diff options
author | Paul Mackerras <paulus@samba.org> | 2008-03-26 08:44:18 +1100 |
---|---|---|
committer | Paul Mackerras <paulus@samba.org> | 2008-03-26 08:44:18 +1100 |
commit | 54f53f2b94feb72622bec7a8563fc487d9f97720 (patch) | |
tree | ab0c4e1dcadd25a00fa7a4febf41bc43b864cf73 /security | |
parent | f61fb8a52cdf8b9b6a6badde84aefe58cb35d315 (diff) | |
parent | a4083c9271e0a697278e089f2c0b9a95363ada0a (diff) | |
download | op-kernel-dev-54f53f2b94feb72622bec7a8563fc487d9f97720.zip op-kernel-dev-54f53f2b94feb72622bec7a8563fc487d9f97720.tar.gz |
Merge branch 'linux-2.6'
Diffstat (limited to 'security')
-rw-r--r-- | security/capability.c | 1 | ||||
-rw-r--r-- | security/commoncap.c | 40 | ||||
-rw-r--r-- | security/selinux/hooks.c | 3 | ||||
-rw-r--r-- | security/smack/smack.h | 8 | ||||
-rw-r--r-- | security/smack/smack_lsm.c | 14 | ||||
-rw-r--r-- | security/smack/smackfs.c | 66 |
6 files changed, 30 insertions, 102 deletions
diff --git a/security/capability.c b/security/capability.c index 9e99f36a..2c6e06d 100644 --- a/security/capability.c +++ b/security/capability.c @@ -40,7 +40,6 @@ static struct security_operations capability_ops = { .inode_need_killpriv = cap_inode_need_killpriv, .inode_killpriv = cap_inode_killpriv, - .task_kill = cap_task_kill, .task_setscheduler = cap_task_setscheduler, .task_setioprio = cap_task_setioprio, .task_setnice = cap_task_setnice, diff --git a/security/commoncap.c b/security/commoncap.c index bb0c095..06d5c94 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -540,41 +540,6 @@ int cap_task_setnice (struct task_struct *p, int nice) return cap_safe_nice(p); } -int cap_task_kill(struct task_struct *p, struct siginfo *info, - int sig, u32 secid) -{ - if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info))) - return 0; - - /* - * Running a setuid root program raises your capabilities. - * Killing your own setuid root processes was previously - * allowed. - * We must preserve legacy signal behavior in this case. - */ - if (p->uid == current->uid) - return 0; - - /* sigcont is permitted within same session */ - if (sig == SIGCONT && (task_session_nr(current) == task_session_nr(p))) - return 0; - - if (secid) - /* - * Signal sent as a particular user. - * Capabilities are ignored. May be wrong, but it's the - * only thing we can do at the moment. - * Used only by usb drivers? - */ - return 0; - if (cap_issubset(p->cap_permitted, current->cap_permitted)) - return 0; - if (capable(CAP_KILL)) - return 0; - - return -EPERM; -} - /* * called from kernel/sys.c for prctl(PR_CABSET_DROP) * done without task_capability_lock() because it introduces @@ -605,11 +570,6 @@ int cap_task_setnice (struct task_struct *p, int nice) { return 0; } -int cap_task_kill(struct task_struct *p, struct siginfo *info, - int sig, u32 secid) -{ - return 0; -} #endif void cap_task_reparent_to_init (struct task_struct *p) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 4bf4807..41a049f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -800,7 +800,8 @@ static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb, mutex_unlock(&newsbsec->lock); } -int selinux_parse_opts_str(char *options, struct security_mnt_opts *opts) +static int selinux_parse_opts_str(char *options, + struct security_mnt_opts *opts) { char *p; char *context = NULL, *defcontext = NULL; diff --git a/security/smack/smack.h b/security/smack/smack.h index a21a0e9..62c1e98 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -26,14 +26,6 @@ #define SMK_MAXLEN 23 #define SMK_LABELLEN (SMK_MAXLEN+1) -/* - * How many kinds of access are there? - * Here's your answer. - */ -#define SMK_ACCESSDASH '-' -#define SMK_ACCESSLOW "rwxa" -#define SMK_ACCESSKINDS (sizeof(SMK_ACCESSLOW) - 1) - struct superblock_smack { char *smk_root; char *smk_floor; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0241fd35..732ba27 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1117,11 +1117,6 @@ static int smack_task_movememory(struct task_struct *p) static int smack_task_kill(struct task_struct *p, struct siginfo *info, int sig, u32 secid) { - int rc; - - rc = cap_task_kill(p, info, sig, secid); - if (rc != 0) - return rc; /* * Special cases where signals really ought to go through * in spite of policy. Stephen Smalley suggests it may @@ -1508,7 +1503,7 @@ static int smack_shm_associate(struct shmid_kernel *shp, int shmflg) */ static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) { - char *ssp = smack_of_shm(shp); + char *ssp; int may; switch (cmd) { @@ -1532,6 +1527,7 @@ static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) return -EINVAL; } + ssp = smack_of_shm(shp); return smk_curacc(ssp, may); } @@ -1616,7 +1612,7 @@ static int smack_sem_associate(struct sem_array *sma, int semflg) */ static int smack_sem_semctl(struct sem_array *sma, int cmd) { - char *ssp = smack_of_sem(sma); + char *ssp; int may; switch (cmd) { @@ -1645,6 +1641,7 @@ static int smack_sem_semctl(struct sem_array *sma, int cmd) return -EINVAL; } + ssp = smack_of_sem(sma); return smk_curacc(ssp, may); } @@ -1730,7 +1727,7 @@ static int smack_msg_queue_associate(struct msg_queue *msq, int msqflg) */ static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) { - char *msp = smack_of_msq(msq); + char *msp; int may; switch (cmd) { @@ -1752,6 +1749,7 @@ static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) return -EINVAL; } + msp = smack_of_msq(msq); return smk_curacc(msp, may); } diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 358c92c..cfae8af 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -74,17 +74,25 @@ struct smk_list_entry *smack_list; #define SEQ_READ_FINISHED 1 /* - * Disable concurrent writing open() operations - */ -static struct semaphore smack_write_sem; - -/* * Values for parsing cipso rules * SMK_DIGITLEN: Length of a digit field in a rule. - * SMK_CIPSOMEN: Minimum possible cipso rule length. + * SMK_CIPSOMIN: Minimum possible cipso rule length. + * SMK_CIPSOMAX: Maximum possible cipso rule length. */ #define SMK_DIGITLEN 4 -#define SMK_CIPSOMIN (SMK_MAXLEN + 2 * SMK_DIGITLEN) +#define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) +#define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) + +/* + * Values for parsing MAC rules + * SMK_ACCESS: Maximum possible combination of access permissions + * SMK_ACCESSLEN: Maximum length for a rule access field + * SMK_LOADLEN: Smack rule length + */ +#define SMK_ACCESS "rwxa" +#define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) +#define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) + /* * Seq_file read operations for /smack/load @@ -155,32 +163,7 @@ static struct seq_operations load_seq_ops = { */ static int smk_open_load(struct inode *inode, struct file *file) { - if ((file->f_flags & O_ACCMODE) == O_RDONLY) - return seq_open(file, &load_seq_ops); - - if (down_interruptible(&smack_write_sem)) - return -ERESTARTSYS; - - return 0; -} - -/** - * smk_release_load - release() for /smack/load - * @inode: inode structure representing file - * @file: "load" file pointer - * - * For a reading session, use the seq_file release - * implementation. - * Otherwise, we are at the end of a writing session so - * clean everything up. - */ -static int smk_release_load(struct inode *inode, struct file *file) -{ - if ((file->f_flags & O_ACCMODE) == O_RDONLY) - return seq_release(inode, file); - - up(&smack_write_sem); - return 0; + return seq_open(file, &load_seq_ops); } /** @@ -229,14 +212,10 @@ static void smk_set_access(struct smack_rule *srp) * The format is exactly: * char subject[SMK_LABELLEN] * char object[SMK_LABELLEN] - * char access[SMK_ACCESSKINDS] - * - * Anything following is commentary and ignored. + * char access[SMK_ACCESSLEN] * - * writes must be SMK_LABELLEN+SMK_LABELLEN+4 bytes. + * writes must be SMK_LABELLEN+SMK_LABELLEN+SMK_ACCESSLEN bytes. */ -#define MINIMUM_LOAD (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSKINDS) - static ssize_t smk_write_load(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { @@ -253,7 +232,7 @@ static ssize_t smk_write_load(struct file *file, const char __user *buf, return -EPERM; if (*ppos != 0) return -EINVAL; - if (count < MINIMUM_LOAD) + if (count != SMK_LOADLEN) return -EINVAL; data = kzalloc(count, GFP_KERNEL); @@ -332,7 +311,7 @@ static const struct file_operations smk_load_ops = { .read = seq_read, .llseek = seq_lseek, .write = smk_write_load, - .release = smk_release_load, + .release = seq_release, }; /** @@ -513,7 +492,7 @@ static ssize_t smk_write_cipso(struct file *file, const char __user *buf, return -EPERM; if (*ppos != 0) return -EINVAL; - if (count <= SMK_CIPSOMIN) + if (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX) return -EINVAL; data = kzalloc(count + 1, GFP_KERNEL); @@ -547,7 +526,7 @@ static ssize_t smk_write_cipso(struct file *file, const char __user *buf, if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM) goto out; - if (count <= (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) + if (count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) goto out; memset(mapcatset, 0, sizeof(mapcatset)); @@ -1002,7 +981,6 @@ static int __init init_smk_fs(void) } } - sema_init(&smack_write_sem, 1); smk_cipso_doi(); smk_unlbl_ambient(NULL); |