Commit 1dbae189 authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'selinux-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux updates from Paul Moore:
 "Thirty three SELinux patches, which is a pretty big number for us, but
  there isn't really anything scary in here; in fact we actually manage
  to remove 10 lines of code with this :)

   - Promote the SELinux DEBUG_HASHES macro to CONFIG_SECURITY_SELINUX_DEBUG

     The DEBUG_HASHES macro was a buried SELinux specific preprocessor
     debug macro that was a problem waiting to happen. Promoting the
     debug macro to a proper Kconfig setting should help both improve
     the visibility of the feature as well enable improved test
     coverage. We've moved some additional debug functions under the
     CONFIG_SECURITY_SELINUX_DEBUG flag and we may see more work in the
     future.

   - Emit a pr_notice() message if virtual memory is executable by default

     As this impacts the SELinux access control policy enforcement, if
     the system's configuration is such that virtual memory is
     executable by default we print a single line notice to the console.

   - Drop avtab_search() in favor of avtab_search_node()

     Both functions are nearly identical so we removed avtab_search()
     and converted the callers to avtab_search_node().

   - Add some SELinux network auditing helpers

     The helpers not only reduce a small amount of code duplication, but
     they provide an opportunity to improve UDP flood performance
     slightly by delaying initialization of the audit data in some
     cases.

   - Convert GFP_ATOMIC allocators to GFP_KERNEL when reading SELinux policy

     There were two SELinux policy load helper functions that were
     allocating memory using GFP_ATOMIC, they have been converted to
     GFP_KERNEL.

   - Quiet a KMSAN warning in selinux_inet_conn_request()

     A one-line error path (re)set patch that resolves a KMSAN warning.
     It is important to note that this doesn't represent a real bug in
     the current code, but it quiets KMSAN and arguably hardens the code
     against future changes.

   - Cleanup the policy capability accessor functions

     This is a follow-up to the patch which reverted SELinux to using a
     global selinux_state pointer. This patch cleans up some artifacts
     of that change and turns each accessor into a one-line READ_ONCE()
     call into the policy capabilities array.

   - A number of patches from Christian Göttsche

     Christian submitted almost two-thirds of the patches in this pull
     request as he worked to harden the SELinux code against type
     differences, variable overflows, etc.

   - Support for separating early userspace from the kernel in policy,
     with a later revert

     We did have a patch that added a new userspace initial SID which
     would allow SELinux to distinguish between early user processes
     created before the initial policy load and the kernel itself.

     Unfortunately additional post-merge testing revealed a problematic
     interaction with an old SELinux userspace on an old version of
     Ubuntu so we've reverted the patch until we can resolve the
     compatibility issue.

   - Remove some outdated comments dealing with LSM hook registration

     When we removed the runtime disable functionality we forgot to
     remove some old comments discussing the importance of LSM hook
     registration ordering.

   - Minor administrative changes

     Stephen Smalley updated his email address and "debranded" SELinux
     from "NSA SELinux" to simply "SELinux". We've come a long way from
     the original NSA submission and I would consider SELinux a true
     community project at this point so removing the NSA branding just
     makes sense"

* tag 'selinux-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: (33 commits)
  selinux: prevent KMSAN warning in selinux_inet_conn_request()
  selinux: use unsigned iterator in nlmsgtab code
  selinux: avoid implicit conversions in policydb code
  selinux: avoid implicit conversions in selinuxfs code
  selinux: make left shifts well defined
  selinux: update type for number of class permissions in services code
  selinux: avoid implicit conversions in avtab code
  selinux: revert SECINITSID_INIT support
  selinux: use GFP_KERNEL while reading binary policy
  selinux: update comment on selinux_hooks[]
  selinux: avoid implicit conversions in services code
  selinux: avoid implicit conversions in mls code
  selinux: use identical iterator type in hashtab_duplicate()
  selinux: move debug functions into debug configuration
  selinux: log about VM being executable by default
  selinux: fix a 0/NULL mistmatch in ad_net_init_from_iif()
  selinux: introduce SECURITY_SELINUX_DEBUG configuration
  selinux: introduce and use lsm_ad_net_init*() helpers
  selinux: update my email address
  selinux: add missing newlines in pr_err() statements
  ...
parents 3ea67c4f 1df83cbf
# SPDX-License-Identifier: GPL-2.0-only # SPDX-License-Identifier: GPL-2.0-only
config SECURITY_SELINUX config SECURITY_SELINUX
bool "NSA SELinux Support" bool "SELinux Support"
depends on SECURITY_NETWORK && AUDIT && NET && INET depends on SECURITY_NETWORK && AUDIT && NET && INET
select NETWORK_SECMARK select NETWORK_SECMARK
default n default n
help help
This selects NSA Security-Enhanced Linux (SELinux). This selects Security-Enhanced Linux (SELinux).
You will also need a policy configuration and a labeled filesystem. You will also need a policy configuration and a labeled filesystem.
If you are unsure how to answer this question, answer N. If you are unsure how to answer this question, answer N.
config SECURITY_SELINUX_BOOTPARAM config SECURITY_SELINUX_BOOTPARAM
bool "NSA SELinux boot parameter" bool "SELinux boot parameter"
depends on SECURITY_SELINUX depends on SECURITY_SELINUX
default n default n
help help
...@@ -24,11 +24,11 @@ config SECURITY_SELINUX_BOOTPARAM ...@@ -24,11 +24,11 @@ config SECURITY_SELINUX_BOOTPARAM
If you are unsure how to answer this question, answer N. If you are unsure how to answer this question, answer N.
config SECURITY_SELINUX_DEVELOP config SECURITY_SELINUX_DEVELOP
bool "NSA SELinux Development Support" bool "SELinux Development Support"
depends on SECURITY_SELINUX depends on SECURITY_SELINUX
default y default y
help help
This enables the development support option of NSA SELinux, This enables the development support option of SELinux,
which is useful for experimenting with SELinux and developing which is useful for experimenting with SELinux and developing
policies. If unsure, say Y. With this option enabled, the policies. If unsure, say Y. With this option enabled, the
kernel will start in permissive mode (log everything, deny nothing) kernel will start in permissive mode (log everything, deny nothing)
...@@ -38,7 +38,7 @@ config SECURITY_SELINUX_DEVELOP ...@@ -38,7 +38,7 @@ config SECURITY_SELINUX_DEVELOP
/sys/fs/selinux/enforce. /sys/fs/selinux/enforce.
config SECURITY_SELINUX_AVC_STATS config SECURITY_SELINUX_AVC_STATS
bool "NSA SELinux AVC Statistics" bool "SELinux AVC Statistics"
depends on SECURITY_SELINUX depends on SECURITY_SELINUX
default y default y
help help
...@@ -47,7 +47,7 @@ config SECURITY_SELINUX_AVC_STATS ...@@ -47,7 +47,7 @@ config SECURITY_SELINUX_AVC_STATS
tools such as avcstat. tools such as avcstat.
config SECURITY_SELINUX_SIDTAB_HASH_BITS config SECURITY_SELINUX_SIDTAB_HASH_BITS
int "NSA SELinux sidtab hashtable size" int "SELinux sidtab hashtable size"
depends on SECURITY_SELINUX depends on SECURITY_SELINUX
range 8 13 range 8 13
default 9 default 9
...@@ -59,7 +59,7 @@ config SECURITY_SELINUX_SIDTAB_HASH_BITS ...@@ -59,7 +59,7 @@ config SECURITY_SELINUX_SIDTAB_HASH_BITS
will ensure that lookups times are short and stable. will ensure that lookups times are short and stable.
config SECURITY_SELINUX_SID2STR_CACHE_SIZE config SECURITY_SELINUX_SID2STR_CACHE_SIZE
int "NSA SELinux SID to context string translation cache size" int "SELinux SID to context string translation cache size"
depends on SECURITY_SELINUX depends on SECURITY_SELINUX
default 256 default 256
help help
...@@ -68,3 +68,12 @@ config SECURITY_SELINUX_SID2STR_CACHE_SIZE ...@@ -68,3 +68,12 @@ config SECURITY_SELINUX_SID2STR_CACHE_SIZE
conversion. Setting this option to 0 disables the cache completely. conversion. Setting this option to 0 disables the cache completely.
If unsure, keep the default value. If unsure, keep the default value.
config SECURITY_SELINUX_DEBUG
bool "SELinux kernel debugging support"
depends on SECURITY_SELINUX
default n
help
This enables debugging code designed to help SELinux kernel
developers, unless you know what this does in the kernel code you
should leave this disabled.
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the kernel access vector cache (AVC). * Implementation of the kernel access vector cache (AVC).
* *
* Authors: Stephen Smalley, <sds@tycho.nsa.gov> * Authors: Stephen Smalley, <stephen.smalley.work@gmail.com>
* James Morris <jmorris@redhat.com> * James Morris <jmorris@redhat.com>
* *
* Update: KaiGai, Kohei <kaigai@ak.jp.nec.com> * Update: KaiGai, Kohei <kaigai@ak.jp.nec.com>
...@@ -122,7 +122,7 @@ static struct kmem_cache *avc_xperms_data_cachep __ro_after_init; ...@@ -122,7 +122,7 @@ static struct kmem_cache *avc_xperms_data_cachep __ro_after_init;
static struct kmem_cache *avc_xperms_decision_cachep __ro_after_init; static struct kmem_cache *avc_xperms_decision_cachep __ro_after_init;
static struct kmem_cache *avc_xperms_cachep __ro_after_init; static struct kmem_cache *avc_xperms_cachep __ro_after_init;
static inline int avc_hash(u32 ssid, u32 tsid, u16 tclass) static inline u32 avc_hash(u32 ssid, u32 tsid, u16 tclass)
{ {
return (ssid ^ (tsid<<2) ^ (tclass<<4)) & (AVC_CACHE_SLOTS - 1); return (ssid ^ (tsid<<2) ^ (tclass<<4)) & (AVC_CACHE_SLOTS - 1);
} }
...@@ -523,7 +523,7 @@ static void avc_node_populate(struct avc_node *node, u32 ssid, u32 tsid, u16 tcl ...@@ -523,7 +523,7 @@ static void avc_node_populate(struct avc_node *node, u32 ssid, u32 tsid, u16 tcl
static inline struct avc_node *avc_search_node(u32 ssid, u32 tsid, u16 tclass) static inline struct avc_node *avc_search_node(u32 ssid, u32 tsid, u16 tclass)
{ {
struct avc_node *node, *ret = NULL; struct avc_node *node, *ret = NULL;
int hvalue; u32 hvalue;
struct hlist_head *head; struct hlist_head *head;
hvalue = avc_hash(ssid, tsid, tclass); hvalue = avc_hash(ssid, tsid, tclass);
...@@ -566,7 +566,7 @@ static struct avc_node *avc_lookup(u32 ssid, u32 tsid, u16 tclass) ...@@ -566,7 +566,7 @@ static struct avc_node *avc_lookup(u32 ssid, u32 tsid, u16 tclass)
return NULL; return NULL;
} }
static int avc_latest_notif_update(int seqno, int is_insert) static int avc_latest_notif_update(u32 seqno, int is_insert)
{ {
int ret = 0; int ret = 0;
static DEFINE_SPINLOCK(notif_lock); static DEFINE_SPINLOCK(notif_lock);
...@@ -609,7 +609,7 @@ static void avc_insert(u32 ssid, u32 tsid, u16 tclass, ...@@ -609,7 +609,7 @@ static void avc_insert(u32 ssid, u32 tsid, u16 tclass,
struct av_decision *avd, struct avc_xperms_node *xp_node) struct av_decision *avd, struct avc_xperms_node *xp_node)
{ {
struct avc_node *pos, *node = NULL; struct avc_node *pos, *node = NULL;
int hvalue; u32 hvalue;
unsigned long flag; unsigned long flag;
spinlock_t *lock; spinlock_t *lock;
struct hlist_head *head; struct hlist_head *head;
...@@ -654,9 +654,9 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) ...@@ -654,9 +654,9 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
{ {
struct common_audit_data *ad = a; struct common_audit_data *ad = a;
struct selinux_audit_data *sad = ad->selinux_audit_data; struct selinux_audit_data *sad = ad->selinux_audit_data;
u32 av = sad->audited; u32 av = sad->audited, perm;
const char *const *perms; const char *const *perms;
int i, perm; u32 i;
audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted");
...@@ -833,7 +833,8 @@ static int avc_update_node(u32 event, u32 perms, u8 driver, u8 xperm, u32 ssid, ...@@ -833,7 +833,8 @@ static int avc_update_node(u32 event, u32 perms, u8 driver, u8 xperm, u32 ssid,
struct extended_perms_decision *xpd, struct extended_perms_decision *xpd,
u32 flags) u32 flags)
{ {
int hvalue, rc = 0; u32 hvalue;
int rc = 0;
unsigned long flag; unsigned long flag;
struct avc_node *pos, *node, *orig = NULL; struct avc_node *pos, *node, *orig = NULL;
struct hlist_head *head; struct hlist_head *head;
......
// SPDX-License-Identifier: GPL-2.0-only // SPDX-License-Identifier: GPL-2.0-only
/* /*
* NSA Security-Enhanced Linux (SELinux) security module * Security-Enhanced Linux (SELinux) security module
* *
* This file contains the SELinux hook function implementations. * This file contains the SELinux hook function implementations.
* *
* Authors: Stephen Smalley, <sds@tycho.nsa.gov> * Authors: Stephen Smalley, <stephen.smalley.work@gmail.com>
* Chris Vance, <cvance@nai.com> * Chris Vance, <cvance@nai.com>
* Wayne Salamon, <wsalamon@nai.com> * Wayne Salamon, <wsalamon@nai.com>
* James Morris <jmorris@redhat.com> * James Morris <jmorris@redhat.com>
...@@ -224,6 +224,31 @@ static inline u32 cred_sid(const struct cred *cred) ...@@ -224,6 +224,31 @@ static inline u32 cred_sid(const struct cred *cred)
return tsec->sid; return tsec->sid;
} }
static void __ad_net_init(struct common_audit_data *ad,
struct lsm_network_audit *net,
int ifindex, struct sock *sk, u16 family)
{
ad->type = LSM_AUDIT_DATA_NET;
ad->u.net = net;
net->netif = ifindex;
net->sk = sk;
net->family = family;
}
static void ad_net_init_from_sk(struct common_audit_data *ad,
struct lsm_network_audit *net,
struct sock *sk)
{
__ad_net_init(ad, net, 0, sk, 0);
}
static void ad_net_init_from_iif(struct common_audit_data *ad,
struct lsm_network_audit *net,
int ifindex, u16 family)
{
__ad_net_init(ad, net, ifindex, NULL, family);
}
/* /*
* get the objective security ID of a task * get the objective security ID of a task
*/ */
...@@ -1125,7 +1150,7 @@ static inline int default_protocol_dgram(int protocol) ...@@ -1125,7 +1150,7 @@ static inline int default_protocol_dgram(int protocol)
static inline u16 socket_type_to_security_class(int family, int type, int protocol) static inline u16 socket_type_to_security_class(int family, int type, int protocol)
{ {
int extsockclass = selinux_policycap_extsockclass(); bool extsockclass = selinux_policycap_extsockclass();
switch (family) { switch (family) {
case PF_UNIX: case PF_UNIX:
...@@ -2938,7 +2963,7 @@ static int selinux_inode_init_security_anon(struct inode *inode, ...@@ -2938,7 +2963,7 @@ static int selinux_inode_init_security_anon(struct inode *inode,
struct inode_security_struct *context_isec = struct inode_security_struct *context_isec =
selinux_inode(context_inode); selinux_inode(context_inode);
if (context_isec->initialized != LABEL_INITIALIZED) { if (context_isec->initialized != LABEL_INITIALIZED) {
pr_err("SELinux: context_inode is not initialized"); pr_err("SELinux: context_inode is not initialized\n");
return -EACCES; return -EACCES;
} }
...@@ -4517,14 +4542,12 @@ static int sock_has_perm(struct sock *sk, u32 perms) ...@@ -4517,14 +4542,12 @@ static int sock_has_perm(struct sock *sk, u32 perms)
{ {
struct sk_security_struct *sksec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
if (sksec->sid == SECINITSID_KERNEL) if (sksec->sid == SECINITSID_KERNEL)
return 0; return 0;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_sk(&ad, &net, sk);
ad.u.net = &net;
ad.u.net->sk = sk;
return avc_has_perm(current_sid(), sksec->sid, sksec->sclass, perms, return avc_has_perm(current_sid(), sksec->sid, sksec->sclass, perms,
