Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (33 commits) AppArmor: kill unused macros in lsm.c AppArmor: cleanup generated files correctly KEYS: Add an iovec version of KEYCTL_INSTANTIATE KEYS: Add a new keyctl op to reject a key with a specified error code KEYS: Add a key type op to permit the key description to be vetted KEYS: Add an RCU payload dereference macro AppArmor: Cleanup make file to remove cruft and make it easier to read SELinux: implement the new sb_remount LSM hook LSM: Pass -o remount options to the LSM SELinux: Compute SID for the newly created socket SELinux: Socket retains creator role and MLS attribute SELinux: Auto-generate security_is_socket_class TOMOYO: Fix memory leak upon file open. Revert "selinux: simplify ioctl checking" selinux: drop unused packet flow permissions selinux: Fix packet forwarding checks on postrouting selinux: Fix wrong checks for selinux_policycap_netpeer selinux: Fix check for xfrm selinux context algorithm ima: remove unnecessary call to ima_must_measure IMA: remove IMA imbalance checking ...
This commit is contained in:
Linus Torvalds
@@ -884,7 +884,8 @@ extern int ext3fs_dirhash(const char *name, int len, struct
|
||||
dx_hash_info *hinfo);
|
||||
|
||||
/* ialloc.c */
|
||||
extern struct inode * ext3_new_inode (handle_t *, struct inode *, int);
|
||||
extern struct inode * ext3_new_inode (handle_t *, struct inode *,
|
||||
const struct qstr *, int);
|
||||
extern void ext3_free_inode (handle_t *, struct inode *);
|
||||
extern struct inode * ext3_orphan_get (struct super_block *, unsigned long);
|
||||
extern unsigned long ext3_count_free_inodes (struct super_block *);
|
||||
|
||||
@@ -801,8 +801,7 @@ struct inode {
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_IMA
|
||||
/* protected by i_lock */
|
||||
unsigned int i_readcount; /* struct files open RO */
|
||||
atomic_t i_readcount; /* struct files open RO */
|
||||
#endif
|
||||
atomic_t i_writecount;
|
||||
#ifdef CONFIG_SECURITY
|
||||
@@ -2215,6 +2214,26 @@ static inline void allow_write_access(struct file *file)
|
||||
if (file)
|
||||
atomic_inc(&file->f_path.dentry->d_inode->i_writecount);
|
||||
}
|
||||
#ifdef CONFIG_IMA
|
||||
static inline void i_readcount_dec(struct inode *inode)
|
||||
{
|
||||
BUG_ON(!atomic_read(&inode->i_readcount));
|
||||
atomic_dec(&inode->i_readcount);
|
||||
}
|
||||
static inline void i_readcount_inc(struct inode *inode)
|
||||
{
|
||||
atomic_inc(&inode->i_readcount);
|
||||
}
|
||||
#else
|
||||
static inline void i_readcount_dec(struct inode *inode)
|
||||
{
|
||||
return;
|
||||
}
|
||||
static inline void i_readcount_inc(struct inode *inode)
|
||||
{
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
extern int do_pipe_flags(int *, int);
|
||||
extern struct file *create_read_pipe(struct file *f, int flags);
|
||||
extern struct file *create_write_pipe(int flags);
|
||||
|
||||
@@ -20,7 +20,6 @@ extern void ima_inode_free(struct inode *inode);
|
||||
extern int ima_file_check(struct file *file, int mask);
|
||||
extern void ima_file_free(struct file *file);
|
||||
extern int ima_file_mmap(struct file *file, unsigned long prot);
|
||||
extern void ima_counts_get(struct file *file);
|
||||
|
||||
#else
|
||||
static inline int ima_bprm_check(struct linux_binprm *bprm)
|
||||
@@ -53,10 +52,5 @@ static inline int ima_file_mmap(struct file *file, unsigned long prot)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline void ima_counts_get(struct file *file)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
#endif /* CONFIG_IMA_H */
|
||||
#endif /* _LINUX_IMA_H */
|
||||
|
||||
@@ -41,6 +41,9 @@ struct key_type {
|
||||
*/
|
||||
size_t def_datalen;
|
||||
|
||||
/* vet a description */
|
||||
int (*vet_description)(const char *description);
|
||||
|
||||
/* instantiate a key of this type
|
||||
* - this method should call key_payload_reserve() to determine if the
|
||||
* user's quota will hold the payload
|
||||
@@ -102,11 +105,20 @@ extern int key_instantiate_and_link(struct key *key,
|
||||
size_t datalen,
|
||||
struct key *keyring,
|
||||
struct key *instkey);
|
||||
extern int key_negate_and_link(struct key *key,
|
||||
extern int key_reject_and_link(struct key *key,
|
||||
unsigned timeout,
|
||||
unsigned error,
|
||||
struct key *keyring,
|
||||
struct key *instkey);
|
||||
extern void complete_request_key(struct key_construction *cons, int error);
|
||||
|
||||
static inline int key_negate_and_link(struct key *key,
|
||||
unsigned timeout,
|
||||
struct key *keyring,
|
||||
struct key *instkey)
|
||||
{
|
||||
return key_reject_and_link(key, timeout, ENOKEY, keyring, instkey);
|
||||
}
|
||||
|
||||
#endif /* CONFIG_KEYS */
|
||||
#endif /* _LINUX_KEY_TYPE_H */
|
||||
|
||||
@@ -170,6 +170,7 @@ struct key {
|
||||
struct list_head link;
|
||||
unsigned long x[2];
|
||||
void *p[2];
|
||||
int reject_error;
|
||||
} type_data;
|
||||
|
||||
/* key data
|
||||
@@ -275,6 +276,10 @@ static inline key_serial_t key_serial(struct key *key)
|
||||
return key ? key->serial : 0;
|
||||
}
|
||||
|
||||
#define rcu_dereference_key(KEY) \
|
||||
(rcu_dereference_protected((KEY)->payload.rcudata, \
|
||||
rwsem_is_locked(&((struct key *)(KEY))->sem)))
|
||||
|
||||
#ifdef CONFIG_SYSCTL
|
||||
extern ctl_table key_sysctls[];
|
||||
#endif
|
||||
|
||||
@@ -53,5 +53,7 @@
|
||||
#define KEYCTL_ASSUME_AUTHORITY 16 /* assume request_key() authorisation */
|
||||
#define KEYCTL_GET_SECURITY 17 /* get key security label */
|
||||
#define KEYCTL_SESSION_TO_PARENT 18 /* apply session keyring to parent process */
|
||||
#define KEYCTL_REJECT 19 /* reject a partially constructed key */
|
||||
#define KEYCTL_INSTANTIATE_IOV 20 /* instantiate a partially constructed key */
|
||||
|
||||
#endif /* _LINUX_KEYCTL_H */
|
||||
|
||||
@@ -63,6 +63,7 @@ extern const struct xattr_handler reiserfs_xattr_trusted_handler;
|
||||
extern const struct xattr_handler reiserfs_xattr_security_handler;
|
||||
#ifdef CONFIG_REISERFS_FS_SECURITY
|
||||
int reiserfs_security_init(struct inode *dir, struct inode *inode,
|
||||
const struct qstr *qstr,
|
||||
struct reiserfs_security_handle *sec);
|
||||
int reiserfs_security_write(struct reiserfs_transaction_handle *th,
|
||||
struct inode *inode,
|
||||
@@ -130,6 +131,7 @@ static inline void reiserfs_init_xattr_rwsem(struct inode *inode)
|
||||
#ifndef CONFIG_REISERFS_FS_SECURITY
|
||||
static inline int reiserfs_security_init(struct inode *dir,
|
||||
struct inode *inode,
|
||||
const struct qstr *qstr,
|
||||
struct reiserfs_security_handle *sec)
|
||||
{
|
||||
return 0;
|
||||
|
||||
@@ -25,6 +25,7 @@
|
||||
#include <linux/fs.h>
|
||||
#include <linux/fsnotify.h>
|
||||
#include <linux/binfmts.h>
|
||||
#include <linux/dcache.h>
|
||||
#include <linux/signal.h>
|
||||
#include <linux/resource.h>
|
||||
#include <linux/sem.h>
|
||||
@@ -267,6 +268,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @orig the original mount data copied from userspace.
|
||||
* @copy copied data which will be passed to the security module.
|
||||
* Returns 0 if the copy was successful.
|
||||
* @sb_remount:
|
||||
* Extracts security system specifc mount options and verifys no changes
|
||||
* are being made to those options.
|
||||
* @sb superblock being remounted
|
||||
* @data contains the filesystem-specific data.
|
||||
* Return 0 if permission is granted.
|
||||
* @sb_umount:
|
||||
* Check permission before the @mnt file system is unmounted.
|
||||
* @mnt contains the mounted file system.
|
||||
@@ -315,6 +322,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* then it should return -EOPNOTSUPP to skip this processing.
|
||||
* @inode contains the inode structure of the newly created inode.
|
||||
* @dir contains the inode structure of the parent directory.
|
||||
* @qstr contains the last path component of the new object
|
||||
* @name will be set to the allocated name suffix (e.g. selinux).
|
||||
* @value will be set to the allocated attribute value.
|
||||
* @len will be set to the length of the value.
|
||||
@@ -1257,12 +1265,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
|
||||
* @cap contains the capability <include/linux/capability.h>.
|
||||
* @audit: Whether to write an audit message or not
|
||||
* Return 0 if the capability is granted for @tsk.
|
||||
* @sysctl:
|
||||
* Check permission before accessing the @table sysctl variable in the
|
||||
* manner specified by @op.
|
||||
* @table contains the ctl_table structure for the sysctl variable.
|
||||
* @op contains the operation (001 = search, 002 = write, 004 = read).
|
||||
* Return 0 if permission is granted.
|
||||
* @syslog:
|
||||
* Check permission before accessing the kernel message ring or changing
|
||||
* logging to the console.
|
||||
@@ -1383,7 +1385,6 @@ struct security_operations {
|
||||
const kernel_cap_t *permitted);
|
||||
int (*capable) (struct task_struct *tsk, const struct cred *cred,
|
||||
int cap, int audit);
|
||||
int (*sysctl) (struct ctl_table *table, int op);
|
||||
int (*quotactl) (int cmds, int type, int id, struct super_block *sb);
|
||||
int (*quota_on) (struct dentry *dentry);
|
||||
int (*syslog) (int type);
|
||||
@@ -1399,6 +1400,7 @@ struct security_operations {
|
||||
int (*sb_alloc_security) (struct super_block *sb);
|
||||
void (*sb_free_security) (struct super_block *sb);
|
||||
int (*sb_copy_data) (char *orig, char *copy);
|
||||
int (*sb_remount) (struct super_block *sb, void *data);
|
||||
int (*sb_kern_mount) (struct super_block *sb, int flags, void *data);
|
||||
int (*sb_show_options) (struct seq_file *m, struct super_block *sb);
|
||||
int (*sb_statfs) (struct dentry *dentry);
|
||||
@@ -1435,7 +1437,8 @@ struct security_operations {
|
||||
int (*inode_alloc_security) (struct inode *inode);
|
||||
void (*inode_free_security) (struct inode *inode);
|
||||
int (*inode_init_security) (struct inode *inode, struct inode *dir,
|
||||
char **name, void **value, size_t *len);
|
||||
const struct qstr *qstr, char **name,
|
||||
void **value, size_t *len);
|
||||
int (*inode_create) (struct inode *dir,
|
||||
struct dentry *dentry, int mode);
|
||||
int (*inode_link) (struct dentry *old_dentry,
|
||||
@@ -1665,7 +1668,6 @@ int security_capset(struct cred *new, const struct cred *old,
|
||||
int security_capable(const struct cred *cred, int cap);
|
||||
int security_real_capable(struct task_struct *tsk, int cap);
|
||||
int security_real_capable_noaudit(struct task_struct *tsk, int cap);
|
||||
int security_sysctl(struct ctl_table *table, int op);
|
||||
int security_quotactl(int cmds, int type, int id, struct super_block *sb);
|
||||
int security_quota_on(struct dentry *dentry);
|
||||
int security_syslog(int type);
|
||||
@@ -1681,6 +1683,7 @@ int security_bprm_secureexec(struct linux_binprm *bprm);
|
||||
int security_sb_alloc(struct super_block *sb);
|
||||
void security_sb_free(struct super_block *sb);
|
||||
int security_sb_copy_data(char *orig, char *copy);
|
||||
int security_sb_remount(struct super_block *sb, void *data);
|
||||
int security_sb_kern_mount(struct super_block *sb, int flags, void *data);
|
||||
int security_sb_show_options(struct seq_file *m, struct super_block *sb);
|
||||
int security_sb_statfs(struct dentry *dentry);
|
||||
@@ -1696,7 +1699,8 @@ int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts);
|
||||
int security_inode_alloc(struct inode *inode);
|
||||
void security_inode_free(struct inode *inode);
|
||||
int security_inode_init_security(struct inode *inode, struct inode *dir,
|
||||
char **name, void **value, size_t *len);
|
||||
const struct qstr *qstr, char **name,
|
||||
void **value, size_t *len);
|
||||
int security_inode_create(struct inode *dir, struct dentry *dentry, int mode);
|
||||
int security_inode_link(struct dentry *old_dentry, struct inode *dir,
|
||||
struct dentry *new_dentry);
|
||||
@@ -1883,11 +1887,6 @@ int security_real_capable_noaudit(struct task_struct *tsk, int cap)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static inline int security_sysctl(struct ctl_table *table, int op)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_quotactl(int cmds, int type, int id,
|
||||
struct super_block *sb)
|
||||
{
|
||||
@@ -1965,6 +1964,11 @@ static inline int security_sb_copy_data(char *orig, char *copy)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_sb_remount(struct super_block *sb, void *data)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_sb_kern_mount(struct super_block *sb, int flags, void *data)
|
||||
{
|
||||
return 0;
|
||||
@@ -2024,6 +2028,7 @@ static inline void security_inode_free(struct inode *inode)
|
||||
|
||||
static inline int security_inode_init_security(struct inode *inode,
|
||||
struct inode *dir,
|
||||
const struct qstr *qstr,
|
||||
char **name,
|
||||
void **value,
|
||||
size_t *len)
|
||||
|
||||
@@ -42,11 +42,13 @@
|
||||
#define XATTR_SMACK_IPOUT "SMACK64IPOUT"
|
||||
#define XATTR_SMACK_EXEC "SMACK64EXEC"
|
||||
#define XATTR_SMACK_TRANSMUTE "SMACK64TRANSMUTE"
|
||||
#define XATTR_SMACK_MMAP "SMACK64MMAP"
|
||||
#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX
|
||||
#define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN
|
||||
#define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT
|
||||
#define XATTR_NAME_SMACKEXEC XATTR_SECURITY_PREFIX XATTR_SMACK_EXEC
|
||||
#define XATTR_NAME_SMACKTRANSMUTE XATTR_SECURITY_PREFIX XATTR_SMACK_TRANSMUTE
|
||||
#define XATTR_NAME_SMACKMMAP XATTR_SECURITY_PREFIX XATTR_SMACK_MMAP
|
||||
|
||||
#define XATTR_CAPS_SUFFIX "capability"
|
||||
#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
|
||||
|
||||
Reference in New Issue
Block a user