diff options
| author | James Morris <jmorris@namei.org> | 2009-12-09 03:01:03 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-12-09 03:01:03 -0500 |
| commit | 1ad1f10cd915744bbe52b19423653b38287d827d (patch) | |
| tree | ae072aace36b45a55d80b8cbf1b6d92523a88ea0 /security | |
| parent | 08e3daff217059c84c360cc71212686e0a7995af (diff) | |
| parent | 2b876f95d03e226394b5d360c86127cbefaf614b (diff) | |
Merge branch 'master' into next
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/sysctl.c | 17 | ||||
| -rw-r--r-- | security/lsm_audit.c | 12 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 6 | ||||
| -rw-r--r-- | security/smack/smack_lsm.c | 4 | ||||
| -rw-r--r-- | security/tomoyo/file.c | 21 | ||||
| -rw-r--r-- | security/tomoyo/realpath.c | 9 | ||||
| -rw-r--r-- | security/tomoyo/tomoyo.c | 80 | ||||
| -rw-r--r-- | security/tomoyo/tomoyo.h | 2 |
8 files changed, 26 insertions, 125 deletions
diff --git a/security/keys/sysctl.c b/security/keys/sysctl.c index 5e05dc09e2db..ee32d181764a 100644 --- a/security/keys/sysctl.c +++ b/security/keys/sysctl.c | |||
| @@ -17,54 +17,49 @@ static const int zero, one = 1, max = INT_MAX; | |||
| 17 | 17 | ||
| 18 | ctl_table key_sysctls[] = { | 18 | ctl_table key_sysctls[] = { |
| 19 | { | 19 | { |
| 20 | .ctl_name = CTL_UNNUMBERED, | ||
| 21 | .procname = "maxkeys", | 20 | .procname = "maxkeys", |
| 22 | .data = &key_quota_maxkeys, | 21 | .data = &key_quota_maxkeys, |
| 23 | .maxlen = sizeof(unsigned), | 22 | .maxlen = sizeof(unsigned), |
| 24 | .mode = 0644, | 23 | .mode = 0644, |
| 25 | .proc_handler = &proc_dointvec_minmax, | 24 | .proc_handler = proc_dointvec_minmax, |
| 26 | .extra1 = (void *) &one, | 25 | .extra1 = (void *) &one, |
| 27 | .extra2 = (void *) &max, | 26 | .extra2 = (void *) &max, |
| 28 | }, | 27 | }, |
| 29 | { | 28 | { |
| 30 | .ctl_name = CTL_UNNUMBERED, | ||
| 31 | .procname = "maxbytes", | 29 | .procname = "maxbytes", |
| 32 | .data = &key_quota_maxbytes, | 30 | .data = &key_quota_maxbytes, |
| 33 | .maxlen = sizeof(unsigned), | 31 | .maxlen = sizeof(unsigned), |
| 34 | .mode = 0644, | 32 | .mode = 0644, |
| 35 | .proc_handler = &proc_dointvec_minmax, | 33 | .proc_handler = proc_dointvec_minmax, |
| 36 | .extra1 = (void *) &one, | 34 | .extra1 = (void *) &one, |
| 37 | .extra2 = (void *) &max, | 35 | .extra2 = (void *) &max, |
| 38 | }, | 36 | }, |
| 39 | { | 37 | { |
| 40 | .ctl_name = CTL_UNNUMBERED, | ||
| 41 | .procname = "root_maxkeys", | 38 | .procname = "root_maxkeys", |
| 42 | .data = &key_quota_root_maxkeys, | 39 | .data = &key_quota_root_maxkeys, |
| 43 | .maxlen = sizeof(unsigned), | 40 | .maxlen = sizeof(unsigned), |
| 44 | .mode = 0644, | 41 | .mode = 0644, |
| 45 | .proc_handler = &proc_dointvec_minmax, | 42 | .proc_handler = proc_dointvec_minmax, |
| 46 | .extra1 = (void *) &one, | 43 | .extra1 = (void *) &one, |
| 47 | .extra2 = (void *) &max, | 44 | .extra2 = (void *) &max, |
| 48 | }, | 45 | }, |
| 49 | { | 46 | { |
| 50 | .ctl_name = CTL_UNNUMBERED, | ||
| 51 | .procname = "root_maxbytes", | 47 | .procname = "root_maxbytes", |
| 52 | .data = &key_quota_root_maxbytes, | 48 | .data = &key_quota_root_maxbytes, |
| 53 | .maxlen = sizeof(unsigned), | 49 | .maxlen = sizeof(unsigned), |
| 54 | .mode = 0644, | 50 | .mode = 0644, |
| 55 | .proc_handler = &proc_dointvec_minmax, | 51 | .proc_handler = proc_dointvec_minmax, |
| 56 | .extra1 = (void *) &one, | 52 | .extra1 = (void *) &one, |
| 57 | .extra2 = (void *) &max, | 53 | .extra2 = (void *) &max, |
| 58 | }, | 54 | }, |
| 59 | { | 55 | { |
| 60 | .ctl_name = CTL_UNNUMBERED, | ||
| 61 | .procname = "gc_delay", | 56 | .procname = "gc_delay", |
| 62 | .data = &key_gc_delay, | 57 | .data = &key_gc_delay, |
| 63 | .maxlen = sizeof(unsigned), | 58 | .maxlen = sizeof(unsigned), |
| 64 | .mode = 0644, | 59 | .mode = 0644, |
| 65 | .proc_handler = &proc_dointvec_minmax, | 60 | .proc_handler = proc_dointvec_minmax, |
| 66 | .extra1 = (void *) &zero, | 61 | .extra1 = (void *) &zero, |
| 67 | .extra2 = (void *) &max, | 62 | .extra2 = (void *) &max, |
| 68 | }, | 63 | }, |
| 69 | { .ctl_name = 0 } | 64 | { } |
| 70 | }; | 65 | }; |
diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 51bd0fd9c9f0..acba3dfc8d29 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c | |||
| @@ -273,11 +273,11 @@ static void dump_common_audit_data(struct audit_buffer *ab, | |||
| 273 | case AF_INET: { | 273 | case AF_INET: { |
| 274 | struct inet_sock *inet = inet_sk(sk); | 274 | struct inet_sock *inet = inet_sk(sk); |
| 275 | 275 | ||
| 276 | print_ipv4_addr(ab, inet->rcv_saddr, | 276 | print_ipv4_addr(ab, inet->inet_rcv_saddr, |
| 277 | inet->sport, | 277 | inet->inet_sport, |
| 278 | "laddr", "lport"); | 278 | "laddr", "lport"); |
| 279 | print_ipv4_addr(ab, inet->daddr, | 279 | print_ipv4_addr(ab, inet->inet_daddr, |
| 280 | inet->dport, | 280 | inet->inet_dport, |
| 281 | "faddr", "fport"); | 281 | "faddr", "fport"); |
| 282 | break; | 282 | break; |
| 283 | } | 283 | } |
| @@ -286,10 +286,10 @@ static void dump_common_audit_data(struct audit_buffer *ab, | |||
| 286 | struct ipv6_pinfo *inet6 = inet6_sk(sk); | 286 | struct ipv6_pinfo *inet6 = inet6_sk(sk); |
| 287 | 287 | ||
| 288 | print_ipv6_addr(ab, &inet6->rcv_saddr, | 288 | print_ipv6_addr(ab, &inet6->rcv_saddr, |
| 289 | inet->sport, | 289 | inet->inet_sport, |
| 290 | "laddr", "lport"); | 290 | "laddr", "lport"); |
| 291 | print_ipv6_addr(ab, &inet6->daddr, | 291 | print_ipv6_addr(ab, &inet6->daddr, |
| 292 | inet->dport, | 292 | inet->inet_dport, |
| 293 | "faddr", "fport"); | 293 | "faddr", "fport"); |
| 294 | break; | 294 | break; |
| 295 | } | 295 | } |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c96d63ec4753..7a374c2eb043 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -4093,7 +4093,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, | |||
| 4093 | char *addrp; | 4093 | char *addrp; |
| 4094 | 4094 | ||
| 4095 | COMMON_AUDIT_DATA_INIT(&ad, NET); | 4095 | COMMON_AUDIT_DATA_INIT(&ad, NET); |
| 4096 | ad.u.net.netif = skb->iif; | 4096 | ad.u.net.netif = skb->skb_iif; |
| 4097 | ad.u.net.family = family; | 4097 | ad.u.net.family = family; |
| 4098 | err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); | 4098 | err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); |
| 4099 | if (err) | 4099 | if (err) |
| @@ -4155,7 +4155,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) | |||
| 4155 | return 0; | 4155 | return 0; |
| 4156 | 4156 | ||
| 4157 | COMMON_AUDIT_DATA_INIT(&ad, NET); | 4157 | COMMON_AUDIT_DATA_INIT(&ad, NET); |
| 4158 | ad.u.net.netif = skb->iif; | 4158 | ad.u.net.netif = skb->skb_iif; |
| 4159 | ad.u.net.family = family; | 4159 | ad.u.net.family = family; |
| 4160 | err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); | 4160 | err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); |
| 4161 | if (err) | 4161 | if (err) |
| @@ -4167,7 +4167,7 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) | |||
| 4167 | err = selinux_skb_peerlbl_sid(skb, family, &peer_sid); | 4167 | err = selinux_skb_peerlbl_sid(skb, family, &peer_sid); |
| 4168 | if (err) | 4168 | if (err) |
| 4169 | return err; | 4169 | return err; |
| 4170 | err = selinux_inet_sys_rcv_skb(skb->iif, addrp, family, | 4170 | err = selinux_inet_sys_rcv_skb(skb->skb_iif, addrp, family, |
| 4171 | peer_sid, &ad); | 4171 | peer_sid, &ad); |
| 4172 | if (err) { | 4172 | if (err) { |
| 4173 | selinux_netlbl_err(skb, err, 0); | 4173 | selinux_netlbl_err(skb, err, 0); |
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index c33b6bb9b6dd..529c9ca65878 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -2602,7 +2602,7 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) | |||
| 2602 | #ifdef CONFIG_AUDIT | 2602 | #ifdef CONFIG_AUDIT |
| 2603 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); | 2603 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); |
| 2604 | ad.a.u.net.family = sk->sk_family; | 2604 | ad.a.u.net.family = sk->sk_family; |
| 2605 | ad.a.u.net.netif = skb->iif; | 2605 | ad.a.u.net.netif = skb->skb_iif; |
| 2606 | ipv4_skb_to_auditdata(skb, &ad.a, NULL); | 2606 | ipv4_skb_to_auditdata(skb, &ad.a, NULL); |
| 2607 | #endif | 2607 | #endif |
| 2608 | /* | 2608 | /* |
| @@ -2757,7 +2757,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, | |||
| 2757 | #ifdef CONFIG_AUDIT | 2757 | #ifdef CONFIG_AUDIT |
| 2758 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); | 2758 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); |
| 2759 | ad.a.u.net.family = family; | 2759 | ad.a.u.net.family = family; |
| 2760 | ad.a.u.net.netif = skb->iif; | 2760 | ad.a.u.net.netif = skb->skb_iif; |
| 2761 | ipv4_skb_to_auditdata(skb, &ad.a, NULL); | 2761 | ipv4_skb_to_auditdata(skb, &ad.a, NULL); |
| 2762 | #endif | 2762 | #endif |
| 2763 | /* | 2763 | /* |
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 2d10f98fc551..482f0e7ed997 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
| @@ -1118,27 +1118,6 @@ static int tomoyo_check_single_path_permission2(struct tomoyo_domain_info * | |||
| 1118 | } | 1118 | } |
| 1119 | 1119 | ||
| 1120 | /** | 1120 | /** |
| 1121 | * tomoyo_check_file_perm - Check permission for sysctl()'s "read" and "write". | ||
| 1122 | * | ||
| 1123 | * @domain: Pointer to "struct tomoyo_domain_info". | ||
| 1124 | * @filename: Filename to check. | ||
| 1125 | * @perm: Mode ("read" or "write" or "read/write"). | ||
| 1126 | * Returns 0 on success, negative value otherwise. | ||
| 1127 | */ | ||
| 1128 | int tomoyo_check_file_perm(struct tomoyo_domain_info *domain, | ||
| 1129 | const char *filename, const u8 perm) | ||
| 1130 | { | ||
| 1131 | struct tomoyo_path_info name; | ||
| 1132 | const u8 mode = tomoyo_check_flags(domain, TOMOYO_MAC_FOR_FILE); | ||
| 1133 | |||
| 1134 | if (!mode) | ||
| 1135 | return 0; | ||
| 1136 | name.name = filename; | ||
| 1137 | tomoyo_fill_path_info(&name); | ||
| 1138 | return tomoyo_check_file_perm2(domain, &name, perm, "sysctl", mode); | ||
| 1139 | } | ||
| 1140 | |||
| 1141 | /** | ||
| 1142 | * tomoyo_check_exec_perm - Check permission for "execute". | 1121 | * tomoyo_check_exec_perm - Check permission for "execute". |
| 1143 | * | 1122 | * |
| 1144 | * @domain: Pointer to "struct tomoyo_domain_info". | 1123 | * @domain: Pointer to "struct tomoyo_domain_info". |
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index 917f564cdab1..18369d497eb8 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
| @@ -110,6 +110,15 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname, | |||
| 110 | spin_unlock(&dcache_lock); | 110 | spin_unlock(&dcache_lock); |
| 111 | path_put(&root); | 111 | path_put(&root); |
| 112 | path_put(&ns_root); | 112 | path_put(&ns_root); |
| 113 | /* Prepend "/proc" prefix if using internal proc vfs mount. */ | ||
| 114 | if (!IS_ERR(sp) && (path->mnt->mnt_parent == path->mnt) && | ||
| 115 | (strcmp(path->mnt->mnt_sb->s_type->name, "proc") == 0)) { | ||
| 116 | sp -= 5; | ||
| 117 | if (sp >= newname) | ||
| 118 | memcpy(sp, "/proc", 5); | ||
| 119 | else | ||
| 120 | sp = ERR_PTR(-ENOMEM); | ||
| 121 | } | ||
| 113 | } | 122 | } |
| 114 | if (IS_ERR(sp)) | 123 | if (IS_ERR(sp)) |
| 115 | error = PTR_ERR(sp); | 124 | error = PTR_ERR(sp); |
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 3fb5f6ea4fc9..ad9555fc3765 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
| @@ -85,83 +85,6 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) | |||
| 85 | return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); | 85 | return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); |
| 86 | } | 86 | } |
| 87 | 87 | ||
| 88 | #ifdef CONFIG_SYSCTL | ||
| 89 | |||
| 90 | static int tomoyo_prepend(char **buffer, int *buflen, const char *str) | ||
| 91 | { | ||
| 92 | int namelen = strlen(str); | ||
| 93 | |||
| 94 | if (*buflen < namelen) | ||
| 95 | return -ENOMEM; | ||
| 96 | *buflen -= namelen; | ||
| 97 | *buffer -= namelen; | ||
| 98 | memcpy(*buffer, str, namelen); | ||
| 99 | return 0; | ||
| 100 | } | ||
| 101 | |||
| 102 | /** | ||
| 103 | * tomoyo_sysctl_path - return the realpath of a ctl_table. | ||
| 104 | * @table: pointer to "struct ctl_table". | ||
| 105 | * | ||
| 106 | * Returns realpath(3) of the @table on success. | ||
| 107 | * Returns NULL on failure. | ||
| 108 | * | ||
| 109 | * This function uses tomoyo_alloc(), so the caller must call tomoyo_free() | ||
| 110 | * if this function didn't return NULL. | ||
| 111 | */ | ||
| 112 | static char *tomoyo_sysctl_path(struct ctl_table *table) | ||
| 113 | { | ||
| 114 | int buflen = TOMOYO_MAX_PATHNAME_LEN; | ||
| 115 | char *buf = tomoyo_alloc(buflen); | ||
| 116 | char *end = buf + buflen; | ||
| 117 | int error = -ENOMEM; | ||
| 118 | |||
| 119 | if (!buf) | ||
| 120 | return NULL; | ||
| 121 | |||
| 122 | *--end = '\0'; | ||
| 123 | buflen--; | ||
| 124 | while (table) { | ||
| 125 | char num[32]; | ||
| 126 | const char *sp = table->procname; | ||
| 127 | |||
| 128 | if (!sp) { | ||
| 129 | memset(num, 0, sizeof(num)); | ||
| 130 | snprintf(num, sizeof(num) - 1, "=%d=", table->ctl_name); | ||
| 131 | sp = num; | ||
| 132 | } | ||
| 133 | if (tomoyo_prepend(&end, &buflen, sp) || | ||
| 134 | tomoyo_prepend(&end, &buflen, "/")) | ||
| 135 | goto out; | ||
| 136 | table = table->parent; | ||
| 137 | } | ||
| 138 | if (tomoyo_prepend(&end, &buflen, "/proc/sys")) | ||
| 139 | goto out; | ||
| 140 | error = tomoyo_encode(buf, end - buf, end); | ||
| 141 | out: | ||
| 142 | if (!error) | ||
| 143 | return buf; | ||
| 144 | tomoyo_free(buf); | ||
| 145 | return NULL; | ||
| 146 | } | ||
| 147 | |||
| 148 | static int tomoyo_sysctl(struct ctl_table *table, int op) | ||
| 149 | { | ||
| 150 | int error; | ||
| 151 | char *name; | ||
| 152 | |||
| 153 | op &= MAY_READ | MAY_WRITE; | ||
| 154 | if (!op) | ||
| 155 | return 0; | ||
| 156 | name = tomoyo_sysctl_path(table); | ||
| 157 | if (!name) | ||
| 158 | return -ENOMEM; | ||
| 159 | error = tomoyo_check_file_perm(tomoyo_domain(), name, op); | ||
| 160 | tomoyo_free(name); | ||
| 161 | return error; | ||
| 162 | } | ||
| 163 | #endif | ||
| 164 | |||
| 165 | static int tomoyo_path_truncate(struct path *path, loff_t length, | 88 | static int tomoyo_path_truncate(struct path *path, loff_t length, |
| 166 | unsigned int time_attrs) | 89 | unsigned int time_attrs) |
| 167 | { | 90 | { |
| @@ -336,9 +259,6 @@ static struct security_operations tomoyo_security_ops = { | |||
| 336 | .cred_transfer = tomoyo_cred_transfer, | 259 | .cred_transfer = tomoyo_cred_transfer, |
| 337 | .bprm_set_creds = tomoyo_bprm_set_creds, | 260 | .bprm_set_creds = tomoyo_bprm_set_creds, |
| 338 | .bprm_check_security = tomoyo_bprm_check_security, | 261 | .bprm_check_security = tomoyo_bprm_check_security, |
| 339 | #ifdef CONFIG_SYSCTL | ||
| 340 | .sysctl = tomoyo_sysctl, | ||
| 341 | #endif | ||
| 342 | .file_fcntl = tomoyo_file_fcntl, | 262 | .file_fcntl = tomoyo_file_fcntl, |
| 343 | .dentry_open = tomoyo_dentry_open, | 263 | .dentry_open = tomoyo_dentry_open, |
| 344 | .path_truncate = tomoyo_path_truncate, | 264 | .path_truncate = tomoyo_path_truncate, |
diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h index fac02655ea4b..bf3986addc1a 100644 --- a/security/tomoyo/tomoyo.h +++ b/security/tomoyo/tomoyo.h | |||
| @@ -18,8 +18,6 @@ struct inode; | |||
| 18 | struct linux_binprm; | 18 | struct linux_binprm; |
| 19 | struct pt_regs; | 19 | struct pt_regs; |
| 20 | 20 | ||
| 21 | int tomoyo_check_file_perm(struct tomoyo_domain_info *domain, | ||
| 22 | const char *filename, const u8 perm); | ||
| 23 | int tomoyo_check_exec_perm(struct tomoyo_domain_info *domain, | 21 | int tomoyo_check_exec_perm(struct tomoyo_domain_info *domain, |
| 24 | const struct tomoyo_path_info *filename); | 22 | const struct tomoyo_path_info *filename); |
| 25 | int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | 23 | int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, |