diff options
author | Eric Paris <eparis@redhat.com> | 2009-08-13 09:44:57 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-08-14 11:18:37 +1000 |
commit | 9188499cdb117d86a1ea6b04374095b098d56936 (patch) | |
tree | 7c0dd23f2c98630c426cbd0bfbf5e46cc689091e /security | |
parent | a8f80e8ff94ecba629542d9b4b5f5a8ee3eb565c (diff) | |
download | kernel_samsung_smdk4412-9188499cdb117d86a1ea6b04374095b098d56936.tar.gz kernel_samsung_smdk4412-9188499cdb117d86a1ea6b04374095b098d56936.tar.bz2 kernel_samsung_smdk4412-9188499cdb117d86a1ea6b04374095b098d56936.zip |
security: introducing security_request_module
Calling request_module() will trigger a userspace upcall which will load a
new module into the kernel. This can be a dangerous event if the process
able to trigger request_module() is able to control either the modprobe
binary or the module binary. This patch adds a new security hook to
request_module() which can be used by an LSM to control a processes ability
to call request_module().
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/capability.c | 6 | ||||
-rw-r--r-- | security/security.c | 5 |
2 files changed, 11 insertions, 0 deletions
diff --git a/security/capability.c b/security/capability.c index ec057305402..1b943f54b2e 100644 --- a/security/capability.c +++ b/security/capability.c @@ -396,6 +396,11 @@ static int cap_kernel_create_files_as(struct cred *new, struct inode *inode) return 0; } +static int cap_kernel_module_request(void) +{ + return 0; +} + static int cap_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) { return 0; @@ -945,6 +950,7 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, cred_commit); set_to_cap_if_null(ops, kernel_act_as); set_to_cap_if_null(ops, kernel_create_files_as); + set_to_cap_if_null(ops, kernel_module_request); set_to_cap_if_null(ops, task_setuid); set_to_cap_if_null(ops, task_fix_setuid); set_to_cap_if_null(ops, task_setgid); diff --git a/security/security.c b/security/security.c index 4501c5e1f98..0e993f42ce3 100644 --- a/security/security.c +++ b/security/security.c @@ -709,6 +709,11 @@ int security_kernel_create_files_as(struct cred *new, struct inode *inode) return security_ops->kernel_create_files_as(new, inode); } +int security_kernel_module_request(void) +{ + return security_ops->kernel_module_request(); +} + int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) { return security_ops->task_setuid(id0, id1, id2, flags); |