diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:19 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:19 -0500 |
| commit | 275bb41e9d058fbb327e7642f077e1beaeac162e (patch) | |
| tree | 049fdbb39ca43e7b3b9abf36ad279b31488121bc /security/selinux/hooks.c | |
| parent | c69e8d9c01db2adc503464993c358901c9af9de4 (diff) | |
CRED: Wrap access to SELinux's task SID
Wrap access to SELinux's task SID, using task_sid() and current_sid() as
appropriate.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 412 |
1 files changed, 218 insertions, 194 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 658435dce37c..3f3de565c242 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -172,10 +172,35 @@ static int cred_alloc_security(struct cred *cred) | |||
| 172 | return 0; | 172 | return 0; |
| 173 | } | 173 | } |
| 174 | 174 | ||
| 175 | /* | ||
| 176 | * get the security ID of a task | ||
| 177 | */ | ||
| 178 | static inline u32 task_sid(const struct task_struct *task) | ||
| 179 | { | ||
| 180 | const struct task_security_struct *tsec; | ||
| 181 | u32 sid; | ||
| 182 | |||
| 183 | rcu_read_lock(); | ||
| 184 | tsec = __task_cred(task)->security; | ||
| 185 | sid = tsec->sid; | ||
| 186 | rcu_read_unlock(); | ||
| 187 | return sid; | ||
| 188 | } | ||
| 189 | |||
| 190 | /* | ||
| 191 | * get the security ID of the current task | ||
| 192 | */ | ||
| 193 | static inline u32 current_sid(void) | ||
| 194 | { | ||
| 195 | const struct task_security_struct *tsec = current_cred()->security; | ||
| 196 | |||
| 197 | return tsec->sid; | ||
| 198 | } | ||
| 199 | |||
| 175 | static int inode_alloc_security(struct inode *inode) | 200 | static int inode_alloc_security(struct inode *inode) |
| 176 | { | 201 | { |
| 177 | struct task_security_struct *tsec = current->cred->security; | ||
| 178 | struct inode_security_struct *isec; | 202 | struct inode_security_struct *isec; |
| 203 | u32 sid = current_sid(); | ||
| 179 | 204 | ||
| 180 | isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS); | 205 | isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS); |
| 181 | if (!isec) | 206 | if (!isec) |
| @@ -186,7 +211,7 @@ static int inode_alloc_security(struct inode *inode) | |||
| 186 | isec->inode = inode; | 211 | isec->inode = inode; |
| 187 | isec->sid = SECINITSID_UNLABELED; | 212 | isec->sid = SECINITSID_UNLABELED; |
| 188 | isec->sclass = SECCLASS_FILE; | 213 | isec->sclass = SECCLASS_FILE; |
| 189 | isec->task_sid = tsec->sid; | 214 | isec->task_sid = sid; |
| 190 | inode->i_security = isec; | 215 | inode->i_security = isec; |
| 191 | 216 | ||
| 192 | return 0; | 217 | return 0; |
| @@ -208,15 +233,15 @@ static void inode_free_security(struct inode *inode) | |||
| 208 | 233 | ||
| 209 | static int file_alloc_security(struct file *file) | 234 | static int file_alloc_security(struct file *file) |
| 210 | { | 235 | { |
| 211 | struct task_security_struct *tsec = current->cred->security; | ||
| 212 | struct file_security_struct *fsec; | 236 | struct file_security_struct *fsec; |
| 237 | u32 sid = current_sid(); | ||
| 213 | 238 | ||
| 214 | fsec = kzalloc(sizeof(struct file_security_struct), GFP_KERNEL); | 239 | fsec = kzalloc(sizeof(struct file_security_struct), GFP_KERNEL); |
| 215 | if (!fsec) | 240 | if (!fsec) |
| 216 | return -ENOMEM; | 241 | return -ENOMEM; |
| 217 | 242 | ||
| 218 | fsec->sid = tsec->sid; | 243 | fsec->sid = sid; |
| 219 | fsec->fown_sid = tsec->sid; | 244 | fsec->fown_sid = sid; |
| 220 | file->f_security = fsec; | 245 | file->f_security = fsec; |
| 221 | 246 | ||
| 222 | return 0; | 247 | return 0; |
| @@ -331,8 +356,9 @@ static const match_table_t tokens = { | |||
| 331 | 356 | ||
| 332 | static int may_context_mount_sb_relabel(u32 sid, | 357 | static int may_context_mount_sb_relabel(u32 sid, |
| 333 | struct superblock_security_struct *sbsec, | 358 | struct superblock_security_struct *sbsec, |
| 334 | struct task_security_struct *tsec) | 359 | const struct cred *cred) |
| 335 | { | 360 | { |
| 361 | const struct task_security_struct *tsec = cred->security; | ||
| 336 | int rc; | 362 | int rc; |
| 337 | 363 | ||
| 338 | rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, | 364 | rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, |
| @@ -347,8 +373,9 @@ static int may_context_mount_sb_relabel(u32 sid, | |||
| 347 | 373 | ||
| 348 | static int may_context_mount_inode_relabel(u32 sid, | 374 | static int may_context_mount_inode_relabel(u32 sid, |
| 349 | struct superblock_security_struct *sbsec, | 375 | struct superblock_security_struct *sbsec, |
| 350 | struct task_security_struct *tsec) | 376 | const struct cred *cred) |
| 351 | { | 377 | { |
| 378 | const struct task_security_struct *tsec = cred->security; | ||
| 352 | int rc; | 379 | int rc; |
| 353 | rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, | 380 | rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, |
| 354 | FILESYSTEM__RELABELFROM, NULL); | 381 | FILESYSTEM__RELABELFROM, NULL); |
| @@ -546,8 +573,8 @@ static int bad_option(struct superblock_security_struct *sbsec, char flag, | |||
| 546 | static int selinux_set_mnt_opts(struct super_block *sb, | 573 | static int selinux_set_mnt_opts(struct super_block *sb, |
| 547 | struct security_mnt_opts *opts) | 574 | struct security_mnt_opts *opts) |
| 548 | { | 575 | { |
| 576 | const struct cred *cred = current_cred(); | ||
| 549 | int rc = 0, i; | 577 | int rc = 0, i; |
| 550 | struct task_security_struct *tsec = current->cred->security; | ||
| 551 | struct superblock_security_struct *sbsec = sb->s_security; | 578 | struct superblock_security_struct *sbsec = sb->s_security; |
| 552 | const char *name = sb->s_type->name; | 579 | const char *name = sb->s_type->name; |
| 553 | struct inode *inode = sbsec->sb->s_root->d_inode; | 580 | struct inode *inode = sbsec->sb->s_root->d_inode; |
| @@ -673,8 +700,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, | |||
| 673 | 700 | ||
| 674 | /* sets the context of the superblock for the fs being mounted. */ | 701 | /* sets the context of the superblock for the fs being mounted. */ |
| 675 | if (fscontext_sid) { | 702 | if (fscontext_sid) { |
| 676 | 703 | rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred); | |
| 677 | rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, tsec); | ||
| 678 | if (rc) | 704 | if (rc) |
| 679 | goto out; | 705 | goto out; |
| 680 | 706 | ||
| @@ -688,12 +714,14 @@ static int selinux_set_mnt_opts(struct super_block *sb, | |||
| 688 | */ | 714 | */ |
| 689 | if (context_sid) { | 715 | if (context_sid) { |
| 690 | if (!fscontext_sid) { | 716 | if (!fscontext_sid) { |
| 691 | rc = may_context_mount_sb_relabel(context_sid, sbsec, tsec); | 717 | rc = may_context_mount_sb_relabel(context_sid, sbsec, |
| 718 | cred); | ||
| 692 | if (rc) | 719 | if (rc) |
| 693 | goto out; | 720 | goto out; |
| 694 | sbsec->sid = context_sid; | 721 | sbsec->sid = context_sid; |
| 695 | } else { | 722 | } else { |
| 696 | rc = may_context_mount_inode_relabel(context_sid, sbsec, tsec); | 723 | rc = may_context_mount_inode_relabel(context_sid, sbsec, |
| 724 | cred); | ||
| 697 | if (rc) | 725 | if (rc) |
| 698 | goto out; | 726 | goto out; |
| 699 | } | 727 | } |
| @@ -705,7 +733,8 @@ static int selinux_set_mnt_opts(struct super_block *sb, | |||
| 705 | } | 733 | } |
| 706 | 734 | ||
| 707 | if (rootcontext_sid) { | 735 | if (rootcontext_sid) { |
| 708 | rc = may_context_mount_inode_relabel(rootcontext_sid, sbsec, tsec); | 736 | rc = may_context_mount_inode_relabel(rootcontext_sid, sbsec, |
| 737 | cred); | ||
| 709 | if (rc) | 738 | if (rc) |
| 710 | goto out; | 739 | goto out; |
| 711 | 740 | ||
| @@ -723,7 +752,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, | |||
| 723 | 752 | ||
| 724 | if (defcontext_sid != sbsec->def_sid) { | 753 | if (defcontext_sid != sbsec->def_sid) { |
| 725 | rc = may_context_mount_inode_relabel(defcontext_sid, | 754 | rc = may_context_mount_inode_relabel(defcontext_sid, |
| 726 | sbsec, tsec); | 755 | sbsec, cred); |
| 727 | if (rc) | 756 | if (rc) |
| 728 | goto out; | 757 | goto out; |
| 729 | } | 758 | } |
| @@ -1338,18 +1367,23 @@ static inline u32 signal_to_av(int sig) | |||
| 1338 | return perm; | 1367 | return perm; |
| 1339 | } | 1368 | } |
| 1340 | 1369 | ||
| 1341 | /* Check permission betweeen a pair of tasks, e.g. signal checks, | 1370 | /* |
| 1342 | fork check, ptrace check, etc. */ | 1371 | * Check permission betweeen a pair of tasks, e.g. signal checks, |
| 1343 | static int task_has_perm(struct task_struct *tsk1, | 1372 | * fork check, ptrace check, etc. |
| 1344 | struct task_struct *tsk2, | 1373 | * tsk1 is the actor and tsk2 is the target |
| 1374 | */ | ||
| 1375 | static int task_has_perm(const struct task_struct *tsk1, | ||
| 1376 | const struct task_struct *tsk2, | ||
| 1345 | u32 perms) | 1377 | u32 perms) |
| 1346 | { | 1378 | { |
| 1347 | struct task_security_struct *tsec1, *tsec2; | 1379 | const struct task_security_struct *__tsec1, *__tsec2; |
| 1380 | u32 sid1, sid2; | ||
| 1348 | 1381 | ||
| 1349 | tsec1 = tsk1->cred->security; | 1382 | rcu_read_lock(); |
| 1350 | tsec2 = tsk2->cred->security; | 1383 | __tsec1 = __task_cred(tsk1)->security; sid1 = __tsec1->sid; |
| 1351 | return avc_has_perm(tsec1->sid, tsec2->sid, | 1384 | __tsec2 = __task_cred(tsk2)->security; sid2 = __tsec2->sid; |
| 1352 | SECCLASS_PROCESS, perms, NULL); | 1385 | rcu_read_unlock(); |
| 1386 | return avc_has_perm(sid1, sid2, SECCLASS_PROCESS, perms, NULL); | ||
| 1353 | } | 1387 | } |
| 1354 | 1388 | ||
| 1355 | #if CAP_LAST_CAP > 63 | 1389 | #if CAP_LAST_CAP > 63 |
| @@ -1360,15 +1394,13 @@ static int task_has_perm(struct task_struct *tsk1, | |||
| 1360 | static int task_has_capability(struct task_struct *tsk, | 1394 | static int task_has_capability(struct task_struct *tsk, |
| 1361 | int cap, int audit) | 1395 | int cap, int audit) |
| 1362 | { | 1396 | { |
| 1363 | struct task_security_struct *tsec; | ||
| 1364 | struct avc_audit_data ad; | 1397 | struct avc_audit_data ad; |
| 1365 | struct av_decision avd; | 1398 | struct av_decision avd; |
| 1366 | u16 sclass; | 1399 | u16 sclass; |
| 1400 | u32 sid = task_sid(tsk); | ||
| 1367 | u32 av = CAP_TO_MASK(cap); | 1401 | u32 av = CAP_TO_MASK(cap); |
| 1368 | int rc; | 1402 | int rc; |
| 1369 | 1403 | ||
| 1370 | tsec = tsk->cred->security; | ||
| 1371 | |||
| 1372 | AVC_AUDIT_DATA_INIT(&ad, CAP); | 1404 | AVC_AUDIT_DATA_INIT(&ad, CAP); |
| 1373 | ad.tsk = tsk; | 1405 | ad.tsk = tsk; |
| 1374 | ad.u.cap = cap; | 1406 | ad.u.cap = cap; |
| @@ -1386,9 +1418,9 @@ static int task_has_capability(struct task_struct *tsk, | |||
| 1386 | BUG(); | 1418 | BUG(); |
| 1387 | } | 1419 | } |
| 1388 | 1420 | ||
| 1389 | rc = avc_has_perm_noaudit(tsec->sid, tsec->sid, sclass, av, 0, &avd); | 1421 | rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd); |
| 1390 | if (audit == SECURITY_CAP_AUDIT) | 1422 | if (audit == SECURITY_CAP_AUDIT) |
| 1391 | avc_audit(tsec->sid, tsec->sid, sclass, av, &avd, rc, &ad); | 1423 | avc_audit(sid, sid, sclass, av, &avd, rc, &ad); |
| 1392 | return rc; | 1424 | return rc; |
| 1393 | } | 1425 | } |
| 1394 | 1426 | ||
| @@ -1396,11 +1428,9 @@ static int task_has_capability(struct task_struct *tsk, | |||
| 1396 | static int task_has_system(struct task_struct *tsk, | 1428 | static int task_has_system(struct task_struct *tsk, |
| 1397 | u32 perms) | 1429 | u32 perms) |
| 1398 | { | 1430 | { |
| 1399 | struct task_security_struct *tsec; | 1431 | u32 sid = task_sid(tsk); |
| 1400 | |||
| 1401 | tsec = tsk->cred->security; | ||
| 1402 | 1432 | ||
| 1403 | return avc_has_perm(tsec->sid, SECINITSID_KERNEL, | 1433 | return avc_has_perm(sid, SECINITSID_KERNEL, |
| 1404 | SECCLASS_SYSTEM, perms, NULL); | 1434 | SECCLASS_SYSTEM, perms, NULL); |
| 1405 | } | 1435 | } |
| 1406 | 1436 | ||
| @@ -1412,14 +1442,14 @@ static int inode_has_perm(struct task_struct *tsk, | |||
| 1412 | u32 perms, | 1442 | u32 perms, |
| 1413 | struct avc_audit_data *adp) | 1443 | struct avc_audit_data *adp) |
| 1414 | { | 1444 | { |
| 1415 | struct task_security_struct *tsec; | ||
| 1416 | struct inode_security_struct *isec; | 1445 | struct inode_security_struct *isec; |
| 1417 | struct avc_audit_data ad; | 1446 | struct avc_audit_data ad; |
| 1447 | u32 sid; | ||
| 1418 | 1448 | ||
| 1419 | if (unlikely(IS_PRIVATE(inode))) | 1449 | if (unlikely(IS_PRIVATE(inode))) |
| 1420 | return 0; | 1450 | return 0; |
| 1421 | 1451 | ||
| 1422 | tsec = tsk->cred->security; | 1452 | sid = task_sid(tsk); |
| 1423 | isec = inode->i_security; | 1453 | isec = inode->i_security; |
| 1424 | 1454 | ||
| 1425 | if (!adp) { | 1455 | if (!adp) { |
| @@ -1428,7 +1458,7 @@ static int inode_has_perm(struct task_struct *tsk, | |||
| 1428 | ad.u.fs.inode = inode; | 1458 | ad.u.fs.inode = inode; |
| 1429 | } | 1459 | } |
| 1430 | 1460 | ||
| 1431 | return avc_has_perm(tsec->sid, isec->sid, isec->sclass, perms, adp); | 1461 | return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp); |
| 1432 | } | 1462 | } |
| 1433 | 1463 | ||
| 1434 | /* Same as inode_has_perm, but pass explicit audit data containing | 1464 | /* Same as inode_has_perm, but pass explicit audit data containing |
| @@ -1459,17 +1489,17 @@ static int file_has_perm(struct task_struct *tsk, | |||
| 1459 | struct file *file, | 1489 | struct file *file, |
| 1460 | u32 av) | 1490 | u32 av) |
| 1461 | { | 1491 | { |
| 1462 | struct task_security_struct *tsec = tsk->cred->security; | ||
| 1463 | struct file_security_struct *fsec = file->f_security; | 1492 | struct file_security_struct *fsec = file->f_security; |
| 1464 | struct inode *inode = file->f_path.dentry->d_inode; | 1493 | struct inode *inode = file->f_path.dentry->d_inode; |
| 1465 | struct avc_audit_data ad; | 1494 | struct avc_audit_data ad; |
| 1495 | u32 sid = task_sid(tsk); | ||
| 1466 | int rc; | 1496 | int rc; |
| 1467 | 1497 | ||
| 1468 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1498 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1469 | ad.u.fs.path = file->f_path; | 1499 | ad.u.fs.path = file->f_path; |
| 1470 | 1500 | ||
| 1471 | if (tsec->sid != fsec->sid) { | 1501 | if (sid != fsec->sid) { |
| 1472 | rc = avc_has_perm(tsec->sid, fsec->sid, | 1502 | rc = avc_has_perm(sid, fsec->sid, |
| 1473 | SECCLASS_FD, | 1503 | SECCLASS_FD, |
| 1474 | FD__USE, | 1504 | FD__USE, |
| 1475 | &ad); | 1505 | &ad); |
| @@ -1489,36 +1519,36 @@ static int may_create(struct inode *dir, | |||
| 1489 | struct dentry *dentry, | 1519 | struct dentry *dentry, |
| 1490 | u16 tclass) | 1520 | u16 tclass) |
| 1491 | { | 1521 | { |
| 1492 | struct task_security_struct *tsec; | 1522 | const struct cred *cred = current_cred(); |
| 1523 | const struct task_security_struct *tsec = cred->security; | ||
| 1493 | struct inode_security_struct *dsec; | 1524 | struct inode_security_struct *dsec; |
| 1494 | struct superblock_security_struct *sbsec; | 1525 | struct superblock_security_struct *sbsec; |
| 1495 | u32 newsid; | 1526 | u32 sid, newsid; |
| 1496 | struct avc_audit_data ad; | 1527 | struct avc_audit_data ad; |
| 1497 | int rc; | 1528 | int rc; |
| 1498 | 1529 | ||
| 1499 | tsec = current->cred->security; | ||
| 1500 | dsec = dir->i_security; | 1530 | dsec = dir->i_security; |
| 1501 | sbsec = dir->i_sb->s_security; | 1531 | sbsec = dir->i_sb->s_security; |
| 1502 | 1532 | ||
| 1533 | sid = tsec->sid; | ||
| 1534 | newsid = tsec->create_sid; | ||
| 1535 | |||
| 1503 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1536 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1504 | ad.u.fs.path.dentry = dentry; | 1537 | ad.u.fs.path.dentry = dentry; |
| 1505 | 1538 | ||
| 1506 | rc = avc_has_perm(tsec->sid, dsec->sid, SECCLASS_DIR, | 1539 | rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, |
| 1507 | DIR__ADD_NAME | DIR__SEARCH, | 1540 | DIR__ADD_NAME | DIR__SEARCH, |
| 1508 | &ad); | 1541 | &ad); |
| 1509 | if (rc) | 1542 | if (rc) |
| 1510 | return rc; | 1543 | return rc; |
| 1511 | 1544 | ||
| 1512 | if (tsec->create_sid && sbsec->behavior != SECURITY_FS_USE_MNTPOINT) { | 1545 | if (!newsid || sbsec->behavior == SECURITY_FS_USE_MNTPOINT) { |
| 1513 | newsid = tsec->create_sid; | 1546 | rc = security_transition_sid(sid, dsec->sid, tclass, &newsid); |
| 1514 | } else { | ||
| 1515 | rc = security_transition_sid(tsec->sid, dsec->sid, tclass, | ||
| 1516 | &newsid); | ||
| 1517 | if (rc) | 1547 | if (rc) |
| 1518 | return rc; | 1548 | return rc; |
| 1519 | } | 1549 | } |
| 1520 | 1550 | ||
| 1521 | rc = avc_has_perm(tsec->sid, newsid, tclass, FILE__CREATE, &ad); | 1551 | rc = avc_has_perm(sid, newsid, tclass, FILE__CREATE, &ad); |
| 1522 | if (rc) | 1552 | if (rc) |
| 1523 | return rc; | 1553 | return rc; |
| 1524 | 1554 | ||
| @@ -1531,11 +1561,9 @@ static int may_create(struct inode *dir, | |||
| 1531 | static int may_create_key(u32 ksid, | 1561 | static int may_create_key(u32 ksid, |
| 1532 | struct task_struct *ctx) | 1562 | struct task_struct *ctx) |
| 1533 | { | 1563 | { |
| 1534 | struct task_security_struct *tsec; | 1564 | u32 sid = task_sid(ctx); |
| 1535 | |||
| 1536 | tsec = ctx->cred->security; | ||
| 1537 | 1565 | ||
| 1538 | return avc_has_perm(tsec->sid, ksid, SECCLASS_KEY, KEY__CREATE, NULL); | 1566 | return avc_has_perm(sid, ksid, SECCLASS_KEY, KEY__CREATE, NULL); |
| 1539 | } | 1567 | } |
| 1540 | 1568 | ||
| 1541 | #define MAY_LINK 0 | 1569 | #define MAY_LINK 0 |
| @@ -1548,13 +1576,12 @@ static int may_link(struct inode *dir, | |||
| 1548 | int kind) | 1576 | int kind) |
| 1549 | 1577 | ||
| 1550 | { | 1578 | { |
| 1551 | struct task_security_struct *tsec; | ||
| 1552 | struct inode_security_struct *dsec, *isec; | 1579 | struct inode_security_struct *dsec, *isec; |
| 1553 | struct avc_audit_data ad; | 1580 | struct avc_audit_data ad; |
| 1581 | u32 sid = current_sid(); | ||
| 1554 | u32 av; | 1582 | u32 av; |
| 1555 | int rc; | 1583 | int rc; |
| 1556 | 1584 | ||
| 1557 | tsec = current->cred->security; | ||
| 1558 | dsec = dir->i_security; | 1585 | dsec = dir->i_security; |
| 1559 | isec = dentry->d_inode->i_security; | 1586 | isec = dentry->d_inode->i_security; |
| 1560 | 1587 | ||
| @@ -1563,7 +1590,7 @@ static int may_link(struct inode *dir, | |||
| 1563 | 1590 | ||
| 1564 | av = DIR__SEARCH; | 1591 | av = DIR__SEARCH; |
| 1565 | av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME); | 1592 | av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME); |
| 1566 | rc = avc_has_perm(tsec->sid, dsec->sid, SECCLASS_DIR, av, &ad); | 1593 | rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, av, &ad); |
| 1567 | if (rc) | 1594 | if (rc) |
| 1568 | return rc; | 1595 | return rc; |
| 1569 | 1596 | ||
| @@ -1583,7 +1610,7 @@ static int may_link(struct inode *dir, | |||
| 1583 | return 0; | 1610 | return 0; |
| 1584 | } | 1611 | } |
| 1585 | 1612 | ||
| 1586 | rc = avc_has_perm(tsec->sid, isec->sid, isec->sclass, av, &ad); | 1613 | rc = avc_has_perm(sid, isec->sid, isec->sclass, av, &ad); |
| 1587 | return rc; | 1614 | return rc; |
| 1588 | } | 1615 | } |
| 1589 | 1616 | ||
| @@ -1592,14 +1619,13 @@ static inline int may_rename(struct inode *old_dir, | |||
| 1592 | struct inode *new_dir, | 1619 | struct inode *new_dir, |
| 1593 | struct dentry *new_dentry) | 1620 | struct dentry *new_dentry) |
| 1594 | { | 1621 | { |
| 1595 | struct task_security_struct *tsec; | ||
| 1596 | struct inode_security_struct *old_dsec, *new_dsec, *old_isec, *new_isec; | 1622 | struct inode_security_struct *old_dsec, *new_dsec, *old_isec, *new_isec; |
| 1597 | struct avc_audit_data ad; | 1623 | struct avc_audit_data ad; |
| 1624 | u32 sid = current_sid(); | ||
| 1598 | u32 av; | 1625 | u32 av; |
| 1599 | int old_is_dir, new_is_dir; | 1626 | int old_is_dir, new_is_dir; |
| 1600 | int rc; | 1627 | int rc; |
| 1601 | 1628 | ||
| 1602 | tsec = current->cred->security; | ||
| 1603 | old_dsec = old_dir->i_security; | 1629 | old_dsec = old_dir->i_security; |
| 1604 | old_isec = old_dentry->d_inode->i_security; | 1630 | old_isec = old_dentry->d_inode->i_security; |
| 1605 | old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode); | 1631 | old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode); |
| @@ -1608,16 +1634,16 @@ static inline int may_rename(struct inode *old_dir, | |||
| 1608 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1634 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1609 | 1635 | ||
| 1610 | ad.u.fs.path.dentry = old_dentry; | 1636 | ad.u.fs.path.dentry = old_dentry; |
| 1611 | rc = avc_has_perm(tsec->sid, old_dsec->sid, SECCLASS_DIR, | 1637 | rc = avc_has_perm(sid, old_dsec->sid, SECCLASS_DIR, |
| 1612 | DIR__REMOVE_NAME | DIR__SEARCH, &ad); | 1638 | DIR__REMOVE_NAME | DIR__SEARCH, &ad); |
| 1613 | if (rc) | 1639 | if (rc) |
| 1614 | return rc; | 1640 | return rc; |
| 1615 | rc = avc_has_perm(tsec->sid, old_isec->sid, | 1641 | rc = avc_has_perm(sid, old_isec->sid, |
| 1616 | old_isec->sclass, FILE__RENAME, &ad); | 1642 | old_isec->sclass, FILE__RENAME, &ad); |
| 1617 | if (rc) | 1643 | if (rc) |
| 1618 | return rc; | 1644 | return rc; |
| 1619 | if (old_is_dir && new_dir != old_dir) { | 1645 | if (old_is_dir && new_dir != old_dir) { |
| 1620 | rc = avc_has_perm(tsec->sid, old_isec->sid, | 1646 | rc = avc_has_perm(sid, old_isec->sid, |
| 1621 | old_isec->sclass, DIR__REPARENT, &ad); | 1647 | old_isec->sclass, DIR__REPARENT, &ad); |
| 1622 | if (rc) | 1648 | if (rc) |
| 1623 | return rc; | 1649 | return rc; |
| @@ -1627,13 +1653,13 @@ static inline int may_rename(struct inode *old_dir, | |||
| 1627 | av = DIR__ADD_NAME | DIR__SEARCH; | 1653 | av = DIR__ADD_NAME | DIR__SEARCH; |
| 1628 | if (new_dentry->d_inode) | 1654 | if (new_dentry->d_inode) |
| 1629 | av |= DIR__REMOVE_NAME; | 1655 | av |= DIR__REMOVE_NAME; |
| 1630 | rc = avc_has_perm(tsec->sid, new_dsec->sid, SECCLASS_DIR, av, &ad); | 1656 | rc = avc_has_perm(sid, new_dsec->sid, SECCLASS_DIR, av, &ad); |
| 1631 | if (rc) | 1657 | if (rc) |
| 1632 | return rc; | 1658 | return rc; |
| 1633 | if (new_dentry->d_inode) { | 1659 | if (new_dentry->d_inode) { |
| 1634 | new_isec = new_dentry->d_inode->i_security; | 1660 | new_isec = new_dentry->d_inode->i_security; |
| 1635 | new_is_dir = S_ISDIR(new_dentry->d_inode->i_mode); | 1661 | new_is_dir = S_ISDIR(new_dentry->d_inode->i_mode); |
| 1636 | rc = avc_has_perm(tsec->sid, new_isec->sid, | 1662 | rc = avc_has_perm(sid, new_isec->sid, |
| 1637 | new_isec->sclass, | 1663 | new_isec->sclass, |
| 1638 | (new_is_dir ? DIR__RMDIR : FILE__UNLINK), &ad); | 1664 | (new_is_dir ? DIR__RMDIR : FILE__UNLINK), &ad); |
| 1639 | if (rc) | 1665 | if (rc) |
| @@ -1649,13 +1675,11 @@ static int superblock_has_perm(struct task_struct *tsk, | |||
| 1649 | u32 perms, | 1675 | u32 perms, |
| 1650 | struct avc_audit_data *ad) | 1676 | struct avc_audit_data *ad) |
| 1651 | { | 1677 | { |
| 1652 | struct task_security_struct *tsec; | ||
| 1653 | struct superblock_security_struct *sbsec; | 1678 | struct superblock_security_struct *sbsec; |
| 1679 | u32 sid = task_sid(tsk); | ||
| 1654 | 1680 | ||
| 1655 | tsec = tsk->cred->security; | ||
| 1656 | sbsec = sb->s_security; | 1681 | sbsec = sb->s_security; |
| 1657 | return avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, | 1682 | return avc_has_perm(sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad); |
| 1658 | perms, ad); | ||
| 1659 | } | 1683 | } |
| 1660 | 1684 | ||
| 1661 | /* Convert a Linux mode and permission mask to an access vector. */ | 1685 | /* Convert a Linux mode and permission mask to an access vector. */ |
| @@ -1751,10 +1775,9 @@ static int selinux_ptrace_may_access(struct task_struct *child, | |||
| 1751 | return rc; | 1775 | return rc; |
| 1752 | 1776 | ||
| 1753 | if (mode == PTRACE_MODE_READ) { | 1777 | if (mode == PTRACE_MODE_READ) { |
| 1754 | struct task_security_struct *tsec = current->cred->security; | 1778 | u32 sid = current_sid(); |
| 1755 | struct task_security_struct *csec = child->cred->security; | 1779 | u32 csid = task_sid(child); |
| 1756 | return avc_has_perm(tsec->sid, csec->sid, | 1780 | return avc_has_perm(sid, csid, SECCLASS_FILE, FILE__READ, NULL); |
| 1757 | SECCLASS_FILE, FILE__READ, NULL); | ||
| 1758 | } | 1781 | } |
| 1759 | 1782 | ||
| 1760 | return task_has_perm(current, child, PROCESS__PTRACE); | 1783 | return task_has_perm(current, child, PROCESS__PTRACE); |
| @@ -1859,15 +1882,14 @@ static int selinux_sysctl(ctl_table *table, int op) | |||
| 1859 | { | 1882 | { |
| 1860 | int error = 0; | 1883 | int error = 0; |
| 1861 | u32 av; | 1884 | u32 av; |
| 1862 | struct task_security_struct *tsec; | 1885 | u32 tsid, sid; |
| 1863 | u32 tsid; | ||
| 1864 | int rc; | 1886 | int rc; |
| 1865 | 1887 | ||
| 1866 | rc = secondary_ops->sysctl(table, op); | 1888 | rc = secondary_ops->sysctl(table, op); |
| 1867 | if (rc) | 1889 | if (rc) |
| 1868 | return rc; | 1890 | return rc; |
| 1869 | 1891 | ||
| 1870 | tsec = current->cred->security; | 1892 | sid = current_sid(); |
| 1871 | 1893 | ||
| 1872 | rc = selinux_sysctl_get_sid(table, (op == 0001) ? | 1894 | rc = selinux_sysctl_get_sid(table, (op == 0001) ? |
| 1873 | SECCLASS_DIR : SECCLASS_FILE, &tsid); | 1895 | SECCLASS_DIR : SECCLASS_FILE, &tsid); |
| @@ -1879,7 +1901,7 @@ static int selinux_sysctl(ctl_table *table, int op) | |||
| 1879 | /* The op values are "defined" in sysctl.c, thereby creating | 1901 | /* The op values are "defined" in sysctl.c, thereby creating |
| 1880 | * a bad coupling between this module and sysctl.c */ | 1902 | * a bad coupling between this module and sysctl.c */ |
| 1881 | if (op == 001) { | 1903 | if (op == 001) { |
| 1882 | error = avc_has_perm(tsec->sid, tsid, | 1904 | error = avc_has_perm(sid, tsid, |
| 1883 | SECCLASS_DIR, DIR__SEARCH, NULL); | 1905 | SECCLASS_DIR, DIR__SEARCH, NULL); |
| 1884 | } else { | 1906 | } else { |
| 1885 | av = 0; | 1907 | av = 0; |
| @@ -1888,7 +1910,7 @@ static int selinux_sysctl(ctl_table *table, int op) | |||
| 1888 | if (op & 002) | 1910 | if (op & 002) |
| 1889 | av |= FILE__WRITE; | 1911 | av |= FILE__WRITE; |
| 1890 | if (av) | 1912 | if (av) |
| 1891 | error = avc_has_perm(tsec->sid, tsid, | 1913 | error = avc_has_perm(sid, tsid, |
| 1892 | SECCLASS_FILE, av, NULL); | 1914 | SECCLASS_FILE, av, NULL); |
| 1893 | } | 1915 | } |
| 1894 | 1916 | ||
| @@ -2018,7 +2040,7 @@ static int selinux_bprm_set_security(struct linux_binprm *bprm) | |||
| 2018 | if (bsec->set) | 2040 | if (bsec->set) |
| 2019 | return 0; | 2041 | return 0; |
| 2020 | 2042 | ||
| 2021 | tsec = current->cred->security; | 2043 | tsec = current_security(); |
| 2022 | isec = inode->i_security; | 2044 | isec = inode->i_security; |
| 2023 | 2045 | ||
| 2024 | /* Default to the current task SID. */ | 2046 | /* Default to the current task SID. */ |
| @@ -2083,14 +2105,19 @@ static int selinux_bprm_check_security(struct linux_binprm *bprm) | |||
| 2083 | 2105 | ||
| 2084 | static int selinux_bprm_secureexec(struct linux_binprm *bprm) | 2106 | static int selinux_bprm_secureexec(struct linux_binprm *bprm) |
| 2085 | { | 2107 | { |
| 2086 | struct task_security_struct *tsec = current->cred->security; | 2108 | const struct cred *cred = current_cred(); |
| 2109 | const struct task_security_struct *tsec = cred->security; | ||
| 2110 | u32 sid, osid; | ||
| 2087 | int atsecure = 0; | 2111 | int atsecure = 0; |
| 2088 | 2112 | ||
| 2089 | if (tsec->osid != tsec->sid) { | 2113 | sid = tsec->sid; |
| 2114 | osid = tsec->osid; | ||
| 2115 | |||
| 2116 | if (osid != sid) { | ||
| 2090 | /* Enable secure mode for SIDs transitions unless | 2117 | /* Enable secure mode for SIDs transitions unless |
| 2091 | the noatsecure permission is granted between | 2118 | the noatsecure permission is granted between |
| 2092 | the two SIDs, i.e. ahp returns 0. */ | 2119 | the two SIDs, i.e. ahp returns 0. */ |
| 2093 | atsecure = avc_has_perm(tsec->osid, tsec->sid, | 2120 | atsecure = avc_has_perm(osid, sid, |
| 2094 | SECCLASS_PROCESS, | 2121 | SECCLASS_PROCESS, |
| 2095 | PROCESS__NOATSECURE, NULL); | 2122 | PROCESS__NOATSECURE, NULL); |
| 2096 | } | 2123 | } |
| @@ -2207,7 +2234,7 @@ static void selinux_bprm_apply_creds(struct linux_binprm *bprm, int unsafe) | |||
| 2207 | 2234 | ||
| 2208 | secondary_ops->bprm_apply_creds(bprm, unsafe); | 2235 | secondary_ops->bprm_apply_creds(bprm, unsafe); |
| 2209 | 2236 | ||
| 2210 | tsec = current->cred->security; | 2237 | tsec = current_security(); |
| 2211 | 2238 | ||
| 2212 | bsec = bprm->security; | 2239 | bsec = bprm->security; |
| 2213 | sid = bsec->sid; | 2240 | sid = bsec->sid; |
| @@ -2236,7 +2263,7 @@ static void selinux_bprm_apply_creds(struct linux_binprm *bprm, int unsafe) | |||
| 2236 | rcu_read_lock(); | 2263 | rcu_read_lock(); |
| 2237 | tracer = tracehook_tracer_task(current); | 2264 | tracer = tracehook_tracer_task(current); |
| 2238 | if (likely(tracer != NULL)) { | 2265 | if (likely(tracer != NULL)) { |
| 2239 | sec = tracer->cred->security; | 2266 | sec = __task_cred(tracer)->security; |
| 2240 | ptsid = sec->sid; | 2267 | ptsid = sec->sid; |
| 2241 | } | 2268 | } |
| 2242 | rcu_read_unlock(); | 2269 | rcu_read_unlock(); |
| @@ -2267,7 +2294,7 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm) | |||
| 2267 | int rc, i; | 2294 | int rc, i; |
| 2268 | unsigned long flags; | 2295 | unsigned long flags; |
| 2269 | 2296 | ||
| 2270 | tsec = current->cred->security; | 2297 | tsec = current_security(); |
| 2271 | bsec = bprm->security; | 2298 | bsec = bprm->security; |
| 2272 | 2299 | ||
| 2273 | if (bsec->unsafe) { | 2300 | if (bsec->unsafe) { |
| @@ -2507,21 +2534,22 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, | |||
| 2507 | char **name, void **value, | 2534 | char **name, void **value, |
| 2508 | size_t *len) | 2535 | size_t *len) |
| 2509 | { | 2536 | { |
| 2510 | struct task_security_struct *tsec; | 2537 | const struct cred *cred = current_cred(); |
| 2538 | const struct task_security_struct *tsec = cred->security; | ||
| 2511 | struct inode_security_struct *dsec; | 2539 | struct inode_security_struct *dsec; |
| 2512 | struct superblock_security_struct *sbsec; | 2540 | struct superblock_security_struct *sbsec; |
| 2513 | u32 newsid, clen; | 2541 | u32 sid, newsid, clen; |
| 2514 | int rc; | 2542 | int rc; |
| 2515 | char *namep = NULL, *context; | 2543 | char *namep = NULL, *context; |
| 2516 | 2544 | ||
| 2517 | tsec = current->cred->security; | ||
| 2518 | dsec = dir->i_security; | 2545 | dsec = dir->i_security; |
| 2519 | sbsec = dir->i_sb->s_security; | 2546 | sbsec = dir->i_sb->s_security; |
| 2520 | 2547 | ||
| 2521 | if (tsec->create_sid && sbsec->behavior != SECURITY_FS_USE_MNTPOINT) { | 2548 | sid = tsec->sid; |
| 2522 | newsid = tsec->create_sid; | 2549 | newsid = tsec->create_sid; |
| 2523 | } else { | 2550 | |
| 2524 | rc = security_transition_sid(tsec->sid, dsec->sid, | 2551 | if (!newsid || sbsec->behavior == SECURITY_FS_USE_MNTPOINT) { |
| 2552 | rc = security_transition_sid(sid, dsec->sid, | ||
| 2525 | inode_mode_to_security_class(inode->i_mode), | 2553 | inode_mode_to_security_class(inode->i_mode), |
| 2526 | &newsid); | 2554 | &newsid); |
| 2527 | if (rc) { | 2555 | if (rc) { |
| @@ -2699,12 +2727,11 @@ static int selinux_inode_setotherxattr(struct dentry *dentry, const char *name) | |||
| 2699 | static int selinux_inode_setxattr(struct dentry *dentry, const char *name, | 2727 | static int selinux_inode_setxattr(struct dentry *dentry, const char *name, |
| 2700 | const void *value, size_t size, int flags) | 2728 | const void *value, size_t size, int flags) |
| 2701 | { | 2729 | { |
| 2702 | struct task_security_struct *tsec = current->cred->security; | ||
| 2703 | struct inode *inode = dentry->d_inode; | 2730 | struct inode *inode = dentry->d_inode; |
| 2704 | struct inode_security_struct *isec = inode->i_security; | 2731 | struct inode_security_struct *isec = inode->i_security; |
| 2705 | struct superblock_security_struct *sbsec; | 2732 | struct superblock_security_struct *sbsec; |
| 2706 | struct avc_audit_data ad; | 2733 | struct avc_audit_data ad; |
| 2707 | u32 newsid; | 2734 | u32 newsid, sid = current_sid(); |
| 2708 | int rc = 0; | 2735 | int rc = 0; |
| 2709 | 2736 | ||
| 2710 | if (strcmp(name, XATTR_NAME_SELINUX)) | 2737 | if (strcmp(name, XATTR_NAME_SELINUX)) |
| @@ -2720,7 +2747,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, | |||
| 2720 | AVC_AUDIT_DATA_INIT(&ad, FS); | 2747 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 2721 | ad.u.fs.path.dentry = dentry; | 2748 | ad.u.fs.path.dentry = dentry; |
| 2722 | 2749 | ||
| 2723 | rc = avc_has_perm(tsec->sid, isec->sid, isec->sclass, | 2750 | rc = avc_has_perm(sid, isec->sid, isec->sclass, |
| 2724 | FILE__RELABELFROM, &ad); | 2751 | FILE__RELABELFROM, &ad); |
| 2725 | if (rc) | 2752 | if (rc) |
| 2726 | return rc; | 2753 | return rc; |
| @@ -2734,12 +2761,12 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, | |||
| 2734 | if (rc) | 2761 | if (rc) |
| 2735 | return rc; | 2762 | return rc; |
| 2736 | 2763 | ||
| 2737 | rc = avc_has_perm(tsec->sid, newsid, isec->sclass, | 2764 | rc = avc_has_perm(sid, newsid, isec->sclass, |
| 2738 | FILE__RELABELTO, &ad); | 2765 | FILE__RELABELTO, &ad); |
| 2739 | if (rc) | 2766 | if (rc) |
| 2740 | return rc; | 2767 | return rc; |
| 2741 | 2768 | ||
| 2742 | rc = security_validate_transition(isec->sid, newsid, tsec->sid, | 2769 | rc = security_validate_transition(isec->sid, newsid, sid, |
| 2743 | isec->sclass); | 2770 | isec->sclass); |
| 2744 | if (rc) | 2771 | if (rc) |
| 2745 | return rc; | 2772 | return rc; |
| @@ -2911,16 +2938,16 @@ static int selinux_revalidate_file_permission(struct file *file, int mask) | |||
| 2911 | static int selinux_file_permission(struct file *file, int mask) | 2938 | static int selinux_file_permission(struct file *file, int mask) |
| 2912 | { | 2939 | { |
| 2913 | struct inode *inode = file->f_path.dentry->d_inode; | 2940 | struct inode *inode = file->f_path.dentry->d_inode; |
| 2914 | struct task_security_struct *tsec = current->cred->security; | ||
| 2915 | struct file_security_struct *fsec = file->f_security; | 2941 | struct file_security_struct *fsec = file->f_security; |
| 2916 | struct inode_security_struct *isec = inode->i_security; | 2942 | struct inode_security_struct *isec = inode->i_security; |
| 2943 | u32 sid = current_sid(); | ||
| 2917 | 2944 | ||
| 2918 | if (!mask) { | 2945 | if (!mask) { |
| 2919 | /* No permission to check. Existence test. */ | 2946 | /* No permission to check. Existence test. */ |
| 2920 | return 0; | 2947 | return 0; |
| 2921 | } | 2948 | } |
| 2922 | 2949 | ||
| 2923 | if (tsec->sid == fsec->sid && fsec->isid == isec->sid | 2950 | if (sid == fsec->sid && fsec->isid == isec->sid |
| 2924 | && fsec->pseqno == avc_policy_seqno()) | 2951 | && fsec->pseqno == avc_policy_seqno()) |
| 2925 | return selinux_netlbl_inode_permission(inode, mask); | 2952 | return selinux_netlbl_inode_permission(inode, mask); |
| 2926 | 2953 | ||
| @@ -2988,8 +3015,7 @@ static int selinux_file_mmap(struct file *file, unsigned long reqprot, | |||
| 2988 | unsigned long addr, unsigned long addr_only) | 3015 | unsigned long addr, unsigned long addr_only) |
| 2989 | { | 3016 | { |
| 2990 | int rc = 0; | 3017 | int rc = 0; |
| 2991 | u32 sid = ((struct task_security_struct *) | 3018 | u32 sid = current_sid(); |
| 2992 | (current->cred->security))->sid; | ||
| 2993 | 3019 | ||
| 2994 | if (addr < mmap_min_addr) | 3020 | if (addr < mmap_min_addr) |
| 2995 | rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT, | 3021 | rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT, |
| @@ -3098,12 +3124,10 @@ static int selinux_file_fcntl(struct file *file, unsigned int cmd, | |||
| 3098 | 3124 | ||
| 3099 | static int selinux_file_set_fowner(struct file *file) | 3125 | static int selinux_file_set_fowner(struct file *file) |
| 3100 | { | 3126 | { |
| 3101 | struct task_security_struct *tsec; | ||
| 3102 | struct file_security_struct *fsec; | 3127 | struct file_security_struct *fsec; |
| 3103 | 3128 | ||
| 3104 | tsec = current->cred->security; | ||
| 3105 | fsec = file->f_security; | 3129 | fsec = file->f_security; |
| 3106 | fsec->fown_sid = tsec->sid; | 3130 | fsec->fown_sid = current_sid(); |
| 3107 | 3131 | ||
| 3108 | return 0; | 3132 | return 0; |
| 3109 | } | 3133 | } |
| @@ -3112,14 +3136,13 @@ static int selinux_file_send_sigiotask(struct task_struct *tsk, | |||
| 3112 | struct fown_struct *fown, int signum) | 3136 | struct fown_struct *fown, int signum) |
| 3113 | { | 3137 | { |
| 3114 | struct file *file; | 3138 | struct file *file; |
| 3139 | u32 sid = current_sid(); | ||
| 3115 | u32 perm; | 3140 | u32 perm; |
| 3116 | struct task_security_struct *tsec; | ||
| 3117 | struct file_security_struct *fsec; | 3141 | struct file_security_struct *fsec; |
| 3118 | 3142 | ||
| 3119 | /* struct fown_struct is never outside the context of a struct file */ | 3143 | /* struct fown_struct is never outside the context of a struct file */ |
| 3120 | file = container_of(fown, struct file, f_owner); | 3144 | file = container_of(fown, struct file, f_owner); |
| 3121 | 3145 | ||
| 3122 | tsec = tsk->cred->security; | ||
| 3123 | fsec = file->f_security; | 3146 | fsec = file->f_security; |
| 3124 | 3147 | ||
| 3125 | if (!signum) | 3148 | if (!signum) |
| @@ -3127,7 +3150,7 @@ static int selinux_file_send_sigiotask(struct task_struct *tsk, | |||
| 3127 | else | 3150 | else |
| 3128 | perm = signal_to_av(signum); | 3151 | perm = signal_to_av(signum); |
| 3129 | 3152 | ||
| 3130 | return avc_has_perm(fsec->fown_sid, tsec->sid, | 3153 | return avc_has_perm(fsec->fown_sid, sid, |
| 3131 | SECCLASS_PROCESS, perm, NULL); | 3154 | SECCLASS_PROCESS, perm, NULL); |
| 3132 | } | 3155 | } |
| 3133 | 3156 | ||
| @@ -3182,7 +3205,7 @@ static int selinux_cred_alloc_security(struct cred *cred) | |||
| 3182 | struct task_security_struct *tsec1, *tsec2; | 3205 | struct task_security_struct *tsec1, *tsec2; |
| 3183 | int rc; | 3206 | int rc; |
| 3184 | 3207 | ||
| 3185 | tsec1 = current->cred->security; | 3208 | tsec1 = current_security(); |
| 3186 | 3209 | ||
| 3187 | rc = cred_alloc_security(cred); | 3210 | rc = cred_alloc_security(cred); |
| 3188 | if (rc) | 3211 | if (rc) |
| @@ -3250,8 +3273,7 @@ static int selinux_task_getsid(struct task_struct *p) | |||
| 3250 | 3273 | ||
| 3251 | static void selinux_task_getsecid(struct task_struct *p, u32 *secid) | 3274 | static void selinux_task_getsecid(struct task_struct *p, u32 *secid) |
| 3252 | { | 3275 | { |
| 3253 | struct task_security_struct *tsec = p->cred->security; | 3276 | *secid = task_sid(p); |
| 3254 | *secid = tsec->sid; | ||
| 3255 | } | 3277 | } |
| 3256 | 3278 | ||
| 3257 | static int selinux_task_setgroups(struct group_info *group_info) | 3279 | static int selinux_task_setgroups(struct group_info *group_info) |
| @@ -3332,7 +3354,6 @@ static int selinux_task_kill(struct task_struct *p, struct siginfo *info, | |||
| 3332 | { | 3354 | { |
| 3333 | u32 perm; | 3355 | u32 perm; |
| 3334 | int rc; | 3356 | int rc; |
| 3335 | struct task_security_struct *tsec; | ||
| 3336 | 3357 | ||
| 3337 | rc = secondary_ops->task_kill(p, info, sig, secid); | 3358 | rc = secondary_ops->task_kill(p, info, sig, secid); |
| 3338 | if (rc) | 3359 | if (rc) |
| @@ -3342,9 +3363,9 @@ static int selinux_task_kill(struct task_struct *p, struct siginfo *info, | |||
| 3342 | perm = PROCESS__SIGNULL; /* null signal; existence test */ | 3363 | perm = PROCESS__SIGNULL; /* null signal; existence test */ |
| 3343 | else | 3364 | else |
| 3344 | perm = signal_to_av(sig); | 3365 | perm = signal_to_av(sig); |
| 3345 | tsec = p->cred->security; | ||
| 3346 | if (secid) | 3366 | if (secid) |
| 3347 | rc = avc_has_perm(secid, tsec->sid, SECCLASS_PROCESS, perm, NULL); | 3367 | rc = avc_has_perm(secid, task_sid(p), |
| 3368 | SECCLASS_PROCESS, perm, NULL); | ||
| 3348 | else | 3369 | else |
| 3349 | rc = task_has_perm(current, p, perm); | 3370 | rc = task_has_perm(current, p, perm); |
| 3350 | return rc; | 3371 | return rc; |
| @@ -3383,12 +3404,11 @@ static void selinux_task_reparent_to_init(struct task_struct *p) | |||
| 3383 | static void selinux_task_to_inode(struct task_struct *p, | 3404 | static void selinux_task_to_inode(struct task_struct *p, |
| 3384 | struct inode *inode) | 3405 | struct inode *inode) |
| 3385 | { | 3406 | { |
| 3386 | struct task_security_struct *tsec = p->cred->security; | ||
| 3387 | struct inode_security_struct *isec = inode->i_security; | 3407 | struct inode_security_struct *isec = inode->i_security; |
| 3408 | u32 sid = task_sid(p); | ||
| 3388 | 3409 | ||
| 3389 | isec->sid = tsec->sid; | 3410 | isec->sid = sid; |
| 3390 | isec->initialized = 1; | 3411 | isec->initialized = 1; |
| 3391 | return; | ||
| 3392 | } | 3412 | } |
| 3393 | 3413 | ||
| 3394 | /* Returns error only if unable to parse addresses */ | 3414 | /* Returns error only if unable to parse addresses */ |
| @@ -3627,19 +3647,19 @@ static int socket_has_perm(struct task_struct *task, struct socket *sock, | |||
| 3627 | u32 perms) | 3647 | u32 perms) |
| 3628 | { | 3648 | { |
| 3629 | struct inode_security_struct *isec; | 3649 | struct inode_security_struct *isec; |
| 3630 | struct task_security_struct *tsec; | ||
| 3631 | struct avc_audit_data ad; | 3650 | struct avc_audit_data ad; |
| 3651 | u32 sid; | ||
| 3632 | int err = 0; | 3652 | int err = 0; |
| 3633 | 3653 | ||
| 3634 | tsec = task->cred->security; | ||
| 3635 | isec = SOCK_INODE(sock)->i_security; | 3654 | isec = SOCK_INODE(sock)->i_security; |
| 3636 | 3655 | ||
| 3637 | if (isec->sid == SECINITSID_KERNEL) | 3656 | if (isec->sid == SECINITSID_KERNEL) |
| 3638 | goto out; | 3657 | goto out; |
| 3658 | sid = task_sid(task); | ||
| 3639 | 3659 | ||
| 3640 | AVC_AUDIT_DATA_INIT(&ad, NET); | 3660 | AVC_AUDIT_DATA_INIT(&ad, NET); |
