From: Chris Wright <chrisw@osdl.org>
To: "Jack O'Quin" <joq@io.com>
Cc: Chris Wright <chrisw@osdl.org>, Lee Revell <rlrevell@joe-job.com>,
Andrew Morton <akpm@osdl.org>,
Jody McIntyre <realtime-lsm@modernduck.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
torbenh@gmx.de
Subject: Re: [PATCH] Realtime LSM
Date: Sat, 9 Oct 2004 15:53:39 -0700 [thread overview]
Message-ID: <20041009155339.Y2357@build.pdx.osdl.net> (raw)
In-Reply-To: <878yafbpsj.fsf@sulphur.joq.us>; from joq@io.com on Sat, Oct 09, 2004 at 03:27:24PM -0500
* Jack O'Quin (joq@io.com) wrote:
> Chris Wright <chrisw@osdl.org> writes:
> > The egid makes a setgid-audio program be meaningful as well.
>
> That works already, because we test the e_gid from the bprm structure,
> right? Is that redundant?
You're right. It's not quite redundant, because current->egid test is
before current->egid would be reset on setgid (happens in apply_creds).
Using apply_creds actually makes a bit more sense here, and simplifies
things a touch.
- use apply_creds and update gid_ok accordingly
- only upgrade cap_effective
- less generic variable names
- s/any/rt_any/
- s/gid/rt_gid/
- s/mlock/rt_mlock/
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
--- security/realtime.c~in_egroup 2004-10-08 22:17:23.499153832 -0700
+++ security/realtime.c 2004-10-09 15:49:38.048243488 -0700
@@ -45,34 +45,37 @@
* each is referenced only once in each function call. Nothing
* depends on parameters having the same value every time.
*/
-static int any; /* if TRUE, any process is realtime */
-module_param(any, int, 0644);
+
+/* if TRUE, any process is realtime */
+static int rt_any;
+module_param_named(any, rt_any, int, 0644);
MODULE_PARM_DESC(any, " grant realtime privileges to any process.");
-static int gid = -1; /* realtime group id, or NO_GROUP */
-module_param(gid, int, 0644);
+/* realtime group id, or NO_GROUP */
+static int rt_gid = -1;
+module_param_named(gid, rt_gid, int, 0644);
MODULE_PARM_DESC(gid, " the group ID with access to realtime privileges.");
-static int mlock = 1; /* enable mlock() privileges */
-module_param(mlock, int, 0644);
+/* enable mlock() privileges */
+static int rt_mlock = 1;
+module_param_named(mlock, rt_mlock, int, 0644);
MODULE_PARM_DESC(mlock, " enable memory locking privileges.");
/* helper function for testing group membership */
-static inline int gid_ok(int gid, int e_gid)
+static inline int gid_ok(int gid)
{
if (gid == -1)
return 0;
- if ((gid == e_gid) || (gid == current->gid))
+ if (gid == current->gid)
return 1;
return in_egroup_p(gid);
}
-static int realtime_bprm_set_security(struct linux_binprm *bprm)
+static void realtime_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
{
-
- cap_bprm_set_security(bprm);
+ cap_bprm_apply_creds(bprm, unsafe);
/* If a non-zero `any' parameter was specified, we grant
* realtime privileges to every process. If the `gid'
@@ -81,17 +84,13 @@
* groups, we grant realtime capabilites.
*/
- if (any || gid_ok(gid, bprm->e_gid)) {
- cap_raise(bprm->cap_effective, CAP_SYS_NICE);
- cap_raise(bprm->cap_permitted, CAP_SYS_NICE);
- if (mlock) {
- cap_raise(bprm->cap_effective, CAP_IPC_LOCK);
- cap_raise(bprm->cap_permitted, CAP_IPC_LOCK);
- cap_raise(bprm->cap_effective, CAP_SYS_RESOURCE);
- cap_raise(bprm->cap_permitted, CAP_SYS_RESOURCE);
+ if (rt_any || gid_ok(rt_gid)) {
+ cap_raise(current->cap_effective, CAP_SYS_NICE);
+ if (rt_mlock) {
+ cap_raise(current->cap_effective, CAP_IPC_LOCK);
+ cap_raise(current->cap_effective, CAP_SYS_RESOURCE);
}
}
- return 0;
}
static struct security_operations capability_ops = {
@@ -102,8 +101,8 @@
.capable = cap_capable,
.netlink_send = cap_netlink_send,
.netlink_recv = cap_netlink_recv,
- .bprm_apply_creds = cap_bprm_apply_creds,
- .bprm_set_security = realtime_bprm_set_security,
+ .bprm_apply_creds = realtime_bprm_apply_creds,
+ .bprm_set_security = cap_bprm_set_security,
.bprm_secureexec = cap_bprm_secureexec,
.task_post_setuid = cap_task_post_setuid,
.task_reparent_to_init = cap_task_reparent_to_init,
@@ -117,14 +116,14 @@
{
{ .ctl_name = 1,
.procname = "any",
- .data = &any,
+ .data = &rt_any,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
},
{ .ctl_name = 2,
.procname = "gid",
- .data = &gid,
+ .data = &rt_gid,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_minmax,
@@ -133,7 +132,7 @@
},
{ .ctl_name = 3,
.procname = "mlock",
- .data = &mlock,
+ .data = &rt_mlock,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
@@ -205,15 +204,15 @@
return -ENOMEM;
}
- if (any)
+ if (rt_any)
printk(KERN_INFO RT_LSM
- "initialized (all groups, mlock=%d)\n", mlock);
- else if (gid == -1)
+ "initialized (all groups, mlock=%d)\n", rt_mlock);
+ else if (rt_gid == -1)
printk(KERN_INFO RT_LSM
- "initialized (no groups, mlock=%d)\n", mlock);
+ "initialized (no groups, mlock=%d)\n", rt_mlock);
else
printk(KERN_INFO RT_LSM
- "initialized (group %d, mlock=%d)\n", gid, mlock);
+ "initialized (group %d, mlock=%d)\n", rt_gid, rt_mlock);
return 0;
}
next prev parent reply other threads:[~2004-10-09 22:53 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-12 5:46 [PATCH] Realtime LSM Lee Revell
2004-09-12 13:58 ` James Morris
2004-09-12 14:05 ` James Morris
2004-09-12 19:03 ` Lee Revell
2004-09-12 19:16 ` Jack O'Quin
2004-09-16 2:31 ` Jody McIntyre
2004-09-16 4:48 ` Jack O'Quin
2004-09-16 15:51 ` Jody McIntyre
2004-09-16 18:27 ` Jack O'Quin
2004-09-17 7:08 ` torbenh
2004-09-17 20:01 ` Jack O'Quin
2004-09-20 20:20 ` Jody McIntyre
2004-09-12 15:50 ` Kronos
2004-09-13 23:22 ` Lee Revell
2004-09-13 23:34 ` Chris Wright
2004-09-14 2:18 ` Lee Revell
2004-09-14 3:01 ` William Lee Irwin III
2004-09-14 3:46 ` Lee Revell
2004-09-14 3:50 ` William Lee Irwin III
2004-09-20 20:23 ` Jody McIntyre
2004-09-21 0:11 ` Jack O'Quin
2004-09-21 7:52 ` torbenh
2004-09-30 21:14 ` Jody McIntyre
2004-09-30 21:53 ` Lee Revell
2004-10-01 0:37 ` Jack O'Quin
2004-10-01 1:20 ` Chris Wright
2004-10-01 4:05 ` Jack O'Quin
2004-10-01 20:40 ` Lee Revell
2004-10-01 21:23 ` Chris Wright
2004-10-01 22:19 ` Lee Revell
2004-10-01 22:27 ` Chris Wright
2004-10-01 22:32 ` Lee Revell
2004-10-01 22:44 ` Chris Wright
2004-10-05 5:55 ` Jack O'Quin
2004-10-07 23:51 ` Lee Revell
2004-10-08 20:58 ` Lee Revell
2004-10-08 21:21 ` Andrew Morton
2004-10-08 21:22 ` Lee Revell
2004-10-08 21:25 ` Lee Revell
2004-10-08 21:45 ` Chris Wright
2004-10-08 21:49 ` Lee Revell
2004-10-08 21:52 ` Chris Wright
2004-10-08 22:05 ` Lee Revell
2004-10-08 22:09 ` Chris Wright
2004-10-08 22:19 ` Chris Wright
2004-10-08 22:24 ` Chris Wright
2004-10-08 23:05 ` Lee Revell
2004-10-08 23:12 ` Chris Wright
2004-10-08 23:15 ` Lee Revell
2004-10-08 23:20 ` Chris Wright
2004-10-09 1:01 ` Jack O'Quin
2004-10-09 5:16 ` Chris Wright
2004-10-09 16:16 ` Jack O'Quin
2004-10-09 19:11 ` Chris Wright
2004-10-09 20:27 ` Jack O'Quin
2004-10-09 22:53 ` Chris Wright [this message]
2004-10-22 23:59 ` Jack O'Quin
2004-10-23 0:36 ` Lee Revell
2004-10-23 1:23 ` Jack O'Quin
2004-10-23 1:27 ` Lee Revell
2004-10-23 5:08 ` Jack O'Quin
2004-10-23 18:17 ` Jack O'Quin
2004-10-25 2:03 ` Jack O'Quin
2004-10-23 20:04 ` Chris Wright
2004-10-05 4:00 ` Jack O'Quin
2004-10-15 1:55 ` Rusty Russell
2004-10-15 2:08 ` Lee Revell
[not found] <87acu0p0nw.fsf@sulphur.joq.us>
2004-11-09 22:39 ` Jack O'Quin
2004-11-20 2:44 ` Lee Revell
2004-11-20 3:55 ` Lee Revell
2004-11-20 6:19 ` Jack O'Quin
2004-11-20 6:43 ` Lee Revell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041009155339.Y2357@build.pdx.osdl.net \
--to=chrisw@osdl.org \
--cc=akpm@osdl.org \
--cc=joq@io.com \
--cc=linux-kernel@vger.kernel.org \
--cc=realtime-lsm@modernduck.com \
--cc=rlrevell@joe-job.com \
--cc=torbenh@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.