diff options
author | Catherine Zhang <cxzhang@watson.ibm.com> | 2006-08-02 17:12:06 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2006-08-02 17:12:06 -0400 |
commit | dc49c1f94e3469d94b952e8f5160dd4ccd791d79 (patch) | |
tree | e47b1974c262a03dbabf0a148325d9089817e78e /include/linux | |
parent | 2b7e24b66d31d677d76b49918e711eb360c978b6 (diff) |
[AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch
From: Catherine Zhang <cxzhang@watson.ibm.com>
This patch implements a cleaner fix for the memory leak problem of the
original unix datagram getpeersec patch. Instead of creating a
security context each time a unix datagram is sent, we only create the
security context when the receiver requests it.
This new design requires modification of the current
unix_getsecpeer_dgram LSM hook and addition of two new hooks, namely,
secid_to_secctx and release_secctx. The former retrieves the security
context and the latter releases it. A hook is required for releasing
the security context because it is up to the security module to decide
how that's done. In the case of Selinux, it's a simple kfree
operation.
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/security.h | 41 |
1 files changed, 35 insertions, 6 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index f75303831d09..aa5b8043dc38 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -1109,6 +1109,16 @@ struct swap_info_struct; | |||
1109 | * @name contains the name of the security module being unstacked. | 1109 | * @name contains the name of the security module being unstacked. |
1110 | * @ops contains a pointer to the struct security_operations of the module to unstack. | 1110 | * @ops contains a pointer to the struct security_operations of the module to unstack. |
1111 | * | 1111 | * |
1112 | * @secid_to_secctx: | ||
1113 | * Convert secid to security context. | ||
1114 | * @secid contains the security ID. | ||
1115 | * @secdata contains the pointer that stores the converted security context. | ||
1116 | * | ||
1117 | * @release_secctx: | ||
1118 | * Release the security context. | ||
1119 | * @secdata contains the security context. | ||
1120 | * @seclen contains the length of the security context. | ||
1121 | * | ||
1112 | * This is the main security structure. | 1122 | * This is the main security structure. |
1113 | */ | 1123 | */ |
1114 | struct security_operations { | 1124 | struct security_operations { |
@@ -1289,6 +1299,8 @@ struct security_operations { | |||
1289 | 1299 | ||
1290 | int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size); | 1300 | int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size); |
1291 | int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); | 1301 | int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); |
1302 | int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); | ||
1303 | void (*release_secctx)(char *secdata, u32 seclen); | ||
1292 | 1304 | ||
1293 | #ifdef CONFIG_SECURITY_NETWORK | 1305 | #ifdef CONFIG_SECURITY_NETWORK |
1294 | int (*unix_stream_connect) (struct socket * sock, | 1306 | int (*unix_stream_connect) (struct socket * sock, |
@@ -1317,7 +1329,7 @@ struct security_operations { | |||
1317 | int (*socket_shutdown) (struct socket * sock, int how); | 1329 | int (*socket_shutdown) (struct socket * sock, int how); |
1318 | int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); | 1330 | int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); |
1319 | int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); | 1331 | int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); |
1320 | int (*socket_getpeersec_dgram) (struct sk_buff *skb, char **secdata, u32 *seclen); | 1332 | int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid); |
1321 | int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); | 1333 | int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); |
1322 | void (*sk_free_security) (struct sock *sk); | 1334 | void (*sk_free_security) (struct sock *sk); |
1323 | unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir); | 1335 | unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir); |
@@ -2059,6 +2071,16 @@ static inline int security_netlink_recv(struct sk_buff * skb, int cap) | |||
2059 | return security_ops->netlink_recv(skb, cap); | 2071 | return security_ops->netlink_recv(skb, cap); |
2060 | } | 2072 | } |
2061 | 2073 | ||
2074 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) | ||
2075 | { | ||
2076 | return security_ops->secid_to_secctx(secid, secdata, seclen); | ||
2077 | } | ||
2078 | |||
2079 | static inline void security_release_secctx(char *secdata, u32 seclen) | ||
2080 | { | ||
2081 | return security_ops->release_secctx(secdata, seclen); | ||
2082 | } | ||
2083 | |||
2062 | /* prototypes */ | 2084 | /* prototypes */ |
2063 | extern int security_init (void); | 2085 | extern int security_init (void); |
2064 | extern int register_security (struct security_operations *ops); | 2086 | extern int register_security (struct security_operations *ops); |
@@ -2725,6 +2747,15 @@ static inline void securityfs_remove(struct dentry *dentry) | |||
2725 | { | 2747 | { |
2726 | } | 2748 | } |
2727 | 2749 | ||
2750 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) | ||
2751 | { | ||
2752 | return -EOPNOTSUPP; | ||
2753 | } | ||
2754 | |||
2755 | static inline void security_release_secctx(char *secdata, u32 seclen) | ||
2756 | { | ||
2757 | return -EOPNOTSUPP; | ||
2758 | } | ||
2728 | #endif /* CONFIG_SECURITY */ | 2759 | #endif /* CONFIG_SECURITY */ |
2729 | 2760 | ||
2730 | #ifdef CONFIG_SECURITY_NETWORK | 2761 | #ifdef CONFIG_SECURITY_NETWORK |
@@ -2840,10 +2871,9 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __ | |||
2840 | return security_ops->socket_getpeersec_stream(sock, optval, optlen, len); | 2871 | return security_ops->socket_getpeersec_stream(sock, optval, optlen, len); |
2841 | } | 2872 | } |
2842 | 2873 | ||
2843 | static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, | 2874 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) |
2844 | u32 *seclen) | ||
2845 | { | 2875 | { |
2846 | return security_ops->socket_getpeersec_dgram(skb, secdata, seclen); | 2876 | return security_ops->socket_getpeersec_dgram(sock, skb, secid); |
2847 | } | 2877 | } |
2848 | 2878 | ||
2849 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) | 2879 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) |
@@ -2968,8 +2998,7 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __ | |||
2968 | return -ENOPROTOOPT; | 2998 | return -ENOPROTOOPT; |
2969 | } | 2999 | } |
2970 | 3000 | ||
2971 | static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, | 3001 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) |
2972 | u32 *seclen) | ||
2973 | { | 3002 | { |
2974 | return -ENOPROTOOPT; | 3003 | return -ENOPROTOOPT; |
2975 | } | 3004 | } |