forked from luck/tmp_suning_uos_patched
5294bac97e
The SafeSetID LSM has functionality for restricting setuid() calls based on its configured security policies. This patch adds the analogous functionality for setgid() calls. This is mostly a copy-and-paste change with some code deduplication, plus slight modifications/name changes to the policy-rule-related structs (now contain GID rules in addition to the UID ones) and some type generalization since SafeSetID now needs to deal with kgid_t and kuid_t types. Signed-off-by: Thomas Cedeno <thomascedeno@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
74 lines
1.7 KiB
C
74 lines
1.7 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* SafeSetID Linux Security Module
|
|
*
|
|
* Author: Micah Morton <mortonm@chromium.org>
|
|
*
|
|
* Copyright (C) 2018 The Chromium OS Authors.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
*/
|
|
#ifndef _SAFESETID_H
|
|
#define _SAFESETID_H
|
|
|
|
#include <linux/types.h>
|
|
#include <linux/uidgid.h>
|
|
#include <linux/hashtable.h>
|
|
|
|
/* Flag indicating whether initialization completed */
|
|
extern int safesetid_initialized;
|
|
|
|
enum sid_policy_type {
|
|
SIDPOL_DEFAULT, /* source ID is unaffected by policy */
|
|
SIDPOL_CONSTRAINED, /* source ID is affected by policy */
|
|
SIDPOL_ALLOWED /* target ID explicitly allowed */
|
|
};
|
|
|
|
typedef union {
|
|
kuid_t uid;
|
|
kgid_t gid;
|
|
} kid_t;
|
|
|
|
enum setid_type {
|
|
UID,
|
|
GID
|
|
};
|
|
|
|
/*
|
|
* Hash table entry to store safesetid policy signifying that 'src_id'
|
|
* can set*id to 'dst_id'.
|
|
*/
|
|
struct setid_rule {
|
|
struct hlist_node next;
|
|
kid_t src_id;
|
|
kid_t dst_id;
|
|
|
|
/* Flag to signal if rule is for UID's or GID's */
|
|
enum setid_type type;
|
|
};
|
|
|
|
#define SETID_HASH_BITS 8 /* 256 buckets in hash table */
|
|
|
|
/* Extension of INVALID_UID/INVALID_GID for kid_t type */
|
|
#define INVALID_ID (kid_t){.uid = INVALID_UID}
|
|
|
|
struct setid_ruleset {
|
|
DECLARE_HASHTABLE(rules, SETID_HASH_BITS);
|
|
char *policy_str;
|
|
struct rcu_head rcu;
|
|
|
|
//Flag to signal if ruleset is for UID's or GID's
|
|
enum setid_type type;
|
|
};
|
|
|
|
enum sid_policy_type _setid_policy_lookup(struct setid_ruleset *policy,
|
|
kid_t src, kid_t dst);
|
|
|
|
extern struct setid_ruleset __rcu *safesetid_setuid_rules;
|
|
extern struct setid_ruleset __rcu *safesetid_setgid_rules;
|
|
|
|
#endif /* _SAFESETID_H */
|