lsm: use 32-bit compatible data types in LSM syscalls

Change the size parameters in lsm_list_modules(), lsm_set_self_attr()
and lsm_get_self_attr() from size_t to u32. This avoids the need to
have different interfaces for 32 and 64 bit systems.

Cc: stable@vger.kernel.org
Fixes: a04a1198088a ("LSM: syscalls for current process attributes")
Fixes: ad4aff9ec25f ("LSM: Create lsm_list_modules system call")
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reported-and-reviewed-by: Dmitry V. Levin <ldv@strace.io>
[PM: subject and metadata tweaks, syscall.h fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index a8057a3f8de61959838b5ac0bafd5975cdf475e5..334e00efbde45a5fa653cc8d8dc05cf1378a9674 100644 (file)
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -280,9 +280,9 @@ LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb)
 LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry,
         struct inode *inode)
 LSM_HOOK(int, -EOPNOTSUPP, getselfattr, unsigned int attr,
-        struct lsm_ctx __user *ctx, size_t *size, u32 flags)
+        struct lsm_ctx __user *ctx, u32 *size, u32 flags)
 LSM_HOOK(int, -EOPNOTSUPP, setselfattr, unsigned int attr,
-        struct lsm_ctx *ctx, size_t size, u32 flags)
+        struct lsm_ctx *ctx, u32 size, u32 flags)
 LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char *name,
         char **value)
 LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size)

diff --git a/include/linux/security.h b/include/linux/security.h
index f249f5b9a9d754ab5f75203b5a42520fe8ef6132..41a8f667bdfa0ba8d816036cc77b43746b9549a9 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -491,9 +491,9 @@ int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops,
                        unsigned nsops, int alter);
 void security_d_instantiate(struct dentry *dentry, struct inode *inode);
 int security_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx,
-                        size_t __user *size, u32 flags);
+                        u32 __user *size, u32 flags);
 int security_setselfattr(unsigned int attr, struct lsm_ctx __user *ctx,
-                        size_t size, u32 flags);
+                        u32 size, u32 flags);
 int security_getprocattr(struct task_struct *p, int lsmid, const char *name,
                         char **value);
 int security_setprocattr(int lsmid, const char *name, void *value, size_t size);
@@ -507,7 +507,7 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen);
 int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen);
 int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen);
 int security_locked_down(enum lockdown_reason what);
-int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, size_t *uctx_len,
+int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len,
                      void *val, size_t val_len, u64 id, u64 flags);
 #else /* CONFIG_SECURITY */
 
@@ -1478,7 +1478,7 @@ static inline int security_locked_down(enum lockdown_reason what)
        return 0;
 }
 static inline int lsm_fill_user_ctx(struct lsm_ctx __user *uctx,
-                                   size_t *uctx_len, void *val, size_t val_len,
+                                   u32 *uctx_len, void *val, size_t val_len,
                                    u64 id, u64 flags)
 {
        return -EOPNOTSUPP;

diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
index 77eb9b0e768504daa57af63b2eb7c8debd00dfda..e619ac10cd234c024df5d5a0e3cdd168d190bf1f 100644 (file)
--- a/include/linux/syscalls.h
+++ b/include/linux/syscalls.h
@@ -960,10 +960,10 @@ asmlinkage long sys_cachestat(unsigned int fd,
                struct cachestat __user *cstat, unsigned int flags);
 asmlinkage long sys_map_shadow_stack(unsigned long addr, unsigned long size, unsigned int flags);
 asmlinkage long sys_lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx,
-                                     size_t *size, __u32 flags);
+                                     u32 *size, u32 flags);
 asmlinkage long sys_lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx,
-                                     size_t size, __u32 flags);
-asmlinkage long sys_lsm_list_modules(u64 *ids, size_t *size, u32 flags);
+                                     u32 size, u32 flags);
+asmlinkage long sys_lsm_list_modules(u64 *ids, u32 *size, u32 flags);
 
 /*
  * Architecture-specific system calls

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 9a3dcaafb5b1ee20c4d2d5d355d81302ead8d427..cef8c466af80dfd058647a4827c933639bc0772d 100644 (file)
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -779,7 +779,7 @@ static int apparmor_sb_pivotroot(const struct path *old_path,
 }
 
 static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx,
-                               size_t *size, u32 flags)
+                               u32 *size, u32 flags)
 {
        int error = -ENOENT;
        struct aa_task_ctx *ctx = task_ctx(current);
@@ -924,7 +924,7 @@ fail:
 }
 
 static int apparmor_setselfattr(unsigned int attr, struct lsm_ctx *ctx,
-                               size_t size, u32 flags)
+                               u32 size, u32 flags)
 {
        int rc;
 

diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
index 5d391b1f7e6943023286030bfa2123ae3383baa8..8440948a690c98e26b16249f25958f27fc23fc3d 100644 (file)
--- a/security/lsm_syscalls.c
+++ b/security/lsm_syscalls.c
@@ -53,7 +53,7 @@ u64 lsm_name_to_attr(const char *name)
  * value indicating the reason for the error is returned.
  */
 SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *,
-               ctx, size_t, size, u32, flags)
+               ctx, u32, size, u32, flags)
 {
        return security_setselfattr(attr, ctx, size, flags);
 }
@@ -75,7 +75,7 @@ SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *,
  * a negative value indicating the error is returned.
  */
 SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *,
-               ctx, size_t __user *, size, u32, flags)
+               ctx, u32 __user *, size, u32, flags)
 {
        return security_getselfattr(attr, ctx, size, flags);
 }
@@ -93,11 +93,11 @@ SYSCALL_DEFINE4(lsm_get_self_attr, unsigned int, attr, struct lsm_ctx __user *,
  * required size. In all other cases a negative value indicating the
  * error is returned.
  */
-SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, size_t __user *, size,
+SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size,
                u32, flags)
 {
-       size_t total_size = lsm_active_cnt * sizeof(*ids);
-       size_t usize;
+       u32 total_size = lsm_active_cnt * sizeof(*ids);
+       u32 usize;
        int i;
 
        if (flags)

diff --git a/security/security.c b/security/security.c
index a07f43c58d656914ae5fa338a76709874aee3bbd..5b2e0a15377d59ea3b0c473c02f9e2fccaccd025 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -785,7 +785,7 @@ static int lsm_superblock_alloc(struct super_block *sb)
  * Returns 0 on success, -E2BIG if userspace buffer is not large enough,
  * -EFAULT on a copyout error, -ENOMEM if memory can't be allocated.
  */
-int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, size_t *uctx_len,
+int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len,
                      void *val, size_t val_len,
                      u64 id, u64 flags)
 {
@@ -3931,14 +3931,14 @@ EXPORT_SYMBOL(security_d_instantiate);
  * If @size is insufficient to contain the data -E2BIG is returned.
  */
 int security_getselfattr(unsigned int attr, struct lsm_ctx __user *uctx,
-                        size_t __user *size, u32 flags)
+                        u32 __user *size, u32 flags)
 {
        struct security_hook_list *hp;
        struct lsm_ctx lctx = { .id = LSM_ID_UNDEF, };
        u8 __user *base = (u8 __user *)uctx;
-       size_t total = 0;
-       size_t entrysize;
-       size_t left;
+       u32 entrysize;
+       u32 total = 0;
+       u32 left;
        bool toobig = false;
        bool single = false;
        int count = 0;
@@ -4024,7 +4024,7 @@ int security_getselfattr(unsigned int attr, struct lsm_ctx __user *uctx,
  * LSM specific failure.
  */
 int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx,
-                        size_t size, u32 flags)
+                        u32 size, u32 flags)
 {
        struct security_hook_list *hp;
        struct lsm_ctx *lctx;

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 8db4875164aba261321a13b3532b656fd86d58d7..3448454c82d033f7be8a6b942c462c6816360302 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -6559,7 +6559,7 @@ abort_change:
  * There will only ever be one attribute.
  */
 static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx,
-                              size_t *size, u32 flags)
+                              u32 *size, u32 flags)
 {
        int rc;
        char *val = NULL;
@@ -6574,7 +6574,7 @@ static int selinux_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx,
 }
 
 static int selinux_setselfattr(unsigned int attr, struct lsm_ctx *ctx,
-                              size_t size, u32 flags)
+                              u32 size, u32 flags)
 {
        int rc;
 

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 28be26712396db6c0b8a4948a9a4e369563f401a..146667937811bbe86c05a04eefe8abcfffedede3 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -3653,7 +3653,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
  * There will only ever be one attribute.
  */
 static int smack_getselfattr(unsigned int attr, struct lsm_ctx __user *ctx,
-                            size_t *size, u32 flags)
+                            u32 *size, u32 flags)
 {
        int rc;
        struct smack_known *skp;
@@ -3774,7 +3774,7 @@ static int do_setattr(u64 attr, void *value, size_t size)
  * Returns 0 on success, an error code otherwise.
  */
 static int smack_setselfattr(unsigned int attr, struct lsm_ctx *ctx,
-                            size_t size, u32 flags)
+                            u32 size, u32 flags)
 {
        int rc;
 

diff --git a/tools/testing/selftests/lsm/common.h b/tools/testing/selftests/lsm/common.h
index d404329e5eeb7dceb3aa46191e12ff6d4e9e9e1c..06d12110d241b2a838fa079d94f2df563b429bb8 100644 (file)
--- a/tools/testing/selftests/lsm/common.h
+++ b/tools/testing/selftests/lsm/common.h
@@ -7,7 +7,7 @@
 
 #ifndef lsm_get_self_attr
 static inline int lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx,
-                                   size_t *size, __u32 flags)
+                                   __u32 *size, __u32 flags)
 {
        return syscall(__NR_lsm_get_self_attr, attr, ctx, size, flags);
 }
@@ -15,14 +15,14 @@ static inline int lsm_get_self_attr(unsigned int attr, struct lsm_ctx *ctx,
 
 #ifndef lsm_set_self_attr
 static inline int lsm_set_self_attr(unsigned int attr, struct lsm_ctx *ctx,
-                                   size_t size, __u32 flags)
+                                   __u32 size, __u32 flags)
 {
        return syscall(__NR_lsm_set_self_attr, attr, ctx, size, flags);
 }
 #endif
 
 #ifndef lsm_list_modules
-static inline int lsm_list_modules(__u64 *ids, size_t *size, __u32 flags)
+static inline int lsm_list_modules(__u64 *ids, __u32 *size, __u32 flags)
 {
        return syscall(__NR_lsm_list_modules, ids, size, flags);
 }

diff --git a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c
index e0e313d9047a3d9e7fed617124fee7b5f6354029..df215e4aa63fedc7b48dd08dbd038f7be0cff648 100644 (file)
--- a/tools/testing/selftests/lsm/lsm_get_self_attr_test.c
+++ b/tools/testing/selftests/lsm/lsm_get_self_attr_test.c
@@ -40,7 +40,7 @@ TEST(size_null_lsm_get_self_attr)
 TEST(ctx_null_lsm_get_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
-       size_t size = page_size;
+       __u32 size = page_size;
        int rc;
 
        rc = lsm_get_self_attr(LSM_ATTR_CURRENT, NULL, &size, 0);
@@ -57,7 +57,7 @@ TEST(size_too_small_lsm_get_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        struct lsm_ctx *ctx = calloc(page_size, 1);
-       size_t size = 1;
+       __u32 size = 1;
 
        ASSERT_NE(NULL, ctx);
        errno = 0;
@@ -77,7 +77,7 @@ TEST(flags_zero_lsm_get_self_attr)
        const long page_size = sysconf(_SC_PAGESIZE);
        struct lsm_ctx *ctx = calloc(page_size, 1);
        __u64 *syscall_lsms = calloc(page_size, 1);
-       size_t size;
+       __u32 size;
        int lsmcount;
        int i;
 
@@ -117,7 +117,7 @@ TEST(flags_overset_lsm_get_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        struct lsm_ctx *ctx = calloc(page_size, 1);
-       size_t size;
+       __u32 size;
 
        ASSERT_NE(NULL, ctx);
 
@@ -140,7 +140,7 @@ TEST(flags_overset_lsm_get_self_attr)
 TEST(basic_lsm_get_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
-       size_t size = page_size;
+       __u32 size = page_size;
        struct lsm_ctx *ctx = calloc(page_size, 1);
        struct lsm_ctx *tctx = NULL;
        __u64 *syscall_lsms = calloc(page_size, 1);

diff --git a/tools/testing/selftests/lsm/lsm_list_modules_test.c b/tools/testing/selftests/lsm/lsm_list_modules_test.c
index 4d5d4cee25860e94195ea0f5d2f8ddfde2aec57e..06d24d4679a6a8dc5b70f9e86ec0dce3e1888542 100644 (file)
--- a/tools/testing/selftests/lsm/lsm_list_modules_test.c
+++ b/tools/testing/selftests/lsm/lsm_list_modules_test.c
@@ -31,7 +31,7 @@ TEST(size_null_lsm_list_modules)
 TEST(ids_null_lsm_list_modules)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
-       size_t size = page_size;
+       __u32 size = page_size;
 
        errno = 0;
        ASSERT_EQ(-1, lsm_list_modules(NULL, &size, 0));
@@ -43,7 +43,7 @@ TEST(size_too_small_lsm_list_modules)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        __u64 *syscall_lsms = calloc(page_size, 1);
-       size_t size = 1;
+       __u32 size = 1;
 
        ASSERT_NE(NULL, syscall_lsms);
        errno = 0;
@@ -58,7 +58,7 @@ TEST(flags_set_lsm_list_modules)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        __u64 *syscall_lsms = calloc(page_size, 1);
-       size_t size = page_size;
+       __u32 size = page_size;
 
        ASSERT_NE(NULL, syscall_lsms);
        errno = 0;
@@ -72,7 +72,7 @@ TEST(flags_set_lsm_list_modules)
 TEST(correct_lsm_list_modules)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
-       size_t size = page_size;
+       __u32 size = page_size;
        __u64 *syscall_lsms = calloc(page_size, 1);
        char *sysfs_lsms = calloc(page_size, 1);
        char *name;

diff --git a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c
index e9712c6cf596201b5f67760e92f48e72422f6e9a..66dec47e3ca3f985f8947be22196b8a7e96b821e 100644 (file)
--- a/tools/testing/selftests/lsm/lsm_set_self_attr_test.c
+++ b/tools/testing/selftests/lsm/lsm_set_self_attr_test.c
@@ -25,7 +25,7 @@ TEST(size_too_small_lsm_set_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        struct lsm_ctx *ctx = calloc(page_size, 1);
-       size_t size = page_size;
+       __u32 size = page_size;
 
        ASSERT_NE(NULL, ctx);
        if (attr_lsm_count()) {
@@ -41,7 +41,7 @@ TEST(flags_zero_lsm_set_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        struct lsm_ctx *ctx = calloc(page_size, 1);
-       size_t size = page_size;
+       __u32 size = page_size;
 
        ASSERT_NE(NULL, ctx);
        if (attr_lsm_count()) {
@@ -57,7 +57,7 @@ TEST(flags_overset_lsm_set_self_attr)
 {
        const long page_size = sysconf(_SC_PAGESIZE);
        char *ctx = calloc(page_size, 1);
-       size_t size = page_size;
+       __u32 size = page_size;
        struct lsm_ctx *tctx = (struct lsm_ctx *)ctx;
 
        ASSERT_NE(NULL, ctx);