Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366

• Previous message: Chris Wright: "Re: LIDS 2.0pre2 for linux-lsm-2.5.4 is here."
• In reply to: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Next in thread: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Reply: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Chris,

Will this patch (and the LIDS module) be applied to the 2.4 tree?

Chris Wright wrote:

> * bkat_private (bkat_private) wrote:
> 
>>chris changed the 2.5 LSM source tree.
>>
>>Received the following changesets
>>---------------------
>>    ChangeSetat_private, 2002-02-19 02:09:42-08:00, chrisat_private
>>      add binprm check_security hook.
>>
> 
> I added the check_security() hook needed by LIDS.  I moved it
> into search_binary_handler() for symmetry.  So, set_security() is called
> in prepare_binprm(), and accordingly check_security() is called in
> search_binary_handler().  This guarantees reliable access to the argv
> list and envp list in check_security().  It should be noted that the only
> real case that check_security() differs from set_security() is in do_execve
> (and arch specific do_execve32 analogs).
> 
> thanks,
> -chris
> 
> diff --minimal -Nru a/fs/exec.c b/fs/exec.c
> --- a/fs/exec.c	Tue Feb 19 02:24:39 2002
> +++ b/fs/exec.c	Tue Feb 19 02:24:39 2002
> @@ -761,6 +761,10 @@
>  	    }
>  	}
>  #endif
> +	retval = security_ops->bprm_ops->check_security(&bprm);
> +	if (retval) 
> +		return retval;
> +
>  	/* kernel module loader fixup */
>  	/* so we don't try to load run modprobe in kernel space. */
>  	set_fs(USER_DS);
> diff --minimal -Nru a/include/linux/security.h b/include/linux/security.h
> --- a/include/linux/security.h	Tue Feb 19 02:24:39 2002
> +++ b/include/linux/security.h	Tue Feb 19 02:24:39 2002
> @@ -83,6 +83,16 @@
>   *	to replace it.
>   *	@bprm contains the linux_binprm structure.
>   *	Return 0 if the hook is successful and permission is granted.
> + * @check_security:
> + * 	This hook mediates the point when a search for a binary handler	will
> + * 	begin.  It allows a check the @bprm->security value which is set in
> + * 	the preceding set_security call.  The primary difference from
> + * 	set_security is that the argv list and envp list are reliably
> + * 	available in @bprm.  This hook may be called multiple times
> + * 	during a single execve; and in each pass set_security is called
> + * 	first.
> + * 	@bprm contains the linux_binprm structure.
> + *	Return 0 if the hook is successful and permission is granted.
>   *
>   * These are the security hooks for program execution operations.
>   */
> @@ -91,6 +101,7 @@
>  	void (*free_security) (struct linux_binprm *bprm);
>  	void (*compute_creds) (struct linux_binprm *bprm);
>  	int (*set_security) (struct linux_binprm *bprm);
> +	int (*check_security) (struct linux_binprm *bprm);
>  };
>  
>  /**
> diff --minimal -Nru a/security/capability.c b/security/capability.c
> --- a/security/capability.c	Tue Feb 19 02:24:39 2002
> +++ b/security/capability.c	Tue Feb 19 02:24:39 2002
> @@ -211,6 +211,11 @@
>  	return 0;
>  }
>  
> +static int cap_binprm_check_security (struct linux_binprm *bprm)
> +{
> +	return 0;
> +}
> +
>  static void cap_binprm_free_security (struct linux_binprm *bprm)
>  {
>  	return;
> @@ -1096,6 +1101,7 @@
>  	free_security:	cap_binprm_free_security,
>  	compute_creds:	cap_binprm_compute_creds,
>  	set_security:	cap_binprm_set_security,
> +	check_security:	cap_binprm_check_security,
>  };
>  
>  static struct super_block_security_ops cap_sb_ops = {
> diff --minimal -Nru a/security/dte/dte.c b/security/dte/dte.c
> --- a/security/dte/dte.c	Tue Feb 19 02:24:39 2002
> +++ b/security/dte/dte.c	Tue Feb 19 02:24:39 2002
> @@ -233,6 +233,11 @@
>  		dte_secondary_ops->bprm_ops->compute_creds(bprm);
>  }
>  
> +static int dte_binprm_check_security (struct linux_binprm *bprm)
> +{
> +	return 0;
> +}
> +
>  static int dte_sb_statfs (struct super_block *sb)
>  {
>  	return 0;
> @@ -964,6 +969,7 @@
>  	free_security:	dte_binprm_free_security,
>  	compute_creds:	dte_binprm_compute_creds,
>  	set_security:	dte_binprm_set_security,
> +	check_security:	dte_binprm_check_security,
>  };
>  
>  static struct super_block_security_ops dte_sb_ops = {
> diff --minimal -Nru a/security/dummy.c b/security/dummy.c
> --- a/security/dummy.c	Tue Feb 19 02:24:39 2002
> +++ b/security/dummy.c	Tue Feb 19 02:24:39 2002
> @@ -168,6 +168,11 @@
>  	return 0;
>  }
>  
> +static int dummy_binprm_check_security (struct linux_binprm *bprm)
> +{
> +	return 0;
> +}
> +
>  static int dummy_sb_alloc_security (struct super_block *sb)
>  {
>  	return 0;
> @@ -919,6 +924,7 @@
>  	free_security:	dummy_binprm_free_security,
>  	compute_creds:	dummy_binprm_compute_creds,
>  	set_security:	dummy_binprm_set_security,
> +	check_security:	dummy_binprm_check_security,
>  };
>  
>  static struct super_block_security_ops dummy_sb_ops = {
> diff --minimal -Nru a/security/owlsm.c b/security/owlsm.c
> --- a/security/owlsm.c	Tue Feb 19 02:24:39 2002
> +++ b/security/owlsm.c	Tue Feb 19 02:24:39 2002
> @@ -185,6 +185,11 @@
>  	return do_owlsm_sfd_set(bprm);
>  }
>  
> +static int owlsm_binprm_check_security (struct linux_binprm *bprm)
> +{
> +	return 0;
> +}
> +
>  static int owlsm_sb_alloc_security (struct super_block *sb)
>  {
>  	return 0;
> @@ -934,6 +939,7 @@
>  	free_security:	owlsm_binprm_free_security,
>  	compute_creds:	owlsm_binprm_compute_creds,
>  	set_security:	owlsm_binprm_set_security,
> +	check_security:	owlsm_binprm_check_security,
>  };
>  
>  static struct super_block_security_ops owlsm_sb_ops = {
> diff --minimal -Nru a/security/selinux/hooks.c b/security/selinux/hooks.c
> --- a/security/selinux/hooks.c	Tue Feb 19 02:24:39 2002
> +++ b/security/selinux/hooks.c	Tue Feb 19 02:24:39 2002
> @@ -1770,6 +1770,11 @@
>  	return 0;
>  }
>  
> +static int selinux_binprm_check_security (struct linux_binprm *bprm)
> +{
> +	return 0;
> +}
> +
>  static void selinux_bprm_free_security(struct linux_binprm *bprm)
>  {
>  	/* Nothing to do - not dynamically allocated. */
> @@ -3989,6 +3994,7 @@
>  	free_security:	selinux_bprm_free_security,
>  	compute_creds:	selinux_bprm_compute_creds,
>  	set_security:	selinux_bprm_set_security,
> +	check_security:	selinux_binprm_check_security,
>  };
>  
>  static struct super_block_security_ops selinux_sb_ops = {
> _______________________________________________
> linux-security-module mailing list
> linux-security-moduleat_private
> http://mail.wirex.com/mailman/listinfo/linux-security-module
> 
> 
> 

-- 
Lachlan McIlroy

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Previous message: Chris Wright: "Re: LIDS 2.0pre2 for linux-lsm-2.5.4 is here."
• In reply to: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Next in thread: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Reply: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.366"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 19 2002 - 15:11:40 PST