diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:17 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:17 -0500 |
| commit | f1752eec6145c97163dbce62d17cf5d928e28a27 (patch) | |
| tree | 16bc51166d38815092de36a461b845b0b4b522f9 /security | |
| parent | b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (diff) | |
CRED: Detach the credentials from task_struct
Detach the credentials from task_struct, duplicating them in copy_process()
and releasing them in __put_task_struct().
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/capability.c | 8 | ||||
| -rw-r--r-- | security/security.c | 8 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 32 | ||||
| -rw-r--r-- | security/smack/smack_lsm.c | 20 |
4 files changed, 33 insertions, 35 deletions
diff --git a/security/capability.c b/security/capability.c index 245874819036..6c4b5137ca7b 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -340,12 +340,12 @@ static int cap_task_create(unsigned long clone_flags) | |||
| 340 | return 0; | 340 | return 0; |
| 341 | } | 341 | } |
| 342 | 342 | ||
| 343 | static int cap_task_alloc_security(struct task_struct *p) | 343 | static int cap_cred_alloc_security(struct cred *cred) |
| 344 | { | 344 | { |
| 345 | return 0; | 345 | return 0; |
| 346 | } | 346 | } |
| 347 | 347 | ||
| 348 | static void cap_task_free_security(struct task_struct *p) | 348 | static void cap_cred_free(struct cred *cred) |
| 349 | { | 349 | { |
| 350 | } | 350 | } |
| 351 | 351 | ||
| @@ -890,8 +890,8 @@ void security_fixup_ops(struct security_operations *ops) | |||
| 890 | set_to_cap_if_null(ops, file_receive); | 890 | set_to_cap_if_null(ops, file_receive); |
| 891 | set_to_cap_if_null(ops, dentry_open); | 891 | set_to_cap_if_null(ops, dentry_open); |
| 892 | set_to_cap_if_null(ops, task_create); | 892 | set_to_cap_if_null(ops, task_create); |
| 893 | set_to_cap_if_null(ops, task_alloc_security); | 893 | set_to_cap_if_null(ops, cred_alloc_security); |
| 894 | set_to_cap_if_null(ops, task_free_security); | 894 | set_to_cap_if_null(ops, cred_free); |
| 895 | set_to_cap_if_null(ops, task_setuid); | 895 | set_to_cap_if_null(ops, task_setuid); |
| 896 | set_to_cap_if_null(ops, task_post_setuid); | 896 | set_to_cap_if_null(ops, task_post_setuid); |
| 897 | set_to_cap_if_null(ops, task_setgid); | 897 | set_to_cap_if_null(ops, task_setgid); |
diff --git a/security/security.c b/security/security.c index 81c956a12300..d058f7d5b10a 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -616,14 +616,14 @@ int security_task_create(unsigned long clone_flags) | |||
| 616 | return security_ops->task_create(clone_flags); | 616 | return security_ops->task_create(clone_flags); |
| 617 | } | 617 | } |
| 618 | 618 | ||
| 619 | int security_task_alloc(struct task_struct *p) | 619 | int security_cred_alloc(struct cred *cred) |
| 620 | { | 620 | { |
| 621 | return security_ops->task_alloc_security(p); | 621 | return security_ops->cred_alloc_security(cred); |
| 622 | } | 622 | } |
| 623 | 623 | ||
| 624 | void security_task_free(struct task_struct *p) | 624 | void security_cred_free(struct cred *cred) |
| 625 | { | 625 | { |
| 626 | security_ops->task_free_security(p); | 626 | security_ops->cred_free(cred); |
| 627 | } | 627 | } |
| 628 | 628 | ||
| 629 | int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) | 629 | int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 328308f2882a..658435dce37c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -158,7 +158,7 @@ static int selinux_secmark_enabled(void) | |||
| 158 | 158 | ||
| 159 | /* Allocate and free functions for each kind of security blob. */ | 159 | /* Allocate and free functions for each kind of security blob. */ |
| 160 | 160 | ||
| 161 | static int task_alloc_security(struct task_struct *task) | 161 | static int cred_alloc_security(struct cred *cred) |
| 162 | { | 162 | { |
| 163 | struct task_security_struct *tsec; | 163 | struct task_security_struct *tsec; |
| 164 | 164 | ||
| @@ -167,18 +167,11 @@ static int task_alloc_security(struct task_struct *task) | |||
| 167 | return -ENOMEM; | 167 | return -ENOMEM; |
| 168 | 168 | ||
| 169 | tsec->osid = tsec->sid = SECINITSID_UNLABELED; | 169 | tsec->osid = tsec->sid = SECINITSID_UNLABELED; |
| 170 | task->cred->security = tsec; | 170 | cred->security = tsec; |
| 171 | 171 | ||
| 172 | return 0; | 172 | return 0; |
| 173 | } | 173 | } |
| 174 | 174 | ||
| 175 | static void task_free_security(struct task_struct *task) | ||
| 176 | { | ||
| 177 | struct task_security_struct *tsec = task->cred->security; | ||
| 178 | task->cred->security = NULL; | ||
| 179 | kfree(tsec); | ||
| 180 | } | ||
| 181 | |||
| 182 | static int inode_alloc_security(struct inode *inode) | 175 | static int inode_alloc_security(struct inode *inode) |
| 183 | { | 176 | { |
| 184 | struct task_security_struct *tsec = current->cred->security; | 177 | struct task_security_struct *tsec = current->cred->security; |
| @@ -3184,17 +3177,17 @@ static int selinux_task_create(unsigned long clone_flags) | |||
| 3184 | return task_has_perm(current, current, PROCESS__FORK); | 3177 | return task_has_perm(current, current, PROCESS__FORK); |
| 3185 | } | 3178 | } |
| 3186 | 3179 | ||
| 3187 | static int selinux_task_alloc_security(struct task_struct *tsk) | 3180 | static int selinux_cred_alloc_security(struct cred *cred) |
| 3188 | { | 3181 | { |
| 3189 | struct task_security_struct *tsec1, *tsec2; | 3182 | struct task_security_struct *tsec1, *tsec2; |
| 3190 | int rc; | 3183 | int rc; |
| 3191 | 3184 | ||
| 3192 | tsec1 = current->cred->security; | 3185 | tsec1 = current->cred->security; |
| 3193 | 3186 | ||
| 3194 | rc = task_alloc_security(tsk); | 3187 | rc = cred_alloc_security(cred); |
| 3195 | if (rc) | 3188 | if (rc) |
| 3196 | return rc; | 3189 | return rc; |
| 3197 | tsec2 = tsk->cred->security; | 3190 | tsec2 = cred->security; |
| 3198 | 3191 | ||
| 3199 | tsec2->osid = tsec1->osid; | 3192 | tsec2->osid = tsec1->osid; |
| 3200 | tsec2->sid = tsec1->sid; | 3193 | tsec2->sid = tsec1->sid; |
| @@ -3208,9 +3201,14 @@ static int selinux_task_alloc_security(struct task_struct *tsk) | |||
| 3208 | return 0; | 3201 | return 0; |
| 3209 | } | 3202 | } |
| 3210 | 3203 | ||
| 3211 | static void selinux_task_free_security(struct task_struct *tsk) | 3204 | /* |
| 3205 | * detach and free the LSM part of a set of credentials | ||
| 3206 | */ | ||
| 3207 | static void selinux_cred_free(struct cred *cred) | ||
| 3212 | { | 3208 | { |
| 3213 | task_free_security(tsk); | 3209 | struct task_security_struct *tsec = cred->security; |
| 3210 | cred->security = NULL; | ||
| 3211 | kfree(tsec); | ||
| 3214 | } | 3212 | } |
| 3215 | 3213 | ||
| 3216 | static int selinux_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) | 3214 | static int selinux_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) |
| @@ -5552,8 +5550,8 @@ static struct security_operations selinux_ops = { | |||
| 5552 | .dentry_open = selinux_dentry_open, | 5550 | .dentry_open = selinux_dentry_open, |
| 5553 | 5551 | ||
| 5554 | .task_create = selinux_task_create, | 5552 | .task_create = selinux_task_create, |
| 5555 | .task_alloc_security = selinux_task_alloc_security, | 5553 | .cred_alloc_security = selinux_cred_alloc_security, |
| 5556 | .task_free_security = selinux_task_free_security, | 5554 | .cred_free = selinux_cred_free, |
| 5557 | .task_setuid = selinux_task_setuid, | 5555 | .task_setuid = selinux_task_setuid, |
| 5558 | .task_post_setuid = selinux_task_post_setuid, | 5556 | .task_post_setuid = selinux_task_post_setuid, |
| 5559 | .task_setgid = selinux_task_setgid, | 5557 | .task_setgid = selinux_task_setgid, |
| @@ -5683,7 +5681,7 @@ static __init int selinux_init(void) | |||
| 5683 | printk(KERN_INFO "SELinux: Initializing.\n"); | 5681 | printk(KERN_INFO "SELinux: Initializing.\n"); |
| 5684 | 5682 | ||
| 5685 | /* Set the security state for the initial task. */ | 5683 | /* Set the security state for the initial task. */ |
| 5686 | if (task_alloc_security(current)) | 5684 | if (cred_alloc_security(current->cred)) |
| 5687 | panic("SELinux: Failed to initialize initial task.\n"); | 5685 | panic("SELinux: Failed to initialize initial task.\n"); |
| 5688 | tsec = current->cred->security; | 5686 | tsec = current->cred->security; |
| 5689 | tsec->osid = tsec->sid = SECINITSID_KERNEL; | 5687 | tsec->osid = tsec->sid = SECINITSID_KERNEL; |
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 791da238d049..cc837314fb0e 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -975,8 +975,8 @@ static int smack_file_receive(struct file *file) | |||
| 975 | */ | 975 | */ |
| 976 | 976 | ||
| 977 | /** | 977 | /** |
| 978 | * smack_task_alloc_security - "allocate" a task blob | 978 | * smack_cred_alloc_security - "allocate" a task cred blob |
| 979 | * @tsk: the task in need of a blob | 979 | * @cred: the task creds in need of a blob |
| 980 | * | 980 | * |
| 981 | * Smack isn't using copies of blobs. Everyone | 981 | * Smack isn't using copies of blobs. Everyone |
| 982 | * points to an immutable list. No alloc required. | 982 | * points to an immutable list. No alloc required. |
| @@ -984,24 +984,24 @@ static int smack_file_receive(struct file *file) | |||
| 984 | * | 984 | * |
| 985 | * Always returns 0 | 985 | * Always returns 0 |
| 986 | */ | 986 | */ |
| 987 | static int smack_task_alloc_security(struct task_struct *tsk) | 987 | static int smack_cred_alloc_security(struct cred *cred) |
| 988 | { | 988 | { |
| 989 | tsk->cred->security = current->cred->security; | 989 | cred->security = current->cred->security; |
| 990 | 990 | ||
| 991 | return 0; | 991 | return 0; |
| 992 | } | 992 | } |
| 993 | 993 | ||
| 994 | /** | 994 | /** |
| 995 | * smack_task_free_security - "free" a task blob | 995 | * smack_cred_free - "free" task-level security credentials |
| 996 | * @task: the task with the blob | 996 | * @cred: the credentials in question |
| 997 | * | 997 | * |
| 998 | * Smack isn't using copies of blobs. Everyone | 998 | * Smack isn't using copies of blobs. Everyone |
| 999 | * points to an immutable list. The blobs never go away. | 999 | * points to an immutable list. The blobs never go away. |
| 1000 | * There is no leak here. | 1000 | * There is no leak here. |
| 1001 | */ | 1001 | */ |
| 1002 | static void smack_task_free_security(struct task_struct *task) | 1002 | static void smack_cred_free(struct cred *cred) |
| 1003 | { | 1003 | { |
| 1004 | task->cred->security = NULL; | 1004 | cred->security = NULL; |
| 1005 | } | 1005 | } |
| 1006 | 1006 | ||
| 1007 | /** | 1007 | /** |
| @@ -2630,8 +2630,8 @@ struct security_operations smack_ops = { | |||
| 2630 | .file_send_sigiotask = smack_file_send_sigiotask, | 2630 | .file_send_sigiotask = smack_file_send_sigiotask, |
| 2631 | .file_receive = smack_file_receive, | 2631 | .file_receive = smack_file_receive, |
| 2632 | 2632 | ||
| 2633 | .task_alloc_security = smack_task_alloc_security, | 2633 | .cred_alloc_security = smack_cred_alloc_security, |
| 2634 | .task_free_security = smack_task_free_security, | 2634 | .cred_free = smack_cred_free, |
| 2635 | .task_post_setuid = cap_task_post_setuid, | 2635 | .task_post_setuid = cap_task_post_setuid, |
| 2636 | .task_setpgid = smack_task_setpgid, | 2636 | .task_setpgid = smack_task_setpgid, |
| 2637 | .task_getpgid = smack_task_getpgid, | 2637 | .task_getpgid = smack_task_getpgid, |