struct xattr;
struct xfrm_sec_ctx;
struct mm_struct;
-struct kdbus_conn;
/* Maximum number of letters for an LSM name string */
#define SECURITY_NAME_MAX 10
* @inode we wish to get the security context of.
* @ctx is a pointer in which to place the allocated security context.
* @ctxlen points to the place to put the length of @ctx.
- *
- * Security hooks for kdbus
- *
- * @kdbus_conn_alloc:
- * Allocate and initialize security related part of kdbus connection.
- * Return 0 on success.
- *
- * @kdbus_conn_free:
- * Deallocate security related part of kdbus connection.
- *
- * @kdbus_talk:
- * Check if peers can talk to each other.
- * Return 0 if permission is granted.
- *
* This is the main security structure.
*/
struct security_operations {
int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen);
int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen);
-#ifdef CONFIG_KDBUS
- int (*kdbus_conn_alloc)(struct kdbus_conn *conn);
- void (*kdbus_conn_free)(struct kdbus_conn *conn);
- int (*kdbus_talk)(const struct kdbus_conn *src,
- const struct kdbus_conn *dst);
-#endif /* CONFIG_KDBUS */
-
#ifdef CONFIG_SECURITY_NETWORK
int (*unix_stream_connect) (struct sock *sock, struct sock *other, struct sock *newsk);
int (*unix_may_send) (struct socket *sock, struct socket *other);
}
#endif /* CONFIG_SECURITY_PATH */
-#ifdef CONFIG_KDBUS
-#ifdef CONFIG_SECURITY
-
-int security_kdbus_conn_alloc(struct kdbus_conn *conn);
-void security_kdbus_conn_free(struct kdbus_conn *conn);
-int security_kdbus_talk(const struct kdbus_conn *src,
- const struct kdbus_conn *dst);
-
-#else /* CONFIG_SECURITY */
-
-static inline int security_kdbus_conn_alloc(struct kdbus_conn *conn)
-{
- return 0;
-}
-
-static inline void security_kdbus_conn_free(struct kdbus_conn *conn)
-{
-}
-
-static inline int security_kdbus_talk(const struct kdbus_conn *src,
- const struct kdbus_conn *dst)
-{
- return 0;
-}
-
-#endif /* CONFIG_SECURITY */
-#endif /* CONFIG_KDBUS */
-
#ifdef CONFIG_KEYS
#ifdef CONFIG_SECURITY
#include <linux/slab.h>
#include <linux/syscalls.h>
#include <linux/uio.h>
-#include <linux/security.h>
#include "bus.h"
#include "connection.h"
#define KDBUS_CONN_ACTIVE_NEW (INT_MIN + 1)
/* Disable internal kdbus policy - possibilities of connections to own, see and
- * talk to names are restricted by libdbuspolicy library and LSM hooks
+ * talk to names are restricted by libdbuspolicy library
*/
#define DISABLE_KDBUS_POLICY
}
}
- ret = security_kdbus_conn_alloc(conn);
- if (ret)
- goto exit_unref;
-
if (atomic_inc_return(&conn->user->connections) > KDBUS_USER_MAX_CONN) {
/* decremented by destructor as conn->user is valid */
ret = -EMFILE;
kdbus_pool_free(conn->pool);
kdbus_ep_unref(conn->ep);
put_cred(conn->cred);
- security_kdbus_conn_free(conn);
kfree(conn->description);
kfree(conn->quota);
kfree(conn);
if (ret < 0)
goto exit;
- ret = security_kdbus_talk(src, dst);
- if (ret)
- goto exit;
-
mutex_lock(&dst->lock);
reply = kdbus_reply_find(src, dst, kmsg->msg.cookie_reply);
if (reply) {
if (ret < 0)
goto exit;
- ret = security_kdbus_talk(src, dst);
- if (ret)
- goto exit;
-
/* Disable internal kdbus policy - possibilities of connections to own,
- * see and talk to well-known names are restricted by LSM hooks
+ * see and talk to well-known names are restricted by libdbuspolicy
if (!kdbus_conn_policy_talk(src, current_cred(), dst)) {
ret = -EPERM;
goto exit;
if (ret < 0)
goto exit;
- ret = security_kdbus_talk(src, dst);
- if (ret)
- goto exit;
-
if (is_signal) {
/* like broadcasts we eavesdrop even if the msg is dropped */
kdbus_bus_eavesdrop(bus, src, kmsg);
if (!kdbus_match_db_match_kmsg(dst->match_db, src, kmsg) ||
!kdbus_conn_policy_talk(dst, NULL, src))
goto exit;
- /* Disable internal kdbus policy - possibilities of connections to own,
- * see and talk to well-known names are restricted by LSM hooks
} else if (!kdbus_conn_policy_talk(src, current_cred(), dst)) {
ret = -EPERM;
goto exit;
- */
} else if (kmsg->msg.flags & KDBUS_MSG_EXPECT_REPLY) {
wait = kdbus_reply_new(dst, src, &kmsg->msg, name, false);
if (IS_ERR(wait)) {
* @names_queue_list: Well-known names this connection waits for
* @privileged: Whether this connection is privileged on the bus
* @faked_meta: Whether the metadata was faked on HELLO
- * @security: LSM security blob
*/
struct kdbus_conn {
struct kref kref;
bool privileged:1;
bool faked_meta:1;
-
-#ifdef CONFIG_SECURITY
- void *security;
-#endif
};
struct kdbus_conn *kdbus_conn_ref(struct kdbus_conn *conn);
down_write(®->rwlock);
- /* Disable internal kdbus policy - possibilities of connections to own,
- * see and talk to well-known names are restricted by LSM hooks
if (!kdbus_conn_policy_own_name(conn, current_cred(), name)) {
ret = -EPERM;
goto exit_unlock;
}
- */
hash = kdbus_strhash(name);
e = kdbus_name_find(reg, hash, name);
#include <linux/slab.h>
#include <linux/syscalls.h>
#include <linux/uio.h>
-#include <linux/security.h>
#include "util.h"
#include "domain.h"
for (i = 0; i < res->fds_count; i++) {
if (install_fds) {
- if (security_file_receive(res->fds[i])) {
- fds[i] = -1;
+ fds[i] = get_unused_fd_flags(O_CLOEXEC);
+ if (fds[i] >= 0)
+ fd_install(fds[i],
+ get_file(res->fds[i]));
+ else
incomplete_fds = true;
- } else {
- fds[i] = get_unused_fd_flags(O_CLOEXEC);
- if (fds[i] >= 0)
- fd_install(fds[i],
- get_file(res->fds[i]));
- else
- incomplete_fds = true;
- }
} else {
fds[i] = -1;
}
m.fd = -1;
if (install_fds) {
- if (security_file_receive(d->memfd.file)) {
+ m.fd = get_unused_fd_flags(O_CLOEXEC);
+ if (m.fd < 0) {
+ m.fd = -1;
incomplete_fds = true;
} else {
- m.fd = get_unused_fd_flags(O_CLOEXEC);
- if (m.fd < 0) {
- m.fd = -1;
- incomplete_fds = true;
- } else {
- fd_install(m.fd,
- get_file(d->memfd.file));
- }
+ fd_install(m.fd,
+ get_file(d->memfd.file));
}
}
return 0;
}
-#ifdef CONFIG_KDBUS
-
-static int cap_kdbus_conn_alloc(struct kdbus_conn *conn)
-{
- return 0;
-}
-
-static void cap_kdbus_conn_free(struct kdbus_conn *conn)
-{
-}
-
-static int cap_kdbus_talk(const struct kdbus_conn *src,
- const struct kdbus_conn *dst)
-{
- return 0;
-}
-
-#endif /* CONFIG_KDBUS */
-
#ifdef CONFIG_SECURITY_NETWORK
static int cap_unix_stream_connect(struct sock *sock, struct sock *other,
struct sock *newsk)
set_to_cap_if_null(ops, inode_notifysecctx);
set_to_cap_if_null(ops, inode_setsecctx);
set_to_cap_if_null(ops, inode_getsecctx);
-#ifdef CONFIG_KDBUS
- set_to_cap_if_null(ops, kdbus_conn_alloc);
- set_to_cap_if_null(ops, kdbus_conn_free);
- set_to_cap_if_null(ops, kdbus_talk);
-#endif /* CONFIG_KDBUS */
#ifdef CONFIG_SECURITY_NETWORK
set_to_cap_if_null(ops, unix_stream_connect);
set_to_cap_if_null(ops, unix_may_send);
{
return security_ops->file_receive(file);
}
-EXPORT_SYMBOL(security_file_receive);
int security_file_open(struct file *file, const struct cred *cred)
{
}
EXPORT_SYMBOL(security_inode_getsecctx);
-#ifdef CONFIG_KDBUS
-
-int security_kdbus_conn_alloc(struct kdbus_conn *conn)
-{
- return security_ops->kdbus_conn_alloc(conn);
-}
-EXPORT_SYMBOL(security_kdbus_conn_alloc);
-
-void security_kdbus_conn_free(struct kdbus_conn *conn)
-{
- security_ops->kdbus_conn_free(conn);
-}
-EXPORT_SYMBOL(security_kdbus_conn_free);
-
-int security_kdbus_talk(const struct kdbus_conn *src,
- const struct kdbus_conn *dst)
-{
- return security_ops->kdbus_talk(src, dst);
-}
-EXPORT_SYMBOL(security_kdbus_talk);
-
-#endif /* CONFIG_KDBUS */
-
#ifdef CONFIG_SECURITY_NETWORK
int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk)
smack-y := smack_lsm.o smack_access.o smackfs.o
smack-$(CONFIG_SECURITY_SMACK_NETFILTER) += smack_netfilter.o
-
-ccflags-y += -Iipc
#include <linux/shm.h>
#include <linux/binfmts.h>
#include <linux/parser.h>
-#include <kdbus/connection.h>
#include "smack.h"
#define TRANS_TRUE "TRUE"
return size;
}
-#ifdef CONFIG_KDBUS
-
-/**
- * smack_kdbus_conn_alloc - Set the security blob for a KDBus connection
- * @conn: the connection
- *
- * Returns 0
- */
-static int smack_kdbus_conn_alloc(struct kdbus_conn *conn)
-{
- conn->security = smk_of_current();
-
- return 0;
-}
-
-/**
- * smack_kdbus_conn_free - Clear the security blob for a KDBus connection
- * @conn: the connection
- *
- * Clears the blob pointer
- */
-static void smack_kdbus_conn_free(struct kdbus_conn *conn)
-{
- conn->security = NULL;
-}
-
-/**
- * smack_kdbus_talk - Smack access on KDBus
- * @src: source kdbus connection
- * @dst: destination kdbus connection
- *
- * Return 0 if a subject with the smack of sock could access
- * an object with the smack of other, otherwise an error code
- */
-static int smack_kdbus_talk(const struct kdbus_conn *src,
- const struct kdbus_conn *dst)
-{
- struct smk_audit_info ad;
- struct smack_known *sskp = src->security;
- struct smack_known *dskp = dst->security;
- int rc;
-
- if (smack_privileged(CAP_MAC_OVERRIDE))
- return 0;
-
- smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NONE);
-
- rc = smk_access(sskp, dskp, MAY_WRITE, &ad);
- rc = smk_bu_note("kdbus talk", sskp, dskp, MAY_WRITE, rc);
- return rc;
-}
-
-#endif /* CONFIG_KDBUS */
-
/**
* smack_unix_stream_connect - Smack access on UDS
* @sock: one sock
.getprocattr = smack_getprocattr,
.setprocattr = smack_setprocattr,
-#ifdef CONFIG_KDBUS
- .kdbus_conn_alloc = smack_kdbus_conn_alloc,
- .kdbus_conn_free = smack_kdbus_conn_free,
- .kdbus_talk = smack_kdbus_talk,
-#endif
-
.unix_stream_connect = smack_unix_stream_connect,
.unix_may_send = smack_unix_may_send,