diff options
| -rw-r--r-- | security/smack/Kconfig | 12 | ||||
| -rw-r--r-- | security/smack/smack.h | 10 | ||||
| -rw-r--r-- | security/smack/smack_lsm.c | 14 |
3 files changed, 29 insertions, 7 deletions
diff --git a/security/smack/Kconfig b/security/smack/Kconfig index b1c221d694c6..160eb04a4ce2 100644 --- a/security/smack/Kconfig +++ b/security/smack/Kconfig @@ -41,6 +41,18 @@ config SECURITY_SMACK_NETFILTER Smack labels. If you are unsure how to answer this question, answer N. +config SECURITY_SMACK_APPEND_SIGNALS + bool "Treat delivering signals as an append operation" + depends on SECURITY_SMACK + default n + help + Sending a signal has been treated as a write operation to the + receiving process. If this option is selected, the delivery + will be an append operation instead. This makes it possible + to differentiate between delivering a network packet and + delivering a signal in the Smack rules. + If you are unsure how to answer this question, answer N. + config SECURITY_SMACK_PERMISSIVE_MODE bool "Enable Permissive mode for debugging purpose" depends on SECURITY_SMACK diff --git a/security/smack/smack.h b/security/smack/smack.h index 7fd481a79c93..b57b9702b262 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -218,6 +218,16 @@ enum { #define MAY_LOCK 0x00002000 /* Locks should be writes, but ... */ #define MAY_BRINGUP 0x00004000 /* Report use of this rule */ +/* + * The policy for delivering signals is configurable. + * It is usually "write", but can be "append". + */ +#ifdef CONFIG_SECURITY_SMACK_APPEND_SIGNALS +#define MAY_DELIVER MAY_APPEND /* Signal delivery requires append */ +#else +#define MAY_DELIVER MAY_WRITE /* Signal delivery requires write */ +#endif + #define SMACK_BRINGUP_ALLOW 1 /* Allow bringup mode */ #define SMACK_UNCONFINED_SUBJECT 2 /* Allow unconfined label */ #define SMACK_UNCONFINED_OBJECT 3 /* Allow unconfined label */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index c9eb4c1d7eb8..8922b6792e99 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1862,14 +1862,14 @@ static int smack_file_send_sigiotask(struct task_struct *tsk, /* we don't log here as rc can be overriden */ skp = file->f_security; - rc = smk_access(skp, tkp, MAY_WRITE, NULL); - rc = smk_bu_note("sigiotask", skp, tkp, MAY_WRITE, rc); + rc = smk_access(skp, tkp, MAY_DELIVER, NULL); + rc = smk_bu_note("sigiotask", skp, tkp, MAY_DELIVER, rc); if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE)) rc = 0; smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); smk_ad_setfield_u_tsk(&ad, tsk); - smack_log(skp->smk_known, tkp->smk_known, MAY_WRITE, rc, &ad); + smack_log(skp->smk_known, tkp->smk_known, MAY_DELIVER, rc, &ad); return rc; } @@ -2282,8 +2282,8 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info, * can write the receiver. */ if (secid == 0) { - rc = smk_curacc(tkp, MAY_WRITE, &ad); - rc = smk_bu_task(p, MAY_WRITE, rc); + rc = smk_curacc(tkp, MAY_DELIVER, &ad); + rc = smk_bu_task(p, MAY_DELIVER, rc); return rc; } /* @@ -2292,8 +2292,8 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info, * we can't take privilege into account. */ skp = smack_from_secid(secid); - rc = smk_access(skp, tkp, MAY_WRITE, &ad); - rc = smk_bu_note("USB signal", skp, tkp, MAY_WRITE, rc); + rc = smk_access(skp, tkp, MAY_DELIVER, &ad); + rc = smk_bu_note("USB signal", skp, tkp, MAY_DELIVER, rc); return rc; } |