From 28d9ac763d53923f0304a940e2692b52c71fe2a1 Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Sun, 23 Sep 2018 20:30:20 +0200 Subject: sys/linux: add lsm attrs and xattrs Add descriptions for /proc/self/attr/* and known lsm file xattrs. --- executor/defs.h | 10 +++--- executor/syscalls.h | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 105 insertions(+), 5 deletions(-) (limited to 'executor') diff --git a/executor/defs.h b/executor/defs.h index 5fe02b62c..3644253d3 100644 --- a/executor/defs.h +++ b/executor/defs.h @@ -60,7 +60,7 @@ #if GOARCH_386 #define GOARCH "386" -#define SYZ_REVISION "2fd84bb864ea5ef7af45661663649a9cfe185cb1" +#define SYZ_REVISION "cc69e61db7f0fdef320b108544ef8237898c9de9" #define SYZ_EXECUTOR_USES_FORK_SERVER 1 #define SYZ_EXECUTOR_USES_SHMEM 1 #define SYZ_PAGE_SIZE 4096 @@ -70,7 +70,7 @@ #if GOARCH_amd64 #define GOARCH "amd64" -#define SYZ_REVISION "b240c0ef02e6c8ad382698d812a82851dc5ab975" +#define SYZ_REVISION "e1bf70e619aed79fe30f6e640f8c38dd1f01ffcd" #define SYZ_EXECUTOR_USES_FORK_SERVER 1 #define SYZ_EXECUTOR_USES_SHMEM 1 #define SYZ_PAGE_SIZE 4096 @@ -80,7 +80,7 @@ #if GOARCH_arm #define GOARCH "arm" -#define SYZ_REVISION "73f0477f8dbfa4eb728760164a7274f33cea0dfa" +#define SYZ_REVISION "f9a35b6ece17e40876334f4c679195e5e1e83fb6" #define SYZ_EXECUTOR_USES_FORK_SERVER 1 #define SYZ_EXECUTOR_USES_SHMEM 1 #define SYZ_PAGE_SIZE 4096 @@ -90,7 +90,7 @@ #if GOARCH_arm64 #define GOARCH "arm64" -#define SYZ_REVISION "c5dd9010dd5dbf13993a31a250918f03349f27f7" +#define SYZ_REVISION "cca85f28570e8e8ce8313deaafe85b4342f32f50" #define SYZ_EXECUTOR_USES_FORK_SERVER 1 #define SYZ_EXECUTOR_USES_SHMEM 1 #define SYZ_PAGE_SIZE 4096 @@ -100,7 +100,7 @@ #if GOARCH_ppc64le #define GOARCH "ppc64le" -#define SYZ_REVISION "b34fcb6fb59e9bfca3e7daa3f497a2364e1a722a" +#define SYZ_REVISION "89ae7c21d4813ae4b2d434f72bb1fa1f37176ec1" #define SYZ_EXECUTOR_USES_FORK_SERVER 1 #define SYZ_EXECUTOR_USES_SHMEM 1 #define SYZ_PAGE_SIZE 4096 diff --git a/executor/syscalls.h b/executor/syscalls.h index 61fff2ddd..33898a8bf 100644 --- a/executor/syscalls.h +++ b/executor/syscalls.h @@ -1395,6 +1395,9 @@ const call_t syscalls[] = { {"flock", 143}, {"fremovexattr", 237}, {"fsetxattr", 228}, + {"fsetxattr$security_selinux", 228}, + {"fsetxattr$security_smack_entry", 228}, + {"fsetxattr$security_smack_transmute", 228}, {"fsetxattr$system_posix_acl", 228}, {"fsetxattr$trusted_overlay_nlink", 228}, {"fsetxattr$trusted_overlay_opaque", 228}, @@ -2554,6 +2557,9 @@ const call_t syscalls[] = { {"lremovexattr", 236}, {"lseek", 19}, {"lsetxattr", 227}, + {"lsetxattr$security_selinux", 227}, + {"lsetxattr$security_smack_entry", 227}, + {"lsetxattr$security_smack_transmute", 227}, {"lsetxattr$system_posix_acl", 227}, {"lsetxattr$trusted_overlay_nlink", 227}, {"lsetxattr$trusted_overlay_opaque", 227}, @@ -2614,6 +2620,10 @@ const call_t syscalls[] = { {"open$dir", 5}, {"open_by_handle_at", 342}, {"openat", 295}, + {"openat$apparmor_task_current", 295}, + {"openat$apparmor_task_exec", 295}, + {"openat$apparmor_thread_current", 295}, + {"openat$apparmor_thread_exec", 295}, {"openat$ashmem", 295}, {"openat$audio", 295}, {"openat$autofs", 295}, @@ -2655,6 +2665,7 @@ const call_t syscalls[] = { {"openat$rfkill", 295}, {"openat$rtc", 295}, {"openat$selinux_access", 295}, + {"openat$selinux_attr", 295}, {"openat$selinux_avc_cache_stats", 295}, {"openat$selinux_avc_cache_threshold", 295}, {"openat$selinux_avc_hash_stats", 295}, @@ -2673,6 +2684,8 @@ const call_t syscalls[] = { {"openat$selinux_validatetrans", 295}, {"openat$sequencer", 295}, {"openat$sequencer2", 295}, + {"openat$smack_task_current", 295}, + {"openat$smack_thread_current", 295}, {"openat$snapshot", 295}, {"openat$sr", 295}, {"openat$sw_sync", 295}, @@ -3114,6 +3127,9 @@ const call_t syscalls[] = { {"setsockopt$sock_void", 366}, {"setuid", 23}, {"setxattr", 226}, + {"setxattr$security_selinux", 226}, + {"setxattr$security_smack_entry", 226}, + {"setxattr$security_smack_transmute", 226}, {"setxattr$system_posix_acl", 226}, {"setxattr$trusted_overlay_nlink", 226}, {"setxattr$trusted_overlay_opaque", 226}, @@ -3401,6 +3417,8 @@ const call_t syscalls[] = { {"write$USERIO_CMD_REGISTER", 4}, {"write$USERIO_CMD_SEND_INTERRUPT", 4}, {"write$USERIO_CMD_SET_PORT_TYPE", 4}, + {"write$apparmor_current", 4}, + {"write$apparmor_exec", 4}, {"write$binfmt_aout", 4}, {"write$binfmt_elf32", 4}, {"write$binfmt_elf64", 4}, @@ -3415,11 +3433,13 @@ const call_t syscalls[] = { {"write$input_event", 4}, {"write$nbd", 4}, {"write$selinux_access", 4}, + {"write$selinux_attr", 4}, {"write$selinux_context", 4}, {"write$selinux_create", 4}, {"write$selinux_load", 4}, {"write$selinux_user", 4}, {"write$selinux_validatetrans", 4}, + {"write$smack_current", 4}, {"write$sndseq", 4}, {"write$tun", 4}, {"write$uinput_user_dev", 4}, @@ -3595,6 +3615,9 @@ const call_t syscalls[] = { {"flock", 73}, {"fremovexattr", 199}, {"fsetxattr", 190}, + {"fsetxattr$security_selinux", 190}, + {"fsetxattr$security_smack_entry", 190}, + {"fsetxattr$security_smack_transmute", 190}, {"fsetxattr$system_posix_acl", 190}, {"fsetxattr$trusted_overlay_nlink", 190}, {"fsetxattr$trusted_overlay_opaque", 190}, @@ -4758,6 +4781,9 @@ const call_t syscalls[] = { {"lremovexattr", 198}, {"lseek", 8}, {"lsetxattr", 189}, + {"lsetxattr$security_selinux", 189}, + {"lsetxattr$security_smack_entry", 189}, + {"lsetxattr$security_smack_transmute", 189}, {"lsetxattr$system_posix_acl", 189}, {"lsetxattr$trusted_overlay_nlink", 189}, {"lsetxattr$trusted_overlay_opaque", 189}, @@ -4828,6 +4854,10 @@ const call_t syscalls[] = { {"open$dir", 2}, {"open_by_handle_at", 304}, {"openat", 257}, + {"openat$apparmor_task_current", 257}, + {"openat$apparmor_task_exec", 257}, + {"openat$apparmor_thread_current", 257}, + {"openat$apparmor_thread_exec", 257}, {"openat$ashmem", 257}, {"openat$audio", 257}, {"openat$autofs", 257}, @@ -4869,6 +4899,7 @@ const call_t syscalls[] = { {"openat$rfkill", 257}, {"openat$rtc", 257}, {"openat$selinux_access", 257}, + {"openat$selinux_attr", 257}, {"openat$selinux_avc_cache_stats", 257}, {"openat$selinux_avc_cache_threshold", 257}, {"openat$selinux_avc_hash_stats", 257}, @@ -4887,6 +4918,8 @@ const call_t syscalls[] = { {"openat$selinux_validatetrans", 257}, {"openat$sequencer", 257}, {"openat$sequencer2", 257}, + {"openat$smack_task_current", 257}, + {"openat$smack_thread_current", 257}, {"openat$snapshot", 257}, {"openat$sr", 257}, {"openat$sw_sync", 257}, @@ -5344,6 +5377,9 @@ const call_t syscalls[] = { {"setsockopt$sock_void", 54}, {"setuid", 105}, {"setxattr", 188}, + {"setxattr$security_selinux", 188}, + {"setxattr$security_smack_entry", 188}, + {"setxattr$security_smack_transmute", 188}, {"setxattr$system_posix_acl", 188}, {"setxattr$trusted_overlay_nlink", 188}, {"setxattr$trusted_overlay_opaque", 188}, @@ -5643,6 +5679,8 @@ const call_t syscalls[] = { {"write$USERIO_CMD_REGISTER", 1}, {"write$USERIO_CMD_SEND_INTERRUPT", 1}, {"write$USERIO_CMD_SET_PORT_TYPE", 1}, + {"write$apparmor_current", 1}, + {"write$apparmor_exec", 1}, {"write$binfmt_aout", 1}, {"write$binfmt_elf32", 1}, {"write$binfmt_elf64", 1}, @@ -5657,11 +5695,13 @@ const call_t syscalls[] = { {"write$input_event", 1}, {"write$nbd", 1}, {"write$selinux_access", 1}, + {"write$selinux_attr", 1}, {"write$selinux_context", 1}, {"write$selinux_create", 1}, {"write$selinux_load", 1}, {"write$selinux_user", 1}, {"write$selinux_validatetrans", 1}, + {"write$smack_current", 1}, {"write$sndseq", 1}, {"write$tun", 1}, {"write$uinput_user_dev", 1}, @@ -5834,6 +5874,9 @@ const call_t syscalls[] = { {"flock", 143}, {"fremovexattr", 237}, {"fsetxattr", 228}, + {"fsetxattr$security_selinux", 228}, + {"fsetxattr$security_smack_entry", 228}, + {"fsetxattr$security_smack_transmute", 228}, {"fsetxattr$system_posix_acl", 228}, {"fsetxattr$trusted_overlay_nlink", 228}, {"fsetxattr$trusted_overlay_opaque", 228}, @@ -6965,6 +7008,9 @@ const call_t syscalls[] = { {"lremovexattr", 236}, {"lseek", 19}, {"lsetxattr", 227}, + {"lsetxattr$security_selinux", 227}, + {"lsetxattr$security_smack_entry", 227}, + {"lsetxattr$security_smack_transmute", 227}, {"lsetxattr$system_posix_acl", 227}, {"lsetxattr$trusted_overlay_nlink", 227}, {"lsetxattr$trusted_overlay_opaque", 227}, @@ -7030,6 +7076,10 @@ const call_t syscalls[] = { {"open$dir", 5}, {"open_by_handle_at", 371}, {"openat", 322}, + {"openat$apparmor_task_current", 322}, + {"openat$apparmor_task_exec", 322}, + {"openat$apparmor_thread_current", 322}, + {"openat$apparmor_thread_exec", 322}, {"openat$ashmem", 322}, {"openat$audio", 322}, {"openat$autofs", 322}, @@ -7071,6 +7121,7 @@ const call_t syscalls[] = { {"openat$rfkill", 322}, {"openat$rtc", 322}, {"openat$selinux_access", 322}, + {"openat$selinux_attr", 322}, {"openat$selinux_avc_cache_stats", 322}, {"openat$selinux_avc_cache_threshold", 322}, {"openat$selinux_avc_hash_stats", 322}, @@ -7089,6 +7140,8 @@ const call_t syscalls[] = { {"openat$selinux_validatetrans", 322}, {"openat$sequencer", 322}, {"openat$sequencer2", 322}, + {"openat$smack_task_current", 322}, + {"openat$smack_thread_current", 322}, {"openat$snapshot", 322}, {"openat$sr", 322}, {"openat$sw_sync", 322}, @@ -7545,6 +7598,9 @@ const call_t syscalls[] = { {"setsockopt$sock_void", 294}, {"setuid", 23}, {"setxattr", 226}, + {"setxattr$security_selinux", 226}, + {"setxattr$security_smack_entry", 226}, + {"setxattr$security_smack_transmute", 226}, {"setxattr$system_posix_acl", 226}, {"setxattr$trusted_overlay_nlink", 226}, {"setxattr$trusted_overlay_opaque", 226}, @@ -7841,6 +7897,8 @@ const call_t syscalls[] = { {"write$USERIO_CMD_REGISTER", 4}, {"write$USERIO_CMD_SEND_INTERRUPT", 4}, {"write$USERIO_CMD_SET_PORT_TYPE", 4}, + {"write$apparmor_current", 4}, + {"write$apparmor_exec", 4}, {"write$binfmt_aout", 4}, {"write$binfmt_elf32", 4}, {"write$binfmt_elf64", 4}, @@ -7855,11 +7913,13 @@ const call_t syscalls[] = { {"write$input_event", 4}, {"write$nbd", 4}, {"write$selinux_access", 4}, + {"write$selinux_attr", 4}, {"write$selinux_context", 4}, {"write$selinux_create", 4}, {"write$selinux_load", 4}, {"write$selinux_user", 4}, {"write$selinux_validatetrans", 4}, + {"write$smack_current", 4}, {"write$sndseq", 4}, {"write$tun", 4}, {"write$uinput_user_dev", 4}, @@ -8026,6 +8086,9 @@ const call_t syscalls[] = { {"flock", 32}, {"fremovexattr", 16}, {"fsetxattr", 7}, + {"fsetxattr$security_selinux", 7}, + {"fsetxattr$security_smack_entry", 7}, + {"fsetxattr$security_smack_transmute", 7}, {"fsetxattr$system_posix_acl", 7}, {"fsetxattr$trusted_overlay_nlink", 7}, {"fsetxattr$trusted_overlay_opaque", 7}, @@ -9157,6 +9220,9 @@ const call_t syscalls[] = { {"lremovexattr", 15}, {"lseek", 62}, {"lsetxattr", 6}, + {"lsetxattr$security_selinux", 6}, + {"lsetxattr$security_smack_entry", 6}, + {"lsetxattr$security_smack_transmute", 6}, {"lsetxattr$system_posix_acl", 6}, {"lsetxattr$trusted_overlay_nlink", 6}, {"lsetxattr$trusted_overlay_opaque", 6}, @@ -9217,6 +9283,10 @@ const call_t syscalls[] = { {"nanosleep", 101}, {"open_by_handle_at", 265}, {"openat", 56}, + {"openat$apparmor_task_current", 56}, + {"openat$apparmor_task_exec", 56}, + {"openat$apparmor_thread_current", 56}, + {"openat$apparmor_thread_exec", 56}, {"openat$ashmem", 56}, {"openat$audio", 56}, {"openat$autofs", 56}, @@ -9258,6 +9328,7 @@ const call_t syscalls[] = { {"openat$rfkill", 56}, {"openat$rtc", 56}, {"openat$selinux_access", 56}, + {"openat$selinux_attr", 56}, {"openat$selinux_avc_cache_stats", 56}, {"openat$selinux_avc_cache_threshold", 56}, {"openat$selinux_avc_hash_stats", 56}, @@ -9276,6 +9347,8 @@ const call_t syscalls[] = { {"openat$selinux_validatetrans", 56}, {"openat$sequencer", 56}, {"openat$sequencer2", 56}, + {"openat$smack_task_current", 56}, + {"openat$smack_thread_current", 56}, {"openat$snapshot", 56}, {"openat$sr", 56}, {"openat$sw_sync", 56}, @@ -9725,6 +9798,9 @@ const call_t syscalls[] = { {"setsockopt$sock_void", 208}, {"setuid", 146}, {"setxattr", 5}, + {"setxattr$security_selinux", 5}, + {"setxattr$security_smack_entry", 5}, + {"setxattr$security_smack_transmute", 5}, {"setxattr$system_posix_acl", 5}, {"setxattr$trusted_overlay_nlink", 5}, {"setxattr$trusted_overlay_opaque", 5}, @@ -10012,6 +10088,8 @@ const call_t syscalls[] = { {"write$USERIO_CMD_REGISTER", 64}, {"write$USERIO_CMD_SEND_INTERRUPT", 64}, {"write$USERIO_CMD_SET_PORT_TYPE", 64}, + {"write$apparmor_current", 64}, + {"write$apparmor_exec", 64}, {"write$binfmt_aout", 64}, {"write$binfmt_elf32", 64}, {"write$binfmt_elf64", 64}, @@ -10026,11 +10104,13 @@ const call_t syscalls[] = { {"write$input_event", 64}, {"write$nbd", 64}, {"write$selinux_access", 64}, + {"write$selinux_attr", 64}, {"write$selinux_context", 64}, {"write$selinux_create", 64}, {"write$selinux_load", 64}, {"write$selinux_user", 64}, {"write$selinux_validatetrans", 64}, + {"write$smack_current", 64}, {"write$sndseq", 64}, {"write$tun", 64}, {"write$uinput_user_dev", 64}, @@ -10205,6 +10285,9 @@ const call_t syscalls[] = { {"flock", 143}, {"fremovexattr", 220}, {"fsetxattr", 211}, + {"fsetxattr$security_selinux", 211}, + {"fsetxattr$security_smack_entry", 211}, + {"fsetxattr$security_smack_transmute", 211}, {"fsetxattr$system_posix_acl", 211}, {"fsetxattr$trusted_overlay_nlink", 211}, {"fsetxattr$trusted_overlay_opaque", 211}, @@ -11226,6 +11309,9 @@ const call_t syscalls[] = { {"lremovexattr", 219}, {"lseek", 19}, {"lsetxattr", 210}, + {"lsetxattr$security_selinux", 210}, + {"lsetxattr$security_smack_entry", 210}, + {"lsetxattr$security_smack_transmute", 210}, {"lsetxattr$system_posix_acl", 210}, {"lsetxattr$trusted_overlay_nlink", 210}, {"lsetxattr$trusted_overlay_opaque", 210}, @@ -11286,6 +11372,10 @@ const call_t syscalls[] = { {"open$dir", 5}, {"open_by_handle_at", 346}, {"openat", 286}, + {"openat$apparmor_task_current", 286}, + {"openat$apparmor_task_exec", 286}, + {"openat$apparmor_thread_current", 286}, + {"openat$apparmor_thread_exec", 286}, {"openat$ashmem", 286}, {"openat$audio", 286}, {"openat$autofs", 286}, @@ -11327,6 +11417,7 @@ const call_t syscalls[] = { {"openat$rfkill", 286}, {"openat$rtc", 286}, {"openat$selinux_access", 286}, + {"openat$selinux_attr", 286}, {"openat$selinux_avc_cache_stats", 286}, {"openat$selinux_avc_cache_threshold", 286}, {"openat$selinux_avc_hash_stats", 286}, @@ -11345,6 +11436,8 @@ const call_t syscalls[] = { {"openat$selinux_validatetrans", 286}, {"openat$sequencer", 286}, {"openat$sequencer2", 286}, + {"openat$smack_task_current", 286}, + {"openat$smack_thread_current", 286}, {"openat$snapshot", 286}, {"openat$sr", 286}, {"openat$sw_sync", 286}, @@ -11784,6 +11877,9 @@ const call_t syscalls[] = { {"setsockopt$sock_void", 339}, {"setuid", 23}, {"setxattr", 209}, + {"setxattr$security_selinux", 209}, + {"setxattr$security_smack_entry", 209}, + {"setxattr$security_smack_transmute", 209}, {"setxattr$system_posix_acl", 209}, {"setxattr$trusted_overlay_nlink", 209}, {"setxattr$trusted_overlay_opaque", 209}, @@ -12070,6 +12166,8 @@ const call_t syscalls[] = { {"write$USERIO_CMD_REGISTER", 4}, {"write$USERIO_CMD_SEND_INTERRUPT", 4}, {"write$USERIO_CMD_SET_PORT_TYPE", 4}, + {"write$apparmor_current", 4}, + {"write$apparmor_exec", 4}, {"write$binfmt_aout", 4}, {"write$binfmt_elf32", 4}, {"write$binfmt_elf64", 4}, @@ -12084,11 +12182,13 @@ const call_t syscalls[] = { {"write$input_event", 4}, {"write$nbd", 4}, {"write$selinux_access", 4}, + {"write$selinux_attr", 4}, {"write$selinux_context", 4}, {"write$selinux_create", 4}, {"write$selinux_load", 4}, {"write$selinux_user", 4}, {"write$selinux_validatetrans", 4}, + {"write$smack_current", 4}, {"write$sndseq", 4}, {"write$tun", 4}, {"write$uinput_user_dev", 4}, -- cgit mrf-deployment