Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing Listport of procps patch to acahalan procps
From: Colin Walters <walters_at_verbum.org>
Date: 09 Jul 2003 14:55:06 -0400
I've ported the SELinux 2.5 procps patch to the acahalan procps; this may be useful for other systems like Debian which also use acalahan's procps (I think Gentoo does). It's been lightly tested. Albert: this is an update to the new SELinux API for Linux 2.5; the old API is deprecated now, and will likely be obsoleted once the new API is backported to Linux 2.4.
CURSES := -I/usr/include/ncurses -lncurses
-LDFLAGS := -Wl,-warn-common
-CFLAGS := -D_GNU_SOURCE -O2 -g3 -fno-common -ffast-math -I proc \ +CFLAGS := -D_GNU_SOURCE -DWITH_SELINUX -g -fno-common -ffast-math -I proc \
-W -Wall -Wshadow -Wcast-align -Wredundant-decls \
-Wbad-function-cast -Wcast-qual -Wwrite-strings -Waggregate-return \
# -Wpadded -Wunreachable-code -Wdisabled-optimization \
$(BINFILES) : all - $(install) --mode a=rx --strip $(notdir $@) $@ + $(install) --mode a=rx $(notdir $@) $@ $(MANFILES) : all $(install) --mode a=r $(notdir $@) $@ --- procps-3.1.9.orig/proc/readproc.c +++ procps-3.1.9/proc/readproc.c @@ -27,8 +27,8 @@ #include <sys/types.h> #include <sys/stat.h> -#ifdef FLASK_LINUX -#include <fs_secure.h> +#ifdef WITH_SELINUX +#include <selinux/selinux.h> #endif
#ifdef PROF
free((void*)*p->cmdline); if (p->environ) free((void*)*p->environ); +#ifdef WITH_SELINUX + if (p->scontext) + freecon(p->scontext); +#endif free(p); }
@@ -519,10 +523,10 @@ static struct direct *ent; /* dirent handle */ static struct stat sb; /* stat buffer */ static char path[32], sbuf[1024]; /* bufs for stat,statm */ -#ifdef FLASK_LINUX - security_id_t secsid; -#endif pid_t pid; // saved until we have a proc_t allocated for sure +#ifdef WITH_SELINUX + int selinux_enabled = is_selinux_enabled(); +#endif /* loop until a proc matching restrictions is found or no more processes */ /* I know this could be a while loop -- this way is easier to indent ;-) */ - if ( stat_secure(path, &sb, &secsid) == -1 ) /* no such dirent (anymore) */ -#else if (unlikely(stat(path, &sb) == -1)) /* no such dirent (anymore) */ -#endif goto next_proc; if ((flags & PROC_UID) && !XinLN(uid_t, sb.st_uid, PT->uids, PT->nuid)) goto next_proc; /* not one of the requested uids */
p->euid = sb.st_uid; /* need a way to get real uid */ -#ifdef FLASK_LINUX - p->secsid = secsid; -#endif p->pid = pid; if (flags & PROC_FILLSTAT) { /* read, parse /proc/#/stat */ +#endif + if (unlikely(flags & PROC_FILLMEM)) { /* read, parse /proc/#/statm */ if (likely( file2str(path, "statm", sbuf, sizeof sbuf) != -1 )) statm2proc(sbuf, p); /* ignore statm errors here */ - security_id_t secsid; -#endif pid_t pid; // saved until we have a proc_t allocated for sure +#ifdef WITH_SELINUX + int selinux_enabled = is_selinux_enabled(); +#endif /* loop until a proc matching restrictions is found or no more processes */ /* I know this could be a while loop -- this way is easier to indent ;-) */// snprintf(path, sizeof path, "/proc/%s", ent->d_name); -#ifdef FLASK_LINUX - if (stat_secure(path, &sb, &secsid) == -1) /* no such dirent (anymore) */ -#else if (stat(path, &sb) == -1) /* no such dirent (anymore) */ -#endif goto next_proc; if (!p) p = xcalloc(p, sizeof *p); /* passed buf or alloced mem */ p->euid = sb.st_uid; /* need a way to get real uid */ -#ifdef FLASK_LINUX - p->secsid = secsid; -#endif p->pid = pid; if ((file2str(path, "stat", sbuf, sizeof sbuf)) == -1) goto next_proc; /* error reading /proc/#/stat */ stat2proc(sbuf, p); /* parse /proc/#/stat */ +#ifdef WITH_SELINUX + if (selinux_enabled) { + if (p->scontext) { + freecon(p->scontext); + p->scontext=NULL; + } + if (getpidcon(p->pid, &p->scontext) < 0 ) + goto next_proc; + } +#endif + if (flags & PROC_FILLMEM) { /* read, parse /proc/#/statm */ if ((file2str(path, "statm", sbuf, sizeof sbuf)) != -1 ) statm2proc(sbuf, p); /* ignore statm errors here */--- procps-3.1.9.orig/proc/readproc.h +++ procps-3.1.9/proc/readproc.h @@ -14,8 +14,8 @@ #define SIGNAL_STRING -#ifdef FLASK_LINUX -#include <fs_secure.h> +#ifdef WITH_SELINUX +#include <selinux/selinux.h> #endif
EXTERN_C_BEGIN
tgid, /* thread group ID */ exit_signal, /* might not be SIGCHLD */ processor; /* current (or most recent?) CPU */ -#ifdef FLASK_LINUX - security_id_t secsid; +#ifdef WITH_SELINUX + security_context_t scontext; #endif } proc_t;
@@ -154,8 +154,8 @@ pid_t* pids; /* pids of the procs */ uid_t* uids; /* uids of procs */ int nuid; /* cannot really sentinel-terminate unsigned short[] */-#ifdef FLASK_LINUX - security_id_t* sids; /* SIDs of the procs */ +#ifdef WITH_SELINUX + security_context_t* scontexts; /* security contexts of the procs */ #endif } PROCTAB; @@ -218,6 +218,9 @@ /* Obsolete, consider only processes with one of the passed: */ #define PROC_PID 0x1000 /* process id numbers ( 0 terminated) */ #define PROC_UID 0x4000 /* user id numbers ( length needed ) */ +#ifdef WITH_SELINUX +#define PROC_CONTEXT 0x8000 +#endif
// it helps to give app code a few spare bits
#define PROC_SPARE_1 0x01000000
fprintf(stderr, "Error: can not access /proc.\n"); exit(1); } - memset(&buf, '#', sizeof(proc_t)); + memset(&buf, 0, sizeof(proc_t)); while(ps_readproc(ptp,&buf)){ if(want_this_proc(&buf)) show_one_proc(&buf); if(buf.cmdline) free((void*)*buf.cmdline); // ought to reuse--- procps-3.1.9.orig/ps/help.c +++ procps-3.1.9/ps/help.c @@ -35,8 +35,8 @@ "-O,O preloaded -o v virtual memory --cumulative --format --deselect\n" "-l,l long u user-oriented --sort --tty --forest --version\n" "-F extra full X registers --heading --no-heading\n" -#ifdef FLASK_LINUX -" --context --SID (Flask only)\n" +#ifdef WITH_SELINUX +" --context (SELinux only)\n" #endif " ********* misc options *********\n" "-V,V show version L list format codes f ASCII art forest\n"--- procps-3.1.9.orig/ps/output.c +++ procps-3.1.9/ps/output.c @@ -68,11 +68,9 @@ #include "../proc/escape.h" #include "common.h" -#ifdef FLASK_LINUX +#ifdef WITH_SELINUX #include <errno.h> -#include <fs_secure.h> -#include <ss.h> -#define DEF_CTXTLEN 255 +#include <selinux/selinux.h> #endif
@@ -208,6 +206,9 @@ CMP_SMALL(state) +#ifdef WITH_SELINUX +CMP_STR(scontext) +#endif
/* approximation to: kB of address space that could end up in swap */
static int sr_swapable(const proc_t* P, const proc_t* Q) {
/****************** FLASK security stuff **********************/-#ifdef FLASK_LINUX +#ifdef WITH_SELINUX /*
-/* as above, creates sr_secsid function */ -CMP_INT(secsid) /* FLASK security ID, **NOT** a session ID -- ugh */ - -static int pr_secsid(char *restrict const outbuf, const proc_t *restrict const pp){ - return sprintf(outbuf, "%d", (int) pp->secsid); -} - static int pr_context(char *restrict const outbuf, const proc_t *restrict const pp){ - char *ctxt; /* should be security_context_t */ - unsigned int len; - int rv; - - len = DEF_CTXTLEN; - ctxt = (char *) calloc(1, len); - if ( ctxt != NULL ) - rv = security_sid_to_context(pp->secsid, (security_context_t) ctxt, &len); - else - return sprintf(outbuf, "-"); - - if ( rv ) { - if ( errno != ENOSPC ) { - free(ctxt); - return sprintf(outbuf, "-"); - } else { - free(ctxt); - ctxt = (char *) calloc(1, len); - if ( ctxt != NULL ) { - rv = security_sid_to_context(pp->secsid, (security_context_t) ctxt, &len); - if ( rv ) { - free(ctxt); - return sprintf(outbuf, "-"); - } else { - rv = sprintf(outbuf, "%s", ctxt); - free(ctxt); - return rv; - } - } else { /* calloc() failed */ - return sprintf(outbuf, "-"); - } - } + if (pp->scontext) { + sprintf(outbuf, pp->scontext); } else { - rv = sprintf(outbuf, "%s", ctxt); - free(ctxt); - return rv; + sprintf(outbuf, "-");
}
-
- char *ctxt_P, *ctxt_Q; /* type should be security_context_t */ - unsigned int len; - int rv; - - len = DEF_CTXTLEN; - ctxt_P = (char *) calloc(1, len); - ctxt_Q = (char *) calloc(1, len); - - rv = security_sid_to_context(P->secsid, (security_context_t) ctxt_P, &len); - if ( rv ) { - if ( errno != ENOSPC ) { - free(ctxt_P); - /* error should resurface during printing */ - return( 0 ); - } else { - free(ctxt_P); - ctxt_P = (char *) calloc(1, len); - if ( ctxt_P != NULL ) { - rv = security_sid_to_context(P->secsid, (security_context_t) ctxt_P, &len); - if ( rv ) { - free(ctxt_P); - /* error should resurface during printing */ - return( 0 ); - } - } else { /* calloc() failed */ - /* error should resurface during printing */ - return( 0 ); - } - } - } - - len = DEF_CTXTLEN; - - rv = security_sid_to_context(Q->secsid, (security_context_t) ctxt_Q, &len); - if ( rv ) { - if ( errno != ENOSPC ) { - free(ctxt_P); - free(ctxt_Q); - /* error should resurface during printing */ - return( 0 ); - } else { - free(ctxt_Q); - ctxt_Q = (char *) calloc(1, len); - if ( ctxt_Q != NULL ) { - rv = security_sid_to_context(Q->secsid, (security_context_t) ctxt_Q, &len); - if ( rv ) { - free(ctxt_P); - free(ctxt_Q); - /* error should resurface during printing */ - return( 0 ); - } - } else { /* calloc() failed */ - /* error should resurface during printing */ - free(ctxt_P); - return( 0 ); - } - } - } - - rv = strcmp(ctxt_P, ctxt_Q); - - free(ctxt_P); - free(ctxt_Q); - - return( rv ); + if ((P->scontext==NULL) && (Q->scontext==NULL)) + return 0; + if ((P->scontext==NULL) || (Q->scontext==NULL))+ return 1; + return strcmp(P->scontext, Q->scontext); } #else /****** dummy functions ******/ -#define pr_secsid pr_nop -#define sr_secsid sr_nop #define pr_context pr_nop #define sr_context sr_nop @@ -1384,9 +1283,6 @@ {"FL5FMT", "f,state,uid,pid,ppid,pcpu,pri,nice,rss,wchan,start,time,command"}, /* Digital -fl */ -{"FLASK_context", "pid,secsid,context,command"}, /* Flask Linux context, --context */ -{"FLASK_sid", "pid,secsid,command"}, /* Flask Linux SID, --SID */ - {"HP_", "pid,tty,time,comm"}, /* HP default */ {"HP_f", "user,pid,ppid,cpu,stime,tty,time,args"}, /* HP -f */{"HP_fl", "flags,state,user,pid,ppid,cpu,intpri,nice,addr,sz,wchan,stime,tty,time,args"}, /* HP -fl */ @@ -1414,6 +1310,9 @@ {"RUSAGE", "minflt,majflt,nswap,inblock,oublock,msgsnd,msgrcv,nsigs,nvcsw,nivcsw"}, /* Digital -o "RUSAGE" */ {"SCHED", "user,pcpu,pri,usrpri,nice,psxpri,psr,policy,pset"}, /* Digital -o "SCHED" */ +#ifdef WITH_SELINUX +{"SELINUX_context", "pid,context,command"}, /* SELinux Linux context, --context */ +#endif {"SFMT", "uid,pid,cursig,sig,sigmask,sigignore,sigcatch,stat,tname,command"}, /* Digital s */ {"Std_f", "uid_hack,pid,ppid,c,stime,tname,time,cmd"}, /* new -f */--- procps-3.1.9.orig/ps/parser.c +++ procps-3.1.9/ps/parser.c @@ -727,7 +727,6 @@
gnu_table_struct *found;
{"Group", &&case_Group}, /* rgid */ - {"SID", &&case_secsid}, {"User", &&case_User}, /* ruid */ {"cols", &&case_cols}, {"columns", &&case_columns}, case_context: - trace("--context\n"); - format_flags |= FF_Fc; + if (is_selinux_enabled()) { + trace("--context\n"); + format_flags |= FF_Fc; + } else { + fprintf(stderr, + "Warning: --context ignored. Requires a SELinux enabled kernel\n"); + } return NULL; - case_secsid: - trace("--secsid\n"); - format_flags |= FF_Fs; - return NULL; } /*************** process trailing PIDs **********************/--- procps-3.1.9.orig/ps/sortformat.c +++ procps-3.1.9/ps/sortformat.c @@ -803,9 +803,8 @@ case FF_LX: spec="OL_X"; break; case FF_Lm: spec="OL_m"; break; - /* These are FLASK security options. */ - case FF_Fc: spec="FLASK_context"; break; - case FF_Fs: spec="FLASK_sid"; break; + /* These are SELinux security options. */ + case FF_Fc: spec="SELINUX_context"; break; } /* end switch(format_flags) */
/* predefined format modifier flags such as: -l -f l u s -j */ #define FM_c 0x0001 /* -c */ -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Wed 9 Jul 2003 - 15:00:42 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |