lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <201011221657.04800.roberto.sassu@polito.it>
Date:	Mon, 22 Nov 2010 16:57:04 +0100
From:	Roberto Sassu <roberto.sassu@...ito.it>
To:	Alexander Viro <viro@...iv.linux.org.uk>
Cc:	Stephen Smalley <sds@...ho.nsa.gov>,
	James Morris <jmorris@...ei.org>,
	Eric Paris <eparis@...isplace.org>,
	Casey Schaufler <casey@...aufler-ca.com>,
	Paul Moore <paul.moore@...com>, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org, selinux@...ho.nsa.gov
Subject: [RFC][PATCH 1/4] fs: passing task credentials to get_empty_filp()

The definition of the function get_empty_filp() has been modified in order
to pass to it the credentials of the subject creating a new file
descriptor.
This function is called by dentry_open() in fs/open.c, do_filp_open() in
fs/namei.c and alloc_file() in fs/file_table.c.
The credentials passed by these functions are not NULL only in the first
case because dentry_open() is the only which explicitly receives them as
parameter.
The 'cred' variable in the function get_empty_filp() is initialized with
the supplied credentials if they are not NULL, the credentials of the
'current' process in the other case.

Signed-off-by: Roberto Sassu <roberto.sassu@...ito.it>
---
 fs/file_table.c |    6 +++---
 fs/internal.h   |    2 +-
 fs/namei.c      |    2 +-
 fs/open.c       |    2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/fs/file_table.c b/fs/file_table.c
index c3dee38..fd446e3 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -102,9 +102,9 @@ int proc_nr_files(ctl_table *table, int write,
  * done, you will imbalance int the mount's writer count
  * and a warning at __fput() time.
  */
-struct file *get_empty_filp(void)
+struct file *get_empty_filp(const struct cred *task_cred)
 {
-	const struct cred *cred = current_cred();
+	const struct cred *cred = task_cred ? task_cred : current_cred();
 	static long old_max;
 	struct file * f;
 
@@ -171,7 +171,7 @@ struct file *alloc_file(struct path *path, fmode_t mode,
 {
 	struct file *file;
 
-	file = get_empty_filp();
+	file = get_empty_filp(NULL);
 	if (!file)
 		return NULL;
 
diff --git a/fs/internal.h b/fs/internal.h
index e43b9a4..c165615 100644
--- a/fs/internal.h
+++ b/fs/internal.h
@@ -86,7 +86,7 @@ extern void chroot_fs_refs(struct path *, struct path *);
 extern void file_sb_list_add(struct file *f, struct super_block *sb);
 extern void file_sb_list_del(struct file *f);
 extern void mark_files_ro(struct super_block *);
-extern struct file *get_empty_filp(void);
+extern struct file *get_empty_filp(const struct cred *task_cred);
 
 /*
  * super.c
diff --git a/fs/namei.c b/fs/namei.c
index 5362af9..c78e1ef 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1791,7 +1791,7 @@ reval:
 	 */
 
 	error = -ENFILE;
-	filp = get_empty_filp();
+	filp = get_empty_filp(NULL);
 	if (filp == NULL)
 		goto exit_parent;
 	nd.intent.open.file = filp;
diff --git a/fs/open.c b/fs/open.c
index 4197b9e..02adb56 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -819,7 +819,7 @@ struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags,
 	}
 
 	error = -ENFILE;
-	f = get_empty_filp();
+	f = get_empty_filp(cred);
 	if (f == NULL) {
 		dput(dentry);
 		mntput(mnt);
-- 
1.7.2.3


Download attachment "smime.p7s" of type "application/pkcs7-signature" (4707 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