apparmor: relax the restrictions on setting rlimits

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Instead of limiting the setting of the processes limits to current,
relax this to tasks confined by the same profile, as the apparmor
controls for rlimits are at a profile level granularity.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <sbeattie@ubuntu.com>

John Johansen 13 years ago cf47aede 4b7c331f

+12 -3

1 changed file

expand all

security

apparmor

resource.c

+12 -3

security/apparmor/resource.c

··· 15 15 #include <linux/audit.h> 16 16 17 17 #include "include/audit.h" 18 + #include "include/context.h" 18 19 #include "include/resource.h" 19 20 #include "include/policy.h" 20 21 ··· 91 90 int aa_task_setrlimit(struct aa_profile *profile, struct task_struct *task, 92 91 unsigned int resource, struct rlimit *new_rlim) 93 92 { 93 + struct aa_profile *task_profile; 94 94 int error = 0; 95 95 96 + rcu_read_lock(); 97 + task_profile = aa_get_profile(aa_cred_profile(__task_cred(task))); 98 + rcu_read_unlock(); 99 + 96 100 /* TODO: extend resource control to handle other (non current) 97 - * processes. AppArmor rules currently have the implicit assumption 98 - * that the task is setting the resource of the current process 101 + * profiles. AppArmor rules currently have the implicit assumption 102 + * that the task is setting the resource of a task confined with 103 + * the same profile. 99 104 */ 100 - if ((task != current->group_leader) || 105 + if (profile != task_profile || 101 106 (profile->rlimits.mask & (1 << resource) && 102 107 new_rlim->rlim_max > profile->rlimits.limits[resource].rlim_max)) 103 108 error = -EACCES; 109 + 110 + aa_put_profile(task_profile); 104 111 105 112 return audit_resource(profile, resource, new_rlim->rlim_max, error); 106 113 }