1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-only
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4*4882a593Smuzhiyun *
5*4882a593Smuzhiyun * Authors:
6*4882a593Smuzhiyun * Casey Schaufler <casey@schaufler-ca.com>
7*4882a593Smuzhiyun * Ahmed S. Darwish <darwish.07@gmail.com>
8*4882a593Smuzhiyun *
9*4882a593Smuzhiyun * Special thanks to the authors of selinuxfs.
10*4882a593Smuzhiyun *
11*4882a593Smuzhiyun * Karl MacMillan <kmacmillan@tresys.com>
12*4882a593Smuzhiyun * James Morris <jmorris@redhat.com>
13*4882a593Smuzhiyun */
14*4882a593Smuzhiyun
15*4882a593Smuzhiyun #include <linux/kernel.h>
16*4882a593Smuzhiyun #include <linux/vmalloc.h>
17*4882a593Smuzhiyun #include <linux/security.h>
18*4882a593Smuzhiyun #include <linux/mutex.h>
19*4882a593Smuzhiyun #include <linux/slab.h>
20*4882a593Smuzhiyun #include <net/net_namespace.h>
21*4882a593Smuzhiyun #include <net/cipso_ipv4.h>
22*4882a593Smuzhiyun #include <linux/seq_file.h>
23*4882a593Smuzhiyun #include <linux/ctype.h>
24*4882a593Smuzhiyun #include <linux/audit.h>
25*4882a593Smuzhiyun #include <linux/magic.h>
26*4882a593Smuzhiyun #include <linux/fs_context.h>
27*4882a593Smuzhiyun #include "smack.h"
28*4882a593Smuzhiyun
29*4882a593Smuzhiyun #define BEBITS (sizeof(__be32) * 8)
30*4882a593Smuzhiyun /*
31*4882a593Smuzhiyun * smackfs pseudo filesystem.
32*4882a593Smuzhiyun */
33*4882a593Smuzhiyun
34*4882a593Smuzhiyun enum smk_inos {
35*4882a593Smuzhiyun SMK_ROOT_INO = 2,
36*4882a593Smuzhiyun SMK_LOAD = 3, /* load policy */
37*4882a593Smuzhiyun SMK_CIPSO = 4, /* load label -> CIPSO mapping */
38*4882a593Smuzhiyun SMK_DOI = 5, /* CIPSO DOI */
39*4882a593Smuzhiyun SMK_DIRECT = 6, /* CIPSO level indicating direct label */
40*4882a593Smuzhiyun SMK_AMBIENT = 7, /* internet ambient label */
41*4882a593Smuzhiyun SMK_NET4ADDR = 8, /* single label hosts */
42*4882a593Smuzhiyun SMK_ONLYCAP = 9, /* the only "capable" label */
43*4882a593Smuzhiyun SMK_LOGGING = 10, /* logging */
44*4882a593Smuzhiyun SMK_LOAD_SELF = 11, /* task specific rules */
45*4882a593Smuzhiyun SMK_ACCESSES = 12, /* access policy */
46*4882a593Smuzhiyun SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
47*4882a593Smuzhiyun SMK_LOAD2 = 14, /* load policy with long labels */
48*4882a593Smuzhiyun SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
49*4882a593Smuzhiyun SMK_ACCESS2 = 16, /* make an access check with long labels */
50*4882a593Smuzhiyun SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
51*4882a593Smuzhiyun SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
52*4882a593Smuzhiyun SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */
53*4882a593Smuzhiyun SMK_SYSLOG = 20, /* change syslog label) */
54*4882a593Smuzhiyun SMK_PTRACE = 21, /* set ptrace rule */
55*4882a593Smuzhiyun #ifdef CONFIG_SECURITY_SMACK_BRINGUP
56*4882a593Smuzhiyun SMK_UNCONFINED = 22, /* define an unconfined label */
57*4882a593Smuzhiyun #endif
58*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_IPV6)
59*4882a593Smuzhiyun SMK_NET6ADDR = 23, /* single label IPv6 hosts */
60*4882a593Smuzhiyun #endif /* CONFIG_IPV6 */
61*4882a593Smuzhiyun SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */
62*4882a593Smuzhiyun };
63*4882a593Smuzhiyun
64*4882a593Smuzhiyun /*
65*4882a593Smuzhiyun * List locks
66*4882a593Smuzhiyun */
67*4882a593Smuzhiyun static DEFINE_MUTEX(smack_cipso_lock);
68*4882a593Smuzhiyun static DEFINE_MUTEX(smack_ambient_lock);
69*4882a593Smuzhiyun static DEFINE_MUTEX(smk_net4addr_lock);
70*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_IPV6)
71*4882a593Smuzhiyun static DEFINE_MUTEX(smk_net6addr_lock);
72*4882a593Smuzhiyun #endif /* CONFIG_IPV6 */
73*4882a593Smuzhiyun
74*4882a593Smuzhiyun /*
75*4882a593Smuzhiyun * This is the "ambient" label for network traffic.
76*4882a593Smuzhiyun * If it isn't somehow marked, use this.
77*4882a593Smuzhiyun * It can be reset via smackfs/ambient
78*4882a593Smuzhiyun */
79*4882a593Smuzhiyun struct smack_known *smack_net_ambient;
80*4882a593Smuzhiyun
81*4882a593Smuzhiyun /*
82*4882a593Smuzhiyun * This is the level in a CIPSO header that indicates a
83*4882a593Smuzhiyun * smack label is contained directly in the category set.
84*4882a593Smuzhiyun * It can be reset via smackfs/direct
85*4882a593Smuzhiyun */
86*4882a593Smuzhiyun int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
87*4882a593Smuzhiyun
88*4882a593Smuzhiyun /*
89*4882a593Smuzhiyun * This is the level in a CIPSO header that indicates a
90*4882a593Smuzhiyun * secid is contained directly in the category set.
91*4882a593Smuzhiyun * It can be reset via smackfs/mapped
92*4882a593Smuzhiyun */
93*4882a593Smuzhiyun int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
94*4882a593Smuzhiyun
95*4882a593Smuzhiyun #ifdef CONFIG_SECURITY_SMACK_BRINGUP
96*4882a593Smuzhiyun /*
97*4882a593Smuzhiyun * Allow one label to be unconfined. This is for
98*4882a593Smuzhiyun * debugging and application bring-up purposes only.
99*4882a593Smuzhiyun * It is bad and wrong, but everyone seems to expect
100*4882a593Smuzhiyun * to have it.
101*4882a593Smuzhiyun */
102*4882a593Smuzhiyun struct smack_known *smack_unconfined;
103*4882a593Smuzhiyun #endif
104*4882a593Smuzhiyun
105*4882a593Smuzhiyun /*
106*4882a593Smuzhiyun * If this value is set restrict syslog use to the label specified.
107*4882a593Smuzhiyun * It can be reset via smackfs/syslog
108*4882a593Smuzhiyun */
109*4882a593Smuzhiyun struct smack_known *smack_syslog_label;
110*4882a593Smuzhiyun
111*4882a593Smuzhiyun /*
112*4882a593Smuzhiyun * Ptrace current rule
113*4882a593Smuzhiyun * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based)
114*4882a593Smuzhiyun * SMACK_PTRACE_EXACT labels must match, but can be overriden with
115*4882a593Smuzhiyun * CAP_SYS_PTRACE
116*4882a593Smuzhiyun * SMACK_PTRACE_DRACONIAN lables must match, CAP_SYS_PTRACE has no effect
117*4882a593Smuzhiyun */
118*4882a593Smuzhiyun int smack_ptrace_rule = SMACK_PTRACE_DEFAULT;
119*4882a593Smuzhiyun
120*4882a593Smuzhiyun /*
121*4882a593Smuzhiyun * Certain IP addresses may be designated as single label hosts.
122*4882a593Smuzhiyun * Packets are sent there unlabeled, but only from tasks that
123*4882a593Smuzhiyun * can write to the specified label.
124*4882a593Smuzhiyun */
125*4882a593Smuzhiyun
126*4882a593Smuzhiyun LIST_HEAD(smk_net4addr_list);
127*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_IPV6)
128*4882a593Smuzhiyun LIST_HEAD(smk_net6addr_list);
129*4882a593Smuzhiyun #endif /* CONFIG_IPV6 */
130*4882a593Smuzhiyun
131*4882a593Smuzhiyun /*
132*4882a593Smuzhiyun * Rule lists are maintained for each label.
133*4882a593Smuzhiyun */
134*4882a593Smuzhiyun struct smack_parsed_rule {
135*4882a593Smuzhiyun struct smack_known *smk_subject;
136*4882a593Smuzhiyun struct smack_known *smk_object;
137*4882a593Smuzhiyun int smk_access1;
138*4882a593Smuzhiyun int smk_access2;
139*4882a593Smuzhiyun };
140*4882a593Smuzhiyun
141*4882a593Smuzhiyun static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
142*4882a593Smuzhiyun
143*4882a593Smuzhiyun /*
144*4882a593Smuzhiyun * Values for parsing cipso rules
145*4882a593Smuzhiyun * SMK_DIGITLEN: Length of a digit field in a rule.
146*4882a593Smuzhiyun * SMK_CIPSOMIN: Minimum possible cipso rule length.
147*4882a593Smuzhiyun * SMK_CIPSOMAX: Maximum possible cipso rule length.
148*4882a593Smuzhiyun */
149*4882a593Smuzhiyun #define SMK_DIGITLEN 4
150*4882a593Smuzhiyun #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
151*4882a593Smuzhiyun #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
152*4882a593Smuzhiyun
153*4882a593Smuzhiyun /*
154*4882a593Smuzhiyun * Values for parsing MAC rules
155*4882a593Smuzhiyun * SMK_ACCESS: Maximum possible combination of access permissions
156*4882a593Smuzhiyun * SMK_ACCESSLEN: Maximum length for a rule access field
157*4882a593Smuzhiyun * SMK_LOADLEN: Smack rule length
158*4882a593Smuzhiyun */
159*4882a593Smuzhiyun #define SMK_OACCESS "rwxa"
160*4882a593Smuzhiyun #define SMK_ACCESS "rwxatl"
161*4882a593Smuzhiyun #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
162*4882a593Smuzhiyun #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
163*4882a593Smuzhiyun #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
164*4882a593Smuzhiyun #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
165*4882a593Smuzhiyun
166*4882a593Smuzhiyun /*
167*4882a593Smuzhiyun * Stricly for CIPSO level manipulation.
168*4882a593Smuzhiyun * Set the category bit number in a smack label sized buffer.
169*4882a593Smuzhiyun */
smack_catset_bit(unsigned int cat,char * catsetp)170*4882a593Smuzhiyun static inline void smack_catset_bit(unsigned int cat, char *catsetp)
171*4882a593Smuzhiyun {
172*4882a593Smuzhiyun if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
173*4882a593Smuzhiyun return;
174*4882a593Smuzhiyun
175*4882a593Smuzhiyun catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
176*4882a593Smuzhiyun }
177*4882a593Smuzhiyun
178*4882a593Smuzhiyun /**
179*4882a593Smuzhiyun * smk_netlabel_audit_set - fill a netlbl_audit struct
180*4882a593Smuzhiyun * @nap: structure to fill
181*4882a593Smuzhiyun */
smk_netlabel_audit_set(struct netlbl_audit * nap)182*4882a593Smuzhiyun static void smk_netlabel_audit_set(struct netlbl_audit *nap)
183*4882a593Smuzhiyun {
184*4882a593Smuzhiyun struct smack_known *skp = smk_of_current();
185*4882a593Smuzhiyun
186*4882a593Smuzhiyun nap->loginuid = audit_get_loginuid(current);
187*4882a593Smuzhiyun nap->sessionid = audit_get_sessionid(current);
188*4882a593Smuzhiyun nap->secid = skp->smk_secid;
189*4882a593Smuzhiyun }
190*4882a593Smuzhiyun
191*4882a593Smuzhiyun /*
192*4882a593Smuzhiyun * Value for parsing single label host rules
193*4882a593Smuzhiyun * "1.2.3.4 X"
194*4882a593Smuzhiyun */
195*4882a593Smuzhiyun #define SMK_NETLBLADDRMIN 9
196*4882a593Smuzhiyun
197*4882a593Smuzhiyun /**
198*4882a593Smuzhiyun * smk_set_access - add a rule to the rule list or replace an old rule
199*4882a593Smuzhiyun * @srp: the rule to add or replace
200*4882a593Smuzhiyun * @rule_list: the list of rules
201*4882a593Smuzhiyun * @rule_lock: the rule list lock
202*4882a593Smuzhiyun *
203*4882a593Smuzhiyun * Looks through the current subject/object/access list for
204*4882a593Smuzhiyun * the subject/object pair and replaces the access that was
205*4882a593Smuzhiyun * there. If the pair isn't found add it with the specified
206*4882a593Smuzhiyun * access.
207*4882a593Smuzhiyun *
208*4882a593Smuzhiyun * Returns 0 if nothing goes wrong or -ENOMEM if it fails
209*4882a593Smuzhiyun * during the allocation of the new pair to add.
210*4882a593Smuzhiyun */
smk_set_access(struct smack_parsed_rule * srp,struct list_head * rule_list,struct mutex * rule_lock)211*4882a593Smuzhiyun static int smk_set_access(struct smack_parsed_rule *srp,
212*4882a593Smuzhiyun struct list_head *rule_list,
213*4882a593Smuzhiyun struct mutex *rule_lock)
214*4882a593Smuzhiyun {
215*4882a593Smuzhiyun struct smack_rule *sp;
216*4882a593Smuzhiyun int found = 0;
217*4882a593Smuzhiyun int rc = 0;
218*4882a593Smuzhiyun
219*4882a593Smuzhiyun mutex_lock(rule_lock);
220*4882a593Smuzhiyun
221*4882a593Smuzhiyun /*
222*4882a593Smuzhiyun * Because the object label is less likely to match
223*4882a593Smuzhiyun * than the subject label check it first
224*4882a593Smuzhiyun */
225*4882a593Smuzhiyun list_for_each_entry_rcu(sp, rule_list, list) {
226*4882a593Smuzhiyun if (sp->smk_object == srp->smk_object &&
227*4882a593Smuzhiyun sp->smk_subject == srp->smk_subject) {
228*4882a593Smuzhiyun found = 1;
229*4882a593Smuzhiyun sp->smk_access |= srp->smk_access1;
230*4882a593Smuzhiyun sp->smk_access &= ~srp->smk_access2;
231*4882a593Smuzhiyun break;
232*4882a593Smuzhiyun }
233*4882a593Smuzhiyun }
234*4882a593Smuzhiyun
235*4882a593Smuzhiyun if (found == 0) {
236*4882a593Smuzhiyun sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL);
237*4882a593Smuzhiyun if (sp == NULL) {
238*4882a593Smuzhiyun rc = -ENOMEM;
239*4882a593Smuzhiyun goto out;
240*4882a593Smuzhiyun }
241*4882a593Smuzhiyun
242*4882a593Smuzhiyun sp->smk_subject = srp->smk_subject;
243*4882a593Smuzhiyun sp->smk_object = srp->smk_object;
244*4882a593Smuzhiyun sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
245*4882a593Smuzhiyun
246*4882a593Smuzhiyun list_add_rcu(&sp->list, rule_list);
247*4882a593Smuzhiyun }
248*4882a593Smuzhiyun
249*4882a593Smuzhiyun out:
250*4882a593Smuzhiyun mutex_unlock(rule_lock);
251*4882a593Smuzhiyun return rc;
252*4882a593Smuzhiyun }
253*4882a593Smuzhiyun
254*4882a593Smuzhiyun /**
255*4882a593Smuzhiyun * smk_perm_from_str - parse smack accesses from a text string
256*4882a593Smuzhiyun * @string: a text string that contains a Smack accesses code
257*4882a593Smuzhiyun *
258*4882a593Smuzhiyun * Returns an integer with respective bits set for specified accesses.
259*4882a593Smuzhiyun */
smk_perm_from_str(const char * string)260*4882a593Smuzhiyun static int smk_perm_from_str(const char *string)
261*4882a593Smuzhiyun {
262*4882a593Smuzhiyun int perm = 0;
263*4882a593Smuzhiyun const char *cp;
264*4882a593Smuzhiyun
265*4882a593Smuzhiyun for (cp = string; ; cp++)
266*4882a593Smuzhiyun switch (*cp) {
267*4882a593Smuzhiyun case '-':
268*4882a593Smuzhiyun break;
269*4882a593Smuzhiyun case 'r':
270*4882a593Smuzhiyun case 'R':
271*4882a593Smuzhiyun perm |= MAY_READ;
272*4882a593Smuzhiyun break;
273*4882a593Smuzhiyun case 'w':
274*4882a593Smuzhiyun case 'W':
275*4882a593Smuzhiyun perm |= MAY_WRITE;
276*4882a593Smuzhiyun break;
277*4882a593Smuzhiyun case 'x':
278*4882a593Smuzhiyun case 'X':
279*4882a593Smuzhiyun perm |= MAY_EXEC;
280*4882a593Smuzhiyun break;
281*4882a593Smuzhiyun case 'a':
282*4882a593Smuzhiyun case 'A':
283*4882a593Smuzhiyun perm |= MAY_APPEND;
284*4882a593Smuzhiyun break;
285*4882a593Smuzhiyun case 't':
286*4882a593Smuzhiyun case 'T':
287*4882a593Smuzhiyun perm |= MAY_TRANSMUTE;
288*4882a593Smuzhiyun break;
289*4882a593Smuzhiyun case 'l':
290*4882a593Smuzhiyun case 'L':
291*4882a593Smuzhiyun perm |= MAY_LOCK;
292*4882a593Smuzhiyun break;
293*4882a593Smuzhiyun case 'b':
294*4882a593Smuzhiyun case 'B':
295*4882a593Smuzhiyun perm |= MAY_BRINGUP;
296*4882a593Smuzhiyun break;
297*4882a593Smuzhiyun default:
298*4882a593Smuzhiyun return perm;
299*4882a593Smuzhiyun }
300*4882a593Smuzhiyun }
301*4882a593Smuzhiyun
302*4882a593Smuzhiyun /**
303*4882a593Smuzhiyun * smk_fill_rule - Fill Smack rule from strings
304*4882a593Smuzhiyun * @subject: subject label string
305*4882a593Smuzhiyun * @object: object label string
306*4882a593Smuzhiyun * @access1: access string
307*4882a593Smuzhiyun * @access2: string with permissions to be removed
308*4882a593Smuzhiyun * @rule: Smack rule
309*4882a593Smuzhiyun * @import: if non-zero, import labels
310*4882a593Smuzhiyun * @len: label length limit
311*4882a593Smuzhiyun *
312*4882a593Smuzhiyun * Returns 0 on success, appropriate error code on failure.
313*4882a593Smuzhiyun */
smk_fill_rule(const char * subject,const char * object,const char * access1,const char * access2,struct smack_parsed_rule * rule,int import,int len)314*4882a593Smuzhiyun static int smk_fill_rule(const char *subject, const char *object,
315*4882a593Smuzhiyun const char *access1, const char *access2,
316*4882a593Smuzhiyun struct smack_parsed_rule *rule, int import,
317*4882a593Smuzhiyun int len)
318*4882a593Smuzhiyun {
319*4882a593Smuzhiyun const char *cp;
320*4882a593Smuzhiyun struct smack_known *skp;
321*4882a593Smuzhiyun
322*4882a593Smuzhiyun if (import) {
323*4882a593Smuzhiyun rule->smk_subject = smk_import_entry(subject, len);
324*4882a593Smuzhiyun if (IS_ERR(rule->smk_subject))
325*4882a593Smuzhiyun return PTR_ERR(rule->smk_subject);
326*4882a593Smuzhiyun
327*4882a593Smuzhiyun rule->smk_object = smk_import_entry(object, len);
328*4882a593Smuzhiyun if (IS_ERR(rule->smk_object))
329*4882a593Smuzhiyun return PTR_ERR(rule->smk_object);
330*4882a593Smuzhiyun } else {
331*4882a593Smuzhiyun cp = smk_parse_smack(subject, len);
332*4882a593Smuzhiyun if (IS_ERR(cp))
333*4882a593Smuzhiyun return PTR_ERR(cp);
334*4882a593Smuzhiyun skp = smk_find_entry(cp);
335*4882a593Smuzhiyun kfree(cp);
336*4882a593Smuzhiyun if (skp == NULL)
337*4882a593Smuzhiyun return -ENOENT;
338*4882a593Smuzhiyun rule->smk_subject = skp;
339*4882a593Smuzhiyun
340*4882a593Smuzhiyun cp = smk_parse_smack(object, len);
341*4882a593Smuzhiyun if (IS_ERR(cp))
342*4882a593Smuzhiyun return PTR_ERR(cp);
343*4882a593Smuzhiyun skp = smk_find_entry(cp);
344*4882a593Smuzhiyun kfree(cp);
345*4882a593Smuzhiyun if (skp == NULL)
346*4882a593Smuzhiyun return -ENOENT;
347*4882a593Smuzhiyun rule->smk_object = skp;
348*4882a593Smuzhiyun }
349*4882a593Smuzhiyun
350*4882a593Smuzhiyun rule->smk_access1 = smk_perm_from_str(access1);
351*4882a593Smuzhiyun if (access2)
352*4882a593Smuzhiyun rule->smk_access2 = smk_perm_from_str(access2);
353*4882a593Smuzhiyun else
354*4882a593Smuzhiyun rule->smk_access2 = ~rule->smk_access1;
355*4882a593Smuzhiyun
356*4882a593Smuzhiyun return 0;
357*4882a593Smuzhiyun }
358*4882a593Smuzhiyun
359*4882a593Smuzhiyun /**
360*4882a593Smuzhiyun * smk_parse_rule - parse Smack rule from load string
361*4882a593Smuzhiyun * @data: string to be parsed whose size is SMK_LOADLEN
362*4882a593Smuzhiyun * @rule: Smack rule
363*4882a593Smuzhiyun * @import: if non-zero, import labels
364*4882a593Smuzhiyun *
365*4882a593Smuzhiyun * Returns 0 on success, -1 on errors.
366*4882a593Smuzhiyun */
smk_parse_rule(const char * data,struct smack_parsed_rule * rule,int import)367*4882a593Smuzhiyun static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
368*4882a593Smuzhiyun int import)
369*4882a593Smuzhiyun {
370*4882a593Smuzhiyun int rc;
371*4882a593Smuzhiyun
372*4882a593Smuzhiyun rc = smk_fill_rule(data, data + SMK_LABELLEN,
373*4882a593Smuzhiyun data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
374*4882a593Smuzhiyun import, SMK_LABELLEN);
375*4882a593Smuzhiyun return rc;
376*4882a593Smuzhiyun }
377*4882a593Smuzhiyun
378*4882a593Smuzhiyun /**
379*4882a593Smuzhiyun * smk_parse_long_rule - parse Smack rule from rule string
380*4882a593Smuzhiyun * @data: string to be parsed, null terminated
381*4882a593Smuzhiyun * @rule: Will be filled with Smack parsed rule
382*4882a593Smuzhiyun * @import: if non-zero, import labels
383*4882a593Smuzhiyun * @tokens: numer of substrings expected in data
384*4882a593Smuzhiyun *
385*4882a593Smuzhiyun * Returns number of processed bytes on success, -ERRNO on failure.
386*4882a593Smuzhiyun */
smk_parse_long_rule(char * data,struct smack_parsed_rule * rule,int import,int tokens)387*4882a593Smuzhiyun static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule,
388*4882a593Smuzhiyun int import, int tokens)
389*4882a593Smuzhiyun {
390*4882a593Smuzhiyun ssize_t cnt = 0;
391*4882a593Smuzhiyun char *tok[4];
392*4882a593Smuzhiyun int rc;
393*4882a593Smuzhiyun int i;
394*4882a593Smuzhiyun
395*4882a593Smuzhiyun /*
396*4882a593Smuzhiyun * Parsing the rule in-place, filling all white-spaces with '\0'
397*4882a593Smuzhiyun */
398*4882a593Smuzhiyun for (i = 0; i < tokens; ++i) {
399*4882a593Smuzhiyun while (isspace(data[cnt]))
400*4882a593Smuzhiyun data[cnt++] = '\0';
401*4882a593Smuzhiyun
402*4882a593Smuzhiyun if (data[cnt] == '\0')
403*4882a593Smuzhiyun /* Unexpected end of data */
404*4882a593Smuzhiyun return -EINVAL;
405*4882a593Smuzhiyun
406*4882a593Smuzhiyun tok[i] = data + cnt;
407*4882a593Smuzhiyun
408*4882a593Smuzhiyun while (data[cnt] && !isspace(data[cnt]))
409*4882a593Smuzhiyun ++cnt;
410*4882a593Smuzhiyun }
411*4882a593Smuzhiyun while (isspace(data[cnt]))
412*4882a593Smuzhiyun data[cnt++] = '\0';
413*4882a593Smuzhiyun
414*4882a593Smuzhiyun while (i < 4)
415*4882a593Smuzhiyun tok[i++] = NULL;
416*4882a593Smuzhiyun
417*4882a593Smuzhiyun rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0);
418*4882a593Smuzhiyun return rc == 0 ? cnt : rc;
419*4882a593Smuzhiyun }
420*4882a593Smuzhiyun
421*4882a593Smuzhiyun #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
422*4882a593Smuzhiyun #define SMK_LONG_FMT 1 /* Variable long label format */
423*4882a593Smuzhiyun #define SMK_CHANGE_FMT 2 /* Rule modification format */
424*4882a593Smuzhiyun /**
425*4882a593Smuzhiyun * smk_write_rules_list - write() for any /smack rule file
426*4882a593Smuzhiyun * @file: file pointer, not actually used
427*4882a593Smuzhiyun * @buf: where to get the data from
428*4882a593Smuzhiyun * @count: bytes sent
429*4882a593Smuzhiyun * @ppos: where to start - must be 0
430*4882a593Smuzhiyun * @rule_list: the list of rules to write to
431*4882a593Smuzhiyun * @rule_lock: lock for the rule list
432*4882a593Smuzhiyun * @format: /smack/load or /smack/load2 or /smack/change-rule format.
433*4882a593Smuzhiyun *
434*4882a593Smuzhiyun * Get one smack access rule from above.
435*4882a593Smuzhiyun * The format for SMK_LONG_FMT is:
436*4882a593Smuzhiyun * "subject<whitespace>object<whitespace>access[<whitespace>...]"
437*4882a593Smuzhiyun * The format for SMK_FIXED24_FMT is exactly:
438*4882a593Smuzhiyun * "subject object rwxat"
439*4882a593Smuzhiyun * The format for SMK_CHANGE_FMT is:
440*4882a593Smuzhiyun * "subject<whitespace>object<whitespace>
441*4882a593Smuzhiyun * acc_enable<whitespace>acc_disable[<whitespace>...]"
442*4882a593Smuzhiyun */
smk_write_rules_list(struct file * file,const char __user * buf,size_t count,loff_t * ppos,struct list_head * rule_list,struct mutex * rule_lock,int format)443*4882a593Smuzhiyun static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
444*4882a593Smuzhiyun size_t count, loff_t *ppos,
445*4882a593Smuzhiyun struct list_head *rule_list,
446*4882a593Smuzhiyun struct mutex *rule_lock, int format)
447*4882a593Smuzhiyun {
448*4882a593Smuzhiyun struct smack_parsed_rule rule;
449*4882a593Smuzhiyun char *data;
450*4882a593Smuzhiyun int rc;
451*4882a593Smuzhiyun int trunc = 0;
452*4882a593Smuzhiyun int tokens;
453*4882a593Smuzhiyun ssize_t cnt = 0;
454*4882a593Smuzhiyun
455*4882a593Smuzhiyun /*
456*4882a593Smuzhiyun * No partial writes.
457*4882a593Smuzhiyun * Enough data must be present.
458*4882a593Smuzhiyun */
459*4882a593Smuzhiyun if (*ppos != 0)
460*4882a593Smuzhiyun return -EINVAL;
461*4882a593Smuzhiyun
462*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT) {
463*4882a593Smuzhiyun /*
464*4882a593Smuzhiyun * Minor hack for backward compatibility
465*4882a593Smuzhiyun */
466*4882a593Smuzhiyun if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
467*4882a593Smuzhiyun return -EINVAL;
468*4882a593Smuzhiyun } else {
469*4882a593Smuzhiyun if (count >= PAGE_SIZE) {
470*4882a593Smuzhiyun count = PAGE_SIZE - 1;
471*4882a593Smuzhiyun trunc = 1;
472*4882a593Smuzhiyun }
473*4882a593Smuzhiyun }
474*4882a593Smuzhiyun
475*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
476*4882a593Smuzhiyun if (IS_ERR(data))
477*4882a593Smuzhiyun return PTR_ERR(data);
478*4882a593Smuzhiyun
479*4882a593Smuzhiyun /*
480*4882a593Smuzhiyun * In case of parsing only part of user buf,
481*4882a593Smuzhiyun * avoid having partial rule at the data buffer
482*4882a593Smuzhiyun */
483*4882a593Smuzhiyun if (trunc) {
484*4882a593Smuzhiyun while (count > 0 && (data[count - 1] != '\n'))
485*4882a593Smuzhiyun --count;
486*4882a593Smuzhiyun if (count == 0) {
487*4882a593Smuzhiyun rc = -EINVAL;
488*4882a593Smuzhiyun goto out;
489*4882a593Smuzhiyun }
490*4882a593Smuzhiyun }
491*4882a593Smuzhiyun
492*4882a593Smuzhiyun data[count] = '\0';
493*4882a593Smuzhiyun tokens = (format == SMK_CHANGE_FMT ? 4 : 3);
494*4882a593Smuzhiyun while (cnt < count) {
495*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT) {
496*4882a593Smuzhiyun rc = smk_parse_rule(data, &rule, 1);
497*4882a593Smuzhiyun if (rc < 0)
498*4882a593Smuzhiyun goto out;
499*4882a593Smuzhiyun cnt = count;
500*4882a593Smuzhiyun } else {
501*4882a593Smuzhiyun rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens);
502*4882a593Smuzhiyun if (rc < 0)
503*4882a593Smuzhiyun goto out;
504*4882a593Smuzhiyun if (rc == 0) {
505*4882a593Smuzhiyun rc = -EINVAL;
506*4882a593Smuzhiyun goto out;
507*4882a593Smuzhiyun }
508*4882a593Smuzhiyun cnt += rc;
509*4882a593Smuzhiyun }
510*4882a593Smuzhiyun
511*4882a593Smuzhiyun if (rule_list == NULL)
512*4882a593Smuzhiyun rc = smk_set_access(&rule, &rule.smk_subject->smk_rules,
513*4882a593Smuzhiyun &rule.smk_subject->smk_rules_lock);
514*4882a593Smuzhiyun else
515*4882a593Smuzhiyun rc = smk_set_access(&rule, rule_list, rule_lock);
516*4882a593Smuzhiyun
517*4882a593Smuzhiyun if (rc)
518*4882a593Smuzhiyun goto out;
519*4882a593Smuzhiyun }
520*4882a593Smuzhiyun
521*4882a593Smuzhiyun rc = cnt;
522*4882a593Smuzhiyun out:
523*4882a593Smuzhiyun kfree(data);
524*4882a593Smuzhiyun return rc;
525*4882a593Smuzhiyun }
526*4882a593Smuzhiyun
527*4882a593Smuzhiyun /*
528*4882a593Smuzhiyun * Core logic for smackfs seq list operations.
529*4882a593Smuzhiyun */
530*4882a593Smuzhiyun
smk_seq_start(struct seq_file * s,loff_t * pos,struct list_head * head)531*4882a593Smuzhiyun static void *smk_seq_start(struct seq_file *s, loff_t *pos,
532*4882a593Smuzhiyun struct list_head *head)
533*4882a593Smuzhiyun {
534*4882a593Smuzhiyun struct list_head *list;
535*4882a593Smuzhiyun int i = *pos;
536*4882a593Smuzhiyun
537*4882a593Smuzhiyun rcu_read_lock();
538*4882a593Smuzhiyun for (list = rcu_dereference(list_next_rcu(head));
539*4882a593Smuzhiyun list != head;
540*4882a593Smuzhiyun list = rcu_dereference(list_next_rcu(list))) {
541*4882a593Smuzhiyun if (i-- == 0)
542*4882a593Smuzhiyun return list;
543*4882a593Smuzhiyun }
544*4882a593Smuzhiyun
545*4882a593Smuzhiyun return NULL;
546*4882a593Smuzhiyun }
547*4882a593Smuzhiyun
smk_seq_next(struct seq_file * s,void * v,loff_t * pos,struct list_head * head)548*4882a593Smuzhiyun static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
549*4882a593Smuzhiyun struct list_head *head)
550*4882a593Smuzhiyun {
551*4882a593Smuzhiyun struct list_head *list = v;
552*4882a593Smuzhiyun
553*4882a593Smuzhiyun ++*pos;
554*4882a593Smuzhiyun list = rcu_dereference(list_next_rcu(list));
555*4882a593Smuzhiyun
556*4882a593Smuzhiyun return (list == head) ? NULL : list;
557*4882a593Smuzhiyun }
558*4882a593Smuzhiyun
smk_seq_stop(struct seq_file * s,void * v)559*4882a593Smuzhiyun static void smk_seq_stop(struct seq_file *s, void *v)
560*4882a593Smuzhiyun {
561*4882a593Smuzhiyun rcu_read_unlock();
562*4882a593Smuzhiyun }
563*4882a593Smuzhiyun
smk_rule_show(struct seq_file * s,struct smack_rule * srp,int max)564*4882a593Smuzhiyun static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
565*4882a593Smuzhiyun {
566*4882a593Smuzhiyun /*
567*4882a593Smuzhiyun * Don't show any rules with label names too long for
568*4882a593Smuzhiyun * interface file (/smack/load or /smack/load2)
569*4882a593Smuzhiyun * because you should expect to be able to write
570*4882a593Smuzhiyun * anything you read back.
571*4882a593Smuzhiyun */
572*4882a593Smuzhiyun if (strlen(srp->smk_subject->smk_known) >= max ||
573*4882a593Smuzhiyun strlen(srp->smk_object->smk_known) >= max)
574*4882a593Smuzhiyun return;
575*4882a593Smuzhiyun
576*4882a593Smuzhiyun if (srp->smk_access == 0)
577*4882a593Smuzhiyun return;
578*4882a593Smuzhiyun
579*4882a593Smuzhiyun seq_printf(s, "%s %s",
580*4882a593Smuzhiyun srp->smk_subject->smk_known,
581*4882a593Smuzhiyun srp->smk_object->smk_known);
582*4882a593Smuzhiyun
583*4882a593Smuzhiyun seq_putc(s, ' ');
584*4882a593Smuzhiyun
585*4882a593Smuzhiyun if (srp->smk_access & MAY_READ)
586*4882a593Smuzhiyun seq_putc(s, 'r');
587*4882a593Smuzhiyun if (srp->smk_access & MAY_WRITE)
588*4882a593Smuzhiyun seq_putc(s, 'w');
589*4882a593Smuzhiyun if (srp->smk_access & MAY_EXEC)
590*4882a593Smuzhiyun seq_putc(s, 'x');
591*4882a593Smuzhiyun if (srp->smk_access & MAY_APPEND)
592*4882a593Smuzhiyun seq_putc(s, 'a');
593*4882a593Smuzhiyun if (srp->smk_access & MAY_TRANSMUTE)
594*4882a593Smuzhiyun seq_putc(s, 't');
595*4882a593Smuzhiyun if (srp->smk_access & MAY_LOCK)
596*4882a593Smuzhiyun seq_putc(s, 'l');
597*4882a593Smuzhiyun if (srp->smk_access & MAY_BRINGUP)
598*4882a593Smuzhiyun seq_putc(s, 'b');
599*4882a593Smuzhiyun
600*4882a593Smuzhiyun seq_putc(s, '\n');
601*4882a593Smuzhiyun }
602*4882a593Smuzhiyun
603*4882a593Smuzhiyun /*
604*4882a593Smuzhiyun * Seq_file read operations for /smack/load
605*4882a593Smuzhiyun */
606*4882a593Smuzhiyun
load2_seq_start(struct seq_file * s,loff_t * pos)607*4882a593Smuzhiyun static void *load2_seq_start(struct seq_file *s, loff_t *pos)
608*4882a593Smuzhiyun {
609*4882a593Smuzhiyun return smk_seq_start(s, pos, &smack_known_list);
610*4882a593Smuzhiyun }
611*4882a593Smuzhiyun
load2_seq_next(struct seq_file * s,void * v,loff_t * pos)612*4882a593Smuzhiyun static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
613*4882a593Smuzhiyun {
614*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &smack_known_list);
615*4882a593Smuzhiyun }
616*4882a593Smuzhiyun
load_seq_show(struct seq_file * s,void * v)617*4882a593Smuzhiyun static int load_seq_show(struct seq_file *s, void *v)
618*4882a593Smuzhiyun {
619*4882a593Smuzhiyun struct list_head *list = v;
620*4882a593Smuzhiyun struct smack_rule *srp;
621*4882a593Smuzhiyun struct smack_known *skp =
622*4882a593Smuzhiyun list_entry_rcu(list, struct smack_known, list);
623*4882a593Smuzhiyun
624*4882a593Smuzhiyun list_for_each_entry_rcu(srp, &skp->smk_rules, list)
625*4882a593Smuzhiyun smk_rule_show(s, srp, SMK_LABELLEN);
626*4882a593Smuzhiyun
627*4882a593Smuzhiyun return 0;
628*4882a593Smuzhiyun }
629*4882a593Smuzhiyun
630*4882a593Smuzhiyun static const struct seq_operations load_seq_ops = {
631*4882a593Smuzhiyun .start = load2_seq_start,
632*4882a593Smuzhiyun .next = load2_seq_next,
633*4882a593Smuzhiyun .show = load_seq_show,
634*4882a593Smuzhiyun .stop = smk_seq_stop,
635*4882a593Smuzhiyun };
636*4882a593Smuzhiyun
637*4882a593Smuzhiyun /**
638*4882a593Smuzhiyun * smk_open_load - open() for /smack/load
639*4882a593Smuzhiyun * @inode: inode structure representing file
640*4882a593Smuzhiyun * @file: "load" file pointer
641*4882a593Smuzhiyun *
642*4882a593Smuzhiyun * For reading, use load_seq_* seq_file reading operations.
643*4882a593Smuzhiyun */
smk_open_load(struct inode * inode,struct file * file)644*4882a593Smuzhiyun static int smk_open_load(struct inode *inode, struct file *file)
645*4882a593Smuzhiyun {
646*4882a593Smuzhiyun return seq_open(file, &load_seq_ops);
647*4882a593Smuzhiyun }
648*4882a593Smuzhiyun
649*4882a593Smuzhiyun /**
650*4882a593Smuzhiyun * smk_write_load - write() for /smack/load
651*4882a593Smuzhiyun * @file: file pointer, not actually used
652*4882a593Smuzhiyun * @buf: where to get the data from
653*4882a593Smuzhiyun * @count: bytes sent
654*4882a593Smuzhiyun * @ppos: where to start - must be 0
655*4882a593Smuzhiyun *
656*4882a593Smuzhiyun */
smk_write_load(struct file * file,const char __user * buf,size_t count,loff_t * ppos)657*4882a593Smuzhiyun static ssize_t smk_write_load(struct file *file, const char __user *buf,
658*4882a593Smuzhiyun size_t count, loff_t *ppos)
659*4882a593Smuzhiyun {
660*4882a593Smuzhiyun /*
661*4882a593Smuzhiyun * Must have privilege.
662*4882a593Smuzhiyun * No partial writes.
663*4882a593Smuzhiyun * Enough data must be present.
664*4882a593Smuzhiyun */
665*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
666*4882a593Smuzhiyun return -EPERM;
667*4882a593Smuzhiyun
668*4882a593Smuzhiyun return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
669*4882a593Smuzhiyun SMK_FIXED24_FMT);
670*4882a593Smuzhiyun }
671*4882a593Smuzhiyun
672*4882a593Smuzhiyun static const struct file_operations smk_load_ops = {
673*4882a593Smuzhiyun .open = smk_open_load,
674*4882a593Smuzhiyun .read = seq_read,
675*4882a593Smuzhiyun .llseek = seq_lseek,
676*4882a593Smuzhiyun .write = smk_write_load,
677*4882a593Smuzhiyun .release = seq_release,
678*4882a593Smuzhiyun };
679*4882a593Smuzhiyun
680*4882a593Smuzhiyun /**
681*4882a593Smuzhiyun * smk_cipso_doi - initialize the CIPSO domain
682*4882a593Smuzhiyun */
smk_cipso_doi(void)683*4882a593Smuzhiyun static void smk_cipso_doi(void)
684*4882a593Smuzhiyun {
685*4882a593Smuzhiyun int rc;
686*4882a593Smuzhiyun struct cipso_v4_doi *doip;
687*4882a593Smuzhiyun struct netlbl_audit nai;
688*4882a593Smuzhiyun
689*4882a593Smuzhiyun smk_netlabel_audit_set(&nai);
690*4882a593Smuzhiyun
691*4882a593Smuzhiyun rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
692*4882a593Smuzhiyun if (rc != 0)
693*4882a593Smuzhiyun printk(KERN_WARNING "%s:%d remove rc = %d\n",
694*4882a593Smuzhiyun __func__, __LINE__, rc);
695*4882a593Smuzhiyun
696*4882a593Smuzhiyun doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL);
697*4882a593Smuzhiyun doip->map.std = NULL;
698*4882a593Smuzhiyun doip->doi = smk_cipso_doi_value;
699*4882a593Smuzhiyun doip->type = CIPSO_V4_MAP_PASS;
700*4882a593Smuzhiyun doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
701*4882a593Smuzhiyun for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
702*4882a593Smuzhiyun doip->tags[rc] = CIPSO_V4_TAG_INVALID;
703*4882a593Smuzhiyun
704*4882a593Smuzhiyun rc = netlbl_cfg_cipsov4_add(doip, &nai);
705*4882a593Smuzhiyun if (rc != 0) {
706*4882a593Smuzhiyun printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
707*4882a593Smuzhiyun __func__, __LINE__, rc);
708*4882a593Smuzhiyun kfree(doip);
709*4882a593Smuzhiyun return;
710*4882a593Smuzhiyun }
711*4882a593Smuzhiyun rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
712*4882a593Smuzhiyun if (rc != 0) {
713*4882a593Smuzhiyun printk(KERN_WARNING "%s:%d map add rc = %d\n",
714*4882a593Smuzhiyun __func__, __LINE__, rc);
715*4882a593Smuzhiyun netlbl_cfg_cipsov4_del(doip->doi, &nai);
716*4882a593Smuzhiyun return;
717*4882a593Smuzhiyun }
718*4882a593Smuzhiyun }
719*4882a593Smuzhiyun
720*4882a593Smuzhiyun /**
721*4882a593Smuzhiyun * smk_unlbl_ambient - initialize the unlabeled domain
722*4882a593Smuzhiyun * @oldambient: previous domain string
723*4882a593Smuzhiyun */
smk_unlbl_ambient(char * oldambient)724*4882a593Smuzhiyun static void smk_unlbl_ambient(char *oldambient)
725*4882a593Smuzhiyun {
726*4882a593Smuzhiyun int rc;
727*4882a593Smuzhiyun struct netlbl_audit nai;
728*4882a593Smuzhiyun
729*4882a593Smuzhiyun smk_netlabel_audit_set(&nai);
730*4882a593Smuzhiyun
731*4882a593Smuzhiyun if (oldambient != NULL) {
732*4882a593Smuzhiyun rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
733*4882a593Smuzhiyun if (rc != 0)
734*4882a593Smuzhiyun printk(KERN_WARNING "%s:%d remove rc = %d\n",
735*4882a593Smuzhiyun __func__, __LINE__, rc);
736*4882a593Smuzhiyun }
737*4882a593Smuzhiyun if (smack_net_ambient == NULL)
738*4882a593Smuzhiyun smack_net_ambient = &smack_known_floor;
739*4882a593Smuzhiyun
740*4882a593Smuzhiyun rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET,
741*4882a593Smuzhiyun NULL, NULL, &nai);
742*4882a593Smuzhiyun if (rc != 0)
743*4882a593Smuzhiyun printk(KERN_WARNING "%s:%d add rc = %d\n",
744*4882a593Smuzhiyun __func__, __LINE__, rc);
745*4882a593Smuzhiyun }
746*4882a593Smuzhiyun
747*4882a593Smuzhiyun /*
748*4882a593Smuzhiyun * Seq_file read operations for /smack/cipso
749*4882a593Smuzhiyun */
750*4882a593Smuzhiyun
cipso_seq_start(struct seq_file * s,loff_t * pos)751*4882a593Smuzhiyun static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
752*4882a593Smuzhiyun {
753*4882a593Smuzhiyun return smk_seq_start(s, pos, &smack_known_list);
754*4882a593Smuzhiyun }
755*4882a593Smuzhiyun
cipso_seq_next(struct seq_file * s,void * v,loff_t * pos)756*4882a593Smuzhiyun static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
757*4882a593Smuzhiyun {
758*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &smack_known_list);
759*4882a593Smuzhiyun }
760*4882a593Smuzhiyun
761*4882a593Smuzhiyun /*
762*4882a593Smuzhiyun * Print cipso labels in format:
763*4882a593Smuzhiyun * label level[/cat[,cat]]
764*4882a593Smuzhiyun */
cipso_seq_show(struct seq_file * s,void * v)765*4882a593Smuzhiyun static int cipso_seq_show(struct seq_file *s, void *v)
766*4882a593Smuzhiyun {
767*4882a593Smuzhiyun struct list_head *list = v;
768*4882a593Smuzhiyun struct smack_known *skp =
769*4882a593Smuzhiyun list_entry_rcu(list, struct smack_known, list);
770*4882a593Smuzhiyun struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
771*4882a593Smuzhiyun char sep = '/';
772*4882a593Smuzhiyun int i;
773*4882a593Smuzhiyun
774*4882a593Smuzhiyun /*
775*4882a593Smuzhiyun * Don't show a label that could not have been set using
776*4882a593Smuzhiyun * /smack/cipso. This is in support of the notion that
777*4882a593Smuzhiyun * anything read from /smack/cipso ought to be writeable
778*4882a593Smuzhiyun * to /smack/cipso.
779*4882a593Smuzhiyun *
780*4882a593Smuzhiyun * /smack/cipso2 should be used instead.
781*4882a593Smuzhiyun */
782*4882a593Smuzhiyun if (strlen(skp->smk_known) >= SMK_LABELLEN)
783*4882a593Smuzhiyun return 0;
784*4882a593Smuzhiyun
785*4882a593Smuzhiyun seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
786*4882a593Smuzhiyun
787*4882a593Smuzhiyun for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
788*4882a593Smuzhiyun i = netlbl_catmap_walk(cmp, i + 1)) {
789*4882a593Smuzhiyun seq_printf(s, "%c%d", sep, i);
790*4882a593Smuzhiyun sep = ',';
791*4882a593Smuzhiyun }
792*4882a593Smuzhiyun
793*4882a593Smuzhiyun seq_putc(s, '\n');
794*4882a593Smuzhiyun
795*4882a593Smuzhiyun return 0;
796*4882a593Smuzhiyun }
797*4882a593Smuzhiyun
798*4882a593Smuzhiyun static const struct seq_operations cipso_seq_ops = {
799*4882a593Smuzhiyun .start = cipso_seq_start,
800*4882a593Smuzhiyun .next = cipso_seq_next,
801*4882a593Smuzhiyun .show = cipso_seq_show,
802*4882a593Smuzhiyun .stop = smk_seq_stop,
803*4882a593Smuzhiyun };
804*4882a593Smuzhiyun
805*4882a593Smuzhiyun /**
806*4882a593Smuzhiyun * smk_open_cipso - open() for /smack/cipso
807*4882a593Smuzhiyun * @inode: inode structure representing file
808*4882a593Smuzhiyun * @file: "cipso" file pointer
809*4882a593Smuzhiyun *
810*4882a593Smuzhiyun * Connect our cipso_seq_* operations with /smack/cipso
811*4882a593Smuzhiyun * file_operations
812*4882a593Smuzhiyun */
smk_open_cipso(struct inode * inode,struct file * file)813*4882a593Smuzhiyun static int smk_open_cipso(struct inode *inode, struct file *file)
814*4882a593Smuzhiyun {
815*4882a593Smuzhiyun return seq_open(file, &cipso_seq_ops);
816*4882a593Smuzhiyun }
817*4882a593Smuzhiyun
818*4882a593Smuzhiyun /**
819*4882a593Smuzhiyun * smk_set_cipso - do the work for write() for cipso and cipso2
820*4882a593Smuzhiyun * @file: file pointer, not actually used
821*4882a593Smuzhiyun * @buf: where to get the data from
822*4882a593Smuzhiyun * @count: bytes sent
823*4882a593Smuzhiyun * @ppos: where to start
824*4882a593Smuzhiyun * @format: /smack/cipso or /smack/cipso2
825*4882a593Smuzhiyun *
826*4882a593Smuzhiyun * Accepts only one cipso rule per write call.
827*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
828*4882a593Smuzhiyun */
smk_set_cipso(struct file * file,const char __user * buf,size_t count,loff_t * ppos,int format)829*4882a593Smuzhiyun static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
830*4882a593Smuzhiyun size_t count, loff_t *ppos, int format)
831*4882a593Smuzhiyun {
832*4882a593Smuzhiyun struct netlbl_lsm_catmap *old_cat;
833*4882a593Smuzhiyun struct smack_known *skp;
834*4882a593Smuzhiyun struct netlbl_lsm_secattr ncats;
835*4882a593Smuzhiyun char mapcatset[SMK_CIPSOLEN];
836*4882a593Smuzhiyun int maplevel;
837*4882a593Smuzhiyun unsigned int cat;
838*4882a593Smuzhiyun int catlen;
839*4882a593Smuzhiyun ssize_t rc = -EINVAL;
840*4882a593Smuzhiyun char *data = NULL;
841*4882a593Smuzhiyun char *rule;
842*4882a593Smuzhiyun int ret;
843*4882a593Smuzhiyun int i;
844*4882a593Smuzhiyun
845*4882a593Smuzhiyun /*
846*4882a593Smuzhiyun * Must have privilege.
847*4882a593Smuzhiyun * No partial writes.
848*4882a593Smuzhiyun * Enough data must be present.
849*4882a593Smuzhiyun */
850*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
851*4882a593Smuzhiyun return -EPERM;
852*4882a593Smuzhiyun if (*ppos != 0)
853*4882a593Smuzhiyun return -EINVAL;
854*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT &&
855*4882a593Smuzhiyun (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
856*4882a593Smuzhiyun return -EINVAL;
857*4882a593Smuzhiyun if (count > PAGE_SIZE)
858*4882a593Smuzhiyun return -EINVAL;
859*4882a593Smuzhiyun
860*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
861*4882a593Smuzhiyun if (IS_ERR(data))
862*4882a593Smuzhiyun return PTR_ERR(data);
863*4882a593Smuzhiyun
864*4882a593Smuzhiyun rule = data;
865*4882a593Smuzhiyun /*
866*4882a593Smuzhiyun * Only allow one writer at a time. Writes should be
867*4882a593Smuzhiyun * quite rare and small in any case.
868*4882a593Smuzhiyun */
869*4882a593Smuzhiyun mutex_lock(&smack_cipso_lock);
870*4882a593Smuzhiyun
871*4882a593Smuzhiyun skp = smk_import_entry(rule, 0);
872*4882a593Smuzhiyun if (IS_ERR(skp)) {
873*4882a593Smuzhiyun rc = PTR_ERR(skp);
874*4882a593Smuzhiyun goto out;
875*4882a593Smuzhiyun }
876*4882a593Smuzhiyun
877*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT)
878*4882a593Smuzhiyun rule += SMK_LABELLEN;
879*4882a593Smuzhiyun else
880*4882a593Smuzhiyun rule += strlen(skp->smk_known) + 1;
881*4882a593Smuzhiyun
882*4882a593Smuzhiyun if (rule > data + count) {
883*4882a593Smuzhiyun rc = -EOVERFLOW;
884*4882a593Smuzhiyun goto out;
885*4882a593Smuzhiyun }
886*4882a593Smuzhiyun
887*4882a593Smuzhiyun ret = sscanf(rule, "%d", &maplevel);
888*4882a593Smuzhiyun if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL)
889*4882a593Smuzhiyun goto out;
890*4882a593Smuzhiyun
891*4882a593Smuzhiyun rule += SMK_DIGITLEN;
892*4882a593Smuzhiyun if (rule > data + count) {
893*4882a593Smuzhiyun rc = -EOVERFLOW;
894*4882a593Smuzhiyun goto out;
895*4882a593Smuzhiyun }
896*4882a593Smuzhiyun
897*4882a593Smuzhiyun ret = sscanf(rule, "%d", &catlen);
898*4882a593Smuzhiyun if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
899*4882a593Smuzhiyun goto out;
900*4882a593Smuzhiyun
901*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT &&
902*4882a593Smuzhiyun count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
903*4882a593Smuzhiyun goto out;
904*4882a593Smuzhiyun
905*4882a593Smuzhiyun memset(mapcatset, 0, sizeof(mapcatset));
906*4882a593Smuzhiyun
907*4882a593Smuzhiyun for (i = 0; i < catlen; i++) {
908*4882a593Smuzhiyun rule += SMK_DIGITLEN;
909*4882a593Smuzhiyun if (rule > data + count) {
910*4882a593Smuzhiyun rc = -EOVERFLOW;
911*4882a593Smuzhiyun goto out;
912*4882a593Smuzhiyun }
913*4882a593Smuzhiyun ret = sscanf(rule, "%u", &cat);
914*4882a593Smuzhiyun if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
915*4882a593Smuzhiyun goto out;
916*4882a593Smuzhiyun
917*4882a593Smuzhiyun smack_catset_bit(cat, mapcatset);
918*4882a593Smuzhiyun }
919*4882a593Smuzhiyun
920*4882a593Smuzhiyun rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
921*4882a593Smuzhiyun if (rc >= 0) {
922*4882a593Smuzhiyun old_cat = skp->smk_netlabel.attr.mls.cat;
923*4882a593Smuzhiyun skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
924*4882a593Smuzhiyun skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
925*4882a593Smuzhiyun synchronize_rcu();
926*4882a593Smuzhiyun netlbl_catmap_free(old_cat);
927*4882a593Smuzhiyun rc = count;
928*4882a593Smuzhiyun /*
929*4882a593Smuzhiyun * This mapping may have been cached, so clear the cache.
930*4882a593Smuzhiyun */
931*4882a593Smuzhiyun netlbl_cache_invalidate();
932*4882a593Smuzhiyun }
933*4882a593Smuzhiyun
934*4882a593Smuzhiyun out:
935*4882a593Smuzhiyun mutex_unlock(&smack_cipso_lock);
936*4882a593Smuzhiyun kfree(data);
937*4882a593Smuzhiyun return rc;
938*4882a593Smuzhiyun }
939*4882a593Smuzhiyun
940*4882a593Smuzhiyun /**
941*4882a593Smuzhiyun * smk_write_cipso - write() for /smack/cipso
942*4882a593Smuzhiyun * @file: file pointer, not actually used
943*4882a593Smuzhiyun * @buf: where to get the data from
944*4882a593Smuzhiyun * @count: bytes sent
945*4882a593Smuzhiyun * @ppos: where to start
946*4882a593Smuzhiyun *
947*4882a593Smuzhiyun * Accepts only one cipso rule per write call.
948*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
949*4882a593Smuzhiyun */
smk_write_cipso(struct file * file,const char __user * buf,size_t count,loff_t * ppos)950*4882a593Smuzhiyun static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
951*4882a593Smuzhiyun size_t count, loff_t *ppos)
952*4882a593Smuzhiyun {
953*4882a593Smuzhiyun return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
954*4882a593Smuzhiyun }
955*4882a593Smuzhiyun
956*4882a593Smuzhiyun static const struct file_operations smk_cipso_ops = {
957*4882a593Smuzhiyun .open = smk_open_cipso,
958*4882a593Smuzhiyun .read = seq_read,
959*4882a593Smuzhiyun .llseek = seq_lseek,
960*4882a593Smuzhiyun .write = smk_write_cipso,
961*4882a593Smuzhiyun .release = seq_release,
962*4882a593Smuzhiyun };
963*4882a593Smuzhiyun
964*4882a593Smuzhiyun /*
965*4882a593Smuzhiyun * Seq_file read operations for /smack/cipso2
966*4882a593Smuzhiyun */
967*4882a593Smuzhiyun
968*4882a593Smuzhiyun /*
969*4882a593Smuzhiyun * Print cipso labels in format:
970*4882a593Smuzhiyun * label level[/cat[,cat]]
971*4882a593Smuzhiyun */
cipso2_seq_show(struct seq_file * s,void * v)972*4882a593Smuzhiyun static int cipso2_seq_show(struct seq_file *s, void *v)
973*4882a593Smuzhiyun {
974*4882a593Smuzhiyun struct list_head *list = v;
975*4882a593Smuzhiyun struct smack_known *skp =
976*4882a593Smuzhiyun list_entry_rcu(list, struct smack_known, list);
977*4882a593Smuzhiyun struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
978*4882a593Smuzhiyun char sep = '/';
979*4882a593Smuzhiyun int i;
980*4882a593Smuzhiyun
981*4882a593Smuzhiyun seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
982*4882a593Smuzhiyun
983*4882a593Smuzhiyun for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
984*4882a593Smuzhiyun i = netlbl_catmap_walk(cmp, i + 1)) {
985*4882a593Smuzhiyun seq_printf(s, "%c%d", sep, i);
986*4882a593Smuzhiyun sep = ',';
987*4882a593Smuzhiyun }
988*4882a593Smuzhiyun
989*4882a593Smuzhiyun seq_putc(s, '\n');
990*4882a593Smuzhiyun
991*4882a593Smuzhiyun return 0;
992*4882a593Smuzhiyun }
993*4882a593Smuzhiyun
994*4882a593Smuzhiyun static const struct seq_operations cipso2_seq_ops = {
995*4882a593Smuzhiyun .start = cipso_seq_start,
996*4882a593Smuzhiyun .next = cipso_seq_next,
997*4882a593Smuzhiyun .show = cipso2_seq_show,
998*4882a593Smuzhiyun .stop = smk_seq_stop,
999*4882a593Smuzhiyun };
1000*4882a593Smuzhiyun
1001*4882a593Smuzhiyun /**
1002*4882a593Smuzhiyun * smk_open_cipso2 - open() for /smack/cipso2
1003*4882a593Smuzhiyun * @inode: inode structure representing file
1004*4882a593Smuzhiyun * @file: "cipso2" file pointer
1005*4882a593Smuzhiyun *
1006*4882a593Smuzhiyun * Connect our cipso_seq_* operations with /smack/cipso2
1007*4882a593Smuzhiyun * file_operations
1008*4882a593Smuzhiyun */
smk_open_cipso2(struct inode * inode,struct file * file)1009*4882a593Smuzhiyun static int smk_open_cipso2(struct inode *inode, struct file *file)
1010*4882a593Smuzhiyun {
1011*4882a593Smuzhiyun return seq_open(file, &cipso2_seq_ops);
1012*4882a593Smuzhiyun }
1013*4882a593Smuzhiyun
1014*4882a593Smuzhiyun /**
1015*4882a593Smuzhiyun * smk_write_cipso2 - write() for /smack/cipso2
1016*4882a593Smuzhiyun * @file: file pointer, not actually used
1017*4882a593Smuzhiyun * @buf: where to get the data from
1018*4882a593Smuzhiyun * @count: bytes sent
1019*4882a593Smuzhiyun * @ppos: where to start
1020*4882a593Smuzhiyun *
1021*4882a593Smuzhiyun * Accepts only one cipso rule per write call.
1022*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1023*4882a593Smuzhiyun */
smk_write_cipso2(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1024*4882a593Smuzhiyun static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
1025*4882a593Smuzhiyun size_t count, loff_t *ppos)
1026*4882a593Smuzhiyun {
1027*4882a593Smuzhiyun return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1028*4882a593Smuzhiyun }
1029*4882a593Smuzhiyun
1030*4882a593Smuzhiyun static const struct file_operations smk_cipso2_ops = {
1031*4882a593Smuzhiyun .open = smk_open_cipso2,
1032*4882a593Smuzhiyun .read = seq_read,
1033*4882a593Smuzhiyun .llseek = seq_lseek,
1034*4882a593Smuzhiyun .write = smk_write_cipso2,
1035*4882a593Smuzhiyun .release = seq_release,
1036*4882a593Smuzhiyun };
1037*4882a593Smuzhiyun
1038*4882a593Smuzhiyun /*
1039*4882a593Smuzhiyun * Seq_file read operations for /smack/netlabel
1040*4882a593Smuzhiyun */
1041*4882a593Smuzhiyun
net4addr_seq_start(struct seq_file * s,loff_t * pos)1042*4882a593Smuzhiyun static void *net4addr_seq_start(struct seq_file *s, loff_t *pos)
1043*4882a593Smuzhiyun {
1044*4882a593Smuzhiyun return smk_seq_start(s, pos, &smk_net4addr_list);
1045*4882a593Smuzhiyun }
1046*4882a593Smuzhiyun
net4addr_seq_next(struct seq_file * s,void * v,loff_t * pos)1047*4882a593Smuzhiyun static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1048*4882a593Smuzhiyun {
1049*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &smk_net4addr_list);
1050*4882a593Smuzhiyun }
1051*4882a593Smuzhiyun
1052*4882a593Smuzhiyun /*
1053*4882a593Smuzhiyun * Print host/label pairs
1054*4882a593Smuzhiyun */
net4addr_seq_show(struct seq_file * s,void * v)1055*4882a593Smuzhiyun static int net4addr_seq_show(struct seq_file *s, void *v)
1056*4882a593Smuzhiyun {
1057*4882a593Smuzhiyun struct list_head *list = v;
1058*4882a593Smuzhiyun struct smk_net4addr *skp =
1059*4882a593Smuzhiyun list_entry_rcu(list, struct smk_net4addr, list);
1060*4882a593Smuzhiyun char *kp = SMACK_CIPSO_OPTION;
1061*4882a593Smuzhiyun
1062*4882a593Smuzhiyun if (skp->smk_label != NULL)
1063*4882a593Smuzhiyun kp = skp->smk_label->smk_known;
1064*4882a593Smuzhiyun seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr,
1065*4882a593Smuzhiyun skp->smk_masks, kp);
1066*4882a593Smuzhiyun
1067*4882a593Smuzhiyun return 0;
1068*4882a593Smuzhiyun }
1069*4882a593Smuzhiyun
1070*4882a593Smuzhiyun static const struct seq_operations net4addr_seq_ops = {
1071*4882a593Smuzhiyun .start = net4addr_seq_start,
1072*4882a593Smuzhiyun .next = net4addr_seq_next,
1073*4882a593Smuzhiyun .show = net4addr_seq_show,
1074*4882a593Smuzhiyun .stop = smk_seq_stop,
1075*4882a593Smuzhiyun };
1076*4882a593Smuzhiyun
1077*4882a593Smuzhiyun /**
1078*4882a593Smuzhiyun * smk_open_net4addr - open() for /smack/netlabel
1079*4882a593Smuzhiyun * @inode: inode structure representing file
1080*4882a593Smuzhiyun * @file: "netlabel" file pointer
1081*4882a593Smuzhiyun *
1082*4882a593Smuzhiyun * Connect our net4addr_seq_* operations with /smack/netlabel
1083*4882a593Smuzhiyun * file_operations
1084*4882a593Smuzhiyun */
smk_open_net4addr(struct inode * inode,struct file * file)1085*4882a593Smuzhiyun static int smk_open_net4addr(struct inode *inode, struct file *file)
1086*4882a593Smuzhiyun {
1087*4882a593Smuzhiyun return seq_open(file, &net4addr_seq_ops);
1088*4882a593Smuzhiyun }
1089*4882a593Smuzhiyun
1090*4882a593Smuzhiyun /**
1091*4882a593Smuzhiyun * smk_net4addr_insert
1092*4882a593Smuzhiyun * @new : netlabel to insert
1093*4882a593Smuzhiyun *
1094*4882a593Smuzhiyun * This helper insert netlabel in the smack_net4addrs list
1095*4882a593Smuzhiyun * sorted by netmask length (longest to smallest)
1096*4882a593Smuzhiyun * locked by &smk_net4addr_lock in smk_write_net4addr
1097*4882a593Smuzhiyun *
1098*4882a593Smuzhiyun */
smk_net4addr_insert(struct smk_net4addr * new)1099*4882a593Smuzhiyun static void smk_net4addr_insert(struct smk_net4addr *new)
1100*4882a593Smuzhiyun {
1101*4882a593Smuzhiyun struct smk_net4addr *m;
1102*4882a593Smuzhiyun struct smk_net4addr *m_next;
1103*4882a593Smuzhiyun
1104*4882a593Smuzhiyun if (list_empty(&smk_net4addr_list)) {
1105*4882a593Smuzhiyun list_add_rcu(&new->list, &smk_net4addr_list);
1106*4882a593Smuzhiyun return;
1107*4882a593Smuzhiyun }
1108*4882a593Smuzhiyun
1109*4882a593Smuzhiyun m = list_entry_rcu(smk_net4addr_list.next,
1110*4882a593Smuzhiyun struct smk_net4addr, list);
1111*4882a593Smuzhiyun
1112*4882a593Smuzhiyun /* the comparison '>' is a bit hacky, but works */
1113*4882a593Smuzhiyun if (new->smk_masks > m->smk_masks) {
1114*4882a593Smuzhiyun list_add_rcu(&new->list, &smk_net4addr_list);
1115*4882a593Smuzhiyun return;
1116*4882a593Smuzhiyun }
1117*4882a593Smuzhiyun
1118*4882a593Smuzhiyun list_for_each_entry_rcu(m, &smk_net4addr_list, list) {
1119*4882a593Smuzhiyun if (list_is_last(&m->list, &smk_net4addr_list)) {
1120*4882a593Smuzhiyun list_add_rcu(&new->list, &m->list);
1121*4882a593Smuzhiyun return;
1122*4882a593Smuzhiyun }
1123*4882a593Smuzhiyun m_next = list_entry_rcu(m->list.next,
1124*4882a593Smuzhiyun struct smk_net4addr, list);
1125*4882a593Smuzhiyun if (new->smk_masks > m_next->smk_masks) {
1126*4882a593Smuzhiyun list_add_rcu(&new->list, &m->list);
1127*4882a593Smuzhiyun return;
1128*4882a593Smuzhiyun }
1129*4882a593Smuzhiyun }
1130*4882a593Smuzhiyun }
1131*4882a593Smuzhiyun
1132*4882a593Smuzhiyun
1133*4882a593Smuzhiyun /**
1134*4882a593Smuzhiyun * smk_write_net4addr - write() for /smack/netlabel
1135*4882a593Smuzhiyun * @file: file pointer, not actually used
1136*4882a593Smuzhiyun * @buf: where to get the data from
1137*4882a593Smuzhiyun * @count: bytes sent
1138*4882a593Smuzhiyun * @ppos: where to start
1139*4882a593Smuzhiyun *
1140*4882a593Smuzhiyun * Accepts only one net4addr per write call.
1141*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1142*4882a593Smuzhiyun */
smk_write_net4addr(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1143*4882a593Smuzhiyun static ssize_t smk_write_net4addr(struct file *file, const char __user *buf,
1144*4882a593Smuzhiyun size_t count, loff_t *ppos)
1145*4882a593Smuzhiyun {
1146*4882a593Smuzhiyun struct smk_net4addr *snp;
1147*4882a593Smuzhiyun struct sockaddr_in newname;
1148*4882a593Smuzhiyun char *smack;
1149*4882a593Smuzhiyun struct smack_known *skp = NULL;
1150*4882a593Smuzhiyun char *data;
1151*4882a593Smuzhiyun char *host = (char *)&newname.sin_addr.s_addr;
1152*4882a593Smuzhiyun int rc;
1153*4882a593Smuzhiyun struct netlbl_audit audit_info;
1154*4882a593Smuzhiyun struct in_addr mask;
1155*4882a593Smuzhiyun unsigned int m;
1156*4882a593Smuzhiyun unsigned int masks;
1157*4882a593Smuzhiyun int found;
1158*4882a593Smuzhiyun u32 mask_bits = (1<<31);
1159*4882a593Smuzhiyun __be32 nsa;
1160*4882a593Smuzhiyun u32 temp_mask;
1161*4882a593Smuzhiyun
1162*4882a593Smuzhiyun /*
1163*4882a593Smuzhiyun * Must have privilege.
1164*4882a593Smuzhiyun * No partial writes.
1165*4882a593Smuzhiyun * Enough data must be present.
1166*4882a593Smuzhiyun * "<addr/mask, as a.b.c.d/e><space><label>"
1167*4882a593Smuzhiyun * "<addr, as a.b.c.d><space><label>"
1168*4882a593Smuzhiyun */
1169*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
1170*4882a593Smuzhiyun return -EPERM;
1171*4882a593Smuzhiyun if (*ppos != 0)
1172*4882a593Smuzhiyun return -EINVAL;
1173*4882a593Smuzhiyun if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1)
1174*4882a593Smuzhiyun return -EINVAL;
1175*4882a593Smuzhiyun
1176*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
1177*4882a593Smuzhiyun if (IS_ERR(data))
1178*4882a593Smuzhiyun return PTR_ERR(data);
1179*4882a593Smuzhiyun
1180*4882a593Smuzhiyun smack = kzalloc(count + 1, GFP_KERNEL);
1181*4882a593Smuzhiyun if (smack == NULL) {
1182*4882a593Smuzhiyun rc = -ENOMEM;
1183*4882a593Smuzhiyun goto free_data_out;
1184*4882a593Smuzhiyun }
1185*4882a593Smuzhiyun
1186*4882a593Smuzhiyun rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s",
1187*4882a593Smuzhiyun &host[0], &host[1], &host[2], &host[3], &masks, smack);
1188*4882a593Smuzhiyun if (rc != 6) {
1189*4882a593Smuzhiyun rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1190*4882a593Smuzhiyun &host[0], &host[1], &host[2], &host[3], smack);
1191*4882a593Smuzhiyun if (rc != 5) {
1192*4882a593Smuzhiyun rc = -EINVAL;
1193*4882a593Smuzhiyun goto free_out;
1194*4882a593Smuzhiyun }
1195*4882a593Smuzhiyun m = BEBITS;
1196*4882a593Smuzhiyun masks = 32;
1197*4882a593Smuzhiyun }
1198*4882a593Smuzhiyun if (masks > BEBITS) {
1199*4882a593Smuzhiyun rc = -EINVAL;
1200*4882a593Smuzhiyun goto free_out;
1201*4882a593Smuzhiyun }
1202*4882a593Smuzhiyun
1203*4882a593Smuzhiyun /*
1204*4882a593Smuzhiyun * If smack begins with '-', it is an option, don't import it
1205*4882a593Smuzhiyun */
1206*4882a593Smuzhiyun if (smack[0] != '-') {
1207*4882a593Smuzhiyun skp = smk_import_entry(smack, 0);
1208*4882a593Smuzhiyun if (IS_ERR(skp)) {
1209*4882a593Smuzhiyun rc = PTR_ERR(skp);
1210*4882a593Smuzhiyun goto free_out;
1211*4882a593Smuzhiyun }
1212*4882a593Smuzhiyun } else {
1213*4882a593Smuzhiyun /*
1214*4882a593Smuzhiyun * Only the -CIPSO option is supported for IPv4
1215*4882a593Smuzhiyun */
1216*4882a593Smuzhiyun if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) {
1217*4882a593Smuzhiyun rc = -EINVAL;
1218*4882a593Smuzhiyun goto free_out;
1219*4882a593Smuzhiyun }
1220*4882a593Smuzhiyun }
1221*4882a593Smuzhiyun
1222*4882a593Smuzhiyun for (m = masks, temp_mask = 0; m > 0; m--) {
1223*4882a593Smuzhiyun temp_mask |= mask_bits;
1224*4882a593Smuzhiyun mask_bits >>= 1;
1225*4882a593Smuzhiyun }
1226*4882a593Smuzhiyun mask.s_addr = cpu_to_be32(temp_mask);
1227*4882a593Smuzhiyun
1228*4882a593Smuzhiyun newname.sin_addr.s_addr &= mask.s_addr;
1229*4882a593Smuzhiyun /*
1230*4882a593Smuzhiyun * Only allow one writer at a time. Writes should be
1231*4882a593Smuzhiyun * quite rare and small in any case.
1232*4882a593Smuzhiyun */
1233*4882a593Smuzhiyun mutex_lock(&smk_net4addr_lock);
1234*4882a593Smuzhiyun
1235*4882a593Smuzhiyun nsa = newname.sin_addr.s_addr;
1236*4882a593Smuzhiyun /* try to find if the prefix is already in the list */
1237*4882a593Smuzhiyun found = 0;
1238*4882a593Smuzhiyun list_for_each_entry_rcu(snp, &smk_net4addr_list, list) {
1239*4882a593Smuzhiyun if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) {
1240*4882a593Smuzhiyun found = 1;
1241*4882a593Smuzhiyun break;
1242*4882a593Smuzhiyun }
1243*4882a593Smuzhiyun }
1244*4882a593Smuzhiyun smk_netlabel_audit_set(&audit_info);
1245*4882a593Smuzhiyun
1246*4882a593Smuzhiyun if (found == 0) {
1247*4882a593Smuzhiyun snp = kzalloc(sizeof(*snp), GFP_KERNEL);
1248*4882a593Smuzhiyun if (snp == NULL)
1249*4882a593Smuzhiyun rc = -ENOMEM;
1250*4882a593Smuzhiyun else {
1251*4882a593Smuzhiyun rc = 0;
1252*4882a593Smuzhiyun snp->smk_host.s_addr = newname.sin_addr.s_addr;
1253*4882a593Smuzhiyun snp->smk_mask.s_addr = mask.s_addr;
1254*4882a593Smuzhiyun snp->smk_label = skp;
1255*4882a593Smuzhiyun snp->smk_masks = masks;
1256*4882a593Smuzhiyun smk_net4addr_insert(snp);
1257*4882a593Smuzhiyun }
1258*4882a593Smuzhiyun } else {
1259*4882a593Smuzhiyun /*
1260*4882a593Smuzhiyun * Delete the unlabeled entry, only if the previous label
1261*4882a593Smuzhiyun * wasn't the special CIPSO option
1262*4882a593Smuzhiyun */
1263*4882a593Smuzhiyun if (snp->smk_label != NULL)
1264*4882a593Smuzhiyun rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1265*4882a593Smuzhiyun &snp->smk_host, &snp->smk_mask,
1266*4882a593Smuzhiyun PF_INET, &audit_info);
1267*4882a593Smuzhiyun else
1268*4882a593Smuzhiyun rc = 0;
1269*4882a593Smuzhiyun snp->smk_label = skp;
1270*4882a593Smuzhiyun }
1271*4882a593Smuzhiyun
1272*4882a593Smuzhiyun /*
1273*4882a593Smuzhiyun * Now tell netlabel about the single label nature of
1274*4882a593Smuzhiyun * this host so that incoming packets get labeled.
1275*4882a593Smuzhiyun * but only if we didn't get the special CIPSO option
1276*4882a593Smuzhiyun */
1277*4882a593Smuzhiyun if (rc == 0 && skp != NULL)
1278*4882a593Smuzhiyun rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1279*4882a593Smuzhiyun &snp->smk_host, &snp->smk_mask, PF_INET,
1280*4882a593Smuzhiyun snp->smk_label->smk_secid, &audit_info);
1281*4882a593Smuzhiyun
1282*4882a593Smuzhiyun if (rc == 0)
1283*4882a593Smuzhiyun rc = count;
1284*4882a593Smuzhiyun
1285*4882a593Smuzhiyun mutex_unlock(&smk_net4addr_lock);
1286*4882a593Smuzhiyun
1287*4882a593Smuzhiyun free_out:
1288*4882a593Smuzhiyun kfree(smack);
1289*4882a593Smuzhiyun free_data_out:
1290*4882a593Smuzhiyun kfree(data);
1291*4882a593Smuzhiyun
1292*4882a593Smuzhiyun return rc;
1293*4882a593Smuzhiyun }
1294*4882a593Smuzhiyun
1295*4882a593Smuzhiyun static const struct file_operations smk_net4addr_ops = {
1296*4882a593Smuzhiyun .open = smk_open_net4addr,
1297*4882a593Smuzhiyun .read = seq_read,
1298*4882a593Smuzhiyun .llseek = seq_lseek,
1299*4882a593Smuzhiyun .write = smk_write_net4addr,
1300*4882a593Smuzhiyun .release = seq_release,
1301*4882a593Smuzhiyun };
1302*4882a593Smuzhiyun
1303*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_IPV6)
1304*4882a593Smuzhiyun /*
1305*4882a593Smuzhiyun * Seq_file read operations for /smack/netlabel6
1306*4882a593Smuzhiyun */
1307*4882a593Smuzhiyun
net6addr_seq_start(struct seq_file * s,loff_t * pos)1308*4882a593Smuzhiyun static void *net6addr_seq_start(struct seq_file *s, loff_t *pos)
1309*4882a593Smuzhiyun {
1310*4882a593Smuzhiyun return smk_seq_start(s, pos, &smk_net6addr_list);
1311*4882a593Smuzhiyun }
1312*4882a593Smuzhiyun
net6addr_seq_next(struct seq_file * s,void * v,loff_t * pos)1313*4882a593Smuzhiyun static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1314*4882a593Smuzhiyun {
1315*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &smk_net6addr_list);
1316*4882a593Smuzhiyun }
1317*4882a593Smuzhiyun
1318*4882a593Smuzhiyun /*
1319*4882a593Smuzhiyun * Print host/label pairs
1320*4882a593Smuzhiyun */
net6addr_seq_show(struct seq_file * s,void * v)1321*4882a593Smuzhiyun static int net6addr_seq_show(struct seq_file *s, void *v)
1322*4882a593Smuzhiyun {
1323*4882a593Smuzhiyun struct list_head *list = v;
1324*4882a593Smuzhiyun struct smk_net6addr *skp =
1325*4882a593Smuzhiyun list_entry(list, struct smk_net6addr, list);
1326*4882a593Smuzhiyun
1327*4882a593Smuzhiyun if (skp->smk_label != NULL)
1328*4882a593Smuzhiyun seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks,
1329*4882a593Smuzhiyun skp->smk_label->smk_known);
1330*4882a593Smuzhiyun
1331*4882a593Smuzhiyun return 0;
1332*4882a593Smuzhiyun }
1333*4882a593Smuzhiyun
1334*4882a593Smuzhiyun static const struct seq_operations net6addr_seq_ops = {
1335*4882a593Smuzhiyun .start = net6addr_seq_start,
1336*4882a593Smuzhiyun .next = net6addr_seq_next,
1337*4882a593Smuzhiyun .show = net6addr_seq_show,
1338*4882a593Smuzhiyun .stop = smk_seq_stop,
1339*4882a593Smuzhiyun };
1340*4882a593Smuzhiyun
1341*4882a593Smuzhiyun /**
1342*4882a593Smuzhiyun * smk_open_net6addr - open() for /smack/netlabel
1343*4882a593Smuzhiyun * @inode: inode structure representing file
1344*4882a593Smuzhiyun * @file: "netlabel" file pointer
1345*4882a593Smuzhiyun *
1346*4882a593Smuzhiyun * Connect our net6addr_seq_* operations with /smack/netlabel
1347*4882a593Smuzhiyun * file_operations
1348*4882a593Smuzhiyun */
smk_open_net6addr(struct inode * inode,struct file * file)1349*4882a593Smuzhiyun static int smk_open_net6addr(struct inode *inode, struct file *file)
1350*4882a593Smuzhiyun {
1351*4882a593Smuzhiyun return seq_open(file, &net6addr_seq_ops);
1352*4882a593Smuzhiyun }
1353*4882a593Smuzhiyun
1354*4882a593Smuzhiyun /**
1355*4882a593Smuzhiyun * smk_net6addr_insert
1356*4882a593Smuzhiyun * @new : entry to insert
1357*4882a593Smuzhiyun *
1358*4882a593Smuzhiyun * This inserts an entry in the smack_net6addrs list
1359*4882a593Smuzhiyun * sorted by netmask length (longest to smallest)
1360*4882a593Smuzhiyun * locked by &smk_net6addr_lock in smk_write_net6addr
1361*4882a593Smuzhiyun *
1362*4882a593Smuzhiyun */
smk_net6addr_insert(struct smk_net6addr * new)1363*4882a593Smuzhiyun static void smk_net6addr_insert(struct smk_net6addr *new)
1364*4882a593Smuzhiyun {
1365*4882a593Smuzhiyun struct smk_net6addr *m_next;
1366*4882a593Smuzhiyun struct smk_net6addr *m;
1367*4882a593Smuzhiyun
1368*4882a593Smuzhiyun if (list_empty(&smk_net6addr_list)) {
1369*4882a593Smuzhiyun list_add_rcu(&new->list, &smk_net6addr_list);
1370*4882a593Smuzhiyun return;
1371*4882a593Smuzhiyun }
1372*4882a593Smuzhiyun
1373*4882a593Smuzhiyun m = list_entry_rcu(smk_net6addr_list.next,
1374*4882a593Smuzhiyun struct smk_net6addr, list);
1375*4882a593Smuzhiyun
1376*4882a593Smuzhiyun if (new->smk_masks > m->smk_masks) {
1377*4882a593Smuzhiyun list_add_rcu(&new->list, &smk_net6addr_list);
1378*4882a593Smuzhiyun return;
1379*4882a593Smuzhiyun }
1380*4882a593Smuzhiyun
1381*4882a593Smuzhiyun list_for_each_entry_rcu(m, &smk_net6addr_list, list) {
1382*4882a593Smuzhiyun if (list_is_last(&m->list, &smk_net6addr_list)) {
1383*4882a593Smuzhiyun list_add_rcu(&new->list, &m->list);
1384*4882a593Smuzhiyun return;
1385*4882a593Smuzhiyun }
1386*4882a593Smuzhiyun m_next = list_entry_rcu(m->list.next,
1387*4882a593Smuzhiyun struct smk_net6addr, list);
1388*4882a593Smuzhiyun if (new->smk_masks > m_next->smk_masks) {
1389*4882a593Smuzhiyun list_add_rcu(&new->list, &m->list);
1390*4882a593Smuzhiyun return;
1391*4882a593Smuzhiyun }
1392*4882a593Smuzhiyun }
1393*4882a593Smuzhiyun }
1394*4882a593Smuzhiyun
1395*4882a593Smuzhiyun
1396*4882a593Smuzhiyun /**
1397*4882a593Smuzhiyun * smk_write_net6addr - write() for /smack/netlabel
1398*4882a593Smuzhiyun * @file: file pointer, not actually used
1399*4882a593Smuzhiyun * @buf: where to get the data from
1400*4882a593Smuzhiyun * @count: bytes sent
1401*4882a593Smuzhiyun * @ppos: where to start
1402*4882a593Smuzhiyun *
1403*4882a593Smuzhiyun * Accepts only one net6addr per write call.
1404*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1405*4882a593Smuzhiyun */
smk_write_net6addr(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1406*4882a593Smuzhiyun static ssize_t smk_write_net6addr(struct file *file, const char __user *buf,
1407*4882a593Smuzhiyun size_t count, loff_t *ppos)
1408*4882a593Smuzhiyun {
1409*4882a593Smuzhiyun struct smk_net6addr *snp;
1410*4882a593Smuzhiyun struct in6_addr newname;
1411*4882a593Smuzhiyun struct in6_addr fullmask;
1412*4882a593Smuzhiyun struct smack_known *skp = NULL;
1413*4882a593Smuzhiyun char *smack;
1414*4882a593Smuzhiyun char *data;
1415*4882a593Smuzhiyun int rc = 0;
1416*4882a593Smuzhiyun int found = 0;
1417*4882a593Smuzhiyun int i;
1418*4882a593Smuzhiyun unsigned int scanned[8];
1419*4882a593Smuzhiyun unsigned int m;
1420*4882a593Smuzhiyun unsigned int mask = 128;
1421*4882a593Smuzhiyun
1422*4882a593Smuzhiyun /*
1423*4882a593Smuzhiyun * Must have privilege.
1424*4882a593Smuzhiyun * No partial writes.
1425*4882a593Smuzhiyun * Enough data must be present.
1426*4882a593Smuzhiyun * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>"
1427*4882a593Smuzhiyun * "<addr, as a:b:c:d:e:f:g:h><space><label>"
1428*4882a593Smuzhiyun */
1429*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
1430*4882a593Smuzhiyun return -EPERM;
1431*4882a593Smuzhiyun if (*ppos != 0)
1432*4882a593Smuzhiyun return -EINVAL;
1433*4882a593Smuzhiyun if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1)
1434*4882a593Smuzhiyun return -EINVAL;
1435*4882a593Smuzhiyun
1436*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
1437*4882a593Smuzhiyun if (IS_ERR(data))
1438*4882a593Smuzhiyun return PTR_ERR(data);
1439*4882a593Smuzhiyun
1440*4882a593Smuzhiyun smack = kzalloc(count + 1, GFP_KERNEL);
1441*4882a593Smuzhiyun if (smack == NULL) {
1442*4882a593Smuzhiyun rc = -ENOMEM;
1443*4882a593Smuzhiyun goto free_data_out;
1444*4882a593Smuzhiyun }
1445*4882a593Smuzhiyun
1446*4882a593Smuzhiyun i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s",
1447*4882a593Smuzhiyun &scanned[0], &scanned[1], &scanned[2], &scanned[3],
1448*4882a593Smuzhiyun &scanned[4], &scanned[5], &scanned[6], &scanned[7],
1449*4882a593Smuzhiyun &mask, smack);
1450*4882a593Smuzhiyun if (i != 10) {
1451*4882a593Smuzhiyun i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s",
1452*4882a593Smuzhiyun &scanned[0], &scanned[1], &scanned[2],
1453*4882a593Smuzhiyun &scanned[3], &scanned[4], &scanned[5],
1454*4882a593Smuzhiyun &scanned[6], &scanned[7], smack);
1455*4882a593Smuzhiyun if (i != 9) {
1456*4882a593Smuzhiyun rc = -EINVAL;
1457*4882a593Smuzhiyun goto free_out;
1458*4882a593Smuzhiyun }
1459*4882a593Smuzhiyun }
1460*4882a593Smuzhiyun if (mask > 128) {
1461*4882a593Smuzhiyun rc = -EINVAL;
1462*4882a593Smuzhiyun goto free_out;
1463*4882a593Smuzhiyun }
1464*4882a593Smuzhiyun for (i = 0; i < 8; i++) {
1465*4882a593Smuzhiyun if (scanned[i] > 0xffff) {
1466*4882a593Smuzhiyun rc = -EINVAL;
1467*4882a593Smuzhiyun goto free_out;
1468*4882a593Smuzhiyun }
1469*4882a593Smuzhiyun newname.s6_addr16[i] = htons(scanned[i]);
1470*4882a593Smuzhiyun }
1471*4882a593Smuzhiyun
1472*4882a593Smuzhiyun /*
1473*4882a593Smuzhiyun * If smack begins with '-', it is an option, don't import it
1474*4882a593Smuzhiyun */
1475*4882a593Smuzhiyun if (smack[0] != '-') {
1476*4882a593Smuzhiyun skp = smk_import_entry(smack, 0);
1477*4882a593Smuzhiyun if (IS_ERR(skp)) {
1478*4882a593Smuzhiyun rc = PTR_ERR(skp);
1479*4882a593Smuzhiyun goto free_out;
1480*4882a593Smuzhiyun }
1481*4882a593Smuzhiyun } else {
1482*4882a593Smuzhiyun /*
1483*4882a593Smuzhiyun * Only -DELETE is supported for IPv6
1484*4882a593Smuzhiyun */
1485*4882a593Smuzhiyun if (strcmp(smack, SMACK_DELETE_OPTION) != 0) {
1486*4882a593Smuzhiyun rc = -EINVAL;
1487*4882a593Smuzhiyun goto free_out;
1488*4882a593Smuzhiyun }
1489*4882a593Smuzhiyun }
1490*4882a593Smuzhiyun
1491*4882a593Smuzhiyun for (i = 0, m = mask; i < 8; i++) {
1492*4882a593Smuzhiyun if (m >= 16) {
1493*4882a593Smuzhiyun fullmask.s6_addr16[i] = 0xffff;
1494*4882a593Smuzhiyun m -= 16;
1495*4882a593Smuzhiyun } else if (m > 0) {
1496*4882a593Smuzhiyun fullmask.s6_addr16[i] = (1 << m) - 1;
1497*4882a593Smuzhiyun m = 0;
1498*4882a593Smuzhiyun } else
1499*4882a593Smuzhiyun fullmask.s6_addr16[i] = 0;
1500*4882a593Smuzhiyun newname.s6_addr16[i] &= fullmask.s6_addr16[i];
1501*4882a593Smuzhiyun }
1502*4882a593Smuzhiyun
1503*4882a593Smuzhiyun /*
1504*4882a593Smuzhiyun * Only allow one writer at a time. Writes should be
1505*4882a593Smuzhiyun * quite rare and small in any case.
