diff options
author | James Morris <jmorris@namei.org> | 2008-11-06 07:12:34 +0800 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-06 07:12:34 +0800 |
commit | e21e696edb498c7f7eed42ba3096f6bbe13927b6 (patch) | |
tree | 73b0bc28e45b0268f05c4b384a17bfb2140a73bc /security | |
parent | 2f99db28af90957271a6448479c3e492ccf7c697 (diff) | |
parent | 75fa67706cce5272bcfc51ed646f2da21f3bdb6e (diff) | |
download | linux-3.10-e21e696edb498c7f7eed42ba3096f6bbe13927b6.tar.gz linux-3.10-e21e696edb498c7f7eed42ba3096f6bbe13927b6.tar.bz2 linux-3.10-e21e696edb498c7f7eed42ba3096f6bbe13927b6.zip |
Merge branch 'master' into next
Diffstat (limited to 'security')
-rw-r--r-- | security/commoncap.c | 6 | ||||
-rw-r--r-- | security/device_cgroup.c | 46 | ||||
-rw-r--r-- | security/inode.c | 3 | ||||
-rw-r--r-- | security/security.c | 9 | ||||
-rw-r--r-- | security/selinux/hooks.c | 22 |
5 files changed, 30 insertions, 56 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index 399bfdb9e2d..3976613db82 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -279,10 +279,10 @@ static int get_file_caps(struct linux_binprm *bprm) struct vfs_cap_data vcaps; struct inode *inode; - if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID) { - bprm_clear_caps(bprm); + bprm_clear_caps(bprm); + + if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID) return 0; - } dentry = dget(bprm->file->f_dentry); inode = dentry->d_inode; diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 46f23971f7e..5ba78701adc 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -1,5 +1,5 @@ /* - * dev_cgroup.c - device cgroup subsystem + * device_cgroup.c - device cgroup subsystem * * Copyright 2007 IBM Corp */ @@ -10,6 +10,7 @@ #include <linux/list.h> #include <linux/uaccess.h> #include <linux/seq_file.h> +#include <linux/rcupdate.h> #define ACC_MKNOD 1 #define ACC_READ 2 @@ -22,18 +23,8 @@ /* * whitelist locking rules: - * cgroup_lock() cannot be taken under dev_cgroup->lock. - * dev_cgroup->lock can be taken with or without cgroup_lock(). - * - * modifications always require cgroup_lock - * modifications to a list which is visible require the - * dev_cgroup->lock *and* cgroup_lock() - * walking the list requires dev_cgroup->lock or cgroup_lock(). - * - * reasoning: dev_whitelist_copy() needs to kmalloc, so needs - * a mutex, which the cgroup_lock() is. Since modifying - * a visible list requires both locks, either lock can be - * taken for walking the list. + * hold cgroup_lock() for update/read. + * hold rcu_read_lock() for read. */ struct dev_whitelist_item { @@ -47,7 +38,6 @@ struct dev_whitelist_item { struct dev_cgroup { struct cgroup_subsys_state css; struct list_head whitelist; - spinlock_t lock; }; static inline struct dev_cgroup *css_to_devcgroup(struct cgroup_subsys_state *s) @@ -84,13 +74,9 @@ static int dev_whitelist_copy(struct list_head *dest, struct list_head *orig) struct dev_whitelist_item *wh, *tmp, *new; list_for_each_entry(wh, orig, list) { - new = kmalloc(sizeof(*wh), GFP_KERNEL); + new = kmemdup(wh, sizeof(*wh), GFP_KERNEL); if (!new) goto free_and_exit; - new->major = wh->major; - new->minor = wh->minor; - new->type = wh->type; - new->access = wh->access; list_add_tail(&new->list, dest); } @@ -107,19 +93,16 @@ free_and_exit: /* Stupid prototype - don't bother combining existing entries */ /* * called under cgroup_lock() - * since the list is visible to other tasks, we need the spinlock also */ static int dev_whitelist_add(struct dev_cgroup *dev_cgroup, struct dev_whitelist_item *wh) { struct dev_whitelist_item *whcopy, *walk; - whcopy = kmalloc(sizeof(*whcopy), GFP_KERNEL); + whcopy = kmemdup(wh, sizeof(*wh), GFP_KERNEL); if (!whcopy) return -ENOMEM; - memcpy(whcopy, wh, sizeof(*whcopy)); - spin_lock(&dev_cgroup->lock); list_for_each_entry(walk, &dev_cgroup->whitelist, list) { if (walk->type != wh->type) continue; @@ -135,7 +118,6 @@ static int dev_whitelist_add(struct dev_cgroup *dev_cgroup, if (whcopy != NULL) list_add_tail_rcu(&whcopy->list, &dev_cgroup->whitelist); - spin_unlock(&dev_cgroup->lock); return 0; } @@ -149,14 +131,12 @@ static void whitelist_item_free(struct rcu_head *rcu) /* * called under cgroup_lock() - * since the list is visible to other tasks, we need the spinlock also */ static void dev_whitelist_rm(struct dev_cgroup *dev_cgroup, struct dev_whitelist_item *wh) { struct dev_whitelist_item *walk, *tmp; - spin_lock(&dev_cgroup->lock); list_for_each_entry_safe(walk, tmp, &dev_cgroup->whitelist, list) { if (walk->type == DEV_ALL) goto remove; @@ -174,7 +154,6 @@ remove: call_rcu(&walk->rcu, whitelist_item_free); } } - spin_unlock(&dev_cgroup->lock); } /* @@ -214,7 +193,6 @@ static struct cgroup_subsys_state *devcgroup_create(struct cgroup_subsys *ss, } } - spin_lock_init(&dev_cgroup->lock); return &dev_cgroup->css; } @@ -330,15 +308,11 @@ static int parent_has_perm(struct dev_cgroup *childcg, { struct cgroup *pcg = childcg->css.cgroup->parent; struct dev_cgroup *parent; - int ret; if (!pcg) return 1; parent = cgroup_to_devcgroup(pcg); - spin_lock(&parent->lock); - ret = may_access_whitelist(parent, wh); - spin_unlock(&parent->lock); - return ret; + return may_access_whitelist(parent, wh); } /* @@ -357,17 +331,14 @@ static int parent_has_perm(struct dev_cgroup *childcg, static int devcgroup_update_access(struct dev_cgroup *devcgroup, int filetype, const char *buffer) { - struct dev_cgroup *cur_devcgroup; const char *b; char *endp; - int retval = 0, count; + int count; struct dev_whitelist_item wh; if (!capable(CAP_SYS_ADMIN)) return -EPERM; - cur_devcgroup = task_devcgroup(current); - memset(&wh, 0, sizeof(wh)); b = buffer; @@ -437,7 +408,6 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup, } handle: - retval = 0; switch (filetype) { case DEVCG_ALLOW: if (!parent_has_perm(devcgroup, &wh)) diff --git a/security/inode.c b/security/inode.c index ca4958ebad8..efea5a60546 100644 --- a/security/inode.c +++ b/security/inode.c @@ -20,8 +20,7 @@ #include <linux/init.h> #include <linux/namei.h> #include <linux/security.h> - -#define SECURITYFS_MAGIC 0x73636673 +#include <linux/magic.h> static struct vfsmount *mount; static int mount_count; diff --git a/security/security.c b/security/security.c index 255b08559b2..c0acfa7177e 100644 --- a/security/security.c +++ b/security/security.c @@ -198,14 +198,23 @@ int security_settime(struct timespec *ts, struct timezone *tz) int security_vm_enough_memory(long pages) { + WARN_ON(current->mm == NULL); return security_ops->vm_enough_memory(current->mm, pages); } int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) { + WARN_ON(mm == NULL); return security_ops->vm_enough_memory(mm, pages); } +int security_vm_enough_memory_kern(long pages) +{ + /* If current->mm is a kernel thread then we will pass NULL, + for this specific case that is fine */ + return security_ops->vm_enough_memory(current->mm, pages); +} + int security_bprm_alloc(struct linux_binprm *bprm) { return security_ops->bprm_alloc_security(bprm); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5f21a514f58..f71de5a64d0 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -75,6 +75,7 @@ #include <linux/string.h> #include <linux/selinux.h> #include <linux/mutex.h> +#include <linux/posix-timers.h> #include "avc.h" #include "objsec.h" @@ -325,7 +326,7 @@ enum { Opt_rootcontext = 4, }; -static match_table_t tokens = { +static const match_table_t tokens = { {Opt_context, CONTEXT_STR "%s"}, {Opt_fscontext, FSCONTEXT_STR "%s"}, {Opt_defcontext, DEFCONTEXT_STR "%s"}, @@ -2123,26 +2124,27 @@ static inline void flush_unauthorized_files(struct files_struct *files) long j = -1; int drop_tty = 0; - mutex_lock(&tty_mutex); tty = get_current_tty(); if (tty) { file_list_lock(); - file = list_entry(tty->tty_files.next, typeof(*file), f_u.fu_list); - if (file) { + if (!list_empty(&tty->tty_files)) { + struct inode *inode; + /* Revalidate access to controlling tty. Use inode_has_perm on the tty inode directly rather than using file_has_perm, as this particular open file may belong to another process and we are only interested in the inode-based check here. */ - struct inode *inode = file->f_path.dentry->d_inode; + file = list_first_entry(&tty->tty_files, struct file, f_u.fu_list); + inode = file->f_path.dentry->d_inode; if (inode_has_perm(current, inode, FILE__READ | FILE__WRITE, NULL)) { drop_tty = 1; } } file_list_unlock(); + tty_kref_put(tty); } - mutex_unlock(&tty_mutex); /* Reset controlling tty. */ if (drop_tty) no_tty(); @@ -2326,13 +2328,7 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm) initrlim = init_task.signal->rlim+i; rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); } - if (current->signal->rlim[RLIMIT_CPU].rlim_cur != RLIM_INFINITY) { - /* - * This will cause RLIMIT_CPU calculations - * to be refigured. - */ - current->it_prof_expires = jiffies_to_cputime(1); - } + update_rlimit_cpu(rlim->rlim_cur); } /* Wake up the parent if it is waiting so that it can |