This patch against lsm-2.4 is a backport of the addition in the 2.5 kernel of the security_task_to_inode hook to pid_revalidate. It adds the security_task_to_inode hook to pid_base_revalidate. This causes the inode security field to be updated for /proc/pid inodes when the dentry is revalidated. The new 2.4-based SELinux depends on these, so we'd like to get them into the lsm-2.4 tree so that we can merge the new 2.4-based SELinux into it. For further reference see Stephen Smalley's email to the LKML on 19 August 2003. http://marc.theaimsgroup.com/?l=linux-kernel&m=106132946901223&w=2 If there are no objections, I will ask Steve to merge it. base.c | 14 +++++++++++++- 1 files changed, 13 insertions(+), 1 deletion(-) diff -Nru a/fs/proc/base.c b/fs/proc/base.c --- a/fs/proc/base.c Tue Sep 30 15:19:05 2003 +++ b/fs/proc/base.c Tue Sep 30 15:19:05 2003 @@ -815,8 +815,20 @@ */ static int pid_base_revalidate(struct dentry * dentry, int flags) { - if (dentry->d_inode->u.proc_i.task->pid) + struct inode *inode = dentry->d_inode; + struct task_struct *task = inode->u.proc_i.task; + if (task->pid) { + if (inode->u.proc_i.type == PROC_PID_INO || + task_dumpable(task)) { + inode->i_uid = task->euid; + inode->i_gid = task->egid; + } else { + inode->i_uid = 0; + inode->i_gid = 0; + } + security_task_to_inode(task, inode); return 1; + } d_drop(dentry); return 0; } -- James Carter <jwcart2@private> National Security Agency
This archive was generated by hypermail 2b30 : Wed Oct 01 2003 - 07:18:50 PDT