capabilities: add (back) dummy support for KEEPCAPS

The dummy module is used by folk that run security conscious code(!?).  A
feature of such code (for example, dhclient) is that it tries to operate
with minimum privilege (dropping unneeded capabilities).  While the dummy
module doesn't restrict code execution based on capability state, the user
code expects the kernel to appear to support it.  This patch adds back
faked support for the PR_SET_KEEPCAPS etc., calls - making the kernel
behave as before 2.6.26.

For details see: http://bugzilla.kernel.org/show_bug.cgi?id=10748

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Andrew G. Morgan 2008-06-12 15:21:33 -07:00 коммит произвёл Linus Torvalds
Родитель 57d3c64fd8
Коммит 8cdbc2b982
1 изменённых файлов: 23 добавлений и 1 удалений

Просмотреть файл

@ -27,6 +27,8 @@
#include <linux/hugetlb.h>
#include <linux/ptrace.h>
#include <linux/file.h>
#include <linux/prctl.h>
#include <linux/securebits.h>
static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
{
@ -607,7 +609,27 @@ static int dummy_task_kill (struct task_struct *p, struct siginfo *info,
static int dummy_task_prctl (int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5, long *rc_p)
{
return 0;
switch (option) {
case PR_CAPBSET_READ:
*rc_p = (cap_valid(arg2) ? 1 : -EINVAL);
break;
case PR_GET_KEEPCAPS:
*rc_p = issecure(SECURE_KEEP_CAPS);
break;
case PR_SET_KEEPCAPS:
if (arg2 > 1)
*rc_p = -EINVAL;
else if (arg2)
current->securebits |= issecure_mask(SECURE_KEEP_CAPS);
else
current->securebits &=
~issecure_mask(SECURE_KEEP_CAPS);
break;
default:
return 0;
}
return 1;
}
static void dummy_task_reparent_to_init (struct task_struct *p)