Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()
On 3/11/2014 9:07 AM, Lukasz Pawelczyk wrote: > The order of subject/object is currently reversed in > smack_ptrace_traceme(). It is currently checked if the tracee has a > capability to trace tracer and according to this rule a decision is made > whether the tracer will be allowed to trace tracee. > > Signed-off-by: Lukasz Pawelczyk > Signed-off-by: Rafal Krypa Acked-by: Casey Schaufler Applied to git://git.gitorious.org/smack-next/kernel.git smack-for-3.16 > --- > security/smack/smack.h| 1 + > security/smack/smack_access.c | 33 ++--- > security/smack/smack_lsm.c| 4 ++-- > 3 files changed, 29 insertions(+), 9 deletions(-) > > diff --git a/security/smack/smack.h b/security/smack/smack.h > index d072fd3..b9dfc4e 100644 > --- a/security/smack/smack.h > +++ b/security/smack/smack.h > @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *); > */ > int smk_access_entry(char *, char *, struct list_head *); > int smk_access(struct smack_known *, char *, int, struct smk_audit_info *); > +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *); > int smk_curacc(char *, u32, struct smk_audit_info *); > struct smack_known *smack_from_secid(const u32); > char *smk_parse_smack(const char *string, int len); > diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c > index 14293cd..f161deb 100644 > --- a/security/smack/smack_access.c > +++ b/security/smack/smack_access.c > @@ -192,20 +192,21 @@ out_audit: > } > > /** > - * smk_curacc - determine if current has a specific access to an object > + * smk_tskacc - determine if a task has a specific access to an object > + * @tsp: a pointer to the subject task > * @obj_label: a pointer to the object's Smack label > * @mode: the access requested, in "MAY" format > * @a : common audit data > * > - * This function checks the current subject label/object label pair > + * This function checks the subject task's label/object label pair > * in the access rule list and returns 0 if the access is permitted, > - * non zero otherwise. It allows that current may have the capability > + * non zero otherwise. It allows that the task may have the capability > * to override the rules. > */ > -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) > +int smk_tskacc(struct task_smack *subject, char *obj_label, > +u32 mode, struct smk_audit_info *a) > { > - struct task_smack *tsp = current_security(); > - struct smack_known *skp = smk_of_task(tsp); > + struct smack_known *skp = smk_of_task(subject); > int may; > int rc; > > @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct > smk_audit_info *a) >* it can further restrict access. >*/ > may = smk_access_entry(skp->smk_known, obj_label, > - >smk_rules); > + >smk_rules); > if (may < 0) > goto out_audit; > if ((mode & may) == mode) > @@ -241,6 +242,24 @@ out_audit: > return rc; > } > > +/** > + * smk_curacc - determine if current has a specific access to an object > + * @obj_label: a pointer to the object's Smack label > + * @mode: the access requested, in "MAY" format > + * @a : common audit data > + * > + * This function checks the current subject label/object label pair > + * in the access rule list and returns 0 if the access is permitted, > + * non zero otherwise. It allows that current may have the capability > + * to override the rules. > + */ > +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) > +{ > + struct task_smack *tsp = current_security(); > + > + return smk_tskacc(tsp, obj_label, mode, a); > +} > + > #ifdef CONFIG_AUDIT > /** > * smack_str_from_perm : helper to transalate an int to a > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index d814e35..48d61f6 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp) > if (rc != 0) > return rc; > > - skp = smk_of_task(task_security(ptp)); > + skp = smk_of_task(current_security()); > smk_ad_init(, __func__, LSM_AUDIT_DATA_TASK); > smk_ad_setfield_u_tsk(, ptp); > > - rc = smk_curacc(skp->smk_known, MAY_READWRITE, ); > + rc = smk_tskacc(ptp, skp->smk_known, MAY_READWRITE, ); > return rc; > } > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()
On 3/11/2014 9:07 AM, Lukasz Pawelczyk wrote: The order of subject/object is currently reversed in smack_ptrace_traceme(). It is currently checked if the tracee has a capability to trace tracer and according to this rule a decision is made whether the tracer will be allowed to trace tracee. Signed-off-by: Lukasz Pawelczyk l.pawelc...@partner.samsung.com Signed-off-by: Rafal Krypa r.kr...@samsung.com Acked-by: Casey Schaufler ca...@schaufler-ca.com Applied to git://git.gitorious.org/smack-next/kernel.git smack-for-3.16 --- security/smack/smack.h| 1 + security/smack/smack_access.c | 33 ++--- security/smack/smack_lsm.c| 4 ++-- 3 files changed, 29 insertions(+), 9 deletions(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index d072fd3..b9dfc4e 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *); */ int smk_access_entry(char *, char *, struct list_head *); int smk_access(struct smack_known *, char *, int, struct smk_audit_info *); +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *); int smk_curacc(char *, u32, struct smk_audit_info *); struct smack_known *smack_from_secid(const u32); char *smk_parse_smack(const char *string, int len); diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 14293cd..f161deb 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c @@ -192,20 +192,21 @@ out_audit: } /** - * smk_curacc - determine if current has a specific access to an object + * smk_tskacc - determine if a task has a specific access to an object + * @tsp: a pointer to the subject task * @obj_label: a pointer to the object's Smack label * @mode: the access requested, in MAY format * @a : common audit data * - * This function checks the current subject label/object label pair + * This function checks the subject task's label/object label pair * in the access rule list and returns 0 if the access is permitted, - * non zero otherwise. It allows that current may have the capability + * non zero otherwise. It allows that the task may have the capability * to override the rules. */ -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) +int smk_tskacc(struct task_smack *subject, char *obj_label, +u32 mode, struct smk_audit_info *a) { - struct task_smack *tsp = current_security(); - struct smack_known *skp = smk_of_task(tsp); + struct smack_known *skp = smk_of_task(subject); int may; int rc; @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) * it can further restrict access. */ may = smk_access_entry(skp-smk_known, obj_label, - tsp-smk_rules); + subject-smk_rules); if (may 0) goto out_audit; if ((mode may) == mode) @@ -241,6 +242,24 @@ out_audit: return rc; } +/** + * smk_curacc - determine if current has a specific access to an object + * @obj_label: a pointer to the object's Smack label + * @mode: the access requested, in MAY format + * @a : common audit data + * + * This function checks the current subject label/object label pair + * in the access rule list and returns 0 if the access is permitted, + * non zero otherwise. It allows that current may have the capability + * to override the rules. + */ +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) +{ + struct task_smack *tsp = current_security(); + + return smk_tskacc(tsp, obj_label, mode, a); +} + #ifdef CONFIG_AUDIT /** * smack_str_from_perm : helper to transalate an int to a diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index d814e35..48d61f6 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp) if (rc != 0) return rc; - skp = smk_of_task(task_security(ptp)); + skp = smk_of_task(current_security()); smk_ad_init(ad, __func__, LSM_AUDIT_DATA_TASK); smk_ad_setfield_u_tsk(ad, ptp); - rc = smk_curacc(skp-smk_known, MAY_READWRITE, ad); + rc = smk_tskacc(ptp, skp-smk_known, MAY_READWRITE, ad); return rc; } -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()
The order of subject/object is currently reversed in smack_ptrace_traceme(). It is currently checked if the tracee has a capability to trace tracer and according to this rule a decision is made whether the tracer will be allowed to trace tracee. Signed-off-by: Lukasz Pawelczyk Signed-off-by: Rafal Krypa --- security/smack/smack.h| 1 + security/smack/smack_access.c | 33 ++--- security/smack/smack_lsm.c| 4 ++-- 3 files changed, 29 insertions(+), 9 deletions(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index d072fd3..b9dfc4e 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *); */ int smk_access_entry(char *, char *, struct list_head *); int smk_access(struct smack_known *, char *, int, struct smk_audit_info *); +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *); int smk_curacc(char *, u32, struct smk_audit_info *); struct smack_known *smack_from_secid(const u32); char *smk_parse_smack(const char *string, int len); diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 14293cd..f161deb 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c @@ -192,20 +192,21 @@ out_audit: } /** - * smk_curacc - determine if current has a specific access to an object + * smk_tskacc - determine if a task has a specific access to an object + * @tsp: a pointer to the subject task * @obj_label: a pointer to the object's Smack label * @mode: the access requested, in "MAY" format * @a : common audit data * - * This function checks the current subject label/object label pair + * This function checks the subject task's label/object label pair * in the access rule list and returns 0 if the access is permitted, - * non zero otherwise. It allows that current may have the capability + * non zero otherwise. It allows that the task may have the capability * to override the rules. */ -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) +int smk_tskacc(struct task_smack *subject, char *obj_label, + u32 mode, struct smk_audit_info *a) { - struct task_smack *tsp = current_security(); - struct smack_known *skp = smk_of_task(tsp); + struct smack_known *skp = smk_of_task(subject); int may; int rc; @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) * it can further restrict access. */ may = smk_access_entry(skp->smk_known, obj_label, - >smk_rules); + >smk_rules); if (may < 0) goto out_audit; if ((mode & may) == mode) @@ -241,6 +242,24 @@ out_audit: return rc; } +/** + * smk_curacc - determine if current has a specific access to an object + * @obj_label: a pointer to the object's Smack label + * @mode: the access requested, in "MAY" format + * @a : common audit data + * + * This function checks the current subject label/object label pair + * in the access rule list and returns 0 if the access is permitted, + * non zero otherwise. It allows that current may have the capability + * to override the rules. + */ +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) +{ + struct task_smack *tsp = current_security(); + + return smk_tskacc(tsp, obj_label, mode, a); +} + #ifdef CONFIG_AUDIT /** * smack_str_from_perm : helper to transalate an int to a diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index d814e35..48d61f6 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp) if (rc != 0) return rc; - skp = smk_of_task(task_security(ptp)); + skp = smk_of_task(current_security()); smk_ad_init(, __func__, LSM_AUDIT_DATA_TASK); smk_ad_setfield_u_tsk(, ptp); - rc = smk_curacc(skp->smk_known, MAY_READWRITE, ); + rc = smk_tskacc(ptp, skp->smk_known, MAY_READWRITE, ); return rc; } -- 1.8.5.3 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()
The order of subject/object is currently reversed in smack_ptrace_traceme(). It is currently checked if the tracee has a capability to trace tracer and according to this rule a decision is made whether the tracer will be allowed to trace tracee. Signed-off-by: Lukasz Pawelczyk l.pawelc...@partner.samsung.com Signed-off-by: Rafal Krypa r.kr...@samsung.com --- security/smack/smack.h| 1 + security/smack/smack_access.c | 33 ++--- security/smack/smack_lsm.c| 4 ++-- 3 files changed, 29 insertions(+), 9 deletions(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index d072fd3..b9dfc4e 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *); */ int smk_access_entry(char *, char *, struct list_head *); int smk_access(struct smack_known *, char *, int, struct smk_audit_info *); +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *); int smk_curacc(char *, u32, struct smk_audit_info *); struct smack_known *smack_from_secid(const u32); char *smk_parse_smack(const char *string, int len); diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 14293cd..f161deb 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c @@ -192,20 +192,21 @@ out_audit: } /** - * smk_curacc - determine if current has a specific access to an object + * smk_tskacc - determine if a task has a specific access to an object + * @tsp: a pointer to the subject task * @obj_label: a pointer to the object's Smack label * @mode: the access requested, in MAY format * @a : common audit data * - * This function checks the current subject label/object label pair + * This function checks the subject task's label/object label pair * in the access rule list and returns 0 if the access is permitted, - * non zero otherwise. It allows that current may have the capability + * non zero otherwise. It allows that the task may have the capability * to override the rules. */ -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) +int smk_tskacc(struct task_smack *subject, char *obj_label, + u32 mode, struct smk_audit_info *a) { - struct task_smack *tsp = current_security(); - struct smack_known *skp = smk_of_task(tsp); + struct smack_known *skp = smk_of_task(subject); int may; int rc; @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) * it can further restrict access. */ may = smk_access_entry(skp-smk_known, obj_label, - tsp-smk_rules); + subject-smk_rules); if (may 0) goto out_audit; if ((mode may) == mode) @@ -241,6 +242,24 @@ out_audit: return rc; } +/** + * smk_curacc - determine if current has a specific access to an object + * @obj_label: a pointer to the object's Smack label + * @mode: the access requested, in MAY format + * @a : common audit data + * + * This function checks the current subject label/object label pair + * in the access rule list and returns 0 if the access is permitted, + * non zero otherwise. It allows that current may have the capability + * to override the rules. + */ +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) +{ + struct task_smack *tsp = current_security(); + + return smk_tskacc(tsp, obj_label, mode, a); +} + #ifdef CONFIG_AUDIT /** * smack_str_from_perm : helper to transalate an int to a diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index d814e35..48d61f6 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp) if (rc != 0) return rc; - skp = smk_of_task(task_security(ptp)); + skp = smk_of_task(current_security()); smk_ad_init(ad, __func__, LSM_AUDIT_DATA_TASK); smk_ad_setfield_u_tsk(ad, ptp); - rc = smk_curacc(skp-smk_known, MAY_READWRITE, ad); + rc = smk_tskacc(ptp, skp-smk_known, MAY_READWRITE, ad); return rc; } -- 1.8.5.3 -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/