Lines Matching +full:un +full:- +full:approved
1 // SPDX-License-Identifier: GPL-2.0-only
3 * Security-Enhanced Linux (SELinux) security module
13 * Copyright (C) 2003-2008 Red Hat, Inc., James Morris <jmorris@redhat.com>
15 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
17 * Copyright (C) 2006, 2007, 2009 Hewlett-Packard Development Company, L.P.
18 * Paul Moore <paul@paul-moore.com>
72 #include <linux/un.h> /* for Unix socket types */
82 #include <linux/posix-timers.h>
156 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled
173 * selinux_peerlbl_enabled - Check to see if peer labeling is currently enabled
216 tsec = selinux_cred(unrcu_pointer(current->real_cred)); in cred_init_security()
217 tsec->osid = tsec->sid = SECINITSID_KERNEL; in cred_init_security()
228 return tsec->sid; in cred_sid()
235 ad->type = LSM_AUDIT_DATA_NET; in __ad_net_init()
236 ad->u.net = net; in __ad_net_init()
237 net->netif = ifindex; in __ad_net_init()
238 net->sk = sk; in __ad_net_init()
239 net->family = family; in __ad_net_init()
274 * allowed; when set to false, returns -ECHILD when the label is
286 * The check of isec->initialized below is racy but in __inode_security_revalidate()
288 * isec->lock held. in __inode_security_revalidate()
291 data_race(isec->initialized != LABEL_INITIALIZED)) { in __inode_security_revalidate()
293 return -ECHILD; in __inode_security_revalidate()
354 sbsec = selinux_superblock(inode->i_sb); in inode_free_security()
365 if (!list_empty_careful(&isec->list)) { in inode_free_security()
366 spin_lock(&sbsec->isec_lock); in inode_free_security()
367 list_del_init(&isec->list); in inode_free_security()
368 spin_unlock(&sbsec->isec_lock); in inode_free_security()
385 Opt_error = -1,
393 #define A(s, has_arg) {#s, sizeof(#s) - 1, Opt_##s, has_arg}
436 rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
441 rc = avc_has_perm(tsec->sid, sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
452 rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
457 rc = avc_has_perm(sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
464 /* Special handling. Genfs but also in-core setxattr handler */ in selinux_is_genfs_special_handling()
465 return !strcmp(sb->s_type->name, "sysfs") || in selinux_is_genfs_special_handling()
466 !strcmp(sb->s_type->name, "pstore") || in selinux_is_genfs_special_handling()
467 !strcmp(sb->s_type->name, "debugfs") || in selinux_is_genfs_special_handling()
468 !strcmp(sb->s_type->name, "tracefs") || in selinux_is_genfs_special_handling()
469 !strcmp(sb->s_type->name, "rootfs") || in selinux_is_genfs_special_handling()
471 (!strcmp(sb->s_type->name, "cgroup") || in selinux_is_genfs_special_handling()
472 !strcmp(sb->s_type->name, "cgroup2"))); in selinux_is_genfs_special_handling()
480 * IMPORTANT: Double-check logic in this function when adding a new in selinux_is_sblabel_mnt()
485 switch (sbsec->behavior) { in selinux_is_sblabel_mnt()
506 struct dentry *root = sb->s_root; in sb_check_xattr_support()
513 * error other than -ENODATA is returned by getxattr on in sb_check_xattr_support()
514 * the root directory. -ENODATA is ok, as this may be in sb_check_xattr_support()
518 if (!(root_inode->i_opflags & IOP_XATTR)) { in sb_check_xattr_support()
520 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
525 if (rc < 0 && rc != -ENODATA) { in sb_check_xattr_support()
526 if (rc == -EOPNOTSUPP) { in sb_check_xattr_support()
528 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
532 sb->s_id, sb->s_type->name, -rc); in sb_check_xattr_support()
539 /* No xattr support - try to fallback to genfs if possible. */ in sb_check_xattr_support()
540 rc = security_genfs_sid(sb->s_type->name, "/", in sb_check_xattr_support()
543 return -EOPNOTSUPP; in sb_check_xattr_support()
546 sb->s_id, sb->s_type->name); in sb_check_xattr_support()
547 sbsec->behavior = SECURITY_FS_USE_GENFS; in sb_check_xattr_support()
548 sbsec->sid = sid; in sb_check_xattr_support()
555 struct dentry *root = sb->s_root; in sb_finish_set_opts()
559 if (sbsec->behavior == SECURITY_FS_USE_XATTR) { in sb_finish_set_opts()
565 sbsec->flags |= SE_SBINITIALIZED; in sb_finish_set_opts()
573 sbsec->flags |= SBLABEL_MNT; in sb_finish_set_opts()
575 sbsec->flags &= ~SBLABEL_MNT; in sb_finish_set_opts()
584 spin_lock(&sbsec->isec_lock); in sb_finish_set_opts()
585 while (!list_empty(&sbsec->isec_head)) { in sb_finish_set_opts()
587 list_first_entry(&sbsec->isec_head, in sb_finish_set_opts()
589 struct inode *inode = isec->inode; in sb_finish_set_opts()
590 list_del_init(&isec->list); in sb_finish_set_opts()
591 spin_unlock(&sbsec->isec_lock); in sb_finish_set_opts()
598 spin_lock(&sbsec->isec_lock); in sb_finish_set_opts()
600 spin_unlock(&sbsec->isec_lock); in sb_finish_set_opts()
607 char mnt_flags = sbsec->flags & SE_MNTMASK; in bad_option()
610 if (sbsec->flags & SE_SBINITIALIZED) in bad_option()
611 if (!(sbsec->flags & flag) || in bad_option()
618 if (!(sbsec->flags & SE_SBINITIALIZED)) in bad_option()
635 struct dentry *root = sb->s_root; in selinux_set_mnt_opts()
647 return -EINVAL; in selinux_set_mnt_opts()
649 mutex_lock(&sbsec->lock); in selinux_set_mnt_opts()
657 sbsec->flags |= SE_SBNATIVE; in selinux_set_mnt_opts()
662 rc = -EINVAL; in selinux_set_mnt_opts()
679 if ((sbsec->flags & SE_SBINITIALIZED) && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA) in selinux_set_mnt_opts()
691 if (opts->fscontext_sid) { in selinux_set_mnt_opts()
692 fscontext_sid = opts->fscontext_sid; in selinux_set_mnt_opts()
693 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_set_mnt_opts()
696 sbsec->flags |= FSCONTEXT_MNT; in selinux_set_mnt_opts()
698 if (opts->context_sid) { in selinux_set_mnt_opts()
699 context_sid = opts->context_sid; in selinux_set_mnt_opts()
700 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_set_mnt_opts()
703 sbsec->flags |= CONTEXT_MNT; in selinux_set_mnt_opts()
705 if (opts->rootcontext_sid) { in selinux_set_mnt_opts()
706 rootcontext_sid = opts->rootcontext_sid; in selinux_set_mnt_opts()
707 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_set_mnt_opts()
710 sbsec->flags |= ROOTCONTEXT_MNT; in selinux_set_mnt_opts()
712 if (opts->defcontext_sid) { in selinux_set_mnt_opts()
713 defcontext_sid = opts->defcontext_sid; in selinux_set_mnt_opts()
714 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_set_mnt_opts()
717 sbsec->flags |= DEFCONTEXT_MNT; in selinux_set_mnt_opts()
721 if (sbsec->flags & SE_SBINITIALIZED) { in selinux_set_mnt_opts()
723 if ((sbsec->flags & SE_MNTMASK) && !opts) in selinux_set_mnt_opts()
729 if (strcmp(sb->s_type->name, "proc") == 0) in selinux_set_mnt_opts()
730 sbsec->flags |= SE_SBPROC | SE_SBGENFS; in selinux_set_mnt_opts()
732 if (!strcmp(sb->s_type->name, "debugfs") || in selinux_set_mnt_opts()
733 !strcmp(sb->s_type->name, "tracefs") || in selinux_set_mnt_opts()
734 !strcmp(sb->s_type->name, "binder") || in selinux_set_mnt_opts()
735 !strcmp(sb->s_type->name, "bpf") || in selinux_set_mnt_opts()
736 !strcmp(sb->s_type->name, "pstore") || in selinux_set_mnt_opts()
737 !strcmp(sb->s_type->name, "securityfs")) in selinux_set_mnt_opts()
738 sbsec->flags |= SE_SBGENFS; in selinux_set_mnt_opts()
740 if (!strcmp(sb->s_type->name, "sysfs") || in selinux_set_mnt_opts()
741 !strcmp(sb->s_type->name, "cgroup") || in selinux_set_mnt_opts()
742 !strcmp(sb->s_type->name, "cgroup2")) in selinux_set_mnt_opts()
743 sbsec->flags |= SE_SBGENFS | SE_SBGENFS_XATTR; in selinux_set_mnt_opts()
745 if (!sbsec->behavior) { in selinux_set_mnt_opts()
753 __func__, sb->s_type->name, rc); in selinux_set_mnt_opts()
763 if (sb->s_user_ns != &init_user_ns && in selinux_set_mnt_opts()
764 strcmp(sb->s_type->name, "tmpfs") && in selinux_set_mnt_opts()
765 strcmp(sb->s_type->name, "ramfs") && in selinux_set_mnt_opts()
766 strcmp(sb->s_type->name, "devpts") && in selinux_set_mnt_opts()
767 strcmp(sb->s_type->name, "overlay")) { in selinux_set_mnt_opts()
770 rc = -EACCES; in selinux_set_mnt_opts()
773 if (sbsec->behavior == SECURITY_FS_USE_XATTR) { in selinux_set_mnt_opts()
774 sbsec->behavior = SECURITY_FS_USE_MNTPOINT; in selinux_set_mnt_opts()
778 &sbsec->mntpoint_sid); in selinux_set_mnt_opts()
791 sbsec->sid = fscontext_sid; in selinux_set_mnt_opts()
799 if (sbsec->flags & SE_SBNATIVE) { in selinux_set_mnt_opts()
808 sbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_set_mnt_opts()
810 sbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_set_mnt_opts()
820 sbsec->sid = context_sid; in selinux_set_mnt_opts()
