aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds2012-01-14 20:36:33 -0600
committerLinus Torvalds2012-01-14 20:36:33 -0600
commitc49c41a4134679cecb77362e7f6b59acb6320aa7 (patch)
tree45e690c036ca5846a48c8be67945d1d841b2d96d /security/commoncap.c
parent892d208bcf79e4e1058707786a7b6d486697cd78 (diff)
parentf423e5ba76e7e4a6fcb4836b4f072d1fdebba8b5 (diff)
downloadam43-linux-kernel-c49c41a4134679cecb77362e7f6b59acb6320aa7.tar.gz
am43-linux-kernel-c49c41a4134679cecb77362e7f6b59acb6320aa7.tar.xz
am43-linux-kernel-c49c41a4134679cecb77362e7f6b59acb6320aa7.zip
Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security
* 'for-linus' of git://selinuxproject.org/~jmorris/linux-security: capabilities: remove __cap_full_set definition security: remove the security_netlink_recv hook as it is equivalent to capable() ptrace: do not audit capability check when outputing /proc/pid/stat capabilities: remove task_ns_* functions capabitlies: ns_capable can use the cap helpers rather than lsm call capabilities: style only - move capable below ns_capable capabilites: introduce new has_ns_capabilities_noaudit capabilities: call has_ns_capability from has_capability capabilities: remove all _real_ interfaces capabilities: introduce security_capable_noaudit capabilities: reverse arguments to security_capable capabilities: remove the task from capable LSM hook entirely selinux: sparse fix: fix several warnings in the security server cod selinux: sparse fix: fix warnings in netlink code selinux: sparse fix: eliminate warnings for selinuxfs selinux: sparse fix: declare selinux_disable() in security.h selinux: sparse fix: move selinux_complete_init selinux: sparse fix: make selinux_secmark_refcount static SELinux: Fix RCU deref check warning in sel_netport_insert() Manually fix up a semantic mis-merge wrt security_netlink_recv(): - the interface was removed in commit fd7784615248 ("security: remove the security_netlink_recv hook as it is equivalent to capable()") - a new user of it appeared in commit a38f7907b926 ("crypto: Add userspace configuration API") causing no automatic merge conflict, but Eric Paris pointed out the issue.
Diffstat (limited to 'security/commoncap.c')
-rw-r--r--security/commoncap.c24
1 files changed, 7 insertions, 17 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index ee4f8486e5f..7ce191ea29a 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -56,17 +56,8 @@ int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
56 return 0; 56 return 0;
57} 57}
58 58
59int cap_netlink_recv(struct sk_buff *skb, int cap)
60{
61 if (!cap_raised(current_cap(), cap))
62 return -EPERM;
63 return 0;
64}
65EXPORT_SYMBOL(cap_netlink_recv);
66
67/** 59/**
68 * cap_capable - Determine whether a task has a particular effective capability 60 * cap_capable - Determine whether a task has a particular effective capability
69 * @tsk: The task to query
70 * @cred: The credentials to use 61 * @cred: The credentials to use
71 * @ns: The user namespace in which we need the capability 62 * @ns: The user namespace in which we need the capability
72 * @cap: The capability to check for 63 * @cap: The capability to check for
@@ -80,8 +71,8 @@ EXPORT_SYMBOL(cap_netlink_recv);
80 * cap_has_capability() returns 0 when a task has a capability, but the 71 * cap_has_capability() returns 0 when a task has a capability, but the
81 * kernel's capable() and has_capability() returns 1 for this case. 72 * kernel's capable() and has_capability() returns 1 for this case.
82 */ 73 */
83int cap_capable(struct task_struct *tsk, const struct cred *cred, 74int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,
84 struct user_namespace *targ_ns, int cap, int audit) 75 int cap, int audit)
85{ 76{
86 for (;;) { 77 for (;;) {
87 /* The creator of the user namespace has all caps. */ 78 /* The creator of the user namespace has all caps. */
@@ -222,9 +213,8 @@ static inline int cap_inh_is_capped(void)
222 /* they are so limited unless the current task has the CAP_SETPCAP 213 /* they are so limited unless the current task has the CAP_SETPCAP
223 * capability 214 * capability
224 */ 215 */
225 if (cap_capable(current, current_cred(), 216 if (cap_capable(current_cred(), current_cred()->user->user_ns,
226 current_cred()->user->user_ns, CAP_SETPCAP, 217 CAP_SETPCAP, SECURITY_CAP_AUDIT) == 0)
227 SECURITY_CAP_AUDIT) == 0)
228 return 0; 218 return 0;
229 return 1; 219 return 1;
230} 220}
@@ -874,7 +864,7 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
874 & (new->securebits ^ arg2)) /*[1]*/ 864 & (new->securebits ^ arg2)) /*[1]*/
875 || ((new->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/ 865 || ((new->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/
876 || (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/ 866 || (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/
877 || (cap_capable(current, current_cred(), 867 || (cap_capable(current_cred(),
878 current_cred()->user->user_ns, CAP_SETPCAP, 868 current_cred()->user->user_ns, CAP_SETPCAP,
879 SECURITY_CAP_AUDIT) != 0) /*[4]*/ 869 SECURITY_CAP_AUDIT) != 0) /*[4]*/
880 /* 870 /*
@@ -940,7 +930,7 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages)
940{ 930{
941 int cap_sys_admin = 0; 931 int cap_sys_admin = 0;
942 932
943 if (cap_capable(current, current_cred(), &init_user_ns, CAP_SYS_ADMIN, 933 if (cap_capable(current_cred(), &init_user_ns, CAP_SYS_ADMIN,
944 SECURITY_CAP_NOAUDIT) == 0) 934 SECURITY_CAP_NOAUDIT) == 0)
945 cap_sys_admin = 1; 935 cap_sys_admin = 1;
946 return __vm_enough_memory(mm, pages, cap_sys_admin); 936 return __vm_enough_memory(mm, pages, cap_sys_admin);
@@ -967,7 +957,7 @@ int cap_file_mmap(struct file *file, unsigned long reqprot,
967 int ret = 0; 957 int ret = 0;
968 958
969 if (addr < dac_mmap_min_addr) { 959 if (addr < dac_mmap_min_addr) {
970 ret = cap_capable(current, current_cred(), &init_user_ns, CAP_SYS_RAWIO, 960 ret = cap_capable(current_cred(), &init_user_ns, CAP_SYS_RAWIO,
971 SECURITY_CAP_AUDIT); 961 SECURITY_CAP_AUDIT);
972 /* set PF_SUPERPRIV if it turns out we allow the low mmap */ 962 /* set PF_SUPERPRIV if it turns out we allow the low mmap */
973 if (ret == 0) 963 if (ret == 0)