diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/Kconfig | 9 | ||||
-rw-r--r-- | security/commoncap.c | 72 |
2 files changed, 2 insertions, 79 deletions
diff --git a/security/Kconfig b/security/Kconfig index 95cc08913ca1..226b9556b25f 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
@@ -91,15 +91,6 @@ config SECURITY_PATH | |||
91 | implement pathname based access controls. | 91 | implement pathname based access controls. |
92 | If you are unsure how to answer this question, answer N. | 92 | If you are unsure how to answer this question, answer N. |
93 | 93 | ||
94 | config SECURITY_FILE_CAPABILITIES | ||
95 | bool "File POSIX Capabilities" | ||
96 | default n | ||
97 | help | ||
98 | This enables filesystem capabilities, allowing you to give | ||
99 | binaries a subset of root's powers without using setuid 0. | ||
100 | |||
101 | If in doubt, answer N. | ||
102 | |||
103 | config INTEL_TXT | 94 | config INTEL_TXT |
104 | bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" | 95 | bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" |
105 | depends on HAVE_INTEL_TXT | 96 | depends on HAVE_INTEL_TXT |
diff --git a/security/commoncap.c b/security/commoncap.c index 45b87af4ae5d..f800fdb3de94 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
@@ -173,7 +173,6 @@ int cap_capget(struct task_struct *target, kernel_cap_t *effective, | |||
173 | */ | 173 | */ |
174 | static inline int cap_inh_is_capped(void) | 174 | static inline int cap_inh_is_capped(void) |
175 | { | 175 | { |
176 | #ifdef CONFIG_SECURITY_FILE_CAPABILITIES | ||
177 | 176 | ||
178 | /* they are so limited unless the current task has the CAP_SETPCAP | 177 | /* they are so limited unless the current task has the CAP_SETPCAP |
179 | * capability | 178 | * capability |
@@ -181,7 +180,6 @@ static inline int cap_inh_is_capped(void) | |||
181 | if (cap_capable(current, current_cred(), CAP_SETPCAP, | 180 | if (cap_capable(current, current_cred(), CAP_SETPCAP, |
182 | SECURITY_CAP_AUDIT) == 0) | 181 | SECURITY_CAP_AUDIT) == 0) |
183 | return 0; | 182 | return 0; |
184 | #endif | ||
185 | return 1; | 183 | return 1; |
186 | } | 184 | } |
187 | 185 | ||
@@ -239,8 +237,6 @@ static inline void bprm_clear_caps(struct linux_binprm *bprm) | |||
239 | bprm->cap_effective = false; | 237 | bprm->cap_effective = false; |
240 | } | 238 | } |
241 | 239 | ||
242 | #ifdef CONFIG_SECURITY_FILE_CAPABILITIES | ||
243 | |||
244 | /** | 240 | /** |
245 | * cap_inode_need_killpriv - Determine if inode change affects privileges | 241 | * cap_inode_need_killpriv - Determine if inode change affects privileges |
246 | * @dentry: The inode/dentry in being changed with change marked ATTR_KILL_PRIV | 242 | * @dentry: The inode/dentry in being changed with change marked ATTR_KILL_PRIV |
@@ -421,49 +417,6 @@ out: | |||
421 | return rc; | 417 | return rc; |
422 | } | 418 | } |
423 | 419 | ||
424 | #else | ||
425 | int cap_inode_need_killpriv(struct dentry *dentry) | ||
426 | { | ||
427 | return 0; | ||
428 | } | ||
429 | |||
430 | int cap_inode_killpriv(struct dentry *dentry) | ||
431 | { | ||
432 | return 0; | ||
433 | } | ||
434 | |||
435 | int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps) | ||
436 | { | ||
437 | memset(cpu_caps, 0, sizeof(struct cpu_vfs_cap_data)); | ||
438 | return -ENODATA; | ||
439 | } | ||
440 | |||
441 | static inline int get_file_caps(struct linux_binprm *bprm, bool *effective) | ||
442 | { | ||
443 | bprm_clear_caps(bprm); | ||
444 | return 0; | ||
445 | } | ||
446 | #endif | ||
447 | |||
448 | /* | ||
449 | * Determine whether a exec'ing process's new permitted capabilities should be | ||
450 | * limited to just what it already has. | ||
451 | * | ||
452 | * This prevents processes that are being ptraced from gaining access to | ||
453 | * CAP_SETPCAP, unless the process they're tracing already has it, and the | ||
454 | * binary they're executing has filecaps that elevate it. | ||
455 | * | ||
456 | * Returns 1 if they should be limited, 0 if they are not. | ||
457 | */ | ||
458 | static inline int cap_limit_ptraced_target(void) | ||
459 | { | ||
460 | #ifndef CONFIG_SECURITY_FILE_CAPABILITIES | ||
461 | if (capable(CAP_SETPCAP)) | ||
462 | return 0; | ||
463 | #endif | ||
464 | return 1; | ||
465 | } | ||
466 | |||
467 | /** | 420 | /** |
468 | * cap_bprm_set_creds - Set up the proposed credentials for execve(). | 421 | * cap_bprm_set_creds - Set up the proposed credentials for execve(). |
469 | * @bprm: The execution parameters, including the proposed creds | 422 | * @bprm: The execution parameters, including the proposed creds |
@@ -523,9 +476,8 @@ skip: | |||
523 | new->euid = new->uid; | 476 | new->euid = new->uid; |
524 | new->egid = new->gid; | 477 | new->egid = new->gid; |
525 | } | 478 | } |
526 | if (cap_limit_ptraced_target()) | 479 | new->cap_permitted = cap_intersect(new->cap_permitted, |
527 | new->cap_permitted = cap_intersect(new->cap_permitted, | 480 | old->cap_permitted); |
528 | old->cap_permitted); | ||
529 | } | 481 | } |
530 | 482 | ||
531 | new->suid = new->fsuid = new->euid; | 483 | new->suid = new->fsuid = new->euid; |
@@ -739,7 +691,6 @@ int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags) | |||
739 | return 0; | 691 | return 0; |
740 | } | 692 | } |
741 | 693 | ||
742 | #ifdef CONFIG_SECURITY_FILE_CAPABILITIES | ||
743 | /* | 694 | /* |
744 | * Rationale: code calling task_setscheduler, task_setioprio, and | 695 | * Rationale: code calling task_setscheduler, task_setioprio, and |
745 | * task_setnice, assumes that | 696 | * task_setnice, assumes that |
@@ -820,22 +771,6 @@ static long cap_prctl_drop(struct cred *new, unsigned long cap) | |||
820 | return 0; | 771 | return 0; |
821 | } | 772 | } |
822 | 773 | ||
823 | #else | ||
824 | int cap_task_setscheduler (struct task_struct *p, int policy, | ||
825 | struct sched_param *lp) | ||
826 | { | ||
827 | return 0; | ||
828 | } | ||
829 | int cap_task_setioprio (struct task_struct *p, int ioprio) | ||
830 | { | ||
831 | return 0; | ||
832 | } | ||
833 | int cap_task_setnice (struct task_struct *p, int nice) | ||
834 | { | ||
835 | return 0; | ||
836 | } | ||
837 | #endif | ||
838 | |||
839 | /** | 774 | /** |
840 | * cap_task_prctl - Implement process control functions for this security module | 775 | * cap_task_prctl - Implement process control functions for this security module |
841 | * @option: The process control function requested | 776 | * @option: The process control function requested |
@@ -866,7 +801,6 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, | |||
866 | error = !!cap_raised(new->cap_bset, arg2); | 801 | error = !!cap_raised(new->cap_bset, arg2); |
867 | goto no_change; | 802 | goto no_change; |
868 | 803 | ||
869 | #ifdef CONFIG_SECURITY_FILE_CAPABILITIES | ||
870 | case PR_CAPBSET_DROP: | 804 | case PR_CAPBSET_DROP: |
871 | error = cap_prctl_drop(new, arg2); | 805 | error = cap_prctl_drop(new, arg2); |
872 | if (error < 0) | 806 | if (error < 0) |
@@ -917,8 +851,6 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, | |||
917 | error = new->securebits; | 851 | error = new->securebits; |
918 | goto no_change; | 852 | goto no_change; |
919 | 853 | ||
920 | #endif /* def CONFIG_SECURITY_FILE_CAPABILITIES */ | ||
921 | |||
922 | case PR_GET_KEEPCAPS: | 854 | case PR_GET_KEEPCAPS: |
923 | if (issecure(SECURE_KEEP_CAPS)) | 855 | if (issecure(SECURE_KEEP_CAPS)) |
924 | error = 1; | 856 | error = 1; |