diff options
| author | James Morris <james.l.morris@oracle.com> | 2013-10-22 07:26:41 -0400 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2013-10-22 07:26:41 -0400 |
| commit | 6f799c97f37fc0ee2c9c427fa0dada637394886c (patch) | |
| tree | 1953a953770b8047a95ef4d431bb693433922043 | |
| parent | eb8948a03704f3dbbfc7e83090e20e93c6c476d2 (diff) | |
| parent | 42d64e1add3a1ce8a787116036163b8724362145 (diff) | |
Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into ra-next
| -rw-r--r-- | include/linux/security.h | 26 | ||||
| -rw-r--r-- | security/capability.c | 15 | ||||
| -rw-r--r-- | security/security.c | 13 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 146 | ||||
| -rw-r--r-- | security/selinux/include/objsec.h | 4 | ||||
| -rw-r--r-- | security/selinux/include/security.h | 13 | ||||
| -rw-r--r-- | security/selinux/include/xfrm.h | 45 | ||||
| -rw-r--r-- | security/selinux/netlabel.c | 6 | ||||
| -rw-r--r-- | security/selinux/netnode.c | 2 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 4 | ||||
| -rw-r--r-- | security/selinux/ss/ebitmap.c | 20 | ||||
| -rw-r--r-- | security/selinux/ss/ebitmap.h | 10 | ||||
| -rw-r--r-- | security/selinux/ss/mls.c | 22 | ||||
| -rw-r--r-- | security/selinux/ss/mls_types.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/policydb.c | 3 | ||||
| -rw-r--r-- | security/selinux/ss/services.c | 66 | ||||
| -rw-r--r-- | security/selinux/xfrm.c | 453 |
17 files changed, 450 insertions, 400 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 9d37e2b9d3ec..5623a7f965b7 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -1052,17 +1052,25 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 1052 | * @xfrm_policy_delete_security: | 1052 | * @xfrm_policy_delete_security: |
| 1053 | * @ctx contains the xfrm_sec_ctx. | 1053 | * @ctx contains the xfrm_sec_ctx. |
| 1054 | * Authorize deletion of xp->security. | 1054 | * Authorize deletion of xp->security. |
| 1055 | * @xfrm_state_alloc_security: | 1055 | * @xfrm_state_alloc: |
| 1056 | * @x contains the xfrm_state being added to the Security Association | 1056 | * @x contains the xfrm_state being added to the Security Association |
| 1057 | * Database by the XFRM system. | 1057 | * Database by the XFRM system. |
| 1058 | * @sec_ctx contains the security context information being provided by | 1058 | * @sec_ctx contains the security context information being provided by |
| 1059 | * the user-level SA generation program (e.g., setkey or racoon). | 1059 | * the user-level SA generation program (e.g., setkey or racoon). |
| 1060 | * @secid contains the secid from which to take the mls portion of the context. | ||
| 1061 | * Allocate a security structure to the x->security field; the security | 1060 | * Allocate a security structure to the x->security field; the security |
| 1062 | * field is initialized to NULL when the xfrm_state is allocated. Set the | 1061 | * field is initialized to NULL when the xfrm_state is allocated. Set the |
| 1063 | * context to correspond to either sec_ctx or polsec, with the mls portion | 1062 | * context to correspond to sec_ctx. Return 0 if operation was successful |
| 1064 | * taken from secid in the latter case. | 1063 | * (memory to allocate, legal context). |
| 1065 | * Return 0 if operation was successful (memory to allocate, legal context). | 1064 | * @xfrm_state_alloc_acquire: |
| 1065 | * @x contains the xfrm_state being added to the Security Association | ||
| 1066 | * Database by the XFRM system. | ||
| 1067 | * @polsec contains the policy's security context. | ||
| 1068 | * @secid contains the secid from which to take the mls portion of the | ||
| 1069 | * context. | ||
| 1070 | * Allocate a security structure to the x->security field; the security | ||
