[GIT PULL] selinux/selinux-pr-20250926

[GIT PULL] selinux/selinux-pr-20250926

[Paul Moore]

Linus,

Here are the SELinux patches for the upcoming Linux v6.18 merge window:

- Support per-file labeling for functionfs

  Both genfscon and user defined labeling methods are supported.  This
  should help users who want to provide separation between the control
  endpoint file, "ep0", and other endpoints.

- Remove our use of get_zeroed_page() in sel_read_bool()

  Update sel_read_bool() to use a four byte stack buffer instead of a
  memory page fetched via get_zeroed_page(), and fix a memory in the
  process.

  Needless to say we should have done this a long time ago, but it was
  in a very old chunk of code that "just worked" and I don't think
  anyone had taken a real look at it in many years.

- Better use of the netdev skb/sock helper functions

  Convert a sk_to_full_sk(skb->sk) into a skb_to_full_sk(skb) call.

- Remove some old, dead, and/or redundant code

Paul

--
The following changes since commit 8f5ae30d69d7543eee0d70083daf4de8fe15d585:

  Linux 6.17-rc1 (2025-08-10 19:41:16 +0300)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
    tags/selinux-pr-20250926

for you to fetch changes up to 68e1e908cb7682db9fb7f79907f9352435a81c0f:

  selinux: enable per-file labeling for functionfs
    (2025-09-07 12:54:56 -0400)

----------------------------------------------------------------
selinux/stable-6.18 PR 20250926
----------------------------------------------------------------

Neill Kapron (1):
      selinux: enable per-file labeling for functionfs

Qianfeng Rong (1):
      selinux: Remove redundant __GFP_NOWARN

Stephen Smalley (1):
      selinux: fix sel_read_bool() allocation and error handling

Tianjia Zhang (1):
      selinux: use a consistent method to get full socket from skb

Yue Haibing (1):
      selinux: Remove unused function selinux_policycap_netif_wildcard()

 security/selinux/avc.c                     |   13 ++++++-------
 security/selinux/hooks.c                   |   10 +++++++---
 security/selinux/include/policycap.h       |    1 +
 security/selinux/include/policycap_names.h |    1 +
 security/selinux/include/security.h        |    4 ++--
 security/selinux/selinuxfs.c               |   18 +++++-------------
 6 files changed, 22 insertions(+), 25 deletions(-)

--
paul-moore.com

Re: [GIT PULL] selinux/selinux-pr-20250926

[Linus Torvalds]

On Fri, 26 Sept 2025 at 20:07, Paul Moore <paul@paul-moore.com> wrote:
>
> - Remove our use of get_zeroed_page() in sel_read_bool()
>
>   Update sel_read_bool() to use a four byte stack buffer instead of a
>   memory page fetched via get_zeroed_page(), and fix a memory in the
>   process.
>
>   Needless to say we should have done this a long time ago, but it was
>   in a very old chunk of code that "just worked" and I don't think
>   anyone had taken a real look at it in many years.

Lol.

... and when I looked at this, I went "scnprintf for a 4-byte buffer?"

It uses

        len = scnprintf(buffer, sizeof(buffer), "%d %d", ..

and I went "printing two numbers and just four bytes" before I noticed
that they are just booleans and so 'len' always is just 3.

It literally could have done

        char buffer[] = { '0' + !a, ' ', '0' + !!b, 0 };

instead, and I guess a compiler could do that transformation in a perfect world.

But this isn't exactly performance-crticial, so nobody cares.

                Linus

Re: [GIT PULL] selinux/selinux-pr-20250926

[Paul Moore]

On Tue, Sep 30, 2025 at 11:48 AM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
> On Fri, 26 Sept 2025 at 20:07, Paul Moore <paul@paul-moore.com> wrote:
> >
> > - Remove our use of get_zeroed_page() in sel_read_bool()
> >
> >   Update sel_read_bool() to use a four byte stack buffer instead of a
> >   memory page fetched via get_zeroed_page(), and fix a memory in the
> >   process.
> >
> >   Needless to say we should have done this a long time ago, but it was
> >   in a very old chunk of code that "just worked" and I don't think
> >   anyone had taken a real look at it in many years.
>
> Lol.
>
> ... and when I looked at this, I went "scnprintf for a 4-byte buffer?"
>
> It uses
>
>         len = scnprintf(buffer, sizeof(buffer), "%d %d", ..
>
> and I went "printing two numbers and just four bytes" before I noticed
> that they are just booleans and so 'len' always is just 3.
>
> It literally could have done
>
>         char buffer[] = { '0' + !a, ' ', '0' + !!b, 0 };
>
> instead, and I guess a compiler could do that transformation in a perfect world.
>
> But this isn't exactly performance-crticial, so nobody cares.

Yeah, exactly.  IMO that scnprintf() is easier to look at than the
build-a-buffer alternative, and if that scnprintf() call ends up in
anyone's performance measurements I'm going to have a lot of questions
about what they are doing with their system.

-- 
paul-moore.com

Re: [GIT PULL] selinux/selinux-pr-20250926

[pr-tracker-bot]

The pull request you sent on Fri, 26 Sep 2025 23:07:34 -0400:

> https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20250926

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/57bc683896c55ff348e1a592175e76f9478035d6

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html