diff options
| author |   Jan-Simon Möller <jsmoeller@linuxfoundation.org> | 2017-01-06 01:26:50 +0100 |
|---|---|---|
| committer | Jan-Simon Möller <jsmoeller@linuxfoundation.org> | 2017-01-06 01:26:54 +0100 |
| commit | 667e9c254e97555cae75b95a91a0bed6741bf5f1 (patch) | |
| tree | be31a47399f51e159227abae8f55794d6f11db62 /meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch | |
| parent | 554f8d394c626d3a151127e67caddc3196e3ffc1 (diff) | |
Apply bluetooth/smack patches also to rpi kernel
This changeset patches the rpi with the needed changes to
allow bluetooth to work together with smack. The patches were
developed for porter and are a backport of patches submitted
for 4.10+ .
Bug-AGL: SPEC-293
Change-Id: I96d04a709de6ad7843840d9ae154f041173948a2
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Diffstat (limited to 'meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch')
| -rw-r--r-- | meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch new file mode 100644 index 000000000..a1eeac3d7 --- /dev/null +++ b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch @@ -0,0 +1,49 @@ +From c8bbb0f916de54610513e376070aea531af19dd6 Mon Sep 17 00:00:00 2001 +From: jooseong lee <jooseong.lee@samsung.com> +Date: Thu, 3 Nov 2016 10:55:43 +0100 +Subject: [PATCH 4/4] Smack: Assign smack_known_web label for kernel thread's +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Assign smack_known_web label for kernel thread's socket in the sk_alloc_security hook + +Creating struct sock by sk_alloc function in various kernel subsystems +like bluetooth dosen't call smack_socket_post_create(). In such case, +received sock label is the floor('_') label and makes access deny. + +Refers-to: https://review.tizen.org/gerrit/#/c/80717/4 + +Change-Id: I2e5c9359bfede84a988fd4d4d74cdb9dfdfc52d8 +Signed-off-by: jooseong lee <jooseong.lee@samsung.com> +Signed-off-by: José Bollo <jose.bollo@iot.bzh> +--- + security/smack/smack_lsm.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c +index cf8a93f..21651bc 100644 +--- a/security/smack/smack_lsm.c ++++ b/security/smack/smack_lsm.c +@@ -2321,8 +2321,16 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) + if (ssp == NULL) + return -ENOMEM; + +- ssp->smk_in = skp; +- ssp->smk_out = skp; ++ /* ++ * Sockets created by kernel threads receive web label. ++ */ ++ if (unlikely(current->flags & PF_KTHREAD)) { ++ ssp->smk_in = &smack_known_web; ++ ssp->smk_out = &smack_known_web; ++ } else { ++ ssp->smk_in = skp; ++ ssp->smk_out = skp; ++ } + ssp->smk_packet = NULL; + + sk->sk_security = ssp; +-- +2.7.4 + |