Lines Matching +full:sig +full:- +full:dir +full:- +full:cmd
1 // SPDX-License-Identifier: GPL-2.0-only
3 * Security-Enhanced Linux (SELinux) security module
13 * Copyright (C) 2003-2008 Red Hat, Inc., James Morris <jmorris@redhat.com>
15 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
17 * Copyright (C) 2006, 2007, 2009 Hewlett-Packard Development Company, L.P.
18 * Paul Moore <paul@paul-moore.com>
82 #include <linux/posix-timers.h>
154 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled
171 * selinux_peerlbl_enabled - Check to see if peer labeling is currently enabled
214 tsec = selinux_cred(unrcu_pointer(current->real_cred)); in cred_init_security()
215 tsec->osid = tsec->sid = SECINITSID_KERNEL; in cred_init_security()
226 return tsec->sid; in cred_sid()
233 ad->type = LSM_AUDIT_DATA_NET; in __ad_net_init()
234 ad->u.net = net; in __ad_net_init()
235 net->netif = ifindex; in __ad_net_init()
236 net->sk = sk; in __ad_net_init()
237 net->family = family; in __ad_net_init()
272 * allowed; when set to false, returns -ECHILD when the label is
284 isec->initialized != LABEL_INITIALIZED) { in __inode_security_revalidate()
286 return -ECHILD; in __inode_security_revalidate()
347 sbsec = selinux_superblock(inode->i_sb); in inode_free_security()
358 if (!list_empty_careful(&isec->list)) { in inode_free_security()
359 spin_lock(&sbsec->isec_lock); in inode_free_security()
360 list_del_init(&isec->list); in inode_free_security()
361 spin_unlock(&sbsec->isec_lock); in inode_free_security()
378 Opt_error = -1,
386 #define A(s, has_arg) {#s, sizeof(#s) - 1, Opt_##s, has_arg}
429 rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
434 rc = avc_has_perm(tsec->sid, sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
445 rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
450 rc = avc_has_perm(sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
457 /* Special handling. Genfs but also in-core setxattr handler */ in selinux_is_genfs_special_handling()
458 return !strcmp(sb->s_type->name, "sysfs") || in selinux_is_genfs_special_handling()
459 !strcmp(sb->s_type->name, "pstore") || in selinux_is_genfs_special_handling()
460 !strcmp(sb->s_type->name, "debugfs") || in selinux_is_genfs_special_handling()
461 !strcmp(sb->s_type->name, "tracefs") || in selinux_is_genfs_special_handling()
462 !strcmp(sb->s_type->name, "rootfs") || in selinux_is_genfs_special_handling()
464 (!strcmp(sb->s_type->name, "cgroup") || in selinux_is_genfs_special_handling()
465 !strcmp(sb->s_type->name, "cgroup2"))); in selinux_is_genfs_special_handling()
473 * IMPORTANT: Double-check logic in this function when adding a new in selinux_is_sblabel_mnt()
478 switch (sbsec->behavior) { in selinux_is_sblabel_mnt()
499 struct dentry *root = sb->s_root; in sb_check_xattr_support()
506 * error other than -ENODATA is returned by getxattr on in sb_check_xattr_support()
507 * the root directory. -ENODATA is ok, as this may be in sb_check_xattr_support()
511 if (!(root_inode->i_opflags & IOP_XATTR)) { in sb_check_xattr_support()
513 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
518 if (rc < 0 && rc != -ENODATA) { in sb_check_xattr_support()
519 if (rc == -EOPNOTSUPP) { in sb_check_xattr_support()
521 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
525 sb->s_id, sb->s_type->name, -rc); in sb_check_xattr_support()
532 /* No xattr support - try to fallback to genfs if possible. */ in sb_check_xattr_support()
533 rc = security_genfs_sid(sb->s_type->name, "/", in sb_check_xattr_support()
536 return -EOPNOTSUPP; in sb_check_xattr_support()
539 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
540 sbsec->behavior = SECURITY_FS_USE_GENFS; in sb_check_xattr_support()
541 sbsec->sid = sid; in sb_check_xattr_support()
548 struct dentry *root = sb->s_root; in sb_finish_set_opts()
552 if (sbsec->behavior == SECURITY_FS_USE_XATTR) { in sb_finish_set_opts()
558 sbsec->flags |= SE_SBINITIALIZED; in sb_finish_set_opts()
566 sbsec->flags |= SBLABEL_MNT; in sb_finish_set_opts()
568 sbsec->flags &= ~SBLABEL_MNT; in sb_finish_set_opts()
577 spin_lock(&sbsec->isec_lock); in sb_finish_set_opts()
578 while (!list_empty(&sbsec->isec_head)) { in sb_finish_set_opts()
580 list_first_entry(&sbsec->isec_head, in sb_finish_set_opts()
582 struct inode *inode = isec->inode; in sb_finish_set_opts()
583 list_del_init(&isec->list); in sb_finish_set_opts()
584 spin_unlock(&sbsec->isec_lock); in sb_finish_set_opts()
591 spin_lock(&sbsec->isec_lock); in sb_finish_set_opts()
593 spin_unlock(&sbsec->isec_lock); in sb_finish_set_opts()
600 char mnt_flags = sbsec->flags & SE_MNTMASK; in bad_option()
603 if (sbsec->flags & SE_SBINITIALIZED) in bad_option()
604 if (!(sbsec->flags & flag) || in bad_option()
611 if (!(sbsec->flags & SE_SBINITIALIZED)) in bad_option()
628 struct dentry *root = sb->s_root; in selinux_set_mnt_opts()
640 return -EINVAL; in selinux_set_mnt_opts()
642 mutex_lock(&sbsec->lock); in selinux_set_mnt_opts()
650 sbsec->flags |= SE_SBNATIVE; in selinux_set_mnt_opts()
655 rc = -EINVAL; in selinux_set_mnt_opts()
672 if ((sbsec->flags & SE_SBINITIALIZED) && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA) in selinux_set_mnt_opts()
684 if (opts->fscontext_sid) { in selinux_set_mnt_opts()
685 fscontext_sid = opts->fscontext_sid; in selinux_set_mnt_opts()
686 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_set_mnt_opts()
689 sbsec->flags |= FSCONTEXT_MNT; in selinux_set_mnt_opts()
691 if (opts->context_sid) { in selinux_set_mnt_opts()
692 context_sid = opts->context_sid; in selinux_set_mnt_opts()
693 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_set_mnt_opts()
696 sbsec->flags |= CONTEXT_MNT; in selinux_set_mnt_opts()
698 if (opts->rootcontext_sid) { in selinux_set_mnt_opts()
699 rootcontext_sid = opts->rootcontext_sid; in selinux_set_mnt_opts()
700 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_set_mnt_opts()
703 sbsec->flags |= ROOTCONTEXT_MNT; in selinux_set_mnt_opts()
705 if (opts->defcontext_sid) { in selinux_set_mnt_opts()
706 defcontext_sid = opts->defcontext_sid; in selinux_set_mnt_opts()
707 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_set_mnt_opts()
710 sbsec->flags |= DEFCONTEXT_MNT; in selinux_set_mnt_opts()
714 if (sbsec->flags & SE_SBINITIALIZED) { in selinux_set_mnt_opts()
716 if ((sbsec->flags & SE_MNTMASK) && !opts) in selinux_set_mnt_opts()
722 if (strcmp(sb->s_type->name, "proc") == 0) in selinux_set_mnt_opts()
723 sbsec->flags |= SE_SBPROC | SE_SBGENFS; in selinux_set_mnt_opts()
725 if (!strcmp(sb->s_type->name, "debugfs") || in selinux_set_mnt_opts()
726 !strcmp(sb->s_type->name, "tracefs") || in selinux_set_mnt_opts()
727 !strcmp(sb->s_type->name, "binder") || in selinux_set_mnt_opts()
728 !strcmp(sb->s_type->name, "bpf") || in selinux_set_mnt_opts()
729 !strcmp(sb->s_type->name, "pstore") || in selinux_set_mnt_opts()
730 !strcmp(sb->s_type->name, "securityfs")) in selinux_set_mnt_opts()
731 sbsec->flags |= SE_SBGENFS; in selinux_set_mnt_opts()
733 if (!strcmp(sb->s_type->name, "sysfs") || in selinux_set_mnt_opts()
734 !strcmp(sb->s_type->name, "cgroup") || in selinux_set_mnt_opts()
735 !strcmp(sb->s_type->name, "cgroup2")) in selinux_set_mnt_opts()
736 sbsec->flags |= SE_SBGENFS | SE_SBGENFS_XATTR; in selinux_set_mnt_opts()
738 if (!sbsec->behavior) { in selinux_set_mnt_opts()
746 __func__, sb->s_type->name, rc); in selinux_set_mnt_opts()
756 if (sb->s_user_ns != &init_user_ns && in selinux_set_mnt_opts()
757 strcmp(sb->s_type->name, "tmpfs") && in selinux_set_mnt_opts()
758 strcmp(sb->s_type->name, "ramfs") && in selinux_set_mnt_opts()
759 strcmp(sb->s_type->name, "devpts") && in selinux_set_mnt_opts()
760 strcmp(sb->s_type->name, "overlay")) { in selinux_set_mnt_opts()
763 rc = -EACCES; in selinux_set_mnt_opts()
766 if (sbsec->behavior == SECURITY_FS_USE_XATTR) { in selinux_set_mnt_opts()
767 sbsec->behavior = SECURITY_FS_USE_MNTPOINT; in selinux_set_mnt_opts()
771 &sbsec->mntpoint_sid); in selinux_set_mnt_opts()
784 sbsec->sid = fscontext_sid; in selinux_set_mnt_opts()
792 if (sbsec->flags & SE_SBNATIVE) { in selinux_set_mnt_opts()
801 sbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_set_mnt_opts()
803 sbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_set_mnt_opts()
813 sbsec->sid = context_sid; in selinux_set_mnt_opts()
823 sbsec->mntpoint_sid = context_sid; in selinux_set_mnt_opts()
824 sbsec->behavior = SECURITY_FS_USE_MNTPOINT; in selinux_set_mnt_opts()
833 root_isec->sid = rootcontext_sid; in selinux_set_mnt_opts()
834 root_isec->initialized = LABEL_INITIALIZED; in selinux_set_mnt_opts()
838 if (sbsec->behavior != SECURITY_FS_USE_XATTR && in selinux_set_mnt_opts()
839 sbsec->behavior != SECURITY_FS_USE_NATIVE) { in selinux_set_mnt_opts()
840 rc = -EINVAL; in selinux_set_mnt_opts()
846 if (defcontext_sid != sbsec->def_sid) { in selinux_set_mnt_opts()
853 sbsec->def_sid = defcontext_sid; in selinux_set_mnt_opts()
859 mutex_unlock(&sbsec->lock); in selinux_set_mnt_opts()
862 rc = -EINVAL; in selinux_set_mnt_opts()
864 "security settings for (dev %s, type %s)\n", sb->s_id, in selinux_set_mnt_opts()
865 sb->s_type->name); in selinux_set_mnt_opts()
874 char oldflags = old->flags & SE_MNTMASK; in selinux_cmp_sb_context()
875 char newflags = new->flags & SE_MNTMASK; in selinux_cmp_sb_context()
879 if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid) in selinux_cmp_sb_context()
881 if ((oldflags & CONTEXT_MNT) && old->mntpoint_sid != new->mntpoint_sid) in selinux_cmp_sb_context()
883 if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid) in selinux_cmp_sb_context()
886 struct inode_security_struct *oldroot = backing_inode_security(oldsb->s_root); in selinux_cmp_sb_context()
887 struct inode_security_struct *newroot = backing_inode_security(newsb->s_root); in selinux_cmp_sb_context()
888 if (oldroot->sid != newroot->sid) in selinux_cmp_sb_context()
895 "type %s)\n", newsb->s_id, newsb->s_type->name); in selinux_cmp_sb_context()
896 return -EBUSY; in selinux_cmp_sb_context()
909 int set_fscontext = (oldsbsec->flags & FSCONTEXT_MNT); in selinux_sb_clone_mnt_opts()
910 int set_context = (oldsbsec->flags & CONTEXT_MNT); in selinux_sb_clone_mnt_opts()
911 int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); in selinux_sb_clone_mnt_opts()
918 return -EINVAL; in selinux_sb_clone_mnt_opts()
920 mutex_lock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
928 newsbsec->flags |= SE_SBNATIVE; in selinux_sb_clone_mnt_opts()
935 BUG_ON(!(oldsbsec->flags & SE_SBINITIALIZED)); in selinux_sb_clone_mnt_opts()
938 if (newsbsec->flags & SE_SBINITIALIZED) { in selinux_sb_clone_mnt_opts()
939 mutex_unlock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
945 newsbsec->flags = oldsbsec->flags; in selinux_sb_clone_mnt_opts()
947 newsbsec->sid = oldsbsec->sid; in selinux_sb_clone_mnt_opts()
948 newsbsec->def_sid = oldsbsec->def_sid; in selinux_sb_clone_mnt_opts()
949 newsbsec->behavior = oldsbsec->behavior; in selinux_sb_clone_mnt_opts()
951 if (newsbsec->behavior == SECURITY_FS_USE_NATIVE && in selinux_sb_clone_mnt_opts()
959 newsbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_sb_clone_mnt_opts()
964 u32 sid = oldsbsec->mntpoint_sid; in selinux_sb_clone_mnt_opts()
967 newsbsec->sid = sid; in selinux_sb_clone_mnt_opts()
969 struct inode_security_struct *newisec = backing_inode_security(newsb->s_root); in selinux_sb_clone_mnt_opts()
970 newisec->sid = sid; in selinux_sb_clone_mnt_opts()
972 newsbsec->mntpoint_sid = sid; in selinux_sb_clone_mnt_opts()
975 const struct inode_security_struct *oldisec = backing_inode_security(oldsb->s_root); in selinux_sb_clone_mnt_opts()
976 struct inode_security_struct *newisec = backing_inode_security(newsb->s_root); in selinux_sb_clone_mnt_opts()
978 newisec->sid = oldisec->sid; in selinux_sb_clone_mnt_opts()
983 mutex_unlock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
1000 return -EINVAL; in selinux_add_opt()
1004 return -EINVAL; in selinux_add_opt()
1010 return -ENOMEM; in selinux_add_opt()
1016 if (opts->context_sid || opts->defcontext_sid) in selinux_add_opt()
1018 dst_sid = &opts->context_sid; in selinux_add_opt()
1021 if (opts->fscontext_sid) in selinux_add_opt()
1023 dst_sid = &opts->fscontext_sid; in selinux_add_opt()
1026 if (opts->rootcontext_sid) in selinux_add_opt()
1028 dst_sid = &opts->rootcontext_sid; in selinux_add_opt()
1031 if (opts->context_sid || opts->defcontext_sid) in selinux_add_opt()
1033 dst_sid = &opts->defcontext_sid; in selinux_add_opt()
1037 return -EINVAL; in selinux_add_opt()
1047 return -EINVAL; in selinux_add_opt()
1076 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_show_options()
1082 if (sbsec->flags & FSCONTEXT_MNT) { in selinux_sb_show_options()
1085 rc = show_sid(m, sbsec->sid); in selinux_sb_show_options()
1089 if (sbsec->flags & CONTEXT_MNT) { in selinux_sb_show_options()
1092 rc = show_sid(m, sbsec->mntpoint_sid); in selinux_sb_show_options()
1096 if (sbsec->flags & DEFCONTEXT_MNT) { in selinux_sb_show_options()
1099 rc = show_sid(m, sbsec->def_sid); in selinux_sb_show_options()
1103 if (sbsec->flags & ROOTCONTEXT_MNT) { in selinux_sb_show_options()
1104 struct dentry *root = sb->s_root; in selinux_sb_show_options()
1108 rc = show_sid(m, isec->sid); in selinux_sb_show_options()
1112 if (sbsec->flags & SBLABEL_MNT) { in selinux_sb_show_options()
1313 struct super_block *sb = dentry->d_sb; in selinux_genfs_get_sid()
1318 return -ENOMEM; in selinux_genfs_get_sid()
1327 * e.g. /proc/1/net/rpc/nfs -> /net/rpc/nfs */ in selinux_genfs_get_sid()
1333 rc = security_genfs_sid(sb->s_type->name, in selinux_genfs_get_sid()
1335 if (rc == -ENOENT) { in selinux_genfs_get_sid()
1356 return -ENOMEM; in inode_doinit_use_xattr()
1360 if (rc == -ERANGE) { in inode_doinit_use_xattr()
1371 return -ENOMEM; in inode_doinit_use_xattr()
1379 if (rc != -ENODATA) { in inode_doinit_use_xattr()
1381 __func__, -rc, inode->i_sb->s_id, inode->i_ino); in inode_doinit_use_xattr()
1391 char *dev = inode->i_sb->s_id; in inode_doinit_use_xattr()
1392 unsigned long ino = inode->i_ino; in inode_doinit_use_xattr()
1394 if (rc == -EINVAL) { in inode_doinit_use_xattr()
1399 __func__, context, -rc, dev, ino); in inode_doinit_use_xattr()
1416 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1419 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1420 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1423 if (isec->sclass == SECCLASS_FILE) in inode_doinit_with_dentry()
1424 isec->sclass = inode_mode_to_security_class(inode->i_mode); in inode_doinit_with_dentry()
1426 sbsec = selinux_superblock(inode->i_sb); in inode_doinit_with_dentry()
1427 if (!(sbsec->flags & SE_SBINITIALIZED)) { in inode_doinit_with_dentry()
1431 spin_lock(&sbsec->isec_lock); in inode_doinit_with_dentry()
1432 if (list_empty(&isec->list)) in inode_doinit_with_dentry()
1433 list_add(&isec->list, &sbsec->isec_head); in inode_doinit_with_dentry()
1434 spin_unlock(&sbsec->isec_lock); in inode_doinit_with_dentry()
1438 sclass = isec->sclass; in inode_doinit_with_dentry()
1439 task_sid = isec->task_sid; in inode_doinit_with_dentry()
1440 sid = isec->sid; in inode_doinit_with_dentry()
1441 isec->initialized = LABEL_PENDING; in inode_doinit_with_dentry()
1442 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1444 switch (sbsec->behavior) { in inode_doinit_with_dentry()
1446 * In case of SECURITY_FS_USE_NATIVE we need to re-fetch the labels in inode_doinit_with_dentry()
1451 if (!(inode->i_opflags & IOP_XATTR)) { in inode_doinit_with_dentry()
1452 sid = sbsec->def_sid; in inode_doinit_with_dentry()
1476 * sbsec->isec_head list. No reason to complain as these in inode_doinit_with_dentry()
1484 rc = inode_doinit_use_xattr(inode, dentry, sbsec->def_sid, in inode_doinit_with_dentry()
1495 sid = sbsec->sid; in inode_doinit_with_dentry()
1504 sid = sbsec->mntpoint_sid; in inode_doinit_with_dentry()
1508 sid = sbsec->sid; in inode_doinit_with_dentry()
1510 if ((sbsec->flags & SE_SBGENFS) && in inode_doinit_with_dentry()
1511 (!S_ISLNK(inode->i_mode) || in inode_doinit_with_dentry()
1532 * sbsec->isec_head list. No reason to complain as in inode_doinit_with_dentry()
1540 sbsec->flags, &sid); in inode_doinit_with_dentry()
1546 if ((sbsec->flags & SE_SBGENFS_XATTR) && in inode_doinit_with_dentry()
1547 (inode->i_opflags & IOP_XATTR)) { in inode_doinit_with_dentry()
1561 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1562 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1564 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1567 isec->initialized = LABEL_INITIALIZED; in inode_doinit_with_dentry()
1568 isec->sid = sid; in inode_doinit_with_dentry()
1572 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1576 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1577 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1578 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1579 isec->sid = sid; in inode_doinit_with_dentry()
1581 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1586 static inline u32 signal_to_av(int sig) in signal_to_av() argument
1590 switch (sig) { in signal_to_av()
1640 return -EINVAL; in cred_has_capability()
1669 return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp); in inode_has_perm()
1695 struct inode *inode = d_backing_inode(path->dentry); in path_has_perm()
1700 __inode_security_revalidate(inode, path->dentry, true); in path_has_perm()
1741 if (sid != fsec->sid) { in file_has_perm()
1742 rc = avc_has_perm(sid, fsec->sid, in file_has_perm()
1770 struct inode *dir, in selinux_determine_inode_label() argument
1775 selinux_superblock(dir->i_sb); in selinux_determine_inode_label()
1777 if ((sbsec->flags & SE_SBINITIALIZED) && in selinux_determine_inode_label()
1778 (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) { in selinux_determine_inode_label()
1779 *_new_isid = sbsec->mntpoint_sid; in selinux_determine_inode_label()
1780 } else if ((sbsec->flags & SBLABEL_MNT) && in selinux_determine_inode_label()
1781 tsec->create_sid) { in selinux_determine_inode_label()
1782 *_new_isid = tsec->create_sid; in selinux_determine_inode_label()
1784 const struct inode_security_struct *dsec = inode_security(dir); in selinux_determine_inode_label()
1785 return security_transition_sid(tsec->sid, in selinux_determine_inode_label()
1786 dsec->sid, tclass, in selinux_determine_inode_label()
1794 static int may_create(struct inode *dir, in may_create() argument
1805 dsec = inode_security(dir); in may_create()
1806 sbsec = selinux_superblock(dir->i_sb); in may_create()
1808 sid = tsec->sid; in may_create()
1813 rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, in may_create()
1819 rc = selinux_determine_inode_label(tsec, dir, &dentry->d_name, tclass, in may_create()
1828 return avc_has_perm(newsid, sbsec->sid, in may_create()
1838 static int may_link(struct inode *dir, in may_link() argument
1849 dsec = inode_security(dir); in may_link()
1857 rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, av, &ad); in may_link()
1877 rc = avc_has_perm(sid, isec->sid, isec->sclass, av, &ad); in may_link()
1901 rc = avc_has_perm(sid, old_dsec->sid, SECCLASS_DIR, in may_rename()
1905 rc = avc_has_perm(sid, old_isec->sid, in may_rename()
1906 old_isec->sclass, FILE__RENAME, &ad); in may_rename()
1910 rc = avc_has_perm(sid, old_isec->sid, in may_rename()
1911 old_isec->sclass, DIR__REPARENT, &ad); in may_rename()
1920 rc = avc_has_perm(sid, new_dsec->sid, SECCLASS_DIR, av, &ad); in may_rename()
1926 rc = avc_has_perm(sid, new_isec->sid, in may_rename()
1927 new_isec->sclass, in may_rename()
1946 return avc_has_perm(sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad); in superblock_has_perm()
1982 if (file->f_mode & FMODE_READ) in file_to_av()
1984 if (file->f_mode & FMODE_WRITE) { in file_to_av()
1985 if (file->f_flags & O_APPEND) in file_to_av()
1992 * Special file opened with flags 3 for ioctl-only use. in file_to_av()
2010 inode->i_sb->s_magic != SOCKFS_MAGIC) in open_file_to_av()
2057 struct dentry *dentry = file->f_path.dentry; in selinux_binder_transfer_file()
2063 ad.u.path = file->f_path; in selinux_binder_transfer_file()
2065 if (sid != fsec->sid) { in selinux_binder_transfer_file()
2066 rc = avc_has_perm(sid, fsec->sid, in selinux_binder_transfer_file()
2084 return avc_has_perm(sid, isec->sid, isec->sclass, file_to_av(file), in selinux_binder_transfer_file()
2205 * succeed and -ENOMEM implies there is not.
2242 int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS); in check_nnp_nosuid()
2243 int nosuid = !mnt_may_suid(bprm->file->f_path.mnt); in check_nnp_nosuid()
2250 if (new_tsec->sid == old_tsec->sid) in check_nnp_nosuid()
2265 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in check_nnp_nosuid()
2276 rc = security_bounded_transition(old_tsec->sid, in check_nnp_nosuid()
2277 new_tsec->sid); in check_nnp_nosuid()
2287 return -EPERM; in check_nnp_nosuid()
2288 return -EACCES; in check_nnp_nosuid()
2297 struct inode *inode = file_inode(bprm->file); in selinux_bprm_creds_for_exec()
2304 new_tsec = selinux_cred(bprm->cred); in selinux_bprm_creds_for_exec()
2308 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2309 new_tsec->osid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2312 new_tsec->create_sid = 0; in selinux_bprm_creds_for_exec()
2313 new_tsec->keycreate_sid = 0; in selinux_bprm_creds_for_exec()
2314 new_tsec->sockcreate_sid = 0; in selinux_bprm_creds_for_exec()
2316 if (old_tsec->exec_sid) { in selinux_bprm_creds_for_exec()
2317 new_tsec->sid = old_tsec->exec_sid; in selinux_bprm_creds_for_exec()
2319 new_tsec->exec_sid = 0; in selinux_bprm_creds_for_exec()
2327 rc = security_transition_sid(old_tsec->sid, in selinux_bprm_creds_for_exec()
2328 isec->sid, SECCLASS_PROCESS, NULL, in selinux_bprm_creds_for_exec()
2329 &new_tsec->sid); in selinux_bprm_creds_for_exec()
2339 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2343 ad.u.file = bprm->file; in selinux_bprm_creds_for_exec()
2345 if (new_tsec->sid == old_tsec->sid) { in selinux_bprm_creds_for_exec()
2346 rc = avc_has_perm(old_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2352 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2357 rc = avc_has_perm(new_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2363 if (bprm->unsafe & LSM_UNSAFE_SHARE) { in selinux_bprm_creds_for_exec()
2364 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2368 return -EPERM; in selinux_bprm_creds_for_exec()
2373 if (bprm->unsafe & LSM_UNSAFE_PTRACE) { in selinux_bprm_creds_for_exec()
2376 rc = avc_has_perm(ptsid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2380 return -EPERM; in selinux_bprm_creds_for_exec()
2385 bprm->per_clear |= PER_CLEAR_ON_SETID; in selinux_bprm_creds_for_exec()
2390 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2393 bprm->secureexec |= !!rc; in selinux_bprm_creds_for_exec()
2415 spin_lock(&tty->files_lock); in flush_unauthorized_files()
2416 if (!list_empty(&tty->tty_files)) { in flush_unauthorized_files()
2423 only interested in the inode-based check here. */ in flush_unauthorized_files()
2424 file_priv = list_first_entry(&tty->tty_files, in flush_unauthorized_files()
2426 file = file_priv->file; in flush_unauthorized_files()
2430 spin_unlock(&tty->files_lock); in flush_unauthorized_files()
2447 replace_fd(n - 1, devnull, 0); in flush_unauthorized_files()
2462 new_tsec = selinux_cred(bprm->cred); in selinux_bprm_committing_creds()
2463 if (new_tsec->sid == new_tsec->osid) in selinux_bprm_committing_creds()
2467 flush_unauthorized_files(bprm->cred, current->files); in selinux_bprm_committing_creds()
2470 current->pdeath_signal = 0; in selinux_bprm_committing_creds()
2482 rc = avc_has_perm(new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS, in selinux_bprm_committing_creds()
2488 rlim = current->signal->rlim + i; in selinux_bprm_committing_creds()
2489 initrlim = init_task.signal->rlim + i; in selinux_bprm_committing_creds()
2490 rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); in selinux_bprm_committing_creds()
2508 osid = tsec->osid; in selinux_bprm_committed_creds()
2509 sid = tsec->sid; in selinux_bprm_committed_creds()
2525 spin_lock_irq(&unrcu_pointer(current->sighand)->siglock); in selinux_bprm_committed_creds()
2527 flush_sigqueue(¤t->pending); in selinux_bprm_committed_creds()
2528 flush_sigqueue(¤t->signal->shared_pending); in selinux_bprm_committed_creds()
2530 sigemptyset(¤t->blocked); in selinux_bprm_committed_creds()
2533 spin_unlock_irq(&unrcu_pointer(current->sighand)->siglock); in selinux_bprm_committed_creds()
2539 __wake_up_parent(current, unrcu_pointer(current->real_parent)); in selinux_bprm_committed_creds()
2549 mutex_init(&sbsec->lock); in selinux_sb_alloc_security()
2550 INIT_LIST_HEAD(&sbsec->isec_head); in selinux_sb_alloc_security()
2551 spin_lock_init(&sbsec->isec_lock); in selinux_sb_alloc_security()
2552 sbsec->sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2553 sbsec->def_sid = SECINITSID_FILE; in selinux_sb_alloc_security()
2554 sbsec->mntpoint_sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2598 arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); in selinux_sb_eat_lsm_opts()
2600 rc = -ENOMEM; in selinux_sb_eat_lsm_opts()
2612 from--; in selinux_sb_eat_lsm_opts()
2641 * Superblock not initialized (i.e. no options) - reject if any in selinux_sb_mnt_opts_compat()
2644 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_mnt_opts_compat()
2648 * Superblock initialized and no options specified - reject if in selinux_sb_mnt_opts_compat()
2652 return (sbsec->flags & SE_MNTMASK) ? 1 : 0; in selinux_sb_mnt_opts_compat()
2654 if (opts->fscontext_sid) { in selinux_sb_mnt_opts_compat()
2655 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_sb_mnt_opts_compat()
2656 opts->fscontext_sid)) in selinux_sb_mnt_opts_compat()
2659 if (opts->context_sid) { in selinux_sb_mnt_opts_compat()
2660 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_sb_mnt_opts_compat()
2661 opts->context_sid)) in selinux_sb_mnt_opts_compat()
2664 if (opts->rootcontext_sid) { in selinux_sb_mnt_opts_compat()
2667 root_isec = backing_inode_security(sb->s_root); in selinux_sb_mnt_opts_compat()
2668 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_sb_mnt_opts_compat()
2669 opts->rootcontext_sid)) in selinux_sb_mnt_opts_compat()
2672 if (opts->defcontext_sid) { in selinux_sb_mnt_opts_compat()
2673 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_sb_mnt_opts_compat()
2674 opts->defcontext_sid)) in selinux_sb_mnt_opts_compat()
2685 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_remount()
2691 if (opts->fscontext_sid) { in selinux_sb_remount()
2692 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_sb_remount()
2693 opts->fscontext_sid)) in selinux_sb_remount()
2696 if (opts->context_sid) { in selinux_sb_remount()
2697 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_sb_remount()
2698 opts->context_sid)) in selinux_sb_remount()
2701 if (opts->rootcontext_sid) { in selinux_sb_remount()
2703 root_isec = backing_inode_security(sb->s_root); in selinux_sb_remount()
2704 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_sb_remount()
2705 opts->rootcontext_sid)) in selinux_sb_remount()
2708 if (opts->defcontext_sid) { in selinux_sb_remount()
