Commit ac2dfbcb authored by Stephen D. Smalley's avatar Stephen D. Smalley Committed by Linus Torvalds

[PATCH] SELinux: revalidate access to controlling tty

This patch changes the SELinux flush_unauthorized_files function to also
recheck access to the controlling tty and reset it if it is no longer
accessible under the new security context.  This patch is relative to the
selinuxfs devnull patch.
Signed-off-by: default avatarStephen Smalley <sds@epoch.ncsc.mil>
Signed-off-by: default avatarJames Morris <jmorris@redhat.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 0b70160d
......@@ -43,6 +43,7 @@
#include <linux/kd.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter_ipv6.h>
#include <linux/tty.h>
#include <net/icmp.h>
#include <net/ip.h> /* for sysctl_local_port_range[] */
#include <net/tcp.h> /* struct or_callable used in sock_rcv_skb */
......@@ -1733,8 +1734,32 @@ static inline void flush_unauthorized_files(struct files_struct * files)
{
struct avc_audit_data ad;
struct file *file, *devnull = NULL;
struct tty_struct *tty = current->signal->tty;
long j = -1;
if (tty) {
file_list_lock();
file = list_entry(tty->tty_files.next, typeof(*file), f_list);
if (file) {
/* Revalidate access to controlling tty.
Use inode_has_perm on the tty inode directly rather
than using file_has_perm, as this particular open
file may belong to another process and we are only
interested in the inode-based check here. */
struct inode *inode = file->f_dentry->d_inode;
if (inode_has_perm(current, inode,
FILE__READ | FILE__WRITE,
NULL, NULL)) {
/* Reset controlling tty. */
current->signal->tty = NULL;
current->signal->tty_old_pgrp = 0;
}
}
file_list_unlock();
}
/* Revalidate access to inherited open files. */
AVC_AUDIT_DATA_INIT(&ad,FS);
spin_lock(&files->file_lock);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment