selinux: teach SELinux about anonymous inodes
This change uses the anon_inodes and LSM infrastructure introduced in
the previous patches to give SELinux the ability to control
anonymous-inode files that are created using the new
anon_inode_getfd_secure() function.
A SELinux policy author detects and controls these anonymous inodes by
adding a name-based type_transition rule that assigns a new security
type to anonymous-inode files created in some domain. The name used
for the name-based transition is the name associated with the
anonymous inode for file listings --- e.g., "[userfaultfd]" or
"[perf_event]".
Example:
type uffd_t;
type_transition sysadm_t sysadm_t : anon_inode uffd_t "[userfaultfd]";
allow sysadm_t uffd_t:anon_inode { create };
(The next patch in this series is necessary for making userfaultfd
support this new interface. The example above is just
for exposition.)
Signed-off-by: Daniel Colascione <dancol@google.com>
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
committed by
Paul Moore
parent
e7e832ce6f
commit
29cd6591ab
@@ -249,6 +249,8 @@ struct security_class_mapping secclass_map[] = {
|
||||
{"open", "cpu", "kernel", "tracepoint", "read", "write"} },
|
||||
{ "lockdown",
|
||||
{ "integrity", "confidentiality", NULL } },
|
||||
{ "anon_inode",
|
||||
{ COMMON_FILE_PERMS, NULL } },
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user