| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Jan 2009 19:25:06 +1100 (EST)
From: James Morris <jmorris@...ei.org>
To: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
cc: Andrew Morton <akpm@...ux-foundation.org>,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, David Howells <dhowells@...hat.com>,
"Serge E. Hallyn" <serue@...ibm.com>
Subject: Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 01/10] Add in_execve flag
into task_struct.
On Thu, 1 Jan 2009, Tetsuo Handa wrote:
> This patch allows LSM modules to determine whether current process is in an
> execve operation or not so that they can behave differently while an execve
> operation is in progress.
>
> This allows TOMOYO to dispense with a readability check on a file to be
> executed under the process's current credentials, and to do it instead under
> the proposed credentials.
>
> This is required with the new COW credentials because TOMOYO is no longer
> allowed to mark the state temporarily in the security struct attached to the
> task_struct.
Serge previously queried this flag:
http://article.gmane.org/gmane.linux.kernel.lsm/7611
The issue does not appear to have been resolved.
>
> Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
> Signed-off-by: David Howells <dhowells@...hat.com>
> ---
> fs/compat.c | 3 +++
> fs/exec.c | 3 +++
> include/linux/sched.h | 2 ++
> 3 files changed, 8 insertions(+)
>
> --- linux-2.6.28-mm1.orig/fs/compat.c
> +++ linux-2.6.28-mm1/fs/compat.c
> @@ -1402,6 +1402,7 @@ int compat_do_execve(char * filename,
> retval = mutex_lock_interruptible(¤t->cred_exec_mutex);
> if (retval < 0)
> goto out_free;
> + current->in_execve = 1;
>
> retval = -ENOMEM;
> bprm->cred = prepare_exec_creds();
> @@ -1454,6 +1455,7 @@ int compat_do_execve(char * filename,
> goto out;
>
> /* execve succeeded */
> + current->in_execve = 0;
> mutex_unlock(¤t->cred_exec_mutex);
> acct_update_integrals(current);
> free_bprm(bprm);
> @@ -1470,6 +1472,7 @@ out_file:
> }
>
> out_unlock:
> + current->in_execve = 0;
> mutex_unlock(¤t->cred_exec_mutex);
>
> out_free:
> --- linux-2.6.28-mm1.orig/fs/exec.c
> +++ linux-2.6.28-mm1/fs/exec.c
> @@ -1306,6 +1306,7 @@ int do_execve(char * filename,
> retval = mutex_lock_interruptible(¤t->cred_exec_mutex);
> if (retval < 0)
> goto out_free;
> + current->in_execve = 1;
>
> retval = -ENOMEM;
> bprm->cred = prepare_exec_creds();
> @@ -1359,6 +1360,7 @@ int do_execve(char * filename,
> goto out;
>
> /* execve succeeded */
> + current->in_execve = 0;
> mutex_unlock(¤t->cred_exec_mutex);
> acct_update_integrals(current);
> free_bprm(bprm);
> @@ -1377,6 +1379,7 @@ out_file:
> }
>
> out_unlock:
> + current->in_execve = 0;
> mutex_unlock(¤t->cred_exec_mutex);
>
> out_free:
> --- linux-2.6.28-mm1.orig/include/linux/sched.h
> +++ linux-2.6.28-mm1/include/linux/sched.h
> @@ -1155,6 +1155,8 @@ struct task_struct {
> /* ??? */
> unsigned int personality;
> unsigned did_exec:1;
> + unsigned in_execve:1; /* Tell the LSMs that the process is doing an
> + * execve */
> pid_t pid;
> pid_t tgid;
>
>
> --
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists