From: "Serge E. Hallyn" <serge.hallyn@canonical.com>
To: Chris Wright <chrisw@sous-sol.org>
Cc: linux-kernel@vger.kernel.org,
Jesse Barnes <jbarnes@virtuousgeek.org>,
Eric Paris <eparis@redhat.com>, Don Dutile <ddutile@redhat.com>,
James Morris <jmorris@namei.org>,
Serge Hallyn <serge.hallyn@canonical.com>,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 1/2] security: add cred argument to security_capable()
Date: Thu, 10 Feb 2011 07:43:13 -0600 [thread overview]
Message-ID: <20110210134313.GA3513@localhost> (raw)
In-Reply-To: <1297318312-14309-2-git-send-email-chrisw@sous-sol.org>
Quoting Chris Wright (chrisw@sous-sol.org):
> Expand security_capable() to include cred, so that it can be usable in a
> wider range of call sites.
>
> Cc: James Morris <jmorris@namei.org>
> Cc: Eric Paris <eparis@redhat.com>
> Cc: Serge Hallyn <serge.hallyn@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Thanks for cc:ing me, Chris.
Please do cc: me on any patches which exploit this. Sending
current_cred() is fine, but of course sending another cred
can be trickier. Additionally, it'll affect my userns patchset,
so I'd just like to keep abreast of what's happening.
thanks,
-serge
> Cc: linux-security-module@vger.kernel.org
> Signed-off-by: Chris Wright <chrisw@sous-sol.org>
> ---
>
> include/linux/security.h | 6 +++---
> kernel/capability.c | 2 +-
> security/security.c | 5 ++---
> 3 files changed, 6 insertions(+), 7 deletions(-)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index c642bb8..b2b7f97 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -1662,7 +1662,7 @@ int security_capset(struct cred *new, const struct cred *old,
> const kernel_cap_t *effective,
> const kernel_cap_t *inheritable,
> const kernel_cap_t *permitted);
> -int security_capable(int cap);
> +int security_capable(const struct cred *cred, int cap);
> int security_real_capable(struct task_struct *tsk, int cap);
> int security_real_capable_noaudit(struct task_struct *tsk, int cap);
> int security_sysctl(struct ctl_table *table, int op);
> @@ -1856,9 +1856,9 @@ static inline int security_capset(struct cred *new,
> return cap_capset(new, old, effective, inheritable, permitted);
> }
>
> -static inline int security_capable(int cap)
> +static inline int security_capable(const struct cred *cred, int cap)
> {
> - return cap_capable(current, current_cred(), cap, SECURITY_CAP_AUDIT);
> + return cap_capable(current, cred, cap, SECURITY_CAP_AUDIT);
> }
>
> static inline int security_real_capable(struct task_struct *tsk, int cap)
> diff --git a/kernel/capability.c b/kernel/capability.c
> index 2f05303..9e9385f 100644
> --- a/kernel/capability.c
> +++ b/kernel/capability.c
> @@ -306,7 +306,7 @@ int capable(int cap)
> BUG();
> }
>
> - if (security_capable(cap) == 0) {
> + if (security_capable(current_cred(), cap) == 0) {
> current->flags |= PF_SUPERPRIV;
> return 1;
> }
> diff --git a/security/security.c b/security/security.c
> index 739e403..7b7308a 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -154,10 +154,9 @@ int security_capset(struct cred *new, const struct cred *old,
> effective, inheritable, permitted);
> }
>
> -int security_capable(int cap)
> +int security_capable(const struct cred *cred, int cap)
> {
> - return security_ops->capable(current, current_cred(), cap,
> - SECURITY_CAP_AUDIT);
> + return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT);
> }
>
> int security_real_capable(struct task_struct *tsk, int cap)
> --
> 1.7.3.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2011-02-10 13:43 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-10 6:11 [PATCH 0/2] pci: refer to LSM when accessing device dependent config space Chris Wright
2011-02-10 6:11 ` [PATCH 1/2] security: add cred argument to security_capable() Chris Wright
2011-02-10 13:43 ` Serge E. Hallyn [this message]
2011-02-10 16:01 ` Casey Schaufler
2011-02-10 16:08 ` Chris Wright
2011-02-10 16:25 ` Casey Schaufler
2011-02-10 6:11 ` [PATCH 2/2] pci: use security_capable() when checking capablities during config space read Chris Wright
2011-02-10 8:23 ` James Morris
2011-02-10 23:58 ` [PATCH 2/2 v2] " Chris Wright
2011-02-14 17:14 ` Eric Paris
2011-03-04 18:25 ` Jesse Barnes
2011-02-11 7:01 ` [PATCH 0/2] pci: refer to LSM when accessing device dependent config space James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110210134313.GA3513@localhost \
--to=serge.hallyn@canonical.com \
--cc=chrisw@sous-sol.org \
--cc=ddutile@redhat.com \
--cc=eparis@redhat.com \
--cc=jbarnes@virtuousgeek.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox