From: Dennis Gilmore <dennis@ausil.us>
To: sparclinux@vger.kernel.org
Subject: Re: [PATCH] Disable execmem for sparc
Date: Thu, 25 Mar 2010 20:48:50 +0000 [thread overview]
Message-ID: <201003251548.57310.dennis@ausil.us> (raw)
In-Reply-To: <4BAA89B9.2030102@redhat.com>
[-- Attachment #1: Type: Text/Plain, Size: 3349 bytes --]
On Thursday 25 March 2010 03:24:58 pm David Miller wrote:
> From: "Tom \"spot\" Callaway" <tcallawa@redhat.com>
> Date: Wed, 24 Mar 2010 17:52:57 -0400
>
> > Attached is a patch which disables execmem for sparc. Without it,
> > selinux does not work at all on SPARC64.
> >
> > This patch should be reasonably non-controversial, because this is
> > already being done for PPC32.
> >
> > Tested-by: Tom "spot" Callaway <tcallawa@redhat.com> (Ultra 10, T5220)
> >
> > Dennis Gilmore <dgilmore@redhat.com>
> >
> > Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>
>
> What is the reason why it doesn't work, I'm just curious?
>
> Is there some dependency upon executable stacks or executable data
> segments always working? Why can't SELINUX protect be used with
> that correctly?
what happens is that almost all binaries end up with execmem set and selinux
prevents them from running. the system fails to even get close to coming up
in a usable state
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.160:3): avc: denied {
execmem } for pid=208 comm="consoletype"
scontext=system_u:system_r:consoletype_t:s0
tcontext=system_u:system_r:consoletype_t:s0 tclass=process
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.315:4): avc: denied {
execmem } for pid=211 comm="hostname"
scontext=system_u:system_r:hostname_t:s0
tcontext=system_u:system_r:hostname_t:s0 tclass=process
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.520:5): avc: denied {
execmem } for pid=213 comm="mount" scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:mount_t:s0 tclass=process
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.570:6): avc: denied {
execmem } for pid=203 comm="readahead-colle"
scontext=system_u:system_r:readahead_t:s0
tcontext=system_u:system_r:readahead_t:s0 tclass=process
is a small sample of the logs you get not everything fails but almost
everything
>
> And since we're touching selinux code we need to at a minimum
> CC: them so they can have a look at your change.
>
> --------------------
> diff -up linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc
> linux-2.6.32.noarch/security/selinux/hooks.c ---
> linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc 2010-03-10
> 08:28:20.957571926 -0500 +++
> linux-2.6.32.noarch/security/selinux/hooks.c 2010-03-10 08:29:15.732698763
> -0500 @@ -3010,7 +3010,7 @@ static int file_map_prot_check(struct fi
> const struct cred *cred = current_cred();
> int rc = 0;
>
> -#ifndef CONFIG_PPC32
> +#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
> if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
> /*
> * We are making executable an anonymous mapping or a
> @@ -3082,7 +3082,7 @@ static int selinux_file_mprotect(struct
> if (selinux_checkreqprot)
> prot = reqprot;
>
> -#ifndef CONFIG_PPC32
> +#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
> if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
> int rc = 0;
> if (vma->vm_start >= vma->vm_mm->start_brk &&
> --
> To unsubscribe from this list: send the line "unsubscribe sparclinux" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2010-03-25 20:48 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-24 21:52 [PATCH] Disable execmem for sparc Tom "spot" Callaway
2010-03-25 20:24 ` David Miller
2010-03-25 20:48 ` Dennis Gilmore [this message]
2010-03-26 15:33 ` Stephen Smalley
2010-03-26 16:26 ` Dennis Gilmore
2010-04-08 5:03 ` David Miller
2010-04-15 12:43 ` Stephen Smalley
2010-04-15 22:25 ` David Miller
2010-04-16 12:36 ` Stephen Smalley
2010-04-19 4:15 ` David Miller
2010-04-27 15:34 ` Tom "spot" Callaway
2010-04-27 17:05 ` Stephen Smalley
2010-04-27 18:20 ` Tom "spot" Callaway
2010-04-27 18:47 ` David Miller
2010-04-28 19:57 ` Stephen Smalley
2010-04-28 20:02 ` David Miller
2010-04-28 22:59 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201003251548.57310.dennis@ausil.us \
--to=dennis@ausil.us \
--cc=sparclinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.