selinux/stable-4.14 PR 20170831
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEcQCq365ubpQNLgrWVeRaWujKfIoFAlmoS/wUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQVeRaWujKfIqubxAAhkcmOgf+bh881VOWjkrl0MpO6n30 LAyLHNpa95xYw7AuxSrx+XP21hZHVWOSPEZdDjC+BOTToqv025XyYUAh+vvhm1pc HgT7oNOyfEnGdXG8VtluC2zhSunw/gDz7uoUh7+dHpVqa+NayRqaopNY+4tgtVjT 6/DMwfvonTD5GWaNxraFZLaOENXAjbdVBcqoHhnY9cp4w5uGQ3rt6dFpLpW/gW7n /fUzsjnLTztrsRx3nyEkwJuo/pxugbmZU5sjVgCFd7P729CfBVKqoToIh0CqJfj6 s4RIb//XmRxxiTF1EO7N1suPaqnESjT+Ua3moIuEixs4QjiEu25TNZy8K0b2zLsL sTt40F5KAbKYXH/WyZxEtPf0HOUwL68oFZ+c4VYcCK6LwJmBLnfhan4BSZgH0/EO rBIlb5O1znyfuGmLnjUfn+BlPuP35PhRpZVWP2eLZtOC4lY+yaVqzauFIEY/wY96 dYM6YwtJYuZ3C8sQxjT6UWuOYyj/02EgPbvlS7nv4zp1pZNnZ0dx8sfEu6FNeakY QZAaI4oDvkpj7x4a0biNinacCYIUacRDF63jcKQnaNp3F3Nf1Vh4DKQWbFLfMidN luWsEsVrPfLynUMZLq3KVUg825bTQw1MapqzlADmOyX6Dq/87/a+nY9IXWOH9TSm fJjuSsMAtnui1/k= =/6oy -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux updates from Paul Moore: "A relatively quiet period for SELinux, 11 patches with only two/three having any substantive changes. These noteworthy changes include another tweak to the NNP/nosuid handling, per-file labeling for cgroups, and an object class fix for AF_UNIX/SOCK_RAW sockets; the rest of the changes are minor tweaks or administrative updates (Stephen's email update explains the file explosion in the diffstat). Everything passes the selinux-testsuite" [ Also a couple of small patches from the security tree from Tetsuo Handa for Tomoyo and LSM cleanup. The separation of security policy updates wasn't all that clean - Linus ] * tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: constify nf_hook_ops selinux: allow per-file labeling for cgroupfs lsm_audit: update my email address selinux: update my email address MAINTAINERS: update the NetLabel and Labeled Networking information selinux: use GFP_NOWAIT in the AVC kmem_caches selinux: Generalize support for NNP/nosuid SELinux domain transitions selinux: genheaders should fail if too many permissions are defined selinux: update the selinux info in MAINTAINERS credits: update Paul Moore's info selinux: Assign proper class to PF_UNIX/SOCK_RAW sockets tomoyo: Update URLs in Documentation/admin-guide/LSM/tomoyo.rst LSM: Remove security_task_create() hook.
This commit is contained in:
commit
7f85565a3f
8
CREDITS
8
CREDITS
|
@ -2606,11 +2606,9 @@ E: tmolina@cablespeed.com
|
|||
D: bug fixes, documentation, minor hackery
|
||||
|
||||
N: Paul Moore
|
||||
E: paul.moore@hp.com
|
||||
D: NetLabel author
|
||||
S: Hewlett-Packard
|
||||
S: 110 Spit Brook Road
|
||||
S: Nashua, NH 03062
|
||||
E: paul@paul-moore.com
|
||||
W: http://www.paul-moore.com
|
||||
D: NetLabel, SELinux, audit
|
||||
|
||||
N: James Morris
|
||||
E: jmorris@namei.org
|
||||
|
|
|
@ -9,8 +9,8 @@ TOMOYO is a name-based MAC extension (LSM module) for the Linux kernel.
|
|||
|
||||
LiveCD-based tutorials are available at
|
||||
|
||||
http://tomoyo.sourceforge.jp/1.7/1st-step/ubuntu10.04-live/
|
||||
http://tomoyo.sourceforge.jp/1.7/1st-step/centos5-live/
|
||||
http://tomoyo.sourceforge.jp/1.8/ubuntu12.04-live.html
|
||||
http://tomoyo.sourceforge.jp/1.8/centos6-live.html
|
||||
|
||||
Though these tutorials use non-LSM version of TOMOYO, they are useful for you
|
||||
to know what TOMOYO is.
|
||||
|
@ -21,35 +21,35 @@ How to enable TOMOYO?
|
|||
Build the kernel with ``CONFIG_SECURITY_TOMOYO=y`` and pass ``security=tomoyo`` on
|
||||
kernel's command line.
|
||||
|
||||
Please see http://tomoyo.sourceforge.jp/2.3/ for details.
|
||||
Please see http://tomoyo.osdn.jp/2.5/ for details.
|
||||
|
||||
Where is documentation?
|
||||
=======================
|
||||
|
||||
User <-> Kernel interface documentation is available at
|
||||
http://tomoyo.sourceforge.jp/2.3/policy-reference.html .
|
||||
http://tomoyo.osdn.jp/2.5/policy-specification/index.html .
|
||||
|
||||
Materials we prepared for seminars and symposiums are available at
|
||||
http://sourceforge.jp/projects/tomoyo/docs/?category_id=532&language_id=1 .
|
||||
http://osdn.jp/projects/tomoyo/docs/?category_id=532&language_id=1 .
|
||||
Below lists are chosen from three aspects.
|
||||
|
||||
What is TOMOYO?
|
||||
TOMOYO Linux Overview
|
||||
http://sourceforge.jp/projects/tomoyo/docs/lca2009-takeda.pdf
|
||||
http://osdn.jp/projects/tomoyo/docs/lca2009-takeda.pdf
|
||||
TOMOYO Linux: pragmatic and manageable security for Linux
|
||||
http://sourceforge.jp/projects/tomoyo/docs/freedomhectaipei-tomoyo.pdf
|
||||
http://osdn.jp/projects/tomoyo/docs/freedomhectaipei-tomoyo.pdf
|
||||
TOMOYO Linux: A Practical Method to Understand and Protect Your Own Linux Box
|
||||
http://sourceforge.jp/projects/tomoyo/docs/PacSec2007-en-no-demo.pdf
|
||||
http://osdn.jp/projects/tomoyo/docs/PacSec2007-en-no-demo.pdf
|
||||
|
||||
What can TOMOYO do?
|
||||
Deep inside TOMOYO Linux
|
||||
http://sourceforge.jp/projects/tomoyo/docs/lca2009-kumaneko.pdf
|
||||
http://osdn.jp/projects/tomoyo/docs/lca2009-kumaneko.pdf
|
||||
The role of "pathname based access control" in security.
|
||||
http://sourceforge.jp/projects/tomoyo/docs/lfj2008-bof.pdf
|
||||
http://osdn.jp/projects/tomoyo/docs/lfj2008-bof.pdf
|
||||
|
||||
History of TOMOYO?
|
||||
Realities of Mainlining
|
||||
http://sourceforge.jp/projects/tomoyo/docs/lfj2008.pdf
|
||||
http://osdn.jp/projects/tomoyo/docs/lfj2008.pdf
|
||||
|
||||
What is future plan?
|
||||
====================
|
||||
|
@ -60,6 +60,6 @@ multiple LSM modules at the same time. We feel sorry that you have to give up
|
|||
SELinux/SMACK/AppArmor etc. when you want to use TOMOYO.
|
||||
|
||||
We hope that LSM becomes stackable in future. Meanwhile, you can use non-LSM
|
||||
version of TOMOYO, available at http://tomoyo.sourceforge.jp/1.7/ .
|
||||
version of TOMOYO, available at http://tomoyo.osdn.jp/1.8/ .
|
||||
LSM version of TOMOYO is a subset of non-LSM version of TOMOYO. We are planning
|
||||
to port non-LSM version's functionalities to LSM versions.
|
||||
|
|
29
MAINTAINERS
29
MAINTAINERS
|
@ -9298,15 +9298,6 @@ F: net/*/netfilter/
|
|||
F: net/netfilter/
|
||||
F: net/bridge/br_netfilter*.c
|
||||
|
||||
NETLABEL
|
||||
M: Paul Moore <paul@paul-moore.com>
|
||||
W: http://netlabel.sf.net
|
||||
L: netdev@vger.kernel.org
|
||||
S: Maintained
|
||||
F: Documentation/netlabel/
|
||||
F: include/net/netlabel.h
|
||||
F: net/netlabel/
|
||||
|
||||
NETROM NETWORK LAYER
|
||||
M: Ralf Baechle <ralf@linux-mips.org>
|
||||
L: linux-hams@vger.kernel.org
|
||||
|
@ -9434,10 +9425,23 @@ F: net/ipv6/
|
|||
F: include/net/ip*
|
||||
F: arch/x86/net/*
|
||||
|
||||
NETWORKING [LABELED] (NetLabel, CIPSO, Labeled IPsec, SECMARK)
|
||||
NETWORKING [LABELED] (NetLabel, Labeled IPsec, SECMARK)
|
||||
M: Paul Moore <paul@paul-moore.com>
|
||||
W: https://github.com/netlabel
|
||||
L: netdev@vger.kernel.org
|
||||
L: linux-security-module@vger.kernel.org
|
||||
S: Maintained
|
||||
F: Documentation/netlabel/
|
||||
F: include/net/calipso.h
|
||||
F: include/net/cipso_ipv4.h
|
||||
F: include/net/netlabel.h
|
||||
F: include/uapi/linux/netfilter/xt_SECMARK.h
|
||||
F: include/uapi/linux/netfilter/xt_CONNSECMARK.h
|
||||
F: net/netlabel/
|
||||
F: net/ipv4/cipso_ipv4.c
|
||||
F: net/ipv6/calipso.c
|
||||
F: net/netfilter/xt_CONNSECMARK.c
|
||||
F: net/netfilter/xt_SECMARK.c
|
||||
|
||||
NETWORKING [TLS]
|
||||
M: Ilya Lesokhin <ilyal@mellanox.com>
|
||||
|
@ -12023,8 +12027,9 @@ M: Paul Moore <paul@paul-moore.com>
|
|||
M: Stephen Smalley <sds@tycho.nsa.gov>
|
||||
M: Eric Paris <eparis@parisplace.org>
|
||||
L: selinux@tycho.nsa.gov (moderated for non-subscribers)
|
||||
W: http://selinuxproject.org
|
||||
T: git git://git.infradead.org/users/pcmoore/selinux
|
||||
W: https://selinuxproject.org
|
||||
W: https://github.com/SELinuxProject
|
||||
T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
|
||||
S: Supported
|
||||
F: include/linux/selinux*
|
||||
F: security/selinux/
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
*
|
||||
* Author : Etienne BASSET <etienne.basset@ensta.org>
|
||||
*
|
||||
* All credits to : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* All credits to : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
* All BUGS to : Etienne BASSET <etienne.basset@ensta.org>
|
||||
*/
|
||||
#ifndef _LSM_COMMON_LOGGING_
|
||||
|
|
|
@ -528,11 +528,6 @@
|
|||
*
|
||||
* Security hooks for task operations.
|
||||
*
|
||||
* @task_create:
|
||||
* Check permission before creating a child process. See the clone(2)
|
||||
* manual page for definitions of the @clone_flags.
|
||||
* @clone_flags contains the flags indicating what should be shared.
|
||||
* Return 0 if permission is granted.
|
||||
* @task_alloc:
|
||||
* @task task being allocated.
|
||||
* @clone_flags contains the flags indicating what should be shared.
|
||||
|
@ -1505,7 +1500,6 @@ union security_list_options {
|
|||
int (*file_receive)(struct file *file);
|
||||
int (*file_open)(struct file *file, const struct cred *cred);
|
||||
|
||||
int (*task_create)(unsigned long clone_flags);
|
||||
int (*task_alloc)(struct task_struct *task, unsigned long clone_flags);
|
||||
void (*task_free)(struct task_struct *task);
|
||||
int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp);
|
||||
|
@ -1779,7 +1773,6 @@ struct security_hook_heads {
|
|||
struct list_head file_send_sigiotask;
|
||||
struct list_head file_receive;
|
||||
struct list_head file_open;
|
||||
struct list_head task_create;
|
||||
struct list_head task_alloc;
|
||||
struct list_head task_free;
|
||||
struct list_head cred_alloc_blank;
|
||||
|
|
|
@ -318,7 +318,6 @@ int security_file_send_sigiotask(struct task_struct *tsk,
|
|||
struct fown_struct *fown, int sig);
|
||||
int security_file_receive(struct file *file);
|
||||
int security_file_open(struct file *file, const struct cred *cred);
|
||||
int security_task_create(unsigned long clone_flags);
|
||||
int security_task_alloc(struct task_struct *task, unsigned long clone_flags);
|
||||
void security_task_free(struct task_struct *task);
|
||||
int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
|
||||
|
@ -880,11 +879,6 @@ static inline int security_file_open(struct file *file,
|
|||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_task_create(unsigned long clone_flags)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_task_alloc(struct task_struct *task,
|
||||
unsigned long clone_flags)
|
||||
{
|
||||
|
|
|
@ -1569,10 +1569,6 @@ static __latent_entropy struct task_struct *copy_process(
|
|||
return ERR_PTR(-EINVAL);
|
||||
}
|
||||
|
||||
retval = security_task_create(clone_flags);
|
||||
if (retval)
|
||||
goto fork_out;
|
||||
|
||||
retval = -ENOMEM;
|
||||
p = dup_task_struct(current, node);
|
||||
if (!p)
|
||||
|
|
|
@ -129,11 +129,16 @@ int main(int argc, char *argv[])
|
|||
for (i = 0; secclass_map[i].name; i++) {
|
||||
struct security_class_mapping *map = &secclass_map[i];
|
||||
for (j = 0; map->perms[j]; j++) {
|
||||
if (j >= 32) {
|
||||
fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n",
|
||||
map->name, map->perms[j]);
|
||||
exit(5);
|
||||
}
|
||||
fprintf(fout, "#define %s__%s", map->name,
|
||||
map->perms[j]);
|
||||
for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++)
|
||||
fprintf(fout, " ");
|
||||
fprintf(fout, "0x%08xUL\n", (1<<j));
|
||||
fprintf(fout, "0x%08xU\n", (1<<j));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
* common LSM auditing functions
|
||||
*
|
||||
* Based on code written for SELinux by :
|
||||
* Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
* James Morris <jmorris@redhat.com>
|
||||
* Author : Etienne Basset, <etienne.basset@ensta.org>
|
||||
*
|
||||
|
|
|
@ -974,11 +974,6 @@ int security_file_open(struct file *file, const struct cred *cred)
|
|||
return fsnotify_perm(file, MAY_OPEN);
|
||||
}
|
||||
|
||||
int security_task_create(unsigned long clone_flags)
|
||||
{
|
||||
return call_int_hook(task_create, 0, clone_flags);
|
||||
}
|
||||
|
||||
int security_task_alloc(struct task_struct *task, unsigned long clone_flags)
|
||||
{
|
||||
return call_int_hook(task_alloc, 0, task, clone_flags);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the kernel access vector cache (AVC).
