summaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.c24
-rw-r--r--kernel/audit.h25
-rw-r--r--kernel/auditfilter.c99
-rw-r--r--kernel/auditsc.c74
4 files changed, 85 insertions, 137 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index b782b046543..a7b16086d36 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -21,7 +21,7 @@
*
* Written by Rickard E. (Rik) Faith <faith@redhat.com>
*
- * Goals: 1) Integrate fully with SELinux.
+ * Goals: 1) Integrate fully with Security Modules.
* 2) Minimal run-time overhead:
* a) Minimal when syscall auditing is disabled (audit_enable=0).
* b) Small when syscall auditing is enabled and no audit record
@@ -55,7 +55,6 @@
#include <net/netlink.h>
#include <linux/skbuff.h>
#include <linux/netlink.h>
-#include <linux/selinux.h>
#include <linux/inotify.h>
#include <linux/freezer.h>
#include <linux/tty.h>
@@ -265,13 +264,13 @@ static int audit_log_config_change(char *function_name, int new, int old,
char *ctx = NULL;
u32 len;
- rc = selinux_sid_to_string(sid, &ctx, &len);
+ rc = security_secid_to_secctx(sid, &ctx, &len);
if (rc) {
audit_log_format(ab, " sid=%u", sid);
allow_changes = 0; /* Something weird, deny request */
} else {
audit_log_format(ab, " subj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
}
}
audit_log_format(ab, " res=%d", allow_changes);
@@ -550,12 +549,13 @@ static int audit_log_common_recv_msg(struct audit_buffer **ab, u16 msg_type,
audit_log_format(*ab, "user pid=%d uid=%u auid=%u",
pid, uid, auid);
if (sid) {
- rc = selinux_sid_to_string(sid, &ctx, &len);
+ rc = security_secid_to_secctx(sid, &ctx, &len);
if (rc)
audit_log_format(*ab, " ssid=%u", sid);
- else
+ else {
audit_log_format(*ab, " subj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
+ }
}
return rc;
@@ -758,18 +758,18 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
break;
}
case AUDIT_SIGNAL_INFO:
- err = selinux_sid_to_string(audit_sig_sid, &ctx, &len);
+ err = security_secid_to_secctx(audit_sig_sid, &ctx, &len);
if (err)
return err;
sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
if (!sig_data) {
- kfree(ctx);
+ security_release_secctx(ctx, len);
return -ENOMEM;
}
sig_data->uid = audit_sig_uid;
sig_data->pid = audit_sig_pid;
memcpy(sig_data->ctx, ctx, len);
- kfree(ctx);
+ security_release_secctx(ctx, len);
audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
0, 0, sig_data, sizeof(*sig_data) + len);
kfree(sig_data);
@@ -881,10 +881,6 @@ static int __init audit_init(void)
audit_enabled = audit_default;
audit_ever_enabled |= !!audit_default;
- /* Register the callback with selinux. This callback will be invoked
- * when a new policy is loaded. */
- selinux_audit_set_callback(&selinux_audit_rule_update);
-
audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized");
#ifdef CONFIG_AUDITSYSCALL
diff --git a/kernel/audit.h b/kernel/audit.h
index 2554bd524fd..3cfc54ee3e1 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -65,34 +65,9 @@ struct audit_watch {
struct list_head rules; /* associated rules */
};
-struct audit_field {
- u32 type;
- u32 val;
- u32 op;
- char *se_str;
- struct selinux_audit_rule *se_rule;
-};
-
struct audit_tree;
struct audit_chunk;
-struct audit_krule {
- int vers_ops;
- u32 flags;
- u32 listnr;
- u32 action;
- u32 mask[AUDIT_BITMASK_SIZE];
- u32 buflen; /* for data alloc on list rules */
- u32 field_count;
- char *filterkey; /* ties events to rules */
- struct audit_field *fields;
- struct audit_field *arch_f; /* quick access to arch field */
- struct audit_field *inode_f; /* quick access to an inode field */
- struct audit_watch *watch; /* associated watch */
- struct audit_tree *tree; /* associated watched tree */
- struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
-};
-
struct audit_entry {
struct list_head list;
struct rcu_head rcu;
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 2f2914b7cc3..28fef6bf853 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -28,7 +28,7 @@
#include <linux/netlink.h>
#include <linux/sched.h>
#include <linux/inotify.h>
-#include <linux/selinux.h>
+#include <linux/security.h>
#include "audit.h"
/*
@@ -38,7 +38,7 @@
* Synchronizes writes and blocking reads of audit's filterlist
* data. Rcu is used to traverse the filterlist and access
* contents of structs audit_entry, audit_watch and opaque
- * selinux rules during filtering. If modified, these structures
+ * LSM rules during filtering. If modified, these structures
* must be copied and replace their counterparts in the filterlist.
* An audit_parent struct is not accessed during filtering, so may
* be written directly provided audit_filter_mutex is held.
@@ -139,8 +139,8 @@ static inline void audit_free_rule(struct audit_entry *e)
if (e->rule.fields)
for (i = 0; i < e->rule.field_count; i++) {
struct audit_field *f = &e->rule.fields[i];
- kfree(f->se_str);
- selinux_audit_rule_free(f->se_rule);
+ kfree(f->lsm_str);
+ security_audit_rule_free(f->lsm_rule);
}
kfree(e->rule.fields);
kfree(e->rule.filterkey);
@@ -554,8 +554,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
f->op = data->fieldflags[i] & AUDIT_OPERATORS;
f->type = data->fields[i];
f->val = data->values[i];
- f->se_str = NULL;
- f->se_rule = NULL;
+ f->lsm_str = NULL;
+ f->lsm_rule = NULL;
switch(f->type) {
case AUDIT_PID:
case AUDIT_UID:
@@ -597,12 +597,12 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
goto exit_free;
entry->rule.buflen += f->val;
- err = selinux_audit_rule_init(f->type, f->op, str,
- &f->se_rule);
+ err = security_audit_rule_init(f->type, f->op, str,
+ (void **)&f->lsm_rule);
/* Keep currently invalid fields around in case they
* become valid after a policy reload. */
if (err == -EINVAL) {
- printk(KERN_WARNING "audit rule for selinux "
+ printk(KERN_WARNING "audit rule for LSM "
"\'%s\' is invalid\n", str);
err = 0;
}
@@ -610,7 +610,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
kfree(str);
goto exit_free;
} else
- f->se_str = str;
+ f->lsm_str = str;
break;
case AUDIT_WATCH:
str = audit_unpack_string(&bufp, &remain, f->val);
@@ -754,7 +754,7 @@ static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule)
case AUDIT_OBJ_LEV_LOW:
case AUDIT_OBJ_LEV_HIGH:
data->buflen += data->values[i] =
- audit_pack_string(&bufp, f->se_str);
+ audit_pack_string(&bufp, f->lsm_str);
break;
case AUDIT_WATCH:
data->buflen += data->values[i] =
@@ -806,7 +806,7 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
case AUDIT_OBJ_TYPE:
case AUDIT_OBJ_LEV_LOW:
case AUDIT_OBJ_LEV_HIGH:
- if (strcmp(a->fields[i].se_str, b->fields[i].se_str))
+ if (strcmp(a->fields[i].lsm_str, b->fields[i].lsm_str))
return 1;
break;
case AUDIT_WATCH:
@@ -862,28 +862,28 @@ out:
return new;
}
-/* Duplicate selinux field information. The se_rule is opaque, so must be
+/* Duplicate LSM field information. The lsm_rule is opaque, so must be
* re-initialized. */
-static inline int audit_dupe_selinux_field(struct audit_field *df,
+static inline int audit_dupe_lsm_field(struct audit_field *df,
struct audit_field *sf)
{
int ret = 0;
- char *se_str;
+ char *lsm_str;
- /* our own copy of se_str */
- se_str = kstrdup(sf->se_str, GFP_KERNEL);
- if (unlikely(!se_str))
+ /* our own copy of lsm_str */
+ lsm_str = kstrdup(sf->lsm_str, GFP_KERNEL);
+ if (unlikely(!lsm_str))
return -ENOMEM;
- df->se_str = se_str;
+ df->lsm_str = lsm_str;
- /* our own (refreshed) copy of se_rule */
- ret = selinux_audit_rule_init(df->type, df->op, df->se_str,
- &df->se_rule);
+ /* our own (refreshed) copy of lsm_rule */
+ ret = security_audit_rule_init(df->type, df->op, df->lsm_str,
+ (void **)&df->lsm_rule);
/* Keep currently invalid fields around in case they
* become valid after a policy reload. */
if (ret == -EINVAL) {
- printk(KERN_WARNING "audit rule for selinux \'%s\' is "
- "invalid\n", df->se_str);
+ printk(KERN_WARNING "audit rule for LSM \'%s\' is "
+ "invalid\n", df->lsm_str);
ret = 0;
}
@@ -891,7 +891,7 @@ static inline int audit_dupe_selinux_field(struct audit_field *df,
}
/* Duplicate an audit rule. This will be a deep copy with the exception
- * of the watch - that pointer is carried over. The selinux specific fields
+ * of the watch - that pointer is carried over. The LSM specific fields
* will be updated in the copy. The point is to be able to replace the old
* rule with the new rule in the filterlist, then free the old rule.
* The rlist element is undefined; list manipulations are handled apart from
@@ -930,7 +930,7 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old,
new->tree = old->tree;
memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount);
- /* deep copy this information, updating the se_rule fields, because
+ /* deep copy this information, updating the lsm_rule fields, because
* the originals will all be freed when the old rule is freed. */
for (i = 0; i < fcount; i++) {
switch (new->fields[i].type) {
@@ -944,7 +944,7 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old,
case AUDIT_OBJ_TYPE:
case AUDIT_OBJ_LEV_LOW:
case AUDIT_OBJ_LEV_HIGH:
- err = audit_dupe_selinux_field(&new->fields[i],
+ err = audit_dupe_lsm_field(&new->fields[i],
&old->fields[i]);
break;
case AUDIT_FILTERKEY:
@@ -1515,11 +1515,12 @@ static void audit_log_rule_change(uid_t loginuid, u32 sid, char *action,
if (sid) {
char *ctx = NULL;
u32 len;
- if (selinux_sid_to_string(sid, &ctx, &len))
+ if (security_secid_to_secctx(sid, &ctx, &len))
audit_log_format(ab, " ssid=%u", sid);
- else
+ else {
audit_log_format(ab, " subj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
+ }
}
audit_log_format(ab, " op=%s rule key=", action);
if (rule->filterkey)
@@ -1761,38 +1762,12 @@ unlock_and_return:
return result;
}
-/* Check to see if the rule contains any selinux fields. Returns 1 if there
- are selinux fields specified in the rule, 0 otherwise. */
-static inline int audit_rule_has_selinux(struct audit_krule *rule)
-{
- int i;
-
- for (i = 0; i < rule->field_count; i++) {
- struct audit_field *f = &rule->fields[i];
- switch (f->type) {
- case AUDIT_SUBJ_USER:
- case AUDIT_SUBJ_ROLE:
- case AUDIT_SUBJ_TYPE:
- case AUDIT_SUBJ_SEN:
- case AUDIT_SUBJ_CLR:
- case AUDIT_OBJ_USER:
- case AUDIT_OBJ_ROLE:
- case AUDIT_OBJ_TYPE:
- case AUDIT_OBJ_LEV_LOW:
- case AUDIT_OBJ_LEV_HIGH:
- return 1;
- }
- }
-
- return 0;
-}
-
-/* This function will re-initialize the se_rule field of all applicable rules.
- * It will traverse the filter lists serarching for rules that contain selinux
+/* This function will re-initialize the lsm_rule field of all applicable rules.
