diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2009-10-01 14:48:23 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-10-07 06:56:46 -0400 |
commit | 941fc5b2bf8f7dd1d0a9c502e152fa719ff6578e (patch) | |
tree | c2f579e6fcc5bee6659527db7ccfb661acfe196c | |
parent | 8753f6bec352392b52ed9b5e290afb34379f4612 (diff) |
selinux: drop remapping of netlink classes
Drop remapping of netlink classes and bypass of permission checking
based on netlink message type for policy version < 18. This removes
compatibility code introduced when the original single netlink
security class used for all netlink sockets was split into
finer-grained netlink classes based on netlink protocol and when
permission checking was added based on netlink message type in Linux
2.6.8. The only known distribution that shipped with SELinux and
policy < 18 was Fedora Core 2, which was EOL'd on 2005-04-11.
Given that the remapping code was never updated to address the
addition of newer netlink classes, that the corresponding userland
support was dropped in 2005, and that the assumptions made by the
remapping code about the fixed ordering among netlink classes in the
policy may be violated in the future due to the dynamic class/perm
discovery support, we should drop this compatibility code now.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/hooks.c | 6 | ||||
-rw-r--r-- | security/selinux/ss/services.c | 25 |
2 files changed, 1 insertions, 30 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a985d0bc59bb..a29d6612a328 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -91,7 +91,6 @@ | |||
91 | 91 | ||
92 | #define NUM_SEL_MNT_OPTS 5 | 92 | #define NUM_SEL_MNT_OPTS 5 |
93 | 93 | ||
94 | extern unsigned int policydb_loaded_version; | ||
95 | extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm); | 94 | extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm); |
96 | extern struct security_operations *security_ops; | 95 | extern struct security_operations *security_ops; |
97 | 96 | ||
@@ -4714,10 +4713,7 @@ static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) | |||
4714 | if (err) | 4713 | if (err) |
4715 | return err; | 4714 | return err; |
4716 | 4715 | ||
4717 | if (policydb_loaded_version >= POLICYDB_VERSION_NLCLASS) | 4716 | return selinux_nlmsg_perm(sk, skb); |
4718 | err = selinux_nlmsg_perm(sk, skb); | ||
4719 | |||
4720 | return err; | ||
4721 | } | 4717 | } |
4722 | 4718 | ||
4723 | static int selinux_netlink_recv(struct sk_buff *skb, int capability) | 4719 | static int selinux_netlink_recv(struct sk_buff *skb, int capability) |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e19baa81fdec..f270e378c0e4 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -65,7 +65,6 @@ | |||
65 | #include "audit.h" | 65 | #include "audit.h" |
66 | 66 | ||
67 | extern void selnl_notify_policyload(u32 seqno); | 67 | extern void selnl_notify_policyload(u32 seqno); |
68 | unsigned int policydb_loaded_version; | ||
69 | 68 | ||
70 | int selinux_policycap_netpeer; | 69 | int selinux_policycap_netpeer; |
71 | int selinux_policycap_openperm; | 70 | int selinux_policycap_openperm; |
@@ -617,17 +616,6 @@ static int context_struct_compute_av(struct context *scontext, | |||
617 | unsigned int i, j; | 616 | unsigned int i, j; |
618 | 617 | ||
619 | /* | 618 | /* |
620 | * Remap extended Netlink classes for old policy versions. | ||
621 | * Do this here rather than socket_type_to_security_class() | ||
622 | * in case a newer policy version is loaded, allowing sockets | ||
623 | * to remain in the correct class. | ||
624 | */ | ||
625 | if (policydb_loaded_version < POLICYDB_VERSION_NLCLASS) | ||
626 | if (tclass >= unmap_class(SECCLASS_NETLINK_ROUTE_SOCKET) && | ||
627 | tclass <= unmap_class(SECCLASS_NETLINK_DNRT_SOCKET)) | ||
628 | tclass = unmap_class(SECCLASS_NETLINK_SOCKET); | ||
629 | |||
630 | /* | ||
631 | * Initialize the access vectors to the default values. | 619 | * Initialize the access vectors to the default values. |
632 | */ | 620 | */ |
633 | avd->allowed = 0; | 621 | avd->allowed = 0; |
@@ -761,17 +749,6 @@ int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid, | |||
761 | 749 | ||
762 | tclass = unmap_class(orig_tclass); | 750 | tclass = unmap_class(orig_tclass); |
763 | 751 | ||
764 | /* | ||
765 | * Remap extended Netlink classes for old policy versions. | ||
766 | * Do this here rather than socket_type_to_security_class() | ||
767 | * in case a newer policy version is loaded, allowing sockets | ||
768 | * to remain in the correct class. | ||
769 | */ | ||
770 | if (policydb_loaded_version < POLICYDB_VERSION_NLCLASS) | ||
771 | if (tclass >= unmap_class(SECCLASS_NETLINK_ROUTE_SOCKET) && | ||
772 | tclass <= unmap_class(SECCLASS_NETLINK_DNRT_SOCKET)) | ||
773 | tclass = unmap_class(SECCLASS_NETLINK_SOCKET); | ||
774 | |||
775 | if (!tclass || tclass > policydb.p_classes.nprim) { | 752 | if (!tclass || tclass > policydb.p_classes.nprim) { |
776 | printk(KERN_ERR "SELinux: %s: unrecognized class %d\n", | 753 | printk(KERN_ERR "SELinux: %s: unrecognized class %d\n", |
777 | __func__, tclass); | 754 | __func__, tclass); |
@@ -1766,7 +1743,6 @@ int security_load_policy(void *data, size_t len) | |||
1766 | return -EINVAL; | 1743 | return -EINVAL; |
1767 | } | 1744 | } |
1768 | security_load_policycaps(); | 1745 | security_load_policycaps(); |
1769 | policydb_loaded_version = policydb.policyvers; | ||
1770 | ss_initialized = 1; | 1746 | ss_initialized = 1; |
1771 | seqno = ++latest_granting; | 1747 | seqno = ++latest_granting; |
1772 | selinux_complete_init(); | 1748 | selinux_complete_init(); |
@@ -1829,7 +1805,6 @@ int security_load_policy(void *data, size_t len) | |||
1829 | current_mapping = map; | 1805 | current_mapping = map; |
1830 | current_mapping_size = map_size; | 1806 | current_mapping_size = map_size; |
1831 | seqno = ++latest_granting; | 1807 | seqno = ++latest_granting; |
1832 | policydb_loaded_version = policydb.policyvers; | ||
1833 | write_unlock_irq(&policy_rwlock); | 1808 | write_unlock_irq(&policy_rwlock); |
1834 | 1809 | ||
1835 | /* Free the old policydb and SID table. */ | 1810 | /* Free the old policydb and SID table. */ |