diff options
author | James Morris <james.l.morris@oracle.com> | 2017-02-10 10:28:49 +1100 |
---|---|---|
committer | James Morris <james.l.morris@oracle.com> | 2017-02-10 10:28:49 +1100 |
commit | a2a15479d617ebbab67c60b4eed02524536af780 (patch) | |
tree | 64c4a5bbf434b003f02f56edda845e89fd539a7a /security/smack/smack_lsm.c | |
parent | e2241be62deabe09d7c681326fcb0bc707082147 (diff) | |
parent | 1ea0ce40690dff38935538e8dab7b12683ded0d3 (diff) |
Merge branch 'stable-4.11' of git://git.infradead.org/users/pcmoore/selinux into next
Diffstat (limited to 'security/smack/smack_lsm.c')
-rw-r--r-- | security/smack/smack_lsm.c | 31 |
1 files changed, 1 insertions, 30 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 1723bd370e3a..60b4217b9b68 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2302,25 +2302,6 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info, } /** - * smack_task_wait - Smack access check for waiting - * @p: task to wait for - * - * Returns 0 - */ -static int smack_task_wait(struct task_struct *p) -{ - /* - * Allow the operation to succeed. - * Zombies are bad. - * In userless environments (e.g. phones) programs - * get marked with SMACK64EXEC and even if the parent - * and child shouldn't be talking the parent still - * may expect to know when the child exits. - */ - return 0; -} - -/** * smack_task_to_inode - copy task smack into the inode blob * @p: task to copy from * @inode: inode to copy to @@ -3680,7 +3661,6 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value) /** * smack_setprocattr - Smack process attribute setting - * @p: the object task * @name: the name of the attribute in /proc/.../attr * @value: the value to set * @size: the size of the value @@ -3690,8 +3670,7 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value) * * Returns the length of the smack label or an error code */ -static int smack_setprocattr(struct task_struct *p, char *name, - void *value, size_t size) +static int smack_setprocattr(const char *name, void *value, size_t size) { struct task_smack *tsp = current_security(); struct cred *new; @@ -3699,13 +3678,6 @@ static int smack_setprocattr(struct task_struct *p, char *name, struct smack_known_list_elem *sklep; int rc; - /* - * Changing another process' Smack value is too dangerous - * and supports no sane use case. - */ - if (p != current) - return -EPERM; - if (!smack_privileged(CAP_MAC_ADMIN) && list_empty(&tsp->smk_relabel)) return -EPERM; @@ -4727,7 +4699,6 @@ static struct security_hook_list smack_hooks[] = { LSM_HOOK_INIT(task_getscheduler, smack_task_getscheduler), LSM_HOOK_INIT(task_movememory, smack_task_movememory), LSM_HOOK_INIT(task_kill, smack_task_kill), - LSM_HOOK_INIT(task_wait, smack_task_wait), LSM_HOOK_INIT(task_to_inode, smack_task_to_inode), LSM_HOOK_INIT(ipc_permission, smack_ipc_permission), |