+12

security/smack/Kconfig

reviewed

··· 40 40 This enables security marking of network packets using 41 41 Smack labels. 42 42 If you are unsure how to answer this question, answer N. 43 43 + 44 44 + config SECURITY_SMACK_APPEND_SIGNALS 45 45 + bool "Treat delivering signals as an append operation" 46 46 + depends on SECURITY_SMACK 47 47 + default n 48 48 + help 49 49 + Sending a signal has been treated as a write operation to the 50 50 + receiving process. If this option is selected, the delivery 51 51 + will be an append operation instead. This makes it possible 52 52 + to differentiate between delivering a network packet and 53 53 + delivering a signal in the Smack rules. 54 54 + If you are unsure how to answer this question, answer N.

+10

security/smack/smack.h

reviewed

··· 256 256 #define MAY_LOCK 0x00002000 /* Locks should be writes, but ... */ 257 257 #define MAY_BRINGUP 0x00004000 /* Report use of this rule */ 258 258 259 259 + /* 260 260 + * The policy for delivering signals is configurable. 261 261 + * It is usually "write", but can be "append". 262 262 + */ 263 263 + #ifdef CONFIG_SECURITY_SMACK_APPEND_SIGNALS 264 264 + #define MAY_DELIVER MAY_APPEND /* Signal delivery requires append */ 265 265 + #else 266 266 + #define MAY_DELIVER MAY_WRITE /* Signal delivery requires write */ 267 267 + #endif 268 268 + 259 269 #define SMACK_BRINGUP_ALLOW 1 /* Allow bringup mode */ 260 270 #define SMACK_UNCONFINED_SUBJECT 2 /* Allow unconfined label */ 261 271 #define SMACK_UNCONFINED_OBJECT 3 /* Allow unconfined label */

+7 -7

security/smack/smack_lsm.c

reviewed

··· 1857 1857 1858 1858 /* we don't log here as rc can be overriden */ 1859 1859 skp = file->f_security; 1860 1860 - rc = smk_access(skp, tkp, MAY_WRITE, NULL); 1861 1861 - rc = smk_bu_note("sigiotask", skp, tkp, MAY_WRITE, rc); 1860 1860 + rc = smk_access(skp, tkp, MAY_DELIVER, NULL); 1861 1861 + rc = smk_bu_note("sigiotask", skp, tkp, MAY_DELIVER, rc); 1862 1862 if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE)) 1863 1863 rc = 0; 1864 1864 1865 1865 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); 1866 1866 smk_ad_setfield_u_tsk(&ad, tsk); 1867 1867 - smack_log(skp->smk_known, tkp->smk_known, MAY_WRITE, rc, &ad); 1867 1867 + smack_log(skp->smk_known, tkp->smk_known, MAY_DELIVER, rc, &ad); 1868 1868 return rc; 1869 1869 } 1870 1870 ··· 2265 2265 * can write the receiver. 2266 2266 */ 2267 2267 if (secid == 0) { 2268 2268 - rc = smk_curacc(tkp, MAY_WRITE, &ad); 2269 2269 - rc = smk_bu_task(p, MAY_WRITE, rc); 2268 2268 + rc = smk_curacc(tkp, MAY_DELIVER, &ad); 2269 2269 + rc = smk_bu_task(p, MAY_DELIVER, rc); 2270 2270 return rc; 2271 2271 } 2272 2272 /* ··· 2275 2275 * we can't take privilege into account. 2276 2276 */ 2277 2277 skp = smack_from_secid(secid); 2278 2278 - rc = smk_access(skp, tkp, MAY_WRITE, &ad); 2279 2279 - rc = smk_bu_note("USB signal", skp, tkp, MAY_WRITE, rc); 2278 2278 + rc = smk_access(skp, tkp, MAY_DELIVER, &ad); 2279 2279 + rc = smk_bu_note("USB signal", skp, tkp, MAY_DELIVER, rc); 2280 2280 return rc; 2281 2281 } 2282 2282

+3 -8

security/smack/smackfs.c

reviewed

··· 2523 2523 if (count == 0 || count > SMK_LONGLABEL) 2524 2524 return -EINVAL; 2525 2525 2526 2526 - data = kzalloc(count, GFP_KERNEL); 2527 2527 - if (data == NULL) 2528 2528 - return -ENOMEM; 2529 2529 - 2530 2530 - if (copy_from_user(data, buf, count) != 0) { 2531 2531 - rc = -EFAULT; 2532 2532 - goto out_data; 2533 2533 - } 2526 2526 + data = memdup_user(buf, count); 2527 2527 + if (IS_ERR(data)) 2528 2528 + return PTR_ERR(data); 2534 2529 2535 2530 cp = smk_parse_smack(data, count); 2536 2531 if (IS_ERR(cp)) {