redonkable/alistair23-linux
redonkable/alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/security
History
Zoran Markovic 5b841bfab6 smack: fix access permissions for keyring 
Function smack_key_permission() only issues smack requests for the
following operations:
 - KEY_NEED_READ (issues MAY_READ)
 - KEY_NEED_WRITE (issues MAY_WRITE)
 - KEY_NEED_LINK (issues MAY_WRITE)
 - KEY_NEED_SETATTR (issues MAY_WRITE)
A blank smack request is issued in all other cases, resulting in
smack access being granted if there is any rule defined between
subject and object, or denied with -EACCES otherwise.

Request MAY_READ access for KEY_NEED_SEARCH and KEY_NEED_VIEW.
Fix the logic in the unlikely case when both MAY_READ and
MAY_WRITE are needed. Validate access permission field for valid
contents.

Signed-off-by: Zoran Markovic <zmarkovic@sierrawireless.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
2018-12-03 11:57:55 -08:00
..
apparmor + Features/Improvements 2018-11-02 10:04:26 -07:00
integrity Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-25 13:22:23 -07:00
keys KEYS: Move trusted.h to include/keys [ver #2] 2018-10-26 09:30:47 +01:00
loadpin LoadPin: Rename boot param "enabled" to "enforce" 2018-10-18 15:29:44 -07:00
selinux Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-24 11:49:35 +01:00
smack smack: fix access permissions for keyring 2018-12-03 11:57:55 -08:00
tomoyo tomoyo: fix small typo 2018-11-05 08:50:11 -08:00
yama pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
commoncap.c Linux 4.19-rc2 2018-09-04 11:35:54 -07:00
device_cgroup.c docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
inode.c securityfs: add the ability to support symlinks 2017-06-08 12:51:43 -07:00
Kconfig Revert "x86/mm/legacy: Populate the user page-table with user pgd's" 2018-09-14 17:08:45 +02:00
lsm_audit.c audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-24 11:49:35 +01:00