Re: [PATCH] Smack: label for task objects

From: Jarkko Sakkinen
Date: Fri Nov 12 2010 - 09:47:40 EST


Hi

I'm also preparing a fix for the issue. Do you want me to resubmit the patch?

/Jarkko

On Fri, Nov 12, 2010 at 3:38 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
> On 11/11/2010 8:44 AM, Jarkko Sakkinen wrote:
>
>> Applied against
>> http://gitorious.org/simplified-mandatory-access-control-kernel
>> This patch adds a new security attribute to Smack called
>> SMACK64EXEC. It defines label that is used while task is
>> running.
>> Exception: in smack_task_wait() child task is checked
>> for write access to parent task using label inherited
>> from the task that forked it.
> The smk_task value needs to get reset if the SMACK64EXEC attribute
> gets written. I have a fix that I am testing and will pass along
> presently.
>
>> Signed-off-by: Jarkko Sakkinen <jarkko.j.sakkinen@xxxxxxxxx>
>> ---
>> Âinclude/linux/xattr.h     |  Â2 +
>> Âsecurity/smack/smack.h    Â|  30 +++++++
>> Âsecurity/smack/smack_access.c | Â Â4 +-
>> Âsecurity/smack/smack_lsm.c  Â| Â168
>> ++++++++++++++++++++++++++++++-----------
>> Âsecurity/smack/smackfs.c   Â|  Â4 +-
>> Â5 files changed, 159 insertions(+), 49 deletions(-)
>> diff --git a/include/linux/xattr.h b/include/linux/xattr.h
>> index f1e5bde..351c790 100644
>> --- a/include/linux/xattr.h
>> +++ b/include/linux/xattr.h
>> @@ -40,9 +40,11 @@
>> Â#define XATTR_SMACK_SUFFIX "SMACK64"
>> Â#define XATTR_SMACK_IPIN "SMACK64IPIN"
>> Â#define XATTR_SMACK_IPOUT "SMACK64IPOUT"
>> +#define XATTR_SMACK_EXEC "SMACK64EXEC"
>> Â#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX
>> Â#define XATTR_NAME_SMACKIPIN Â ÂXATTR_SECURITY_PREFIX XATTR_SMACK_IPIN
>> Â#define XATTR_NAME_SMACKIPOUT Â ÂXATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT
>> +#define XATTR_NAME_SMACKEXEC Â ÂXATTR_SECURITY_PREFIX XATTR_SMACK_EXEC
>> Â #define XATTR_CAPS_SUFFIX "capability"
>> Â#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
>> diff --git a/security/smack/smack.h b/security/smack/smack.h
>> index 43ae747..a2e2cdf 100644
>> --- a/security/smack/smack.h
>> +++ b/security/smack/smack.h
>> @@ -51,10 +51,16 @@ struct socket_smack {
>> Â */
>> Âstruct inode_smack {
>>   Âchar    Â*smk_inode;  Â/* label of the fso */
>> +  Âchar    Â*smk_task;  Â/* label of the task */
>>   Âstruct mutex  Âsmk_lock;  Â/* initialization lock */
>>   Âint    Âsmk_flags;  Â/* smack inode flags */
>> Â};
>> Â+struct task_smack {
>> +  Âchar    Â*smk_task;  Â/* label used for access control */
>> +  Âchar    Â*smk_forked;  Â/* label when forked */
>> +};
>> +
>> Â#define  ÂSMK_INODE_INSTANT  Â0x01  Â/* inode is instantiated */
>> Â /*
>> @@ -243,6 +249,30 @@ static inline char *smk_of_inode(const struct inode
>> *isp)
>> Â}
>> Â /*
>> + * Present a pointer to the smack label in an task blob.
>> + */
>> +static inline char *smk_of_task(const struct task_smack *tsp)
>> +{
>> + Â Âreturn tsp->smk_task;
>> +}
>> +
>> +/*
>> + * Present a pointer to the forked smack label in an task blob.
>> + */
>> +static inline char *smk_of_forked(const struct task_smack *tsp)
>> +{
>> + Â Âreturn tsp->smk_forked;
>> +}
>> +
>> +/*
>> + * Present a pointer to the smack label in the curren task blob.
>> + */
>> +static inline char *smk_of_current(void)
>> +{
>> + Â Âreturn smk_of_task(current_security());
>> +}
>> +
>> +/*
>> Â * logging functions
>> Â */
>> Â#define SMACK_AUDIT_DENIED 0x1
>> diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
>> index f4fac64..42becbc 100644
>> --- a/security/smack/smack_access.c
>> +++ b/security/smack/smack_access.c
>> @@ -185,7 +185,7 @@ out_audit:
>> Âint smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
>> Â{
>> Â Â Âint rc;
>> - Â Âchar *sp = current_security();
>> + Â Âchar *sp = smk_of_current();
>> Â Â Â rc = smk_access(sp, obj_label, mode, NULL);
>> Â Â Âif (rc == 0)
>> @@ -196,7 +196,7 @@ int smk_curacc(char *obj_label, u32 mode, struct
>> smk_audit_info *a)
>> Â Â Â * only one that gets privilege and current does not
>> Â Â Â * have that label.
>> Â Â Â */
>> - Â Âif (smack_onlycap != NULL && smack_onlycap != current->cred->security)
>> + Â Âif (smack_onlycap != NULL && smack_onlycap != sp)
>> Â Â Â Â Âgoto out_audit;
>> Â Â Â if (capable(CAP_MAC_OVERRIDE))
>> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
>> index a1bdbfa..14be2b2 100644
>> --- a/security/smack/smack_lsm.c
>> +++ b/security/smack/smack_lsm.c
>> @@ -43,7 +43,7 @@
>> Â * Returns a pointer to the master list entry for the Smack label
>> Â * or NULL if there was no label to fetch.
>> Â */
>> -static char *smk_fetch(struct inode *ip, struct dentry *dp)
>> +static char *smk_fetch(const char *name, struct inode *ip, struct
>> dentry *dp)
>> Â{
>> Â Â Âint rc;
>> Â Â Âchar in[SMK_LABELLEN];
>> @@ -51,7 +51,7 @@ static char *smk_fetch(struct inode *ip, struct dentry
>> *dp)
>> Â Â Âif (ip->i_op->getxattr == NULL)
>> Â Â Â Â Âreturn NULL;
>> Â- Â Ârc = ip->i_op->getxattr(dp, XATTR_NAME_SMACK, in, SMK_LABELLEN);
>> + Â Ârc = ip->i_op->getxattr(dp, name, in, SMK_LABELLEN);
>> Â Â Âif (rc < 0)
>> Â Â Â Â Âreturn NULL;
>> Â@@ -103,8 +103,8 @@ static int smack_ptrace_access_check(struct
>> task_struct *ctp, unsigned int mode)
>> Â Â Âif (rc != 0)
>> Â Â Â Â Âreturn rc;
>> Â- Â Âsp = current_security();
>> - Â Âtsp = task_security(ctp);
>> + Â Âsp = smk_of_current();
>> + Â Âtsp = smk_of_task(task_security(ctp));
>> Â Â Âsmk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
>> Â Â Âsmk_ad_setfield_u_tsk(&ad, ctp);
>> Â@@ -138,8 +138,8 @@ static int smack_ptrace_traceme(struct task_struct
>> *ptp)
>> Â Â Âsmk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
>> Â Â Âsmk_ad_setfield_u_tsk(&ad, ptp);
>> Â- Â Âsp = current_security();
>> - Â Âtsp = task_security(ptp);
>> + Â Âsp = smk_of_current();
>> + Â Âtsp = smk_of_task(task_security(ptp));
>> Â Â Â/* we won't log here, because rc can be overriden */
>> Â Â Ârc = smk_access(tsp, sp, MAY_READWRITE, NULL);
>> Â Â Âif (rc != 0 && has_capability(ptp, CAP_MAC_OVERRIDE))
>> @@ -160,7 +160,7 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
>> Âstatic int smack_syslog(int type, bool from_file)
>> Â{
>> Â Â Âint rc;
>> - Â Âchar *sp = current_security();
>> + Â Âchar *sp = smk_of_current();
>> Â Â Â rc = cap_syslog(type, from_file);
>> Â Â Âif (rc != 0)
>> @@ -395,6 +395,40 @@ static int smack_sb_umount(struct vfsmount *mnt,
>> int flags)
>> Â}
>> Â /*
>> + * BPRM hooks
>> + */
>> +
>> +static int smack_bprm_set_creds(struct linux_binprm *bprm)
>> +{
>> + Â Âstruct task_smack *tsp = bprm->cred->security;
>> + Â Âstruct inode_smack *isp;
>> + Â Âstruct dentry *dp;
>> + Â Âint rc;
>> +
>> + Â Ârc = cap_bprm_set_creds(bprm);
>> + Â Âif (rc != 0)
>> + Â Â Â Âreturn rc;
>> +
>> + Â Âif (bprm->cred_prepared)
>> + Â Â Â Âreturn 0;
>> +
>> + Â Âif (bprm->file == NULL || bprm->file->f_dentry == NULL)
>> + Â Â Â Âreturn 0;
>> +
>> + Â Âdp = bprm->file->f_dentry;
>> +
>> + Â Âif (dp->d_inode == NULL)
>> + Â Â Â Âreturn 0;
>> +
>> + Â Âisp = dp->d_inode->i_security;
>> +
>> + Â Âif (isp->smk_task != NULL)
>> + Â Â Â Âtsp->smk_task = isp->smk_task;
>> +
>> + Â Âreturn 0;
>> +}
>> +
>> +/*
>> Â * Inode hooks
>> Â */
>> Â@@ -406,7 +440,7 @@ static int smack_sb_umount(struct vfsmount *mnt,
>> int flags)
>> Â */
>> Âstatic int smack_inode_alloc_security(struct inode *inode)
>> Â{
>> - Â Âinode->i_security = new_inode_smack(current_security());
>> + Â Âinode->i_security = new_inode_smack(smk_of_current());
>> Â Â Âif (inode->i_security == NULL)
>> Â Â Â Â Âreturn -ENOMEM;
>> Â Â Âreturn 0;
>> @@ -668,7 +702,8 @@ static int smack_inode_setxattr(struct dentry
>> *dentry, const char *name,
>> Â Â Â if (strcmp(name, XATTR_NAME_SMACK) == 0 ||
>> Â Â Â Â Âstrcmp(name, XATTR_NAME_SMACKIPIN) == 0 ||
>> - Â Â Â Âstrcmp(name, XATTR_NAME_SMACKIPOUT) == 0) {
>> + Â Â Â Âstrcmp(name, XATTR_NAME_SMACKIPOUT) == 0 ||
>> + Â Â Â Âstrcmp(name, XATTR_NAME_SMACKEXEC) == 0) {
>> Â Â Â Â Âif (!capable(CAP_MAC_ADMIN))
>> Â Â Â Â Â Â Ârc = -EPERM;
>> Â Â Â Â Â/*
>> @@ -761,7 +796,8 @@ static int smack_inode_removexattr(struct dentry
>> *dentry, const char *name)
>> Â Â Â if (strcmp(name, XATTR_NAME_SMACK) == 0 ||
>> Â Â Â Â Âstrcmp(name, XATTR_NAME_SMACKIPIN) == 0 ||
>> - Â Â Â Âstrcmp(name, XATTR_NAME_SMACKIPOUT) == 0) {
>> + Â Â Â Âstrcmp(name, XATTR_NAME_SMACKIPOUT) == 0 ||
>> + Â Â Â Âstrcmp(name, XATTR_NAME_SMACKEXEC) == 0) {
>> Â Â Â Â Âif (!capable(CAP_MAC_ADMIN))
>> Â Â Â Â Â Â Ârc = -EPERM;
>> Â Â Â} else
>> @@ -899,7 +935,7 @@ static int smack_file_permission(struct file *file,
>> int mask)
>> Â */
>> Âstatic int smack_file_alloc_security(struct file *file)
>> Â{
>> - Â Âfile->f_security = current_security();
>> + Â Âfile->f_security = smk_of_current();
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1009,7 +1045,7 @@ static int smack_file_fcntl(struct file *file,
>> unsigned int cmd,
>> Â */
>> Âstatic int smack_file_set_fowner(struct file *file)
>> Â{
>> - Â Âfile->f_security = current_security();
>> + Â Âfile->f_security = smk_of_current();
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1029,7 +1065,7 @@ static int smack_file_send_sigiotask(struct
>> task_struct *tsk,
>> Â{
>> Â Â Âstruct file *file;
>> Â Â Âint rc;
>> - Â Âchar *tsp = tsk->cred->security;
>> + Â Âchar *tsp = smk_of_task(tsk->cred->security);
>> Â Â Âstruct smk_audit_info ad;
>> Â Â Â /*
>> @@ -1086,7 +1122,9 @@ static int smack_file_receive(struct file *file)
>> Â */
>> Âstatic int smack_cred_alloc_blank(struct cred *cred, gfp_t gfp)
>> Â{
>> - Â Âcred->security = NULL;
>> + Â Âcred->security = kzalloc(sizeof(struct task_smack), gfp);
>> + Â Âif (cred->security == NULL)
>> + Â Â Â Âreturn -ENOMEM;
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1101,7 +1139,7 @@ static int smack_cred_alloc_blank(struct cred
>> *cred, gfp_t gfp)
>> Â */
>> Âstatic void smack_cred_free(struct cred *cred)
>> Â{
>> - Â Âcred->security = NULL;
>> + Â Âkfree(cred->security);
>> Â}
>> Â /**
>> @@ -1115,7 +1153,16 @@ static void smack_cred_free(struct cred *cred)
>> Âstatic int smack_cred_prepare(struct cred *new, const struct cred *old,
>> Â Â Â Â Â Â Â Â Â Âgfp_t gfp)
>> Â{
>> - Â Ânew->security = old->security;
>> + Â Âstruct task_smack *old_tsp = old->security;
>> + Â Âstruct task_smack *new_tsp;
>> +
>> + Â Ânew_tsp = kzalloc(sizeof(struct task_smack), gfp);
>> + Â Âif (new_tsp == NULL)
>> + Â Â Â Âreturn -ENOMEM;
>> +
>> + Â Ânew_tsp->smk_task = old_tsp->smk_task;
>> + Â Ânew_tsp->smk_forked = old_tsp->smk_task;
>> + Â Ânew->security = new_tsp;
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1128,7 +1175,11 @@ static int smack_cred_prepare(struct cred *new,
>> const struct cred *old,
>> Â */
>> Âstatic void smack_cred_transfer(struct cred *new, const struct cred *old)
>> Â{
>> - Â Ânew->security = old->security;
>> + Â Âstruct task_smack *old_tsp = old->security;
>> + Â Âstruct task_smack *new_tsp = new->security;
>> +
>> + Â Ânew_tsp->smk_task = old_tsp->smk_task;
>> + Â Ânew_tsp->smk_forked = old_tsp->smk_task;
>> Â}
>> Â /**
>> @@ -1140,12 +1191,13 @@ static void smack_cred_transfer(struct cred
>> *new, const struct cred *old)
>> Â */
>> Âstatic int smack_kernel_act_as(struct cred *new, u32 secid)
>> Â{
>> + Â Âstruct task_smack *new_tsp = new->security;
>> Â Â Âchar *smack = smack_from_secid(secid);
>> Â Â Â if (smack == NULL)
>> Â Â Â Â Âreturn -EINVAL;
>> Â- Â Ânew->security = smack;
>> + Â Ânew_tsp->smk_task = smack;
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1161,8 +1213,10 @@ static int smack_kernel_create_files_as(struct
>> cred *new,
>> Â Â Â Â Â Â Â Â Â Â Âstruct inode *inode)
>> Â{
>> Â Â Âstruct inode_smack *isp = inode->i_security;
>> + Â Âstruct task_smack *tsp = new->security;
>> Â- Â Ânew->security = isp->smk_inode;
>> + Â Âtsp->smk_forked = isp->smk_inode;
>> + Â Âtsp->smk_task = isp->smk_inode;
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1179,7 +1233,7 @@ static int smk_curacc_on_task(struct task_struct
>> *p, int access)
>> Â Â Â smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
>> Â Â Âsmk_ad_setfield_u_tsk(&ad, p);
>> - Â Âreturn smk_curacc(task_security(p), access, &ad);
>> + Â Âreturn smk_curacc(smk_of_task(task_security(p)), access, &ad);
>> Â}
>> Â /**
>> @@ -1225,7 +1279,7 @@ static int smack_task_getsid(struct task_struct *p)
>> Â */
>> Âstatic void smack_task_getsecid(struct task_struct *p, u32 *secid)
>> Â{
>> - Â Â*secid = smack_to_secid(task_security(p));
>> + Â Â*secid = smack_to_secid(smk_of_task(task_security(p)));
>> Â}
>> Â /**
>> @@ -1337,14 +1391,15 @@ static int smack_task_kill(struct task_struct
>> *p, struct siginfo *info,
>> Â Â Â * can write the receiver.
>> Â Â Â */
>> Â Â Âif (secid == 0)
>> - Â Â Â Âreturn smk_curacc(task_security(p), MAY_WRITE, &ad);
>> + Â Â Â Âreturn smk_curacc(smk_of_task(task_security(p)), MAY_WRITE,
>> + Â Â Â Â Â Â Â Â Â&ad);
>> Â Â Â/*
>> Â Â Â * If the secid isn't 0 we're dealing with some USB IO
>> Â Â Â * specific behavior. This is not clean. For one thing
>> Â Â Â * we can't take privilege into account.
>> Â Â Â */
>> - Â Âreturn smk_access(smack_from_secid(secid), task_security(p),
>> - Â Â Â Â Â Â ÂMAY_WRITE, &ad);
>> + Â Âreturn smk_access(smack_from_secid(secid),
>> + Â Â Â Â Â Â Âsmk_of_task(task_security(p)), MAY_WRITE, &ad);
>> Â}
>> Â /**
>> @@ -1356,12 +1411,12 @@ static int smack_task_kill(struct task_struct
>> *p, struct siginfo *info,
>> Âstatic int smack_task_wait(struct task_struct *p)
>> Â{
>> Â Â Âstruct smk_audit_info ad;
>> - Â Âchar *sp = current_security();
>> - Â Âchar *tsp = task_security(p);
>> + Â Âchar *sp = smk_of_current();
>> + Â Âchar *tsp = smk_of_forked(task_security(p));
>> Â Â Âint rc;
>> Â Â Â /* we don't log here, we can be overriden */
>> - Â Ârc = smk_access(sp, tsp, MAY_WRITE, NULL);
>> + Â Ârc = smk_access(tsp, sp, MAY_WRITE, NULL);
>> Â Â Âif (rc == 0)
>> Â Â Â Â Âgoto out_log;
>> Â@@ -1382,7 +1437,7 @@ static int smack_task_wait(struct task_struct *p)
>> Â out_log:
>> Â Â Âsmk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
>> Â Â Âsmk_ad_setfield_u_tsk(&ad, p);
>> - Â Âsmack_log(sp, tsp, MAY_WRITE, rc, &ad);
>> + Â Âsmack_log(tsp, sp, MAY_WRITE, rc, &ad);
>> Â Â Âreturn rc;
>> Â}
>> Â@@ -1396,7 +1451,7 @@ static int smack_task_wait(struct task_struct *p)
>> Âstatic void smack_task_to_inode(struct task_struct *p, struct inode
>> *inode)
>> Â{
>> Â Â Âstruct inode_smack *isp = inode->i_security;
>> - Â Âisp->smk_inode = task_security(p);
>> + Â Âisp->smk_inode = smk_of_task(task_security(p));
>> Â}
>> Â /*
>> @@ -1415,7 +1470,7 @@ static void smack_task_to_inode(struct task_struct
>> *p, struct inode *inode)
>> Â */
>> Âstatic int smack_sk_alloc_security(struct sock *sk, int family, gfp_t
>> gfp_flags)
>> Â{
>> - Â Âchar *csp = current_security();
>> + Â Âchar *csp = smk_of_current();
>> Â Â Âstruct socket_smack *ssp;
>> Â Â Â ssp = kzalloc(sizeof(struct socket_smack), gfp_flags);
>> @@ -1756,7 +1811,7 @@ static int smack_flags_to_may(int flags)
>> Â */
>> Âstatic int smack_msg_msg_alloc_security(struct msg_msg *msg)
>> Â{
>> - Â Âmsg->security = current_security();
>> + Â Âmsg->security = smk_of_current();
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1792,7 +1847,7 @@ static int smack_shm_alloc_security(struct
>> shmid_kernel *shp)
>> Â{
>> Â Â Âstruct kern_ipc_perm *isp = &shp->shm_perm;
>> Â- Â Âisp->security = current_security();
>> + Â Âisp->security = smk_of_current();
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -1915,7 +1970,7 @@ static int smack_sem_alloc_security(struct
>> sem_array *sma)
>> Â{
>> Â Â Âstruct kern_ipc_perm *isp = &sma->sem_perm;
>> Â- Â Âisp->security = current_security();
>> + Â Âisp->security = smk_of_current();
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -2033,7 +2088,7 @@ static int smack_msg_queue_alloc_security(struct
>> msg_queue *msq)
>> Â{
>> Â Â Âstruct kern_ipc_perm *kisp = &msq->q_perm;
>> Â- Â Âkisp->security = current_security();
>> + Â Âkisp->security = smk_of_current();
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -2205,7 +2260,7 @@ static void smack_d_instantiate(struct dentry
>> *opt_dentry, struct inode *inode)
>> Â Â Âstruct super_block *sbp;
>> Â Â Âstruct superblock_smack *sbsp;
>> Â Â Âstruct inode_smack *isp;
>> - Â Âchar *csp = current_security();
>> + Â Âchar *csp = smk_of_current();
>> Â Â Âchar *fetched;
>> Â Â Âchar *final;
>> Â Â Âstruct dentry *dp;
>> @@ -2325,9 +2380,13 @@ static void smack_d_instantiate(struct dentry
>> *opt_dentry, struct inode *inode)
>> Â Â Â Â Â * Get the dentry for xattr.
>> Â Â Â Â Â */
>> Â Â Â Â Âdp = dget(opt_dentry);
>> - Â Â Â Âfetched = smk_fetch(inode, dp);
>> - Â Â Â Âif (fetched != NULL)
>> + Â Â Â Âfetched = smk_fetch(XATTR_NAME_SMACK, inode, dp);
>> + Â Â Â Âif (fetched != NULL) {
>> Â Â Â Â Â Â Âfinal = fetched;
>> + Â Â Â Â Â Âisp->smk_task = smk_fetch(XATTR_NAME_SMACKEXEC, inode,
>> + Â Â Â Â Â Â Â Â Â Â Â Â Âdp);
>> + Â Â Â Â}
>> +
>> Â Â Â Â Âdput(dp);
>> Â Â Â Â Âbreak;
>> Â Â Â}
>> @@ -2362,7 +2421,7 @@ static int smack_getprocattr(struct task_struct
>> *p, char *name, char **value)
>> Â Â Âif (strcmp(name, "current") != 0)
>> Â Â Â Â Âreturn -EINVAL;
>> Â- Â Âcp = kstrdup(task_security(p), GFP_KERNEL);
>> + Â Âcp = kstrdup(smk_of_task(task_security(p)), GFP_KERNEL);
>> Â Â Âif (cp == NULL)
>> Â Â Â Â Âreturn -ENOMEM;
>> Â@@ -2386,6 +2445,7 @@ static int smack_getprocattr(struct task_struct
>> *p, char *name, char **value)
>> Âstatic int smack_setprocattr(struct task_struct *p, char *name,
>> Â Â Â Â Â Â Â Â Â void *value, size_t size)
>> Â{
>> + Â Âstruct task_smack *tsp;
>> Â Â Âstruct cred *new;
>> Â Â Âchar *newsmack;
>> Â@@ -2418,7 +2478,13 @@ static int smack_setprocattr(struct task_struct
>> *p, char *name,
>> Â Â Ânew = prepare_creds();
>> Â Â Âif (new == NULL)
>> Â Â Â Â Âreturn -ENOMEM;
>> - Â Ânew->security = newsmack;
>> + Â Âtsp = kzalloc(sizeof(struct task_smack), GFP_KERNEL);
>> + Â Âif (tsp == NULL) {
>> + Â Â Â Âkfree(new);
>> + Â Â Â Âreturn -ENOMEM;
>> + Â Â}
>> + Â Âtsp->smk_task = newsmack;
>> + Â Ânew->security = tsp;
>> Â Â Âcommit_creds(new);
>> Â Â Âreturn size;
>> Â}
>> @@ -2719,7 +2785,7 @@ static void smack_sock_graft(struct sock *sk,
>> struct socket *parent)
>> Â Â Â Â Âreturn;
>> Â Â Â ssp = sk->sk_security;
>> - Â Âssp->smk_in = ssp->smk_out = current_security();
>> + Â Âssp->smk_in = ssp->smk_out = smk_of_current();
>> Â Â Â/* cssp->smk_packet is already set in smack_inet_csk_clone() */
>> Â}
>> Â@@ -2840,7 +2906,7 @@ static void smack_inet_csk_clone(struct sock *sk,
>> Âstatic int smack_key_alloc(struct key *key, const struct cred *cred,
>> Â Â Â Â Â Â Â Â unsigned long flags)
>> Â{
>> - Â Âkey->security = cred->security;
>> + Â Âkey->security = smk_of_task(cred->security);
>> Â Â Âreturn 0;
>> Â}
>> Â@@ -2869,6 +2935,7 @@ static int smack_key_permission(key_ref_t key_ref,
>> Â{
>> Â Â Âstruct key *keyp;
>> Â Â Âstruct smk_audit_info ad;
>> + Â Âchar *tsp = smk_of_task(cred->security);
>> Â Â Â keyp = key_ref_to_ptr(key_ref);
>> Â Â Âif (keyp == NULL)
>> @@ -2882,14 +2949,14 @@ static int smack_key_permission(key_ref_t key_ref,
>> Â Â Â/*
>> Â Â Â * This should not occur
>> Â Â Â */
>> - Â Âif (cred->security == NULL)
>> + Â Âif (tsp == NULL)
>> Â Â Â Â Âreturn -EACCES;
>> Â#ifdef CONFIG_AUDIT
>> Â Â Âsmk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY);
>> Â Â Âad.a.u.key_struct.key = keyp->serial;
>> Â Â Âad.a.u.key_struct.key_desc = keyp->description;
>> Â#endif
>> - Â Âreturn smk_access(cred->security, keyp->security,
>> + Â Âreturn smk_access(tsp, keyp->security,
>> Â Â Â Â Â Â Â Â Â MAY_READWRITE, &ad);
>> Â}
>> Â#endif /* CONFIG_KEYS */
>> @@ -3091,6 +3158,8 @@ struct security_operations smack_ops = {
>> Â Â Â.sb_mount = Â Â Â Â Â Â smack_sb_mount,
>> Â Â Â.sb_umount = Â Â Â Â Â Â smack_sb_umount,
>> Â+ Â Â.bprm_set_creds = Â Â Â Âsmack_bprm_set_creds,
>> +
>> Â Â Â.inode_alloc_security = Â Â smack_inode_alloc_security,
>> Â Â Â.inode_free_security = Â Â Â Â smack_inode_free_security,
>> Â Â Â.inode_init_security = Â Â Â Â smack_inode_init_security,
>> @@ -3227,9 +3296,16 @@ static __init void init_smack_know_list(void)
>> Âstatic __init int smack_init(void)
>> Â{
>> Â Â Âstruct cred *cred;
>> + Â Âstruct task_smack *tsp;
>> +
>> + Â Âtsp = kzalloc(sizeof(struct task_smack), GFP_KERNEL);
>> + Â Âif (tsp == NULL)
>> + Â Â Â Âreturn -ENOMEM;
>> Â- Â Âif (!security_module_enable(&smack_ops))
>> + Â Âif (!security_module_enable(&smack_ops)) {
>> + Â Â Â Âkfree(tsp);
>> Â Â Â Â Âreturn 0;
>> + Â Â}
>> Â Â Â printk(KERN_INFO "Smack: ÂInitializing.\n");
>> Â@@ -3237,7 +3313,9 @@ static __init int smack_init(void)
>> Â Â Â * Set the security state for the initial task.
>> Â Â Â */
>> Â Â Âcred = (struct cred *) current->cred;
>> - Â Âcred->security = &smack_known_floor.smk_known;
>> + Â Âtsp->smk_forked = smack_known_floor.smk_known;
>> + Â Âtsp->smk_task = smack_known_floor.smk_known;
>> + Â Âcred->security = tsp;
>> Â Â Â /* initialize the smack_know_list */
>> Â Â Âinit_smack_know_list();
>> diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
>> index dc1fd62..01a0be9 100644
>> --- a/security/smack/smackfs.c
>> +++ b/security/smack/smackfs.c
>> @@ -121,7 +121,7 @@ static void smk_netlabel_audit_set(struct
>> netlbl_audit *nap)
>> Â{
>> Â Â Ânap->loginuid = audit_get_loginuid(current);
>> Â Â Ânap->sessionid = audit_get_sessionid(current);
>> - Â Ânap->secid = smack_to_secid(current_security());
>> + Â Ânap->secid = smack_to_secid(smk_of_current());
>> Â}
>> Â /*
>> @@ -1160,7 +1160,7 @@ static ssize_t smk_write_onlycap(struct file
>> *file, const char __user *buf,
>> Â Â Â Â Â Â Â Â Â size_t count, loff_t *ppos)
>> Â{
>> Â Â Âchar in[SMK_LABELLEN];
>> - Â Âchar *sp = current->cred->security;
>> + Â Âchar *sp = smk_of_task(current->cred->security);
>> Â Â Â if (!capable(CAP_MAC_ADMIN))
>> Â Â Â Â Âreturn -EPERM;
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/