From c1e992b99603a84d7debb188542b64f2d9232c07 Mon Sep 17 00:00:00 2001
From: "wzt.wzt@gmail.com" <wzt.wzt@gmail.com>
Date: Fri, 26 Feb 2010 22:49:55 +0800
Subject: Security: Add __init to register_security to disable load a security
 module on runtime

LSM framework doesn't allow to load a security module on runtime, it must be loaded on boot time.
but in security/security.c:
int register_security(struct security_operations *ops)
{
        ...
        if (security_ops != &default_security_ops)
                return -EAGAIN;
        ...
}
if security_ops == &default_security_ops, it can access to register a security module. If selinux is enabled,
other security modules can't register, but if selinux is disabled on boot time, the security_ops was set to
default_security_ops, LSM allows other kernel modules to use register_security() to register a not trust
security module. For example:

disable selinux on boot time(selinux=0).

#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/version.h>
#include <linux/string.h>
#include <linux/list.h>
#include <linux/security.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("wzt");

extern int register_security(struct security_operations *ops);
int (*new_register_security)(struct security_operations *ops);

int rootkit_bprm_check_security(struct linux_binprm *bprm)
{
        return 0;
}

struct security_operations rootkit_ops = {
                .bprm_check_security = rootkit_bprm_check_security,
};

static int rootkit_init(void)
{
        printk("Load LSM rootkit module.\n");

	/* cat /proc/kallsyms | grep register_security */
        new_register_security = 0xc0756689;
        if (new_register_security(&rootkit_ops)) {
                printk("Can't register rootkit module.\n");
                return 0;
        }
        printk("Register rootkit module ok.\n");

        return 0;
}

static void rootkit_exit(void)
{
        printk("Unload LSM rootkit module.\n");
}

module_init(rootkit_init);
module_exit(rootkit_exit);

Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/security.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/security.c b/security/security.c
index 122b748d0f4c..7da630a8c065 100644
--- a/security/security.c
+++ b/security/security.c
@@ -110,7 +110,7 @@ int __init security_module_enable(struct security_operations *ops)
  * If there is already a security module registered with the kernel,
  * an error will be returned.  Otherwise %0 is returned on success.
  */
-int register_security(struct security_operations *ops)
+int __init register_security(struct security_operations *ops)
 {
 	if (verify(ops)) {
 		printk(KERN_DEBUG "%s could not verify "
-- 
cgit v1.2.3-59-g8ed1b


From b380de9e54ec354ccac55fd9a611ffe28b4daa76 Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Mon, 1 Mar 2010 19:47:04 +0900
Subject: TOMOYO: Remove unused variables.

Variable "atmark" is currently unused.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/tomoyo/common.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index e0d0354008b7..be1099b3bb47 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -1424,7 +1424,6 @@ static bool tomoyo_print_single_path_acl(struct tomoyo_io_buffer *head,
 {
 	int pos;
 	u8 bit;
-	const char *atmark = "";
 	const char *filename;
 	const u16 perm = ptr->perm;
 
@@ -1441,8 +1440,7 @@ static bool tomoyo_print_single_path_acl(struct tomoyo_io_buffer *head,
 			continue;
 		msg = tomoyo_sp2keyword(bit);
 		pos = head->read_avail;
-		if (!tomoyo_io_printf(head, "allow_%s %s%s\n", msg,
-				      atmark, filename))
+		if (!tomoyo_io_printf(head, "allow_%s %s\n", msg, filename))
 			goto out;
 	}
 	head->read_bit = 0;
@@ -1466,8 +1464,6 @@ static bool tomoyo_print_double_path_acl(struct tomoyo_io_buffer *head,
 					 ptr)
 {
 	int pos;
-	const char *atmark1 = "";
-	const char *atmark2 = "";
 	const char *filename1;
 	const char *filename2;
 	const u8 perm = ptr->perm;
@@ -1482,8 +1478,8 @@ static bool tomoyo_print_double_path_acl(struct tomoyo_io_buffer *head,
 			continue;
 		msg = tomoyo_dp2keyword(bit);
 		pos = head->read_avail;
-		if (!tomoyo_io_printf(head, "allow_%s %s%s %s%s\n", msg,
-				      atmark1, filename1, atmark2, filename2))
+		if (!tomoyo_io_printf(head, "allow_%s %s %s\n", msg,
+				      filename1, filename2))
 			goto out;
 	}
 	head->read_bit = 0;
-- 
cgit v1.2.3-59-g8ed1b


From 31637b55b09753de9d5e24afc3a1d7fbdb2108d8 Mon Sep 17 00:00:00 2001
From: "wzt.wzt@gmail.com" <wzt.wzt@gmail.com>
Date: Tue, 2 Mar 2010 15:08:58 +0800
Subject: Selinux: Remove unused headers list.h in selinux/netlink.c

list.h is unused in netlink.c, so remove it.

Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/netlink.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c
index 1ae556446e65..7d7be296d876 100644
--- a/security/selinux/netlink.c
+++ b/security/selinux/netlink.c
@@ -13,7 +13,6 @@
 #include <linux/types.h>
 #include <linux/stddef.h>
 #include <linux/kernel.h>
-#include <linux/list.h>
 #include <linux/skbuff.h>
 #include <linux/netlink.h>
 #include <linux/selinux_netlink.h>
-- 
cgit v1.2.3-59-g8ed1b


From dbba541f9d9bd2c200041bc1b37c59dbaf9beb75 Mon Sep 17 00:00:00 2001
From: "wzt.wzt@gmail.com" <wzt.wzt@gmail.com>
Date: Tue, 2 Mar 2010 17:03:43 +0800
Subject: Selinux: Remove unused headers slab.h in selinux/ss/symtab.c

slab.h is unused in symtab.c, so remove it.

Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/ss/symtab.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security/selinux/ss/symtab.c b/security/selinux/ss/symtab.c
index 837658a98a54..bcf9f620426e 100644
--- a/security/selinux/ss/symtab.c
+++ b/security/selinux/ss/symtab.c
@@ -4,7 +4,6 @@
  * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
  */
 #include <linux/kernel.h>
-#include <linux/slab.h>
 #include <linux/string.h>
 #include <linux/errno.h>
 #include "symtab.h"
-- 
cgit v1.2.3-59-g8ed1b


From 06b9b72df43800b9ae4e77202c8bf5848c9d6998 Mon Sep 17 00:00:00 2001
From: "wzt.wzt@gmail.com" <wzt.wzt@gmail.com>
Date: Wed, 3 Mar 2010 21:29:37 +0800
Subject: Selinux: Remove unused headers skbuff.h in selinux/nlmsgtab.c

skbuff.h is already included by netlink.h, so remove it.

Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/nlmsgtab.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index dd7cc6de77f9..75ec0c6ebacd 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -11,7 +11,6 @@
  */
 #include <linux/types.h>
 #include <linux/kernel.h>
-#include <linux/skbuff.h>
 #include <linux/netlink.h>
 #include <linux/rtnetlink.h>
 #include <linux/if.h>
-- 
cgit v1.2.3-59-g8ed1b


From c8563473c1259f5686ceb918c548c80132089f79 Mon Sep 17 00:00:00 2001
From: "wzt.wzt@gmail.com" <wzt.wzt@gmail.com>
Date: Thu, 4 Mar 2010 21:26:23 +0800
Subject: Security: Fix some coding styles in security/keys/keyring.c

Fix some coding styles in security/keys/keyring.c

Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/keys/keyring.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index e814d2109f8e..a98fb376f249 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -170,12 +170,10 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m)
 {
 	struct keyring_list *klist;
 
-	if (keyring->description) {
+	if (keyring->description)
 		seq_puts(m, keyring->description);
-	}
-	else {
+	else
 		seq_puts(m, "[anon]");
-	}
 
 	rcu_read_lock();
 	klist = rcu_dereference(keyring->payload.subscriptions);
-- 
cgit v1.2.3-59-g8ed1b


From 634a539e16bd7a1ba31c3f832baa725565cc9f96 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <shemminger@vyatta.com>
Date: Thu, 4 Mar 2010 21:59:03 -0800
Subject: selinux: const strings in tables

Several places strings tables are used that should be declared
const.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/hooks.c                         | 2 +-
 security/selinux/include/initial_sid_to_string.h | 2 +-
 security/selinux/ss/policydb.c                   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 9a2ee845e9d4..e1202cbceeee 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -329,7 +329,7 @@ extern int ss_initialized;
 
 /* The file system's label must be initialized prior to use. */
 
-static char *labeling_behaviors[6] = {
+static const char *labeling_behaviors[6] = {
 	"uses xattr",
 	"uses transition SIDs",
 	"uses task SIDs",
diff --git a/security/selinux/include/initial_sid_to_string.h b/security/selinux/include/initial_sid_to_string.h
index d4fac82793ae..a59b64e3fd02 100644
--- a/security/selinux/include/initial_sid_to_string.h
+++ b/security/selinux/include/initial_sid_to_string.h
@@ -1,5 +1,5 @@
 /* This file is automatically generated.  Do not edit. */
-static char *initial_sid_to_string[] =
+static const char *initial_sid_to_string[] =
 {
     "null",
     "kernel",
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index f03667213ea8..623619851892 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -40,7 +40,7 @@
 #define _DEBUG_HASHES
 
 #ifdef DEBUG_HASHES
-static char *symtab_name[SYM_NUM] = {
+static const char *symtab_name[SYM_NUM] = {
 	"common prefixes",
 	"classes",
 	"roles",
-- 
cgit v1.2.3-59-g8ed1b