Lines Matching +full:sig +full:- +full:dir +full:- +full:cmd
1 // SPDX-License-Identifier: GPL-2.0-only
3 * NSA Security-Enhanced Linux (SELinux) security module
13 * Copyright (C) 2003-2008 Red Hat, Inc., James Morris <jmorris@redhat.com>
15 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
17 * Copyright (C) 2006, 2007, 2009 Hewlett-Packard Development Company, L.P.
18 * Paul Moore <paul@paul-moore.com>
83 #include <linux/posix-timers.h>
156 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled
173 * selinux_peerlbl_enabled - Check to see if peer labeling is currently enabled
214 struct cred *cred = (struct cred *) current->real_cred; in cred_init_security()
218 tsec->osid = tsec->sid = SECINITSID_KERNEL; in cred_init_security()
229 return tsec->sid; in cred_sid()
240 sid = cred_sid(rcu_dereference(task->cred)); in task_sid_subj()
286 * allowed; when set to false, returns -ECHILD when the label is
298 isec->initialized != LABEL_INITIALIZED) { in __inode_security_revalidate()
300 return -ECHILD; in __inode_security_revalidate()
361 sbsec = selinux_superblock(inode->i_sb); in inode_free_security()
372 if (!list_empty_careful(&isec->list)) { in inode_free_security()
373 spin_lock(&sbsec->isec_lock); in inode_free_security()
374 list_del_init(&isec->list); in inode_free_security()
375 spin_unlock(&sbsec->isec_lock); in inode_free_security()
386 kfree(opts->fscontext); in selinux_free_mnt_opts()
387 kfree(opts->context); in selinux_free_mnt_opts()
388 kfree(opts->rootcontext); in selinux_free_mnt_opts()
389 kfree(opts->defcontext); in selinux_free_mnt_opts()
394 Opt_error = -1,
402 #define A(s, has_arg) {#s, sizeof(#s) - 1, Opt_##s, has_arg}
446 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
452 tsec->sid, sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
464 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
470 sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
477 /* Special handling. Genfs but also in-core setxattr handler */ in selinux_is_genfs_special_handling()
478 return !strcmp(sb->s_type->name, "sysfs") || in selinux_is_genfs_special_handling()
479 !strcmp(sb->s_type->name, "pstore") || in selinux_is_genfs_special_handling()
480 !strcmp(sb->s_type->name, "debugfs") || in selinux_is_genfs_special_handling()
481 !strcmp(sb->s_type->name, "tracefs") || in selinux_is_genfs_special_handling()
482 !strcmp(sb->s_type->name, "rootfs") || in selinux_is_genfs_special_handling()
484 (!strcmp(sb->s_type->name, "cgroup") || in selinux_is_genfs_special_handling()
485 !strcmp(sb->s_type->name, "cgroup2"))); in selinux_is_genfs_special_handling()
493 * IMPORTANT: Double-check logic in this function when adding a new in selinux_is_sblabel_mnt()
498 switch (sbsec->behavior) { in selinux_is_sblabel_mnt()
518 struct superblock_security_struct *sbsec = sb->s_security; in sb_check_xattr_support()
519 struct dentry *root = sb->s_root; in sb_check_xattr_support()
526 * error other than -ENODATA is returned by getxattr on in sb_check_xattr_support()
527 * the root directory. -ENODATA is ok, as this may be in sb_check_xattr_support()
531 if (!(root_inode->i_opflags & IOP_XATTR)) { in sb_check_xattr_support()
533 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
538 if (rc < 0 && rc != -ENODATA) { in sb_check_xattr_support()
539 if (rc == -EOPNOTSUPP) { in sb_check_xattr_support()
541 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
545 sb->s_id, sb->s_type->name, -rc); in sb_check_xattr_support()
552 /* No xattr support - try to fallback to genfs if possible. */ in sb_check_xattr_support()
553 rc = security_genfs_sid(&selinux_state, sb->s_type->name, "/", in sb_check_xattr_support()
556 return -EOPNOTSUPP; in sb_check_xattr_support()
559 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
560 sbsec->behavior = SECURITY_FS_USE_GENFS; in sb_check_xattr_support()
561 sbsec->sid = sid; in sb_check_xattr_support()
568 struct dentry *root = sb->s_root; in sb_finish_set_opts()
572 if (sbsec->behavior == SECURITY_FS_USE_XATTR) { in sb_finish_set_opts()
578 sbsec->flags |= SE_SBINITIALIZED; in sb_finish_set_opts()
586 sbsec->flags |= SBLABEL_MNT; in sb_finish_set_opts()
588 sbsec->flags &= ~SBLABEL_MNT; in sb_finish_set_opts()
597 spin_lock(&sbsec->isec_lock); in sb_finish_set_opts()
598 while (!list_empty(&sbsec->isec_head)) { in sb_finish_set_opts()
600 list_first_entry(&sbsec->isec_head, in sb_finish_set_opts()
602 struct inode *inode = isec->inode; in sb_finish_set_opts()
603 list_del_init(&isec->list); in sb_finish_set_opts()
604 spin_unlock(&sbsec->isec_lock); in sb_finish_set_opts()
611 spin_lock(&sbsec->isec_lock); in sb_finish_set_opts()
613 spin_unlock(&sbsec->isec_lock); in sb_finish_set_opts()
620 char mnt_flags = sbsec->flags & SE_MNTMASK; in bad_option()
623 if (sbsec->flags & SE_SBINITIALIZED) in bad_option()
624 if (!(sbsec->flags & flag) || in bad_option()
631 if (!(sbsec->flags & SE_SBINITIALIZED)) in bad_option()
644 s, sb->s_id, sb->s_type->name, rc); in parse_sid()
659 struct dentry *root = sb->s_root; in selinux_set_mnt_opts()
666 mutex_lock(&sbsec->lock); in selinux_set_mnt_opts()
675 rc = -EINVAL; in selinux_set_mnt_opts()
683 rc = -EINVAL; in selinux_set_mnt_opts()
698 if ((sbsec->flags & SE_SBINITIALIZED) && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA) in selinux_set_mnt_opts()
710 if (opts->fscontext) { in selinux_set_mnt_opts()
711 rc = parse_sid(sb, opts->fscontext, &fscontext_sid); in selinux_set_mnt_opts()
714 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_set_mnt_opts()
717 sbsec->flags |= FSCONTEXT_MNT; in selinux_set_mnt_opts()
719 if (opts->context) { in selinux_set_mnt_opts()
720 rc = parse_sid(sb, opts->context, &context_sid); in selinux_set_mnt_opts()
723 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_set_mnt_opts()
726 sbsec->flags |= CONTEXT_MNT; in selinux_set_mnt_opts()
728 if (opts->rootcontext) { in selinux_set_mnt_opts()
729 rc = parse_sid(sb, opts->rootcontext, &rootcontext_sid); in selinux_set_mnt_opts()
732 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_set_mnt_opts()
735 sbsec->flags |= ROOTCONTEXT_MNT; in selinux_set_mnt_opts()
737 if (opts->defcontext) { in selinux_set_mnt_opts()
738 rc = parse_sid(sb, opts->defcontext, &defcontext_sid); in selinux_set_mnt_opts()
741 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_set_mnt_opts()
744 sbsec->flags |= DEFCONTEXT_MNT; in selinux_set_mnt_opts()
748 if (sbsec->flags & SE_SBINITIALIZED) { in selinux_set_mnt_opts()
750 if ((sbsec->flags & SE_MNTMASK) && !opts) in selinux_set_mnt_opts()
756 if (strcmp(sb->s_type->name, "proc") == 0) in selinux_set_mnt_opts()
757 sbsec->flags |= SE_SBPROC | SE_SBGENFS; in selinux_set_mnt_opts()
759 if (!strcmp(sb->s_type->name, "debugfs") || in selinux_set_mnt_opts()
760 !strcmp(sb->s_type->name, "tracefs") || in selinux_set_mnt_opts()
761 !strcmp(sb->s_type->name, "binder") || in selinux_set_mnt_opts()
762 !strcmp(sb->s_type->name, "bpf") || in selinux_set_mnt_opts()
763 !strcmp(sb->s_type->name, "pstore")) in selinux_set_mnt_opts()
764 sbsec->flags |= SE_SBGENFS; in selinux_set_mnt_opts()
766 if (!strcmp(sb->s_type->name, "sysfs") || in selinux_set_mnt_opts()
767 !strcmp(sb->s_type->name, "cgroup") || in selinux_set_mnt_opts()
768 !strcmp(sb->s_type->name, "cgroup2")) in selinux_set_mnt_opts()
769 sbsec->flags |= SE_SBGENFS | SE_SBGENFS_XATTR; in selinux_set_mnt_opts()
771 if (!sbsec->behavior) { in selinux_set_mnt_opts()
779 __func__, sb->s_type->name, rc); in selinux_set_mnt_opts()
789 if (sb->s_user_ns != &init_user_ns && in selinux_set_mnt_opts()
790 strcmp(sb->s_type->name, "tmpfs") && in selinux_set_mnt_opts()
791 strcmp(sb->s_type->name, "ramfs") && in selinux_set_mnt_opts()
792 strcmp(sb->s_type->name, "devpts") && in selinux_set_mnt_opts()
793 strcmp(sb->s_type->name, "overlay")) { in selinux_set_mnt_opts()
796 rc = -EACCES; in selinux_set_mnt_opts()
799 if (sbsec->behavior == SECURITY_FS_USE_XATTR) { in selinux_set_mnt_opts()
800 sbsec->behavior = SECURITY_FS_USE_MNTPOINT; in selinux_set_mnt_opts()
805 &sbsec->mntpoint_sid); in selinux_set_mnt_opts()
818 sbsec->sid = fscontext_sid; in selinux_set_mnt_opts()
827 sbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_set_mnt_opts()
837 sbsec->sid = context_sid; in selinux_set_mnt_opts()
847 sbsec->mntpoint_sid = context_sid; in selinux_set_mnt_opts()
848 sbsec->behavior = SECURITY_FS_USE_MNTPOINT; in selinux_set_mnt_opts()
857 root_isec->sid = rootcontext_sid; in selinux_set_mnt_opts()
858 root_isec->initialized = LABEL_INITIALIZED; in selinux_set_mnt_opts()
862 if (sbsec->behavior != SECURITY_FS_USE_XATTR && in selinux_set_mnt_opts()
863 sbsec->behavior != SECURITY_FS_USE_NATIVE) { in selinux_set_mnt_opts()
