aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2009-09-02 04:13:40 -0400
committerJames Morris <jmorris@namei.org>2009-09-02 07:29:01 -0400
commite0e817392b9acf2c98d3be80c233dddb1b52003d (patch)
treeee680c020039313c9f9c40ab3542bb30a7363381 /security
parented6d76e4c32de0c2ad5f1d572b948ef49e465176 (diff)
CRED: Add some configurable debugging [try #6]
Add a config option (CONFIG_DEBUG_CREDENTIALS) to turn on some debug checking for credential management. The additional code keeps track of the number of pointers from task_structs to any given cred struct, and checks to see that this number never exceeds the usage count of the cred struct (which includes all references, not just those from task_structs). Furthermore, if SELinux is enabled, the code also checks that the security pointer in the cred struct is never seen to be invalid. This attempts to catch the bug whereby inode_has_perm() faults in an nfsd kernel thread on seeing cred->security be a NULL pointer (it appears that the credential struct has been previously released): http://www.kerneloops.org/oops.php?number=252883 Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 27b4c5527358..c3bb31ecc5aa 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1531,6 +1531,8 @@ static int inode_has_perm(const struct cred *cred,
1531 struct common_audit_data ad; 1531 struct common_audit_data ad;
1532 u32 sid; 1532 u32 sid;
1533 1533
1534 validate_creds(cred);
1535
1534 if (unlikely(IS_PRIVATE(inode))) 1536 if (unlikely(IS_PRIVATE(inode)))
1535 return 0; 1537 return 0;
1536 1538
@@ -3236,7 +3238,9 @@ static int selinux_task_create(unsigned long clone_flags)
3236static void selinux_cred_free(struct cred *cred) 3238static void selinux_cred_free(struct cred *cred)
3237{ 3239{
3238 struct task_security_struct *tsec = cred->security; 3240 struct task_security_struct *tsec = cred->security;
3239 cred->security = NULL; 3241
3242 BUG_ON((unsigned long) cred->security < PAGE_SIZE);
3243 cred->security = (void *) 0x7UL;
3240 kfree(tsec); 3244 kfree(tsec);
3241} 3245}
3242 3246