_PEERSEC and SYSVIPC.