1 /* 2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, version 2. 7 * 8 * Authors: 9 * Casey Schaufler <casey@schaufler-ca.com> 10 * Ahmed S. Darwish <darwish.07@gmail.com> 11 * 12 * Special thanks to the authors of selinuxfs. 13 * 14 * Karl MacMillan <kmacmillan@tresys.com> 15 * James Morris <jmorris@redhat.com> 16 * 17 */ 18 19 #include <linux/kernel.h> 20 #include <linux/vmalloc.h> 21 #include <linux/security.h> 22 #include <linux/mutex.h> 23 #include <linux/slab.h> 24 #include <net/net_namespace.h> 25 #include <net/cipso_ipv4.h> 26 #include <linux/seq_file.h> 27 #include <linux/ctype.h> 28 #include <linux/audit.h> 29 #include <linux/magic.h> 30 #include "smack.h" 31 32 /* 33 * smackfs pseudo filesystem. 34 */ 35 36 enum smk_inos { 37 SMK_ROOT_INO = 2, 38 SMK_LOAD = 3, /* load policy */ 39 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 40 SMK_DOI = 5, /* CIPSO DOI */ 41 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 42 SMK_AMBIENT = 7, /* internet ambient label */ 43 SMK_NETLBLADDR = 8, /* single label hosts */ 44 SMK_ONLYCAP = 9, /* the only "capable" label */ 45 SMK_LOGGING = 10, /* logging */ 46 SMK_LOAD_SELF = 11, /* task specific rules */ 47 SMK_ACCESSES = 12, /* access policy */ 48 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 49 SMK_LOAD2 = 14, /* load policy with long labels */ 50 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 51 SMK_ACCESS2 = 16, /* make an access check with long labels */ 52 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 53 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 54 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 55 SMK_SYSLOG = 20, /* change syslog label) */ 56 SMK_PTRACE = 21, /* set ptrace rule */ 57 }; 58 59 /* 60 * List locks 61 */ 62 static DEFINE_MUTEX(smack_cipso_lock); 63 static DEFINE_MUTEX(smack_ambient_lock); 64 static DEFINE_MUTEX(smack_syslog_lock); 65 static DEFINE_MUTEX(smk_netlbladdr_lock); 66 67 /* 68 * This is the "ambient" label for network traffic. 69 * If it isn't somehow marked, use this. 70 * It can be reset via smackfs/ambient 71 */ 72 struct smack_known *smack_net_ambient; 73 74 /* 75 * This is the level in a CIPSO header that indicates a 76 * smack label is contained directly in the category set. 77 * It can be reset via smackfs/direct 78 */ 79 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 80 81 /* 82 * This is the level in a CIPSO header that indicates a 83 * secid is contained directly in the category set. 84 * It can be reset via smackfs/mapped 85 */ 86 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 87 88 /* 89 * Unless a process is running with this label even 90 * having CAP_MAC_OVERRIDE isn't enough to grant 91 * privilege to violate MAC policy. If no label is 92 * designated (the NULL case) capabilities apply to 93 * everyone. It is expected that the hat (^) label 94 * will be used if any label is used. 95 */ 96 struct smack_known *smack_onlycap; 97 98 /* 99 * If this value is set restrict syslog use to the label specified. 100 * It can be reset via smackfs/syslog 101 */ 102 struct smack_known *smack_syslog_label; 103 104 /* 105 * Ptrace current rule 106 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 107 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 108 * CAP_SYS_PTRACE 109 * SMACK_PTRACE_DRACONIAN lables must match, CAP_SYS_PTRACE has no effect 110 */ 111 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 112 113 /* 114 * Certain IP addresses may be designated as single label hosts. 115 * Packets are sent there unlabeled, but only from tasks that 116 * can write to the specified label. 117 */ 118 119 LIST_HEAD(smk_netlbladdr_list); 120 121 /* 122 * Rule lists are maintained for each label. 123 * This master list is just for reading /smack/load and /smack/load2. 124 */ 125 struct smack_master_list { 126 struct list_head list; 127 struct smack_rule *smk_rule; 128 }; 129 130 LIST_HEAD(smack_rule_list); 131 132 struct smack_parsed_rule { 133 struct smack_known *smk_subject; 134 char *smk_object; 135 int smk_access1; 136 int smk_access2; 137 }; 138 139 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 140 141 const char *smack_cipso_option = SMACK_CIPSO_OPTION; 142 143 /* 144 * Values for parsing cipso rules 145 * SMK_DIGITLEN: Length of a digit field in a rule. 146 * SMK_CIPSOMIN: Minimum possible cipso rule length. 147 * SMK_CIPSOMAX: Maximum possible cipso rule length. 148 */ 149 #define SMK_DIGITLEN 4 150 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 151 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 152 153 /* 154 * Values for parsing MAC rules 155 * SMK_ACCESS: Maximum possible combination of access permissions 156 * SMK_ACCESSLEN: Maximum length for a rule access field 157 * SMK_LOADLEN: Smack rule length 158 */ 159 #define SMK_OACCESS "rwxa" 160 #define SMK_ACCESS "rwxatl" 161 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 162 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 163 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 164 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 165 166 /* 167 * Stricly for CIPSO level manipulation. 168 * Set the category bit number in a smack label sized buffer. 169 */ 170 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 171 { 172 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 173 return; 174 175 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 176 } 177 178 /** 179 * smk_netlabel_audit_set - fill a netlbl_audit struct 180 * @nap: structure to fill 181 */ 182 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 183 { 184 struct smack_known *skp = smk_of_current(); 185 186 nap->loginuid = audit_get_loginuid(current); 187 nap->sessionid = audit_get_sessionid(current); 188 nap->secid = skp->smk_secid; 189 } 190 191 /* 192 * Value for parsing single label host rules 193 * "1.2.3.4 X" 194 */ 195 #define SMK_NETLBLADDRMIN 9 196 197 /** 198 * smk_set_access - add a rule to the rule list or replace an old rule 199 * @srp: the rule to add or replace 200 * @rule_list: the list of rules 201 * @rule_lock: the rule list lock 202 * @global: if non-zero, indicates a global rule 203 * 204 * Looks through the current subject/object/access list for 205 * the subject/object pair and replaces the access that was 206 * there. If the pair isn't found add it with the specified 207 * access. 208 * 209 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 210 * during the allocation of the new pair to add. 211 */ 212 static int smk_set_access(struct smack_parsed_rule *srp, 213 struct list_head *rule_list, 214 struct mutex *rule_lock, int global) 215 { 216 struct smack_rule *sp; 217 struct smack_master_list *smlp; 218 int found = 0; 219 int rc = 0; 220 221 mutex_lock(rule_lock); 222 223 /* 224 * Because the object label is less likely to match 225 * than the subject label check it first 226 */ 227 list_for_each_entry_rcu(sp, rule_list, list) { 228 if (sp->smk_object == srp->smk_object && 229 sp->smk_subject == srp->smk_subject) { 230 found = 1; 231 sp->smk_access |= srp->smk_access1; 232 sp->smk_access &= ~srp->smk_access2; 233 break; 234 } 235 } 236 237 if (found == 0) { 238 sp = kzalloc(sizeof(*sp), GFP_KERNEL); 239 if (sp == NULL) { 240 rc = -ENOMEM; 241 goto out; 242 } 243 244 sp->smk_subject = srp->smk_subject; 245 sp->smk_object = srp->smk_object; 246 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 247 248 list_add_rcu(&sp->list, rule_list); 249 /* 250 * If this is a global as opposed to self and a new rule 251 * it needs to get added for reporting. 252 */ 253 if (global) { 254 smlp = kzalloc(sizeof(*smlp), GFP_KERNEL); 255 if (smlp != NULL) { 256 smlp->smk_rule = sp; 257 list_add_rcu(&smlp->list, &smack_rule_list); 258 } else 259 rc = -ENOMEM; 260 } 261 } 262 263 out: 264 mutex_unlock(rule_lock); 265 return rc; 266 } 267 268 /** 269 * smk_perm_from_str - parse smack accesses from a text string 270 * @string: a text string that contains a Smack accesses code 271 * 272 * Returns an integer with respective bits set for specified accesses. 273 */ 274 static int smk_perm_from_str(const char *string) 275 { 276 int perm = 0; 277 const char *cp; 278 279 for (cp = string; ; cp++) 280 switch (*cp) { 281 case '-': 282 break; 283 case 'r': 284 case 'R': 285 perm |= MAY_READ; 286 break; 287 case 'w': 288 case 'W': 289 perm |= MAY_WRITE; 290 break; 291 case 'x': 292 case 'X': 293 perm |= MAY_EXEC; 294 break; 295 case 'a': 296 case 'A': 297 perm |= MAY_APPEND; 298 break; 299 case 't': 300 case 'T': 301 perm |= MAY_TRANSMUTE; 302 break; 303 case 'l': 304 case 'L': 305 perm |= MAY_LOCK; 306 break; 307 default: 308 return perm; 309 } 310 } 311 312 /** 313 * smk_fill_rule - Fill Smack rule from strings 314 * @subject: subject label string 315 * @object: object label string 316 * @access1: access string 317 * @access2: string with permissions to be removed 318 * @rule: Smack rule 319 * @import: if non-zero, import labels 320 * @len: label length limit 321 * 322 * Returns 0 on success, -EINVAL on failure and -ENOENT when either subject 323 * or object is missing. 324 */ 325 static int smk_fill_rule(const char *subject, const char *object, 326 const char *access1, const char *access2, 327 struct smack_parsed_rule *rule, int import, 328 int len) 329 { 330 const char *cp; 331 struct smack_known *skp; 332 333 if (import) { 334 rule->smk_subject = smk_import_entry(subject, len); 335 if (rule->smk_subject == NULL) 336 return -EINVAL; 337 338 rule->smk_object = smk_import(object, len); 339 if (rule->smk_object == NULL) 340 return -EINVAL; 341 } else { 342 cp = smk_parse_smack(subject, len); 343 if (cp == NULL) 344 return -EINVAL; 345 skp = smk_find_entry(cp); 346 kfree(cp); 347 if (skp == NULL) 348 return -ENOENT; 349 rule->smk_subject = skp; 350 351 cp = smk_parse_smack(object, len); 352 if (cp == NULL) 353 return -EINVAL; 354 skp = smk_find_entry(cp); 355 kfree(cp); 356 if (skp == NULL) 357 return -ENOENT; 358 rule->smk_object = skp->smk_known; 359 } 360 361 rule->smk_access1 = smk_perm_from_str(access1); 362 if (access2) 363 rule->smk_access2 = smk_perm_from_str(access2); 364 else 365 rule->smk_access2 = ~rule->smk_access1; 366 367 return 0; 368 } 369 370 /** 371 * smk_parse_rule - parse Smack rule from load string 372 * @data: string to be parsed whose size is SMK_LOADLEN 373 * @rule: Smack rule 374 * @import: if non-zero, import labels 375 * 376 * Returns 0 on success, -1 on errors. 377 */ 378 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 379 int import) 380 { 381 int rc; 382 383 rc = smk_fill_rule(data, data + SMK_LABELLEN, 384 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 385 import, SMK_LABELLEN); 386 return rc; 387 } 388 389 /** 390 * smk_parse_long_rule - parse Smack rule from rule string 391 * @data: string to be parsed, null terminated 392 * @rule: Will be filled with Smack parsed rule 393 * @import: if non-zero, import labels 394 * @tokens: numer of substrings expected in data 395 * 396 * Returns number of processed bytes on success, -1 on failure. 397 */ 398 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 399 int import, int tokens) 400 { 401 ssize_t cnt = 0; 402 char *tok[4]; 403 int rc; 404 int i; 405 406 /* 407 * Parsing the rule in-place, filling all white-spaces with '\0' 408 */ 409 for (i = 0; i < tokens; ++i) { 410 while (isspace(data[cnt])) 411 data[cnt++] = '\0'; 412 413 if (data[cnt] == '\0') 414 /* Unexpected end of data */ 415 return -1; 416 417 tok[i] = data + cnt; 418 419 while (data[cnt] && !isspace(data[cnt])) 420 ++cnt; 421 } 422 while (isspace(data[cnt])) 423 data[cnt++] = '\0'; 424 425 while (i < 4) 426 tok[i++] = NULL; 427 428 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 429 return rc == 0 ? cnt : rc; 430 } 431 432 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 433 #define SMK_LONG_FMT 1 /* Variable long label format */ 434 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 435 /** 436 * smk_write_rules_list - write() for any /smack rule file 437 * @file: file pointer, not actually used 438 * @buf: where to get the data from 439 * @count: bytes sent 440 * @ppos: where to start - must be 0 441 * @rule_list: the list of rules to write to 442 * @rule_lock: lock for the rule list 443 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 444 * 445 * Get one smack access rule from above. 446 * The format for SMK_LONG_FMT is: 447 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 448 * The format for SMK_FIXED24_FMT is exactly: 449 * "subject object rwxat" 450 * The format for SMK_CHANGE_FMT is: 451 * "subject<whitespace>object<whitespace> 452 * acc_enable<whitespace>acc_disable[<whitespace>...]" 453 */ 454 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 455 size_t count, loff_t *ppos, 456 struct list_head *rule_list, 457 struct mutex *rule_lock, int format) 458 { 459 struct smack_parsed_rule rule; 460 char *data; 461 int rc; 462 int trunc = 0; 463 int tokens; 464 ssize_t cnt = 0; 465 466 /* 467 * No partial writes. 468 * Enough data must be present. 469 */ 470 if (*ppos != 0) 471 return -EINVAL; 472 473 if (format == SMK_FIXED24_FMT) { 474 /* 475 * Minor hack for backward compatibility 476 */ 477 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 478 return -EINVAL; 479 } else { 480 if (count >= PAGE_SIZE) { 481 count = PAGE_SIZE - 1; 482 trunc = 1; 483 } 484 } 485 486 data = kmalloc(count + 1, GFP_KERNEL); 487 if (data == NULL) 488 return -ENOMEM; 489 490 if (copy_from_user(data, buf, count) != 0) { 491 rc = -EFAULT; 492 goto out; 493 } 494 495 /* 496 * In case of parsing only part of user buf, 497 * avoid having partial rule at the data buffer 498 */ 499 if (trunc) { 500 while (count > 0 && (data[count - 1] != '\n')) 501 --count; 502 if (count == 0) { 503 rc = -EINVAL; 504 goto out; 505 } 506 } 507 508 data[count] = '\0'; 509 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 510 while (cnt < count) { 511 if (format == SMK_FIXED24_FMT) { 512 rc = smk_parse_rule(data, &rule, 1); 513 if (rc != 0) { 514 rc = -EINVAL; 515 goto out; 516 } 517 cnt = count; 518 } else { 519 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 520 if (rc <= 0) { 521 rc = -EINVAL; 522 goto out; 523 } 524 cnt += rc; 525 } 526 527 if (rule_list == NULL) 528 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 529 &rule.smk_subject->smk_rules_lock, 1); 530 else 531 rc = smk_set_access(&rule, rule_list, rule_lock, 0); 532 533 if (rc) 534 goto out; 535 } 536 537 rc = cnt; 538 out: 539 kfree(data); 540 return rc; 541 } 542 543 /* 544 * Core logic for smackfs seq list operations. 545 */ 546 547 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 548 struct list_head *head) 549 { 550 struct list_head *list; 551 552 /* 553 * This is 0 the first time through. 554 */ 555 if (s->index == 0) 556 s->private = head; 557 558 if (s->private == NULL) 559 return NULL; 560 561 list = s->private; 562 if (list_empty(list)) 563 return NULL; 564 565 if (s->index == 0) 566 return list->next; 567 return list; 568 } 569 570 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 571 struct list_head *head) 572 { 573 struct list_head *list = v; 574 575 if (list_is_last(list, head)) { 576 s->private = NULL; 577 return NULL; 578 } 579 s->private = list->next; 580 return list->next; 581 } 582 583 static void smk_seq_stop(struct seq_file *s, void *v) 584 { 585 /* No-op */ 586 } 587 588 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 589 { 590 /* 591 * Don't show any rules with label names too long for 592 * interface file (/smack/load or /smack/load2) 593 * because you should expect to be able to write 594 * anything you read back. 595 */ 596 if (strlen(srp->smk_subject->smk_known) >= max || 597 strlen(srp->smk_object) >= max) 598 return; 599 600 if (srp->smk_access == 0) 601 return; 602 603 seq_printf(s, "%s %s", srp->smk_subject->smk_known, srp->smk_object); 604 605 seq_putc(s, ' '); 606 607 if (srp->smk_access & MAY_READ) 608 seq_putc(s, 'r'); 609 if (srp->smk_access & MAY_WRITE) 610 seq_putc(s, 'w'); 611 if (srp->smk_access & MAY_EXEC) 612 seq_putc(s, 'x'); 613 if (srp->smk_access & MAY_APPEND) 614 seq_putc(s, 'a'); 615 if (srp->smk_access & MAY_TRANSMUTE) 616 seq_putc(s, 't'); 617 if (srp->smk_access & MAY_LOCK) 618 seq_putc(s, 'l'); 619 620 seq_putc(s, '\n'); 621 } 622 623 /* 624 * Seq_file read operations for /smack/load 625 */ 626 627 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 628 { 629 return smk_seq_start(s, pos, &smack_rule_list); 630 } 631 632 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 633 { 634 return smk_seq_next(s, v, pos, &smack_rule_list); 635 } 636 637 static int load_seq_show(struct seq_file *s, void *v) 638 { 639 struct list_head *list = v; 640 struct smack_master_list *smlp = 641 list_entry(list, struct smack_master_list, list); 642 643 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN); 644 645 return 0; 646 } 647 648 static const struct seq_operations load_seq_ops = { 649 .start = load2_seq_start, 650 .next = load2_seq_next, 651 .show = load_seq_show, 652 .stop = smk_seq_stop, 653 }; 654 655 /** 656 * smk_open_load - open() for /smack/load 657 * @inode: inode structure representing file 658 * @file: "load" file pointer 659 * 660 * For reading, use load_seq_* seq_file reading operations. 661 */ 662 static int smk_open_load(struct inode *inode, struct file *file) 663 { 664 return seq_open(file, &load_seq_ops); 665 } 666 667 /** 668 * smk_write_load - write() for /smack/load 669 * @file: file pointer, not actually used 670 * @buf: where to get the data from 671 * @count: bytes sent 672 * @ppos: where to start - must be 0 673 * 674 */ 675 static ssize_t smk_write_load(struct file *file, const char __user *buf, 676 size_t count, loff_t *ppos) 677 { 678 /* 679 * Must have privilege. 680 * No partial writes. 681 * Enough data must be present. 682 */ 683 if (!smack_privileged(CAP_MAC_ADMIN)) 684 return -EPERM; 685 686 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 687 SMK_FIXED24_FMT); 688 } 689 690 static const struct file_operations smk_load_ops = { 691 .open = smk_open_load, 692 .read = seq_read, 693 .llseek = seq_lseek, 694 .write = smk_write_load, 695 .release = seq_release, 696 }; 697 698 /** 699 * smk_cipso_doi - initialize the CIPSO domain 700 */ 701 static void smk_cipso_doi(void) 702 { 703 int rc; 704 struct cipso_v4_doi *doip; 705 struct netlbl_audit nai; 706 707 smk_netlabel_audit_set(&nai); 708 709 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 710 if (rc != 0) 711 printk(KERN_WARNING "%s:%d remove rc = %d\n", 712 __func__, __LINE__, rc); 713 714 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL); 715 if (doip == NULL) 716 panic("smack: Failed to initialize cipso DOI.\n"); 717 doip->map.std = NULL; 718 doip->doi = smk_cipso_doi_value; 719 doip->type = CIPSO_V4_MAP_PASS; 720 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 721 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 722 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 723 724 rc = netlbl_cfg_cipsov4_add(doip, &nai); 725 if (rc != 0) { 726 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 727 __func__, __LINE__, rc); 728 kfree(doip); 729 return; 730 } 731 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 732 if (rc != 0) { 733 printk(KERN_WARNING "%s:%d map add rc = %d\n", 734 __func__, __LINE__, rc); 735 kfree(doip); 736 return; 737 } 738 } 739 740 /** 741 * smk_unlbl_ambient - initialize the unlabeled domain 742 * @oldambient: previous domain string 743 */ 744 static void smk_unlbl_ambient(char *oldambient) 745 { 746 int rc; 747 struct netlbl_audit nai; 748 749 smk_netlabel_audit_set(&nai); 750 751 if (oldambient != NULL) { 752 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 753 if (rc != 0) 754 printk(KERN_WARNING "%s:%d remove rc = %d\n", 755 __func__, __LINE__, rc); 756 } 757 if (smack_net_ambient == NULL) 758 smack_net_ambient = &smack_known_floor; 759 760 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 761 NULL, NULL, &nai); 762 if (rc != 0) 763 printk(KERN_WARNING "%s:%d add rc = %d\n", 764 __func__, __LINE__, rc); 765 } 766 767 /* 768 * Seq_file read operations for /smack/cipso 769 */ 770 771 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 772 { 773 return smk_seq_start(s, pos, &smack_known_list); 774 } 775 776 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 777 { 778 return smk_seq_next(s, v, pos, &smack_known_list); 779 } 780 781 /* 782 * Print cipso labels in format: 783 * label level[/cat[,cat]] 784 */ 785 static int cipso_seq_show(struct seq_file *s, void *v) 786 { 787 struct list_head *list = v; 788 struct smack_known *skp = 789 list_entry(list, struct smack_known, list); 790 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 791 char sep = '/'; 792 int i; 793 794 /* 795 * Don't show a label that could not have been set using 796 * /smack/cipso. This is in support of the notion that 797 * anything read from /smack/cipso ought to be writeable 798 * to /smack/cipso. 799 * 800 * /smack/cipso2 should be used instead. 801 */ 802 if (strlen(skp->smk_known) >= SMK_LABELLEN) 803 return 0; 804 805 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 806 807 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0; 808 i = netlbl_secattr_catmap_walk(cmp, i + 1)) { 809 seq_printf(s, "%c%d", sep, i); 810 sep = ','; 811 } 812 813 seq_putc(s, '\n'); 814 815 return 0; 816 } 817 818 static const struct seq_operations cipso_seq_ops = { 819 .start = cipso_seq_start, 820 .next = cipso_seq_next, 821 .show = cipso_seq_show, 822 .stop = smk_seq_stop, 823 }; 824 825 /** 826 * smk_open_cipso - open() for /smack/cipso 827 * @inode: inode structure representing file 828 * @file: "cipso" file pointer 829 * 830 * Connect our cipso_seq_* operations with /smack/cipso 831 * file_operations 832 */ 833 static int smk_open_cipso(struct inode *inode, struct file *file) 834 { 835 return seq_open(file, &cipso_seq_ops); 836 } 837 838 /** 839 * smk_set_cipso - do the work for write() for cipso and cipso2 840 * @file: file pointer, not actually used 841 * @buf: where to get the data from 842 * @count: bytes sent 843 * @ppos: where to start 844 * @format: /smack/cipso or /smack/cipso2 845 * 846 * Accepts only one cipso rule per write call. 847 * Returns number of bytes written or error code, as appropriate 848 */ 849 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 850 size_t count, loff_t *ppos, int format) 851 { 852 struct smack_known *skp; 853 struct netlbl_lsm_secattr ncats; 854 char mapcatset[SMK_CIPSOLEN]; 855 int maplevel; 856 unsigned int cat; 857 int catlen; 858 ssize_t rc = -EINVAL; 859 char *data = NULL; 860 char *rule; 861 int ret; 862 int i; 863 864 /* 865 * Must have privilege. 866 * No partial writes. 867 * Enough data must be present. 868 */ 869 if (!smack_privileged(CAP_MAC_ADMIN)) 870 return -EPERM; 871 if (*ppos != 0) 872 return -EINVAL; 873 if (format == SMK_FIXED24_FMT && 874 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 875 return -EINVAL; 876 877 data = kzalloc(count + 1, GFP_KERNEL); 878 if (data == NULL) 879 return -ENOMEM; 880 881 if (copy_from_user(data, buf, count) != 0) { 882 rc = -EFAULT; 883 goto unlockedout; 884 } 885 886 data[count] = '\0'; 887 rule = data; 888 /* 889 * Only allow one writer at a time. Writes should be 890 * quite rare and small in any case. 891 */ 892 mutex_lock(&smack_cipso_lock); 893 894 skp = smk_import_entry(rule, 0); 895 if (skp == NULL) 896 goto out; 897 898 if (format == SMK_FIXED24_FMT) 899 rule += SMK_LABELLEN; 900 else 901 rule += strlen(skp->smk_known) + 1; 902 903 ret = sscanf(rule, "%d", &maplevel); 904 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL) 905 goto out; 906 907 rule += SMK_DIGITLEN; 908 ret = sscanf(rule, "%d", &catlen); 909 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM) 910 goto out; 911 912 if (format == SMK_FIXED24_FMT && 913 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 914 goto out; 915 916 memset(mapcatset, 0, sizeof(mapcatset)); 917 918 for (i = 0; i < catlen; i++) { 919 rule += SMK_DIGITLEN; 920 ret = sscanf(rule, "%u", &cat); 921 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 922 goto out; 923 924 smack_catset_bit(cat, mapcatset); 925 } 926 927 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 928 if (rc >= 0) { 929 netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat); 930 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat; 931 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 932 rc = count; 933 } 934 935 out: 936 mutex_unlock(&smack_cipso_lock); 937 unlockedout: 938 kfree(data); 939 return rc; 940 } 941 942 /** 943 * smk_write_cipso - write() for /smack/cipso 944 * @file: file pointer, not actually used 945 * @buf: where to get the data from 946 * @count: bytes sent 947 * @ppos: where to start 948 * 949 * Accepts only one cipso rule per write call. 950 * Returns number of bytes written or error code, as appropriate 951 */ 952 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 953 size_t count, loff_t *ppos) 954 { 955 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 956 } 957 958 static const struct file_operations smk_cipso_ops = { 959 .open = smk_open_cipso, 960 .read = seq_read, 961 .llseek = seq_lseek, 962 .write = smk_write_cipso, 963 .release = seq_release, 964 }; 965 966 /* 967 * Seq_file read operations for /smack/cipso2 968 */ 969 970 /* 971 * Print cipso labels in format: 972 * label level[/cat[,cat]] 973 */ 974 static int cipso2_seq_show(struct seq_file *s, void *v) 975 { 976 struct list_head *list = v; 977 struct smack_known *skp = 978 list_entry(list, struct smack_known, list); 979 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 980 char sep = '/'; 981 int i; 982 983 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 984 985 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0; 986 i = netlbl_secattr_catmap_walk(cmp, i + 1)) { 987 seq_printf(s, "%c%d", sep, i); 988 sep = ','; 989 } 990 991 seq_putc(s, '\n'); 992 993 return 0; 994 } 995 996 static const struct seq_operations cipso2_seq_ops = { 997 .start = cipso_seq_start, 998 .next = cipso_seq_next, 999 .show = cipso2_seq_show, 1000 .stop = smk_seq_stop, 1001 }; 1002 1003 /** 1004 * smk_open_cipso2 - open() for /smack/cipso2 1005 * @inode: inode structure representing file 1006 * @file: "cipso2" file pointer 1007 * 1008 * Connect our cipso_seq_* operations with /smack/cipso2 1009 * file_operations 1010 */ 1011 static int smk_open_cipso2(struct inode *inode, struct file *file) 1012 { 1013 return seq_open(file, &cipso2_seq_ops); 1014 } 1015 1016 /** 1017 * smk_write_cipso2 - write() for /smack/cipso2 1018 * @file: file pointer, not actually used 1019 * @buf: where to get the data from 1020 * @count: bytes sent 1021 * @ppos: where to start 1022 * 1023 * Accepts only one cipso rule per write call. 1024 * Returns number of bytes written or error code, as appropriate 1025 */ 1026 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1027 size_t count, loff_t *ppos) 1028 { 1029 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1030 } 1031 1032 static const struct file_operations smk_cipso2_ops = { 1033 .open = smk_open_cipso2, 1034 .read = seq_read, 1035 .llseek = seq_lseek, 1036 .write = smk_write_cipso2, 1037 .release = seq_release, 1038 }; 1039 1040 /* 1041 * Seq_file read operations for /smack/netlabel 1042 */ 1043 1044 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos) 1045 { 1046 return smk_seq_start(s, pos, &smk_netlbladdr_list); 1047 } 1048 1049 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1050 { 1051 return smk_seq_next(s, v, pos, &smk_netlbladdr_list); 1052 } 1053 #define BEBITS (sizeof(__be32) * 8) 1054 1055 /* 1056 * Print host/label pairs 1057 */ 1058 static int netlbladdr_seq_show(struct seq_file *s, void *v) 1059 { 1060 struct list_head *list = v; 1061 struct smk_netlbladdr *skp = 1062 list_entry(list, struct smk_netlbladdr, list); 1063 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr; 1064 int maskn; 1065 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr); 1066 1067 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++); 1068 1069 seq_printf(s, "%u.%u.%u.%u/%d %s\n", 1070 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label); 1071 1072 return 0; 1073 } 1074 1075 static const struct seq_operations netlbladdr_seq_ops = { 1076 .start = netlbladdr_seq_start, 1077 .next = netlbladdr_seq_next, 1078 .show = netlbladdr_seq_show, 1079 .stop = smk_seq_stop, 1080 }; 1081 1082 /** 1083 * smk_open_netlbladdr - open() for /smack/netlabel 1084 * @inode: inode structure representing file 1085 * @file: "netlabel" file pointer 1086 * 1087 * Connect our netlbladdr_seq_* operations with /smack/netlabel 1088 * file_operations 1089 */ 1090 static int smk_open_netlbladdr(struct inode *inode, struct file *file) 1091 { 1092 return seq_open(file, &netlbladdr_seq_ops); 1093 } 1094 1095 /** 1096 * smk_netlbladdr_insert 1097 * @new : netlabel to insert 1098 * 1099 * This helper insert netlabel in the smack_netlbladdrs list 1100 * sorted by netmask length (longest to smallest) 1101 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr 1102 * 1103 */ 1104 static void smk_netlbladdr_insert(struct smk_netlbladdr *new) 1105 { 1106 struct smk_netlbladdr *m, *m_next; 1107 1108 if (list_empty(&smk_netlbladdr_list)) { 1109 list_add_rcu(&new->list, &smk_netlbladdr_list); 1110 return; 1111 } 1112 1113 m = list_entry_rcu(smk_netlbladdr_list.next, 1114 struct smk_netlbladdr, list); 1115 1116 /* the comparison '>' is a bit hacky, but works */ 1117 if (new->smk_mask.s_addr > m->smk_mask.s_addr) { 1118 list_add_rcu(&new->list, &smk_netlbladdr_list); 1119 return; 1120 } 1121 1122 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) { 1123 if (list_is_last(&m->list, &smk_netlbladdr_list)) { 1124 list_add_rcu(&new->list, &m->list); 1125 return; 1126 } 1127 m_next = list_entry_rcu(m->list.next, 1128 struct smk_netlbladdr, list); 1129 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) { 1130 list_add_rcu(&new->list, &m->list); 1131 return; 1132 } 1133 } 1134 } 1135 1136 1137 /** 1138 * smk_write_netlbladdr - write() for /smack/netlabel 1139 * @file: file pointer, not actually used 1140 * @buf: where to get the data from 1141 * @count: bytes sent 1142 * @ppos: where to start 1143 * 1144 * Accepts only one netlbladdr per write call. 1145 * Returns number of bytes written or error code, as appropriate 1146 */ 1147 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf, 1148 size_t count, loff_t *ppos) 1149 { 1150 struct smk_netlbladdr *skp; 1151 struct sockaddr_in newname; 1152 char *smack; 1153 char *sp; 1154 char *data; 1155 char *host = (char *)&newname.sin_addr.s_addr; 1156 int rc; 1157 struct netlbl_audit audit_info; 1158 struct in_addr mask; 1159 unsigned int m; 1160 int found; 1161 u32 mask_bits = (1<<31); 1162 __be32 nsa; 1163 u32 temp_mask; 1164 1165 /* 1166 * Must have privilege. 1167 * No partial writes. 1168 * Enough data must be present. 1169 * "<addr/mask, as a.b.c.d/e><space><label>" 1170 * "<addr, as a.b.c.d><space><label>" 1171 */ 1172 if (!smack_privileged(CAP_MAC_ADMIN)) 1173 return -EPERM; 1174 if (*ppos != 0) 1175 return -EINVAL; 1176 if (count < SMK_NETLBLADDRMIN) 1177 return -EINVAL; 1178 1179 data = kzalloc(count + 1, GFP_KERNEL); 1180 if (data == NULL) 1181 return -ENOMEM; 1182 1183 if (copy_from_user(data, buf, count) != 0) { 1184 rc = -EFAULT; 1185 goto free_data_out; 1186 } 1187 1188 smack = kzalloc(count + 1, GFP_KERNEL); 1189 if (smack == NULL) { 1190 rc = -ENOMEM; 1191 goto free_data_out; 1192 } 1193 1194 data[count] = '\0'; 1195 1196 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1197 &host[0], &host[1], &host[2], &host[3], &m, smack); 1198 if (rc != 6) { 1199 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1200 &host[0], &host[1], &host[2], &host[3], smack); 1201 if (rc != 5) { 1202 rc = -EINVAL; 1203 goto free_out; 1204 } 1205 m = BEBITS; 1206 } 1207 if (m > BEBITS) { 1208 rc = -EINVAL; 1209 goto free_out; 1210 } 1211 1212 /* 1213 * If smack begins with '-', it is an option, don't import it 1214 */ 1215 if (smack[0] != '-') { 1216 sp = smk_import(smack, 0); 1217 if (sp == NULL) { 1218 rc = -EINVAL; 1219 goto free_out; 1220 } 1221 } else { 1222 /* check known options */ 1223 if (strcmp(smack, smack_cipso_option) == 0) 1224 sp = (char *)smack_cipso_option; 1225 else { 1226 rc = -EINVAL; 1227 goto free_out; 1228 } 1229 } 1230 1231 for (temp_mask = 0; m > 0; m--) { 1232 temp_mask |= mask_bits; 1233 mask_bits >>= 1; 1234 } 1235 mask.s_addr = cpu_to_be32(temp_mask); 1236 1237 newname.sin_addr.s_addr &= mask.s_addr; 1238 /* 1239 * Only allow one writer at a time. Writes should be 1240 * quite rare and small in any case. 1241 */ 1242 mutex_lock(&smk_netlbladdr_lock); 1243 1244 nsa = newname.sin_addr.s_addr; 1245 /* try to find if the prefix is already in the list */ 1246 found = 0; 1247 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) { 1248 if (skp->smk_host.sin_addr.s_addr == nsa && 1249 skp->smk_mask.s_addr == mask.s_addr) { 1250 found = 1; 1251 break; 1252 } 1253 } 1254 smk_netlabel_audit_set(&audit_info); 1255 1256 if (found == 0) { 1257 skp = kzalloc(sizeof(*skp), GFP_KERNEL); 1258 if (skp == NULL) 1259 rc = -ENOMEM; 1260 else { 1261 rc = 0; 1262 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr; 1263 skp->smk_mask.s_addr = mask.s_addr; 1264 skp->smk_label = sp; 1265 smk_netlbladdr_insert(skp); 1266 } 1267 } else { 1268 /* we delete the unlabeled entry, only if the previous label 1269 * wasn't the special CIPSO option */ 1270 if (skp->smk_label != smack_cipso_option) 1271 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1272 &skp->smk_host.sin_addr, &skp->smk_mask, 1273 PF_INET, &audit_info); 1274 else 1275 rc = 0; 1276 skp->smk_label = sp; 1277 } 1278 1279 /* 1280 * Now tell netlabel about the single label nature of 1281 * this host so that incoming packets get labeled. 1282 * but only if we didn't get the special CIPSO option 1283 */ 1284 if (rc == 0 && sp != smack_cipso_option) 1285 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1286 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET, 1287 smack_to_secid(skp->smk_label), &audit_info); 1288 1289 if (rc == 0) 1290 rc = count; 1291 1292 mutex_unlock(&smk_netlbladdr_lock); 1293 1294 free_out: 1295 kfree(smack); 1296 free_data_out: 1297 kfree(data); 1298 1299 return rc; 1300 } 1301 1302 static const struct file_operations smk_netlbladdr_ops = { 1303 .open = smk_open_netlbladdr, 1304 .read = seq_read, 1305 .llseek = seq_lseek, 1306 .write = smk_write_netlbladdr, 1307 .release = seq_release, 1308 }; 1309 1310 /** 1311 * smk_read_doi - read() for /smack/doi 1312 * @filp: file pointer, not actually used 1313 * @buf: where to put the result 1314 * @count: maximum to send along 1315 * @ppos: where to start 1316 * 1317 * Returns number of bytes read or error code, as appropriate 1318 */ 1319 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1320 size_t count, loff_t *ppos) 1321 { 1322 char temp[80]; 1323 ssize_t rc; 1324 1325 if (*ppos != 0) 1326 return 0; 1327 1328 sprintf(temp, "%d", smk_cipso_doi_value); 1329 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1330 1331 return rc; 1332 } 1333 1334 /** 1335 * smk_write_doi - write() for /smack/doi 1336 * @file: file pointer, not actually used 1337 * @buf: where to get the data from 1338 * @count: bytes sent 1339 * @ppos: where to start 1340 * 1341 * Returns number of bytes written or error code, as appropriate 1342 */ 1343 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1344 size_t count, loff_t *ppos) 1345 { 1346 char temp[80]; 1347 int i; 1348 1349 if (!smack_privileged(CAP_MAC_ADMIN)) 1350 return -EPERM; 1351 1352 if (count >= sizeof(temp) || count == 0) 1353 return -EINVAL; 1354 1355 if (copy_from_user(temp, buf, count) != 0) 1356 return -EFAULT; 1357 1358 temp[count] = '\0'; 1359 1360 if (sscanf(temp, "%d", &i) != 1) 1361 return -EINVAL; 1362 1363 smk_cipso_doi_value = i; 1364 1365 smk_cipso_doi(); 1366 1367 return count; 1368 } 1369 1370 static const struct file_operations smk_doi_ops = { 1371 .read = smk_read_doi, 1372 .write = smk_write_doi, 1373 .llseek = default_llseek, 1374 }; 1375 1376 /** 1377 * smk_read_direct - read() for /smack/direct 1378 * @filp: file pointer, not actually used 1379 * @buf: where to put the result 1380 * @count: maximum to send along 1381 * @ppos: where to start 1382 * 1383 * Returns number of bytes read or error code, as appropriate 1384 */ 1385 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1386 size_t count, loff_t *ppos) 1387 { 1388 char temp[80]; 1389 ssize_t rc; 1390 1391 if (*ppos != 0) 1392 return 0; 1393 1394 sprintf(temp, "%d", smack_cipso_direct); 1395 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1396 1397 return rc; 1398 } 1399 1400 /** 1401 * smk_write_direct - write() for /smack/direct 1402 * @file: file pointer, not actually used 1403 * @buf: where to get the data from 1404 * @count: bytes sent 1405 * @ppos: where to start 1406 * 1407 * Returns number of bytes written or error code, as appropriate 1408 */ 1409 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1410 size_t count, loff_t *ppos) 1411 { 1412 struct smack_known *skp; 1413 char temp[80]; 1414 int i; 1415 1416 if (!smack_privileged(CAP_MAC_ADMIN)) 1417 return -EPERM; 1418 1419 if (count >= sizeof(temp) || count == 0) 1420 return -EINVAL; 1421 1422 if (copy_from_user(temp, buf, count) != 0) 1423 return -EFAULT; 1424 1425 temp[count] = '\0'; 1426 1427 if (sscanf(temp, "%d", &i) != 1) 1428 return -EINVAL; 1429 1430 /* 1431 * Don't do anything if the value hasn't actually changed. 1432 * If it is changing reset the level on entries that were 1433 * set up to be direct when they were created. 1434 */ 1435 if (smack_cipso_direct != i) { 1436 mutex_lock(&smack_known_lock); 1437 list_for_each_entry_rcu(skp, &smack_known_list, list) 1438 if (skp->smk_netlabel.attr.mls.lvl == 1439 smack_cipso_direct) 1440 skp->smk_netlabel.attr.mls.lvl = i; 1441 smack_cipso_direct = i; 1442 mutex_unlock(&smack_known_lock); 1443 } 1444 1445 return count; 1446 } 1447 1448 static const struct file_operations smk_direct_ops = { 1449 .read = smk_read_direct, 1450 .write = smk_write_direct, 1451 .llseek = default_llseek, 1452 }; 1453 1454 /** 1455 * smk_read_mapped - read() for /smack/mapped 1456 * @filp: file pointer, not actually used 1457 * @buf: where to put the result 1458 * @count: maximum to send along 1459 * @ppos: where to start 1460 * 1461 * Returns number of bytes read or error code, as appropriate 1462 */ 1463 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1464 size_t count, loff_t *ppos) 1465 { 1466 char temp[80]; 1467 ssize_t rc; 1468 1469 if (*ppos != 0) 1470 return 0; 1471 1472 sprintf(temp, "%d", smack_cipso_mapped); 1473 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1474 1475 return rc; 1476 } 1477 1478 /** 1479 * smk_write_mapped - write() for /smack/mapped 1480 * @file: file pointer, not actually used 1481 * @buf: where to get the data from 1482 * @count: bytes sent 1483 * @ppos: where to start 1484 * 1485 * Returns number of bytes written or error code, as appropriate 1486 */ 1487 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1488 size_t count, loff_t *ppos) 1489 { 1490 struct smack_known *skp; 1491 char temp[80]; 1492 int i; 1493 1494 if (!smack_privileged(CAP_MAC_ADMIN)) 1495 return -EPERM; 1496 1497 if (count >= sizeof(temp) || count == 0) 1498 return -EINVAL; 1499 1500 if (copy_from_user(temp, buf, count) != 0) 1501 return -EFAULT; 1502 1503 temp[count] = '\0'; 1504 1505 if (sscanf(temp, "%d", &i) != 1) 1506 return -EINVAL; 1507 1508 /* 1509 * Don't do anything if the value hasn't actually changed. 1510 * If it is changing reset the level on entries that were 1511 * set up to be mapped when they were created. 1512 */ 1513 if (smack_cipso_mapped != i) { 1514 mutex_lock(&smack_known_lock); 1515 list_for_each_entry_rcu(skp, &smack_known_list, list) 1516 if (skp->smk_netlabel.attr.mls.lvl == 1517 smack_cipso_mapped) 1518 skp->smk_netlabel.attr.mls.lvl = i; 1519 smack_cipso_mapped = i; 1520 mutex_unlock(&smack_known_lock); 1521 } 1522 1523 return count; 1524 } 1525 1526 static const struct file_operations smk_mapped_ops = { 1527 .read = smk_read_mapped, 1528 .write = smk_write_mapped, 1529 .llseek = default_llseek, 1530 }; 1531 1532 /** 1533 * smk_read_ambient - read() for /smack/ambient 1534 * @filp: file pointer, not actually used 1535 * @buf: where to put the result 1536 * @cn: maximum to send along 1537 * @ppos: where to start 1538 * 1539 * Returns number of bytes read or error code, as appropriate 1540 */ 1541 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1542 size_t cn, loff_t *ppos) 1543 { 1544 ssize_t rc; 1545 int asize; 1546 1547 if (*ppos != 0) 1548 return 0; 1549 /* 1550 * Being careful to avoid a problem in the case where 1551 * smack_net_ambient gets changed in midstream. 1552 */ 1553 mutex_lock(&smack_ambient_lock); 1554 1555 asize = strlen(smack_net_ambient->smk_known) + 1; 1556 1557 if (cn >= asize) 1558 rc = simple_read_from_buffer(buf, cn, ppos, 1559 smack_net_ambient->smk_known, 1560 asize); 1561 else 1562 rc = -EINVAL; 1563 1564 mutex_unlock(&smack_ambient_lock); 1565 1566 return rc; 1567 } 1568 1569 /** 1570 * smk_write_ambient - write() for /smack/ambient 1571 * @file: file pointer, not actually used 1572 * @buf: where to get the data from 1573 * @count: bytes sent 1574 * @ppos: where to start 1575 * 1576 * Returns number of bytes written or error code, as appropriate 1577 */ 1578 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1579 size_t count, loff_t *ppos) 1580 { 1581 struct smack_known *skp; 1582 char *oldambient; 1583 char *data; 1584 int rc = count; 1585 1586 if (!smack_privileged(CAP_MAC_ADMIN)) 1587 return -EPERM; 1588 1589 data = kzalloc(count + 1, GFP_KERNEL); 1590 if (data == NULL) 1591 return -ENOMEM; 1592 1593 if (copy_from_user(data, buf, count) != 0) { 1594 rc = -EFAULT; 1595 goto out; 1596 } 1597 1598 skp = smk_import_entry(data, count); 1599 if (skp == NULL) { 1600 rc = -EINVAL; 1601 goto out; 1602 } 1603 1604 mutex_lock(&smack_ambient_lock); 1605 1606 oldambient = smack_net_ambient->smk_known; 1607 smack_net_ambient = skp; 1608 smk_unlbl_ambient(oldambient); 1609 1610 mutex_unlock(&smack_ambient_lock); 1611 1612 out: 1613 kfree(data); 1614 return rc; 1615 } 1616 1617 static const struct file_operations smk_ambient_ops = { 1618 .read = smk_read_ambient, 1619 .write = smk_write_ambient, 1620 .llseek = default_llseek, 1621 }; 1622 1623 /** 1624 * smk_read_onlycap - read() for smackfs/onlycap 1625 * @filp: file pointer, not actually used 1626 * @buf: where to put the result 1627 * @cn: maximum to send along 1628 * @ppos: where to start 1629 * 1630 * Returns number of bytes read or error code, as appropriate 1631 */ 1632 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf, 1633 size_t cn, loff_t *ppos) 1634 { 1635 char *smack = ""; 1636 ssize_t rc = -EINVAL; 1637 int asize; 1638 1639 if (*ppos != 0) 1640 return 0; 1641 1642 if (smack_onlycap != NULL) 1643 smack = smack_onlycap->smk_known; 1644 1645 asize = strlen(smack) + 1; 1646 1647 if (cn >= asize) 1648 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 1649 1650 return rc; 1651 } 1652 1653 /** 1654 * smk_write_onlycap - write() for smackfs/onlycap 1655 * @file: file pointer, not actually used 1656 * @buf: where to get the data from 1657 * @count: bytes sent 1658 * @ppos: where to start 1659 * 1660 * Returns number of bytes written or error code, as appropriate 1661 */ 1662 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 1663 size_t count, loff_t *ppos) 1664 { 1665 char *data; 1666 struct smack_known *skp = smk_of_task(current->cred->security); 1667 int rc = count; 1668 1669 if (!smack_privileged(CAP_MAC_ADMIN)) 1670 return -EPERM; 1671 1672 /* 1673 * This can be done using smk_access() but is done 1674 * explicitly for clarity. The smk_access() implementation 1675 * would use smk_access(smack_onlycap, MAY_WRITE) 1676 */ 1677 if (smack_onlycap != NULL && smack_onlycap != skp) 1678 return -EPERM; 1679 1680 data = kzalloc(count, GFP_KERNEL); 1681 if (data == NULL) 1682 return -ENOMEM; 1683 1684 /* 1685 * Should the null string be passed in unset the onlycap value. 1686 * This seems like something to be careful with as usually 1687 * smk_import only expects to return NULL for errors. It 1688 * is usually the case that a nullstring or "\n" would be 1689 * bad to pass to smk_import but in fact this is useful here. 1690 * 1691 * smk_import will also reject a label beginning with '-', 1692 * so "-usecapabilities" will also work. 1693 */ 1694 if (copy_from_user(data, buf, count) != 0) 1695 rc = -EFAULT; 1696 else 1697 smack_onlycap = smk_import_entry(data, count); 1698 1699 kfree(data); 1700 return rc; 1701 } 1702 1703 static const struct file_operations smk_onlycap_ops = { 1704 .read = smk_read_onlycap, 1705 .write = smk_write_onlycap, 1706 .llseek = default_llseek, 1707 }; 1708 1709 /** 1710 * smk_read_logging - read() for /smack/logging 1711 * @filp: file pointer, not actually used 1712 * @buf: where to put the result 1713 * @cn: maximum to send along 1714 * @ppos: where to start 1715 * 1716 * Returns number of bytes read or error code, as appropriate 1717 */ 1718 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 1719 size_t count, loff_t *ppos) 1720 { 1721 char temp[32]; 1722 ssize_t rc; 1723 1724 if (*ppos != 0) 1725 return 0; 1726 1727 sprintf(temp, "%d\n", log_policy); 1728 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1729 return rc; 1730 } 1731 1732 /** 1733 * smk_write_logging - write() for /smack/logging 1734 * @file: file pointer, not actually used 1735 * @buf: where to get the data from 1736 * @count: bytes sent 1737 * @ppos: where to start 1738 * 1739 * Returns number of bytes written or error code, as appropriate 1740 */ 1741 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 1742 size_t count, loff_t *ppos) 1743 { 1744 char temp[32]; 1745 int i; 1746 1747 if (!smack_privileged(CAP_MAC_ADMIN)) 1748 return -EPERM; 1749 1750 if (count >= sizeof(temp) || count == 0) 1751 return -EINVAL; 1752 1753 if (copy_from_user(temp, buf, count) != 0) 1754 return -EFAULT; 1755 1756 temp[count] = '\0'; 1757 1758 if (sscanf(temp, "%d", &i) != 1) 1759 return -EINVAL; 1760 if (i < 0 || i > 3) 1761 return -EINVAL; 1762 log_policy = i; 1763 return count; 1764 } 1765 1766 1767 1768 static const struct file_operations smk_logging_ops = { 1769 .read = smk_read_logging, 1770 .write = smk_write_logging, 1771 .llseek = default_llseek, 1772 }; 1773 1774 /* 1775 * Seq_file read operations for /smack/load-self 1776 */ 1777 1778 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 1779 { 1780 struct task_smack *tsp = current_security(); 1781 1782 return smk_seq_start(s, pos, &tsp->smk_rules); 1783 } 1784 1785 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 1786 { 1787 struct task_smack *tsp = current_security(); 1788 1789 return smk_seq_next(s, v, pos, &tsp->smk_rules); 1790 } 1791 1792 static int load_self_seq_show(struct seq_file *s, void *v) 1793 { 1794 struct list_head *list = v; 1795 struct smack_rule *srp = 1796 list_entry(list, struct smack_rule, list); 1797 1798 smk_rule_show(s, srp, SMK_LABELLEN); 1799 1800 return 0; 1801 } 1802 1803 static const struct seq_operations load_self_seq_ops = { 1804 .start = load_self_seq_start, 1805 .next = load_self_seq_next, 1806 .show = load_self_seq_show, 1807 .stop = smk_seq_stop, 1808 }; 1809 1810 1811 /** 1812 * smk_open_load_self - open() for /smack/load-self2 1813 * @inode: inode structure representing file 1814 * @file: "load" file pointer 1815 * 1816 * For reading, use load_seq_* seq_file reading operations. 1817 */ 1818 static int smk_open_load_self(struct inode *inode, struct file *file) 1819 { 1820 return seq_open(file, &load_self_seq_ops); 1821 } 1822 1823 /** 1824 * smk_write_load_self - write() for /smack/load-self 1825 * @file: file pointer, not actually used 1826 * @buf: where to get the data from 1827 * @count: bytes sent 1828 * @ppos: where to start - must be 0 1829 * 1830 */ 1831 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 1832 size_t count, loff_t *ppos) 1833 { 1834 struct task_smack *tsp = current_security(); 1835 1836 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 1837 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 1838 } 1839 1840 static const struct file_operations smk_load_self_ops = { 1841 .open = smk_open_load_self, 1842 .read = seq_read, 1843 .llseek = seq_lseek, 1844 .write = smk_write_load_self, 1845 .release = seq_release, 1846 }; 1847 1848 /** 1849 * smk_user_access - handle access check transaction 1850 * @file: file pointer 1851 * @buf: data from user space 1852 * @count: bytes sent 1853 * @ppos: where to start - must be 0 1854 */ 1855 static ssize_t smk_user_access(struct file *file, const char __user *buf, 1856 size_t count, loff_t *ppos, int format) 1857 { 1858 struct smack_parsed_rule rule; 1859 char *data; 1860 int res; 1861 1862 data = simple_transaction_get(file, buf, count); 1863 if (IS_ERR(data)) 1864 return PTR_ERR(data); 1865 1866 if (format == SMK_FIXED24_FMT) { 1867 if (count < SMK_LOADLEN) 1868 return -EINVAL; 1869 res = smk_parse_rule(data, &rule, 0); 1870 } else { 1871 /* 1872 * simple_transaction_get() returns null-terminated data 1873 */ 1874 res = smk_parse_long_rule(data, &rule, 0, 3); 1875 } 1876 1877 if (res >= 0) 1878 res = smk_access(rule.smk_subject, rule.smk_object, 1879 rule.smk_access1, NULL); 1880 else if (res != -ENOENT) 1881 return -EINVAL; 1882 1883 data[0] = res == 0 ? '1' : '0'; 1884 data[1] = '\0'; 1885 1886 simple_transaction_set(file, 2); 1887 1888 if (format == SMK_FIXED24_FMT) 1889 return SMK_LOADLEN; 1890 return count; 1891 } 1892 1893 /** 1894 * smk_write_access - handle access check transaction 1895 * @file: file pointer 1896 * @buf: data from user space 1897 * @count: bytes sent 1898 * @ppos: where to start - must be 0 1899 */ 1900 static ssize_t smk_write_access(struct file *file, const char __user *buf, 1901 size_t count, loff_t *ppos) 1902 { 1903 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 1904 } 1905 1906 static const struct file_operations smk_access_ops = { 1907 .write = smk_write_access, 1908 .read = simple_transaction_read, 1909 .release = simple_transaction_release, 1910 .llseek = generic_file_llseek, 1911 }; 1912 1913 1914 /* 1915 * Seq_file read operations for /smack/load2 1916 */ 1917 1918 static int load2_seq_show(struct seq_file *s, void *v) 1919 { 1920 struct list_head *list = v; 1921 struct smack_master_list *smlp = 1922 list_entry(list, struct smack_master_list, list); 1923 1924 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL); 1925 1926 return 0; 1927 } 1928 1929 static const struct seq_operations load2_seq_ops = { 1930 .start = load2_seq_start, 1931 .next = load2_seq_next, 1932 .show = load2_seq_show, 1933 .stop = smk_seq_stop, 1934 }; 1935 1936 /** 1937 * smk_open_load2 - open() for /smack/load2 1938 * @inode: inode structure representing file 1939 * @file: "load2" file pointer 1940 * 1941 * For reading, use load2_seq_* seq_file reading operations. 1942 */ 1943 static int smk_open_load2(struct inode *inode, struct file *file) 1944 { 1945 return seq_open(file, &load2_seq_ops); 1946 } 1947 1948 /** 1949 * smk_write_load2 - write() for /smack/load2 1950 * @file: file pointer, not actually used 1951 * @buf: where to get the data from 1952 * @count: bytes sent 1953 * @ppos: where to start - must be 0 1954 * 1955 */ 1956 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 1957 size_t count, loff_t *ppos) 1958 { 1959 /* 1960 * Must have privilege. 1961 */ 1962 if (!smack_privileged(CAP_MAC_ADMIN)) 1963 return -EPERM; 1964 1965 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 1966 SMK_LONG_FMT); 1967 } 1968 1969 static const struct file_operations smk_load2_ops = { 1970 .open = smk_open_load2, 1971 .read = seq_read, 1972 .llseek = seq_lseek, 1973 .write = smk_write_load2, 1974 .release = seq_release, 1975 }; 1976 1977 /* 1978 * Seq_file read operations for /smack/load-self2 1979 */ 1980 1981 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 1982 { 1983 struct task_smack *tsp = current_security(); 1984 1985 return smk_seq_start(s, pos, &tsp->smk_rules); 1986 } 1987 1988 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 1989 { 1990 struct task_smack *tsp = current_security(); 1991 1992 return smk_seq_next(s, v, pos, &tsp->smk_rules); 1993 } 1994 1995 static int load_self2_seq_show(struct seq_file *s, void *v) 1996 { 1997 struct list_head *list = v; 1998 struct smack_rule *srp = 1999 list_entry(list, struct smack_rule, list); 2000 2001 smk_rule_show(s, srp, SMK_LONGLABEL); 2002 2003 return 0; 2004 } 2005 2006 static const struct seq_operations load_self2_seq_ops = { 2007 .start = load_self2_seq_start, 2008 .next = load_self2_seq_next, 2009 .show = load_self2_seq_show, 2010 .stop = smk_seq_stop, 2011 }; 2012 2013 /** 2014 * smk_open_load_self2 - open() for /smack/load-self2 2015 * @inode: inode structure representing file 2016 * @file: "load" file pointer 2017 * 2018 * For reading, use load_seq_* seq_file reading operations. 2019 */ 2020 static int smk_open_load_self2(struct inode *inode, struct file *file) 2021 { 2022 return seq_open(file, &load_self2_seq_ops); 2023 } 2024 2025 /** 2026 * smk_write_load_self2 - write() for /smack/load-self2 2027 * @file: file pointer, not actually used 2028 * @buf: where to get the data from 2029 * @count: bytes sent 2030 * @ppos: where to start - must be 0 2031 * 2032 */ 2033 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2034 size_t count, loff_t *ppos) 2035 { 2036 struct task_smack *tsp = current_security(); 2037 2038 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2039 &tsp->smk_rules_lock, SMK_LONG_FMT); 2040 } 2041 2042 static const struct file_operations smk_load_self2_ops = { 2043 .open = smk_open_load_self2, 2044 .read = seq_read, 2045 .llseek = seq_lseek, 2046 .write = smk_write_load_self2, 2047 .release = seq_release, 2048 }; 2049 2050 /** 2051 * smk_write_access2 - handle access check transaction 2052 * @file: file pointer 2053 * @buf: data from user space 2054 * @count: bytes sent 2055 * @ppos: where to start - must be 0 2056 */ 2057 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2058 size_t count, loff_t *ppos) 2059 { 2060 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2061 } 2062 2063 static const struct file_operations smk_access2_ops = { 2064 .write = smk_write_access2, 2065 .read = simple_transaction_read, 2066 .release = simple_transaction_release, 2067 .llseek = generic_file_llseek, 2068 }; 2069 2070 /** 2071 * smk_write_revoke_subj - write() for /smack/revoke-subject 2072 * @file: file pointer 2073 * @buf: data from user space 2074 * @count: bytes sent 2075 * @ppos: where to start - must be 0 2076 */ 2077 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2078 size_t count, loff_t *ppos) 2079 { 2080 char *data = NULL; 2081 const char *cp = NULL; 2082 struct smack_known *skp; 2083 struct smack_rule *sp; 2084 struct list_head *rule_list; 2085 struct mutex *rule_lock; 2086 int rc = count; 2087 2088 if (*ppos != 0) 2089 return -EINVAL; 2090 2091 if (!smack_privileged(CAP_MAC_ADMIN)) 2092 return -EPERM; 2093 2094 if (count == 0 || count > SMK_LONGLABEL) 2095 return -EINVAL; 2096 2097 data = kzalloc(count, GFP_KERNEL); 2098 if (data == NULL) 2099 return -ENOMEM; 2100 2101 if (copy_from_user(data, buf, count) != 0) { 2102 rc = -EFAULT; 2103 goto free_out; 2104 } 2105 2106 cp = smk_parse_smack(data, count); 2107 if (cp == NULL) { 2108 rc = -EINVAL; 2109 goto free_out; 2110 } 2111 2112 skp = smk_find_entry(cp); 2113 if (skp == NULL) 2114 goto free_out; 2115 2116 rule_list = &skp->smk_rules; 2117 rule_lock = &skp->smk_rules_lock; 2118 2119 mutex_lock(rule_lock); 2120 2121 list_for_each_entry_rcu(sp, rule_list, list) 2122 sp->smk_access = 0; 2123 2124 mutex_unlock(rule_lock); 2125 2126 free_out: 2127 kfree(data); 2128 kfree(cp); 2129 return rc; 2130 } 2131 2132 static const struct file_operations smk_revoke_subj_ops = { 2133 .write = smk_write_revoke_subj, 2134 .read = simple_transaction_read, 2135 .release = simple_transaction_release, 2136 .llseek = generic_file_llseek, 2137 }; 2138 2139 static struct kset *smackfs_kset; 2140 /** 2141 * smk_init_sysfs - initialize /sys/fs/smackfs 2142 * 2143 */ 2144 static int smk_init_sysfs(void) 2145 { 2146 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj); 2147 if (!smackfs_kset) 2148 return -ENOMEM; 2149 return 0; 2150 } 2151 2152 /** 2153 * smk_write_change_rule - write() for /smack/change-rule 2154 * @file: file pointer 2155 * @buf: data from user space 2156 * @count: bytes sent 2157 * @ppos: where to start - must be 0 2158 */ 2159 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2160 size_t count, loff_t *ppos) 2161 { 2162 /* 2163 * Must have privilege. 2164 */ 2165 if (!smack_privileged(CAP_MAC_ADMIN)) 2166 return -EPERM; 2167 2168 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2169 SMK_CHANGE_FMT); 2170 } 2171 2172 static const struct file_operations smk_change_rule_ops = { 2173 .write = smk_write_change_rule, 2174 .read = simple_transaction_read, 2175 .release = simple_transaction_release, 2176 .llseek = generic_file_llseek, 2177 }; 2178 2179 /** 2180 * smk_read_syslog - read() for smackfs/syslog 2181 * @filp: file pointer, not actually used 2182 * @buf: where to put the result 2183 * @cn: maximum to send along 2184 * @ppos: where to start 2185 * 2186 * Returns number of bytes read or error code, as appropriate 2187 */ 2188 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2189 size_t cn, loff_t *ppos) 2190 { 2191 struct smack_known *skp; 2192 ssize_t rc = -EINVAL; 2193 int asize; 2194 2195 if (*ppos != 0) 2196 return 0; 2197 2198 if (smack_syslog_label == NULL) 2199 skp = &smack_known_star; 2200 else 2201 skp = smack_syslog_label; 2202 2203 asize = strlen(skp->smk_known) + 1; 2204 2205 if (cn >= asize) 2206 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2207 asize); 2208 2209 return rc; 2210 } 2211 2212 /** 2213 * smk_write_syslog - write() for smackfs/syslog 2214 * @file: file pointer, not actually used 2215 * @buf: where to get the data from 2216 * @count: bytes sent 2217 * @ppos: where to start 2218 * 2219 * Returns number of bytes written or error code, as appropriate 2220 */ 2221 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2222 size_t count, loff_t *ppos) 2223 { 2224 char *data; 2225 struct smack_known *skp; 2226 int rc = count; 2227 2228 if (!smack_privileged(CAP_MAC_ADMIN)) 2229 return -EPERM; 2230 2231 data = kzalloc(count, GFP_KERNEL); 2232 if (data == NULL) 2233 return -ENOMEM; 2234 2235 if (copy_from_user(data, buf, count) != 0) 2236 rc = -EFAULT; 2237 else { 2238 skp = smk_import_entry(data, count); 2239 if (skp == NULL) 2240 rc = -EINVAL; 2241 else 2242 smack_syslog_label = smk_import_entry(data, count); 2243 } 2244 2245 kfree(data); 2246 return rc; 2247 } 2248 2249 static const struct file_operations smk_syslog_ops = { 2250 .read = smk_read_syslog, 2251 .write = smk_write_syslog, 2252 .llseek = default_llseek, 2253 }; 2254 2255 2256 /** 2257 * smk_read_ptrace - read() for /smack/ptrace 2258 * @filp: file pointer, not actually used 2259 * @buf: where to put the result 2260 * @count: maximum to send along 2261 * @ppos: where to start 2262 * 2263 * Returns number of bytes read or error code, as appropriate 2264 */ 2265 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2266 size_t count, loff_t *ppos) 2267 { 2268 char temp[32]; 2269 ssize_t rc; 2270 2271 if (*ppos != 0) 2272 return 0; 2273 2274 sprintf(temp, "%d\n", smack_ptrace_rule); 2275 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2276 return rc; 2277 } 2278 2279 /** 2280 * smk_write_ptrace - write() for /smack/ptrace 2281 * @file: file pointer 2282 * @buf: data from user space 2283 * @count: bytes sent 2284 * @ppos: where to start - must be 0 2285 */ 2286 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2287 size_t count, loff_t *ppos) 2288 { 2289 char temp[32]; 2290 int i; 2291 2292 if (!smack_privileged(CAP_MAC_ADMIN)) 2293 return -EPERM; 2294 2295 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2296 return -EINVAL; 2297 2298 if (copy_from_user(temp, buf, count) != 0) 2299 return -EFAULT; 2300 2301 temp[count] = '\0'; 2302 2303 if (sscanf(temp, "%d", &i) != 1) 2304 return -EINVAL; 2305 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2306 return -EINVAL; 2307 smack_ptrace_rule = i; 2308 2309 return count; 2310 } 2311 2312 static const struct file_operations smk_ptrace_ops = { 2313 .write = smk_write_ptrace, 2314 .read = smk_read_ptrace, 2315 .llseek = default_llseek, 2316 }; 2317 2318 /** 2319 * smk_fill_super - fill the smackfs superblock 2320 * @sb: the empty superblock 2321 * @data: unused 2322 * @silent: unused 2323 * 2324 * Fill in the well known entries for the smack filesystem 2325 * 2326 * Returns 0 on success, an error code on failure 2327 */ 2328 static int smk_fill_super(struct super_block *sb, void *data, int silent) 2329 { 2330 int rc; 2331 struct inode *root_inode; 2332 2333 static struct tree_descr smack_files[] = { 2334 [SMK_LOAD] = { 2335 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2336 [SMK_CIPSO] = { 2337 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2338 [SMK_DOI] = { 2339 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2340 [SMK_DIRECT] = { 2341 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2342 [SMK_AMBIENT] = { 2343 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2344 [SMK_NETLBLADDR] = { 2345 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR}, 2346 [SMK_ONLYCAP] = { 2347 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2348 [SMK_LOGGING] = { 2349 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2350 [SMK_LOAD_SELF] = { 2351 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2352 [SMK_ACCESSES] = { 2353 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2354 [SMK_MAPPED] = { 2355 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2356 [SMK_LOAD2] = { 2357 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2358 [SMK_LOAD_SELF2] = { 2359 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2360 [SMK_ACCESS2] = { 2361 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2362 [SMK_CIPSO2] = { 2363 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2364 [SMK_REVOKE_SUBJ] = { 2365 "revoke-subject", &smk_revoke_subj_ops, 2366 S_IRUGO|S_IWUSR}, 2367 [SMK_CHANGE_RULE] = { 2368 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2369 [SMK_SYSLOG] = { 2370 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2371 [SMK_PTRACE] = { 2372 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2373 /* last one */ 2374 {""} 2375 }; 2376 2377 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2378 if (rc != 0) { 2379 printk(KERN_ERR "%s failed %d while creating inodes\n", 2380 __func__, rc); 2381 return rc; 2382 } 2383 2384 root_inode = sb->s_root->d_inode; 2385 2386 return 0; 2387 } 2388 2389 /** 2390 * smk_mount - get the smackfs superblock 2391 * @fs_type: passed along without comment 2392 * @flags: passed along without comment 2393 * @dev_name: passed along without comment 2394 * @data: passed along without comment 2395 * 2396 * Just passes everything along. 2397 * 2398 * Returns what the lower level code does. 2399 */ 2400 static struct dentry *smk_mount(struct file_system_type *fs_type, 2401 int flags, const char *dev_name, void *data) 2402 { 2403 return mount_single(fs_type, flags, data, smk_fill_super); 2404 } 2405 2406 static struct file_system_type smk_fs_type = { 2407 .name = "smackfs", 2408 .mount = smk_mount, 2409 .kill_sb = kill_litter_super, 2410 }; 2411 2412 static struct vfsmount *smackfs_mount; 2413 2414 static int __init smk_preset_netlabel(struct smack_known *skp) 2415 { 2416 skp->smk_netlabel.domain = skp->smk_known; 2417 skp->smk_netlabel.flags = 2418 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL; 2419 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known, 2420 &skp->smk_netlabel, strlen(skp->smk_known)); 2421 } 2422 2423 /** 2424 * init_smk_fs - get the smackfs superblock 2425 * 2426 * register the smackfs 2427 * 2428 * Do not register smackfs if Smack wasn't enabled 2429 * on boot. We can not put this method normally under the 2430 * smack_init() code path since the security subsystem get 2431 * initialized before the vfs caches. 2432 * 2433 * Returns true if we were not chosen on boot or if 2434 * we were chosen and filesystem registration succeeded. 2435 */ 2436 static int __init init_smk_fs(void) 2437 { 2438 int err; 2439 int rc; 2440 2441 if (!security_module_enable(&smack_ops)) 2442 return 0; 2443 2444 err = smk_init_sysfs(); 2445 if (err) 2446 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 2447 2448 err = register_filesystem(&smk_fs_type); 2449 if (!err) { 2450 smackfs_mount = kern_mount(&smk_fs_type); 2451 if (IS_ERR(smackfs_mount)) { 2452 printk(KERN_ERR "smackfs: could not mount!\n"); 2453 err = PTR_ERR(smackfs_mount); 2454 smackfs_mount = NULL; 2455 } 2456 } 2457 2458 smk_cipso_doi(); 2459 smk_unlbl_ambient(NULL); 2460 2461 rc = smk_preset_netlabel(&smack_known_floor); 2462 if (err == 0 && rc < 0) 2463 err = rc; 2464 rc = smk_preset_netlabel(&smack_known_hat); 2465 if (err == 0 && rc < 0) 2466 err = rc; 2467 rc = smk_preset_netlabel(&smack_known_huh); 2468 if (err == 0 && rc < 0) 2469 err = rc; 2470 rc = smk_preset_netlabel(&smack_known_invalid); 2471 if (err == 0 && rc < 0) 2472 err = rc; 2473 rc = smk_preset_netlabel(&smack_known_star); 2474 if (err == 0 && rc < 0) 2475 err = rc; 2476 rc = smk_preset_netlabel(&smack_known_web); 2477 if (err == 0 && rc < 0) 2478 err = rc; 2479 2480 return err; 2481 } 2482 2483 __initcall(init_smk_fs); 2484