diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/internal.h | 2 | ||||
| -rw-r--r-- | security/keys/keyctl.c | 26 | ||||
| -rw-r--r-- | security/keys/process_keys.c | 5 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 3 | ||||
| -rw-r--r-- | security/selinux/include/security.h | 2 | ||||
| -rw-r--r-- | security/selinux/selinuxfs.c | 6 |
6 files changed, 18 insertions, 26 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index 3dcbf86b0d31..c246ba5d43ab 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h | |||
| @@ -149,7 +149,7 @@ extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, | |||
| 149 | #define KEY_LOOKUP_FOR_UNLINK 0x04 | 149 | #define KEY_LOOKUP_FOR_UNLINK 0x04 |
| 150 | 150 | ||
| 151 | extern long join_session_keyring(const char *name); | 151 | extern long join_session_keyring(const char *name); |
| 152 | extern void key_change_session_keyring(struct task_work *twork); | 152 | extern void key_change_session_keyring(struct callback_head *twork); |
| 153 | 153 | ||
| 154 | extern struct work_struct key_gc_work; | 154 | extern struct work_struct key_gc_work; |
| 155 | extern unsigned key_gc_delay; | 155 | extern unsigned key_gc_delay; |
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 0f5b3f027299..f1b59ae39d7e 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -1456,7 +1456,7 @@ long keyctl_session_to_parent(void) | |||
| 1456 | { | 1456 | { |
| 1457 | struct task_struct *me, *parent; | 1457 | struct task_struct *me, *parent; |
| 1458 | const struct cred *mycred, *pcred; | 1458 | const struct cred *mycred, *pcred; |
| 1459 | struct task_work *newwork, *oldwork; | 1459 | struct callback_head *newwork, *oldwork; |
| 1460 | key_ref_t keyring_r; | 1460 | key_ref_t keyring_r; |
| 1461 | struct cred *cred; | 1461 | struct cred *cred; |
| 1462 | int ret; | 1462 | int ret; |
| @@ -1466,19 +1466,17 @@ long keyctl_session_to_parent(void) | |||
| 1466 | return PTR_ERR(keyring_r); | 1466 | return PTR_ERR(keyring_r); |
| 1467 | 1467 | ||
| 1468 | ret = -ENOMEM; | 1468 | ret = -ENOMEM; |
| 1469 | newwork = kmalloc(sizeof(struct task_work), GFP_KERNEL); | ||
| 1470 | if (!newwork) | ||
| 1471 | goto error_keyring; | ||
| 1472 | 1469 | ||
| 1473 | /* our parent is going to need a new cred struct, a new tgcred struct | 1470 | /* our parent is going to need a new cred struct, a new tgcred struct |
| 1474 | * and new security data, so we allocate them here to prevent ENOMEM in | 1471 | * and new security data, so we allocate them here to prevent ENOMEM in |
| 1475 | * our parent */ | 1472 | * our parent */ |
| 1476 | cred = cred_alloc_blank(); | 1473 | cred = cred_alloc_blank(); |
| 1477 | if (!cred) | 1474 | if (!cred) |
| 1478 | goto error_newwork; | 1475 | goto error_keyring; |
| 1476 | newwork = &cred->rcu; | ||
| 1479 | 1477 | ||
| 1480 | cred->tgcred->session_keyring = key_ref_to_ptr(keyring_r); | 1478 | cred->tgcred->session_keyring = key_ref_to_ptr(keyring_r); |
| 1481 | init_task_work(newwork, key_change_session_keyring, cred); | 1479 | init_task_work(newwork, key_change_session_keyring); |
| 1482 | 1480 | ||
| 1483 | me = current; | 1481 | me = current; |
| 1484 | rcu_read_lock(); | 1482 | rcu_read_lock(); |
| @@ -1488,6 +1486,7 @@ long keyctl_session_to_parent(void) | |||
| 1488 | oldwork = NULL; | 1486 | oldwork = NULL; |
| 1489 | parent = me->real_parent; | 1487 | parent = me->real_parent; |
| 1490 | 1488 | ||
| 1489 | task_lock(parent); | ||
| 1491 | /* the parent mustn't be init and mustn't be a kernel thread */ | 1490 | /* the parent mustn't be init and mustn't be a kernel thread */ |
| 1492 | if (parent->pid <= 1 || !parent->mm) | 1491 | if (parent->pid <= 1 || !parent->mm) |
| 1493 | goto unlock; | 1492 | goto unlock; |
| @@ -1531,20 +1530,15 @@ long keyctl_session_to_parent(void) | |||
| 1531 | if (!ret) | 1530 | if (!ret) |
| 1532 | newwork = NULL; | 1531 | newwork = NULL; |
| 1533 | unlock: | 1532 | unlock: |
| 1533 | task_unlock(parent); | ||
| 1534 | write_unlock_irq(&tasklist_lock); | 1534 | write_unlock_irq(&tasklist_lock); |
| 1535 | rcu_read_unlock(); | 1535 | rcu_read_unlock(); |
| 1536 | if (oldwork) { | 1536 | if (oldwork) |
| 1537 | put_cred(oldwork->data); | 1537 | put_cred(container_of(oldwork, struct cred, rcu)); |
| 1538 | kfree(oldwork); | 1538 | if (newwork) |
| 1539 | } | 1539 | put_cred(cred); |
| 1540 | if (newwork) { | ||
| 1541 | put_cred(newwork->data); | ||
| 1542 | kfree(newwork); | ||
| 1543 | } | ||
| 1544 | return ret; | 1540 | return ret; |
| 1545 | 1541 | ||
| 1546 | error_newwork: | ||
| 1547 | kfree(newwork); | ||
| 1548 | error_keyring: | 1542 | error_keyring: |
| 1549 | key_ref_put(keyring_r); | 1543 | key_ref_put(keyring_r); |
| 1550 | return ret; | 1544 | return ret; |
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 4ad54eea1ea4..54339cfd6734 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c | |||
| @@ -834,12 +834,11 @@ error: | |||
| 834 | * Replace a process's session keyring on behalf of one of its children when | 834 | * Replace a process's session keyring on behalf of one of its children when |
| 835 | * the target process is about to resume userspace execution. | 835 | * the target process is about to resume userspace execution. |
| 836 | */ | 836 | */ |
| 837 | void key_change_session_keyring(struct task_work *twork) | 837 | void key_change_session_keyring(struct callback_head *twork) |
| 838 | { | 838 | { |
| 839 | const struct cred *old = current_cred(); | 839 | const struct cred *old = current_cred(); |
| 840 | struct cred *new = twork->data; | 840 | struct cred *new = container_of(twork, struct cred, rcu); |
| 841 | 841 | ||
| 842 | kfree(twork); | ||
| 843 | if (unlikely(current->flags & PF_EXITING)) { | 842 | if (unlikely(current->flags & PF_EXITING)) { |
| 844 | put_cred(new); | 843 | put_cred(new); |
| 845 | return; | 844 | return; |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ffd8900a38e8..9292a8971e66 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2157,8 +2157,7 @@ static inline void flush_unauthorized_files(const struct cred *cred, | |||
| 2157 | get_file(devnull); | 2157 | get_file(devnull); |
| 2158 | } else { | 2158 | } else { |
| 2159 | devnull = dentry_open( | 2159 | devnull = dentry_open( |
| 2160 | dget(selinux_null), | 2160 | &selinux_null, |
| 2161 | mntget(selinuxfs_mount), | ||
| 2162 | O_RDWR, cred); | 2161 | O_RDWR, cred); |
| 2163 | if (IS_ERR(devnull)) { | 2162 | if (IS_ERR(devnull)) { |
| 2164 | devnull = NULL; | 2163 | devnull = NULL; |
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index dde2005407aa..6d3885165d14 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
| @@ -221,7 +221,7 @@ extern void selinux_status_update_policyload(int seqno); | |||
| 221 | extern void selinux_complete_init(void); | 221 | extern void selinux_complete_init(void); |
| 222 | extern int selinux_disable(void); | 222 | extern int selinux_disable(void); |
| 223 | extern void exit_sel_fs(void); | 223 | extern void exit_sel_fs(void); |
| 224 | extern struct dentry *selinux_null; | 224 | extern struct path selinux_null; |
| 225 | extern struct vfsmount *selinuxfs_mount; | 225 | extern struct vfsmount *selinuxfs_mount; |
| 226 | extern void selnl_notify_setenforce(int val); | 226 | extern void selnl_notify_setenforce(int val); |
| 227 | extern void selnl_notify_policyload(u32 seqno); | 227 | extern void selnl_notify_policyload(u32 seqno); |
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 3ad290251288..298e695d6822 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c | |||
| @@ -1297,7 +1297,7 @@ out: | |||
| 1297 | 1297 | ||
| 1298 | #define NULL_FILE_NAME "null" | 1298 | #define NULL_FILE_NAME "null" |
| 1299 | 1299 | ||
| 1300 | struct dentry *selinux_null; | 1300 | struct path selinux_null; |
| 1301 | 1301 | ||
| 1302 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, | 1302 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, |
| 1303 | size_t count, loff_t *ppos) | 1303 | size_t count, loff_t *ppos) |
| @@ -1838,7 +1838,7 @@ static int sel_fill_super(struct super_block *sb, void *data, int silent) | |||
| 1838 | 1838 | ||
| 1839 | init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); | 1839 | init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); |
| 1840 | d_add(dentry, inode); | 1840 | d_add(dentry, inode); |
| 1841 | selinux_null = dentry; | 1841 | selinux_null.dentry = dentry; |
| 1842 | 1842 | ||
| 1843 | dentry = sel_make_dir(sb->s_root, "avc", &sel_last_ino); | 1843 | dentry = sel_make_dir(sb->s_root, "avc", &sel_last_ino); |
| 1844 | if (IS_ERR(dentry)) { | 1844 | if (IS_ERR(dentry)) { |
| @@ -1912,7 +1912,7 @@ static int __init init_sel_fs(void) | |||
| 1912 | return err; | 1912 | return err; |
| 1913 | } | 1913 | } |
| 1914 | 1914 | ||
| 1915 | selinuxfs_mount = kern_mount(&sel_fs_type); | 1915 | selinux_null.mnt = selinuxfs_mount = kern_mount(&sel_fs_type); |
| 1916 | if (IS_ERR(selinuxfs_mount)) { | 1916 | if (IS_ERR(selinuxfs_mount)) { |
| 1917 | printk(KERN_ERR "selinuxfs: could not mount!\n"); | 1917 | printk(KERN_ERR "selinuxfs: could not mount!\n"); |
| 1918 | err = PTR_ERR(selinuxfs_mount); | 1918 | err = PTR_ERR(selinuxfs_mount); |