[PATCH v5 4/8] LSM: lsm_get_self_attr syscall for LSM self attributes

Arnd Bergmann arnd at arndb.de
Thu Jan 12 14:40:00 UTC 2023


On Mon, Jan 9, 2023, at 19:07, Casey Schaufler wrote:
> +/**
> + * struct lsm_ctx - LSM context
> + * @id: the LSM id number, see LSM_ID_XXX
> + * @flags: context specifier and LSM specific flags
> + * @ctx_len: the size of @ctx
> + * @ctx: the LSM context, a nul terminated string
> + *
> + * @ctx in a nul terminated string.
> + *	(strlen(@ctx) < @ctx_len) is always true.
> + *	(strlen(@ctx) == @ctx_len + 1) is not guaranteed.
> + */
> +struct lsm_ctx {
> +	__u32		id;
> +	__u64		flags;
> +	__kernel_size_t	ctx_len;
> +	__u8		ctx[];
> +};

I think this should be changed to be the same layout on
all architectures regardless of __u64 alignment and
sizeof(__kernel_size_t) differences, to avoid the need
for compat syscalls and explicit clearing of the
internal padding.

Maybe just use __u64 fields for all three integers?

     Arnd



More information about the Linux-security-module-archive mailing list