[PATCH] sns: add syscall to check signed state of a process [4/4]
From: Alexander Wuerstlein
Date: Thu Jun 21 2007 - 12:10:42 EST
Makes it possible for a userspace process to ask for the trustworthiness of
another process.
Signed-off-by: Johannes Schlumberger <spjsschl@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
---
arch/i386/kernel/syscall_table.S | 1 +
include/asm-i386/unistd.h | 3 ++-
security/sns.c | 15 +++++++++++++++
3 files changed, 18 insertions(+), 1 deletions(-)
diff --git a/arch/i386/kernel/syscall_table.S b/arch/i386/kernel/syscall_table.S
index bf6adce..e8ba35a 100644
--- a/arch/i386/kernel/syscall_table.S
+++ b/arch/i386/kernel/syscall_table.S
@@ -323,3 +323,4 @@ ENTRY(sys_call_table)
.long sys_signalfd
.long sys_timerfd
.long sys_eventfd
+ .long sys_sns_is_trusted /* 320 */
diff --git a/include/asm-i386/unistd.h b/include/asm-i386/unistd.h
index e84ace1..3f8df3e 100644
--- a/include/asm-i386/unistd.h
+++ b/include/asm-i386/unistd.h
@@ -329,10 +329,11 @@
#define __NR_signalfd 321
#define __NR_timerfd 322
#define __NR_eventfd 323
+#define __NR_sns_is_trusted 324
#ifdef __KERNEL__
-#define NR_syscalls 324
+#define NR_syscalls 325
#define __ARCH_WANT_IPC_PARSE_VERSION
#define __ARCH_WANT_OLD_READDIR
diff --git a/security/sns.c b/security/sns.c
index 3192a90..1978f7c 100644
--- a/security/sns.c
+++ b/security/sns.c
@@ -112,3 +112,18 @@ int sns_signature_valid(struct file *file)
crypto_free_hash(tfm);
return ret;
}
+
+asmlinkage int sys_sns_is_trusted(pid_t p)
+{
+ struct task_struct *t;
+ rcu_read_lock();
+ t = find_task_by_pid(p);
+ if (IS_ERR(t)) {
+ rcu_read_unlock();
+ return -EINVAL;
+ }
+ p = t->sns_valid_sig; /*locking needed*/
+ rcu_read_unlock();
+ return p;
+}
+EXPORT_SYMBOL_GPL(sys_sns_is_trusted);
--
1.5.2.1
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/