diff options
| author | Eric Paris <eparis@redhat.com> | 2011-02-01 11:05:40 -0500 |
|---|---|---|
| committer | Eric Paris <eparis@redhat.com> | 2011-02-01 11:12:30 -0500 |
| commit | 652bb9b0d6ce007f37c098947b2cc0c45efa3f66 (patch) | |
| tree | 7bf76f04a1fcaa401761a9a734b94682e2ac8b8c /security/selinux/ss/policydb.c | |
| parent | 2a7dba391e5628ad665ce84ef9a6648da541ebab (diff) | |
SELinux: Use dentry name in new object labeling
Currently SELinux has rules which label new objects according to 3 criteria.
The label of the process creating the object, the label of the parent
directory, and the type of object (reg, dir, char, block, etc.) This patch
adds a 4th criteria, the dentry name, thus we can distinguish between
creating a file in an etc_t directory called shadow and one called motd.
There is no file globbing, regex parsing, or anything mystical. Either the
policy exactly (strcmp) matches the dentry name of the object or it doesn't.
This patch has no changes from today if policy does not implement the new
rules.
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux/ss/policydb.c')
| -rw-r--r-- | security/selinux/ss/policydb.c | 130 |
1 files changed, 130 insertions, 0 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index be9de3872837..159c81806760 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c | |||
| @@ -123,6 +123,11 @@ static struct policydb_compat_info policydb_compat[] = { | |||
| 123 | .sym_num = SYM_NUM, | 123 | .sym_num = SYM_NUM, |
| 124 | .ocon_num = OCON_NUM, | 124 | .ocon_num = OCON_NUM, |
| 125 | }, | 125 | }, |
| 126 | { | ||
| 127 | .version = POLICYDB_VERSION_FILENAME_TRANS, | ||
| 128 | .sym_num = SYM_NUM, | ||
| 129 | .ocon_num = OCON_NUM, | ||
| 130 | }, | ||
| 126 | }; | 131 | }; |
| 127 | 132 | ||
| 128 | static struct policydb_compat_info *policydb_lookup_compat(int version) | 133 | static struct policydb_compat_info *policydb_lookup_compat(int version) |
| @@ -704,6 +709,7 @@ void policydb_destroy(struct policydb *p) | |||
| 704 | int i; | 709 | int i; |
| 705 | struct role_allow *ra, *lra = NULL; | 710 | struct role_allow *ra, *lra = NULL; |
| 706 | struct role_trans *tr, *ltr = NULL; | 711 | struct role_trans *tr, *ltr = NULL; |
| 712 | struct filename_trans *ft, *nft; | ||
| 707 | 713 | ||
| 708 | for (i = 0; i < SYM_NUM; i++) { | 714 | for (i = 0; i < SYM_NUM; i++) { |
| 709 | cond_resched(); | 715 | cond_resched(); |
| @@ -781,6 +787,15 @@ void policydb_destroy(struct policydb *p) | |||
| 781 | } | 787 | } |
| 782 | flex_array_free(p->type_attr_map_array); | 788 | flex_array_free(p->type_attr_map_array); |
| 783 | } | 789 | } |
| 790 | |||
| 791 | ft = p->filename_trans; | ||
| 792 | while (ft) { | ||
| 793 | nft = ft->next; | ||
| 794 | kfree(ft->name); | ||
| 795 | kfree(ft); | ||
| 796 | ft = nft; | ||
| 797 | } | ||
| 798 | |||
| 784 | ebitmap_destroy(&p->policycaps); | 799 | ebitmap_destroy(&p->policycaps); |
| 785 | ebitmap_destroy(&p->permissive_map); | 800 | ebitmap_destroy(&p->permissive_map); |
| 786 | 801 | ||
| @@ -1788,6 +1803,76 @@ out: | |||
| 1788 | return rc; | 1803 | return rc; |
| 1789 | } | 1804 | } |
| 1790 | 1805 | ||
| 1806 | static int filename_trans_read(struct policydb *p, void *fp) | ||
| 1807 | { | ||
| 1808 | struct filename_trans *ft, *last; | ||
| 1809 | u32 nel, len; | ||
| 1810 | char *name; | ||
| 1811 | __le32 buf[4]; | ||
| 1812 | int rc, i; | ||
| 1813 | |||
| 1814 | if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS) | ||
| 1815 | return 0; | ||
| 1816 | |||
| 1817 | rc = next_entry(buf, fp, sizeof(u32)); | ||
| 1818 | if (rc) | ||
| 1819 | goto out; | ||
| 1820 | nel = le32_to_cpu(buf[0]); | ||
| 1821 | |||
| 1822 | printk(KERN_ERR "%s: nel=%d\n", __func__, nel); | ||
| 1823 | |||
| 1824 | last = p->filename_trans; | ||
| 1825 | while (last && last->next) | ||
| 1826 | last = last->next; | ||
| 1827 | |||
| 1828 | for (i = 0; i < nel; i++) { | ||
| 1829 | rc = -ENOMEM; | ||
| 1830 | ft = kzalloc(sizeof(*ft), GFP_KERNEL); | ||
| 1831 | if (!ft) | ||
