diff options
| author | Catherine Zhang <cxzhang@watson.ibm.com> | 2006-08-02 17:12:06 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2006-08-02 17:12:06 -0400 |
| commit | dc49c1f94e3469d94b952e8f5160dd4ccd791d79 (patch) | |
| tree | e47b1974c262a03dbabf0a148325d9089817e78e /include/linux/security.h | |
| parent | 2b7e24b66d31d677d76b49918e711eb360c978b6 (diff) | |
[AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch
From: Catherine Zhang <cxzhang@watson.ibm.com>
This patch implements a cleaner fix for the memory leak problem of the
original unix datagram getpeersec patch. Instead of creating a
security context each time a unix datagram is sent, we only create the
security context when the receiver requests it.
This new design requires modification of the current
unix_getsecpeer_dgram LSM hook and addition of two new hooks, namely,
secid_to_secctx and release_secctx. The former retrieves the security
context and the latter releases it. A hook is required for releasing
the security context because it is up to the security module to decide
how that's done. In the case of Selinux, it's a simple kfree
operation.
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/security.h')
| -rw-r--r-- | include/linux/security.h | 41 |
1 files changed, 35 insertions, 6 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index f75303831d09..aa5b8043dc38 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -1109,6 +1109,16 @@ struct swap_info_struct; | |||
| 1109 | * @name contains the name of the security module being unstacked. | 1109 | * @name contains the name of the security module being unstacked. |
| 1110 | * @ops contains a pointer to the struct security_operations of the module to unstack. | 1110 | * @ops contains a pointer to the struct security_operations of the module to unstack. |
| 1111 | * | 1111 | * |
| 1112 | * @secid_to_secctx: | ||
| 1113 | * Convert secid to security context. | ||
| 1114 | * @secid contains the security ID. | ||
| 1115 | * @secdata contains the pointer that stores the converted security context. | ||
| 1116 | * | ||
| 1117 | * @release_secctx: | ||
| 1118 | * Release the security context. | ||
| 1119 | * @secdata contains the security context. | ||
| 1120 | * @seclen contains the length of the security context. | ||
| 1121 | * | ||
| 1112 | * This is the main security structure. | 1122 | * This is the main security structure. |
| 1113 | */ | 1123 | */ |
| 1114 | struct security_operations { | 1124 | struct security_operations { |
| @@ -1289,6 +1299,8 @@ struct security_operations { | |||
| 1289 | 1299 | ||
| 1290 | int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size); | 1300 | int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size); |
| 1291 | int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); | 1301 | int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); |
| 1302 | int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); | ||
| 1303 | void (*release_secctx)(char *secdata, u32 seclen); | ||
| 1292 | 1304 | ||
| 1293 | #ifdef CONFIG_SECURITY_NETWORK | 1305 | #ifdef CONFIG_SECURITY_NETWORK |
| 1294 | int (*unix_stream_connect) (struct socket * sock, | 1306 | int (*unix_stream_connect) (struct socket * sock, |
| @@ -1317,7 +1329,7 @@ struct security_operations { | |||
| 1317 | int (*socket_shutdown) (struct socket * sock, int how); | 1329 | int (*socket_shutdown) (struct socket * sock, int how); |
| 1318 | int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); | 1330 | int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); |
| 1319 | int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); | 1331 | int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); |
| 1320 | int (*socket_getpeersec_dgram) (struct sk_buff *skb, char **secdata, u32 *seclen); | 1332 | int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid); |
| 1321 | int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); | 1333 | int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); |
| 1322 | void (*sk_free_security) (struct sock *sk); | 1334 | void (*sk_free_security) (struct sock *sk); |
| 1323 | unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir); | 1335 | unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir); |
| @@ -2059,6 +2071,16 @@ static inline int security_netlink_recv(struct sk_buff * skb, int cap) | |||
| 2059 | return security_ops->netlink_recv(skb, cap); | 2071 | return security_ops->netlink_recv(skb, cap); |
| 2060 | } | 2072 | } |
| 2061 | 2073 | ||
| 2074 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) | ||
| 2075 | { | ||
| 2076 | return security_ops->secid_to_secctx(secid, secdata, seclen); | ||
| 2077 | } | ||
| 2078 | |||
| 2079 | static inline void security_release_secctx(char *secdata, u32 seclen) | ||
| 2080 | { | ||
| 2081 | return security_ops->release_secctx(secdata, seclen); | ||
| 2082 | } | ||
| 2083 | |||
| 2062 | /* prototypes */ | 2084 | /* prototypes */ |
| 2063 | extern int security_init (void); | 2085 | extern int security_init (void); |
| 2064 | extern int register_security (struct security_operations *ops); | 2086 | extern int register_security (struct security_operations *ops); |
| @@ -2725,6 +2747,15 @@ static inline void securityfs_remove(struct dentry *dentry) | |||
| 2725 | { | 2747 | { |
| 2726 | } | 2748 | } |
| 2727 | 2749 | ||
| 2750 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) | ||
| 2751 | { | ||
| 2752 | return -EOPNOTSUPP; | ||
| 2753 | } | ||
| 2754 | |||
| 2755 | static inline void security_release_secctx(char *secdata, u32 seclen) | ||
| 2756 | { | ||
| 2757 | return -EOPNOTSUPP; | ||
| 2758 | } | ||
| 2728 | #endif /* CONFIG_SECURITY */ | 2759 | #endif /* CONFIG_SECURITY */ |
| 2729 | 2760 | ||
| 2730 | #ifdef CONFIG_SECURITY_NETWORK | 2761 | #ifdef CONFIG_SECURITY_NETWORK |
| @@ -2840,10 +2871,9 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __ | |||
| 2840 | return security_ops->socket_getpeersec_stream(sock, optval, optlen, len); | 2871 | return security_ops->socket_getpeersec_stream(sock, optval, optlen, len); |
| 2841 | } | 2872 | } |
| 2842 | 2873 | ||
| 2843 | static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, | 2874 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) |
| 2844 | u32 *seclen) | ||
| 2845 | { | 2875 | { |
| 2846 | return security_ops->socket_getpeersec_dgram(skb, secdata, seclen); | 2876 | return security_ops->socket_getpeersec_dgram(sock, skb, secid); |
| 2847 | } | 2877 | } |
| 2848 | 2878 | ||
| 2849 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) | 2879 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) |
| @@ -2968,8 +2998,7 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __ | |||
| 2968 | return -ENOPROTOOPT; | 2998 | return -ENOPROTOOPT; |
| 2969 | } | 2999 | } |
| 2970 | 3000 | ||
| 2971 | static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, | 3001 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) |
| 2972 | u32 *seclen) | ||
| 2973 | { | 3002 | { |
| 2974 | return -ENOPROTOOPT; | 3003 | return -ENOPROTOOPT; |
| 2975 | } | 3004 | } |