aboutsummaryrefslogtreecommitdiffstats
path: root/security/smack
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2012-08-09 20:46:38 -0400
committerCasey Schaufler <casey@schaufler-ca.com>2012-09-18 12:50:37 -0400
commitc00bedb368ae02a066aed8a888afc286c1df2e60 (patch)
tree9f72de8b17597cdedb755c553dafe992e2724b1b /security/smack
parente7c568e0fd0cf6d9c8ab8ea537ba8f3a3ae7c3d8 (diff)
Smack: remove task_wait() hook.
On 12/20/2011 11:20 PM, Jarkko Sakkinen wrote: > Allow SIGCHLD to be passed to child process without > explicit policy. This will help to keep the access > control policy simple and easily maintainable with > complex applications that require use of multiple > security contexts. It will also help to keep them > as isolated as possible. > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com> I have a slightly different version that applies to the current smack-next tree. Allow SIGCHLD to be passed to child process without explicit policy. This will help to keep the access control policy simple and easily maintainable with complex applications that require use of multiple security contexts. It will also help to keep them as isolated as possible. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> security/smack/smack_lsm.c | 37 ++++++++----------------------------- 1 files changed, 8 insertions(+), 29 deletions(-)
Diffstat (limited to 'security/smack')
-rw-r--r--security/smack/smack_lsm.c37
1 files changed, 8 insertions, 29 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 8221514cc997..ce9273a18165 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1691,40 +1691,19 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info,
1691 * smack_task_wait - Smack access check for waiting 1691 * smack_task_wait - Smack access check for waiting
1692 * @p: task to wait for 1692 * @p: task to wait for
1693 * 1693 *
1694 * Returns 0 if current can wait for p, error code otherwise 1694 * Returns 0
1695 */ 1695 */
1696static int smack_task_wait(struct task_struct *p) 1696static int smack_task_wait(struct task_struct *p)
1697{ 1697{
1698 struct smk_audit_info ad;
1699 char *sp = smk_of_current();
1700 char *tsp = smk_of_forked(task_security(p));
1701 int rc;
1702
1703 /* we don't log here, we can be overriden */
1704 rc = smk_access(tsp, sp, MAY_WRITE, NULL);
1705 if (rc == 0)
1706 goto out_log;
1707
1708 /* 1698 /*
1709 * Allow the operation to succeed if either task 1699 * Allow the operation to succeed.
1710 * has privilege to perform operations that might 1700 * Zombies are bad.
1711 * account for the smack labels having gotten to 1701 * In userless environments (e.g. phones) programs
1712 * be different in the first place. 1702 * get marked with SMACK64EXEC and even if the parent
1713 * 1703 * and child shouldn't be talking the parent still
1714 * This breaks the strict subject/object access 1704 * may expect to know when the child exits.
1715 * control ideal, taking the object's privilege
1716 * state into account in the decision as well as
1717 * the smack value.
1718 */ 1705 */
1719 if (smack_privileged(CAP_MAC_OVERRIDE) || 1706 return 0;
1720 has_capability(p, CAP_MAC_OVERRIDE))
1721 rc = 0;
1722 /* we log only if we didn't get overriden */
1723 out_log:
1724 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
1725 smk_ad_setfield_u_tsk(&ad, p);
1726 smack_log(tsp, sp, MAY_WRITE, rc, &ad);
1727 return rc;
1728} 1707}
1729 1708
1730/** 1709/**