Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security

* 'for-linus' of git://selinuxproject.org/~jmorris/linux-security: capabilities: remove __cap_full_set definition security: remove the security_netlink_recv hook as it is equivalent to capable() ptrace: do not audit capability check when outputing /proc/pid/stat capabilities: remove task_ns_* functions capabitlies: ns_capable can use the cap helpers rather than lsm call capabilities: style only - move capable below ns_capable capabilites: introduce new has_ns_capabilities_noaudit capabilities: call has_ns_capability from has_capability capabilities: remove all _real_ interfaces capabilities: introduce security_capable_noaudit capabilities: reverse arguments to security_capable capabilities: remove the task from capable LSM hook entirely selinux: sparse fix: fix several warnings in the security server cod selinux: sparse fix: fix warnings in netlink code selinux: sparse fix: eliminate warnings for selinuxfs selinux: sparse fix: declare selinux_disable() in security.h selinux: sparse fix: move selinux_complete_init selinux: sparse fix: make selinux_secmark_refcount static SELinux: Fix RCU deref check warning in sel_netport_insert() Manually fix up a semantic mis-merge wrt security_netlink_recv(): - the interface was removed in commit fd7784615248 ("security: remove the security_netlink_recv hook as it is equivalent to capable()") - a new user of it appeared in commit a38f7907b926 ("crypto: Add userspace configuration API") causing no automatic merge conflict, but Eric Paris pointed out the issue.
author: Linus Torvalds <torvalds@linux-foundation.org> 2012-01-14 21:36:33 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2012-01-14 21:36:33 -0500
commit: c49c41a4134679cecb77362e7f6b59acb6320aa7 (patch)
tree: 45e690c036ca5846a48c8be67945d1d841b2d96d /security/selinux/hooks.c
parent: 892d208bcf79e4e1058707786a7b6d486697cd78 (diff)
parent: f423e5ba76e7e4a6fcb4836b4f072d1fdebba8b5 (diff)
1 files changed, 11 insertions, 33 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 7cd4c3affac8..6a3683e28426 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1415,8 +1415,7 @@ static int current_has_perm(const struct task_struct *tsk,
 #endif
 /* Check whether a task is allowed to use a capability. */
-static int task_has_capability(struct task_struct *tsk,
+static int cred_has_capability(const struct cred *cred,
-                               const struct cred *cred,
                               int cap, int audit)
 {
        struct common_audit_data ad;
@@ -1427,7 +1426,7 @@ static int task_has_capability(struct task_struct *tsk,
        int rc;
        COMMON_AUDIT_DATA_INIT(&ad, CAP);
-        ad.tsk = tsk;
+        ad.tsk = current;
        ad.u.cap = cap;
        switch (CAP_TO_INDEX(cap)) {
@@ -1811,7 +1810,7 @@ static int selinux_ptrace_access_check(struct task_struct *child,
        if (rc)
                return rc;
-        if (mode == PTRACE_MODE_READ) {
+        if (mode & PTRACE_MODE_READ) {
                u32 sid = current_sid();
                u32 csid = task_sid(child);
                return avc_has_perm(sid, csid, SECCLASS_FILE, FILE__READ, NULL);
@@ -1868,16 +1867,16 @@ static int selinux_capset(struct cred *new, const struct cred *old,
 * the CAP_SETUID and CAP_SETGID capabilities using the capable hook.
 */
-static int selinux_capable(struct task_struct *tsk, const struct cred *cred,
+static int selinux_capable(const struct cred *cred, struct user_namespace *ns,
-                           struct user_namespace *ns, int cap, int audit)
+                           int cap, int audit)
 {
        int rc;
-        rc = cap_capable(tsk, cred, ns, cap, audit);
+        rc = cap_capable(cred, ns, cap, audit);
        if (rc)
                return rc;
-        return task_has_capability(tsk, cred, cap, audit);
+        return cred_has_capability(cred, cap, audit);
 }
 static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb)
@@ -1954,8 +1953,7 @@ static int selinux_vm_enough_memory(struct mm_struct *mm, long pages)
 {
        int rc, cap_sys_admin = 0;
-        rc = selinux_capable(current, current_cred(),
+        rc = selinux_capable(current_cred(), &init_user_ns, CAP_SYS_ADMIN,
-                             &init_user_ns, CAP_SYS_ADMIN,
                             SECURITY_CAP_NOAUDIT);
        if (rc == 0)
                cap_sys_admin = 1;
@@ -2859,8 +2857,7 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name
         * and lack of permission just means that we fall back to the
         * in-core context value, not a denial.
         */
-        error = selinux_capable(current, current_cred(),
+        error = selinux_capable(current_cred(), &init_user_ns, CAP_MAC_ADMIN,
-                                &init_user_ns, CAP_MAC_ADMIN,
                                SECURITY_CAP_NOAUDIT);
        if (!error)
                error = security_sid_to_context_force(isec->sid, &context,
@@ -2993,8 +2990,8 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd,
        case KDSKBENT:
        case KDSKBSENT:
-                error = task_has_capability(current, cred, CAP_SYS_TTY_CONFIG,
+                error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG,
-                                        SECURITY_CAP_AUDIT);
+                                            SECURITY_CAP_AUDIT);
                break;
        /* default case assumes that the command will go
@@ -4718,24 +4715,6 @@ static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb)
        return selinux_nlmsg_perm(sk, skb);
 }
-static int selinux_netlink_recv(struct sk_buff *skb, int capability)
-{
-        int err;
-        struct common_audit_data ad;
-        u32 sid;
-        err = cap_netlink_recv(skb, capability);
-        if (err)
-                return err;
-        COMMON_AUDIT_DATA_INIT(&ad, CAP);
-        ad.u.cap = capability;
-        security_task_getsecid(current, &sid);
-        return avc_has_perm(sid, sid, SECCLASS_CAPABILITY,
-                            CAP_TO_MASK(capability), &ad);
-}
 static int ipc_alloc_security(struct task_struct *task,
                              struct kern_ipc_perm *perm,
                              u16 sclass)
@@ -5464,7 +5443,6 @@ static struct security_operations selinux_ops = {
        .vm_enough_memory =             selinux_vm_enough_memory,
        .netlink_send =                 selinux_netlink_send,
-        .netlink_recv =                 selinux_netlink_recv,
        .bprm_set_creds =               selinux_bprm_set_creds,
        .bprm_committing_creds =        selinux_bprm_committing_creds,
author	Linus Torvalds <torvalds@linux-foundation.org>	2012-01-14 21:36:33 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2012-01-14 21:36:33 -0500
commit	c49c41a4134679cecb77362e7f6b59acb6320aa7 (patch)
tree	45e690c036ca5846a48c8be67945d1d841b2d96d /security/selinux/hooks.c
parent	892d208bcf79e4e1058707786a7b6d486697cd78 (diff)
parent	f423e5ba76e7e4a6fcb4836b4f072d1fdebba8b5 (diff)