830 sbsec->mntpoint_sid = context_sid; in selinux_set_mnt_opts()
831 sbsec->behavior = SECURITY_FS_USE_MNTPOINT; in selinux_set_mnt_opts()
840 root_isec->sid = rootcontext_sid; in selinux_set_mnt_opts()
841 root_isec->initialized = LABEL_INITIALIZED; in selinux_set_mnt_opts()
845 if (sbsec->behavior != SECURITY_FS_USE_XATTR && in selinux_set_mnt_opts()
846 sbsec->behavior != SECURITY_FS_USE_NATIVE) { in selinux_set_mnt_opts()
847 rc = -EINVAL; in selinux_set_mnt_opts()
853 if (defcontext_sid != sbsec->def_sid) { in selinux_set_mnt_opts()
860 sbsec->def_sid = defcontext_sid; in selinux_set_mnt_opts()
866 mutex_unlock(&sbsec->lock); in selinux_set_mnt_opts()
869 rc = -EINVAL; in selinux_set_mnt_opts()
871 "security settings for (dev %s, type %s)\n", sb->s_id, in selinux_set_mnt_opts()
872 sb->s_type->name); in selinux_set_mnt_opts()
881 char oldflags = old->flags & SE_MNTMASK; in selinux_cmp_sb_context()
882 char newflags = new->flags & SE_MNTMASK; in selinux_cmp_sb_context()
886 if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid) in selinux_cmp_sb_context()
888 if ((oldflags & CONTEXT_MNT) && old->mntpoint_sid != new->mntpoint_sid) in selinux_cmp_sb_context()
890 if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid) in selinux_cmp_sb_context()
893 struct inode_security_struct *oldroot = backing_inode_security(oldsb->s_root); in selinux_cmp_sb_context()
894 struct inode_security_struct *newroot = backing_inode_security(newsb->s_root); in selinux_cmp_sb_context()
895 if (oldroot->sid != newroot->sid) in selinux_cmp_sb_context()
902 "type %s)\n", newsb->s_id, newsb->s_type->name); in selinux_cmp_sb_context()
903 return -EBUSY; in selinux_cmp_sb_context()
916 int set_fscontext = (oldsbsec->flags & FSCONTEXT_MNT); in selinux_sb_clone_mnt_opts()
917 int set_context = (oldsbsec->flags & CONTEXT_MNT); in selinux_sb_clone_mnt_opts()
918 int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); in selinux_sb_clone_mnt_opts()
925 return -EINVAL; in selinux_sb_clone_mnt_opts()
927 mutex_lock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
935 newsbsec->flags |= SE_SBNATIVE; in selinux_sb_clone_mnt_opts()
942 BUG_ON(!(oldsbsec->flags & SE_SBINITIALIZED)); in selinux_sb_clone_mnt_opts()
945 if (newsbsec->flags & SE_SBINITIALIZED) { in selinux_sb_clone_mnt_opts()
946 mutex_unlock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
952 newsbsec->flags = oldsbsec->flags; in selinux_sb_clone_mnt_opts()
954 newsbsec->sid = oldsbsec->sid; in selinux_sb_clone_mnt_opts()
955 newsbsec->def_sid = oldsbsec->def_sid; in selinux_sb_clone_mnt_opts()
956 newsbsec->behavior = oldsbsec->behavior; in selinux_sb_clone_mnt_opts()
958 if (newsbsec->behavior == SECURITY_FS_USE_NATIVE && in selinux_sb_clone_mnt_opts()
966 newsbsec->behavior = SECURITY_FS_USE_NATIVE; in selinux_sb_clone_mnt_opts()
971 u32 sid = oldsbsec->mntpoint_sid; in selinux_sb_clone_mnt_opts()
974 newsbsec->sid = sid; in selinux_sb_clone_mnt_opts()
976 struct inode_security_struct *newisec = backing_inode_security(newsb->s_root); in selinux_sb_clone_mnt_opts()
977 newisec->sid = sid; in selinux_sb_clone_mnt_opts()
979 newsbsec->mntpoint_sid = sid; in selinux_sb_clone_mnt_opts()
982 const struct inode_security_struct *oldisec = backing_inode_security(oldsb->s_root); in selinux_sb_clone_mnt_opts()
983 struct inode_security_struct *newisec = backing_inode_security(newsb->s_root); in selinux_sb_clone_mnt_opts()
985 newisec->sid = oldisec->sid; in selinux_sb_clone_mnt_opts()
990 mutex_unlock(&newsbsec->lock); in selinux_sb_clone_mnt_opts()
1007 return -EINVAL; in selinux_add_opt()
1011 return -EINVAL; in selinux_add_opt()
1017 return -ENOMEM; in selinux_add_opt()
1023 if (opts->context_sid || opts->defcontext_sid) in selinux_add_opt()
1025 dst_sid = &opts->context_sid; in selinux_add_opt()
1028 if (opts->fscontext_sid) in selinux_add_opt()
1030 dst_sid = &opts->fscontext_sid; in selinux_add_opt()
1033 if (opts->rootcontext_sid) in selinux_add_opt()
1035 dst_sid = &opts->rootcontext_sid; in selinux_add_opt()
1038 if (opts->context_sid || opts->defcontext_sid) in selinux_add_opt()
1040 dst_sid = &opts->defcontext_sid; in selinux_add_opt()
1044 return -EINVAL; in selinux_add_opt()
1054 return -EINVAL; in selinux_add_opt()
1083 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_show_options()
1089 if (sbsec->flags & FSCONTEXT_MNT) { in selinux_sb_show_options()
1092 rc = show_sid(m, sbsec->sid); in selinux_sb_show_options()
1096 if (sbsec->flags & CONTEXT_MNT) { in selinux_sb_show_options()
1099 rc = show_sid(m, sbsec->mntpoint_sid); in selinux_sb_show_options()
1103 if (sbsec->flags & DEFCONTEXT_MNT) { in selinux_sb_show_options()
1106 rc = show_sid(m, sbsec->def_sid); in selinux_sb_show_options()
1110 if (sbsec->flags & ROOTCONTEXT_MNT) { in selinux_sb_show_options()
1111 struct dentry *root = sb->s_root; in selinux_sb_show_options()
1115 rc = show_sid(m, isec->sid); in selinux_sb_show_options()
1119 if (sbsec->flags & SBLABEL_MNT) { in selinux_sb_show_options()
1320 struct super_block *sb = dentry->d_sb; in selinux_genfs_get_sid()
1325 return -ENOMEM; in selinux_genfs_get_sid()
1334 * e.g. /proc/1/net/rpc/nfs -> /net/rpc/nfs */ in selinux_genfs_get_sid()
1340 rc = security_genfs_sid(sb->s_type->name, in selinux_genfs_get_sid()
1342 if (rc == -ENOENT) { in selinux_genfs_get_sid()
1363 return -ENOMEM; in inode_doinit_use_xattr()
1367 if (rc == -ERANGE) { in inode_doinit_use_xattr()
1378 return -ENOMEM; in inode_doinit_use_xattr()
1386 if (rc != -ENODATA) { in inode_doinit_use_xattr()
1388 __func__, -rc, inode->i_sb->s_id, inode->i_ino); in inode_doinit_use_xattr()
1398 char *dev = inode->i_sb->s_id; in inode_doinit_use_xattr()
1399 unsigned long ino = inode->i_ino; in inode_doinit_use_xattr()
1401 if (rc == -EINVAL) { in inode_doinit_use_xattr()
1406 __func__, context, -rc, dev, ino); in inode_doinit_use_xattr()
1423 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1426 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1427 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1430 if (isec->sclass == SECCLASS_FILE) in inode_doinit_with_dentry()
1431 isec->sclass = inode_mode_to_security_class(inode->i_mode); in inode_doinit_with_dentry()
1433 sbsec = selinux_superblock(inode->i_sb); in inode_doinit_with_dentry()
1434 if (!(sbsec->flags & SE_SBINITIALIZED)) { in inode_doinit_with_dentry()
1438 spin_lock(&sbsec->isec_lock); in inode_doinit_with_dentry()
1439 if (list_empty(&isec->list)) in inode_doinit_with_dentry()
1440 list_add(&isec->list, &sbsec->isec_head); in inode_doinit_with_dentry()
1441 spin_unlock(&sbsec->isec_lock); in inode_doinit_with_dentry()
1445 sclass = isec->sclass; in inode_doinit_with_dentry()
1446 task_sid = isec->task_sid; in inode_doinit_with_dentry()
1447 sid = isec->sid; in inode_doinit_with_dentry()
1448 isec->initialized = LABEL_PENDING; in inode_doinit_with_dentry()
1449 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1451 switch (sbsec->behavior) { in inode_doinit_with_dentry()
1453 * In case of SECURITY_FS_USE_NATIVE we need to re-fetch the labels in inode_doinit_with_dentry()
1458 if (!(inode->i_opflags & IOP_XATTR)) { in inode_doinit_with_dentry()
1459 sid = sbsec->def_sid; in inode_doinit_with_dentry()
1483 * sbsec->isec_head list. No reason to complain as these in inode_doinit_with_dentry()
1491 rc = inode_doinit_use_xattr(inode, dentry, sbsec->def_sid, in inode_doinit_with_dentry()
1502 sid = sbsec->sid; in inode_doinit_with_dentry()
1511 sid = sbsec->mntpoint_sid; in inode_doinit_with_dentry()
1515 sid = sbsec->sid; in inode_doinit_with_dentry()
1517 if ((sbsec->flags & SE_SBGENFS) && in inode_doinit_with_dentry()
1518 (!S_ISLNK(inode->i_mode) || in inode_doinit_with_dentry()
1539 * sbsec->isec_head list. No reason to complain as in inode_doinit_with_dentry()
1547 sbsec->flags, &sid); in inode_doinit_with_dentry()
1553 if ((sbsec->flags & SE_SBGENFS_XATTR) && in inode_doinit_with_dentry()
1554 (inode->i_opflags & IOP_XATTR)) { in inode_doinit_with_dentry()
1568 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1569 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1571 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1574 isec->initialized = LABEL_INITIALIZED; in inode_doinit_with_dentry()
1575 isec->sid = sid; in inode_doinit_with_dentry()
1579 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1583 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1584 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1585 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1586 isec->sid = sid; in inode_doinit_with_dentry()
1588 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1647 return -EINVAL; in cred_has_capability()
1676 return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp); in inode_has_perm()
1702 struct inode *inode = d_backing_inode(path->dentry); in path_has_perm()
1707 __inode_security_revalidate(inode, path->dentry, true); in path_has_perm()
1748 if (sid != fsec->sid) { in file_has_perm()
1749 rc = avc_has_perm(sid, fsec->sid, in file_has_perm()
1782 selinux_superblock(dir->i_sb); in selinux_determine_inode_label()
1784 if ((sbsec->flags & SE_SBINITIALIZED) && in selinux_determine_inode_label()
1785 (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) { in selinux_determine_inode_label()
1786 *_new_isid = sbsec->mntpoint_sid; in selinux_determine_inode_label()
1787 } else if ((sbsec->flags & SBLABEL_MNT) && in selinux_determine_inode_label()
1788 tsec->create_sid) { in selinux_determine_inode_label()
1789 *_new_isid = tsec->create_sid; in selinux_determine_inode_label()
1792 return security_transition_sid(tsec->sid, in selinux_determine_inode_label()
1793 dsec->sid, tclass, in selinux_determine_inode_label()
1813 sbsec = selinux_superblock(dir->i_sb); in may_create()
1815 sid = tsec->sid; in may_create()
1820 rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, in may_create()
1826 rc = selinux_determine_inode_label(tsec, dir, &dentry->d_name, tclass, in may_create()
1835 return avc_has_perm(newsid, sbsec->sid, in may_create()
1864 rc = avc_has_perm(sid, dsec->sid, SECCLASS_DIR, av, &ad); in may_link()
1884 rc = avc_has_perm(sid, isec->sid, isec->sclass, av, &ad); in may_link()
1908 rc = avc_has_perm(sid, old_dsec->sid, SECCLASS_DIR, in may_rename()
1912 rc = avc_has_perm(sid, old_isec->sid, in may_rename()
1913 old_isec->sclass, FILE__RENAME, &ad); in may_rename()
1917 rc = avc_has_perm(sid, old_isec->sid, in may_rename()
1918 old_isec->sclass, DIR__REPARENT, &ad); in may_rename()
1927 rc = avc_has_perm(sid, new_dsec->sid, SECCLASS_DIR, av, &ad); in may_rename()
1933 rc = avc_has_perm(sid, new_isec->sid, in may_rename()
1934 new_isec->sclass, in may_rename()
1953 return avc_has_perm(sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad); in superblock_has_perm()
1989 if (file->f_mode & FMODE_READ) in file_to_av()
1991 if (file->f_mode & FMODE_WRITE) { in file_to_av()
1992 if (file->f_flags & O_APPEND) in file_to_av()
1999 * Special file opened with flags 3 for ioctl-only use. in file_to_av()
2017 inode->i_sb->s_magic != SOCKFS_MAGIC) in open_file_to_av()
2064 struct dentry *dentry = file->f_path.dentry; in selinux_binder_transfer_file()
2070 ad.u.path = file->f_path; in selinux_binder_transfer_file()
2072 if (sid != fsec->sid) { in selinux_binder_transfer_file()
2073 rc = avc_has_perm(sid, fsec->sid, in selinux_binder_transfer_file()
2091 return avc_has_perm(sid, isec->sid, isec->sclass, file_to_av(file), in selinux_binder_transfer_file()
2242 int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS); in check_nnp_nosuid()
2243 int nosuid = !mnt_may_suid(bprm->file->f_path.mnt); in check_nnp_nosuid()
2250 if (new_tsec->sid == old_tsec->sid) in check_nnp_nosuid()
2265 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in check_nnp_nosuid()
2276 rc = security_bounded_transition(old_tsec->sid, in check_nnp_nosuid()
2277 new_tsec->sid); in check_nnp_nosuid()
2287 return -EPERM; in check_nnp_nosuid()
2288 return -EACCES; in check_nnp_nosuid()
2297 struct inode *inode = file_inode(bprm->file); in selinux_bprm_creds_for_exec()
2304 new_tsec = selinux_cred(bprm->cred); in selinux_bprm_creds_for_exec()
2308 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2309 new_tsec->osid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2312 new_tsec->create_sid = 0; in selinux_bprm_creds_for_exec()
2313 new_tsec->keycreate_sid = 0; in selinux_bprm_creds_for_exec()
2314 new_tsec->sockcreate_sid = 0; in selinux_bprm_creds_for_exec()
2323 new_tsec->sid = SECINITSID_INIT; in selinux_bprm_creds_for_exec()
2325 new_tsec->exec_sid = 0; in selinux_bprm_creds_for_exec()
2329 if (old_tsec->exec_sid) { in selinux_bprm_creds_for_exec()
2330 new_tsec->sid = old_tsec->exec_sid; in selinux_bprm_creds_for_exec()
2332 new_tsec->exec_sid = 0; in selinux_bprm_creds_for_exec()
2340 rc = security_transition_sid(old_tsec->sid, in selinux_bprm_creds_for_exec()
2341 isec->sid, SECCLASS_PROCESS, NULL, in selinux_bprm_creds_for_exec()
2342 &new_tsec->sid); in selinux_bprm_creds_for_exec()
2352 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2356 ad.u.file = bprm->file; in selinux_bprm_creds_for_exec()
2358 if (new_tsec->sid == old_tsec->sid) { in selinux_bprm_creds_for_exec()
2359 rc = avc_has_perm(old_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2365 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2370 rc = avc_has_perm(new_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2376 if (bprm->unsafe & LSM_UNSAFE_SHARE) { in selinux_bprm_creds_for_exec()
2377 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2381 return -EPERM; in selinux_bprm_creds_for_exec()
2386 if (bprm->unsafe & LSM_UNSAFE_PTRACE) { in selinux_bprm_creds_for_exec()
2389 rc = avc_has_perm(ptsid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2393 return -EPERM; in selinux_bprm_creds_for_exec()
2398 bprm->per_clear |= PER_CLEAR_ON_SETID; in selinux_bprm_creds_for_exec()
2403 rc = avc_has_perm(old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2406 bprm->secureexec |= !!rc; in selinux_bprm_creds_for_exec()
2428 spin_lock(&tty->files_lock); in flush_unauthorized_files()
2429 if (!list_empty(&tty->tty_files)) { in flush_unauthorized_files()
2436 only interested in the inode-based check here. */ in flush_unauthorized_files()
2437 file_priv = list_first_entry(&tty->tty_files, in flush_unauthorized_files()
2439 file = file_priv->file; in flush_unauthorized_files()
2443 spin_unlock(&tty->files_lock); in flush_unauthorized_files()
2460 replace_fd(n - 1, devnull, 0); in flush_unauthorized_files()
2475 new_tsec = selinux_cred(bprm->cred); in selinux_bprm_committing_creds()
2476 if (new_tsec->sid == new_tsec->osid) in selinux_bprm_committing_creds()
2480 flush_unauthorized_files(bprm->cred, current->files); in selinux_bprm_committing_creds()
2483 current->pdeath_signal = 0; in selinux_bprm_committing_creds()
2495 rc = avc_has_perm(new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS, in selinux_bprm_committing_creds()
2501 rlim = current->signal->rlim + i; in selinux_bprm_committing_creds()
2502 initrlim = init_task.signal->rlim + i; in selinux_bprm_committing_creds()
2503 rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); in selinux_bprm_committing_creds()
2521 osid = tsec->osid; in selinux_bprm_committed_creds()
2522 sid = tsec->sid; in selinux_bprm_committed_creds()
2538 spin_lock_irq(&unrcu_pointer(current->sighand)->siglock); in selinux_bprm_committed_creds()
2540 flush_sigqueue(¤t->pending); in selinux_bprm_committed_creds()
2541 flush_sigqueue(¤t->signal->shared_pending); in selinux_bprm_committed_creds()
2543 sigemptyset(¤t->blocked); in selinux_bprm_committed_creds()
2546 spin_unlock_irq(&unrcu_pointer(current->sighand)->siglock); in selinux_bprm_committed_creds()
2552 __wake_up_parent(current, unrcu_pointer(current->real_parent)); in selinux_bprm_committed_creds()
2562 mutex_init(&sbsec->lock); in selinux_sb_alloc_security()
2563 INIT_LIST_HEAD(&sbsec->isec_head); in selinux_sb_alloc_security()
2564 spin_lock_init(&sbsec->isec_lock); in selinux_sb_alloc_security()
2565 sbsec->sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2566 sbsec->def_sid = SECINITSID_FILE; in selinux_sb_alloc_security()
2567 sbsec->mntpoint_sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2611 arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); in selinux_sb_eat_lsm_opts()
2613 rc = -ENOMEM; in selinux_sb_eat_lsm_opts()
2625 from--; in selinux_sb_eat_lsm_opts()
2654 * Superblock not initialized (i.e. no options) - reject if any in selinux_sb_mnt_opts_compat()
2657 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_mnt_opts_compat()
2661 * Superblock initialized and no options specified - reject if in selinux_sb_mnt_opts_compat()
2665 return (sbsec->flags & SE_MNTMASK) ? 1 : 0; in selinux_sb_mnt_opts_compat()
2667 if (opts->fscontext_sid) { in selinux_sb_mnt_opts_compat()
2668 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_sb_mnt_opts_compat()
2669 opts->fscontext_sid)) in selinux_sb_mnt_opts_compat()
2672 if (opts->context_sid) { in selinux_sb_mnt_opts_compat()
2673 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_sb_mnt_opts_compat()
2674 opts->context_sid)) in selinux_sb_mnt_opts_compat()
2677 if (opts->rootcontext_sid) { in selinux_sb_mnt_opts_compat()
2680 root_isec = backing_inode_security(sb->s_root); in selinux_sb_mnt_opts_compat()
2681 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_sb_mnt_opts_compat()
2682 opts->rootcontext_sid)) in selinux_sb_mnt_opts_compat()
2685 if (opts->defcontext_sid) { in selinux_sb_mnt_opts_compat()
2686 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_sb_mnt_opts_compat()
2687 opts->defcontext_sid)) in selinux_sb_mnt_opts_compat()
2698 if (!(sbsec->flags & SE_SBINITIALIZED)) in selinux_sb_remount()
2704 if (opts->fscontext_sid) { in selinux_sb_remount()
2705 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_sb_remount()
2706 opts->fscontext_sid)) in selinux_sb_remount()
2709 if (opts->context_sid) { in selinux_sb_remount()
2710 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, in selinux_sb_remount()
2711 opts->context_sid)) in selinux_sb_remount()
2714 if (opts->rootcontext_sid) { in selinux_sb_remount()
2716 root_isec = backing_inode_security(sb->s_root); in selinux_sb_remount()
2717 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_sb_remount()
2718 opts->rootcontext_sid)) in selinux_sb_remount()
2721 if (opts->defcontext_sid) { in selinux_sb_remount()
2722 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, in selinux_sb_remount()
2723 opts->defcontext_sid)) in selinux_sb_remount()
2730 "during remount (dev %s, type=%s)\n", sb->s_id, in selinux_sb_remount()
2731 sb->s_type->name); in selinux_sb_remount()
2732 return -EINVAL; in selinux_sb_remount()
2741 ad.u.dentry = sb->s_root; in selinux_sb_kern_mount()
2751 ad.u.dentry = dentry->d_sb->s_root; in selinux_sb_statfs()
2752 return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad); in selinux_sb_statfs()
2764 return superblock_has_perm(cred, path->dentry->d_sb, in selinux_mount()
2782 return superblock_has_perm(cred, mnt->mnt_sb, in selinux_umount()
2793 * Ensure that fc->security remains NULL when no options are set in selinux_fs_context_submount()
2796 if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT))) in selinux_fs_context_submount()
2801 return -ENOMEM; in selinux_fs_context_submount()
2803 if (sbsec->flags & FSCONTEXT_MNT) in selinux_fs_context_submount()
2804 opts->fscontext_sid = sbsec->sid; in selinux_fs_context_submount()
2805 if (sbsec->flags & CONTEXT_MNT) in selinux_fs_context_submount()
2806 opts->context_sid = sbsec->mntpoint_sid; in selinux_fs_context_submount()
2807 if (sbsec->flags & DEFCONTEXT_MNT) in selinux_fs_context_submount()
2808 opts->defcontext_sid = sbsec->def_sid; in selinux_fs_context_submount()
2809 fc->security = opts; in selinux_fs_context_submount()
2816 const struct selinux_mnt_opts *src = src_fc->security; in selinux_fs_context_dup()
2821 fc->security = kmemdup(src, sizeof(*src), GFP_KERNEL); in selinux_fs_context_dup()
2822 return fc->security ? 0 : -ENOMEM; in selinux_fs_context_dup()
2844 return selinux_add_opt(opt, param->string, &fc->security); in selinux_fs_context_parse_param()
2854 spin_lock_init(&isec->lock); in selinux_inode_alloc_security()
2855 INIT_LIST_HEAD(&isec->list); in selinux_inode_alloc_security()
2856 isec->inode = inode; in selinux_inode_alloc_security()
2857 isec->sid = SECINITSID_UNLABELED; in selinux_inode_alloc_security()
2858 isec->sclass = SECCLASS_FILE; in selinux_inode_alloc_security()
2859 isec->task_sid = sid; in selinux_inode_alloc_security()
2860 isec->initialized = LABEL_INVALID; in selinux_inode_alloc_security()
2879 d_inode(dentry->d_parent), name, in selinux_dentry_init_security()
2888 cp->id = LSM_ID_SELINUX; in selinux_dentry_init_security()
2889 return security_sid_to_context(newsid, &cp->context, &cp->len); in selinux_dentry_init_security()
2902 d_inode(dentry->d_parent), name, in selinux_dentry_create_files_as()
2909 tsec->create_sid = newsid; in selinux_dentry_create_files_as()
2925 sbsec = selinux_superblock(dir->i_sb); in selinux_inode_init_security()
2927 newsid = tsec->create_sid; in selinux_inode_init_security()
2928 newsclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_init_security()
2934 if (sbsec->flags & SE_SBINITIALIZED) { in selinux_inode_init_security()
2936 isec->sclass = newsclass; in selinux_inode_init_security()
2937 isec->sid = newsid; in selinux_inode_init_security()
2938 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security()
2942 !(sbsec->flags & SBLABEL_MNT)) in selinux_inode_init_security()
2943 return -EOPNOTSUPP; in selinux_inode_init_security()
2950 xattr->value = context; in selinux_inode_init_security()
2951 xattr->value_len = clen; in selinux_inode_init_security()
2952 xattr->name = XATTR_SELINUX_SUFFIX; in selinux_inode_init_security()
2981 if (context_isec->initialized != LABEL_INITIALIZED) { in selinux_inode_init_security_anon()
2983 return -EACCES; in selinux_inode_init_security_anon()
2986 isec->sclass = context_isec->sclass; in selinux_inode_init_security_anon()
2987 isec->sid = context_isec->sid; in selinux_inode_init_security_anon()
2989 isec->sclass = SECCLASS_ANON_INODE; in selinux_inode_init_security_anon()
2992 isec->sclass, name, &isec->sid); in selinux_inode_init_security_anon()
2997 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security_anon()
3004 ad.u.anonclass = name ? (const char *)name->name : "?"; in selinux_inode_init_security_anon()
3007 isec->sid, in selinux_inode_init_security_anon()
3008 isec->sclass, in selinux_inode_init_security_anon()
3074 return avc_has_perm(sid, isec->sid, isec->sclass, FILE__READ, &ad); in selinux_inode_follow_link()
3087 return slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms, in audit_inode_permission()
3112 perms = file_mask_to_av(inode->i_mode, mask); in selinux_inode_permission()
3118 rc = avc_has_perm_noaudit(sid, isec->sid, isec->sclass, perms, 0, in selinux_inode_permission()
3137 unsigned int ia_valid = iattr->ia_valid; in selinux_inode_setattr()
3153 inode->i_sb->s_magic != SOCKFS_MAGIC && in selinux_inode_setattr()
3179 * selinux_inode_xattr_skipcap - Skip the xattr capability checks?
3211 return (inode_owner_or_capable(idmap, inode) ? 0 : -EPERM); in selinux_inode_setxattr()
3213 sbsec = selinux_superblock(inode->i_sb); in selinux_inode_setxattr()
3214 if (!(sbsec->flags & SBLABEL_MNT)) in selinux_inode_setxattr()
3215 return -EOPNOTSUPP; in selinux_inode_setxattr()
3218 return -EPERM; in selinux_inode_setxattr()
3224 rc = avc_has_perm(sid, isec->sid, isec->sclass, in selinux_inode_setxattr()
3231 if (rc == -EINVAL) { in selinux_inode_setxattr()
3241 if (str[size - 1] == '\0') in selinux_inode_setxattr()
3242 audit_size = size - 1; in selinux_inode_setxattr()
3264 rc = avc_has_perm(sid, newsid, isec->sclass, in selinux_inode_setxattr()
3269 rc = security_validate_transition(isec->sid, newsid, in selinux_inode_setxattr()
3270 sid, isec->sclass); in selinux_inode_setxattr()
3275 sbsec->sid, in selinux_inode_setxattr()
3328 inode->i_sb->s_id, inode->i_ino, -rc); in selinux_inode_post_setxattr()
3333 spin_lock(&isec->lock); in selinux_inode_post_setxattr()
3334 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_post_setxattr()
3335 isec->sid = newsid; in selinux_inode_post_setxattr()
3336 isec->initialized = LABEL_INITIALIZED; in selinux_inode_post_setxattr()
3337 spin_unlock(&isec->lock); in selinux_inode_post_setxattr()
3366 return -EACCES; in selinux_inode_removexattr()
3390 ret = superblock_has_perm(current_cred(), path->dentry->d_sb, in selinux_path_notify()
3402 return -EINVAL; in selinux_path_notify()
3409 /* watches on read-like events need the file:watch_reads permission */ in selinux_path_notify()
3433 * just let vfs_getxattr fall back to using the on-disk xattr. in selinux_inode_getsecurity()
3437 return -EOPNOTSUPP; in selinux_inode_getsecurity()
3442 * use the in-core value under current policy. in selinux_inode_getsecurity()
3443 * Use the non-auditing forms of the permission checks since in selinux_inode_getsecurity()
3446 * in-core context value, not a denial. in selinux_inode_getsecurity()
3450 error = security_sid_to_context_force(isec->sid, &context, in selinux_inode_getsecurity()
3453 error = security_sid_to_context(isec->sid, in selinux_inode_getsecurity()
3476 return -EOPNOTSUPP; in selinux_inode_setsecurity()
3478 sbsec = selinux_superblock(inode->i_sb); in selinux_inode_setsecurity()
3479 if (!(sbsec->flags & SBLABEL_MNT)) in selinux_inode_setsecurity()
3480 return -EOPNOTSUPP; in selinux_inode_setsecurity()
3483 return -EACCES; in selinux_inode_setsecurity()
3490 spin_lock(&isec->lock); in selinux_inode_setsecurity()
3491 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_setsecurity()
3492 isec->sid = newsid; in selinux_inode_setsecurity()
3493 isec->initialized = LABEL_INITIALIZED; in selinux_inode_setsecurity()
3494 spin_unlock(&isec->lock); in selinux_inode_setsecurity()
3514 prop->selinux.secid = isec->sid; in selinux_inode_getlsmprop()
3526 return -ENOMEM; in selinux_inode_copy_up()
3532 tsec->create_sid = prop.selinux.secid; in selinux_inode_copy_up()
3541 * xattrs up. Instead, filter out SELinux-related xattrs following in selinux_inode_copy_up_xattr()
3545 return -ECANCELED; /* Discard */ in selinux_inode_copy_up_xattr()
3550 return -EOPNOTSUPP; in selinux_inode_copy_up_xattr()
3564 if (rc == -ENODATA) in selinux_kernfs_init_security()
3572 return -ENOMEM; in selinux_kernfs_init_security()
3586 if (tsec->create_sid) { in selinux_kernfs_init_security()
3587 newsid = tsec->create_sid; in selinux_kernfs_init_security()
3589 u16 secclass = inode_mode_to_security_class(kn->mode); in selinux_kernfs_init_security()
3594 kn_name = rcu_dereference_check(kn->name, true); in selinux_kernfs_init_security()
3598 rc = security_transition_sid(tsec->sid, in selinux_kernfs_init_security()
3625 if ((file->f_flags & O_APPEND) && (mask & MAY_WRITE)) in selinux_revalidate_file_permission()
3629 file_mask_to_av(inode->i_mode, mask)); in selinux_revalidate_file_permission()
3644 if (sid == fsec->sid && fsec->isid == isec->sid && in selinux_file_permission()
3645 fsec->pseqno == avc_policy_seqno()) in selinux_file_permission()
3657 fsec->sid = sid; in selinux_file_alloc_security()
3658 fsec->fown_sid = sid; in selinux_file_alloc_security()
3682 ad.u.op->cmd = cmd; in ioctl_has_perm()
3683 ad.u.op->path = file->f_path; in ioctl_has_perm()
3685 if (ssid != fsec->sid) { in ioctl_has_perm()
3686 rc = avc_has_perm(ssid, fsec->sid, in ioctl_has_perm()
3698 rc = avc_has_extended_perms(ssid, isec->sid, isec->sclass, requested, in ioctl_has_perm()
3755 * If we are in a 64-bit kernel running 32-bit userspace, we need to in selinux_file_ioctl_compat()
3756 * make sure we don't compare 32-bit flags to 64-bit flags. in selinux_file_ioctl_compat()
3859 (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { in selinux_file_mprotect()
3870 if (vma->vm_start >= vma->vm_mm->start_brk && in selinux_file_mprotect()
3871 vma->vm_end <= vma->vm_mm->brk) { in selinux_file_mprotect()
3874 } else if (!vma->vm_file && (vma_is_initial_stack(vma) || in selinux_file_mprotect()
3878 } else if (vma->vm_file && vma->anon_vma) { in selinux_file_mprotect()
3886 rc = file_has_perm(cred, vma->vm_file, FILE__EXECMOD); in selinux_file_mprotect()
3892 return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED); in selinux_file_mprotect()
3910 if ((file->f_flags & O_APPEND) && !(arg & O_APPEND)) { in selinux_file_fcntl()
3947 fsec->fown_sid = current_sid(); in selinux_file_set_fowner()
3959 file = fown->file; in selinux_file_send_sigiotask()
3968 return avc_has_perm(fsec->fown_sid, sid, in selinux_file_send_sigiotask()
3988 * at open-time so that selinux_file_permission in selinux_file_open()
3993 fsec->isid = isec->sid; in selinux_file_open()
3994 fsec->pseqno = avc_policy_seqno(); in selinux_file_open()
4001 * This check is not redundant - do not remove. in selinux_file_open()
4003 return file_path_has_perm(file->f_cred, file, open_file_to_av(file)); in selinux_file_open()
4047 prop->selinux.secid = cred_sid(c); in selinux_cred_getlsmprop()
4052 * - all the creation contexts are set to unlabelled
4065 tsec->sid = secid; in selinux_kernel_act_as()
4066 tsec->create_sid = 0; in selinux_kernel_act_as()
4067 tsec->keycreate_sid = 0; in selinux_kernel_act_as()
4068 tsec->sockcreate_sid = 0; in selinux_kernel_act_as()
4084 ret = avc_has_perm(sid, isec->sid, in selinux_kernel_create_files_as()
4090 tsec->create_sid = isec->sid; in selinux_kernel_create_files_as()
4120 if (sid != fsec->sid) { in selinux_kernel_load_from_file()
4121 rc = avc_has_perm(sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); in selinux_kernel_load_from_file()
4127 return avc_has_perm(sid, isec->sid, SECCLASS_SYSTEM, requested, &ad); in selinux_kernel_load_from_file()
4225 prop->selinux.secid = current_sid(); in selinux_current_getlsmprop_subj()
4231 prop->selinux.secid = task_sid_obj(p); in selinux_task_getlsmprop_obj()
4270 struct rlimit *old_rlim = p->signal->rlim + resource; in selinux_task_setrlimit()
4276 if (old_rlim->rlim_max != new_rlim->rlim_max) in selinux_task_setrlimit()
4324 spin_lock(&isec->lock); in selinux_task_to_inode()
4325 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_task_to_inode()
4326 isec->sid = sid; in selinux_task_to_inode()
4327 isec->initialized = LABEL_INITIALIZED; in selinux_task_to_inode()
4328 spin_unlock(&isec->lock); in selinux_task_to_inode()
4343 int offset, ihlen, ret = -EINVAL; in selinux_parse_skb_ipv4()
4351 ihlen = ih->ihl * 4; in selinux_parse_skb_ipv4()
4355 ad->u.net->v4info.saddr = ih->saddr; in selinux_parse_skb_ipv4()
4356 ad->u.net->v4info.daddr = ih->daddr; in selinux_parse_skb_ipv4()
4360 *proto = ih->protocol; in selinux_parse_skb_ipv4()
4362 switch (ih->protocol) { in selinux_parse_skb_ipv4()
4366 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4374 ad->u.net->sport = th->source; in selinux_parse_skb_ipv4()
4375 ad->u.net->dport = th->dest; in selinux_parse_skb_ipv4()
4382 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4390 ad->u.net->sport = uh->source; in selinux_parse_skb_ipv4()
4391 ad->u.net->dport = uh->dest; in selinux_parse_skb_ipv4()
4398 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4406 ad->u.net->sport = dh->dccph_sport; in selinux_parse_skb_ipv4()
4407 ad->u.net->dport = dh->dccph_dport; in selinux_parse_skb_ipv4()
4415 if (ntohs(ih->frag_off) & IP_OFFSET) in selinux_parse_skb_ipv4()
4423 ad->u.net->sport = sh->source; in selinux_parse_skb_ipv4()
4424 ad->u.net->dport = sh->dest; in selinux_parse_skb_ipv4()
4442 int ret = -EINVAL, offset; in selinux_parse_skb_ipv6()
4451 ad->u.net->v6info.saddr = ip6->saddr; in selinux_parse_skb_ipv6()
4452 ad->u.net->v6info.daddr = ip6->daddr; in selinux_parse_skb_ipv6()
4455 nexthdr = ip6->nexthdr; in selinux_parse_skb_ipv6()
4472 ad->u.net->sport = th->source; in selinux_parse_skb_ipv6()
4473 ad->u.net->dport = th->dest; in selinux_parse_skb_ipv6()
4484 ad->u.net->sport = uh->source; in selinux_parse_skb_ipv6()
4485 ad->u.net->dport = uh->dest; in selinux_parse_skb_ipv6()
4496 ad->u.net->sport = dh->dccph_sport; in selinux_parse_skb_ipv6()
4497 ad->u.net->dport = dh->dccph_dport; in selinux_parse_skb_ipv6()
4509 ad->u.net->sport = sh->source; in selinux_parse_skb_ipv6()
4510 ad->u.net->dport = sh->dest; in selinux_parse_skb_ipv6()
4530 switch (ad->u.net->family) { in selinux_parse_skb()
4535 addrp = (char *)(src ? &ad->u.net->v4info.saddr : in selinux_parse_skb()
4536 &ad->u.net->v4info.daddr); in selinux_parse_skb()
4544 addrp = (char *)(src ? &ad->u.net->v6info.saddr : in selinux_parse_skb()
4545 &ad->u.net->v6info.daddr); in selinux_parse_skb()
4566 * selinux_skb_peerlbl_sid - Determine the peer label of a packet
4576 * or -EACCES if @sid is invalid due to inconsistencies with the different
4589 return -EACCES; in selinux_skb_peerlbl_sid()
4592 return -EACCES; in selinux_skb_peerlbl_sid()
4600 return -EACCES; in selinux_skb_peerlbl_sid()
4607 * selinux_conn_sid - Determine the child socket label for a connection
4636 if (tsec->sockcreate_sid > SECSID_NULL) { in socket_sockcreate_sid()
4637 *socksid = tsec->sockcreate_sid; in socket_sockcreate_sid()
4641 return security_transition_sid(tsec->sid, tsec->sid, in socket_sockcreate_sid()
4670 struct sk_security_struct *sksec = sk->sk_security; in sock_has_perm()
4674 if (sock_skip_has_perm(sksec->sid)) in sock_has_perm()
4679 return avc_has_perm(current_sid(), sksec->sid, sksec->sclass, perms, in sock_has_perm()
4699 return avc_has_perm(tsec->sid, newsid, secclass, SOCKET__CREATE, NULL); in selinux_socket_create()
4718 isec->sclass = sclass; in selinux_socket_post_create()
4719 isec->sid = sid; in selinux_socket_post_create()
4720 isec->initialized = LABEL_INITIALIZED; in selinux_socket_post_create()
4722 if (sock->sk) { in selinux_socket_post_create()
4723 sksec = selinux_sock(sock->sk); in selinux_socket_post_create()
