diff options
author | Stephen Smalley <stephen.smalley.work@gmail.com> | 2023-03-09 13:30:37 -0500 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2023-03-14 15:22:45 -0400 |
commit | e67b79850fcc4eb5816d69d34fd82aeda350aca7 (patch) | |
tree | ac2ab206d913dd36a95347b59bc739551651cafc /security/selinux/ss | |
parent | f62ca0b6e31d82e0622a8e31ce5562e80edf6c3c (diff) | |
download | linux-next-e67b79850fcc4eb5816d69d34fd82aeda350aca7.tar.gz |
selinux: stop passing selinux_state pointers and their offspring
Linus observed that the pervasive passing of selinux_state pointers
introduced by me in commit aa8e712cee93 ("selinux: wrap global selinux
state") adds overhead and complexity without providing any
benefit. The original idea was to pave the way for SELinux namespaces
but those have not yet been implemented and there isn't currently
a concrete plan to do so. Remove the passing of the selinux_state
pointers, reverting to direct use of the single global selinux_state,
and likewise remove passing of child pointers like the selinux_avc.
The selinux_policy pointer remains as it is needed for atomic switching
of policies.
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Reported-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/oe-kbuild-all/202303101057.mZ3Gv5fK-lkp@intel.com/
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/ss')
-rw-r--r-- | security/selinux/ss/services.c | 346 | ||||
-rw-r--r-- | security/selinux/ss/services.h | 1 |
2 files changed, 141 insertions, 206 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 0092b29022f5..f14d1ffe54c5 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -235,16 +235,16 @@ static void map_decision(struct selinux_map *map, } } -int security_mls_enabled(struct selinux_state *state) +int security_mls_enabled(void) { int mls_enabled; struct selinux_policy *policy; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); mls_enabled = policy->policydb.mls_enabled; rcu_read_unlock(); return mls_enabled; @@ -713,8 +713,7 @@ static void context_struct_compute_av(struct policydb *policydb, tclass, avd); } -static int security_validtrans_handle_fail(struct selinux_state *state, - struct selinux_policy *policy, +static int security_validtrans_handle_fail(struct selinux_policy *policy, struct sidtab_entry *oentry, struct sidtab_entry *nentry, struct sidtab_entry *tentry, @@ -740,13 +739,12 @@ out: kfree(n); kfree(t); - if (!enforcing_enabled(state)) + if (!enforcing_enabled()) return 0; return -EPERM; } -static int security_compute_validatetrans(struct selinux_state *state, - u32 oldsid, u32 newsid, u32 tasksid, +static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, u16 orig_tclass, bool user) { struct selinux_policy *policy; @@ -761,12 +759,12 @@ static int security_compute_validatetrans(struct selinux_state *state, int rc = 0; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -813,8 +811,7 @@ static int security_compute_validatetrans(struct selinux_state *state, if (user) rc = -EPERM; else - rc = security_validtrans_handle_fail(state, - policy, + rc = security_validtrans_handle_fail(policy, oentry, nentry, tentry, @@ -829,19 +826,17 @@ out: return rc; } -int security_validate_transition_user(struct selinux_state *state, - u32 oldsid, u32 newsid, u32 tasksid, +int security_validate_transition_user(u32 oldsid, u32 newsid, u32 tasksid, u16 tclass) { - return security_compute_validatetrans(state, oldsid, newsid, tasksid, + return security_compute_validatetrans(oldsid, newsid, tasksid, tclass, true); } -int security_validate_transition(struct selinux_state *state, - u32 oldsid, u32 newsid, u32 tasksid, +int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid, u16 orig_tclass) { - return security_compute_validatetrans(state, oldsid, newsid, tasksid, + return security_compute_validatetrans(oldsid, newsid, tasksid, orig_tclass, false); } @@ -851,12 +846,10 @@ int security_validate_transition(struct selinux_state *state, * It returns 0, if @newsid is bounded by @oldsid. * Otherwise, it returns error code. * - * @state: SELinux state * @oldsid : current security identifier * @newsid : destinated security identifier */ -int security_bounded_transition(struct selinux_state *state, - u32 old_sid, u32 new_sid) +int security_bounded_transition(u32 old_sid, u32 new_sid) { struct selinux_policy *policy; struct policydb *policydb; @@ -866,11 +859,11 @@ int security_bounded_transition(struct selinux_state *state, int index; int rc; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -1004,8 +997,7 @@ void services_compute_xperms_decision(struct extended_perms_decision *xpermd, } } -void security_compute_xperms_decision(struct selinux_state *state, - u32 ssid, +void security_compute_xperms_decision(u32 ssid, u32 tsid, u16 orig_tclass, u8 driver, @@ -1029,10 +1021,10 @@ void security_compute_xperms_decision(struct selinux_state *state, memset(xpermd->dontaudit->p, 0, sizeof(xpermd->dontaudit->p)); rcu_read_lock(); - if (!selinux_initialized(state)) + if (!selinux_initialized()) goto allow; - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -1091,7 +1083,6 @@ allow: /** * security_compute_av - Compute access vector decisions. - * @state: SELinux state * @ssid: source security identifier * @tsid: target security identifier * @orig_tclass: target security class @@ -1101,8 +1092,7 @@ allow: * Compute a set of access vector decisions based on the * SID pair (@ssid, @tsid) for the permissions in @tclass. */ -void security_compute_av(struct selinux_state *state, - u32 ssid, +void security_compute_av(u32 ssid, u32 tsid, u16 orig_tclass, struct av_decision *avd, @@ -1115,10 +1105,10 @@ void security_compute_av(struct selinux_state *state, struct context *scontext = NULL, *tcontext = NULL; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); avd_init(policy, avd); xperms->len = 0; - if (!selinux_initialized(state)) + if (!selinux_initialized()) goto allow; policydb = &policy->policydb; @@ -1160,8 +1150,7 @@ allow: goto out; } -void security_compute_av_user(struct selinux_state *state, - u32 ssid, +void security_compute_av_user(u32 ssid, u32 tsid, u16 tclass, struct av_decision *avd) @@ -1172,9 +1161,9 @@ void security_compute_av_user(struct selinux_state *state, struct context *scontext = NULL, *tcontext = NULL; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); avd_init(policy, avd); - if (!selinux_initialized(state)) + if (!selinux_initialized()) goto allow; policydb = &policy->policydb; @@ -1290,19 +1279,19 @@ static int sidtab_entry_to_string(struct policydb *p, #include "initial_sid_to_string.h" -int security_sidtab_hash_stats(struct selinux_state *state, char *page) +int security_sidtab_hash_stats(char *page) { struct selinux_policy *policy; int rc; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { pr_err("SELinux: %s: called before initial load_policy\n", __func__); return -EINVAL; } rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); rc = sidtab_hash_stats(policy->sidtab, page); rcu_read_unlock(); @@ -1316,8 +1305,7 @@ const char *security_get_initial_sid_context(u32 sid) return initial_sid_to_string[sid]; } -static int security_sid_to_context_core(struct selinux_state *state, - u32 sid, char **scontext, +static int security_sid_to_context_core(u32 sid, char **scontext, u32 *scontext_len, int force, int only_invalid) { @@ -1331,7 +1319,7 @@ static int security_sid_to_context_core(struct selinux_state *state, *scontext = NULL; *scontext_len = 0; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { if (sid <= SECINITSID_NUM) { char *scontextp; const char *s = initial_sid_to_string[sid]; @@ -1352,7 +1340,7 @@ static int security_sid_to_context_core(struct selinux_state *state, return -EINVAL; } rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -1380,7 +1368,6 @@ out_unlock: /** * security_sid_to_context - Obtain a context for a given SID. - * @state: SELinux state * @sid: security identifier, SID * @scontext: security context * @scontext_len: length in bytes @@ -1389,24 +1376,22 @@ out_unlock: * into a dynamically allocated string of the correct size. Set @scontext * to point to this string and set @scontext_len to the length of the string. */ -int security_sid_to_context(struct selinux_state *state, - u32 sid, char **scontext, u32 *scontext_len) +int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len) { - return security_sid_to_context_core(state, sid, scontext, + return security_sid_to_context_core(sid, scontext, scontext_len, 0, 0); } -int security_sid_to_context_force(struct selinux_state *state, u32 sid, +int security_sid_to_context_force(u32 sid, char **scontext, u32 *scontext_len) { - return security_sid_to_context_core(state, sid, scontext, + return security_sid_to_context_core(sid, scontext, scontext_len, 1, 0); } /** * security_sid_to_context_inval - Obtain a context for a given SID if it * is invalid. - * @state: SELinux state * @sid: security identifier, SID * @scontext: security context * @scontext_len: length in bytes @@ -1417,10 +1402,10 @@ int security_sid_to_context_force(struct selinux_state *state, u32 sid, * this string (or NULL if the context is valid) and set @scontext_len to * the length of the string (or 0 if the context is valid). */ -int security_sid_to_context_inval(struct selinux_state *state, u32 sid, +int security_sid_to_context_inval(u32 sid, char **scontext, u32 *scontext_len) { - return security_sid_to_context_core(state, sid, scontext, + return security_sid_to_context_core(sid, scontext, scontext_len, 1, 1); } @@ -1505,8 +1490,7 @@ out: return rc; } -static int security_context_to_sid_core(struct selinux_state *state, - const char *scontext, u32 scontext_len, +static int security_context_to_sid_core(const char *scontext, u32 scontext_len, u32 *sid, u32 def_sid, gfp_t gfp_flags, int force) { @@ -1526,7 +1510,7 @@ static int security_context_to_sid_core(struct selinux_state *state, if (!scontext2) return -ENOMEM; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { int i; for (i = 1; i < SECINITSID_NUM; i++) { @@ -1551,7 +1535,7 @@ static int security_context_to_sid_core(struct selinux_state *state, } retry: rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; rc = string_to_context_struct(policydb, sidtab, scontext2, @@ -1583,7 +1567,6 @@ out: /** * security_context_to_sid - Obtain a SID for a given security context. - * @state: SELinux state * @scontext: security context * @scontext_len: length in bytes * @sid: security identifier, SID @@ -1594,18 +1577,16 @@ out: * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient * memory is available, or 0 on success. */ -int security_context_to_sid(struct selinux_state *state, - const char *scontext, u32 scontext_len, u32 *sid, +int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid, gfp_t gfp) { - return security_context_to_sid_core(state, scontext, scontext_len, + return security_context_to_sid_core(scontext, scontext_len, sid, SECSID_NULL, gfp, 0); } -int security_context_str_to_sid(struct selinux_state *state, - const char *scontext, u32 *sid, gfp_t gfp) +int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp) { - return security_context_to_sid(state, scontext, strlen(scontext), + return security_context_to_sid(scontext, strlen(scontext), sid, gfp); } @@ -1613,7 +1594,6 @@ int security_context_str_to_sid(struct selinux_state *state, * security_context_to_sid_default - Obtain a SID for a given security context, * falling back to specified default if needed. * - * @state: SELinux state * @scontext: security context * @scontext_len: length in bytes * @sid: security identifier, SID @@ -1629,24 +1609,21 @@ int security_context_str_to_sid(struct selinux_state *state, * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient * memory is available, or 0 on success. */ -int security_context_to_sid_default(struct selinux_state *state, - const char *scontext, u32 scontext_len, +int security_context_to_sid_default(const char *scontext, u32 scontext_len, u32 *sid, u32 def_sid, gfp_t gfp_flags) { - return security_context_to_sid_core(state, scontext, scontext_len, + return security_context_to_sid_core(scontext, scontext_len, sid, def_sid, gfp_flags, 1); } -int security_context_to_sid_force(struct selinux_state *state, - const char *scontext, u32 scontext_len, +int security_context_to_sid_force(const char *scontext, u32 scontext_len, u32 *sid) { - return security_context_to_sid_core(state, scontext, scontext_len, + return security_context_to_sid_core(scontext, scontext_len, sid, SECSID_NULL, GFP_KERNEL, 1); } static int compute_sid_handle_invalid_context( - struct selinux_state *state, struct selinux_policy *policy, struct sidtab_entry *sentry, struct sidtab_entry *tentry, @@ -1679,7 +1656,7 @@ out: kfree(s); kfree(t); kfree(n); - if (!enforcing_enabled(state)) + if (!enforcing_enabled()) return 0; return -EACCES; } @@ -1714,8 +1691,7 @@ static void filename_compute_type(struct policydb *policydb, } } -static int security_compute_sid(struct selinux_state *state, - u32 ssid, +static int