| 1832 | goto out; | ||
| 1833 | |||
| 1834 | /* add it to the tail of the list */ | ||
| 1835 | if (!last) | ||
| 1836 | p->filename_trans = ft; | ||
| 1837 | else | ||
| 1838 | last->next = ft; | ||
| 1839 | last = ft; | ||
| 1840 | |||
| 1841 | /* length of the path component string */ | ||
| 1842 | rc = next_entry(buf, fp, sizeof(u32)); | ||
| 1843 | if (rc) | ||
| 1844 | goto out; | ||
| 1845 | len = le32_to_cpu(buf[0]); | ||
| 1846 | |||
| 1847 | rc = -ENOMEM; | ||
| 1848 | name = kmalloc(len + 1, GFP_KERNEL); | ||
| 1849 | if (!name) | ||
| 1850 | goto out; | ||
| 1851 | |||
| 1852 | ft->name = name; | ||
| 1853 | |||
| 1854 | /* path component string */ | ||
| 1855 | rc = next_entry(name, fp, len); | ||
| 1856 | if (rc) | ||
| 1857 | goto out; | ||
| 1858 | name[len] = 0; | ||
| 1859 | |||
| 1860 | printk(KERN_ERR "%s: ft=%p ft->name=%p ft->name=%s\n", __func__, ft, ft->name, ft->name); | ||
| 1861 | |||
| 1862 | rc = next_entry(buf, fp, sizeof(u32) * 4); | ||
| 1863 | if (rc) | ||
| 1864 | goto out; | ||
| 1865 | |||
| 1866 | ft->stype = le32_to_cpu(buf[0]); | ||
| 1867 | ft->ttype = le32_to_cpu(buf[1]); | ||
| 1868 | ft->tclass = le32_to_cpu(buf[2]); | ||
| 1869 | ft->otype = le32_to_cpu(buf[3]); | ||
| 1870 | } | ||
| 1871 | rc = 0; | ||
| 1872 | out: | ||
| 1873 | return rc; | ||
| 1874 | } | ||
| 1875 | |||
| 1791 | static int genfs_read(struct policydb *p, void *fp) | 1876 | static int genfs_read(struct policydb *p, void *fp) |
| 1792 | { | 1877 | { |
| 1793 | int i, j, rc; | 1878 | int i, j, rc; |
| @@ -2251,6 +2336,10 @@ int policydb_read(struct policydb *p, void *fp) | |||
| 2251 | lra = ra; | 2336 | lra = ra; |
| 2252 | } | 2337 | } |
| 2253 | 2338 | ||
| 2339 | rc = filename_trans_read(p, fp); | ||
| 2340 | if (rc) | ||
| 2341 | goto bad; | ||
| 2342 | |||
| 2254 | rc = policydb_index(p); | 2343 | rc = policydb_index(p); |
| 2255 | if (rc) | 2344 | if (rc) |
| 2256 | goto bad; | 2345 | goto bad; |
| @@ -3025,6 +3114,43 @@ static int range_write(struct policydb *p, void *fp) | |||
| 3025 | return 0; | 3114 | return 0; |
| 3026 | } | 3115 | } |
| 3027 | 3116 | ||
| 3117 | static int filename_trans_write(struct policydb *p, void *fp) | ||
| 3118 | { | ||
| 3119 | struct filename_trans *ft; | ||
| 3120 | u32 len, nel = 0; | ||
| 3121 | __le32 buf[4]; | ||
| 3122 | int rc; | ||
| 3123 | |||
| 3124 | for (ft = p->filename_trans; ft; ft = ft->next) | ||
| 3125 | nel++; | ||
| 3126 | |||
| 3127 | buf[0] = cpu_to_le32(nel); | ||
| 3128 | rc = put_entry(buf, sizeof(u32), 1, fp); | ||
| 3129 | if (rc) | ||
| 3130 | return rc; | ||
| 3131 | |||
| 3132 | for (ft = p->filename_trans; ft; ft = ft->next) { | ||
| 3133 | len = strlen(ft->name); | ||
| 3134 | buf[0] = cpu_to_le32(len); | ||
| 3135 | rc = put_entry(buf, sizeof(u32), 1, fp); | ||
| 3136 | if (rc) | ||
| 3137 | return rc; | ||
| 3138 | |||
| 3139 | rc = put_entry(ft->name, sizeof(char), len, fp); | ||
| 3140 | if (rc) | ||
| 3141 | return rc; | ||
| 3142 | |||
| 3143 | buf[0] = ft->stype; | ||
| 3144 | buf[1] = ft->ttype; | ||
| 3145 | buf[2] = ft->tclass; | ||
| 3146 | buf[3] = ft->otype; | ||
| 3147 | |||
| 3148 | rc = put_entry(buf, sizeof(u32), 4, fp); | ||
| 3149 | if (rc) | ||
| 3150 | return rc; | ||
| 3151 | } | ||
| 3152 | return 0; | ||
| 3153 | } | ||
| 3028 | /* | 3154 | /* |
| 3029 | * Write the configuration data in a policy database | 3155 | * Write the configuration data in a policy database |
| 3030 | * structure to a policy database binary representation | 3156 | * structure to a policy database binary representation |
| @@ -3135,6 +3261,10 @@ int policydb_write(struct policydb *p, void *fp) | |||
| 3135 | if (rc) | 3261 | if (rc) |
| 3136 | return rc; | 3262 | return rc; |
| 3137 | 3263 | ||
| 3264 | rc = filename_trans_write(p, fp); | ||
| 3265 | if (rc) | ||
| 3266 | return rc; | ||
| 3267 | |||
| 3138 | rc = ocontext_write(p, info, fp); | 3268 | rc = ocontext_write(p, info, fp); |
| 3139 | if (rc) | 3269 | if (rc) |
| 3140 | return rc; | 3270 | return rc; |