- 30 1月, 2008 1 次提交
-
-
由 Paul Moore 提交于
This patch removes some unneeded RCU read locks as we can treat the reads as "safe" even without RCU. It also converts the NetLabel configuration refcount from a spinlock protected u32 into atomic_t to be more consistent with the rest of the kernel. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 21 12月, 2007 1 次提交
-
-
由 Joe Perches 提交于
Signed-off-by: NJoe Perches <joe@perches.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 26 10月, 2007 1 次提交
-
-
由 Paul Moore 提交于
This fixes some awkward, and perhaps even problematic, RCU lock usage in the NetLabel code as well as some other related trivial cleanups found when looking through the RCU locking. Most of the changes involve removing the redundant RCU read locks wrapping spinlocks in the case of a RCU writer. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 11 10月, 2007 1 次提交
-
-
由 Thomas Graf 提交于
This change allows the generic attribute interface to be used within the netfilter subsystem where this flag was initially introduced. The byte-order flag is yet unused, it's intended use is to allow automatic byte order convertions for all atomic types. Signed-off-by: NThomas Graf <tgraf@suug.ch> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 08 8月, 2007 1 次提交
-
-
由 Paul Moore 提交于
The LSM domain mapping head table pointer was not being referenced via the RCU safe dereferencing function, rcu_dereference(). This patch adds those missing calls to the NetLabel code. This has been tested using recent linux-2.6 git kernels with no visible regressions. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 02 8月, 2007 1 次提交
-
-
由 Paul Moore 提交于
The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: NPaul Moore <paul.moore@hp.com> Acked-by: NStephen Smalley <sds@tycho.nsa.gov> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 19 7月, 2007 1 次提交
-
-
由 Paul Moore 提交于
Create a new NetLabel KAPI interface, netlbl_enabled(), which reports on the current runtime status of NetLabel based on the existing configuration. LSMs that make use of NetLabel, i.e. SELinux, can use this new function to determine if they should perform NetLabel access checks. This patch changes the NetLabel/SELinux glue code such that SELinux only enforces NetLabel related access checks when netlbl_enabled() returns true. At present NetLabel is considered to be enabled when there is at least one labeled protocol configuration present. The result is that by default NetLabel is considered to be disabled, however, as soon as an administrator configured a CIPSO DOI definition NetLabel is enabled and SELinux starts enforcing NetLabel related access controls - including unlabeled packet controls. This patch also tries to consolidate the multiple "#ifdef CONFIG_NETLABEL" blocks into a single block to ease future review as recommended by Linus. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 17 7月, 2007 1 次提交
-
-
由 Miloslav Trmac 提交于
Add TTY input auditing, used to audit system administrator's actions. This is required by various security standards such as DCID 6/3 and PCI to provide non-repudiation of administrator's actions and to allow a review of past actions if the administrator seems to overstep their duties or if the system becomes misconfigured for unknown reasons. These requirements do not make it necessary to audit TTY output as well. Compared to an user-space keylogger, this approach records TTY input using the audit subsystem, correlated with other audit events, and it is completely transparent to the user-space application (e.g. the console ioctls still work). TTY input auditing works on a higher level than auditing all system calls within the session, which would produce an overwhelming amount of mostly useless audit events. Add an "audit_tty" attribute, inherited across fork (). Data read from TTYs by process with the attribute is sent to the audit subsystem by the kernel. The audit netlink interface is extended to allow modifying the audit_tty attribute, and to allow sending explanatory audit events from user-space (for example, a shell might send an event containing the final command, after the interactive command-line editing and history expansion is performed, which might be difficult to decipher from the TTY input alone). Because the "audit_tty" attribute is inherited across fork (), it would be set e.g. for sshd restarted within an audited session. To prevent this, the audit_tty attribute is cleared when a process with no open TTY file descriptors (e.g. after daemon startup) opens a TTY. See https://www.redhat.com/archives/linux-audit/2007-June/msg00000.html for a more detailed rationale document for an older version of this patch. [akpm@linux-foundation.org: build fix] Signed-off-by: NMiloslav Trmac <mitr@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Paul Fulghum <paulkf@microgate.com> Cc: Casey Schaufler <casey@schaufler-ca.com> Cc: Steve Grubb <sgrubb@redhat.com> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 09 6月, 2007 1 次提交
-
-
由 Paul Moore 提交于
The current NetLabel code has some redundant APIs which allow both "struct socket" and "struct sock" types to be used; this may have made sense at some point but it is wasteful now. Remove the functions that operate on sockets and convert the callers. Not only does this make the code smaller and more consistent but it pushes the locking burden up to the caller which can be more intelligent about the locks. Also, perform the same conversion (socket to sock) on the SELinux/NetLabel glue code where it make sense. Signed-off-by: NPaul Moore <paul.moore@hp.com> Acked-by: NJames Morris <jmorris@namei.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 08 6月, 2007 1 次提交
-
-
由 Patrick McHardy 提交于
Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 26 4月, 2007 1 次提交
-
-
由 Paul Moore 提交于
Up until this patch the functions which have provided NetLabel support to SELinux have been integrated into the SELinux security server, which for various reasons is not really ideal. This patch makes an effort to extract as much of the NetLabel support from the security server as possibile and move it into it's own file within the SELinux directory structure. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 01 3月, 2007 1 次提交
-
-
由 Patrick McHardy 提交于
Signed-off-by: NPatrick McHardy <kaber@trash.net> Acked-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 11 2月, 2007 1 次提交
-
-
由 YOSHIFUJI Hideaki 提交于
Signed-off-by: NYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 09 1月, 2007 1 次提交
-
-
由 Paul Moore 提交于
The current netlbl_cipsov4_add_common() function has two problems which are fixed with this patch. The first is an off-by-one bug where it is possibile to overflow the doi_def->tags[] array. The second is a bug where the same doi_def->tags[] array was not always fully initialized, which caused sporadic failures. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 23 12月, 2006 2 次提交
-
-
由 Paul Moore 提交于
Back when the original NetLabel patches were being changed to use Netlink attributes correctly some code was accidentially dropped which set all of the undefined CIPSOv4 level and category mappings to a sentinel value. The result is the mappings data in the kernel contains bogus mappings which always map to zero. This patch restores the old/correct behavior by initializing the mapping data to the correct sentinel value. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Paul Moore 提交于
There are a couple of cases where the user input for a CIPSOv4 DOI add operation was not being done soon enough; the result was unexpected behavior which was resulting in oops/panics/lockups on some platforms. This patch moves the existing input validation code earlier in the code path to protect against bogus user input. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 03 12月, 2006 8 次提交
-
-
由 Paul Moore 提交于
The original NetLabel category bitmap was a straight char bitmap which worked fine for the initial release as it only supported 240 bits due to limitations in the CIPSO restricted bitmap tag (tag type 0x01). This patch converts that straight char bitmap into an extensibile/sparse bitmap in order to lay the foundation for other CIPSO tag types and protocols. This patch also has a nice side effect in that all of the security attributes passed by NetLabel into the LSM are now in a format which is in the host's native byte/bit ordering which makes the LSM specific code much simpler; look at the changes in security/selinux/ss/ebitmap.c as an example. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Paul Moore 提交于
The audit_enabled flag is used to signal when syscall auditing is to be performed. While NetLabel uses a Netlink interface instead of syscalls, it is reasonable to consider the NetLabel Netlink interface as a form of syscall so pay attention to the audit_enabled flag when generating audit messages in NetLabel. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Paul Moore 提交于
Right now the NetLabel code always jumps into the CIPSOv4 layer to determine if a CIPSO IP option is present. However, we can do this check directly in the NetLabel code by making use of the CIPSO_V4_OPTEXIST() macro which should save us a function call in the common case of not having a CIPSOv4 option present. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Paul Moore 提交于
The existing netlbl_lsm_secattr struct required the LSM to check all of the fields to determine if any security attributes were present resulting in a lot of work in the common case of no attributes. This patch adds a 'flags' field which is used to indicate which attributes are present in the structure; this should allow the LSM to do a quick comparison to determine if the structure holds any security attributes. Example: if (netlbl_lsm_secattr->flags) /* security attributes present */ else /* NO security attributes present */ Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Paul Moore 提交于
Currently the NetLabel unlabeled packet accept flag is an atomic type and it is checked for every non-NetLabel packet which comes into the system but rarely ever changed. This patch changes this flag to a normal integer and protects it with RCU locking. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Thomas Graf 提交于
By modyfing genlmsg_put() to take a genl_family and by adding genlmsg_put_reply() the process of constructing the netlink and generic netlink headers is simplified. Signed-off-by: NThomas Graf <tgraf@suug.ch> Acked-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Thomas Graf 提交于
A generic netlink user has no interest in knowing how to address the source of the original request. Signed-off-by: NThomas Graf <tgraf@suug.ch> Acked-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Thomas Graf 提交于
Account for the netlink message header size directly in nlmsg_new() instead of relying on the caller calculate it correctly. Replaces error handling of message construction functions when constructing notifications with bug traps since a failure implies a bug in calculating the size of the skb. Signed-off-by: NThomas Graf <tgraf@suug.ch> Acked-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 06 11月, 2006 1 次提交
-
-
由 Paul Moore 提交于
> the build with the attached .config failed, make ends with: > ... > : undefined reference to `cipso_v4_sock_getattr' > net/built-in.o: In function `netlbl_socket_getattr': ... It looks like I was stupid and made NetLabel depend on CONFIG_NET and not CONFIG_INET, the patch below should fix this by making NetLabel depend on CONFIG_INET and CONFIG_SECURITY. Please review and apply for 2.6.19. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 12 10月, 2006 1 次提交
-
-
由 paul.moore@hp.com 提交于
Testing revealed a problem with the NetLabel cache where a cached entry could be freed while in use by the LSM layer causing an oops and other problems. This patch fixes that problem by introducing a reference counter to the cache entry so that it is only freed when it is no longer in use. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 30 9月, 2006 1 次提交
-
-
由 Paul Moore 提交于
Fix some issues Steve Grubb had with the way NetLabel was using the audit subsystem. This should make NetLabel more consistent with other kernel generated audit messages specifying configuration changes. Signed-off-by: NPaul Moore <paul.moore@hp.com> Acked-by: NSteve Grubb <sgrubb@redhat.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 29 9月, 2006 1 次提交
-
-
由 Paul Moore 提交于
This patch adds audit support to NetLabel, including six new audit message types shown below. #define AUDIT_MAC_UNLBL_ACCEPT 1406 #define AUDIT_MAC_UNLBL_DENY 1407 #define AUDIT_MAC_CIPSOV4_ADD 1408 #define AUDIT_MAC_CIPSOV4_DEL 1409 #define AUDIT_MAC_MAP_ADD 1410 #define AUDIT_MAC_MAP_DEL 1411 Signed-off-by: NPaul Moore <paul.moore@hp.com> Acked-by: NJames Morris <jmorris@namei.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 26 9月, 2006 4 次提交
-
-
由 Paul Moore 提交于
Now that all of the supporting pieces of NetLabel have a home at SourceForge update the Kconfig help text and add an entry to the MAINTAINERS file. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Paul Moore 提交于
At the suggestion of Thomas Graf, rewrite NetLabel's use of Netlink attributes to better follow the common Netlink attribute usage. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Paul Moore 提交于
At the suggestion of Thomas Graf, rewrite NetLabel's use of Netlink attributes to better follow the common Netlink attribute usage. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Paul Moore 提交于
Fix a problem where NetLabel would always set the value of sk_security_struct->peer_sid in selinux_netlbl_sock_graft() to the context of the socket, causing problems when users would query the context of the connection. This patch fixes this so that the value in sk_security_struct->peer_sid is only set when the connection is NetLabel based, otherwise the value is untouched. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 23 9月, 2006 5 次提交
-
-
由 Paul Moore 提交于
Add some missing include files to the NetLabel related header files. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Thomas Graf 提交于
Adds nlmsg_notify() implementing proper notification logic. The message is multicasted to all listeners in the group. The applications the requests orignates from can request a unicast back report in which case said socket will be excluded from the multicast to avoid duplicated notifications. nlmsg_multicast() is extended to take allocation flags to allow notification in atomic contexts. Signed-off-by: NThomas Graf <tgraf@suug.ch> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Adrian Bunk 提交于
This patch makes needlessly global code static. Signed-off-by: NAdrian Bunk <bunk@stusta.de> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Paul Moore 提交于
Add CIPSO/IPv4 and unlabeled packet management to the NetLabel subsystem. The CIPSO/IPv4 changes allow the configuration of CIPSO/IPv4 within the overall NetLabel framework. The unlabeled packet changes allows NetLabel to pass unlabeled packets without error. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Paul Moore 提交于
Add a new kernel subsystem, NetLabel, to provide explicit packet labeling services (CIPSO, RIPSO, etc.) to LSM developers. NetLabel is designed to work in conjunction with a LSM to intercept and decode security labels on incoming network packets as well as ensure that outgoing network packets are labeled according to the security mechanism employed by the LSM. The NetLabel subsystem is configured through a Generic NETLINK interface described in the header files included in this patch. Signed-off-by: NPaul Moore <paul.moore@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-