usb, signal, security: only pass the cred, not the secid, to kill_pid_info_as_cred and security_task_kill
commit d178bc3a70 ("user namespace: usb:
make usb urbs user namespace aware (v2)") changed kill_pid_info_as_uid
to kill_pid_info_as_cred, saving and passing a cred structure instead of
uids. Since the secid can be obtained from the cred, drop the secid fields
from the usb_dev_state and async structures, and drop the secid argument to
kill_pid_info_as_cred. Replace the secid argument to security_task_kill
with the cred. Update SELinux, Smack, and AppArmor to use the cred, which
avoids the need for Smack and AppArmor to use a secid at all in this hook.
Further changes to Smack might still be required to take full advantage of
this change, since it should now be possible to perform capability
checking based on the supplied cred. The changes to Smack and AppArmor
have only been compile-tested.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Acked-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
This commit is contained in:
Stephen Smalley
committed by
James Morris
James Morris
parent
a02633e9b1
commit
6b4f3d0105
@ -65,7 +65,6 @@ struct usb_dev_state {
|
||||
const struct cred *cred;
|
||||
void __user *disccontext;
|
||||
unsigned long ifclaimed;
|
||||
u32 secid;
|
||||
u32 disabled_bulk_eps;
|
||||
bool privileges_dropped;
|
||||
unsigned long interface_allowed_mask;
|
||||
@ -95,7 +94,6 @@ struct async {
|
||||
struct usb_memory *usbm;
|
||||
unsigned int mem_usage;
|
||||
int status;
|
||||
u32 secid;
|
||||
u8 bulk_addr;
|
||||
u8 bulk_status;
|
||||
};
|
||||
@ -586,7 +584,6 @@ static void async_completed(struct urb *urb)
|
||||
struct usb_dev_state *ps = as->ps;
|
||||
struct siginfo sinfo;
|
||||
struct pid *pid = NULL;
|
||||
u32 secid = 0;
|
||||
const struct cred *cred = NULL;
|
||||
int signr;
|
||||
|
||||
@ -602,7 +599,6 @@ static void async_completed(struct urb *urb)
|
||||
sinfo.si_addr = as->userurb;
|
||||
pid = get_pid(as->pid);
|
||||
cred = get_cred(as->cred);
|
||||
secid = as->secid;
|
||||
}
|
||||
snoop(&urb->dev->dev, "urb complete\n");
|
||||
snoop_urb(urb->dev, as->userurb, urb->pipe, urb->actual_length,
|
||||
@ -618,7 +614,7 @@ static void async_completed(struct urb *urb)
|
||||
spin_unlock(&ps->lock);
|
||||
|
||||
if (signr) {
|
||||
kill_pid_info_as_cred(sinfo.si_signo, &sinfo, pid, cred, secid);
|
||||
kill_pid_info_as_cred(sinfo.si_signo, &sinfo, pid, cred);
|
||||
put_pid(pid);
|
||||
put_cred(cred);
|
||||
}
|
||||
@ -1013,7 +1009,6 @@ static int usbdev_open(struct inode *inode, struct file *file)
|
||||
init_waitqueue_head(&ps->wait);
|
||||
ps->disc_pid = get_pid(task_pid(current));
|
||||
ps->cred = get_current_cred();
|
||||
security_task_getsecid(current, &ps->secid);
|
||||
smp_wmb();
|
||||
list_add_tail(&ps->list, &dev->filelist);
|
||||
file->private_data = ps;
|
||||
@ -1727,7 +1722,6 @@ static int proc_do_submiturb(struct usb_dev_state *ps, struct usbdevfs_urb *uurb
|
||||
as->ifnum = ifnum;
|
||||
as->pid = get_pid(task_pid(current));
|
||||
as->cred = get_current_cred();
|
||||
security_task_getsecid(current, &as->secid);
|
||||
snoop_urb(ps->dev, as->userurb, as->urb->pipe,
|
||||
as->urb->transfer_buffer_length, 0, SUBMIT,
|
||||
NULL, 0);
|
||||
@ -2617,7 +2611,7 @@ static void usbdev_remove(struct usb_device *udev)
|
||||
sinfo.si_code = SI_ASYNCIO;
|
||||
sinfo.si_addr = ps->disccontext;
|
||||
kill_pid_info_as_cred(ps->discsignr, &sinfo,
|
||||
ps->disc_pid, ps->cred, ps->secid);
|
||||
ps->disc_pid, ps->cred);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user