diff options
| author | Michael A. Halcrow <mahalcro@us.ibm.com> | 2004-10-19 18:30:12 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2004-10-19 18:30:12 -0700 |
| commit | cdb16df9d3f41be07e35dbff6d4a0e453fdd6cf9 (patch) | |
| tree | b830bb0edc554e046306c60636a052614e78ea41 /security | |
| parent | 26d784977a0a78038f934cd2fb3ce35975d0ebee (diff) | |
[PATCH] BSD Secure Levels LSM: add time hooks
I have received positive feedback from various individuals who have applied my
BSD Secure Levels LSM patch, and so at this point I am submitting it to you
with a request to merge it in. Nothing has changed in this patch since when I
last posted it to the LKML, so I am not re-sending it there.
This first patch adds hooks to catch attempts to set the system clock back.
Signed-off-by: Michael A. Halcrow <mahalcro@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/capability.c | 1 | ||||
| -rw-r--r-- | security/commoncap.c | 16 | ||||
| -rw-r--r-- | security/dummy.c | 8 |
3 files changed, 20 insertions, 5 deletions
diff --git a/security/capability.c b/security/capability.c index 532023c652ca..ec18d6075625 100644 --- a/security/capability.c +++ b/security/capability.c @@ -30,6 +30,7 @@ static struct security_operations capability_ops = { .capset_check = cap_capset_check, .capset_set = cap_capset_set, .capable = cap_capable, + .settime = cap_settime, .netlink_send = cap_netlink_send, .netlink_recv = cap_netlink_recv, diff --git a/security/commoncap.c b/security/commoncap.c index ed0d6136f6fc..6890914525dc 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -27,20 +27,25 @@ int cap_capable (struct task_struct *tsk, int cap) { /* Derived from include/linux/sched.h:capable. */ - if (cap_raised (tsk->cap_effective, cap)) + if (cap_raised(tsk->cap_effective, cap)) return 0; - else + return -EPERM; +} + +int cap_settime(struct timespec *ts, struct timezone *tz) +{ + if (!capable(CAP_SYS_TIME)) return -EPERM; + return 0; } int cap_ptrace (struct task_struct *parent, struct task_struct *child) { /* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */ if (!cap_issubset (child->cap_permitted, current->cap_permitted) && - !capable (CAP_SYS_PTRACE)) + !capable(CAP_SYS_PTRACE)) return -EPERM; - else - return 0; + return 0; } int cap_capget (struct task_struct *target, kernel_cap_t *effective, @@ -373,6 +378,7 @@ int cap_vm_enough_memory(long pages) } EXPORT_SYMBOL(cap_capable); +EXPORT_SYMBOL(cap_settime); EXPORT_SYMBOL(cap_ptrace); EXPORT_SYMBOL(cap_capget); EXPORT_SYMBOL(cap_capset_check); diff --git a/security/dummy.c b/security/dummy.c index 0ce9f22d6c8c..c20c28ac1f00 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -104,6 +104,13 @@ static int dummy_syslog (int type) return 0; } +static int dummy_settime(struct timespec *ts, struct timezone *tz) +{ + if (!capable(CAP_SYS_TIME)) + return -EPERM; + return 0; +} + /* * Check that a process has enough memory to allocate a new virtual * mapping. 0 means there is enough memory for the allocation to @@ -897,6 +904,7 @@ void security_fixup_ops (struct security_operations *ops) set_to_dummy_if_null(ops, quota_on); set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, syslog); + set_to_dummy_if_null(ops, settime); set_to_dummy_if_null(ops, vm_enough_memory); set_to_dummy_if_null(ops, bprm_alloc_security); set_to_dummy_if_null(ops, bprm_free_security); |