Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem update from James Morris: "Just some minor updates across the subsystem" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: ima: eliminate passing d_name.name to process_measurement() TPM: Retry SaveState command in suspend path tpm/tpm_i2c_infineon: Add small comment about return value of __i2c_transfer tpm/tpm_i2c_infineon.c: Add OF attributes type and name to the of_device_id table entries tpm_i2c_stm_st33: Remove duplicate inclusion of header files tpm: Add support for new Infineon I2C TPM (SLB 9645 TT 1.2 I2C) char/tpm: Convert struct i2c_msg initialization to C99 format drivers/char/tpm/tpm_ppi: use strlcpy instead of strncpy tpm/tpm_i2c_stm_st33: formatting and white space changes Smack: include magic.h in smackfs.c selinux: make security_sb_clone_mnt_opts return an error on context mismatch seccomp: allow BPF_XOR based ALU instructions. Fix NULL pointer dereference in smack_inode_unlink() and smack_inode_rmdir() Smack: add support for modification of existing rules smack: SMACK_MAGIC to include/uapi/linux/magic.h Smack: add missing support for transmute bit in smack_str_from_perm() Smack: prevent revoke-subject from failing when unseen label is written to it tomoyo: use DEFINE_SRCU() to define tomoyo_ss tomoyo: use DEFINE_SRCU() to define tomoyo_ss
author: Linus Torvalds <torvalds@linux-foundation.org> 2013-04-30 19:27:51 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2013-04-30 19:27:51 -0400
commit: 2e1deaad1e48453cea782854ab87df3f78c121c2 (patch)
tree: da0fe592dcc9ef6b0c4cd104a67af3c1d9e4c5d5 /security
parent: 50528fabeb25f9883e2845f5147f5e00a1c57cf7 (diff)
parent: b7ae9f064bec903bd4a9f257a35da4d1e9bbcc99 (diff)
9 files changed, 222 insertions, 108 deletions
diff --git a/security/capability.c b/security/capability.c
index 6783c3e6c88e..1728d4e375db 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -98,9 +98,10 @@ static int cap_sb_set_mnt_opts(struct super_block *sb,
        return 0;
 }
-static void cap_sb_clone_mnt_opts(const struct super_block *oldsb,
+static int cap_sb_clone_mnt_opts(const struct super_block *oldsb,
                                  struct super_block *newsb)
 {
+        return 0;
 }
 static int cap_sb_parse_opts_str(char *options, struct security_mnt_opts *opts)
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 3b3b7e6bf8da..6c491a63128e 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -189,11 +189,9 @@ static int process_measurement(struct file *file, const char *filename,
        if (rc != 0)
                goto out_digsig;
-        if (function != BPRM_CHECK)
+        pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename;
-                pathname = ima_d_path(&file->f_path, &pathbuf);
        if (!pathname)
-                pathname = filename;
+                pathname = (const char *)file->f_dentry->d_name.name;
        if (action & IMA_MEASURE)
                ima_store_measurement(iint, file, pathname);
@@ -226,8 +224,7 @@ out:
 int ima_file_mmap(struct file *file, unsigned long prot)
 {
        if (file && (prot & PROT_EXEC))
-                return process_measurement(file, file->f_dentry->d_name.name,
+                return process_measurement(file, NULL, MAY_EXEC, MMAP_CHECK);
-                                           MAY_EXEC, MMAP_CHECK);
        return 0;
 }
@@ -265,7 +262,7 @@ int ima_bprm_check(struct linux_binprm *bprm)
 int ima_file_check(struct file *file, int mask)
 {
        ima_rdwr_violation_check(file);
-        return process_measurement(file, file->f_dentry->d_name.name,
+        return process_measurement(file, NULL,
                                 mask & (MAY_READ | MAY_WRITE | MAY_EXEC),
                                 FILE_CHECK);
 }
@@ -290,8 +287,7 @@ int ima_module_check(struct file *file)
 #endif
                return 0;       /* We rely on module signature checking */
        }
-        return process_measurement(file, file->f_dentry->d_name.name,
+        return process_measurement(file, NULL, MAY_EXEC, MODULE_CHECK);
-                                   MAY_EXEC, MODULE_CHECK);
 }
 static int __init init_ima(void)
diff --git a/security/security.c b/security/security.c
index 03f248b84e9f..a3dce87d1aef 100644
--- a/security/security.c
+++ b/security/security.c
@@ -299,10 +299,10 @@ int security_sb_set_mnt_opts(struct super_block *sb,
 }
 EXPORT_SYMBOL(security_sb_set_mnt_opts);
-void security_sb_clone_mnt_opts(const struct super_block *oldsb,
+int security_sb_clone_mnt_opts(const struct super_block *oldsb,
                                struct super_block *newsb)
 {
-        security_ops->sb_clone_mnt_opts(oldsb, newsb);
+        return security_ops->sb_clone_mnt_opts(oldsb, newsb);
 }
 EXPORT_SYMBOL(security_sb_clone_mnt_opts);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 7171a957b933..feb2f42c5a07 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -751,7 +751,37 @@ out_double_mount:
        goto out;
 }
-static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb,
+static int selinux_cmp_sb_context(const struct super_block *oldsb,
+                                    const struct super_block *newsb)
+{
+        struct superblock_security_struct *old = oldsb->s_security;
+        struct superblock_security_struct *new = newsb->s_security;
+        char oldflags = old->flags & SE_MNTMASK;
+        char newflags = new->flags & SE_MNTMASK;
+        if (oldflags != newflags)
+                goto mismatch;
+        if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid)
+                goto mismatch;
+        if ((oldflags & CONTEXT_MNT) && old->mntpoint_sid != new->mntpoint_sid)
+                goto mismatch;
+        if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid)
+                goto mismatch;
+        if (oldflags & ROOTCONTEXT_MNT) {
+                struct inode_security_struct *oldroot = oldsb->s_root->d_inode->i_security;
+                struct inode_security_struct *newroot = newsb->s_root->d_inode->i_security;
+                if (oldroot->sid != newroot->sid)
+                        goto mismatch;
+        }
+        return 0;
+mismatch:
+        printk(KERN_WARNING "SELinux: mount invalid.  Same superblock, "
+                            "different security settings for (dev %s, "
+                            "type %s)\n", newsb->s_id, newsb->s_type->name);
+        return -EBUSY;
+}
+static int selinux_sb_clone_mnt_opts(const struct super_block *oldsb,
                                        struct super_block *newsb)
 {
        const struct superblock_security_struct *oldsbsec = oldsb->s_security;
@@ -766,14 +796,14 @@ static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb,
         * mount options.  thus we can safely deal with this superblock later
         */
        if (!ss_initialized)
-                return;
+                return 0;
        /* how can we clone if the old one wasn't set up?? */
        BUG_ON(!(oldsbsec->flags & SE_SBINITIALIZED));
-        /* if fs is reusing a sb, just let its options stand... */
+        /* if fs is reusing a sb, make sure that the contexts match */
        if (newsbsec->flags & SE_SBINITIALIZED)
-                return;
+                return selinux_cmp_sb_context(oldsb, newsb);
        mutex_lock(&newsbsec->lock);
@@ -806,6 +836,7 @@ static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb,
        sb_finish_set_opts(newsb);
        mutex_unlock(&newsbsec->lock);
+        return 0;
 }
 static int selinux_parse_opts_str(char *options,
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 99b36124f712..8ad30955e15d 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -149,11 +149,6 @@ struct smack_known {
 #define SMACK_CIPSO_SOCKET      1
 /*
- * smackfs magic number
- */
-#define SMACK_MAGIC     0x43415d53 /* "SMAC" */
-/*
 * CIPSO defaults.
