diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-14 21:36:33 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-14 21:36:33 -0500 |
| commit | c49c41a4134679cecb77362e7f6b59acb6320aa7 (patch) | |
| tree | 45e690c036ca5846a48c8be67945d1d841b2d96d /include | |
| parent | 892d208bcf79e4e1058707786a7b6d486697cd78 (diff) | |
| parent | f423e5ba76e7e4a6fcb4836b4f072d1fdebba8b5 (diff) | |
Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security
* 'for-linus' of git://selinuxproject.org/~jmorris/linux-security:
capabilities: remove __cap_full_set definition
security: remove the security_netlink_recv hook as it is equivalent to capable()
ptrace: do not audit capability check when outputing /proc/pid/stat
capabilities: remove task_ns_* functions
capabitlies: ns_capable can use the cap helpers rather than lsm call
capabilities: style only - move capable below ns_capable
capabilites: introduce new has_ns_capabilities_noaudit
capabilities: call has_ns_capability from has_capability
capabilities: remove all _real_ interfaces
capabilities: introduce security_capable_noaudit
capabilities: reverse arguments to security_capable
capabilities: remove the task from capable LSM hook entirely
selinux: sparse fix: fix several warnings in the security server cod
selinux: sparse fix: fix warnings in netlink code
selinux: sparse fix: eliminate warnings for selinuxfs
selinux: sparse fix: declare selinux_disable() in security.h
selinux: sparse fix: move selinux_complete_init
selinux: sparse fix: make selinux_secmark_refcount static
SELinux: Fix RCU deref check warning in sel_netport_insert()
Manually fix up a semantic mis-merge wrt security_netlink_recv():
- the interface was removed in commit fd7784615248 ("security: remove
the security_netlink_recv hook as it is equivalent to capable()")
- a new user of it appeared in commit a38f7907b926 ("crypto: Add
userspace configuration API")
causing no automatic merge conflict, but Eric Paris pointed out the
issue.
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/capability.h | 4 | ||||
| -rw-r--r-- | include/linux/cred.h | 6 | ||||
| -rw-r--r-- | include/linux/ptrace.h | 5 | ||||
| -rw-r--r-- | include/linux/security.h | 60 |
4 files changed, 22 insertions, 53 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h index a63d13d84ad8..12d52dedb229 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h | |||
| @@ -380,7 +380,6 @@ struct user_namespace; | |||
| 380 | struct user_namespace *current_user_ns(void); | 380 | struct user_namespace *current_user_ns(void); |
| 381 | 381 | ||
| 382 | extern const kernel_cap_t __cap_empty_set; | 382 | extern const kernel_cap_t __cap_empty_set; |
| 383 | extern const kernel_cap_t __cap_full_set; | ||
| 384 | extern const kernel_cap_t __cap_init_eff_set; | 383 | extern const kernel_cap_t __cap_init_eff_set; |
| 385 | 384 | ||
| 386 | /* | 385 | /* |
| @@ -544,9 +543,10 @@ extern bool has_capability(struct task_struct *t, int cap); | |||
| 544 | extern bool has_ns_capability(struct task_struct *t, | 543 | extern bool has_ns_capability(struct task_struct *t, |
| 545 | struct user_namespace *ns, int cap); | 544 | struct user_namespace *ns, int cap); |
| 546 | extern bool has_capability_noaudit(struct task_struct *t, int cap); | 545 | extern bool has_capability_noaudit(struct task_struct *t, int cap); |
| 546 | extern bool has_ns_capability_noaudit(struct task_struct *t, | ||
| 547 | struct user_namespace *ns, int cap); | ||
| 547 | extern bool capable(int cap); | 548 | extern bool capable(int cap); |
| 548 | extern bool ns_capable(struct user_namespace *ns, int cap); | 549 | extern bool ns_capable(struct user_namespace *ns, int cap); |
| 549 | extern bool task_ns_capable(struct task_struct *t, int cap); | ||
| 550 | extern bool nsown_capable(int cap); | 550 | extern bool nsown_capable(int cap); |
| 551 | 551 | ||
| 552 | /* audit system wants to get cap info from files as well */ | 552 | /* audit system wants to get cap info from files as well */ |
diff --git a/include/linux/cred.h b/include/linux/cred.h index 40308969ed00..adadf71a7327 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h | |||
| @@ -358,10 +358,12 @@ static inline void put_cred(const struct cred *_cred) | |||
| 358 | #define current_security() (current_cred_xxx(security)) | 358 | #define current_security() (current_cred_xxx(security)) |
| 359 | 359 | ||
| 360 | #ifdef CONFIG_USER_NS | 360 | #ifdef CONFIG_USER_NS |
| 361 | #define current_user_ns() (current_cred_xxx(user_ns)) | 361 | #define current_user_ns() (current_cred_xxx(user_ns)) |
| 362 | #define task_user_ns(task) (task_cred_xxx((task), user_ns)) | ||
| 362 | #else | 363 | #else |
| 363 | extern struct user_namespace init_user_ns; | 364 | extern struct user_namespace init_user_ns; |
| 364 | #define current_user_ns() (&init_user_ns) | 365 | #define current_user_ns() (&init_user_ns) |
| 366 | #define task_user_ns(task) (&init_user_ns) | ||
| 365 | #endif | 367 | #endif |
| 366 | 368 | ||
| 367 | 369 | ||
diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h index 800f113bea66..a27e56ca41a4 100644 --- a/include/linux/ptrace.h +++ b/include/linux/ptrace.h | |||
| @@ -127,8 +127,9 @@ extern void __ptrace_link(struct task_struct *child, | |||
| 127 | struct task_struct *new_parent); | 127 | struct task_struct *new_parent); |
| 128 | extern void __ptrace_unlink(struct task_struct *child); | 128 | extern void __ptrace_unlink(struct task_struct *child); |
| 129 | extern void exit_ptrace(struct task_struct *tracer); | 129 | extern void exit_ptrace(struct task_struct *tracer); |
| 130 | #define PTRACE_MODE_READ 1 | 130 | #define PTRACE_MODE_READ 0x01 |
| 131 | #define PTRACE_MODE_ATTACH 2 | 131 | #define PTRACE_MODE_ATTACH 0x02 |
| 132 | #define PTRACE_MODE_NOAUDIT 0x04 | ||
| 132 | /* Returns 0 on success, -errno on denial. */ | 133 | /* Returns 0 on success, -errno on denial. */ |
| 133 | extern int __ptrace_may_access(struct task_struct *task, unsigned int mode); | 134 | extern int __ptrace_may_access(struct task_struct *task, unsigned int mode); |
| 134 | /* Returns true on success, false on denial. */ | 135 | /* Returns true on success, false on denial. */ |
diff --git a/include/linux/security.h b/include/linux/security.h index 0ccceb9b1046..83c18e8c846d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -54,8 +54,8 @@ struct user_namespace; | |||
| 54 | * These functions are in security/capability.c and are used | 54 | * These functions are in security/capability.c and are used |
| 55 | * as the default capabilities functions | 55 | * as the default capabilities functions |
| 56 | */ | 56 | */ |
| 57 | extern int cap_capable(struct task_struct *tsk, const struct cred *cred, | 57 | extern int cap_capable(const struct cred *cred, struct user_namespace *ns, |
| 58 | struct user_namespace *ns, int cap, int audit); | 58 | int cap, int audit); |
| 59 | extern int cap_settime(const struct timespec *ts, const struct timezone *tz); | 59 | extern int cap_settime(const struct timespec *ts, const struct timezone *tz); |
| 60 | extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode); | 60 | extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode); |
| 61 | extern int cap_ptrace_traceme(struct task_struct *parent); | 61 | extern int cap_ptrace_traceme(struct task_struct *parent); |
| @@ -96,7 +96,6 @@ struct xfrm_user_sec_ctx; | |||
| 96 | struct seq_file; | 96 | struct seq_file; |
| 97 | 97 | ||
| 98 | extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); | 98 | extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); |
| 99 | extern int cap_netlink_recv(struct sk_buff *skb, int cap); | ||
| 100 | 99 | ||
| 101 | void reset_security_ops(void); | 100 | void reset_security_ops(void); |
| 102 | 101 | ||
| @@ -799,12 +798,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 799 | * @skb contains the sk_buff structure for the netlink message. | 798 | * @skb contains the sk_buff structure for the netlink message. |
| 800 | * Return 0 if the information was successfully saved and message | 799 | * Return 0 if the information was successfully saved and message |
| 801 | * is allowed to be transmitted. | 800 | * is allowed to be transmitted. |
| 802 | * @netlink_recv: | ||
| 803 | * Check permission before processing the received netlink message in | ||
| 804 | * @skb. | ||
| 805 | * @skb contains the sk_buff structure for the netlink message. | ||
| 806 | * @cap indicates the capability required | ||
| 807 | * Return 0 if permission is granted. | ||
| 808 | * | 801 | * |
| 809 | * Security hooks for Unix domain networking. | 802 | * Security hooks for Unix domain networking. |
| 810 | * | 803 | * |
| @@ -1268,7 +1261,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 1268 | * @capable: | 1261 | * @capable: |
| 1269 | * Check whether the @tsk process has the @cap capability in the indicated | 1262 | * Check whether the @tsk process has the @cap capability in the indicated |
| 1270 | * credentials. | 1263 | * credentials. |
| 1271 | * @tsk contains the task_struct for the process. | ||
| 1272 | * @cred contains the credentials to use. | 1264 | * @cred contains the credentials to use. |
| 1273 | * @ns contains the user namespace we want the capability in | 1265 | * @ns contains the user namespace we want the capability in |
| 1274 | * @cap contains the capability <include/linux/capability.h>. | 1266 | * @cap contains the capability <include/linux/capability.h>. |
| @@ -1392,8 +1384,8 @@ struct security_operations { | |||
| 1392 | const kernel_cap_t *effective, | 1384 | const kernel_cap_t *effective, |
| 1393 | const kernel_cap_t *inheritable, | 1385 | const kernel_cap_t *inheritable, |
| 1394 | const kernel_cap_t *permitted); | 1386 | const kernel_cap_t *permitted); |
| 1395 | int (*capable) (struct task_struct *tsk, const struct cred *cred, | 1387 | int (*capable) (const struct cred *cred, struct user_namespace *ns, |
| 1396 | struct user_namespace *ns, int cap, int audit); | 1388 | int cap, int audit); |
| 1397 | int (*quotactl) (int cmds, int type, int id, struct super_block *sb); | 1389 | int (*quotactl) (int cmds, int type, int id, struct super_block *sb); |
| 1398 | int (*quota_on) (struct dentry *dentry); | 1390 | int (*quota_on) (struct dentry *dentry); |
| 1399 | int (*syslog) (int type); | 1391 | int (*syslog) (int type); |
| @@ -1563,7 +1555,6 @@ struct security_operations { | |||
| 1563 | struct sembuf *sops, unsigned nsops, int alter); | 1555 | struct sembuf *sops, unsigned nsops, int alter); |
| 1564 | 1556 | ||
| 1565 | int (*netlink_send) (struct sock *sk, struct sk_buff *skb); | 1557 | int (*netlink_send) (struct sock *sk, struct sk_buff *skb); |
| 1566 | int (*netlink_recv) (struct sk_buff *skb, int cap); | ||
| 1567 | 1558 | ||
| 1568 | void (*d_instantiate) (struct dentry *dentry, struct inode *inode); | 1559 | void (*d_instantiate) (struct dentry *dentry, struct inode *inode); |
| 1569 | 1560 | ||
| @@ -1675,12 +1666,10 @@ int security_capset(struct cred *new, const struct cred *old, | |||
| 1675 | const kernel_cap_t *effective, | 1666 | const kernel_cap_t *effective, |
| 1676 | const kernel_cap_t *inheritable, | 1667 | const kernel_cap_t *inheritable, |
| 1677 | const kernel_cap_t *permitted); | 1668 | const kernel_cap_t *permitted); |
| 1678 | int security_capable(struct user_namespace *ns, const struct cred *cred, | 1669 | int security_capable(const struct cred *cred, struct user_namespace *ns, |
| 1679 | int cap); | ||
| 1680 | int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, | ||
| 1681 | int cap); | 1670 | int cap); |
| 1682 | int security_real_capable_noaudit(struct task_struct *tsk, | 1671 | int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, |
| 1683 | struct user_namespace *ns, int cap); | 1672 | int cap); |
| 1684 | int security_quotactl(int cmds, int type, int id, struct super_block *sb); | 1673 | int security_quotactl(int cmds, int type, int id, struct super_block *sb); |
| 1685 | int security_quota_on(struct dentry *dentry); | 1674 | int security_quota_on(struct dentry *dentry); |
| 1686 | int security_syslog(int type); | 1675 | int security_syslog(int type); |
| @@ -1817,7 +1806,6 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode); | |||
| 1817 | int security_getprocattr(struct task_struct *p, char *name, char **value); | 1806 | int security_getprocattr(struct task_struct *p, char *name, char **value); |
| 1818 | int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); | 1807 | int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); |
| 1819 | int security_netlink_send(struct sock *sk, struct sk_buff *skb); | 1808 | int security_netlink_send(struct sock *sk, struct sk_buff *skb); |
| 1820 | int security_netlink_recv(struct sk_buff *skb, int cap); | ||
| 1821 | int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); | 1809 | int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); |
| 1822 | int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); | 1810 | int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); |
| 1823 | void security_release_secctx(char *secdata, u32 seclen); | 1811 | void security_release_secctx(char *secdata, u32 seclen); |
| @@ -1875,32 +1863,15 @@ static inline int security_capset(struct cred *new, | |||
| 1875 | return cap_capset(new, old, effective, inheritable, permitted); | 1863 | return cap_capset(new, old, effective, inheritable, permitted); |
| 1876 | } | 1864 | } |
| 1877 | 1865 | ||
| 1878 | static inline int security_capable(struct user_namespace *ns, | 1866 | static inline int security_capable(const struct cred *cred, |
| 1879 | const struct cred *cred, int cap) | 1867 | struct user_namespace *ns, int cap) |
| 1880 | { | ||
| 1881 | return cap_capable(current, cred, ns, cap, SECURITY_CAP_AUDIT); | ||
| 1882 | } | ||
| 1883 | |||
| 1884 | static inline int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) | ||
| 1885 | { | 1868 | { |
| 1886 | int ret; | 1869 | return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT); |
| 1887 | |||
| 1888 | rcu_read_lock(); | ||
| 1889 | ret = cap_capable(tsk, __task_cred(tsk), ns, cap, SECURITY_CAP_AUDIT); | ||
| 1890 | rcu_read_unlock(); | ||
| 1891 | return ret; | ||
| 1892 | } | 1870 | } |
| 1893 | 1871 | ||
| 1894 | static inline | 1872 | static inline int security_capable_noaudit(const struct cred *cred, |
| 1895 | int security_real_capable_noaudit(struct task_struct *tsk, struct user_namespace *ns, int cap) | 1873 | struct user_namespace *ns, int cap) { |
| 1896 | { | 1874 | return cap_capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); |
| 1897 | int ret; | ||
| 1898 | |||
| 1899 | rcu_read_lock(); | ||
| 1900 | ret = cap_capable(tsk, __task_cred(tsk), ns, cap, | ||
| 1901 | SECURITY_CAP_NOAUDIT); | ||
| 1902 | rcu_read_unlock(); | ||
| 1903 | return ret; | ||
| 1904 | } | 1875 | } |
| 1905 | 1876 | ||
| 1906 | static inline int security_quotactl(int cmds, int type, int id, | 1877 | static inline int security_quotactl(int cmds, int type, int id, |
| @@ -2517,11 +2488,6 @@ static inline int security_netlink_send(struct sock *sk, struct sk_buff *skb) | |||
| 2517 | return cap_netlink_send(sk, skb); | 2488 | return cap_netlink_send(sk, skb); |
| 2518 | } | 2489 | } |
| 2519 | 2490 | ||
| 2520 | static inline int security_netlink_recv(struct sk_buff *skb, int cap) | ||
| 2521 | { | ||
| 2522 | return cap_netlink_recv(skb, cap); | ||
| 2523 | } | ||
| 2524 | |||
| 2525 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) | 2491 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) |
| 2526 | { | 2492 | { |
| 2527 | return -EOPNOTSUPP; | 2493 | return -EOPNOTSUPP; |