Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CHROMIUM: kernel: Initial chromiumos security module.
Initially the chromiumos security module only prevents symlinks in mount paths. Future versions will be more restrictive and will be configurable using a driver interface. BUG=chromium-os:21954 TEST=Use a mount path with a symlink and observe mount failure. Change-Id: I47ade3b7be684ab9e0533ce5ffd1e81009eaebfe Signed-off-by: Stephan Uphoff <ups@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/10581 Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Mandeep Singh Baines <msb@chromium.org>
- Loading branch information
Stephan Uphoff
committed
Nov 3, 2011
1 parent
4093e61
commit 220ac37
Showing
5 changed files
with
73 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
config SECURITY_CHROMIUMOS | ||
tristate "Chromium OS Security Module" | ||
depends on SECURITY | ||
help | ||
The purpose of the Chromium OS security module is to reduce attacking | ||
surface by preventing access to general purpose access modes not required | ||
by Chromium OS. | ||
Currently only the mount operation is restricted by requiring a mount point | ||
path without symbolic links. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
obj-$(CONFIG_SECURITY_CHROMIUMOS) += lsm.o |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
/* | ||
* Linux Security Module for Chromium OS | ||
* | ||
* Copyright 2011 Google Inc. All Rights Reserved | ||
* | ||
* Author: | ||
* Stephan Uphoff <ups@google.com> | ||
* | ||
* This software is licensed under the terms of the GNU General Public | ||
* License version 2, as published by the Free Software Foundation, and | ||
* may be copied, distributed, and modified under those terms. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU General Public License for more details. | ||
*/ | ||
|
||
#include <linux/module.h> | ||
#include <linux/security.h> | ||
|
||
static int chromiumos_security_sb_mount(char *dev_name, struct path *path, | ||
char *type, unsigned long flags, void *data) | ||
{ | ||
int error = current->total_link_count ? -ELOOP : 0; | ||
|
||
if (error) { | ||
char name[sizeof(current->comm)]; | ||
printk(KERN_NOTICE "Chromium OS LSM: Mount path with symlinks" | ||
" prohibited - Task %s (pid = %d)\n", | ||
get_task_comm(name, current), task_pid_nr(current)); | ||
} | ||
|
||
return error; | ||
} | ||
|
||
static struct security_operations chromiumos_security_ops = { | ||
.name = "chromiumos", | ||
.sb_mount = chromiumos_security_sb_mount, | ||
}; | ||
|
||
|
||
static int __init chromiumos_security_init(void) | ||
{ | ||
int error; | ||
|
||
error = register_security(&chromiumos_security_ops); | ||
|
||
if (error) | ||
panic("Could not register chromiumos security module"); | ||
|
||
return error; | ||
} | ||
security_initcall(chromiumos_security_init); |