[PATCH v5 4/8] LSM: lsm_get_self_attr syscall for LSM self attributes
Mickaël Salaün
mic at digikod.net
Tue Feb 14 17:41:07 UTC 2023
On 09/01/2023 19:07, Casey Schaufler wrote:
> Create a system call lsm_get_self_attr() to provide the security
> module maintained attributes of the current process. Historically
> these attributes have been exposed to user space via entries in
> procfs under /proc/self/attr.
>
> Attributes are provided as a collection of lsm_ctx structures
> which are placed into a user supplied buffer. Each structure
> identifys the size of the attribute, and the attribute value.
> The format of the attribute value is defined by the security
> module, but will always be \0 terminated. The ctx_len value
> will always be strlen(ctx)+1.
>
> ---------------------------
> | __u32 id |
> ---------------------------
> | __u64 flags |
> ---------------------------
> | __kernel_size_t ctx_len |
> ---------------------------
> | __u8 ctx[ctx_len] |
> ---------------------------
> | __u32 id |
> ---------------------------
> | __u64 flags |
> ---------------------------
> | __kernel_size_t ctx_len |
> ---------------------------
> | __u8 ctx[ctx_len] |
> ---------------------------
>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
> ---
> Documentation/userspace-api/lsm.rst | 9 ++
> include/linux/syscalls.h | 3 +
> include/uapi/linux/lsm.h | 21 ++++
> kernel/sys_ni.c | 3 +
> security/Makefile | 1 +
> security/lsm_syscalls.c | 182 ++++++++++++++++++++++++++++
> 6 files changed, 219 insertions(+)
> create mode 100644 security/lsm_syscalls.c
For new files (e.g. lsm_syscalls.c), it would be nice to auto-format
them with clang-format. It helps maintenance by keeping a consistent
style across commits, which should also help backports, and it avoids
nitpicking on style issues.
More information about the Linux-security-module-archive
mailing list