[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <534863B2.4090506@schaufler-ca.com>
Date: Fri, 11 Apr 2014 14:50:42 -0700
From: Casey Schaufler <casey@...aufler-ca.com>
To: Lukasz Pawelczyk <l.pawelczyk@...tner.samsung.com>,
James Morris <james.l.morris@...cle.com>,
linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
CC: r.krypa@...sung.com, t.swierczek@...sung.com
Subject: Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()
On 3/11/2014 9:07 AM, Lukasz Pawelczyk wrote:
> The order of subject/object is currently reversed in
> smack_ptrace_traceme(). It is currently checked if the tracee has a
> capability to trace tracer and according to this rule a decision is made
> whether the tracer will be allowed to trace tracee.
>
> Signed-off-by: Lukasz Pawelczyk <l.pawelczyk@...tner.samsung.com>
> Signed-off-by: Rafal Krypa <r.krypa@...sung.com>
Acked-by: Casey Schaufler <casey@...aufler-ca.com>
Applied to git://git.gitorious.org/smack-next/kernel.git smack-for-3.16
> ---
> security/smack/smack.h | 1 +
> security/smack/smack_access.c | 33 ++++++++++++++++++++++++++-------
> security/smack/smack_lsm.c | 4 ++--
> 3 files changed, 29 insertions(+), 9 deletions(-)
>
> diff --git a/security/smack/smack.h b/security/smack/smack.h
> index d072fd3..b9dfc4e 100644
> --- a/security/smack/smack.h
> +++ b/security/smack/smack.h
> @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *);
> */
> int smk_access_entry(char *, char *, struct list_head *);
> int smk_access(struct smack_known *, char *, int, struct smk_audit_info *);
> +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *);
> int smk_curacc(char *, u32, struct smk_audit_info *);
> struct smack_known *smack_from_secid(const u32);
> char *smk_parse_smack(const char *string, int len);
> diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
> index 14293cd..f161deb 100644
> --- a/security/smack/smack_access.c
> +++ b/security/smack/smack_access.c
> @@ -192,20 +192,21 @@ out_audit:
> }
>
> /**
> - * smk_curacc - determine if current has a specific access to an object
> + * smk_tskacc - determine if a task has a specific access to an object
> + * @tsp: a pointer to the subject task
> * @obj_label: a pointer to the object's Smack label
> * @mode: the access requested, in "MAY" format
> * @a : common audit data
> *
> - * This function checks the current subject label/object label pair
> + * This function checks the subject task's label/object label pair
> * in the access rule list and returns 0 if the access is permitted,
> - * non zero otherwise. It allows that current may have the capability
> + * non zero otherwise. It allows that the task may have the capability
> * to override the rules.
> */
> -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
> +int smk_tskacc(struct task_smack *subject, char *obj_label,
> + u32 mode, struct smk_audit_info *a)
> {
> - struct task_smack *tsp = current_security();
> - struct smack_known *skp = smk_of_task(tsp);
> + struct smack_known *skp = smk_of_task(subject);
> int may;
> int rc;
>
> @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
> * it can further restrict access.
> */
> may = smk_access_entry(skp->smk_known, obj_label,
> - &tsp->smk_rules);
> + &subject->smk_rules);
> if (may < 0)
> goto out_audit;
> if ((mode & may) == mode)
> @@ -241,6 +242,24 @@ out_audit:
> return rc;
> }
>
> +/**
> + * smk_curacc - determine if current has a specific access to an object
> + * @obj_label: a pointer to the object's Smack label
> + * @mode: the access requested, in "MAY" format
> + * @a : common audit data
> + *
> + * This function checks the current subject label/object label pair
> + * in the access rule list and returns 0 if the access is permitted,
> + * non zero otherwise. It allows that current may have the capability
> + * to override the rules.
> + */
> +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
> +{
> + struct task_smack *tsp = current_security();
> +
> + return smk_tskacc(tsp, obj_label, mode, a);
> +}
> +
> #ifdef CONFIG_AUDIT
> /**
> * smack_str_from_perm : helper to transalate an int to a
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index d814e35..48d61f6 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
> if (rc != 0)
> return rc;
>
> - skp = smk_of_task(task_security(ptp));
> + skp = smk_of_task(current_security());
> smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
> smk_ad_setfield_u_tsk(&ad, ptp);
>
> - rc = smk_curacc(skp->smk_known, MAY_READWRITE, &ad);
> + rc = smk_tskacc(ptp, skp->smk_known, MAY_READWRITE, &ad);
> return rc;
> }
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists