Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
smackfs.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2007 Casey Schaufler <[email protected]>
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation, version 2.
7  *
8  * Authors:
9  * Casey Schaufler <[email protected]>
10  * Ahmed S. Darwish <[email protected]>
11  *
12  * Special thanks to the authors of selinuxfs.
13  *
14  * Karl MacMillan <[email protected]>
15  * James Morris <[email protected]>
16  *
17  */
18 
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/cipso_ipv4.h>
26 #include <linux/seq_file.h>
27 #include <linux/ctype.h>
28 #include <linux/audit.h>
29 #include "smack.h"
30 
31 /*
32  * smackfs pseudo filesystem.
33  */
34 
35 enum smk_inos {
37  SMK_LOAD = 3, /* load policy */
38  SMK_CIPSO = 4, /* load label -> CIPSO mapping */
39  SMK_DOI = 5, /* CIPSO DOI */
40  SMK_DIRECT = 6, /* CIPSO level indicating direct label */
41  SMK_AMBIENT = 7, /* internet ambient label */
42  SMK_NETLBLADDR = 8, /* single label hosts */
43  SMK_ONLYCAP = 9, /* the only "capable" label */
44  SMK_LOGGING = 10, /* logging */
45  SMK_LOAD_SELF = 11, /* task specific rules */
46  SMK_ACCESSES = 12, /* access policy */
47  SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
48  SMK_LOAD2 = 14, /* load policy with long labels */
49  SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
50  SMK_ACCESS2 = 16, /* make an access check with long labels */
51  SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
52  SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
53 };
54 
55 /*
56  * List locks
57  */
58 static DEFINE_MUTEX(smack_list_lock);
59 static DEFINE_MUTEX(smack_cipso_lock);
60 static DEFINE_MUTEX(smack_ambient_lock);
61 static DEFINE_MUTEX(smk_netlbladdr_lock);
62 
63 /*
64  * This is the "ambient" label for network traffic.
65  * If it isn't somehow marked, use this.
66  * It can be reset via smackfs/ambient
67  */
69 
70 /*
71  * This is the level in a CIPSO header that indicates a
72  * smack label is contained directly in the category set.
73  * It can be reset via smackfs/direct
74  */
76 
77 /*
78  * This is the level in a CIPSO header that indicates a
79  * secid is contained directly in the category set.
80  * It can be reset via smackfs/mapped
81  */
83 
84 /*
85  * Unless a process is running with this label even
86  * having CAP_MAC_OVERRIDE isn't enough to grant
87  * privilege to violate MAC policy. If no label is
88  * designated (the NULL case) capabilities apply to
89  * everyone. It is expected that the hat (^) label
90  * will be used if any label is used.
91  */
93 
94 /*
95  * Certain IP addresses may be designated as single label hosts.
96  * Packets are sent there unlabeled, but only from tasks that
97  * can write to the specified label.
98  */
99 
100 LIST_HEAD(smk_netlbladdr_list);
101 
102 /*
103  * Rule lists are maintained for each label.
104  * This master list is just for reading /smack/load and /smack/load2.
105  */
107  struct list_head list;
109 };
110 
111 LIST_HEAD(smack_rule_list);
112 
113 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
114 
116 
117 /*
118  * Values for parsing cipso rules
119  * SMK_DIGITLEN: Length of a digit field in a rule.
120  * SMK_CIPSOMIN: Minimum possible cipso rule length.
121  * SMK_CIPSOMAX: Maximum possible cipso rule length.
122  */
123 #define SMK_DIGITLEN 4
124 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
125 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
126 
127 /*
128  * Values for parsing MAC rules
129  * SMK_ACCESS: Maximum possible combination of access permissions
130  * SMK_ACCESSLEN: Maximum length for a rule access field
131  * SMK_LOADLEN: Smack rule length
132  */
133 #define SMK_OACCESS "rwxa"
134 #define SMK_ACCESS "rwxat"
135 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
136 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
137 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
138 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
139 
140 /*
141  * Stricly for CIPSO level manipulation.
142  * Set the category bit number in a smack label sized buffer.
143  */
144 static inline void smack_catset_bit(unsigned int cat, char *catsetp)
145 {
146  if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
147  return;
148 
149  catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
150 }
151 
156 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
157 {
158  nap->loginuid = audit_get_loginuid(current);
159  nap->sessionid = audit_get_sessionid(current);
160  nap->secid = smack_to_secid(smk_of_current());
161 }
162 
163 /*
164  * Value for parsing single label host rules
165  * "1.2.3.4 X"
166  */
167 #define SMK_NETLBLADDRMIN 9
168 
184 static int smk_set_access(struct smack_rule *srp, struct list_head *rule_list,
185  struct mutex *rule_lock)
186 {
187  struct smack_rule *sp;
188  int found = 0;
189 
190  mutex_lock(rule_lock);
191 
192  /*
193  * Because the object label is less likely to match
194  * than the subject label check it first
195  */
196  list_for_each_entry_rcu(sp, rule_list, list) {
197  if (sp->smk_object == srp->smk_object &&
198  sp->smk_subject == srp->smk_subject) {
199  found = 1;
200  sp->smk_access = srp->smk_access;
201  break;
202  }
203  }
204  if (found == 0)
205  list_add_rcu(&srp->list, rule_list);
206 
207  mutex_unlock(rule_lock);
208 
209  return found;
210 }
211 
223 static int smk_fill_rule(const char *subject, const char *object,
224  const char *access, struct smack_rule *rule,
225  int import, int len)
226 {
227  const char *cp;
228  struct smack_known *skp;
229 
230  if (import) {
231  rule->smk_subject = smk_import(subject, len);
232  if (rule->smk_subject == NULL)
233  return -1;
234 
235  rule->smk_object = smk_import(object, len);
236  if (rule->smk_object == NULL)
237  return -1;
238  } else {
239  cp = smk_parse_smack(subject, len);
240  if (cp == NULL)
241  return -1;
242  skp = smk_find_entry(cp);
243  kfree(cp);
244  if (skp == NULL)
245  return -1;
246  rule->smk_subject = skp->smk_known;
247 
248  cp = smk_parse_smack(object, len);
249  if (cp == NULL)
250  return -1;
251  skp = smk_find_entry(cp);
252  kfree(cp);
253  if (skp == NULL)
254  return -1;
255  rule->smk_object = skp->smk_known;
256  }
257 
258  rule->smk_access = 0;
259 
260  for (cp = access; *cp != '\0'; cp++) {
261  switch (*cp) {
262  case '-':
263  break;
264  case 'r':
265  case 'R':
266  rule->smk_access |= MAY_READ;
267  break;
268  case 'w':
269  case 'W':
270  rule->smk_access |= MAY_WRITE;
271  break;
272  case 'x':
273  case 'X':
274  rule->smk_access |= MAY_EXEC;
275  break;
276  case 'a':
277  case 'A':
278  rule->smk_access |= MAY_APPEND;
279  break;
280  case 't':
281  case 'T':
282  rule->smk_access |= MAY_TRANSMUTE;
283  break;
284  default:
285  return 0;
286  }
287  }
288 
289  return 0;
290 }
291 
300 static int smk_parse_rule(const char *data, struct smack_rule *rule, int import)
301 {
302  int rc;
303 
304  rc = smk_fill_rule(data, data + SMK_LABELLEN,
305  data + SMK_LABELLEN + SMK_LABELLEN, rule, import,
306  SMK_LABELLEN);
307  return rc;
308 }
309 
318 static int smk_parse_long_rule(const char *data, struct smack_rule *rule,
319  int import)
320 {
321  char *subject;
322  char *object;
323  char *access;
324  int datalen;
325  int rc = -1;
326 
327  /* This is inefficient */
328  datalen = strlen(data);
329 
330  /* Our first element can be 64 + \0 with no spaces */
331  subject = kzalloc(datalen + 1, GFP_KERNEL);
332  if (subject == NULL)
333  return -1;
334  object = kzalloc(datalen, GFP_KERNEL);
335  if (object == NULL)
336  goto free_out_s;
337  access = kzalloc(datalen, GFP_KERNEL);
338  if (access == NULL)
339  goto free_out_o;
340 
341  if (sscanf(data, "%s %s %s", subject, object, access) == 3)
342  rc = smk_fill_rule(subject, object, access, rule, import, 0);
343 
344  kfree(access);
345 free_out_o:
346  kfree(object);
347 free_out_s:
348  kfree(subject);
349  return rc;
350 }
351 
352 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
353 #define SMK_LONG_FMT 1 /* Variable long label format */
354 
370 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
371  size_t count, loff_t *ppos,
372  struct list_head *rule_list,
373  struct mutex *rule_lock, int format)
374 {
375  struct smack_master_list *smlp;
376  struct smack_known *skp;
377  struct smack_rule *rule;
378  char *data;
379  int datalen;
380  int rc = -EINVAL;
381  int load = 0;
382 
383  /*
384  * No partial writes.
385  * Enough data must be present.
386  */
387  if (*ppos != 0)
388  return -EINVAL;
389 
390  if (format == SMK_FIXED24_FMT) {
391  /*
392  * Minor hack for backward compatibility
393  */
394  if (count != SMK_OLOADLEN && count != SMK_LOADLEN)
395  return -EINVAL;
396  datalen = SMK_LOADLEN;
397  } else
398  datalen = count + 1;
399 
400  data = kzalloc(datalen, GFP_KERNEL);
401  if (data == NULL)
402  return -ENOMEM;
403 
404  if (copy_from_user(data, buf, count) != 0) {
405  rc = -EFAULT;
406  goto out;
407  }
408 
409  rule = kzalloc(sizeof(*rule), GFP_KERNEL);
410  if (rule == NULL) {
411  rc = -ENOMEM;
412  goto out;
413  }
414 
415  if (format == SMK_LONG_FMT) {
416  /*
417  * Be sure the data string is terminated.
418  */
419  data[count] = '\0';
420  if (smk_parse_long_rule(data, rule, 1))
421  goto out_free_rule;
422  } else {
423  /*
424  * More on the minor hack for backward compatibility
425  */
426  if (count == (SMK_OLOADLEN))
427  data[SMK_OLOADLEN] = '-';
428  if (smk_parse_rule(data, rule, 1))
429  goto out_free_rule;
430  }
431 
432 
433  if (rule_list == NULL) {
434  load = 1;
435  skp = smk_find_entry(rule->smk_subject);
436  rule_list = &skp->smk_rules;
437  rule_lock = &skp->smk_rules_lock;
438  }
439 
440  rc = count;
441  /*
442  * If this is a global as opposed to self and a new rule
443  * it needs to get added for reporting.
444  * smk_set_access returns true if there was already a rule
445  * for the subject/object pair, and false if it was new.
446  */
447  if (!smk_set_access(rule, rule_list, rule_lock)) {
448  if (load) {
449  smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
450  if (smlp != NULL) {
451  smlp->smk_rule = rule;
452  list_add_rcu(&smlp->list, &smack_rule_list);
453  } else
454  rc = -ENOMEM;
455  }
456  goto out;
457  }
458 
459 out_free_rule:
460  kfree(rule);
461 out:
462  kfree(data);
463  return rc;
464 }
465 
466 /*
467  * Core logic for smackfs seq list operations.
468  */
469 
470 static void *smk_seq_start(struct seq_file *s, loff_t *pos,
471  struct list_head *head)
472 {
473  struct list_head *list;
474 
475  /*
476  * This is 0 the first time through.
477  */
478  if (s->index == 0)
479  s->private = head;
480 
481  if (s->private == NULL)
482  return NULL;
483 
484  list = s->private;
485  if (list_empty(list))
486  return NULL;
487 
488  if (s->index == 0)
489  return list->next;
490  return list;
491 }
492 
493 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
494  struct list_head *head)
495 {
496  struct list_head *list = v;
497 
498  if (list_is_last(list, head)) {
499  s->private = NULL;
500  return NULL;
501  }
502  s->private = list->next;
503  return list->next;
504 }
505 
506 static void smk_seq_stop(struct seq_file *s, void *v)
507 {
508  /* No-op */
509 }
510 
511 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
512 {
513  /*
514  * Don't show any rules with label names too long for
515  * interface file (/smack/load or /smack/load2)
516  * because you should expect to be able to write
517  * anything you read back.
518  */
519  if (strlen(srp->smk_subject) >= max || strlen(srp->smk_object) >= max)
520  return;
521 
522  if (srp->smk_access == 0)
523  return;
524 
525  seq_printf(s, "%s %s", srp->smk_subject, srp->smk_object);
526 
527  seq_putc(s, ' ');
528 
529  if (srp->smk_access & MAY_READ)
530  seq_putc(s, 'r');
531  if (srp->smk_access & MAY_WRITE)
532  seq_putc(s, 'w');
533  if (srp->smk_access & MAY_EXEC)
534  seq_putc(s, 'x');
535  if (srp->smk_access & MAY_APPEND)
536  seq_putc(s, 'a');
537  if (srp->smk_access & MAY_TRANSMUTE)
538  seq_putc(s, 't');
539 
540  seq_putc(s, '\n');
541 }
542 
543 /*
544  * Seq_file read operations for /smack/load
545  */
546 
547 static void *load2_seq_start(struct seq_file *s, loff_t *pos)
548 {
549  return smk_seq_start(s, pos, &smack_rule_list);
550 }
551 
552 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
553 {
554  return smk_seq_next(s, v, pos, &smack_rule_list);
555 }
556 
557 static int load_seq_show(struct seq_file *s, void *v)
558 {
559  struct list_head *list = v;
560  struct smack_master_list *smlp =
561  list_entry(list, struct smack_master_list, list);
562 
563  smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN);
564 
565  return 0;
566 }
567 
568 static const struct seq_operations load_seq_ops = {
569  .start = load2_seq_start,
570  .next = load2_seq_next,
571  .show = load_seq_show,
572  .stop = smk_seq_stop,
573 };
574 
582 static int smk_open_load(struct inode *inode, struct file *file)
583 {
584  return seq_open(file, &load_seq_ops);
585 }
586 
595 static ssize_t smk_write_load(struct file *file, const char __user *buf,
596  size_t count, loff_t *ppos)
597 {
598  /*
599  * Must have privilege.
600  * No partial writes.
601  * Enough data must be present.
602  */
603  if (!smack_privileged(CAP_MAC_ADMIN))
604  return -EPERM;
605 
606  return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
608 }
609 
610 static const struct file_operations smk_load_ops = {
611  .open = smk_open_load,
612  .read = seq_read,
613  .llseek = seq_lseek,
614  .write = smk_write_load,
615  .release = seq_release,
616 };
617 
621 static void smk_cipso_doi(void)
622 {
623  int rc;
624  struct cipso_v4_doi *doip;
625  struct netlbl_audit nai;
626 
627  smk_netlabel_audit_set(&nai);
628 
629  rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
630  if (rc != 0)
631  printk(KERN_WARNING "%s:%d remove rc = %d\n",
632  __func__, __LINE__, rc);
633 
634  doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
635  if (doip == NULL)
636  panic("smack: Failed to initialize cipso DOI.\n");
637  doip->map.std = NULL;
638  doip->doi = smk_cipso_doi_value;
639  doip->type = CIPSO_V4_MAP_PASS;
640  doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
641  for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
642  doip->tags[rc] = CIPSO_V4_TAG_INVALID;
643 
644  rc = netlbl_cfg_cipsov4_add(doip, &nai);
645  if (rc != 0) {
646  printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
647  __func__, __LINE__, rc);
648  kfree(doip);
649  return;
650  }
651  rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
652  if (rc != 0) {
653  printk(KERN_WARNING "%s:%d map add rc = %d\n",
654  __func__, __LINE__, rc);
655  kfree(doip);
656  return;
657  }
658 }
659 
664 static void smk_unlbl_ambient(char *oldambient)
665 {
666  int rc;
667  struct netlbl_audit nai;
668 
669  smk_netlabel_audit_set(&nai);
670 
671  if (oldambient != NULL) {
672  rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
673  if (rc != 0)
674  printk(KERN_WARNING "%s:%d remove rc = %d\n",
675  __func__, __LINE__, rc);
676  }
677  if (smack_net_ambient == NULL)
679 
681  NULL, NULL, &nai);
682  if (rc != 0)
683  printk(KERN_WARNING "%s:%d add rc = %d\n",
684  __func__, __LINE__, rc);
685 }
686 
687 /*
688  * Seq_file read operations for /smack/cipso
689  */
690 
691 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
692 {
693  return smk_seq_start(s, pos, &smack_known_list);
694 }
695 
696 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
697 {
698  return smk_seq_next(s, v, pos, &smack_known_list);
699 }
700 
701 /*
702  * Print cipso labels in format:
703  * label level[/cat[,cat]]
704  */
705 static int cipso_seq_show(struct seq_file *s, void *v)
706 {
707  struct list_head *list = v;
708  struct smack_known *skp =
709  list_entry(list, struct smack_known, list);
710  struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
711  char sep = '/';
712  int i;
713 
714  /*
715  * Don't show a label that could not have been set using
716  * /smack/cipso. This is in support of the notion that
717  * anything read from /smack/cipso ought to be writeable
718  * to /smack/cipso.
719  *
720  * /smack/cipso2 should be used instead.
721  */
722  if (strlen(skp->smk_known) >= SMK_LABELLEN)
723  return 0;
724 
725  seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
726 
727  for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
728  i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
729  seq_printf(s, "%c%d", sep, i);
730  sep = ',';
731  }
732 
733  seq_putc(s, '\n');
734 
735  return 0;
736 }
737 
738 static const struct seq_operations cipso_seq_ops = {
739  .start = cipso_seq_start,
740  .next = cipso_seq_next,
741  .show = cipso_seq_show,
742  .stop = smk_seq_stop,
743 };
744 
753 static int smk_open_cipso(struct inode *inode, struct file *file)
754 {
755  return seq_open(file, &cipso_seq_ops);
756 }
757 
769 static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
770  size_t count, loff_t *ppos, int format)
771 {
772  struct smack_known *skp;
773  struct netlbl_lsm_secattr ncats;
774  char mapcatset[SMK_CIPSOLEN];
775  int maplevel;
776  unsigned int cat;
777  int catlen;
778  ssize_t rc = -EINVAL;
779  char *data = NULL;
780  char *rule;
781  int ret;
782  int i;
783 
784  /*
785  * Must have privilege.
786  * No partial writes.
787  * Enough data must be present.
788  */
789  if (!smack_privileged(CAP_MAC_ADMIN))
790  return -EPERM;
791  if (*ppos != 0)
792  return -EINVAL;
793  if (format == SMK_FIXED24_FMT &&
794  (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
795  return -EINVAL;
796 
797  data = kzalloc(count + 1, GFP_KERNEL);
798  if (data == NULL)
799  return -ENOMEM;
800 
801  if (copy_from_user(data, buf, count) != 0) {
802  rc = -EFAULT;
803  goto unlockedout;
804  }
805 
806  data[count] = '\0';
807  rule = data;
808  /*
809  * Only allow one writer at a time. Writes should be
810  * quite rare and small in any case.
