Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem updates for 3.4 from James Morris: "The main addition here is the new Yama security module from Kees Cook, which was discussed at the Linux Security Summit last year. Its purpose is to collect miscellaneous DAC security enhancements in one place. This also marks a departure in policy for LSM modules, which were previously limited to being standalone access control systems. Chromium OS is using Yama, and I believe there are plans for Ubuntu, at least. This patchset also includes maintenance updates for AppArmor, TOMOYO and others." Fix trivial conflict in <net/sock.h> due to the jumo_label->static_key rename. * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (38 commits) AppArmor: Fix location of const qualifier on generated string tables TOMOYO: Return error if fails to delete a domain AppArmor: add const qualifiers to string arrays AppArmor: Add ability to load extended policy TOMOYO: Return appropriate value to poll(). AppArmor: Move path failure information into aa_get_name and rename AppArmor: Update dfa matching routines. AppArmor: Minor cleanup of d_namespace_path to consolidate error handling AppArmor: Retrieve the dentry_path for error reporting when path lookup fails AppArmor: Add const qualifiers to generated string tables AppArmor: Fix oops in policy unpack auditing AppArmor: Fix error returned when a path lookup is disconnected KEYS: testing wrong bit for KEY_FLAG_REVOKED TOMOYO: Fix mount flags checking order. security: fix ima kconfig warning AppArmor: Fix the error case for chroot relative path name lookup AppArmor: fix mapping of META_READ to audit and quiet flags AppArmor: Fix underflow in xindex calculation AppArmor: Fix dropping of allowed operations that are force audited AppArmor: Add mising end of structure test to caps unpacking ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2012-03-21 16:25:04 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2012-03-21 16:25:04 -0400
commit: 3556485f1595e3964ba539e39ea682acbb835cee (patch)
tree: 7f5ee254f425b1427ac0059b5f347a307f8538a1 /include/linux/security.h
parent: b8716614a7cc2fc15ea2a518edd04755fb08d922 (diff)
parent: 09f61cdbb32a9d812c618d3922db533542736bb0 (diff)
1 files changed, 38 insertions, 42 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index c8949385e56e..673afbb8238a 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -22,22 +22,36 @@
 #ifndef __LINUX_SECURITY_H
 #define __LINUX_SECURITY_H
-#include <linux/fs.h>
-#include <linux/fsnotify.h>
-#include <linux/binfmts.h>
-#include <linux/dcache.h>
-#include <linux/signal.h>
-#include <linux/resource.h>
-#include <linux/sem.h>
-#include <linux/shm.h>
-#include <linux/mm.h> /* PAGE_ALIGN */
-#include <linux/msg.h>
-#include <linux/sched.h>
 #include <linux/key.h>
-#include <linux/xfrm.h>
+#include <linux/capability.h>
 #include <linux/slab.h>
-#include <linux/xattr.h>
+#include <linux/err.h>
-#include <net/flow.h>
+struct linux_binprm;
+struct cred;
+struct rlimit;
+struct siginfo;
+struct sem_array;
+struct sembuf;
+struct kern_ipc_perm;
+struct audit_context;
+struct super_block;
+struct inode;
+struct dentry;
+struct file;
+struct vfsmount;
+struct path;
+struct qstr;
+struct nameidata;
+struct iattr;
+struct fown_struct;
+struct file_operations;
+struct shmid_kernel;
+struct msg_msg;
+struct msg_queue;
+struct xattr;
+struct xfrm_sec_ctx;
+struct mm_struct;
 /* Maximum number of letters for an LSM name string */
 #define SECURITY_NAME_MAX       10
@@ -49,6 +63,7 @@
 struct ctl_table;
 struct audit_krule;
 struct user_namespace;
+struct timezone;
 /*
 * These functions are in security/capability.c and are used
@@ -131,18 +146,6 @@ struct request_sock;
 #define LSM_UNSAFE_PTRACE_CAP   4
 #ifdef CONFIG_MMU
-/*
- * If a hint addr is less than mmap_min_addr change hint to be as
- * low as possible but still greater than mmap_min_addr
- */
-static inline unsigned long round_hint_to_min(unsigned long hint)
-{
-        hint &= PAGE_MASK;
-        if (((void *)hint != NULL) &&
-            (hint < mmap_min_addr))
-                return PAGE_ALIGN(mmap_min_addr);
-        return hint;
-}
 extern int mmap_min_addr_handler(struct ctl_table *table, int write,
                                 void __user *buffer, size_t *lenp, loff_t *ppos);
 #endif
@@ -651,6 +654,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *      manual page for definitions of the @clone_flags.
 *      @clone_flags contains the flags indicating what should be shared.
 *      Return 0 if permission is granted.
+ * @task_free:
+ *      @task task being freed
+ *      Handle release of task-related resources. (Note that this can be called
+ *      from interrupt context.)
 * @cred_alloc_blank:
 *      @cred points to the credentials.
 *      @gfp indicates the atomicity of any memory allocations.
@@ -1493,6 +1500,7 @@ struct security_operations {
        int (*dentry_open) (struct file *file, const struct cred *cred);
        int (*task_create) (unsigned long clone_flags);
+        void (*task_free) (struct task_struct *task);
        int (*cred_alloc_blank) (struct cred *cred, gfp_t gfp);
        void (*cred_free) (struct cred *cred);
        int (*cred_prepare)(struct cred *new, const struct cred *old,
@@ -1674,9 +1682,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb);
 int security_quota_on(struct dentry *dentry);
 int security_syslog(int type);
 int security_settime(const struct timespec *ts, const struct timezone *tz);
-int security_vm_enough_memory(long pages);
 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
-int security_vm_enough_memory_kern(long pages);
 int security_bprm_set_creds(struct linux_binprm *bprm);
 int security_bprm_check(struct linux_binprm *bprm);
 void security_bprm_committing_creds(struct linux_binprm *bprm);
@@ -1752,6 +1758,7 @@ int security_file_send_sigiotask(struct task_struct *tsk,
 int security_file_receive(struct file *file);
 int security_dentry_open(struct file *file, const struct cred *cred);
 int security_task_create(unsigned long clone_flags);
+void security_task_free(struct task_struct *task);
 int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
 void security_cred_free(struct cred *cred);
 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp);
@@ -1896,25 +1903,11 @@ static inline int security_settime(const struct timespec *ts,
        return cap_settime(ts, tz);
 }
-static inline int security_vm_enough_memory(long pages)
-{
-        WARN_ON(current->mm == NULL);
-        return cap_vm_enough_memory(current->mm, pages);
-}
 static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
 {
-        WARN_ON(mm == NULL);
        return cap_vm_enough_memory(mm, pages);
 }
-static inline int security_vm_enough_memory_kern(long pages)
-{
-        /* If current->mm is a kernel thread then we will pass NULL,
-           for this specific case that is fine */
-        return cap_vm_enough_memory(current->mm, pages);
-}
 static inline int security_bprm_set_creds(struct linux_binprm *bprm)
 {
        return cap_bprm_set_creds(bprm);
@@ -2245,6 +2238,9 @@ static inline int security_task_create(unsigned long clone_flags)
        return 0;
 }
+static inline void security_task_free(struct task_struct *task)
+{ }
 static inline int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
 {
        return 0;
author	Linus Torvalds <torvalds@linux-foundation.org>	2012-03-21 16:25:04 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2012-03-21 16:25:04 -0400
commit	3556485f1595e3964ba539e39ea682acbb835cee (patch)
tree	7f5ee254f425b1427ac0059b5f347a307f8538a1 /include/linux/security.h
parent	b8716614a7cc2fc15ea2a518edd04755fb08d922 (diff)
parent	09f61cdbb32a9d812c618d3922db533542736bb0 (diff)

diff --git a/include/linux/security.h b/include/linux/security.h index c8949385e56e..673afbb8238a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h
@@ -22,22 +22,36 @@
22	#ifndef __LINUX_SECURITY_H	22	#ifndef __LINUX_SECURITY_H
23	#define __LINUX_SECURITY_H	23	#define __LINUX_SECURITY_H
24		24
25	#include <linux/fs.h>
26	#include <linux/fsnotify.h>
27	#include <linux/binfmts.h>
28	#include <linux/dcache.h>
29	#include <linux/signal.h>
30	#include <linux/resource.h>
31	#include <linux/sem.h>
32	#include <linux/shm.h>
33	#include <linux/mm.h> /* PAGE_ALIGN */
34	#include <linux/msg.h>
35	#include <linux/sched.h>
36	#include <linux/key.h>	25	#include <linux/key.h>
37	#include <linux/xfrm.h>	26	#include <linux/capability.h>
38	#include <linux/slab.h>	27	#include <linux/slab.h>
39	#include <linux/xattr.h>	28	#include <linux/err.h>
40	#include <net/flow.h>	29
		30	struct linux_binprm;
		31	struct cred;
		32	struct rlimit;
		33	struct siginfo;
		34	struct sem_array;
		35	struct sembuf;
		36	struct kern_ipc_perm;
		37	struct audit_context;
		38	struct super_block;
		39	struct inode;
		40	struct dentry;
		41	struct file;
		42	struct vfsmount;
		43	struct path;
		44	struct qstr;
		45	struct nameidata;
		46	struct iattr;
		47	struct fown_struct;
		48	struct file_operations;
		49	struct shmid_kernel;
		50	struct msg_msg;
		51	struct msg_queue;
		52	struct xattr;
		53	struct xfrm_sec_ctx;
		54	struct mm_struct;
41		55
42	/* Maximum number of letters for an LSM name string */	56	/* Maximum number of letters for an LSM name string */
43	#define SECURITY_NAME_MAX 10	57	#define SECURITY_NAME_MAX 10
@@ -49,6 +63,7 @@
49	struct ctl_table;	63	struct ctl_table;
50	struct audit_krule;	64	struct audit_krule;
51	struct user_namespace;	65	struct user_namespace;
		66	struct timezone;
52		67
53	/*	68	/*
54	* These functions are in security/capability.c and are used	69	* These functions are in security/capability.c and are used
@@ -131,18 +146,6 @@ struct request_sock;
131	#define LSM_UNSAFE_PTRACE_CAP 4	146	#define LSM_UNSAFE_PTRACE_CAP 4
132		147
133	#ifdef CONFIG_MMU	148	#ifdef CONFIG_MMU
134	/*
135	* If a hint addr is less than mmap_min_addr change hint to be as
136	* low as possible but still greater than mmap_min_addr
137	*/
138	static inline unsigned long round_hint_to_min(unsigned long hint)
139	{
140	hint &= PAGE_MASK;
141	if (((void *)hint != NULL) &&
142	(hint < mmap_min_addr))
143	return PAGE_ALIGN(mmap_min_addr);
144	return hint;
145	}
146	extern int mmap_min_addr_handler(struct ctl_table *table, int write,	149	extern int mmap_min_addr_handler(struct ctl_table *table, int write,
147	void __user buffer, size_t lenp, loff_t *ppos);	150	void __user buffer, size_t lenp, loff_t *ppos);
148	#endif	151	#endif
@@ -651,6 +654,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
651	* manual page for definitions of the @clone_flags.	654	* manual page for definitions of the @clone_flags.
652	* @clone_flags contains the flags indicating what should be shared.	655	* @clone_flags contains the flags indicating what should be shared.
653	* Return 0 if permission is granted.	656	* Return 0 if permission is granted.
		657	* @task_free:
		658	* @task task being freed
		659	* Handle release of task-related resources. (Note that this can be called
		660	* from interrupt context.)
654	* @cred_alloc_blank:	661	* @cred_alloc_blank:
655	* @cred points to the credentials.	662	* @cred points to the credentials.
656	* @gfp indicates the atomicity of any memory allocations.	663	* @gfp indicates the atomicity of any memory allocations.
@@ -1493,6 +1500,7 @@ struct security_operations {
1493	int (dentry_open) (struct file file, const struct cred *cred);	1500	int (dentry_open) (struct file file, const struct cred *cred);
1494		1501
1495	int (*task_create) (unsigned long clone_flags);	1502	int (*task_create) (unsigned long clone_flags);
		1503	void (task_free) (struct task_struct task);
1496	int (cred_alloc_blank) (struct cred cred, gfp_t gfp);	1504	int (cred_alloc_blank) (struct cred cred, gfp_t gfp);
1497	void (cred_free) (struct cred cred);	1505	void (cred_free) (struct cred cred);
1498	int (cred_prepare)(struct cred new, const struct cred *old,	1506	int (cred_prepare)(struct cred new, const struct cred *old,
@@ -1674,9 +1682,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb);
1674	int security_quota_on(struct dentry *dentry);	1682	int security_quota_on(struct dentry *dentry);
1675	int security_syslog(int type);	1683	int security_syslog(int type);
1676	int security_settime(const struct timespec ts, const struct timezone tz);	1684	int security_settime(const struct timespec ts, const struct timezone tz);
1677	int security_vm_enough_memory(long pages);
1678	int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);	1685	int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
1679	int security_vm_enough_memory_kern(long pages);
1680	int security_bprm_set_creds(struct linux_binprm *bprm);	1686	int security_bprm_set_creds(struct linux_binprm *bprm);
1681	int security_bprm_check(struct linux_binprm *bprm);	1687	int security_bprm_check(struct linux_binprm *bprm);
1682	void security_bprm_committing_creds(struct linux_binprm *bprm);	1688	void security_bprm_committing_creds(struct linux_binprm *bprm);
@@ -1752,6 +1758,7 @@ int security_file_send_sigiotask(struct task_struct *tsk,
1752	int security_file_receive(struct file *file);	1758	int security_file_receive(struct file *file);
1753	int security_dentry_open(struct file file, const struct cred cred);	1759	int security_dentry_open(struct file file, const struct cred cred);
1754	int security_task_create(unsigned long clone_flags);	1760	int security_task_create(unsigned long clone_flags);
		1761	void security_task_free(struct task_struct *task);
1755	int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);	1762	int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
1756	void security_cred_free(struct cred *cred);	1763	void security_cred_free(struct cred *cred);
1757	int security_prepare_creds(struct cred new, const struct cred old, gfp_t gfp);	1764	int security_prepare_creds(struct cred new, const struct cred old, gfp_t gfp);
@@ -1896,25 +1903,11 @@ static inline int security_settime(const struct timespec *ts,
1896	return cap_settime(ts, tz);	1903	return cap_settime(ts, tz);
1897	}	1904	}
1898		1905
1899	static inline int security_vm_enough_memory(long pages)
1900	{
1901	WARN_ON(current->mm == NULL);
1902	return cap_vm_enough_memory(current->mm, pages);
1903	}
1904
1905	static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)	1906	static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
1906	{	1907	{
1907	WARN_ON(mm == NULL);
1908	return cap_vm_enough_memory(mm, pages);	1908	return cap_vm_enough_memory(mm, pages);
1909	}	1909	}
1910		1910
1911	static inline int security_vm_enough_memory_kern(long pages)
1912	{
1913	/* If current->mm is a kernel thread then we will pass NULL,
1914	for this specific case that is fine */
1915	return cap_vm_enough_memory(current->mm, pages);
1916	}
1917
1918	static inline int security_bprm_set_creds(struct linux_binprm *bprm)	1911	static inline int security_bprm_set_creds(struct linux_binprm *bprm)
1919	{	1912	{
1920	return cap_bprm_set_creds(bprm);	1913	return cap_bprm_set_creds(bprm);
@@ -2245,6 +2238,9 @@ static inline int security_task_create(unsigned long clone_flags)
2245	return 0;	2238	return 0;
2246	}	2239	}
2247		2240
		2241	static inline void security_task_free(struct task_struct *task)
		2242	{ }
		2243
2248	static inline int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)	2244	static inline int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
2249	{	2245	{
2250	return 0;	2246	return 0;