Added a LSM hook to initialize the security pointer of the init task.
Signed-off-by: Mimi Zohar <[email protected]>
Signed-off-by: Kylene Hall <[email protected]>
---
include/linux/security.h | 17 +++++++++++++++++
init/main.c | 1 +
security/dummy.c | 6 ++++++
3 files changed, 24 insertions(+)
--- linux-2.6.18-rc3/include/linux/security.h 2006-07-30 01:15:36.000000000 -0500
+++ linux-2.6.18-rc3-working/include/linux/security.h 2006-08-08 13:05:48.000000000 -0500
@@ -516,6 +516,12 @@ struct swap_info_struct;
* @task_free_security:
* @p contains the task_struct for process.
* Deallocate and clear the p->security field.
+ * @task_init_alloc_security:
+ * @p contains the task_struct for init process.
+ * Allocate and attach a security structure to the p->security field for
+ * the init task. The security field is initialized to NULL when the task
+ * structure is allocated.
+ * Return 0 if operation was successful.
* @task_setuid:
* Check permission before setting one or more of the user identity
* attributes of the current process. The @flags parameter indicates
@@ -1220,6 +1226,7 @@ struct security_operations {
int (*task_create) (unsigned long clone_flags);
int (*task_alloc_security) (struct task_struct * p);
void (*task_free_security) (struct task_struct * p);
+ int (*task_init_alloc_security) (struct task_struct * p);
int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags);
int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ ,
uid_t old_euid, uid_t old_suid, int flags);
@@ -1816,6 +1823,11 @@ static inline void security_task_free (s
security_ops->task_free_security (p);
}
+static inline int security_task_init_alloc (struct task_struct *p)
+{
+ return security_ops->task_init_alloc_security (p);
+}
+
static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2,
int flags)
{
@@ -2479,6 +2491,11 @@ static inline int security_task_alloc (s
static inline void security_task_free (struct task_struct *p)
{ }
+static inline int security_task_init_alloc (struct task_struct *p)
+{
+ return 0;
+}
+
static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2,
int flags)
{
--- linux-2.6.18-rc3/security/dummy.c 2006-07-30 01:15:36.000000000 -0500
+++ linux-2.6.18-rc3-working/security/dummy.c 2006-08-04 13:28:34.000000000 -0500
@@ -474,6 +474,11 @@ static void dummy_task_free_security (st
return;
}
+static int dummy_task_init_alloc_security (struct task_struct *p)
+{
+ return 0;
+}
+
static int dummy_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
{
return 0;
@@ -982,6 +987,7 @@ void security_fixup_ops (struct security
set_to_dummy_if_null(ops, task_create);
set_to_dummy_if_null(ops, task_alloc_security);
set_to_dummy_if_null(ops, task_free_security);
+ set_to_dummy_if_null(ops, task_init_alloc_security);
set_to_dummy_if_null(ops, task_setuid);
set_to_dummy_if_null(ops, task_post_setuid);
set_to_dummy_if_null(ops, task_setgid);
--- linux-2.6.18-rc3/init/main.c 2006-07-30 01:15:36.000000000 -0500
+++ linux-2.6.18-rc3-working/init/main.c 2006-08-04 13:26:12.000000000 -0500
@@ -698,6 +698,7 @@ static int init(void * unused)
* can be found.
*/
child_reaper = current;
+ security_task_init_alloc(current);
smp_prepare_cpus(max_cpus);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]