summaryrefslogtreecommitdiffstats
path: root/security/smack/smack_access.c
diff options
context:
space:
mode:
authorJarkko Sakkinen <jarkko.j.sakkinen@gmail.com>2011-10-18 21:21:36 +0300
committerCasey Schaufler <cschaufler@cschaufler-intel.(none)>2011-10-20 16:07:31 -0700
commit0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d (patch)
treeeac36ba696cf33bbbe3fcd490589ef453d9c8ef1 /security/smack/smack_access.c
parentd86b2b61d4dea614d6f319772a90a8f98b55ed67 (diff)
downloadlinux-0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d.tar.gz
linux-0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d.tar.bz2
linux-0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d.zip
Smack: allow to access /smack/access as normal user
Allow query access as a normal user removing the need for CAP_MAC_ADMIN. Give RW access to /smack/access for UGO. Do not import smack labels in access check. Signed-off-by: Jarkko Sakkinen <jarkko.j.sakkinen@gmail.com> Signed-off-by: Casey Schaufler <cschaufler@cschaufler-intel.(none)>
Diffstat (limited to 'security/smack/smack_access.c')
-rw-r--r--security/smack/smack_access.c27
1 files changed, 19 insertions, 8 deletions
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index a885f628f56e..cc7cb6edba08 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -353,17 +353,13 @@ struct smack_known *smk_find_entry(const char *string)
}
/**
- * smk_import_entry - import a label, return the list entry
- * @string: a text string that might be a Smack label
+ * smk_parse_smack - parse smack label from a text string
+ * @string: a text string that might contain a Smack label
* @len: the maximum size, or zero if it is NULL terminated.
- *
- * Returns a pointer to the entry in the label list that
- * matches the passed string, adding it if necessary.
+ * @smack: parsed smack label, or NULL if parse error
*/
-struct smack_known *smk_import_entry(const char *string, int len)
+void smk_parse_smack(const char *string, int len, char *smack)
{
- struct smack_known *skp;
- char smack[SMK_LABELLEN];
int found;
int i;
@@ -381,7 +377,22 @@ struct smack_known *smk_import_entry(const char *string, int len)
} else
smack[i] = string[i];
}
+}
+
+/**
+ * smk_import_entry - import a label, return the list entry
+ * @string: a text string that might be a Smack label
+ * @len: the maximum size, or zero if it is NULL terminated.
+ *
+ * Returns a pointer to the entry in the label list that
+ * matches the passed string, adding it if necessary.
+ */
+struct smack_known *smk_import_entry(const char *string, int len)
+{
+ struct smack_known *skp;
+ char smack[SMK_LABELLEN];
+ smk_parse_smack(string, len, smack);
if (smack[0] == '\0')
return NULL;