2709 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_sb_remount()
2710 opts->defcontext_sid)) in selinux_sb_remount()
2717 "during remount (dev %s, type=%s)\n", sb->s_id, in selinux_sb_remount()
2718 sb->s_type->name); in selinux_sb_remount()
2719 return -EINVAL; in selinux_sb_remount()
2728 ad.u.dentry = sb->s_root; in selinux_sb_kern_mount()
2738 ad.u.dentry = dentry->d_sb->s_root; in selinux_sb_statfs()
2739 return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); in selinux_sb_statfs()
2751 return superblock_has_perm(cred, path->dentry->d_sb, in selinux_mount()
2769 return superblock_has_perm(cred, mnt->mnt_sb, in selinux_umount()
2780 * Ensure that fc->security remains NULL when no options are set in selinux_fs_context_submount()
2783 if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT))) in selinux_fs_context_submount()
2788 return -ENOMEM; in selinux_fs_context_submount()
2790 if (sbsec->flags & FSCONTEXT_MNT) in selinux_fs_context_submount()
2791 opts->fscontext_sid = sbsec->sid; in selinux_fs_context_submount()
2792 if (sbsec->flags & CONTEXT_MNT) in selinux_fs_context_submount()
2793 opts->context_sid = sbsec->mntpoint_sid; in selinux_fs_context_submount()
2794 if (sbsec->flags & DEFCONTEXT_MNT) in selinux_fs_context_submount()
2795 opts->defcontext_sid = sbsec->def_sid; in selinux_fs_context_submount()
2796 fc->security = opts; in selinux_fs_context_submount()
2803 const struct selinux_mnt_opts *src = src_fc->security; in selinux_fs_context_dup()
2808 fc->security = kmemdup(src, sizeof(*src), GFP_KERNEL); in selinux_fs_context_dup()
2809 return fc->security ? 0 : -ENOMEM; in selinux_fs_context_dup()
2831 return selinux_add_opt(opt, param->string, &fc->security); in selinux_fs_context_parse_param()
2841 spin_lock_init(&isec->lock); in selinux_inode_alloc_security()
2842 INIT_LIST_HEAD(&isec->list); in selinux_inode_alloc_security()
2843 isec->inode = inode; in selinux_inode_alloc_security()
2844 isec->sid = SECINITSID_UNLABELED; in selinux_inode_alloc_security()
2845 isec->sclass = SECCLASS_FILE; in selinux_inode_alloc_security()
2846 isec->task_sid = sid; in selinux_inode_alloc_security()
2847 isec->initialized = LABEL_INVALID; in selinux_inode_alloc_security()
2866 d_inode(dentry->d_parent), name, in selinux_dentry_init_security()
2889 d_inode(dentry->d_parent), name, in selinux_dentry_create_files_as()
2896 tsec->create_sid = newsid; in selinux_dentry_create_files_as()
2900 static int selinux_inode_init_security(struct inode *inode, struct inode *dir, in selinux_inode_init_security() argument
2911 sbsec = selinux_superblock(dir->i_sb); in selinux_inode_init_security()
2913 newsid = tsec->create_sid; in selinux_inode_init_security()
2915 rc = selinux_determine_inode_label(tsec, dir, qstr, in selinux_inode_init_security()
2916 inode_mode_to_security_class(inode->i_mode), in selinux_inode_init_security()
2922 if (sbsec->flags & SE_SBINITIALIZED) { in selinux_inode_init_security()
2924 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_init_security()
2925 isec->sid = newsid; in selinux_inode_init_security()
2926 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security()
2930 !(sbsec->flags & SBLABEL_MNT)) in selinux_inode_init_security()
2931 return -EOPNOTSUPP; in selinux_inode_init_security()
2938 xattr->value = context; in selinux_inode_init_security()
2939 xattr->value_len = clen; in selinux_inode_init_security()
2940 xattr->name = XATTR_SELINUX_SUFFIX; in selinux_inode_init_security()
2969 if (context_isec->initialized != LABEL_INITIALIZED) { in selinux_inode_init_security_anon()
2971 return -EACCES; in selinux_inode_init_security_anon()
2974 isec->sclass = context_isec->sclass; in selinux_inode_init_security_anon()
2975 isec->sid = context_isec->sid; in selinux_inode_init_security_anon()
2977 isec->sclass = SECCLASS_ANON_INODE; in selinux_inode_init_security_anon()
2979 tsec->sid, tsec->sid, in selinux_inode_init_security_anon()
2980 isec->sclass, name, &isec->sid); in selinux_inode_init_security_anon()
2985 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security_anon()
2992 ad.u.anonclass = name ? (const char *)name->name : "?"; in selinux_inode_init_security_anon()
2994 return avc_has_perm(tsec->sid, in selinux_inode_init_security_anon()
2995 isec->sid, in selinux_inode_init_security_anon()
2996 isec->sclass, in selinux_inode_init_security_anon()
3001 static int selinux_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) in selinux_inode_create() argument
3003 return may_create(dir, dentry, SECCLASS_FILE); in selinux_inode_create()
3006 static int selinux_inode_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dent… in selinux_inode_link() argument
3008 return may_link(dir, old_dentry, MAY_LINK); in selinux_inode_link()
3011 static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry) in selinux_inode_unlink() argument
3013 return may_link(dir, dentry, MAY_UNLINK); in selinux_inode_unlink()
3016 static int selinux_inode_symlink(struct inode *dir, struct dentry *dentry, const char *name) in selinux_inode_symlink() argument
3018 return may_create(dir, dentry, SECCLASS_LNK_FILE); in selinux_inode_symlink()
3021 static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mask) in selinux_inode_mkdir() argument
3023 return may_create(dir, dentry, SECCLASS_DIR); in selinux_inode_mkdir()
3026 static int selinux_inode_rmdir(struct inode *dir, struct dentry *dentry) in selinux_inode_rmdir() argument
3028 return may_link(dir, dentry, MAY_RMDIR); in selinux_inode_rmdir()
3031 static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) in selinux_inode_mknod() argument
3033 return may_create(dir, dentry, inode_mode_to_security_class(mode)); in selinux_inode_mknod()
3064 return avc_has_perm(sid, isec->sid, isec->sclass, FILE__READ, &ad); in selinux_inode_follow_link()
3077 return slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms, in audit_inode_permission()
3103 perms = file_mask_to_av(inode->i_mode, mask); in selinux_inode_permission()
3110 rc = avc_has_perm_noaudit(sid, isec->sid, isec->sclass, perms, 0, in selinux_inode_permission()
3128 unsigned int ia_valid = iattr->ia_valid; in selinux_inode_setattr()
3144 inode->i_sb->s_magic != SOCKFS_MAGIC && in selinux_inode_setattr()
3191 return (inode_owner_or_capable(idmap, inode) ? 0 : -EPERM); in selinux_inode_setxattr()
3193 sbsec = selinux_superblock(inode->i_sb); in selinux_inode_setxattr()
3194 if (!(sbsec->flags & SBLABEL_MNT)) in selinux_inode_setxattr()
3195 return -EOPNOTSUPP; in selinux_inode_setxattr()
3198 return -EPERM; in selinux_inode_setxattr()
3204 rc = avc_has_perm(sid, isec->sid, isec->sclass, in selinux_inode_setxattr()
3211 if (rc == -EINVAL) { in selinux_inode_setxattr()
3221 if (str[size - 1] == '\0') in selinux_inode_setxattr()
3222 audit_size = size - 1; in selinux_inode_setxattr()
3244 rc = avc_has_perm(sid, newsid, isec->sclass, in selinux_inode_setxattr()
3249 rc = security_validate_transition(isec->sid, newsid, in selinux_inode_setxattr()
3250 sid, isec->sclass); in selinux_inode_setxattr()
3255 sbsec->sid, in selinux_inode_setxattr()
3308 inode->i_sb->s_id, inode->i_ino, -rc); in selinux_inode_post_setxattr()
3313 spin_lock(&isec->lock); in selinux_inode_post_setxattr()
3314 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_post_setxattr()
3315 isec->sid = newsid; in selinux_inode_post_setxattr()
3316 isec->initialized = LABEL_INITIALIZED; in selinux_inode_post_setxattr()
3317 spin_unlock(&isec->lock); in selinux_inode_post_setxattr()
3352 return -EACCES; in selinux_inode_removexattr()
3376 ret = superblock_has_perm(current_cred(), path->dentry->d_sb, in selinux_path_notify()
3385 return -EINVAL; in selinux_path_notify()
3392 /* watches on read-like events need the file:watch_reads permission */ in selinux_path_notify()
3415 * just let vfs_getxattr fall back to using the on-disk xattr. in selinux_inode_getsecurity()
3419 return -EOPNOTSUPP; in selinux_inode_getsecurity()
3424 * use the in-core value under current policy. in selinux_inode_getsecurity()
3425 * Use the non-auditing forms of the permission checks since in selinux_inode_getsecurity()
3428 * in-core context value, not a denial. in selinux_inode_getsecurity()
3432 error = security_sid_to_context_force(isec->sid, &context, in selinux_inode_getsecurity()
3435 error = security_sid_to_context(isec->sid, in selinux_inode_getsecurity()
3458 return -EOPNOTSUPP; in selinux_inode_setsecurity()
3460 sbsec = selinux_superblock(inode->i_sb); in selinux_inode_setsecurity()
3461 if (!(sbsec->flags & SBLABEL_MNT)) in selinux_inode_setsecurity()
3462 return -EOPNOTSUPP; in selinux_inode_setsecurity()
3465 return -EACCES; in selinux_inode_setsecurity()
3472 spin_lock(&isec->lock); in selinux_inode_setsecurity()
3473 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_setsecurity()
3474 isec->sid = newsid; in selinux_inode_setsecurity()
3475 isec->initialized = LABEL_INITIALIZED; in selinux_inode_setsecurity()
3476 spin_unlock(&isec->lock); in selinux_inode_setsecurity()
3495 *secid = isec->sid; in selinux_inode_getsecid()
3507 return -ENOMEM; in selinux_inode_copy_up()
3513 tsec->create_sid = sid; in selinux_inode_copy_up()
3522 * xattrs up. Instead, we have to filter out SELinux-related xattrs. in selinux_inode_copy_up_xattr()
3530 return -EOPNOTSUPP; in selinux_inode_copy_up_xattr()
3544 if (rc == -ENODATA) in selinux_kernfs_init_security()
3552 return -ENOMEM; in selinux_kernfs_init_security()
3566 if (tsec->create_sid) { in selinux_kernfs_init_security()
3567 newsid = tsec->create_sid; in selinux_kernfs_init_security()
3569 u16 secclass = inode_mode_to_security_class(kn->mode); in selinux_kernfs_init_security()
3572 q.name = kn->name; in selinux_kernfs_init_security()
3573 q.hash_len = hashlen_string(kn_dir, kn->name); in selinux_kernfs_init_security()
3575 rc = security_transition_sid(tsec->sid, in selinux_kernfs_init_security()
3602 if ((file->f_flags & O_APPEND) && (mask & MAY_WRITE)) in selinux_revalidate_file_permission()
3606 file_mask_to_av(inode->i_mode, mask)); in selinux_revalidate_file_permission()
3621 if (sid == fsec->sid && fsec->isid == isec->sid && in selinux_file_permission()
3622 fsec->pseqno == avc_policy_seqno()) in selinux_file_permission()
3634 fsec->sid = sid; in selinux_file_alloc_security()
3635 fsec->fown_sid = sid; in selinux_file_alloc_security()
3641 * Check whether a task has the ioctl permission and cmd
3645 u32 requested, u16 cmd) in ioctl_has_perm() argument
3654 u8 driver = cmd >> 8; in ioctl_has_perm()
3655 u8 xperm = cmd & 0xff; in ioctl_has_perm()
3659 ad.u.op->cmd = cmd; in ioctl_has_perm()
3660 ad.u.op->path = file->f_path; in ioctl_has_perm()
3662 if (ssid != fsec->sid) { in ioctl_has_perm()
3663 rc = avc_has_perm(ssid, fsec->sid, in ioctl_has_perm()
3675 rc = avc_has_extended_perms(ssid, isec->sid, isec->sclass, in ioctl_has_perm()
3681 static int selinux_file_ioctl(struct file *file, unsigned int cmd, in selinux_file_ioctl() argument
3687 switch (cmd) { in selinux_file_ioctl()
3716 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); in selinux_file_ioctl()
3723 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); in selinux_file_ioctl()
3728 static int selinux_file_ioctl_compat(struct file *file, unsigned int cmd, in selinux_file_ioctl_compat() argument
3732 * If we are in a 64-bit kernel running 32-bit userspace, we need to in selinux_file_ioctl_compat()
3733 * make sure we don't compare 32-bit flags to 64-bit flags. in selinux_file_ioctl_compat()
3735 switch (cmd) { in selinux_file_ioctl_compat()
3737 cmd = FS_IOC_GETFLAGS; in selinux_file_ioctl_compat()
3740 cmd = FS_IOC_SETFLAGS; in selinux_file_ioctl_compat()
3743 cmd = FS_IOC_GETVERSION; in selinux_file_ioctl_compat()
3746 cmd = FS_IOC_SETVERSION; in selinux_file_ioctl_compat()
3752 return selinux_file_ioctl(file, cmd, arg); in selinux_file_ioctl_compat()
3836 (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { in selinux_file_mprotect()
3847 if (vma->vm_start >= vma->vm_mm->start_brk && in selinux_file_mprotect()
3848 vma->vm_end <= vma->vm_mm->brk) { in selinux_file_mprotect()
3851 } else if (!vma->vm_file && (vma_is_initial_stack(vma) || in selinux_file_mprotect()
3855 } else if (vma->vm_file && vma->anon_vma) { in selinux_file_mprotect()
3863 rc = file_has_perm(cred, vma->vm_file, FILE__EXECMOD); in selinux_file_mprotect()
3869 return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED); in selinux_file_mprotect()
3872 static int selinux_file_lock(struct file *file, unsigned int cmd) in selinux_file_lock() argument
3879 static int selinux_file_fcntl(struct file *file, unsigned int cmd, in selinux_file_fcntl() argument
3885 switch (cmd) { in selinux_file_fcntl()
3887 if ((file->f_flags & O_APPEND) && !(arg & O_APPEND)) { in selinux_file_fcntl()
3924 fsec->fown_sid = current_sid(); in selinux_file_set_fowner()
3945 return avc_has_perm(fsec->fown_sid, sid, in selinux_file_send_sigiotask()
3965 * at open-time so that selinux_file_permission in selinux_file_open()
3970 fsec->isid = isec->sid; in selinux_file_open()
3971 fsec->pseqno = avc_policy_seqno(); in selinux_file_open()
3978 * This check is not redundant - do not remove. in selinux_file_open()
3980 return file_path_has_perm(file->f_cred, file, open_file_to_av(file)); in selinux_file_open()
4024 * - all the creation contexts are set to unlabelled
4037 tsec->sid = secid; in selinux_kernel_act_as()
4038 tsec->create_sid = 0; in selinux_kernel_act_as()
4039 tsec->keycreate_sid = 0; in selinux_kernel_act_as()
4040 tsec->sockcreate_sid = 0; in selinux_kernel_act_as()
4056 ret = avc_has_perm(sid, isec->sid, in selinux_kernel_create_files_as()
4062 tsec->create_sid = isec->sid; in selinux_kernel_create_files_as()
4096 if (sid != fsec->sid) { in selinux_kernel_module_from_file()
4097 rc = avc_has_perm(sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); in selinux_kernel_module_from_file()
4103 return avc_has_perm(sid, isec->sid, SECCLASS_SYSTEM, in selinux_kernel_module_from_file()
4203 struct rlimit *old_rlim = p->signal->rlim + resource; in selinux_task_setrlimit()
4209 if (old_rlim->rlim_max != new_rlim->rlim_max) in selinux_task_setrlimit()
4235 int sig, const struct cred *cred) in selinux_task_kill() argument
4240 if (!sig) in selinux_task_kill()
4243 perm = signal_to_av(sig); in selinux_task_kill()
4257 spin_lock(&isec->lock); in selinux_task_to_inode()
4258 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_task_to_inode()
4259 isec->sid = sid; in selinux_task_to_inode()
4260 isec->initialized = LABEL_INITIALIZED; in selinux_task_to_inode()
4261 spin_unlock(&isec->lock); in selinux_task_to_inode()
4276 int offset, ihlen, ret = -EINVAL; in selinux_parse_skb_ipv4()
4284 ihlen = ih->ihl * 4; in selinux_parse_skb_ipv4()
4288 ad->u.net->v4info.saddr = ih->saddr; in selinux_parse_skb_ipv4()
4289 ad->u.net->v4info.daddr = ih->daddr; in selinux_parse_skb_ipv4()
4293 *proto = ih->protocol; in selinux_parse_skb_ipv4()
4295 switch (ih->protocol) { in selinux_parse_skb_ipv4()
4299 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4307 ad->u.net->sport = th->source; in selinux_parse_skb_ipv4()
4308 ad->u.net->dport = th->dest; in selinux_parse_skb_ipv4()
4315 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4323 ad->u.net->sport = uh->source; in selinux_parse_skb_ipv4()
4324 ad->u.net->dport = uh->dest; in selinux_parse_skb_ipv4()
4331 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4339 ad->u.net->sport = dh->dccph_sport; in selinux_parse_skb_ipv4()
4340 ad->u.net->dport = dh->dccph_dport; in selinux_parse_skb_ipv4()
4348 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4356 ad->u.net->sport = sh->source; in selinux_parse_skb_ipv4()
4357 ad->u.net->dport = sh->dest; in selinux_parse_skb_ipv4()
4375 int ret = -EINVAL, offset; in selinux_parse_skb_ipv6()
4384 ad->u.net->v6info.saddr = ip6->saddr; in selinux_parse_skb_ipv6()
4385 ad->u.net->v6info.daddr = ip6->daddr; in selinux_parse_skb_ipv6()
4388 nexthdr = ip6->nexthdr; in selinux_parse_skb_ipv6()
4405 ad->u.net->sport = th->source; in selinux_parse_skb_ipv6()
4406 ad->u.net->dport = th->dest; in selinux_parse_skb_ipv6()
4417 ad->u.net->sport = uh->source; in selinux_parse_skb_ipv6()
4418 ad->u.net->dport = uh->dest; in selinux_parse_skb_ipv6()
4429 ad->u.net->sport = dh->dccph_sport; in selinux_parse_skb_ipv6()
4430 ad->u.net->dport = dh->dccph_dport; in selinux_parse_skb_ipv6()
4442 ad->u.net->sport = sh->source; in selinux_parse_skb_ipv6()
4443 ad->u.net->dport = sh->dest; in selinux_parse_skb_ipv6()
4463 switch (ad->u.net->family) { in selinux_parse_skb()
4468 addrp = (char *)(src ? &ad->u.net->v4info.saddr : in selinux_parse_skb()
4469 &ad->u.net->v4info.daddr); in selinux_parse_skb()
4477 addrp = (char *)(src ? &ad->u.net->v6info.saddr : in selinux_parse_skb()
4478 &ad->u.net->v6info.daddr); in selinux_parse_skb()
4499 * selinux_skb_peerlbl_sid - Determine the peer label of a packet
4509 * or -EACCES if @sid is invalid due to inconsistencies with the different
4522 return -EACCES; in selinux_skb_peerlbl_sid()
4525 return -EACCES; in selinux_skb_peerlbl_sid()
4533 return -EACCES; in selinux_skb_peerlbl_sid()
4540 * selinux_conn_sid - Determine the child socket label for a connection
4569 if (tsec->sockcreate_sid > SECSID_NULL) { in socket_sockcreate_sid()
4570 *socksid = tsec->sockcreate_sid; in socket_sockcreate_sid()
4574 return security_transition_sid(tsec->sid, tsec->sid, in socket_sockcreate_sid()
4580 struct sk_security_struct *sksec = sk->sk_security; in sock_has_perm()
4584 if (sksec->sid == SECINITSID_KERNEL) in sock_has_perm()
4589 return avc_has_perm(current_sid(), sksec->sid, sksec->sclass, perms, in sock_has_perm()
4609 return avc_has_perm(tsec->sid, newsid, secclass, SOCKET__CREATE, NULL); in selinux_socket_create()
4628 isec->sclass = sclass; in selinux_socket_post_create()
4629 isec->sid = sid; in selinux_socket_post_create()
4630 isec->initialized = LABEL_INITIALIZED; in selinux_socket_post_create()
4632 if (sock->sk) { in selinux_socket_post_create()
4633 sksec = sock->sk->sk_security; in selinux_socket_post_create()
4634 sksec->sclass = sclass; in selinux_socket_post_create()
4635 sksec->sid = sid; in selinux_socket_post_create()
4637 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_post_create()
4638 sksec->sctp_assoc_state = SCTP_ASSOC_UNSET; in selinux_socket_post_create()
4640 err = selinux_netlbl_socket_post_create(sock->sk, family); in selinux_socket_post_create()
4649 struct sk_security_struct *sksec_a = socka->sk->sk_security; in selinux_socket_socketpair()
4650 struct sk_security_struct *sksec_b = sockb->sk->sk_security; in selinux_socket_socketpair()
4652 sksec_a->peer_sid = sksec_b->sid; in selinux_socket_socketpair()
4653 sksec_b->peer_sid = sksec_a->sid; in selinux_socket_socketpair()
4664 struct sock *sk = sock->sk; in selinux_socket_bind()
4665 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_bind()
4674 family = sk->sk_family; in selinux_socket_bind()
4688 * need to check address->sa_family as it is possible to have in selinux_socket_bind()
4689 * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET. in selinux_socket_bind()
4692 return -EINVAL; in selinux_socket_bind()
4693 family_sa = address->sa_family; in selinux_socket_bind()
4698 return -EINVAL; in selinux_socket_bind()
4704 return -EINVAL; in selinux_socket_bind()
4711 if (addr4->sin_addr.s_addr != htonl(INADDR_ANY)) in selinux_socket_bind()
4715 snum = ntohs(addr4->sin_port); in selinux_socket_bind()
4716 addrp = (char *)&addr4->sin_addr.s_addr; in selinux_socket_bind()
4720 return -EINVAL; in selinux_socket_bind()
4722 snum = ntohs(addr6->sin6_port); in selinux_socket_bind()
4723 addrp = (char *)&addr6->sin6_addr.s6_addr; in selinux_socket_bind()
4731 ad.u.net->sport = htons(snum); in selinux_socket_bind()
4732 ad.u.net->family = family_sa; in selinux_socket_bind()
4741 err = sel_netport_sid(sk->sk_protocol, in selinux_socket_bind()
4745 err = avc_has_perm(sksec->sid, sid, in selinux_socket_bind()
4746 sksec->sclass, in selinux_socket_bind()
4753 switch (sksec->sclass) { in selinux_socket_bind()
4780 ad.u.net->v4info.saddr = addr4->sin_addr.s_addr; in selinux_socket_bind()
4782 ad.u.net->v6info.saddr = addr6->sin6_addr; in selinux_socket_bind()
4784 err = avc_has_perm(sksec->sid, sid, in selinux_socket_bind()
4785 sksec->sclass, node_perm, &ad); in selinux_socket_bind()
4792 /* Note that SCTP services expect -EINVAL, others -EAFNOSUPPORT. */ in selinux_socket_bind()
4793 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_bind()
4794 return -EINVAL; in selinux_socket_bind()
4795 return -EAFNOSUPPORT; in selinux_socket_bind()
4804 struct sock *sk = sock->sk; in selinux_socket_connect_helper()
4805 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_connect_helper()
4812 return -EINVAL; in selinux_socket_connect_helper()
4817 if (address->sa_family == AF_UNSPEC) in selinux_socket_connect_helper()
4824 if (sksec->sclass == SECCLASS_TCP_SOCKET || in selinux_socket_connect_helper()
4825 sksec->sclass == SECCLASS_DCCP_SOCKET || in selinux_socket_connect_helper()
4826 sksec->sclass == SECCLASS_SCTP_SOCKET) { in selinux_socket_connect_helper()
4836 * need to check address->sa_family as it is possible to have in selinux_socket_connect_helper()
4837 * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET. in selinux_socket_connect_helper()
4839 switch (address->sa_family) { in selinux_socket_connect_helper()
4843 return -EINVAL; in selinux_socket_connect_helper()
4844 snum = ntohs(addr4->sin_port); in selinux_socket_connect_helper()
4849 return -EINVAL; in selinux_socket_connect_helper()
4850 snum = ntohs(addr6->sin6_port); in selinux_socket_connect_helper()
4853 /* Note that SCTP services expect -EINVAL, whereas in selinux_socket_connect_helper()
4854 * others expect -EAFNOSUPPORT. in selinux_socket_connect_helper()
4856 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_connect_helper()
4857 return -EINVAL; in selinux_socket_connect_helper()
4859 return -EAFNOSUPPORT; in selinux_socket_connect_helper()
4862 err = sel_netport_sid(sk->sk_protocol, snum, &sid); in selinux_socket_connect_helper()
4866 switch (sksec->sclass) { in selinux_socket_connect_helper()
4880 ad.u.net->dport = htons(snum); in selinux_socket_connect_helper()
4881 ad.u.net->family = address->sa_family; in selinux_socket_connect_helper()
4882 err = avc_has_perm(sksec->sid, sid, sksec->sclass, perm, &ad); in selinux_socket_connect_helper()
4895 struct sock *sk = sock->sk; in selinux_socket_connect()
4906 return sock_has_perm(sock->sk, SOCKET__LISTEN); in selinux_socket_listen()
4917 err = sock_has_perm(sock->sk, SOCKET__ACCEPT); in selinux_socket_accept()
4922 spin_lock(&isec->lock); in selinux_socket_accept()
4923 sclass = isec->sclass; in selinux_socket_accept()
4924 sid = isec->sid; in selinux_socket_accept()
4925 spin_unlock(&isec->lock); in selinux_socket_accept()
4928 newisec->sclass = sclass; in selinux_socket_accept()
4929 newisec->sid = sid; in selinux_socket_accept()
4930 newisec->initialized = LABEL_INITIALIZED; in selinux_socket_accept()
4938 return sock_has_perm(sock->sk, SOCKET__WRITE); in selinux_socket_sendmsg()
4944 return sock_has_perm(sock->sk, SOCKET__READ); in selinux_socket_recvmsg()
4949 return sock_has_perm(sock->sk, SOCKET__GETATTR); in selinux_socket_getsockname()
4954 return sock_has_perm(sock->sk, SOCKET__GETATTR); in selinux_socket_getpeername()
4961 err = sock_has_perm(sock->sk, SOCKET__SETOPT); in selinux_socket_setsockopt()
4971 return sock_has_perm(sock->sk, SOCKET__GETOPT); in selinux_socket_getsockopt()
4976 return sock_has_perm(sock->sk, SOCKET__SHUTDOWN); in selinux_socket_shutdown()
4983 struct sk_security_struct *sksec_sock = sock->sk_security; in selinux_socket_unix_stream_connect()
4984 struct sk_security_struct *sksec_other = other->sk_security; in selinux_socket_unix_stream_connect()
4985 struct sk_security_struct *sksec_new = newsk->sk_security; in selinux_socket_unix_stream_connect()
4992 err = avc_has_perm(sksec_sock->sid, sksec_other->sid, in selinux_socket_unix_stream_connect()
4993 sksec_other->sclass, in selinux_socket_unix_stream_connect()
4999 sksec_new->peer_sid = sksec_sock->sid; in selinux_socket_unix_stream_connect()
5000 err = security_sid_mls_copy(sksec_other->sid, in selinux_socket_unix_stream_connect()
5001 sksec_sock->sid, &sksec_new->sid); in selinux_socket_unix_stream_connect()
5006 sksec_sock->peer_sid = sksec_new->sid; in selinux_socket_unix_stream_connect()
5014 struct sk_security_struct *ssec = sock->sk->sk_security; in selinux_socket_unix_may_send()
5015 struct sk_security_struct *osec = other->sk->sk_security; in selinux_socket_unix_may_send()
5019 ad_net_init_from_sk(&ad, &net, other->sk); in selinux_socket_unix_may_send()
5021 return avc_has_perm(ssec->sid, osec->sid, osec->sclass, SOCKET__SENDTO, in selinux_socket_unix_may_send()
5052 struct sk_security_struct *sksec = sk->sk_security; in selinux_sock_rcv_skb_compat()
5053 u32 sk_sid = sksec->sid; in selinux_sock_rcv_skb_compat()
5058 ad_net_init_from_iif(&ad, &net, skb->skb_iif, family); in selinux_sock_rcv_skb_compat()
5064 err = avc_has_perm(sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_sock_rcv_skb_compat()
5073 err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); in selinux_sock_rcv_skb_compat()
5081 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_sock_rcv_skb()
5082 u16 family = sk->sk_family; in selinux_socket_sock_rcv_skb()
5083 u32 sk_sid = sksec->sid; in selinux_socket_sock_rcv_skb()
5092 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_socket_sock_rcv_skb()
5107 ad_net_init_from_iif(&ad, &net, skb->skb_iif, family); in selinux_socket_sock_rcv_skb()
5118 err = selinux_inet_sys_rcv_skb(sock_net(sk), skb->skb_iif, in selinux_socket_sock_rcv_skb()
5133 err = avc_has_perm(sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_socket_sock_rcv_skb()
5149 struct sk_security_struct *sksec = sock->sk->sk_security; in selinux_socket_getpeersec_stream()
5152 if (sksec->sclass == SECCLASS_UNIX_STREAM_SOCKET || in selinux_socket_getpeersec_stream()
5153 sksec->sclass == SECCLASS_TCP_SOCKET || in selinux_socket_getpeersec_stream()
5154 sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_getpeersec_stream()
5155 peer_sid = sksec->peer_sid; in selinux_socket_getpeersec_stream()
5157 return -ENOPROTOOPT; in selinux_socket_getpeersec_stream()
5164 err = -ERANGE; in selinux_socket_getpeersec_stream()
5169 err = -EFAULT; in selinux_socket_getpeersec_stream()
5172 err = -EFAULT; in selinux_socket_getpeersec_stream()
5183 if (skb && skb->protocol == htons(ETH_P_IP)) in selinux_socket_getpeersec_dgram()
5185 else if (skb && skb->protocol == htons(ETH_P_IPV6)) in selinux_socket_getpeersec_dgram()
5188 family = sock->sk->sk_family; in selinux_socket_getpeersec_dgram()
5194 peer_secid = isec->sid; in selinux_socket_getpeersec_dgram()
5201 return -EINVAL; in selinux_socket_getpeersec_dgram()
5211 return -ENOMEM; in selinux_sk_alloc_security()
5213 sksec->peer_sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5214 sksec->sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5215 sksec->sclass = SECCLASS_SOCKET; in selinux_sk_alloc_security()
5217 sk->sk_security = sksec; in selinux_sk_alloc_security()
5224 struct sk_security_struct *sksec = sk->sk_security; in selinux_sk_free_security()
5226 sk->sk_security = NULL; in selinux_sk_free_security()
5233 struct sk_security_struct *sksec = sk->sk_security; in selinux_sk_clone_security()
5234 struct sk_security_struct *newsksec = newsk->sk_security; in selinux_sk_clone_security()
5236 newsksec->sid = sksec->sid; in selinux_sk_clone_security()
5237 newsksec->peer_sid = sksec->peer_sid; in selinux_sk_clone_security()
5238 newsksec->sclass = sksec->sclass; in selinux_sk_clone_security()
5248 const struct sk_security_struct *sksec = sk->sk_security; in selinux_sk_getsecid()
5250 *secid = sksec->sid; in selinux_sk_getsecid()
5258 struct sk_security_struct *sksec = sk->sk_security; in selinux_sock_graft()
5260 if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 || in selinux_sock_graft()
5261 sk->sk_family == PF_UNIX) in selinux_sock_graft()
5262 isec->sid = sksec->sid; in selinux_sock_graft()
5263 sksec->sclass = isec->sclass; in selinux_sock_graft()
5273 struct sock *sk = asoc->base.sk; in selinux_sctp_process_new_assoc()
5274 u16 family = sk->sk_family; in selinux_sctp_process_new_assoc()
5275 struct sk_security_struct *sksec = sk->sk_security; in selinux_sctp_process_new_assoc()
5281 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_sctp_process_new_assoc()
5285 asoc->peer_secid = SECSID_NULL; in selinux_sctp_process_new_assoc()
5290 err = selinux_skb_peerlbl_sid(skb, family, &asoc->peer_secid); in selinux_sctp_process_new_assoc()
5294 if (asoc->peer_secid == SECSID_NULL) in selinux_sctp_process_new_assoc()
5295 asoc->peer_secid = SECINITSID_UNLABELED; in selinux_sctp_process_new_assoc()
5297 asoc->peer_secid = SECINITSID_UNLABELED; in selinux_sctp_process_new_assoc()
5300 if (sksec->sctp_assoc_state == SCTP_ASSOC_UNSET) { in selinux_sctp_process_new_assoc()
5301 sksec->sctp_assoc_state = SCTP_ASSOC_SET; in selinux_sctp_process_new_assoc()
5308 sksec->peer_sid = asoc->peer_secid; in selinux_sctp_process_new_assoc()
5309 } else if (sksec->peer_sid != asoc->peer_secid) { in selinux_sctp_process_new_assoc()
5313 ad_net_init_from_sk(&ad, &net, asoc->base.sk); in selinux_sctp_process_new_assoc()
5314 err = avc_has_perm(sksec->peer_sid, asoc->peer_secid, in selinux_sctp_process_new_assoc()
5315 sksec->sclass, SCTP_SOCKET__ASSOCIATION, in selinux_sctp_process_new_assoc()
5330 struct sk_security_struct *sksec = asoc->base.sk->sk_security; in selinux_sctp_assoc_request()
5347 err = selinux_conn_sid(sksec->sid, asoc->peer_secid, &conn_sid); in selinux_sctp_assoc_request()
5351 asoc->secid = conn_sid; in selinux_sctp_assoc_request()
5363 struct sk_security_struct *sksec = asoc->base.sk->sk_security; in selinux_sctp_assoc_established()
5368 /* Inherit secid from the parent socket - this will be picked up in selinux_sctp_assoc_established()
5372 asoc->secid = sksec->sid; in selinux_sctp_assoc_established()
5393 sock = sk->sk_socket; in selinux_sctp_bind_connect()
5398 return -EINVAL; in selinux_sctp_bind_connect()
5401 switch (addr->sa_family) { in selinux_sctp_bind_connect()
5410 return -EINVAL; in selinux_sctp_bind_connect()
5414 return -EINVAL; in selinux_sctp_bind_connect()
5416 err = -EINVAL; in selinux_sctp_bind_connect()
5462 struct sk_security_struct *sksec = sk->sk_security; in selinux_sctp_sk_clone()
5463 struct sk_security_struct *newsksec = newsk->sk_security; in selinux_sctp_sk_clone()
5466 * the non-sctp clone version. in selinux_sctp_sk_clone()
5471 newsksec->sid = asoc->secid; in selinux_sctp_sk_clone()
5472 newsksec->peer_sid = asoc->peer_secid; in selinux_sctp_sk_clone()
5473 newsksec->sclass = sksec->sclass; in selinux_sctp_sk_clone()
5479 struct sk_security_struct *ssksec = ssk->sk_security; in selinux_mptcp_add_subflow()
5480 struct sk_security_struct *sksec = sk->sk_security; in selinux_mptcp_add_subflow()
5482 ssksec->sclass = sksec->sclass; in selinux_mptcp_add_subflow()
5483 ssksec->sid = sksec->sid; in selinux_mptcp_add_subflow()
5486 * and re-recreating a new label using the updated context in selinux_mptcp_add_subflow()
5489 return selinux_netlbl_socket_post_create(ssk, ssk->sk_family); in selinux_mptcp_add_subflow()
5495 struct sk_security_struct *sksec = sk->sk_security; in selinux_inet_conn_request()
5497 u16 family = req->rsk_ops->family; in selinux_inet_conn_request()
5504 err = selinux_conn_sid(sksec->sid, peersid, &connsid); in selinux_inet_conn_request()
5507 req->secid = connsid; in selinux_inet_conn_request()
5508 req->peer_secid = peersid; in selinux_inet_conn_request()
5516 struct sk_security_struct *newsksec = newsk->sk_security; in selinux_inet_csk_clone()
5518 newsksec->sid = req->secid; in selinux_inet_csk_clone()
5519 newsksec->peer_sid = req->peer_secid; in selinux_inet_csk_clone()
5520 /* NOTE: Ideally, we should also get the isec->sid for the in selinux_inet_csk_clone()
5527 selinux_netlbl_inet_csk_clone(newsk, req->rsk_ops->family); in selinux_inet_csk_clone()
5532 u16 family = sk->sk_family; in selinux_inet_conn_established()
5533 struct sk_security_struct *sksec = sk->sk_security; in selinux_inet_conn_established()
5536 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_inet_conn_established()
5539 selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid); in selinux_inet_conn_established()
5548 tsid = tsec->sid; in selinux_secmark_relabel_packet()
5567 flic->flowic_secid = req->secid; in selinux_req_classify_flow()
5576 return -ENOMEM; in selinux_tun_dev_alloc_security()
5577 tunsec->sid = current_sid(); in selinux_tun_dev_alloc_security()
5596 * connections unlike traditional sockets - check the TUN driver to in selinux_tun_dev_create()
5607 return avc_has_perm(current_sid(), tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_attach_queue()
5614 struct sk_security_struct *sksec = sk->sk_security; in selinux_tun_dev_attach()
5623 sksec->sid = tunsec->sid; in selinux_tun_dev_attach()
5624 sksec->sclass = SECCLASS_TUN_SOCKET; in selinux_tun_dev_attach()
5635 err = avc_has_perm(sid, tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_open()
5643 tunsec->sid = sid; in selinux_tun_dev_open()
5669 family = state->pf; in selinux_ip_forward()
5673 ifindex = state->in->ifindex; in selinux_ip_forward()
5681 err = selinux_inet_sys_rcv_skb(state->net, ifindex, in selinux_ip_forward()
5690 if (avc_has_perm(peer_sid, skb->secmark, in selinux_ip_forward()
5717 sk = skb->sk; in selinux_ip_output()
5723 * packet is a SYN-ACK packet which means it needs to in selinux_ip_output()
5727 * the parent socket until after the SYN-ACK is sent. in selinux_ip_output()
5728 * the "solution" is to simply pass the packet as-is in selinux_ip_output()
5737 sksec = sk->sk_security; in selinux_ip_output()
5738 sid = sksec->sid; in selinux_ip_output()
5741 if (selinux_netlbl_skbuff_setsid(skb, state->pf, sid) != 0) in selinux_ip_output()
5760 sksec = sk->sk_security; in selinux_ip_postroute_compat()
5762 ad_net_init_from_iif(&ad, &net, state->out->ifindex, state->pf); in selinux_ip_postroute_compat()
5767 if (avc_has_perm(sksec->sid, skb->secmark, in selinux_ip_postroute_compat()
5769 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute_compat()
5771 if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto)) in selinux_ip_postroute_compat()
5772 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute_compat()
5806 /* If skb->dst->xfrm is non-NULL then the packet is undergoing an IPsec in selinux_ip_postroute()
5810 * NOTE: there appear to be some IPv6 multicast cases where skb->dst in selinux_ip_postroute()
5812 * NOTE: if this is a local socket (skb->sk != NULL) that is in the in selinux_ip_postroute()
5817 if (skb_dst(skb) != NULL && skb_dst(skb)->xfrm != NULL && in selinux_ip_postroute()
5822 family = state->pf; in selinux_ip_postroute()
5828 if (skb->skb_iif) { in selinux_ip_postroute()
5838 * listening state which means this is a SYN-ACK packet. In in selinux_ip_postroute()
5842 * socket until after the SYN-ACK packet is sent; the only in selinux_ip_postroute()
5849 sksec = sk->sk_security; in selinux_ip_postroute()
5861 if (IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5865 if (IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5869 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5872 if (selinux_conn_sid(sksec->sid, skb_sid, &peer_sid)) in selinux_ip_postroute()
5878 struct sk_security_struct *sksec = sk->sk_security; in selinux_ip_postroute()
5879 peer_sid = sksec->sid; in selinux_ip_postroute()
5883 ifindex = state->out->ifindex; in selinux_ip_postroute()
5889 if (avc_has_perm(peer_sid, skb->secmark, in selinux_ip_postroute()
5891 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5897 if (sel_netif_sid(state->net, ifindex, &if_sid)) in selinux_ip_postroute()
5901 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5907 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5918 unsigned int data_len = skb->len; in selinux_netlink_send()
5919 unsigned char *data = skb->data; in selinux_netlink_send()
5921 struct sk_security_struct *sksec = sk->sk_security; in selinux_netlink_send()
5922 u16 sclass = sksec->sclass; in selinux_netlink_send()
5934 if (nlh->nlmsg_len < NLMSG_HDRLEN || nlh->nlmsg_len > data_len) in selinux_netlink_send()
5937 rc = selinux_nlmsg_lookup(sclass, nlh->nlmsg_type, &perm); in selinux_netlink_send()
5942 } else if (rc == -EINVAL) { in selinux_netlink_send()
5943 /* -EINVAL is a missing msg/perm mapping */ in selinux_netlink_send()
5947 sk->sk_protocol, nlh->nlmsg_type, in selinux_netlink_send()
5948 secclass_map[sclass - 1].name, in selinux_netlink_send()
5949 task_pid_nr(current), current->comm); in selinux_netlink_send()
5954 } else if (rc == -ENOENT) { in selinux_netlink_send()
5955 /* -ENOENT is a missing socket/class mapping, ignore */ in selinux_netlink_send()
5962 msg_len = NLMSG_ALIGN(nlh->nlmsg_len); in selinux_netlink_send()
5965 data_len -= msg_len; in selinux_netlink_send()
5974 isec->sclass = sclass; in ipc_init_security()
5975 isec->sid = current_sid(); in ipc_init_security()
5988 ad.u.ipc_id = ipc_perms->key; in ipc_has_perm()
5990 return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad); in ipc_has_perm()
5998 msec->sid = SECINITSID_UNLABELED; in selinux_msg_msg_alloc_security()
6014 ad.u.ipc_id = msq->key; in selinux_msg_queue_alloc_security()
6016 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_alloc_security()
6029 ad.u.ipc_id = msq->key; in selinux_msg_queue_associate()
6031 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_associate()
6035 static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) in selinux_msg_queue_msgctl() argument
6039 switch (cmd) { in selinux_msg_queue_msgctl()
6042 /* No specific object, just general system-wide information. */ in selinux_msg_queue_msgctl()
6077 if (msec->sid == SECINITSID_UNLABELED) { in selinux_msg_queue_msgsnd()
6082 rc = security_transition_sid(sid, isec->sid, in selinux_msg_queue_msgsnd()
6083 SECCLASS_MSG, NULL, &msec->sid); in selinux_msg_queue_msgsnd()
6089 ad.u.ipc_id = msq->key; in selinux_msg_queue_msgsnd()
6092 rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6096 rc = avc_has_perm(sid, msec->sid, SECCLASS_MSG, in selinux_msg_queue_msgsnd()
6100 rc = avc_has_perm(msec->sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6120 ad.u.ipc_id = msq->key; in selinux_msg_queue_msgrcv()
6122 rc = avc_has_perm(sid, isec->sid, in selinux_msg_queue_msgrcv()
6125 rc = avc_has_perm(sid, msec->sid, in selinux_msg_queue_msgrcv()
6141 ad.u.ipc_id = shp->key; in selinux_shm_alloc_security()
6143 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, in selinux_shm_alloc_security()
6156 ad.u.ipc_id = shp->key; in selinux_shm_associate()
6158 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, in selinux_shm_associate()
6163 static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd) in selinux_shm_shmctl() argument
6167 switch (cmd) { in selinux_shm_shmctl()
6170 /* No specific object, just general system-wide information. */ in selinux_shm_shmctl()
6219 ad.u.ipc_id = sma->key; in selinux_sem_alloc_security()
6221 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, in selinux_sem_alloc_security()
6234 ad.u.ipc_id = sma->key; in selinux_sem_associate()
6236 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, in selinux_sem_associate()
6241 static int selinux_sem_semctl(struct kern_ipc_perm *sma, int cmd) in selinux_sem_semctl() argument
6246 switch (cmd) { in selinux_sem_semctl()
6249 /* No specific object, just general system-wide information. */ in selinux_sem_semctl()
6316 *secid = isec->sid; in selinux_ipc_getsecid()
6337 error = avc_has_perm(current_sid(), __tsec->sid, in selinux_getprocattr()
6344 sid = __tsec->sid; in selinux_getprocattr()
6346 sid = __tsec->osid; in selinux_getprocattr()
6348 sid = __tsec->exec_sid; in selinux_getprocattr()
6350 sid = __tsec->create_sid; in selinux_getprocattr()
6352 sid = __tsec->keycreate_sid; in selinux_getprocattr()
6354 sid = __tsec->sockcreate_sid; in selinux_getprocattr()
6356 error = -EINVAL; in selinux_getprocattr()
6401 error = -EINVAL; in selinux_setprocattr()
6407 if (str[size-1] == '\n') { in selinux_setprocattr()
6408 str[size-1] = 0; in selinux_setprocattr()
6409 size--; in selinux_setprocattr()
6413 if (error == -EINVAL && !strcmp(name, "fscreate")) { in selinux_setprocattr()
6420 if (str[size - 1] == '\0') in selinux_setprocattr()
6421 audit_size = size - 1; in selinux_setprocattr()
6444 return -ENOMEM; in selinux_setprocattr()
6454 tsec->exec_sid = sid; in selinux_setprocattr()
6456 tsec->create_sid = sid; in selinux_setprocattr()
6464 tsec->keycreate_sid = sid; in selinux_setprocattr()
6466 tsec->sockcreate_sid = sid; in selinux_setprocattr()
6468 error = -EINVAL; in selinux_setprocattr()
6474 error = security_bounded_transition(tsec->sid, sid); in selinux_setprocattr()
6480 error = avc_has_perm(tsec->sid, sid, SECCLASS_PROCESS, in selinux_setprocattr()
6495 tsec->sid = sid; in selinux_setprocattr()
6497 error = -EINVAL; in selinux_setprocattr()
6535 spin_lock(&isec->lock); in selinux_inode_invalidate_secctx()
6536 isec->initialized = LABEL_INVALID; in selinux_inode_invalidate_secctx()
6537 spin_unlock(&isec->lock); in selinux_inode_invalidate_secctx()
6541 * called with inode->i_mutex locked
6548 return rc == -EOPNOTSUPP ? 0 : rc; in selinux_inode_notifysecctx()
6552 * called with inode->i_mutex locked
6580 return -ENOMEM; in selinux_key_alloc()
6583 if (tsec->keycreate_sid) in selinux_key_alloc()
6584 ksec->sid = tsec->keycreate_sid; in selinux_key_alloc()
6586 ksec->sid = tsec->sid; in selinux_key_alloc()
6588 k->security = ksec; in selinux_key_alloc()
6594 struct key_security_struct *ksec = k->security; in selinux_key_free()
6596 k->security = NULL; in selinux_key_free()
6634 return -EPERM; in selinux_key_permission()
6640 ksec = key->security; in selinux_key_permission()
6642 return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, perm, NULL); in selinux_key_permission()
6647 struct key_security_struct *ksec = key->security; in selinux_key_getsecurity()
6652 rc = security_sid_to_context(ksec->sid, in selinux_key_getsecurity()
6663 struct key_security_struct *ksec = key->security; in selinux_watch_key()
6666 return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, KEY__VIEW, NULL); in selinux_watch_key()
6688 return avc_has_perm(sec->sid, sid, in selinux_ib_pkey_access()
6712 return avc_has_perm(sec->sid, sid, in selinux_ib_endport_manage_subnet()
6723 return -ENOMEM; in selinux_ib_alloc_security()
6724 sec->sid = current_sid(); in selinux_ib_alloc_security()
6737 static int selinux_bpf(int cmd, union bpf_attr *attr, in selinux_bpf() argument
6743 switch (cmd) { in selinux_bpf()
6786 if (file->f_op == &bpf_map_fops) { in bpf_fd_pass()
6787 map = file->private_data; in bpf_fd_pass()
6788 bpfsec = map->security; in bpf_fd_pass()
6789 ret = avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6790 bpf_map_fmode_to_av(file->f_mode), NULL); in bpf_fd_pass()
6793 } else if (file->f_op == &bpf_prog_fops) { in bpf_fd_pass()
6794 prog = file->private_data; in bpf_fd_pass()
6795 bpfsec = prog->aux->security; in bpf_fd_pass()
6796 ret = avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6809 bpfsec = map->security; in selinux_bpf_map()
6810 return avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_map()
6819 bpfsec = prog->aux->security; in selinux_bpf_prog()
6820 return avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_prog()
6830 return -ENOMEM; in selinux_bpf_map_alloc()
6832 bpfsec->sid = current_sid(); in selinux_bpf_map_alloc()
6833 map->security = bpfsec; in selinux_bpf_map_alloc()
6840 struct bpf_security_struct *bpfsec = map->security; in selinux_bpf_map_free()
6842 map->security = NULL; in selinux_bpf_map_free()
6852 return -ENOMEM; in selinux_bpf_prog_alloc()
6854 bpfsec->sid = current_sid(); in selinux_bpf_prog_alloc()
6855 aux->security = bpfsec; in selinux_bpf_prog_alloc()
6862 struct bpf_security_struct *bpfsec = aux->security; in selinux_bpf_prog_free()
6864 aux->security = NULL; in selinux_bpf_prog_free()
6893 return -EINVAL; in selinux_perf_event_open()
6905 return -ENOMEM; in selinux_perf_event_alloc()
6907 perfsec->sid = current_sid(); in selinux_perf_event_alloc()
6908 event->security = perfsec; in selinux_perf_event_alloc()
6915 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_free()
6917 event->security = NULL; in selinux_perf_event_free()
6923 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_read()
6926 return avc_has_perm(sid, perfsec->sid, in selinux_perf_event_read()
6932 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_write()
6935 return avc_has_perm(sid, perfsec->sid, in selinux_perf_event_write()
6942 * selinux_uring_override_creds - check the requested cred override
6955 * selinux_uring_sqpoll - check if a io_uring polling thread can be created
6969 * selinux_uring_cmd - check if IORING_OP_URING_CMD is allowed
6978 struct file *file = ioucmd->file; in selinux_uring_cmd()
6986 return avc_has_perm(current_sid(), isec->sid, in selinux_uring_cmd()