[PATCH v4 7/20] lsm: Refactor return value of LSM hook setprocattr
Xu Kuohai
xukuohai at huaweicloud.com
Sat Jul 20 09:31:44 UTC 2024
On 7/19/2024 10:08 AM, Paul Moore wrote:
> On Jul 11, 2024 Xu Kuohai <xukuohai at huaweicloud.com> wrote:
>>
>> To be consistent with most LSM hooks, convert the return value of
>> hook setprocattr to 0 or a negative error code.
>>
>> Before:
>> - Hook setprocattr returns the number of bytes written on success
>> or a negative error code on failure.
>>
>> After:
>> - Hook setprocattr returns 0 on success or a negative error code
>> on failure. An output parameter @wbytes is introduced to hold
>> the number of bytes written on success.
>>
>> Signed-off-by: Xu Kuohai <xukuohai at huawei.com>
>> ---
>> fs/proc/base.c | 5 +++--
>> include/linux/lsm_hook_defs.h | 3 ++-
>> include/linux/security.h | 5 +++--
>> security/apparmor/lsm.c | 10 +++++++---
>> security/security.c | 8 +++++---
>> security/selinux/hooks.c | 11 ++++++++---
>> security/smack/smack_lsm.c | 14 ++++++++++----
>> 7 files changed, 38 insertions(+), 18 deletions(-)
>
> The security_setprocattr() hook is another odd case that we probably
> just want to leave alone for two reasons:
>
> 1. With the move to LSM syscalls for getting/setting a task's LSM
> attributes we are "freezing" the procfs API and not adding any new
> entries to it.
>
> 2. The BPF LSM doesn't currently register any procfs entries.
>
> I'd suggest leaving security_setprocattr() as-is and blocking it in
> the BPF verifier, I can't see any reason why a BPF LSM would need
> this hook.
>
OK, I'll drop this patch in the next version.
More information about the Linux-security-module-archive
mailing list