Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0c6cfa62 authored by Casey Schaufler's avatar Casey Schaufler Committed by Kees Cook
Browse files

SELinux: Abstract use of cred security blob 



Don't use the cred->security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
Reviewed-by: default avatarKees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent b17103a8

security/selinux/hooks.c

+27 −27
Original line number Diff line number Diff line
@@ -226,7 +226,7 @@ static inline u32 cred_sid(const struct cred *cred) 
{

	const struct task_security_struct *tsec;



	tsec = cred->security;

	tsec = selinux_cred(cred);

	return tsec->sid;

}
@@ -498,7 +498,7 @@ static int may_context_mount_sb_relabel(u32 sid, 
			struct superblock_security_struct *sbsec,

			const struct cred *cred)

{

	const struct task_security_struct *tsec = cred->security;

	const struct task_security_struct *tsec = selinux_cred(cred);

	int rc;



	rc = avc_has_perm(&selinux_state,
@@ -517,7 +517,7 @@ static int may_context_mount_inode_relabel(u32 sid, 
			struct superblock_security_struct *sbsec,

			const struct cred *cred)

{

	const struct task_security_struct *tsec = cred->security;

	const struct task_security_struct *tsec = selinux_cred(cred);

	int rc;

	rc = avc_has_perm(&selinux_state,

			  tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,
@@ -1803,7 +1803,7 @@ static int may_create(struct inode *dir, 
		      struct dentry *dentry,

		      u16 tclass)

{

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());

	struct inode_security_struct *dsec;

	struct superblock_security_struct *sbsec;

	u32 sid, newsid;
@@ -1825,7 +1825,7 @@ static int may_create(struct inode *dir, 
	if (rc)

		return rc;



	rc = selinux_determine_inode_label(current_security(), dir,

	rc = selinux_determine_inode_label(selinux_cred(current_cred()), dir,

					   &dentry->d_name, tclass, &newsid);

	if (rc)

		return rc;
@@ -2332,8 +2332,8 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) 
	if (bprm->called_set_creds)

		return 0;



	old_tsec = current_security();

	new_tsec = bprm->cred->security;

	old_tsec = selinux_cred(current_cred());

	new_tsec = selinux_cred(bprm->cred);

	isec = inode_security(inode);



	/* Default to the current task SID. */
@@ -2497,7 +2497,7 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm) 
	struct rlimit *rlim, *initrlim;

	int rc, i;



	new_tsec = bprm->cred->security;

	new_tsec = selinux_cred(bprm->cred);

	if (new_tsec->sid == new_tsec->osid)

		return;
@@ -2540,7 +2540,7 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm) 
 */

static void selinux_bprm_committed_creds(struct linux_binprm *bprm)

{

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());

	struct itimerval itimer;

	u32 osid, sid;

	int rc, i;
@@ -2777,7 +2777,7 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode, 
	u32 newsid;

	int rc;



	rc = selinux_determine_inode_label(current_security(),

	rc = selinux_determine_inode_label(selinux_cred(current_cred()),

					   d_inode(dentry->d_parent), name,

					   inode_mode_to_security_class(mode),

					   &newsid);
@@ -2797,14 +2797,14 @@ static int selinux_dentry_create_files_as(struct dentry *dentry, int mode, 
	int rc;

	struct task_security_struct *tsec;



	rc = selinux_determine_inode_label(old->security,

	rc = selinux_determine_inode_label(selinux_cred(old),

					   d_inode(dentry->d_parent), name,

					   inode_mode_to_security_class(mode),

					   &newsid);

	if (rc)

		return rc;



	tsec = new->security;

	tsec = selinux_cred(new);

	tsec->create_sid = newsid;

	return 0;

}
@@ -2814,7 +2814,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, 
				       const char **name,

				       void **value, size_t *len)

{

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());

	struct superblock_security_struct *sbsec;

	u32 newsid, clen;

	int rc;
@@ -2824,7 +2824,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, 


	newsid = tsec->create_sid;



	rc = selinux_determine_inode_label(current_security(),

	rc = selinux_determine_inode_label(selinux_cred(current_cred()),

		dir, qstr,

		inode_mode_to_security_class(inode->i_mode),

		&newsid);
@@ -3286,7 +3286,7 @@ static int selinux_inode_copy_up(struct dentry *src, struct cred **new) 
			return -ENOMEM;

	}



	tsec = new_creds->security;

	tsec = selinux_cred(new_creds);

	/* Get label from overlay inode and set it in create_sid */

	selinux_inode_getsecid(d_inode(src), &sid);

	tsec->create_sid = sid;
@@ -3706,7 +3706,7 @@ static int selinux_cred_alloc_blank(struct cred *cred, gfp_t gfp) 
 */

static void selinux_cred_free(struct cred *cred)

{

	struct task_security_struct *tsec = cred->security;

	struct task_security_struct *tsec = selinux_cred(cred);



	/*

	 * cred->security == NULL if security_cred_alloc_blank() or
@@ -3726,7 +3726,7 @@ static int selinux_cred_prepare(struct cred *new, const struct cred *old, 
	const struct task_security_struct *old_tsec;

	struct task_security_struct *tsec;



	old_tsec = old->security;

	old_tsec = selinux_cred(old);



	tsec = kmemdup(old_tsec, sizeof(struct task_security_struct), gfp);

	if (!tsec)
@@ -3741,8 +3741,8 @@ static int selinux_cred_prepare(struct cred *new, const struct cred *old, 
 */

static void selinux_cred_transfer(struct cred *new, const struct cred *old)

{

	const struct task_security_struct *old_tsec = old->security;

	struct task_security_struct *tsec = new->security;

	const struct task_security_struct *old_tsec = selinux_cred(old);

	struct task_security_struct *tsec = selinux_cred(new);



	*tsec = *old_tsec;

}
@@ -3758,7 +3758,7 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid) 
 */

static int selinux_kernel_act_as(struct cred *new, u32 secid)

{

	struct task_security_struct *tsec = new->security;

	struct task_security_struct *tsec = selinux_cred(new);

	u32 sid = current_sid();

	int ret;
@@ -3783,7 +3783,7 @@ static int selinux_kernel_act_as(struct cred *new, u32 secid) 
static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode)

{

	struct inode_security_struct *isec = inode_security(inode);

	struct task_security_struct *tsec = new->security;

	struct task_security_struct *tsec = selinux_cred(new);

	u32 sid = current_sid();

	int ret;
@@ -4332,7 +4332,7 @@ static int sock_has_perm(struct sock *sk, u32 perms) 
static int selinux_socket_create(int family, int type,

				 int protocol, int kern)

{

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());

	u32 newsid;

	u16 secclass;

	int rc;
@@ -4352,7 +4352,7 @@ static int selinux_socket_create(int family, int type, 
static int selinux_socket_post_create(struct socket *sock, int family,

				      int type, int protocol, int kern)

{

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());

	struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock));

	struct sk_security_struct *sksec;

	u16 sclass = socket_type_to_security_class(family, type, protocol);
@@ -5233,7 +5233,7 @@ static int selinux_secmark_relabel_packet(u32 sid) 
	const struct task_security_struct *__tsec;

	u32 tsid;



	__tsec = current_security();

	__tsec = selinux_cred(current_cred());

	tsid = __tsec->sid;



	return avc_has_perm(&selinux_state,
@@ -6170,7 +6170,7 @@ static int selinux_getprocattr(struct task_struct *p, 
	unsigned len;



	rcu_read_lock();

	__tsec = __task_cred(p)->security;

	__tsec = selinux_cred(__task_cred(p));



	if (current != p) {

		error = avc_has_perm(&selinux_state,
@@ -6293,7 +6293,7 @@ static int selinux_setprocattr(const char *name, void *value, size_t size) 
	   operation.  See selinux_bprm_set_creds for the execve

	   checks and may_create for the file creation checks. The

	   operation will then fail if the context is not permitted. */

	tsec = new->security;

	tsec = selinux_cred(new);

	if (!strcmp(name, "exec")) {

		tsec->exec_sid = sid;

	} else if (!strcmp(name, "fscreate")) {
@@ -6422,7 +6422,7 @@ static int selinux_key_alloc(struct key *k, const struct cred *cred, 
	if (!ksec)

		return -ENOMEM;



	tsec = cred->security;

	tsec = selinux_cred(cred);

	if (tsec->keycreate_sid)

		ksec->sid = tsec->keycreate_sid;

	else

security/selinux/include/objsec.h

+5 −0
Original line number Diff line number Diff line
@@ -158,4 +158,9 @@ struct bpf_security_struct { 
	u32 sid;  /*SID of bpf obj creater*/

};



static inline struct task_security_struct *selinux_cred(const struct cred *cred)

{

	return cred->security;

}



#endif /* _SELINUX_OBJSEC_H_ */

security/selinux/xfrm.c

+2 −2
Original line number Diff line number Diff line
@@ -79,7 +79,7 @@ static int selinux_xfrm_alloc_user(struct xfrm_sec_ctx **ctxp, 
				   gfp_t gfp)

{

	int rc;

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());

	struct xfrm_sec_ctx *ctx = NULL;

	u32 str_len;
@@ -138,7 +138,7 @@ static void selinux_xfrm_free(struct xfrm_sec_ctx *ctx) 
 */

static int selinux_xfrm_delete(struct xfrm_sec_ctx *ctx)

{

	const struct task_security_struct *tsec = current_security();

	const struct task_security_struct *tsec = selinux_cred(current_cred());



	if (!ctx)

		return 0;