From: Casey Schaufler <casey@schaufler-ca.com>
To: Eric Paris <eparis@redhat.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
selinux@tycho.nsa.gov, jmorris@namei.org,
Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH 4/4] SELinux: allow userspace to read policy back out of the kernel
Date: Mon, 14 Jun 2010 21:42:05 -0700 [thread overview]
Message-ID: <4C17049D.6090106@schaufler-ca.com> (raw)
In-Reply-To: <1276528366.2749.3.camel@localhost>
Eric Paris wrote:
> On Mon, 2010-06-14 at 10:48 -0400, Stephen Smalley wrote:
>
>> On Fri, 2010-06-11 at 12:37 -0400, Eric Paris wrote:
>>
>>> There is interest in being able to see what the actual policy is that was
>>> loaded into the kernel. The patch creates a new selinuxfs file
>>> /selinux/policy which can be read by userspace. The actual policy that is
>>> loaded into the kernel will be written back out to userspace.
>>>
>> Why a new node vs a read op for /selinux/load?
>>
>
> No reason why I couldn't. Just 'load' seemed to imply a connotation
> which wasn't appropriate. If you prefer I'll switch it when I do
> another version.
>
If it makes any difference Smack /smack/load does read as well as write.
You have the opportunity to make 2 or 3 users less confused if you do
things consistently. After all, Smack uses load because SELinux does,
the name is actually arbitrary, and why do something differently when
it doesn't really matter?
> -Eric
>
>>> Signed-off-by: Eric Paris <eparis@redhat.com>
>>> ---
>>>
>>>
>>> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
>>> index 1de60ce..2e022db 100644
>>> --- a/security/selinux/ss/services.c
>>> +++ b/security/selinux/ss/services.c
>>> @@ -3126,3 +3125,27 @@ netlbl_sid_to_secattr_failure:
>>> return rc;
>>> }
>>> #endif /* CONFIG_NETLABEL */
>>> +
>>> +/**
>>> + * security_read_policy - read the policy.
>>> + * @data: binary policy data
>>> + * @len: length of data in bytes
>>> + *
>>> + */
>>> +int security_read_policy(void *data, ssize_t *len)
>>> +{
>>> + int rc = 0;
>>> + struct policy_file file = { data, *len }, *fp = &file;
>>> +
>>> + if (!ss_initialized)
>>> + return -EINVAL;
>>> +
>>> + read_lock_irq(&policy_rwlock);
>>> + rc = policydb_write(&policydb, fp);
>>> + read_unlock_irq(&policy_rwlock);
>>> +
>>> + *len = (unsigned long)fp->data - (unsigned long)data;
>>> +
>>> + return rc;
>>> +
>>> +}
>>>
>> Why _irq?
>>
>
> Stolen from security_load_policy() and shouldn't have been. Will fix.
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2010-06-15 4:42 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-11 16:37 [PATCH 1/4] SELinux: seperate range transition rules to a seperate function Eric Paris
2010-06-11 16:37 ` [PATCH 2/4] SELinux: move genfs read to a separate function Eric Paris
2010-06-16 14:18 ` Stephen Smalley
2010-06-16 14:24 ` Stephen Smalley
2010-06-11 16:37 ` [PATCH 3/4] SELinux: break ocontext reading into " Eric Paris
2010-06-16 14:39 ` Stephen Smalley
2010-06-11 16:37 ` [PATCH 4/4] SELinux: allow userspace to read policy back out of the kernel Eric Paris
2010-06-14 14:48 ` Stephen Smalley
2010-06-14 15:12 ` Eric Paris
2010-06-15 4:42 ` Casey Schaufler [this message]
2010-06-15 14:33 ` Eric Paris
2010-06-16 14:53 ` Stephen Smalley
2010-06-16 15:26 ` Eric Paris
2010-06-16 16:41 ` Stephen Smalley
2010-06-16 16:58 ` Eric Paris
2010-06-17 7:26 ` KaiGai Kohei
2010-06-17 14:51 ` Eric Paris
2010-06-14 14:57 ` Stephen Smalley
2010-06-14 14:59 ` Stephen Smalley
2010-06-14 15:24 ` Eric Paris
2010-06-14 16:14 ` Stephen Smalley
2010-06-14 17:55 ` Eric Paris
2010-06-14 18:04 ` Stephen Smalley
2010-06-18 12:01 ` Christopher J. PeBenito
2010-06-16 13:02 ` [PATCH 1/4] SELinux: seperate range transition rules to a seperate function Stephen Smalley
2010-06-17 5:02 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C17049D.6090106@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=eparis@redhat.com \
--cc=jmorris@namei.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.