[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1170872654.11912.87.camel@moss-spartans.epoch.ncsc.mil>
Date: Wed, 07 Feb 2007 13:24:14 -0500
From: Stephen Smalley <sds@...ho.nsa.gov>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Andrew Morton <akpm@...l.org>, Ingo Molnar <mingo@...e.hu>,
tglx@...utronix.de, linux-kernel@...r.kernel.org,
selinux@...ho.nsa.gov, jmorris@...ei.org
Subject: Re: [PATCH 2/2] sysctl: Restore the selinux path based label
lookup for sysctls.
On Tue, 2007-02-06 at 14:21 -0700, Eric W. Biederman wrote:
> This time instead of generating the generating the paths from proc_dir_entries
> generate the labels from the names in the sysctl ctl_tables themselves. This
> removes an unnecessary layer of indirection, allows this to work even when
> procfs support is not compiled into the kernel, and especially allows it
> to work now that ctl_tables no longer have a proc_dir_entry field.
Thanks, looks sane.
> I continue passing "proc" into genfs sid although that is complete nonsense
> to allow existing selinux policies to work without modification.
>
> Signed-off-by: Eric W. Biederman <ebiederm@...ssion.com>
Acked-by: Stephen Smalley <sds@...ho.nsa.gov>
> ---
> security/selinux/hooks.c | 43 +++++++++++++++++++++++++++++++++++++++++--
> 1 files changed, 41 insertions(+), 2 deletions(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 3a36057..c17a8dd 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -1424,6 +1424,41 @@ static int selinux_capable(struct task_struct *tsk, int cap)
> return task_has_capability(tsk,cap);
> }
>
> +static int selinux_sysctl_get_sid(ctl_table *table, u16 tclass, u32 *sid)
> +{
> + int buflen, rc;
> + char *buffer, *path, *end;
> +
> + rc = -ENOMEM;
> + buffer = (char*)__get_free_page(GFP_KERNEL);
> + if (!buffer)
> + goto out;
> +
> + buflen = PAGE_SIZE;
> + end = buffer+buflen;
> + *--end = '\0';
> + buflen--;
> + path = end-1;
> + *path = '/';
> + while (table) {
> + const char *name = table->procname;
> + size_t namelen = strlen(name);
> + buflen -= namelen + 1;
> + if (buflen < 0)
> + goto out_free;
> + end -= namelen;
> + memcpy(end, name, namelen);
> + *--end = '/';
> + path = end;
> + table = table->parent;
> + }
> + rc = security_genfs_sid("proc", path, tclass, sid);
> +out_free:
> + free_page((unsigned long)buffer);
> +out:
> + return rc;
> +}
> +
> static int selinux_sysctl(ctl_table *table, int op)
> {
> int error = 0;
> @@ -1438,8 +1473,12 @@ static int selinux_sysctl(ctl_table *table, int op)
>
> tsec = current->security;
>
> - /* Use the well-defined sysctl SID. */
> - tsid = SECINITSID_SYSCTL;
> + rc = selinux_sysctl_get_sid(table, (op == 0001) ?
> + SECCLASS_DIR : SECCLASS_FILE, &tsid);
> + if (rc) {
> + /* Default to the well-defined sysctl SID. */
> + tsid = SECINITSID_SYSCTL;
> + }
>
> /* The op values are "defined" in sysctl.c, thereby creating
> * a bad coupling between this module and sysctl.c */
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists