b8bff59926
Today security_bprm_set_creds has several implementations: apparmor_bprm_set_creds, cap_bprm_set_creds, selinux_bprm_set_creds, smack_bprm_set_creds, and tomoyo_bprm_set_creds. Except for cap_bprm_set_creds they all test bprm->called_set_creds and return immediately if it is true. The function cap_bprm_set_creds ignores bprm->calld_sed_creds entirely. Create a new LSM hook security_bprm_creds_for_exec that is called just before prepare_binprm in __do_execve_file, resulting in a LSM hook that is called exactly once for the entire of exec. Modify the bits of security_bprm_set_creds that only want to be called once per exec into security_bprm_creds_for_exec, leaving only cap_bprm_set_creds behind. Remove bprm->called_set_creds all of it's former users have been moved to security_bprm_creds_for_exec. Add or upate comments a appropriate to bring them up to date and to reflect this change. Link: https://lkml.kernel.org/r/87v9kszrzh.fsf_-_@x220.int.ebiederm.org Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com> # For the LSM and Smack bits Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
40 lines
912 B
C
40 lines
912 B
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* AppArmor security module
|
|
*
|
|
* This file contains AppArmor security domain transition function definitions.
|
|
*
|
|
* Copyright (C) 1998-2008 Novell/SUSE
|
|
* Copyright 2009-2010 Canonical Ltd.
|
|
*/
|
|
|
|
#include <linux/binfmts.h>
|
|
#include <linux/types.h>
|
|
|
|
#include "label.h"
|
|
|
|
#ifndef __AA_DOMAIN_H
|
|
#define __AA_DOMAIN_H
|
|
|
|
struct aa_domain {
|
|
int size;
|
|
char **table;
|
|
};
|
|
|
|
#define AA_CHANGE_NOFLAGS 0
|
|
#define AA_CHANGE_TEST 1
|
|
#define AA_CHANGE_CHILD 2
|
|
#define AA_CHANGE_ONEXEC 4
|
|
#define AA_CHANGE_STACK 8
|
|
|
|
struct aa_label *x_table_lookup(struct aa_profile *profile, u32 xindex,
|
|
const char **name);
|
|
|
|
int apparmor_bprm_creds_for_exec(struct linux_binprm *bprm);
|
|
|
|
void aa_free_domain_entries(struct aa_domain *domain);
|
|
int aa_change_hat(const char *hats[], int count, u64 token, int flags);
|
|
int aa_change_profile(const char *fqname, int flags);
|
|
|
|
#endif /* __AA_DOMAIN_H */
|