From 95dbf739313f09c8d859bde1373bc264ef979337 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 13:45:34 -0400 Subject: SELinux: check OPEN on truncate calls In RH BZ 578841 we realized that the SELinux sandbox program was allowed to truncate files outside of the sandbox. The reason is because sandbox confinement is determined almost entirely by the 'open' permission. The idea was that if the sandbox was unable to open() files it would be unable to do harm to those files. This turns out to be false in light of syscalls like truncate() and chmod() which don't require a previous open() call. I looked at the syscalls that did not have an associated 'open' check and found that truncate(), did not have a seperate permission and even if it did have a separate permission such a permission owuld be inadequate for use by sandbox (since it owuld have to be granted so liberally as to be useless). This patch checks the OPEN permission on truncate. I think a better solution for sandbox is a whole new permission, but at least this fixes what we have today. Signed-off-by: Eric Paris --- security/selinux/hooks.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d85b793c9321..f7d7e779c7f3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2708,6 +2708,7 @@ static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) { const struct cred *cred = current_cred(); unsigned int ia_valid = iattr->ia_valid; + __u32 av = FILE__WRITE; /* ATTR_FORCE is just used for ATTR_KILL_S[UG]ID. */ if (ia_valid & ATTR_FORCE) { @@ -2721,7 +2722,10 @@ static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_TIMES_SET)) return dentry_has_perm(cred, dentry, FILE__SETATTR); - return dentry_has_perm(cred, dentry, FILE__WRITE); + if (ia_valid & ATTR_SIZE) + av |= FILE__OPEN; + + return dentry_has_perm(cred, dentry, av); } static int selinux_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) -- cgit v1.2.2 From 83d498569e9a7a4b92c4c5d3566f2d6a604f28c9 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 13:45:40 -0400 Subject: SELinux: rename dentry_open to file_open dentry_open takes a file, rename it to file_open Signed-off-by: Eric Paris --- security/selinux/hooks.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f7d7e779c7f3..dc15f16a357c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2973,7 +2973,7 @@ static int selinux_file_permission(struct file *file, int mask) if (sid == fsec->sid && fsec->isid == isec->sid && fsec->pseqno == avc_policy_seqno()) - /* No change since dentry_open check. */ + /* No change since file_open check. */ return 0; return selinux_revalidate_file_permission(file, mask); @@ -3232,7 +3232,7 @@ static int selinux_file_receive(struct file *file) return file_has_perm(cred, file, file_to_av(file)); } -static int selinux_dentry_open(struct file *file, const struct cred *cred) +static int selinux_file_open(struct file *file, const struct cred *cred) { struct file_security_struct *fsec; struct inode *inode; @@ -5596,7 +5596,7 @@ static struct security_operations selinux_ops = { .file_send_sigiotask = selinux_file_send_sigiotask, .file_receive = selinux_file_receive, - .dentry_open = selinux_dentry_open, + .file_open = selinux_file_open, .task_create = selinux_task_create, .cred_alloc_blank = selinux_cred_alloc_blank, -- cgit v1.2.2 From d6ea83ec6864e9297fa8b00ec3dae183413a90e3 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 13:45:49 -0400 Subject: SELinux: audit failed attempts to set invalid labels We know that some yum operation is causing CAP_MAC_ADMIN failures. This implies that an RPM is laying down (or attempting to lay down) a file with an invalid label. The problem is that we don't have any information to track down the cause. This patch will cause such a failure to report the failed label in an SELINUX_ERR audit message. This is similar to the SELINUX_ERR reports on invalid transitions and things like that. It should help run down problems on what is trying to set invalid labels in the future. Resulting records look something like: type=AVC msg=audit(1319659241.138:71): avc: denied { mac_admin } for pid=2594 comm="chcon" capability=33 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=capability2 type=SELINUX_ERR msg=audit(1319659241.138:71): op=setxattr invalid_context=unconfined_u:object_r:hello:s0 type=SYSCALL msg=audit(1319659241.138:71): arch=c000003e syscall=188 success=no exit=-22 a0=a2c0e0 a1=390341b79b a2=a2d620 a3=1f items=1 ppid=2519 pid=2594 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=1 comm="chcon" exe="/usr/bin/chcon" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) type=CWD msg=audit(1319659241.138:71): cwd="/root" type=PATH msg=audit(1319659241.138:71): item=0 name="test" inode=785879 dev=fc:03 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=unconfined_u:object_r:admin_home_t:s0 Signed-off-by: Eric Paris --- security/selinux/hooks.c | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index dc15f16a357c..c3ee902306d8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2792,8 +2792,25 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, rc = security_context_to_sid(value, size, &newsid); if (rc == -EINVAL) { - if (!capable(CAP_MAC_ADMIN)) + if (!capable(CAP_MAC_ADMIN)) { + struct audit_buffer *ab; + size_t audit_size; + const char *str; + + /* We strip a nul only if it is at the end, otherwise the + * context contains a nul and we should audit that */ + str = value; + if (str[size - 1] == '\0') + audit_size = size - 1; + else + audit_size = size; + ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR); + audit_log_format(ab, "op=setxattr invalid_context="); + audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_end(ab); + return rc; + } rc = security_context_to_sid_force(value, size, &newsid); } if (rc) @@ -5335,8 +5352,23 @@ static int selinux_setprocattr(struct task_struct *p, } error = security_context_to_sid(value, size, &sid); if (error == -EINVAL && !strcmp(name, "fscreate")) { - if (!capable(CAP_MAC_ADMIN)) + if (!capable(CAP_MAC_ADMIN)) { + struct audit_buffer *ab; + size_t audit_size; + + /* We strip a nul only if it is at the end, otherwise the + * context contains a nul and we should audit that */ + if (str[size - 1] == '\0') + audit_size = size - 1; + else + audit_size = size; + ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR); + audit_log_format(ab, "op=fscreate invalid_context="); + audit_log_n_untrustedstring(ab, value, audit_size); + audit_log_end(ab); + return error; + } error = security_context_to_sid_force(value, size, &sid); } -- cgit v1.2.2 From 2e33405785d3eaec303c54b4a10afdebf3729da7 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:42 -0400 Subject: SELinux: delay initialization of audit data in selinux_inode_permission We pay a rather large overhead initializing the common_audit_data. Since we only need this information if we actually emit an audit message there is little need to set it up in the hot path. This patch splits the functionality of avc_has_perm() into avc_has_perm_noaudit(), avc_audit_required() and slow_avc_audit(). But we take care of setting up to audit between required() and the actual audit call. Thus saving measurable time in a hot path. Signed-off-by: Stephen Smalley Signed-off-by: Eric Paris --- security/selinux/hooks.c | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c3ee902306d8..c99027dc0b36 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2684,6 +2684,11 @@ static int selinux_inode_permission(struct inode *inode, int mask) u32 perms; bool from_access; unsigned flags = mask & MAY_NOT_BLOCK; + struct inode_security_struct *isec; + u32 sid; + struct av_decision avd; + int rc, rc2; + u32 audited, denied; from_access = mask & MAY_ACCESS; mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); @@ -2692,6 +2697,23 @@ static int selinux_inode_permission(struct inode *inode, int mask) if (!mask) return 0; + validate_creds(cred); + + if (unlikely(IS_PRIVATE(inode))) + return 0; + + perms = file_mask_to_av(inode->i_mode, mask); + + sid = cred_sid(cred); + isec = inode->i_security; + + rc = avc_has_perm_noaudit(sid, isec->sid, isec->sclass, perms, 0, &avd); + audited = avc_audit_required(perms, &avd, rc, + from_access ? FILE__AUDIT_ACCESS : 0, + &denied); + if (likely(!audited)) + return rc; + COMMON_AUDIT_DATA_INIT(&ad, INODE); ad.selinux_audit_data = &sad; ad.u.inode = inode; @@ -2699,9 +2721,11 @@ static int selinux_inode_permission(struct inode *inode, int mask) if (from_access) ad.selinux_audit_data->auditdeny |= FILE__AUDIT_ACCESS; - perms = file_mask_to_av(inode->i_mode, mask); - - return inode_has_perm(cred, inode, perms, &ad, flags); + rc2 = slow_avc_audit(sid, isec->sid, isec->sclass, perms, + audited, denied, &ad, flags); + if (rc2) + return rc2; + return rc; } static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) -- cgit v1.2.2 From 602a8dd6ea6abd463bc26310c4a1b44919f88e68 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:42 -0400 Subject: SELinux: remove inode_has_perm_noadp Both callers could better be using file_has_perm() to get better audit results. Signed-off-by: Eric Paris --- security/selinux/hooks.c | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c99027dc0b36..8417a6afaf30 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1488,20 +1488,6 @@ static int inode_has_perm(const struct cred *cred, return avc_has_perm_flags(sid, isec->sid, isec->sclass, perms, adp, flags); } -static int inode_has_perm_noadp(const struct cred *cred, - struct inode *inode, - u32 perms, - unsigned flags) -{ - struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; - - COMMON_AUDIT_DATA_INIT(&ad, INODE); - ad.u.inode = inode; - ad.selinux_audit_data = &sad; - return inode_has_perm(cred, inode, perms, &ad, flags); -} - /* Same as inode_has_perm, but pass explicit audit data containing the dentry to help the auditing code to more easily generate the pathname if needed. */ @@ -2128,21 +2114,17 @@ static inline void flush_unauthorized_files(const struct cred *cred, spin_lock(&tty_files_lock); if (!list_empty(&tty->tty_files)) { struct tty_file_private *file_priv; - struct inode *inode; /* Revalidate access to controlling tty. - Use inode_has_perm on the tty inode directly rather + Use path_has_perm on the tty path directly rather than using file_has_perm, as this particular open file may belong to another process and we are only interested in the inode-based check here. */ file_priv = list_first_entry(&tty->tty_files, struct tty_file_private, list); file = file_priv->file; - inode = file->f_path.dentry->d_inode; - if (inode_has_perm_noadp(cred, inode, - FILE__READ | FILE__WRITE, 0)) { + if (path_has_perm(cred, &file->f_path, FILE__READ | FILE__WRITE)) drop_tty = 1; - } } spin_unlock(&tty_files_lock); tty_kref_put(tty); @@ -3276,12 +3258,10 @@ static int selinux_file_receive(struct file *file) static int selinux_file_open(struct file *file, const struct cred *cred) { struct file_security_struct *fsec; - struct inode *inode; struct inode_security_struct *isec; - inode = file->f_path.dentry->d_inode; fsec = file->f_security; - isec = inode->i_security; + isec = file->f_path.dentry->d_inode->i_security; /* * Save inode label and policy sequence number * at open-time so that selinux_file_permission @@ -3299,7 +3279,7 @@ static int selinux_file_open(struct file *file, const struct cred *cred) * new inode label or new policy. * This check is not redundant - do not remove. */ - return inode_has_perm_noadp(cred, inode, open_file_to_av(file), 0); + return path_has_perm(cred, &file->f_path, open_file_to_av(file)); } /* task security operations */ -- cgit v1.2.2 From d4cf970d0732628d514405c5a975024b9e205b0b Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:42 -0400 Subject: SELinux: move common_audit_data to a noinline slow path function selinux_inode_has_perm is a hot path. Instead of declaring the common_audit_data on the stack move it to a noinline function only used in the rare case we need to send an audit message. Signed-off-by: Eric Paris --- security/selinux/hooks.c | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 8417a6afaf30..b3bd8e1d268a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2658,11 +2658,29 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na return dentry_has_perm(cred, dentry, FILE__READ); } -static int selinux_inode_permission(struct inode *inode, int mask) +static noinline int audit_inode_permission(struct inode *inode, + u32 perms, u32 audited, u32 denied, + unsigned flags) { - const struct cred *cred = current_cred(); struct common_audit_data ad; struct selinux_audit_data sad = {0,}; + struct inode_security_struct *isec = inode->i_security; + int rc; + + COMMON_AUDIT_DATA_INIT(&ad, INODE); + ad.selinux_audit_data = &sad; + ad.u.inode = inode; + + rc = slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms, + audited, denied, &ad, flags); + if (rc) + return rc; + return 0; +} + +static int selinux_inode_permission(struct inode *inode, int mask) +{ + const struct cred *cred = current_cred(); u32 perms; bool from_access; unsigned flags = mask & MAY_NOT_BLOCK; @@ -2696,15 +2714,7 @@ static int selinux_inode_permission(struct inode *inode, int mask) if (likely(!audited)) return rc; - COMMON_AUDIT_DATA_INIT(&ad, INODE); - ad.selinux_audit_data = &sad; - ad.u.inode = inode; - - if (from_access) - ad.selinux_audit_data->auditdeny |= FILE__AUDIT_ACCESS; - - rc2 = slow_avc_audit(sid, isec->sid, isec->sclass, perms, - audited, denied, &ad, flags); + rc2 = audit_inode_permission(inode, perms, audited, denied, flags); if (rc2) return rc2; return rc; -- cgit v1.2.2 From bd5e50f9c1c71daac273fa586424f07205f6b13b Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:42 -0400 Subject: LSM: remove the COMMON_AUDIT_DATA_INIT type expansion Just open code it so grep on the source code works better. Signed-off-by: Eric Paris --- security/selinux/hooks.c | 68 ++++++++++++++++++++++++------------------------ 1 file changed, 34 insertions(+), 34 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index b3bd8e1d268a..9f0384493009 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1427,7 +1427,7 @@ static int cred_has_capability(const struct cred *cred, u32 av = CAP_TO_MASK(cap); int rc; - COMMON_AUDIT_DATA_INIT(&ad, CAP); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_CAP); ad.selinux_audit_data = &sad; ad.tsk = current; ad.u.cap = cap; @@ -1499,7 +1499,7 @@ static inline int dentry_has_perm(const struct cred *cred, struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.u.dentry = dentry; ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); @@ -1516,7 +1516,7 @@ static inline int path_has_perm(const struct cred *cred, struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, PATH); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); ad.u.path = *path; ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); @@ -1541,7 +1541,7 @@ static int file_has_perm(const struct cred *cred, u32 sid = cred_sid(cred); int rc; - COMMON_AUDIT_DATA_INIT(&ad, PATH); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); ad.u.path = file->f_path; ad.selinux_audit_data = &sad; @@ -1582,7 +1582,7 @@ static int may_create(struct inode *dir, sid = tsec->sid; newsid = tsec->create_sid; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.u.dentry = dentry; ad.selinux_audit_data = &sad; @@ -1637,7 +1637,7 @@ static int may_link(struct inode *dir, dsec = dir->i_security; isec = dentry->d_inode->i_security; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.u.dentry = dentry; ad.selinux_audit_data = &sad; @@ -1685,7 +1685,7 @@ static inline int may_rename(struct inode *old_dir, old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode); new_dsec = new_dir->i_security; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = old_dentry; @@ -2011,7 +2011,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) return rc; } - COMMON_AUDIT_DATA_INIT(&ad, PATH); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); ad.selinux_audit_data = &sad; ad.u.path = bprm->file->f_path; @@ -2135,7 +2135,7 @@ static inline void flush_unauthorized_files(const struct cred *cred, /* Revalidate access to inherited open files. */ - COMMON_AUDIT_DATA_INIT(&ad, INODE); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE); ad.selinux_audit_data = &sad; spin_lock(&files->file_lock); @@ -2485,7 +2485,7 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) if (flags & MS_KERNMOUNT) return 0; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = sb->s_root; return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad); @@ -2497,7 +2497,7 @@ static int selinux_sb_statfs(struct dentry *dentry) struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = dentry->d_sb->s_root; return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); @@ -2667,7 +2667,7 @@ static noinline int audit_inode_permission(struct inode *inode, struct inode_security_struct *isec = inode->i_security; int rc; - COMMON_AUDIT_DATA_INIT(&ad, INODE); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE); ad.selinux_audit_data = &sad; ad.u.inode = inode; @@ -2797,7 +2797,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, if (!inode_owner_or_capable(inode)) return -EPERM; - COMMON_AUDIT_DATA_INIT(&ad, DENTRY); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); ad.selinux_audit_data = &sad; ad.u.dentry = dentry; @@ -3412,7 +3412,7 @@ static int selinux_kernel_module_request(char *kmod_name) sid = task_sid(current); - COMMON_AUDIT_DATA_INIT(&ad, KMOD); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_KMOD); ad.selinux_audit_data = &sad; ad.u.kmod_name = kmod_name; @@ -3793,7 +3793,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) if (sksec->sid == SECINITSID_KERNEL) return 0; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = sk; @@ -3901,7 +3901,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in snum, &sid); if (err) goto out; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); @@ -3936,7 +3936,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in if (err) goto out; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); @@ -3998,7 +3998,7 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address, perm = (sksec->sclass == SECCLASS_TCP_SOCKET) ? TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->dport = htons(snum); @@ -4095,7 +4095,7 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, struct lsm_network_audit net = {0,}; int err; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other; @@ -4128,7 +4128,7 @@ static int selinux_socket_unix_may_send(struct socket *sock, struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other->sk; @@ -4171,7 +4171,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, struct lsm_network_audit net = {0,}; char *addrp; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; @@ -4227,7 +4227,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) if (!secmark_active && !peerlbl_active) return 0; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; @@ -4584,7 +4584,7 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex, if (selinux_skb_peerlbl_sid(skb, family, &peer_sid) != 0) return NF_DROP; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4684,7 +4684,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, return NF_ACCEPT; sksec = sk->sk_security; - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4757,7 +4757,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, secmark_perm = PACKET__SEND; } - COMMON_AUDIT_DATA_INIT(&ad, NET); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4881,7 +4881,7 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, isec = ipc_perms->security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = ipc_perms->key; @@ -4913,7 +4913,7 @@ static int selinux_msg_queue_alloc_security(struct msg_queue *msq) isec = msq->q_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -4940,7 +4940,7 @@ static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) isec = msq->q_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5002,7 +5002,7 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, return rc; } - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5035,7 +5035,7 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, isec = msq->q_perm.security; msec = msg->security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5062,7 +5062,7 @@ static int selinux_shm_alloc_security(struct shmid_kernel *shp) isec = shp->shm_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; @@ -5089,7 +5089,7 @@ static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) isec = shp->shm_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; @@ -5158,7 +5158,7 @@ static int selinux_sem_alloc_security(struct sem_array *sma) isec = sma->sem_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; @@ -5185,7 +5185,7 @@ static int selinux_sem_associate(struct sem_array *sma, int semflg) isec = sma->sem_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, IPC); + COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; -- cgit v1.2.2 From b466066f9b648ccb6aa1e174f0389b7433e460fd Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:43 -0400 Subject: LSM: remove the task field from common_audit_data There are no legitimate users. Always use current and get back some stack space for the common_audit_data. Signed-off-by: Eric Paris --- security/selinux/hooks.c | 1 - 1 file changed, 1 deletion(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9f0384493009..d79762946c6e 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1429,7 +1429,6 @@ static int cred_has_capability(const struct cred *cred, COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_CAP); ad.selinux_audit_data = &sad; - ad.tsk = current; ad.u.cap = cap; switch (CAP_TO_INDEX(cap)) { -- cgit v1.2.2 From 50c205f5e5c2e2af002fd4ef537ded79b90b1b56 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:43 -0400 Subject: LSM: do not initialize common_audit_data to 0 It isn't needed. If you don't set the type of the data associated with that type it is a pretty obvious programming bug. So why waste the cycles? Signed-off-by: Eric Paris --- security/selinux/hooks.c | 68 ++++++++++++++++++++++++------------------------ 1 file changed, 34 insertions(+), 34 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d79762946c6e..d9fa2489a551 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1427,7 +1427,7 @@ static int cred_has_capability(const struct cred *cred, u32 av = CAP_TO_MASK(cap); int rc; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_CAP); + ad.type = LSM_AUDIT_DATA_CAP; ad.selinux_audit_data = &sad; ad.u.cap = cap; @@ -1498,7 +1498,7 @@ static inline int dentry_has_perm(const struct cred *cred, struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.u.dentry = dentry; ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); @@ -1515,7 +1515,7 @@ static inline int path_has_perm(const struct cred *cred, struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); + ad.type = LSM_AUDIT_DATA_PATH; ad.u.path = *path; ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); @@ -1540,7 +1540,7 @@ static int file_has_perm(const struct cred *cred, u32 sid = cred_sid(cred); int rc; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); + ad.type = LSM_AUDIT_DATA_PATH; ad.u.path = file->f_path; ad.selinux_audit_data = &sad; @@ -1581,7 +1581,7 @@ static int may_create(struct inode *dir, sid = tsec->sid; newsid = tsec->create_sid; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.u.dentry = dentry; ad.selinux_audit_data = &sad; @@ -1636,7 +1636,7 @@ static int may_link(struct inode *dir, dsec = dir->i_security; isec = dentry->d_inode->i_security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.u.dentry = dentry; ad.selinux_audit_data = &sad; @@ -1684,7 +1684,7 @@ static inline int may_rename(struct inode *old_dir, old_is_dir = S_ISDIR(old_dentry->d_inode->i_mode); new_dsec = new_dir->i_security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.selinux_audit_data = &sad; ad.u.dentry = old_dentry; @@ -2010,7 +2010,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) return rc; } - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_PATH); + ad.type = LSM_AUDIT_DATA_PATH; ad.selinux_audit_data = &sad; ad.u.path = bprm->file->f_path; @@ -2134,7 +2134,7 @@ static inline void flush_unauthorized_files(const struct cred *cred, /* Revalidate access to inherited open files. */ - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE); + ad.type = LSM_AUDIT_DATA_INODE; ad.selinux_audit_data = &sad; spin_lock(&files->file_lock); @@ -2484,7 +2484,7 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) if (flags & MS_KERNMOUNT) return 0; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.selinux_audit_data = &sad; ad.u.dentry = sb->s_root; return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad); @@ -2496,7 +2496,7 @@ static int selinux_sb_statfs(struct dentry *dentry) struct common_audit_data ad; struct selinux_audit_data sad = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.selinux_audit_data = &sad; ad.u.dentry = dentry->d_sb->s_root; return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); @@ -2666,7 +2666,7 @@ static noinline int audit_inode_permission(struct inode *inode, struct inode_security_struct *isec = inode->i_security; int rc; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_INODE); + ad.type = LSM_AUDIT_DATA_INODE; ad.selinux_audit_data = &sad; ad.u.inode = inode; @@ -2796,7 +2796,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, if (!inode_owner_or_capable(inode)) return -EPERM; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_DENTRY); + ad.type = LSM_AUDIT_DATA_DENTRY; ad.selinux_audit_data = &sad; ad.u.dentry = dentry; @@ -3411,7 +3411,7 @@ static int selinux_kernel_module_request(char *kmod_name) sid = task_sid(current); - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_KMOD); + ad.type = LSM_AUDIT_DATA_KMOD; ad.selinux_audit_data = &sad; ad.u.kmod_name = kmod_name; @@ -3792,7 +3792,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) if (sksec->sid == SECINITSID_KERNEL) return 0; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = sk; @@ -3900,7 +3900,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in snum, &sid); if (err) goto out; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); @@ -3935,7 +3935,7 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in if (err) goto out; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); @@ -3997,7 +3997,7 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address, perm = (sksec->sclass == SECCLASS_TCP_SOCKET) ? TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->dport = htons(snum); @@ -4094,7 +4094,7 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, struct lsm_network_audit net = {0,}; int err; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other; @@ -4127,7 +4127,7 @@ static int selinux_socket_unix_may_send(struct socket *sock, struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other->sk; @@ -4170,7 +4170,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, struct lsm_network_audit net = {0,}; char *addrp; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; @@ -4226,7 +4226,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) if (!secmark_active && !peerlbl_active) return 0; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; @@ -4583,7 +4583,7 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex, if (selinux_skb_peerlbl_sid(skb, family, &peer_sid) != 0) return NF_DROP; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4683,7 +4683,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, return NF_ACCEPT; sksec = sk->sk_security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4756,7 +4756,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, secmark_perm = PACKET__SEND; } - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_NET); + ad.type = LSM_AUDIT_DATA_NET; ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; @@ -4880,7 +4880,7 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, isec = ipc_perms->security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = ipc_perms->key; @@ -4912,7 +4912,7 @@ static int selinux_msg_queue_alloc_security(struct msg_queue *msq) isec = msq->q_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -4939,7 +4939,7 @@ static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) isec = msq->q_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5001,7 +5001,7 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, return rc; } - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5034,7 +5034,7 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, isec = msq->q_perm.security; msec = msg->security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; @@ -5061,7 +5061,7 @@ static int selinux_shm_alloc_security(struct shmid_kernel *shp) isec = shp->shm_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; @@ -5088,7 +5088,7 @@ static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) isec = shp->shm_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; @@ -5157,7 +5157,7 @@ static int selinux_sem_alloc_security(struct sem_array *sma) isec = sma->sem_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; @@ -5184,7 +5184,7 @@ static int selinux_sem_associate(struct sem_array *sma, int semflg) isec = sma->sem_perm.security; - COMMON_AUDIT_DATA_INIT(&ad, LSM_AUDIT_DATA_IPC); + ad.type = LSM_AUDIT_DATA_IPC; ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; -- cgit v1.2.2 From 899838b25f063a94594b1df6e0100aea1ec57fac Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 4 Apr 2012 15:01:43 -0400 Subject: SELinux: unify the selinux_audit_data and selinux_late_audit_data We no longer need the distinction. We only need data after we decide to do an audit. So turn the "late" audit data into just "data" and remove what we currently have as "data". Signed-off-by: Eric Paris --- security/selinux/hooks.c | 67 ------------------------------------------------ 1 file changed, 67 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d9fa2489a551..2578de549ad7 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1420,7 +1420,6 @@ static int cred_has_capability(const struct cred *cred, int cap, int audit) { struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct av_decision avd; u16 sclass; u32 sid = cred_sid(cred); @@ -1428,7 +1427,6 @@ static int cred_has_capability(const struct cred *cred, int rc; ad.type = LSM_AUDIT_DATA_CAP; - ad.selinux_audit_data = &sad; ad.u.cap = cap; switch (CAP_TO_INDEX(cap)) { @@ -1496,11 +1494,9 @@ static inline int dentry_has_perm(const struct cred *cred, { struct inode *inode = dentry->d_inode; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; ad.type = LSM_AUDIT_DATA_DENTRY; ad.u.dentry = dentry; - ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); } @@ -1513,11 +1509,9 @@ static inline int path_has_perm(const struct cred *cred, { struct inode *inode = path->dentry->d_inode; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; ad.type = LSM_AUDIT_DATA_PATH; ad.u.path = *path; - ad.selinux_audit_data = &sad; return inode_has_perm(cred, inode, av, &ad, 0); } @@ -1536,13 +1530,11 @@ static int file_has_perm(const struct cred *cred, struct file_security_struct *fsec = file->f_security; struct inode *inode = file->f_path.dentry->d_inode; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = cred_sid(cred); int rc; ad.type = LSM_AUDIT_DATA_PATH; ad.u.path = file->f_path; - ad.selinux_audit_data = &sad; if (sid != fsec->sid) { rc = avc_has_perm(sid, fsec->sid, @@ -1572,7 +1564,6 @@ static int may_create(struct inode *dir, struct superblock_security_struct *sbsec; u32 sid, newsid; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; int rc; dsec = dir->i_security; @@ -1583,7 +1574,6 @@ static int may_create(struct inode *dir, ad.type = LSM_AUDIT_DATA_DENTRY; ad.u.dentry = dentry; - ad.selinux_audit_data = &sad; rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, DIR__ADD_NAME | DIR__SEARCH, @@ -1628,7 +1618,6 @@ static int may_link(struct inode *dir, { struct inode_security_struct *dsec, *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); u32 av; int rc; @@ -1638,7 +1627,6 @@ static int may_link(struct inode *dir, ad.type = LSM_AUDIT_DATA_DENTRY; ad.u.dentry = dentry; - ad.selinux_audit_data = &sad; av = DIR__SEARCH; av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME); @@ -1673,7 +1661,6 @@ static inline int may_rename(struct inode *old_dir, { struct inode_security_struct *old_dsec, *new_dsec, *old_isec, *new_isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); u32 av; int old_is_dir, new_is_dir; @@ -1685,7 +1672,6 @@ static inline int may_rename(struct inode *old_dir, new_dsec = new_dir->i_security; ad.type = LSM_AUDIT_DATA_DENTRY; - ad.selinux_audit_data = &sad; ad.u.dentry = old_dentry; rc = avc_has_perm(sid, old_dsec->sid, SECCLASS_DIR, @@ -1971,7 +1957,6 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) struct task_security_struct *new_tsec; struct inode_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct inode *inode = bprm->file->f_path.dentry->d_inode; int rc; @@ -2011,7 +1996,6 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) } ad.type = LSM_AUDIT_DATA_PATH; - ad.selinux_audit_data = &sad; ad.u.path = bprm->file->f_path; if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) @@ -2101,7 +2085,6 @@ static inline void flush_unauthorized_files(const struct cred *cred, struct files_struct *files) { struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct file *file, *devnull = NULL; struct tty_struct *tty; struct fdtable *fdt; @@ -2135,7 +2118,6 @@ static inline void flush_unauthorized_files(const struct cred *cred, /* Revalidate access to inherited open files. */ ad.type = LSM_AUDIT_DATA_INODE; - ad.selinux_audit_data = &sad; spin_lock(&files->file_lock); for (;;) { @@ -2473,7 +2455,6 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) { const struct cred *cred = current_cred(); struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; int rc; rc = superblock_doinit(sb, data); @@ -2485,7 +2466,6 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) return 0; ad.type = LSM_AUDIT_DATA_DENTRY; - ad.selinux_audit_data = &sad; ad.u.dentry = sb->s_root; return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad); } @@ -2494,10 +2474,8 @@ static int selinux_sb_statfs(struct dentry *dentry) { const struct cred *cred = current_cred(); struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; ad.type = LSM_AUDIT_DATA_DENTRY; - ad.selinux_audit_data = &sad; ad.u.dentry = dentry->d_sb->s_root; return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); } @@ -2662,12 +2640,10 @@ static noinline int audit_inode_permission(struct inode *inode, unsigned flags) { struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct inode_security_struct *isec = inode->i_security; int rc; ad.type = LSM_AUDIT_DATA_INODE; - ad.selinux_audit_data = &sad; ad.u.inode = inode; rc = slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms, @@ -2782,7 +2758,6 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, struct inode_security_struct *isec = inode->i_security; struct superblock_security_struct *sbsec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 newsid, sid = current_sid(); int rc = 0; @@ -2797,7 +2772,6 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, return -EPERM; ad.type = LSM_AUDIT_DATA_DENTRY; - ad.selinux_audit_data = &sad; ad.u.dentry = dentry; rc = avc_has_perm(sid, isec->sid, isec->sclass, @@ -3407,12 +3381,10 @@ static int selinux_kernel_module_request(char *kmod_name) { u32 sid; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; sid = task_sid(current); ad.type = LSM_AUDIT_DATA_KMOD; - ad.selinux_audit_data = &sad; ad.u.kmod_name = kmod_name; return avc_has_perm(sid, SECINITSID_KERNEL, SECCLASS_SYSTEM, @@ -3785,7 +3757,6 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) { struct sk_security_struct *sksec = sk->sk_security; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; u32 tsid = task_sid(task); @@ -3793,7 +3764,6 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) return 0; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = sk; @@ -3873,7 +3843,6 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in char *addrp; struct sk_security_struct *sksec = sk->sk_security; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; struct sockaddr_in *addr4 = NULL; struct sockaddr_in6 *addr6 = NULL; @@ -3901,7 +3870,6 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in if (err) goto out; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); ad.u.net->family = family; @@ -3936,7 +3904,6 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in goto out; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sport = htons(snum); ad.u.net->family = family; @@ -3971,7 +3938,6 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address, if (sksec->sclass == SECCLASS_TCP_SOCKET || sksec->sclass == SECCLASS_DCCP_SOCKET) { struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; struct sockaddr_in *addr4 = NULL; struct sockaddr_in6 *addr6 = NULL; @@ -3998,7 +3964,6 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address, TCP_SOCKET__NAME_CONNECT : DCCP_SOCKET__NAME_CONNECT; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->dport = htons(snum); ad.u.net->family = sk->sk_family; @@ -4090,12 +4055,10 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, struct sk_security_struct *sksec_other = other->sk_security; struct sk_security_struct *sksec_new = newsk->sk_security; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; int err; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other; @@ -4124,11 +4087,9 @@ static int selinux_socket_unix_may_send(struct socket *sock, struct sk_security_struct *ssec = sock->sk->sk_security; struct sk_security_struct *osec = other->sk->sk_security; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->sk = other->sk; @@ -4166,12 +4127,10 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, struct sk_security_struct *sksec = sk->sk_security; u32 sk_sid = sksec->sid; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; char *addrp; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; ad.u.net->family = family; @@ -4201,7 +4160,6 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) u16 family = sk->sk_family; u32 sk_sid = sksec->sid; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; char *addrp; u8 secmark_active; @@ -4227,7 +4185,6 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) return 0; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = skb->skb_iif; ad.u.net->family = family; @@ -4565,7 +4522,6 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex, char *addrp; u32 peer_sid; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; u8 secmark_active; u8 netlbl_active; @@ -4584,7 +4540,6 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex, return NF_DROP; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; ad.u.net->family = family; @@ -4674,7 +4629,6 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, struct sock *sk = skb->sk; struct sk_security_struct *sksec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; char *addrp; u8 proto; @@ -4684,7 +4638,6 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, sksec = sk->sk_security; ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; ad.u.net->family = family; @@ -4709,7 +4662,6 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, u32 peer_sid; struct sock *sk; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; struct lsm_network_audit net = {0,}; char *addrp; u8 secmark_active; @@ -4757,7 +4709,6 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, } ad.type = LSM_AUDIT_DATA_NET; - ad.selinux_audit_data = &sad; ad.u.net = &net; ad.u.net->netif = ifindex; ad.u.net->family = family; @@ -4875,13 +4826,11 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); isec = ipc_perms->security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = ipc_perms->key; return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad); @@ -4902,7 +4851,6 @@ static int selinux_msg_queue_alloc_security(struct msg_queue *msq) { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); int rc; @@ -4913,7 +4861,6 @@ static int selinux_msg_queue_alloc_security(struct msg_queue *msq) isec = msq->q_perm.security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, @@ -4934,13 +4881,11 @@ static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); isec = msq->q_perm.security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, @@ -4980,7 +4925,6 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, struct ipc_security_struct *isec; struct msg_security_struct *msec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); int rc; @@ -5002,7 +4946,6 @@ static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, } ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; /* Can this process write to the queue? */ @@ -5027,7 +4970,6 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, struct ipc_security_struct *isec; struct msg_security_struct *msec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = task_sid(target); int rc; @@ -5035,7 +4977,6 @@ static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, msec = msg->security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = msq->q_perm.key; rc = avc_has_perm(sid, isec->sid, @@ -5051,7 +4992,6 @@ static int selinux_shm_alloc_security(struct shmid_kernel *shp) { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); int rc; @@ -5062,7 +5002,6 @@ static int selinux_shm_alloc_security(struct shmid_kernel *shp) isec = shp->shm_perm.security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; rc = avc_has_perm(sid, isec->sid, SECCLASS_SHM, @@ -5083,13 +5022,11 @@ static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); isec = shp->shm_perm.security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = shp->shm_perm.key; return avc_has_perm(sid, isec->sid, SECCLASS_SHM, @@ -5147,7 +5084,6 @@ static int selinux_sem_alloc_security(struct sem_array *sma) { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); int rc; @@ -5158,7 +5094,6 @@ static int selinux_sem_alloc_security(struct sem_array *sma) isec = sma->sem_perm.security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; rc = avc_has_perm(sid, isec->sid, SECCLASS_SEM, @@ -5179,13 +5114,11 @@ static int selinux_sem_associate(struct sem_array *sma, int semflg) { struct ipc_security_struct *isec; struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; u32 sid = current_sid(); isec = sma->sem_perm.security; ad.type = LSM_AUDIT_DATA_IPC; - ad.selinux_audit_data = &sad; ad.u.ipc_id = sma->sem_perm.key; return avc_has_perm(sid, isec->sid, SECCLASS_SEM, -- cgit v1.2.2 From c737f8284cac91428f8fcc8281e69117fa16e887 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Thu, 5 Apr 2012 13:51:53 -0400 Subject: SELinux: remove unused common_audit_data in flush_unauthorized_files We don't need this variable and it just eats stack space. Remove it. Signed-off-by: Eric Paris --- security/selinux/hooks.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2578de549ad7..e94349b85bfe 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2084,7 +2084,6 @@ static int selinux_bprm_secureexec(struct linux_binprm *bprm) static inline void flush_unauthorized_files(const struct cred *cred, struct files_struct *files) { - struct common_audit_data ad; struct file *file, *devnull = NULL; struct tty_struct *tty; struct fdtable *fdt; @@ -2116,9 +2115,6 @@ static inline void flush_unauthorized_files(const struct cred *cred, no_tty(); /* Revalidate access to inherited open files. */ - - ad.type = LSM_AUDIT_DATA_INODE; - spin_lock(&files->file_lock); for (;;) { unsigned long set, i; -- cgit v1.2.2