Commit 3f0882c4 authored by Eric Paris's avatar Eric Paris Committed by Linus Torvalds

SELinux: do not allocate stack space for AVC data unless needed

Instead of declaring the entire selinux_audit_data on the stack when we
start an operation on declare it on the stack if we are going to use it.
We know it's usefulness at the end of the security decision and can declare
it there.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent f8294f11
...@@ -436,9 +436,9 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) ...@@ -436,9 +436,9 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
{ {
struct common_audit_data *ad = a; struct common_audit_data *ad = a;
audit_log_format(ab, "avc: %s ", audit_log_format(ab, "avc: %s ",
ad->selinux_audit_data->denied ? "denied" : "granted"); ad->selinux_audit_data->slad->denied ? "denied" : "granted");
avc_dump_av(ab, ad->selinux_audit_data->tclass, avc_dump_av(ab, ad->selinux_audit_data->slad->tclass,
ad->selinux_audit_data->audited); ad->selinux_audit_data->slad->audited);
audit_log_format(ab, " for "); audit_log_format(ab, " for ");
} }
...@@ -452,9 +452,9 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a) ...@@ -452,9 +452,9 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a)
{ {
struct common_audit_data *ad = a; struct common_audit_data *ad = a;
audit_log_format(ab, " "); audit_log_format(ab, " ");
avc_dump_query(ab, ad->selinux_audit_data->ssid, avc_dump_query(ab, ad->selinux_audit_data->slad->ssid,
ad->selinux_audit_data->tsid, ad->selinux_audit_data->slad->tsid,
ad->selinux_audit_data->tclass); ad->selinux_audit_data->slad->tclass);
} }
/* This is the slow part of avc audit with big stack footprint */ /* This is the slow part of avc audit with big stack footprint */
...@@ -465,6 +465,7 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, ...@@ -465,6 +465,7 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass,
{ {
struct common_audit_data stack_data; struct common_audit_data stack_data;
struct selinux_audit_data sad = {0,}; struct selinux_audit_data sad = {0,};
struct selinux_late_audit_data slad;
if (!a) { if (!a) {
a = &stack_data; a = &stack_data;
...@@ -483,12 +484,14 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, ...@@ -483,12 +484,14 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass,
(flags & MAY_NOT_BLOCK)) (flags & MAY_NOT_BLOCK))
return -ECHILD; return -ECHILD;
a->selinux_audit_data->tclass = tclass; slad.tclass = tclass;
a->selinux_audit_data->requested = requested; slad.requested = requested;
a->selinux_audit_data->ssid = ssid; slad.ssid = ssid;
a->selinux_audit_data->tsid = tsid; slad.tsid = tsid;
a->selinux_audit_data->audited = audited; slad.audited = audited;
a->selinux_audit_data->denied = denied; slad.denied = denied;
a->selinux_audit_data->slad = &slad;
a->lsm_pre_audit = avc_audit_pre_callback; a->lsm_pre_audit = avc_audit_pre_callback;
a->lsm_post_audit = avc_audit_post_callback; a->lsm_post_audit = avc_audit_post_callback;
common_lsm_audit(a); common_lsm_audit(a);
......
...@@ -46,19 +46,29 @@ struct avc_cache_stats { ...@@ -46,19 +46,29 @@ struct avc_cache_stats {
unsigned int frees; unsigned int frees;
}; };
struct selinux_audit_data { /*
* We only need this data after we have decided to send an audit message.
*/
struct selinux_late_audit_data {
u32 ssid; u32 ssid;
u32 tsid; u32 tsid;
u16 tclass; u16 tclass;
u32 requested; u32 requested;
u32 audited; u32 audited;
u32 denied; u32 denied;
int result;
};
/*
* We collect this at the beginning or during an selinux security operation
*/
struct selinux_audit_data {
/* /*
* auditdeny is a bit tricky and unintuitive. See the * auditdeny is a bit tricky and unintuitive. See the
* comments in avc.c for it's meaning and usage. * comments in avc.c for it's meaning and usage.
*/ */
u32 auditdeny; u32 auditdeny;
int result; struct selinux_late_audit_data *slad;
}; };
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment