diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2010-01-14 17:28:10 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-01-17 17:54:26 -0500 |
commit | 19439d05b88dafc4e55d9ffce84ccc27cf8b2bcc (patch) | |
tree | e529e1bbba49f30684c3b88a67df1d62ba3e11b1 /security/selinux/avc.c | |
parent | 8d9525048c74786205b99f3fcd05a839721edfb7 (diff) |
selinux: change the handling of unknown classes
If allow_unknown==deny, SELinux treats an undefined kernel security
class as an error condition rather than as a typical permission denial
and thus does not allow permissions on undefined classes even when in
permissive mode. Change the SELinux logic so that this case is handled
as a typical permission denial, subject to the usual permissive mode and
permissive domain handling.
Also drop the 'requested' argument from security_compute_av() and
helpers as it is a legacy of the original security server interface and
is unused.
Changes:
- Handle permissive domains consistently by moving up the test for a
permissive domain.
- Make security_compute_av_user() consistent with security_compute_av();
the only difference now is that security_compute_av() performs mapping
between the kernel-private class and permission indices and the policy
values. In the userspace case, this mapping is handled by libselinux.
- Moved avd_init inside the policy lock.
Based in part on a patch by Paul Moore <paul.moore@hp.com>.
Reported-by: Andrew Worsley <amworsley@gmail.com>
Signed-off-by: Stephen D. Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/avc.c')
-rw-r--r-- | security/selinux/avc.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index f2dde268165a..3ee9b6a8beb6 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
@@ -746,9 +746,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid, | |||
746 | else | 746 | else |
747 | avd = &avd_entry; | 747 | avd = &avd_entry; |
748 | 748 | ||
749 | rc = security_compute_av(ssid, tsid, tclass, requested, avd); | 749 | security_compute_av(ssid, tsid, tclass, avd); |
750 | if (rc) | ||
751 | goto out; | ||
752 | rcu_read_lock(); | 750 | rcu_read_lock(); |
753 | node = avc_insert(ssid, tsid, tclass, avd); | 751 | node = avc_insert(ssid, tsid, tclass, avd); |
754 | } else { | 752 | } else { |
@@ -770,7 +768,6 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid, | |||
770 | } | 768 | } |
771 | 769 | ||
772 | rcu_read_unlock(); | 770 | rcu_read_unlock(); |
773 | out: | ||
774 | return rc; | 771 | return rc; |
775 | } | 772 | } |
776 | 773 | ||