xref: /openbmc/linux/security/smack/smack.h (revision 5ac072e1) 
1 /*
2  * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
3  *
4  *      This program is free software; you can redistribute it and/or modify
5  *      it under the terms of the GNU General Public License as published by
6  *      the Free Software Foundation, version 2.
7  *
8  * Author:
9  *      Casey Schaufler <casey@schaufler-ca.com>
10  *
11  */
12 
13 #ifndef _SECURITY_SMACK_H
14 #define _SECURITY_SMACK_H
15 
16 #include <linux/capability.h>
17 #include <linux/spinlock.h>
18 #include <linux/security.h>
19 #include <linux/in.h>
20 #include <net/netlabel.h>
21 
22 /*
23  * Why 23? CIPSO is constrained to 30, so a 32 byte buffer is
24  * bigger than can be used, and 24 is the next lower multiple
25  * of 8, and there are too many issues if there isn't space set
26  * aside for the terminating null byte.
27  */
28 #define SMK_MAXLEN	23
29 #define SMK_LABELLEN	(SMK_MAXLEN+1)
30 
31 struct superblock_smack {
32 	char		*smk_root;
33 	char		*smk_floor;
34 	char		*smk_hat;
35 	char		*smk_default;
36 	int		smk_initialized;
37 	spinlock_t	smk_sblock;	/* for initialization */
38 };
39 
40 struct socket_smack {
41 	char		*smk_out;			/* outbound label */
42 	char		*smk_in;			/* inbound label */
43 	int		smk_labeled;			/* label scheme */
44 	char		smk_packet[SMK_LABELLEN];	/* TCP peer label */
45 };
46 
47 /*
48  * Inode smack data
49  */
50 struct inode_smack {
51 	char		*smk_inode;	/* label of the fso */
52 	struct mutex	smk_lock;	/* initialization lock */
53 	int		smk_flags;	/* smack inode flags */
54 };
55 
56 #define	SMK_INODE_INSTANT	0x01	/* inode is instantiated */
57 
58 /*
59  * A label access rule.
60  */
61 struct smack_rule {
62 	char	*smk_subject;
63 	char	*smk_object;
64 	int	smk_access;
65 };
66 
67 /*
68  * An entry in the table of permitted label accesses.
69  */
70 struct smk_list_entry {
71 	struct smk_list_entry	*smk_next;
72 	struct smack_rule	smk_rule;
73 };
74 
75 /*
76  * An entry in the table mapping smack values to
77  * CIPSO level/category-set values.
78  */
79 struct smack_cipso {
80 	int	smk_level;
81 	char	smk_catset[SMK_LABELLEN];
82 };
83 
84 /*
85  * An entry in the table identifying hosts.
86  */
87 struct smk_netlbladdr {
88 	struct smk_netlbladdr	*smk_next;
89 	struct sockaddr_in	smk_host;	/* network address */
90 	struct in_addr		smk_mask;	/* network mask */
91 	char			*smk_label;	/* label */
92 };
93 
94 /*
95  * This is the repository for labels seen so that it is
96  * not necessary to keep allocating tiny chuncks of memory
97  * and so that they can be shared.
98  *
99  * Labels are never modified in place. Anytime a label
100  * is imported (e.g. xattrset on a file) the list is checked
101  * for it and it is added if it doesn't exist. The address
102  * is passed out in either case. Entries are added, but
103  * never deleted.
104  *
105  * Since labels are hanging around anyway it doesn't
106  * hurt to maintain a secid for those awkward situations
107  * where kernel components that ought to use LSM independent
108  * interfaces don't. The secid should go away when all of
109  * these components have been repaired.
110  *
111  * If there is a cipso value associated with the label it
112  * gets stored here, too. This will most likely be rare as
113  * the cipso direct mapping in used internally.