&ad); &ad);
...@@ -4917,12 +4940,10 @@ static int selinux_socket_unix_stream_connect(struct sock *sock, ...@@ -4917,12 +4940,10 @@ static int selinux_socket_unix_stream_connect(struct sock *sock,
struct sk_security_struct *sksec_other = other->sk_security; struct sk_security_struct *sksec_other = other->sk_security;
struct sk_security_struct *sksec_new = newsk->sk_security; struct sk_security_struct *sksec_new = newsk->sk_security;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
int err; int err;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_sk(&ad, &net, other);
ad.u.net = &net;
ad.u.net->sk = other;
err = avc_has_perm(sksec_sock->sid, sksec_other->sid, err = avc_has_perm(sksec_sock->sid, sksec_other->sid,
sksec_other->sclass, sksec_other->sclass,
...@@ -4949,11 +4970,9 @@ static int selinux_socket_unix_may_send(struct socket *sock, ...@@ -4949,11 +4970,9 @@ static int selinux_socket_unix_may_send(struct socket *sock,
struct sk_security_struct *ssec = sock->sk->sk_security; struct sk_security_struct *ssec = sock->sk->sk_security;
struct sk_security_struct *osec = other->sk->sk_security; struct sk_security_struct *osec = other->sk->sk_security;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_sk(&ad, &net, other->sk);
ad.u.net = &net;
ad.u.net->sk = other->sk;
return avc_has_perm(ssec->sid, osec->sid, osec->sclass, SOCKET__SENDTO, return avc_has_perm(ssec->sid, osec->sid, osec->sclass, SOCKET__SENDTO,
&ad); &ad);
...@@ -4989,13 +5008,10 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, ...@@ -4989,13 +5008,10 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb,
struct sk_security_struct *sksec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
u32 sk_sid = sksec->sid; u32 sk_sid = sksec->sid;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
char *addrp; char *addrp;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_iif(&ad, &net, skb->skb_iif, family);
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
ad.u.net->family = family;
err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL);
if (err) if (err)
return err; return err;
...@@ -5017,15 +5033,13 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, ...@@ -5017,15 +5033,13 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb,
static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
{ {
int err; int err, peerlbl_active, secmark_active;
struct sk_security_struct *sksec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
u16 family = sk->sk_family; u16 family = sk->sk_family;
u32 sk_sid = sksec->sid; u32 sk_sid = sksec->sid;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
char *addrp; char *addrp;
u8 secmark_active;
u8 peerlbl_active;
if (family != PF_INET && family != PF_INET6) if (family != PF_INET && family != PF_INET6)
return 0; return 0;
...@@ -5046,10 +5060,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) ...@@ -5046,10 +5060,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
if (!secmark_active && !peerlbl_active) if (!secmark_active && !peerlbl_active)
return 0; return 0;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_iif(&ad, &net, skb->skb_iif, family);
ad.u.net = &net;
ad.u.net->netif = skb->skb_iif;
ad.u.net->family = family;
err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL);
if (err) if (err)
return err; return err;
...@@ -5219,7 +5230,7 @@ static int selinux_sctp_process_new_assoc(struct sctp_association *asoc, ...@@ -5219,7 +5230,7 @@ static int selinux_sctp_process_new_assoc(struct sctp_association *asoc,
u16 family = sk->sk_family; u16 family = sk->sk_family;
struct sk_security_struct *sksec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
int err; int err;
/* handle mapped IPv4 packets arriving via IPv6 sockets */ /* handle mapped IPv4 packets arriving via IPv6 sockets */
...@@ -5255,9 +5266,7 @@ static int selinux_sctp_process_new_assoc(struct sctp_association *asoc, ...@@ -5255,9 +5266,7 @@ static int selinux_sctp_process_new_assoc(struct sctp_association *asoc,
/* Other association peer SIDs are checked to enforce /* Other association peer SIDs are checked to enforce
* consistency among the peer SIDs. * consistency among the peer SIDs.
*/ */
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_sk(&ad, &net, asoc->base.sk);
ad.u.net = &net;
ad.u.net->sk = asoc->base.sk;
err = avc_has_perm(sksec->peer_sid, asoc->peer_secid, err = avc_has_perm(sksec->peer_sid, asoc->peer_secid,
sksec->sclass, SCTP_SOCKET__ASSOCIATION, sksec->sclass, SCTP_SOCKET__ASSOCIATION,
&ad); &ad);
...@@ -5488,11 +5497,11 @@ static void selinux_inet_conn_established(struct sock *sk, struct sk_buff *skb) ...@@ -5488,11 +5497,11 @@ static void selinux_inet_conn_established(struct sock *sk, struct sk_buff *skb)
static int selinux_secmark_relabel_packet(u32 sid) static int selinux_secmark_relabel_packet(u32 sid)
{ {
const struct task_security_struct *__tsec; const struct task_security_struct *tsec;
u32 tsid; u32 tsid;
__tsec = selinux_cred(current_cred()); tsec = selinux_cred(current_cred());
tsid = __tsec->sid; tsid = tsec->sid;
return avc_has_perm(tsid, sid, SECCLASS_PACKET, PACKET__RELABELTO, return avc_has_perm(tsid, sid, SECCLASS_PACKET, PACKET__RELABELTO,
NULL); NULL);
...@@ -5602,7 +5611,7 @@ static unsigned int selinux_ip_forward(void *priv, struct sk_buff *skb, ...@@ -5602,7 +5611,7 @@ static unsigned int selinux_ip_forward(void *priv, struct sk_buff *skb,
char *addrp; char *addrp;
u32 peer_sid; u32 peer_sid;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
int secmark_active, peerlbl_active; int secmark_active, peerlbl_active;
if (!selinux_policycap_netpeer()) if (!selinux_policycap_netpeer())
...@@ -5618,10 +5627,7 @@ static unsigned int selinux_ip_forward(void *priv, struct sk_buff *skb, ...@@ -5618,10 +5627,7 @@ static unsigned int selinux_ip_forward(void *priv, struct sk_buff *skb,
return NF_DROP; return NF_DROP;
ifindex = state->in->ifindex; ifindex = state->in->ifindex;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_iif(&ad, &net, ifindex, family);
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
if (selinux_parse_skb(skb, &ad, &addrp, 1, NULL) != 0) if (selinux_parse_skb(skb, &ad, &addrp, 1, NULL) != 0)
return NF_DROP; return NF_DROP;
...@@ -5701,7 +5707,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, ...@@ -5701,7 +5707,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb,
struct sock *sk; struct sock *sk;
struct sk_security_struct *sksec; struct sk_security_struct *sksec;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
u8 proto = 0; u8 proto = 0;
sk = skb_to_full_sk(skb); sk = skb_to_full_sk(skb);
...@@ -5709,10 +5715,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, ...@@ -5709,10 +5715,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb,
return NF_ACCEPT; return NF_ACCEPT;
sksec = sk->sk_security; sksec = sk->sk_security;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_iif(&ad, &net, state->out->ifindex, state->pf);
ad.u.net = &net;
ad.u.net->netif = state->out->ifindex;
ad.u.net->family = state->pf;
if (selinux_parse_skb(skb, &ad, NULL, 0, &proto)) if (selinux_parse_skb(skb, &ad, NULL, 0, &proto))
return NF_DROP; return NF_DROP;
...@@ -5737,7 +5740,7 @@ static unsigned int selinux_ip_postroute(void *priv, ...@@ -5737,7 +5740,7 @@ static unsigned int selinux_ip_postroute(void *priv,
int ifindex; int ifindex;
struct sock *sk; struct sock *sk;
struct common_audit_data ad; struct common_audit_data ad;
struct lsm_network_audit net = {0,}; struct lsm_network_audit net;
char *addrp; char *addrp;
int secmark_active, peerlbl_active; int secmark_active, peerlbl_active;
...@@ -5834,10 +5837,7 @@ static unsigned int selinux_ip_postroute(void *priv, ...@@ -5834,10 +5837,7 @@ static unsigned int selinux_ip_postroute(void *priv,
} }
ifindex = state->out->ifindex; ifindex = state->out->ifindex;
ad.type = LSM_AUDIT_DATA_NET; ad_net_init_from_iif(&ad, &net, ifindex, family);
ad.u.net = &net;
ad.u.net->netif = ifindex;
ad.u.net->family = family;
if (selinux_parse_skb(skb, &ad, &addrp, 0, NULL)) if (selinux_parse_skb(skb, &ad, &addrp, 0, NULL))
return NF_DROP; return NF_DROP;
...@@ -5990,8 +5990,7 @@ static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg) ...@@ -5990,8 +5990,7 @@ static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg)
static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd)
{ {
int err; u32 perms;
int perms;
switch (cmd) { switch (cmd) {
case IPC_INFO: case IPC_INFO:
...@@ -6014,8 +6013,7 @@ static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) ...@@ -6014,8 +6013,7 @@ static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd)
return 0; return 0;
} }
err = ipc_has_perm(msq, perms); return ipc_has_perm(msq, perms);
return err;
} }
static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *msg, int msqflg) static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *msg, int msqflg)
...@@ -6120,8 +6118,7 @@ static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg) ...@@ -6120,8 +6118,7 @@ static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg)
/* Note, at this point, shp is locked down */ /* Note, at this point, shp is locked down */
static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd) static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd)
{ {
int perms; u32 perms;
int err;
switch (cmd) { switch (cmd) {
case IPC_INFO: case IPC_INFO:
...@@ -6148,8 +6145,7 @@ static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd) ...@@ -6148,8 +6145,7 @@ static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd)
return 0; return 0;
} }
err = ipc_has_perm(shp, perms); return ipc_has_perm(shp, perms);
return err;
} }
static int selinux_shm_shmat(struct kern_ipc_perm *shp, static int selinux_shm_shmat(struct kern_ipc_perm *shp,
...@@ -6918,7 +6914,7 @@ static int selinux_uring_override_creds(const struct cred *new) ...@@ -6918,7 +6914,7 @@ static int selinux_uring_override_creds(const struct cred *new)
*/ */
static int selinux_uring_sqpoll(void) static int selinux_uring_sqpoll(void)
{ {
int sid = current_sid(); u32 sid = current_sid();
return avc_has_perm(sid, sid, return avc_has_perm(sid, sid,
SECCLASS_IO_URING, IO_URING__SQPOLL, NULL); SECCLASS_IO_URING, IO_URING__SQPOLL, NULL);
...@@ -6957,10 +6953,6 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd) ...@@ -6957,10 +6953,6 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd)
* hooks ("allocating" hooks). * hooks ("allocating" hooks).
* *
* Please follow block comment delimiters in the list to keep this order. * Please follow block comment delimiters in the list to keep this order.
*
* This ordering is needed for SELinux runtime disable to work at least somewhat
* safely. Breaking the ordering rules above might lead to NULL pointer derefs
* when disabling SELinux at runtime.
*/ */
static struct security_hook_list selinux_hooks[] __ro_after_init = { static struct security_hook_list selinux_hooks[] __ro_after_init = {
LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr),
...@@ -7260,6 +7252,8 @@ static __init int selinux_init(void) ...@@ -7260,6 +7252,8 @@ static __init int selinux_init(void)
cred_init_security(); cred_init_security();
default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC); default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC);
if (!default_noexec)
pr_notice("SELinux: virtual memory is executable by default\n");
avc_init(); avc_init();
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Access vector cache interface for object managers. * Access vector cache interface for object managers.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SELINUX_AVC_H_ #ifndef _SELINUX_AVC_H_
#define _SELINUX_AVC_H_ #define _SELINUX_AVC_H_
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Access vector cache interface for the security server. * Access vector cache interface for the security server.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SELINUX_AVC_SS_H_ #ifndef _SELINUX_AVC_SS_H_
#define _SELINUX_AVC_SS_H_ #define _SELINUX_AVC_SS_H_
......
/* SPDX-License-Identifier: GPL-2.0-only */ /* SPDX-License-Identifier: GPL-2.0-only */
/* /*
* NSA Security-Enhanced Linux (SELinux) security module * Security-Enhanced Linux (SELinux) security module
* *
* This file contains the SELinux security data structures for kernel objects. * This file contains the SELinux security data structures for kernel objects.
* *
* Author(s): Stephen Smalley, <sds@tycho.nsa.gov> * Author(s): Stephen Smalley, <stephen.smalley.work@gmail.com>
* Chris Vance, <cvance@nai.com> * Chris Vance, <cvance@nai.com>
* Wayne Salamon, <wsalamon@nai.com> * Wayne Salamon, <wsalamon@nai.com>
* James Morris <jmorris@redhat.com> * James Morris <jmorris@redhat.com>
......
...@@ -13,7 +13,7 @@ const char *const selinux_policycap_names[__POLICYDB_CAP_MAX] = { ...@@ -13,7 +13,7 @@ const char *const selinux_policycap_names[__POLICYDB_CAP_MAX] = {
"cgroup_seclabel", "cgroup_seclabel",
"nnp_nosuid_transition", "nnp_nosuid_transition",
"genfs_seclabel_symlinks", "genfs_seclabel_symlinks",
"ioctl_skip_cloexec" "ioctl_skip_cloexec",
}; };
#endif /* _SELINUX_POLICYCAP_NAMES_H_ */ #endif /* _SELINUX_POLICYCAP_NAMES_H_ */
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Security server interface. * Security server interface.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
* *
*/ */
...@@ -148,58 +148,45 @@ static inline bool checkreqprot_get(void) ...@@ -148,58 +148,45 @@ static inline bool checkreqprot_get(void)
static inline bool selinux_policycap_netpeer(void) static inline bool selinux_policycap_netpeer(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(selinux_state.policycap[POLICYDB_CAP_NETPEER]);
return READ_ONCE(state->policycap[POLICYDB_CAP_NETPEER]);
} }
static inline bool selinux_policycap_openperm(void) static inline bool selinux_policycap_openperm(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(selinux_state.policycap[POLICYDB_CAP_OPENPERM]);
return READ_ONCE(state->policycap[POLICYDB_CAP_OPENPERM]);
} }
static inline bool selinux_policycap_extsockclass(void) static inline bool selinux_policycap_extsockclass(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(selinux_state.policycap[POLICYDB_CAP_EXTSOCKCLASS]);
return READ_ONCE(state->policycap[POLICYDB_CAP_EXTSOCKCLASS]);
} }
static inline bool selinux_policycap_alwaysnetwork(void) static inline bool selinux_policycap_alwaysnetwork(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(selinux_state.policycap[POLICYDB_CAP_ALWAYSNETWORK]);
return READ_ONCE(state->policycap[POLICYDB_CAP_ALWAYSNETWORK]);
} }
static inline bool selinux_policycap_cgroupseclabel(void) static inline bool selinux_policycap_cgroupseclabel(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(selinux_state.policycap[POLICYDB_CAP_CGROUPSECLABEL]);
return READ_ONCE(state->policycap[POLICYDB_CAP_CGROUPSECLABEL]);
} }
static inline bool selinux_policycap_nnp_nosuid_transition(void) static inline bool selinux_policycap_nnp_nosuid_transition(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(
selinux_state.policycap[POLICYDB_CAP_NNP_NOSUID_TRANSITION]);
return READ_ONCE(state->policycap[POLICYDB_CAP_NNP_NOSUID_TRANSITION]);
} }
static inline bool selinux_policycap_genfs_seclabel_symlinks(void) static inline bool selinux_policycap_genfs_seclabel_symlinks(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(
selinux_state.policycap[POLICYDB_CAP_GENFS_SECLABEL_SYMLINKS]);
return READ_ONCE(state->policycap[POLICYDB_CAP_GENFS_SECLABEL_SYMLINKS]);
} }
static inline bool selinux_policycap_ioctl_skip_cloexec(void) static inline bool selinux_policycap_ioctl_skip_cloexec(void)
{ {
struct selinux_state *state = &selinux_state; return READ_ONCE(
selinux_state.policycap[POLICYDB_CAP_IOCTL_SKIP_CLOEXEC]);
return READ_ONCE(state->policycap[POLICYDB_CAP_IOCTL_SKIP_CLOEXEC]);
} }
struct selinux_policy_convert_data; struct selinux_policy_convert_data;
...@@ -319,9 +306,9 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, ...@@ -319,9 +306,9 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type,
u32 *peer_sid); u32 *peer_sid);
int security_get_classes(struct selinux_policy *policy, int security_get_classes(struct selinux_policy *policy,
char ***classes, int *nclasses); char ***classes, u32 *nclasses);
int security_get_permissions(struct selinux_policy *policy, int security_get_permissions(struct selinux_policy *policy,
char *class, char ***perms, int *nperms); const char *class, char ***perms, u32 *nperms);
int security_get_reject_unknown(void); int security_get_reject_unknown(void);
int security_get_allow_unknown(void); int security_get_allow_unknown(void);
...@@ -382,8 +369,8 @@ struct selinux_kernel_status { ...@@ -382,8 +369,8 @@ struct selinux_kernel_status {
*/ */
} __packed; } __packed;
extern void selinux_status_update_setenforce(int enforcing); extern void selinux_status_update_setenforce(bool enforcing);
extern void selinux_status_update_policyload(int seqno); extern void selinux_status_update_policyload(u32 seqno);
extern void selinux_complete_init(void); extern void selinux_complete_init(void);
extern struct path selinux_null; extern struct path selinux_null;
extern void selnl_notify_setenforce(int val); extern void selnl_notify_setenforce(int val);
......
...@@ -67,7 +67,7 @@ static inline u32 sel_netif_hashfn(const struct net *ns, int ifindex) ...@@ -67,7 +67,7 @@ static inline u32 sel_netif_hashfn(const struct net *ns, int ifindex)
static inline struct sel_netif *sel_netif_find(const struct net *ns, static inline struct sel_netif *sel_netif_find(const struct net *ns,
int ifindex) int ifindex)
{ {
int idx = sel_netif_hashfn(ns, ifindex); u32 idx = sel_netif_hashfn(ns, ifindex);
struct sel_netif *netif; struct sel_netif *netif;
list_for_each_entry_rcu(netif, &sel_netif_hash[idx], list) list_for_each_entry_rcu(netif, &sel_netif_hash[idx], list)
...@@ -89,7 +89,7 @@ static inline struct sel_netif *sel_netif_find(const struct net *ns, ...@@ -89,7 +89,7 @@ static inline struct sel_netif *sel_netif_find(const struct net *ns,
*/ */
static int sel_netif_insert(struct sel_netif *netif) static int sel_netif_insert(struct sel_netif *netif)
{ {
int idx; u32 idx;
if (sel_netif_total >= SEL_NETIF_HASH_MAX) if (sel_netif_total >= SEL_NETIF_HASH_MAX)
return -ENOSPC; return -ENOSPC;
......
...@@ -198,6 +198,7 @@ int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, ...@@ -198,6 +198,7 @@ int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
struct netlbl_lsm_secattr secattr; struct netlbl_lsm_secattr secattr;
if (!netlbl_enabled()) { if (!netlbl_enabled()) {
*type = NETLBL_NLTYPE_NONE;
*sid = SECSID_NULL; *sid = SECSID_NULL;
return 0; return 0;
} }
......
...@@ -153,7 +153,8 @@ static const struct nlmsg_perm nlmsg_audit_perms[] = { ...@@ -153,7 +153,8 @@ static const struct nlmsg_perm nlmsg_audit_perms[] = {
static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize) static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize)
{ {
int i, err = -EINVAL; unsigned int i;
int err = -EINVAL;
for (i = 0; i < tabsize/sizeof(struct nlmsg_perm); i++) for (i = 0; i < tabsize/sizeof(struct nlmsg_perm); i++)
if (nlmsg_type == tab[i].nlmsg_type) { if (nlmsg_type == tab[i].nlmsg_type) {
......
...@@ -97,7 +97,7 @@ static int selinux_fs_info_create(struct super_block *sb) ...@@ -97,7 +97,7 @@ static int selinux_fs_info_create(struct super_block *sb)
static void selinux_fs_info_free(struct super_block *sb) static void selinux_fs_info_free(struct super_block *sb)
{ {
struct selinux_fs_info *fsi = sb->s_fs_info; struct selinux_fs_info *fsi = sb->s_fs_info;
int i; unsigned int i;
if (fsi) { if (fsi) {
for (i = 0; i < fsi->bool_num; i++) for (i = 0; i < fsi->bool_num; i++)
...@@ -138,7 +138,8 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf, ...@@ -138,7 +138,8 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
{ {
char *page = NULL; char *page = NULL;
ssize_t length; ssize_t length;
int old_value, new_value; int scan_value;
bool old_value, new_value;
if (count >= PAGE_SIZE) if (count >= PAGE_SIZE)
return -ENOMEM; return -ENOMEM;
...@@ -152,10 +153,10 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf, ...@@ -152,10 +153,10 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
return PTR_ERR(page); return PTR_ERR(page);
length = -EINVAL; length = -EINVAL;
if (sscanf(page, "%d", &new_value) != 1) if (sscanf(page, "%d", &scan_value) != 1)
goto out; goto out;
new_value = !!new_value; new_value = !!scan_value;
old_value = enforcing_enabled(); old_value = enforcing_enabled();
if (new_value != old_value) { if (new_value != old_value) {
...@@ -1074,8 +1075,8 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size) ...@@ -1074,8 +1075,8 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size)
u32 sid, *sids = NULL; u32 sid, *sids = NULL;
ssize_t length; ssize_t length;
char *newcon; char *newcon;
int i, rc; int rc;
u32 len, nsids; u32 i, len, nsids;
length = avc_has_perm(current_sid(), SECINITSID_SECURITY, length = avc_has_perm(current_sid(), SECINITSID_SECURITY,
SECCLASS_SECURITY, SECURITY__COMPUTE_USER, SECCLASS_SECURITY, SECURITY__COMPUTE_USER,
...@@ -1191,7 +1192,7 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size) ...@@ -1191,7 +1192,7 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size)
return length; return length;
} }
static struct inode *sel_make_inode(struct super_block *sb, int mode) static struct inode *sel_make_inode(struct super_block *sb, umode_t mode)
{ {
struct inode *ret = new_inode(sb); struct inode *ret = new_inode(sb);
...@@ -1612,7 +1613,7 @@ static int sel_make_avc_files(struct dentry *dir) ...@@ -1612,7 +1613,7 @@ static int sel_make_avc_files(struct dentry *dir)
{ {
struct super_block *sb = dir->d_sb; struct super_block *sb = dir->d_sb;
struct selinux_fs_info *fsi = sb->s_fs_info; struct selinux_fs_info *fsi = sb->s_fs_info;
int i; unsigned int i;
static const struct tree_descr files[] = { static const struct tree_descr files[] = {
{ "cache_threshold", { "cache_threshold",
&sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR },
...@@ -1648,7 +1649,7 @@ static int sel_make_ss_files(struct dentry *dir) ...@@ -1648,7 +1649,7 @@ static int sel_make_ss_files(struct dentry *dir)
{ {
struct super_block *sb = dir->d_sb; struct super_block *sb = dir->d_sb;
struct selinux_fs_info *fsi = sb->s_fs_info; struct selinux_fs_info *fsi = sb->s_fs_info;
int i; unsigned int i;
static const struct tree_descr files[] = { static const struct tree_descr files[] = {
{ "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO }, { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO },
}; };
...@@ -1699,7 +1700,7 @@ static const struct file_operations sel_initcon_ops = { ...@@ -1699,7 +1700,7 @@ static const struct file_operations sel_initcon_ops = {
static int sel_make_initcon_files(struct dentry *dir) static int sel_make_initcon_files(struct dentry *dir)
{ {
int i; unsigned int i;
for (i = 1; i <= SECINITSID_NUM; i++) { for (i = 1; i <= SECINITSID_NUM; i++) {
struct inode *inode; struct inode *inode;
...@@ -1797,7 +1798,8 @@ static int sel_make_perm_files(struct selinux_policy *newpolicy, ...@@ -1797,7 +1798,8 @@ static int sel_make_perm_files(struct selinux_policy *newpolicy,
char *objclass, int classvalue, char *objclass, int classvalue,
struct dentry *dir) struct dentry *dir)
{ {
int i, rc, nperms; u32 i, nperms;
int rc;
char **perms; char **perms;
rc = security_get_permissions(newpolicy, objclass, &perms, &nperms); rc = security_get_permissions(newpolicy, objclass, &perms, &nperms);
...@@ -1867,8 +1869,8 @@ static int sel_make_classes(struct selinux_policy *newpolicy, ...@@ -1867,8 +1869,8 @@ static int sel_make_classes(struct selinux_policy *newpolicy,
struct dentry *class_dir, struct dentry *class_dir,
unsigned long *last_class_ino) unsigned long *last_class_ino)
{ {
u32 i, nclasses;
int rc, nclasses, i; int rc;
char **classes; char **classes;
rc = security_get_classes(newpolicy, &classes, &nclasses); rc = security_get_classes(newpolicy, &classes, &nclasses);
......
/* /*
* Implementation of the access vector table type. * Implementation of the access vector table type.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> /* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
...@@ -29,7 +29,7 @@ static struct kmem_cache *avtab_xperms_cachep __ro_after_init; ...@@ -29,7 +29,7 @@ static struct kmem_cache *avtab_xperms_cachep __ro_after_init;
/* Based on MurmurHash3, written by Austin Appleby and placed in the /* Based on MurmurHash3, written by Austin Appleby and placed in the
* public domain. * public domain.
*/ */
static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) static inline u32 avtab_hash(const struct avtab_key *keyp, u32 mask)
{ {
static const u32 c1 = 0xcc9e2d51; static const u32 c1 = 0xcc9e2d51;
static const u32 c2 = 0x1b873593; static const u32 c2 = 0x1b873593;
...@@ -66,7 +66,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) ...@@ -66,7 +66,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask)
} }
static struct avtab_node* static struct avtab_node*
avtab_insert_node(struct avtab *h, int hvalue, avtab_insert_node(struct avtab *h, u32 hvalue,
struct avtab_node *prev, struct avtab_node *prev,
const struct avtab_key *key, const struct avtab_datum *datum) const struct avtab_key *key, const struct avtab_datum *datum)
{ {
...@@ -106,11 +106,11 @@ avtab_insert_node(struct avtab *h, int hvalue, ...@@ -106,11 +106,11 @@ avtab_insert_node(struct avtab *h, int hvalue,
static int avtab_insert(struct avtab *h, const struct avtab_key *key, static int avtab_insert(struct avtab *h, const struct avtab_key *key,
const struct avtab_datum *datum) const struct avtab_datum *datum)
{ {
int hvalue; u32 hvalue;
struct avtab_node *prev, *cur, *newnode; struct avtab_node *prev, *cur, *newnode;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->nslot) if (!h || !h->nslot || h->nel == U32_MAX)
return -EINVAL; return -EINVAL;
hvalue = avtab_hash(key, h->mask); hvalue = avtab_hash(key, h->mask);
...@@ -152,11 +152,11 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, ...@@ -152,11 +152,11 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h,
const struct avtab_key *key, const struct avtab_key *key,
const struct avtab_datum *datum) const struct avtab_datum *datum)
{ {
int hvalue; u32 hvalue;
struct avtab_node *prev, *cur; struct avtab_node *prev, *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->nslot) if (!h || !h->nslot || h->nel == U32_MAX)
return NULL; return NULL;
hvalue = avtab_hash(key, h->mask); hvalue = avtab_hash(key, h->mask);
for (prev = NULL, cur = h->htable[hvalue]; for (prev = NULL, cur = h->htable[hvalue];
...@@ -180,45 +180,13 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, ...@@ -180,45 +180,13 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h,
return avtab_insert_node(h, hvalue, prev, key, datum); return avtab_insert_node(h, hvalue, prev, key, datum);
} }
struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *key)
{
int hvalue;
struct avtab_node *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->nslot)
return NULL;
hvalue = avtab_hash(key, h->mask);
for (cur = h->htable[hvalue]; cur;
cur = cur->next) {
if (key->source_type == cur->key.source_type &&
key->target_type == cur->key.target_type &&
key->target_class == cur->key.target_class &&
(specified & cur->key.specified))
return &cur->datum;
if (key->source_type < cur->key.source_type)
break;
if (key->source_type == cur->key.source_type &&
key->target_type < cur->key.target_type)
break;
if (key->source_type == cur->key.source_type &&
key->target_type == cur->key.target_type &&
key->target_class < cur->key.target_class)
break;
}
return NULL;
}
/* This search function returns a node pointer, and can be used in /* This search function returns a node pointer, and can be used in
* conjunction with avtab_search_next_node() * conjunction with avtab_search_next_node()
*/ */
struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h,
const struct avtab_key *key) const struct avtab_key *key)
{ {
int hvalue; u32 hvalue;
struct avtab_node *cur; struct avtab_node *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
...@@ -248,7 +216,7 @@ struct avtab_node *avtab_search_node(struct avtab *h, ...@@ -248,7 +216,7 @@ struct avtab_node *avtab_search_node(struct avtab *h,
} }
struct avtab_node* struct avtab_node*
avtab_search_node_next(struct avtab_node *node, int specified) avtab_search_node_next(struct avtab_node *node, u16 specified)
{ {
struct avtab_node *cur; struct avtab_node *cur;
...@@ -278,7 +246,7 @@ avtab_search_node_next(struct avtab_node *node, int specified) ...@@ -278,7 +246,7 @@ avtab_search_node_next(struct avtab_node *node, int specified)
void avtab_destroy(struct avtab *h) void avtab_destroy(struct avtab *h)
{ {
int i; u32 i;
struct avtab_node *cur, *temp; struct avtab_node *cur, *temp;
if (!h) if (!h)
...@@ -354,9 +322,10 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig) ...@@ -354,9 +322,10 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig)
return avtab_alloc_common(new, orig->nslot); return avtab_alloc_common(new, orig->nslot);
} }
#ifdef CONFIG_SECURITY_SELINUX_DEBUG
void avtab_hash_eval(struct avtab *h, const char *tag) void avtab_hash_eval(struct avtab *h, const char *tag)
{ {
int i, chain_len, slots_used, max_chain_len; u32 i, chain_len, slots_used, max_chain_len;
unsigned long long chain2_len_sum; unsigned long long chain2_len_sum;
struct avtab_node *cur; struct avtab_node *cur;
...@@ -375,7 +344,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag) ...@@ -375,7 +344,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag)
if (chain_len > max_chain_len) if (chain_len > max_chain_len)
max_chain_len = chain_len; max_chain_len = chain_len;
chain2_len_sum += chain_len * chain_len; chain2_len_sum += (unsigned long long)chain_len * chain_len;
} }
} }
...@@ -384,6 +353,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag) ...@@ -384,6 +353,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag)
tag, h->nel, slots_used, h->nslot, max_chain_len, tag, h->nel, slots_used, h->nslot, max_chain_len,
chain2_len_sum); chain2_len_sum);
} }
#endif /* CONFIG_SECURITY_SELINUX_DEBUG */
static const uint16_t spec_order[] = { static const uint16_t spec_order[] = {
AVTAB_ALLOWED, AVTAB_ALLOWED,
...@@ -404,13 +374,13 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, ...@@ -404,13 +374,13 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
{ {
__le16 buf16[4]; __le16 buf16[4];
u16 enabled; u16 enabled;
u32 items, items2, val, vers = pol->policyvers; u32 items, items2, val, i;
struct avtab_key key; struct avtab_key key;
struct avtab_datum datum; struct avtab_datum datum;
struct avtab_extended_perms xperms; struct avtab_extended_perms xperms;
__le32 buf32[ARRAY_SIZE(xperms.perms.p)]; __le32 buf32[ARRAY_SIZE(xperms.perms.p)];
int i, rc; int rc;
unsigned set; unsigned int set, vers = pol->policyvers;
memset(&key, 0, sizeof(struct avtab_key)); memset(&key, 0, sizeof(struct avtab_key));
memset(&datum, 0, sizeof(struct avtab_datum)); memset(&datum, 0, sizeof(struct avtab_datum));
...@@ -646,7 +616,7 @@ int avtab_write_item(struct policydb *p, const struct avtab_node *cur, void *fp) ...@@ -646,7 +616,7 @@ int avtab_write_item(struct policydb *p, const struct avtab_node *cur, void *fp)
int avtab_write(struct policydb *p, struct avtab *a, void *fp) int avtab_write(struct policydb *p, struct avtab *a, void *fp)
{ {
unsigned int i; u32 i;
int rc = 0; int rc = 0;
struct avtab_node *cur; struct avtab_node *cur;
__le32 buf[1]; __le32 buf[1];
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
* table is used to represent the type enforcement * table is used to represent the type enforcement
* tables. * tables.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> /* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
...@@ -90,9 +90,15 @@ struct avtab { ...@@ -90,9 +90,15 @@ struct avtab {
void avtab_init(struct avtab *h); void avtab_init(struct avtab *h);
int avtab_alloc(struct avtab *, u32); int avtab_alloc(struct avtab *, u32);
int avtab_alloc_dup(struct avtab *new, const struct avtab *orig); int avtab_alloc_dup(struct avtab *new, const struct avtab *orig);
struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *k);
void avtab_destroy(struct avtab *h); void avtab_destroy(struct avtab *h);
#ifdef CONFIG_SECURITY_SELINUX_DEBUG
void avtab_hash_eval(struct avtab *h, const char *tag); void avtab_hash_eval(struct avtab *h, const char *tag);
#else
static inline void avtab_hash_eval(struct avtab *h, const char *tag)
{
}
#endif
struct policydb; struct policydb;
int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
...@@ -111,7 +117,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, ...@@ -111,7 +117,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h,
struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h,
const struct avtab_key *key); const struct avtab_key *key);
struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified); struct avtab_node *avtab_search_node_next(struct avtab_node *node, u16 specified);
#define MAX_AVTAB_HASH_BITS 16 #define MAX_AVTAB_HASH_BITS 16
#define MAX_AVTAB_HASH_BUCKETS (1 << MAX_AVTAB_HASH_BITS) #define MAX_AVTAB_HASH_BUCKETS (1 << MAX_AVTAB_HASH_BITS)
......
...@@ -272,7 +272,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k, ...@@ -272,7 +272,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k,
* cond_te_avtab. * cond_te_avtab.
*/ */
if (k->specified & AVTAB_TYPE) { if (k->specified & AVTAB_TYPE) {
if (avtab_search(&p->te_avtab, k)) { if (avtab_search_node(&p->te_avtab, k)) {
pr_err("SELinux: type rule already exists outside of a conditional.\n"); pr_err("SELinux: type rule already exists outside of a conditional.\n");
return -EINVAL; return -EINVAL;
} }
...@@ -304,7 +304,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k, ...@@ -304,7 +304,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k,
} }
} }
} else { } else {
if (avtab_search(&p->te_cond_avtab, k)) { if (avtab_search_node(&p->te_cond_avtab, k)) {
pr_err("SELinux: conflicting type rules when adding type rule for true.\n"); pr_err("SELinux: conflicting type rules when adding type rule for true.\n");
return -EINVAL; return -EINVAL;
} }
......
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
* process from labeling an object with a different user * process from labeling an object with a different user
* identity. * identity.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SS_CONSTRAINT_H_ #ifndef _SS_CONSTRAINT_H_
#define _SS_CONSTRAINT_H_ #define _SS_CONSTRAINT_H_
......
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
* security server and can be changed without affecting * security server and can be changed without affecting
* clients of the security server. * clients of the security server.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SS_CONTEXT_H_ #ifndef _SS_CONTEXT_H_
#define _SS_CONTEXT_H_ #define _SS_CONTEXT_H_
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the extensible bitmap type. * Implementation of the extensible bitmap type.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* /*
* Updated: Hewlett-Packard <paul@paul-moore.com> * Updated: Hewlett-Packard <paul@paul-moore.com>
......
...@@ -10,7 +10,7 @@ ...@@ -10,7 +10,7 @@
* an explicitly specified starting bit position within * an explicitly specified starting bit position within
* the total bitmap. * the total bitmap.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SS_EBITMAP_H_ #ifndef _SS_EBITMAP_H_
#define _SS_EBITMAP_H_ #define _SS_EBITMAP_H_
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the hash table type. * Implementation of the hash table type.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#include <linux/kernel.h> #include <linux/kernel.h>
#include <linux/slab.h> #include <linux/slab.h>
...@@ -103,7 +103,7 @@ int hashtab_map(struct hashtab *h, ...@@ -103,7 +103,7 @@ int hashtab_map(struct hashtab *h,
return 0; return 0;
} }
#ifdef CONFIG_SECURITY_SELINUX_DEBUG
void hashtab_stat(struct hashtab *h, struct hashtab_info *info) void hashtab_stat(struct hashtab *h, struct hashtab_info *info)
{ {
u32 i, chain_len, slots_used, max_chain_len; u32 i, chain_len, slots_used, max_chain_len;
...@@ -129,6 +129,7 @@ void hashtab_stat(struct hashtab *h, struct hashtab_info *info) ...@@ -129,6 +129,7 @@ void hashtab_stat(struct hashtab *h, struct hashtab_info *info)
info->slots_used = slots_used; info->slots_used = slots_used;
info->max_chain_len = max_chain_len; info->max_chain_len = max_chain_len;
} }
#endif /* CONFIG_SECURITY_SELINUX_DEBUG */
int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, int hashtab_duplicate(struct hashtab *new, struct hashtab *orig,
int (*copy)(struct hashtab_node *new, int (*copy)(struct hashtab_node *new,
...@@ -137,7 +138,8 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, ...@@ -137,7 +138,8 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig,
void *args) void *args)
{ {
struct hashtab_node *cur, *tmp, *tail; struct hashtab_node *cur, *tmp, *tail;
int i, rc; u32 i;
int rc;
memset(new, 0, sizeof(*new)); memset(new, 0, sizeof(*new));
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
* functions for hash computation and key comparison are * functions for hash computation and key comparison are
* provided by the creator of the table. * provided by the creator of the table.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SS_HASHTAB_H_ #ifndef _SS_HASHTAB_H_
#define _SS_HASHTAB_H_ #define _SS_HASHTAB_H_
...@@ -142,7 +142,13 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, ...@@ -142,7 +142,13 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig,
int (*destroy)(void *k, void *d, void *args), int (*destroy)(void *k, void *d, void *args),
void *args); void *args);
#ifdef CONFIG_SECURITY_SELINUX_DEBUG
/* Fill info with some hash table statistics */ /* Fill info with some hash table statistics */
void hashtab_stat(struct hashtab *h, struct hashtab_info *info); void hashtab_stat(struct hashtab *h, struct hashtab_info *info);
#else
static inline void hashtab_stat(struct hashtab *h, struct hashtab_info *info)
{
}
#endif
#endif /* _SS_HASHTAB_H */ #endif /* _SS_HASHTAB_H */
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the multi-level security (MLS) policy. * Implementation of the multi-level security (MLS) policy.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* /*
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
...@@ -45,7 +45,7 @@ int mls_compute_context_len(struct policydb *p, struct context *context) ...@@ -45,7 +45,7 @@ int mls_compute_context_len(struct policydb *p, struct context *context)
len = 1; /* for the beginning ":" */ len = 1; /* for the beginning ":" */
for (l = 0; l < 2; l++) { for (l = 0; l < 2; l++) {
int index_sens = context->range.level[l].sens; u32 index_sens = context->range.level[l].sens;
len += strlen(sym_name(p, SYM_LEVELS, index_sens - 1)); len += strlen(sym_name(p, SYM_LEVELS, index_sens - 1));
/* categories */ /* categories */
...@@ -240,7 +240,8 @@ int mls_context_to_sid(struct policydb *pol, ...@@ -240,7 +240,8 @@ int mls_context_to_sid(struct policydb *pol,
char *sensitivity, *cur_cat, *next_cat, *rngptr; char *sensitivity, *cur_cat, *next_cat, *rngptr;
struct level_datum *levdatum; struct level_datum *levdatum;
struct cat_datum *catdatum, *rngdatum; struct cat_datum *catdatum, *rngdatum;
int l, rc, i; u32 i;
int l, rc;
char *rangep[2]; char *rangep[2];
if (!pol->mls_enabled) { if (!pol->mls_enabled) {
...@@ -451,7 +452,8 @@ int mls_convert_context(struct policydb *oldp, ...@@ -451,7 +452,8 @@ int mls_convert_context(struct policydb *oldp,
struct level_datum *levdatum; struct level_datum *levdatum;
struct cat_datum *catdatum; struct cat_datum *catdatum;
struct ebitmap_node *node; struct ebitmap_node *node;
int l, i; u32 i;
int l;
if (!oldp->mls_enabled || !newp->mls_enabled) if (!oldp->mls_enabled || !newp->mls_enabled)
return 0; return 0;
...@@ -495,7 +497,7 @@ int mls_compute_sid(struct policydb *p, ...@@ -495,7 +497,7 @@ int mls_compute_sid(struct policydb *p,
struct range_trans rtr; struct range_trans rtr;
struct mls_range *r; struct mls_range *r;
struct class_datum *cladatum; struct class_datum *cladatum;
int default_range = 0; char default_range = 0;
if (!p->mls_enabled) if (!p->mls_enabled)
return 0; return 0;
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Multi-level security (MLS) policy operations. * Multi-level security (MLS) policy operations.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* /*
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Type definitions for the multi-level security (MLS) policy. * Type definitions for the multi-level security (MLS) policy.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* /*
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the policy database. * Implementation of the policy database.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* /*
...@@ -41,7 +41,7 @@ ...@@ -41,7 +41,7 @@
#include "mls.h" #include "mls.h"
#include "services.h" #include "services.h"
#ifdef DEBUG_HASHES #ifdef CONFIG_SECURITY_SELINUX_DEBUG
static const char *const symtab_name[SYM_NUM] = { static const char *const symtab_name[SYM_NUM] = {
"common prefixes", "common prefixes",
"classes", "classes",
...@@ -55,9 +55,9 @@ static const char *const symtab_name[SYM_NUM] = { ...@@ -55,9 +55,9 @@ static const char *const symtab_name[SYM_NUM] = {
#endif #endif
struct policydb_compat_info { struct policydb_compat_info {
int version; unsigned int version;
int sym_num; unsigned int sym_num;
int ocon_num; unsigned int ocon_num;
}; };
/* These need to be updated if SYM_NUM or OCON_NUM changes */ /* These need to be updated if SYM_NUM or OCON_NUM changes */
...@@ -159,9 +159,9 @@ static const struct policydb_compat_info policydb_compat[] = { ...@@ -159,9 +159,9 @@ static const struct policydb_compat_info policydb_compat[] = {
}, },
}; };
static const struct policydb_compat_info *policydb_lookup_compat(int version) static const struct policydb_compat_info *policydb_lookup_compat(unsigned int version)
{ {
int i; unsigned int i;
for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) { for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) {
if (policydb_compat[i].version == version) if (policydb_compat[i].version == version)
...@@ -359,7 +359,7 @@ static int role_tr_destroy(void *key, void *datum, void *p) ...@@ -359,7 +359,7 @@ static int role_tr_destroy(void *key, void *datum, void *p)
return 0; return 0;
} }
static void ocontext_destroy(struct ocontext *c, int i) static void ocontext_destroy(struct ocontext *c, unsigned int i)
{ {
if (!c) if (!c)
return; return;
...@@ -678,7 +678,7 @@ static int (*const index_f[SYM_NUM]) (void *key, void *datum, void *datap) = { ...@@ -678,7 +678,7 @@ static int (*const index_f[SYM_NUM]) (void *key, void *datum, void *datap) = {
cat_index, cat_index,
}; };
#ifdef DEBUG_HASHES #ifdef CONFIG_SECURITY_SELINUX_DEBUG
static void hash_eval(struct hashtab *h, const char *hash_name) static void hash_eval(struct hashtab *h, const char *hash_name)
{ {
struct hashtab_info info; struct hashtab_info info;
...@@ -701,7 +701,10 @@ static void symtab_hash_eval(struct symtab *s) ...@@ -701,7 +701,10 @@ static void symtab_hash_eval(struct symtab *s)
static inline void hash_eval(struct hashtab *h, const char *hash_name) static inline void hash_eval(struct hashtab *h, const char *hash_name)
{ {
} }
#endif static inline void symtab_hash_eval(struct symtab *s)
{
}
#endif /* CONFIG_SECURITY_SELINUX_DEBUG */
/* /*
* Define the other val_to_name and val_to_struct arrays * Define the other val_to_name and val_to_struct arrays
...@@ -725,10 +728,8 @@ static int policydb_index(struct policydb *p) ...@@ -725,10 +728,8 @@ static int policydb_index(struct policydb *p)
pr_debug("SELinux: %d classes, %d rules\n", pr_debug("SELinux: %d classes, %d rules\n",
p->p_classes.nprim, p->te_avtab.nel); p->p_classes.nprim, p->te_avtab.nel);
#ifdef DEBUG_HASHES
avtab_hash_eval(&p->te_avtab, "rules"); avtab_hash_eval(&p->te_avtab, "rules");
symtab_hash_eval(p->symtab); symtab_hash_eval(p->symtab);
#endif
p->class_val_to_struct = kcalloc(p->p_classes.nprim, p->class_val_to_struct = kcalloc(p->p_classes.nprim,
sizeof(*p->class_val_to_struct), sizeof(*p->class_val_to_struct),
...@@ -781,7 +782,7 @@ void policydb_destroy(struct policydb *p) ...@@ -781,7 +782,7 @@ void policydb_destroy(struct policydb *p)
{ {
struct ocontext *c, *ctmp; struct ocontext *c, *ctmp;
struct genfs *g, *gtmp; struct genfs *g, *gtmp;
int i; u32 i;
struct role_allow *ra, *lra = NULL; struct role_allow *ra, *lra = NULL;
for (i = 0; i < SYM_NUM; i++) { for (i = 0; i < SYM_NUM; i++) {
...@@ -1127,8 +1128,8 @@ static int common_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1127,8 +1128,8 @@ static int common_read(struct policydb *p, struct symtab *s, void *fp)
char *key = NULL; char *key = NULL;
struct common_datum *comdatum; struct common_datum *comdatum;
__le32 buf[4]; __le32 buf[4];
u32 len, nel; u32 i, len, nel;
int i, rc; int rc;
comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL);
if (!comdatum) if (!comdatum)
...@@ -1193,13 +1194,13 @@ static int type_set_read(struct type_set *t, void *fp) ...@@ -1193,13 +1194,13 @@ static int type_set_read(struct type_set *t, void *fp)
static int read_cons_helper(struct policydb *p, static int read_cons_helper(struct policydb *p,
struct constraint_node **nodep, struct constraint_node **nodep,
int ncons, int allowxtarget, void *fp) u32 ncons, int allowxtarget, void *fp)
{ {
struct constraint_node *c, *lc; struct constraint_node *c, *lc;
struct constraint_expr *e, *le; struct constraint_expr *e, *le;
__le32 buf[3]; __le32 buf[3];
u32 nexpr; u32 i, j, nexpr;
int rc, i, j, depth; int rc, depth;
lc = NULL; lc = NULL;
for (i = 0; i < ncons; i++) { for (i = 0; i < ncons; i++) {
...@@ -1291,8 +1292,8 @@ static int class_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1291,8 +1292,8 @@ static int class_read(struct policydb *p, struct symtab *s, void *fp)
char *key = NULL; char *key = NULL;
struct class_datum *cladatum; struct class_datum *cladatum;
__le32 buf[6]; __le32 buf[6];
u32 len, len2, ncons, nel; u32 i, len, len2, ncons, nel;
int i, rc; int rc;
cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL);
if (!cladatum) if (!cladatum)
...@@ -1385,7 +1386,8 @@ static int role_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1385,7 +1386,8 @@ static int role_read(struct policydb *p, struct symtab *s, void *fp)
{ {
char *key = NULL; char *key = NULL;
struct role_datum *role; struct role_datum *role;
int rc, to_read = 2; int rc;
unsigned int to_read = 2;
__le32 buf[3]; __le32 buf[3];
u32 len; u32 len;
...@@ -1441,7 +1443,8 @@ static int type_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1441,7 +1443,8 @@ static int type_read(struct policydb *p, struct symtab *s, void *fp)
{ {
char *key = NULL; char *key = NULL;
struct type_datum *typdatum; struct type_datum *typdatum;
int rc, to_read = 3; int rc;
unsigned int to_read = 3;
__le32 buf[4]; __le32 buf[4];
u32 len; u32 len;
...@@ -1515,7 +1518,8 @@ static int user_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1515,7 +1518,8 @@ static int user_read(struct policydb *p, struct symtab *s, void *fp)
{ {
char *key = NULL; char *key = NULL;
struct user_datum *usrdatum; struct user_datum *usrdatum;
int rc, to_read = 2; int rc;
unsigned int to_read = 2;
__le32 buf[3]; __le32 buf[3];
u32 len; u32 len;
...@@ -1569,7 +1573,7 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1569,7 +1573,7 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp)
__le32 buf[2]; __le32 buf[2];
u32 len; u32 len;
levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC); levdatum = kzalloc(sizeof(*levdatum), GFP_KERNEL);
if (!levdatum) if (!levdatum)
return -ENOMEM; return -ENOMEM;
...@@ -1580,12 +1584,12 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1580,12 +1584,12 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp)
len = le32_to_cpu(buf[0]); len = le32_to_cpu(buf[0]);
levdatum->isalias = le32_to_cpu(buf[1]); levdatum->isalias = le32_to_cpu(buf[1]);
rc = str_read(&key, GFP_ATOMIC, fp, len); rc = str_read(&key, GFP_KERNEL, fp, len);
if (rc) if (rc)
goto bad; goto bad;
rc = -ENOMEM; rc = -ENOMEM;
levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_ATOMIC); levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_KERNEL);
if (!levdatum->level) if (!levdatum->level)
goto bad; goto bad;
...@@ -1610,7 +1614,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1610,7 +1614,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp)
__le32 buf[3]; __le32 buf[3];
u32 len; u32 len;
catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC); catdatum = kzalloc(sizeof(*catdatum), GFP_KERNEL);
if (!catdatum) if (!catdatum)
return -ENOMEM; return -ENOMEM;
...@@ -1622,7 +1626,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp) ...@@ -1622,7 +1626,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp)
catdatum->value = le32_to_cpu(buf[1]); catdatum->value = le32_to_cpu(buf[1]);
catdatum->isalias = le32_to_cpu(buf[2]); catdatum->isalias = le32_to_cpu(buf[2]);
rc = str_read(&key, GFP_ATOMIC, fp, len); rc = str_read(&key, GFP_KERNEL, fp, len);
if (rc) if (rc)
goto bad; goto bad;
...@@ -1656,11 +1660,11 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap) ...@@ -1656,11 +1660,11 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap)
upper = user = datum; upper = user = datum;
while (upper->bounds) { while (upper->bounds) {
struct ebitmap_node *node; struct ebitmap_node *node;
unsigned long bit; u32 bit;
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
pr_err("SELinux: user %s: " pr_err("SELinux: user %s: "
"too deep or looped boundary", "too deep or looped boundary\n",
(char *) key); (char *) key);
return -EINVAL; return -EINVAL;
} }
...@@ -1692,7 +1696,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap) ...@@ -1692,7 +1696,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap)
upper = role = datum; upper = role = datum;
while (upper->bounds) { while (upper->bounds) {
struct ebitmap_node *node; struct ebitmap_node *node;
unsigned long bit; u32 bit;
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
pr_err("SELinux: role %s: " pr_err("SELinux: role %s: "
...@@ -1739,7 +1743,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap) ...@@ -1739,7 +1743,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap)
if (upper->attribute) { if (upper->attribute) {
pr_err("SELinux: type %s: " pr_err("SELinux: type %s: "
"bounded by attribute %s", "bounded by attribute %s\n",
(char *) key, (char *) key,
sym_name(p, SYM_TYPES, upper->value - 1)); sym_name(p, SYM_TYPES, upper->value - 1));
return -EINVAL; return -EINVAL;
...@@ -1807,9 +1811,9 @@ static int range_read(struct policydb *p, void *fp) ...@@ -1807,9 +1811,9 @@ static int range_read(struct policydb *p, void *fp)
{ {
struct range_trans *rt = NULL; struct range_trans *rt = NULL;
struct mls_range *r = NULL; struct mls_range *r = NULL;
int i, rc; int rc;
__le32 buf[2]; __le32 buf[2];
u32 nel; u32 i, nel;
if (p->policyvers < POLICYDB_VERSION_MLS) if (p->policyvers < POLICYDB_VERSION_MLS)
return 0; return 0;
...@@ -2055,9 +2059,9 @@ static int filename_trans_read_helper(struct policydb *p, void *fp) ...@@ -2055,9 +2059,9 @@ static int filename_trans_read_helper(struct policydb *p, void *fp)
static int filename_trans_read(struct policydb *p, void *fp) static int filename_trans_read(struct policydb *p, void *fp)
{ {
u32 nel; u32 nel, i;
__le32 buf[1]; __le32 buf[1];
int rc, i; int rc;
if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS) if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS)
return 0; return 0;
...@@ -2096,8 +2100,8 @@ static int filename_trans_read(struct policydb *p, void *fp) ...@@ -2096,8 +2100,8 @@ static int filename_trans_read(struct policydb *p, void *fp)
static int genfs_read(struct policydb *p, void *fp) static int genfs_read(struct policydb *p, void *fp)
{ {
int i, j, rc; int rc;
u32 nel, nel2, len, len2; u32 i, j, nel, nel2, len, len2;
__le32 buf[1]; __le32 buf[1];
struct ocontext *l, *c; struct ocontext *l, *c;
struct ocontext *newc = NULL; struct ocontext *newc = NULL;
...@@ -2210,8 +2214,9 @@ static int genfs_read(struct policydb *p, void *fp) ...@@ -2210,8 +2214,9 @@ static int genfs_read(struct policydb *p, void *fp)
static int ocontext_read(struct policydb *p, const struct policydb_compat_info *info, static int ocontext_read(struct policydb *p, const struct policydb_compat_info *info,
void *fp) void *fp)
{ {
int i, j, rc; int rc;
u32 nel, len; unsigned int i;
u32 j, nel, len;
__be64 prefixbuf[1]; __be64 prefixbuf[1];
__le32 buf[3]; __le32 buf[3];
struct ocontext *l, *c; struct ocontext *l, *c;
...@@ -2402,9 +2407,9 @@ int policydb_read(struct policydb *p, void *fp) ...@@ -2402,9 +2407,9 @@ int policydb_read(struct policydb *p, void *fp)
struct role_allow *ra, *lra; struct role_allow *ra, *lra;
struct role_trans_key *rtk = NULL; struct role_trans_key *rtk = NULL;
struct role_trans_datum *rtd = NULL; struct role_trans_datum *rtd = NULL;
int i, j, rc; int rc;
__le32 buf[4]; __le32 buf[4];
u32 len, nprim, nel, perm; u32 i, j, len, nprim, nel, perm;
char *policydb_str; char *policydb_str;
const struct policydb_compat_info *info; const struct policydb_compat_info *info;
...@@ -3255,7 +3260,8 @@ static int (*const write_f[SYM_NUM]) (void *key, void *datum, void *datap) = { ...@@ -3255,7 +3260,8 @@ static int (*const write_f[SYM_NUM]) (void *key, void *datum, void *datap) = {
static int ocontext_write(struct policydb *p, const struct policydb_compat_info *info, static int ocontext_write(struct policydb *p, const struct policydb_compat_info *info,
void *fp) void *fp)
{ {
unsigned int i, j, rc; unsigned int i, j;
int rc;
size_t nel, len; size_t nel, len;
__be64 prefixbuf[1]; __be64 prefixbuf[1];
__le32 buf[3]; __le32 buf[3];
...@@ -3604,10 +3610,10 @@ static int filename_trans_write(struct policydb *p, void *fp) ...@@ -3604,10 +3610,10 @@ static int filename_trans_write(struct policydb *p, void *fp)
*/ */
int policydb_write(struct policydb *p, void *fp) int policydb_write(struct policydb *p, void *fp)
{ {
unsigned int i, num_syms; unsigned int num_syms;
int rc; int rc;
__le32 buf[4]; __le32 buf[4];
u32 config; u32 config, i;
size_t len; size_t len;
const struct policydb_compat_info *info; const struct policydb_compat_info *info;
...@@ -3648,7 +3654,7 @@ int policydb_write(struct policydb *p, void *fp) ...@@ -3648,7 +3654,7 @@ int policydb_write(struct policydb *p, void *fp)
info = policydb_lookup_compat(p->policyvers); info = policydb_lookup_compat(p->policyvers);
if (!info) { if (!info) {
pr_err("SELinux: compatibility lookup failed for policy " pr_err("SELinux: compatibility lookup failed for policy "
"version %d", p->policyvers); "version %d\n", p->policyvers);
return -EINVAL; return -EINVAL;
} }
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* A policy database (policydb) specifies the * A policy database (policydb) specifies the
* configuration data for the security policy. * configuration data for the security policy.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
/* /*
...@@ -366,9 +366,12 @@ static inline int next_entry(void *buf, struct policy_file *fp, size_t bytes) ...@@ -366,9 +366,12 @@ static inline int next_entry(void *buf, struct policy_file *fp, size_t bytes)
return 0; return 0;
} }
static inline int put_entry(const void *buf, size_t bytes, int num, struct policy_file *fp) static inline int put_entry(const void *buf, size_t bytes, size_t num, struct policy_file *fp)
{ {
size_t len = bytes * num; size_t len;
if (unlikely(check_mul_overflow(bytes, num, &len)))
return -EINVAL;
if (len > fp->len) if (len > fp->len)
return -EINVAL; return -EINVAL;
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the security services. * Implementation of the security services.
* *
* Authors : Stephen Smalley, <sds@tycho.nsa.gov> * Authors : Stephen Smalley, <stephen.smalley.work@gmail.com>
* James Morris <jmorris@redhat.com> * James Morris <jmorris@redhat.com>
* *
* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
...@@ -97,7 +97,6 @@ static int selinux_set_mapping(struct policydb *pol, ...@@ -97,7 +97,6 @@ static int selinux_set_mapping(struct policydb *pol,
struct selinux_map *out_map) struct selinux_map *out_map)
{ {
u16 i, j; u16 i, j;
unsigned k;
bool print_unknown_handle = false; bool print_unknown_handle = false;
/* Find number of classes in the input mapping */ /* Find number of classes in the input mapping */
...@@ -117,6 +116,7 @@ static int selinux_set_mapping(struct policydb *pol, ...@@ -117,6 +116,7 @@ static int selinux_set_mapping(struct policydb *pol,
while (map[j].name) { while (map[j].name) {
const struct security_class_mapping *p_in = map + (j++); const struct security_class_mapping *p_in = map + (j++);
struct selinux_mapping *p_out = out_map->mapping + j; struct selinux_mapping *p_out = out_map->mapping + j;
u16 k;
/* An empty class string skips ahead */ /* An empty class string skips ahead */
if (!strcmp(p_in->name, "")) { if (!strcmp(p_in->name, "")) {
...@@ -207,22 +207,22 @@ static void map_decision(struct selinux_map *map, ...@@ -207,22 +207,22 @@ static void map_decision(struct selinux_map *map,
for (i = 0, result = 0; i < n; i++) { for (i = 0, result = 0; i < n; i++) {
if (avd->allowed & mapping->perms[i]) if (avd->allowed & mapping->perms[i])
result |= 1<<i; result |= (u32)1<<i;
if (allow_unknown && !mapping->perms[i]) if (allow_unknown && !mapping->perms[i])
result |= 1<<i; result |= (u32)1<<i;
} }
avd->allowed = result; avd->allowed = result;
for (i = 0, result = 0; i < n; i++) for (i = 0, result = 0; i < n; i++)
if (avd->auditallow & mapping->perms[i]) if (avd->auditallow & mapping->perms[i])
result |= 1<<i; result |= (u32)1<<i;
avd->auditallow = result; avd->auditallow = result;
for (i = 0, result = 0; i < n; i++) { for (i = 0, result = 0; i < n; i++) {
if (avd->auditdeny & mapping->perms[i]) if (avd->auditdeny & mapping->perms[i])
result |= 1<<i; result |= (u32)1<<i;
if (!allow_unknown && !mapping->perms[i]) if (!allow_unknown && !mapping->perms[i])
result |= 1<<i; result |= (u32)1<<i;
} }
/* /*
* In case the kernel has a bug and requests a permission * In case the kernel has a bug and requests a permission
...@@ -230,7 +230,7 @@ static void map_decision(struct selinux_map *map, ...@@ -230,7 +230,7 @@ static void map_decision(struct selinux_map *map,
* should audit that denial * should audit that denial
*/ */
for (; i < (sizeof(u32)*8); i++) for (; i < (sizeof(u32)*8); i++)
result |= 1<<i; result |= (u32)1<<i;
avd->auditdeny = result; avd->auditdeny = result;
} }
} }
...@@ -856,7 +856,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) ...@@ -856,7 +856,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid)
struct sidtab *sidtab; struct sidtab *sidtab;
struct sidtab_entry *old_entry, *new_entry; struct sidtab_entry *old_entry, *new_entry;
struct type_datum *type; struct type_datum *type;
int index; u32 index;
int rc; int rc;
if (!selinux_initialized()) if (!selinux_initialized())
...@@ -1511,7 +1511,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, ...@@ -1511,7 +1511,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len,
return -ENOMEM; return -ENOMEM;
if (!selinux_initialized()) { if (!selinux_initialized()) {
int i; u32 i;
for (i = 1; i < SECINITSID_NUM; i++) { for (i = 1; i < SECINITSID_NUM; i++) {
const char *s = initial_sid_to_string[i]; const char *s = initial_sid_to_string[i];
...@@ -1694,7 +1694,7 @@ static void filename_compute_type(struct policydb *policydb, ...@@ -1694,7 +1694,7 @@ static void filename_compute_type(struct policydb *policydb,
static int security_compute_sid(u32 ssid, static int security_compute_sid(u32 ssid,
u32 tsid, u32 tsid,
u16 orig_tclass, u16 orig_tclass,
u32 specified, u16 specified,
const char *objname, const char *objname,
u32 *out_sid, u32 *out_sid,
bool kern) bool kern)
...@@ -1706,8 +1706,7 @@ static int security_compute_sid(u32 ssid, ...@@ -1706,8 +1706,7 @@ static int security_compute_sid(u32 ssid,
struct context *scontext, *tcontext, newcontext; struct context *scontext, *tcontext, newcontext;
struct sidtab_entry *sentry, *tentry; struct sidtab_entry *sentry, *tentry;
struct avtab_key avkey; struct avtab_key avkey;
struct avtab_datum *avdatum; struct avtab_node *avnode, *node;
struct avtab_node *node;
u16 tclass; u16 tclass;
int rc = 0; int rc = 0;
bool sock; bool sock;
...@@ -1815,22 +1814,22 @@ static int security_compute_sid(u32 ssid, ...@@ -1815,22 +1814,22 @@ static int security_compute_sid(u32 ssid,
avkey.target_type = tcontext->type; avkey.target_type = tcontext->type;
avkey.target_class = tclass; avkey.target_class = tclass;
avkey.specified = specified; avkey.specified = specified;
avdatum = avtab_search(&policydb->te_avtab, &avkey); avnode = avtab_search_node(&policydb->te_avtab, &avkey);
/* If no permanent rule, also check for enabled conditional rules */ /* If no permanent rule, also check for enabled conditional rules */
if (!avdatum) { if (!avnode) {
node = avtab_search_node(&policydb->te_cond_avtab, &avkey); node = avtab_search_node(&policydb->te_cond_avtab, &avkey);
for (; node; node = avtab_search_node_next(node, specified)) { for (; node; node = avtab_search_node_next(node, specified)) {
if (node->key.specified & AVTAB_ENABLED) { if (node->key.specified & AVTAB_ENABLED) {
avdatum = &node->datum; avnode = node;
break; break;
} }
} }
} }
if (avdatum) { if (avnode) {
/* Use the type from the type transition/member/change rule. */ /* Use the type from the type transition/member/change rule. */
newcontext.type = avdatum->u.data; newcontext.type = avnode->datum.u.data;
} }
/* if we have a objname this is a file trans check so check those rules */ /* if we have a objname this is a file trans check so check those rules */
...@@ -2822,7 +2821,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, ...@@ -2822,7 +2821,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy,
{ {
struct policydb *policydb = &policy->policydb; struct policydb *policydb = &policy->policydb;
struct sidtab *sidtab = policy->sidtab; struct sidtab *sidtab = policy->sidtab;
int len;
u16 sclass; u16 sclass;
struct genfs *genfs; struct genfs *genfs;
struct ocontext *c; struct ocontext *c;
...@@ -2844,7 +2842,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, ...@@ -2844,7 +2842,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy,
return -ENOENT; return -ENOENT;
for (c = genfs->head; c; c = c->next) { for (c = genfs->head; c; c = c->next) {
len = strlen(c->u.name); size_t len = strlen(c->u.name);
if ((!c->v.sclass || sclass == c->v.sclass) && if ((!c->v.sclass || sclass == c->v.sclass) &&
(strncmp(c->u.name, path, len) == 0)) (strncmp(c->u.name, path, len) == 0))
break; break;
...@@ -3332,7 +3330,7 @@ static int get_classes_callback(void *k, void *d, void *args) ...@@ -3332,7 +3330,7 @@ static int get_classes_callback(void *k, void *d, void *args)
{ {
struct class_datum *datum = d; struct class_datum *datum = d;
char *name = k, **classes = args; char *name = k, **classes = args;
int value = datum->value - 1; u32 value = datum->value - 1;
classes[value] = kstrdup(name, GFP_ATOMIC); classes[value] = kstrdup(name, GFP_ATOMIC);
if (!classes[value]) if (!classes[value])
...@@ -3342,7 +3340,7 @@ static int get_classes_callback(void *k, void *d, void *args) ...@@ -3342,7 +3340,7 @@ static int get_classes_callback(void *k, void *d, void *args)
} }
int security_get_classes(struct selinux_policy *policy, int security_get_classes(struct selinux_policy *policy,
char ***classes, int *nclasses) char ***classes, u32 *nclasses)
{ {
struct policydb *policydb; struct policydb *policydb;
int rc; int rc;
...@@ -3358,7 +3356,8 @@ int security_get_classes(struct selinux_policy *policy, ...@@ -3358,7 +3356,8 @@ int security_get_classes(struct selinux_policy *policy,
rc = hashtab_map(&policydb->p_classes.table, get_classes_callback, rc = hashtab_map(&policydb->p_classes.table, get_classes_callback,
*classes); *classes);
if (rc) { if (rc) {
int i; u32 i;
for (i = 0; i < *nclasses; i++) for (i = 0; i < *nclasses; i++)
kfree((*classes)[i]); kfree((*classes)[i]);
kfree(*classes); kfree(*classes);
...@@ -3372,7 +3371,7 @@ static int get_permissions_callback(void *k, void *d, void *args) ...@@ -3372,7 +3371,7 @@ static int get_permissions_callback(void *k, void *d, void *args)
{ {
struct perm_datum *datum = d; struct perm_datum *datum = d;
char *name = k, **perms = args; char *name = k, **perms = args;
int value = datum->value - 1; u32 value = datum->value - 1;
perms[value] = kstrdup(name, GFP_ATOMIC); perms[value] = kstrdup(name, GFP_ATOMIC);
if (!perms[value]) if (!perms[value])
...@@ -3382,10 +3381,11 @@ static int get_permissions_callback(void *k, void *d, void *args) ...@@ -3382,10 +3381,11 @@ static int get_permissions_callback(void *k, void *d, void *args)
} }
int security_get_permissions(struct selinux_policy *policy, int security_get_permissions(struct selinux_policy *policy,
char *class, char ***perms, int *nperms) const char *class, char ***perms, u32 *nperms)
{ {
struct policydb *policydb; struct policydb *policydb;
int rc, i; u32 i;
int rc;
struct class_datum *match; struct class_datum *match;
policydb = &policy->policydb; policydb = &policy->policydb;
...@@ -3600,7 +3600,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) ...@@ -3600,7 +3600,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
/* Check to see if the rule contains any selinux fields */ /* Check to see if the rule contains any selinux fields */
int selinux_audit_rule_known(struct audit_krule *rule) int selinux_audit_rule_known(struct audit_krule *rule)
{ {
int i; u32 i;
for (i = 0; i < rule->field_count; i++) { for (i = 0; i < rule->field_count; i++) {
struct audit_field *f = &rule->fields[i]; struct audit_field *f = &rule->fields[i];
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the security services. * Implementation of the security services.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SS_SERVICES_H_ #ifndef _SS_SERVICES_H_
#define _SS_SERVICES_H_ #define _SS_SERVICES_H_
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
/* Mapping for a single class */ /* Mapping for a single class */
struct selinux_mapping { struct selinux_mapping {
u16 value; /* policy value for class */ u16 value; /* policy value for class */
unsigned int num_perms; /* number of permissions in class */ u16 num_perms; /* number of permissions in class */
u32 perms[sizeof(u32) * 8]; /* policy values for permissions */ u32 perms[sizeof(u32) * 8]; /* policy values for permissions */
}; };
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the SID table type. * Implementation of the SID table type.
* *
* Original author: Stephen Smalley, <sds@tycho.nsa.gov> * Original author: Stephen Smalley, <stephen.smalley.work@gmail.com>
* Author: Ondrej Mosnacek, <omosnacek@gmail.com> * Author: Ondrej Mosnacek, <omosnacek@gmail.com>
* *
* Copyright (C) 2018 Red Hat, Inc. * Copyright (C) 2018 Red Hat, Inc.
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* A security identifier table (sidtab) is a lookup table * A security identifier table (sidtab) is a lookup table
* of security context structures indexed by SID value. * of security context structures indexed by SID value.
* *
* Original author: Stephen Smalley, <sds@tycho.nsa.gov> * Original author: Stephen Smalley, <stephen.smalley.work@gmail.com>
* Author: Ondrej Mosnacek, <omosnacek@gmail.com> * Author: Ondrej Mosnacek, <omosnacek@gmail.com>
* *
* Copyright (C) 2018 Red Hat, Inc. * Copyright (C) 2018 Red Hat, Inc.
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
/* /*
* Implementation of the symbol table type. * Implementation of the symbol table type.
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#include <linux/kernel.h> #include <linux/kernel.h>
#include <linux/string.h> #include <linux/string.h>
...@@ -37,7 +37,7 @@ static const struct hashtab_key_params symtab_key_params = { ...@@ -37,7 +37,7 @@ static const struct hashtab_key_params symtab_key_params = {
.cmp = symcmp, .cmp = symcmp,
}; };
int symtab_init(struct symtab *s, unsigned int size) int symtab_init(struct symtab *s, u32 size)
{ {
s->nprim = 0; s->nprim = 0;
return hashtab_init(&s->table, size); return hashtab_init(&s->table, size);
......
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
* is arbitrary. The symbol table type is implemented * is arbitrary. The symbol table type is implemented
* using the hash table type (hashtab). * using the hash table type (hashtab).
* *
* Author : Stephen Smalley, <sds@tycho.nsa.gov> * Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
*/ */
#ifndef _SS_SYMTAB_H_ #ifndef _SS_SYMTAB_H_
#define _SS_SYMTAB_H_ #define _SS_SYMTAB_H_
...@@ -17,7 +17,7 @@ struct symtab { ...@@ -17,7 +17,7 @@ struct symtab {
u32 nprim; /* number of primary names in table */ u32 nprim; /* number of primary names in table */
}; };
int symtab_init(struct symtab *s, unsigned int size); int symtab_init(struct symtab *s, u32 size);
int symtab_insert(struct symtab *s, char *name, void *datum); int symtab_insert(struct symtab *s, char *name, void *datum);
void *symtab_search(struct symtab *s, const char *name); void *symtab_search(struct symtab *s, const char *name);
......
...@@ -76,7 +76,7 @@ struct page *selinux_kernel_status_page(void) ...@@ -76,7 +76,7 @@ struct page *selinux_kernel_status_page(void)
* *
* It updates status of the current enforcing/permissive mode. * It updates status of the current enforcing/permissive mode.
*/ */
void selinux_status_update_setenforce(int enforcing) void selinux_status_update_setenforce(bool enforcing)
{ {
struct selinux_kernel_status *status; struct selinux_kernel_status *status;
...@@ -87,7 +87,7 @@ void selinux_status_update_setenforce(int enforcing) ...@@ -87,7 +87,7 @@ void selinux_status_update_setenforce(int enforcing)
status->sequence++; status->sequence++;
smp_wmb(); smp_wmb();
status->enforcing = enforcing; status->enforcing = enforcing ? 1 : 0;
smp_wmb(); smp_wmb();
status->sequence++; status->sequence++;
...@@ -101,7 +101,7 @@ void selinux_status_update_setenforce(int enforcing) ...@@ -101,7 +101,7 @@ void selinux_status_update_setenforce(int enforcing)
* It updates status of the times of policy reloaded, and current * It updates status of the times of policy reloaded, and current
* setting of deny_unknown. * setting of deny_unknown.
*/ */
void selinux_status_update_policyload(int seqno) void selinux_status_update_policyload(u32 seqno)
{ {
struct selinux_kernel_status *status; struct selinux_kernel_status *status;
......
// SPDX-License-Identifier: GPL-2.0-only // SPDX-License-Identifier: GPL-2.0-only
/* /*
* NSA Security-Enhanced Linux (SELinux) security module * Security-Enhanced Linux (SELinux) security module
* *
* This file contains the SELinux XFRM hook function implementations. * This file contains the SELinux XFRM hook function implementations.
* *
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment