aboutsummaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2009-12-08 10:38:50 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2009-12-08 10:38:50 -0500
commit1557d33007f63dd96e5d15f33af389378e5f2e54 (patch)
tree06d05722b2ba5d2a67532f779fa8a88efe3c88f1 /security/tomoyo
parent6ec22f9b037fc0c2e00ddb7023fad279c365324d (diff)
parentc656ae95d1c5c8ed5763356263ace2d03087efec (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/sysctl-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/sysctl-2.6: (43 commits) security/tomoyo: Remove now unnecessary handling of security_sysctl. security/tomoyo: Add a special case to handle accesses through the internal proc mount. sysctl: Drop & in front of every proc_handler. sysctl: Remove CTL_NONE and CTL_UNNUMBERED sysctl: kill dead ctl_handler definitions. sysctl: Remove the last of the generic binary sysctl support sysctl net: Remove unused binary sysctl code sysctl security/tomoyo: Don't look at ctl_name sysctl arm: Remove binary sysctl support sysctl x86: Remove dead binary sysctl support sysctl sh: Remove dead binary sysctl support sysctl powerpc: Remove dead binary sysctl support sysctl ia64: Remove dead binary sysctl support sysctl s390: Remove dead sysctl binary support sysctl frv: Remove dead binary sysctl support sysctl mips/lasat: Remove dead binary sysctl support sysctl drivers: Remove dead binary sysctl support sysctl crypto: Remove dead binary sysctl support sysctl security/keys: Remove dead binary sysctl support sysctl kernel: Remove binary sysctl logic ...
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/file.c21
-rw-r--r--security/tomoyo/realpath.c9
-rw-r--r--security/tomoyo/tomoyo.c80
-rw-r--r--security/tomoyo/tomoyo.h2
4 files changed, 9 insertions, 103 deletions
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 5ae3a571559f..8346938809b1 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -1096,27 +1096,6 @@ static int tomoyo_check_single_path_permission2(struct tomoyo_domain_info *
1096} 1096}
1097 1097
1098/** 1098/**
1099 * tomoyo_check_file_perm - Check permission for sysctl()'s "read" and "write".
1100 *
1101 * @domain: Pointer to "struct tomoyo_domain_info".
1102 * @filename: Filename to check.
1103 * @perm: Mode ("read" or "write" or "read/write").
1104 * Returns 0 on success, negative value otherwise.
1105 */
1106int tomoyo_check_file_perm(struct tomoyo_domain_info *domain,
1107 const char *filename, const u8 perm)
1108{
1109 struct tomoyo_path_info name;
1110 const u8 mode = tomoyo_check_flags(domain, TOMOYO_MAC_FOR_FILE);
1111
1112 if (!mode)
1113 return 0;
1114 name.name = filename;
1115 tomoyo_fill_path_info(&name);
1116 return tomoyo_check_file_perm2(domain, &name, perm, "sysctl", mode);
1117}
1118
1119/**
1120 * tomoyo_check_exec_perm - Check permission for "execute". 1099 * tomoyo_check_exec_perm - Check permission for "execute".
1121 * 1100 *
1122 * @domain: Pointer to "struct tomoyo_domain_info". 1101 * @domain: Pointer to "struct tomoyo_domain_info".
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index 917f564cdab1..18369d497eb8 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -110,6 +110,15 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
110 spin_unlock(&dcache_lock); 110 spin_unlock(&dcache_lock);
111 path_put(&root); 111 path_put(&root);
112 path_put(&ns_root); 112 path_put(&ns_root);
113 /* Prepend "/proc" prefix if using internal proc vfs mount. */
114 if (!IS_ERR(sp) && (path->mnt->mnt_parent == path->mnt) &&
115 (strcmp(path->mnt->mnt_sb->s_type->name, "proc") == 0)) {
116 sp -= 5;
117 if (sp >= newname)
118 memcpy(sp, "/proc", 5);
119 else
120 sp = ERR_PTR(-ENOMEM);
121 }
113 } 122 }
114 if (IS_ERR(sp)) 123 if (IS_ERR(sp))
115 error = PTR_ERR(sp); 124 error = PTR_ERR(sp);
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 9548a0984cc4..8a00ade85166 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -85,83 +85,6 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
85 return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); 85 return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1);
86} 86}
87 87
88#ifdef CONFIG_SYSCTL
89
90static int tomoyo_prepend(char **buffer, int *buflen, const char *str)
91{
92 int namelen = strlen(str);
93
94 if (*buflen < namelen)
95 return -ENOMEM;
96 *buflen -= namelen;
97 *buffer -= namelen;
98 memcpy(*buffer, str, namelen);
99 return 0;
100}
101
102/**
103 * tomoyo_sysctl_path - return the realpath of a ctl_table.
104 * @table: pointer to "struct ctl_table".
105 *
106 * Returns realpath(3) of the @table on success.
107 * Returns NULL on failure.
108 *
109 * This function uses tomoyo_alloc(), so the caller must call tomoyo_free()
110 * if this function didn't return NULL.
111 */
112static char *tomoyo_sysctl_path(struct ctl_table *table)
113{
114 int buflen = TOMOYO_MAX_PATHNAME_LEN;
115 char *buf = tomoyo_alloc(buflen);
116 char *end = buf + buflen;
117 int error = -ENOMEM;
118
119 if (!buf)
120 return NULL;
121
122 *--end = '\0';
123 buflen--;
124 while (table) {
125 char num[32];
126 const char *sp = table->procname;
127
128 if (!sp) {
129 memset(num, 0, sizeof(num));
130 snprintf(num, sizeof(num) - 1, "=%d=", table->ctl_name);
131 sp = num;
132 }
133 if (tomoyo_prepend(&end, &buflen, sp) ||
134 tomoyo_prepend(&end, &buflen, "/"))
135 goto out;
136 table = table->parent;
137 }
138 if (tomoyo_prepend(&end, &buflen, "/proc/sys"))
139 goto out;
140 error = tomoyo_encode(buf, end - buf, end);
141 out:
142 if (!error)
143 return buf;
144 tomoyo_free(buf);
145 return NULL;
146}
147
148static int tomoyo_sysctl(struct ctl_table *table, int op)
149{
150 int error;
151 char *name;
152
153 op &= MAY_READ | MAY_WRITE;
154 if (!op)
155 return 0;
156 name = tomoyo_sysctl_path(table);
157 if (!name)
158 return -ENOMEM;
159 error = tomoyo_check_file_perm(tomoyo_domain(), name, op);
160 tomoyo_free(name);
161 return error;
162}
163#endif
164
165static int tomoyo_path_truncate(struct path *path, loff_t length, 88static int tomoyo_path_truncate(struct path *path, loff_t length,
166 unsigned int time_attrs) 89 unsigned int time_attrs)
167{ 90{
@@ -282,9 +205,6 @@ static struct security_operations tomoyo_security_ops = {
282 .cred_transfer = tomoyo_cred_transfer, 205 .cred_transfer = tomoyo_cred_transfer,
283 .bprm_set_creds = tomoyo_bprm_set_creds, 206 .bprm_set_creds = tomoyo_bprm_set_creds,
284 .bprm_check_security = tomoyo_bprm_check_security, 207 .bprm_check_security = tomoyo_bprm_check_security,
285#ifdef CONFIG_SYSCTL
286 .sysctl = tomoyo_sysctl,
287#endif
288 .file_fcntl = tomoyo_file_fcntl, 208 .file_fcntl = tomoyo_file_fcntl,
289 .dentry_open = tomoyo_dentry_open, 209 .dentry_open = tomoyo_dentry_open,
290 .path_truncate = tomoyo_path_truncate, 210 .path_truncate = tomoyo_path_truncate,
diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h
index cd6ba0bf7069..ed758325b1ae 100644
--- a/security/tomoyo/tomoyo.h
+++ b/security/tomoyo/tomoyo.h
@@ -18,8 +18,6 @@ struct inode;
18struct linux_binprm; 18struct linux_binprm;
19struct pt_regs; 19struct pt_regs;
20 20
21int tomoyo_check_file_perm(struct tomoyo_domain_info *domain,
22 const char *filename, const u8 perm);
23int tomoyo_check_exec_perm(struct tomoyo_domain_info *domain, 21int tomoyo_check_exec_perm(struct tomoyo_domain_info *domain,
24 const struct tomoyo_path_info *filename); 22 const struct tomoyo_path_info *filename);
25int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, 23int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,