Commit 12b3052c3ee8f508b2c7ee4ddd63ed03423409d8
Committed by
Linus Torvalds
Linus Torvalds
1 parent
6800e4c0ea
Exists in
master
and in
20 other branches
capabilities/syslog: open code cap_syslog logic to fix build failure
The addition of CONFIG_SECURITY_DMESG_RESTRICT resulted in a build failure when CONFIG_PRINTK=n. This is because the capabilities code which used the new option was built even though the variable in question didn't exist. The patch here fixes this by moving the capabilities checks out of the LSM and into the caller. All (known) LSMs should have been calling the capabilities hook already so it actually makes the code organization better to eliminate the hook altogether. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Showing 7 changed files with 28 additions and 40 deletions Side-by-side Diff
include/linux/security.h
| ... | ... | @@ -77,7 +77,6 @@ |
| 77 | 77 | extern int cap_task_setscheduler(struct task_struct *p); |
| 78 | 78 | extern int cap_task_setioprio(struct task_struct *p, int ioprio); |
| 79 | 79 | extern int cap_task_setnice(struct task_struct *p, int nice); |
| 80 | -extern int cap_syslog(int type, bool from_file); | |
| 81 | 80 | extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); |
| 82 | 81 | |
| 83 | 82 | struct msghdr; |
| ... | ... | @@ -1388,7 +1387,7 @@ |
| 1388 | 1387 | int (*sysctl) (struct ctl_table *table, int op); |
| 1389 | 1388 | int (*quotactl) (int cmds, int type, int id, struct super_block *sb); |
| 1390 | 1389 | int (*quota_on) (struct dentry *dentry); |
| 1391 | - int (*syslog) (int type, bool from_file); | |
| 1390 | + int (*syslog) (int type); | |
| 1392 | 1391 | int (*settime) (struct timespec *ts, struct timezone *tz); |
| 1393 | 1392 | int (*vm_enough_memory) (struct mm_struct *mm, long pages); |
| 1394 | 1393 | |
| ... | ... | @@ -1671,7 +1670,7 @@ |
| 1671 | 1670 | int security_sysctl(struct ctl_table *table, int op); |
| 1672 | 1671 | int security_quotactl(int cmds, int type, int id, struct super_block *sb); |
| 1673 | 1672 | int security_quota_on(struct dentry *dentry); |
| 1674 | -int security_syslog(int type, bool from_file); | |
| 1673 | +int security_syslog(int type); | |
| 1675 | 1674 | int security_settime(struct timespec *ts, struct timezone *tz); |
| 1676 | 1675 | int security_vm_enough_memory(long pages); |
| 1677 | 1676 | int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); |
| 1678 | 1677 | |
| ... | ... | @@ -1901,9 +1900,9 @@ |
| 1901 | 1900 | return 0; |
| 1902 | 1901 | } |
| 1903 | 1902 | |
| 1904 | -static inline int security_syslog(int type, bool from_file) | |
| 1903 | +static inline int security_syslog(int type) | |
| 1905 | 1904 | { |
| 1906 | - return cap_syslog(type, from_file); | |
| 1905 | + return 0; | |
| 1907 | 1906 | } |
| 1908 | 1907 | |
| 1909 | 1908 | static inline int security_settime(struct timespec *ts, struct timezone *tz) |
kernel/printk.c
| ... | ... | @@ -274,7 +274,20 @@ |
| 274 | 274 | char c; |
| 275 | 275 | int error = 0; |
| 276 | 276 | |
| 277 | - error = security_syslog(type, from_file); | |
| 277 | + /* | |
| 278 | + * If this is from /proc/kmsg we only do the capabilities checks | |
| 279 | + * at open time. | |
| 280 | + */ | |
| 281 | + if (type == SYSLOG_ACTION_OPEN || !from_file) { | |
| 282 | + if (dmesg_restrict && !capable(CAP_SYS_ADMIN)) | |
| 283 | + return -EPERM; | |
| 284 | + if ((type != SYSLOG_ACTION_READ_ALL && | |
| 285 | + type != SYSLOG_ACTION_SIZE_BUFFER) && | |
| 286 | + !capable(CAP_SYS_ADMIN)) | |
| 287 | + return -EPERM; | |
| 288 | + } | |
| 289 | + | |
| 290 | + error = security_syslog(type); | |
| 278 | 291 | if (error) |
| 279 | 292 | return error; |
| 280 | 293 |
security/capability.c
security/commoncap.c
| ... | ... | @@ -27,7 +27,6 @@ |
| 27 | 27 | #include <linux/sched.h> |
| 28 | 28 | #include <linux/prctl.h> |
| 29 | 29 | #include <linux/securebits.h> |
| 30 | -#include <linux/syslog.h> | |
| 31 | 30 | |
| 32 | 31 | /* |
| 33 | 32 | * If a non-root user executes a setuid-root binary in |
| ... | ... | @@ -881,26 +880,6 @@ |
| 881 | 880 | error: |
| 882 | 881 | abort_creds(new); |
| 883 | 882 | return error; |
| 884 | -} | |
| 885 | - | |
| 886 | -/** | |
| 887 | - * cap_syslog - Determine whether syslog function is permitted | |
| 888 | - * @type: Function requested | |
| 889 | - * @from_file: Whether this request came from an open file (i.e. /proc) | |
| 890 | - * | |
| 891 | - * Determine whether the current process is permitted to use a particular | |
| 892 | - * syslog function, returning 0 if permission is granted, -ve if not. | |
| 893 | - */ | |
| 894 | -int cap_syslog(int type, bool from_file) | |
| 895 | -{ | |
| 896 | - if (type != SYSLOG_ACTION_OPEN && from_file) | |
| 897 | - return 0; | |
| 898 | - if (dmesg_restrict && !capable(CAP_SYS_ADMIN)) | |
| 899 | - return -EPERM; | |
| 900 | - if ((type != SYSLOG_ACTION_READ_ALL && | |
| 901 | - type != SYSLOG_ACTION_SIZE_BUFFER) && !capable(CAP_SYS_ADMIN)) | |
| 902 | - return -EPERM; | |
| 903 | - return 0; | |
| 904 | 883 | } |
| 905 | 884 | |
| 906 | 885 | /** |
security/security.c
| ... | ... | @@ -197,9 +197,9 @@ |
| 197 | 197 | return security_ops->quota_on(dentry); |
| 198 | 198 | } |
| 199 | 199 | |
| 200 | -int security_syslog(int type, bool from_file) | |
| 200 | +int security_syslog(int type) | |
| 201 | 201 | { |
| 202 | - return security_ops->syslog(type, from_file); | |
| 202 | + return security_ops->syslog(type); | |
| 203 | 203 | } |
| 204 | 204 | |
| 205 | 205 | int security_settime(struct timespec *ts, struct timezone *tz) |
security/selinux/hooks.c
| ... | ... | @@ -1973,13 +1973,9 @@ |
| 1973 | 1973 | return dentry_has_perm(cred, NULL, dentry, FILE__QUOTAON); |
| 1974 | 1974 | } |
| 1975 | 1975 | |
| 1976 | -static int selinux_syslog(int type, bool from_file) | |
| 1976 | +static int selinux_syslog(int type) | |
| 1977 | 1977 | { |
| 1978 | 1978 | int rc; |
| 1979 | - | |
| 1980 | - rc = cap_syslog(type, from_file); | |
| 1981 | - if (rc) | |
| 1982 | - return rc; | |
| 1983 | 1979 | |
| 1984 | 1980 | switch (type) { |
| 1985 | 1981 | case SYSLOG_ACTION_READ_ALL: /* Read last kernel messages */ |
security/smack/smack_lsm.c
| ... | ... | @@ -157,14 +157,10 @@ |
| 157 | 157 | * |
| 158 | 158 | * Returns 0 on success, error code otherwise. |
| 159 | 159 | */ |
| 160 | -static int smack_syslog(int type, bool from_file) | |
| 160 | +static int smack_syslog(int typefrom_file) | |
| 161 | 161 | { |
| 162 | - int rc; | |
| 162 | + int rc = 0; | |
| 163 | 163 | char *sp = current_security(); |
| 164 | - | |
| 165 | - rc = cap_syslog(type, from_file); | |
| 166 | - if (rc != 0) | |
| 167 | - return rc; | |
| 168 | 164 | |
| 169 | 165 | if (capable(CAP_MAC_OVERRIDE)) |
| 170 | 166 | return 0; |