864 rc = -EINVAL; in selinux_set_mnt_opts()
870 if (defcontext_sid != sbsec->def_sid) { in selinux_set_mnt_opts()
877 sbsec->def_sid = defcontext_sid; in selinux_set_mnt_opts()
883 mutex_unlock(&sbsec->lock); in selinux_set_mnt_opts()
886 rc = -EINVAL; in selinux_set_mnt_opts()
888 "security settings for (dev %s, type %s)\n", sb->s_id, in selinux_set_mnt_opts()
889 sb->s_type->name); in selinux_set_mnt_opts()
898 char oldflags = old->flags & SE_MNTMASK; in selinux_cmp_sb_context()
899 char newflags = new->flags & SE_MNTMASK; in selinux_cmp_sb_context()
903 if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid) in selinux_cmp_sb_context()
905 if ((oldflags & CONTEXT_MNT) && old->mntpoint_sid != new->mntpoint_sid) in selinux_cmp_sb_context()
907 if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid) in selinux_cmp_sb_context()
910 struct inode_security_struct *oldroot = backing_inode_security(oldsb->s_root); in selinux_cmp_sb_context()
911 struct inode_security_struct *newroot = backing_inode_security(newsb->s_root); in selinux_cmp_sb_context()
912 if (oldroot->sid != newroot->sid) in selinux_cmp_sb_context()
919 "type %s)\n", newsb->s_id, newsb->s_type->name); in selinux_cmp_sb_context()
920 return -EBUSY; in selinux_cmp_sb_context()
933 int set_fscontext = (oldsbsec->flags & FSCONTEXT_MNT); in selinux_sb_clone_mnt_opts()
934 int set_context = (oldsbsec->flags & CONTEXT_MNT); in selinux_sb_clone_mnt_opts()
935 int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); in selinux_sb_clone_mnt_opts()
949 return -EINVAL; in selinux_sb_clone_mnt_opts()
952 BUG_ON(!(oldsbsec->flags & SE_SBINITIALIZED)); in selinux_sb_clone_mnt_opts()
955 if (newsbsec->flags & SE_SBINITIALIZED) { in selinux_sb_clone_mnt_opts()
961 mutex_lock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
963 newsbsec->flags = oldsbsec->flags; in selinux_sb_clone_mnt_opts()
965 newsbsec->sid = oldsbsec->sid; in selinux_sb_clone_mnt_opts()
966 newsbsec->def_sid = oldsbsec->def_sid; in selinux_sb_clone_mnt_opts()
967 newsbsec->behavior = oldsbsec->behavior; in selinux_sb_clone_mnt_opts()
969 if (newsbsec->behavior == SECURITY_FS_USE_NATIVE && in selinux_sb_clone_mnt_opts()
977 newsbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_sb_clone_mnt_opts()
982 u32 sid = oldsbsec->mntpoint_sid; in selinux_sb_clone_mnt_opts()
985 newsbsec->sid = sid; in selinux_sb_clone_mnt_opts()
987 struct inode_security_struct *newisec = backing_inode_security(newsb->s_root); in selinux_sb_clone_mnt_opts()
988 newisec->sid = sid; in selinux_sb_clone_mnt_opts()
990 newsbsec->mntpoint_sid = sid; in selinux_sb_clone_mnt_opts()
993 const struct inode_security_struct *oldisec = backing_inode_security(oldsb->s_root); in selinux_sb_clone_mnt_opts()
994 struct inode_security_struct *newisec = backing_inode_security(newsb->s_root); in selinux_sb_clone_mnt_opts()
996 newisec->sid = oldisec->sid; in selinux_sb_clone_mnt_opts()
1001 mutex_unlock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
1015 return -ENOMEM; in selinux_add_opt()
1019 return -ENOMEM; in selinux_add_opt()
1022 if (opts->context || opts->defcontext) in selinux_add_opt()
1024 opts->context = s; in selinux_add_opt()
1027 if (opts->fscontext) in selinux_add_opt()
1029 opts->fscontext = s; in selinux_add_opt()
1032 if (opts->rootcontext) in selinux_add_opt()
1034 opts->rootcontext = s; in selinux_add_opt()
1037 if (opts->context || opts->defcontext) in selinux_add_opt()
1039 opts->defcontext = s; in selinux_add_opt()
1045 return -EINVAL; in selinux_add_opt()
1062 return -EINVAL; in selinux_add_mnt_opt()
1067 rc = -ENOMEM; in selinux_add_mnt_opt()
1113 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_show_options()
1119 if (sbsec->flags & FSCONTEXT_MNT) { in selinux_sb_show_options()
1122 rc = show_sid(m, sbsec->sid); in selinux_sb_show_options()
1126 if (sbsec->flags & CONTEXT_MNT) { in selinux_sb_show_options()
1129 rc = show_sid(m, sbsec->mntpoint_sid); in selinux_sb_show_options()
1133 if (sbsec->flags & DEFCONTEXT_MNT) { in selinux_sb_show_options()
1136 rc = show_sid(m, sbsec->def_sid); in selinux_sb_show_options()
1140 if (sbsec->flags & ROOTCONTEXT_MNT) { in selinux_sb_show_options()
1141 struct dentry *root = sb->s_root; in selinux_sb_show_options()
1145 rc = show_sid(m, isec->sid); in selinux_sb_show_options()
1149 if (sbsec->flags & SBLABEL_MNT) { in selinux_sb_show_options()
1350 struct super_block *sb = dentry->d_sb; in selinux_genfs_get_sid()
1355 return -ENOMEM; in selinux_genfs_get_sid()
1364 * e.g. /proc/1/net/rpc/nfs -> /net/rpc/nfs */ in selinux_genfs_get_sid()
1370 rc = security_genfs_sid(&selinux_state, sb->s_type->name, in selinux_genfs_get_sid()
1372 if (rc == -ENOENT) { in selinux_genfs_get_sid()
1393 return -ENOMEM; in inode_doinit_use_xattr()
1397 if (rc == -ERANGE) { in inode_doinit_use_xattr()
1408 return -ENOMEM; in inode_doinit_use_xattr()
1416 if (rc != -ENODATA) { in inode_doinit_use_xattr()
1418 __func__, -rc, inode->i_sb->s_id, inode->i_ino); in inode_doinit_use_xattr()
1428 char *dev = inode->i_sb->s_id; in inode_doinit_use_xattr()
1429 unsigned long ino = inode->i_ino; in inode_doinit_use_xattr()
1431 if (rc == -EINVAL) { in inode_doinit_use_xattr()
1436 __func__, context, -rc, dev, ino); in inode_doinit_use_xattr()
1453 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1456 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1457 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1460 if (isec->sclass == SECCLASS_FILE) in inode_doinit_with_dentry()
1461 isec->sclass = inode_mode_to_security_class(inode->i_mode); in inode_doinit_with_dentry()
1463 sbsec = selinux_superblock(inode->i_sb); in inode_doinit_with_dentry()
1464 if (!(sbsec->flags & SE_SBINITIALIZED)) { in inode_doinit_with_dentry()
1468 spin_lock(&sbsec->isec_lock); in inode_doinit_with_dentry()
1469 if (list_empty(&isec->list)) in inode_doinit_with_dentry()
1470 list_add(&isec->list, &sbsec->isec_head); in inode_doinit_with_dentry()
1471 spin_unlock(&sbsec->isec_lock); in inode_doinit_with_dentry()
1475 sclass = isec->sclass; in inode_doinit_with_dentry()
1476 task_sid = isec->task_sid; in inode_doinit_with_dentry()
1477 sid = isec->sid; in inode_doinit_with_dentry()
1478 isec->initialized = LABEL_PENDING; in inode_doinit_with_dentry()
1479 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1481 switch (sbsec->behavior) { in inode_doinit_with_dentry()
1485 if (!(inode->i_opflags & IOP_XATTR)) { in inode_doinit_with_dentry()
1486 sid = sbsec->def_sid; in inode_doinit_with_dentry()
1510 * sbsec->isec_head list. No reason to complain as these in inode_doinit_with_dentry()
1518 rc = inode_doinit_use_xattr(inode, dentry, sbsec->def_sid, in inode_doinit_with_dentry()
1529 sid = sbsec->sid; in inode_doinit_with_dentry()
1538 sid = sbsec->mntpoint_sid; in inode_doinit_with_dentry()
1542 sid = sbsec->sid; in inode_doinit_with_dentry()
1544 if ((sbsec->flags & SE_SBGENFS) && in inode_doinit_with_dentry()
1545 (!S_ISLNK(inode->i_mode) || in inode_doinit_with_dentry()
1566 * sbsec->isec_head list. No reason to complain as in inode_doinit_with_dentry()
1574 sbsec->flags, &sid); in inode_doinit_with_dentry()
1580 if ((sbsec->flags & SE_SBGENFS_XATTR) && in inode_doinit_with_dentry()
1581 (inode->i_opflags & IOP_XATTR)) { in inode_doinit_with_dentry()
1595 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1596 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1598 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1601 isec->initialized = LABEL_INITIALIZED; in inode_doinit_with_dentry()
1602 isec->sid = sid; in inode_doinit_with_dentry()
1606 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1610 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1611 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1612 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1613 isec->sid = sid; in inode_doinit_with_dentry()
1615 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1620 static inline u32 signal_to_av(int sig) in signal_to_av() argument
1624 switch (sig) { in signal_to_av()
1674 return -EINVAL; in cred_has_capability()
1708 sid, isec->sid, isec->sclass, perms, adp); in inode_has_perm()
1734 struct inode *inode = d_backing_inode(path->dentry); in path_has_perm()
1739 __inode_security_revalidate(inode, path->dentry, true); in path_has_perm()
1780 if (sid != fsec->sid) { in file_has_perm()
1782 sid, fsec->sid, in file_has_perm()
1810 struct inode *dir, in selinux_determine_inode_label() argument
1815 selinux_superblock(dir->i_sb); in selinux_determine_inode_label()
1817 if ((sbsec->flags & SE_SBINITIALIZED) && in selinux_determine_inode_label()
1818 (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) { in selinux_determine_inode_label()
1819 *_new_isid = sbsec->mntpoint_sid; in selinux_determine_inode_label()
1820 } else if ((sbsec->flags & SBLABEL_MNT) && in selinux_determine_inode_label()
1821 tsec->create_sid) { in selinux_determine_inode_label()
1822 *_new_isid = tsec->create_sid; in selinux_determine_inode_label()
1824 const struct inode_security_struct *dsec = inode_security(dir); in selinux_determine_inode_label()
1825 return security_transition_sid(&selinux_state, tsec->sid, in selinux_determine_inode_label()
1826 dsec->sid, tclass, in selinux_determine_inode_label()
1834 static int may_create(struct inode *dir, in may_create() argument
1845 dsec = inode_security(dir); in may_create()
1846 sbsec = selinux_superblock(dir->i_sb); in may_create()
1848 sid = tsec->sid; in may_create()
1854 sid, dsec->sid, SECCLASS_DIR, in may_create()
1860 rc = selinux_determine_inode_label(tsec, dir, &dentry->d_name, tclass, in may_create()
1871 newsid, sbsec->sid, in may_create()
1881 static int may_link(struct inode *dir, in may_link() argument
1892 dsec = inode_security(dir); in may_link()
1901 sid, dsec->sid, SECCLASS_DIR, av, &ad); in may_link()
1922 sid, isec->sid, isec->sclass, av, &ad); in may_link()
1947 sid, old_dsec->sid, SECCLASS_DIR, in may_rename()
1952 sid, old_isec->sid, in may_rename()
1953 old_isec->sclass, FILE__RENAME, &ad); in may_rename()
1958 sid, old_isec->sid, in may_rename()
1959 old_isec->sclass, DIR__REPARENT, &ad); in may_rename()
1969 sid, new_dsec->sid, SECCLASS_DIR, av, &ad); in may_rename()
1976 sid, new_isec->sid, in may_rename()
1977 new_isec->sclass, in may_rename()
1997 sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad); in superblock_has_perm()
2033 if (file->f_mode & FMODE_READ) in file_to_av()
2035 if (file->f_mode & FMODE_WRITE) { in file_to_av()
2036 if (file->f_flags & O_APPEND) in file_to_av()
2043 * Special file opened with flags 3 for ioctl-only use. in file_to_av()
2061 inode->i_sb->s_magic != SOCKFS_MAGIC) in open_file_to_av()
2110 struct dentry *dentry = file->f_path.dentry; in selinux_binder_transfer_file()
2116 ad.u.path = file->f_path; in selinux_binder_transfer_file()
2118 if (sid != fsec->sid) { in selinux_binder_transfer_file()
2120 sid, fsec->sid, in selinux_binder_transfer_file()
2139 sid, isec->sid, isec->sclass, file_to_av(file), in selinux_binder_transfer_file()
2266 * succeed and -ENOMEM implies there is not.
2303 int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS); in check_nnp_nosuid()
2304 int nosuid = !mnt_may_suid(bprm->file->f_path.mnt); in check_nnp_nosuid()
2311 if (new_tsec->sid == old_tsec->sid) in check_nnp_nosuid()
2327 old_tsec->sid, new_tsec->sid, in check_nnp_nosuid()
2338 rc = security_bounded_transition(&selinux_state, old_tsec->sid, in check_nnp_nosuid()
2339 new_tsec->sid); in check_nnp_nosuid()
2349 return -EPERM; in check_nnp_nosuid()
2350 return -EACCES; in check_nnp_nosuid()
2359 struct inode *inode = file_inode(bprm->file); in selinux_bprm_creds_for_exec()
2366 new_tsec = selinux_cred(bprm->cred); in selinux_bprm_creds_for_exec()
2370 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2371 new_tsec->osid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2374 new_tsec->create_sid = 0; in selinux_bprm_creds_for_exec()
2375 new_tsec->keycreate_sid = 0; in selinux_bprm_creds_for_exec()
2376 new_tsec->sockcreate_sid = 0; in selinux_bprm_creds_for_exec()
2378 if (old_tsec->exec_sid) { in selinux_bprm_creds_for_exec()
2379 new_tsec->sid = old_tsec->exec_sid; in selinux_bprm_creds_for_exec()
2381 new_tsec->exec_sid = 0; in selinux_bprm_creds_for_exec()
2389 rc = security_transition_sid(&selinux_state, old_tsec->sid, in selinux_bprm_creds_for_exec()
2390 isec->sid, SECCLASS_PROCESS, NULL, in selinux_bprm_creds_for_exec()
2391 &new_tsec->sid); in selinux_bprm_creds_for_exec()
2401 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2405 ad.u.file = bprm->file; in selinux_bprm_creds_for_exec()
2407 if (new_tsec->sid == old_tsec->sid) { in selinux_bprm_creds_for_exec()
2409 old_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2416 old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2422 new_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2428 if (bprm->unsafe & LSM_UNSAFE_SHARE) { in selinux_bprm_creds_for_exec()
2430 old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2434 return -EPERM; in selinux_bprm_creds_for_exec()
2439 if (bprm->unsafe & LSM_UNSAFE_PTRACE) { in selinux_bprm_creds_for_exec()
2443 ptsid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2447 return -EPERM; in selinux_bprm_creds_for_exec()
2452 bprm->per_clear |= PER_CLEAR_ON_SETID; in selinux_bprm_creds_for_exec()
2458 old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2461 bprm->secureexec |= !!rc; in selinux_bprm_creds_for_exec()
2483 spin_lock(&tty->files_lock); in flush_unauthorized_files()
2484 if (!list_empty(&tty->tty_files)) { in flush_unauthorized_files()
2491 only interested in the inode-based check here. */ in flush_unauthorized_files()
2492 file_priv = list_first_entry(&tty->tty_files, in flush_unauthorized_files()
2494 file = file_priv->file; in flush_unauthorized_files()
2498 spin_unlock(&tty->files_lock); in flush_unauthorized_files()
2515 replace_fd(n - 1, devnull, 0); in flush_unauthorized_files()
2530 new_tsec = selinux_cred(bprm->cred); in selinux_bprm_committing_creds()
2531 if (new_tsec->sid == new_tsec->osid) in selinux_bprm_committing_creds()
2535 flush_unauthorized_files(bprm->cred, current->files); in selinux_bprm_committing_creds()
2538 current->pdeath_signal = 0; in selinux_bprm_committing_creds()
2551 new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS, in selinux_bprm_committing_creds()
2557 rlim = current->signal->rlim + i; in selinux_bprm_committing_creds()
2558 initrlim = init_task.signal->rlim + i; in selinux_bprm_committing_creds()
2559 rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); in selinux_bprm_committing_creds()
2577 osid = tsec->osid; in selinux_bprm_committed_creds()
2578 sid = tsec->sid; in selinux_bprm_committed_creds()
2595 spin_lock_irq(¤t->sighand->siglock); in selinux_bprm_committed_creds()
2597 flush_sigqueue(¤t->pending); in selinux_bprm_committed_creds()
2598 flush_sigqueue(¤t->signal->shared_pending); in selinux_bprm_committed_creds()
2600 sigemptyset(¤t->blocked); in selinux_bprm_committed_creds()
2603 spin_unlock_irq(¤t->sighand->siglock); in selinux_bprm_committed_creds()
2609 __wake_up_parent(current, current->real_parent); in selinux_bprm_committed_creds()
2619 mutex_init(&sbsec->lock); in selinux_sb_alloc_security()
2620 INIT_LIST_HEAD(&sbsec->isec_head); in selinux_sb_alloc_security()
2621 spin_lock_init(&sbsec->isec_lock); in selinux_sb_alloc_security()
2622 sbsec->sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2623 sbsec->def_sid = SECINITSID_FILE; in selinux_sb_alloc_security()
2624 sbsec->mntpoint_sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2668 arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); in selinux_sb_eat_lsm_opts()
2670 rc = -ENOMEM; in selinux_sb_eat_lsm_opts()
2681 from--; in selinux_sb_eat_lsm_opts()
2707 struct superblock_security_struct *sbsec = sb->s_security; in selinux_sb_mnt_opts_compat()
2712 * Superblock not initialized (i.e. no options) - reject if any in selinux_sb_mnt_opts_compat()
2715 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_mnt_opts_compat()
2719 * Superblock initialized and no options specified - reject if in selinux_sb_mnt_opts_compat()
2723 return (sbsec->flags & SE_MNTMASK) ? 1 : 0; in selinux_sb_mnt_opts_compat()
2725 if (opts->fscontext) { in selinux_sb_mnt_opts_compat()
2726 rc = parse_sid(sb, opts->fscontext, &sid); in selinux_sb_mnt_opts_compat()
2729 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, sid)) in selinux_sb_mnt_opts_compat()
2732 if (opts->context) { in selinux_sb_mnt_opts_compat()
2733 rc = parse_sid(sb, opts->context, &sid); in selinux_sb_mnt_opts_compat()
2736 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, sid)) in selinux_sb_mnt_opts_compat()
2739 if (opts->rootcontext) { in selinux_sb_mnt_opts_compat()
2742 root_isec = backing_inode_security(sb->s_root); in selinux_sb_mnt_opts_compat()
2743 rc = parse_sid(sb, opts->rootcontext, &sid); in selinux_sb_mnt_opts_compat()
2746 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid)) in selinux_sb_mnt_opts_compat()
2749 if (opts->defcontext) { in selinux_sb_mnt_opts_compat()
2750 rc = parse_sid(sb, opts->defcontext, &sid); in selinux_sb_mnt_opts_compat()
2753 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, sid)) in selinux_sb_mnt_opts_compat()
2766 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_remount()