 */
 #define SMACK_CIPSO_DOI_DEFAULT         3       /* Historical */
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index db14689a21e0..2e397a88d410 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -252,6 +252,8 @@ static inline void smack_str_from_perm(char *string, int access)
                string[i++] = 'x';
        if (access & MAY_APPEND)
                string[i++] = 'a';
+        if (access & MAY_TRANSMUTE)
+                string[i++] = 't';
        string[i] = '\0';
 }
 /**
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index fa64740abb59..d52c780bdb78 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -654,7 +654,7 @@ static int smack_inode_unlink(struct inode *dir, struct dentry *dentry)
                /*
                 * You also need write access to the containing directory
                 */
-                smk_ad_setfield_u_fs_path_dentry(&ad, NULL);
+                smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
                smk_ad_setfield_u_fs_inode(&ad, dir);
                rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
        }
@@ -685,7 +685,7 @@ static int smack_inode_rmdir(struct inode *dir, struct dentry *dentry)
                /*
                 * You also need write access to the containing directory
                 */
-                smk_ad_setfield_u_fs_path_dentry(&ad, NULL);
+                smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
                smk_ad_setfield_u_fs_inode(&ad, dir);
                rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
        }
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 76a5dca46404..53a08b85bda4 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -26,6 +26,7 @@
 #include <linux/seq_file.h>
 #include <linux/ctype.h>
 #include <linux/audit.h>
+#include <linux/magic.h>
 #include "smack.h"
 /*
@@ -50,12 +51,12 @@ enum smk_inos {
        SMK_ACCESS2     = 16,   /* make an access check with long labels */
        SMK_CIPSO2      = 17,   /* load long label -> CIPSO mapping */
        SMK_REVOKE_SUBJ = 18,   /* set rules with subject label to '-' */
+        SMK_CHANGE_RULE = 19,   /* change or add rules (long labels) */
 };
 /*
 * List locks
 */
-static DEFINE_MUTEX(smack_list_lock);
 static DEFINE_MUTEX(smack_cipso_lock);
 static DEFINE_MUTEX(smack_ambient_lock);
 static DEFINE_MUTEX(smk_netlbladdr_lock);
@@ -110,6 +111,13 @@ struct smack_master_list {
 LIST_HEAD(smack_rule_list);
+struct smack_parsed_rule {
+        char                    *smk_subject;
+        char                    *smk_object;
+        int                     smk_access1;
+        int                     smk_access2;
+};
 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
 const char *smack_cipso_option = SMACK_CIPSO_OPTION;
@@ -167,25 +175,28 @@ static void smk_netlabel_audit_set(struct netlbl_audit *nap)
 #define SMK_NETLBLADDRMIN       9
 /**
- * smk_set_access - add a rule to the rule list
+ * smk_set_access - add a rule to the rule list or replace an old rule
- * @srp: the new rule to add
+ * @srp: the rule to add or replace
 * @rule_list: the list of rules
 * @rule_lock: the rule list lock
+ * @global: if non-zero, indicates a global rule
 *
 * Looks through the current subject/object/access list for
 * the subject/object pair and replaces the access that was
 * there. If the pair isn't found add it with the specified
 * access.
 *
- * Returns 1 if a rule was found to exist already, 0 if it is new
 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
 * during the allocation of the new pair to add.
 */
-static int smk_set_access(struct smack_rule *srp, struct list_head *rule_list,
+static int smk_set_access(struct smack_parsed_rule *srp,
-                                struct mutex *rule_lock)
+                                struct list_head *rule_list,
+                                struct mutex *rule_lock, int global)
 {
        struct smack_rule *sp;
+        struct smack_master_list *smlp;
        int found = 0;
+        int rc = 0;
        mutex_lock(rule_lock);
@@ -197,23 +208,89 @@ static int smk_set_access(struct smack_rule *srp, struct list_head *rule_list,
                if (sp->smk_object == srp->smk_object &&
                    sp->smk_subject == srp->smk_subject) {
                        found = 1;
-                        sp->smk_access = srp->smk_access;
+                        sp->smk_access |= srp->smk_access1;
+                        sp->smk_access &= ~srp->smk_access2;
                        break;
                }
        }
-        if (found == 0)
-                list_add_rcu(&srp->list, rule_list);
+        if (found == 0) {
+                sp = kzalloc(sizeof(*sp), GFP_KERNEL);
+                if (sp == NULL) {
+                        rc = -ENOMEM;
+                        goto out;
+                }
+                sp->smk_subject = srp->smk_subject;
+                sp->smk_object = srp->smk_object;
+                sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
+                list_add_rcu(&sp->list, rule_list);
+                /*
+                 * If this is a global as opposed to self and a new rule
+                 * it needs to get added for reporting.
+                 */
+                if (global) {
+                        smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
+                        if (smlp != NULL) {
+                                smlp->smk_rule = sp;
+                                list_add_rcu(&smlp->list, &smack_rule_list);
+                        } else
+                                rc = -ENOMEM;
+                }
+        }
+out:
        mutex_unlock(rule_lock);
+        return rc;
+}
+/**
+ * smk_perm_from_str - parse smack accesses from a text string
+ * @string: a text string that contains a Smack accesses code
+ *
+ * Returns an integer with respective bits set for specified accesses.
+ */
+static int smk_perm_from_str(const char *string)
+{
+        int perm = 0;
+        const char *cp;
-        return found;
+        for (cp = string; ; cp++)
+                switch (*cp) {
+                case '-':
+                        break;
+                case 'r':
+                case 'R':
+                        perm |= MAY_READ;
+                        break;
+                case 'w':
+                case 'W':
+                        perm |= MAY_WRITE;
+                        break;
+                case 'x':
+                case 'X':
+                        perm |= MAY_EXEC;
+                        break;
+                case 'a':
+                case 'A':
+                        perm |= MAY_APPEND;
+                        break;
+                case 't':
+                case 'T':
+                        perm |= MAY_TRANSMUTE;
+                        break;
+                default:
+                        return perm;
+                }
 }
 /**
 * smk_fill_rule - Fill Smack rule from strings
 * @subject: subject label string
 * @object: object label string
- * @access: access string
+ * @access1: access string
+ * @access2: string with permissions to be removed
 * @rule: Smack rule
 * @import: if non-zero, import labels
 * @len: label length limit
@@ -221,8 +298,9 @@ static int smk_set_access(struct smack_rule *srp, struct list_head *rule_list,
 * Returns 0 on success, -1 on failure
 */
 static int smk_fill_rule(const char *subject, const char *object,
-                                const char *access, struct smack_rule *rule,
+                                const char *access1, const char *access2,
-                                int import, int len)
+                                struct smack_parsed_rule *rule, int import,
+                                int len)
 {
        const char *cp;
        struct smack_known *skp;
@@ -255,36 +333,11 @@ static int smk_fill_rule(const char *subject, const char *object,
                rule->smk_object = skp->smk_known;
        }
-        rule->smk_access = 0;
+        rule->smk_access1 = smk_perm_from_str(access1);
+        if (access2)
-        for (cp = access; *cp != '\0'; cp++) {
+                rule->smk_access2 = smk_perm_from_str(access2);
-                switch (*cp) {
+        else
-                case '-':
+                rule->smk_access2 = ~rule->smk_access1;
-                        break;
-                case 'r':
-                case 'R':
-                        rule->smk_access |= MAY_READ;
-                        break;
-                case 'w':
-                case 'W':
-                        rule->smk_access |= MAY_WRITE;
-                        break;
-                case 'x':
-                case 'X':
-                        rule->smk_access |= MAY_EXEC;
-                        break;
-                case 'a':
-                case 'A':
-                        rule->smk_access |= MAY_APPEND;
-                        break;
-                case 't':
-                case 'T':
-                        rule->smk_access |= MAY_TRANSMUTE;
-                        break;
-                default:
-                        return 0;
-                }
-        }
        return 0;
 }
@@ -297,30 +350,33 @@ static int smk_fill_rule(const char *subject, const char *object,
 *
 * Returns 0 on success, -1 on errors.
 */
-static int smk_parse_rule(const char *data, struct smack_rule *rule, int import)
+static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
+                                int import)
 {
        int rc;
        rc = smk_fill_rule(data, data + SMK_LABELLEN,
-                           data + SMK_LABELLEN + SMK_LABELLEN, rule, import,
+                           data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
-                           SMK_LABELLEN);
+                           import, SMK_LABELLEN);
        return rc;
 }
 /**
 * smk_parse_long_rule - parse Smack rule from rule string
 * @data: string to be parsed, null terminated
- * @rule: Smack rule
+ * @rule: Will be filled with Smack parsed rule
 * @import: if non-zero, import labels
+ * @change: if non-zero, data is from /smack/change-rule
 *
 * Returns 0 on success, -1 on failure
 */
-static int smk_parse_long_rule(const char *data, struct smack_rule *rule,
+static int smk_parse_long_rule(const char *data, struct smack_parsed_rule *rule,
-                                int import)
+                                int import, int change)
 {
        char *subject;
        char *object;
-        char *access;
+        char *access1;
+        char *access2;
        int datalen;
        int rc = -1;
@@ -334,14 +390,27 @@ static int smk_parse_long_rule(const char *data, struct smack_rule *rule,
        object = kzalloc(datalen, GFP_KERNEL);
        if (object == NULL)
                goto free_out_s;
-        access = kzalloc(datalen, GFP_KERNEL);
+        access1 = kzalloc(datalen, GFP_KERNEL);
-        if (access == NULL)
+        if (access1 == NULL)
                goto free_out_o;
+        access2 = kzalloc(datalen, GFP_KERNEL);
+        if (access2 == NULL)
+                goto free_out_a;
+        if (change) {
+                if (sscanf(data, "%s %s %s %s",
+                        subject, object, access1, access2) == 4)
+                        rc = smk_fill_rule(subject, object, access1, access2,
+                                rule, import, 0);
+        } else {
+                if (sscanf(data, "%s %s %s", subject, object, access1) == 3)
+                        rc = smk_fill_rule(subject, object, access1, NULL,
+                                rule, import, 0);
+        }
-        if (sscanf(data, "%s %s %s", subject, object, access) == 3)
+        kfree(access2);
-                rc = smk_fill_rule(subject, object, access, rule, import, 0);
+free_out_a:
+        kfree(access1);
-        kfree(access);
 free_out_o:
        kfree(object);
 free_out_s:
@@ -351,6 +420,7 @@ free_out_s:
 #define SMK_FIXED24_FMT 0       /* Fixed 24byte label format */
 #define SMK_LONG_FMT    1       /* Variable long label format */
+#define SMK_CHANGE_FMT  2       /* Rule modification format */
 /**
 * smk_write_rules_list - write() for any /smack rule file
 * @file: file pointer, not actually used
@@ -359,22 +429,24 @@ free_out_s:
 * @ppos: where to start - must be 0
 * @rule_list: the list of rules to write to
 * @rule_lock: lock for the rule list
- * @format: /smack/load or /smack/load2 format.
+ * @format: /smack/load or /smack/load2 or /smack/change-rule format.
 *
 * Get one smack access rule from above.
 * The format for SMK_LONG_FMT is:
 *      "subject<whitespace>object<whitespace>access[<whitespace>...]"
 * The format for SMK_FIXED24_FMT is exactly:
 *      "subject                 object                  rwxat"
+ * The format for SMK_CHANGE_FMT is:
+ *      "subject<whitespace>object<whitespace>
+ *       acc_enable<whitespace>acc_disable[<whitespace>...]"
 */
 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
                                        size_t count, loff_t *ppos,
                                        struct list_head *rule_list,
                                        struct mutex *rule_lock, int format)
 {
-        struct smack_master_list *smlp;
        struct smack_known *skp;
-        struct smack_rule *rule;
+        struct smack_parsed_rule *rule;
        char *data;
        int datalen;
        int rc = -EINVAL;
@@ -417,7 +489,11 @@ static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
                 * Be sure the data string is terminated.
                 */
                data[count] = '\0';
-                if (smk_parse_long_rule(data, rule, 1))
+                if (smk_parse_long_rule(data, rule, 1, 0))
+                        goto out_free_rule;
+        } else if (format == SMK_CHANGE_FMT) {
+                data[count] = '\0';
+                if (smk_parse_long_rule(data, rule, 1, 1))
                        goto out_free_rule;
        } else {
                /*
@@ -437,22 +513,9 @@ static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
                rule_lock = &skp->smk_rules_lock;
        }
-        rc = count;
+        rc = smk_set_access(rule, rule_list, rule_lock, load);
-        /*
+        if (rc == 0) {
-         * If this is a global as opposed to self and a new rule
+                rc = count;
-         * it needs to get added for reporting.
-         * smk_set_access returns true if there was already a rule
-         * for the subject/object pair, and false if it was new.
-         */
-        if (!smk_set_access(rule, rule_list, rule_lock)) {
-                if (load) {
-                        smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
-                        if (smlp != NULL) {
-                                smlp->smk_rule = rule;
-                                list_add_rcu(&smlp->list, &smack_rule_list);
-                        } else
-                                rc = -ENOMEM;
-                }
                goto out;
        }
@@ -1774,7 +1837,7 @@ static const struct file_operations smk_load_self_ops = {
 static ssize_t smk_user_access(struct file *file, const char __user *buf,
                                size_t count, loff_t *ppos, int format)
 {
-        struct smack_rule rule;
+        struct smack_parsed_rule rule;
        char *data;
        char *cod;
        int res;
@@ -1796,14 +1859,14 @@ static ssize_t smk_user_access(struct file *file, const char __user *buf,
                        return -ENOMEM;
                memcpy(cod, data, count);
                cod[count] = '\0';
-                res = smk_parse_long_rule(cod, &rule, 0);
+                res = smk_parse_long_rule(cod, &rule, 0, 0);
                kfree(cod);
        }
        if (res)
                return -EINVAL;
-        res = smk_access(rule.smk_subject, rule.smk_object, rule.smk_access,
+        res = smk_access(rule.smk_subject, rule.smk_object, rule.smk_access1,
                          NULL);
        data[0] = res == 0 ? '1' : '0';
        data[1] = '\0';
@@ -2035,10 +2098,8 @@ static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
        }
        skp = smk_find_entry(cp);
-        if (skp == NULL) {
+        if (skp == NULL)
-                rc = -EINVAL;
                goto free_out;
-        }
        rule_list = &skp->smk_rules;
        rule_lock = &skp->smk_rules_lock;
@@ -2077,6 +2138,33 @@ static int smk_init_sysfs(void)
 }
 /**
+ * smk_write_change_rule - write() for /smack/change-rule
+ * @file: file pointer
+ * @buf: data from user space
+ * @count: bytes sent
+ * @ppos: where to start - must be 0
+ */
+static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
+                                size_t count, loff_t *ppos)
+{
+        /*
+         * Must have privilege.
+         */
+        if (!capable(CAP_MAC_ADMIN))
+                return -EPERM;
+        return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
+                                    SMK_CHANGE_FMT);
+}
+static const struct file_operations smk_change_rule_ops = {
+        .write          = smk_write_change_rule,
+        .read           = simple_transaction_read,
+        .release        = simple_transaction_release,
+        .llseek         = generic_file_llseek,
+};
+/**
 * smk_fill_super - fill the /smackfs superblock
 * @sb: the empty superblock
 * @data: unused
@@ -2125,6 +2213,8 @@ static int smk_fill_super(struct super_block *sb, void *data, int silent)
                [SMK_REVOKE_SUBJ] = {
                        "revoke-subject", &smk_revoke_subj_ops,
                        S_IRUGO|S_IWUSR},
+                [SMK_CHANGE_RULE] = {
+                        "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
                /* last one */
                        {""}
        };
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index a2ee362546ab..f0b756e27fed 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -536,7 +536,7 @@ static struct security_operations tomoyo_security_ops = {
 };
 /* Lock for GC. */
-struct srcu_struct tomoyo_ss;
+DEFINE_SRCU(tomoyo_ss);
 /**
 * tomoyo_init - Register TOMOYO Linux as a LSM module.
@@ -550,8 +550,7 @@ static int __init tomoyo_init(void)
        if (!security_module_enable(&tomoyo_security_ops))
                return 0;
        /* register ourselves with the security framework */
-        if (register_security(&tomoyo_security_ops) ||
+        if (register_security(&tomoyo_security_ops))
-            init_srcu_struct(&tomoyo_ss))
                panic("Failure registering TOMOYO Linux");
        printk(KERN_INFO "TOMOYO Linux initialized\n");
        cred->security = &tomoyo_kernel_domain;
author	Linus Torvalds <torvalds@linux-foundation.org>	2013-04-30 19:27:51 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2013-04-30 19:27:51 -0400
commit	2e1deaad1e48453cea782854ab87df3f78c121c2 (patch)
tree	da0fe592dcc9ef6b0c4cd104a67af3c1d9e4c5d5 /security
parent	50528fabeb25f9883e2845f5147f5e00a1c57cf7 (diff)
parent	b7ae9f064bec903bd4a9f257a35da4d1e9bbcc99 (diff)