diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2009-10-04 08:49:48 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-10-11 19:56:02 -0400 |
commit | 8b8efb44033c7e86b3dc76f825c693ec92ae30e9 (patch) | |
tree | 8cf43afc59f88f36a86f3a8165770bccec28b3c3 | |
parent | 89eda06837094ce9f34fae269b8773fcfd70f046 (diff) |
LSM: Add security_path_chroot().
This patch allows pathname based LSM modules to check chroot() operations.
This hook is used by TOMOYO.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | fs/open.c | 3 | ||||
-rw-r--r-- | include/linux/security.h | 11 | ||||
-rw-r--r-- | security/capability.c | 6 | ||||
-rw-r--r-- | security/security.c | 5 |
4 files changed, 25 insertions, 0 deletions
@@ -587,6 +587,9 @@ SYSCALL_DEFINE1(chroot, const char __user *, filename) | |||
587 | error = -EPERM; | 587 | error = -EPERM; |
588 | if (!capable(CAP_SYS_CHROOT)) | 588 | if (!capable(CAP_SYS_CHROOT)) |
589 | goto dput_and_out; | 589 | goto dput_and_out; |
590 | error = security_path_chroot(&path); | ||
591 | if (error) | ||
592 | goto dput_and_out; | ||
590 | 593 | ||
591 | set_fs_root(current->fs, &path); | 594 | set_fs_root(current->fs, &path); |
592 | error = 0; | 595 | error = 0; |
diff --git a/include/linux/security.h b/include/linux/security.h index c8a584c26f7b..ed0faea60b82 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -459,6 +459,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
459 | * @uid contains new owner's ID. | 459 | * @uid contains new owner's ID. |
460 | * @gid contains new group's ID. | 460 | * @gid contains new group's ID. |
461 | * Return 0 if permission is granted. | 461 | * Return 0 if permission is granted. |
462 | * @path_chroot: | ||
463 | * Check for permission to change root directory. | ||
464 | * @path contains the path structure. | ||
465 | * Return 0 if permission is granted. | ||
462 | * @inode_readlink: | 466 | * @inode_readlink: |
463 | * Check the permission to read the symbolic link. | 467 | * Check the permission to read the symbolic link. |
464 | * @dentry contains the dentry structure for the file link. | 468 | * @dentry contains the dentry structure for the file link. |
@@ -1503,6 +1507,7 @@ struct security_operations { | |||
1503 | int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, | 1507 | int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, |
1504 | mode_t mode); | 1508 | mode_t mode); |
1505 | int (*path_chown) (struct path *path, uid_t uid, gid_t gid); | 1509 | int (*path_chown) (struct path *path, uid_t uid, gid_t gid); |
1510 | int (*path_chroot) (struct path *path); | ||
1506 | #endif | 1511 | #endif |
1507 | 1512 | ||
1508 | int (*inode_alloc_security) (struct inode *inode); | 1513 | int (*inode_alloc_security) (struct inode *inode); |
@@ -2970,6 +2975,7 @@ int security_path_rename(struct path *old_dir, struct dentry *old_dentry, | |||
2970 | int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, | 2975 | int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, |
2971 | mode_t mode); | 2976 | mode_t mode); |
2972 | int security_path_chown(struct path *path, uid_t uid, gid_t gid); | 2977 | int security_path_chown(struct path *path, uid_t uid, gid_t gid); |
2978 | int security_path_chroot(struct path *path); | ||
2973 | #else /* CONFIG_SECURITY_PATH */ | 2979 | #else /* CONFIG_SECURITY_PATH */ |
2974 | static inline int security_path_unlink(struct path *dir, struct dentry *dentry) | 2980 | static inline int security_path_unlink(struct path *dir, struct dentry *dentry) |
2975 | { | 2981 | { |
@@ -3031,6 +3037,11 @@ static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid) | |||
3031 | { | 3037 | { |
3032 | return 0; | 3038 | return 0; |
3033 | } | 3039 | } |
3040 | |||
3041 | static inline int security_path_chroot(struct path *path) | ||
3042 | { | ||
3043 | return 0; | ||
3044 | } | ||
3034 | #endif /* CONFIG_SECURITY_PATH */ | 3045 | #endif /* CONFIG_SECURITY_PATH */ |
3035 | 3046 | ||
3036 | #ifdef CONFIG_KEYS | 3047 | #ifdef CONFIG_KEYS |
diff --git a/security/capability.c b/security/capability.c index 09279a8d4a14..4f3ab476937f 100644 --- a/security/capability.c +++ b/security/capability.c | |||
@@ -319,6 +319,11 @@ static int cap_path_chown(struct path *path, uid_t uid, gid_t gid) | |||
319 | { | 319 | { |
320 | return 0; | 320 | return 0; |
321 | } | 321 | } |
322 | |||
323 | static int cap_path_chroot(struct path *root) | ||
324 | { | ||
325 | return 0; | ||
326 | } | ||
322 | #endif | 327 | #endif |
323 | 328 | ||
324 | static int cap_file_permission(struct file *file, int mask) | 329 | static int cap_file_permission(struct file *file, int mask) |
@@ -990,6 +995,7 @@ void security_fixup_ops(struct security_operations *ops) | |||
990 | set_to_cap_if_null(ops, path_truncate); | 995 | set_to_cap_if_null(ops, path_truncate); |
991 | set_to_cap_if_null(ops, path_chmod); | 996 | set_to_cap_if_null(ops, path_chmod); |
992 | set_to_cap_if_null(ops, path_chown); | 997 | set_to_cap_if_null(ops, path_chown); |
998 | set_to_cap_if_null(ops, path_chroot); | ||
993 | #endif | 999 | #endif |
994 | set_to_cap_if_null(ops, file_permission); | 1000 | set_to_cap_if_null(ops, file_permission); |
995 | set_to_cap_if_null(ops, file_alloc_security); | 1001 | set_to_cap_if_null(ops, file_alloc_security); |
diff --git a/security/security.c b/security/security.c index 5259270e558f..279757314a05 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -449,6 +449,11 @@ int security_path_chown(struct path *path, uid_t uid, gid_t gid) | |||
449 | return 0; | 449 | return 0; |
450 | return security_ops->path_chown(path, uid, gid); | 450 | return security_ops->path_chown(path, uid, gid); |
451 | } | 451 | } |
452 | |||
453 | int security_path_chroot(struct path *path) | ||
454 | { | ||
455 | return security_ops->path_chroot(path); | ||
456 | } | ||
452 | #endif | 457 | #endif |
453 | 458 | ||
454 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode) | 459 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode) |