2772 if (opts->fscontext) { in selinux_sb_remount()
2773 rc = parse_sid(sb, opts->fscontext, &sid); in selinux_sb_remount()
2776 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, sid)) in selinux_sb_remount()
2779 if (opts->context) { in selinux_sb_remount()
2780 rc = parse_sid(sb, opts->context, &sid); in selinux_sb_remount()
2783 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, sid)) in selinux_sb_remount()
2786 if (opts->rootcontext) { in selinux_sb_remount()
2788 root_isec = backing_inode_security(sb->s_root); in selinux_sb_remount()
2789 rc = parse_sid(sb, opts->rootcontext, &sid); in selinux_sb_remount()
2792 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid)) in selinux_sb_remount()
2795 if (opts->defcontext) { in selinux_sb_remount()
2796 rc = parse_sid(sb, opts->defcontext, &sid); in selinux_sb_remount()
2799 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, sid)) in selinux_sb_remount()
2806 "during remount (dev %s, type=%s)\n", sb->s_id, in selinux_sb_remount()
2807 sb->s_type->name); in selinux_sb_remount()
2808 return -EINVAL; in selinux_sb_remount()
2817 ad.u.dentry = sb->s_root; in selinux_sb_kern_mount()
2827 ad.u.dentry = dentry->d_sb->s_root; in selinux_sb_statfs()
2828 return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); in selinux_sb_statfs()
2840 return superblock_has_perm(cred, path->dentry->d_sb, in selinux_mount()
2858 return superblock_has_perm(cred, mnt->mnt_sb, in selinux_umount()
2865 const struct selinux_mnt_opts *src = src_fc->security; in selinux_fs_context_dup()
2871 fc->security = kzalloc(sizeof(struct selinux_mnt_opts), GFP_KERNEL); in selinux_fs_context_dup()
2872 if (!fc->security) in selinux_fs_context_dup()
2873 return -ENOMEM; in selinux_fs_context_dup()
2875 opts = fc->security; in selinux_fs_context_dup()
2877 if (src->fscontext) { in selinux_fs_context_dup()
2878 opts->fscontext = kstrdup(src->fscontext, GFP_KERNEL); in selinux_fs_context_dup()
2879 if (!opts->fscontext) in selinux_fs_context_dup()
2880 return -ENOMEM; in selinux_fs_context_dup()
2882 if (src->context) { in selinux_fs_context_dup()
2883 opts->context = kstrdup(src->context, GFP_KERNEL); in selinux_fs_context_dup()
2884 if (!opts->context) in selinux_fs_context_dup()
2885 return -ENOMEM; in selinux_fs_context_dup()
2887 if (src->rootcontext) { in selinux_fs_context_dup()
2888 opts->rootcontext = kstrdup(src->rootcontext, GFP_KERNEL); in selinux_fs_context_dup()
2889 if (!opts->rootcontext) in selinux_fs_context_dup()
2890 return -ENOMEM; in selinux_fs_context_dup()
2892 if (src->defcontext) { in selinux_fs_context_dup()
2893 opts->defcontext = kstrdup(src->defcontext, GFP_KERNEL); in selinux_fs_context_dup()
2894 if (!opts->defcontext) in selinux_fs_context_dup()
2895 return -ENOMEM; in selinux_fs_context_dup()
2919 rc = selinux_add_opt(opt, param->string, &fc->security); in selinux_fs_context_parse_param()
2921 param->string = NULL; in selinux_fs_context_parse_param()
2934 spin_lock_init(&isec->lock); in selinux_inode_alloc_security()
2935 INIT_LIST_HEAD(&isec->list); in selinux_inode_alloc_security()
2936 isec->inode = inode; in selinux_inode_alloc_security()
2937 isec->sid = SECINITSID_UNLABELED; in selinux_inode_alloc_security()
2938 isec->sclass = SECCLASS_FILE; in selinux_inode_alloc_security()
2939 isec->task_sid = sid; in selinux_inode_alloc_security()
2940 isec->initialized = LABEL_INVALID; in selinux_inode_alloc_security()
2958 d_inode(dentry->d_parent), name, in selinux_dentry_init_security()
2978 d_inode(dentry->d_parent), name, in selinux_dentry_create_files_as()
2985 tsec->create_sid = newsid; in selinux_dentry_create_files_as()
2989 static int selinux_inode_init_security(struct inode *inode, struct inode *dir, in selinux_inode_init_security() argument
3000 sbsec = selinux_superblock(dir->i_sb); in selinux_inode_init_security()
3002 newsid = tsec->create_sid; in selinux_inode_init_security()
3004 rc = selinux_determine_inode_label(tsec, dir, qstr, in selinux_inode_init_security()
3005 inode_mode_to_security_class(inode->i_mode), in selinux_inode_init_security()
3011 if (sbsec->flags & SE_SBINITIALIZED) { in selinux_inode_init_security()
3013 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_init_security()
3014 isec->sid = newsid; in selinux_inode_init_security()
3015 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security()
3019 !(sbsec->flags & SBLABEL_MNT)) in selinux_inode_init_security()
3020 return -EOPNOTSUPP; in selinux_inode_init_security()
3060 if (context_isec->initialized != LABEL_INITIALIZED) { in selinux_inode_init_security_anon()
3062 return -EACCES; in selinux_inode_init_security_anon()
3065 isec->sclass = context_isec->sclass; in selinux_inode_init_security_anon()
3066 isec->sid = context_isec->sid; in selinux_inode_init_security_anon()
3068 isec->sclass = SECCLASS_ANON_INODE; in selinux_inode_init_security_anon()
3070 &selinux_state, tsec->sid, tsec->sid, in selinux_inode_init_security_anon()
3071 isec->sclass, name, &isec->sid); in selinux_inode_init_security_anon()
3076 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security_anon()
3086 tsec->sid, in selinux_inode_init_security_anon()
3087 isec->sid, in selinux_inode_init_security_anon()
3088 isec->sclass, in selinux_inode_init_security_anon()
3093 static int selinux_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) in selinux_inode_create() argument
3095 return may_create(dir, dentry, SECCLASS_FILE); in selinux_inode_create()
3098 static int selinux_inode_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dent… in selinux_inode_link() argument
3100 return may_link(dir, old_dentry, MAY_LINK); in selinux_inode_link()
3103 static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry) in selinux_inode_unlink() argument
3105 return may_link(dir, dentry, MAY_UNLINK); in selinux_inode_unlink()
3108 static int selinux_inode_symlink(struct inode *dir, struct dentry *dentry, const char *name) in selinux_inode_symlink() argument
3110 return may_create(dir, dentry, SECCLASS_LNK_FILE); in selinux_inode_symlink()
3113 static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mask) in selinux_inode_mkdir() argument
3115 return may_create(dir, dentry, SECCLASS_DIR); in selinux_inode_mkdir()
3118 static int selinux_inode_rmdir(struct inode *dir, struct dentry *dentry) in selinux_inode_rmdir() argument
3120 return may_link(dir, dentry, MAY_RMDIR); in selinux_inode_rmdir()
3123 static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) in selinux_inode_mknod() argument
3125 return may_create(dir, dentry, inode_mode_to_security_class(mode)); in selinux_inode_mknod()
3159 sid, isec->sid, isec->sclass, FILE__READ, &ad); in selinux_inode_follow_link()
3173 current_sid(), isec->sid, isec->sclass, perms, in audit_inode_permission()
3201 perms = file_mask_to_av(inode->i_mode, mask); in selinux_inode_permission()
3209 sid, isec->sid, isec->sclass, perms, 0, in selinux_inode_permission()
3227 unsigned int ia_valid = iattr->ia_valid; in selinux_inode_setattr()
3243 inode->i_sb->s_magic != SOCKFS_MAGIC && in selinux_inode_setattr()
3290 return (inode_owner_or_capable(mnt_userns, inode) ? 0 : -EPERM); in selinux_inode_setxattr()
3292 sbsec = selinux_superblock(inode->i_sb); in selinux_inode_setxattr()
3293 if (!(sbsec->flags & SBLABEL_MNT)) in selinux_inode_setxattr()
3294 return -EOPNOTSUPP; in selinux_inode_setxattr()
3297 return -EPERM; in selinux_inode_setxattr()
3304 sid, isec->sid, isec->sclass, in selinux_inode_setxattr()
3311 if (rc == -EINVAL) { in selinux_inode_setxattr()
3321 if (str[size - 1] == '\0') in selinux_inode_setxattr()
3322 audit_size = size - 1; in selinux_inode_setxattr()
3345 sid, newsid, isec->sclass, in selinux_inode_setxattr()
3350 rc = security_validate_transition(&selinux_state, isec->sid, newsid, in selinux_inode_setxattr()
3351 sid, isec->sclass); in selinux_inode_setxattr()
3357 sbsec->sid, in selinux_inode_setxattr()
3391 inode->i_sb->s_id, inode->i_ino, -rc); in selinux_inode_post_setxattr()
3396 spin_lock(&isec->lock); in selinux_inode_post_setxattr()
3397 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_post_setxattr()
3398 isec->sid = newsid; in selinux_inode_post_setxattr()
3399 isec->initialized = LABEL_INITIALIZED; in selinux_inode_post_setxattr()
3400 spin_unlock(&isec->lock); in selinux_inode_post_setxattr()
3437 return -EACCES; in selinux_inode_removexattr()
3461 ret = superblock_has_perm(current_cred(), path->dentry->d_sb, in selinux_path_notify()
3470 return -EINVAL; in selinux_path_notify()
3477 /* watches on read-like events need the file:watch_reads permission */ in selinux_path_notify()
3500 * just let vfs_getxattr fall back to using the on-disk xattr. in selinux_inode_getsecurity()
3504 return -EOPNOTSUPP; in selinux_inode_getsecurity()
3509 * use the in-core value under current policy. in selinux_inode_getsecurity()
3510 * Use the non-auditing forms of the permission checks since in selinux_inode_getsecurity()
3513 * in-core context value, not a denial. in selinux_inode_getsecurity()
3518 isec->sid, &context, in selinux_inode_getsecurity()
3521 error = security_sid_to_context(&selinux_state, isec->sid, in selinux_inode_getsecurity()
3544 return -EOPNOTSUPP; in selinux_inode_setsecurity()
3546 sbsec = selinux_superblock(inode->i_sb); in selinux_inode_setsecurity()
3547 if (!(sbsec->flags & SBLABEL_MNT)) in selinux_inode_setsecurity()
3548 return -EOPNOTSUPP; in selinux_inode_setsecurity()
3551 return -EACCES; in selinux_inode_setsecurity()
3558 spin_lock(&isec->lock); in selinux_inode_setsecurity()
3559 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_setsecurity()
3560 isec->sid = newsid; in selinux_inode_setsecurity()
3561 isec->initialized = LABEL_INITIALIZED; in selinux_inode_setsecurity()
3562 spin_unlock(&isec->lock); in selinux_inode_setsecurity()
3581 *secid = isec->sid; in selinux_inode_getsecid()
3593 return -ENOMEM; in selinux_inode_copy_up()
3599 tsec->create_sid = sid; in selinux_inode_copy_up()
3608 * xattrs up. Instead, we have to filter out SELinux-related xattrs. in selinux_inode_copy_up_xattr()
3616 return -EOPNOTSUPP; in selinux_inode_copy_up_xattr()
3630 if (rc == -ENODATA) in selinux_kernfs_init_security()
3638 return -ENOMEM; in selinux_kernfs_init_security()
3652 if (tsec->create_sid) { in selinux_kernfs_init_security()
3653 newsid = tsec->create_sid; in selinux_kernfs_init_security()
3655 u16 secclass = inode_mode_to_security_class(kn->mode); in selinux_kernfs_init_security()
3658 q.name = kn->name; in selinux_kernfs_init_security()
3659 q.hash_len = hashlen_string(kn_dir, kn->name); in selinux_kernfs_init_security()
3661 rc = security_transition_sid(&selinux_state, tsec->sid, in selinux_kernfs_init_security()
3688 if ((file->f_flags & O_APPEND) && (mask & MAY_WRITE)) in selinux_revalidate_file_permission()
3692 file_mask_to_av(inode->i_mode, mask)); in selinux_revalidate_file_permission()
3707 if (sid == fsec->sid && fsec->isid == isec->sid && in selinux_file_permission()
3708 fsec->pseqno == avc_policy_seqno(&selinux_state)) in selinux_file_permission()
3720 fsec->sid = sid; in selinux_file_alloc_security()
3721 fsec->fown_sid = sid; in selinux_file_alloc_security()
3727 * Check whether a task has the ioctl permission and cmd
3731 u32 requested, u16 cmd) in ioctl_has_perm() argument
3740 u8 driver = cmd >> 8; in ioctl_has_perm()
3741 u8 xperm = cmd & 0xff; in ioctl_has_perm()
3745 ad.u.op->cmd = cmd; in ioctl_has_perm()
3746 ad.u.op->path = file->f_path; in ioctl_has_perm()
3748 if (ssid != fsec->sid) { in ioctl_has_perm()
3750 ssid, fsec->sid, in ioctl_has_perm()
3763 ssid, isec->sid, isec->sclass, in ioctl_has_perm()
3769 static int selinux_file_ioctl(struct file *file, unsigned int cmd, in selinux_file_ioctl() argument
3775 switch (cmd) { in selinux_file_ioctl()
3805 error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd); in selinux_file_ioctl()
3898 (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { in selinux_file_mprotect()
3900 if (vma->vm_start >= vma->vm_mm->start_brk && in selinux_file_mprotect()
3901 vma->vm_end <= vma->vm_mm->brk) { in selinux_file_mprotect()
3905 } else if (!vma->vm_file && in selinux_file_mprotect()
3906 ((vma->vm_start <= vma->vm_mm->start_stack && in selinux_file_mprotect()
3907 vma->vm_end >= vma->vm_mm->start_stack) || in selinux_file_mprotect()
3912 } else if (vma->vm_file && vma->anon_vma) { in selinux_file_mprotect()
3920 rc = file_has_perm(cred, vma->vm_file, FILE__EXECMOD); in selinux_file_mprotect()
3926 return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED); in selinux_file_mprotect()
3929 static int selinux_file_lock(struct file *file, unsigned int cmd) in selinux_file_lock() argument
3936 static int selinux_file_fcntl(struct file *file, unsigned int cmd, in selinux_file_fcntl() argument
3942 switch (cmd) { in selinux_file_fcntl()
3944 if ((file->f_flags & O_APPEND) && !(arg & O_APPEND)) { in selinux_file_fcntl()
3981 fsec->fown_sid = current_sid(); in selinux_file_set_fowner()
4003 fsec->fown_sid, sid, in selinux_file_send_sigiotask()
4023 * at open-time so that selinux_file_permission in selinux_file_open()
4028 fsec->isid = isec->sid; in selinux_file_open()
4029 fsec->pseqno = avc_policy_seqno(&selinux_state); in selinux_file_open()
4036 * This check is not redundant - do not remove. in selinux_file_open()
4038 return file_path_has_perm(file->f_cred, file, open_file_to_av(file)); in selinux_file_open()
4083 * - all the creation contexts are set to unlabelled
4097 tsec->sid = secid; in selinux_kernel_act_as()
4098 tsec->create_sid = 0; in selinux_kernel_act_as()
4099 tsec->keycreate_sid = 0; in selinux_kernel_act_as()
4100 tsec->sockcreate_sid = 0; in selinux_kernel_act_as()
4117 sid, isec->sid, in selinux_kernel_create_files_as()
4123 tsec->create_sid = isec->sid; in selinux_kernel_create_files_as()
4159 if (sid != fsec->sid) { in selinux_kernel_module_from_file()
4161 sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); in selinux_kernel_module_from_file()
4168 sid, isec->sid, SECCLASS_SYSTEM, in selinux_kernel_module_from_file()
4275 struct rlimit *old_rlim = p->signal->rlim + resource; in selinux_task_setrlimit()
4281 if (old_rlim->rlim_max != new_rlim->rlim_max) in selinux_task_setrlimit()
4311 int sig, const struct cred *cred) in selinux_task_kill() argument
4316 if (!sig) in selinux_task_kill()
4319 perm = signal_to_av(sig); in selinux_task_kill()
4334 spin_lock(&isec->lock); in selinux_task_to_inode()
4335 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_task_to_inode()
4336 isec->sid = sid; in selinux_task_to_inode()
4337 isec->initialized = LABEL_INITIALIZED; in selinux_task_to_inode()
4338 spin_unlock(&isec->lock); in selinux_task_to_inode()
4345 int offset, ihlen, ret = -EINVAL; in selinux_parse_skb_ipv4()
4353 ihlen = ih->ihl * 4; in selinux_parse_skb_ipv4()
4357 ad->u.net->v4info.saddr = ih->saddr; in selinux_parse_skb_ipv4()
4358 ad->u.net->v4info.daddr = ih->daddr; in selinux_parse_skb_ipv4()
4362 *proto = ih->protocol; in selinux_parse_skb_ipv4()
4364 switch (ih->protocol) { in selinux_parse_skb_ipv4()
4368 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4376 ad->u.net->sport = th->source; in selinux_parse_skb_ipv4()
4377 ad->u.net->dport = th->dest; in selinux_parse_skb_ipv4()
4384 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4392 ad->u.net->sport = uh->source; in selinux_parse_skb_ipv4()
4393 ad->u.net->dport = uh->dest; in selinux_parse_skb_ipv4()
4400 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4408 ad->u.net->sport = dh->dccph_sport; in selinux_parse_skb_ipv4()
4409 ad->u.net->dport = dh->dccph_dport; in selinux_parse_skb_ipv4()
4417 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4425 ad->u.net->sport = sh->source; in selinux_parse_skb_ipv4()
4426 ad->u.net->dport = sh->dest; in selinux_parse_skb_ipv4()
4444 int ret = -EINVAL, offset; in selinux_parse_skb_ipv6()
4453 ad->u.net->v6info.saddr = ip6->saddr; in selinux_parse_skb_ipv6()
4454 ad->u.net->v6info.daddr = ip6->daddr; in selinux_parse_skb_ipv6()
4457 nexthdr = ip6->nexthdr; in selinux_parse_skb_ipv6()
4474 ad->u.net->sport = th->source; in selinux_parse_skb_ipv6()
4475 ad->u.net->dport = th->dest; in selinux_parse_skb_ipv6()
4486 ad->u.net->sport = uh->source; in selinux_parse_skb_ipv6()
4487 ad->u.net->dport = uh->dest; in selinux_parse_skb_ipv6()
4498 ad->u.net->sport = dh->dccph_sport; in selinux_parse_skb_ipv6()
4499 ad->u.net->dport = dh->dccph_dport; in selinux_parse_skb_ipv6()
4511 ad->u.net->sport = sh->source; in selinux_parse_skb_ipv6()
4512 ad->u.net->dport = sh->dest; in selinux_parse_skb_ipv6()
4532 switch (ad->u.net->family) { in selinux_parse_skb()
4537 addrp = (char *)(src ? &ad->u.net->v4info.saddr : in selinux_parse_skb()
4538 &ad->u.net->v4info.daddr); in selinux_parse_skb()
4546 addrp = (char *)(src ? &ad->u.net->v6info.saddr : in selinux_parse_skb()
4547 &ad->u.net->v6info.daddr); in selinux_parse_skb()
4568 * selinux_skb_peerlbl_sid - Determine the peer label of a packet
4578 * or -EACCES if @sid is invalid due to inconsistencies with the different
4591 return -EACCES; in selinux_skb_peerlbl_sid()
4594 return -EACCES; in selinux_skb_peerlbl_sid()
4602 return -EACCES; in selinux_skb_peerlbl_sid()
4609 * selinux_conn_sid - Determine the child socket label for a connection
4638 if (tsec->sockcreate_sid > SECSID_NULL) { in socket_sockcreate_sid()
4639 *socksid = tsec->sockcreate_sid; in socket_sockcreate_sid()
4643 return security_transition_sid(&selinux_state, tsec->sid, tsec->sid, in socket_sockcreate_sid()
4649 struct sk_security_struct *sksec = sk->sk_security; in sock_has_perm()
4653 if (sksec->sid == SECINITSID_KERNEL) in sock_has_perm()
4658 ad.u.net->sk = sk; in sock_has_perm()
4661 current_sid(), sksec->sid, sksec->sclass, perms, in sock_has_perm()
4682 tsec->sid, newsid, secclass, SOCKET__CREATE, NULL); in selinux_socket_create()
4701 isec->sclass = sclass; in selinux_socket_post_create()
4702 isec->sid = sid; in selinux_socket_post_create()
4703 isec->initialized = LABEL_INITIALIZED; in selinux_socket_post_create()
4705 if (sock->sk) { in selinux_socket_post_create()
4706 sksec = sock->sk->sk_security; in selinux_socket_post_create()
4707 sksec->sclass = sclass; in selinux_socket_post_create()
4708 sksec->sid = sid; in selinux_socket_post_create()
4710 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_post_create()
4711 sksec->sctp_assoc_state = SCTP_ASSOC_UNSET; in selinux_socket_post_create()
4713 err = selinux_netlbl_socket_post_create(sock->sk, family); in selinux_socket_post_create()
4722 struct sk_security_struct *sksec_a = socka->sk->sk_security; in selinux_socket_socketpair()
4723 struct sk_security_struct *sksec_b = sockb->sk->sk_security; in selinux_socket_socketpair()
4725 sksec_a->peer_sid = sksec_b->sid; in selinux_socket_socketpair()
4726 sksec_b->peer_sid = sksec_a->sid; in selinux_socket_socketpair()
4737 struct sock *sk = sock->sk; in selinux_socket_bind()
4738 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_bind()
4747 family = sk->sk_family; in selinux_socket_bind()
4761 * need to check address->sa_family as it is possible to have in selinux_socket_bind()
4762 * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET. in selinux_socket_bind()
4765 return -EINVAL; in selinux_socket_bind()
4766 family_sa = address->sa_family; in selinux_socket_bind()
4771 return -EINVAL; in selinux_socket_bind()
4777 if (addr4->sin_addr.s_addr != htonl(INADDR_ANY)) in selinux_socket_bind()
4781 snum = ntohs(addr4->sin_port); in selinux_socket_bind()
4782 addrp = (char *)&addr4->sin_addr.s_addr; in selinux_socket_bind()
4786 return -EINVAL; in selinux_socket_bind()
4788 snum = ntohs(addr6->sin6_port); in selinux_socket_bind()
4789 addrp = (char *)&addr6->sin6_addr.s6_addr; in selinux_socket_bind()
4797 ad.u.net->sport = htons(snum); in selinux_socket_bind()
4798 ad.u.net->family = family_sa; in selinux_socket_bind()
4807 err = sel_netport_sid(sk->sk_protocol, in selinux_socket_bind()
4812 sksec->sid, sid, in selinux_socket_bind()
4813 sksec->sclass, in selinux_socket_bind()
4820 switch (sksec->sclass) { in selinux_socket_bind()
4847 ad.u.net->v4info.saddr = addr4->sin_addr.s_addr; in selinux_socket_bind()
4849 ad.u.net->v6info.saddr = addr6->sin6_addr; in selinux_socket_bind()
4852 sksec->sid, sid, in selinux_socket_bind()
4853 sksec->sclass, node_perm, &ad); in selinux_socket_bind()
4860 /* Note that SCTP services expect -EINVAL, others -EAFNOSUPPORT. */ in selinux_socket_bind()
4861 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_bind()
4862 return -EINVAL; in selinux_socket_bind()
4863 return -EAFNOSUPPORT; in selinux_socket_bind()
4872 struct sock *sk = sock->sk; in selinux_socket_connect_helper()
4873 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_connect_helper()
4880 return -EINVAL; in selinux_socket_connect_helper()
4885 if (address->sa_family == AF_UNSPEC) in selinux_socket_connect_helper()
4892 if (sksec->sclass == SECCLASS_TCP_SOCKET || in selinux_socket_connect_helper()
4893 sksec->sclass == SECCLASS_DCCP_SOCKET || in selinux_socket_connect_helper()
4894 sksec->sclass == SECCLASS_SCTP_SOCKET) { in selinux_socket_connect_helper()
4904 * need to check address->sa_family as it is possible to have in selinux_socket_connect_helper()
4905 * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET. in selinux_socket_connect_helper()
4907 switch (address->sa_family) { in selinux_socket_connect_helper()
4911 return -EINVAL; in selinux_socket_connect_helper()
4912 snum = ntohs(addr4->sin_port); in selinux_socket_connect_helper()
4917 return -EINVAL; in selinux_socket_connect_helper()
4918 snum = ntohs(addr6->sin6_port); in selinux_socket_connect_helper()
4921 /* Note that SCTP services expect -EINVAL, whereas in selinux_socket_connect_helper()
4922 * others expect -EAFNOSUPPORT. in selinux_socket_connect_helper()
4924 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_connect_helper()
4925 return -EINVAL; in selinux_socket_connect_helper()
4927 return -EAFNOSUPPORT; in selinux_socket_connect_helper()
4930 err = sel_netport_sid(sk->sk_protocol, snum, &sid); in selinux_socket_connect_helper()
4934 switch (sksec->sclass) { in selinux_socket_connect_helper()
4948 ad.u.net->dport = htons(snum); in selinux_socket_connect_helper()
4949 ad.u.net->family = address->sa_family; in selinux_socket_connect_helper()
4951 sksec->sid, sid, sksec->sclass, perm, &ad); in selinux_socket_connect_helper()
4964 struct sock *sk = sock->sk; in selinux_socket_connect()
4975 return sock_has_perm(sock->sk, SOCKET__LISTEN); in selinux_socket_listen()
4986 err = sock_has_perm(sock->sk, SOCKET__ACCEPT); in selinux_socket_accept()
4991 spin_lock(&isec->lock); in selinux_socket_accept()
4992 sclass = isec->sclass; in selinux_socket_accept()
4993 sid = isec->sid; in selinux_socket_accept()
4994 spin_unlock(&isec->lock); in selinux_socket_accept()
4997 newisec->sclass = sclass; in selinux_socket_accept()
4998 newisec->sid = sid; in selinux_socket_accept()
4999 newisec->initialized = LABEL_INITIALIZED; in selinux_socket_accept()
5007 return sock_has_perm(sock->sk, SOCKET__WRITE); in selinux_socket_sendmsg()
5013 return sock_has_perm(sock->sk, SOCKET__READ); in selinux_socket_recvmsg()
5018 return sock_has_perm(sock->sk, SOCKET__GETATTR); in selinux_socket_getsockname()
5023 return sock_has_perm(sock->sk, SOCKET__GETATTR); in selinux_socket_getpeername()
5030 err = sock_has_perm(sock->sk, SOCKET__SETOPT); in selinux_socket_setsockopt()
5040 return sock_has_perm(sock->sk, SOCKET__GETOPT); in selinux_socket_getsockopt()
5045 return sock_has_perm(sock->sk, SOCKET__SHUTDOWN); in selinux_socket_shutdown()
5052 struct sk_security_struct *sksec_sock = sock->sk_security; in selinux_socket_unix_stream_connect()
5053 struct sk_security_struct *sksec_other = other->sk_security; in selinux_socket_unix_stream_connect()
5054 struct sk_security_struct *sksec_new = newsk->sk_security; in selinux_socket_unix_stream_connect()
5061 ad.u.net->sk = other; in selinux_socket_unix_stream_connect()
5064 sksec_sock->sid, sksec_other->sid, in selinux_socket_unix_stream_connect()
5065 sksec_other->sclass, in selinux_socket_unix_stream_connect()
5071 sksec_new->peer_sid = sksec_sock->sid; in selinux_socket_unix_stream_connect()
5072 err = security_sid_mls_copy(&selinux_state, sksec_other->sid, in selinux_socket_unix_stream_connect()
5073 sksec_sock->sid, &sksec_new->sid); in selinux_socket_unix_stream_connect()
5078 sksec_sock->peer_sid = sksec_new->sid; in selinux_socket_unix_stream_connect()
5086 struct sk_security_struct *ssec = sock->sk->sk_security; in selinux_socket_unix_may_send()
5087 struct sk_security_struct *osec = other->sk->sk_security; in selinux_socket_unix_may_send()
5093 ad.u.net->sk = other->sk; in selinux_socket_unix_may_send()
5096 ssec->sid, osec->sid, osec->sclass, SOCKET__SENDTO, in selinux_socket_unix_may_send()
5129 struct sk_security_struct *sksec = sk->sk_security; in selinux_sock_rcv_skb_compat()
5130 u32 sk_sid = sksec->sid; in selinux_sock_rcv_skb_compat()
5137 ad.u.net->netif = skb->skb_iif; in selinux_sock_rcv_skb_compat()
5138 ad.u.net->family = family; in selinux_sock_rcv_skb_compat()
5145 sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_sock_rcv_skb_compat()
5154 err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); in selinux_sock_rcv_skb_compat()
5162 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_sock_rcv_skb()
5163 u16 family = sk->sk_family; in selinux_socket_sock_rcv_skb()
5164 u32 sk_sid = sksec->sid; in selinux_socket_sock_rcv_skb()
5175 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_socket_sock_rcv_skb()
5192 ad.u.net->netif = skb->skb_iif; in selinux_socket_sock_rcv_skb()
5193 ad.u.net->family = family; in selinux_socket_sock_rcv_skb()
5204 err = selinux_inet_sys_rcv_skb(sock_net(sk), skb->skb_iif, in selinux_socket_sock_rcv_skb()
5221 sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_socket_sock_rcv_skb()
5236 struct sk_security_struct *sksec = sock->sk->sk_security; in selinux_socket_getpeersec_stream()
5239 if (sksec->sclass == SECCLASS_UNIX_STREAM_SOCKET || in selinux_socket_getpeersec_stream()
5240 sksec->sclass == SECCLASS_TCP_SOCKET || in selinux_socket_getpeersec_stream()
5241 sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_getpeersec_stream()
5242 peer_sid = sksec->peer_sid; in selinux_socket_getpeersec_stream()
5244 return -ENOPROTOOPT; in selinux_socket_getpeersec_stream()
5252 err = -ERANGE; in selinux_socket_getpeersec_stream()
5257 err = -EFAULT; in selinux_socket_getpeersec_stream()
5261 err = -EFAULT; in selinux_socket_getpeersec_stream()
5272 if (skb && skb->protocol == htons(ETH_P_IP)) in selinux_socket_getpeersec_dgram()
5274 else if (skb && skb->protocol == htons(ETH_P_IPV6)) in selinux_socket_getpeersec_dgram()
5277 family = sock->sk->sk_family; in selinux_socket_getpeersec_dgram()
5283 peer_secid = isec->sid; in selinux_socket_getpeersec_dgram()
5290 return -EINVAL; in selinux_socket_getpeersec_dgram()
5300 return -ENOMEM; in selinux_sk_alloc_security()
5302 sksec->peer_sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5303 sksec->sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5304 sksec->sclass = SECCLASS_SOCKET; in selinux_sk_alloc_security()
5306 sk->sk_security = sksec; in selinux_sk_alloc_security()
5313 struct sk_security_struct *sksec = sk->sk_security; in selinux_sk_free_security()
5315 sk->sk_security = NULL; in selinux_sk_free_security()
5322 struct sk_security_struct *sksec = sk->sk_security; in selinux_sk_clone_security()
5323 struct sk_security_struct *newsksec = newsk->sk_security; in selinux_sk_clone_security()
5325 newsksec->sid = sksec->sid; in selinux_sk_clone_security()
5326 newsksec->peer_sid = sksec->peer_sid; in selinux_sk_clone_security()
5327 newsksec->sclass = sksec->sclass; in selinux_sk_clone_security()
5337 struct sk_security_struct *sksec = sk->sk_security; in selinux_sk_getsecid()
5339 *secid = sksec->sid; in selinux_sk_getsecid()
5347 struct sk_security_struct *sksec = sk->sk_security; in selinux_sock_graft()
5349 if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 || in selinux_sock_graft()
5350 sk->sk_family == PF_UNIX) in selinux_sock_graft()
5351 isec->sid = sksec->sid; in selinux_sock_graft()
5352 sksec->sclass = isec->sclass; in selinux_sock_graft()
5362 struct sk_security_struct *sksec = ep->base.sk->sk_security; in selinux_sctp_assoc_request()
5379 err = selinux_skb_peerlbl_sid(skb, ep->base.sk->sk_family, in selinux_sctp_assoc_request()
5388 if (sksec->sctp_assoc_state == SCTP_ASSOC_UNSET) { in selinux_sctp_assoc_request()
5389 sksec->sctp_assoc_state = SCTP_ASSOC_SET; in selinux_sctp_assoc_request()
5396 sksec->peer_sid = peer_sid; in selinux_sctp_assoc_request()
5397 } else if (sksec->peer_sid != peer_sid) { in selinux_sctp_assoc_request()
5403 ad.u.net->sk = ep->base.sk; in selinux_sctp_assoc_request()
5405 sksec->peer_sid, peer_sid, sksec->sclass, in selinux_sctp_assoc_request()
5417 err = selinux_conn_sid(sksec->sid, peer_sid, &conn_sid); in selinux_sctp_assoc_request()
5421 ep->secid = conn_sid; in selinux_sctp_assoc_request()
5422 ep->peer_secid = peer_sid; in selinux_sctp_assoc_request()
5444 sock = sk->sk_socket; in selinux_sctp_bind_connect()
5449 return -EINVAL; in selinux_sctp_bind_connect()
5452 switch (addr->sa_family) { in selinux_sctp_bind_connect()
5461 return -EINVAL; in selinux_sctp_bind_connect()
5465 return -EINVAL; in selinux_sctp_bind_connect()
5467 err = -EINVAL; in selinux_sctp_bind_connect()
5513 struct sk_security_struct *sksec = sk->sk_security; in selinux_sctp_sk_clone()
5514 struct sk_security_struct *newsksec = newsk->sk_security; in selinux_sctp_sk_clone()
5517 * the non-sctp clone version. in selinux_sctp_sk_clone()
5522 newsksec->sid = ep->secid; in selinux_sctp_sk_clone()
5523 newsksec->peer_sid = ep->peer_secid; in selinux_sctp_sk_clone()
5524 newsksec->sclass = sksec->sclass; in selinux_sctp_sk_clone()
5531 struct sk_security_struct *sksec = sk->sk_security; in selinux_inet_conn_request()
5533 u16 family = req->rsk_ops->family; in selinux_inet_conn_request()
5540 err = selinux_conn_sid(sksec->sid, peersid, &connsid); in selinux_inet_conn_request()
5543 req->secid = connsid; in selinux_inet_conn_request()
5544 req->peer_secid = peersid; in selinux_inet_conn_request()
5552 struct sk_security_struct *newsksec = newsk->sk_security; in selinux_inet_csk_clone()
5554 newsksec->sid = req->secid; in selinux_inet_csk_clone()
5555 newsksec->peer_sid = req->peer_secid; in selinux_inet_csk_clone()
5556 /* NOTE: Ideally, we should also get the isec->sid for the in selinux_inet_csk_clone()
5563 selinux_netlbl_inet_csk_clone(newsk, req->rsk_ops->family); in selinux_inet_csk_clone()
5568 u16 family = sk->sk_family; in selinux_inet_conn_established()
5569 struct sk_security_struct *sksec = sk->sk_security; in selinux_inet_conn_established()
5572 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_inet_conn_established()
5575 selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid); in selinux_inet_conn_established()
5584 tsid = __tsec->sid; in selinux_secmark_relabel_packet()
5604 flic->flowic_secid = req->secid; in selinux_req_classify_flow()
5613 return -ENOMEM; in selinux_tun_dev_alloc_security()
5614 tunsec->sid = current_sid(); in selinux_tun_dev_alloc_security()
5633 * connections unlike traditional sockets - check the TUN driver to in selinux_tun_dev_create()
5646 current_sid(), tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_attach_queue()
5653 struct sk_security_struct *sksec = sk->sk_security; in selinux_tun_dev_attach()
5662 sksec->sid = tunsec->sid; in selinux_tun_dev_attach()
5663 sksec->sclass = SECCLASS_TUN_SOCKET; in selinux_tun_dev_attach()
5675 sid, tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_open()
5684 tunsec->sid = sid; in selinux_tun_dev_open()
5718 ad.u.net->netif = indev->ifindex; in selinux_ip_forward()
5719 ad.u.net->family = family; in selinux_ip_forward()
5724 err = selinux_inet_sys_rcv_skb(dev_net(indev), indev->ifindex, in selinux_ip_forward()
5734 peer_sid, skb->secmark, in selinux_ip_forward()
5753 return selinux_ip_forward(skb, state->in, PF_INET); in selinux_ipv4_forward()
5761 return selinux_ip_forward(skb, state->in, PF_INET6); in selinux_ipv6_forward()
5777 sk = skb->sk; in selinux_ip_output()
5783 * packet is a SYN-ACK packet which means it needs to in selinux_ip_output()
5787 * the parent socket until after the SYN-ACK is sent. in selinux_ip_output()
5788 * the "solution" is to simply pass the packet as-is in selinux_ip_output()
5797 sksec = sk->sk_security; in selinux_ip_output()
5798 sid = sksec->sid; in selinux_ip_output()
5836 sksec = sk->sk_security; in selinux_ip_postroute_compat()
5840 ad.u.net->netif = ifindex; in selinux_ip_postroute_compat()
5841 ad.u.net->family = family; in selinux_ip_postroute_compat()
5847 sksec->sid, skb->secmark, in selinux_ip_postroute_compat()
5849 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute_compat()
5851 if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto)) in selinux_ip_postroute_compat()
5852 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute_compat()
5863 int ifindex = outdev->ifindex; in selinux_ip_postroute()
5886 /* If skb->dst->xfrm is non-NULL then the packet is undergoing an IPsec in selinux_ip_postroute()
5890 * NOTE: there appear to be some IPv6 multicast cases where skb->dst in selinux_ip_postroute()
5892 * NOTE: if this is a local socket (skb->sk != NULL) that is in the in selinux_ip_postroute()
5897 if (skb_dst(skb) != NULL && skb_dst(skb)->xfrm != NULL && in selinux_ip_postroute()
5907 if (skb->skb_iif) { in selinux_ip_postroute()
5917 * listening state which means this is a SYN-ACK packet. In in selinux_ip_postroute()
5921 * socket until after the SYN-ACK packet is sent; the only in selinux_ip_postroute()
5928 sksec = sk->sk_security; in selinux_ip_postroute()
5940 if (IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5944 if (IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5948 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5951 if (selinux_conn_sid(sksec->sid, skb_sid, &peer_sid)) in selinux_ip_postroute()
5957 struct sk_security_struct *sksec = sk->sk_security; in selinux_ip_postroute()
5958 peer_sid = sksec->sid; in selinux_ip_postroute()
5964 ad.u.net->netif = ifindex; in selinux_ip_postroute()
5965 ad.u.net->family = family; in selinux_ip_postroute()
5971 peer_sid, skb->secmark, in selinux_ip_postroute()
5973 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5984 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5991 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
6001 return selinux_ip_postroute(skb, state->out, PF_INET); in selinux_ipv4_postroute()
6009 return selinux_ip_postroute(skb, state->out, PF_INET6); in selinux_ipv6_postroute()
6019 unsigned int data_len = skb->len; in selinux_netlink_send()
6020 unsigned char *data = skb->data; in selinux_netlink_send()
6022 struct sk_security_struct *sksec = sk->sk_security; in selinux_netlink_send()
6023 u16 sclass = sksec->sclass; in selinux_netlink_send()
6035 if (nlh->nlmsg_len < NLMSG_HDRLEN || nlh->nlmsg_len > data_len) in selinux_netlink_send()
6038 rc = selinux_nlmsg_lookup(sclass, nlh->nlmsg_type, &perm); in selinux_netlink_send()
6043 } else if (rc == -EINVAL) { in selinux_netlink_send()
6044 /* -EINVAL is a missing msg/perm mapping */ in selinux_netlink_send()
6048 sk->sk_protocol, nlh->nlmsg_type, in selinux_netlink_send()
6049 secclass_map[sclass - 1].name, in selinux_netlink_send()
6050 task_pid_nr(current), current->comm); in selinux_netlink_send()
6055 } else if (rc == -ENOENT) { in selinux_netlink_send()
6056 /* -ENOENT is a missing socket/class mapping, ignore */ in selinux_netlink_send()
6063 msg_len = NLMSG_ALIGN(nlh->nlmsg_len); in selinux_netlink_send()
6066 data_len -= msg_len; in selinux_netlink_send()
6075 isec->sclass = sclass; in ipc_init_security()
6076 isec->sid = current_sid(); in ipc_init_security()
6089 ad.u.ipc_id = ipc_perms->key; in ipc_has_perm()
6092 sid, isec->sid, isec->sclass, perms, &ad); in ipc_has_perm()
6100 msec->sid = SECINITSID_UNLABELED; in selinux_msg_msg_alloc_security()
6117 ad.u.ipc_id = msq->key; in selinux_msg_queue_alloc_security()
6120 sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_alloc_security()
6134 ad.u.ipc_id = msq->key; in selinux_msg_queue_associate()
6137 sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_associate()
6141 static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) in selinux_msg_queue_msgctl() argument
6146 switch (cmd) { in selinux_msg_queue_msgctl()
6149 /* No specific object, just general system-wide information. */ in selinux_msg_queue_msgctl()
6186 if (msec->sid == SECINITSID_UNLABELED) { in selinux_msg_queue_msgsnd()
6191 rc = security_transition_sid(&selinux_state, sid, isec->sid, in selinux_msg_queue_msgsnd()
6192 SECCLASS_MSG, NULL, &msec->sid); in selinux_msg_queue_msgsnd()
6198 ad.u.ipc_id = msq->key; in selinux_msg_queue_msgsnd()
6202 sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6207 sid, msec->sid, SECCLASS_MSG, in selinux_msg_queue_msgsnd()
6212 msec->sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6232 ad.u.ipc_id = msq->key; in selinux_msg_queue_msgrcv()
6235 sid, isec->sid, in selinux_msg_queue_msgrcv()
6239 sid, msec->sid, in selinux_msg_queue_msgrcv()
6256 ad.u.ipc_id = shp->key; in selinux_shm_alloc_security()
6259 sid, isec->sid, SECCLASS_SHM, in selinux_shm_alloc_security()
6273 ad.u.ipc_id = shp->key; in selinux_shm_associate()
6276 sid, isec->sid, SECCLASS_SHM, in selinux_shm_associate()
6281 static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd) in selinux_shm_shmctl() argument
6286 switch (cmd) { in selinux_shm_shmctl()
6289 /* No specific object, just general system-wide information. */ in selinux_shm_shmctl()
6341 ad.u.ipc_id = sma->key; in selinux_sem_alloc_security()
6344 sid, isec->sid, SECCLASS_SEM, in selinux_sem_alloc_security()
6358 ad.u.ipc_id = sma->key; in selinux_sem_associate()
6361 sid, isec->sid, SECCLASS_SEM, in selinux_sem_associate()
6366 static int selinux_sem_semctl(struct kern_ipc_perm *sma, int cmd) in selinux_sem_semctl() argument
6371 switch (cmd) { in selinux_sem_semctl()
6374 /* No specific object, just general system-wide information. */ in selinux_sem_semctl()
6442 *secid = isec->sid; in selinux_ipc_getsecid()
6464 current_sid(), __tsec->sid, in selinux_getprocattr()
6471 sid = __tsec->sid; in selinux_getprocattr()
6473 sid = __tsec->osid; in selinux_getprocattr()
6475 sid = __tsec->exec_sid; in selinux_getprocattr()
6477 sid = __tsec->create_sid; in selinux_getprocattr()
6479 sid = __tsec->keycreate_sid; in selinux_getprocattr()
6481 sid = __tsec->sockcreate_sid; in selinux_getprocattr()
6483 error = -EINVAL; in selinux_getprocattr()
6533 error = -EINVAL; in selinux_setprocattr()
6539 if (str[size-1] == '\n') { in selinux_setprocattr()
6540 str[size-1] = 0; in selinux_setprocattr()
6541 size--; in selinux_setprocattr()
6545 if (error == -EINVAL && !strcmp(name, "fscreate")) { in selinux_setprocattr()
6552 if (str[size - 1] == '\0') in selinux_setprocattr()
6553 audit_size = size - 1; in selinux_setprocattr()
6577 return -ENOMEM; in selinux_setprocattr()
6587 tsec->exec_sid = sid; in selinux_setprocattr()
6589 tsec->create_sid = sid; in selinux_setprocattr()
6597 tsec->keycreate_sid = sid; in selinux_setprocattr()
6599 tsec->sockcreate_sid = sid; in selinux_setprocattr()
6601 error = -EINVAL; in selinux_setprocattr()
6606 error = -EPERM; in selinux_setprocattr()
6609 tsec->sid, sid); in selinux_setprocattr()
6616 tsec->sid, sid, SECCLASS_PROCESS, in selinux_setprocattr()
6632 tsec->sid = sid; in selinux_setprocattr()
6634 error = -EINVAL; in selinux_setprocattr()
6672 spin_lock(&isec->lock); in selinux_inode_invalidate_secctx()
6673 isec->initialized = LABEL_INVALID; in selinux_inode_invalidate_secctx()
6674 spin_unlock(&isec->lock); in selinux_inode_invalidate_secctx()
6678 * called with inode->i_mutex locked
6685 return rc == -EOPNOTSUPP ? 0 : rc; in selinux_inode_notifysecctx()
6689 * called with inode->i_mutex locked
6717 return -ENOMEM; in selinux_key_alloc()
6720 if (tsec->keycreate_sid) in selinux_key_alloc()
6721 ksec->sid = tsec->keycreate_sid; in selinux_key_alloc()
6723 ksec->sid = tsec->sid; in selinux_key_alloc()
6725 k->security = ksec; in selinux_key_alloc()
6731 struct key_security_struct *ksec = k->security; in selinux_key_free()
6733 k->security = NULL; in selinux_key_free()
6771 return -EPERM; in selinux_key_permission()
6777 ksec = key->security; in selinux_key_permission()
6780 sid, ksec->sid, SECCLASS_KEY, perm, NULL); in selinux_key_permission()
6785 struct key_security_struct *ksec = key->security; in selinux_key_getsecurity()
6790 rc = security_sid_to_context(&selinux_state, ksec->sid, in selinux_key_getsecurity()
6801 struct key_security_struct *ksec = key->security; in selinux_watch_key()
6805 sid, ksec->sid, SECCLASS_KEY, KEY__VIEW, NULL); in selinux_watch_key()
6828 sec->sid, sid, in selinux_ib_pkey_access()
6853 sec->sid, sid, in selinux_ib_endport_manage_subnet()
6864 return -ENOMEM; in selinux_ib_alloc_security()
6865 sec->sid = current_sid(); in selinux_ib_alloc_security()
6878 static int selinux_bpf(int cmd, union bpf_attr *attr, in selinux_bpf() argument
6884 switch (cmd) { in selinux_bpf()
6929 if (file->f_op == &bpf_map_fops) { in bpf_fd_pass()
6930 map = file->private_data; in bpf_fd_pass()
6931 bpfsec = map->security; in bpf_fd_pass()
6933 sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6934 bpf_map_fmode_to_av(file->f_mode), NULL); in bpf_fd_pass()
6937 } else if (file->f_op == &bpf_prog_fops) { in bpf_fd_pass()
6938 prog = file->private_data; in bpf_fd_pass()
6939 bpfsec = prog->aux->security; in bpf_fd_pass()
6941 sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6954 bpfsec = map->security; in selinux_bpf_map()
6956 sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_map()
6965 bpfsec = prog->aux->security; in selinux_bpf_prog()
6967 sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_prog()
6977 return -ENOMEM; in selinux_bpf_map_alloc()
6979 bpfsec->sid = current_sid(); in selinux_bpf_map_alloc()
6980 map->security = bpfsec; in selinux_bpf_map_alloc()
6987 struct bpf_security_struct *bpfsec = map->security; in selinux_bpf_map_free()
6989 map->security = NULL; in selinux_bpf_map_free()
6999 return -ENOMEM; in selinux_bpf_prog_alloc()
7001 bpfsec->sid = current_sid(); in selinux_bpf_prog_alloc()
7002 aux->security = bpfsec; in selinux_bpf_prog_alloc()
7009 struct bpf_security_struct *bpfsec = aux->security; in selinux_bpf_prog_free()
7011 aux->security = NULL; in selinux_bpf_prog_free()
7028 return -EINVAL; in selinux_lockdown()
7067 return -EINVAL; in selinux_perf_event_open()
7079 return -ENOMEM; in selinux_perf_event_alloc()
7081 perfsec->sid = current_sid(); in selinux_perf_event_alloc()
7082 event->security = perfsec; in selinux_perf_event_alloc()
7089 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_free()
7091 event->security = NULL; in selinux_perf_event_free()
7097 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_read()
7100 return avc_has_perm(&selinux_state, sid, perfsec->sid, in selinux_perf_event_read()
7106 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_write()
7109 return avc_has_perm(&selinux_state, sid, perfsec->sid, in selinux_perf_event_write()
7568 return -EINVAL; in selinux_disable()
7573 return -EINVAL; in selinux_disable()