mirrors/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2025-11-04 10:40:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

security: remove unused parameter from security_task_setscheduler()

Browse source 
All security modules shouldn't change sched_param parameter of
security_task_setscheduler().  This is not only meaningless, but also
make a harmful result if caller pass a static variable.

This patch remove policy and sched_param parameter from
security_task_setscheduler() becuase none of security module is
using it.

Cc: James Morris <jmorris@namei.org>
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
KOSAKI Motohiro 2010-10-15 04:21:18 +09:00 committed by James Morris
parent 9b3056cca0
commit b0ae198113
8 changed files with 17 additions and 26 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

2
arch/mips/kernel/mips-mt-fpaff.c
View file

@ -103,7 +103,7 @@ asmlinkage long mipsmt_sys_sched_setaffinity(pid_t pid, unsigned int len,
if (!check_same_owner(p) && !capable(CAP_SYS_NICE))
goto out_unlock;
retval = security_task_setscheduler(p, 0, NULL);
retval = security_task_setscheduler(p)
if (retval)
goto out_unlock;

14
include/linux/security.h
View file

@ -74,7 +74,7 @@ extern int cap_file_mmap(struct file *file, unsigned long reqprot,
extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags);
extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5);
extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp);
extern int cap_task_setscheduler(struct task_struct *p);
extern int cap_task_setioprio(struct task_struct *p, int ioprio);
extern int cap_task_setnice(struct task_struct *p, int nice);
extern int cap_syslog(int type, bool from_file);
@ -1501,8 +1501,7 @@ struct security_operations {
int (*task_getioprio) (struct task_struct *p);
int (*task_setrlimit) (struct task_struct *p, unsigned int resource,
struct rlimit *new_rlim);
int (*task_setscheduler) (struct task_struct *p, int policy,
struct sched_param *lp);
int (*task_setscheduler) (struct task_struct *p);
int (*task_getscheduler) (struct task_struct *p);
int (*task_movememory) (struct task_struct *p);
int (*task_kill) (struct task_struct *p,
@ -1752,8 +1751,7 @@ int security_task_setioprio(struct task_struct *p, int ioprio);
int security_task_getioprio(struct task_struct *p);
int security_task_setrlimit(struct task_struct *p, unsigned int resource,
struct rlimit *new_rlim);
int security_task_setscheduler(struct task_struct *p,
int policy, struct sched_param *lp);
int security_task_setscheduler(struct task_struct *p);
int security_task_getscheduler(struct task_struct *p);
int security_task_movememory(struct task_struct *p);
int security_task_kill(struct task_struct *p, struct siginfo *info,
@ -2320,11 +2318,9 @@ static inline int security_task_setrlimit(struct task_struct *p,
return 0;
}
static inline int security_task_setscheduler(struct task_struct *p,
int policy,
struct sched_param *lp)
static inline int security_task_setscheduler(struct task_struct *p)
{
return cap_task_setscheduler(p, policy, lp);
return cap_task_setscheduler(p);
}
static inline int security_task_getscheduler(struct task_struct *p)

4
kernel/cpuset.c
View file

@ -1397,7 +1397,7 @@ static int cpuset_can_attach(struct cgroup_subsys *ss, struct cgroup *cont,
if (tsk->flags & PF_THREAD_BOUND)
return -EINVAL;
ret = security_task_setscheduler(tsk, 0, NULL);
ret = security_task_setscheduler(tsk);
if (ret)
return ret;
if (threadgroup) {
@ -1405,7 +1405,7 @@ static int cpuset_can_attach(struct cgroup_subsys *ss, struct cgroup *cont,
rcu_read_lock();
list_for_each_entry_rcu(c, &tsk->thread_group, thread_group) {
ret = security_task_setscheduler(c, 0, NULL);
ret = security_task_setscheduler(c);
if (ret) {
rcu_read_unlock();
return ret;

4
kernel/sched.c
View file

@ -4645,7 +4645,7 @@ static int __sched_setscheduler(struct task_struct *p, int policy,
}
if (user) {
retval = security_task_setscheduler(p, policy, param);
retval = security_task_setscheduler(p);
if (retval)
return retval;
}
@ -4887,7 +4887,7 @@ long sched_setaffinity(pid_t pid, const struct cpumask *in_mask)
if (!check_same_owner(p) && !capable(CAP_SYS_NICE))
goto out_unlock;
retval = security_task_setscheduler(p, 0, NULL);
retval = security_task_setscheduler(p);
if (retval)
goto out_unlock;

5
security/commoncap.c
View file

@ -719,14 +719,11 @@ static int cap_safe_nice(struct task_struct *p)
/**
* cap_task_setscheduler - Detemine if scheduler policy change is permitted
* @p: The task to affect
* @policy: The policy to effect
* @lp: The parameters to the scheduling policy
*
* Detemine if the requested scheduler policy change is permitted for the
* specified task, returning 0 if permission is granted, -ve if denied.
*/
int cap_task_setscheduler(struct task_struct *p, int policy,
struct sched_param *lp)
int cap_task_setscheduler(struct task_struct *p)
{
return cap_safe_nice(p);
}

5
security/security.c
View file

@ -778,10 +778,9 @@ int security_task_setrlimit(struct task_struct *p, unsigned int resource,
return security_ops->task_setrlimit(p, resource, new_rlim);
}
int security_task_setscheduler(struct task_struct *p,
int policy, struct sched_param *lp)
int security_task_setscheduler(struct task_struct *p)
{
return security_ops->task_setscheduler(p, policy, lp);
return security_ops->task_setscheduler(p);
}
int security_task_getscheduler(struct task_struct *p)

4
security/selinux/hooks.c
View file

@ -3354,11 +3354,11 @@ static int selinux_task_setrlimit(struct task_struct *p, unsigned int resource,
return 0;
}
static int selinux_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp)
static int selinux_task_setscheduler(struct task_struct *p)
{
int rc;
rc = cap_task_setscheduler(p, policy, lp);
rc = cap_task_setscheduler(p);
if (rc)
return rc;

5
security/smack/smack_lsm.c
View file

@ -1281,12 +1281,11 @@ static int smack_task_getioprio(struct task_struct *p)
*
* Return 0 if read access is permitted
*/
static int smack_task_setscheduler(struct task_struct *p, int policy,
struct sched_param *lp)
static int smack_task_setscheduler(struct task_struct *p)
{
int rc;
rc = cap_task_setscheduler(p, policy, lp);
rc = cap_task_setscheduler(p);
if (rc == 0)
rc = smk_curacc_on_task(p, MAY_WRITE);
return rc;