1 /* 2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, version 2. 7 * 8 * Author: 9 * Casey Schaufler <casey@schaufler-ca.com> 10 * 11 */ 12 13 #ifndef _SECURITY_SMACK_H 14 #define _SECURITY_SMACK_H 15 16 #include <linux/capability.h> 17 #include <linux/spinlock.h> 18 #include <linux/security.h> 19 #include <linux/in.h> 20 #include <net/netlabel.h> 21 22 /* 23 * Why 23? CIPSO is constrained to 30, so a 32 byte buffer is 24 * bigger than can be used, and 24 is the next lower multiple 25 * of 8, and there are too many issues if there isn't space set 26 * aside for the terminating null byte. 27 */ 28 #define SMK_MAXLEN 23 29 #define SMK_LABELLEN (SMK_MAXLEN+1) 30 31 struct superblock_smack { 32 char *smk_root; 33 char *smk_floor; 34 char *smk_hat; 35 char *smk_default; 36 int smk_initialized; 37 spinlock_t smk_sblock; /* for initialization */ 38 }; 39 40 struct socket_smack { 41 char *smk_out; /* outbound label */ 42 char *smk_in; /* inbound label */ 43 int smk_labeled; /* label scheme */ 44 char smk_packet[SMK_LABELLEN]; /* TCP peer label */ 45 }; 46 47 /* 48 * Inode smack data 49 */ 50 struct inode_smack { 51 char *smk_inode; /* label of the fso */ 52 struct mutex smk_lock; /* initialization lock */ 53 int smk_flags; /* smack inode flags */ 54 }; 55 56 #define SMK_INODE_INSTANT 0x01 /* inode is instantiated */ 57 58 /* 59 * A label access rule. 60 */ 61 struct smack_rule { 62 char *smk_subject; 63 char *smk_object; 64 int smk_access; 65 }; 66 67 /* 68 * An entry in the table of permitted label accesses. 69 */ 70 struct smk_list_entry { 71 struct smk_list_entry *smk_next; 72 struct smack_rule smk_rule; 73 }; 74 75 /* 76 * An entry in the table mapping smack values to 77 * CIPSO level/category-set values. 78 */ 79 struct smack_cipso { 80 int smk_level; 81 char smk_catset[SMK_LABELLEN]; 82 }; 83 84 /* 85 * An entry in the table identifying hosts. 86 */ 87 struct smk_netlbladdr { 88 struct smk_netlbladdr *smk_next; 89 struct sockaddr_in smk_host; /* network address */ 90 struct in_addr smk_mask; /* network mask */ 91 char *smk_label; /* label */ 92 }; 93 94 /* 95 * This is the repository for labels seen so that it is 96 * not necessary to keep allocating tiny chuncks of memory 97 * and so that they can be shared. 98 * 99 * Labels are never modified in place. Anytime a label 100 * is imported (e.g. xattrset on a file) the list is checked 101 * for it and it is added if it doesn't exist. The address 102 * is passed out in either case. Entries are added, but 103 * never deleted. 104 * 105 * Since labels are hanging around anyway it doesn't 106 * hurt to maintain a secid for those awkward situations 107 * where kernel components that ought to use LSM independent 108 * interfaces don't. The secid should go away when all of 109 * these components have been repaired. 110 * 111 * If there is a cipso value associated with the label it 112 * gets stored here, too. This will most likely be rare as 113 * the cipso direct mapping in used internally. 114 */ 115 struct smack_known { 116 struct smack_known *smk_next; 117 char smk_known[SMK_LABELLEN]; 118 u32 smk_secid; 119 struct smack_cipso *smk_cipso; 120 spinlock_t smk_cipsolock; /* for changing cipso map */ 121 }; 122 123 /* 124 * Mount options 125 */ 126 #define SMK_FSDEFAULT "smackfsdef=" 127 #define SMK_FSFLOOR "smackfsfloor=" 128 #define SMK_FSHAT "smackfshat=" 129 #define SMK_FSROOT "smackfsroot=" 130 131 /* 132 * xattr names 133 */ 134 #define XATTR_SMACK_SUFFIX "SMACK64" 135 #define XATTR_SMACK_IPIN "SMACK64IPIN" 136 #define XATTR_SMACK_IPOUT "SMACK64IPOUT" 137 #define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX 138 #define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN 139 #define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT 140 141 /* 142 * How communications on this socket are treated. 143 * Usually it's determined by the underlying netlabel code 144 * but there are certain cases, including single label hosts 145 * and potentially single label interfaces for which the 146 * treatment can not be known in advance. 147 * 148 * The possibility of additional labeling schemes being 149 * introduced in the future exists as well. 150 */ 151 #define SMACK_UNLABELED_SOCKET 0 152 #define SMACK_CIPSO_SOCKET 1 153 154 /* 155 * smackfs magic number 156 * smackfs macic number 157 */ 158 #define SMACK_MAGIC 0x43415d53 /* "SMAC" */ 159 160 /* 161 * A limit on the number of entries in the lists 162 * makes some of the list administration easier. 163 */ 164 #define SMACK_LIST_MAX 10000 165 166 /* 167 * CIPSO defaults. 168 */ 169 #define SMACK_CIPSO_DOI_DEFAULT 3 /* Historical */ 170 #define SMACK_CIPSO_DOI_INVALID -1 /* Not a DOI */ 171 #define SMACK_CIPSO_DIRECT_DEFAULT 250 /* Arbitrary */ 172 #define SMACK_CIPSO_MAXCATVAL 63 /* Bigger gets harder */ 173 #define SMACK_CIPSO_MAXLEVEL 255 /* CIPSO 2.2 standard */ 174 #define SMACK_CIPSO_MAXCATNUM 239 /* CIPSO 2.2 standard */ 175 176 /* 177 * Just to make the common cases easier to deal with 178 */ 179 #define MAY_ANY (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC) 180 #define MAY_ANYREAD (MAY_READ | MAY_EXEC) 181 #define MAY_ANYWRITE (MAY_WRITE | MAY_APPEND) 182 #define MAY_READWRITE (MAY_READ | MAY_WRITE) 183 #define MAY_NOT 0 184 185 /* 186 * These functions are in smack_lsm.c 187 */ 188 struct inode_smack *new_inode_smack(char *); 189 190 /* 191 * These functions are in smack_access.c 192 */ 193 int smk_access(char *, char *, int); 194 int smk_curacc(char *, u32); 195 int smack_to_cipso(const char *, struct smack_cipso *); 196 void smack_from_cipso(u32, char *, char *); 197 char *smack_from_secid(const u32); 198 char *smk_import(const char *, int); 199 struct smack_known *smk_import_entry(const char *, int); 200 u32 smack_to_secid(const char *); 201 202 /* 203 * Shared data. 204 */ 205 extern int smack_cipso_direct; 206 extern char *smack_net_ambient; 207 extern char *smack_onlycap; 208 209 extern struct smack_known *smack_known; 210 extern struct smack_known smack_known_floor; 211 extern struct smack_known smack_known_hat; 212 extern struct smack_known smack_known_huh; 213 extern struct smack_known smack_known_invalid; 214 extern struct smack_known smack_known_star; 215 extern struct smack_known smack_known_web; 216 217 extern struct smk_list_entry *smack_list; 218 extern struct smk_netlbladdr *smack_netlbladdrs; 219 extern struct security_operations smack_ops; 220 221 /* 222 * Stricly for CIPSO level manipulation. 223 * Set the category bit number in a smack label sized buffer. 224 */ 225 static inline void smack_catset_bit(int cat, char *catsetp) 226 { 227 if (cat > SMK_LABELLEN * 8) 228 return; 229 230 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 231 } 232 233 /* 234 * Present a pointer to the smack label in an inode blob. 235 */ 236 static inline char *smk_of_inode(const struct inode *isp) 237 { 238 struct inode_smack *sip = isp->i_security; 239 return sip->smk_inode; 240 } 241 242 #endif /* _SECURITY_SMACK_H */ 243