Smack: Implement lock security mode
Linux file locking does not follow the same rules as other mechanisms. Even though it is a write operation a process can set a read lock on files which it has open only for read access. Two programs with read access to a file can use read locks to communicate. This is not acceptable in a Mandatory Access Control environment. Smack treats setting a read lock as the write operation that it is. Unfortunately, many programs assume that setting a read lock is a read operation. These programs are unhappy in the Smack environment. This patch introduces a new access mode (lock) to address this problem. A process with lock access to a file can set a read lock. A process with write access to a file can set a read lock or a write lock. This prevents a situation where processes are granted write access just so they can set read locks. Targeted for git://git.gitorious.org/smack-next/kernel.git Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
This commit is contained in:
Casey Schaufler
@@ -177,9 +177,13 @@ struct smk_port_label {
|
||||
#define SMACK_CIPSO_MAXCATNUM 184 /* 23 * 8 */
|
||||
|
||||
/*
|
||||
* Flag for transmute access
|
||||
* Flags for untraditional access modes.
|
||||
* It shouldn't be necessary to avoid conflicts with definitions
|
||||
* in fs.h, but do so anyway.
|
||||
*/
|
||||
#define MAY_TRANSMUTE 64
|
||||
#define MAY_TRANSMUTE 0x00001000 /* Controls directory labeling */
|
||||
#define MAY_LOCK 0x00002000 /* Locks should be writes, but ... */
|
||||
|
||||
/*
|
||||
* Just to make the common cases easier to deal with
|
||||
*/
|
||||
@@ -188,9 +192,9 @@ struct smk_port_label {
|
||||
#define MAY_NOT 0
|
||||
|
||||
/*
|
||||
* Number of access types used by Smack (rwxat)
|
||||
* Number of access types used by Smack (rwxatl)
|
||||
*/
|
||||
#define SMK_NUM_ACCESS_TYPE 5
|
||||
#define SMK_NUM_ACCESS_TYPE 6
|
||||
|
||||
/* SMACK data */
|
||||
struct smack_audit_data {
|
||||
|
||||
Reference in New Issue
Block a user