summaryrefslogtreecommitdiff
path: root/security/smack/smack_lsm.c
diff options
context:
space:
mode:
authorJames Morris <james.l.morris@oracle.com>2017-02-10 10:28:49 +1100
committerJames Morris <james.l.morris@oracle.com>2017-02-10 10:28:49 +1100
commita2a15479d617ebbab67c60b4eed02524536af780 (patch)
tree64c4a5bbf434b003f02f56edda845e89fd539a7a /security/smack/smack_lsm.c
parente2241be62deabe09d7c681326fcb0bc707082147 (diff)
parent1ea0ce40690dff38935538e8dab7b12683ded0d3 (diff)
Merge branch 'stable-4.11' of git://git.infradead.org/users/pcmoore/selinux into next
Diffstat (limited to 'security/smack/smack_lsm.c')
-rw-r--r--security/smack/smack_lsm.c31
1 files changed, 1 insertions, 30 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 1723bd370e3a..60b4217b9b68 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2302,25 +2302,6 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info,
}
/**
- * smack_task_wait - Smack access check for waiting
- * @p: task to wait for
- *
- * Returns 0
- */
-static int smack_task_wait(struct task_struct *p)
-{
- /*
- * Allow the operation to succeed.
- * Zombies are bad.
- * In userless environments (e.g. phones) programs
- * get marked with SMACK64EXEC and even if the parent
- * and child shouldn't be talking the parent still
- * may expect to know when the child exits.
- */
- return 0;
-}
-
-/**
* smack_task_to_inode - copy task smack into the inode blob
* @p: task to copy from
* @inode: inode to copy to
@@ -3680,7 +3661,6 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value)
/**
* smack_setprocattr - Smack process attribute setting
- * @p: the object task
* @name: the name of the attribute in /proc/.../attr
* @value: the value to set
* @size: the size of the value
@@ -3690,8 +3670,7 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value)
*
* Returns the length of the smack label or an error code
*/
-static int smack_setprocattr(struct task_struct *p, char *name,
- void *value, size_t size)
+static int smack_setprocattr(const char *name, void *value, size_t size)
{
struct task_smack *tsp = current_security();
struct cred *new;
@@ -3699,13 +3678,6 @@ static int smack_setprocattr(struct task_struct *p, char *name,
struct smack_known_list_elem *sklep;
int rc;
- /*
- * Changing another process' Smack value is too dangerous
- * and supports no sane use case.
- */
- if (p != current)
- return -EPERM;
-
if (!smack_privileged(CAP_MAC_ADMIN) && list_empty(&tsp->smk_relabel))
return -EPERM;
@@ -4727,7 +4699,6 @@ static struct security_hook_list smack_hooks[] = {
LSM_HOOK_INIT(task_getscheduler, smack_task_getscheduler),
LSM_HOOK_INIT(task_movememory, smack_task_movememory),
LSM_HOOK_INIT(task_kill, smack_task_kill),
- LSM_HOOK_INIT(task_wait, smack_task_wait),
LSM_HOOK_INIT(task_to_inode, smack_task_to_inode),
LSM_HOOK_INIT(ipc_permission, smack_ipc_permission),