811  */
812  mutex_lock(&smack_cipso_lock);
813 
814  skp = smk_import_entry(rule, 0);
815  if (skp == NULL)
816  goto out;
817 
818  if (format == SMK_FIXED24_FMT)
819  rule += SMK_LABELLEN;
820  else
821  rule += strlen(skp->smk_known);
822 
823  ret = sscanf(rule, "%d", &maplevel);
824  if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
825  goto out;
826 
827  rule += SMK_DIGITLEN;
828  ret = sscanf(rule, "%d", &catlen);
829  if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
830  goto out;
831 
832  if (format == SMK_FIXED24_FMT &&
833  count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
834  goto out;
835 
836  memset(mapcatset, 0, sizeof(mapcatset));
837 
838  for (i = 0; i < catlen; i++) {
839  rule += SMK_DIGITLEN;
840  ret = sscanf(rule, "%u", &cat);
841  if (ret != 1 || cat > SMACK_CIPSO_MAXCATVAL)
842  goto out;
843 
844  smack_catset_bit(cat, mapcatset);
845  }
846 
847  rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
848  if (rc >= 0) {
849  netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat);
850  skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
851  skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
852  rc = count;
853  }
854 
855 out:
856  mutex_unlock(&smack_cipso_lock);
857 unlockedout:
858  kfree(data);
859  return rc;
860 }
861 
872 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
873  size_t count, loff_t *ppos)
874 {
875  return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
876 }
877 
878 static const struct file_operations smk_cipso_ops = {
879  .open = smk_open_cipso,
880  .read = seq_read,
881  .llseek = seq_lseek,
882  .write = smk_write_cipso,
883  .release = seq_release,
884 };
885 
886 /*
887  * Seq_file read operations for /smack/cipso2
888  */
889 
890 /*
891  * Print cipso labels in format:
892  * label level[/cat[,cat]]
893  */
894 static int cipso2_seq_show(struct seq_file *s, void *v)
895 {
896  struct list_head *list = v;
897  struct smack_known *skp =
898  list_entry(list, struct smack_known, list);
899  struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
900  char sep = '/';
901  int i;
902 
903  seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
904 
905  for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
906  i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
907  seq_printf(s, "%c%d", sep, i);
908  sep = ',';
909  }
910 
911  seq_putc(s, '\n');
912 
913  return 0;
914 }
915 
916 static const struct seq_operations cipso2_seq_ops = {
917  .start = cipso_seq_start,
918  .next = cipso_seq_next,
919  .show = cipso2_seq_show,
920  .stop = smk_seq_stop,
921 };
922 
931 static int smk_open_cipso2(struct inode *inode, struct file *file)
932 {
933  return seq_open(file, &cipso2_seq_ops);
934 }
935 
946 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
947  size_t count, loff_t *ppos)
948 {
949  return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
950 }
951 
952 static const struct file_operations smk_cipso2_ops = {
953  .open = smk_open_cipso2,
954  .read = seq_read,
955  .llseek = seq_lseek,
956  .write = smk_write_cipso2,
957  .release = seq_release,
958 };
959 
960 /*
961  * Seq_file read operations for /smack/netlabel
962  */
963 
964 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
965 {
966  return smk_seq_start(s, pos, &smk_netlbladdr_list);
967 }
968 
969 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
970 {
971  return smk_seq_next(s, v, pos, &smk_netlbladdr_list);
972 }
973 #define BEBITS (sizeof(__be32) * 8)
974 
975 /*
976  * Print host/label pairs
977  */
978 static int netlbladdr_seq_show(struct seq_file *s, void *v)
979 {
980  struct list_head *list = v;
981  struct smk_netlbladdr *skp =
982  list_entry(list, struct smk_netlbladdr, list);
983  unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
984  int maskn;
985  u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
986 
987  for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
988 
989  seq_printf(s, "%u.%u.%u.%u/%d %s\n",
990  hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label);
991 
992  return 0;
993 }
994 
995 static const struct seq_operations netlbladdr_seq_ops = {
996  .start = netlbladdr_seq_start,
997  .next = netlbladdr_seq_next,
998  .show = netlbladdr_seq_show,
999  .stop = smk_seq_stop,
1000 };
1001 
1010 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
1011 {
1012  return seq_open(file, &netlbladdr_seq_ops);
1013 }
1014 
1024 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
1025 {
1026  struct smk_netlbladdr *m, *m_next;
1027 
1028  if (list_empty(&smk_netlbladdr_list)) {
1029  list_add_rcu(&new->list, &smk_netlbladdr_list);
1030  return;
1031  }
1032 
1033  m = list_entry_rcu(smk_netlbladdr_list.next,
1034  struct smk_netlbladdr, list);
1035 
1036  /* the comparison '>' is a bit hacky, but works */
1037  if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
1038  list_add_rcu(&new->list, &smk_netlbladdr_list);
1039  return;
1040  }
1041 
1042  list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
1043  if (list_is_last(&m->list, &smk_netlbladdr_list)) {
1044  list_add_rcu(&new->list, &m->list);
1045  return;
1046  }
1047  m_next = list_entry_rcu(m->list.next,
1048  struct smk_netlbladdr, list);
1049  if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
1050  list_add_rcu(&new->list, &m->list);
1051  return;
1052  }
1053  }
1054 }
1055 
1056 
1067 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
1068  size_t count, loff_t *ppos)
1069 {
1070  struct smk_netlbladdr *skp;
1071  struct sockaddr_in newname;
1072  char *smack;
1073  char *sp;
1074  char *data;
1075  char *host = (char *)&newname.sin_addr.s_addr;
1076  int rc;
1077  struct netlbl_audit audit_info;
1078  struct in_addr mask;
1079  unsigned int m;
1080  int found;
1081  u32 mask_bits = (1<<31);
1082  __be32 nsa;
1083  u32 temp_mask;
1084 
1085  /*
1086  * Must have privilege.
1087  * No partial writes.
1088  * Enough data must be present.
1089  * "<addr/mask, as a.b.c.d/e><space><label>"
1090  * "<addr, as a.b.c.d><space><label>"
1091  */
1092  if (!smack_privileged(CAP_MAC_ADMIN))
1093  return -EPERM;
1094  if (*ppos != 0)
1095  return -EINVAL;
1096  if (count < SMK_NETLBLADDRMIN)
1097  return -EINVAL;
1098 
1099  data = kzalloc(count + 1, GFP_KERNEL);
1100  if (data == NULL)
1101  return -ENOMEM;
1102 
1103  if (copy_from_user(data, buf, count) != 0) {
1104  rc = -EFAULT;
1105  goto free_data_out;
1106  }
1107 
1108  smack = kzalloc(count + 1, GFP_KERNEL);
1109  if (smack == NULL) {
1110  rc = -ENOMEM;
1111  goto free_data_out;
1112  }
1113 
1114  data[count] = '\0';
1115 
1116  rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s",
1117  &host[0], &host[1], &host[2], &host[3], &m, smack);
1118  if (rc != 6) {
1119  rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1120  &host[0], &host[1], &host[2], &host[3], smack);
1121  if (rc != 5) {
1122  rc = -EINVAL;
1123  goto free_out;
1124  }
1125  m = BEBITS;
1126  }
1127  if (m > BEBITS) {
1128  rc = -EINVAL;
1129  goto free_out;
1130  }
1131 
1132  /*
1133  * If smack begins with '-', it is an option, don't import it
1134  */
1135  if (smack[0] != '-') {
1136  sp = smk_import(smack, 0);
1137  if (sp == NULL) {
1138  rc = -EINVAL;
1139  goto free_out;
1140  }
1141  } else {
1142  /* check known options */
1143  if (strcmp(smack, smack_cipso_option) == 0)
1144  sp = (char *)smack_cipso_option;
1145  else {
1146  rc = -EINVAL;
1147  goto free_out;
1148  }
1149  }
1150 
1151  for (temp_mask = 0; m > 0; m--) {
1152  temp_mask |= mask_bits;
1153  mask_bits >>= 1;
1154  }
1155  mask.s_addr = cpu_to_be32(temp_mask);
1156 
1157  newname.sin_addr.s_addr &= mask.s_addr;
1158  /*
1159  * Only allow one writer at a time. Writes should be
1160  * quite rare and small in any case.
1161  */
1162  mutex_lock(&smk_netlbladdr_lock);
1163 
1164  nsa = newname.sin_addr.s_addr;
1165  /* try to find if the prefix is already in the list */
1166  found = 0;
1167  list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) {
1168  if (skp->smk_host.sin_addr.s_addr == nsa &&
1169  skp->smk_mask.s_addr == mask.s_addr) {
1170  found = 1;
1171  break;
1172  }
1173  }
1174  smk_netlabel_audit_set(&audit_info);
1175 
1176  if (found == 0) {
1177  skp = kzalloc(sizeof(*skp), GFP_KERNEL);
1178  if (skp == NULL)
1179  rc = -ENOMEM;
1180  else {
1181  rc = 0;
1182  skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
1183  skp->smk_mask.s_addr = mask.s_addr;
1184  skp->smk_label = sp;
1185  smk_netlbladdr_insert(skp);
1186  }
1187  } else {
1188  /* we delete the unlabeled entry, only if the previous label
1189  * wasn't the special CIPSO option */
1190  if (skp->smk_label != smack_cipso_option)
1192  &skp->smk_host.sin_addr, &skp->smk_mask,
1193  PF_INET, &audit_info);
1194  else
1195  rc = 0;
1196  skp->smk_label = sp;
1197  }
1198 
1199  /*
1200  * Now tell netlabel about the single label nature of
1201  * this host so that incoming packets get labeled.
1202  * but only if we didn't get the special CIPSO option
1203  */
1204  if (rc == 0 && sp != smack_cipso_option)
1206  &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET,
1207  smack_to_secid(skp->smk_label), &audit_info);
1208 
1209  if (rc == 0)
1210  rc = count;
1211 
1212  mutex_unlock(&smk_netlbladdr_lock);
1213 
1214 free_out:
1215  kfree(smack);
1216 free_data_out:
1217  kfree(data);
1218 
1219  return rc;
1220 }
1221 
1222 static const struct file_operations smk_netlbladdr_ops = {
1223  .open = smk_open_netlbladdr,
1224  .read = seq_read,
1225  .llseek = seq_lseek,
1226  .write = smk_write_netlbladdr,
1227  .release = seq_release,
1228 };
1229 
1239 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1240  size_t count, loff_t *ppos)
1241 {
1242  char temp[80];
1243  ssize_t rc;
1244 
1245  if (*ppos != 0)
1246  return 0;
1247 
1248  sprintf(temp, "%d", smk_cipso_doi_value);
1249  rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1250 
1251  return rc;
1252 }
1253 
1263 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1264  size_t count, loff_t *ppos)
1265 {
1266  char temp[80];
1267  int i;
1268 
1269  if (!smack_privileged(CAP_MAC_ADMIN))
1270  return -EPERM;
1271 
1272  if (count >= sizeof(temp) || count == 0)
1273  return -EINVAL;
1274 
1275  if (copy_from_user(temp, buf, count) != 0)
1276  return -EFAULT;
1277 
1278  temp[count] = '\0';
1279 
1280  if (sscanf(temp, "%d", &i) != 1)
1281  return -EINVAL;
1282 
1283  smk_cipso_doi_value = i;
1284 
1285  smk_cipso_doi();
1286 
1287  return count;
1288 }
1289 
1290 static const struct file_operations smk_doi_ops = {
1291  .read = smk_read_doi,
1292  .write = smk_write_doi,
1293  .llseek = default_llseek,
1294 };
1295 
1305 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1306  size_t count, loff_t *ppos)
1307 {
1308  char temp[80];
1309  ssize_t rc;
1310 
1311  if (*ppos != 0)
1312  return 0;
1313 
1314  sprintf(temp, "%d", smack_cipso_direct);
1315  rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1316 
1317  return rc;
1318 }
1319 
1329 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1330  size_t count, loff_t *ppos)
1331 {
1332  struct smack_known *skp;
1333  char temp[80];
1334  int i;
1335 
1336  if (!smack_privileged(CAP_MAC_ADMIN))
1337  return -EPERM;
1338 
1339  if (count >= sizeof(temp) || count == 0)
1340  return -EINVAL;
1341 
1342  if (copy_from_user(temp, buf, count) != 0)
1343  return -EFAULT;
1344 
1345  temp[count] = '\0';
1346 
1347  if (sscanf(temp, "%d", &i) != 1)
1348  return -EINVAL;
1349 
1350  /*
1351  * Don't do anything if the value hasn't actually changed.
1352  * If it is changing reset the level on entries that were
1353  * set up to be direct when they were created.
1354  */
1355  if (smack_cipso_direct != i) {
1356  mutex_lock(&smack_known_lock);
1357  list_for_each_entry_rcu(skp, &smack_known_list, list)
1358  if (skp->smk_netlabel.attr.mls.lvl ==
1360  skp->smk_netlabel.attr.mls.lvl = i;
1361  smack_cipso_direct = i;
1362  mutex_unlock(&smack_known_lock);
1363  }
1364 
1365  return count;
1366 }
1367 
1368 static const struct file_operations smk_direct_ops = {
1369  .read = smk_read_direct,
1370  .write = smk_write_direct,
1371  .llseek = default_llseek,
1372 };
1373 
1383 static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1384  size_t count, loff_t *ppos)
1385 {
1386  char temp[80];
1387  ssize_t rc;
1388 
1389  if (*ppos != 0)
1390  return 0;
1391 
1392  sprintf(temp, "%d", smack_cipso_mapped);
1393  rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1394 
1395  return rc;
1396 }
1397 
1407 static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1408  size_t count, loff_t *ppos)
1409 {
1410  struct smack_known *skp;
1411  char temp[80];
1412  int i;
1413 
1414  if (!smack_privileged(CAP_MAC_ADMIN))
1415  return -EPERM;
1416 
1417  if (count >= sizeof(temp) || count == 0)
1418  return -EINVAL;
1419 
1420  if (copy_from_user(temp, buf, count) != 0)
1421  return -EFAULT;
1422 
1423  temp[count] = '\0';
1424 
1425  if (sscanf(temp, "%d", &i) != 1)
1426  return -EINVAL;
1427 
1428  /*
1429  * Don't do anything if the value hasn't actually changed.
1430  * If it is changing reset the level on entries that were
1431  * set up to be mapped when they were created.
1432  */
1433  if (smack_cipso_mapped != i) {
1434  mutex_lock(&smack_known_lock);
1435  list_for_each_entry_rcu(skp, &smack_known_list, list)
1436  if (skp->smk_netlabel.attr.mls.lvl ==
1438  skp->smk_netlabel.attr.mls.lvl = i;
1439  smack_cipso_mapped = i;
1440  mutex_unlock(&smack_known_lock);
1441  }
1442 
1443  return count;
1444 }
1445 
1446 static const struct file_operations smk_mapped_ops = {
1447  .read = smk_read_mapped,
1448  .write = smk_write_mapped,
1449  .llseek = default_llseek,
1450 };
1451 
1461 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1462  size_t cn, loff_t *ppos)
1463 {
1464  ssize_t rc;
1465  int asize;
1466 
1467  if (*ppos != 0)
1468  return 0;
1469  /*
1470  * Being careful to avoid a problem in the case where
1471  * smack_net_ambient gets changed in midstream.
1472  */
1473  mutex_lock(&smack_ambient_lock);
1474 
1475  asize = strlen(smack_net_ambient) + 1;
1476 
1477  if (cn >= asize)
1478  rc = simple_read_from_buffer(buf, cn, ppos,
1479  smack_net_ambient, asize);
1480  else
1481  rc = -EINVAL;
1482 
1483  mutex_unlock(&smack_ambient_lock);
1484 
1485  return rc;
1486 }
1487 
1497 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1498  size_t count, loff_t *ppos)
1499 {
1500  char *oldambient;
1501  char *smack = NULL;
1502  char *data;
1503  int rc = count;
1504 
1505  if (!smack_privileged(CAP_MAC_ADMIN))
1506  return -EPERM;
1507 
1508  data = kzalloc(count + 1, GFP_KERNEL);
1509  if (data == NULL)
1510  return -ENOMEM;
1511 
1512  if (copy_from_user(data, buf, count) != 0) {
1513  rc = -EFAULT;
1514  goto out;
1515  }
1516 
1517  smack = smk_import(data, count);
1518  if (smack == NULL) {
1519  rc = -EINVAL;
1520  goto out;
1521  }
1522 
1523  mutex_lock(&smack_ambient_lock);
1524 
1525  oldambient = smack_net_ambient;
1526  smack_net_ambient = smack;
1527  smk_unlbl_ambient(oldambient);
1528 
1529  mutex_unlock(&smack_ambient_lock);
1530 
1531 out:
1532  kfree(data);
1533  return rc;
1534 }
1535 
1536 static const struct file_operations smk_ambient_ops = {
1537  .read = smk_read_ambient,
1538  .write = smk_write_ambient,
1539  .llseek = default_llseek,
1540 };
1541 
1551 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf,
1552  size_t cn, loff_t *ppos)
1553 {
1554  char *smack = "";
1555  ssize_t rc = -EINVAL;
1556  int asize;
1557 
1558  if (*ppos != 0)
1559  return 0;
1560 
1561  if (smack_onlycap != NULL)
1562  smack = smack_onlycap;
1563 
1564  asize = strlen(smack) + 1;
1565 
1566  if (cn >= asize)
1567  rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
1568 
1569  return rc;
1570 }
1571 
1581 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1582  size_t count, loff_t *ppos)
1583 {
1584  char *data;
1585  char *sp = smk_of_task(current->cred->security);
1586  int rc = count;
1587 
1588  if (!smack_privileged(CAP_MAC_ADMIN))
1589  return -EPERM;
1590 
1591  /*
1592  * This can be done using smk_access() but is done
1593  * explicitly for clarity. The smk_access() implementation
1594  * would use smk_access(smack_onlycap, MAY_WRITE)
1595  */
1596  if (smack_onlycap != NULL && smack_onlycap != sp)
1597  return -EPERM;
1598 
1599  data = kzalloc(count, GFP_KERNEL);
1600  if (data == NULL)
1601  return -ENOMEM;
1602 
1603  /*
1604  * Should the null string be passed in unset the onlycap value.
1605  * This seems like something to be careful with as usually
1606  * smk_import only expects to return NULL for errors. It
1607  * is usually the case that a nullstring or "\n" would be
1608  * bad to pass to smk_import but in fact this is useful here.
1609  *
1610  * smk_import will also reject a label beginning with '-',
1611  * so "-usecapabilities" will also work.
1612  */
1613  if (copy_from_user(data, buf, count) != 0)
1614  rc = -EFAULT;
1615  else
1616  smack_onlycap = smk_import(data, count);
1617 
1618  kfree(data);
1619  return rc;
1620 }
1621 
1622 static const struct file_operations smk_onlycap_ops = {
1623  .read = smk_read_onlycap,
1624  .write = smk_write_onlycap,
1625  .llseek = default_llseek,
1626 };
1627 
1637 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1638  size_t count, loff_t *ppos)
1639 {
1640  char temp[32];
1641  ssize_t rc;
1642 
1643  if (*ppos != 0)
1644  return 0;
1645 
1646  sprintf(temp, "%d\n", log_policy);
1647  rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1648  return rc;
1649 }
1650 
1660 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1661  size_t count, loff_t *ppos)
1662 {
1663  char temp[32];
1664  int i;
1665 
1666  if (!smack_privileged(CAP_MAC_ADMIN))
1667  return -EPERM;
1668 
1669  if (count >= sizeof(temp) || count == 0)
1670  return -EINVAL;
1671 
1672  if (copy_from_user(temp, buf, count) != 0)
1673  return -EFAULT;
1674 
1675  temp[count] = '\0';
1676 
1677  if (sscanf(temp, "%d", &i) != 1)
1678  return -EINVAL;
1679  if (i < 0 || i > 3)
1680  return -EINVAL;
1681  log_policy = i;
1682  return count;
1683 }
1684 
1685 
1686 
1687 static const struct file_operations smk_logging_ops = {
1688  .read = smk_read_logging,
1689  .write = smk_write_logging,
1690  .llseek = default_llseek,
1691 };
1692 
1693 /*
1694  * Seq_file read operations for /smack/load-self
1695  */
1696 
1697 static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
1698 {
1699  struct task_smack *tsp = current_security();
1700 
1701  return smk_seq_start(s, pos, &tsp->smk_rules);
1702 }
1703 
1704 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
1705 {
1706  struct task_smack *tsp = current_security();
1707 
1708  return smk_seq_next(s, v, pos, &tsp->smk_rules);
1709 }
1710 
1711 static int load_self_seq_show(struct seq_file *s, void *v)
1712 {
1713  struct list_head *list = v;
1714  struct smack_rule *srp =
1715  list_entry(list, struct smack_rule, list);
1716 
1717  smk_rule_show(s, srp, SMK_LABELLEN);
1718 
1719  return 0;
1720 }
1721 
1722 static const struct seq_operations load_self_seq_ops = {
1723  .start = load_self_seq_start,
1724  .next = load_self_seq_next,
1725  .show = load_self_seq_show,
1726  .stop = smk_seq_stop,
1727 };
1728 
1729 
1737 static int smk_open_load_self(struct inode *inode, struct file *file)
1738 {
1739  return seq_open(file, &load_self_seq_ops);
1740 }
1741 
1750 static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
1751  size_t count, loff_t *ppos)
1752 {
1753  struct task_smack *tsp = current_security();
1754 
1755  return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1757 }
1758 
1759 static const struct file_operations smk_load_self_ops = {
1760  .open = smk_open_load_self,
1761  .read = seq_read,
1762  .llseek = seq_lseek,
1763  .write = smk_write_load_self,
1764  .release = seq_release,
1765 };
1766 
1774 static ssize_t smk_user_access(struct file *file, const char __user *buf,
1775  size_t count, loff_t *ppos, int format)
1776 {
1777  struct smack_rule rule;
1778  char *data;
1779  char *cod;
1780  int res;
1781 
1782  data = simple_transaction_get(file, buf, count);
1783  if (IS_ERR(data))
1784  return PTR_ERR(data);
1785 
1786  if (format == SMK_FIXED24_FMT) {
1787  if (count < SMK_LOADLEN)
1788  return -EINVAL;
1789  res = smk_parse_rule(data, &rule, 0);
1790  } else {
1791  /*
1792  * Copy the data to make sure the string is terminated.
1793  */
1794  cod = kzalloc(count + 1, GFP_KERNEL);
1795  if (cod == NULL)
1796  return -ENOMEM;
1797  memcpy(cod, data, count);
1798  cod[count] = '\0';
1799  res = smk_parse_long_rule(cod, &rule, 0);
1800  kfree(cod);
1801  }
1802 
1803  if (res)
1804  return -EINVAL;
1805 
1806  res = smk_access(rule.smk_subject, rule.smk_object, rule.smk_access,
1807  NULL);
1808  data[0] = res == 0 ? '1' : '0';
1809  data[1] = '\0';
1810 
1811  simple_transaction_set(file, 2);
1812 
1813  if (format == SMK_FIXED24_FMT)
1814  return SMK_LOADLEN;
1815  return count;
1816 }
1817 
1825 static ssize_t smk_write_access(struct file *file, const char __user *buf,
1826  size_t count, loff_t *ppos)
1827 {
1828  return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
1829 }
1830 
1831 static const struct file_operations smk_access_ops = {
1832  .write = smk_write_access,
1833  .read = simple_transaction_read,
1834  .release = simple_transaction_release,
1835  .llseek = generic_file_llseek,
1836 };
1837 
1838 
1839 /*
1840  * Seq_file read operations for /smack/load2
1841  */
1842 
1843 static int load2_seq_show(struct seq_file *s, void *v)
1844 {
1845  struct list_head *list = v;
1846  struct smack_master_list *smlp =
1847  list_entry(list, struct smack_master_list, list);
1848 
1849  smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL);
1850 
1851  return 0;
1852 }
1853 
1854 static const struct seq_operations load2_seq_ops = {
1855  .start = load2_seq_start,
1856  .next = load2_seq_next,
1857  .show = load2_seq_show,
1858  .stop = smk_seq_stop,
1859 };
1860 
1868 static int smk_open_load2(struct inode *inode, struct file *file)
1869 {
1870  return seq_open(file, &load2_seq_ops);
1871 }
1872 
1881 static ssize_t smk_write_load2(struct file *file, const char __user *buf,
1882  size_t count, loff_t *ppos)
1883 {
1884  /*
1885  * Must have privilege.
1886  */
1887  if (!smack_privileged(CAP_MAC_ADMIN))
1888  return -EPERM;
1889 
1890  return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
1891  SMK_LONG_FMT);
1892 }
1893 
1894 static const struct file_operations smk_load2_ops = {
1895  .open = smk_open_load2,
1896  .read = seq_read,
1897  .llseek = seq_lseek,
1898  .write = smk_write_load2,
1899  .release = seq_release,
1900 };
1901 
1902 /*
1903  * Seq_file read operations for /smack/load-self2
1904  */
1905 
1906 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
1907 {
1908  struct task_smack *tsp = current_security();
1909 
1910  return smk_seq_start(s, pos, &tsp->smk_rules);
1911 }
1912 
1913 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
1914 {
1915  struct task_smack *tsp = current_security();
1916 
1917  return smk_seq_next(s, v, pos, &tsp->smk_rules);
1918 }
1919 
1920 static int load_self2_seq_show(struct seq_file *s, void *v)
1921 {
1922  struct list_head *list = v;
1923  struct smack_rule *srp =
1924  list_entry(list, struct smack_rule, list);
1925 
1926  smk_rule_show(s, srp, SMK_LONGLABEL);
1927 
1928  return 0;
1929 }
1930 
1931 static const struct seq_operations load_self2_seq_ops = {
1932  .start = load_self2_seq_start,
1933  .next = load_self2_seq_next,
1934  .show = load_self2_seq_show,
1935  .stop = smk_seq_stop,
1936 };
1937 
1945 static int smk_open_load_self2(struct inode *inode, struct file *file)
1946 {
1947  return seq_open(file, &load_self2_seq_ops);
1948 }
1949 
1958 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
1959  size_t count, loff_t *ppos)
1960 {
1961  struct task_smack *tsp = current_security();
1962 
1963  return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1964  &tsp->smk_rules_lock, SMK_LONG_FMT);
1965 }
1966 
1967 static const struct file_operations smk_load_self2_ops = {
1968  .open = smk_open_load_self2,
1969  .read = seq_read,
1970  .llseek = seq_lseek,
1971  .write = smk_write_load_self2,
1972  .release = seq_release,
1973 };
1974 
1982 static ssize_t smk_write_access2(struct file *file, const char __user *buf,
1983  size_t count, loff_t *ppos)
1984 {
1985  return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
1986 }
1987 
1988 static const struct file_operations smk_access2_ops = {
1989  .write = smk_write_access2,
1990  .read = simple_transaction_read,
1991  .release = simple_transaction_release,
1992  .llseek = generic_file_llseek,
1993 };
1994 
2002 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2003  size_t count, loff_t *ppos)
2004 {
2005  char *data = NULL;
2006  const char *cp = NULL;
2007  struct smack_known *skp;
2008  struct smack_rule *sp;
2009  struct list_head *rule_list;
2010  struct mutex *rule_lock;
2011  int rc = count;
2012 
2013  if (*ppos != 0)
2014  return -EINVAL;
2015 
2016  if (!smack_privileged(CAP_MAC_ADMIN))
2017  return -EPERM;
2018 
2019  if (count == 0 || count > SMK_LONGLABEL)
2020  return -EINVAL;
2021 
2022  data = kzalloc(count, GFP_KERNEL);
2023  if (data == NULL)
2024  return -ENOMEM;
2025 
2026  if (copy_from_user(data, buf, count) != 0) {
2027  rc = -EFAULT;
2028  goto free_out;
2029  }
2030 
2031  cp = smk_parse_smack(data, count);
2032  if (cp == NULL) {
2033  rc = -EINVAL;
2034  goto free_out;
2035  }
2036 
2037  skp = smk_find_entry(cp);
2038  if (skp == NULL) {
2039  rc = -EINVAL;
2040  goto free_out;
2041  }
2042 
2043  rule_list = &skp->smk_rules;
2044  rule_lock = &skp->smk_rules_lock;
2045 
2046  mutex_lock(rule_lock);
2047 
2048  list_for_each_entry_rcu(sp, rule_list, list)
2049  sp->smk_access = 0;
2050 
2051  mutex_unlock(rule_lock);
2052 
2053 free_out:
2054  kfree(data);
2055  kfree(cp);
2056  return rc;
2057 }
2058 
2059 static const struct file_operations smk_revoke_subj_ops = {
2060  .write = smk_write_revoke_subj,
2061  .read = simple_transaction_read,
2062  .release = simple_transaction_release,
2063  .llseek = generic_file_llseek,
2064 };
2065 
2076 static int smk_fill_super(struct super_block *sb, void *data, int silent)
2077 {
2078  int rc;
2079  struct inode *root_inode;
2080 
2081  static struct tree_descr smack_files[] = {
2082  [SMK_LOAD] = {
2083  "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2084  [SMK_CIPSO] = {
2085  "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2086  [SMK_DOI] = {
2087  "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2088  [SMK_DIRECT] = {
2089  "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2090  [SMK_AMBIENT] = {
2091  "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2092  [SMK_NETLBLADDR] = {
2093  "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
2094  [SMK_ONLYCAP] = {
2095  "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2096  [SMK_LOGGING] = {
2097  "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2098  [SMK_LOAD_SELF] = {
2099  "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2100  [SMK_ACCESSES] = {
2101  "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2102  [SMK_MAPPED] = {
2103  "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2104  [SMK_LOAD2] = {
2105  "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2106  [SMK_LOAD_SELF2] = {
2107  "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2108  [SMK_ACCESS2] = {
2109  "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2110  [SMK_CIPSO2] = {
2111  "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2112  [SMK_REVOKE_SUBJ] = {
2113  "revoke-subject", &smk_revoke_subj_ops,
2114  S_IRUGO|S_IWUSR},
2115  /* last one */
2116  {""}
2117  };
2118 
2119  rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2120  if (rc != 0) {
2121  printk(KERN_ERR "%s failed %d while creating inodes\n",
2122  __func__, rc);
2123  return rc;
2124  }
2125 
2126  root_inode = sb->s_root->d_inode;
2127 
2128  return 0;
2129 }
2130 
2142 static struct dentry *smk_mount(struct file_system_type *fs_type,
2143  int flags, const char *dev_name, void *data)
2144 {
2145  return mount_single(fs_type, flags, data, smk_fill_super);
2146 }
2147 
2148 static struct file_system_type smk_fs_type = {
2149  .name = "smackfs",
2150  .mount = smk_mount,
2151  .kill_sb = kill_litter_super,
2152 };
2153 
2154 static struct vfsmount *smackfs_mount;
2155 
2156 static int __init smk_preset_netlabel(struct smack_known *skp)
2157 {
2158  skp->smk_netlabel.domain = skp->smk_known;
2159  skp->smk_netlabel.flags =
2162  &skp->smk_netlabel, strlen(skp->smk_known));
2163 }
2164 
2178 static int __init init_smk_fs(void)
2179 {
2180  int err;
2181  int rc;
2182 
2184  return 0;
2185 
2186  err = register_filesystem(&smk_fs_type);
2187  if (!err) {
2188  smackfs_mount = kern_mount(&smk_fs_type);
2189  if (IS_ERR(smackfs_mount)) {
2190  printk(KERN_ERR "smackfs: could not mount!\n");
2191  err = PTR_ERR(smackfs_mount);
2192  smackfs_mount = NULL;
2193  }
2194  }
2195 
2196  smk_cipso_doi();
2197  smk_unlbl_ambient(NULL);
2198 
2199  rc = smk_preset_netlabel(&smack_known_floor);
2200  if (err == 0 && rc < 0)
2201  err = rc;
2202  rc = smk_preset_netlabel(&smack_known_hat);
2203  if (err == 0 && rc < 0)
2204  err = rc;
2205  rc = smk_preset_netlabel(&smack_known_huh);
2206  if (err == 0 && rc < 0)
2207  err = rc;
2208  rc = smk_preset_netlabel(&smack_known_invalid);
2209  if (err == 0 && rc < 0)
2210  err = rc;
2211  rc = smk_preset_netlabel(&smack_known_star);
2212  if (err == 0 && rc < 0)
2213  err = rc;
2214  rc = smk_preset_netlabel(&smack_known_web);
2215  if (err == 0 && rc < 0)
2216  err = rc;
2217 
2218  return err;
2219 }
2220 
2221 __initcall(init_smk_fs);