diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-17 22:13:15 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-17 22:13:15 -0500 |
| commit | 5807fcaa9bf7dd87241df739161c119cf78a6bc4 (patch) | |
| tree | 4ed1e647a0ae0f315db3b9066c9235020c439649 /security/smack | |
| parent | 2d663b55816e5c1d211a77fff90687053fe78aac (diff) | |
| parent | acb2cfdb316ddc3fac8183c0f71edd1680713b10 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
- EVM gains support for loading an x509 cert from the kernel
(EVM_LOAD_X509), into the EVM trusted kernel keyring.
- Smack implements 'file receive' process-based permission checking for
sockets, rather than just depending on inode checks.
- Misc enhancments for TPM & TPM2.
- Cleanups and bugfixes for SELinux, Keys, and IMA.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (41 commits)
selinux: Inode label revalidation performance fix
KEYS: refcount bug fix
ima: ima_write_policy() limit locking
IMA: policy can be updated zero times
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
selinux: export validatetrans decisions
gfs2: Invalid security labels of inodes when they go invalid
selinux: Revalidate invalid inode security labels
security: Add hook to invalidate inode security labels
selinux: Add accessor functions for inode->i_security
security: Make inode argument of inode_getsecid non-const
security: Make inode argument of inode_getsecurity non-const
selinux: Remove unused variable in selinux_inode_init_security
keys, trusted: seal with a TPM2 authorization policy
keys, trusted: select hash algorithm for TPM2 chips
keys, trusted: fix: *do not* allow duplicate key options
tpm_ibmvtpm: properly handle interrupted packet receptions
tpm_tis: Tighten IRQ auto-probing
tpm_tis: Refactor the interrupt setup
tpm_tis: Get rid of the duplicate IRQ probing code
...
Diffstat (limited to 'security/smack')
| -rw-r--r-- | security/smack/smack_lsm.c | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 37fdd5416a64..8d85435a45d7 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -1465,7 +1465,7 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) | |||
| 1465 | * | 1465 | * |
| 1466 | * Returns the size of the attribute or an error code | 1466 | * Returns the size of the attribute or an error code |
| 1467 | */ | 1467 | */ |
| 1468 | static int smack_inode_getsecurity(const struct inode *inode, | 1468 | static int smack_inode_getsecurity(struct inode *inode, |
| 1469 | const char *name, void **buffer, | 1469 | const char *name, void **buffer, |
| 1470 | bool alloc) | 1470 | bool alloc) |
| 1471 | { | 1471 | { |
| @@ -1536,7 +1536,7 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, | |||
| 1536 | * @inode: inode to extract the info from | 1536 | * @inode: inode to extract the info from |
| 1537 | * @secid: where result will be saved | 1537 | * @secid: where result will be saved |
| 1538 | */ | 1538 | */ |
| 1539 | static void smack_inode_getsecid(const struct inode *inode, u32 *secid) | 1539 | static void smack_inode_getsecid(struct inode *inode, u32 *secid) |
| 1540 | { | 1540 | { |
| 1541 | struct inode_smack *isp = inode->i_security; | 1541 | struct inode_smack *isp = inode->i_security; |
| 1542 | 1542 | ||
| @@ -1858,12 +1858,34 @@ static int smack_file_receive(struct file *file) | |||
| 1858 | int may = 0; | 1858 | int may = 0; |
| 1859 | struct smk_audit_info ad; | 1859 | struct smk_audit_info ad; |
| 1860 | struct inode *inode = file_inode(file); | 1860 | struct inode *inode = file_inode(file); |
| 1861 | struct socket *sock; | ||
| 1862 | struct task_smack *tsp; | ||
| 1863 | struct socket_smack *ssp; | ||
| 1861 | 1864 | ||
| 1862 | if (unlikely(IS_PRIVATE(inode))) | 1865 | if (unlikely(IS_PRIVATE(inode))) |
| 1863 | return 0; | 1866 | return 0; |
| 1864 | 1867 | ||
| 1865 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); | 1868 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); |
| 1866 | smk_ad_setfield_u_fs_path(&ad, file->f_path); | 1869 | smk_ad_setfield_u_fs_path(&ad, file->f_path); |
| 1870 | |||
| 1871 | if (S_ISSOCK(inode->i_mode)) { | ||
| 1872 | sock = SOCKET_I(inode); | ||
| 1873 | ssp = sock->sk->sk_security; | ||
| 1874 | tsp = current_security(); | ||
| 1875 | /* | ||
| 1876 | * If the receiving process can't write to the | ||
| 1877 | * passed socket or if the passed socket can't | ||
| 1878 | * write to the receiving process don't accept | ||
| 1879 | * the passed socket. | ||
| 1880 | */ | ||
| 1881 | rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad); | ||
| 1882 | rc = smk_bu_file(file, may, rc); | ||
| 1883 | if (rc < 0) | ||
| 1884 | return rc; | ||
| 1885 | rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad); | ||
| 1886 | rc = smk_bu_file(file, may, rc); | ||
| 1887 | return rc; | ||
| 1888 | } | ||
| 1867 | /* | 1889 | /* |
| 1868 | * This code relies on bitmasks. | 1890 | * This code relies on bitmasks. |
| 1869 | */ | 1891 | */ |
| @@ -3756,7 +3778,7 @@ static int smack_socket_sendmsg(struct socket *sock, struct msghdr *msg, | |||
| 3756 | if (sip == NULL) | 3778 | if (sip == NULL) |
| 3757 | return 0; | 3779 | return 0; |
| 3758 | 3780 | ||
| 3759 | switch (sip->sin_family) { | 3781 | switch (sock->sk->sk_family) { |
| 3760 | case AF_INET: | 3782 | case AF_INET: |
| 3761 | rc = smack_netlabel_send(sock->sk, sip); | 3783 | rc = smack_netlabel_send(sock->sk, sip); |
| 3762 | break; | 3784 | break; |