1
Index: linux-2.6/fs/open.c
2
===================================================================
3
--- linux-2.6.orig/fs/open.c
4
+++ linux-2.6/fs/open.c
5
@@ -483,6 +483,10 @@ asmlinkage long sys_chroot(const char __
6
if (!capable(CAP_SYS_CHROOT))
9
+ error = security_chroot(&nd);
13
set_fs_root(current->fs, nd.mnt, nd.dentry);
16
Index: linux-2.6/include/linux/security.h
17
===================================================================
18
--- linux-2.6.orig/include/linux/security.h
19
+++ linux-2.6/include/linux/security.h
20
@@ -247,6 +247,9 @@ struct request_sock;
21
* Update module state after a successful pivot.
22
* @old_nd contains the nameidata structure for the old root.
23
* @new_nd contains the nameidata structure for the new root.
25
+ * Check permission before chroot to chroot to point named by @nd
26
+ * @nd contains the nameidata object for the new root
28
* Security hooks for inode operations.
30
@@ -1211,6 +1214,7 @@ struct security_operations {
31
struct nameidata * new_nd);
32
void (*sb_post_pivotroot) (struct nameidata * old_nd,
33
struct nameidata * new_nd);
34
+ int (*sb_chroot) (struct nameidata * nd);
36
int (*inode_alloc_security) (struct inode *inode);
37
void (*inode_free_security) (struct inode *inode);
38
@@ -1610,6 +1614,11 @@ static inline void security_sb_post_pivo
39
security_ops->sb_post_pivotroot (old_nd, new_nd);
42
+static inline int security_chroot (struct nameidata *nd)
44
+ return security_ops->sb_chroot (nd);
47
static inline int security_inode_alloc (struct inode *inode)
49
inode->i_security = NULL;
50
@@ -2362,6 +2371,11 @@ static inline void security_sb_post_pivo
51
struct nameidata *new_nd)
54
+static inline int security_sb_chroot (struct nameidata *nd)
59
static inline int security_inode_alloc (struct inode *inode)
62
Index: linux-2.6/security/dummy.c
63
===================================================================
64
--- linux-2.6.orig/security/dummy.c
65
+++ linux-2.6/security/dummy.c
66
@@ -248,6 +248,11 @@ static void dummy_sb_post_pivotroot (str
70
+static int dummy_sb_chroot (struct nameidata *nd)
75
static int dummy_inode_alloc_security (struct inode *inode)
78
@@ -1004,6 +1009,7 @@ void security_fixup_ops (struct security
79
set_to_dummy_if_null(ops, sb_post_addmount);
80
set_to_dummy_if_null(ops, sb_pivotroot);
81
set_to_dummy_if_null(ops, sb_post_pivotroot);
82
+ set_to_dummy_if_null(ops, sb_chroot);
83
set_to_dummy_if_null(ops, inode_alloc_security);
84
set_to_dummy_if_null(ops, inode_free_security);
85
set_to_dummy_if_null(ops, inode_init_security);