[PATCH v15 05/11] LSM: Create lsm_list_modules system call
Dmitry V. Levin
ldv at strace.io
Tue Mar 12 10:16:30 UTC 2024
Hi,
On Tue, Sep 12, 2023 at 01:56:50PM -0700, Casey Schaufler wrote:
[...]
> --- a/security/lsm_syscalls.c
> +++ b/security/lsm_syscalls.c
> @@ -55,3 +55,42 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *,
> {
> return security_getselfattr(attr, ctx, size, flags);
> }
> +
> +/**
> + * sys_lsm_list_modules - Return a list of the active security modules
> + * @ids: the LSM module ids
> + * @size: pointer to size of @ids, updated on return
> + * @flags: reserved for future use, must be zero
> + *
> + * Returns a list of the active LSM ids. On success this function
> + * returns the number of @ids array elements. This value may be zero
> + * if there are no LSMs active. If @size is insufficient to contain
> + * the return data -E2BIG is returned and @size is set to the minimum
> + * required size. In all other cases a negative value indicating the
> + * error is returned.
> + */
> +SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size,
> + u32, flags)
I'm sorry but the size of userspace size_t is different from the kernel one
on 32-bit compat architectures.
Looks like there has to be a COMPAT_SYSCALL_DEFINE3(lsm_list_modules, ...)
now. Other two added lsm syscalls also have this issue.
--
ldv
More information about the Linux-security-module-archive
mailing list