aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2012-10-15 17:02:07 -0400
committerRusty Russell <rusty@rustcorp.com.au>2012-12-13 21:35:24 -0500
commit2e72d51b4ac32989496870cd8171b3682fea1839 (patch)
treeb8190d17aa5d59508f8c979ce0160f21bef89500 /security
parent2f3238aebedb243804f58d62d57244edec4149b2 (diff)
security: introduce kernel_module_from_file hook
Now that kernel module origins can be reasoned about, provide a hook to the LSMs to make policy decisions about the module file. This will let Chrome OS enforce that loadable kernel modules can only come from its read-only hash-verified root filesystem. Other LSMs can, for example, read extended attributes for signatures, etc. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Diffstat (limited to 'security')
-rw-r--r--security/capability.c6
-rw-r--r--security/security.c5
2 files changed, 11 insertions, 0 deletions
diff --git a/security/capability.c b/security/capability.c
index b14a30c234b8..0fe5a026aef8 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -395,6 +395,11 @@ static int cap_kernel_module_request(char *kmod_name)
395 return 0; 395 return 0;
396} 396}
397 397
398static int cap_kernel_module_from_file(struct file *file)
399{
400 return 0;
401}
402
398static int cap_task_setpgid(struct task_struct *p, pid_t pgid) 403static int cap_task_setpgid(struct task_struct *p, pid_t pgid)
399{ 404{
400 return 0; 405 return 0;
@@ -967,6 +972,7 @@ void __init security_fixup_ops(struct security_operations *ops)
967 set_to_cap_if_null(ops, kernel_act_as); 972 set_to_cap_if_null(ops, kernel_act_as);
968 set_to_cap_if_null(ops, kernel_create_files_as); 973 set_to_cap_if_null(ops, kernel_create_files_as);
969 set_to_cap_if_null(ops, kernel_module_request); 974 set_to_cap_if_null(ops, kernel_module_request);
975 set_to_cap_if_null(ops, kernel_module_from_file);
970 set_to_cap_if_null(ops, task_fix_setuid); 976 set_to_cap_if_null(ops, task_fix_setuid);
971 set_to_cap_if_null(ops, task_setpgid); 977 set_to_cap_if_null(ops, task_setpgid);
972 set_to_cap_if_null(ops, task_getpgid); 978 set_to_cap_if_null(ops, task_getpgid);
diff --git a/security/security.c b/security/security.c
index 8dcd4ae10a5f..ce88630de15d 100644
--- a/security/security.c
+++ b/security/security.c
@@ -820,6 +820,11 @@ int security_kernel_module_request(char *kmod_name)
820 return security_ops->kernel_module_request(kmod_name); 820 return security_ops->kernel_module_request(kmod_name);
821} 821}
822 822
823int security_kernel_module_from_file(struct file *file)
824{
825 return security_ops->kernel_module_from_file(file);
826}
827
823int security_task_fix_setuid(struct cred *new, const struct cred *old, 828int security_task_fix_setuid(struct cred *new, const struct cred *old,
824 int flags) 829 int flags)
825{ 830{
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-27 08:22:43 -0500