+ * It will traverse the filter lists serarching for rules that contain LSM
* specific filter fields. When such a rule is found, it is copied, the
- * selinux field is re-initialized, and the old rule is replaced with the
+ * LSM field is re-initialized, and the old rule is replaced with the
* updated rule. */
-int selinux_audit_rule_update(void)
+int audit_update_lsm_rules(void)
{
struct audit_entry *entry, *n, *nentry;
struct audit_watch *watch;
@@ -1804,7 +1779,7 @@ int selinux_audit_rule_update(void)
for (i = 0; i < AUDIT_NR_FILTERS; i++) {
list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) {
- if (!audit_rule_has_selinux(&entry->rule))
+ if (!security_audit_rule_known(&entry->rule))
continue;
watch = entry->rule.watch;
@@ -1815,7 +1790,7 @@ int selinux_audit_rule_update(void)
* return value */
if (!err)
err = PTR_ERR(nentry);
- audit_panic("error updating selinux filters");
+ audit_panic("error updating LSM filters");
if (watch)
list_del(&entry->rule.rlist);
list_del_rcu(&entry->list);
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 782262e4107..56e56ed594a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -61,7 +61,6 @@
#include <linux/security.h>
#include <linux/list.h>
#include <linux/tty.h>
-#include <linux/selinux.h>
#include <linux/binfmts.h>
#include <linux/highmem.h>
#include <linux/syscalls.h>
@@ -528,14 +527,14 @@ static int audit_filter_rules(struct task_struct *tsk,
match for now to avoid losing information that
may be wanted. An error message will also be
logged upon error */
- if (f->se_rule) {
+ if (f->lsm_rule) {
if (need_sid) {
- selinux_get_task_sid(tsk, &sid);
+ security_task_getsecid(tsk, &sid);
need_sid = 0;
}
- result = selinux_audit_rule_match(sid, f->type,
+ result = security_audit_rule_match(sid, f->type,
f->op,
- f->se_rule,
+ f->lsm_rule,
ctx);
}
break;
@@ -546,18 +545,18 @@ static int audit_filter_rules(struct task_struct *tsk,
case AUDIT_OBJ_LEV_HIGH:
/* The above note for AUDIT_SUBJ_USER...AUDIT_SUBJ_CLR
also applies here */
- if (f->se_rule) {
+ if (f->lsm_rule) {
/* Find files that match */
if (name) {
- result = selinux_audit_rule_match(
+ result = security_audit_rule_match(
name->osid, f->type, f->op,
- f->se_rule, ctx);
+ f->lsm_rule, ctx);
} else if (ctx) {
for (j = 0; j < ctx->name_count; j++) {
- if (selinux_audit_rule_match(
+ if (security_audit_rule_match(
ctx->names[j].osid,
f->type, f->op,
- f->se_rule, ctx)) {
+ f->lsm_rule, ctx)) {
++result;
break;
}
@@ -570,7 +569,7 @@ static int audit_filter_rules(struct task_struct *tsk,
aux = aux->next) {
if (aux->type == AUDIT_IPC) {
struct audit_aux_data_ipcctl *axi = (void *)aux;
- if (selinux_audit_rule_match(axi->osid, f->type, f->op, f->se_rule, ctx)) {
+ if (security_audit_rule_match(axi->osid, f->type, f->op, f->lsm_rule, ctx)) {
++result;
break;
}
@@ -885,11 +884,11 @@ void audit_log_task_context(struct audit_buffer *ab)
int error;
u32 sid;
- selinux_get_task_sid(current, &sid);
+ security_task_getsecid(current, &sid);
if (!sid)
return;
- error = selinux_sid_to_string(sid, &ctx, &len);
+ error = security_secid_to_secctx(sid, &ctx, &len);
if (error) {
if (error != -EINVAL)
goto error_path;
@@ -897,7 +896,7 @@ void audit_log_task_context(struct audit_buffer *ab)
}
audit_log_format(ab, " subj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
return;
error_path:
@@ -941,7 +940,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
u32 sid, char *comm)
{
struct audit_buffer *ab;
- char *s = NULL;
+ char *ctx = NULL;
u32 len;
int rc = 0;
@@ -951,15 +950,16 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid,
audit_log_format(ab, "opid=%d oauid=%d ouid=%d oses=%d", pid, auid,
uid, sessionid);
- if (selinux_sid_to_string(sid, &s, &len)) {
+ if (security_secid_to_secctx(sid, &ctx, &len)) {
audit_log_format(ab, " obj=(none)");
rc = 1;
- } else
- audit_log_format(ab, " obj=%s", s);
+ } else {
+ audit_log_format(ab, " obj=%s", ctx);
+ security_release_secctx(ctx, len);
+ }
audit_log_format(ab, " ocomm=");
audit_log_untrustedstring(ab, comm);
audit_log_end(ab);
- kfree(s);
return rc;
}
@@ -1271,14 +1271,15 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
if (axi->osid != 0) {
char *ctx = NULL;
u32 len;
- if (selinux_sid_to_string(
+ if (security_secid_to_secctx(
axi->osid, &ctx, &len)) {
audit_log_format(ab, " osid=%u",
axi->osid);
call_panic = 1;
- } else
+ } else {
audit_log_format(ab, " obj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
+ }
}
break; }
@@ -1392,13 +1393,14 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
if (n->osid != 0) {
char *ctx = NULL;
u32 len;
- if (selinux_sid_to_string(
+ if (security_secid_to_secctx(
n->osid, &ctx, &len)) {
audit_log_format(ab, " osid=%u", n->osid);
call_panic = 2;
- } else
+ } else {
audit_log_format(ab, " obj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
+ }
}
audit_log_end(ab);
@@ -1775,7 +1777,7 @@ static void audit_copy_inode(struct audit_names *name, const struct inode *inode
name->uid = inode->i_uid;
name->gid = inode->i_gid;
name->rdev = inode->i_rdev;
- selinux_get_inode_sid(inode, &name->osid);
+ security_inode_getsecid(inode, &name->osid);
}
/**
@@ -2190,8 +2192,7 @@ int __audit_ipc_obj(struct kern_ipc_perm *ipcp)
ax->uid = ipcp->uid;
ax->gid = ipcp->gid;
ax->mode = ipcp->mode;
- selinux_get_ipc_sid(ipcp, &ax->osid);
-
+ security_ipc_getsecid(ipcp, &ax->osid);
ax->d.type = AUDIT_IPC;
ax->d.next = context->aux;
context->aux = (void *)ax;
@@ -2343,7 +2344,7 @@ void __audit_ptrace(struct task_struct *t)
context->target_auid = audit_get_loginuid(t);
context->target_uid = t->uid;
context->target_sessionid = audit_get_sessionid(t);
- selinux_get_task_sid(t, &context->target_sid);
+ security_task_getsecid(t, &context->target_sid);
memcpy(context->target_comm, t->comm, TASK_COMM_LEN);
}
@@ -2371,7 +2372,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
audit_sig_uid = tsk->loginuid;
else
audit_sig_uid = tsk->uid;
- selinux_get_task_sid(tsk, &audit_sig_sid);
+ security_task_getsecid(tsk, &audit_sig_sid);
}
if (!audit_signals || audit_dummy_context())
return 0;
@@ -2384,7 +2385,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
ctx->target_auid = audit_get_loginuid(t);
ctx->target_uid = t->uid;
ctx->target_sessionid = audit_get_sessionid(t);
- selinux_get_task_sid(t, &ctx->target_sid);
+ security_task_getsecid(t, &ctx->target_sid);
memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);
return 0;
}
@@ -2405,7 +2406,7 @@ int __audit_signal_info(int sig, struct task_struct *t)
axp->target_auid[axp->pid_count] = audit_get_loginuid(t);
axp->target_uid[axp->pid_count] = t->uid;
axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);
- selinux_get_task_sid(t, &axp->target_sid[axp->pid_count]);
+ security_task_getsecid(t, &axp->target_sid[axp->pid_count]);
memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);
axp->pid_count++;
@@ -2435,16 +2436,17 @@ void audit_core_dumps(long signr)
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND);
audit_log_format(ab, "auid=%u uid=%u gid=%u ses=%u",
auid, current->uid, current->gid, sessionid);
- selinux_get_task_sid(current, &sid);
+ security_task_getsecid(current, &sid);
if (sid) {
char *ctx = NULL;
u32 len;
- if (selinux_sid_to_string(sid, &ctx, &len))
+ if (security_secid_to_secctx(sid, &ctx, &len))
audit_log_format(ab, " ssid=%u", sid);
- else
+ else {
audit_log_format(ab, " subj=%s", ctx);
- kfree(ctx);
+ security_release_secctx(ctx, len);
+ }
}
audit_log_format(ab, " pid=%d comm=", current->pid);
audit_log_untrustedstring(ab, current->comm);