| 3641 | ad.u.net.sk = sock->sk; | 3661 | ad.u.net.sk = sock->sk; |
| 3642 | err = avc_has_perm(tsec->sid, isec->sid, isec->sclass, perms, &ad); | 3662 | err = avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad); |
| 3643 | 3663 | ||
| 3644 | out: | 3664 | out: |
| 3645 | return err; | 3665 | return err; |
| @@ -3648,18 +3668,20 @@ out: | |||
| 3648 | static int selinux_socket_create(int family, int type, | 3668 | static int selinux_socket_create(int family, int type, |
| 3649 | int protocol, int kern) | 3669 | int protocol, int kern) |
| 3650 | { | 3670 | { |
| 3671 | const struct cred *cred = current_cred(); | ||
| 3672 | const struct task_security_struct *tsec = cred->security; | ||
| 3673 | u32 sid, newsid; | ||
| 3674 | u16 secclass; | ||
| 3651 | int err = 0; | 3675 | int err = 0; |
| 3652 | struct task_security_struct *tsec; | ||
| 3653 | u32 newsid; | ||
| 3654 | 3676 | ||
| 3655 | if (kern) | 3677 | if (kern) |
| 3656 | goto out; | 3678 | goto out; |
| 3657 | 3679 | ||
| 3658 | tsec = current->cred->security; | 3680 | sid = tsec->sid; |
| 3659 | newsid = tsec->sockcreate_sid ? : tsec->sid; | 3681 | newsid = tsec->sockcreate_sid ?: sid; |
| 3660 | err = avc_has_perm(tsec->sid, newsid, | 3682 | |
| 3661 | socket_type_to_security_class(family, type, | 3683 | secclass = socket_type_to_security_class(family, type, protocol); |
| 3662 | protocol), SOCKET__CREATE, NULL); | 3684 | err = avc_has_perm(sid, newsid, secclass, SOCKET__CREATE, NULL); |
| 3663 | 3685 | ||
| 3664 | out: | 3686 | out: |
| 3665 | return err; | 3687 | return err; |
| @@ -3668,18 +3690,26 @@ out: | |||
| 3668 | static int selinux_socket_post_create(struct socket *sock, int family, | 3690 | static int selinux_socket_post_create(struct socket *sock, int family, |
| 3669 | int type, int protocol, int kern) | 3691 | int type, int protocol, int kern) |
| 3670 | { | 3692 | { |
| 3671 | int err = 0; | 3693 | const struct cred *cred = current_cred(); |
| 3694 | const struct task_security_struct *tsec = cred->security; | ||
| 3672 | struct inode_security_struct *isec; | 3695 | struct inode_security_struct *isec; |
| 3673 | struct task_security_struct *tsec; | ||
| 3674 | struct sk_security_struct *sksec; | 3696 | struct sk_security_struct *sksec; |
| 3675 | u32 newsid; | 3697 | u32 sid, newsid; |
| 3698 | int err = 0; | ||
| 3699 | |||
| 3700 | sid = tsec->sid; | ||
| 3701 | newsid = tsec->sockcreate_sid; | ||
| 3676 | 3702 | ||
| 3677 | isec = SOCK_INODE(sock)->i_security; | 3703 | isec = SOCK_INODE(sock)->i_security; |
| 3678 | 3704 | ||
| 3679 | tsec = current->cred->security; | 3705 | if (kern) |
| 3680 | newsid = tsec->sockcreate_sid ? : tsec->sid; | 3706 | isec->sid = SECINITSID_KERNEL; |
| 3707 | else if (newsid) | ||
| 3708 | isec->sid = newsid; | ||
| 3709 | else | ||
| 3710 | isec->sid = sid; | ||
| 3711 | |||
| 3681 | isec->sclass = socket_type_to_security_class(family, type, protocol); | 3712 | isec->sclass = socket_type_to_security_class(family, type, protocol); |
| 3682 | isec->sid = kern ? SECINITSID_KERNEL : newsid; | ||
| 3683 | isec->initialized = 1; | 3713 | isec->initialized = 1; |
| 3684 | 3714 | ||
| 3685 | if (sock->sk) { | 3715 | if (sock->sk) { |
| @@ -3714,7 +3744,6 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in | |||
| 3714 | if (family == PF_INET || family == PF_INET6) { | 3744 | if (family == PF_INET || family == PF_INET6) { |
| 3715 | char *addrp; | 3745 | char *addrp; |
| 3716 | struct inode_security_struct *isec; | 3746 | struct inode_security_struct *isec; |
| 3717 | struct task_security_struct *tsec; | ||
| 3718 | struct avc_audit_data ad; | 3747 | struct avc_audit_data ad; |
| 3719 | struct sockaddr_in *addr4 = NULL; | 3748 | struct sockaddr_in *addr4 = NULL; |
| 3720 | struct sockaddr_in6 *addr6 = NULL; | 3749 | struct sockaddr_in6 *addr6 = NULL; |
| @@ -3722,7 +3751,6 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in | |||
| 3722 | struct sock *sk = sock->sk; | 3751 | struct sock *sk = sock->sk; |
| 3723 | u32 sid, node_perm; | 3752 | u32 sid, node_perm; |
| 3724 | 3753 | ||
| 3725 | tsec = current->cred->security; | ||
| 3726 | isec = SOCK_INODE(sock)->i_security; | 3754 | isec = SOCK_INODE(sock)->i_security; |
| 3727 | 3755 | ||
| 3728 | if (family == PF_INET) { | 3756 | if (family == PF_INET) { |
| @@ -4763,15 +4791,16 @@ static int ipc_alloc_security(struct task_struct *task, | |||
| 4763 | struct kern_ipc_perm *perm, | 4791 | struct kern_ipc_perm *perm, |
| 4764 | u16 sclass) | 4792 | u16 sclass) |
| 4765 | { | 4793 | { |
| 4766 | struct task_security_struct *tsec = task->cred->security; | ||
| 4767 | struct ipc_security_struct *isec; | 4794 | struct ipc_security_struct *isec; |
| 4795 | u32 sid; | ||
| 4768 | 4796 | ||
| 4769 | isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL); | 4797 | isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL); |
| 4770 | if (!isec) | 4798 | if (!isec) |
| 4771 | return -ENOMEM; | 4799 | return -ENOMEM; |
| 4772 | 4800 | ||
| 4801 | sid = task_sid(task); | ||
| 4773 | isec->sclass = sclass; | 4802 | isec->sclass = sclass; |
| 4774 | isec->sid = tsec->sid; | 4803 | isec->sid = sid; |
| 4775 | perm->security = isec; | 4804 | perm->security = isec; |
| 4776 | 4805 | ||
| 4777 | return 0; | 4806 | return 0; |
| @@ -4809,17 +4838,16 @@ static void msg_msg_free_security(struct msg_msg *msg) | |||
| 4809 | static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, | 4838 | static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, |
| 4810 | u32 perms) | 4839 | u32 perms) |
| 4811 | { | 4840 | { |
| 4812 | struct task_security_struct *tsec; | ||
| 4813 | struct ipc_security_struct *isec; | 4841 | struct ipc_security_struct *isec; |
| 4814 | struct avc_audit_data ad; | 4842 | struct avc_audit_data ad; |
| 4843 | u32 sid = current_sid(); | ||
| 4815 | 4844 | ||
| 4816 | tsec = current->cred->security; | ||
| 4817 | isec = ipc_perms->security; | 4845 | isec = ipc_perms->security; |
| 4818 | 4846 | ||
| 4819 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 4847 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 4820 | ad.u.ipc_id = ipc_perms->key; | 4848 | ad.u.ipc_id = ipc_perms->key; |
| 4821 | 4849 | ||
| 4822 | return avc_has_perm(tsec->sid, isec->sid, isec->sclass, perms, &ad); | 4850 | return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad); |
| 4823 | } | 4851 | } |
| 4824 | 4852 | ||
| 4825 | static int selinux_msg_msg_alloc_security(struct msg_msg *msg) | 4853 | static int selinux_msg_msg_alloc_security(struct msg_msg *msg) |
| @@ -4835,22 +4863,21 @@ static void selinux_msg_msg_free_security(struct msg_msg *msg) | |||
| 4835 | /* message queue security operations */ | 4863 | /* message queue security operations */ |
| 4836 | static int selinux_msg_queue_alloc_security(struct msg_queue *msq) | 4864 | static int selinux_msg_queue_alloc_security(struct msg_queue *msq) |
| 4837 | { | 4865 | { |
| 4838 | struct task_security_struct *tsec; | ||
| 4839 | struct ipc_security_struct *isec; | 4866 | struct ipc_security_struct *isec; |
| 4840 | struct avc_audit_data ad; | 4867 | struct avc_audit_data ad; |
| 4868 | u32 sid = current_sid(); | ||
| 4841 | int rc; | 4869 | int rc; |
| 4842 | 4870 | ||
| 4843 | rc = ipc_alloc_security(current, &msq->q_perm, SECCLASS_MSGQ); | 4871 | rc = ipc_alloc_security(current, &msq->q_perm, SECCLASS_MSGQ); |
| 4844 | if (rc) | 4872 | if (rc) |
| 4845 | return rc; | 4873 | return rc; |
| 4846 | 4874 | ||
| 4847 | tsec = current->cred->security; | ||
| 4848 | isec = msq->q_perm.security; | 4875 | isec = msq->q_perm.security; |
| 4849 | 4876 | ||
| 4850 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 4877 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 4851 | ad.u.ipc_id = msq->q_perm.key; | 4878 | ad.u.ipc_id = msq->q_perm.key; |
| 4852 | 4879 | ||
| 4853 | rc = avc_has_perm(tsec->sid, isec->sid, SECCLASS_MSGQ, | 4880 | rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, |
| 4854 | MSGQ__CREATE, &ad); | 4881 | MSGQ__CREATE, &ad); |
| 4855 | if (rc) { | 4882 | if (rc) { |
| 4856 | ipc_free_security(&msq->q_perm); | 4883 | ipc_free_security(&msq->q_perm); |
| @@ -4866,17 +4893,16 @@ static void selinux_msg_queue_free_security(struct msg_queue *msq) | |||
| 4866 | 4893 | ||
| 4867 | static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) | 4894 | static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) |
| 4868 | { | 4895 | { |
| 4869 | struct task_security_struct *tsec; | ||
| 4870 | struct ipc_security_struct *isec; | 4896 | struct ipc_security_struct *isec; |
| 4871 | struct avc_audit_data ad; | 4897 | struct avc_audit_data ad; |
| 4898 | u32 sid = current_sid(); | ||
| 4872 | 4899 | ||
| 4873 | tsec = current->cred->security; | ||
| 4874 | isec = msq->q_perm.security; | 4900 | isec = msq->q_perm.security; |
| 4875 | 4901 | ||
| 4876 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 4902 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 4877 | ad.u.ipc_id = msq->q_perm.key; | 4903 | ad.u.ipc_id = msq->q_perm.key; |
| 4878 | 4904 | ||
| 4879 | return avc_has_perm(tsec->sid, isec->sid, SECCLASS_MSGQ, | 4905 | return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, |
| 4880 | MSGQ__ASSOCIATE, &ad); | 4906 | MSGQ__ASSOCIATE, &ad); |
| 4881 | } | 4907 | } |
| 4882 | 4908 | ||
| @@ -4910,13 +4936,12 @@ static int selinux_msg_queue_msgctl(struct msg_queue *msq, int cmd) | |||
| 4910 | 4936 | ||
| 4911 | static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, int msqflg) | 4937 | static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, int msqflg) |
| 4912 | { | 4938 | { |
| 4913 | struct task_security_struct *tsec; | ||
| 4914 | struct ipc_security_struct *isec; | 4939 | struct ipc_security_struct *isec; |
| 4915 | struct msg_security_struct *msec; | 4940 | struct msg_security_struct *msec; |
| 4916 | struct avc_audit_data ad; | 4941 | struct avc_audit_data ad; |
| 4942 | u32 sid = current_sid(); | ||
| 4917 | int rc; | 4943 | int rc; |
| 4918 | 4944 | ||
| 4919 | tsec = current->cred->security; | ||
| 4920 | isec = msq->q_perm.security; | 4945 | isec = msq->q_perm.security; |
| 4921 | msec = msg->security; | 4946 | msec = msg->security; |
| 4922 | 4947 | ||
| @@ -4928,9 +4953,7 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, | |||
| 4928 | * Compute new sid based on current process and | 4953 | * Compute new sid based on current process and |
| 4929 | * message queue this message will be stored in | 4954 | * message queue this message will be stored in |
| 4930 | */ | 4955 | */ |
| 4931 | rc = security_transition_sid(tsec->sid, | 4956 | rc = security_transition_sid(sid, isec->sid, SECCLASS_MSG, |
| 4932 | isec->sid, | ||
| 4933 | SECCLASS_MSG, | ||
| 4934 | &msec->sid); | 4957 | &msec->sid); |
| 4935 | if (rc) | 4958 | if (rc) |
| 4936 | return rc; | 4959 | return rc; |
| @@ -4940,16 +4963,16 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, | |||
| 4940 | ad.u.ipc_id = msq->q_perm.key; | 4963 | ad.u.ipc_id = msq->q_perm.key; |
| 4941 | 4964 | ||
| 4942 | /* Can this process write to the queue? */ | 4965 | /* Can this process write to the queue? */ |
| 4943 | rc = avc_has_perm(tsec->sid, isec->sid, SECCLASS_MSGQ, | 4966 | rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, |
| 4944 | MSGQ__WRITE, &ad); | 4967 | MSGQ__WRITE, &ad); |
| 4945 | if (!rc) | 4968 | if (!rc) |
| 4946 | /* Can this process send the message */ | 4969 | /* Can this process send the message */ |
| 4947 | rc = avc_has_perm(tsec->sid, msec->sid, | 4970 | rc = avc_has_perm(sid, msec->sid, SECCLASS_MSG, |
| 4948 | SECCLASS_MSG, MSG__SEND, &ad); | 4971 | MSG__SEND, &ad); |
| 4949 | if (!rc) | 4972 | if (!rc) |
| 4950 | /* Can the message be put in the queue? */ | 4973 | /* Can the message be put in the queue? */ |
| 4951 | rc = avc_has_perm(msec->sid, isec->sid, | 4974 | rc = avc_has_perm(msec->sid, isec->sid, SECCLASS_MSGQ, |
| 4952 | SECCLASS_MSGQ, MSGQ__ENQUEUE, &ad); | 4975 | MSGQ__ENQUEUE, &ad); |
| 4953 | 4976 | ||
| 4954 | return rc; | 4977 | return rc; |
| 4955 | } | 4978 | } |
| @@ -4958,23 +4981,22 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, | |||
| 4958 | struct task_struct *target, | 4981 | struct task_struct *target, |
| 4959 | long type, int mode) | 4982 | long type, int mode) |
| 4960 | { | 4983 | { |
| 4961 | struct task_security_struct *tsec; | ||
| 4962 | struct ipc_security_struct *isec; | 4984 | struct ipc_security_struct *isec; |
| 4963 | struct msg_security_struct *msec; | 4985 | struct msg_security_struct *msec; |
| 4964 | struct avc_audit_data ad; | 4986 | struct avc_audit_data ad; |
| 4987 | u32 sid = task_sid(target); | ||
| 4965 | int rc; | 4988 | int rc; |
| 4966 | 4989 | ||
| 4967 | tsec = target->cred->security; | ||
| 4968 | isec = msq->q_perm.security; | 4990 | isec = msq->q_perm.security; |
| 4969 | msec = msg->security; | 4991 | msec = msg->security; |
| 4970 | 4992 | ||
| 4971 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 4993 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 4972 | ad.u.ipc_id = msq->q_perm.key; | 4994 | ad.u.ipc_id = msq->q_perm.key; |
| 4973 | 4995 | ||
| 4974 | rc = avc_has_perm(tsec->sid, isec->sid, | 4996 | rc = avc_has_perm(sid, isec->sid, |
| 4975 | SECCLASS_MSGQ, MSGQ__READ, &ad); | 4997 | SECCLASS_MSGQ, MSGQ__READ, &ad); |
| 4976 | if (!rc) | 4998 | if (!rc) |
| 4977 | rc = avc_has_perm(tsec->sid, msec->sid, | 4999 | rc = avc_has_perm(sid, msec->sid, |
| 4978 | SECCLASS_MSG, MSG__RECEIVE, &ad); | 5000 | SECCLASS_MSG, MSG__RECEIVE, &ad); |
| 4979 | return rc; | 5001 | return rc; |
| 4980 | } | 5002 | } |
| @@ -4982,22 +5004,21 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, | |||
| 4982 | /* Shared Memory security operations */ | 5004 | /* Shared Memory security operations */ |
| 4983 | static int selinux_shm_alloc_security(struct shmid_kernel *shp) | 5005 | static int selinux_shm_alloc_security(struct shmid_kernel *shp) |
| 4984 | { | 5006 | { |
| 4985 | struct task_security_struct *tsec; | ||
| 4986 | struct ipc_security_struct *isec; | 5007 | struct ipc_security_struct *isec; |
| 4987 | struct avc_audit_data ad; | 5008 | struct avc_audit_data ad; |
| 5009 | u32 sid = current_sid(); | ||
| 4988 | int rc; | 5010 | int rc; |
| 4989 | 5011 | ||
| 4990 | rc = ipc_alloc_security(current, &shp->shm_perm, SECCLASS_SHM); | 5012 | rc = ipc_alloc_security(current, &shp->shm_perm, SECCLASS_SHM); |
| 4991 | if (rc) | 5013 | if (rc) |
| 4992 | return rc; | 5014 | return rc; |
| 4993 | 5015 | ||
| 4994 | tsec = current->cred->security; | ||
| 4995 | isec = shp->shm_perm.security; | 5016 | isec = shp->shm_perm.security; |
| 4996 | 5017 | ||
| 4997 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 5018 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 4998 | ad.u.ipc_id = shp->shm_perm.key; | 5019 | ad.u.ipc_id = shp->shm_perm.key; |
| 4999 | 5020 | ||
| 5000 | rc = avc_has_perm(tsec->sid, isec->sid, SECCLASS_SHM, | 5021 | rc = avc_has_perm(sid, isec->sid, SECCLASS_SHM, |
| 5001 | SHM__CREATE, &ad); | 5022 | SHM__CREATE, &ad); |
| 5002 | if (rc) { | 5023 | if (rc) { |
| 5003 | ipc_free_security(&shp->shm_perm); | 5024 | ipc_free_security(&shp->shm_perm); |
| @@ -5013,17 +5034,16 @@ static void selinux_shm_free_security(struct shmid_kernel *shp) | |||
| 5013 | 5034 | ||
| 5014 | static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) | 5035 | static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) |
| 5015 | { | 5036 | { |
| 5016 | struct task_security_struct *tsec; | ||
| 5017 | struct ipc_security_struct *isec; | 5037 | struct ipc_security_struct *isec; |
| 5018 | struct avc_audit_data ad; | 5038 | struct avc_audit_data ad; |
| 5039 | u32 sid = current_sid(); | ||
| 5019 | 5040 | ||
| 5020 | tsec = current->cred->security; | ||
| 5021 | isec = shp->shm_perm.security; | 5041 | isec = shp->shm_perm.security; |
| 5022 | 5042 | ||
| 5023 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 5043 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 5024 | ad.u.ipc_id = shp->shm_perm.key; | 5044 | ad.u.ipc_id = shp->shm_perm.key; |
| 5025 | 5045 | ||
| 5026 | return avc_has_perm(tsec->sid, isec->sid, SECCLASS_SHM, | 5046 | return avc_has_perm(sid, isec->sid, SECCLASS_SHM, |
| 5027 | SHM__ASSOCIATE, &ad); | 5047 | SHM__ASSOCIATE, &ad); |
| 5028 | } | 5048 | } |
| 5029 | 5049 | ||
| @@ -5081,22 +5101,21 @@ static int selinux_shm_shmat(struct shmid_kernel *shp, | |||
| 5081 | /* Semaphore security operations */ | 5101 | /* Semaphore security operations */ |
| 5082 | static int selinux_sem_alloc_security(struct sem_array *sma) | 5102 | static int selinux_sem_alloc_security(struct sem_array *sma) |
| 5083 | { | 5103 | { |
| 5084 | struct task_security_struct *tsec; | ||
| 5085 | struct ipc_security_struct *isec; | 5104 | struct ipc_security_struct *isec; |
| 5086 | struct avc_audit_data ad; | 5105 | struct avc_audit_data ad; |
| 5106 | u32 sid = current_sid(); | ||
| 5087 | int rc; | 5107 | int rc; |
| 5088 | 5108 | ||
| 5089 | rc = ipc_alloc_security(current, &sma->sem_perm, SECCLASS_SEM); | 5109 | rc = ipc_alloc_security(current, &sma->sem_perm, SECCLASS_SEM); |
| 5090 | if (rc) | 5110 | if (rc) |
| 5091 | return rc; | 5111 | return rc; |
| 5092 | 5112 | ||
| 5093 | tsec = current->cred->security; | ||
| 5094 | isec = sma->sem_perm.security; | 5113 | isec = sma->sem_perm.security; |
| 5095 | 5114 | ||
| 5096 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 5115 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 5097 | ad.u.ipc_id = sma->sem_perm.key; | 5116 | ad.u.ipc_id = sma->sem_perm.key; |
| 5098 | 5117 | ||
| 5099 | rc = avc_has_perm(tsec->sid, isec->sid, SECCLASS_SEM, | 5118 | rc = avc_has_perm(sid, isec->sid, SECCLASS_SEM, |
| 5100 | SEM__CREATE, &ad); | 5119 | SEM__CREATE, &ad); |
| 5101 | if (rc) { | 5120 | if (rc) { |
| 5102 | ipc_free_security(&sma->sem_perm); | 5121 | ipc_free_security(&sma->sem_perm); |
| @@ -5112,17 +5131,16 @@ static void selinux_sem_free_security(struct sem_array *sma) | |||
| 5112 | 5131 | ||
| 5113 | static int selinux_sem_associate(struct sem_array *sma, int semflg) | 5132 | static int selinux_sem_associate(struct sem_array *sma, int semflg) |
| 5114 | { | 5133 | { |
| 5115 | struct task_security_struct *tsec; | ||
| 5116 | struct ipc_security_struct *isec; | 5134 | struct ipc_security_struct *isec; |
| 5117 | struct avc_audit_data ad; | 5135 | struct avc_audit_data ad; |
| 5136 | u32 sid = current_sid(); | ||
| 5118 | 5137 | ||
| 5119 | tsec = current->cred->security; | ||
| 5120 | isec = sma->sem_perm.security; | 5138 | isec = sma->sem_perm.security; |
| 5121 | 5139 | ||
| 5122 | AVC_AUDIT_DATA_INIT(&ad, IPC); | 5140 | AVC_AUDIT_DATA_INIT(&ad, IPC); |
| 5123 | ad.u.ipc_id = sma->sem_perm.key; | 5141 | ad.u.ipc_id = sma->sem_perm.key; |
| 5124 | 5142 | ||
| 5125 | return avc_has_perm(tsec->sid, isec->sid, SECCLASS_SEM, | 5143 | return avc_has_perm(sid, isec->sid, SECCLASS_SEM, |
| 5126 | SEM__ASSOCIATE, &ad); | 5144 | SEM__ASSOCIATE, &ad); |
| 5127 | } | 5145 | } |
| 5128 | 5146 | ||
| @@ -5212,7 +5230,7 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) | |||
| 5212 | static int selinux_getprocattr(struct task_struct *p, | 5230 | static int selinux_getprocattr(struct task_struct *p, |
| 5213 | char *name, char **value) | 5231 | char *name, char **value) |
| 5214 | { | 5232 | { |
| 5215 | struct task_security_struct *tsec; | 5233 | const struct task_security_struct *__tsec; |
| 5216 | u32 sid; | 5234 | u32 sid; |
| 5217 | int error; | 5235 | int error; |
| 5218 | unsigned len; | 5236 | unsigned len; |
| @@ -5223,22 +5241,24 @@ static int selinux_getprocattr(struct task_struct *p, | |||
| 5223 | return error; | 5241 | return error; |
| 5224 | } | 5242 | } |
| 5225 | 5243 | ||
| 5226 | tsec = p->cred->security; | 5244 | rcu_read_lock(); |
| 5245 | __tsec = __task_cred(p)->security; | ||
| 5227 | 5246 | ||
| 5228 | if (!strcmp(name, "current")) | 5247 | if (!strcmp(name, "current")) |
| 5229 | sid = tsec->sid; | 5248 | sid = __tsec->sid; |
| 5230 | else if (!strcmp(name, "prev")) | 5249 | else if (!strcmp(name, "prev")) |
| 5231 | sid = tsec->osid; | 5250 | sid = __tsec->osid; |
| 5232 | else if (!strcmp(name, "exec")) | 5251 | else if (!strcmp(name, "exec")) |
| 5233 | sid = tsec->exec_sid; | 5252 | sid = __tsec->exec_sid; |
| 5234 | else if (!strcmp(name, "fscreate")) | 5253 | else if (!strcmp(name, "fscreate")) |
| 5235 | sid = tsec->create_sid; | 5254 | sid = __tsec->create_sid; |
| 5236 | else if (!strcmp(name, "keycreate")) | 5255 | else if (!strcmp(name, "keycreate")) |
| 5237 | sid = tsec->keycreate_sid; | 5256 | sid = __tsec->keycreate_sid; |
| 5238 | else if (!strcmp(name, "sockcreate")) | 5257 | else if (!strcmp(name, "sockcreate")) |
| 5239 | sid = tsec->sockcreate_sid; | 5258 | sid = __tsec->sockcreate_sid; |
| 5240 | else | 5259 | else |
| 5241 | return -EINVAL; | 5260 | goto invalid; |
| 5261 | rcu_read_unlock(); | ||
| 5242 | 5262 | ||
| 5243 | if (!sid) | 5263 | if (!sid) |
| 5244 | return 0; | 5264 | return 0; |
| @@ -5247,6 +5267,10 @@ static int selinux_getprocattr(struct task_struct *p, | |||
| 5247 | if (error) | 5267 | if (error) |
| 5248 | return error; | 5268 | return error; |
| 5249 | return len; | 5269 | return len; |
| 5270 | |||
| 5271 | invalid: | ||
| 5272 | rcu_read_unlock(); | ||
| 5273 | return -EINVAL; | ||
| 5250 | } | 5274 | } |
| 5251 | 5275 | ||
| 5252 | static int selinux_setprocattr(struct task_struct *p, | 5276 | static int selinux_setprocattr(struct task_struct *p, |
| @@ -5360,9 +5384,7 @@ boundary_ok: | |||
| 5360 | rcu_read_lock(); | 5384 | rcu_read_lock(); |
| 5361 | tracer = tracehook_tracer_task(p); | 5385 | tracer = tracehook_tracer_task(p); |
| 5362 | if (tracer != NULL) { | 5386 | if (tracer != NULL) { |
| 5363 | struct task_security_struct *ptsec = | 5387 | u32 ptsid = task_sid(tracer); |
| 5364 | tracer->cred->security; | ||
| 5365 | u32 ptsid = ptsec->sid; | ||
| 5366 | rcu_read_unlock(); | 5388 | rcu_read_unlock(); |
| 5367 | error = avc_has_perm_noaudit(ptsid, sid, | 5389 | error = avc_has_perm_noaudit(ptsid, sid, |
| 5368 | SECCLASS_PROCESS, | 5390 | SECCLASS_PROCESS, |
| @@ -5405,19 +5427,22 @@ static void selinux_release_secctx(char *secdata, u32 seclen) | |||
| 5405 | static int selinux_key_alloc(struct key *k, struct task_struct *tsk, | 5427 | static int selinux_key_alloc(struct key *k, struct task_struct *tsk, |
| 5406 | unsigned long flags) | 5428 | unsigned long flags) |
| 5407 | { | 5429 | { |
| 5408 | struct task_security_struct *tsec = tsk->cred->security; | 5430 | const struct task_security_struct *__tsec; |
| 5409 | struct key_security_struct *ksec; | 5431 | struct key_security_struct *ksec; |
| 5410 | 5432 | ||
| 5411 | ksec = kzalloc(sizeof(struct key_security_struct), GFP_KERNEL); | 5433 | ksec = kzalloc(sizeof(struct key_security_struct), GFP_KERNEL); |
| 5412 | if (!ksec) | 5434 | if (!ksec) |
| 5413 | return -ENOMEM; | 5435 | return -ENOMEM; |
| 5414 | 5436 | ||
| 5415 | if (tsec->keycreate_sid) | 5437 | rcu_read_lock(); |
| 5416 | ksec->sid = tsec->keycreate_sid; | 5438 | __tsec = __task_cred(tsk)->security; |
| 5439 | if (__tsec->keycreate_sid) | ||
| 5440 | ksec->sid = __tsec->keycreate_sid; | ||
| 5417 | else | 5441 | else |
| 5418 | ksec->sid = tsec->sid; | 5442 | ksec->sid = __tsec->sid; |
| 5419 | k->security = ksec; | 5443 | rcu_read_unlock(); |
| 5420 | 5444 | ||
| 5445 | k->security = ksec; | ||
| 5421 | return 0; | 5446 | return 0; |
| 5422 | } | 5447 | } |
| 5423 | 5448 | ||
| @@ -5434,13 +5459,8 @@ static int selinux_key_permission(key_ref_t key_ref, | |||
| 5434 | key_perm_t perm) | 5459 | key_perm_t perm) |
| 5435 | { | 5460 | { |
| 5436 | struct key *key; | 5461 | struct key *key; |
| 5437 | struct task_security_struct *tsec; | ||
| 5438 | struct key_security_struct *ksec; | 5462 | struct key_security_struct *ksec; |
| 5439 | 5463 | u32 sid; | |
| 5440 | key = key_ref_to_ptr(key_ref); | ||
| 5441 | |||
| 5442 | tsec = ctx->cred->security; | ||
| 5443 | ksec = key->security; | ||
| 5444 | 5464 | ||
| 5445 | /* if no specific permissions are requested, we skip the | 5465 | /* if no specific permissions are requested, we skip the |
| 5446 | permission check. No serious, additional covert channels | 5466 | permission check. No serious, additional covert channels |
| @@ -5448,8 +5468,12 @@ static int selinux_key_permission(key_ref_t key_ref, | |||
| 5448 | if (perm == 0) | 5468 | if (perm == 0) |
| 5449 | return 0; | 5469 | return 0; |
| 5450 | 5470 | ||
| 5451 | return avc_has_perm(tsec->sid, ksec->sid, | 5471 | sid = task_sid(ctx); |
| 5452 | SECCLASS_KEY, perm, NULL); | 5472 | |
| 5473 | key = key_ref_to_ptr(key_ref); | ||
| 5474 | ksec = key->security; | ||
| 5475 | |||
| 5476 | return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, perm, NULL); | ||
| 5453 | } | 5477 | } |
| 5454 | 5478 | ||
| 5455 | static int selinux_key_getsecurity(struct key *key, char **_buffer) | 5479 | static int selinux_key_getsecurity(struct key *key, char **_buffer) |