security_compute_sid(u32 ssid, u32 tsid, u16 orig_tclass, u32 specified, @@ -1736,7 +1712,7 @@ static int security_compute_sid(struct selinux_state *state, int rc = 0; bool sock; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { switch (orig_tclass) { case SECCLASS_PROCESS: /* kernel value */ *out_sid = ssid; @@ -1754,7 +1730,7 @@ retry: rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); if (kern) { tclass = unmap_class(&policy->map, orig_tclass); @@ -1886,7 +1862,7 @@ retry: /* Check the validity of the context. */ if (!policydb_context_isvalid(policydb, &newcontext)) { - rc = compute_sid_handle_invalid_context(state, policy, sentry, + rc = compute_sid_handle_invalid_context(policy, sentry, tentry, tclass, &newcontext); if (rc) @@ -1908,7 +1884,6 @@ out: /** * security_transition_sid - Compute the SID for a new subject/object. - * @state: SELinux state * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class @@ -1921,27 +1896,24 @@ out: * if insufficient memory is available, or %0 if the new SID was * computed successfully. */ -int security_transition_sid(struct selinux_state *state, - u32 ssid, u32 tsid, u16 tclass, +int security_transition_sid(u32 ssid, u32 tsid, u16 tclass, const struct qstr *qstr, u32 *out_sid) { - return security_compute_sid(state, ssid, tsid, tclass, + return security_compute_sid(ssid, tsid, tclass, AVTAB_TRANSITION, qstr ? qstr->name : NULL, out_sid, true); } -int security_transition_sid_user(struct selinux_state *state, - u32 ssid, u32 tsid, u16 tclass, +int security_transition_sid_user(u32 ssid, u32 tsid, u16 tclass, const char *objname, u32 *out_sid) { - return security_compute_sid(state, ssid, tsid, tclass, + return security_compute_sid(ssid, tsid, tclass, AVTAB_TRANSITION, objname, out_sid, false); } /** * security_member_sid - Compute the SID for member selection. - * @state: SELinux state * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class @@ -1953,20 +1925,18 @@ int security_transition_sid_user(struct selinux_state *state, * if insufficient memory is available, or %0 if the SID was * computed successfully. */ -int security_member_sid(struct selinux_state *state, - u32 ssid, +int security_member_sid(u32 ssid, u32 tsid, u16 tclass, u32 *out_sid) { - return security_compute_sid(state, ssid, tsid, tclass, + return security_compute_sid(ssid, tsid, tclass, AVTAB_MEMBER, NULL, out_sid, false); } /** * security_change_sid - Compute the SID for object relabeling. - * @state: SELinux state * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class @@ -1978,26 +1948,23 @@ int security_member_sid(struct selinux_state *state, * if insufficient memory is available, or %0 if the SID was * computed successfully. */ -int security_change_sid(struct selinux_state *state, - u32 ssid, +int security_change_sid(u32 ssid, u32 tsid, u16 tclass, u32 *out_sid) { - return security_compute_sid(state, - ssid, tsid, tclass, AVTAB_CHANGE, NULL, + return security_compute_sid(ssid, tsid, tclass, AVTAB_CHANGE, NULL, out_sid, false); } static inline int convert_context_handle_invalid_context( - struct selinux_state *state, struct policydb *policydb, struct context *context) { char *s; u32 len; - if (enforcing_enabled(state)) + if (enforcing_enabled()) return -EINVAL; if (!context_struct_to_string(policydb, context, &s, &len)) { @@ -2115,8 +2082,7 @@ int services_convert_context(struct convert_context_args *args, /* Check the validity of the new context. */ if (!policydb_context_isvalid(args->newp, newc)) { - rc = convert_context_handle_invalid_context(args->state, - args->oldp, oldc); + rc = convert_context_handle_invalid_context(args->oldp, oldc); if (rc) goto bad; } @@ -2135,8 +2101,7 @@ bad: return 0; } -static void security_load_policycaps(struct selinux_state *state, - struct selinux_policy *policy) +static void security_load_policycaps(struct selinux_policy *policy) { struct policydb *p; unsigned int i; @@ -2144,8 +2109,8 @@ static void security_load_policycaps(struct selinux_state *state, p = &policy->policydb; - for (i = 0; i < ARRAY_SIZE(state->policycap); i++) - WRITE_ONCE(state->policycap[i], + for (i = 0; i < ARRAY_SIZE(selinux_state.policycap); i++) + WRITE_ONCE(selinux_state.policycap[i], ebitmap_get_bit(&p->policycaps, i)); for (i = 0; i < ARRAY_SIZE(selinux_policycap_names); i++) @@ -2181,9 +2146,9 @@ static void selinux_policy_cond_free(struct selinux_policy *policy) kfree(policy); } -void selinux_policy_cancel(struct selinux_state *state, - struct selinux_load_state *load_state) +void selinux_policy_cancel(struct selinux_load_state *load_state) { + struct selinux_state *state = &selinux_state; struct selinux_policy *oldpolicy; oldpolicy = rcu_dereference_protected(state->policy, @@ -2194,21 +2159,20 @@ void selinux_policy_cancel(struct selinux_state *state, kfree(load_state->convert_data); } -static void selinux_notify_policy_change(struct selinux_state *state, - u32 seqno) +static void selinux_notify_policy_change(u32 seqno) { /* Flush external caches and notify userspace of policy load */ - avc_ss_reset(state->avc, seqno); + avc_ss_reset(seqno); selnl_notify_policyload(seqno); - selinux_status_update_policyload(state, seqno); + selinux_status_update_policyload(seqno); selinux_netlbl_cache_invalidate(); selinux_xfrm_notify_policyload(); - selinux_ima_measure_state_locked(state); + selinux_ima_measure_state_locked(); } -void selinux_policy_commit(struct selinux_state *state, - struct selinux_load_state *load_state) +void selinux_policy_commit(struct selinux_load_state *load_state) { + struct selinux_state *state = &selinux_state; struct selinux_policy *oldpolicy, *newpolicy = load_state->policy; unsigned long flags; u32 seqno; @@ -2241,15 +2205,15 @@ void selinux_policy_commit(struct selinux_state *state, } /* Load the policycaps from the new policy */ - security_load_policycaps(state, newpolicy); + security_load_policycaps(newpolicy); - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { /* * After first policy load, the security server is * marked as initialized and ready to handle requests and * any objects created prior to policy load are then labeled. */ - selinux_mark_initialized(state); + selinux_mark_initialized(); selinux_complete_init(); } @@ -2259,12 +2223,11 @@ void selinux_policy_commit(struct selinux_state *state, kfree(load_state->convert_data); /* Notify others of the policy change */ - selinux_notify_policy_change(state, seqno); + selinux_notify_policy_change(seqno); } /** * security_load_policy - Load a security policy configuration. - * @state: SELinux state * @data: binary policy data * @len: length of data in bytes * @load_state: policy load state @@ -2274,9 +2237,10 @@ void selinux_policy_commit(struct selinux_state *state, * This function will flush the access vector cache after * loading the new policy. */ -int security_load_policy(struct selinux_state *state, void *data, size_t len, +int security_load_policy(void *data, size_t len, struct selinux_load_state *load_state) { + struct selinux_state *state = &selinux_state; struct selinux_policy *newpolicy, *oldpolicy; struct selinux_policy_convert_data *convert_data; int rc = 0; @@ -2308,7 +2272,7 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len, goto err_mapping; } - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { /* First policy load, so no need to preserve state from old policy */ load_state->policy = newpolicy; load_state->convert_data = NULL; @@ -2336,7 +2300,6 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len, goto err_free_isids; } - convert_data->args.state = state; convert_data->args.oldp = &oldpolicy->policydb; convert_data->args.newp = &newpolicy->policydb; @@ -2410,13 +2373,11 @@ static int ocontext_to_sid(struct sidtab *sidtab, struct ocontext *c, /** * security_port_sid - Obtain the SID for a port. - * @state: SELinux state * @protocol: protocol number * @port: port number * @out_sid: security identifier */ -int security_port_sid(struct selinux_state *state, - u8 protocol, u16 port, u32 *out_sid) +int security_port_sid(u8 protocol, u16 port, u32 *out_sid) { struct selinux_policy *policy; struct policydb *policydb; @@ -2424,7 +2385,7 @@ int security_port_sid(struct selinux_state *state, struct ocontext *c; int rc; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *out_sid = SECINITSID_PORT; return 0; } @@ -2432,7 +2393,7 @@ int security_port_sid(struct selinux_state *state, retry: rc = 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -2464,13 +2425,11 @@ out: /** * security_ib_pkey_sid - Obtain the SID for a pkey. - * @state: SELinux state * @subnet_prefix: Subnet Prefix * @pkey_num: pkey number * @out_sid: security identifier */ -int security_ib_pkey_sid(struct selinux_state *state, - u64 subnet_prefix, u16 pkey_num, u32 *out_sid) +int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid) { struct selinux_policy *policy; struct policydb *policydb; @@ -2478,7 +2437,7 @@ int security_ib_pkey_sid(struct selinux_state *state, struct ocontext *c; int rc; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *out_sid = SECINITSID_UNLABELED; return 0; } @@ -2486,7 +2445,7 @@ int security_ib_pkey_sid(struct selinux_state *state, retry: rc = 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -2518,13 +2477,11 @@ out: /** * security_ib_endport_sid - Obtain the SID for a subnet management interface. - * @state: SELinux state * @dev_name: device name * @port_num: port number * @out_sid: security identifier */ -int security_ib_endport_sid(struct selinux_state *state, - const char *dev_name, u8 port_num, u32 *out_sid) +int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid) { struct selinux_policy *policy; struct policydb *policydb; @@ -2532,7 +2489,7 @@ int security_ib_endport_sid(struct selinux_state *state, struct ocontext *c; int rc; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *out_sid = SECINITSID_UNLABELED; return 0; } @@ -2540,7 +2497,7 @@ int security_ib_endport_sid(struct selinux_state *state, retry: rc = 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -2573,12 +2530,10 @@ out: /** * security_netif_sid - Obtain the SID for a network interface. - * @state: SELinux state * @name: interface name * @if_sid: interface SID */ -int security_netif_sid(struct selinux_state *state, - char *name, u32 *if_sid) +int security_netif_sid(char *name, u32 *if_sid) { struct selinux_policy *policy; struct policydb *policydb; @@ -2586,7 +2541,7 @@ int security_netif_sid(struct selinux_state *state, int rc; struct ocontext *c; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *if_sid = SECINITSID_NETIF; return 0; } @@ -2594,7 +2549,7 @@ int security_netif_sid(struct selinux_state *state, retry: rc = 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -2636,14 +2591,12 @@ static int match_ipv6_addrmask(u32 *input, u32 *addr, u32 *mask) /** * security_node_sid - Obtain the SID for a node (host). - * @state: SELinux state * @domain: communication domain aka address family * @addrp: address * @addrlen: address length in bytes * @out_sid: security identifier */ -int security_node_sid(struct selinux_state *state, - u16 domain, +int security_node_sid(u16 domain, void *addrp, u32 addrlen, u32 *out_sid) @@ -2654,14 +2607,14 @@ int security_node_sid(struct selinux_state *state, int rc; struct ocontext *c; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *out_sid = SECINITSID_NODE; return 0; } retry: rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -2725,7 +2678,6 @@ out: /** * security_get_user_sids - Obtain reachable SIDs for a user. - * @state: SELinux state * @fromsid: starting SID * @username: username * @sids: array of reachable SIDs for user @@ -2738,8 +2690,7 @@ out: * number of elements in the array. */ -int security_get_user_sids(struct selinux_state *state, - u32 fromsid, +int security_get_user_sids(u32 fromsid, char *username, u32 **sids, u32 *nel) @@ -2758,7 +2709,7 @@ int security_get_user_sids(struct selinux_state *state, *sids = NULL; *nel = 0; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; mysids = kcalloc(maxnel, sizeof(*mysids), GFP_KERNEL); @@ -2768,7 +2719,7 @@ int security_get_user_sids(struct selinux_state *state, retry: mynel = 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -2834,8 +2785,7 @@ out_unlock: } for (i = 0, j = 0; i < mynel; i++) { struct av_decision dummy_avd; - rc = avc_has_perm_noaudit(state, - fromsid, mysids[i], + rc = avc_has_perm_noaudit(fromsid, mysids[i], SECCLASS_PROCESS, /* kernel value */ PROCESS__TRANSITION, AVC_STRICT, &dummy_avd); @@ -2908,7 +2858,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, /** * security_genfs_sid - Obtain a SID for a file in a filesystem - * @state: SELinux state * @fstype: filesystem type * @path: path from root of mount * @orig_sclass: file security class @@ -2917,8 +2866,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, * Acquire policy_rwlock before calling __security_genfs_sid() and release * it afterward. */ -int security_genfs_sid(struct selinux_state *state, - const char *fstype, +int security_genfs_sid(const char *fstype, const char *path, u16 orig_sclass, u32 *sid) @@ -2926,14 +2874,14 @@ int security_genfs_sid(struct selinux_state *state, struct selinux_policy *policy; int retval; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *sid = SECINITSID_UNLABELED; return 0; } do { rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); retval = __security_genfs_sid(policy, fstype, path, orig_sclass, sid); rcu_read_unlock(); @@ -2953,10 +2901,9 @@ int selinux_policy_genfs_sid(struct selinux_policy *policy, /** * security_fs_use - Determine how to handle labeling for a filesystem. - * @state: SELinux state * @sb: superblock in question */ -int security_fs_use(struct selinux_state *state, struct super_block *sb) +int security_fs_use(struct super_block *sb) { struct selinux_policy *policy; struct policydb *policydb; @@ -2966,7 +2913,7 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb) struct superblock_security_struct *sbsec = selinux_superblock(sb); const char *fstype = sb->s_type->name; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { sbsec->behavior = SECURITY_FS_USE_NONE; sbsec->sid = SECINITSID_UNLABELED; return 0; @@ -2974,7 +2921,7 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb) retry: rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -3067,13 +3014,14 @@ err: } -int security_set_bools(struct selinux_state *state, u32 len, int *values) +int security_set_bools(u32 len, int *values) { + struct selinux_state *state = &selinux_state; struct selinux_policy *newpolicy, *oldpolicy; int rc; u32 i, seqno = 0; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return -EINVAL; oldpolicy = rcu_dereference_protected(state->policy, @@ -3134,23 +3082,22 @@ int security_set_bools(struct selinux_state *state, u32 len, int *values) selinux_policy_cond_free(oldpolicy); /* Notify others of the policy change */ - selinux_notify_policy_change(state, seqno); + selinux_notify_policy_change(seqno); return 0; } -int security_get_bool_value(struct selinux_state *state, - u32 index) +int security_get_bool_value(u32 index) { struct selinux_policy *policy; struct policydb *policydb; int rc; u32 len; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; rc = -EFAULT; @@ -3197,8 +3144,7 @@ out: * security_sid_mls_copy() - computes a new sid based on the given * sid and the mls portion of mls_sid. */ -int security_sid_mls_copy(struct selinux_state *state, - u32 sid, u32 mls_sid, u32 *new_sid) +int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) { struct selinux_policy *policy; struct policydb *policydb; @@ -3210,7 +3156,7 @@ int security_sid_mls_copy(struct selinux_state *state, u32 len; int rc; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *new_sid = sid; return 0; } @@ -3220,7 +3166,7 @@ retry: context_init(&newcon); rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -3254,7 +3200,7 @@ retry: /* Check the validity of the new context. */ if (!policydb_context_isvalid(policydb, &newcon)) { - rc = convert_context_handle_invalid_context(state, policydb, + rc = convert_context_handle_invalid_context(policydb, &newcon); if (rc) { if (!context_struct_to_string(policydb, &newcon, &s, @@ -3288,7 +3234,6 @@ out_unlock: /** * security_net_peersid_resolve - Compare and resolve two network peer SIDs - * @state: SELinux state * @nlbl_sid: NetLabel SID * @nlbl_type: NetLabel labeling protocol type * @xfrm_sid: XFRM SID @@ -3308,8 +3253,7 @@ out_unlock: * multiple, inconsistent labels | -<errno> | SECSID_NULL * */ -int security_net_peersid_resolve(struct selinux_state *state, - u32 nlbl_sid, u32 nlbl_type, +int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, u32 xfrm_sid, u32 *peer_sid) { @@ -3337,11 +3281,11 @@ int security_net_peersid_resolve(struct selinux_state *state, return 0; } - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -3482,31 +3426,31 @@ err: return rc; } -int security_get_reject_unknown(struct selinux_state *state) +int security_get_reject_unknown(void) { struct selinux_policy *policy; int value; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); value = policy->policydb.reject_unknown; rcu_read_unlock(); return value; } -int security_get_allow_unknown(struct selinux_state *state) +int security_get_allow_unknown(void) { struct selinux_policy *policy; int value; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); value = policy->policydb.allow_unknown; rcu_read_unlock(); return value; @@ -3514,7 +3458,6 @@ int security_get_allow_unknown(struct selinux_state *state) /** * security_policycap_supported - Check for a specific policy capability - * @state: SELinux state * @req_cap: capability * * Description: @@ -3523,17 +3466,16 @@ int security_get_allow_unknown(struct selinux_state *state) * supported, false (0) if it isn't supported. * */ -int security_policycap_supported(struct selinux_state *state, - unsigned int req_cap) +int security_policycap_supported(unsigned int req_cap) { struct selinux_policy *policy; int rc; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); rc = ebitmap_get_bit(&policy->policydb.policycaps, req_cap); rcu_read_unlock(); @@ -3569,7 +3511,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) *rule = NULL; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return -EOPNOTSUPP; switch (field) { @@ -3696,7 +3638,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) return -ENOENT; } - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); @@ -3849,7 +3791,6 @@ static void security_netlbl_cache_add(struct netlbl_lsm_secattr *secattr, /** * security_netlbl_secattr_to_sid - Convert a NetLabel secattr to a SELinux SID - * @state: SELinux state * @secattr: the NetLabel packet security attributes * @sid: the SELinux SID * @@ -3863,8 +3804,7 @@ static void security_netlbl_cache_add(struct netlbl_lsm_secattr *secattr, * failure. * */ -int security_netlbl_secattr_to_sid(struct selinux_state *state, - struct netlbl_lsm_secattr *secattr, +int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, u32 *sid) { struct selinux_policy *policy; @@ -3874,7 +3814,7 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, struct context *ctx; struct context ctx_new; - if (!selinux_initialized(state)) { + if (!selinux_initialized()) { *sid = SECSID_NULL; return 0; } @@ -3882,7 +3822,7 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, retry: rc = 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; sidtab = policy->sidtab; @@ -3932,7 +3872,6 @@ out: /** * security_netlbl_sid_to_secattr - Convert a SELinux SID to a NetLabel secattr - * @state: SELinux state * @sid: the SELinux SID * @secattr: the NetLabel packet security attributes * @@ -3941,19 +3880,18 @@ out: * Returns zero on success, negative values on failure. * */ -int security_netlbl_sid_to_secattr(struct selinux_state *state, - u32 sid, struct netlbl_lsm_secattr *secattr) +int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) { struct selinux_policy *policy; struct policydb *policydb; int rc; struct context *ctx; - if (!selinux_initialized(state)) + if (!selinux_initialized()) return 0; rcu_read_lock(); - policy = rcu_dereference(state->policy); + policy = rcu_dereference(selinux_state.policy); policydb = &policy->policydb; rc = -ENOENT; @@ -4003,14 +3941,13 @@ static int __security_read_policy(struct selinux_policy *policy, /** * security_read_policy - read the policy. - * @state: selinux_state * @data: binary policy data * @len: length of data in bytes * */ -int security_read_policy(struct selinux_state *state, - void **data, size_t *len) +int security_read_policy(void **data, size_t *len) { + struct selinux_state *state = &selinux_state; struct selinux_policy *policy; policy = rcu_dereference_protected( @@ -4028,7 +3965,6 @@ int security_read_policy(struct selinux_state *state, /** * security_read_state_kernel - read the policy. - * @state: selinux_state * @data: binary policy data * @len: length of data in bytes * @@ -4038,10 +3974,10 @@ int security_read_policy(struct selinux_state *state, * * This function must be called with policy_mutex held. */ -int security_read_state_kernel(struct selinux_state *state, - void **data, size_t *len) +int security_read_state_kernel(void **data, size_t *len) { int err; + struct selinux_state *state = &selinux_state; struct selinux_policy *policy; policy = rcu_dereference_protected( diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h index c4301626487f..8a9b85f44b66 100644 --- a/security/selinux/ss/services.h +++ b/security/selinux/ss/services.h @@ -30,7 +30,6 @@ struct selinux_policy { } __randomize_layout; struct convert_context_args { - struct selinux_state *state; struct policydb *oldp; struct policydb *newp; }; |