Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_htc_msm8960 / 4aed2fd8e3181fea7c09ba79cf64e7e3f4413bf9 / . / security / selinux / ss / mls.c
blob: b4eff7a60c50b74e6ab46473551cf06c3c7541e2 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
2 * Implementation of the multi-level security (MLS) policy.
3 *
4 * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
5 */
6/*
7 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
8 *
9 * Support for enhanced MLS infrastructure.
10 *
Darrel Goeddel376bd9c2006-02-24 15:44:05 -0600[diff] [blame]11 * Copyright (C) 2004-2006 Trusted Computer Solutions, Inc.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]12 */
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]13/*
14 * Updated: Hewlett-Packard <paul.moore@hp.com>
15 *
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]16 * Added support to import/export the MLS label from NetLabel
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]17 *
18 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
19 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]20
21#include <linux/kernel.h>
22#include <linux/slab.h>
23#include <linux/string.h>
24#include <linux/errno.h>
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]25#include <net/netlabel.h>
James Morrisf5c1d5b2005-07-28 01:07:37 -0700[diff] [blame]26#include "sidtab.h"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]27#include "mls.h"
28#include "policydb.h"
29#include "services.h"
30
31/*
32 * Return the length in bytes for the MLS fields of the
33 * security context string representation of `context'.
34 */
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]35int mls_compute_context_len(struct context *context)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]36{
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]37 int i, l, len, head, prev;
38 char *nm;
39 struct ebitmap *e;
Stephen Smalley782ebb92005-09-03 15:55:16 -0700[diff] [blame]40 struct ebitmap_node *node;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]41
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]42 if (!policydb.mls_enabled)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]43 return 0;
44
45 len = 1; /* for the beginning ":" */
46 for (l = 0; l < 2; l++) {
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]47 int index_sens = context->range.level[l].sens;
48 len += strlen(policydb.p_sens_val_to_name[index_sens - 1]);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]49
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]50 /* categories */
51 head = -2;
52 prev = -2;
53 e = &context->range.level[l].cat;
54 ebitmap_for_each_positive_bit(e, node, i) {
55 if (i - prev > 1) {
56 /* one or more negative bits are skipped */
57 if (head != prev) {
58 nm = policydb.p_cat_val_to_name[prev];
59 len += strlen(nm) + 1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]60 }
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]61 nm = policydb.p_cat_val_to_name[i];
62 len += strlen(nm) + 1;
63 head = i;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]64 }
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]65 prev = i;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]66 }
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]67 if (prev != head) {
68 nm = policydb.p_cat_val_to_name[prev];
69 len += strlen(nm) + 1;
70 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]71 if (l == 0) {
72 if (mls_level_eq(&context->range.level[0],
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]73 &context->range.level[1]))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]74 break;
75 else
76 len++;
77 }
78 }
79
80 return len;
81}
82
83/*
84 * Write the security context string representation of
85 * the MLS fields of `context' into the string `*scontext'.
86 * Update `*scontext' to point to the end of the MLS fields.
87 */
88void mls_sid_to_context(struct context *context,
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]89 char **scontext)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]90{
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]91 char *scontextp, *nm;
92 int i, l, head, prev;
93 struct ebitmap *e;
Stephen Smalley782ebb92005-09-03 15:55:16 -0700[diff] [blame]94 struct ebitmap_node *node;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]95
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]96 if (!policydb.mls_enabled)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]97 return;
98
99 scontextp = *scontext;
100
101 *scontextp = ':';
102 scontextp++;
103
104 for (l = 0; l < 2; l++) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]105 strcpy(scontextp,
106 policydb.p_sens_val_to_name[context->range.level[l].sens - 1]);
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]107 scontextp += strlen(scontextp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]108
109 /* categories */
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]110 head = -2;
111 prev = -2;
112 e = &context->range.level[l].cat;
113 ebitmap_for_each_positive_bit(e, node, i) {
114 if (i - prev > 1) {
115 /* one or more negative bits are skipped */
116 if (prev != head) {
117 if (prev - head > 1)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]118 *scontextp++ = '.';
119 else
120 *scontextp++ = ',';
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]121 nm = policydb.p_cat_val_to_name[prev];
122 strcpy(scontextp, nm);
123 scontextp += strlen(nm);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]124 }
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]125 if (prev < 0)
126 *scontextp++ = ':';
127 else
128 *scontextp++ = ',';
129 nm = policydb.p_cat_val_to_name[i];
130 strcpy(scontextp, nm);
131 scontextp += strlen(nm);
132 head = i;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]133 }
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]134 prev = i;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]135 }
136
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]137 if (prev != head) {
138 if (prev - head > 1)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]139 *scontextp++ = '.';
140 else
141 *scontextp++ = ',';
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]142 nm = policydb.p_cat_val_to_name[prev];
143 strcpy(scontextp, nm);
144 scontextp += strlen(nm);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]145 }
146
147 if (l == 0) {
148 if (mls_level_eq(&context->range.level[0],
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]149 &context->range.level[1]))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]150 break;
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]151 else
152 *scontextp++ = '-';
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]153 }
154 }
155
156 *scontext = scontextp;
157 return;
158}
159
Stephen Smalley45e54212007-11-07 10:08:00 -0500[diff] [blame]160int mls_level_isvalid(struct policydb *p, struct mls_level *l)
161{
162 struct level_datum *levdatum;
163 struct ebitmap_node *node;
164 int i;
165
166 if (!l->sens || l->sens > p->p_levels.nprim)
167 return 0;
168 levdatum = hashtab_search(p->p_levels.table,
169 p->p_sens_val_to_name[l->sens - 1]);
170 if (!levdatum)
171 return 0;
172
173 ebitmap_for_each_positive_bit(&l->cat, node, i) {
174 if (i > p->p_cats.nprim)
175 return 0;
176 if (!ebitmap_get_bit(&levdatum->level->cat, i)) {
177 /*
178 * Category may not be associated with
179 * sensitivity.
180 */
181 return 0;
182 }
183 }
184
185 return 1;
186}
187
188int mls_range_isvalid(struct policydb *p, struct mls_range *r)
189{
190 return (mls_level_isvalid(p, &r->level[0]) &&
191 mls_level_isvalid(p, &r->level[1]) &&
192 mls_level_dom(&r->level[1], &r->level[0]));
193}
194
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]195/*
196 * Return 1 if the MLS fields in the security context
197 * structure `c' are valid. Return 0 otherwise.
198 */
199int mls_context_isvalid(struct policydb *p, struct context *c)
200{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]201 struct user_datum *usrdatum;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]202
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]203 if (!p->mls_enabled)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]204 return 1;
205
Stephen Smalley45e54212007-11-07 10:08:00 -0500[diff] [blame]206 if (!mls_range_isvalid(p, &c->range))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]207 return 0;
208
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]209 if (c->role == OBJECT_R_VAL)
210 return 1;
211
212 /*
213 * User must be authorized for the MLS range.
214 */
215 if (!c->user || c->user > p->p_users.nprim)
216 return 0;
217 usrdatum = p->user_val_to_struct[c->user - 1];
218 if (!mls_range_contains(usrdatum->range, c->range))
219 return 0; /* user may not be associated with range */
220
221 return 1;
222}
223
224/*
225 * Set the MLS fields in the security context structure
226 * `context' based on the string representation in
227 * the string `*scontext'. Update `*scontext' to
228 * point to the end of the string representation of
229 * the MLS fields.
230 *
231 * This function modifies the string in place, inserting
232 * NULL characters to terminate the MLS fields.
James Morrisf5c1d5b2005-07-28 01:07:37 -0700[diff] [blame]233 *
234 * If a def_sid is provided and no MLS field is present,
235 * copy the MLS field of the associated default context.
236 * Used for upgraded to MLS systems where objects may lack
237 * MLS fields.
238 *
239 * Policy read-lock must be held for sidtab lookup.
240 *
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]241 */
Stephen Smalley12b29f32008-05-07 13:03:20 -0400[diff] [blame]242int mls_context_to_sid(struct policydb *pol,
243 char oldc,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]244 char **scontext,
James Morrisf5c1d5b2005-07-28 01:07:37 -0700[diff] [blame]245 struct context *context,
246 struct sidtab *s,
247 u32 def_sid)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]248{
249
250 char delim;
251 char *scontextp, *p, *rngptr;
252 struct level_datum *levdatum;
253 struct cat_datum *catdatum, *rngdatum;
254 int l, rc = -EINVAL;
255
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]256 if (!pol->mls_enabled) {
Stephen Smalleye517a0c2005-11-08 21:34:32 -0800[diff] [blame]257 if (def_sid != SECSID_NULL && oldc)
wzt.wzt@gmail.comc1a73682010-04-09 19:30:29 +0800[diff] [blame]258 *scontext += strlen(*scontext) + 1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]259 return 0;
Stephen Smalleye517a0c2005-11-08 21:34:32 -0800[diff] [blame]260 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]261
James Morrisf5c1d5b2005-07-28 01:07:37 -0700[diff] [blame]262 /*
263 * No MLS component to the security context, try and map to
264 * default if provided.
265 */
266 if (!oldc) {
267 struct context *defcon;
268
269 if (def_sid == SECSID_NULL)
270 goto out;
271
272 defcon = sidtab_search(s, def_sid);
273 if (!defcon)
274 goto out;
275
Venkat Yekkirala0efc61e2006-12-12 13:02:41 -0600[diff] [blame]276 rc = mls_context_cpy(context, defcon);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]277 goto out;
James Morrisf5c1d5b2005-07-28 01:07:37 -0700[diff] [blame]278 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]279
280 /* Extract low sensitivity. */
281 scontextp = p = *scontext;
282 while (*p && *p != ':' && *p != '-')
283 p++;
284
285 delim = *p;
Vesa-Matti J Karidf4ea862008-07-20 23:57:01 +0300[diff] [blame]286 if (delim != '\0')
287 *p++ = '\0';
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]288
289 for (l = 0; l < 2; l++) {
Stephen Smalley12b29f32008-05-07 13:03:20 -0400[diff] [blame]290 levdatum = hashtab_search(pol->p_levels.table, scontextp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]291 if (!levdatum) {
292 rc = -EINVAL;
293 goto out;
294 }
295
296 context->range.level[l].sens = levdatum->level->sens;
297
298 if (delim == ':') {
299 /* Extract category set. */
300 while (1) {
301 scontextp = p;
302 while (*p && *p != ',' && *p != '-')
303 p++;
304 delim = *p;
Vesa-Matti J Karidf4ea862008-07-20 23:57:01 +0300[diff] [blame]305 if (delim != '\0')
306 *p++ = '\0';
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]307
308 /* Separate into range if exists */
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]309 rngptr = strchr(scontextp, '.');
310 if (rngptr != NULL) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]311 /* Remove '.' */
Vesa-Matti J Karidf4ea862008-07-20 23:57:01 +0300[diff] [blame]312 *rngptr++ = '\0';
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]313 }
314
Stephen Smalley12b29f32008-05-07 13:03:20 -0400[diff] [blame]315 catdatum = hashtab_search(pol->p_cats.table,
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]316 scontextp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]317 if (!catdatum) {
318 rc = -EINVAL;
319 goto out;
320 }
321
322 rc = ebitmap_set_bit(&context->range.level[l].cat,
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]323 catdatum->value - 1, 1);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]324 if (rc)
325 goto out;
326
327 /* If range, set all categories in range */
328 if (rngptr) {
329 int i;
330
Stephen Smalley12b29f32008-05-07 13:03:20 -0400[diff] [blame]331 rngdatum = hashtab_search(pol->p_cats.table, rngptr);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]332 if (!rngdatum) {
333 rc = -EINVAL;
334 goto out;
335 }
336
337 if (catdatum->value >= rngdatum->value) {
338 rc = -EINVAL;
339 goto out;
340 }
341
342 for (i = catdatum->value; i < rngdatum->value; i++) {
343 rc = ebitmap_set_bit(&context->range.level[l].cat, i, 1);
344 if (rc)
345 goto out;
346 }
347 }
348
349 if (delim != ',')
350 break;
351 }
352 }
353 if (delim == '-') {
354 /* Extract high sensitivity. */
355 scontextp = p;
356 while (*p && *p != ':')
357 p++;
358
359 delim = *p;
Vesa-Matti J Karidf4ea862008-07-20 23:57:01 +0300[diff] [blame]360 if (delim != '\0')
361 *p++ = '\0';
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]362 } else
363 break;
364 }
365
366 if (l == 0) {
367 context->range.level[1].sens = context->range.level[0].sens;
368 rc = ebitmap_cpy(&context->range.level[1].cat,
369 &context->range.level[0].cat);
370 if (rc)
371 goto out;
372 }
373 *scontext = ++p;
374 rc = 0;
375out:
376 return rc;
377}
378
379/*
Darrel Goeddel376bd9c2006-02-24 15:44:05 -0600[diff] [blame]380 * Set the MLS fields in the security context structure
381 * `context' based on the string representation in
382 * the string `str'. This function will allocate temporary memory with the
383 * given constraints of gfp_mask.
