Commit f41030a2 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'selinux-pr-20200601' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux 

Pull SELinux updates from Paul Moore:
 "The highlights:

   - A number of improvements to various SELinux internal data
     structures to help improve performance. We move the role
     transitions into a hash table. In the content structure we shift
     from hashing the content string (aka SELinux label) to the
     structure itself, when it is valid. This last change not only
     offers a speedup, but it helps us simplify the code some as well.

   - Add a new SELinux policy version which allows for a more space
     efficient way of storing the filename transitions in the binary
     policy. Given the default Fedora SELinux policy with the unconfined
     module enabled, this change drops the policy size from ~7.6MB to
     ~3.3MB. The kernel policy load time dropped as well.

   - Some fixes to the error handling code in the policy parser to
     properly return error codes when things go wrong"

* tag 'selinux-pr-20200601' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: netlabel: Remove unused inline function
  selinux: do not allocate hashtabs dynamically
  selinux: fix return value on error in policydb_read()
  selinux: simplify range_write()
  selinux: fix error return code in policydb_read()
  selinux: don't produce incorrect filename_trans_count
  selinux: implement new format of filename transitions
  selinux: move context hashing under sidtab
  selinux: hash context structure directly
  selinux: store role transitions in a hash table
  selinux: drop unnecessary smp_load_acquire() call
  selinux: fix warning Comparison to bool
parents 9d99b164 fe5a90b8

security/selinux/Makefile

+1 −1
Original line number Diff line number Diff line
@@ -8,7 +8,7 @@ obj-$(CONFIG_SECURITY_SELINUX) := selinux.o 
selinux-y := avc.o hooks.o selinuxfs.o netlink.o nlmsgtab.o netif.o \

	     netnode.o netport.o status.o \

	     ss/ebitmap.o ss/hashtab.o ss/symtab.o ss/sidtab.o ss/avtab.o \

	     ss/policydb.o ss/services.o ss/conditional.o ss/mls.o

	     ss/policydb.o ss/services.o ss/conditional.o ss/mls.o ss/context.o



selinux-$(CONFIG_SECURITY_NETWORK_XFRM) += xfrm.o

security/selinux/include/netlabel.h

+0 −6
Original line number Diff line number Diff line
@@ -98,12 +98,6 @@ static inline int selinux_netlbl_skbuff_setsid(struct sk_buff *skb, 
	return 0;

}



static inline int selinux_netlbl_conn_setsid(struct sock *sk,

					     struct sockaddr *addr)

{

	return 0;

}



static inline int selinux_netlbl_sctp_assoc_request(struct sctp_endpoint *ep,

						    struct sk_buff *skb)

{

security/selinux/include/security.h

+2 −1
Original line number Diff line number Diff line
@@ -41,10 +41,11 @@ 
#define POLICYDB_VERSION_XPERMS_IOCTL	30

#define POLICYDB_VERSION_INFINIBAND		31

#define POLICYDB_VERSION_GLBLUB		32

#define POLICYDB_VERSION_COMP_FTRANS	33 /* compressed filename transitions */



/* Range of policy versions we understand*/

#define POLICYDB_VERSION_MIN   POLICYDB_VERSION_BASE

#define POLICYDB_VERSION_MAX   POLICYDB_VERSION_GLBLUB

#define POLICYDB_VERSION_MAX   POLICYDB_VERSION_COMP_FTRANS



/* Mask for just the mount related flags */

#define SE_MNTMASK	0x0f

security/selinux/ss/context.c

0 → 100644
+32 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0

/*

 * Implementations of the security context functions.

 *

 * Author: Ondrej Mosnacek <omosnacek@gmail.com>

 * Copyright (C) 2020 Red Hat, Inc.

 */



#include <linux/jhash.h>



#include "context.h"

#include "mls.h"



u32 context_compute_hash(const struct context *c)

{

	u32 hash = 0;



	/*

	 * If a context is invalid, it will always be represented by a

	 * context struct with only the len & str set (and vice versa)

	 * under a given policy. Since context structs from different

	 * policies should never meet, it is safe to hash valid and

	 * invalid contexts differently. The context_cmp() function

	 * already operates under the same assumption.

	 */

	if (c->len)

		return full_name_hash(NULL, c->str, c->len);



	hash = jhash_3words(c->user, c->role, c->type, hash);

	hash = mls_range_hash(&c->range, hash);

	return hash;

}

security/selinux/ss/context.h

+2 −9
Original line number Diff line number Diff line
@@ -31,7 +31,6 @@ struct context { 
	u32 len;        /* length of string in bytes */

	struct mls_range range;

	char *str;	/* string representation if context cannot be mapped. */

	u32 hash;	/* a hash of the string representation */

};



static inline void mls_context_init(struct context *c)
@@ -169,13 +168,12 @@ static inline int context_cpy(struct context *dst, struct context *src) 
		kfree(dst->str);

		return rc;

	}

	dst->hash = src->hash;

	return 0;

}



static inline void context_destroy(struct context *c)

{

	c->user = c->role = c->type = c->hash = 0;

	c->user = c->role = c->type = 0;

	kfree(c->str);

	c->str = NULL;

	c->len = 0;
@@ -184,8 +182,6 @@ static inline void context_destroy(struct context *c) 


static inline int context_cmp(struct context *c1, struct context *c2)

{

	if (c1->hash && c2->hash && (c1->hash != c2->hash))

		return 0;

	if (c1->len && c2->len)

		return (c1->len == c2->len && !strcmp(c1->str, c2->str));

	if (c1->len || c2->len)
@@ -196,10 +192,7 @@ static inline int context_cmp(struct context *c1, struct context *c2) 
		mls_context_cmp(c1, c2));

}



static inline unsigned int context_compute_hash(const char *s)

{

	return full_name_hash(NULL, s, strlen(s));

}

u32 context_compute_hash(const struct context *c);



#endif	/* _SS_CONTEXT_H_ */