aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/security.h
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2005-10-30 18:02:44 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2005-10-30 20:37:23 -0500
commit29db9190634067c5a328ee5fcc2890251b836b4b (patch)
tree07ec242789230824f1fa8bcbbe681fd5bf166fa8 /include/linux/security.h
parent2aa349f6e37ce030060c994d3aebbff4ab703565 (diff)
[PATCH] Keys: Add LSM hooks for key management [try #3]
The attached patch adds LSM hooks for key management facilities. The notable changes are: (1) The key struct now supports a security pointer for the use of security modules. This will permit key labelling and restrictions on which programs may access a key. (2) Security modules get a chance to note (or abort) the allocation of a key. (3) The key permission checking can now be enhanced by the security modules; the permissions check consults LSM if all other checks bear out. (4) The key permissions checking functions now return an error code rather than a boolean value. (5) An extra permission has been added to govern the modification of attributes (UID, GID, permissions). Note that there isn't an LSM hook specifically for each keyctl() operation, but rather the permissions hook allows control of individual operations based on the permission request bits. Key management access control through LSM is enabled by automatically if both CONFIG_KEYS and CONFIG_SECURITY are enabled. This should be applied on top of the patch ensubjected: [PATCH] Keys: Possessor permissions should be additive Signed-Off-By: David Howells <dhowells@redhat.com> Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'include/linux/security.h')
-rw-r--r--include/linux/security.h73
1 files changed, 73 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 607ee209ea3b..f7e0ae018712 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -30,6 +30,7 @@
30#include <linux/shm.h> 30#include <linux/shm.h>
31#include <linux/msg.h> 31#include <linux/msg.h>
32#include <linux/sched.h> 32#include <linux/sched.h>
33#include <linux/key.h>
33 34
34struct ctl_table; 35struct ctl_table;
35 36
@@ -788,6 +789,27 @@ struct swap_info_struct;
788 * @sk_free_security: 789 * @sk_free_security:
789 * Deallocate security structure. 790 * Deallocate security structure.
790 * 791 *
792 * Security hooks affecting all Key Management operations
793 *
794 * @key_alloc:
795 * Permit allocation of a key and assign security data. Note that key does
796 * not have a serial number assigned at this point.
797 * @key points to the key.
798 * Return 0 if permission is granted, -ve error otherwise.
799 * @key_free:
800 * Notification of destruction; free security data.
801 * @key points to the key.
802 * No return value.
803 * @key_permission:
804 * See whether a specific operational right is granted to a process on a
805 * key.
806 * @key_ref refers to the key (key pointer + possession attribute bit).
807 * @context points to the process to provide the context against which to
808 * evaluate the security data on the key.
809 * @perm describes the combination of permissions required of this key.
810 * Return 1 if permission granted, 0 if permission denied and -ve it the
811 * normal permissions model should be effected.
812 *
791 * Security hooks affecting all System V IPC operations. 813 * Security hooks affecting all System V IPC operations.
792 * 814 *
793 * @ipc_permission: 815 * @ipc_permission:
@@ -1216,6 +1238,17 @@ struct security_operations {
1216 int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); 1238 int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority);
1217 void (*sk_free_security) (struct sock *sk); 1239 void (*sk_free_security) (struct sock *sk);
1218#endif /* CONFIG_SECURITY_NETWORK */ 1240#endif /* CONFIG_SECURITY_NETWORK */
1241
1242 /* key management security hooks */
1243#ifdef CONFIG_KEYS
1244 int (*key_alloc)(struct key *key);
1245 void (*key_free)(struct key *key);
1246 int (*key_permission)(key_ref_t key_ref,
1247 struct task_struct *context,
1248 key_perm_t perm);
1249
1250#endif /* CONFIG_KEYS */
1251
1219}; 1252};
1220 1253
1221/* global variables */ 1254/* global variables */
@@ -2764,5 +2797,45 @@ static inline void security_sk_free(struct sock *sk)
2764} 2797}
2765#endif /* CONFIG_SECURITY_NETWORK */ 2798#endif /* CONFIG_SECURITY_NETWORK */
2766 2799
2800#ifdef CONFIG_KEYS
2801#ifdef CONFIG_SECURITY
2802static inline int security_key_alloc(struct key *key)
2803{
2804 return security_ops->key_alloc(key);
2805}
2806
2807static inline void security_key_free(struct key *key)
2808{
2809 security_ops->key_free(key);
2810}
2811
2812static inline int security_key_permission(key_ref_t key_ref,
2813 struct task_struct *context,
2814 key_perm_t perm)
2815{
2816 return security_ops->key_permission(key_ref, context, perm);
2817}
2818
2819#else
2820
2821static inline int security_key_alloc(struct key *key)
2822{
2823 return 0;
2824}
2825
2826static inline void security_key_free(struct key *key)
2827{
2828}
2829
2830static inline int security_key_permission(key_ref_t key_ref,
2831 struct task_struct *context,
2832 key_perm_t perm)
2833{
2834 return 0;
2835}
2836
2837#endif
2838#endif /* CONFIG_KEYS */
2839
2767#endif /* ! __LINUX_SECURITY_H */ 2840#endif /* ! __LINUX_SECURITY_H */
2768 2841