aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2009-10-04 08:49:48 -0400
committerJames Morris <jmorris@namei.org>2009-10-11 19:56:02 -0400
commit8b8efb44033c7e86b3dc76f825c693ec92ae30e9 (patch)
tree8cf43afc59f88f36a86f3a8165770bccec28b3c3
parent89eda06837094ce9f34fae269b8773fcfd70f046 (diff)
LSM: Add security_path_chroot().
This patch allows pathname based LSM modules to check chroot() operations. This hook is used by TOMOYO. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--fs/open.c3
-rw-r--r--include/linux/security.h11
-rw-r--r--security/capability.c6
-rw-r--r--security/security.c5
4 files changed, 25 insertions, 0 deletions
diff --git a/fs/open.c b/fs/open.c
index b5c294d35bd1..201041dfca57 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -587,6 +587,9 @@ SYSCALL_DEFINE1(chroot, const char __user *, filename)
587 error = -EPERM; 587 error = -EPERM;
588 if (!capable(CAP_SYS_CHROOT)) 588 if (!capable(CAP_SYS_CHROOT))
589 goto dput_and_out; 589 goto dput_and_out;
590 error = security_path_chroot(&path);
591 if (error)
592 goto dput_and_out;
590 593
591 set_fs_root(current->fs, &path); 594 set_fs_root(current->fs, &path);
592 error = 0; 595 error = 0;
diff --git a/include/linux/security.h b/include/linux/security.h
index c8a584c26f7b..ed0faea60b82 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -459,6 +459,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
459 * @uid contains new owner's ID. 459 * @uid contains new owner's ID.
460 * @gid contains new group's ID. 460 * @gid contains new group's ID.
461 * Return 0 if permission is granted. 461 * Return 0 if permission is granted.
462 * @path_chroot:
463 * Check for permission to change root directory.
464 * @path contains the path structure.
465 * Return 0 if permission is granted.
462 * @inode_readlink: 466 * @inode_readlink:
463 * Check the permission to read the symbolic link. 467 * Check the permission to read the symbolic link.
464 * @dentry contains the dentry structure for the file link. 468 * @dentry contains the dentry structure for the file link.
@@ -1503,6 +1507,7 @@ struct security_operations {
1503 int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, 1507 int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt,
1504 mode_t mode); 1508 mode_t mode);
1505 int (*path_chown) (struct path *path, uid_t uid, gid_t gid); 1509 int (*path_chown) (struct path *path, uid_t uid, gid_t gid);
1510 int (*path_chroot) (struct path *path);
1506#endif 1511#endif
1507 1512
1508 int (*inode_alloc_security) (struct inode *inode); 1513 int (*inode_alloc_security) (struct inode *inode);
@@ -2970,6 +2975,7 @@ int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
2970int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, 2975int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
2971 mode_t mode); 2976 mode_t mode);
2972int security_path_chown(struct path *path, uid_t uid, gid_t gid); 2977int security_path_chown(struct path *path, uid_t uid, gid_t gid);
2978int security_path_chroot(struct path *path);
2973#else /* CONFIG_SECURITY_PATH */ 2979#else /* CONFIG_SECURITY_PATH */
2974static inline int security_path_unlink(struct path *dir, struct dentry *dentry) 2980static inline int security_path_unlink(struct path *dir, struct dentry *dentry)
2975{ 2981{
@@ -3031,6 +3037,11 @@ static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid)
3031{ 3037{
3032 return 0; 3038 return 0;
3033} 3039}
3040
3041static inline int security_path_chroot(struct path *path)
3042{
3043 return 0;
3044}
3034#endif /* CONFIG_SECURITY_PATH */ 3045#endif /* CONFIG_SECURITY_PATH */
3035 3046
3036#ifdef CONFIG_KEYS 3047#ifdef CONFIG_KEYS
diff --git a/security/capability.c b/security/capability.c
index 09279a8d4a14..4f3ab476937f 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -319,6 +319,11 @@ static int cap_path_chown(struct path *path, uid_t uid, gid_t gid)
319{ 319{
320 return 0; 320 return 0;
321} 321}
322
323static int cap_path_chroot(struct path *root)
324{
325 return 0;
326}
322#endif 327#endif
323 328
324static int cap_file_permission(struct file *file, int mask) 329static int cap_file_permission(struct file *file, int mask)
@@ -990,6 +995,7 @@ void security_fixup_ops(struct security_operations *ops)
990 set_to_cap_if_null(ops, path_truncate); 995 set_to_cap_if_null(ops, path_truncate);
991 set_to_cap_if_null(ops, path_chmod); 996 set_to_cap_if_null(ops, path_chmod);
992 set_to_cap_if_null(ops, path_chown); 997 set_to_cap_if_null(ops, path_chown);
998 set_to_cap_if_null(ops, path_chroot);
993#endif 999#endif
994 set_to_cap_if_null(ops, file_permission); 1000 set_to_cap_if_null(ops, file_permission);
995 set_to_cap_if_null(ops, file_alloc_security); 1001 set_to_cap_if_null(ops, file_alloc_security);
diff --git a/security/security.c b/security/security.c
index 5259270e558f..279757314a05 100644
--- a/security/security.c
+++ b/security/security.c
@@ -449,6 +449,11 @@ int security_path_chown(struct path *path, uid_t uid, gid_t gid)
449 return 0; 449 return 0;
450 return security_ops->path_chown(path, uid, gid); 450 return security_ops->path_chown(path, uid, gid);
451} 451}
452
453int security_path_chroot(struct path *path)
454{
455 return security_ops->path_chroot(path);
456}
452#endif 457#endif
453 458
454int security_inode_create(struct inode *dir, struct dentry *dentry, int mode) 459int security_inode_create(struct inode *dir, struct dentry *dentry, int mode)