From 7b23ec738002fa7b16ce7742af8086ee31db5a54 Mon Sep 17 00:00:00 2001 From: Riley Andrews Date: Mon, 12 Jan 2015 13:52:20 -0800 Subject: [PATCH] Revert "Add security hooks to binder and implement the hooks for SELinux." This reverts commit 6e6d8f546c36b161067efa5e0518f56be0200e77. Change-Id: I8f0dba7c90f2c2d285d14696277e1ec7d48978d3 --- drivers/staging/android/binder.c | 21 --------- include/linux/security.h | 29 ------------- security/capability.c | 24 ----------- security/security.c | 20 --------- security/selinux/hooks.c | 66 ----------------------------- security/selinux/include/classmap.h | 1 - 6 files changed, 161 deletions(-) diff --git a/drivers/staging/android/binder.c b/drivers/staging/android/binder.c index f3be98ef54ec..69fd236345cb 100644 --- a/drivers/staging/android/binder.c +++ b/drivers/staging/android/binder.c @@ -37,7 +37,6 @@ #include #include #include -#include #include "binder.h" #include "binder_trace.h" @@ -1384,10 +1383,6 @@ static void binder_transaction(struct binder_proc *proc, return_error = BR_DEAD_REPLY; goto err_dead_binder; } - if (security_binder_transaction(proc->tsk, target_proc->tsk) < 0) { - return_error = BR_FAILED_REPLY; - goto err_invalid_target_handle; - } if (!(tr->flags & TF_ONE_WAY) && thread->transaction_stack) { struct binder_transaction *tmp; tmp = thread->transaction_stack; @@ -1530,10 +1525,6 @@ static void binder_transaction(struct binder_proc *proc, fp->cookie, node->cookie); goto err_binder_get_ref_for_node_failed; } - if (security_binder_transfer_binder(proc->tsk, target_proc->tsk)) { - return_error = BR_FAILED_REPLY; - goto err_binder_get_ref_for_node_failed; - } ref = binder_get_ref_for_node(target_proc, node); if (ref == NULL) { return_error = BR_FAILED_REPLY; @@ -1563,10 +1554,6 @@ static void binder_transaction(struct binder_proc *proc, return_error = BR_FAILED_REPLY; goto err_binder_get_ref_failed; } - if (security_binder_transfer_binder(proc->tsk, target_proc->tsk)) { - return_error = BR_FAILED_REPLY; - goto err_binder_get_ref_failed; - } if (ref->node->proc == target_proc) { if (fp->type == BINDER_TYPE_HANDLE) fp->type = BINDER_TYPE_BINDER; @@ -1623,11 +1610,6 @@ static void binder_transaction(struct binder_proc *proc, return_error = BR_FAILED_REPLY; goto err_fget_failed; } - if (security_binder_transfer_file(proc->tsk, target_proc->tsk, file) < 0) { - fput(file); - return_error = BR_FAILED_REPLY; - goto err_get_unused_fd_failed; - } target_fd = task_get_unused_fd_flags(target_proc, O_CLOEXEC); if (target_fd < 0) { fput(file); @@ -2644,9 +2626,6 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) ret = -EBUSY; goto err; } - ret = security_binder_set_context_mgr(proc->tsk); - if (ret < 0) - goto err; if (uid_valid(binder_context_mgr_uid)) { if (!uid_eq(binder_context_mgr_uid, current->cred->euid)) { pr_err("BINDER_SET_CONTEXT_MGR bad uid %d != %d\n", diff --git a/include/linux/security.h b/include/linux/security.h index 17e1888ff505..4686491852a7 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1402,11 +1402,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) struct security_operations { char name[SECURITY_NAME_MAX + 1]; - int (*binder_set_context_mgr) (struct task_struct *mgr); - int (*binder_transaction) (struct task_struct *from, struct task_struct *to); - int (*binder_transfer_binder) (struct task_struct *from, struct task_struct *to); - int (*binder_transfer_file) (struct task_struct *from, struct task_struct *to, struct file *file); - int (*ptrace_access_check) (struct task_struct *child, unsigned int mode); int (*ptrace_traceme) (struct task_struct *parent); int (*capget) (struct task_struct *target, @@ -1695,10 +1690,6 @@ extern void __init security_fixup_ops(struct security_operations *ops); /* Security operations */ -int security_binder_set_context_mgr(struct task_struct *mgr); -int security_binder_transaction(struct task_struct *from, struct task_struct *to); -int security_binder_transfer_binder(struct task_struct *from, struct task_struct *to); -int security_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file); int security_ptrace_access_check(struct task_struct *child, unsigned int mode); int security_ptrace_traceme(struct task_struct *parent); int security_capget(struct task_struct *target, @@ -1878,26 +1869,6 @@ static inline int security_init(void) return 0; } -static inline int security_binder_set_context_mgr(struct task_struct *mgr) -{ - return 0; -} - -static inline int security_binder_transaction(struct task_struct *from, struct task_struct *to) -{ - return 0; -} - -static inline int security_binder_transfer_binder(struct task_struct *from, struct task_struct *to) -{ - return 0; -} - -static inline int security_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) -{ - return 0; -} - static inline int security_ptrace_access_check(struct task_struct *child, unsigned int mode) { diff --git a/security/capability.c b/security/capability.c index 6e4fc776badf..1728d4e375db 100644 --- a/security/capability.c +++ b/security/capability.c @@ -12,26 +12,6 @@ #include -static int cap_binder_set_context_mgr(struct task_struct *mgr) -{ - return 0; -} - -static int cap_binder_transaction(struct task_struct *from, struct task_struct *to) -{ - return 0; -} - -static int cap_binder_transfer_binder(struct task_struct *from, struct task_struct *to) -{ - return 0; -} - -static int cap_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) -{ - return 0; -} - static int cap_syslog(int type) { return 0; @@ -923,10 +903,6 @@ static void cap_audit_rule_free(void *lsmrule) void __init security_fixup_ops(struct security_operations *ops) { - set_to_cap_if_null(ops, binder_set_context_mgr); - set_to_cap_if_null(ops, binder_transaction); - set_to_cap_if_null(ops, binder_transfer_binder); - set_to_cap_if_null(ops, binder_transfer_file); set_to_cap_if_null(ops, ptrace_access_check); set_to_cap_if_null(ops, ptrace_traceme); set_to_cap_if_null(ops, capget); diff --git a/security/security.c b/security/security.c index d6ab2d2b363d..a3dce87d1aef 100644 --- a/security/security.c +++ b/security/security.c @@ -134,26 +134,6 @@ int __init register_security(struct security_operations *ops) /* Security operations */ -int security_binder_set_context_mgr(struct task_struct *mgr) -{ - return security_ops->binder_set_context_mgr(mgr); -} - -int security_binder_transaction(struct task_struct *from, struct task_struct *to) -{ - return security_ops->binder_transaction(from, to); -} - -int security_binder_transfer_binder(struct task_struct *from, struct task_struct *to) -{ - return security_ops->binder_transfer_binder(from, to); -} - -int security_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) -{ - return security_ops->binder_transfer_file(from, to, file); -} - int security_ptrace_access_check(struct task_struct *child, unsigned int mode) { #ifdef CONFIG_SECURITY_YAMA_STACKED diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a8de30bd733a..8908c367425b 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1844,67 +1844,6 @@ static inline u32 open_file_to_av(struct file *file) /* Hook functions begin here. */ -static int selinux_binder_set_context_mgr(struct task_struct *mgr) -{ - u32 mysid = current_sid(); - u32 mgrsid = task_sid(mgr); - - return avc_has_perm(mysid, mgrsid, SECCLASS_BINDER, BINDER__SET_CONTEXT_MGR, NULL); -} - -static int selinux_binder_transaction(struct task_struct *from, struct task_struct *to) -{ - u32 mysid = current_sid(); - u32 fromsid = task_sid(from); - u32 tosid = task_sid(to); - int rc; - - if (mysid != fromsid) { - rc = avc_has_perm(mysid, fromsid, SECCLASS_BINDER, BINDER__IMPERSONATE, NULL); - if (rc) - return rc; - } - - return avc_has_perm(fromsid, tosid, SECCLASS_BINDER, BINDER__CALL, NULL); -} - -static int selinux_binder_transfer_binder(struct task_struct *from, struct task_struct *to) -{ - u32 fromsid = task_sid(from); - u32 tosid = task_sid(to); - return avc_has_perm(fromsid, tosid, SECCLASS_BINDER, BINDER__TRANSFER, NULL); -} - -static int selinux_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) -{ - u32 sid = task_sid(to); - struct file_security_struct *fsec = file->f_security; - struct inode *inode = file->f_path.dentry->d_inode; - struct inode_security_struct *isec = inode->i_security; - struct common_audit_data ad; - struct selinux_audit_data sad = {0,}; - int rc; - - ad.type = LSM_AUDIT_DATA_PATH; - ad.u.path = file->f_path; - ad.selinux_audit_data = &sad; - - if (sid != fsec->sid) { - rc = avc_has_perm(sid, fsec->sid, - SECCLASS_FD, - FD__USE, - &ad); - if (rc) - return rc; - } - - if (unlikely(IS_PRIVATE(inode))) - return 0; - - return avc_has_perm(sid, isec->sid, isec->sclass, file_to_av(file), - &ad); -} - static int selinux_ptrace_access_check(struct task_struct *child, unsigned int mode) { @@ -5617,11 +5556,6 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) static struct security_operations selinux_ops = { .name = "selinux", - .binder_set_context_mgr = selinux_binder_set_context_mgr, - .binder_transaction = selinux_binder_transaction, - .binder_transfer_binder = selinux_binder_transfer_binder, - .binder_transfer_file = selinux_binder_transfer_file, - .ptrace_access_check = selinux_ptrace_access_check, .ptrace_traceme = selinux_ptrace_traceme, .capget = selinux_capget, diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index c32ff7bde81a..14d04e63b1f0 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -151,6 +151,5 @@ struct security_class_mapping secclass_map[] = { { "kernel_service", { "use_as_override", "create_files_as", NULL } }, { "tun_socket", { COMMON_SOCK_PERMS, "attach_queue", NULL } }, - { "binder", { "impersonate", "call", "set_context_mgr", "transfer", NULL } }, { NULL } }; -- 2.34.1