selinux: Add accessor functions for inode->i_security

Add functions dentry_security and inode_security for accessing
inode->i_security.  These functions initially don't do much, but they
will later be used to revalidate the security labels when necessary.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
This commit is contained in:
Andreas Gruenbacher 2015-12-24 11:09:39 -05:00 committed by Paul Moore
parent d6335d77a7
commit 83da53c5a3

View File

@ -242,6 +242,24 @@ static int inode_alloc_security(struct inode *inode)
return 0; return 0;
} }
/*
* Get the security label of an inode.
*/
static struct inode_security_struct *inode_security(struct inode *inode)
{
return inode->i_security;
}
/*
* Get the security label of a dentry's backing inode.
*/
static struct inode_security_struct *backing_inode_security(struct dentry *dentry)
{
struct inode *inode = d_backing_inode(dentry);
return inode->i_security;
}
static void inode_free_rcu(struct rcu_head *head) static void inode_free_rcu(struct rcu_head *head)
{ {
struct inode_security_struct *isec; struct inode_security_struct *isec;
@ -565,8 +583,8 @@ static int selinux_get_mnt_opts(const struct super_block *sb,
opts->mnt_opts_flags[i++] = DEFCONTEXT_MNT; opts->mnt_opts_flags[i++] = DEFCONTEXT_MNT;
} }
if (sbsec->flags & ROOTCONTEXT_MNT) { if (sbsec->flags & ROOTCONTEXT_MNT) {
struct inode *root = d_backing_inode(sbsec->sb->s_root); struct dentry *root = sbsec->sb->s_root;
struct inode_security_struct *isec = root->i_security; struct inode_security_struct *isec = backing_inode_security(root);
rc = security_sid_to_context(isec->sid, &context, &len); rc = security_sid_to_context(isec->sid, &context, &len);
if (rc) if (rc)
@ -621,8 +639,8 @@ static int selinux_set_mnt_opts(struct super_block *sb,
int rc = 0, i; int rc = 0, i;
struct superblock_security_struct *sbsec = sb->s_security; struct superblock_security_struct *sbsec = sb->s_security;
const char *name = sb->s_type->name; const char *name = sb->s_type->name;
struct inode *inode = d_backing_inode(sbsec->sb->s_root); struct dentry *root = sbsec->sb->s_root;
struct inode_security_struct *root_isec = inode->i_security; struct inode_security_struct *root_isec = backing_inode_security(root);
u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0; u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0;
u32 defcontext_sid = 0; u32 defcontext_sid = 0;
char **mount_options = opts->mnt_opts; char **mount_options = opts->mnt_opts;
@ -852,8 +870,8 @@ static int selinux_cmp_sb_context(const struct super_block *oldsb,
if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid) if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid)
goto mismatch; goto mismatch;
if (oldflags & ROOTCONTEXT_MNT) { if (oldflags & ROOTCONTEXT_MNT) {
struct inode_security_struct *oldroot = d_backing_inode(oldsb->s_root)->i_security; struct inode_security_struct *oldroot = backing_inode_security(oldsb->s_root);
struct inode_security_struct *newroot = d_backing_inode(newsb->s_root)->i_security; struct inode_security_struct *newroot = backing_inode_security(newsb->s_root);
if (oldroot->sid != newroot->sid) if (oldroot->sid != newroot->sid)
goto mismatch; goto mismatch;
} }
@ -903,17 +921,14 @@ static int selinux_sb_clone_mnt_opts(const struct super_block *oldsb,
if (!set_fscontext) if (!set_fscontext)
newsbsec->sid = sid; newsbsec->sid = sid;
if (!set_rootcontext) { if (!set_rootcontext) {
struct inode *newinode = d_backing_inode(newsb->s_root); struct inode_security_struct *newisec = backing_inode_security(newsb->s_root);
struct inode_security_struct *newisec = newinode->i_security;
newisec->sid = sid; newisec->sid = sid;
} }
newsbsec->mntpoint_sid = sid; newsbsec->mntpoint_sid = sid;
} }
if (set_rootcontext) { if (set_rootcontext) {
const struct inode *oldinode = d_backing_inode(oldsb->s_root); const struct inode_security_struct *oldisec = backing_inode_security(oldsb->s_root);
const struct inode_security_struct *oldisec = oldinode->i_security; struct inode_security_struct *newisec = backing_inode_security(newsb->s_root);
struct inode *newinode = d_backing_inode(newsb->s_root);
struct inode_security_struct *newisec = newinode->i_security;
newisec->sid = oldisec->sid; newisec->sid = oldisec->sid;
} }
@ -1712,13 +1727,13 @@ out:
/* /*
* Determine the label for an inode that might be unioned. * Determine the label for an inode that might be unioned.
*/ */
static int selinux_determine_inode_label(const struct inode *dir, static int selinux_determine_inode_label(struct inode *dir,
const struct qstr *name, const struct qstr *name,
u16 tclass, u16 tclass,
u32 *_new_isid) u32 *_new_isid)
{ {
const struct superblock_security_struct *sbsec = dir->i_sb->s_security; const struct superblock_security_struct *sbsec = dir->i_sb->s_security;
const struct inode_security_struct *dsec = dir->i_security; const struct inode_security_struct *dsec = inode_security(dir);
const struct task_security_struct *tsec = current_security(); const struct task_security_struct *tsec = current_security();
if ((sbsec->flags & SE_SBINITIALIZED) && if ((sbsec->flags & SE_SBINITIALIZED) &&
@ -1747,7 +1762,7 @@ static int may_create(struct inode *dir,
struct common_audit_data ad; struct common_audit_data ad;
int rc; int rc;
dsec = dir->i_security; dsec = inode_security(dir);
sbsec = dir->i_sb->s_security; sbsec = dir->i_sb->s_security;
sid = tsec->sid; sid = tsec->sid;
@ -1800,8 +1815,8 @@ static int may_link(struct inode *dir,
u32 av; u32 av;
int rc; int rc;
dsec = dir->i_security; dsec = inode_security(dir);
isec = d_backing_inode(dentry)->i_security; isec = backing_inode_security(dentry);
ad.type = LSM_AUDIT_DATA_DENTRY; ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry; ad.u.dentry = dentry;
@ -1844,10 +1859,10 @@ static inline int may_rename(struct inode *old_dir,
int old_is_dir, new_is_dir; int old_is_dir, new_is_dir;
int rc; int rc;
old_dsec = old_dir->i_security; old_dsec = inode_security(old_dir);
old_isec = d_backing_inode(old_dentry)->i_security; old_isec = backing_inode_security(old_dentry);
old_is_dir = d_is_dir(old_dentry); old_is_dir = d_is_dir(old_dentry);
new_dsec = new_dir->i_security; new_dsec = inode_security(new_dir);
ad.type = LSM_AUDIT_DATA_DENTRY; ad.type = LSM_AUDIT_DATA_DENTRY;
@ -1875,7 +1890,7 @@ static inline int may_rename(struct inode *old_dir,
if (rc) if (rc)
return rc; return rc;
if (d_is_positive(new_dentry)) { if (d_is_positive(new_dentry)) {
new_isec = d_backing_inode(new_dentry)->i_security; new_isec = backing_inode_security(new_dentry);
new_is_dir = d_is_dir(new_dentry); new_is_dir = d_is_dir(new_dentry);
rc = avc_has_perm(sid, new_isec->sid, rc = avc_has_perm(sid, new_isec->sid,
new_isec->sclass, new_isec->sclass,
@ -2011,8 +2026,8 @@ static int selinux_binder_transfer_file(struct task_struct *from,
{ {
u32 sid = task_sid(to); u32 sid = task_sid(to);
struct file_security_struct *fsec = file->f_security; struct file_security_struct *fsec = file->f_security;
struct inode *inode = d_backing_inode(file->f_path.dentry); struct dentry *dentry = file->f_path.dentry;
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = backing_inode_security(dentry);
struct common_audit_data ad; struct common_audit_data ad;
int rc; int rc;
@ -2028,7 +2043,7 @@ static int selinux_binder_transfer_file(struct task_struct *from,
return rc; return rc;
} }
if (unlikely(IS_PRIVATE(inode))) if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
return 0; return 0;
return avc_has_perm(sid, isec->sid, isec->sclass, file_to_av(file), return avc_has_perm(sid, isec->sid, isec->sclass, file_to_av(file),
@ -2217,7 +2232,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
old_tsec = current_security(); old_tsec = current_security();
new_tsec = bprm->cred->security; new_tsec = bprm->cred->security;
isec = inode->i_security; isec = inode_security(inode);
/* Default to the current task SID. */ /* Default to the current task SID. */
new_tsec->sid = old_tsec->sid; new_tsec->sid = old_tsec->sid;
@ -2639,7 +2654,7 @@ static int selinux_sb_remount(struct super_block *sb, void *data)
break; break;
case ROOTCONTEXT_MNT: { case ROOTCONTEXT_MNT: {
struct inode_security_struct *root_isec; struct inode_security_struct *root_isec;
root_isec = d_backing_inode(sb->s_root)->i_security; root_isec = backing_inode_security(sb->s_root);
if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid)) if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid))
goto out_bad_option; goto out_bad_option;
@ -2856,7 +2871,7 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct inode *inode,
ad.type = LSM_AUDIT_DATA_DENTRY; ad.type = LSM_AUDIT_DATA_DENTRY;
ad.u.dentry = dentry; ad.u.dentry = dentry;
sid = cred_sid(cred); sid = cred_sid(cred);
isec = inode->i_security; isec = inode_security(inode);
return avc_has_perm_flags(sid, isec->sid, isec->sclass, FILE__READ, &ad, return avc_has_perm_flags(sid, isec->sid, isec->sclass, FILE__READ, &ad,
rcu ? MAY_NOT_BLOCK : 0); rcu ? MAY_NOT_BLOCK : 0);
@ -2908,7 +2923,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
perms = file_mask_to_av(inode->i_mode, mask); perms = file_mask_to_av(inode->i_mode, mask);
sid = cred_sid(cred); sid = cred_sid(cred);
isec = inode->i_security; isec = inode_security(inode);
rc = avc_has_perm_noaudit(sid, isec->sid, isec->sclass, perms, 0, &avd); rc = avc_has_perm_noaudit(sid, isec->sid, isec->sclass, perms, 0, &avd);
audited = avc_audit_required(perms, &avd, rc, audited = avc_audit_required(perms, &avd, rc,
@ -2978,7 +2993,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
const void *value, size_t size, int flags) const void *value, size_t size, int flags)
{ {
struct inode *inode = d_backing_inode(dentry); struct inode *inode = d_backing_inode(dentry);
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = backing_inode_security(dentry);
struct superblock_security_struct *sbsec; struct superblock_security_struct *sbsec;
struct common_audit_data ad; struct common_audit_data ad;
u32 newsid, sid = current_sid(); u32 newsid, sid = current_sid();
@ -3055,7 +3070,7 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name,
int flags) int flags)
{ {
struct inode *inode = d_backing_inode(dentry); struct inode *inode = d_backing_inode(dentry);
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = backing_inode_security(dentry);
u32 newsid; u32 newsid;
int rc; int rc;
@ -3113,7 +3128,7 @@ static int selinux_inode_getsecurity(struct inode *inode, const char *name, void
u32 size; u32 size;
int error; int error;
char *context = NULL; char *context = NULL;
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = inode_security(inode);
if (strcmp(name, XATTR_SELINUX_SUFFIX)) if (strcmp(name, XATTR_SELINUX_SUFFIX))
return -EOPNOTSUPP; return -EOPNOTSUPP;
@ -3152,7 +3167,7 @@ out_nofree:
static int selinux_inode_setsecurity(struct inode *inode, const char *name, static int selinux_inode_setsecurity(struct inode *inode, const char *name,
const void *value, size_t size, int flags) const void *value, size_t size, int flags)
{ {
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = inode_security(inode);
u32 newsid; u32 newsid;
int rc; int rc;
@ -3182,7 +3197,7 @@ static int selinux_inode_listsecurity(struct inode *inode, char *buffer, size_t
static void selinux_inode_getsecid(struct inode *inode, u32 *secid) static void selinux_inode_getsecid(struct inode *inode, u32 *secid)
{ {
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = inode_security(inode);
*secid = isec->sid; *secid = isec->sid;
} }
@ -3205,7 +3220,7 @@ static int selinux_file_permission(struct file *file, int mask)
{ {
struct inode *inode = file_inode(file); struct inode *inode = file_inode(file);
struct file_security_struct *fsec = file->f_security; struct file_security_struct *fsec = file->f_security;
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = inode_security(inode);
u32 sid = current_sid(); u32 sid = current_sid();
if (!mask) if (!mask)
@ -3240,7 +3255,7 @@ static int ioctl_has_perm(const struct cred *cred, struct file *file,
struct common_audit_data ad; struct common_audit_data ad;
struct file_security_struct *fsec = file->f_security; struct file_security_struct *fsec = file->f_security;
struct inode *inode = file_inode(file); struct inode *inode = file_inode(file);
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = inode_security(inode);
struct lsm_ioctlop_audit ioctl; struct lsm_ioctlop_audit ioctl;
u32 ssid = cred_sid(cred); u32 ssid = cred_sid(cred);
int rc; int rc;
@ -3504,7 +3519,7 @@ static int selinux_file_open(struct file *file, const struct cred *cred)
struct inode_security_struct *isec; struct inode_security_struct *isec;
fsec = file->f_security; fsec = file->f_security;
isec = file_inode(file)->i_security; isec = inode_security(file_inode(file));
/* /*
* Save inode label and policy sequence number * Save inode label and policy sequence number
* at open-time so that selinux_file_permission * at open-time so that selinux_file_permission
@ -3622,7 +3637,7 @@ static int selinux_kernel_act_as(struct cred *new, u32 secid)
*/ */
static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode) static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode)
{ {
struct inode_security_struct *isec = inode->i_security; struct inode_security_struct *isec = inode_security(inode);
struct task_security_struct *tsec = new->security; struct task_security_struct *tsec = new->security;
u32 sid = current_sid(); u32 sid = current_sid();
int ret; int ret;
@ -4063,7 +4078,7 @@ static int selinux_socket_post_create(struct socket *sock, int family,
int type, int protocol, int kern) int type, int protocol, int kern)
{ {
const struct task_security_struct *tsec = current_security(); const struct task_security_struct *tsec = current_security();
struct inode_security_struct *isec = SOCK_INODE(sock)->i_security; struct inode_security_struct *isec = inode_security(SOCK_INODE(sock));
struct sk_security_struct *sksec; struct sk_security_struct *sksec;
int err = 0; int err = 0;
@ -4263,9 +4278,9 @@ static int selinux_socket_accept(struct socket *sock, struct socket *newsock)
if (err) if (err)
return err; return err;
newisec = SOCK_INODE(newsock)->i_security; newisec = inode_security(SOCK_INODE(newsock));
isec = SOCK_INODE(sock)->i_security; isec = inode_security(SOCK_INODE(sock));
newisec->sclass = isec->sclass; newisec->sclass = isec->sclass;
newisec->sid = isec->sid; newisec->sid = isec->sid;
newisec->initialized = 1; newisec->initialized = 1;
@ -4603,7 +4618,7 @@ static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
static void selinux_sock_graft(struct sock *sk, struct socket *parent) static void selinux_sock_graft(struct sock *sk, struct socket *parent)
{ {
struct inode_security_struct *isec = SOCK_INODE(parent)->i_security; struct inode_security_struct *isec = inode_security(SOCK_INODE(parent));
struct sk_security_struct *sksec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 || if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 ||