| security.c (ff72942caa586f2c0a81e2fbae2e8ea5e131d38f) | security.c (6bcdfd2cac5559c680aef8dd4c5facada55ab623) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Security plug functions 4 * 5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 6 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 8 * Copyright (C) 2016 Mellanox Technologies --- 17 unchanged lines hidden (view full) --- 26#include <linux/mman.h> 27#include <linux/mount.h> 28#include <linux/personality.h> 29#include <linux/backing-dev.h> 30#include <linux/string.h> 31#include <linux/msg.h> 32#include <net/flow.h> 33 | 1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Security plug functions 4 * 5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 6 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 8 * Copyright (C) 2016 Mellanox Technologies --- 17 unchanged lines hidden (view full) --- 26#include <linux/mman.h> 27#include <linux/mount.h> 28#include <linux/personality.h> 29#include <linux/backing-dev.h> 30#include <linux/string.h> 31#include <linux/msg.h> 32#include <net/flow.h> 33 |
| 34#define MAX_LSM_EVM_XATTR 2 35 | |
| 36/* How many LSMs were built into the kernel? */ 37#define LSM_COUNT (__end_lsm_info - __start_lsm_info) 38 39/* 40 * These are descriptions of the reasons that can be passed to the 41 * security_locked_down() LSM hook. Placing this array here allows 42 * all security modules to use the same descriptions for auditing 43 * purposes. --- 163 unchanged lines hidden (view full) --- 207 */ 208 if (needed->lbs_inode && blob_sizes.lbs_inode == 0) 209 blob_sizes.lbs_inode = sizeof(struct rcu_head); 210 lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); 211 lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); 212 lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); 213 lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); 214 lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); | 34/* How many LSMs were built into the kernel? */ 35#define LSM_COUNT (__end_lsm_info - __start_lsm_info) 36 37/* 38 * These are descriptions of the reasons that can be passed to the 39 * security_locked_down() LSM hook. Placing this array here allows 40 * all security modules to use the same descriptions for auditing 41 * purposes. --- 163 unchanged lines hidden (view full) --- 205 */ 206 if (needed->lbs_inode && blob_sizes.lbs_inode == 0) 207 blob_sizes.lbs_inode = sizeof(struct rcu_head); 208 lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); 209 lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); 210 lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg); 211 lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock); 212 lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); |
| 213 lsm_set_blob_size(&needed->lbs_xattr_count, 214 &blob_sizes.lbs_xattr_count); |
|
| 215} 216 217/* Prepare LSM for initialization. */ 218static void __init prepare_lsm(struct lsm_info *lsm) 219{ 220 int enabled = lsm_allowed(lsm); 221 222 /* Record enablement (to handle any following exclusive LSMs). */ --- 150 unchanged lines hidden (view full) --- 373 374 init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); 375 init_debug("file blob size = %d\n", blob_sizes.lbs_file); 376 init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); 377 init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); 378 init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); 379 init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); 380 init_debug("task blob size = %d\n", blob_sizes.lbs_task); | 215} 216 217/* Prepare LSM for initialization. */ 218static void __init prepare_lsm(struct lsm_info *lsm) 219{ 220 int enabled = lsm_allowed(lsm); 221 222 /* Record enablement (to handle any following exclusive LSMs). */ --- 150 unchanged lines hidden (view full) --- 373 374 init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); 375 init_debug("file blob size = %d\n", blob_sizes.lbs_file); 376 init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); 377 init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); 378 init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); 379 init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); 380 init_debug("task blob size = %d\n", blob_sizes.lbs_task); |
| 381 init_debug("xattr slots = %d\n", blob_sizes.lbs_xattr_count); |
|
| 381 382 /* 383 * Create any kmem_caches needed for blobs 384 */ 385 if (blob_sizes.lbs_file) 386 lsm_file_cache = kmem_cache_create("lsm_file_cache", 387 blob_sizes.lbs_file, 0, 388 SLAB_PANIC, NULL); --- 1197 unchanged lines hidden (view full) --- 1586 * @qstr: last component of the pathname 1587 * @initxattrs: callback function to write xattrs 1588 * @fs_data: filesystem specific data 1589 * 1590 * Obtain the security attribute name suffix and value to set on a newly 1591 * created inode and set up the incore security field for the new inode. This 1592 * hook is called by the fs code as part of the inode creation transaction and 1593 * provides for atomic labeling of the inode, unlike the post_create/mkdir/... | 382 383 /* 384 * Create any kmem_caches needed for blobs 385 */ 386 if (blob_sizes.lbs_file) 387 lsm_file_cache = kmem_cache_create("lsm_file_cache", 388 blob_sizes.lbs_file, 0, 389 SLAB_PANIC, NULL); --- 1197 unchanged lines hidden (view full) --- 1587 * @qstr: last component of the pathname 1588 * @initxattrs: callback function to write xattrs 1589 * @fs_data: filesystem specific data 1590 * 1591 * Obtain the security attribute name suffix and value to set on a newly 1592 * created inode and set up the incore security field for the new inode. This 1593 * hook is called by the fs code as part of the inode creation transaction and 1594 * provides for atomic labeling of the inode, unlike the post_create/mkdir/... |
| 1594 * hooks called by the VFS. The hook function is expected to allocate the name 1595 * and value via kmalloc, with the caller being responsible for calling kfree 1596 * after using them. If the security module does not use security attributes 1597 * or does not wish to put a security attribute on this particular inode, then 1598 * it should return -EOPNOTSUPP to skip this processing. | 1595 * hooks called by the VFS. |
| 1599 * | 1596 * |
| 1597 * The hook function is expected to populate the xattrs array, by calling 1598 * lsm_get_xattr_slot() to retrieve the slots reserved by the security module 1599 * with the lbs_xattr_count field of the lsm_blob_sizes structure. For each 1600 * slot, the hook function should set ->name to the attribute name suffix 1601 * (e.g. selinux), to allocate ->value (will be freed by the caller) and set it 1602 * to the attribute value, to set ->value_len to the length of the value. If 1603 * the security module does not use security attributes or does not wish to put 1604 * a security attribute on this particular inode, then it should return 1605 * -EOPNOTSUPP to skip this processing. 1606 * |
|
| 1600 * Return: Returns 0 on success, -EOPNOTSUPP if no security attribute is 1601 * needed, or -ENOMEM on memory allocation failure. 1602 */ 1603int security_inode_init_security(struct inode *inode, struct inode *dir, 1604 const struct qstr *qstr, 1605 const initxattrs initxattrs, void *fs_data) 1606{ | 1607 * Return: Returns 0 on success, -EOPNOTSUPP if no security attribute is 1608 * needed, or -ENOMEM on memory allocation failure. 1609 */ 1610int security_inode_init_security(struct inode *inode, struct inode *dir, 1611 const struct qstr *qstr, 1612 const initxattrs initxattrs, void *fs_data) 1613{ |
| 1607 struct xattr new_xattrs[MAX_LSM_EVM_XATTR + 1]; 1608 struct xattr *lsm_xattr, *evm_xattr, *xattr; 1609 int ret; | 1614 struct security_hook_list *hp; 1615 struct xattr *new_xattrs = NULL; 1616 int ret = -EOPNOTSUPP, xattr_count = 0; |
| 1610 1611 if (unlikely(IS_PRIVATE(inode))) 1612 return 0; 1613 | 1617 1618 if (unlikely(IS_PRIVATE(inode))) 1619 return 0; 1620 |
| 1614 if (!initxattrs) 1615 return call_int_hook(inode_init_security, -EOPNOTSUPP, inode, 1616 dir, qstr, NULL, NULL, NULL); 1617 memset(new_xattrs, 0, sizeof(new_xattrs)); 1618 lsm_xattr = new_xattrs; 1619 ret = call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir, qstr, 1620 &lsm_xattr->name, 1621 &lsm_xattr->value, 1622 &lsm_xattr->value_len); 1623 if (ret) | 1621 if (!blob_sizes.lbs_xattr_count) 1622 return 0; 1623 1624 if (initxattrs) { 1625 /* Allocate +1 for EVM and +1 as terminator. */ 1626 new_xattrs = kcalloc(blob_sizes.lbs_xattr_count + 2, 1627 sizeof(*new_xattrs), GFP_NOFS); 1628 if (!new_xattrs) 1629 return -ENOMEM; 1630 } 1631 1632 hlist_for_each_entry(hp, &security_hook_heads.inode_init_security, 1633 list) { 1634 ret = hp->hook.inode_init_security(inode, dir, qstr, new_xattrs, 1635 &xattr_count); 1636 if (ret && ret != -EOPNOTSUPP) 1637 goto out; 1638 /* 1639 * As documented in lsm_hooks.h, -EOPNOTSUPP in this context 1640 * means that the LSM is not willing to provide an xattr, not 1641 * that it wants to signal an error. Thus, continue to invoke 1642 * the remaining LSMs. 1643 */ 1644 } 1645 1646 /* If initxattrs() is NULL, xattr_count is zero, skip the call. */ 1647 if (!xattr_count) |
| 1624 goto out; 1625 | 1648 goto out; 1649 |
| 1626 evm_xattr = lsm_xattr + 1; 1627 ret = evm_inode_init_security(inode, lsm_xattr, evm_xattr); | 1650 ret = evm_inode_init_security(inode, new_xattrs, 1651 &new_xattrs[xattr_count]); |
| 1628 if (ret) 1629 goto out; 1630 ret = initxattrs(inode, new_xattrs, fs_data); 1631out: | 1652 if (ret) 1653 goto out; 1654 ret = initxattrs(inode, new_xattrs, fs_data); 1655out: |
| 1632 for (xattr = new_xattrs; xattr->value != NULL; xattr++) 1633 kfree(xattr->value); | 1656 for (; xattr_count > 0; xattr_count--) 1657 kfree(new_xattrs[xattr_count - 1].value); 1658 kfree(new_xattrs); |
| 1634 return (ret == -EOPNOTSUPP) ? 0 : ret; 1635} 1636EXPORT_SYMBOL(security_inode_init_security); 1637 1638/** 1639 * security_inode_init_security_anon() - Initialize an anonymous inode 1640 * @inode: the inode 1641 * @name: the anonymous inode class --- 3652 unchanged lines hidden --- | 1659 return (ret == -EOPNOTSUPP) ? 0 : ret; 1660} 1661EXPORT_SYMBOL(security_inode_init_security); 1662 1663/** 1664 * security_inode_init_security_anon() - Initialize an anonymous inode 1665 * @inode: the inode 1666 * @name: the anonymous inode class --- 3652 unchanged lines hidden --- |