tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
selinux: wrap global selinux state
Define a selinux state structure (struct selinux_state) for
global SELinux state and pass it explicitly to all security server
functions. The public portion of the structure contains state
that is used throughout the SELinux code, such as the enforcing mode.
The structure also contains a pointer to a selinux_ss structure whose
definition is private to the security server and contains security
server specific state such as the policy database and SID table.
This change should have no effect on SELinux behavior or APIs
(userspace or LSM). It merely wraps SELinux state and passes it
explicitly as needed.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: minor fixups needed due to collisions with the SCTP patches]
Signed-off-by: Paul Moore <paul@paul-moore.com>
authored by
Stephen Smalley
and committed by
Paul Moore
aa8e712c
2572f5b4
+1157
-799
+10
-6
security/selinux/avc.c
+10
-6
security/selinux/avc.c
···
149
149
char *scontext;
150
150
u32 scontext_len;
151
151
152
-
rc = security_sid_to_context(ssid, &scontext, &scontext_len);
152
+
rc = security_sid_to_context(&selinux_state, ssid,
153
+
&scontext, &scontext_len);
153
154
if (rc)
154
155
audit_log_format(ab, "ssid=%d", ssid);
155
156
else {
···
158
157
kfree(scontext);
159
158
}
160
159
161
-
rc = security_sid_to_context(tsid, &scontext, &scontext_len);
160
+
rc = security_sid_to_context(&selinux_state, tsid,
161
+
&scontext, &scontext_len);
162
162
if (rc)
163
163
audit_log_format(ab, " tsid=%d", tsid);
164
164
else {
···
971
969
{
972
970
rcu_read_unlock();
973
971
INIT_LIST_HEAD(&xp_node->xpd_head);
974
-
security_compute_av(ssid, tsid, tclass, avd, &xp_node->xp);
972
+
security_compute_av(&selinux_state, ssid, tsid, tclass,
973
+
avd, &xp_node->xp);
975
974
rcu_read_lock();
976
975
return avc_insert(ssid, tsid, tclass, avd, xp_node);
977
976
}
···
985
982
if (flags & AVC_STRICT)
986
983
return -EACCES;
987
984
988
-
if (selinux_enforcing && !(avd->flags & AVD_FLAGS_PERMISSIVE))
985
+
if (is_enforcing(&selinux_state) &&
986
+
!(avd->flags & AVD_FLAGS_PERMISSIVE))
989
987
return -EACCES;
990
988
991
989
avc_update_node(AVC_CALLBACK_GRANT, requested, driver, xperm, ssid,
···
1047
1043
goto decision;
1048
1044
}
1049
1045
rcu_read_unlock();
1050
-
security_compute_xperms_decision(ssid, tsid, tclass, driver,
1051
-
&local_xpd);
1046
+
security_compute_xperms_decision(&selinux_state, ssid, tsid,
1047
+
tclass, driver, &local_xpd);
1052
1048
rcu_read_lock();
1053
1049
avc_update_node(AVC_CALLBACK_ADD_XPERMS, requested, driver, xperm,
1054
1050
ssid, tsid, tclass, avd.seqno, &local_xpd, 0);
+140
-74
security/selinux/hooks.c
+140
-74
security/selinux/hooks.c
···
100
100
#include "audit.h"
101
101
#include "avc_ss.h"
102
102
103
+
struct selinux_state selinux_state;
104
+
103
105
/* SECMARK reference count */
104
106
static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0);
105
107
106
108
#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
107
-
int selinux_enforcing;
109
+
static int selinux_enforcing_boot;
108
110
109
111
static int __init enforcing_setup(char *str)
110
112
{
111
113
unsigned long enforcing;
112
114
if (!kstrtoul(str, 0, &enforcing))
113
-
selinux_enforcing = enforcing ? 1 : 0;
115
+
selinux_enforcing_boot = enforcing ? 1 : 0;
114
116
return 1;
115
117
}
116
118
__setup("enforcing=", enforcing_setup);
119
+
#else
120
+
#define selinux_enforcing_boot 1
117
121
#endif
118
122
119
123
#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM
···
135
131
int selinux_enabled = 1;
136
132
#endif
137
133
134
+
static unsigned int selinux_checkreqprot_boot =
135
+
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE;
136
+
137
+
static int __init checkreqprot_setup(char *str)
138
+
{
139
+
unsigned long checkreqprot;
140
+
141
+
if (!kstrtoul(str, 0, &checkreqprot))
142
+
selinux_checkreqprot_boot = checkreqprot ? 1 : 0;
143
+
return 1;
144
+
}
145
+
__setup("checkreqprot=", checkreqprot_setup);
146
+
138
147
static struct kmem_cache *sel_inode_cache;
139
148
static struct kmem_cache *file_security_cache;
140
149
···
164
147
*/
165
148
static int selinux_secmark_enabled(void)
166
149
{
167
-
return (selinux_policycap_alwaysnetwork || atomic_read(&selinux_secmark_refcount));
150
+
return (selinux_policycap_alwaysnetwork() ||
151
+
atomic_read(&selinux_secmark_refcount));
168
152
}
169
153
170
154
/**
···
180
162
*/
181
163
static int selinux_peerlbl_enabled(void)
182
164
{
183
-
return (selinux_policycap_alwaysnetwork || netlbl_enabled() || selinux_xfrm_enabled());
165
+
return (selinux_policycap_alwaysnetwork() ||
166
+
netlbl_enabled() || selinux_xfrm_enabled());
184
167
}
185
168
186
169
static int selinux_netcache_avc_callback(u32 event)
···
285
266
286
267
might_sleep_if(may_sleep);
287
268
288
-
if (ss_initialized && isec->initialized != LABEL_INITIALIZED) {
269
+
if (selinux_state.initialized &&
270
+
isec->initialized != LABEL_INITIALIZED) {
289
271
if (!may_sleep)
290
272
return -ECHILD;
291
273
···
508
488
!strcmp(sb->s_type->name, "debugfs") ||
509
489
!strcmp(sb->s_type->name, "tracefs") ||
510
490
!strcmp(sb->s_type->name, "rootfs") ||
511
-
(selinux_policycap_cgroupseclabel &&
491
+
(selinux_policycap_cgroupseclabel() &&
512
492
(!strcmp(sb->s_type->name, "cgroup") ||
513
493
!strcmp(sb->s_type->name, "cgroup2")));
514
494
}
···
608
588
if (!(sbsec->flags & SE_SBINITIALIZED))
609
589
return -EINVAL;
610
590
611
-
if (!ss_initialized)
591
+
if (!selinux_state.initialized)
612
592
return -EINVAL;
613
593
614
594
/* make sure we always check enough bits to cover the mask */
···
639
619
640
620
i = 0;
641
621
if (sbsec->flags & FSCONTEXT_MNT) {
642
-
rc = security_sid_to_context(sbsec->sid, &context, &len);
622
+
rc = security_sid_to_context(&selinux_state, sbsec->sid,
623
+
&context, &len);
643
624
if (rc)
644
625
goto out_free;
645
626
opts->mnt_opts[i] = context;
646
627
opts->mnt_opts_flags[i++] = FSCONTEXT_MNT;
647
628
}
648
629
if (sbsec->flags & CONTEXT_MNT) {
649
-
rc = security_sid_to_context(sbsec->mntpoint_sid, &context, &len);
630
+
rc = security_sid_to_context(&selinux_state,
631
+
sbsec->mntpoint_sid,
632
+
&context, &len);
650
633
if (rc)
651
634
goto out_free;
652
635
opts->mnt_opts[i] = context;
653
636
opts->mnt_opts_flags[i++] = CONTEXT_MNT;
654
637
}
655
638
if (sbsec->flags & DEFCONTEXT_MNT) {
656
-
rc = security_sid_to_context(sbsec->def_sid, &context, &len);
639
+
rc = security_sid_to_context(&selinux_state, sbsec->def_sid,
640
+
&context, &len);
657
641
if (rc)
658
642
goto out_free;
659
643
opts->mnt_opts[i] = context;
···
667
643
struct dentry *root = sbsec->sb->s_root;
668
644
struct inode_security_struct *isec = backing_inode_security(root);
669
645
670
-
rc = security_sid_to_context(isec->sid, &context, &len);
646
+
rc = security_sid_to_context(&selinux_state, isec->sid,
647
+
&context, &len);
671
648
if (rc)
672
649
goto out_free;
673
650
opts->mnt_opts[i] = context;
···
731
706
732
707
mutex_lock(&sbsec->lock);
733
708
734
-
if (!ss_initialized) {
709
+
if (!selinux_state.initialized) {
735
710
if (!num_opts) {
736
711
/* Defer initialization until selinux_complete_init,
737
712
after the initial policy is loaded and the security
···
777
752
778
753
if (flags[i] == SBLABEL_MNT)
779
754
continue;
780
-
rc = security_context_str_to_sid(mount_options[i], &sid, GFP_KERNEL);
755
+
rc = security_context_str_to_sid(&selinux_state,
756
+
mount_options[i], &sid,
757
+
GFP_KERNEL);
781
758
if (rc) {
782
759
printk(KERN_WARNING "SELinux: security_context_str_to_sid"
783
760
"(%s) failed for (dev %s, type %s) errno=%d\n",
···
855
828
* Determine the labeling behavior to use for this
856
829
* filesystem type.
857
830
*/
858
-
rc = security_fs_use(sb);
831
+
rc = security_fs_use(&selinux_state, sb);
859
832
if (rc) {
860
833
printk(KERN_WARNING
861
834
"%s: security_fs_use(%s) returned %d\n",
···
880
853
}
881
854
if (sbsec->behavior == SECURITY_FS_USE_XATTR) {
882
855
sbsec->behavior = SECURITY_FS_USE_MNTPOINT;
883
-
rc = security_transition_sid(current_sid(), current_sid(),
856
+
rc = security_transition_sid(&selinux_state,
857
+
current_sid(),
858
+
current_sid(),
884
859
SECCLASS_FILE, NULL,
885
860
&sbsec->mntpoint_sid);
886
861
if (rc)
···
1018
989
* if the parent was able to be mounted it clearly had no special lsm
1019
990
* mount options. thus we can safely deal with this superblock later
1020
991
*/
1021
-
if (!ss_initialized)
992
+
if (!selinux_state.initialized)
1022
993
return 0;
1023
994
1024
995
/*
···
1045
1016
1046
1017
if (newsbsec->behavior == SECURITY_FS_USE_NATIVE &&
1047
1018
!(kern_flags & SECURITY_LSM_NATIVE_LABELS) && !set_context) {
1048
-
rc = security_fs_use(newsb);
1019
+
rc = security_fs_use(&selinux_state, newsb);
1049
1020
if (rc)
1050
1021
goto out;
1051
1022
}
···
1328
1299
1329
1300
static inline u16 socket_type_to_security_class(int family, int type, int protocol)
1330
1301
{
1331
-
int extsockclass = selinux_policycap_extsockclass;
1302
+
int extsockclass = selinux_policycap_extsockclass();
1332
1303
1333
1304
switch (family) {
1334
1305
case PF_UNIX:
···
1502
1473
path++;
1503
1474
}
1504
1475
}
1505
-
rc = security_genfs_sid(sb->s_type->name, path, tclass, sid);
1476
+
rc = security_genfs_sid(&selinux_state, sb->s_type->name,
1477
+
path, tclass, sid);
1506
1478
}
1507
1479
free_page((unsigned long)buffer);
1508
1480
return rc;
···
1621
1591
sid = sbsec->def_sid;
1622
1592
rc = 0;
1623
1593
} else {
1624
-
rc = security_context_to_sid_default(context, rc, &sid,
1594
+
rc = security_context_to_sid_default(&selinux_state,
1595
+
context, rc, &sid,
1625
1596
sbsec->def_sid,
1626
1597
GFP_NOFS);
1627
1598
if (rc) {
···
1655
1624
sid = sbsec->sid;
1656
1625
1657
1626
/* Try to obtain a transition SID. */
1658
-
rc = security_transition_sid(task_sid, sid, sclass, NULL, &sid);
1627
+
rc = security_transition_sid(&selinux_state, task_sid, sid,
1628
+
sclass, NULL, &sid);
1659
1629
if (rc)
1660
1630
goto out;
1661
1631
break;
···
1917
1885
*_new_isid = tsec->create_sid;
1918
1886
} else {
1919
1887
const struct inode_security_struct *dsec = inode_security(dir);
1920
-
return security_transition_sid(tsec->sid, dsec->sid, tclass,
1888
+
return security_transition_sid(&selinux_state, tsec->sid,
1889
+
dsec->sid, tclass,
1921
1890
name, _new_isid);
1922
1891
}
1923
1892
···
2141
2108
u32 av = file_to_av(file);
2142
2109
struct inode *inode = file_inode(file);
2143
2110
2144
-
if (selinux_policycap_openperm && inode->i_sb->s_magic != SOCKFS_MAGIC)
2111
+
if (selinux_policycap_openperm() &&
2112
+
inode->i_sb->s_magic != SOCKFS_MAGIC)
2145
2113
av |= FILE__OPEN;
2146
2114
2147
2115
return av;
···
2387
2353
* policy allows the corresponding permission between
2388
2354
* the old and new contexts.
2389
2355
*/
2390
-
if (selinux_policycap_nnp_nosuid_transition) {
2356
+
if (selinux_policycap_nnp_nosuid_transition()) {
2391
2357
av = 0;
2392
2358
if (nnp)
2393
2359
av |= PROCESS2__NNP_TRANSITION;
···
2404
2370
* i.e. SIDs that are guaranteed to only be allowed a subset
2405
2371
* of the permissions of the current SID.
2406
2372
*/
2407
-
rc = security_bounded_transition(old_tsec->sid, new_tsec->sid);
2373
+
rc = security_bounded_transition(&selinux_state, old_tsec->sid,
2374
+
new_tsec->sid);
2408
2375
if (!rc)
2409
2376
return 0;
2410
2377
···
2457
2422
return rc;
2458
2423
} else {
2459
2424
/* Check for a default transition on this program. */
2460
-
rc = security_transition_sid(old_tsec->sid, isec->sid,
2461
-
SECCLASS_PROCESS, NULL,
2425
+
rc = security_transition_sid(&selinux_state, old_tsec->sid,
2426
+
isec->sid, SECCLASS_PROCESS, NULL,
2462
2427
&new_tsec->sid);
2463
2428
if (rc)
2464
2429
return rc;
···
2816
2781
2817
2782
if (flags[i] == SBLABEL_MNT)
2818
2783
continue;
2819
-
rc = security_context_str_to_sid(mount_options[i], &sid, GFP_KERNEL);
2784
+
rc = security_context_str_to_sid(&selinux_state,
2785
+
mount_options[i], &sid,
2786
+
GFP_KERNEL);
2820
2787
if (rc) {
2821
2788
printk(KERN_WARNING "SELinux: security_context_str_to_sid"
2822
2789
"(%s) failed for (dev %s, type %s) errno=%d\n",
···
2943
2906
if (rc)
2944
2907
return rc;
2945
2908
2946
-
return security_sid_to_context(newsid, (char **)ctx, ctxlen);
2909
+
return security_sid_to_context(&selinux_state, newsid, (char **)ctx,
2910
+
ctxlen);
2947
2911
}
2948
2912
2949
2913
static int selinux_dentry_create_files_as(struct dentry *dentry, int mode,
···
2998
2960
isec->initialized = LABEL_INITIALIZED;
2999
2961
}
3000
2962
3001
-
if (!ss_initialized || !(sbsec->flags & SBLABEL_MNT))
2963
+
if (!selinux_state.initialized || !(sbsec->flags & SBLABEL_MNT))
3002
2964
return -EOPNOTSUPP;
3003
2965
3004
2966
if (name)
3005
2967
*name = XATTR_SELINUX_SUFFIX;
3006
2968
3007
2969
if (value && len) {
3008
-
rc = security_sid_to_context_force(newsid, &context, &clen);
2970
+
rc = security_sid_to_context_force(&selinux_state, newsid,
2971
+
&context, &clen);
3009
2972
if (rc)
3010
2973
return rc;
3011
2974
*value = context;
···
3167
3128
ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_TIMES_SET))
3168
3129
return dentry_has_perm(cred, dentry, FILE__SETATTR);
3169
3130
3170
-
if (selinux_policycap_openperm &&
3131
+
if (selinux_policycap_openperm() &&
3171
3132
inode->i_sb->s_magic != SOCKFS_MAGIC &&
3172
3133
(ia_valid & ATTR_SIZE) &&
3173
3134
!(ia_valid & ATTR_FILE))
···
3229
3190
if (rc)
3230
3191
return rc;
3231
3192
3232
-
rc = security_context_to_sid(value, size, &newsid, GFP_KERNEL);
3193
+
rc = security_context_to_sid(&selinux_state, value, size, &newsid,
3194
+
GFP_KERNEL);
3233
3195
if (rc == -EINVAL) {
3234
3196
if (!has_cap_mac_admin(true)) {
3235
3197
struct audit_buffer *ab;
···
3255
3215
3256
3216
return rc;
3257
3217
}
3258
-
rc = security_context_to_sid_force(value, size, &newsid);
3218
+
rc = security_context_to_sid_force(&selinux_state, value,
3219
+
size, &newsid);
3259
3220
}
3260
3221
if (rc)
3261
3222
return rc;
···
3266
3225
if (rc)
3267
3226
return rc;
3268
3227
3269
-
rc = security_validate_transition(isec->sid, newsid, sid,
3270
-
isec->sclass);
3228
+
rc = security_validate_transition(&selinux_state, isec->sid, newsid,
3229
+
sid, isec->sclass);
3271
3230
if (rc)
3272
3231
return rc;
3273
3232
···
3292
3251
return;
3293
3252
}
3294
3253
3295
-
rc = security_context_to_sid_force(value, size, &newsid);
3254
+
rc = security_context_to_sid_force(&selinux_state, value, size,
3255
+
&newsid);
3296
3256
if (rc) {
3297
3257
printk(KERN_ERR "SELinux: unable to map context to SID"
3298
3258
"for (%s, %lu), rc=%d\n",
···
3368
3326
*/
3369
3327
isec = inode_security(inode);
3370
3328
if (has_cap_mac_admin(false))
3371
-
error = security_sid_to_context_force(isec->sid, &context,
3329
+
error = security_sid_to_context_force(&selinux_state,
3330
+
isec->sid, &context,
3372
3331
&size);
3373
3332
else
3374
-
error = security_sid_to_context(isec->sid, &context, &size);
3333
+
error = security_sid_to_context(&selinux_state, isec->sid,
3334
+
&context, &size);
3375
3335
if (error)
3376
3336
return error;
3377
3337
error = size;
···
3399
3355
if (!value || !size)
3400
3356
return -EACCES;
3401
3357
3402
-
rc = security_context_to_sid(value, size, &newsid, GFP_KERNEL);
3358
+
rc = security_context_to_sid(&selinux_state, value, size, &newsid,
3359
+
GFP_KERNEL);
3403
3360
if (rc)
3404
3361
return rc;
3405
3362
···
3662
3617
return rc;
3663
3618
}
3664
3619
3665
-
if (selinux_checkreqprot)
3620
+
if (selinux_state.checkreqprot)
3666
3621
prot = reqprot;
3667
3622
3668
3623
return file_map_prot_check(file, prot,
···
3676
3631
const struct cred *cred = current_cred();
3677
3632
u32 sid = cred_sid(cred);
3678
3633
3679
-
if (selinux_checkreqprot)
3634
+
if (selinux_state.checkreqprot)
3680
3635
prot = reqprot;
3681
3636
3682
3637
if (default_noexec &&
···
4364
4319
if (unlikely(err))
4365
4320
return -EACCES;
4366
4321
4367
-
err = security_net_peersid_resolve(nlbl_sid, nlbl_type, xfrm_sid, sid);
4322
+
err = security_net_peersid_resolve(&selinux_state, nlbl_sid,
4323
+
nlbl_type, xfrm_sid, sid);
4368
4324
if (unlikely(err)) {
4369
4325
printk(KERN_WARNING
4370
4326
"SELinux: failure in selinux_skb_peerlbl_sid(),"
···
4393
4347
int err = 0;
4394
4348
4395
4349
if (skb_sid != SECSID_NULL)
4396
-
err = security_sid_mls_copy(sk_sid, skb_sid, conn_sid);
4350
+
err = security_sid_mls_copy(&selinux_state, sk_sid, skb_sid,
4351
+
conn_sid);
4397
4352
else
4398
4353
*conn_sid = sk_sid;
4399
4354
···
4411
4364
return 0;
4412
4365
}
4413
4366
4414
-
return security_transition_sid(tsec->sid, tsec->sid, secclass, NULL,
4415
-
socksid);
4367
+
return security_transition_sid(&selinux_state, tsec->sid, tsec->sid,
4368
+
secclass, NULL, socksid);
4416
4369
}
4417
4370
4418
4371
static int sock_has_perm(struct sock *sk, u32 perms)
···
4788
4741
4789
4742
/* server child socket */
4790
4743
sksec_new->peer_sid = sksec_sock->sid;
4791
-
err = security_sid_mls_copy(sksec_other->sid, sksec_sock->sid,
4792
-
&sksec_new->sid);
4744
+
err = security_sid_mls_copy(&selinux_state, sksec_other->sid,
4745
+
sksec_sock->sid, &sksec_new->sid);
4793
4746
if (err)
4794
4747
return err;
4795
4748
···
4894
4847
* to the selinux_sock_rcv_skb_compat() function to deal with the
4895
4848
* special handling. We do this in an attempt to keep this function
4896
4849
* as fast and as clean as possible. */
4897
-
if (!selinux_policycap_netpeer)
4850
+
if (!selinux_policycap_netpeer())
4898
4851
return selinux_sock_rcv_skb_compat(sk, skb, family);
4899
4852
4900
4853
secmark_active = selinux_secmark_enabled();
···
4956
4909
if (peer_sid == SECSID_NULL)
4957
4910
return -ENOPROTOOPT;
4958
4911
4959
-
err = security_sid_to_context(peer_sid, &scontext, &scontext_len);
4912
+
err = security_sid_to_context(&selinux_state, peer_sid, &scontext,
4913
+
&scontext_len);
4960
4914
if (err)
4961
4915
return err;
4962
4916
···
5080
5032
u32 conn_sid;
5081
5033
int err = 0;
5082
5034
5083
-
if (!selinux_policycap_extsockclass)
5035
+
if (!selinux_policycap_extsockclass())
5084
5036
return 0;
5085
5037
5086
5038
peerlbl_active = selinux_peerlbl_enabled();
···
5149
5101
struct sockaddr *addr;
5150
5102
struct socket *sock;
5151
5103
5152
-
if (!selinux_policycap_extsockclass)
5104
+
if (!selinux_policycap_extsockclass())
5153
5105
return 0;
5154
5106
5155
5107
/* Process one or more addresses that may be IPv4 or IPv6 */
···
5221
5173
/* If policy does not support SECCLASS_SCTP_SOCKET then call
5222
5174
* the non-sctp clone version.
5223
5175
*/
5224
-
if (!selinux_policycap_extsockclass)
5176
+
if (!selinux_policycap_extsockclass())
5225
5177
return selinux_sk_clone_security(sk, newsk);
5226
5178
5227
5179
newsksec->sid = ep->secid;
···
5407
5359
sk->sk_protocol, nlh->nlmsg_type,
5408
5360
secclass_map[sksec->sclass - 1].name,
5409
5361
task_pid_nr(current), current->comm);
5410
-
if (!selinux_enforcing || security_get_allow_unknown())
5362
+
if (!is_enforcing(&selinux_state) ||
5363
+
security_get_allow_unknown(&selinux_state))
5411
5364
err = 0;
5412
5365
}
5413
5366
···
5438
5389
u8 netlbl_active;
5439
5390
u8 peerlbl_active;
5440
5391
5441
-
if (!selinux_policycap_netpeer)
5392
+
if (!selinux_policycap_netpeer())
5442
5393
return NF_ACCEPT;
5443
5394
5444
5395
secmark_active = selinux_secmark_enabled();
···
5607
5558
* to the selinux_ip_postroute_compat() function to deal with the
5608
5559
* special handling. We do this in an attempt to keep this function
5609
5560
* as fast and as clean as possible. */
5610
-
if (!selinux_policycap_netpeer)
5561
+
if (!selinux_policycap_netpeer())
5611
5562
return selinux_ip_postroute_compat(skb, ifindex, family);
5612
5563
5613
5564
secmark_active = selinux_secmark_enabled();
···
5913
5864
* Compute new sid based on current process and
5914
5865
* message queue this message will be stored in
5915
5866
*/
5916
-
rc = security_transition_sid(sid, isec->sid, SECCLASS_MSG,
5917
-
NULL, &msec->sid);
5867
+
rc = security_transition_sid(&selinux_state, sid, isec->sid,
5868
+
SECCLASS_MSG, NULL, &msec->sid);
5918
5869
if (rc)
5919
5870
return rc;
5920
5871
}
···
6223
6174
if (!sid)
6224
6175
return 0;
6225
6176
6226
-
error = security_sid_to_context(sid, value, &len);
6177
+
error = security_sid_to_context(&selinux_state, sid, value, &len);
6227
6178
if (error)
6228
6179
return error;
6229
6180
return len;
···
6270
6221
str[size-1] = 0;
6271
6222
size--;
6272
6223
}
6273
-
error = security_context_to_sid(value, size, &sid, GFP_KERNEL);
6224
+
error = security_context_to_sid(&selinux_state, value, size,
6225
+
&sid, GFP_KERNEL);
6274
6226
if (error == -EINVAL && !strcmp(name, "fscreate")) {
6275
6227
if (!has_cap_mac_admin(true)) {
6276
6228
struct audit_buffer *ab;
···
6290
6240
6291
6241
return error;
6292
6242
}
6293
-
error = security_context_to_sid_force(value, size,
6294
-
&sid);
6243
+
error = security_context_to_sid_force(
6244
+
&selinux_state,
6245
+
value, size, &sid);
6295
6246
}
6296
6247
if (error)
6297
6248
return error;
···
6329
6278
/* Only allow single threaded processes to change context */
6330
6279
error = -EPERM;
6331
6280
if (!current_is_single_threaded()) {
6332
-
error = security_bounded_transition(tsec->sid, sid);
6281
+
error = security_bounded_transition(&selinux_state,
6282
+
tsec->sid, sid);
6333
6283
if (error)
6334
6284
goto abort_change;
6335
6285
}
···
6372
6320
6373
6321
static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
6374
6322
{
6375
-
return security_sid_to_context(secid, secdata, seclen);
6323
+
return security_sid_to_context(&selinux_state, secid,
6324
+
secdata, seclen);
6376
6325
}
6377
6326
6378
6327
static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
6379
6328
{
6380
-
return security_context_to_sid(secdata, seclen, secid, GFP_KERNEL);
6329
+
return security_context_to_sid(&selinux_state, secdata, seclen,
6330
+
secid, GFP_KERNEL);
6381
6331
}
6382
6332
6383
6333
static void selinux_release_secctx(char *secdata, u32 seclen)
···
6481
6427
unsigned len;
6482
6428
int rc;
6483
6429
6484
-
rc = security_sid_to_context(ksec->sid, &context, &len);
6430
+
rc = security_sid_to_context(&selinux_state, ksec->sid,
6431
+
&context, &len);
6485
6432
if (!rc)
6486
6433
rc = len;
6487
6434
*_buffer = context;
···
6521
6466
struct ib_security_struct *sec = ib_sec;
6522
6467
struct lsm_ibendport_audit ibendport;
6523
6468
6524
-
err = security_ib_endport_sid(dev_name, port_num, &sid);
6469
+
err = security_ib_endport_sid(&selinux_state, dev_name, port_num,
6470
+
&sid);
6525
6471
6526
6472
if (err)
6527
6473
return err;
···
6936
6880
6937
6881
printk(KERN_INFO "SELinux: Initializing.\n");
6938
6882
6883
+
memset(&selinux_state, 0, sizeof(selinux_state));
6884
+
set_enforcing(&selinux_state, selinux_enforcing_boot);
6885
+
selinux_state.checkreqprot = selinux_checkreqprot_boot;
6886
+
selinux_ss_init(&selinux_state.ss);
6887
+
6939
6888
/* Set the security state for the initial task. */
6940
6889
cred_init_security();
6941
6890
···
6954
6893
0, SLAB_PANIC, NULL);
6955
6894
avc_init();
6956
6895
6896
+
avtab_cache_init();
6897
+
6898
+
ebitmap_cache_init();
6899
+
6900
+
hashtab_cache_init();
6901
+
6957
6902
security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux");
6958
6903
6959
6904
if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET))
···
6968
6901
if (avc_add_callback(selinux_lsm_notifier_avc_callback, AVC_CALLBACK_RESET))
6969
6902
panic("SELinux: Unable to register AVC LSM notifier callback\n");
6970
6903
6971
-
if (selinux_enforcing)
6904
+
if (selinux_enforcing_boot)
6972
6905
printk(KERN_DEBUG "SELinux: Starting in enforcing mode\n");
6973
6906
else
6974
6907
printk(KERN_DEBUG "SELinux: Starting in permissive mode\n");
···
7089
7022
#endif /* CONFIG_NETFILTER */
7090
7023
7091
7024
#ifdef CONFIG_SECURITY_SELINUX_DISABLE
7092
-
static int selinux_disabled;
7093
-
7094
-
int selinux_disable(void)
7025
+
int selinux_disable(struct selinux_state *state)
7095
7026
{
7096
-
if (ss_initialized) {
7027
+
if (state->initialized) {
7097
7028
/* Not permitted after initial policy load. */
7098
7029
return -EINVAL;
7099
7030
}
7100
7031
7101
-
if (selinux_disabled) {
7032
+
if (state->disabled) {
7102
7033
/* Only do this once. */
7103
7034
return -EINVAL;
7104
7035
}
7105
7036
7037
+
state->disabled = 1;
7038
+
7106
7039
printk(KERN_INFO "SELinux: Disabled at runtime.\n");
7107
7040
7108
-
selinux_disabled = 1;
7109
7041
selinux_enabled = 0;
7110
7042
7111
7043
security_delete_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks));
+2
-1
security/selinux/ibpkey.c
+2
-1
security/selinux/ibpkey.c
-6
security/selinux/include/avc.h
-6
security/selinux/include/avc.h
-6
security/selinux/include/avc_ss.h
-6
security/selinux/include/avc_ss.h
+8
-3
security/selinux/include/conditional.h
+8
-3
security/selinux/include/conditional.h
···
13
13
#ifndef _SELINUX_CONDITIONAL_H_
14
14
#define _SELINUX_CONDITIONAL_H_
15
15
16
-
int security_get_bools(int *len, char ***names, int **values);
16
+
#include "security.h"
17
17
18
-
int security_set_bools(int len, int *values);
18
+
int security_get_bools(struct selinux_state *state,
19
+
int *len, char ***names, int **values);
19
20
20
-
int security_get_bool_value(int index);
21
+
int security_set_bools(struct selinux_state *state,
22
+
int len, int *values);
23
+
24
+
int security_get_bool_value(struct selinux_state *state,
25
+
int index);
21
26
22
27
#endif
-2
security/selinux/include/objsec.h
-2
security/selinux/include/objsec.h
+169
-59
security/selinux/include/security.h
+169
-59
security/selinux/include/security.h
···
13
13
#include <linux/dcache.h>
14
14
#include <linux/magic.h>
15
15
#include <linux/types.h>
16
+
#include <linux/refcount.h>
17
+
#include <linux/workqueue.h>
16
18
#include "flask.h"
17
19
18
20
#define SECSID_NULL 0x00000000 /* unspecified SID */
···
83
81
84
82
extern char *selinux_policycap_names[__POLICYDB_CAPABILITY_MAX];
85
83
86
-
extern int selinux_policycap_netpeer;
87
-
extern int selinux_policycap_openperm;
88
-
extern int selinux_policycap_extsockclass;
89
-
extern int selinux_policycap_alwaysnetwork;
90
-
extern int selinux_policycap_cgroupseclabel;
91
-
extern int selinux_policycap_nnp_nosuid_transition;
92
-
93
84
/*
94
85
* type_datum properties
95
86
* available at the kernel policy version >= POLICYDB_VERSION_BOUNDARY
···
93
98
/* limitation of boundary depth */
94
99
#define POLICYDB_BOUNDS_MAXDEPTH 4
95
100
96
-
int security_mls_enabled(void);
101
+
struct selinux_ss;
97
102
98
-
int security_load_policy(void *data, size_t len);
99
-
int security_read_policy(void **data, size_t *len);
100
-
size_t security_policydb_len(void);
103
+
struct selinux_state {
104
+
bool disabled;
105
+
#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
106
+
bool enforcing;
107
+
#endif
108
+
bool checkreqprot;
109
+
bool initialized;
110
+
bool policycap[__POLICYDB_CAPABILITY_MAX];
111
+
struct selinux_ss *ss;
112
+
};
101
113
102
-
int security_policycap_supported(unsigned int req_cap);
114
+
void selinux_ss_init(struct selinux_ss **ss);
115
+
116
+
extern struct selinux_state selinux_state;
117
+
118
+
#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
119
+
static inline bool is_enforcing(struct selinux_state *state)
120
+
{
121
+
return state->enforcing;
122
+
}
123
+
124
+
static inline void set_enforcing(struct selinux_state *state, bool value)
125
+
{
126
+
state->enforcing = value;
127
+
}
128
+
#else
129
+
static inline bool is_enforcing(struct selinux_state *state)
130
+
{
131
+
return true;
132
+
}
133
+
134
+
static inline void set_enforcing(struct selinux_state *state, bool value)
135
+
{
136
+
}
137
+
#endif
138
+
139
+
static inline bool selinux_policycap_netpeer(void)
140
+
{
141
+
struct selinux_state *state = &selinux_state;
142
+
143
+
return state->policycap[POLICYDB_CAPABILITY_NETPEER];
144
+
}
145
+
146
+
static inline bool selinux_policycap_openperm(void)
147
+
{
148
+
struct selinux_state *state = &selinux_state;
149
+
150
+
return state->policycap[POLICYDB_CAPABILITY_OPENPERM];
151
+
}
152
+
153
+
static inline bool selinux_policycap_extsockclass(void)
154
+
{
155
+
struct selinux_state *state = &selinux_state;
156
+
157
+
return state->policycap[POLICYDB_CAPABILITY_EXTSOCKCLASS];
158
+
}
159
+
160
+
static inline bool selinux_policycap_alwaysnetwork(void)
161
+
{
162
+
struct selinux_state *state = &selinux_state;
163
+
164
+
return state->policycap[POLICYDB_CAPABILITY_ALWAYSNETWORK];
165
+
}
166
+
167
+
static inline bool selinux_policycap_cgroupseclabel(void)
168
+
{
169
+
struct selinux_state *state = &selinux_state;
170
+
171
+
return state->policycap[POLICYDB_CAPABILITY_CGROUPSECLABEL];
172
+
}
173
+
174
+
static inline bool selinux_policycap_nnp_nosuid_transition(void)
175
+
{
176
+
struct selinux_state *state = &selinux_state;
177
+
178
+
return state->policycap[POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION];
179
+
}
180
+
181
+
int security_mls_enabled(struct selinux_state *state);
182
+
int security_load_policy(struct selinux_state *state,
183
+
void *data, size_t len);
184
+
int security_read_policy(struct selinux_state *state,
185
+
void **data, size_t *len);
186
+
size_t security_policydb_len(struct selinux_state *state);
187
+
188
+
int security_policycap_supported(struct selinux_state *state,
189
+
unsigned int req_cap);
103
190
104
191
#define SEL_VEC_MAX 32
105
192
struct av_decision {
···
218
141
/* definitions of av_decision.flags */
219
142
#define AVD_FLAGS_PERMISSIVE 0x0001
220
143
221
-
void security_compute_av(u32 ssid, u32 tsid,
144
+
void security_compute_av(struct selinux_state *state,
145
+
u32 ssid, u32 tsid,
222
146
u16 tclass, struct av_decision *avd,
223
147
struct extended_perms *xperms);
224
148
225
-
void security_compute_xperms_decision(u32 ssid, u32 tsid, u16 tclass,
226
-
u8 driver, struct extended_perms_decision *xpermd);
149
+
void security_compute_xperms_decision(struct selinux_state *state,
150
+
u32 ssid, u32 tsid, u16 tclass,
151
+
u8 driver,
152
+
struct extended_perms_decision *xpermd);
227
153
228
-
void security_compute_av_user(u32 ssid, u32 tsid,
229
-
u16 tclass, struct av_decision *avd);
154
+
void security_compute_av_user(struct selinux_state *state,
155
+
u32 ssid, u32 tsid,
156
+
u16 tclass, struct av_decision *avd);
230
157
231
-
int security_transition_sid(u32 ssid, u32 tsid, u16 tclass,
158
+
int security_transition_sid(struct selinux_state *state,
159
+
u32 ssid, u32 tsid, u16 tclass,
232
160
const struct qstr *qstr, u32 *out_sid);
233
161
234
-
int security_transition_sid_user(u32 ssid, u32 tsid, u16 tclass,
162
+
int security_transition_sid_user(struct selinux_state *state,
163
+
u32 ssid, u32 tsid, u16 tclass,
235
164
const char *objname, u32 *out_sid);
236
165
237
-
int security_member_sid(u32 ssid, u32 tsid,
238
-
u16 tclass, u32 *out_sid);
166
+
int security_member_sid(struct selinux_state *state, u32 ssid, u32 tsid,
167
+
u16 tclass, u32 *out_sid);
239
168
240
-
int security_change_sid(u32 ssid, u32 tsid,
241
-
u16 tclass, u32 *out_sid);
169
+
int security_change_sid(struct selinux_state *state, u32 ssid, u32 tsid,
170
+
u16 tclass, u32 *out_sid);
242
171
243
-
int security_sid_to_context(u32 sid, char **scontext,
244
-
u32 *scontext_len);
172
+
int security_sid_to_context(struct selinux_state *state, u32 sid,
173
+
char **scontext, u32 *scontext_len);
245
174
246
-
int security_sid_to_context_force(u32 sid, char **scontext, u32 *scontext_len);
175
+
int security_sid_to_context_force(struct selinux_state *state,
176
+
u32 sid, char **scontext, u32 *scontext_len);
247
177
248
-
int security_context_to_sid(const char *scontext, u32 scontext_len,
178
+
int security_context_to_sid(struct selinux_state *state,
179
+
const char *scontext, u32 scontext_len,
249
180
u32 *out_sid, gfp_t gfp);
250
181
251
-
int security_context_str_to_sid(const char *scontext, u32 *out_sid, gfp_t gfp);
182
+
int security_context_str_to_sid(struct selinux_state *state,
183
+
const char *scontext, u32 *out_sid, gfp_t gfp);
252
184
253
-
int security_context_to_sid_default(const char *scontext, u32 scontext_len,
185
+
int security_context_to_sid_default(struct selinux_state *state,
186
+
const char *scontext, u32 scontext_len,
254
187
u32 *out_sid, u32 def_sid, gfp_t gfp_flags);
255
188
256
-
int security_context_to_sid_force(const char *scontext, u32 scontext_len,
189
+
int security_context_to_sid_force(struct selinux_state *state,
190
+
const char *scontext, u32 scontext_len,
257
191
u32 *sid);
258
192
259
-
int security_get_user_sids(u32 callsid, char *username,
193
+
int security_get_user_sids(struct selinux_state *state,
194
+
u32 callsid, char *username,
260
195
u32 **sids, u32 *nel);
261
196
262
-
int security_port_sid(u8 protocol, u16 port, u32 *out_sid);
197
+
int security_port_sid(struct selinux_state *state,
198
+
u8 protocol, u16 port, u32 *out_sid);
263
199
264
-
int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid);
200
+
int security_ib_pkey_sid(struct selinux_state *state,
201
+
u64 subnet_prefix, u16 pkey_num, u32 *out_sid);
265
202
266
-
int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid);
203
+
int security_ib_endport_sid(struct selinux_state *state,
204
+
const char *dev_name, u8 port_num, u32 *out_sid);
267
205
268
-
int security_netif_sid(char *name, u32 *if_sid);
206
+
int security_netif_sid(struct selinux_state *state,
207
+
char *name, u32 *if_sid);
269
208
270
-
int security_node_sid(u16 domain, void *addr, u32 addrlen,
271
-
u32 *out_sid);
209
+
int security_node_sid(struct selinux_state *state,
210
+
u16 domain, void *addr, u32 addrlen,
211
+
u32 *out_sid);
272
212
273
-
int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
213
+
int security_validate_transition(struct selinux_state *state,
214
+
u32 oldsid, u32 newsid, u32 tasksid,
274
215
u16 tclass);
275
216
276
-
int security_validate_transition_user(u32 oldsid, u32 newsid, u32 tasksid,
217
+
int security_validate_transition_user(struct selinux_state *state,
218
+
u32 oldsid, u32 newsid, u32 tasksid,
277
219
u16 tclass);
278
220
279
-
int security_bounded_transition(u32 oldsid, u32 newsid);
221
+
int security_bounded_transition(struct selinux_state *state,
222
+
u32 oldsid, u32 newsid);
280
223
281
-
int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid);
224
+
int security_sid_mls_copy(struct selinux_state *state,
225
+
u32 sid, u32 mls_sid, u32 *new_sid);
282
226
283
-
int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type,
227
+
int security_net_peersid_resolve(struct selinux_state *state,
228
+
u32 nlbl_sid, u32 nlbl_type,
284
229
u32 xfrm_sid,
285
230
u32 *peer_sid);
286
231
287
-
int security_get_classes(char ***classes, int *nclasses);
288
-
int security_get_permissions(char *class, char ***perms, int *nperms);
289
-
int security_get_reject_unknown(void);
290
-
int security_get_allow_unknown(void);
232
+
int security_get_classes(struct selinux_state *state,
233
+
char ***classes, int *nclasses);
234
+
int security_get_permissions(struct selinux_state *state,
235
+
char *class, char ***perms, int *nperms);
236
+
int security_get_reject_unknown(struct selinux_state *state);
237
+
int security_get_allow_unknown(struct selinux_state *state);
291
238
292
239
#define SECURITY_FS_USE_XATTR 1 /* use xattr */
293
240
#define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */
···
322
221
#define SECURITY_FS_USE_NATIVE 7 /* use native label support */
323
222
#define SECURITY_FS_USE_MAX 7 /* Highest SECURITY_FS_USE_XXX */
324
223
325
-
int security_fs_use(struct super_block *sb);
224
+
int security_fs_use(struct selinux_state *state, struct super_block *sb);
326
225
327
-
int security_genfs_sid(const char *fstype, char *name, u16 sclass,
328
-
u32 *sid);
226
+
int security_genfs_sid(struct selinux_state *state,
227
+
const char *fstype, char *name, u16 sclass,
228
+
u32 *sid);
329
229
330
230
#ifdef CONFIG_NETLABEL
331
-
int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
231
+
int security_netlbl_secattr_to_sid(struct selinux_state *state,
232
+
struct netlbl_lsm_secattr *secattr,
332
233
u32 *sid);
333
234
334
-
int security_netlbl_sid_to_secattr(u32 sid,
235
+
int security_netlbl_sid_to_secattr(struct selinux_state *state,
236
+
u32 sid,
335
237
struct netlbl_lsm_secattr *secattr);
336
238
#else
337
-
static inline int security_netlbl_secattr_to_sid(
239
+
static inline int security_netlbl_secattr_to_sid(struct selinux_state *state,
338
240
struct netlbl_lsm_secattr *secattr,
339
241
u32 *sid)
340
242
{
341
243
return -EIDRM;
342
244
}
343
245
344
-
static inline int security_netlbl_sid_to_secattr(u32 sid,
345
-
struct netlbl_lsm_secattr *secattr)
246
+
static inline int security_netlbl_sid_to_secattr(struct selinux_state *state,
247
+
u32 sid,
248
+
struct netlbl_lsm_secattr *secattr)
346
249
{
347
250
return -ENOENT;
348
251
}
···
357
252
/*
358
253
* status notifier using mmap interface
359
254
*/
360
-
extern struct page *selinux_kernel_status_page(void);
255
+
extern struct page *selinux_kernel_status_page(struct selinux_state *state);
361
256
362
257
#define SELINUX_KERNEL_STATUS_VERSION 1
363
258
struct selinux_kernel_status {
···
371
266
*/
372
267
} __packed;
373
268
374
-
extern void selinux_status_update_setenforce(int enforcing);
375
-
extern void selinux_status_update_policyload(int seqno);
269
+
extern void selinux_status_update_setenforce(struct selinux_state *state,
270
+
int enforcing);
271
+
extern void selinux_status_update_policyload(struct selinux_state *state,
272
+
int seqno);
376
273
extern void selinux_complete_init(void);
377
-
extern int selinux_disable(void);
274
+
extern int selinux_disable(struct selinux_state *state);
378
275
extern void exit_sel_fs(void);
379
276
extern struct path selinux_null;
380
277
extern struct vfsmount *selinuxfs_mount;
···
384
277
extern void selnl_notify_policyload(u32 seqno);
385
278
extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm);
386
279
387
-
#endif /* _SELINUX_SECURITY_H_ */
280
+
extern void avtab_cache_init(void);
281
+
extern void ebitmap_cache_init(void);
282
+
extern void hashtab_cache_init(void);
388
283
284
+
#endif /* _SELINUX_SECURITY_H_ */
+1
-1
security/selinux/netif.c
+1
-1
security/selinux/netif.c
+9
-5
security/selinux/netlabel.c
+9
-5
security/selinux/netlabel.c
···
59
59
{
60
60
int rc;
61
61
62
-
rc = security_netlbl_secattr_to_sid(secattr, sid);
62
+
rc = security_netlbl_secattr_to_sid(&selinux_state, secattr, sid);
63
63
if (rc == 0 &&
64
64
(secattr->flags & NETLBL_SECATTR_CACHEABLE) &&
65
65
(secattr->flags & NETLBL_SECATTR_CACHE))
···
90
90
secattr = netlbl_secattr_alloc(GFP_ATOMIC);
91
91
if (secattr == NULL)
92
92
return NULL;
93
-
rc = security_netlbl_sid_to_secattr(sksec->sid, secattr);
93
+
rc = security_netlbl_sid_to_secattr(&selinux_state, sksec->sid,
94
+
secattr);
94
95
if (rc != 0) {
95
96
netlbl_secattr_free(secattr);
96
97
return NULL;
···
258
257
if (secattr == NULL) {
259
258
secattr = &secattr_storage;
260
259
netlbl_secattr_init(secattr);
261
-
rc = security_netlbl_sid_to_secattr(sid, secattr);
260
+
rc = security_netlbl_sid_to_secattr(&selinux_state, sid,
261
+
secattr);
262
262
if (rc != 0)
263
263
goto skbuff_setsid_return;
264
264
}
···
299
297
return 0;
300
298
301
299
netlbl_secattr_init(&secattr);
302
-
rc = security_netlbl_sid_to_secattr(ep->secid, &secattr);
300
+
rc = security_netlbl_sid_to_secattr(&selinux_state,
301
+
ep->secid, &secattr);
303
302
if (rc != 0)
304
303
goto assoc_request_return;
305
304
···
348
345
return 0;
349
346
350
347
netlbl_secattr_init(&secattr);
351
-
rc = security_netlbl_sid_to_secattr(req->secid, &secattr);
348
+
rc = security_netlbl_sid_to_secattr(&selinux_state, req->secid,
349
+
&secattr);
352
350
if (rc != 0)
353
351
goto inet_conn_request_return;
354
352
rc = netlbl_req_setattr(req, &secattr);
+2
-2
security/selinux/netnode.c
+2
-2
security/selinux/netnode.c
···
215
215
goto out;
216
216
switch (family) {
217
217
case PF_INET:
218
-
ret = security_node_sid(PF_INET,
218
+
ret = security_node_sid(&selinux_state, PF_INET,
219
219
addr, sizeof(struct in_addr), sid);
220
220
new->nsec.addr.ipv4 = *(__be32 *)addr;
221
221
break;
222
222
case PF_INET6:
223
-
ret = security_node_sid(PF_INET6,
223
+
ret = security_node_sid(&selinux_state, PF_INET6,
224
224
addr, sizeof(struct in6_addr), sid);
225
225
new->nsec.addr.ipv6 = *(struct in6_addr *)addr;
226
226
break;
+1
-1
security/selinux/netport.c
+1
-1
security/selinux/netport.c
+82
-63
security/selinux/selinuxfs.c
+82
-63
security/selinux/selinuxfs.c
···
41
41
#include "objsec.h"
42
42
#include "conditional.h"
43
43
44
-
unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE;
45
-
46
-
static int __init checkreqprot_setup(char *str)
47
-
{
48
-
unsigned long checkreqprot;
49
-
if (!kstrtoul(str, 0, &checkreqprot))
50
-
selinux_checkreqprot = checkreqprot ? 1 : 0;
51
-
return 1;
52
-
}
53
-
__setup("checkreqprot=", checkreqprot_setup);
54
-
55
44
static DEFINE_MUTEX(sel_mutex);
56
45
57
46
/* global data for booleans */
···
97
108
char tmpbuf[TMPBUFLEN];
98
109
ssize_t length;
99
110
100
-
length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_enforcing);
111
+
length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
112
+
is_enforcing(&selinux_state));
101
113
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
102
114
}
103
115
···
109
119
{
110
120
char *page = NULL;
111
121
ssize_t length;
112
-
int new_value;
122
+
int old_value, new_value;
113
123
114
124
if (count >= PAGE_SIZE)
115
125
return -ENOMEM;
···
128
138
129
139
new_value = !!new_value;
130
140
131
-
if (new_value != selinux_enforcing) {
141
+
old_value = is_enforcing(&selinux_state);
142
+
143
+
if (new_value != old_value) {
132
144
length = avc_has_perm(current_sid(), SECINITSID_SECURITY,
133
145
SECCLASS_SECURITY, SECURITY__SETENFORCE,
134
146
NULL);
···
138
146
goto out;
139
147
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
140
148
"enforcing=%d old_enforcing=%d auid=%u ses=%u",
141
-
new_value, selinux_enforcing,
149
+
new_value, old_value,
142
150
from_kuid(&init_user_ns, audit_get_loginuid(current)),
143
151
audit_get_sessionid(current));
144
-
selinux_enforcing = new_value;
145
-
if (selinux_enforcing)
152
+
set_enforcing(&selinux_state, new_value);
153
+
if (new_value)
146
154
avc_ss_reset(0);
147
-
selnl_notify_setenforce(selinux_enforcing);
148
-
selinux_status_update_setenforce(selinux_enforcing);
149
-
if (!selinux_enforcing)
155
+
selnl_notify_setenforce(new_value);
156
+
selinux_status_update_setenforce(&selinux_state,
157
+
new_value);
158
+
if (!new_value)
150
159
call_lsm_notifier(LSM_POLICY_CHANGE, NULL);
151
160
}
152
161
length = count;
···
172
179
ssize_t length;
173
180
ino_t ino = file_inode(filp)->i_ino;
174
181
int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ?