384 */
385int mls_from_string(char *str, struct context *context, gfp_t gfp_mask)
386{
387 char *tmpstr, *freestr;
388 int rc;
389
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]390 if (!policydb.mls_enabled)
Darrel Goeddel376bd9c2006-02-24 15:44:05 -0600[diff] [blame]391 return -EINVAL;
392
393 /* we need freestr because mls_context_to_sid will change
394 the value of tmpstr */
395 tmpstr = freestr = kstrdup(str, gfp_mask);
396 if (!tmpstr) {
397 rc = -ENOMEM;
398 } else {
Stephen Smalley12b29f32008-05-07 13:03:20 -0400[diff] [blame]399 rc = mls_context_to_sid(&policydb, ':', &tmpstr, context,
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]400 NULL, SECSID_NULL);
Darrel Goeddel376bd9c2006-02-24 15:44:05 -0600[diff] [blame]401 kfree(freestr);
402 }
403
404 return rc;
405}
406
407/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]408 * Copies the MLS range `range' into `context'.
409 */
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]410int mls_range_set(struct context *context,
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]411 struct mls_range *range)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]412{
413 int l, rc = 0;
414
415 /* Copy the MLS range into the context */
416 for (l = 0; l < 2; l++) {
417 context->range.level[l].sens = range->level[l].sens;
418 rc = ebitmap_cpy(&context->range.level[l].cat,
419 &range->level[l].cat);
420 if (rc)
421 break;
422 }
423
424 return rc;
425}
426
427int mls_setup_user_range(struct context *fromcon, struct user_datum *user,
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]428 struct context *usercon)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]429{
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]430 if (policydb.mls_enabled) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]431 struct mls_level *fromcon_sen = &(fromcon->range.level[0]);
432 struct mls_level *fromcon_clr = &(fromcon->range.level[1]);
433 struct mls_level *user_low = &(user->range.level[0]);
434 struct mls_level *user_clr = &(user->range.level[1]);
435 struct mls_level *user_def = &(user->dfltlevel);
436 struct mls_level *usercon_sen = &(usercon->range.level[0]);
437 struct mls_level *usercon_clr = &(usercon->range.level[1]);
438
439 /* Honor the user's default level if we can */
Eric Parisf5269712008-05-14 11:27:45 -0400[diff] [blame]440 if (mls_level_between(user_def, fromcon_sen, fromcon_clr))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]441 *usercon_sen = *user_def;
Eric Parisf5269712008-05-14 11:27:45 -0400[diff] [blame]442 else if (mls_level_between(fromcon_sen, user_def, user_clr))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]443 *usercon_sen = *fromcon_sen;
Eric Parisf5269712008-05-14 11:27:45 -0400[diff] [blame]444 else if (mls_level_between(fromcon_clr, user_low, user_def))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]445 *usercon_sen = *user_low;
Eric Parisf5269712008-05-14 11:27:45 -0400[diff] [blame]446 else
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]447 return -EINVAL;
448
449 /* Lower the clearance of available contexts
450 if the clearance of "fromcon" is lower than
451 that of the user's default clearance (but
452 only if the "fromcon" clearance dominates
453 the user's computed sensitivity level) */
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]454 if (mls_level_dom(user_clr, fromcon_clr))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]455 *usercon_clr = *fromcon_clr;
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]456 else if (mls_level_dom(fromcon_clr, user_clr))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]457 *usercon_clr = *user_clr;
Eric Paris1a5e6f82008-04-18 17:38:32 -0400[diff] [blame]458 else
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]459 return -EINVAL;
460 }
461
462 return 0;
463}
464
465/*
466 * Convert the MLS fields in the security context
467 * structure `c' from the values specified in the
468 * policy `oldp' to the values specified in the policy `newp'.
469 */
470int mls_convert_context(struct policydb *oldp,
471 struct policydb *newp,
472 struct context *c)
473{
474 struct level_datum *levdatum;
475 struct cat_datum *catdatum;
476 struct ebitmap bitmap;
Stephen Smalley782ebb92005-09-03 15:55:16 -0700[diff] [blame]477 struct ebitmap_node *node;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]478 int l, i;
479
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]480 if (!policydb.mls_enabled)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]481 return 0;
482
483 for (l = 0; l < 2; l++) {
484 levdatum = hashtab_search(newp->p_levels.table,
485 oldp->p_sens_val_to_name[c->range.level[l].sens - 1]);
486
487 if (!levdatum)
488 return -EINVAL;
489 c->range.level[l].sens = levdatum->level->sens;
490
491 ebitmap_init(&bitmap);
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]492 ebitmap_for_each_positive_bit(&c->range.level[l].cat, node, i) {
493 int rc;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]494
KaiGai Kohei9fe79ad2007-09-29 02:20:55 +0900[diff] [blame]495 catdatum = hashtab_search(newp->p_cats.table,
496 oldp->p_cat_val_to_name[i]);
497 if (!catdatum)
498 return -EINVAL;
499 rc = ebitmap_set_bit(&bitmap, catdatum->value - 1, 1);
500 if (rc)
501 return rc;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]502 }
503 ebitmap_destroy(&c->range.level[l].cat);
504 c->range.level[l].cat = bitmap;
505 }
506
507 return 0;
508}
509
510int mls_compute_sid(struct context *scontext,
511 struct context *tcontext,
512 u16 tclass,
513 u32 specified,
514 struct context *newcontext)
515{
Stephen Smalley2f3e82d2010-01-07 15:55:16 -0500[diff] [blame]516 struct range_trans rtr;
517 struct mls_range *r;
Darrel Goeddelf3f87712006-09-25 23:31:59 -0700[diff] [blame]518
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]519 if (!policydb.mls_enabled)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]520 return 0;
521
522 switch (specified) {
523 case AVTAB_TRANSITION:
Darrel Goeddelf3f87712006-09-25 23:31:59 -0700[diff] [blame]524 /* Look for a range transition rule. */
Stephen Smalley2f3e82d2010-01-07 15:55:16 -0500[diff] [blame]525 rtr.source_type = scontext->type;
526 rtr.target_type = tcontext->type;
527 rtr.target_class = tclass;
528 r = hashtab_search(policydb.range_tr, &rtr);
529 if (r)
530 return mls_range_set(newcontext, r);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]531 /* Fallthrough */
532 case AVTAB_CHANGE:
Stephen Smalleyc6d3aaa2009-09-30 13:37:50 -0400[diff] [blame]533 if (tclass == policydb.process_class)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]534 /* Use the process MLS attributes. */
Venkat Yekkirala0efc61e2006-12-12 13:02:41 -0600[diff] [blame]535 return mls_context_cpy(newcontext, scontext);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]536 else
537 /* Use the process effective MLS attributes. */
Venkat Yekkirala0efc61e2006-12-12 13:02:41 -0600[diff] [blame]538 return mls_context_cpy_low(newcontext, scontext);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]539 case AVTAB_MEMBER:
Eamon Walsh2e08c0c2008-01-24 15:30:52 -0500[diff] [blame]540 /* Use the process effective MLS attributes. */
541 return mls_context_cpy_low(newcontext, scontext);
Amerigo Wang08e3daf2009-12-03 03:48:28 -0500[diff] [blame]542
543 /* fall through */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]544 }
545 return -EINVAL;
546}
547
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]548#ifdef CONFIG_NETLABEL
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]549/**
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]550 * mls_export_netlbl_lvl - Export the MLS sensitivity levels to NetLabel
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]551 * @context: the security context
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]552 * @secattr: the NetLabel security attributes
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]553 *
554 * Description:
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]555 * Given the security context copy the low MLS sensitivity level into the
556 * NetLabel MLS sensitivity level field.
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]557 *
558 */
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]559void mls_export_netlbl_lvl(struct context *context,
560 struct netlbl_lsm_secattr *secattr)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]561{
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]562 if (!policydb.mls_enabled)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]563 return;
564
Paul Moore16efd452008-01-29 08:37:59 -0500[diff] [blame]565 secattr->attr.mls.lvl = context->range.level[0].sens - 1;
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]566 secattr->flags |= NETLBL_SECATTR_MLS_LVL;
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]567}
568
569/**
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]570 * mls_import_netlbl_lvl - Import the NetLabel MLS sensitivity levels
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]571 * @context: the security context
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]572 * @secattr: the NetLabel security attributes
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]573 *
574 * Description:
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]575 * Given the security context and the NetLabel security attributes, copy the
576 * NetLabel MLS sensitivity level into the context.
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]577 *
578 */
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]579void mls_import_netlbl_lvl(struct context *context,
580 struct netlbl_lsm_secattr *secattr)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]581{
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]582 if (!policydb.mls_enabled)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]583 return;
584
Paul Moore16efd452008-01-29 08:37:59 -0500[diff] [blame]585 context->range.level[0].sens = secattr->attr.mls.lvl + 1;
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]586 context->range.level[1].sens = context->range.level[0].sens;
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]587}
588
589/**
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]590 * mls_export_netlbl_cat - Export the MLS categories to NetLabel
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]591 * @context: the security context
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]592 * @secattr: the NetLabel security attributes
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]593 *
594 * Description:
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]595 * Given the security context copy the low MLS categories into the NetLabel
596 * MLS category field. Returns zero on success, negative values on failure.
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]597 *
598 */
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]599int mls_export_netlbl_cat(struct context *context,
600 struct netlbl_lsm_secattr *secattr)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]601{
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]602 int rc;
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]603
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]604 if (!policydb.mls_enabled)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]605 return 0;
606
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]607 rc = ebitmap_netlbl_export(&context->range.level[0].cat,
Paul Moore16efd452008-01-29 08:37:59 -0500[diff] [blame]608 &secattr->attr.mls.cat);
609 if (rc == 0 && secattr->attr.mls.cat != NULL)
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]610 secattr->flags |= NETLBL_SECATTR_MLS_CAT;
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]611
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]612 return rc;
613}
614
615/**
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]616 * mls_import_netlbl_cat - Import the MLS categories from NetLabel
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]617 * @context: the security context
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]618 * @secattr: the NetLabel security attributes
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]619 *
620 * Description:
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]621 * Copy the NetLabel security attributes into the SELinux context; since the
622 * NetLabel security attribute only contains a single MLS category use it for
623 * both the low and high categories of the context. Returns zero on success,
624 * negative values on failure.
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]625 *
626 */
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]627int mls_import_netlbl_cat(struct context *context,
628 struct netlbl_lsm_secattr *secattr)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]629{
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]630 int rc;
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]631
Guido Trentalancia0719aaf52010-02-03 16:40:20 +0100[diff] [blame]632 if (!policydb.mls_enabled)
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]633 return 0;
634
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]635 rc = ebitmap_netlbl_import(&context->range.level[0].cat,
Paul Moore16efd452008-01-29 08:37:59 -0500[diff] [blame]636 secattr->attr.mls.cat);
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]637 if (rc != 0)
638 goto import_netlbl_cat_failure;
639
640 rc = ebitmap_cpy(&context->range.level[1].cat,
641 &context->range.level[0].cat);
642 if (rc != 0)
643 goto import_netlbl_cat_failure;
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]644
645 return 0;
646
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]647import_netlbl_cat_failure:
Venkat Yekkirala7420ed22006-08-04 23:17:57 -0700[diff] [blame]648 ebitmap_destroy(&context->range.level[0].cat);
649 ebitmap_destroy(&context->range.level[1].cat);
650 return rc;
651}
Paul Moore02752762006-11-29 13:18:18 -0500[diff] [blame]652#endif /* CONFIG_NETLABEL */