| hooks.c (d8f797c60661a90ee26ca9330cf85ede9aa2ec17) | hooks.c (8e71bf75efceff07e04e1f8a4b7c0dbff7205949) |
|---|---|
| 1/* 2 * NSA Security-Enhanced Linux (SELinux) security module 3 * 4 * This file contains the SELinux hook function implementations. 5 * 6 * Authors: Stephen Smalley, <sds@epoch.ncsc.mil> 7 * Chris Vance, <cvance@nai.com> 8 * Wayne Salamon, <wsalamon@nai.com> 9 * James Morris <jmorris@redhat.com> 10 * 11 * Copyright (C) 2001,2002 Networks Associates Technology, Inc. 12 * Copyright (C) 2003-2008 Red Hat, Inc., James Morris <jmorris@redhat.com> 13 * Eric Paris <eparis@redhat.com> 14 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. 15 * <dgoeddel@trustedcs.com> 16 * Copyright (C) 2006, 2007, 2009 Hewlett-Packard Development Company, L.P. 17 * Paul Moore <paul@paul-moore.com> 18 * Copyright (C) 2007 Hitachi Software Engineering Co., Ltd. 19 * Yuichi Nakamura <ynakam@hitachisoft.jp> | 1/* 2 * NSA Security-Enhanced Linux (SELinux) security module 3 * 4 * This file contains the SELinux hook function implementations. 5 * 6 * Authors: Stephen Smalley, <sds@epoch.ncsc.mil> 7 * Chris Vance, <cvance@nai.com> 8 * Wayne Salamon, <wsalamon@nai.com> 9 * James Morris <jmorris@redhat.com> 10 * 11 * Copyright (C) 2001,2002 Networks Associates Technology, Inc. 12 * Copyright (C) 2003-2008 Red Hat, Inc., James Morris <jmorris@redhat.com> 13 * Eric Paris <eparis@redhat.com> 14 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. 15 * <dgoeddel@trustedcs.com> 16 * Copyright (C) 2006, 2007, 2009 Hewlett-Packard Development Company, L.P. 17 * Paul Moore <paul@paul-moore.com> 18 * Copyright (C) 2007 Hitachi Software Engineering Co., Ltd. 19 * Yuichi Nakamura <ynakam@hitachisoft.jp> |
| 20 * Copyright (C) 2016 Mellanox Technologies |
|
| 20 * 21 * This program is free software; you can redistribute it and/or modify 22 * it under the terms of the GNU General Public License version 2, 23 * as published by the Free Software Foundation. 24 */ 25 26#include <linux/init.h> 27#include <linux/kd.h> --- 57 unchanged lines hidden (view full) --- 85#include <linux/msg.h> 86#include <linux/shm.h> 87 88#include "avc.h" 89#include "objsec.h" 90#include "netif.h" 91#include "netnode.h" 92#include "netport.h" | 21 * 22 * This program is free software; you can redistribute it and/or modify 23 * it under the terms of the GNU General Public License version 2, 24 * as published by the Free Software Foundation. 25 */ 26 27#include <linux/init.h> 28#include <linux/kd.h> --- 57 unchanged lines hidden (view full) --- 86#include <linux/msg.h> 87#include <linux/shm.h> 88 89#include "avc.h" 90#include "objsec.h" 91#include "netif.h" 92#include "netnode.h" 93#include "netport.h" |
| 94#include "ibpkey.h" |
|
| 93#include "xfrm.h" 94#include "netlabel.h" 95#include "audit.h" 96#include "avc_ss.h" 97 98/* SECMARK reference count */ 99static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); 100 --- 65 unchanged lines hidden (view full) --- 166 sel_netif_flush(); 167 sel_netnode_flush(); 168 sel_netport_flush(); 169 synchronize_net(); 170 } 171 return 0; 172} 173 | 95#include "xfrm.h" 96#include "netlabel.h" 97#include "audit.h" 98#include "avc_ss.h" 99 100/* SECMARK reference count */ 101static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); 102 --- 65 unchanged lines hidden (view full) --- 168 sel_netif_flush(); 169 sel_netnode_flush(); 170 sel_netport_flush(); 171 synchronize_net(); 172 } 173 return 0; 174} 175 |
