aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-03-05 10:31:54 -0500
committerJames Morris <jmorris@namei.org>2008-03-05 16:40:53 -0500
commite0007529893c1c064be90bd21422ca0da4a0198e (patch)
treec2334ba940e682183a18d18972cf95bd3a3da46a /include/linux
parent29e8c3c304b62f31b799565c9ee85d42bd163f80 (diff)
LSM/SELinux: Interfaces to allow FS to control mount options
Introduce new LSM interfaces to allow an FS to deal with their own mount options. This includes a new string parsing function exported from the LSM that an FS can use to get a security data blob and a new security data blob. This is particularly useful for an FS which uses binary mount data, like NFS, which does not pass strings into the vfs to be handled by the loaded LSM. Also fix a BUG() in both SELinux and SMACK when dealing with binary mount data. If the binary mount data is less than one page the copy_page() in security_sb_copy_data() can cause an illegal page fault and boom. Remove all NFSisms from the SELinux code since they were broken by past NFS changes. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/security.h99
1 files changed, 74 insertions, 25 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index fe52cdeab0a6..b07357ca2137 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -34,12 +34,6 @@
34#include <linux/xfrm.h> 34#include <linux/xfrm.h>
35#include <net/flow.h> 35#include <net/flow.h>
36 36
37/* only a char in selinux superblock security struct flags */
38#define FSCONTEXT_MNT 0x01
39#define CONTEXT_MNT 0x02
40#define ROOTCONTEXT_MNT 0x04
41#define DEFCONTEXT_MNT 0x08
42
43extern unsigned securebits; 37extern unsigned securebits;
44 38
45struct ctl_table; 39struct ctl_table;
@@ -114,6 +108,32 @@ struct request_sock;
114 108
115#ifdef CONFIG_SECURITY 109#ifdef CONFIG_SECURITY
116 110
111struct security_mnt_opts {
112 char **mnt_opts;
113 int *mnt_opts_flags;
114 int num_mnt_opts;
115};
116
117static inline void security_init_mnt_opts(struct security_mnt_opts *opts)
118{
119 opts->mnt_opts = NULL;
120 opts->mnt_opts_flags = NULL;
121 opts->num_mnt_opts = 0;
122}
123
124static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
125{
126 int i;
127 if (opts->mnt_opts)
128 for(i = 0; i < opts->num_mnt_opts; i++)
129 kfree(opts->mnt_opts[i]);
130 kfree(opts->mnt_opts);
131 opts->mnt_opts = NULL;
132 kfree(opts->mnt_opts_flags);
133 opts->mnt_opts_flags = NULL;
134 opts->num_mnt_opts = 0;
135}
136
117/** 137/**
118 * struct security_operations - main security structure 138 * struct security_operations - main security structure
119 * 139 *
@@ -262,19 +282,19 @@ struct request_sock;
262 * @sb_get_mnt_opts: 282 * @sb_get_mnt_opts:
263 * Get the security relevant mount options used for a superblock 283 * Get the security relevant mount options used for a superblock
264 * @sb the superblock to get security mount options from 284 * @sb the superblock to get security mount options from
265 * @mount_options array for pointers to mount options 285 * @opts binary data structure containing all lsm mount data
266 * @mount_flags array of ints specifying what each mount options is
267 * @num_opts number of options in the arrays
268 * @sb_set_mnt_opts: 286 * @sb_set_mnt_opts:
269 * Set the security relevant mount options used for a superblock 287 * Set the security relevant mount options used for a superblock
270 * @sb the superblock to set security mount options for 288 * @sb the superblock to set security mount options for
271 * @mount_options array for pointers to mount options 289 * @opts binary data structure containing all lsm mount data
272 * @mount_flags array of ints specifying what each mount options is
273 * @num_opts number of options in the arrays
274 * @sb_clone_mnt_opts: 290 * @sb_clone_mnt_opts:
275 * Copy all security options from a given superblock to another 291 * Copy all security options from a given superblock to another
276 * @oldsb old superblock which contain information to clone 292 * @oldsb old superblock which contain information to clone
277 * @newsb new superblock which needs filled in 293 * @newsb new superblock which needs filled in
294 * @sb_parse_opts_str:
295 * Parse a string of security data filling in the opts structure
296 * @options string containing all mount options known by the LSM
297 * @opts binary data structure usable by the LSM
278 * 298 *
279 * Security hooks for inode operations. 299 * Security hooks for inode operations.
280 * 300 *
@@ -1238,8 +1258,7 @@ struct security_operations {
1238 1258
1239 int (*sb_alloc_security) (struct super_block * sb); 1259 int (*sb_alloc_security) (struct super_block * sb);
1240 void (*sb_free_security) (struct super_block * sb); 1260 void (*sb_free_security) (struct super_block * sb);
1241 int (*sb_copy_data)(struct file_system_type *type, 1261 int (*sb_copy_data)(char *orig, char *copy);
1242 void *orig, void *copy);
1243 int (*sb_kern_mount) (struct super_block *sb, void *data); 1262 int (*sb_kern_mount) (struct super_block *sb, void *data);
1244 int (*sb_statfs) (struct dentry *dentry); 1263 int (*sb_statfs) (struct dentry *dentry);
1245 int (*sb_mount) (char *dev_name, struct nameidata * nd, 1264 int (*sb_mount) (char *dev_name, struct nameidata * nd,
@@ -1257,12 +1276,12 @@ struct security_operations {
1257 void (*sb_post_pivotroot) (struct nameidata * old_nd, 1276 void (*sb_post_pivotroot) (struct nameidata * old_nd,
1258 struct nameidata * new_nd); 1277 struct nameidata * new_nd);
1259 int (*sb_get_mnt_opts) (const struct super_block *sb, 1278 int (*sb_get_mnt_opts) (const struct super_block *sb,
1260 char ***mount_options, int **flags, 1279 struct security_mnt_opts *opts);
1261 int *num_opts); 1280 int (*sb_set_mnt_opts) (struct super_block *sb,
1262 int (*sb_set_mnt_opts) (struct super_block *sb, char **mount_options, 1281 struct security_mnt_opts *opts);
1263 int *flags, int num_opts);
1264 void (*sb_clone_mnt_opts) (const struct super_block *oldsb, 1282 void (*sb_clone_mnt_opts) (const struct super_block *oldsb,
1265 struct super_block *newsb); 1283 struct super_block *newsb);
1284 int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts);
1266 1285
1267 int (*inode_alloc_security) (struct inode *inode); 1286 int (*inode_alloc_security) (struct inode *inode);
1268 void (*inode_free_security) (struct inode *inode); 1287 void (*inode_free_security) (struct inode *inode);
@@ -1507,7 +1526,7 @@ int security_bprm_check(struct linux_binprm *bprm);
1507int security_bprm_secureexec(struct linux_binprm *bprm); 1526int security_bprm_secureexec(struct linux_binprm *bprm);
1508int security_sb_alloc(struct super_block *sb); 1527int security_sb_alloc(struct super_block *sb);
1509void security_sb_free(struct super_block *sb); 1528void security_sb_free(struct super_block *sb);
1510int security_sb_copy_data(struct file_system_type *type, void *orig, void *copy); 1529int security_sb_copy_data(char *orig, char *copy);
1511int security_sb_kern_mount(struct super_block *sb, void *data); 1530int security_sb_kern_mount(struct super_block *sb, void *data);
1512int security_sb_statfs(struct dentry *dentry); 1531int security_sb_statfs(struct dentry *dentry);
1513int security_sb_mount(char *dev_name, struct nameidata *nd, 1532int security_sb_mount(char *dev_name, struct nameidata *nd,
@@ -1520,12 +1539,12 @@ void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *d
1520void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd); 1539void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd);
1521int security_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd); 1540int security_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd);
1522void security_sb_post_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd); 1541void security_sb_post_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd);
1523int security_sb_get_mnt_opts(const struct super_block *sb, char ***mount_options, 1542int security_sb_get_mnt_opts(const struct super_block *sb,
1524 int **flags, int *num_opts); 1543 struct security_mnt_opts *opts);
1525int security_sb_set_mnt_opts(struct super_block *sb, char **mount_options, 1544int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts);
1526 int *flags, int num_opts);
1527void security_sb_clone_mnt_opts(const struct super_block *oldsb, 1545void security_sb_clone_mnt_opts(const struct super_block *oldsb,
1528 struct super_block *newsb); 1546 struct super_block *newsb);
1547int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts);
1529 1548
1530int security_inode_alloc(struct inode *inode); 1549int security_inode_alloc(struct inode *inode);
1531void security_inode_free(struct inode *inode); 1550void security_inode_free(struct inode *inode);
@@ -1635,6 +1654,16 @@ int security_secctx_to_secid(char *secdata, u32 seclen, u32 *secid);
1635void security_release_secctx(char *secdata, u32 seclen); 1654void security_release_secctx(char *secdata, u32 seclen);
1636 1655
1637#else /* CONFIG_SECURITY */ 1656#else /* CONFIG_SECURITY */
1657struct security_mnt_opts {
1658};
1659
1660static inline void security_init_mnt_opts(struct security_mnt_opts *opts)
1661{
1662}
1663
1664static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1665{
1666}
1638 1667
1639/* 1668/*
1640 * This is the default capabilities functionality. Most of these functions 1669 * This is the default capabilities functionality. Most of these functions
@@ -1762,8 +1791,7 @@ static inline int security_sb_alloc (struct super_block *sb)
1762static inline void security_sb_free (struct super_block *sb) 1791static inline void security_sb_free (struct super_block *sb)
1763{ } 1792{ }
1764 1793
1765static inline int security_sb_copy_data (struct file_system_type *type, 1794static inline int security_sb_copy_data (char *orig, char *copy)
1766 void *orig, void *copy)
1767{ 1795{
1768 return 0; 1796 return 0;
1769} 1797}
@@ -1819,6 +1847,27 @@ static inline int security_sb_pivotroot (struct nameidata *old_nd,
1819static inline void security_sb_post_pivotroot (struct nameidata *old_nd, 1847static inline void security_sb_post_pivotroot (struct nameidata *old_nd,
1820 struct nameidata *new_nd) 1848 struct nameidata *new_nd)
1821{ } 1849{ }
1850static inline int security_sb_get_mnt_opts(const struct super_block *sb,
1851 struct security_mnt_opts *opts)
1852{
1853 security_init_mnt_opts(opts);
1854 return 0;
1855}
1856
1857static inline int security_sb_set_mnt_opts(struct super_block *sb,
1858 struct security_mnt_opts *opts)
1859{
1860 return 0;
1861}
1862
1863static inline void security_sb_clone_mnt_opts(const struct super_block *oldsb,
1864 struct super_block *newsb)
1865{ }
1866
1867static inline int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts)
1868{
1869 return 0;
1870}
1822 1871
1823static inline int security_inode_alloc (struct inode *inode) 1872static inline int security_inode_alloc (struct inode *inode)
1824{ 1873{