From: Martin Cermak Date: Tue, 16 Dec 2025 08:52:29 +0000 (+0100) Subject: Wrap new lsm_list_modules syscall X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;p=thirdparty%2Fvalgrind.git Wrap new lsm_list_modules syscall The lsm_list_modules syscall returns a list of the active LSM ids. On success this function returns the number of @ids array elements. This value may be zero if there are no LSMs active. If @size is insufficient to contain the return data -E2BIG is returned and @size is set to the minimum required size. In all other cases a negative value indicating the error is returned. SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size, u32, flags) Declare lsm_list_modules wrappers in priv_syswrap-linux.h and hook it for {amd64,arm,arm64,mips64,ppc32,ppc64,riscv64,s390x,x86}-linux. https://bugs.kde.org/show_bug.cgi?id=513257 --- diff --git a/NEWS b/NEWS index 51ba3e940..53768ece3 100644 --- a/NEWS +++ b/NEWS @@ -45,6 +45,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 512030 s390x: bfp-convert testcase fails 512037 malloc trace does not print free size or alignment 512571 regtest problems with darwin dsymuti +513257 Add missing syswraps for lsm_list_modules To see details of a given bug, visit https://bugs.kde.org/show_bug.cgi?id=XXXXXX diff --git a/coregrind/m_syswrap/priv_syswrap-linux.h b/coregrind/m_syswrap/priv_syswrap-linux.h index b02701d27..f4d3f8a7a 100644 --- a/coregrind/m_syswrap/priv_syswrap-linux.h +++ b/coregrind/m_syswrap/priv_syswrap-linux.h @@ -374,6 +374,7 @@ DECL_TEMPLATE(linux, sys_statmount); DECL_TEMPLATE(linux, sys_mseal); DECL_TEMPLATE(linux, sys_lsm_get_self_attr); DECL_TEMPLATE(linux, sys_lsm_set_self_attr); +DECL_TEMPLATE(linux, sys_lsm_list_modules); // Since Linux 6.17-rc1 DECL_TEMPLATE(linux, sys_file_getattr); diff --git a/coregrind/m_syswrap/syswrap-amd64-linux.c b/coregrind/m_syswrap/syswrap-amd64-linux.c index 0a05d7cb5..ab24a2e8f 100644 --- a/coregrind/m_syswrap/syswrap-amd64-linux.c +++ b/coregrind/m_syswrap/syswrap-amd64-linux.c @@ -911,6 +911,7 @@ static SyscallTableEntry syscall_table[] = { LINXY(__NR_listmount, sys_listmount), // 458 LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY(__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_(__NR_mseal, sys_mseal), // 462 LINXY(__NR_file_getattr, sys_file_getattr), // 468 LINX_(__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-arm-linux.c b/coregrind/m_syswrap/syswrap-arm-linux.c index e923bee9c..73e5ef1a7 100644 --- a/coregrind/m_syswrap/syswrap-arm-linux.c +++ b/coregrind/m_syswrap/syswrap-arm-linux.c @@ -1081,6 +1081,7 @@ static SyscallTableEntry syscall_main_table[] = { LINXY(__NR_listmount, sys_listmount), // 458 LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY(__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_(__NR_mseal, sys_mseal), // 462 LINXY(__NR_file_getattr, sys_file_getattr), // 468 LINX_(__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-arm64-linux.c b/coregrind/m_syswrap/syswrap-arm64-linux.c index 9b6e05dbc..71d16739c 100644 --- a/coregrind/m_syswrap/syswrap-arm64-linux.c +++ b/coregrind/m_syswrap/syswrap-arm64-linux.c @@ -862,6 +862,7 @@ static SyscallTableEntry syscall_main_table[] = { LINXY(__NR_listmount, sys_listmount), // 458 LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY(__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_(__NR_mseal, sys_mseal), // 462 LINXY(__NR_file_getattr, sys_file_getattr), // 468 LINX_(__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 7186cf0c4..10e63348d 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -4676,6 +4676,28 @@ PRE(sys_lsm_set_self_attr) PRE_MEM_READ("lsm_get_self_attr(ctx)", ARG2, ARG3); } +PRE(sys_lsm_list_modules) +{ + // * sys_lsm_list_modules - Return a list of the active security modules + // * @ids: the LSM module ids + // * @size: pointer to size of @ids, updated on return + // * @flags: reserved for future use, must be zero + // SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size, + // u32, flags) + PRINT("sys_lsm_list_modules ( %#" FMT_REGWORD "x, %" FMT_REGWORD "u, %#" FMT_REGWORD "x)", ARG1, ARG2, ARG3); + PRE_REG_READ3(long, "lsm_list_modules", __vki_u64 *, ids, __vki_u32 *, size, __vki_u32, flags); + PRE_MEM_READ("lsm_list_modules(size)", ARG2, sizeof(__vki_u32)); + if (ML_(safe_to_deref)((__vki_u32 *)ARG2,sizeof(__vki_u32))) + PRE_MEM_READ("lsm_list_modules(ids)", ARG1, *(__vki_u32 *)ARG2); +} + +POST(sys_lsm_list_modules) +{ + // No need to POST_MEM_WRITE((Addr)ARG2, sizeof(__vki_u32)); + // per https://bugs.kde.org/show_bug.cgi?id=513257#c4 + POST_MEM_WRITE(ARG1, *(__vki_u32 *)ARG2); +} + PRE(sys_syncfs) { *flags |= SfMayBlock; diff --git a/coregrind/m_syswrap/syswrap-mips32-linux.c b/coregrind/m_syswrap/syswrap-mips32-linux.c index 43c9b861d..3854c2871 100644 --- a/coregrind/m_syswrap/syswrap-mips32-linux.c +++ b/coregrind/m_syswrap/syswrap-mips32-linux.c @@ -1190,6 +1190,7 @@ static SyscallTableEntry syscall_main_table[] = { LINXY(__NR_listmount, sys_listmount), // 458 LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY(__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_(__NR_mseal, sys_mseal), // 462 LINXY(__NR_file_getattr, sys_file_getattr), // 468 LINX_(__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-mips64-linux.c b/coregrind/m_syswrap/syswrap-mips64-linux.c index d78e59842..71adfcc68 100644 --- a/coregrind/m_syswrap/syswrap-mips64-linux.c +++ b/coregrind/m_syswrap/syswrap-mips64-linux.c @@ -797,8 +797,9 @@ static SyscallTableEntry syscall_main_table[] = { LINXY (__NR_userfaultfd, sys_userfaultfd), LINXY (__NR_statmount, sys_statmount), LINXY (__NR_listmount, sys_listmount), - LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), - LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), + LINXY (__NR_lsm_get_self_attr, sys_lsm_get_self_attr), + LINX_ (__NR_lsm_set_self_attr, sys_lsm_set_self_attr), + LINXY (__NR_lsm_list_modules, sys_lsm_list_modules), LINX_ (__NR_mseal, sys_mseal), LINX_ (__NR_futex_waitv, sys_futex_waitv), LINXY (__NR_quotactl_fd, sys_quotactl_fd), diff --git a/coregrind/m_syswrap/syswrap-nanomips-linux.c b/coregrind/m_syswrap/syswrap-nanomips-linux.c index e5c642572..1a2de9158 100644 --- a/coregrind/m_syswrap/syswrap-nanomips-linux.c +++ b/coregrind/m_syswrap/syswrap-nanomips-linux.c @@ -823,8 +823,9 @@ static SyscallTableEntry syscall_main_table[] = { LINX_ (__NR_fchmodat2, sys_fchmodat2), LINXY (__NR_statmount, sys_statmount), LINXY (__NR_listmount, sys_listmount), - LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), - LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), + LINXY (__NR_lsm_get_self_attr, sys_lsm_get_self_attr), + LINX_ (__NR_lsm_set_self_attr, sys_lsm_set_self_attr), + LINXY (__NR_lsm_list_modules, sys_lsm_list_modules), LINX_ (__NR_mseal, sys_mseal), LINX_ (__NR_futex_waitv, sys_futex_waitv), LINXY (__NR_file_getattr, sys_file_getattr), diff --git a/coregrind/m_syswrap/syswrap-ppc32-linux.c b/coregrind/m_syswrap/syswrap-ppc32-linux.c index 82b67afe3..03773ebc9 100644 --- a/coregrind/m_syswrap/syswrap-ppc32-linux.c +++ b/coregrind/m_syswrap/syswrap-ppc32-linux.c @@ -1087,8 +1087,9 @@ static SyscallTableEntry syscall_table[] = { LINX_ (__NR_fchmodat2, sys_fchmodat2), // 452 LINXY (__NR_statmount, sys_statmount), // 457 LINXY (__NR_listmount, sys_listmount), // 458 - LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 - LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY (__NR_lsm_get_self_attr,sys_lsm_get_self_attr), // 