114  */
115 struct smack_known {
116 	struct smack_known	*smk_next;
117 	char			smk_known[SMK_LABELLEN];
118 	u32			smk_secid;
119 	struct smack_cipso	*smk_cipso;
120 	spinlock_t		smk_cipsolock; /* for changing cipso map */
121 };
122 
123 /*
124  * Mount options
125  */
126 #define SMK_FSDEFAULT	"smackfsdef="
127 #define SMK_FSFLOOR	"smackfsfloor="
128 #define SMK_FSHAT	"smackfshat="
129 #define SMK_FSROOT	"smackfsroot="
130 
131 /*
132  * xattr names
133  */
134 #define XATTR_SMACK_SUFFIX	"SMACK64"
135 #define XATTR_SMACK_IPIN	"SMACK64IPIN"
136 #define XATTR_SMACK_IPOUT	"SMACK64IPOUT"
137 #define XATTR_NAME_SMACK	XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX
138 #define XATTR_NAME_SMACKIPIN	XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN
139 #define XATTR_NAME_SMACKIPOUT	XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT
140 
141 /*
142  * How communications on this socket are treated.
143  * Usually it's determined by the underlying netlabel code
144  * but there are certain cases, including single label hosts
145  * and potentially single label interfaces for which the
146  * treatment can not be known in advance.
147  *
148  * The possibility of additional labeling schemes being
149  * introduced in the future exists as well.
150  */
151 #define SMACK_UNLABELED_SOCKET	0
152 #define SMACK_CIPSO_SOCKET	1
153 
154 /*
155  * smackfs magic number
156  * smackfs macic number
157  */
158 #define SMACK_MAGIC	0x43415d53 /* "SMAC" */
159 
160 /*
161  * A limit on the number of entries in the lists
162  * makes some of the list administration easier.
163  */
164 #define SMACK_LIST_MAX	10000
165 
166 /*
167  * CIPSO defaults.
168  */
169 #define SMACK_CIPSO_DOI_DEFAULT		3	/* Historical */
170 #define SMACK_CIPSO_DOI_INVALID		-1	/* Not a DOI */
171 #define SMACK_CIPSO_DIRECT_DEFAULT	250	/* Arbitrary */
172 #define SMACK_CIPSO_MAXCATVAL		63	/* Bigger gets harder */
173 #define SMACK_CIPSO_MAXLEVEL            255     /* CIPSO 2.2 standard */
174 #define SMACK_CIPSO_MAXCATNUM           239     /* CIPSO 2.2 standard */
175 
176 /*
177  * Just to make the common cases easier to deal with
178  */
179 #define MAY_ANY		(MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC)
180 #define MAY_ANYREAD	(MAY_READ | MAY_EXEC)
181 #define MAY_ANYWRITE	(MAY_WRITE | MAY_APPEND)
182 #define MAY_READWRITE	(MAY_READ | MAY_WRITE)
183 #define MAY_NOT		0
184 
185 /*
186  * These functions are in smack_lsm.c
187  */
188 struct inode_smack *new_inode_smack(char *);
189 
190 /*
191  * These functions are in smack_access.c
192  */
193 int smk_access(char *, char *, int);
194 int smk_curacc(char *, u32);
195 int smack_to_cipso(const char *, struct smack_cipso *);
196 void smack_from_cipso(u32, char *, char *);
197 char *smack_from_secid(const u32);
198 char *smk_import(const char *, int);
199 struct smack_known *smk_import_entry(const char *, int);
200 u32 smack_to_secid(const char *);
201 
202 /*
203  * Shared data.
204  */
205 extern int smack_cipso_direct;
206 extern char *smack_net_ambient;
207 extern char *smack_onlycap;
208 
209 extern struct smack_known *smack_known;
210 extern struct smack_known smack_known_floor;
211 extern struct smack_known smack_known_hat;
212 extern struct smack_known smack_known_huh;
213 extern struct smack_known smack_known_invalid;
214 extern struct smack_known smack_known_star;
215 extern struct smack_known smack_known_web;
216 
217 extern struct smk_list_entry *smack_list;
218 extern struct smk_netlbladdr *smack_netlbladdrs;
219 extern struct security_operations smack_ops;
220 
221 /*
222  * Stricly for CIPSO level manipulation.
223  * Set the category bit number in a smack label sized buffer.
224  */
225 static inline void smack_catset_bit(int cat, char *catsetp)
226 {
227 	if (cat > SMK_LABELLEN * 8)
228 		return;
229 
230 	catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
231 }
232 
233 /*
234  * Present a pointer to the smack label in an inode blob.
235  */
236 static inline char *smk_of_inode(const struct inode *isp)
237 {
238 	struct inode_smack *sip = isp->i_security;
239 	return sip->smk_inode;
240 }
241 
242 #endif  /* _SECURITY_SMACK_H */
243