diff options
Diffstat (limited to 'security/selinux/ss')
| -rw-r--r-- | security/selinux/ss/avtab.c | 66 | ||||
| -rw-r--r-- | security/selinux/ss/avtab.h | 12 | ||||
| -rw-r--r-- | security/selinux/ss/conditional.c | 4 | ||||
| -rw-r--r-- | security/selinux/ss/constraint.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/context.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/ebitmap.c | 2 | ||||
| -rw-r--r-- | security/selinux/ss/ebitmap.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/hashtab.c | 8 | ||||
| -rw-r--r-- | security/selinux/ss/hashtab.h | 8 | ||||
| -rw-r--r-- | security/selinux/ss/mls.c | 12 | ||||
| -rw-r--r-- | security/selinux/ss/mls.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/mls_types.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/policydb.c | 100 | ||||
| -rw-r--r-- | security/selinux/ss/policydb.h | 9 | ||||
| -rw-r--r-- | security/selinux/ss/services.c | 54 | ||||
| -rw-r--r-- | security/selinux/ss/services.h | 4 | ||||
| -rw-r--r-- | security/selinux/ss/sidtab.c | 2 | ||||
| -rw-r--r-- | security/selinux/ss/sidtab.h | 2 | ||||
| -rw-r--r-- | security/selinux/ss/symtab.c | 4 | ||||
| -rw-r--r-- | security/selinux/ss/symtab.h | 4 |
20 files changed, 148 insertions, 153 deletions
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 6766edc0fe68..86d98a8e291b 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -1,7 +1,7 @@ /* * Implementation of the access vector table type. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> @@ -29,7 +29,7 @@ static struct kmem_cache *avtab_xperms_cachep __ro_after_init; /* Based on MurmurHash3, written by Austin Appleby and placed in the * public domain. */ -static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) +static inline u32 avtab_hash(const struct avtab_key *keyp, u32 mask) { static const u32 c1 = 0xcc9e2d51; static const u32 c2 = 0x1b873593; @@ -66,7 +66,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) } static struct avtab_node* -avtab_insert_node(struct avtab *h, int hvalue, +avtab_insert_node(struct avtab *h, u32 hvalue, struct avtab_node *prev, const struct avtab_key *key, const struct avtab_datum *datum) { @@ -106,11 +106,11 @@ avtab_insert_node(struct avtab *h, int hvalue, static int avtab_insert(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur, *newnode; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); - if (!h || !h->nslot) + if (!h || !h->nslot || h->nel == U32_MAX) return -EINVAL; hvalue = avtab_hash(key, h->mask); @@ -152,11 +152,11 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); - if (!h || !h->nslot) + if (!h || !h->nslot || h->nel == U32_MAX) return NULL; hvalue = avtab_hash(key, h->mask); for (prev = NULL, cur = h->htable[hvalue]; @@ -180,45 +180,13 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, return avtab_insert_node(h, hvalue, prev, key, datum); } -struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *key) -{ - int hvalue; - struct avtab_node *cur; - u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); - - if (!h || !h->nslot) - return NULL; - - hvalue = avtab_hash(key, h->mask); - for (cur = h->htable[hvalue]; cur; - cur = cur->next) { - if (key->source_type == cur->key.source_type && - key->target_type == cur->key.target_type && - key->target_class == cur->key.target_class && - (specified & cur->key.specified)) - return &cur->datum; - - if (key->source_type < cur->key.source_type) - break; - if (key->source_type == cur->key.source_type && - key->target_type < cur->key.target_type) - break; - if (key->source_type == cur->key.source_type && - key->target_type == cur->key.target_type && - key->target_class < cur->key.target_class) - break; - } - - return NULL; -} - /* This search function returns a node pointer, and can be used in * conjunction with avtab_search_next_node() */ struct avtab_node *avtab_search_node(struct avtab *h, const struct avtab_key *key) { - int hvalue; + u32 hvalue; struct avtab_node *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -248,7 +216,7 @@ struct avtab_node *avtab_search_node(struct avtab *h, } struct avtab_node* -avtab_search_node_next(struct avtab_node *node, int specified) +avtab_search_node_next(struct avtab_node *node, u16 specified) { struct avtab_node *cur; @@ -278,7 +246,7 @@ avtab_search_node_next(struct avtab_node *node, int specified) void avtab_destroy(struct avtab *h) { - int i; + u32 i; struct avtab_node *cur, *temp; if (!h) @@ -354,9 +322,10 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig) return avtab_alloc_common(new, orig->nslot); } +#ifdef CONFIG_SECURITY_SELINUX_DEBUG void avtab_hash_eval(struct avtab *h, const char *tag) { - int i, chain_len, slots_used, max_chain_len; + u32 i, chain_len, slots_used, max_chain_len; unsigned long long chain2_len_sum; struct avtab_node *cur; @@ -375,7 +344,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag) if (chain_len > max_chain_len) max_chain_len = chain_len; - chain2_len_sum += chain_len * chain_len; + chain2_len_sum += (unsigned long long)chain_len * chain_len; } } @@ -384,6 +353,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag) tag, h->nel, slots_used, h->nslot, max_chain_len, chain2_len_sum); } +#endif /* CONFIG_SECURITY_SELINUX_DEBUG */ static const uint16_t spec_order[] = { AVTAB_ALLOWED, @@ -404,13 +374,13 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, { __le16 buf16[4]; u16 enabled; - u32 items, items2, val, vers = pol->policyvers; + u32 items, items2, val, i; struct avtab_key key; struct avtab_datum datum; struct avtab_extended_perms xperms; __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; - int i, rc; - unsigned set; + int rc; + unsigned int set, vers = pol->policyvers; memset(&key, 0, sizeof(struct avtab_key)); memset(&datum, 0, sizeof(struct avtab_datum)); @@ -646,7 +616,7 @@ int avtab_write_item(struct policydb *p, const struct avtab_node *cur, void *fp) int avtab_write(struct policydb *p, struct avtab *a, void *fp) { - unsigned int i; + u32 i; int rc = 0; struct avtab_node *cur; __le32 buf[1]; diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index d6742fd9c560..3c3904bf02b0 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -6,7 +6,7 @@ * table is used to represent the type enforcement * tables. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> @@ -90,9 +90,15 @@ struct avtab { void avtab_init(struct avtab *h); int avtab_alloc(struct avtab *, u32); int avtab_alloc_dup(struct avtab *new, const struct avtab *orig); -struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *k); void avtab_destroy(struct avtab *h); + +#ifdef CONFIG_SECURITY_SELINUX_DEBUG void avtab_hash_eval(struct avtab *h, const char *tag); +#else +static inline void avtab_hash_eval(struct avtab *h, const char *tag) +{ +} +#endif struct policydb; int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, @@ -111,7 +117,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h, const struct avtab_key *key); -struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified); +struct avtab_node *avtab_search_node_next(struct avtab_node *node, u16 specified); #define MAX_AVTAB_HASH_BITS 16 #define MAX_AVTAB_HASH_BUCKETS (1 << MAX_AVTAB_HASH_BITS) diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index b156c181c3c1..81ff676f209a 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c @@ -272,7 +272,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k, * cond_te_avtab. */ if (k->specified & AVTAB_TYPE) { - if (avtab_search(&p->te_avtab, k)) { + if (avtab_search_node(&p->te_avtab, k)) { pr_err("SELinux: type rule already exists outside of a conditional.\n"); return -EINVAL; } @@ -304,7 +304,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k, } } } else { - if (avtab_search(&p->te_cond_avtab, k)) { + if (avtab_search_node(&p->te_cond_avtab, k)) { pr_err("SELinux: conflicting type rules when adding type rule for true.\n"); return -EINVAL; } diff --git a/security/selinux/ss/constraint.h b/security/selinux/ss/constraint.h index 4e563be9ef5f..f76eb3128ad5 100644 --- a/security/selinux/ss/constraint.h +++ b/security/selinux/ss/constraint.h @@ -11,7 +11,7 @@ * process from labeling an object with a different user * identity. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #ifndef _SS_CONSTRAINT_H_ #define _SS_CONSTRAINT_H_ diff --git a/security/selinux/ss/context.h b/security/selinux/ss/context.h index aed704b8c642..1f59468c0759 100644 --- a/security/selinux/ss/context.h +++ b/security/selinux/ss/context.h @@ -11,7 +11,7 @@ * security server and can be changed without affecting * clients of the security server. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #ifndef _SS_CONTEXT_H_ #define _SS_CONTEXT_H_ diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index d31b87be9a1e..77875ad355f7 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -2,7 +2,7 @@ /* * Implementation of the extensible bitmap type. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* * Updated: Hewlett-Packard <paul@paul-moore.com> diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h index e5b57dc3fc53..e3c807cfad90 100644 --- a/security/selinux/ss/ebitmap.h +++ b/security/selinux/ss/ebitmap.h @@ -10,7 +10,7 @@ * an explicitly specified starting bit position within * the total bitmap. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #ifndef _SS_EBITMAP_H_ #define _SS_EBITMAP_H_ diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 3fb8f9026e9b..ac5cdddfbf78 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c @@ -2,7 +2,7 @@ /* * Implementation of the hash table type. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #include <linux/kernel.h> #include <linux/slab.h> @@ -103,7 +103,7 @@ int hashtab_map(struct hashtab *h, return 0; } - +#ifdef CONFIG_SECURITY_SELINUX_DEBUG void hashtab_stat(struct hashtab *h, struct hashtab_info *info) { u32 i, chain_len, slots_used, max_chain_len; @@ -129,6 +129,7 @@ void hashtab_stat(struct hashtab *h, struct hashtab_info *info) info->slots_used = slots_used; info->max_chain_len = max_chain_len; } +#endif /* CONFIG_SECURITY_SELINUX_DEBUG */ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, int (*copy)(struct hashtab_node *new, @@ -137,7 +138,8 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, void *args) { struct hashtab_node *cur, *tmp, *tail; - int i, rc; + u32 i; + int rc; memset(new, 0, sizeof(*new)); diff --git a/security/selinux/ss/hashtab.h b/security/selinux/ss/hashtab.h index 043a773bf0b7..f9713b56d3d0 100644 --- a/security/selinux/ss/hashtab.h +++ b/security/selinux/ss/hashtab.h @@ -6,7 +6,7 @@ * functions for hash computation and key comparison are * provided by the creator of the table. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #ifndef _SS_HASHTAB_H_ #define _SS_HASHTAB_H_ @@ -142,7 +142,13 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, int (*destroy)(void *k, void *d, void *args), void *args); +#ifdef CONFIG_SECURITY_SELINUX_DEBUG /* Fill info with some hash table statistics */ void hashtab_stat(struct hashtab *h, struct hashtab_info *info); +#else +static inline void hashtab_stat(struct hashtab *h, struct hashtab_info *info) +{ +} +#endif #endif /* _SS_HASHTAB_H */ diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index 99571b19d4a9..cd38f5913b63 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -2,7 +2,7 @@ /* * Implementation of the multi-level security (MLS) policy. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> @@ -45,7 +45,7 @@ int mls_compute_context_len(struct policydb *p, struct context *context) len = 1; /* for the beginning ":" */ for (l = 0; l < 2; l++) { - int index_sens = context->range.level[l].sens; + u32 index_sens = context->range.level[l].sens; len += strlen(sym_name(p, SYM_LEVELS, index_sens - 1)); /* categories */ @@ -240,7 +240,8 @@ int mls_context_to_sid(struct policydb *pol, char *sensitivity, *cur_cat, *next_cat, *rngptr; struct level_datum *levdatum; struct cat_datum *catdatum, *rngdatum; - int l, rc, i; + u32 i; + int l, rc; char *rangep[2]; if (!pol->mls_enabled) { @@ -451,7 +452,8 @@ int mls_convert_context(struct policydb *oldp, struct level_datum *levdatum; struct cat_datum *catdatum; struct ebitmap_node *node; - int l, i; + u32 i; + int l; if (!oldp->mls_enabled || !newp->mls_enabled) return 0; @@ -495,7 +497,7 @@ int mls_compute_sid(struct policydb *p, struct range_trans rtr; struct mls_range *r; struct class_datum *cladatum; - int default_range = 0; + char default_range = 0; if (!p->mls_enabled) return 0; diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h index 15cacde0ff61..107681dd1824 100644 --- a/security/selinux/ss/mls.h +++ b/security/selinux/ss/mls.h @@ -2,7 +2,7 @@ /* * Multi-level security (MLS) policy operations. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> diff --git a/security/selinux/ss/mls_types.h b/security/selinux/ss/mls_types.h index 7d48d5e52233..f492cf148891 100644 --- a/security/selinux/ss/mls_types.h +++ b/security/selinux/ss/mls_types.h @@ -2,7 +2,7 @@ /* * Type definitions for the multi-level security (MLS) policy. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 31b08b34c722..2d528f699a22 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -2,7 +2,7 @@ /* * Implementation of the policy database. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* @@ -41,7 +41,7 @@ #include "mls.h" #include "services.h" -#ifdef DEBUG_HASHES +#ifdef CONFIG_SECURITY_SELINUX_DEBUG static const char *const symtab_name[SYM_NUM] = { "common prefixes", "classes", @@ -55,9 +55,9 @@ static const char *const symtab_name[SYM_NUM] = { #endif struct policydb_compat_info { - int version; - int sym_num; - int ocon_num; + unsigned int version; + unsigned int sym_num; + unsigned int ocon_num; }; /* These need to be updated if SYM_NUM or OCON_NUM changes */ @@ -159,9 +159,9 @@ static const struct policydb_compat_info policydb_compat[] = { }, }; -static const struct policydb_compat_info *policydb_lookup_compat(int version) +static const struct policydb_compat_info *policydb_lookup_compat(unsigned int version) { - int i; + unsigned int i; for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) { if (policydb_compat[i].version == version) @@ -359,7 +359,7 @@ static int role_tr_destroy(void *key, void *datum, void *p) return 0; } -static void ocontext_destroy(struct ocontext *c, int i) +static void ocontext_destroy(struct ocontext *c, unsigned int i) { if (!c) return; @@ -678,7 +678,7 @@ static int (*const index_f[SYM_NUM]) (void *key, void *datum, void *datap) = { cat_index, }; -#ifdef DEBUG_HASHES +#ifdef CONFIG_SECURITY_SELINUX_DEBUG static void hash_eval(struct hashtab *h, const char *hash_name) { struct hashtab_info info; @@ -701,7 +701,10 @@ static void symtab_hash_eval(struct symtab *s) static inline void hash_eval(struct hashtab *h, const char *hash_name) { } -#endif +static inline void symtab_hash_eval(struct symtab *s) +{ +} +#endif /* CONFIG_SECURITY_SELINUX_DEBUG */ /* * Define the other val_to_name and val_to_struct arrays @@ -725,10 +728,8 @@ static int policydb_index(struct policydb *p) pr_debug("SELinux: %d classes, %d rules\n", p->p_classes.nprim, p->te_avtab.nel); -#ifdef DEBUG_HASHES avtab_hash_eval(&p->te_avtab, "rules"); symtab_hash_eval(p->symtab); -#endif p->class_val_to_struct = kcalloc(p->p_classes.nprim, sizeof(*p->class_val_to_struct), @@ -781,7 +782,7 @@ void policydb_destroy(struct policydb *p) { struct ocontext *c, *ctmp; struct genfs *g, *gtmp; - int i; + u32 i; struct role_allow *ra, *lra = NULL; for (i = 0; i < SYM_NUM; i++) { @@ -1127,8 +1128,8 @@ static int common_read(struct policydb *p, struct symtab *s, void *fp) char *key = NULL; struct common_datum *comdatum; __le32 buf[4]; - u32 len, nel; - int i, rc; + u32 i, len, nel; + int rc; comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); if (!comdatum) @@ -1193,13 +1194,13 @@ static int type_set_read(struct type_set *t, void *fp) static int read_cons_helper(struct policydb *p, struct constraint_node **nodep, - int ncons, int allowxtarget, void *fp) + u32 ncons, int allowxtarget, void *fp) { struct constraint_node *c, *lc; struct constraint_expr *e, *le; __le32 buf[3]; - u32 nexpr; - int rc, i, j, depth; + u32 i, j, nexpr; + int rc, depth; lc = NULL; for (i = 0; i < ncons; i++) { @@ -1291,8 +1292,8 @@ static int class_read(struct policydb *p, struct symtab *s, void *fp) char *key = NULL; struct class_datum *cladatum; __le32 buf[6]; - u32 len, len2, ncons, nel; - int i, rc; + u32 i, len, len2, ncons, nel; + int rc; cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); if (!cladatum) @@ -1385,7 +1386,8 @@ static int role_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct role_datum *role; - int rc, to_read = 2; + int rc; + unsigned int to_read = 2; __le32 buf[3]; u32 len; @@ -1441,7 +1443,8 @@ static int type_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct type_datum *typdatum; - int rc, to_read = 3; + int rc; + unsigned int to_read = 3; __le32 buf[4]; u32 len; @@ -1515,7 +1518,8 @@ static int user_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct user_datum *usrdatum; - int rc, to_read = 2; + int rc; + unsigned int to_read = 2; __le32 buf[3]; u32 len; @@ -1569,7 +1573,7 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp) __le32 buf[2]; u32 len; - levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC); + levdatum = kzalloc(sizeof(*levdatum), GFP_KERNEL); if (!levdatum) return -ENOMEM; @@ -1580,12 +1584,12 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp) len = le32_to_cpu(buf[0]); levdatum->isalias = le32_to_cpu(buf[1]); - rc = str_read(&key, GFP_ATOMIC, fp, len); + rc = str_read(&key, GFP_KERNEL, fp, len); if (rc) goto bad; rc = -ENOMEM; - levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_ATOMIC); + levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_KERNEL); if (!levdatum->level) goto bad; @@ -1610,7 +1614,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp) __le32 buf[3]; u32 len; - catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC); + catdatum = kzalloc(sizeof(*catdatum), GFP_KERNEL); if (!catdatum) return -ENOMEM; @@ -1622,7 +1626,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp) catdatum->value = le32_to_cpu(buf[1]); catdatum->isalias = le32_to_cpu(buf[2]); - rc = str_read(&key, GFP_ATOMIC, fp, len); + rc = str_read(&key, GFP_KERNEL, fp, len); if (rc) goto bad; @@ -1656,11 +1660,11 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap) upper = user = datum; while (upper->bounds) { struct ebitmap_node *node; - unsigned long bit; + u32 bit; if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { pr_err("SELinux: user %s: " - "too deep or looped boundary", + "too deep or looped boundary\n", (char *) key); return -EINVAL; } @@ -1692,7 +1696,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap) upper = role = datum; while (upper->bounds) { struct ebitmap_node *node; - unsigned long bit; + u32 bit; if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { pr_err("SELinux: role %s: " @@ -1739,7 +1743,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap) if (upper->attribute) { pr_err("SELinux: type %s: " - "bounded by attribute %s", + "bounded by attribute %s\n", (char *) key, sym_name(p, SYM_TYPES, upper->value - 1)); return -EINVAL; @@ -1807,9 +1811,9 @@ static int range_read(struct policydb *p, void *fp) { struct range_trans *rt = NULL; struct mls_range *r = NULL; - int i, rc; + int rc; __le32 buf[2]; - u32 nel; + u32 i, nel; if (p->policyvers < POLICYDB_VERSION_MLS) return 0; @@ -2005,6 +2009,7 @@ static int filename_trans_read_helper(struct policydb *p, void *fp) if (!datum) goto out; + datum->next = NULL; *dst = datum; /* ebitmap_read() will at least init the bitmap */ @@ -2017,7 +2022,6 @@ static int filename_trans_read_helper(struct policydb *p, void *fp) goto out; datum->otype = le32_to_cpu(buf[0]); - datum->next = NULL; dst = &datum->next; } @@ -2055,9 +2059,9 @@ out: static int filename_trans_read(struct policydb *p, void *fp) { - u32 nel; + u32 nel, i; __le32 buf[1]; - int rc, i; + int rc; if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS) return 0; @@ -2096,8 +2100,8 @@ static int filename_trans_read(struct policydb *p, void *fp) static int genfs_read(struct policydb *p, void *fp) { - int i, j, rc; - u32 nel, nel2, len, len2; + int rc; + u32 i, j, nel, nel2, len, len2; __le32 buf[1]; struct ocontext *l, *c; struct ocontext *newc = NULL; @@ -2210,8 +2214,9 @@ out: static int ocontext_read(struct policydb *p, const struct policydb_compat_info *info, void *fp) { - int i, j, rc; - u32 nel, len; + int rc; + unsigned int i; + u32 j, nel, len; __be64 prefixbuf[1]; __le32 buf[3]; struct ocontext *l, *c; @@ -2402,9 +2407,9 @@ int policydb_read(struct policydb *p, void *fp) struct role_allow *ra, *lra; struct role_trans_key *rtk = NULL; struct role_trans_datum *rtd = NULL; - int i, j, rc; + int rc; __le32 buf[4]; - u32 len, nprim, nel, perm; + u32 i, j, len, nprim, nel, perm; char *policydb_str; const struct policydb_compat_info *info; @@ -3255,7 +3260,8 @@ static int (*const write_f[SYM_NUM]) (void *key, void *datum, void *datap) = { static int ocontext_write(struct policydb *p, const struct policydb_compat_info *info, void *fp) { - unsigned int i, j, rc; + unsigned int i, j; + int rc; size_t nel, len; __be64 prefixbuf[1]; __le32 buf[3]; @@ -3604,10 +3610,10 @@ static int filename_trans_write(struct policydb *p, void *fp) */ int policydb_write(struct policydb *p, void *fp) { - unsigned int i, num_syms; + unsigned int num_syms; int rc; __le32 buf[4]; - u32 config; + u32 config, i; size_t len; const struct policydb_compat_info *info; @@ -3648,7 +3654,7 @@ int policydb_write(struct policydb *p, void *fp) info = policydb_lookup_compat(p->policyvers); if (!info) { pr_err("SELinux: compatibility lookup failed for policy " - "version %d", p->policyvers); + "version %d\n", p->policyvers); return -EINVAL; } diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h index 74b63ed1173f..b97cda489753 100644 --- a/security/selinux/ss/policydb.h +++ b/security/selinux/ss/policydb.h @@ -3,7 +3,7 @@ * A policy database (policydb) specifies the * configuration data for the security policy. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ /* @@ -366,9 +366,12 @@ static inline int next_entry(void *buf, struct policy_file *fp, size_t bytes) return 0; } -static inline int put_entry(const void *buf, size_t bytes, int num, struct policy_file *fp) +static inline int put_entry(const void *buf, size_t bytes, size_t num, struct policy_file *fp) { - size_t len = bytes * num; + size_t len; + + if (unlikely(check_mul_overflow(bytes, num, &len))) + return -EINVAL; if (len > fp->len) return -EINVAL; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 78946b71c1c1..1eeffc66ea7d 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2,7 +2,7 @@ /* * Implementation of the security services. * - * Authors : Stephen Smalley, <sds@tycho.nsa.gov> + * Authors : Stephen Smalley, <stephen.smalley.work@gmail.com> * James Morris <jmorris@redhat.com> * * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> @@ -97,7 +97,6 @@ static int selinux_set_mapping(struct policydb *pol, struct selinux_map *out_map) { u16 i, j; - unsigned k; bool print_unknown_handle = false; /* Find number of classes in the input mapping */ @@ -117,6 +116,7 @@ static int selinux_set_mapping(struct policydb *pol, while (map[j].name) { const struct security_class_mapping *p_in = map + (j++); struct selinux_mapping *p_out = out_map->mapping + j; + u16 k; /* An empty class string skips ahead */ if (!strcmp(p_in->name, "")) { @@ -207,22 +207,22 @@ static void map_decision(struct selinux_map *map, for (i = 0, result = 0; i < n; i++) { if (avd->allowed & mapping->perms[i]) - result |= 1<<i; + result |= (u32)1<<i; if (allow_unknown && !mapping->perms[i]) - result |= 1<<i; + result |= (u32)1<<i; } avd->allowed = result; for (i = 0, result = 0; i < n; i++) if (avd->auditallow & mapping->perms[i]) - result |= 1<<i; + result |= (u32)1<<i; avd->auditallow = result; for (i = 0, result = 0; i < n; i++) { if (avd->auditdeny & mapping->perms[i]) - result |= 1<<i; + result |= (u32)1<<i; if (!allow_unknown && !mapping->perms[i]) - result |= 1<<i; + result |= (u32)1<<i; } /* * In case the kernel has a bug and requests a permission @@ -230,7 +230,7 @@ static void map_decision(struct selinux_map *map, * should audit that denial */ for (; i < (sizeof(u32)*8); i++) - result |= 1<<i; + result |= (u32)1<<i; avd->auditdeny = result; } } @@ -856,7 +856,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) struct sidtab *sidtab; struct sidtab_entry *old_entry, *new_entry; struct type_datum *type; - int index; + u32 index; int rc; if (!selinux_initialized()) @@ -1511,7 +1511,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, return -ENOMEM; if (!selinux_initialized()) { - int i; + u32 i; for (i = 1; i < SECINITSID_NUM; i++) { const char *s = initial_sid_to_string[i]; @@ -1694,7 +1694,7 @@ static void filename_compute_type(struct policydb *policydb, static int security_compute_sid(u32 ssid, u32 tsid, u16 orig_tclass, - u32 specified, + u16 specified, const char *objname, u32 *out_sid, bool kern) @@ -1706,8 +1706,7 @@ static int security_compute_sid(u32 ssid, struct context *scontext, *tcontext, newcontext; struct sidtab_entry *sentry, *tentry; struct avtab_key avkey; - struct avtab_datum *avdatum; - struct avtab_node *node; + struct avtab_node *avnode, *node; u16 tclass; int rc = 0; bool sock; @@ -1815,22 +1814,22 @@ retry: avkey.target_type = tcontext->type; avkey.target_class = tclass; avkey.specified = specified; - avdatum = avtab_search(&policydb->te_avtab, &avkey); + avnode = avtab_search_node(&policydb->te_avtab, &avkey); /* If no permanent rule, also check for enabled conditional rules */ - if (!avdatum) { + if (!avnode) { node = avtab_search_node(&policydb->te_cond_avtab, &avkey); for (; node; node = avtab_search_node_next(node, specified)) { if (node->key.specified & AVTAB_ENABLED) { - avdatum = &node->datum; + avnode = node; break; } } } - if (avdatum) { + if (avnode) { /* Use the type from the type transition/member/change rule. */ - newcontext.type = avdatum->u.data; + newcontext.type = avnode->datum.u.data; } /* if we have a objname this is a file trans check so check those rules */ @@ -2822,7 +2821,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, { struct policydb *policydb = &policy->policydb; struct sidtab *sidtab = policy->sidtab; - int len; u16 sclass; struct genfs *genfs; struct ocontext *c; @@ -2844,7 +2842,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, return -ENOENT; for (c = genfs->head; c; c = c->next) { - len = strlen(c->u.name); + size_t len = strlen(c->u.name); if ((!c->v.sclass || sclass == c->v.sclass) && (strncmp(c->u.name, path, len) == 0)) break; @@ -3332,7 +3330,7 @@ static int get_classes_callback(void *k, void *d, void *args) { struct class_datum *datum = d; char *name = k, **classes = args; - int value = datum->value - 1; + u32 value = datum->value - 1; classes[value] = kstrdup(name, GFP_ATOMIC); if (!classes[value]) @@ -3342,7 +3340,7 @@ static int get_classes_callback(void *k, void *d, void *args) } int security_get_classes(struct selinux_policy *policy, - char ***classes, int *nclasses) + char ***classes, u32 *nclasses) { struct policydb *policydb; int rc; @@ -3358,7 +3356,8 @@ int security_get_classes(struct selinux_policy *policy, rc = hashtab_map(&policydb->p_classes.table, get_classes_callback, *classes); if (rc) { - int i; + u32 i; + for (i = 0; i < *nclasses; i++) kfree((*classes)[i]); kfree(*classes); @@ -3372,7 +3371,7 @@ static int get_permissions_callback(void *k, void *d, void *args) { struct perm_datum *datum = d; char *name = k, **perms = args; - int value = datum->value - 1; + u32 value = datum->value - 1; perms[value] = kstrdup(name, GFP_ATOMIC); if (!perms[value]) @@ -3382,10 +3381,11 @@ static int get_permissions_callback(void *k, void *d, void *args) } int security_get_permissions(struct selinux_policy *policy, - char *class, char ***perms, int *nperms) + const char *class, char ***perms, u32 *nperms) { struct policydb *policydb; - int rc, i; + u32 i; + int rc; struct class_datum *match; policydb = &policy->policydb; @@ -3600,7 +3600,7 @@ err: /* Check to see if the rule contains any selinux fields */ int selinux_audit_rule_known(struct audit_krule *rule) { - int i; + u32 i; for (i = 0; i < rule->field_count; i++) { struct audit_field *f = &rule->fields[i]; diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h index 8a9b85f44b66..d24b0a3d198e 100644 --- a/security/selinux/ss/services.h +++ b/security/selinux/ss/services.h @@ -2,7 +2,7 @@ /* * Implementation of the security services. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #ifndef _SS_SERVICES_H_ #define _SS_SERVICES_H_ @@ -12,7 +12,7 @@ /* Mapping for a single class */ struct selinux_mapping { u16 value; /* policy value for class */ - unsigned int num_perms; /* number of permissions in class */ + u16 num_perms; /* number of permissions in class */ u32 perms[sizeof(u32) * 8]; /* policy values for permissions */ }; diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index 38d25173aebd..d8ead463b8df 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -2,7 +2,7 @@ /* * Implementation of the SID table type. * - * Original author: Stephen Smalley, <sds@tycho.nsa.gov> + * Original author: Stephen Smalley, <stephen.smalley.work@gmail.com> * Author: Ondrej Mosnacek, <omosnacek@gmail.com> * * Copyright (C) 2018 Red Hat, Inc. diff --git a/security/selinux/ss/sidtab.h b/security/selinux/ss/sidtab.h index 72810a080e77..22258201cd14 100644 --- a/security/selinux/ss/sidtab.h +++ b/security/selinux/ss/sidtab.h @@ -3,7 +3,7 @@ * A security identifier table (sidtab) is a lookup table * of security context structures indexed by SID value. * - * Original author: Stephen Smalley, <sds@tycho.nsa.gov> + * Original author: Stephen Smalley, <stephen.smalley.work@gmail.com> * Author: Ondrej Mosnacek, <omosnacek@gmail.com> * * Copyright (C) 2018 Red Hat, Inc. diff --git a/security/selinux/ss/symtab.c b/security/selinux/ss/symtab.c index c42a6648a07d..43d7f0319ccd 100644 --- a/security/selinux/ss/symtab.c +++ b/security/selinux/ss/symtab.c @@ -2,7 +2,7 @@ /* * Implementation of the symbol table type. * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #include <linux/kernel.h> #include <linux/string.h> @@ -37,7 +37,7 @@ static const struct hashtab_key_params symtab_key_params = { .cmp = symcmp, }; -int symtab_init(struct symtab *s, unsigned int size) +int symtab_init(struct symtab *s, u32 size) { s->nprim = 0; return hashtab_init(&s->table, size); diff --git a/security/selinux/ss/symtab.h b/security/selinux/ss/symtab.h index f2614138d0cd..0a3b5de79a0f 100644 --- a/security/selinux/ss/symtab.h +++ b/security/selinux/ss/symtab.h @@ -5,7 +5,7 @@ * is arbitrary. The symbol table type is implemented * using the hash table type (hashtab). * - * Author : Stephen Smalley, <sds@tycho.nsa.gov> + * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> */ #ifndef _SS_SYMTAB_H_ #define _SS_SYMTAB_H_ @@ -17,7 +17,7 @@ struct symtab { u32 nprim; /* number of primary names in table */ }; -int symtab_init(struct symtab *s, unsigned int size); +int symtab_init(struct symtab *s, u32 size); int symtab_insert(struct symtab *s, char *name, void *datum); void *symtab_search(struct symtab *s, const char *name); |