diff options
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9b40f4c0ac70..4796ddd4e721 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2170,8 +2170,9 @@ static inline void flush_unauthorized_files(const struct cred *cred, | |||
| 2170 | 2170 | ||
| 2171 | tty = get_current_tty(); | 2171 | tty = get_current_tty(); |
| 2172 | if (tty) { | 2172 | if (tty) { |
| 2173 | file_list_lock(); | 2173 | spin_lock(&tty_files_lock); |
| 2174 | if (!list_empty(&tty->tty_files)) { | 2174 | if (!list_empty(&tty->tty_files)) { |
| 2175 | struct tty_file_private *file_priv; | ||
| 2175 | struct inode *inode; | 2176 | struct inode *inode; |
| 2176 | 2177 | ||
| 2177 | /* Revalidate access to controlling tty. | 2178 | /* Revalidate access to controlling tty. |
| @@ -2179,14 +2180,16 @@ static inline void flush_unauthorized_files(const struct cred *cred, | |||
| 2179 | than using file_has_perm, as this particular open | 2180 | than using file_has_perm, as this particular open |
| 2180 | file may belong to another process and we are only | 2181 | file may belong to another process and we are only |
| 2181 | interested in the inode-based check here. */ | 2182 | interested in the inode-based check here. */ |
| 2182 | file = list_first_entry(&tty->tty_files, struct file, f_u.fu_list); | 2183 | file_priv = list_first_entry(&tty->tty_files, |
| 2184 | struct tty_file_private, list); | ||
| 2185 | file = file_priv->file; | ||
| 2183 | inode = file->f_path.dentry->d_inode; | 2186 | inode = file->f_path.dentry->d_inode; |
| 2184 | if (inode_has_perm(cred, inode, | 2187 | if (inode_has_perm(cred, inode, |
| 2185 | FILE__READ | FILE__WRITE, NULL)) { | 2188 | FILE__READ | FILE__WRITE, NULL)) { |
| 2186 | drop_tty = 1; | 2189 | drop_tty = 1; |
| 2187 | } | 2190 | } |
| 2188 | } | 2191 | } |
| 2189 | file_list_unlock(); | 2192 | spin_unlock(&tty_files_lock); |
| 2190 | tty_kref_put(tty); | 2193 | tty_kref_put(tty); |
| 2191 | } | 2194 | } |
| 2192 | /* Reset controlling tty. */ | 2195 | /* Reset controlling tty. */ |
| @@ -2284,12 +2287,15 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm) | |||
| 2284 | rc = avc_has_perm(new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS, | 2287 | rc = avc_has_perm(new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS, |
| 2285 | PROCESS__RLIMITINH, NULL); | 2288 | PROCESS__RLIMITINH, NULL); |
| 2286 | if (rc) { | 2289 | if (rc) { |
| 2290 | /* protect against do_prlimit() */ | ||
| 2291 | task_lock(current); | ||
| 2287 | for (i = 0; i < RLIM_NLIMITS; i++) { | 2292 | for (i = 0; i < RLIM_NLIMITS; i++) { |
| 2288 | rlim = current->signal->rlim + i; | 2293 | rlim = current->signal->rlim + i; |
| 2289 | initrlim = init_task.signal->rlim + i; | 2294 | initrlim = init_task.signal->rlim + i; |
| 2290 | rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); | 2295 | rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); |
| 2291 | } | 2296 | } |
| 2292 | update_rlimit_cpu(current->signal->rlim[RLIMIT_CPU].rlim_cur); | 2297 | task_unlock(current); |
| 2298 | update_rlimit_cpu(current, rlimit(RLIMIT_CPU)); | ||
| 2293 | } | 2299 | } |
| 2294 | } | 2300 | } |
| 2295 | 2301 | ||
| @@ -3333,16 +3339,17 @@ static int selinux_task_getioprio(struct task_struct *p) | |||
| 3333 | return current_has_perm(p, PROCESS__GETSCHED); | 3339 | return current_has_perm(p, PROCESS__GETSCHED); |
| 3334 | } | 3340 | } |
| 3335 | 3341 | ||
| 3336 | static int selinux_task_setrlimit(unsigned int resource, struct rlimit *new_rlim) | 3342 | static int selinux_task_setrlimit(struct task_struct *p, unsigned int resource, |
| 3343 | struct rlimit *new_rlim) | ||
| 3337 | { | 3344 | { |
| 3338 | struct rlimit *old_rlim = current->signal->rlim + resource; | 3345 | struct rlimit *old_rlim = p->signal->rlim + resource; |
| 3339 | 3346 | ||
| 3340 | /* Control the ability to change the hard limit (whether | 3347 | /* Control the ability to change the hard limit (whether |
| 3341 | lowering or raising it), so that the hard limit can | 3348 | lowering or raising it), so that the hard limit can |
| 3342 | later be used as a safe reset point for the soft limit | 3349 | later be used as a safe reset point for the soft limit |
| 3343 | upon context transitions. See selinux_bprm_committing_creds. */ | 3350 | upon context transitions. See selinux_bprm_committing_creds. */ |
| 3344 | if (old_rlim->rlim_max != new_rlim->rlim_max) | 3351 | if (old_rlim->rlim_max != new_rlim->rlim_max) |
| 3345 | return current_has_perm(current, PROCESS__SETRLIMIT); | 3352 | return current_has_perm(p, PROCESS__SETRLIMIT); |
| 3346 | 3353 | ||
| 3347 | return 0; | 3354 | return 0; |
| 3348 | } | 3355 | } |