projects / platform / kernel / linux-exynos.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a3ef255)
kdbus: disable internal kdbus policy
authorLukasz Skalski <l.skalski@samsung.com>
Mon, 24 Aug 2015 16:54:46 +0000 (18:54 +0200)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Mon, 4 Apr 2016 01:12:39 +0000 (10:12 +0900)
Possibilities of connections to own, see and talk to well-known names
are already restricted by LSM hooks.

Change-Id: I62d86a506a85e6c48bdd3e0f8b11f1aa5a918c75
Signed-off-by: Lukasz Skalski <l.skalski@samsung.com>
ipc/kdbus/connection.c patch | blob | history
ipc/kdbus/names.c patch | blob | history

diff --git a/ipc/kdbus/connection.c b/ipc/kdbus/connection.c
index ab476fa9ccca40e56a240c2c4c41d80db05c9861..424bbdfe3acc52ae59d753806e1979020ee72e4a 100644 (file)
--- a/ipc/kdbus/connection.c
+++ b/ipc/kdbus/connection.c
@@ -1204,10 +1204,13 @@ static struct kdbus_reply *kdbus_conn_call(struct kdbus_conn *src,
        if (ret < 0)
                goto exit;
 
+       /* Disable internal kdbus policy - possibilities of connections to own,
+        * see and talk to well-known names are restricted by LSM hooks
        if (!kdbus_conn_policy_talk(src, current_cred(), dst)) {
                ret = -EPERM;
                goto exit;
        }
+       */
 
        wait = kdbus_reply_new(dst, src, &kmsg->msg, name, true);
        if (IS_ERR(wait)) {
@@ -1282,9 +1285,12 @@ static int kdbus_conn_unicast(struct kdbus_conn *src, struct kdbus_kmsg *kmsg)
                if (!kdbus_match_db_match_kmsg(dst->match_db, src, kmsg) ||
                    !kdbus_conn_policy_talk(dst, NULL, src))
                        goto exit;
+        /* Disable internal kdbus policy - possibilities of connections to own,
+         * see and talk to well-known names are restricted by LSM hooks
        } else if (!kdbus_conn_policy_talk(src, current_cred(), dst)) {
                ret = -EPERM;
                goto exit;
+       */
        } else if (kmsg->msg.flags & KDBUS_MSG_EXPECT_REPLY) {
                wait = kdbus_reply_new(dst, src, &kmsg->msg, name, false);
                if (IS_ERR(wait)) {
diff --git a/ipc/kdbus/names.c b/ipc/kdbus/names.c
index df99e4df815b2e678ebc648bdf963b1940fdc56d..90e0c016f66e90d083b6f507fec6bc7aabaa75b4 100644 (file)
--- a/ipc/kdbus/names.c
+++ b/ipc/kdbus/names.c
@@ -290,10 +290,13 @@ int kdbus_name_acquire(struct kdbus_name_registry *reg,
 
        down_write(&reg->rwlock);
 
+        /* Disable internal kdbus policy - possibilities of connections to own,
+         * see and talk to well-known names are restricted by LSM hooks
        if (!kdbus_conn_policy_own_name(conn, current_cred(), name)) {
                ret = -EPERM;
                goto exit_unlock;
        }
+       */
 
        hash = kdbus_strhash(name);
        e = kdbus_name_find(reg, hash, name);
Domain: System / Kernel;