OSDN -- オープンソース・ソフトウェアの開発とダウンロード
日本語の翻訳状況 translation status for ja
  • R/O
  • SSH
  • HTTPS

caitsith: コミット


コミットメタ情報

リビジョン280 (tree)
日時2019-07-27 14:49:20
作者kumaneko

ログメッセージ

(メッセージはありません)

変更サマリ

差分

--- trunk/caitsith-patch/caitsith/caitsith.h (revision 279)
+++ trunk/caitsith-patch/caitsith/caitsith.h (revision 280)
@@ -902,6 +902,10 @@
902902 int cs_mount_permission(const char *dev_name, const struct path *path,
903903 const char *type, unsigned long flags,
904904 void *data_page);
905+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
906+int cs_move_mount_permission(const struct path *from_path,
907+ const struct path *to_path);
908+#endif
905909 int cs_pivot_root_permission(const struct path *old_path,
906910 const struct path *new_path);
907911 int cs_rename_permission(const struct path *old, const struct path *new);
--- trunk/caitsith-patch/caitsith/lsm-4.12.c (revision 279)
+++ trunk/caitsith-patch/caitsith/lsm-4.12.c (revision 280)
@@ -996,7 +996,23 @@
996996 return cs_mount_permission(dev_name, path, type, flags, data_page);
997997 }
998998
999+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
9991000 /**
1001+ * cs_move_mount - Check permission for move_mount().
1002+ *
1003+ * @from_path: Pointer to "struct path".
1004+ * @to_path: Pointer to "struct path".
1005+ *
1006+ * Returns 0 on success, negative value otherwise.
1007+ */
1008+static int cs_move_mount(const struct path *from_path,
1009+ const struct path *to_path)
1010+{
1011+ return cs_move_mount_permission(from_path, to_path);
1012+}
1013+#endif
1014+
1015+/**
10001016 * cs_sb_umount - Check permission for umount().
10011017 *
10021018 * @mnt: Pointer to "struct vfsmount".
@@ -1059,6 +1075,9 @@
10591075 MY_HOOK_INIT(file_ioctl, cs_file_ioctl),
10601076 MY_HOOK_INIT(sb_pivotroot, cs_sb_pivotroot),
10611077 MY_HOOK_INIT(sb_mount, cs_sb_mount),
1078+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
1079+ MY_HOOK_INIT(move_mount, cs_move_mount),
1080+#endif
10621081 MY_HOOK_INIT(sb_umount, cs_sb_umount),
10631082 #ifdef CONFIG_SECURITY_PATH
10641083 MY_HOOK_INIT(path_mknod, cs_path_mknod),
--- trunk/caitsith-patch/caitsith/permission.c (revision 279)
+++ trunk/caitsith-patch/caitsith/permission.c (revision 280)
@@ -1123,7 +1123,23 @@
11231123 return cs_mount_acl(dev_name, path, type, flags, data_page);
11241124 }
11251125
1126+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
11261127 /**
1128+ * cs_move_mount_permission - Check permission for move_mount() operation.
1129+ *
1130+ * @from_path: Pointer to "struct path".
1131+ * @to_path: Pointer to "struct path".
1132+ *
1133+ * Returns 0 on success, negative value otherwise.
1134+ */
1135+int cs_move_mount_permission(const struct path *from_path,
1136+ const struct path *to_path)
1137+{
1138+ return -ENOSYS; /* For now. */
1139+}
1140+#endif
1141+
1142+/**
11271143 * cs_open_permission - Check permission for "read" and "write".
11281144 *
11291145 * @path: Pointer to "struct path".
@@ -1150,6 +1166,9 @@
11501166 if (d_is_dir(path->dentry))
11511167 return 0;
11521168 #endif
1169+ /* Sockets can't be opened by open(). */
1170+ if (S_ISSOCK(d_inode(path->dentry)->i_mode))
1171+ return 0;
11531172 r.obj.path[0] = *path;
11541173 if (!(cs_flags & CS_TASK_IS_IN_EXECVE))
11551174 cs_check_auto_domain_transition();
@@ -1507,6 +1526,9 @@
15071526 */
15081527 int cs_getattr_permission(const struct path *path)
15091528 {
1529+ /* It is not safe to call cs_get_socket_name(). */
1530+ if (S_ISSOCK(d_inode(path->dentry)->i_mode))
1531+ return 0;
15101532 return cs_path_perm(CS_MAC_GETATTR, path);
15111533 }
15121534
@@ -1643,6 +1665,8 @@
16431665 {
16441666 struct cs_inet_addr_info *i = &address->inet;
16451667
1668+ if (addr_len < offsetofend(struct sockaddr, sa_family))
1669+ return 0;
16461670 switch (addr->sa_family) {
16471671 case AF_INET6:
16481672 if (addr_len < SIN6_LEN_RFC2133)
@@ -1720,6 +1744,8 @@
17201744 {
17211745 struct cs_unix_addr_info *u = &address->unix0;
17221746
1747+ if (addr_len < offsetofend(struct sockaddr, sa_family))
1748+ return 0;
17231749 if (addr->sa_family != AF_UNIX)
17241750 return 0;
17251751 u->addr = ((struct sockaddr_un *) addr)->sun_path;
--- trunk/caitsith-patch/caitsith/realpath.c (revision 279)
+++ trunk/caitsith-patch/caitsith/realpath.c (revision 280)
@@ -7,6 +7,7 @@
77 */
88
99 #include "caitsith.h"
10+
1011 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 36) && LINUX_VERSION_CODE < KERNEL_VERSION(3, 2, 0)
1112 #include <linux/nsproxy.h>
1213 #include <linux/mnt_namespace.h>
@@ -462,12 +463,14 @@
462463 }
463464 inode = d_backing_inode(sb->s_root);
464465 /*
465- * Use local name for "filesystems without rename() operation"
466- * or "path without vfsmount" or "absolute name is unavailable"
467- * cases.
466+ * Use local name for "filesystems without rename() operation
467+ * and device file" or "path without vfsmount" or "absolute
468+ * name is unavailable" cases.
468469 */
469470 #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 17, 0)
470- if (!path->mnt || (inode->i_op && !inode->i_op->rename))
471+ if (!path->mnt ||
472+ (inode->i_op && !inode->i_op->rename &&
473+ !(sb->s_type->fs_flags & FS_REQUIRES_DEV)))
471474 pos = ERR_PTR(-EINVAL);
472475 else {
473476 /* Get absolute name for the rest. */
@@ -477,12 +480,15 @@
477480 }
478481 #elif LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
479482 if (!path->mnt ||
480- (!inode->i_op->rename && !inode->i_op->rename2))
483+ (!inode->i_op->rename && !inode->i_op->rename2 &&
484+ !(sb->s_type->fs_flags & FS_REQUIRES_DEV)))
481485 pos = ERR_PTR(-EINVAL);
482486 else
483487 pos = cs_get_absolute_path(path, buf, buf_len - 1);
484488 #else
485- if (!path->mnt || !inode->i_op->rename)
489+ if (!path->mnt ||
490+ (!inode->i_op->rename &&
491+ !(sb->s_type->fs_flags & FS_REQUIRES_DEV)))
486492 pos = ERR_PTR(-EINVAL);
487493 else
488494 pos = cs_get_absolute_path(path, buf, buf_len - 1);
--- trunk/caitsith-patch/include/linux/caitsith.h (revision 279)
+++ trunk/caitsith-patch/include/linux/caitsith.h (revision 280)
@@ -78,6 +78,10 @@
7878 int (*mount_permission)(const char *dev_name, const struct path *path,
7979 const char *type, unsigned long flags,
8080 void *data_page);
81+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
82+ int (*move_mount_permission) (const struct path *from_path,
83+ const struct path *to_path);
84+#endif
8185 int (*umount_permission)(struct vfsmount *mnt, int flags);
8286
8387 _Bool(*lport_reserved) (const u16 port); /* Not implemented. */
@@ -186,6 +190,16 @@
186190 return func ? func(dev_name, path, type, flags, data_page) : 0;
187191 }
188192
193+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
194+static inline int ccs_move_mount_permission(const struct path *from_path,
195+ const struct path *to_path)
196+{
197+ int (*func) (const struct path *, const struct path *) =
198+ caitsith_ops.move_mount_permission;
199+ return func ? func(from_path, to_path) : 0;
200+}
201+#endif
202+
189203 static inline int ccs_umount_permission(struct vfsmount *mnt, int flags)
190204 {
191205 int (*func)(struct vfsmount *, int)
@@ -413,6 +427,14 @@
413427 return 0;
414428 }
415429
430+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
431+static inline int ccs_move_mount_permission(const struct path *from_path,
432+ const struct path *to_path)
433+{
434+ return 0;
435+}
436+#endif
437+
416438 static inline int ccs_umount_permission(struct vfsmount *mnt, int flags)
417439 {
418440 return 0;
--- trunk/caitsith-patch/include/linux/lsm2caitsith.h (revision 279)
+++ trunk/caitsith-patch/include/linux/lsm2caitsith.h (revision 280)
@@ -59,6 +59,7 @@
5959 int ccs_path_unlink(const struct path *dir, struct dentry *dentry);
6060 int ccs_sb_mount(const char *dev_name, const struct path *path,
6161 const char *type, unsigned long flags, void *data);
62+int ccs_move_mount(const struct path *from_path, const struct path *to_path);
6263 int ccs_sb_pivotroot(const struct path *old_path, const struct path *new_path);
6364 #else
6465 int ccs_path_chmod(struct path *path, umode_t mode);
@@ -101,6 +102,13 @@
101102 {
102103 return 0;
103104 }
105+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
106+static inline int ccs_move_mount(const struct path *from_path,
107+ const struct path *to_path)
108+{
109+ return 0;
110+}
111+#endif
104112 static inline int ccs_sb_umount(struct vfsmount *mnt, int flags)
105113 {
106114 return 0;
--- trunk/caitsith-patch/security/caitsith/internal.h (revision 279)
+++ trunk/caitsith-patch/security/caitsith/internal.h (revision 280)
@@ -91,6 +91,15 @@
9191 #define current_fsgid() (current->fsgid)
9292 #endif
9393
94+#ifndef offsetofend
95+#define offsetofend(TYPE, MEMBER) \
96+ (offsetof(TYPE, MEMBER) + sizeof(((TYPE *)0)->MEMBER))
97+#endif
98+
99+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 16, 0)
100+#define d_inode(dentry) (dentry)->d_inode
101+#endif
102+
94103 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 38)
95104
96105 /**
--- trunk/caitsith-patch/security/caitsith/lsm2caitsith.c (revision 279)
+++ trunk/caitsith-patch/security/caitsith/lsm2caitsith.c (revision 280)
@@ -93,6 +93,13 @@
9393 return ccs_pivot_root_permission(old_path, new_path);
9494 }
9595
96+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
97+int ccs_move_mount(const struct path *from_path, const struct path *to_path)
98+{
99+ return ccs_move_mount_permission(from_path, to_path);
100+}
101+#endif
102+
96103 int ccs_path_unlink(const struct path *dir, struct dentry *dentry)
97104 {
98105 return ccs_unlink_permission(dentry, dir->mnt);
@@ -245,6 +252,9 @@
245252 static struct security_hook_list caitsith_hooks[] = {
246253 LSM_HOOK_INIT(settime, ccs_settime),
247254 LSM_HOOK_INIT(sb_mount, ccs_sb_mount),
255+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
256+ LSM_HOOK_INIT(move_mount, ccs_move_mount),
257+#endif
248258 LSM_HOOK_INIT(sb_umount, ccs_sb_umount),
249259 LSM_HOOK_INIT(sb_pivotroot, ccs_sb_pivotroot),
250260 LSM_HOOK_INIT(inode_getattr, ccs_inode_getattr),
--- trunk/caitsith-patch/security/caitsith/permission.c (revision 279)
+++ trunk/caitsith-patch/security/caitsith/permission.c (revision 280)
@@ -152,6 +152,10 @@
152152 static int cs_mount_permission(const char *dev_name, const struct path *path,
153153 const char *type, unsigned long flags,
154154 void *data_page);
155+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
156+static int cs_move_mount_permission(const struct path *from_path,
157+ const struct path *to_path);
158+#endif
155159 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 30)
156160 static int cs_open_exec_permission(struct dentry *dentry,
157161 struct vfsmount *mnt);
@@ -1131,6 +1135,9 @@
11311135 caitsith_ops.parse_table = cs_parse_table;
11321136 #endif
11331137 caitsith_ops.mount_permission = cs_mount_permission;
1138+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
1139+ caitsith_ops.move_mount_permission = cs_move_mount_permission;
1140+#endif
11341141 #ifdef CONFIG_CAITSITH_CAPABILITY
11351142 caitsith_ops.capable = cs_capable;
11361143 caitsith_ops.socket_create_permission = cs_socket_create_permission;
@@ -1362,6 +1369,22 @@
13621369 return cs_mount_acl(dev_name, path, type, flags, data_page);
13631370 }
13641371
1372+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
1373+/**
1374+ * cs_move_mount_permission - Check permission for move_mount() operation.
1375+ *
1376+ * @from_path: Pointer to "struct path".
1377+ * @to_path: Pointer to "struct path".
1378+ *
1379+ * Returns 0 on success, negative value otherwise.
1380+ */
1381+static int cs_move_mount_permission(const struct path *from_path,
1382+ const struct path *to_path)
1383+{
1384+ return -ENOSYS; /* For now. */
1385+}
1386+#endif
1387+
13651388 #if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 32)
13661389
13671390 /**
@@ -1424,6 +1447,9 @@
14241447 if (d_is_dir(path->dentry))
14251448 return 0;
14261449 #endif
1450+ /* Sockets can't be opened by open(). */
1451+ if (S_ISSOCK(d_inode(path->dentry)->i_mode))
1452+ return 0;
14271453 r.obj.path[0] = *path;
14281454 if (!(cs_flags & CS_TASK_IS_IN_EXECVE))
14291455 cs_check_auto_domain_transition();
@@ -1844,6 +1870,9 @@
18441870 {
18451871 struct path path = { .mnt = mnt, .dentry = dentry };
18461872
1873+ /* It is not safe to call cs_get_socket_name(). */
1874+ if (S_ISSOCK(d_inode(dentry)->i_mode))
1875+ return 0;
18471876 return cs_path_perm(CS_MAC_GETATTR, &path);
18481877 }
18491878
@@ -2121,6 +2150,8 @@
21212150 {
21222151 struct cs_inet_addr_info *i = &address->inet;
21232152
2153+ if (addr_len < offsetofend(struct sockaddr, sa_family))
2154+ return 0;
21242155 switch (addr->sa_family) {
21252156 case AF_INET6:
21262157 if (addr_len < SIN6_LEN_RFC2133)
@@ -2199,6 +2230,8 @@
21992230 {
22002231 struct cs_unix_addr_info *u = &address->unix0;
22012232
2233+ if (addr_len < offsetofend(struct sockaddr, sa_family))
2234+ return 0;
22022235 if (addr->sa_family != AF_UNIX)
22032236 return 0;
22042237 u->addr = ((struct sockaddr_un *) addr)->sun_path;
@@ -2497,7 +2530,7 @@
24972530 addr_len = u->len;
24982531 memcpy(&addr, u->name, addr_len);
24992532 } else {
2500- addr_len = 0;
2533+ addr_len = addr_len = sizeof(addr.ss_family);
25012534 addr.ss_family = AF_UNIX;
25022535 }
25032536 if (cs_check_unix_address((struct sockaddr *) &addr,
@@ -3600,7 +3633,11 @@
36003633 goto done;
36013634 printk(KERN_WARNING "ERROR: Unable to transit to '%s' domain.\n",
36023635 r.transition->name);
3636+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 3, 0)
36033637 force_sig(SIGKILL, current);
3638+#else
3639+ force_sig(SIGKILL);
3640+#endif
36043641 done:
36053642 cs_read_unlock(idx);
36063643 #endif
--- trunk/caitsith-patch/security/caitsith/realpath.c (revision 279)
+++ trunk/caitsith-patch/security/caitsith/realpath.c (revision 280)
@@ -344,6 +344,7 @@
344344 goto prepend_filesystem_name;
345345 {
346346 struct inode *inode = d_backing_inode(sb->s_root);
347+
347348 /*
348349 * Use filesystem name if filesystems does not support rename()
349350 * operation.
@@ -411,8 +412,7 @@
411412 if (sk) {
412413 snprintf(buffer, buflen,
413414 "socket:[family=%u:type=%u:protocol=%u]",
414- sk->sk_family, sk->sk_type,
415- sk->sk_protocol);
415+ sk->sk_family, sk->sk_type, sk->sk_protocol);
416416 } else {
417417 snprintf(buffer, buflen, "socket:[unknown]");
418418 }
@@ -463,12 +463,14 @@
463463 }
464464 inode = d_backing_inode(sb->s_root);
465465 /*
466- * Use local name for "filesystems without rename() operation"
467- * or "path without vfsmount" or "absolute name is unavailable"
468- * cases.
466+ * Use local name for "filesystems without rename() operation
467+ * and device file" or "path without vfsmount" or "absolute
468+ * name is unavailable" cases.
469469 */
470470 #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 17, 0)
471- if (!path->mnt || (inode->i_op && !inode->i_op->rename))
471+ if (!path->mnt ||
472+ (inode->i_op && !inode->i_op->rename &&
473+ !(sb->s_type->fs_flags & FS_REQUIRES_DEV)))
472474 pos = ERR_PTR(-EINVAL);
473475 else {
474476 /* Get absolute name for the rest. */
@@ -478,12 +480,15 @@
478480 }
479481 #elif LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
480482 if (!path->mnt ||
481- (!inode->i_op->rename && !inode->i_op->rename2))
483+ (!inode->i_op->rename && !inode->i_op->rename2 &&
484+ !(sb->s_type->fs_flags & FS_REQUIRES_DEV)))
482485 pos = ERR_PTR(-EINVAL);
483486 else
484487 pos = cs_get_absolute_path(path, buf, buf_len - 1);
485488 #else
486- if (!path->mnt || !inode->i_op->rename)
489+ if (!path->mnt ||
490+ (!inode->i_op->rename &&
491+ !(sb->s_type->fs_flags & FS_REQUIRES_DEV)))
487492 pos = ERR_PTR(-EINVAL);
488493 else
489494 pos = cs_get_absolute_path(path, buf, buf_len - 1);
旧リポジトリブラウザで表示