From f785c54101e01f8e5f84464f8755671246b13794 Mon Sep 17 00:00:00 2001 From: Christian Göttsche Date: Thu, 6 Jul 2023 15:23:18 +0200 Subject: selinux: avoid avtab overflows MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Prevent inserting more than the supported U32_MAX number of entries. Signed-off-by: Christian Göttsche Signed-off-by: Paul Moore --- security/selinux/ss/avtab.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'security/selinux/ss/avtab.c') diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 6766edc0fe68..7d21de48c28d 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -110,7 +110,7 @@ static int avtab_insert(struct avtab *h, const struct avtab_key *key, struct avtab_node *prev, *cur, *newnode; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); - if (!h || !h->nslot) + if (!h || !h->nslot || h->nel == U32_MAX) return -EINVAL; hvalue = avtab_hash(key, h->mask); @@ -156,7 +156,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_node *prev, *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); - if (!h || !h->nslot) + if (!h || !h->nslot || h->nel == U32_MAX) return NULL; hvalue = avtab_hash(key, h->mask); for (prev = NULL, cur = h->htable[hvalue]; -- cgit v1.2.3-70-g09d2 From 7128578c79a73760305f89ff975047c124919dfc Mon Sep 17 00:00:00 2001 From: Christian Göttsche Date: Thu, 6 Jul 2023 15:23:29 +0200 Subject: selinux: use consistent type for AV rule specifier MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The specifier for avtab keys is always supplied with a type of u16, either as a macro to security_compute_sid() or the member specified of the struct avtab_key. Signed-off-by: Christian Göttsche Signed-off-by: Paul Moore --- security/selinux/ss/avtab.c | 2 +- security/selinux/ss/avtab.h | 2 +- security/selinux/ss/services.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'security/selinux/ss/avtab.c') diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 7d21de48c28d..8d7c14ca27a2 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -248,7 +248,7 @@ struct avtab_node *avtab_search_node(struct avtab *h, } struct avtab_node* -avtab_search_node_next(struct avtab_node *node, int specified) +avtab_search_node_next(struct avtab_node *node, u16 specified) { struct avtab_node *cur; diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index d6742fd9c560..f265e9da18e2 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -111,7 +111,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h, const struct avtab_key *key); -struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified); +struct avtab_node *avtab_search_node_next(struct avtab_node *node, u16 specified); #define MAX_AVTAB_HASH_BITS 16 #define MAX_AVTAB_HASH_BUCKETS (1 << MAX_AVTAB_HASH_BITS) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 78946b71c1c1..83b85536cd2b 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1694,7 +1694,7 @@ static void filename_compute_type(struct policydb *policydb, static int security_compute_sid(u32 ssid, u32 tsid, u16 orig_tclass, - u32 specified, + u16 specified, const char *objname, u32 *out_sid, bool kern) -- cgit v1.2.3-70-g09d2 From 08a12b39e289fedf755afbc81de44a5cd1286b4b Mon Sep 17 00:00:00 2001 From: Christian Göttsche Date: Tue, 18 Jul 2023 20:06:27 +0200 Subject: selinux: drop avtab_search() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit avtab_search() shares the same logic with avtab_search_node(), except that it returns, if found, a pointer to the struct avtab_node member datum instead of the node itself. Since the member is an embedded struct, and not a pointer, the returned value of avtab_search() and avtab_search_node() will always in unison either be NULL or non-NULL. Drop avtab_search() and replace its calls by avtab_search_node() to deduplicate logic and adopt the only caller caring for the type of the returned value accordingly. Signed-off-by: Christian Göttsche Signed-off-by: Paul Moore --- security/selinux/ss/avtab.c | 32 -------------------------------- security/selinux/ss/avtab.h | 1 - security/selinux/ss/conditional.c | 4 ++-- security/selinux/ss/services.c | 13 ++++++------- 4 files changed, 8 insertions(+), 42 deletions(-) (limited to 'security/selinux/ss/avtab.c') diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 8d7c14ca27a2..5fd439c5b8a4 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -180,38 +180,6 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, return avtab_insert_node(h, hvalue, prev, key, datum); } -struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *key) -{ - int hvalue; - struct avtab_node *cur; - u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); - - if (!h || !h->nslot) - return NULL; - - hvalue = avtab_hash(key, h->mask); - for (cur = h->htable[hvalue]; cur; - cur = cur->next) { - if (key->source_type == cur->key.source_type && - key->target_type == cur->key.target_type && - key->target_class == cur->key.target_class && - (specified & cur->key.specified)) - return &cur->datum; - - if (key->source_type < cur->key.source_type) - break; - if (key->source_type == cur->key.source_type && - key->target_type < cur->key.target_type) - break; - if (key->source_type == cur->key.source_type && - key->target_type == cur->key.target_type && - key->target_class < cur->key.target_class) - break; - } - - return NULL; -} - /* This search function returns a node pointer, and can be used in * conjunction with avtab_search_next_node() */ diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index f265e9da18e2..c2b88430c916 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -90,7 +90,6 @@ struct avtab { void avtab_init(struct avtab *h); int avtab_alloc(struct avtab *, u32); int avtab_alloc_dup(struct avtab *new, const struct avtab *orig); -struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *k); void avtab_destroy(struct avtab *h); void avtab_hash_eval(struct avtab *h, const char *tag); diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index b156c181c3c1..81ff676f209a 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c @@ -272,7 +272,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k, * cond_te_avtab. */ if (k->specified & AVTAB_TYPE) { - if (avtab_search(&p->te_avtab, k)) { + if (avtab_search_node(&p->te_avtab, k)) { pr_err("SELinux: type rule already exists outside of a conditional.\n"); return -EINVAL; } @@ -304,7 +304,7 @@ static int cond_insertf(struct avtab *a, const struct avtab_key *k, } } } else { - if (avtab_search(&p->te_cond_avtab, k)) { + if (avtab_search_node(&p->te_cond_avtab, k)) { pr_err("SELinux: conflicting type rules when adding type rule for true.\n"); return -EINVAL; } diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 83b85536cd2b..fa47e4e38935 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1706,8 +1706,7 @@ static int security_compute_sid(u32 ssid, struct context *scontext, *tcontext, newcontext; struct sidtab_entry *sentry, *tentry; struct avtab_key avkey; - struct avtab_datum *avdatum; - struct avtab_node *node; + struct avtab_node *avnode, *node; u16 tclass; int rc = 0; bool sock; @@ -1815,22 +1814,22 @@ retry: avkey.target_type = tcontext->type; avkey.target_class = tclass; avkey.specified = specified; - avdatum = avtab_search(&policydb->te_avtab, &avkey); + avnode = avtab_search_node(&policydb->te_avtab, &avkey); /* If no permanent rule, also check for enabled conditional rules */ - if (!avdatum) { + if (!avnode) { node = avtab_search_node(&policydb->te_cond_avtab, &avkey); for (; node; node = avtab_search_node_next(node, specified)) { if (node->key.specified & AVTAB_ENABLED) { - avdatum = &node->datum; + avnode = node; break; } } } - if (avdatum) { + if (avnode) { /* Use the type from the type transition/member/change rule. */ - newcontext.type = avdatum->u.data; + newcontext.type = avnode->datum.u.data; } /* if we have a objname this is a file trans check so check those rules */ -- cgit v1.2.3-70-g09d2 From 0fe53224bf5be183d263f262212c06ff00c69ca4 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Wed, 19 Jul 2023 11:12:50 -0400 Subject: selinux: update my email address Update my email address; MAINTAINERS was updated some time ago. Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/avc.c | 2 +- security/selinux/hooks.c | 2 +- security/selinux/include/avc.h | 2 +- security/selinux/include/avc_ss.h | 2 +- security/selinux/include/objsec.h | 2 +- security/selinux/include/security.h | 2 +- security/selinux/ss/avtab.c | 2 +- security/selinux/ss/avtab.h | 2 +- security/selinux/ss/constraint.h | 2 +- security/selinux/ss/context.h | 2 +- security/selinux/ss/ebitmap.c | 2 +- security/selinux/ss/ebitmap.h | 2 +- security/selinux/ss/hashtab.c | 2 +- security/selinux/ss/hashtab.h | 2 +- security/selinux/ss/mls.c | 2 +- security/selinux/ss/mls.h | 2 +- security/selinux/ss/mls_types.h | 2 +- security/selinux/ss/policydb.c | 2 +- security/selinux/ss/policydb.h | 2 +- security/selinux/ss/services.c | 2 +- security/selinux/ss/services.h | 2 +- security/selinux/ss/sidtab.c | 2 +- security/selinux/ss/sidtab.h | 2 +- security/selinux/ss/symtab.c | 2 +- security/selinux/ss/symtab.h | 2 +- 25 files changed, 25 insertions(+), 25 deletions(-) (limited to 'security/selinux/ss/avtab.c') diff --git a/security/selinux/avc.c b/security/selinux/avc.c index cd55479cce25..32eb67fb3e42 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -2,7 +2,7 @@ /* * Implementation of the kernel access vector cache (AVC). * - * Authors: Stephen Smalley, + * Authors: Stephen Smalley, * James Morris * * Update: KaiGai, Kohei diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index dc51f28815b0..a85a9f52e0c3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4,7 +4,7 @@ * * This file contains the SELinux hook function implementations. * - * Authors: Stephen Smalley, + * Authors: Stephen Smalley, * Chris Vance, * Wayne Salamon, * James Morris diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 9e055f74daf6..8f0aa66ccb13 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h @@ -2,7 +2,7 @@ /* * Access vector cache interface for object managers. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SELINUX_AVC_H_ #define _SELINUX_AVC_H_ diff --git a/security/selinux/include/avc_ss.h b/security/selinux/include/avc_ss.h index b9668be7b443..88b139e086c4 100644 --- a/security/selinux/include/avc_ss.h +++ b/security/selinux/include/avc_ss.h @@ -2,7 +2,7 @@ /* * Access vector cache interface for the security server. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SELINUX_AVC_SS_H_ #define _SELINUX_AVC_SS_H_ diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 8f50e8fe0488..8159fd53c3de 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -4,7 +4,7 @@ * * This file contains the SELinux security data structures for kernel objects. * - * Author(s): Stephen Smalley, + * Author(s): Stephen Smalley, * Chris Vance, * Wayne Salamon, * James Morris diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 6b8b8fc3badd..668e393a9709 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -2,7 +2,7 @@ /* * Security server interface. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, * */ diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 5fd439c5b8a4..32f92da00b0e 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -1,7 +1,7 @@ /* * Implementation of the access vector table type. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* Updated: Frank Mayer and Karl MacMillan diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index c2b88430c916..2ef5d1ae2844 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -6,7 +6,7 @@ * table is used to represent the type enforcement * tables. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* Updated: Frank Mayer and Karl MacMillan diff --git a/security/selinux/ss/constraint.h b/security/selinux/ss/constraint.h index 4e563be9ef5f..f76eb3128ad5 100644 --- a/security/selinux/ss/constraint.h +++ b/security/selinux/ss/constraint.h @@ -11,7 +11,7 @@ * process from labeling an object with a different user * identity. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SS_CONSTRAINT_H_ #define _SS_CONSTRAINT_H_ diff --git a/security/selinux/ss/context.h b/security/selinux/ss/context.h index aed704b8c642..1f59468c0759 100644 --- a/security/selinux/ss/context.h +++ b/security/selinux/ss/context.h @@ -11,7 +11,7 @@ * security server and can be changed without affecting * clients of the security server. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SS_CONTEXT_H_ #define _SS_CONTEXT_H_ diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index d31b87be9a1e..77875ad355f7 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -2,7 +2,7 @@ /* * Implementation of the extensible bitmap type. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* * Updated: Hewlett-Packard diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h index e5b57dc3fc53..e3c807cfad90 100644 --- a/security/selinux/ss/ebitmap.h +++ b/security/selinux/ss/ebitmap.h @@ -10,7 +10,7 @@ * an explicitly specified starting bit position within * the total bitmap. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SS_EBITMAP_H_ #define _SS_EBITMAP_H_ diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 3fb8f9026e9b..30532ec319ce 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c @@ -2,7 +2,7 @@ /* * Implementation of the hash table type. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #include #include diff --git a/security/selinux/ss/hashtab.h b/security/selinux/ss/hashtab.h index 043a773bf0b7..9dac6da45b98 100644 --- a/security/selinux/ss/hashtab.h +++ b/security/selinux/ss/hashtab.h @@ -6,7 +6,7 @@ * functions for hash computation and key comparison are * provided by the creator of the table. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SS_HASHTAB_H_ #define _SS_HASHTAB_H_ diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index 99571b19d4a9..b2c6c846ea03 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -2,7 +2,7 @@ /* * Implementation of the multi-level security (MLS) policy. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* * Updated: Trusted Computer Solutions, Inc. diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h index 15cacde0ff61..107681dd1824 100644 --- a/security/selinux/ss/mls.h +++ b/security/selinux/ss/mls.h @@ -2,7 +2,7 @@ /* * Multi-level security (MLS) policy operations. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* * Updated: Trusted Computer Solutions, Inc. diff --git a/security/selinux/ss/mls_types.h b/security/selinux/ss/mls_types.h index 7d48d5e52233..f492cf148891 100644 --- a/security/selinux/ss/mls_types.h +++ b/security/selinux/ss/mls_types.h @@ -2,7 +2,7 @@ /* * Type definitions for the multi-level security (MLS) policy. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* * Updated: Trusted Computer Solutions, Inc. diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 61e0e5000025..b903a4dfdce1 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -2,7 +2,7 @@ /* * Implementation of the policy database. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h index 6b4ad8e91265..b97cda489753 100644 --- a/security/selinux/ss/policydb.h +++ b/security/selinux/ss/policydb.h @@ -3,7 +3,7 @@ * A policy database (policydb) specifies the * configuration data for the security policy. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ /* diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index fa47e4e38935..2c5be06fbada 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2,7 +2,7 @@ /* * Implementation of the security services. * - * Authors : Stephen Smalley, + * Authors : Stephen Smalley, * James Morris * * Updated: Trusted Computer Solutions, Inc. diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h index 8a9b85f44b66..ed2ee6600467 100644 --- a/security/selinux/ss/services.h +++ b/security/selinux/ss/services.h @@ -2,7 +2,7 @@ /* * Implementation of the security services. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SS_SERVICES_H_ #define _SS_SERVICES_H_ diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index 38d25173aebd..d8ead463b8df 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -2,7 +2,7 @@ /* * Implementation of the SID table type. * - * Original author: Stephen Smalley, + * Original author: Stephen Smalley, * Author: Ondrej Mosnacek, * * Copyright (C) 2018 Red Hat, Inc. diff --git a/security/selinux/ss/sidtab.h b/security/selinux/ss/sidtab.h index 72810a080e77..22258201cd14 100644 --- a/security/selinux/ss/sidtab.h +++ b/security/selinux/ss/sidtab.h @@ -3,7 +3,7 @@ * A security identifier table (sidtab) is a lookup table * of security context structures indexed by SID value. * - * Original author: Stephen Smalley, + * Original author: Stephen Smalley, * Author: Ondrej Mosnacek, * * Copyright (C) 2018 Red Hat, Inc. diff --git a/security/selinux/ss/symtab.c b/security/selinux/ss/symtab.c index 7a77571fb275..43d7f0319ccd 100644 --- a/security/selinux/ss/symtab.c +++ b/security/selinux/ss/symtab.c @@ -2,7 +2,7 @@ /* * Implementation of the symbol table type. * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #include #include diff --git a/security/selinux/ss/symtab.h b/security/selinux/ss/symtab.h index 3033c4db6cb6..0a3b5de79a0f 100644 --- a/security/selinux/ss/symtab.h +++ b/security/selinux/ss/symtab.h @@ -5,7 +5,7 @@ * is arbitrary. The symbol table type is implemented * using the hash table type (hashtab). * - * Author : Stephen Smalley, + * Author : Stephen Smalley, */ #ifndef _SS_SYMTAB_H_ #define _SS_SYMTAB_H_ -- cgit v1.2.3-70-g09d2 From f01dd5904519574017a4938ffb4424b31ba79cf3 Mon Sep 17 00:00:00 2001 From: Christian Göttsche Date: Fri, 28 Jul 2023 17:19:31 +0200 Subject: selinux: move debug functions into debug configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit avtab_hash_eval() and hashtab_stat() are only used in policydb.c when the configuration SECURITY_SELINUX_DEBUG is enabled. Move the function definitions under that configuration as well and provide empty definitions in case SECURITY_SELINUX_DEBUG is disabled, to avoid using #ifdef in the callers. Signed-off-by: Christian Göttsche Signed-off-by: Paul Moore --- security/selinux/ss/avtab.c | 2 ++ security/selinux/ss/avtab.h | 7 +++++++ security/selinux/ss/hashtab.c | 3 ++- security/selinux/ss/hashtab.h | 6 ++++++ security/selinux/ss/policydb.c | 5 +++-- 5 files changed, 20 insertions(+), 3 deletions(-) (limited to 'security/selinux/ss/avtab.c') diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 32f92da00b0e..243e5dabfa86 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -322,6 +322,7 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig) return avtab_alloc_common(new, orig->nslot); } +#ifdef CONFIG_SECURITY_SELINUX_DEBUG void avtab_hash_eval(struct avtab *h, const char *tag) { int i, chain_len, slots_used, max_chain_len; @@ -352,6 +353,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag) tag, h->nel, slots_used, h->nslot, max_chain_len, chain2_len_sum); } +#endif /* CONFIG_SECURITY_SELINUX_DEBUG */ static const uint16_t spec_order[] = { AVTAB_ALLOWED, diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index 2ef5d1ae2844..3c3904bf02b0 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -91,7 +91,14 @@ void avtab_init(struct avtab *h); int avtab_alloc(struct avtab *, u32); int avtab_alloc_dup(struct avtab *new, const struct avtab *orig); void avtab_destroy(struct avtab *h); + +#ifdef CONFIG_SECURITY_SELINUX_DEBUG void avtab_hash_eval(struct avtab *h, const char *tag); +#else +static inline void avtab_hash_eval(struct avtab *h, const char *tag) +{ +} +#endif struct policydb; int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 30532ec319ce..e3747b5dd3e7 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c @@ -103,7 +103,7 @@ int hashtab_map(struct hashtab *h, return 0; } - +#ifdef CONFIG_SECURITY_SELINUX_DEBUG void hashtab_stat(struct hashtab *h, struct hashtab_info *info) { u32 i, chain_len, slots_used, max_chain_len; @@ -129,6 +129,7 @@ void hashtab_stat(struct hashtab *h, struct hashtab_info *info) info->slots_used = slots_used; info->max_chain_len = max_chain_len; } +#endif /* CONFIG_SECURITY_SELINUX_DEBUG */ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, int (*copy)(struct hashtab_node *new, diff --git a/security/selinux/ss/hashtab.h b/security/selinux/ss/hashtab.h index 9dac6da45b98..f9713b56d3d0 100644 --- a/security/selinux/ss/hashtab.h +++ b/security/selinux/ss/hashtab.h @@ -142,7 +142,13 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, int (*destroy)(void *k, void *d, void *args), void *args); +#ifdef CONFIG_SECURITY_SELINUX_DEBUG /* Fill info with some hash table statistics */ void hashtab_stat(struct hashtab *h, struct hashtab_info *info); +#else +static inline void hashtab_stat(struct hashtab *h, struct hashtab_info *info) +{ +} +#endif #endif /* _SS_HASHTAB_H */ diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index dc66868ff62c..a424997c79eb 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -701,6 +701,9 @@ static void symtab_hash_eval(struct symtab *s) static inline void hash_eval(struct hashtab *h, const char *hash_name) { } +static inline void symtab_hash_eval(struct symtab *s) +{ +} #endif /* CONFIG_SECURITY_SELINUX_DEBUG */ /* @@ -725,10 +728,8 @@ static int policydb_index(struct policydb *p) pr_debug("SELinux: %d classes, %d rules\n", p->p_classes.nprim, p->te_avtab.nel); -#ifdef CONFIG_SECURITY_SELINUX_DEBUG avtab_hash_eval(&p->te_avtab, "rules"); symtab_hash_eval(p->symtab); -#endif p->class_val_to_struct = kcalloc(p->p_classes.nprim, sizeof(*p->class_val_to_struct), -- cgit v1.2.3-70-g09d2 From df9d4749250dd8ed56a91336c3c54ea7a52fd1c7 Mon Sep 17 00:00:00 2001 From: Christian Göttsche Date: Mon, 7 Aug 2023 19:11:42 +0200 Subject: selinux: avoid implicit conversions in avtab code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Return u32 from avtab_hash() instead of int, since the hashing is done on u32 and the result is used as an index on the hash array. Use the type of the limit in for loops. Avoid signed to unsigned conversion of multiplication result in avtab_hash_eval() and perform multiplication in destination type. Use unsigned loop iterator for index operations, to avoid sign extension. Signed-off-by: Christian Göttsche Signed-off-by: Paul Moore --- security/selinux/ss/avtab.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'security/selinux/ss/avtab.c') diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 243e5dabfa86..86d98a8e291b 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -29,7 +29,7 @@ static struct kmem_cache *avtab_xperms_cachep __ro_after_init; /* Based on MurmurHash3, written by Austin Appleby and placed in the * public domain. */ -static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) +static inline u32 avtab_hash(const struct avtab_key *keyp, u32 mask) { static const u32 c1 = 0xcc9e2d51; static const u32 c2 = 0x1b873593; @@ -66,7 +66,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) } static struct avtab_node* -avtab_insert_node(struct avtab *h, int hvalue, +avtab_insert_node(struct avtab *h, u32 hvalue, struct avtab_node *prev, const struct avtab_key *key, const struct avtab_datum *datum) { @@ -106,7 +106,7 @@ avtab_insert_node(struct avtab *h, int hvalue, static int avtab_insert(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur, *newnode; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -152,7 +152,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -186,7 +186,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h, const struct avtab_key *key) { - int hvalue; + u32 hvalue; struct avtab_node *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -246,7 +246,7 @@ avtab_search_node_next(struct avtab_node *node, u16 specified) void avtab_destroy(struct avtab *h) { - int i; + u32 i; struct avtab_node *cur, *temp; if (!h) @@ -325,7 +325,7 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig) #ifdef CONFIG_SECURITY_SELINUX_DEBUG void avtab_hash_eval(struct avtab *h, const char *tag) { - int i, chain_len, slots_used, max_chain_len; + u32 i, chain_len, slots_used, max_chain_len; unsigned long long chain2_len_sum; struct avtab_node *cur; @@ -344,7 +344,7 @@ void avtab_hash_eval(struct avtab *h, const char *tag) if (chain_len > max_chain_len) max_chain_len = chain_len; - chain2_len_sum += chain_len * chain_len; + chain2_len_sum += (unsigned long long)chain_len * chain_len; } } @@ -374,13 +374,13 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, { __le16 buf16[4]; u16 enabled; - u32 items, items2, val, vers = pol->policyvers; + u32 items, items2, val, i; struct avtab_key key; struct avtab_datum datum; struct avtab_extended_perms xperms; __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; - int i, rc; - unsigned set; + int rc; + unsigned int set, vers = pol->policyvers; memset(&key, 0, sizeof(struct avtab_key)); memset(&datum, 0, sizeof(struct avtab_datum)); @@ -616,7 +616,7 @@ int avtab_write_item(struct policydb *p, const struct avtab_node *cur, void *fp) int avtab_write(struct policydb *p, struct avtab *a, void *fp) { - unsigned int i; + u32 i; int rc = 0; struct avtab_node *cur; __le32 buf[1]; -- cgit v1.2.3-70-g09d2