| 176static int selinux_lsm_notifier_avc_callback(u32 event) 177{ 178 if (event == AVC_CALLBACK_RESET) { 179 sel_ib_pkey_flush(); 180 call_lsm_notifier(LSM_POLICY_CHANGE, NULL); 181 } 182 183 return 0; 184} 185 |
|
| 174/* 175 * initialise the security for the init task 176 */ 177static void cred_init_security(void) 178{ 179 struct cred *cred = (struct cred *) current->real_cred; 180 struct task_security_struct *tsec; 181 --- 211 unchanged lines hidden (view full) --- 393 394static void superblock_free_security(struct super_block *sb) 395{ 396 struct superblock_security_struct *sbsec = sb->s_security; 397 sb->s_security = NULL; 398 kfree(sbsec); 399} 400 | 186/* 187 * initialise the security for the init task 188 */ 189static void cred_init_security(void) 190{ 191 struct cred *cred = (struct cred *) current->real_cred; 192 struct task_security_struct *tsec; 193 --- 211 unchanged lines hidden (view full) --- 405 406static void superblock_free_security(struct super_block *sb) 407{ 408 struct superblock_security_struct *sbsec = sb->s_security; 409 sb->s_security = NULL; 410 kfree(sbsec); 411} 412 |
| 401/* The file system's label must be initialized prior to use. */ 402 403static const char *labeling_behaviors[7] = { 404 "uses xattr", 405 "uses transition SIDs", 406 "uses task SIDs", 407 "uses genfs_contexts", 408 "not configured for labeling", 409 "uses mountpoint labeling", 410 "uses native labeling", 411}; 412 | |
| 413static inline int inode_doinit(struct inode *inode) 414{ 415 return inode_doinit_with_dentry(inode, NULL); 416} 417 418enum { 419 Opt_error = -1, 420 Opt_context = 1, --- 98 unchanged lines hidden (view full) --- 519 else 520 printk(KERN_WARNING "SELinux: (dev %s, type " 521 "%s) getxattr errno %d\n", sb->s_id, 522 sb->s_type->name, -rc); 523 goto out; 524 } 525 } 526 | 413static inline int inode_doinit(struct inode *inode) 414{ 415 return inode_doinit_with_dentry(inode, NULL); 416} 417 418enum { 419 Opt_error = -1, 420 Opt_context = 1, --- 98 unchanged lines hidden (view full) --- 519 else 520 printk(KERN_WARNING "SELinux: (dev %s, type " 521 "%s) getxattr errno %d\n", sb->s_id, 522 sb->s_type->name, -rc); 523 goto out; 524 } 525 } 526 |
| 527 if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) 528 printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n", 529 sb->s_id, sb->s_type->name); 530 | |
| 531 sbsec->flags |= SE_SBINITIALIZED; 532 if (selinux_is_sblabel_mnt(sb)) 533 sbsec->flags |= SBLABEL_MNT; 534 535 /* Initialize the root inode. */ 536 rc = inode_doinit_with_dentry(root_inode, root); 537 538 /* Initialize any other inodes associated with the superblock, e.g. --- 1519 unchanged lines hidden (view full) --- 2058 2059/* 2060 * Convert a file to an access vector and include the correct open 2061 * open permission. 2062 */ 2063static inline u32 open_file_to_av(struct file *file) 2064{ 2065 u32 av = file_to_av(file); | 527 sbsec->flags |= SE_SBINITIALIZED; 528 if (selinux_is_sblabel_mnt(sb)) 529 sbsec->flags |= SBLABEL_MNT; 530 531 /* Initialize the root inode. */ 532 rc = inode_doinit_with_dentry(root_inode, root); 533 534 /* Initialize any other inodes associated with the superblock, e.g. --- 1519 unchanged lines hidden (view full) --- 2054 2055/* 2056 * Convert a file to an access vector and include the correct open 2057 * open permission. 2058 */ 2059static inline u32 open_file_to_av(struct file *file) 2060{ 2061 u32 av = file_to_av(file); |
| 2062 struct inode *inode = file_inode(file); |
|
| 2066 | 2063 |
| 2067 if (selinux_policycap_openperm) | 2064 if (selinux_policycap_openperm && inode->i_sb->s_magic != SOCKFS_MAGIC) |
| 2068 av |= FILE__OPEN; 2069 2070 return av; 2071} 2072 2073/* Hook functions begin here. */ 2074 2075static int selinux_binder_set_context_mgr(struct task_struct *mgr) --- 978 unchanged lines hidden (view full) --- 3054 if (rc2) 3055 return rc2; 3056 return rc; 3057} 3058 3059static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) 3060{ 3061 const struct cred *cred = current_cred(); | 2065 av |= FILE__OPEN; 2066 2067 return av; 2068} 2069 2070/* Hook functions begin here. */ 2071 2072static int selinux_binder_set_context_mgr(struct task_struct *mgr) --- 978 unchanged lines hidden (view full) --- 3051 if (rc2) 3052 return rc2; 3053 return rc; 3054} 3055 3056static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) 3057{ 3058 const struct cred *cred = current_cred(); |
| 3059 struct inode *inode = d_backing_inode(dentry); |
|
| 3062 unsigned int ia_valid = iattr->ia_valid; 3063 __u32 av = FILE__WRITE; 3064 3065 /* ATTR_FORCE is just used for ATTR_KILL_S[UG]ID. */ 3066 if (ia_valid & ATTR_FORCE) { 3067 ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_MODE | 3068 ATTR_FORCE); 3069 if (!ia_valid) 3070 return 0; 3071 } 3072 3073 if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | 3074 ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_TIMES_SET)) 3075 return dentry_has_perm(cred, dentry, FILE__SETATTR); 3076 | 3060 unsigned int ia_valid = iattr->ia_valid; 3061 __u32 av = FILE__WRITE; 3062 3063 /* ATTR_FORCE is just used for ATTR_KILL_S[UG]ID. */ 3064 if (ia_valid & ATTR_FORCE) { 3065 ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_MODE | 3066 ATTR_FORCE); 3067 if (!ia_valid) 3068 return 0; 3069 } 3070 3071 if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | 3072 ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_TIMES_SET)) 3073 return dentry_has_perm(cred, dentry, FILE__SETATTR); 3074 |
| 3077 if (selinux_policycap_openperm && (ia_valid & ATTR_SIZE) 3078 && !(ia_valid & ATTR_FILE)) | 3075 if (selinux_policycap_openperm && 3076 inode->i_sb->s_magic != SOCKFS_MAGIC && 3077 (ia_valid & ATTR_SIZE) && 3078 !(ia_valid & ATTR_FILE)) |
| 3079 av |= FILE__OPEN; 3080 3081 return dentry_has_perm(cred, dentry, av); 3082} 3083 3084static int selinux_inode_getattr(const struct path *path) 3085{ 3086 return path_has_perm(current_cred(), path, FILE__GETATTR); --- 15 unchanged lines hidden (view full) --- 3102 } 3103 } 3104 3105 /* Not an attribute we recognize, so just check the 3106 ordinary setattr permission. */ 3107 return dentry_has_perm(cred, dentry, FILE__SETATTR); 3108} 3109 | 3079 av |= FILE__OPEN; 3080 3081 return dentry_has_perm(cred, dentry, av); 3082} 3083 3084static int selinux_inode_getattr(const struct path *path) 3085{ 3086 return path_has_perm(current_cred(), path, FILE__GETATTR); --- 15 unchanged lines hidden (view full) --- 3102 } 3103 } 3104 3105 /* Not an attribute we recognize, so just check the 3106 ordinary setattr permission. */ 3107 return dentry_has_perm(cred, dentry, FILE__SETATTR); 3108} 3109 |
| 3110static bool has_cap_mac_admin(bool audit) 3111{ 3112 const struct cred *cred = current_cred(); 3113 int cap_audit = audit ? SECURITY_CAP_AUDIT : SECURITY_CAP_NOAUDIT; 3114 3115 if (cap_capable(cred, &init_user_ns, CAP_MAC_ADMIN, cap_audit)) 3116 return false; 3117 if (cred_has_capability(cred, CAP_MAC_ADMIN, cap_audit, true)) 3118 return false; 3119 return true; 3120} 3121 |
|
| 3110static int selinux_inode_setxattr(struct dentry *dentry, const char *name, 3111 const void *value, size_t size, int flags) 3112{ 3113 struct inode *inode = d_backing_inode(dentry); 3114 struct inode_security_struct *isec; 3115 struct superblock_security_struct *sbsec; 3116 struct common_audit_data ad; 3117 u32 newsid, sid = current_sid(); --- 15 unchanged lines hidden (view full) --- 3133 isec = backing_inode_security(dentry); 3134 rc = avc_has_perm(sid, isec->sid, isec->sclass, 3135 FILE__RELABELFROM, &ad); 3136 if (rc) 3137 return rc; 3138 3139 rc = security_context_to_sid(value, size, &newsid, GFP_KERNEL); 3140 if (rc == -EINVAL) { | 3122static int selinux_inode_setxattr(struct dentry *dentry, const char *name, 3123 const void *value, size_t size, int flags) 3124{ 3125 struct inode *inode = d_backing_inode(dentry); 3126 struct inode_security_struct *isec; 3127 struct superblock_security_struct *sbsec; 3128 struct common_audit_data ad; 3129 u32 newsid, sid = current_sid(); --- 15 unchanged lines hidden (view full) --- 3145 isec = backing_inode_security(dentry); 3146 rc = avc_has_perm(sid, isec->sid, isec->sclass, 3147 FILE__RELABELFROM, &ad); 3148 if (rc) 3149 return rc; 3150 3151 rc = security_context_to_sid(value, size, &newsid, GFP_KERNEL); 3152 if (rc == -EINVAL) { |
| 3141 if (!capable(CAP_MAC_ADMIN)) { | 3153 if (!has_cap_mac_admin(true)) { |
| 3142 struct audit_buffer *ab; 3143 size_t audit_size; 3144 const char *str; 3145 3146 /* We strip a nul only if it is at the end, otherwise the 3147 * context contains a nul and we should audit that */ 3148 if (value) { 3149 str = value; --- 109 unchanged lines hidden (view full) --- 3259 * If the caller has CAP_MAC_ADMIN, then get the raw context 3260 * value even if it is not defined by current policy; otherwise, 3261 * use the in-core value under current policy. 3262 * Use the non-auditing forms of the permission checks since 3263 * getxattr may be called by unprivileged processes commonly 3264 * and lack of permission just means that we fall back to the 3265 * in-core context value, not a denial. 3266 */ | 3154 struct audit_buffer *ab; 3155 size_t audit_size; 3156 const char *str; 3157 3158 /* We strip a nul only if it is at the end, otherwise the 3159 * context contains a nul and we should audit that */ 3160 if (value) { 3161 str = value; --- 109 unchanged lines hidden (view full) --- 3271 * If the caller has CAP_MAC_ADMIN, then get the raw context 3272 * value even if it is not defined by current policy; otherwise, 3273 * use the in-core value under current policy. 3274 * Use the non-auditing forms of the permission checks since 3275 * getxattr may be called by unprivileged processes commonly 3276 * and lack of permission just means that we fall back to the 3277 * in-core context value, not a denial. 3278 */ |
| 3267 error = cap_capable(current_cred(), &init_user_ns, CAP_MAC_ADMIN, 3268 SECURITY_CAP_NOAUDIT); 3269 if (!error) 3270 error = cred_has_capability(current_cred(), CAP_MAC_ADMIN, 3271 SECURITY_CAP_NOAUDIT, true); | |
| 3272 isec = inode_security(inode); | 3279 isec = inode_security(inode); |
| 3273 if (!error) | 3280 if (has_cap_mac_admin(false)) |
| 3274 error = security_sid_to_context_force(isec->sid, &context, 3275 &size); 3276 else 3277 error = security_sid_to_context(isec->sid, &context, &size); 3278 if (error) 3279 return error; 3280 error = size; 3281 if (alloc) { --- 263 unchanged lines hidden (view full) --- 3545 } 3546 3547 return rc; 3548} 3549 3550static int selinux_mmap_file(struct file *file, unsigned long reqprot, 3551 unsigned long prot, unsigned long flags) 3552{ | 3281 error = security_sid_to_context_force(isec->sid, &context, 3282 &size); 3283 else 3284 error = security_sid_to_context(isec->sid, &context, &size); 3285 if (error) 3286 return error; 3287 error = size; 3288 if (alloc) { --- 263 unchanged lines hidden (view full) --- 3552 } 3553 3554 return rc; 3555} 3556 3557static int selinux_mmap_file(struct file *file, unsigned long reqprot, 3558 unsigned long prot, unsigned long flags) 3559{ |
| 3560 struct common_audit_data ad; 3561 int rc; 3562 3563 if (file) { 3564 ad.type = LSM_AUDIT_DATA_FILE; 3565 ad.u.file = file; 3566 rc = inode_has_perm(current_cred(), file_inode(file), 3567 FILE__MAP, &ad); 3568 if (rc) 3569 return rc; 3570 } 3571 |
|
| 3553 if (selinux_checkreqprot) 3554 prot = reqprot; 3555 3556 return file_map_prot_check(file, prot, 3557 (flags & MAP_TYPE) == MAP_SHARED); 3558} 3559 3560static int selinux_file_mprotect(struct vm_area_struct *vma, --- 144 unchanged lines hidden (view full) --- 3705 * new inode label or new policy. 3706 * This check is not redundant - do not remove. 3707 */ 3708 return file_path_has_perm(cred, file, open_file_to_av(file)); 3709} 3710 3711/* task security operations */ 3712 | 3572 if (selinux_checkreqprot) 3573 prot = reqprot; 3574 3575 return file_map_prot_check(file, prot, 3576 (flags & MAP_TYPE) == MAP_SHARED); 3577} 3578 3579static int selinux_file_mprotect(struct vm_area_struct *vma, --- 144 unchanged lines hidden (view full) --- 3724 * new inode label or new policy. 3725 * This check is not redundant - do not remove. 3726 */ 3727 return file_path_has_perm(cred, file, open_file_to_av(file)); 3728} 3729 3730/* task security operations */ 3731 |
| 3713static int selinux_task_create(unsigned long clone_flags) | 3732static int selinux_task_alloc(struct task_struct *task, 3733 unsigned long clone_flags) |
| 3714{ 3715 u32 sid = current_sid(); 3716 3717 return avc_has_perm(sid, sid, SECCLASS_PROCESS, PROCESS__FORK, NULL); 3718} 3719 3720/* 3721 * allocate the SELinux part of blank credentials --- 2191 unchanged lines hidden (view full) --- 5913 /* Obtain a SID for the context, if one was specified. */ 5914 if (size && str[0] && str[0] != '\n') { 5915 if (str[size-1] == '\n') { 5916 str[size-1] = 0; 5917 size--; 5918 } 5919 error = security_context_to_sid(value, size, &sid, GFP_KERNEL); 5920 if (error == -EINVAL && !strcmp(name, "fscreate")) { | 3734{ 3735 u32 sid = current_sid(); 3736 3737 return avc_has_perm(sid, sid, SECCLASS_PROCESS, PROCESS__FORK, NULL); 3738} 3739 3740/* 3741 * allocate the SELinux part of blank credentials --- 2191 unchanged lines hidden (view full) --- 5933 /* Obtain a SID for the context, if one was specified. */ 5934 if (size && str[0] && str[0] != '\n') { 5935 if (str[size-1] == '\n') { 5936 str[size-1] = 0; 5937 size--; 5938 } 5939 error = security_context_to_sid(value, size, &sid, GFP_KERNEL); 5940 if (error == -EINVAL && !strcmp(name, "fscreate")) { |
| 5921 if (!capable(CAP_MAC_ADMIN)) { | 5941 if (!has_cap_mac_admin(true)) { |
| 5922 struct audit_buffer *ab; 5923 size_t audit_size; 5924 5925 /* We strip a nul only if it is at the end, otherwise the 5926 * context contains a nul and we should audit that */ 5927 if (str[size - 1] == '\0') 5928 audit_size = size - 1; 5929 else --- 193 unchanged lines hidden (view full) --- 6123 int rc; 6124 6125 rc = security_sid_to_context(ksec->sid, &context, &len); 6126 if (!rc) 6127 rc = len; 6128 *_buffer = context; 6129 return rc; 6130} | 5942 struct audit_buffer *ab; 5943 size_t audit_size; 5944 5945 /* We strip a nul only if it is at the end, otherwise the 5946 * context contains a nul and we should audit that */ 5947 if (str[size - 1] == '\0') 5948 audit_size = size - 1; 5949 else --- 193 unchanged lines hidden (view full) --- 6143 int rc; 6144 6145 rc = security_sid_to_context(ksec->sid, &context, &len); 6146 if (!rc) 6147 rc = len; 6148 *_buffer = context; 6149 return rc; 6150} |
| 6151#endif |
|
| 6131 | 6152 |
| 6153#ifdef CONFIG_SECURITY_INFINIBAND 6154static int selinux_ib_pkey_access(void *ib_sec, u64 subnet_prefix, u16 pkey_val) 6155{ 6156 struct common_audit_data ad; 6157 int err; 6158 u32 sid = 0; 6159 struct ib_security_struct *sec = ib_sec; 6160 struct lsm_ibpkey_audit ibpkey; 6161 6162 err = sel_ib_pkey_sid(subnet_prefix, pkey_val, &sid); 6163 if (err) 6164 return err; 6165 6166 ad.type = LSM_AUDIT_DATA_IBPKEY; 6167 ibpkey.subnet_prefix = subnet_prefix; 6168 ibpkey.pkey = pkey_val; 6169 ad.u.ibpkey = &ibpkey; 6170 return avc_has_perm(sec->sid, sid, 6171 SECCLASS_INFINIBAND_PKEY, 6172 INFINIBAND_PKEY__ACCESS, &ad); 6173} 6174 6175static int selinux_ib_endport_manage_subnet(void *ib_sec, const char *dev_name, 6176 u8 port_num) 6177{ 6178 struct common_audit_data ad; 6179 int err; 6180 u32 sid = 0; 6181 struct ib_security_struct *sec = ib_sec; 6182 struct lsm_ibendport_audit ibendport; 6183 6184 err = security_ib_endport_sid(dev_name, port_num, &sid); 6185 6186 if (err) 6187 return err; 6188 6189 ad.type = LSM_AUDIT_DATA_IBENDPORT; 6190 strncpy(ibendport.dev_name, dev_name, sizeof(ibendport.dev_name)); 6191 ibendport.port = port_num; 6192 ad.u.ibendport = &ibendport; 6193 return avc_has_perm(sec->sid, sid, 6194 SECCLASS_INFINIBAND_ENDPORT, 6195 INFINIBAND_ENDPORT__MANAGE_SUBNET, &ad); 6196} 6197 6198static int selinux_ib_alloc_security(void **ib_sec) 6199{ 6200 struct ib_security_struct *sec; 6201 6202 sec = kzalloc(sizeof(*sec), GFP_KERNEL); 6203 if (!sec) 6204 return -ENOMEM; 6205 sec->sid = current_sid(); 6206 6207 *ib_sec = sec; 6208 return 0; 6209} 6210 6211static void selinux_ib_free_security(void *ib_sec) 6212{ 6213 kfree(ib_sec); 6214} |
|
| 6132#endif 6133 6134static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6135 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6136 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6137 LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), 6138 LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), 6139 --- 68 unchanged lines hidden (view full) --- 6208 LSM_HOOK_INIT(file_lock, selinux_file_lock), 6209 LSM_HOOK_INIT(file_fcntl, selinux_file_fcntl), 6210 LSM_HOOK_INIT(file_set_fowner, selinux_file_set_fowner), 6211 LSM_HOOK_INIT(file_send_sigiotask, selinux_file_send_sigiotask), 6212 LSM_HOOK_INIT(file_receive, selinux_file_receive), 6213 6214 LSM_HOOK_INIT(file_open, selinux_file_open), 6215 | 6215#endif 6216 6217static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6218 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6219 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6220 LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), 6221 LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), 6222 --- 68 unchanged lines hidden (view full) --- 6291 LSM_HOOK_INIT(file_lock, selinux_file_lock), 6292 LSM_HOOK_INIT(file_fcntl, selinux_file_fcntl), 6293 LSM_HOOK_INIT(file_set_fowner, selinux_file_set_fowner), 6294 LSM_HOOK_INIT(file_send_sigiotask, selinux_file_send_sigiotask), 6295 LSM_HOOK_INIT(file_receive, selinux_file_receive), 6296 6297 LSM_HOOK_INIT(file_open, selinux_file_open), 6298 |
| 6216 LSM_HOOK_INIT(task_create, selinux_task_create), | 6299 LSM_HOOK_INIT(task_alloc, selinux_task_alloc), |
| 6217 LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank), 6218 LSM_HOOK_INIT(cred_free, selinux_cred_free), 6219 LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), 6220 LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), 6221 LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), 6222 LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), 6223 LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), 6224 LSM_HOOK_INIT(kernel_read_file, selinux_kernel_read_file), --- 85 unchanged lines hidden (view full) --- 6310 LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), 6311 LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), 6312 LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), 6313 LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), 6314 LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), 6315 LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), 6316 LSM_HOOK_INIT(tun_dev_attach, selinux_tun_dev_attach), 6317 LSM_HOOK_INIT(tun_dev_open, selinux_tun_dev_open), | 6300 LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank), 6301 LSM_HOOK_INIT(cred_free, selinux_cred_free), 6302 LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), 6303 LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), 6304 LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), 6305 LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), 6306 LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), 6307 LSM_HOOK_INIT(kernel_read_file, selinux_kernel_read_file), --- 85 unchanged lines hidden (view full) --- 6393 LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), 6394 LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), 6395 LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), 6396 LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), 6397 LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), 6398 LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), 6399 LSM_HOOK_INIT(tun_dev_attach, selinux_tun_dev_attach), 6400 LSM_HOOK_INIT(tun_dev_open, selinux_tun_dev_open), |
| 6318 | 6401#ifdef CONFIG_SECURITY_INFINIBAND 6402 LSM_HOOK_INIT(ib_pkey_access, selinux_ib_pkey_access), 6403 LSM_HOOK_INIT(ib_endport_manage_subnet, 6404 selinux_ib_endport_manage_subnet), 6405 LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), 6406 LSM_HOOK_INIT(ib_free_security, selinux_ib_free_security), 6407#endif |
| 6319#ifdef CONFIG_SECURITY_NETWORK_XFRM 6320 LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), 6321 LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), 6322 LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), 6323 LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), 6324 LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), 6325 LSM_HOOK_INIT(xfrm_state_alloc_acquire, 6326 selinux_xfrm_state_alloc_acquire), --- 47 unchanged lines hidden (view full) --- 6374 0, SLAB_PANIC, NULL); 6375 avc_init(); 6376 6377 security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); 6378 6379 if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) 6380 panic("SELinux: Unable to register AVC netcache callback\n"); 6381 | 6408#ifdef CONFIG_SECURITY_NETWORK_XFRM 6409 LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), 6410 LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), 6411 LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), 6412 LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), 6413 LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), 6414 LSM_HOOK_INIT(xfrm_state_alloc_acquire, 6415 selinux_xfrm_state_alloc_acquire), --- 47 unchanged lines hidden (view full) --- 6463 0, SLAB_PANIC, NULL); 6464 avc_init(); 6465 6466 security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux"); 6467 6468 if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) 6469 panic("SELinux: Unable to register AVC netcache callback\n"); 6470 |
| 6471 if (avc_add_callback(selinux_lsm_notifier_avc_callback, AVC_CALLBACK_RESET)) 6472 panic("SELinux: Unable to register AVC LSM notifier callback\n"); 6473 |
|
| 6382 if (selinux_enforcing) 6383 printk(KERN_DEBUG "SELinux: Starting in enforcing mode\n"); 6384 else 6385 printk(KERN_DEBUG "SELinux: Starting in permissive mode\n"); 6386 6387 return 0; 6388} 6389 --- 53 unchanged lines hidden (view full) --- 6443 .hook = selinux_ipv6_output, 6444 .pf = NFPROTO_IPV6, 6445 .hooknum = NF_INET_LOCAL_OUT, 6446 .priority = NF_IP6_PRI_SELINUX_FIRST, 6447 }, 6448#endif /* IPV6 */ 6449}; 6450 | 6474 if (selinux_enforcing) 6475 printk(KERN_DEBUG "SELinux: Starting in enforcing mode\n"); 6476 else 6477 printk(KERN_DEBUG "SELinux: Starting in permissive mode\n"); 6478 6479 return 0; 6480} 6481 --- 53 unchanged lines hidden (view full) --- 6535 .hook = selinux_ipv6_output, 6536 .pf = NFPROTO_IPV6, 6537 .hooknum = NF_INET_LOCAL_OUT, 6538 .priority = NF_IP6_PRI_SELINUX_FIRST, 6539 }, 6540#endif /* IPV6 */ 6541}; 6542 |
| 6543static int __net_init selinux_nf_register(struct net *net) 6544{ 6545 return nf_register_net_hooks(net, selinux_nf_ops, 6546 ARRAY_SIZE(selinux_nf_ops)); 6547} 6548 6549static void __net_exit selinux_nf_unregister(struct net *net) 6550{ 6551 nf_unregister_net_hooks(net, selinux_nf_ops, 6552 ARRAY_SIZE(selinux_nf_ops)); 6553} 6554 6555static struct pernet_operations selinux_net_ops = { 6556 .init = selinux_nf_register, 6557 .exit = selinux_nf_unregister, 6558}; 6559 |
|
| 6451static int __init selinux_nf_ip_init(void) 6452{ 6453 int err; 6454 6455 if (!selinux_enabled) 6456 return 0; 6457 6458 printk(KERN_DEBUG "SELinux: Registering netfilter hooks\n"); 6459 | 6560static int __init selinux_nf_ip_init(void) 6561{ 6562 int err; 6563 6564 if (!selinux_enabled) 6565 return 0; 6566 6567 printk(KERN_DEBUG "SELinux: Registering netfilter hooks\n"); 6568 |
| 6460 err = nf_register_hooks(selinux_nf_ops, ARRAY_SIZE(selinux_nf_ops)); | 6569 err = register_pernet_subsys(&selinux_net_ops); |
| 6461 if (err) | 6570 if (err) |
| 6462 panic("SELinux: nf_register_hooks: error %d\n", err); | 6571 panic("SELinux: register_pernet_subsys: error %d\n", err); |
| 6463 6464 return 0; 6465} | 6572 6573 return 0; 6574} |
| 6466 | |
| 6467__initcall(selinux_nf_ip_init); 6468 6469#ifdef CONFIG_SECURITY_SELINUX_DISABLE 6470static void selinux_nf_ip_exit(void) 6471{ 6472 printk(KERN_DEBUG "SELinux: Unregistering netfilter hooks\n"); 6473 | 6575__initcall(selinux_nf_ip_init); 6576 6577#ifdef CONFIG_SECURITY_SELINUX_DISABLE 6578static void selinux_nf_ip_exit(void) 6579{ 6580 printk(KERN_DEBUG "SELinux: Unregistering netfilter hooks\n"); 6581 |
| 6474 nf_unregister_hooks(selinux_nf_ops, ARRAY_SIZE(selinux_nf_ops)); | 6582 unregister_pernet_subsys(&selinux_net_ops); |
| 6475} 6476#endif 6477 6478#else /* CONFIG_NETFILTER */ 6479 6480#ifdef CONFIG_SECURITY_SELINUX_DISABLE 6481#define selinux_nf_ip_exit() 6482#endif --- 37 unchanged lines hidden --- | 6583} 6584#endif 6585 6586#else /* CONFIG_NETFILTER */ 6587 6588#ifdef CONFIG_SECURITY_SELINUX_DISABLE 6589#define selinux_nf_ip_exit() 6590#endif --- 37 unchanged lines hidden --- |