review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Daniel Colascione <dancol@google.com>
	Fri, 8 Jan 2021 22:22:22 +0000 (14:22 -0800)
committer	Paul Moore <paul@paul-moore.com>
	Thu, 14 Jan 2021 22:38:10 +0000 (17:38 -0500)
commit	29cd6591ab6fee3125ea5c1bf350f5013bc615e1
tree	f21fb4dbfb14d257b7eb58a1707da549388b9449	tree \| snapshot
parent	e7e832ce6fa769f800cd7eaebdb0459ad31e0416	commit \| diff

selinux: teach SELinux about anonymous inodes

This change uses the anon_inodes and LSM infrastructure introduced in
the previous patches to give SELinux the ability to control
anonymous-inode files that are created using the new
anon_inode_getfd_secure() function.

A SELinux policy author detects and controls these anonymous inodes by
adding a name-based type_transition rule that assigns a new security
type to anonymous-inode files created in some domain. The name used
for the name-based transition is the name associated with the
anonymous inode for file listings --- e.g., "[userfaultfd]" or
"[perf_event]".

Example:

type uffd_t;
type_transition sysadm_t sysadm_t : anon_inode uffd_t "[userfaultfd]";
allow sysadm_t uffd_t:anon_inode { create };

(The next patch in this series is necessary for making userfaultfd
support this new interface. The example above is just
for exposition.)

Signed-off-by: Daniel Colascione <dancol@google.com>
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

security/selinux/hooks.c		diff \| blob \| history
security/selinux/include/classmap.h		diff \| blob \| history