diff options
| author | Paul Moore <paul@paul-moore.com> | 2026-07-02 12:36:41 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2026-07-02 12:36:41 -0400 |
| commit | ae3d476caeba0bb7779334b1ce9d9a795ed602d2 (patch) | |
| tree | 8fd0a61d28b2dcb4fc18a078ba4a913cec2d7aba /security | |
| parent | 56acfeb10019e200ab6787d01f8d7cbe0f01526f (diff) | |
| parent | ef0740b4b75fe48fb411b2a76aafbab0cdd6b0ba (diff) | |
| download | linux-next-ae3d476caeba0bb7779334b1ce9d9a795ed602d2.tar.gz linux-next-ae3d476caeba0bb7779334b1ce9d9a795ed602d2.zip | |
Automated merge of 'dev' into 'next'
* dev:
selinux: tighten type validation during policy load
selinux: drop unnecessary goto and label from avc_alloc_node()
selinux: convert int flags to bool flags in ss/services.c
selinux: clean up selinuxfs resources on init failure
selinux: hooks: use kmalloc() to allocate path buffer
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/avc.c | 3 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 6 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 19 | ||||
| -rw-r--r-- | security/selinux/ss/policydb.c | 11 | ||||
| -rw-r--r-- | security/selinux/ss/services.c | 18 |
5 files changed, 34 insertions, 23 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 813e82bcfc27..a9401d6c2e5f 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -497,7 +497,7 @@ static struct avc_node *avc_alloc_node(void) node = kmem_cache_zalloc(avc_node_cachep, GFP_NOWAIT); if (!node) - goto out; + return NULL; INIT_HLIST_NODE(&node->list); avc_cache_stats_incr(allocations); @@ -506,7 +506,6 @@ static struct avc_node *avc_alloc_node(void) selinux_avc.avc_cache_threshold) avc_reclaim_node(); -out: return node; } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 70a3388c047d..c70f65d86ab1 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1336,11 +1336,11 @@ static int selinux_genfs_get_sid(struct dentry *dentry, struct super_block *sb = dentry->d_sb; char *buffer, *path; - buffer = (char *)__get_free_page(GFP_KERNEL); + buffer = kmalloc(PATH_MAX, GFP_KERNEL); if (!buffer) return -ENOMEM; - path = dentry_path_raw(dentry, buffer, PAGE_SIZE); + path = dentry_path_raw(dentry, buffer, PATH_MAX); if (IS_ERR(path)) rc = PTR_ERR(path); else { @@ -1361,7 +1361,7 @@ static int selinux_genfs_get_sid(struct dentry *dentry, rc = 0; } } - free_page((unsigned long)buffer); + kfree(buffer); return rc; } diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 5aaaf69410bb..c7d91476971c 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -1984,17 +1984,15 @@ int __init init_sel_fs(void) return err; err = register_filesystem(&sel_fs_type); - if (err) { - sysfs_remove_mount_point(fs_kobj, "selinux"); - return err; - } + if (err) + goto err_remove_mount_point; selinux_null.mnt = kern_mount(&sel_fs_type); if (IS_ERR(selinux_null.mnt)) { pr_err("selinuxfs: could not mount!\n"); err = PTR_ERR(selinux_null.mnt); selinux_null.mnt = NULL; - return err; + goto err_unregister_fs; } selinux_null.dentry = try_lookup_noperm(&null_name, @@ -2003,7 +2001,7 @@ int __init init_sel_fs(void) pr_err("selinuxfs: could not lookup null!\n"); err = PTR_ERR(selinux_null.dentry); selinux_null.dentry = NULL; - return err; + goto err_unmount; } /* @@ -2012,5 +2010,14 @@ int __init init_sel_fs(void) */ (void) selinux_kernel_status_page(); + return 0; + +err_unmount: + kern_unmount(selinux_null.mnt); + selinux_null.mnt = NULL; +err_unregister_fs: + unregister_filesystem(&sel_fs_type); +err_remove_mount_point: + sysfs_remove_mount_point(fs_kobj, "selinux"); return err; } diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index ead504a639e3..ba1c9bd9e29f 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -604,10 +604,15 @@ static int type_index(void *key, void *datum, void *datap) typdatum = datum; p = datap; + if (!typdatum->value || typdatum->value > p->p_types.nprim || + typdatum->bounds > p->p_types.nprim) { + pr_err("SELinux: type %s had value %u bounds %u nprim %u\n", + (char *)key, typdatum->value, typdatum->bounds, + p->p_types.nprim); + return -EINVAL; + } + if (typdatum->primary) { - if (!typdatum->value || typdatum->value > p->p_types.nprim || - typdatum->bounds > p->p_types.nprim) - return -EINVAL; p->sym_val_to_name[SYM_TYPES][typdatum->value - 1] = key; p->type_val_to_struct[typdatum->value - 1] = typdatum; } diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 2d828548f3db..c03d3acc0a7c 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1355,8 +1355,8 @@ const char *security_get_initial_sid_context(u32 sid) } static int security_sid_to_context_core(u32 sid, char **scontext, - u32 *scontext_len, int force, - int only_invalid) + u32 *scontext_len, bool force, + bool only_invalid) { struct selinux_policy *policy; struct policydb *policydb; @@ -1439,14 +1439,14 @@ out_unlock: int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len) { return security_sid_to_context_core(sid, scontext, - scontext_len, 0, 0); + scontext_len, false, false); } int security_sid_to_context_force(u32 sid, char **scontext, u32 *scontext_len) { return security_sid_to_context_core(sid, scontext, - scontext_len, 1, 0); + scontext_len, true, false); } /** @@ -1466,7 +1466,7 @@ int security_sid_to_context_inval(u32 sid, char **scontext, u32 *scontext_len) { return security_sid_to_context_core(sid, scontext, - scontext_len, 1, 1); + scontext_len, true, true); } /* @@ -1552,7 +1552,7 @@ out: static int security_context_to_sid_core(const char *scontext, u32 scontext_len, u32 *sid, u32 def_sid, gfp_t gfp_flags, - int force) + bool force) { struct selinux_policy *policy; struct policydb *policydb; @@ -1641,7 +1641,7 @@ int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid, gfp_t gfp) { return security_context_to_sid_core(scontext, scontext_len, - sid, SECSID_NULL, gfp, 0); + sid, SECSID_NULL, gfp, false); } int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp) @@ -1673,14 +1673,14 @@ int security_context_to_sid_default(const char *scontext, u32 scontext_len, u32 *sid, u32 def_sid, gfp_t gfp_flags) { return security_context_to_sid_core(scontext, scontext_len, - sid, def_sid, gfp_flags, 1); + sid, def_sid, gfp_flags, true); } int security_context_to_sid_force(const char *scontext, u32 scontext_len, u32 *sid) { return security_context_to_sid_core(scontext, scontext_len, - sid, SECSID_NULL, GFP_KERNEL, 1); + sid, SECSID_NULL, GFP_KERNEL, true); } static int compute_sid_handle_invalid_context( |
