1 // SPDX-License-Identifier: GPL-2.0-only
3  *  Security-Enhanced Linux (SELinux) security module
22  *	CONFIG_SECURITY=y
23  *	CONFIG_SECURITY_NETWORK=y
24  *	CONFIG_SECURITY_NETWORK_XFRM=y
25  *	CONFIG_SECURITY_SELINUX=m/y
58 		(ctx->ctx_doi == XFRM_SC_DOI_LSM) &&  in selinux_authorizable_ctx()
59 		(ctx->ctx_alg == XFRM_SC_ALG_SELINUX));  in selinux_authorizable_ctx()
67 	return selinux_authorizable_ctx(x->security);  in selinux_authorizable_xfrm()
78 	int rc;  in selinux_xfrm_alloc_user()  local
83 	    uctx->ctx_doi != XFRM_SC_DOI_LSM ||  in selinux_xfrm_alloc_user()
84 	    uctx->ctx_alg != XFRM_SC_ALG_SELINUX)  in selinux_xfrm_alloc_user()
85 		return -EINVAL;  in selinux_xfrm_alloc_user()
87 	str_len = uctx->ctx_len;  in selinux_xfrm_alloc_user()
89 		return -ENOMEM;  in selinux_xfrm_alloc_user()
93 		return -ENOMEM;  in selinux_xfrm_alloc_user()
95 	ctx->ctx_doi = XFRM_SC_DOI_LSM;  in selinux_xfrm_alloc_user()
96 	ctx->ctx_alg = XFRM_SC_ALG_SELINUX;  in selinux_xfrm_alloc_user()
97 	ctx->ctx_len = str_len;  in selinux_xfrm_alloc_user()
98 	memcpy(ctx->ctx_str, &uctx[1], str_len);  in selinux_xfrm_alloc_user()
99 	ctx->ctx_str[str_len] = '\0';  in selinux_xfrm_alloc_user()
100 	rc = security_context_to_sid(ctx->ctx_str, str_len,  in selinux_xfrm_alloc_user()
101 				     &ctx->ctx_sid, gfp);  in selinux_xfrm_alloc_user()
102 	if (rc)  in selinux_xfrm_alloc_user()
105 	rc = avc_has_perm(current_sid(), ctx->ctx_sid,  in selinux_xfrm_alloc_user()
107 	if (rc)  in selinux_xfrm_alloc_user()
116 	return rc;  in selinux_xfrm_alloc_user()
139 	return avc_has_perm(current_sid(), ctx->ctx_sid,  in selinux_xfrm_delete()
150 	int rc;  in selinux_xfrm_policy_lookup()  local
153 	 * "non-labeled" policy. This would prevent inadvertent "leaks". */  in selinux_xfrm_policy_lookup()
159 		return -EINVAL;  in selinux_xfrm_policy_lookup()
161 	rc = avc_has_perm(fl_secid, ctx->ctx_sid,  in selinux_xfrm_policy_lookup()
163 	return (rc == -EACCES ? -ESRCH : rc);  in selinux_xfrm_policy_lookup()
177 	if (!xp->security)  in selinux_xfrm_state_pol_flow_match()
178 		if (x->security)  in selinux_xfrm_state_pol_flow_match()
185 		if (!x->security)  in selinux_xfrm_state_pol_flow_match()
190 				/* Not a SELinux-labeled SA */  in selinux_xfrm_state_pol_flow_match()
193 	state_sid = x->security->ctx_sid;  in selinux_xfrm_state_pol_flow_match()
194 	flic_sid = flic->flowic_secid;  in selinux_xfrm_state_pol_flow_match()
214 	x = dst->xfrm;  in selinux_xfrm_skb_sid_egress()
218 	return x->security->ctx_sid;  in selinux_xfrm_skb_sid_egress()
230 		for (i = sp->len - 1; i >= 0; i--) {  in selinux_xfrm_skb_sid_ingress()
231 			struct xfrm_state *x = sp->xvec[i];  in selinux_xfrm_skb_sid_ingress()
233 				struct xfrm_sec_ctx *ctx = x->security;  in selinux_xfrm_skb_sid_ingress()
236 					sid_session = ctx->ctx_sid;  in selinux_xfrm_skb_sid_ingress()
239 				} else if (sid_session != ctx->ctx_sid) {  in selinux_xfrm_skb_sid_ingress()
241 					return -EINVAL;  in selinux_xfrm_skb_sid_ingress()
267 	int rc;  in selinux_xfrm_skb_sid()  local
269 	rc = selinux_xfrm_skb_sid_ingress(skb, sid, 0);  in selinux_xfrm_skb_sid()
270 	if (rc == 0 && *sid == SECSID_NULL)  in selinux_xfrm_skb_sid()
273 	return rc;  in selinux_xfrm_skb_sid()
298 	new_ctx = kmemdup(old_ctx, sizeof(*old_ctx) + old_ctx->ctx_len,  in selinux_xfrm_policy_clone()
301 		return -ENOMEM;  in selinux_xfrm_policy_clone()
331 	return selinux_xfrm_alloc_user(&x->security, uctx, GFP_KERNEL);  in selinux_xfrm_state_alloc()
341 	int rc;  in selinux_xfrm_state_alloc_acquire()  local
350 		return -EINVAL;  in selinux_xfrm_state_alloc_acquire()
352 	rc = security_sid_to_context(secid, &ctx_str,  in selinux_xfrm_state_alloc_acquire()
354 	if (rc)  in selinux_xfrm_state_alloc_acquire()
355 		return rc;  in selinux_xfrm_state_alloc_acquire()
359 		rc = -ENOMEM;  in selinux_xfrm_state_alloc_acquire()
363 	ctx->ctx_doi = XFRM_SC_DOI_LSM;  in selinux_xfrm_state_alloc_acquire()
364 	ctx->ctx_alg = XFRM_SC_ALG_SELINUX;  in selinux_xfrm_state_alloc_acquire()
365 	ctx->ctx_sid = secid;  in selinux_xfrm_state_alloc_acquire()
366 	ctx->ctx_len = str_len;  in selinux_xfrm_state_alloc_acquire()
367 	memcpy(ctx->ctx_str, ctx_str, str_len);  in selinux_xfrm_state_alloc_acquire()
369 	x->security = ctx;  in selinux_xfrm_state_alloc_acquire()
373 	return rc;  in selinux_xfrm_state_alloc_acquire()
381 	selinux_xfrm_free(x->security);  in selinux_xfrm_state_free()
389 	return selinux_xfrm_delete(x->security);  in selinux_xfrm_state_delete()
407 		for (i = 0; i < sp->len; i++) {  in selinux_xfrm_sock_rcv_skb()
408 			struct xfrm_state *x = sp->xvec[i];  in selinux_xfrm_sock_rcv_skb()
411 				struct xfrm_sec_ctx *ctx = x->security;  in selinux_xfrm_sock_rcv_skb()
412 				peer_sid = ctx->ctx_sid;  in selinux_xfrm_sock_rcv_skb()
420 	 * non-IPsec communication unless explicitly allowed by policy. */  in selinux_xfrm_sock_rcv_skb()
454 			struct xfrm_state *x = iter->xfrm;  in selinux_xfrm_postroute_last()
463 	 * non-IPsec communication unless explicitly allowed by policy. */  in selinux_xfrm_postroute_last()