diff options
Diffstat (limited to 'security/smack')
-rw-r--r-- | security/smack/smack.h | 8 | ||||
-rw-r--r-- | security/smack/smack_lsm.c | 85 |
2 files changed, 49 insertions, 44 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h index e365d455ceb..b449cfdad21 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -155,12 +155,6 @@ struct smack_known { #define SMACK_MAGIC 0x43415d53 /* "SMAC" */ /* - * A limit on the number of entries in the lists - * makes some of the list administration easier. - */ -#define SMACK_LIST_MAX 10000 - -/* * CIPSO defaults. */ #define SMACK_CIPSO_DOI_DEFAULT 3 /* Historical */ @@ -177,9 +171,7 @@ struct smack_known { /* * Just to make the common cases easier to deal with */ -#define MAY_ANY (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) #define MAY_ANYREAD (MAY_READ | MAY_EXEC) -#define MAY_ANYWRITE (MAY_WRITE | MAY_APPEND) #define MAY_READWRITE (MAY_READ | MAY_WRITE) #define MAY_NOT 0 diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0c91a906b3f..23c7a6d0c80 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1113,38 +1113,6 @@ static int smack_file_fcntl(struct file *file, unsigned int cmd, } /** - * smk_mmap_list_check - the mmap check - * @sub: subject label - * @obj: object label - * @access: access mode - * @local: the task specific rule list - * - * Returns 0 if acces is permitted, -EACCES otherwise - */ -static int smk_mmap_list_check(char *sub, char *obj, int access, - struct list_head *local) -{ - int may; - - /* - * If there is not a global rule that - * allows access say no. - */ - may = smk_access_entry(sub, obj, &smack_rule_list); - if (may == -ENOENT || (may & access) != access) - return -EACCES; - /* - * If there is a task local rule that - * denies access say no. - */ - may = smk_access_entry(sub, obj, local); - if (may != -ENOENT && (may & access) != access) - return -EACCES; - - return 0; -} - -/** * smack_file_mmap : * Check permissions for a mmap operation. The @file may be NULL, e.g. * if mapping anonymous memory. @@ -1163,8 +1131,12 @@ static int smack_file_mmap(struct file *file, struct task_smack *tsp; char *sp; char *msmack; + char *osmack; struct inode_smack *isp; struct dentry *dp; + int may; + int mmay; + int tmay; int rc; /* do DAC check on address space usage */ @@ -1202,16 +1174,57 @@ static int smack_file_mmap(struct file *file, list_for_each_entry_rcu(srp, &smack_rule_list, list) { if (srp->smk_subject != sp) continue; + + osmack = srp->smk_object; /* * Matching labels always allows access. */ - if (msmack == srp->smk_object) + if (msmack == osmack) + continue; + /* + * If there is a matching local rule take + * that into account as well. + */ + may = smk_access_entry(srp->smk_subject, osmack, + &tsp->smk_rules); + if (may == -ENOENT) + may = srp->smk_access; + else + may &= srp->smk_access; + /* + * If may is zero the SMACK64MMAP subject can't + * possibly have less access. + */ + if (may == 0) continue; - rc = smk_mmap_list_check(msmack, srp->smk_object, - srp->smk_access, &tsp->smk_rules); - if (rc != 0) + /* + * Fetch the global list entry. + * If there isn't one a SMACK64MMAP subject + * can't have as much access as current. + */ + mmay = smk_access_entry(msmack, osmack, &smack_rule_list); + if (mmay == -ENOENT) { + rc = -EACCES; break; + } + /* + * If there is a local entry it modifies the + * potential access, too. + */ + tmay = smk_access_entry(msmack, osmack, &tsp->smk_rules); + if (tmay != -ENOENT) + mmay &= tmay; + + /* + * If there is any access available to current that is + * not available to a SMACK64MMAP subject + * deny access. + */ + if ((may | mmay) != mmay) { + rc = -EACCES; + break; + } } rcu_read_unlock(); |