| hooks.c (c1a85a00ea66cb6f0bd0f14e47c28c2b0999799f) | hooks.c (3a28cff3bd4bf43f02be0c4e7933aebf3dc8197e) |
|---|---|
| 1/* 2 * NSA Security-Enhanced Linux (SELinux) security module 3 * 4 * This file contains the SELinux hook function implementations. 5 * 6 * Authors: Stephen Smalley, <sds@tycho.nsa.gov> 7 * Chris Vance, <cvance@nai.com> 8 * Wayne Salamon, <wsalamon@nai.com> --- 65 unchanged lines hidden (view full) --- 74#include <net/af_unix.h> /* for Unix socket types */ 75#include <linux/parser.h> 76#include <linux/nfs_mount.h> 77#include <net/ipv6.h> 78#include <linux/hugetlb.h> 79#include <linux/personality.h> 80#include <linux/audit.h> 81#include <linux/string.h> | 1/* 2 * NSA Security-Enhanced Linux (SELinux) security module 3 * 4 * This file contains the SELinux hook function implementations. 5 * 6 * Authors: Stephen Smalley, <sds@tycho.nsa.gov> 7 * Chris Vance, <cvance@nai.com> 8 * Wayne Salamon, <wsalamon@nai.com> --- 65 unchanged lines hidden (view full) --- 74#include <net/af_unix.h> /* for Unix socket types */ 75#include <linux/parser.h> 76#include <linux/nfs_mount.h> 77#include <net/ipv6.h> 78#include <linux/hugetlb.h> 79#include <linux/personality.h> 80#include <linux/audit.h> 81#include <linux/string.h> |
| 82#include <linux/selinux.h> |
|
| 82#include <linux/mutex.h> 83#include <linux/posix-timers.h> 84#include <linux/syslog.h> 85#include <linux/user_namespace.h> 86#include <linux/export.h> 87#include <linux/msg.h> 88#include <linux/shm.h> 89#include <linux/bpf.h> --- 25 unchanged lines hidden (view full) --- 115 selinux_enforcing_boot = enforcing ? 1 : 0; 116 return 1; 117} 118__setup("enforcing=", enforcing_setup); 119#else 120#define selinux_enforcing_boot 1 121#endif 122 | 83#include <linux/mutex.h> 84#include <linux/posix-timers.h> 85#include <linux/syslog.h> 86#include <linux/user_namespace.h> 87#include <linux/export.h> 88#include <linux/msg.h> 89#include <linux/shm.h> 90#include <linux/bpf.h> --- 25 unchanged lines hidden (view full) --- 116 selinux_enforcing_boot = enforcing ? 1 : 0; 117 return 1; 118} 119__setup("enforcing=", enforcing_setup); 120#else 121#define selinux_enforcing_boot 1 122#endif 123 |
| 123int selinux_enabled __lsm_ro_after_init = 1; | |
| 124#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM | 124#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM |
| 125int selinux_enabled = CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE; 126 |
|
| 125static int __init selinux_enabled_setup(char *str) 126{ 127 unsigned long enabled; 128 if (!kstrtoul(str, 0, &enabled)) 129 selinux_enabled = enabled ? 1 : 0; 130 return 1; 131} 132__setup("selinux=", selinux_enabled_setup); | 127static int __init selinux_enabled_setup(char *str) 128{ 129 unsigned long enabled; 130 if (!kstrtoul(str, 0, &enabled)) 131 selinux_enabled = enabled ? 1 : 0; 132 return 1; 133} 134__setup("selinux=", selinux_enabled_setup); |
| 135#else 136int selinux_enabled = 1; |
|
| 133#endif 134 135static unsigned int selinux_checkreqprot_boot = 136 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; 137 138static int __init checkreqprot_setup(char *str) 139{ 140 unsigned long checkreqprot; 141 142 if (!kstrtoul(str, 0, &checkreqprot)) 143 selinux_checkreqprot_boot = checkreqprot ? 1 : 0; 144 return 1; 145} 146__setup("checkreqprot=", checkreqprot_setup); 147 | 137#endif 138 139static unsigned int selinux_checkreqprot_boot = 140 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; 141 142static int __init checkreqprot_setup(char *str) 143{ 144 unsigned long checkreqprot; 145 146 if (!kstrtoul(str, 0, &checkreqprot)) 147 selinux_checkreqprot_boot = checkreqprot ? 1 : 0; 148 return 1; 149} 150__setup("checkreqprot=", checkreqprot_setup); 151 |
| 152static struct kmem_cache *sel_inode_cache; 153static struct kmem_cache *file_security_cache; 154 |
|
| 148/** 149 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled 150 * 151 * Description: 152 * This function checks the SECMARK reference counter to see if any SECMARK 153 * targets are currently configured, if the reference counter is greater than 154 * zero SECMARK is considered to be enabled. Returns true (1) if SECMARK is 155 * enabled, false (0) if SECMARK is disabled. If the always_check_network --- 46 unchanged lines hidden (view full) --- 202/* 203 * initialise the security for the init task 204 */ 205static void cred_init_security(void) 206{ 207 struct cred *cred = (struct cred *) current->real_cred; 208 struct task_security_struct *tsec; 209 | 155/** 156 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled 157 * 158 * Description: 159 * This function checks the SECMARK reference counter to see if any SECMARK 160 * targets are currently configured, if the reference counter is greater than 161 * zero SECMARK is considered to be enabled. Returns true (1) if SECMARK is 162 * enabled, false (0) if SECMARK is disabled. If the always_check_network --- 46 unchanged lines hidden (view full) --- 209/* 210 * initialise the security for the init task 211 */ 212static void cred_init_security(void) 213{ 214 struct cred *cred = (struct cred *) current->real_cred; 215 struct task_security_struct *tsec; 216 |
| 210 lsm_early_cred(cred); 211 tsec = selinux_cred(cred); | 217 tsec = kzalloc(sizeof(struct task_security_struct), GFP_KERNEL); 218 if (!tsec) 219 panic("SELinux: Failed to initialize initial task.\n"); 220 |
| 212 tsec->osid = tsec->sid = SECINITSID_KERNEL; | 221 tsec->osid = tsec->sid = SECINITSID_KERNEL; |
| 222 cred->security = tsec; |
|
| 213} 214 215/* 216 * get the security ID of a set of credentials 217 */ 218static inline u32 cred_sid(const struct cred *cred) 219{ 220 const struct task_security_struct *tsec; 221 | 223} 224 225/* 226 * get the security ID of a set of credentials 227 */ 228static inline u32 cred_sid(const struct cred *cred) 229{ 230 const struct task_security_struct *tsec; 231 |
| 222 tsec = selinux_cred(cred); | 232 tsec = cred->security; |
| 223 return tsec->sid; 224} 225 226/* 227 * get the objective security ID of a task 228 */ 229static inline u32 task_sid(const struct task_struct *task) 230{ --- 4 unchanged lines hidden (view full) --- 235 rcu_read_unlock(); 236 return sid; 237} 238 239/* Allocate and free functions for each kind of security blob. */ 240 241static int inode_alloc_security(struct inode *inode) 242{ | 233 return tsec->sid; 234} 235 236/* 237 * get the objective security ID of a task 238 */ 239static inline u32 task_sid(const struct task_struct *task) 240{ --- 4 unchanged lines hidden (view full) --- 245 rcu_read_unlock(); 246 return sid; 247} 248 249/* Allocate and free functions for each kind of security blob. */ 250 251static int inode_alloc_security(struct inode *inode) 252{ |
| 243 struct inode_security_struct *isec = selinux_inode(inode); | 253 struct inode_security_struct *isec; |
| 244 u32 sid = current_sid(); 245 | 254 u32 sid = current_sid(); 255 |
| 256 isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS); 257 if (!isec) 258 return -ENOMEM; 259 |
|
| 246 spin_lock_init(&isec->lock); 247 INIT_LIST_HEAD(&isec->list); 248 isec->inode = inode; 249 isec->sid = SECINITSID_UNLABELED; 250 isec->sclass = SECCLASS_FILE; 251 isec->task_sid = sid; 252 isec->initialized = LABEL_INVALID; | 260 spin_lock_init(&isec->lock); 261 INIT_LIST_HEAD(&isec->list); 262 isec->inode = inode; 263 isec->sid = SECINITSID_UNLABELED; 264 isec->sclass = SECCLASS_FILE; 265 isec->task_sid = sid; 266 isec->initialized = LABEL_INVALID; |
| 267 inode->i_security = isec; |
|
| 253 254 return 0; 255} 256 257static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry); 258 259/* 260 * Try reloading inode security labels that have been marked as invalid. The 261 * @may_sleep parameter indicates when sleeping and thus reloading labels is 262 * allowed; when set to false, returns -ECHILD when the label is 263 * invalid. The @dentry parameter should be set to a dentry of the inode. 264 */ 265static int __inode_security_revalidate(struct inode *inode, 266 struct dentry *dentry, 267 bool may_sleep) 268{ | 268 269 return 0; 270} 271 272static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry); 273 274/* 275 * Try reloading inode security labels that have been marked as invalid. The 276 * @may_sleep parameter indicates when sleeping and thus reloading labels is 277 * allowed; when set to false, returns -ECHILD when the label is 278 * invalid. The @dentry parameter should be set to a dentry of the inode. 279 */ 280static int __inode_security_revalidate(struct inode *inode, 281 struct dentry *dentry, 282 bool may_sleep) 283{ |
| 269 struct inode_security_struct *isec = selinux_inode(inode); | 284 struct inode_security_struct *isec = inode->i_security; |
| 270 271 might_sleep_if(may_sleep); 272 273 if (selinux_state.initialized && 274 isec->initialized != LABEL_INITIALIZED) { 275 if (!may_sleep) 276 return -ECHILD; 277 --- 4 unchanged lines hidden (view full) --- 282 */ 283 inode_doinit_with_dentry(inode, dentry); 284 } 285 return 0; 286} 287 288static struct inode_security_struct *inode_security_novalidate(struct inode *inode) 289{ | 285 286 might_sleep_if(may_sleep); 287 288 if (selinux_state.initialized && 289 isec->initialized != LABEL_INITIALIZED) { 290 if (!may_sleep) 291 return -ECHILD; 292 --- 4 unchanged lines hidden (view full) --- 297 */ 298 inode_doinit_with_dentry(inode, dentry); 299 } 300 return 0; 301} 302 303static struct inode_security_struct *inode_security_novalidate(struct inode *inode) 304{ |
| 290 return selinux_inode(inode); | 305 return inode->i_security; |
| 291} 292 293static struct inode_security_struct *inode_security_rcu(struct inode *inode, bool rcu) 294{ 295 int error; 296 297 error = __inode_security_revalidate(inode, NULL, !rcu); 298 if (error) 299 return ERR_PTR(error); | 306} 307 308static struct inode_security_struct *inode_security_rcu(struct inode *inode, bool rcu) 309{ 310 int error; 311 312 error = __inode_security_revalidate(inode, NULL, !rcu); 313 if (error) 314 return ERR_PTR(error); |
| 300 return selinux_inode(inode); | 315 return inode->i_security; |
| 301} 302 303/* 304 * Get the security label of an inode. 305 */ 306static struct inode_security_struct *inode_security(struct inode *inode) 307{ 308 __inode_security_revalidate(inode, NULL, true); | 316} 317 318/* 319 * Get the security label of an inode. 320 */ 321static struct inode_security_struct *inode_security(struct inode *inode) 322{ 323 __inode_security_revalidate(inode, NULL, true); |
| 309 return selinux_inode(inode); | 324 return inode->i_security; |
| 310} 311 312static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) 313{ 314 struct inode *inode = d_backing_inode(dentry); 315 | 325} 326 327static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) 328{ 329 struct inode *inode = d_backing_inode(dentry); 330 |
| 316 return selinux_inode(inode); | 331 return inode->i_security; |
| 317} 318 319/* 320 * Get the security label of a dentry's backing inode. 321 */ 322static struct inode_security_struct *backing_inode_security(struct dentry *dentry) 323{ 324 struct inode *inode = d_backing_inode(dentry); 325 326 __inode_security_revalidate(inode, dentry, true); | 332} 333 334/* 335 * Get the security label of a dentry's backing inode. 336 */ 337static struct inode_security_struct *backing_inode_security(struct dentry *dentry) 338{ 339 struct inode *inode = d_backing_inode(dentry); 340 341 __inode_security_revalidate(inode, dentry, true); |
| 327 return selinux_inode(inode); | 342 return inode->i_security; |
| 328} 329 | 343} 344 |
| 345static void inode_free_rcu(struct rcu_head *head) 346{ 347 struct inode_security_struct *isec; 348 349 isec = container_of(head, struct inode_security_struct, rcu); 350 kmem_cache_free(sel_inode_cache, isec); 351} 352 |
|
| 330static void inode_free_security(struct inode *inode) 331{ | 353static void inode_free_security(struct inode *inode) 354{ |
| 332 struct inode_security_struct *isec = selinux_inode(inode); 333 struct superblock_security_struct *sbsec; | 355 struct inode_security_struct *isec = inode->i_security; 356 struct superblock_security_struct *sbsec = inode->i_sb->s_security; |
| 334 | 357 |
| 335 if (!isec) 336 return; 337 sbsec = inode->i_sb->s_security; | |
| 338 /* 339 * As not all inode security structures are in a list, we check for 340 * empty list outside of the lock to make sure that we won't waste 341 * time taking a lock doing nothing. 342 * 343 * The list_del_init() function can be safely called more than once. 344 * It should not be possible for this function to be called with 345 * concurrent list_add(), but for better safety against future changes 346 * in the code, we use list_empty_careful() here. 347 */ 348 if (!list_empty_careful(&isec->list)) { 349 spin_lock(&sbsec->isec_lock); 350 list_del_init(&isec->list); 351 spin_unlock(&sbsec->isec_lock); 352 } | 358 /* 359 * As not all inode security structures are in a list, we check for 360 * empty list outside of the lock to make sure that we won't waste 361 * time taking a lock doing nothing. 362 * 363 * The list_del_init() function can be safely called more than once. 364 * It should not be possible for this function to be called with 365 * concurrent list_add(), but for better safety against future changes 366 * in the code, we use list_empty_careful() here. 367 */ 368 if (!list_empty_careful(&isec->list)) { 369 spin_lock(&sbsec->isec_lock); 370 list_del_init(&isec->list); 371 spin_unlock(&sbsec->isec_lock); 372 } |
| 373 374 /* 375 * The inode may still be referenced in a path walk and 376 * a call to selinux_inode_permission() can be made 377 * after inode_free_security() is called. Ideally, the VFS 378 * wouldn't do this, but fixing that is a much harder 379 * job. For now, simply free the i_security via RCU, and 380 * leave the current inode->i_security pointer intact. 381 * The inode will be freed after the RCU grace period too. 382 */ 383 call_rcu(&isec->rcu, inode_free_rcu); |
|
| 353} 354 355static int file_alloc_security(struct file *file) 356{ | 384} 385 386static int file_alloc_security(struct file *file) 387{ |
| 357 struct file_security_struct *fsec = selinux_file(file); | 388 struct file_security_struct *fsec; |
| 358 u32 sid = current_sid(); 359 | 389 u32 sid = current_sid(); 390 |
| 391 fsec = kmem_cache_zalloc(file_security_cache, GFP_KERNEL); 392 if (!fsec) 393 return -ENOMEM; 394 |
|
| 360 fsec->sid = sid; 361 fsec->fown_sid = sid; | 395 fsec->sid = sid; 396 fsec->fown_sid = sid; |
| 397 file->f_security = fsec; |
|
| 362 363 return 0; 364} 365 | 398 399 return 0; 400} 401 |
| 402static void file_free_security(struct file *file) 403{ 404 struct file_security_struct *fsec = file->f_security; 405 file->f_security = NULL; 406 kmem_cache_free(file_security_cache, fsec); 407} 408 |
|
| 366static int superblock_alloc_security(struct super_block *sb) 367{ 368 struct superblock_security_struct *sbsec; 369 370 sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); 371 if (!sbsec) 372 return -ENOMEM; 373 --- 79 unchanged lines hidden (view full) --- 453} 454 455#define SEL_MOUNT_FAIL_MSG "SELinux: duplicate or incompatible mount options\n" 456 457static int may_context_mount_sb_relabel(u32 sid, 458 struct superblock_security_struct *sbsec, 459 const struct cred *cred) 460{ | 409static int superblock_alloc_security(struct super_block *sb) 410{ 411 struct superblock_security_struct *sbsec; 412 413 sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); 414 if (!sbsec) 415 return -ENOMEM; 416 --- 79 unchanged lines hidden (view full) --- 496} 497 498#define SEL_MOUNT_FAIL_MSG "SELinux: duplicate or incompatible mount options\n" 499 500static int may_context_mount_sb_relabel(u32 sid, 501 struct superblock_security_struct *sbsec, 502 const struct cred *cred) 503{ |
| 461 const struct task_security_struct *tsec = selinux_cred(cred); | 504 const struct task_security_struct *tsec = cred->security; |
| 462 int rc; 463 464 rc = avc_has_perm(&selinux_state, 465 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, 466 FILESYSTEM__RELABELFROM, NULL); 467 if (rc) 468 return rc; 469 470 rc = avc_has_perm(&selinux_state, 471 tsec->sid, sid, SECCLASS_FILESYSTEM, 472 FILESYSTEM__RELABELTO, NULL); 473 return rc; 474} 475 476static int may_context_mount_inode_relabel(u32 sid, 477 struct superblock_security_struct *sbsec, 478 const struct cred *cred) 479{ | 505 int rc; 506 507 rc = avc_has_perm(&selinux_state, 508 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, 509 FILESYSTEM__RELABELFROM, NULL); 510 if (rc) 511 return rc; 512 513 rc = avc_has_perm(&selinux_state, 514 tsec->sid, sid, SECCLASS_FILESYSTEM, 515 FILESYSTEM__RELABELTO, NULL); 516 return rc; 517} 518 519static int may_context_mount_inode_relabel(u32 sid, 520 struct superblock_security_struct *sbsec, 521 const struct cred *cred) 522{ |
| 480 const struct task_security_struct *tsec = selinux_cred(cred); | 523 const struct task_security_struct *tsec = cred->security; |
| 481 int rc; 482 rc = avc_has_perm(&selinux_state, 483 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, 484 FILESYSTEM__RELABELFROM, NULL); 485 if (rc) 486 return rc; 487 488 rc = avc_has_perm(&selinux_state, --- 837 unchanged lines hidden (view full) --- 1326 free_page((unsigned long)buffer); 1327 return rc; 1328} 1329 1330/* The inode's security attributes must be initialized before first use. */ 1331static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry) 1332{ 1333 struct superblock_security_struct *sbsec = NULL; | 524 int rc; 525 rc = avc_has_perm(&selinux_state, 526 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, 527 FILESYSTEM__RELABELFROM, NULL); 528 if (rc) 529 return rc; 530 531 rc = avc_has_perm(&selinux_state, --- 837 unchanged lines hidden (view full) --- 1369 free_page((unsigned long)buffer); 1370 return rc; 1371} 1372 1373/* The inode's security attributes must be initialized before first use. */ 1374static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry) 1375{ 1376 struct superblock_security_struct *sbsec = NULL; |
| 1334 struct inode_security_struct *isec = selinux_inode(inode); | 1377 struct inode_security_struct *isec = inode->i_security; |
| 1335 u32 task_sid, sid = 0; 1336 u16 sclass; 1337 struct dentry *dentry; 1338#define INITCONTEXTLEN 255 1339 char *context = NULL; 1340 unsigned len = 0; 1341 int rc = 0; 1342 --- 230 unchanged lines hidden (view full) --- 1573} 1574 1575#if CAP_LAST_CAP > 63 1576#error Fix SELinux to handle capabilities > 63. 1577#endif 1578 1579/* Check whether a task is allowed to use a capability. */ 1580static int cred_has_capability(const struct cred *cred, | 1378 u32 task_sid, sid = 0; 1379 u16 sclass; 1380 struct dentry *dentry; 1381#define INITCONTEXTLEN 255 1382 char *context = NULL; 1383 unsigned len = 0; 1384 int rc = 0; 1385 --- 230 unchanged lines hidden (view full) --- 1616} 1617 1618#if CAP_LAST_CAP > 63 1619#error Fix SELinux to handle capabilities > 63. 1620#endif 1621 1622/* Check whether a task is allowed to use a capability. */ 1623static int cred_has_capability(const struct cred *cred, |
| 1581 int cap, unsigned int opts, bool initns) | 1624 int cap, int audit, bool initns) |
| 1582{ 1583 struct common_audit_data ad; 1584 struct av_decision avd; 1585 u16 sclass; 1586 u32 sid = cred_sid(cred); 1587 u32 av = CAP_TO_MASK(cap); 1588 int rc; 1589 --- 10 unchanged lines hidden (view full) --- 1600 default: 1601 pr_err("SELinux: out of range capability %d\n", cap); 1602 BUG(); 1603 return -EINVAL; 1604 } 1605 1606 rc = avc_has_perm_noaudit(&selinux_state, 1607 sid, sid, sclass, av, 0, &avd); | 1625{ 1626 struct common_audit_data ad; 1627 struct av_decision avd; 1628 u16 sclass; 1629 u32 sid = cred_sid(cred); 1630 u32 av = CAP_TO_MASK(cap); 1631 int rc; 1632 --- 10 unchanged lines hidden (view full) --- 1643 default: 1644 pr_err("SELinux: out of range capability %d\n", cap); 1645 BUG(); 1646 return -EINVAL; 1647 } 1648 1649 rc = avc_has_perm_noaudit(&selinux_state, 1650 sid, sid, sclass, av, 0, &avd); |
| 1608 if (!(opts & CAP_OPT_NOAUDIT)) { | 1651 if (audit == SECURITY_CAP_AUDIT) { |
| 1609 int rc2 = avc_audit(&selinux_state, 1610 sid, sid, sclass, av, &avd, rc, &ad, 0); 1611 if (rc2) 1612 return rc2; 1613 } 1614 return rc; 1615} 1616 --- 9 unchanged lines hidden (view full) --- 1626 u32 sid; 1627 1628 validate_creds(cred); 1629 1630 if (unlikely(IS_PRIVATE(inode))) 1631 return 0; 1632 1633 sid = cred_sid(cred); | 1652 int rc2 = avc_audit(&selinux_state, 1653 sid, sid, sclass, av, &avd, rc, &ad, 0); 1654 if (rc2) 1655 return rc2; 1656 } 1657 return rc; 1658} 1659 --- 9 unchanged lines hidden (view full) --- 1669 u32 sid; 1670 1671 validate_creds(cred); 1672 1673 if (unlikely(IS_PRIVATE(inode))) 1674 return 0; 1675 1676 sid = cred_sid(cred); |
| 1634 isec = selinux_inode(inode); | 1677 isec = inode->i_security; |
| 1635 1636 return avc_has_perm(&selinux_state, 1637 sid, isec->sid, isec->sclass, perms, adp); 1638} 1639 1640/* Same as inode_has_perm, but pass explicit audit data containing 1641 the dentry to help the auditing code to more easily generate the 1642 pathname if needed. */ --- 49 unchanged lines hidden (view full) --- 1692 Access to the descriptor is implicitly granted if it 1693 has the same SID as the process. If av is zero, then 1694 access to the file is not checked, e.g. for cases 1695 where only the descriptor is affected like seek. */ 1696static int file_has_perm(const struct cred *cred, 1697 struct file *file, 1698 u32 av) 1699{ | 1678 1679 return avc_has_perm(&selinux_state, 1680 sid, isec->sid, isec->sclass, perms, adp); 1681} 1682 1683/* Same as inode_has_perm, but pass explicit audit data containing 1684 the dentry to help the auditing code to more easily generate the 1685 pathname if needed. */ --- 49 unchanged lines hidden (view full) --- 1735 Access to the descriptor is implicitly granted if it 1736 has the same SID as the process. If av is zero, then 1737 access to the file is not checked, e.g. for cases 1738 where only the descriptor is affected like seek. */ 1739static int file_has_perm(const struct cred *cred, 1740 struct file *file, 1741 u32 av) 1742{ |
| 1700 struct file_security_struct *fsec = selinux_file(file); | 1743 struct file_security_struct *fsec = file->f_security; |
| 1701 struct inode *inode = file_inode(file); 1702 struct common_audit_data ad; 1703 u32 sid = cred_sid(cred); 1704 int rc; 1705 1706 ad.type = LSM_AUDIT_DATA_FILE; 1707 ad.u.file = file; 1708 --- 49 unchanged lines hidden (view full) --- 1758 return 0; 1759} 1760 1761/* Check whether a task can create a file. */ 1762static int may_create(struct inode *dir, 1763 struct dentry *dentry, 1764 u16 tclass) 1765{ | 1744 struct inode *inode = file_inode(file); 1745 struct common_audit_data ad; 1746 u32 sid = cred_sid(cred); 1747 int rc; 1748 1749 ad.type = LSM_AUDIT_DATA_FILE; 1750 ad.u.file = file; 1751 --- 49 unchanged lines hidden (view full) --- 1801 return 0; 1802} 1803 1804/* Check whether a task can create a file. */ 1805static int may_create(struct inode *dir, 1806 struct dentry *dentry, 1807 u16 tclass) 1808{ |
| 1766 const struct task_security_struct *tsec = selinux_cred(current_cred()); | 1809 const struct task_security_struct *tsec = current_security(); |
| 1767 struct inode_security_struct *dsec; 1768 struct superblock_security_struct *sbsec; 1769 u32 sid, newsid; 1770 struct common_audit_data ad; 1771 int rc; 1772 1773 dsec = inode_security(dir); 1774 sbsec = dir->i_sb->s_security; --- 5 unchanged lines hidden (view full) --- 1780 1781 rc = avc_has_perm(&selinux_state, 1782 sid, dsec->sid, SECCLASS_DIR, 1783 DIR__ADD_NAME | DIR__SEARCH, 1784 &ad); 1785 if (rc) 1786 return rc; 1787 | 1810 struct inode_security_struct *dsec; 1811 struct superblock_security_struct *sbsec; 1812 u32 sid, newsid; 1813 struct common_audit_data ad; 1814 int rc; 1815 1816 dsec = inode_security(dir); 1817 sbsec = dir->i_sb->s_security; --- 5 unchanged lines hidden (view full) --- 1823 1824 rc = avc_has_perm(&selinux_state, 1825 sid, dsec->sid, SECCLASS_DIR, 1826 DIR__ADD_NAME | DIR__SEARCH, 1827 &ad); 1828 if (rc) 1829 return rc; 1830 |
| 1788 rc = selinux_determine_inode_label(selinux_cred(current_cred()), dir, | 1831 rc = selinux_determine_inode_label(current_security(), dir, |
| 1789 &dentry->d_name, tclass, &newsid); 1790 if (rc) 1791 return rc; 1792 1793 rc = avc_has_perm(&selinux_state, 1794 sid, newsid, tclass, FILE__CREATE, &ad); 1795 if (rc) 1796 return rc; --- 239 unchanged lines hidden (view full) --- 2036 NULL); 2037} 2038 2039static int selinux_binder_transfer_file(struct task_struct *from, 2040 struct task_struct *to, 2041 struct file *file) 2042{ 2043 u32 sid = task_sid(to); | 1832 &dentry->d_name, tclass, &newsid); 1833 if (rc) 1834 return rc; 1835 1836 rc = avc_has_perm(&selinux_state, 1837 sid, newsid, tclass, FILE__CREATE, &ad); 1838 if (rc) 1839 return rc; --- 239 unchanged lines hidden (view full) --- 2079 NULL); 2080} 2081 2082static int selinux_binder_transfer_file(struct task_struct *from, 2083 struct task_struct *to, 2084 struct file *file) 2085{ 2086 u32 sid = task_sid(to); |
| 2044 struct file_security_struct *fsec = selinux_file(file); | 2087 struct file_security_struct *fsec = file->f_security; |
| 2045 struct dentry *dentry = file->f_path.dentry; 2046 struct inode_security_struct *isec; 2047 struct common_audit_data ad; 2048 int rc; 2049 2050 ad.type = LSM_AUDIT_DATA_PATH; 2051 ad.u.path = file->f_path; 2052 --- 67 unchanged lines hidden (view full) --- 2120 * 2121 * Since setuid only affects the current process, and since the SELinux 2122 * controls are not based on the Linux identity attributes, SELinux does not 2123 * need to control this operation. However, SELinux does control the use of 2124 * the CAP_SETUID and CAP_SETGID capabilities using the capable hook. 2125 */ 2126 2127static int selinux_capable(const struct cred *cred, struct user_namespace *ns, | 2088 struct dentry *dentry = file->f_path.dentry; 2089 struct inode_security_struct *isec; 2090 struct common_audit_data ad; 2091 int rc; 2092 2093 ad.type = LSM_AUDIT_DATA_PATH; 2094 ad.u.path = file->f_path; 2095 --- 67 unchanged lines hidden (view full) --- 2163 * 2164 * Since setuid only affects the current process, and since the SELinux 2165 * controls are not based on the Linux identity attributes, SELinux does not 2166 * need to control this operation. However, SELinux does control the use of 2167 * the CAP_SETUID and CAP_SETGID capabilities using the capable hook. 2168 */ 2169 2170static int selinux_capable(const struct cred *cred, struct user_namespace *ns, |
| 2128 int cap, unsigned int opts) | 2171 int cap, int audit) |
| 2129{ | 2172{ |
| 2130 return cred_has_capability(cred, cap, opts, ns == &init_user_ns); | 2173 return cred_has_capability(cred, cap, audit, ns == &init_user_ns); |
| 2131} 2132 2133static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb) 2134{ 2135 const struct cred *cred = current_cred(); 2136 int rc = 0; 2137 2138 if (!sb) --- 57 unchanged lines hidden (view full) --- 2196 * Do not audit the selinux permission check, as this is applied to all 2197 * processes that allocate mappings. 2198 */ 2199static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) 2200{ 2201 int rc, cap_sys_admin = 0; 2202 2203 rc = cred_has_capability(current_cred(), CAP_SYS_ADMIN, | 2174} 2175 2176static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb) 2177{ 2178 const struct cred *cred = current_cred(); 2179 int rc = 0; 2180 2181 if (!sb) --- 57 unchanged lines hidden (view full) --- 2239 * Do not audit the selinux permission check, as this is applied to all 2240 * processes that allocate mappings. 2241 */ 2242static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) 2243{ 2244 int rc, cap_sys_admin = 0; 2245 2246 rc = cred_has_capability(current_cred(), CAP_SYS_ADMIN, |
| 2204 CAP_OPT_NOAUDIT, true); | 2247 SECURITY_CAP_NOAUDIT, true); |
| 2205 if (rc == 0) 2206 cap_sys_admin = 1; 2207 2208 return cap_sys_admin; 2209} 2210 2211/* binprm security operations */ 2212 --- 74 unchanged lines hidden (view full) --- 2287 struct inode *inode = file_inode(bprm->file); 2288 int rc; 2289 2290 /* SELinux context only depends on initial program or script and not 2291 * the script interpreter */ 2292 if (bprm->called_set_creds) 2293 return 0; 2294 | 2248 if (rc == 0) 2249 cap_sys_admin = 1; 2250 2251 return cap_sys_admin; 2252} 2253 2254/* binprm security operations */ 2255 --- 74 unchanged lines hidden (view full) --- 2330 struct inode *inode = file_inode(bprm->file); 2331 int rc; 2332 2333 /* SELinux context only depends on initial program or script and not 2334 * the script interpreter */ 2335 if (bprm->called_set_creds) 2336 return 0; 2337 |
| 2295 old_tsec = selinux_cred(current_cred()); 2296 new_tsec = selinux_cred(bprm->cred); | 2338 old_tsec = current_security(); 2339 new_tsec = bprm->cred->security; |
| 2297 isec = inode_security(inode); 2298 2299 /* Default to the current task SID. */ 2300 new_tsec->sid = old_tsec->sid; 2301 new_tsec->osid = old_tsec->sid; 2302 2303 /* Reset fs, key, and sock SIDs on execve. */ 2304 new_tsec->create_sid = 0; --- 147 unchanged lines hidden (view full) --- 2452 * Prepare a process for imminent new credential changes due to exec 2453 */ 2454static void selinux_bprm_committing_creds(struct linux_binprm *bprm) 2455{ 2456 struct task_security_struct *new_tsec; 2457 struct rlimit *rlim, *initrlim; 2458 int rc, i; 2459 | 2340 isec = inode_security(inode); 2341 2342 /* Default to the current task SID. */ 2343 new_tsec->sid = old_tsec->sid; 2344 new_tsec->osid = old_tsec->sid; 2345 2346 /* Reset fs, key, and sock SIDs on execve. */ 2347 new_tsec->create_sid = 0; --- 147 unchanged lines hidden (view full) --- 2495 * Prepare a process for imminent new credential changes due to exec 2496 */ 2497static void selinux_bprm_committing_creds(struct linux_binprm *bprm) 2498{ 2499 struct task_security_struct *new_tsec; 2500 struct rlimit *rlim, *initrlim; 2501 int rc, i; 2502 |
| 2460 new_tsec = selinux_cred(bprm->cred); | 2503 new_tsec = bprm->cred->security; |
| 2461 if (new_tsec->sid == new_tsec->osid) 2462 return; 2463 2464 /* Close files for which the new task SID is not authorized. */ 2465 flush_unauthorized_files(bprm->cred, current->files); 2466 2467 /* Always clear parent death signal on SID transitions. */ 2468 current->pdeath_signal = 0; --- 26 unchanged lines hidden (view full) --- 2495} 2496 2497/* 2498 * Clean up the process immediately after the installation of new credentials 2499 * due to exec 2500 */ 2501static void selinux_bprm_committed_creds(struct linux_binprm *bprm) 2502{ | 2504 if (new_tsec->sid == new_tsec->osid) 2505 return; 2506 2507 /* Close files for which the new task SID is not authorized. */ 2508 flush_unauthorized_files(bprm->cred, current->files); 2509 2510 /* Always clear parent death signal on SID transitions. */ 2511 current->pdeath_signal = 0; --- 26 unchanged lines hidden (view full) --- 2538} 2539 2540/* 2541 * Clean up the process immediately after the installation of new credentials 2542 * due to exec 2543 */ 2544static void selinux_bprm_committed_creds(struct linux_binprm *bprm) 2545{ |
| 2503 const struct task_security_struct *tsec = selinux_cred(current_cred()); | 2546 const struct task_security_struct *tsec = current_security(); |
| 2504 struct itimerval itimer; 2505 u32 osid, sid; 2506 int rc, i; 2507 2508 osid = tsec->osid; 2509 sid = tsec->sid; 2510 2511 if (sid == osid) --- 220 unchanged lines hidden (view full) --- 2732 2733static int selinux_dentry_init_security(struct dentry *dentry, int mode, 2734 const struct qstr *name, void **ctx, 2735 u32 *ctxlen) 2736{ 2737 u32 newsid; 2738 int rc; 2739 | 2547 struct itimerval itimer; 2548 u32 osid, sid; 2549 int rc, i; 2550 2551 osid = tsec->osid; 2552 sid = tsec->sid; 2553 2554 if (sid == osid) --- 220 unchanged lines hidden (view full) --- 2775 2776static int selinux_dentry_init_security(struct dentry *dentry, int mode, 2777 const struct qstr *name, void **ctx, 2778 u32 *ctxlen) 2779{ 2780 u32 newsid; 2781 int rc; 2782 |
| 2740 rc = selinux_determine_inode_label(selinux_cred(current_cred()), | 2783 rc = selinux_determine_inode_label(current_security(), |
| 2741 d_inode(dentry->d_parent), name, 2742 inode_mode_to_security_class(mode), 2743 &newsid); 2744 if (rc) 2745 return rc; 2746 2747 return security_sid_to_context(&selinux_state, newsid, (char **)ctx, 2748 ctxlen); 2749} 2750 2751static int selinux_dentry_create_files_as(struct dentry *dentry, int mode, 2752 struct qstr *name, 2753 const struct cred *old, 2754 struct cred *new) 2755{ 2756 u32 newsid; 2757 int rc; 2758 struct task_security_struct *tsec; 2759 | 2784 d_inode(dentry->d_parent), name, 2785 inode_mode_to_security_class(mode), 2786 &newsid); 2787 if (rc) 2788 return rc; 2789 2790 return security_sid_to_context(&selinux_state, newsid, (char **)ctx, 2791 ctxlen); 2792} 2793 2794static int selinux_dentry_create_files_as(struct dentry *dentry, int mode, 2795 struct qstr *name, 2796 const struct cred *old, 2797 struct cred *new) 2798{ 2799 u32 newsid; 2800 int rc; 2801 struct task_security_struct *tsec; 2802 |
| 2760 rc = selinux_determine_inode_label(selinux_cred(old), | 2803 rc = selinux_determine_inode_label(old->security, |
| 2761 d_inode(dentry->d_parent), name, 2762 inode_mode_to_security_class(mode), 2763 &newsid); 2764 if (rc) 2765 return rc; 2766 | 2804 d_inode(dentry->d_parent), name, 2805 inode_mode_to_security_class(mode), 2806 &newsid); 2807 if (rc) 2808 return rc; 2809 |
| 2767 tsec = selinux_cred(new); | 2810 tsec = new->security; |
| 2768 tsec->create_sid = newsid; 2769 return 0; 2770} 2771 2772static int selinux_inode_init_security(struct inode *inode, struct inode *dir, 2773 const struct qstr *qstr, 2774 const char **name, 2775 void **value, size_t *len) 2776{ | 2811 tsec->create_sid = newsid; 2812 return 0; 2813} 2814 2815static int selinux_inode_init_security(struct inode *inode, struct inode *dir, 2816 const struct qstr *qstr, 2817 const char **name, 2818 void **value, size_t *len) 2819{ |
| 2777 const struct task_security_struct *tsec = selinux_cred(current_cred()); | 2820 const struct task_security_struct *tsec = current_security(); |
| 2778 struct superblock_security_struct *sbsec; 2779 u32 newsid, clen; 2780 int rc; 2781 char *context; 2782 2783 sbsec = dir->i_sb->s_security; 2784 2785 newsid = tsec->create_sid; 2786 | 2821 struct superblock_security_struct *sbsec; 2822 u32 newsid, clen; 2823 int rc; 2824 char *context; 2825 2826 sbsec = dir->i_sb->s_security; 2827 2828 newsid = tsec->create_sid; 2829 |
| 2787 rc = selinux_determine_inode_label(selinux_cred(current_cred()), | 2830 rc = selinux_determine_inode_label(current_security(), |
| 2788 dir, qstr, 2789 inode_mode_to_security_class(inode->i_mode), 2790 &newsid); 2791 if (rc) 2792 return rc; 2793 2794 /* Possibly defer initialization to selinux_complete_init. */ 2795 if (sbsec->flags & SE_SBINITIALIZED) { | 2831 dir, qstr, 2832 inode_mode_to_security_class(inode->i_mode), 2833 &newsid); 2834 if (rc) 2835 return rc; 2836 2837 /* Possibly defer initialization to selinux_complete_init. */ 2838 if (sbsec->flags & SE_SBINITIALIZED) { |
| 2796 struct inode_security_struct *isec = selinux_inode(inode); | 2839 struct inode_security_struct *isec = inode->i_security; |
| 2797 isec->sclass = inode_mode_to_security_class(inode->i_mode); 2798 isec->sid = newsid; 2799 isec->initialized = LABEL_INITIALIZED; 2800 } 2801 2802 if (!selinux_state.initialized || !(sbsec->flags & SBLABEL_MNT)) 2803 return -EOPNOTSUPP; 2804 --- 83 unchanged lines hidden (view full) --- 2888} 2889 2890static noinline int audit_inode_permission(struct inode *inode, 2891 u32 perms, u32 audited, u32 denied, 2892 int result, 2893 unsigned flags) 2894{ 2895 struct common_audit_data ad; | 2840 isec->sclass = inode_mode_to_security_class(inode->i_mode); 2841 isec->sid = newsid; 2842 isec->initialized = LABEL_INITIALIZED; 2843 } 2844 2845 if (!selinux_state.initialized || !(sbsec->flags & SBLABEL_MNT)) 2846 return -EOPNOTSUPP; 2847 --- 83 unchanged lines hidden (view full) --- 2931} 2932 2933static noinline int audit_inode_permission(struct inode *inode, 2934 u32 perms, u32 audited, u32 denied, 2935 int result, 2936 unsigned flags) 2937{ 2938 struct common_audit_data ad; |
| 2896 struct inode_security_struct *isec = selinux_inode(inode); | 2939 struct inode_security_struct *isec = inode->i_security; |
| 2897 int rc; 2898 2899 ad.type = LSM_AUDIT_DATA_INODE; 2900 ad.u.inode = inode; 2901 2902 rc = slow_avc_audit(&selinux_state, 2903 current_sid(), isec->sid, isec->sclass, perms, 2904 audited, denied, result, &ad, flags); --- 29 unchanged lines hidden (view full) --- 2934 perms = file_mask_to_av(inode->i_mode, mask); 2935 2936 sid = cred_sid(cred); 2937 isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK); 2938 if (IS_ERR(isec)) 2939 return PTR_ERR(isec); 2940 2941 rc = avc_has_perm_noaudit(&selinux_state, | 2940 int rc; 2941 2942 ad.type = LSM_AUDIT_DATA_INODE; 2943 ad.u.inode = inode; 2944 2945 rc = slow_avc_audit(&selinux_state, 2946 current_sid(), isec->sid, isec->sclass, perms, 2947 audited, denied, result, &ad, flags); --- 29 unchanged lines hidden (view full) --- 2977 perms = file_mask_to_av(inode->i_mode, mask); 2978 2979 sid = cred_sid(cred); 2980 isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK); 2981 if (IS_ERR(isec)) 2982 return PTR_ERR(isec); 2983 2984 rc = avc_has_perm_noaudit(&selinux_state, |
| 2942 sid, isec->sid, isec->sclass, perms, 0, &avd); | 2985 sid, isec->sid, isec->sclass, perms, 2986 (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0, 2987 &avd); |
| 2943 audited = avc_audit_required(perms, &avd, rc, 2944 from_access ? FILE__AUDIT_ACCESS : 0, 2945 &denied); 2946 if (likely(!audited)) 2947 return rc; 2948 2949 rc2 = audit_inode_permission(inode, perms, audited, denied, rc, flags); 2950 if (rc2) --- 32 unchanged lines hidden (view full) --- 2983static int selinux_inode_getattr(const struct path *path) 2984{ 2985 return path_has_perm(current_cred(), path, FILE__GETATTR); 2986} 2987 2988static bool has_cap_mac_admin(bool audit) 2989{ 2990 const struct cred *cred = current_cred(); | 2988 audited = avc_audit_required(perms, &avd, rc, 2989 from_access ? FILE__AUDIT_ACCESS : 0, 2990 &denied); 2991 if (likely(!audited)) 2992 return rc; 2993 2994 rc2 = audit_inode_permission(inode, perms, audited, denied, rc, flags); 2995 if (rc2) --- 32 unchanged lines hidden (view full) --- 3028static int selinux_inode_getattr(const struct path *path) 3029{ 3030 return path_has_perm(current_cred(), path, FILE__GETATTR); 3031} 3032 3033static bool has_cap_mac_admin(bool audit) 3034{ 3035 const struct cred *cred = current_cred(); |
| 2991 unsigned int opts = audit ? CAP_OPT_NONE : CAP_OPT_NOAUDIT; | 3036 int cap_audit = audit ? SECURITY_CAP_AUDIT : SECURITY_CAP_NOAUDIT; |
| 2992 | 3037 |
| 2993 if (cap_capable(cred, &init_user_ns, CAP_MAC_ADMIN, opts)) | 3038 if (cap_capable(cred, &init_user_ns, CAP_MAC_ADMIN, cap_audit)) |
| 2994 return false; | 3039 return false; |
| 2995 if (cred_has_capability(cred, CAP_MAC_ADMIN, opts, true)) | 3040 if (cred_has_capability(cred, CAP_MAC_ADMIN, cap_audit, true)) |
| 2996 return false; 2997 return true; 2998} 2999 3000static int selinux_inode_setxattr(struct dentry *dentry, const char *name, 3001 const void *value, size_t size, int flags) 3002{ 3003 struct inode *inode = d_backing_inode(dentry); --- 237 unchanged lines hidden (view full) --- 3241 struct cred *new_creds = *new; 3242 3243 if (new_creds == NULL) { 3244 new_creds = prepare_creds(); 3245 if (!new_creds) 3246 return -ENOMEM; 3247 } 3248 | 3041 return false; 3042 return true; 3043} 3044 3045static int selinux_inode_setxattr(struct dentry *dentry, const char *name, 3046 const void *value, size_t size, int flags) 3047{ 3048 struct inode *inode = d_backing_inode(dentry); --- 237 unchanged lines hidden (view full) --- 3286 struct cred *new_creds = *new; 3287 3288 if (new_creds == NULL) { 3289 new_creds = prepare_creds(); 3290 if (!new_creds) 3291 return -ENOMEM; 3292 } 3293 |
| 3249 tsec = selinux_cred(new_creds); | 3294 tsec = new_creds->security; |
| 3250 /* Get label from overlay inode and set it in create_sid */ 3251 selinux_inode_getsecid(d_inode(src), &sid); 3252 tsec->create_sid = sid; 3253 *new = new_creds; 3254 return 0; 3255} 3256 3257static int selinux_inode_copy_up_xattr(const char *name) --- 24 unchanged lines hidden (view full) --- 3282 3283 return file_has_perm(cred, file, 3284 file_mask_to_av(inode->i_mode, mask)); 3285} 3286 3287static int selinux_file_permission(struct file *file, int mask) 3288{ 3289 struct inode *inode = file_inode(file); | 3295 /* Get label from overlay inode and set it in create_sid */ 3296 selinux_inode_getsecid(d_inode(src), &sid); 3297 tsec->create_sid = sid; 3298 *new = new_creds; 3299 return 0; 3300} 3301 3302static int selinux_inode_copy_up_xattr(const char *name) --- 24 unchanged lines hidden (view full) --- 3327 3328 return file_has_perm(cred, file, 3329 file_mask_to_av(inode->i_mode, mask)); 3330} 3331 3332static int selinux_file_permission(struct file *file, int mask) 3333{ 3334 struct inode *inode = file_inode(file); |
| 3290 struct file_security_struct *fsec = selinux_file(file); | 3335 struct file_security_struct *fsec = file->f_security; |
| 3291 struct inode_security_struct *isec; 3292 u32 sid = current_sid(); 3293 3294 if (!mask) 3295 /* No permission to check. Existence test. */ 3296 return 0; 3297 3298 isec = inode_security(inode); --- 5 unchanged lines hidden (view full) --- 3304 return selinux_revalidate_file_permission(file, mask); 3305} 3306 3307static int selinux_file_alloc_security(struct file *file) 3308{ 3309 return file_alloc_security(file); 3310} 3311 | 3336 struct inode_security_struct *isec; 3337 u32 sid = current_sid(); 3338 3339 if (!mask) 3340 /* No permission to check. Existence test. */ 3341 return 0; 3342 3343 isec = inode_security(inode); --- 5 unchanged lines hidden (view full) --- 3349 return selinux_revalidate_file_permission(file, mask); 3350} 3351 3352static int selinux_file_alloc_security(struct file *file) 3353{ 3354 return file_alloc_security(file); 3355} 3356 |
| 3357static void selinux_file_free_security(struct file *file) 3358{ 3359 file_free_security(file); 3360} 3361 |
|
| 3312/* 3313 * Check whether a task has the ioctl permission and cmd 3314 * operation to an inode. 3315 */ 3316static int ioctl_has_perm(const struct cred *cred, struct file *file, 3317 u32 requested, u16 cmd) 3318{ 3319 struct common_audit_data ad; | 3362/* 3363 * Check whether a task has the ioctl permission and cmd 3364 * operation to an inode. 3365 */ 3366static int ioctl_has_perm(const struct cred *cred, struct file *file, 3367 u32 requested, u16 cmd) 3368{ 3369 struct common_audit_data ad; |
| 3320 struct file_security_struct *fsec = selinux_file(file); | 3370 struct file_security_struct *fsec = file->f_security; |
| 3321 struct inode *inode = file_inode(file); 3322 struct inode_security_struct *isec; 3323 struct lsm_ioctlop_audit ioctl; 3324 u32 ssid = cred_sid(cred); 3325 int rc; 3326 u8 driver = cmd >> 8; 3327 u8 xperm = cmd & 0xff; 3328 --- 53 unchanged lines hidden (view full) --- 3382 /* fall through */ 3383 case FIOASYNC: 3384 error = file_has_perm(cred, file, 0); 3385 break; 3386 3387 case KDSKBENT: 3388 case KDSKBSENT: 3389 error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG, | 3371 struct inode *inode = file_inode(file); 3372 struct inode_security_struct *isec; 3373 struct lsm_ioctlop_audit ioctl; 3374 u32 ssid = cred_sid(cred); 3375 int rc; 3376 u8 driver = cmd >> 8; 3377 u8 xperm = cmd & 0xff; 3378 --- 53 unchanged lines hidden (view full) --- 3432 /* fall through */ 3433 case FIOASYNC: 3434 error = file_has_perm(cred, file, 0); 3435 break; 3436 3437 case KDSKBENT: 3438 case KDSKBSENT: 3439 error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG, |
| 3390 CAP_OPT_NONE, true); | 3440 SECURITY_CAP_AUDIT, true); |
| 3391 break; 3392 3393 /* default case assumes that the command will go 3394 * to the file's ioctl() function. 3395 */ 3396 default: 3397 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); 3398 } --- 165 unchanged lines hidden (view full) --- 3564 3565 return err; 3566} 3567 3568static void selinux_file_set_fowner(struct file *file) 3569{ 3570 struct file_security_struct *fsec; 3571 | 3441 break; 3442 3443 /* default case assumes that the command will go 3444 * to the file's ioctl() function. 3445 */ 3446 default: 3447 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); 3448 } --- 165 unchanged lines hidden (view full) --- 3614 3615 return err; 3616} 3617 3618static void selinux_file_set_fowner(struct file *file) 3619{ 3620 struct file_security_struct *fsec; 3621 |
| 3572 fsec = selinux_file(file); | 3622 fsec = file->f_security; |
| 3573 fsec->fown_sid = current_sid(); 3574} 3575 3576static int selinux_file_send_sigiotask(struct task_struct *tsk, 3577 struct fown_struct *fown, int signum) 3578{ 3579 struct file *file; 3580 u32 sid = task_sid(tsk); 3581 u32 perm; 3582 struct file_security_struct *fsec; 3583 3584 /* struct fown_struct is never outside the context of a struct file */ 3585 file = container_of(fown, struct file, f_owner); 3586 | 3623 fsec->fown_sid = current_sid(); 3624} 3625 3626static int selinux_file_send_sigiotask(struct task_struct *tsk, 3627 struct fown_struct *fown, int signum) 3628{ 3629 struct file *file; 3630 u32 sid = task_sid(tsk); 3631 u32 perm; 3632 struct file_security_struct *fsec; 3633 3634 /* struct fown_struct is never outside the context of a struct file */ 3635 file = container_of(fown, struct file, f_owner); 3636 |
| 3587 fsec = selinux_file(file); | 3637 fsec = file->f_security; |
| 3588 3589 if (!signum) 3590 perm = signal_to_av(SIGIO); /* as per send_sigio_to_task */ 3591 else 3592 perm = signal_to_av(signum); 3593 3594 return avc_has_perm(&selinux_state, 3595 fsec->fown_sid, sid, --- 7 unchanged lines hidden (view full) --- 3603 return file_has_perm(cred, file, file_to_av(file)); 3604} 3605 3606static int selinux_file_open(struct file *file) 3607{ 3608 struct file_security_struct *fsec; 3609 struct inode_security_struct *isec; 3610 | 3638 3639 if (!signum) 3640 perm = signal_to_av(SIGIO); /* as per send_sigio_to_task */ 3641 else 3642 perm = signal_to_av(signum); 3643 3644 return avc_has_perm(&selinux_state, 3645 fsec->fown_sid, sid, --- 7 unchanged lines hidden (view full) --- 3653 return file_has_perm(cred, file, file_to_av(file)); 3654} 3655 3656static int selinux_file_open(struct file *file) 3657{ 3658 struct file_security_struct *fsec; 3659 struct inode_security_struct *isec; 3660 |
| 3611 fsec = selinux_file(file); | 3661 fsec = file->f_security; |
| 3612 isec = inode_security(file_inode(file)); 3613 /* 3614 * Save inode label and policy sequence number 3615 * at open-time so that selinux_file_permission 3616 * can determine whether revalidation is necessary. 3617 * Task label is already saved in the file security 3618 * struct as its SID. 3619 */ --- 17 unchanged lines hidden (view full) --- 3637{ 3638 u32 sid = current_sid(); 3639 3640 return avc_has_perm(&selinux_state, 3641 sid, sid, SECCLASS_PROCESS, PROCESS__FORK, NULL); 3642} 3643 3644/* | 3662 isec = inode_security(file_inode(file)); 3663 /* 3664 * Save inode label and policy sequence number 3665 * at open-time so that selinux_file_permission 3666 * can determine whether revalidation is necessary. 3667 * Task label is already saved in the file security 3668 * struct as its SID. 3669 */ --- 17 unchanged lines hidden (view full) --- 3687{ 3688 u32 sid = current_sid(); 3689 3690 return avc_has_perm(&selinux_state, 3691 sid, sid, SECCLASS_PROCESS, PROCESS__FORK, NULL); 3692} 3693 3694/* |
| 3695 * allocate the SELinux part of blank credentials 3696 */ 3697static int selinux_cred_alloc_blank(struct cred *cred, gfp_t gfp) 3698{ 3699 struct task_security_struct *tsec; 3700 3701 tsec = kzalloc(sizeof(struct task_security_struct), gfp); 3702 if (!tsec) 3703 return -ENOMEM; 3704 3705 cred->security = tsec; 3706 return 0; 3707} 3708 3709/* 3710 * detach and free the LSM part of a set of credentials 3711 */ 3712static void selinux_cred_free(struct cred *cred) 3713{ 3714 struct task_security_struct *tsec = cred->security; 3715 3716 /* 3717 * cred->security == NULL if security_cred_alloc_blank() or 3718 * security_prepare_creds() returned an error. 3719 */ 3720 BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE); 3721 cred->security = (void *) 0x7UL; 3722 kfree(tsec); 3723} 3724 3725/* |
|
| 3645 * prepare a new set of credentials for modification 3646 */ 3647static int selinux_cred_prepare(struct cred *new, const struct cred *old, 3648 gfp_t gfp) 3649{ | 3726 * prepare a new set of credentials for modification 3727 */ 3728static int selinux_cred_prepare(struct cred *new, const struct cred *old, 3729 gfp_t gfp) 3730{ |
| 3650 const struct task_security_struct *old_tsec = selinux_cred(old); 3651 struct task_security_struct *tsec = selinux_cred(new); | 3731 const struct task_security_struct *old_tsec; 3732 struct task_security_struct *tsec; |
| 3652 | 3733 |
| 3653 *tsec = *old_tsec; | 3734 old_tsec = old->security; 3735 3736 tsec = kmemdup(old_tsec, sizeof(struct task_security_struct), gfp); 3737 if (!tsec) 3738 return -ENOMEM; 3739 3740 new->security = tsec; |
| 3654 return 0; 3655} 3656 3657/* 3658 * transfer the SELinux data to a blank set of creds 3659 */ 3660static void selinux_cred_transfer(struct cred *new, const struct cred *old) 3661{ | 3741 return 0; 3742} 3743 3744/* 3745 * transfer the SELinux data to a blank set of creds 3746 */ 3747static void selinux_cred_transfer(struct cred *new, const struct cred *old) 3748{ |
| 3662 const struct task_security_struct *old_tsec = selinux_cred(old); 3663 struct task_security_struct *tsec = selinux_cred(new); | 3749 const struct task_security_struct *old_tsec = old->security; 3750 struct task_security_struct *tsec = new->security; |
| 3664 3665 *tsec = *old_tsec; 3666} 3667 3668static void selinux_cred_getsecid(const struct cred *c, u32 *secid) 3669{ 3670 *secid = cred_sid(c); 3671} 3672 3673/* 3674 * set the security data for a kernel service 3675 * - all the creation contexts are set to unlabelled 3676 */ 3677static int selinux_kernel_act_as(struct cred *new, u32 secid) 3678{ | 3751 3752 *tsec = *old_tsec; 3753} 3754 3755static void selinux_cred_getsecid(const struct cred *c, u32 *secid) 3756{ 3757 *secid = cred_sid(c); 3758} 3759 3760/* 3761 * set the security data for a kernel service 3762 * - all the creation contexts are set to unlabelled 3763 */ 3764static int selinux_kernel_act_as(struct cred *new, u32 secid) 3765{ |
| 3679 struct task_security_struct *tsec = selinux_cred(new); | 3766 struct task_security_struct *tsec = new->security; |
| 3680 u32 sid = current_sid(); 3681 int ret; 3682 3683 ret = avc_has_perm(&selinux_state, 3684 sid, secid, 3685 SECCLASS_KERNEL_SERVICE, 3686 KERNEL_SERVICE__USE_AS_OVERRIDE, 3687 NULL); --- 8 unchanged lines hidden (view full) --- 3696 3697/* 3698 * set the file creation context in a security record to the same as the 3699 * objective context of the specified inode 3700 */ 3701static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode) 3702{ 3703 struct inode_security_struct *isec = inode_security(inode); | 3767 u32 sid = current_sid(); 3768 int ret; 3769 3770 ret = avc_has_perm(&selinux_state, 3771 sid, secid, 3772 SECCLASS_KERNEL_SERVICE, 3773 KERNEL_SERVICE__USE_AS_OVERRIDE, 3774 NULL); --- 8 unchanged lines hidden (view full) --- 3783 3784/* 3785 * set the file creation context in a security record to the same as the 3786 * objective context of the specified inode 3787 */ 3788static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode) 3789{ 3790 struct inode_security_struct *isec = inode_security(inode); |
| 3704 struct task_security_struct *tsec = selinux_cred(new); | 3791 struct task_security_struct *tsec = new->security; |
| 3705 u32 sid = current_sid(); 3706 int ret; 3707 3708 ret = avc_has_perm(&selinux_state, 3709 sid, isec->sid, 3710 SECCLASS_KERNEL_SERVICE, 3711 KERNEL_SERVICE__CREATE_FILES_AS, 3712 NULL); --- 29 unchanged lines hidden (view full) --- 3742 sid, sid, SECCLASS_SYSTEM, 3743 SYSTEM__MODULE_LOAD, NULL); 3744 3745 /* finit_module */ 3746 3747 ad.type = LSM_AUDIT_DATA_FILE; 3748 ad.u.file = file; 3749 | 3792 u32 sid = current_sid(); 3793 int ret; 3794 3795 ret = avc_has_perm(&selinux_state, 3796 sid, isec->sid, 3797 SECCLASS_KERNEL_SERVICE, 3798 KERNEL_SERVICE__CREATE_FILES_AS, 3799 NULL); --- 29 unchanged lines hidden (view full) --- 3829 sid, sid, SECCLASS_SYSTEM, 3830 SYSTEM__MODULE_LOAD, NULL); 3831 3832 /* finit_module */ 3833 3834 ad.type = LSM_AUDIT_DATA_FILE; 3835 ad.u.file = file; 3836 |
| 3750 fsec = selinux_file(file); | 3837 fsec = file->f_security; |
| 3751 if (sid != fsec->sid) { 3752 rc = avc_has_perm(&selinux_state, 3753 sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); 3754 if (rc) 3755 return rc; 3756 } 3757 3758 isec = inode_security(file_inode(file)); --- 149 unchanged lines hidden (view full) --- 3908 secid = cred_sid(cred); 3909 return avc_has_perm(&selinux_state, 3910 secid, task_sid(p), SECCLASS_PROCESS, perm, NULL); 3911} 3912 3913static void selinux_task_to_inode(struct task_struct *p, 3914 struct inode *inode) 3915{ | 3838 if (sid != fsec->sid) { 3839 rc = avc_has_perm(&selinux_state, 3840 sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); 3841 if (rc) 3842 return rc; 3843 } 3844 3845 isec = inode_security(file_inode(file)); --- 149 unchanged lines hidden (view full) --- 3995 secid = cred_sid(cred); 3996 return avc_has_perm(&selinux_state, 3997 secid, task_sid(p), SECCLASS_PROCESS, perm, NULL); 3998} 3999 4000static void selinux_task_to_inode(struct task_struct *p, 4001 struct inode *inode) 4002{ |
| 3916 struct inode_security_struct *isec = selinux_inode(inode); | 4003 struct inode_security_struct *isec = inode->i_security; |
| 3917 u32 sid = task_sid(p); 3918 3919 spin_lock(&isec->lock); 3920 isec->sclass = inode_mode_to_security_class(inode->i_mode); 3921 isec->sid = sid; 3922 isec->initialized = LABEL_INITIALIZED; 3923 spin_unlock(&isec->lock); 3924} --- 320 unchanged lines hidden (view full) --- 4245 return avc_has_perm(&selinux_state, 4246 current_sid(), sksec->sid, sksec->sclass, perms, 4247 &ad); 4248} 4249 4250static int selinux_socket_create(int family, int type, 4251 int protocol, int kern) 4252{ | 4004 u32 sid = task_sid(p); 4005 4006 spin_lock(&isec->lock); 4007 isec->sclass = inode_mode_to_security_class(inode->i_mode); 4008 isec->sid = sid; 4009 isec->initialized = LABEL_INITIALIZED; 4010 spin_unlock(&isec->lock); 4011} --- 320 unchanged lines hidden (view full) --- 4332 return avc_has_perm(&selinux_state, 4333 current_sid(), sksec->sid, sksec->sclass, perms, 4334 &ad); 4335} 4336 4337static int selinux_socket_create(int family, int type, 4338 int protocol, int kern) 4339{ |
| 4253 const struct task_security_struct *tsec = selinux_cred(current_cred()); | 4340 const struct task_security_struct *tsec = current_security(); |
| 4254 u32 newsid; 4255 u16 secclass; 4256 int rc; 4257 4258 if (kern) 4259 return 0; 4260 4261 secclass = socket_type_to_security_class(family, type, protocol); 4262 rc = socket_sockcreate_sid(tsec, secclass, &newsid); 4263 if (rc) 4264 return rc; 4265 4266 return avc_has_perm(&selinux_state, 4267 tsec->sid, newsid, secclass, SOCKET__CREATE, NULL); 4268} 4269 4270static int selinux_socket_post_create(struct socket *sock, int family, 4271 int type, int protocol, int kern) 4272{ | 4341 u32 newsid; 4342 u16 secclass; 4343 int rc; 4344 4345 if (kern) 4346 return 0; 4347 4348 secclass = socket_type_to_security_class(family, type, protocol); 4349 rc = socket_sockcreate_sid(tsec, secclass, &newsid); 4350 if (rc) 4351 return rc; 4352 4353 return avc_has_perm(&selinux_state, 4354 tsec->sid, newsid, secclass, SOCKET__CREATE, NULL); 4355} 4356 4357static int selinux_socket_post_create(struct socket *sock, int family, 4358 int type, int protocol, int kern) 4359{ |
| 4273 const struct task_security_struct *tsec = selinux_cred(current_cred()); | 4360 const struct task_security_struct *tsec = current_security(); |
| 4274 struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock)); 4275 struct sk_security_struct *sksec; 4276 u16 sclass = socket_type_to_security_class(family, type, protocol); 4277 u32 sid = SECINITSID_KERNEL; 4278 int err = 0; 4279 4280 if (!kern) { 4281 err = socket_sockcreate_sid(tsec, sclass, &sid); --- 864 unchanged lines hidden (view full) --- 5146 selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid); 5147} 5148 5149static int selinux_secmark_relabel_packet(u32 sid) 5150{ 5151 const struct task_security_struct *__tsec; 5152 u32 tsid; 5153 | 4361 struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock)); 4362 struct sk_security_struct *sksec; 4363 u16 sclass = socket_type_to_security_class(family, type, protocol); 4364 u32 sid = SECINITSID_KERNEL; 4365 int err = 0; 4366 4367 if (!kern) { 4368 err = socket_sockcreate_sid(tsec, sclass, &sid); --- 864 unchanged lines hidden (view full) --- 5233 selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid); 5234} 5235 5236static int selinux_secmark_relabel_packet(u32 sid) 5237{ 5238 const struct task_security_struct *__tsec; 5239 u32 tsid; 5240 |
| 5154 __tsec = selinux_cred(current_cred()); | 5241 __tsec = current_security(); |
| 5155 tsid = __tsec->sid; 5156 5157 return avc_has_perm(&selinux_state, 5158 tsid, sid, SECCLASS_PACKET, PACKET__RELABELTO, 5159 NULL); 5160} 5161 5162static void selinux_secmark_refcount_inc(void) --- 458 unchanged lines hidden (view full) --- 5621 5622#endif /* CONFIG_NETFILTER */ 5623 5624static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) 5625{ 5626 return selinux_nlmsg_perm(sk, skb); 5627} 5628 | 5242 tsid = __tsec->sid; 5243 5244 return avc_has_perm(&selinux_state, 5245 tsid, sid, SECCLASS_PACKET, PACKET__RELABELTO, 5246 NULL); 5247} 5248 5249static void selinux_secmark_refcount_inc(void) --- 458 unchanged lines hidden (view full) --- 5708 5709#endif /* CONFIG_NETFILTER */ 5710 5711static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) 5712{ 5713 return selinux_nlmsg_perm(sk, skb); 5714} 5715 |
| 5629static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass) | 5716static int ipc_alloc_security(struct kern_ipc_perm *perm, 5717 u16 sclass) |
| 5630{ | 5718{ |
| 5719 struct ipc_security_struct *isec; 5720 5721 isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL); 5722 if (!isec) 5723 return -ENOMEM; 5724 |
|
| 5631 isec->sclass = sclass; 5632 isec->sid = current_sid(); | 5725 isec->sclass = sclass; 5726 isec->sid = current_sid(); |
| 5727 perm->security = isec; 5728 5729 return 0; |
|
| 5633} 5634 | 5730} 5731 |
| 5732static void ipc_free_security(struct kern_ipc_perm *perm) 5733{ 5734 struct ipc_security_struct *isec = perm->security; 5735 perm->security = NULL; 5736 kfree(isec); 5737} 5738 |
|
| 5635static int msg_msg_alloc_security(struct msg_msg *msg) 5636{ 5637 struct msg_security_struct *msec; 5638 | 5739static int msg_msg_alloc_security(struct msg_msg *msg) 5740{ 5741 struct msg_security_struct *msec; 5742 |
| 5639 msec = selinux_msg_msg(msg); | 5743 msec = kzalloc(sizeof(struct msg_security_struct), GFP_KERNEL); 5744 if (!msec) 5745 return -ENOMEM; 5746 |
| 5640 msec->sid = SECINITSID_UNLABELED; | 5747 msec->sid = SECINITSID_UNLABELED; |
| 5748 msg->security = msec; |
|
| 5641 5642 return 0; 5643} 5644 | 5749 5750 return 0; 5751} 5752 |
| 5753static void msg_msg_free_security(struct msg_msg *msg) 5754{ 5755 struct msg_security_struct *msec = msg->security; 5756 5757 msg->security = NULL; 5758 kfree(msec); 5759} 5760 |
|
| 5645static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, 5646 u32 perms) 5647{ 5648 struct ipc_security_struct *isec; 5649 struct common_audit_data ad; 5650 u32 sid = current_sid(); 5651 | 5761static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, 5762 u32 perms) 5763{ 5764 struct ipc_security_struct *isec; 5765 struct common_audit_data ad; 5766 u32 sid = current_sid(); 5767 |
| 5652 isec = selinux_ipc(ipc_perms); | 5768 isec = ipc_perms->security; |
| 5653 5654 ad.type = LSM_AUDIT_DATA_IPC; 5655 ad.u.ipc_id = ipc_perms->key; 5656 5657 return avc_has_perm(&selinux_state, 5658 sid, isec->sid, isec->sclass, perms, &ad); 5659} 5660 5661static int selinux_msg_msg_alloc_security(struct msg_msg *msg) 5662{ 5663 return msg_msg_alloc_security(msg); 5664} 5665 | 5769 5770 ad.type = LSM_AUDIT_DATA_IPC; 5771 ad.u.ipc_id = ipc_perms->key; 5772 5773 return avc_has_perm(&selinux_state, 5774 sid, isec->sid, isec->sclass, perms, &ad); 5775} 5776 5777static int selinux_msg_msg_alloc_security(struct msg_msg *msg) 5778{ 5779 return msg_msg_alloc_security(msg); 5780} 5781 |
| 5782static void selinux_msg_msg_free_security(struct msg_msg *msg) 5783{ 5784 msg_msg_free_security(msg); 5785} 5786 |
|
| 5666/* message queue security operations */ 5667static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq) 5668{ 5669 struct ipc_security_struct *isec; 5670 struct common_audit_data ad; 5671 u32 sid = current_sid(); 5672 int rc; 5673 | 5787/* message queue security operations */ 5788static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq) 5789{ 5790 struct ipc_security_struct *isec; 5791 struct common_audit_data ad; 5792 u32 sid = current_sid(); 5793 int rc; 5794 |
| 5674 isec = selinux_ipc(msq); 5675 ipc_init_security(isec, SECCLASS_MSGQ); | 5795 rc = ipc_alloc_security(msq, SECCLASS_MSGQ); 5796 if (rc) 5797 return rc; |
| 5676 | 5798 |
| 5799 isec = msq->security; 5800 |
|
| 5677 ad.type = LSM_AUDIT_DATA_IPC; 5678 ad.u.ipc_id = msq->key; 5679 5680 rc = avc_has_perm(&selinux_state, 5681 sid, isec->sid, SECCLASS_MSGQ, 5682 MSGQ__CREATE, &ad); | 5801 ad.type = LSM_AUDIT_DATA_IPC; 5802 ad.u.ipc_id = msq->key; 5803 5804 rc = avc_has_perm(&selinux_state, 5805 sid, isec->sid, SECCLASS_MSGQ, 5806 MSGQ__CREATE, &ad); |
| 5683 return rc; | 5807 if (rc) { 5808 ipc_free_security(msq); 5809 return rc; 5810 } 5811 return 0; |
| 5684} 5685 | 5812} 5813 |
| 5814static void selinux_msg_queue_free_security(struct kern_ipc_perm *msq) 5815{ 5816 ipc_free_security(msq); 5817} 5818 |
|
| 5686static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg) 5687{ 5688 struct ipc_security_struct *isec; 5689 struct common_audit_data ad; 5690 u32 sid = current_sid(); 5691 | 5819static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg) 5820{ 5821 struct ipc_security_struct *isec; 5822 struct common_audit_data ad; 5823 u32 sid = current_sid(); 5824 |
| 5692 isec = selinux_ipc(msq); | 5825 isec = msq->security; |
| 5693 5694 ad.type = LSM_AUDIT_DATA_IPC; 5695 ad.u.ipc_id = msq->key; 5696 5697 return avc_has_perm(&selinux_state, 5698 sid, isec->sid, SECCLASS_MSGQ, 5699 MSGQ__ASSOCIATE, &ad); 5700} --- 32 unchanged lines hidden (view full) --- 5733static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *msg, int msqflg) 5734{ 5735 struct ipc_security_struct *isec; 5736 struct msg_security_struct *msec; 5737 struct common_audit_data ad; 5738 u32 sid = current_sid(); 5739 int rc; 5740 | 5826 5827 ad.type = LSM_AUDIT_DATA_IPC; 5828 ad.u.ipc_id = msq->key; 5829 5830 return avc_has_perm(&selinux_state, 5831 sid, isec->sid, SECCLASS_MSGQ, 5832 MSGQ__ASSOCIATE, &ad); 5833} --- 32 unchanged lines hidden (view full) --- 5866static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *msg, int msqflg) 5867{ 5868 struct ipc_security_struct *isec; 5869 struct msg_security_struct *msec; 5870 struct common_audit_data ad; 5871 u32 sid = current_sid(); 5872 int rc; 5873 |
| 5741 isec = selinux_ipc(msq); 5742 msec = selinux_msg_msg(msg); | 5874 isec = msq->security; 5875 msec = msg->security; |
| 5743 5744 /* 5745 * First time through, need to assign label to the message 5746 */ 5747 if (msec->sid == SECINITSID_UNLABELED) { 5748 /* 5749 * Compute new sid based on current process and 5750 * message queue this message will be stored in --- 30 unchanged lines hidden (view full) --- 5781 long type, int mode) 5782{ 5783 struct ipc_security_struct *isec; 5784 struct msg_security_struct *msec; 5785 struct common_audit_data ad; 5786 u32 sid = task_sid(target); 5787 int rc; 5788 | 5876 5877 /* 5878 * First time through, need to assign label to the message 5879 */ 5880 if (msec->sid == SECINITSID_UNLABELED) { 5881 /* 5882 * Compute new sid based on current process and 5883 * message queue this message will be stored in --- 30 unchanged lines hidden (view full) --- 5914 long type, int mode) 5915{ 5916 struct ipc_security_struct *isec; 5917 struct msg_security_struct *msec; 5918 struct common_audit_data ad; 5919 u32 sid = task_sid(target); 5920 int rc; 5921 |
| 5789 isec = selinux_ipc(msq); 5790 msec = selinux_msg_msg(msg); | 5922 isec = msq->security; 5923 msec = msg->security; |
| 5791 5792 ad.type = LSM_AUDIT_DATA_IPC; 5793 ad.u.ipc_id = msq->key; 5794 5795 rc = avc_has_perm(&selinux_state, 5796 sid, isec->sid, 5797 SECCLASS_MSGQ, MSGQ__READ, &ad); 5798 if (!rc) --- 6 unchanged lines hidden (view full) --- 5805/* Shared Memory security operations */ 5806static int selinux_shm_alloc_security(struct kern_ipc_perm *shp) 5807{ 5808 struct ipc_security_struct *isec; 5809 struct common_audit_data ad; 5810 u32 sid = current_sid(); 5811 int rc; 5812 | 5924 5925 ad.type = LSM_AUDIT_DATA_IPC; 5926 ad.u.ipc_id = msq->key; 5927 5928 rc = avc_has_perm(&selinux_state, 5929 sid, isec->sid, 5930 SECCLASS_MSGQ, MSGQ__READ, &ad); 5931 if (!rc) --- 6 unchanged lines hidden (view full) --- 5938/* Shared Memory security operations */ 5939static int selinux_shm_alloc_security(struct kern_ipc_perm *shp) 5940{ 5941 struct ipc_security_struct *isec; 5942 struct common_audit_data ad; 5943 u32 sid = current_sid(); 5944 int rc; 5945 |
| 5813 isec = selinux_ipc(shp); 5814 ipc_init_security(isec, SECCLASS_SHM); | 5946 rc = ipc_alloc_security(shp, SECCLASS_SHM); 5947 if (rc) 5948 return rc; |
| 5815 | 5949 |
| 5950 isec = shp->security; 5951 |
|
| 5816 ad.type = LSM_AUDIT_DATA_IPC; 5817 ad.u.ipc_id = shp->key; 5818 5819 rc = avc_has_perm(&selinux_state, 5820 sid, isec->sid, SECCLASS_SHM, 5821 SHM__CREATE, &ad); | 5952 ad.type = LSM_AUDIT_DATA_IPC; 5953 ad.u.ipc_id = shp->key; 5954 5955 rc = avc_has_perm(&selinux_state, 5956 sid, isec->sid, SECCLASS_SHM, 5957 SHM__CREATE, &ad); |
| 5822 return rc; | 5958 if (rc) { 5959 ipc_free_security(shp); 5960 return rc; 5961 } 5962 return 0; |
| 5823} 5824 | 5963} 5964 |
| 5965static void selinux_shm_free_security(struct kern_ipc_perm *shp) 5966{ 5967 ipc_free_security(shp); 5968} 5969 |
|
| 5825static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg) 5826{ 5827 struct ipc_security_struct *isec; 5828 struct common_audit_data ad; 5829 u32 sid = current_sid(); 5830 | 5970static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg) 5971{ 5972 struct ipc_security_struct *isec; 5973 struct common_audit_data ad; 5974 u32 sid = current_sid(); 5975 |
| 5831 isec = selinux_ipc(shp); | 5976 isec = shp->security; |
| 5832 5833 ad.type = LSM_AUDIT_DATA_IPC; 5834 ad.u.ipc_id = shp->key; 5835 5836 return avc_has_perm(&selinux_state, 5837 sid, isec->sid, SECCLASS_SHM, 5838 SHM__ASSOCIATE, &ad); 5839} --- 50 unchanged lines hidden (view full) --- 5890/* Semaphore security operations */ 5891static int selinux_sem_alloc_security(struct kern_ipc_perm *sma) 5892{ 5893 struct ipc_security_struct *isec; 5894 struct common_audit_data ad; 5895 u32 sid = current_sid(); 5896 int rc; 5897 | 5977 5978 ad.type = LSM_AUDIT_DATA_IPC; 5979 ad.u.ipc_id = shp->key; 5980 5981 return avc_has_perm(&selinux_state, 5982 sid, isec->sid, SECCLASS_SHM, 5983 SHM__ASSOCIATE, &ad); 5984} --- 50 unchanged lines hidden (view full) --- 6035/* Semaphore security operations */ 6036static int selinux_sem_alloc_security(struct kern_ipc_perm *sma) 6037{ 6038 struct ipc_security_struct *isec; 6039 struct common_audit_data ad; 6040 u32 sid = current_sid(); 6041 int rc; 6042 |
| 5898 isec = selinux_ipc(sma); 5899 ipc_init_security(isec, SECCLASS_SEM); | 6043 rc = ipc_alloc_security(sma, SECCLASS_SEM); 6044 if (rc) 6045 return rc; |
| 5900 | 6046 |
| 6047 isec = sma->security; 6048 |
|
| 5901 ad.type = LSM_AUDIT_DATA_IPC; 5902 ad.u.ipc_id = sma->key; 5903 5904 rc = avc_has_perm(&selinux_state, 5905 sid, isec->sid, SECCLASS_SEM, 5906 SEM__CREATE, &ad); | 6049 ad.type = LSM_AUDIT_DATA_IPC; 6050 ad.u.ipc_id = sma->key; 6051 6052 rc = avc_has_perm(&selinux_state, 6053 sid, isec->sid, SECCLASS_SEM, 6054 SEM__CREATE, &ad); |
| 5907 return rc; | 6055 if (rc) { 6056 ipc_free_security(sma); 6057 return rc; 6058 } 6059 return 0; |
| 5908} 5909 | 6060} 6061 |
| 6062static void selinux_sem_free_security(struct kern_ipc_perm *sma) 6063{ 6064 ipc_free_security(sma); 6065} 6066 |
|
| 5910static int selinux_sem_associate(struct kern_ipc_perm *sma, int semflg) 5911{ 5912 struct ipc_security_struct *isec; 5913 struct common_audit_data ad; 5914 u32 sid = current_sid(); 5915 | 6067static int selinux_sem_associate(struct kern_ipc_perm *sma, int semflg) 6068{ 6069 struct ipc_security_struct *isec; 6070 struct common_audit_data ad; 6071 u32 sid = current_sid(); 6072 |
| 5916 isec = selinux_ipc(sma); | 6073 isec = sma->security; |
| 5917 5918 ad.type = LSM_AUDIT_DATA_IPC; 5919 ad.u.ipc_id = sma->key; 5920 5921 return avc_has_perm(&selinux_state, 5922 sid, isec->sid, SECCLASS_SEM, 5923 SEM__ASSOCIATE, &ad); 5924} --- 69 unchanged lines hidden (view full) --- 5994 if (av == 0) 5995 return 0; 5996 5997 return ipc_has_perm(ipcp, av); 5998} 5999 6000static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) 6001{ | 6074 6075 ad.type = LSM_AUDIT_DATA_IPC; 6076 ad.u.ipc_id = sma->key; 6077 6078 return avc_has_perm(&selinux_state, 6079 sid, isec->sid, SECCLASS_SEM, 6080 SEM__ASSOCIATE, &ad); 6081} --- 69 unchanged lines hidden (view full) --- 6151 if (av == 0) 6152 return 0; 6153 6154 return ipc_has_perm(ipcp, av); 6155} 6156 6157static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) 6158{ |
| 6002 struct ipc_security_struct *isec = selinux_ipc(ipcp); | 6159 struct ipc_security_struct *isec = ipcp->security; |
| 6003 *secid = isec->sid; 6004} 6005 6006static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) 6007{ 6008 if (inode) 6009 inode_doinit_with_dentry(inode, dentry); 6010} 6011 6012static int selinux_getprocattr(struct task_struct *p, 6013 char *name, char **value) 6014{ 6015 const struct task_security_struct *__tsec; 6016 u32 sid; 6017 int error; 6018 unsigned len; 6019 6020 rcu_read_lock(); | 6160 *secid = isec->sid; 6161} 6162 6163static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) 6164{ 6165 if (inode) 6166 inode_doinit_with_dentry(inode, dentry); 6167} 6168 6169static int selinux_getprocattr(struct task_struct *p, 6170 char *name, char **value) 6171{ 6172 const struct task_security_struct *__tsec; 6173 u32 sid; 6174 int error; 6175 unsigned len; 6176 6177 rcu_read_lock(); |
| 6021 __tsec = selinux_cred(__task_cred(p)); | 6178 __tsec = __task_cred(p)->security; |
| 6022 6023 if (current != p) { 6024 error = avc_has_perm(&selinux_state, 6025 current_sid(), __tsec->sid, 6026 SECCLASS_PROCESS, PROCESS__GETATTR, NULL); 6027 if (error) 6028 goto bad; 6029 } --- 106 unchanged lines hidden (view full) --- 6136 return -ENOMEM; 6137 6138 /* Permission checking based on the specified context is 6139 performed during the actual operation (execve, 6140 open/mkdir/...), when we know the full context of the 6141 operation. See selinux_bprm_set_creds for the execve 6142 checks and may_create for the file creation checks. The 6143 operation will then fail if the context is not permitted. */ | 6179 6180 if (current != p) { 6181 error = avc_has_perm(&selinux_state, 6182 current_sid(), __tsec->sid, 6183 SECCLASS_PROCESS, PROCESS__GETATTR, NULL); 6184 if (error) 6185 goto bad; 6186 } --- 106 unchanged lines hidden (view full) --- 6293 return -ENOMEM; 6294 6295 /* Permission checking based on the specified context is 6296 performed during the actual operation (execve, 6297 open/mkdir/...), when we know the full context of the 6298 operation. See selinux_bprm_set_creds for the execve 6299 checks and may_create for the file creation checks. The 6300 operation will then fail if the context is not permitted. */ |
| 6144 tsec = selinux_cred(new); | 6301 tsec = new->security; |
| 6145 if (!strcmp(name, "exec")) { 6146 tsec->exec_sid = sid; 6147 } else if (!strcmp(name, "fscreate")) { 6148 tsec->create_sid = sid; 6149 } else if (!strcmp(name, "keycreate")) { 6150 error = avc_has_perm(&selinux_state, 6151 mysid, sid, SECCLASS_KEY, KEY__CREATE, 6152 NULL); --- 67 unchanged lines hidden (view full) --- 6220 6221static void selinux_release_secctx(char *secdata, u32 seclen) 6222{ 6223 kfree(secdata); 6224} 6225 6226static void selinux_inode_invalidate_secctx(struct inode *inode) 6227{ | 6302 if (!strcmp(name, "exec")) { 6303 tsec->exec_sid = sid; 6304 } else if (!strcmp(name, "fscreate")) { 6305 tsec->create_sid = sid; 6306 } else if (!strcmp(name, "keycreate")) { 6307 error = avc_has_perm(&selinux_state, 6308 mysid, sid, SECCLASS_KEY, KEY__CREATE, 6309 NULL); --- 67 unchanged lines hidden (view full) --- 6377 6378static void selinux_release_secctx(char *secdata, u32 seclen) 6379{ 6380 kfree(secdata); 6381} 6382 6383static void selinux_inode_invalidate_secctx(struct inode *inode) 6384{ |
| 6228 struct inode_security_struct *isec = selinux_inode(inode); | 6385 struct inode_security_struct *isec = inode->i_security; |
| 6229 6230 spin_lock(&isec->lock); 6231 isec->initialized = LABEL_INVALID; 6232 spin_unlock(&isec->lock); 6233} 6234 6235/* 6236 * called with inode->i_mutex locked --- 28 unchanged lines hidden (view full) --- 6265{ 6266 const struct task_security_struct *tsec; 6267 struct key_security_struct *ksec; 6268 6269 ksec = kzalloc(sizeof(struct key_security_struct), GFP_KERNEL); 6270 if (!ksec) 6271 return -ENOMEM; 6272 | 6386 6387 spin_lock(&isec->lock); 6388 isec->initialized = LABEL_INVALID; 6389 spin_unlock(&isec->lock); 6390} 6391 6392/* 6393 * called with inode->i_mutex locked --- 28 unchanged lines hidden (view full) --- 6422{ 6423 const struct task_security_struct *tsec; 6424 struct key_security_struct *ksec; 6425 6426 ksec = kzalloc(sizeof(struct key_security_struct), GFP_KERNEL); 6427 if (!ksec) 6428 return -ENOMEM; 6429 |
| 6273 tsec = selinux_cred(cred); | 6430 tsec = cred->security; |
| 6274 if (tsec->keycreate_sid) 6275 ksec->sid = tsec->keycreate_sid; 6276 else 6277 ksec->sid = tsec->sid; 6278 6279 k->security = ksec; 6280 return 0; 6281} --- 246 unchanged lines hidden (view full) --- 6528{ 6529 struct bpf_security_struct *bpfsec = aux->security; 6530 6531 aux->security = NULL; 6532 kfree(bpfsec); 6533} 6534#endif 6535 | 6431 if (tsec->keycreate_sid) 6432 ksec->sid = tsec->keycreate_sid; 6433 else 6434 ksec->sid = tsec->sid; 6435 6436 k->security = ksec; 6437 return 0; 6438} --- 246 unchanged lines hidden (view full) --- 6685{ 6686 struct bpf_security_struct *bpfsec = aux->security; 6687 6688 aux->security = NULL; 6689 kfree(bpfsec); 6690} 6691#endif 6692 |
| 6536struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { 6537 .lbs_cred = sizeof(struct task_security_struct), 6538 .lbs_file = sizeof(struct file_security_struct), 6539 .lbs_inode = sizeof(struct inode_security_struct), 6540 .lbs_ipc = sizeof(struct ipc_security_struct), 6541 .lbs_msg_msg = sizeof(struct msg_security_struct), 6542}; 6543 | |
| 6544static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6545 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6546 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6547 LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), 6548 LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), 6549 6550 LSM_HOOK_INIT(ptrace_access_check, selinux_ptrace_access_check), 6551 LSM_HOOK_INIT(ptrace_traceme, selinux_ptrace_traceme), --- 53 unchanged lines hidden (view full) --- 6605 LSM_HOOK_INIT(inode_setsecurity, selinux_inode_setsecurity), 6606 LSM_HOOK_INIT(inode_listsecurity, selinux_inode_listsecurity), 6607 LSM_HOOK_INIT(inode_getsecid, selinux_inode_getsecid), 6608 LSM_HOOK_INIT(inode_copy_up, selinux_inode_copy_up), 6609 LSM_HOOK_INIT(inode_copy_up_xattr, selinux_inode_copy_up_xattr), 6610 6611 LSM_HOOK_INIT(file_permission, selinux_file_permission), 6612 LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security), | 6693static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6694 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6695 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6696 LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), 6697 LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), 6698 6699 LSM_HOOK_INIT(ptrace_access_check, selinux_ptrace_access_check), 6700 LSM_HOOK_INIT(ptrace_traceme, selinux_ptrace_traceme), --- 53 unchanged lines hidden (view full) --- 6754 LSM_HOOK_INIT(inode_setsecurity, selinux_inode_setsecurity), 6755 LSM_HOOK_INIT(inode_listsecurity, selinux_inode_listsecurity), 6756 LSM_HOOK_INIT(inode_getsecid, selinux_inode_getsecid), 6757 LSM_HOOK_INIT(inode_copy_up, selinux_inode_copy_up), 6758 LSM_HOOK_INIT(inode_copy_up_xattr, selinux_inode_copy_up_xattr), 6759 6760 LSM_HOOK_INIT(file_permission, selinux_file_permission), 6761 LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security), |
| 6762 LSM_HOOK_INIT(file_free_security, selinux_file_free_security), |
|
| 6613 LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl), 6614 LSM_HOOK_INIT(mmap_file, selinux_mmap_file), 6615 LSM_HOOK_INIT(mmap_addr, selinux_mmap_addr), 6616 LSM_HOOK_INIT(file_mprotect, selinux_file_mprotect), 6617 LSM_HOOK_INIT(file_lock, selinux_file_lock), 6618 LSM_HOOK_INIT(file_fcntl, selinux_file_fcntl), 6619 LSM_HOOK_INIT(file_set_fowner, selinux_file_set_fowner), 6620 LSM_HOOK_INIT(file_send_sigiotask, selinux_file_send_sigiotask), 6621 LSM_HOOK_INIT(file_receive, selinux_file_receive), 6622 6623 LSM_HOOK_INIT(file_open, selinux_file_open), 6624 6625 LSM_HOOK_INIT(task_alloc, selinux_task_alloc), | 6763 LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl), 6764 LSM_HOOK_INIT(mmap_file, selinux_mmap_file), 6765 LSM_HOOK_INIT(mmap_addr, selinux_mmap_addr), 6766 LSM_HOOK_INIT(file_mprotect, selinux_file_mprotect), 6767 LSM_HOOK_INIT(file_lock, selinux_file_lock), 6768 LSM_HOOK_INIT(file_fcntl, selinux_file_fcntl), 6769 LSM_HOOK_INIT(file_set_fowner, selinux_file_set_fowner), 6770 LSM_HOOK_INIT(file_send_sigiotask, selinux_file_send_sigiotask), 6771 LSM_HOOK_INIT(file_receive, selinux_file_receive), 6772 6773 LSM_HOOK_INIT(file_open, selinux_file_open), 6774 6775 LSM_HOOK_INIT(task_alloc, selinux_task_alloc), |
| 6776 LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank), 6777 LSM_HOOK_INIT(cred_free, selinux_cred_free), |
|
| 6626 LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), 6627 LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), 6628 LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid), 6629 LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), 6630 LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), 6631 LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), 6632 LSM_HOOK_INIT(kernel_load_data, selinux_kernel_load_data), 6633 LSM_HOOK_INIT(kernel_read_file, selinux_kernel_read_file), --- 11 unchanged lines hidden (view full) --- 6645 LSM_HOOK_INIT(task_movememory, selinux_task_movememory), 6646 LSM_HOOK_INIT(task_kill, selinux_task_kill), 6647 LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), 6648 6649 LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), 6650 LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), 6651 6652 LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), | 6778 LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), 6779 LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), 6780 LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid), 6781 LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), 6782 LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), 6783 LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), 6784 LSM_HOOK_INIT(kernel_load_data, selinux_kernel_load_data), 6785 LSM_HOOK_INIT(kernel_read_file, selinux_kernel_read_file), --- 11 unchanged lines hidden (view full) --- 6797 LSM_HOOK_INIT(task_movememory, selinux_task_movememory), 6798 LSM_HOOK_INIT(task_kill, selinux_task_kill), 6799 LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), 6800 6801 LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), 6802 LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), 6803 6804 LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), |
| 6805 LSM_HOOK_INIT(msg_msg_free_security, selinux_msg_msg_free_security), |
|
| 6653 6654 LSM_HOOK_INIT(msg_queue_alloc_security, 6655 selinux_msg_queue_alloc_security), | 6806 6807 LSM_HOOK_INIT(msg_queue_alloc_security, 6808 selinux_msg_queue_alloc_security), |
| 6809 LSM_HOOK_INIT(msg_queue_free_security, selinux_msg_queue_free_security), |
|
| 6656 LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), 6657 LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), 6658 LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), 6659 LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), 6660 6661 LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), | 6810 LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), 6811 LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), 6812 LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), 6813 LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), 6814 6815 LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), |
| 6816 LSM_HOOK_INIT(shm_free_security, selinux_shm_free_security), |
|
| 6662 LSM_HOOK_INIT(shm_associate, selinux_shm_associate), 6663 LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), 6664 LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), 6665 6666 LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), | 6817 LSM_HOOK_INIT(shm_associate, selinux_shm_associate), 6818 LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), 6819 LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), 6820 6821 LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), |
| 6822 LSM_HOOK_INIT(sem_free_security, selinux_sem_free_security), |
|
| 6667 LSM_HOOK_INIT(sem_associate, selinux_sem_associate), 6668 LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), 6669 LSM_HOOK_INIT(sem_semop, selinux_sem_semop), 6670 6671 LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), 6672 6673 LSM_HOOK_INIT(getprocattr, selinux_getprocattr), 6674 LSM_HOOK_INIT(setprocattr, selinux_setprocattr), --- 94 unchanged lines hidden (view full) --- 6769 LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), 6770 LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free), 6771 LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free), 6772#endif 6773}; 6774 6775static __init int selinux_init(void) 6776{ | 6823 LSM_HOOK_INIT(sem_associate, selinux_sem_associate), 6824 LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), 6825 LSM_HOOK_INIT(sem_semop, selinux_sem_semop), 6826 6827 LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), 6828 6829 LSM_HOOK_INIT(getprocattr, selinux_getprocattr), 6830 LSM_HOOK_INIT(setprocattr, selinux_setprocattr), --- 94 unchanged lines hidden (view full) --- 6925 LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), 6926 LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free), 6927 LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free), 6928#endif 6929}; 6930 6931static __init int selinux_init(void) 6932{ |
| 6933 if (!security_module_enable("selinux")) { 6934 selinux_enabled = 0; 6935 return 0; 6936 } 6937 6938 if (!selinux_enabled) { 6939 pr_info("SELinux: Disabled at boot.\n"); 6940 return 0; 6941 } 6942 |
|
| 6777 pr_info("SELinux: Initializing.\n"); 6778 6779 memset(&selinux_state, 0, sizeof(selinux_state)); 6780 enforcing_set(&selinux_state, selinux_enforcing_boot); 6781 selinux_state.checkreqprot = selinux_checkreqprot_boot; 6782 selinux_ss_init(&selinux_state.ss); 6783 selinux_avc_init(&selinux_state.avc); 6784 6785 /* Set the security state for the initial task. */ 6786 cred_init_security(); 6787 6788 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC); 6789 | 6943 pr_info("SELinux: Initializing.\n"); 6944 6945 memset(&selinux_state, 0, sizeof(selinux_state)); 6946 enforcing_set(&selinux_state, selinux_enforcing_boot); 6947 selinux_state.checkreqprot = selinux_checkreqprot_boot; 6948 selinux_ss_init(&selinux_state.ss); 6949 selinux_avc_init(&selinux_state.avc); 6950 6951 /* Set the security state for the initial task. */ 6952 cred_init_security(); 6953 6954 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC); 6955 |
| 6956 sel_inode_cache = kmem_cache_create("selinux_inode_security", 6957 sizeof(struct inode_security_struct), 6958 0, SLAB_PANIC, NULL); 6959 file_security_cache = kmem_cache_create("selinux_file_security", 6960 sizeof(struct file_security_struct), 6961 0, SLAB_PANIC, NULL); |
|
| 6790 avc_init(); 6791 6792 avtab_cache_init(); 6793 6794 ebitmap_cache_init(); 6795 6796 hashtab_cache_init(); 6797 --- 26 unchanged lines hidden (view full) --- 6824 pr_debug("SELinux: Setting up existing superblocks.\n"); 6825 iterate_supers(delayed_superblock_init, NULL); 6826} 6827 6828/* SELinux requires early initialization in order to label 6829 all processes and objects when they are created. */ 6830DEFINE_LSM(selinux) = { 6831 .name = "selinux", | 6962 avc_init(); 6963 6964 avtab_cache_init(); 6965 6966 ebitmap_cache_init(); 6967 6968 hashtab_cache_init(); 6969 --- 26 unchanged lines hidden (view full) --- 6996 pr_debug("SELinux: Setting up existing superblocks.\n"); 6997 iterate_supers(delayed_superblock_init, NULL); 6998} 6999 7000/* SELinux requires early initialization in order to label 7001 all processes and objects when they are created. */ 7002DEFINE_LSM(selinux) = { 7003 .name = "selinux", |
| 6832 .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, 6833 .enabled = &selinux_enabled, 6834 .blobs = &selinux_blob_sizes, | |
| 6835 .init = selinux_init, 6836}; 6837 6838#if defined(CONFIG_NETFILTER) 6839 6840static const struct nf_hook_ops selinux_nf_ops[] = { 6841 { 6842 .hook = selinux_ipv4_postroute, --- 122 unchanged lines hidden --- | 7004 .init = selinux_init, 7005}; 7006 7007#if defined(CONFIG_NETFILTER) 7008 7009static const struct nf_hook_ops selinux_nf_ops[] = { 7010 { 7011 .hook = selinux_ipv4_postroute, --- 122 unchanged lines hidden --- |