Kezdőlap Felfedezés Súgó
Bejelentkezés
GfA
/
linux_kernel
5
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Forráskód Böngészése

capabilities: move audit log decision to function

Move the audit log decision logic to its own function to isolate the
complexity in one place.

Suggested-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Acked-by: Kees Cook <keescook@chromium.org>
Okay-ished-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Richard Guy Briggs 7 éve
szülő
81a6a01299
commit
9fbc2c7964
1 módosított fájl, 30 hozzáadás és 20 törlés
Osztott Nézet Diff Statisztika Mutatása
  1. 30 20
      security/commoncap.c

+ 30 - 20
security/commoncap.c
Fájl Megtekintése 

@@ -765,6 +765,32 @@ static inline bool __is_setuid(struct cred *new, const struct cred *old)
 
 static inline bool __is_setgid(struct cred *new, const struct cred *old)
 
 { return !gid_eq(new->egid, old->gid); }
 
 
+/*
 
+ * Audit candidate if current->cap_effective is set
 
+ *
 
+ * We do not bother to audit if 3 things are true:
 
+ *   1) cap_effective has all caps
 
+ *   2) we are root
 
+ *   3) root is supposed to have all caps (SECURE_NOROOT)
 
+ * Since this is just a normal root execing a process.
 
+ *
 
+ * Number 1 above might fail if you don't have a full bset, but I think
 
+ * that is interesting information to audit.
 
+ */
 
+static inline bool nonroot_raised_pE(struct cred *cred, kuid_t root)
 
+{
 
+	bool ret = false;
 
+
 
+	if (__cap_grew(effective, ambient, cred)) {
 
+		if (!__cap_full(effective, cred) ||
 
+		    !__is_eff(root, cred) || !__is_real(root, cred) ||
 
+		    !root_privileged()) {
 
+			ret = true;
 
+		}
 
+	}
 
+	return ret;
 
+}
 
+
 
 /**
 
  * cap_bprm_set_creds - Set up the proposed credentials for execve().
 
  * @bprm: The execution parameters, including the proposed creds
 
@@ -841,26 +867,10 @@ int cap_bprm_set_creds(struct linux_binprm *bprm)
 
 	if (WARN_ON(!cap_ambient_invariant_ok(new)))
 
 		return -EPERM;
 
 
-	/*
 
-	 * Audit candidate if current->cap_effective is set
 
-	 *
 
-	 * We do not bother to audit if 3 things are true:
 
-	 *   1) cap_effective has all caps
 
-	 *   2) we are root
 
-	 *   3) root is supposed to have all caps (SECURE_NOROOT)
 
-	 * Since this is just a normal root execing a process.
 
-	 *
 
-	 * Number 1 above might fail if you don't have a full bset, but I think
 
-	 * that is interesting information to audit.
 
-	 */
 
-	if (__cap_grew(effective, ambient, new)) {
 
-		if (!__cap_full(effective, new) ||
 
-		    !__is_eff(root_uid, new) || !__is_real(root_uid, new) ||
 
-		    !root_privileged()) {
 
-			ret = audit_log_bprm_fcaps(bprm, new, old);
 
-			if (ret < 0)
 
-				return ret;
 
-		}
 
+	if (nonroot_raised_pE(new, root_uid)) {
 
+		ret = audit_log_bprm_fcaps(bprm, new, old);
 
+		if (ret < 0)
 
+			return ret;
 
 	}
 
 
 	new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);