diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/dummy.c | 14 | ||||
-rw-r--r-- | security/selinux/hooks.c | 98 | ||||
-rw-r--r-- | security/selinux/nlmsgtab.c | 9 | ||||
-rw-r--r-- | security/selinux/selinuxfs.c | 11 | ||||
-rw-r--r-- | security/selinux/ss/services.c | 15 |
5 files changed, 86 insertions, 61 deletions
diff --git a/security/dummy.c b/security/dummy.c index a678f094b72d..fd99429278e9 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
@@ -378,7 +378,7 @@ static int dummy_inode_removexattr (struct dentry *dentry, char *name) | |||
378 | return 0; | 378 | return 0; |
379 | } | 379 | } |
380 | 380 | ||
381 | static int dummy_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err) | 381 | static int dummy_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) |
382 | { | 382 | { |
383 | return -EOPNOTSUPP; | 383 | return -EOPNOTSUPP; |
384 | } | 384 | } |
@@ -393,6 +393,11 @@ static int dummy_inode_listsecurity(struct inode *inode, char *buffer, size_t bu | |||
393 | return 0; | 393 | return 0; |
394 | } | 394 | } |
395 | 395 | ||
396 | static const char *dummy_inode_xattr_getsuffix(void) | ||
397 | { | ||
398 | return NULL; | ||
399 | } | ||
400 | |||
396 | static int dummy_file_permission (struct file *file, int mask) | 401 | static int dummy_file_permission (struct file *file, int mask) |
397 | { | 402 | { |
398 | return 0; | 403 | return 0; |
@@ -558,6 +563,11 @@ static int dummy_ipc_permission (struct kern_ipc_perm *ipcp, short flag) | |||
558 | return 0; | 563 | return 0; |
559 | } | 564 | } |
560 | 565 | ||
566 | static int dummy_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size) | ||
567 | { | ||
568 | return -EOPNOTSUPP; | ||
569 | } | ||
570 | |||
561 | static int dummy_msg_msg_alloc_security (struct msg_msg *msg) | 571 | static int dummy_msg_msg_alloc_security (struct msg_msg *msg) |
562 | { | 572 | { |
563 | return 0; | 573 | return 0; |
@@ -931,6 +941,7 @@ void security_fixup_ops (struct security_operations *ops) | |||
931 | set_to_dummy_if_null(ops, inode_getxattr); | 941 | set_to_dummy_if_null(ops, inode_getxattr); |
932 | set_to_dummy_if_null(ops, inode_listxattr); | 942 | set_to_dummy_if_null(ops, inode_listxattr); |
933 | set_to_dummy_if_null(ops, inode_removexattr); | 943 | set_to_dummy_if_null(ops, inode_removexattr); |
944 | set_to_dummy_if_null(ops, inode_xattr_getsuffix); | ||
934 | set_to_dummy_if_null(ops, inode_getsecurity); | 945 | set_to_dummy_if_null(ops, inode_getsecurity); |
935 | set_to_dummy_if_null(ops, inode_setsecurity); | 946 | set_to_dummy_if_null(ops, inode_setsecurity); |
936 | set_to_dummy_if_null(ops, inode_listsecurity); | 947 | set_to_dummy_if_null(ops, inode_listsecurity); |
@@ -965,6 +976,7 @@ void security_fixup_ops (struct security_operations *ops) | |||
965 | set_to_dummy_if_null(ops, task_reparent_to_init); | 976 | set_to_dummy_if_null(ops, task_reparent_to_init); |
966 | set_to_dummy_if_null(ops, task_to_inode); | 977 | set_to_dummy_if_null(ops, task_to_inode); |
967 | set_to_dummy_if_null(ops, ipc_permission); | 978 | set_to_dummy_if_null(ops, ipc_permission); |
979 | set_to_dummy_if_null(ops, ipc_getsecurity); | ||
968 | set_to_dummy_if_null(ops, msg_msg_alloc_security); | 980 | set_to_dummy_if_null(ops, msg_msg_alloc_security); |
969 | set_to_dummy_if_null(ops, msg_msg_free_security); | 981 | set_to_dummy_if_null(ops, msg_msg_free_security); |
970 | set_to_dummy_if_null(ops, msg_queue_alloc_security); | 982 | set_to_dummy_if_null(ops, msg_queue_alloc_security); |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ccaf988f3729..b61b9554bc27 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -119,6 +119,32 @@ static DEFINE_SPINLOCK(sb_security_lock); | |||
119 | 119 | ||
120 | static kmem_cache_t *sel_inode_cache; | 120 | static kmem_cache_t *sel_inode_cache; |
121 | 121 | ||
122 | /* Return security context for a given sid or just the context | ||
123 | length if the buffer is null or length is 0 */ | ||
124 | static int selinux_getsecurity(u32 sid, void *buffer, size_t size) | ||
125 | { | ||
126 | char *context; | ||
127 | unsigned len; | ||
128 | int rc; | ||
129 | |||
130 | rc = security_sid_to_context(sid, &context, &len); | ||
131 | if (rc) | ||
132 | return rc; | ||
133 | |||
134 | if (!buffer || !size) | ||
135 | goto getsecurity_exit; | ||
136 | |||
137 | if (size < len) { | ||
138 | len = -ERANGE; | ||
139 | goto getsecurity_exit; | ||
140 | } | ||
141 | memcpy(buffer, context, len); | ||
142 | |||
143 | getsecurity_exit: | ||
144 | kfree(context); | ||
145 | return len; | ||
146 | } | ||
147 | |||
122 | /* Allocate and free functions for each kind of security blob. */ | 148 | /* Allocate and free functions for each kind of security blob. */ |
123 | 149 | ||
124 | static int task_alloc_security(struct task_struct *task) | 150 | static int task_alloc_security(struct task_struct *task) |
@@ -2210,6 +2236,11 @@ static int selinux_inode_removexattr (struct dentry *dentry, char *name) | |||
2210 | return -EACCES; | 2236 | return -EACCES; |
2211 | } | 2237 | } |
2212 | 2238 | ||
2239 | static const char *selinux_inode_xattr_getsuffix(void) | ||
2240 | { | ||
2241 | return XATTR_SELINUX_SUFFIX; | ||
2242 | } | ||
2243 | |||
2213 | /* | 2244 | /* |
2214 | * Copy the in-core inode security context value to the user. If the | 2245 | * Copy the in-core inode security context value to the user. If the |
2215 | * getxattr() prior to this succeeded, check to see if we need to | 2246 | * getxattr() prior to this succeeded, check to see if we need to |
@@ -2217,47 +2248,14 @@ static int selinux_inode_removexattr (struct dentry *dentry, char *name) | |||
2217 | * | 2248 | * |
2218 | * Permission check is handled by selinux_inode_getxattr hook. | 2249 | * Permission check is handled by selinux_inode_getxattr hook. |
2219 | */ | 2250 | */ |
2220 | static int selinux_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err) | 2251 | static int selinux_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) |
2221 | { | 2252 | { |
2222 | struct inode_security_struct *isec = inode->i_security; | 2253 | struct inode_security_struct *isec = inode->i_security; |
2223 | char *context; | ||
2224 | unsigned len; | ||
2225 | int rc; | ||
2226 | |||
2227 | if (strcmp(name, XATTR_SELINUX_SUFFIX)) { | ||
2228 | rc = -EOPNOTSUPP; | ||
2229 | goto out; | ||
2230 | } | ||
2231 | |||
2232 | rc = security_sid_to_context(isec->sid, &context, &len); | ||
2233 | if (rc) | ||
2234 | goto out; | ||
2235 | |||
2236 | /* Probe for required buffer size */ | ||
2237 | if (!buffer || !size) { | ||
2238 | rc = len; | ||
2239 | goto out_free; | ||
2240 | } | ||
2241 | 2254 | ||
2242 | if (size < len) { | 2255 | if (strcmp(name, XATTR_SELINUX_SUFFIX)) |
2243 | rc = -ERANGE; | 2256 | return -EOPNOTSUPP; |
2244 | goto out_free; | ||
2245 | } | ||
2246 | 2257 | ||
2247 | if (err > 0) { | 2258 | return selinux_getsecurity(isec->sid, buffer, size); |
2248 | if ((len == err) && !(memcmp(context, buffer, len))) { | ||
2249 | /* Don't need to canonicalize value */ | ||
2250 | rc = err; | ||
2251 | goto out_free; | ||
2252 | } | ||
2253 | memset(buffer, 0, size); | ||
2254 | } | ||
2255 | memcpy(buffer, context, len); | ||
2256 | rc = len; | ||
2257 | out_free: | ||
2258 | kfree(context); | ||
2259 | out: | ||
2260 | return rc; | ||
2261 | } | 2259 | } |
2262 | 2260 | ||
2263 | static int selinux_inode_setsecurity(struct inode *inode, const char *name, | 2261 | static int selinux_inode_setsecurity(struct inode *inode, const char *name, |
@@ -4054,6 +4052,13 @@ static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag) | |||
4054 | return ipc_has_perm(ipcp, av); | 4052 | return ipc_has_perm(ipcp, av); |
4055 | } | 4053 | } |
4056 | 4054 | ||
4055 | static int selinux_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size) | ||
4056 | { | ||
4057 | struct ipc_security_struct *isec = ipcp->security; | ||
4058 | |||
4059 | return selinux_getsecurity(isec->sid, buffer, size); | ||
4060 | } | ||
4061 | |||
4057 | /* module stacking operations */ | 4062 | /* module stacking operations */ |
4058 | static int selinux_register_security (const char *name, struct security_operations *ops) | 4063 | static int selinux_register_security (const char *name, struct security_operations *ops) |
4059 | { | 4064 | { |
@@ -4095,8 +4100,7 @@ static int selinux_getprocattr(struct task_struct *p, | |||
4095 | char *name, void *value, size_t size) | 4100 | char *name, void *value, size_t size) |
4096 | { | 4101 | { |
4097 | struct task_security_struct *tsec; | 4102 | struct task_security_struct *tsec; |
4098 | u32 sid, len; | 4103 | u32 sid; |
4099 | char *context; | ||
4100 | int error; | 4104 | int error; |
4101 | 4105 | ||
4102 | if (current != p) { | 4106 | if (current != p) { |
@@ -4105,9 +4109,6 @@ static int selinux_getprocattr(struct task_struct *p, | |||
4105 | return error; | 4109 | return error; |
4106 | } | 4110 | } |
4107 | 4111 | ||
4108 | if (!size) | ||
4109 | return -ERANGE; | ||
4110 | |||
4111 | tsec = p->security; | 4112 | tsec = p->security; |
4112 | 4113 | ||
4113 | if (!strcmp(name, "current")) | 4114 | if (!strcmp(name, "current")) |
@@ -4124,16 +4125,7 @@ static int selinux_getprocattr(struct task_struct *p, | |||
4124 | if (!sid) | 4125 | if (!sid) |
4125 | return 0; | 4126 | return 0; |
4126 | 4127 | ||
4127 | error = security_sid_to_context(sid, &context, &len); | 4128 | return selinux_getsecurity(sid, value, size); |
4128 | if (error) | ||
4129 | return error; | ||
4130 | if (len > size) { | ||
4131 | kfree(context); | ||
4132 | return -ERANGE; | ||
4133 | } | ||
4134 | memcpy(value, context, len); | ||
4135 | kfree(context); | ||
4136 | return len; | ||
4137 | } | 4129 | } |
4138 | 4130 | ||
4139 | static int selinux_setprocattr(struct task_struct *p, | 4131 | static int selinux_setprocattr(struct task_struct *p, |
@@ -4291,6 +4283,7 @@ static struct security_operations selinux_ops = { | |||
4291 | .inode_getxattr = selinux_inode_getxattr, | 4283 | .inode_getxattr = selinux_inode_getxattr, |
4292 | .inode_listxattr = selinux_inode_listxattr, | 4284 | .inode_listxattr = selinux_inode_listxattr, |
4293 | .inode_removexattr = selinux_inode_removexattr, | 4285 | .inode_removexattr = selinux_inode_removexattr, |
4286 | .inode_xattr_getsuffix = selinux_inode_xattr_getsuffix, | ||
4294 | .inode_getsecurity = selinux_inode_getsecurity, | 4287 | .inode_getsecurity = selinux_inode_getsecurity, |
4295 | .inode_setsecurity = selinux_inode_setsecurity, | 4288 | .inode_setsecurity = selinux_inode_setsecurity, |
4296 | .inode_listsecurity = selinux_inode_listsecurity, | 4289 | .inode_listsecurity = selinux_inode_listsecurity, |
@@ -4328,6 +4321,7 @@ static struct security_operations selinux_ops = { | |||
4328 | .task_to_inode = selinux_task_to_inode, | 4321 | .task_to_inode = selinux_task_to_inode, |
4329 | 4322 | ||
4330 | .ipc_permission = selinux_ipc_permission, | 4323 | .ipc_permission = selinux_ipc_permission, |
4324 | .ipc_getsecurity = selinux_ipc_getsecurity, | ||
4331 | 4325 | ||
4332 | .msg_msg_alloc_security = selinux_msg_msg_alloc_security, | 4326 | .msg_msg_alloc_security = selinux_msg_msg_alloc_security, |
4333 | .msg_msg_free_security = selinux_msg_msg_free_security, | 4327 | .msg_msg_free_security = selinux_msg_msg_free_security, |
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 85e399259832..b8f4d25cf335 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c | |||
@@ -106,6 +106,9 @@ static struct nlmsg_perm nlmsg_audit_perms[] = | |||
106 | { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, | 106 | { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, |
107 | { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | 107 | { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, |
108 | { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | 108 | { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, |
109 | { AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, | ||
110 | { AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | ||
111 | { AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | ||
109 | { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY }, | 112 | { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY }, |
110 | { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ }, | 113 | { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ }, |
111 | }; | 114 | }; |
@@ -152,8 +155,10 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) | |||
152 | break; | 155 | break; |
153 | 156 | ||
154 | case SECCLASS_NETLINK_AUDIT_SOCKET: | 157 | case SECCLASS_NETLINK_AUDIT_SOCKET: |
155 | if (nlmsg_type >= AUDIT_FIRST_USER_MSG && | 158 | if ((nlmsg_type >= AUDIT_FIRST_USER_MSG && |
156 | nlmsg_type <= AUDIT_LAST_USER_MSG) { | 159 | nlmsg_type <= AUDIT_LAST_USER_MSG) || |
160 | (nlmsg_type >= AUDIT_FIRST_USER_MSG2 && | ||
161 | nlmsg_type <= AUDIT_LAST_USER_MSG2)) { | ||
157 | *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; | 162 | *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; |
158 | } else { | 163 | } else { |
159 | err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, | 164 | err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, |
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f5d78365488f..a4efc966f065 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c | |||
@@ -22,6 +22,7 @@ | |||
22 | #include <linux/major.h> | 22 | #include <linux/major.h> |
23 | #include <linux/seq_file.h> | 23 | #include <linux/seq_file.h> |
24 | #include <linux/percpu.h> | 24 | #include <linux/percpu.h> |
25 | #include <linux/audit.h> | ||
25 | #include <asm/uaccess.h> | 26 | #include <asm/uaccess.h> |
26 | #include <asm/semaphore.h> | 27 | #include <asm/semaphore.h> |
27 | 28 | ||
@@ -127,6 +128,10 @@ static ssize_t sel_write_enforce(struct file * file, const char __user * buf, | |||
127 | length = task_has_security(current, SECURITY__SETENFORCE); | 128 | length = task_has_security(current, SECURITY__SETENFORCE); |
128 | if (length) | 129 | if (length) |
129 | goto out; | 130 | goto out; |
131 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, | ||
132 | "enforcing=%d old_enforcing=%d auid=%u", new_value, | ||
133 | selinux_enforcing, | ||
134 | audit_get_loginuid(current->audit_context)); | ||
130 | selinux_enforcing = new_value; | 135 | selinux_enforcing = new_value; |
131 | if (selinux_enforcing) | 136 | if (selinux_enforcing) |
132 | avc_ss_reset(0); | 137 | avc_ss_reset(0); |
@@ -177,6 +182,9 @@ static ssize_t sel_write_disable(struct file * file, const char __user * buf, | |||
177 | length = selinux_disable(); | 182 | length = selinux_disable(); |
178 | if (length < 0) | 183 | if (length < 0) |
179 | goto out; | 184 | goto out; |
185 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, | ||
186 | "selinux=0 auid=%u", | ||
187 | audit_get_loginuid(current->audit_context)); | ||
180 | } | 188 | } |
181 | 189 | ||
182 | length = count; | 190 | length = count; |
@@ -262,6 +270,9 @@ static ssize_t sel_write_load(struct file * file, const char __user * buf, | |||
262 | length = ret; | 270 | length = ret; |
263 | else | 271 | else |
264 | length = count; | 272 | length = count; |
273 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, | ||
274 | "policy loaded auid=%u", | ||
275 | audit_get_loginuid(current->audit_context)); | ||
265 | out: | 276 | out: |
266 | mutex_unlock(&sel_mutex); | 277 | mutex_unlock(&sel_mutex); |
267 | vfree(data); | 278 | vfree(data); |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 63e0b7f29cb5..61492485de84 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -1759,19 +1759,22 @@ int security_set_bools(int len, int *values) | |||
1759 | goto out; | 1759 | goto out; |
1760 | } | 1760 | } |
1761 | 1761 | ||
1762 | printk(KERN_INFO "security: committed booleans { "); | ||
1763 | for (i = 0; i < len; i++) { | 1762 | for (i = 0; i < len; i++) { |
1763 | if (!!values[i] != policydb.bool_val_to_struct[i]->state) { | ||
1764 | audit_log(current->audit_context, GFP_ATOMIC, | ||
1765 | AUDIT_MAC_CONFIG_CHANGE, | ||
1766 | "bool=%s val=%d old_val=%d auid=%u", | ||
1767 | policydb.p_bool_val_to_name[i], | ||
1768 | !!values[i], | ||
1769 | policydb.bool_val_to_struct[i]->state, | ||
1770 | audit_get_loginuid(current->audit_context)); | ||
1771 | } | ||
1764 | if (values[i]) { | 1772 | if (values[i]) { |
1765 | policydb.bool_val_to_struct[i]->state = 1; | 1773 | policydb.bool_val_to_struct[i]->state = 1; |
1766 | } else { | 1774 | } else { |
1767 | policydb.bool_val_to_struct[i]->state = 0; | 1775 | policydb.bool_val_to_struct[i]->state = 0; |
1768 | } | 1776 | } |
1769 | if (i != 0) | ||
1770 | printk(", "); | ||
1771 | printk("%s:%d", policydb.p_bool_val_to_name[i], | ||
1772 | policydb.bool_val_to_struct[i]->state); | ||
1773 | } | 1777 | } |
1774 | printk(" }\n"); | ||
1775 | 1778 | ||
1776 | for (cur = policydb.cond_list; cur != NULL; cur = cur->next) { | 1779 | for (cur = policydb.cond_list; cur != NULL; cur = cur->next) { |
1777 | rc = evaluate_cond_node(&policydb, cur); | 1780 | rc = evaluate_cond_node(&policydb, cur); |