diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 19:15:43 +0300 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 19:15:43 +0300 |
commit | 0f6e0e8448a16d8d22119ce91d8dd24b44865b51 (patch) | |
tree | 7c295c02db035fc6a0b867465911a2bc9dc6b1ef /include | |
parent | 0d2ecee2bdb2a19d04bc5cefac0f86e790f1aad4 (diff) | |
parent | a002951c97ff8da49938c982a4c236bf2fafdc9f (diff) | |
download | linux-0f6e0e8448a16d8d22119ce91d8dd24b44865b51.tar.xz |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (33 commits)
AppArmor: kill unused macros in lsm.c
AppArmor: cleanup generated files correctly
KEYS: Add an iovec version of KEYCTL_INSTANTIATE
KEYS: Add a new keyctl op to reject a key with a specified error code
KEYS: Add a key type op to permit the key description to be vetted
KEYS: Add an RCU payload dereference macro
AppArmor: Cleanup make file to remove cruft and make it easier to read
SELinux: implement the new sb_remount LSM hook
LSM: Pass -o remount options to the LSM
SELinux: Compute SID for the newly created socket
SELinux: Socket retains creator role and MLS attribute
SELinux: Auto-generate security_is_socket_class
TOMOYO: Fix memory leak upon file open.
Revert "selinux: simplify ioctl checking"
selinux: drop unused packet flow permissions
selinux: Fix packet forwarding checks on postrouting
selinux: Fix wrong checks for selinux_policycap_netpeer
selinux: Fix check for xfrm selinux context algorithm
ima: remove unnecessary call to ima_must_measure
IMA: remove IMA imbalance checking
...
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/ext3_fs.h | 3 | ||||
-rw-r--r-- | include/linux/fs.h | 23 | ||||
-rw-r--r-- | include/linux/ima.h | 6 | ||||
-rw-r--r-- | include/linux/key-type.h | 14 | ||||
-rw-r--r-- | include/linux/key.h | 5 | ||||
-rw-r--r-- | include/linux/keyctl.h | 2 | ||||
-rw-r--r-- | include/linux/reiserfs_xattr.h | 2 | ||||
-rw-r--r-- | include/linux/security.h | 35 | ||||
-rw-r--r-- | include/linux/xattr.h | 2 |
9 files changed, 67 insertions, 25 deletions
diff --git a/include/linux/ext3_fs.h b/include/linux/ext3_fs.h index 65990ef612f5..6043c64c207a 100644 --- a/include/linux/ext3_fs.h +++ b/include/linux/ext3_fs.h @@ -884,7 +884,8 @@ extern int ext3fs_dirhash(const char *name, int len, struct dx_hash_info *hinfo); /* ialloc.c */ -extern struct inode * ext3_new_inode (handle_t *, struct inode *, int); +extern struct inode * ext3_new_inode (handle_t *, struct inode *, + const struct qstr *, int); extern void ext3_free_inode (handle_t *, struct inode *); extern struct inode * ext3_orphan_get (struct super_block *, unsigned long); extern unsigned long ext3_count_free_inodes (struct super_block *); diff --git a/include/linux/fs.h b/include/linux/fs.h index 13df14e2c42e..2f5a71d6d766 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -801,8 +801,7 @@ struct inode { #endif #ifdef CONFIG_IMA - /* protected by i_lock */ - unsigned int i_readcount; /* struct files open RO */ + atomic_t i_readcount; /* struct files open RO */ #endif atomic_t i_writecount; #ifdef CONFIG_SECURITY @@ -2215,6 +2214,26 @@ static inline void allow_write_access(struct file *file) if (file) atomic_inc(&file->f_path.dentry->d_inode->i_writecount); } +#ifdef CONFIG_IMA +static inline void i_readcount_dec(struct inode *inode) +{ + BUG_ON(!atomic_read(&inode->i_readcount)); + atomic_dec(&inode->i_readcount); +} +static inline void i_readcount_inc(struct inode *inode) +{ + atomic_inc(&inode->i_readcount); +} +#else +static inline void i_readcount_dec(struct inode *inode) +{ + return; +} +static inline void i_readcount_inc(struct inode *inode) +{ + return; +} +#endif extern int do_pipe_flags(int *, int); extern struct file *create_read_pipe(struct file *f, int flags); extern struct file *create_write_pipe(int flags); diff --git a/include/linux/ima.h b/include/linux/ima.h index 975837e7d6c0..09e6e62f9953 100644 --- a/include/linux/ima.h +++ b/include/linux/ima.h @@ -20,7 +20,6 @@ extern void ima_inode_free(struct inode *inode); extern int ima_file_check(struct file *file, int mask); extern void ima_file_free(struct file *file); extern int ima_file_mmap(struct file *file, unsigned long prot); -extern void ima_counts_get(struct file *file); #else static inline int ima_bprm_check(struct linux_binprm *bprm) @@ -53,10 +52,5 @@ static inline int ima_file_mmap(struct file *file, unsigned long prot) return 0; } -static inline void ima_counts_get(struct file *file) -{ - return; -} - #endif /* CONFIG_IMA_H */ #endif /* _LINUX_IMA_H */ diff --git a/include/linux/key-type.h b/include/linux/key-type.h index 65833d4d5998..9efd081bb31e 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -41,6 +41,9 @@ struct key_type { */ size_t def_datalen; + /* vet a description */ + int (*vet_description)(const char *description); + /* instantiate a key of this type * - this method should call key_payload_reserve() to determine if the * user's quota will hold the payload @@ -102,11 +105,20 @@ extern int key_instantiate_and_link(struct key *key, size_t datalen, struct key *keyring, struct key *instkey); -extern int key_negate_and_link(struct key *key, +extern int key_reject_and_link(struct key *key, unsigned timeout, + unsigned error, struct key *keyring, struct key *instkey); extern void complete_request_key(struct key_construction *cons, int error); +static inline int key_negate_and_link(struct key *key, + unsigned timeout, + struct key *keyring, + struct key *instkey) +{ + return key_reject_and_link(key, timeout, ENOKEY, keyring, instkey); +} + #endif /* CONFIG_KEYS */ #endif /* _LINUX_KEY_TYPE_H */ diff --git a/include/linux/key.h b/include/linux/key.h index 3db0adce1fda..b2bb01719561 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -170,6 +170,7 @@ struct key { struct list_head link; unsigned long x[2]; void *p[2]; + int reject_error; } type_data; /* key data @@ -275,6 +276,10 @@ static inline key_serial_t key_serial(struct key *key) return key ? key->serial : 0; } +#define rcu_dereference_key(KEY) \ + (rcu_dereference_protected((KEY)->payload.rcudata, \ + rwsem_is_locked(&((struct key *)(KEY))->sem))) + #ifdef CONFIG_SYSCTL extern ctl_table key_sysctls[]; #endif diff --git a/include/linux/keyctl.h b/include/linux/keyctl.h index bd383f1944fb..9b0b865ce622 100644 --- a/include/linux/keyctl.h +++ b/include/linux/keyctl.h @@ -53,5 +53,7 @@ #define KEYCTL_ASSUME_AUTHORITY 16 /* assume request_key() authorisation */ #define KEYCTL_GET_SECURITY 17 /* get key security label */ #define KEYCTL_SESSION_TO_PARENT 18 /* apply session keyring to parent process */ +#define KEYCTL_REJECT 19 /* reject a partially constructed key */ +#define KEYCTL_INSTANTIATE_IOV 20 /* instantiate a partially constructed key */ #endif /* _LINUX_KEYCTL_H */ diff --git a/include/linux/reiserfs_xattr.h b/include/linux/reiserfs_xattr.h index 3b94c91f20a6..6deef5dc95fb 100644 --- a/include/linux/reiserfs_xattr.h +++ b/include/linux/reiserfs_xattr.h @@ -63,6 +63,7 @@ extern const struct xattr_handler reiserfs_xattr_trusted_handler; extern const struct xattr_handler reiserfs_xattr_security_handler; #ifdef CONFIG_REISERFS_FS_SECURITY int reiserfs_security_init(struct inode *dir, struct inode *inode, + const struct qstr *qstr, struct reiserfs_security_handle *sec); int reiserfs_security_write(struct reiserfs_transaction_handle *th, struct inode *inode, @@ -130,6 +131,7 @@ static inline void reiserfs_init_xattr_rwsem(struct inode *inode) #ifndef CONFIG_REISERFS_FS_SECURITY static inline int reiserfs_security_init(struct inode *dir, struct inode *inode, + const struct qstr *qstr, struct reiserfs_security_handle *sec) { return 0; diff --git a/include/linux/security.h b/include/linux/security.h index debbd97db7ab..83d9227abf02 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -25,6 +25,7 @@ #include <linux/fs.h> #include <linux/fsnotify.h> #include <linux/binfmts.h> +#include <linux/dcache.h> #include <linux/signal.h> #include <linux/resource.h> #include <linux/sem.h> @@ -267,6 +268,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @orig the original mount data copied from userspace. * @copy copied data which will be passed to the security module. * Returns 0 if the copy was successful. + * @sb_remount: + * Extracts security system specifc mount options and verifys no changes + * are being made to those options. + * @sb superblock being remounted + * @data contains the filesystem-specific data. + * Return 0 if permission is granted. * @sb_umount: * Check permission before the @mnt file system is unmounted. * @mnt contains the mounted file system. @@ -315,6 +322,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * then it should return -EOPNOTSUPP to skip this processing. * @inode contains the inode structure of the newly created inode. * @dir contains the inode structure of the parent directory. + * @qstr contains the last path component of the new object * @name will be set to the allocated name suffix (e.g. selinux). * @value will be set to the allocated attribute value. * @len will be set to the length of the value. @@ -1257,12 +1265,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @cap contains the capability <include/linux/capability.h>. * @audit: Whether to write an audit message or not * Return 0 if the capability is granted for @tsk. - * @sysctl: - * Check permission before accessing the @table sysctl variable in the - * manner