Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: SELinux: do not destroy the avc_cache_nodep KEYS: Have the garbage collector set its timer for live expired keys tpm-fixup-pcrs-sysfs-file-update creds_are_invalid() needs to be exported for use by modules: include/linux/cred.h: fix build Fix trivial BUILD_BUG_ON-induced conflicts in drivers/char/tpm/tpm.c
This commit is contained in:
commit
c82ffab9a8
5 changed files with 39 additions and 26 deletions
|
@ -742,7 +742,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
|
||||||
* the module usage count.
|
* the module usage count.
|
||||||
*/
|
*/
|
||||||
#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
|
#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
|
||||||
#define EXTEND_PCR_SIZE 34
|
#define EXTEND_PCR_RESULT_SIZE 34
|
||||||
static struct tpm_input_header pcrextend_header = {
|
static struct tpm_input_header pcrextend_header = {
|
||||||
.tag = TPM_TAG_RQU_COMMAND,
|
.tag = TPM_TAG_RQU_COMMAND,
|
||||||
.length = cpu_to_be32(34),
|
.length = cpu_to_be32(34),
|
||||||
|
@ -760,10 +760,9 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
|
||||||
return -ENODEV;
|
return -ENODEV;
|
||||||
|
|
||||||
cmd.header.in = pcrextend_header;
|
cmd.header.in = pcrextend_header;
|
||||||
BUG_ON(be32_to_cpu(cmd.header.in.length) > EXTEND_PCR_SIZE);
|
|
||||||
cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
|
cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
|
||||||
memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
|
memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
|
||||||
rc = transmit_cmd(chip, &cmd, cmd.header.in.length,
|
rc = transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
|
||||||
"attempting extend a PCR value");
|
"attempting extend a PCR value");
|
||||||
|
|
||||||
module_put(chip->dev->driver->owner);
|
module_put(chip->dev->driver->owner);
|
||||||
|
|
|
@ -176,23 +176,7 @@ extern void __invalid_creds(const struct cred *, const char *, unsigned);
|
||||||
extern void __validate_process_creds(struct task_struct *,
|
extern void __validate_process_creds(struct task_struct *,
|
||||||
const char *, unsigned);
|
const char *, unsigned);
|
||||||
|
|
||||||
static inline bool creds_are_invalid(const struct cred *cred)
|
extern bool creds_are_invalid(const struct cred *cred);
|
||||||
{
|
|
||||||
if (cred->magic != CRED_MAGIC)
|
|
||||||
return true;
|
|
||||||
if (atomic_read(&cred->usage) < atomic_read(&cred->subscribers))
|
|
||||||
return true;
|
|
||||||
#ifdef CONFIG_SECURITY_SELINUX
|
|
||||||
if (selinux_is_enabled()) {
|
|
||||||
if ((unsigned long) cred->security < PAGE_SIZE)
|
|
||||||
return true;
|
|
||||||
if ((*(u32 *)cred->security & 0xffffff00) ==
|
|
||||||
(POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline void __validate_creds(const struct cred *cred,
|
static inline void __validate_creds(const struct cred *cred,
|
||||||
const char *file, unsigned line)
|
const char *file, unsigned line)
|
||||||
|
|
|
@ -782,6 +782,25 @@ EXPORT_SYMBOL(set_create_files_as);
|
||||||
|
|
||||||
#ifdef CONFIG_DEBUG_CREDENTIALS
|
#ifdef CONFIG_DEBUG_CREDENTIALS
|
||||||
|
|
||||||
|
bool creds_are_invalid(const struct cred *cred)
|
||||||
|
{
|
||||||
|
if (cred->magic != CRED_MAGIC)
|
||||||
|
return true;
|
||||||
|
if (atomic_read(&cred->usage) < atomic_read(&cred->subscribers))
|
||||||
|
return true;
|
||||||
|
#ifdef CONFIG_SECURITY_SELINUX
|
||||||
|
if (selinux_is_enabled()) {
|
||||||
|
if ((unsigned long) cred->security < PAGE_SIZE)
|
||||||
|
return true;
|
||||||
|
if ((*(u32 *)cred->security & 0xffffff00) ==
|
||||||
|
(POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
EXPORT_SYMBOL(creds_are_invalid);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* dump invalid credentials
|
* dump invalid credentials
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -169,9 +169,9 @@ static void key_garbage_collector(struct work_struct *work)
|
||||||
|
|
||||||
/* trawl through the keys looking for keyrings */
|
/* trawl through the keys looking for keyrings */
|
||||||
for (;;) {
|
for (;;) {
|
||||||
if (key->expiry > now && key->expiry < new_timer) {
|
if (key->expiry > limit && key->expiry < new_timer) {
|
||||||
kdebug("will expire %x in %ld",
|
kdebug("will expire %x in %ld",
|
||||||
key_serial(key), key->expiry - now);
|
key_serial(key), key->expiry - limit);
|
||||||
new_timer = key->expiry;
|
new_timer = key->expiry;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -868,8 +868,19 @@ u32 avc_policy_seqno(void)
|
||||||
|
|
||||||
void avc_disable(void)
|
void avc_disable(void)
|
||||||
{
|
{
|
||||||
|
/*
|
||||||
|
* If you are looking at this because you have realized that we are
|
||||||
|
* not destroying the avc_node_cachep it might be easy to fix, but
|
||||||
|
* I don't know the memory barrier semantics well enough to know. It's
|
||||||
|
* possible that some other task dereferenced security_ops when
|
||||||
|
* it still pointed to selinux operations. If that is the case it's
|
||||||
|
* possible that it is about to use the avc and is about to need the
|
||||||
|
* avc_node_cachep. I know I could wrap the security.c security_ops call
|
||||||
|
* in an rcu_lock, but seriously, it's not worth it. Instead I just flush
|
||||||
|
* the cache and get that memory back.
|
||||||
|
*/
|
||||||
|
if (avc_node_cachep) {
|
||||||
avc_flush();
|
avc_flush();
|
||||||
synchronize_rcu();
|
/* kmem_cache_destroy(avc_node_cachep); */
|
||||||
if (avc_node_cachep)
|
}
|
||||||
kmem_cache_destroy(avc_node_cachep);
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue