Re: [PATCH] security: protect legacy apps from insufficient privilege

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Andrew G. Morgan <morgan@...>

Cc: Serge E. Hallyn <serue@...>, lkml <linux-kernel@...>, Linux Security Modules List <linux-security-module@...>

Subject: Re: [PATCH] security: protect legacy apps from insufficient privilege

Date: Thursday, May 22, 2008 - 1:41 am

On Wed, 21 May 2008 08:50:25 -0700 "Andrew G. Morgan" <morgan@kernel.org> wrote:

quoted text> +	CAP_FOR_EACH_U32(i) {
> +		if (i >= tocopy) {
> +			/*
> +			 * Legacy capability sets have no upper bits
> +			 */
> +			bprm->cap_post_exec_permitted.cap[i] = 0;
> +		} else {
> +			__u32 value_cpu;
> +			/*
> +			 * pP' = (X & fP) | (pI & fI)
> +			 */
> +			value_cpu = le32_to_cpu(caps->data[i].permitted);
> +			bprm->cap_post_exec_permitted.cap[i] = (
> +					current->cap_bset.cap[i] & value_cpu
> +				) | (
> +					current->cap_inheritable.cap[i] &
> +					le32_to_cpu(caps->data[i].inheritable)
> +				);
> +			if (value_cpu &
> +			    ~bprm->cap_post_exec_permitted.cap[i]) {
> +				/*
> +				 * insufficient to execute correctly
> +				 */
> +				ret = -EPERM;
> +			}
> +		}
>  	}

That makes my eyes say ow.  The 80-col thing is a pain.

With a judiciously placed `continue' we can do this:

	CAP_FOR_EACH_U32(i) {
		__u32 value_cpu;

		if (i >= tocopy) {
			/*
			 * Legacy capability sets have no upper bits
			 */
			bprm->cap_post_exec_permitted.cap[i] = 0;
			continue;
		}
		/*
		 * pP' = (X & fP) | (pI & fI)
		 */
		value_cpu = le32_to_cpu(caps->data[i].permitted);
		bprm->cap_post_exec_permitted.cap[i] =
			(current->cap_bset.cap[i] & value_cpu) |
			(current->cap_inheritable.cap[i] &
				le32_to_cpu(caps->data[i].inheritable));
		if (value_cpu & ~bprm->cap_post_exec_permitted.cap[i]) {
			/*
			 * insufficient to execute correctly
			 */
			ret = -EPERM;
		}
	}

OK?
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] security: protect legacy apps from insufficient priv..., Andrew G. Morgan, (Wed May 21, 11:50 am)

Re: [PATCH] security: protect legacy apps from insufficient ..., Andrew Morton, (Thu May 22, 1:41 am)

Re: [PATCH] security: protect legacy apps from insufficient ..., Andrew G. Morgan, (Thu May 22, 9:19 am)

Re: [PATCH] security: protect legacy apps from insufficient ..., Serge E. Hallyn, (Wed May 21, 4:34 pm)

Re: [PATCH] security: protect legacy apps from insufficient ..., Andrew G. Morgan, (Thu May 22, 1:18 am)


linux-kernel:
Greg Kroah-Hartman	[PATCH 001/196] Chinese: Add the known_regression URI to the HOWTO
Linus Torvalds	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Eric Paris	[RFC 0/5] [TALPA] Intro to a linux interface for on access scanning
Ingo Molnar	Re: [patch 00/13] Syslets, "Threadlets", generic AIO support, v3
git:

linux-netdev:
Gerrit Renker	[PATCH 18/37] dccp: Support for Mandatory options
David Miller	[GIT]: Networking
David Miller	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Andrew Morton	Re: [BUG] New Kernel Bugs
openbsd-misc:

Re: [PATCH] security: protect legacy apps from insufficient privilege

Online users