From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753676AbbJNMnF (ORCPT ); Wed, 14 Oct 2015 08:43:05 -0400 Received: from mailout2.w1.samsung.com ([210.118.77.12]:51516 "EHLO mailout2.w1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753515AbbJNMmm (ORCPT ); Wed, 14 Oct 2015 08:42:42 -0400 X-AuditID: cbfec7f4-f79c56d0000012ee-12-561e4db78b83 From: Lukasz Pawelczyk To: "David S. Miller" , "Eric W. Biederman" , "Serge E. Hallyn" , Al Viro , Alexey Dobriyan , Andrew Morton , Andy Lutomirski , Calvin Owens , Casey Schaufler , David Howells , Eric Dumazet , Eric Paris , Greg Kroah-Hartman , James Morris , Jann Horn , Jiri Slaby , Joe Perches , John Johansen , Jonathan Corbet , Kees Cook , Lukasz Pawelczyk , Mauro Carvalho Chehab , NeilBrown , Paul Moore , Serge Hallyn , Stephen Smalley , Tejun Heo , Tetsuo Handa , containers@lists.linuxfoundation.org, linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov Cc: Lukasz Pawelczyk Subject: [PATCH v4 06/11] smack: don't use implicit star to display smackfs/syslog Date: Wed, 14 Oct 2015 14:42:00 +0200 Message-id: <1444826525-9758-7-git-send-email-l.pawelczyk@samsung.com> X-Mailer: git-send-email 2.4.3 In-reply-to: <1444826525-9758-1-git-send-email-l.pawelczyk@samsung.com> References: <1444826525-9758-1-git-send-email-l.pawelczyk@samsung.com> X-Brightmail-Tracker: H4sIAAAAAAAAAzWRa0hTYRjHe7d3Z8fR4nS0PJkXmpQReYOCBynrg+lBECK8kH2wpQcnuSmb morF1GlpZqaJt1naksoLCxPNW5aiTrxMUwMzzbzSxRsZiqbmlL49z//3e/h/eEg+3YetyDBF FKdUSMMlhAh3b3UOOdb52Pq7jHYA5CV6g1ZfSYC+xA7Ga9cJ6N56KYTp93cRaI0aDAtJGxi2 azVCmOmYFELat14+JOv0BGz/PA2ZU1fAMDsjgKKvUxgMKykEPH69xIOe+3LoyS7lQWnqcwxN zV0YBhu0BCxlTBJgbKgSQMVsLDQ/VWMYzc7DUKRZEEBbo44POdOtGPoS5zAY+/uEsP6iHYFx s1Nw0Z4tVD8g2CL1AGZrXo3w2EfJC0K2vnBMyJZUR7OfGq+y9VXlPLa6PI1gDfkbmG0prhSy G2s5iNVl5gjY5ZnPO5cPd/zeP4GXrQNF50K48LAYTunsfl0kS/8whCKnLGOz1yaQGi3R6ciM ZKgzzLJhAO3Nh5n+cT2RjkQkTZUhZuXJsHBvSeQxY5v3sMkiKBdmtb+ZbwIWVJaI0WQNESbA pxyYsqLkHYkkzSlfpr3MzBRj6jgzaRzZbRBTnkzH8A/eXpst06df2dXNKC+mJuW8KaZ3lJas MZyFxCVoXzk6xEUHR6puhMpdnVRSuSpaEeoUHCGvRntfXnmLdB1urYgikWS/WFZh408LpDGq OHkrYki+xEL818XWnxaHSOPiOWVEkDI6nFO1oqMklliKixsWfWkqVBrF3eS4SE75n/JIMys1 snZnDtAXbrnOfffIDchd1PJq450berrEtMK6Kd//XcCxAoegszC+dMJvMXVIUjnFycy9deNa 1Zir9lq3h9sRh6SFX52TH2/7ffH03qxwbJw/qXjDro1oNn9fGizweZawaLDzITIm5uu8ZPNl chvlHXvHylVx4UG6PKEtPaJJLcEqmdT1FF+pkv4DpiJDv+ECAAA= Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Smackfs/syslog is analogous to onlycap and unconfined. When not filled they don't do anything. In such cases onlycap and unconfined displayed nothing when read, but syslog unconditionally displayed star. This doesn't work well with namespaces where the star could have been unmapped. Besides the meaning of this star was different then a star that could be written to this file. This was misleading. This also brings syslog read/write functions on par with onlycap and unconfined where it is possible to reset the value to NULL as should be possible according to comment in smackfs.c describing smack_syslog_label variable. Before that the initial state was to allow (smack_syslog_label was NULL), but after writing star to it the current had to be labeled star as well to have an access, even thought reading the smackfs/syslog returned the same result in both cases. Signed-off-by: Lukasz Pawelczyk Acked-by: Serge Hallyn --- security/smack/smackfs.c | 42 +++++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index ce8d503..05e09ee2 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -2634,23 +2634,20 @@ static const struct file_operations smk_change_rule_ops = { static ssize_t smk_read_syslog(struct file *filp, char __user *buf, size_t cn, loff_t *ppos) { - struct smack_known *skp; + char *smack = ""; ssize_t rc = -EINVAL; int asize; if (*ppos != 0) return 0; - if (smack_syslog_label == NULL) - skp = &smack_known_star; - else - skp = smack_syslog_label; + if (smack_syslog_label != NULL) + smack = smack_syslog_label->smk_known; - asize = strlen(skp->smk_known) + 1; + asize = strlen(smack) + 1; if (cn >= asize) - rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, - asize); + rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); return rc; } @@ -2678,16 +2675,31 @@ static ssize_t smk_write_syslog(struct file *file, const char __user *buf, if (data == NULL) return -ENOMEM; - if (copy_from_user(data, buf, count) != 0) + if (copy_from_user(data, buf, count) != 0) { rc = -EFAULT; - else { - skp = smk_import_entry(data, count); - if (IS_ERR(skp)) - rc = PTR_ERR(skp); - else - smack_syslog_label = skp; + goto freeout; } + /* + * Clear the smack_syslog_label on invalid label errors. This means + * that we can pass a null string to unset the syslog value. + * + * Importing will also reject a label beginning with '-', + * so "-syslog" will also work. + * + * But do so only on invalid label, not on system errors. + */ + skp = smk_import_entry(data, count); + if (PTR_ERR(skp) == -EINVAL) + skp = NULL; + else if (IS_ERR(skp)) { + rc = PTR_ERR(skp); + goto freeout; + } + + smack_syslog_label = skp; + +freeout: kfree(data); return rc; } -- 2.4.3