From: David Howells <dhowells@redhat.com>
To: Trond.Myklebust@netapp.com
Cc: nfsv4@linux-nfs.org, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org, selinux@tycho.nsa.gov,
linux-security-module@vger.kernel.org, dhowells@redhat.com
Subject: [PATCH 10/27] Security: Add a kernel_service object class to SELinux [try #2]
Date: Wed, 23 Jan 2008 17:21:32 +0000 [thread overview]
Message-ID: <20080123172132.11107.27461.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <20080123172038.11107.86025.stgit@warthog.procyon.org.uk>
Add a 'kernel_service' object class to SELinux and give this object class two
access vectors: 'use_as_override' and 'create_files_as'.
The first vector is used to grant a process the right to nominate an alternate
process security ID for the kernel to use as an override for the SELinux
subjective security when accessing stuff on behalf of another process.
For example, CacheFiles when accessing the cache on behalf on a process
accessing an NFS file needs to use a subjective security ID appropriate to the
cache rather then the one the calling process is using. The cachefilesd
daemon will nominate the security ID to be used.
The second vector is used to grant a process the right to nominate a file
creation label for a kernel service to use.
Signed-off-by: David Howells <dhowells@redhat.com>
---
security/selinux/include/av_perm_to_string.h | 2 ++
security/selinux/include/av_permissions.h | 2 ++
security/selinux/include/class_to_string.h | 1 +
security/selinux/include/flask.h | 1 +
4 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/security/selinux/include/av_perm_to_string.h b/security/selinux/include/av_perm_to_string.h
index caa0634..6ba8200 100644
--- a/security/selinux/include/av_perm_to_string.h
+++ b/security/selinux/include/av_perm_to_string.h
@@ -164,3 +164,5 @@
S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NAME_CONNECT, "name_connect")
S_(SECCLASS_MEMPROTECT, MEMPROTECT__MMAP_ZERO, "mmap_zero")
S_(SECCLASS_PEER, PEER__RECV, "recv")
+ S_(SECCLASS_KERNEL_SERVICE, KERNEL_SERVICE__USE_AS_OVERRIDE, "use_as_override")
+ S_(SECCLASS_KERNEL_SERVICE, KERNEL_SERVICE__CREATE_FILES_AS, "create_files_as")
diff --git a/security/selinux/include/av_permissions.h b/security/selinux/include/av_permissions.h
index c2b5bb2..9500ba3 100644
--- a/security/selinux/include/av_permissions.h
+++ b/security/selinux/include/av_permissions.h
@@ -829,3 +829,5 @@
#define DCCP_SOCKET__NAME_CONNECT 0x00800000UL
#define MEMPROTECT__MMAP_ZERO 0x00000001UL
#define PEER__RECV 0x00000001UL
+#define KERNEL_SERVICE__USE_AS_OVERRIDE 0x00000001UL
+#define KERNEL_SERVICE__CREATE_FILES_AS 0x00000002UL
diff --git a/security/selinux/include/class_to_string.h b/security/selinux/include/class_to_string.h
index b1b0d1d..efe9efa 100644
--- a/security/selinux/include/class_to_string.h
+++ b/security/selinux/include/class_to_string.h
@@ -71,3 +71,4 @@
S_(NULL)
S_(NULL)
S_("peer")
+ S_("kernel_service")
diff --git a/security/selinux/include/flask.h b/security/selinux/include/flask.h
index 09e9dd2..2bc251a 100644
--- a/security/selinux/include/flask.h
+++ b/security/selinux/include/flask.h
@@ -51,6 +51,7 @@
#define SECCLASS_DCCP_SOCKET 60
#define SECCLASS_MEMPROTECT 61
#define SECCLASS_PEER 68
+#define SECCLASS_KERNEL_SERVICE 69
/*
* Security identifier indices for initial entities
next prev parent reply other threads:[~2008-01-23 17:21 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-23 17:20 [PATCH 00/27] Permit filesystem local caching [try #2] David Howells
2008-01-23 17:20 ` [PATCH 01/27] KEYS: Increase the payload size when instantiating a key " David Howells
2008-01-23 17:20 ` [PATCH 02/27] KEYS: Check starting keyring as part of search " David Howells
2008-01-23 17:20 ` [PATCH 03/27] KEYS: Allow the callout data to be passed as a blob rather than a string " David Howells
2008-01-23 17:21 ` [PATCH 04/27] KEYS: Add keyctl function to get a security label " David Howells
2008-01-23 17:21 ` [PATCH 05/27] Security: Change current->fs[ug]id to current_fs[ug]id() " David Howells
2008-01-23 17:21 ` [PATCH 06/27] Security: Separate task security context from task_struct " David Howells
2008-01-23 17:21 ` [PATCH 07/27] Security: De-embed task security record from task and use refcounting " David Howells
2008-01-23 17:21 ` [PATCH 08/27] Add a secctx_to_secid() LSM hook to go along with the existing " David Howells
2008-01-23 17:21 ` [PATCH 09/27] Security: Pre-add additional non-caching classes " David Howells
2008-01-23 17:21 ` David Howells [this message]
2008-01-23 17:21 ` [PATCH 11/27] Security: Allow kernel services to override LSM settings for task actions " David Howells
2008-01-23 17:21 ` [PATCH 12/27] Security: Make NFSD work with detached security " David Howells
2008-01-23 17:21 ` [PATCH 13/27] FS-Cache: Release page->private after failed readahead " David Howells
2008-01-23 17:21 ` [PATCH 14/27] FS-Cache: Recruit a couple of page flags for cache management " David Howells
2008-01-23 17:21 ` [PATCH 15/27] FS-Cache: Provide an add_wait_queue_tail() function " David Howells
2008-01-23 17:22 ` [PATCH 16/27] FS-Cache: Generic filesystem caching facility " David Howells
2008-01-23 17:22 ` [PATCH 17/27] CacheFiles: Add missing copy_page export for ia64 " David Howells
2008-01-23 17:22 ` [PATCH 18/27] CacheFiles: Be consistent about the use of mapping vs file->f_mapping in Ext3 " David Howells
2008-01-23 17:22 ` [PATCH 19/27] CacheFiles: Add a hook to write a single page of data to an inode " David Howells
2008-01-23 17:22 ` [PATCH 20/27] CacheFiles: Permit the page lock state to be monitored " David Howells
2008-01-23 17:22 ` [PATCH 21/27] CacheFiles: Export things for CacheFiles " David Howells
2008-01-23 17:22 ` [PATCH 22/27] CacheFiles: A cache that backs onto a mounted filesystem " David Howells
2008-01-23 17:22 ` [PATCH 23/27] NFS: Fix memory leak " David Howells
2008-01-24 21:15 ` Trond Myklebust
2008-01-23 17:22 ` [PATCH 24/27] NFS: Use local caching " David Howells
2008-01-24 21:08 ` Trond Myklebust
2008-01-24 21:22 ` Chuck Lever
2008-01-30 3:25 ` David Howells
2008-01-30 6:46 ` Trond Myklebust
2008-01-30 22:36 ` Chuck Lever
2008-01-31 23:29 ` David Howells
2008-02-07 10:57 ` David Howells
2008-01-23 17:22 ` [PATCH 25/27] NFS: Configuration and mount option changes to enable local caching on NFS " David Howells
2008-01-24 21:14 ` Trond Myklebust
2008-01-23 17:22 ` [PATCH 26/27] NFS: Display local caching state " David Howells
2008-01-23 17:23 ` [PATCH 27/27] NFS: Separate caching by superblock, explicitly if necessary " David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080123172132.11107.27461.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=Trond.Myklebust@netapp.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=nfsv4@linux-nfs.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).