1506*4882a593Smuzhiyun */
1507*4882a593Smuzhiyun mutex_lock(&smk_net6addr_lock);
1508*4882a593Smuzhiyun /*
1509*4882a593Smuzhiyun * Try to find the prefix in the list
1510*4882a593Smuzhiyun */
1511*4882a593Smuzhiyun list_for_each_entry_rcu(snp, &smk_net6addr_list, list) {
1512*4882a593Smuzhiyun if (mask != snp->smk_masks)
1513*4882a593Smuzhiyun continue;
1514*4882a593Smuzhiyun for (found = 1, i = 0; i < 8; i++) {
1515*4882a593Smuzhiyun if (newname.s6_addr16[i] !=
1516*4882a593Smuzhiyun snp->smk_host.s6_addr16[i]) {
1517*4882a593Smuzhiyun found = 0;
1518*4882a593Smuzhiyun break;
1519*4882a593Smuzhiyun }
1520*4882a593Smuzhiyun }
1521*4882a593Smuzhiyun if (found == 1)
1522*4882a593Smuzhiyun break;
1523*4882a593Smuzhiyun }
1524*4882a593Smuzhiyun if (found == 0) {
1525*4882a593Smuzhiyun snp = kzalloc(sizeof(*snp), GFP_KERNEL);
1526*4882a593Smuzhiyun if (snp == NULL)
1527*4882a593Smuzhiyun rc = -ENOMEM;
1528*4882a593Smuzhiyun else {
1529*4882a593Smuzhiyun snp->smk_host = newname;
1530*4882a593Smuzhiyun snp->smk_mask = fullmask;
1531*4882a593Smuzhiyun snp->smk_masks = mask;
1532*4882a593Smuzhiyun snp->smk_label = skp;
1533*4882a593Smuzhiyun smk_net6addr_insert(snp);
1534*4882a593Smuzhiyun }
1535*4882a593Smuzhiyun } else {
1536*4882a593Smuzhiyun snp->smk_label = skp;
1537*4882a593Smuzhiyun }
1538*4882a593Smuzhiyun
1539*4882a593Smuzhiyun if (rc == 0)
1540*4882a593Smuzhiyun rc = count;
1541*4882a593Smuzhiyun
1542*4882a593Smuzhiyun mutex_unlock(&smk_net6addr_lock);
1543*4882a593Smuzhiyun
1544*4882a593Smuzhiyun free_out:
1545*4882a593Smuzhiyun kfree(smack);
1546*4882a593Smuzhiyun free_data_out:
1547*4882a593Smuzhiyun kfree(data);
1548*4882a593Smuzhiyun
1549*4882a593Smuzhiyun return rc;
1550*4882a593Smuzhiyun }
1551*4882a593Smuzhiyun
1552*4882a593Smuzhiyun static const struct file_operations smk_net6addr_ops = {
1553*4882a593Smuzhiyun .open = smk_open_net6addr,
1554*4882a593Smuzhiyun .read = seq_read,
1555*4882a593Smuzhiyun .llseek = seq_lseek,
1556*4882a593Smuzhiyun .write = smk_write_net6addr,
1557*4882a593Smuzhiyun .release = seq_release,
1558*4882a593Smuzhiyun };
1559*4882a593Smuzhiyun #endif /* CONFIG_IPV6 */
1560*4882a593Smuzhiyun
1561*4882a593Smuzhiyun /**
1562*4882a593Smuzhiyun * smk_read_doi - read() for /smack/doi
1563*4882a593Smuzhiyun * @filp: file pointer, not actually used
1564*4882a593Smuzhiyun * @buf: where to put the result
1565*4882a593Smuzhiyun * @count: maximum to send along
1566*4882a593Smuzhiyun * @ppos: where to start
1567*4882a593Smuzhiyun *
1568*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
1569*4882a593Smuzhiyun */
smk_read_doi(struct file * filp,char __user * buf,size_t count,loff_t * ppos)1570*4882a593Smuzhiyun static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1571*4882a593Smuzhiyun size_t count, loff_t *ppos)
1572*4882a593Smuzhiyun {
1573*4882a593Smuzhiyun char temp[80];
1574*4882a593Smuzhiyun ssize_t rc;
1575*4882a593Smuzhiyun
1576*4882a593Smuzhiyun if (*ppos != 0)
1577*4882a593Smuzhiyun return 0;
1578*4882a593Smuzhiyun
1579*4882a593Smuzhiyun sprintf(temp, "%d", smk_cipso_doi_value);
1580*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1581*4882a593Smuzhiyun
1582*4882a593Smuzhiyun return rc;
1583*4882a593Smuzhiyun }
1584*4882a593Smuzhiyun
1585*4882a593Smuzhiyun /**
1586*4882a593Smuzhiyun * smk_write_doi - write() for /smack/doi
1587*4882a593Smuzhiyun * @file: file pointer, not actually used
1588*4882a593Smuzhiyun * @buf: where to get the data from
1589*4882a593Smuzhiyun * @count: bytes sent
1590*4882a593Smuzhiyun * @ppos: where to start
1591*4882a593Smuzhiyun *
1592*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1593*4882a593Smuzhiyun */
smk_write_doi(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1594*4882a593Smuzhiyun static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1595*4882a593Smuzhiyun size_t count, loff_t *ppos)
1596*4882a593Smuzhiyun {
1597*4882a593Smuzhiyun char temp[80];
1598*4882a593Smuzhiyun int i;
1599*4882a593Smuzhiyun
1600*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
1601*4882a593Smuzhiyun return -EPERM;
1602*4882a593Smuzhiyun
1603*4882a593Smuzhiyun if (count >= sizeof(temp) || count == 0)
1604*4882a593Smuzhiyun return -EINVAL;
1605*4882a593Smuzhiyun
1606*4882a593Smuzhiyun if (copy_from_user(temp, buf, count) != 0)
1607*4882a593Smuzhiyun return -EFAULT;
1608*4882a593Smuzhiyun
1609*4882a593Smuzhiyun temp[count] = '\0';
1610*4882a593Smuzhiyun
1611*4882a593Smuzhiyun if (sscanf(temp, "%d", &i) != 1)
1612*4882a593Smuzhiyun return -EINVAL;
1613*4882a593Smuzhiyun
1614*4882a593Smuzhiyun smk_cipso_doi_value = i;
1615*4882a593Smuzhiyun
1616*4882a593Smuzhiyun smk_cipso_doi();
1617*4882a593Smuzhiyun
1618*4882a593Smuzhiyun return count;
1619*4882a593Smuzhiyun }
1620*4882a593Smuzhiyun
1621*4882a593Smuzhiyun static const struct file_operations smk_doi_ops = {
1622*4882a593Smuzhiyun .read = smk_read_doi,
1623*4882a593Smuzhiyun .write = smk_write_doi,
1624*4882a593Smuzhiyun .llseek = default_llseek,
1625*4882a593Smuzhiyun };
1626*4882a593Smuzhiyun
1627*4882a593Smuzhiyun /**
1628*4882a593Smuzhiyun * smk_read_direct - read() for /smack/direct
1629*4882a593Smuzhiyun * @filp: file pointer, not actually used
1630*4882a593Smuzhiyun * @buf: where to put the result
1631*4882a593Smuzhiyun * @count: maximum to send along
1632*4882a593Smuzhiyun * @ppos: where to start
1633*4882a593Smuzhiyun *
1634*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
1635*4882a593Smuzhiyun */
smk_read_direct(struct file * filp,char __user * buf,size_t count,loff_t * ppos)1636*4882a593Smuzhiyun static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1637*4882a593Smuzhiyun size_t count, loff_t *ppos)
1638*4882a593Smuzhiyun {
1639*4882a593Smuzhiyun char temp[80];
1640*4882a593Smuzhiyun ssize_t rc;
1641*4882a593Smuzhiyun
1642*4882a593Smuzhiyun if (*ppos != 0)
1643*4882a593Smuzhiyun return 0;
1644*4882a593Smuzhiyun
1645*4882a593Smuzhiyun sprintf(temp, "%d", smack_cipso_direct);
1646*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1647*4882a593Smuzhiyun
1648*4882a593Smuzhiyun return rc;
1649*4882a593Smuzhiyun }
1650*4882a593Smuzhiyun
1651*4882a593Smuzhiyun /**
1652*4882a593Smuzhiyun * smk_write_direct - write() for /smack/direct
1653*4882a593Smuzhiyun * @file: file pointer, not actually used
1654*4882a593Smuzhiyun * @buf: where to get the data from
1655*4882a593Smuzhiyun * @count: bytes sent
1656*4882a593Smuzhiyun * @ppos: where to start
1657*4882a593Smuzhiyun *
1658*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1659*4882a593Smuzhiyun */
smk_write_direct(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1660*4882a593Smuzhiyun static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1661*4882a593Smuzhiyun size_t count, loff_t *ppos)
1662*4882a593Smuzhiyun {
1663*4882a593Smuzhiyun struct smack_known *skp;
1664*4882a593Smuzhiyun char temp[80];
1665*4882a593Smuzhiyun int i;
1666*4882a593Smuzhiyun
1667*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
1668*4882a593Smuzhiyun return -EPERM;
1669*4882a593Smuzhiyun
1670*4882a593Smuzhiyun if (count >= sizeof(temp) || count == 0)
1671*4882a593Smuzhiyun return -EINVAL;
1672*4882a593Smuzhiyun
1673*4882a593Smuzhiyun if (copy_from_user(temp, buf, count) != 0)
1674*4882a593Smuzhiyun return -EFAULT;
1675*4882a593Smuzhiyun
1676*4882a593Smuzhiyun temp[count] = '\0';
1677*4882a593Smuzhiyun
1678*4882a593Smuzhiyun if (sscanf(temp, "%d", &i) != 1)
1679*4882a593Smuzhiyun return -EINVAL;
1680*4882a593Smuzhiyun
1681*4882a593Smuzhiyun /*
1682*4882a593Smuzhiyun * Don't do anything if the value hasn't actually changed.
1683*4882a593Smuzhiyun * If it is changing reset the level on entries that were
1684*4882a593Smuzhiyun * set up to be direct when they were created.
1685*4882a593Smuzhiyun */
1686*4882a593Smuzhiyun if (smack_cipso_direct != i) {
1687*4882a593Smuzhiyun mutex_lock(&smack_known_lock);
1688*4882a593Smuzhiyun list_for_each_entry_rcu(skp, &smack_known_list, list)
1689*4882a593Smuzhiyun if (skp->smk_netlabel.attr.mls.lvl ==
1690*4882a593Smuzhiyun smack_cipso_direct)
1691*4882a593Smuzhiyun skp->smk_netlabel.attr.mls.lvl = i;
1692*4882a593Smuzhiyun smack_cipso_direct = i;
1693*4882a593Smuzhiyun mutex_unlock(&smack_known_lock);
1694*4882a593Smuzhiyun }
1695*4882a593Smuzhiyun
1696*4882a593Smuzhiyun return count;
1697*4882a593Smuzhiyun }
1698*4882a593Smuzhiyun
1699*4882a593Smuzhiyun static const struct file_operations smk_direct_ops = {
1700*4882a593Smuzhiyun .read = smk_read_direct,
1701*4882a593Smuzhiyun .write = smk_write_direct,
1702*4882a593Smuzhiyun .llseek = default_llseek,
1703*4882a593Smuzhiyun };
1704*4882a593Smuzhiyun
1705*4882a593Smuzhiyun /**
1706*4882a593Smuzhiyun * smk_read_mapped - read() for /smack/mapped
1707*4882a593Smuzhiyun * @filp: file pointer, not actually used
1708*4882a593Smuzhiyun * @buf: where to put the result
1709*4882a593Smuzhiyun * @count: maximum to send along
1710*4882a593Smuzhiyun * @ppos: where to start
1711*4882a593Smuzhiyun *
1712*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
1713*4882a593Smuzhiyun */
smk_read_mapped(struct file * filp,char __user * buf,size_t count,loff_t * ppos)1714*4882a593Smuzhiyun static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1715*4882a593Smuzhiyun size_t count, loff_t *ppos)
1716*4882a593Smuzhiyun {
1717*4882a593Smuzhiyun char temp[80];
1718*4882a593Smuzhiyun ssize_t rc;
1719*4882a593Smuzhiyun
1720*4882a593Smuzhiyun if (*ppos != 0)
1721*4882a593Smuzhiyun return 0;
1722*4882a593Smuzhiyun
1723*4882a593Smuzhiyun sprintf(temp, "%d", smack_cipso_mapped);
1724*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1725*4882a593Smuzhiyun
1726*4882a593Smuzhiyun return rc;
1727*4882a593Smuzhiyun }
1728*4882a593Smuzhiyun
1729*4882a593Smuzhiyun /**
1730*4882a593Smuzhiyun * smk_write_mapped - write() for /smack/mapped
1731*4882a593Smuzhiyun * @file: file pointer, not actually used
1732*4882a593Smuzhiyun * @buf: where to get the data from
1733*4882a593Smuzhiyun * @count: bytes sent
1734*4882a593Smuzhiyun * @ppos: where to start
1735*4882a593Smuzhiyun *
1736*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1737*4882a593Smuzhiyun */
smk_write_mapped(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1738*4882a593Smuzhiyun static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1739*4882a593Smuzhiyun size_t count, loff_t *ppos)
1740*4882a593Smuzhiyun {
1741*4882a593Smuzhiyun struct smack_known *skp;
1742*4882a593Smuzhiyun char temp[80];
1743*4882a593Smuzhiyun int i;
1744*4882a593Smuzhiyun
1745*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
1746*4882a593Smuzhiyun return -EPERM;
1747*4882a593Smuzhiyun
1748*4882a593Smuzhiyun if (count >= sizeof(temp) || count == 0)
1749*4882a593Smuzhiyun return -EINVAL;
1750*4882a593Smuzhiyun
1751*4882a593Smuzhiyun if (copy_from_user(temp, buf, count) != 0)
1752*4882a593Smuzhiyun return -EFAULT;
1753*4882a593Smuzhiyun
1754*4882a593Smuzhiyun temp[count] = '\0';
1755*4882a593Smuzhiyun
1756*4882a593Smuzhiyun if (sscanf(temp, "%d", &i) != 1)
1757*4882a593Smuzhiyun return -EINVAL;
1758*4882a593Smuzhiyun
1759*4882a593Smuzhiyun /*
1760*4882a593Smuzhiyun * Don't do anything if the value hasn't actually changed.
1761*4882a593Smuzhiyun * If it is changing reset the level on entries that were
1762*4882a593Smuzhiyun * set up to be mapped when they were created.
1763*4882a593Smuzhiyun */
1764*4882a593Smuzhiyun if (smack_cipso_mapped != i) {
1765*4882a593Smuzhiyun mutex_lock(&smack_known_lock);
1766*4882a593Smuzhiyun list_for_each_entry_rcu(skp, &smack_known_list, list)
1767*4882a593Smuzhiyun if (skp->smk_netlabel.attr.mls.lvl ==
1768*4882a593Smuzhiyun smack_cipso_mapped)
1769*4882a593Smuzhiyun skp->smk_netlabel.attr.mls.lvl = i;
1770*4882a593Smuzhiyun smack_cipso_mapped = i;
1771*4882a593Smuzhiyun mutex_unlock(&smack_known_lock);
1772*4882a593Smuzhiyun }
1773*4882a593Smuzhiyun
1774*4882a593Smuzhiyun return count;
1775*4882a593Smuzhiyun }
1776*4882a593Smuzhiyun
1777*4882a593Smuzhiyun static const struct file_operations smk_mapped_ops = {
1778*4882a593Smuzhiyun .read = smk_read_mapped,
1779*4882a593Smuzhiyun .write = smk_write_mapped,
1780*4882a593Smuzhiyun .llseek = default_llseek,
1781*4882a593Smuzhiyun };
1782*4882a593Smuzhiyun
1783*4882a593Smuzhiyun /**
1784*4882a593Smuzhiyun * smk_read_ambient - read() for /smack/ambient
1785*4882a593Smuzhiyun * @filp: file pointer, not actually used
1786*4882a593Smuzhiyun * @buf: where to put the result
1787*4882a593Smuzhiyun * @cn: maximum to send along
1788*4882a593Smuzhiyun * @ppos: where to start
1789*4882a593Smuzhiyun *
1790*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
1791*4882a593Smuzhiyun */
smk_read_ambient(struct file * filp,char __user * buf,size_t cn,loff_t * ppos)1792*4882a593Smuzhiyun static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1793*4882a593Smuzhiyun size_t cn, loff_t *ppos)
1794*4882a593Smuzhiyun {
1795*4882a593Smuzhiyun ssize_t rc;
1796*4882a593Smuzhiyun int asize;
1797*4882a593Smuzhiyun
1798*4882a593Smuzhiyun if (*ppos != 0)
1799*4882a593Smuzhiyun return 0;
1800*4882a593Smuzhiyun /*
1801*4882a593Smuzhiyun * Being careful to avoid a problem in the case where
1802*4882a593Smuzhiyun * smack_net_ambient gets changed in midstream.
1803*4882a593Smuzhiyun */
1804*4882a593Smuzhiyun mutex_lock(&smack_ambient_lock);
1805*4882a593Smuzhiyun
1806*4882a593Smuzhiyun asize = strlen(smack_net_ambient->smk_known) + 1;
1807*4882a593Smuzhiyun
1808*4882a593Smuzhiyun if (cn >= asize)
1809*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, cn, ppos,
1810*4882a593Smuzhiyun smack_net_ambient->smk_known,
1811*4882a593Smuzhiyun asize);
1812*4882a593Smuzhiyun else
1813*4882a593Smuzhiyun rc = -EINVAL;
1814*4882a593Smuzhiyun
1815*4882a593Smuzhiyun mutex_unlock(&smack_ambient_lock);
1816*4882a593Smuzhiyun
1817*4882a593Smuzhiyun return rc;
1818*4882a593Smuzhiyun }
1819*4882a593Smuzhiyun
1820*4882a593Smuzhiyun /**
1821*4882a593Smuzhiyun * smk_write_ambient - write() for /smack/ambient
1822*4882a593Smuzhiyun * @file: file pointer, not actually used
1823*4882a593Smuzhiyun * @buf: where to get the data from
1824*4882a593Smuzhiyun * @count: bytes sent
1825*4882a593Smuzhiyun * @ppos: where to start
1826*4882a593Smuzhiyun *
1827*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
1828*4882a593Smuzhiyun */
smk_write_ambient(struct file * file,const char __user * buf,size_t count,loff_t * ppos)1829*4882a593Smuzhiyun static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1830*4882a593Smuzhiyun size_t count, loff_t *ppos)
1831*4882a593Smuzhiyun {
1832*4882a593Smuzhiyun struct smack_known *skp;
1833*4882a593Smuzhiyun char *oldambient;
1834*4882a593Smuzhiyun char *data;
1835*4882a593Smuzhiyun int rc = count;
1836*4882a593Smuzhiyun
1837*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
1838*4882a593Smuzhiyun return -EPERM;
1839*4882a593Smuzhiyun
1840*4882a593Smuzhiyun /* Enough data must be present */
1841*4882a593Smuzhiyun if (count == 0 || count > PAGE_SIZE)
1842*4882a593Smuzhiyun return -EINVAL;
1843*4882a593Smuzhiyun
1844*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
1845*4882a593Smuzhiyun if (IS_ERR(data))
1846*4882a593Smuzhiyun return PTR_ERR(data);
1847*4882a593Smuzhiyun
1848*4882a593Smuzhiyun skp = smk_import_entry(data, count);
1849*4882a593Smuzhiyun if (IS_ERR(skp)) {
1850*4882a593Smuzhiyun rc = PTR_ERR(skp);
1851*4882a593Smuzhiyun goto out;
1852*4882a593Smuzhiyun }
1853*4882a593Smuzhiyun
1854*4882a593Smuzhiyun mutex_lock(&smack_ambient_lock);
1855*4882a593Smuzhiyun
1856*4882a593Smuzhiyun oldambient = smack_net_ambient->smk_known;
1857*4882a593Smuzhiyun smack_net_ambient = skp;
1858*4882a593Smuzhiyun smk_unlbl_ambient(oldambient);
1859*4882a593Smuzhiyun
1860*4882a593Smuzhiyun mutex_unlock(&smack_ambient_lock);
1861*4882a593Smuzhiyun
1862*4882a593Smuzhiyun out:
1863*4882a593Smuzhiyun kfree(data);
1864*4882a593Smuzhiyun return rc;
1865*4882a593Smuzhiyun }
1866*4882a593Smuzhiyun
1867*4882a593Smuzhiyun static const struct file_operations smk_ambient_ops = {
1868*4882a593Smuzhiyun .read = smk_read_ambient,
1869*4882a593Smuzhiyun .write = smk_write_ambient,
1870*4882a593Smuzhiyun .llseek = default_llseek,
1871*4882a593Smuzhiyun };
1872*4882a593Smuzhiyun
1873*4882a593Smuzhiyun /*
1874*4882a593Smuzhiyun * Seq_file operations for /smack/onlycap
1875*4882a593Smuzhiyun */
onlycap_seq_start(struct seq_file * s,loff_t * pos)1876*4882a593Smuzhiyun static void *onlycap_seq_start(struct seq_file *s, loff_t *pos)
1877*4882a593Smuzhiyun {
1878*4882a593Smuzhiyun return smk_seq_start(s, pos, &smack_onlycap_list);
1879*4882a593Smuzhiyun }
1880*4882a593Smuzhiyun
onlycap_seq_next(struct seq_file * s,void * v,loff_t * pos)1881*4882a593Smuzhiyun static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos)
1882*4882a593Smuzhiyun {
1883*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &smack_onlycap_list);
1884*4882a593Smuzhiyun }
1885*4882a593Smuzhiyun
onlycap_seq_show(struct seq_file * s,void * v)1886*4882a593Smuzhiyun static int onlycap_seq_show(struct seq_file *s, void *v)
1887*4882a593Smuzhiyun {
1888*4882a593Smuzhiyun struct list_head *list = v;
1889*4882a593Smuzhiyun struct smack_known_list_elem *sklep =
1890*4882a593Smuzhiyun list_entry_rcu(list, struct smack_known_list_elem, list);
1891*4882a593Smuzhiyun
1892*4882a593Smuzhiyun seq_puts(s, sklep->smk_label->smk_known);
1893*4882a593Smuzhiyun seq_putc(s, ' ');
1894*4882a593Smuzhiyun
1895*4882a593Smuzhiyun return 0;
1896*4882a593Smuzhiyun }
1897*4882a593Smuzhiyun
1898*4882a593Smuzhiyun static const struct seq_operations onlycap_seq_ops = {
1899*4882a593Smuzhiyun .start = onlycap_seq_start,
1900*4882a593Smuzhiyun .next = onlycap_seq_next,
1901*4882a593Smuzhiyun .show = onlycap_seq_show,
1902*4882a593Smuzhiyun .stop = smk_seq_stop,
1903*4882a593Smuzhiyun };
1904*4882a593Smuzhiyun
smk_open_onlycap(struct inode * inode,struct file * file)1905*4882a593Smuzhiyun static int smk_open_onlycap(struct inode *inode, struct file *file)
1906*4882a593Smuzhiyun {
1907*4882a593Smuzhiyun return seq_open(file, &onlycap_seq_ops);
1908*4882a593Smuzhiyun }
1909*4882a593Smuzhiyun
1910*4882a593Smuzhiyun /**
1911*4882a593Smuzhiyun * smk_list_swap_rcu - swap public list with a private one in RCU-safe way
1912*4882a593Smuzhiyun * The caller must hold appropriate mutex to prevent concurrent modifications
1913*4882a593Smuzhiyun * to the public list.
1914*4882a593Smuzhiyun * Private list is assumed to be not accessible to other threads yet.
1915*4882a593Smuzhiyun *
1916*4882a593Smuzhiyun * @public: public list
1917*4882a593Smuzhiyun * @private: private list
1918*4882a593Smuzhiyun */
smk_list_swap_rcu(struct list_head * public,struct list_head * private)1919*4882a593Smuzhiyun static void smk_list_swap_rcu(struct list_head *public,
1920*4882a593Smuzhiyun struct list_head *private)
1921*4882a593Smuzhiyun {
1922*4882a593Smuzhiyun struct list_head *first, *last;
1923*4882a593Smuzhiyun
1924*4882a593Smuzhiyun if (list_empty(public)) {
1925*4882a593Smuzhiyun list_splice_init_rcu(private, public, synchronize_rcu);
1926*4882a593Smuzhiyun } else {
1927*4882a593Smuzhiyun /* Remember public list before replacing it */
1928*4882a593Smuzhiyun first = public->next;
1929*4882a593Smuzhiyun last = public->prev;
1930*4882a593Smuzhiyun
1931*4882a593Smuzhiyun /* Publish private list in place of public in RCU-safe way */
1932*4882a593Smuzhiyun private->prev->next = public;
1933*4882a593Smuzhiyun private->next->prev = public;
1934*4882a593Smuzhiyun rcu_assign_pointer(public->next, private->next);
1935*4882a593Smuzhiyun public->prev = private->prev;
1936*4882a593Smuzhiyun
1937*4882a593Smuzhiyun synchronize_rcu();
1938*4882a593Smuzhiyun
1939*4882a593Smuzhiyun /* When all readers are done with the old public list,
1940*4882a593Smuzhiyun * attach it in place of private */
1941*4882a593Smuzhiyun private->next = first;
1942*4882a593Smuzhiyun private->prev = last;
1943*4882a593Smuzhiyun first->prev = private;
1944*4882a593Smuzhiyun last->next = private;
1945*4882a593Smuzhiyun }
1946*4882a593Smuzhiyun }
1947*4882a593Smuzhiyun
1948*4882a593Smuzhiyun /**
1949*4882a593Smuzhiyun * smk_parse_label_list - parse list of Smack labels, separated by spaces
1950*4882a593Smuzhiyun *
1951*4882a593Smuzhiyun * @data: the string to parse
1952*4882a593Smuzhiyun * @private: destination list
1953*4882a593Smuzhiyun *
1954*4882a593Smuzhiyun * Returns zero on success or error code, as appropriate
1955*4882a593Smuzhiyun */
smk_parse_label_list(char * data,struct list_head * list)1956*4882a593Smuzhiyun static int smk_parse_label_list(char *data, struct list_head *list)
1957*4882a593Smuzhiyun {
1958*4882a593Smuzhiyun char *tok;
1959*4882a593Smuzhiyun struct smack_known *skp;
1960*4882a593Smuzhiyun struct smack_known_list_elem *sklep;
1961*4882a593Smuzhiyun
1962*4882a593Smuzhiyun while ((tok = strsep(&data, " ")) != NULL) {
1963*4882a593Smuzhiyun if (!*tok)
1964*4882a593Smuzhiyun continue;
1965*4882a593Smuzhiyun
1966*4882a593Smuzhiyun skp = smk_import_entry(tok, 0);
1967*4882a593Smuzhiyun if (IS_ERR(skp))
1968*4882a593Smuzhiyun return PTR_ERR(skp);
1969*4882a593Smuzhiyun
1970*4882a593Smuzhiyun sklep = kzalloc(sizeof(*sklep), GFP_KERNEL);
1971*4882a593Smuzhiyun if (sklep == NULL)
1972*4882a593Smuzhiyun return -ENOMEM;
1973*4882a593Smuzhiyun
1974*4882a593Smuzhiyun sklep->smk_label = skp;
1975*4882a593Smuzhiyun list_add(&sklep->list, list);
1976*4882a593Smuzhiyun }
1977*4882a593Smuzhiyun
1978*4882a593Smuzhiyun return 0;
1979*4882a593Smuzhiyun }
1980*4882a593Smuzhiyun
1981*4882a593Smuzhiyun /**
1982*4882a593Smuzhiyun * smk_destroy_label_list - destroy a list of smack_known_list_elem
1983*4882a593Smuzhiyun * @head: header pointer of the list to destroy
1984*4882a593Smuzhiyun */
smk_destroy_label_list(struct list_head * list)1985*4882a593Smuzhiyun void smk_destroy_label_list(struct list_head *list)
1986*4882a593Smuzhiyun {
1987*4882a593Smuzhiyun struct smack_known_list_elem *sklep;
1988*4882a593Smuzhiyun struct smack_known_list_elem *sklep2;
1989*4882a593Smuzhiyun
1990*4882a593Smuzhiyun list_for_each_entry_safe(sklep, sklep2, list, list)
1991*4882a593Smuzhiyun kfree(sklep);
1992*4882a593Smuzhiyun
1993*4882a593Smuzhiyun INIT_LIST_HEAD(list);
1994*4882a593Smuzhiyun }
1995*4882a593Smuzhiyun
1996*4882a593Smuzhiyun /**
1997*4882a593Smuzhiyun * smk_write_onlycap - write() for smackfs/onlycap
1998*4882a593Smuzhiyun * @file: file pointer, not actually used
1999*4882a593Smuzhiyun * @buf: where to get the data from
2000*4882a593Smuzhiyun * @count: bytes sent
2001*4882a593Smuzhiyun * @ppos: where to start
2002*4882a593Smuzhiyun *
2003*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
2004*4882a593Smuzhiyun */
smk_write_onlycap(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2005*4882a593Smuzhiyun static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
2006*4882a593Smuzhiyun size_t count, loff_t *ppos)
2007*4882a593Smuzhiyun {
2008*4882a593Smuzhiyun char *data;
2009*4882a593Smuzhiyun LIST_HEAD(list_tmp);
2010*4882a593Smuzhiyun int rc;
2011*4882a593Smuzhiyun
2012*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2013*4882a593Smuzhiyun return -EPERM;
2014*4882a593Smuzhiyun
2015*4882a593Smuzhiyun if (count > PAGE_SIZE)
2016*4882a593Smuzhiyun return -EINVAL;
2017*4882a593Smuzhiyun
2018*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
2019*4882a593Smuzhiyun if (IS_ERR(data))
2020*4882a593Smuzhiyun return PTR_ERR(data);
2021*4882a593Smuzhiyun
2022*4882a593Smuzhiyun rc = smk_parse_label_list(data, &list_tmp);
2023*4882a593Smuzhiyun kfree(data);
2024*4882a593Smuzhiyun
2025*4882a593Smuzhiyun /*
2026*4882a593Smuzhiyun * Clear the smack_onlycap on invalid label errors. This means
2027*4882a593Smuzhiyun * that we can pass a null string to unset the onlycap value.
2028*4882a593Smuzhiyun *
2029*4882a593Smuzhiyun * Importing will also reject a label beginning with '-',
2030*4882a593Smuzhiyun * so "-usecapabilities" will also work.
2031*4882a593Smuzhiyun *
2032*4882a593Smuzhiyun * But do so only on invalid label, not on system errors.
2033*4882a593Smuzhiyun * The invalid label must be first to count as clearing attempt.
2034*4882a593Smuzhiyun */
2035*4882a593Smuzhiyun if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
2036*4882a593Smuzhiyun mutex_lock(&smack_onlycap_lock);
2037*4882a593Smuzhiyun smk_list_swap_rcu(&smack_onlycap_list, &list_tmp);
2038*4882a593Smuzhiyun mutex_unlock(&smack_onlycap_lock);
2039*4882a593Smuzhiyun rc = count;
2040*4882a593Smuzhiyun }
2041*4882a593Smuzhiyun
2042*4882a593Smuzhiyun smk_destroy_label_list(&list_tmp);
2043*4882a593Smuzhiyun
2044*4882a593Smuzhiyun return rc;
2045*4882a593Smuzhiyun }
2046*4882a593Smuzhiyun
2047*4882a593Smuzhiyun static const struct file_operations smk_onlycap_ops = {
2048*4882a593Smuzhiyun .open = smk_open_onlycap,
2049*4882a593Smuzhiyun .read = seq_read,
2050*4882a593Smuzhiyun .write = smk_write_onlycap,
2051*4882a593Smuzhiyun .llseek = seq_lseek,
2052*4882a593Smuzhiyun .release = seq_release,
2053*4882a593Smuzhiyun };
2054*4882a593Smuzhiyun
2055*4882a593Smuzhiyun #ifdef CONFIG_SECURITY_SMACK_BRINGUP
2056*4882a593Smuzhiyun /**
2057*4882a593Smuzhiyun * smk_read_unconfined - read() for smackfs/unconfined
2058*4882a593Smuzhiyun * @filp: file pointer, not actually used
2059*4882a593Smuzhiyun * @buf: where to put the result
2060*4882a593Smuzhiyun * @cn: maximum to send along
2061*4882a593Smuzhiyun * @ppos: where to start
2062*4882a593Smuzhiyun *
2063*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
2064*4882a593Smuzhiyun */
smk_read_unconfined(struct file * filp,char __user * buf,size_t cn,loff_t * ppos)2065*4882a593Smuzhiyun static ssize_t smk_read_unconfined(struct file *filp, char __user *buf,
2066*4882a593Smuzhiyun size_t cn, loff_t *ppos)
2067*4882a593Smuzhiyun {
2068*4882a593Smuzhiyun char *smack = "";
2069*4882a593Smuzhiyun ssize_t rc = -EINVAL;
2070*4882a593Smuzhiyun int asize;
2071*4882a593Smuzhiyun
2072*4882a593Smuzhiyun if (*ppos != 0)
2073*4882a593Smuzhiyun return 0;
2074*4882a593Smuzhiyun
2075*4882a593Smuzhiyun if (smack_unconfined != NULL)
2076*4882a593Smuzhiyun smack = smack_unconfined->smk_known;
2077*4882a593Smuzhiyun
2078*4882a593Smuzhiyun asize = strlen(smack) + 1;
2079*4882a593Smuzhiyun
2080*4882a593Smuzhiyun if (cn >= asize)
2081*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
2082*4882a593Smuzhiyun
2083*4882a593Smuzhiyun return rc;
2084*4882a593Smuzhiyun }
2085*4882a593Smuzhiyun
2086*4882a593Smuzhiyun /**
2087*4882a593Smuzhiyun * smk_write_unconfined - write() for smackfs/unconfined
2088*4882a593Smuzhiyun * @file: file pointer, not actually used
2089*4882a593Smuzhiyun * @buf: where to get the data from
2090*4882a593Smuzhiyun * @count: bytes sent
2091*4882a593Smuzhiyun * @ppos: where to start
2092*4882a593Smuzhiyun *
2093*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
2094*4882a593Smuzhiyun */
smk_write_unconfined(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2095*4882a593Smuzhiyun static ssize_t smk_write_unconfined(struct file *file, const char __user *buf,
2096*4882a593Smuzhiyun size_t count, loff_t *ppos)
2097*4882a593Smuzhiyun {
2098*4882a593Smuzhiyun char *data;
2099*4882a593Smuzhiyun struct smack_known *skp;
2100*4882a593Smuzhiyun int rc = count;
2101*4882a593Smuzhiyun
2102*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2103*4882a593Smuzhiyun return -EPERM;
2104*4882a593Smuzhiyun
2105*4882a593Smuzhiyun if (count > PAGE_SIZE)
2106*4882a593Smuzhiyun return -EINVAL;
2107*4882a593Smuzhiyun
2108*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
2109*4882a593Smuzhiyun if (IS_ERR(data))
2110*4882a593Smuzhiyun return PTR_ERR(data);
2111*4882a593Smuzhiyun
2112*4882a593Smuzhiyun /*
2113*4882a593Smuzhiyun * Clear the smack_unconfined on invalid label errors. This means
2114*4882a593Smuzhiyun * that we can pass a null string to unset the unconfined value.
2115*4882a593Smuzhiyun *
2116*4882a593Smuzhiyun * Importing will also reject a label beginning with '-',
2117*4882a593Smuzhiyun * so "-confine" will also work.
2118*4882a593Smuzhiyun *
2119*4882a593Smuzhiyun * But do so only on invalid label, not on system errors.
2120*4882a593Smuzhiyun */
2121*4882a593Smuzhiyun skp = smk_import_entry(data, count);
2122*4882a593Smuzhiyun if (PTR_ERR(skp) == -EINVAL)
2123*4882a593Smuzhiyun skp = NULL;
2124*4882a593Smuzhiyun else if (IS_ERR(skp)) {
2125*4882a593Smuzhiyun rc = PTR_ERR(skp);
2126*4882a593Smuzhiyun goto freeout;
2127*4882a593Smuzhiyun }
2128*4882a593Smuzhiyun
2129*4882a593Smuzhiyun smack_unconfined = skp;
2130*4882a593Smuzhiyun
2131*4882a593Smuzhiyun freeout:
2132*4882a593Smuzhiyun kfree(data);
2133*4882a593Smuzhiyun return rc;
2134*4882a593Smuzhiyun }
2135*4882a593Smuzhiyun
2136*4882a593Smuzhiyun static const struct file_operations smk_unconfined_ops = {
2137*4882a593Smuzhiyun .read = smk_read_unconfined,
2138*4882a593Smuzhiyun .write = smk_write_unconfined,
2139*4882a593Smuzhiyun .llseek = default_llseek,
2140*4882a593Smuzhiyun };
2141*4882a593Smuzhiyun #endif /* CONFIG_SECURITY_SMACK_BRINGUP */
2142*4882a593Smuzhiyun
2143*4882a593Smuzhiyun /**
2144*4882a593Smuzhiyun * smk_read_logging - read() for /smack/logging
2145*4882a593Smuzhiyun * @filp: file pointer, not actually used
2146*4882a593Smuzhiyun * @buf: where to put the result
2147*4882a593Smuzhiyun * @cn: maximum to send along
2148*4882a593Smuzhiyun * @ppos: where to start
2149*4882a593Smuzhiyun *
2150*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
2151*4882a593Smuzhiyun */
smk_read_logging(struct file * filp,char __user * buf,size_t count,loff_t * ppos)2152*4882a593Smuzhiyun static ssize_t smk_read_logging(struct file *filp, char __user *buf,
2153*4882a593Smuzhiyun size_t count, loff_t *ppos)
2154*4882a593Smuzhiyun {
2155*4882a593Smuzhiyun char temp[32];
2156*4882a593Smuzhiyun ssize_t rc;
2157*4882a593Smuzhiyun
2158*4882a593Smuzhiyun if (*ppos != 0)
2159*4882a593Smuzhiyun return 0;
2160*4882a593Smuzhiyun
2161*4882a593Smuzhiyun sprintf(temp, "%d\n", log_policy);
2162*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
2163*4882a593Smuzhiyun return rc;
2164*4882a593Smuzhiyun }
2165*4882a593Smuzhiyun
2166*4882a593Smuzhiyun /**
2167*4882a593Smuzhiyun * smk_write_logging - write() for /smack/logging
2168*4882a593Smuzhiyun * @file: file pointer, not actually used
2169*4882a593Smuzhiyun * @buf: where to get the data from
2170*4882a593Smuzhiyun * @count: bytes sent
2171*4882a593Smuzhiyun * @ppos: where to start
2172*4882a593Smuzhiyun *
2173*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
2174*4882a593Smuzhiyun */
smk_write_logging(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2175*4882a593Smuzhiyun static ssize_t smk_write_logging(struct file *file, const char __user *buf,
2176*4882a593Smuzhiyun size_t count, loff_t *ppos)
2177*4882a593Smuzhiyun {
2178*4882a593Smuzhiyun char temp[32];
2179*4882a593Smuzhiyun int i;
2180*4882a593Smuzhiyun
2181*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2182*4882a593Smuzhiyun return -EPERM;
2183*4882a593Smuzhiyun
2184*4882a593Smuzhiyun if (count >= sizeof(temp) || count == 0)
2185*4882a593Smuzhiyun return -EINVAL;
2186*4882a593Smuzhiyun
2187*4882a593Smuzhiyun if (copy_from_user(temp, buf, count) != 0)
2188*4882a593Smuzhiyun return -EFAULT;
2189*4882a593Smuzhiyun
2190*4882a593Smuzhiyun temp[count] = '\0';
2191*4882a593Smuzhiyun
2192*4882a593Smuzhiyun if (sscanf(temp, "%d", &i) != 1)
2193*4882a593Smuzhiyun return -EINVAL;
2194*4882a593Smuzhiyun if (i < 0 || i > 3)
2195*4882a593Smuzhiyun return -EINVAL;
2196*4882a593Smuzhiyun log_policy = i;
2197*4882a593Smuzhiyun return count;
2198*4882a593Smuzhiyun }
2199*4882a593Smuzhiyun
2200*4882a593Smuzhiyun
2201*4882a593Smuzhiyun
2202*4882a593Smuzhiyun static const struct file_operations smk_logging_ops = {
2203*4882a593Smuzhiyun .read = smk_read_logging,
2204*4882a593Smuzhiyun .write = smk_write_logging,
2205*4882a593Smuzhiyun .llseek = default_llseek,
2206*4882a593Smuzhiyun };
2207*4882a593Smuzhiyun
2208*4882a593Smuzhiyun /*
2209*4882a593Smuzhiyun * Seq_file read operations for /smack/load-self
2210*4882a593Smuzhiyun */
2211*4882a593Smuzhiyun
load_self_seq_start(struct seq_file * s,loff_t * pos)2212*4882a593Smuzhiyun static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
2213*4882a593Smuzhiyun {
2214*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2215*4882a593Smuzhiyun
2216*4882a593Smuzhiyun return smk_seq_start(s, pos, &tsp->smk_rules);
2217*4882a593Smuzhiyun }
2218*4882a593Smuzhiyun
load_self_seq_next(struct seq_file * s,void * v,loff_t * pos)2219*4882a593Smuzhiyun static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
2220*4882a593Smuzhiyun {
2221*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2222*4882a593Smuzhiyun
2223*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &tsp->smk_rules);
2224*4882a593Smuzhiyun }
2225*4882a593Smuzhiyun
load_self_seq_show(struct seq_file * s,void * v)2226*4882a593Smuzhiyun static int load_self_seq_show(struct seq_file *s, void *v)
2227*4882a593Smuzhiyun {
2228*4882a593Smuzhiyun struct list_head *list = v;
2229*4882a593Smuzhiyun struct smack_rule *srp =
2230*4882a593Smuzhiyun list_entry_rcu(list, struct smack_rule, list);
2231*4882a593Smuzhiyun
2232*4882a593Smuzhiyun smk_rule_show(s, srp, SMK_LABELLEN);
2233*4882a593Smuzhiyun
2234*4882a593Smuzhiyun return 0;
2235*4882a593Smuzhiyun }
2236*4882a593Smuzhiyun
2237*4882a593Smuzhiyun static const struct seq_operations load_self_seq_ops = {
2238*4882a593Smuzhiyun .start = load_self_seq_start,
2239*4882a593Smuzhiyun .next = load_self_seq_next,
2240*4882a593Smuzhiyun .show = load_self_seq_show,
2241*4882a593Smuzhiyun .stop = smk_seq_stop,
2242*4882a593Smuzhiyun };
2243*4882a593Smuzhiyun
2244*4882a593Smuzhiyun
2245*4882a593Smuzhiyun /**
2246*4882a593Smuzhiyun * smk_open_load_self - open() for /smack/load-self2
2247*4882a593Smuzhiyun * @inode: inode structure representing file
2248*4882a593Smuzhiyun * @file: "load" file pointer
2249*4882a593Smuzhiyun *
2250*4882a593Smuzhiyun * For reading, use load_seq_* seq_file reading operations.
2251*4882a593Smuzhiyun */
smk_open_load_self(struct inode * inode,struct file * file)2252*4882a593Smuzhiyun static int smk_open_load_self(struct inode *inode, struct file *file)
2253*4882a593Smuzhiyun {
2254*4882a593Smuzhiyun return seq_open(file, &load_self_seq_ops);
2255*4882a593Smuzhiyun }
2256*4882a593Smuzhiyun
2257*4882a593Smuzhiyun /**
2258*4882a593Smuzhiyun * smk_write_load_self - write() for /smack/load-self
2259*4882a593Smuzhiyun * @file: file pointer, not actually used
2260*4882a593Smuzhiyun * @buf: where to get the data from
2261*4882a593Smuzhiyun * @count: bytes sent
2262*4882a593Smuzhiyun * @ppos: where to start - must be 0
2263*4882a593Smuzhiyun *
2264*4882a593Smuzhiyun */
smk_write_load_self(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2265*4882a593Smuzhiyun static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
2266*4882a593Smuzhiyun size_t count, loff_t *ppos)
2267*4882a593Smuzhiyun {
2268*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2269*4882a593Smuzhiyun
2270*4882a593Smuzhiyun return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2271*4882a593Smuzhiyun &tsp->smk_rules_lock, SMK_FIXED24_FMT);
2272*4882a593Smuzhiyun }
2273*4882a593Smuzhiyun
2274*4882a593Smuzhiyun static const struct file_operations smk_load_self_ops = {
2275*4882a593Smuzhiyun .open = smk_open_load_self,
2276*4882a593Smuzhiyun .read = seq_read,
2277*4882a593Smuzhiyun .llseek = seq_lseek,
2278*4882a593Smuzhiyun .write = smk_write_load_self,
2279*4882a593Smuzhiyun .release = seq_release,
2280*4882a593Smuzhiyun };
2281*4882a593Smuzhiyun
2282*4882a593Smuzhiyun /**
2283*4882a593Smuzhiyun * smk_user_access - handle access check transaction
2284*4882a593Smuzhiyun * @file: file pointer
2285*4882a593Smuzhiyun * @buf: data from user space
2286*4882a593Smuzhiyun * @count: bytes sent
2287*4882a593Smuzhiyun * @ppos: where to start - must be 0
2288*4882a593Smuzhiyun */
smk_user_access(struct file * file,const char __user * buf,size_t count,loff_t * ppos,int format)2289*4882a593Smuzhiyun static ssize_t smk_user_access(struct file *file, const char __user *buf,
2290*4882a593Smuzhiyun size_t count, loff_t *ppos, int format)
2291*4882a593Smuzhiyun {
2292*4882a593Smuzhiyun struct smack_parsed_rule rule;
2293*4882a593Smuzhiyun char *data;
2294*4882a593Smuzhiyun int res;
2295*4882a593Smuzhiyun
2296*4882a593Smuzhiyun data = simple_transaction_get(file, buf, count);
2297*4882a593Smuzhiyun if (IS_ERR(data))
2298*4882a593Smuzhiyun return PTR_ERR(data);
2299*4882a593Smuzhiyun
2300*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT) {
2301*4882a593Smuzhiyun if (count < SMK_LOADLEN)
2302*4882a593Smuzhiyun return -EINVAL;
2303*4882a593Smuzhiyun res = smk_parse_rule(data, &rule, 0);
2304*4882a593Smuzhiyun } else {
2305*4882a593Smuzhiyun /*
2306*4882a593Smuzhiyun * simple_transaction_get() returns null-terminated data
2307*4882a593Smuzhiyun */
2308*4882a593Smuzhiyun res = smk_parse_long_rule(data, &rule, 0, 3);
2309*4882a593Smuzhiyun }
2310*4882a593Smuzhiyun
2311*4882a593Smuzhiyun if (res >= 0)
2312*4882a593Smuzhiyun res = smk_access(rule.smk_subject, rule.smk_object,
2313*4882a593Smuzhiyun rule.smk_access1, NULL);
2314*4882a593Smuzhiyun else if (res != -ENOENT)
2315*4882a593Smuzhiyun return res;
2316*4882a593Smuzhiyun
2317*4882a593Smuzhiyun /*
2318*4882a593Smuzhiyun * smk_access() can return a value > 0 in the "bringup" case.
2319*4882a593Smuzhiyun */
2320*4882a593Smuzhiyun data[0] = res >= 0 ? '1' : '0';
2321*4882a593Smuzhiyun data[1] = '\0';
2322*4882a593Smuzhiyun
2323*4882a593Smuzhiyun simple_transaction_set(file, 2);
2324*4882a593Smuzhiyun
2325*4882a593Smuzhiyun if (format == SMK_FIXED24_FMT)
2326*4882a593Smuzhiyun return SMK_LOADLEN;
2327*4882a593Smuzhiyun return count;
2328*4882a593Smuzhiyun }
2329*4882a593Smuzhiyun
2330*4882a593Smuzhiyun /**
2331*4882a593Smuzhiyun * smk_write_access - handle access check transaction
2332*4882a593Smuzhiyun * @file: file pointer
2333*4882a593Smuzhiyun * @buf: data from user space
2334*4882a593Smuzhiyun * @count: bytes sent
2335*4882a593Smuzhiyun * @ppos: where to start - must be 0
2336*4882a593Smuzhiyun */
smk_write_access(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2337*4882a593Smuzhiyun static ssize_t smk_write_access(struct file *file, const char __user *buf,
2338*4882a593Smuzhiyun size_t count, loff_t *ppos)
2339*4882a593Smuzhiyun {
2340*4882a593Smuzhiyun return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
2341*4882a593Smuzhiyun }
2342*4882a593Smuzhiyun
2343*4882a593Smuzhiyun static const struct file_operations smk_access_ops = {
2344*4882a593Smuzhiyun .write = smk_write_access,
2345*4882a593Smuzhiyun .read = simple_transaction_read,
2346*4882a593Smuzhiyun .release = simple_transaction_release,
2347*4882a593Smuzhiyun .llseek = generic_file_llseek,
2348*4882a593Smuzhiyun };
2349*4882a593Smuzhiyun
2350*4882a593Smuzhiyun
2351*4882a593Smuzhiyun /*
2352*4882a593Smuzhiyun * Seq_file read operations for /smack/load2
2353*4882a593Smuzhiyun */
2354*4882a593Smuzhiyun
load2_seq_show(struct seq_file * s,void * v)2355*4882a593Smuzhiyun static int load2_seq_show(struct seq_file *s, void *v)
2356*4882a593Smuzhiyun {
2357*4882a593Smuzhiyun struct list_head *list = v;
2358*4882a593Smuzhiyun struct smack_rule *srp;
2359*4882a593Smuzhiyun struct smack_known *skp =
2360*4882a593Smuzhiyun list_entry_rcu(list, struct smack_known, list);
2361*4882a593Smuzhiyun
2362*4882a593Smuzhiyun list_for_each_entry_rcu(srp, &skp->smk_rules, list)
2363*4882a593Smuzhiyun smk_rule_show(s, srp, SMK_LONGLABEL);
2364*4882a593Smuzhiyun
2365*4882a593Smuzhiyun return 0;
2366*4882a593Smuzhiyun }
2367*4882a593Smuzhiyun
2368*4882a593Smuzhiyun static const struct seq_operations load2_seq_ops = {
2369*4882a593Smuzhiyun .start = load2_seq_start,
2370*4882a593Smuzhiyun .next = load2_seq_next,
2371*4882a593Smuzhiyun .show = load2_seq_show,
2372*4882a593Smuzhiyun .stop = smk_seq_stop,
2373*4882a593Smuzhiyun };
2374*4882a593Smuzhiyun
2375*4882a593Smuzhiyun /**
2376*4882a593Smuzhiyun * smk_open_load2 - open() for /smack/load2
2377*4882a593Smuzhiyun * @inode: inode structure representing file
2378*4882a593Smuzhiyun * @file: "load2" file pointer
2379*4882a593Smuzhiyun *
2380*4882a593Smuzhiyun * For reading, use load2_seq_* seq_file reading operations.
2381*4882a593Smuzhiyun */
smk_open_load2(struct inode * inode,struct file * file)2382*4882a593Smuzhiyun static int smk_open_load2(struct inode *inode, struct file *file)
2383*4882a593Smuzhiyun {
2384*4882a593Smuzhiyun return seq_open(file, &load2_seq_ops);
2385*4882a593Smuzhiyun }
2386*4882a593Smuzhiyun
2387*4882a593Smuzhiyun /**
2388*4882a593Smuzhiyun * smk_write_load2 - write() for /smack/load2
2389*4882a593Smuzhiyun * @file: file pointer, not actually used
2390*4882a593Smuzhiyun * @buf: where to get the data from
2391*4882a593Smuzhiyun * @count: bytes sent
2392*4882a593Smuzhiyun * @ppos: where to start - must be 0
2393*4882a593Smuzhiyun *
2394*4882a593Smuzhiyun */
smk_write_load2(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2395*4882a593Smuzhiyun static ssize_t smk_write_load2(struct file *file, const char __user *buf,
2396*4882a593Smuzhiyun size_t count, loff_t *ppos)
2397*4882a593Smuzhiyun {
2398*4882a593Smuzhiyun /*
2399*4882a593Smuzhiyun * Must have privilege.
2400*4882a593Smuzhiyun */
2401*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2402*4882a593Smuzhiyun return -EPERM;
2403*4882a593Smuzhiyun
2404*4882a593Smuzhiyun return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2405*4882a593Smuzhiyun SMK_LONG_FMT);
2406*4882a593Smuzhiyun }
2407*4882a593Smuzhiyun
2408*4882a593Smuzhiyun static const struct file_operations smk_load2_ops = {
2409*4882a593Smuzhiyun .open = smk_open_load2,
2410*4882a593Smuzhiyun .read = seq_read,
2411*4882a593Smuzhiyun .llseek = seq_lseek,
2412*4882a593Smuzhiyun .write = smk_write_load2,
2413*4882a593Smuzhiyun .release = seq_release,
2414*4882a593Smuzhiyun };
2415*4882a593Smuzhiyun
2416*4882a593Smuzhiyun /*
2417*4882a593Smuzhiyun * Seq_file read operations for /smack/load-self2
2418*4882a593Smuzhiyun */
2419*4882a593Smuzhiyun
load_self2_seq_start(struct seq_file * s,loff_t * pos)2420*4882a593Smuzhiyun static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
2421*4882a593Smuzhiyun {
2422*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2423*4882a593Smuzhiyun
2424*4882a593Smuzhiyun return smk_seq_start(s, pos, &tsp->smk_rules);
2425*4882a593Smuzhiyun }
2426*4882a593Smuzhiyun
load_self2_seq_next(struct seq_file * s,void * v,loff_t * pos)2427*4882a593Smuzhiyun static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
2428*4882a593Smuzhiyun {
2429*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2430*4882a593Smuzhiyun
2431*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &tsp->smk_rules);
2432*4882a593Smuzhiyun }
2433*4882a593Smuzhiyun
load_self2_seq_show(struct seq_file * s,void * v)2434*4882a593Smuzhiyun static int load_self2_seq_show(struct seq_file *s, void *v)
2435*4882a593Smuzhiyun {
2436*4882a593Smuzhiyun struct list_head *list = v;
2437*4882a593Smuzhiyun struct smack_rule *srp =
2438*4882a593Smuzhiyun list_entry_rcu(list, struct smack_rule, list);
2439*4882a593Smuzhiyun
2440*4882a593Smuzhiyun smk_rule_show(s, srp, SMK_LONGLABEL);
2441*4882a593Smuzhiyun
2442*4882a593Smuzhiyun return 0;
2443*4882a593Smuzhiyun }
2444*4882a593Smuzhiyun
2445*4882a593Smuzhiyun static const struct seq_operations load_self2_seq_ops = {
2446*4882a593Smuzhiyun .start = load_self2_seq_start,
2447*4882a593Smuzhiyun .next = load_self2_seq_next,
2448*4882a593Smuzhiyun .show = load_self2_seq_show,
2449*4882a593Smuzhiyun .stop = smk_seq_stop,
2450*4882a593Smuzhiyun };
2451*4882a593Smuzhiyun
2452*4882a593Smuzhiyun /**
2453*4882a593Smuzhiyun * smk_open_load_self2 - open() for /smack/load-self2
2454*4882a593Smuzhiyun * @inode: inode structure representing file
2455*4882a593Smuzhiyun * @file: "load" file pointer
2456*4882a593Smuzhiyun *
2457*4882a593Smuzhiyun * For reading, use load_seq_* seq_file reading operations.
2458*4882a593Smuzhiyun */
smk_open_load_self2(struct inode * inode,struct file * file)2459*4882a593Smuzhiyun static int smk_open_load_self2(struct inode *inode, struct file *file)
2460*4882a593Smuzhiyun {
2461*4882a593Smuzhiyun return seq_open(file, &load_self2_seq_ops);
2462*4882a593Smuzhiyun }
2463*4882a593Smuzhiyun
2464*4882a593Smuzhiyun /**
2465*4882a593Smuzhiyun * smk_write_load_self2 - write() for /smack/load-self2
2466*4882a593Smuzhiyun * @file: file pointer, not actually used
2467*4882a593Smuzhiyun * @buf: where to get the data from
2468*4882a593Smuzhiyun * @count: bytes sent
2469*4882a593Smuzhiyun * @ppos: where to start - must be 0
2470*4882a593Smuzhiyun *
2471*4882a593Smuzhiyun */
smk_write_load_self2(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2472*4882a593Smuzhiyun static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2473*4882a593Smuzhiyun size_t count, loff_t *ppos)
2474*4882a593Smuzhiyun {
2475*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2476*4882a593Smuzhiyun
2477*4882a593Smuzhiyun return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2478*4882a593Smuzhiyun &tsp->smk_rules_lock, SMK_LONG_FMT);
2479*4882a593Smuzhiyun }
2480*4882a593Smuzhiyun
2481*4882a593Smuzhiyun static const struct file_operations smk_load_self2_ops = {
2482*4882a593Smuzhiyun .open = smk_open_load_self2,
2483*4882a593Smuzhiyun .read = seq_read,
2484*4882a593Smuzhiyun .llseek = seq_lseek,
2485*4882a593Smuzhiyun .write = smk_write_load_self2,
2486*4882a593Smuzhiyun .release = seq_release,
2487*4882a593Smuzhiyun };
2488*4882a593Smuzhiyun
2489*4882a593Smuzhiyun /**
2490*4882a593Smuzhiyun * smk_write_access2 - handle access check transaction
2491*4882a593Smuzhiyun * @file: file pointer
2492*4882a593Smuzhiyun * @buf: data from user space
2493*4882a593Smuzhiyun * @count: bytes sent
2494*4882a593Smuzhiyun * @ppos: where to start - must be 0
2495*4882a593Smuzhiyun */
smk_write_access2(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2496*4882a593Smuzhiyun static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2497*4882a593Smuzhiyun size_t count, loff_t *ppos)
2498*4882a593Smuzhiyun {
2499*4882a593Smuzhiyun return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2500*4882a593Smuzhiyun }
2501*4882a593Smuzhiyun
2502*4882a593Smuzhiyun static const struct file_operations smk_access2_ops = {
2503*4882a593Smuzhiyun .write = smk_write_access2,
2504*4882a593Smuzhiyun .read = simple_transaction_read,
2505*4882a593Smuzhiyun .release = simple_transaction_release,
2506*4882a593Smuzhiyun .llseek = generic_file_llseek,
2507*4882a593Smuzhiyun };
2508*4882a593Smuzhiyun
2509*4882a593Smuzhiyun /**
2510*4882a593Smuzhiyun * smk_write_revoke_subj - write() for /smack/revoke-subject
2511*4882a593Smuzhiyun * @file: file pointer
2512*4882a593Smuzhiyun * @buf: data from user space
2513*4882a593Smuzhiyun * @count: bytes sent
2514*4882a593Smuzhiyun * @ppos: where to start - must be 0
2515*4882a593Smuzhiyun */
smk_write_revoke_subj(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2516*4882a593Smuzhiyun static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2517*4882a593Smuzhiyun size_t count, loff_t *ppos)
2518*4882a593Smuzhiyun {
2519*4882a593Smuzhiyun char *data;
2520*4882a593Smuzhiyun const char *cp;
2521*4882a593Smuzhiyun struct smack_known *skp;
2522*4882a593Smuzhiyun struct smack_rule *sp;
2523*4882a593Smuzhiyun struct list_head *rule_list;
2524*4882a593Smuzhiyun struct mutex *rule_lock;
2525*4882a593Smuzhiyun int rc = count;
2526*4882a593Smuzhiyun
2527*4882a593Smuzhiyun if (*ppos != 0)
2528*4882a593Smuzhiyun return -EINVAL;
2529*4882a593Smuzhiyun
2530*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2531*4882a593Smuzhiyun return -EPERM;
2532*4882a593Smuzhiyun
2533*4882a593Smuzhiyun if (count == 0 || count > SMK_LONGLABEL)
2534*4882a593Smuzhiyun return -EINVAL;
2535*4882a593Smuzhiyun
2536*4882a593Smuzhiyun data = memdup_user(buf, count);
2537*4882a593Smuzhiyun if (IS_ERR(data))
2538*4882a593Smuzhiyun return PTR_ERR(data);
2539*4882a593Smuzhiyun
2540*4882a593Smuzhiyun cp = smk_parse_smack(data, count);
2541*4882a593Smuzhiyun if (IS_ERR(cp)) {
2542*4882a593Smuzhiyun rc = PTR_ERR(cp);
2543*4882a593Smuzhiyun goto out_data;
2544*4882a593Smuzhiyun }
2545*4882a593Smuzhiyun
2546*4882a593Smuzhiyun skp = smk_find_entry(cp);
2547*4882a593Smuzhiyun if (skp == NULL)
2548*4882a593Smuzhiyun goto out_cp;
2549*4882a593Smuzhiyun
2550*4882a593Smuzhiyun rule_list = &skp->smk_rules;
2551*4882a593Smuzhiyun rule_lock = &skp->smk_rules_lock;
2552*4882a593Smuzhiyun
2553*4882a593Smuzhiyun mutex_lock(rule_lock);
2554*4882a593Smuzhiyun
2555*4882a593Smuzhiyun list_for_each_entry_rcu(sp, rule_list, list)
2556*4882a593Smuzhiyun sp->smk_access = 0;
2557*4882a593Smuzhiyun
2558*4882a593Smuzhiyun mutex_unlock(rule_lock);
2559*4882a593Smuzhiyun
2560*4882a593Smuzhiyun out_cp:
2561*4882a593Smuzhiyun kfree(cp);
2562*4882a593Smuzhiyun out_data:
2563*4882a593Smuzhiyun kfree(data);
2564*4882a593Smuzhiyun
2565*4882a593Smuzhiyun return rc;
2566*4882a593Smuzhiyun }
2567*4882a593Smuzhiyun
2568*4882a593Smuzhiyun static const struct file_operations smk_revoke_subj_ops = {
2569*4882a593Smuzhiyun .write = smk_write_revoke_subj,
2570*4882a593Smuzhiyun .read = simple_transaction_read,
2571*4882a593Smuzhiyun .release = simple_transaction_release,
2572*4882a593Smuzhiyun .llseek = generic_file_llseek,
2573*4882a593Smuzhiyun };
2574*4882a593Smuzhiyun
2575*4882a593Smuzhiyun /**
2576*4882a593Smuzhiyun * smk_init_sysfs - initialize /sys/fs/smackfs
2577*4882a593Smuzhiyun *
2578*4882a593Smuzhiyun */
smk_init_sysfs(void)2579*4882a593Smuzhiyun static int smk_init_sysfs(void)
2580*4882a593Smuzhiyun {
2581*4882a593Smuzhiyun return sysfs_create_mount_point(fs_kobj, "smackfs");
2582*4882a593Smuzhiyun }
2583*4882a593Smuzhiyun
2584*4882a593Smuzhiyun /**
2585*4882a593Smuzhiyun * smk_write_change_rule - write() for /smack/change-rule
2586*4882a593Smuzhiyun * @file: file pointer
2587*4882a593Smuzhiyun * @buf: data from user space
2588*4882a593Smuzhiyun * @count: bytes sent
2589*4882a593Smuzhiyun * @ppos: where to start - must be 0
2590*4882a593Smuzhiyun */
smk_write_change_rule(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2591*4882a593Smuzhiyun static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2592*4882a593Smuzhiyun size_t count, loff_t *ppos)
2593*4882a593Smuzhiyun {
2594*4882a593Smuzhiyun /*
2595*4882a593Smuzhiyun * Must have privilege.
2596*4882a593Smuzhiyun */
2597*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2598*4882a593Smuzhiyun return -EPERM;
2599*4882a593Smuzhiyun
2600*4882a593Smuzhiyun return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2601*4882a593Smuzhiyun SMK_CHANGE_FMT);
2602*4882a593Smuzhiyun }
2603*4882a593Smuzhiyun
2604*4882a593Smuzhiyun static const struct file_operations smk_change_rule_ops = {
2605*4882a593Smuzhiyun .write = smk_write_change_rule,
2606*4882a593Smuzhiyun .read = simple_transaction_read,
2607*4882a593Smuzhiyun .release = simple_transaction_release,
2608*4882a593Smuzhiyun .llseek = generic_file_llseek,
2609*4882a593Smuzhiyun };
2610*4882a593Smuzhiyun
2611*4882a593Smuzhiyun /**
2612*4882a593Smuzhiyun * smk_read_syslog - read() for smackfs/syslog
2613*4882a593Smuzhiyun * @filp: file pointer, not actually used
2614*4882a593Smuzhiyun * @buf: where to put the result
2615*4882a593Smuzhiyun * @cn: maximum to send along
2616*4882a593Smuzhiyun * @ppos: where to start
2617*4882a593Smuzhiyun *
2618*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
2619*4882a593Smuzhiyun */
smk_read_syslog(struct file * filp,char __user * buf,size_t cn,loff_t * ppos)2620*4882a593Smuzhiyun static ssize_t smk_read_syslog(struct file *filp, char __user *buf,
2621*4882a593Smuzhiyun size_t cn, loff_t *ppos)
2622*4882a593Smuzhiyun {
2623*4882a593Smuzhiyun struct smack_known *skp;
2624*4882a593Smuzhiyun ssize_t rc = -EINVAL;
2625*4882a593Smuzhiyun int asize;
2626*4882a593Smuzhiyun
2627*4882a593Smuzhiyun if (*ppos != 0)
2628*4882a593Smuzhiyun return 0;
2629*4882a593Smuzhiyun
2630*4882a593Smuzhiyun if (smack_syslog_label == NULL)
2631*4882a593Smuzhiyun skp = &smack_known_star;
2632*4882a593Smuzhiyun else
2633*4882a593Smuzhiyun skp = smack_syslog_label;
2634*4882a593Smuzhiyun
2635*4882a593Smuzhiyun asize = strlen(skp->smk_known) + 1;
2636*4882a593Smuzhiyun
2637*4882a593Smuzhiyun if (cn >= asize)
2638*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known,
2639*4882a593Smuzhiyun asize);
2640*4882a593Smuzhiyun
2641*4882a593Smuzhiyun return rc;
2642*4882a593Smuzhiyun }
2643*4882a593Smuzhiyun
2644*4882a593Smuzhiyun /**
2645*4882a593Smuzhiyun * smk_write_syslog - write() for smackfs/syslog
2646*4882a593Smuzhiyun * @file: file pointer, not actually used
2647*4882a593Smuzhiyun * @buf: where to get the data from
2648*4882a593Smuzhiyun * @count: bytes sent
2649*4882a593Smuzhiyun * @ppos: where to start
2650*4882a593Smuzhiyun *
2651*4882a593Smuzhiyun * Returns number of bytes written or error code, as appropriate
2652*4882a593Smuzhiyun */
smk_write_syslog(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2653*4882a593Smuzhiyun static ssize_t smk_write_syslog(struct file *file, const char __user *buf,
2654*4882a593Smuzhiyun size_t count, loff_t *ppos)
2655*4882a593Smuzhiyun {
2656*4882a593Smuzhiyun char *data;
2657*4882a593Smuzhiyun struct smack_known *skp;
2658*4882a593Smuzhiyun int rc = count;
2659*4882a593Smuzhiyun
2660*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2661*4882a593Smuzhiyun return -EPERM;
2662*4882a593Smuzhiyun
2663*4882a593Smuzhiyun /* Enough data must be present */
2664*4882a593Smuzhiyun if (count == 0 || count > PAGE_SIZE)
2665*4882a593Smuzhiyun return -EINVAL;
2666*4882a593Smuzhiyun
2667*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
2668*4882a593Smuzhiyun if (IS_ERR(data))
2669*4882a593Smuzhiyun return PTR_ERR(data);
2670*4882a593Smuzhiyun
2671*4882a593Smuzhiyun skp = smk_import_entry(data, count);
2672*4882a593Smuzhiyun if (IS_ERR(skp))
2673*4882a593Smuzhiyun rc = PTR_ERR(skp);
2674*4882a593Smuzhiyun else
2675*4882a593Smuzhiyun smack_syslog_label = skp;
2676*4882a593Smuzhiyun
2677*4882a593Smuzhiyun kfree(data);
2678*4882a593Smuzhiyun return rc;
2679*4882a593Smuzhiyun }
2680*4882a593Smuzhiyun
2681*4882a593Smuzhiyun static const struct file_operations smk_syslog_ops = {
2682*4882a593Smuzhiyun .read = smk_read_syslog,
2683*4882a593Smuzhiyun .write = smk_write_syslog,
2684*4882a593Smuzhiyun .llseek = default_llseek,
2685*4882a593Smuzhiyun };
2686*4882a593Smuzhiyun
2687*4882a593Smuzhiyun /*
2688*4882a593Smuzhiyun * Seq_file read operations for /smack/relabel-self
2689*4882a593Smuzhiyun */
2690*4882a593Smuzhiyun
relabel_self_seq_start(struct seq_file * s,loff_t * pos)2691*4882a593Smuzhiyun static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos)
2692*4882a593Smuzhiyun {
2693*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2694*4882a593Smuzhiyun
2695*4882a593Smuzhiyun return smk_seq_start(s, pos, &tsp->smk_relabel);
2696*4882a593Smuzhiyun }
2697*4882a593Smuzhiyun
relabel_self_seq_next(struct seq_file * s,void * v,loff_t * pos)2698*4882a593Smuzhiyun static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
2699*4882a593Smuzhiyun {
2700*4882a593Smuzhiyun struct task_smack *tsp = smack_cred(current_cred());
2701*4882a593Smuzhiyun
2702*4882a593Smuzhiyun return smk_seq_next(s, v, pos, &tsp->smk_relabel);
2703*4882a593Smuzhiyun }
2704*4882a593Smuzhiyun
relabel_self_seq_show(struct seq_file * s,void * v)2705*4882a593Smuzhiyun static int relabel_self_seq_show(struct seq_file *s, void *v)
2706*4882a593Smuzhiyun {
2707*4882a593Smuzhiyun struct list_head *list = v;
2708*4882a593Smuzhiyun struct smack_known_list_elem *sklep =
2709*4882a593Smuzhiyun list_entry(list, struct smack_known_list_elem, list);
2710*4882a593Smuzhiyun
2711*4882a593Smuzhiyun seq_puts(s, sklep->smk_label->smk_known);
2712*4882a593Smuzhiyun seq_putc(s, ' ');
2713*4882a593Smuzhiyun
2714*4882a593Smuzhiyun return 0;
2715*4882a593Smuzhiyun }
2716*4882a593Smuzhiyun
2717*4882a593Smuzhiyun static const struct seq_operations relabel_self_seq_ops = {
2718*4882a593Smuzhiyun .start = relabel_self_seq_start,
2719*4882a593Smuzhiyun .next = relabel_self_seq_next,
2720*4882a593Smuzhiyun .show = relabel_self_seq_show,
2721*4882a593Smuzhiyun .stop = smk_seq_stop,
2722*4882a593Smuzhiyun };
2723*4882a593Smuzhiyun
2724*4882a593Smuzhiyun /**
2725*4882a593Smuzhiyun * smk_open_relabel_self - open() for /smack/relabel-self
2726*4882a593Smuzhiyun * @inode: inode structure representing file
2727*4882a593Smuzhiyun * @file: "relabel-self" file pointer
2728*4882a593Smuzhiyun *
2729*4882a593Smuzhiyun * Connect our relabel_self_seq_* operations with /smack/relabel-self
2730*4882a593Smuzhiyun * file_operations
2731*4882a593Smuzhiyun */
smk_open_relabel_self(struct inode * inode,struct file * file)2732*4882a593Smuzhiyun static int smk_open_relabel_self(struct inode *inode, struct file *file)
2733*4882a593Smuzhiyun {
2734*4882a593Smuzhiyun return seq_open(file, &relabel_self_seq_ops);
2735*4882a593Smuzhiyun }
2736*4882a593Smuzhiyun
2737*4882a593Smuzhiyun /**
2738*4882a593Smuzhiyun * smk_write_relabel_self - write() for /smack/relabel-self
2739*4882a593Smuzhiyun * @file: file pointer, not actually used
2740*4882a593Smuzhiyun * @buf: where to get the data from
2741*4882a593Smuzhiyun * @count: bytes sent
2742*4882a593Smuzhiyun * @ppos: where to start - must be 0
2743*4882a593Smuzhiyun *
2744*4882a593Smuzhiyun */
smk_write_relabel_self(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2745*4882a593Smuzhiyun static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf,
2746*4882a593Smuzhiyun size_t count, loff_t *ppos)
2747*4882a593Smuzhiyun {
2748*4882a593Smuzhiyun char *data;
2749*4882a593Smuzhiyun int rc;
2750*4882a593Smuzhiyun LIST_HEAD(list_tmp);
2751*4882a593Smuzhiyun
2752*4882a593Smuzhiyun /*
2753*4882a593Smuzhiyun * Must have privilege.
2754*4882a593Smuzhiyun */
2755*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2756*4882a593Smuzhiyun return -EPERM;
2757*4882a593Smuzhiyun
2758*4882a593Smuzhiyun /*
2759*4882a593Smuzhiyun * No partial write.
2760*4882a593Smuzhiyun * Enough data must be present.
2761*4882a593Smuzhiyun */
2762*4882a593Smuzhiyun if (*ppos != 0)
2763*4882a593Smuzhiyun return -EINVAL;
2764*4882a593Smuzhiyun if (count == 0 || count > PAGE_SIZE)
2765*4882a593Smuzhiyun return -EINVAL;
2766*4882a593Smuzhiyun
2767*4882a593Smuzhiyun data = memdup_user_nul(buf, count);
2768*4882a593Smuzhiyun if (IS_ERR(data))
2769*4882a593Smuzhiyun return PTR_ERR(data);
2770*4882a593Smuzhiyun
2771*4882a593Smuzhiyun rc = smk_parse_label_list(data, &list_tmp);
2772*4882a593Smuzhiyun kfree(data);
2773*4882a593Smuzhiyun
2774*4882a593Smuzhiyun if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
2775*4882a593Smuzhiyun struct cred *new;
2776*4882a593Smuzhiyun struct task_smack *tsp;
2777*4882a593Smuzhiyun
2778*4882a593Smuzhiyun new = prepare_creds();
2779*4882a593Smuzhiyun if (!new) {
2780*4882a593Smuzhiyun rc = -ENOMEM;
2781*4882a593Smuzhiyun goto out;
2782*4882a593Smuzhiyun }
2783*4882a593Smuzhiyun tsp = smack_cred(new);
2784*4882a593Smuzhiyun smk_destroy_label_list(&tsp->smk_relabel);
2785*4882a593Smuzhiyun list_splice(&list_tmp, &tsp->smk_relabel);
2786*4882a593Smuzhiyun commit_creds(new);
2787*4882a593Smuzhiyun return count;
2788*4882a593Smuzhiyun }
2789*4882a593Smuzhiyun out:
2790*4882a593Smuzhiyun smk_destroy_label_list(&list_tmp);
2791*4882a593Smuzhiyun return rc;
2792*4882a593Smuzhiyun }
2793*4882a593Smuzhiyun
2794*4882a593Smuzhiyun static const struct file_operations smk_relabel_self_ops = {
2795*4882a593Smuzhiyun .open = smk_open_relabel_self,
2796*4882a593Smuzhiyun .read = seq_read,
2797*4882a593Smuzhiyun .llseek = seq_lseek,
2798*4882a593Smuzhiyun .write = smk_write_relabel_self,
2799*4882a593Smuzhiyun .release = seq_release,
2800*4882a593Smuzhiyun };
2801*4882a593Smuzhiyun
2802*4882a593Smuzhiyun /**
2803*4882a593Smuzhiyun * smk_read_ptrace - read() for /smack/ptrace
2804*4882a593Smuzhiyun * @filp: file pointer, not actually used
2805*4882a593Smuzhiyun * @buf: where to put the result
2806*4882a593Smuzhiyun * @count: maximum to send along
2807*4882a593Smuzhiyun * @ppos: where to start
2808*4882a593Smuzhiyun *
2809*4882a593Smuzhiyun * Returns number of bytes read or error code, as appropriate
2810*4882a593Smuzhiyun */
smk_read_ptrace(struct file * filp,char __user * buf,size_t count,loff_t * ppos)2811*4882a593Smuzhiyun static ssize_t smk_read_ptrace(struct file *filp, char __user *buf,
2812*4882a593Smuzhiyun size_t count, loff_t *ppos)
2813*4882a593Smuzhiyun {
2814*4882a593Smuzhiyun char temp[32];
2815*4882a593Smuzhiyun ssize_t rc;
2816*4882a593Smuzhiyun
2817*4882a593Smuzhiyun if (*ppos != 0)
2818*4882a593Smuzhiyun return 0;
2819*4882a593Smuzhiyun
2820*4882a593Smuzhiyun sprintf(temp, "%d\n", smack_ptrace_rule);
2821*4882a593Smuzhiyun rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
2822*4882a593Smuzhiyun return rc;
2823*4882a593Smuzhiyun }
2824*4882a593Smuzhiyun
2825*4882a593Smuzhiyun /**
2826*4882a593Smuzhiyun * smk_write_ptrace - write() for /smack/ptrace
2827*4882a593Smuzhiyun * @file: file pointer
2828*4882a593Smuzhiyun * @buf: data from user space
2829*4882a593Smuzhiyun * @count: bytes sent
2830*4882a593Smuzhiyun * @ppos: where to start - must be 0
2831*4882a593Smuzhiyun */
smk_write_ptrace(struct file * file,const char __user * buf,size_t count,loff_t * ppos)2832*4882a593Smuzhiyun static ssize_t smk_write_ptrace(struct file *file, const char __user *buf,
2833*4882a593Smuzhiyun size_t count, loff_t *ppos)
2834*4882a593Smuzhiyun {
2835*4882a593Smuzhiyun char temp[32];
2836*4882a593Smuzhiyun int i;
2837*4882a593Smuzhiyun
2838*4882a593Smuzhiyun if (!smack_privileged(CAP_MAC_ADMIN))
2839*4882a593Smuzhiyun return -EPERM;
2840*4882a593Smuzhiyun
2841*4882a593Smuzhiyun if (*ppos != 0 || count >= sizeof(temp) || count == 0)
2842*4882a593Smuzhiyun return -EINVAL;
2843*4882a593Smuzhiyun
2844*4882a593Smuzhiyun if (copy_from_user(temp, buf, count) != 0)
2845*4882a593Smuzhiyun return -EFAULT;
2846*4882a593Smuzhiyun
2847*4882a593Smuzhiyun temp[count] = '\0';
2848*4882a593Smuzhiyun
2849*4882a593Smuzhiyun if (sscanf(temp, "%d", &i) != 1)
2850*4882a593Smuzhiyun return -EINVAL;
2851*4882a593Smuzhiyun if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX)
2852*4882a593Smuzhiyun return -EINVAL;
2853*4882a593Smuzhiyun smack_ptrace_rule = i;
2854*4882a593Smuzhiyun
2855*4882a593Smuzhiyun return count;
2856*4882a593Smuzhiyun }
2857*4882a593Smuzhiyun
2858*4882a593Smuzhiyun static const struct file_operations smk_ptrace_ops = {
2859*4882a593Smuzhiyun .write = smk_write_ptrace,
2860*4882a593Smuzhiyun .read = smk_read_ptrace,
2861*4882a593Smuzhiyun .llseek = default_llseek,
2862*4882a593Smuzhiyun };
2863*4882a593Smuzhiyun
2864*4882a593Smuzhiyun /**
2865*4882a593Smuzhiyun * smk_fill_super - fill the smackfs superblock
2866*4882a593Smuzhiyun * @sb: the empty superblock
2867*4882a593Smuzhiyun * @fc: unused
2868*4882a593Smuzhiyun *
2869*4882a593Smuzhiyun * Fill in the well known entries for the smack filesystem
2870*4882a593Smuzhiyun *
2871*4882a593Smuzhiyun * Returns 0 on success, an error code on failure
2872*4882a593Smuzhiyun */
smk_fill_super(struct super_block * sb,struct fs_context * fc)2873*4882a593Smuzhiyun static int smk_fill_super(struct super_block *sb, struct fs_context *fc)
2874*4882a593Smuzhiyun {
2875*4882a593Smuzhiyun int rc;
2876*4882a593Smuzhiyun
2877*4882a593Smuzhiyun static const struct tree_descr smack_files[] = {
2878*4882a593Smuzhiyun [SMK_LOAD] = {
2879*4882a593Smuzhiyun "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2880*4882a593Smuzhiyun [SMK_CIPSO] = {
2881*4882a593Smuzhiyun "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2882*4882a593Smuzhiyun [SMK_DOI] = {
2883*4882a593Smuzhiyun "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2884*4882a593Smuzhiyun [SMK_DIRECT] = {
2885*4882a593Smuzhiyun "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2886*4882a593Smuzhiyun [SMK_AMBIENT] = {
2887*4882a593Smuzhiyun "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2888*4882a593Smuzhiyun [SMK_NET4ADDR] = {
2889*4882a593Smuzhiyun "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR},
2890*4882a593Smuzhiyun [SMK_ONLYCAP] = {
2891*4882a593Smuzhiyun "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2892*4882a593Smuzhiyun [SMK_LOGGING] = {
2893*4882a593Smuzhiyun "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2894*4882a593Smuzhiyun [SMK_LOAD_SELF] = {
2895*4882a593Smuzhiyun "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2896*4882a593Smuzhiyun [SMK_ACCESSES] = {
2897*4882a593Smuzhiyun "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2898*4882a593Smuzhiyun [SMK_MAPPED] = {
2899*4882a593Smuzhiyun "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2900*4882a593Smuzhiyun [SMK_LOAD2] = {
2901*4882a593Smuzhiyun "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2902*4882a593Smuzhiyun [SMK_LOAD_SELF2] = {
2903*4882a593Smuzhiyun "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2904*4882a593Smuzhiyun [SMK_ACCESS2] = {
2905*4882a593Smuzhiyun "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2906*4882a593Smuzhiyun [SMK_CIPSO2] = {
2907*4882a593Smuzhiyun "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2908*4882a593Smuzhiyun [SMK_REVOKE_SUBJ] = {
2909*4882a593Smuzhiyun "revoke-subject", &smk_revoke_subj_ops,
2910*4882a593Smuzhiyun S_IRUGO|S_IWUSR},
2911*4882a593Smuzhiyun [SMK_CHANGE_RULE] = {
2912*4882a593Smuzhiyun "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2913*4882a593Smuzhiyun [SMK_SYSLOG] = {
2914*4882a593Smuzhiyun "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR},
2915*4882a593Smuzhiyun [SMK_PTRACE] = {
2916*4882a593Smuzhiyun "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR},
2917*4882a593Smuzhiyun #ifdef CONFIG_SECURITY_SMACK_BRINGUP
2918*4882a593Smuzhiyun [SMK_UNCONFINED] = {
2919*4882a593Smuzhiyun "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR},
2920*4882a593Smuzhiyun #endif
2921*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_IPV6)
2922*4882a593Smuzhiyun [SMK_NET6ADDR] = {
2923*4882a593Smuzhiyun "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR},
2924*4882a593Smuzhiyun #endif /* CONFIG_IPV6 */
2925*4882a593Smuzhiyun [SMK_RELABEL_SELF] = {
2926*4882a593Smuzhiyun "relabel-self", &smk_relabel_self_ops,
2927*4882a593Smuzhiyun S_IRUGO|S_IWUGO},
2928*4882a593Smuzhiyun /* last one */
2929*4882a593Smuzhiyun {""}
2930*4882a593Smuzhiyun };
2931*4882a593Smuzhiyun
2932*4882a593Smuzhiyun rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2933*4882a593Smuzhiyun if (rc != 0) {
2934*4882a593Smuzhiyun printk(KERN_ERR "%s failed %d while creating inodes\n",
2935*4882a593Smuzhiyun __func__, rc);
2936*4882a593Smuzhiyun return rc;
2937*4882a593Smuzhiyun }
2938*4882a593Smuzhiyun
2939*4882a593Smuzhiyun return 0;
2940*4882a593Smuzhiyun }
2941*4882a593Smuzhiyun
2942*4882a593Smuzhiyun /**
2943*4882a593Smuzhiyun * smk_get_tree - get the smackfs superblock
2944*4882a593Smuzhiyun * @fc: The mount context, including any options
2945*4882a593Smuzhiyun *
2946*4882a593Smuzhiyun * Just passes everything along.
2947*4882a593Smuzhiyun *
2948*4882a593Smuzhiyun * Returns what the lower level code does.
2949*4882a593Smuzhiyun */
smk_get_tree(struct fs_context * fc)2950*4882a593Smuzhiyun static int smk_get_tree(struct fs_context *fc)
2951*4882a593Smuzhiyun {
2952*4882a593Smuzhiyun return get_tree_single(fc, smk_fill_super);
2953*4882a593Smuzhiyun }
2954*4882a593Smuzhiyun
2955*4882a593Smuzhiyun static const struct fs_context_operations smk_context_ops = {
2956*4882a593Smuzhiyun .get_tree = smk_get_tree,
2957*4882a593Smuzhiyun };
2958*4882a593Smuzhiyun
2959*4882a593Smuzhiyun /**
2960*4882a593Smuzhiyun * smk_init_fs_context - Initialise a filesystem context for smackfs
2961*4882a593Smuzhiyun * @fc: The blank mount context
2962*4882a593Smuzhiyun */
smk_init_fs_context(struct fs_context * fc)2963*4882a593Smuzhiyun static int smk_init_fs_context(struct fs_context *fc)
2964*4882a593Smuzhiyun {
2965*4882a593Smuzhiyun fc->ops = &smk_context_ops;
2966*4882a593Smuzhiyun return 0;
2967*4882a593Smuzhiyun }
2968*4882a593Smuzhiyun
2969*4882a593Smuzhiyun static struct file_system_type smk_fs_type = {
2970*4882a593Smuzhiyun .name = "smackfs",
2971*4882a593Smuzhiyun .init_fs_context = smk_init_fs_context,
2972*4882a593Smuzhiyun .kill_sb = kill_litter_super,
2973*4882a593Smuzhiyun };
2974*4882a593Smuzhiyun
2975*4882a593Smuzhiyun static struct vfsmount *smackfs_mount;
2976*4882a593Smuzhiyun
2977*4882a593Smuzhiyun /**
2978*4882a593Smuzhiyun * init_smk_fs - get the smackfs superblock
2979*4882a593Smuzhiyun *
2980*4882a593Smuzhiyun * register the smackfs
2981*4882a593Smuzhiyun *
2982*4882a593Smuzhiyun * Do not register smackfs if Smack wasn't enabled
2983*4882a593Smuzhiyun * on boot. We can not put this method normally under the
2984*4882a593Smuzhiyun * smack_init() code path since the security subsystem get
2985*4882a593Smuzhiyun * initialized before the vfs caches.
2986*4882a593Smuzhiyun *
2987*4882a593Smuzhiyun * Returns true if we were not chosen on boot or if
2988*4882a593Smuzhiyun * we were chosen and filesystem registration succeeded.
2989*4882a593Smuzhiyun */
init_smk_fs(void)2990*4882a593Smuzhiyun static int __init init_smk_fs(void)
2991*4882a593Smuzhiyun {
2992*4882a593Smuzhiyun int err;
2993*4882a593Smuzhiyun int rc;
2994*4882a593Smuzhiyun
2995*4882a593Smuzhiyun if (smack_enabled == 0)
2996*4882a593Smuzhiyun return 0;
2997*4882a593Smuzhiyun
2998*4882a593Smuzhiyun err = smk_init_sysfs();
2999*4882a593Smuzhiyun if (err)
3000*4882a593Smuzhiyun printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
3001*4882a593Smuzhiyun
3002*4882a593Smuzhiyun err = register_filesystem(&smk_fs_type);
3003*4882a593Smuzhiyun if (!err) {
3004*4882a593Smuzhiyun smackfs_mount = kern_mount(&smk_fs_type);
3005*4882a593Smuzhiyun if (IS_ERR(smackfs_mount)) {
3006*4882a593Smuzhiyun printk(KERN_ERR "smackfs: could not mount!\n");
3007*4882a593Smuzhiyun err = PTR_ERR(smackfs_mount);
3008*4882a593Smuzhiyun smackfs_mount = NULL;
3009*4882a593Smuzhiyun }
3010*4882a593Smuzhiyun }
3011*4882a593Smuzhiyun
3012*4882a593Smuzhiyun smk_cipso_doi();
3013*4882a593Smuzhiyun smk_unlbl_ambient(NULL);
3014*4882a593Smuzhiyun
3015*4882a593Smuzhiyun rc = smack_populate_secattr(&smack_known_floor);
3016*4882a593Smuzhiyun if (err == 0 && rc < 0)
3017*4882a593Smuzhiyun err = rc;
3018*4882a593Smuzhiyun rc = smack_populate_secattr(&smack_known_hat);
3019*4882a593Smuzhiyun if (err == 0 && rc < 0)
3020*4882a593Smuzhiyun err = rc;
3021*4882a593Smuzhiyun rc = smack_populate_secattr(&smack_known_huh);
3022*4882a593Smuzhiyun if (err == 0 && rc < 0)
3023*4882a593Smuzhiyun err = rc;
3024*4882a593Smuzhiyun rc = smack_populate_secattr(&smack_known_star);
3025*4882a593Smuzhiyun if (err == 0 && rc < 0)
3026*4882a593Smuzhiyun err = rc;
3027*4882a593Smuzhiyun rc = smack_populate_secattr(&smack_known_web);
3028*4882a593Smuzhiyun if (err == 0 && rc < 0)
3029*4882a593Smuzhiyun err = rc;
3030*4882a593Smuzhiyun
3031*4882a593Smuzhiyun return err;
3032*4882a593Smuzhiyun }
3033*4882a593Smuzhiyun
3034*4882a593Smuzhiyun __initcall(init_smk_fs);
3035