[PATCH] security: Add GOAT LSM

[Kees Cook]

This will never go upstream, but it still works with the new LSM
syscalls.

Cc: Paul Moore <paul@xxxxxxxxxxxxxx>
Cc: James Morris <jmorris@xxxxxxxxx>
Cc: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Cc: linux-security-module@xxxxxxxxxxxxxxx
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
 include/uapi/linux/lsm.h |  2 ++
 security/Kconfig         |  1 +
 security/Makefile        |  1 +
 security/goat/Kconfig    |  9 +++++++
 security/goat/Makefile   |  2 ++
 security/goat/goat.c     | 51 ++++++++++++++++++++++++++++++++++++++++
 6 files changed, 66 insertions(+)
 create mode 100644 security/goat/Kconfig
 create mode 100644 security/goat/Makefile
 create mode 100644 security/goat/goat.c

diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h
index eeda59a77c02..23b7a8f79cef 100644
--- a/include/uapi/linux/lsm.h
+++ b/include/uapi/linux/lsm.h
@@ -63,6 +63,8 @@ struct lsm_ctx {
 #define LSM_ID_BPF		110
 #define LSM_ID_LANDLOCK		111
 
+#define LSM_ID_GOAT		1138
+
 /*
  * LSM_ATTR_XXX definitions identify different LSM attributes
  * which are used in the kernel's LSM userspace API. Support
diff --git a/security/Kconfig b/security/Kconfig
index 52c9af08ad35..0c692913a1a6 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -194,6 +194,7 @@ source "security/yama/Kconfig"
 source "security/safesetid/Kconfig"
 source "security/lockdown/Kconfig"
 source "security/landlock/Kconfig"
+source "security/goat/Kconfig"
 
 source "security/integrity/Kconfig"
 
diff --git a/security/Makefile b/security/Makefile
index 59f238490665..1d260f994fac 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -25,6 +25,7 @@ obj-$(CONFIG_SECURITY_LOCKDOWN_LSM)	+= lockdown/
 obj-$(CONFIG_CGROUPS)			+= device_cgroup.o
 obj-$(CONFIG_BPF_LSM)			+= bpf/
 obj-$(CONFIG_SECURITY_LANDLOCK)		+= landlock/
+obj-$(CONFIG_SECURITY_GOAT)		+= goat/
 
 # Object integrity file lists
 obj-$(CONFIG_INTEGRITY)			+= integrity/
diff --git a/security/goat/Kconfig b/security/goat/Kconfig
new file mode 100644
index 000000000000..dd25848e3204
--- /dev/null
+++ b/security/goat/Kconfig
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: GPL-2.0-only
+config SECURITY_GOAT
+	bool "Greatest Of All Time security features"
+	depends on SECURITY
+	help
+	  This LSM provides the greatest security features of all
+	  time.
+
+	  If in doubt, choose "Heck yeah".
diff --git a/security/goat/Makefile b/security/goat/Makefile
new file mode 100644
index 000000000000..e673c913f66f
--- /dev/null
+++ b/security/goat/Makefile
@@ -0,0 +1,2 @@
+# SPDX-License-Identifier: GPL-2.0-only
+obj-$(CONFIG_SECURITY_GOAT) += goat.o
diff --git a/security/goat/goat.c b/security/goat/goat.c
new file mode 100644
index 000000000000..f1eee60c9217
--- /dev/null
+++ b/security/goat/goat.c
@@ -0,0 +1,51 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * Greatest Linux Security Module Of All Time
+ *
+ * Author: Kees Cook <keescook@xxxxxxxxxxxx>
+ */
+
+#define pr_fmt(fmt) "GOAT: " fmt
+
+#include <linux/module.h>
+#include <linux/lsm_hooks.h>
+#include <uapi/linux/lsm.h>
+
+const struct lsm_id goat_lsmid = {
+	.name = "goat",
+	.id = LSM_ID_GOAT,
+};
+
+static int goat_read_file(struct file *file, enum kernel_read_file_id id,
+			  bool contents)
+{
+	pr_info("universally allowing file read\n");
+	return 0;
+}
+
+static int goat_load_data(enum kernel_load_data_id id, bool contents)
+{
+	pr_info("No blobs allowed!\n");
+	return -EUCLEAN;
+}
+
+static struct security_hook_list goat_hooks[] __ro_after_init = {
+	LSM_HOOK_INIT(kernel_read_file, goat_read_file),
+	LSM_HOOK_INIT(kernel_load_data, goat_load_data),
+};
+
+static int __init goat_init(void)
+{
+	pr_info("GOAT loading: Bleeeaaaeeeeggh\n");
+
+	security_add_hooks(goat_hooks, ARRAY_SIZE(goat_hooks), &goat_lsmid);
+
+	return 0;
+}
+
+DEFINE_LSM(goat) = {
+	.name = "goat",
+	.init = goat_init,
+};
-- 
2.34.1


-- 
Kees Cook