diff options
author | Eric Paris <eparis@redhat.com> | 2008-11-11 12:02:57 +0100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-11 12:02:57 +0100 |
commit | 066746796bd2f0a1ba210c0dded3b6ee4032692a (patch) | |
tree | 868832ca0e199e4f173e23375cffb5fc3870402c /security | |
parent | The oomkiller calculations make decisions based on capabilities. Since (diff) | |
download | linux-066746796bd2f0a1ba210c0dded3b6ee4032692a.tar.xz linux-066746796bd2f0a1ba210c0dded3b6ee4032692a.zip |
Currently SELinux jumps through some ugly hoops to not audit a capbility
check when determining if a process has additional powers to override
memory limits or when trying to read/write illegal file labels. Use
the new noaudit call instead.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/hooks.c | 19 |
1 files changed, 2 insertions, 17 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 88a3ee33068a..378dc53c08e8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1979,16 +1979,8 @@ static int selinux_syslog(int type) static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) { int rc, cap_sys_admin = 0; - struct task_security_struct *tsec = current->security; - - rc = secondary_ops->capable(current, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT); - if (rc == 0) - rc = avc_has_perm_noaudit(tsec->sid, tsec->sid, - SECCLASS_CAPABILITY, - CAP_TO_MASK(CAP_SYS_ADMIN), - 0, - NULL); + rc = selinux_capable(current, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT); if (rc == 0) cap_sys_admin = 1; @@ -2820,7 +2812,6 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name u32 size; int error; char *context = NULL; - struct task_security_struct *tsec = current->security; struct inode_security_struct *isec = inode->i_security; if (strcmp(name, XATTR_SELINUX_SUFFIX)) @@ -2835,13 +2826,7 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name * and lack of permission just means that we fall back to the * in-core context value, not a denial. */ - error = secondary_ops->capable(current, CAP_MAC_ADMIN, SECURITY_CAP_NOAUDIT); - if (!error) - error = avc_has_perm_noaudit(tsec->sid, tsec->sid, - SECCLASS_CAPABILITY2, - CAPABILITY2__MAC_ADMIN, - 0, - NULL); + error = selinux_capable(current, CAP_MAC_ADMIN, SECURITY_CAP_NOAUDIT); if (!error) error = security_sid_to_context_force(isec->sid, &context, &size); |