summaryrefslogtreecommitdiffstats
path: root/ipc
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2018-03-22 22:08:27 -0400
committerEric W. Biederman <ebiederm@xmission.com>2018-03-22 22:08:27 -0400
commit7191adff2a5566efb139c79ea03eda3d0520d44a (patch)
treebfde0d973881cfaa21e9993b290de4ca9c5bbe4b /ipc
parentaefad9593ec5ad4aae5346253a8b646364cd7317 (diff)
shm/security: Pass kern_ipc_perm not shmid_kernel into the shm security hooks
All of the implementations of security hooks that take shmid_kernel only access shm_perm the struct kern_ipc_perm member. This means the dependencies of the shm security hooks can be simplified by passing the kern_ipc_perm member of shmid_kernel.. Making this change will allow struct shmid_kernel to become private to ipc/shm.c. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'ipc')
-rw-r--r--ipc/shm.c17
1 files changed, 7 insertions, 10 deletions
diff --git a/ipc/shm.c b/ipc/shm.c
index 4643865e9171..387a786e7be1 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -181,7 +181,7 @@ static void shm_rcu_free(struct rcu_head *head)
181 rcu); 181 rcu);
182 struct shmid_kernel *shp = container_of(ptr, struct shmid_kernel, 182 struct shmid_kernel *shp = container_of(ptr, struct shmid_kernel,
183 shm_perm); 183 shm_perm);
184 security_shm_free(shp); 184 security_shm_free(&shp->shm_perm);
185 kvfree(shp); 185 kvfree(shp);
186} 186}
187 187
@@ -554,7 +554,7 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params)
554 shp->mlock_user = NULL; 554 shp->mlock_user = NULL;
555 555
556 shp->shm_perm.security = NULL; 556 shp->shm_perm.security = NULL;
557 error = security_shm_alloc(shp); 557 error = security_shm_alloc(&shp->shm_perm);
558 if (error) { 558 if (error) {
559 kvfree(shp); 559 kvfree(shp);
560 return error; 560 return error;
@@ -635,10 +635,7 @@ no_file:
635 */ 635 */
636static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg) 636static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg)
637{ 637{
638 struct shmid_kernel *shp; 638 return security_shm_associate(ipcp, shmflg);
639
640 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
641 return security_shm_associate(shp, shmflg);
642} 639}
643 640
644/* 641/*
@@ -835,7 +832,7 @@ static int shmctl_down(struct ipc_namespace *ns, int shmid, int cmd,
835 832
836 shp = container_of(ipcp, struct shmid_kernel, shm_perm); 833 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
837 834
838 err = security_shm_shmctl(shp, cmd); 835 err = security_shm_shmctl(&shp->shm_perm, cmd);
839 if (err) 836 if (err)
840 goto out_unlock1; 837 goto out_unlock1;
841 838
@@ -934,7 +931,7 @@ static int shmctl_stat(struct ipc_namespace *ns, int shmid,
934 if (ipcperms(ns, &shp->shm_perm, S_IRUGO)) 931 if (ipcperms(ns, &shp->shm_perm, S_IRUGO))
935 goto out_unlock; 932 goto out_unlock;
936 933
937 err = security_shm_shmctl(shp, cmd); 934 err = security_shm_shmctl(&shp->shm_perm, cmd);
938 if (err) 935 if (err)
939 goto out_unlock; 936 goto out_unlock;
940 937
@@ -978,7 +975,7 @@ static int shmctl_do_lock(struct ipc_namespace *ns, int shmid, int cmd)
978 } 975 }
979 976
980 audit_ipc_obj(&(shp->shm_perm)); 977 audit_ipc_obj(&(shp->shm_perm));
981 err = security_shm_shmctl(shp, cmd); 978 err = security_shm_shmctl(&shp->shm_perm, cmd);
982 if (err) 979 if (err)
983 goto out_unlock1; 980 goto out_unlock1;
984 981
@@ -1348,7 +1345,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg,
1348 if (ipcperms(ns, &shp->shm_perm, acc_mode)) 1345 if (ipcperms(ns, &shp->shm_perm, acc_mode))
1349 goto out_unlock; 1346 goto out_unlock;
1350 1347
1351 err = security_shm_shmat(shp, shmaddr, shmflg); 1348 err = security_shm_shmat(&shp->shm_perm, shmaddr, shmflg);
1352 if (err) 1349 if (err)
1353 goto out_unlock; 1350 goto out_unlock;
1354 1351
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-17 01:46:34 -0400