tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull namespace updates from Eric Biederman:
"There was a lot of work this cycle fixing bugs that were discovered
after the merge window and getting everything ready where we can
reasonably support fully unprivileged fuse. The bug fixes you already
have and much of the unprivileged fuse work is coming in via other
trees.

Still left for fully unprivileged fuse is figuring out how to cleanly
handle .set_acl and .get_acl in the legacy case, and properly handling
of evm xattrs on unprivileged mounts.

Included in the tree is a cleanup from Alexely that replaced a linked
list with a statically allocated fix sized array for the pid caches,
which simplifies and speeds things up.

Then there is are some cleanups and fixes for the ipc namespace. The
motivation was that in reviewing other code it was discovered that
access ipc objects from different pid namespaces recorded pids in such
a way that when asked the wrong pids were returned. In the worst case
there has been a measured 30% performance impact for sysvipc
semaphores. Other test cases showed no measurable performance impact.
Manfred Spraul and Davidlohr Bueso who tend to work on sysvipc
performance both gave the nod that this is good enough.

Casey Schaufler and James Morris have given their approval to the LSM
side of the changes.

I simplified the types and the code dealing with sysvipc to pass just
kern_ipc_perm for all three types of ipc. Which reduced the header
dependencies throughout the kernel and simplified the lsm code.

Which let me work on the pid fixes without having to worry about
trivial changes causing complete kernel recompiles"

* 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
ipc/shm: Fix pid freeing.
ipc/shm: fix up for struct file no longer being available in shm.h
ipc/smack: Tidy up from the change in type of the ipc security hooks
ipc: Directly call the security hook in ipc_ops.associate
ipc/sem: Fix semctl(..., GETPID, ...) between pid namespaces
ipc/msg: Fix msgctl(..., IPC_STAT, ...) between pid namespaces
ipc/shm: Fix shmctl(..., IPC_STAT, ...) between pid namespaces.
ipc/util: Helpers for making the sysvipc operations pid namespace aware
ipc: Move IPCMNI from include/ipc.h into ipc/util.h
msg: Move struct msg_queue into ipc/msg.c
shm: Move struct shmid_kernel into ipc/shm.c
sem: Move struct sem and struct sem_array into ipc/sem.c
msg/security: Pass kern_ipc_perm not msg_queue into the msg_queue security hooks
shm/security: Pass kern_ipc_perm not shmid_kernel into the shm security hooks
sem/security: Pass kern_ipc_perm not sem_array into the sem security hooks
pidns: simpler allocation of pid_* caches

Linus Torvalds 17dec0a9 d92cd810

+345 -454
-2
include/linux/ipc.h
··· 8 8 #include <uapi/linux/ipc.h> 9 9 #include <linux/refcount.h> 10 10 11 - #define IPCMNI 32768 /* <= MAX_INT limit for ipc arrays (including sysctl changes) */ 12 - 13 11 /* used by in-kernel data structures */ 14 12 struct kern_ipc_perm { 15 13 spinlock_t lock;
+16 -16
include/linux/lsm_hooks.h
··· 1575 1575 int (*msg_msg_alloc_security)(struct msg_msg *msg); 1576 1576 void (*msg_msg_free_security)(struct msg_msg *msg); 1577 1577 1578 - int (*msg_queue_alloc_security)(struct msg_queue *msq); 1579 - void (*msg_queue_free_security)(struct msg_queue *msq); 1580 - int (*msg_queue_associate)(struct msg_queue *msq, int msqflg); 1581 - int (*msg_queue_msgctl)(struct msg_queue *msq, int cmd); 1582 - int (*msg_queue_msgsnd)(struct msg_queue *msq, struct msg_msg *msg, 1578 + int (*msg_queue_alloc_security)(struct kern_ipc_perm *msq); 1579 + void (*msg_queue_free_security)(struct kern_ipc_perm *msq); 1580 + int (*msg_queue_associate)(struct kern_ipc_perm *msq, int msqflg); 1581 + int (*msg_queue_msgctl)(struct kern_ipc_perm *msq, int cmd); 1582 + int (*msg_queue_msgsnd)(struct kern_ipc_perm *msq, struct msg_msg *msg, 1583 1583 int msqflg); 1584 - int (*msg_queue_msgrcv)(struct msg_queue *msq, struct msg_msg *msg, 1584 + int (*msg_queue_msgrcv)(struct kern_ipc_perm *msq, struct msg_msg *msg, 1585 1585 struct task_struct *target, long type, 1586 1586 int mode); 1587 1587 1588 - int (*shm_alloc_security)(struct shmid_kernel *shp); 1589 - void (*shm_free_security)(struct shmid_kernel *shp); 1590 - int (*shm_associate)(struct shmid_kernel *shp, int shmflg); 1591 - int (*shm_shmctl)(struct shmid_kernel *shp, int cmd); 1592 - int (*shm_shmat)(struct shmid_kernel *shp, char __user *shmaddr, 1588 + int (*shm_alloc_security)(struct kern_ipc_perm *shp); 1589 + void (*shm_free_security)(struct kern_ipc_perm *shp); 1590 + int (*shm_associate)(struct kern_ipc_perm *shp, int shmflg); 1591 + int (*shm_shmctl)(struct kern_ipc_perm *shp, int cmd); 1592 + int (*shm_shmat)(struct kern_ipc_perm *shp, char __user *shmaddr, 1593 1593 int shmflg); 1594 1594 1595 - int (*sem_alloc_security)(struct sem_array *sma); 1596 - void (*sem_free_security)(struct sem_array *sma); 1597 - int (*sem_associate)(struct sem_array *sma, int semflg); 1598 - int (*sem_semctl)(struct sem_array *sma, int cmd); 1599 - int (*sem_semop)(struct sem_array *sma, struct sembuf *sops, 1595 + int (*sem_alloc_security)(struct kern_ipc_perm *sma); 1596 + void (*sem_free_security)(struct kern_ipc_perm *sma); 1597 + int (*sem_associate)(struct kern_ipc_perm *sma, int semflg); 1598 + int (*sem_semctl)(struct kern_ipc_perm *sma, int cmd); 1599 + int (*sem_semop)(struct kern_ipc_perm *sma, struct sembuf *sops, 1600 1600 unsigned nsops, int alter); 1601 1601 1602 1602 int (*netlink_send)(struct sock *sk, struct sk_buff *skb);
-18
include/linux/msg.h
··· 3 3 #define _LINUX_MSG_H 4 4 5 5 #include <linux/list.h> 6 - #include <linux/time64.h> 7 6 #include <uapi/linux/msg.h> 8 7 9 8 /* one msg_msg structure for each message */ ··· 14 15 void *security; 15 16 /* the actual message follows immediately */ 16 17 }; 17 - 18 - /* one msq_queue structure for each present queue on the system */ 19 - struct msg_queue { 20 - struct kern_ipc_perm q_perm; 21 - time64_t q_stime; /* last msgsnd time */ 22 - time64_t q_rtime; /* last msgrcv time */ 23 - time64_t q_ctime; /* last change time */ 24 - unsigned long q_cbytes; /* current number of bytes on queue */ 25 - unsigned long q_qnum; /* number of messages in queue */ 26 - unsigned long q_qbytes; /* max number of bytes on queue */ 27 - pid_t q_lspid; /* pid of last msgsnd */ 28 - pid_t q_lrpid; /* last receive pid */ 29 - 30 - struct list_head q_messages; 31 - struct list_head q_receivers; 32 - struct list_head q_senders; 33 - } __randomize_layout; 34 18 35 19 #endif /* _LINUX_MSG_H */
+32 -35
include/linux/security.h
··· 36 36 struct cred; 37 37 struct rlimit; 38 38 struct siginfo; 39 - struct sem_array; 40 39 struct sembuf; 41 40 struct kern_ipc_perm; 42 41 struct audit_context; ··· 49 50 struct iattr; 50 51 struct fown_struct; 51 52 struct file_operations; 52 - struct shmid_kernel; 53 53 struct msg_msg; 54 - struct msg_queue; 55 54 struct xattr; 56 55 struct xfrm_sec_ctx; 57 56 struct mm_struct; ··· 352 355 void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); 353 356 int security_msg_msg_alloc(struct msg_msg *msg); 354 357 void security_msg_msg_free(struct msg_msg *msg); 355 - int security_msg_queue_alloc(struct msg_queue *msq); 356 - void security_msg_queue_free(struct msg_queue *msq); 357 - int security_msg_queue_associate(struct msg_queue *msq, int msqflg); 358 - int security_msg_queue_msgctl(struct msg_queue *msq, int cmd); 359 - int security_msg_queue_msgsnd(struct msg_queue *msq, 358 + int security_msg_queue_alloc(struct kern_ipc_perm *msq); 359 + void security_msg_queue_free(struct kern_ipc_perm *msq); 360 + int security_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg); 361 + int security_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd); 362 + int security_msg_queue_msgsnd(struct kern_ipc_perm *msq, 360 363 struct msg_msg *msg, int msqflg); 361 - int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, 364 + int security_msg_queue_msgrcv(struct kern_ipc_perm *msq, struct msg_msg *msg, 362 365 struct task_struct *target, long type, int mode); 363 - int security_shm_alloc(struct shmid_kernel *shp); 364 - void security_shm_free(struct shmid_kernel *shp); 365 - int security_shm_associate(struct shmid_kernel *shp, int shmflg); 366 - int security_shm_shmctl(struct shmid_kernel *shp, int cmd); 367 - int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg); 368 - int security_sem_alloc(struct sem_array *sma); 369 - void security_sem_free(struct sem_array *sma); 370 - int security_sem_associate(struct sem_array *sma, int semflg); 371 - int security_sem_semctl(struct sem_array *sma, int cmd); 372 - int security_sem_semop(struct sem_array *sma, struct sembuf *sops, 366 + int security_shm_alloc(struct kern_ipc_perm *shp); 367 + void security_shm_free(struct kern_ipc_perm *shp); 368 + int security_shm_associate(struct kern_ipc_perm *shp, int shmflg); 369 + int security_shm_shmctl(struct kern_ipc_perm *shp, int cmd); 370 + int security_shm_shmat(struct kern_ipc_perm *shp, char __user *shmaddr, int shmflg); 371 + int security_sem_alloc(struct kern_ipc_perm *sma); 372 + void security_sem_free(struct kern_ipc_perm *sma); 373 + int security_sem_associate(struct kern_ipc_perm *sma, int semflg); 374 + int security_sem_semctl(struct kern_ipc_perm *sma, int cmd); 375 + int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, 373 376 unsigned nsops, int alter); 374 377 void security_d_instantiate(struct dentry *dentry, struct inode *inode); 375 378 int security_getprocattr(struct task_struct *p, char *name, char **value); ··· 1042 1045 static inline void security_msg_msg_free(struct msg_msg *msg) 1043 1046 { } 1044 1047 1045 - static inline int security_msg_queue_alloc(struct msg_queue *msq) 1048 + static inline int security_msg_queue_alloc(struct kern_ipc_perm *msq) 1046 1049 { 1047 1050 return 0; 1048 1051 } 1049 1052 1050 - static inline void security_msg_queue_free(struct msg_queue *msq) 1053 + static inline void security_msg_queue_free(struct kern_ipc_perm *msq) 1051 1054 { } 1052 1055 1053 - static inline int security_msg_queue_associate(struct msg_queue *msq, 1056 + static inline int security_msg_queue_associate(struct kern_ipc_perm *msq, 1054 1057 int msqflg) 1055 1058 { 1056 1059 return 0; 1057 1060 } 1058 1061 1059 - static inline int security_msg_queue_msgctl(struct msg_queue *msq, int cmd) 1062 + static inline int security_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) 1060 1063 { 1061 1064 return 0; 1062 1065 } 1063 1066 1064 - static inline int security_msg_queue_msgsnd(struct msg_queue *msq, 1067 + static inline int security_msg_queue_msgsnd(struct kern_ipc_perm *msq, 1065 1068 struct msg_msg *msg, int msqflg) 1066 1069 { 1067 1070 return 0; 1068 1071 } 1069 1072 1070 - static inline int security_msg_queue_msgrcv(struct msg_queue *msq, 1073 + static inline int security_msg_queue_msgrcv(struct kern_ipc_perm *msq, 1071 1074 struct msg_msg *msg, 1072 1075 struct task_struct *target, 1073 1076 long type, int mode) ··· 1075 1078 return 0; 1076 1079 } 1077 1080 1078 - static inline int security_shm_alloc(struct shmid_kernel *shp) 1081 + static inline int security_shm_alloc(struct kern_ipc_perm *shp) 1079 1082 { 1080 1083 return 0; 1081 1084 } 1082 1085 1083 - static inline void security_shm_free(struct shmid_kernel *shp) 1086 + static inline void security_shm_free(struct kern_ipc_perm *shp) 1084 1087 { } 1085 1088 1086 - static inline int security_shm_associate(struct shmid_kernel *shp, 1089 + static inline int security_shm_associate(struct kern_ipc_perm *shp, 1087 1090 int shmflg) 1088 1091 { 1089 1092 return 0; 1090 1093 } 1091 1094 1092 - static inline int security_shm_shmctl(struct shmid_kernel *shp, int cmd) 1095 + static inline int security_shm_shmctl(struct kern_ipc_perm *shp, int cmd) 1093 1096 { 1094 1097 return 0; 1095 1098 } 1096 1099 1097 - static inline int security_shm_shmat(struct shmid_kernel *shp, 1100 + static inline int security_shm_shmat(struct kern_ipc_perm *shp, 1098 1101 char __user *shmaddr, int shmflg) 1099 1102 { 1100 1103 return 0; 1101 1104 } 1102 1105 1103 - static inline int security_sem_alloc(struct sem_array *sma) 1106 + static inline int security_sem_alloc(struct kern_ipc_perm *sma) 1104 1107 { 1105 1108 return 0; 1106 1109 } 1107 1110 1108 - static inline void security_sem_free(struct sem_array *sma) 1111 + static inline void security_sem_free(struct kern_ipc_perm *sma) 1109 1112 { } 1110 1113 1111 - static inline int security_sem_associate(struct sem_array *sma, int semflg) 1114 + static inline int security_sem_associate(struct kern_ipc_perm *sma, int semflg) 1112 1115 { 1113 1116 return 0; 1114 1117 } 1115 1118 1116 - static inline int security_sem_semctl(struct sem_array *sma, int cmd) 1119 + static inline int security_sem_semctl(struct kern_ipc_perm *sma, int cmd) 1117 1120 { 1118 1121 return 0; 1119 1122 } 1120 1123 1121 - static inline int security_sem_semop(struct sem_array *sma, 1124 + static inline int security_sem_semop(struct kern_ipc_perm *sma, 1122 1125 struct sembuf *sops, unsigned nsops, 1123 1126 int alter) 1124 1127 {
+1 -39
include/linux/sem.h
··· 2 2 #ifndef _LINUX_SEM_H 3 3 #define _LINUX_SEM_H 4 4 5 - #include <linux/atomic.h> 6 - #include <linux/rcupdate.h> 7 - #include <linux/cache.h> 8 - #include <linux/time64.h> 9 5 #include <uapi/linux/sem.h> 10 6 11 7 struct task_struct; 12 - 13 - /* One semaphore structure for each semaphore in the system. */ 14 - struct sem { 15 - int semval; /* current value */ 16 - /* 17 - * PID of the process that last modified the semaphore. For 18 - * Linux, specifically these are: 19 - * - semop 20 - * - semctl, via SETVAL and SETALL. 21 - * - at task exit when performing undo adjustments (see exit_sem). 22 - */ 23 - int sempid; 24 - spinlock_t lock; /* spinlock for fine-grained semtimedop */ 25 - struct list_head pending_alter; /* pending single-sop operations */ 26 - /* that alter the semaphore */ 27 - struct list_head pending_const; /* pending single-sop operations */ 28 - /* that do not alter the semaphore*/ 29 - time_t sem_otime; /* candidate for sem_otime */ 30 - } ____cacheline_aligned_in_smp; 31 - 32 - /* One sem_array data structure for each set of semaphores in the system. */ 33 - struct sem_array { 34 - struct kern_ipc_perm sem_perm; /* permissions .. see ipc.h */ 35 - time64_t sem_ctime; /* create/last semctl() time */ 36 - struct list_head pending_alter; /* pending operations */ 37 - /* that alter the array */ 38 - struct list_head pending_const; /* pending complex operations */ 39 - /* that do not alter semvals */ 40 - struct list_head list_id; /* undo requests on this array */ 41 - int sem_nsems; /* no. of semaphores in array */ 42 - int complex_count; /* pending complex operations */ 43 - unsigned int use_global_lock;/* >0: global lock required */ 44 - 45 - struct sem sems[]; 46 - } __randomize_layout; 8 + struct sem_undo_list; 47 9 48 10 #ifdef CONFIG_SYSVIPC 49 11
+1 -21
include/linux/shm.h
··· 7 7 #include <uapi/linux/shm.h> 8 8 #include <asm/shmparam.h> 9 9 10 - struct shmid_kernel /* private to the kernel */ 11 - { 12 - struct kern_ipc_perm shm_perm; 13 - struct file *shm_file; 14 - unsigned long shm_nattch; 15 - unsigned long shm_segsz; 16 - time64_t shm_atim; 17 - time64_t shm_dtim; 18 - time64_t shm_ctim; 19 - pid_t shm_cprid; 20 - pid_t shm_lprid; 21 - struct user_struct *mlock_user; 22 - 23 - /* The task created the shm object. NULL if the task is dead. */ 24 - struct task_struct *shm_creator; 25 - struct list_head shm_clist; /* list by creator */ 26 - } __randomize_layout; 27 - 28 - /* shm_mode upper byte flags */ 29 - #define SHM_DEST 01000 /* segment will be destroyed on last detach */ 30 - #define SHM_LOCKED 02000 /* segment will not be swapped */ 10 + struct file; 31 11 32 12 #ifdef CONFIG_SYSVIPC 33 13 struct sysv_shm {
+36 -26
ipc/msg.c
