From: Paul Moore <paul.moore@hp.com>
To: linux-security-module@vger.kernel.org, netdev@vger.kernel.org,
selinux@tycho.nsa.gov
Subject: [RFC PATCH 1/2] NetLabel: Allow passing the LSM domain as a shared pointer
Date: Mon, 07 Apr 2008 19:16:30 -0400 [thread overview]
Message-ID: <20080407231629.8087.43341.stgit@flek.lan> (raw)
In-Reply-To: <20080407231143.8087.77531.stgit@flek.lan>
Smack doesn't have the need to create a private copy of the LSM "domain" when
setting NetLabel security attributes like SELinux, however, the current
NetLabel code requires a private copy of the LSM "domain". This patches fixes
that by letting the LSM determine how it wants to pass the domain value.
* NETLBL_SECATTR_DOMAIN_CPY
The current behavior, NetLabel assumes that the domain value is a copy and
frees it when done
* NETLBL_SECATTR_DOMAIN
New, Smack-friendly behavior, NetLabel assumes that the domain value is a
reference to a string managed by the LSM and does not free it when done
Signed-off-by: Paul Moore <paul.moore@hp.com>
---
include/net/netlabel.h | 14 ++++++++++----
security/selinux/ss/services.c | 2 +-
security/smack/smack_lsm.c | 2 +-
3 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 0ca67d7..5e53a85 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -162,7 +162,7 @@ struct netlbl_lsm_secattr_catmap {
/**
* struct netlbl_lsm_secattr - NetLabel LSM security attributes
- * @flags: indicate which attributes are contained in this structure
+ * @flags: indicate structure attributes, see NETLBL_SECATTR_*
* @type: indicate the NLTYPE of the attributes
* @domain: the NetLabel LSM domain
* @cache: NetLabel LSM specific cache
@@ -180,17 +180,22 @@ struct netlbl_lsm_secattr_catmap {
* NetLabel itself when returning security attributes to the LSM.
*
*/
+struct netlbl_lsm_secattr {
+ u32 flags;
+ /* bitmap values for 'flags' */
#define NETLBL_SECATTR_NONE 0x00000000
#define NETLBL_SECATTR_DOMAIN 0x00000001
+#define NETLBL_SECATTR_DOMAIN_CPY (NETLBL_SECATTR_DOMAIN | \
+ NETLBL_SECATTR_FREE_DOMAIN)
#define NETLBL_SECATTR_CACHE 0x00000002
#define NETLBL_SECATTR_MLS_LVL 0x00000004
#define NETLBL_SECATTR_MLS_CAT 0x00000008
#define NETLBL_SECATTR_SECID 0x00000010
+ /* bitmap meta-values for 'flags' */
+#define NETLBL_SECATTR_FREE_DOMAIN 0x01000000
#define NETLBL_SECATTR_CACHEABLE (NETLBL_SECATTR_MLS_LVL | \
NETLBL_SECATTR_MLS_CAT | \
NETLBL_SECATTR_SECID)
-struct netlbl_lsm_secattr {
- u32 flags;
u32 type;
char *domain;
struct netlbl_lsm_cache *cache;
@@ -303,7 +308,8 @@ static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr)
*/
static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr)
{
- kfree(secattr->domain);
+ if (secattr->flags & NETLBL_SECATTR_FREE_DOMAIN)
+ kfree(secattr->domain);
if (secattr->flags & NETLBL_SECATTR_CACHE)
netlbl_secattr_cache_free(secattr->cache);
if (secattr->flags & NETLBL_SECATTR_MLS_CAT)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index f374186..47295ac 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2649,7 +2649,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)
goto netlbl_sid_to_secattr_failure;
secattr->domain = kstrdup(policydb.p_type_val_to_name[ctx->type - 1],
GFP_ATOMIC);
- secattr->flags |= NETLBL_SECATTR_DOMAIN;
+ secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY;
mls_export_netlbl_lvl(ctx, secattr);
rc = mls_export_netlbl_cat(ctx, secattr);
if (rc != 0)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 732ba27..e2d6f7c 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1275,7 +1275,7 @@ static void smack_to_secattr(char *smack, struct netlbl_lsm_secattr *nlsp)
switch (smack_net_nltype) {
case NETLBL_NLTYPE_CIPSOV4:
- nlsp->domain = kstrdup(smack, GFP_ATOMIC);
+ nlsp->domain = smack;
nlsp->flags = NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
rc = smack_to_cipso(smack, &cipso);
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
WARNING: multiple messages have this Message-ID (diff)
From: Paul Moore <paul.moore@hp.com>
To: linux-security-module@vger.kernel.org, netdev@vger.kernel.org,
selinux@tycho.nsa.gov
Subject: [RFC PATCH 1/2] NetLabel: Allow passing the LSM domain as a shared pointer
Date: Mon, 07 Apr 2008 19:16:30 -0400 [thread overview]
Message-ID: <20080407231629.8087.43341.stgit@flek.lan> (raw)
In-Reply-To: <20080407231143.8087.77531.stgit@flek.lan>
Smack doesn't have the need to create a private copy of the LSM "domain" when
setting NetLabel security attributes like SELinux, however, the current
NetLabel code requires a private copy of the LSM "domain". This patches fixes
that by letting the LSM determine how it wants to pass the domain value.
* NETLBL_SECATTR_DOMAIN_CPY
The current behavior, NetLabel assumes that the domain value is a copy and
frees it when done
* NETLBL_SECATTR_DOMAIN
New, Smack-friendly behavior, NetLabel assumes that the domain value is a
reference to a string managed by the LSM and does not free it when done
Signed-off-by: Paul Moore <paul.moore@hp.com>
---
include/net/netlabel.h | 14 ++++++++++----
security/selinux/ss/services.c | 2 +-
security/smack/smack_lsm.c | 2 +-
3 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 0ca67d7..5e53a85 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -162,7 +162,7 @@ struct netlbl_lsm_secattr_catmap {
/**
* struct netlbl_lsm_secattr - NetLabel LSM security attributes
- * @flags: indicate which attributes are contained in this structure
+ * @flags: indicate structure attributes, see NETLBL_SECATTR_*
* @type: indicate the NLTYPE of the attributes
* @domain: the NetLabel LSM domain
* @cache: NetLabel LSM specific cache
@@ -180,17 +180,22 @@ struct netlbl_lsm_secattr_catmap {
* NetLabel itself when returning security attributes to the LSM.
*
*/
+struct netlbl_lsm_secattr {
+ u32 flags;
+ /* bitmap values for 'flags' */
#define NETLBL_SECATTR_NONE 0x00000000
#define NETLBL_SECATTR_DOMAIN 0x00000001
+#define NETLBL_SECATTR_DOMAIN_CPY (NETLBL_SECATTR_DOMAIN | \
+ NETLBL_SECATTR_FREE_DOMAIN)
#define NETLBL_SECATTR_CACHE 0x00000002
#define NETLBL_SECATTR_MLS_LVL 0x00000004
#define NETLBL_SECATTR_MLS_CAT 0x00000008
#define NETLBL_SECATTR_SECID 0x00000010
+ /* bitmap meta-values for 'flags' */
+#define NETLBL_SECATTR_FREE_DOMAIN 0x01000000
#define NETLBL_SECATTR_CACHEABLE (NETLBL_SECATTR_MLS_LVL | \
NETLBL_SECATTR_MLS_CAT | \
NETLBL_SECATTR_SECID)
-struct netlbl_lsm_secattr {
- u32 flags;
u32 type;
char *domain;
struct netlbl_lsm_cache *cache;
@@ -303,7 +308,8 @@ static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr)
*/
static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr)
{
- kfree(secattr->domain);
+ if (secattr->flags & NETLBL_SECATTR_FREE_DOMAIN)
+ kfree(secattr->domain);
if (secattr->flags & NETLBL_SECATTR_CACHE)
netlbl_secattr_cache_free(secattr->cache);
if (secattr->flags & NETLBL_SECATTR_MLS_CAT)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index f374186..47295ac 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2649,7 +2649,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)
goto netlbl_sid_to_secattr_failure;
secattr->domain = kstrdup(policydb.p_type_val_to_name[ctx->type - 1],
GFP_ATOMIC);
- secattr->flags |= NETLBL_SECATTR_DOMAIN;
+ secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY;
mls_export_netlbl_lvl(ctx, secattr);
rc = mls_export_netlbl_cat(ctx, secattr);
if (rc != 0)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 732ba27..e2d6f7c 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1275,7 +1275,7 @@ static void smack_to_secattr(char *smack, struct netlbl_lsm_secattr *nlsp)
switch (smack_net_nltype) {
case NETLBL_NLTYPE_CIPSOV4:
- nlsp->domain = kstrdup(smack, GFP_ATOMIC);
+ nlsp->domain = smack;
nlsp->flags = NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
rc = smack_to_cipso(smack, &cipso);
next prev parent reply other threads:[~2008-04-07 23:17 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-07 23:16 [RFC PATCH 0/2] Labeled networking tweaks for 2.6.26 Paul Moore
2008-04-07 23:16 ` Paul Moore
2008-04-07 23:16 ` Paul Moore [this message]
2008-04-07 23:16 ` [RFC PATCH 1/2] NetLabel: Allow passing the LSM domain as a shared pointer Paul Moore
2008-04-10 2:08 ` Casey Schaufler
2008-04-10 2:08 ` Casey Schaufler
2008-04-07 23:16 ` [RFC PATCH 2/2] LSM: Make the Labeled IPsec hooks more stack friendly Paul Moore
2008-04-07 23:16 ` Paul Moore
2008-04-08 10:24 ` jamal
2008-04-08 21:01 ` Paul Moore
2008-04-08 21:01 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080407231629.8087.43341.stgit@flek.lan \
--to=paul.moore@hp.com \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.