From patchwork Tue Apr 19 20:58:24 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 8883381 Return-Path: X-Original-To: patchwork-selinux@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 227C29F36E for ; Tue, 19 Apr 2016 21:01:03 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 763B1201BC for ; Tue, 19 Apr 2016 21:01:02 +0000 (UTC) Received: from emvm-gh1-uea09.nsa.gov (emvm-gh1-uea09.nsa.gov [8.44.101.9]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 806B22010C for ; Tue, 19 Apr 2016 21:01:01 +0000 (UTC) X-TM-IMSS-Message-ID: <9f46ab9e0006243a@nsa.gov> Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov ([10.208.42.194]) with ESMTP (TREND IMSS SMTP Service 7.1) id 9f46ab9e0006243a ; Tue, 19 Apr 2016 16:59:09 -0400 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3JKwU96004027; Tue, 19 Apr 2016 16:58:42 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u3JKwTfp056896 for ; Tue, 19 Apr 2016 16:58:29 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3JKwT9X004025 for ; Tue, 19 Apr 2016 16:58:29 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1DCAAAgmxZXkxy3hNFeHAGENzSnQJAnhA6IJgEBAQEBARMBAQEBCQsJCSGFGgSBAgUCJgJJKYgpnD+PXZF2fIUlgX2HWYI0glYFjVOKO5dMhVQCjyuCGAxCEQmBZiAwh1gfgRwBAQE X-IPAS-Result: A1DCAAAgmxZXkxy3hNFeHAGENzSnQJAnhA6IJgEBAQEBARMBAQEBCQsJCSGFGgSBAgUCJgJJKYgpnD+PXZF2fIUlgX2HWYI0glYFjVOKO5dMhVQCjyuCGAxCEQmBZiAwh1gfgRwBAQE X-IronPort-AV: E=Sophos;i="5.24,507,1454994000"; d="scan'208";a="5394165" Received: from emvm-gh1-uea09.nsa.gov ([10.208.42.194]) by goalie.tycho.ncsc.mil with ESMTP; 19 Apr 2016 16:58:28 -0400 X-TM-IMSS-Message-ID: <9f45b47400062411@nsa.gov> Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by nsa.gov ([10.208.42.194]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 ADH-AES256-SHA (256/256)) id 9f45b47400062411 ; Tue, 19 Apr 2016 16:58:05 -0400 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C5BAFC05E16B for ; Tue, 19 Apr 2016 20:58:25 +0000 (UTC) Received: from [127.0.0.1] (vpn-234-242.phx2.redhat.com [10.3.234.242]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u3JKwOVK006077; Tue, 19 Apr 2016 16:58:25 -0400 Subject: [PATCH] selinux: don't revalidate an inode's label when explicitly setting it From: Paul Moore To: selinux@tycho.nsa.gov Date: Tue, 19 Apr 2016 16:58:24 -0400 Message-ID: <146109950464.27582.1509630911792878943.stgit@localhost> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 X-TM-AS-MML: disable X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Paul Moore There is no point in attempting to revalidate an inode's security label when we are in the process of setting it. Reported-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index fce7dc8..f8ecc0a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -297,6 +297,13 @@ static struct inode_security_struct *inode_security(struct inode *inode) return inode->i_security; } +static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) +{ + struct inode *inode = d_backing_inode(dentry); + + return inode->i_security; +} + /* * Get the security label of a dentry's backing inode. */ @@ -686,7 +693,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, struct superblock_security_struct *sbsec = sb->s_security; const char *name = sb->s_type->name; struct dentry *root = sbsec->sb->s_root; - struct inode_security_struct *root_isec = backing_inode_security(root); + struct inode_security_struct *root_isec; u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0; u32 defcontext_sid = 0; char **mount_options = opts->mnt_opts; @@ -729,6 +736,8 @@ static int selinux_set_mnt_opts(struct super_block *sb, && (num_opts == 0)) goto out; + root_isec = backing_inode_security_novalidate(root); + /* * parse the mount options, check if they are valid sids. * also check if someone is trying to mount the same sb more @@ -3222,7 +3231,7 @@ out_nofree: static int selinux_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) { - struct inode_security_struct *isec = inode_security(inode); + struct inode_security_struct *isec = inode_security_novalidate(inode); u32 newsid; int rc;