| 1071 | * field is initialized to NULL when the xfrm_state is allocated. Set the | ||
| 1072 | * context to correspond to secid. Return 0 if operation was successful | ||
| 1073 | * (memory to allocate, legal context). | ||
| 1066 | * @xfrm_state_free_security: | 1074 | * @xfrm_state_free_security: |
| 1067 | * @x contains the xfrm_state. | 1075 | * @x contains the xfrm_state. |
| 1068 | * Deallocate x->security. | 1076 | * Deallocate x->security. |
| @@ -1679,9 +1687,11 @@ struct security_operations { | |||
| 1679 | int (*xfrm_policy_clone_security) (struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx); | 1687 | int (*xfrm_policy_clone_security) (struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx); |
| 1680 | void (*xfrm_policy_free_security) (struct xfrm_sec_ctx *ctx); | 1688 | void (*xfrm_policy_free_security) (struct xfrm_sec_ctx *ctx); |
| 1681 | int (*xfrm_policy_delete_security) (struct xfrm_sec_ctx *ctx); | 1689 | int (*xfrm_policy_delete_security) (struct xfrm_sec_ctx *ctx); |
| 1682 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, | 1690 | int (*xfrm_state_alloc) (struct xfrm_state *x, |
| 1683 | struct xfrm_user_sec_ctx *sec_ctx, | 1691 | struct xfrm_user_sec_ctx *sec_ctx); |
| 1684 | u32 secid); | 1692 | int (*xfrm_state_alloc_acquire) (struct xfrm_state *x, |
| 1693 | struct xfrm_sec_ctx *polsec, | ||
| 1694 | u32 secid); | ||
| 1685 | void (*xfrm_state_free_security) (struct xfrm_state *x); | 1695 | void (*xfrm_state_free_security) (struct xfrm_state *x); |
| 1686 | int (*xfrm_state_delete_security) (struct xfrm_state *x); | 1696 | int (*xfrm_state_delete_security) (struct xfrm_state *x); |
| 1687 | int (*xfrm_policy_lookup) (struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir); | 1697 | int (*xfrm_policy_lookup) (struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir); |
diff --git a/security/capability.c b/security/capability.c index dbeb9bc27b24..8b4f24ae4338 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -777,9 +777,15 @@ static int cap_xfrm_policy_delete_security(struct xfrm_sec_ctx *ctx) | |||
| 777 | return 0; | 777 | return 0; |
| 778 | } | 778 | } |
| 779 | 779 | ||
| 780 | static int cap_xfrm_state_alloc_security(struct xfrm_state *x, | 780 | static int cap_xfrm_state_alloc(struct xfrm_state *x, |
| 781 | struct xfrm_user_sec_ctx *sec_ctx, | 781 | struct xfrm_user_sec_ctx *sec_ctx) |
| 782 | u32 secid) | 782 | { |
| 783 | return 0; | ||
| 784 | } | ||
| 785 | |||
| 786 | static int cap_xfrm_state_alloc_acquire(struct xfrm_state *x, | ||
| 787 | struct xfrm_sec_ctx *polsec, | ||
| 788 | u32 secid) | ||
| 783 | { | 789 | { |
| 784 | return 0; | 790 | return 0; |
| 785 | } | 791 | } |
| @@ -1101,7 +1107,8 @@ void __init security_fixup_ops(struct security_operations *ops) | |||
| 1101 | set_to_cap_if_null(ops, xfrm_policy_clone_security); | 1107 | set_to_cap_if_null(ops, xfrm_policy_clone_security); |
| 1102 | set_to_cap_if_null(ops, xfrm_policy_free_security); | 1108 | set_to_cap_if_null(ops, xfrm_policy_free_security); |
| 1103 | set_to_cap_if_null(ops, xfrm_policy_delete_security); | 1109 | set_to_cap_if_null(ops, xfrm_policy_delete_security); |
| 1104 | set_to_cap_if_null(ops, xfrm_state_alloc_security); | 1110 | set_to_cap_if_null(ops, xfrm_state_alloc); |
| 1111 | set_to_cap_if_null(ops, xfrm_state_alloc_acquire); | ||
| 1105 | set_to_cap_if_null(ops, xfrm_state_free_security); | 1112 | set_to_cap_if_null(ops, xfrm_state_free_security); |
| 1106 | set_to_cap_if_null(ops, xfrm_state_delete_security); | 1113 | set_to_cap_if_null(ops, xfrm_state_delete_security); |
| 1107 | set_to_cap_if_null(ops, xfrm_policy_lookup); | 1114 | set_to_cap_if_null(ops, xfrm_policy_lookup); |
diff --git a/security/security.c b/security/security.c index 4dc31f4f2700..15b6928592ef 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -1340,22 +1340,17 @@ int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) | |||
| 1340 | return security_ops->xfrm_policy_delete_security(ctx); | 1340 | return security_ops->xfrm_policy_delete_security(ctx); |
| 1341 | } | 1341 | } |
| 1342 | 1342 | ||
| 1343 | int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) | 1343 | int security_xfrm_state_alloc(struct xfrm_state *x, |
| 1344 | struct xfrm_user_sec_ctx *sec_ctx) | ||
| 1344 | { | 1345 | { |
| 1345 | return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0); | 1346 | return security_ops->xfrm_state_alloc(x, sec_ctx); |
| 1346 | } | 1347 | } |
| 1347 | EXPORT_SYMBOL(security_xfrm_state_alloc); | 1348 | EXPORT_SYMBOL(security_xfrm_state_alloc); |
| 1348 | 1349 | ||
| 1349 | int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | 1350 | int security_xfrm_state_alloc_acquire(struct xfrm_state *x, |
| 1350 | struct xfrm_sec_ctx *polsec, u32 secid) | 1351 | struct xfrm_sec_ctx *polsec, u32 secid) |
| 1351 | { | 1352 | { |
| 1352 | if (!polsec) | 1353 | return security_ops->xfrm_state_alloc_acquire(x, polsec, secid); |
| 1353 | return 0; | ||
| 1354 | /* | ||
| 1355 | * We want the context to be taken from secid which is usually | ||
| 1356 | * from the sock. | ||
| 1357 | */ | ||
| 1358 | return security_ops->xfrm_state_alloc_security(x, NULL, secid); | ||
| 1359 | } | 1354 | } |
| 1360 | 1355 | ||
| 1361 | int security_xfrm_state_delete(struct xfrm_state *x) | 1356 | int security_xfrm_state_delete(struct xfrm_state *x) |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a5091ec06aa6..6d0bf5c0c832 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -95,7 +95,9 @@ | |||
| 95 | #include "audit.h" | 95 | #include "audit.h" |
| 96 | #include "avc_ss.h" | 96 | #include "avc_ss.h" |
| 97 | 97 | ||
| 98 | #define NUM_SEL_MNT_OPTS 5 | 98 | #define SB_TYPE_FMT "%s%s%s" |
| 99 | #define SB_SUBTYPE(sb) (sb->s_subtype && sb->s_subtype[0]) | ||
| 100 | #define SB_TYPE_ARGS(sb) sb->s_type->name, SB_SUBTYPE(sb) ? "." : "", SB_SUBTYPE(sb) ? sb->s_subtype : "" | ||
| 99 | 101 | ||
| 100 | extern struct security_operations *security_ops; | 102 | extern struct security_operations *security_ops; |
| 101 | 103 | ||
| @@ -139,12 +141,28 @@ static struct kmem_cache *sel_inode_cache; | |||
| 139 | * This function checks the SECMARK reference counter to see if any SECMARK | 141 | * This function checks the SECMARK reference counter to see if any SECMARK |
| 140 | * targets are currently configured, if the reference counter is greater than | 142 | * targets are currently configured, if the reference counter is greater than |
| 141 | * zero SECMARK is considered to be enabled. Returns true (1) if SECMARK is | 143 | * zero SECMARK is considered to be enabled. Returns true (1) if SECMARK is |
| 142 | * enabled, false (0) if SECMARK is disabled. | 144 | * enabled, false (0) if SECMARK is disabled. If the always_check_network |
| 145 | * policy capability is enabled, SECMARK is always considered enabled. | ||
| 143 | * | 146 | * |
| 144 | */ | 147 | */ |
| 145 | static int selinux_secmark_enabled(void) | 148 | static int selinux_secmark_enabled(void) |
| 146 | { | 149 | { |
| 147 | return (atomic_read(&selinux_secmark_refcount) > 0); | 150 | return (selinux_policycap_alwaysnetwork || atomic_read(&selinux_secmark_refcount)); |
| 151 | } | ||
| 152 | |||
| 153 | /** | ||
| 154 | * selinux_peerlbl_enabled - Check to see if peer labeling is currently enabled | ||
| 155 | * | ||
| 156 | * Description: | ||
| 157 | * This function checks if NetLabel or labeled IPSEC is enabled. Returns true | ||
| 158 | * (1) if any are enabled or false (0) if neither are enabled. If the | ||
| 159 | * always_check_network policy capability is enabled, peer labeling | ||
| 160 | * is | ||
