diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2016-08-30 10:31:39 -0700 |
---|---|---|
committer | Casey Schaufler <casey@schaufler-ca.com> | 2016-09-08 13:22:56 -0700 |
commit | c60b906673eebb4f65840fa9dc204401caf276ea (patch) | |
tree | 0ccaf8637751e3183918c3249af3ab465481245f /security/smack/smack.h | |
parent | 63e24c497158c066583b9c06378d89ace694265a (diff) | |
download | linux-c60b906673eebb4f65840fa9dc204401caf276ea.tar.gz linux-c60b906673eebb4f65840fa9dc204401caf276ea.tar.bz2 linux-c60b906673eebb4f65840fa9dc204401caf276ea.zip |
Smack: Signal delivery as an append operation
Under a strict subject/object security policy delivering a
signal or delivering network IPC could be considered either
a write or an append operation. The original choice to make
both write operations leads to an issue where IPC delivery
is desired under policy, but delivery of signals is not.
This patch provides the option of making signal delivery
an append operation, allowing Smack rules that deny signal
delivery while allowing IPC. This was requested for Tizen.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'security/smack/smack.h')
-rw-r--r-- | security/smack/smack.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h index 26e58f1804b1..51fd30192c08 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -256,6 +256,16 @@ enum { #define MAY_LOCK 0x00002000 /* Locks should be writes, but ... */ #define MAY_BRINGUP 0x00004000 /* Report use of this rule */ +/* + * The policy for delivering signals is configurable. + * It is usually "write", but can be "append". + */ +#ifdef CONFIG_SECURITY_SMACK_APPEND_SIGNALS +#define MAY_DELIVER MAY_APPEND /* Signal delivery requires append */ +#else +#define MAY_DELIVER MAY_WRITE /* Signal delivery requires write */ +#endif + #define SMACK_BRINGUP_ALLOW 1 /* Allow bringup mode */ #define SMACK_UNCONFINED_SUBJECT 2 /* Allow unconfined label */ #define SMACK_UNCONFINED_OBJECT 3 /* Allow unconfined label */ |