linux-hardened/fs/proc
Lucian Adrian Grijincu 8e6c96935f security/selinux: fix /proc/sys/ labeling
This fixes an old (2007) selinux regression: filesystem labeling for
/proc/sys returned
     -r--r--r-- unknown                          /proc/sys/fs/file-nr
instead of
     -r--r--r-- system_u:object_r:sysctl_fs_t:s0 /proc/sys/fs/file-nr

Events that lead to breaking of /proc/sys/ selinux labeling:

1) sysctl was reimplemented to route all calls through /proc/sys/

    commit 77b14db502
    [PATCH] sysctl: reimplement the sysctl proc support

2) proc_dir_entry was removed from ctl_table:

    commit 3fbfa98112
    [PATCH] sysctl: remove the proc_dir_entry member for the sysctl tables

3) selinux still walked the proc_dir_entry tree to apply
   labeling. Because ctl_tables don't have a proc_dir_entry, we did
   not label /proc/sys/ inodes any more. To achieve this the /proc/sys/
   inodes were marked private and private inodes were ignored by
   selinux.

    commit bbaca6c2e7
    [PATCH] selinux: enhance selinux to always ignore private inodes

    commit 86a71dbd3e
    [PATCH] sysctl: hide the sysctl proc inodes from selinux

Access control checks have been done by means of a special sysctl hook
that was called for read/write accesses to any /proc/sys/ entry.

We don't have to do this because, instead of walking the
proc_dir_entry tree we can walk the dentry tree (as done in this
patch). With this patch:
* we don't mark /proc/sys/ inodes as private
* we don't need the sysclt security hook
* we walk the dentry tree to find the path to the inode.

We have to strip the PID in /proc/PID/ entries that have a
proc_dir_entry because selinux does not know how to label paths like
'/1/net/rpc/nfsd.fh' (and defaults to 'proc_t' labeling). Selinux does
know of '/net/rpc/nfsd.fh' (and applies the 'sysctl_rpc_t' label).

PID stripping from the path was done implicitly in the previous code
because the proc_dir_entry tree had the root in '/net' in the example
from above. The dentry tree has the root in '/1'.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Lucian Adrian Grijincu <lucian.grijincu@gmail.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2011-02-01 11:53:54 -05:00
..
array.c CRED: Fix get_task_cred() and task_state() to not resurrect dead credentials 2010-07-29 15:16:17 -07:00
base.c Merge branch 'vfs-scale-working' of git://git.kernel.org/pub/scm/linux/kernel/git/npiggin/linux-npiggin 2011-01-07 08:56:33 -08:00
cmdline.c proc: switch /proc/cmdline to seq_file 2008-10-23 14:29:04 +04:00
cpuinfo.c proc: move /proc/cpuinfo code to fs/proc/cpuinfo.c 2008-10-23 15:05:11 +04:00
devices.c proc: move /proc/devices code to fs/proc/devices.c 2008-10-23 15:02:18 +04:00
generic.c fs: dcache reduce branches in lookup path 2011-01-07 17:50:28 +11:00
inode.c fs: icache RCU free inodes 2011-01-07 17:50:26 +11:00
internal.h proc: rename de_get() to pde_get() and inline it 2009-12-16 07:19:57 -08:00
interrupts.c proc: move /proc/interrupts boilerplate code to fs/proc/interrupts.c 2008-10-23 15:15:46 +04:00
Kconfig vmcore: it is not experimental any more 2010-10-26 16:52:05 -07:00
kcore.c kcore: add _text to KCORE_TEXT 2010-05-27 09:12:47 -07:00
kmsg.c procfs: Use generic_file_llseek in /proc/kmsg 2010-04-09 16:35:41 +02:00
loadavg.c sched, timers: cleanup avenrun users 2009-05-15 15:32:45 +02:00
Makefile console: add /proc/consoles 2010-11-16 12:50:17 -08:00
meminfo.c hwpoison: fix/proc/meminfo alignment 2009-10-29 07:39:25 -07:00
mmu.c
nommu.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
page.c proc: export uncached bit properly in /proc/kpageflags 2010-09-09 18:57:23 -07:00
proc_console.c console: add /proc/consoles 2010-11-16 12:50:17 -08:00
proc_devtree.c of: Drop properties with "/" in their name 2010-06-13 18:12:24 -06:00
proc_net.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
proc_sysctl.c security/selinux: fix /proc/sys/ labeling 2011-02-01 11:53:54 -05:00
proc_tty.c Revert "tty: Add a new file /proc/tty/consoles" 2010-10-23 08:14:12 -07:00
root.c switch procfs to ->mount() 2010-10-29 04:17:01 -04:00
softirqs.c procfs: fix /proc/softirqs formatting 2010-10-27 18:03:13 -07:00
stat.c /proc/stat: fix scalability of irq sum of all cpu 2010-10-27 18:03:13 -07:00
task_mmu.c pagemap: set pagemap walk limit to PMD boundary 2010-11-25 06:50:46 +09:00
task_nommu.c nommu: add '[stack]' label to /proc/pid/maps output 2010-06-29 15:29:30 -07:00
uptime.c [PATCH] Fix idle time field in /proc/uptime 2009-09-24 10:16:24 +02:00
version.c proc: switch /proc/version to seq_file 2008-10-23 14:19:58 +04:00
vmcore.c ARM: 6485/5: proc/vmcore - allow archs to override vmcore_elf_check_arch() 2010-11-30 13:39:55 +00:00