X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=meta-app-framework%2Frecipes-kernel%2Flinux%2Flinux%2Flinux-yocto-4.12%2F0001-Smack-File-receive-for-sockets.patch;fp=meta-app-framework%2Frecipes-kernel%2Flinux%2Flinux%2Flinux-yocto-4.12%2F0001-Smack-File-receive-for-sockets.patch;h=0000000000000000000000000000000000000000;hb=e0a51284c21ac0c7187b2f972923023e907f4bc5;hp=4021e5d383eb75358e3f7d9398be7ce14af8d1fe;hpb=317c8a08a6b5943517e67c5ea80b0a9a83a10d63;p=AGL%2Fmeta-agl.git diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.12/0001-Smack-File-receive-for-sockets.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.12/0001-Smack-File-receive-for-sockets.patch deleted file mode 100644 index 4021e5d38..000000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.12/0001-Smack-File-receive-for-sockets.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 2b206c36b16e72cfe41cd22448d8527359ffd962 Mon Sep 17 00:00:00 2001 -From: Casey Schaufler -Date: Mon, 7 Dec 2015 14:34:32 -0800 -Subject: [PATCH 1/4] Smack: File receive for sockets - -The existing file receive hook checks for access on -the file inode even for UDS. This is not right, as -the inode is not used by Smack to make access checks -for sockets. This change checks for an appropriate -access relationship between the receiving (current) -process and the socket. If the process can't write -to the socket's send label or the socket's receive -label can't write to the process fail. - -This will allow the legitimate cases, where the -socket sender and socket receiver can freely communicate. -Only strangly set socket labels should cause a problem. - -Signed-off-by: Casey Schaufler ---- - security/smack/smack_lsm.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index ff81026..b20ef06 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -1860,12 +1860,34 @@ static int smack_file_receive(struct file *file) - int may = 0; - struct smk_audit_info ad; - struct inode *inode = file_inode(file); -+ struct socket *sock; -+ struct task_smack *tsp; -+ struct socket_smack *ssp; - - if (unlikely(IS_PRIVATE(inode))) - return 0; - - smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); - smk_ad_setfield_u_fs_path(&ad, file->f_path); -+ -+ if (S_ISSOCK(inode->i_mode)) { -+ sock = SOCKET_I(inode); -+ ssp = sock->sk->sk_security; -+ tsp = current_security(); -+ /* -+ * If the receiving process can't write to the -+ * passed socket or if the passed socket can't -+ * write to the receiving process don't accept -+ * the passed socket. -+ */ -+ rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad); -+ rc = smk_bu_file(file, may, rc); -+ if (rc < 0) -+ return rc; -+ rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad); -+ rc = smk_bu_file(file, may, rc); -+ return rc; -+ } - /* - * This code relies on bitmasks. - */ --- -2.7.4 -