From a1836a42daf5ddfe9a891973734bd9a7d62eb504 Mon Sep 17 00:00:00 2001 From: David Quigley Date: Fri, 30 Jun 2006 01:55:49 -0700 Subject: [PATCH] [PATCH] SELinux: Add security hook definition for getioprio and insert hooks Add a new security hook definition for the sys_ioprio_get operation. At present, the SELinux hook function implementation for this hook is identical to the getscheduler implementation but a separate hook is introduced to allow this check to be specialized in the future if necessary. This patch also creates a helper function get_task_ioprio which handles the access check in addition to retrieving the ioprio value for the task. Signed-off-by: David Quigley Acked-by: Stephen Smalley Signed-off-by: James Morris Cc: Jens Axboe Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ioprio.c | 29 ++++++++++++++++++++++++----- include/linux/security.h | 15 +++++++++++++++ security/dummy.c | 6 ++++++ security/selinux/hooks.c | 6 ++++++ 4 files changed, 51 insertions(+), 5 deletions(-) diff --git a/fs/ioprio.c b/fs/ioprio.c index 7fa76ed53c1..93aa5715f22 100644 --- a/fs/ioprio.c +++ b/fs/ioprio.c @@ -125,11 +125,24 @@ asmlinkage long sys_ioprio_set(int which, int who, int ioprio) return ret; } +static int get_task_ioprio(struct task_struct *p) +{ + int ret; + + ret = security_task_getioprio(p); + if (ret) + goto out; + ret = p->ioprio; +out: + return ret; +} + asmlinkage long sys_ioprio_get(int which, int who) { struct task_struct *g, *p; struct user_struct *user; int ret = -ESRCH; + int tmpio; read_lock_irq(&tasklist_lock); switch (which) { @@ -139,16 +152,19 @@ asmlinkage long sys_ioprio_get(int which, int who) else p = find_task_by_pid(who); if (p) - ret = p->ioprio; + ret = get_task_ioprio(p); break; case IOPRIO_WHO_PGRP: if (!who) who = process_group(current); do_each_task_pid(who, PIDTYPE_PGID, p) { + tmpio = get_task_ioprio(p); + if (tmpio < 0) + continue; if (ret == -ESRCH) - ret = p->ioprio; + ret = tmpio; else - ret = ioprio_best(ret, p->ioprio); + ret = ioprio_best(ret, tmpio); } while_each_task_pid(who, PIDTYPE_PGID, p); break; case IOPRIO_WHO_USER: @@ -163,10 +179,13 @@ asmlinkage long sys_ioprio_get(int which, int who) do_each_thread(g, p) { if (p->uid != user->uid) continue; + tmpio = get_task_ioprio(p); + if (tmpio < 0) + continue; if (ret == -ESRCH) - ret = p->ioprio; + ret = tmpio; else - ret = ioprio_best(ret, p->ioprio); + ret = ioprio_best(ret, tmpio); } while_each_thread(g, p); if (who) diff --git a/include/linux/security.h b/include/linux/security.h index d4b13d617f6..f75303831d0 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -585,6 +585,10 @@ struct swap_info_struct; * @p contains the task_struct of process. * @ioprio contains the new ioprio value * Return 0 if permission is granted. + * @task_getioprio + * Check permission before getting the ioprio value of @p. + * @p contains the task_struct of process. + * Return 0 if permission is granted. * @task_setrlimit: * Check permission before setting the resource limits of the current * process for @resource to @new_rlim. The old resource limit values can @@ -1227,6 +1231,7 @@ struct security_operations { int (*task_setgroups) (struct group_info *group_info); int (*task_setnice) (struct task_struct * p, int nice); int (*task_setioprio) (struct task_struct * p, int ioprio); + int (*task_getioprio) (struct task_struct * p); int (*task_setrlimit) (unsigned int resource, struct rlimit * new_rlim); int (*task_setscheduler) (struct task_struct * p, int policy, struct sched_param * lp); @@ -1864,6 +1869,11 @@ static inline int security_task_setioprio (struct task_struct *p, int ioprio) return security_ops->task_setioprio (p, ioprio); } +static inline int security_task_getioprio (struct task_struct *p) +{ + return security_ops->task_getioprio (p); +} + static inline int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim) { @@ -2520,6 +2530,11 @@ static inline int security_task_setioprio (struct task_struct *p, int ioprio) return 0; } +static inline int security_task_getioprio (struct task_struct *p) +{ + return 0; +} + static inline int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim) { diff --git a/security/dummy.c b/security/dummy.c index de53f6eb0c0..d417936562d 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -524,6 +524,11 @@ static int dummy_task_setioprio (struct task_struct *p, int ioprio) return 0; } +static int dummy_task_getioprio (struct task_struct *p) +{ + return 0; +} + static int dummy_task_setrlimit (unsigned int resource, struct rlimit *new_rlim) { return 0; @@ -988,6 +993,7 @@ void security_fixup_ops (struct security_operations *ops) set_to_dummy_if_null(ops, task_setgroups); set_to_dummy_if_null(ops, task_setnice); set_to_dummy_if_null(ops, task_setioprio); + set_to_dummy_if_null(ops, task_getioprio); set_to_dummy_if_null(ops, task_setrlimit); set_to_dummy_if_null(ops, task_setscheduler); set_to_dummy_if_null(ops, task_getscheduler); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a5189a34735..51bec4c88f1 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2671,6 +2671,11 @@ static int selinux_task_setioprio(struct task_struct *p, int ioprio) return task_has_perm(current, p, PROCESS__SETSCHED); } +static int selinux_task_getioprio(struct task_struct *p) +{ + return task_has_perm(current, p, PROCESS__GETSCHED); +} + static int selinux_task_setrlimit(unsigned int resource, struct rlimit *new_rlim) { struct rlimit *old_rlim = current->signal->rlim + resource; @@ -4449,6 +4454,7 @@ static struct security_operations selinux_ops = { .task_setgroups = selinux_task_setgroups, .task_setnice = selinux_task_setnice, .task_setioprio = selinux_task_setioprio, + .task_getioprio = selinux_task_getioprio, .task_setrlimit = selinux_task_setrlimit, .task_setscheduler = selinux_task_setscheduler, .task_getscheduler = selinux_task_getscheduler, -- 2.20.1