aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/signal.c
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@tv-sign.ru>2008-04-30 03:52:42 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-04-30 11:29:34 -0400
commit3b5e9e53c6f31b5a5a0f5c43707503c62bdefa46 (patch)
tree1244b7cf2755c06a8a793149ce4717e4a1311218 /kernel/signal.c
parent9e3bd6c3fb2334be171e69b432039cd18bce4458 (diff)
signals: cleanup security_task_kill() usage/implementation
Every implementation of ->task_kill() does nothing when the signal comes from the kernel. This is correct, but means that check_kill_permission() should call security_task_kill() only for SI_FROMUSER() case, and we can remove the same check from ->task_kill() implementations. (sadly, check_kill_permission() is the last user of signal->session/__session but we can't s/task_session_nr/task_session/ here). NOTE: Eric W. Biederman pointed out cap_task_kill() should die, and I think he is very right. Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Serge Hallyn <serue@us.ibm.com> Cc: Roland McGrath <roland@redhat.com> Cc: Casey Schaufler <casey@schaufler-ca.com> Cc: David Quigley <dpquigl@tycho.nsa.gov> Cc: Eric Paris <eparis@redhat.com> Cc: Harald Welte <laforge@gnumonks.org> Cc: Pavel Emelyanov <xemul@openvz.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/signal.c')
-rw-r--r--kernel/signal.c27
1 files changed, 14 insertions, 13 deletions
diff --git a/kernel/signal.c b/kernel/signal.c
index f9a52c721274..91d57f89f5a5 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -533,22 +533,23 @@ static int rm_from_queue(unsigned long mask, struct sigpending *s)
533static int check_kill_permission(int sig, struct siginfo *info, 533static int check_kill_permission(int sig, struct siginfo *info,
534 struct task_struct *t) 534 struct task_struct *t)
535{ 535{
536 int error = -EINVAL; 536 int error;
537
537 if (!valid_signal(sig)) 538 if (!valid_signal(sig))
538 return error; 539 return -EINVAL;
539 540
540 if (info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) { 541 if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info)))
541 error = audit_signal_info(sig, t); /* Let audit system see the signal */ 542 return 0;
542 if (error) 543
543 return error; 544 error = audit_signal_info(sig, t); /* Let audit system see the signal */
544 error = -EPERM; 545 if (error)
545 if (((sig != SIGCONT) ||
546 (task_session_nr(current) != task_session_nr(t)))
547 && (current->euid ^ t->suid) && (current->euid ^ t->uid)
548 && (current->uid ^ t->suid) && (current->uid ^ t->uid)
549 && !capable(CAP_KILL))
550 return error; 546 return error;
551 } 547
548 if (((sig != SIGCONT) || (task_session_nr(current) != task_session_nr(t)))
549 && (current->euid ^ t->suid) && (current->euid ^ t->uid)
550 && (current->uid ^ t->suid) && (current->uid ^ t->uid)
551 && !capable(CAP_KILL))
552 return -EPERM;
552 553
553 return security_task_kill(t, info, sig, 0); 554 return security_task_kill(t, info, sig, 0);
554} 555}