diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/dummy.c | 12 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 2 | ||||
| -rw-r--r-- | security/selinux/include/xfrm.h | 2 | ||||
| -rw-r--r-- | security/selinux/xfrm.c | 39 |
4 files changed, 51 insertions, 4 deletions
diff --git a/security/dummy.c b/security/dummy.c index 8ccccccc12ac..64f6da0f422e 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
| @@ -810,6 +810,11 @@ static void dummy_xfrm_policy_free_security(struct xfrm_policy *xp) | |||
| 810 | { | 810 | { |
| 811 | } | 811 | } |
| 812 | 812 | ||
| 813 | static int dummy_xfrm_policy_delete_security(struct xfrm_policy *xp) | ||
| 814 | { | ||
| 815 | return 0; | ||
| 816 | } | ||
| 817 | |||
| 813 | static int dummy_xfrm_state_alloc_security(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) | 818 | static int dummy_xfrm_state_alloc_security(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) |
| 814 | { | 819 | { |
| 815 | return 0; | 820 | return 0; |
| @@ -819,6 +824,11 @@ static void dummy_xfrm_state_free_security(struct xfrm_state *x) | |||
| 819 | { | 824 | { |
| 820 | } | 825 | } |
| 821 | 826 | ||
| 827 | static int dummy_xfrm_state_delete_security(struct xfrm_state *x) | ||
| 828 | { | ||
| 829 | return 0; | ||
| 830 | } | ||
| 831 | |||
| 822 | static int dummy_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) | 832 | static int dummy_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) |
| 823 | { | 833 | { |
| 824 | return 0; | 834 | return 0; |
| @@ -1024,8 +1034,10 @@ void security_fixup_ops (struct security_operations *ops) | |||
| 1024 | set_to_dummy_if_null(ops, xfrm_policy_alloc_security); | 1034 | set_to_dummy_if_null(ops, xfrm_policy_alloc_security); |
| 1025 | set_to_dummy_if_null(ops, xfrm_policy_clone_security); | 1035 | set_to_dummy_if_null(ops, xfrm_policy_clone_security); |
| 1026 | set_to_dummy_if_null(ops, xfrm_policy_free_security); | 1036 | set_to_dummy_if_null(ops, xfrm_policy_free_security); |
| 1037 | set_to_dummy_if_null(ops, xfrm_policy_delete_security); | ||
| 1027 | set_to_dummy_if_null(ops, xfrm_state_alloc_security); | 1038 | set_to_dummy_if_null(ops, xfrm_state_alloc_security); |
| 1028 | set_to_dummy_if_null(ops, xfrm_state_free_security); | 1039 | set_to_dummy_if_null(ops, xfrm_state_free_security); |
| 1040 | set_to_dummy_if_null(ops, xfrm_state_delete_security); | ||
| 1029 | set_to_dummy_if_null(ops, xfrm_policy_lookup); | 1041 | set_to_dummy_if_null(ops, xfrm_policy_lookup); |
| 1030 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ | 1042 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ |
| 1031 | #ifdef CONFIG_KEYS | 1043 | #ifdef CONFIG_KEYS |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 90b4cdc0c948..cf7b62ca886a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -4374,8 +4374,10 @@ static struct security_operations selinux_ops = { | |||
| 4374 | .xfrm_policy_alloc_security = selinux_xfrm_policy_alloc, | 4374 | .xfrm_policy_alloc_security = selinux_xfrm_policy_alloc, |
| 4375 | .xfrm_policy_clone_security = selinux_xfrm_policy_clone, | 4375 | .xfrm_policy_clone_security = selinux_xfrm_policy_clone, |
| 4376 | .xfrm_policy_free_security = selinux_xfrm_policy_free, | 4376 | .xfrm_policy_free_security = selinux_xfrm_policy_free, |
| 4377 | .xfrm_policy_delete_security = selinux_xfrm_policy_delete, | ||
| 4377 | .xfrm_state_alloc_security = selinux_xfrm_state_alloc, | 4378 | .xfrm_state_alloc_security = selinux_xfrm_state_alloc, |
| 4378 | .xfrm_state_free_security = selinux_xfrm_state_free, | 4379 | .xfrm_state_free_security = selinux_xfrm_state_free, |
| 4380 | .xfrm_state_delete_security = selinux_xfrm_state_delete, | ||
| 4379 | .xfrm_policy_lookup = selinux_xfrm_policy_lookup, | 4381 | .xfrm_policy_lookup = selinux_xfrm_policy_lookup, |
| 4380 | #endif | 4382 | #endif |
| 4381 | }; | 4383 | }; |
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h index c10f1fc41502..f0f4e480ff99 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h | |||
| @@ -9,8 +9,10 @@ | |||
| 9 | int selinux_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); | 9 | int selinux_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); |
| 10 | int selinux_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new); | 10 | int selinux_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new); |
| 11 | void selinux_xfrm_policy_free(struct xfrm_policy *xp); | 11 | void selinux_xfrm_policy_free(struct xfrm_policy *xp); |
| 12 | int selinux_xfrm_policy_delete(struct xfrm_policy *xp); | ||
| 12 | int selinux_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); | 13 | int selinux_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); |
| 13 | void selinux_xfrm_state_free(struct xfrm_state *x); | 14 | void selinux_xfrm_state_free(struct xfrm_state *x); |
| 15 | int selinux_xfrm_state_delete(struct xfrm_state *x); | ||
| 14 | int selinux_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir); | 16 | int selinux_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir); |
| 15 | 17 | ||
| 16 | /* | 18 | /* |
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index abe99d881376..0e24df41099f 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
| @@ -132,10 +132,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_us | |||
| 132 | goto out; | 132 | goto out; |
| 133 | 133 | ||
| 134 | /* | 134 | /* |
| 135 | * Does the subject have permission to set security or permission to | 135 | * Does the subject have permission to set security context? |
| 136 | * do the relabel? | ||
| 137 | * Must be permitted to relabel from default socket type (process type) | ||
| 138 | * to specified context | ||
| 139 | */ | 136 | */ |
| 140 | rc = avc_has_perm(tsec->sid, ctx->ctx_sid, | 137 | rc = avc_has_perm(tsec->sid, ctx->ctx_sid, |
| 141 | SECCLASS_ASSOCIATION, | 138 | SECCLASS_ASSOCIATION, |
| @@ -201,6 +198,23 @@ void selinux_xfrm_policy_free(struct xfrm_policy *xp) | |||
| 201 | } | 198 | } |
| 202 | 199 | ||
| 203 | /* | 200 | /* |
| 201 | * LSM hook implementation that authorizes deletion of labeled policies. | ||
| 202 | */ | ||
| 203 | int selinux_xfrm_policy_delete(struct xfrm_policy *xp) | ||
| 204 | { | ||
| 205 | struct task_security_struct *tsec = current->security; | ||
| 206 | struct xfrm_sec_ctx *ctx = xp->security; | ||
| 207 | int rc = 0; | ||
| 208 | |||
| 209 | if (ctx) | ||
| 210 | rc = avc_has_perm(tsec->sid, ctx->ctx_sid, | ||
| 211 | SECCLASS_ASSOCIATION, | ||
| 212 | ASSOCIATION__SETCONTEXT, NULL); | ||
| 213 | |||
| 214 | return rc; | ||
| 215 | } | ||
| 216 | |||
| 217 | /* | ||
| 204 | * LSM hook implementation that allocs and transfers sec_ctx spec to | 218 | * LSM hook implementation that allocs and transfers sec_ctx spec to |
| 205 | * xfrm_state. | 219 | * xfrm_state. |
| 206 | */ | 220 | */ |
| @@ -292,6 +306,23 @@ u32 selinux_socket_getpeer_dgram(struct sk_buff *skb) | |||
| 292 | return SECSID_NULL; | 306 | return SECSID_NULL; |
| 293 | } | 307 | } |
| 294 | 308 | ||
| 309 | /* | ||
| 310 | * LSM hook implementation that authorizes deletion of labeled SAs. | ||
| 311 | */ | ||
| 312 | int selinux_xfrm_state_delete(struct xfrm_state *x) | ||
| 313 | { | ||
| 314 | struct task_security_struct *tsec = current->security; | ||
| 315 | struct xfrm_sec_ctx *ctx = x->security; | ||
| 316 | int rc = 0; | ||
| 317 | |||
| 318 | if (ctx) | ||
| 319 | rc = avc_has_perm(tsec->sid, ctx->ctx_sid, | ||
| 320 | SECCLASS_ASSOCIATION, | ||
| 321 | ASSOCIATION__SETCONTEXT, NULL); | ||
| 322 | |||
| 323 | return rc; | ||
| 324 | } | ||
| 325 | |||
| 295 | /* | 326 | /* |
| 296 | * LSM hook that controls access to unlabelled packets. If | 327 | * LSM hook that controls access to unlabelled packets. If |
| 297 | * a xfrm_state is authorizable (defined by macro) then it was | 328 | * a xfrm_state is authorizable (defined by macro) then it was |