175
-
security_get_reject_unknown() : !security_get_allow_unknown();
182
+
security_get_reject_unknown(&selinux_state) :
183
+
!security_get_allow_unknown(&selinux_state);
176
184
177
185
length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown);
178
186
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
···
186
192
187
193
static int sel_open_handle_status(struct inode *inode, struct file *filp)
188
194
{
189
-
struct page *status = selinux_kernel_status_page();
195
+
struct page *status = selinux_kernel_status_page(&selinux_state);
190
196
191
197
if (!status)
192
198
return -ENOMEM;
···
262
268
goto out;
263
269
264
270
if (new_value) {
265
-
length = selinux_disable();
271
+
length = selinux_disable(&selinux_state);
266
272
if (length)
267
273
goto out;
268
274
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
···
316
322
ssize_t length;
317
323
318
324
length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
319
-
security_mls_enabled());
325
+
security_mls_enabled(&selinux_state));
320
326
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
321
327
}
322
328
···
353
359
if (!plm)
354
360
goto err;
355
361
356
-
if (i_size_read(inode) != security_policydb_len()) {
362
+
if (i_size_read(inode) != security_policydb_len(&selinux_state)) {
357
363
inode_lock(inode);
358
-
i_size_write(inode, security_policydb_len());
364
+
i_size_write(inode, security_policydb_len(&selinux_state));
359
365
inode_unlock(inode);
360
366
}
361
367
362
-
rc = security_read_policy(&plm->data, &plm->len);
368
+
rc = security_read_policy(&selinux_state, &plm->data, &plm->len);
363
369
if (rc)
364
370
goto err;
365
371
···
494
500
if (copy_from_user(data, buf, count) != 0)
495
501
goto out;
496
502
497
-
length = security_load_policy(data, count);
503
+
length = security_load_policy(&selinux_state, data, count);
498
504
if (length) {
499
505
pr_warn_ratelimited("SELinux: failed to load policy\n");
500
506
goto out;
···
547
553
if (length)
548
554
goto out;
549
555
550
-
length = security_context_to_sid(buf, size, &sid, GFP_KERNEL);
556
+
length = security_context_to_sid(&selinux_state, buf, size,
557
+
&sid, GFP_KERNEL);
551
558
if (length)
552
559
goto out;
553
560
554
-
length = security_sid_to_context(sid, &canon, &len);
561
+
length = security_sid_to_context(&selinux_state, sid, &canon, &len);
555
562
if (length)
556
563
goto out;
557
564
···
576
581
char tmpbuf[TMPBUFLEN];
577
582
ssize_t length;
578
583
579
-
length = scnprintf(tmpbuf, TMPBUFLEN, "%u", selinux_checkreqprot);
584
+
length = scnprintf(tmpbuf, TMPBUFLEN, "%u", selinux_state.checkreqprot);
580
585
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
581
586
}
582
587
···
608
613
if (sscanf(page, "%u", &new_value) != 1)
609
614
goto out;
610
615
611
-
selinux_checkreqprot = new_value ? 1 : 0;
616
+
selinux_state.checkreqprot = new_value ? 1 : 0;
612
617
length = count;
613
618
out:
614
619
kfree(page);
···
668
673
if (sscanf(req, "%s %s %hu %s", oldcon, newcon, &tclass, taskcon) != 4)
669
674
goto out;
670
675
671
-
rc = security_context_str_to_sid(oldcon, &osid, GFP_KERNEL);
676
+
rc = security_context_str_to_sid(&selinux_state, oldcon, &osid,
677
+
GFP_KERNEL);
672
678
if (rc)
673
679
goto out;
674
680
675
-
rc = security_context_str_to_sid(newcon, &nsid, GFP_KERNEL);
681
+
rc = security_context_str_to_sid(&selinux_state, newcon, &nsid,
682
+
GFP_KERNEL);
676
683
if (rc)
677
684
goto out;
678
685
679
-
rc = security_context_str_to_sid(taskcon, &tsid, GFP_KERNEL);
686
+
rc = security_context_str_to_sid(&selinux_state, taskcon, &tsid,
687
+
GFP_KERNEL);
680
688
if (rc)
681
689
goto out;
682
690
683
-
rc = security_validate_transition_user(osid, nsid, tsid, tclass);
691
+
rc = security_validate_transition_user(&selinux_state, osid, nsid,
692
+
tsid, tclass);
684
693
if (!rc)
685
694
rc = count;
686
695
out:
···
779
780
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
780
781
goto out;
781
782
782
-
length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL);
783
+
length = security_context_str_to_sid(&selinux_state, scon, &ssid,
784
+
GFP_KERNEL);
783
785
if (length)
784
786
goto out;
785
787
786
-
length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL);
788
+
length = security_context_str_to_sid(&selinux_state, tcon, &tsid,
789
+
GFP_KERNEL);
787
790
if (length)
788
791
goto out;
789
792
790
-
security_compute_av_user(ssid, tsid, tclass, &avd);
793
+
security_compute_av_user(&selinux_state, ssid, tsid, tclass, &avd);
791
794
792
795
length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT,
793
796
"%x %x %x %x %u %x",
···
869
868
objname = namebuf;
870
869
}
871
870
872
-
length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL);
871
+
length = security_context_str_to_sid(&selinux_state, scon, &ssid,
872
+
GFP_KERNEL);
873
873
if (length)
874
874
goto out;
875
875
876
-
length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL);
876
+
length = security_context_str_to_sid(&selinux_state, tcon, &tsid,
877
+
GFP_KERNEL);
877
878
if (length)
878
879
goto out;
879
880
880
-
length = security_transition_sid_user(ssid, tsid, tclass,
881
-
objname, &newsid);
881
+
length = security_transition_sid_user(&selinux_state, ssid, tsid,
882
+
tclass, objname, &newsid);
882
883
if (length)
883
884
goto out;
884
885
885
-
length = security_sid_to_context(newsid, &newcon, &len);
886
+
length = security_sid_to_context(&selinux_state, newsid, &newcon,
887
+
&len);
886
888
if (length)
887
889
goto out;
888
890
···
935
931
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
936
932
goto out;
937
933
938
-
length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL);
934
+
length = security_context_str_to_sid(&selinux_state, scon, &ssid,
935
+
GFP_KERNEL);
939
936
if (length)
940
937
goto out;
941
938
942
-
length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL);
939
+
length = security_context_str_to_sid(&selinux_state, tcon, &tsid,
940
+
GFP_KERNEL);
943
941
if (length)
944
942
goto out;
945
943
946
-
length = security_change_sid(ssid, tsid, tclass, &newsid);
944
+
length = security_change_sid(&selinux_state, ssid, tsid, tclass,
945
+
&newsid);
947
946
if (length)
948
947
goto out;
949
948
950
-
length = security_sid_to_context(newsid, &newcon, &len);
949
+
length = security_sid_to_context(&selinux_state, newsid, &newcon,
950
+
&len);
951
951
if (length)
952
952
goto out;
953
953
···
997
989
if (sscanf(buf, "%s %s", con, user) != 2)
998
990
goto out;
999
991
1000
-
length = security_context_str_to_sid(con, &sid, GFP_KERNEL);
992
+
length = security_context_str_to_sid(&selinux_state, con, &sid,
993
+
GFP_KERNEL);
1001
994
if (length)
1002
995
goto out;
1003
996
1004
-
length = security_get_user_sids(sid, user, &sids, &nsids);
997
+
length = security_get_user_sids(&selinux_state, sid, user, &sids,
998
+
&nsids);
1005
999
if (length)
1006
1000
goto out;
1007
1001
1008
1002
length = sprintf(buf, "%u", nsids) + 1;
1009
1003
ptr = buf + length;
1010
1004
for (i = 0; i < nsids; i++) {
1011
-
rc = security_sid_to_context(sids[i], &newcon, &len);
1005
+
rc = security_sid_to_context(&selinux_state, sids[i],
1006
+
&newcon, &len);
1012
1007
if (rc) {
1013
1008
length = rc;
1014
1009
goto out;
···
1062
1051
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
1063
1052
goto out;
1064
1053
1065
-
length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL);
1054
+
length = security_context_str_to_sid(&selinux_state, scon, &ssid,
1055
+
GFP_KERNEL);
1066
1056
if (length)
1067
1057
goto out;
1068
1058
1069
-
length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL);
1059
+
length = security_context_str_to_sid(&selinux_state, tcon, &tsid,
1060
+
GFP_KERNEL);
1070
1061
if (length)
1071
1062
goto out;
1072
1063
1073
-
length = security_member_sid(ssid, tsid, tclass, &newsid);
1064
+
length = security_member_sid(&selinux_state, ssid, tsid, tclass,
1065
+
&newsid);
1074
1066
if (length)
1075
1067
goto out;
1076
1068
1077
-
length = security_sid_to_context(newsid, &newcon, &len);
1069
+
length = security_sid_to_context(&selinux_state, newsid, &newcon,
1070
+
&len);
1078
1071
if (length)
1079
1072
goto out;
1080
1073
···
1130
1115
if (!page)
1131
1116
goto out;
1132
1117
1133
-
cur_enforcing = security_get_bool_value(index);
1118
+
cur_enforcing = security_get_bool_value(&selinux_state, index);
1134
1119
if (cur_enforcing < 0) {
1135
1120
ret = cur_enforcing;
1136
1121
goto out;
···
1241
1226
1242
1227
length = 0;
1243
1228
if (new_value && bool_pending_values)
1244
-
length = security_set_bools(bool_num, bool_pending_values);
1229
+
length = security_set_bools(&selinux_state, bool_num,
1230
+
bool_pending_values);
1245
1231
1246
1232
if (!length)
1247
1233
length = count;
···
1295
1279
if (!page)
1296
1280
goto out;
1297
1281
1298
-
ret = security_get_bools(&num, &names, &values);
1282
+
ret = security_get_bools(&selinux_state, &num, &names, &values);
1299
1283
if (ret)
1300
1284
goto out;
1301
1285
···
1316
1300
goto out;
1317
1301
1318
1302
isec = (struct inode_security_struct *)inode->i_security;
1319
-
ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid);
1303
+
ret = security_genfs_sid(&selinux_state, "selinuxfs", page,
1304
+
SECCLASS_FILE, &sid);
1320
1305
if (ret) {
1321
1306
pr_warn_ratelimited("SELinux: no sid found, defaulting to security isid for %s\n",
1322
1307
page);
···
1541
1524
ssize_t ret;
1542
1525
1543
1526
sid = file_inode(file)->i_ino&SEL_INO_MASK;
1544
-
ret = security_sid_to_context(sid, &con, &len);
1527
+
ret = security_sid_to_context(&selinux_state, sid, &con, &len);
1545
1528
if (ret)
1546
1529
return ret;
1547
1530
···
1634
1617
ssize_t length;
1635
1618
unsigned long i_ino = file_inode(file)->i_ino;
1636
1619
1637
-
value = security_policycap_supported(i_ino & SEL_INO_MASK);
1620
+
value = security_policycap_supported(&selinux_state,
1621
+
i_ino & SEL_INO_MASK);
1638
1622
length = scnprintf(tmpbuf, TMPBUFLEN, "%d", value);
1639
1623
1640
1624
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
···
1652
1634
int i, rc, nperms;
1653
1635
char **perms;
1654
1636
1655
-
rc = security_get_permissions(objclass, &perms, &nperms);
1637
+
rc = security_get_permissions(&selinux_state, objclass, &perms,
1638
+
&nperms);
1656
1639
if (rc)
1657
1640
return rc;
1658
1641
···
1720
1701
/* delete any existing entries */
1721
1702
sel_remove_entries(class_dir);
1722
1703
1723
-
rc = security_get_classes(&classes, &nclasses);
1704
+
rc = security_get_classes(&selinux_state, &classes, &nclasses);
1724
1705
if (rc)
1725
1706
return rc;
1726
1707
+2
-7
security/selinux/ss/avtab.c
+2
-7
security/selinux/ss/avtab.c
···
655
655
656
656
return rc;
657
657
}
658
-
void avtab_cache_init(void)
658
+
659
+
void __init avtab_cache_init(void)
659
660
{
660
661
avtab_node_cachep = kmem_cache_create("avtab_node",
661
662
sizeof(struct avtab_node),
···
664
663
avtab_xperms_cachep = kmem_cache_create("avtab_extended_perms",
665
664
sizeof(struct avtab_extended_perms),
666
665
0, SLAB_PANIC, NULL);
667
-
}
668
-
669
-
void avtab_cache_destroy(void)
670
-
{
671
-
kmem_cache_destroy(avtab_node_cachep);
672
-
kmem_cache_destroy(avtab_xperms_cachep);
673
666
}
-3
security/selinux/ss/avtab.h
-3
security/selinux/ss/avtab.h
···
114
114
115
115
struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified);
116
116
117
-
void avtab_cache_init(void);
118
-
void avtab_cache_destroy(void);
119
-
120
117
#define MAX_AVTAB_HASH_BITS 16
121
118
#define MAX_AVTAB_HASH_BUCKETS (1 << MAX_AVTAB_HASH_BITS)
122
119
+1
-6
security/selinux/ss/ebitmap.c
+1
-6
security/selinux/ss/ebitmap.c
···
523
523
return 0;
524
524
}
525
525
526
-
void ebitmap_cache_init(void)
526
+
void __init ebitmap_cache_init(void)
527
527
{
528
528
ebitmap_node_cachep = kmem_cache_create("ebitmap_node",
529
529
sizeof(struct ebitmap_node),
530
530
0, SLAB_PANIC, NULL);
531
-
}
532
-
533
-
void ebitmap_cache_destroy(void)
534
-
{
535
-
kmem_cache_destroy(ebitmap_node_cachep);
536
531
}
-3
security/selinux/ss/ebitmap.h
-3
security/selinux/ss/ebitmap.h
···
131
131
int ebitmap_read(struct ebitmap *e, void *fp);
132
132
int ebitmap_write(struct ebitmap *e, void *fp);
133
133
134
-
void ebitmap_cache_init(void);
135
-
void ebitmap_cache_destroy(void);
136
-
137
134
#ifdef CONFIG_NETLABEL
138
135
int ebitmap_netlbl_export(struct ebitmap *ebmap,
139
136
struct netlbl_lsm_catmap **catmap);
+2
-6
security/selinux/ss/hashtab.c
+2
-6
security/selinux/ss/hashtab.c
···
169
169
info->slots_used = slots_used;
170
170
info->max_chain_len = max_chain_len;
171
171
}
172
-
void hashtab_cache_init(void)
172
+
173
+
void __init hashtab_cache_init(void)
173
174
{
174
175
hashtab_node_cachep = kmem_cache_create("hashtab_node",
175
176
sizeof(struct hashtab_node),
176
177
0, SLAB_PANIC, NULL);
177
-
}
178
-
179
-
void hashtab_cache_destroy(void)
180
-
{
181
-
kmem_cache_destroy(hashtab_node_cachep);
182
178
}
-4
security/selinux/ss/hashtab.h
-4
security/selinux/ss/hashtab.h
+40
-32
security/selinux/ss/mls.c
+40
-32
security/selinux/ss/mls.c
···
33
33
* Return the length in bytes for the MLS fields of the
34
34
* security context string representation of `context'.
35
35
*/
36
-
int mls_compute_context_len(struct context *context)
36
+
int mls_compute_context_len(struct policydb *p, struct context *context)
37
37
{
38
38
int i, l, len, head, prev;
39
39
char *nm;
40
40
struct ebitmap *e;
41
41
struct ebitmap_node *node;
42
42
43
-
if (!policydb.mls_enabled)
43
+
if (!p->mls_enabled)
44
44
return 0;
45
45
46
46
len = 1; /* for the beginning ":" */
47
47
for (l = 0; l < 2; l++) {
48
48
int index_sens = context->range.level[l].sens;
49
-
len += strlen(sym_name(&policydb, SYM_LEVELS, index_sens - 1));
49
+
len += strlen(sym_name(p, SYM_LEVELS, index_sens - 1));
50
50
51
51
/* categories */
52
52
head = -2;
···
56
56
if (i - prev > 1) {
57
57
/* one or more negative bits are skipped */
58
58
if (head != prev) {
59
-
nm = sym_name(&policydb, SYM_CATS, prev);
59
+
nm = sym_name(p, SYM_CATS, prev);
60
60
len += strlen(nm) + 1;
61
61
}
62
-
nm = sym_name(&policydb, SYM_CATS, i);
62
+
nm = sym_name(p, SYM_CATS, i);
63
63
len += strlen(nm) + 1;
64
64
head = i;
65
65
}
66
66
prev = i;
67
67
}
68
68
if (prev != head) {
69
-
nm = sym_name(&policydb, SYM_CATS, prev);
69
+
nm = sym_name(p, SYM_CATS, prev);
70
70
len += strlen(nm) + 1;
71
71
}
72
72
if (l == 0) {
···
86
86
* the MLS fields of `context' into the string `*scontext'.
87
87
* Update `*scontext' to point to the end of the MLS fields.
88
88
*/
89
-
void mls_sid_to_context(struct context *context,
89
+
void mls_sid_to_context(struct policydb *p,
90
+
struct context *context,
90
91
char **scontext)
91
92
{
92
93
char *scontextp, *nm;
···
95
94
struct ebitmap *e;
96
95
struct ebitmap_node *node;
97
96
98
-
if (!policydb.mls_enabled)
97
+
if (!p->mls_enabled)
99
98
return;
100
99
101
100
scontextp = *scontext;
···
104
103
scontextp++;
105
104
106
105
for (l = 0; l < 2; l++) {
107
-
strcpy(scontextp, sym_name(&policydb, SYM_LEVELS,
106
+
strcpy(scontextp, sym_name(p, SYM_LEVELS,
108
107
context->range.level[l].sens - 1));
109
108
scontextp += strlen(scontextp);
110
109
···
120
119
*scontextp++ = '.';
121
120
else
122
121
*scontextp++ = ',';
123
-
nm = sym_name(&policydb, SYM_CATS, prev);
122
+
nm = sym_name(p, SYM_CATS, prev);
124
123
strcpy(scontextp, nm);
125
124
scontextp += strlen(nm);
126
125
}
···
128
127
*scontextp++ = ':';
129
128
else
130
129
*scontextp++ = ',';
131
-
nm = sym_name(&policydb, SYM_CATS, i);
130
+
nm = sym_name(p, SYM_CATS, i);
132
131
strcpy(scontextp, nm);
133
132
scontextp += strlen(nm);
134
133
head = i;
···
141
140
*scontextp++ = '.';
142
141
else
143
142
*scontextp++ = ',';
144
-
nm = sym_name(&policydb, SYM_CATS, prev);
143
+
nm = sym_name(p, SYM_CATS, prev);
145
144
strcpy(scontextp, nm);
146
145
scontextp += strlen(nm);
147
146
}
···
376
375
* the string `str'. This function will allocate temporary memory with the
377
376
* given constraints of gfp_mask.
378
377
*/
379
-
int mls_from_string(char *str, struct context *context, gfp_t gfp_mask)
378
+
int mls_from_string(struct policydb *p, char *str, struct context *context,
379
+
gfp_t gfp_mask)
380
380
{
381
381
char *tmpstr, *freestr;
382
382
int rc;
383
383
384
-
if (!policydb.mls_enabled)
384
+
if (!p->mls_enabled)
385
385
return -EINVAL;
386
386
387
387
/* we need freestr because mls_context_to_sid will change
···
391
389
if (!tmpstr) {
392
390
rc = -ENOMEM;
393
391
} else {
394
-
rc = mls_context_to_sid(&policydb, ':', &tmpstr, context,
392
+
rc = mls_context_to_sid(p, ':', &tmpstr, context,
395
393
NULL, SECSID_NULL);
396
394
kfree(freestr);
397
395
}
···
419
417
return rc;
420
418
}
421
419
422
-
int mls_setup_user_range(struct context *fromcon, struct user_datum *user,
420
+
int mls_setup_user_range(struct policydb *p,
421
+
struct context *fromcon, struct user_datum *user,
423
422
struct context *usercon)
424
423
{
425
-
if (policydb.mls_enabled) {
424
+
if (p->mls_enabled) {
426
425
struct mls_level *fromcon_sen = &(fromcon->range.level[0]);
427
426
struct mls_level *fromcon_clr = &(fromcon->range.level[1]);
428
427
struct mls_level *user_low = &(user->range.level[0]);
···
473
470
struct ebitmap_node *node;
474
471
int l, i;
475
472
476
-
if (!policydb.mls_enabled)
473
+
if (!oldp->mls_enabled || !newp->mls_enabled)
477
474
return 0;
478
475
479
476
for (l = 0; l < 2; l++) {
···
506
503
return 0;
507
504
}
508
505
509
-
int mls_compute_sid(struct context *scontext,
506
+
int mls_compute_sid(struct policydb *p,
507
+
struct context *scontext,
510
508
struct context *tcontext,
511
509
u16 tclass,
512
510
u32 specified,
···
519
515
struct class_datum *cladatum;
520
516
int default_range = 0;
521
517
522
-
if (!policydb.mls_enabled)
518
+
if (!p->mls_enabled)
523
519
return 0;
524
520
525
521
switch (specified) {
···
528
524
rtr.source_type = scontext->type;
529
525
rtr.target_type = tcontext->type;
530
526
rtr.target_class = tclass;
531
-
r = hashtab_search(policydb.range_tr, &rtr);
527
+
r = hashtab_search(p->range_tr, &rtr);
532
528
if (r)
533
529
return mls_range_set(newcontext, r);
534
530
535
-
if (tclass && tclass <= policydb.p_classes.nprim) {
536
-
cladatum = policydb.class_val_to_struct[tclass - 1];
531
+
if (tclass && tclass <= p->p_classes.nprim) {
532
+
cladatum = p->class_val_to_struct[tclass - 1];
537
533
if (cladatum)
538
534
default_range = cladatum->default_range;
539
535
}
···
555
551
556
552
/* Fallthrough */
557
553
case AVTAB_CHANGE:
558
-
if ((tclass == policydb.process_class) || (sock == true))
554
+
if ((tclass == p->process_class) || (sock == true))
559
555
/* Use the process MLS attributes. */
560
556
return mls_context_cpy(newcontext, scontext);
561
557
else
···
581
577
* NetLabel MLS sensitivity level field.
582
578
*
583
579
*/
584
-
void mls_export_netlbl_lvl(struct context *context,
580
+
void mls_export_netlbl_lvl(struct policydb *p,
581
+
struct context *context,
585
582
struct netlbl_lsm_secattr *secattr)
586
583
{
587
-
if (!policydb.mls_enabled)
584
+
if (!p->mls_enabled)
588
585
return;
589
586
590
587
secattr->attr.mls.lvl = context->range.level[0].sens - 1;
···
602
597
* NetLabel MLS sensitivity level into the context.
603
598
*
604
599
*/
605
-
void mls_import_netlbl_lvl(struct context *context,
600
+
void mls_import_netlbl_lvl(struct policydb *p,
601
+
struct context *context,
606
602
struct netlbl_lsm_secattr *secattr)
607
603
{
608
-
if (!policydb.mls_enabled)
604
+
if (!p->mls_enabled)
609
605
return;
610
606
611
607
context->range.level[0].sens = secattr->attr.mls.lvl + 1;
···
623
617
* MLS category field. Returns zero on success, negative values on failure.
624
618
*
625
619
*/
626
-
int mls_export_netlbl_cat(struct context *context,
620
+
int mls_export_netlbl_cat(struct policydb *p,
621
+
struct context *context,
627
622
struct netlbl_lsm_secattr *secattr)
628
623
{
629
624
int rc;
630
625
631
-
if (!policydb.mls_enabled)
626
+
if (!p->mls_enabled)
632
627
return 0;
633
628
634
629
rc = ebitmap_netlbl_export(&context->range.level[0].cat,
···
652
645
* negative values on failure.
653
646
*
654
647
*/
655
-
int mls_import_netlbl_cat(struct context *context,
648
+
int mls_import_netlbl_cat(struct policydb *p,
649
+
struct context *context,
656
650
struct netlbl_lsm_secattr *secattr)
657
651
{
658
652
int rc;
659
653
660
-
if (!policydb.mls_enabled)
654
+
if (!p->mls_enabled)
661
655
return 0;
662
656
663
657
rc = ebitmap_netlbl_import(&context->range.level[0].cat,
+25
-13
security/selinux/ss/mls.h
+25
-13
security/selinux/ss/mls.h
···
25
25
#include "context.h"
26
26
#include "policydb.h"
27
27
28
-
int mls_compute_context_len(struct context *context);
29
-
void mls_sid_to_context(struct context *context, char **scontext);
28
+
int mls_compute_context_len(struct policydb *p, struct context *context);
29
+
void mls_sid_to_context(struct policydb *p, struct context *context,
30
+
char **scontext);
30
31
int mls_context_isvalid(struct policydb *p, struct context *c);
31
32
int mls_range_isvalid(struct policydb *p, struct mls_range *r);
32
33
int mls_level_isvalid(struct policydb *p, struct mls_level *l);
···
39
38
struct sidtab *s,
40
39
u32 def_sid);
41
40
42
-
int mls_from_string(char *str, struct context *context, gfp_t gfp_mask);
41
+
int mls_from_string(struct policydb *p, char *str, struct context *context,
42
+
gfp_t gfp_mask);
43
43
44
44
int mls_range_set(struct context *context, struct mls_range *range);
45
45
···
48
46
struct policydb *newp,
49
47
struct context *context);
50
48
51
-
int mls_compute_sid(struct context *scontext,
49
+
int mls_compute_sid(struct policydb *p,
50
+
struct context *scontext,
52
51
struct context *tcontext,
53
52
u16 tclass,
54
53
u32 specified,
55
54
struct context *newcontext,
56
55
bool sock);
57
56
58
-
int mls_setup_user_range(struct context *fromcon, struct user_datum *user,
57
+
int mls_setup_user_range(struct policydb *p,
58
+
struct context *fromcon, struct user_datum *user,
59
59
struct context *usercon);
60
60
61
61
#ifdef CONFIG_NETLABEL
62
-
void mls_export_netlbl_lvl(struct context *context,
62
+
void mls_export_netlbl_lvl(struct policydb *p,
63
+
struct context *context,
63
64
struct netlbl_lsm_secattr *secattr);
64
-
void mls_import_netlbl_lvl(struct context *context,
65
+
void mls_import_netlbl_lvl(struct policydb *p,
66
+
struct context *context,
65
67
struct netlbl_lsm_secattr *secattr);
66
-
int mls_export_netlbl_cat(struct context *context,
68
+
int mls_export_netlbl_cat(struct policydb *p,
69
+
struct context *context,
67
70
struct netlbl_lsm_secattr *secattr);
68
-
int mls_import_netlbl_cat(struct context *context,
71
+
int mls_import_netlbl_cat(struct policydb *p,
72
+
struct context *context,
69
73
struct netlbl_lsm_secattr *secattr);
70
74
#else
71
-
static inline void mls_export_netlbl_lvl(struct context *context,
75
+
static inline void mls_export_netlbl_lvl(struct policydb *p,
76
+
struct context *context,
72
77
struct netlbl_lsm_secattr *secattr)
73
78
{
74
79
return;
75
80
}
76
-
static inline void mls_import_netlbl_lvl(struct context *context,
81
+
static inline void mls_import_netlbl_lvl(struct policydb *p,
82
+
struct context *context,
77
83
struct netlbl_lsm_secattr *secattr)
78
84
{
79
85
return;
80
86
}
81
-
static inline int mls_export_netlbl_cat(struct context *context,
87
+
static inline int mls_export_netlbl_cat(struct policydb *p,
88
+
struct context *context,
82
89
struct netlbl_lsm_secattr *secattr)
83
90
{
84
91
return -ENOMEM;
85
92
}
86
-
static inline int mls_import_netlbl_cat(struct context *context,
93
+
static inline int mls_import_netlbl_cat(struct policydb *p,
94
+
struct context *context,
87
95
struct netlbl_lsm_secattr *secattr)
88
96
{
89
97
return -ENOMEM;
+613
-469
security/selinux/ss/services.c
+613
-469
security/selinux/ss/services.c
···
80
80
"nnp_nosuid_transition"
81
81
};
82
82
83
-
int selinux_policycap_netpeer;
84
-
int selinux_policycap_openperm;
85
-
int selinux_policycap_extsockclass;
86
-
int selinux_policycap_alwaysnetwork;
87
-
int selinux_policycap_cgroupseclabel;
88
-
int selinux_policycap_nnp_nosuid_transition;
83
+
static struct selinux_ss selinux_ss;
89
84
90
-
static DEFINE_RWLOCK(policy_rwlock);
91
-
92
-
static struct sidtab sidtab;
93
-
struct policydb policydb;
94
-
int ss_initialized;
95
-
96
-
/*
97
-
* The largest sequence number that has been used when
98
-
* providing an access decision to the access vector cache.
99
-
* The sequence number only changes when a policy change
100
-
* occurs.
101
-
*/
102
-
static u32 latest_granting;
85
+
void selinux_ss_init(struct selinux_ss **ss)
86
+
{
87
+
rwlock_init(&selinux_ss.policy_rwlock);
88
+
mutex_init(&selinux_ss.status_lock);
89
+
*ss = &selinux_ss;
90
+
}
103
91
104
92
/* Forward declaration. */
105
-
static int context_struct_to_string(struct context *context, char **scontext,
93
+
static int context_struct_to_string(struct policydb *policydb,
94
+
struct context *context,
95
+
char **scontext,
106
96
u32 *scontext_len);
107
97
108
-
static void context_struct_compute_av(struct context *scontext,
109
-
struct context *tcontext,
110
-
u16 tclass,
111
-
struct av_decision *avd,
112
-
struct extended_perms *xperms);
113
-
114
-
struct selinux_mapping {
115
-
u16 value; /* policy value */
116
-
unsigned num_perms;
117
-
u32 perms[sizeof(u32) * 8];
118
-
};
119
-
120
-
static struct selinux_mapping *current_mapping;
121
-
static u16 current_mapping_size;
98
+
static void context_struct_compute_av(struct policydb *policydb,
99
+
struct context *scontext,
100
+
struct context *tcontext,
101
+
u16 tclass,
102
+
struct av_decision *avd,
103
+
struct extended_perms *xperms);
122
104
123
105
static int selinux_set_mapping(struct policydb *pol,
124
106
struct security_class_mapping *map,
125
-
struct selinux_mapping **out_map_p,
126
-
u16 *out_map_size)
107
+
struct selinux_map *out_map)
127
108
{
128
-
struct selinux_mapping *out_map = NULL;
129
-
size_t size = sizeof(struct selinux_mapping);
130
109
u16 i, j;
131
110
unsigned k;
132
111
bool print_unknown_handle = false;
···
118
139
i++;
119
140
120
141
/* Allocate space for the class records, plus one for class zero */
121
-
out_map = kcalloc(++i, size, GFP_ATOMIC);
122
-
if (!out_map)
142
+
out_map->mapping = kcalloc(++i, sizeof(*out_map->mapping), GFP_ATOMIC);
143
+
if (!out_map->mapping)
123
144
return -ENOMEM;
124
145
125
146
/* Store the raw class and permission values */
126
147
j = 0;
127
148
while (map[j].name) {
128
149
struct security_class_mapping *p_in = map + (j++);
129
-
struct selinux_mapping *p_out = out_map + j;
150
+
struct selinux_mapping *p_out = out_map->mapping + j;
130
151
131
152
/* An empty class string skips ahead */
132
153
if (!strcmp(p_in->name, "")) {
···
173
194
printk(KERN_INFO "SELinux: the above unknown classes and permissions will be %s\n",
174
195
pol->allow_unknown ? "allowed" : "denied");
175
196
176
-
*out_map_p = out_map;
177
-
*out_map_size = i;
197
+
out_map->size = i;
178
198
return 0;
179
199
err:
180
-
kfree(out_map);
200
+
kfree(out_map->mapping);
201
+
out_map->mapping = NULL;
181
202
return -EINVAL;
182
203
}
183
204
···
185
206
* Get real, policy values from mapped values
186
207
*/
187
208
188
-
static u16 unmap_class(u16 tclass)
209
+
static u16 unmap_class(struct selinux_map *map, u16 tclass)
189
210
{
190
-
if (tclass < current_mapping_size)
191
-
return current_mapping[tclass].value;
211
+
if (tclass < map->size)
212
+
return map->mapping[tclass].value;
192
213
193
214
return tclass;
194
215
}
···
196
217
/*
197
218
* Get kernel value for class from its policy value
198
219
*/
199
-
static u16 map_class(u16 pol_value)
220
+
static u16 map_class(struct selinux_map *map, u16 pol_value)
200
221
{
201
222
u16 i;
202
223
203
-
for (i = 1; i < current_mapping_size; i++) {
204
-
if (current_mapping[i].value == pol_value)
224
+
for (i = 1; i < map->size; i++) {
225
+
if (map->mapping[i].value == pol_value)
205
226
return i;
206
227
}
207
228
208
229
return SECCLASS_NULL;
209
230
}
210
231
211
-
static void map_decision(u16 tclass, struct av_decision *avd,
232
+
static void map_decision(struct selinux_map *map,
233
+
u16 tclass, struct av_decision *avd,
212
234
int allow_unknown)
213
235
{
214
-
if (tclass < current_mapping_size) {
215
-
unsigned i, n = current_mapping[tclass].num_perms;
236
+
if (tclass < map->size) {
237
+
struct selinux_mapping *mapping = &map->mapping[tclass];
238
+
unsigned int i, n = mapping->num_perms;
216
239
u32 result;
217
240
218
241
for (i = 0, result = 0; i < n; i++) {
219
-
if (avd->allowed & current_mapping[tclass].perms[i])
242
+
if (avd->allowed & mapping->perms[i])
220
243
result |= 1<<i;
221
-
if (allow_unknown && !current_mapping[tclass].perms[i])
244
+
if (allow_unknown && !mapping->perms[i])
222
245
result |= 1<<i;
223
246
}
224
247
avd->allowed = result;
225
248
226
249
for (i = 0, result = 0; i < n; i++)
227
-
if (avd->auditallow & current_mapping[tclass].perms[i])
250
+
if (avd->auditallow & mapping->perms[i])
228
251
result |= 1<<i;
229
252
avd->auditallow = result;
230
253
231
254
for (i = 0, result = 0; i < n; i++) {
232
-
if (avd->auditdeny & current_mapping[tclass].perms[i])
255
+
if (avd->auditdeny & mapping->perms[i])
233
256
result |= 1<<i;
234
-
if (!allow_unknown && !current_mapping[tclass].perms[i])
257
+
if (!allow_unknown && !mapping->perms[i])
235
258
result |= 1<<i;
236
259
}
237
260
/*
···
247
266
}
248
267
}
249
268
250
-
int security_mls_enabled(void)
269
+
int security_mls_enabled(struct selinux_state *state)
251
270
{
252
-
return policydb.mls_enabled;
271
+
struct policydb *p = &state->ss->policydb;
272
+
273
+
return p->mls_enabled;
253
274
}
254
275
255
276
/*
···
265
282
* of the process performing the transition. All other callers of
266
283
* constraint_expr_eval should pass in NULL for xcontext.
267
284
*/
268
-
static int constraint_expr_eval(struct context *scontext,
285
+
static int constraint_expr_eval(struct policydb *policydb,
286
+
struct context *scontext,
269
287
struct context *tcontext,
270
288
struct context *xcontext,
271
289
struct constraint_expr *cexpr)
···
310
326
case CEXPR_ROLE:
311
327
val1 = scontext->role;
312
328
val2 = tcontext->role;
313
-
r1 = policydb.role_val_to_struct[val1 - 1];
314
-
r2 = policydb.role_val_to_struct[val2 - 1];
329
+
r1 = policydb->role_val_to_struct[val1 - 1];
330
+
r2 = policydb->role_val_to_struct[val2 - 1];
315
331
switch (e->op) {
316
332
case CEXPR_DOM:
317
333
s[++sp] = ebitmap_get_bit(&r1->dominates,
···
456
472
return 0;
457
473
}
458
474
459
-
static void security_dump_masked_av(struct context *scontext,
475
+
static void security_dump_masked_av(struct policydb *policydb,
476
+
struct context *scontext,
460
477
struct context *tcontext,
461
478
u16 tclass,
462
479
u32 permissions,
···
477
492
if (!permissions)
478
493
return;
479
494
480
-
tclass_name = sym_name(&policydb, SYM_CLASSES, tclass - 1);
481
-
tclass_dat = policydb.class_val_to_struct[tclass - 1];
495
+
tclass_name = sym_name(policydb, SYM_CLASSES, tclass - 1);
496
+
tclass_dat = policydb->class_val_to_struct[tclass - 1];
482
497
common_dat = tclass_dat->comdatum;
483
498
484
499
/* init permission_names */
···
492
507
goto out;
493
508
494
509
/* get scontext/tcontext in text form */
495
-
if (context_struct_to_string(scontext,
510
+
if (context_struct_to_string(policydb, scontext,
496
511
&scontext_name, &length) < 0)
497
512
goto out;
498
513
499
-
if (context_struct_to_string(tcontext,
514
+
if (context_struct_to_string(policydb, tcontext,
500
515
&tcontext_name, &length) < 0)
501
516
goto out;
502
517
···
535
550
* security_boundary_permission - drops violated permissions
536
551
* on boundary constraint.
537
552
*/
538
-
static void type_attribute_bounds_av(struct context *scontext,
553
+
static void type_attribute_bounds_av(struct policydb *policydb,
554
+
struct context *scontext,
539
555
struct context *tcontext,
540
556
u16 tclass,
541
557
struct av_decision *avd)
···
548
562
struct type_datum *target;
549
563
u32 masked = 0;
550
564
551
-
source = flex_array_get_ptr(policydb.type_val_to_struct_array,
565
+
source = flex_array_get_ptr(policydb->type_val_to_struct_array,
552
566
scontext->type - 1);
553
567
BUG_ON(!source);
554
568
555
569
if (!source->bounds)
556
570
return;
557
571
558
-
target = flex_array_get_ptr(policydb.type_val_to_struct_array,
572
+
target = flex_array_get_ptr(policydb->type_val_to_struct_array,
559
573
tcontext->type - 1);
560
574
BUG_ON(!target);
561
575
···
570
584
tcontextp = &lo_tcontext;
571
585
}
572
586
573
-
context_struct_compute_av(&lo_scontext,
587
+
context_struct_compute_av(policydb, &lo_scontext,
574
588
tcontextp,
575
589
tclass,
576
590
&lo_avd,
···
585
599
avd->allowed &= ~masked;
586
600
587
601
/* audit masked permissions */
588
-
security_dump_masked_av(scontext, tcontext,
602
+
security_dump_masked_av(policydb, scontext, tcontext,
589
603
tclass, masked, "bounds");
590
604
}
591
605
···
618
632
* Compute access vectors and extended permissions based on a context
619
633
* structure pair for the permissions in a particular class.
620
634
*/
621
-
static void context_struct_compute_av(struct context *scontext,
622
-
struct context *tcontext,
623
-
u16 tclass,
624
-
struct av_decision *avd,
625
-
struct extended_perms *xperms)
635
+
static void context_struct_compute_av(struct policydb *policydb,
636
+
struct context *scontext,
637
+
struct context *tcontext,
638
+
u16 tclass,
639
+
struct av_decision *avd,
640
+
struct extended_perms *xperms)
626
641
{
627
642
struct constraint_node *constraint;
628
643
struct role_allow *ra;
···
642
655
xperms->len = 0;
643
656
}
644
657
645
-
if (unlikely(!tclass || tclass > policydb.p_classes.nprim)) {
658
+
if (unlikely(!tclass || tclass > policydb->p_classes.nprim)) {
646
659
if (printk_ratelimit())
647
660
printk(KERN_WARNING "SELinux: Invalid class %hu\n", tclass);
648
661
return;
649
662
}
650
663
651
-
tclass_datum = policydb.class_val_to_struct[tclass - 1];
664
+
tclass_datum = policydb->class_val_to_struct[tclass - 1];
652
665
653
666
/*
654
667
* If a specific type enforcement rule was defined for
···
656
669
*/
657
670
avkey.target_class = tclass;
658
671
avkey.specified = AVTAB_AV | AVTAB_XPERMS;
659
-
sattr = flex_array_get(policydb.type_attr_map_array, scontext->type - 1);
672
+
sattr = flex_array_get(policydb->type_attr_map_array,
673
+
scontext->type - 1);
660
674
BUG_ON(!sattr);
661
-
tattr = flex_array_get(policydb.type_attr_map_array, tcontext->type - 1);
675
+
tattr = flex_array_get(policydb->type_attr_map_array,
676
+
tcontext->type - 1);
662
677
BUG_ON(!tattr);
663
678
ebitmap_for_each_positive_bit(sattr, snode, i) {
664
679
ebitmap_for_each_positive_bit(tattr, tnode, j) {
665
680
avkey.source_type = i + 1;
666
681
avkey.target_type = j + 1;
667
-
for (node = avtab_search_node(&policydb.te_avtab, &avkey);
682
+
for (node = avtab_search_node(&policydb->te_avtab,
683
+
&avkey);
668
684
node;
669
685
node = avtab_search_node_next(node, avkey.specified)) {
670
686
if (node->key.specified == AVTAB_ALLOWED)
···
681
691
}
682
692
683
693
/* Check conditional av table for additional permissions */
684
-
cond_compute_av(&policydb.te_cond_avtab, &avkey,
694
+
cond_compute_av(&policydb->te_cond_avtab, &avkey,
685
695
avd, xperms);
686
696
687
697
}
···
694
704
constraint = tclass_datum->constraints;
695
705
while (constraint) {
696
706
if ((constraint->permissions & (avd->allowed)) &&
697
-
!constraint_expr_eval(scontext, tcontext, NULL,
707
+
!constraint_expr_eval(policydb, scontext, tcontext, NULL,
698
708
constraint->expr)) {
699
709
avd->allowed &= ~(constraint->permissions);
700
710
}
···
706
716
* role is changing, then check the (current_role, new_role)
707
717
* pair.
708
718
*/
709
-
if (tclass == policydb.process_class &&
710
-
(avd->allowed & policydb.process_trans_perms) &&
719
+
if (tclass == policydb->process_class &&
720
+
(avd->allowed & policydb->process_trans_perms) &&
711
721
scontext->role != tcontext->role) {
712
-
for (ra = policydb.role_allow; ra; ra = ra->next) {
722
+
for (ra = policydb->role_allow; ra; ra = ra->next) {
713
723
if (scontext->role == ra->role &&
714
724
tcontext->role == ra->new_role)
715
725
break;
716
726
}
717
727
if (!ra)
718
-
avd->allowed &= ~policydb.process_trans_perms;
728
+
avd->allowed &= ~policydb->process_trans_perms;
719
729
}
720
730
721
731
/*
···
723
733
* constraint, lazy checks have to mask any violated
724
734
* permission and notice it to userspace via audit.
725
735
*/
726
-
type_attribute_bounds_av(scontext, tcontext,
736
+
type_attribute_bounds_av(policydb, scontext, tcontext,
727
737
tclass, avd);
728
738
}
729
739
730
-
static int security_validtrans_handle_fail(struct context *ocontext,
740
+
static int security_validtrans_handle_fail(struct selinux_state *state,
741
+
struct context *ocontext,
731
742
struct context *ncontext,
732
743
struct context *tcontext,
733
744
u16 tclass)
734
745
{
746
+
struct policydb *p = &state->ss->policydb;
735
747
char *o = NULL, *n = NULL, *t = NULL;
736
748
u32 olen, nlen, tlen;
737
749
738
-
if (context_struct_to_string(ocontext, &o, &olen))
750
+
if (context_struct_to_string(p, ocontext, &o, &olen))
739
751
goto out;
740
-
if (context_struct_to_string(ncontext, &n, &nlen))
752
+
if (context_struct_to_string(p, ncontext, &n, &nlen))
741
753
goto out;
742
-
if (context_struct_to_string(tcontext, &t, &tlen))
754
+
if (context_struct_to_string(p, tcontext, &t, &tlen))
743
755
goto out;
744
756
audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
745
757
"op=security_validate_transition seresult=denied"
746
758
" oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
747
-
o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
759
+
o, n, t, sym_name(p, SYM_CLASSES, tclass-1));
748
760
out:
749
761
kfree(o);
750
762
kfree(n);
751
763
kfree(t);
752
764
753
-
if (!selinux_enforcing)
765
+
if (!is_enforcing(state))
754
766
return 0;
755
767
return -EPERM;
756
768
}
757
769
758
-
static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid,
770
+
static int security_compute_validatetrans(struct selinux_state *state,
771
+
u32 oldsid, u32 newsid, u32 tasksid,
759
772
u16 orig_tclass, bool user)
760
773
{
774
+
struct policydb *policydb;
775
+
struct sidtab *sidtab;
761
776
struct context *ocontext;
762
777
struct context *ncontext;
763
778
struct context *tcontext;
···
771
776
u16 tclass;
772
777
int rc = 0;
773
778
774
-
if (!ss_initialized)
779
+
780
+
if (!state->initialized)
775
781
return 0;
776
782
777
-
read_lock(&policy_rwlock);
783
+
read_lock(&state->ss->policy_rwlock);
784
+
785
+
policydb = &state->ss->policydb;
786
+
sidtab = &state->ss->sidtab;
778
787
779
788
if (!user)
780
-
tclass = unmap_class(orig_tclass);
789
+
tclass = unmap_class(&state->ss->map, orig_tclass);
781
790
else
782
791
tclass = orig_tclass;
783
792
784
-
if (!tclass || tclass > policydb.p_classes.nprim) {
793
+
if (!tclass || tclass > policydb->p_classes.nprim) {
785
794
rc = -EINVAL;
786
795
goto out;
787
796
}
788
-
tclass_datum = policydb.class_val_to_struct[tclass - 1];
797
+
tclass_datum = policydb->class_val_to_struct[tclass - 1];
789
798
790
-
ocontext = sidtab_search(&sidtab, oldsid);
799
+
ocontext = sidtab_search(sidtab, oldsid);
791
800
if (!ocontext) {
792
801
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
793
802
__func__, oldsid);
···
799
800
goto out;
800
801
}
801
802
802
-
ncontext = sidtab_search(&sidtab, newsid);
803
+
ncontext = sidtab_search(sidtab, newsid);
803
804
if (!ncontext) {
804
805
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
805
806
__func__, newsid);
···
807
808
goto out;
808
809
}
809
810
810
-
tcontext = sidtab_search(&sidtab, tasksid);
811
+
tcontext = sidtab_search(sidtab, tasksid);
811
812
if (!tcontext) {
812
813
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
813
814
__func__, tasksid);
···
817
818
818
819
constraint = tclass_datum->validatetrans;
819
820
while (constraint) {
820
-
if (!constraint_expr_eval(ocontext, ncontext, tcontext,
821
-
constraint->expr)) {
821
+
if (!constraint_expr_eval(policydb, ocontext, ncontext,
822
+
tcontext, constraint->expr)) {
822
823
if (user)
823
824
rc = -EPERM;
824
825
else
825
-
rc = security_validtrans_handle_fail(ocontext,
826
+
rc = security_validtrans_handle_fail(state,
827
+
ocontext,
826
828
ncontext,
827
829
tcontext,
828
830
tclass);
···
833
833
}
834
834
835
835
out:
836
-
read_unlock(&policy_rwlock);
836
+
read_unlock(&state->ss->policy_rwlock);
837
837
return rc;
838
838
}
839
839
840
-
int security_validate_transition_user(u32 oldsid, u32 newsid, u32 tasksid,
841
-
u16 tclass)
840
+
int security_validate_transition_user(struct selinux_state *state,
841
+
u32 oldsid, u32 newsid, u32 tasksid,
842
+
u16 tclass)
842
843
{
843
-
return security_compute_validatetrans(oldsid, newsid, tasksid,
844
-
tclass, true);
844
+
return security_compute_validatetrans(state, oldsid, newsid, tasksid,
845
+
tclass, true);
845
846
}
846
847
847
-
int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
848
+
int security_validate_transition(struct selinux_state *state,
849
+
u32 oldsid, u32 newsid, u32 tasksid,
848
850
u16 orig_tclass)
849
851
{
850
-
return security_compute_validatetrans(oldsid, newsid, tasksid,
851
-
orig_tclass, false);
852
+
return security_compute_validatetrans(state, oldsid, newsid, tasksid,
853
+
orig_tclass, false);
852
854
}
853
855
854
856
/*
···
862
860
* @oldsid : current security identifier
863
861
* @newsid : destinated security identifier
864
862
*/
865
-
int security_bounded_transition(u32 old_sid, u32 new_sid)
863
+
int security_bounded_transition(struct selinux_state *state,
864
+
u32 old_sid, u32 new_sid)
866
865
{
866
+
struct policydb *policydb;
867
+
struct sidtab *sidtab;
867
868
struct context *old_context, *new_context;
868
869
struct type_datum *type;
869
870
int index;
870
871
int rc;
871
872
872
-
if (!ss_initialized)
873
+
if (!state->initialized)
873
874
return 0;
874
875
875
-
read_lock(&policy_rwlock);
876
+
read_lock(&state->ss->policy_rwlock);
877
+
878
+
policydb = &state->ss->policydb;
879
+
sidtab = &state->ss->sidtab;
876
880
877
881
rc = -EINVAL;
878
-
old_context = sidtab_search(&sidtab, old_sid);
882
+
old_context = sidtab_search(sidtab, old_sid);
879
883
if (!old_context) {
880
884
printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n",
881
885
__func__, old_sid);
···
889
881
}
890
882
891
883
rc = -EINVAL;
892
-
new_context = sidtab_search(&sidtab, new_sid);
884
+
new_context = sidtab_search(sidtab, new_sid);
893
885
if (!new_context) {
894
886
printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n",
895
887
__func__, new_sid);
···
903
895
904
896
index = new_context->type;
905
897
while (true) {
906
-
type = flex_array_get_ptr(policydb.type_val_to_struct_array,
898
+
type = flex_array_get_ptr(policydb->type_val_to_struct_array,
907
899
index - 1);
908
900
BUG_ON(!type);
909
901
···
925
917
char *new_name = NULL;
926
918
u32 length;
927
919
928
-
if (!context_struct_to_string(old_context,
920
+
if (!context_struct_to_string(policydb, old_context,
929
921
&old_name, &length) &&
930
-
!context_struct_to_string(new_context,
922
+
!context_struct_to_string(policydb, new_context,
931
923
&new_name, &length)) {
932
924
audit_log(current->audit_context,
933
925
GFP_ATOMIC, AUDIT_SELINUX_ERR,
···
940
932
kfree(old_name);
941
933
}
942
934
out:
943
-
read_unlock(&policy_rwlock);
935
+
read_unlock(&state->ss->policy_rwlock);
944
936
945
937
return rc;
946
938
}
947
939
948
-
static void avd_init(struct av_decision *avd)
940
+
static void avd_init(struct selinux_state *state, struct av_decision *avd)
949
941
{
950
942
avd->allowed = 0;
951
943
avd->auditallow = 0;
952
944
avd->auditdeny = 0xffffffff;
953
-
avd->seqno = latest_granting;
945
+
avd->seqno = state->ss->latest_granting;
954
946
avd->flags = 0;
955
947
}
956
948
···
1008
1000
}
1009
1001
}
1010
1002
1011
-
void security_compute_xperms_decision(u32 ssid,
1012
-
u32 tsid,
1013
-
u16 orig_tclass,
1014
-
u8 driver,
1015
-
struct extended_perms_decision *xpermd)
1003
+
void security_compute_xperms_decision(struct selinux_state *state,
1004
+
u32 ssid,
1005
+
u32 tsid,
1006
+
u16 orig_tclass,
1007
+
u8 driver,
1008
+
struct extended_perms_decision *xpermd)
1016
1009
{
1010
+
struct policydb *policydb;
1011
+
struct sidtab *sidtab;
1017
1012
u16 tclass;
1018
1013
struct context *scontext, *tcontext;
1019
1014
struct avtab_key avkey;
···
1031
1020
memset(xpermd->auditallow->p, 0, sizeof(xpermd->auditallow->p));
1032
1021
memset(xpermd->dontaudit->p, 0, sizeof(xpermd->dontaudit->p));
1033
1022
1034
-
read_lock(&policy_rwlock);
1035
-
if (!ss_initialized)
1023
+
read_lock(&state->ss->policy_rwlock);
1024
+
if (!state->initialized)
1036
1025
goto allow;
1037
1026
1038
-
scontext = sidtab_search(&sidtab, ssid);
1027
+
policydb = &state->ss->policydb;
1028
+
sidtab = &state->ss->sidtab;
1029
+
1030
+
scontext = sidtab_search(sidtab, ssid);
1039
1031
if (!scontext) {
1040
1032
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1041
1033
__func__, ssid);
1042
1034
goto out;
1043
1035
}
1044
1036
1045
-
tcontext = sidtab_search(&sidtab, tsid);
1037
+
tcontext = sidtab_search(sidtab, tsid);
1046
1038
if (!tcontext) {
1047
1039
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1048
1040
__func__, tsid);
1049
1041
goto out;
1050
1042
}
1051
1043
1052
-
tclass = unmap_class(orig_tclass);
1044
+
tclass = unmap_class(&state->ss->map, orig_tclass);
1053
1045
if (unlikely(orig_tclass && !tclass)) {
1054
-
if (policydb.allow_unknown)
1046
+
if (policydb->allow_unknown)
1055
1047
goto allow;
1056
1048
goto out;
1057
1049
}
1058
1050
1059
1051
1060
-
if (unlikely(!tclass || tclass > policydb.p_classes.nprim)) {
1052
+
if (unlikely(!tclass || tclass > policydb->p_classes.nprim)) {
1061
1053
pr_warn_ratelimited("SELinux: Invalid class %hu\n", tclass);
1062
1054
goto out;
1063
1055
}
1064
1056
1065
1057
avkey.target_class = tclass;
1066
1058
avkey.specified = AVTAB_XPERMS;
1067
-
sattr = flex_array_get(policydb.type_attr_map_array,
1059
+
sattr = flex_array_get(policydb->type_attr_map_array,
1068
1060
scontext->type - 1);
1069
1061
BUG_ON(!sattr);
1070
-
tattr = flex_array_get(policydb.type_attr_map_array,
1062
+
tattr = flex_array_get(policydb->type_attr_map_array,
1071
1063
tcontext->type - 1);
1072
1064
BUG_ON(!tattr);
1073
1065
ebitmap_for_each_positive_bit(sattr, snode, i) {
1074
1066
ebitmap_for_each_positive_bit(tattr, tnode, j) {
1075
1067
avkey.source_type = i + 1;
1076
1068
avkey.target_type = j + 1;
1077
-
for (node = avtab_search_node(&policydb.te_avtab, &avkey);
1069
+
for (node = avtab_search_node(&policydb->te_avtab,
1070
+
&avkey);
1078
1071
node;
1079
1072
node = avtab_search_node_next(node, avkey.specified))
1080
1073
services_compute_xperms_decision(xpermd, node);
1081
1074
1082
-
cond_compute_xperms(&policydb.te_cond_avtab,
1075
+
cond_compute_xperms(&policydb->te_cond_avtab,
1083
1076
&avkey, xpermd);
1084
1077
}
1085
1078
}
1086
1079
out:
1087
-
read_unlock(&policy_rwlock);
1080
+
read_unlock(&state->ss->policy_rwlock);
1088
1081
return;
1089
1082
allow:
1090
1083
memset(xpermd->allowed->p, 0xff, sizeof(xpermd->allowed->p));
···
1106
1091
* Compute a set of access vector decisions based on the
1107
1092
* SID pair (@ssid, @tsid) for the permissions in @tclass.
1108
1093
*/
1109
-
void security_compute_av(u32 ssid,
1094
+
void security_compute_av(struct selinux_state *state,
1095
+
u32 ssid,
1110
1096
u32 tsid,
1111
1097
u16 orig_tclass,
1112
1098
struct av_decision *avd,
1113
1099
struct extended_perms *xperms)
1114
1100
{
1101
+
struct policydb *policydb;
1102
+
struct sidtab *sidtab;
1115
1103
u16 tclass;
1116
1104
struct context *scontext = NULL, *tcontext = NULL;
1117
1105
1118
-
read_lock(&policy_rwlock);
1119
-
avd_init(avd);
1106
+
read_lock(&state->ss->policy_rwlock);
1107
+
avd_init(state, avd);
1120
1108
xperms->len = 0;
1121
-
if (!ss_initialized)
1109
+
if (!state->initialized)
1122
1110
goto allow;
1123
1111
1124
-
scontext = sidtab_search(&sidtab, ssid);
1112
+
policydb = &state->ss->policydb;
1113
+
sidtab = &state->ss->sidtab;
1114
+
1115
+
scontext = sidtab_search(sidtab, ssid);
1125
1116
if (!scontext) {
1126
1117
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1127
1118
__func__, ssid);
···
1135
1114
}
1136
1115
1137
1116
/* permissive domain? */
1138
-
if (ebitmap_get_bit(&policydb.permissive_map, scontext->type))
1117
+
if (ebitmap_get_bit(&policydb->permissive_map, scontext->type))
1139
1118
avd->flags |= AVD_FLAGS_PERMISSIVE;
1140
1119
1141
-
tcontext = sidtab_search(&sidtab, tsid);
1120
+
tcontext = sidtab_search(sidtab, tsid);
1142
1121
if (!tcontext) {
1143
1122
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1144
1123
__func__, tsid);
1145
1124
goto out;
1146
1125
}
1147
1126
1148
-
tclass = unmap_class(orig_tclass);
1127
+
tclass = unmap_class(&state->ss->map, orig_tclass);
1149
1128
if (unlikely(orig_tclass && !tclass)) {
1150
-
if (policydb.allow_unknown)
1129
+
if (policydb->allow_unknown)
1151
1130
goto allow;
1152
1131
goto out;
1153
1132
}
1154
-
context_struct_compute_av(scontext, tcontext, tclass, avd, xperms);
1155
-
map_decision(orig_tclass, avd, policydb.allow_unknown);
1133
+
context_struct_compute_av(policydb, scontext, tcontext, tclass, avd,
1134
+
xperms);
1135
+
map_decision(&state->ss->map, orig_tclass, avd,
1136
+
policydb->allow_unknown);
1156
1137
out:
1157
-
read_unlock(&policy_rwlock);
1138
+
read_unlock(&state->ss->policy_rwlock);
1158
1139
return;
1159
1140
allow:
1160
1141
avd->allowed = 0xffffffff;
1161
1142
goto out;
1162
1143
}
1163
1144
1164
-
void security_compute_av_user(u32 ssid,
1145
+
void security_compute_av_user(struct selinux_state *state,
1146
+
u32 ssid,
1165
1147
u32 tsid,
1166
1148
u16 tclass,
1167
1149
struct av_decision *avd)
1168
1150
{
1151
+
struct policydb *policydb;
1152
+
struct sidtab *sidtab;
1169
1153
struct context *scontext = NULL, *tcontext = NULL;
1170
1154
1171
-
read_lock(&policy_rwlock);
1172
-
avd_init(avd);
1173
-
if (!ss_initialized)
1155
+
read_lock(&state->ss->policy_rwlock);
1156
+
avd_init(state, avd);
1157
+
if (!state->initialized)
1174
1158
goto allow;
1175
1159
1176
-
scontext = sidtab_search(&sidtab, ssid);
1160
+
policydb = &state->ss->policydb;
1161
+
sidtab = &state->ss->sidtab;
1162
+
1163
+
scontext = sidtab_search(sidtab, ssid);
1177
1164
if (!scontext) {
1178
1165
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1179
1166
__func__, ssid);
···
1189
1160
}
1190
1161
1191
1162
/* permissive domain? */
1192
-
if (ebitmap_get_bit(&policydb.permissive_map, scontext->type))
1163
+
if (ebitmap_get_bit(&policydb->permissive_map, scontext->type))
1193
1164
avd->flags |= AVD_FLAGS_PERMISSIVE;
1194
1165
1195
-
tcontext = sidtab_search(&sidtab, tsid);
1166
+
tcontext = sidtab_search(sidtab, tsid);
1196
1167
if (!tcontext) {
1197
1168
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1198
1169
__func__, tsid);
···
1200
1171
}
1201
1172
1202
1173
if (unlikely(!tclass)) {
1203
-
if (policydb.allow_unknown)
1174
+
if (policydb->allow_unknown)
1204
1175
goto allow;
1205
1176
goto out;
1206
1177
}
1207
1178
1208
-
context_struct_compute_av(scontext, tcontext, tclass, avd, NULL);
1179
+
context_struct_compute_av(policydb, scontext, tcontext, tclass, avd,
1180
+
NULL);
1209
1181
out:
1210
-
read_unlock(&policy_rwlock);
1182
+
read_unlock(&state->ss->policy_rwlock);
1211
1183
return;
1212
1184
allow:
1213
1185
avd->allowed = 0xffffffff;
···
1222
1192
* to point to this string and set `*scontext_len' to
1223
1193
* the length of the string.
1224
1194
*/
1225
-
static int context_struct_to_string(struct context *context, char **scontext, u32 *scontext_len)
1195
+
static int context_struct_to_string(struct policydb *p,
1196
+
struct context *context,
1197
+
char **scontext, u32 *scontext_len)
1226
1198
{
1227
1199
char *scontextp;
1228
1200
···
1243
1211
}
1244
1212
1245
1213
/* Compute the size of the context. */
1246
-
*scontext_len += strlen(sym_name(&policydb, SYM_USERS, context->user - 1)) + 1;
1247
-
*scontext_len += strlen(sym_name(&policydb, SYM_ROLES, context->role - 1)) + 1;
1248
-
*scontext_len += strlen(sym_name(&policydb, SYM_TYPES, context->type - 1)) + 1;
1249
-
*scontext_len += mls_compute_context_len(context);
1214
+
*scontext_len += strlen(sym_name(p, SYM_USERS, context->user - 1)) + 1;
1215
+
*scontext_len += strlen(sym_name(p, SYM_ROLES, context->role - 1)) + 1;
1216
+
*scontext_len += strlen(sym_name(p, SYM_TYPES, context->type - 1)) + 1;
1217
+
*scontext_len += mls_compute_context_len(p, context);
1250
1218
1251
1219
if (!scontext)
1252
1220
return 0;
···
1261
1229
* Copy the user name, role name and type name into the context.
1262
1230
*/
1263
1231
scontextp += sprintf(scontextp, "%s:%s:%s",
1264
-
sym_name(&policydb, SYM_USERS, context->user - 1),
1265
-
sym_name(&policydb, SYM_ROLES, context->role - 1),
1266
-
sym_name(&policydb, SYM_TYPES, context->type - 1));
1232
+
sym_name(p, SYM_USERS, context->user - 1),
1233
+
sym_name(p, SYM_ROLES, context->role - 1),
1234
+
sym_name(p, SYM_TYPES, context->type - 1));
1267
1235
1268
-
mls_sid_to_context(context, &scontextp);
1236
+
mls_sid_to_context(p, context, &scontextp);
1269
1237
1270
1238
*scontextp = 0;
1271
1239
···
1281
1249
return initial_sid_to_string[sid];
1282
1250
}
1283
1251
1284
-
static int security_sid_to_context_core(u32 sid, char **scontext,
1252
+
static int security_sid_to_context_core(struct selinux_state *state,
1253
+
u32 sid, char **scontext,
1285
1254
u32 *scontext_len, int force)
1286
1255
{
1256
+
struct policydb *policydb;
1257
+
struct sidtab *sidtab;
1287
1258
struct context *context;
1288
1259
int rc = 0;
1289
1260
···
1294
1259
*scontext = NULL;
1295
1260
*scontext_len = 0;
1296
1261
1297
-
if (!ss_initialized) {
1262
+
if (!state->initialized) {
1298
1263
if (sid <= SECINITSID_NUM) {
1299
1264
char *scontextp;
1300
1265
···
1315
1280
rc = -EINVAL;
1316
1281
goto out;
1317
1282
}
1318
-
read_lock(&policy_rwlock);
1283
+
read_lock(&state->ss->policy_rwlock);
1284
+
policydb = &state->ss->policydb;
1285
+
sidtab = &state->ss->sidtab;
1319
1286
if (force)
1320
-
context = sidtab_search_force(&sidtab, sid);
1287
+
context = sidtab_search_force(sidtab, sid);
1321
1288
else
1322
-
context = sidtab_search(&sidtab, sid);
1289
+
context = sidtab_search(sidtab, sid);
1323
1290
if (!context) {
1324
1291
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1325
1292
__func__, sid);
1326
1293
rc = -EINVAL;
1327
1294
goto out_unlock;
1328
1295
}
1329
-
rc = context_struct_to_string(context, scontext, scontext_len);
1296
+
rc = context_struct_to_string(policydb, context, scontext,
1297
+
scontext_len);
1330
1298
out_unlock:
1331
-
read_unlock(&policy_rwlock);
1299
+
read_unlock(&state->ss->policy_rwlock);
1332
1300
out:
1333
1301
return rc;
1334
1302
···
1347
1309
* into a dynamically allocated string of the correct size. Set @scontext
1348
1310
* to point to this string and set @scontext_len to the length of the string.
1349
1311
*/
1350
-
int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)
1312
+
int security_sid_to_context(struct selinux_state *state,
1313
+
u32 sid, char **scontext, u32 *scontext_len)
1351
1314
{
1352
-
return security_sid_to_context_core(sid, scontext, scontext_len, 0);
1315
+
return security_sid_to_context_core(state, sid, scontext,
1316
+
scontext_len, 0);
1353
1317
}
1354
1318
1355
-
int security_sid_to_context_force(u32 sid, char **scontext, u32 *scontext_len)
1319
+
int security_sid_to_context_force(struct selinux_state *state, u32 sid,
1320
+
char **scontext, u32 *scontext_len)
1356
1321
{
1357
-
return security_sid_to_context_core(sid, scontext, scontext_len, 1);
1322
+
return security_sid_to_context_core(state, sid, scontext,
1323
+
scontext_len, 1);
1358
1324
}
1359
1325
1360
1326
/*
···
1446
1404
return rc;
1447
1405
}
1448
1406
1449
-
static int security_context_to_sid_core(const char *scontext, u32 scontext_len,
1407
+
static int security_context_to_sid_core(struct selinux_state *state,
1408
+
const char *scontext, u32 scontext_len,
1450
1409
u32 *sid, u32 def_sid, gfp_t gfp_flags,
1451
1410
int force)
1452
1411
{
1412
+
struct policydb *policydb;
1413
+
struct sidtab *sidtab;
1453
1414
char *scontext2, *str = NULL;
1454
1415
struct context context;
1455
1416
int rc = 0;
···
1466
1421
if (!scontext2)
1467
1422
return -ENOMEM;
1468
1423
1469
-
if (!ss_initialized) {
1424
+
if (!state->initialized) {
1470
1425
int i;
1471
1426
1472
1427
for (i = 1; i < SECINITSID_NUM; i++) {
···
1487
1442
if (!str)
1488
1443
goto out;
1489
1444
}
1490
-
1491
-
read_lock(&policy_rwlock);
1492
-
rc = string_to_context_struct(&policydb, &sidtab, scontext2,
1445
+
read_lock(&state->ss->policy_rwlock);
1446
+
policydb = &state->ss->policydb;
1447
+
sidtab = &state->ss->sidtab;
1448
+
rc = string_to_context_struct(policydb, sidtab, scontext2,
1493
1449
scontext_len, &context, def_sid);
1494
1450
if (rc == -EINVAL && force) {
1495
1451
context.str = str;
···
1498
1452
str = NULL;
1499
1453
} else if (rc)
1500
1454
goto out_unlock;
1501
-
rc = sidtab_context_to_sid(&sidtab, &context, sid);
1455
+
rc = sidtab_context_to_sid(sidtab, &context, sid);
1502
1456
context_destroy(&context);
1503
1457
out_unlock:
1504
-
read_unlock(&policy_rwlock);
1458
+
read_unlock(&state->ss->policy_rwlock);
1505
1459
out:
1506
1460
kfree(scontext2);
1507
1461
kfree(str);
···
1520
1474
* Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient
1521
1475
* memory is available, or 0 on success.
1522
1476
*/
1523
-
int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid,
1477
+
int security_context_to_sid(struct selinux_state *state,
1478
+
const char *scontext, u32 scontext_len, u32 *sid,
1524
1479
gfp_t gfp)
1525
1480
{
1526
-
return security_context_to_sid_core(scontext, scontext_len,
1481
+
return security_context_to_sid_core(state, scontext, scontext_len,
1527
1482
sid, SECSID_NULL, gfp, 0);
1528
1483
}
1529
1484
1530
-
int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp)
1485
+
int security_context_str_to_sid(struct selinux_state *state,
1486
+
const char *scontext, u32 *sid, gfp_t gfp)
1531
1487
{
1532
-
return security_context_to_sid(scontext, strlen(scontext), sid, gfp);
1488
+
return security_context_to_sid(state, scontext, strlen(scontext),
1489
+
sid, gfp);
1533
1490
}
1534
1491
1535
1492
/**
···
1553
1504
* Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient
1554
1505
* memory is available, or 0 on success.
1555
1506
*/
1556
-
int security_context_to_sid_default(const char *scontext, u32 scontext_len,
1507
+
int security_context_to_sid_default(struct selinux_state *state,
1508
+
const char *scontext, u32 scontext_len,
1557
1509
u32 *sid, u32 def_sid, gfp_t gfp_flags)
1558
1510
{
1559
-
return security_context_to_sid_core(scontext, scontext_len,
1511
+
return security_context_to_sid_core(state, scontext, scontext_len,
1560
1512
sid, def_sid, gfp_flags, 1);
1561
1513
}
1562
1514
1563
-
int security_context_to_sid_force(const char *scontext, u32 scontext_len,
1515
+
int security_context_to_sid_force(struct selinux_state *state,
1516
+
const char *scontext, u32 scontext_len,
1564
1517
u32 *sid)
1565
1518
{
1566
-
return security_context_to_sid_core(scontext, scontext_len,
1519
+
return security_context_to_sid_core(state, scontext, scontext_len,
1567
1520
sid, SECSID_NULL, GFP_KERNEL, 1);
1568
1521
}
1569
1522
1570
1523
static int compute_sid_handle_invalid_context(
1524
+
struct selinux_state *state,
1571
1525
struct context *scontext,
1572
1526
struct context *tcontext,
1573
1527
u16 tclass,
1574
1528
struct context *newcontext)
1575
1529
{
1530
+
struct policydb *policydb = &state->ss->policydb;
1576
1531
char *s = NULL, *t = NULL, *n = NULL;
1577
1532
u32 slen, tlen, nlen;
1578
1533
1579
-
if (context_struct_to_string(scontext, &s, &slen))
1534
+
if (context_struct_to_string(policydb, scontext, &s, &slen))
1580
1535
goto out;
1581
-
if (context_struct_to_string(tcontext, &t, &tlen))
1536
+
if (context_struct_to_string(policydb, tcontext, &t, &tlen))
1582
1537
goto out;
1583
-
if (context_struct_to_string(newcontext, &n, &nlen))
1538
+
if (context_struct_to_string(policydb, newcontext, &n, &nlen))
1584
1539
goto out;
1585
1540
audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
1586
1541
"op=security_compute_sid invalid_context=%s"
1587
1542
" scontext=%s"
1588
1543
" tcontext=%s"
1589
1544
" tclass=%s",
1590
-
n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
1545
+
n, s, t, sym_name(policydb, SYM_CLASSES, tclass-1));
1591
1546
out:
1592
1547
kfree(s);
1593
1548
kfree(t);
1594
1549
kfree(n);
1595
-
if (!selinux_enforcing)
1550
+
if (!is_enforcing(state))
1596
1551
return 0;
1597
1552
return -EACCES;
1598
1553
}
1599
1554
1600
-
static void filename_compute_type(struct policydb *p, struct context *newcontext,
1555
+
static void filename_compute_type(struct policydb *policydb,
1556
+
struct context *newcontext,
1601
1557
u32 stype, u32 ttype, u16 tclass,
1602
1558
const char *objname)
1603
1559
{
···
1614
1560
* like /dev or /var/run. This bitmap will quickly skip rule searches
1615
1561
* if the ttype does not contain any rules.
1616
1562
*/
1617
-
if (!ebitmap_get_bit(&p->filename_trans_ttypes, ttype))
1563
+
if (!ebitmap_get_bit(&policydb->filename_trans_ttypes, ttype))
1618
1564
return;
1619
1565
1620
1566
ft.stype = stype;
···
1622
1568
ft.tclass = tclass;
1623
1569
ft.name = objname;
1624
1570
1625
-
otype = hashtab_search(p->filename_trans, &ft);
1571
+
otype = hashtab_search(policydb->filename_trans, &ft);
1626
1572
if (otype)
1627
1573
newcontext->type = otype->otype;
1628
1574
}
1629
1575
1630
-
static int security_compute_sid(u32 ssid,
1576
+
static int security_compute_sid(struct selinux_state *state,
1577
+
u32 ssid,
1631
1578
u32 tsid,
1632
1579
u16 orig_tclass,
1633
1580
u32 specified,
···
1636
1581
u32 *out_sid,
1637
1582
bool kern)
1638
1583
{
1584
+
struct policydb *policydb;
1585
+
struct sidtab *sidtab;
1639
1586
struct class_datum *cladatum = NULL;
1640
1587
struct context *scontext = NULL, *tcontext = NULL, newcontext;
1641
1588
struct role_trans *roletr = NULL;
···
1648
1591
int rc = 0;
1649
1592
bool sock;
1650
1593
1651
-
if (!ss_initialized) {
1594
+
if (!state->initialized) {
1652
1595
switch (orig_tclass) {
1653
1596
case SECCLASS_PROCESS: /* kernel value */
1654
1597
*out_sid = ssid;
···
1662
1605
1663
1606
context_init(&newcontext);
1664
1607
1665
-
read_lock(&policy_rwlock);
1608
+
read_lock(&state->ss->policy_rwlock);
1666
1609
1667
1610
if (kern) {
1668
-
tclass = unmap_class(orig_tclass);
1611
+
tclass = unmap_class(&state->ss->map, orig_tclass);
1669
1612
sock = security_is_socket_class(orig_tclass);
1670
1613
} else {
1671
1614
tclass = orig_tclass;
1672
-
sock = security_is_socket_class(map_class(tclass));
1615
+
sock = security_is_socket_class(map_class(&state->ss->map,
1616
+
tclass));
1673
1617
}
1674
1618
1675
-
scontext = sidtab_search(&sidtab, ssid);
1619
+
policydb = &state->ss->policydb;
1620
+
sidtab = &state->ss->sidtab;
1621
+
1622
+
scontext = sidtab_search(sidtab, ssid);
1676
1623
if (!scontext) {
1677
1624
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1678
1625
__func__, ssid);
1679
1626
rc = -EINVAL;
1680
1627
goto out_unlock;
1681
1628
}
1682
-
tcontext = sidtab_search(&sidtab, tsid);
1629
+
tcontext = sidtab_search(sidtab, tsid);
1683
1630
if (!tcontext) {
1684
1631
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
1685
1632
__func__, tsid);
···
1691
1630
goto out_unlock;
1692
1631
}
1693
1632
1694
-
if (tclass && tclass <= policydb.p_classes.nprim)
1695
-
cladatum = policydb.class_val_to_struct[tclass - 1];
1633
+
if (tclass && tclass <= policydb->p_classes.nprim)
1634
+
cladatum = policydb->class_val_to_struct[tclass - 1];
1696
1635
1697
1636
/* Set the user identity. */
1698
1637
switch (specified) {
···
1718
1657
} else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
1719
1658
newcontext.role = tcontext->role;
1720
1659
} else {
1721
-
if ((tclass == policydb.process_class) || (sock == true))
1660
+
if ((tclass == policydb->process_class) || (sock == true))
1722
1661
newcontext.role = scontext->role;
1723
1662
else
1724
1663
newcontext.role = OBJECT_R_VAL;
···
1730
1669
} else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
1731
1670
newcontext.type = tcontext->type;
1732
1671
} else {
1733
-
if ((tclass == policydb.process_class) || (sock == true)) {
1672
+
if ((tclass == policydb->process_class) || (sock == true)) {
1734
1673
/* Use the type of process. */
1735
1674
newcontext.type = scontext->type;
1736
1675
} else {
···
1744
1683
avkey.target_type = tcontext->type;
1745
1684
avkey.target_class = tclass;
1746
1685
avkey.specified = specified;
1747
-
avdatum = avtab_search(&policydb.te_avtab, &avkey);
1686
+
avdatum = avtab_search(&policydb->te_avtab, &avkey);
1748
1687
1749
1688
/* If no permanent rule, also check for enabled conditional rules */
1750
1689
if (!avdatum) {
1751
-
node = avtab_search_node(&policydb.te_cond_avtab, &avkey);
1690
+
node = avtab_search_node(&policydb->te_cond_avtab, &avkey);
1752
1691
for (; node; node = avtab_search_node_next(node, specified)) {
1753
1692
if (node->key.specified & AVTAB_ENABLED) {
1754
1693
avdatum = &node->datum;
···
1764
1703
1765
1704
/* if we have a objname this is a file trans check so check those rules */
1766
1705
if (objname)
1767
-
filename_compute_type(&policydb, &newcontext, scontext->type,
1706
+
filename_compute_type(policydb, &newcontext, scontext->type,
1768
1707
tcontext->type, tclass, objname);
1769
1708
1770
1709
/* Check for class-specific changes. */
1771
1710
if (specified & AVTAB_TRANSITION) {
1772
1711
/* Look for a role transition rule. */
1773
-
for (roletr = policydb.role_tr; roletr; roletr = roletr->next) {
1712
+
for (roletr = policydb->role_tr; roletr;
1713
+
roletr = roletr->next) {
1774
1714
if ((roletr->role == scontext->role) &&
1775
1715
(roletr->type == tcontext->type) &&
1776
1716
(roletr->tclass == tclass)) {
···
1784
1722
1785
1723
/* Set the MLS attributes.
1786
1724
This is done last because it may allocate memory. */
1787
-
rc = mls_compute_sid(scontext, tcontext, tclass, specified,
1725
+
rc = mls_compute_sid(policydb, scontext, tcontext, tclass, specified,
1788
1726
&newcontext, sock);
1789
1727
if (rc)
1790
1728
goto out_unlock;
1791
1729
1792
1730
/* Check the validity of the context. */
1793
-
if (!policydb_context_isvalid(&policydb, &newcontext)) {
1794
-
rc = compute_sid_handle_invalid_context(scontext,
1731
+
if (!policydb_context_isvalid(policydb, &newcontext)) {
1732
+
rc = compute_sid_handle_invalid_context(state, scontext,
1795
1733
tcontext,
1796
1734
tclass,
1797
1735
&newcontext);
···
1799
1737
goto out_unlock;
1800
1738
}
1801
1739
/* Obtain the sid for the context. */
1802
-
rc = sidtab_context_to_sid(&sidtab, &newcontext, out_sid);
1740
+
rc = sidtab_context_to_sid(sidtab, &newcontext, out_sid);
1803
1741
out_unlock:
1804
-
read_unlock(&policy_rwlock);
1742
+
read_unlock(&state->ss->policy_rwlock);
1805
1743
context_destroy(&newcontext);
1806
1744
out:
1807
1745
return rc;
···
1820
1758
* if insufficient memory is available, or %0 if the new SID was
1821
1759
* computed successfully.
1822
1760
*/
1823
-
int security_transition_sid(u32 ssid, u32 tsid, u16 tclass,
1761
+
int security_transition_sid(struct selinux_state *state,
1762
+
u32 ssid, u32 tsid, u16 tclass,
1824
1763
const struct qstr *qstr, u32 *out_sid)
1825
1764
{
1826
-
return security_compute_sid(ssid, tsid, tclass, AVTAB_TRANSITION,
1765
+
return security_compute_sid(state, ssid, tsid, tclass,
1766
+
AVTAB_TRANSITION,
1827
1767
qstr ? qstr->name : NULL, out_sid, true);
1828
1768
}
1829
1769
1830
-
int security_transition_sid_user(u32 ssid, u32 tsid, u16 tclass,
1770
+
int security_transition_sid_user(struct selinux_state *state,
1771
+
u32 ssid, u32 tsid, u16 tclass,
1831
1772
const char *objname, u32 *out_sid)
1832
1773
{
1833
-
return security_compute_sid(ssid, tsid, tclass, AVTAB_TRANSITION,
1774
+
return security_compute_sid(state, ssid, tsid, tclass,
1775
+
AVTAB_TRANSITION,
1834
1776
objname, out_sid, false);
1835
1777
}
1836
1778
···
1851
1785
* if insufficient memory is available, or %0 if the SID was
1852
1786
* computed successfully.
1853
1787
*/
1854
-
int security_member_sid(u32 ssid,
1788
+
int security_member_sid(struct selinux_state *state,
1789
+
u32 ssid,
1855
1790
u32 tsid,
1856
1791
u16 tclass,
1857
1792
u32 *out_sid)
1858
1793
{
1859
-
return security_compute_sid(ssid, tsid, tclass, AVTAB_MEMBER, NULL,
1794
+
return security_compute_sid(state, ssid, tsid, tclass,
1795
+
AVTAB_MEMBER, NULL,
1860
1796
out_sid, false);
1861
1797
}
1862
1798
···
1875
1807
* if insufficient memory is available, or %0 if the SID was
1876
1808
* computed successfully.
1877
1809
*/
1878
-
int security_change_sid(u32 ssid,
1810
+
int security_change_sid(struct selinux_state *state,
1811
+
u32 ssid,
1879
1812
u32 tsid,
1880
1813
u16 tclass,
1881
1814
u32 *out_sid)
1882
1815
{
1883
-
return security_compute_sid(ssid, tsid, tclass, AVTAB_CHANGE, NULL,
1816
+
return security_compute_sid(state,
1817
+
ssid, tsid, tclass, AVTAB_CHANGE, NULL,
1884
1818
out_sid, false);
1885
1819
}
1886
1820
···
1899
1829
return 0;
1900
1830
}
1901
1831
1902
-
static inline int convert_context_handle_invalid_context(struct context *context)
1832
+
static inline int convert_context_handle_invalid_context(
1833
+
struct selinux_state *state,
1834
+
struct context *context)
1903
1835
{
1836
+
struct policydb *policydb = &state->ss->policydb;
1904
1837
char *s;
1905
1838
u32 len;
1906
1839
1907
-
if (selinux_enforcing)
1840
+
if (is_enforcing(state))
1908
1841
return -EINVAL;
1909
1842
1910
-
if (!context_struct_to_string(context, &s, &len)) {
1843
+
if (!context_struct_to_string(policydb, context, &s, &len)) {
1911
1844
printk(KERN_WARNING "SELinux: Context %s would be invalid if enforcing\n", s);
1912
1845
kfree(s);
1913
1846
}
···
1918
1845
}
1919
1846
1920
1847
struct convert_context_args {
1848
+
struct selinux_state *state;
1921
1849
struct policydb *oldp;
1922
1850
struct policydb *newp;
1923
1851
};
···
2045
1971
2046
1972
/* Check the validity of the new context. */
2047
1973
if (!policydb_context_isvalid(args->newp, c)) {
2048
-
rc = convert_context_handle_invalid_context(&oldc);
1974
+
rc = convert_context_handle_invalid_context(args->state,
1975
+
&oldc);
2049
1976
if (rc)
2050
1977
goto bad;
2051
1978
}
···
2058
1983
return rc;
2059
1984
bad:
2060
1985
/* Map old representation to string and save it. */
2061
-
rc = context_struct_to_string(&oldc, &s, &len);
1986
+
rc = context_struct_to_string(args->oldp, &oldc, &s, &len);
2062
1987
if (rc)
2063
1988
return rc;
2064
1989
context_destroy(&oldc);
···
2071
1996
goto out;
2072
1997
}
2073
1998
2074
-
static void security_load_policycaps(void)
1999
+
static void security_load_policycaps(struct selinux_state *state)
2075
2000
{
2001
+
struct policydb *p = &state->ss->policydb;
2076
2002
unsigned int i;
2077
2003
struct ebitmap_node *node;
2078
2004
2079
-
selinux_policycap_netpeer = ebitmap_get_bit(&policydb.policycaps,
2080
-
POLICYDB_CAPABILITY_NETPEER);
2081
-
selinux_policycap_openperm = ebitmap_get_bit(&policydb.policycaps,
2082
-
POLICYDB_CAPABILITY_OPENPERM);
2083
-
selinux_policycap_extsockclass = ebitmap_get_bit(&policydb.policycaps,
2084
-
POLICYDB_CAPABILITY_EXTSOCKCLASS);
2085
-
selinux_policycap_alwaysnetwork = ebitmap_get_bit(&policydb.policycaps,
2086
-
POLICYDB_CAPABILITY_ALWAYSNETWORK);
2087
-
selinux_policycap_cgroupseclabel =
2088
-
ebitmap_get_bit(&policydb.policycaps,
2089
-
POLICYDB_CAPABILITY_CGROUPSECLABEL);
2090
-
selinux_policycap_nnp_nosuid_transition =
2091
-
ebitmap_get_bit(&policydb.policycaps,
2092
-
POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION);
2005
+
for (i = 0; i < ARRAY_SIZE(state->policycap); i++)
2006
+
state->policycap[i] = ebitmap_get_bit(&p->policycaps, i);
2093
2007
2094
2008
for (i = 0; i < ARRAY_SIZE(selinux_policycap_names); i++)
2095
2009
pr_info("SELinux: policy capability %s=%d\n",
2096
2010
selinux_policycap_names[i],
2097
-
ebitmap_get_bit(&policydb.policycaps, i));
2011
+
ebitmap_get_bit(&p->policycaps, i));
2098
2012
2099
-
ebitmap_for_each_positive_bit(&policydb.policycaps, node, i) {
2013
+
ebitmap_for_each_positive_bit(&p->policycaps, node, i) {
2100
2014
if (i >= ARRAY_SIZE(selinux_policycap_names))
2101
2015
pr_info("SELinux: unknown policy capability %u\n",
2102
2016
i);
2103
2017
}
2104
2018
}
2105
2019
2106
-
static int security_preserve_bools(struct policydb *p);
2020
+
static int security_preserve_bools(struct selinux_state *state,
2021
+
struct policydb *newpolicydb);
2107
2022
2108
2023
/**
2109
2024
* security_load_policy - Load a security policy configuration.
···
2105
2040
* This function will flush the access vector cache after
2106
2041
* loading the new policy.
2107
2042
*/
2108
-
int security_load_policy(void *data, size_t len)
2043
+
int security_load_policy(struct selinux_state *state, void *data, size_t len)
2109
2044
{
2045
+
struct policydb *policydb;
2046
+
struct sidtab *sidtab;
2110
2047
struct policydb *oldpolicydb, *newpolicydb;
2111
2048
struct sidtab oldsidtab, newsidtab;
2112
-
struct selinux_mapping *oldmap, *map = NULL;
2049
+
struct selinux_mapping *oldmapping;
2050
+
struct selinux_map newmap;
2113
2051
struct convert_context_args args;
2114
2052
u32 seqno;
2115
-
u16 map_size;
2116
2053
int rc = 0;
2117
2054
struct policy_file file = { data, len }, *fp = &file;
2118
2055
···
2125
2058
}
2126
2059
newpolicydb = oldpolicydb + 1;
2127
2060
2128
-
if (!ss_initialized) {
2129
-
avtab_cache_init();
2130
-
ebitmap_cache_init();
2131
-
hashtab_cache_init();
2132
-
rc = policydb_read(&policydb, fp);
2061
+
policydb = &state->ss->policydb;
2062
+
sidtab = &state->ss->sidtab;
2063
+
2064
+
if (!state->initialized) {
2065
+
rc = policydb_read(policydb, fp);
2066
+
if (rc)
2067
+
goto out;
2068
+
2069
+
policydb->len = len;
2070
+
rc = selinux_set_mapping(policydb, secclass_map,
2071
+
&state->ss->map);
2133
2072
if (rc) {
2134
-
avtab_cache_destroy();
2135
-
ebitmap_cache_destroy();
2136
-
hashtab_cache_destroy();
2073
+
policydb_destroy(policydb);
2137
2074
goto out;
2138
2075
}
2139
2076
2140
-
policydb.len = len;
2141
-
rc = selinux_set_mapping(&policydb, secclass_map,
2142
-
¤t_mapping,
2143
-
¤t_mapping_size);
2077
+
rc = policydb_load_isids(policydb, sidtab);
2144
2078
if (rc) {
2145
-
policydb_destroy(&policydb);
2146
-
avtab_cache_destroy();
2147
-
ebitmap_cache_destroy();
2148
-
hashtab_cache_destroy();
2079
+
policydb_destroy(policydb);
2149
2080
goto out;
2150
2081
}
2151
2082
2152
-
rc = policydb_load_isids(&policydb, &sidtab);
2153
-
if (rc) {
2154
-
policydb_destroy(&policydb);
2155
-
avtab_cache_destroy();
2156
-
ebitmap_cache_destroy();
2157
-
hashtab_cache_destroy();
2158
-
goto out;
2159
-
}
2160
-
2161
-
security_load_policycaps();
2162
-
ss_initialized = 1;
2163
-
seqno = ++latest_granting;
2083
+
security_load_policycaps(state);
2084
+
state->initialized = 1;
2085
+
seqno = ++state->ss->latest_granting;
2164
2086
selinux_complete_init();
2165
2087
avc_ss_reset(seqno);
2166
2088
selnl_notify_policyload(seqno);
2167
-
selinux_status_update_policyload(seqno);
2089
+
selinux_status_update_policyload(state, seqno);
2168
2090
selinux_netlbl_cache_invalidate();
2169
2091
selinux_xfrm_notify_policyload();
2170
2092
goto out;
2171
2093
}
2172
2094
2173
2095
#if 0
2174
-
sidtab_hash_eval(&sidtab, "sids");
2096
+
sidtab_hash_eval(sidtab, "sids");
2175
2097
#endif
2176
2098
2177
2099
rc = policydb_read(newpolicydb, fp);
···
2169
2113
2170
2114
newpolicydb->len = len;
2171
2115
/* If switching between different policy types, log MLS status */
2172
-
if (policydb.mls_enabled && !newpolicydb->mls_enabled)
2116
+
if (policydb->mls_enabled && !newpolicydb->mls_enabled)
2173
2117
printk(KERN_INFO "SELinux: Disabling MLS support...\n");
2174
-
else if (!policydb.mls_enabled && newpolicydb->mls_enabled)
2118
+
else if (!policydb->mls_enabled && newpolicydb->mls_enabled)
2175
2119
printk(KERN_INFO "SELinux: Enabling MLS support...\n");
2176
2120
2177
2121
rc = policydb_load_isids(newpolicydb, &newsidtab);
···
2181
2125
goto out;
2182
2126
}
2183
2127
2184
-
rc = selinux_set_mapping(newpolicydb, secclass_map, &map, &map_size);
2128
+
rc = selinux_set_mapping(newpolicydb, secclass_map, &newmap);
2185
2129
if (rc)
2186
2130
goto err;
2187
2131
2188
-
rc = security_preserve_bools(newpolicydb);
2132
+
rc = security_preserve_bools(state, newpolicydb);
2189
2133
if (rc) {
2190
2134
printk(KERN_ERR "SELinux: unable to preserve booleans\n");
2191
2135
goto err;
2192
2136
}
2193
2137
2194
2138
/* Clone the SID table. */
2195
-
sidtab_shutdown(&sidtab);
2139
+
sidtab_shutdown(sidtab);
2196
2140
2197
-
rc = sidtab_map(&sidtab, clone_sid, &newsidtab);
2141
+
rc = sidtab_map(sidtab, clone_sid, &newsidtab);
2198
2142
if (rc)
2199
2143
goto err;
2200
2144
···
2202
2146
* Convert the internal representations of contexts
2203
2147
* in the new SID table.
2204
2148
*/
2205
-
args.oldp = &policydb;
2149
+
args.state = state;
2150
+
args.oldp = policydb;
2206
2151
args.newp = newpolicydb;
2207
2152
rc = sidtab_map(&newsidtab, convert_context, &args);
2208
2153
if (rc) {
···
2214
2157
}
2215
2158
2216
2159
/* Save the old policydb and SID table to free later. */
2217
-
memcpy(oldpolicydb, &policydb, sizeof(policydb));
2218
-
sidtab_set(&oldsidtab, &sidtab);
2160
+
memcpy(oldpolicydb, policydb, sizeof(*policydb));
2161
+
sidtab_set(&oldsidtab, sidtab);
2219
2162
2220
2163
/* Install the new policydb and SID table. */
2221
-
write_lock_irq(&policy_rwlock);
2222
-
memcpy(&policydb, newpolicydb, sizeof(policydb));
2223
-
sidtab_set(&sidtab, &newsidtab);
2224
-
security_load_policycaps();
2225
-
oldmap = current_mapping;
2226
-
current_mapping = map;
2227
-
current_mapping_size = map_size;
2228
-
seqno = ++latest_granting;
2229
-
write_unlock_irq(&policy_rwlock);
2164
+
write_lock_irq(&state->ss->policy_rwlock);
2165
+
memcpy(policydb, newpolicydb, sizeof(*policydb));
2166
+
sidtab_set(sidtab, &newsidtab);
2167
+
security_load_policycaps(state);
2168
+
oldmapping = state->ss->map.mapping;
2169
+
state->ss->map.mapping = newmap.mapping;
2170
+
state->ss->map.size = newmap.size;
2171
+
seqno = ++state->ss->latest_granting;
2172
+
write_unlock_irq(&state->ss->policy_rwlock);
2230
2173
2231
2174
/* Free the old policydb and SID table. */
2232
2175
policydb_destroy(oldpolicydb);
2233
2176
sidtab_destroy(&oldsidtab);
2234
-
kfree(oldmap);
2177
+
kfree(oldmapping);
2235
2178
2236
2179
avc_ss_reset(seqno);
2237
2180
selnl_notify_policyload(seqno);
2238
-
selinux_status_update_policyload(seqno);
2181
+
selinux_status_update_policyload(state, seqno);
2239
2182
selinux_netlbl_cache_invalidate();
2240
2183
selinux_xfrm_notify_policyload();
2241
2184
···
2243
2186
goto out;
2244
2187
2245
2188
err:
2246
-
kfree(map);
2189
+
kfree(newmap.mapping);
2247
2190
sidtab_destroy(&newsidtab);
2248
2191
policydb_destroy(newpolicydb);
2249
2192
···
2252
2195
return rc;
2253
2196
}
2254
2197
2255
-
size_t security_policydb_len(void)
2198
+
size_t security_policydb_len(struct selinux_state *state)
2256
2199
{
2200
+
struct policydb *p = &state->ss->policydb;
2257
2201
size_t len;
2258
2202
2259
-
read_lock(&policy_rwlock);
2260
-
len = policydb.len;
2261
-
read_unlock(&policy_rwlock);
2203
+
read_lock(&state->ss->policy_rwlock);
2204
+
len = p->len;
2205
+
read_unlock(&state->ss->policy_rwlock);
2262
2206
2263
2207
return len;
2264
2208
}
···
2270
2212
* @port: port number
2271
2213
* @out_sid: security identifier
2272
2214
*/
2273
-
int security_port_sid(u8 protocol, u16 port, u32 *out_sid)
2215
+
int security_port_sid(struct selinux_state *state,
2216
+
u8 protocol, u16 port, u32 *out_sid)
2274
2217
{
2218
+
struct policydb *policydb;
2219
+
struct sidtab *sidtab;
2275
2220
struct ocontext *c;
2276
2221
int rc = 0;
2277
2222
2278
-
read_lock(&policy_rwlock);
2223
+
read_lock(&state->ss->policy_rwlock);
2279
2224
2280
-
c = policydb.ocontexts[OCON_PORT];
2225
+
policydb = &state->ss->policydb;
2226
+
sidtab = &state->ss->sidtab;
2227
+
2228
+
c = policydb->ocontexts[OCON_PORT];
2281
2229
while (c) {
2282
2230
if (c->u.port.protocol == protocol &&
2283
2231
c->u.port.low_port <= port &&
···
2294
2230
2295
2231
if (c) {
2296
2232
if (!c->sid[0]) {
2297
-
rc = sidtab_context_to_sid(&sidtab,
2233
+
rc = sidtab_context_to_sid(sidtab,
2298
2234
&c->context[0],
2299
2235
&c->sid[0]);
2300
2236
if (rc)
···
2306
2242
}
2307
2243
2308
2244
out:
2309
-
read_unlock(&policy_rwlock);
2245
+
read_unlock(&state->ss->policy_rwlock);
2310
2246
return rc;
2311
2247
}
2312
2248
···
2316
2252
* @pkey_num: pkey number
2317
2253
* @out_sid: security identifier
2318
2254
*/
2319
-
int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid)
2255
+
int security_ib_pkey_sid(struct selinux_state *state,
2256
+
u64 subnet_prefix, u16 pkey_num, u32 *out_sid)
2320
2257
{
2258
+
struct policydb *policydb;
2259
+
struct sidtab *sidtab;
2321
2260
struct ocontext *c;
2322
2261
int rc = 0;
2323
2262
2324
-
read_lock(&policy_rwlock);
2263
+
read_lock(&state->ss->policy_rwlock);
2325
2264
2326
-
c = policydb.ocontexts[OCON_IBPKEY];
2265
+
policydb = &state->ss->policydb;
2266
+
sidtab = &state->ss->sidtab;
2267
+
2268
+
c = policydb->ocontexts[OCON_IBPKEY];
2327
2269
while (c) {
2328
2270
if (c->u.ibpkey.low_pkey <= pkey_num &&
2329
2271
c->u.ibpkey.high_pkey >= pkey_num &&
···
2341
2271
2342
2272
if (c) {
2343
2273
if (!c->sid[0]) {
2344
-
rc = sidtab_context_to_sid(&sidtab,
2274
+
rc = sidtab_context_to_sid(sidtab,
2345
2275
&c->context[0],
2346
2276
&c->sid[0]);
2347
2277
if (rc)
···
2352
2282
*out_sid = SECINITSID_UNLABELED;
2353
2283
2354
2284
out:
2355
-
read_unlock(&policy_rwlock);
2285
+
read_unlock(&state->ss->policy_rwlock);
2356
2286
return rc;
2357
2287
}
2358
2288
···
2362
2292
* @port: port number
2363
2293
* @out_sid: security identifier
2364
2294
*/
2365
-
int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid)
2295
+
int security_ib_endport_sid(struct selinux_state *state,
2296
+
const char *dev_name, u8 port_num, u32 *out_sid)
2366
2297
{
2298
+
struct policydb *policydb;
2299
+
struct sidtab *sidtab;
2367
2300
struct ocontext *c;
2368
2301
int rc = 0;
2369
2302
2370
-
read_lock(&policy_rwlock);
2303
+
read_lock(&state->ss->policy_rwlock);
2371
2304
2372
-
c = policydb.ocontexts[OCON_IBENDPORT];
2305
+
policydb = &state->ss->policydb;
2306
+
sidtab = &state->ss->sidtab;
2307
+
2308
+
c = policydb->ocontexts[OCON_IBENDPORT];
2373
2309
while (c) {
2374
2310
if (c->u.ibendport.port == port_num &&
2375
2311
!strncmp(c->u.ibendport.dev_name,
···
2388
2312
2389
2313
if (c) {
2390
2314
if (!c->sid[0]) {
2391
-
rc = sidtab_context_to_sid(&sidtab,
2315
+
rc = sidtab_context_to_sid(sidtab,
2392
2316
&c->context[0],
2393
2317
&c->sid[0]);
2394
2318
if (rc)
···
2399
2323
*out_sid = SECINITSID_UNLABELED;
2400
2324
2401
2325
out:
2402
-
read_unlock(&policy_rwlock);
2326
+
read_unlock(&state->ss->policy_rwlock);
2403
2327
return rc;
2404
2328
}
2405
2329
···
2408
2332
* @name: interface name
2409
2333
* @if_sid: interface SID
2410
2334
*/
2411
-
int security_netif_sid(char *name, u32 *if_sid)
2335
+
int security_netif_sid(struct selinux_state *state,
2336
+
char *name, u32 *if_sid)
2412
2337
{
2338
+
struct policydb *policydb;
2339
+
struct sidtab *sidtab;
2413
2340
int rc = 0;
2414
2341
struct ocontext *c;
2415
2342
2416
-
read_lock(&policy_rwlock);
2343
+
read_lock(&state->ss->policy_rwlock);
2417
2344
2418
-
c = policydb.ocontexts[OCON_NETIF];
2345
+
policydb = &state->ss->policydb;
2346
+
sidtab = &state->ss->sidtab;
2347
+
2348
+
c = policydb->ocontexts[OCON_NETIF];
2419
2349
while (c) {
2420
2350
if (strcmp(name, c->u.name) == 0)
2421
2351
break;
···
2430
2348
2431
2349
if (c) {
2432
2350
if (!c->sid[0] || !c->sid[1]) {
2433
-
rc = sidtab_context_to_sid(&sidtab,
2351
+
rc = sidtab_context_to_sid(sidtab,
2434
2352
&c->context[0],
2435
2353
&c->sid[0]);
2436
2354
if (rc)
2437
2355
goto out;
2438
-
rc = sidtab_context_to_sid(&sidtab,
2356
+
rc = sidtab_context_to_sid(sidtab,
2439
2357
&c->context[1],
2440
2358
&c->sid[1]);
2441
2359
if (rc)
···
2446
2364
*if_sid = SECINITSID_NETIF;
2447
2365
2448
2366
out:
2449
-
read_unlock(&policy_rwlock);
2367
+
read_unlock(&state->ss->policy_rwlock);
2450
2368
return rc;
2451
2369
}
2452
2370
···
2470
2388
* @addrlen: address length in bytes
2471
2389
* @out_sid: security identifier
2472
2390
*/
2473
-
int security_node_sid(u16 domain,
2391
+
int security_node_sid(struct selinux_state *state,
2392
+
u16 domain,
2474
2393
void *addrp,
2475
2394
u32 addrlen,
2476
2395
u32 *out_sid)
2477
2396
{
2397
+
struct policydb *policydb;
2398
+
struct sidtab *sidtab;
2478
2399
int rc;
2479
2400
struct ocontext *c;
2480
2401
2481
-
read_lock(&policy_rwlock);
2402
+
read_lock(&state->ss->policy_rwlock);
2403
+
2404
+
policydb = &state->ss->policydb;
2405
+
sidtab = &state->ss->sidtab;
2482
2406
2483
2407
switch (domain) {
2484
2408
case AF_INET: {
···
2496
2408
2497
2409
addr = *((u32 *)addrp);
2498
2410
2499
-
c = policydb.ocontexts[OCON_NODE];
2411
+
c = policydb->ocontexts[OCON_NODE];
2500
2412
while (c) {
2501
2413
if (c->u.node.addr == (addr & c->u.node.mask))
2502
2414
break;
···
2509
2421
rc = -EINVAL;
2510
2422
if (addrlen != sizeof(u64) * 2)
2511
2423
goto out;
2512
-
c = policydb.ocontexts[OCON_NODE6];
2424
+
c = policydb->ocontexts[OCON_NODE6];
2513
2425
while (c) {
2514
2426
if (match_ipv6_addrmask(addrp, c->u.node6.addr,
2515
2427
c->u.node6.mask))
···
2526
2438
2527
2439
if (c) {
2528
2440
if (!c->sid[0]) {
2529
-
rc = sidtab_context_to_sid(&sidtab,
2441
+
rc = sidtab_context_to_sid(sidtab,
2530
2442
&c->context[0],
2531
2443
&c->sid[0]);
2532
2444
if (rc)
···
2539
2451
2540
2452
rc = 0;
2541
2453
out:
2542
-
read_unlock(&policy_rwlock);
2454
+
read_unlock(&state->ss->policy_rwlock);
2543
2455
return rc;
2544
2456
}
2545
2457
···
2559
2471
* number of elements in the array.
2560
2472
*/
2561
2473
2562
-
int security_get_user_sids(u32 fromsid,
2474
+
int security_get_user_sids(struct selinux_state *state,
2475
+
u32 fromsid,
2563
2476
char *username,
2564
2477
u32 **sids,
2565
2478
u32 *nel)
2566
2479
{
2480
+
struct policydb *policydb;
2481
+
struct sidtab *sidtab;
2567
2482
struct context *fromcon, usercon;
2568
2483
u32 *mysids = NULL, *mysids2, sid;
2569
2484
u32 mynel = 0, maxnel = SIDS_NEL;
···
2578
2487
*sids = NULL;
2579
2488
*nel = 0;
2580
2489
2581
-
if (!ss_initialized)
2490
+
if (!state->initialized)
2582
2491
goto out;
2583
2492
2584
-
read_lock(&policy_rwlock);
2493
+
read_lock(&state->ss->policy_rwlock);
2494
+
2495
+
policydb = &state->ss->policydb;
2496
+
sidtab = &state->ss->sidtab;
2585
2497
2586
2498
context_init(&usercon);
2587
2499
2588
2500
rc = -EINVAL;
2589
-
fromcon = sidtab_search(&sidtab, fromsid);
2501
+
fromcon = sidtab_search(sidtab, fromsid);
2590
2502
if (!fromcon)
2591
2503
goto out_unlock;
2592
2504
2593
2505
rc = -EINVAL;
2594
-
user = hashtab_search(policydb.p_users.table, username);
2506
+
user = hashtab_search(policydb->p_users.table, username);
2595
2507
if (!user)
2596
2508
goto out_unlock;
2597
2509
···
2606
2512
goto out_unlock;
2607
2513
2608
2514
ebitmap_for_each_positive_bit(&user->roles, rnode, i) {
2609
-
role = policydb.role_val_to_struct[i];
2515
+
role = policydb->role_val_to_struct[i];
2610
2516
usercon.role = i + 1;
2611
2517
ebitmap_for_each_positive_bit(&role->types, tnode, j) {
2612
2518
usercon.type = j + 1;
2613
2519
2614
-
if (mls_setup_user_range(fromcon, user, &usercon))
2520
+
if (mls_setup_user_range(policydb, fromcon, user,
2521
+
&usercon))
2615
2522
continue;
2616
2523
2617
-
rc = sidtab_context_to_sid(&sidtab, &usercon, &sid);
2524
+
rc = sidtab_context_to_sid(sidtab, &usercon, &sid);
2618
2525
if (rc)
2619
2526
goto out_unlock;
2620
2527
if (mynel < maxnel) {
···
2635
2540
}
2636
2541
rc = 0;
2637
2542
out_unlock:
2638
-
read_unlock(&policy_rwlock);
2543
+
read_unlock(&state->ss->policy_rwlock);
2639
2544
if (rc || !mynel) {
2640
2545
kfree(mysids);
2641
2546
goto out;
···
2678
2583
*
2679
2584
* The caller must acquire the policy_rwlock before calling this function.
2680
2585
*/
2681
-
static inline int __security_genfs_sid(const char *fstype,
2586
+
static inline int __security_genfs_sid(struct selinux_state *state,
2587
+
const char *fstype,
2682
2588
char *path,
2683
2589
u16 orig_sclass,
2684
2590
u32 *sid)
2685
2591
{
2592
+
struct policydb *policydb = &state->ss->policydb;
2593
+
struct sidtab *sidtab = &state->ss->sidtab;
2686
2594
int len;
2687
2595
u16 sclass;
2688
2596
struct genfs *genfs;
···
2695
2597
while (path[0] == '/' && path[1] == '/')
2696
2598
path++;
2697
2599
2698
-
sclass = unmap_class(orig_sclass);
2600
+
sclass = unmap_class(&state->ss->map, orig_sclass);
2699
2601
*sid = SECINITSID_UNLABELED;
2700
2602
2701
-
for (genfs = policydb.genfs; genfs; genfs = genfs->next) {
2603
+
for (genfs = policydb->genfs; genfs; genfs = genfs->next) {
2702
2604
cmp = strcmp(fstype, genfs->fstype);
2703
2605
if (cmp <= 0)
2704
2606
break;
···
2720
2622
goto out;
2721
2623
2722
2624
if (!c->sid[0]) {
2723
-
rc = sidtab_context_to_sid(&sidtab, &c->context[0], &c->sid[0]);
2625
+
rc = sidtab_context_to_sid(sidtab, &c->context[0], &c->sid[0]);
2724
2626
if (rc)
2725
2627
goto out;
2726
2628
}
···
2741
2643
* Acquire policy_rwlock before calling __security_genfs_sid() and release
2742
2644
* it afterward.
2743
2645
*/
2744
-
int security_genfs_sid(const char *fstype,
2646
+
int security_genfs_sid(struct selinux_state *state,
2647
+
const char *fstype,
2745
2648
char *path,
2746
2649
u16 orig_sclass,
2747
2650
u32 *sid)
2748
2651
{
2749
2652
int retval;
2750
2653
2751
-
read_lock(&policy_rwlock);
2752
-
retval = __security_genfs_sid(fstype, path, orig_sclass, sid);
2753
-
read_unlock(&policy_rwlock);
2654
+
read_lock(&state->ss->policy_rwlock);
2655
+
retval = __security_genfs_sid(state, fstype, path, orig_sclass, sid);
2656
+
read_unlock(&state->ss->policy_rwlock);
2754
2657
return retval;
2755
2658
}
2756
2659
···
2759
2660
* security_fs_use - Determine how to handle labeling for a filesystem.
2760
2661
* @sb: superblock in question
2761
2662
*/
2762
-
int security_fs_use(struct super_block *sb)
2663
+
int security_fs_use(struct selinux_state *state, struct super_block *sb)
2763
2664
{
2665
+
struct policydb *policydb;
2666
+
struct sidtab *sidtab;
2764
2667
int rc = 0;
2765
2668
struct ocontext *c;
2766
2669
struct superblock_security_struct *sbsec = sb->s_security;
2767
2670
const char *fstype = sb->s_type->name;
2768
2671
2769
-
read_lock(&policy_rwlock);
2672
+
read_lock(&state->ss->policy_rwlock);
2770
2673
2771
-
c = policydb.ocontexts[OCON_FSUSE];
2674
+
policydb = &state->ss->policydb;
2675
+
sidtab = &state->ss->sidtab;
2676
+
2677
+
c = policydb->ocontexts[OCON_FSUSE];
2772
2678
while (c) {
2773
2679
if (strcmp(fstype, c->u.name) == 0)
2774
2680
break;
···
2783
2679
if (c) {
2784
2680
sbsec->behavior = c->v.behavior;
2785
2681
if (!c->sid[0]) {
2786
-
rc = sidtab_context_to_sid(&sidtab, &c->context[0],
2682
+
rc = sidtab_context_to_sid(sidtab, &c->context[0],
2787
2683
&c->sid[0]);
2788
2684
if (rc)
2789
2685
goto out;
2790
2686
}
2791
2687
sbsec->sid = c->sid[0];
2792
2688
} else {
2793
-
rc = __security_genfs_sid(fstype, "/", SECCLASS_DIR,
2689
+
rc = __security_genfs_sid(state, fstype, "/", SECCLASS_DIR,
2794
2690
&sbsec->sid);
2795
2691
if (rc) {
2796
2692
sbsec->behavior = SECURITY_FS_USE_NONE;
···
2801
2697
}
2802
2698
2803
2699
out:
2804
-
read_unlock(&policy_rwlock);
2700
+
read_unlock(&state->ss->policy_rwlock);
2805
2701
return rc;
2806
2702
}
2807
2703
2808
-
int security_get_bools(int *len, char ***names, int **values)
2704
+
int security_get_bools(struct selinux_state *state,
2705
+
int *len, char ***names, int **values)
2809
2706
{
2707
+
struct policydb *policydb;
2810
2708
int i, rc;
2811
2709
2812
-
read_lock(&policy_rwlock);
2710
+
read_lock(&state->ss->policy_rwlock);
2711
+
2712
+
policydb = &state->ss->policydb;
2713
+
2813
2714
*names = NULL;
2814
2715
*values = NULL;
2815
2716
2816
2717
rc = 0;
2817
-
*len = policydb.p_bools.nprim;
2718
+
*len = policydb->p_bools.nprim;
2818
2719
if (!*len)
2819
2720
goto out;
2820
2721
···
2834
2725
goto err;
2835
2726
2836
2727
for (i = 0; i < *len; i++) {
2837
-
(*values)[i] = policydb.bool_val_to_struct[i]->state;
2728
+
(*values)[i] = policydb->bool_val_to_struct[i]->state;
2838
2729
2839
2730
rc = -ENOMEM;
2840
-
(*names)[i] = kstrdup(sym_name(&policydb, SYM_BOOLS, i), GFP_ATOMIC);
2731
+
(*names)[i] = kstrdup(sym_name(policydb, SYM_BOOLS, i),
2732
+
GFP_ATOMIC);
2841
2733
if (!(*names)[i])
2842
2734
goto err;
2843
2735
}
2844
2736
rc = 0;
2845
2737
out:
2846
-
read_unlock(&policy_rwlock);
2738
+
read_unlock(&state->ss->policy_rwlock);
2847
2739
return rc;
2848
2740
err:
2849
2741
if (*names) {
···
2856
2746
}
2857
2747
2858
2748
2859
-
int security_set_bools(int len, int *values)
2749
+
int security_set_bools(struct selinux_state *state, int len, int *values)
2860
2750
{
2751
+
struct policydb *policydb;
2861
2752
int i, rc;
2862
2753
int lenp, seqno = 0;
2863
2754
struct cond_node *cur;
2864
2755
2865
-
write_lock_irq(&policy_rwlock);
2756
+
write_lock_irq(&state->ss->policy_rwlock);
2757
+
2758
+
policydb = &state->ss->policydb;
2866
2759
2867
2760
rc = -EFAULT;
2868
-
lenp = policydb.p_bools.nprim;
2761
+
lenp = policydb->p_bools.nprim;
2869
2762
if (len != lenp)
2870
2763
goto out;
2871
2764
2872
2765
for (i = 0; i < len; i++) {
2873
-
if (!!values[i] != policydb.bool_val_to_struct[i]->state) {
2766
+
if (!!values[i] != policydb->bool_val_to_struct[i]->state) {
2874
2767
audit_log(current->audit_context, GFP_ATOMIC,
2875
2768
AUDIT_MAC_CONFIG_CHANGE,
2876
2769
"bool=%s val=%d old_val=%d auid=%u ses=%u",
2877
-
sym_name(&policydb, SYM_BOOLS, i),
2770
+
sym_name(policydb, SYM_BOOLS, i),
2878
2771
!!values[i],
2879
-
policydb.bool_val_to_struct[i]->state,
2772
+
policydb->bool_val_to_struct[i]->state,
2880
2773
from_kuid(&init_user_ns, audit_get_loginuid(current)),
2881
2774
audit_get_sessionid(current));
2882
2775
}
2883
2776
if (values[i])
2884
-
policydb.bool_val_to_struct[i]->state = 1;
2777
+
policydb->bool_val_to_struct[i]->state = 1;
2885
2778
else
2886
-
policydb.bool_val_to_struct[i]->state = 0;
2779
+
policydb->bool_val_to_struct[i]->state = 0;
2887
2780
}
2888
2781
2889
-
for (cur = policydb.cond_list; cur; cur = cur->next) {
2890
-
rc = evaluate_cond_node(&policydb, cur);
2782
+
for (cur = policydb->cond_list; cur; cur = cur->next) {
2783
+
rc = evaluate_cond_node(policydb, cur);
2891
2784
if (rc)
2892
2785
goto out;
2893
2786
}
2894
2787
2895
-
seqno = ++latest_granting;
2788
+
seqno = ++state->ss->latest_granting;
2896
2789
rc = 0;
2897
2790
out:
2898
-
write_unlock_irq(&policy_rwlock);
2791
+
write_unlock_irq(&state->ss->policy_rwlock);
2899
2792
if (!rc) {
2900
2793
avc_ss_reset(seqno);
2901
2794
selnl_notify_policyload(seqno);
2902
-
selinux_status_update_policyload(seqno);
2795
+
selinux_status_update_policyload(state, seqno);
2903
2796
selinux_xfrm_notify_policyload();
2904
2797
}
2905
2798
return rc;
2906
2799
}
2907
2800
2908
-
int security_get_bool_value(int index)
2801
+
int security_get_bool_value(struct selinux_state *state,
2802
+
int index)
2909
2803
{
2804
+
struct policydb *policydb;
2910
2805
int rc;
2911
2806
int len;
2912
2807
2913
-
read_lock(&policy_rwlock);
2808
+
read_lock(&state->ss->policy_rwlock);
2809
+
2810
+
policydb = &state->ss->policydb;
2914
2811
2915
2812
rc = -EFAULT;
2916
-
len = policydb.p_bools.nprim;
2813
+
len = policydb->p_bools.nprim;
2917
2814
if (index >= len)
2918
2815
goto out;
2919
2816
2920
-
rc = policydb.bool_val_to_struct[index]->state;
2817
+
rc = policydb->bool_val_to_struct[index]->state;
2921
2818
out:
2922
-
read_unlock(&policy_rwlock);
2819
+
read_unlock(&state->ss->policy_rwlock);
2923
2820
return rc;
2924
2821
}
2925
2822
2926
-
static int security_preserve_bools(struct policydb *p)
2823
+
static int security_preserve_bools(struct selinux_state *state,
2824
+
struct policydb *policydb)
2927
2825
{
2928
2826
int rc, nbools = 0, *bvalues = NULL, i;
2929
2827
char **bnames = NULL;
2930
2828
struct cond_bool_datum *booldatum;
2931
2829
struct cond_node *cur;
2932
2830
2933
-
rc = security_get_bools(&nbools, &bnames, &bvalues);
2831
+
rc = security_get_bools(state, &nbools, &bnames, &bvalues);
2934
2832
if (rc)
2935
2833
goto out;
2936
2834
for (i = 0; i < nbools; i++) {
2937
-
booldatum = hashtab_search(p->p_bools.table, bnames[i]);
2835
+
booldatum = hashtab_search(policydb->p_bools.table, bnames[i]);
2938
2836
if (booldatum)
2939
2837
booldatum->state = bvalues[i];
2940
2838
}
2941
-
for (cur = p->cond_list; cur; cur = cur->next) {
2942
-
rc = evaluate_cond_node(p, cur);
2839
+
for (cur = policydb->cond_list; cur; cur = cur->next) {
2840
+
rc = evaluate_cond_node(policydb, cur);
2943
2841
if (rc)
2944
2842
goto out;
2945
2843
}
···
2966
2848
* security_sid_mls_copy() - computes a new sid based on the given
2967
2849
* sid and the mls portion of mls_sid.
2968
2850
*/
2969
-
int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)
2851
+
int security_sid_mls_copy(struct selinux_state *state,
2852
+
u32 sid, u32 mls_sid, u32 *new_sid)
2970
2853
{
2854
+
struct policydb *policydb = &state->ss->policydb;
2855
+
struct sidtab *sidtab = &state->ss->sidtab;
2971
2856
struct context *context1;
2972
2857
struct context *context2;
2973
2858
struct context newcon;
···
2979
2858
int rc;
2980
2859
2981
2860
rc = 0;
2982
-
if (!ss_initialized || !policydb.mls_enabled) {
2861
+
if (!state->initialized || !policydb->mls_enabled) {
2983
2862
*new_sid = sid;
2984
2863
goto out;
2985
2864
}
2986
2865
2987
2866
context_init(&newcon);
2988
2867
2989
-
read_lock(&policy_rwlock);
2868
+
read_lock(&state->ss->policy_rwlock);
2990
2869
2991
2870
rc = -EINVAL;
2992
-
context1 = sidtab_search(&sidtab, sid);
2871
+
context1 = sidtab_search(sidtab, sid);
2993
2872
if (!context1) {
2994
2873
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
2995
2874
__func__, sid);
···
2997
2876
}
2998
2877
2999
2878
rc = -EINVAL;
3000
-
context2 = sidtab_search(&sidtab, mls_sid);
2879
+
context2 = sidtab_search(sidtab, mls_sid);
3001
2880
if (!context2) {
3002
2881
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
3003
2882
__func__, mls_sid);
···
3012
2891
goto out_unlock;
3013
2892
3014
2893
/* Check the validity of the new context. */
3015
-
if (!policydb_context_isvalid(&policydb, &newcon)) {
3016
-
rc = convert_context_handle_invalid_context(&newcon);
2894
+
if (!policydb_context_isvalid(policydb, &newcon)) {
2895
+
rc = convert_context_handle_invalid_context(state, &newcon);
3017
2896
if (rc) {
3018
-
if (!context_struct_to_string(&newcon, &s, &len)) {
2897
+
if (!context_struct_to_string(policydb, &newcon, &s,
2898
+
&len)) {
3019
2899
audit_log(current->audit_context,
3020
2900
GFP_ATOMIC, AUDIT_SELINUX_ERR,
3021
2901
"op=security_sid_mls_copy "
···
3027
2905
}
3028
2906
}
3029
2907
3030
-
rc = sidtab_context_to_sid(&sidtab, &newcon, new_sid);
2908
+
rc = sidtab_context_to_sid(sidtab, &newcon, new_sid);
3031
2909
out_unlock:
3032
-
read_unlock(&policy_rwlock);
2910
+
read_unlock(&state->ss->policy_rwlock);
3033
2911
context_destroy(&newcon);
3034
2912
out:
3035
2913
return rc;
···
3055
2933
* multiple, inconsistent labels | -<errno> | SECSID_NULL
3056
2934
*
3057
2935
*/
3058
-
int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type,
2936
+
int security_net_peersid_resolve(struct selinux_state *state,
2937
+
u32 nlbl_sid, u32 nlbl_type,
3059
2938
u32 xfrm_sid,
3060
2939
u32 *peer_sid)
3061
2940
{
2941
+
struct policydb *policydb = &state->ss->policydb;
2942
+
struct sidtab *sidtab = &state->ss->sidtab;
3062
2943
int rc;
3063
2944
struct context *nlbl_ctx;
3064
2945
struct context *xfrm_ctx;
···
3083
2958
return 0;
3084
2959
}
3085
2960
3086
-
/* we don't need to check ss_initialized here since the only way both
2961
+
/*
2962
+
* We don't need to check initialized here since the only way both
3087
2963
* nlbl_sid and xfrm_sid are not equal to SECSID_NULL would be if the
3088
-
* security server was initialized and ss_initialized was true */
3089
-
if (!policydb.mls_enabled)
2964
+
* security server was initialized and state->initialized was true.
2965
+
*/
2966
+
if (!policydb->mls_enabled)
3090
2967
return 0;
3091
2968
3092
-
read_lock(&policy_rwlock);
2969
+
read_lock(&state->ss->policy_rwlock);
3093
2970
3094
2971
rc = -EINVAL;
3095
-
nlbl_ctx = sidtab_search(&sidtab, nlbl_sid);
2972
+
nlbl_ctx = sidtab_search(sidtab, nlbl_sid);
3096
2973
if (!nlbl_ctx) {
3097
2974
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
3098
2975
__func__, nlbl_sid);
3099
2976
goto out;
3100
2977
}
3101
2978
rc = -EINVAL;
3102
-
xfrm_ctx = sidtab_search(&sidtab, xfrm_sid);
2979
+
xfrm_ctx = sidtab_search(sidtab, xfrm_sid);
3103
2980
if (!xfrm_ctx) {
3104
2981
printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
3105
2982
__func__, xfrm_sid);
···
3118
2991
* expressive */
3119
2992
*peer_sid = xfrm_sid;
3120
2993
out:
3121
-
read_unlock(&policy_rwlock);
2994
+
read_unlock(&state->ss->policy_rwlock);
3122
2995
return rc;
3123
2996
}
3124
2997
···
3135
3008
return 0;
3136
3009
}
3137
3010
3138
-
int security_get_classes(char ***classes, int *nclasses)
3011
+
int security_get_classes(struct selinux_state *state,
3012
+
char ***classes, int *nclasses)
3139
3013
{
3014
+
struct policydb *policydb = &state->ss->policydb;
3140
3015
int rc;
3141
3016
3142
-
read_lock(&policy_rwlock);
3017
+
read_lock(&state->ss->policy_rwlock);
3143
3018
3144
3019
rc = -ENOMEM;
3145
-
*nclasses = policydb.p_classes.nprim;
3020
+
*nclasses = policydb->p_classes.nprim;
3146
3021
*classes = kcalloc(*nclasses, sizeof(**classes), GFP_ATOMIC);
3147
3022
if (!*classes)
3148
3023
goto out;
3149
3024
3150
-
rc = hashtab_map(policydb.p_classes.table, get_classes_callback,
3025
+
rc = hashtab_map(policydb->p_classes.table, get_classes_callback,
3151
3026
*classes);
3152
3027
if (rc) {
3153
3028
int i;
···
3159
3030
}
3160
3031
3161
3032
out:
3162
-
read_unlock(&policy_rwlock);
3033
+
read_unlock(&state->ss->policy_rwlock);
3163
3034
return rc;
3164
3035
}
3165
3036
···
3176
3047
return 0;
3177
3048
}
3178
3049
3179
-
int security_get_permissions(char *class, char ***perms, int *nperms)
3050
+
int security_get_permissions(struct selinux_state *state,
3051
+
char *class, char ***perms, int *nperms)
3180
3052
{
3053
+
struct policydb *policydb = &state->ss->policydb;
3181
3054
int rc, i;
3182
3055
struct class_datum *match;
3183
3056
3184
-
read_lock(&policy_rwlock);
3057
+
read_lock(&state->ss->policy_rwlock);
3185
3058
3186
3059
rc = -EINVAL;
3187
-
match = hashtab_search(policydb.p_classes.table, class);
3060
+
match = hashtab_search(policydb->p_classes.table, class);
3188
3061
if (!match) {
3189
3062
printk(KERN_ERR "SELinux: %s: unrecognized class %s\n",
3190
3063
__func__, class);
···
3212
3081
goto err;
3213
3082
3214
3083
out:
3215
-
read_unlock(&policy_rwlock);
3084
+
read_unlock(&state->ss->policy_rwlock);
3216
3085
return rc;
3217
3086
3218
3087
err:
3219
-
read_unlock(&policy_rwlock);
3088
+
read_unlock(&state->ss->policy_rwlock);
3220
3089
for (i = 0; i < *nperms; i++)
3221
3090
kfree((*perms)[i]);
3222
3091
kfree(*perms);
3223
3092
return rc;
3224
3093
}
3225
3094
3226
-
int security_get_reject_unknown(void)
3095
+
int security_get_reject_unknown(struct selinux_state *state)
3227
3096
{
3228
-
return policydb.reject_unknown;
3097
+
return state->ss->policydb.reject_unknown;
3229
3098
}
3230
3099
3231
-
int security_get_allow_unknown(void)
3100
+
int security_get_allow_unknown(struct selinux_state *state)
3232
3101
{
3233
-
return policydb.allow_unknown;
3102
+
return state->ss->policydb.allow_unknown;
3234
3103
}
3235
3104
3236
3105
/**
···
3243
3112
* supported, false (0) if it isn't supported.
3244
3113
*
3245
3114
*/
3246
-
int security_policycap_supported(unsigned int req_cap)
3115
+
int security_policycap_supported(struct selinux_state *state,
3116
+
unsigned int req_cap)
3247
3117
{
3118
+
struct policydb *policydb = &state->ss->policydb;
3248
3119
int rc;
3249
3120
3250
-
read_lock(&policy_rwlock);
3251
-
rc = ebitmap_get_bit(&policydb.policycaps, req_cap);
3252
-
read_unlock(&policy_rwlock);
3121
+
read_lock(&state->ss->policy_rwlock);
3122
+
rc = ebitmap_get_bit(&policydb->policycaps, req_cap);
3123
+
read_unlock(&state->ss->policy_rwlock);
3253
3124
3254
3125
return rc;
3255
3126
}
···
3273
3140
3274
3141
int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
3275
3142
{
3143
+
struct selinux_state *state = &selinux_state;
3144
+
struct policydb *policydb = &state->ss->policydb;
3276
3145
struct selinux_audit_rule *tmprule;
3277
3146
struct role_datum *roledatum;
3278
3147
struct type_datum *typedatum;
···
3284
3149
3285
3150
*rule = NULL;
3286
3151
3287
-
if (!ss_initialized)
3152
+
if (!state->initialized)
3288
3153
return -EOPNOTSUPP;
3289
3154
3290
3155
switch (field) {
···
3317
3182
3318
3183
context_init(&tmprule->au_ctxt);
3319
3184
3320
-
read_lock(&policy_rwlock);
3185
+
read_lock(&state->ss->policy_rwlock);
3321
3186
3322
-
tmprule->au_seqno = latest_granting;
3187
+
tmprule->au_seqno = state->ss->latest_granting;
3323
3188
3324
3189
switch (field) {
3325
3190
case AUDIT_SUBJ_USER:
3326
3191
case AUDIT_OBJ_USER:
3327
3192
rc = -EINVAL;
3328
-
userdatum = hashtab_search(policydb.p_users.table, rulestr);
3193
+
userdatum = hashtab_search(policydb->p_users.table, rulestr);
3329
3194
if (!userdatum)
3330
3195
goto out;
3331
3196
tmprule->au_ctxt.user = userdatum->value;
···
3333
3198
case AUDIT_SUBJ_ROLE:
3334
3199
case AUDIT_OBJ_ROLE:
3335
3200
rc = -EINVAL;
3336
-
roledatum = hashtab_search(policydb.p_roles.table, rulestr);
3201
+
roledatum = hashtab_search(policydb->p_roles.table, rulestr);
3337
3202
if (!roledatum)
3338
3203
goto out;
3339
3204
tmprule->au_ctxt.role = roledatum->value;
···
3341
3206
case AUDIT_SUBJ_TYPE:
3342
3207
case AUDIT_OBJ_TYPE:
3343
3208
rc = -EINVAL;
3344
-
typedatum = hashtab_search(policydb.p_types.table, rulestr);
3209
+
typedatum = hashtab_search(policydb->p_types.table, rulestr);
3345
3210
if (!typedatum)
3346
3211
goto out;
3347
3212
tmprule->au_ctxt.type = typedatum->value;
···
3350
3215
case AUDIT_SUBJ_CLR:
3351
3216
case AUDIT_OBJ_LEV_LOW:
3352
3217
case AUDIT_OBJ_LEV_HIGH:
3353
-
rc = mls_from_string(rulestr, &tmprule->au_ctxt, GFP_ATOMIC);
3218
+
rc = mls_from_string(policydb, rulestr, &tmprule->au_ctxt,
3219
+
GFP_ATOMIC);
3354
3220
if (rc)
3355
3221
goto out;
3356
3222
break;
3357
3223
}
3358
3224
rc = 0;
3359
3225
out:
3360
-
read_unlock(&policy_rwlock);
3226
+
read_unlock(&state->ss->policy_rwlock);
3361
3227
3362
3228
if (rc) {
3363
3229
selinux_audit_rule_free(tmprule);
···
3398
3262
int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
3399
3263
struct audit_context *actx)
3400
3264
{
3265
+
struct selinux_state *state = &selinux_state;
3401
3266
struct context *ctxt;
3402
3267
struct mls_level *level;
3403
3268
struct selinux_audit_rule *rule = vrule;
···
3409
3272
return -ENOENT;
3410
3273
}
3411
3274
3412
-
read_lock(&policy_rwlock);
3275
+
read_lock(&state->ss->policy_rwlock);
3413
3276
3414
-
if (rule->au_seqno < latest_granting) {
3277
+
if (rule->au_seqno < state->ss->latest_granting) {
3415
3278
match = -ESTALE;
3416
3279
goto out;
3417
3280
}
3418
3281
3419
-
ctxt = sidtab_search(&sidtab, sid);
3282
+
ctxt = sidtab_search(&state->ss->sidtab, sid);
3420
3283
if (unlikely(!ctxt)) {
3421
3284
WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n",
3422
3285
sid);
···
3500
3363
}
3501
3364
3502
3365
out:
3503
-
read_unlock(&policy_rwlock);
3366
+
read_unlock(&state->ss->policy_rwlock);
3504
3367
return match;
3505
3368
}
3506
3369
···
3574
3437
* failure.
3575
3438
*
3576
3439
*/
3577
-
int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
3440
+
int security_netlbl_secattr_to_sid(struct selinux_state *state,
3441
+
struct netlbl_lsm_secattr *secattr,
3578
3442
u32 *sid)
3579
3443
{
3444
+
struct policydb *policydb = &state->ss->policydb;
3445
+
struct sidtab *sidtab = &state->ss->sidtab;
3580
3446
int rc;
3581
3447
struct context *ctx;
3582
3448
struct context ctx_new;
3583
3449
3584
-
if (!ss_initialized) {
3450
+
if (!state->initialized) {
3585
3451
*sid = SECSID_NULL;
3586
3452
return 0;
3587
3453
}
3588
3454
3589
-
read_lock(&policy_rwlock);
3455
+
read_lock(&state->ss->policy_rwlock);
3590
3456
3591
3457
if (secattr->flags & NETLBL_SECATTR_CACHE)
3592
3458
*sid = *(u32 *)secattr->cache->data;
···
3597
3457
*sid = secattr->attr.secid;
3598
3458
else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) {
3599
3459
rc = -EIDRM;
3600
-
ctx = sidtab_search(&sidtab, SECINITSID_NETMSG);
3460
+
ctx = sidtab_search(sidtab, SECINITSID_NETMSG);
3601
3461
if (ctx == NULL)
3602
3462
goto out;
3603
3463
···
3605
3465
ctx_new.user = ctx->user;
3606
3466
ctx_new.role = ctx->role;
3607
3467
ctx_new.type = ctx->type;
3608
-
mls_import_netlbl_lvl(&ctx_new, secattr);
3468
+
mls_import_netlbl_lvl(policydb, &ctx_new, secattr);
3609
3469
if (secattr->flags & NETLBL_SECATTR_MLS_CAT) {
3610
-
rc = mls_import_netlbl_cat(&ctx_new, secattr);
3470
+
rc = mls_import_netlbl_cat(policydb, &ctx_new, secattr);
3611
3471
if (rc)
3612
3472
goto out;
3613
3473
}
3614
3474
rc = -EIDRM;
3615
-
if (!mls_context_isvalid(&policydb, &ctx_new))
3475
+
if (!mls_context_isvalid(policydb, &ctx_new))
3616
3476
goto out_free;
3617
3477
3618
-
rc = sidtab_context_to_sid(&sidtab, &ctx_new, sid);
3478
+
rc = sidtab_context_to_sid(sidtab, &ctx_new, sid);
3619
3479
if (rc)
3620
3480
goto out_free;
3621
3481
···
3625
3485
} else
3626
3486
*sid = SECSID_NULL;
3627
3487
3628
-
read_unlock(&policy_rwlock);
3488
+
read_unlock(&state->ss->policy_rwlock);
3629
3489
return 0;
3630
3490
out_free:
3631
3491
ebitmap_destroy(&ctx_new.range.level[0].cat);
3632
3492
out:
3633
-
read_unlock(&policy_rwlock);
3493
+
read_unlock(&state->ss->policy_rwlock);
3634
3494
return rc;
3635
3495
}
3636
3496
···
3644
3504
* Returns zero on success, negative values on failure.
3645
3505
*
3646
3506
*/
3647
-
int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)
3507
+
int security_netlbl_sid_to_secattr(struct selinux_state *state,
3508
+
u32 sid, struct netlbl_lsm_secattr *secattr)
3648
3509
{
3510
+
struct policydb *policydb = &state->ss->policydb;
3649
3511
int rc;
3650
3512
struct context *ctx;
3651
3513
3652
-
if (!ss_initialized)
3514
+
if (!state->initialized)
3653
3515
return 0;
3654
3516
3655
-
read_lock(&policy_rwlock);
3517
+
read_lock(&state->ss->policy_rwlock);
3656
3518
3657
3519
rc = -ENOENT;
3658
-
ctx = sidtab_search(&sidtab, sid);
3520
+
ctx = sidtab_search(&state->ss->sidtab, sid);
3659
3521
if (ctx == NULL)
3660
3522
goto out;
3661
3523
3662
3524
rc = -ENOMEM;
3663
-
secattr->domain = kstrdup(sym_name(&policydb, SYM_TYPES, ctx->type - 1),
3525
+
secattr->domain = kstrdup(sym_name(policydb, SYM_TYPES, ctx->type - 1),
3664
3526
GFP_ATOMIC);
3665
3527
if (secattr->domain == NULL)
3666
3528
goto out;
3667
3529
3668
3530
secattr->attr.secid = sid;
3669
3531
secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID;
3670
-
mls_export_netlbl_lvl(ctx, secattr);
3671
-
rc = mls_export_netlbl_cat(ctx, secattr);
3532
+
mls_export_netlbl_lvl(policydb, ctx, secattr);
3533
+
rc = mls_export_netlbl_cat(policydb, ctx, secattr);
3672
3534
out:
3673
-
read_unlock(&policy_rwlock);
3535
+
read_unlock(&state->ss->policy_rwlock);
3674
3536
return rc;
3675
3537
}
3676
3538
#endif /* CONFIG_NETLABEL */
···
3683
3541
* @len: length of data in bytes
3684
3542
*
3685
3543
*/
3686
-
int security_read_policy(void **data, size_t *len)
3544
+
int security_read_policy(struct selinux_state *state,
3545
+
void **data, size_t *len)
3687
3546
{
3547
+
struct policydb *policydb = &state->ss->policydb;
3688
3548
int rc;
3689
3549
struct policy_file fp;
3690
3550
3691
-
if (!ss_initialized)
3551
+
if (!state->initialized)
3692
3552
return -EINVAL;
3693
3553
3694
-
*len = security_policydb_len();
3554
+
*len = security_policydb_len(state);
3695
3555
3696
3556
*data = vmalloc_user(*len);
3697
3557
if (!*data)
···
3702
3558
fp.data = *data;
3703
3559
fp.len = *len;
3704
3560
3705
-
read_lock(&policy_rwlock);
3706
-
rc = policydb_write(&policydb, &fp);
3707
-
read_unlock(&policy_rwlock);
3561
+
read_lock(&state->ss->policy_rwlock);
3562
+
rc = policydb_write(policydb, &fp);
3563
+
read_unlock(&state->ss->policy_rwlock);
3708
3564
3709
3565
if (rc)
3710
3566
return rc;
+22
-2
security/selinux/ss/services.h
+22
-2
security/selinux/ss/services.h
···
10
10
#include "policydb.h"
11
11
#include "sidtab.h"
12
12
13
-
extern struct policydb policydb;
13
+
/* Mapping for a single class */
14
+
struct selinux_mapping {
15
+
u16 value; /* policy value for class */
16
+
unsigned int num_perms; /* number of permissions in class */
17
+
u32 perms[sizeof(u32) * 8]; /* policy values for permissions */
18
+
};
19
+
20
+
/* Map for all of the classes, with array size */
21
+
struct selinux_map {
22
+
struct selinux_mapping *mapping; /* indexed by class */
23
+
u16 size; /* array size of mapping */
24
+
};
25
+
26
+
struct selinux_ss {
27
+
struct sidtab sidtab;
28
+
struct policydb policydb;
29
+
rwlock_t policy_rwlock;
30
+
u32 latest_granting;
31
+
struct selinux_map map;
32
+
struct page *status_page;
33
+
struct mutex status_lock;
34
+
};
14
35
15
36
void services_compute_xperms_drivers(struct extended_perms *xperms,
16
37
struct avtab_node *node);
···
40
19
struct avtab_node *node);
41
20
42
21
#endif /* _SS_SERVICES_H_ */
43
-
+24
-23
security/selinux/ss/status.c
+24
-23
security/selinux/ss/status.c
···
35
35
* In most cases, application shall confirm the kernel status is not
36
36
* changed without any system call invocations.
37
37
*/
38
-
static struct page *selinux_status_page;
39
-
static DEFINE_MUTEX(selinux_status_lock);
40
38
41
39
/*
42
40
* selinux_kernel_status_page
···
42
44
* It returns a reference to selinux_status_page. If the status page is
43
45
* not allocated yet, it also tries to allocate it at the first time.
44
46
*/
45
-
struct page *selinux_kernel_status_page(void)
47
+
struct page *selinux_kernel_status_page(struct selinux_state *state)
46
48
{
47
49
struct selinux_kernel_status *status;
48
50
struct page *result = NULL;
49
51
50
-
mutex_lock(&selinux_status_lock);
51
-
if (!selinux_status_page) {
52
-
selinux_status_page = alloc_page(GFP_KERNEL|__GFP_ZERO);
52
+
mutex_lock(&state->ss->status_lock);
53
+
if (!state->ss->status_page) {
54
+
state->ss->status_page = alloc_page(GFP_KERNEL|__GFP_ZERO);
53
55
54
-
if (selinux_status_page) {
55
-
status = page_address(selinux_status_page);
56
+
if (state->ss->status_page) {
57
+
status = page_address(state->ss->status_page);
56
58
57
59
status->version = SELINUX_KERNEL_STATUS_VERSION;
58
60
status->sequence = 0;
59
-
status->enforcing = selinux_enforcing;
61
+
status->enforcing = is_enforcing(state);
60
62
/*
61
63
* NOTE: the next policyload event shall set
62
64
* a positive value on the status->policyload,
···
64
66
* So, application can know it was updated.
65
67
*/
66
68
status->policyload = 0;
67
-
status->deny_unknown = !security_get_allow_unknown();
69
+
status->deny_unknown =
70
+
!security_get_allow_unknown(state);
68
71
}
69
72
}
70
-
result = selinux_status_page;
71
-
mutex_unlock(&selinux_status_lock);
73
+
result = state->ss->status_page;
74
+
mutex_unlock(&state->ss->status_lock);
72
75
73
76
return result;
74
77
}
···
79
80
*
80
81
* It updates status of the current enforcing/permissive mode.
81
82
*/
82
-
void selinux_status_update_setenforce(int enforcing)
83
+
void selinux_status_update_setenforce(struct selinux_state *state,
84
+
int enforcing)
83
85
{
84
86
struct selinux_kernel_status *status;
85
87
86
-
mutex_lock(&selinux_status_lock);
87
-
if (selinux_status_page) {
88
-
status = page_address(selinux_status_page);
88
+
mutex_lock(&state->ss->status_lock);
89
+
if (state->ss->status_page) {
90
+
status = page_address(state->ss->status_page);
89
91
90
92
status->sequence++;
91
93
smp_wmb();
···
96
96
smp_wmb();
97
97
status->sequence++;
98
98
}
99
-
mutex_unlock(&selinux_status_lock);
99
+
mutex_unlock(&state->ss->status_lock);
100
100
}
101
101
102
102
/*
···
105
105
* It updates status of the times of policy reloaded, and current
106
106
* setting of deny_unknown.
107
107
*/
108
-
void selinux_status_update_policyload(int seqno)
108
+
void selinux_status_update_policyload(struct selinux_state *state,
109
+
int seqno)
109
110
{
110
111
struct selinux_kernel_status *status;
111
112
112
-
mutex_lock(&selinux_status_lock);
113
-
if (selinux_status_page) {
114
-
status = page_address(selinux_status_page);
113
+
mutex_lock(&state->ss->status_lock);
114
+
if (state->ss->status_page) {
115
+
status = page_address(state->ss->status_page);
115
116
116
117
status->sequence++;
117
118
smp_wmb();
118
119
119
120
status->policyload = seqno;
120
-
status->deny_unknown = !security_get_allow_unknown();
121
+
status->deny_unknown = !security_get_allow_unknown(state);
121
122
122
123
smp_wmb();
123
124
status->sequence++;
124
125
}
125
-
mutex_unlock(&selinux_status_lock);
126
+
mutex_unlock(&state->ss->status_lock);
126
127
}
+4
-2
security/selinux/xfrm.c
+4
-2
security/selinux/xfrm.c
···
101
101
ctx->ctx_len = str_len;
102
102
memcpy(ctx->ctx_str, &uctx[1], str_len);
103
103
ctx->ctx_str[str_len] = '\0';
104
-
rc = security_context_to_sid(ctx->ctx_str, str_len, &ctx->ctx_sid, gfp);
104
+
rc = security_context_to_sid(&selinux_state, ctx->ctx_str, str_len,
105
+
&ctx->ctx_sid, gfp);
105
106
if (rc)
106
107
goto err;
107
108
···
353
352
if (secid == 0)
354
353
return -EINVAL;
355
354
356
-
rc = security_sid_to_context(secid, &ctx_str, &str_len);
355
+
rc = security_sid_to_context(&selinux_state, secid, &ctx_str,
356
+
&str_len);
357
357
if (rc)
358
358
return rc;
359
359