diff options
| author | Casey Schaufler <casey@schaufler-ca.com> | 2018-09-21 20:19:11 -0400 |
|---|---|---|
| committer | Kees Cook <keescook@chromium.org> | 2019-01-08 16:18:44 -0500 |
| commit | 80788c229116b28cc914d73c142f74bdee28ab57 (patch) | |
| tree | 7edfa0487db83194c6497ee4ac089204ece986c3 /security/selinux | |
| parent | 33bf60cabcc7687b194a689b068b65e9ecd556be (diff) | |
SELinux: Abstract use of inode security blob
Don't use the inode->i_security pointer directly.
Provide a helper function that provides the security blob pointer.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/hooks.c | 26 | ||||
| -rw-r--r-- | security/selinux/include/objsec.h | 6 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 4 |
3 files changed, 21 insertions, 15 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 632813821da6..2d691e8dfbbf 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -273,7 +273,7 @@ static int __inode_security_revalidate(struct inode *inode, | |||
| 273 | struct dentry *dentry, | 273 | struct dentry *dentry, |
| 274 | bool may_sleep) | 274 | bool may_sleep) |
| 275 | { | 275 | { |
| 276 | struct inode_security_struct *isec = inode->i_security; | 276 | struct inode_security_struct *isec = selinux_inode(inode); |
| 277 | 277 | ||
| 278 | might_sleep_if(may_sleep); | 278 | might_sleep_if(may_sleep); |
| 279 | 279 | ||
| @@ -294,7 +294,7 @@ static int __inode_security_revalidate(struct inode *inode, | |||
| 294 | 294 | ||
| 295 | static struct inode_security_struct *inode_security_novalidate(struct inode *inode) | 295 | static struct inode_security_struct *inode_security_novalidate(struct inode *inode) |
| 296 | { | 296 | { |
| 297 | return inode->i_security; | 297 | return selinux_inode(inode); |
| 298 | } | 298 | } |
| 299 | 299 | ||
| 300 | static struct inode_security_struct *inode_security_rcu(struct inode *inode, bool rcu) | 300 | static struct inode_security_struct *inode_security_rcu(struct inode *inode, bool rcu) |
| @@ -304,7 +304,7 @@ static struct inode_security_struct *inode_security_rcu(struct inode *inode, boo | |||
| 304 | error = __inode_security_revalidate(inode, NULL, !rcu); | 304 | error = __inode_security_revalidate(inode, NULL, !rcu); |
| 305 | if (error) | 305 | if (error) |
| 306 | return ERR_PTR(error); | 306 | return ERR_PTR(error); |
| 307 | return inode->i_security; | 307 | return selinux_inode(inode); |
| 308 | } | 308 | } |
| 309 | 309 | ||
| 310 | /* | 310 | /* |
| @@ -313,14 +313,14 @@ static struct inode_security_struct *inode_security_rcu(struct inode *inode, boo | |||
| 313 | static struct inode_security_struct *inode_security(struct inode *inode) | 313 | static struct inode_security_struct *inode_security(struct inode *inode) |
| 314 | { | 314 | { |
| 315 | __inode_security_revalidate(inode, NULL, true); | 315 | __inode_security_revalidate(inode, NULL, true); |
| 316 | return inode->i_security; | 316 | return selinux_inode(inode); |
| 317 | } | 317 | } |
| 318 | 318 | ||
| 319 | static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) | 319 | static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) |
| 320 | { | 320 | { |
| 321 | struct inode *inode = d_backing_inode(dentry); | 321 | struct inode *inode = d_backing_inode(dentry); |
| 322 | 322 | ||
| 323 | return inode->i_security; | 323 | return selinux_inode(inode); |
| 324 | } | 324 | } |
| 325 | 325 | ||
| 326 | /* | 326 | /* |
| @@ -331,7 +331,7 @@ static struct inode_security_struct *backing_inode_security(struct dentry *dentr | |||
| 331 | struct inode *inode = d_backing_inode(dentry); | 331 | struct inode *inode = d_backing_inode(dentry); |
| 332 | 332 | ||
| 333 | __inode_security_revalidate(inode, dentry, true); | 333 | __inode_security_revalidate(inode, dentry, true); |
| 334 | return inode->i_security; | 334 | return selinux_inode(inode); |
| 335 | } | 335 | } |
| 336 | 336 | ||
| 337 | static void inode_free_rcu(struct rcu_head *head) | 337 | static void inode_free_rcu(struct rcu_head *head) |
| @@ -344,7 +344,7 @@ static void inode_free_rcu(struct rcu_head *head) | |||
| 344 | 344 | ||
| 345 | static void inode_free_security(struct inode *inode) | 345 | static void inode_free_security(struct inode *inode) |
| 346 | { | 346 | { |
| 347 | struct inode_security_struct *isec = inode->i_security; | 347 | struct inode_security_struct *isec = selinux_inode(inode); |
| 348 | struct superblock_security_struct *sbsec = inode->i_sb->s_security; | 348 | struct superblock_security_struct *sbsec = inode->i_sb->s_security; |
| 349 | 349 | ||
| 350 | /* | 350 | /* |
| @@ -1354,7 +1354,7 @@ static int selinux_genfs_get_sid(struct dentry *dentry, | |||
| 1354 | static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry) | 1354 | static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry) |
| 1355 | { | 1355 | { |
| 1356 | struct superblock_security_struct *sbsec = NULL; | 1356 | struct superblock_security_struct *sbsec = NULL; |
| 1357 | struct inode_security_struct *isec = inode->i_security; | 1357 | struct inode_security_struct *isec = selinux_inode(inode); |
| 1358 | u32 task_sid, sid = 0; | 1358 | u32 task_sid, sid = 0; |
| 1359 | u16 sclass; | 1359 | u16 sclass; |
| 1360 | struct dentry *dentry; | 1360 | struct dentry *dentry; |
| @@ -1654,7 +1654,7 @@ static int inode_has_perm(const struct cred *cred, | |||
| 1654 | return 0; | 1654 | return 0; |
| 1655 | 1655 | ||
| 1656 | sid = cred_sid(cred); | 1656 | sid = cred_sid(cred); |
| 1657 | isec = inode->i_security; | 1657 | isec = selinux_inode(inode); |
| 1658 | 1658 | ||
| 1659 | return avc_has_perm(&selinux_state, | 1659 | return avc_has_perm(&selinux_state, |
| 1660 | sid, isec->sid, isec->sclass, perms, adp); | 1660 | sid, isec->sid, isec->sclass, perms, adp); |
| @@ -2816,7 +2816,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, | |||
| 2816 | 2816 | ||
| 2817 | /* Possibly defer initialization to selinux_complete_init. */ | 2817 | /* Possibly defer initialization to selinux_complete_init. */ |
| 2818 | if (sbsec->flags & SE_SBINITIALIZED) { | 2818 | if (sbsec->flags & SE_SBINITIALIZED) { |
| 2819 | struct inode_security_struct *isec = inode->i_security; | 2819 | struct inode_security_struct *isec = selinux_inode(inode); |
| 2820 | isec->sclass = inode_mode_to_security_class(inode->i_mode); | 2820 | isec->sclass = inode_mode_to_security_class(inode->i_mode); |
| 2821 | isec->sid = newsid; | 2821 | isec->sid = newsid; |
| 2822 | isec->initialized = LABEL_INITIALIZED; | 2822 | isec->initialized = LABEL_INITIALIZED; |
| @@ -2916,7 +2916,7 @@ static noinline int audit_inode_permission(struct inode *inode, | |||
| 2916 | unsigned flags) | 2916 | unsigned flags) |
| 2917 | { | 2917 | { |
| 2918 | struct common_audit_data ad; | 2918 | struct common_audit_data ad; |
| 2919 | struct inode_security_struct *isec = inode->i_security; | 2919 | struct inode_security_struct *isec = selinux_inode(inode); |
| 2920 | int rc; | 2920 | int rc; |
| 2921 | 2921 | ||
| 2922 | ad.type = LSM_AUDIT_DATA_INODE; | 2922 | ad.type = LSM_AUDIT_DATA_INODE; |
| @@ -3936,7 +3936,7 @@ static int selinux_task_kill(struct task_struct *p, struct kernel_siginfo *info, | |||
| 3936 | static void selinux_task_to_inode(struct task_struct *p, | 3936 | static void selinux_task_to_inode(struct task_struct *p, |
| 3937 | struct inode *inode) | 3937 | struct inode *inode) |
| 3938 | { | 3938 | { |
| 3939 | struct inode_security_struct *isec = inode->i_security; | 3939 | struct inode_security_struct *isec = selinux_inode(inode); |
| 3940 | u32 sid = task_sid(p); | 3940 | u32 sid = task_sid(p); |
| 3941 | 3941 | ||
| 3942 | spin_lock(&isec->lock); | 3942 | spin_lock(&isec->lock); |
| @@ -6318,7 +6318,7 @@ static void selinux_release_secctx(char *secdata, u32 seclen) | |||
| 6318 | 6318 | ||
| 6319 | static void selinux_inode_invalidate_secctx(struct inode *inode) | 6319 | static void selinux_inode_invalidate_secctx(struct inode *inode) |
| 6320 | { | 6320 | { |
| 6321 | struct inode_security_struct *isec = inode->i_security; | 6321 | struct inode_security_struct *isec = selinux_inode(inode); |
| 6322 | 6322 | ||
| 6323 | spin_lock(&isec->lock); | 6323 | spin_lock(&isec->lock); |
| 6324 | isec->initialized = LABEL_INVALID; | 6324 | isec->initialized = LABEL_INVALID; |
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 96374dbf4ace..26b4ff6b4d81 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h | |||
| @@ -170,4 +170,10 @@ static inline struct file_security_struct *selinux_file(const struct file *file) | |||
| 170 | return file->f_security + selinux_blob_sizes.lbs_file; | 170 | return file->f_security + selinux_blob_sizes.lbs_file; |
| 171 | } | 171 | } |
| 172 | 172 | ||
| 173 | static inline struct inode_security_struct *selinux_inode( | ||
| 174 | const struct inode *inode) | ||
| 175 | { | ||
| 176 | return inode->i_security; | ||
| 177 | } | ||
| 178 | |||
| 173 | #endif /* _SELINUX_OBJSEC_H_ */ | 179 | #endif /* _SELINUX_OBJSEC_H_ */ |
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f3a5a138a096..145ee62f205a 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c | |||
| @@ -1378,7 +1378,7 @@ static int sel_make_bools(struct selinux_fs_info *fsi) | |||
| 1378 | goto out; | 1378 | goto out; |
| 1379 | } | 1379 | } |
| 1380 | 1380 | ||
| 1381 | isec = (struct inode_security_struct *)inode->i_security; | 1381 | isec = selinux_inode(inode); |
| 1382 | ret = security_genfs_sid(fsi->state, "selinuxfs", page, | 1382 | ret = security_genfs_sid(fsi->state, "selinuxfs", page, |
| 1383 | SECCLASS_FILE, &sid); | 1383 | SECCLASS_FILE, &sid); |
| 1384 | if (ret) { | 1384 | if (ret) { |
| @@ -1953,7 +1953,7 @@ static int sel_fill_super(struct super_block *sb, void *data, int silent) | |||
| 1953 | } | 1953 | } |
| 1954 | 1954 | ||
| 1955 | inode->i_ino = ++fsi->last_ino; | 1955 | inode->i_ino = ++fsi->last_ino; |
| 1956 | isec = (struct inode_security_struct *)inode->i_security; | 1956 | isec = selinux_inode(inode); |
| 1957 | isec->sid = SECINITSID_DEVNULL; | 1957 | isec->sid = SECINITSID_DEVNULL; |
| 1958 | isec->sclass = SECCLASS_CHR_FILE; | 1958 | isec->sclass = SECCLASS_CHR_FILE; |
| 1959 | isec->initialized = LABEL_INITIALIZED; | 1959 | isec->initialized = LABEL_INITIALIZED; |