From f5c1d5b2aaf9a98f15a6dcdfbba1f494d0aaae52 Mon Sep 17 00:00:00 2001 From: James Morris Date: Thu, 28 Jul 2005 01:07:37 -0700 Subject: [PATCH] SELinux: default labeling of MLS field Implement kernel labeling of the MLS (multilevel security) field of security contexts for files which have no existing MLS field. This is to enable upgrades of a system from non-MLS to MLS without performing a full filesystem relabel including all of the mountpoints, which would be quite painful for users. With this patch, with MLS enabled, if a file has no MLS field, the kernel internally adds an MLS field to the in-core inode (but not to the on-disk file). This MLS field added is the default for the superblock, allowing per-mountpoint control over the values via fixed policy or mount options. This patch has been tested by enabling MLS without relabeling its filesystem, and seems to be working correctly. Signed-off-by: James Morris Signed-off-by: Stephen Smalley Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- security/selinux/hooks.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6be27385114..10fd51c9056 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -826,7 +826,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent sid = sbsec->def_sid; rc = 0; } else { - rc = security_context_to_sid(context, rc, &sid); + rc = security_context_to_sid_default(context, rc, &sid, + sbsec->def_sid); if (rc) { printk(KERN_WARNING "%s: context_to_sid(%s) " "returned %d for dev=%s ino=%ld\n", -- cgit v1.2.3-18-g5258 From 911656f8a630e36b22c7e2bba3317dec9174209c Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Thu, 28 Jul 2005 21:16:21 -0700 Subject: [PATCH] selinux: Fix address length checks in connect hook This patch fixes the address length checks in the selinux_socket_connect hook to be no more restrictive than the underlying ipv4 and ipv6 code; otherwise, this hook can reject valid connect calls. This patch is in response to a bug report where an application was calling connect on an INET6 socket with an address that didn't include the optional scope id and failing due to these checks. Signed-off-by: Stephen Smalley Signed-off-by: James Morris Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- security/selinux/hooks.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 10fd51c9056..2253f388234 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3126,12 +3126,12 @@ static int selinux_socket_connect(struct socket *sock, struct sockaddr *address, if (sk->sk_family == PF_INET) { addr4 = (struct sockaddr_in *)address; - if (addrlen != sizeof(struct sockaddr_in)) + if (addrlen < sizeof(struct sockaddr_in)) return -EINVAL; snum = ntohs(addr4->sin_port); } else { addr6 = (struct sockaddr_in6 *)address; - if (addrlen != sizeof(struct sockaddr_in6)) + if (addrlen < SIN6_LEN_RFC2133) return -EINVAL; snum = ntohs(addr6->sin6_port); } -- cgit v1.2.3-18-g5258