diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2009-06-11 13:01:41 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-06-11 13:01:41 -0400 |
| commit | 3296ca27f50ecbd71db1d808c7a72d311027f919 (patch) | |
| tree | 833eaa58b2013bda86d4bd95faf6efad7a2d5ca4 /kernel | |
| parent | e893123c7378192c094747dadec326b7c000c190 (diff) | |
| parent | 73fbad283cfbbcf02939bdbda31fc4a30e729cca (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (44 commits)
nommu: Provide mmap_min_addr definition.
TOMOYO: Add description of lists and structures.
TOMOYO: Remove unused field.
integrity: ima audit dentry_open failure
TOMOYO: Remove unused parameter.
security: use mmap_min_addr indepedently of security models
TOMOYO: Simplify policy reader.
TOMOYO: Remove redundant markers.
SELinux: define audit permissions for audit tree netlink messages
TOMOYO: Remove unused mutex.
tomoyo: avoid get+put of task_struct
smack: Remove redundant initialization.
integrity: nfsd imbalance bug fix
rootplug: Remove redundant initialization.
smack: do not beyond ARRAY_SIZE of data
integrity: move ima_counts_get
integrity: path_check update
IMA: Add __init notation to ima functions
IMA: Minimal IMA policy and boot param for TCB IMA policy
selinux: remove obsolete read buffer limit from sel_read_bool
...
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/cred.c | 4 | ||||
| -rw-r--r-- | kernel/exit.c | 1 | ||||
| -rw-r--r-- | kernel/module.c | 7 | ||||
| -rw-r--r-- | kernel/ptrace.c | 9 | ||||
| -rw-r--r-- | kernel/signal.c | 11 | ||||
| -rw-r--r-- | kernel/sysctl.c | 14 |
6 files changed, 33 insertions, 13 deletions
diff --git a/kernel/cred.c b/kernel/cred.c index 3a039189d707..1bb4d7e5d616 100644 --- a/kernel/cred.c +++ b/kernel/cred.c | |||
| @@ -167,7 +167,7 @@ EXPORT_SYMBOL(prepare_creds); | |||
| 167 | 167 | ||
| 168 | /* | 168 | /* |
| 169 | * Prepare credentials for current to perform an execve() | 169 | * Prepare credentials for current to perform an execve() |
| 170 | * - The caller must hold current->cred_exec_mutex | 170 | * - The caller must hold current->cred_guard_mutex |
| 171 | */ | 171 | */ |
| 172 | struct cred *prepare_exec_creds(void) | 172 | struct cred *prepare_exec_creds(void) |
| 173 | { | 173 | { |
| @@ -276,7 +276,7 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags) | |||
| 276 | struct cred *new; | 276 | struct cred *new; |
| 277 | int ret; | 277 | int ret; |
| 278 | 278 | ||
| 279 | mutex_init(&p->cred_exec_mutex); | 279 | mutex_init(&p->cred_guard_mutex); |
| 280 | 280 | ||
| 281 | if ( | 281 | if ( |
| 282 | #ifdef CONFIG_KEYS | 282 | #ifdef CONFIG_KEYS |
diff --git a/kernel/exit.c b/kernel/exit.c index cab535c427b8..51d1fe3fb7ad 100644 --- a/kernel/exit.c +++ b/kernel/exit.c | |||
| @@ -1472,6 +1472,7 @@ static int wait_consider_task(struct task_struct *parent, int ptrace, | |||
| 1472 | */ | 1472 | */ |
| 1473 | if (*notask_error) | 1473 | if (*notask_error) |
| 1474 | *notask_error = ret; | 1474 | *notask_error = ret; |
| 1475 | return 0; | ||
| 1475 | } | 1476 | } |
| 1476 | 1477 | ||
| 1477 | if (likely(!ptrace) && unlikely(p->ptrace)) { | 1478 | if (likely(!ptrace) && unlikely(p->ptrace)) { |
diff --git a/kernel/module.c b/kernel/module.c index 2383e60fcf3f..278e9b6762bb 100644 --- a/kernel/module.c +++ b/kernel/module.c | |||
| @@ -73,6 +73,9 @@ DEFINE_MUTEX(module_mutex); | |||
| 73 | EXPORT_SYMBOL_GPL(module_mutex); | 73 | EXPORT_SYMBOL_GPL(module_mutex); |
| 74 | static LIST_HEAD(modules); | 74 | static LIST_HEAD(modules); |
| 75 | 75 | ||
| 76 | /* Block module loading/unloading? */ | ||
| 77 | int modules_disabled = 0; | ||
| 78 | |||
| 76 | /* Waiting for a module to finish initializing? */ | 79 | /* Waiting for a module to finish initializing? */ |
| 77 | static DECLARE_WAIT_QUEUE_HEAD(module_wq); | 80 | static DECLARE_WAIT_QUEUE_HEAD(module_wq); |
| 78 | 81 | ||
| @@ -778,7 +781,7 @@ SYSCALL_DEFINE2(delete_module, const char __user *, name_user, | |||
| 778 | char name[MODULE_NAME_LEN]; | 781 | char name[MODULE_NAME_LEN]; |
| 779 | int ret, forced = 0; | 782 | int ret, forced = 0; |
| 780 | 783 | ||
| 781 | if (!capable(CAP_SYS_MODULE)) | 784 | if (!capable(CAP_SYS_MODULE) || modules_disabled) |
| 782 | return -EPERM; | 785 | return -EPERM; |
| 783 | 786 | ||
| 784 | if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0) | 787 | if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0) |
| @@ -2338,7 +2341,7 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, | |||
| 2338 | int ret = 0; | 2341 | int ret = 0; |
| 2339 | 2342 | ||
| 2340 | /* Must have permission */ | 2343 | /* Must have permission */ |
| 2341 | if (!capable(CAP_SYS_MODULE)) | 2344 | if (!capable(CAP_SYS_MODULE) || modules_disabled) |
| 2342 | return -EPERM; | 2345 | return -EPERM; |
| 2343 | 2346 | ||
| 2344 | /* Only one module load at a time, please */ | 2347 | /* Only one module load at a time, please */ |
diff --git a/kernel/ptrace.c b/kernel/ptrace.c index 2442d140bd9a..f6d8b8cb5e34 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c | |||
| @@ -175,10 +175,11 @@ int ptrace_attach(struct task_struct *task) | |||
| 175 | if (same_thread_group(task, current)) | 175 | if (same_thread_group(task, current)) |
| 176 | goto out; | 176 | goto out; |
| 177 | 177 | ||
| 178 | /* Protect exec's credential calculations against our interference; | 178 | /* Protect the target's credential calculations against our |
| 179 | * SUID, SGID and LSM creds get determined differently under ptrace. | 179 | * interference; SUID, SGID and LSM creds get determined differently |
| 180 | * under ptrace. | ||
| 180 | */ | 181 | */ |
| 181 | retval = mutex_lock_interruptible(&task->cred_exec_mutex); | 182 | retval = mutex_lock_interruptible(&task->cred_guard_mutex); |
| 182 | if (retval < 0) | 183 | if (retval < 0) |
| 183 | goto out; | 184 | goto out; |
| 184 | 185 | ||
| @@ -222,7 +223,7 @@ repeat: | |||
| 222 | bad: | 223 | bad: |
| 223 | write_unlock_irqrestore(&tasklist_lock, flags); | 224 | write_unlock_irqrestore(&tasklist_lock, flags); |
| 224 | task_unlock(task); | 225 | task_unlock(task); |
| 225 | mutex_unlock(&task->cred_exec_mutex); | 226 | mutex_unlock(&task->cred_guard_mutex); |
| 226 | out: | 227 | out: |
| 227 | return retval; | 228 | return retval; |
| 228 | } | 229 | } |
diff --git a/kernel/signal.c b/kernel/signal.c index dba6ae99978a..809a228019ad 100644 --- a/kernel/signal.c +++ b/kernel/signal.c | |||
| @@ -247,14 +247,19 @@ void flush_sigqueue(struct sigpending *queue) | |||
| 247 | /* | 247 | /* |
