rpms/kernel/devel linux-2.6-mcs-canonicalise-getxattr.patch, NONE, 1.1 kernel-2.6.spec, 1.1592, 1.1593
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Oct 5 03:06:21 UTC 2005
- Previous message (by thread): rpms/postgresql/FC-4 postgresql-perl-rpath.patch, 1.1, 1.2 postgresql.spec, 1.51, 1.52
- Next message (by thread): rpms/kernel/devel patch-2.6.14-rc3-git4.bz2.sign, NONE, 1.1 .cvsignore, 1.240, 1.241 kernel-2.6.spec, 1.1593, 1.1594 linux-2.6.9-scsi-megaraid-legacy.patch, 1.3, 1.4 sources, 1.183, 1.184 upstream, 1.170, 1.171 patch-2.6.14-rc3-git3.bz2.sign, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: davej
Update of /cvs/dist/rpms/kernel/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv15226
Modified Files:
kernel-2.6.spec
Added Files:
linux-2.6-mcs-canonicalise-getxattr.patch
Log Message:
* Tue Oct 04 2005 Dave Jones <davej at redhat.com>
- canonicalise getxattr results.
linux-2.6-mcs-canonicalise-getxattr.patch:
fs/xattr.c | 14 +++++++++-----
include/linux/security.h | 11 +++++++----
security/dummy.c | 2 +-
security/selinux/hooks.c | 46 ++++++++++++++++++++++++++++++++--------------
4 files changed, 49 insertions(+), 24 deletions(-)
--- NEW FILE linux-2.6-mcs-canonicalise-getxattr.patch ---
canonicalize getxattr results, so that it will return the :s0 always
under MCS, even if the file hasn't been relabeled on disk.
Signed-off-by: James Morris <jmorris at namei.org>
Signed-off-by: Stephen Smalley <sds at tycho.nsa.gov>
---
fs/xattr.c | 14 +++++++++-----
include/linux/security.h | 11 +++++++----
security/dummy.c | 2 +-
security/selinux/hooks.c | 46 ++++++++++++++++++++++++++++++++--------------
4 files changed, 49 insertions(+), 24 deletions(-)
diff -purN -X dontdiff linux-2.6.13-mm2.o/fs/xattr.c linux-2.6.13-mm2.w/fs/xattr.c
--- linux-2.6.13-mm2.o/fs/xattr.c 2005-09-12 11:28:55.000000000 -0400
+++ linux-2.6.13-mm2.w/fs/xattr.c 2005-09-12 22:31:32.000000000 -0400
@@ -143,7 +143,7 @@ getxattr(struct dentry *d, char __user *
if (size) {
if (size > XATTR_SIZE_MAX)
size = XATTR_SIZE_MAX;
- kvalue = kmalloc(size, GFP_KERNEL);
+ kvalue = kzalloc(size, GFP_KERNEL);
if (!kvalue)
return -ENOMEM;
}
@@ -154,11 +154,15 @@ getxattr(struct dentry *d, char __user *
error = -EOPNOTSUPP;
if (d->d_inode->i_op && d->d_inode->i_op->getxattr)
error = d->d_inode->i_op->getxattr(d, kname, kvalue, size);
- else if (!strncmp(kname, XATTR_SECURITY_PREFIX,
- sizeof XATTR_SECURITY_PREFIX - 1)) {
+
+ if (!strncmp(kname, XATTR_SECURITY_PREFIX,
+ sizeof XATTR_SECURITY_PREFIX - 1)) {
const char *suffix = kname + sizeof XATTR_SECURITY_PREFIX - 1;
- error = security_inode_getsecurity(d->d_inode, suffix, kvalue,
- size);
+ int rv = security_inode_getsecurity(d->d_inode, suffix, kvalue,
+ size, error);
+ /* Security module active: overwrite error value */
+ if (rv != -EOPNOTSUPP)
+ error = rv;
}
if (error > 0) {
if (size && copy_to_user(value, kvalue, error))
diff -purN -X dontdiff linux-2.6.13-mm2.o/include/linux/security.h linux-2.6.13-mm2.w/include/linux/security.h
--- linux-2.6.13-mm2.o/include/linux/security.h 2005-09-12 11:28:56.000000000 -0400
+++ linux-2.6.13-mm2.w/include/linux/security.h 2005-09-12 21:00:25.000000000 -0400
@@ -385,6 +385,9 @@ struct swap_info_struct;
* NULL to request the size of the buffer required. @size indicates
* the size of @buffer in bytes. Note that @name is the remainder
* of the attribute name after the security. prefix has been removed.
+ * @err is the return value from the preceding fs getxattr call,
+ * and can be used by the security module to determine whether it
+ * should try and canonicalize the attribute value.
* Return number of bytes used/required on success.
* @inode_setsecurity:
* Set the security label associated with @name for @inode from the
@@ -1091,7 +1094,7 @@ struct security_operations {
int (*inode_getxattr) (struct dentry *dentry, char *name);
int (*inode_listxattr) (struct dentry *dentry);
int (*inode_removexattr) (struct dentry *dentry, char *name);
- int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size);
+ int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size, int err);
int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags);
int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size);
@@ -1580,11 +1583,11 @@ static inline int security_inode_removex
return security_ops->inode_removexattr (dentry, name);
}
-static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
{
if (unlikely (IS_PRIVATE (inode)))
return 0;
- return security_ops->inode_getsecurity(inode, name, buffer, size);
+ return security_ops->inode_getsecurity(inode, name, buffer, size, err);
}
static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
@@ -2222,7 +2225,7 @@ static inline int security_inode_removex
return cap_inode_removexattr(dentry, name);
}
-static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
{
return -EOPNOTSUPP;
}
diff -purN -X dontdiff linux-2.6.13-mm2.o/security/dummy.c linux-2.6.13-mm2.w/security/dummy.c
--- linux-2.6.13-mm2.o/security/dummy.c 2005-09-12 11:28:57.000000000 -0400
+++ linux-2.6.13-mm2.w/security/dummy.c 2005-09-12 12:28:47.000000000 -0400
@@ -377,7 +377,7 @@ static int dummy_inode_removexattr (stru
return 0;
}
-static int dummy_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
+static int dummy_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
{
return -EOPNOTSUPP;
}
diff -purN -X dontdiff linux-2.6.13-mm2.o/security/selinux/hooks.c linux-2.6.13-mm2.w/security/selinux/hooks.c
--- linux-2.6.13-mm2.o/security/selinux/hooks.c 2005-09-12 11:28:57.000000000 -0400
+++ linux-2.6.13-mm2.w/security/selinux/hooks.c 2005-09-13 14:45:18.000000000 -0400
@@ -2198,9 +2198,6 @@ static int selinux_inode_getxattr (struc
struct inode *inode = dentry->d_inode;
struct superblock_security_struct *sbsec = inode->i_sb->s_security;
- if (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)
- return -EOPNOTSUPP;
-
return dentry_has_perm(current, NULL, dentry, FILE__GETATTR);
}
@@ -2231,33 +2228,54 @@ static int selinux_inode_removexattr (st
return -EACCES;
}
-static int selinux_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
+/*
+ * Copy the in-core inode security context value to the user. If the
+ * getxattr() prior to this succeeded, check to see if we need to
+ * canonicalize the value to be finally returned to the user.
+ *
+ * Permission check is handled by selinux_inode_getxattr hook.
+ */
+static int selinux_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
{
struct inode_security_struct *isec = inode->i_security;
char *context;
unsigned len;
int rc;
- /* Permission check handled by selinux_inode_getxattr hook.*/
-
- if (strcmp(name, XATTR_SELINUX_SUFFIX))
- return -EOPNOTSUPP;
+ if (strcmp(name, XATTR_SELINUX_SUFFIX)) {
+ rc = -EOPNOTSUPP;
+ goto out;
+ }
rc = security_sid_to_context(isec->sid, &context, &len);
if (rc)
- return rc;
+ goto out;
+ /* Probe for required buffer size */
if (!buffer || !size) {
- kfree(context);
- return len;
+ rc = len;
+ goto out_free;
}
+
if (size < len) {
- kfree(context);
- return -ERANGE;
+ rc = -ERANGE;
+ goto out_free;
+ }
+
+ if (err > 0) {
+ if ((len == err) && !(memcmp(context, buffer, len))) {
+ /* Don't need to canonicalize value */
+ rc = err;
+ goto out_free;
+ }
+ memset(buffer, 0, size);
}
memcpy(buffer, context, len);
+ rc = len;
+out_free:
kfree(context);
- return len;
+out:
+ return rc;
}
static int selinux_inode_setsecurity(struct inode *inode, const char *name,
Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/dist/rpms/kernel/devel/kernel-2.6.spec,v
retrieving revision 1.1592
retrieving revision 1.1593
diff -u -r1.1592 -r1.1593
--- kernel-2.6.spec 4 Oct 2005 01:02:08 -0000 1.1592
+++ kernel-2.6.spec 5 Oct 2005 03:06:09 -0000 1.1593
@@ -308,6 +308,7 @@
Patch1620: linux-2.6.13-knfsd-ctlbits.patch
Patch1630: linux-2.6.11-panic-stackdump.patch
Patch1640: linux-2.6.11-acpi-thinkpad-c2c3.patch
+Patch1650: linux-2.6-mcs-canonicalise-getxattr.patch
Patch1660: linux-2.6.9-module_version.patch
Patch1670: linux-2.6-ide-floppy-eject.patch
Patch1680: linux-2.6-sound-emu10k1-ac97.patch
@@ -736,6 +737,8 @@
%patch1630 -p1
# Blacklist another 'No C2/C3 states' Thinkpad R40e BIOS.
%patch1640 -p1
+# Canonicalise getxattr results.
+%patch1650 -p1
# Add missing MODULE_VERSION tags to some modules.
%patch1660 -p1
# Fix eject on ide-floppy. (#158548)
@@ -1253,6 +1256,9 @@
%endif
%changelog
+* Tue Oct 04 2005 Dave Jones <davej at redhat.com>
+- canonicalise getxattr results.
+
* Mon Oct 03 2005 Dave Jones <davej at redhat.com>
- silence silly debug message in cx88. (#168931)
- Previous message (by thread): rpms/postgresql/FC-4 postgresql-perl-rpath.patch, 1.1, 1.2 postgresql.spec, 1.51, 1.52
- Next message (by thread): rpms/kernel/devel patch-2.6.14-rc3-git4.bz2.sign, NONE, 1.1 .cvsignore, 1.240, 1.241 kernel-2.6.spec, 1.1593, 1.1594 linux-2.6.9-scsi-megaraid-legacy.patch, 1.3, 1.4 sources, 1.183, 1.184 upstream, 1.170, 1.171 patch-2.6.14-rc3-git3.bz2.sign, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list