1 // SPDX-License-Identifier: GPL-2.0-only
3  *  Security-Enhanced Linux (SELinux) security module
22  *	CONFIG_SECURITY=y
23  *	CONFIG_SECURITY_NETWORK=y
24  *	CONFIG_SECURITY_NETWORK_XFRM=y
25  *	CONFIG_SECURITY_SELINUX=m/y
58 		(ctx->ctx_doi == XFRM_SC_DOI_LSM) &&  in selinux_authorizable_ctx()
59 		(ctx->ctx_alg == XFRM_SC_ALG_SELINUX));  in selinux_authorizable_ctx()
67 	return selinux_authorizable_ctx(x->security);  in selinux_authorizable_xfrm()
78 	int rc;  in selinux_xfrm_alloc_user()  local
84 	    uctx->ctx_doi != XFRM_SC_DOI_LSM ||  in selinux_xfrm_alloc_user()
85 	    uctx->ctx_alg != XFRM_SC_ALG_SELINUX)  in selinux_xfrm_alloc_user()
86 		return -EINVAL;  in selinux_xfrm_alloc_user()
88 	str_len = uctx->ctx_len;  in selinux_xfrm_alloc_user()
90 		return -ENOMEM;  in selinux_xfrm_alloc_user()
94 		return -ENOMEM;  in selinux_xfrm_alloc_user()
96 	ctx->ctx_doi = XFRM_SC_DOI_LSM;  in selinux_xfrm_alloc_user()
97 	ctx->ctx_alg = XFRM_SC_ALG_SELINUX;  in selinux_xfrm_alloc_user()
98 	ctx->ctx_len = str_len;  in selinux_xfrm_alloc_user()
99 	memcpy(ctx->ctx_str, &uctx[1], str_len);  in selinux_xfrm_alloc_user()
100 	ctx->ctx_str[str_len] = '\0';  in selinux_xfrm_alloc_user()
101 	rc = security_context_to_sid(ctx->ctx_str, str_len,  in selinux_xfrm_alloc_user()
102 				     &ctx->ctx_sid, gfp);  in selinux_xfrm_alloc_user()
103 	if (rc)  in selinux_xfrm_alloc_user()
106 	rc = avc_has_perm(tsec->sid, ctx->ctx_sid,  in selinux_xfrm_alloc_user()
108 	if (rc)  in selinux_xfrm_alloc_user()
117 	return rc;  in selinux_xfrm_alloc_user()
142 	return avc_has_perm(tsec->sid, ctx->ctx_sid,  in selinux_xfrm_delete()
153 	int rc;  in selinux_xfrm_policy_lookup()  local
156 	 * "non-labeled" policy. This would prevent inadvertent "leaks". */  in selinux_xfrm_policy_lookup()
162 		return -EINVAL;  in selinux_xfrm_policy_lookup()
164 	rc = avc_has_perm(fl_secid, ctx->ctx_sid,  in selinux_xfrm_policy_lookup()
166 	return (rc == -EACCES ? -ESRCH : rc);  in selinux_xfrm_policy_lookup()
180 	if (!xp->security)  in selinux_xfrm_state_pol_flow_match()
181 		if (x->security)  in selinux_xfrm_state_pol_flow_match()
188 		if (!x->security)  in selinux_xfrm_state_pol_flow_match()
193 				/* Not a SELinux-labeled SA */  in selinux_xfrm_state_pol_flow_match()
196 	state_sid = x->security->ctx_sid;  in selinux_xfrm_state_pol_flow_match()
197 	flic_sid = flic->flowic_secid;  in selinux_xfrm_state_pol_flow_match()
217 	x = dst->xfrm;  in selinux_xfrm_skb_sid_egress()
221 	return x->security->ctx_sid;  in selinux_xfrm_skb_sid_egress()
233 		for (i = sp->len - 1; i >= 0; i--) {  in selinux_xfrm_skb_sid_ingress()
234 			struct xfrm_state *x = sp->xvec[i];  in selinux_xfrm_skb_sid_ingress()
236 				struct xfrm_sec_ctx *ctx = x->security;  in selinux_xfrm_skb_sid_ingress()
239 					sid_session = ctx->ctx_sid;  in selinux_xfrm_skb_sid_ingress()
242 				} else if (sid_session != ctx->ctx_sid) {  in selinux_xfrm_skb_sid_ingress()
244 					return -EINVAL;  in selinux_xfrm_skb_sid_ingress()
270 	int rc;  in selinux_xfrm_skb_sid()  local
272 	rc = selinux_xfrm_skb_sid_ingress(skb, sid, 0);  in selinux_xfrm_skb_sid()
273 	if (rc == 0 && *sid == SECSID_NULL)  in selinux_xfrm_skb_sid()
276 	return rc;  in selinux_xfrm_skb_sid()
301 	new_ctx = kmemdup(old_ctx, sizeof(*old_ctx) + old_ctx->ctx_len,  in selinux_xfrm_policy_clone()
304 		return -ENOMEM;  in selinux_xfrm_policy_clone()
334 	return selinux_xfrm_alloc_user(&x->security, uctx, GFP_KERNEL);  in selinux_xfrm_state_alloc()
344 	int rc;  in selinux_xfrm_state_alloc_acquire()  local
353 		return -EINVAL;  in selinux_xfrm_state_alloc_acquire()
355 	rc = security_sid_to_context(secid, &ctx_str,  in selinux_xfrm_state_alloc_acquire()
357 	if (rc)  in selinux_xfrm_state_alloc_acquire()
358 		return rc;  in selinux_xfrm_state_alloc_acquire()
362 		rc = -ENOMEM;  in selinux_xfrm_state_alloc_acquire()
366 	ctx->ctx_doi = XFRM_SC_DOI_LSM;  in selinux_xfrm_state_alloc_acquire()
367 	ctx->ctx_alg = XFRM_SC_ALG_SELINUX;  in selinux_xfrm_state_alloc_acquire()
368 	ctx->ctx_sid = secid;  in selinux_xfrm_state_alloc_acquire()
369 	ctx->ctx_len = str_len;  in selinux_xfrm_state_alloc_acquire()
370 	memcpy(ctx->ctx_str, ctx_str, str_len);  in selinux_xfrm_state_alloc_acquire()
372 	x->security = ctx;  in selinux_xfrm_state_alloc_acquire()
376 	return rc;  in selinux_xfrm_state_alloc_acquire()
384 	selinux_xfrm_free(x->security);  in selinux_xfrm_state_free()
392 	return selinux_xfrm_delete(x->security);  in selinux_xfrm_state_delete()
410 		for (i = 0; i < sp->len; i++) {  in selinux_xfrm_sock_rcv_skb()
411 			struct xfrm_state *x = sp->xvec[i];  in selinux_xfrm_sock_rcv_skb()
414 				struct xfrm_sec_ctx *ctx = x->security;  in selinux_xfrm_sock_rcv_skb()
415 				peer_sid = ctx->ctx_sid;  in selinux_xfrm_sock_rcv_skb()
423 	 * non-IPsec communication unless explicitly allowed by policy. */  in selinux_xfrm_sock_rcv_skb()
457 			struct xfrm_state *x = iter->xfrm;  in selinux_xfrm_postroute_last()
466 	 * non-IPsec communication unless explicitly allowed by policy. */  in selinux_xfrm_postroute_last()