lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 07 Feb 2007 13:24:14 -0500
From:	Stephen Smalley <sds@...ho.nsa.gov>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
Cc:	Andrew Morton <akpm@...l.org>, Ingo Molnar <mingo@...e.hu>,
	tglx@...utronix.de, linux-kernel@...r.kernel.org,
	selinux@...ho.nsa.gov, jmorris@...ei.org
Subject: Re: [PATCH 2/2] sysctl: Restore the selinux path based label
	lookup for sysctls.

On Tue, 2007-02-06 at 14:21 -0700, Eric W. Biederman wrote:
> This time instead of generating the generating the paths from proc_dir_entries
> generate the labels from the names in the sysctl ctl_tables themselves.  This
> removes an unnecessary layer of indirection, allows this to work even when
> procfs support is not compiled into the kernel, and especially allows it
> to work now that ctl_tables no longer have a proc_dir_entry field.

Thanks, looks sane.

> I continue passing "proc" into genfs sid although that is complete nonsense
> to allow existing selinux policies to work without modification.
> 
> Signed-off-by: Eric W. Biederman <ebiederm@...ssion.com>

Acked-by:  Stephen Smalley <sds@...ho.nsa.gov>

> ---
>  security/selinux/hooks.c |   43 +++++++++++++++++++++++++++++++++++++++++--
>  1 files changed, 41 insertions(+), 2 deletions(-)
> 
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 3a36057..c17a8dd 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -1424,6 +1424,41 @@ static int selinux_capable(struct task_struct *tsk, int cap)
>  	return task_has_capability(tsk,cap);
>  }
>  
> +static int selinux_sysctl_get_sid(ctl_table *table, u16 tclass, u32 *sid)
> +{
> +	int buflen, rc;
> +	char *buffer, *path, *end;
> +
> +	rc = -ENOMEM;
> +	buffer = (char*)__get_free_page(GFP_KERNEL);
> +	if (!buffer)
> +		goto out;
> +
> +	buflen = PAGE_SIZE;
> +	end = buffer+buflen;
> +	*--end = '\0';
> +	buflen--;
> +	path = end-1;
> +	*path = '/';
> +	while (table) {
> +		const char *name = table->procname;
> +		size_t namelen = strlen(name);
> +		buflen -= namelen + 1;
> +		if (buflen < 0)
> +			goto out_free;
> +		end -= namelen;
> +		memcpy(end, name, namelen);
> +		*--end = '/';
> +		path = end;
> +		table = table->parent;
> +	}
> +	rc = security_genfs_sid("proc", path, tclass, sid);
> +out_free:
> +	free_page((unsigned long)buffer);
> +out:
> +	return rc;
> +}
> +
>  static int selinux_sysctl(ctl_table *table, int op)
>  {
>  	int error = 0;
> @@ -1438,8 +1473,12 @@ static int selinux_sysctl(ctl_table *table, int op)
>  
>  	tsec = current->security;
>  
> -	/* Use the well-defined sysctl SID. */
> -	tsid = SECINITSID_SYSCTL;
> +	rc = selinux_sysctl_get_sid(table, (op == 0001) ?
> +				    SECCLASS_DIR : SECCLASS_FILE, &tsid);
> +	if (rc) {
> +		/* Default to the well-defined sysctl SID. */
> +		tsid = SECINITSID_SYSCTL;
> +	}
>  
>  	/* The op values are "defined" in sysctl.c, thereby creating
>  	 * a bad coupling between this module and sysctl.c */
-- 
Stephen Smalley
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