tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

capabilities/syslog: open code cap_syslog logic to fix build failure

The addition of CONFIG_SECURITY_DMESG_RESTRICT resulted in a build
failure when CONFIG_PRINTK=n. This is because the capabilities code
which used the new option was built even though the variable in question
didn't exist.

The patch here fixes this by moving the capabilities checks out of the
LSM and into the caller. All (known) LSMs should have been calling the
capabilities hook already so it actually makes the code organization
better to eliminate the hook altogether.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Eric Paris and committed by
Linus Torvalds 12b3052c 6800e4c0

+28 -40
+4 -5
include/linux/security.h
··· 77 77 extern int cap_task_setscheduler(struct task_struct *p); 78 78 extern int cap_task_setioprio(struct task_struct *p, int ioprio); 79 79 extern int cap_task_setnice(struct task_struct *p, int nice); 80 - extern int cap_syslog(int type, bool from_file); 81 80 extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); 82 81 83 82 struct msghdr; ··· 1387 1388 int (*sysctl) (struct ctl_table *table, int op); 1388 1389 int (*quotactl) (int cmds, int type, int id, struct super_block *sb); 1389 1390 int (*quota_on) (struct dentry *dentry); 1390 - int (*syslog) (int type, bool from_file); 1391 + int (*syslog) (int type); 1391 1392 int (*settime) (struct timespec *ts, struct timezone *tz); 1392 1393 int (*vm_enough_memory) (struct mm_struct *mm, long pages); 1393 1394 ··· 1670 1671 int security_sysctl(struct ctl_table *table, int op); 1671 1672 int security_quotactl(int cmds, int type, int id, struct super_block *sb); 1672 1673 int security_quota_on(struct dentry *dentry); 1673 - int security_syslog(int type, bool from_file); 1674 + int security_syslog(int type); 1674 1675 int security_settime(struct timespec *ts, struct timezone *tz); 1675 1676 int security_vm_enough_memory(long pages); 1676 1677 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); ··· 1900 1901 return 0; 1901 1902 } 1902 1903 1903 - static inline int security_syslog(int type, bool from_file) 1904 + static inline int security_syslog(int type) 1904 1905 { 1905 - return cap_syslog(type, from_file); 1906 + return 0; 1906 1907 } 1907 1908 1908 1909 static inline int security_settime(struct timespec *ts, struct timezone *tz)
+14 -1
kernel/printk.c
··· 274 274 char c; 275 275 int error = 0; 276 276 277 - error = security_syslog(type, from_file); 277 + /* 278 + * If this is from /proc/kmsg we only do the capabilities checks 279 + * at open time. 280 + */ 281 + if (type == SYSLOG_ACTION_OPEN || !from_file) { 282 + if (dmesg_restrict && !capable(CAP_SYS_ADMIN)) 283 + return -EPERM; 284 + if ((type != SYSLOG_ACTION_READ_ALL && 285 + type != SYSLOG_ACTION_SIZE_BUFFER) && 286 + !capable(CAP_SYS_ADMIN)) 287 + return -EPERM; 288 + } 289 + 290 + error = security_syslog(type); 278 291 if (error) 279 292 return error; 280 293
+5
security/capability.c
··· 17 17 return 0; 18 18 } 19 19 20 + static int cap_syslog(int type) 21 + { 22 + return 0; 23 + } 24 + 20 25 static int cap_quotactl(int cmds, int type, int id, struct super_block *sb) 21 26 { 22 27 return 0;
-21
security/commoncap.c
··· 27 27 #include <linux/sched.h> 28 28 #include <linux/prctl.h> 29 29 #include <linux/securebits.h> 30 - #include <linux/syslog.h> 31 30 32 31 /* 33 32 * If a non-root user executes a setuid-root binary in ··· 880 881 error: 881 882 abort_creds(new); 882 883 return error; 883 - } 884 - 885 - /** 886 - * cap_syslog - Determine whether syslog function is permitted 887 - * @type: Function requested 888 - * @from_file: Whether this request came from an open file (i.e. /proc) 889 - * 890 - * Determine whether the current process is permitted to use a particular 891 - * syslog function, returning 0 if permission is granted, -ve if not. 892 - */ 893 - int cap_syslog(int type, bool from_file) 894 - { 895 - if (type != SYSLOG_ACTION_OPEN && from_file) 896 - return 0; 897 - if (dmesg_restrict && !capable(CAP_SYS_ADMIN)) 898 - return -EPERM; 899 - if ((type != SYSLOG_ACTION_READ_ALL && 900 - type != SYSLOG_ACTION_SIZE_BUFFER) && !capable(CAP_SYS_ADMIN)) 901 - return -EPERM; 902 - return 0; 903 884 } 904 885 905 886 /**
+2 -2
security/security.c
··· 197 197 return security_ops->quota_on(dentry); 198 198 } 199 199 200 - int security_syslog(int type, bool from_file) 200 + int security_syslog(int type) 201 201 { 202 - return security_ops->syslog(type, from_file); 202 + return security_ops->syslog(type); 203 203 } 204 204 205 205 int security_settime(struct timespec *ts, struct timezone *tz)
+1 -5
security/selinux/hooks.c
··· 1973 1973 return dentry_has_perm(cred, NULL, dentry, FILE__QUOTAON); 1974 1974 } 1975 1975 1976 - static int selinux_syslog(int type, bool from_file) 1976 + static int selinux_syslog(int type) 1977 1977 { 1978 1978 int rc; 1979 - 1980 - rc = cap_syslog(type, from_file); 1981 - if (rc) 1982 - return rc; 1983 1979 1984 1980 switch (type) { 1985 1981 case SYSLOG_ACTION_READ_ALL: /* Read last kernel messages */
+2 -6
security/smack/smack_lsm.c
··· 157 157 * 158 158 * Returns 0 on success, error code otherwise. 159 159 */ 160 - static int smack_syslog(int type, bool from_file) 160 + static int smack_syslog(int typefrom_file) 161 161 { 162 - int rc; 162 + int rc = 0; 163 163 char *sp = current_security(); 164 - 165 - rc = cap_syslog(type, from_file); 166 - if (rc != 0) 167 - return rc; 168 164 169 165 if (capable(CAP_MAC_OVERRIDE)) 170 166 return 0;