Re: [RFC] LSM generic ioctl permissions patch (1/1)

From: Lorenzo Hernandez Garcia-Hierro (lorenzohgh@private)
Date: Sat Nov 12 2005 - 21:06:28 PST

Previous message: Chris Wright: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
In reply to: Chris Wright: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
Next in thread: Stephen Smalley: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
Reply: Stephen Smalley: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

As of Chris Wright's feedback on [1], this patch uses _IOC_DIR macro
for checking read/write ioctl commands which fall through getattr/setattr
permission checks, thus avoiding the need of hard-coded ioctl commands
inside the file_ioctl hook.

For a complex and more complete implementation which includes generic
ioctl permissions for the LSM framework, please check [1].

1:
  http://selinux.tuxedo-es.org/patches/lsm-checkioctl-hook.patch

---

 security/selinux/hooks.c |   25 +++++++------------------
 1 file changed, 7 insertions(+), 18 deletions(-)

diff -puN security/selinux/hooks.c~selinux-file_ioctl-iocdir-checks security/selinux/hooks.c
--- linux-2.6.14.2/security/selinux/hooks.c~selinux-file_ioctl-iocdir-checks	2005-11-13 04:06:23.000000000 +0000
+++ linux-2.6.14.2-lorenzo/security/selinux/hooks.c	2005-11-13 04:51:20.000000000 +0000
@@ -2351,25 +2351,14 @@ static int selinux_file_ioctl(struct fil
 {
 	int error = 0;
 
-	switch (cmd) {
-		case FIONREAD:
-		/* fall through */
-		case FIBMAP:
-		/* fall through */
-		case FIGETBSZ:
-		/* fall through */
-		case EXT2_IOC_GETFLAGS:
-		/* fall through */
-		case EXT2_IOC_GETVERSION:
-			error = file_has_perm(current, file, FILE__GETATTR);
-			break;
-
-		case EXT2_IOC_SETFLAGS:
-		/* fall through */
-		case EXT2_IOC_SETVERSION:
-			error = file_has_perm(current, file, FILE__SETATTR);
-			break;
+	/* generic check for getattr/setattr ioctls */
+	if ((_IOC_DIR(cmd) & _IOC_READ)) {
+        	file_has_perm(current, file, FILE__GETATTR);
+        } else if ((_IOC_DIR(cmd) & _IOC_WRITE)) {
+        	file_has_perm(current, file, FILE__SETATTR);
+        }
 
+	switch (cmd) {
 		/* sys_ioctl() checks */
 		case FIONBIO:
 		/* fall through */
_

Please, lemme know if you want a GPG signed patch. I can't send inline
patches signed because they get line-wrapped. I know it's not a big deal anyways,
for a ~25 lines patch ;). 

Ah, despite the base name of the diff, it's based on -mm2.

Cheers and many thanks for the feedback,
-- 
Lorenzo Hernández García-Hierro <lorenzo@private> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

Previous message: Chris Wright: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
In reply to: Chris Wright: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
Next in thread: Stephen Smalley: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
Reply: Stephen Smalley: "Re: [RFC] LSM generic ioctl permissions patch (1/1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Sat Nov 12 2005 - 21:07:40 PST