The patch titled
selinux: enhance selinux to always ignore private inodes
has been removed from the -mm tree. Its filename was
selinux-enhance-selinux-to-always-ignore-private-inodes.patch
This patch was dropped because it was merged into mainline or a subsystem tree
------------------------------------------------------
Subject: selinux: enhance selinux to always ignore private inodes
From: Stephen Smalley <sds@xxxxxxxxxxxxx>
Hmmm...turns out to not be quite enough, as the /proc/sys inodes aren't truly
private to the fs, so we can run into them in a variety of security hooks
beyond just the inode hooks, such as security_file_permission (when reading
and writing them via the vfs helpers), security_sb_mount (when mounting other
filesystems on directories in proc like binfmt_misc), and deeper within the
security module itself (as in flush_unauthorized_files upon inheritance across
execve). So I think we have to add an IS_PRIVATE() guard within SELinux, as
below. Note however that the use of the private flag here could be confusing,
as these inodes are _not_ private to the fs, are exposed to userspace, and
security modules must implement the sysctl hook to get any access control over
them.
Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
security/selinux/hooks.c | 3 +++
1 file changed, 3 insertions(+)
diff -puN security/selinux/hooks.c~selinux-enhance-selinux-to-always-ignore-private-inodes security/selinux/hooks.c
--- a/security/selinux/hooks.c~selinux-enhance-selinux-to-always-ignore-private-inodes
+++ a/security/selinux/hooks.c
@@ -1077,6 +1077,9 @@ static int inode_has_perm(struct task_st
struct inode_security_struct *isec;
struct avc_audit_data ad;
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+
tsec = tsk->security;
isec = inode->i_security;
_
Patches currently in -mm which might be from sds@xxxxxxxxxxxxx are
origin.patch
git-mips.patch
implement-file-posix-capabilities.patch
file-capabilities-dont-do-file-caps-if-mnt_nosuid.patch
file-capabilities-honor-secure_noroot.patch
mprotect-patch-for-use-by-slim.patch
integrity-service-api-and-dummy-provider.patch
slim-main-patch.patch
slim-main-include-fix.patch
slim-secfs-patch.patch
slim-make-and-config-stuff.patch
slim-debug-output.patch
slim-debug-output-slm_set_taskperm-remove-horrible-error-handling-code.patch
slim-fix-security-issue-with-the-task_post_setuid-hook.patch
slim-documentation.patch
panic-on-slim-selinux.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
