Commit 1a2a4d06e1e95260c470ebe3a945f61bbe8c1fd8
Committed by
James Morris
James Morris
1 parent
9e3ff38647
Exists in
smarc-l5.0.0_1.0.0-ga
and in
5 other branches
security: create task_free security callback
The current LSM interface to cred_free is not sufficient for allowing an LSM to track the life and death of a task. This patch adds the task_free hook so that an LSM can clean up resources on task death. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org>
Showing 4 changed files with 20 additions and 0 deletions Side-by-side Diff
include/linux/security.h
| ... | ... | @@ -651,6 +651,10 @@ |
| 651 | 651 | * manual page for definitions of the @clone_flags. |
| 652 | 652 | * @clone_flags contains the flags indicating what should be shared. |
| 653 | 653 | * Return 0 if permission is granted. |
| 654 | + * @task_free: | |
| 655 | + * @task task being freed | |
| 656 | + * Handle release of task-related resources. (Note that this can be called | |
| 657 | + * from interrupt context.) | |
| 654 | 658 | * @cred_alloc_blank: |
| 655 | 659 | * @cred points to the credentials. |
| 656 | 660 | * @gfp indicates the atomicity of any memory allocations. |
| ... | ... | @@ -1493,6 +1497,7 @@ |
| 1493 | 1497 | int (*dentry_open) (struct file *file, const struct cred *cred); |
| 1494 | 1498 | |
| 1495 | 1499 | int (*task_create) (unsigned long clone_flags); |
| 1500 | + void (*task_free) (struct task_struct *task); | |
| 1496 | 1501 | int (*cred_alloc_blank) (struct cred *cred, gfp_t gfp); |
| 1497 | 1502 | void (*cred_free) (struct cred *cred); |
| 1498 | 1503 | int (*cred_prepare)(struct cred *new, const struct cred *old, |
| ... | ... | @@ -1752,6 +1757,7 @@ |
| 1752 | 1757 | int security_file_receive(struct file *file); |
| 1753 | 1758 | int security_dentry_open(struct file *file, const struct cred *cred); |
| 1754 | 1759 | int security_task_create(unsigned long clone_flags); |
| 1760 | +void security_task_free(struct task_struct *task); | |
| 1755 | 1761 | int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); |
| 1756 | 1762 | void security_cred_free(struct cred *cred); |
| 1757 | 1763 | int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); |
| ... | ... | @@ -2244,6 +2250,9 @@ |
| 2244 | 2250 | { |
| 2245 | 2251 | return 0; |
| 2246 | 2252 | } |
| 2253 | + | |
| 2254 | +static inline void security_task_free(struct task_struct *task) | |
| 2255 | +{ } | |
| 2247 | 2256 | |
| 2248 | 2257 | static inline int security_cred_alloc_blank(struct cred *cred, gfp_t gfp) |
| 2249 | 2258 | { |
kernel/fork.c
security/capability.c
| ... | ... | @@ -358,6 +358,10 @@ |
| 358 | 358 | return 0; |
| 359 | 359 | } |
| 360 | 360 | |
| 361 | +static void cap_task_free(struct task_struct *task) | |
| 362 | +{ | |
| 363 | +} | |
| 364 | + | |
| 361 | 365 | static int cap_cred_alloc_blank(struct cred *cred, gfp_t gfp) |
| 362 | 366 | { |
| 363 | 367 | return 0; |
| ... | ... | @@ -954,6 +958,7 @@ |
| 954 | 958 | set_to_cap_if_null(ops, file_receive); |
| 955 | 959 | set_to_cap_if_null(ops, dentry_open); |
| 956 | 960 | set_to_cap_if_null(ops, task_create); |
| 961 | + set_to_cap_if_null(ops, task_free); | |
| 957 | 962 | set_to_cap_if_null(ops, cred_alloc_blank); |
| 958 | 963 | set_to_cap_if_null(ops, cred_free); |
| 959 | 964 | set_to_cap_if_null(ops, cred_prepare); |
security/security.c
| ... | ... | @@ -729,6 +729,11 @@ |
| 729 | 729 | return security_ops->task_create(clone_flags); |
| 730 | 730 | } |
| 731 | 731 | |
| 732 | +void security_task_free(struct task_struct *task) | |
| 733 | +{ | |
| 734 | + security_ops->task_free(task); | |
| 735 | +} | |
| 736 | + | |
| 732 | 737 | int security_cred_alloc_blank(struct cred *cred, gfp_t gfp) |
| 733 | 738 | { |
| 734 | 739 | return security_ops->cred_alloc_blank(cred, gfp); |