On 08/10/2011 08:57 AM, Casey Schaufler wrote:
On 8/9/2011 5:43 PM, Rongqing Li wrote:
On 08/10/2011 12:13 AM, Casey Schaufler wrote:
On 8/9/2011 12:28 AM, rongqing.li@xxxxxxxxxxxxx wrote:
From: Roy.Li<rongqing.li@xxxxxxxxxxxxx>
Define security_sk_getsecid to get the security id of a sock.
Why are you requesting the secid when you're just going to
use it to get the secctx? Why not ask for that directly?
Is there ever a case where you only want the secid?
Hi:
As I know, we have not method to get secctx directly.
You are defining the method! Ask for what you want!
The whole notion of secids is a holdover from the bad old
days when SELinux was a user space based enforcement mechanism.
The audit system was implemented when SELinux was the lone LSM
and unfortunately and unnecessarily propagated the use of secids.
If an object has a secid it must also have a secctx. The
interfaces that use secids could just as well use the secctx.
It is wasteful to create a new interface that fetches a secid
just to turn around and ask for the secctx in all cases.
Do you means I should write a method like below
security_sk_getsecctx(struct sock *sk, char *secctx, int *len)?
But secctx only is used to user. secid is used to source code to
compute and compare the access permission.
And I do not see the same method like
security_task_getsecctx(). but security_task_getsecid() has been
implemented in kernel source code.
-Roy
On the most of time, we get secctx like this.
The below comes from kernel/auditsc.c
void audit_log_task_context(struct audit_buffer *ab)
{
char *ctx = NULL;
unsigned len;
int error;
u32 sid;
security_task_getsecid(current,&sid);
if (!sid)
return;
error = security_secid_to_secctx(sid,&ctx,&len);
if (error) {
if (error != -EINVAL)
goto error_path;
return;
}
audit_log_format(ab, " subj=%s", ctx);
security_release_secctx(ctx, len);
return;
error_path:
audit_panic("error in audit_log_task_context");
return;
}
-Roy
Signed-off-by: Roy.Li<rongqing.li@xxxxxxxxxxxxx>
---
include/linux/security.h | 6 ++++++
security/security.c | 6 ++++++
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/include/linux/security.h b/include/linux/security.h
index ebd2a53..739ac39 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -2560,6 +2560,7 @@ int security_sk_alloc(struct sock *sk, int family, gfp_t priority);
void security_sk_free(struct sock *sk);
void security_sk_clone(const struct sock *sk, struct sock *newsk);
void security_sk_classify_flow(struct sock *sk, struct flowi *fl);
+void security_sk_getsecid(struct sock *sk, u32 *secid);
void security_req_classify_flow(const struct request_sock *req, struct flowi *fl);
void security_sock_graft(struct sock*sk, struct socket *parent);
int security_inet_conn_request(struct sock *sk,
@@ -2701,6 +2702,11 @@ static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
{
}
+static inline void security_sk_getsecid(struct sock *sk, u32 *secid)
+{
+ *secid = 0;
+}
+
static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
{
}
diff --git a/security/security.c b/security/security.c
index 0e4fccf..b0e0825 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1104,6 +1104,12 @@ void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
}
EXPORT_SYMBOL(security_sk_classify_flow);
+void security_sk_getsecid(struct sock *sk, u32 *secid)
+{
+ security_ops->sk_getsecid(sk, secid);
+}
+EXPORT_SYMBOL(security_sk_getsecid);
+
void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
{
security_ops->req_classify_flow(req, fl);
--
Best Reagrds,
Roy | RongQing Li
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
