Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
"Highlights:
IMA:
- provide ">" and "<" operators for fowner/uid/euid rules
KEYS:
- add a system blacklist keyring
- add KEYCTL_RESTRICT_KEYRING, exposes keyring link restriction
functionality to userland via keyctl()
LSM:
- harden LSM API with __ro_after_init
- add prlmit security hook, implement for SELinux
- revive security_task_alloc hook
TPM:
- implement contextual TPM command 'spaces'"
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (98 commits)
tpm: Fix reference count to main device
tpm_tis: convert to using locality callbacks
tpm: fix handling of the TPM 2.0 event logs
tpm_crb: remove a cruft constant
keys: select CONFIG_CRYPTO when selecting DH / KDF
apparmor: Make path_max parameter readonly
apparmor: fix parameters so that the permission test is bypassed at boot
apparmor: fix invalid reference to index variable of iterator line 836
apparmor: use SHASH_DESC_ON_STACK
security/apparmor/lsm.c: set debug messages
apparmor: fix boolreturn.cocci warnings
Smack: Use GFP_KERNEL for smk_netlbl_mls().
smack: fix double free in smack_parse_opts_str()
KEYS: add SP800-56A KDF support for DH
KEYS: Keyring asymmetric key restrict method with chaining
KEYS: Restrict asymmetric key linkage using a specific keychain
KEYS: Add a lookup_restriction function for the asymmetric key type
KEYS: Add KEYCTL_RESTRICT_KEYRING
KEYS: Consistent ordering for __key_link_begin and restrict check
KEYS: Add an optional lookup_restriction hook to key_type
...
This commit is contained in:
+6
-1
@@ -1681,9 +1681,12 @@ static __latent_entropy struct task_struct *copy_process(
|
||||
goto bad_fork_cleanup_perf;
|
||||
/* copy all the process information */
|
||||
shm_init_task(p);
|
||||
retval = copy_semundo(clone_flags, p);
|
||||
retval = security_task_alloc(p, clone_flags);
|
||||
if (retval)
|
||||
goto bad_fork_cleanup_audit;
|
||||
retval = copy_semundo(clone_flags, p);
|
||||
if (retval)
|
||||
goto bad_fork_cleanup_security;
|
||||
retval = copy_files(clone_flags, p);
|
||||
if (retval)
|
||||
goto bad_fork_cleanup_semundo;
|
||||
@@ -1907,6 +1910,8 @@ bad_fork_cleanup_files:
|
||||
exit_files(p); /* blocking */
|
||||
bad_fork_cleanup_semundo:
|
||||
exit_sem(p);
|
||||
bad_fork_cleanup_security:
|
||||
security_task_free(p);
|
||||
bad_fork_cleanup_audit:
|
||||
audit_free(p);
|
||||
bad_fork_cleanup_perf:
|
||||
|
||||
+18
-12
@@ -1432,25 +1432,26 @@ out:
|
||||
}
|
||||
|
||||
/* rcu lock must be held */
|
||||
static int check_prlimit_permission(struct task_struct *task)
|
||||
static int check_prlimit_permission(struct task_struct *task,
|
||||
unsigned int flags)
|
||||
{
|
||||
const struct cred *cred = current_cred(), *tcred;
|
||||
bool id_match;
|
||||
|
||||
if (current == task)
|
||||
return 0;
|
||||
|
||||
tcred = __task_cred(task);
|
||||
if (uid_eq(cred->uid, tcred->euid) &&
|
||||
uid_eq(cred->uid, tcred->suid) &&
|
||||
uid_eq(cred->uid, tcred->uid) &&
|
||||
gid_eq(cred->gid, tcred->egid) &&
|
||||
gid_eq(cred->gid, tcred->sgid) &&
|
||||
gid_eq(cred->gid, tcred->gid))
|
||||
return 0;
|
||||
if (ns_capable(tcred->user_ns, CAP_SYS_RESOURCE))
|
||||
return 0;
|
||||
id_match = (uid_eq(cred->uid, tcred->euid) &&
|
||||
uid_eq(cred->uid, tcred->suid) &&
|
||||
uid_eq(cred->uid, tcred->uid) &&
|
||||
gid_eq(cred->gid, tcred->egid) &&
|
||||
gid_eq(cred->gid, tcred->sgid) &&
|
||||
gid_eq(cred->gid, tcred->gid));
|
||||
if (!id_match && !ns_capable(tcred->user_ns, CAP_SYS_RESOURCE))
|
||||
return -EPERM;
|
||||
|
||||
return -EPERM;
|
||||
return security_task_prlimit(cred, tcred, flags);
|
||||
}
|
||||
|
||||
SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource,
|
||||
@@ -1460,12 +1461,17 @@ SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource,
|
||||
struct rlimit64 old64, new64;
|
||||
struct rlimit old, new;
|
||||
struct task_struct *tsk;
|
||||
unsigned int checkflags = 0;
|
||||
int ret;
|
||||
|
||||
if (old_rlim)
|
||||
checkflags |= LSM_PRLIMIT_READ;
|
||||
|
||||
if (new_rlim) {
|
||||
if (copy_from_user(&new64, new_rlim, sizeof(new64)))
|
||||
return -EFAULT;
|
||||
rlim64_to_rlim(&new64, &new);
|
||||
checkflags |= LSM_PRLIMIT_WRITE;
|
||||
}
|
||||
|
||||
rcu_read_lock();
|
||||
@@ -1474,7 +1480,7 @@ SYSCALL_DEFINE4(prlimit64, pid_t, pid, unsigned int, resource,
|
||||
rcu_read_unlock();
|
||||
return -ESRCH;
|
||||
}
|
||||
ret = check_prlimit_permission(tsk);
|
||||
ret = check_prlimit_permission(tsk, checkflags);
|
||||
if (ret) {
|
||||
rcu_read_unlock();
|
||||
return ret;
|
||||
|
||||
Reference in New Issue
Block a user