From: Olaf Dietsche <olaf.dietsche--list.linux-kernel@exmail.de>
To: linux-kernel@vger.kernel.org, linux-security-module@wirex.com
Subject: [PATCH] accessfs v0.5 ported to LSM - 1/2
Date: Tue, 24 Sep 2002 17:39:43 +0200 [thread overview]
Message-ID: <878z1rpfb4.fsf@goat.bogus.local> (raw)
Hi,
Accessfs is a new file system to control access to system resources.
For further information see the help text.
Changes:
- ported to LSM
- support capabilities
- merged ipv4/ipv6 into ip
This part (1/2) adds a hook to LSM to enable control based on the port
number.
The patch is attached below. It is also available at:
<http://home.t-online.de/home/olaf.dietsche/linux/accessfs-2.5.34-0.5-1_2.patch.gz>
It applies to 2.5.3[5-8] as well.
I did minimal testing using uml 0.58-2.5.34.
Regards, Olaf.
diff -urN v2.5.34/include/linux/security.h v2.5.34-accessfs/include/linux/security.h
--- v2.5.34/include/linux/security.h Sun Sep 1 00:04:51 2002
+++ v2.5.34-accessfs/include/linux/security.h Tue Sep 24 13:25:50 2002
@@ -642,6 +642,13 @@
* @args contains the call arguments (user space pointer).
* The module should return -ENOSYS if it does not implement any new
* system calls.
+ * @ip_prot_sock:
+ * Check, whether this is a protected port.
+ * Security modules may use this hook to implement fine grained control
+ * based on the port number.
+ * @port contains the requested port
+ * The module should return true if port is a protected port (e.g. < 1024),
+ * false otherwise.
*
* @register_security:
* allow module stacking.
@@ -785,6 +792,7 @@
unsigned long arg5);
void (*task_kmod_set_label) (void);
void (*task_reparent_to_init) (struct task_struct * p);
+ int (*ip_prot_sock) (int port);
/* allow module stacking */
int (*register_security) (const char *name,
diff -urN v2.5.34/net/ipv4/af_inet.c v2.5.34-accessfs/net/ipv4/af_inet.c
--- v2.5.34/net/ipv4/af_inet.c Tue Sep 24 11:52:15 2002
+++ v2.5.34-accessfs/net/ipv4/af_inet.c Tue Sep 24 13:21:29 2002
@@ -531,7 +531,7 @@
snum = ntohs(addr->sin_port);
err = -EACCES;
- if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
+ if (security_ops->ip_prot_sock(snum) && !capable(CAP_NET_BIND_SERVICE))
goto out;
/* We keep a pair of addresses. rcv_saddr is the one
diff -urN v2.5.34/net/ipv6/af_inet6.c v2.5.34-accessfs/net/ipv6/af_inet6.c
--- v2.5.34/net/ipv6/af_inet6.c Tue Sep 24 11:52:15 2002
+++ v2.5.34-accessfs/net/ipv6/af_inet6.c Tue Sep 24 13:21:56 2002
@@ -313,7 +313,7 @@
}
snum = ntohs(addr->sin6_port);
- if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
+ if (security_ops->ip_prot_sock(snum) && !capable(CAP_NET_BIND_SERVICE))
return -EACCES;
lock_sock(sk);
diff -urN v2.5.34/security/capability.c v2.5.34-accessfs/security/capability.c
--- v2.5.34/security/capability.c Sun Sep 1 00:04:55 2002
+++ v2.5.34-accessfs/security/capability.c Tue Sep 24 13:20:08 2002
@@ -18,6 +18,7 @@
#include <linux/smp_lock.h>
#include <linux/skbuff.h>
#include <linux/netlink.h>
+#include <net/sock.h>
/* flag to keep track of how we were registered */
static int secondary;
@@ -679,6 +680,11 @@
return;
}
+static int cap_ip_prot_sock (int port)
+{
+ return port && port < PROT_SOCK;
+}
+
static int cap_register (const char *name, struct security_operations *ops)
{
return -EINVAL;
@@ -781,6 +787,8 @@
.task_prctl = cap_task_prctl,
.task_kmod_set_label = cap_task_kmod_set_label,
.task_reparent_to_init = cap_task_reparent_to_init,
+
+ .ip_prot_sock = cap_ip_prot_sock,
.register_security = cap_register,
.unregister_security = cap_unregister,
diff -urN v2.5.34/security/dummy.c v2.5.34-accessfs/security/dummy.c
--- v2.5.34/security/dummy.c Sun Sep 1 00:04:52 2002
+++ v2.5.34-accessfs/security/dummy.c Tue Sep 24 13:19:21 2002
@@ -18,6 +18,7 @@
#include <linux/security.h>
#include <linux/skbuff.h>
#include <linux/netlink.h>
+#include <net/sock.h>
static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
{
@@ -493,6 +494,11 @@
return;
}
+static int dummy_ip_prot_sock (int port)
+{
+ return port && port < PROT_SOCK;
+}
+
static int dummy_register (const char *name, struct security_operations *ops)
{
return -EINVAL;
@@ -595,6 +601,8 @@
.task_prctl = dummy_task_prctl,
.task_kmod_set_label = dummy_task_kmod_set_label,
.task_reparent_to_init = dummy_task_reparent_to_init,
+
+ .ip_prot_sock = dummy_ip_prot_sock,
.register_security = dummy_register,
.unregister_security = dummy_unregister,
next reply other threads:[~2002-09-24 19:00 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-24 15:39 Olaf Dietsche [this message]
2002-09-26 20:37 ` [PATCH] accessfs v0.5 ported to LSM - 1/2 Greg KH
2002-09-27 18:55 ` [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 " Olaf Dietsche
2002-09-27 21:46 ` Greg KH
2002-09-27 23:02 ` Olaf Dietsche
2002-09-29 12:56 ` James Morris
2002-09-29 14:49 ` Olaf Dietsche
2002-09-30 13:14 ` Olaf Dietsche
2002-09-30 8:22 ` Chris Wright
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=878z1rpfb4.fsf@goat.bogus.local \
--to=olaf.dietsche--list.linux-kernel@exmail.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@wirex.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).