mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-11-25 01:40:53 +07:00
SELinux: check open perms in dentry_open not inode_permission
Some operations, like searching a directory path or connecting a unix domain socket, make explicit calls into inode_permission. Our choices are to either try to come up with a signature for all of the explicit calls to inode_permission and do not check open on those, or to move the open checks to dentry_open where we know this is always an open operation. This patch moves the checks to dentry_open. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
0da939b005
commit
8b6a5a37f8
@ -1686,35 +1686,6 @@ static inline u32 file_mask_to_av(int mode, int mask)
|
|||||||
return av;
|
return av;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Convert a file mask to an access vector and include the correct open
|
|
||||||
* open permission.
|
|
||||||
*/
|
|
||||||
static inline u32 open_file_mask_to_av(int mode, int mask)
|
|
||||||
{
|
|
||||||
u32 av = file_mask_to_av(mode, mask);
|
|
||||||
|
|
||||||
if (selinux_policycap_openperm) {
|
|
||||||
/*
|
|
||||||
* lnk files and socks do not really have an 'open'
|
|
||||||
*/
|
|
||||||
if (S_ISREG(mode))
|
|
||||||
av |= FILE__OPEN;
|
|
||||||
else if (S_ISCHR(mode))
|
|
||||||
av |= CHR_FILE__OPEN;
|
|
||||||
else if (S_ISBLK(mode))
|
|
||||||
av |= BLK_FILE__OPEN;
|
|
||||||
else if (S_ISFIFO(mode))
|
|
||||||
av |= FIFO_FILE__OPEN;
|
|
||||||
else if (S_ISDIR(mode))
|
|
||||||
av |= DIR__OPEN;
|
|
||||||
else
|
|
||||||
printk(KERN_ERR "SELinux: WARNING: inside %s with "
|
|
||||||
"unknown mode:%x\n", __func__, mode);
|
|
||||||
}
|
|
||||||
return av;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Convert a Linux file to an access vector. */
|
/* Convert a Linux file to an access vector. */
|
||||||
static inline u32 file_to_av(struct file *file)
|
static inline u32 file_to_av(struct file *file)
|
||||||
{
|
{
|
||||||
@ -1738,6 +1709,36 @@ static inline u32 file_to_av(struct file *file)
|
|||||||
return av;
|
return av;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Convert a file to an access vector and include the correct open
|
||||||
|
* open permission.
|
||||||
|
*/
|
||||||
|
static inline u32 open_file_to_av(struct file *file)
|
||||||
|
{
|
||||||
|
u32 av = file_to_av(file);
|
||||||
|
|
||||||
|
if (selinux_policycap_openperm) {
|
||||||
|
mode_t mode = file->f_path.dentry->d_inode->i_mode;
|
||||||
|
/*
|
||||||
|
* lnk files and socks do not really have an 'open'
|
||||||
|
*/
|
||||||
|
if (S_ISREG(mode))
|
||||||
|
av |= FILE__OPEN;
|
||||||
|
else if (S_ISCHR(mode))
|
||||||
|
av |= CHR_FILE__OPEN;
|
||||||
|
else if (S_ISBLK(mode))
|
||||||
|
av |= BLK_FILE__OPEN;
|
||||||
|
else if (S_ISFIFO(mode))
|
||||||
|
av |= FIFO_FILE__OPEN;
|
||||||
|
else if (S_ISDIR(mode))
|
||||||
|
av |= DIR__OPEN;
|
||||||
|
else
|
||||||
|
printk(KERN_ERR "SELinux: WARNING: inside %s with "
|
||||||
|
"unknown mode:%o\n", __func__, mode);
|
||||||
|
}
|
||||||
|
return av;
|
||||||
|
}
|
||||||
|
|
||||||
/* Hook functions begin here. */
|
/* Hook functions begin here. */
|
||||||
|
|
||||||
static int selinux_ptrace_may_access(struct task_struct *child,
|
static int selinux_ptrace_may_access(struct task_struct *child,
|
||||||
@ -2654,7 +2655,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
|
|||||||
}
|
}
|
||||||
|
|
||||||
return inode_has_perm(current, inode,
|
return inode_has_perm(current, inode,
|
||||||
open_file_mask_to_av(inode->i_mode, mask), NULL);
|
file_mask_to_av(inode->i_mode, mask), NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
|
static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
|
||||||
@ -3170,7 +3171,7 @@ static int selinux_dentry_open(struct file *file)
|
|||||||
* new inode label or new policy.
|
* new inode label or new policy.
|
||||||
* This check is not redundant - do not remove.
|
* This check is not redundant - do not remove.
|
||||||
*/
|
*/
|
||||||
return inode_has_perm(current, inode, file_to_av(file), NULL);
|
return inode_has_perm(current, inode, open_file_to_av(file), NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* task security operations */
|
/* task security operations */
|
||||||
|
Loading…
Reference in New Issue
Block a user