diff options
| author | Chad Sellers <csellers@tresys.com> | 2006-11-06 12:38:15 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2006-11-28 12:04:35 -0500 |
| commit | 5a64d4438ed1e759ccd30d9e90842bf360f19298 (patch) | |
| tree | b9165ff810788cc934778345201d442f8e869a00 /security | |
| parent | 2ea5814472c3c910aed5c5b60f1f3b1000e353f1 (diff) | |
SELinux: remove current object class and permission validation mechanism
Removes the current SELinux object class and permission validation code,
as the current code makes it impossible to change or remove object classes
and permissions on a running system. Additionally, the current code does
not actually validate that the classes and permissions are correct, but
instead merely validates that they do not change between policy reloads.
Signed-off-by: Chad Sellers <csellers@tresys.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/ss/services.c | 91 |
1 files changed, 0 insertions, 91 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index bfe122764c98..33ae1020091e 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -1018,89 +1018,6 @@ int security_change_sid(u32 ssid, | |||
| 1018 | return security_compute_sid(ssid, tsid, tclass, AVTAB_CHANGE, out_sid); | 1018 | return security_compute_sid(ssid, tsid, tclass, AVTAB_CHANGE, out_sid); |
| 1019 | } | 1019 | } |
| 1020 | 1020 | ||
| 1021 | /* | ||
| 1022 | * Verify that each permission that is defined under the | ||
| 1023 | * existing policy is still defined with the same value | ||
| 1024 | * in the new policy. | ||
| 1025 | */ | ||
| 1026 | static int validate_perm(void *key, void *datum, void *p) | ||
| 1027 | { | ||
| 1028 | struct hashtab *h; | ||
| 1029 | struct perm_datum *perdatum, *perdatum2; | ||
| 1030 | int rc = 0; | ||
| 1031 | |||
| 1032 | |||
| 1033 | h = p; | ||
| 1034 | perdatum = datum; | ||
| 1035 | |||
| 1036 | perdatum2 = hashtab_search(h, key); | ||
| 1037 | if (!perdatum2) { | ||
| 1038 | printk(KERN_ERR "security: permission %s disappeared", | ||
| 1039 | (char *)key); | ||
| 1040 | rc = -ENOENT; | ||
| 1041 | goto out; | ||
| 1042 | } | ||
| 1043 | if (perdatum->value != perdatum2->value) { | ||
| 1044 | printk(KERN_ERR "security: the value of permission %s changed", | ||
| 1045 | (char *)key); | ||
| 1046 | rc = -EINVAL; | ||
| 1047 | } | ||
| 1048 | out: | ||
| 1049 | return rc; | ||
| 1050 | } | ||
| 1051 | |||
| 1052 | /* | ||
| 1053 | * Verify that each class that is defined under the | ||
| 1054 | * existing policy is still defined with the same | ||
| 1055 | * attributes in the new policy. | ||
| 1056 | */ | ||
| 1057 | static int validate_class(void *key, void *datum, void *p) | ||
| 1058 | { | ||
| 1059 | struct policydb *newp; | ||
| 1060 | struct class_datum *cladatum, *cladatum2; | ||
| 1061 | int rc; | ||
| 1062 | |||
| 1063 | newp = p; | ||
| 1064 | cladatum = datum; | ||
| 1065 | |||
| 1066 | cladatum2 = hashtab_search(newp->p_classes.table, key); | ||
| 1067 | if (!cladatum2) { | ||
| 1068 | printk(KERN_ERR "security: class %s disappeared\n", | ||
| 1069 | (char *)key); | ||
| 1070 | rc = -ENOENT; | ||
| 1071 | goto out; | ||
| 1072 | } | ||
| 1073 | if (cladatum->value != cladatum2->value) { | ||
| 1074 | printk(KERN_ERR "security: the value of class %s changed\n", | ||
| 1075 | (char *)key); | ||
| 1076 | rc = -EINVAL; | ||
| 1077 | goto out; | ||
| 1078 | } | ||
| 1079 | if ((cladatum->comdatum && !cladatum2->comdatum) || | ||
| 1080 | (!cladatum->comdatum && cladatum2->comdatum)) { | ||
| 1081 | printk(KERN_ERR "security: the inherits clause for the access " | ||
| 1082 | "vector definition for class %s changed\n", (char *)key); | ||
| 1083 | rc = -EINVAL; | ||
| 1084 | goto out; | ||
| 1085 | } | ||
| 1086 | if (cladatum->comdatum) { | ||
| 1087 | rc = hashtab_map(cladatum->comdatum->permissions.table, validate_perm, | ||
| 1088 | cladatum2->comdatum->permissions.table); | ||
| 1089 | if (rc) { | ||
| 1090 | printk(" in the access vector definition for class " | ||
| 1091 | "%s\n", (char *)key); | ||
| 1092 | goto out; | ||
| 1093 | } | ||
| 1094 | } | ||
| 1095 | rc = hashtab_map(cladatum->permissions.table, validate_perm, | ||
| 1096 | cladatum2->permissions.table); | ||
| 1097 | if (rc) | ||
| 1098 | printk(" in access vector definition for class %s\n", | ||
| 1099 | (char *)key); | ||
| 1100 | out: | ||
| 1101 | return rc; | ||
| 1102 | } | ||
| 1103 | |||
| 1104 | /* Clone the SID into the new SID table. */ | 1021 | /* Clone the SID into the new SID table. */ |
| 1105 | static int clone_sid(u32 sid, | 1022 | static int clone_sid(u32 sid, |
| 1106 | struct context *context, | 1023 | struct context *context, |
| @@ -1265,14 +1182,6 @@ int security_load_policy(void *data, size_t len) | |||
| 1265 | 1182 | ||
| 1266 | sidtab_init(&newsidtab); | 1183 | sidtab_init(&newsidtab); |
| 1267 | 1184 | ||
| 1268 | /* Verify that the existing classes did not change. */ | ||
| 1269 | if (hashtab_map(policydb.p_classes.table, validate_class, &newpolicydb)) { | ||
| 1270 | printk(KERN_ERR "security: the definition of an existing " | ||
| 1271 | "class changed\n"); | ||
| 1272 | rc = -EINVAL; | ||
| 1273 | goto err; | ||
| 1274 | } | ||
| 1275 | |||
| 1276 | /* Clone the SID table. */ | 1185 | /* Clone the SID table. */ |
| 1277 | sidtab_shutdown(&sidtab); | 1186 | sidtab_shutdown(&sidtab); |
| 1278 | if (sidtab_map(&sidtab, clone_sid, &newsidtab)) { | 1187 | if (sidtab_map(&sidtab, clone_sid, &newsidtab)) { |