diff options
| -rw-r--r-- | Documentation/security/00-INDEX | 2 | ||||
| -rw-r--r-- | Documentation/security/LSM.txt | 34 | ||||
| -rw-r--r-- | Documentation/security/credentials.txt | 6 | ||||
| -rw-r--r-- | include/linux/security.h | 2 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 14 |
5 files changed, 44 insertions, 14 deletions
diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX index 19bc49439cac..99b85d39751c 100644 --- a/Documentation/security/00-INDEX +++ b/Documentation/security/00-INDEX @@ -1,5 +1,7 @@ 00-INDEX - this file. +LSM.txt + - description of the Linux Security Module framework. SELinux.txt - how to get started with the SELinux security enhancement. Smack.txt diff --git a/Documentation/security/LSM.txt b/Documentation/security/LSM.txt new file mode 100644 index 000000000000..c335a763a2ed --- /dev/null +++ b/Documentation/security/LSM.txt @@ -0,0 +1,34 @@ +Linux Security Module framework +------------------------------- + +The Linux Security Module (LSM) framework provides a mechanism for +various security checks to be hooked by new kernel extensions. The name +"module" is a bit of a misnomer since these extensions are not actually +loadable kernel modules. Instead, they are selectable at build-time via +CONFIG_DEFAULT_SECURITY and can be overridden at boot-time via the +"security=..." kernel command line argument, in the case where multiple +LSMs were built into a given kernel. + +The primary users of the LSM interface are Mandatory Access Control +(MAC) extensions which provide a comprehensive security policy. Examples +include SELinux, Smack, Tomoyo, and AppArmor. In addition to the larger +MAC extensions, other extensions can be built using the LSM to provide +specific changes to system operation when these tweaks are not available +in the core functionality of Linux itself. + +Without a specific LSM built into the kernel, the default LSM will be the +Linux capabilities system. Most LSMs choose to extend the capabilities +system, building their checks on top of the defined capability hooks. +For more details on capabilities, see capabilities(7) in the Linux +man-pages project. + +Based on http://kerneltrap.org/Linux/Documenting_Security_Module_Intent, +a new LSM is accepted into the kernel when its intent (a description of +what it tries to protect against and in what cases one would expect to +use it) has been appropriately documented in Documentation/security/. +This allows an LSM's code to be easily compared to its goals, and so +that end users and distros can make a more informed decision about which +LSMs suit their requirements. + +For extensive documentation on the available LSM hook interfaces, please +see include/linux/security.h. diff --git a/Documentation/security/credentials.txt b/Documentation/security/credentials.txt index fc0366cbd7ce..86257052e31a 100644 --- a/Documentation/security/credentials.txt +++ b/Documentation/security/credentials.txt @@ -221,10 +221,10 @@ The Linux kernel supports the following types of credentials: (5) LSM The Linux Security Module allows extra controls to be placed over the - operations that a task may do. Currently Linux supports two main - alternate LSM options: SELinux and Smack. + operations that a task may do. Currently Linux supports several LSM + options. - Both work by labelling the objects in a system and then applying sets of + Some work by labelling the objects in a system and then applying sets of rules (policies) that say what operations a task with one label may do to an object with another label. diff --git a/include/linux/security.h b/include/linux/security.h index 19d8e04e1688..051d4e96cb1f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2044,7 +2044,7 @@ static inline void security_inode_free(struct inode *inode) static inline int security_inode_init_security(struct inode *inode, struct inode *dir, const struct qstr *qstr, - initxattrs initxattrs, + const initxattrs initxattrs, void *fs_data) { return 0; diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f46658722c78..48a7d0014b4f 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -749,14 +749,6 @@ out: return length; } -static inline int hexcode_to_int(int code) { - if (code == '\0' || !isxdigit(code)) - return -1; - if (isdigit(code)) - return code - '0'; - return tolower(code) - 'a' + 10; -} - static ssize_t sel_write_create(struct file *file, char *buf, size_t size) { char *scon = NULL, *tcon = NULL; @@ -808,9 +800,11 @@ static ssize_t sel_write_create(struct file *file, char *buf, size_t size) if (c1 == '+') c1 = ' '; else if (c1 == '%') { - if ((c1 = hexcode_to_int(*r++)) < 0) + c1 = hex_to_bin(*r++); + if (c1 < 0) goto out; - if ((c2 = hexcode_to_int(*r++)) < 0) + c2 = hex_to_bin(*r++); + if (c2 < 0) goto out; c1 = (c1 << 4) | c2; } |