aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorAnand Avati <avati@redhat.com>2013-04-16 18:56:19 -0400
committerEric Paris <eparis@redhat.com>2013-08-28 14:44:52 -0400
commit102aefdda4d8275ce7d7100bc16c88c74272b260 (patch)
tree808ea5ebeb04abbf5e8d9c024f261225a41420d7 /security/selinux/hooks.c
parent2be4d74f2fd45460d70d4fe65cc1972ef45bf849 (diff)
selinux: consider filesystem subtype in policies
Not considering sub filesystem has the following limitation. Support for SELinux in FUSE is dependent on the particular userspace filesystem, which is identified by the subtype. For e.g, GlusterFS, a FUSE based filesystem supports SELinux (by mounting and processing FUSE requests in different threads, avoiding the mount time deadlock), whereas other FUSE based filesystems (identified by a different subtype) have the mount time deadlock. By considering the subtype of the filesytem in the SELinux policies, allows us to specify a filesystem subtype, in the following way: fs_use_xattr fuse.glusterfs gen_context(system_u:object_r:fs_t,s0); This way not all FUSE filesystems are put in the same bucket and subjected to the limitations of the other subtypes. Signed-off-by: Anand Avati <avati@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c40
1 files changed, 22 insertions, 18 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4fbf2c5f26ce..0d4408debb45 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -94,6 +94,10 @@
94#include "audit.h" 94#include "audit.h"
95#include "avc_ss.h" 95#include "avc_ss.h"
96 96
97#define SB_TYPE_FMT "%s%s%s"
98#define SB_SUBTYPE(sb) (sb->s_subtype && sb->s_subtype[0])
99#define SB_TYPE_ARGS(sb) sb->s_type->name, SB_SUBTYPE(sb) ? "." : "", SB_SUBTYPE(sb) ? sb->s_subtype : ""
100
97extern struct security_operations *security_ops; 101extern struct security_operations *security_ops;
98 102
99/* SECMARK reference count */ 103/* SECMARK reference count */
@@ -407,8 +411,8 @@ static int sb_finish_set_opts(struct super_block *sb)
407 the first boot of the SELinux kernel before we have 411 the first boot of the SELinux kernel before we have
408 assigned xattr values to the filesystem. */ 412 assigned xattr values to the filesystem. */
409 if (!root_inode->i_op->getxattr) { 413 if (!root_inode->i_op->getxattr) {
410 printk(KERN_WARNING "SELinux: (dev %s, type %s) has no " 414 printk(KERN_WARNING "SELinux: (dev %s, type "SB_TYPE_FMT") has no "
411 "xattr support\n", sb->s_id, sb->s_type->name); 415 "xattr support\n", sb->s_id, SB_TYPE_ARGS(sb));
412 rc = -EOPNOTSUPP; 416 rc = -EOPNOTSUPP;
413 goto out; 417 goto out;
414 } 418 }
@@ -416,22 +420,22 @@ static int sb_finish_set_opts(struct super_block *sb)
416 if (rc < 0 && rc != -ENODATA) { 420 if (rc < 0 && rc != -ENODATA) {
417 if (rc == -EOPNOTSUPP) 421 if (rc == -EOPNOTSUPP)
418 printk(KERN_WARNING "SELinux: (dev %s, type " 422 printk(KERN_WARNING "SELinux: (dev %s, type "
419 "%s) has no security xattr handler\n", 423 SB_TYPE_FMT") has no security xattr handler\n",
420 sb->s_id, sb->s_type->name); 424 sb->s_id, SB_TYPE_ARGS(sb));
421 else 425 else
422 printk(KERN_WARNING "SELinux: (dev %s, type " 426 printk(KERN_WARNING "SELinux: (dev %s, type "
423 "%s) getxattr errno %d\n", sb->s_id, 427 SB_TYPE_FMT") getxattr errno %d\n", sb->s_id,
424 sb->s_type->name, -rc); 428 SB_TYPE_ARGS(sb), -rc);
425 goto out; 429 goto out;
426 } 430 }
427 } 431 }
428 432
429 if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) 433 if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