459 + LINX_ (__NR_lsm_set_self_attr,sys_lsm_set_self_attr), // 460 + LINXY (__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_ (__NR_mseal, sys_mseal), // 462 LINXY (__NR_file_getattr, sys_file_getattr), // 468 LINX_ (__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-ppc64-linux.c b/coregrind/m_syswrap/syswrap-ppc64-linux.c index 445ee30f3..56fe34aa5 100644 --- a/coregrind/m_syswrap/syswrap-ppc64-linux.c +++ b/coregrind/m_syswrap/syswrap-ppc64-linux.c @@ -1065,8 +1065,9 @@ static SyscallTableEntry syscall_table[] = { LINX_ (__NR_fchmodat2, sys_fchmodat2), // 452 LINXY (__NR_statmount, sys_statmount), // 457 LINXY (__NR_listmount, sys_listmount), // 458 - LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 - LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY (__NR_lsm_get_self_attr,sys_lsm_get_self_attr), // 459 + LINX_ (__NR_lsm_set_self_attr,sys_lsm_set_self_attr), // 460 + LINXY (__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_ (__NR_mseal, sys_mseal), // 462 LINXY (__NR_file_getattr, sys_file_getattr), // 468 LINX_ (__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-riscv64-linux.c b/coregrind/m_syswrap/syswrap-riscv64-linux.c index 92e279485..a495d09d0 100644 --- a/coregrind/m_syswrap/syswrap-riscv64-linux.c +++ b/coregrind/m_syswrap/syswrap-riscv64-linux.c @@ -610,6 +610,7 @@ static SyscallTableEntry syscall_main_table[] = { LINXY(__NR_listmount, sys_listmount), /* 458 */ LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), /* 459 */ LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), /* 460 */ + LINXY(__NR_lsm_list_modules, sys_lsm_list_modules), /* 461 */ LINX_(__NR_mseal, sys_mseal), /* 462 */ LINXY(__NR_file_getattr, sys_file_getattr), /* 468 */ LINX_(__NR_file_setattr, sys_file_setattr), /* 469 */ diff --git a/coregrind/m_syswrap/syswrap-s390x-linux.c b/coregrind/m_syswrap/syswrap-s390x-linux.c index 0b5d436b0..dc8b0d9e7 100644 --- a/coregrind/m_syswrap/syswrap-s390x-linux.c +++ b/coregrind/m_syswrap/syswrap-s390x-linux.c @@ -900,8 +900,9 @@ static SyscallTableEntry syscall_table[] = { LINX_ (__NR_fchmodat2, sys_fchmodat2), // 452 LINXY (__NR_statmount, sys_statmount), // 457 LINXY (__NR_listmount, sys_listmount), // 458 - LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 - LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY (__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 + LINX_ (__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY (__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_ (__NR_mseal, sys_mseal), // 462 LINXY (__NR_file_getattr, sys_file_getattr), // 468 LINX_ (__NR_file_setattr, sys_file_setattr), // 469 diff --git a/coregrind/m_syswrap/syswrap-x86-linux.c b/coregrind/m_syswrap/syswrap-x86-linux.c index 1165304da..922585a87 100644 --- a/coregrind/m_syswrap/syswrap-x86-linux.c +++ b/coregrind/m_syswrap/syswrap-x86-linux.c @@ -1692,6 +1692,7 @@ static SyscallTableEntry syscall_table[] = { LINXY(__NR_listmount, sys_listmount), // 458 LINXY(__NR_lsm_get_self_attr, sys_lsm_get_self_attr), // 459 LINX_(__NR_lsm_set_self_attr, sys_lsm_set_self_attr), // 460 + LINXY(__NR_lsm_list_modules, sys_lsm_list_modules), // 461 LINX_(__NR_mseal, sys_mseal), // 462 LINXY(__NR_file_getattr, sys_file_getattr), // 468 LINX_(__NR_file_setattr, sys_file_setattr), // 469 diff --git a/include/vki/vki-scnums-shared-linux.h b/include/vki/vki-scnums-shared-linux.h index 231372af4..f022c1ff3 100644 --- a/include/vki/vki-scnums-shared-linux.h +++ b/include/vki/vki-scnums-shared-linux.h @@ -62,6 +62,7 @@ #define __NR_listmount 458 #define __NR_lsm_get_self_attr 459 #define __NR_lsm_set_self_attr 460 +#define __NR_lsm_list_modules 461 #define __NR_mseal 462 #define __NR_file_getattr 468 #define __NR_file_setattr 469