xselinux: Use a privileged bit in the state instead of passing an index
to the permission checking function.
This commit is contained in:
parent
7ba8e97cba
commit
6ffeecabb7
@ -63,6 +63,7 @@ typedef struct {
|
|||||||
security_id_t sid;
|
security_id_t sid;
|
||||||
struct avc_entry_ref aeref;
|
struct avc_entry_ref aeref;
|
||||||
char *command;
|
char *command;
|
||||||
|
int privileged;
|
||||||
} SELinuxStateRec;
|
} SELinuxStateRec;
|
||||||
|
|
||||||
/* selection manager */
|
/* selection manager */
|
||||||
@ -287,11 +288,11 @@ SELinuxTypeToClass(RESTYPE type)
|
|||||||
* Performs an SELinux permission check.
|
* Performs an SELinux permission check.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
SELinuxDoCheck(int clientIndex, SELinuxStateRec *subj, SELinuxStateRec *obj,
|
SELinuxDoCheck(SELinuxStateRec *subj, SELinuxStateRec *obj,
|
||||||
security_class_t class, Mask mode, SELinuxAuditRec *auditdata)
|
security_class_t class, Mask mode, SELinuxAuditRec *auditdata)
|
||||||
{
|
{
|
||||||
/* serverClient requests OK */
|
/* serverClient requests OK */
|
||||||
if (clientIndex == 0)
|
if (subj->privileged)
|
||||||
return Success;
|
return Success;
|
||||||
|
|
||||||
auditdata->command = subj->command;
|
auditdata->command = subj->command;
|
||||||
@ -383,6 +384,7 @@ SELinuxLabelInitial(void)
|
|||||||
|
|
||||||
/* Do the serverClient */
|
/* Do the serverClient */
|
||||||
state = dixLookupPrivate(&serverClient->devPrivates, stateKey);
|
state = dixLookupPrivate(&serverClient->devPrivates, stateKey);
|
||||||
|
state->privileged = 1;
|
||||||
sidput(state->sid);
|
sidput(state->sid);
|
||||||
|
|
||||||
/* Use the context of the X server process for the serverClient */
|
/* Use the context of the X server process for the serverClient */
|
||||||
@ -496,8 +498,8 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
obj->sid = subj->sid;
|
obj->sid = subj->sid;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_DEVICE,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
|
||||||
rec->access_mode, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -509,21 +511,18 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
SELinuxStateRec *subj, *obj, ev_sid;
|
SELinuxStateRec *subj, *obj, ev_sid;
|
||||||
SELinuxAuditRec auditdata = { .client = rec->client };
|
SELinuxAuditRec auditdata = { .client = rec->client };
|
||||||
security_class_t class;
|
security_class_t class;
|
||||||
int rc, i, type, clientIndex;
|
int rc, i, type;
|
||||||
|
|
||||||
if (rec->dev) {
|
if (rec->dev)
|
||||||
subj = dixLookupPrivate(&rec->dev->devPrivates, stateKey);
|
subj = dixLookupPrivate(&rec->dev->devPrivates, stateKey);
|
||||||
clientIndex = -1; /* some nonzero value */
|
else
|
||||||
} else {
|
|
||||||
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
|
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
|
||||||
clientIndex = rec->client->index;
|
|
||||||
}
|
|
||||||
|
|
||||||
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
|
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
|
||||||
|
|
||||||
/* Check send permission on window */
|
/* Check send permission on window */
|
||||||
rc = SELinuxDoCheck(clientIndex, subj, obj, SECCLASS_X_DRAWABLE,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixSendAccess,
|
||||||
DixSendAccess, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
@ -537,8 +536,7 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
auditdata.event = type;
|
auditdata.event = type;
|
||||||
rc = SELinuxDoCheck(clientIndex, subj, &ev_sid, class,
|
rc = SELinuxDoCheck(subj, &ev_sid, class, DixSendAccess, &auditdata);
|
||||||
DixSendAccess, &auditdata);
|
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -560,8 +558,8 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
|
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
|
||||||
|
|
||||||
/* Check receive permission on window */
|
/* Check receive permission on window */
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_DRAWABLE,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixReceiveAccess,
|
||||||
DixReceiveAccess, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
@ -575,8 +573,7 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
auditdata.event = type;
|
auditdata.event = type;
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, &ev_sid, class,
|
rc = SELinuxDoCheck(subj, &ev_sid, class, DixReceiveAccess, &auditdata);
|
||||||
DixReceiveAccess, &auditdata);
|
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -633,8 +630,8 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
|
|
||||||
/* Perform the security check */
|
/* Perform the security check */
|
||||||
auditdata.extension = rec->ext->name;
|
auditdata.extension = rec->ext->name;
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_EXTENSION,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_EXTENSION, rec->access_mode,
|
||||||
rec->access_mode, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -680,13 +677,12 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
freecon(con);
|
freecon(con);
|
||||||
avc_entry_ref_init(&obj->aeref);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Perform the security check */
|
/* Perform the security check */
|
||||||
auditdata.property = rec->pProp->propertyName;
|
auditdata.property = rec->pProp->propertyName;
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_PROPERTY,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_PROPERTY, rec->access_mode,
|
||||||
rec->access_mode, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -741,8 +737,7 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
/* Perform the security check */
|
/* Perform the security check */
|
||||||
auditdata.restype = rec->rtype;
|
auditdata.restype = rec->rtype;
|
||||||
auditdata.id = rec->id;
|
auditdata.id = rec->id;
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, class,
|
rc = SELinuxDoCheck(subj, obj, class, rec->access_mode, &auditdata);
|
||||||
rec->access_mode, &auditdata);
|
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -775,8 +770,7 @@ SELinuxScreen(CallbackListPtr *pcbl, pointer is_saver, pointer calldata)
|
|||||||
if (is_saver)
|
if (is_saver)
|
||||||
access_mode <<= 2;
|
access_mode <<= 2;
|
||||||
|
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_SCREEN,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SCREEN, access_mode, &auditdata);
|
||||||
access_mode, &auditdata);
|
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -792,8 +786,8 @@ SELinuxClient(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
|
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
|
||||||
obj = dixLookupPrivate(&rec->target->devPrivates, stateKey);
|
obj = dixLookupPrivate(&rec->target->devPrivates, stateKey);
|
||||||
|
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_CLIENT,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_CLIENT, rec->access_mode,
|
||||||
rec->access_mode, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -809,8 +803,8 @@ SELinuxServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
|
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
|
||||||
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
|
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
|
||||||
|
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_SERVER,
|
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SERVER, rec->access_mode,
|
||||||
rec->access_mode, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
@ -832,8 +826,8 @@ SELinuxSelection(CallbackListPtr *pcbl, pointer unused, pointer calldata)
|
|||||||
}
|
}
|
||||||
|
|
||||||
auditdata.selection = rec->name;
|
auditdata.selection = rec->name;
|
||||||
rc = SELinuxDoCheck(rec->client->index, subj, &sel_sid,
|
rc = SELinuxDoCheck(subj, &sel_sid, SECCLASS_X_SELECTION, rec->access_mode,
|
||||||
SECCLASS_X_SELECTION, rec->access_mode, &auditdata);
|
&auditdata);
|
||||||
if (rc != Success)
|
if (rc != Success)
|
||||||
rec->status = rc;
|
rec->status = rc;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user