From: Peter Moody <pmoody@google.com>
To: linux-security-module@vger.kernel.org
Cc: brandon.carpenter@pnnl.gov, casey@schaufler-ca.com,
netdev@vger.kernel.org, Peter Moody <pmoody@google.com>
Subject: [PATCH 1/2] security: create task_post_create callback.
Date: Thu, 31 Jul 2014 18:21:39 -0700 [thread overview]
Message-ID: <1406856100-21674-2-git-send-email-pmoody@google.com> (raw)
In-Reply-To: <1406856100-21674-1-git-send-email-pmoody@google.com>
The current LSM framework doesn't have a mechanism for accessing
a task after it's been created but before it's been started. This
patch adds a task_post_create callback so an LSM can access a newly
created task before it has actually started running.
Signed-off-by: Peter Moody <pmoody@google.com>
---
include/linux/security.h | 8 ++++++++
kernel/fork.c | 1 +
security/capability.c | 5 +++++
security/security.c | 5 +++++
4 files changed, 19 insertions(+)
diff --git a/include/linux/security.h b/include/linux/security.h
index 623f90e..58abf3b 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -668,6 +668,9 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
* manual page for definitions of the @clone_flags.
* @clone_flags contains the flags indicating what should be shared.
* Return 0 if permission is granted.
+ * @task_post_create:
+ * This hook allows a module to update or allocate a per-task security
+ * structure.
* @task_free:
* @task task being freed
* Handle release of task-related resources. (Note that this can be called
@@ -1566,6 +1569,7 @@ struct security_operations {
int (*file_open) (struct file *file, const struct cred *cred);
int (*task_create) (unsigned long clone_flags);
+ void (*task_post_create)(struct task_struct *task);
void (*task_free) (struct task_struct *task);
int (*cred_alloc_blank) (struct cred *cred, gfp_t gfp);
void (*cred_free) (struct cred *cred);
@@ -1840,6 +1844,7 @@ int security_file_send_sigiotask(struct task_struct *tsk,
int security_file_receive(struct file *file);
int security_file_open(struct file *file, const struct cred *cred);
int security_task_create(unsigned long clone_flags);
+void security_task_post_create(struct task_struct *task);
void security_task_free(struct task_struct *task);
int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
void security_cred_free(struct cred *cred);
@@ -2340,6 +2345,9 @@ static inline int security_task_create(unsigned long clone_flags)
return 0;
}
+static inline void security_task_post_create(struct task_struct *task)
+{ }
+
static inline void security_task_free(struct task_struct *task)
{ }
diff --git a/kernel/fork.c b/kernel/fork.c
index ed4bc33..d6cca1c 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1657,6 +1657,7 @@ long do_fork(unsigned long clone_flags,
struct completion vfork;
struct pid *pid;
+ security_task_post_create(p);
trace_sched_process_fork(current, p);
pid = get_task_pid(p, PIDTYPE_PID);
diff --git a/security/capability.c b/security/capability.c
index a74fde6..14d882f 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -369,6 +369,10 @@ static int cap_task_create(unsigned long clone_flags)
return 0;
}
+static void cap_task_post_create(struct task_struct *task)
+{
+}
+
static void cap_task_free(struct task_struct *task)
{
}
@@ -1013,6 +1017,7 @@ void __init security_fixup_ops(struct security_operations *ops)
set_to_cap_if_null(ops, file_receive);
set_to_cap_if_null(ops, file_open);
set_to_cap_if_null(ops, task_create);
+ set_to_cap_if_null(ops, task_post_create);
set_to_cap_if_null(ops, task_free);
set_to_cap_if_null(ops, cred_alloc_blank);
set_to_cap_if_null(ops, cred_free);
diff --git a/security/security.c b/security/security.c
index e41b1a8..42a7ec8 100644
--- a/security/security.c
+++ b/security/security.c
@@ -807,6 +807,11 @@ int security_task_create(unsigned long clone_flags)
return security_ops->task_create(clone_flags);
}
+void security_task_post_create(struct task_struct *task)
+{
+ security_ops->task_post_create(task);
+}
+
void security_task_free(struct task_struct *task)
{
#ifdef CONFIG_SECURITY_YAMA_STACKED
--
2.0.0.526.g5318336
next prev parent reply other threads:[~2014-08-01 1:21 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-01 1:21 [PATCH v2 0/2] RFC, aiding pid/network correlation Peter Moody
2014-08-01 1:21 ` Peter Moody [this message]
2014-08-01 1:21 ` [PATCH 2/2] security: Hone LSM Peter Moody
2014-08-01 12:16 ` [PATCH v2 0/2] RFC, aiding pid/network correlation Samir Bellabes
2014-08-01 17:22 ` Peter Moody
2014-08-02 0:30 ` Samir Bellabes
2014-08-02 15:05 ` Peter Moody
2014-08-02 4:55 ` Alex Elsayed
2014-08-03 1:34 ` Peter Moody
2014-08-03 1:49 ` Alex Elsayed
2014-08-03 2:19 ` Peter Moody
2014-08-03 2:28 ` Alex Elsayed
2014-08-03 2:38 ` Peter Moody
2014-08-03 2:41 ` Alex Elsayed
2014-08-03 2:47 ` Alex Elsayed
2014-08-03 3:14 ` Peter Moody
2014-08-03 3:41 ` Alex Elsayed
2014-08-03 21:57 ` Peter Moody
2014-08-03 22:18 ` Alex Elsayed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1406856100-21674-2-git-send-email-pmoody@google.com \
--to=pmoody@google.com \
--cc=brandon.carpenter@pnnl.gov \
--cc=casey@schaufler-ca.com \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).