| hooks.c (c95baf12f5077419db01313ab61c2aac007d40cd) | hooks.c (e4cfa05e9bfe286457082477b32ecd17737bdbce) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * NSA Security-Enhanced Linux (SELinux) security module 4 * 5 * This file contains the SELinux hook function implementations. 6 * 7 * Authors: Stephen Smalley, <sds@tycho.nsa.gov> 8 * Chris Vance, <cvance@nai.com> --- 95 unchanged lines hidden (view full) --- 104#include "avc_ss.h" 105 106struct selinux_state selinux_state; 107 108/* SECMARK reference count */ 109static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); 110 111#ifdef CONFIG_SECURITY_SELINUX_DEVELOP | 1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * NSA Security-Enhanced Linux (SELinux) security module 4 * 5 * This file contains the SELinux hook function implementations. 6 * 7 * Authors: Stephen Smalley, <sds@tycho.nsa.gov> 8 * Chris Vance, <cvance@nai.com> --- 95 unchanged lines hidden (view full) --- 104#include "avc_ss.h" 105 106struct selinux_state selinux_state; 107 108/* SECMARK reference count */ 109static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); 110 111#ifdef CONFIG_SECURITY_SELINUX_DEVELOP |
| 112static int selinux_enforcing_boot; | 112static int selinux_enforcing_boot __initdata; |
| 113 114static int __init enforcing_setup(char *str) 115{ 116 unsigned long enforcing; 117 if (!kstrtoul(str, 0, &enforcing)) 118 selinux_enforcing_boot = enforcing ? 1 : 0; 119 return 1; 120} 121__setup("enforcing=", enforcing_setup); 122#else 123#define selinux_enforcing_boot 1 124#endif 125 | 113 114static int __init enforcing_setup(char *str) 115{ 116 unsigned long enforcing; 117 if (!kstrtoul(str, 0, &enforcing)) 118 selinux_enforcing_boot = enforcing ? 1 : 0; 119 return 1; 120} 121__setup("enforcing=", enforcing_setup); 122#else 123#define selinux_enforcing_boot 1 124#endif 125 |
| 126int selinux_enabled __lsm_ro_after_init = 1; | 126int selinux_enabled_boot __initdata = 1; |
| 127#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM 128static int __init selinux_enabled_setup(char *str) 129{ 130 unsigned long enabled; 131 if (!kstrtoul(str, 0, &enabled)) | 127#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM 128static int __init selinux_enabled_setup(char *str) 129{ 130 unsigned long enabled; 131 if (!kstrtoul(str, 0, &enabled)) |
| 132 selinux_enabled = enabled ? 1 : 0; | 132 selinux_enabled_boot = enabled ? 1 : 0; |
| 133 return 1; 134} 135__setup("selinux=", selinux_enabled_setup); 136#endif 137 138static unsigned int selinux_checkreqprot_boot = 139 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; 140 141static int __init checkreqprot_setup(char *str) 142{ 143 unsigned long checkreqprot; 144 | 133 return 1; 134} 135__setup("selinux=", selinux_enabled_setup); 136#endif 137 138static unsigned int selinux_checkreqprot_boot = 139 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; 140 141static int __init checkreqprot_setup(char *str) 142{ 143 unsigned long checkreqprot; 144 |
| 145 if (!kstrtoul(str, 0, &checkreqprot)) | 145 if (!kstrtoul(str, 0, &checkreqprot)) { |
| 146 selinux_checkreqprot_boot = checkreqprot ? 1 : 0; | 146 selinux_checkreqprot_boot = checkreqprot ? 1 : 0; |
| 147 if (checkreqprot) 148 pr_warn("SELinux: checkreqprot set to 1 via kernel parameter. This is deprecated and will be rejected in a future kernel release.\n"); 149 } |
|
| 147 return 1; 148} 149__setup("checkreqprot=", checkreqprot_setup); 150 151/** 152 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled 153 * 154 * Description: --- 78 unchanged lines hidden (view full) --- 233 u32 sid; 234 235 rcu_read_lock(); 236 sid = cred_sid(__task_cred(task)); 237 rcu_read_unlock(); 238 return sid; 239} 240 | 150 return 1; 151} 152__setup("checkreqprot=", checkreqprot_setup); 153 154/** 155 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled 156 * 157 * Description: --- 78 unchanged lines hidden (view full) --- 236 u32 sid; 237 238 rcu_read_lock(); 239 sid = cred_sid(__task_cred(task)); 240 rcu_read_unlock(); 241 return sid; 242} 243 |
| 241/* Allocate and free functions for each kind of security blob. */ 242 243static int inode_alloc_security(struct inode *inode) 244{ 245 struct inode_security_struct *isec = selinux_inode(inode); 246 u32 sid = current_sid(); 247 248 spin_lock_init(&isec->lock); 249 INIT_LIST_HEAD(&isec->list); 250 isec->inode = inode; 251 isec->sid = SECINITSID_UNLABELED; 252 isec->sclass = SECCLASS_FILE; 253 isec->task_sid = sid; 254 isec->initialized = LABEL_INVALID; 255 256 return 0; 257} 258 | |
| 259static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry); 260 261/* 262 * Try reloading inode security labels that have been marked as invalid. The 263 * @may_sleep parameter indicates when sleeping and thus reloading labels is 264 * allowed; when set to false, returns -ECHILD when the label is 265 * invalid. The @dentry parameter should be set to a dentry of the inode. 266 */ 267static int __inode_security_revalidate(struct inode *inode, 268 struct dentry *dentry, 269 bool may_sleep) 270{ 271 struct inode_security_struct *isec = selinux_inode(inode); 272 273 might_sleep_if(may_sleep); 274 | 244static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry); 245 246/* 247 * Try reloading inode security labels that have been marked as invalid. The 248 * @may_sleep parameter indicates when sleeping and thus reloading labels is 249 * allowed; when set to false, returns -ECHILD when the label is 250 * invalid. The @dentry parameter should be set to a dentry of the inode. 251 */ 252static int __inode_security_revalidate(struct inode *inode, 253 struct dentry *dentry, 254 bool may_sleep) 255{ 256 struct inode_security_struct *isec = selinux_inode(inode); 257 258 might_sleep_if(may_sleep); 259 |
| 275 if (selinux_state.initialized && | 260 if (selinux_initialized(&selinux_state) && |
| 276 isec->initialized != LABEL_INITIALIZED) { 277 if (!may_sleep) 278 return -ECHILD; 279 280 /* 281 * Try reloading the inode security label. This will fail if 282 * @opt_dentry is NULL and no dentry for this inode can be 283 * found; in that case, continue using the old label. --- 65 unchanged lines hidden (view full) --- 349 */ 350 if (!list_empty_careful(&isec->list)) { 351 spin_lock(&sbsec->isec_lock); 352 list_del_init(&isec->list); 353 spin_unlock(&sbsec->isec_lock); 354 } 355} 356 | 261 isec->initialized != LABEL_INITIALIZED) { 262 if (!may_sleep) 263 return -ECHILD; 264 265 /* 266 * Try reloading the inode security label. This will fail if 267 * @opt_dentry is NULL and no dentry for this inode can be 268 * found; in that case, continue using the old label. --- 65 unchanged lines hidden (view full) --- 334 */ 335 if (!list_empty_careful(&isec->list)) { 336 spin_lock(&sbsec->isec_lock); 337 list_del_init(&isec->list); 338 spin_unlock(&sbsec->isec_lock); 339 } 340} 341 |
| 357static int file_alloc_security(struct file *file) 358{ 359 struct file_security_struct *fsec = selinux_file(file); 360 u32 sid = current_sid(); 361 362 fsec->sid = sid; 363 fsec->fown_sid = sid; 364 365 return 0; 366} 367 368static int superblock_alloc_security(struct super_block *sb) 369{ 370 struct superblock_security_struct *sbsec; 371 372 sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); 373 if (!sbsec) 374 return -ENOMEM; 375 376 mutex_init(&sbsec->lock); 377 INIT_LIST_HEAD(&sbsec->isec_head); 378 spin_lock_init(&sbsec->isec_lock); 379 sbsec->sb = sb; 380 sbsec->sid = SECINITSID_UNLABELED; 381 sbsec->def_sid = SECINITSID_FILE; 382 sbsec->mntpoint_sid = SECINITSID_UNLABELED; 383 sb->s_security = sbsec; 384 385 return 0; 386} 387 | |
| 388static void superblock_free_security(struct super_block *sb) 389{ 390 struct superblock_security_struct *sbsec = sb->s_security; 391 sb->s_security = NULL; 392 kfree(sbsec); 393} 394 395struct selinux_mnt_opts { --- 5 unchanged lines hidden (view full) --- 401 struct selinux_mnt_opts *opts = mnt_opts; 402 kfree(opts->fscontext); 403 kfree(opts->context); 404 kfree(opts->rootcontext); 405 kfree(opts->defcontext); 406 kfree(opts); 407} 408 | 342static void superblock_free_security(struct super_block *sb) 343{ 344 struct superblock_security_struct *sbsec = sb->s_security; 345 sb->s_security = NULL; 346 kfree(sbsec); 347} 348 349struct selinux_mnt_opts { --- 5 unchanged lines hidden (view full) --- 355 struct selinux_mnt_opts *opts = mnt_opts; 356 kfree(opts->fscontext); 357 kfree(opts->context); 358 kfree(opts->rootcontext); 359 kfree(opts->defcontext); 360 kfree(opts); 361} 362 |
| 409static inline int inode_doinit(struct inode *inode) 410{ 411 return inode_doinit_with_dentry(inode, NULL); 412} 413 | |
| 414enum { 415 Opt_error = -1, 416 Opt_context = 0, 417 Opt_defcontext = 1, 418 Opt_fscontext = 2, 419 Opt_rootcontext = 3, 420 Opt_seclabel = 4, 421}; --- 171 unchanged lines hidden (view full) --- 593 list_first_entry(&sbsec->isec_head, 594 struct inode_security_struct, list); 595 struct inode *inode = isec->inode; 596 list_del_init(&isec->list); 597 spin_unlock(&sbsec->isec_lock); 598 inode = igrab(inode); 599 if (inode) { 600 if (!IS_PRIVATE(inode)) | 363enum { 364 Opt_error = -1, 365 Opt_context = 0, 366 Opt_defcontext = 1, 367 Opt_fscontext = 2, 368 Opt_rootcontext = 3, 369 Opt_seclabel = 4, 370}; --- 171 unchanged lines hidden (view full) --- 542 list_first_entry(&sbsec->isec_head, 543 struct inode_security_struct, list); 544 struct inode *inode = isec->inode; 545 list_del_init(&isec->list); 546 spin_unlock(&sbsec->isec_lock); 547 inode = igrab(inode); 548 if (inode) { 549 if (!IS_PRIVATE(inode)) |
| 601 inode_doinit(inode); | 550 inode_doinit_with_dentry(inode, NULL); |
| 602 iput(inode); 603 } 604 spin_lock(&sbsec->isec_lock); 605 } 606 spin_unlock(&sbsec->isec_lock); 607out: 608 return rc; 609} --- 44 unchanged lines hidden (view full) --- 654 struct selinux_mnt_opts *opts = mnt_opts; 655 struct inode_security_struct *root_isec; 656 u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0; 657 u32 defcontext_sid = 0; 658 int rc = 0; 659 660 mutex_lock(&sbsec->lock); 661 | 551 iput(inode); 552 } 553 spin_lock(&sbsec->isec_lock); 554 } 555 spin_unlock(&sbsec->isec_lock); 556out: 557 return rc; 558} --- 44 unchanged lines hidden (view full) --- 603 struct selinux_mnt_opts *opts = mnt_opts; 604 struct inode_security_struct *root_isec; 605 u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0; 606 u32 defcontext_sid = 0; 607 int rc = 0; 608 609 mutex_lock(&sbsec->lock); 610 |
| 662 if (!selinux_state.initialized) { | 611 if (!selinux_initialized(&selinux_state)) { |
| 663 if (!opts) { 664 /* Defer initialization until selinux_complete_init, 665 after the initial policy is loaded and the security 666 server is ready to handle calls. */ 667 goto out; 668 } 669 rc = -EINVAL; 670 pr_warn("SELinux: Unable to set superblock options " --- 76 unchanged lines hidden (view full) --- 747 goto out; 748 } 749 750 if (strcmp(sb->s_type->name, "proc") == 0) 751 sbsec->flags |= SE_SBPROC | SE_SBGENFS; 752 753 if (!strcmp(sb->s_type->name, "debugfs") || 754 !strcmp(sb->s_type->name, "tracefs") || | 612 if (!opts) { 613 /* Defer initialization until selinux_complete_init, 614 after the initial policy is loaded and the security 615 server is ready to handle calls. */ 616 goto out; 617 } 618 rc = -EINVAL; 619 pr_warn("SELinux: Unable to set superblock options " --- 76 unchanged lines hidden (view full) --- 696 goto out; 697 } 698 699 if (strcmp(sb->s_type->name, "proc") == 0) 700 sbsec->flags |= SE_SBPROC | SE_SBGENFS; 701 702 if (!strcmp(sb->s_type->name, "debugfs") || 703 !strcmp(sb->s_type->name, "tracefs") || |
| 704 !strcmp(sb->s_type->name, "binderfs") || 705 !strcmp(sb->s_type->name, "bpf") || |
|
| 755 !strcmp(sb->s_type->name, "pstore")) 756 sbsec->flags |= SE_SBGENFS; 757 758 if (!strcmp(sb->s_type->name, "sysfs") || 759 !strcmp(sb->s_type->name, "cgroup") || 760 !strcmp(sb->s_type->name, "cgroup2")) 761 sbsec->flags |= SE_SBGENFS | SE_SBGENFS_XATTR; 762 --- 160 unchanged lines hidden (view full) --- 923 int set_fscontext = (oldsbsec->flags & FSCONTEXT_MNT); 924 int set_context = (oldsbsec->flags & CONTEXT_MNT); 925 int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); 926 927 /* 928 * if the parent was able to be mounted it clearly had no special lsm 929 * mount options. thus we can safely deal with this superblock later 930 */ | 706 !strcmp(sb->s_type->name, "pstore")) 707 sbsec->flags |= SE_SBGENFS; 708 709 if (!strcmp(sb->s_type->name, "sysfs") || 710 !strcmp(sb->s_type->name, "cgroup") || 711 !strcmp(sb->s_type->name, "cgroup2")) 712 sbsec->flags |= SE_SBGENFS | SE_SBGENFS_XATTR; 713 --- 160 unchanged lines hidden (view full) --- 874 int set_fscontext = (oldsbsec->flags & FSCONTEXT_MNT); 875 int set_context = (oldsbsec->flags & CONTEXT_MNT); 876 int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); 877 878 /* 879 * if the parent was able to be mounted it clearly had no special lsm 880 * mount options. thus we can safely deal with this superblock later 881 */ |
| 931 if (!selinux_state.initialized) | 882 if (!selinux_initialized(&selinux_state)) |
| 932 return 0; 933 934 /* 935 * Specifying internal flags without providing a place to 936 * place the results is not allowed. 937 */ 938 if (kern_flags && !set_kern_flags) 939 return -EINVAL; --- 158 unchanged lines hidden (view full) --- 1098static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb) 1099{ 1100 struct superblock_security_struct *sbsec = sb->s_security; 1101 int rc; 1102 1103 if (!(sbsec->flags & SE_SBINITIALIZED)) 1104 return 0; 1105 | 883 return 0; 884 885 /* 886 * Specifying internal flags without providing a place to 887 * place the results is not allowed. 888 */ 889 if (kern_flags && !set_kern_flags) 890 return -EINVAL; --- 158 unchanged lines hidden (view full) --- 1049static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb) 1050{ 1051 struct superblock_security_struct *sbsec = sb->s_security; 1052 int rc; 1053 1054 if (!(sbsec->flags & SE_SBINITIALIZED)) 1055 return 0; 1056 |
| 1106 if (!selinux_state.initialized) | 1057 if (!selinux_initialized(&selinux_state)) |
| 1107 return 0; 1108 1109 if (sbsec->flags & FSCONTEXT_MNT) { 1110 seq_putc(m, ','); 1111 seq_puts(m, FSCONTEXT_STR); 1112 rc = show_sid(m, sbsec->sid); 1113 if (rc) 1114 return rc; --- 408 unchanged lines hidden (view full) --- 1523 break; 1524 case SECURITY_FS_USE_MNTPOINT: 1525 sid = sbsec->mntpoint_sid; 1526 break; 1527 default: 1528 /* Default to the fs superblock SID. */ 1529 sid = sbsec->sid; 1530 | 1058 return 0; 1059 1060 if (sbsec->flags & FSCONTEXT_MNT) { 1061 seq_putc(m, ','); 1062 seq_puts(m, FSCONTEXT_STR); 1063 rc = show_sid(m, sbsec->sid); 1064 if (rc) 1065 return rc; --- 408 unchanged lines hidden (view full) --- 1474 break; 1475 case SECURITY_FS_USE_MNTPOINT: 1476 sid = sbsec->mntpoint_sid; 1477 break; 1478 default: 1479 /* Default to the fs superblock SID. */ 1480 sid = sbsec->sid; 1481 |
| 1531 if ((sbsec->flags & SE_SBGENFS) && !S_ISLNK(inode->i_mode)) { | 1482 if ((sbsec->flags & SE_SBGENFS) && 1483 (!S_ISLNK(inode->i_mode) || 1484 selinux_policycap_genfs_seclabel_symlinks())) { |
| 1532 /* We must have a dentry to determine the label on 1533 * procfs inodes */ 1534 if (opt_dentry) { 1535 /* Called from d_instantiate or 1536 * d_splice_alias. */ 1537 dentry = dget(opt_dentry); 1538 } else { 1539 /* Called from selinux_complete_init, try to --- 288 unchanged lines hidden (view full) --- 1828 1829 rc = avc_has_perm(&selinux_state, 1830 sid, dsec->sid, SECCLASS_DIR, 1831 DIR__ADD_NAME | DIR__SEARCH, 1832 &ad); 1833 if (rc) 1834 return rc; 1835 | 1485 /* We must have a dentry to determine the label on 1486 * procfs inodes */ 1487 if (opt_dentry) { 1488 /* Called from d_instantiate or 1489 * d_splice_alias. */ 1490 dentry = dget(opt_dentry); 1491 } else { 1492 /* Called from selinux_complete_init, try to --- 288 unchanged lines hidden (view full) --- 1781 1782 rc = avc_has_perm(&selinux_state, 1783 sid, dsec->sid, SECCLASS_DIR, 1784 DIR__ADD_NAME | DIR__SEARCH, 1785 &ad); 1786 if (rc) 1787 return rc; 1788 |
| 1836 rc = selinux_determine_inode_label(selinux_cred(current_cred()), dir, 1837 &dentry->d_name, tclass, &newsid); | 1789 rc = selinux_determine_inode_label(tsec, dir, &dentry->d_name, tclass, 1790 &newsid); |
| 1838 if (rc) 1839 return rc; 1840 1841 rc = avc_has_perm(&selinux_state, 1842 sid, newsid, tclass, FILE__CREATE, &ad); 1843 if (rc) 1844 return rc; 1845 --- 341 unchanged lines hidden (view full) --- 2187 return 0; 2188 2189 switch (cmds) { 2190 case Q_SYNC: 2191 case Q_QUOTAON: 2192 case Q_QUOTAOFF: 2193 case Q_SETINFO: 2194 case Q_SETQUOTA: | 1791 if (rc) 1792 return rc; 1793 1794 rc = avc_has_perm(&selinux_state, 1795 sid, newsid, tclass, FILE__CREATE, &ad); 1796 if (rc) 1797 return rc; 1798 --- 341 unchanged lines hidden (view full) --- 2140 return 0; 2141 2142 switch (cmds) { 2143 case Q_SYNC: 2144 case Q_QUOTAON: 2145 case Q_QUOTAOFF: 2146 case Q_SETINFO: 2147 case Q_SETQUOTA: |
| 2148 case Q_XQUOTAOFF: 2149 case Q_XQUOTAON: 2150 case Q_XSETQLIM: |
|
| 2195 rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL); 2196 break; 2197 case Q_GETFMT: 2198 case Q_GETINFO: 2199 case Q_GETQUOTA: | 2151 rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL); 2152 break; 2153 case Q_GETFMT: 2154 case Q_GETINFO: 2155 case Q_GETQUOTA: |
| 2156 case Q_XGETQUOTA: 2157 case Q_XGETQSTAT: 2158 case Q_XGETQSTATV: 2159 case Q_XGETNEXTQUOTA: |
|
| 2200 rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL); 2201 break; 2202 default: 2203 rc = 0; /* let the kernel handle invalid cmds */ 2204 break; 2205 } 2206 return rc; 2207} --- 379 unchanged lines hidden (view full) --- 2587 __wake_up_parent(current, current->real_parent); 2588 read_unlock(&tasklist_lock); 2589} 2590 2591/* superblock security operations */ 2592 2593static int selinux_sb_alloc_security(struct super_block *sb) 2594{ | 2160 rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL); 2161 break; 2162 default: 2163 rc = 0; /* let the kernel handle invalid cmds */ 2164 break; 2165 } 2166 return rc; 2167} --- 379 unchanged lines hidden (view full) --- 2547 __wake_up_parent(current, current->real_parent); 2548 read_unlock(&tasklist_lock); 2549} 2550 2551/* superblock security operations */ 2552 2553static int selinux_sb_alloc_security(struct super_block *sb) 2554{ |
| 2595 return superblock_alloc_security(sb); | 2555 struct superblock_security_struct *sbsec; 2556 2557 sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); 2558 if (!sbsec) 2559 return -ENOMEM; 2560 2561 mutex_init(&sbsec->lock); 2562 INIT_LIST_HEAD(&sbsec->isec_head); 2563 spin_lock_init(&sbsec->isec_lock); 2564 sbsec->sb = sb; 2565 sbsec->sid = SECINITSID_UNLABELED; 2566 sbsec->def_sid = SECINITSID_FILE; 2567 sbsec->mntpoint_sid = SECINITSID_UNLABELED; 2568 sb->s_security = sbsec; 2569 2570 return 0; |
| 2596} 2597 2598static void selinux_sb_free_security(struct super_block *sb) 2599{ 2600 superblock_free_security(sb); 2601} 2602 2603static inline int opt_len(const char *s) --- 153 unchanged lines hidden (view full) --- 2757 2758 if (flags & MS_REMOUNT) 2759 return superblock_has_perm(cred, path->dentry->d_sb, 2760 FILESYSTEM__REMOUNT, NULL); 2761 else 2762 return path_has_perm(cred, path, FILE__MOUNTON); 2763} 2764 | 2571} 2572 2573static void selinux_sb_free_security(struct super_block *sb) 2574{ 2575 superblock_free_security(sb); 2576} 2577 2578static inline int opt_len(const char *s) --- 153 unchanged lines hidden (view full) --- 2732 2733 if (flags & MS_REMOUNT) 2734 return superblock_has_perm(cred, path->dentry->d_sb, 2735 FILESYSTEM__REMOUNT, NULL); 2736 else 2737 return path_has_perm(cred, path, FILE__MOUNTON); 2738} 2739 |
| 2740static int selinux_move_mount(const struct path *from_path, 2741 const struct path *to_path) 2742{ 2743 const struct cred *cred = current_cred(); 2744 2745 return path_has_perm(cred, to_path, FILE__MOUNTON); 2746} 2747 |
|
| 2765static int selinux_umount(struct vfsmount *mnt, int flags) 2766{ 2767 const struct cred *cred = current_cred(); 2768 2769 return superblock_has_perm(cred, mnt->mnt_sb, 2770 FILESYSTEM__UNMOUNT, NULL); 2771} 2772 --- 30 unchanged lines hidden (view full) --- 2803 if (src->defcontext) { 2804 opts->defcontext = kstrdup(src->defcontext, GFP_KERNEL); 2805 if (!opts->defcontext) 2806 return -ENOMEM; 2807 } 2808 return 0; 2809} 2810 | 2748static int selinux_umount(struct vfsmount *mnt, int flags) 2749{ 2750 const struct cred *cred = current_cred(); 2751 2752 return superblock_has_perm(cred, mnt->mnt_sb, 2753 FILESYSTEM__UNMOUNT, NULL); 2754} 2755 --- 30 unchanged lines hidden (view full) --- 2786 if (src->defcontext) { 2787 opts->defcontext = kstrdup(src->defcontext, GFP_KERNEL); 2788 if (!opts->defcontext) 2789 return -ENOMEM; 2790 } 2791 return 0; 2792} 2793 |
| 2811static const struct fs_parameter_spec selinux_param_specs[] = { | 2794static const struct fs_parameter_spec selinux_fs_parameters[] = { |
| 2812 fsparam_string(CONTEXT_STR, Opt_context), 2813 fsparam_string(DEFCONTEXT_STR, Opt_defcontext), 2814 fsparam_string(FSCONTEXT_STR, Opt_fscontext), 2815 fsparam_string(ROOTCONTEXT_STR, Opt_rootcontext), 2816 fsparam_flag (SECLABEL_STR, Opt_seclabel), 2817 {} 2818}; 2819 | 2795 fsparam_string(CONTEXT_STR, Opt_context), 2796 fsparam_string(DEFCONTEXT_STR, Opt_defcontext), 2797 fsparam_string(FSCONTEXT_STR, Opt_fscontext), 2798 fsparam_string(ROOTCONTEXT_STR, Opt_rootcontext), 2799 fsparam_flag (SECLABEL_STR, Opt_seclabel), 2800 {} 2801}; 2802 |
| 2820static const struct fs_parameter_description selinux_fs_parameters = { 2821 .name = "SELinux", 2822 .specs = selinux_param_specs, 2823}; 2824 | |
| 2825static int selinux_fs_context_parse_param(struct fs_context *fc, 2826 struct fs_parameter *param) 2827{ 2828 struct fs_parse_result result; 2829 int opt, rc; 2830 | 2803static int selinux_fs_context_parse_param(struct fs_context *fc, 2804 struct fs_parameter *param) 2805{ 2806 struct fs_parse_result result; 2807 int opt, rc; 2808 |
| 2831 opt = fs_parse(fc, &selinux_fs_parameters, param, &result); | 2809 opt = fs_parse(fc, selinux_fs_parameters, param, &result); |
| 2832 if (opt < 0) 2833 return opt; 2834 2835 rc = selinux_add_opt(opt, param->string, &fc->security); 2836 if (!rc) { 2837 param->string = NULL; 2838 rc = 1; 2839 } 2840 return rc; 2841} 2842 2843/* inode security operations */ 2844 2845static int selinux_inode_alloc_security(struct inode *inode) 2846{ | 2810 if (opt < 0) 2811 return opt; 2812 2813 rc = selinux_add_opt(opt, param->string, &fc->security); 2814 if (!rc) { 2815 param->string = NULL; 2816 rc = 1; 2817 } 2818 return rc; 2819} 2820 2821/* inode security operations */ 2822 2823static int selinux_inode_alloc_security(struct inode *inode) 2824{ |
| 2847 return inode_alloc_security(inode); | 2825 struct inode_security_struct *isec = selinux_inode(inode); 2826 u32 sid = current_sid(); 2827 2828 spin_lock_init(&isec->lock); 2829 INIT_LIST_HEAD(&isec->list); 2830 isec->inode = inode; 2831 isec->sid = SECINITSID_UNLABELED; 2832 isec->sclass = SECCLASS_FILE; 2833 isec->task_sid = sid; 2834 isec->initialized = LABEL_INVALID; 2835 2836 return 0; |
| 2848} 2849 2850static void selinux_inode_free_security(struct inode *inode) 2851{ 2852 inode_free_security(inode); 2853} 2854 2855static int selinux_dentry_init_security(struct dentry *dentry, int mode, --- 45 unchanged lines hidden (view full) --- 2901 u32 newsid, clen; 2902 int rc; 2903 char *context; 2904 2905 sbsec = dir->i_sb->s_security; 2906 2907 newsid = tsec->create_sid; 2908 | 2837} 2838 2839static void selinux_inode_free_security(struct inode *inode) 2840{ 2841 inode_free_security(inode); 2842} 2843 2844static int selinux_dentry_init_security(struct dentry *dentry, int mode, --- 45 unchanged lines hidden (view full) --- 2890 u32 newsid, clen; 2891 int rc; 2892 char *context; 2893 2894 sbsec = dir->i_sb->s_security; 2895 2896 newsid = tsec->create_sid; 2897 |
| 2909 rc = selinux_determine_inode_label(selinux_cred(current_cred()), 2910 dir, qstr, | 2898 rc = selinux_determine_inode_label(tsec, dir, qstr, |
| 2911 inode_mode_to_security_class(inode->i_mode), 2912 &newsid); 2913 if (rc) 2914 return rc; 2915 2916 /* Possibly defer initialization to selinux_complete_init. */ 2917 if (sbsec->flags & SE_SBINITIALIZED) { 2918 struct inode_security_struct *isec = selinux_inode(inode); 2919 isec->sclass = inode_mode_to_security_class(inode->i_mode); 2920 isec->sid = newsid; 2921 isec->initialized = LABEL_INITIALIZED; 2922 } 2923 | 2899 inode_mode_to_security_class(inode->i_mode), 2900 &newsid); 2901 if (rc) 2902 return rc; 2903 2904 /* Possibly defer initialization to selinux_complete_init. */ 2905 if (sbsec->flags & SE_SBINITIALIZED) { 2906 struct inode_security_struct *isec = selinux_inode(inode); 2907 isec->sclass = inode_mode_to_security_class(inode->i_mode); 2908 isec->sid = newsid; 2909 isec->initialized = LABEL_INITIALIZED; 2910 } 2911 |
| 2924 if (!selinux_state.initialized || !(sbsec->flags & SBLABEL_MNT)) | 2912 if (!selinux_initialized(&selinux_state) || 2913 !(sbsec->flags & SBLABEL_MNT)) |
| 2925 return -EOPNOTSUPP; 2926 2927 if (name) 2928 *name = XATTR_SELINUX_SUFFIX; 2929 2930 if (value && len) { 2931 rc = security_sid_to_context_force(&selinux_state, newsid, 2932 &context, &clen); --- 66 unchanged lines hidden (view full) --- 2999 3000 ad.type = LSM_AUDIT_DATA_DENTRY; 3001 ad.u.dentry = dentry; 3002 sid = cred_sid(cred); 3003 isec = inode_security_rcu(inode, rcu); 3004 if (IS_ERR(isec)) 3005 return PTR_ERR(isec); 3006 | 2914 return -EOPNOTSUPP; 2915 2916 if (name) 2917 *name = XATTR_SELINUX_SUFFIX; 2918 2919 if (value && len) { 2920 rc = security_sid_to_context_force(&selinux_state, newsid, 2921 &context, &clen); --- 66 unchanged lines hidden (view full) --- 2988 2989 ad.type = LSM_AUDIT_DATA_DENTRY; 2990 ad.u.dentry = dentry; 2991 sid = cred_sid(cred); 2992 isec = inode_security_rcu(inode, rcu); 2993 if (IS_ERR(isec)) 2994 return PTR_ERR(isec); 2995 |
| 3007 return avc_has_perm(&selinux_state, 3008 sid, isec->sid, isec->sclass, FILE__READ, &ad); | 2996 return avc_has_perm_flags(&selinux_state, 2997 sid, isec->sid, isec->sclass, FILE__READ, &ad, 2998 rcu ? MAY_NOT_BLOCK : 0); |
| 3009} 3010 3011static noinline int audit_inode_permission(struct inode *inode, 3012 u32 perms, u32 audited, u32 denied, | 2999} 3000 3001static noinline int audit_inode_permission(struct inode *inode, 3002 u32 perms, u32 audited, u32 denied, |
| 3013 int result, 3014 unsigned flags) | 3003 int result) |
| 3015{ 3016 struct common_audit_data ad; 3017 struct inode_security_struct *isec = selinux_inode(inode); 3018 int rc; 3019 3020 ad.type = LSM_AUDIT_DATA_INODE; 3021 ad.u.inode = inode; 3022 3023 rc = slow_avc_audit(&selinux_state, 3024 current_sid(), isec->sid, isec->sclass, perms, | 3004{ 3005 struct common_audit_data ad; 3006 struct inode_security_struct *isec = selinux_inode(inode); 3007 int rc; 3008 3009 ad.type = LSM_AUDIT_DATA_INODE; 3010 ad.u.inode = inode; 3011 3012 rc = slow_avc_audit(&selinux_state, 3013 current_sid(), isec->sid, isec->sclass, perms, |
| 3025 audited, denied, result, &ad, flags); | 3014 audited, denied, result, &ad); |
| 3026 if (rc) 3027 return rc; 3028 return 0; 3029} 3030 3031static int selinux_inode_permission(struct inode *inode, int mask) 3032{ 3033 const struct cred *cred = current_cred(); 3034 u32 perms; 3035 bool from_access; | 3015 if (rc) 3016 return rc; 3017 return 0; 3018} 3019 3020static int selinux_inode_permission(struct inode *inode, int mask) 3021{ 3022 const struct cred *cred = current_cred(); 3023 u32 perms; 3024 bool from_access; |
| 3036 unsigned flags = mask & MAY_NOT_BLOCK; | 3025 bool no_block = mask & MAY_NOT_BLOCK; |
| 3037 struct inode_security_struct *isec; 3038 u32 sid; 3039 struct av_decision avd; 3040 int rc, rc2; 3041 u32 audited, denied; 3042 3043 from_access = mask & MAY_ACCESS; 3044 mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); --- 5 unchanged lines hidden (view full) --- 3050 validate_creds(cred); 3051 3052 if (unlikely(IS_PRIVATE(inode))) 3053 return 0; 3054 3055 perms = file_mask_to_av(inode->i_mode, mask); 3056 3057 sid = cred_sid(cred); | 3026 struct inode_security_struct *isec; 3027 u32 sid; 3028 struct av_decision avd; 3029 int rc, rc2; 3030 u32 audited, denied; 3031 3032 from_access = mask & MAY_ACCESS; 3033 mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); --- 5 unchanged lines hidden (view full) --- 3039 validate_creds(cred); 3040 3041 if (unlikely(IS_PRIVATE(inode))) 3042 return 0; 3043 3044 perms = file_mask_to_av(inode->i_mode, mask); 3045 3046 sid = cred_sid(cred); |
| 3058 isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK); | 3047 isec = inode_security_rcu(inode, no_block); |
| 3059 if (IS_ERR(isec)) 3060 return PTR_ERR(isec); 3061 3062 rc = avc_has_perm_noaudit(&selinux_state, 3063 sid, isec->sid, isec->sclass, perms, | 3048 if (IS_ERR(isec)) 3049 return PTR_ERR(isec); 3050 3051 rc = avc_has_perm_noaudit(&selinux_state, 3052 sid, isec->sid, isec->sclass, perms, |
| 3064 (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0, | 3053 no_block ? AVC_NONBLOCKING : 0, |
| 3065 &avd); 3066 audited = avc_audit_required(perms, &avd, rc, 3067 from_access ? FILE__AUDIT_ACCESS : 0, 3068 &denied); 3069 if (likely(!audited)) 3070 return rc; 3071 | 3054 &avd); 3055 audited = avc_audit_required(perms, &avd, rc, 3056 from_access ? FILE__AUDIT_ACCESS : 0, 3057 &denied); 3058 if (likely(!audited)) 3059 return rc; 3060 |
| 3072 rc2 = audit_inode_permission(inode, perms, audited, denied, rc, flags); | 3061 /* fall back to ref-walk if we have to generate audit */ 3062 if (no_block) 3063 return -ECHILD; 3064 3065 rc2 = audit_inode_permission(inode, perms, audited, denied, rc); |
| 3073 if (rc2) 3074 return rc2; 3075 return rc; 3076} 3077 3078static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) 3079{ 3080 const struct cred *cred = current_cred(); --- 54 unchanged lines hidden (view full) --- 3135 if (rc) 3136 return rc; 3137 3138 /* Not an attribute we recognize, so just check the 3139 ordinary setattr permission. */ 3140 return dentry_has_perm(current_cred(), dentry, FILE__SETATTR); 3141 } 3142 | 3066 if (rc2) 3067 return rc2; 3068 return rc; 3069} 3070 3071static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) 3072{ 3073 const struct cred *cred = current_cred(); --- 54 unchanged lines hidden (view full) --- 3128 if (rc) 3129 return rc; 3130 3131 /* Not an attribute we recognize, so just check the 3132 ordinary setattr permission. */ 3133 return dentry_has_perm(current_cred(), dentry, FILE__SETATTR); 3134 } 3135 |
| 3143 if (!selinux_state.initialized) | 3136 if (!selinux_initialized(&selinux_state)) |
| 3144 return (inode_owner_or_capable(inode) ? 0 : -EPERM); 3145 3146 sbsec = inode->i_sb->s_security; 3147 if (!(sbsec->flags & SBLABEL_MNT)) 3148 return -EOPNOTSUPP; 3149 3150 if (!inode_owner_or_capable(inode)) 3151 return -EPERM; --- 69 unchanged lines hidden (view full) --- 3221 u32 newsid; 3222 int rc; 3223 3224 if (strcmp(name, XATTR_NAME_SELINUX)) { 3225 /* Not an attribute we recognize, so nothing to do. */ 3226 return; 3227 } 3228 | 3137 return (inode_owner_or_capable(inode) ? 0 : -EPERM); 3138 3139 sbsec = inode->i_sb->s_security; 3140 if (!(sbsec->flags & SBLABEL_MNT)) 3141 return -EOPNOTSUPP; 3142 3143 if (!inode_owner_or_capable(inode)) 3144 return -EPERM; --- 69 unchanged lines hidden (view full) --- 3214 u32 newsid; 3215 int rc; 3216 3217 if (strcmp(name, XATTR_NAME_SELINUX)) { 3218 /* Not an attribute we recognize, so nothing to do. */ 3219 return; 3220 } 3221 |
| 3229 if (!selinux_state.initialized) { | 3222 if (!selinux_initialized(&selinux_state)) { |
| 3230 /* If we haven't even been initialized, then we can't validate 3231 * against a policy, so leave the label as invalid. It may 3232 * resolve to a valid label on the next revalidation try if 3233 * we've since initialized. 3234 */ 3235 return; 3236 } 3237 --- 307 unchanged lines hidden (view full) --- 3545 /* No change since file_open check. */ 3546 return 0; 3547 3548 return selinux_revalidate_file_permission(file, mask); 3549} 3550 3551static int selinux_file_alloc_security(struct file *file) 3552{ | 3223 /* If we haven't even been initialized, then we can't validate 3224 * against a policy, so leave the label as invalid. It may 3225 * resolve to a valid label on the next revalidation try if 3226 * we've since initialized. 3227 */ 3228 return; 3229 } 3230 --- 307 unchanged lines hidden (view full) --- 3538 /* No change since file_open check. */ 3539 return 0; 3540 3541 return selinux_revalidate_file_permission(file, mask); 3542} 3543 3544static int selinux_file_alloc_security(struct file *file) 3545{ |
| 3553 return file_alloc_security(file); | 3546 struct file_security_struct *fsec = selinux_file(file); 3547 u32 sid = current_sid(); 3548 3549 fsec->sid = sid; 3550 fsec->fown_sid = sid; 3551 3552 return 0; |
| 3554} 3555 3556/* 3557 * Check whether a task has the ioctl permission and cmd 3558 * operation to an inode. 3559 */ 3560static int ioctl_has_perm(const struct cred *cred, struct file *file, 3561 u32 requested, u16 cmd) --- 76 unchanged lines hidden (view full) --- 3638 * to the file's ioctl() function. 3639 */ 3640 default: 3641 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); 3642 } 3643 return error; 3644} 3645 | 3553} 3554 3555/* 3556 * Check whether a task has the ioctl permission and cmd 3557 * operation to an inode. 3558 */ 3559static int ioctl_has_perm(const struct cred *cred, struct file *file, 3560 u32 requested, u16 cmd) --- 76 unchanged lines hidden (view full) --- 3637 * to the file's ioctl() function. 3638 */ 3639 default: 3640 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); 3641 } 3642 return error; 3643} 3644 |
| 3646static int default_noexec; | 3645static int default_noexec __ro_after_init; |
| 3647 3648static int file_map_prot_check(struct file *file, unsigned long prot, int shared) 3649{ 3650 const struct cred *cred = current_cred(); 3651 u32 sid = cred_sid(cred); 3652 int rc = 0; 3653 3654 if (default_noexec && --- 1855 unchanged lines hidden (view full) --- 5510 TUN_SOCKET__RELABELTO, NULL); 5511 if (err) 5512 return err; 5513 tunsec->sid = sid; 5514 5515 return 0; 5516} 5517 | 3646 3647static int file_map_prot_check(struct file *file, unsigned long prot, int shared) 3648{ 3649 const struct cred *cred = current_cred(); 3650 u32 sid = cred_sid(cred); 3651 int rc = 0; 3652 3653 if (default_noexec && --- 1855 unchanged lines hidden (view full) --- 5509 TUN_SOCKET__RELABELTO, NULL); 5510 if (err) 5511 return err; 5512 tunsec->sid = sid; 5513 5514 return 0; 5515} 5516 |
| 5518static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) 5519{ 5520 int err = 0; 5521 u32 perm; 5522 struct nlmsghdr *nlh; 5523 struct sk_security_struct *sksec = sk->sk_security; 5524 5525 if (skb->len < NLMSG_HDRLEN) { 5526 err = -EINVAL; 5527 goto out; 5528 } 5529 nlh = nlmsg_hdr(skb); 5530 5531 err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, &perm); 5532 if (err) { 5533 if (err == -EINVAL) { 5534 pr_warn_ratelimited("SELinux: unrecognized netlink" 5535 " message: protocol=%hu nlmsg_type=%hu sclass=%s" 5536 " pig=%d comm=%s\n", 5537 sk->sk_protocol, nlh->nlmsg_type, 5538 secclass_map[sksec->sclass - 1].name, 5539 task_pid_nr(current), current->comm); 5540 if (!enforcing_enabled(&selinux_state) || 5541 security_get_allow_unknown(&selinux_state)) 5542 err = 0; 5543 } 5544 5545 /* Ignore */ 5546 if (err == -ENOENT) 5547 err = 0; 5548 goto out; 5549 } 5550 5551 err = sock_has_perm(sk, perm); 5552out: 5553 return err; 5554} 5555 | |
| 5556#ifdef CONFIG_NETFILTER 5557 5558static unsigned int selinux_ip_forward(struct sk_buff *skb, 5559 const struct net_device *indev, 5560 u16 family) 5561{ 5562 int err; 5563 char *addrp; --- 312 unchanged lines hidden (view full) --- 5876 return selinux_ip_postroute(skb, state->out, PF_INET6); 5877} 5878#endif /* IPV6 */ 5879 5880#endif /* CONFIG_NETFILTER */ 5881 5882static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) 5883{ | 5517#ifdef CONFIG_NETFILTER 5518 5519static unsigned int selinux_ip_forward(struct sk_buff *skb, 5520 const struct net_device *indev, 5521 u16 family) 5522{ 5523 int err; 5524 char *addrp; --- 312 unchanged lines hidden (view full) --- 5837 return selinux_ip_postroute(skb, state->out, PF_INET6); 5838} 5839#endif /* IPV6 */ 5840 5841#endif /* CONFIG_NETFILTER */ 5842 5843static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) 5844{ |
| 5884 return selinux_nlmsg_perm(sk, skb); | 5845 int err = 0; 5846 u32 perm; 5847 struct nlmsghdr *nlh; 5848 struct sk_security_struct *sksec = sk->sk_security; 5849 5850 if (skb->len < NLMSG_HDRLEN) { 5851 err = -EINVAL; 5852 goto out; 5853 } 5854 nlh = nlmsg_hdr(skb); 5855 5856 err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, &perm); 5857 if (err) { 5858 if (err == -EINVAL) { 5859 pr_warn_ratelimited("SELinux: unrecognized netlink" 5860 " message: protocol=%hu nlmsg_type=%hu sclass=%s" 5861 " pid=%d comm=%s\n", 5862 sk->sk_protocol, nlh->nlmsg_type, 5863 secclass_map[sksec->sclass - 1].name, 5864 task_pid_nr(current), current->comm); 5865 if (!enforcing_enabled(&selinux_state) || 5866 security_get_allow_unknown(&selinux_state)) 5867 err = 0; 5868 } 5869 5870 /* Ignore */ 5871 if (err == -ENOENT) 5872 err = 0; 5873 goto out; 5874 } 5875 5876 err = sock_has_perm(sk, perm); 5877out: 5878 return err; |
| 5885} 5886 5887static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass) 5888{ 5889 isec->sclass = sclass; 5890 isec->sid = current_sid(); 5891} 5892 | 5879} 5880 5881static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass) 5882{ 5883 isec->sclass = sclass; 5884 isec->sid = current_sid(); 5885} 5886 |
| 5893static int msg_msg_alloc_security(struct msg_msg *msg) 5894{ 5895 struct msg_security_struct *msec; 5896 5897 msec = selinux_msg_msg(msg); 5898 msec->sid = SECINITSID_UNLABELED; 5899 5900 return 0; 5901} 5902 | |
| 5903static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, 5904 u32 perms) 5905{ 5906 struct ipc_security_struct *isec; 5907 struct common_audit_data ad; 5908 u32 sid = current_sid(); 5909 5910 isec = selinux_ipc(ipc_perms); 5911 5912 ad.type = LSM_AUDIT_DATA_IPC; 5913 ad.u.ipc_id = ipc_perms->key; 5914 5915 return avc_has_perm(&selinux_state, 5916 sid, isec->sid, isec->sclass, perms, &ad); 5917} 5918 5919static int selinux_msg_msg_alloc_security(struct msg_msg *msg) 5920{ | 5887static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, 5888 u32 perms) 5889{ 5890 struct ipc_security_struct *isec; 5891 struct common_audit_data ad; 5892 u32 sid = current_sid(); 5893 5894 isec = selinux_ipc(ipc_perms); 5895 5896 ad.type = LSM_AUDIT_DATA_IPC; 5897 ad.u.ipc_id = ipc_perms->key; 5898 5899 return avc_has_perm(&selinux_state, 5900 sid, isec->sid, isec->sclass, perms, &ad); 5901} 5902 5903static int selinux_msg_msg_alloc_security(struct msg_msg *msg) 5904{ |
| 5921 return msg_msg_alloc_security(msg); | 5905 struct msg_security_struct *msec; 5906 5907 msec = selinux_msg_msg(msg); 5908 msec->sid = SECINITSID_UNLABELED; 5909 5910 return 0; |
| 5922} 5923 5924/* message queue security operations */ 5925static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq) 5926{ 5927 struct ipc_security_struct *isec; 5928 struct common_audit_data ad; 5929 u32 sid = current_sid(); --- 860 unchanged lines hidden (view full) --- 6790{ 6791 struct bpf_security_struct *bpfsec = aux->security; 6792 6793 aux->security = NULL; 6794 kfree(bpfsec); 6795} 6796#endif 6797 | 5911} 5912 5913/* message queue security operations */ 5914static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq) 5915{ 5916 struct ipc_security_struct *isec; 5917 struct common_audit_data ad; 5918 u32 sid = current_sid(); --- 860 unchanged lines hidden (view full) --- 6779{ 6780 struct bpf_security_struct *bpfsec = aux->security; 6781 6782 aux->security = NULL; 6783 kfree(bpfsec); 6784} 6785#endif 6786 |
| 6787static int selinux_lockdown(enum lockdown_reason what) 6788{ 6789 struct common_audit_data ad; 6790 u32 sid = current_sid(); 6791 int invalid_reason = (what <= LOCKDOWN_NONE) || 6792 (what == LOCKDOWN_INTEGRITY_MAX) || 6793 (what >= LOCKDOWN_CONFIDENTIALITY_MAX); 6794 6795 if (WARN(invalid_reason, "Invalid lockdown reason")) { 6796 audit_log(audit_context(), 6797 GFP_ATOMIC, AUDIT_SELINUX_ERR, 6798 "lockdown_reason=invalid"); 6799 return -EINVAL; 6800 } 6801 6802 ad.type = LSM_AUDIT_DATA_LOCKDOWN; 6803 ad.u.reason = what; 6804 6805 if (what <= LOCKDOWN_INTEGRITY_MAX) 6806 return avc_has_perm(&selinux_state, 6807 sid, sid, SECCLASS_LOCKDOWN, 6808 LOCKDOWN__INTEGRITY, &ad); 6809 else 6810 return avc_has_perm(&selinux_state, 6811 sid, sid, SECCLASS_LOCKDOWN, 6812 LOCKDOWN__CONFIDENTIALITY, &ad); 6813} 6814 |
|
| 6798struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { 6799 .lbs_cred = sizeof(struct task_security_struct), 6800 .lbs_file = sizeof(struct file_security_struct), 6801 .lbs_inode = sizeof(struct inode_security_struct), 6802 .lbs_ipc = sizeof(struct ipc_security_struct), 6803 .lbs_msg_msg = sizeof(struct msg_security_struct), 6804}; 6805 --- 53 unchanged lines hidden (view full) --- 6859 struct perf_event_security_struct *perfsec = event->security; 6860 u32 sid = current_sid(); 6861 6862 return avc_has_perm(&selinux_state, sid, perfsec->sid, 6863 SECCLASS_PERF_EVENT, PERF_EVENT__WRITE, NULL); 6864} 6865#endif 6866 | 6815struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { 6816 .lbs_cred = sizeof(struct task_security_struct), 6817 .lbs_file = sizeof(struct file_security_struct), 6818 .lbs_inode = sizeof(struct inode_security_struct), 6819 .lbs_ipc = sizeof(struct ipc_security_struct), 6820 .lbs_msg_msg = sizeof(struct msg_security_struct), 6821}; 6822 --- 53 unchanged lines hidden (view full) --- 6876 struct perf_event_security_struct *perfsec = event->security; 6877 u32 sid = current_sid(); 6878 6879 return avc_has_perm(&selinux_state, sid, perfsec->sid, 6880 SECCLASS_PERF_EVENT, PERF_EVENT__WRITE, NULL); 6881} 6882#endif 6883 |
| 6884/* 6885 * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: 6886 * 1. any hooks that don't belong to (2.) or (3.) below, 6887 * 2. hooks that both access structures allocated by other hooks, and allocate 6888 * structures that can be later accessed by other hooks (mostly "cloning" 6889 * hooks), 6890 * 3. hooks that only allocate structures that can be later accessed by other 6891 * hooks ("allocating" hooks). 6892 * 6893 * Please follow block comment delimiters in the list to keep this order. 6894 * 6895 * This ordering is needed for SELinux runtime disable to work at least somewhat 6896 * safely. Breaking the ordering rules above might lead to NULL pointer derefs 6897 * when disabling SELinux at runtime. 6898 */ |
|
| 6867static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6868 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6869 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6870 LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), 6871 LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), 6872 6873 LSM_HOOK_INIT(ptrace_access_check, selinux_ptrace_access_check), 6874 LSM_HOOK_INIT(ptrace_traceme, selinux_ptrace_traceme), --- 6 unchanged lines hidden (view full) --- 6881 LSM_HOOK_INIT(vm_enough_memory, selinux_vm_enough_memory), 6882 6883 LSM_HOOK_INIT(netlink_send, selinux_netlink_send), 6884 6885 LSM_HOOK_INIT(bprm_set_creds, selinux_bprm_set_creds), 6886 LSM_HOOK_INIT(bprm_committing_creds, selinux_bprm_committing_creds), 6887 LSM_HOOK_INIT(bprm_committed_creds, selinux_bprm_committed_creds), 6888 | 6899static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6900 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6901 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6902 LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), 6903 LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), 6904 6905 LSM_HOOK_INIT(ptrace_access_check, selinux_ptrace_access_check), 6906 LSM_HOOK_INIT(ptrace_traceme, selinux_ptrace_traceme), --- 6 unchanged lines hidden (view full) --- 6913 LSM_HOOK_INIT(vm_enough_memory, selinux_vm_enough_memory), 6914 6915 LSM_HOOK_INIT(netlink_send, selinux_netlink_send), 6916 6917 LSM_HOOK_INIT(bprm_set_creds, selinux_bprm_set_creds), 6918 LSM_HOOK_INIT(bprm_committing_creds, selinux_bprm_committing_creds), 6919 LSM_HOOK_INIT(bprm_committed_creds, selinux_bprm_committed_creds), 6920 |
| 6889 LSM_HOOK_INIT(fs_context_dup, selinux_fs_context_dup), 6890 LSM_HOOK_INIT(fs_context_parse_param, selinux_fs_context_parse_param), 6891 6892 LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), | |
| 6893 LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), | 6921 LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), |
| 6894 LSM_HOOK_INIT(sb_eat_lsm_opts, selinux_sb_eat_lsm_opts), | |
| 6895 LSM_HOOK_INIT(sb_free_mnt_opts, selinux_free_mnt_opts), 6896 LSM_HOOK_INIT(sb_remount, selinux_sb_remount), 6897 LSM_HOOK_INIT(sb_kern_mount, selinux_sb_kern_mount), 6898 LSM_HOOK_INIT(sb_show_options, selinux_sb_show_options), 6899 LSM_HOOK_INIT(sb_statfs, selinux_sb_statfs), 6900 LSM_HOOK_INIT(sb_mount, selinux_mount), 6901 LSM_HOOK_INIT(sb_umount, selinux_umount), 6902 LSM_HOOK_INIT(sb_set_mnt_opts, selinux_set_mnt_opts), 6903 LSM_HOOK_INIT(sb_clone_mnt_opts, selinux_sb_clone_mnt_opts), | 6922 LSM_HOOK_INIT(sb_free_mnt_opts, selinux_free_mnt_opts), 6923 LSM_HOOK_INIT(sb_remount, selinux_sb_remount), 6924 LSM_HOOK_INIT(sb_kern_mount, selinux_sb_kern_mount), 6925 LSM_HOOK_INIT(sb_show_options, selinux_sb_show_options), 6926 LSM_HOOK_INIT(sb_statfs, selinux_sb_statfs), 6927 LSM_HOOK_INIT(sb_mount, selinux_mount), 6928 LSM_HOOK_INIT(sb_umount, selinux_umount), 6929 LSM_HOOK_INIT(sb_set_mnt_opts, selinux_set_mnt_opts), 6930 LSM_HOOK_INIT(sb_clone_mnt_opts, selinux_sb_clone_mnt_opts), |
| 6904 LSM_HOOK_INIT(sb_add_mnt_opt, selinux_add_mnt_opt), | |
| 6905 | 6931 |
| 6932 LSM_HOOK_INIT(move_mount, selinux_move_mount), 6933 |
|
| 6906 LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security), 6907 LSM_HOOK_INIT(dentry_create_files_as, selinux_dentry_create_files_as), 6908 | 6934 LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security), 6935 LSM_HOOK_INIT(dentry_create_files_as, selinux_dentry_create_files_as), 6936 |
| 6909 LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), | |
| 6910 LSM_HOOK_INIT(inode_free_security, selinux_inode_free_security), 6911 LSM_HOOK_INIT(inode_init_security, selinux_inode_init_security), 6912 LSM_HOOK_INIT(inode_create, selinux_inode_create), 6913 LSM_HOOK_INIT(inode_link, selinux_inode_link), 6914 LSM_HOOK_INIT(inode_unlink, selinux_inode_unlink), 6915 LSM_HOOK_INIT(inode_symlink, selinux_inode_symlink), 6916 LSM_HOOK_INIT(inode_mkdir, selinux_inode_mkdir), 6917 LSM_HOOK_INIT(inode_rmdir, selinux_inode_rmdir), --- 55 unchanged lines hidden (view full) --- 6973 LSM_HOOK_INIT(task_getscheduler, selinux_task_getscheduler), 6974 LSM_HOOK_INIT(task_movememory, selinux_task_movememory), 6975 LSM_HOOK_INIT(task_kill, selinux_task_kill), 6976 LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), 6977 6978 LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), 6979 LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), 6980 | 6937 LSM_HOOK_INIT(inode_free_security, selinux_inode_free_security), 6938 LSM_HOOK_INIT(inode_init_security, selinux_inode_init_security), 6939 LSM_HOOK_INIT(inode_create, selinux_inode_create), 6940 LSM_HOOK_INIT(inode_link, selinux_inode_link), 6941 LSM_HOOK_INIT(inode_unlink, selinux_inode_unlink), 6942 LSM_HOOK_INIT(inode_symlink, selinux_inode_symlink), 6943 LSM_HOOK_INIT(inode_mkdir, selinux_inode_mkdir), 6944 LSM_HOOK_INIT(inode_rmdir, selinux_inode_rmdir), --- 55 unchanged lines hidden (view full) --- 7000 LSM_HOOK_INIT(task_getscheduler, selinux_task_getscheduler), 7001 LSM_HOOK_INIT(task_movememory, selinux_task_movememory), 7002 LSM_HOOK_INIT(task_kill, selinux_task_kill), 7003 LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), 7004 7005 LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), 7006 LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), 7007 |
| 6981 LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), 6982 6983 LSM_HOOK_INIT(msg_queue_alloc_security, 6984 selinux_msg_queue_alloc_security), | |
| 6985 LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), 6986 LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), 6987 LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), 6988 LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), 6989 | 7008 LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), 7009 LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), 7010 LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), 7011 LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), 7012 |
| 6990 LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), | |
| 6991 LSM_HOOK_INIT(shm_associate, selinux_shm_associate), 6992 LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), 6993 LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), 6994 | 7013 LSM_HOOK_INIT(shm_associate, selinux_shm_associate), 7014 LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), 7015 LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), 7016 |
| 6995 LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), | |
| 6996 LSM_HOOK_INIT(sem_associate, selinux_sem_associate), 6997 LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), 6998 LSM_HOOK_INIT(sem_semop, selinux_sem_semop), 6999 7000 LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), 7001 7002 LSM_HOOK_INIT(getprocattr, selinux_getprocattr), 7003 LSM_HOOK_INIT(setprocattr, selinux_setprocattr), 7004 7005 LSM_HOOK_INIT(ismaclabel, selinux_ismaclabel), | 7017 LSM_HOOK_INIT(sem_associate, selinux_sem_associate), 7018 LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), 7019 LSM_HOOK_INIT(sem_semop, selinux_sem_semop), 7020 7021 LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), 7022 7023 LSM_HOOK_INIT(getprocattr, selinux_getprocattr), 7024 LSM_HOOK_INIT(setprocattr, selinux_setprocattr), 7025 7026 LSM_HOOK_INIT(ismaclabel, selinux_ismaclabel), |
| 7006 LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), | |
| 7007 LSM_HOOK_INIT(secctx_to_secid, selinux_secctx_to_secid), 7008 LSM_HOOK_INIT(release_secctx, selinux_release_secctx), 7009 LSM_HOOK_INIT(inode_invalidate_secctx, selinux_inode_invalidate_secctx), 7010 LSM_HOOK_INIT(inode_notifysecctx, selinux_inode_notifysecctx), 7011 LSM_HOOK_INIT(inode_setsecctx, selinux_inode_setsecctx), | 7027 LSM_HOOK_INIT(secctx_to_secid, selinux_secctx_to_secid), 7028 LSM_HOOK_INIT(release_secctx, selinux_release_secctx), 7029 LSM_HOOK_INIT(inode_invalidate_secctx, selinux_inode_invalidate_secctx), 7030 LSM_HOOK_INIT(inode_notifysecctx, selinux_inode_notifysecctx), 7031 LSM_HOOK_INIT(inode_setsecctx, selinux_inode_setsecctx), |
| 7012 LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), | |
| 7013 7014 LSM_HOOK_INIT(unix_stream_connect, selinux_socket_unix_stream_connect), 7015 LSM_HOOK_INIT(unix_may_send, selinux_socket_unix_may_send), 7016 7017 LSM_HOOK_INIT(socket_create, selinux_socket_create), 7018 LSM_HOOK_INIT(socket_post_create, selinux_socket_post_create), 7019 LSM_HOOK_INIT(socket_socketpair, selinux_socket_socketpair), 7020 LSM_HOOK_INIT(socket_bind, selinux_socket_bind), --- 6 unchanged lines hidden (view full) --- 7027 LSM_HOOK_INIT(socket_getpeername, selinux_socket_getpeername), 7028 LSM_HOOK_INIT(socket_getsockopt, selinux_socket_getsockopt), 7029 LSM_HOOK_INIT(socket_setsockopt, selinux_socket_setsockopt), 7030 LSM_HOOK_INIT(socket_shutdown, selinux_socket_shutdown), 7031 LSM_HOOK_INIT(socket_sock_rcv_skb, selinux_socket_sock_rcv_skb), 7032 LSM_HOOK_INIT(socket_getpeersec_stream, 7033 selinux_socket_getpeersec_stream), 7034 LSM_HOOK_INIT(socket_getpeersec_dgram, selinux_socket_getpeersec_dgram), | 7032 7033 LSM_HOOK_INIT(unix_stream_connect, selinux_socket_unix_stream_connect), 7034 LSM_HOOK_INIT(unix_may_send, selinux_socket_unix_may_send), 7035 7036 LSM_HOOK_INIT(socket_create, selinux_socket_create), 7037 LSM_HOOK_INIT(socket_post_create, selinux_socket_post_create), 7038 LSM_HOOK_INIT(socket_socketpair, selinux_socket_socketpair), 7039 LSM_HOOK_INIT(socket_bind, selinux_socket_bind), --- 6 unchanged lines hidden (view full) --- 7046 LSM_HOOK_INIT(socket_getpeername, selinux_socket_getpeername), 7047 LSM_HOOK_INIT(socket_getsockopt, selinux_socket_getsockopt), 7048 LSM_HOOK_INIT(socket_setsockopt, selinux_socket_setsockopt), 7049 LSM_HOOK_INIT(socket_shutdown, selinux_socket_shutdown), 7050 LSM_HOOK_INIT(socket_sock_rcv_skb, selinux_socket_sock_rcv_skb), 7051 LSM_HOOK_INIT(socket_getpeersec_stream, 7052 selinux_socket_getpeersec_stream), 7053 LSM_HOOK_INIT(socket_getpeersec_dgram, selinux_socket_getpeersec_dgram), |
| 7035 LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), | |
| 7036 LSM_HOOK_INIT(sk_free_security, selinux_sk_free_security), 7037 LSM_HOOK_INIT(sk_clone_security, selinux_sk_clone_security), 7038 LSM_HOOK_INIT(sk_getsecid, selinux_sk_getsecid), 7039 LSM_HOOK_INIT(sock_graft, selinux_sock_graft), 7040 LSM_HOOK_INIT(sctp_assoc_request, selinux_sctp_assoc_request), 7041 LSM_HOOK_INIT(sctp_sk_clone, selinux_sctp_sk_clone), 7042 LSM_HOOK_INIT(sctp_bind_connect, selinux_sctp_bind_connect), 7043 LSM_HOOK_INIT(inet_conn_request, selinux_inet_conn_request), 7044 LSM_HOOK_INIT(inet_csk_clone, selinux_inet_csk_clone), 7045 LSM_HOOK_INIT(inet_conn_established, selinux_inet_conn_established), 7046 LSM_HOOK_INIT(secmark_relabel_packet, selinux_secmark_relabel_packet), 7047 LSM_HOOK_INIT(secmark_refcount_inc, selinux_secmark_refcount_inc), 7048 LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), 7049 LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), | 7054 LSM_HOOK_INIT(sk_free_security, selinux_sk_free_security), 7055 LSM_HOOK_INIT(sk_clone_security, selinux_sk_clone_security), 7056 LSM_HOOK_INIT(sk_getsecid, selinux_sk_getsecid), 7057 LSM_HOOK_INIT(sock_graft, selinux_sock_graft), 7058 LSM_HOOK_INIT(sctp_assoc_request, selinux_sctp_assoc_request), 7059 LSM_HOOK_INIT(sctp_sk_clone, selinux_sctp_sk_clone), 7060 LSM_HOOK_INIT(sctp_bind_connect, selinux_sctp_bind_connect), 7061 LSM_HOOK_INIT(inet_conn_request, selinux_inet_conn_request), 7062 LSM_HOOK_INIT(inet_csk_clone, selinux_inet_csk_clone), 7063 LSM_HOOK_INIT(inet_conn_established, selinux_inet_conn_established), 7064 LSM_HOOK_INIT(secmark_relabel_packet, selinux_secmark_relabel_packet), 7065 LSM_HOOK_INIT(secmark_refcount_inc, selinux_secmark_refcount_inc), 7066 LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), 7067 LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), |
| 7050 LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), | |
| 7051 LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), 7052 LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), 7053 LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), 7054 LSM_HOOK_INIT(tun_dev_attach, selinux_tun_dev_attach), 7055 LSM_HOOK_INIT(tun_dev_open, selinux_tun_dev_open), 7056#ifdef CONFIG_SECURITY_INFINIBAND 7057 LSM_HOOK_INIT(ib_pkey_access, selinux_ib_pkey_access), 7058 LSM_HOOK_INIT(ib_endport_manage_subnet, 7059 selinux_ib_endport_manage_subnet), | 7068 LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), 7069 LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), 7070 LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), 7071 LSM_HOOK_INIT(tun_dev_attach, selinux_tun_dev_attach), 7072 LSM_HOOK_INIT(tun_dev_open, selinux_tun_dev_open), 7073#ifdef CONFIG_SECURITY_INFINIBAND 7074 LSM_HOOK_INIT(ib_pkey_access, selinux_ib_pkey_access), 7075 LSM_HOOK_INIT(ib_endport_manage_subnet, 7076 selinux_ib_endport_manage_subnet), |
| 7060 LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), | |
| 7061 LSM_HOOK_INIT(ib_free_security, selinux_ib_free_security), 7062#endif 7063#ifdef CONFIG_SECURITY_NETWORK_XFRM | 7077 LSM_HOOK_INIT(ib_free_security, selinux_ib_free_security), 7078#endif 7079#ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 7064 LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), 7065 LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), | |
| 7066 LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), 7067 LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), | 7080 LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), 7081 LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), |
| 7068 LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), 7069 LSM_HOOK_INIT(xfrm_state_alloc_acquire, 7070 selinux_xfrm_state_alloc_acquire), | |
| 7071 LSM_HOOK_INIT(xfrm_state_free_security, selinux_xfrm_state_free), 7072 LSM_HOOK_INIT(xfrm_state_delete_security, selinux_xfrm_state_delete), 7073 LSM_HOOK_INIT(xfrm_policy_lookup, selinux_xfrm_policy_lookup), 7074 LSM_HOOK_INIT(xfrm_state_pol_flow_match, 7075 selinux_xfrm_state_pol_flow_match), 7076 LSM_HOOK_INIT(xfrm_decode_session, selinux_xfrm_decode_session), 7077#endif 7078 7079#ifdef CONFIG_KEYS | 7082 LSM_HOOK_INIT(xfrm_state_free_security, selinux_xfrm_state_free), 7083 LSM_HOOK_INIT(xfrm_state_delete_security, selinux_xfrm_state_delete), 7084 LSM_HOOK_INIT(xfrm_policy_lookup, selinux_xfrm_policy_lookup), 7085 LSM_HOOK_INIT(xfrm_state_pol_flow_match, 7086 selinux_xfrm_state_pol_flow_match), 7087 LSM_HOOK_INIT(xfrm_decode_session, selinux_xfrm_decode_session), 7088#endif 7089 7090#ifdef CONFIG_KEYS |
| 7080 LSM_HOOK_INIT(key_alloc, selinux_key_alloc), | |
| 7081 LSM_HOOK_INIT(key_free, selinux_key_free), 7082 LSM_HOOK_INIT(key_permission, selinux_key_permission), 7083 LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), 7084#endif 7085 7086#ifdef CONFIG_AUDIT | 7091 LSM_HOOK_INIT(key_free, selinux_key_free), 7092 LSM_HOOK_INIT(key_permission, selinux_key_permission), 7093 LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), 7094#endif 7095 7096#ifdef CONFIG_AUDIT |
| 7087 LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), | |
| 7088 LSM_HOOK_INIT(audit_rule_known, selinux_audit_rule_known), 7089 LSM_HOOK_INIT(audit_rule_match, selinux_audit_rule_match), 7090 LSM_HOOK_INIT(audit_rule_free, selinux_audit_rule_free), 7091#endif 7092 7093#ifdef CONFIG_BPF_SYSCALL 7094 LSM_HOOK_INIT(bpf, selinux_bpf), 7095 LSM_HOOK_INIT(bpf_map, selinux_bpf_map), 7096 LSM_HOOK_INIT(bpf_prog, selinux_bpf_prog), | 7097 LSM_HOOK_INIT(audit_rule_known, selinux_audit_rule_known), 7098 LSM_HOOK_INIT(audit_rule_match, selinux_audit_rule_match), 7099 LSM_HOOK_INIT(audit_rule_free, selinux_audit_rule_free), 7100#endif 7101 7102#ifdef CONFIG_BPF_SYSCALL 7103 LSM_HOOK_INIT(bpf, selinux_bpf), 7104 LSM_HOOK_INIT(bpf_map, selinux_bpf_map), 7105 LSM_HOOK_INIT(bpf_prog, selinux_bpf_prog), |
| 7097 LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc), 7098 LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), | |
| 7099 LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free), 7100 LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free), 7101#endif 7102 7103#ifdef CONFIG_PERF_EVENTS 7104 LSM_HOOK_INIT(perf_event_open, selinux_perf_event_open), | 7106 LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free), 7107 LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free), 7108#endif 7109 7110#ifdef CONFIG_PERF_EVENTS 7111 LSM_HOOK_INIT(perf_event_open, selinux_perf_event_open), |
| 7105 LSM_HOOK_INIT(perf_event_alloc, selinux_perf_event_alloc), | |
| 7106 LSM_HOOK_INIT(perf_event_free, selinux_perf_event_free), 7107 LSM_HOOK_INIT(perf_event_read, selinux_perf_event_read), 7108 LSM_HOOK_INIT(perf_event_write, selinux_perf_event_write), 7109#endif | 7112 LSM_HOOK_INIT(perf_event_free, selinux_perf_event_free), 7113 LSM_HOOK_INIT(perf_event_read, selinux_perf_event_read), 7114 LSM_HOOK_INIT(perf_event_write, selinux_perf_event_write), 7115#endif |
| 7116 7117 LSM_HOOK_INIT(locked_down, selinux_lockdown), 7118 7119 /* 7120 * PUT "CLONING" (ACCESSING + ALLOCATING) HOOKS HERE 7121 */ 7122 LSM_HOOK_INIT(fs_context_dup, selinux_fs_context_dup), 7123 LSM_HOOK_INIT(fs_context_parse_param, selinux_fs_context_parse_param), 7124 LSM_HOOK_INIT(sb_eat_lsm_opts, selinux_sb_eat_lsm_opts), 7125 LSM_HOOK_INIT(sb_add_mnt_opt, selinux_add_mnt_opt), 7126#ifdef CONFIG_SECURITY_NETWORK_XFRM 7127 LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), 7128#endif 7129 7130 /* 7131 * PUT "ALLOCATING" HOOKS HERE 7132 */ 7133 LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), 7134 LSM_HOOK_INIT(msg_queue_alloc_security, 7135 selinux_msg_queue_alloc_security), 7136 LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), 7137 LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), 7138 LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), 7139 LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), 7140 LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), 7141 LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), 7142 LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), 7143 LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), 7144#ifdef CONFIG_SECURITY_INFINIBAND 7145 LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), 7146#endif 7147#ifdef CONFIG_SECURITY_NETWORK_XFRM 7148 LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), 7149 LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), 7150 LSM_HOOK_INIT(xfrm_state_alloc_acquire, 7151 selinux_xfrm_state_alloc_acquire), 7152#endif 7153#ifdef CONFIG_KEYS 7154 LSM_HOOK_INIT(key_alloc, selinux_key_alloc), 7155#endif 7156#ifdef CONFIG_AUDIT 7157 LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), 7158#endif 7159#ifdef CONFIG_BPF_SYSCALL 7160 LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc), 7161 LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), 7162#endif 7163#ifdef CONFIG_PERF_EVENTS 7164 LSM_HOOK_INIT(perf_event_alloc, selinux_perf_event_alloc), 7165#endif |
|
| 7110}; 7111 7112static __init int selinux_init(void) 7113{ 7114 pr_info("SELinux: Initializing.\n"); 7115 7116 memset(&selinux_state, 0, sizeof(selinux_state)); 7117 enforcing_set(&selinux_state, selinux_enforcing_boot); 7118 selinux_state.checkreqprot = selinux_checkreqprot_boot; 7119 selinux_ss_init(&selinux_state.ss); 7120 selinux_avc_init(&selinux_state.avc); | 7166}; 7167 7168static __init int selinux_init(void) 7169{ 7170 pr_info("SELinux: Initializing.\n"); 7171 7172 memset(&selinux_state, 0, sizeof(selinux_state)); 7173 enforcing_set(&selinux_state, selinux_enforcing_boot); 7174 selinux_state.checkreqprot = selinux_checkreqprot_boot; 7175 selinux_ss_init(&selinux_state.ss); 7176 selinux_avc_init(&selinux_state.avc); |
| 7177 mutex_init(&selinux_state.status_lock); |
|
| 7121 7122 /* Set the security state for the initial task. */ 7123 cred_init_security(); 7124 7125 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC); 7126 7127 avc_init(); 7128 --- 11 unchanged lines hidden (view full) --- 7140 if (avc_add_callback(selinux_lsm_notifier_avc_callback, AVC_CALLBACK_RESET)) 7141 panic("SELinux: Unable to register AVC LSM notifier callback\n"); 7142 7143 if (selinux_enforcing_boot) 7144 pr_debug("SELinux: Starting in enforcing mode\n"); 7145 else 7146 pr_debug("SELinux: Starting in permissive mode\n"); 7147 | 7178 7179 /* Set the security state for the initial task. */ 7180 cred_init_security(); 7181 7182 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC); 7183 7184 avc_init(); 7185 --- 11 unchanged lines hidden (view full) --- 7197 if (avc_add_callback(selinux_lsm_notifier_avc_callback, AVC_CALLBACK_RESET)) 7198 panic("SELinux: Unable to register AVC LSM notifier callback\n"); 7199 7200 if (selinux_enforcing_boot) 7201 pr_debug("SELinux: Starting in enforcing mode\n"); 7202 else 7203 pr_debug("SELinux: Starting in permissive mode\n"); 7204 |
| 7148 fs_validate_description(&selinux_fs_parameters); | 7205 fs_validate_description("selinux", selinux_fs_parameters); |
| 7149 7150 return 0; 7151} 7152 7153static void delayed_superblock_init(struct super_block *sb, void *unused) 7154{ 7155 selinux_set_mnt_opts(sb, NULL, 0, NULL); 7156} --- 7 unchanged lines hidden (view full) --- 7164 iterate_supers(delayed_superblock_init, NULL); 7165} 7166 7167/* SELinux requires early initialization in order to label 7168 all processes and objects when they are created. */ 7169DEFINE_LSM(selinux) = { 7170 .name = "selinux", 7171 .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, | 7206 7207 return 0; 7208} 7209 7210static void delayed_superblock_init(struct super_block *sb, void *unused) 7211{ 7212 selinux_set_mnt_opts(sb, NULL, 0, NULL); 7213} --- 7 unchanged lines hidden (view full) --- 7221 iterate_supers(delayed_superblock_init, NULL); 7222} 7223 7224/* SELinux requires early initialization in order to label 7225 all processes and objects when they are created. */ 7226DEFINE_LSM(selinux) = { 7227 .name = "selinux", 7228 .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, |
| 7172 .enabled = &selinux_enabled, | 7229 .enabled = &selinux_enabled_boot, |
| 7173 .blobs = &selinux_blob_sizes, 7174 .init = selinux_init, 7175}; 7176 7177#if defined(CONFIG_NETFILTER) 7178 7179static const struct nf_hook_ops selinux_nf_ops[] = { 7180 { --- 52 unchanged lines hidden (view full) --- 7233 .init = selinux_nf_register, 7234 .exit = selinux_nf_unregister, 7235}; 7236 7237static int __init selinux_nf_ip_init(void) 7238{ 7239 int err; 7240 | 7230 .blobs = &selinux_blob_sizes, 7231 .init = selinux_init, 7232}; 7233 7234#if defined(CONFIG_NETFILTER) 7235 7236static const struct nf_hook_ops selinux_nf_ops[] = { 7237 { --- 52 unchanged lines hidden (view full) --- 7290 .init = selinux_nf_register, 7291 .exit = selinux_nf_unregister, 7292}; 7293 7294static int __init selinux_nf_ip_init(void) 7295{ 7296 int err; 7297 |
| 7241 if (!selinux_enabled) | 7298 if (!selinux_enabled_boot) |
| 7242 return 0; 7243 7244 pr_debug("SELinux: Registering netfilter hooks\n"); 7245 7246 err = register_pernet_subsys(&selinux_net_ops); 7247 if (err) 7248 panic("SELinux: register_pernet_subsys: error %d\n", err); 7249 --- 16 unchanged lines hidden (view full) --- 7266#define selinux_nf_ip_exit() 7267#endif 7268 7269#endif /* CONFIG_NETFILTER */ 7270 7271#ifdef CONFIG_SECURITY_SELINUX_DISABLE 7272int selinux_disable(struct selinux_state *state) 7273{ | 7299 return 0; 7300 7301 pr_debug("SELinux: Registering netfilter hooks\n"); 7302 7303 err = register_pernet_subsys(&selinux_net_ops); 7304 if (err) 7305 panic("SELinux: register_pernet_subsys: error %d\n", err); 7306 --- 16 unchanged lines hidden (view full) --- 7323#define selinux_nf_ip_exit() 7324#endif 7325 7326#endif /* CONFIG_NETFILTER */ 7327 7328#ifdef CONFIG_SECURITY_SELINUX_DISABLE 7329int selinux_disable(struct selinux_state *state) 7330{ |
| 7274 if (state->initialized) { | 7331 if (selinux_initialized(state)) { |
| 7275 /* Not permitted after initial policy load. */ 7276 return -EINVAL; 7277 } 7278 | 7332 /* Not permitted after initial policy load. */ 7333 return -EINVAL; 7334 } 7335 |
| 7279 if (state->disabled) { | 7336 if (selinux_disabled(state)) { |
| 7280 /* Only do this once. */ 7281 return -EINVAL; 7282 } 7283 | 7337 /* Only do this once. */ 7338 return -EINVAL; 7339 } 7340 |
| 7284 state->disabled = 1; | 7341 selinux_mark_disabled(state); |
| 7285 7286 pr_info("SELinux: Disabled at runtime.\n"); 7287 | 7342 7343 pr_info("SELinux: Disabled at runtime.\n"); 7344 |
| 7288 selinux_enabled = 0; | 7345 /* 7346 * Unregister netfilter hooks. 7347 * Must be done before security_delete_hooks() to avoid breaking 7348 * runtime disable. 7349 */ 7350 selinux_nf_ip_exit(); |
| 7289 7290 security_delete_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks)); 7291 7292 /* Try to destroy the avc node cache */ 7293 avc_disable(); 7294 | 7351 7352 security_delete_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks)); 7353 7354 /* Try to destroy the avc node cache */ 7355 avc_disable(); 7356 |
| 7295 /* Unregister netfilter hooks. */ 7296 selinux_nf_ip_exit(); 7297 | |
| 7298 /* Unregister selinuxfs. */ 7299 exit_sel_fs(); 7300 7301 return 0; 7302} 7303#endif | 7357 /* Unregister selinuxfs. */ 7358 exit_sel_fs(); 7359 7360 return 0; 7361} 7362#endif |