forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/security
History
Mimi Zohar a19e760f16 ima: fix add LSM rule bug 
commit 867c202654 upstream.

If security_filter_rule_init() doesn't return a rule, then not everything
is as fine as the return code implies.

This bug only occurs when the LSM (eg. SELinux) is disabled at runtime.

Adding an empty LSM rule causes ima_match_rules() to always succeed,
ignoring any remaining rules.

 default IMA TCB policy:
  # PROC_SUPER_MAGIC
  dont_measure fsmagic=0x9fa0
  # SYSFS_MAGIC
  dont_measure fsmagic=0x62656572
  # DEBUGFS_MAGIC
  dont_measure fsmagic=0x64626720
  # TMPFS_MAGIC
  dont_measure fsmagic=0x01021994
  # SECURITYFS_MAGIC
  dont_measure fsmagic=0x73636673

  < LSM specific rule >
  dont_measure obj_type=var_log_t

  measure func=BPRM_CHECK
  measure func=FILE_MMAP mask=MAY_EXEC
  measure func=FILE_CHECK mask=MAY_READ uid=0

Thus without the patch, with the boot parameters 'tcb selinux=0', adding
the above 'dont_measure obj_type=var_log_t' rule to the default IMA TCB
measurement policy, would result in nothing being measured.  The patch
prevents the default TCB policy from being replaced.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Cc: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Cc: David Safford <safford@watson.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-01-07 14:43:17 -08:00
..
integrity/ima ima: fix add LSM rule bug 2011-01-07 14:43:17 -08:00
keys KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring 2010-09-26 17:21:30 -07:00
selinux netlabel: fix export of SELinux categories > 127 2010-03-15 08:49:34 -07:00
smack seq_file: constify seq_operations 2009-09-23 07:39:29 -07:00
tomoyo KEYS: Add a keyctl to install a process's session keyring on its parent [try #6] 2009-09-02 21:29:22 +10:00
capability.c LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information. 2009-09-10 10:11:24 +10:00
commoncap.c Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
device_cgroup.c cgroups: let ss->can_attach and ss->attach do whole threadgroups at a time 2009-09-24 07:20:58 -07:00
inode.c security: testing the wrong variable in create_by_name() 2010-05-12 14:57:14 -07:00
Kconfig Merge commit 'v2.6.31-rc8' into x86/txt 2009-09-02 08:17:56 +02:00
lsm_audit.c lsm: Use a compressed IPv6 string format in audit events 2009-09-24 03:50:26 -04:00
Makefile NOMMU: Optimise away the {dac_,}mmap_min_addr tests 2010-01-06 15:04:30 -08:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-05-26 14:29:21 -07:00
root_plug.c rootplug: Remove redundant initialization. 2009-05-27 13:30:46 +10:00
security.c LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information. 2009-09-10 10:11:24 +10:00