[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-security-module
Subject: [PATCH 15/19] CRED: Pass credentials through dentry_open() [ver #4]
From: David Howells <dhowells () redhat ! com>
Date: 2008-06-20 16:02:12
Message-ID: 20080620160212.11944.759.stgit () warthog ! procyon ! org ! uk
[Download RAW message or body]
Pass credentials through dentry_open() so that the COW creds patch can have
SELinux's flush_unauthorized_files() pass the appropriate creds back to itself
when it opens its null chardev.
The security_dentry_open() call also now takes a creds pointer, as does the
dentry_open hook in struct security_operations.
Signed-off-by: David Howells <dhowells@redhat.com>
---
fs/autofs4/root.c | 4 +++-
fs/ecryptfs/main.c | 7 +++++--
fs/exportfs/expfs.c | 4 +++-
fs/hppfs/hppfs.c | 6 ++++--
fs/nfsctl.c | 3 ++-
fs/nfsd/nfs4recover.c | 3 ++-
fs/nfsd/vfs.c | 3 ++-
fs/open.c | 17 +++++++++++------
fs/xfs/linux-2.6/xfs_ioctl.c | 3 ++-
include/linux/fs.h | 4 +++-
include/linux/security.h | 7 ++++---
ipc/mqueue.c | 11 +++++++----
security/dummy.c | 2 +-
security/security.c | 4 ++--
security/selinux/hooks.c | 15 +++++++++------
15 files changed, 60 insertions(+), 33 deletions(-)
diff --git a/fs/autofs4/root.c b/fs/autofs4/root.c
index edf5b6b..6d725b7 100644
--- a/fs/autofs4/root.c
+++ b/fs/autofs4/root.c
@@ -94,6 +94,7 @@ static int autofs4_root_readdir(struct file *file, void *dirent,
static int autofs4_dir_open(struct inode *inode, struct file *file)
{
+ const struct cred *cred = current_cred();
struct dentry *dentry = file->f_path.dentry;
struct vfsmount *mnt = file->f_path.mnt;
struct autofs_sb_info *sbi = autofs4_sbi(dentry->d_sb);
@@ -156,7 +157,8 @@ static int autofs4_dir_open(struct inode *inode, struct file *file)
goto out;
}
- fp = dentry_open(fp_path.dentry, fp_path.mnt, file->f_flags);
+ fp = dentry_open(fp_path.dentry, fp_path.mnt, file->f_flags,
+ cred);
status = PTR_ERR(fp);
if (IS_ERR(fp)) {
dcache_dir_close(inode, file);
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index d603631..df31bd4 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -119,6 +119,7 @@ void __ecryptfs_printk(const char *fmt, ...)
*/
static int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
{
+ const struct cred *cred = current_cred();
struct ecryptfs_inode_info *inode_info =
ecryptfs_inode_to_private(ecryptfs_dentry->d_inode);
int rc = 0;
@@ -137,14 +138,16 @@ static int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
mntget(lower_mnt);
inode_info->lower_file = dentry_open(lower_dentry,
lower_mnt,
- (O_RDWR | O_LARGEFILE));
+ (O_RDWR | O_LARGEFILE),
+ cred);
if (IS_ERR(inode_info->lower_file)) {
dget(lower_dentry);
mntget(lower_mnt);
inode_info->lower_file = dentry_open(lower_dentry,
lower_mnt,
(O_RDONLY
- | O_LARGEFILE));
+ | O_LARGEFILE),
+ cred);
}
if (IS_ERR(inode_info->lower_file)) {
printk(KERN_ERR "Error opening lower persistent file "
diff --git a/fs/exportfs/expfs.c b/fs/exportfs/expfs.c
index cc91227..5c9de1e 100644
--- a/fs/exportfs/expfs.c
+++ b/fs/exportfs/expfs.c
@@ -14,6 +14,7 @@
#include <linux/module.h>
#include <linux/mount.h>
#include <linux/namei.h>
+#include <linux/sched.h>
#define dprintk(fmt, args...) do{}while(0)
@@ -250,6 +251,7 @@ static int filldir_one(void * __buf, const char * name, int len,
static int get_name(struct vfsmount *mnt, struct dentry *dentry,
char *name, struct dentry *child)
{
+ const struct cred *cred = current_cred();
struct inode *dir = dentry->d_inode;
int error;
struct file *file;
@@ -264,7 +266,7 @@ static int get_name(struct vfsmount *mnt, struct dentry *dentry,
/*
* Open the directory ...
*/
- file = dentry_open(dget(dentry), mntget(mnt), O_RDONLY);
+ file = dentry_open(dget(dentry), mntget(mnt), O_RDONLY, cred);
error = PTR_ERR(file);
if (IS_ERR(file))
goto out;
diff --git a/fs/hppfs/hppfs.c b/fs/hppfs/hppfs.c
index 65077aa..1d506bf 100644
--- a/fs/hppfs/hppfs.c
+++ b/fs/hppfs/hppfs.c
@@ -426,6 +426,7 @@ static int file_mode(int fmode)
static int hppfs_open(struct inode *inode, struct file *file)
{
+ const struct cred *cred = current_cred();
struct hppfs_private *data;
struct vfsmount *proc_mnt;
struct dentry *proc_dentry;
@@ -446,7 +447,7 @@ static int hppfs_open(struct inode *inode, struct file *file)
/* XXX This isn't closed anywhere */
data->proc_file = dentry_open(dget(proc_dentry), mntget(proc_mnt),
- file_mode(file->f_mode));
+ file_mode(file->f_mode), cred);
err = PTR_ERR(data->proc_file);
if (IS_ERR(data->proc_file))
goto out_free1;
@@ -489,6 +490,7 @@ static int hppfs_open(struct inode *inode, struct file *file)
static int hppfs_dir_open(struct inode *inode, struct file *file)
{
+ const struct cred *cred = current_cred();
struct hppfs_private *data;
struct vfsmount *proc_mnt;
struct dentry *proc_dentry;
@@ -502,7 +504,7 @@ static int hppfs_dir_open(struct inode *inode, struct file *file)
proc_dentry = HPPFS_I(inode)->proc_dentry;
proc_mnt = inode->i_sb->s_fs_info;
data->proc_file = dentry_open(dget(proc_dentry), mntget(proc_mnt),
- file_mode(file->f_mode));
+ file_mode(file->f_mode), cred);
err = PTR_ERR(data->proc_file);
if (IS_ERR(data->proc_file))
goto out_free;
diff --git a/fs/nfsctl.c b/fs/nfsctl.c
index aed8145..cc4ef26 100644
--- a/fs/nfsctl.c
+++ b/fs/nfsctl.c
@@ -41,7 +41,8 @@ static struct file *do_open(char *name, int flags)
error = may_open(&nd, MAY_WRITE, FMODE_WRITE);
if (!error)
- return dentry_open(nd.path.dentry, nd.path.mnt, flags);
+ return dentry_open(nd.path.dentry, nd.path.mnt, flags,
+ current_cred());
path_put(&nd.path);
return ERR_PTR(error);
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 6e751e7..7092d37 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -226,7 +226,8 @@ nfsd4_list_rec_dir(struct dentry *dir, recdir_func *f)
nfs4_save_user(&uid, &gid);
- filp = dentry_open(dget(dir), mntget(rec_dir.path.mnt), O_RDONLY);
+ filp = dentry_open(dget(dir), mntget(rec_dir.path.mnt), O_RDONLY,
+ current_cred());
status = PTR_ERR(filp);
if (IS_ERR(filp))
goto out;
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 6b10a62..1086067 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -667,6 +667,7 @@ __be32
nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
int access, struct file **filp)
{
+ const struct cred *cred = current_cred();
struct dentry *dentry;
struct inode *inode;
int flags = O_RDONLY|O_LARGEFILE;
@@ -721,7 +722,7 @@ nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
DQUOT_INIT(inode);
}
*filp = dentry_open(dget(dentry), mntget(fhp->fh_export->ex_path.mnt),
- flags);
+ flags, cred);
if (IS_ERR(*filp))
host_err = PTR_ERR(*filp);
out_nfserr:
diff --git a/fs/open.c b/fs/open.c
index 7283d33..173a168 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -794,7 +794,8 @@ static inline int __get_file_write_access(struct inode *inode,
static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
int flags, struct file *f,
- int (*open)(struct inode *, struct file *))
+ int (*open)(struct inode *, struct file *),
+ const struct cred *cred)
{
struct inode *inode;
int error;
@@ -818,7 +819,7 @@ static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
f->f_op = fops_get(inode->i_fop);
file_move(f, &inode->i_sb->s_files);
- error = security_dentry_open(f);
+ error = security_dentry_open(f, cred);
if (error)
goto cleanup_all;
@@ -893,6 +894,8 @@ cleanup_file:
struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry,
int (*open)(struct inode *, struct file *))
{
+ const struct cred *cred = current_cred();
+
if (IS_ERR(nd->intent.open.file))
goto out;
if (IS_ERR(dentry))
@@ -900,7 +903,7 @@ struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry
nd->intent.open.file = __dentry_open(dget(dentry), mntget(nd->path.mnt),
nd->intent.open.flags - 1,
nd->intent.open.file,
- open);
+ open, cred);
out:
return nd->intent.open.file;
out_err:
@@ -919,6 +922,7 @@ EXPORT_SYMBOL_GPL(lookup_instantiate_filp);
*/
struct file *nameidata_to_filp(struct nameidata *nd, int flags)
{
+ const struct cred *cred = current_cred();
struct file *filp;
/* Pick up the filp from the open intent */
@@ -926,7 +930,7 @@ struct file *nameidata_to_filp(struct nameidata *nd, int flags)
/* Has the filesystem initialised the file for us? */
if (filp->f_path.dentry == NULL)
filp = __dentry_open(nd->path.dentry, nd->path.mnt, flags, filp,
- NULL);
+ NULL, cred);
else
path_put(&nd->path);
return filp;
@@ -936,7 +940,8 @@ struct file *nameidata_to_filp(struct nameidata *nd, int flags)
* dentry_open() will have done dput(dentry) and mntput(mnt) if it returns an
* error.
*/
-struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags)
+struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags,
+ const struct cred *cred)
{
int error;
struct file *f;
@@ -961,7 +966,7 @@ struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags)
return ERR_PTR(error);
}
- return __dentry_open(dentry, mnt, flags, f, NULL);
+ return __dentry_open(dentry, mnt, flags, f, NULL, cred);
}
EXPORT_SYMBOL(dentry_open);
diff --git a/fs/xfs/linux-2.6/xfs_ioctl.c b/fs/xfs/linux-2.6/xfs_ioctl.c
index a42ba9d..c553dc4 100644
--- a/fs/xfs/linux-2.6/xfs_ioctl.c
+++ b/fs/xfs/linux-2.6/xfs_ioctl.c
@@ -256,6 +256,7 @@ xfs_open_by_handle(
struct file *parfilp,
struct inode *parinode)
{
+ const struct cred *cred = current_cred();
int error;
int new_fd;
int permflag;
@@ -322,7 +323,7 @@ xfs_open_by_handle(
mntget(parfilp->f_path.mnt);
/* Create file pointer. */
- filp = dentry_open(dentry, parfilp->f_path.mnt, hreq.oflags);
+ filp = dentry_open(dentry, parfilp->f_path.mnt, hreq.oflags, cred);
if (IS_ERR(filp)) {
put_unused_fd(new_fd);
return -XFS_ERROR(-PTR_ERR(filp));
diff --git a/include/linux/fs.h b/include/linux/fs.h
index d8774e7..7c823ba 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -302,6 +302,7 @@ struct poll_table_struct;
struct kstatfs;
struct vm_area_struct;
struct vfsmount;
+struct cred;
extern void __init inode_init(void);
extern void __init inode_init_early(void);
@@ -1603,7 +1604,8 @@ extern int do_truncate(struct dentry *, loff_t start, unsigned int time_attrs,
extern long do_sys_open(int dfd, const char __user *filename, int flags,
int mode);
extern struct file *filp_open(const char *, int, int);
-extern struct file * dentry_open(struct dentry *, struct vfsmount *, int);
+extern struct file * dentry_open(struct dentry *, struct vfsmount *, int,
+ const struct cred *);
extern int filp_close(struct file *, fl_owner_t id);
extern char * getname(const char __user *);
diff --git a/include/linux/security.h b/include/linux/security.h
index 7158c6b..0e99301 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1414,7 +1414,7 @@ struct security_operations {
int (*file_send_sigiotask) (struct task_struct *tsk,
struct fown_struct *fown, int sig);
int (*file_receive) (struct file *file);
- int (*dentry_open) (struct file *file);
+ int (*dentry_open) (struct file *file, const struct cred *cred);
int (*task_create) (unsigned long clone_flags);
int (*cred_alloc_security) (struct cred *cred);
@@ -1681,7 +1681,7 @@ int security_file_set_fowner(struct file *file);
int security_file_send_sigiotask(struct task_struct *tsk,
struct fown_struct *fown, int sig);
int security_file_receive(struct file *file);
-int security_dentry_open(struct file *file);
+int security_dentry_open(struct file *file, const struct cred *cred);
int security_task_create(unsigned long clone_flags);
int security_cred_alloc(struct cred *cred);
void security_cred_free(struct cred *cred);
@@ -2186,7 +2186,8 @@ static inline int security_file_receive(struct file *file)
return 0;
}
-static inline int security_dentry_open(struct file *file)
+static inline int security_dentry_open(struct file *file,
+ const struct cred *cred)
{
return 0;
}
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 51d9125..5e33846 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -597,6 +597,7 @@ static int mq_attr_ok(struct mq_attr *attr)
static struct file *do_create(struct dentry *dir, struct dentry *dentry,
int oflag, mode_t mode, struct mq_attr __user *u_attr)
{
+ const struct cred *cred = current_cred();
struct mq_attr attr;
struct file *result;
int ret;
@@ -621,7 +622,7 @@ static struct file *do_create(struct dentry *dir, struct dentry *dentry,
if (ret)
goto out_drop_write;
- result = dentry_open(dentry, mqueue_mnt, oflag);
+ result = dentry_open(dentry, mqueue_mnt, oflag, cred);
/*
* dentry_open() took a persistent mnt_want_write(),
* so we can now drop this one.