specified by @op. - * @table contains the ctl_table structure for the sysctl variable. - * @op contains the operation (001 = search, 002 = write, 004 = read). - * Return 0 if permission is granted. * @syslog: * Check permission before accessing the kernel message ring or changing * logging to the console. @@ -1383,7 +1385,6 @@ struct security_operations { const kernel_cap_t *permitted); int (*capable) (struct task_struct *tsk, const struct cred *cred, int cap, int audit); - int (*sysctl) (struct ctl_table *table, int op); int (*quotactl) (int cmds, int type, int id, struct super_block *sb); int (*quota_on) (struct dentry *dentry); int (*syslog) (int type); @@ -1399,6 +1400,7 @@ struct security_operations { int (*sb_alloc_security) (struct super_block *sb); void (*sb_free_security) (struct super_block *sb); int (*sb_copy_data) (char *orig, char *copy); + int (*sb_remount) (struct super_block *sb, void *data); int (*sb_kern_mount) (struct super_block *sb, int flags, void *data); int (*sb_show_options) (struct seq_file *m, struct super_block *sb); int (*sb_statfs) (struct dentry *dentry); @@ -1435,7 +1437,8 @@ struct security_operations { int (*inode_alloc_security) (struct inode *inode); void (*inode_free_security) (struct inode *inode); int (*inode_init_security) (struct inode *inode, struct inode *dir, - char **name, void **value, size_t *len); + const struct qstr *qstr, char **name, + void **value, size_t *len); int (*inode_create) (struct inode *dir, struct dentry *dentry, int mode); int (*inode_link) (struct dentry *old_dentry, @@ -1665,7 +1668,6 @@ int security_capset(struct cred *new, const struct cred *old, int security_capable(const struct cred *cred, int cap); int security_real_capable(struct task_struct *tsk, int cap); int security_real_capable_noaudit(struct task_struct *tsk, int cap); -int security_sysctl(struct ctl_table *table, int op); int security_quotactl(int cmds, int type, int id, struct super_block *sb); int security_quota_on(struct dentry *dentry); int security_syslog(int type); @@ -1681,6 +1683,7 @@ int security_bprm_secureexec(struct linux_binprm *bprm); int security_sb_alloc(struct super_block *sb); void security_sb_free(struct super_block *sb); int security_sb_copy_data(char *orig, char *copy); +int security_sb_remount(struct super_block *sb, void *data); int security_sb_kern_mount(struct super_block *sb, int flags, void *data); int security_sb_show_options(struct seq_file *m, struct super_block *sb); int security_sb_statfs(struct dentry *dentry); @@ -1696,7 +1699,8 @@ int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts); int security_inode_alloc(struct inode *inode); void security_inode_free(struct inode *inode); int security_inode_init_security(struct inode *inode, struct inode *dir, - char **name, void **value, size_t *len); + const struct qstr *qstr, char **name, + void **value, size_t *len); int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); int security_inode_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry); @@ -1883,11 +1887,6 @@ int security_real_capable_noaudit(struct task_struct *tsk, int cap) return ret; } -static inline int security_sysctl(struct ctl_table *table, int op) -{ - return 0; -} - static inline int security_quotactl(int cmds, int type, int id, struct super_block *sb) { @@ -1965,6 +1964,11 @@ static inline int security_sb_copy_data(char *orig, char *copy) return 0; } +static inline int security_sb_remount(struct super_block *sb, void *data) +{ + return 0; +} + static inline int security_sb_kern_mount(struct super_block *sb, int flags, void *data) { return 0; @@ -2024,6 +2028,7 @@ static inline void security_inode_free(struct inode *inode) static inline int security_inode_init_security(struct inode *inode, struct inode *dir, + const struct qstr *qstr, char **name, void **value, size_t *len) diff --git a/include/linux/xattr.h b/include/linux/xattr.h index e6131ef98d8f..6050783005bd 100644 --- a/include/linux/xattr.h +++ b/include/linux/xattr.h @@ -42,11 +42,13 @@ #define XATTR_SMACK_IPOUT "SMACK64IPOUT" #define XATTR_SMACK_EXEC "SMACK64EXEC" #define XATTR_SMACK_TRANSMUTE "SMACK64TRANSMUTE" +#define XATTR_SMACK_MMAP "SMACK64MMAP" #define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX #define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN #define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT #define XATTR_NAME_SMACKEXEC XATTR_SECURITY_PREFIX XATTR_SMACK_EXEC #define XATTR_NAME_SMACKTRANSMUTE XATTR_SECURITY_PREFIX XATTR_SMACK_TRANSMUTE +#define XATTR_NAME_SMACKMMAP XATTR_SECURITY_PREFIX XATTR_SMACK_MMAP #define XATTR_CAPS_SUFFIX "capability" #define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX |