1 /* 2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, version 2. 7 * 8 * Authors: 9 * Casey Schaufler <casey@schaufler-ca.com> 10 * Ahmed S. Darwish <darwish.07@gmail.com> 11 * 12 * Special thanks to the authors of selinuxfs. 13 * 14 * Karl MacMillan <kmacmillan@tresys.com> 15 * James Morris <jmorris@redhat.com> 16 * 17 */ 18 19 #include <linux/kernel.h> 20 #include <linux/vmalloc.h> 21 #include <linux/security.h> 22 #include <linux/mutex.h> 23 #include <linux/slab.h> 24 #include <net/net_namespace.h> 25 #include <net/cipso_ipv4.h> 26 #include <linux/seq_file.h> 27 #include <linux/ctype.h> 28 #include <linux/audit.h> 29 #include <linux/magic.h> 30 #include "smack.h" 31 32 /* 33 * smackfs pseudo filesystem. 34 */ 35 36 enum smk_inos { 37 SMK_ROOT_INO = 2, 38 SMK_LOAD = 3, /* load policy */ 39 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 40 SMK_DOI = 5, /* CIPSO DOI */ 41 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 42 SMK_AMBIENT = 7, /* internet ambient label */ 43 SMK_NETLBLADDR = 8, /* single label hosts */ 44 SMK_ONLYCAP = 9, /* the only "capable" label */ 45 SMK_LOGGING = 10, /* logging */ 46 SMK_LOAD_SELF = 11, /* task specific rules */ 47 SMK_ACCESSES = 12, /* access policy */ 48 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 49 SMK_LOAD2 = 14, /* load policy with long labels */ 50 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 51 SMK_ACCESS2 = 16, /* make an access check with long labels */ 52 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 53 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 54 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 55 }; 56 57 /* 58 * List locks 59 */ 60 static DEFINE_MUTEX(smack_cipso_lock); 61 static DEFINE_MUTEX(smack_ambient_lock); 62 static DEFINE_MUTEX(smk_netlbladdr_lock); 63 64 /* 65 * This is the "ambient" label for network traffic. 66 * If it isn't somehow marked, use this. 67 * It can be reset via smackfs/ambient 68 */ 69 struct smack_known *smack_net_ambient; 70 71 /* 72 * This is the level in a CIPSO header that indicates a 73 * smack label is contained directly in the category set. 74 * It can be reset via smackfs/direct 75 */ 76 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 77 78 /* 79 * This is the level in a CIPSO header that indicates a 80 * secid is contained directly in the category set. 81 * It can be reset via smackfs/mapped 82 */ 83 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 84 85 /* 86 * Unless a process is running with this label even 87 * having CAP_MAC_OVERRIDE isn't enough to grant 88 * privilege to violate MAC policy. If no label is 89 * designated (the NULL case) capabilities apply to 90 * everyone. It is expected that the hat (^) label 91 * will be used if any label is used. 92 */ 93 char *smack_onlycap; 94 95 /* 96 * Certain IP addresses may be designated as single label hosts. 97 * Packets are sent there unlabeled, but only from tasks that 98 * can write to the specified label. 99 */ 100 101 LIST_HEAD(smk_netlbladdr_list); 102 103 /* 104 * Rule lists are maintained for each label. 105 * This master list is just for reading /smack/load and /smack/load2. 106 */ 107 struct smack_master_list { 108 struct list_head list; 109 struct smack_rule *smk_rule; 110 }; 111 112 LIST_HEAD(smack_rule_list); 113 114 struct smack_parsed_rule { 115 struct smack_known *smk_subject; 116 char *smk_object; 117 int smk_access1; 118 int smk_access2; 119 }; 120 121 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 122 123 const char *smack_cipso_option = SMACK_CIPSO_OPTION; 124 125 /* 126 * Values for parsing cipso rules 127 * SMK_DIGITLEN: Length of a digit field in a rule. 128 * SMK_CIPSOMIN: Minimum possible cipso rule length. 129 * SMK_CIPSOMAX: Maximum possible cipso rule length. 130 */ 131 #define SMK_DIGITLEN 4 132 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 133 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 134 135 /* 136 * Values for parsing MAC rules 137 * SMK_ACCESS: Maximum possible combination of access permissions 138 * SMK_ACCESSLEN: Maximum length for a rule access field 139 * SMK_LOADLEN: Smack rule length 140 */ 141 #define SMK_OACCESS "rwxa" 142 #define SMK_ACCESS "rwxatl" 143 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 144 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 145 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 146 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 147 148 /* 149 * Stricly for CIPSO level manipulation. 150 * Set the category bit number in a smack label sized buffer. 151 */ 152 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 153 { 154 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 155 return; 156 157 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 158 } 159 160 /** 161 * smk_netlabel_audit_set - fill a netlbl_audit struct 162 * @nap: structure to fill 163 */ 164 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 165 { 166 struct smack_known *skp = smk_of_current(); 167 168 nap->loginuid = audit_get_loginuid(current); 169 nap->sessionid = audit_get_sessionid(current); 170 nap->secid = skp->smk_secid; 171 } 172 173 /* 174 * Value for parsing single label host rules 175 * "1.2.3.4 X" 176 */ 177 #define SMK_NETLBLADDRMIN 9 178 179 /** 180 * smk_set_access - add a rule to the rule list or replace an old rule 181 * @srp: the rule to add or replace 182 * @rule_list: the list of rules 183 * @rule_lock: the rule list lock 184 * @global: if non-zero, indicates a global rule 185 * 186 * Looks through the current subject/object/access list for 187 * the subject/object pair and replaces the access that was 188 * there. If the pair isn't found add it with the specified 189 * access. 190 * 191 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 192 * during the allocation of the new pair to add. 193 */ 194 static int smk_set_access(struct smack_parsed_rule *srp, 195 struct list_head *rule_list, 196 struct mutex *rule_lock, int global) 197 { 198 struct smack_rule *sp; 199 struct smack_master_list *smlp; 200 int found = 0; 201 int rc = 0; 202 203 mutex_lock(rule_lock); 204 205 /* 206 * Because the object label is less likely to match 207 * than the subject label check it first 208 */ 209 list_for_each_entry_rcu(sp, rule_list, list) { 210 if (sp->smk_object == srp->smk_object && 211 sp->smk_subject == srp->smk_subject) { 212 found = 1; 213 sp->smk_access |= srp->smk_access1; 214 sp->smk_access &= ~srp->smk_access2; 215 break; 216 } 217 } 218 219 if (found == 0) { 220 sp = kzalloc(sizeof(*sp), GFP_KERNEL); 221 if (sp == NULL) { 222 rc = -ENOMEM; 223 goto out; 224 } 225 226 sp->smk_subject = srp->smk_subject; 227 sp->smk_object = srp->smk_object; 228 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 229 230 list_add_rcu(&sp->list, rule_list); 231 /* 232 * If this is a global as opposed to self and a new rule 233 * it needs to get added for reporting. 234 */ 235 if (global) { 236 smlp = kzalloc(sizeof(*smlp), GFP_KERNEL); 237 if (smlp != NULL) { 238 smlp->smk_rule = sp; 239 list_add_rcu(&smlp->list, &smack_rule_list); 240 } else 241 rc = -ENOMEM; 242 } 243 } 244 245 out: 246 mutex_unlock(rule_lock); 247 return rc; 248 } 249 250 /** 251 * smk_perm_from_str - parse smack accesses from a text string 252 * @string: a text string that contains a Smack accesses code 253 * 254 * Returns an integer with respective bits set for specified accesses. 255 */ 256 static int smk_perm_from_str(const char *string) 257 { 258 int perm = 0; 259 const char *cp; 260 261 for (cp = string; ; cp++) 262 switch (*cp) { 263 case '-': 264 break; 265 case 'r': 266 case 'R': 267 perm |= MAY_READ; 268 break; 269 case 'w': 270 case 'W': 271 perm |= MAY_WRITE; 272 break; 273 case 'x': 274 case 'X': 275 perm |= MAY_EXEC; 276 break; 277 case 'a': 278 case 'A': 279 perm |= MAY_APPEND; 280 break; 281 case 't': 282 case 'T': 283 perm |= MAY_TRANSMUTE; 284 break; 285 case 'l': 286 case 'L': 287 perm |= MAY_LOCK; 288 break; 289 default: 290 return perm; 291 } 292 } 293 294 /** 295 * smk_fill_rule - Fill Smack rule from strings 296 * @subject: subject label string 297 * @object: object label string 298 * @access1: access string 299 * @access2: string with permissions to be removed 300 * @rule: Smack rule 301 * @import: if non-zero, import labels 302 * @len: label length limit 303 * 304 * Returns 0 on success, -1 on failure 305 */ 306 static int smk_fill_rule(const char *subject, const char *object, 307 const char *access1, const char *access2, 308 struct smack_parsed_rule *rule, int import, 309 int len) 310 { 311 const char *cp; 312 struct smack_known *skp; 313 314 if (import) { 315 rule->smk_subject = smk_import_entry(subject, len); 316 if (rule->smk_subject == NULL) 317 return -1; 318 319 rule->smk_object = smk_import(object, len); 320 if (rule->smk_object == NULL) 321 return -1; 322 } else { 323 cp = smk_parse_smack(subject, len); 324 if (cp == NULL) 325 return -1; 326 skp = smk_find_entry(cp); 327 kfree(cp); 328 if (skp == NULL) 329 return -1; 330 rule->smk_subject = skp; 331 332 cp = smk_parse_smack(object, len); 333 if (cp == NULL) 334 return -1; 335 skp = smk_find_entry(cp); 336 kfree(cp); 337 if (skp == NULL) 338 return -1; 339 rule->smk_object = skp->smk_known; 340 } 341 342 rule->smk_access1 = smk_perm_from_str(access1); 343 if (access2) 344 rule->smk_access2 = smk_perm_from_str(access2); 345 else 346 rule->smk_access2 = ~rule->smk_access1; 347 348 return 0; 349 } 350 351 /** 352 * smk_parse_rule - parse Smack rule from load string 353 * @data: string to be parsed whose size is SMK_LOADLEN 354 * @rule: Smack rule 355 * @import: if non-zero, import labels 356 * 357 * Returns 0 on success, -1 on errors. 358 */ 359 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 360 int import) 361 { 362 int rc; 363 364 rc = smk_fill_rule(data, data + SMK_LABELLEN, 365 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 366 import, SMK_LABELLEN); 367 return rc; 368 } 369 370 /** 371 * smk_parse_long_rule - parse Smack rule from rule string 372 * @data: string to be parsed, null terminated 373 * @rule: Will be filled with Smack parsed rule 374 * @import: if non-zero, import labels 375 * @tokens: numer of substrings expected in data 376 * 377 * Returns number of processed bytes on success, -1 on failure. 378 */ 379 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 380 int import, int tokens) 381 { 382 ssize_t cnt = 0; 383 char *tok[4]; 384 int i; 385 386 /* 387 * Parsing the rule in-place, filling all white-spaces with '\0' 388 */ 389 for (i = 0; i < tokens; ++i) { 390 while (isspace(data[cnt])) 391 data[cnt++] = '\0'; 392 393 if (data[cnt] == '\0') 394 /* Unexpected end of data */ 395 return -1; 396 397 tok[i] = data + cnt; 398 399 while (data[cnt] && !isspace(data[cnt])) 400 ++cnt; 401 } 402 while (isspace(data[cnt])) 403 data[cnt++] = '\0'; 404 405 while (i < 4) 406 tok[i++] = NULL; 407 408 if (smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0)) 409 return -1; 410 411 return cnt; 412 } 413 414 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 415 #define SMK_LONG_FMT 1 /* Variable long label format */ 416 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 417 /** 418 * smk_write_rules_list - write() for any /smack rule file 419 * @file: file pointer, not actually used 420 * @buf: where to get the data from 421 * @count: bytes sent 422 * @ppos: where to start - must be 0 423 * @rule_list: the list of rules to write to 424 * @rule_lock: lock for the rule list 425 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 426 * 427 * Get one smack access rule from above. 428 * The format for SMK_LONG_FMT is: 429 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 430 * The format for SMK_FIXED24_FMT is exactly: 431 * "subject object rwxat" 432 * The format for SMK_CHANGE_FMT is: 433 * "subject<whitespace>object<whitespace> 434 * acc_enable<whitespace>acc_disable[<whitespace>...]" 435 */ 436 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 437 size_t count, loff_t *ppos, 438 struct list_head *rule_list, 439 struct mutex *rule_lock, int format) 440 { 441 struct smack_parsed_rule rule; 442 char *data; 443 int rc; 444 int trunc = 0; 445 int tokens; 446 ssize_t cnt = 0; 447 448 /* 449 * No partial writes. 450 * Enough data must be present. 451 */ 452 if (*ppos != 0) 453 return -EINVAL; 454 455 if (format == SMK_FIXED24_FMT) { 456 /* 457 * Minor hack for backward compatibility 458 */ 459 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 460 return -EINVAL; 461 } else { 462 if (count >= PAGE_SIZE) { 463 count = PAGE_SIZE - 1; 464 trunc = 1; 465 } 466 } 467 468 data = kmalloc(count + 1, GFP_KERNEL); 469 if (data == NULL) 470 return -ENOMEM; 471 472 if (copy_from_user(data, buf, count) != 0) { 473 rc = -EFAULT; 474 goto out; 475 } 476 477 /* 478 * In case of parsing only part of user buf, 479 * avoid having partial rule at the data buffer 480 */ 481 if (trunc) { 482 while (count > 0 && (data[count - 1] != '\n')) 483 --count; 484 if (count == 0) { 485 rc = -EINVAL; 486 goto out; 487 } 488 } 489 490 data[count] = '\0'; 491 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 492 while (cnt < count) { 493 if (format == SMK_FIXED24_FMT) { 494 rc = smk_parse_rule(data, &rule, 1); 495 if (rc != 0) { 496 rc = -EINVAL; 497 goto out; 498 } 499 cnt = count; 500 } else { 501 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 502 if (rc <= 0) { 503 rc = -EINVAL; 504 goto out; 505 } 506 cnt += rc; 507 } 508 509 if (rule_list == NULL) 510 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 511 &rule.smk_subject->smk_rules_lock, 1); 512 else 513 rc = smk_set_access(&rule, rule_list, rule_lock, 0); 514 515 if (rc) 516 goto out; 517 } 518 519 rc = cnt; 520 out: 521 kfree(data); 522 return rc; 523 } 524 525 /* 526 * Core logic for smackfs seq list operations. 527 */ 528 529 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 530 struct list_head *head) 531 { 532 struct list_head *list; 533 534 /* 535 * This is 0 the first time through. 536 */ 537 if (s->index == 0) 538 s->private = head; 539 540 if (s->private == NULL) 541 return NULL; 542 543 list = s->private; 544 if (list_empty(list)) 545 return NULL; 546 547 if (s->index == 0) 548 return list->next; 549 return list; 550 } 551 552 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 553 struct list_head *head) 554 { 555 struct list_head *list = v; 556 557 if (list_is_last(list, head)) { 558 s->private = NULL; 559 return NULL; 560 } 561 s->private = list->next; 562 return list->next; 563 } 564 565 static void smk_seq_stop(struct seq_file *s, void *v) 566 { 567 /* No-op */ 568 } 569 570 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 571 { 572 /* 573 * Don't show any rules with label names too long for 574 * interface file (/smack/load or /smack/load2) 575 * because you should expect to be able to write 576 * anything you read back. 577 */ 578 if (strlen(srp->smk_subject->smk_known) >= max || 579 strlen(srp->smk_object) >= max) 580 return; 581 582 if (srp->smk_access == 0) 583 return; 584 585 seq_printf(s, "%s %s", srp->smk_subject->smk_known, srp->smk_object); 586 587 seq_putc(s, ' '); 588 589 if (srp->smk_access & MAY_READ) 590 seq_putc(s, 'r'); 591 if (srp->smk_access & MAY_WRITE) 592 seq_putc(s, 'w'); 593 if (srp->smk_access & MAY_EXEC) 594 seq_putc(s, 'x'); 595 if (srp->smk_access & MAY_APPEND) 596 