aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/avc.c
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2010-01-14 17:28:10 -0500
committerJames Morris <jmorris@namei.org>2010-01-17 17:54:26 -0500
commit19439d05b88dafc4e55d9ffce84ccc27cf8b2bcc (patch)
treee529e1bbba49f30684c3b88a67df1d62ba3e11b1 /security/selinux/avc.c
parent8d9525048c74786205b99f3fcd05a839721edfb7 (diff)
selinux: change the handling of unknown classes
If allow_unknown==deny, SELinux treats an undefined kernel security class as an error condition rather than as a typical permission denial and thus does not allow permissions on undefined classes even when in permissive mode. Change the SELinux logic so that this case is handled as a typical permission denial, subject to the usual permissive mode and permissive domain handling. Also drop the 'requested' argument from security_compute_av() and helpers as it is a legacy of the original security server interface and is unused. Changes: - Handle permissive domains consistently by moving up the test for a permissive domain. - Make security_compute_av_user() consistent with security_compute_av(); the only difference now is that security_compute_av() performs mapping between the kernel-private class and permission indices and the policy values. In the userspace case, this mapping is handled by libselinux. - Moved avd_init inside the policy lock. Based in part on a patch by Paul Moore <paul.moore@hp.com>. Reported-by: Andrew Worsley <amworsley@gmail.com> Signed-off-by: Stephen D. Smalley <sds@tycho.nsa.gov> Reviewed-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/avc.c')
-rw-r--r--security/selinux/avc.c5
1 files changed, 1 insertions, 4 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index f2dde268165a..3ee9b6a8beb6 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -746,9 +746,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
746 else 746 else
747 avd = &avd_entry; 747 avd = &avd_entry;
748 748
749 rc = security_compute_av(ssid, tsid, tclass, requested, avd); 749 security_compute_av(ssid, tsid, tclass, avd);
750 if (rc)
751 goto out;
752 rcu_read_lock(); 750 rcu_read_lock();
753 node = avc_insert(ssid, tsid, tclass, avd); 751 node = avc_insert(ssid, tsid, tclass, avd);
754 } else { 752 } else {
@@ -770,7 +768,6 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
770 } 768 }
771 769
772 rcu_read_unlock(); 770 rcu_read_unlock();
773out:
774 return rc; 771 return rc;
775} 772}
776 773