430 printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n", 434 printk(KERN_ERR "SELinux: initialized (dev %s, type "SB_TYPE_FMT"), unknown behavior\n",
431 sb->s_id, sb->s_type->name); 435 sb->s_id, SB_TYPE_ARGS(sb));
432 else 436 else
433 printk(KERN_DEBUG "SELinux: initialized (dev %s, type %s), %s\n", 437 printk(KERN_DEBUG "SELinux: initialized (dev %s, type "SB_TYPE_FMT"), %s\n",
434 sb->s_id, sb->s_type->name, 438 sb->s_id, SB_TYPE_ARGS(sb),
435 labeling_behaviors[sbsec->behavior-1]); 439 labeling_behaviors[sbsec->behavior-1]);
436 440
437 sbsec->flags |= SE_SBINITIALIZED; 441 sbsec->flags |= SE_SBINITIALIZED;
@@ -589,7 +593,6 @@ static int selinux_set_mnt_opts(struct super_block *sb,
589 const struct cred *cred = current_cred(); 593 const struct cred *cred = current_cred();
590 int rc = 0, i; 594 int rc = 0, i;
591 struct superblock_security_struct *sbsec = sb->s_security; 595 struct superblock_security_struct *sbsec = sb->s_security;
592 const char *name = sb->s_type->name;
593 struct inode *inode = sbsec->sb->s_root->d_inode; 596 struct inode *inode = sbsec->sb->s_root->d_inode;
594 struct inode_security_struct *root_isec = inode->i_security; 597 struct inode_security_struct *root_isec = inode->i_security;
595 u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0; 598 u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0;
@@ -642,8 +645,8 @@ static int selinux_set_mnt_opts(struct super_block *sb,
642 strlen(mount_options[i]), &sid); 645 strlen(mount_options[i]), &sid);
643 if (rc) { 646 if (rc) {
644 printk(KERN_WARNING "SELinux: security_context_to_sid" 647 printk(KERN_WARNING "SELinux: security_context_to_sid"
645 "(%s) failed for (dev %s, type %s) errno=%d\n", 648 "(%s) failed for (dev %s, type "SB_TYPE_FMT") errno=%d\n",
646 mount_options[i], sb->s_id, name, rc); 649 mount_options[i], sb->s_id, SB_TYPE_ARGS(sb), rc);
647 goto out; 650 goto out;
648 } 651 }
649 switch (flags[i]) { 652 switch (flags[i]) {
@@ -779,7 +782,8 @@ out:
779out_double_mount: 782out_double_mount:
780 rc = -EINVAL; 783 rc = -EINVAL;
781 printk(KERN_WARNING "SELinux: mount invalid. Same superblock, different " 784 printk(KERN_WARNING "SELinux: mount invalid. Same superblock, different "
782 "security settings for (dev %s, type %s)\n", sb->s_id, name); 785 "security settings for (dev %s, type "SB_TYPE_FMT")\n", sb->s_id,
786 SB_TYPE_ARGS(sb));
783 goto out; 787 goto out;
784} 788}
785 789
@@ -2439,8 +2443,8 @@ static int selinux_sb_remount(struct super_block *sb, void *data)
2439 rc = security_context_to_sid(mount_options[i], len, &sid); 2443 rc = security_context_to_sid(mount_options[i], len, &sid);
2440 if (rc) { 2444 if (rc) {
2441 printk(KERN_WARNING "SELinux: security_context_to_sid" 2445 printk(KERN_WARNING "SELinux: security_context_to_sid"
2442 "(%s) failed for (dev %s, type %s) errno=%d\n", 2446 "(%s) failed for (dev %s, type "SB_TYPE_FMT") errno=%d\n",
2443 mount_options[i], sb->s_id, sb->s_type->name, rc); 2447 mount_options[i], sb->s_id, SB_TYPE_ARGS(sb), rc);
2444 goto out_free_opts; 2448 goto out_free_opts;
2445 } 2449 }
2446 rc = -EINVAL; 2450 rc = -EINVAL;
@@ -2478,8 +2482,8 @@ out_free_secdata:
2478 return rc; 2482 return rc;
2479out_bad_option: 2483out_bad_option:
2480 printk(KERN_WARNING "SELinux: unable to change security options " 2484 printk(KERN_WARNING "SELinux: unable to change security options "
2481 "during remount (dev %s, type=%s)\n", sb->s_id, 2485 "during remount (dev %s, type "SB_TYPE_FMT")\n", sb->s_id,
2482 sb->s_type->name); 2486 SB_TYPE_ARGS(sb));
2483 goto out_free_opts; 2487 goto out_free_opts;
2484} 2488}
2485 2489