From patchwork Fri Jul 24 10:04:40 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukasz Pawelczyk X-Patchwork-Id: 6858931 Return-Path: X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 942E59F434 for ; Fri, 24 Jul 2015 10:06:56 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 9DD8720616 for ; Fri, 24 Jul 2015 10:06:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 24E1620631 for ; Fri, 24 Jul 2015 10:06:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752601AbbGXKFh (ORCPT ); Fri, 24 Jul 2015 06:05:37 -0400 Received: from mailout4.w1.samsung.com ([210.118.77.14]:33472 "EHLO mailout4.w1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752458AbbGXKFd (ORCPT ); Fri, 24 Jul 2015 06:05:33 -0400 Received: from eucpsbgm1.samsung.com (unknown [203.254.199.244]) by mailout4.w1.samsung.com (Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5 2014)) with ESMTP id <0NRZ00JH8LD6FK90@mailout4.w1.samsung.com>; Fri, 24 Jul 2015 11:05:30 +0100 (BST) X-AuditID: cbfec7f4-f79c56d0000012ee-8a-55b20dea733c Received: from eusync2.samsung.com ( [203.254.199.212]) by eucpsbgm1.samsung.com (EUCPMTA) with SMTP id DD.FE.04846.AED02B55; Fri, 24 Jul 2015 11:05:30 +0100 (BST) Received: from amdc2143.DIGITAL.local ([106.120.53.33]) by eusync2.samsung.com (Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5 2014)) with ESMTPA id <0NRZ00EPNLC23A60@eusync2.samsung.com>; Fri, 24 Jul 2015 11:05:30 +0100 (BST) From: Lukasz Pawelczyk To: "Eric W. Biederman" , "Serge E. Hallyn" , Al Viro , Alexey Dobriyan , Andrew Morton , Andy Lutomirski , Arnd Bergmann , Casey Schaufler , David Howells , Eric Dumazet , Eric Paris , Fabian Frederick , Greg KH , James Morris , Jiri Slaby , Joe Perches , John Johansen , Jonathan Corbet , Kees Cook , Lukasz Pawelczyk , Mauro Carvalho Chehab , NeilBrown , Oleg Nesterov , Paul Moore , Stephen Smalley , Tetsuo Handa , Zefan Li , linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov Cc: havner@gmail.com Subject: [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog Date: Fri, 24 Jul 2015 12:04:40 +0200 Message-id: <1437732285-11524-7-git-send-email-l.pawelczyk@samsung.com> X-Mailer: git-send-email 2.4.3 In-reply-to: <1437732285-11524-1-git-send-email-l.pawelczyk@samsung.com> References: <1437732285-11524-1-git-send-email-l.pawelczyk@samsung.com> X-Brightmail-Tracker: H4sIAAAAAAAAAzWRW0iTYRjHfbd337eJo4+l+ekoaqVBltrh4umAZAS+dFNEEnmRLv1Syalt rtQMZ1qWVso0CjdTmYqH6crSPA1tlRaeVobQUfKU2TSNheky80B3P57fD/4Xj5AveYE9hdGx CZwyVh4jo5xx19/OtzsmxHXB/vZaN7ibdgT0JiMFC9oOGj43zFMw0p6JYOqKA8NiQwYNox1D NNz40sOHLMccBekGEwWL37fD7eHjoBscxvDSfpWC/AfTPOjOVkC3toQHJddKMbSaX2Hob9ZT MH1ziALt9Vs0VNdoBFA9lgjmIg2G+rarCD5o72LQZUwJ4FmLgQ95IxYMfdZeGvoWOgUHN5FB 2wImjnktIgWaWxTRaV5j0lTwiSbFdWoy0HKKZDyfFJCmmioeeXnPgUlboZEmhtt5AjIz+h6T xzlLac+vEFJjHkfHpCHOByK4mOgLnNIvIMw5yjj7m4o3uSfOlq7RoKeSLCQSsswedqxsmlrl daz1s2mFJUwZYntzvbKQ8xKn8Vj960V6WVCMPztrNfOXhStTL2JzH9SgZcFnXNk/UzMr0Vrm BDvRNLbCmPFim+89WWnETBBrbGuhV9c2sL0mO15mEUPYrv6f9OpyEJtdoKdzkbgYOVUhN04d Hq86E6nY6auSK1Tq2Ejf8DhFHVp9rr0RGTr2WRAjRDIXcbv2YbBEIL+gSlJYECvky1zFTh1L J3GEPCmZU8aFKtUxnMqCpEIscxcXNv84IWEi5QncOY6L55T/LU8o8tSg82t8fOwby5Otp/c2 Bh/+mLN+/9l3s0fLLgVm5uellsu3VoejCo/sTmGy9/gbtcfl1G/+xmfDh4I2X9xi9RTUhgb6 BUh9yK7CCt1AN7+8iiuaQjbPO0HNlZPWSumAS3pKwKOAwvmwQa9v9xO/jtganCyLvraU3dfa T7bWG+cM3loZVkXJd27jK1Xyf/HQo0zYAgAA Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Spam-Status: No, score=-8.1 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Smackfs/syslog is analogous to onlycap and unconfined. When not filled they don't do anything. In such cases onlycap and unconfined displayed nothing when read, but syslog unconditionally displayed star. This doesn't work well with namespaces where the star could have been unmapped. Besides the meaning of this star was different then a star that could be written to this file. This was misleading. This also brings syslog read/write functions on par with onlycap and unconfined where it is possible to reset the value to NULL as should be possible according to comment in smackfs.c describing smack_syslog_label variable. Before that the initial state was to allow (smack_syslog_label was NULL), but after writing star to it the current had to be labeled star as well to have an access, even thought reading the smackfs/syslog returned the same result in both cases. Signed-off-by: Lukasz Pawelczyk Acked-by: Serge Hallyn --- security/smack/smackfs.c | 42 +++++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 81a2888..89f847bba 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -2362,23 +2362,20 @@ static const struct file_operations smk_change_rule_ops = { static ssize_t smk_read_syslog(struct file *filp, char __user *buf, size_t cn, loff_t *ppos) { - struct smack_known *skp; + char *smack = ""; ssize_t rc = -EINVAL; int asize; if (*ppos != 0) return 0; - if (smack_syslog_label == NULL) - skp = &smack_known_star; - else - skp = smack_syslog_label; + if (smack_syslog_label != NULL) + smack = smack_syslog_label->smk_known; - asize = strlen(skp->smk_known) + 1; + asize = strlen(smack) + 1; if (cn >= asize) - rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, - asize); + rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); return rc; } @@ -2406,16 +2403,31 @@ static ssize_t smk_write_syslog(struct file *file, const char __user *buf, if (data == NULL) return -ENOMEM; - if (copy_from_user(data, buf, count) != 0) + if (copy_from_user(data, buf, count) != 0) { rc = -EFAULT; - else { - skp = smk_import_entry(data, count); - if (IS_ERR(skp)) - rc = PTR_ERR(skp); - else - smack_syslog_label = skp; + goto freeout; } + /* + * Clear the smack_syslog_label on invalid label errors. This means + * that we can pass a null string to unset the syslog value. + * + * Importing will also reject a label beginning with '-', + * so "-syslog" will also work. + * + * But do so only on invalid label, not on system errors. + */ + skp = smk_import_entry(data, count); + if (PTR_ERR(skp) == -EINVAL) + skp = NULL; + else if (IS_ERR(skp)) { + rc = PTR_ERR(skp); + goto freeout; + } + + smack_syslog_label = skp; + +freeout: kfree(data); return rc; }