summaryrefslogtreecommitdiffstats
path: root/security/smack
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2017-01-10 12:28:32 -0500
committerPaul Moore <paul@paul-moore.com>2017-01-12 11:10:57 -0500
commit3a2f5a59a695a73e0cde9a61e0feae5fa730e936 (patch)
tree058704d18e909a2c0b46356c74d3c1156c2206aa /security/smack
parentb4ba35c75a0671a06b978b6386b54148efddf39f (diff)
downloadlinux-3a2f5a59a695a73e0cde9a61e0feae5fa730e936.tar.gz
linux-3a2f5a59a695a73e0cde9a61e0feae5fa730e936.tar.bz2
linux-3a2f5a59a695a73e0cde9a61e0feae5fa730e936.zip
security,selinux,smack: kill security_task_wait hook
As reported by yangshukui, a permission denial from security_task_wait() can lead to a soft lockup in zap_pid_ns_processes() since it only expects sys_wait4() to return 0 or -ECHILD. Further, security_task_wait() can in general lead to zombies; in the absence of some way to automatically reparent a child process upon a denial, the hook is not useful. Remove the security hook and its implementations in SELinux and Smack. Smack already removed its check from its hook. Reported-by: yangshukui <yangshukui@huawei.com> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/smack')
-rw-r--r--security/smack/smack_lsm.c20
1 files changed, 0 insertions, 20 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 8da4a6b9ca4d..2166373ea5a4 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2272,25 +2272,6 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info,
}
/**
- * smack_task_wait - Smack access check for waiting
- * @p: task to wait for
- *
- * Returns 0
- */
-static int smack_task_wait(struct task_struct *p)
-{
- /*
- * Allow the operation to succeed.
- * Zombies are bad.
- * In userless environments (e.g. phones) programs
- * get marked with SMACK64EXEC and even if the parent
- * and child shouldn't be talking the parent still
- * may expect to know when the child exits.
- */
- return 0;
-}
-
-/**
* smack_task_to_inode - copy task smack into the inode blob
* @p: task to copy from
* @inode: inode to copy to
@@ -4658,7 +4639,6 @@ static struct security_hook_list smack_hooks[] = {
LSM_HOOK_INIT(task_getscheduler, smack_task_getscheduler),
LSM_HOOK_INIT(task_movememory, smack_task_movememory),
LSM_HOOK_INIT(task_kill, smack_task_kill),
- LSM_HOOK_INIT(task_wait, smack_task_wait),
LSM_HOOK_INIT(task_to_inode, smack_task_to_inode),
LSM_HOOK_INIT(ipc_permission, smack_ipc_permission),