| 248 | * Flush all pending signals for a task. | 248 | * Flush all pending signals for a task. |
| 249 | */ | 249 | */ |
| 250 | void __flush_signals(struct task_struct *t) | ||
| 251 | { | ||
| 252 | clear_tsk_thread_flag(t, TIF_SIGPENDING); | ||
| 253 | flush_sigqueue(&t->pending); | ||
| 254 | flush_sigqueue(&t->signal->shared_pending); | ||
| 255 | } | ||
| 256 | |||
| 250 | void flush_signals(struct task_struct *t) | 257 | void flush_signals(struct task_struct *t) |
| 251 | { | 258 | { |
| 252 | unsigned long flags; | 259 | unsigned long flags; |
| 253 | 260 | ||
| 254 | spin_lock_irqsave(&t->sighand->siglock, flags); | 261 | spin_lock_irqsave(&t->sighand->siglock, flags); |
| 255 | clear_tsk_thread_flag(t, TIF_SIGPENDING); | 262 | __flush_signals(t); |
| 256 | flush_sigqueue(&t->pending); | ||
| 257 | flush_sigqueue(&t->signal->shared_pending); | ||
| 258 | spin_unlock_irqrestore(&t->sighand->siglock, flags); | 263 | spin_unlock_irqrestore(&t->sighand->siglock, flags); |
| 259 | } | 264 | } |
| 260 | 265 | ||
diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 6a463716ecbf..944ba03cae19 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c | |||
| @@ -114,6 +114,7 @@ static int ngroups_max = NGROUPS_MAX; | |||
| 114 | 114 | ||
| 115 | #ifdef CONFIG_MODULES | 115 | #ifdef CONFIG_MODULES |
| 116 | extern char modprobe_path[]; | 116 | extern char modprobe_path[]; |
| 117 | extern int modules_disabled; | ||
| 117 | #endif | 118 | #endif |
| 118 | #ifdef CONFIG_CHR_DEV_SG | 119 | #ifdef CONFIG_CHR_DEV_SG |
| 119 | extern int sg_big_buff; | 120 | extern int sg_big_buff; |
| @@ -534,6 +535,17 @@ static struct ctl_table kern_table[] = { | |||
| 534 | .proc_handler = &proc_dostring, | 535 | .proc_handler = &proc_dostring, |
| 535 | .strategy = &sysctl_string, | 536 | .strategy = &sysctl_string, |
| 536 | }, | 537 | }, |
| 538 | { | ||
| 539 | .ctl_name = CTL_UNNUMBERED, | ||
| 540 | .procname = "modules_disabled", | ||
| 541 | .data = &modules_disabled, | ||
| 542 | .maxlen = sizeof(int), | ||
| 543 | .mode = 0644, | ||
| 544 | /* only handle a transition from default "0" to "1" */ | ||
| 545 | .proc_handler = &proc_dointvec_minmax, | ||
| 546 | .extra1 = &one, | ||
| 547 | .extra2 = &one, | ||
| 548 | }, | ||
| 537 | #endif | 549 | #endif |
| 538 | #if defined(CONFIG_HOTPLUG) && defined(CONFIG_NET) | 550 | #if defined(CONFIG_HOTPLUG) && defined(CONFIG_NET) |
| 539 | { | 551 | { |
| @@ -1233,7 +1245,6 @@ static struct ctl_table vm_table[] = { | |||
| 1233 | .strategy = &sysctl_jiffies, | 1245 | .strategy = &sysctl_jiffies, |
| 1234 | }, | 1246 | }, |
| 1235 | #endif | 1247 | #endif |
| 1236 | #ifdef CONFIG_SECURITY | ||
| 1237 | { | 1248 | { |
| 1238 | .ctl_name = CTL_UNNUMBERED, | 1249 | .ctl_name = CTL_UNNUMBERED, |
| 1239 | .procname = "mmap_min_addr", | 1250 | .procname = "mmap_min_addr", |
| @@ -1242,7 +1253,6 @@ static struct ctl_table vm_table[] = { | |||
| 1242 | .mode = 0644, | 1253 | .mode = 0644, |
| 1243 | .proc_handler = &proc_doulongvec_minmax, | 1254 | .proc_handler = &proc_doulongvec_minmax, |
| 1244 | }, | 1255 | }, |
| 1245 | #endif | ||
| 1246 | #ifdef CONFIG_NUMA | 1256 | #ifdef CONFIG_NUMA |
| 1247 | { | 1257 | { |
| 1248 | .ctl_name = CTL_UNNUMBERED, | 1258 | .ctl_name = CTL_UNNUMBERED, |