summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJames Morris <jmorris@namei.org>2008-11-06 07:12:34 +0800
committerJames Morris <jmorris@namei.org>2008-11-06 07:12:34 +0800
commite21e696edb498c7f7eed42ba3096f6bbe13927b6 (patch)
tree73b0bc28e45b0268f05c4b384a17bfb2140a73bc /security
parent2f99db28af90957271a6448479c3e492ccf7c697 (diff)
parent75fa67706cce5272bcfc51ed646f2da21f3bdb6e (diff)
downloadlinux-e21e696edb498c7f7eed42ba3096f6bbe13927b6.tar.gz
linux-e21e696edb498c7f7eed42ba3096f6bbe13927b6.tar.bz2
linux-e21e696edb498c7f7eed42ba3096f6bbe13927b6.zip
Merge branch 'master' into next
Diffstat (limited to 'security')
-rw-r--r--security/commoncap.c6
-rw-r--r--security/device_cgroup.c46
-rw-r--r--security/inode.c3
-rw-r--r--security/security.c9
-rw-r--r--security/selinux/hooks.c22
5 files changed, 30 insertions, 56 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 399bfdb9e2da..3976613db829 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -279,10 +279,10 @@ static int get_file_caps(struct linux_binprm *bprm)
struct vfs_cap_data vcaps;
struct inode *inode;
- if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID) {
- bprm_clear_caps(bprm);
+ bprm_clear_caps(bprm);
+
+ if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID)
return 0;
- }
dentry = dget(bprm->file->f_dentry);
inode = dentry->d_inode;
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 46f23971f7e4..5ba78701adc3 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -1,5 +1,5 @@
/*
- * dev_cgroup.c - device cgroup subsystem
+ * device_cgroup.c - device cgroup subsystem
*
* Copyright 2007 IBM Corp
*/
@@ -10,6 +10,7 @@
#include <linux/list.h>
#include <linux/uaccess.h>
#include <linux/seq_file.h>
+#include <linux/rcupdate.h>
#define ACC_MKNOD 1
#define ACC_READ 2
@@ -22,18 +23,8 @@
/*
* whitelist locking rules:
- * cgroup_lock() cannot be taken under dev_cgroup->lock.
- * dev_cgroup->lock can be taken with or without cgroup_lock().
- *
- * modifications always require cgroup_lock
- * modifications to a list which is visible require the
- * dev_cgroup->lock *and* cgroup_lock()
- * walking the list requires dev_cgroup->lock or cgroup_lock().
- *
- * reasoning: dev_whitelist_copy() needs to kmalloc, so needs
- * a mutex, which the cgroup_lock() is. Since modifying
- * a visible list requires both locks, either lock can be
- * taken for walking the list.
+ * hold cgroup_lock() for update/read.
+ * hold rcu_read_lock() for read.
*/
struct dev_whitelist_item {
@@ -47,7 +38,6 @@ struct dev_whitelist_item {
struct dev_cgroup {
struct cgroup_subsys_state css;
struct list_head whitelist;
- spinlock_t lock;
};
static inline struct dev_cgroup *css_to_devcgroup(struct cgroup_subsys_state *s)
@@ -84,13 +74,9 @@ static int dev_whitelist_copy(struct list_head *dest, struct list_head *orig)
struct dev_whitelist_item *wh, *tmp, *new;
list_for_each_entry(wh, orig, list) {
- new = kmalloc(sizeof(*wh), GFP_KERNEL);
+ new = kmemdup(wh, sizeof(*wh), GFP_KERNEL);
if (!new)
goto free_and_exit;
- new->major = wh->major;
- new->minor = wh->minor;
- new->type = wh->type;
- new->access = wh->access;
list_add_tail(&new->list, dest);
}
@@ -107,19 +93,16 @@ free_and_exit:
/* Stupid prototype - don't bother combining existing entries */
/*
* called under cgroup_lock()
- * since the list is visible to other tasks, we need the spinlock also
*/
static int dev_whitelist_add(struct dev_cgroup *dev_cgroup,
struct dev_whitelist_item *wh)
{
struct dev_whitelist_item *whcopy, *walk;
- whcopy = kmalloc(sizeof(*whcopy), GFP_KERNEL);
+ whcopy = kmemdup(wh, sizeof(*wh), GFP_KERNEL);
if (!whcopy)
return -ENOMEM;
- memcpy(whcopy, wh, sizeof(*whcopy));
- spin_lock(&dev_cgroup->lock);
list_for_each_entry(walk, &dev_cgroup->whitelist, list) {
if (walk->type != wh->type)
continue;
@@ -135,7 +118,6 @@ static int dev_whitelist_add(struct dev_cgroup *dev_cgroup,
if (whcopy != NULL)
list_add_tail_rcu(&whcopy->list, &dev_cgroup->whitelist);
- spin_unlock(&dev_cgroup->lock);
return 0;
}
@@ -149,14 +131,12 @@ static void whitelist_item_free(struct rcu_head *rcu)
/*
* called under cgroup_lock()
- * since the list is visible to other tasks, we need the spinlock also
*/
static void dev_whitelist_rm(struct dev_cgroup *dev_cgroup,
struct dev_whitelist_item *wh)
{
struct dev_whitelist_item *walk, *tmp;
- spin_lock(&dev_cgroup->lock);
list_for_each_entry_safe(walk, tmp, &dev_cgroup->whitelist, list) {
if (walk->type == DEV_ALL)
goto remove;
@@ -174,7 +154,6 @@ remove:
call_rcu(&walk->rcu, whitelist_item_free);
}
}
- spin_unlock(&dev_cgroup->lock);
}
/*
@@ -214,7 +193,6 @@ static struct cgroup_subsys_state *devcgroup_create(struct cgroup_subsys *ss,
}
}
- spin_lock_init(&dev_cgroup->lock);
return &dev_cgroup->css;
}
@@ -330,15 +308,11 @@ static int parent_has_perm(struct dev_cgroup *childcg,
{
struct cgroup *pcg = childcg->css.cgroup->parent;
struct dev_cgroup *parent;
- int ret;
if (!pcg)
return 1;
parent = cgroup_to_devcgroup(pcg);
- spin_lock(&parent->lock);
- ret = may_access_whitelist(parent, wh);
- spin_unlock(&parent->lock);
- return ret;
+ return may_access_whitelist(parent, wh);
}
/*
@@ -357,17 +331,14 @@ static int parent_has_perm(struct dev_cgroup *childcg,
static int devcgroup_update_access(struct dev_cgroup *devcgroup,
int filetype, const char *buffer)
{
- struct dev_cgroup *cur_devcgroup;
const char *b;
char *endp;
- int retval = 0, count;
+ int count;
struct dev_whitelist_item wh;
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
- cur_devcgroup = task_devcgroup(current);
-
memset(&wh, 0, sizeof(wh));
b = buffer;
@@ -437,7 +408,6 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
}
handle:
- retval = 0;
switch (filetype) {
case DEVCG_ALLOW:
if (!parent_has_perm(devcgroup, &wh))
diff --git a/security/inode.c b/security/inode.c
index ca4958ebad8d..efea5a605466 100644
--- a/security/inode.c
+++ b/security/inode.c
@@ -20,8 +20,7 @@
#include <linux/init.h>
#include <linux/namei.h>
#include <linux/security.h>
-
-#define SECURITYFS_MAGIC 0x73636673
+#include <linux/magic.h>
static struct vfsmount *mount;
static int mount_count;
diff --git a/security/security.c b/security/security.c
index 255b08559b2b..c0acfa7177e5 100644
--- a/security/security.c
+++ b/security/security.c
@@ -198,14 +198,23 @@ int security_settime(struct timespec *ts, struct timezone *tz)
int security_vm_enough_memory(long pages)
{
+ WARN_ON(current->mm == NULL);
return security_ops->vm_enough_memory(current->mm, pages);
}
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
{
+ WARN_ON(mm == NULL);
return security_ops->vm_enough_memory(mm, pages);
}
+int security_vm_enough_memory_kern(long pages)
+{
+ /* If current->mm is a kernel thread then we will pass NULL,
+ for this specific case that is fine */
+ return security_ops->vm_enough_memory(current->mm, pages);
+}
+
int security_bprm_alloc(struct linux_binprm *bprm)
{
return security_ops->bprm_alloc_security(bprm);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 5f21a514f581..f71de5a64d0c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -75,6 +75,7 @@
#include <linux/string.h>
#include <linux/selinux.h>
#include <linux/mutex.h>
+#include <linux/posix-timers.h>
#include "avc.h"
#include "objsec.h"
@@ -325,7 +326,7 @@ enum {
Opt_rootcontext = 4,
};
-static match_table_t tokens = {
+static const match_table_t tokens = {
{Opt_context, CONTEXT_STR "%s"},
{Opt_fscontext, FSCONTEXT_STR "%s"},
{Opt_defcontext, DEFCONTEXT_STR "%s"},
@@ -2123,26 +2124,27 @@ static inline void flush_unauthorized_files(struct files_struct *files)
long j = -1;
int drop_tty = 0;
- mutex_lock(&tty_mutex);
tty = get_current_tty();
if (tty) {
file_list_lock();
- file = list_entry(tty->tty_files.next, typeof(*file), f_u.fu_list);
- if (file) {
+ if (!list_empty(&tty->tty_files)) {
+ struct inode *inode;
+
/* Revalidate access to controlling tty.
Use inode_has_perm on the tty inode directly rather
than using file_has_perm, as this particular open
file may belong to another process and we are only
interested in the inode-based check here. */
- struct inode *inode = file->f_path.dentry->d_inode;
+ file = list_first_entry(&tty->tty_files, struct file, f_u.fu_list);
+ inode = file->f_path.dentry->d_inode;
if (inode_has_perm(current, inode,
FILE__READ | FILE__WRITE, NULL)) {
drop_tty = 1;
}
}
file_list_unlock();
+ tty_kref_put(tty);
}
- mutex_unlock(&tty_mutex);
/* Reset controlling tty. */
if (drop_tty)
no_tty();
@@ -2326,13 +2328,7 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm)
initrlim = init_task.signal->rlim+i;
rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur);
}
- if (current->signal->rlim[RLIMIT_CPU].rlim_cur != RLIM_INFINITY) {
- /*
- * This will cause RLIMIT_CPU calculations
- * to be refigured.
- */
- current->it_prof_expires = jiffies_to_cputime(1);
- }
+ update_rlimit_cpu(rlim->rlim_cur);
}
/* Wake up the parent if it is waiting so that it can