|
||||
*
|
||||
* Authors: Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Authors: Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
* James Morris <jmorris@redhat.com>
|
||||
*
|
||||
* Update: KaiGai, Kohei <kaigai@ak.jp.nec.com>
|
||||
|
@ -346,27 +346,26 @@ static struct avc_xperms_decision_node
|
|||
struct avc_xperms_decision_node *xpd_node;
|
||||
struct extended_perms_decision *xpd;
|
||||
|
||||
xpd_node = kmem_cache_zalloc(avc_xperms_decision_cachep,
|
||||
GFP_ATOMIC | __GFP_NOMEMALLOC);
|
||||
xpd_node = kmem_cache_zalloc(avc_xperms_decision_cachep, GFP_NOWAIT);
|
||||
if (!xpd_node)
|
||||
return NULL;
|
||||
|
||||
xpd = &xpd_node->xpd;
|
||||
if (which & XPERMS_ALLOWED) {
|
||||
xpd->allowed = kmem_cache_zalloc(avc_xperms_data_cachep,
|
||||
GFP_ATOMIC | __GFP_NOMEMALLOC);
|
||||
GFP_NOWAIT);
|
||||
if (!xpd->allowed)
|
||||
goto error;
|
||||
}
|
||||
if (which & XPERMS_AUDITALLOW) {
|
||||
xpd->auditallow = kmem_cache_zalloc(avc_xperms_data_cachep,
|
||||
GFP_ATOMIC | __GFP_NOMEMALLOC);
|
||||
GFP_NOWAIT);
|
||||
if (!xpd->auditallow)
|
||||
goto error;
|
||||
}
|
||||
if (which & XPERMS_DONTAUDIT) {
|
||||
xpd->dontaudit = kmem_cache_zalloc(avc_xperms_data_cachep,
|
||||
GFP_ATOMIC | __GFP_NOMEMALLOC);
|
||||
GFP_NOWAIT);
|
||||
if (!xpd->dontaudit)
|
||||
goto error;
|
||||
}
|
||||
|
@ -394,8 +393,7 @@ static struct avc_xperms_node *avc_xperms_alloc(void)
|
|||
{
|
||||
struct avc_xperms_node *xp_node;
|
||||
|
||||
xp_node = kmem_cache_zalloc(avc_xperms_cachep,
|
||||
GFP_ATOMIC|__GFP_NOMEMALLOC);
|
||||
xp_node = kmem_cache_zalloc(avc_xperms_cachep, GFP_NOWAIT);
|
||||
if (!xp_node)
|
||||
return xp_node;
|
||||
INIT_LIST_HEAD(&xp_node->xpd_head);
|
||||
|
@ -548,7 +546,7 @@ static struct avc_node *avc_alloc_node(void)
|
|||
{
|
||||
struct avc_node *node;
|
||||
|
||||
node = kmem_cache_zalloc(avc_node_cachep, GFP_ATOMIC|__GFP_NOMEMALLOC);
|
||||
node = kmem_cache_zalloc(avc_node_cachep, GFP_NOWAIT);
|
||||
if (!node)
|
||||
goto out;
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* This file contains the SELinux hook function implementations.
|
||||
*
|
||||
* Authors: Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Authors: Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
* Chris Vance, <cvance@nai.com>
|
||||
* Wayne Salamon, <wsalamon@nai.com>
|
||||
* James Morris <jmorris@redhat.com>
|
||||
|
@ -815,7 +815,9 @@ static int selinux_set_mnt_opts(struct super_block *sb,
|
|||
if (!strcmp(sb->s_type->name, "debugfs") ||
|
||||
!strcmp(sb->s_type->name, "tracefs") ||
|
||||
!strcmp(sb->s_type->name, "sysfs") ||
|
||||
!strcmp(sb->s_type->name, "pstore"))
|
||||
!strcmp(sb->s_type->name, "pstore") ||
|
||||
!strcmp(sb->s_type->name, "cgroup") ||
|
||||
!strcmp(sb->s_type->name, "cgroup2"))
|
||||
sbsec->flags |= SE_SBGENFS;
|
||||
|
||||
if (!sbsec->behavior) {
|
||||
|
@ -1303,6 +1305,7 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
|
|||
case SOCK_SEQPACKET:
|
||||
return SECCLASS_UNIX_STREAM_SOCKET;
|
||||
case SOCK_DGRAM:
|
||||
case SOCK_RAW:
|
||||
return SECCLASS_UNIX_DGRAM_SOCKET;
|
||||
}
|
||||
break;
|
||||
|
@ -2317,6 +2320,7 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm,
|
|||
int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS);
|
||||
int nosuid = !mnt_may_suid(bprm->file->f_path.mnt);
|
||||
int rc;
|
||||
u32 av;
|
||||
|
||||
if (!nnp && !nosuid)
|
||||
return 0; /* neither NNP nor nosuid */
|
||||
|
@ -2325,13 +2329,32 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm,
|
|||
return 0; /* No change in credentials */
|
||||
|
||||
/*
|
||||
* The only transitions we permit under NNP or nosuid
|
||||
* are transitions to bounded SIDs, i.e. SIDs that are
|
||||
* guaranteed to only be allowed a subset of the permissions
|
||||
* of the current SID.
|
||||
* If the policy enables the nnp_nosuid_transition policy capability,
|
||||
* then we permit transitions under NNP or nosuid if the
|
||||
* policy allows the corresponding permission between
|
||||
* the old and new contexts.
|
||||
*/
|
||||
if (selinux_policycap_nnp_nosuid_transition) {
|
||||
av = 0;
|
||||
if (nnp)
|
||||
av |= PROCESS2__NNP_TRANSITION;
|
||||
if (nosuid)
|
||||
av |= PROCESS2__NOSUID_TRANSITION;
|
||||
rc = avc_has_perm(old_tsec->sid, new_tsec->sid,
|
||||
SECCLASS_PROCESS2, av, NULL);
|
||||
if (!rc)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* We also permit NNP or nosuid transitions to bounded SIDs,
|
||||
* i.e. SIDs that are guaranteed to only be allowed a subset
|
||||
* of the permissions of the current SID.
|
||||
*/
|
||||
rc = security_bounded_transition(old_tsec->sid, new_tsec->sid);
|
||||
if (rc) {
|
||||
if (!rc)
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* On failure, preserve the errno values for NNP vs nosuid.
|
||||
* NNP: Operation not permitted for caller.
|
||||
|
@ -2339,10 +2362,7 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm,
|
|||
*/
|
||||
if (nnp)
|
||||
return -EPERM;
|
||||
else
|
||||
return -EACCES;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int selinux_bprm_set_creds(struct linux_binprm *bprm)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Access vector cache interface for object managers.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SELINUX_AVC_H_
|
||||
#define _SELINUX_AVC_H_
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Access vector cache interface for the security server.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SELINUX_AVC_SS_H_
|
||||
#define _SELINUX_AVC_SS_H_
|
||||
|
|
|
@ -48,6 +48,8 @@ struct security_class_mapping secclass_map[] = {
|
|||
"setrlimit", "rlimitinh", "dyntransition", "setcurrent",
|
||||
"execmem", "execstack", "execheap", "setkeycreate",
|
||||
"setsockcreate", "getrlimit", NULL } },
|
||||
{ "process2",
|
||||
{ "nnp_transition", "nosuid_transition", NULL } },
|
||||
{ "system",
|
||||
{ "ipc_info", "syslog_read", "syslog_mod",
|
||||
"syslog_console", "module_request", "module_load", NULL } },
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* This file contains the SELinux security data structures for kernel objects.
|
||||
*
|
||||
* Author(s): Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author(s): Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
* Chris Vance, <cvance@nai.com>
|
||||
* Wayne Salamon, <wsalamon@nai.com>
|
||||
* James Morris <jmorris@redhat.com>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Security server interface.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*
|
||||
*/
|
||||
|
||||
|
@ -73,6 +73,7 @@ enum {
|
|||
POLICYDB_CAPABILITY_EXTSOCKCLASS,
|
||||
POLICYDB_CAPABILITY_ALWAYSNETWORK,
|
||||
POLICYDB_CAPABILITY_CGROUPSECLABEL,
|
||||
POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION,
|
||||
__POLICYDB_CAPABILITY_MAX
|
||||
};
|
||||
#define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAPABILITY_MAX - 1)
|
||||
|
@ -84,6 +85,7 @@ extern int selinux_policycap_openperm;
|
|||
extern int selinux_policycap_extsockclass;
|
||||
extern int selinux_policycap_alwaysnetwork;
|
||||
extern int selinux_policycap_cgroupseclabel;
|
||||
extern int selinux_policycap_nnp_nosuid_transition;
|
||||
|
||||
/*
|
||||
* type_datum properties
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the access vector table type.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
|
||||
/* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
* table is used to represent the type enforcement
|
||||
* tables.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
|
||||
/* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
* process from labeling an object with a different user
|
||||
* identity.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_CONSTRAINT_H_
|
||||
#define _SS_CONSTRAINT_H_
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
* security server and can be changed without affecting
|
||||
* clients of the security server.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_CONTEXT_H_
|
||||
#define _SS_CONTEXT_H_
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the extensible bitmap type.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
/*
|
||||
* Updated: Hewlett-Packard <paul@paul-moore.com>
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* an explicitly specified starting bit position within
|
||||
* the total bitmap.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_EBITMAP_H_
|
||||
#define _SS_EBITMAP_H_
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the hash table type.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/slab.h>
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
* functions for hash computation and key comparison are
|
||||
* provided by the creator of the table.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_HASHTAB_H_
|
||||
#define _SS_HASHTAB_H_
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the multi-level security (MLS) policy.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
/*
|
||||
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Multi-level security (MLS) policy operations.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
/*
|
||||
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Type definitions for the multi-level security (MLS) policy.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
/*
|
||||
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the policy database.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
|
||||
/*
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
* A policy database (policydb) specifies the
|
||||
* configuration data for the security policy.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
|
||||
/*
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the security services.
|
||||
*
|
||||
* Authors : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Authors : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
* James Morris <jmorris@redhat.com>
|
||||
*
|
||||
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
||||
|
@ -76,7 +76,8 @@ char *selinux_policycap_names[__POLICYDB_CAPABILITY_MAX] = {
|
|||
"open_perms",
|
||||
"extended_socket_class",
|
||||
"always_check_network",
|
||||
"cgroup_seclabel"
|
||||
"cgroup_seclabel",
|
||||
"nnp_nosuid_transition"
|
||||
};
|
||||
|
||||
int selinux_policycap_netpeer;
|
||||
|
@ -84,6 +85,7 @@ int selinux_policycap_openperm;
|
|||
int selinux_policycap_extsockclass;
|
||||
int selinux_policycap_alwaysnetwork;
|
||||
int selinux_policycap_cgroupseclabel;
|
||||
int selinux_policycap_nnp_nosuid_transition;
|
||||
|
||||
static DEFINE_RWLOCK(policy_rwlock);
|
||||
|
||||
|
@ -2009,6 +2011,9 @@ static void security_load_policycaps(void)
|
|||
selinux_policycap_cgroupseclabel =
|
||||
ebitmap_get_bit(&policydb.policycaps,
|
||||
POLICYDB_CAPABILITY_CGROUPSECLABEL);
|
||||
selinux_policycap_nnp_nosuid_transition =
|
||||
ebitmap_get_bit(&policydb.policycaps,
|
||||
POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION);
|
||||
|
||||
for (i = 0; i < ARRAY_SIZE(selinux_policycap_names); i++)
|
||||
pr_info("SELinux: policy capability %s=%d\n",
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the security services.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_SERVICES_H_
|
||||
#define _SS_SERVICES_H_
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the SID table type.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/slab.h>
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
* A security identifier table (sidtab) is a hash table
|
||||
* of security context structures indexed by SID value.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_SIDTAB_H_
|
||||
#define _SS_SIDTAB_H_
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* Implementation of the symbol table type.
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/string.h>
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
* is arbitrary. The symbol table type is implemented
|
||||
* using the hash table type (hashtab).
|
||||
*
|
||||
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
||||
* Author : Stephen Smalley, <sds@tycho.nsa.gov>
|
||||
*/
|
||||
#ifndef _SS_SYMTAB_H_
|
||||
#define _SS_SYMTAB_H_
|
||||
|
|
Loading…
Reference in New Issue