From: Chris Wright <chrisw@osdl.org>
To: "Jack O'Quin" <joq@io.com>
Cc: Chris Wright <chrisw@osdl.org>, Lee Revell <rlrevell@joe-job.com>,
Andrew Morton <akpm@osdl.org>,
Jody McIntyre <realtime-lsm@modernduck.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
torbenh@gmx.de
Subject: Re: [PATCH] Realtime LSM
Date: Sat, 9 Oct 2004 15:53:39 -0700 [thread overview]
Message-ID: <20041009155339.Y2357@build.pdx.osdl.net> (raw)
In-Reply-To: <878yafbpsj.fsf@sulphur.joq.us>; from joq@io.com on Sat, Oct 09, 2004 at 03:27:24PM -0500
* Jack O'Quin (joq@io.com) wrote:
> Chris Wright <chrisw@osdl.org> writes:
> > The egid makes a setgid-audio program be meaningful as well.
>
> That works already, because we test the e_gid from the bprm structure,
> right? Is that redundant?
You're right. It's not quite redundant, because current->egid test is
before current->egid would be reset on setgid (happens in apply_creds).
Using apply_creds actually makes a bit more sense here, and simplifies
things a touch.
- use apply_creds and update gid_ok accordingly
- only upgrade cap_effective
- less generic variable names
- s/any/rt_any/
- s/gid/rt_gid/
- s/mlock/rt_mlock/
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
--- security/realtime.c~in_egroup 2004-10-08 22:17:23.499153832 -0700
+++ security/realtime.c 2004-10-09 15:49:38.048243488 -0700
@@ -45,34 +45,37 @@
* each is referenced only once in each function call. Nothing
* depends on parameters having the same value every time.
*/
-static int any; /* if TRUE, any process is realtime */
-module_param(any, int, 0644);
+
+/* if TRUE, any process is realtime */
+static int rt_any;
+module_param_named(any, rt_any, int, 0644);
MODULE_PARM_DESC(any, " grant realtime privileges to any process.");
-static int gid = -1; /* realtime group id, or NO_GROUP */
-module_param(gid, int, 0644);
+/* realtime group id, or NO_GROUP */
+static int rt_gid = -1;
+module_param_named(gid, rt_gid, int, 0644);
MODULE_PARM_DESC(gid, " the group ID with access to realtime privileges.");
-static int mlock = 1; /* enable mlock() privileges */
-module_param(mlock, int, 0644);
+/* enable mlock() privileges */
+static int rt_mlock = 1;
+module_param_named(mlock, rt_mlock, int, 0644);
MODULE_PARM_DESC(mlock, " enable memory locking privileges.");
/* helper function for testing group membership */
-static inline int gid_ok(int gid, int e_gid)
+static inline int gid_ok(int gid)
{
if (gid == -1)
return 0;
- if ((gid == e_gid) || (gid == current->gid))
+ if (gid == current->gid)
return 1;
return in_egroup_p(gid);
}
-static int realtime_bprm_set_security(struct linux_binprm *bprm)
+static void realtime_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
{
-
- cap_bprm_set_security(bprm);
+ cap_bprm_apply_creds(bprm, unsafe);
/* If a non-zero `any' parameter was specified, we grant
* realtime privileges to every process. If the `gid'
@@ -81,17 +84,13 @@
* groups, we grant realtime capabilites.
*/
- if (any || gid_ok(gid, bprm->e_gid)) {
- cap_raise(bprm->cap_effective, CAP_SYS_NICE);
- cap_raise(bprm->cap_permitted, CAP_SYS_NICE);
- if (mlock) {
- cap_raise(bprm->cap_effective, CAP_IPC_LOCK);
- cap_raise(bprm->cap_permitted, CAP_IPC_LOCK);
- cap_raise(bprm->cap_effective, CAP_SYS_RESOURCE);
- cap_raise(bprm->cap_permitted, CAP_SYS_RESOURCE);
+ if (rt_any || gid_ok(rt_gid)) {
+ cap_raise(current->cap_effective, CAP_SYS_NICE);
+ if (rt_mlock) {
+ cap_raise(current->cap_effective, CAP_IPC_LOCK);
+ cap_raise(current->cap_effective, CAP_SYS_RESOURCE);
}
}
- return 0;
}
static struct security_operations capability_ops = {
@@ -102,8 +101,8 @@
.capable = cap_capable,
.netlink_send = cap_netlink_send,
.netlink_recv = cap_netlink_recv,
- .bprm_apply_creds = cap_bprm_apply_creds,
- .bprm_set_security = realtime_bprm_set_security,
+ .bprm_apply_creds = realtime_bprm_apply_creds,
+ .bprm_set_security = cap_bprm_set_security,
.bprm_secureexec = cap_bprm_secureexec,
.task_post_setuid = cap_task_post_setuid,
.task_reparent_to_init = cap_task_reparent_to_init,
@@ -117,14 +116,14 @@
{
{ .ctl_name = 1,
.procname = "any",
- .data = &any,
+ .data = &rt_any,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
},
{ .ctl_name = 2,
.procname = "gid",
- .data = &gid,
+ .data = &rt_gid,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec_minmax,
@@ -133,7 +132,7 @@
},
{ .ctl_name = 3,
.procname = "mlock",
- .data = &mlock,
+ .data = &rt_mlock,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec,
@@ -205,15 +204,15 @@
return -ENOMEM;
}
- if (any)
+ if (rt_any)
printk(KERN_INFO RT_LSM
- "initialized (all groups, mlock=%d)\n", mlock);
- else if (gid == -1)
+ "initialized (all groups, mlock=%d)\n", rt_mlock);
+ else if (rt_gid == -1)
printk(KERN_INFO RT_LSM
- "initialized (no groups, mlock=%d)\n", mlock);
+ "initialized (no groups, mlock=%d)\n", rt_mlock);
else
printk(KERN_INFO RT_LSM
- "initialized (group %d, mlock=%d)\n", gid, mlock);
+ "initialized (group %d, mlock=%d)\n", rt_gid, rt_mlock);
return 0;
}
next prev parent reply other threads:[~2004-10-09 22:53 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-12 5:46 [PATCH] Realtime LSM Lee Revell
2004-09-12 13:58 ` James Morris
2004-09-12 14:05 ` James Morris
2004-09-12 19:03 ` Lee Revell
2004-09-12 19:16 ` Jack O'Quin
2004-09-16 2:31 ` Jody McIntyre
2004-09-16 4:48 ` Jack O'Quin
2004-09-16 15:51 ` Jody McIntyre
2004-09-16 18:27 ` Jack O'Quin
2004-09-17 7:08 ` torbenh
2004-09-17 20:01 ` Jack O'Quin
2004-09-20 20:20 ` Jody McIntyre
2004-09-12 15:50 ` Kronos
2004-09-13 23:22 ` Lee Revell
2004-09-13 23:34 ` Chris Wright
2004-09-14 2:18 ` Lee Revell
2004-09-14 3:01 ` William Lee Irwin III
2004-09-14 3:46 ` Lee Revell
2004-09-14 3:50 ` William Lee Irwin III
2004-09-20 20:23 ` Jody McIntyre
2004-09-21 0:11 ` Jack O'Quin
2004-09-21 7:52 ` torbenh
2004-09-30 21:14 ` Jody McIntyre
2004-09-30 21:53 ` Lee Revell
2004-10-01 0:37 ` Jack O'Quin
2004-10-01 1:20 ` Chris Wright
2004-10-01 4:05 ` Jack O'Quin
2004-10-01 20:40 ` Lee Revell
2004-10-01 21:23 ` Chris Wright
2004-10-01 22:19 ` Lee Revell
2004-10-01 22:27 ` Chris Wright
2004-10-01 22:32 ` Lee Revell
2004-10-01 22:44 ` Chris Wright
2004-10-05 5:55 ` Jack O'Quin
2004-10-07 23:51 ` Lee Revell
2004-10-08 20:58 ` Lee Revell
2004-10-08 21:21 ` Andrew Morton
2004-10-08 21:22 ` Lee Revell
2004-10-08 21:25 ` Lee Revell
2004-10-08 21:45 ` Chris Wright
2004-10-08 21:49 ` Lee Revell
2004-10-08 21:52 ` Chris Wright
2004-10-08 22:05 ` Lee Revell
2004-10-08 22:09 ` Chris Wright
2004-10-08 22:19 ` Chris Wright
2004-10-08 22:24 ` Chris Wright
2004-10-08 23:05 ` Lee Revell
2004-10-08 23:12 ` Chris Wright
2004-10-08 23:15 ` Lee Revell
2004-10-08 23:20 ` Chris Wright
2004-10-09 1:01 ` Jack O'Quin
2004-10-09 5:16 ` Chris Wright
2004-10-09 16:16 ` Jack O'Quin
2004-10-09 19:11 ` Chris Wright
2004-10-09 20:27 ` Jack O'Quin
2004-10-09 22:53 ` Chris Wright [this message]
2004-10-22 23:59 ` Jack O'Quin
2004-10-23 0:36 ` Lee Revell
2004-10-23 1:23 ` Jack O'Quin
2004-10-23 1:27 ` Lee Revell
2004-10-23 5:08 ` Jack O'Quin
2004-10-23 18:17 ` Jack O'Quin
2004-10-25 2:03 ` Jack O'Quin
2004-10-23 20:04 ` Chris Wright
2004-10-05 4:00 ` Jack O'Quin
2004-10-15 1:55 ` Rusty Russell
2004-10-15 2:08 ` Lee Revell
[not found] <87acu0p0nw.fsf@sulphur.joq.us>
2004-11-09 22:39 ` Jack O'Quin
2004-11-20 2:44 ` Lee Revell
2004-11-20 3:55 ` Lee Revell
2004-11-20 6:19 ` Jack O'Quin
2004-11-20 6:43 ` Lee Revell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041009155339.Y2357@build.pdx.osdl.net \
--to=chrisw@osdl.org \
--cc=akpm@osdl.org \
--cc=joq@io.com \
--cc=linux-kernel@vger.kernel.org \
--cc=realtime-lsm@modernduck.com \
--cc=rlrevell@joe-job.com \
--cc=torbenh@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox