aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2007-05-08 03:26:56 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-05-08 14:15:04 -0400
commit98a27ba485c7508ef9d9527fe06e4686f3a163dc (patch)
tree73d5dca7f1b5120ecf1bbcc664094044bc35dc56 /security/selinux/hooks.c
parent2a65f1d9fe78475720bd8f0e0fbbf1973b1b5ac2 (diff)
tty: introduce no_tty and use it in selinux
While researching the tty layer pid leaks I found a weird case in selinux when we drop a controlling tty because of inadequate permissions we don't do the normal hangup processing. Which is a problem if it happens the session leader has exec'd something that can no longer access the tty. We already have code in the kernel to handle this case in the form of the TIOCNOTTY ioctl. So this patch factors out a helper function that is the essence of that ioctl and calls it from the selinux code. This removes the inconsistency in handling dropping of a controlling tty and who knows it might even make some part of user space happy because it received a SIGHUP it was expecting. In addition since this removes the last user of proc_set_tty outside of tty_io.c proc_set_tty is made static and removed from tty.h Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: James Morris <jmorris@namei.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 885a9a958b8..fa9dbb6b110 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1758,12 +1758,11 @@ static inline void flush_unauthorized_files(struct files_struct * files)
1758 } 1758 }
1759 } 1759 }
1760 file_list_unlock(); 1760 file_list_unlock();
1761
1762 /* Reset controlling tty. */
1763 if (drop_tty)
1764 proc_set_tty(current, NULL);
1765 } 1761 }
1766 mutex_unlock(&tty_mutex); 1762 mutex_unlock(&tty_mutex);
1763 /* Reset controlling tty. */
1764 if (drop_tty)
1765 no_tty();
1767 1766
1768 /* Revalidate access to inherited open files. */ 1767 /* Revalidate access to inherited open files. */
1769 1768