Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

lsm: Refactor return value of LSM hook vm_enough_memory

To be consistent with most LSM hooks, convert the return value of
hook vm_enough_memory to 0 or a negative error code.

Before:
- Hook vm_enough_memory returns 1 if permission is granted, 0 if not.
- LSM_RET_DEFAULT(vm_enough_memory_mm) is 1.

After:
- Hook vm_enough_memory reutrns 0 if permission is granted, negative
error code if not.
- LSM_RET_DEFAULT(vm_enough_memory_mm) is 0.

Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

authored by

Xu Kuohai and committed by
Paul Moore
be72a575 61a1dcdc

+14 -27
+1 -1
include/linux/lsm_hook_defs.h
··· 48 48 LSM_HOOK(int, 0, syslog, int type) 49 49 LSM_HOOK(int, 0, settime, const struct timespec64 *ts, 50 50 const struct timezone *tz) 51 - LSM_HOOK(int, 1, vm_enough_memory, struct mm_struct *mm, long pages) 51 + LSM_HOOK(int, 0, vm_enough_memory, struct mm_struct *mm, long pages) 52 52 LSM_HOOK(int, 0, bprm_creds_for_exec, struct linux_binprm *bprm) 53 53 LSM_HOOK(int, 0, bprm_creds_from_file, struct linux_binprm *bprm, const struct file *file) 54 54 LSM_HOOK(int, 0, bprm_check_security, struct linux_binprm *bprm)
+1 -1
include/linux/security.h
··· 634 634 635 635 static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) 636 636 { 637 - return __vm_enough_memory(mm, pages, cap_vm_enough_memory(mm, pages)); 637 + return __vm_enough_memory(mm, pages, !cap_vm_enough_memory(mm, pages)); 638 638 } 639 639 640 640 static inline int security_bprm_creds_for_exec(struct linux_binprm *bprm)
+3 -8
security/commoncap.c
··· 1396 1396 * Determine whether the allocation of a new virtual mapping by the current 1397 1397 * task is permitted. 1398 1398 * 1399 - * Return: 1 if permission is granted, 0 if not. 1399 + * Return: 0 if permission granted, negative error code if not. 1400 1400 */ 1401 1401 int cap_vm_enough_memory(struct mm_struct *mm, long pages) 1402 1402 { 1403 - int cap_sys_admin = 0; 1404 - 1405 - if (cap_capable(current_cred(), &init_user_ns, 1406 - CAP_SYS_ADMIN, CAP_OPT_NOAUDIT) == 0) 1407 - cap_sys_admin = 1; 1408 - 1409 - return cap_sys_admin; 1403 + return cap_capable(current_cred(), &init_user_ns, CAP_SYS_ADMIN, 1404 + CAP_OPT_NOAUDIT); 1410 1405 } 1411 1406 1412 1407 /**
+5 -6
security/security.c
··· 1129 1129 int rc; 1130 1130 1131 1131 /* 1132 - * The module will respond with a positive value if 1133 - * it thinks the __vm_enough_memory() call should be 1134 - * made with the cap_sys_admin set. If all of the modules 1135 - * agree that it should be set it will. If any module 1136 - * thinks it should not be set it won't. 1132 + * The module will respond with 0 if it thinks the __vm_enough_memory() 1133 + * call should be made with the cap_sys_admin set. If all of the modules 1134 + * agree that it should be set it will. If any module thinks it should 1135 + * not be set it won't. 1137 1136 */ 1138 1137 hlist_for_each_entry(hp, &security_hook_heads.vm_enough_memory, list) { 1139 1138 rc = hp->hook.vm_enough_memory(mm, pages); 1140 - if (rc <= 0) { 1139 + if (rc < 0) { 1141 1140 cap_sys_admin = 0; 1142 1141 break; 1143 1142 }
+4 -11
security/selinux/hooks.c
··· 2202 2202 } 2203 2203 2204 2204 /* 2205 - * Check that a process has enough memory to allocate a new virtual 2206 - * mapping. 0 means there is enough memory for the allocation to 2207 - * succeed and -ENOMEM implies there is not. 2205 + * Check permission for allocating a new virtual mapping. Returns 2206 + * 0 if permission is granted, negative error code if not. 2208 2207 * 2209 2208 * Do not audit the selinux permission check, as this is applied to all 2210 2209 * processes that allocate mappings. 2211 2210 */ 2212 2211 static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) 2213 2212 { 2214 - int rc, cap_sys_admin = 0; 2215 - 2216 - rc = cred_has_capability(current_cred(), CAP_SYS_ADMIN, 2217 - CAP_OPT_NOAUDIT, true); 2218 - if (rc == 0) 2219 - cap_sys_admin = 1; 2220 - 2221 - return cap_sys_admin; 2213 + return cred_has_capability(current_cred(), CAP_SYS_ADMIN, 2214 + CAP_OPT_NOAUDIT, true); 2222 2215 } 2223 2216 2224 2217 /* binprm security operations */