1 // SPDX-License-Identifier: GPL-2.0-only 2 /* Updated: Karl MacMillan <kmacmillan@tresys.com> 3 * 4 * Added conditional policy language extensions 5 * 6 * Updated: Hewlett-Packard <paul@paul-moore.com> 7 * 8 * Added support for the policy capability bitmap 9 * 10 * Copyright (C) 2007 Hewlett-Packard Development Company, L.P. 11 * Copyright (C) 2003 - 2004 Tresys Technology, LLC 12 * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/pagemap.h> 17 #include <linux/slab.h> 18 #include <linux/vmalloc.h> 19 #include <linux/fs.h> 20 #include <linux/fs_context.h> 21 #include <linux/mount.h> 22 #include <linux/mutex.h> 23 #include <linux/namei.h> 24 #include <linux/init.h> 25 #include <linux/string.h> 26 #include <linux/security.h> 27 #include <linux/major.h> 28 #include <linux/seq_file.h> 29 #include <linux/percpu.h> 30 #include <linux/audit.h> 31 #include <linux/uaccess.h> 32 #include <linux/kobject.h> 33 #include <linux/ctype.h> 34 35 /* selinuxfs pseudo filesystem for exporting the security policy API. 36 Based on the proc code and the fs/nfsd/nfsctl.c code. */ 37 38 #include "flask.h" 39 #include "avc.h" 40 #include "avc_ss.h" 41 #include "security.h" 42 #include "objsec.h" 43 #include "conditional.h" 44 #include "ima.h" 45 46 enum sel_inos { 47 SEL_ROOT_INO = 2, 48 SEL_LOAD, /* load policy */ 49 SEL_ENFORCE, /* get or set enforcing status */ 50 SEL_CONTEXT, /* validate context */ 51 SEL_ACCESS, /* compute access decision */ 52 SEL_CREATE, /* compute create labeling decision */ 53 SEL_RELABEL, /* compute relabeling decision */ 54 SEL_USER, /* compute reachable user contexts */ 55 SEL_POLICYVERS, /* return policy version for this kernel */ 56 SEL_COMMIT_BOOLS, /* commit new boolean values */ 57 SEL_MLS, /* return if MLS policy is enabled */ 58 SEL_DISABLE, /* disable SELinux until next reboot */ 59 SEL_MEMBER, /* compute polyinstantiation membership decision */ 60 SEL_CHECKREQPROT, /* check requested protection, not kernel-applied one */ 61 SEL_COMPAT_NET, /* whether to use old compat network packet controls */ 62 SEL_REJECT_UNKNOWN, /* export unknown reject handling to userspace */ 63 SEL_DENY_UNKNOWN, /* export unknown deny handling to userspace */ 64 SEL_STATUS, /* export current status using mmap() */ 65 SEL_POLICY, /* allow userspace to read the in kernel policy */ 66 SEL_VALIDATE_TRANS, /* compute validatetrans decision */ 67 SEL_INO_NEXT, /* The next inode number to use */ 68 }; 69 70 struct selinux_fs_info { 71 struct dentry *bool_dir; 72 unsigned int bool_num; 73 char **bool_pending_names; 74 int *bool_pending_values; 75 struct dentry *class_dir; 76 unsigned long last_class_ino; 77 bool policy_opened; 78 struct dentry *policycap_dir; 79 unsigned long last_ino; 80 struct super_block *sb; 81 }; 82 83 static int selinux_fs_info_create(struct super_block *sb) 84 { 85 struct selinux_fs_info *fsi; 86 87 fsi = kzalloc(sizeof(*fsi), GFP_KERNEL); 88 if (!fsi) 89 return -ENOMEM; 90 91 fsi->last_ino = SEL_INO_NEXT - 1; 92 fsi->sb = sb; 93 sb->s_fs_info = fsi; 94 return 0; 95 } 96 97 static void selinux_fs_info_free(struct super_block *sb) 98 { 99 struct selinux_fs_info *fsi = sb->s_fs_info; 100 unsigned int i; 101 102 if (fsi) { 103 for (i = 0; i < fsi->bool_num; i++) 104 kfree(fsi->bool_pending_names[i]); 105 kfree(fsi->bool_pending_names); 106 kfree(fsi->bool_pending_values); 107 } 108 kfree(sb->s_fs_info); 109 sb->s_fs_info = NULL; 110 } 111 112 #define SEL_INITCON_INO_OFFSET 0x01000000 113 #define SEL_BOOL_INO_OFFSET 0x02000000 114 #define SEL_CLASS_INO_OFFSET 0x04000000 115 #define SEL_POLICYCAP_INO_OFFSET 0x08000000 116 #define SEL_INO_MASK 0x00ffffff 117 118 #define BOOL_DIR_NAME "booleans" 119 #define CLASS_DIR_NAME "class" 120 #define POLICYCAP_DIR_NAME "policy_capabilities" 121 122 #define TMPBUFLEN 12 123 static ssize_t sel_read_enforce(struct file *filp, char __user *buf, 124 size_t count, loff_t *ppos) 125 { 126 char tmpbuf[TMPBUFLEN]; 127 ssize_t length; 128 129 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", 130 enforcing_enabled()); 131 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 132 } 133 134 #ifdef CONFIG_SECURITY_SELINUX_DEVELOP 135 static ssize_t sel_write_enforce(struct file *file, const char __user *buf, 136 size_t count, loff_t *ppos) 137 138 { 139 char *page = NULL; 140 ssize_t length; 141 int scan_value; 142 bool old_value, new_value; 143 144 if (count >= PAGE_SIZE) 145 return -ENOMEM; 146 147 /* No partial writes. */ 148 if (*ppos != 0) 149 return -EINVAL; 150 151 page = memdup_user_nul(buf, count); 152 if (IS_ERR(page)) 153 return PTR_ERR(page); 154 155 length = -EINVAL; 156 if (sscanf(page, "%d", &scan_value) != 1) 157 goto out; 158 159 new_value = !!scan_value; 160 161 old_value = enforcing_enabled(); 162 if (new_value != old_value) { 163 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 164 SECCLASS_SECURITY, SECURITY__SETENFORCE, 165 NULL); 166 if (length) 167 goto out; 168 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS, 169 "enforcing=%d old_enforcing=%d auid=%u ses=%u" 170 " enabled=1 old-enabled=1 lsm=selinux res=1", 171 new_value, old_value, 172 from_kuid(&init_user_ns, audit_get_loginuid(current)), 173 audit_get_sessionid(current)); 174 enforcing_set(new_value); 175 if (new_value) 176 avc_ss_reset(0); 177 selnl_notify_setenforce(new_value); 178 selinux_status_update_setenforce(new_value); 179 if (!new_value) 180 call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL); 181 182 selinux_ima_measure_state(); 183 } 184 length = count; 185 out: 186 kfree(page); 187 return length; 188 } 189 #else 190 #define sel_write_enforce NULL 191 #endif 192 193 static const struct file_operations sel_enforce_ops = { 194 .read = sel_read_enforce, 195 .write = sel_write_enforce, 196 .llseek = generic_file_llseek, 197 }; 198 199 static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, 200 size_t count, loff_t *ppos) 201 { 202 char tmpbuf[TMPBUFLEN]; 203 ssize_t length; 204 ino_t ino = file_inode(filp)->i_ino; 205 int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ? 206 security_get_reject_unknown() : 207 !security_get_allow_unknown(); 208 209 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown); 210 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 211 } 212 213 static const struct file_operations sel_handle_unknown_ops = { 214 .read = sel_read_handle_unknown, 215 .llseek = generic_file_llseek, 216 }; 217 218 static int sel_open_handle_status(struct inode *inode, struct file *filp) 219 { 220 struct page *status = selinux_kernel_status_page(); 221 222 if (!status) 223 return -ENOMEM; 224 225 filp->private_data = status; 226 227 return 0; 228 } 229 230 static ssize_t sel_read_handle_status(struct file *filp, char __user *buf, 231 size_t count, loff_t *ppos) 232 { 233 struct page *status = filp->private_data; 234 235 BUG_ON(!status); 236 237 return simple_read_from_buffer(buf, count, ppos, 238 page_address(status), 239 sizeof(struct selinux_kernel_status)); 240 } 241 242 static int sel_mmap_handle_status(struct file *filp, 243 struct vm_area_struct *vma) 244 { 245 struct page *status = filp->private_data; 246 unsigned long size = vma->vm_end - vma->vm_start; 247 248 BUG_ON(!status); 249 250 /* only allows one page from the head */ 251 if (vma->vm_pgoff > 0 || size != PAGE_SIZE) 252 return -EIO; 253 /* disallow writable mapping */ 254 if (vma->vm_flags & VM_WRITE) 255 return -EPERM; 256 /* disallow mprotect() turns it into writable */ 257 vm_flags_clear(vma, VM_MAYWRITE); 258 259 return remap_pfn_range(vma, vma->vm_start, 260 page_to_pfn(status), 261 size, vma->vm_page_prot); 262 } 263 264 static const struct file_operations sel_handle_status_ops = { 265 .open = sel_open_handle_status, 266 .read = sel_read_handle_status, 267 .mmap = sel_mmap_handle_status, 268 .llseek = generic_file_llseek, 269 }; 270 271 static ssize_t sel_write_disable(struct file *file, const char __user *buf, 272 size_t count, loff_t *ppos) 273 274 { 275 char *page; 276 ssize_t length; 277 int new_value; 278 279 if (count >= PAGE_SIZE) 280 return -ENOMEM; 281 282 /* No partial writes. */ 283 if (*ppos != 0) 284 return -EINVAL; 285 286 page = memdup_user_nul(buf, count); 287 if (IS_ERR(page)) 288 return PTR_ERR(page); 289 290 if (sscanf(page, "%d", &new_value) != 1) { 291 length = -EINVAL; 292 goto out; 293 } 294 length = count; 295 296 if (new_value) { 297 pr_err("SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-runtime-disable\n"); 298 pr_err("SELinux: Runtime disable is not supported, use selinux=0 on the kernel cmdline.\n"); 299 } 300 301 out: 302 kfree(page); 303 return length; 304 } 305 306 static const struct file_operations sel_disable_ops = { 307 .write = sel_write_disable, 308 .llseek = generic_file_llseek, 309 }; 310 311 static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, 312 size_t count, loff_t *ppos) 313 { 314 char tmpbuf[TMPBUFLEN]; 315 ssize_t length; 316 317 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX); 318 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 319 } 320 321 static const struct file_operations sel_policyvers_ops = { 322 .read = sel_read_policyvers, 323 .llseek = generic_file_llseek, 324 }; 325 326 /* declaration for sel_write_load */ 327 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir, 328 unsigned int *bool_num, char ***bool_pending_names, 329 int **bool_pending_values); 330 static int sel_make_classes(struct selinux_policy *newpolicy, 331 struct dentry *class_dir, 332 unsigned long *last_class_ino); 333 334 /* declaration for sel_make_class_dirs */ 335 static struct dentry *sel_make_dir(struct dentry *dir, const char *name, 336 unsigned long *ino); 337 338 /* declaration for sel_make_policy_nodes */ 339 static struct dentry *sel_make_disconnected_dir(struct super_block *sb, 340 unsigned long *ino); 341 342 /* declaration for sel_make_policy_nodes */ 343 static void sel_remove_entries(struct dentry *de); 344 345 static ssize_t sel_read_mls(struct file *filp, char __user *buf, 346 size_t count, loff_t *ppos) 347 { 348 char tmpbuf[TMPBUFLEN]; 349 ssize_t length; 350 351 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", 352 security_mls_enabled()); 353 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 354 } 355 356 static const struct file_operations sel_mls_ops = { 357 .read = sel_read_mls, 358 .llseek = generic_file_llseek, 359 }; 360 361 struct policy_load_memory { 362 size_t len; 363 void *data; 364 }; 365 366 static int sel_open_policy(struct inode *inode, struct file *filp) 367 { 368 struct selinux_fs_info *fsi = inode->i_sb->s_fs_info; 369 struct policy_load_memory *plm = NULL; 370 int rc; 371 372 BUG_ON(filp->private_data); 373 374 mutex_lock(&selinux_state.policy_mutex); 375 376 rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, 377 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 378 if (rc) 379 goto err; 380 381 rc = -EBUSY; 382 if (fsi->policy_opened) 383 goto err; 384 385 rc = -ENOMEM; 386 plm = kzalloc(sizeof(*plm), GFP_KERNEL); 387 if (!plm) 388 goto err; 389 390 rc = security_read_policy(&plm->data, &plm->len); 391 if (rc) 392 goto err; 393 394 if ((size_t)i_size_read(inode) != plm->len) { 395 inode_lock(inode); 396 i_size_write(inode, plm->len); 397 inode_unlock(inode); 398 } 399 400 fsi->policy_opened = 1; 401 402 filp->private_data = plm; 403 404 mutex_unlock(&selinux_state.policy_mutex); 405 406 return 0; 407 err: 408 mutex_unlock(&selinux_state.policy_mutex); 409 410 if (plm) 411 vfree(plm->data); 412 kfree(plm); 413 return rc; 414 } 415 416 static int sel_release_policy(struct inode *inode, struct file *filp) 417 { 418 struct selinux_fs_info *fsi = inode->i_sb->s_fs_info; 419 struct policy_load_memory *plm = filp->private_data; 420 421 BUG_ON(!plm); 422 423 fsi->policy_opened = 0; 424 425 vfree(plm->data); 426 kfree(plm); 427 428 return 0; 429 } 430 431 static ssize_t sel_read_policy(struct file *filp, char __user *buf, 432 size_t count, loff_t *ppos) 433 { 434 struct policy_load_memory *plm = filp->private_data; 435 int ret; 436 437 ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, 438 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 439 if (ret) 440 return ret; 441 442 return simple_read_from_buffer(buf, count, ppos, plm->data, plm->len); 443 } 444 445 static vm_fault_t sel_mmap_policy_fault(struct vm_fault *vmf) 446 { 447 struct policy_load_memory *plm = vmf->vma->vm_file->private_data; 448 unsigned long offset; 449 struct page *page; 450 451 if (vmf->flags & (FAULT_FLAG_MKWRITE | FAULT_FLAG_WRITE)) 452 return VM_FAULT_SIGBUS; 453 454 offset = vmf->pgoff << PAGE_SHIFT; 455 if (offset >= roundup(plm->len, PAGE_SIZE)) 456 return VM_FAULT_SIGBUS; 457 458 page = vmalloc_to_page(plm->data + offset); 459 get_page(page); 460 461 vmf->page = page; 462 463 return 0; 464 } 465 466 static const struct vm_operations_struct sel_mmap_policy_ops = { 467 .fault = sel_mmap_policy_fault, 468 .page_mkwrite = sel_mmap_policy_fault, 469 }; 470 471 static int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma) 472 { 473 if (vma->vm_flags & VM_SHARED) { 474 /* do not allow mprotect to make mapping writable */ 475 vm_flags_clear(vma, VM_MAYWRITE); 476 477 if (vma->vm_flags & VM_WRITE) 478 return -EACCES; 479 } 480 481 vm_flags_set(vma, VM_DONTEXPAND | VM_DONTDUMP); 482 vma->vm_ops = &sel_mmap_policy_ops; 483 484 return 0; 485 } 486 487 static const struct file_operations sel_policy_ops = { 488 .open = sel_open_policy, 489 .read = sel_read_policy, 490 .mmap = sel_mmap_policy, 491 .release = sel_release_policy, 492 .llseek = generic_file_llseek, 493 }; 494 495 static void sel_remove_old_bool_data(unsigned int bool_num, char **bool_names, 496 int *bool_values) 497 { 498 u32 i; 499 500 /* bool_dir cleanup */ 501 for (i = 0; i < bool_num; i++) 502 kfree(bool_names[i]); 503 kfree(bool_names); 504 kfree(bool_values); 505 } 506 507 static int sel_make_policy_nodes(struct selinux_fs_info *fsi, 508 struct selinux_policy *newpolicy) 509 { 510 int ret = 0; 511 struct dentry *tmp_parent, *tmp_bool_dir, *tmp_class_dir, *old_dentry; 512 unsigned int tmp_bool_num, old_bool_num; 513 char **tmp_bool_names, **old_bool_names; 514 int *tmp_bool_values, *old_bool_values; 515 unsigned long tmp_ino = fsi->last_ino; /* Don't increment last_ino in this function */ 516 517 tmp_parent = sel_make_disconnected_dir(fsi->sb, &tmp_ino); 518 if (IS_ERR(tmp_parent)) 519 return PTR_ERR(tmp_parent); 520 521 tmp_ino = fsi->bool_dir->d_inode->i_ino - 1; /* sel_make_dir will increment and set */ 522 tmp_bool_dir = sel_make_dir(tmp_parent, BOOL_DIR_NAME, &tmp_ino); 523 if (IS_ERR(tmp_bool_dir)) { 524 ret = PTR_ERR(tmp_bool_dir); 525 goto out; 526 } 527 528 tmp_ino = fsi->class_dir->d_inode->i_ino - 1; /* sel_make_dir will increment and set */ 529 tmp_class_dir = sel_make_dir(tmp_parent, CLASS_DIR_NAME, &tmp_ino); 530 if (IS_ERR(tmp_class_dir)) { 531 ret = PTR_ERR(tmp_class_dir); 532 goto out; 533 } 534 535 ret = sel_make_bools(newpolicy, tmp_bool_dir, &tmp_bool_num, 536 &tmp_bool_names, &tmp_bool_values); 537 if (ret) 538 goto out; 539 540 ret = sel_make_classes(newpolicy, tmp_class_dir, 541 &fsi->last_class_ino); 542 if (ret) 543 goto out; 544 545 /* booleans */ 546 old_dentry = fsi->bool_dir; 547 lock_rename(tmp_bool_dir, old_dentry); 548 d_exchange(tmp_bool_dir, fsi->bool_dir); 549 550 old_bool_num = fsi->bool_num; 551 old_bool_names = fsi->bool_pending_names; 552 old_bool_values = fsi->bool_pending_values; 553 554 fsi->bool_num = tmp_bool_num; 555 fsi->bool_pending_names = tmp_bool_names; 556 fsi->bool_pending_values = tmp_bool_values; 557 558 sel_remove_old_bool_data(old_bool_num, old_bool_names, old_bool_values); 559 560 fsi->bool_dir = tmp_bool_dir; 561 unlock_rename(tmp_bool_dir, old_dentry); 562 563 /* classes */ 564 old_dentry = fsi->class_dir; 565 lock_rename(tmp_class_dir, old_dentry); 566 d_exchange(tmp_class_dir, fsi->class_dir); 567 fsi->class_dir = tmp_class_dir; 568 unlock_rename(tmp_class_dir, old_dentry); 569 570 out: 571 /* Since the other temporary dirs are children of tmp_parent 572 * this will handle all the cleanup in the case of a failure before 573 * the swapover 574 */ 575 sel_remove_entries(tmp_parent); 576 dput(tmp_parent); /* d_genocide() only handles the children */ 577 578 return ret; 579 } 580 581 static ssize_t sel_write_load(struct file *file, const char __user *buf, 582 size_t count, loff_t *ppos) 583 584 { 585 struct selinux_fs_info *fsi; 586 struct selinux_load_state load_state; 587 ssize_t length; 588 void *data = NULL; 589 590 /* no partial writes */ 591 if (*ppos) 592 return -EINVAL; 593 /* no empty policies */ 594 if (!count) 595 return -EINVAL; 596 597 mutex_lock(&selinux_state.policy_mutex); 598 599 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 600 SECCLASS_SECURITY, SECURITY__LOAD_POLICY, NULL); 601 if (length) 602 goto out; 603 604 data = vmalloc(count); 605 if (!data) { 606 length = -ENOMEM; 607 goto out; 608 } 609 if (copy_from_user(data, buf, count) != 0) { 610 length = -EFAULT; 611 goto out; 612 } 613 614 length = security_load_policy(data, count, &load_state); 615 if (length) { 616 pr_warn_ratelimited("SELinux: failed to load policy\n"); 617 goto out; 618 } 619 fsi = file_inode(file)->i_sb->s_fs_info; 620 length = sel_make_policy_nodes(fsi, load_state.policy); 621 if (length) { 622 pr_warn_ratelimited("SELinux: failed to initialize selinuxfs\n"); 623 selinux_policy_cancel(&load_state); 624 goto out; 625 } 626 627 selinux_policy_commit(&load_state); 628 length = count; 629 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, 630 "auid=%u ses=%u lsm=selinux res=1", 631 from_kuid(&init_user_ns, audit_get_loginuid(current)), 632 audit_get_sessionid(current)); 633 634 out: 635 mutex_unlock(&selinux_state.policy_mutex); 636 vfree(data); 637 return length; 638 } 639 640 static const struct file_operations sel_load_ops = { 641 .write = sel_write_load, 642 .llseek = generic_file_llseek, 643 }; 644 645 static ssize_t sel_write_context(struct file *file, char *buf, size_t size) 646 { 647 char *canon = NULL; 648 u32 sid, len; 649 ssize_t length; 650 651 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 652 SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, NULL); 653 if (length) 654 goto out; 655 656 length = security_context_to_sid(buf, size, &sid, GFP_KERNEL); 657 if (length) 658 goto out; 659 660 length = security_sid_to_context(sid, &canon, &len); 661 if (length) 662 goto out; 663 664 length = -ERANGE; 665 if (len > SIMPLE_TRANSACTION_LIMIT) { 666 pr_err("SELinux: %s: context size (%u) exceeds " 667 "payload max\n", __func__, len); 668 goto out; 669 } 670 671 memcpy(buf, canon, len); 672 length = len; 673 out: 674 kfree(canon); 675 return length; 676 } 677 678 static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, 679 size_t count, loff_t *ppos) 680 { 681 char tmpbuf[TMPBUFLEN]; 682 ssize_t length; 683 684 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 685 checkreqprot_get()); 686 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 687 } 688 689 static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, 690 size_t count, loff_t *ppos) 691 { 692 char *page; 693 ssize_t length; 694 unsigned int new_value; 695 696 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 697 SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, 698 NULL); 699 if (length) 700 return length; 701 702 if (count >= PAGE_SIZE) 703 return -ENOMEM; 704 705 /* No partial writes. */ 706 if (*ppos != 0) 707 return -EINVAL; 708 709 page = memdup_user_nul(buf, count); 710 if (IS_ERR(page)) 711 return PTR_ERR(page); 712 713 if (sscanf(page, "%u", &new_value) != 1) { 714 length = -EINVAL; 715 goto out; 716 } 717 length = count; 718 719 if (new_value) { 720 char comm[sizeof(current->comm)]; 721 722 memcpy(comm, current->comm, sizeof(comm)); 723 pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", 724 comm, current->pid); 725 } 726 727 selinux_ima_measure_state(); 728 729 out: 730 kfree(page); 731 return length; 732 } 733 static const struct file_operations sel_checkreqprot_ops = { 734 .read = sel_read_checkreqprot, 735 .write = sel_write_checkreqprot, 736 .llseek = generic_file_llseek, 737 }; 738 739 static ssize_t sel_write_validatetrans(struct file *file, 740 const char __user *buf, 741 size_t count, loff_t *ppos) 742 { 743 char *oldcon = NULL, *newcon = NULL, *taskcon = NULL; 744 char *req = NULL; 745 u32 osid, nsid, tsid; 746 u16 tclass; 747 int rc; 748 749 rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, 750 SECCLASS_SECURITY, SECURITY__VALIDATE_TRANS, NULL); 751 if (rc) 752 goto out; 753 754 rc = -ENOMEM; 755 if (count >= PAGE_SIZE) 756 goto out; 757 758 /* No partial writes. */ 759 rc = -EINVAL; 760 if (*ppos != 0) 761 goto out; 762 763 req = memdup_user_nul(buf, count); 764 if (IS_ERR(req)) { 765 rc = PTR_ERR(req); 766 req = NULL; 767 goto out; 768 } 769 770 rc = -ENOMEM; 771 oldcon = kzalloc(count + 1, GFP_KERNEL); 772 if (!oldcon) 773 goto out; 774 775 newcon = kzalloc(count + 1, GFP_KERNEL); 776 if (!newcon) 777 goto out; 778 779 taskcon = kzalloc(count + 1, GFP_KERNEL); 780 if (!taskcon) 781 goto out; 782 783 rc = -EINVAL; 784 if (sscanf(req, "%s %s %hu %s", oldcon, newcon, &tclass, taskcon) != 4) 785 goto out; 786 787 rc = security_context_str_to_sid(oldcon, &osid, GFP_KERNEL); 788 if (rc) 789 goto out; 790 791 rc = security_context_str_to_sid(newcon, &nsid, GFP_KERNEL); 792 if (rc) 793 goto out; 794 795 rc = security_context_str_to_sid(taskcon, &tsid, GFP_KERNEL); 796 if (rc) 797 goto out; 798 799 rc = security_validate_transition_user(osid, nsid, tsid, tclass); 800 if (!rc) 801 rc = count; 802 out: 803 kfree(req); 804 kfree(oldcon); 805 kfree(newcon); 806 kfree(taskcon); 807 return rc; 808 } 809 810 static const struct file_operations sel_transition_ops = { 811 .write = sel_write_validatetrans, 812 .llseek = generic_file_llseek, 813 }; 814 815 /* 816 * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c 817 */ 818 static ssize_t sel_write_access(struct file *file, char *buf, size_t size); 819 static ssize_t sel_write_create(struct file *file, char *buf, size_t size); 820 static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size); 821 static ssize_t sel_write_user(struct file *file, char *buf, size_t size); 822 static ssize_t sel_write_member(struct file *file, char *buf, size_t size); 823 824 static ssize_t (*const write_op[])(struct file *, char *, size_t) = { 825 [SEL_ACCESS] = sel_write_access, 826 [SEL_CREATE] = sel_write_create, 827 [SEL_RELABEL] = sel_write_relabel, 828 [SEL_USER] = sel_write_user, 829 [SEL_MEMBER] = sel_write_member, 830 [SEL_CONTEXT] = sel_write_context, 831 }; 832 833 static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) 834 { 835 ino_t ino = file_inode(file)->i_ino; 836 char *data; 837 ssize_t rv; 838 839 if (ino >= ARRAY_SIZE(write_op) || !write_op[ino]) 840 return -EINVAL; 841 842 data = simple_transaction_get(file, buf, size); 843 if (IS_ERR(data)) 844 return PTR_ERR(data); 845 846 rv = write_op[ino](file, data, size); 847 if (rv > 0) { 848 simple_transaction_set(file, rv); 849 rv = size; 850 } 851 return rv; 852 } 853 854 static const struct file_operations transaction_ops = { 855 .write = selinux_transaction_write, 856 .read = simple_transaction_read, 857 .release = simple_transaction_release, 858 .llseek = generic_file_llseek, 859 }; 860 861 /* 862 * payload - write methods 863 * If the method has a response, the response should be put in buf, 864 * and the length returned. Otherwise return 0 or and -error. 865 */ 866 867 static ssize_t sel_write_access(struct file *file, char *buf, size_t size) 868 { 869 char *scon = NULL, *tcon = NULL; 870 u32 ssid, tsid; 871 u16 tclass; 872 struct av_decision avd; 873 ssize_t length; 874 875 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 876 SECCLASS_SECURITY, SECURITY__COMPUTE_AV, NULL); 877 if (length) 878 goto out; 879 880 length = -ENOMEM; 881 scon = kzalloc(size + 1, GFP_KERNEL); 882 if (!scon) 883 goto out; 884 885 length = -ENOMEM; 886 tcon = kzalloc(size + 1, GFP_KERNEL); 887 if (!tcon) 888 goto out; 889 890 length = -EINVAL; 891 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 892 goto out; 893 894 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 895 if (length) 896 goto out; 897 898 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 899 if (length) 900 goto out; 901 902 security_compute_av_user(ssid, tsid, tclass, &avd); 903 904 length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, 905 "%x %x %x %x %u %x", 906 avd.allowed, 0xffffffff, 907 avd.auditallow, avd.auditdeny, 908 avd.seqno, avd.flags); 909 out: 910 kfree(tcon); 911 kfree(scon); 912 return length; 913 } 914 915 static ssize_t sel_write_create(struct file *file, char *buf, size_t size) 916 { 917 char *scon = NULL, *tcon = NULL; 918 char *namebuf = NULL, *objname = NULL; 919 u32 ssid, tsid, newsid; 920 u16 tclass; 921 ssize_t length; 922 char *newcon = NULL; 923 u32 len; 924 int nargs; 925 926 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 927 SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, 928 NULL); 929 if (length) 930 goto out; 931 932 length = -ENOMEM; 933 scon = kzalloc(size + 1, GFP_KERNEL); 934 if (!scon) 935 goto out; 936 937 length = -ENOMEM; 938 tcon = kzalloc(size + 1, GFP_KERNEL); 939 if (!tcon) 940 goto out; 941 942 length = -ENOMEM; 943 namebuf = kzalloc(size + 1, GFP_KERNEL); 944 if (!namebuf) 945 goto out; 946 947 length = -EINVAL; 948 nargs = sscanf(buf, "%s %s %hu %s", scon, tcon, &tclass, namebuf); 949 if (nargs < 3 || nargs > 4) 950 goto out; 951 if (nargs == 4) { 952 /* 953 * If and when the name of new object to be queried contains 954 * either whitespace or multibyte characters, they shall be 955 * encoded based on the percentage-encoding rule. 956 * If not encoded, the sscanf logic picks up only left-half 957 * of the supplied name; split by a whitespace unexpectedly. 958 */ 959 char *r, *w; 960 int c1, c2; 961 962 r = w = namebuf; 963 do { 964 c1 = *r++; 965 if (c1 == '+') 966 c1 = ' '; 967 else if (c1 == '%') { 968 c1 = hex_to_bin(*r++); 969 if (c1 < 0) 970 goto out; 971 c2 = hex_to_bin(*r++); 972 if (c2 < 0) 973 goto out; 974 c1 = (c1 << 4) | c2; 975 } 976 *w++ = c1; 977 } while (c1 != '\0'); 978 979 objname = namebuf; 980 } 981 982 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 983 if (length) 984 goto out; 985 986 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 987 if (length) 988 goto out; 989 990 length = security_transition_sid_user(ssid, tsid, tclass, 991 objname, &newsid); 992 if (length) 993 goto out; 994 995 length = security_sid_to_context(newsid, &newcon, &len); 996 if (length) 997 goto out; 998 999 length = -ERANGE; 1000 if (len > SIMPLE_TRANSACTION_LIMIT) { 1001 pr_err("SELinux: %s: context size (%u) exceeds " 1002 "payload max\n", __func__, len); 1003 goto out; 1004 } 1005 1006 memcpy(buf, newcon, len); 1007 length = len; 1008 out: 1009 kfree(newcon); 1010 kfree(namebuf); 1011 kfree(tcon); 1012 kfree(scon); 1013 return length; 1014 } 1015 1016 static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size) 1017 { 1018 char *scon = NULL, *tcon = NULL; 1019 u32 ssid, tsid, newsid; 1020 u16 tclass; 1021 ssize_t length; 1022 char *newcon = NULL; 1023 u32 len; 1024 1025 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1026 SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, 1027 NULL); 1028 if (length) 1029 goto out; 1030 1031 length = -ENOMEM; 1032 scon = kzalloc(size + 1, GFP_KERNEL); 1033 if (!scon) 1034 goto out; 1035 1036 length = -ENOMEM; 1037 tcon = kzalloc(size + 1, GFP_KERNEL); 1038 if (!tcon) 1039 goto out; 1040 1041 length = -EINVAL; 1042 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 1043 goto out; 1044 1045 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 1046 if (length) 1047 goto out; 1048 1049 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 1050 if (length) 1051 goto out; 1052 1053 length = security_change_sid(ssid, tsid, tclass, &newsid); 1054 if (length) 1055 goto out; 1056 1057 length = security_sid_to_context(newsid, &newcon, &len); 1058 if (length) 1059 goto out; 1060 1061 length = -ERANGE; 1062 if (len > SIMPLE_TRANSACTION_LIMIT) 1063 goto out; 1064 1065 memcpy(buf, newcon, len); 1066 length = len; 1067 out: 1068 kfree(newcon); 1069 kfree(tcon); 1070 kfree(scon); 1071 return length; 1072 } 1073 1074 static ssize_t sel_write_user(struct file *file, char *buf, size_t size) 1075 { 1076 char *con = NULL, *user = NULL, *ptr; 1077 u32 sid, *sids = NULL; 1078 ssize_t length; 1079 char *newcon; 1080 int rc; 1081 u32 i, len, nsids; 1082 1083 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1084 SECCLASS_SECURITY, SECURITY__COMPUTE_USER, 1085 NULL); 1086 if (length) 1087 goto out; 1088 1089 length = -ENOMEM; 1090 con = kzalloc(size + 1, GFP_KERNEL); 1091 if (!con) 1092 goto out; 1093 1094 length = -ENOMEM; 1095 user = kzalloc(size + 1, GFP_KERNEL); 1096 if (!user) 1097 goto out; 1098 1099 length = -EINVAL; 1100 if (sscanf(buf, "%s %s", con, user) != 2) 1101 goto out; 1102 1103 length = security_context_str_to_sid(con, &sid, GFP_KERNEL); 1104 if (length) 1105 goto out; 1106 1107 length = security_get_user_sids(sid, user, &sids, &nsids); 1108 if (length) 1109 goto out; 1110 1111 length = sprintf(buf, "%u", nsids) + 1; 1112 ptr = buf + length; 1113 for (i = 0; i < nsids; i++) { 1114 rc = security_sid_to_context(sids[i], &newcon, &len); 1115 if (rc) { 1116 length = rc; 1117 goto out; 1118 } 1119 if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) { 1120 kfree(newcon); 1121 length = -ERANGE; 1122 goto out; 1123 } 1124 memcpy(ptr, newcon, len); 1125 kfree(newcon); 1126 ptr += len; 1127 length += len; 1128 } 1129 out: 1130 kfree(sids); 1131 kfree(user); 1132 kfree(con); 1133 return length; 1134 } 1135 1136 static ssize_t sel_write_member(struct file *file, char *buf, size_t size) 1137 { 1138 char *scon = NULL, *tcon = NULL; 1139 u32 ssid, tsid, newsid; 1140 u16 tclass; 1141 ssize_t length; 1142 char *newcon = NULL; 1143 u32 len; 1144 1145 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1146 SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, 1147 NULL); 1148 if (length) 1149 goto out; 1150 1151 length = -ENOMEM; 1152 scon = kzalloc(size + 1, GFP_KERNEL); 1153 if (!scon) 1154 goto out; 1155 1156 length = -ENOMEM; 1157 tcon = kzalloc(size + 1, GFP_KERNEL); 1158 if (!tcon) 1159 goto out; 1160 1161 length = -EINVAL; 1162 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 1163 goto out; 1164 1165 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 1166 if (length) 1167 goto out; 1168 1169 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 1170 if (length) 1171 goto out; 1172 1173 length = security_member_sid(ssid, tsid, tclass, &newsid); 1174 if (length) 1175 goto out; 1176 1177 length = security_sid_to_context(newsid, &newcon, &len); 1178 if (length) 1179 goto out; 1180 1181 length = -ERANGE; 1182 if (len > SIMPLE_TRANSACTION_LIMIT) { 1183 pr_err("SELinux: %s: context size (%u) exceeds " 1184 "payload max\n", __func__, len); 1185 goto out; 1186 } 1187 1188 memcpy(buf, newcon, len); 1189 length = len; 1190 out: 1191 kfree(newcon); 1192 kfree(tcon); 1193 kfree(scon); 1194 return length; 1195 } 1196 1197 static struct inode *sel_make_inode(struct super_block *sb, umode_t mode) 1198 { 1199 struct inode *ret = new_inode(sb); 1200 1201 if (ret) { 1202 ret->i_mode = mode; 1203 ret->i_atime = ret->i_mtime = inode_set_ctime_current(ret); 1204 } 1205 return ret; 1206 } 1207 1208 static ssize_t sel_read_bool(struct file *filep, char __user *buf, 1209 size_t count, loff_t *ppos) 1210 { 1211 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1212 char *page = NULL; 1213 ssize_t length; 1214 ssize_t ret; 1215 int cur_enforcing; 1216 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 1217 const char *name = filep->f_path.dentry->d_name.name; 1218 1219 mutex_lock(&selinux_state.policy_mutex); 1220 1221 ret = -EINVAL; 1222 if (index >= fsi->bool_num || strcmp(name, 1223 fsi->bool_pending_names[index])) 1224 goto out_unlock; 1225 1226 ret = -ENOMEM; 1227 page = (char *)get_zeroed_page(GFP_KERNEL); 1228 if (!page) 1229 goto out_unlock; 1230 1231 cur_enforcing = security_get_bool_value(index); 1232 if (cur_enforcing < 0) { 1233 ret = cur_enforcing; 1234 goto out_unlock; 1235 } 1236 length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing, 1237 fsi->bool_pending_values[index]); 1238 mutex_unlock(&selinux_state.policy_mutex); 1239 ret = simple_read_from_buffer(buf, count, ppos, page, length); 1240 out_free: 1241 free_page((unsigned long)page); 1242 return ret; 1243 1244 out_unlock: 1245 mutex_unlock(&selinux_state.policy_mutex); 1246 goto out_free; 1247 } 1248 1249 static ssize_t sel_write_bool(struct file *filep, const char __user *buf, 1250 size_t count, loff_t *ppos) 1251 { 1252 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1253 char *page = NULL; 1254 ssize_t length; 1255 int new_value; 1256 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 1257 const char *name = filep->f_path.dentry->d_name.name; 1258 1259 if (count >= PAGE_SIZE) 1260 return -ENOMEM; 1261 1262 /* No partial writes. */ 1263 if (*ppos != 0) 1264 return -EINVAL; 1265 1266 page = memdup_user_nul(buf, count); 1267 if (IS_ERR(page)) 1268 return PTR_ERR(page); 1269 1270 mutex_lock(&selinux_state.policy_mutex); 1271 1272 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1273 SECCLASS_SECURITY, SECURITY__SETBOOL, 1274 NULL); 1275 if (length) 1276 goto out; 1277 1278 length = -EINVAL; 1279 if (index >= fsi->bool_num || strcmp(name, 1280 fsi->bool_pending_names[index])) 1281 goto out; 1282 1283 length = -EINVAL; 1284 if (sscanf(page, "%d", &new_value) != 1) 1285 goto out; 1286 1287 if (new_value) 1288 new_value = 1; 1289 1290 fsi->bool_pending_values[index] = new_value; 1291 length = count; 1292 1293 out: 1294 mutex_unlock(&selinux_state.policy_mutex); 1295 kfree(page); 1296 return length; 1297 } 1298 1299 static const struct file_operations sel_bool_ops = { 1300 .read = sel_read_bool, 1301 .write = sel_write_bool, 1302 .llseek = generic_file_llseek, 1303 }; 1304 1305 static ssize_t sel_commit_bools_write(struct file *filep, 1306 const char __user *buf, 1307 size_t count, loff_t *ppos) 1308 { 1309 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1310 char *page = NULL; 1311 ssize_t length; 1312 int new_value; 1313 1314 if (count >= PAGE_SIZE) 1315 return -ENOMEM; 1316 1317 /* No partial writes. */ 1318 if (*ppos != 0) 1319 return -EINVAL; 1320 1321 page = memdup_user_nul(buf, count); 1322 if (IS_ERR(page)) 1323 return PTR_ERR(page); 1324 1325 mutex_lock(&selinux_state.policy_mutex); 1326 1327 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1328 SECCLASS_SECURITY, SECURITY__SETBOOL, 1329 NULL); 1330 if (length) 1331 goto out; 1332 1333 length = -EINVAL; 1334 if (sscanf(page, "%d", &new_value) != 1) 1335 goto out; 1336 1337 length = 0; 1338 if (new_value && fsi->bool_pending_values) 1339 length = security_set_bools(fsi->bool_num, 1340 fsi->bool_pending_values); 1341 1342 if (!length) 1343 length = count; 1344 1345 out: 1346 mutex_unlock(&selinux_state.policy_mutex); 1347 kfree(page); 1348 return length; 1349 } 1350 1351 static const struct file_operations sel_commit_bools_ops = { 1352 .write = sel_commit_bools_write, 1353 .llseek = generic_file_llseek, 1354 }; 1355 1356 static void sel_remove_entries(struct dentry *de) 1357 { 1358 d_genocide(de); 1359 shrink_dcache_parent(de); 1360 } 1361 1362 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir, 1363 unsigned int *bool_num, char ***bool_pending_names, 1364 int **bool_pending_values) 1365 { 1366 int ret; 1367 ssize_t len; 1368 struct dentry *dentry = NULL; 1369 struct inode *inode = NULL; 1370 struct inode_security_struct *isec; 1371 char **names = NULL, *page; 1372 u32 i, num; 1373 int *values = NULL; 1374 u32 sid; 1375 1376 ret = -ENOMEM; 1377 page = (char *)get_zeroed_page(GFP_KERNEL); 1378 if (!page) 1379 goto out; 1380 1381 ret = security_get_bools(newpolicy, &num, &names, &values); 1382 if (ret) 1383 goto out; 1384 1385 for (i = 0; i < num; i++) { 1386 ret = -ENOMEM; 1387 dentry = d_alloc_name(bool_dir, names[i]); 1388 if (!dentry) 1389 goto out; 1390 1391 ret = -ENOMEM; 1392 inode = sel_make_inode(bool_dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); 1393 if (!inode) { 1394 dput(dentry); 1395 goto out; 1396 } 1397 1398 ret = -ENAMETOOLONG; 1399 len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); 1400 if (len >= PAGE_SIZE) { 1401 dput(dentry); 1402 iput(inode); 1403 goto out; 1404 } 1405 1406 isec = selinux_inode(inode); 1407 ret = selinux_policy_genfs_sid(newpolicy, "selinuxfs", page, 1408 SECCLASS_FILE, &sid); 1409 if (ret) { 1410 pr_warn_ratelimited("SELinux: no sid found, defaulting to security isid for %s\n", 1411 page); 1412 sid = SECINITSID_SECURITY; 1413 } 1414 1415 isec->sid = sid; 1416 isec->initialized = LABEL_INITIALIZED; 1417 inode->i_fop = &sel_bool_ops; 1418 inode->i_ino = i|SEL_BOOL_INO_OFFSET; 1419 d_add(dentry, inode); 1420 } 1421 *bool_num = num; 1422 *bool_pending_names = names; 1423 *bool_pending_values = values; 1424 1425 free_page((unsigned long)page); 1426 return 0; 1427 out: 1428 free_page((unsigned long)page); 1429 1430 if (names) { 1431 for (i = 0; i < num; i++) 1432 kfree(names[i]); 1433 kfree(names); 1434 } 1435 kfree(values); 1436 sel_remove_entries(bool_dir); 1437 1438 return ret; 1439 } 1440 1441 static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, 1442 size_t count, loff_t *ppos) 1443 { 1444 char tmpbuf[TMPBUFLEN]; 1445 ssize_t length; 1446 1447 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 1448 avc_get_cache_threshold()); 1449 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 1450 } 1451 1452 static ssize_t sel_write_avc_cache_threshold(struct file *file, 1453 const char __user *buf, 1454 size_t count, loff_t *ppos) 1455 1456 { 1457 char *page; 1458 ssize_t ret; 1459 unsigned int new_value; 1460 1461 ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1462 SECCLASS_SECURITY, SECURITY__SETSECPARAM, 1463 NULL); 1464 if (ret) 1465 return ret; 1466 1467 if (count >= PAGE_SIZE) 1468 return -ENOMEM; 1469 1470 /* No partial writes. */ 1471 if (*ppos != 0) 1472 return -EINVAL; 1473 1474 page = memdup_user_nul(buf, count); 1475 if (IS_ERR(page)) 1476 return PTR_ERR(page); 1477 1478 ret = -EINVAL; 1479 if (sscanf(page, "%u", &new_value) != 1) 1480 goto out; 1481 1482 avc_set_cache_threshold(new_value); 1483 1484 ret = count; 1485 out: 1486 kfree(page); 1487 return ret; 1488 } 1489 1490 static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, 1491 size_t count, loff_t *ppos) 1492 { 1493 char *page; 1494 ssize_t length; 1495 1496 page = (char *)__get_free_page(GFP_KERNEL); 1497 if (!page) 1498 return -ENOMEM; 1499 1500 length = avc_get_hash_stats(page); 1501 if (length >= 0) 1502 length = simple_read_from_buffer(buf, count, ppos, page, length); 1503 free_page((unsigned long)page); 1504 1505 return length; 1506 } 1507 1508 static ssize_t sel_read_sidtab_hash_stats(struct file *filp, char __user *buf, 1509 size_t count, loff_t *ppos) 1510 { 1511 char *page; 1512 ssize_t length; 1513 1514 page = (char *)__get_free_page(GFP_KERNEL); 1515 if (!page) 1516 return -ENOMEM; 1517 1518 length = security_sidtab_hash_stats(page); 1519 if (length >= 0) 1520 length = simple_read_from_buffer(buf, count, ppos, page, 1521 length); 1522 free_page((unsigned long)page); 1523 1524 return length; 1525 } 1526 1527 static const struct file_operations sel_sidtab_hash_stats_ops = { 1528 .read = sel_read_sidtab_hash_stats, 1529 .llseek = generic_file_llseek, 1530 }; 1531 1532 static const struct file_operations sel_avc_cache_threshold_ops = { 1533 .read = sel_read_avc_cache_threshold, 1534 .write = sel_write_avc_cache_threshold, 1535 .llseek = generic_file_llseek, 1536 }; 1537 1538 static const struct file_operations sel_avc_hash_stats_ops = { 1539 .read = sel_read_avc_hash_stats, 1540 .llseek = generic_file_llseek, 1541 }; 1542 1543 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 1544 static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) 1545 { 1546 int cpu; 1547 1548 for (cpu = *idx; cpu < nr_cpu_ids; ++cpu) { 1549 if (!cpu_possible(cpu)) 1550 continue; 1551 *idx = cpu + 1; 1552 return &per_cpu(avc_cache_stats, cpu); 1553 } 1554 (*idx)++; 1555 return NULL; 1556 } 1557 1558 static void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos) 1559 { 1560 loff_t n = *pos - 1; 1561 1562 if (*pos == 0) 1563 return SEQ_START_TOKEN; 1564 1565 return sel_avc_get_stat_idx(&n); 1566 } 1567 1568 static void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos) 1569 { 1570 return sel_avc_get_stat_idx(pos); 1571 } 1572 1573 static int sel_avc_stats_seq_show(struct seq_file *seq, void *v) 1574 { 1575 struct avc_cache_stats *st = v; 1576 1577 if (v == SEQ_START_TOKEN) { 1578 seq_puts(seq, 1579 "lookups hits misses allocations reclaims frees\n"); 1580 } else { 1581 unsigned int lookups = st->lookups; 1582 unsigned int misses = st->misses; 1583 unsigned int hits = lookups - misses; 1584 seq_printf(seq, "%u %u %u %u %u %u\n", lookups, 1585 hits, misses, st->allocations, 1586 st->reclaims, st->frees); 1587 } 1588 return 0; 1589 } 1590 1591 static void sel_avc_stats_seq_stop(struct seq_file *seq, void *v) 1592 { } 1593 1594 static const struct seq_operations sel_avc_cache_stats_seq_ops = { 1595 .start = sel_avc_stats_seq_start, 1596 .next = sel_avc_stats_seq_next, 1597 .show = sel_avc_stats_seq_show, 1598 .stop = sel_avc_stats_seq_stop, 1599 }; 1600 1601 static int sel_open_avc_cache_stats(struct inode *inode, struct file *file) 1602 { 1603 return seq_open(file, &sel_avc_cache_stats_seq_ops); 1604 } 1605 1606 static const struct file_operations sel_avc_cache_stats_ops = { 1607 .open = sel_open_avc_cache_stats, 1608 .read = seq_read, 1609 .llseek = seq_lseek, 1610 .release = seq_release, 1611 }; 1612 #endif 1613 1614 static int sel_make_avc_files(struct dentry *dir) 1615 { 1616 struct super_block *sb = dir->d_sb; 1617 struct selinux_fs_info *fsi = sb->s_fs_info; 1618 unsigned int i; 1619 static const struct tree_descr files[] = { 1620 { "cache_threshold", 1621 &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, 1622 { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, 1623 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 1624 { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, 1625 #endif 1626 }; 1627 1628 for (i = 0; i < ARRAY_SIZE(files); i++) { 1629 struct inode *inode; 1630 struct dentry *dentry; 1631 1632 dentry = d_alloc_name(dir, files[i].name); 1633 if (!dentry) 1634 return -ENOMEM; 1635 1636 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); 1637 if (!inode) { 1638 dput(dentry); 1639 return -ENOMEM; 1640 } 1641 1642 inode->i_fop = files[i].ops; 1643 inode->i_ino = ++fsi->last_ino; 1644 d_add(dentry, inode); 1645 } 1646 1647 return 0; 1648 } 1649 1650 static int sel_make_ss_files(struct dentry *dir) 1651 { 1652 struct super_block *sb = dir->d_sb; 1653 struct selinux_fs_info *fsi = sb->s_fs_info; 1654 unsigned int i; 1655 static const struct tree_descr files[] = { 1656 { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO }, 1657 }; 1658 1659 for (i = 0; i < ARRAY_SIZE(files); i++) { 1660 struct inode *inode; 1661 struct dentry *dentry; 1662 1663 dentry = d_alloc_name(dir, files[i].name); 1664 if (!dentry) 1665 return -ENOMEM; 1666 1667 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); 1668 if (!inode) { 1669 dput(dentry); 1670 return -ENOMEM; 1671 } 1672 1673 inode->i_fop = files[i].ops; 1674 inode->i_ino = ++fsi->last_ino; 1675 d_add(dentry, inode); 1676 } 1677 1678 return 0; 1679 } 1680 1681 static ssize_t sel_read_initcon(struct file *file, char __user *buf, 1682 size_t count, loff_t *ppos) 1683 { 1684 char *con; 1685 u32 sid, len; 1686 ssize_t ret; 1687 1688 sid = file_inode(file)->i_ino&SEL_INO_MASK; 1689 ret = security_sid_to_context(sid, &con, &len); 1690 if (ret) 1691 return ret; 1692 1693 ret = simple_read_from_buffer(buf, count, ppos, con, len); 1694 kfree(con); 1695 return ret; 1696 } 1697 1698 static const struct file_operations sel_initcon_ops = { 1699 .read = sel_read_initcon, 1700 .llseek = generic_file_llseek, 1701 }; 1702 1703 static int sel_make_initcon_files(struct dentry *dir) 1704 { 1705 unsigned int i; 1706 1707 for (i = 1; i <= SECINITSID_NUM; i++) { 1708 struct inode *inode; 1709 struct dentry *dentry; 1710 const char *s = security_get_initial_sid_context(i); 1711 1712 if (!s) 1713 continue; 1714 dentry = d_alloc_name(dir, s); 1715 if (!dentry) 1716 return -ENOMEM; 1717 1718 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 1719 if (!inode) { 1720 dput(dentry); 1721 return -ENOMEM; 1722 } 1723 1724 inode->i_fop = &sel_initcon_ops; 1725 inode->i_ino = i|SEL_INITCON_INO_OFFSET; 1726 d_add(dentry, inode); 1727 } 1728 1729 return 0; 1730 } 1731 1732 static inline unsigned long sel_class_to_ino(u16 class) 1733 { 1734 return (class * (SEL_VEC_MAX + 1)) | SEL_CLASS_INO_OFFSET; 1735 } 1736 1737 static inline u16 sel_ino_to_class(unsigned long ino) 1738 { 1739 return (ino & SEL_INO_MASK) / (SEL_VEC_MAX + 1); 1740 } 1741 1742 static inline unsigned long sel_perm_to_ino(u16 class, u32 perm) 1743 { 1744 return (class * (SEL_VEC_MAX + 1) + perm) | SEL_CLASS_INO_OFFSET; 1745 } 1746 1747 static inline u32 sel_ino_to_perm(unsigned long ino) 1748 { 1749 return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); 1750 } 1751 1752 static ssize_t sel_read_class(struct file *file, char __user *buf, 1753 size_t count, loff_t *ppos) 1754 { 1755 unsigned long ino = file_inode(file)->i_ino; 1756 char res[TMPBUFLEN]; 1757 ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_class(ino)); 1758 return simple_read_from_buffer(buf, count, ppos, res, len); 1759 } 1760 1761 static const struct file_operations sel_class_ops = { 1762 .read = sel_read_class, 1763 .llseek = generic_file_llseek, 1764 }; 1765 1766 static ssize_t sel_read_perm(struct file *file, char __user *buf, 1767 size_t count, loff_t *ppos) 1768 { 1769 unsigned long ino = file_inode(file)->i_ino; 1770 char res[TMPBUFLEN]; 1771 ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_perm(ino)); 1772 return simple_read_from_buffer(buf, count, ppos, res, len); 1773 } 1774 1775 static const struct file_operations sel_perm_ops = { 1776 .read = sel_read_perm, 1777 .llseek = generic_file_llseek, 1778 }; 1779 1780 static ssize_t sel_read_policycap(struct file *file, char __user *buf, 1781 size_t count, loff_t *ppos) 1782 { 1783 int value; 1784 char tmpbuf[TMPBUFLEN]; 1785 ssize_t length; 1786 unsigned long i_ino = file_inode(file)->i_ino; 1787 1788 value = security_policycap_supported(i_ino & SEL_INO_MASK); 1789 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", value); 1790 1791 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 1792 } 1793 1794 static const struct file_operations sel_policycap_ops = { 1795 .read = sel_read_policycap, 1796 .llseek = generic_file_llseek, 1797 }; 1798 1799 static int sel_make_perm_files(struct selinux_policy *newpolicy, 1800 char *objclass, int classvalue, 1801 struct dentry *dir) 1802 { 1803 u32 i, nperms; 1804 int rc; 1805 char **perms; 1806 1807 rc = security_get_permissions(newpolicy, objclass, &perms, &nperms); 1808 if (rc) 1809 return rc; 1810 1811 for (i = 0; i < nperms; i++) { 1812 struct inode *inode; 1813 struct dentry *dentry; 1814 1815 rc = -ENOMEM; 1816 dentry = d_alloc_name(dir, perms[i]); 1817 if (!dentry) 1818 goto out; 1819 1820 rc = -ENOMEM; 1821 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 1822 if (!inode) { 1823 dput(dentry); 1824 goto out; 1825 } 1826 1827 inode->i_fop = &sel_perm_ops; 1828 /* i+1 since perm values are 1-indexed */ 1829 inode->i_ino = sel_perm_to_ino(classvalue, i + 1); 1830 d_add(dentry, inode); 1831 } 1832 rc = 0; 1833 out: 1834 for (i = 0; i < nperms; i++) 1835 kfree(perms[i]); 1836 kfree(perms); 1837 return rc; 1838 } 1839 1840 static int sel_make_class_dir_entries(struct selinux_policy *newpolicy, 1841 char *classname, int index, 1842 struct dentry *dir) 1843 { 1844 struct super_block *sb = dir->d_sb; 1845 struct selinux_fs_info *fsi = sb->s_fs_info; 1846 struct dentry *dentry = NULL; 1847 struct inode *inode = NULL; 1848 1849 dentry = d_alloc_name(dir, "index"); 1850 if (!dentry) 1851 return -ENOMEM; 1852 1853 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 1854 if (!inode) { 1855 dput(dentry); 1856 return -ENOMEM; 1857 } 1858 1859 inode->i_fop = &sel_class_ops; 1860 inode->i_ino = sel_class_to_ino(index); 1861 d_add(dentry, inode); 1862 1863 dentry = sel_make_dir(dir, "perms", &fsi->last_class_ino); 1864 if (IS_ERR(dentry)) 1865 return PTR_ERR(dentry); 1866 1867 return sel_make_perm_files(newpolicy, classname, index, dentry); 1868 } 1869 1870 static int sel_make_classes(struct selinux_policy *newpolicy, 1871 struct dentry *class_dir, 1872 unsigned long *last_class_ino) 1873 { 1874 u32 i, nclasses; 1875 int rc; 1876 char **classes; 1877 1878 rc = security_get_classes(newpolicy, &classes, &nclasses); 1879 if (rc) 1880 return rc; 1881 1882 /* +2 since classes are 1-indexed */ 1883 *last_class_ino = sel_class_to_ino(nclasses + 2); 1884 1885 for (i = 0; i < nclasses; i++) { 1886 struct dentry *class_name_dir; 1887 1888 class_name_dir = sel_make_dir(class_dir, classes[i], 1889 last_class_ino); 1890 if (IS_ERR(class_name_dir)) { 1891 rc = PTR_ERR(class_name_dir); 1892 goto out; 1893 } 1894 1895 /* i+1 since class values are 1-indexed */ 1896 rc = sel_make_class_dir_entries(newpolicy, classes[i], i + 1, 1897 class_name_dir); 1898 if (rc) 1899 goto out; 1900 } 1901 rc = 0; 1902 out: 1903 for (i = 0; i < nclasses; i++) 1904 kfree(classes[i]); 1905 kfree(classes); 1906 return rc; 1907 } 1908 1909 static int sel_make_policycap(struct selinux_fs_info *fsi) 1910 { 1911 unsigned int iter; 1912 struct dentry *dentry = NULL; 1913 struct inode *inode = NULL; 1914 1915 for (iter = 0; iter <= POLICYDB_CAP_MAX; iter++) { 1916 if (iter < ARRAY_SIZE(selinux_policycap_names)) 1917 dentry = d_alloc_name(fsi->policycap_dir, 1918 selinux_policycap_names[iter]); 1919 else 1920 dentry = d_alloc_name(fsi->policycap_dir, "unknown"); 1921 1922 if (dentry == NULL) 1923 return -ENOMEM; 1924 1925 inode = sel_make_inode(fsi->sb, S_IFREG | 0444); 1926 if (inode == NULL) { 1927 dput(dentry); 1928 return -ENOMEM; 1929 } 1930 1931 inode->i_fop = &sel_policycap_ops; 1932 inode->i_ino = iter | SEL_POLICYCAP_INO_OFFSET; 1933 d_add(dentry, inode); 1934 } 1935 1936 return 0; 1937 } 1938 1939 static struct dentry *sel_make_dir(struct dentry *dir, const char *name, 1940 unsigned long *ino) 1941 { 1942 struct dentry *dentry = d_alloc_name(dir, name); 1943 struct inode *inode; 1944 1945 if (!dentry) 1946 return ERR_PTR(-ENOMEM); 1947 1948 inode = sel_make_inode(dir->d_sb, S_IFDIR | S_IRUGO | S_IXUGO); 1949 if (!inode) { 1950 dput(dentry); 1951 return ERR_PTR(-ENOMEM); 1952 } 1953 1954 inode->i_op = &simple_dir_inode_operations; 1955 inode->i_fop = &simple_dir_operations; 1956 inode->i_ino = ++(*ino); 1957 /* directory inodes start off with i_nlink == 2 (for "." entry) */ 1958 inc_nlink(inode); 1959 d_add(dentry, inode); 1960 /* bump link count on parent directory, too */ 1961 inc_nlink(d_inode(dir)); 1962 1963 return dentry; 1964 } 1965 1966 static struct dentry *sel_make_disconnected_dir(struct super_block *sb, 1967 unsigned long *ino) 1968 { 1969 struct inode *inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO); 1970 1971 if (!inode) 1972 return ERR_PTR(-ENOMEM); 1973 1974 inode->i_op = &simple_dir_inode_operations; 1975 inode->i_fop = &simple_dir_operations; 1976 inode->i_ino = ++(*ino); 1977 /* directory inodes start off with i_nlink == 2 (for "." entry) */ 1978 inc_nlink(inode); 1979 return d_obtain_alias(inode); 1980 } 1981 1982 #define NULL_FILE_NAME "null" 1983 1984 static int sel_fill_super(struct super_block *sb, struct fs_context *fc) 1985 { 1986 struct selinux_fs_info *fsi; 1987 int ret; 1988 struct dentry *dentry; 1989 struct inode *inode; 1990 struct inode_security_struct *isec; 1991 1992 static const struct tree_descr selinux_files[] = { 1993 [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR}, 1994 [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR}, 1995 [SEL_CONTEXT] = {"context", &transaction_ops, S_IRUGO|S_IWUGO}, 1996 [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO}, 1997 [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, 1998 [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, 1999 [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, 2000 [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, 2001 [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR}, 2002 [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO}, 2003 [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR}, 2004 [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO}, 2005 [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR}, 2006 [SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO}, 2007 [SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO}, 2008 [SEL_STATUS] = {"status", &sel_handle_status_ops, S_IRUGO}, 2009 [SEL_POLICY] = {"policy", &sel_policy_ops, S_IRUGO}, 2010 [SEL_VALIDATE_TRANS] = {"validatetrans", &sel_transition_ops, 2011 S_IWUGO}, 2012 /* last one */ {""} 2013 }; 2014 2015 ret = selinux_fs_info_create(sb); 2016 if (ret) 2017 goto err; 2018 2019 ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files); 2020 if (ret) 2021 goto err; 2022 2023 fsi = sb->s_fs_info; 2024 fsi->bool_dir = sel_make_dir(sb->s_root, BOOL_DIR_NAME, &fsi->last_ino); 2025 if (IS_ERR(fsi->bool_dir)) { 2026 ret = PTR_ERR(fsi->bool_dir); 2027 fsi->bool_dir = NULL; 2028 goto err; 2029 } 2030 2031 ret = -ENOMEM; 2032 dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME); 2033 if (!dentry) 2034 goto err; 2035 2036 ret = -ENOMEM; 2037 inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); 2038 if (!inode) { 2039 dput(dentry); 2040 goto err; 2041 } 2042 2043 inode->i_ino = ++fsi->last_ino; 2044 isec = selinux_inode(inode); 2045 isec->sid = SECINITSID_DEVNULL; 2046 isec->sclass = SECCLASS_CHR_FILE; 2047 isec->initialized = LABEL_INITIALIZED; 2048 2049 init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); 2050 d_add(dentry, inode); 2051 2052 dentry = sel_make_dir(sb->s_root, "avc", &fsi->last_ino); 2053 if (IS_ERR(dentry)) { 2054 ret = PTR_ERR(dentry); 2055 goto err; 2056 } 2057 2058 ret = sel_make_avc_files(dentry); 2059 if (ret) 2060 goto err; 2061 2062 dentry = sel_make_dir(sb->s_root, "ss", &fsi->last_ino); 2063 if (IS_ERR(dentry)) { 2064 ret = PTR_ERR(dentry); 2065 goto err; 2066 } 2067 2068 ret = sel_make_ss_files(dentry); 2069 if (ret) 2070 goto err; 2071 2072 dentry = sel_make_dir(sb->s_root, "initial_contexts", &fsi->last_ino); 2073 if (IS_ERR(dentry)) { 2074 ret = PTR_ERR(dentry); 2075 goto err; 2076 } 2077 2078 ret = sel_make_initcon_files(dentry); 2079 if (ret) 2080 goto err; 2081 2082 fsi->class_dir = sel_make_dir(sb->s_root, CLASS_DIR_NAME, &fsi->last_ino); 2083 if (IS_ERR(fsi->class_dir)) { 2084 ret = PTR_ERR(fsi->class_dir); 2085 fsi->class_dir = NULL; 2086 goto err; 2087 } 2088 2089 fsi->policycap_dir = sel_make_dir(sb->s_root, POLICYCAP_DIR_NAME, 2090 &fsi->last_ino); 2091 if (IS_ERR(fsi->policycap_dir)) { 2092 ret = PTR_ERR(fsi->policycap_dir); 2093 fsi->policycap_dir = NULL; 2094 goto err; 2095 } 2096 2097 ret = sel_make_policycap(fsi); 2098 if (ret) { 2099 pr_err("SELinux: failed to load policy capabilities\n"); 2100 goto err; 2101 } 2102 2103 return 0; 2104 err: 2105 pr_err("SELinux: %s: failed while creating inodes\n", 2106 __func__); 2107 2108 selinux_fs_info_free(sb); 2109 2110 return ret; 2111 } 2112 2113 static int sel_get_tree(struct fs_context *fc) 2114 { 2115 return get_tree_single(fc, sel_fill_super); 2116 } 2117 2118 static const struct fs_context_operations sel_context_ops = { 2119 .get_tree = sel_get_tree, 2120 }; 2121 2122 static int sel_init_fs_context(struct fs_context *fc) 2123 { 2124 fc->ops = &sel_context_ops; 2125 return 0; 2126 } 2127 2128 static void sel_kill_sb(struct super_block *sb) 2129 { 2130 selinux_fs_info_free(sb); 2131 kill_litter_super(sb); 2132 } 2133 2134 static struct file_system_type sel_fs_type = { 2135 .name = "selinuxfs", 2136 .init_fs_context = sel_init_fs_context, 2137 .kill_sb = sel_kill_sb, 2138 }; 2139 2140 struct path selinux_null __ro_after_init; 2141 2142 static int __init init_sel_fs(void) 2143 { 2144 struct qstr null_name = QSTR_INIT(NULL_FILE_NAME, 2145 sizeof(NULL_FILE_NAME)-1); 2146 int err; 2147 2148 if (!selinux_enabled_boot) 2149 return 0; 2150 2151 err = sysfs_create_mount_point(fs_kobj, "selinux"); 2152 if (err) 2153 return err; 2154 2155 err = register_filesystem(&sel_fs_type); 2156 if (err) { 2157 sysfs_remove_mount_point(fs_kobj, "selinux"); 2158 return err; 2159 } 2160 2161 selinux_null.mnt = kern_mount(&sel_fs_type); 2162 if (IS_ERR(selinux_null.mnt)) { 2163 pr_err("selinuxfs: could not mount!\n"); 2164 err = PTR_ERR(selinux_null.mnt); 2165 selinux_null.mnt = NULL; 2166 return err; 2167 } 2168 2169 selinux_null.dentry = d_hash_and_lookup(selinux_null.mnt->mnt_root, 2170 &null_name); 2171 if (IS_ERR(selinux_null.dentry)) { 2172 pr_err("selinuxfs: could not lookup null!\n"); 2173 err = PTR_ERR(selinux_null.dentry); 2174 selinux_null.dentry = NULL; 2175 return err; 2176 } 2177 2178 return err; 2179 } 2180 2181 __initcall(init_sel_fs); 2182