seq_putc(s, 'a'); 597 if (srp->smk_access & MAY_TRANSMUTE) 598 seq_putc(s, 't'); 599 if (srp->smk_access & MAY_LOCK) 600 seq_putc(s, 'l'); 601 602 seq_putc(s, '\n'); 603 } 604 605 /* 606 * Seq_file read operations for /smack/load 607 */ 608 609 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 610 { 611 return smk_seq_start(s, pos, &smack_rule_list); 612 } 613 614 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 615 { 616 return smk_seq_next(s, v, pos, &smack_rule_list); 617 } 618 619 static int load_seq_show(struct seq_file *s, void *v) 620 { 621 struct list_head *list = v; 622 struct smack_master_list *smlp = 623 list_entry(list, struct smack_master_list, list); 624 625 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN); 626 627 return 0; 628 } 629 630 static const struct seq_operations load_seq_ops = { 631 .start = load2_seq_start, 632 .next = load2_seq_next, 633 .show = load_seq_show, 634 .stop = smk_seq_stop, 635 }; 636 637 /** 638 * smk_open_load - open() for /smack/load 639 * @inode: inode structure representing file 640 * @file: "load" file pointer 641 * 642 * For reading, use load_seq_* seq_file reading operations. 643 */ 644 static int smk_open_load(struct inode *inode, struct file *file) 645 { 646 return seq_open(file, &load_seq_ops); 647 } 648 649 /** 650 * smk_write_load - write() for /smack/load 651 * @file: file pointer, not actually used 652 * @buf: where to get the data from 653 * @count: bytes sent 654 * @ppos: where to start - must be 0 655 * 656 */ 657 static ssize_t smk_write_load(struct file *file, const char __user *buf, 658 size_t count, loff_t *ppos) 659 { 660 /* 661 * Must have privilege. 662 * No partial writes. 663 * Enough data must be present. 664 */ 665 if (!smack_privileged(CAP_MAC_ADMIN)) 666 return -EPERM; 667 668 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 669 SMK_FIXED24_FMT); 670 } 671 672 static const struct file_operations smk_load_ops = { 673 .open = smk_open_load, 674 .read = seq_read, 675 .llseek = seq_lseek, 676 .write = smk_write_load, 677 .release = seq_release, 678 }; 679 680 /** 681 * smk_cipso_doi - initialize the CIPSO domain 682 */ 683 static void smk_cipso_doi(void) 684 { 685 int rc; 686 struct cipso_v4_doi *doip; 687 struct netlbl_audit nai; 688 689 smk_netlabel_audit_set(&nai); 690 691 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 692 if (rc != 0) 693 printk(KERN_WARNING "%s:%d remove rc = %d\n", 694 __func__, __LINE__, rc); 695 696 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL); 697 if (doip == NULL) 698 panic("smack: Failed to initialize cipso DOI.\n"); 699 doip->map.std = NULL; 700 doip->doi = smk_cipso_doi_value; 701 doip->type = CIPSO_V4_MAP_PASS; 702 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 703 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 704 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 705 706 rc = netlbl_cfg_cipsov4_add(doip, &nai); 707 if (rc != 0) { 708 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 709 __func__, __LINE__, rc); 710 kfree(doip); 711 return; 712 } 713 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 714 if (rc != 0) { 715 printk(KERN_WARNING "%s:%d map add rc = %d\n", 716 __func__, __LINE__, rc); 717 kfree(doip); 718 return; 719 } 720 } 721 722 /** 723 * smk_unlbl_ambient - initialize the unlabeled domain 724 * @oldambient: previous domain string 725 */ 726 static void smk_unlbl_ambient(char *oldambient) 727 { 728 int rc; 729 struct netlbl_audit nai; 730 731 smk_netlabel_audit_set(&nai); 732 733 if (oldambient != NULL) { 734 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 735 if (rc != 0) 736 printk(KERN_WARNING "%s:%d remove rc = %d\n", 737 __func__, __LINE__, rc); 738 } 739 if (smack_net_ambient == NULL) 740 smack_net_ambient = &smack_known_floor; 741 742 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 743 NULL, NULL, &nai); 744 if (rc != 0) 745 printk(KERN_WARNING "%s:%d add rc = %d\n", 746 __func__, __LINE__, rc); 747 } 748 749 /* 750 * Seq_file read operations for /smack/cipso 751 */ 752 753 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 754 { 755 return smk_seq_start(s, pos, &smack_known_list); 756 } 757 758 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 759 { 760 return smk_seq_next(s, v, pos, &smack_known_list); 761 } 762 763 /* 764 * Print cipso labels in format: 765 * label level[/cat[,cat]] 766 */ 767 static int cipso_seq_show(struct seq_file *s, void *v) 768 { 769 struct list_head *list = v; 770 struct smack_known *skp = 771 list_entry(list, struct smack_known, list); 772 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 773 char sep = '/'; 774 int i; 775 776 /* 777 * Don't show a label that could not have been set using 778 * /smack/cipso. This is in support of the notion that 779 * anything read from /smack/cipso ought to be writeable 780 * to /smack/cipso. 781 * 782 * /smack/cipso2 should be used instead. 783 */ 784 if (strlen(skp->smk_known) >= SMK_LABELLEN) 785 return 0; 786 787 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 788 789 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0; 790 i = netlbl_secattr_catmap_walk(cmp, i + 1)) { 791 seq_printf(s, "%c%d", sep, i); 792 sep = ','; 793 } 794 795 seq_putc(s, '\n'); 796 797 return 0; 798 } 799 800 static const struct seq_operations cipso_seq_ops = { 801 .start = cipso_seq_start, 802 .next = cipso_seq_next, 803 .show = cipso_seq_show, 804 .stop = smk_seq_stop, 805 }; 806 807 /** 808 * smk_open_cipso - open() for /smack/cipso 809 * @inode: inode structure representing file 810 * @file: "cipso" file pointer 811 * 812 * Connect our cipso_seq_* operations with /smack/cipso 813 * file_operations 814 */ 815 static int smk_open_cipso(struct inode *inode, struct file *file) 816 { 817 return seq_open(file, &cipso_seq_ops); 818 } 819 820 /** 821 * smk_set_cipso - do the work for write() for cipso and cipso2 822 * @file: file pointer, not actually used 823 * @buf: where to get the data from 824 * @count: bytes sent 825 * @ppos: where to start 826 * @format: /smack/cipso or /smack/cipso2 827 * 828 * Accepts only one cipso rule per write call. 829 * Returns number of bytes written or error code, as appropriate 830 */ 831 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 832 size_t count, loff_t *ppos, int format) 833 { 834 struct smack_known *skp; 835 struct netlbl_lsm_secattr ncats; 836 char mapcatset[SMK_CIPSOLEN]; 837 int maplevel; 838 unsigned int cat; 839 int catlen; 840 ssize_t rc = -EINVAL; 841 char *data = NULL; 842 char *rule; 843 int ret; 844 int i; 845 846 /* 847 * Must have privilege. 848 * No partial writes. 849 * Enough data must be present. 850 */ 851 if (!smack_privileged(CAP_MAC_ADMIN)) 852 return -EPERM; 853 if (*ppos != 0) 854 return -EINVAL; 855 if (format == SMK_FIXED24_FMT && 856 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 857 return -EINVAL; 858 859 data = kzalloc(count + 1, GFP_KERNEL); 860 if (data == NULL) 861 return -ENOMEM; 862 863 if (copy_from_user(data, buf, count) != 0) { 864 rc = -EFAULT; 865 goto unlockedout; 866 } 867 868 data[count] = '\0'; 869 rule = data; 870 /* 871 * Only allow one writer at a time. Writes should be 872 * quite rare and small in any case. 873 */ 874 mutex_lock(&smack_cipso_lock); 875 876 skp = smk_import_entry(rule, 0); 877 if (skp == NULL) 878 goto out; 879 880 if (format == SMK_FIXED24_FMT) 881 rule += SMK_LABELLEN; 882 else 883 rule += strlen(skp->smk_known) + 1; 884 885 ret = sscanf(rule, "%d", &maplevel); 886 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL) 887 goto out; 888 889 rule += SMK_DIGITLEN; 890 ret = sscanf(rule, "%d", &catlen); 891 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM) 892 goto out; 893 894 if (format == SMK_FIXED24_FMT && 895 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 896 goto out; 897 898 memset(mapcatset, 0, sizeof(mapcatset)); 899 900 for (i = 0; i < catlen; i++) { 901 rule += SMK_DIGITLEN; 902 ret = sscanf(rule, "%u", &cat); 903 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 904 goto out; 905 906 smack_catset_bit(cat, mapcatset); 907 } 908 909 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 910 if (rc >= 0) { 911 netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat); 912 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat; 913 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 914 rc = count; 915 } 916 917 out: 918 mutex_unlock(&smack_cipso_lock); 919 unlockedout: 920 kfree(data); 921 return rc; 922 } 923 924 /** 925 * smk_write_cipso - write() for /smack/cipso 926 * @file: file pointer, not actually used 927 * @buf: where to get the data from 928 * @count: bytes sent 929 * @ppos: where to start 930 * 931 * Accepts only one cipso rule per write call. 932 * Returns number of bytes written or error code, as appropriate 933 */ 934 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 935 size_t count, loff_t *ppos) 936 { 937 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 938 } 939 940 static const struct file_operations smk_cipso_ops = { 941 .open = smk_open_cipso, 942 .read = seq_read, 943 .llseek = seq_lseek, 944 .write = smk_write_cipso, 945 .release = seq_release, 946 }; 947 948 /* 949 * Seq_file read operations for /smack/cipso2 950 */ 951 952 /* 953 * Print cipso labels in format: 954 * label level[/cat[,cat]] 955 */ 956 static int cipso2_seq_show(struct seq_file *s, void *v) 957 { 958 struct list_head *list = v; 959 struct smack_known *skp = 960 list_entry(list, struct smack_known, list); 961 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 962 char sep = '/'; 963 int i; 964 965 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 966 967 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0; 968 i = netlbl_secattr_catmap_walk(cmp, i + 1)) { 969 seq_printf(s, "%c%d", sep, i); 970 sep = ','; 971 } 972 973 seq_putc(s, '\n'); 974 975 return 0; 976 } 977 978 static const struct seq_operations cipso2_seq_ops = { 979 .start = cipso_seq_start, 980 .next = cipso_seq_next, 981 .show = cipso2_seq_show, 982 .stop = smk_seq_stop, 983 }; 984 985 /** 986 * smk_open_cipso2 - open() for /smack/cipso2 987 * @inode: inode structure representing file 988 * @file: "cipso2" file pointer 989 * 990 * Connect our cipso_seq_* operations with /smack/cipso2 991 * file_operations 992 */ 993 static int smk_open_cipso2(struct inode *inode, struct file *file) 994 { 995 return seq_open(file, &cipso2_seq_ops); 996 } 997 998 /** 999 * smk_write_cipso2 - write() for /smack/cipso2 1000 * @file: file pointer, not actually used 1001 * @buf: where to get the data from 1002 * @count: bytes sent 1003 * @ppos: where to start 1004 * 1005 * Accepts only one cipso rule per write call. 1006 * Returns number of bytes written or error code, as appropriate 1007 */ 1008 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1009 size_t count, loff_t *ppos) 1010 { 1011 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1012 } 1013 1014 static const struct file_operations smk_cipso2_ops = { 1015 .open = smk_open_cipso2, 1016 .read = seq_read, 1017 .llseek = seq_lseek, 1018 .write = smk_write_cipso2, 1019 .release = seq_release, 1020 }; 1021 1022 /* 1023 * Seq_file read operations for /smack/netlabel 1024 */ 1025 1026 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos) 1027 { 1028 return smk_seq_start(s, pos, &smk_netlbladdr_list); 1029 } 1030 1031 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1032 { 1033 return smk_seq_next(s, v, pos, &smk_netlbladdr_list); 1034 } 1035 #define BEBITS (sizeof(__be32) * 8) 1036 1037 /* 1038 * Print host/label pairs 1039 */ 1040 static int netlbladdr_seq_show(struct seq_file *s, void *v) 1041 { 1042 struct list_head *list = v; 1043 struct smk_netlbladdr *skp = 1044 list_entry(list, struct smk_netlbladdr, list); 1045 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr; 1046 int maskn; 1047 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr); 1048 1049 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++); 1050 1051 seq_printf(s, "%u.%u.%u.%u/%d %s\n", 1052 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label); 1053 1054 return 0; 1055 } 1056 1057 static const struct seq_operations netlbladdr_seq_ops = { 1058 .start = netlbladdr_seq_start, 1059 .next = netlbladdr_seq_next, 1060 .show = netlbladdr_seq_show, 1061 .stop = smk_seq_stop, 1062 }; 1063 1064 /** 1065 * smk_open_netlbladdr - open() for /smack/netlabel 1066 * @inode: inode structure representing file 1067 * @file: "netlabel" file pointer 1068 * 1069 * Connect our netlbladdr_seq_* operations with /smack/netlabel 1070 * file_operations 1071 */ 1072 static int smk_open_netlbladdr(struct inode *inode, struct file *file) 1073 { 1074 return seq_open(file, &netlbladdr_seq_ops); 1075 } 1076 1077 /** 1078 * smk_netlbladdr_insert 1079 * @new : netlabel to insert 1080 * 1081 * This helper insert netlabel in the smack_netlbladdrs list 1082 * sorted by netmask length (longest to smallest) 1083 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr 1084 * 1085 */ 1086 static void smk_netlbladdr_insert(struct smk_netlbladdr *new) 1087 { 1088 struct smk_netlbladdr *m, *m_next; 1089 1090 if (list_empty(&smk_netlbladdr_list)) { 1091 list_add_rcu(&new->list, &smk_netlbladdr_list); 1092 return; 1093 } 1094 1095 m = list_entry_rcu(smk_netlbladdr_list.next, 1096 struct smk_netlbladdr, list); 1097 1098 /* the comparison '>' is a bit hacky, but works */ 1099 if (new->smk_mask.s_addr > m->smk_mask.s_addr) { 1100 list_add_rcu(&new->list, &smk_netlbladdr_list); 1101 return; 1102 } 1103 1104 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) { 1105 if (list_is_last(&m->list, &smk_netlbladdr_list)) { 1106 list_add_rcu(&new->list, &m->list); 1107 return; 1108 } 1109 m_next = list_entry_rcu(m->list.next, 1110 struct smk_netlbladdr, list); 1111 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) { 1112 list_add_rcu(&new->list, &m->list); 1113 return; 1114 } 1115 } 1116 } 1117 1118 1119 /** 1120 * smk_write_netlbladdr - write() for /smack/netlabel 1121 * @file: file pointer, not actually used 1122 * @buf: where to get the data from 1123 * @count: bytes sent 1124 * @ppos: where to start 1125 * 1126 * Accepts only one netlbladdr per write call. 1127 * Returns number of bytes written or error code, as appropriate 1128 */ 1129 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf, 1130 size_t count, loff_t *ppos) 1131 { 1132 struct smk_netlbladdr *skp; 1133 struct sockaddr_in newname; 1134 char *smack; 1135 char *sp; 1136 char *data; 1137 char *host = (char *)&newname.sin_addr.s_addr; 1138 int rc; 1139 struct netlbl_audit audit_info; 1140 struct in_addr mask; 1141 unsigned int m; 1142 int found; 1143 u32 mask_bits = (1<<31); 1144 __be32 nsa; 1145 u32 temp_mask; 1146 1147 /* 1148 * Must have privilege. 1149 * No partial writes. 1150 * Enough data must be present. 1151 * "<addr/mask, as a.b.c.d/e><space><label>" 1152 * "<addr, as a.b.c.d><space><label>" 1153 */ 1154 if (!smack_privileged(CAP_MAC_ADMIN)) 1155 return -EPERM; 1156 if (*ppos != 0) 1157 return -EINVAL; 1158 if (count < SMK_NETLBLADDRMIN) 1159 return -EINVAL; 1160 1161 data = kzalloc(count + 1, GFP_KERNEL); 1162 if (data == NULL) 1163 return -ENOMEM; 1164 1165 if (copy_from_user(data, buf, count) != 0) { 1166 rc = -EFAULT; 1167 goto free_data_out; 1168 } 1169 1170 smack = kzalloc(count + 1, GFP_KERNEL); 1171 if (smack == NULL) { 1172 rc = -ENOMEM; 1173 goto free_data_out; 1174 } 1175 1176 data[count] = '\0'; 1177 1178 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s", 1179 &host[0], &host[1], &host[2], &host[3], &m, smack); 1180 if (rc != 6) { 1181 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1182 &host[0], &host[1], &host[2], &host[3], smack); 1183 if (rc != 5) { 1184 rc = -EINVAL; 1185 goto free_out; 1186 } 1187 m = BEBITS; 1188 } 1189 if (m > BEBITS) { 1190 rc = -EINVAL; 1191 goto free_out; 1192 } 1193 1194 /* 1195 * If smack begins with '-', it is an option, don't import it 1196 */ 1197 if (smack[0] != '-') { 1198 sp = smk_import(smack, 0); 1199 if (sp == NULL) { 1200 rc = -EINVAL; 1201 goto free_out; 1202 } 1203 } else { 1204 /* check known options */ 1205 if (strcmp(smack, smack_cipso_option) == 0) 1206 sp = (char *)smack_cipso_option; 1207 else { 1208 rc = -EINVAL; 1209 goto free_out; 1210 } 1211 } 1212 1213 for (temp_mask = 0; m > 0; m--) { 1214 temp_mask |= mask_bits; 1215 mask_bits >>= 1; 1216 } 1217 mask.s_addr = cpu_to_be32(temp_mask); 1218 1219 newname.sin_addr.s_addr &= mask.s_addr; 1220 /* 1221 * Only allow one writer at a time. Writes should be 1222 * quite rare and small in any case. 1223 */ 1224 mutex_lock(&smk_netlbladdr_lock); 1225 1226 nsa = newname.sin_addr.s_addr; 1227 /* try to find if the prefix is already in the list */ 1228 found = 0; 1229 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) { 1230 if (skp->smk_host.sin_addr.s_addr == nsa && 1231 skp->smk_mask.s_addr == mask.s_addr) { 1232 found = 1; 1233 break; 1234 } 1235 } 1236 smk_netlabel_audit_set(&audit_info); 1237 1238 if (found == 0) { 1239 skp = kzalloc(sizeof(*skp), GFP_KERNEL); 1240 if (skp == NULL) 1241 rc = -ENOMEM; 1242 else { 1243 rc = 0; 1244 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr; 1245 skp->smk_mask.s_addr = mask.s_addr; 1246 skp->smk_label = sp; 1247 smk_netlbladdr_insert(skp); 1248 } 1249 } else { 1250 /* we delete the unlabeled entry, only if the previous label 1251 * wasn't the special CIPSO option */ 1252 if (skp->smk_label != smack_cipso_option) 1253 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1254 &skp->smk_host.sin_addr, &skp->smk_mask, 1255 PF_INET, &audit_info); 1256 else 1257 rc = 0; 1258 skp->smk_label = sp; 1259 } 1260 1261 /* 1262 * Now tell netlabel about the single label nature of 1263 * this host so that incoming packets get labeled. 1264 * but only if we didn't get the special CIPSO option 1265 */ 1266 if (rc == 0 && sp != smack_cipso_option) 1267 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1268 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET, 1269 smack_to_secid(skp->smk_label), &audit_info); 1270 1271 if (rc == 0) 1272 rc = count; 1273 1274 mutex_unlock(&smk_netlbladdr_lock); 1275 1276 free_out: 1277 kfree(smack); 1278 free_data_out: 1279 kfree(data); 1280 1281 return rc; 1282 } 1283 1284 static const struct file_operations smk_netlbladdr_ops = { 1285 .open = smk_open_netlbladdr, 1286 .read = seq_read, 1287 .llseek = seq_lseek, 1288 .write = smk_write_netlbladdr, 1289 .release = seq_release, 1290 }; 1291 1292 /** 1293 * smk_read_doi - read() for /smack/doi 1294 * @filp: file pointer, not actually used 1295 * @buf: where to put the result 1296 * @count: maximum to send along 1297 * @ppos: where to start 1298 * 1299 * Returns number of bytes read or error code, as appropriate 1300 */ 1301 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1302 size_t count, loff_t *ppos) 1303 { 1304 char temp[80]; 1305 ssize_t rc; 1306 1307 if (*ppos != 0) 1308 return 0; 1309 1310 sprintf(temp, "%d", smk_cipso_doi_value); 1311 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1312 1313 return rc; 1314 } 1315 1316 /** 1317 * smk_write_doi - write() for /smack/doi 1318 * @file: file pointer, not actually used 1319 * @buf: where to get the data from 1320 * @count: bytes sent 1321 * @ppos: where to start 1322 * 1323 * Returns number of bytes written or error code, as appropriate 1324 */ 1325 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1326 size_t count, loff_t *ppos) 1327 { 1328 char temp[80]; 1329 int i; 1330 1331 if (!smack_privileged(CAP_MAC_ADMIN)) 1332 return -EPERM; 1333 1334 if (count >= sizeof(temp) || count == 0) 1335 return -EINVAL; 1336 1337 if (copy_from_user(temp, buf, count) != 0) 1338 return -EFAULT; 1339 1340 temp[count] = '\0'; 1341 1342 if (sscanf(temp, "%d", &i) != 1) 1343 return -EINVAL; 1344 1345 smk_cipso_doi_value = i; 1346 1347 smk_cipso_doi(); 1348 1349 return count; 1350 } 1351 1352 static const struct file_operations smk_doi_ops = { 1353 .read = smk_read_doi, 1354 .write = smk_write_doi, 1355 .llseek = default_llseek, 1356 }; 1357 1358 /** 1359 * smk_read_direct - read() for /smack/direct 1360 * @filp: file pointer, not actually used 1361 * @buf: where to put the result 1362 * @count: maximum to send along 1363 * @ppos: where to start 1364 * 1365 * Returns number of bytes read or error code, as appropriate 1366 */ 1367 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1368 size_t count, loff_t *ppos) 1369 { 1370 char temp[80]; 1371 ssize_t rc; 1372 1373 if (*ppos != 0) 1374 return 0; 1375 1376 sprintf(temp, "%d", smack_cipso_direct); 1377 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1378 1379 return rc; 1380 } 1381 1382 /** 1383 * smk_write_direct - write() for /smack/direct 1384 * @file: file pointer, not actually used 1385 * @buf: where to get the data from 1386 * @count: bytes sent 1387 * @ppos: where to start 1388 * 1389 * Returns number of bytes written or error code, as appropriate 1390 */ 1391 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1392 size_t count, loff_t *ppos) 1393 { 1394 struct smack_known *skp; 1395 char temp[80]; 1396 int i; 1397 1398 if (!smack_privileged(CAP_MAC_ADMIN)) 1399 return -EPERM; 1400 1401 if (count >= sizeof(temp) || count == 0) 1402 return -EINVAL; 1403 1404 if (copy_from_user(temp, buf, count) != 0) 1405 return -EFAULT; 1406 1407 temp[count] = '\0'; 1408 1409 if (sscanf(temp, "%d", &i) != 1) 1410 return -EINVAL; 1411 1412 /* 1413 * Don't do anything if the value hasn't actually changed. 1414 * If it is changing reset the level on entries that were 1415 * set up to be direct when they were created. 1416 */ 1417 if (smack_cipso_direct != i) { 1418 mutex_lock(&smack_known_lock); 1419 list_for_each_entry_rcu(skp, &smack_known_list, list) 1420 if (skp->smk_netlabel.attr.mls.lvl == 1421 smack_cipso_direct) 1422 skp->smk_netlabel.attr.mls.lvl = i; 1423 smack_cipso_direct = i; 1424 mutex_unlock(&smack_known_lock); 1425 } 1426 1427 return count; 1428 } 1429 1430 static const struct file_operations smk_direct_ops = { 1431 .read = smk_read_direct, 1432 .write = smk_write_direct, 1433 .llseek = default_llseek, 1434 }; 1435 1436 /** 1437 * smk_read_mapped - read() for /smack/mapped 1438 * @filp: file pointer, not actually used 1439 * @buf: where to put the result 1440 * @count: maximum to send along 1441 * @ppos: where to start 1442 * 1443 * Returns number of bytes read or error code, as appropriate 1444 */ 1445 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1446 size_t count, loff_t *ppos) 1447 { 1448 char temp[80]; 1449 ssize_t rc; 1450 1451 if (*ppos != 0) 1452 return 0; 1453 1454 sprintf(temp, "%d", smack_cipso_mapped); 1455 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1456 1457 return rc; 1458 } 1459 1460 /** 1461 * smk_write_mapped - write() for /smack/mapped 1462 * @file: file pointer, not actually used 1463 * @buf: where to get the data from 1464 * @count: bytes sent 1465 * @ppos: where to start 1466 * 1467 * Returns number of bytes written or error code, as appropriate 1468 */ 1469 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1470 size_t count, loff_t *ppos) 1471 { 1472 struct smack_known *skp; 1473 char temp[80]; 1474 int i; 1475 1476 if (!smack_privileged(CAP_MAC_ADMIN)) 1477 return -EPERM; 1478 1479 if (count >= sizeof(temp) || count == 0) 1480 return -EINVAL; 1481 1482 if (copy_from_user(temp, buf, count) != 0) 1483 return -EFAULT; 1484 1485 temp[count] = '\0'; 1486 1487 if (sscanf(temp, "%d", &i) != 1) 1488 return -EINVAL; 1489 1490 /* 1491 * Don't do anything if the value hasn't actually changed. 1492 * If it is changing reset the level on entries that were 1493 * set up to be mapped when they were created. 1494 */ 1495 if (smack_cipso_mapped != i) { 1496 mutex_lock(&smack_known_lock); 1497 list_for_each_entry_rcu(skp, &smack_known_list, list) 1498 if (skp->smk_netlabel.attr.mls.lvl == 1499 smack_cipso_mapped) 1500 skp->smk_netlabel.attr.mls.lvl = i; 1501 smack_cipso_mapped = i; 1502 mutex_unlock(&smack_known_lock); 1503 } 1504 1505 return count; 1506 } 1507 1508 static const struct file_operations smk_mapped_ops = { 1509 .read = smk_read_mapped, 1510 .write = smk_write_mapped, 1511 .llseek = default_llseek, 1512 }; 1513 1514 /** 1515 * smk_read_ambient - read() for /smack/ambient 1516 * @filp: file pointer, not actually used 1517 * @buf: where to put the result 1518 * @cn: maximum to send along 1519 * @ppos: where to start 1520 * 1521 * Returns number of bytes read or error code, as appropriate 1522 */ 1523 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1524 size_t cn, loff_t *ppos) 1525 { 1526 ssize_t rc; 1527 int asize; 1528 1529 if (*ppos != 0) 1530 return 0; 1531 /* 1532 * Being careful to avoid a problem in the case where 1533 * smack_net_ambient gets changed in midstream. 1534 */ 1535 mutex_lock(&smack_ambient_lock); 1536 1537 asize = strlen(smack_net_ambient->smk_known) + 1; 1538 1539 if (cn >= asize) 1540 rc = simple_read_from_buffer(buf, cn, ppos, 1541 smack_net_ambient->smk_known, 1542 asize); 1543 else 1544 rc = -EINVAL; 1545 1546 mutex_unlock(&smack_ambient_lock); 1547 1548 return rc; 1549 } 1550 1551 /** 1552 * smk_write_ambient - write() for /smack/ambient 1553 * @file: file pointer, not actually used 1554 * @buf: where to get the data from 1555 * @count: bytes sent 1556 * @ppos: where to start 1557 * 1558 * Returns number of bytes written or error code, as appropriate 1559 */ 1560 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1561 size_t count, loff_t *ppos) 1562 { 1563 struct smack_known *skp; 1564 char *oldambient; 1565 char *data; 1566 int rc = count; 1567 1568 if (!smack_privileged(CAP_MAC_ADMIN)) 1569 return -EPERM; 1570 1571 data = kzalloc(count + 1, GFP_KERNEL); 1572 if (data == NULL) 1573 return -ENOMEM; 1574 1575 if (copy_from_user(data, buf, count) != 0) { 1576 rc = -EFAULT; 1577 goto out; 1578 } 1579 1580 skp = smk_import_entry(data, count); 1581 if (skp == NULL) { 1582 rc = -EINVAL; 1583 goto out; 1584 } 1585 1586 mutex_lock(&smack_ambient_lock); 1587 1588 oldambient = smack_net_ambient->smk_known; 1589 smack_net_ambient = skp; 1590 smk_unlbl_ambient(oldambient); 1591 1592 mutex_unlock(&smack_ambient_lock); 1593 1594 out: 1595 kfree(data); 1596 return rc; 1597 } 1598 1599 static const struct file_operations smk_ambient_ops = { 1600 .read = smk_read_ambient, 1601 .write = smk_write_ambient, 1602 .llseek = default_llseek, 1603 }; 1604 1605 /** 1606 * smk_read_onlycap - read() for /smack/onlycap 1607 * @filp: file pointer, not actually used 1608 * @buf: where to put the result 1609 * @cn: maximum to send along 1610 * @ppos: where to start 1611 * 1612 * Returns number of bytes read or error code, as appropriate 1613 */ 1614 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf, 1615 size_t cn, loff_t *ppos) 1616 { 1617 char *smack = ""; 1618 ssize_t rc = -EINVAL; 1619 int asize; 1620 1621 if (*ppos != 0) 1622 return 0; 1623 1624 if (smack_onlycap != NULL) 1625 smack = smack_onlycap; 1626 1627 asize = strlen(smack) + 1; 1628 1629 if (cn >= asize) 1630 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 1631 1632 return rc; 1633 } 1634 1635 /** 1636 * smk_write_onlycap - write() for /smack/onlycap 1637 * @file: file pointer, not actually used 1638 * @buf: where to get the data from 1639 * @count: bytes sent 1640 * @ppos: where to start 1641 * 1642 * Returns number of bytes written or error code, as appropriate 1643 */ 1644 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 1645 size_t count, loff_t *ppos) 1646 { 1647 char *data; 1648 struct smack_known *skp = smk_of_task(current->cred->security); 1649 int rc = count; 1650 1651 if (!smack_privileged(CAP_MAC_ADMIN)) 1652 return -EPERM; 1653 1654 /* 1655 * This can be done using smk_access() but is done 1656 * explicitly for clarity. The smk_access() implementation 1657 * would use smk_access(smack_onlycap, MAY_WRITE) 1658 */ 1659 if (smack_onlycap != NULL && smack_onlycap != skp->smk_known) 1660 return -EPERM; 1661 1662 data = kzalloc(count, GFP_KERNEL); 1663 if (data == NULL) 1664 return -ENOMEM; 1665 1666 /* 1667 * Should the null string be passed in unset the onlycap value. 1668 * This seems like something to be careful with as usually 1669 * smk_import only expects to return NULL for errors. It 1670 * is usually the case that a nullstring or "\n" would be 1671 * bad to pass to smk_import but in fact this is useful here. 1672 * 1673 * smk_import will also reject a label beginning with '-', 1674 * so "-usecapabilities" will also work. 1675 */ 1676 if (copy_from_user(data, buf, count) != 0) 1677 rc = -EFAULT; 1678 else 1679 smack_onlycap = smk_import(data, count); 1680 1681 kfree(data); 1682 return rc; 1683 } 1684 1685 static const struct file_operations smk_onlycap_ops = { 1686 .read = smk_read_onlycap, 1687 .write = smk_write_onlycap, 1688 .llseek = default_llseek, 1689 }; 1690 1691 /** 1692 * smk_read_logging - read() for /smack/logging 1693 * @filp: file pointer, not actually used 1694 * @buf: where to put the result 1695 * @cn: maximum to send along 1696 * @ppos: where to start 1697 * 1698 * Returns number of bytes read or error code, as appropriate 1699 */ 1700 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 1701 size_t count, loff_t *ppos) 1702 { 1703 char temp[32]; 1704 ssize_t rc; 1705 1706 if (*ppos != 0) 1707 return 0; 1708 1709 sprintf(temp, "%d\n", log_policy); 1710 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1711 return rc; 1712 } 1713 1714 /** 1715 * smk_write_logging - write() for /smack/logging 1716 * @file: file pointer, not actually used 1717 * @buf: where to get the data from 1718 * @count: bytes sent 1719 * @ppos: where to start 1720 * 1721 * Returns number of bytes written or error code, as appropriate 1722 */ 1723 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 1724 size_t count, loff_t *ppos) 1725 { 1726 char temp[32]; 1727 int i; 1728 1729 if (!smack_privileged(CAP_MAC_ADMIN)) 1730 return -EPERM; 1731 1732 if (count >= sizeof(temp) || count == 0) 1733 return -EINVAL; 1734 1735 if (copy_from_user(temp, buf, count) != 0) 1736 return -EFAULT; 1737 1738 temp[count] = '\0'; 1739 1740 if (sscanf(temp, "%d", &i) != 1) 1741 return -EINVAL; 1742 if (i < 0 || i > 3) 1743 return -EINVAL; 1744 log_policy = i; 1745 return count; 1746 } 1747 1748 1749 1750 static const struct file_operations smk_logging_ops = { 1751 .read = smk_read_logging, 1752 .write = smk_write_logging, 1753 .llseek = default_llseek, 1754 }; 1755 1756 /* 1757 * Seq_file read operations for /smack/load-self 1758 */ 1759 1760 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 1761 { 1762 struct task_smack *tsp = current_security(); 1763 1764 return smk_seq_start(s, pos, &tsp->smk_rules); 1765 } 1766 1767 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 1768 { 1769 struct task_smack *tsp = current_security(); 1770 1771 return smk_seq_next(s, v, pos, &tsp->smk_rules); 1772 } 1773 1774 static int load_self_seq_show(struct seq_file *s, void *v) 1775 { 1776 struct list_head *list = v; 1777 struct smack_rule *srp = 1778 list_entry(list, struct smack_rule, list); 1779 1780 smk_rule_show(s, srp, SMK_LABELLEN); 1781 1782 return 0; 1783 } 1784 1785 static const struct seq_operations load_self_seq_ops = { 1786 .start = load_self_seq_start, 1787 .next = load_self_seq_next, 1788 .show = load_self_seq_show, 1789 .stop = smk_seq_stop, 1790 }; 1791 1792 1793 /** 1794 * smk_open_load_self - open() for /smack/load-self2 1795 * @inode: inode structure representing file 1796 * @file: "load" file pointer 1797 * 1798 * For reading, use load_seq_* seq_file reading operations. 1799 */ 1800 static int smk_open_load_self(struct inode *inode, struct file *file) 1801 { 1802 return seq_open(file, &load_self_seq_ops); 1803 } 1804 1805 /** 1806 * smk_write_load_self - write() for /smack/load-self 1807 * @file: file pointer, not actually used 1808 * @buf: where to get the data from 1809 * @count: bytes sent 1810 * @ppos: where to start - must be 0 1811 * 1812 */ 1813 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 1814 size_t count, loff_t *ppos) 1815 { 1816 struct task_smack *tsp = current_security(); 1817 1818 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 1819 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 1820 } 1821 1822 static const struct file_operations smk_load_self_ops = { 1823 .open = smk_open_load_self, 1824 .read = seq_read, 1825 .llseek = seq_lseek, 1826 .write = smk_write_load_self, 1827 .release = seq_release, 1828 }; 1829 1830 /** 1831 * smk_user_access - handle access check transaction 1832 * @file: file pointer 1833 * @buf: data from user space 1834 * @count: bytes sent 1835 * @ppos: where to start - must be 0 1836 */ 1837 static ssize_t smk_user_access(struct file *file, const char __user *buf, 1838 size_t count, loff_t *ppos, int format) 1839 { 1840 struct smack_parsed_rule rule; 1841 char *data; 1842 int res; 1843 1844 data = simple_transaction_get(file, buf, count); 1845 if (IS_ERR(data)) 1846 return PTR_ERR(data); 1847 1848 if (format == SMK_FIXED24_FMT) { 1849 if (count < SMK_LOADLEN) 1850 return -EINVAL; 1851 res = smk_parse_rule(data, &rule, 0); 1852 } else { 1853 /* 1854 * simple_transaction_get() returns null-terminated data 1855 */ 1856 res = smk_parse_long_rule(data, &rule, 0, 3); 1857 } 1858 1859 if (res < 0) 1860 return -EINVAL; 1861 1862 res = smk_access(rule.smk_subject, rule.smk_object, 1863 rule.smk_access1, NULL); 1864 data[0] = res == 0 ? '1' : '0'; 1865 data[1] = '\0'; 1866 1867 simple_transaction_set(file, 2); 1868 1869 if (format == SMK_FIXED24_FMT) 1870 return SMK_LOADLEN; 1871 return count; 1872 } 1873 1874 /** 1875 * smk_write_access - handle access check transaction 1876 * @file: file pointer 1877 * @buf: data from user space 1878 * @count: bytes sent 1879 * @ppos: where to start - must be 0 1880 */ 1881 static ssize_t smk_write_access(struct file *file, const char __user *buf, 1882 size_t count, loff_t *ppos) 1883 { 1884 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 1885 } 1886 1887 static const struct file_operations smk_access_ops = { 1888 .write = smk_write_access, 1889 .read = simple_transaction_read, 1890 .release = simple_transaction_release, 1891 .llseek = generic_file_llseek, 1892 }; 1893 1894 1895 /* 1896 * Seq_file read operations for /smack/load2 1897 */ 1898 1899 static int load2_seq_show(struct seq_file *s, void *v) 1900 { 1901 struct list_head *list = v; 1902 struct smack_master_list *smlp = 1903 list_entry(list, struct smack_master_list, list); 1904 1905 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL); 1906 1907 return 0; 1908 } 1909 1910 static const struct seq_operations load2_seq_ops = { 1911 .start = load2_seq_start, 1912 .next = load2_seq_next, 1913 .show = load2_seq_show, 1914 .stop = smk_seq_stop, 1915 }; 1916 1917 /** 1918 * smk_open_load2 - open() for /smack/load2 1919 * @inode: inode structure representing file 1920 * @file: "load2" file pointer 1921 * 1922 * For reading, use load2_seq_* seq_file reading operations. 1923 */ 1924 static int smk_open_load2(struct inode *inode, struct file *file) 1925 { 1926 return seq_open(file, &load2_seq_ops); 1927 } 1928 1929 /** 1930 * smk_write_load2 - write() for /smack/load2 1931 * @file: file pointer, not actually used 1932 * @buf: where to get the data from 1933 * @count: bytes sent 1934 * @ppos: where to start - must be 0 1935 * 1936 */ 1937 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 1938 size_t count, loff_t *ppos) 1939 { 1940 /* 1941 * Must have privilege. 1942 */ 1943 if (!smack_privileged(CAP_MAC_ADMIN)) 1944 return -EPERM; 1945 1946 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 1947 SMK_LONG_FMT); 1948 } 1949 1950 static const struct file_operations smk_load2_ops = { 1951 .open = smk_open_load2, 1952 .read = seq_read, 1953 .llseek = seq_lseek, 1954 .write = smk_write_load2, 1955 .release = seq_release, 1956 }; 1957 1958 /* 1959 * Seq_file read operations for /smack/load-self2 1960 */ 1961 1962 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 1963 { 1964 struct task_smack *tsp = current_security(); 1965 1966 return smk_seq_start(s, pos, &tsp->smk_rules); 1967 } 1968 1969 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 1970 { 1971 struct task_smack *tsp = current_security(); 1972 1973 return smk_seq_next(s, v, pos, &tsp->smk_rules); 1974 } 1975 1976 static int load_self2_seq_show(struct seq_file *s, void *v) 1977 { 1978 struct list_head *list = v; 1979 struct smack_rule *srp = 1980 list_entry(list, struct smack_rule, list); 1981 1982 smk_rule_show(s, srp, SMK_LONGLABEL); 1983 1984 return 0; 1985 } 1986 1987 static const struct seq_operations load_self2_seq_ops = { 1988 .start = load_self2_seq_start, 1989 .next = load_self2_seq_next, 1990 .show = load_self2_seq_show, 1991 .stop = smk_seq_stop, 1992 }; 1993 1994 /** 1995 * smk_open_load_self2 - open() for /smack/load-self2 1996 * @inode: inode structure representing file 1997 * @file: "load" file pointer 1998 * 1999 * For reading, use load_seq_* seq_file reading operations. 2000 */ 2001 static int smk_open_load_self2(struct inode *inode, struct file *file) 2002 { 2003 return seq_open(file, &load_self2_seq_ops); 2004 } 2005 2006 /** 2007 * smk_write_load_self2 - write() for /smack/load-self2 2008 * @file: file pointer, not actually used 2009 * @buf: where to get the data from 2010 * @count: bytes sent 2011 * @ppos: where to start - must be 0 2012 * 2013 */ 2014 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2015 size_t count, loff_t *ppos) 2016 { 2017 struct task_smack *tsp = current_security(); 2018 2019 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2020 &tsp->smk_rules_lock, SMK_LONG_FMT); 2021 } 2022 2023 static const struct file_operations smk_load_self2_ops = { 2024 .open = smk_open_load_self2, 2025 .read = seq_read, 2026 .llseek = seq_lseek, 2027 .write = smk_write_load_self2, 2028 .release = seq_release, 2029 }; 2030 2031 /** 2032 * smk_write_access2 - handle access check transaction 2033 * @file: file pointer 2034 * @buf: data from user space 2035 * @count: bytes sent 2036 * @ppos: where to start - must be 0 2037 */ 2038 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2039 size_t count, loff_t *ppos) 2040 { 2041 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2042 } 2043 2044 static const struct file_operations smk_access2_ops = { 2045 .write = smk_write_access2, 2046 .read = simple_transaction_read, 2047 .release = simple_transaction_release, 2048 .llseek = generic_file_llseek, 2049 }; 2050 2051 /** 2052 * smk_write_revoke_subj - write() for /smack/revoke-subject 2053 * @file: file pointer 2054 * @buf: data from user space 2055 * @count: bytes sent 2056 * @ppos: where to start - must be 0 2057 */ 2058 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2059 size_t count, loff_t *ppos) 2060 { 2061 char *data = NULL; 2062 const char *cp = NULL; 2063 struct smack_known *skp; 2064 struct smack_rule *sp; 2065 struct list_head *rule_list; 2066 struct mutex *rule_lock; 2067 int rc = count; 2068 2069 if (*ppos != 0) 2070 return -EINVAL; 2071 2072 if (!smack_privileged(CAP_MAC_ADMIN)) 2073 return -EPERM; 2074 2075 if (count == 0 || count > SMK_LONGLABEL) 2076 return -EINVAL; 2077 2078 data = kzalloc(count, GFP_KERNEL); 2079 if (data == NULL) 2080 return -ENOMEM; 2081 2082 if (copy_from_user(data, buf, count) != 0) { 2083 rc = -EFAULT; 2084 goto free_out; 2085 } 2086 2087 cp = smk_parse_smack(data, count); 2088 if (cp == NULL) { 2089 rc = -EINVAL; 2090 goto free_out; 2091 } 2092 2093 skp = smk_find_entry(cp); 2094 if (skp == NULL) 2095 goto free_out; 2096 2097 rule_list = &skp->smk_rules; 2098 rule_lock = &skp->smk_rules_lock; 2099 2100 mutex_lock(rule_lock); 2101 2102 list_for_each_entry_rcu(sp, rule_list, list) 2103 sp->smk_access = 0; 2104 2105 mutex_unlock(rule_lock); 2106 2107 free_out: 2108 kfree(data); 2109 kfree(cp); 2110 return rc; 2111 } 2112 2113 static const struct file_operations smk_revoke_subj_ops = { 2114 .write = smk_write_revoke_subj, 2115 .read = simple_transaction_read, 2116 .release = simple_transaction_release, 2117 .llseek = generic_file_llseek, 2118 }; 2119 2120 static struct kset *smackfs_kset; 2121 /** 2122 * smk_init_sysfs - initialize /sys/fs/smackfs 2123 * 2124 */ 2125 static int smk_init_sysfs(void) 2126 { 2127 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj); 2128 if (!smackfs_kset) 2129 return -ENOMEM; 2130 return 0; 2131 } 2132 2133 /** 2134 * smk_write_change_rule - write() for /smack/change-rule 2135 * @file: file pointer 2136 * @buf: data from user space 2137 * @count: bytes sent 2138 * @ppos: where to start - must be 0 2139 */ 2140 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2141 size_t count, loff_t *ppos) 2142 { 2143 /* 2144 * Must have privilege. 2145 */ 2146 if (!capable(CAP_MAC_ADMIN)) 2147 return -EPERM; 2148 2149 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2150 SMK_CHANGE_FMT); 2151 } 2152 2153 static const struct file_operations smk_change_rule_ops = { 2154 .write = smk_write_change_rule, 2155 .read = simple_transaction_read, 2156 .release = simple_transaction_release, 2157 .llseek = generic_file_llseek, 2158 }; 2159 2160 /** 2161 * smk_fill_super - fill the /smackfs superblock 2162 * @sb: the empty superblock 2163 * @data: unused 2164 * @silent: unused 2165 * 2166 * Fill in the well known entries for /smack 2167 * 2168 * Returns 0 on success, an error code on failure 2169 */ 2170 static int smk_fill_super(struct super_block *sb, void *data, int silent) 2171 { 2172 int rc; 2173 struct inode *root_inode; 2174 2175 static struct tree_descr smack_files[] = { 2176 [SMK_LOAD] = { 2177 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2178 [SMK_CIPSO] = { 2179 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2180 [SMK_DOI] = { 2181 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2182 [SMK_DIRECT] = { 2183 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2184 [SMK_AMBIENT] = { 2185 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2186 [SMK_NETLBLADDR] = { 2187 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR}, 2188 [SMK_ONLYCAP] = { 2189 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2190 [SMK_LOGGING] = { 2191 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2192 [SMK_LOAD_SELF] = { 2193 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2194 [SMK_ACCESSES] = { 2195 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2196 [SMK_MAPPED] = { 2197 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2198 [SMK_LOAD2] = { 2199 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2200 [SMK_LOAD_SELF2] = { 2201 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2202 [SMK_ACCESS2] = { 2203 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2204 [SMK_CIPSO2] = { 2205 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2206 [SMK_REVOKE_SUBJ] = { 2207 "revoke-subject", &smk_revoke_subj_ops, 2208 S_IRUGO|S_IWUSR}, 2209 [SMK_CHANGE_RULE] = { 2210 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2211 /* last one */ 2212 {""} 2213 }; 2214 2215 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2216 if (rc != 0) { 2217 printk(KERN_ERR "%s failed %d while creating inodes\n", 2218 __func__, rc); 2219 return rc; 2220 } 2221 2222 root_inode = sb->s_root->d_inode; 2223 2224 return 0; 2225 } 2226 2227 /** 2228 * smk_mount - get the smackfs superblock 2229 * @fs_type: passed along without comment 2230 * @flags: passed along without comment 2231 * @dev_name: passed along without comment 2232 * @data: passed along without comment 2233 * 2234 * Just passes everything along. 2235 * 2236 * Returns what the lower level code does. 2237 */ 2238 static struct dentry *smk_mount(struct file_system_type *fs_type, 2239 int flags, const char *dev_name, void *data) 2240 { 2241 return mount_single(fs_type, flags, data, smk_fill_super); 2242 } 2243 2244 static struct file_system_type smk_fs_type = { 2245 .name = "smackfs", 2246 .mount = smk_mount, 2247 .kill_sb = kill_litter_super, 2248 }; 2249 2250 static struct vfsmount *smackfs_mount; 2251 2252 static int __init smk_preset_netlabel(struct smack_known *skp) 2253 { 2254 skp->smk_netlabel.domain = skp->smk_known; 2255 skp->smk_netlabel.flags = 2256 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL; 2257 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known, 2258 &skp->smk_netlabel, strlen(skp->smk_known)); 2259 } 2260 2261 /** 2262 * init_smk_fs - get the smackfs superblock 2263 * 2264 * register the smackfs 2265 * 2266 * Do not register smackfs if Smack wasn't enabled 2267 * on boot. We can not put this method normally under the 2268 * smack_init() code path since the security subsystem get 2269 * initialized before the vfs caches. 2270 * 2271 * Returns true if we were not chosen on boot or if 2272 * we were chosen and filesystem registration succeeded. 2273 */ 2274 static int __init init_smk_fs(void) 2275 { 2276 int err; 2277 int rc; 2278 2279 if (!security_module_enable(&smack_ops)) 2280 return 0; 2281 2282 err = smk_init_sysfs(); 2283 if (err) 2284 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 2285 2286 err = register_filesystem(&smk_fs_type); 2287 if (!err) { 2288 smackfs_mount = kern_mount(&smk_fs_type); 2289 if (IS_ERR(smackfs_mount)) { 2290 printk(KERN_ERR "smackfs: could not mount!\n"); 2291 err = PTR_ERR(smackfs_mount); 2292 smackfs_mount = NULL; 2293 } 2294 } 2295 2296 smk_cipso_doi(); 2297 smk_unlbl_ambient(NULL); 2298 2299 rc = smk_preset_netlabel(&smack_known_floor); 2300 if (err == 0 && rc < 0) 2301 err = rc; 2302 rc = smk_preset_netlabel(&smack_known_hat); 2303 if (err == 0 && rc < 0) 2304 err = rc; 2305 rc = smk_preset_netlabel(&smack_known_huh); 2306 if (err == 0 && rc < 0) 2307 err = rc; 2308 rc = smk_preset_netlabel(&smack_known_invalid); 2309 if (err == 0 && rc < 0) 2310 err = rc; 2311 rc = smk_preset_netlabel(&smack_known_star); 2312 if (err == 0 && rc < 0) 2313 err = rc; 2314 rc = smk_preset_netlabel(&smack_known_web); 2315 if (err == 0 && rc < 0) 2316 err = rc; 2317 2318 return err; 2319 } 2320 2321 __initcall(init_smk_fs); 2322