xselinux: Use a privileged bit in the state instead of passing an index

to the permission checking function.
This commit is contained in:
Eamon Walsh 2008-01-24 18:11:49 -05:00 committed by Eamon Walsh
parent 7ba8e97cba
commit 6ffeecabb7

View File

@ -63,6 +63,7 @@ typedef struct {
security_id_t sid; security_id_t sid;
struct avc_entry_ref aeref; struct avc_entry_ref aeref;
char *command; char *command;
int privileged;
} SELinuxStateRec; } SELinuxStateRec;
/* selection manager */ /* selection manager */
@ -287,11 +288,11 @@ SELinuxTypeToClass(RESTYPE type)
* Performs an SELinux permission check. * Performs an SELinux permission check.
*/ */
static int static int
SELinuxDoCheck(int clientIndex, SELinuxStateRec *subj, SELinuxStateRec *obj, SELinuxDoCheck(SELinuxStateRec *subj, SELinuxStateRec *obj,
security_class_t class, Mask mode, SELinuxAuditRec *auditdata) security_class_t class, Mask mode, SELinuxAuditRec *auditdata)
{ {
/* serverClient requests OK */ /* serverClient requests OK */
if (clientIndex == 0) if (subj->privileged)
return Success; return Success;
auditdata->command = subj->command; auditdata->command = subj->command;
@ -383,6 +384,7 @@ SELinuxLabelInitial(void)
/* Do the serverClient */ /* Do the serverClient */
state = dixLookupPrivate(&serverClient->devPrivates, stateKey); state = dixLookupPrivate(&serverClient->devPrivates, stateKey);
state->privileged = 1;
sidput(state->sid); sidput(state->sid);
/* Use the context of the X server process for the serverClient */ /* Use the context of the X server process for the serverClient */
@ -496,8 +498,8 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
obj->sid = subj->sid; obj->sid = subj->sid;
} }
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_DEVICE, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
rec->access_mode, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -509,21 +511,18 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxStateRec *subj, *obj, ev_sid; SELinuxStateRec *subj, *obj, ev_sid;
SELinuxAuditRec auditdata = { .client = rec->client }; SELinuxAuditRec auditdata = { .client = rec->client };
security_class_t class; security_class_t class;
int rc, i, type, clientIndex; int rc, i, type;
if (rec->dev) { if (rec->dev)
subj = dixLookupPrivate(&rec->dev->devPrivates, stateKey); subj = dixLookupPrivate(&rec->dev->devPrivates, stateKey);
clientIndex = -1; /* some nonzero value */ else
} else {
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey); subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
clientIndex = rec->client->index;
}
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey); obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
/* Check send permission on window */ /* Check send permission on window */
rc = SELinuxDoCheck(clientIndex, subj, obj, SECCLASS_X_DRAWABLE, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixSendAccess,
DixSendAccess, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
goto err; goto err;
@ -537,8 +536,7 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
goto err; goto err;
auditdata.event = type; auditdata.event = type;
rc = SELinuxDoCheck(clientIndex, subj, &ev_sid, class, rc = SELinuxDoCheck(subj, &ev_sid, class, DixSendAccess, &auditdata);
DixSendAccess, &auditdata);
if (rc != Success) if (rc != Success)
goto err; goto err;
} }
@ -560,8 +558,8 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey); obj = dixLookupPrivate(&rec->pWin->devPrivates, stateKey);
/* Check receive permission on window */ /* Check receive permission on window */
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_DRAWABLE, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixReceiveAccess,
DixReceiveAccess, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
goto err; goto err;
@ -575,8 +573,7 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
goto err; goto err;
auditdata.event = type; auditdata.event = type;
rc = SELinuxDoCheck(rec->client->index, subj, &ev_sid, class, rc = SELinuxDoCheck(subj, &ev_sid, class, DixReceiveAccess, &auditdata);
DixReceiveAccess, &auditdata);
if (rc != Success) if (rc != Success)
goto err; goto err;
} }
@ -633,8 +630,8 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Perform the security check */ /* Perform the security check */
auditdata.extension = rec->ext->name; auditdata.extension = rec->ext->name;
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_EXTENSION, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_EXTENSION, rec->access_mode,
rec->access_mode, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -680,13 +677,12 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
return; return;
} }
freecon(con); freecon(con);
avc_entry_ref_init(&obj->aeref);
} }
/* Perform the security check */ /* Perform the security check */
auditdata.property = rec->pProp->propertyName; auditdata.property = rec->pProp->propertyName;
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_PROPERTY, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_PROPERTY, rec->access_mode,
rec->access_mode, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -741,8 +737,7 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Perform the security check */ /* Perform the security check */
auditdata.restype = rec->rtype; auditdata.restype = rec->rtype;
auditdata.id = rec->id; auditdata.id = rec->id;
rc = SELinuxDoCheck(rec->client->index, subj, obj, class, rc = SELinuxDoCheck(subj, obj, class, rec->access_mode, &auditdata);
rec->access_mode, &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -775,8 +770,7 @@ SELinuxScreen(CallbackListPtr *pcbl, pointer is_saver, pointer calldata)
if (is_saver) if (is_saver)
access_mode <<= 2; access_mode <<= 2;
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_SCREEN, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SCREEN, access_mode, &auditdata);
access_mode, &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -792,8 +786,8 @@ SELinuxClient(CallbackListPtr *pcbl, pointer unused, pointer calldata)
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey); subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&rec->target->devPrivates, stateKey); obj = dixLookupPrivate(&rec->target->devPrivates, stateKey);
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_CLIENT, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_CLIENT, rec->access_mode,
rec->access_mode, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -809,8 +803,8 @@ SELinuxServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
subj = dixLookupPrivate(&rec->client->devPrivates, stateKey); subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
obj = dixLookupPrivate(&serverClient->devPrivates, stateKey); obj = dixLookupPrivate(&serverClient->devPrivates, stateKey);
rc = SELinuxDoCheck(rec->client->index, subj, obj, SECCLASS_X_SERVER, rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SERVER, rec->access_mode,
rec->access_mode, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }
@ -832,8 +826,8 @@ SELinuxSelection(CallbackListPtr *pcbl, pointer unused, pointer calldata)
} }
auditdata.selection = rec->name; auditdata.selection = rec->name;
rc = SELinuxDoCheck(rec->client->index, subj, &sel_sid, rc = SELinuxDoCheck(subj, &sel_sid, SECCLASS_X_SELECTION, rec->access_mode,
SECCLASS_X_SELECTION, rec->access_mode, &auditdata); &auditdata);
if (rc != Success) if (rc != Success)
rec->status = rc; rec->status = rc;
} }