diff options
| -rw-r--r-- | include/linux/security.h | 21 | ||||
| -rw-r--r-- | security/dummy.c | 4 | ||||
| -rw-r--r-- | security/selinux/include/xfrm.h | 4 | ||||
| -rw-r--r-- | security/selinux/xfrm.c | 35 |
4 files changed, 23 insertions, 41 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index b200b9856f32..a509329a669b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -836,10 +836,8 @@ struct request_sock; | |||
| 836 | * used by the XFRM system. | 836 | * used by the XFRM system. |
| 837 | * @sec_ctx contains the security context information being provided by | 837 | * @sec_ctx contains the security context information being provided by |
| 838 | * the user-level policy update program (e.g., setkey). | 838 | * the user-level policy update program (e.g., setkey). |
| 839 | * @sk refers to the sock from which to derive the security context. | ||
| 840 | * Allocate a security structure to the xp->security field; the security | 839 | * Allocate a security structure to the xp->security field; the security |
| 841 | * field is initialized to NULL when the xfrm_policy is allocated. Only | 840 | * field is initialized to NULL when the xfrm_policy is allocated. |
| 842 | * one of sec_ctx or sock can be specified. | ||
| 843 | * Return 0 if operation was successful (memory to allocate, legal context) | 841 | * Return 0 if operation was successful (memory to allocate, legal context) |
| 844 | * @xfrm_policy_clone_security: | 842 | * @xfrm_policy_clone_security: |
| 845 | * @old contains an existing xfrm_policy in the SPD. | 843 | * @old contains an existing xfrm_policy in the SPD. |
| @@ -858,9 +856,6 @@ struct request_sock; | |||
| 858 | * Database by the XFRM system. | 856 | * Database by the XFRM system. |
| 859 | * @sec_ctx contains the security context information being provided by | 857 | * @sec_ctx contains the security context information being provided by |
| 860 | * the user-level SA generation program (e.g., setkey or racoon). | 858 | * the user-level SA generation program (e.g., setkey or racoon). |
| 861 | * @polsec contains the security context information associated with a xfrm | ||
| 862 | * policy rule from which to take the base context. polsec must be NULL | ||
| 863 | * when sec_ctx is specified. | ||
| 864 | * @secid contains the secid from which to take the mls portion of the context. | 859 | * @secid contains the secid from which to take the mls portion of the context. |
| 865 | * Allocate a security structure to the x->security field; the security | 860 | * Allocate a security structure to the x->security field; the security |
| 866 | * field is initialized to NULL when the xfrm_state is allocated. Set the | 861 | * field is initialized to NULL when the xfrm_state is allocated. Set the |
| @@ -1378,12 +1373,12 @@ struct security_operations { | |||
| 1378 | 1373 | ||
| 1379 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 1374 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 1380 | int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, | 1375 | int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, |
| 1381 | struct xfrm_user_sec_ctx *sec_ctx, struct sock *sk); | 1376 | struct xfrm_user_sec_ctx *sec_ctx); |
| 1382 | int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); | 1377 | int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); |
| 1383 | void (*xfrm_policy_free_security) (struct xfrm_policy *xp); | 1378 | void (*xfrm_policy_free_security) (struct xfrm_policy *xp); |
| 1384 | int (*xfrm_policy_delete_security) (struct xfrm_policy *xp); | 1379 | int (*xfrm_policy_delete_security) (struct xfrm_policy *xp); |
| 1385 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, | 1380 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, |
| 1386 | struct xfrm_user_sec_ctx *sec_ctx, struct xfrm_sec_ctx *polsec, | 1381 | struct xfrm_user_sec_ctx *sec_ctx, |
| 1387 | u32 secid); | 1382 | u32 secid); |
| 1388 | void (*xfrm_state_free_security) (struct xfrm_state *x); | 1383 | void (*xfrm_state_free_security) (struct xfrm_state *x); |
| 1389 | int (*xfrm_state_delete_security) (struct xfrm_state *x); | 1384 | int (*xfrm_state_delete_security) (struct xfrm_state *x); |
| @@ -3120,7 +3115,7 @@ static inline void security_inet_csk_clone(struct sock *newsk, | |||
| 3120 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 3115 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 3121 | static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx) | 3116 | static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx) |
| 3122 | { | 3117 | { |
| 3123 | return security_ops->xfrm_policy_alloc_security(xp, sec_ctx, NULL); | 3118 | return security_ops->xfrm_policy_alloc_security(xp, sec_ctx); |
| 3124 | } | 3119 | } |
| 3125 | 3120 | ||
| 3126 | static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new) | 3121 | static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new) |
| @@ -3141,7 +3136,7 @@ static inline int security_xfrm_policy_delete(struct xfrm_policy *xp) | |||
| 3141 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, | 3136 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, |
| 3142 | struct xfrm_user_sec_ctx *sec_ctx) | 3137 | struct xfrm_user_sec_ctx *sec_ctx) |
| 3143 | { | 3138 | { |
| 3144 | return security_ops->xfrm_state_alloc_security(x, sec_ctx, NULL, 0); | 3139 | return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0); |
| 3145 | } | 3140 | } |
| 3146 | 3141 | ||
| 3147 | static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | 3142 | static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, |
| @@ -3149,7 +3144,11 @@ static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | |||
| 3149 | { | 3144 | { |
| 3150 | if (!polsec) | 3145 | if (!polsec) |
| 3151 | return 0; | 3146 | return 0; |
| 3152 | return security_ops->xfrm_state_alloc_security(x, NULL, polsec, secid); | 3147 | /* |
| 3148 | * We want the context to be taken from secid which is usually | ||
| 3149 | * from the sock. | ||
| 3150 | */ | ||
| 3151 | return security_ops->xfrm_state_alloc_security(x, NULL, secid); | ||
| 3153 | } | 3152 | } |
| 3154 | 3153 | ||
| 3155 | static inline int security_xfrm_state_delete(struct xfrm_state *x) | 3154 | static inline int security_xfrm_state_delete(struct xfrm_state *x) |
diff --git a/security/dummy.c b/security/dummy.c index 43874c1e6e23..838d8442cf3c 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
| @@ -836,7 +836,7 @@ static inline void dummy_req_classify_flow(const struct request_sock *req, | |||
| 836 | 836 | ||
| 837 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 837 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 838 | static int dummy_xfrm_policy_alloc_security(struct xfrm_policy *xp, | 838 | static int dummy_xfrm_policy_alloc_security(struct xfrm_policy *xp, |
| 839 | struct xfrm_user_sec_ctx *sec_ctx, struct sock *sk) | 839 | struct xfrm_user_sec_ctx *sec_ctx) |
| 840 | { | 840 | { |
| 841 | return 0; | 841 | return 0; |
| 842 | } | 842 | } |
| @@ -856,7 +856,7 @@ static int dummy_xfrm_policy_delete_security(struct xfrm_policy *xp) | |||
| 856 | } | 856 | } |
| 857 | 857 | ||
| 858 | static int dummy_xfrm_state_alloc_security(struct xfrm_state *x, | 858 | static int dummy_xfrm_state_alloc_security(struct xfrm_state *x, |
| 859 | struct xfrm_user_sec_ctx *sec_ctx, struct xfrm_sec_ctx *pol, u32 secid) | 859 | struct xfrm_user_sec_ctx *sec_ctx, u32 secid) |
| 860 | { | 860 | { |
| 861 | return 0; | 861 | return 0; |
| 862 | } | 862 | } |
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h index 526b28019aca..8e329ddb5e37 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h | |||
| @@ -8,12 +8,12 @@ | |||
| 8 | #define _SELINUX_XFRM_H_ | 8 | #define _SELINUX_XFRM_H_ |
| 9 | 9 | ||
| 10 | int selinux_xfrm_policy_alloc(struct xfrm_policy *xp, | 10 | int selinux_xfrm_policy_alloc(struct xfrm_policy *xp, |
| 11 | struct xfrm_user_sec_ctx *sec_ctx, struct sock *sk); | 11 | struct xfrm_user_sec_ctx *sec_ctx); |
| 12 | int selinux_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new); | 12 | int selinux_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new); |
| 13 | void selinux_xfrm_policy_free(struct xfrm_policy *xp); | 13 | void selinux_xfrm_policy_free(struct xfrm_policy *xp); |
| 14 | int selinux_xfrm_policy_delete(struct xfrm_policy *xp); | 14 | int selinux_xfrm_policy_delete(struct xfrm_policy *xp); |
| 15 | int selinux_xfrm_state_alloc(struct xfrm_state *x, | 15 | int selinux_xfrm_state_alloc(struct xfrm_state *x, |
| 16 | struct xfrm_user_sec_ctx *sec_ctx, struct xfrm_sec_ctx *pol, u32 secid); | 16 | struct xfrm_user_sec_ctx *sec_ctx, u32 secid); |
| 17 | void selinux_xfrm_state_free(struct xfrm_state *x); | 17 | void selinux_xfrm_state_free(struct xfrm_state *x); |
| 18 | int selinux_xfrm_state_delete(struct xfrm_state *x); | 18 | int selinux_xfrm_state_delete(struct xfrm_state *x); |
| 19 | int selinux_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir); | 19 | int selinux_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir); |
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index 675b995a67c3..4d5a043cdfa1 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
| @@ -226,16 +226,15 @@ int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall) | |||
| 226 | * CTX does not have a meaningful value on input | 226 | * CTX does not have a meaningful value on input |
| 227 | */ | 227 | */ |
| 228 | static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | 228 | static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, |
| 229 | struct xfrm_user_sec_ctx *uctx, struct xfrm_sec_ctx *pol, u32 sid) | 229 | struct xfrm_user_sec_ctx *uctx, u32 sid) |
| 230 | { | 230 | { |
| 231 | int rc = 0; | 231 | int rc = 0; |
| 232 | struct task_security_struct *tsec = current->security; | 232 | struct task_security_struct *tsec = current->security; |
| 233 | struct xfrm_sec_ctx *ctx = NULL; | 233 | struct xfrm_sec_ctx *ctx = NULL; |
| 234 | char *ctx_str = NULL; | 234 | char *ctx_str = NULL; |
| 235 | u32 str_len; | 235 | u32 str_len; |
| 236 | u32 ctx_sid; | ||
| 237 | 236 | ||
| 238 | BUG_ON(uctx && pol); | 237 | BUG_ON(uctx && sid); |
| 239 | 238 | ||
| 240 | if (!uctx) | 239 | if (!uctx) |
| 241 | goto not_from_user; | 240 | goto not_from_user; |
| @@ -279,15 +278,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | |||
| 279 | return rc; | 278 | return rc; |
| 280 | 279 | ||
| 281 | not_from_user: | 280 | not_from_user: |
| 282 | if (pol) { | 281 | rc = security_sid_to_context(sid, &ctx_str, &str_len); |
| 283 | rc = security_sid_mls_copy(pol->ctx_sid, sid, &ctx_sid); | ||
| 284 | if (rc) | ||
| 285 | goto out; | ||
| 286 | } | ||
| 287 | else | ||
| 288 | ctx_sid = sid; | ||
| 289 | |||
| 290 | rc = security_sid_to_context(ctx_sid, &ctx_str, &str_len); | ||
| 291 | if (rc) | 282 | if (rc) |
| 292 | goto out; | 283 | goto out; |
| 293 | 284 | ||
| @@ -302,7 +293,7 @@ not_from_user: | |||
| 302 | 293 | ||
| 303 | ctx->ctx_doi = XFRM_SC_DOI_LSM; | 294 | ctx->ctx_doi = XFRM_SC_DOI_LSM; |
| 304 | ctx->ctx_alg = XFRM_SC_ALG_SELINUX; | 295 | ctx->ctx_alg = XFRM_SC_ALG_SELINUX; |
| 305 | ctx->ctx_sid = ctx_sid; | 296 | ctx->ctx_sid = sid; |
| 306 | ctx->ctx_len = str_len; | 297 | ctx->ctx_len = str_len; |
| 307 | memcpy(ctx->ctx_str, | 298 | memcpy(ctx->ctx_str, |
| 308 | ctx_str, | 299 | ctx_str, |
| @@ -323,22 +314,14 @@ out2: | |||
| 323 | * xfrm_policy. | 314 | * xfrm_policy. |
| 324 | */ | 315 | */ |
| 325 | int selinux_xfrm_policy_alloc(struct xfrm_policy *xp, | 316 | int selinux_xfrm_policy_alloc(struct xfrm_policy *xp, |
| 326 | struct xfrm_user_sec_ctx *uctx, struct sock *sk) | 317 | struct xfrm_user_sec_ctx *uctx) |
| 327 | { | 318 | { |
| 328 | int err; | 319 | int err; |
| 329 | u32 sid; | ||
| 330 | 320 | ||
| 331 | BUG_ON(!xp); | 321 | BUG_ON(!xp); |
| 332 | BUG_ON(uctx && sk); | 322 | BUG_ON(!uctx); |
| 333 | |||
| 334 | if (sk) { | ||
| 335 | struct sk_security_struct *ssec = sk->sk_security; | ||
| 336 | sid = ssec->sid; | ||
| 337 | } | ||
| 338 | else | ||
| 339 | sid = SECSID_NULL; | ||
| 340 | 323 | ||
| 341 | err = selinux_xfrm_sec_ctx_alloc(&xp->security, uctx, NULL, sid); | 324 | err = selinux_xfrm_sec_ctx_alloc(&xp->security, uctx, 0); |
| 342 | return err; | 325 | return err; |
| 343 | } | 326 | } |
| 344 | 327 | ||
| @@ -399,13 +382,13 @@ int selinux_xfrm_policy_delete(struct xfrm_policy *xp) | |||
| 399 | * xfrm_state. | 382 | * xfrm_state. |
| 400 | */ | 383 | */ |
| 401 | int selinux_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *uctx, | 384 | int selinux_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *uctx, |
| 402 | struct xfrm_sec_ctx *pol, u32 secid) | 385 | u32 secid) |
| 403 | { | 386 | { |
| 404 | int err; | 387 | int err; |
| 405 | 388 | ||
| 406 | BUG_ON(!x); | 389 | BUG_ON(!x); |
| 407 | 390 | ||
| 408 | err = selinux_xfrm_sec_ctx_alloc(&x->security, uctx, pol, secid); | 391 | err = selinux_xfrm_sec_ctx_alloc(&x->security, uctx, secid); |
| 409 | return err; | 392 | return err; |
| 410 | } | 393 | } |
| 411 | 394 | ||