diff options
author | Yannick GICQUEL <yannick.gicquel@iot.bzh> | 2015-10-19 15:57:07 +0200 |
---|---|---|
committer | Gerrit Code Review <gerrit@172.30.200.200> | 2015-11-06 15:23:36 +0000 |
commit | ede19ea0c47fb23f3fc779833d1e57cf76f3371e (patch) | |
tree | 47d6fae2283c54def1871aaf2a73828ac68b1b34 /meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0031-Smack-Verify-read-access-on-file-open-v3.patch | |
parent | 1cd8ab18abca96e4ee108f80225058d875b28347 (diff) |
kernel: smack security backport from kernel 4
Here is the backport of all patches relating to smack support
on kernel side. For more details, see file:
meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/README
Please note that patches are applied only if "smack" is in the
ditro features. Here are the 2 lines to add in the local.conf
OVERRIDES .= ":smack"
DISTRO_FEATURES_append = " smack"
Change-Id: I147a3532aec531f977d6ec34c576261835711f1e
Signed-off-by: Yannick GICQUEL <yannick.gicquel@iot.bzh>
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0031-Smack-Verify-read-access-on-file-open-v3.patch')
-rw-r--r-- | meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0031-Smack-Verify-read-access-on-file-open-v3.patch | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0031-Smack-Verify-read-access-on-file-open-v3.patch b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0031-Smack-Verify-read-access-on-file-open-v3.patch new file mode 100644 index 0000000..8648539 --- /dev/null +++ b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0031-Smack-Verify-read-access-on-file-open-v3.patch @@ -0,0 +1,62 @@ +From cc70dd7060ebfe5ed72c88c6316d0e295ce081a9 Mon Sep 17 00:00:00 2001 +From: Casey Schaufler <casey@schaufler-ca.com> +Date: Mon, 21 Apr 2014 11:10:26 -0700 +Subject: [PATCH 31/54] Smack: Verify read access on file open - v3 + +Smack believes that many of the operatons that can +be performed on an open file descriptor are read operations. +The fstat and lseek system calls are examples. +An implication of this is that files shouldn't be open +if the task doesn't have read access even if it has +write access and the file is being opened write only. + +Targeted for git://git.gitorious.org/smack-next/kernel.git + +Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> +--- + security/smack/smack_lsm.c | 19 ++++++++++++++++--- + 1 file changed, 16 insertions(+), 3 deletions(-) + +diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c +index 21ef3a1..6776130 100644 +--- a/security/smack/smack_lsm.c ++++ b/security/smack/smack_lsm.c +@@ -1462,19 +1462,32 @@ static int smack_file_receive(struct file *file) + /** + * smack_file_open - Smack dentry open processing + * @file: the object +- * @cred: unused ++ * @cred: task credential + * + * Set the security blob in the file structure. ++ * Allow the open only if the task has read access. There are ++ * many read operations (e.g. fstat) that you can do with an ++ * fd even if you have the file open write-only. + * + * Returns 0 + */ + static int smack_file_open(struct file *file, const struct cred *cred) + { ++ struct task_smack *tsp = cred->security; + struct inode_smack *isp = file_inode(file)->i_security; ++ struct smk_audit_info ad; ++ int rc; + +- file->f_security = isp->smk_inode; ++ if (smack_privileged(CAP_MAC_OVERRIDE)) ++ return 0; + +- return 0; ++ smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); ++ smk_ad_setfield_u_fs_path(&ad, file->f_path); ++ rc = smk_access(tsp->smk_task, isp->smk_inode, MAY_READ, &ad); ++ if (rc == 0) ++ file->f_security = isp->smk_inode; ++ ++ return rc; + } + + /* +-- +2.1.4 + |