1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 4 * 5 * Authors: 6 * Casey Schaufler <casey@schaufler-ca.com> 7 * Ahmed S. Darwish <darwish.07@gmail.com> 8 * 9 * Special thanks to the authors of selinuxfs. 10 * 11 * Karl MacMillan <kmacmillan@tresys.com> 12 * James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/vmalloc.h> 17 #include <linux/security.h> 18 #include <linux/mutex.h> 19 #include <linux/slab.h> 20 #include <net/net_namespace.h> 21 #include <net/cipso_ipv4.h> 22 #include <linux/seq_file.h> 23 #include <linux/ctype.h> 24 #include <linux/audit.h> 25 #include <linux/magic.h> 26 #include <linux/mount.h> 27 #include <linux/fs_context.h> 28 #include "smack.h" 29 30 #define BEBITS (sizeof(__be32) * 8) 31 /* 32 * smackfs pseudo filesystem. 33 */ 34 35 enum smk_inos { 36 SMK_ROOT_INO = 2, 37 SMK_LOAD = 3, /* load policy */ 38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 39 SMK_DOI = 5, /* CIPSO DOI */ 40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 41 SMK_AMBIENT = 7, /* internet ambient label */ 42 SMK_NET4ADDR = 8, /* single label hosts */ 43 SMK_ONLYCAP = 9, /* the only "capable" label */ 44 SMK_LOGGING = 10, /* logging */ 45 SMK_LOAD_SELF = 11, /* task specific rules */ 46 SMK_ACCESSES = 12, /* access policy */ 47 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 48 SMK_LOAD2 = 14, /* load policy with long labels */ 49 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 50 SMK_ACCESS2 = 16, /* make an access check with long labels */ 51 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 52 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 53 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 54 SMK_SYSLOG = 20, /* change syslog label) */ 55 SMK_PTRACE = 21, /* set ptrace rule */ 56 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 57 SMK_UNCONFINED = 22, /* define an unconfined label */ 58 #endif 59 #if IS_ENABLED(CONFIG_IPV6) 60 SMK_NET6ADDR = 23, /* single label IPv6 hosts */ 61 #endif /* CONFIG_IPV6 */ 62 SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */ 63 }; 64 65 /* 66 * List locks 67 */ 68 static DEFINE_MUTEX(smack_cipso_lock); 69 static DEFINE_MUTEX(smack_ambient_lock); 70 static DEFINE_MUTEX(smk_net4addr_lock); 71 #if IS_ENABLED(CONFIG_IPV6) 72 static DEFINE_MUTEX(smk_net6addr_lock); 73 #endif /* CONFIG_IPV6 */ 74 75 /* 76 * This is the "ambient" label for network traffic. 77 * If it isn't somehow marked, use this. 78 * It can be reset via smackfs/ambient 79 */ 80 struct smack_known *smack_net_ambient; 81 82 /* 83 * This is the level in a CIPSO header that indicates a 84 * smack label is contained directly in the category set. 85 * It can be reset via smackfs/direct 86 */ 87 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 88 89 /* 90 * This is the level in a CIPSO header that indicates a 91 * secid is contained directly in the category set. 92 * It can be reset via smackfs/mapped 93 */ 94 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 95 96 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 97 /* 98 * Allow one label to be unconfined. This is for 99 * debugging and application bring-up purposes only. 100 * It is bad and wrong, but everyone seems to expect 101 * to have it. 102 */ 103 struct smack_known *smack_unconfined; 104 #endif 105 106 /* 107 * If this value is set restrict syslog use to the label specified. 108 * It can be reset via smackfs/syslog 109 */ 110 struct smack_known *smack_syslog_label; 111 112 /* 113 * Ptrace current rule 114 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 115 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 116 * CAP_SYS_PTRACE 117 * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect 118 */ 119 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 120 121 /* 122 * Certain IP addresses may be designated as single label hosts. 123 * Packets are sent there unlabeled, but only from tasks that 124 * can write to the specified label. 125 */ 126 127 LIST_HEAD(smk_net4addr_list); 128 #if IS_ENABLED(CONFIG_IPV6) 129 LIST_HEAD(smk_net6addr_list); 130 #endif /* CONFIG_IPV6 */ 131 132 /* 133 * Rule lists are maintained for each label. 134 */ 135 struct smack_parsed_rule { 136 struct smack_known *smk_subject; 137 struct smack_known *smk_object; 138 int smk_access1; 139 int smk_access2; 140 }; 141 142 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 143 144 /* 145 * Values for parsing cipso rules 146 * SMK_DIGITLEN: Length of a digit field in a rule. 147 * SMK_CIPSOMIN: Minimum possible cipso rule length. 148 * SMK_CIPSOMAX: Maximum possible cipso rule length. 149 */ 150 #define SMK_DIGITLEN 4 151 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 152 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 153 154 /* 155 * Values for parsing MAC rules 156 * SMK_ACCESS: Maximum possible combination of access permissions 157 * SMK_ACCESSLEN: Maximum length for a rule access field 158 * SMK_LOADLEN: Smack rule length 159 */ 160 #define SMK_OACCESS "rwxa" 161 #define SMK_ACCESS "rwxatl" 162 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 163 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 164 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 165 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 166 167 /* 168 * Stricly for CIPSO level manipulation. 169 * Set the category bit number in a smack label sized buffer. 170 */ 171 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 172 { 173 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 174 return; 175 176 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 177 } 178 179 /** 180 * smk_netlabel_audit_set - fill a netlbl_audit struct 181 * @nap: structure to fill 182 */ 183 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 184 { 185 struct smack_known *skp = smk_of_current(); 186 187 nap->loginuid = audit_get_loginuid(current); 188 nap->sessionid = audit_get_sessionid(current); 189 nap->secid = skp->smk_secid; 190 } 191 192 /* 193 * Value for parsing single label host rules 194 * "1.2.3.4 X" 195 */ 196 #define SMK_NETLBLADDRMIN 9 197 198 /** 199 * smk_set_access - add a rule to the rule list or replace an old rule 200 * @srp: the rule to add or replace 201 * @rule_list: the list of rules 202 * @rule_lock: the rule list lock 203 * 204 * Looks through the current subject/object/access list for 205 * the subject/object pair and replaces the access that was 206 * there. If the pair isn't found add it with the specified 207 * access. 208 * 209 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 210 * during the allocation of the new pair to add. 211 */ 212 static int smk_set_access(struct smack_parsed_rule *srp, 213 struct list_head *rule_list, 214 struct mutex *rule_lock) 215 { 216 struct smack_rule *sp; 217 int found = 0; 218 int rc = 0; 219 220 mutex_lock(rule_lock); 221 222 /* 223 * Because the object label is less likely to match 224 * than the subject label check it first 225 */ 226 list_for_each_entry_rcu(sp, rule_list, list) { 227 if (sp->smk_object == srp->smk_object && 228 sp->smk_subject == srp->smk_subject) { 229 found = 1; 230 sp->smk_access |= srp->smk_access1; 231 sp->smk_access &= ~srp->smk_access2; 232 break; 233 } 234 } 235 236 if (found == 0) { 237 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); 238 if (sp == NULL) { 239 rc = -ENOMEM; 240 goto out; 241 } 242 243 sp->smk_subject = srp->smk_subject; 244 sp->smk_object = srp->smk_object; 245 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 246 247 list_add_rcu(&sp->list, rule_list); 248 } 249 250 out: 251 mutex_unlock(rule_lock); 252 return rc; 253 } 254 255 /** 256 * smk_perm_from_str - parse smack accesses from a text string 257 * @string: a text string that contains a Smack accesses code 258 * 259 * Returns an integer with respective bits set for specified accesses. 260 */ 261 static int smk_perm_from_str(const char *string) 262 { 263 int perm = 0; 264 const char *cp; 265 266 for (cp = string; ; cp++) 267 switch (*cp) { 268 case '-': 269 break; 270 case 'r': 271 case 'R': 272 perm |= MAY_READ; 273 break; 274 case 'w': 275 case 'W': 276 perm |= MAY_WRITE; 277 break; 278 case 'x': 279 case 'X': 280 perm |= MAY_EXEC; 281 break; 282 case 'a': 283 case 'A': 284 perm |= MAY_APPEND; 285 break; 286 case 't': 287 case 'T': 288 perm |= MAY_TRANSMUTE; 289 break; 290 case 'l': 291 case 'L': 292 perm |= MAY_LOCK; 293 break; 294 case 'b': 295 case 'B': 296 perm |= MAY_BRINGUP; 297 break; 298 default: 299 return perm; 300 } 301 } 302 303 /** 304 * smk_fill_rule - Fill Smack rule from strings 305 * @subject: subject label string 306 * @object: object label string 307 * @access1: access string 308 * @access2: string with permissions to be removed 309 * @rule: Smack rule 310 * @import: if non-zero, import labels 311 * @len: label length limit 312 * 313 * Returns 0 on success, appropriate error code on failure. 314 */ 315 static int smk_fill_rule(const char *subject, const char *object, 316 const char *access1, const char *access2, 317 struct smack_parsed_rule *rule, int import, 318 int len) 319 { 320 const char *cp; 321 struct smack_known *skp; 322 323 if (import) { 324 rule->smk_subject = smk_import_entry(subject, len); 325 if (IS_ERR(rule->smk_subject)) 326 return PTR_ERR(rule->smk_subject); 327 328 rule->smk_object = smk_import_entry(object, len); 329 if (IS_ERR(rule->smk_object)) 330 return PTR_ERR(rule->smk_object); 331 } else { 332 cp = smk_parse_smack(subject, len); 333 if (IS_ERR(cp)) 334 return PTR_ERR(cp); 335 skp = smk_find_entry(cp); 336 kfree(cp); 337 if (skp == NULL) 338 return -ENOENT; 339 rule->smk_subject = skp; 340 341 cp = smk_parse_smack(object, len); 342 if (IS_ERR(cp)) 343 return PTR_ERR(cp); 344 skp = smk_find_entry(cp); 345 kfree(cp); 346 if (skp == NULL) 347 return -ENOENT; 348 rule->smk_object = skp; 349 } 350 351 rule->smk_access1 = smk_perm_from_str(access1); 352 if (access2) 353 rule->smk_access2 = smk_perm_from_str(access2); 354 else 355 rule->smk_access2 = ~rule->smk_access1; 356 357 return 0; 358 } 359 360 /** 361 * smk_parse_rule - parse Smack rule from load string 362 * @data: string to be parsed whose size is SMK_LOADLEN 363 * @rule: Smack rule 364 * @import: if non-zero, import labels 365 * 366 * Returns 0 on success, -1 on errors. 367 */ 368 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 369 int import) 370 { 371 int rc; 372 373 rc = smk_fill_rule(data, data + SMK_LABELLEN, 374 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 375 import, SMK_LABELLEN); 376 return rc; 377 } 378 379 /** 380 * smk_parse_long_rule - parse Smack rule from rule string 381 * @data: string to be parsed, null terminated 382 * @rule: Will be filled with Smack parsed rule 383 * @import: if non-zero, import labels 384 * @tokens: number of substrings expected in data 385 * 386 * Returns number of processed bytes on success, -ERRNO on failure. 387 */ 388 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 389 int import, int tokens) 390 { 391 ssize_t cnt = 0; 392 char *tok[4]; 393 int rc; 394 int i; 395 396 /* 397 * Parsing the rule in-place, filling all white-spaces with '\0' 398 */ 399 for (i = 0; i < tokens; ++i) { 400 while (isspace(data[cnt])) 401 data[cnt++] = '\0'; 402 403 if (data[cnt] == '\0') 404 /* Unexpected end of data */ 405 return -EINVAL; 406 407 tok[i] = data + cnt; 408 409 while (data[cnt] && !isspace(data[cnt])) 410 ++cnt; 411 } 412 while (isspace(data[cnt])) 413 data[cnt++] = '\0'; 414 415 while (i < 4) 416 tok[i++] = NULL; 417 418 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 419 return rc == 0 ? cnt : rc; 420 } 421 422 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 423 #define SMK_LONG_FMT 1 /* Variable long label format */ 424 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 425 /** 426 * smk_write_rules_list - write() for any /smack rule file 427 * @file: file pointer, not actually used 428 * @buf: where to get the data from 429 * @count: bytes sent 430 * @ppos: where to start - must be 0 431 * @rule_list: the list of rules to write to 432 * @rule_lock: lock for the rule list 433 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 434 * 435 * Get one smack access rule from above. 436 * The format for SMK_LONG_FMT is: 437 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 438 * The format for SMK_FIXED24_FMT is exactly: 439 * "subject object rwxat" 440 * The format for SMK_CHANGE_FMT is: 441 * "subject<whitespace>object<whitespace> 442 * acc_enable<whitespace>acc_disable[<whitespace>...]" 443 */ 444 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 445 size_t count, loff_t *ppos, 446 struct list_head *rule_list, 447 struct mutex *rule_lock, int format) 448 { 449 struct smack_parsed_rule rule; 450 char *data; 451 int rc; 452 int trunc = 0; 453 int tokens; 454 ssize_t cnt = 0; 455 456 /* 457 * No partial writes. 458 * Enough data must be present. 459 */ 460 if (*ppos != 0) 461 return -EINVAL; 462 463 if (format == SMK_FIXED24_FMT) { 464 /* 465 * Minor hack for backward compatibility 466 */ 467 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 468 return -EINVAL; 469 } else { 470 if (count >= PAGE_SIZE) { 471 count = PAGE_SIZE - 1; 472 trunc = 1; 473 } 474 } 475 476 data = memdup_user_nul(buf, count); 477 if (IS_ERR(data)) 478 return PTR_ERR(data); 479 480 /* 481 * In case of parsing only part of user buf, 482 * avoid having partial rule at the data buffer 483 */ 484 if (trunc) { 485 while (count > 0 && (data[count - 1] != '\n')) 486 --count; 487 if (count == 0) { 488 rc = -EINVAL; 489 goto out; 490 } 491 } 492 493 data[count] = '\0'; 494 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 495 while (cnt < count) { 496 if (format == SMK_FIXED24_FMT) { 497 rc = smk_parse_rule(data, &rule, 1); 498 if (rc < 0) 499 goto out; 500 cnt = count; 501 } else { 502 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 503 if (rc < 0) 504 goto out; 505 if (rc == 0) { 506 rc = -EINVAL; 507 goto out; 508 } 509 cnt += rc; 510 } 511 512 if (rule_list == NULL) 513 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 514 &rule.smk_subject->smk_rules_lock); 515 else 516 rc = smk_set_access(&rule, rule_list, rule_lock); 517 518 if (rc) 519 goto out; 520 } 521 522 rc = cnt; 523 out: 524 kfree(data); 525 return rc; 526 } 527 528 /* 529 * Core logic for smackfs seq list operations. 530 */ 531 532 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 533 struct list_head *head) 534 { 535 struct list_head *list; 536 int i = *pos; 537 538 rcu_read_lock(); 539 for (list = rcu_dereference(list_next_rcu(head)); 540 list != head; 541 list = rcu_dereference(list_next_rcu(list))) { 542 if (i-- == 0) 543 return list; 544 } 545 546 return NULL; 547 } 548 549 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 550 struct list_head *head) 551 { 552 struct list_head *list = v; 553 554 ++*pos; 555 list = rcu_dereference(list_next_rcu(list)); 556 557 return (list == head) ? NULL : list; 558 } 559 560 static void smk_seq_stop(struct seq_file *s, void *v) 561 { 562 rcu_read_unlock(); 563 } 564 565 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 566 { 567 /* 568 * Don't show any rules with label names too long for 569 * interface file (/smack/load or /smack/load2) 570 * because you should expect to be able to write 571 * anything you read back. 572 */ 573 if (strlen(srp->smk_subject->smk_known) >= max || 574 strlen(srp->smk_object->smk_known) >= max) 575 return; 576 577 if (srp->smk_access == 0) 578 return; 579 580 seq_printf(s, "%s %s", 581 srp->smk_subject->smk_known, 582 srp->smk_object->smk_known); 583 584 seq_putc(s, ' '); 585 586 if (srp->smk_access & MAY_READ) 587 seq_putc(s, 'r'); 588 if (srp->smk_access & MAY_WRITE) 589 seq_putc(s, 'w'); 590 if (srp->smk_access & MAY_EXEC) 591 seq_putc(s, 'x'); 592 if (srp->smk_access & MAY_APPEND) 593 seq_putc(s, 'a'); 594 if (srp->smk_access & MAY_TRANSMUTE) 595 seq_putc(s, 't'); 596 if (srp->smk_access & MAY_LOCK) 597 seq_putc(s, 'l'); 598 if (srp->smk_access & MAY_BRINGUP) 599 seq_putc(s, 'b'); 600 601 seq_putc(s, '\n'); 602 } 603 604 /* 605 * Seq_file read operations for /smack/load 606 */ 607 608 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 609 { 610 return smk_seq_start(s, pos, &smack_known_list); 611 } 612 613 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 614 { 615 return smk_seq_next(s, v, pos, &smack_known_list); 616 } 617 618 static int load_seq_show(struct seq_file *s, void *v) 619 { 620 struct list_head *list = v; 621 struct smack_rule *srp; 622 struct smack_known *skp = 623 list_entry_rcu(list, struct smack_known, list); 624 625 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 626 smk_rule_show(s, srp, SMK_LABELLEN); 627 628 return 0; 629 } 630 631 static const struct seq_operations load_seq_ops = { 632 .start = load2_seq_start, 633 .next = load2_seq_next, 634 .show = load_seq_show, 635 .stop = smk_seq_stop, 636 }; 637 638 /** 639 * smk_open_load - open() for /smack/load 640 * @inode: inode structure representing file 641 * @file: "load" file pointer 642 * 643 * For reading, use load_seq_* seq_file reading operations. 644 */ 645 static int smk_open_load(struct inode *inode, struct file *file) 646 { 647 return seq_open(file, &load_seq_ops); 648 } 649 650 /** 651 * smk_write_load - write() for /smack/load 652 * @file: file pointer, not actually used 653 * @buf: where to get the data from 654 * @count: bytes sent 655 * @ppos: where to start - must be 0 656 * 657 */ 658 static ssize_t smk_write_load(struct file *file, const char __user *buf, 659 size_t count, loff_t *ppos) 660 { 661 /* 662 * Must have privilege. 663 * No partial writes. 664 * Enough data must be present. 665 */ 666 if (!smack_privileged(CAP_MAC_ADMIN)) 667 return -EPERM; 668 669 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 670 SMK_FIXED24_FMT); 671 } 672 673 static const struct file_operations smk_load_ops = { 674 .open = smk_open_load, 675 .read = seq_read, 676 .llseek = seq_lseek, 677 .write = smk_write_load, 678 .release = seq_release, 679 }; 680 681 /** 682 * smk_cipso_doi - initialize the CIPSO domain 683 */ 684 static void smk_cipso_doi(void) 685 { 686 int rc; 687 struct cipso_v4_doi *doip; 688 struct netlbl_audit nai; 689 690 smk_netlabel_audit_set(&nai); 691 692 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 693 if (rc != 0) 694 printk(KERN_WARNING "%s:%d remove rc = %d\n", 695 __func__, __LINE__, rc); 696 697 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL); 698 doip->map.std = NULL; 699 doip->doi = smk_cipso_doi_value; 700 doip->type = CIPSO_V4_MAP_PASS; 701 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 702 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 703 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 704 705 rc = netlbl_cfg_cipsov4_add(doip, &nai); 706 if (rc != 0) { 707 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 708 __func__, __LINE__, rc); 709 kfree(doip); 710 return; 711 } 712 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 713 if (rc != 0) { 714 printk(KERN_WARNING "%s:%d map add rc = %d\n", 715 __func__, __LINE__, rc); 716 netlbl_cfg_cipsov4_del(doip->doi, &nai); 717 return; 718 } 719 } 720 721 /** 722 * smk_unlbl_ambient - initialize the unlabeled domain 723 * @oldambient: previous domain string 724 */ 725 static void smk_unlbl_ambient(char *oldambient) 726 { 727 int rc; 728 struct netlbl_audit nai; 729 730 smk_netlabel_audit_set(&nai); 731 732 if (oldambient != NULL) { 733 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 734 if (rc != 0) 735 printk(KERN_WARNING "%s:%d remove rc = %d\n", 736 __func__, __LINE__, rc); 737 } 738 if (smack_net_ambient == NULL) 739 smack_net_ambient = &smack_known_floor; 740 741 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 742 NULL, NULL, &nai); 743 if (rc != 0) 744 printk(KERN_WARNING "%s:%d add rc = %d\n", 745 __func__, __LINE__, rc); 746 } 747 748 /* 749 * Seq_file read operations for /smack/cipso 750 */ 751 752 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 753 { 754 return smk_seq_start(s, pos, &smack_known_list); 755 } 756 757 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 758 { 759 return smk_seq_next(s, v, pos, &smack_known_list); 760 } 761 762 /* 763 * Print cipso labels in format: 764 * label level[/cat[,cat]] 765 */ 766 static int cipso_seq_show(struct seq_file *s, void *v) 767 { 768 struct list_head *list = v; 769 struct smack_known *skp = 770 list_entry_rcu(list, struct smack_known, list); 771 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 772 char sep = '/'; 773 int i; 774 775 /* 776 * Don't show a label that could not have been set using 777 * /smack/cipso. This is in support of the notion that 778 * anything read from /smack/cipso ought to be writeable 779 * to /smack/cipso. 780 * 781 * /smack/cipso2 should be used instead. 782 */ 783 if (strlen(skp->smk_known) >= SMK_LABELLEN) 784 return 0; 785 786 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 787 788 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 789 i = netlbl_catmap_walk(cmp, i + 1)) { 790 seq_printf(s, "%c%d", sep, i); 791 sep = ','; 792 } 793 794 seq_putc(s, '\n'); 795 796 return 0; 797 } 798 799 static const struct seq_operations cipso_seq_ops = { 800 .start = cipso_seq_start, 801 .next = cipso_seq_next, 802 .show = cipso_seq_show, 803 .stop = smk_seq_stop, 804 }; 805 806 /** 807 * smk_open_cipso - open() for /smack/cipso 808 * @inode: inode structure representing file 809 * @file: "cipso" file pointer 810 * 811 * Connect our cipso_seq_* operations with /smack/cipso 812 * file_operations 813 */ 814 static int smk_open_cipso(struct inode *inode, struct file *file) 815 { 816 return seq_open(file, &cipso_seq_ops); 817 } 818 819 /** 820 * smk_set_cipso - do the work for write() for cipso and cipso2 821 * @file: file pointer, not actually used 822 * @buf: where to get the data from 823 * @count: bytes sent 824 * @ppos: where to start 825 * @format: /smack/cipso or /smack/cipso2 826 * 827 * Accepts only one cipso rule per write call. 828 * Returns number of bytes written or error code, as appropriate 829 */ 830 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 831 size_t count, loff_t *ppos, int format) 832 { 833 struct netlbl_lsm_catmap *old_cat, *new_cat = NULL; 834 struct smack_known *skp; 835 struct netlbl_lsm_secattr ncats; 836 char mapcatset[SMK_CIPSOLEN]; 837 int maplevel; 838 unsigned int cat; 839 int catlen; 840 ssize_t rc = -EINVAL; 841 char *data = NULL; 842 char *rule; 843 int ret; 844 int i; 845 846 /* 847 * Must have privilege. 848 * No partial writes. 849 * Enough data must be present. 850 */ 851 if (!smack_privileged(CAP_MAC_ADMIN)) 852 return -EPERM; 853 if (*ppos != 0) 854 return -EINVAL; 855 if (format == SMK_FIXED24_FMT && 856 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 857 return -EINVAL; 858 if (count > PAGE_SIZE) 859 return -EINVAL; 860 861 data = memdup_user_nul(buf, count); 862 if (IS_ERR(data)) 863 return PTR_ERR(data); 864 865 rule = data; 866 /* 867 * Only allow one writer at a time. Writes should be 868 * quite rare and small in any case. 869 */ 870 mutex_lock(&smack_cipso_lock); 871 872 skp = smk_import_entry(rule, 0); 873 if (IS_ERR(skp)) { 874 rc = PTR_ERR(skp); 875 goto out; 876 } 877 878 if (format == SMK_FIXED24_FMT) 879 rule += SMK_LABELLEN; 880 else 881 rule += strlen(skp->smk_known) + 1; 882 883 if (rule > data + count) { 884 rc = -EOVERFLOW; 885 goto out; 886 } 887 888 ret = sscanf(rule, "%d", &maplevel); 889 if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL) 890 goto out; 891 892 rule += SMK_DIGITLEN; 893 if (rule > data + count) { 894 rc = -EOVERFLOW; 895 goto out; 896 } 897 898 ret = sscanf(rule, "%d", &catlen); 899 if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM) 900 goto out; 901 902 if (format == SMK_FIXED24_FMT && 903 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 904 goto out; 905 906 memset(mapcatset, 0, sizeof(mapcatset)); 907 908 for (i = 0; i < catlen; i++) { 909 rule += SMK_DIGITLEN; 910 if (rule > data + count) { 911 rc = -EOVERFLOW; 912 goto out; 913 } 914 ret = sscanf(rule, "%u", &cat); 915 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 916 goto out; 917 918 smack_catset_bit(cat, mapcatset); 919 } 920 ncats.flags = 0; 921 if (catlen == 0) { 922 ncats.attr.mls.cat = NULL; 923 ncats.attr.mls.lvl = maplevel; 924 new_cat = netlbl_catmap_alloc(GFP_ATOMIC); 925 if (new_cat) 926 new_cat->next = ncats.attr.mls.cat; 927 ncats.attr.mls.cat = new_cat; 928 skp->smk_netlabel.flags &= ~(1U << 3); 929 rc = 0; 930 } else { 931 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 932 } 933 if (rc >= 0) { 934 old_cat = skp->smk_netlabel.attr.mls.cat; 935 rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat); 936 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 937 synchronize_rcu(); 938 netlbl_catmap_free(old_cat); 939 rc = count; 940 /* 941 * This mapping may have been cached, so clear the cache. 942 */ 943 netlbl_cache_invalidate(); 944 } 945 946 out: 947 mutex_unlock(&smack_cipso_lock); 948 kfree(data); 949 return rc; 950 } 951 952 /** 953 * smk_write_cipso - write() for /smack/cipso 954 * @file: file pointer, not actually used 955 * @buf: where to get the data from 956 * @count: bytes sent 957 * @ppos: where to start 958 * 959 * Accepts only one cipso rule per write call. 960 * Returns number of bytes written or error code, as appropriate 961 */ 962 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 963 size_t count, loff_t *ppos) 964 { 965 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 966 } 967 968 static const struct file_operations smk_cipso_ops = { 969 .open = smk_open_cipso, 970 .read = seq_read, 971 .llseek = seq_lseek, 972 .write = smk_write_cipso, 973 .release = seq_release, 974 }; 975 976 /* 977 * Seq_file read operations for /smack/cipso2 978 */ 979 980 /* 981 * Print cipso labels in format: 982 * label level[/cat[,cat]] 983 */ 984 static int cipso2_seq_show(struct seq_file *s, void *v) 985 { 986 struct list_head *list = v; 987 struct smack_known *skp = 988 list_entry_rcu(list, struct smack_known, list); 989 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 990 char sep = '/'; 991 int i; 992 993 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 994 995 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 996 i = netlbl_catmap_walk(cmp, i + 1)) { 997 seq_printf(s, "%c%d", sep, i); 998 sep = ','; 999 } 1000 1001 seq_putc(s, '\n'); 1002 1003 return 0; 1004 } 1005 1006 static const struct seq_operations cipso2_seq_ops = { 1007 .start = cipso_seq_start, 1008 .next = cipso_seq_next, 1009 .show = cipso2_seq_show, 1010 .stop = smk_seq_stop, 1011 }; 1012 1013 /** 1014 * smk_open_cipso2 - open() for /smack/cipso2 1015 * @inode: inode structure representing file 1016 * @file: "cipso2" file pointer 1017 * 1018 * Connect our cipso_seq_* operations with /smack/cipso2 1019 * file_operations 1020 */ 1021 static int smk_open_cipso2(struct inode *inode, struct file *file) 1022 { 1023 return seq_open(file, &cipso2_seq_ops); 1024 } 1025 1026 /** 1027 * smk_write_cipso2 - write() for /smack/cipso2 1028 * @file: file pointer, not actually used 1029 * @buf: where to get the data from 1030 * @count: bytes sent 1031 * @ppos: where to start 1032 * 1033 * Accepts only one cipso rule per write call. 1034 * Returns number of bytes written or error code, as appropriate 1035 */ 1036 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1037 size_t count, loff_t *ppos) 1038 { 1039 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1040 } 1041 1042 static const struct file_operations smk_cipso2_ops = { 1043 .open = smk_open_cipso2, 1044 .read = seq_read, 1045 .llseek = seq_lseek, 1046 .write = smk_write_cipso2, 1047 .release = seq_release, 1048 }; 1049 1050 /* 1051 * Seq_file read operations for /smack/netlabel 1052 */ 1053 1054 static void *net4addr_seq_start(struct seq_file *s, loff_t *pos) 1055 { 1056 return smk_seq_start(s, pos, &smk_net4addr_list); 1057 } 1058 1059 static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1060 { 1061 return smk_seq_next(s, v, pos, &smk_net4addr_list); 1062 } 1063 1064 /* 1065 * Print host/label pairs 1066 */ 1067 static int net4addr_seq_show(struct seq_file *s, void *v) 1068 { 1069 struct list_head *list = v; 1070 struct smk_net4addr *skp = 1071 list_entry_rcu(list, struct smk_net4addr, list); 1072 char *kp = SMACK_CIPSO_OPTION; 1073 1074 if (skp->smk_label != NULL) 1075 kp = skp->smk_label->smk_known; 1076 seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr, 1077 skp->smk_masks, kp); 1078 1079 return 0; 1080 } 1081 1082 static const struct seq_operations net4addr_seq_ops = { 1083 .start = net4addr_seq_start, 1084 .next = net4addr_seq_next, 1085 .show = net4addr_seq_show, 1086 .stop = smk_seq_stop, 1087 }; 1088 1089 /** 1090 * smk_open_net4addr - open() for /smack/netlabel 1091 * @inode: inode structure representing file 1092 * @file: "netlabel" file pointer 1093 * 1094 * Connect our net4addr_seq_* operations with /smack/netlabel 1095 * file_operations 1096 */ 1097 static int smk_open_net4addr(struct inode *inode, struct file *file) 1098 { 1099 return seq_open(file, &net4addr_seq_ops); 1100 } 1101 1102 /** 1103 * smk_net4addr_insert 1104 * @new : netlabel to insert 1105 * 1106 * This helper insert netlabel in the smack_net4addrs list 1107 * sorted by netmask length (longest to smallest) 1108 * locked by &smk_net4addr_lock in smk_write_net4addr 1109 * 1110 */ 1111 static void smk_net4addr_insert(struct smk_net4addr *new) 1112 { 1113 struct smk_net4addr *m; 1114 struct smk_net4addr *m_next; 1115 1116 if (list_empty(&smk_net4addr_list)) { 1117 list_add_rcu(&new->list, &smk_net4addr_list); 1118 return; 1119 } 1120 1121 m = list_entry_rcu(smk_net4addr_list.next, 1122 struct smk_net4addr, list); 1123 1124 /* the comparison '>' is a bit hacky, but works */ 1125 if (new->smk_masks > m->smk_masks) { 1126 list_add_rcu(&new->list, &smk_net4addr_list); 1127 return; 1128 } 1129 1130 list_for_each_entry_rcu(m, &smk_net4addr_list, list) { 1131 if (list_is_last(&m->list, &smk_net4addr_list)) { 1132 list_add_rcu(&new->list, &m->list); 1133 return; 1134 } 1135 m_next = list_entry_rcu(m->list.next, 1136 struct smk_net4addr, list); 1137 if (new->smk_masks > m_next->smk_masks) { 1138 list_add_rcu(&new->list, &m->list); 1139 return; 1140 } 1141 } 1142 } 1143 1144 1145 /** 1146 * smk_write_net4addr - write() for /smack/netlabel 1147 * @file: file pointer, not actually used 1148 * @buf: where to get the data from 1149 * @count: bytes sent 1150 * @ppos: where to start 1151 * 1152 * Accepts only one net4addr per write call. 1153 * Returns number of bytes written or error code, as appropriate 1154 */ 1155 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 1156 size_t count, loff_t *ppos) 1157 { 1158 struct smk_net4addr *snp; 1159 struct sockaddr_in newname; 1160 char *smack; 1161 struct smack_known *skp = NULL; 1162 char *data; 1163 char *host = (char *)&newname.sin_addr.s_addr; 1164 int rc; 1165 struct netlbl_audit audit_info; 1166 struct in_addr mask; 1167 unsigned int m; 1168 unsigned int masks; 1169 int found; 1170 u32 mask_bits = (1<<31); 1171 __be32 nsa; 1172 u32 temp_mask; 1173 1174 /* 1175 * Must have privilege. 1176 * No partial writes. 1177 * Enough data must be present. 1178 * "<addr/mask, as a.b.c.d/e><space><label>" 1179 * "<addr, as a.b.c.d><space><label>" 1180 */ 1181 if (!smack_privileged(CAP_MAC_ADMIN)) 1182 return -EPERM; 1183 if (*ppos != 0) 1184 return -EINVAL; 1185 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1186 return -EINVAL; 1187 1188 data = memdup_user_nul(buf, count); 1189 if (IS_ERR(data)) 1190 return PTR_ERR(data); 1191 1192 smack = kzalloc(count + 1, GFP_KERNEL); 1193 if (smack == NULL) { 1194 rc = -ENOMEM; 1195 goto free_data_out; 1196 } 1197 1198 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1199 &host[0], &host[1], &host[2], &host[3], &masks, smack); 1200 if (rc != 6) { 1201 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1202 &host[0], &host[1], &host[2], &host[3], smack); 1203 if (rc != 5) { 1204 rc = -EINVAL; 1205 goto free_out; 1206 } 1207 masks = 32; 1208 } 1209 if (masks > BEBITS) { 1210 rc = -EINVAL; 1211 goto free_out; 1212 } 1213 1214 /* 1215 * If smack begins with '-', it is an option, don't import it 1216 */ 1217 if (smack[0] != '-') { 1218 skp = smk_import_entry(smack, 0); 1219 if (IS_ERR(skp)) { 1220 rc = PTR_ERR(skp); 1221 goto free_out; 1222 } 1223 } else { 1224 /* 1225 * Only the -CIPSO option is supported for IPv4 1226 */ 1227 if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) { 1228 rc = -EINVAL; 1229 goto free_out; 1230 } 1231 } 1232 1233 for (m = masks, temp_mask = 0; m > 0; m--) { 1234 temp_mask |= mask_bits; 1235 mask_bits >>= 1; 1236 } 1237 mask.s_addr = cpu_to_be32(temp_mask); 1238 1239 newname.sin_addr.s_addr &= mask.s_addr; 1240 /* 1241 * Only allow one writer at a time. Writes should be 1242 * quite rare and small in any case. 1243 */ 1244 mutex_lock(&smk_net4addr_lock); 1245 1246 nsa = newname.sin_addr.s_addr; 1247 /* try to find if the prefix is already in the list */ 1248 found = 0; 1249 list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { 1250 if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) { 1251 found = 1; 1252 break; 1253 } 1254 } 1255 smk_netlabel_audit_set(&audit_info); 1256 1257 if (found == 0) { 1258 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1259 if (snp == NULL) 1260 rc = -ENOMEM; 1261 else { 1262 rc = 0; 1263 snp->smk_host.s_addr = newname.sin_addr.s_addr; 1264 snp->smk_mask.s_addr = mask.s_addr; 1265 snp->smk_label = skp; 1266 snp->smk_masks = masks; 1267 smk_net4addr_insert(snp); 1268 } 1269 } else { 1270 /* 1271 * Delete the unlabeled entry, only if the previous label 1272 * wasn't the special CIPSO option 1273 */ 1274 if (snp->smk_label != NULL) 1275 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1276 &snp->smk_host, &snp->smk_mask, 1277 PF_INET, &audit_info); 1278 else 1279 rc = 0; 1280 snp->smk_label = skp; 1281 } 1282 1283 /* 1284 * Now tell netlabel about the single label nature of 1285 * this host so that incoming packets get labeled. 1286 * but only if we didn't get the special CIPSO option 1287 */ 1288 if (rc == 0 && skp != NULL) 1289 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1290 &snp->smk_host, &snp->smk_mask, PF_INET, 1291 snp->smk_label->smk_secid, &audit_info); 1292 1293 if (rc == 0) 1294 rc = count; 1295 1296 mutex_unlock(&smk_net4addr_lock); 1297 1298 free_out: 1299 kfree(smack); 1300 free_data_out: 1301 kfree(data); 1302 1303 return rc; 1304 } 1305 1306 static const struct file_operations smk_net4addr_ops = { 1307 .open = smk_open_net4addr, 1308 .read = seq_read, 1309 .llseek = seq_lseek, 1310 .write = smk_write_net4addr, 1311 .release = seq_release, 1312 }; 1313 1314 #if IS_ENABLED(CONFIG_IPV6) 1315 /* 1316 * Seq_file read operations for /smack/netlabel6 1317 */ 1318 1319 static void *net6addr_seq_start(struct seq_file *s, loff_t *pos) 1320 { 1321 return smk_seq_start(s, pos, &smk_net6addr_list); 1322 } 1323 1324 static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1325 { 1326 return smk_seq_next(s, v, pos, &smk_net6addr_list); 1327 } 1328 1329 /* 1330 * Print host/label pairs 1331 */ 1332 static int net6addr_seq_show(struct seq_file *s, void *v) 1333 { 1334 struct list_head *list = v; 1335 struct smk_net6addr *skp = 1336 list_entry(list, struct smk_net6addr, list); 1337 1338 if (skp->smk_label != NULL) 1339 seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks, 1340 skp->smk_label->smk_known); 1341 1342 return 0; 1343 } 1344 1345 static const struct seq_operations net6addr_seq_ops = { 1346 .start = net6addr_seq_start, 1347 .next = net6addr_seq_next, 1348 .show = net6addr_seq_show, 1349 .stop = smk_seq_stop, 1350 }; 1351 1352 /** 1353 * smk_open_net6addr - open() for /smack/netlabel 1354 * @inode: inode structure representing file 1355 * @file: "netlabel" file pointer 1356 * 1357 * Connect our net6addr_seq_* operations with /smack/netlabel 1358 * file_operations 1359 */ 1360 static int smk_open_net6addr(struct inode *inode, struct file *file) 1361 { 1362 return seq_open(file, &net6addr_seq_ops); 1363 } 1364 1365 /** 1366 * smk_net6addr_insert 1367 * @new : entry to insert 1368 * 1369 * This inserts an entry in the smack_net6addrs list 1370 * sorted by netmask length (longest to smallest) 1371 * locked by &smk_net6addr_lock in smk_write_net6addr 1372 * 1373 */ 1374 static void smk_net6addr_insert(struct smk_net6addr *new) 1375 { 1376 struct smk_net6addr *m_next; 1377 struct smk_net6addr *m; 1378 1379 if (list_empty(&smk_net6addr_list)) { 1380 list_add_rcu(&new->list, &smk_net6addr_list); 1381 return; 1382 } 1383 1384 m = list_entry_rcu(smk_net6addr_list.next, 1385 struct smk_net6addr, list); 1386 1387 if (new->smk_masks > m->smk_masks) { 1388 list_add_rcu(&new->list, &smk_net6addr_list); 1389 return; 1390 } 1391 1392 list_for_each_entry_rcu(m, &smk_net6addr_list, list) { 1393 if (list_is_last(&m->list, &smk_net6addr_list)) { 1394 list_add_rcu(&new->list, &m->list); 1395 return; 1396 } 1397 m_next = list_entry_rcu(m->list.next, 1398 struct smk_net6addr, list); 1399 if (new->smk_masks > m_next->smk_masks) { 1400 list_add_rcu(&new->list, &m->list); 1401 return; 1402 } 1403 } 1404 } 1405 1406 1407 /** 1408 * smk_write_net6addr - write() for /smack/netlabel 1409 * @file: file pointer, not actually used 1410 * @buf: where to get the data from 1411 * @count: bytes sent 1412 * @ppos: where to start 1413 * 1414 * Accepts only one net6addr per write call. 1415 * Returns number of bytes written or error code, as appropriate 1416 */ 1417 static ssize_t smk_write_net6addr(struct file *file, const char __user *buf, 1418 size_t count, loff_t *ppos) 1419 { 1420 struct smk_net6addr *snp; 1421 struct in6_addr newname; 1422 struct in6_addr fullmask; 1423 struct smack_known *skp = NULL; 1424 char *smack; 1425 char *data; 1426 int rc = 0; 1427 int found = 0; 1428 int i; 1429 unsigned int scanned[8]; 1430 unsigned int m; 1431 unsigned int mask = 128; 1432 1433 /* 1434 * Must have privilege. 1435 * No partial writes. 1436 * Enough data must be present. 1437 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" 1438 * "<addr, as a:b:c:d:e:f:g:h><space><label>" 1439 */ 1440 if (!smack_privileged(CAP_MAC_ADMIN)) 1441 return -EPERM; 1442 if (*ppos != 0) 1443 return -EINVAL; 1444 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1445 return -EINVAL; 1446 1447 data = memdup_user_nul(buf, count); 1448 if (IS_ERR(data)) 1449 return PTR_ERR(data); 1450 1451 smack = kzalloc(count + 1, GFP_KERNEL); 1452 if (smack == NULL) { 1453 rc = -ENOMEM; 1454 goto free_data_out; 1455 } 1456 1457 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", 1458 &scanned[0], &scanned[1], &scanned[2], &scanned[3], 1459 &scanned[4], &scanned[5], &scanned[6], &scanned[7], 1460 &mask, smack); 1461 if (i != 10) { 1462 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", 1463 &scanned[0], &scanned[1], &scanned[2], 1464 &scanned[3], &scanned[4], &scanned[5], 1465 &scanned[6], &scanned[7], smack); 1466 if (i != 9) { 1467 rc = -EINVAL; 1468 goto free_out; 1469 } 1470 } 1471 if (mask > 128) { 1472 rc = -EINVAL; 1473 goto free_out; 1474 } 1475 for (i = 0; i < 8; i++) { 1476 if (scanned[i] > 0xffff) { 1477 rc = -EINVAL; 1478 goto free_out; 1479 } 1480 newname.s6_addr16[i] = htons(scanned[i]); 1481 } 1482 1483 /* 1484 * If smack begins with '-', it is an option, don't import it 1485 */ 1486 if (smack[0] != '-') { 1487 skp = smk_import_entry(smack, 0); 1488 if (IS_ERR(skp)) { 1489 rc = PTR_ERR(skp); 1490 goto free_out; 1491 } 1492 } else { 1493 /* 1494 * Only -DELETE is supported for IPv6 1495 */ 1496 if (strcmp(smack, SMACK_DELETE_OPTION) != 0) { 1497 rc = -EINVAL; 1498 goto free_out; 1499 } 1500 } 1501 1502 for (i = 0, m = mask; i < 8; i++) { 1503 if (m >= 16) { 1504 fullmask.s6_addr16[i] = 0xffff; 1505 m -= 16; 1506 } else if (m > 0) { 1507 fullmask.s6_addr16[i] = (1 << m) - 1; 1508 m = 0; 1509 } else 1510 fullmask.s6_addr16[i] = 0; 1511 newname.s6_addr16[i] &= fullmask.s6_addr16[i]; 1512 } 1513 1514 /* 1515 * Only allow one writer at a time. Writes should be 1516 * quite rare and small in any case. 1517 */ 1518 mutex_lock(&smk_net6addr_lock); 1519 /* 1520 * Try to find the prefix in the list 1521 */ 1522 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { 1523 if (mask != snp->smk_masks) 1524 continue; 1525 for (found = 1, i = 0; i < 8; i++) { 1526 if (newname.s6_addr16[i] != 1527 snp->smk_host.s6_addr16[i]) { 1528 found = 0; 1529 break; 1530 } 1531 } 1532 if (found == 1) 1533 break; 1534 } 1535 if (found == 0) { 1536 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1537 if (snp == NULL) 1538 rc = -ENOMEM; 1539 else { 1540 snp->smk_host = newname; 1541 snp->smk_mask = fullmask; 1542 snp->smk_masks = mask; 1543 snp->smk_label = skp; 1544 smk_net6addr_insert(snp); 1545 } 1546 } else { 1547 snp->smk_label = skp; 1548 } 1549 1550 if (rc == 0) 1551 rc = count; 1552 1553 mutex_unlock(&smk_net6addr_lock); 1554 1555 free_out: 1556 kfree(smack); 1557 free_data_out: 1558 kfree(data); 1559 1560 return rc; 1561 } 1562 1563 static const struct file_operations smk_net6addr_ops = { 1564 .open = smk_open_net6addr, 1565 .read = seq_read, 1566 .llseek = seq_lseek, 1567 .write = smk_write_net6addr, 1568 .release = seq_release, 1569 }; 1570 #endif /* CONFIG_IPV6 */ 1571 1572 /** 1573 * smk_read_doi - read() for /smack/doi 1574 * @filp: file pointer, not actually used 1575 * @buf: where to put the result 1576 * @count: maximum to send along 1577 * @ppos: where to start 1578 * 1579 * Returns number of bytes read or error code, as appropriate 1580 */ 1581 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1582 size_t count, loff_t *ppos) 1583 { 1584 char temp[80]; 1585 ssize_t rc; 1586 1587 if (*ppos != 0) 1588 return 0; 1589 1590 sprintf(temp, "%d", smk_cipso_doi_value); 1591 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1592 1593 return rc; 1594 } 1595 1596 /** 1597 * smk_write_doi - write() for /smack/doi 1598 * @file: file pointer, not actually used 1599 * @buf: where to get the data from 1600 * @count: bytes sent 1601 * @ppos: where to start 1602 * 1603 * Returns number of bytes written or error code, as appropriate 1604 */ 1605 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1606 size_t count, loff_t *ppos) 1607 { 1608 char temp[80]; 1609 int i; 1610 1611 if (!smack_privileged(CAP_MAC_ADMIN)) 1612 return -EPERM; 1613 1614 if (count >= sizeof(temp) || count == 0) 1615 return -EINVAL; 1616 1617 if (copy_from_user(temp, buf, count) != 0) 1618 return -EFAULT; 1619 1620 temp[count] = '\0'; 1621 1622 if (sscanf(temp, "%d", &i) != 1) 1623 return -EINVAL; 1624 1625 smk_cipso_doi_value = i; 1626 1627 smk_cipso_doi(); 1628 1629 return count; 1630 } 1631 1632 static const struct file_operations smk_doi_ops = { 1633 .read = smk_read_doi, 1634 .write = smk_write_doi, 1635 .llseek = default_llseek, 1636 }; 1637 1638 /** 1639 * smk_read_direct - read() for /smack/direct 1640 * @filp: file pointer, not actually used 1641 * @buf: where to put the result 1642 * @count: maximum to send along 1643 * @ppos: where to start 1644 * 1645 * Returns number of bytes read or error code, as appropriate 1646 */ 1647 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1648 size_t count, loff_t *ppos) 1649 { 1650 char temp[80]; 1651 ssize_t rc; 1652 1653 if (*ppos != 0) 1654 return 0; 1655 1656 sprintf(temp, "%d", smack_cipso_direct); 1657 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1658 1659 return rc; 1660 } 1661 1662 /** 1663 * smk_write_direct - write() for /smack/direct 1664 * @file: file pointer, not actually used 1665 * @buf: where to get the data from 1666 * @count: bytes sent 1667 * @ppos: where to start 1668 * 1669 * Returns number of bytes written or error code, as appropriate 1670 */ 1671 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1672 size_t count, loff_t *ppos) 1673 { 1674 struct smack_known *skp; 1675 char temp[80]; 1676 int i; 1677 1678 if (!smack_privileged(CAP_MAC_ADMIN)) 1679 return -EPERM; 1680 1681 if (count >= sizeof(temp) || count == 0) 1682 return -EINVAL; 1683 1684 if (copy_from_user(temp, buf, count) != 0) 1685 return -EFAULT; 1686 1687 temp[count] = '\0'; 1688 1689 if (sscanf(temp, "%d", &i) != 1) 1690 return -EINVAL; 1691 1692 /* 1693 * Don't do anything if the value hasn't actually changed. 1694 * If it is changing reset the level on entries that were 1695 * set up to be direct when they were created. 1696 */ 1697 if (smack_cipso_direct != i) { 1698 mutex_lock(&smack_known_lock); 1699 list_for_each_entry_rcu(skp, &smack_known_list, list) 1700 if (skp->smk_netlabel.attr.mls.lvl == 1701 smack_cipso_direct) 1702 skp->smk_netlabel.attr.mls.lvl = i; 1703 smack_cipso_direct = i; 1704 mutex_unlock(&smack_known_lock); 1705 } 1706 1707 return count; 1708 } 1709 1710 static const struct file_operations smk_direct_ops = { 1711 .read = smk_read_direct, 1712 .write = smk_write_direct, 1713 .llseek = default_llseek, 1714 }; 1715 1716 /** 1717 * smk_read_mapped - read() for /smack/mapped 1718 * @filp: file pointer, not actually used 1719 * @buf: where to put the result 1720 * @count: maximum to send along 1721 * @ppos: where to start 1722 * 1723 * Returns number of bytes read or error code, as appropriate 1724 */ 1725 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1726 size_t count, loff_t *ppos) 1727 { 1728 char temp[80]; 1729 ssize_t rc; 1730 1731 if (*ppos != 0) 1732 return 0; 1733 1734 sprintf(temp, "%d", smack_cipso_mapped); 1735 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1736 1737 return rc; 1738 } 1739 1740 /** 1741 * smk_write_mapped - write() for /smack/mapped 1742 * @file: file pointer, not actually used 1743 * @buf: where to get the data from 1744 * @count: bytes sent 1745 * @ppos: where to start 1746 * 1747 * Returns number of bytes written or error code, as appropriate 1748 */ 1749 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1750 size_t count, loff_t *ppos) 1751 { 1752 struct smack_known *skp; 1753 char temp[80]; 1754 int i; 1755 1756 if (!smack_privileged(CAP_MAC_ADMIN)) 1757 return -EPERM; 1758 1759 if (count >= sizeof(temp) || count == 0) 1760 return -EINVAL; 1761 1762 if (copy_from_user(temp, buf, count) != 0) 1763 return -EFAULT; 1764 1765 temp[count] = '\0'; 1766 1767 if (sscanf(temp, "%d", &i) != 1) 1768 return -EINVAL; 1769 1770 /* 1771 * Don't do anything if the value hasn't actually changed. 1772 * If it is changing reset the level on entries that were 1773 * set up to be mapped when they were created. 1774 */ 1775 if (smack_cipso_mapped != i) { 1776 mutex_lock(&smack_known_lock); 1777 list_for_each_entry_rcu(skp, &smack_known_list, list) 1778 if (skp->smk_netlabel.attr.mls.lvl == 1779 smack_cipso_mapped) 1780 skp->smk_netlabel.attr.mls.lvl = i; 1781 smack_cipso_mapped = i; 1782 mutex_unlock(&smack_known_lock); 1783 } 1784 1785 return count; 1786 } 1787 1788 static const struct file_operations smk_mapped_ops = { 1789 .read = smk_read_mapped, 1790 .write = smk_write_mapped, 1791 .llseek = default_llseek, 1792 }; 1793 1794 /** 1795 * smk_read_ambient - read() for /smack/ambient 1796 * @filp: file pointer, not actually used 1797 * @buf: where to put the result 1798 * @cn: maximum to send along 1799 * @ppos: where to start 1800 * 1801 * Returns number of bytes read or error code, as appropriate 1802 */ 1803 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1804 size_t cn, loff_t *ppos) 1805 { 1806 ssize_t rc; 1807 int asize; 1808 1809 if (*ppos != 0) 1810 return 0; 1811 /* 1812 * Being careful to avoid a problem in the case where 1813 * smack_net_ambient gets changed in midstream. 1814 */ 1815 mutex_lock(&smack_ambient_lock); 1816 1817 asize = strlen(smack_net_ambient->smk_known) + 1; 1818 1819 if (cn >= asize) 1820 rc = simple_read_from_buffer(buf, cn, ppos, 1821 smack_net_ambient->smk_known, 1822 asize); 1823 else 1824 rc = -EINVAL; 1825 1826 mutex_unlock(&smack_ambient_lock); 1827 1828 return rc; 1829 } 1830 1831 /** 1832 * smk_write_ambient - write() for /smack/ambient 1833 * @file: file pointer, not actually used 1834 * @buf: where to get the data from 1835 * @count: bytes sent 1836 * @ppos: where to start 1837 * 1838 * Returns number of bytes written or error code, as appropriate 1839 */ 1840 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1841 size_t count, loff_t *ppos) 1842 { 1843 struct smack_known *skp; 1844 char *oldambient; 1845 char *data; 1846 int rc = count; 1847 1848 if (!smack_privileged(CAP_MAC_ADMIN)) 1849 return -EPERM; 1850 1851 /* Enough data must be present */ 1852 if (count == 0 || count > PAGE_SIZE) 1853 return -EINVAL; 1854 1855 data = memdup_user_nul(buf, count); 1856 if (IS_ERR(data)) 1857 return PTR_ERR(data); 1858 1859 skp = smk_import_entry(data, count); 1860 if (IS_ERR(skp)) { 1861 rc = PTR_ERR(skp); 1862 goto out; 1863 } 1864 1865 mutex_lock(&smack_ambient_lock); 1866 1867 oldambient = smack_net_ambient->smk_known; 1868 smack_net_ambient = skp; 1869 smk_unlbl_ambient(oldambient); 1870 1871 mutex_unlock(&smack_ambient_lock); 1872 1873 out: 1874 kfree(data); 1875 return rc; 1876 } 1877 1878 static const struct file_operations smk_ambient_ops = { 1879 .read = smk_read_ambient, 1880 .write = smk_write_ambient, 1881 .llseek = default_llseek, 1882 }; 1883 1884 /* 1885 * Seq_file operations for /smack/onlycap 1886 */ 1887 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos) 1888 { 1889 return smk_seq_start(s, pos, &smack_onlycap_list); 1890 } 1891 1892 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos) 1893 { 1894 return smk_seq_next(s, v, pos, &smack_onlycap_list); 1895 } 1896 1897 static int onlycap_seq_show(struct seq_file *s, void *v) 1898 { 1899 struct list_head *list = v; 1900 struct smack_known_list_elem *sklep = 1901 list_entry_rcu(list, struct smack_known_list_elem, list); 1902 1903 seq_puts(s, sklep->smk_label->smk_known); 1904 seq_putc(s, ' '); 1905 1906 return 0; 1907 } 1908 1909 static const struct seq_operations onlycap_seq_ops = { 1910 .start = onlycap_seq_start, 1911 .next = onlycap_seq_next, 1912 .show = onlycap_seq_show, 1913 .stop = smk_seq_stop, 1914 }; 1915 1916 static int smk_open_onlycap(struct inode *inode, struct file *file) 1917 { 1918 return seq_open(file, &onlycap_seq_ops); 1919 } 1920 1921 /** 1922 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way 1923 * The caller must hold appropriate mutex to prevent concurrent modifications 1924 * to the public list. 1925 * Private list is assumed to be not accessible to other threads yet. 1926 * 1927 * @public: public list 1928 * @private: private list 1929 */ 1930 static void smk_list_swap_rcu(struct list_head *public, 1931 struct list_head *private) 1932 { 1933 struct list_head *first, *last; 1934 1935 if (list_empty(public)) { 1936 list_splice_init_rcu(private, public, synchronize_rcu); 1937 } else { 1938 /* Remember public list before replacing it */ 1939 first = public->next; 1940 last = public->prev; 1941 1942 /* Publish private list in place of public in RCU-safe way */ 1943 private->prev->next = public; 1944 private->next->prev = public; 1945 rcu_assign_pointer(public->next, private->next); 1946 public->prev = private->prev; 1947 1948 synchronize_rcu(); 1949 1950 /* When all readers are done with the old public list, 1951 * attach it in place of private */ 1952 private->next = first; 1953 private->prev = last; 1954 first->prev = private; 1955 last->next = private; 1956 } 1957 } 1958 1959 /** 1960 * smk_parse_label_list - parse list of Smack labels, separated by spaces 1961 * 1962 * @data: the string to parse 1963 * @list: destination list 1964 * 1965 * Returns zero on success or error code, as appropriate 1966 */ 1967 static int smk_parse_label_list(char *data, struct list_head *list) 1968 { 1969 char *tok; 1970 struct smack_known *skp; 1971 struct smack_known_list_elem *sklep; 1972 1973 while ((tok = strsep(&data, " ")) != NULL) { 1974 if (!*tok) 1975 continue; 1976 1977 skp = smk_import_entry(tok, 0); 1978 if (IS_ERR(skp)) 1979 return PTR_ERR(skp); 1980 1981 sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); 1982 if (sklep == NULL) 1983 return -ENOMEM; 1984 1985 sklep->smk_label = skp; 1986 list_add(&sklep->list, list); 1987 } 1988 1989 return 0; 1990 } 1991 1992 /** 1993 * smk_destroy_label_list - destroy a list of smack_known_list_elem 1994 * @list: header pointer of the list to destroy 1995 */ 1996 void smk_destroy_label_list(struct list_head *list) 1997 { 1998 struct smack_known_list_elem *sklep; 1999 struct smack_known_list_elem *sklep2; 2000 2001 list_for_each_entry_safe(sklep, sklep2, list, list) 2002 kfree(sklep); 2003 2004 INIT_LIST_HEAD(list); 2005 } 2006 2007 /** 2008 * smk_write_onlycap - write() for smackfs/onlycap 2009 * @file: file pointer, not actually used 2010 * @buf: where to get the data from 2011 * @count: bytes sent 2012 * @ppos: where to start 2013 * 2014 * Returns number of bytes written or error code, as appropriate 2015 */ 2016 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 2017 size_t count, loff_t *ppos) 2018 { 2019 char *data; 2020 LIST_HEAD(list_tmp); 2021 int rc; 2022 2023 if (!smack_privileged(CAP_MAC_ADMIN)) 2024 return -EPERM; 2025 2026 if (count > PAGE_SIZE) 2027 return -EINVAL; 2028 2029 data = memdup_user_nul(buf, count); 2030 if (IS_ERR(data)) 2031 return PTR_ERR(data); 2032 2033 rc = smk_parse_label_list(data, &list_tmp); 2034 kfree(data); 2035 2036 /* 2037 * Clear the smack_onlycap on invalid label errors. This means 2038 * that we can pass a null string to unset the onlycap value. 2039 * 2040 * Importing will also reject a label beginning with '-', 2041 * so "-usecapabilities" will also work. 2042 * 2043 * But do so only on invalid label, not on system errors. 2044 * The invalid label must be first to count as clearing attempt. 2045 */ 2046 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2047 mutex_lock(&smack_onlycap_lock); 2048 smk_list_swap_rcu(&smack_onlycap_list, &list_tmp); 2049 mutex_unlock(&smack_onlycap_lock); 2050 rc = count; 2051 } 2052 2053 smk_destroy_label_list(&list_tmp); 2054 2055 return rc; 2056 } 2057 2058 static const struct file_operations smk_onlycap_ops = { 2059 .open = smk_open_onlycap, 2060 .read = seq_read, 2061 .write = smk_write_onlycap, 2062 .llseek = seq_lseek, 2063 .release = seq_release, 2064 }; 2065 2066 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2067 /** 2068 * smk_read_unconfined - read() for smackfs/unconfined 2069 * @filp: file pointer, not actually used 2070 * @buf: where to put the result 2071 * @cn: maximum to send along 2072 * @ppos: where to start 2073 * 2074 * Returns number of bytes read or error code, as appropriate 2075 */ 2076 static ssize_t smk_read_unconfined(struct file *filp, char __user *buf, 2077 size_t cn, loff_t *ppos) 2078 { 2079 char *smack = ""; 2080 ssize_t rc = -EINVAL; 2081 int asize; 2082 2083 if (*ppos != 0) 2084 return 0; 2085 2086 if (smack_unconfined != NULL) 2087 smack = smack_unconfined->smk_known; 2088 2089 asize = strlen(smack) + 1; 2090 2091 if (cn >= asize) 2092 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 2093 2094 return rc; 2095 } 2096 2097 /** 2098 * smk_write_unconfined - write() for smackfs/unconfined 2099 * @file: file pointer, not actually used 2100 * @buf: where to get the data from 2101 * @count: bytes sent 2102 * @ppos: where to start 2103 * 2104 * Returns number of bytes written or error code, as appropriate 2105 */ 2106 static ssize_t smk_write_unconfined(struct file *file, const char __user *buf, 2107 size_t count, loff_t *ppos) 2108 { 2109 char *data; 2110 struct smack_known *skp; 2111 int rc = count; 2112 2113 if (!smack_privileged(CAP_MAC_ADMIN)) 2114 return -EPERM; 2115 2116 if (count > PAGE_SIZE) 2117 return -EINVAL; 2118 2119 data = memdup_user_nul(buf, count); 2120 if (IS_ERR(data)) 2121 return PTR_ERR(data); 2122 2123 /* 2124 * Clear the smack_unconfined on invalid label errors. This means 2125 * that we can pass a null string to unset the unconfined value. 2126 * 2127 * Importing will also reject a label beginning with '-', 2128 * so "-confine" will also work. 2129 * 2130 * But do so only on invalid label, not on system errors. 2131 */ 2132 skp = smk_import_entry(data, count); 2133 if (PTR_ERR(skp) == -EINVAL) 2134 skp = NULL; 2135 else if (IS_ERR(skp)) { 2136 rc = PTR_ERR(skp); 2137 goto freeout; 2138 } 2139 2140 smack_unconfined = skp; 2141 2142 freeout: 2143 kfree(data); 2144 return rc; 2145 } 2146 2147 static const struct file_operations smk_unconfined_ops = { 2148 .read = smk_read_unconfined, 2149 .write = smk_write_unconfined, 2150 .llseek = default_llseek, 2151 }; 2152 #endif /* CONFIG_SECURITY_SMACK_BRINGUP */ 2153 2154 /** 2155 * smk_read_logging - read() for /smack/logging 2156 * @filp: file pointer, not actually used 2157 * @buf: where to put the result 2158 * @count: maximum to send along 2159 * @ppos: where to start 2160 * 2161 * Returns number of bytes read or error code, as appropriate 2162 */ 2163 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 2164 size_t count, loff_t *ppos) 2165 { 2166 char temp[32]; 2167 ssize_t rc; 2168 2169 if (*ppos != 0) 2170 return 0; 2171 2172 sprintf(temp, "%d\n", log_policy); 2173 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2174 return rc; 2175 } 2176 2177 /** 2178 * smk_write_logging - write() for /smack/logging 2179 * @file: file pointer, not actually used 2180 * @buf: where to get the data from 2181 * @count: bytes sent 2182 * @ppos: where to start 2183 * 2184 * Returns number of bytes written or error code, as appropriate 2185 */ 2186 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 2187 size_t count, loff_t *ppos) 2188 { 2189 char temp[32]; 2190 int i; 2191 2192 if (!smack_privileged(CAP_MAC_ADMIN)) 2193 return -EPERM; 2194 2195 if (count >= sizeof(temp) || count == 0) 2196 return -EINVAL; 2197 2198 if (copy_from_user(temp, buf, count) != 0) 2199 return -EFAULT; 2200 2201 temp[count] = '\0'; 2202 2203 if (sscanf(temp, "%d", &i) != 1) 2204 return -EINVAL; 2205 if (i < 0 || i > 3) 2206 return -EINVAL; 2207 log_policy = i; 2208 return count; 2209 } 2210 2211 2212 2213 static const struct file_operations smk_logging_ops = { 2214 .read = smk_read_logging, 2215 .write = smk_write_logging, 2216 .llseek = default_llseek, 2217 }; 2218 2219 /* 2220 * Seq_file read operations for /smack/load-self 2221 */ 2222 2223 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 2224 { 2225 struct task_smack *tsp = smack_cred(current_cred()); 2226 2227 return smk_seq_start(s, pos, &tsp->smk_rules); 2228 } 2229 2230 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2231 { 2232 struct task_smack *tsp = smack_cred(current_cred()); 2233 2234 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2235 } 2236 2237 static int load_self_seq_show(struct seq_file *s, void *v) 2238 { 2239 struct list_head *list = v; 2240 struct smack_rule *srp = 2241 list_entry_rcu(list, struct smack_rule, list); 2242 2243 smk_rule_show(s, srp, SMK_LABELLEN); 2244 2245 return 0; 2246 } 2247 2248 static const struct seq_operations load_self_seq_ops = { 2249 .start = load_self_seq_start, 2250 .next = load_self_seq_next, 2251 .show = load_self_seq_show, 2252 .stop = smk_seq_stop, 2253 }; 2254 2255 2256 /** 2257 * smk_open_load_self - open() for /smack/load-self2 2258 * @inode: inode structure representing file 2259 * @file: "load" file pointer 2260 * 2261 * For reading, use load_seq_* seq_file reading operations. 2262 */ 2263 static int smk_open_load_self(struct inode *inode, struct file *file) 2264 { 2265 return seq_open(file, &load_self_seq_ops); 2266 } 2267 2268 /** 2269 * smk_write_load_self - write() for /smack/load-self 2270 * @file: file pointer, not actually used 2271 * @buf: where to get the data from 2272 * @count: bytes sent 2273 * @ppos: where to start - must be 0 2274 * 2275 */ 2276 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 2277 size_t count, loff_t *ppos) 2278 { 2279 struct task_smack *tsp = smack_cred(current_cred()); 2280 2281 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2282 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 2283 } 2284 2285 static const struct file_operations smk_load_self_ops = { 2286 .open = smk_open_load_self, 2287 .read = seq_read, 2288 .llseek = seq_lseek, 2289 .write = smk_write_load_self, 2290 .release = seq_release, 2291 }; 2292 2293 /** 2294 * smk_user_access - handle access check transaction 2295 * @file: file pointer 2296 * @buf: data from user space 2297 * @count: bytes sent 2298 * @ppos: where to start - must be 0 2299 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 2300 */ 2301 static ssize_t smk_user_access(struct file *file, const char __user *buf, 2302 size_t count, loff_t *ppos, int format) 2303 { 2304 struct smack_parsed_rule rule; 2305 char *data; 2306 int res; 2307 2308 data = simple_transaction_get(file, buf, count); 2309 if (IS_ERR(data)) 2310 return PTR_ERR(data); 2311 2312 if (format == SMK_FIXED24_FMT) { 2313 if (count < SMK_LOADLEN) 2314 return -EINVAL; 2315 res = smk_parse_rule(data, &rule, 0); 2316 } else { 2317 /* 2318 * simple_transaction_get() returns null-terminated data 2319 */ 2320 res = smk_parse_long_rule(data, &rule, 0, 3); 2321 } 2322 2323 if (res >= 0) 2324 res = smk_access(rule.smk_subject, rule.smk_object, 2325 rule.smk_access1, NULL); 2326 else if (res != -ENOENT) 2327 return res; 2328 2329 /* 2330 * smk_access() can return a value > 0 in the "bringup" case. 2331 */ 2332 data[0] = res >= 0 ? '1' : '0'; 2333 data[1] = '\0'; 2334 2335 simple_transaction_set(file, 2); 2336 2337 if (format == SMK_FIXED24_FMT) 2338 return SMK_LOADLEN; 2339 return count; 2340 } 2341 2342 /** 2343 * smk_write_access - handle access check transaction 2344 * @file: file pointer 2345 * @buf: data from user space 2346 * @count: bytes sent 2347 * @ppos: where to start - must be 0 2348 */ 2349 static ssize_t smk_write_access(struct file *file, const char __user *buf, 2350 size_t count, loff_t *ppos) 2351 { 2352 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 2353 } 2354 2355 static const struct file_operations smk_access_ops = { 2356 .write = smk_write_access, 2357 .read = simple_transaction_read, 2358 .release = simple_transaction_release, 2359 .llseek = generic_file_llseek, 2360 }; 2361 2362 2363 /* 2364 * Seq_file read operations for /smack/load2 2365 */ 2366 2367 static int load2_seq_show(struct seq_file *s, void *v) 2368 { 2369 struct list_head *list = v; 2370 struct smack_rule *srp; 2371 struct smack_known *skp = 2372 list_entry_rcu(list, struct smack_known, list); 2373 2374 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 2375 smk_rule_show(s, srp, SMK_LONGLABEL); 2376 2377 return 0; 2378 } 2379 2380 static const struct seq_operations load2_seq_ops = { 2381 .start = load2_seq_start, 2382 .next = load2_seq_next, 2383 .show = load2_seq_show, 2384 .stop = smk_seq_stop, 2385 }; 2386 2387 /** 2388 * smk_open_load2 - open() for /smack/load2 2389 * @inode: inode structure representing file 2390 * @file: "load2" file pointer 2391 * 2392 * For reading, use load2_seq_* seq_file reading operations. 2393 */ 2394 static int smk_open_load2(struct inode *inode, struct file *file) 2395 { 2396 return seq_open(file, &load2_seq_ops); 2397 } 2398 2399 /** 2400 * smk_write_load2 - write() for /smack/load2 2401 * @file: file pointer, not actually used 2402 * @buf: where to get the data from 2403 * @count: bytes sent 2404 * @ppos: where to start - must be 0 2405 * 2406 */ 2407 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 2408 size_t count, loff_t *ppos) 2409 { 2410 /* 2411 * Must have privilege. 2412 */ 2413 if (!smack_privileged(CAP_MAC_ADMIN)) 2414 return -EPERM; 2415 2416 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2417 SMK_LONG_FMT); 2418 } 2419 2420 static const struct file_operations smk_load2_ops = { 2421 .open = smk_open_load2, 2422 .read = seq_read, 2423 .llseek = seq_lseek, 2424 .write = smk_write_load2, 2425 .release = seq_release, 2426 }; 2427 2428 /* 2429 * Seq_file read operations for /smack/load-self2 2430 */ 2431 2432 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 2433 { 2434 struct task_smack *tsp = smack_cred(current_cred()); 2435 2436 return smk_seq_start(s, pos, &tsp->smk_rules); 2437 } 2438 2439 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 2440 { 2441 struct task_smack *tsp = smack_cred(current_cred()); 2442 2443 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2444 } 2445 2446 static int load_self2_seq_show(struct seq_file *s, void *v) 2447 { 2448 struct list_head *list = v; 2449 struct smack_rule *srp = 2450 list_entry_rcu(list, struct smack_rule, list); 2451 2452 smk_rule_show(s, srp, SMK_LONGLABEL); 2453 2454 return 0; 2455 } 2456 2457 static const struct seq_operations load_self2_seq_ops = { 2458 .start = load_self2_seq_start, 2459 .next = load_self2_seq_next, 2460 .show = load_self2_seq_show, 2461 .stop = smk_seq_stop, 2462 }; 2463 2464 /** 2465 * smk_open_load_self2 - open() for /smack/load-self2 2466 * @inode: inode structure representing file 2467 * @file: "load" file pointer 2468 * 2469 * For reading, use load_seq_* seq_file reading operations. 2470 */ 2471 static int smk_open_load_self2(struct inode *inode, struct file *file) 2472 { 2473 return seq_open(file, &load_self2_seq_ops); 2474 } 2475 2476 /** 2477 * smk_write_load_self2 - write() for /smack/load-self2 2478 * @file: file pointer, not actually used 2479 * @buf: where to get the data from 2480 * @count: bytes sent 2481 * @ppos: where to start - must be 0 2482 * 2483 */ 2484 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2485 size_t count, loff_t *ppos) 2486 { 2487 struct task_smack *tsp = smack_cred(current_cred()); 2488 2489 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2490 &tsp->smk_rules_lock, SMK_LONG_FMT); 2491 } 2492 2493 static const struct file_operations smk_load_self2_ops = { 2494 .open = smk_open_load_self2, 2495 .read = seq_read, 2496 .llseek = seq_lseek, 2497 .write = smk_write_load_self2, 2498 .release = seq_release, 2499 }; 2500 2501 /** 2502 * smk_write_access2 - handle access check transaction 2503 * @file: file pointer 2504 * @buf: data from user space 2505 * @count: bytes sent 2506 * @ppos: where to start - must be 0 2507 */ 2508 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2509 size_t count, loff_t *ppos) 2510 { 2511 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2512 } 2513 2514 static const struct file_operations smk_access2_ops = { 2515 .write = smk_write_access2, 2516 .read = simple_transaction_read, 2517 .release = simple_transaction_release, 2518 .llseek = generic_file_llseek, 2519 }; 2520 2521 /** 2522 * smk_write_revoke_subj - write() for /smack/revoke-subject 2523 * @file: file pointer 2524 * @buf: data from user space 2525 * @count: bytes sent 2526 * @ppos: where to start - must be 0 2527 */ 2528 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2529 size_t count, loff_t *ppos) 2530 { 2531 char *data; 2532 const char *cp; 2533 struct smack_known *skp; 2534 struct smack_rule *sp; 2535 struct list_head *rule_list; 2536 struct mutex *rule_lock; 2537 int rc = count; 2538 2539 if (*ppos != 0) 2540 return -EINVAL; 2541 2542 if (!smack_privileged(CAP_MAC_ADMIN)) 2543 return -EPERM; 2544 2545 if (count == 0 || count > SMK_LONGLABEL) 2546 return -EINVAL; 2547 2548 data = memdup_user(buf, count); 2549 if (IS_ERR(data)) 2550 return PTR_ERR(data); 2551 2552 cp = smk_parse_smack(data, count); 2553 if (IS_ERR(cp)) { 2554 rc = PTR_ERR(cp); 2555 goto out_data; 2556 } 2557 2558 skp = smk_find_entry(cp); 2559 if (skp == NULL) 2560 goto out_cp; 2561 2562 rule_list = &skp->smk_rules; 2563 rule_lock = &skp->smk_rules_lock; 2564 2565 mutex_lock(rule_lock); 2566 2567 list_for_each_entry_rcu(sp, rule_list, list) 2568 sp->smk_access = 0; 2569 2570 mutex_unlock(rule_lock); 2571 2572 out_cp: 2573 kfree(cp); 2574 out_data: 2575 kfree(data); 2576 2577 return rc; 2578 } 2579 2580 static const struct file_operations smk_revoke_subj_ops = { 2581 .write = smk_write_revoke_subj, 2582 .read = simple_transaction_read, 2583 .release = simple_transaction_release, 2584 .llseek = generic_file_llseek, 2585 }; 2586 2587 /** 2588 * smk_init_sysfs - initialize /sys/fs/smackfs 2589 * 2590 */ 2591 static int smk_init_sysfs(void) 2592 { 2593 return sysfs_create_mount_point(fs_kobj, "smackfs"); 2594 } 2595 2596 /** 2597 * smk_write_change_rule - write() for /smack/change-rule 2598 * @file: file pointer 2599 * @buf: data from user space 2600 * @count: bytes sent 2601 * @ppos: where to start - must be 0 2602 */ 2603 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2604 size_t count, loff_t *ppos) 2605 { 2606 /* 2607 * Must have privilege. 2608 */ 2609 if (!smack_privileged(CAP_MAC_ADMIN)) 2610 return -EPERM; 2611 2612 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2613 SMK_CHANGE_FMT); 2614 } 2615 2616 static const struct file_operations smk_change_rule_ops = { 2617 .write = smk_write_change_rule, 2618 .read = simple_transaction_read, 2619 .release = simple_transaction_release, 2620 .llseek = generic_file_llseek, 2621 }; 2622 2623 /** 2624 * smk_read_syslog - read() for smackfs/syslog 2625 * @filp: file pointer, not actually used 2626 * @buf: where to put the result 2627 * @cn: maximum to send along 2628 * @ppos: where to start 2629 * 2630 * Returns number of bytes read or error code, as appropriate 2631 */ 2632 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2633 size_t cn, loff_t *ppos) 2634 { 2635 struct smack_known *skp; 2636 ssize_t rc = -EINVAL; 2637 int asize; 2638 2639 if (*ppos != 0) 2640 return 0; 2641 2642 if (smack_syslog_label == NULL) 2643 skp = &smack_known_star; 2644 else 2645 skp = smack_syslog_label; 2646 2647 asize = strlen(skp->smk_known) + 1; 2648 2649 if (cn >= asize) 2650 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2651 asize); 2652 2653 return rc; 2654 } 2655 2656 /** 2657 * smk_write_syslog - write() for smackfs/syslog 2658 * @file: file pointer, not actually used 2659 * @buf: where to get the data from 2660 * @count: bytes sent 2661 * @ppos: where to start 2662 * 2663 * Returns number of bytes written or error code, as appropriate 2664 */ 2665 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2666 size_t count, loff_t *ppos) 2667 { 2668 char *data; 2669 struct smack_known *skp; 2670 int rc = count; 2671 2672 if (!smack_privileged(CAP_MAC_ADMIN)) 2673 return -EPERM; 2674 2675 /* Enough data must be present */ 2676 if (count == 0 || count > PAGE_SIZE) 2677 return -EINVAL; 2678 2679 data = memdup_user_nul(buf, count); 2680 if (IS_ERR(data)) 2681 return PTR_ERR(data); 2682 2683 skp = smk_import_entry(data, count); 2684 if (IS_ERR(skp)) 2685 rc = PTR_ERR(skp); 2686 else 2687 smack_syslog_label = skp; 2688 2689 kfree(data); 2690 return rc; 2691 } 2692 2693 static const struct file_operations smk_syslog_ops = { 2694 .read = smk_read_syslog, 2695 .write = smk_write_syslog, 2696 .llseek = default_llseek, 2697 }; 2698 2699 /* 2700 * Seq_file read operations for /smack/relabel-self 2701 */ 2702 2703 static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos) 2704 { 2705 struct task_smack *tsp = smack_cred(current_cred()); 2706 2707 return smk_seq_start(s, pos, &tsp->smk_relabel); 2708 } 2709 2710 static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2711 { 2712 struct task_smack *tsp = smack_cred(current_cred()); 2713 2714 return smk_seq_next(s, v, pos, &tsp->smk_relabel); 2715 } 2716 2717 static int relabel_self_seq_show(struct seq_file *s, void *v) 2718 { 2719 struct list_head *list = v; 2720 struct smack_known_list_elem *sklep = 2721 list_entry(list, struct smack_known_list_elem, list); 2722 2723 seq_puts(s, sklep->smk_label->smk_known); 2724 seq_putc(s, ' '); 2725 2726 return 0; 2727 } 2728 2729 static const struct seq_operations relabel_self_seq_ops = { 2730 .start = relabel_self_seq_start, 2731 .next = relabel_self_seq_next, 2732 .show = relabel_self_seq_show, 2733 .stop = smk_seq_stop, 2734 }; 2735 2736 /** 2737 * smk_open_relabel_self - open() for /smack/relabel-self 2738 * @inode: inode structure representing file 2739 * @file: "relabel-self" file pointer 2740 * 2741 * Connect our relabel_self_seq_* operations with /smack/relabel-self 2742 * file_operations 2743 */ 2744 static int smk_open_relabel_self(struct inode *inode, struct file *file) 2745 { 2746 return seq_open(file, &relabel_self_seq_ops); 2747 } 2748 2749 /** 2750 * smk_write_relabel_self - write() for /smack/relabel-self 2751 * @file: file pointer, not actually used 2752 * @buf: where to get the data from 2753 * @count: bytes sent 2754 * @ppos: where to start - must be 0 2755 * 2756 */ 2757 static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf, 2758 size_t count, loff_t *ppos) 2759 { 2760 char *data; 2761 int rc; 2762 LIST_HEAD(list_tmp); 2763 2764 /* 2765 * Must have privilege. 2766 */ 2767 if (!smack_privileged(CAP_MAC_ADMIN)) 2768 return -EPERM; 2769 2770 /* 2771 * No partial write. 2772 * Enough data must be present. 2773 */ 2774 if (*ppos != 0) 2775 return -EINVAL; 2776 if (count == 0 || count > PAGE_SIZE) 2777 return -EINVAL; 2778 2779 data = memdup_user_nul(buf, count); 2780 if (IS_ERR(data)) 2781 return PTR_ERR(data); 2782 2783 rc = smk_parse_label_list(data, &list_tmp); 2784 kfree(data); 2785 2786 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2787 struct cred *new; 2788 struct task_smack *tsp; 2789 2790 new = prepare_creds(); 2791 if (!new) { 2792 rc = -ENOMEM; 2793 goto out; 2794 } 2795 tsp = smack_cred(new); 2796 smk_destroy_label_list(&tsp->smk_relabel); 2797 list_splice(&list_tmp, &tsp->smk_relabel); 2798 commit_creds(new); 2799 return count; 2800 } 2801 out: 2802 smk_destroy_label_list(&list_tmp); 2803 return rc; 2804 } 2805 2806 static const struct file_operations smk_relabel_self_ops = { 2807 .open = smk_open_relabel_self, 2808 .read = seq_read, 2809 .llseek = seq_lseek, 2810 .write = smk_write_relabel_self, 2811 .release = seq_release, 2812 }; 2813 2814 /** 2815 * smk_read_ptrace - read() for /smack/ptrace 2816 * @filp: file pointer, not actually used 2817 * @buf: where to put the result 2818 * @count: maximum to send along 2819 * @ppos: where to start 2820 * 2821 * Returns number of bytes read or error code, as appropriate 2822 */ 2823 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2824 size_t count, loff_t *ppos) 2825 { 2826 char temp[32]; 2827 ssize_t rc; 2828 2829 if (*ppos != 0) 2830 return 0; 2831 2832 sprintf(temp, "%d\n", smack_ptrace_rule); 2833 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2834 return rc; 2835 } 2836 2837 /** 2838 * smk_write_ptrace - write() for /smack/ptrace 2839 * @file: file pointer 2840 * @buf: data from user space 2841 * @count: bytes sent 2842 * @ppos: where to start - must be 0 2843 */ 2844 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2845 size_t count, loff_t *ppos) 2846 { 2847 char temp[32]; 2848 int i; 2849 2850 if (!smack_privileged(CAP_MAC_ADMIN)) 2851 return -EPERM; 2852 2853 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2854 return -EINVAL; 2855 2856 if (copy_from_user(temp, buf, count) != 0) 2857 return -EFAULT; 2858 2859 temp[count] = '\0'; 2860 2861 if (sscanf(temp, "%d", &i) != 1) 2862 return -EINVAL; 2863 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2864 return -EINVAL; 2865 smack_ptrace_rule = i; 2866 2867 return count; 2868 } 2869 2870 static const struct file_operations smk_ptrace_ops = { 2871 .write = smk_write_ptrace, 2872 .read = smk_read_ptrace, 2873 .llseek = default_llseek, 2874 }; 2875 2876 /** 2877 * smk_fill_super - fill the smackfs superblock 2878 * @sb: the empty superblock 2879 * @fc: unused 2880 * 2881 * Fill in the well known entries for the smack filesystem 2882 * 2883 * Returns 0 on success, an error code on failure 2884 */ 2885 static int smk_fill_super(struct super_block *sb, struct fs_context *fc) 2886 { 2887 int rc; 2888 2889 static const struct tree_descr smack_files[] = { 2890 [SMK_LOAD] = { 2891 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2892 [SMK_CIPSO] = { 2893 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2894 [SMK_DOI] = { 2895 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2896 [SMK_DIRECT] = { 2897 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2898 [SMK_AMBIENT] = { 2899 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2900 [SMK_NET4ADDR] = { 2901 "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR}, 2902 [SMK_ONLYCAP] = { 2903 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2904 [SMK_LOGGING] = { 2905 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2906 [SMK_LOAD_SELF] = { 2907 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2908 [SMK_ACCESSES] = { 2909 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2910 [SMK_MAPPED] = { 2911 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2912 [SMK_LOAD2] = { 2913 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2914 [SMK_LOAD_SELF2] = { 2915 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2916 [SMK_ACCESS2] = { 2917 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2918 [SMK_CIPSO2] = { 2919 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2920 [SMK_REVOKE_SUBJ] = { 2921 "revoke-subject", &smk_revoke_subj_ops, 2922 S_IRUGO|S_IWUSR}, 2923 [SMK_CHANGE_RULE] = { 2924 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2925 [SMK_SYSLOG] = { 2926 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2927 [SMK_PTRACE] = { 2928 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2929 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2930 [SMK_UNCONFINED] = { 2931 "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR}, 2932 #endif 2933 #if IS_ENABLED(CONFIG_IPV6) 2934 [SMK_NET6ADDR] = { 2935 "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR}, 2936 #endif /* CONFIG_IPV6 */ 2937 [SMK_RELABEL_SELF] = { 2938 "relabel-self", &smk_relabel_self_ops, 2939 S_IRUGO|S_IWUGO}, 2940 /* last one */ 2941 {""} 2942 }; 2943 2944 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2945 if (rc != 0) { 2946 printk(KERN_ERR "%s failed %d while creating inodes\n", 2947 __func__, rc); 2948 return rc; 2949 } 2950 2951 return 0; 2952 } 2953 2954 /** 2955 * smk_get_tree - get the smackfs superblock 2956 * @fc: The mount context, including any options 2957 * 2958 * Just passes everything along. 2959 * 2960 * Returns what the lower level code does. 2961 */ 2962 static int smk_get_tree(struct fs_context *fc) 2963 { 2964 return get_tree_single(fc, smk_fill_super); 2965 } 2966 2967 static const struct fs_context_operations smk_context_ops = { 2968 .get_tree = smk_get_tree, 2969 }; 2970 2971 /** 2972 * smk_init_fs_context - Initialise a filesystem context for smackfs 2973 * @fc: The blank mount context 2974 */ 2975 static int smk_init_fs_context(struct fs_context *fc) 2976 { 2977 fc->ops = &smk_context_ops; 2978 return 0; 2979 } 2980 2981 static struct file_system_type smk_fs_type = { 2982 .name = "smackfs", 2983 .init_fs_context = smk_init_fs_context, 2984 .kill_sb = kill_litter_super, 2985 }; 2986 2987 static struct vfsmount *smackfs_mount; 2988 2989 /** 2990 * init_smk_fs - get the smackfs superblock 2991 * 2992 * register the smackfs 2993 * 2994 * Do not register smackfs if Smack wasn't enabled 2995 * on boot. We can not put this method normally under the 2996 * smack_init() code path since the security subsystem get 2997 * initialized before the vfs caches. 2998 * 2999 * Returns true if we were not chosen on boot or if 3000 * we were chosen and filesystem registration succeeded. 3001 */ 3002 static int __init init_smk_fs(void) 3003 { 3004 int err; 3005 int rc; 3006 3007 if (smack_enabled == 0) 3008 return 0; 3009 3010 err = smk_init_sysfs(); 3011 if (err) 3012 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 3013 3014 err = register_filesystem(&smk_fs_type); 3015 if (!err) { 3016 smackfs_mount = kern_mount(&smk_fs_type); 3017 if (IS_ERR(smackfs_mount)) { 3018 printk(KERN_ERR "smackfs: could not mount!\n"); 3019 err = PTR_ERR(smackfs_mount); 3020 smackfs_mount = NULL; 3021 } 3022 } 3023 3024 smk_cipso_doi(); 3025 smk_unlbl_ambient(NULL); 3026 3027 rc = smack_populate_secattr(&smack_known_floor); 3028 if (err == 0 && rc < 0) 3029 err = rc; 3030 rc = smack_populate_secattr(&smack_known_hat); 3031 if (err == 0 && rc < 0) 3032 err = rc; 3033 rc = smack_populate_secattr(&smack_known_huh); 3034 if (err == 0 && rc < 0) 3035 err = rc; 3036 rc = smack_populate_secattr(&smack_known_star); 3037 if (err == 0 && rc < 0) 3038 err = rc; 3039 rc = smack_populate_secattr(&smack_known_web); 3040 if (err == 0 && rc < 0) 3041 err = rc; 3042 3043 return err; 3044 } 3045 3046 __initcall(init_smk_fs); 3047