4724 sksec->sclass = sclass; in selinux_socket_post_create()
4725 sksec->sid = sid; in selinux_socket_post_create()
4727 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_post_create()
4728 sksec->sctp_assoc_state = SCTP_ASSOC_UNSET; in selinux_socket_post_create()
4730 err = selinux_netlbl_socket_post_create(sock->sk, family); in selinux_socket_post_create()
4739 struct sk_security_struct *sksec_a = selinux_sock(socka->sk); in selinux_socket_socketpair()
4740 struct sk_security_struct *sksec_b = selinux_sock(sockb->sk); in selinux_socket_socketpair()
4742 sksec_a->peer_sid = sksec_b->sid; in selinux_socket_socketpair()
4743 sksec_b->peer_sid = sksec_a->sid; in selinux_socket_socketpair()
4754 struct sock *sk = sock->sk; in selinux_socket_bind()
4764 family = sk->sk_family; in selinux_socket_bind()
4778 * need to check address->sa_family as it is possible to have in selinux_socket_bind()
4779 * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET. in selinux_socket_bind()
4782 return -EINVAL; in selinux_socket_bind()
4783 family_sa = address->sa_family; in selinux_socket_bind()
4788 return -EINVAL; in selinux_socket_bind()
4794 return -EINVAL; in selinux_socket_bind()
4801 if (addr4->sin_addr.s_addr != htonl(INADDR_ANY)) in selinux_socket_bind()
4805 snum = ntohs(addr4->sin_port); in selinux_socket_bind()
4806 addrp = (char *)&addr4->sin_addr.s_addr; in selinux_socket_bind()
4810 return -EINVAL; in selinux_socket_bind()
4812 snum = ntohs(addr6->sin6_port); in selinux_socket_bind()
4813 addrp = (char *)&addr6->sin6_addr.s6_addr; in selinux_socket_bind()
4821 ad.u.net->sport = htons(snum); in selinux_socket_bind()
4822 ad.u.net->family = family_sa; in selinux_socket_bind()
4831 err = sel_netport_sid(sk->sk_protocol, in selinux_socket_bind()
4835 err = avc_has_perm(sksec->sid, sid, in selinux_socket_bind()
4836 sksec->sclass, in selinux_socket_bind()
4843 switch (sksec->sclass) { in selinux_socket_bind()
4870 ad.u.net->v4info.saddr = addr4->sin_addr.s_addr; in selinux_socket_bind()
4872 ad.u.net->v6info.saddr = addr6->sin6_addr; in selinux_socket_bind()
4874 err = avc_has_perm(sksec->sid, sid, in selinux_socket_bind()
4875 sksec->sclass, node_perm, &ad); in selinux_socket_bind()
4882 /* Note that SCTP services expect -EINVAL, others -EAFNOSUPPORT. */ in selinux_socket_bind()
4883 if (sk->sk_protocol == IPPROTO_SCTP) in selinux_socket_bind()
4884 return -EINVAL; in selinux_socket_bind()
4885 return -EAFNOSUPPORT; in selinux_socket_bind()
4894 struct sock *sk = sock->sk; in selinux_socket_connect_helper()
4902 return -EINVAL; in selinux_socket_connect_helper()
4907 if (address->sa_family == AF_UNSPEC) in selinux_socket_connect_helper()
4914 if (sksec->sclass == SECCLASS_TCP_SOCKET || in selinux_socket_connect_helper()
4915 sksec->sclass == SECCLASS_DCCP_SOCKET || in selinux_socket_connect_helper()
4916 sksec->sclass == SECCLASS_SCTP_SOCKET) { in selinux_socket_connect_helper()
4926 * need to check address->sa_family as it is possible to have in selinux_socket_connect_helper()
4927 * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET. in selinux_socket_connect_helper()
4929 switch (address->sa_family) { in selinux_socket_connect_helper()
4933 return -EINVAL; in selinux_socket_connect_helper()
4934 snum = ntohs(addr4->sin_port); in selinux_socket_connect_helper()
4939 return -EINVAL; in selinux_socket_connect_helper()
4940 snum = ntohs(addr6->sin6_port); in selinux_socket_connect_helper()
4943 /* Note that SCTP services expect -EINVAL, whereas in selinux_socket_connect_helper()
4944 * others expect -EAFNOSUPPORT. in selinux_socket_connect_helper()
4946 if (sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_connect_helper()
4947 return -EINVAL; in selinux_socket_connect_helper()
4949 return -EAFNOSUPPORT; in selinux_socket_connect_helper()
4952 err = sel_netport_sid(sk->sk_protocol, snum, &sid); in selinux_socket_connect_helper()
4956 switch (sksec->sclass) { in selinux_socket_connect_helper()
4970 ad.u.net->dport = htons(snum); in selinux_socket_connect_helper()
4971 ad.u.net->family = address->sa_family; in selinux_socket_connect_helper()
4972 err = avc_has_perm(sksec->sid, sid, sksec->sclass, perm, &ad); in selinux_socket_connect_helper()
4985 struct sock *sk = sock->sk; in selinux_socket_connect()
4996 return sock_has_perm(sock->sk, SOCKET__LISTEN); in selinux_socket_listen()
5007 err = sock_has_perm(sock->sk, SOCKET__ACCEPT); in selinux_socket_accept()
5012 spin_lock(&isec->lock); in selinux_socket_accept()
5013 sclass = isec->sclass; in selinux_socket_accept()
5014 sid = isec->sid; in selinux_socket_accept()
5015 spin_unlock(&isec->lock); in selinux_socket_accept()
5018 newisec->sclass = sclass; in selinux_socket_accept()
5019 newisec->sid = sid; in selinux_socket_accept()
5020 newisec->initialized = LABEL_INITIALIZED; in selinux_socket_accept()
5028 return sock_has_perm(sock->sk, SOCKET__WRITE); in selinux_socket_sendmsg()
5034 return sock_has_perm(sock->sk, SOCKET__READ); in selinux_socket_recvmsg()
5039 return sock_has_perm(sock->sk, SOCKET__GETATTR); in selinux_socket_getsockname()
5044 return sock_has_perm(sock->sk, SOCKET__GETATTR); in selinux_socket_getpeername()
5051 err = sock_has_perm(sock->sk, SOCKET__SETOPT); in selinux_socket_setsockopt()
5061 return sock_has_perm(sock->sk, SOCKET__GETOPT); in selinux_socket_getsockopt()
5066 return sock_has_perm(sock->sk, SOCKET__SHUTDOWN); in selinux_socket_shutdown()
5082 err = avc_has_perm(sksec_sock->sid, sksec_other->sid, in selinux_socket_unix_stream_connect()
5083 sksec_other->sclass, in selinux_socket_unix_stream_connect()
5089 sksec_new->peer_sid = sksec_sock->sid; in selinux_socket_unix_stream_connect()
5090 err = security_sid_mls_copy(sksec_other->sid, in selinux_socket_unix_stream_connect()
5091 sksec_sock->sid, &sksec_new->sid); in selinux_socket_unix_stream_connect()
5096 sksec_sock->peer_sid = sksec_new->sid; in selinux_socket_unix_stream_connect()
5104 struct sk_security_struct *ssec = selinux_sock(sock->sk); in selinux_socket_unix_may_send()
5105 struct sk_security_struct *osec = selinux_sock(other->sk); in selinux_socket_unix_may_send()
5109 ad_net_init_from_sk(&ad, &net, other->sk); in selinux_socket_unix_may_send()
5111 return avc_has_perm(ssec->sid, osec->sid, osec->sclass, SOCKET__SENDTO, in selinux_socket_unix_may_send()
5143 u32 sk_sid = sksec->sid; in selinux_sock_rcv_skb_compat()
5148 ad_net_init_from_iif(&ad, &net, skb->skb_iif, family); in selinux_sock_rcv_skb_compat()
5154 err = avc_has_perm(sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_sock_rcv_skb_compat()
5163 err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); in selinux_sock_rcv_skb_compat()
5172 u16 family = sk->sk_family; in selinux_socket_sock_rcv_skb()
5173 u32 sk_sid = sksec->sid; in selinux_socket_sock_rcv_skb()
5182 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_socket_sock_rcv_skb()
5197 ad_net_init_from_iif(&ad, &net, skb->skb_iif, family); in selinux_socket_sock_rcv_skb()
5208 err = selinux_inet_sys_rcv_skb(sock_net(sk), skb->skb_iif, in selinux_socket_sock_rcv_skb()
5223 err = avc_has_perm(sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_socket_sock_rcv_skb()
5239 struct sk_security_struct *sksec = selinux_sock(sock->sk); in selinux_socket_getpeersec_stream()
5242 if (sksec->sclass == SECCLASS_UNIX_STREAM_SOCKET || in selinux_socket_getpeersec_stream()
5243 sksec->sclass == SECCLASS_TCP_SOCKET || in selinux_socket_getpeersec_stream()
5244 sksec->sclass == SECCLASS_SCTP_SOCKET) in selinux_socket_getpeersec_stream()
5245 peer_sid = sksec->peer_sid; in selinux_socket_getpeersec_stream()
5247 return -ENOPROTOOPT; in selinux_socket_getpeersec_stream()
5254 err = -ERANGE; in selinux_socket_getpeersec_stream()
5259 err = -EFAULT; in selinux_socket_getpeersec_stream()
5262 err = -EFAULT; in selinux_socket_getpeersec_stream()
5273 if (skb && skb->protocol == htons(ETH_P_IP)) in selinux_socket_getpeersec_dgram()
5275 else if (skb && skb->protocol == htons(ETH_P_IPV6)) in selinux_socket_getpeersec_dgram()
5278 family = sock->sk->sk_family; in selinux_socket_getpeersec_dgram()
5281 return -EINVAL; in selinux_socket_getpeersec_dgram()
5287 peer_secid = isec->sid; in selinux_socket_getpeersec_dgram()
5293 return -ENOPROTOOPT; in selinux_socket_getpeersec_dgram()
5301 sksec->peer_sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5302 sksec->sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5303 sksec->sclass = SECCLASS_SOCKET; in selinux_sk_alloc_security()
5321 newsksec->sid = sksec->sid; in selinux_sk_clone_security()
5322 newsksec->peer_sid = sksec->peer_sid; in selinux_sk_clone_security()
5323 newsksec->sclass = sksec->sclass; in selinux_sk_clone_security()
5335 *secid = sksec->sid; in selinux_sk_getsecid()
5345 if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 || in selinux_sock_graft()
5346 sk->sk_family == PF_UNIX) in selinux_sock_graft()
5347 isec->sid = sksec->sid; in selinux_sock_graft()
5348 sksec->sclass = isec->sclass; in selinux_sock_graft()
5358 struct sock *sk = asoc->base.sk; in selinux_sctp_process_new_assoc()
5359 u16 family = sk->sk_family; in selinux_sctp_process_new_assoc()
5366 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_sctp_process_new_assoc()
5370 asoc->peer_secid = SECSID_NULL; in selinux_sctp_process_new_assoc()
5375 err = selinux_skb_peerlbl_sid(skb, family, &asoc->peer_secid); in selinux_sctp_process_new_assoc()
5379 if (asoc->peer_secid == SECSID_NULL) in selinux_sctp_process_new_assoc()
5380 asoc->peer_secid = SECINITSID_UNLABELED; in selinux_sctp_process_new_assoc()
5382 asoc->peer_secid = SECINITSID_UNLABELED; in selinux_sctp_process_new_assoc()
5385 if (sksec->sctp_assoc_state == SCTP_ASSOC_UNSET) { in selinux_sctp_process_new_assoc()
5386 sksec->sctp_assoc_state = SCTP_ASSOC_SET; in selinux_sctp_process_new_assoc()
5390 * then it is approved by policy and used as the primary in selinux_sctp_process_new_assoc()
5393 sksec->peer_sid = asoc->peer_secid; in selinux_sctp_process_new_assoc()
5394 } else if (sksec->peer_sid != asoc->peer_secid) { in selinux_sctp_process_new_assoc()
5398 ad_net_init_from_sk(&ad, &net, asoc->base.sk); in selinux_sctp_process_new_assoc()
5399 err = avc_has_perm(sksec->peer_sid, asoc->peer_secid, in selinux_sctp_process_new_assoc()
5400 sksec->sclass, SCTP_SOCKET__ASSOCIATION, in selinux_sctp_process_new_assoc()
5415 struct sk_security_struct *sksec = selinux_sock(asoc->base.sk); in selinux_sctp_assoc_request()
5432 err = selinux_conn_sid(sksec->sid, asoc->peer_secid, &conn_sid); in selinux_sctp_assoc_request()
5436 asoc->secid = conn_sid; in selinux_sctp_assoc_request()
5448 struct sk_security_struct *sksec = selinux_sock(asoc->base.sk); in selinux_sctp_assoc_established()
5453 /* Inherit secid from the parent socket - this will be picked up in selinux_sctp_assoc_established()
5457 asoc->secid = sksec->sid; in selinux_sctp_assoc_established()
5478 sock = sk->sk_socket; in selinux_sctp_bind_connect()
5483 return -EINVAL; in selinux_sctp_bind_connect()
5486 switch (addr->sa_family) { in selinux_sctp_bind_connect()
5495 return -EINVAL; in selinux_sctp_bind_connect()
5499 return -EINVAL; in selinux_sctp_bind_connect()
5501 err = -EINVAL; in selinux_sctp_bind_connect()
5551 * the non-sctp clone version. in selinux_sctp_sk_clone()
5556 newsksec->sid = asoc->secid; in selinux_sctp_sk_clone()
5557 newsksec->peer_sid = asoc->peer_secid; in selinux_sctp_sk_clone()
5558 newsksec->sclass = sksec->sclass; in selinux_sctp_sk_clone()
5567 ssksec->sclass = sksec->sclass; in selinux_mptcp_add_subflow()
5568 ssksec->sid = sksec->sid; in selinux_mptcp_add_subflow()
5571 * and re-recreating a new label using the updated context in selinux_mptcp_add_subflow()
5574 return selinux_netlbl_socket_post_create(ssk, ssk->sk_family); in selinux_mptcp_add_subflow()
5582 u16 family = req->rsk_ops->family; in selinux_inet_conn_request()
5589 err = selinux_conn_sid(sksec->sid, peersid, &connsid); in selinux_inet_conn_request()
5592 req->secid = connsid; in selinux_inet_conn_request()
5593 req->peer_secid = peersid; in selinux_inet_conn_request()
5603 newsksec->sid = req->secid; in selinux_inet_csk_clone()
5604 newsksec->peer_sid = req->peer_secid; in selinux_inet_csk_clone()
5605 /* NOTE: Ideally, we should also get the isec->sid for the in selinux_inet_csk_clone()
5612 selinux_netlbl_inet_csk_clone(newsk, req->rsk_ops->family); in selinux_inet_csk_clone()
5617 u16 family = sk->sk_family; in selinux_inet_conn_established()
5621 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_inet_conn_established()
5624 selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid); in selinux_inet_conn_established()
5646 flic->flowic_secid = req->secid; in selinux_req_classify_flow()
5653 tunsec->sid = current_sid(); in selinux_tun_dev_alloc_security()
5665 * connections unlike traditional sockets - check the TUN driver to in selinux_tun_dev_create()
5676 return avc_has_perm(current_sid(), tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_attach_queue()
5692 sksec->sid = tunsec->sid; in selinux_tun_dev_attach()
5693 sksec->sclass = SECCLASS_TUN_SOCKET; in selinux_tun_dev_attach()
5704 err = avc_has_perm(sid, tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_open()
5712 tunsec->sid = sid; in selinux_tun_dev_open()
5738 family = state->pf; in selinux_ip_forward()
5742 ifindex = state->in->ifindex; in selinux_ip_forward()
5750 err = selinux_inet_sys_rcv_skb(state->net, ifindex, in selinux_ip_forward()
5759 if (avc_has_perm(peer_sid, skb->secmark, in selinux_ip_forward()
5786 sk = sk_to_full_sk(skb->sk); in selinux_ip_output()
5792 * packet is a SYN-ACK packet which means it needs to in selinux_ip_output()
5796 * the parent socket until after the SYN-ACK is sent. in selinux_ip_output()
5797 * the "solution" is to simply pass the packet as-is in selinux_ip_output()
5807 sid = sksec->sid; in selinux_ip_output()
5810 if (selinux_netlbl_skbuff_setsid(skb, state->pf, sid) != 0) in selinux_ip_output()
5831 ad_net_init_from_iif(&ad, &net, state->out->ifindex, state->pf); in selinux_ip_postroute_compat()
5836 if (avc_has_perm(sksec->sid, skb->secmark, in selinux_ip_postroute_compat()
5838 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute_compat()
5840 if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto)) in selinux_ip_postroute_compat()
5841 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute_compat()
5875 /* If skb->dst->xfrm is non-NULL then the packet is undergoing an IPsec in selinux_ip_postroute()
5879 * NOTE: there appear to be some IPv6 multicast cases where skb->dst in selinux_ip_postroute()
5881 * NOTE: if this is a local socket (skb->sk != NULL) that is in the in selinux_ip_postroute()
5886 if (skb_dst(skb) != NULL && skb_dst(skb)->xfrm != NULL && in selinux_ip_postroute()
5891 family = state->pf; in selinux_ip_postroute()
5897 if (skb->skb_iif) { in selinux_ip_postroute()
5907 * listening state which means this is a SYN-ACK packet. In in selinux_ip_postroute()
5911 * socket until after the SYN-ACK packet is sent; the only in selinux_ip_postroute()
5930 if (IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5934 if (IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5938 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5941 if (selinux_conn_sid(sksec->sid, skb_sid, &peer_sid)) in selinux_ip_postroute()
5948 peer_sid = sksec->sid; in selinux_ip_postroute()
5952 ifindex = state->out->ifindex; in selinux_ip_postroute()
5958 if (avc_has_perm(peer_sid, skb->secmark, in selinux_ip_postroute()
5960 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5966 if (sel_netif_sid(state->net, ifindex, &if_sid)) in selinux_ip_postroute()
5970 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5976 return NF_DROP_ERR(-ECONNREFUSED); in selinux_ip_postroute()
5985 struct sk_security_struct *sksec = sk->sk_security; in nlmsg_sock_has_extended_perms()
5990 if (sock_skip_has_perm(sksec->sid)) in nlmsg_sock_has_extended_perms()
5999 return avc_has_extended_perms(current_sid(), sksec->sid, sksec->sclass, in nlmsg_sock_has_extended_perms()
6007 unsigned int data_len = skb->len; in selinux_netlink_send()
6008 unsigned char *data = skb->data; in selinux_netlink_send()
6011 u16 sclass = sksec->sclass; in selinux_netlink_send()
6023 if (nlh->nlmsg_len < NLMSG_HDRLEN || nlh->nlmsg_len > data_len) in selinux_netlink_send()
6026 rc = selinux_nlmsg_lookup(sclass, nlh->nlmsg_type, &perm); in selinux_netlink_send()
6030 sk, perm, nlh->nlmsg_type); in selinux_netlink_send()
6036 } else if (rc == -EINVAL) { in selinux_netlink_send()
6037 /* -EINVAL is a missing msg/perm mapping */ in selinux_netlink_send()
6041 sk->sk_protocol, nlh->nlmsg_type, in selinux_netlink_send()
6042 secclass_map[sclass - 1].name, in selinux_netlink_send()
6043 task_pid_nr(current), current->comm); in selinux_netlink_send()
6048 } else if (rc == -ENOENT) { in selinux_netlink_send()
6049 /* -ENOENT is a missing socket/class mapping, ignore */ in selinux_netlink_send()
