SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [PATCH] SELinux: Use unknown perm handling to handle unknown netlink msg types This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Eric Paris <eparis_at_redhat.com> Date: Fri, 07 Nov 2008 11:07:41 -0500 On Wed, 2008-11-05 at 11:38 -0500, Paul Moore wrote: > On Wednesday 05 November 2008 9:34:42 am Eric Paris wrote: > > Currently when SELinux has not been updated to handle a netlink > > message type the operation is denied with EINVAL. This patch will > > leave the audit/warning message so things get fixed but if policy > > chose to allow unknowns this will allow the netlink operation. > > > > Signed-off-by: Eric Paris <eparis@redhat.com> > > --- > > > > security/selinux/hooks.c \| 2 +- > > 1 files changed, 1 insertions(+), 1 deletions(-) > > > > > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > > index f85597a..c6f8f3e 100644 > > --- a/security/selinux/hooks.c > > +++ b/security/selinux/hooks.c > > @@ -4387,7 +4387,7 @@ static int selinux_nlmsg_perm(struct sock sk,* > > struct sk_buff skb) "SELinux: unrecognized netlink message"* > > " type=%hu for sclass=%hu\n", > > nlh->nlmsg_type, isec->sclass); > > - if (!selinux_enforcing) > > + if (!selinux_enforcing \|\| security_get_allow_unknown()) > > err = 0; > > } > > What about moving the security_get_allow_unknown() call to the default > switch clause of selinux_nlmsg_lookup()? Something like this: > > / No messaging from userspace, or class unknown/unhandled / > default: > if (!security_get_allow_unknown()) > err = -ENOENT; > break; > > This seems like a more natural fit to me (although maybe the audit > message should be moved to selinux_nlmsg_lookup() too?) and it has the > benefit of still checking the socket permissions via socket_has_perm() > in the event that the netlink message is unknown. We already just blindly allow the case where a new/unknown sclass is used which is what this part of the switch statement hits. I wanted to get the case where a known class has a new mesg type (aka nlmsg_perm returns -EINVAL) Not sure that the socket check is worth anything since I don't (in either case) know what perms to ask for. I also considered making the case of unknown msg type return ALL of the perms for that entire socket class but I think what I did is the best/easiest way we can go.... -Eric -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Fri 7 Nov 2008 - 11:07:55 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: [PATCH] SELinux: Use unknown perm handling to handle unknown netlink msg types" Previous message: Stephen Smalley: "Re: seobject_mls.patch" In reply to: Paul Moore: "Re: [PATCH] SELinux: Use unknown perm handling to handle unknown netlink msg types" Next in thread: Paul Moore: "Re: [PATCH] SELinux: Use unknown perm handling to handle unknown netlink msg types" Reply: Paul Moore: "Re: [PATCH] SELinux: Use unknown perm handling to handle unknown netlink msg types" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom