diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-07 11:44:01 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-07 11:44:01 -0800 |
commit | ae5906ceee038ea29ff5162d1bcd18fb50af8b94 (patch) | |
tree | 841a11c6d3c3afcf7e4d57be370ebcf57aab214a /security/tomoyo/group.c | |
parent | 1fc1cd8399ab5541a488a7e47b2f21537dd76c2d (diff) | |
parent | 468e91cecb3218afd684b8c422490dfebe0691bb (diff) |
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
- Extend LSM stacking to allow sharing of cred, file, ipc, inode, and
task blobs. This paves the way for more full-featured LSMs to be
merged, and is specifically aimed at LandLock and SARA LSMs. This
work is from Casey and Kees.
- There's a new LSM from Micah Morton: "SafeSetID gates the setid
family of syscalls to restrict UID/GID transitions from a given
UID/GID to only those approved by a system-wide whitelist." This
feature is currently shipping in ChromeOS.
* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (62 commits)
keys: fix missing __user in KEYCTL_PKEY_QUERY
LSM: Update list of SECURITYFS users in Kconfig
LSM: Ignore "security=" when "lsm=" is specified
LSM: Update function documentation for cap_capable
security: mark expected switch fall-throughs and add a missing break
tomoyo: Bump version.
LSM: fix return value check in safesetid_init_securityfs()
LSM: SafeSetID: add selftest
LSM: SafeSetID: remove unused include
LSM: SafeSetID: 'depend' on CONFIG_SECURITY
LSM: Add 'name' field for SafeSetID in DEFINE_LSM
LSM: add SafeSetID module that gates setid calls
LSM: add SafeSetID module that gates setid calls
tomoyo: Allow multiple use_group lines.
tomoyo: Coding style fix.
tomoyo: Swicth from cred->security to task_struct->security.
security: keys: annotate implicit fall throughs
security: keys: annotate implicit fall throughs
security: keys: annotate implicit fall through
capabilities:: annotate implicit fall through
...
Diffstat (limited to 'security/tomoyo/group.c')
-rw-r--r-- | security/tomoyo/group.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/tomoyo/group.c b/security/tomoyo/group.c index 21b0cc3a7e1a..a37c7dc66e44 100644 --- a/security/tomoyo/group.c +++ b/security/tomoyo/group.c @@ -75,11 +75,13 @@ int tomoyo_write_group(struct tomoyo_acl_param *param, const u8 type) { struct tomoyo_group *group = tomoyo_get_group(param, type); int error = -EINVAL; + if (!group) return -ENOMEM; param->list = &group->member_list; if (type == TOMOYO_PATH_GROUP) { struct tomoyo_path_group e = { }; + e.member_name = tomoyo_get_name(tomoyo_read_token(param)); if (!e.member_name) { error = -ENOMEM; @@ -90,6 +92,7 @@ int tomoyo_write_group(struct tomoyo_acl_param *param, const u8 type) tomoyo_put_name(e.member_name); } else if (type == TOMOYO_NUMBER_GROUP) { struct tomoyo_number_group e = { }; + if (param->data[0] == '@' || !tomoyo_parse_number_union(param, &e.number)) goto out; @@ -129,6 +132,7 @@ tomoyo_path_matches_group(const struct tomoyo_path_info *pathname, const struct tomoyo_group *group) { struct tomoyo_path_group *member; + list_for_each_entry_rcu(member, &group->member_list, head.list) { if (member->head.is_deleted) continue; @@ -156,6 +160,7 @@ bool tomoyo_number_matches_group(const unsigned long min, { struct tomoyo_number_group *member; bool matched = false; + list_for_each_entry_rcu(member, &group->member_list, head.list) { if (member->head.is_deleted) continue; |