From 8c941e26c010a19139091d7eb5d6217baef8e930 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Sun, 4 Oct 2009 21:49:48 +0900 Subject: [PATCH] --- yaml --- r: 169153 b: refs/heads/master c: 8b8efb44033c7e86b3dc76f825c693ec92ae30e9 h: refs/heads/master i: 169151: 45e5d50f1c19ccfea9f1368f2076e402bf9812a1 v: v3 --- [refs] | 2 +- trunk/fs/open.c | 3 +++ trunk/include/linux/security.h | 11 +++++++++++ trunk/security/capability.c | 6 ++++++ trunk/security/security.c | 5 +++++ 5 files changed, 26 insertions(+), 1 deletion(-) diff --git a/[refs] b/[refs] index 792f63de3c5c..4b18ce913954 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 89eda06837094ce9f34fae269b8773fcfd70f046 +refs/heads/master: 8b8efb44033c7e86b3dc76f825c693ec92ae30e9 diff --git a/trunk/fs/open.c b/trunk/fs/open.c index b5c294d35bd1..201041dfca57 100644 --- a/trunk/fs/open.c +++ b/trunk/fs/open.c @@ -587,6 +587,9 @@ SYSCALL_DEFINE1(chroot, const char __user *, filename) error = -EPERM; if (!capable(CAP_SYS_CHROOT)) goto dput_and_out; + error = security_path_chroot(&path); + if (error) + goto dput_and_out; set_fs_root(current->fs, &path); error = 0; diff --git a/trunk/include/linux/security.h b/trunk/include/linux/security.h index c8a584c26f7b..ed0faea60b82 100644 --- a/trunk/include/linux/security.h +++ b/trunk/include/linux/security.h @@ -459,6 +459,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @uid contains new owner's ID. * @gid contains new group's ID. * Return 0 if permission is granted. + * @path_chroot: + * Check for permission to change root directory. + * @path contains the path structure. + * Return 0 if permission is granted. * @inode_readlink: * Check the permission to read the symbolic link. * @dentry contains the dentry structure for the file link. @@ -1503,6 +1507,7 @@ struct security_operations { int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, mode_t mode); int (*path_chown) (struct path *path, uid_t uid, gid_t gid); + int (*path_chroot) (struct path *path); #endif int (*inode_alloc_security) (struct inode *inode); @@ -2970,6 +2975,7 @@ int security_path_rename(struct path *old_dir, struct dentry *old_dentry, int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, mode_t mode); int security_path_chown(struct path *path, uid_t uid, gid_t gid); +int security_path_chroot(struct path *path); #else /* CONFIG_SECURITY_PATH */ static inline int security_path_unlink(struct path *dir, struct dentry *dentry) { @@ -3031,6 +3037,11 @@ static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid) { return 0; } + +static inline int security_path_chroot(struct path *path) +{ + return 0; +} #endif /* CONFIG_SECURITY_PATH */ #ifdef CONFIG_KEYS diff --git a/trunk/security/capability.c b/trunk/security/capability.c index 09279a8d4a14..4f3ab476937f 100644 --- a/trunk/security/capability.c +++ b/trunk/security/capability.c @@ -319,6 +319,11 @@ static int cap_path_chown(struct path *path, uid_t uid, gid_t gid) { return 0; } + +static int cap_path_chroot(struct path *root) +{ + return 0; +} #endif static int cap_file_permission(struct file *file, int mask) @@ -990,6 +995,7 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, path_truncate); set_to_cap_if_null(ops, path_chmod); set_to_cap_if_null(ops, path_chown); + set_to_cap_if_null(ops, path_chroot); #endif set_to_cap_if_null(ops, file_permission); set_to_cap_if_null(ops, file_alloc_security); diff --git a/trunk/security/security.c b/trunk/security/security.c index 5259270e558f..279757314a05 100644 --- a/trunk/security/security.c +++ b/trunk/security/security.c @@ -449,6 +449,11 @@ int security_path_chown(struct path *path, uid_t uid, gid_t gid) return 0; return security_ops->path_chown(path, uid, gid); } + +int security_path_chroot(struct path *path) +{ + return security_ops->path_chroot(path); +} #endif int security_inode_create(struct inode *dir, struct dentry *dentry, int mode)