Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754813AbWKIJeb (ORCPT ); Thu, 9 Nov 2006 04:34:31 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754815AbWKIJeb (ORCPT ); Thu, 9 Nov 2006 04:34:31 -0500 Received: from moutng.kundenserver.de ([212.227.126.177]:35037 "EHLO moutng.kundenserver.de") by vger.kernel.org with ESMTP id S1754813AbWKIJe3 (ORCPT ); Thu, 9 Nov 2006 04:34:29 -0500 Date: Thu, 9 Nov 2006 10:33:49 +0100 From: Chris Friedhoff To: "Serge E. Hallyn" Cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Stephen Smalley , James Morris , Chris Wright , Andrew Morton , KaiGai Kohei , Alexey Dobriyan Subject: Re: [PATCH 1/1] security: introduce fs caps Message-Id: <20061109103349.e58e8f51.chris@friedhoff.org> In-Reply-To: <20061109061021.GA32696@sergelap.austin.ibm.com> References: <20061108222453.GA6408@sergelap.austin.ibm.com> <20061109061021.GA32696@sergelap.austin.ibm.com> X-Mailer: Sylpheed version 2.2.9 (GTK+ 2.8.20; i486-slackware-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: kundenserver.de abuse@kundenserver.de login:9d7f00276fac4b25ba506f26988c1e36 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 4945 Lines: 165 Page http://www.friedhoff.org/fscaps.html updated ... Kernel 2.6.18.2 updated ... System keeps on humming ... Is anyone else using/testing the patch? Please give feedback ... Thanks ... Chris On Thu, 9 Nov 2006 00:10:21 -0600 "Serge E. Hallyn" wrote: > Sorry, I should have noticed and fixed this much sooner. This > patch is against the latest full fscaps patch which I'm replying > to. > > From: Serge E. Hallyn > Date: Thu, 9 Nov 2006 00:01:49 -0600 > Subject: security: file caps: fix unused variable warnings > > Address warnings of unused variables at cap_bprm_set_security > when file capabilities are disabled, and simultaneously clean > up the code a little, by pulling the new code into a helper > function. > > Rename vfs_cap_data_struct to remove redundant '_struct'. > > Signed-off-by: Serge E. Hallyn > --- > security/commoncap.c | 73 ++++++++++++++++++++++++++++---------------------- > 1 files changed, 41 insertions(+), 32 deletions(-) > > diff --git a/security/commoncap.c b/security/commoncap.c > index 6f5e46c..4b50b4d 100644 > --- a/security/commoncap.c > +++ b/security/commoncap.c > @@ -109,16 +109,17 @@ void cap_capset_set (struct task_struct > target->cap_permitted = *permitted; > } > > +#ifdef CONFIG_SECURITY_FS_CAPABILITIES > #define XATTR_CAPS_SUFFIX "capability" > #define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX > -struct vfs_cap_data_struct { > +struct vfs_cap_data { > __u32 version; > __u32 effective; > __u32 permitted; > __u32 inheritable; > }; > > -static inline void convert_to_le(struct vfs_cap_data_struct *cap) > +static inline void convert_to_le(struct vfs_cap_data *cap) > { > cap->version = le32_to_cpu(cap->version); > cap->effective = le32_to_cpu(cap->effective); > @@ -126,7 +127,7 @@ static inline void convert_to_le(struct > cap->inheritable = le32_to_cpu(cap->inheritable); > } > > -static int check_cap_sanity(struct vfs_cap_data_struct *cap) > +static int check_cap_sanity(struct vfs_cap_data *cap) > { > int i; > > @@ -149,39 +150,14 @@ static int check_cap_sanity(struct vfs_c > return 0; > } > > -int cap_bprm_set_security (struct linux_binprm *bprm) > +/* Locate any VFS capabilities: */ > +static int set_file_caps(struct linux_binprm *bprm) > { > struct dentry *dentry; > ssize_t rc; > - struct vfs_cap_data_struct cap_struct; > + struct vfs_cap_data cap_struct; > struct inode *inode; > > - /* Copied from fs/exec.c:prepare_binprm. */ > - > - cap_clear (bprm->cap_inheritable); > - cap_clear (bprm->cap_permitted); > - cap_clear (bprm->cap_effective); > - > - /* To support inheritance of root-permissions and suid-root > - * executables under compatibility mode, we raise all three > - * capability sets for the file. > - * > - * If only the real uid is 0, we only raise the inheritable > - * and permitted sets of the executable file. > - */ > - > - if (!issecure (SECURE_NOROOT)) { > - if (bprm->e_uid == 0 || current->uid == 0) { > - cap_set_full (bprm->cap_inheritable); > - cap_set_full (bprm->cap_permitted); > - } > - if (bprm->e_uid == 0) > - cap_set_full (bprm->cap_effective); > - } > - > -#ifdef CONFIG_SECURITY_FS_CAPABILITIES > - /* Locate any VFS capabilities: */ > - > dentry = dget(bprm->file->f_dentry); > inode = dentry->d_inode; > if (!inode->i_op || !inode->i_op->getxattr) { > @@ -216,9 +192,42 @@ #ifdef CONFIG_SECURITY_FS_CAPABILITIES > bprm->cap_permitted = cap_struct.permitted; > bprm->cap_inheritable = cap_struct.inheritable; > > -#endif > return 0; > } > +#else > +static int set_file_caps(struct linux_binprm *bprm) > +{ > + return 0; > +} > +#endif > + > +int cap_bprm_set_security (struct linux_binprm *bprm) > +{ > + /* Copied from fs/exec.c:prepare_binprm. */ > + > + cap_clear (bprm->cap_inheritable); > + cap_clear (bprm->cap_permitted); > + cap_clear (bprm->cap_effective); > + > + /* To support inheritance of root-permissions and suid-root > + * executables under compatibility mode, we raise all three > + * capability sets for the file. > + * > + * If only the real uid is 0, we only raise the inheritable > + * and permitted sets of the executable file. > + */ > + > + if (!issecure (SECURE_NOROOT)) { > + if (bprm->e_uid == 0 || current->uid == 0) { > + cap_set_full (bprm->cap_inheritable); > + cap_set_full (bprm->cap_permitted); > + } > + if (bprm->e_uid == 0) > + cap_set_full (bprm->cap_effective); > + } > + > + return set_file_caps(bprm); > +} > > void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe) > { > -- > 1.4.1 > -------------------- Chris Friedhoff chris@friedhoff.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/