linux/security/smack, branch v3.17Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
https://git.shady.money/linux/atom?h=v3.172014-08-02T12:58:02ZMerge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next2014-08-02T12:58:02ZJames Morrisjames.l.morris@oracle.com2014-08-02T12:58:02Zurn:sha1:103ae675b12dee75ec099abf3d22857d1384b3bcnetlabel: shorter names for the NetLabel catmap funcs/structs2014-08-01T15:17:37ZPaul Moorepmoore@redhat.com2014-08-01T15:17:37Zurn:sha1:4fbe63d1c773cceef3fe1f6ed0c9c268f4f24760
Historically the NetLabel LSM secattr catmap functions and data
structures have had very long names which makes a mess of the NetLabel
code and anyone who uses NetLabel. This patch renames the catmap
functions and structures from "*_secattr_catmap_*" to just "*_catmap_*"
which improves things greatly.
There are no substantial code or logic changes in this patch.
Signed-off-by: Paul Moore <pmoore@redhat.com>
Tested-by: Casey Schaufler <casey@schaufler-ca.com>
netlabel: fix the horribly broken catmap functions2014-08-01T15:17:17ZPaul Moorepmoore@redhat.com2014-08-01T15:17:17Zurn:sha1:4b8feff251da3d7058b5779e21b33a85c686b974
The NetLabel secattr catmap functions, and the SELinux import/export
glue routines, were broken in many horrible ways and the SELinux glue
code fiddled with the NetLabel catmap structures in ways that we
probably shouldn't allow. At some point this "worked", but that was
likely due to a bit of dumb luck and sub-par testing (both inflicted
by yours truly). This patch corrects these problems by basically
gutting the code in favor of something less obtuse and restoring the
NetLabel abstractions in the SELinux catmap glue code.
Everything is working now, and if it decides to break itself in the
future this code will be much easier to debug than the code it
replaces.
One noteworthy side effect of the changes is that it is no longer
necessary to allocate a NetLabel catmap before calling one of the
NetLabel APIs to set a bit in the catmap. NetLabel will automatically
allocate the catmap nodes when needed, resulting in less allocations
when the lowest bit is greater than 255 and less code in the LSMs.
Cc: stable@vger.kernel.org
Reported-by: Christian Evans <frodox@zoho.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Tested-by: Casey Schaufler <casey@schaufler-ca.com>
netlabel: fix a problem when setting bits below the previously lowest bit2014-08-01T15:17:03ZPaul Moorepmoore@redhat.com2014-08-01T15:17:03Zurn:sha1:41c3bd2039e0d7b3dc32313141773f20716ec524
The NetLabel category (catmap) functions have a problem in that they
assume categories will be set in an increasing manner, e.g. the next
category set will always be larger than the last. Unfortunately, this
is not a valid assumption and could result in problems when attempting
to set categories less than the startbit in the lowest catmap node.
In some cases kernel panics and other nasties can result.
This patch corrects the problem by checking for this and allocating a
new catmap node instance and placing it at the front of the list.
Cc: stable@vger.kernel.org
Reported-by: Christian Evans <frodox@zoho.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Tested-by: Casey Schaufler <casey@schaufler-ca.com>
Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel into next2014-05-20T04:50:09ZJames Morrisjames.l.morris@oracle.com2014-05-20T04:50:09Zurn:sha1:2fd4e6698f0863f47558e63b67c7c3a026513541Warning in scanf string typing2014-05-06T18:32:53ZToralf Förstertoralf.foerster@gmx.de2014-04-27T17:33:34Zurn:sha1:ec554fa75ec94dcf47e52db9551755679c10235b
This fixes a warning about the mismatch of types between
the declared unsigned and integer.
Signed-off-by: Toralf Förster <toralf.foerster@gmx.de>
Smack: Label cgroup files for systemd2014-04-30T17:49:33ZCasey Schauflercasey@schaufler-ca.com2014-04-28T22:23:01Zurn:sha1:36ea735b522d09826ae0dac0e540f294436c52f3
The cgroup filesystem isn't ready for an LSM to
properly use extented attributes. This patch makes
files created in the cgroup filesystem usable by
a system running Smack and systemd.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Smack: Verify read access on file open - v32014-04-23T15:52:39ZCasey Schauflercasey@schaufler-ca.com2014-04-21T18:10:26Zurn:sha1:a6834c0b9114c06106efee8e9f2a11fbbb104567
Smack believes that many of the operatons that can
be performed on an open file descriptor are read operations.
The fstat and lseek system calls are examples.
An implication of this is that files shouldn't be open
if the task doesn't have read access even if it has
write access and the file is being opened write only.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Smack: bidirectional UDS connect check2014-04-11T21:35:28ZCasey Schauflercasey@schaufler-ca.com2014-04-10T23:37:08Zurn:sha1:54e70ec5eb090193b03e69d551fa6771a5a217c4
Smack IPC policy requires that the sender have write access
to the receiver. UDS streams don't do per-packet checks. The
only check is done at connect time. The existing code checks
if the connecting process can write to the other, but not the
other way around. This change adds a check that the other end
can write to the connecting process.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Signed-off-by: Casey Schuafler <casey@schaufler-ca.com>
Smack: Correctly remove SMACK64TRANSMUTE attribute2014-04-11T21:35:19ZCasey Schauflercasey@schaufler-ca.com2014-04-10T23:35:36Zurn:sha1:f59bdfba3e2b0ba5182f23d96101d106f18132ca
Sam Henderson points out that removing the SMACK64TRANSMUTE
attribute from a directory does not result in the directory
transmuting. This is because the inode flag indicating that
the directory is transmuting isn't cleared. The fix is a tad
less than trivial because smk_task and smk_mmap should have
been broken out, too.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>