diff options
author | Eric Paris <eparis@redhat.com> | 2008-11-11 06:02:57 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-11 06:02:57 -0500 |
commit | 066746796bd2f0a1ba210c0dded3b6ee4032692a (patch) | |
tree | 868832ca0e199e4f173e23375cffb5fc3870402c | |
parent | a2f2945a99057c7d44043465906c6bb63c3368a0 (diff) |
Currently SELinux jumps through some ugly hoops to not audit a capbility
check when determining if a process has additional powers to override
memory limits or when trying to read/write illegal file labels. Use
the new noaudit call instead.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/hooks.c | 19 |
1 files changed, 2 insertions, 17 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 88a3ee33068a..378dc53c08e8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -1979,16 +1979,8 @@ static int selinux_syslog(int type) | |||
1979 | static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) | 1979 | static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) |
1980 | { | 1980 | { |
1981 | int rc, cap_sys_admin = 0; | 1981 | int rc, cap_sys_admin = 0; |
1982 | struct task_security_struct *tsec = current->security; | ||
1983 | |||
1984 | rc = secondary_ops->capable(current, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT); | ||
1985 | if (rc == 0) | ||
1986 | rc = avc_has_perm_noaudit(tsec->sid, tsec->sid, | ||
1987 | SECCLASS_CAPABILITY, | ||
1988 | CAP_TO_MASK(CAP_SYS_ADMIN), | ||
1989 | 0, | ||
1990 | NULL); | ||
1991 | 1982 | ||
1983 | rc = selinux_capable(current, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT); | ||
1992 | if (rc == 0) | 1984 | if (rc == 0) |
1993 | cap_sys_admin = 1; | 1985 | cap_sys_admin = 1; |
1994 | 1986 | ||
@@ -2820,7 +2812,6 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name | |||
2820 | u32 size; | 2812 | u32 size; |
2821 | int error; | 2813 | int error; |
2822 | char *context = NULL; | 2814 | char *context = NULL; |
2823 | struct task_security_struct *tsec = current->security; | ||
2824 | struct inode_security_struct *isec = inode->i_security; | 2815 | struct inode_security_struct *isec = inode->i_security; |
2825 | 2816 | ||
2826 | if (strcmp(name, XATTR_SELINUX_SUFFIX)) | 2817 | if (strcmp(name, XATTR_SELINUX_SUFFIX)) |
@@ -2835,13 +2826,7 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name | |||
2835 | * and lack of permission just means that we fall back to the | 2826 | * and lack of permission just means that we fall back to the |
2836 | * in-core context value, not a denial. | 2827 | * in-core context value, not a denial. |
2837 | */ | 2828 | */ |
2838 | error = secondary_ops->capable(current, CAP_MAC_ADMIN, SECURITY_CAP_NOAUDIT); | 2829 | error = selinux_capable(current, CAP_MAC_ADMIN, SECURITY_CAP_NOAUDIT); |
2839 | if (!error) | ||
2840 | error = avc_has_perm_noaudit(tsec->sid, tsec->sid, | ||
2841 | SECCLASS_CAPABILITY2, | ||
2842 | CAPABILITY2__MAC_ADMIN, | ||
2843 | 0, | ||
2844 | NULL); | ||
2845 | if (!error) | 2830 | if (!error) |
2846 | error = security_sid_to_context_force(isec->sid, &context, | 2831 | error = security_sid_to_context_force(isec->sid, &context, |
2847 | &size); | 2832 | &size); |