6056 msg_len = NLMSG_ALIGN(nlh->nlmsg_len); in selinux_netlink_send()
6059 data_len -= msg_len; in selinux_netlink_send()
6068 isec->sclass = sclass; in ipc_init_security()
6069 isec->sid = current_sid(); in ipc_init_security()
6082 ad.u.ipc_id = ipc_perms->key; in ipc_has_perm()
6084 return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad); in ipc_has_perm()
6092 msec->sid = SECINITSID_UNLABELED; in selinux_msg_msg_alloc_security()
6108 ad.u.ipc_id = msq->key; in selinux_msg_queue_alloc_security()
6110 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_alloc_security()
6123 ad.u.ipc_id = msq->key; in selinux_msg_queue_associate()
6125 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_associate()
6136 /* No specific object, just general system-wide information. */ in selinux_msg_queue_msgctl()
6171 if (msec->sid == SECINITSID_UNLABELED) { in selinux_msg_queue_msgsnd()
6176 rc = security_transition_sid(sid, isec->sid, in selinux_msg_queue_msgsnd()
6177 SECCLASS_MSG, NULL, &msec->sid); in selinux_msg_queue_msgsnd()
6183 ad.u.ipc_id = msq->key; in selinux_msg_queue_msgsnd()
6186 rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6190 rc = avc_has_perm(sid, msec->sid, SECCLASS_MSG, in selinux_msg_queue_msgsnd()
6194 rc = avc_has_perm(msec->sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6214 ad.u.ipc_id = msq->key; in selinux_msg_queue_msgrcv()
6216 rc = avc_has_perm(sid, isec->sid, in selinux_msg_queue_msgrcv()
6219 rc = avc_has_perm(sid, msec->sid, in selinux_msg_queue_msgrcv()
6235 ad.u.ipc_id = shp->key; in selinux_shm_alloc_security()
6237 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, in selinux_shm_alloc_security()
6250 ad.u.ipc_id = shp->key; in selinux_shm_associate()
6252 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, in selinux_shm_associate()
6264 /* No specific object, just general system-wide information. */ in selinux_shm_shmctl()
6313 ad.u.ipc_id = sma->key; in selinux_sem_alloc_security()
6315 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, in selinux_sem_alloc_security()
6328 ad.u.ipc_id = sma->key; in selinux_sem_associate()
6330 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, in selinux_sem_associate()
6343 /* No specific object, just general system-wide information. */ in selinux_sem_semctl()
6411 prop->selinux.secid = isec->sid; in selinux_ipc_getlsmprop()
6431 error = avc_has_perm(current_sid(), tsec->sid, in selinux_lsm_getattr()
6438 sid = tsec->sid; in selinux_lsm_getattr()
6441 sid = tsec->osid; in selinux_lsm_getattr()
6444 sid = tsec->exec_sid; in selinux_lsm_getattr()
6447 sid = tsec->create_sid; in selinux_lsm_getattr()
6450 sid = tsec->keycreate_sid; in selinux_lsm_getattr()
6453 sid = tsec->sockcreate_sid; in selinux_lsm_getattr()
6456 error = -EOPNOTSUPP; in selinux_lsm_getattr()
6509 error = -EOPNOTSUPP; in selinux_lsm_setattr()
6517 if (str[size-1] == '\n') { in selinux_lsm_setattr()
6518 str[size-1] = 0; in selinux_lsm_setattr()
6519 size--; in selinux_lsm_setattr()
6523 if (error == -EINVAL && attr == LSM_ATTR_FSCREATE) { in selinux_lsm_setattr()
6531 if (str[size - 1] == '\0') in selinux_lsm_setattr()
6532 audit_size = size - 1; in selinux_lsm_setattr()
6556 return -ENOMEM; in selinux_lsm_setattr()
6566 tsec->exec_sid = sid; in selinux_lsm_setattr()
6568 tsec->create_sid = sid; in selinux_lsm_setattr()
6576 tsec->keycreate_sid = sid; in selinux_lsm_setattr()
6578 tsec->sockcreate_sid = sid; in selinux_lsm_setattr()
6580 error = -EINVAL; in selinux_lsm_setattr()
6585 error = security_bounded_transition(tsec->sid, sid); in selinux_lsm_setattr()
6591 error = avc_has_perm(tsec->sid, sid, SECCLASS_PROCESS, in selinux_lsm_setattr()
6606 tsec->sid = sid; in selinux_lsm_setattr()
6608 error = -EINVAL; in selinux_lsm_setattr()
6621 * selinux_getselfattr - Get SELinux current task attributes
6653 rc = selinux_lsm_setattr(attr, ctx->ctx, ctx->ctx_len); in selinux_setselfattr()
6667 if (rc != -EOPNOTSUPP) in selinux_getprocattr()
6671 return -EINVAL; in selinux_getprocattr()
6680 return -EINVAL; in selinux_setprocattr()
6694 cp->id = LSM_ID_SELINUX; in selinux_secid_to_secctx()
6695 ret = security_sid_to_context(secid, &cp->context, &cp->len); in selinux_secid_to_secctx()
6698 return cp->len; in selinux_secid_to_secctx()
6709 return selinux_secid_to_secctx(prop->selinux.secid, cp); in selinux_lsmprop_to_secctx()
6720 if (cp->id == LSM_ID_SELINUX) { in selinux_release_secctx()
6721 kfree(cp->context); in selinux_release_secctx()
6722 cp->context = NULL; in selinux_release_secctx()
6723 cp->id = LSM_ID_UNDEF; in selinux_release_secctx()
6731 spin_lock(&isec->lock); in selinux_inode_invalidate_secctx()
6732 isec->initialized = LABEL_INVALID; in selinux_inode_invalidate_secctx()
6733 spin_unlock(&isec->lock); in selinux_inode_invalidate_secctx()
6737 * called with inode->i_mutex locked
6744 return rc == -EOPNOTSUPP ? 0 : rc; in selinux_inode_notifysecctx()
6748 * called with inode->i_mutex locked
6761 (void **)&cp->context, true); in selinux_inode_getsecctx()
6764 cp->len = len; in selinux_inode_getsecctx()
6765 cp->id = LSM_ID_SELINUX; in selinux_inode_getsecctx()
6777 if (tsec->keycreate_sid) in selinux_key_alloc()
6778 ksec->sid = tsec->keycreate_sid; in selinux_key_alloc()
6780 ksec->sid = tsec->sid; in selinux_key_alloc()
6819 return -EPERM; in selinux_key_permission()
6827 return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, perm, NULL); in selinux_key_permission()
6837 rc = security_sid_to_context(ksec->sid, in selinux_key_getsecurity()
6851 return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, KEY__VIEW, NULL); in selinux_watch_key()
6873 return avc_has_perm(sec->sid, sid, in selinux_ib_pkey_access()
6897 return avc_has_perm(sec->sid, sid, in selinux_ib_endport_manage_subnet()
6906 sec->sid = current_sid(); in selinux_ib_alloc_security()
6961 if (file->f_op == &bpf_map_fops) { in bpf_fd_pass()
6962 map = file->private_data; in bpf_fd_pass()
6963 bpfsec = map->security; in bpf_fd_pass()
6964 ret = avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6965 bpf_map_fmode_to_av(file->f_mode), NULL); in bpf_fd_pass()
6968 } else if (file->f_op == &bpf_prog_fops) { in bpf_fd_pass()
6969 prog = file->private_data; in bpf_fd_pass()
6970 bpfsec = prog->aux->security; in bpf_fd_pass()
6971 ret = avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6984 bpfsec = map->security; in selinux_bpf_map()
6985 return avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_map()
6994 bpfsec = prog->aux->security; in selinux_bpf_prog()
6995 return avc_has_perm(sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_prog()
7006 return -ENOMEM; in selinux_bpf_map_create()
7008 bpfsec->sid = current_sid(); in selinux_bpf_map_create()
7009 map->security = bpfsec; in selinux_bpf_map_create()
7016 struct bpf_security_struct *bpfsec = map->security; in selinux_bpf_map_free()
7018 map->security = NULL; in selinux_bpf_map_free()
7029 return -ENOMEM; in selinux_bpf_prog_load()
7031 bpfsec->sid = current_sid(); in selinux_bpf_prog_load()
7032 prog->aux->security = bpfsec; in selinux_bpf_prog_load()
7039 struct bpf_security_struct *bpfsec = prog->aux->security; in selinux_bpf_prog_free()
7041 prog->aux->security = NULL; in selinux_bpf_prog_free()
7052 return -ENOMEM; in selinux_bpf_token_create()
7054 bpfsec->sid = current_sid(); in selinux_bpf_token_create()
7055 token->security = bpfsec; in selinux_bpf_token_create()
7062 struct bpf_security_struct *bpfsec = token->security; in selinux_bpf_token_free()
7064 token->security = NULL; in selinux_bpf_token_free()
7100 return -EINVAL; in selinux_perf_event_open()
7110 perfsec = selinux_perf_event(event->security); in selinux_perf_event_alloc()
7111 perfsec->sid = current_sid(); in selinux_perf_event_alloc()
7118 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_read()
7121 return avc_has_perm(sid, perfsec->sid, in selinux_perf_event_read()
7127 struct perf_event_security_struct *perfsec = event->security; in selinux_perf_event_write()
7130 return avc_has_perm(sid, perfsec->sid, in selinux_perf_event_write()
7137 * selinux_uring_override_creds - check the requested cred override
7150 * selinux_uring_sqpoll - check if a io_uring polling thread can be created
7164 * selinux_uring_cmd - check if IORING_OP_URING_CMD is allowed
7173 struct file *file = ioucmd->file; in selinux_uring_cmd()
7181 return avc_has_perm(current_sid(), isec->sid, in selinux_uring_cmd()
7186 * selinux_uring_allowed - check if io_uring_setup() can be called