aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c422
1 files changed, 142 insertions, 280 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index f0e36c3492ba..333606b3a8ef 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -79,7 +79,6 @@
79#include <linux/personality.h> 79#include <linux/personality.h>
80#include <linux/audit.h> 80#include <linux/audit.h>
81#include <linux/string.h> 81#include <linux/string.h>
82#include <linux/selinux.h>
83#include <linux/mutex.h> 82#include <linux/mutex.h>
84#include <linux/posix-timers.h> 83#include <linux/posix-timers.h>
85#include <linux/syslog.h> 84#include <linux/syslog.h>
@@ -121,9 +120,8 @@ __setup("enforcing=", enforcing_setup);
121#define selinux_enforcing_boot 1 120#define selinux_enforcing_boot 1
122#endif 121#endif
123 122
123int selinux_enabled __lsm_ro_after_init = 1;
124#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM 124#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM
125int selinux_enabled = CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE;
126
127static int __init selinux_enabled_setup(char *str) 125static int __init selinux_enabled_setup(char *str)
128{ 126{
129 unsigned long enabled; 127 unsigned long enabled;
@@ -132,8 +130,6 @@ static int __init selinux_enabled_setup(char *str)
132 return 1; 130 return 1;
133} 131}
134__setup("selinux=", selinux_enabled_setup); 132__setup("selinux=", selinux_enabled_setup);
135#else
136int selinux_enabled = 1;
137#endif 133#endif
138 134
139static unsigned int selinux_checkreqprot_boot = 135static unsigned int selinux_checkreqprot_boot =
@@ -149,9 +145,6 @@ static int __init checkreqprot_setup(char *str)
149} 145}
150__setup("checkreqprot=", checkreqprot_setup); 146__setup("checkreqprot=", checkreqprot_setup);
151 147
152static struct kmem_cache *sel_inode_cache;
153static struct kmem_cache *file_security_cache;
154
155/** 148/**
156 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled 149 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled
157 * 150 *
@@ -214,12 +207,8 @@ static void cred_init_security(void)
214 struct cred *cred = (struct cred *) current->real_cred; 207 struct cred *cred = (struct cred *) current->real_cred;
215 struct task_security_struct *tsec; 208 struct task_security_struct *tsec;
216 209
217 tsec = kzalloc(sizeof(struct task_security_struct), GFP_KERNEL); 210 tsec = selinux_cred(cred);
218 if (!tsec)
219 panic("SELinux: Failed to initialize initial task.\n");
220
221 tsec->osid = tsec->sid = SECINITSID_KERNEL; 211 tsec->osid = tsec->sid = SECINITSID_KERNEL;
222 cred->security = tsec;
223} 212}
224 213
225/* 214/*
@@ -229,7 +218,7 @@ static inline u32 cred_sid(const struct cred *cred)
229{ 218{
230 const struct task_security_struct *tsec; 219 const struct task_security_struct *tsec;
231 220
232 tsec = cred->security; 221 tsec = selinux_cred(cred);
233 return tsec->sid; 222 return tsec->sid;
234} 223}
235 224
@@ -250,13 +239,9 @@ static inline u32 task_sid(const struct task_struct *task)
250 239
251static int inode_alloc_security(struct inode *inode) 240static int inode_alloc_security(struct inode *inode)
252{ 241{
253 struct inode_security_struct *isec; 242 struct inode_security_struct *isec = selinux_inode(inode);
254 u32 sid = current_sid(); 243 u32 sid = current_sid();
255 244
256 isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS);
257 if (!isec)
258 return -ENOMEM;
259
260 spin_lock_init(&isec->lock); 245 spin_lock_init(&isec->lock);
261 INIT_LIST_HEAD(&isec->list); 246 INIT_LIST_HEAD(&isec->list);
262 isec->inode = inode; 247 isec->inode = inode;
@@ -264,7 +249,6 @@ static int inode_alloc_security(struct inode *inode)
264 isec->sclass = SECCLASS_FILE; 249 isec->sclass = SECCLASS_FILE;
265 isec->task_sid = sid; 250 isec->task_sid = sid;
266 isec->initialized = LABEL_INVALID; 251 isec->initialized = LABEL_INVALID;
267 inode->i_security = isec;
268 252
269 return 0; 253 return 0;
270} 254}
@@ -281,7 +265,7 @@ static int __inode_security_revalidate(struct inode *inode,
281 struct dentry *dentry, 265 struct dentry *dentry,
282 bool may_sleep) 266 bool may_sleep)
283{ 267{
284 struct inode_security_struct *isec = inode->i_security; 268 struct inode_security_struct *isec = selinux_inode(inode);
285 269
286 might_sleep_if(may_sleep); 270 might_sleep_if(may_sleep);
287 271
@@ -302,7 +286,7 @@ static int __inode_security_revalidate(struct inode *inode,
302 286
303static struct inode_security_struct *inode_security_novalidate(struct inode *inode) 287static struct inode_security_struct *inode_security_novalidate(struct inode *inode)
304{ 288{
305 return inode->i_security; 289 return selinux_inode(inode);
306} 290}
307 291
308static struct inode_security_struct *inode_security_rcu(struct inode *inode, bool rcu) 292static struct inode_security_struct *inode_security_rcu(struct inode *inode, bool rcu)
@@ -312,7 +296,7 @@ static struct inode_security_struct *inode_security_rcu(struct inode *inode, boo
312 error = __inode_security_revalidate(inode, NULL, !rcu); 296 error = __inode_security_revalidate(inode, NULL, !rcu);
313 if (error) 297 if (error)
314 return ERR_PTR(error); 298 return ERR_PTR(error);
315 return inode->i_security; 299 return selinux_inode(inode);
316} 300}
317 301
318/* 302/*
@@ -321,14 +305,14 @@ static struct inode_security_struct *inode_security_rcu(struct inode *inode, boo
321static struct inode_security_struct *inode_security(struct inode *inode) 305static struct inode_security_struct *inode_security(struct inode *inode)
322{ 306{
323 __inode_security_revalidate(inode, NULL, true); 307 __inode_security_revalidate(inode, NULL, true);
324 return inode->i_security; 308 return selinux_inode(inode);
325} 309}
326 310
327static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) 311static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry)
328{ 312{
329 struct inode *inode = d_backing_inode(dentry); 313 struct inode *inode = d_backing_inode(dentry);
330 314
331 return inode->i_security; 315 return selinux_inode(inode);
332} 316}
333 317
334/* 318/*
@@ -339,22 +323,17 @@ static struct inode_security_struct *backing_inode_security(struct dentry *dentr
339 struct inode *inode = d_backing_inode(dentry); 323 struct inode *inode = d_backing_inode(dentry);
340 324
341 __inode_security_revalidate(inode, dentry, true); 325 __inode_security_revalidate(inode, dentry, true);
342 return inode->i_security; 326 return selinux_inode(inode);
343}
344
345static void inode_free_rcu(struct rcu_head *head)
346{
347 struct inode_security_struct *isec;
348
349 isec = container_of(head, struct inode_security_struct, rcu);
350 kmem_cache_free(sel_inode_cache, isec);
351} 327}
352 328
353static void inode_free_security(struct inode *inode) 329static void inode_free_security(struct inode *inode)
354{ 330{
355 struct inode_security_struct *isec = inode->i_security; 331 struct inode_security_struct *isec = selinux_inode(inode);
356 struct superblock_security_struct *sbsec = inode->i_sb->s_security; 332 struct superblock_security_struct *sbsec;
357 333
334 if (!isec)
335 return;
336 sbsec = inode->i_sb->s_security;
358 /* 337 /*
359 * As not all inode security structures are in a list, we check for 338 * As not all inode security structures are in a list, we check for
360 * empty list outside of the lock to make sure that we won't waste 339 * empty list outside of the lock to make sure that we won't waste
@@ -370,42 +349,19 @@ static void inode_free_security(struct inode *inode)
370 list_del_init(&isec->list); 349 list_del_init(&isec->list);
371 spin_unlock(&sbsec->isec_lock); 350 spin_unlock(&sbsec->isec_lock);
372 } 351 }
373
374 /*
375 * The inode may still be referenced in a path walk and
376 * a call to selinux_inode_permission() can be made
377 * after inode_free_security() is called. Ideally, the VFS
378 * wouldn't do this, but fixing that is a much harder
379 * job. For now, simply free the i_security via RCU, and
380 * leave the current inode->i_security pointer intact.
381 * The inode will be freed after the RCU grace period too.
382 */
383 call_rcu(&isec->rcu, inode_free_rcu);
384} 352}
385 353
386static int file_alloc_security(struct file *file) 354static int file_alloc_security(struct file *file)
387{ 355{
388 struct file_security_struct *fsec; 356 struct file_security_struct *fsec = selinux_file(file);
389 u32 sid = current_sid(); 357 u32 sid = current_sid();
390 358
391 fsec = kmem_cache_zalloc(file_security_cache, GFP_KERNEL);
392 if (!fsec)
393 return -ENOMEM;
394
395 fsec->sid = sid; 359 fsec->sid = sid;
396 fsec->fown_sid = sid; 360 fsec->fown_sid = sid;
397 file->f_security = fsec;
398 361
399 return 0; 362 return 0;
400} 363}
401 364
402static void file_free_security(struct file *file)
403{
404 struct file_security_struct *fsec = file->f_security;
405 file->f_security = NULL;
406 kmem_cache_free(file_security_cache, fsec);
407}
408
409static int superblock_alloc_security(struct super_block *sb) 365static int superblock_alloc_security(struct super_block *sb)
410{ 366{
411 struct superblock_security_struct *sbsec; 367 struct superblock_security_struct *sbsec;
@@ -501,7 +457,7 @@ static int may_context_mount_sb_relabel(u32 sid,
501 struct superblock_security_struct *sbsec, 457 struct superblock_security_struct *sbsec,
502 const struct cred *cred) 458 const struct cred *cred)
503{ 459{
504 const struct task_security_struct *tsec = cred->security; 460 const struct task_security_struct *tsec = selinux_cred(cred);
505 int rc; 461 int rc;
506 462
507 rc = avc_has_perm(&selinux_state, 463 rc = avc_has_perm(&selinux_state,
@@ -520,7 +476,7 @@ static int may_context_mount_inode_relabel(u32 sid,
520 struct superblock_security_struct *sbsec, 476 struct superblock_security_struct *sbsec,
521 const struct cred *cred) 477 const struct cred *cred)
522{ 478{
523 const struct task_security_struct *tsec = cred->security; 479 const struct task_security_struct *tsec = selinux_cred(cred);
524 int rc; 480 int rc;
525 rc = avc_has_perm(&selinux_state, 481 rc = avc_has_perm(&selinux_state,
526 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, 482 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,
@@ -534,16 +490,10 @@ static int may_context_mount_inode_relabel(u32 sid,
534 return rc; 490 return rc;
535} 491}
536 492
537static int selinux_is_sblabel_mnt(struct super_block *sb) 493static int selinux_is_genfs_special_handling(struct super_block *sb)
538{ 494{
539 struct superblock_security_struct *sbsec = sb->s_security; 495 /* Special handling. Genfs but also in-core setxattr handler */
540 496 return !strcmp(sb->s_type->name, "sysfs") ||
541 return sbsec->behavior == SECURITY_FS_USE_XATTR ||
542 sbsec->behavior == SECURITY_FS_USE_TRANS ||
543 sbsec->behavior == SECURITY_FS_USE_TASK ||
544 sbsec->behavior == SECURITY_FS_USE_NATIVE ||
545 /* Special handling. Genfs but also in-core setxattr handler */
546 !strcmp(sb->s_type->name, "sysfs") ||
547 !strcmp(sb->s_type->name, "pstore") || 497 !strcmp(sb->s_type->name, "pstore") ||
548 !strcmp(sb->s_type->name, "debugfs") || 498 !strcmp(sb->s_type->name, "debugfs") ||
549 !strcmp(sb->s_type->name, "tracefs") || 499 !strcmp(sb->s_type->name, "tracefs") ||
@@ -553,6 +503,34 @@ static int selinux_is_sblabel_mnt(struct super_block *sb)
553 !strcmp(sb->s_type->name, "cgroup2"))); 503 !strcmp(sb->s_type->name, "cgroup2")));
554} 504}
555 505
506static int selinux_is_sblabel_mnt(struct super_block *sb)
507{
508 struct superblock_security_struct *sbsec = sb->s_security;
509
510 /*
511 * IMPORTANT: Double-check logic in this function when adding a new
512 * SECURITY_FS_USE_* definition!
513 */
514 BUILD_BUG_ON(SECURITY_FS_USE_MAX != 7);
515
516 switch (sbsec->behavior) {
517 case SECURITY_FS_USE_XATTR:
518 case SECURITY_FS_USE_TRANS:
519 case SECURITY_FS_USE_TASK:
520 case SECURITY_FS_USE_NATIVE:
521 return 1;
522
523 case SECURITY_FS_USE_GENFS:
524 return selinux_is_genfs_special_handling(sb);
525
526 /* Never allow relabeling on context mounts */
527 case SECURITY_FS_USE_MNTPOINT:
528 case SECURITY_FS_USE_NONE:
529 default:
530 return 0;
531 }
532}
533
556static int sb_finish_set_opts(struct super_block *sb) 534static int sb_finish_set_opts(struct super_block *sb)
557{ 535{
558 struct superblock_security_struct *sbsec = sb->s_security; 536 struct superblock_security_struct *sbsec = sb->s_security;
@@ -1374,7 +1352,7 @@ static int selinux_genfs_get_sid(struct dentry *dentry,
1374static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry) 1352static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry)
1375{ 1353{
1376 struct superblock_security_struct *sbsec = NULL; 1354 struct superblock_security_struct *sbsec = NULL;
1377 struct inode_security_struct *isec = inode->i_security; 1355 struct inode_security_struct *isec = selinux_inode(inode);
1378 u32 task_sid, sid = 0; 1356 u32 task_sid, sid = 0;
1379 u16 sclass; 1357 u16 sclass;
1380 struct dentry *dentry; 1358 struct dentry *dentry;
@@ -1621,7 +1599,7 @@ static inline u32 signal_to_av(int sig)
1621 1599
1622/* Check whether a task is allowed to use a capability. */ 1600/* Check whether a task is allowed to use a capability. */
1623static int cred_has_capability(const struct cred *cred, 1601static int cred_has_capability(const struct cred *cred,
1624 int cap, int audit, bool initns) 1602 int cap, unsigned int opts, bool initns)
1625{ 1603{
1626 struct common_audit_data ad; 1604 struct common_audit_data ad;
1627 struct av_decision avd; 1605 struct av_decision avd;
@@ -1648,7 +1626,7 @@ static int cred_has_capability(const struct cred *cred,
1648 1626
1649 rc = avc_has_perm_noaudit(&selinux_state, 1627 rc = avc_has_perm_noaudit(&selinux_state,
1650 sid, sid, sclass, av, 0, &avd); 1628 sid, sid, sclass, av, 0, &avd);
1651 if (audit == SECURITY_CAP_AUDIT) { 1629 if (!(opts & CAP_OPT_NOAUDIT)) {
1652 int rc2 = avc_audit(&selinux_state, 1630 int rc2 = avc_audit(&selinux_state,
1653 sid, sid, sclass, av, &avd, rc, &ad, 0); 1631 sid, sid, sclass, av, &avd, rc, &ad, 0);
1654 if (rc2) 1632 if (rc2)
@@ -1674,7 +1652,7 @@ static int inode_has_perm(const struct cred *cred,
1674 return 0; 1652 return 0;
1675 1653
1676 sid = cred_sid(cred); 1654 sid = cred_sid(cred);
1677 isec = inode->i_security; 1655 isec = selinux_inode(inode);
1678 1656
1679 return avc_has_perm(&selinux_state, 1657 return avc_has_perm(&selinux_state,
1680 sid, isec->sid, isec->sclass, perms, adp); 1658 sid, isec->sid, isec->sclass, perms, adp);
@@ -1740,7 +1718,7 @@ static int file_has_perm(const struct cred *cred,
1740 struct file *file, 1718 struct file *file,
1741 u32 av) 1719 u32 av)
1742{ 1720{
1743 struct file_security_struct *fsec = file->f_security; 1721 struct file_security_struct *fsec = selinux_file(file);
1744 struct inode *inode = file_inode(file); 1722 struct inode *inode = file_inode(file);
1745 struct common_audit_data ad; 1723 struct common_audit_data ad;
1746 u32 sid = cred_sid(cred); 1724 u32 sid = cred_sid(cred);
@@ -1806,7 +1784,7 @@ static int may_create(struct inode *dir,
1806 struct dentry *dentry, 1784 struct dentry *dentry,
1807 u16 tclass) 1785 u16 tclass)
1808{ 1786{
1809 const struct task_security_struct *tsec = current_security(); 1787 const struct task_security_struct *tsec = selinux_cred(current_cred());
1810 struct inode_security_struct *dsec; 1788 struct inode_security_struct *dsec;
1811 struct superblock_security_struct *sbsec; 1789 struct superblock_security_struct *sbsec;
1812 u32 sid, newsid; 1790 u32 sid, newsid;
@@ -1828,7 +1806,7 @@ static int may_create(struct inode *dir,
1828 if (rc) 1806 if (rc)
1829 return rc; 1807 return rc;
1830 1808
1831 rc = selinux_determine_inode_label(current_security(), dir, 1809 rc = selinux_determine_inode_label(selinux_cred(current_cred()), dir,
1832 &dentry->d_name, tclass, &newsid); 1810 &dentry->d_name, tclass, &newsid);
1833 if (rc) 1811 if (rc)
1834 return rc; 1812 return rc;
@@ -2084,7 +2062,7 @@ static int selinux_binder_transfer_file(struct task_struct *from,
2084 struct file *file) 2062 struct file *file)
2085{ 2063{
2086 u32 sid = task_sid(to); 2064 u32 sid = task_sid(to);
2087 struct file_security_struct *fsec = file->f_security; 2065 struct file_security_struct *fsec = selinux_file(file);
2088 struct dentry *dentry = file->f_path.dentry; 2066 struct dentry *dentry = file->f_path.dentry;
2089 struct inode_security_struct *isec; 2067 struct inode_security_struct *isec;
2090 struct common_audit_data ad; 2068 struct common_audit_data ad;
@@ -2168,9 +2146,9 @@ static int selinux_capset(struct cred *new, const struct cred *old,
2168 */ 2146 */
2169 2147
2170static int selinux_capable(const struct cred *cred, struct user_namespace *ns, 2148static int selinux_capable(const struct cred *cred, struct user_namespace *ns,
2171 int cap, int audit) 2149 int cap, unsigned int opts)
2172{ 2150{
2173 return cred_has_capability(cred, cap, audit, ns == &init_user_ns); 2151 return cred_has_capability(cred, cap, opts, ns == &init_user_ns);
2174} 2152}
2175 2153
2176static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb) 2154static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb)
@@ -2244,7 +2222,7 @@ static int selinux_vm_enough_memory(struct mm_struct *mm, long pages)
2244 int rc, cap_sys_admin = 0; 2222 int rc, cap_sys_admin = 0;
2245 2223
2246 rc = cred_has_capability(current_cred(), CAP_SYS_ADMIN, 2224 rc = cred_has_capability(current_cred(), CAP_SYS_ADMIN,
2247 SECURITY_CAP_NOAUDIT, true); 2225 CAP_OPT_NOAUDIT, true);
2248 if (rc == 0) 2226 if (rc == 0)
2249 cap_sys_admin = 1; 2227 cap_sys_admin = 1;
2250 2228
@@ -2335,8 +2313,8 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
2335 if (bprm->called_set_creds) 2313 if (bprm->called_set_creds)
2336 return 0; 2314 return 0;
2337 2315
2338 old_tsec = current_security(); 2316 old_tsec = selinux_cred(current_cred());
2339 new_tsec = bprm->cred->security; 2317 new_tsec = selinux_cred(bprm->cred);
2340 isec = inode_security(inode); 2318 isec = inode_security(inode);
2341 2319
2342 /* Default to the current task SID. */ 2320 /* Default to the current task SID. */
@@ -2500,7 +2478,7 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm)
2500 struct rlimit *rlim, *initrlim; 2478 struct rlimit *rlim, *initrlim;
2501 int rc, i; 2479 int rc, i;
2502 2480
2503 new_tsec = bprm->cred->security; 2481 new_tsec = selinux_cred(bprm->cred);
2504 if (new_tsec->sid == new_tsec->osid) 2482 if (new_tsec->sid == new_tsec->osid)
2505 return; 2483 return;
2506 2484
@@ -2543,7 +2521,7 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm)
2543 */ 2521 */
2544static void selinux_bprm_committed_creds(struct linux_binprm *bprm) 2522static void selinux_bprm_committed_creds(struct linux_binprm *bprm)
2545{ 2523{
2546 const struct task_security_struct *tsec = current_security(); 2524 const struct task_security_struct *tsec = selinux_cred(current_cred());
2547 struct itimerval itimer; 2525 struct itimerval itimer;
2548 u32 osid, sid; 2526 u32 osid, sid;
2549 int rc, i; 2527 int rc, i;
@@ -2780,7 +2758,7 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode,
2780 u32 newsid; 2758 u32 newsid;
2781 int rc; 2759 int rc;
2782 2760
2783 rc = selinux_determine_inode_label(current_security(), 2761 rc = selinux_determine_inode_label(selinux_cred(current_cred()),
2784 d_inode(dentry->d_parent), name, 2762 d_inode(dentry->d_parent), name,
2785 inode_mode_to_security_class(mode), 2763 inode_mode_to_security_class(mode),
2786 &newsid); 2764 &newsid);
@@ -2800,14 +2778,14 @@ static int selinux_dentry_create_files_as(struct dentry *dentry, int mode,
2800 int rc; 2778 int rc;
2801 struct task_security_struct *tsec; 2779 struct task_security_struct *tsec;
2802 2780
2803 rc = selinux_determine_inode_label(old->security, 2781 rc = selinux_determine_inode_label(selinux_cred(old),
2804 d_inode(dentry->d_parent), name, 2782 d_inode(dentry->d_parent), name,
2805 inode_mode_to_security_class(mode), 2783 inode_mode_to_security_class(mode),
2806 &newsid); 2784 &newsid);
2807 if (rc) 2785 if (rc)
2808 return rc; 2786 return rc;
2809 2787
2810 tsec = new->security; 2788 tsec = selinux_cred(new);
2811 tsec->create_sid = newsid; 2789 tsec->create_sid = newsid;
2812 return 0; 2790 return 0;
2813} 2791}
@@ -2817,7 +2795,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
2817 const char **name, 2795 const char **name,
2818 void **value, size_t *len) 2796 void **value, size_t *len)
2819{ 2797{
2820 const struct task_security_struct *tsec = current_security(); 2798 const struct task_security_struct *tsec = selinux_cred(current_cred());
2821 struct superblock_security_struct *sbsec; 2799 struct superblock_security_struct *sbsec;
2822 u32 newsid, clen; 2800 u32 newsid, clen;
2823 int rc; 2801 int rc;
@@ -2827,7 +2805,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
2827 2805
2828 newsid = tsec->create_sid; 2806 newsid = tsec->create_sid;
2829 2807
2830 rc = selinux_determine_inode_label(current_security(), 2808 rc = selinux_determine_inode_label(selinux_cred(current_cred()),
2831 dir, qstr, 2809 dir, qstr,
2832 inode_mode_to_security_class(inode->i_mode), 2810 inode_mode_to_security_class(inode->i_mode),
2833 &newsid); 2811 &newsid);
@@ -2836,7 +2814,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
2836 2814
2837 /* Possibly defer initialization to selinux_complete_init. */ 2815 /* Possibly defer initialization to selinux_complete_init. */
2838 if (sbsec->flags & SE_SBINITIALIZED) { 2816 if (sbsec->flags & SE_SBINITIALIZED) {
2839 struct inode_security_struct *isec = inode->i_security; 2817 struct inode_security_struct *isec = selinux_inode(inode);
2840 isec->sclass = inode_mode_to_security_class(inode->i_mode); 2818 isec->sclass = inode_mode_to_security_class(inode->i_mode);
2841 isec->sid = newsid; 2819 isec->sid = newsid;
2842 isec->initialized = LABEL_INITIALIZED; 2820 isec->initialized = LABEL_INITIALIZED;
@@ -2925,9 +2903,8 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct inode *inode,
2925 if (IS_ERR(isec)) 2903 if (IS_ERR(isec))
2926 return PTR_ERR(isec); 2904 return PTR_ERR(isec);
2927 2905
2928 return avc_has_perm_flags(&selinux_state, 2906 return avc_has_perm(&selinux_state,
2929 sid, isec->sid, isec->sclass, FILE__READ, &ad, 2907 sid, isec->sid, isec->sclass, FILE__READ, &ad);
2930 rcu ? MAY_NOT_BLOCK : 0);
2931} 2908}
2932 2909
2933static noinline int audit_inode_permission(struct inode *inode, 2910static noinline int audit_inode_permission(struct inode *inode,
@@ -2936,7 +2913,7 @@ static noinline int audit_inode_permission(struct inode *inode,
2936 unsigned flags) 2913 unsigned flags)
2937{ 2914{
2938 struct common_audit_data ad; 2915 struct common_audit_data ad;
2939 struct inode_security_struct *isec = inode->i_security; 2916 struct inode_security_struct *isec = selinux_inode(inode);
2940 int rc; 2917 int rc;
2941 2918
2942 ad.type = LSM_AUDIT_DATA_INODE; 2919 ad.type = LSM_AUDIT_DATA_INODE;
@@ -2982,7 +2959,9 @@ static int selinux_inode_permission(struct inode *inode, int mask)
2982 return PTR_ERR(isec); 2959 return PTR_ERR(isec);
2983 2960
2984 rc = avc_has_perm_noaudit(&selinux_state, 2961 rc = avc_has_perm_noaudit(&selinux_state,
2985 sid, isec->sid, isec->sclass, perms, 0, &avd); 2962 sid, isec->sid, isec->sclass, perms,
2963 (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0,
2964 &avd);
2986 audited = avc_audit_required(perms, &avd, rc, 2965 audited = avc_audit_required(perms, &avd, rc,
2987 from_access ? FILE__AUDIT_ACCESS : 0, 2966 from_access ? FILE__AUDIT_ACCESS : 0,
2988 &denied); 2967 &denied);
@@ -3031,11 +3010,11 @@ static int selinux_inode_getattr(const struct path *path)
3031static bool has_cap_mac_admin(bool audit) 3010static bool has_cap_mac_admin(bool audit)
3032{ 3011{
3033 const struct cred *cred = current_cred(); 3012 const struct cred *cred = current_cred();
3034 int cap_audit = audit ? SECURITY_CAP_AUDIT : SECURITY_CAP_NOAUDIT; 3013 unsigned int opts = audit ? CAP_OPT_NONE : CAP_OPT_NOAUDIT;
3035 3014
3036 if (cap_capable(cred, &init_user_ns, CAP_MAC_ADMIN, cap_audit)) 3015 if (cap_capable(cred, &init_user_ns, CAP_MAC_ADMIN, opts))
3037 return false; 3016 return false;
3038 if (cred_has_capability(cred, CAP_MAC_ADMIN, cap_audit, true)) 3017 if (cred_has_capability(cred, CAP_MAC_ADMIN, opts, true))
3039 return false; 3018 return false;
3040 return true; 3019 return true;
3041} 3020}
@@ -3241,12 +3220,16 @@ static int selinux_inode_setsecurity(struct inode *inode, const char *name,
3241 const void *value, size_t size, int flags) 3220 const void *value, size_t size, int flags)
3242{ 3221{
3243 struct inode_security_struct *isec = inode_security_novalidate(inode); 3222 struct inode_security_struct *isec = inode_security_novalidate(inode);
3223 struct superblock_security_struct *sbsec = inode->i_sb->s_security;
3244 u32 newsid; 3224 u32 newsid;
3245 int rc; 3225 int rc;
3246 3226
3247 if (strcmp(name, XATTR_SELINUX_SUFFIX)) 3227 if (strcmp(name, XATTR_SELINUX_SUFFIX))
3248 return -EOPNOTSUPP; 3228 return -EOPNOTSUPP;
3249 3229
3230 if (!(sbsec->flags & SBLABEL_MNT))
3231 return -EOPNOTSUPP;
3232
3250 if (!value || !size) 3233 if (!value || !size)
3251 return -EACCES; 3234 return -EACCES;
3252 3235
@@ -3289,7 +3272,7 @@ static int selinux_inode_copy_up(struct dentry *src, struct cred **new)
3289 return -ENOMEM; 3272 return -ENOMEM;
3290 } 3273 }
3291 3274
3292 tsec = new_creds->security; 3275 tsec = selinux_cred(new_creds);
3293 /* Get label from overlay inode and set it in create_sid */ 3276 /* Get label from overlay inode and set it in create_sid */
3294 selinux_inode_getsecid(d_inode(src), &sid); 3277 selinux_inode_getsecid(d_inode(src), &sid);
3295 tsec->create_sid = sid; 3278 tsec->create_sid = sid;
@@ -3330,7 +3313,7 @@ static int selinux_revalidate_file_permission(struct file *file, int mask)
3330static int selinux_file_permission(struct file *file, int mask) 3313static int selinux_file_permission(struct file *file, int mask)
3331{ 3314{
3332 struct inode *inode = file_inode(file); 3315 struct inode *inode = file_inode(file);
3333 struct file_security_struct *fsec = file->f_security; 3316 struct file_security_struct *fsec = selinux_file(file);
3334 struct inode_security_struct *isec; 3317 struct inode_security_struct *isec;
3335 u32 sid = current_sid(); 3318 u32 sid = current_sid();
3336 3319
@@ -3352,11 +3335,6 @@ static int selinux_file_alloc_security(struct file *file)
3352 return file_alloc_security(file); 3335 return file_alloc_security(file);
3353} 3336}
3354 3337
3355static void selinux_file_free_security(struct file *file)
3356{
3357 file_free_security(file);
3358}
3359
3360/* 3338/*
3361 * Check whether a task has the ioctl permission and cmd 3339 * Check whether a task has the ioctl permission and cmd
3362 * operation to an inode. 3340 * operation to an inode.
@@ -3365,7 +3343,7 @@ static int ioctl_has_perm(const struct cred *cred, struct file *file,
3365 u32 requested, u16 cmd) 3343 u32 requested, u16 cmd)
3366{ 3344{
3367 struct common_audit_data ad; 3345 struct common_audit_data ad;
3368 struct file_security_struct *fsec = file->f_security; 3346 struct file_security_struct *fsec = selinux_file(file);
3369 struct inode *inode = file_inode(file); 3347 struct inode *inode = file_inode(file);
3370 struct inode_security_struct *isec; 3348 struct inode_security_struct *isec;
3371 struct lsm_ioctlop_audit ioctl; 3349 struct lsm_ioctlop_audit ioctl;
@@ -3435,7 +3413,7 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd,
3435 case KDSKBENT: 3413 case KDSKBENT:
3436 case KDSKBSENT: 3414 case KDSKBSENT:
3437 error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG, 3415 error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG,
3438 SECURITY_CAP_AUDIT, true); 3416 CAP_OPT_NONE, true);
3439 break; 3417 break;
3440 3418
3441 /* default case assumes that the command will go 3419 /* default case assumes that the command will go
@@ -3617,7 +3595,7 @@ static void selinux_file_set_fowner(struct file *file)
3617{ 3595{
3618 struct file_security_struct *fsec; 3596 struct file_security_struct *fsec;
3619 3597
3620 fsec = file->f_security; 3598 fsec = selinux_file(file);
3621 fsec->fown_sid = current_sid(); 3599 fsec->fown_sid = current_sid();
3622} 3600}
3623 3601
@@ -3632,7 +3610,7 @@ static int selinux_file_send_sigiotask(struct task_struct *tsk,
3632 /* struct fown_struct is never outside the context of a struct file */ 3610 /* struct fown_struct is never outside the context of a struct file */
3633 file = container_of(fown, struct file, f_owner); 3611 file = container_of(fown, struct file, f_owner);
3634 3612
3635 fsec = file->f_security; 3613 fsec = selinux_file(file);
3636 3614
3637 if (!signum) 3615 if (!signum)
3638 perm = signal_to_av(SIGIO); /* as per send_sigio_to_task */ 3616 perm = signal_to_av(SIGIO); /* as per send_sigio_to_task */
@@ -3656,7 +3634,7 @@ static int selinux_file_open(struct file *file)
3656 struct file_security_struct *fsec; 3634 struct file_security_struct *fsec;
3657 struct inode_security_struct *isec; 3635 struct inode_security_struct *isec;
3658 3636
3659 fsec = file->f_security; 3637 fsec = selinux_file(file);
3660 isec = inode_security(file_inode(file)); 3638 isec = inode_security(file_inode(file));
3661 /* 3639 /*
3662 * Save inode label and policy sequence number 3640 * Save inode label and policy sequence number
@@ -3690,52 +3668,15 @@ static int selinux_task_alloc(struct task_struct *task,
3690} 3668}
3691 3669
3692/* 3670/*
3693 * allocate the SELinux part of blank credentials
3694 */
3695static int selinux_cred_alloc_blank(struct cred *cred, gfp_t gfp)
3696{
3697 struct task_security_struct *tsec;
3698
3699 tsec = kzalloc(sizeof(struct task_security_struct), gfp);
3700 if (!tsec)
3701 return -ENOMEM;
3702
3703 cred->security = tsec;
3704 return 0;
3705}
3706
3707/*
3708 * detach and free the LSM part of a set of credentials
3709 */
3710static void selinux_cred_free(struct cred *cred)
3711{
3712 struct task_security_struct *tsec = cred->security;
3713
3714 /*
3715 * cred->security == NULL if security_cred_alloc_blank() or
3716 * security_prepare_creds() returned an error.
3717 */
3718 BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);
3719 cred->security = (void *) 0x7UL;
3720 kfree(tsec);
3721}
3722
3723/*
3724 * prepare a new set of credentials for modification 3671 * prepare a new set of credentials for modification
3725 */ 3672 */
3726static int selinux_cred_prepare(struct cred *new, const struct cred *old, 3673static int selinux_cred_prepare(struct cred *new, const struct cred *old,
3727 gfp_t gfp) 3674 gfp_t gfp)
3728{ 3675{
3729 const struct task_security_struct *old_tsec; 3676 const struct task_security_struct *old_tsec = selinux_cred(old);
3730 struct task_security_struct *tsec; 3677 struct task_security_struct *tsec = selinux_cred(new);
3731
3732 old_tsec = old->security;
3733
3734 tsec = kmemdup(old_tsec, sizeof(struct task_security_struct), gfp);
3735 if (!tsec)
3736 return -ENOMEM;
3737 3678
3738 new->security = tsec; 3679 *tsec = *old_tsec;
3739 return 0; 3680 return 0;
3740} 3681}
3741 3682
@@ -3744,8 +3685,8 @@ static int selinux_cred_prepare(struct cred *new, const struct cred *old,
3744 */ 3685 */
3745static void selinux_cred_transfer(struct cred *new, const struct cred *old) 3686static void selinux_cred_transfer(struct cred *new, const struct cred *old)
3746{ 3687{
3747 const struct task_security_struct *old_tsec = old->security; 3688 const struct task_security_struct *old_tsec = selinux_cred(old);
3748 struct task_security_struct *tsec = new->security; 3689 struct task_security_struct *tsec = selinux_cred(new);
3749 3690
3750 *tsec = *old_tsec; 3691 *tsec = *old_tsec;
3751} 3692}
@@ -3761,7 +3702,7 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid)
3761 */ 3702 */
3762static int selinux_kernel_act_as(struct cred *new, u32 secid) 3703static int selinux_kernel_act_as(struct cred *new, u32 secid)
3763{ 3704{
3764 struct task_security_struct *tsec = new->security; 3705 struct task_security_struct *tsec = selinux_cred(new);
3765 u32 sid = current_sid(); 3706 u32 sid = current_sid();
3766 int ret; 3707 int ret;
3767 3708
@@ -3786,7 +3727,7 @@ static int selinux_kernel_act_as(struct cred *new, u32 secid)
3786static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode) 3727static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode)
3787{ 3728{
3788 struct inode_security_struct *isec = inode_security(inode); 3729 struct inode_security_struct *isec = inode_security(inode);
3789 struct task_security_struct *tsec = new->security; 3730 struct task_security_struct *tsec = selinux_cred(new);
3790 u32 sid = current_sid(); 3731 u32 sid = current_sid();
3791 int ret; 3732 int ret;
3792 3733
@@ -3832,7 +3773,7 @@ static int selinux_kernel_module_from_file(struct file *file)
3832 ad.type = LSM_AUDIT_DATA_FILE; 3773 ad.type = LSM_AUDIT_DATA_FILE;
3833 ad.u.file = file; 3774 ad.u.file = file;
3834 3775
3835 fsec = file->f_security; 3776 fsec = selinux_file(file);
3836 if (sid != fsec->sid) { 3777 if (sid != fsec->sid) {
3837 rc = avc_has_perm(&selinux_state, 3778 rc = avc_has_perm(&selinux_state,
3838 sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); 3779 sid, fsec->sid, SECCLASS_FD, FD__USE, &ad);
@@ -3998,7 +3939,7 @@ static int selinux_task_kill(struct task_struct *p, struct kernel_siginfo *info,
3998static void selinux_task_to_inode(struct task_struct *p, 3939static void selinux_task_to_inode(struct task_struct *p,
3999 struct inode *inode) 3940 struct inode *inode)
4000{ 3941{
4001 struct inode_security_struct *isec = inode->i_security; 3942 struct inode_security_struct *isec = selinux_inode(inode);
4002 u32 sid = task_sid(p); 3943 u32 sid = task_sid(p);
4003 3944
4004 spin_lock(&isec->lock); 3945 spin_lock(&isec->lock);
@@ -4335,7 +4276,7 @@ static int sock_has_perm(struct sock *sk, u32 perms)
4335static int selinux_socket_create(int family, int type, 4276static int selinux_socket_create(int family, int type,
4336 int protocol, int kern) 4277 int protocol, int kern)
4337{ 4278{
4338 const struct task_security_struct *tsec = current_security(); 4279 const struct task_security_struct *tsec = selinux_cred(current_cred());
4339 u32 newsid; 4280 u32 newsid;
4340 u16 secclass; 4281 u16 secclass;
4341 int rc; 4282 int rc;
@@ -4355,7 +4296,7 @@ static int selinux_socket_create(int family, int type,
4355static int selinux_socket_post_create(struct socket *sock, int family, 4296static int selinux_socket_post_create(struct socket *sock, int family,
4356 int type, int protocol, int kern) 4297 int type, int protocol, int kern)
4357{ 4298{
4358 const struct task_security_struct *tsec = current_security(); 4299 const struct task_security_struct *tsec = selinux_cred(current_cred());
4359 struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock)); 4300 struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock));
4360 struct sk_security_struct *sksec; 4301 struct sk_security_struct *sksec;
4361 u16 sclass = socket_type_to_security_class(family, type, protocol); 4302 u16 sclass = socket_type_to_security_class(family, type, protocol);
@@ -4531,7 +4472,7 @@ err_af:
4531} 4472}
4532 4473
4533/* This supports connect(2) and SCTP connect services such as sctp_connectx(3) 4474/* This supports connect(2) and SCTP connect services such as sctp_connectx(3)
4534 * and sctp_sendmsg(3) as described in Documentation/security/LSM-sctp.rst 4475 * and sctp_sendmsg(3) as described in Documentation/security/SCTP.rst
4535 */ 4476 */
4536static int selinux_socket_connect_helper(struct socket *sock, 4477static int selinux_socket_connect_helper(struct socket *sock,
4537 struct sockaddr *address, int addrlen) 4478 struct sockaddr *address, int addrlen)
@@ -5236,7 +5177,7 @@ static int selinux_secmark_relabel_packet(u32 sid)
5236 const struct task_security_struct *__tsec; 5177 const struct task_security_struct *__tsec;
5237 u32 tsid; 5178 u32 tsid;
5238 5179
5239 __tsec = current_security(); 5180 __tsec = selinux_cred(current_cred());
5240 tsid = __tsec->sid; 5181 tsid = __tsec->sid;
5241 5182
5242 return avc_has_perm(&selinux_state, 5183 return avc_has_perm(&selinux_state,
@@ -5711,51 +5652,22 @@ static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb)
5711 return selinux_nlmsg_perm(sk, skb); 5652 return selinux_nlmsg_perm(sk, skb);
5712} 5653}
5713 5654
5714static int ipc_alloc_security(struct kern_ipc_perm *perm, 5655static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass)
5715 u16 sclass)
5716{ 5656{
5717 struct ipc_security_struct *isec;
5718
5719 isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL);
5720 if (!isec)
5721 return -ENOMEM;
5722
5723 isec->sclass = sclass; 5657 isec->sclass = sclass;
5724 isec->sid = current_sid(); 5658 isec->sid = current_sid();
5725 perm->security = isec;
5726
5727 return 0;
5728}
5729
5730static void ipc_free_security(struct kern_ipc_perm *perm)
5731{
5732 struct ipc_security_struct *isec = perm->security;
5733 perm->security = NULL;
5734 kfree(isec);
5735} 5659}
5736 5660
5737static int msg_msg_alloc_security(struct msg_msg *msg) 5661static int msg_msg_alloc_security(struct msg_msg *msg)
5738{ 5662{
5739 struct msg_security_struct *msec; 5663 struct msg_security_struct *msec;
5740 5664
5741 msec = kzalloc(sizeof(struct msg_security_struct), GFP_KERNEL); 5665 msec = selinux_msg_msg(msg);
5742 if (!msec)
5743 return -ENOMEM;
5744
5745 msec->sid = SECINITSID_UNLABELED; 5666 msec->sid = SECINITSID_UNLABELED;
5746 msg->security = msec;
5747 5667
5748 return 0; 5668 return 0;
5749} 5669}
5750 5670
5751static void msg_msg_free_security(struct msg_msg *msg)
5752{
5753 struct msg_security_struct *msec = msg->security;
5754
5755 msg->security = NULL;
5756 kfree(msec);
5757}
5758
5759static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, 5671static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
5760 u32 perms) 5672 u32 perms)
5761{ 5673{
@@ -5763,7 +5675,7 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
5763 struct common_audit_data ad; 5675 struct common_audit_data ad;
5764 u32 sid = current_sid(); 5676 u32 sid = current_sid();
5765 5677
5766 isec = ipc_perms->security; 5678 isec = selinux_ipc(ipc_perms);
5767 5679
5768 ad.type = LSM_AUDIT_DATA_IPC; 5680 ad.type = LSM_AUDIT_DATA_IPC;
5769 ad.u.ipc_id = ipc_perms->key; 5681 ad.u.ipc_id = ipc_perms->key;
@@ -5777,11 +5689,6 @@ static int selinux_msg_msg_alloc_security(struct msg_msg *msg)
5777 return msg_msg_alloc_security(msg); 5689 return msg_msg_alloc_security(msg);
5778} 5690}
5779 5691
5780static void selinux_msg_msg_free_security(struct msg_msg *msg)
5781{
5782 msg_msg_free_security(msg);
5783}
5784
5785/* message queue security operations */ 5692/* message queue security operations */
5786static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq) 5693static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq)
5787{ 5694{
@@ -5790,11 +5697,8 @@ static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq)
5790 u32 sid = current_sid(); 5697 u32 sid = current_sid();
5791 int rc; 5698 int rc;
5792 5699
5793 rc = ipc_alloc_security(msq, SECCLASS_MSGQ); 5700 isec = selinux_ipc(msq);
5794 if (rc) 5701 ipc_init_security(isec, SECCLASS_MSGQ);
5795 return rc;
5796
5797 isec = msq->security;
5798 5702
5799 ad.type = LSM_AUDIT_DATA_IPC; 5703 ad.type = LSM_AUDIT_DATA_IPC;
5800 ad.u.ipc_id = msq->key; 5704 ad.u.ipc_id = msq->key;
@@ -5802,16 +5706,7 @@ static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq)
5802 rc = avc_has_perm(&selinux_state, 5706 rc = avc_has_perm(&selinux_state,
5803 sid, isec->sid, SECCLASS_MSGQ, 5707 sid, isec->sid, SECCLASS_MSGQ,
5804 MSGQ__CREATE, &ad); 5708 MSGQ__CREATE, &ad);
5805 if (rc) { 5709 return rc;
5806 ipc_free_security(msq);
5807 return rc;
5808 }
5809 return 0;
5810}
5811
5812static void selinux_msg_queue_free_security(struct kern_ipc_perm *msq)
5813{
5814 ipc_free_security(msq);
5815} 5710}
5816 5711
5817static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg) 5712static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg)
@@ -5820,7 +5715,7 @@ static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg)
5820 struct common_audit_data ad; 5715 struct common_audit_data ad;
5821 u32 sid = current_sid(); 5716 u32 sid = current_sid();
5822 5717
5823 isec = msq->security; 5718 isec = selinux_ipc(msq);
5824 5719
5825 ad.type = LSM_AUDIT_DATA_IPC; 5720 ad.type = LSM_AUDIT_DATA_IPC;
5826 ad.u.ipc_id = msq->key; 5721 ad.u.ipc_id = msq->key;
@@ -5869,8 +5764,8 @@ static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *m
5869 u32 sid = current_sid(); 5764 u32 sid = current_sid();
5870 int rc; 5765 int rc;
5871 5766
5872 isec = msq->security; 5767 isec = selinux_ipc(msq);
5873 msec = msg->security; 5768 msec = selinux_msg_msg(msg);
5874 5769
5875 /* 5770 /*
5876 * First time through, need to assign label to the message 5771 * First time through, need to assign label to the message
@@ -5917,8 +5812,8 @@ static int selinux_msg_queue_msgrcv(struct kern_ipc_perm *msq, struct msg_msg *m
5917 u32 sid = task_sid(target); 5812 u32 sid = task_sid(target);
5918 int rc; 5813 int rc;
5919 5814
5920 isec = msq->security; 5815 isec = selinux_ipc(msq);
5921 msec = msg->security; 5816 msec = selinux_msg_msg(msg);
5922 5817
5923 ad.type = LSM_AUDIT_DATA_IPC; 5818 ad.type = LSM_AUDIT_DATA_IPC;
5924 ad.u.ipc_id = msq->key; 5819 ad.u.ipc_id = msq->key;
@@ -5941,11 +5836,8 @@ static int selinux_shm_alloc_security(struct kern_ipc_perm *shp)
5941 u32 sid = current_sid(); 5836 u32 sid = current_sid();
5942 int rc; 5837 int rc;
5943 5838
5944 rc = ipc_alloc_security(shp, SECCLASS_SHM); 5839 isec = selinux_ipc(shp);
5945 if (rc) 5840 ipc_init_security(isec, SECCLASS_SHM);
5946 return rc;
5947
5948 isec = shp->security;
5949 5841
5950 ad.type = LSM_AUDIT_DATA_IPC; 5842 ad.type = LSM_AUDIT_DATA_IPC;
5951 ad.u.ipc_id = shp->key; 5843 ad.u.ipc_id = shp->key;
@@ -5953,16 +5845,7 @@ static int selinux_shm_alloc_security(struct kern_ipc_perm *shp)
5953 rc = avc_has_perm(&selinux_state, 5845 rc = avc_has_perm(&selinux_state,
5954 sid, isec->sid, SECCLASS_SHM, 5846 sid, isec->sid, SECCLASS_SHM,
5955 SHM__CREATE, &ad); 5847 SHM__CREATE, &ad);
5956 if (rc) { 5848 return rc;
5957 ipc_free_security(shp);
5958 return rc;
5959 }
5960 return 0;
5961}
5962
5963static void selinux_shm_free_security(struct kern_ipc_perm *shp)
5964{
5965 ipc_free_security(shp);
5966} 5849}
5967 5850
5968static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg) 5851static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg)
@@ -5971,7 +5854,7 @@ static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg)
5971 struct common_audit_data ad; 5854 struct common_audit_data ad;
5972 u32 sid = current_sid(); 5855 u32 sid = current_sid();
5973 5856
5974 isec = shp->security; 5857 isec = selinux_ipc(shp);
5975 5858
5976 ad.type = LSM_AUDIT_DATA_IPC; 5859 ad.type = LSM_AUDIT_DATA_IPC;
5977 ad.u.ipc_id = shp->key; 5860 ad.u.ipc_id = shp->key;
@@ -6038,11 +5921,8 @@ static int selinux_sem_alloc_security(struct kern_ipc_perm *sma)
6038 u32 sid = current_sid(); 5921 u32 sid = current_sid();
6039 int rc; 5922 int rc;
6040 5923
6041 rc = ipc_alloc_security(sma, SECCLASS_SEM); 5924 isec = selinux_ipc(sma);
6042 if (rc) 5925 ipc_init_security(isec, SECCLASS_SEM);
6043 return rc;
6044
6045 isec = sma->security;
6046 5926
6047 ad.type = LSM_AUDIT_DATA_IPC; 5927 ad.type = LSM_AUDIT_DATA_IPC;
6048 ad.u.ipc_id = sma->key; 5928 ad.u.ipc_id = sma->key;
@@ -6050,16 +5930,7 @@ static int selinux_sem_alloc_security(struct kern_ipc_perm *sma)
6050 rc = avc_has_perm(&selinux_state, 5930 rc = avc_has_perm(&selinux_state,
6051 sid, isec->sid, SECCLASS_SEM, 5931 sid, isec->sid, SECCLASS_SEM,
6052 SEM__CREATE, &ad); 5932 SEM__CREATE, &ad);
6053 if (rc) { 5933 return rc;
6054 ipc_free_security(sma);
6055 return rc;
6056 }
6057 return 0;
6058}
6059
6060static void selinux_sem_free_security(struct kern_ipc_perm *sma)
6061{
6062 ipc_free_security(sma);
6063} 5934}
6064 5935
6065static int selinux_sem_associate(struct kern_ipc_perm *sma, int semflg) 5936static int selinux_sem_associate(struct kern_ipc_perm *sma, int semflg)
@@ -6068,7 +5939,7 @@ static int selinux_sem_associate(struct kern_ipc_perm *sma, int semflg)
6068 struct common_audit_data ad; 5939 struct common_audit_data ad;
6069 u32 sid = current_sid(); 5940 u32 sid = current_sid();
6070 5941
6071 isec = sma->security; 5942 isec = selinux_ipc(sma);
6072 5943
6073 ad.type = LSM_AUDIT_DATA_IPC; 5944 ad.type = LSM_AUDIT_DATA_IPC;
6074 ad.u.ipc_id = sma->key; 5945 ad.u.ipc_id = sma->key;
@@ -6154,7 +6025,7 @@ static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
6154 6025
6155static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) 6026static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
6156{ 6027{
6157 struct ipc_security_struct *isec = ipcp->security; 6028 struct ipc_security_struct *isec = selinux_ipc(ipcp);
6158 *secid = isec->sid; 6029 *secid = isec->sid;
6159} 6030}
6160 6031
@@ -6173,7 +6044,7 @@ static int selinux_getprocattr(struct task_struct *p,
6173 unsigned len; 6044 unsigned len;
6174 6045
6175 rcu_read_lock(); 6046 rcu_read_lock();
6176 __tsec = __task_cred(p)->security; 6047 __tsec = selinux_cred(__task_cred(p));
6177 6048
6178 if (current != p) { 6049 if (current != p) {
6179 error = avc_has_perm(&selinux_state, 6050 error = avc_has_perm(&selinux_state,
@@ -6296,7 +6167,7 @@ static int selinux_setprocattr(const char *name, void *value, size_t size)
6296 operation. See selinux_bprm_set_creds for the execve 6167 operation. See selinux_bprm_set_creds for the execve
6297 checks and may_create for the file creation checks. The 6168 checks and may_create for the file creation checks. The
6298 operation will then fail if the context is not permitted. */ 6169 operation will then fail if the context is not permitted. */
6299 tsec = new->security; 6170 tsec = selinux_cred(new);
6300 if (!strcmp(name, "exec")) { 6171 if (!strcmp(name, "exec")) {
6301 tsec->exec_sid = sid; 6172 tsec->exec_sid = sid;
6302 } else if (!strcmp(name, "fscreate")) { 6173 } else if (!strcmp(name, "fscreate")) {
@@ -6380,7 +6251,7 @@ static void selinux_release_secctx(char *secdata, u32 seclen)
6380 6251
6381static void selinux_inode_invalidate_secctx(struct inode *inode) 6252static void selinux_inode_invalidate_secctx(struct inode *inode)
6382{ 6253{
6383 struct inode_security_struct *isec = inode->i_security; 6254 struct inode_security_struct *isec = selinux_inode(inode);
6384 6255
6385 spin_lock(&isec->lock); 6256 spin_lock(&isec->lock);
6386 isec->initialized = LABEL_INVALID; 6257 isec->initialized = LABEL_INVALID;
@@ -6392,7 +6263,10 @@ static void selinux_inode_invalidate_secctx(struct inode *inode)
6392 */ 6263 */
6393static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) 6264static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
6394{ 6265{
6395 return selinux_inode_setsecurity(inode, XATTR_SELINUX_SUFFIX, ctx, ctxlen, 0); 6266 int rc = selinux_inode_setsecurity(inode, XATTR_SELINUX_SUFFIX,
6267 ctx, ctxlen, 0);
6268 /* Do not return error when suppressing label (SBLABEL_MNT not set). */
6269 return rc == -EOPNOTSUPP ? 0 : rc;
6396} 6270}
6397 6271
6398/* 6272/*
@@ -6425,7 +6299,7 @@ static int selinux_key_alloc(struct key *k, const struct cred *cred,
6425 if (!ksec) 6299 if (!ksec)
6426 return -ENOMEM; 6300 return -ENOMEM;
6427 6301
6428 tsec = cred->security; 6302 tsec = selinux_cred(cred);
6429 if (tsec->keycreate_sid) 6303 if (tsec->keycreate_sid)
6430 ksec->sid = tsec->keycreate_sid; 6304 ksec->sid = tsec->keycreate_sid;
6431 else 6305 else
@@ -6688,6 +6562,14 @@ static void selinux_bpf_prog_free(struct bpf_prog_aux *aux)
6688} 6562}
6689#endif 6563#endif
6690 6564
6565struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = {
6566 .lbs_cred = sizeof(struct task_security_struct),
6567 .lbs_file = sizeof(struct file_security_struct),
6568 .lbs_inode = sizeof(struct inode_security_struct),
6569 .lbs_ipc = sizeof(struct ipc_security_struct),
6570 .lbs_msg_msg = sizeof(struct msg_security_struct),
6571};
6572
6691static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 6573static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
6692 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), 6574 LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr),
6693 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), 6575 LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction),
@@ -6757,7 +6639,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
6757 6639
6758 LSM_HOOK_INIT(file_permission, selinux_file_permission), 6640 LSM_HOOK_INIT(file_permission, selinux_file_permission),
6759 LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security), 6641 LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security),
6760 LSM_HOOK_INIT(file_free_security, selinux_file_free_security),
6761 LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl), 6642 LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl),
6762 LSM_HOOK_INIT(mmap_file, selinux_mmap_file), 6643 LSM_HOOK_INIT(mmap_file, selinux_mmap_file),
6763 LSM_HOOK_INIT(mmap_addr, selinux_mmap_addr), 6644 LSM_HOOK_INIT(mmap_addr, selinux_mmap_addr),
@@ -6771,8 +6652,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
6771 LSM_HOOK_INIT(file_open, selinux_file_open), 6652 LSM_HOOK_INIT(file_open, selinux_file_open),
6772 6653
6773 LSM_HOOK_INIT(task_alloc, selinux_task_alloc), 6654 LSM_HOOK_INIT(task_alloc, selinux_task_alloc),
6774 LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank),
6775 LSM_HOOK_INIT(cred_free, selinux_cred_free),
6776 LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), 6655 LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare),
6777 LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), 6656 LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer),
6778 LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid), 6657 LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid),
@@ -6800,24 +6679,20 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
6800 LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), 6679 LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid),
6801 6680
6802 LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), 6681 LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security),
6803 LSM_HOOK_INIT(msg_msg_free_security, selinux_msg_msg_free_security),
6804 6682
6805 LSM_HOOK_INIT(msg_queue_alloc_security, 6683 LSM_HOOK_INIT(msg_queue_alloc_security,
6806 selinux_msg_queue_alloc_security), 6684 selinux_msg_queue_alloc_security),
6807 LSM_HOOK_INIT(msg_queue_free_security, selinux_msg_queue_free_security),
6808 LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), 6685 LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate),
6809 LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), 6686 LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl),
6810 LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), 6687 LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd),
6811 LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), 6688 LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv),
6812 6689
6813 LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), 6690 LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security),
6814 LSM_HOOK_INIT(shm_free_security, selinux_shm_free_security),
6815 LSM_HOOK_INIT(shm_associate, selinux_shm_associate), 6691 LSM_HOOK_INIT(shm_associate, selinux_shm_associate),
6816 LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), 6692 LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl),
6817 LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), 6693 LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat),
6818 6694
6819 LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), 6695 LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security),
6820 LSM_HOOK_INIT(sem_free_security, selinux_sem_free_security),
6821 LSM_HOOK_INIT(sem_associate, selinux_sem_associate), 6696 LSM_HOOK_INIT(sem_associate, selinux_sem_associate),
6822 LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), 6697 LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl),
6823 LSM_HOOK_INIT(sem_semop, selinux_sem_semop), 6698 LSM_HOOK_INIT(sem_semop, selinux_sem_semop),
@@ -6928,16 +6803,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
6928 6803
6929static __init int selinux_init(void) 6804static __init int selinux_init(void)
6930{ 6805{
6931 if (!security_module_enable("selinux")) {
6932 selinux_enabled = 0;
6933 return 0;
6934 }
6935
6936 if (!selinux_enabled) {
6937 pr_info("SELinux: Disabled at boot.\n");
6938 return 0;
6939 }
6940
6941 pr_info("SELinux: Initializing.\n"); 6806 pr_info("SELinux: Initializing.\n");
6942 6807
6943 memset(&selinux_state, 0, sizeof(selinux_state)); 6808 memset(&selinux_state, 0, sizeof(selinux_state));
@@ -6951,12 +6816,6 @@ static __init int selinux_init(void)
6951 6816
6952 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC); 6817 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC);
6953 6818
6954 sel_inode_cache = kmem_cache_create("selinux_inode_security",
6955 sizeof(struct inode_security_struct),
6956 0, SLAB_PANIC, NULL);
6957 file_security_cache = kmem_cache_create("selinux_file_security",
6958 sizeof(struct file_security_struct),
6959 0, SLAB_PANIC, NULL);
6960 avc_init(); 6819 avc_init();
6961 6820
6962 avtab_cache_init(); 6821 avtab_cache_init();
@@ -6999,6 +6858,9 @@ void selinux_complete_init(void)
6999 all processes and objects when they are created. */ 6858 all processes and objects when they are created. */
7000DEFINE_LSM(selinux) = { 6859DEFINE_LSM(selinux) = {
7001 .name = "selinux", 6860 .name = "selinux",
6861 .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE,
6862 .enabled = &selinux_enabled,
6863 .blobs = &selinux_blob_sizes,
7002 .init = selinux_init, 6864 .init = selinux_init,
7003}; 6865};
7004 6866
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-04 03:27:21 -0400