@@ -640,8 +641,10 @@ out:
/* Opens existing queue */
static struct file *do_open(struct dentry *dentry, int oflag)
{
-static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE,
- MAY_READ | MAY_WRITE };
+ const struct cred *cred = current_cred();
+
+ static const int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE,
+ MAY_READ | MAY_WRITE };
if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) {
dput(dentry);
@@ -655,7 +658,7 @@ static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE,
return ERR_PTR(-EACCES);
}
- return dentry_open(dentry, mqueue_mnt, oflag);
+ return dentry_open(dentry, mqueue_mnt, oflag, cred);
}
asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
diff --git a/security/dummy.c b/security/dummy.c
index 76655a5..ec5c460 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -523,7 +523,7 @@ static int dummy_file_receive (struct file *file)
return 0;
}
-static int dummy_dentry_open (struct file *file)
+static int dummy_dentry_open (struct file *file, const struct cred *cred)
{
return 0;
}
diff --git a/security/security.c b/security/security.c
index a81164e..4d1ef60 100644
--- a/security/security.c
+++ b/security/security.c
@@ -629,9 +629,9 @@ int security_file_receive(struct file *file)
return security_ops->file_receive(file);
}
-int security_dentry_open(struct file *file)
+int security_dentry_open(struct file *file, const struct cred *cred)
{
- return security_ops->dentry_open(file);
+ return security_ops->dentry_open(file, cred);
}
int security_task_create(unsigned long clone_flags)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index a99f430..fdb41ee 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2103,9 +2103,9 @@ extern struct vfsmount *selinuxfs_mount;
extern struct dentry *selinux_null;
/* Derived from fs/exec.c:flush_old_files. */
-static inline void flush_unauthorized_files(struct files_struct *files)
+static inline void flush_unauthorized_files(const struct cred *cred,
+ struct files_struct *files)
{
- const struct cred *cred = current_cred();
struct avc_audit_data ad;
struct file *file, *devnull = NULL;
struct tty_struct *tty;
@@ -2174,7 +2174,10 @@ static inline void flush_unauthorized_files(struct files_struct *files)
if (devnull) {
get_file(devnull);
} else {
- devnull = dentry_open(dget(selinux_null), mntget(selinuxfs_mount), O_RDWR);
+ devnull = dentry_open(
+ dget(selinux_null),
+ mntget(selinuxfs_mount),
+ O_RDWR, cred);
if (IS_ERR(devnull)) {
devnull = NULL;
put_unused_fd(fd);
@@ -2254,6 +2257,7 @@ static void selinux_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
*/
static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm)
{
+ const struct cred *cred = current_cred();
struct task_security_struct *tsec;
struct rlimit *rlim, *initrlim;
struct itimerval itimer;
@@ -2271,7 +2275,7 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm)
return;
/* Close files for which the new task SID is not authorized. */
- flush_unauthorized_files(current->files);
+ flush_unauthorized_files(cred, current->files);
/* Check whether the new SID can inherit signal state
from the old SID. If not, clear itimers to avoid
@@ -3166,9 +3170,8 @@ static int selinux_file_receive(struct file *file)
return file_has_perm(cred, file, file_to_av(file));
}
-static int selinux_dentry_open(struct file *file)
+static int selinux_dentry_open(struct file *file, const struct cred *cred)
{
- const struct cred *cred = current_cred();
struct file_security_struct *fsec;
struct inode *inode;
struct inode_security_struct *isec;
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic