I've attached a patch that addresses a few of my earlier comments and some other items. Specifically, it implements additional calls to the ptrace hook in the ptrace system call (in the non-TRACEME case) and for attempts to access /proc/PID/mem files. It also relocates the call to the setattr hook so that it is always invoked, even if the inode does not define its own setattr operation. It adds a s_security field to struct super_block for file system security attributes. Finally, it adds security.o to the export-objs in the kernel Makefile so that register_security and unregister_security are properly exported for modules. -- Stephen D. Smalley, NAI Labs ssmalleyat_private Index: arch/i386/kernel/ptrace.c =================================================================== RCS file: /cvs/lsm/lsm/arch/i386/kernel/ptrace.c,v retrieving revision 1.2 diff -u -r1.2 ptrace.c --- arch/i386/kernel/ptrace.c 2001/05/09 20:19:19 1.2 +++ arch/i386/kernel/ptrace.c 2001/05/09 20:25:06 @@ -167,6 +167,9 @@ if (pid == 1) /* you may not mess with init */ goto out_tsk; + if (security_ops->ptrace(current, child)) + goto out_tsk; + if (request == PTRACE_ATTACH) { if (child == current) goto out_tsk; Index: fs/attr.c =================================================================== RCS file: /cvs/lsm/lsm/fs/attr.c,v retrieving revision 1.2 diff -u -r1.2 attr.c --- fs/attr.c 2001/05/09 20:19:19 1.2 +++ fs/attr.c 2001/05/09 20:25:07 @@ -121,15 +121,17 @@ attr->ia_mtime = now; lock_kernel(); + error = security_ops->inode_ops->setattr(dentry, attr); + if (error) + goto unlock_and_out; if (inode->i_op && inode->i_op->setattr) { - error = security_ops->inode_ops->setattr(dentry, attr); - if (!error) - error = inode->i_op->setattr(dentry, attr); + error = inode->i_op->setattr(dentry, attr); } else { error = inode_change_ok(inode, attr); if (!error) inode_setattr(inode, attr); } +unlock_and_out: unlock_kernel(); if (!error) { unsigned long dn_mask = setattr_mask(ia_valid); Index: fs/proc/base.c =================================================================== RCS file: /cvs/lsm/lsm/fs/proc/base.c,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 base.c --- fs/proc/base.c 2001/05/09 20:09:21 1.1.1.1 +++ fs/proc/base.c 2001/05/09 20:25:07 @@ -310,7 +310,7 @@ }; #define MAY_PTRACE(p) \ -(p==current||(p->p_pptr==current&&(p->ptrace & PT_PTRACED)&&p->state==TASK_STOPPED)) +(p==current||(p->p_pptr==current&&(p->ptrace & PT_PTRACED)&&p->state==TASK_STOPPED&&security_ops->ptrace(current,p)==0)) static ssize_t mem_read(struct file * file, char * buf, size_t count, loff_t *ppos) Index: include/linux/fs.h =================================================================== RCS file: /cvs/lsm/lsm/include/linux/fs.h,v retrieving revision 1.2 diff -u -r1.2 fs.h --- include/linux/fs.h 2001/05/09 20:19:19 1.2 +++ include/linux/fs.h 2001/05/09 20:25:07 @@ -660,6 +660,7 @@ struct dentry *s_root; struct rw_semaphore s_umount; wait_queue_head_t s_wait; + void *s_security; struct list_head s_dirty; /* dirty inodes */ struct list_head s_locked_inodes;/* inodes being synced */ Index: kernel/Makefile =================================================================== RCS file: /cvs/lsm/lsm/kernel/Makefile,v retrieving revision 1.2 diff -u -r1.2 Makefile --- kernel/Makefile 2001/05/09 20:19:19 1.2 +++ kernel/Makefile 2001/05/09 20:25:07 @@ -9,7 +9,7 @@ O_TARGET := kernel.o -export-objs = signal.o sys.o kmod.o context.o ksyms.o pm.o +export-objs = signal.o sys.o kmod.o context.o ksyms.o pm.o security.o obj-y = sched.o dma.o fork.o exec_domain.o panic.o printk.o \ module.o exit.o itimer.o info.o time.o softirq.o resource.o \ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 09 2001 - 13:49:50 PDT