mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson
synced 2025-08-27 06:50:37 +00:00
2a63dd0edf
DCCP was orphaned in 2021 by commit054c4610bd("MAINTAINERS: dccp: move Gerrit Renker to CREDITS"), which noted that the last maintainer had been inactive for five years. In recent years, it has become a playground for syzbot, and most changes to DCCP have been odd bug fixes triggered by syzbot. Apart from that, the only changes have been driven by treewide or networking API updates or adjustments related to TCP. Thus, in 2023, we announced we would remove DCCP in 2025 via commitb144fcaf46("dccp: Print deprecation notice."). Since then, only one individual has contacted the netdev mailing list. [0] There is ongoing research for Multipath DCCP. The repository is hosted on GitHub [1], and development is not taking place through the upstream community. While the repository is published under the GPLv2 license, the scheduling part remains proprietary, with a LICENSE file [2] stating: "This is not Open Source software." The researcher mentioned a plan to address the licensing issue, upstream the patches, and step up as a maintainer, but there has been no further communication since then. Maintaining DCCP for a decade without any real users has become a burden. Therefore, it's time to remove it. Removing DCCP will also provide significant benefits to TCP. It allows us to freely reorganize the layout of struct inet_connection_sock, which is currently shared with DCCP, and optimize it to reduce the number of cachelines accessed in the TCP fast path. Note that we keep DCCP netfilter modules as requested. [3] Link: https://lore.kernel.org/netdev/20230710182253.81446-1-kuniyu@amazon.com/T/#u #[0] Link: https://github.com/telekom/mp-dccp #[1] Link: https://github.com/telekom/mp-dccp/blob/mpdccp_v03_k5.10/net/dccp/non_gpl_scheduler/LICENSE #[2] Link: https://lore.kernel.org/netdev/Z_VQ0KlCRkqYWXa-@calendula/ #[3] Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> Acked-by: Paul Moore <paul@paul-moore.com> (LSM and SELinux) Acked-by: Casey Schaufler <casey@schaufler-ca.com> Link: https://patch.msgid.link/20250410023921.11307-3-kuniyu@amazon.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
234 lines
9.3 KiB
C
234 lines
9.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* Netlink message type permission tables, for user generated messages.
|
|
*
|
|
* Author: James Morris <jmorris@redhat.com>
|
|
*
|
|
* Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
|
|
*/
|
|
#include <linux/types.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/netlink.h>
|
|
#include <linux/rtnetlink.h>
|
|
#include <linux/if.h>
|
|
#include <linux/inet_diag.h>
|
|
#include <linux/xfrm.h>
|
|
#include <linux/audit.h>
|
|
#include <linux/sock_diag.h>
|
|
|
|
#include "flask.h"
|
|
#include "av_permissions.h"
|
|
#include "security.h"
|
|
|
|
struct nlmsg_perm {
|
|
u16 nlmsg_type;
|
|
u32 perm;
|
|
};
|
|
|
|
static const struct nlmsg_perm nlmsg_route_perms[] = {
|
|
{ RTM_NEWLINK, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELLINK, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETLINK, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_SETLINK, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_NEWADDR, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELADDR, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETADDR, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWROUTE, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELROUTE, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETROUTE, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWNEIGH, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELNEIGH, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETNEIGH, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWRULE, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELRULE, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETRULE, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWQDISC, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELQDISC, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETQDISC, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWTCLASS, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELTCLASS, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETTCLASS, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWTFILTER, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELTFILTER, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETTFILTER, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWACTION, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELACTION, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETACTION, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWPREFIX, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETMULTICAST, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_GETANYCAST, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_GETNEIGHTBL, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_SETNEIGHTBL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_NEWADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_GETDCB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_SETDCB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_NEWNETCONF, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELNETCONF, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETNETCONF, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWMDB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELMDB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETMDB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWNSID, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELNSID, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_GETNSID, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWSTATS, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_GETSTATS, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_SETSTATS, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_NEWCACHEREPORT, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWNEXTHOP, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELNEXTHOP, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETNEXTHOP, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWLINKPROP, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELLINKPROP, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_NEWVLAN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELVLAN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETVLAN, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWNEXTHOPBUCKET, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELNEXTHOPBUCKET, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETNEXTHOPBUCKET, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
{ RTM_NEWTUNNEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_DELTUNNEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
|
|
{ RTM_GETTUNNEL, NETLINK_ROUTE_SOCKET__NLMSG_READ },
|
|
};
|
|
|
|
static const struct nlmsg_perm nlmsg_tcpdiag_perms[] = {
|
|
{ TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
|
|
{ SOCK_DIAG_BY_FAMILY, NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
|
|
{ SOCK_DESTROY, NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE },
|
|
};
|
|
|
|
static const struct nlmsg_perm nlmsg_xfrm_perms[] = {
|
|
{ XFRM_MSG_NEWSA, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_DELSA, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_GETSA, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_NEWPOLICY, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_DELPOLICY, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_GETPOLICY, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_ALLOCSPI, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_ACQUIRE, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_EXPIRE, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_UPDPOLICY, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_UPDSA, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_POLEXPIRE, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_FLUSHSA, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_FLUSHPOLICY, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_NEWAE, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_GETAE, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_REPORT, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_MIGRATE, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_NEWSADINFO, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_GETSADINFO, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_NEWSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_GETSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_MAPPING, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
{ XFRM_MSG_SETDEFAULT, NETLINK_XFRM_SOCKET__NLMSG_WRITE },
|
|
{ XFRM_MSG_GETDEFAULT, NETLINK_XFRM_SOCKET__NLMSG_READ },
|
|
};
|
|
|
|
static const struct nlmsg_perm nlmsg_audit_perms[] = {
|
|
{ AUDIT_GET, NETLINK_AUDIT_SOCKET__NLMSG_READ },
|
|
{ AUDIT_SET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
|
|
{ AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
|
|
{ AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
|
|
{ AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ },
|
|
{ AUDIT_TRIM, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_MAKE_EQUIV, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
{ AUDIT_TTY_GET, NETLINK_AUDIT_SOCKET__NLMSG_READ },
|
|
{ AUDIT_TTY_SET, NETLINK_AUDIT_SOCKET__NLMSG_TTY_AUDIT },
|
|
{ AUDIT_GET_FEATURE, NETLINK_AUDIT_SOCKET__NLMSG_READ },
|
|
{ AUDIT_SET_FEATURE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
|
|
};
|
|
|
|
static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab,
|
|
size_t tabsize)
|
|
{
|
|
unsigned int i;
|
|
int err = -EINVAL;
|
|
|
|
for (i = 0; i < tabsize / sizeof(struct nlmsg_perm); i++)
|
|
if (nlmsg_type == tab[i].nlmsg_type) {
|
|
*perm = tab[i].perm;
|
|
err = 0;
|
|
break;
|
|
}
|
|
|
|
return err;
|
|
}
|
|
|
|
int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm)
|
|
{
|
|
/* While it is possible to add a similar permission to other netlink
|
|
* classes, note that the extended permission value is matched against
|
|
* the nlmsg_type field. Notably, SECCLASS_NETLINK_GENERIC_SOCKET uses
|
|
* dynamic values for this field, which means that it cannot be added
|
|
* as-is.
|
|
*/
|
|
|
|
switch (sclass) {
|
|
case SECCLASS_NETLINK_ROUTE_SOCKET:
|
|
/* RTM_MAX always points to RTM_SETxxxx, ie RTM_NEWxxx + 3.
|
|
* If the BUILD_BUG_ON() below fails you must update the
|
|
* structures at the top of this file with the new mappings
|
|
* before updating the BUILD_BUG_ON() macro!
|
|
*/
|
|
BUILD_BUG_ON(RTM_MAX != (RTM_NEWTUNNEL + 3));
|
|
|
|
if (selinux_policycap_netlink_xperm()) {
|
|
*perm = NETLINK_ROUTE_SOCKET__NLMSG;
|
|
return 0;
|
|
}
|
|
return nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms,
|
|
sizeof(nlmsg_route_perms));
|
|
break;
|
|
case SECCLASS_NETLINK_TCPDIAG_SOCKET:
|
|
if (selinux_policycap_netlink_xperm()) {
|
|
*perm = NETLINK_TCPDIAG_SOCKET__NLMSG;
|
|
return 0;
|
|
}
|
|
return nlmsg_perm(nlmsg_type, perm, nlmsg_tcpdiag_perms,
|
|
sizeof(nlmsg_tcpdiag_perms));
|
|
break;
|
|
case SECCLASS_NETLINK_XFRM_SOCKET:
|
|
/* If the BUILD_BUG_ON() below fails you must update the
|
|
* structures at the top of this file with the new mappings
|
|
* before updating the BUILD_BUG_ON() macro!
|
|
*/
|
|
BUILD_BUG_ON(XFRM_MSG_MAX != XFRM_MSG_GETDEFAULT);
|
|
|
|
if (selinux_policycap_netlink_xperm()) {
|
|
*perm = NETLINK_XFRM_SOCKET__NLMSG;
|
|
return 0;
|
|
}
|
|
return nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms,
|
|
sizeof(nlmsg_xfrm_perms));
|
|
break;
|
|
case SECCLASS_NETLINK_AUDIT_SOCKET:
|
|
if (selinux_policycap_netlink_xperm()) {
|
|
*perm = NETLINK_AUDIT_SOCKET__NLMSG;
|
|
return 0;
|
|
} else if ((nlmsg_type >= AUDIT_FIRST_USER_MSG &&
|
|
nlmsg_type <= AUDIT_LAST_USER_MSG) ||
|
|
(nlmsg_type >= AUDIT_FIRST_USER_MSG2 &&
|
|
nlmsg_type <= AUDIT_LAST_USER_MSG2)) {
|
|
*perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY;
|
|
return 0;
|
|
}
|
|
return nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms,
|
|
sizeof(nlmsg_audit_perms));
|
|
break;
|
|
}
|
|
|
|
/* No messaging from userspace, or class unknown/unhandled */
|
|
return -ENOENT;
|
|
}
|