1 files changed, 42 insertions, 8 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 8ffed9f2004e..8294dbfd1f16 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -24,9 +24,11 @@
 */
 #include <linux/init.h>
+#include <linux/kd.h>
 #include <linux/kernel.h>
 #include <linux/tracehook.h>
 #include <linux/errno.h>
+#include <linux/ext2_fs.h>
 #include <linux/sched.h>
 #include <linux/security.h>
 #include <linux/xattr.h>
@@ -36,6 +38,7 @@
 #include <linux/mman.h>
 #include <linux/slab.h>
 #include <linux/pagemap.h>
+#include <linux/proc_fs.h>
 #include <linux/swap.h>
 #include <linux/spinlock.h>
 #include <linux/syscalls.h>
@@ -2849,16 +2852,47 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd,
                              unsigned long arg)
 {
        const struct cred *cred = current_cred();
-        u32 av = 0;
+        int error = 0;
-        if (_IOC_DIR(cmd) & _IOC_WRITE)
+        switch (cmd) {
-                av |= FILE__WRITE;
+        case FIONREAD:
-        if (_IOC_DIR(cmd) & _IOC_READ)
+        /* fall through */
-                av |= FILE__READ;
+        case FIBMAP:
-        if (!av)
+        /* fall through */
-                av = FILE__IOCTL;
+        case FIGETBSZ:
+        /* fall through */
+        case EXT2_IOC_GETFLAGS:
+        /* fall through */
+        case EXT2_IOC_GETVERSION:
+                error = file_has_perm(cred, file, FILE__GETATTR);
+                break;
+        case EXT2_IOC_SETFLAGS:
+        /* fall through */
+        case EXT2_IOC_SETVERSION:
+                error = file_has_perm(cred, file, FILE__SETATTR);
+                break;
-        return file_has_perm(cred, file, av);
+        /* sys_ioctl() checks */
+        case FIONBIO:
+        /* fall through */
+        case FIOASYNC:
+                error = file_has_perm(cred, file, 0);
+                break;
+        case KDSKBENT:
+        case KDSKBSENT:
+                error = task_has_capability(current, cred, CAP_SYS_TTY_CONFIG,
+                                            SECURITY_CAP_AUDIT);
+                break;
+        /* default case assumes that the command will go
+         * to the file's ioctl() function.
+         */
+        default:
+                error = file_has_perm(cred, file, FILE__IOCTL);
+        }
+        return error;
 }
 static int default_noexec;

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 8ffed9f2004e..8294dbfd1f16 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c
@@ -24,9 +24,11 @@
24	*/	24	*/
25		25
26	#include <linux/init.h>	26	#include <linux/init.h>
		27	#include <linux/kd.h>
27	#include <linux/kernel.h>	28	#include <linux/kernel.h>
28	#include <linux/tracehook.h>	29	#include <linux/tracehook.h>
29	#include <linux/errno.h>	30	#include <linux/errno.h>
		31	#include <linux/ext2_fs.h>
30	#include <linux/sched.h>	32	#include <linux/sched.h>
31	#include <linux/security.h>	33	#include <linux/security.h>
32	#include <linux/xattr.h>	34	#include <linux/xattr.h>
@@ -36,6 +38,7 @@
36	#include <linux/mman.h>	38	#include <linux/mman.h>
37	#include <linux/slab.h>	39	#include <linux/slab.h>
38	#include <linux/pagemap.h>	40	#include <linux/pagemap.h>
		41	#include <linux/proc_fs.h>
39	#include <linux/swap.h>	42	#include <linux/swap.h>
40	#include <linux/spinlock.h>	43	#include <linux/spinlock.h>
41	#include <linux/syscalls.h>	44	#include <linux/syscalls.h>
@@ -2849,16 +2852,47 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd,
2849	unsigned long arg)	2852	unsigned long arg)
2850	{	2853	{
2851	const struct cred *cred = current_cred();	2854	const struct cred *cred = current_cred();
2852	u32 av = 0;	2855	int error = 0;
2853		2856
2854	if (_IOC_DIR(cmd) & _IOC_WRITE)	2857	switch (cmd) {
2855	av \|= FILE__WRITE;	2858	case FIONREAD:
2856	if (_IOC_DIR(cmd) & _IOC_READ)	2859	/* fall through */
2857	av \|= FILE__READ;	2860	case FIBMAP:
2858	if (!av)	2861	/* fall through */
2859	av = FILE__IOCTL;	2862	case FIGETBSZ:
		2863	/* fall through */
		2864	case EXT2_IOC_GETFLAGS:
		2865	/* fall through */
		2866	case EXT2_IOC_GETVERSION:
		2867	error = file_has_perm(cred, file, FILE__GETATTR);
		2868	break;
		2869
		2870	case EXT2_IOC_SETFLAGS:
		2871	/* fall through */
		2872	case EXT2_IOC_SETVERSION:
		2873	error = file_has_perm(cred, file, FILE__SETATTR);
		2874	break;
2860		2875
2861	return file_has_perm(cred, file, av);	2876	/* sys_ioctl() checks */
		2877	case FIONBIO:
		2878	/* fall through */
		2879	case FIOASYNC:
		2880	error = file_has_perm(cred, file, 0);
		2881	break;
		2882
		2883	case KDSKBENT:
		2884	case KDSKBSENT:
		2885	error = task_has_capability(current, cred, CAP_SYS_TTY_CONFIG,
		2886	SECURITY_CAP_AUDIT);
		2887	break;
		2888
		2889	/* default case assumes that the command will go
		2890	* to the file's ioctl() function.
		2891	*/
		2892	default:
		2893	error = file_has_perm(cred, file, FILE__IOCTL);
		2894	}
		2895	return error;
2862	}	2896	}
2863		2897
2864	static int default_noexec;	2898	static int default_noexec;