··· 43 43 #include <linux/uaccess.h> 44 44 #include "util.h" 45 45 46 + /* one msq_queue structure for each present queue on the system */ 47 + struct msg_queue { 48 + struct kern_ipc_perm q_perm; 49 + time64_t q_stime; /* last msgsnd time */ 50 + time64_t q_rtime; /* last msgrcv time */ 51 + time64_t q_ctime; /* last change time */ 52 + unsigned long q_cbytes; /* current number of bytes on queue */ 53 + unsigned long q_qnum; /* number of messages in queue */ 54 + unsigned long q_qbytes; /* max number of bytes on queue */ 55 + struct pid *q_lspid; /* pid of last msgsnd */ 56 + struct pid *q_lrpid; /* last receive pid */ 57 + 58 + struct list_head q_messages; 59 + struct list_head q_receivers; 60 + struct list_head q_senders; 61 + } __randomize_layout; 62 + 46 63 /* one msg_receiver structure for each sleeping receiver */ 47 64 struct msg_receiver { 48 65 struct list_head r_list; ··· 118 101 struct kern_ipc_perm *p = container_of(head, struct kern_ipc_perm, rcu); 119 102 struct msg_queue *msq = container_of(p, struct msg_queue, q_perm); 120 103 121 - security_msg_queue_free(msq); 104 + security_msg_queue_free(&msq->q_perm); 122 105 kvfree(msq); 123 106 } 124 107 ··· 144 127 msq->q_perm.key = key; 145 128 146 129 msq->q_perm.security = NULL; 147 - retval = security_msg_queue_alloc(msq); 130 + retval = security_msg_queue_alloc(&msq->q_perm); 148 131 if (retval) { 149 132 kvfree(msq); 150 133 return retval; ··· 154 137 msq->q_ctime = ktime_get_real_seconds(); 155 138 msq->q_cbytes = msq->q_qnum = 0; 156 139 msq->q_qbytes = ns->msg_ctlmnb; 157 - msq->q_lspid = msq->q_lrpid = 0; 140 + msq->q_lspid = msq->q_lrpid = NULL; 158 141 INIT_LIST_HEAD(&msq->q_messages); 159 142 INIT_LIST_HEAD(&msq->q_receivers); 160 143 INIT_LIST_HEAD(&msq->q_senders); ··· 267 250 free_msg(msg); 268 251 } 269 252 atomic_sub(msq->q_cbytes, &ns->msg_bytes); 253 + ipc_update_pid(&msq->q_lspid, NULL); 254 + ipc_update_pid(&msq->q_lrpid, NULL); 270 255 ipc_rcu_putref(&msq->q_perm, msg_rcu_free); 271 - } 272 - 273 - /* 274 - * Called with msg_ids.rwsem and ipcp locked. 275 - */ 276 - static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg) 277 - { 278 - struct msg_queue *msq = container_of(ipcp, struct msg_queue, q_perm); 279 - 280 - return security_msg_queue_associate(msq, msgflg); 281 256 } 282 257 283 258 long ksys_msgget(key_t key, int msgflg) ··· 277 268 struct ipc_namespace *ns; 278 269 static const struct ipc_ops msg_ops = { 279 270 .getnew = newque, 280 - .associate = msg_security, 271 + .associate = security_msg_queue_associate, 281 272 }; 282 273 struct ipc_params msg_params; 283 274 ··· 394 385 395 386 msq = container_of(ipcp, struct msg_queue, q_perm); 396 387 397 - err = security_msg_queue_msgctl(msq, cmd); 388 + err = security_msg_queue_msgctl(&msq->q_perm, cmd); 398 389 if (err) 399 390 goto out_unlock1; 400 391 ··· 516 507 if (ipcperms(ns, &msq->q_perm, S_IRUGO)) 517 508 goto out_unlock; 518 509 519 - err = security_msg_queue_msgctl(msq, cmd); 510 + err = security_msg_queue_msgctl(&msq->q_perm, cmd); 520 511 if (err) 521 512 goto out_unlock; 522 513 ··· 535 526 p->msg_cbytes = msq->q_cbytes; 536 527 p->msg_qnum = msq->q_qnum; 537 528 p->msg_qbytes = msq->q_qbytes; 538 - p->msg_lspid = msq->q_lspid; 539 - p->msg_lrpid = msq->q_lrpid; 529 + p->msg_lspid = pid_vnr(msq->q_lspid); 530 + p->msg_lrpid = pid_vnr(msq->q_lrpid); 540 531 541 532 ipc_unlock_object(&msq->q_perm); 542 533 rcu_read_unlock(); ··· 742 733 743 734 list_for_each_entry_safe(msr, t, &msq->q_receivers, r_list) { 744 735 if (testmsg(msg, msr->r_msgtype, msr->r_mode) && 745 - !security_msg_queue_msgrcv(msq, msg, msr->r_tsk, 736 + !security_msg_queue_msgrcv(&msq->q_perm, msg, msr->r_tsk, 746 737 msr->r_msgtype, msr->r_mode)) { 747 738 748 739 list_del(&msr->r_list); ··· 750 741 wake_q_add(wake_q, msr->r_tsk); 751 742 WRITE_ONCE(msr->r_msg, ERR_PTR(-E2BIG)); 752 743 } else { 753 - msq->q_lrpid = task_pid_vnr(msr->r_tsk); 744 + ipc_update_pid(&msq->q_lrpid, task_pid(msr->r_tsk)); 754 745 msq->q_rtime = get_seconds(); 755 746 756 747 wake_q_add(wake_q, msr->r_tsk); ··· 808 799 goto out_unlock0; 809 800 } 810 801 811 - err = security_msg_queue_msgsnd(msq, msg, msgflg); 802 + err = security_msg_queue_msgsnd(&msq->q_perm, msg, msgflg); 812 803 if (err) 813 804 goto out_unlock0; 814 805 ··· 851 842 852 843 } 853 844 854 - msq->q_lspid = task_tgid_vnr(current); 845 + ipc_update_pid(&msq->q_lspid, task_tgid(current)); 855 846 msq->q_stime = get_seconds(); 856 847 857 848 if (!pipelined_send(msq, msg, &wake_q)) { ··· 996 987 997 988 list_for_each_entry(msg, &msq->q_messages, m_list) { 998 989 if (testmsg(msg, *msgtyp, mode) && 999 - !security_msg_queue_msgrcv(msq, msg, current, 990 + !security_msg_queue_msgrcv(&msq->q_perm, msg, current, 1000 991 *msgtyp, mode)) { 1001 992 if (mode == SEARCH_LESSEQUAL && msg->m_type != 1) { 1002 993 *msgtyp = msg->m_type - 1; ··· 1081 1072 list_del(&msg->m_list); 1082 1073 msq->q_qnum--; 1083 1074 msq->q_rtime = get_seconds(); 1084 - msq->q_lrpid = task_tgid_vnr(current); 1075 + ipc_update_pid(&msq->q_lrpid, task_tgid(current)); 1085 1076 msq->q_cbytes -= msg->m_ts; 1086 1077 atomic_sub(msg->m_ts, &ns->msg_bytes); 1087 1078 atomic_dec(&ns->msg_hdrs); ··· 1236 1227 #ifdef CONFIG_PROC_FS 1237 1228 static int sysvipc_msg_proc_show(struct seq_file *s, void *it) 1238 1229 { 1230 + struct pid_namespace *pid_ns = ipc_seq_pid_ns(s); 1239 1231 struct user_namespace *user_ns = seq_user_ns(s); 1240 1232 struct kern_ipc_perm *ipcp = it; 1241 1233 struct msg_queue *msq = container_of(ipcp, struct msg_queue, q_perm); ··· 1248 1238 msq->q_perm.mode, 1249 1239 msq->q_cbytes, 1250 1240 msq->q_qnum, 1251 - msq->q_lspid, 1252 - msq->q_lrpid, 1241 + pid_nr_ns(msq->q_lspid, pid_ns), 1242 + pid_nr_ns(msq->q_lrpid, pid_ns), 1253 1243 from_kuid_munged(user_ns, msq->q_perm.uid), 1254 1244 from_kgid_munged(user_ns, msq->q_perm.gid), 1255 1245 from_kuid_munged(user_ns, msq->q_perm.cuid),
+53 -28
ipc/sem.c
··· 88 88 #include <linux/uaccess.h> 89 89 #include "util.h" 90 90 91 + /* One semaphore structure for each semaphore in the system. */ 92 + struct sem { 93 + int semval; /* current value */ 94 + /* 95 + * PID of the process that last modified the semaphore. For 96 + * Linux, specifically these are: 97 + * - semop 98 + * - semctl, via SETVAL and SETALL. 99 + * - at task exit when performing undo adjustments (see exit_sem). 100 + */ 101 + struct pid *sempid; 102 + spinlock_t lock; /* spinlock for fine-grained semtimedop */ 103 + struct list_head pending_alter; /* pending single-sop operations */ 104 + /* that alter the semaphore */ 105 + struct list_head pending_const; /* pending single-sop operations */ 106 + /* that do not alter the semaphore*/ 107 + time_t sem_otime; /* candidate for sem_otime */ 108 + } ____cacheline_aligned_in_smp; 109 + 110 + /* One sem_array data structure for each set of semaphores in the system. */ 111 + struct sem_array { 112 + struct kern_ipc_perm sem_perm; /* permissions .. see ipc.h */ 113 + time64_t sem_ctime; /* create/last semctl() time */ 114 + struct list_head pending_alter; /* pending operations */ 115 + /* that alter the array */ 116 + struct list_head pending_const; /* pending complex operations */ 117 + /* that do not alter semvals */ 118 + struct list_head list_id; /* undo requests on this array */ 119 + int sem_nsems; /* no. of semaphores in array */ 120 + int complex_count; /* pending complex operations */ 121 + unsigned int use_global_lock;/* >0: global lock required */ 122 + 123 + struct sem sems[]; 124 + } __randomize_layout; 91 125 92 126 /* One queue for each sleeping process in the system. */ 93 127 struct sem_queue { 94 128 struct list_head list; /* queue of pending operations */ 95 129 struct task_struct *sleeper; /* this process */ 96 130 struct sem_undo *undo; /* undo structure */ 97 - int pid; /* process id of requesting process */ 131 + struct pid *pid; /* process id of requesting process */ 98 132 int status; /* completion status of operation */ 99 133 struct sembuf *sops; /* array of pending operations */ 100 134 struct sembuf *blocking; /* the operation that blocked */ ··· 299 265 struct kern_ipc_perm *p = container_of(head, struct kern_ipc_perm, rcu); 300 266 struct sem_array *sma = container_of(p, struct sem_array, sem_perm); 301 267 302 - security_sem_free(sma); 268 + security_sem_free(&sma->sem_perm); 303 269 kvfree(sma); 304 270 } 305 271 ··· 529 495 sma->sem_perm.key = key; 530 496 531 497 sma->sem_perm.security = NULL; 532 - retval = security_sem_alloc(sma); 498 + retval = security_sem_alloc(&sma->sem_perm); 533 499 if (retval) { 534 500 kvfree(sma); 535 501 return retval; ··· 567 533 /* 568 534 * Called with sem_ids.rwsem and ipcp locked. 569 535 */ 570 - static inline int sem_security(struct kern_ipc_perm *ipcp, int semflg) 571 - { 572 - struct sem_array *sma; 573 - 574 - sma = container_of(ipcp, struct sem_array, sem_perm); 575 - return security_sem_associate(sma, semflg); 576 - } 577 - 578 - /* 579 - * Called with sem_ids.rwsem and ipcp locked. 580 - */ 581 536 static inline int sem_more_checks(struct kern_ipc_perm *ipcp, 582 537 struct ipc_params *params) 583 538 { ··· 584 561 struct ipc_namespace *ns; 585 562 static const struct ipc_ops sem_ops = { 586 563 .getnew = newary, 587 - .associate = sem_security, 564 + .associate = security_sem_associate, 588 565 .more_checks = sem_more_checks, 589 566 }; 590 567 struct ipc_params sem_params; ··· 625 602 */ 626 603 static int perform_atomic_semop_slow(struct sem_array *sma, struct sem_queue *q) 627 604 { 628 - int result, sem_op, nsops, pid; 605 + int result, sem_op, nsops; 606 + struct pid *pid; 629 607 struct sembuf *sop; 630 608 struct sem *curr; 631 609 struct sembuf *sops; ··· 664 640 sop--; 665 641 pid = q->pid; 666 642 while (sop >= sops) { 667 - sma->sems[sop->sem_num].sempid = pid; 643 + ipc_update_pid(&sma->sems[sop->sem_num].sempid, pid); 668 644 sop--; 669 645 } 670 646 ··· 751 727 un->semadj[sop->sem_num] = undo; 752 728 } 753 729 curr->semval += sem_op; 754 - curr->sempid = q->pid; 730 + ipc_update_pid(&curr->sempid, q->pid); 755 731 } 756 732 757 733 return 0; ··· 1158 1134 unlink_queue(sma, q); 1159 1135 wake_up_sem_queue_prepare(q, -EIDRM, &wake_q); 1160 1136 } 1137 + ipc_update_pid(&sem->sempid, NULL); 1161 1138 } 1162 1139 1163 1140 /* Remove the semaphore set from the IDR */ ··· 1239 1214 if (ipcperms(ns, &sma->sem_perm, S_IRUGO)) 1240 1215 goto out_unlock; 1241 1216 1242 - err = security_sem_semctl(sma, cmd); 1217 + err = security_sem_semctl(&sma->sem_perm, cmd); 1243 1218 if (err) 1244 1219 goto out_unlock; 1245 1220 ··· 1330 1305 return -EACCES; 1331 1306 } 1332 1307 1333 - err = security_sem_semctl(sma, SETVAL); 1308 + err = security_sem_semctl(&sma->sem_perm, SETVAL); 1334 1309 if (err) { 1335 1310 rcu_read_unlock(); 1336 1311 return -EACCES; ··· 1351 1326 un->semadj[semnum] = 0; 1352 1327 1353 1328 curr->semval = val; 1354 - curr->sempid = task_tgid_vnr(current); 1329 + ipc_update_pid(&curr->sempid, task_tgid(current)); 1355 1330 sma->sem_ctime = ktime_get_real_seconds(); 1356 1331 /* maybe some queued-up processes were waiting for this */ 1357 1332 do_smart_update(sma, NULL, 0, 0, &wake_q); ··· 1384 1359 if (ipcperms(ns, &sma->sem_perm, cmd == SETALL ? S_IWUGO : S_IRUGO)) 1385 1360 goto out_rcu_wakeup; 1386 1361 1387 - err = security_sem_semctl(sma, cmd); 1362 + err = security_sem_semctl(&sma->sem_perm, cmd); 1388 1363 if (err) 1389 1364 goto out_rcu_wakeup; 1390 1365 ··· 1472 1447 1473 1448 for (i = 0; i < nsems; i++) { 1474 1449 sma->sems[i].semval = sem_io[i]; 1475 - sma->sems[i].sempid = task_tgid_vnr(current); 1450 + ipc_update_pid(&sma->sems[i].sempid, task_tgid(current)); 1476 1451 } 1477 1452 1478 1453 ipc_assert_locked_object(&sma->sem_perm); ··· 1504 1479 err = curr->semval; 1505 1480 goto out_unlock; 1506 1481 case GETPID: 1507 - err = curr->sempid; 1482 + err = pid_vnr(curr->sempid); 1508 1483 goto out_unlock; 1509 1484 case GETNCNT: 1510 1485 err = count_semcnt(sma, semnum, 0); ··· 1575 1550 1576 1551 sma = container_of(ipcp, struct sem_array, sem_perm); 1577 1552 1578 - err = security_sem_semctl(sma, cmd); 1553 + err = security_sem_semctl(&sma->sem_perm, cmd); 1579 1554 if (err) 1580 1555 goto out_unlock1; 1581 1556 ··· 2002 1977 goto out_free; 2003 1978 } 2004 1979 2005 - error = security_sem_semop(sma, sops, nsops, alter); 1980 + error = security_sem_semop(&sma->sem_perm, sops, nsops, alter); 2006 1981 if (error) { 2007 1982 rcu_read_unlock(); 2008 1983 goto out_free; ··· 2033 2008 queue.sops = sops; 2034 2009 queue.nsops = nsops; 2035 2010 queue.undo = un; 2036 - queue.pid = task_tgid_vnr(current); 2011 + queue.pid = task_tgid(current); 2037 2012 queue.alter = alter; 2038 2013 queue.dupsop = dupsop; 2039 2014 ··· 2340 2315 semaphore->semval = 0; 2341 2316 if (semaphore->semval > SEMVMX) 2342 2317 semaphore->semval = SEMVMX; 2343 - semaphore->sempid = task_tgid_vnr(current); 2318 + ipc_update_pid(&semaphore->sempid, task_tgid(current)); 2344 2319 } 2345 2320 } 2346 2321 /* maybe some queued-up processes were waiting for this */
+42 -26
ipc/shm.c
··· 48 48 49 49 #include "util.h" 50 50 51 + struct shmid_kernel /* private to the kernel */ 52 + { 53 + struct kern_ipc_perm shm_perm; 54 + struct file *shm_file; 55 + unsigned long shm_nattch; 56 + unsigned long shm_segsz; 57 + time64_t shm_atim; 58 + time64_t shm_dtim; 59 + time64_t shm_ctim; 60 + struct pid *shm_cprid; 61 + struct pid *shm_lprid; 62 + struct user_struct *mlock_user; 63 + 64 + /* The task created the shm object. NULL if the task is dead. */ 65 + struct task_struct *shm_creator; 66 + struct list_head shm_clist; /* list by creator */ 67 + } __randomize_layout; 68 + 69 + /* shm_mode upper byte flags */ 70 + #define SHM_DEST 01000 /* segment will be destroyed on last detach */ 71 + #define SHM_LOCKED 02000 /* segment will not be swapped */ 72 + 51 73 struct shm_file_data { 52 74 int id; 53 75 struct ipc_namespace *ns; ··· 203 181 rcu); 204 182 struct shmid_kernel *shp = container_of(ptr, struct shmid_kernel, 205 183 shm_perm); 206 - security_shm_free(shp); 184 + security_shm_free(&shp->shm_perm); 207 185 kvfree(shp); 208 186 } 209 187 ··· 226 204 return PTR_ERR(shp); 227 205 228 206 shp->shm_atim = ktime_get_real_seconds(); 229 - shp->shm_lprid = task_tgid_vnr(current); 207 + ipc_update_pid(&shp->shm_lprid, task_tgid(current)); 230 208 shp->shm_nattch++; 231 209 shm_unlock(shp); 232 210 return 0; ··· 267 245 user_shm_unlock(i_size_read(file_inode(shm_file)), 268 246 shp->mlock_user); 269 247 fput(shm_file); 248 + ipc_update_pid(&shp->shm_cprid, NULL); 249 + ipc_update_pid(&shp->shm_lprid, NULL); 270 250 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free); 271 251 } 272 252 ··· 313 289 if (WARN_ON_ONCE(IS_ERR(shp))) 314 290 goto done; /* no-op */ 315 291 316 - shp->shm_lprid = task_tgid_vnr(current); 292 + ipc_update_pid(&shp->shm_lprid, task_tgid(current)); 317 293 shp->shm_dtim = ktime_get_real_seconds(); 318 294 shp->shm_nattch--; 319 295 if (shm_may_destroy(ns, shp)) ··· 590 566 shp->mlock_user = NULL; 591 567 592 568 shp->shm_perm.security = NULL; 593 - error = security_shm_alloc(shp); 569 + error = security_shm_alloc(&shp->shm_perm); 594 570 if (error) { 595 571 kvfree(shp); 596 572 return error; ··· 628 604 if (IS_ERR(file)) 629 605 goto no_file; 630 606 631 - shp->shm_cprid = task_tgid_vnr(current); 632 - shp->shm_lprid = 0; 607 + shp->shm_cprid = get_pid(task_tgid(current)); 608 + shp->shm_lprid = NULL; 633 609 shp->shm_atim = shp->shm_dtim = 0; 634 610 shp->shm_ctim = ktime_get_real_seconds(); 635 611 shp->shm_segsz = size; ··· 658 634 return error; 659 635 660 636 no_id: 637 + ipc_update_pid(&shp->shm_cprid, NULL); 638 + ipc_update_pid(&shp->shm_lprid, NULL); 661 639 if (is_file_hugepages(file) && shp->mlock_user) 662 640 user_shm_unlock(size, shp->mlock_user); 663 641 fput(file); 664 642 no_file: 665 643 call_rcu(&shp->shm_perm.rcu, shm_rcu_free); 666 644 return error; 667 - } 668 - 669 - /* 670 - * Called with shm_ids.rwsem and ipcp locked. 671 - */ 672 - static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg) 673 - { 674 - struct shmid_kernel *shp; 675 - 676 - shp = container_of(ipcp, struct shmid_kernel, shm_perm); 677 - return security_shm_associate(shp, shmflg); 678 645 } 679 646 680 647 /* ··· 688 673 struct ipc_namespace *ns; 689 674 static const struct ipc_ops shm_ops = { 690 675 .getnew = newseg, 691 - .associate = shm_security, 676 + .associate = security_shm_associate, 692 677 .more_checks = shm_more_checks, 693 678 }; 694 679 struct ipc_params shm_params; ··· 867 852 868 853 shp = container_of(ipcp, struct shmid_kernel, shm_perm); 869 854 870 - err = security_shm_shmctl(shp, cmd); 855 + err = security_shm_shmctl(&shp->shm_perm, cmd); 871 856 if (err) 872 857 goto out_unlock1; 873 858 ··· 966 951 if (ipcperms(ns, &shp->shm_perm, S_IRUGO)) 967 952 goto out_unlock; 968 953 969 - err = security_shm_shmctl(shp, cmd); 954 + err = security_shm_shmctl(&shp->shm_perm, cmd); 970 955 if (err) 971 956 goto out_unlock; 972 957 ··· 983 968 tbuf->shm_atime = shp->shm_atim; 984 969 tbuf->shm_dtime = shp->shm_dtim; 985 970 tbuf->shm_ctime = shp->shm_ctim; 986 - tbuf->shm_cpid = shp->shm_cprid; 987 - tbuf->shm_lpid = shp->shm_lprid; 971 + tbuf->shm_cpid = pid_vnr(shp->shm_cprid); 972 + tbuf->shm_lpid = pid_vnr(shp->shm_lprid); 988 973 tbuf->shm_nattch = shp->shm_nattch; 989 974 990 975 ipc_unlock_object(&shp->shm_perm); ··· 1010 995 } 1011 996 1012 997 audit_ipc_obj(&(shp->shm_perm)); 1013 - err = security_shm_shmctl(shp, cmd); 998 + err = security_shm_shmctl(&shp->shm_perm, cmd); 1014 999 if (err) 1015 1000 goto out_unlock1; 1016 1001 ··· 1390 1375 if (ipcperms(ns, &shp->shm_perm, acc_mode)) 1391 1376 goto out_unlock; 1392 1377 1393 - err = security_shm_shmat(shp, shmaddr, shmflg); 1378 + err = security_shm_shmat(&shp->shm_perm, shmaddr, shmflg); 1394 1379 if (err) 1395 1380 goto out_unlock; 1396 1381 ··· 1633 1618 #ifdef CONFIG_PROC_FS 1634 1619 static int sysvipc_shm_proc_show(struct seq_file *s, void *it) 1635 1620 { 1621 + struct pid_namespace *pid_ns = ipc_seq_pid_ns(s); 1636 1622 struct user_namespace *user_ns = seq_user_ns(s); 1637 1623 struct kern_ipc_perm *ipcp = it; 1638 1624 struct shmid_kernel *shp; ··· 1656 1640 shp->shm_perm.id, 1657 1641 shp->shm_perm.mode, 1658 1642 shp->shm_segsz, 1659 - shp->shm_cprid, 1660 - shp->shm_lprid, 1643 + pid_nr_ns(shp->shm_cprid, pid_ns), 1644 + pid_nr_ns(shp->shm_lprid, pid_ns), 1661 1645 shp->shm_nattch, 1662 1646 from_kuid_munged(user_ns, shp->shm_perm.uid), 1663 1647 from_kgid_munged(user_ns, shp->shm_perm.gid),
+9
ipc/util.c
··· 747 747 #ifdef CONFIG_PROC_FS 748 748 struct ipc_proc_iter { 749 749 struct ipc_namespace *ns; 750 + struct pid_namespace *pid_ns; 750 751 struct ipc_proc_iface *iface; 751 752 }; 753 + 754 + struct pid_namespace *ipc_seq_pid_ns(struct seq_file *s) 755 + { 756 + struct ipc_proc_iter *iter = s->private; 757 + return iter->pid_ns; 758 + } 752 759 753 760 /* 754 761 * This routine locks the ipc structure found at least at position pos. ··· 879 872 880 873 iter->iface = PDE_DATA(inode); 881 874 iter->ns = get_ipc_ns(current->nsproxy->ipc_ns); 875 + iter->pid_ns = get_pid_ns(task_active_pid_ns(current)); 882 876 883 877 return 0; 884 878 } ··· 889 881 struct seq_file *seq = file->private_data; 890 882 struct ipc_proc_iter *iter = seq->private; 891 883 put_ipc_ns(iter->ns); 884 + put_pid_ns(iter->pid_ns); 892 885 return seq_release_private(inode, file); 893 886 } 894 887
+12
ipc/util.h
··· 15 15 #include <linux/err.h> 16 16 #include <linux/ipc_namespace.h> 17 17 18 + #define IPCMNI 32768 /* <= MAX_INT limit for ipc arrays (including sysctl changes) */ 18 19 #define SEQ_MULTIPLIER (IPCMNI) 19 20 20 21 int sem_init(void); ··· 23 22 void shm_init(void); 24 23 25 24 struct ipc_namespace; 25 + struct pid_namespace; 26 26 27 27 #ifdef CONFIG_POSIX_MQUEUE 28 28 extern void mq_clear_sbinfo(struct ipc_namespace *ns); ··· 87 85 #ifdef CONFIG_PROC_FS 88 86 void __init ipc_init_proc_interface(const char *path, const char *header, 89 87 int ids, int (*show)(struct seq_file *, void *)); 88 + struct pid_namespace *ipc_seq_pid_ns(struct seq_file *); 90 89 #else 91 90 #define ipc_init_proc_interface(path, header, ids, show) do {} while (0) 92 91 #endif ··· 151 148 struct kern_ipc_perm *ipcctl_pre_down_nolock(struct ipc_namespace *ns, 152 149 struct ipc_ids *ids, int id, int cmd, 153 150 struct ipc64_perm *perm, int extra_perm); 151 + 152 + static inline void ipc_update_pid(struct pid **pos, struct pid *pid) 153 + { 154 + struct pid *old = *pos; 155 + if (old != pid) { 156 + *pos = get_pid(pid); 157 + put_pid(old); 158 + } 159 + } 154 160 155 161 #ifndef CONFIG_ARCH_WANT_IPC_PARSE_VERSION 156 162 /* On IA-64, we always use the "64-bit version" of the IPC structures. */
+23 -42
kernel/pid_namespace.c
··· 23 23 #include <linux/sched/signal.h> 24 24 #include <linux/idr.h> 25 25 26 - struct pid_cache { 27 - int nr_ids; 28 - char name[16]; 29 - struct kmem_cache *cachep; 30 - struct list_head list; 31 - }; 32 - 33 - static LIST_HEAD(pid_caches_lh); 34 26 static DEFINE_MUTEX(pid_caches_mutex); 35 27 static struct kmem_cache *pid_ns_cachep; 28 + /* MAX_PID_NS_LEVEL is needed for limiting size of 'struct pid' */ 29 + #define MAX_PID_NS_LEVEL 32 30 + /* Write once array, filled from the beginning. */ 31 + static struct kmem_cache *pid_cache[MAX_PID_NS_LEVEL]; 36 32 37 33 /* 38 34 * creates the kmem cache to allocate pids from. 39 - * @nr_ids: the number of numerical ids this pid will have to carry 35 + * @level: pid namespace level 40 36 */ 41 37 42 - static struct kmem_cache *create_pid_cachep(int nr_ids) 38 + static struct kmem_cache *create_pid_cachep(unsigned int level) 43 39 { 44 - struct pid_cache *pcache; 45 - struct kmem_cache *cachep; 40 + /* Level 0 is init_pid_ns.pid_cachep */ 41 + struct kmem_cache **pkc = &pid_cache[level - 1]; 42 + struct kmem_cache *kc; 43 + char name[4 + 10 + 1]; 44 + unsigned int len; 46 45 46 + kc = READ_ONCE(*pkc); 47 + if (kc) 48 + return kc; 49 + 50 + snprintf(name, sizeof(name), "pid_%u", level + 1); 51 + len = sizeof(struct pid) + level * sizeof(struct upid); 47 52 mutex_lock(&pid_caches_mutex); 48 - list_for_each_entry(pcache, &pid_caches_lh, list) 49 - if (pcache->nr_ids == nr_ids) 50 - goto out; 51 - 52 - pcache = kmalloc(sizeof(struct pid_cache), GFP_KERNEL); 53 - if (pcache == NULL) 54 - goto err_alloc; 55 - 56 - snprintf(pcache->name, sizeof(pcache->name), "pid_%d", nr_ids); 57 - cachep = kmem_cache_create(pcache->name, 58 - sizeof(struct pid) + (nr_ids - 1) * sizeof(struct upid), 59 - 0, SLAB_HWCACHE_ALIGN, NULL); 60 - if (cachep == NULL) 61 - goto err_cachep; 62 - 63 - pcache->nr_ids = nr_ids; 64 - pcache->cachep = cachep; 65 - list_add(&pcache->list, &pid_caches_lh); 66 - out: 53 + /* Name collision forces to do allocation under mutex. */ 54 + if (!*pkc) 55 + *pkc = kmem_cache_create(name, len, 0, SLAB_HWCACHE_ALIGN, 0); 67 56 mutex_unlock(&pid_caches_mutex); 68 - return pcache->cachep; 69 - 70 - err_cachep: 71 - kfree(pcache); 72 - err_alloc: 73 - mutex_unlock(&pid_caches_mutex); 74 - return NULL; 57 + /* current can fail, but someone else can succeed. */ 58 + return READ_ONCE(*pkc); 75 59 } 76 60 77 61 static void proc_cleanup_work(struct work_struct *work) ··· 63 79 struct pid_namespace *ns = container_of(work, struct pid_namespace, proc_work); 64 80 pid_ns_release_proc(ns); 65 81 } 66 - 67 - /* MAX_PID_NS_LEVEL is needed for limiting size of 'struct pid' */ 68 - #define MAX_PID_NS_LEVEL 32 69 82 70 83 static struct ucounts *inc_pid_namespaces(struct user_namespace *ns) 71 84 { ··· 100 119 101 120 idr_init(&ns->idr); 102 121 103 - ns->pid_cachep = create_pid_cachep(level + 1); 122 + ns->pid_cachep = create_pid_cachep(level); 104 123 if (ns->pid_cachep == NULL) 105 124 goto out_free_idr; 106 125
+16 -16
security/security.c
··· 1163 1163 call_void_hook(msg_msg_free_security, msg); 1164 1164 } 1165 1165 1166 - int security_msg_queue_alloc(struct msg_queue *msq) 1166 + int security_msg_queue_alloc(struct kern_ipc_perm *msq) 1167 1167 { 1168 1168 return call_int_hook(msg_queue_alloc_security, 0, msq); 1169 1169 } 1170 1170 1171 - void security_msg_queue_free(struct msg_queue *msq) 1171 + void security_msg_queue_free(struct kern_ipc_perm *msq) 1172 1172 { 1173 1173 call_void_hook(msg_queue_free_security, msq); 1174 1174 } 1175 1175 1176 - int security_msg_queue_associate(struct msg_queue *msq, int msqflg) 1176 + int security_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg) 1177 1177 { 1178 1178 return call_int_hook(msg_queue_associate, 0, msq, msqflg); 1179 1179 } 1180 1180 1181 - int security_msg_queue_msgctl(struct msg_queue *msq, int cmd) 1181 + int security_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) 1182 1182 { 1183 1183 return call_int_hook(msg_queue_msgctl, 0, msq, cmd); 1184 1184 } 1185 1185 1186 - int security_msg_queue_msgsnd(struct msg_queue *msq, 1186 + int security_msg_queue_msgsnd(struct kern_ipc_perm *msq, 1187 1187 struct msg_msg *msg, int msqflg) 1188 1188 { 1189 1189 return call_int_hook(msg_queue_msgsnd, 0, msq, msg, msqflg); 1190 1190 } 1191 1191 1192 - int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, 1192 + int security_msg_queue_msgrcv(struct kern_ipc_perm *msq, struct msg_msg *msg, 1193 1193 struct task_struct *target, long type, int mode) 1194 1194 { 1195 1195 return call_int_hook(msg_queue_msgrcv, 0, msq, msg, target, type, mode); 1196 1196 } 1197 1197 1198 - int security_shm_alloc(struct shmid_kernel *shp) 1198 + int security_shm_alloc(struct kern_ipc_perm *shp) 1199 1199 { 1200 1200 return call_int_hook(shm_alloc_security, 0, shp); 1201 1201 } 1202 1202 1203 - void security_shm_free(struct shmid_kernel *shp) 1203 + void security_shm_free(struct kern_ipc_perm *shp) 1204 1204 { 1205 1205 call_void_hook(shm_free_security, shp); 1206 1206 } 1207 1207 1208 - int security_shm_associate(struct shmid_kernel *shp, int shmflg) 1208 + int security_shm_associate(struct kern_ipc_perm *shp, int shmflg) 1209 1209 { 1210 1210 return call_int_hook(shm_associate, 0, shp, shmflg); 1211 1211 } 1212 1212 1213 - int security_shm_shmctl(struct shmid_kernel *shp, int cmd) 1213 + int security_shm_shmctl(struct kern_ipc_perm *shp, int cmd) 1214 1214 { 1215 1215 return call_int_hook(shm_shmctl, 0, shp, cmd); 1216 1216 } 1217 1217 1218 - int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg) 1218 + int security_shm_shmat(struct kern_ipc_perm *shp, char __user *shmaddr, int shmflg) 1219 1219 { 1220 1220 return call_int_hook(shm_shmat, 0, shp, shmaddr, shmflg); 1221 1221 } 1222 1222 1223 - int security_sem_alloc(struct sem_array *sma) 1223 + int security_sem_alloc(struct kern_ipc_perm *sma) 1224 1224 { 1225 1225 return call_int_hook(sem_alloc_security, 0, sma); 1226 1226 } 1227 1227 1228 - void security_sem_free(struct sem_array *sma) 1228 + void security_sem_free(struct kern_ipc_perm *sma) 1229 1229 { 1230 1230 call_void_hook(sem_free_security, sma); 1231 1231 } 1232 1232 1233 - int security_sem_associate(struct sem_array *sma, int semflg) 1233 + int security_sem_associate(struct kern_ipc_perm *sma, int semflg) 1234 1234 { 1235 1235 return call_int_hook(sem_associate, 0, sma, semflg); 1236 1236 } 1237 1237 1238 - int security_sem_semctl(struct sem_array *sma, int cmd) 1238 + int security_sem_semctl(struct kern_ipc_perm *sma, int cmd) 1239 1239 { 1240 1240 return call_int_hook(sem_semctl, 0, sma, cmd); 1241 1241 } 1242 1242 1243 - int security_sem_semop(struct sem_array *sma, struct sembuf *sops, 1243 + int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops, 1244 1244 unsigned nsops, int alter) 1245 1245 { 1246 1246 return call_int_hook(sem_semop, 0, sma, sops, nsops, alter);
+46 -46
security/selinux/hooks.c
··· 5532 5532 } 5533 5533 5534 5534 /* message queue security operations */ 5535 - static int selinux_msg_queue_alloc_security(struct msg_queue *msq) 5535 + static int selinux_msg_queue_alloc_security(struct kern_ipc_perm *msq) 5536 5536 { 5537 5537 struct ipc_security_struct *isec; 5538 5538 struct common_audit_data ad; 5539 5539 u32 sid = current_sid(); 5540 5540 int rc; 5541 5541 5542 - rc = ipc_alloc_security(&msq->q_perm, SECCLASS_MSGQ); 5542 + rc = ipc_alloc_security(msq, SECCLASS_MSGQ); 5543 5543 if (rc) 5544 5544 return rc; 5545 5545 5546 - isec = msq->q_perm.security; 5546 + isec = msq->security; 5547 5547 5548 5548 ad.type = LSM_AUDIT_DATA_IPC; 5549 - ad.u.ipc_id = msq->q_perm.key; 5549 + ad.u.ipc_id = msq->key; 5550 5550 5551 5551 rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, 5552 5552 MSGQ__CREATE, &ad); 5553 5553 if (rc) { 5554 - ipc_free_security(&msq->q_perm); 5554 + ipc_free_security(msq); 5555 5555 return rc; 5556 5556 } 5557 5557 return 0; 5558 5558 } 5559 5559 5560 - static void selinux_msg_queue_free_security(struct msg_queue *msq) 5560 + static void selinux_msg_queue_free_security(struct kern_ipc_perm *msq) 5561 5561 { 5562 - ipc_free_security(&msq->q_perm); 5562 + ipc_free_security(msq); 5563 5563 } 5564 5564 5565 - static int selinux_msg_queue_associate(struct msg_queue *msq, int msqflg) 5565 + static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg) 5566 5566 { 5567 5567 struct ipc_security_struct *isec; 5568 5568 struct common_audit_data ad; 5569 5569 u32 sid = current_sid(); 5570 5570 5571 - isec = msq->q_perm.security; 5571 + isec = msq->security; 5572 5572 5573 5573 ad.type = LSM_AUDIT_DATA_IPC; 5574 - ad.u.ipc_id = msq->q_perm.key; 5574 + ad.u.ipc_id = msq->key; 5575 5575 5576 5576 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, 5577 5577 MSGQ__ASSOCIATE, &ad); 5578 5578 } 5579 5579 5580 - static int selinux_msg_queue_msgctl(struct msg_queue *msq, int cmd) 5580 + static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd) 5581 5581 { 5582 5582 int err; 5583 5583 int perms; ··· 5602 5602 return 0; 5603 5603 } 5604 5604 5605 - err = ipc_has_perm(&msq->q_perm, perms); 5605 + err = ipc_has_perm(msq, perms); 5606 5606 return err; 5607 5607 } 5608 5608 5609 - static int selinux_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, int msqflg) 5609 + static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *msg, int msqflg) 5610 5610 { 5611 5611 struct ipc_security_struct *isec; 5612 5612 struct msg_security_struct *msec; ··· 5614 5614 u32 sid = current_sid(); 5615 5615 int rc; 5616 5616 5617 - isec = msq->q_perm.security; 5617 + isec = msq->security; 5618 5618 msec = msg->security; 5619 5619 5620 5620 /* ··· 5632 5632 } 5633 5633 5634 5634 ad.type = LSM_AUDIT_DATA_IPC; 5635 - ad.u.ipc_id = msq->q_perm.key; 5635 + ad.u.ipc_id = msq->key; 5636 5636 5637 5637 /* Can this process write to the queue? */ 5638 5638 rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, ··· 5649 5649 return rc; 5650 5650 } 5651 5651 5652 - static int selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, 5652 + static int selinux_msg_queue_msgrcv(struct kern_ipc_perm *msq, struct msg_msg *msg, 5653 5653 struct task_struct *target, 5654 5654 long type, int mode) 5655 5655 { ··· 5659 5659 u32 sid = task_sid(target); 5660 5660 int rc; 5661 5661 5662 - isec = msq->q_perm.security; 5662 + isec = msq->security; 5663 5663 msec = msg->security; 5664 5664 5665 5665 ad.type = LSM_AUDIT_DATA_IPC; 5666 - ad.u.ipc_id = msq->q_perm.key; 5666 + ad.u.ipc_id = msq->key; 5667 5667 5668 5668 rc = avc_has_perm(sid, isec->sid, 5669 5669 SECCLASS_MSGQ, MSGQ__READ, &ad); ··· 5674 5674 } 5675 5675 5676 5676 /* Shared Memory security operations */ 5677 - static int selinux_shm_alloc_security(struct shmid_kernel *shp) 5677 + static int selinux_shm_alloc_security(struct kern_ipc_perm *shp) 5678 5678 { 5679 5679 struct ipc_security_struct *isec; 5680 5680 struct common_audit_data ad; 5681 5681 u32 sid = current_sid(); 5682 5682 int rc; 5683 5683 5684 - rc = ipc_alloc_security(&shp->shm_perm, SECCLASS_SHM); 5684 + rc = ipc_alloc_security(shp, SECCLASS_SHM); 5685 5685 if (rc) 5686 5686 return rc; 5687 5687 5688 - isec = shp->shm_perm.security; 5688 + isec = shp->security; 5689 5689 5690 5690 ad.type = LSM_AUDIT_DATA_IPC; 5691 - ad.u.ipc_id = shp->shm_perm.key; 5691 + ad.u.ipc_id = shp->key; 5692 5692 5693 5693 rc = avc_has_perm(sid, isec->sid, SECCLASS_SHM, 5694 5694 SHM__CREATE, &ad); 5695 5695 if (rc) { 5696 - ipc_free_security(&shp->shm_perm); 5696 + ipc_free_security(shp); 5697 5697 return rc; 5698 5698 } 5699 5699 return 0; 5700 5700 } 5701 5701 5702 - static void selinux_shm_free_security(struct shmid_kernel *shp) 5702 + static void selinux_shm_free_security(struct kern_ipc_perm *shp) 5703 5703 { 5704 - ipc_free_security(&shp->shm_perm); 5704 + ipc_free_security(shp); 5705 5705 } 5706 5706 5707 - static int selinux_shm_associate(struct shmid_kernel *shp, int shmflg) 5707 + static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg) 5708 5708 { 5709 5709 struct ipc_security_struct *isec; 5710 5710 struct common_audit_data ad; 5711 5711 u32 sid = current_sid(); 5712 5712 5713 - isec = shp->shm_perm.security; 5713 + isec = shp->security; 5714 5714 5715 5715 ad.type = LSM_AUDIT_DATA_IPC; 5716 - ad.u.ipc_id = shp->shm_perm.key; 5716 + ad.u.ipc_id = shp->key; 5717 5717 5718 5718 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, 5719 5719 SHM__ASSOCIATE, &ad); 5720 5720 } 5721 5721 5722 5722 /* Note, at this point, shp is locked down */ 5723 - static int selinux_shm_shmctl(struct shmid_kernel *shp, int cmd) 5723 + static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd) 5724 5724 { 5725 5725 int perms; 5726 5726 int err; ··· 5749 5749 return 0; 5750 5750 } 5751 5751 5752 - err = ipc_has_perm(&shp->shm_perm, perms); 5752 + err = ipc_has_perm(shp, perms); 5753 5753 return err; 5754 5754 } 5755 5755 5756 - static int selinux_shm_shmat(struct shmid_kernel *shp, 5756 + static int selinux_shm_shmat(struct kern_ipc_perm *shp, 5757 5757 char __user *shmaddr, int shmflg) 5758 5758 { 5759 5759 u32 perms; ··· 5763 5763 else 5764 5764 perms = SHM__READ | SHM__WRITE; 5765 5765 5766 - return ipc_has_perm(&shp->shm_perm, perms); 5766 + return ipc_has_perm(shp, perms); 5767 5767 } 5768 5768 5769 5769 /* Semaphore security operations */ 5770 - static int selinux_sem_alloc_security(struct sem_array *sma) 5770 + static int selinux_sem_alloc_security(struct kern_ipc_perm *sma) 5771 5771 { 5772 5772 struct ipc_security_struct *isec; 5773 5773 struct common_audit_data ad; 5774 5774 u32 sid = current_sid(); 5775 5775 int rc; 5776 5776 5777 - rc = ipc_alloc_security(&sma->sem_perm, SECCLASS_SEM); 5777 + rc = ipc_alloc_security(sma, SECCLASS_SEM); 5778 5778 if (rc) 5779 5779 return rc; 5780 5780 5781 - isec = sma->sem_perm.security; 5781 + isec = sma->security; 5782 5782 5783 5783 ad.type = LSM_AUDIT_DATA_IPC; 5784 - ad.u.ipc_id = sma->sem_perm.key; 5784 + ad.u.ipc_id = sma->key; 5785 5785 5786 5786 rc = avc_has_perm(sid, isec->sid, SECCLASS_SEM, 5787 5787 SEM__CREATE, &ad); 5788 5788 if (rc) { 5789 - ipc_free_security(&sma->sem_perm); 5789 + ipc_free_security(sma); 5790 5790 return rc; 5791 5791 } 5792 5792 return 0; 5793 5793 } 5794 5794 5795 - static void selinux_sem_free_security(struct sem_array *sma) 5795 + static void selinux_sem_free_security(struct kern_ipc_perm *sma) 5796 5796 { 5797 - ipc_free_security(&sma->sem_perm); 5797 + ipc_free_security(sma); 5798 5798 } 5799 5799 5800 - static int selinux_sem_associate(struct sem_array *sma, int semflg) 5800 + static int selinux_sem_associate(struct kern_ipc_perm *sma, int semflg) 5801 5801 { 5802 5802 struct ipc_security_struct *isec; 5803 5803 struct common_audit_data ad; 5804 5804 u32 sid = current_sid(); 5805 5805 5806 - isec = sma->sem_perm.security; 5806 + isec = sma->security; 5807 5807 5808 5808 ad.type = LSM_AUDIT_DATA_IPC; 5809 - ad.u.ipc_id = sma->sem_perm.key; 5809 + ad.u.ipc_id = sma->key; 5810 5810 5811 5811 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, 5812 5812 SEM__ASSOCIATE, &ad); 5813 5813 } 5814 5814 5815 5815 /* Note, at this point, sma is locked down */ 5816 - static int selinux_sem_semctl(struct sem_array *sma, int cmd) 5816 + static int selinux_sem_semctl(struct kern_ipc_perm *sma, int cmd) 5817 5817 { 5818 5818 int err; 5819 5819 u32 perms; ··· 5851 5851 return 0; 5852 5852 } 5853 5853 5854 - err = ipc_has_perm(&sma->sem_perm, perms); 5854 + err = ipc_has_perm(sma, perms); 5855 5855 return err; 5856 5856 } 5857 5857 5858 - static int selinux_sem_semop(struct sem_array *sma, 5858 + static int selinux_sem_semop(struct kern_ipc_perm *sma, 5859 5859 struct sembuf *sops, unsigned nsops, int alter) 5860 5860 { 5861 5861 u32 perms; ··· 5865 5865 else 5866 5866 perms = SEM__READ; 5867 5867 5868 - return ipc_has_perm(&sma->sem_perm, perms); 5868 + return ipc_has_perm(sma, perms); 5869 5869 } 5870 5870 5871 5871 static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
+58 -139
security/smack/smack_lsm.c
··· 2945 2945 } 2946 2946 2947 2947 /** 2948 - * smack_of_shm - the smack pointer for the shm 2949 - * @shp: the object 2948 + * smack_of_ipc - the smack pointer for the ipc 2949 + * @isp: the object 2950 2950 * 2951 2951 * Returns a pointer to the smack value 2952 2952 */ 2953 - static struct smack_known *smack_of_shm(struct shmid_kernel *shp) 2953 + static struct smack_known *smack_of_ipc(struct kern_ipc_perm *isp) 2954 2954 { 2955 - return (struct smack_known *)shp->shm_perm.security; 2955 + return (struct smack_known *)isp->security; 2956 2956 } 2957 2957 2958 2958 /** 2959 - * smack_shm_alloc_security - Set the security blob for shm 2960 - * @shp: the object 2959 + * smack_ipc_alloc_security - Set the security blob for ipc 2960 + * @isp: the object 2961 2961 * 2962 2962 * Returns 0 2963 2963 */ 2964 - static int smack_shm_alloc_security(struct shmid_kernel *shp) 2964 + static int smack_ipc_alloc_security(struct kern_ipc_perm *isp) 2965 2965 { 2966 - struct kern_ipc_perm *isp = &shp->shm_perm; 2967 2966 struct smack_known *skp = smk_of_current(); 2968 2967 2969 2968 isp->security = skp; ··· 2970 2971 } 2971 2972 2972 2973 /** 2973 - * smack_shm_free_security - Clear the security blob for shm 2974 - * @shp: the object 2974 + * smack_ipc_free_security - Clear the security blob for ipc 2975 + * @isp: the object 2975 2976 * 2976 2977 * Clears the blob pointer 2977 2978 */ 2978 - static void smack_shm_free_security(struct shmid_kernel *shp) 2979 + static void smack_ipc_free_security(struct kern_ipc_perm *isp) 2979 2980 { 2980 - struct kern_ipc_perm *isp = &shp->shm_perm; 2981 - 2982 2981 isp->security = NULL; 2983 2982 } 2984 2983 2985 2984 /** 2986 2985 * smk_curacc_shm : check if current has access on shm 2987 - * @shp : the object 2986 + * @isp : the object 2988 2987 * @access : access requested 2989 2988 * 2990 2989 * Returns 0 if current has the requested access, error code otherwise 2991 2990 */ 2992 - static int smk_curacc_shm(struct shmid_kernel *shp, int access) 2991 + static int smk_curacc_shm(struct kern_ipc_perm *isp, int access) 2993 2992 { 2994 - struct smack_known *ssp = smack_of_shm(shp); 2993 + struct smack_known *ssp = smack_of_ipc(isp); 2995 2994 struct smk_audit_info ad; 2996 2995 int rc; 2997 2996 2998 2997 #ifdef CONFIG_AUDIT 2999 2998 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); 3000 - ad.a.u.ipc_id = shp->shm_perm.id; 2999 + ad.a.u.ipc_id = isp->id; 3001 3000 #endif 3002 3001 rc = smk_curacc(ssp, access, &ad); 3003 3002 rc = smk_bu_current("shm", ssp, access, rc); ··· 3004 3007 3005 3008 /** 3006 3009 * smack_shm_associate - Smack access check for shm 3007 - * @shp: the object 3010 + * @isp: the object 3008 3011 * @shmflg: access requested 3009 3012 * 3010 3013 * Returns 0 if current has the requested access, error code otherwise 3011 3014 */ 3012 - static int smack_shm_associate(struct shmid_kernel *shp, int shmflg) 3015 + static int smack_shm_associate(struct kern_ipc_perm *isp, int shmflg) 3013 3016 { 3014 3017 int may; 3015 3018 3016 3019 may = smack_flags_to_may(shmflg); 3017 - return smk_curacc_shm(shp, may); 3020 + return smk_curacc_shm(isp, may); 3018 3021 } 3019 3022 3020 3023 /** 3021 3024 * smack_shm_shmctl - Smack access check for shm 3022 - * @shp: the object 3025 + * @isp: the object 3023 3026 * @cmd: what it wants to do 3024 3027 * 3025 3028 * Returns 0 if current has the requested access, error code otherwise 3026 3029 */ 3027 - static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) 3030 + static int smack_shm_shmctl(struct kern_ipc_perm *isp, int cmd) 3028 3031 { 3029 3032 int may; 3030 3033 ··· 3048 3051 default: 3049 3052 return -EINVAL; 3050 3053 } 3051 - return smk_curacc_shm(shp, may); 3054 + return smk_curacc_shm(isp, may); 3052 3055 } 3053 3056 3054 3057 /** 3055 3058 * smack_shm_shmat - Smack access for shmat 3056 - * @shp: the object 3059 + * @isp: the object 3057 3060 * @shmaddr: unused 3058 3061 * @shmflg: access requested 3059 3062 * 3060 3063 * Returns 0 if current has the requested access, error code otherwise 3061 3064 */ 3062 - static int smack_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, 3065 + static int smack_shm_shmat(struct kern_ipc_perm *ipc, char __user *shmaddr, 3063 3066 int shmflg) 3064 3067 { 3065 3068 int may; 3066 3069 3067 3070 may = smack_flags_to_may(shmflg); 3068 - return smk_curacc_shm(shp, may); 3069 - } 3070 - 3071 - /** 3072 - * smack_of_sem - the smack pointer for the sem 3073 - * @sma: the object 3074 - * 3075 - * Returns a pointer to the smack value 3076 - */ 3077 - static struct smack_known *smack_of_sem(struct sem_array *sma) 3078 - { 3079 - return (struct smack_known *)sma->sem_perm.security; 3080 - } 3081 - 3082 - /** 3083 - * smack_sem_alloc_security - Set the security blob for sem 3084 - * @sma: the object 3085 - * 3086 - * Returns 0 3087 - */ 3088 - static int smack_sem_alloc_security(struct sem_array *sma) 3089 - { 3090 - struct kern_ipc_perm *isp = &sma->sem_perm; 3091 - struct smack_known *skp = smk_of_current(); 3092 - 3093 - isp->security = skp; 3094 - return 0; 3095 - } 3096 - 3097 - /** 3098 - * smack_sem_free_security - Clear the security blob for sem 3099 - * @sma: the object 3100 - * 3101 - * Clears the blob pointer 3102 - */ 3103 - static void smack_sem_free_security(struct sem_array *sma) 3104 - { 3105 - struct kern_ipc_perm *isp = &sma->sem_perm; 3106 - 3107 - isp->security = NULL; 3071 + return smk_curacc_shm(ipc, may); 3108 3072 } 3109 3073 3110 3074 /** 3111 3075 * smk_curacc_sem : check if current has access on sem 3112 - * @sma : the object 3076 + * @isp : the object 3113 3077 * @access : access requested 3114 3078 * 3115 3079 * Returns 0 if current has the requested access, error code otherwise 3116 3080 */ 3117 - static int smk_curacc_sem(struct sem_array *sma, int access) 3081 + static int smk_curacc_sem(struct kern_ipc_perm *isp, int access) 3118 3082 { 3119 - struct smack_known *ssp = smack_of_sem(sma); 3083 + struct smack_known *ssp = smack_of_ipc(isp); 3120 3084 struct smk_audit_info ad; 3121 3085 int rc; 3122 3086 3123 3087 #ifdef CONFIG_AUDIT 3124 3088 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); 3125 - ad.a.u.ipc_id = sma->sem_perm.id; 3089 + ad.a.u.ipc_id = isp->id; 3126 3090 #endif 3127 3091 rc = smk_curacc(ssp, access, &ad); 3128 3092 rc = smk_bu_current("sem", ssp, access, rc); ··· 3092 3134 3093 3135 /** 3094 3136 * smack_sem_associate - Smack access check for sem 3095 - * @sma: the object 3137 + * @isp: the object 3096 3138 * @semflg: access requested 3097 3139 * 3098 3140 * Returns 0 if current has the requested access, error code otherwise 3099 3141 */ 3100 - static int smack_sem_associate(struct sem_array *sma, int semflg) 3142 + static int smack_sem_associate(struct kern_ipc_perm *isp, int semflg) 3101 3143 { 3102 3144 int may; 3103 3145 3104 3146 may = smack_flags_to_may(semflg); 3105 - return smk_curacc_sem(sma, may); 3147 + return smk_curacc_sem(isp, may); 3106 3148 } 3107 3149 3108 3150 /** 3109 3151 * smack_sem_shmctl - Smack access check for sem 3110 - * @sma: the object 3152 + * @isp: the object 3111 3153 * @cmd: what it wants to do 3112 3154 * 3113 3155 * Returns 0 if current has the requested access, error code otherwise 3114 3156 */ 3115 - static int smack_sem_semctl(struct sem_array *sma, int cmd) 3157 + static int smack_sem_semctl(struct kern_ipc_perm *isp, int cmd) 3116 3158 { 3117 3159 int may; 3118 3160 ··· 3142 3184 return -EINVAL; 3143 3185 } 3144 3186 3145 - return smk_curacc_sem(sma, may); 3187 + return smk_curacc_sem(isp, may); 3146 3188 } 3147 3189 3148 3190 /** 3149 3191 * smack_sem_semop - Smack checks of semaphore operations 3150 - * @sma: the object 3192 + * @isp: the object 3151 3193 * @sops: unused 3152 3194 * @nsops: unused 3153 3195 * @alter: unused ··· 3156 3198 * 3157 3199 * Returns 0 if access is allowed, error code otherwise 3158 3200 */ 3159 - static int smack_sem_semop(struct sem_array *sma, struct sembuf *sops, 3201 + static int smack_sem_semop(struct kern_ipc_perm *isp, struct sembuf *sops, 3160 3202 unsigned nsops, int alter) 3161 3203 { 3162 - return smk_curacc_sem(sma, MAY_READWRITE); 3163 - } 3164 - 3165 - /** 3166 - * smack_msg_alloc_security - Set the security blob for msg 3167 - * @msq: the object 3168 - * 3169 - * Returns 0 3170 - */ 3171 - static int smack_msg_queue_alloc_security(struct msg_queue *msq) 3172 - { 3173 - struct kern_ipc_perm *kisp = &msq->q_perm; 3174 - struct smack_known *skp = smk_of_current(); 3175 - 3176 - kisp->security = skp; 3177 - return 0; 3178 - } 3179 - 3180 - /** 3181 - * smack_msg_free_security - Clear the security blob for msg 3182 - * @msq: the object 3183 - * 3184 - * Clears the blob pointer 3185 - */ 3186 - static void smack_msg_queue_free_security(struct msg_queue *msq) 3187 - { 3188 - struct kern_ipc_perm *kisp = &msq->q_perm; 3189 - 3190 - kisp->security = NULL; 3191 - } 3192 - 3193 - /** 3194 - * smack_of_msq - the smack pointer for the msq 3195 - * @msq: the object 3196 - * 3197 - * Returns a pointer to the smack label entry 3198 - */ 3199 - static struct smack_known *smack_of_msq(struct msg_queue *msq) 3200 - { 3201 - return (struct smack_known *)msq->q_perm.security; 3204 + return smk_curacc_sem(isp, MAY_READWRITE); 3202 3205 } 3203 3206 3204 3207 /** 3205 3208 * smk_curacc_msq : helper to check if current has access on msq 3206 - * @msq : the msq 3209 + * @isp : the msq 3207 3210 * @access : access requested 3208 3211 * 3209 3212 * return 0 if current has access, error otherwise 3210 3213 */ 3211 - static int smk_curacc_msq(struct msg_queue *msq, int access) 3214 + static int smk_curacc_msq(struct kern_ipc_perm *isp, int access) 3212 3215 { 3213 - struct smack_known *msp = smack_of_msq(msq); 3216 + struct smack_known *msp = smack_of_ipc(isp); 3214 3217 struct smk_audit_info ad; 3215 3218 int rc; 3216 3219 3217 3220 #ifdef CONFIG_AUDIT 3218 3221 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); 3219 - ad.a.u.ipc_id = msq->q_perm.id; 3222 + ad.a.u.ipc_id = isp->id; 3220 3223 #endif 3221 3224 rc = smk_curacc(msp, access, &ad); 3222 3225 rc = smk_bu_current("msq", msp, access, rc); ··· 3186 3267 3187 3268 /** 3188 3269 * smack_msg_queue_associate - Smack access check for msg_queue 3189 - * @msq: the object 3270 + * @isp: the object 3190 3271 * @msqflg: access requested 3191 3272 * 3192 3273 * Returns 0 if current has the requested access, error code otherwise 3193 3274 */ 3194 - static int smack_msg_queue_associate(struct msg_queue *msq, int msqflg) 3275 + static int smack_msg_queue_associate(struct kern_ipc_perm *isp, int msqflg) 3195 3276 { 3196 3277 int may; 3197 3278 3198 3279 may = smack_flags_to_may(msqflg); 3199 - return smk_curacc_msq(msq, may); 3280 + return smk_curacc_msq(isp, may); 3200 3281 } 3201 3282 3202 3283 /** 3203 3284 * smack_msg_queue_msgctl - Smack access check for msg_queue 3204 - * @msq: the object 3285 + * @isp: the object 3205 3286 * @cmd: what it wants to do 3206 3287 * 3207 3288 * Returns 0 if current has the requested access, error code otherwise 3208 3289 */ 3209 - static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) 3290 + static int smack_msg_queue_msgctl(struct kern_ipc_perm *isp, int cmd) 3210 3291 { 3211 3292 int may; 3212 3293 ··· 3229 3310 return -EINVAL; 3230 3311 } 3231 3312 3232 - return smk_curacc_msq(msq, may); 3313 + return smk_curacc_msq(isp, may); 3233 3314 } 3234 3315 3235 3316 /** 3236 3317 * smack_msg_queue_msgsnd - Smack access check for msg_queue 3237 - * @msq: the object 3318 + * @isp: the object 3238 3319 * @msg: unused 3239 3320 * @msqflg: access requested 3240 3321 * 3241 3322 * Returns 0 if current has the requested access, error code otherwise 3242 3323 */ 3243 - static int smack_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, 3324 + static int smack_msg_queue_msgsnd(struct kern_ipc_perm *isp, struct msg_msg *msg, 3244 3325 int msqflg) 3245 3326 { 3246 3327 int may; 3247 3328 3248 3329 may = smack_flags_to_may(msqflg); 3249 - return smk_curacc_msq(msq, may); 3330 + return smk_curacc_msq(isp, may); 3250 3331 } 3251 3332 3252 3333 /** 3253 3334 * smack_msg_queue_msgsnd - Smack access check for msg_queue 3254 - * @msq: the object 3335 + * @isp: the object 3255 3336 * @msg: unused 3256 3337 * @target: unused 3257 3338 * @type: unused ··· 3259 3340 * 3260 3341 * Returns 0 if current has read and write access, error code otherwise 3261 3342 */ 3262 - static int smack_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, 3343 + static int smack_msg_queue_msgrcv(struct kern_ipc_perm *isp, struct msg_msg *msg, 3263 3344 struct task_struct *target, long type, int mode) 3264 3345 { 3265 - return smk_curacc_msq(msq, MAY_READWRITE); 3346 + return smk_curacc_msq(isp, MAY_READWRITE); 3266 3347 } 3267 3348 3268 3349 /** ··· 4675 4756 LSM_HOOK_INIT(msg_msg_alloc_security, smack_msg_msg_alloc_security), 4676 4757 LSM_HOOK_INIT(msg_msg_free_security, smack_msg_msg_free_security), 4677 4758 4678 - LSM_HOOK_INIT(msg_queue_alloc_security, smack_msg_queue_alloc_security), 4679 - LSM_HOOK_INIT(msg_queue_free_security, smack_msg_queue_free_security), 4759 + LSM_HOOK_INIT(msg_queue_alloc_security, smack_ipc_alloc_security), 4760 + LSM_HOOK_INIT(msg_queue_free_security, smack_ipc_free_security), 4680 4761 LSM_HOOK_INIT(msg_queue_associate, smack_msg_queue_associate), 4681 4762 LSM_HOOK_INIT(msg_queue_msgctl, smack_msg_queue_msgctl), 4682 4763 LSM_HOOK_INIT(msg_queue_msgsnd, smack_msg_queue_msgsnd), 4683 4764 LSM_HOOK_INIT(msg_queue_msgrcv, smack_msg_queue_msgrcv), 4684 4765 4685 - LSM_HOOK_INIT(shm_alloc_security, smack_shm_alloc_security), 4686 - LSM_HOOK_INIT(shm_free_security, smack_shm_free_security), 4766 + LSM_HOOK_INIT(shm_alloc_security, smack_ipc_alloc_security), 4767 + LSM_HOOK_INIT(shm_free_security, smack_ipc_free_security), 4687 4768 LSM_HOOK_INIT(shm_associate, smack_shm_associate), 4688 4769 LSM_HOOK_INIT(shm_shmctl, smack_shm_shmctl), 4689 4770 LSM_HOOK_INIT(shm_shmat, smack_shm_shmat), 4690 4771 4691 - LSM_HOOK_INIT(sem_alloc_security, smack_sem_alloc_security), 4692 - LSM_HOOK_INIT(sem_free_security, smack_sem_free_security), 4772 + LSM_HOOK_INIT(sem_alloc_security, smack_ipc_alloc_security), 4773 + LSM_HOOK_INIT(sem_free_security, smack_ipc_free_security), 4693 4774 LSM_HOOK_INIT(sem_associate, smack_sem_associate), 4694 4775 LSM_HOOK_INIT(sem_semctl, smack_sem_semctl), 4695 4776 LSM_HOOK_INIT(sem_semop, smack_sem_semop),