From patchwork Wed Oct 31 12:27:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ondrej Mosnacek X-Patchwork-Id: 10662589 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 01EF615E9 for ; Wed, 31 Oct 2018 12:32:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DDF142A3F1 for ; Wed, 31 Oct 2018 12:32:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D0B9D2A400; Wed, 31 Oct 2018 12:32:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from uhil19pa11.eemsg.mail.mil (uhil19pa11.eemsg.mail.mil [214.24.21.84]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA256 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 66FC52A3F1 for ; Wed, 31 Oct 2018 12:32:38 +0000 (UTC) X-EEMSG-check-008: 352077010|UHIL19PA11_EEMSG_MP9.csd.disa.mil Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by uhil19pa11.eemsg.mail.mil with ESMTP/TLS/DHE-RSA-AES256-SHA256; 31 Oct 2018 12:32:34 +0000 X-IronPort-AV: E=Sophos;i="5.54,447,1534809600"; d="scan'208";a="17390258" IronPort-PHdr: 9a23:Fwdi4RLQoXv7SNo5mNmcpTZWNBhigK39O0sv0rFitYgTKvX7rarrMEGX3/hxlliBBdydt6obzbKO+4nbGkU4qa6bt34DdJEeHzQksu4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1Ov71GonPhMiryuy+4ZLebxlKiTanfb9+MAi9oBnMuMURnYZsMLs6xAHTontPdeRWxGdoKkyWkh3h+Mq+/4Nt/jpJtf45+MFOTav1f6IjTbxFFzsmKHw65NfqtRbYUwSC4GYXX3gMnRpJBwjF6wz6Xov0vyDnuOdxxDWWMMvrRr0vRz+s87lkRwPpiCcfNj427mfXitBrjKlGpB6tvgFzz5LIbI2QMvdxcLndfdcHTmRfWMhfWTFKDoelY4cSE+YNOOBVpJT/qVQTtxuzHQmiCv3hxDFLgXH536M63fk5EQzEwQAtEd0Bv2jbotrrL6cfSvy1wavSwDnfdf5axSnx5Y7VeR4hu/GMWrdwfNLIx0kpCgzFlEufqY74ND2S0eQNqG6b4PB8Wu2xiG4stgZ8oj+qxscrkYnJgJgaxUza+ihi2oY6O8C3SE5hbt64CpdfqyaaN45vT84kXmpmuz46x6UbtZO0cyUG0pQqywPFZ/CZfIWE/AjvWPuJLTtmmX5odqiziwuw/EWg0OHxWMu53ExXoiZZlNTHq2oD2AbJ6sedT/tw5kKh2TGS2A/N8uxEOkU0lbbDK54m374wioIfsUTdES/yn0X7lLOWeV8++uip9uTnea/qpoOcNoBoigH+Nb4imsqjDuQjLgcCRW2b+eW41LH7/E35RqtFjuEun6XEv53XKt4Xq66kDwNPzIou5AizAy273NgAmHkINlNFeBaJj4jzPFHOJej1DeyhjFSokTdrwe3GP7L4DprWKXjDjbHhcqpj5E5H0wcz0dBe6I5UCrEGOv7zXFTxu8bCAh82NAy03f7rCM9h2YMGRWKPHqiZPbvQsV+P4OIgOfWMZI8Ptzb7MPUl5fnujXk8mVAHZqmpwYUYaGqjHvh8JEWZe3XsiM8bEWgWpgo+UPDqiFqaXD5RZXa9Rb4z5jIgCIKhC4fDR56tjaeP3Ce/A51XaXtJCk2KEXf0aoWIQfAMaDidIsV5iDwLSaChS5M91RGprAL7xbtnLu7R+iIGr5Luz9Z16PPOmhE17zx7Fdyd03uKT2F2gGwHWyM20Lp4oUxnxVeJybJ4jOBAFdxP+/NJVR83OoPAwOx/DNDyXB7BcsqSRVa4XNqmGzAxT9M2w98IeUp9Hcutjgzb1SqwH7AVj6CLBIAz8q/E3Hj+PcV9y3Hb1KQ6jFkpWMhPNWq7hqJl8AjTHYHJmV2Dl6m2baQcwDLN9GCbwGWUoU5YSg9wXrvfXX0EfETZsdH56lnFT7+0BrQtKhFBxtKaKqtWdt3pik1LS+v5N9TafW2xgHuwBBaPxr6Xd4rlZ2Qd0zvbCEgYkgAc52yKNQ4gCSe9u2jeFiBhFUrzY0Pw9ulzsGm7QVIpwAyRYE1h0rW09gQThfOCV/MZxqgEtzs5qzVoAFa92MrbC8GOpwp7e6Vces897Uxc1WLfsAx8MJmgILpkhlIEdQR4oV/u3Q1tCopcicgqsG8qzA1qJKOWylxBcy+Y0o7qOr3MMWTy4g6ga7TN1VHD1daa4KAP6O43q1/7pgGmClIi82l709lSy3ac4JTKDA4WUZ3vSUY67AJ1qK/AYik6/Y/U0mdsMaasuD/Yx90pHPclygqnf9pHLayECBX9E9cBCseyL+wqnkSmYQgfPOBO7qI0Od2pd+ee0q6xIOlghC6mjXhA4I1lzEKM9jZzSvLP35Yf2f2XwguHVzD6jFeuqc33nYFEZTcIEWqlzijoHolRZrd9fYwTE2ehP9W3xslih57qQ3NY8F+jB0ga2MOwYhqdcVj93QxW1UQKrn2qgjC4zyR1kzEvr6qQwDfOz/7kdBUZJm5BXHNigkv0IYiok9AaW1ClbxIulBuh4Ub12bJbq7h4L2jdWkpIZDX2IH15UqeqsbqCecFP4osysSpLSOS8fUyaSrnlrhsZzSzjGXBeySs4dz60vJX5hBp6h3yBLHppq3rZY85wzw/F5NPAXf5RwiYGRC5ghDnPHFe8It2p8suMl5jZtOC+S3yuVodIfCn21oOPqjG75XZwDR2kmPCzh8fnHhQk3i/10NlqTyrIowjmbontyau6LfptflN0C1/k98p6BoZ+n5MuhJEWxHcXnYuV/XwanmfzK9lb37zxbGYVTz4R39HV+BTl2FFkLn+R34L2TGidws96atamY2MWxiI849lECKiO6rxIhyx1okC3rQjJe/hygi8dyecy6H4dm+wJthAiziOBArAVGElVJiLsmAqV4NC5tqVYfn6vcaK31Ep8g9+uEK2CrhtbWHbjdZcoBTVw4dlnMFLQzH3z7ZnpeNzKYtIXsh2bjQvAj/RPJ50rjfcKgzRoOX7mvXI50eE7lQJh0Yu8vIeZN2Vn5Li5DQJANj3pe8MT/SngjahEnsmIwo+vBY9uGjMXXJvvVvKlCygduujiNwqUFz08sHibE6LFHQCD8Edms27PE5ezOnGPOnYW1sttRB+cJExDhwAZRzQ6kYAnGQ+03sDhd1155j8J7F7ithRM0v5oNwX4UmrHvwincTA4SJyeLBpN8gFC/F3ZMdeA4e1vBS1Y5YOurAiMKmydegRJAnoEVVCEBlD5I7mu/sPM8uaCCeqiNPvOZrOOpfZZV/eSypKlypFm8CqUNsWTInliCOU21VFCXXB2HMTZnS4CRDEJmC3Wbs6UvhG89jdwrsCl//ThQBjv6peXC7tOLdVv/Ai7gaWDN++QnCZ5LjJY1pIQxXDW07Uf2V8Siz10dzazC7gAsjTNTK3IkK9NExEbcz9zNNdP768k3QlMOcrbhc3u2759if41BVlFWkL9msG1ZcwKJGS9O03dCEaNKruGOSXBw9vrbqOkVb1QkOJUugWutjaDCUDjJDWDlyLyWhC3K+5MliCbPAdGuIG5aBliFXbsQMjhah2hP999lSc2zqEshnPWKW4cNiBxc0VTobKK6SNVmfZ/G2ta7np5N+aEnT2Z7+rZKpoMt/tkHDh0nfpA4Hsm07tV8D1ERPttlSvIsNFuuE+pnfOVyjV7UBpDsS1EhIORvUp/PqXZ+IFAWWza8xMN92mQDQoFp8d9AN31p69Q0sTPlL70KDpa7t3U+s0cB87JJ82ZNHohMAHkFyTKAwsfSj6nL2bfh1ZSkPuK7H2asoA6qoTwmJoJUrJUSUY6Fu0bCkt4B9wPO414Xik+kb6cgs8I/mSxowXMRMVAv5DHSvKTDe/pKDmHkblOfwEIzq/gLYQPKo373FRval19nITQBUXQW9FMoip6Yw87pkVN7WJyTmop20Lqcgmt+mMcFeaonh4qjQtzef8t+yno41c2IFrKuSQxnVItltXihDCebCT+LLysXY1MDSr7qVQxOIvhQwlpdQ2ygVBkNDDcSrJNjrtgcGdriBPcuZpPAvNTUKxEYR8Kyv6Mffko10pTqjm/z09d+eTFEYdilBctcZO0tX1A3wNjY8IrKqPIIapIzl5QhqWIviCyze0+2w4eKFwL8G+Ldi4IpVYENr84KCq05uZs8xCNmyNfeGgQUPonuull+V07O+mb1S3vzqBDJV6rN+yENayZoWjBmdSPQlMq2UMCj1NF8qRu0cc/b0qUUFgizLSMFxQIMcrCLR9ab89J+XfOYymBquTNzohzP4mnEeDoV+COvr4Ogk24BAYpA5gM7sMZE5m21kHYLNvoLL4CyRUp/wTlPEyLAulTdh+XlzkKuN2wzJhy3YZBPD4dGnl9PT+x5rnJug8gmOCDU8suYncGQosEMWo7WNeglC5DuHRPFyK60v4DyAeY8T/zuCDQDDj6b9psYPeUZBxsCNGq+TUx6ae2k1vX/o/YJ27kKdRoosXP5v8Cp5abF/NUSqFwsknGl4ZER3yqUmvPEd+vKJjzcIQsbML7BWikXVCljDI1VcjxNs63LqeUmQHoWZpUsI6D0TAmL8C9DDIeFAlsp+EC4qJ8ahYOYpQhbh7uqws+M6u/IBqF3dW1WWqtLyVZT+VHx+Wge7NX1zYsbvO9yHY4VJ461fS38UgXSJEJlRzexPejZ4hCUSfoAHBdfRvApTYhnWh7Kuky2vs/wA/PsVQELzCLc+lpZXdYv90gAFOdOm96CmwmSF+AlYDD+BKj36gO/ytBmNZZye9FsH/gsZLEfT2jRrerpovPsyo8c9cpvrd9MYr9LcuarJnehCDQTIHMsg2ZVy63D+ZalcVNLyJZWvZInXooNtABuYpE9UU+TNw+J6BVBKkquL+qdSJuDTQOwi8BS4OAwDsCj/+k27vBihefaoktMAAfvZVZhdsdTjR2bT8Aq6+lS4XWjXWLSmwRLAcU9wRM6xoKlpVsceD9/IrIUJhMxiZNrPJ6TiTHCptl+0b1R2yNnVf4T/ChnPCz0gJJ0PLgyN8bVwBjCUJF3eZZilMoKK1rK6kXpoPKriWIel3ks23w0+amOV1RydHOd1LiEorFtG38UikC9n0IX4NPz2vfFZsKmQpjdKkrvElMIJyhekvm5Twr3Z5pH76jVcCv3Vkls20LRyK3E9pFF+FmsU7YWDx/bJCts5XpIZJSQnVf+JeFsVdWjF1tMzKlyZpbM8xN4CQDXD5BoTWHu9u9VdNM1NRqD5AWJNd/oHD9FLlCOJePv308oqbvxWPB+zAgrFe6wy2+G6m8T+9C/m0eHAApK36fqkkpAess6H3d8kvRslBu4udUGqSPjVhroDljBJxOASxJ1X+9JVRpUHZGq/laKLjSc8FERfkyZAOgOxs6FfE8xEyF50B0nXD+YyxprQtX4CXdUgY7VCUPhbftgzIeoNm9OTAGU5JIcSkhbyDdJgKfgiBXuRZSZlpkW58HH9lF/Ksb0pFM/srYTkasKz8KUwB+Ng4i1vpfj0FDul2CeS/BFQqoaerPshpvcMeTrc6pKe/0/AJZhYLnru847aQDR3upmQG3R9DRsZP8vMWQtkSSbKf4L/G8YXjZQTjNjBG/n60rAIXR8ijILgVbN4d1xmY+bZjmE27LMgxMJ7gHKEpDSaB6ddJGr/hBaM9lY6YI97ViBhCGRhPzAIygtuRGLlLISDvCKCWO7/KwrpjO7bzHTujgfNaDy2zAQ6JtMZdw8SP7FKvy0Y9C5kr23e9g9ltgRljaLy+BrNrgJgQR5Mmhb0fipYMmHTfXAJd2jXrsyVpNd9INTC227JsYyJ1Y6HHqSeJ7yETzs/Nd96Ni6YYp57Bl08C0Jb3dKf5Cq09oHgCUBhl29pUqGGVwW2JRbfUNJ/rKYasZisTuq+T2F6MJ8h2V5/JWZsfHJ03bncm/ED6cQwRenAgdsT4aMhec1/mdlq9xTsalo/T52k0z7FWlKx4Gzapi5YGa9aqUqu7XaAHRzbsfWqTwQMP8sKgssVuI5fI4jL4OZnB1Ywq/HegSSsEd3Xzgwbk3wywjFc3DHrTg+ONMVn8ikTLgnopyH1MIFf8OGrqL54telH8im+PFLt0WbrxCmmGXGB6mFb8CyXir5zGLL2llhhHOzgz/QGKy7F/wti94QirMwsz9kkpUSLm4H0NSUDeoOUNitjOAIhbovsLtuasp9EE2LnDktNWVmWugJrNYBcv/KceYISkpuV0XjZoxRse11YAcA9q9L88b8GtiYfvG92OrjyhBrr9Ih4ra5cGU9OvYHX2kj6CBsLWNwzZYynkksl0l7NCvKO3O7cWQQ/u0z2YRUzt/uwzZUh67sLzUtVYUNlCK0EfQg4EKO8lZ3Xgh2kH96ukjW8g/9AJEFobPf/kCvyz8OCPowVaDZNI6Tiye0zpUHlL2Fll1A6o813jzvMLOk3ff5VsoSpN2d0P5mRx9F584Jl416FgL3ioDFhAAZguFA7GuGUToNpAEVUwEaRSbwLi6ZLk40lBpzrOo/u/TYvR2B7AROfZFkg6OgF9bF4oOsa0ZRLJzYUVd9aDQpgjmBYjqRP3mlX03Nf2uXM9V7doZt3w54gakRhqg75hD46wciJCSea5OeYLMs9xk70d7+T4PcTRAgBZhgBO9UOAcvP7s78PasZqp7+auUbgiR/8T9xcqHWh+iIHwgF87q9HNy+hcUpHViZj48A1VLX+KoJza0xhgJuUQMI+rebdg92kdJycAPX4OOsCWa/Yk6S93LDrT/0BCAt8LZd4AO8rNnR5bh1bxWLFX7MXbAUOYC4ZveMA09Wr41i46/YE6Uun+9D+8PYrf4E1VP/NfkCVsk8rPpOwUwfrUFSgW7mCVaxx0wiOZ15mNEO39/eSWx9HSUFMKBCk2U51SJDCa4wyoWvK1lIn1UgOT8sLzhYgxe16QRnywmqQFtb1BEfBBiiX9wDdeEoH1h/SIs9uj8mdXsUdHEIlr5x3fBKpfJol7OQj/lsSzREhzHCj/eMbPeRc1peqWwPsM4+V5N0vjao8bIg4Ex6j86XVLUgtkUKT2sUqBXeINeNtmT+vJrnJQ6YJnMa8PJlmdpIfxozdOsl82BREmaL4qojxdbEnOkxVfW7zot74YlgscTdl5tFdXGWK+PWIx+zvKWKdOgamPFvMV6DSTT60JU0VuKC9+RQ262Ik9M4euyOtKtmJAgzNVvvcnyXplSQG6tCmqoLgCnXoY8ay8/BAGvmZIBrGGmjrMIU1K0fBPiKAbEXuk4lu5Niotdoz3tZ5hKd7t98EE5G85aB4ufGVSWuGnECf5hK6gGIGDsNtAwhWKvZOdPveIMSEOO+FlmlrYTH9n312bxU8wqjFZSyi87NIiOIS2MNokwSztA2XAaVIQ+fkX6pnMjXIgF8AOQAo5hmhu19OIACgERciJHmcx3W1GIWlHcZcW7xgcGuFohzuTpaBJ80kSZyucCYWq/ITc3I/I1HAxQM0sxzfQoauI1fZImGZ9lYZS6SiD8G8Xa/SeS9VlV3/20ZxZwOfzT++gvuAOVM1tz7HyNZ1KKdGtrFO/w44iQUq53vIbFlu9PvUEw+LcViC+T2STVMyRfmSMlip/OUn3tnzKZkYvZpJsqEkwevDHmoYalwDlVuZsQT6MoFbA0GE5GeYTdgZzp53+PgJUE6geYO+TIeVoy/o7Wz5uJ3PMFDF9Xve/qkXl3JAuPXJm7A32YP+49AfgPZraFkweHILap4I38vu/Sw== X-IPAS-Result: A2A1AABMoNlb/wHyM5BkGgEBAQEBAgEBAQEHAgEBAQGBVAIBAQEBCwGCAQOBCVwojG2WTY4sgWMOAQEYEwGHdyI3Cg0BAwEBAQEBAQIBbCiCNiQBgmADAwECFwEMExQgCwMDCQEBQAgIAwEtAwEFAQsRBgEHCwUYBIMAgXUNAwGcVjyMBzOFPIRsEocxhCYXgUE/gRGHXQESAYV6AokCBIVqQ49sCYYvg2CGcAsYiTSHG5cKBgIJBw8hgTgiQSNxTSMVO4JsgiYXjhtugQUBAYkPgj4BAQ Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 31 Oct 2018 12:32:32 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9VCWVl0005193; Wed, 31 Oct 2018 08:32:31 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w9VCSgxA014672 for ; Wed, 31 Oct 2018 08:28:42 -0400 Received: from goalie.tycho.ncsc.mil (goalie.tycho.ncsc.mil [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9VCSfx2005132 for ; Wed, 31 Oct 2018 08:28:41 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1B9AAAen9lbly0bGNZkHAEBAQQBAQcEAQGBVAQBAQsBggGBaCiMbZZNkBILAQGEbAKDNSI3Cg0BAwEBAQEBAQIUAQEBAQEGGAaGEwMDGg1SEFE0AQUBHAYBEoMhgXUNAwGcVTyMBzOKKBKHMYQmF4FBP4ERjWsCiQIEhWqQLwmGL4NghnALGIk0hxuXCgYCCQcPIYE4Y4EUTSMVgyeCJg4JjhtujFQBAQ X-IPAS-Result: A1B9AAAen9lbly0bGNZkHAEBAQQBAQcEAQGBVAQBAQsBggGBaCiMbZZNkBILAQGEbAKDNSI3Cg0BAwEBAQEBAQIUAQEBAQEGGAaGEwMDGg1SEFE0AQUBHAYBEoMhgXUNAwGcVTyMBzOKKBKHMYQmF4FBP4ERjWsCiQIEhWqQLwmGL4NghnALGIk0hxuXCgYCCQcPIYE4Y4EUTSMVgyeCJg4JjhtujFQBAQ X-IronPort-AV: E=Sophos;i="5.54,447,1534824000"; d="scan'208";a="403660" Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.35]) by goalie.tycho.ncsc.mil with ESMTP; 31 Oct 2018 08:28:40 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0BiAACRn9lbly0bGNZkHAEBAQQBAQcEAQGBVAQBAQsBggGBaCiMbZZNkBILAQGEbAKDNSI3Cg0BAwEBAQEBAQIBEwEBAQEBBhgGWII2JAGCYAMDGg1SEFE0AQUBHAYBEoMhgXUNAwGcVzyMBzOKKBKHMYQmF4FBP4ERjWsCiQIEhWqQLwmGL4NghnALGIk0hxuXCgYCCQcPIYE4Y4EUTSMVgyeCJg4JjhtujFQBAQ X-IPAS-Result: A0BiAACRn9lbly0bGNZkHAEBAQQBAQcEAQGBVAQBAQsBggGBaCiMbZZNkBILAQGEbAKDNSI3Cg0BAwEBAQEBAQIBEwEBAQEBBhgGWII2JAGCYAMDGg1SEFE0AQUBHAYBEoMhgXUNAwGcVzyMBzOKKBKHMYQmF4FBP4ERjWsCiQIEhWqQLwmGL4NghnALGIk0hxuXCgYCCQcPIYE4Y4EUTSMVgyeCJg4JjhtujFQBAQ X-IronPort-AV: E=Sophos;i="5.54,447,1534809600"; d="scan'208";a="20094524" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from updc3cpa06.eemsg.mail.mil ([214.24.27.45]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 31 Oct 2018 12:28:24 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;9b69261f-b4f5-42d7-affd-4d8602d3fcfc Authentication-Results: UPDC3CPA10.eemsg.mail.mil; dkim=none (message not signed) header.i=none; spf=None smtp.pra=omosnace@redhat.com; spf=Pass smtp.mailfrom=omosnace@redhat.com; spf=None smtp.helo=postmaster@mail-wr1-f67.google.com; dmarc=pass (p=none dis=none) d=redhat.com X-EEMSG-check-008: 55696945|UPDC3CPA10_EEMSG_MP26.csd.disa.mil X-EEMSG-SBRS: 2.7 X-EEMSG-ORIG-IP: 209.85.221.67 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0CdAABan9lbf0PdVdFkHAEBAQQBAQcEAQGBVAQBAQsBhBGMbZZNkBILAQGEbAKDNRoHAQQzCg0BAwEBAQEBAQEBARMBAQkLCwgbDDGCNiQBgmADAxoNUhBRNAEFARwGARKDIYF1DQScVTyMBzOKKAkBCIcxhCYXgUE/gRGNawKJAgSFapAvCYYvg2CGcAsYiTSHG5cKBgIJBw8hgThjgRRNIxWDJ4ImF44bboxUAQE X-IPAS-Result: A0CdAABan9lbf0PdVdFkHAEBAQQBAQcEAQGBVAQBAQsBhBGMbZZNkBILAQGEbAKDNRoHAQQzCg0BAwEBAQEBAQEBARMBAQkLCwgbDDGCNiQBgmADAxoNUhBRNAEFARwGARKDIYF1DQScVTyMBzOKKAkBCIcxhCYXgUE/gRGNawKJAgSFapAvCYYvg2CGcAsYiTSHG5cKBgIJBw8hgThjgRRNIxWDJ4ImF44bboxUAQE Received: from mail-wr1-f67.google.com ([209.85.221.67]) by UPDC3CPA10.eemsg.mail.mil with ESMTP/TLS/AES128-SHA; 31 Oct 2018 12:28:20 +0000 Received: by mail-wr1-f67.google.com with SMTP id t10-v6so16259999wrn.10 for ; Wed, 31 Oct 2018 05:28:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=n8bzctSRLzQeCAPsoW3GGmvQWvyQQuHM3dKsY+z6qOI=; b=p6EsMLs0F4Vrm9lXuZTb0aQmd13bRH8X/mwxlQAQ0X04lLBFPYbgih1LrVjxv0L42A neWDHSHNlPHpAUv7p0k7c7a2NYA3Lvnyv+Sq0QzN5tBmuWfe8cTUfl/Uube3vVvxgLQm P0UZznx0OqEzMbesllhd+k4KRNLTWbFh6Q6zQbvvCNvnAwIxjy528hhUOXkDw4SCLz93 b3RcSyhk8PWGk+pU63xsxmmr9gB7+qqTjgeLXBdNo4D20yZT7FY7IRtR4m7d6v5O/Nfr CmSeWR2HSYjuo6fD4AFf6aXY522Gqp7Cz7g3TyL9328oITnzEl1OfVRL+WQ3yqOXffkl C3CA== X-Gm-Message-State: AGRZ1gL79aOB4psGWSyGKxEX6hTetVLkHsVB9kPU33Fan5ONP+279bPs 61JzkGVfrSalP+paI391YW9gBw== X-Google-Smtp-Source: AJdET5et9DwQFLBb6fcgm/SyAuDNImuI6n9yEKFC3Ir/exQAxTTVkc91ZzzJNc77+EQ7j2OCYHTOkw== X-Received: by 2002:adf:ff05:: with SMTP id k5-v6mr2558359wrr.73.1540988899426; Wed, 31 Oct 2018 05:28:19 -0700 (PDT) Received: from localhost.localdomain.com (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.gmail.com with ESMTPSA id m192-v6sm9131737wmb.29.2018.10.31.05.28.18 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 31 Oct 2018 05:28:18 -0700 (PDT) X-EEMSG-check-009: 444-444 From: Ondrej Mosnacek To: selinux@vger.kernel.org, Paul Moore Date: Wed, 31 Oct 2018 13:27:17 +0100 Message-Id: <20181031122718.18735-2-omosnace@redhat.com> X-Mailer: git-send-email 2.17.2 In-Reply-To: <20181031122718.18735-1-omosnace@redhat.com> References: <20181031122718.18735-1-omosnace@redhat.com> Subject: [PATCH 1/2] selinux: use separate table for initial SID lookup X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Stephen Smalley , selinux@tycho.nsa.gov MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP This patch separates the lookup of the initial SIDs into a separate lookup table (implemented simply by a fixed-size array), in order to pave the way for improving the process of converting the sidtab to a new policy during a policy reload. The initial SIDs are loaded directly and are skipped during sidtab conversion, so handling them separately makes things somewhat simpler. Since there is only a small fixed number of them, they can be stored in a simple lookup table. This patch also moves the fallback-to-unlabeled logic from sidtab.c to the new helper functions in services.c that now handle the unified lookup in both sidtab and isidtab, simplifying the sidtab interface. Signed-off-by: Ondrej Mosnacek --- security/selinux/include/security.h | 3 + security/selinux/ss/mls.c | 6 +- security/selinux/ss/mls.h | 2 +- security/selinux/ss/policydb.c | 24 ++- security/selinux/ss/policydb.h | 26 ++- security/selinux/ss/services.c | 238 +++++++++++++++------------- security/selinux/ss/services.h | 1 + security/selinux/ss/sidtab.c | 29 +--- security/selinux/ss/sidtab.h | 3 +- 9 files changed, 187 insertions(+), 145 deletions(-) diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 23e762d529fa..a1b4b13c2300 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -221,6 +221,9 @@ struct extended_perms { /* definitions of av_decision.flags */ #define AVD_FLAGS_PERMISSIVE 0x0001 +struct context *security_sid_to_context_struct(struct selinux_state *state, + u32 sid, int force); + void security_compute_av(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass, struct av_decision *avd, diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index 2fe459df3c85..cd637ee3fb11 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -235,7 +235,7 @@ int mls_context_to_sid(struct policydb *pol, char oldc, char *scontext, struct context *context, - struct sidtab *s, + struct selinux_state *state, u32 def_sid) { char *sensitivity, *cur_cat, *next_cat, *rngptr; @@ -257,10 +257,10 @@ int mls_context_to_sid(struct policydb *pol, if (!oldc) { struct context *defcon; - if (def_sid == SECSID_NULL) + if (def_sid == SECSID_NULL || state == NULL) return -EINVAL; - defcon = sidtab_search(s, def_sid); + defcon = security_sid_to_context_struct(state, def_sid, 0); if (!defcon) return -EINVAL; diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h index 67093647576d..1eca02c8bc5f 100644 --- a/security/selinux/ss/mls.h +++ b/security/selinux/ss/mls.h @@ -36,7 +36,7 @@ int mls_context_to_sid(struct policydb *p, char oldc, char *scontext, struct context *context, - struct sidtab *s, + struct selinux_state *state, u32 def_sid); int mls_from_string(struct policydb *p, char *str, struct context *context, diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index f4eadd3f7350..8f7cd5f6e033 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -892,16 +892,12 @@ void policydb_destroy(struct policydb *p) * Load the initial SIDs specified in a policy database * structure into a SID table. */ -int policydb_load_isids(struct policydb *p, struct sidtab *s) +int policydb_load_isids(struct policydb *p, struct isidtab *s) { struct ocontext *head, *c; int rc; - rc = sidtab_init(s); - if (rc) { - pr_err("SELinux: out of memory on SID table init\n"); - goto out; - } + isidtab_init(s); head = p->ocontexts[OCON_ISID]; for (c = head; c; c = c->next) { @@ -911,16 +907,30 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s) c->u.name); goto out; } + if (c->sid[0] > SECINITSID_NUM) { + pr_err("SELinux: Initial SID %u out of range.\n", + (unsigned)c->sid[0]); + goto out; + } + if (s->entries[c->sid[0]].set) { + pr_err("SELinux: Duplicit initial SID %u.\n", + (unsigned)c->sid[0]); + goto out; + } - rc = sidtab_insert(s, c->sid[0], &c->context[0]); + rc = context_cpy(&s->entries[c->sid[0]].context, &c->context[0]); if (rc) { pr_err("SELinux: unable to load initial SID %s.\n", c->u.name); goto out; } + + s->entries[c->sid[0]].set = 1; } rc = 0; out: + if (rc != 0) + isidtab_destroy(s); return rc; } diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h index 215f8f30ac5a..0e246bc45c72 100644 --- a/security/selinux/ss/policydb.h +++ b/security/selinux/ss/policydb.h @@ -312,8 +312,32 @@ struct policydb { u32 process_trans_perms; }; +struct isidtab_entry { + int set; + struct context context; +}; + +struct isidtab { + struct isidtab_entry entries[SECINITSID_NUM + 1]; +}; + +static inline void isidtab_init(struct isidtab *t) +{ + u32 i; + for (i = 0; i <= SECINITSID_NUM; i++) + t->entries[i].set = 0; +} + +static inline void isidtab_destroy(struct isidtab *t) +{ + u32 i; + for (i = 0; i <= SECINITSID_NUM; i++) + if (t->entries[i].set) + context_destroy(&t->entries[i].context); +} + extern void policydb_destroy(struct policydb *p); -extern int policydb_load_isids(struct policydb *p, struct sidtab *s); +extern int policydb_load_isids(struct policydb *p, struct isidtab *s); extern int policydb_context_isvalid(struct policydb *p, struct context *c); extern int policydb_class_isvalid(struct policydb *p, unsigned int class); extern int policydb_type_isvalid(struct policydb *p, unsigned int type); diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 12e414394530..550a00004139 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -89,6 +89,42 @@ void selinux_ss_init(struct selinux_ss **ss) *ss = &selinux_ss; } +struct context *security_sid_to_context_struct(struct selinux_state *state, + u32 sid, int force) +{ + struct isidtab *isidtab = state->ss->isidtab; + struct sidtab *sidtab = &state->ss->sidtab; + + if (sid <= SECINITSID_NUM) { + if (isidtab->entries[sid].set) + return &isidtab->entries[sid].context; + } else { + struct context *context = sidtab_lookup(sidtab, sid); + if (context && (!context->len || force)) + return context; + } + if (isidtab->entries[SECINITSID_UNLABELED].set) + return &isidtab->entries[SECINITSID_UNLABELED].context; + return NULL; +} + +static int security_context_struct_to_sid(struct selinux_state *state, + struct context *context, u32 *sid) +{ + struct isidtab *isidtab = state->ss->isidtab; + struct sidtab *sidtab = &state->ss->sidtab; + u32 i; + + for (i = 0; i <= SECINITSID_NUM; i++) + if (isidtab->entries[i].set && + context_cmp(context, &isidtab->entries[i].context)) { + *sid = i; + return 0; + } + + return sidtab_context_to_sid(sidtab, context, sid); +} + /* Forward declaration. */ static int context_struct_to_string(struct policydb *policydb, struct context *context, @@ -760,7 +796,6 @@ static int security_compute_validatetrans(struct selinux_state *state, u16 orig_tclass, bool user) { struct policydb *policydb; - struct sidtab *sidtab; struct context *ocontext; struct context *ncontext; struct context *tcontext; @@ -776,7 +811,6 @@ static int security_compute_validatetrans(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; if (!user) tclass = unmap_class(&state->ss->map, orig_tclass); @@ -789,7 +823,7 @@ static int security_compute_validatetrans(struct selinux_state *state, } tclass_datum = policydb->class_val_to_struct[tclass - 1]; - ocontext = sidtab_search(sidtab, oldsid); + ocontext = security_sid_to_context_struct(state, oldsid, 0); if (!ocontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, oldsid); @@ -797,7 +831,7 @@ static int security_compute_validatetrans(struct selinux_state *state, goto out; } - ncontext = sidtab_search(sidtab, newsid); + ncontext = security_sid_to_context_struct(state, newsid, 0); if (!ncontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, newsid); @@ -805,7 +839,7 @@ static int security_compute_validatetrans(struct selinux_state *state, goto out; } - tcontext = sidtab_search(sidtab, tasksid); + tcontext = security_sid_to_context_struct(state, tasksid, 0); if (!tcontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, tasksid); @@ -864,7 +898,6 @@ int security_bounded_transition(struct selinux_state *state, u32 old_sid, u32 new_sid) { struct policydb *policydb; - struct sidtab *sidtab; struct context *old_context, *new_context; struct type_datum *type; int index; @@ -876,10 +909,9 @@ int security_bounded_transition(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; rc = -EINVAL; - old_context = sidtab_search(sidtab, old_sid); + old_context = security_sid_to_context_struct(state, old_sid, 0); if (!old_context) { pr_err("SELinux: %s: unrecognized SID %u\n", __func__, old_sid); @@ -887,7 +919,7 @@ int security_bounded_transition(struct selinux_state *state, } rc = -EINVAL; - new_context = sidtab_search(sidtab, new_sid); + new_context = security_sid_to_context_struct(state, new_sid, 0); if (!new_context) { pr_err("SELinux: %s: unrecognized SID %u\n", __func__, new_sid); @@ -1014,7 +1046,6 @@ void security_compute_xperms_decision(struct selinux_state *state, struct extended_perms_decision *xpermd) { struct policydb *policydb; - struct sidtab *sidtab; u16 tclass; struct context *scontext, *tcontext; struct avtab_key avkey; @@ -1034,16 +1065,15 @@ void security_compute_xperms_decision(struct selinux_state *state, goto allow; policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; - scontext = sidtab_search(sidtab, ssid); + scontext = security_sid_to_context_struct(state, ssid, 0); if (!scontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, ssid); goto out; } - tcontext = sidtab_search(sidtab, tsid); + tcontext = security_sid_to_context_struct(state, tsid, 0); if (!tcontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1112,7 +1142,6 @@ void security_compute_av(struct selinux_state *state, struct extended_perms *xperms) { struct policydb *policydb; - struct sidtab *sidtab; u16 tclass; struct context *scontext = NULL, *tcontext = NULL; @@ -1123,9 +1152,8 @@ void security_compute_av(struct selinux_state *state, goto allow; policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; - scontext = sidtab_search(sidtab, ssid); + scontext = security_sid_to_context_struct(state, ssid, 0); if (!scontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, ssid); @@ -1136,7 +1164,7 @@ void security_compute_av(struct selinux_state *state, if (ebitmap_get_bit(&policydb->permissive_map, scontext->type)) avd->flags |= AVD_FLAGS_PERMISSIVE; - tcontext = sidtab_search(sidtab, tsid); + tcontext = security_sid_to_context_struct(state, tsid, 0); if (!tcontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1168,7 +1196,6 @@ void security_compute_av_user(struct selinux_state *state, struct av_decision *avd) { struct policydb *policydb; - struct sidtab *sidtab; struct context *scontext = NULL, *tcontext = NULL; read_lock(&state->ss->policy_rwlock); @@ -1177,9 +1204,8 @@ void security_compute_av_user(struct selinux_state *state, goto allow; policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; - scontext = sidtab_search(sidtab, ssid); + scontext = security_sid_to_context_struct(state, ssid, 0); if (!scontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, ssid); @@ -1190,7 +1216,7 @@ void security_compute_av_user(struct selinux_state *state, if (ebitmap_get_bit(&policydb->permissive_map, scontext->type)) avd->flags |= AVD_FLAGS_PERMISSIVE; - tcontext = sidtab_search(sidtab, tsid); + tcontext = security_sid_to_context_struct(state, tsid, 0); if (!tcontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1284,7 +1310,6 @@ static int security_sid_to_context_core(struct selinux_state *state, u32 *scontext_len, int force) { struct policydb *policydb; - struct sidtab *sidtab; struct context *context; int rc = 0; @@ -1315,11 +1340,7 @@ static int security_sid_to_context_core(struct selinux_state *state, } read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; - if (force) - context = sidtab_search_force(sidtab, sid); - else - context = sidtab_search(sidtab, sid); + context = security_sid_to_context_struct(state, sid, force); if (!context) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, sid); @@ -1363,7 +1384,7 @@ int security_sid_to_context_force(struct selinux_state *state, u32 sid, * Caveat: Mutates scontext. */ static int string_to_context_struct(struct policydb *pol, - struct sidtab *sidtabp, + struct selinux_state *state, char *scontext, struct context *ctx, u32 def_sid) @@ -1425,7 +1446,7 @@ static int string_to_context_struct(struct policydb *pol, ctx->type = typdatum->value; - rc = mls_context_to_sid(pol, oldc, p, ctx, sidtabp, def_sid); + rc = mls_context_to_sid(pol, oldc, p, ctx, state, def_sid); if (rc) goto out; @@ -1446,7 +1467,6 @@ static int security_context_to_sid_core(struct selinux_state *state, int force) { struct policydb *policydb; - struct sidtab *sidtab; char *scontext2, *str = NULL; struct context context; int rc = 0; @@ -1483,16 +1503,17 @@ static int security_context_to_sid_core(struct selinux_state *state, } read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; - rc = string_to_context_struct(policydb, sidtab, scontext2, + + rc = string_to_context_struct(policydb, state, scontext2, &context, def_sid); + if (rc == -EINVAL && force) { context.str = str; context.len = strlen(str) + 1; str = NULL; } else if (rc) goto out_unlock; - rc = sidtab_context_to_sid(sidtab, &context, sid); + rc = security_context_struct_to_sid(state, &context, sid); context_destroy(&context); out_unlock: read_unlock(&state->ss->policy_rwlock); @@ -1631,7 +1652,6 @@ static int security_compute_sid(struct selinux_state *state, bool kern) { struct policydb *policydb; - struct sidtab *sidtab; struct class_datum *cladatum = NULL; struct context *scontext = NULL, *tcontext = NULL, newcontext; struct role_trans *roletr = NULL; @@ -1668,16 +1688,15 @@ static int security_compute_sid(struct selinux_state *state, } policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; - scontext = sidtab_search(sidtab, ssid); + scontext = security_sid_to_context_struct(state, ssid, 0); if (!scontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, ssid); rc = -EINVAL; goto out_unlock; } - tcontext = sidtab_search(sidtab, tsid); + tcontext = security_sid_to_context_struct(state, tsid, 0); if (!tcontext) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1793,7 +1812,7 @@ static int security_compute_sid(struct selinux_state *state, goto out_unlock; } /* Obtain the sid for the context. */ - rc = sidtab_context_to_sid(sidtab, &newcontext, out_sid); + rc = security_context_struct_to_sid(state, &newcontext, out_sid); out_unlock: read_unlock(&state->ss->policy_rwlock); context_destroy(&newcontext); @@ -1881,16 +1900,9 @@ int security_change_sid(struct selinux_state *state, } /* Clone the SID into the new SID table. */ -static int clone_sid(u32 sid, - struct context *context, - void *arg) +static int clone_sid(u32 sid, struct context *context, void *arg) { - struct sidtab *s = arg; - - if (sid > SECINITSID_NUM) - return sidtab_insert(s, sid, context); - else - return 0; + return sidtab_insert((struct sidtab *)arg, sid, context); } static inline int convert_context_handle_invalid_context( @@ -1925,9 +1937,7 @@ struct convert_context_args { * in the policy `p->newp'. Verify that the * context is valid under the new policy. */ -static int convert_context(u32 key, - struct context *c, - void *p) +static int convert_context(u32 key, struct context *c, void *p) { struct convert_context_args *args; struct context oldc; @@ -1938,10 +1948,7 @@ static int convert_context(u32 key, struct user_datum *usrdatum; char *s; u32 len; - int rc = 0; - - if (key <= SECINITSID_NUM) - goto out; + int rc; args = p; @@ -2104,6 +2111,7 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) { struct policydb *policydb; struct sidtab *sidtab; + struct isidtab *newisidtab = NULL; struct policydb *oldpolicydb, *newpolicydb; struct sidtab oldsidtab, newsidtab; struct selinux_mapping *oldmapping; @@ -2120,6 +2128,12 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) } newpolicydb = oldpolicydb + 1; + newisidtab = kmalloc(sizeof(*newisidtab), GFP_KERNEL); + if (!newisidtab) { + rc = -ENOMEM; + goto out; + } + policydb = &state->ss->policydb; sidtab = &state->ss->sidtab; @@ -2128,20 +2142,31 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) if (rc) goto out; + rc = sidtab_init(sidtab); + if (rc) { + policydb_destroy(policydb); + goto out; + } + policydb->len = len; rc = selinux_set_mapping(policydb, secclass_map, &state->ss->map); if (rc) { + sidtab_destroy(sidtab); policydb_destroy(policydb); goto out; } - rc = policydb_load_isids(policydb, sidtab); + rc = policydb_load_isids(policydb, newisidtab); if (rc) { + sidtab_destroy(sidtab); policydb_destroy(policydb); goto out; } + state->ss->isidtab = newisidtab; + newisidtab = NULL; /* do not free new isidtab */ + security_load_policycaps(state); state->initialized = 1; seqno = ++state->ss->latest_granting; @@ -2162,6 +2187,12 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) if (rc) goto out; + rc = sidtab_init(&newsidtab); + if (rc) { + policydb_destroy(newpolicydb); + goto out; + } + newpolicydb->len = len; /* If switching between different policy types, log MLS status */ if (policydb->mls_enabled && !newpolicydb->mls_enabled) @@ -2169,9 +2200,10 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) else if (!policydb->mls_enabled && newpolicydb->mls_enabled) pr_info("SELinux: Enabling MLS support...\n"); - rc = policydb_load_isids(newpolicydb, &newsidtab); + rc = policydb_load_isids(newpolicydb, newisidtab); if (rc) { pr_err("SELinux: unable to load the initial SIDs\n"); + sidtab_destroy(&newsidtab); policydb_destroy(newpolicydb); goto out; } @@ -2214,13 +2246,21 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) /* Install the new policydb and SID table. */ write_lock_irq(&state->ss->policy_rwlock); + memcpy(policydb, newpolicydb, sizeof(*policydb)); sidtab_set(sidtab, &newsidtab); + + isidtab_destroy(state->ss->isidtab); + kfree(state->ss->isidtab); + state->ss->isidtab = newisidtab; + newisidtab = NULL; + security_load_policycaps(state); oldmapping = state->ss->map.mapping; state->ss->map.mapping = newmap.mapping; state->ss->map.size = newmap.size; seqno = ++state->ss->latest_granting; + write_unlock_irq(&state->ss->policy_rwlock); /* Free the old policydb and SID table. */ @@ -2241,8 +2281,10 @@ err: kfree(newmap.mapping); sidtab_destroy(&newsidtab); policydb_destroy(newpolicydb); + isidtab_destroy(newisidtab); out: + kfree(newisidtab); kfree(oldpolicydb); return rc; } @@ -2269,14 +2311,12 @@ int security_port_sid(struct selinux_state *state, u8 protocol, u16 port, u32 *out_sid) { struct policydb *policydb; - struct sidtab *sidtab; struct ocontext *c; int rc = 0; read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; c = policydb->ocontexts[OCON_PORT]; while (c) { @@ -2289,9 +2329,9 @@ int security_port_sid(struct selinux_state *state, if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(sidtab, - &c->context[0], - &c->sid[0]); + rc = security_context_struct_to_sid(state, + &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2315,14 +2355,12 @@ int security_ib_pkey_sid(struct selinux_state *state, u64 subnet_prefix, u16 pkey_num, u32 *out_sid) { struct policydb *policydb; - struct sidtab *sidtab; struct ocontext *c; int rc = 0; read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; c = policydb->ocontexts[OCON_IBPKEY]; while (c) { @@ -2336,9 +2374,9 @@ int security_ib_pkey_sid(struct selinux_state *state, if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(sidtab, - &c->context[0], - &c->sid[0]); + rc = security_context_struct_to_sid(state, + &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2361,14 +2399,12 @@ int security_ib_endport_sid(struct selinux_state *state, const char *dev_name, u8 port_num, u32 *out_sid) { struct policydb *policydb; - struct sidtab *sidtab; struct ocontext *c; int rc = 0; read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; c = policydb->ocontexts[OCON_IBENDPORT]; while (c) { @@ -2383,9 +2419,9 @@ int security_ib_endport_sid(struct selinux_state *state, if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(sidtab, - &c->context[0], - &c->sid[0]); + rc = security_context_struct_to_sid(state, + &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2407,14 +2443,12 @@ int security_netif_sid(struct selinux_state *state, char *name, u32 *if_sid) { struct policydb *policydb; - struct sidtab *sidtab; int rc = 0; struct ocontext *c; read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; c = policydb->ocontexts[OCON_NETIF]; while (c) { @@ -2425,14 +2459,14 @@ int security_netif_sid(struct selinux_state *state, if (c) { if (!c->sid[0] || !c->sid[1]) { - rc = sidtab_context_to_sid(sidtab, - &c->context[0], - &c->sid[0]); + rc = security_context_struct_to_sid(state, + &c->context[0], + &c->sid[0]); if (rc) goto out; - rc = sidtab_context_to_sid(sidtab, - &c->context[1], - &c->sid[1]); + rc = security_context_struct_to_sid(state, + &c->context[1], + &c->sid[1]); if (rc) goto out; } @@ -2472,14 +2506,12 @@ int security_node_sid(struct selinux_state *state, u32 *out_sid) { struct policydb *policydb; - struct sidtab *sidtab; int rc; struct ocontext *c; read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; switch (domain) { case AF_INET: { @@ -2521,9 +2553,9 @@ int security_node_sid(struct selinux_state *state, if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(sidtab, - &c->context[0], - &c->sid[0]); + rc = security_context_struct_to_sid(state, + &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2561,7 +2593,6 @@ int security_get_user_sids(struct selinux_state *state, u32 *nel) { struct policydb *policydb; - struct sidtab *sidtab; struct context *fromcon, usercon; u32 *mysids = NULL, *mysids2, sid; u32 mynel = 0, maxnel = SIDS_NEL; @@ -2579,12 +2610,11 @@ int security_get_user_sids(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; context_init(&usercon); rc = -EINVAL; - fromcon = sidtab_search(sidtab, fromsid); + fromcon = security_sid_to_context_struct(state, fromsid, 0); if (!fromcon) goto out_unlock; @@ -2610,7 +2640,7 @@ int security_get_user_sids(struct selinux_state *state, &usercon)) continue; - rc = sidtab_context_to_sid(sidtab, &usercon, &sid); + rc = security_context_struct_to_sid(state, &usercon, &sid); if (rc) goto out_unlock; if (mynel < maxnel) { @@ -2681,7 +2711,6 @@ static inline int __security_genfs_sid(struct selinux_state *state, u32 *sid) { struct policydb *policydb = &state->ss->policydb; - struct sidtab *sidtab = &state->ss->sidtab; int len; u16 sclass; struct genfs *genfs; @@ -2716,7 +2745,8 @@ static inline int __security_genfs_sid(struct selinux_state *state, goto out; if (!c->sid[0]) { - rc = sidtab_context_to_sid(sidtab, &c->context[0], &c->sid[0]); + rc = security_context_struct_to_sid(state, &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2758,7 +2788,6 @@ int security_genfs_sid(struct selinux_state *state, int security_fs_use(struct selinux_state *state, struct super_block *sb) { struct policydb *policydb; - struct sidtab *sidtab; int rc = 0; struct ocontext *c; struct superblock_security_struct *sbsec = sb->s_security; @@ -2767,7 +2796,6 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb) read_lock(&state->ss->policy_rwlock); policydb = &state->ss->policydb; - sidtab = &state->ss->sidtab; c = policydb->ocontexts[OCON_FSUSE]; while (c) { @@ -2779,8 +2807,9 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb) if (c) { sbsec->behavior = c->v.behavior; if (!c->sid[0]) { - rc = sidtab_context_to_sid(sidtab, &c->context[0], - &c->sid[0]); + rc = security_context_struct_to_sid(state, + &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2973,7 +3002,6 @@ int security_sid_mls_copy(struct selinux_state *state, u32 sid, u32 mls_sid, u32 *new_sid) { struct policydb *policydb = &state->ss->policydb; - struct sidtab *sidtab = &state->ss->sidtab; struct context *context1; struct context *context2; struct context newcon; @@ -2992,7 +3020,7 @@ int security_sid_mls_copy(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); rc = -EINVAL; - context1 = sidtab_search(sidtab, sid); + context1 = security_sid_to_context_struct(state, sid, 0); if (!context1) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, sid); @@ -3000,7 +3028,7 @@ int security_sid_mls_copy(struct selinux_state *state, } rc = -EINVAL; - context2 = sidtab_search(sidtab, mls_sid); + context2 = security_sid_to_context_struct(state, mls_sid, 0); if (!context2) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, mls_sid); @@ -3030,7 +3058,7 @@ int security_sid_mls_copy(struct selinux_state *state, } } - rc = sidtab_context_to_sid(sidtab, &newcon, new_sid); + rc = security_context_struct_to_sid(state, &newcon, new_sid); out_unlock: read_unlock(&state->ss->policy_rwlock); context_destroy(&newcon); @@ -3064,7 +3092,6 @@ int security_net_peersid_resolve(struct selinux_state *state, u32 *peer_sid) { struct policydb *policydb = &state->ss->policydb; - struct sidtab *sidtab = &state->ss->sidtab; int rc; struct context *nlbl_ctx; struct context *xfrm_ctx; @@ -3097,14 +3124,14 @@ int security_net_peersid_resolve(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); rc = -EINVAL; - nlbl_ctx = sidtab_search(sidtab, nlbl_sid); + nlbl_ctx = security_sid_to_context_struct(state, nlbl_sid, 0); if (!nlbl_ctx) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, nlbl_sid); goto out; } rc = -EINVAL; - xfrm_ctx = sidtab_search(sidtab, xfrm_sid); + xfrm_ctx = security_sid_to_context_struct(state, xfrm_sid, 0); if (!xfrm_ctx) { pr_err("SELinux: %s: unrecognized SID %d\n", __func__, xfrm_sid); @@ -3425,7 +3452,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, goto out; } - ctxt = sidtab_search(&state->ss->sidtab, sid); + ctxt = security_sid_to_context_struct(state, sid, 0); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", sid); @@ -3588,7 +3615,6 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, u32 *sid) { struct policydb *policydb = &state->ss->policydb; - struct sidtab *sidtab = &state->ss->sidtab; int rc; struct context *ctx; struct context ctx_new; @@ -3606,7 +3632,7 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, *sid = secattr->attr.secid; else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) { rc = -EIDRM; - ctx = sidtab_search(sidtab, SECINITSID_NETMSG); + ctx = security_sid_to_context_struct(state, SECINITSID_NETMSG, 0); if (ctx == NULL) goto out; @@ -3624,7 +3650,7 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, if (!mls_context_isvalid(policydb, &ctx_new)) goto out_free; - rc = sidtab_context_to_sid(sidtab, &ctx_new, sid); + rc = security_context_struct_to_sid(state, &ctx_new, sid); if (rc) goto out_free; @@ -3666,7 +3692,7 @@ int security_netlbl_sid_to_secattr(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); rc = -ENOENT; - ctx = sidtab_search(&state->ss->sidtab, sid); + ctx = security_sid_to_context_struct(state, sid, 0); if (ctx == NULL) goto out; diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h index 24c7bdcc8075..18a2fb386120 100644 --- a/security/selinux/ss/services.h +++ b/security/selinux/ss/services.h @@ -25,6 +25,7 @@ struct selinux_map { struct selinux_ss { struct sidtab sidtab; + struct isidtab *isidtab; struct policydb policydb; rwlock_t policy_rwlock; u32 latest_granting; diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index fd75a12fa8fc..98710657a596 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -25,7 +25,7 @@ int sidtab_init(struct sidtab *s) for (i = 0; i < SIDTAB_SIZE; i++) s->htable[i] = NULL; s->nel = 0; - s->next_sid = 1; + s->next_sid = SECINITSID_NUM + 1; s->shutdown = 0; spin_lock_init(&s->lock); return 0; @@ -76,7 +76,7 @@ int sidtab_insert(struct sidtab *s, u32 sid, struct context *context) return 0; } -static struct context *sidtab_search_core(struct sidtab *s, u32 sid, int force) +struct context *sidtab_lookup(struct sidtab *s, u32 sid) { int hvalue; struct sidtab_node *cur; @@ -89,33 +89,12 @@ static struct context *sidtab_search_core(struct sidtab *s, u32 sid, int force) while (cur && sid > cur->sid) cur = cur->next; - if (force && cur && sid == cur->sid && cur->context.len) - return &cur->context; - - if (!cur || sid != cur->sid || cur->context.len) { - /* Remap invalid SIDs to the unlabeled SID. */ - sid = SECINITSID_UNLABELED; - hvalue = SIDTAB_HASH(sid); - cur = s->htable[hvalue]; - while (cur && sid > cur->sid) - cur = cur->next; - if (!cur || sid != cur->sid) - return NULL; - } + if (!cur || sid != cur->sid) + return NULL; return &cur->context; } -struct context *sidtab_search(struct sidtab *s, u32 sid) -{ - return sidtab_search_core(s, sid, 0); -} - -struct context *sidtab_search_force(struct sidtab *s, u32 sid) -{ - return sidtab_search_core(s, sid, 1); -} - int sidtab_map(struct sidtab *s, int (*apply) (u32 sid, struct context *context, diff --git a/security/selinux/ss/sidtab.h b/security/selinux/ss/sidtab.h index a1a1d2617b6f..2eadd09a1100 100644 --- a/security/selinux/ss/sidtab.h +++ b/security/selinux/ss/sidtab.h @@ -34,8 +34,7 @@ struct sidtab { int sidtab_init(struct sidtab *s); int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); -struct context *sidtab_search(struct sidtab *s, u32 sid); -struct context *sidtab_search_force(struct sidtab *s, u32 sid); +struct context *sidtab_lookup(struct sidtab *s, u32 sid); int sidtab_map(struct sidtab *s, int (*apply) (u32 sid, From patchwork Wed Oct 31 12:27:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ondrej Mosnacek X-Patchwork-Id: 10662581 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AEAD014DE for ; Wed, 31 Oct 2018 12:29:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 995672A3D1 for ; Wed, 31 Oct 2018 12:29:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8BC6C2A3E6; Wed, 31 Oct 2018 12:29:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from usfb19pa16.eemsg.mail.mil (uphb19pa13.eemsg.mail.mil [214.24.26.87]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA256 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 0D3072A3D1 for ; Wed, 31 Oct 2018 12:29:45 +0000 (UTC) X-EEMSG-check-008: 139889525|USFB19PA16_EEMSG_MP12.csd.disa.mil Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3]) by usfb19pa16.eemsg.mail.mil with ESMTP/TLS/DHE-RSA-AES256-SHA256; 31 Oct 2018 12:29:42 +0000 X-IronPort-AV: E=Sophos;i="5.54,447,1534809600"; d="scan'208";a="20094551" IronPort-PHdr: 9a23:h4Rr2Rf+Zq0dkTfB+DB2sP1ClGMj4u6mDksu8pMizoh2WeGdxcm7ZhyN2/xhgRfzUJnB7Loc0qyK6/+mATRIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSizexfbF/IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbDVwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4rx1QxH0ligIKz858HnWisNuiqJbvAmhrAF7z4LNfY2ZKOZycqbbcNwUX2pBWttaWTJHDI2ycoADC/MNMftEo4X4oVYFsBmwChS2BO73yjFGmHH406493esjHwHIwRQgEtATvHnao9r6KKgcXv6uzKTT0TXObelb1Svn5YTUbBwsp+yHU7JqccrWzEkiDxrLjlONpoz/ITyV1PkGvW+c7+p7U+KgkXIopB9yojOywcosjYzJhoUOylDC7yp23Jg6KMaiSEFlfNGkEIFftz2AO4RqRcMiRnhltSAnwbMIvp67eTIFyJUhxxPHZPyHcpSI4hL+VOmKOzt3mHVleLe5ih2v8kag0vXxWtS73VtFtCZIksTAumoT2xHc9MSLUOZx8l+/1TqS2Q3f8PxILEI0mKbBJZMswKQ8mocPvUnFAyT4gl/5jLWMeUUh4uWo7uPnbaj4qZKELI90jx3+MrwpmsyiHeQ0KggOUHaf+eS7zLDj4Vf2QK9Ljv0rianVqozaJMQHqa65BA9ZyIAj5AqkDzi6ytgYmHgHLFZddBKGiYjmJU3OLejlAfqwjFmgijdmy+3cMrH/DZjBMGLPnKr5cbZ48UFcyQ4zzd5F55JTD7EMOOnzVVH1tNzZCB85LgO1z//8B9V6y4MeX36ADbGCMK7JrV+J5v4gI+mLZIMPvjb9MOIq6+ThjX8+h18RZbOp0ocPaHCkAvRmJF2UYXjrgtcHC2gKogo+Q/bsiFCZUz5TYHCyX6cm6TEgFIKpE53DRpu3jLyGxie7EYVcZnpaBVCUDXfoa4KEVu8OaCKQOMBujj8EVaOmS48n1BGuqhT3y7RjLurJ9SwXro/j1N5p5+3Ojx0y8iZ0D8uF2WGXU250hn8IRyMx3K1nr019y1OD0a1mjPxCDtFT6e1GXRo9NZ7G1eN6E8ryWgXDftiXVFmmXs+qATYrTtI+29UOeVpyG82+jhDf2CqnG6IamKCOBJwz9KLcw2X9Kt1jy3nYzqkhjlgnQsxJNWG8gK5w6RTTDZbTk0qFj6aqabgc3CnV+WeA12WOv0ZYUBNrXKXGR38fZUzWrcnj6kPFVb+uBqwtMhFdxs6aNqtKdtrpgE1cS/j+ItTeYny+m32rCBmS2ryMaZDme2IH3CXSEEIEiRwc/W6aNQgiASesu37RAyZqFV3xeEPs7el/qHSgQ08v0w6KblNu17yp+h4Un/OQUfUT0awYuC05sTV7AE69387KC9qHvwdhZrhTbs4m7VdI0GLYuBZxPpq+IKB+nlQeaRh4v1vy1xVrDYVNidMqrH0wzAp1MqKYzEhMdyie3ZD3NLzXL3P9/Ba1Z67QxF7ezM6c+r0T5/Qgt1XjoAapG1Is8np919lVz2WT5o/RDAcJT5L+TFw3+ANnp7HfeCU94JnU1XJ0O6murjDCw84pBPciyhu4eddfMaeEFAvsHM0BHMWhMvIlm0Kubh4eO+BS7qE0Ndu8d/SawK6rIPpgnDW+gGta/IByyFiM+jFgRe7P2pYK3+uX3hCbVzvmileurNz3k5heZT4OBmq/1TTkBIlJa61sfIYEFXuuI8qtxtlkm5HtW3lY9FisB14d3M+peBySYEbn3Q1Xz0gXpmanmSSgxTxujz4ptraf3DDJw+n6cBoHO3VLRHV7gVf3P4e0i9EaXE61bwkmjxal/l76x6ldpKR+M2bTWl1Efy7oIGF+SqGwrKaNY9ZT6JM0tiVaSP68YVeeSr75vRQayT/sH2xQxT0gbDGqp4n2nwdghGKaNnZzo2LTedtsyhfH+NzcWflR0yIFRCZmjznXHUOxP9q38tWSjJfDtP6xV367Wp1UaynrwpuKtDGn6m1yHR2/g/ezl8X/EQcgzC/708dlVT3Soxb6fonkyb66PPl6fklzGlD88dF6Fptlkos3mZEQw2QViYub/XoAi2fzPstU1bj4bHUTWT4B28TV7xT92E1/MnKJwJr0VmubwsR8fNS6fGUW1T8978xQDqeb8qBElzNvolWktQLRfeR9njAFxPs28nEanuUJtRExwSWcHrATHVBUPSL2mBSO9dy+q79XZGm3e7iqyEV+hcyhDK2FogxEVnb2YJEiHTN37sV6K1/M3mP85ZzjeNnKd90TrgeUkxDCj+dLNJ0xiuAGhS19OWLypXcl0fI0jQRy3ZGmu4iKM2Bt87i9Ah5cKDL1e98T9Sv3gqtFmMaZwZyvHo59FToRRJvnU+ikEDQMuvT7LwyOCiEzqm+HGbrDGg+S8Elmr2jRHJ+2LHGYPn8ZzcllRBmGP0FQmhwbXDAgkp4+DACqy9TrcF1l6TAJ+l74thxMx/pwNxbhSWjQugGoajYoSJiYNxdW7x9N6FnLPsCE6eJzBS5Y9IW7rAORMmybexhIDWYRV0OfHF/vOb2u5djb8+iEHeqyNeDObquSpuBETPeH25av0opg/zaROcSCJWVtDv0h2kpeRnB1AcrYlC8TSywMkCLNadSXpBCm+i14tsq/6ujkWBrz5YuTDLtfKc5g+xG5gaeEMe6dnzt2JihD2ZMN33DIzqIT3FkIiyFhbzOtC6gPtTbRTKLMna9aFxwbayNzNctQ6KI82ghNOdLFhd7u0754j+I1C01bWlD7ncGpf8MKKXmnNFzbHEaLKKiGJTrTzsH0YaK8TaNfgf5Rtx23tzabHVHsPiiflznpUBCvNP9DgDudPBNApIG3agxtBnT7TNL6dh27N8d6giMuwbIunHPKNHUcPCNkc0xXtL2Q7DhYgu17G2Nb8nVqM/OImyGD7+nXMpwWq+dkAjxol+JG53Q3071V4z9eS/xxgybSrdluo0q6kuaVzDpnSxlOqjdRiIKNo0piJb3T9oNcVnbc4BIN8WKQBgwQp9R7Ed3gpbpfysLTm6LzMzpN6NPU/dEBCMjTJsKHKGAhPgTpGTLOCgsKUyKrP3nFh0NBiPGS6mGVrp8ip5fxn5oOTLlbW0ErGfMeC0RoB8YNL4ltXjMji7Kbi9QI5XWmphnLWMpapozHVu6VAfj3NTmWl6dEZxoVzrPjNokcLJf721Zlalh0h4TFBVbfXc1Xoi1gcg81oF9B8H5gQW0vw0jlcB+i4GcPFf6omR47kg9+YeM39Djy5Vc2J13KqTA/kEk3hNXpmzeRcCT+LK2oR4FZFzL0t1QtMpP8Wwt1dhO9nUhlNDfCWrJQgKBtenxsiA/ZpZRAA+VcTbFebB8W2/6Xe+0i0U5ApSW/2U9H+ezFBIN+lAsrdJ6sqG5A2wJjbdMuOKPQJapIwUJLia6UuC+nyPwxyhcEJ0kR6GOSZDIIuEsQO7Y8Iyqo//Bj5hKalDtGeGkMUf0qovRw+U4mIOuAzjjv07haJkC/KuyTNaWZtHbclcSQWFM/ylsIl1VZ/bhxycosaFSbV0Y0wbSLChsJK9TNKRtOb8VI7njSfTyCseLXwZJ6J4+9DPznTfeStKYIhUKpBAkpH5kN7sQFGpmjzkTYINz6I7Eb0hot5R7kJFOfAPROYhKLny8No9ujw59vwYldOjYdDH1nMSWx57bYug8qgP2HXNctenkUR5YKOGgqVcO9gCNWo3NADDyr3e0D0wiC8yXwpiLOAzngd9BjfuubZQtwCNGq/jUy67K2hkTN8pXZPG73LshiusXV5uMEuZmHD/JUTb9ys0fYmolYSHyqU3LBEdGvPZjwbpMgbdrqBXamSla/kS46T9/tPNaxKaiFmQ/pSZxIv4mb3TAjMM69GSsdGxprpuEM+rxzahMZb5o8ex7ouBw0N7ajLweAztWuX2GtJCNTT/ZF1+W6ZKJYzzYtbu+8x3stVZ87wPOx8UERQJEKiQzeyuu4Z4VEVyj8BGBdcR3VpSUlj2hhKvoywuAnzRzSq1kcLjaLePZqaGFfvtE8BFKSIWltBWYiQV+Tk5bD6Ba2378O5ytdg8pU0epdvXjiuZ/fZSmhWLC3pZXQqCUsd94mrLNtMYb7OMuJqIveniDDTJnXqgCFUim6GORBl9dNPi1YW+dHmXs5OcMYpIVN80wxWdkiJ7ZXEqkjuqiqaSZ4DS4V1SIZWZmA0yYEguig2rvajQydcJE6MBwFqZlCmdUcUzVsbiMZvq+jWJ3cl3WYRWgTPAcT8QNM6RocloBtY+/l4ZDHTJtXxjFKpPJ0VzfEGYNz91vnUG2Wh0b3SOm5meyzwQ1S1O7s0sUcWBNnEUhd3PpWmVE1J7FrMKQQpYnKsiKSdUzmom3tzvemJENLxs3QbVH4C5DFtWXkWC0G5XIUXZNPyG3YFZkKiAV5ZrokqElOLYy7dEvz/CArx4NsH7akT8+r3EoloWwARyi0D9pLE/tmv07PWD15f5Crr43oO4lIQmBO5pKStkxUkFhpMy6l05pTMd9N4j8LXDhLvzqdoMG+SMpZ2c95F5UMOMtwu2/hGKNYP5icu382tab1yn/e4DA8tE21xCuoFq+9UuJZ+3EeGgQ1KGSfsEYvCfAs/n3V8lDXvVB+5/1bCaSXjUVtvDZ9GYhDBjRT2nCjIVRzVn5GvPhEJ6nOb8xTWf8yZQSoOxAkE/4pwVCJ91lunXjleyxyqhda+yfFUgkyUSkYmbbtmTsbqs29OD8aTZxIbS87YCfeNwKbgz1XswpDa0F3QZAWHMxJ+7YB3Ytb5sDCU1qjKTkZXBx+MQI1yfxflU9fv0WffSDSFxGoeezOsh1weseRt9WpIe/8/ApIhYLrquc4978MR3e+gw2iXcjer5Pgtt2NrkaOcLz4M+i8bHLaQjjDkw2/hbA+D5bQ5yjTKg1bK5tkxnU4fZjtE2nLPQ5JJ6gDPUpUSbh6aclaouBdf8JkeqcJ+ap2CxKCWBzuGJKgrONHLlbVSjTSNSOB/fKjoYjL97zSVfDgZtCQx3bAW693P5Z75iPhFLj2yoJe4VT52utz+UxmU1TGNDqBrNv5LAMR+MaiblfivoEuHT7OG5hwkWHtx09aeMoVQi2q7IwYx4lE6Hb0Uu93zk/zv/BM+LZ+9Ik3+bdpyd2uKqvILvRaq0BnCACOBgp27pUtHHR/R2dJb+8JMvjRYbgWjcDgquDwDawX6wSZ+/dHZtvDJkHBnNS/Cz6HRBxchggBtSIVLguS1v6Cga90Styppevn1UI35VixMBoGwKpq5Yee9aqCvPXXYAfJzbgYRqjqQdv+oaguu0yI+fIpj6IBemtxYw2jEegSSNQdxnv+wq82zSIgCcTDH6jv+PRbTXI2girgm4xhH1URAv4UGL2L/YJCnmc3hePULdgWcqFYlWaJCxGkDrEDyXmx6yuUO2lpmBfO3A/sQWmr9l/5sTd4QTfQz9fkikdVWaW4BVxJXyawJEF2vzWBPAvutNrqtqU49042Mmn+u9KLimStIrRXH9fwJNaEOyk7uEoXjIEtRtyowY0bG929INcX8H1kcvTe62erkzJcrKZGhore5NqV+vbWHXS7ka2aqquNyypcynclvFEz8NagOe/S59eSWfSny34RTztjuwvGRxO1q6LboEoSOUGQ1EfLhZEFPtBe3XkjzE3m4/IjQN0r/gVEConAf+8CpSz0ODbszlafZ9U3VyeA3DtTGlL4CkJ4GK862GLxoM3Fj3HQ9EM0RoNobUzomQR3D5kkKUIq8FUXxysDEQsOaRCcF7yoB17qLYgDVUgFdxuH2qK2eqEp0k1v2rmv/vPcbfRgB6oRMfZQlhWBk0ZdGpIKqqAeW7Z8e1hB9K7LuAjtFZXoU+LhlXoqOv2/Wtpa/twBt3s+/ga/QAKt6Y9E77Yfkp+IbKBFYZ/IvMBy9Epn4DkPditWgBdhkxy5S+ccpPv44tjatpqo5fyiVKE3R+UY7xI0HXhxj4PsgFA/ptHaz+lcRZPRiYT+6ABCPWWHuYfb0xl5LOoBNZirfLJ++HkdICgePX0ON8KMa/Yg+y9tLCnT51taD8ICfdMYJsvNlhxKhUDyXbFT99bbGkWGBItpcMAo9WX3wigv8ZQgSubg9CO2JZfH4lFKO/NMkj5hlMrGpOcP2vrSFCkX7mWFaxhv3CyN1YOBC/Du8uWQ0NvUTU8JHjYqU4dBIzqP4QinRuuzlJX0XQKY88vzgJMldEKMXXy8h6UFvbxKEe5HkCn72SJeFo/tjfKPr9Ws8HdXtkFAEItr6B3KArlQPpV6ORT+kcmmXVZ8Bir5eM7KchouueyWxvoD4ulkMEv+f4AbKAoey73m8XpVUhduSLnus1abR+0RZ9xmR+jfo3BI74JgN68PPF+ApJzlrjdItEo6AAk3Z78stjZabFXBnBVJW6bov74NkgkcUdt+uU9WA2KwOXk+6iHBVatPiameFv0V/i+UTqwUXEViKjl+TA+t2JVyZ7upmuhKsnhIniN4vPcn0j9rSQCiuSLyvaIN2DMh+La+tDkbv3xKUPmewG/0DgBYwfALi7oMI2jt5Eb6Y3QZaob2pr59KoCozYA85zwaZhI5cmVSRe29Dwnohr6MR4mIt8hRwhWKvZOdQ6W0KH01MLgnxBCrYn9m1AHVkRUgpGwORS6m5dQpDJ+wNcYs2myjHm2NJwVE2b9ArMak7Q1Dd+Axc140hTw6ipLdFCQQWMzCHXo0hQE4aGJCNYhO8gIeC7Jy3Gzag4Jh2lo/WB6NScKo94zLkoHN0Hg5C9JrwjGzxOWJhZIvhXtind48riuDo28beOGQVchwSmPy2YFSxa22Z/ikvu0dDoozzrOnXaxnUIG44WXj/pJsVwe+w6gGWUKjOboEw7DAVS6uREWCVOiLenTKlDE8YSuQrQKwIAgPYdxR51Q4LvOEg5ddkwP7VrYhQSCXvlnSx2ELK+4Wdwsq/oygfl9vLqYKf+bJA+8ozbUlDUcUKX/EGSwjE+itrVukh5R2IV1l6ET+JPv3q0XoboTUFR4DHorX6JV2/K/fJCqNPHZ6x0hqNVJvv6fHQlI2sOIUf5eKyN7Xgdk6meJQbfphMSQh/NUUn48= X-IPAS-Result: A2ASAACRn9lb/wHyM5BkGgEBAQEBAgEBAQEHAgEBAQGBUgQBAQEBCwGBVSwDZiNcKIxtlk2OGBSBWxYBARgLCAGHdyI1DA0BAwEBAQEBAQIBbBwMgjYkAYJgAwMBAiQTFCALAwMJAQFACAgDAS0DAQUBCxEGAQcLBRYCBIMAAYF0DQMBC5xMPIwHM4U8hGcFEocxhCYXgUE/gRGEUwGBWQKBLgESAQuFbwKJAgSGLY9sCYYvPYoTCxiJNIcbjHyKDgYCCQcPIYEjATZkcU0jFTuCbIImDAuDSIpRAm6BBQEBiQEOF4InAQE Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 31 Oct 2018 12:29:40 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9VCSd7u005128; Wed, 31 Oct 2018 08:28:51 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w9VCSb9d014666 for ; Wed, 31 Oct 2018 08:28:37 -0400 Received: from goalie.tycho.ncsc.mil (goalie.tycho.ncsc.mil [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9VCSbq1005126 for ; Wed, 31 Oct 2018 08:28:37 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1ANAAAen9lblywYGNZkGwEBAQEDAQEBBwMBAQGBUgUBAQELAYFVLGl/KIxtlk2OGIF6CwEBI4RJAoM1IjUMDQEDAQEBAQEBAhQBAQEBAQYYBkyFRwMDJ1IQUTQBBQEcBgESG4MGAYF0DQMBC5xKPIwHM4ojBRKHMYQmF4FBP4ERhFMBgVkCgU2FbwKJAgSWGQmGLz2KEwsYiTSHG4x8ig4GAgkHDyGBJAGCCk0jFTuCbIImDAIJg0iKUQJuigiCTAEB X-IPAS-Result: A1ANAAAen9lblywYGNZkGwEBAQEDAQEBBwMBAQGBUgUBAQELAYFVLGl/KIxtlk2OGIF6CwEBI4RJAoM1IjUMDQEDAQEBAQEBAhQBAQEBAQYYBkyFRwMDJ1IQUTQBBQEcBgESG4MGAYF0DQMBC5xKPIwHM4ojBRKHMYQmF4FBP4ERhFMBgVkCgU2FbwKJAgSWGQmGLz2KEwsYiTSHG4x8ig4GAgkHDyGBJAGCCk0jFTuCbIImDAIJg0iKUQJuigiCTAEB X-IronPort-AV: E=Sophos;i="5.54,447,1534824000"; d="scan'208";a="403655" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.34]) by goalie.tycho.ncsc.mil with ESMTP; 31 Oct 2018 08:28:36 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0ALAAAen9lblywYGNZkGwEBAQEDAQEBBwMBAQGBUgUBAQELAYFVLGl/KIxtlk2OGIF6CwEBI4RJAoM1IjUMDQEDAQEBAQEBAgETAQEBAQEGGAZMDII2JAGCYAMDJ1IQUTQBBQEcBgESG4MGAYF0DQMBC5xKPIwHM4ojBRKHMYQmF4FBP4ERhFMBgVkCgU2FbwKJAgSWGQmGLz2KEwsYiTSHG4x8ig4GAgkHDyGBJAGCCk0jFTuCbIImDAIJg0iKUQJuigiCTAEB X-IPAS-Result: A0ALAAAen9lblywYGNZkGwEBAQEDAQEBBwMBAQGBUgUBAQELAYFVLGl/KIxtlk2OGIF6CwEBI4RJAoM1IjUMDQEDAQEBAQEBAgETAQEBAQEGGAZMDII2JAGCYAMDJ1IQUTQBBQEcBgESG4MGAYF0DQMBC5xKPIwHM4ojBRKHMYQmF4FBP4ERhFMBgVkCgU2FbwKJAgSWGQmGLz2KEwsYiTSHG4x8ig4GAgkHDyGBJAGCCk0jFTuCbIImDAIJg0iKUQJuigiCTAEB X-IronPort-AV: E=Sophos;i="5.54,447,1534809600"; d="scan'208";a="17390010" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from ucol3cpa06.eemsg.mail.mil ([214.24.24.44]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 31 Oct 2018 12:28:36 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;79045fc2-87b9-4ece-82e3-c2a15a505bd9 Authentication-Results: UCOL3CPA13.eemsg.mail.mil; dkim=none (message not signed) header.i=none; spf=None smtp.pra=omosnace@redhat.com; spf=Pass smtp.mailfrom=omosnace@redhat.com; spf=None smtp.helo=postmaster@mail-wr1-f67.google.com; dmarc=pass (p=none dis=none) d=redhat.com X-EEMSG-check-008: 67169456|UCOL3CPA13_EEMSG_MP28.csd.disa.mil X-EEMSG-check-001: false X-EEMSG-SBRS: 2.7 X-EEMSG-ORIG-IP: 209.85.221.67 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0AiAAAen9lbf0PdVdFkHAEBAQQBAQcEAQGBUQcBAQsBgVWBFYEnjA5flk2OGIF6CwEBI4RJAoM1GgcBBDANDQEDAQEBAQEBAQEBEwEBCQsLCBsMJQyCNiQBgmADAydSEFE0AQUBHAYBEhuDBgGBdA0EC5xKPIwHM4ojBQkBCIcxhCYXgUE/gRGEUwGBWQKBTYVvAokCBJYZCYYvPYoTCxiJNIcbjHyKDgYCCQcPIYEigg1NIxU7gmyCJgwLg0iKUQJuigiCTAEB X-IPAS-Result: A0AiAAAen9lbf0PdVdFkHAEBAQQBAQcEAQGBUQcBAQsBgVWBFYEnjA5flk2OGIF6CwEBI4RJAoM1GgcBBDANDQEDAQEBAQEBAQEBEwEBCQsLCBsMJQyCNiQBgmADAydSEFE0AQUBHAYBEhuDBgGBdA0EC5xKPIwHM4ojBQkBCIcxhCYXgUE/gRGEUwGBWQKBTYVvAokCBJYZCYYvPYoTCxiJNIcbjHyKDgYCCQcPIYEigg1NIxU7gmyCJgwLg0iKUQJuigiCTAEB Received: from mail-wr1-f67.google.com ([209.85.221.67]) by UCOL3CPA13.eemsg.mail.mil with ESMTP/TLS/AES128-SHA; 31 Oct 2018 12:28:22 +0000 Received: by mail-wr1-f67.google.com with SMTP id g9-v6so16264487wrq.4 for ; Wed, 31 Oct 2018 05:28:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=wme2G4bxeUSR4HMTwFRUh5ZiJN45NM0Ii+m2MVJZFog=; b=Kd/OzTnvzXP7zbmUTTZArK7UMmL70WSxPGHqjGQFeHaRwxvbZiq6IEJoSEA94eUQGt /dA8fFg+mYuOej8qwTogbkBNBg2kYrsKdK4lmN8Xo9jnCp5ApqHkH25NHCg23cxFFEzv cRpCIe07o4YEoJq+LVpDfLwaaDr0rGVHDzNA7YGWaP9z4fDSYk7jRfeP6of5T0/1V6br aGsfzxAhf3dzlIjQomzP7L3Ng8uoo1G7zUmHXrTMWjbQCI6QqC1SFFSMNrHc/7dIj7D5 fOzKA9aLAjw7E4CxLnA5iv64CiHNObCJ+XJHa7ugaNK6DeGO37js2q+2vNZq/IHZ8i6n GwSw== X-Gm-Message-State: AGRZ1gIN9HDh9fp6o1WV4TIH8H6QTCqWwO7C4wsXC+1QJYUyusHuOwIk SoZE3tEO1kQNxA/ol2Yb8VviKA== X-Google-Smtp-Source: AJdET5egRUBDfttOx1OgmOEP19/R9zoUXxeVrJMaWewYA1Qsq04Trm5GWeXvcopSEn1KrLw6BEI90w== X-Received: by 2002:adf:f787:: with SMTP id q7-v6mr2837557wrp.9.1540988900713; Wed, 31 Oct 2018 05:28:20 -0700 (PDT) Received: from localhost.localdomain.com (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.gmail.com with ESMTPSA id m192-v6sm9131737wmb.29.2018.10.31.05.28.19 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 31 Oct 2018 05:28:20 -0700 (PDT) X-EEMSG-check-009: 444-444 From: Ondrej Mosnacek To: selinux@vger.kernel.org, Paul Moore Date: Wed, 31 Oct 2018 13:27:18 +0100 Message-Id: <20181031122718.18735-3-omosnace@redhat.com> X-Mailer: git-send-email 2.17.2 In-Reply-To: <20181031122718.18735-1-omosnace@redhat.com> References: <20181031122718.18735-1-omosnace@redhat.com> Subject: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Stephen Smalley , selinux@tycho.nsa.gov MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP Before this patch, during a policy reload the sidtab would become frozen and trying to map a new context to SID would be unable to add a new entry to sidtab and fail with -ENOMEM. Such failures are usually propagated into userspace, which has no way of distignuishing them from actual allocation failures and thus doesn't handle them gracefully. Such situation can be triggered e.g. by the following reproducer: while true; do load_policy; echo -n .; sleep 0.1; done & for (( i = 0; i < 1024; i++ )); do runcon -l s0:c$i echo -n x || break # or: # chcon -l s0:c$i || break done This patchs overhauls the sidtab so it doesn't need to be frozen during a policy reload, thus solving the above problem. The new SID table entries now contain two slots for the context. One of the slots is used for the lookup and the other one is used during policy reload to store the new converted context. Which slot is used for what is determined by a shared index that is toggled between 0 and 1 when the conversion is completed, together with the switch to the new policy. After the index is toggled, the contexts in the now unused slots are destroyed. The solution also gracefully handles conversion of entries that are added to sidtab while the conversion is in progress. The downside of this solution is that the sidtab now takes up approximately twice the space and half of it is used only during policy reload. On the other hand, this means we do not need to deal with sidtab growing while we are allocating a new one. Reported-by: Orion Poplawski Reported-by: Li Kun Link: https://github.com/SELinuxProject/selinux-kernel/issues/38 Signed-off-by: Ondrej Mosnacek --- security/selinux/ss/mls.c | 16 ++--- security/selinux/ss/mls.h | 3 +- security/selinux/ss/services.c | 96 +++++++------------------- security/selinux/ss/sidtab.c | 122 +++++++++++++++++++++------------ security/selinux/ss/sidtab.h | 23 ++++--- 5 files changed, 124 insertions(+), 136 deletions(-) diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index cd637ee3fb11..bc3f93732658 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -441,11 +441,11 @@ int mls_setup_user_range(struct policydb *p, */ int mls_convert_context(struct policydb *oldp, struct policydb *newp, - struct context *c) + struct context *oldc, + struct context *newc) { struct level_datum *levdatum; struct cat_datum *catdatum; - struct ebitmap bitmap; struct ebitmap_node *node; int l, i; @@ -455,28 +455,26 @@ int mls_convert_context(struct policydb *oldp, for (l = 0; l < 2; l++) { levdatum = hashtab_search(newp->p_levels.table, sym_name(oldp, SYM_LEVELS, - c->range.level[l].sens - 1)); + oldc->range.level[l].sens - 1)); if (!levdatum) return -EINVAL; - c->range.level[l].sens = levdatum->level->sens; + newc->range.level[l].sens = levdatum->level->sens; - ebitmap_init(&bitmap); - ebitmap_for_each_positive_bit(&c->range.level[l].cat, node, i) { + ebitmap_for_each_positive_bit(&oldc->range.level[l].cat, node, i) { int rc; catdatum = hashtab_search(newp->p_cats.table, sym_name(oldp, SYM_CATS, i)); if (!catdatum) return -EINVAL; - rc = ebitmap_set_bit(&bitmap, catdatum->value - 1, 1); + rc = ebitmap_set_bit(&newc->range.level[l].cat, + catdatum->value - 1, 1); if (rc) return rc; cond_resched(); } - ebitmap_destroy(&c->range.level[l].cat); - c->range.level[l].cat = bitmap; } return 0; diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h index 1eca02c8bc5f..00c11304f71a 100644 --- a/security/selinux/ss/mls.h +++ b/security/selinux/ss/mls.h @@ -46,7 +46,8 @@ int mls_range_set(struct context *context, struct mls_range *range); int mls_convert_context(struct policydb *oldp, struct policydb *newp, - struct context *context); + struct context *oldc, + struct context *newc); int mls_compute_sid(struct policydb *p, struct context *scontext, diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 550a00004139..292a2ccbe56f 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1899,12 +1899,6 @@ int security_change_sid(struct selinux_state *state, out_sid, false); } -/* Clone the SID into the new SID table. */ -static int clone_sid(u32 sid, struct context *context, void *arg) -{ - return sidtab_insert((struct sidtab *)arg, sid, context); -} - static inline int convert_context_handle_invalid_context( struct selinux_state *state, struct context *context) @@ -1937,12 +1931,10 @@ struct convert_context_args { * in the policy `p->newp'. Verify that the * context is valid under the new policy. */ -static int convert_context(u32 key, struct context *c, void *p) +static int convert_context(struct context *oldc, struct context *newc, void *p) { struct convert_context_args *args; - struct context oldc; struct ocontext *oc; - struct mls_range *range; struct role_datum *role; struct type_datum *typdatum; struct user_datum *usrdatum; @@ -1952,23 +1944,18 @@ static int convert_context(u32 key, struct context *c, void *p) args = p; - if (c->str) { - struct context ctx; - + if (oldc->str) { rc = -ENOMEM; - s = kstrdup(c->str, GFP_KERNEL); + s = kstrdup(oldc->str, GFP_KERNEL); if (!s) goto out; rc = string_to_context_struct(args->newp, NULL, s, - &ctx, SECSID_NULL); + newc, SECSID_NULL); kfree(s); if (!rc) { pr_info("SELinux: Context %s became valid (mapped).\n", - c->str); - /* Replace string with mapped representation. */ - kfree(c->str); - memcpy(c, &ctx, sizeof(*c)); + oldc->str); goto out; } else if (rc == -EINVAL) { /* Retain string representation for later mapping. */ @@ -1977,51 +1964,42 @@ static int convert_context(u32 key, struct context *c, void *p) } else { /* Other error condition, e.g. ENOMEM. */ pr_err("SELinux: Unable to map context %s, rc = %d.\n", - c->str, -rc); + oldc->str, -rc); goto out; } } - rc = context_cpy(&oldc, c); - if (rc) - goto out; + context_init(newc); /* Convert the user. */ rc = -EINVAL; usrdatum = hashtab_search(args->newp->p_users.table, - sym_name(args->oldp, SYM_USERS, c->user - 1)); + sym_name(args->oldp, SYM_USERS, oldc->user - 1)); if (!usrdatum) goto bad; - c->user = usrdatum->value; + newc->user = usrdatum->value; /* Convert the role. */ rc = -EINVAL; role = hashtab_search(args->newp->p_roles.table, - sym_name(args->oldp, SYM_ROLES, c->role - 1)); + sym_name(args->oldp, SYM_ROLES, oldc->role - 1)); if (!role) goto bad; - c->role = role->value; + newc->role = role->value; /* Convert the type. */ rc = -EINVAL; typdatum = hashtab_search(args->newp->p_types.table, - sym_name(args->oldp, SYM_TYPES, c->type - 1)); + sym_name(args->oldp, SYM_TYPES, oldc->type - 1)); if (!typdatum) goto bad; - c->type = typdatum->value; + newc->type = typdatum->value; /* Convert the MLS fields if dealing with MLS policies */ if (args->oldp->mls_enabled && args->newp->mls_enabled) { - rc = mls_convert_context(args->oldp, args->newp, c); + rc = mls_convert_context(args->oldp, args->newp, oldc, newc); if (rc) goto bad; - } else if (args->oldp->mls_enabled && !args->newp->mls_enabled) { - /* - * Switching between MLS and non-MLS policy: - * free any storage used by the MLS fields in the - * context for all existing entries in the sidtab. - */ - mls_context_destroy(c); } else if (!args->oldp->mls_enabled && args->newp->mls_enabled) { /* * Switching between non-MLS and MLS policy: @@ -2039,36 +2017,31 @@ static int convert_context(u32 key, struct context *c, void *p) " the initial SIDs list\n"); goto bad; } - range = &oc->context[0].range; - rc = mls_range_set(c, range); + rc = mls_range_set(newc, &oc->context[0].range); if (rc) goto bad; } /* Check the validity of the new context. */ - if (!policydb_context_isvalid(args->newp, c)) { - rc = convert_context_handle_invalid_context(args->state, - &oldc); + if (!policydb_context_isvalid(args->newp, newc)) { + rc = convert_context_handle_invalid_context(args->state, oldc); if (rc) goto bad; } - context_destroy(&oldc); - rc = 0; out: return rc; bad: /* Map old representation to string and save it. */ - rc = context_struct_to_string(args->oldp, &oldc, &s, &len); + rc = context_struct_to_string(args->oldp, oldc, &s, &len); if (rc) return rc; - context_destroy(&oldc); - context_destroy(c); - c->str = s; - c->len = len; + context_destroy(newc); + newc->str = s; + newc->len = len; pr_info("SELinux: Context %s became invalid (unmapped).\n", - c->str); + newc->str); rc = 0; goto out; } @@ -2113,7 +2086,6 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) struct sidtab *sidtab; struct isidtab *newisidtab = NULL; struct policydb *oldpolicydb, *newpolicydb; - struct sidtab oldsidtab, newsidtab; struct selinux_mapping *oldmapping; struct selinux_map newmap; struct convert_context_args args; @@ -2187,12 +2159,6 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) if (rc) goto out; - rc = sidtab_init(&newsidtab); - if (rc) { - policydb_destroy(newpolicydb); - goto out; - } - newpolicydb->len = len; /* If switching between different policy types, log MLS status */ if (policydb->mls_enabled && !newpolicydb->mls_enabled) @@ -2203,7 +2169,6 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) rc = policydb_load_isids(newpolicydb, newisidtab); if (rc) { pr_err("SELinux: unable to load the initial SIDs\n"); - sidtab_destroy(&newsidtab); policydb_destroy(newpolicydb); goto out; } @@ -2218,21 +2183,14 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) goto err; } - /* Clone the SID table. */ - sidtab_shutdown(sidtab); - - rc = sidtab_map(sidtab, clone_sid, &newsidtab); - if (rc) - goto err; - /* * Convert the internal representations of contexts - * in the new SID table. + * in the SID table. */ args.state = state; args.oldp = policydb; args.newp = newpolicydb; - rc = sidtab_map(&newsidtab, convert_context, &args); + rc = sidtab_convert_start(sidtab, convert_context, &args); if (rc) { pr_err("SELinux: unable to convert the internal" " representation of contexts in the new SID" @@ -2242,19 +2200,18 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) /* Save the old policydb and SID table to free later. */ memcpy(oldpolicydb, policydb, sizeof(*policydb)); - sidtab_set(&oldsidtab, sidtab); /* Install the new policydb and SID table. */ write_lock_irq(&state->ss->policy_rwlock); memcpy(policydb, newpolicydb, sizeof(*policydb)); - sidtab_set(sidtab, &newsidtab); isidtab_destroy(state->ss->isidtab); kfree(state->ss->isidtab); state->ss->isidtab = newisidtab; newisidtab = NULL; + sidtab_convert_finish(sidtab); security_load_policycaps(state); oldmapping = state->ss->map.mapping; state->ss->map.mapping = newmap.mapping; @@ -2264,8 +2221,8 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) write_unlock_irq(&state->ss->policy_rwlock); /* Free the old policydb and SID table. */ + sidtab_convert_cleanup(sidtab); policydb_destroy(oldpolicydb); - sidtab_destroy(&oldsidtab); kfree(oldmapping); avc_ss_reset(state->avc, seqno); @@ -2279,7 +2236,6 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) err: kfree(newmap.mapping); - sidtab_destroy(&newsidtab); policydb_destroy(newpolicydb); isidtab_destroy(newisidtab); diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index 98710657a596..ac4781a191d9 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -24,16 +24,17 @@ int sidtab_init(struct sidtab *s) return -ENOMEM; for (i = 0; i < SIDTAB_SIZE; i++) s->htable[i] = NULL; + s->context_index = 0; s->nel = 0; s->next_sid = SECINITSID_NUM + 1; - s->shutdown = 0; spin_lock_init(&s->lock); return 0; } -int sidtab_insert(struct sidtab *s, u32 sid, struct context *context) +static int sidtab_insert(struct sidtab *s, u32 sid, struct context *context) { - int hvalue; + unsigned int index = s->context_index; + int hvalue, rc; struct sidtab_node *prev, *cur, *newnode; if (!s) @@ -55,11 +56,23 @@ int sidtab_insert(struct sidtab *s, u32 sid, struct context *context) return -ENOMEM; newnode->sid = sid; - if (context_cpy(&newnode->context, context)) { + if (context_cpy(&newnode->context[index], context)) { kfree(newnode); return -ENOMEM; } + newnode->new_set = 0; + if (s->convert) { + rc = s->convert(&newnode->context[index], + &newnode->context[!index], s->convert_args); + if (rc) { + context_destroy(&newnode->context[index]); + kfree(newnode); + return rc; + } + newnode->new_set = 1; + } + if (prev) { newnode->next = prev->next; wmb(); @@ -92,34 +105,74 @@ struct context *sidtab_lookup(struct sidtab *s, u32 sid) if (!cur || sid != cur->sid) return NULL; - return &cur->context; + return &cur->context[s->context_index]; } -int sidtab_map(struct sidtab *s, - int (*apply) (u32 sid, - struct context *context, - void *args), - void *args) +int sidtab_convert_start(struct sidtab *s, sidtab_convert_t convert, void *args) { - int i, rc = 0; + unsigned long flags; + int i, rc; struct sidtab_node *cur; - if (!s) - goto out; + spin_lock_irqsave(&s->lock, flags); + s->convert = convert; + s->convert_args = args; + spin_unlock_irqrestore(&s->lock, flags); for (i = 0; i < SIDTAB_SIZE; i++) { cur = s->htable[i]; while (cur) { - rc = apply(cur->sid, &cur->context, args); - if (rc) - goto out; + if (!cur->new_set) { + rc = convert(&cur->context[s->context_index], + &cur->context[!s->context_index], + args); + if (rc) + goto err; + + cur->new_set = 1; + } cur = cur->next; } } -out: + + return 0; +err: + /* cleanup on conversion failure */ + spin_lock_irqsave(&s->lock, flags); + s->convert = NULL; + s->convert_args = NULL; + spin_unlock_irqrestore(&s->lock, flags); + + sidtab_convert_cleanup(s); + return rc; } +/* must be called with policy write lock (thus no need to lock the spinlock here) */ +void sidtab_convert_finish(struct sidtab *s) +{ + s->context_index = !s->context_index; + s->convert = NULL; + s->convert_args = NULL; +} + +void sidtab_convert_cleanup(struct sidtab *s) +{ + struct sidtab_node *cur; + int i; + + for (i = 0; i < SIDTAB_SIZE; i++) { + cur = s->htable[i]; + while (cur) { + if (cur->new_set) { + cur->new_set = 0; + context_destroy(&cur->context[!s->context_index]); + } + cur = cur->next; + } + } +} + static void sidtab_update_cache(struct sidtab *s, struct sidtab_node *n, int loc) { BUG_ON(loc >= SIDTAB_CACHE_LEN); @@ -132,7 +185,7 @@ static void sidtab_update_cache(struct sidtab *s, struct sidtab_node *n, int loc } static inline u32 sidtab_search_context(struct sidtab *s, - struct context *context) + struct context *context) { int i; struct sidtab_node *cur; @@ -140,7 +193,7 @@ static inline u32 sidtab_search_context(struct sidtab *s, for (i = 0; i < SIDTAB_SIZE; i++) { cur = s->htable[i]; while (cur) { - if (context_cmp(&cur->context, context)) { + if (context_cmp(&cur->context[s->context_index], context)) { sidtab_update_cache(s, cur, SIDTAB_CACHE_LEN - 1); return cur->sid; } @@ -159,7 +212,7 @@ static inline u32 sidtab_search_cache(struct sidtab *s, struct context *context) node = s->cache[i]; if (unlikely(!node)) return 0; - if (context_cmp(&node->context, context)) { + if (context_cmp(&node->context[s->context_index], context)) { sidtab_update_cache(s, node, i); return node->sid; } @@ -187,7 +240,7 @@ int sidtab_context_to_sid(struct sidtab *s, if (sid) goto unlock_out; /* No SID exists for the context. Allocate a new one. */ - if (s->next_sid == UINT_MAX || s->shutdown) { + if (s->next_sid == UINT_MAX) { ret = -ENOMEM; goto unlock_out; } @@ -249,7 +302,9 @@ void sidtab_destroy(struct sidtab *s) while (cur) { temp = cur; cur = cur->next; - context_destroy(&temp->context); + context_destroy(&temp->context[s->context_index]); + if (temp->new_set) + context_destroy(&temp->context[!s->context_index]); kfree(temp); } s->htable[i] = NULL; @@ -260,26 +315,3 @@ void sidtab_destroy(struct sidtab *s) s->next_sid = 1; } -void sidtab_set(struct sidtab *dst, struct sidtab *src) -{ - unsigned long flags; - int i; - - spin_lock_irqsave(&src->lock, flags); - dst->htable = src->htable; - dst->nel = src->nel; - dst->next_sid = src->next_sid; - dst->shutdown = 0; - for (i = 0; i < SIDTAB_CACHE_LEN; i++) - dst->cache[i] = NULL; - spin_unlock_irqrestore(&src->lock, flags); -} - -void sidtab_shutdown(struct sidtab *s) -{ - unsigned long flags; - - spin_lock_irqsave(&s->lock, flags); - s->shutdown = 1; - spin_unlock_irqrestore(&s->lock, flags); -} diff --git a/security/selinux/ss/sidtab.h b/security/selinux/ss/sidtab.h index 2eadd09a1100..85ed33238dbb 100644 --- a/security/selinux/ss/sidtab.h +++ b/security/selinux/ss/sidtab.h @@ -11,8 +11,9 @@ #include "context.h" struct sidtab_node { - u32 sid; /* security identifier */ - struct context context; /* security context structure */ + u32 sid; /* security identifier */ + int new_set; /* is context for new policy set? */ + struct context context[2]; /* security context structures */ struct sidtab_node *next; }; @@ -22,25 +23,27 @@ struct sidtab_node { #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS +typedef int (*sidtab_convert_t)(struct context *oldc, struct context *newc, + void *args); + struct sidtab { struct sidtab_node **htable; + unsigned int context_index; unsigned int nel; /* number of elements */ unsigned int next_sid; /* next SID to allocate */ - unsigned char shutdown; + sidtab_convert_t convert; + void *convert_args; #define SIDTAB_CACHE_LEN 3 struct sidtab_node *cache[SIDTAB_CACHE_LEN]; spinlock_t lock; }; int sidtab_init(struct sidtab *s); -int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); struct context *sidtab_lookup(struct sidtab *s, u32 sid); -int sidtab_map(struct sidtab *s, - int (*apply) (u32 sid, - struct context *context, - void *args), - void *args); +int sidtab_convert_start(struct sidtab *s, sidtab_convert_t convert, void *args); +void sidtab_convert_finish(struct sidtab *s); +void sidtab_convert_cleanup(struct sidtab *s); int sidtab_context_to_sid(struct sidtab *s, struct context *context, @@ -48,8 +51,6 @@ int sidtab_context_to_sid(struct sidtab *s, void sidtab_hash_eval(struct sidtab *h, char *tag); void sidtab_destroy(struct sidtab *s); -void sidtab_set(struct sidtab *dst, struct sidtab *src); -void sidtab_shutdown(struct sidtab *s); #endif /* _SS_SIDTAB_H_ */