Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "Apart from reordering the SELinux mmap code to ensure DAC is called before MAC, these are minor maintenance updates" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (23 commits) selinux: correctly label /proc inodes in use before the policy is loaded selinux: put the mmap() DAC controls before the MAC controls selinux: fix the output of ./scripts/get_maintainer.pl for SELinux evm: enable key retention service automatically ima: skip memory allocation for empty files evm: EVM does not use MD5 ima: return d_name.name if d_path fails integrity: fix checkpatch errors ima: fix erroneous removal of security.ima xattr security: integrity: Use a more current logging style MAINTAINERS: email updates and other misc. changes ima: reduce memory usage when a template containing the n field is used ima: restore the original behavior for sending data with ima template Integrity: Pass commname via get_task_comm() fs: move i_readcount ima: use static const char array definitions security: have cap_dentry_init_security return error ima: new helper: file_inode(file) kernel: Mark function as static in kernel/seccomp.c capability: Use current logging styles ...
This commit is contained in:
Linus Torvalds
@@ -106,7 +106,7 @@ int selinux_enforcing;
|
||||
static int __init enforcing_setup(char *str)
|
||||
{
|
||||
unsigned long enforcing;
|
||||
if (!strict_strtoul(str, 0, &enforcing))
|
||||
if (!kstrtoul(str, 0, &enforcing))
|
||||
selinux_enforcing = enforcing ? 1 : 0;
|
||||
return 1;
|
||||
}
|
||||
@@ -119,7 +119,7 @@ int selinux_enabled = CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE;
|
||||
static int __init selinux_enabled_setup(char *str)
|
||||
{
|
||||
unsigned long enabled;
|
||||
if (!strict_strtoul(str, 0, &enabled))
|
||||
if (!kstrtoul(str, 0, &enabled))
|
||||
selinux_enabled = enabled ? 1 : 0;
|
||||
return 1;
|
||||
}
|
||||
@@ -1418,15 +1418,33 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
|
||||
isec->sid = sbsec->sid;
|
||||
|
||||
if ((sbsec->flags & SE_SBPROC) && !S_ISLNK(inode->i_mode)) {
|
||||
if (opt_dentry) {
|
||||
isec->sclass = inode_mode_to_security_class(inode->i_mode);
|
||||
rc = selinux_proc_get_sid(opt_dentry,
|
||||
isec->sclass,
|
||||
&sid);
|
||||
if (rc)
|
||||
goto out_unlock;
|
||||
isec->sid = sid;
|
||||
}
|
||||
/* We must have a dentry to determine the label on
|
||||
* procfs inodes */
|
||||
if (opt_dentry)
|
||||
/* Called from d_instantiate or
|
||||
* d_splice_alias. */
|
||||
dentry = dget(opt_dentry);
|
||||
else
|
||||
/* Called from selinux_complete_init, try to
|
||||
* find a dentry. */
|
||||
dentry = d_find_alias(inode);
|
||||
/*
|
||||
* This can be hit on boot when a file is accessed
|
||||
* before the policy is loaded. When we load policy we
|
||||
* may find inodes that have no dentry on the
|
||||
* sbsec->isec_head list. No reason to complain as
|
||||
* these will get fixed up the next time we go through
|
||||
* inode_doinit() with a dentry, before these inodes
|
||||
* could be used again by userspace.
|
||||
*/
|
||||
if (!dentry)
|
||||
goto out_unlock;
|
||||
isec->sclass = inode_mode_to_security_class(inode->i_mode);
|
||||
rc = selinux_proc_get_sid(dentry, isec->sclass, &sid);
|
||||
dput(dentry);
|
||||
if (rc)
|
||||
goto out_unlock;
|
||||
isec->sid = sid;
|
||||
}
|
||||
break;
|
||||
}
|
||||
@@ -3205,24 +3223,20 @@ error:
|
||||
|
||||
static int selinux_mmap_addr(unsigned long addr)
|
||||
{
|
||||
int rc = 0;
|
||||
u32 sid = current_sid();
|
||||
|
||||
/*
|
||||
* notice that we are intentionally putting the SELinux check before
|
||||
* the secondary cap_file_mmap check. This is such a likely attempt
|
||||
* at bad behaviour/exploit that we always want to get the AVC, even
|
||||
* if DAC would have also denied the operation.
|
||||
*/
|
||||
if (addr < CONFIG_LSM_MMAP_MIN_ADDR) {
|
||||
rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT,
|
||||
MEMPROTECT__MMAP_ZERO, NULL);
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
int rc;
|
||||
|
||||
/* do DAC check on address space usage */
|
||||
return cap_mmap_addr(addr);
|
||||
rc = cap_mmap_addr(addr);
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
if (addr < CONFIG_LSM_MMAP_MIN_ADDR) {
|
||||
u32 sid = current_sid();
|
||||
rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT,
|
||||
MEMPROTECT__MMAP_ZERO, NULL);
|
||||
}
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
static int selinux_mmap_file(struct file *file, unsigned long reqprot,
|
||||
|
||||
Reference in New Issue
Block a user