hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-sg2042/security
History
Eric W. Biederman 112b714759 exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds 
Rename bprm->cap_elevated to bprm->active_secureexec and initialize it
in prepare_binprm instead of in cap_bprm_set_creds.  Initializing
bprm->active_secureexec in prepare_binprm allows multiple
implementations of security_bprm_repopulate_creds to play nicely with
each other.

Rename security_bprm_set_creds to security_bprm_reopulate_creds to
emphasize that this path recomputes part of bprm->cred.  This
recomputation avoids the time of check vs time of use problems that
are inherent in unix #! interpreters.

In short two renames and a move in the location of initializing
bprm->active_secureexec.

Link: https://lkml.kernel.org/r/87o8qkzrxp.fsf_-_@x220.int.ebiederm.org
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
 		2020-05-21 10:16:50 -05:00
..
apparmor exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
bpf bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
integrity Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity 2020-04-02 14:49:46 -07:00
keys keys: Fix proc_keys_next to increase position index 2020-04-16 10:10:50 -07:00
loadpin proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
lockdown security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
safesetid security/safesetid: Replace rcu_swap_protected() with rcu_replace_pointer() 2019-10-30 08:45:57 -07:00
selinux exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
smack exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
tomoyo exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
yama proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
Kconfig bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
Kconfig.hardening meminit fix 2019-07-28 12:33:15 -07:00
Makefile bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
commoncap.c exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds 2020-05-21 10:16:50 -05:00
device_cgroup.c device_cgroup: Export devcgroup_check_permission 2019-10-07 15:11:38 -05:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
lsm_audit.c security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds 2020-05-21 10:16:50 -05:00