kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/security/tomoyo
History
Tetsuo Handa df91e49477 TOMOYO: Fix mount flags checking order. 
Userspace can pass in arbitrary combinations of MS_* flags to mount().

If both MS_BIND and one of MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE are
passed, device name which should be checked for MS_BIND was not checked because
MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE had higher priority than MS_BIND.

If both one of MS_BIND/MS_MOVE and MS_REMOUNT are passed, device name which
should not be checked for MS_REMOUNT was checked because MS_BIND/MS_MOVE had
higher priority than MS_REMOUNT.

Fix these bugs by changing priority to MS_REMOUNT -> MS_BIND ->
MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE -> MS_MOVE as with do_mount() does.

Also, unconditionally return -EINVAL if more than one of
MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE is passed so that TOMOYO will not
generate inaccurate audit logs, for commit 7a2e8a8f "VFS: Sanity check mount
flags passed to change_mnt_propagation()" clarified that these flags must be
exclusively passed.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-03-01 10:23:19 +11:00
..
.gitignore Security: tomoyo: add .gitignore file 2011-12-12 17:23:18 +11:00
audit.c tomoyo_mini_stat: switch to umode_t 2012-01-03 22:55:18 -05:00
common.c Merge branch 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security 2011-11-02 17:01:01 -07:00
common.h Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security 2012-01-10 21:51:23 -08:00
condition.c TOMOYO: Simplify garbage collector. 2011-09-26 10:46:20 +10:00
domain.c TOMOYO: Fix domain transition failure warning. 2011-09-28 11:53:15 +10:00
environ.c TOMOYO: Add environment variable name restriction support. 2011-09-14 08:27:05 +10:00
file.c TOMOYO: Fix make namespacecheck warnings. 2011-09-26 10:46:19 +10:00
gc.c TOMOYO: Fix quota and garbage collector. 2011-10-12 12:15:20 +11:00
group.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
Kconfig TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
load_policy.c TOMOYO: Update kernel-doc. 2011-07-14 17:50:03 +10:00
Makefile TOMOYO: Bump version. 2011-09-15 08:14:21 +10:00
memory.c TOMOYO: Remove tomoyo_policy_memory_lock spinlock. 2011-09-26 10:46:22 +10:00
mount.c TOMOYO: Fix mount flags checking order. 2012-03-01 10:23:19 +11:00
network.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
realpath.c vfs: trim includes a bit 2012-01-03 22:57:13 -05:00
securityfs_if.c switch securityfs_create_file() to umode_t 2012-01-03 22:55:13 -05:00
tomoyo.c switch security_path_chmod() to struct path * 2012-01-06 23:16:53 -05:00
util.c TOMOYO: Accept \000 as a valid character. 2012-01-18 10:40:59 +11:00