subject:"\[PATCH 1\/3\] Smack\: fix the subject\/object order in smack_ptrace

Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

2014-04-11 Thread Casey Schaufler

On 3/11/2014 9:07 AM, Lukasz Pawelczyk wrote:
> The order of subject/object is currently reversed in
> smack_ptrace_traceme(). It is currently checked if the tracee has a
> capability to trace tracer and according to this rule a decision is made
> whether the tracer will be allowed to trace tracee.
>
> Signed-off-by: Lukasz Pawelczyk 
> Signed-off-by: Rafal Krypa 

Acked-by: Casey Schaufler 

Applied to git://git.gitorious.org/smack-next/kernel.git smack-for-3.16

> ---
>  security/smack/smack.h|  1 +
>  security/smack/smack_access.c | 33 ++---
>  security/smack/smack_lsm.c|  4 ++--
>  3 files changed, 29 insertions(+), 9 deletions(-)
>
> diff --git a/security/smack/smack.h b/security/smack/smack.h
> index d072fd3..b9dfc4e 100644
> --- a/security/smack/smack.h
> +++ b/security/smack/smack.h
> @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *);
>   */
>  int smk_access_entry(char *, char *, struct list_head *);
>  int smk_access(struct smack_known *, char *, int, struct smk_audit_info *);
> +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *);
>  int smk_curacc(char *, u32, struct smk_audit_info *);
>  struct smack_known *smack_from_secid(const u32);
>  char *smk_parse_smack(const char *string, int len);
> diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
> index 14293cd..f161deb 100644
> --- a/security/smack/smack_access.c
> +++ b/security/smack/smack_access.c
> @@ -192,20 +192,21 @@ out_audit:
>  }
>  
>  /**
> - * smk_curacc - determine if current has a specific access to an object
> + * smk_tskacc - determine if a task has a specific access to an object
> + * @tsp: a pointer to the subject task
>   * @obj_label: a pointer to the object's Smack label
>   * @mode: the access requested, in "MAY" format
>   * @a : common audit data
>   *
> - * This function checks the current subject label/object label pair
> + * This function checks the subject task's label/object label pair
>   * in the access rule list and returns 0 if the access is permitted,
> - * non zero otherwise. It allows that current may have the capability
> + * non zero otherwise. It allows that the task may have the capability
>   * to override the rules.
>   */
> -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
> +int smk_tskacc(struct task_smack *subject, char *obj_label,
> +u32 mode, struct smk_audit_info *a)
>  {
> - struct task_smack *tsp = current_security();
> - struct smack_known *skp = smk_of_task(tsp);
> + struct smack_known *skp = smk_of_task(subject);
>   int may;
>   int rc;
>  
> @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct 
> smk_audit_info *a)
>* it can further restrict access.
>*/
>   may = smk_access_entry(skp->smk_known, obj_label,
> - >smk_rules);
> + >smk_rules);
>   if (may < 0)
>   goto out_audit;
>   if ((mode & may) == mode)
> @@ -241,6 +242,24 @@ out_audit:
>   return rc;
>  }
>  
> +/**
> + * smk_curacc - determine if current has a specific access to an object
> + * @obj_label: a pointer to the object's Smack label
> + * @mode: the access requested, in "MAY" format
> + * @a : common audit data
> + *
> + * This function checks the current subject label/object label pair
> + * in the access rule list and returns 0 if the access is permitted,
> + * non zero otherwise. It allows that current may have the capability
> + * to override the rules.
> + */
> +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
> +{
> + struct task_smack *tsp = current_security();
> +
> + return smk_tskacc(tsp, obj_label, mode, a);
> +}
> +
>  #ifdef CONFIG_AUDIT
>  /**
>   * smack_str_from_perm : helper to transalate an int to a
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index d814e35..48d61f6 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
>   if (rc != 0)
>   return rc;
>  
> - skp = smk_of_task(task_security(ptp));
> + skp = smk_of_task(current_security());
>   smk_ad_init(, __func__, LSM_AUDIT_DATA_TASK);
>   smk_ad_setfield_u_tsk(, ptp);
>  
> - rc = smk_curacc(skp->smk_known, MAY_READWRITE, );
> + rc = smk_tskacc(ptp, skp->smk_known, MAY_READWRITE, );
>   return rc;
>  }
>  

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

2014-04-11 Thread Casey Schaufler

On 3/11/2014 9:07 AM, Lukasz Pawelczyk wrote:
 The order of subject/object is currently reversed in
 smack_ptrace_traceme(). It is currently checked if the tracee has a
 capability to trace tracer and according to this rule a decision is made
 whether the tracer will be allowed to trace tracee.

 Signed-off-by: Lukasz Pawelczyk l.pawelc...@partner.samsung.com
 Signed-off-by: Rafal Krypa r.kr...@samsung.com

Acked-by: Casey Schaufler ca...@schaufler-ca.com

Applied to git://git.gitorious.org/smack-next/kernel.git smack-for-3.16

 ---
  security/smack/smack.h|  1 +
  security/smack/smack_access.c | 33 ++---
  security/smack/smack_lsm.c|  4 ++--
  3 files changed, 29 insertions(+), 9 deletions(-)

 diff --git a/security/smack/smack.h b/security/smack/smack.h
 index d072fd3..b9dfc4e 100644
 --- a/security/smack/smack.h
 +++ b/security/smack/smack.h
 @@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *);
   */
  int smk_access_entry(char *, char *, struct list_head *);
  int smk_access(struct smack_known *, char *, int, struct smk_audit_info *);
 +int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *);
  int smk_curacc(char *, u32, struct smk_audit_info *);
  struct smack_known *smack_from_secid(const u32);
  char *smk_parse_smack(const char *string, int len);
 diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
 index 14293cd..f161deb 100644
 --- a/security/smack/smack_access.c
 +++ b/security/smack/smack_access.c
 @@ -192,20 +192,21 @@ out_audit:
  }
  
  /**
 - * smk_curacc - determine if current has a specific access to an object
 + * smk_tskacc - determine if a task has a specific access to an object
 + * @tsp: a pointer to the subject task
   * @obj_label: a pointer to the object's Smack label
   * @mode: the access requested, in MAY format
   * @a : common audit data
   *
 - * This function checks the current subject label/object label pair
 + * This function checks the subject task's label/object label pair
   * in the access rule list and returns 0 if the access is permitted,
 - * non zero otherwise. It allows that current may have the capability
 + * non zero otherwise. It allows that the task may have the capability
   * to override the rules.
   */
 -int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
 +int smk_tskacc(struct task_smack *subject, char *obj_label,
 +u32 mode, struct smk_audit_info *a)
  {
 - struct task_smack *tsp = current_security();
 - struct smack_known *skp = smk_of_task(tsp);
 + struct smack_known *skp = smk_of_task(subject);
   int may;
   int rc;
  
 @@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct 
 smk_audit_info *a)
* it can further restrict access.
*/
   may = smk_access_entry(skp-smk_known, obj_label,
 - tsp-smk_rules);
 + subject-smk_rules);
   if (may  0)
   goto out_audit;
   if ((mode  may) == mode)
 @@ -241,6 +242,24 @@ out_audit:
   return rc;
  }
  
 +/**
 + * smk_curacc - determine if current has a specific access to an object
 + * @obj_label: a pointer to the object's Smack label
 + * @mode: the access requested, in MAY format
 + * @a : common audit data
 + *
 + * This function checks the current subject label/object label pair
 + * in the access rule list and returns 0 if the access is permitted,
 + * non zero otherwise. It allows that current may have the capability
 + * to override the rules.
 + */
 +int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
 +{
 + struct task_smack *tsp = current_security();
 +
 + return smk_tskacc(tsp, obj_label, mode, a);
 +}
 +
  #ifdef CONFIG_AUDIT
  /**
   * smack_str_from_perm : helper to transalate an int to a
 diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
 index d814e35..48d61f6 100644
 --- a/security/smack/smack_lsm.c
 +++ b/security/smack/smack_lsm.c
 @@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
   if (rc != 0)
   return rc;
  
 - skp = smk_of_task(task_security(ptp));
 + skp = smk_of_task(current_security());
   smk_ad_init(ad, __func__, LSM_AUDIT_DATA_TASK);
   smk_ad_setfield_u_tsk(ad, ptp);
  
 - rc = smk_curacc(skp-smk_known, MAY_READWRITE, ad);
 + rc = smk_tskacc(ptp, skp-smk_known, MAY_READWRITE, ad);
   return rc;
  }
  

--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

2014-03-11 Thread Lukasz Pawelczyk

The order of subject/object is currently reversed in
smack_ptrace_traceme(). It is currently checked if the tracee has a
capability to trace tracer and according to this rule a decision is made
whether the tracer will be allowed to trace tracee.

Signed-off-by: Lukasz Pawelczyk 
Signed-off-by: Rafal Krypa 
---
 security/smack/smack.h|  1 +
 security/smack/smack_access.c | 33 ++---
 security/smack/smack_lsm.c|  4 ++--
 3 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/security/smack/smack.h b/security/smack/smack.h
index d072fd3..b9dfc4e 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *);
  */
 int smk_access_entry(char *, char *, struct list_head *);
 int smk_access(struct smack_known *, char *, int, struct smk_audit_info *);
+int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *);
 int smk_curacc(char *, u32, struct smk_audit_info *);
 struct smack_known *smack_from_secid(const u32);
 char *smk_parse_smack(const char *string, int len);
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index 14293cd..f161deb 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -192,20 +192,21 @@ out_audit:
 }
 
 /**
- * smk_curacc - determine if current has a specific access to an object
+ * smk_tskacc - determine if a task has a specific access to an object
+ * @tsp: a pointer to the subject task
  * @obj_label: a pointer to the object's Smack label
  * @mode: the access requested, in "MAY" format
  * @a : common audit data
  *
- * This function checks the current subject label/object label pair
+ * This function checks the subject task's label/object label pair
  * in the access rule list and returns 0 if the access is permitted,
- * non zero otherwise. It allows that current may have the capability
+ * non zero otherwise. It allows that the task may have the capability
  * to override the rules.
  */
-int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
+int smk_tskacc(struct task_smack *subject, char *obj_label,
+  u32 mode, struct smk_audit_info *a)
 {
-   struct task_smack *tsp = current_security();
-   struct smack_known *skp = smk_of_task(tsp);
+   struct smack_known *skp = smk_of_task(subject);
int may;
int rc;
 
@@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct 
smk_audit_info *a)
 * it can further restrict access.
 */
may = smk_access_entry(skp->smk_known, obj_label,
-   >smk_rules);
+   >smk_rules);
if (may < 0)
goto out_audit;
if ((mode & may) == mode)
@@ -241,6 +242,24 @@ out_audit:
return rc;
 }
 
+/**
+ * smk_curacc - determine if current has a specific access to an object
+ * @obj_label: a pointer to the object's Smack label
+ * @mode: the access requested, in "MAY" format
+ * @a : common audit data
+ *
+ * This function checks the current subject label/object label pair
+ * in the access rule list and returns 0 if the access is permitted,
+ * non zero otherwise. It allows that current may have the capability
+ * to override the rules.
+ */
+int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
+{
+   struct task_smack *tsp = current_security();
+
+   return smk_tskacc(tsp, obj_label, mode, a);
+}
+
 #ifdef CONFIG_AUDIT
 /**
  * smack_str_from_perm : helper to transalate an int to a
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index d814e35..48d61f6 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
if (rc != 0)
return rc;
 
-   skp = smk_of_task(task_security(ptp));
+   skp = smk_of_task(current_security());
smk_ad_init(, __func__, LSM_AUDIT_DATA_TASK);
smk_ad_setfield_u_tsk(, ptp);
 
-   rc = smk_curacc(skp->smk_known, MAY_READWRITE, );
+   rc = smk_tskacc(ptp, skp->smk_known, MAY_READWRITE, );
return rc;
 }
 
-- 
1.8.5.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

2014-03-11 Thread Lukasz Pawelczyk

The order of subject/object is currently reversed in
smack_ptrace_traceme(). It is currently checked if the tracee has a
capability to trace tracer and according to this rule a decision is made
whether the tracer will be allowed to trace tracee.

Signed-off-by: Lukasz Pawelczyk l.pawelc...@partner.samsung.com
Signed-off-by: Rafal Krypa r.kr...@samsung.com
---
 security/smack/smack.h|  1 +
 security/smack/smack_access.c | 33 ++---
 security/smack/smack_lsm.c|  4 ++--
 3 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/security/smack/smack.h b/security/smack/smack.h
index d072fd3..b9dfc4e 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -225,6 +225,7 @@ struct inode_smack *new_inode_smack(char *);
  */
 int smk_access_entry(char *, char *, struct list_head *);
 int smk_access(struct smack_known *, char *, int, struct smk_audit_info *);
+int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *);
 int smk_curacc(char *, u32, struct smk_audit_info *);
 struct smack_known *smack_from_secid(const u32);
 char *smk_parse_smack(const char *string, int len);
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index 14293cd..f161deb 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -192,20 +192,21 @@ out_audit:
 }
 
 /**
- * smk_curacc - determine if current has a specific access to an object
+ * smk_tskacc - determine if a task has a specific access to an object
+ * @tsp: a pointer to the subject task
  * @obj_label: a pointer to the object's Smack label
  * @mode: the access requested, in MAY format
  * @a : common audit data
  *
- * This function checks the current subject label/object label pair
+ * This function checks the subject task's label/object label pair
  * in the access rule list and returns 0 if the access is permitted,
- * non zero otherwise. It allows that current may have the capability
+ * non zero otherwise. It allows that the task may have the capability
  * to override the rules.
  */
-int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
+int smk_tskacc(struct task_smack *subject, char *obj_label,
+  u32 mode, struct smk_audit_info *a)
 {
-   struct task_smack *tsp = current_security();
-   struct smack_known *skp = smk_of_task(tsp);
+   struct smack_known *skp = smk_of_task(subject);
int may;
int rc;
 
@@ -219,7 +220,7 @@ int smk_curacc(char *obj_label, u32 mode, struct 
smk_audit_info *a)
 * it can further restrict access.
 */
may = smk_access_entry(skp-smk_known, obj_label,
-   tsp-smk_rules);
+   subject-smk_rules);
if (may  0)
goto out_audit;
if ((mode  may) == mode)
@@ -241,6 +242,24 @@ out_audit:
return rc;
 }
 
+/**
+ * smk_curacc - determine if current has a specific access to an object
+ * @obj_label: a pointer to the object's Smack label
+ * @mode: the access requested, in MAY format
+ * @a : common audit data
+ *
+ * This function checks the current subject label/object label pair
+ * in the access rule list and returns 0 if the access is permitted,
+ * non zero otherwise. It allows that current may have the capability
+ * to override the rules.
+ */
+int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a)
+{
+   struct task_smack *tsp = current_security();
+
+   return smk_tskacc(tsp, obj_label, mode, a);
+}
+
 #ifdef CONFIG_AUDIT
 /**
  * smack_str_from_perm : helper to transalate an int to a
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index d814e35..48d61f6 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -207,11 +207,11 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
if (rc != 0)
return rc;
 
-   skp = smk_of_task(task_security(ptp));
+   skp = smk_of_task(current_security());
smk_ad_init(ad, __func__, LSM_AUDIT_DATA_TASK);
smk_ad_setfield_u_tsk(ad, ptp);
 
-   rc = smk_curacc(skp-smk_known, MAY_READWRITE, ad);
+   rc = smk_tskacc(ptp, skp-smk_known, MAY_READWRITE, ad);
return rc;
 }
 
-- 
1.8.5.3

--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

Re: [PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

[PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

[PATCH 1/3] Smack: fix the subject/object order in smack_ptrace_traceme()

4 matches

Site Navigation

Mail list logo

Footer information