diff options
| author | Jiri Kosina <jkosina@suse.cz> | 2011-07-11 08:15:48 -0400 |
|---|---|---|
| committer | Jiri Kosina <jkosina@suse.cz> | 2011-07-11 08:15:55 -0400 |
| commit | b7e9c223be8ce335e30f2cf6ba588e6a4092275c (patch) | |
| tree | 2d1e3b75606abc18df7ad65e51ac3f90cd68b38d /security | |
| parent | c172d82500a6cf3c32d1e650722a1055d72ce858 (diff) | |
| parent | e3bbfa78bab125f58b831b5f7f45b5a305091d72 (diff) | |
Merge branch 'master' into for-next
Sync with Linus' tree to be able to apply pending patches that
are based on newer code already present upstream.
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/lsm.c | 2 | ||||
| -rw-r--r-- | security/device_cgroup.c | 8 | ||||
| -rw-r--r-- | security/keys/request_key.c | 6 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 37 | ||||
| -rw-r--r-- | security/selinux/ss/policydb.c | 3 | ||||
| -rw-r--r-- | security/tomoyo/mount.c | 2 |
6 files changed, 45 insertions, 13 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index ec1bcecf2cda..3d2fd141dff7 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c | |||
| @@ -612,7 +612,7 @@ static int apparmor_setprocattr(struct task_struct *task, char *name, | |||
| 612 | static int apparmor_task_setrlimit(struct task_struct *task, | 612 | static int apparmor_task_setrlimit(struct task_struct *task, |
| 613 | unsigned int resource, struct rlimit *new_rlim) | 613 | unsigned int resource, struct rlimit *new_rlim) |
| 614 | { | 614 | { |
| 615 | struct aa_profile *profile = aa_current_profile(); | 615 | struct aa_profile *profile = __aa_current_profile(); |
| 616 | int error = 0; | 616 | int error = 0; |
| 617 | 617 | ||
| 618 | if (!unconfined(profile)) | 618 | if (!unconfined(profile)) |
diff --git a/security/device_cgroup.c b/security/device_cgroup.c index cd1f779fa51d..1be68269e1c2 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c | |||
| @@ -474,17 +474,11 @@ struct cgroup_subsys devices_subsys = { | |||
| 474 | .subsys_id = devices_subsys_id, | 474 | .subsys_id = devices_subsys_id, |
| 475 | }; | 475 | }; |
| 476 | 476 | ||
| 477 | int devcgroup_inode_permission(struct inode *inode, int mask) | 477 | int __devcgroup_inode_permission(struct inode *inode, int mask) |
| 478 | { | 478 | { |
| 479 | struct dev_cgroup *dev_cgroup; | 479 | struct dev_cgroup *dev_cgroup; |
| 480 | struct dev_whitelist_item *wh; | 480 | struct dev_whitelist_item *wh; |
| 481 | 481 | ||
| 482 | dev_t device = inode->i_rdev; | ||
| 483 | if (!device) | ||
| 484 | return 0; | ||
| 485 | if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode)) | ||
| 486 | return 0; | ||
| 487 | |||
| 488 | rcu_read_lock(); | 482 | rcu_read_lock(); |
| 489 | 483 | ||
| 490 | dev_cgroup = task_devcgroup(current); | 484 | dev_cgroup = task_devcgroup(current); |
diff --git a/security/keys/request_key.c b/security/keys/request_key.c index d31862e0aa1c..82465328c39b 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c | |||
| @@ -71,9 +71,8 @@ EXPORT_SYMBOL(complete_request_key); | |||
| 71 | * This is called in context of freshly forked kthread before kernel_execve(), | 71 | * This is called in context of freshly forked kthread before kernel_execve(), |
| 72 | * so we can simply install the desired session_keyring at this point. | 72 | * so we can simply install the desired session_keyring at this point. |
| 73 | */ | 73 | */ |
| 74 | static int umh_keys_init(struct subprocess_info *info) | 74 | static int umh_keys_init(struct subprocess_info *info, struct cred *cred) |
| 75 | { | 75 | { |
| 76 | struct cred *cred = (struct cred*)current_cred(); | ||
| 77 | struct key *keyring = info->data; | 76 | struct key *keyring = info->data; |
| 78 | 77 | ||
| 79 | return install_session_keyring_to_cred(cred, keyring); | 78 | return install_session_keyring_to_cred(cred, keyring); |
| @@ -470,7 +469,7 @@ static struct key *construct_key_and_link(struct key_type *type, | |||
| 470 | } else if (ret == -EINPROGRESS) { | 469 | } else if (ret == -EINPROGRESS) { |
| 471 | ret = 0; | 470 | ret = 0; |
| 472 | } else { | 471 | } else { |
| 473 | key = ERR_PTR(ret); | 472 | goto couldnt_alloc_key; |
| 474 | } | 473 | } |
| 475 | 474 | ||
| 476 | key_put(dest_keyring); | 475 | key_put(dest_keyring); |
| @@ -480,6 +479,7 @@ static struct key *construct_key_and_link(struct key_type *type, | |||
| 480 | construction_failed: | 479 | construction_failed: |
| 481 | key_negate_and_link(key, key_negative_timeout, NULL, NULL); | 480 | key_negate_and_link(key, key_negative_timeout, NULL, NULL); |
| 482 | key_put(key); | 481 | key_put(key); |
| 482 | couldnt_alloc_key: | ||
| 483 | key_put(dest_keyring); | 483 | key_put(dest_keyring); |
| 484 | kleave(" = %d", ret); | 484 | kleave(" = %d", ret); |
| 485 | return ERR_PTR(ret); | 485 | return ERR_PTR(ret); |
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 77d44138864f..35459340019e 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c | |||
| @@ -29,6 +29,7 @@ | |||
| 29 | #include <linux/audit.h> | 29 | #include <linux/audit.h> |
| 30 | #include <linux/uaccess.h> | 30 | #include <linux/uaccess.h> |
| 31 | #include <linux/kobject.h> | 31 | #include <linux/kobject.h> |
| 32 | #include <linux/ctype.h> | ||
| 32 | 33 | ||
| 33 | /* selinuxfs pseudo filesystem for exporting the security policy API. | 34 | /* selinuxfs pseudo filesystem for exporting the security policy API. |
| 34 | Based on the proc code and the fs/nfsd/nfsctl.c code. */ | 35 | Based on the proc code and the fs/nfsd/nfsctl.c code. */ |
| @@ -751,6 +752,14 @@ out: | |||
| 751 | return length; | 752 | return length; |
| 752 | } | 753 | } |
| 753 | 754 | ||
| 755 | static inline int hexcode_to_int(int code) { | ||
| 756 | if (code == '\0' || !isxdigit(code)) | ||
| 757 | return -1; | ||
| 758 | if (isdigit(code)) | ||
| 759 | return code - '0'; | ||
| 760 | return tolower(code) - 'a' + 10; | ||
| 761 | } | ||
| 762 | |||
| 754 | static ssize_t sel_write_create(struct file *file, char *buf, size_t size) | 763 | static ssize_t sel_write_create(struct file *file, char *buf, size_t size) |
| 755 | { | 764 | { |
| 756 | char *scon = NULL, *tcon = NULL; | 765 | char *scon = NULL, *tcon = NULL; |
| @@ -785,8 +794,34 @@ static ssize_t sel_write_create(struct file *file, char *buf, size_t size) | |||
| 785 | nargs = sscanf(buf, "%s %s %hu %s", scon, tcon, &tclass, namebuf); | 794 | nargs = sscanf(buf, "%s %s %hu %s", scon, tcon, &tclass, namebuf); |
| 786 | if (nargs < 3 || nargs > 4) | 795 | if (nargs < 3 || nargs > 4) |
| 787 | goto out; | 796 | goto out; |
| 788 | if (nargs == 4) | 797 | if (nargs == 4) { |
| 798 | /* | ||
| 799 | * If and when the name of new object to be queried contains | ||
| 800 | * either whitespace or multibyte characters, they shall be | ||
| 801 | * encoded based on the percentage-encoding rule. | ||
| 802 | * If not encoded, the sscanf logic picks up only left-half | ||
| 803 | * of the supplied name; splitted by a whitespace unexpectedly. | ||
| 804 | */ | ||
| 805 | char *r, *w; | ||
| 806 | int c1, c2; | ||
| 807 | |||
| 808 | r = w = namebuf; | ||
| 809 | do { | ||
| 810 | c1 = *r++; | ||
| 811 | if (c1 == '+') | ||
| 812 | c1 = ' '; | ||
| 813 | else if (c1 == '%') { | ||
| 814 | if ((c1 = hexcode_to_int(*r++)) < 0) | ||
| 815 | goto out; | ||
| 816 | if ((c2 = hexcode_to_int(*r++)) < 0) | ||
| 817 | goto out; | ||
| 818 | c1 = (c1 << 4) | c2; | ||
| 819 | } | ||
| 820 | *w++ = c1; | ||
| 821 | } while (c1 != '\0'); | ||
| 822 | |||
| 789 | objname = namebuf; | 823 | objname = namebuf; |
| 824 | } | ||
| 790 | 825 | ||
| 791 | length = security_context_to_sid(scon, strlen(scon) + 1, &ssid); | 826 | length = security_context_to_sid(scon, strlen(scon) + 1, &ssid); |
| 792 | if (length) | 827 | if (length) |
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 102e9ec1b77a..d246aca3f4fb 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c | |||
| @@ -3222,6 +3222,9 @@ static int filename_trans_write(struct policydb *p, void *fp) | |||
| 3222 | __le32 buf[1]; | 3222 | __le32 buf[1]; |
| 3223 | int rc; | 3223 | int rc; |
| 3224 | 3224 | ||
| 3225 | if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS) | ||
| 3226 | return 0; | ||
| 3227 | |||
| 3225 | nel = 0; | 3228 | nel = 0; |
| 3226 | rc = hashtab_map(p->filename_trans, hashtab_cnt, &nel); | 3229 | rc = hashtab_map(p->filename_trans, hashtab_cnt, &nel); |
| 3227 | if (rc) | 3230 | if (rc) |
diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c index 162a864dba24..9fc2e15841c9 100644 --- a/security/tomoyo/mount.c +++ b/security/tomoyo/mount.c | |||
| @@ -138,7 +138,7 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name, | |||
| 138 | } | 138 | } |
| 139 | if (need_dev) { | 139 | if (need_dev) { |
| 140 | /* Get mount point or device file. */ | 140 | /* Get mount point or device file. */ |
| 141 | if (kern_path(dev_name, LOOKUP_FOLLOW, &path)) { | 141 | if (!dev_name || kern_path(dev_name, LOOKUP_FOLLOW, &path)) { |
| 142 | error = -ENOENT; | 142 | error = -ENOENT; |
| 143 | goto out; | 143 | goto out; |
| 144 | } | 144 | } |