On Thursday 25 March 2010 03:24:58 pm David Miller wrote:
> From: "Tom \"spot\" Callaway" <tcallawa@xxxxxxxxxx>
> Date: Wed, 24 Mar 2010 17:52:57 -0400
>
> > Attached is a patch which disables execmem for sparc. Without it,
> > selinux does not work at all on SPARC64.
> >
> > This patch should be reasonably non-controversial, because this is
> > already being done for PPC32.
> >
> > Tested-by: Tom "spot" Callaway <tcallawa@xxxxxxxxxx> (Ultra 10, T5220)
> >
> > Dennis Gilmore <dgilmore@xxxxxxxxxx>
> >
> > Signed-off-by: Tom "spot" Callaway <tcallawa@xxxxxxxxxx>
>
> What is the reason why it doesn't work, I'm just curious?
>
> Is there some dependency upon executable stacks or executable data
> segments always working? Why can't SELINUX protect be used with
> that correctly?
what happens is that almost all binaries end up with execmem set and selinux
prevents them from running. the system fails to even get close to coming up
in a usable state
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.160:3): avc: denied {
execmem } for pid=208 comm="consoletype"
scontext=system_u:system_r:consoletype_t:s0
tcontext=system_u:system_r:consoletype_t:s0 tclass=process
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.315:4): avc: denied {
execmem } for pid=211 comm="hostname"
scontext=system_u:system_r:hostname_t:s0
tcontext=system_u:system_r:hostname_t:s0 tclass=process
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.520:5): avc: denied {
execmem } for pid=213 comm="mount" scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:mount_t:s0 tclass=process
Dec 31 18:00:40 sparcbook kernel: type=1400 audit(8.570:6): avc: denied {
execmem } for pid=203 comm="readahead-colle"
scontext=system_u:system_r:readahead_t:s0
tcontext=system_u:system_r:readahead_t:s0 tclass=process
is a small sample of the logs you get not everything fails but almost
everything
>
> And since we're touching selinux code we need to at a minimum
> CC: them so they can have a look at your change.
>
> --------------------
> diff -up linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc
> linux-2.6.32.noarch/security/selinux/hooks.c ---
> linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc 2010-03-10
> 08:28:20.957571926 -0500 +++
> linux-2.6.32.noarch/security/selinux/hooks.c 2010-03-10 08:29:15.732698763
> -0500 @@ -3010,7 +3010,7 @@ static int file_map_prot_check(struct fi
> const struct cred *cred = current_cred();
> int rc = 0;
>
> -#ifndef CONFIG_PPC32
> +#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
> if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
> /*
> * We are making executable an anonymous mapping or a
> @@ -3082,7 +3082,7 @@ static int selinux_file_mprotect(struct
> if (selinux_checkreqprot)
> prot = reqprot;
>
> -#ifndef CONFIG_PPC32
> +#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
> if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
> int rc = 0;
> if (vma->vm_start >= vma->vm_mm->start_brk &&
> --
> To unsubscribe from this list: send the line "unsubscribe sparclinux" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Attachment:
signature.asc
Description: This is a digitally signed message part.
