aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorAndi Kleen <ak@linux.intel.com>2011-04-21 20:23:19 -0400
committerEric Paris <eparis@redhat.com>2011-04-25 10:20:32 -0400
commit1c9904297451f558191e211a48d8838b4bf792b0 (patch)
tree9c7cabec6ce3d6604147de73953cfaca672f1c0d /security
parent6b697323a78bed254ee372f71b1a6a2901bb4b7a (diff)
SECURITY: Move exec_permission RCU checks into security modules
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY is enabled, even though just the standard capability module is active. This is because security_inode_exec_permission unconditionally fails RCU walks. Move this decision to the low level security module. This requires passing the RCU flags down the security hook. This way at least the capability module and a few easy cases in selinux/smack work with RCU walks with CONFIG_SECURITY=y Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security')
-rw-r--r--security/capability.c2
-rw-r--r--security/security.c6
-rw-r--r--security/selinux/hooks.c6
-rw-r--r--security/smack/smack_lsm.c6
4 files changed, 13 insertions, 7 deletions
diff --git a/security/capability.c b/security/capability.c
index ab3d807accc3..56bb1605fd79 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -181,7 +181,7 @@ static int cap_inode_follow_link(struct dentry *dentry,
181 return 0; 181 return 0;
182} 182}
183 183
184static int cap_inode_permission(struct inode *inode, int mask) 184static int cap_inode_permission(struct inode *inode, int mask, unsigned flags)
185{ 185{
186 return 0; 186 return 0;
187} 187}
diff --git a/security/security.c b/security/security.c
index 47b8a447118f..7e34f98bf433 100644
--- a/security/security.c
+++ b/security/security.c
@@ -514,16 +514,14 @@ int security_inode_permission(struct inode *inode, int mask)
514{ 514{
515 if (unlikely(IS_PRIVATE(inode))) 515 if (unlikely(IS_PRIVATE(inode)))
516 return 0; 516 return 0;
517 return security_ops->inode_permission(inode, mask); 517 return security_ops->inode_permission(inode, mask, 0);
518} 518}
519 519
520int security_inode_exec_permission(struct inode *inode, unsigned int flags) 520int security_inode_exec_permission(struct inode *inode, unsigned int flags)
521{ 521{
522 if (unlikely(IS_PRIVATE(inode))) 522 if (unlikely(IS_PRIVATE(inode)))
523 return 0; 523 return 0;
524 if (flags) 524 return security_ops->inode_permission(inode, MAY_EXEC, flags);
525 return -ECHILD;
526 return security_ops->inode_permission(inode, MAY_EXEC);
527} 525}
528 526
529int security_inode_setattr(struct dentry *dentry, struct iattr *attr) 527int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 7a630a8a5cef..9a220be17a3f 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2635,7 +2635,7 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na
2635 return dentry_has_perm(cred, NULL, dentry, FILE__READ); 2635 return dentry_has_perm(cred, NULL, dentry, FILE__READ);
2636} 2636}
2637 2637
2638static int selinux_inode_permission(struct inode *inode, int mask) 2638static int selinux_inode_permission(struct inode *inode, int mask, unsigned flags)
2639{ 2639{
2640 const struct cred *cred = current_cred(); 2640 const struct cred *cred = current_cred();
2641 struct common_audit_data ad; 2641 struct common_audit_data ad;
@@ -2649,6 +2649,10 @@ static int selinux_inode_permission(struct inode *inode, int mask)
2649 if (!mask) 2649 if (!mask)
2650 return 0; 2650 return 0;
2651 2651
2652 /* May be droppable after audit */
2653 if (flags & IPERM_FLAG_RCU)
2654 return -ECHILD;
2655
2652 COMMON_AUDIT_DATA_INIT(&ad, FS); 2656 COMMON_AUDIT_DATA_INIT(&ad, FS);
2653 ad.u.fs.inode = inode; 2657 ad.u.fs.inode = inode;
2654 2658
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 23c7a6d0c80c..42fcb47747a3 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -686,7 +686,7 @@ static int smack_inode_rename(struct inode *old_inode,
686 * 686 *
687 * Returns 0 if access is permitted, -EACCES otherwise 687 * Returns 0 if access is permitted, -EACCES otherwise
688 */ 688 */
689static int smack_inode_permission(struct inode *inode, int mask) 689static int smack_inode_permission(struct inode *inode, int mask, unsigned flags)
690{ 690{
691 struct smk_audit_info ad; 691 struct smk_audit_info ad;
692 692
@@ -696,6 +696,10 @@ static int smack_inode_permission(struct inode *inode, int mask)
696 */ 696 */
697 if (mask == 0) 697 if (mask == 0)
698 return 0; 698 return 0;
699
700 /* May be droppable after audit */
701 if (flags & IPERM_FLAG_RCU)
702 return -ECHILD;
699 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); 703 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS);
700 smk_ad_setfield_u_fs_inode(&ad, inode); 704 smk_ad_setfield_u_fs_inode(&ad, inode);
701 return smk_curacc(smk_of_inode(inode), mask, &ad); 705 return smk_curacc(smk_of_inode(inode), mask, &ad);