Re: [PATCH v4 2/3] Teach SELinux about anonymous inodes

From: Stephen Smalley
Date: Fri Mar 27 2020 - 09:48:23 EST

Next message: Arnd Bergmann: "Re: linux-next: manual merge of the tegra tree with the arm-soc tree"
Previous message: Colin King: "[PATCH] PCI: altera: clean up indentation issue on a return statement"
In reply to: Daniel Colascione: "[PATCH v4 2/3] Teach SELinux about anonymous inodes"
Next in thread: Daniel Colascione: "[PATCH v4 3/3] Wire UFFD up to SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3/26/20 4:06 PM, Daniel Colascione wrote:

This change uses the anon_inodes and LSM infrastructure introduced in
the previous patch to give SELinux the ability to control
anonymous-inode files that are created using the new _secure()
anon_inodes functions.

A SELinux policy author detects and controls these anonymous inodes by
adding a name-based type_transition rule that assigns a new security
type to anonymous-inode files created in some domain. The name used
for the name-based transition is the name associated with the
anonymous inode for file listings --- e.g., "[userfaultfd]" or
"[perf_event]".

Example:

type uffd_t;
type_transition sysadm_t sysadm_t : anon_inode uffd_t "[userfaultfd]";
allow sysadm_t uffd_t:anon_inode { create };

(The next patch in this series is necessary for making userfaultfd
support this new interface. The example above is just
for exposition.)

Signed-off-by: Daniel Colascione <dancol@xxxxxxxxxx>

Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx>

Next message: Arnd Bergmann: "Re: linux-next: manual merge of the tegra tree with the arm-soc tree"
Previous message: Colin King: "[PATCH] PCI: altera: clean up indentation issue on a return statement"
In reply to: Daniel Colascione: "[PATCH v4 2/3] Teach SELinux about anonymous inodes"
Next in thread: Daniel Colascione: "[PATCH v4 3/3] Wire UFFD up to SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]