1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 4 * 5 * Authors: 6 * Casey Schaufler <casey@schaufler-ca.com> 7 * Ahmed S. Darwish <darwish.07@gmail.com> 8 * 9 * Special thanks to the authors of selinuxfs. 10 * 11 * Karl MacMillan <kmacmillan@tresys.com> 12 * James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/vmalloc.h> 17 #include <linux/security.h> 18 #include <linux/mutex.h> 19 #include <linux/slab.h> 20 #include <net/net_namespace.h> 21 #include <net/cipso_ipv4.h> 22 #include <linux/seq_file.h> 23 #include <linux/ctype.h> 24 #include <linux/audit.h> 25 #include <linux/magic.h> 26 #include <linux/mount.h> 27 #include <linux/fs_context.h> 28 #include "smack.h" 29 30 #define BEBITS (sizeof(__be32) * 8) 31 /* 32 * smackfs pseudo filesystem. 33 */ 34 35 enum smk_inos { 36 SMK_ROOT_INO = 2, 37 SMK_LOAD = 3, /* load policy */ 38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 39 SMK_DOI = 5, /* CIPSO DOI */ 40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 41 SMK_AMBIENT = 7, /* internet ambient label */ 42 SMK_NET4ADDR = 8, /* single label hosts */ 43 SMK_ONLYCAP = 9, /* the only "capable" label */ 44 #ifdef CONFIG_AUDIT 45 SMK_LOGGING = 10, /* logging */ 46 #endif /* CONFIG_AUDIT */ 47 SMK_LOAD_SELF = 11, /* task specific rules */ 48 SMK_ACCESSES = 12, /* access policy */ 49 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 50 SMK_LOAD2 = 14, /* load policy with long labels */ 51 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 52 SMK_ACCESS2 = 16, /* make an access check with long labels */ 53 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 54 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 55 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 56 SMK_SYSLOG = 20, /* change syslog label) */ 57 SMK_PTRACE = 21, /* set ptrace rule */ 58 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 59 SMK_UNCONFINED = 22, /* define an unconfined label */ 60 #endif 61 #if IS_ENABLED(CONFIG_IPV6) 62 SMK_NET6ADDR = 23, /* single label IPv6 hosts */ 63 #endif /* CONFIG_IPV6 */ 64 SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */ 65 }; 66 67 /* 68 * List locks 69 */ 70 static DEFINE_MUTEX(smack_cipso_lock); 71 static DEFINE_MUTEX(smack_ambient_lock); 72 static DEFINE_MUTEX(smk_net4addr_lock); 73 static DEFINE_MUTEX(smk_cipso_doi_lock); 74 #if IS_ENABLED(CONFIG_IPV6) 75 static DEFINE_MUTEX(smk_net6addr_lock); 76 #endif /* CONFIG_IPV6 */ 77 78 /* 79 * This is the "ambient" label for network traffic. 80 * If it isn't somehow marked, use this. 81 * It can be reset via smackfs/ambient 82 */ 83 struct smack_known *smack_net_ambient; 84 85 /* 86 * This is the level in a CIPSO header that indicates a 87 * smack label is contained directly in the category set. 88 * It can be reset via smackfs/direct 89 */ 90 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 91 92 /* 93 * This is the level in a CIPSO header that indicates a 94 * secid is contained directly in the category set. 95 * It can be reset via smackfs/mapped 96 */ 97 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 98 99 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 100 /* 101 * Allow one label to be unconfined. This is for 102 * debugging and application bring-up purposes only. 103 * It is bad and wrong, but everyone seems to expect 104 * to have it. 105 */ 106 struct smack_known *smack_unconfined; 107 #endif 108 109 /* 110 * If this value is set restrict syslog use to the label specified. 111 * It can be reset via smackfs/syslog 112 */ 113 struct smack_known *smack_syslog_label; 114 115 /* 116 * Ptrace current rule 117 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 118 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 119 * CAP_SYS_PTRACE 120 * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect 121 */ 122 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 123 124 /* 125 * Certain IP addresses may be designated as single label hosts. 126 * Packets are sent there unlabeled, but only from tasks that 127 * can write to the specified label. 128 */ 129 130 LIST_HEAD(smk_net4addr_list); 131 #if IS_ENABLED(CONFIG_IPV6) 132 LIST_HEAD(smk_net6addr_list); 133 #endif /* CONFIG_IPV6 */ 134 135 /* 136 * Rule lists are maintained for each label. 137 */ 138 struct smack_parsed_rule { 139 struct smack_known *smk_subject; 140 struct smack_known *smk_object; 141 int smk_access1; 142 int smk_access2; 143 }; 144 145 static u32 smk_cipso_doi_value = CIPSO_V4_DOI_UNKNOWN; 146 147 /* 148 * Values for parsing cipso rules 149 * SMK_DIGITLEN: Length of a digit field in a rule. 150 * SMK_CIPSOMIN: Minimum possible cipso rule length. 151 * SMK_CIPSOMAX: Maximum possible cipso rule length. 152 */ 153 #define SMK_DIGITLEN 4 154 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 155 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 156 157 /* 158 * Values for parsing MAC rules 159 * SMK_ACCESS: Maximum possible combination of access permissions 160 * SMK_ACCESSLEN: Maximum length for a rule access field 161 * SMK_LOADLEN: Smack rule length 162 */ 163 #define SMK_OACCESS "rwxa" 164 #define SMK_ACCESS "rwxatl" 165 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 166 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 167 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 168 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 169 170 /* 171 * Strictly for CIPSO level manipulation. 172 * Set the category bit number in a smack label sized buffer. 173 */ 174 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 175 { 176 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 177 return; 178 179 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 180 } 181 182 /** 183 * smk_netlabel_audit_set - fill a netlbl_audit struct 184 * @nap: structure to fill 185 */ 186 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 187 { 188 nap->loginuid = audit_get_loginuid(current); 189 nap->sessionid = audit_get_sessionid(current); 190 nap->prop.smack.skp = smk_of_current(); 191 } 192 193 /* 194 * Value for parsing single label host rules 195 * "1.2.3.4 X" 196 */ 197 #define SMK_NETLBLADDRMIN 9 198 199 /** 200 * smk_set_access - add a rule to the rule list or replace an old rule 201 * @srp: the rule to add or replace 202 * @rule_list: the list of rules 203 * @rule_lock: the rule list lock 204 * 205 * Looks through the current subject/object/access list for 206 * the subject/object pair and replaces the access that was 207 * there. If the pair isn't found add it with the specified 208 * access. 209 * 210 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 211 * during the allocation of the new pair to add. 212 */ 213 static int smk_set_access(struct smack_parsed_rule *srp, 214 struct list_head *rule_list, 215 struct mutex *rule_lock) 216 { 217 struct smack_rule *sp; 218 int found = 0; 219 int rc = 0; 220 221 mutex_lock(rule_lock); 222 223 /* 224 * Because the object label is less likely to match 225 * than the subject label check it first 226 */ 227 list_for_each_entry_rcu(sp, rule_list, list) { 228 if (sp->smk_object == srp->smk_object && 229 sp->smk_subject == srp->smk_subject) { 230 found = 1; 231 sp->smk_access |= srp->smk_access1; 232 sp->smk_access &= ~srp->smk_access2; 233 break; 234 } 235 } 236 237 if (found == 0) { 238 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); 239 if (sp == NULL) { 240 rc = -ENOMEM; 241 goto out; 242 } 243 244 sp->smk_subject = srp->smk_subject; 245 sp->smk_object = srp->smk_object; 246 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 247 248 list_add_rcu(&sp->list, rule_list); 249 } 250 251 out: 252 mutex_unlock(rule_lock); 253 return rc; 254 } 255 256 /** 257 * smk_perm_from_str - parse smack accesses from a text string 258 * @string: a text string that contains a Smack accesses code 259 * 260 * Returns an integer with respective bits set for specified accesses. 261 */ 262 static int smk_perm_from_str(const char *string) 263 { 264 int perm = 0; 265 const char *cp; 266 267 for (cp = string; ; cp++) 268 switch (*cp) { 269 case '-': 270 break; 271 case 'r': 272 case 'R': 273 perm |= MAY_READ; 274 break; 275 case 'w': 276 case 'W': 277 perm |= MAY_WRITE; 278 break; 279 case 'x': 280 case 'X': 281 perm |= MAY_EXEC; 282 break; 283 case 'a': 284 case 'A': 285 perm |= MAY_APPEND; 286 break; 287 case 't': 288 case 'T': 289 perm |= MAY_TRANSMUTE; 290 break; 291 case 'l': 292 case 'L': 293 perm |= MAY_LOCK; 294 break; 295 case 'b': 296 case 'B': 297 perm |= MAY_BRINGUP; 298 break; 299 default: 300 return perm; 301 } 302 } 303 304 /** 305 * smk_fill_rule - Fill Smack rule from strings 306 * @subject: subject label string 307 * @object: object label string 308 * @access1: access string 309 * @access2: string with permissions to be removed 310 * @rule: Smack rule 311 * @import: if non-zero, import labels 312 * @len: label length limit 313 * 314 * Returns 0 on success, appropriate error code on failure. 315 */ 316 static int smk_fill_rule(const char *subject, const char *object, 317 const char *access1, const char *access2, 318 struct smack_parsed_rule *rule, int import, 319 int len) 320 { 321 const char *cp; 322 struct smack_known *skp; 323 324 if (import) { 325 rule->smk_subject = smk_import_entry(subject, len); 326 if (IS_ERR(rule->smk_subject)) 327 return PTR_ERR(rule->smk_subject); 328 329 rule->smk_object = smk_import_entry(object, len); 330 if (IS_ERR(rule->smk_object)) 331 return PTR_ERR(rule->smk_object); 332 } else { 333 cp = smk_parse_smack(subject, len); 334 if (IS_ERR(cp)) 335 return PTR_ERR(cp); 336 skp = smk_find_entry(cp); 337 kfree(cp); 338 if (skp == NULL) 339 return -ENOENT; 340 rule->smk_subject = skp; 341 342 cp = smk_parse_smack(object, len); 343 if (IS_ERR(cp)) 344 return PTR_ERR(cp); 345 skp = smk_find_entry(cp); 346 kfree(cp); 347 if (skp == NULL) 348 return -ENOENT; 349 rule->smk_object = skp; 350 } 351 352 rule->smk_access1 = smk_perm_from_str(access1); 353 if (access2) 354 rule->smk_access2 = smk_perm_from_str(access2); 355 else 356 rule->smk_access2 = ~rule->smk_access1; 357 358 return 0; 359 } 360 361 /** 362 * smk_parse_rule - parse Smack rule from load string 363 * @data: string to be parsed whose size is SMK_LOADLEN 364 * @rule: Smack rule 365 * @import: if non-zero, import labels 366 * 367 * Returns 0 on success, -1 on errors. 368 */ 369 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 370 int import) 371 { 372 int rc; 373 374 rc = smk_fill_rule(data, data + SMK_LABELLEN, 375 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 376 import, SMK_LABELLEN); 377 return rc; 378 } 379 380 /** 381 * smk_parse_long_rule - parse Smack rule from rule string 382 * @data: string to be parsed, null terminated 383 * @rule: Will be filled with Smack parsed rule 384 * @import: if non-zero, import labels 385 * @tokens: number of substrings expected in data 386 * 387 * Returns number of processed bytes on success, -ERRNO on failure. 388 */ 389 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 390 int import, int tokens) 391 { 392 ssize_t cnt = 0; 393 char *tok[4]; 394 int rc; 395 int i; 396 397 /* 398 * Parsing the rule in-place, filling all white-spaces with '\0' 399 */ 400 for (i = 0; i < tokens; ++i) { 401 while (isspace(data[cnt])) 402 data[cnt++] = '\0'; 403 404 if (data[cnt] == '\0') 405 /* Unexpected end of data */ 406 return -EINVAL; 407 408 tok[i] = data + cnt; 409 410 while (data[cnt] && !isspace(data[cnt])) 411 ++cnt; 412 } 413 while (isspace(data[cnt])) 414 data[cnt++] = '\0'; 415 416 while (i < 4) 417 tok[i++] = NULL; 418 419 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 420 return rc == 0 ? cnt : rc; 421 } 422 423 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 424 #define SMK_LONG_FMT 1 /* Variable long label format */ 425 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 426 /** 427 * smk_write_rules_list - write() for any /smack rule file 428 * @file: file pointer, not actually used 429 * @buf: where to get the data from 430 * @count: bytes sent 431 * @ppos: where to start - must be 0 432 * @rule_list: the list of rules to write to 433 * @rule_lock: lock for the rule list 434 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 435 * 436 * Get one smack access rule from above. 437 * The format for SMK_LONG_FMT is: 438 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 439 * The format for SMK_FIXED24_FMT is exactly: 440 * "subject object rwxat" 441 * The format for SMK_CHANGE_FMT is: 442 * "subject<whitespace>object<whitespace> 443 * acc_enable<whitespace>acc_disable[<whitespace>...]" 444 */ 445 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 446 size_t count, loff_t *ppos, 447 struct list_head *rule_list, 448 struct mutex *rule_lock, int format) 449 { 450 struct smack_parsed_rule rule; 451 char *data; 452 int rc; 453 int trunc = 0; 454 int tokens; 455 ssize_t cnt = 0; 456 457 /* 458 * No partial writes. 459 * Enough data must be present. 460 */ 461 if (*ppos != 0) 462 return -EINVAL; 463 464 if (format == SMK_FIXED24_FMT) { 465 /* 466 * Minor hack for backward compatibility 467 */ 468 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 469 return -EINVAL; 470 } else { 471 if (count >= PAGE_SIZE) { 472 count = PAGE_SIZE - 1; 473 trunc = 1; 474 } 475 } 476 477 data = memdup_user_nul(buf, count); 478 if (IS_ERR(data)) 479 return PTR_ERR(data); 480 481 /* 482 * In case of parsing only part of user buf, 483 * avoid having partial rule at the data buffer 484 */ 485 if (trunc) { 486 while (count > 0 && (data[count - 1] != '\n')) 487 --count; 488 if (count == 0) { 489 rc = -EINVAL; 490 goto out; 491 } 492 } 493 494 data[count] = '\0'; 495 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 496 while (cnt < count) { 497 if (format == SMK_FIXED24_FMT) { 498 rc = smk_parse_rule(data, &rule, 1); 499 if (rc < 0) 500 goto out; 501 cnt = count; 502 } else { 503 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 504 if (rc < 0) 505 goto out; 506 if (rc == 0) { 507 rc = -EINVAL; 508 goto out; 509 } 510 cnt += rc; 511 } 512 513 if (rule_list == NULL) 514 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 515 &rule.smk_subject->smk_rules_lock); 516 else 517 rc = smk_set_access(&rule, rule_list, rule_lock); 518 519 if (rc) 520 goto out; 521 } 522 523 rc = cnt; 524 out: 525 kfree(data); 526 return rc; 527 } 528 529 /* 530 * Core logic for smackfs seq list operations. 531 */ 532 533 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 534 struct list_head *head) 535 { 536 struct list_head *list; 537 int i = *pos; 538 539 rcu_read_lock(); 540 for (list = rcu_dereference(list_next_rcu(head)); 541 list != head; 542 list = rcu_dereference(list_next_rcu(list))) { 543 if (i-- == 0) 544 return list; 545 } 546 547 return NULL; 548 } 549 550 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 551 struct list_head *head) 552 { 553 struct list_head *list = v; 554 555 ++*pos; 556 list = rcu_dereference(list_next_rcu(list)); 557 558 return (list == head) ? NULL : list; 559 } 560 561 static void smk_seq_stop(struct seq_file *s, void *v) 562 { 563 rcu_read_unlock(); 564 } 565 566 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 567 { 568 char acc[SMK_NUM_ACCESS_TYPE + 1]; 569 /* 570 * Don't show any rules with label names too long for 571 * interface file (/smack/load or /smack/load2) 572 * because you should expect to be able to write 573 * anything you read back. 574 */ 575 if (strlen(srp->smk_subject->smk_known) >= max || 576 strlen(srp->smk_object->smk_known) >= max) 577 return; 578 579 if (srp->smk_access == 0) 580 return; 581 582 smack_str_from_perm(acc, srp->smk_access); 583 seq_printf(s, "%s %s %s\n", 584 srp->smk_subject->smk_known, 585 srp->smk_object->smk_known, 586 acc); 587 } 588 589 /* 590 * Seq_file read operations for /smack/load 591 */ 592 593 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 594 { 595 return smk_seq_start(s, pos, &smack_known_list); 596 } 597 598 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 599 { 600 return smk_seq_next(s, v, pos, &smack_known_list); 601 } 602 603 static int load_seq_show(struct seq_file *s, void *v) 604 { 605 struct list_head *list = v; 606 struct smack_rule *srp; 607 struct smack_known *skp = 608 list_entry_rcu(list, struct smack_known, list); 609 610 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 611 smk_rule_show(s, srp, SMK_LABELLEN); 612 613 return 0; 614 } 615 616 static const struct seq_operations load_seq_ops = { 617 .start = load2_seq_start, 618 .next = load2_seq_next, 619 .show = load_seq_show, 620 .stop = smk_seq_stop, 621 }; 622 623 /** 624 * smk_open_load - open() for /smack/load 625 * @inode: inode structure representing file 626 * @file: "load" file pointer 627 * 628 * For reading, use load_seq_* seq_file reading operations. 629 */ 630 static int smk_open_load(struct inode *inode, struct file *file) 631 { 632 return seq_open(file, &load_seq_ops); 633 } 634 635 /** 636 * smk_write_load - write() for /smack/load 637 * @file: file pointer, not actually used 638 * @buf: where to get the data from 639 * @count: bytes sent 640 * @ppos: where to start - must be 0 641 * 642 */ 643 static ssize_t smk_write_load(struct file *file, const char __user *buf, 644 size_t count, loff_t *ppos) 645 { 646 /* 647 * Must have privilege. 648 * No partial writes. 649 * Enough data must be present. 650 */ 651 if (!smack_privileged(CAP_MAC_ADMIN)) 652 return -EPERM; 653 654 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 655 SMK_FIXED24_FMT); 656 } 657 658 static const struct file_operations smk_load_ops = { 659 .open = smk_open_load, 660 .read = seq_read, 661 .llseek = seq_lseek, 662 .write = smk_write_load, 663 .release = seq_release, 664 }; 665 666 /** 667 * smk_cipso_doi - set netlabel maps 668 * @ndoi: new value for our CIPSO DOI 669 * @gfp_flags: kmalloc allocation context 670 */ 671 static int 672 smk_cipso_doi(u32 ndoi, gfp_t gfp_flags) 673 { 674 int rc = 0; 675 struct cipso_v4_doi *doip; 676 struct netlbl_audit nai; 677 678 mutex_lock(&smk_cipso_doi_lock); 679 680 if (smk_cipso_doi_value == ndoi) 681 goto clr_doi_lock; 682 683 smk_netlabel_audit_set(&nai); 684 685 doip = kmalloc(sizeof(struct cipso_v4_doi), gfp_flags); 686 if (!doip) { 687 rc = -ENOMEM; 688 goto clr_doi_lock; 689 } 690 doip->map.std = NULL; 691 doip->doi = ndoi; 692 doip->type = CIPSO_V4_MAP_PASS; 693 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 694 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 695 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 696 697 rc = netlbl_cfg_cipsov4_add(doip, &nai); 698 if (rc) { 699 kfree(doip); 700 goto clr_doi_lock; 701 } 702 703 if (smk_cipso_doi_value != CIPSO_V4_DOI_UNKNOWN) { 704 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 705 if (rc && rc != -ENOENT) 706 goto clr_ndoi_def; 707 708 netlbl_cfg_cipsov4_del(smk_cipso_doi_value, &nai); 709 } 710 711 rc = netlbl_cfg_cipsov4_map_add(ndoi, NULL, NULL, NULL, &nai); 712 if (rc) { 713 smk_cipso_doi_value = CIPSO_V4_DOI_UNKNOWN; // no default map 714 clr_ndoi_def: netlbl_cfg_cipsov4_del(ndoi, &nai); 715 } else 716 smk_cipso_doi_value = ndoi; 717 718 clr_doi_lock: 719 mutex_unlock(&smk_cipso_doi_lock); 720 return rc; 721 } 722 723 /** 724 * smk_unlbl_ambient - initialize the unlabeled domain 725 * @oldambient: previous domain string 726 */ 727 static void smk_unlbl_ambient(char *oldambient) 728 { 729 int rc; 730 struct netlbl_audit nai; 731 732 smk_netlabel_audit_set(&nai); 733 734 if (oldambient != NULL) { 735 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 736 if (rc != 0) 737 printk(KERN_WARNING "%s:%d remove rc = %d\n", 738 __func__, __LINE__, rc); 739 } 740 if (smack_net_ambient == NULL) 741 smack_net_ambient = &smack_known_floor; 742 743 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 744 NULL, NULL, &nai); 745 if (rc != 0) 746 printk(KERN_WARNING "%s:%d add rc = %d\n", 747 __func__, __LINE__, rc); 748 } 749 750 /* 751 * Seq_file read operations for /smack/cipso 752 */ 753 754 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 755 { 756 return smk_seq_start(s, pos, &smack_known_list); 757 } 758 759 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 760 { 761 return smk_seq_next(s, v, pos, &smack_known_list); 762 } 763 764 /* 765 * Print cipso labels in format: 766 * label level[/cat[,cat]] 767 */ 768 static int cipso_seq_show(struct seq_file *s, void *v) 769 { 770 struct list_head *list = v; 771 struct smack_known *skp = 772 list_entry_rcu(list, struct smack_known, list); 773 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 774 char sep = '/'; 775 int i; 776 777 /* 778 * Don't show a label that could not have been set using 779 * /smack/cipso. This is in support of the notion that 780 * anything read from /smack/cipso ought to be writeable 781 * to /smack/cipso. 782 * 783 * /smack/cipso2 should be used instead. 784 */ 785 if (strlen(skp->smk_known) >= SMK_LABELLEN) 786 return 0; 787 788 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 789 790 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 791 i = netlbl_catmap_walk(cmp, i + 1)) { 792 seq_printf(s, "%c%d", sep, i); 793 sep = ','; 794 } 795 796 seq_putc(s, '\n'); 797 798 return 0; 799 } 800 801 static const struct seq_operations cipso_seq_ops = { 802 .start = cipso_seq_start, 803 .next = cipso_seq_next, 804 .show = cipso_seq_show, 805 .stop = smk_seq_stop, 806 }; 807 808 /** 809 * smk_open_cipso - open() for /smack/cipso 810 * @inode: inode structure representing file 811 * @file: "cipso" file pointer 812 * 813 * Connect our cipso_seq_* operations with /smack/cipso 814 * file_operations 815 */ 816 static int smk_open_cipso(struct inode *inode, struct file *file) 817 { 818 return seq_open(file, &cipso_seq_ops); 819 } 820 821 /** 822 * smk_set_cipso - do the work for write() for cipso and cipso2 823 * @file: file pointer, not actually used 824 * @buf: where to get the data from 825 * @count: bytes sent 826 * @ppos: where to start 827 * @format: /smack/cipso or /smack/cipso2 828 * 829 * Accepts only one cipso rule per write call. 830 * Returns number of bytes written or error code, as appropriate 831 */ 832 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 833 size_t count, loff_t *ppos, int format) 834 { 835 struct netlbl_lsm_catmap *old_cat; 836 struct smack_known *skp; 837 struct netlbl_lsm_secattr ncats; 838 char mapcatset[SMK_CIPSOLEN]; 839 int maplevel; 840 unsigned int cat; 841 int catlen; 842 ssize_t rc = -EINVAL; 843 char *data = NULL; 844 char *rule; 845 int ret; 846 int i; 847 848 /* 849 * Must have privilege. 850 * No partial writes. 851 * Enough data must be present. 852 */ 853 if (!smack_privileged(CAP_MAC_ADMIN)) 854 return -EPERM; 855 if (*ppos != 0) 856 return -EINVAL; 857 if (format == SMK_FIXED24_FMT && 858 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 859 return -EINVAL; 860 if (count > PAGE_SIZE) 861 return -EINVAL; 862 863 data = memdup_user_nul(buf, count); 864 if (IS_ERR(data)) 865 return PTR_ERR(data); 866 867 rule = data; 868 /* 869 * Only allow one writer at a time. Writes should be 870 * quite rare and small in any case. 871 */ 872 mutex_lock(&smack_cipso_lock); 873 874 skp = smk_import_entry(rule, 0); 875 if (IS_ERR(skp)) { 876 rc = PTR_ERR(skp); 877 goto out; 878 } 879 880 if (format == SMK_FIXED24_FMT) 881 rule += SMK_LABELLEN; 882 else 883 rule += strlen(skp->smk_known) + 1; 884 885 if (rule > data + count) { 886 rc = -EOVERFLOW; 887 goto out; 888 } 889 890 ret = sscanf(rule, "%d", &maplevel); 891 if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL) 892 goto out; 893 894 rule += SMK_DIGITLEN; 895 if (rule > data + count) { 896 rc = -EOVERFLOW; 897 goto out; 898 } 899 900 ret = sscanf(rule, "%d", &catlen); 901 if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM) 902 goto out; 903 904 if (format == SMK_FIXED24_FMT && 905 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 906 goto out; 907 908 memset(mapcatset, 0, sizeof(mapcatset)); 909 910 for (i = 0; i < catlen; i++) { 911 rule += SMK_DIGITLEN; 912 if (rule > data + count) { 913 rc = -EOVERFLOW; 914 goto out; 915 } 916 ret = sscanf(rule, "%u", &cat); 917 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 918 goto out; 919 920 smack_catset_bit(cat, mapcatset); 921 } 922 923 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 924 if (rc >= 0) { 925 old_cat = skp->smk_netlabel.attr.mls.cat; 926 rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat); 927 if (ncats.attr.mls.cat) 928 skp->smk_netlabel.flags |= NETLBL_SECATTR_MLS_CAT; 929 else 930 skp->smk_netlabel.flags &= ~(u32)NETLBL_SECATTR_MLS_CAT; 931 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 932 synchronize_rcu(); 933 netlbl_catmap_free(old_cat); 934 rc = count; 935 /* 936 * This mapping may have been cached, so clear the cache. 937 */ 938 netlbl_cache_invalidate(); 939 } 940 941 out: 942 mutex_unlock(&smack_cipso_lock); 943 kfree(data); 944 return rc; 945 } 946 947 /** 948 * smk_write_cipso - write() for /smack/cipso 949 * @file: file pointer, not actually used 950 * @buf: where to get the data from 951 * @count: bytes sent 952 * @ppos: where to start 953 * 954 * Accepts only one cipso rule per write call. 955 * Returns number of bytes written or error code, as appropriate 956 */ 957 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 958 size_t count, loff_t *ppos) 959 { 960 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 961 } 962 963 static const struct file_operations smk_cipso_ops = { 964 .open = smk_open_cipso, 965 .read = seq_read, 966 .llseek = seq_lseek, 967 .write = smk_write_cipso, 968 .release = seq_release, 969 }; 970 971 /* 972 * Seq_file read operations for /smack/cipso2 973 */ 974 975 /* 976 * Print cipso labels in format: 977 * label level[/cat[,cat]] 978 */ 979 static int cipso2_seq_show(struct seq_file *s, void *v) 980 { 981 struct list_head *list = v; 982 struct smack_known *skp = 983 list_entry_rcu(list, struct smack_known, list); 984 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 985 char sep = '/'; 986 int i; 987 988 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 989 990 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 991 i = netlbl_catmap_walk(cmp, i + 1)) { 992 seq_printf(s, "%c%d", sep, i); 993 sep = ','; 994 } 995 996 seq_putc(s, '\n'); 997 998 return 0; 999 } 1000 1001 static const struct seq_operations cipso2_seq_ops = { 1002 .start = cipso_seq_start, 1003 .next = cipso_seq_next, 1004 .show = cipso2_seq_show, 1005 .stop = smk_seq_stop, 1006 }; 1007 1008 /** 1009 * smk_open_cipso2 - open() for /smack/cipso2 1010 * @inode: inode structure representing file 1011 * @file: "cipso2" file pointer 1012 * 1013 * Connect our cipso_seq_* operations with /smack/cipso2 1014 * file_operations 1015 */ 1016 static int smk_open_cipso2(struct inode *inode, struct file *file) 1017 { 1018 return seq_open(file, &cipso2_seq_ops); 1019 } 1020 1021 /** 1022 * smk_write_cipso2 - write() for /smack/cipso2 1023 * @file: file pointer, not actually used 1024 * @buf: where to get the data from 1025 * @count: bytes sent 1026 * @ppos: where to start 1027 * 1028 * Accepts only one cipso rule per write call. 1029 * Returns number of bytes written or error code, as appropriate 1030 */ 1031 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1032 size_t count, loff_t *ppos) 1033 { 1034 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1035 } 1036 1037 static const struct file_operations smk_cipso2_ops = { 1038 .open = smk_open_cipso2, 1039 .read = seq_read, 1040 .llseek = seq_lseek, 1041 .write = smk_write_cipso2, 1042 .release = seq_release, 1043 }; 1044 1045 /* 1046 * Seq_file read operations for /smack/netlabel 1047 */ 1048 1049 static void *net4addr_seq_start(struct seq_file *s, loff_t *pos) 1050 { 1051 return smk_seq_start(s, pos, &smk_net4addr_list); 1052 } 1053 1054 static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1055 { 1056 return smk_seq_next(s, v, pos, &smk_net4addr_list); 1057 } 1058 1059 /* 1060 * Print host/label pairs 1061 */ 1062 static int net4addr_seq_show(struct seq_file *s, void *v) 1063 { 1064 struct list_head *list = v; 1065 struct smk_net4addr *skp = 1066 list_entry_rcu(list, struct smk_net4addr, list); 1067 char *kp = SMACK_CIPSO_OPTION; 1068 1069 if (skp->smk_label != NULL) 1070 kp = skp->smk_label->smk_known; 1071 seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr, 1072 skp->smk_masks, kp); 1073 1074 return 0; 1075 } 1076 1077 static const struct seq_operations net4addr_seq_ops = { 1078 .start = net4addr_seq_start, 1079 .next = net4addr_seq_next, 1080 .show = net4addr_seq_show, 1081 .stop = smk_seq_stop, 1082 }; 1083 1084 /** 1085 * smk_open_net4addr - open() for /smack/netlabel 1086 * @inode: inode structure representing file 1087 * @file: "netlabel" file pointer 1088 * 1089 * Connect our net4addr_seq_* operations with /smack/netlabel 1090 * file_operations 1091 */ 1092 static int smk_open_net4addr(struct inode *inode, struct file *file) 1093 { 1094 return seq_open(file, &net4addr_seq_ops); 1095 } 1096 1097 /** 1098 * smk_net4addr_insert - insert a new entry into the net4addrs list 1099 * @new : netlabel to insert 1100 * 1101 * This helper inserts netlabel in the smack_net4addrs list 1102 * sorted by netmask length (longest to smallest) 1103 * locked by &smk_net4addr_lock in smk_write_net4addr. 1104 */ 1105 static void smk_net4addr_insert(struct smk_net4addr *new) 1106 { 1107 struct smk_net4addr *m; 1108 struct smk_net4addr *m_next; 1109 1110 if (list_empty(&smk_net4addr_list)) { 1111 list_add_rcu(&new->list, &smk_net4addr_list); 1112 return; 1113 } 1114 1115 m = list_entry_rcu(smk_net4addr_list.next, 1116 struct smk_net4addr, list); 1117 1118 /* the comparison '>' is a bit hacky, but works */ 1119 if (new->smk_masks > m->smk_masks) { 1120 list_add_rcu(&new->list, &smk_net4addr_list); 1121 return; 1122 } 1123 1124 list_for_each_entry_rcu(m, &smk_net4addr_list, list) { 1125 if (list_is_last(&m->list, &smk_net4addr_list)) { 1126 list_add_rcu(&new->list, &m->list); 1127 return; 1128 } 1129 m_next = list_entry_rcu(m->list.next, 1130 struct smk_net4addr, list); 1131 if (new->smk_masks > m_next->smk_masks) { 1132 list_add_rcu(&new->list, &m->list); 1133 return; 1134 } 1135 } 1136 } 1137 1138 1139 /** 1140 * smk_write_net4addr - write() for /smack/netlabel 1141 * @file: file pointer, not actually used 1142 * @buf: where to get the data from 1143 * @count: bytes sent 1144 * @ppos: where to start 1145 * 1146 * Accepts only one net4addr per write call. 1147 * Returns number of bytes written or error code, as appropriate 1148 */ 1149 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 1150 size_t count, loff_t *ppos) 1151 { 1152 struct smk_net4addr *snp; 1153 struct sockaddr_in newname; 1154 char *smack; 1155 struct smack_known *skp = NULL; 1156 char *data; 1157 char *host = (char *)&newname.sin_addr.s_addr; 1158 int rc; 1159 struct netlbl_audit audit_info; 1160 struct in_addr mask; 1161 unsigned int m; 1162 unsigned int masks; 1163 int found; 1164 u32 mask_bits = (1<<31); 1165 __be32 nsa; 1166 u32 temp_mask; 1167 1168 /* 1169 * Must have privilege. 1170 * No partial writes. 1171 * Enough data must be present. 1172 * "<addr/mask, as a.b.c.d/e><space><label>" 1173 * "<addr, as a.b.c.d><space><label>" 1174 */ 1175 if (!smack_privileged(CAP_MAC_ADMIN)) 1176 return -EPERM; 1177 if (*ppos != 0) 1178 return -EINVAL; 1179 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1180 return -EINVAL; 1181 1182 data = memdup_user_nul(buf, count); 1183 if (IS_ERR(data)) 1184 return PTR_ERR(data); 1185 1186 smack = kzalloc(count + 1, GFP_KERNEL); 1187 if (smack == NULL) { 1188 rc = -ENOMEM; 1189 goto free_data_out; 1190 } 1191 1192 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1193 &host[0], &host[1], &host[2], &host[3], &masks, smack); 1194 if (rc != 6) { 1195 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1196 &host[0], &host[1], &host[2], &host[3], smack); 1197 if (rc != 5) { 1198 rc = -EINVAL; 1199 goto free_out; 1200 } 1201 masks = 32; 1202 } 1203 if (masks > BEBITS) { 1204 rc = -EINVAL; 1205 goto free_out; 1206 } 1207 1208 /* 1209 * If smack begins with '-', it is an option, don't import it 1210 */ 1211 if (smack[0] != '-') { 1212 skp = smk_import_entry(smack, 0); 1213 if (IS_ERR(skp)) { 1214 rc = PTR_ERR(skp); 1215 goto free_out; 1216 } 1217 } else { 1218 /* 1219 * Only the -CIPSO option is supported for IPv4 1220 */ 1221 if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) { 1222 rc = -EINVAL; 1223 goto free_out; 1224 } 1225 } 1226 1227 for (m = masks, temp_mask = 0; m > 0; m--) { 1228 temp_mask |= mask_bits; 1229 mask_bits >>= 1; 1230 } 1231 mask.s_addr = cpu_to_be32(temp_mask); 1232 1233 newname.sin_addr.s_addr &= mask.s_addr; 1234 /* 1235 * Only allow one writer at a time. Writes should be 1236 * quite rare and small in any case. 1237 */ 1238 mutex_lock(&smk_net4addr_lock); 1239 1240 nsa = newname.sin_addr.s_addr; 1241 /* try to find if the prefix is already in the list */ 1242 found = 0; 1243 list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { 1244 if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) { 1245 found = 1; 1246 break; 1247 } 1248 } 1249 smk_netlabel_audit_set(&audit_info); 1250 1251 if (found == 0) { 1252 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1253 if (snp == NULL) 1254 rc = -ENOMEM; 1255 else { 1256 rc = 0; 1257 snp->smk_host.s_addr = newname.sin_addr.s_addr; 1258 snp->smk_mask.s_addr = mask.s_addr; 1259 snp->smk_label = skp; 1260 snp->smk_masks = masks; 1261 smk_net4addr_insert(snp); 1262 } 1263 } else { 1264 /* 1265 * Delete the unlabeled entry, only if the previous label 1266 * wasn't the special CIPSO option 1267 */ 1268 if (snp->smk_label != NULL) 1269 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1270 &snp->smk_host, &snp->smk_mask, 1271 PF_INET, &audit_info); 1272 else 1273 rc = 0; 1274 snp->smk_label = skp; 1275 } 1276 1277 /* 1278 * Now tell netlabel about the single label nature of 1279 * this host so that incoming packets get labeled. 1280 * but only if we didn't get the special CIPSO option 1281 */ 1282 if (rc == 0 && skp != NULL) 1283 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1284 &snp->smk_host, &snp->smk_mask, PF_INET, 1285 snp->smk_label->smk_secid, &audit_info); 1286 1287 if (rc == 0) 1288 rc = count; 1289 1290 mutex_unlock(&smk_net4addr_lock); 1291 1292 free_out: 1293 kfree(smack); 1294 free_data_out: 1295 kfree(data); 1296 1297 return rc; 1298 } 1299 1300 static const struct file_operations smk_net4addr_ops = { 1301 .open = smk_open_net4addr, 1302 .read = seq_read, 1303 .llseek = seq_lseek, 1304 .write = smk_write_net4addr, 1305 .release = seq_release, 1306 }; 1307 1308 #if IS_ENABLED(CONFIG_IPV6) 1309 /* 1310 * Seq_file read operations for /smack/netlabel6 1311 */ 1312 1313 static void *net6addr_seq_start(struct seq_file *s, loff_t *pos) 1314 { 1315 return smk_seq_start(s, pos, &smk_net6addr_list); 1316 } 1317 1318 static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1319 { 1320 return smk_seq_next(s, v, pos, &smk_net6addr_list); 1321 } 1322 1323 /* 1324 * Print host/label pairs 1325 */ 1326 static int net6addr_seq_show(struct seq_file *s, void *v) 1327 { 1328 struct list_head *list = v; 1329 struct smk_net6addr *skp = 1330 list_entry(list, struct smk_net6addr, list); 1331 1332 if (skp->smk_label != NULL) 1333 seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks, 1334 skp->smk_label->smk_known); 1335 1336 return 0; 1337 } 1338 1339 static const struct seq_operations net6addr_seq_ops = { 1340 .start = net6addr_seq_start, 1341 .next = net6addr_seq_next, 1342 .show = net6addr_seq_show, 1343 .stop = smk_seq_stop, 1344 }; 1345 1346 /** 1347 * smk_open_net6addr - open() for /smack/netlabel 1348 * @inode: inode structure representing file 1349 * @file: "netlabel" file pointer 1350 * 1351 * Connect our net6addr_seq_* operations with /smack/netlabel 1352 * file_operations 1353 */ 1354 static int smk_open_net6addr(struct inode *inode, struct file *file) 1355 { 1356 return seq_open(file, &net6addr_seq_ops); 1357 } 1358 1359 /** 1360 * smk_net6addr_insert - insert a new entry into the net6addrs list 1361 * @new : entry to insert 1362 * 1363 * This inserts an entry in the smack_net6addrs list 1364 * sorted by netmask length (longest to smallest) 1365 * locked by &smk_net6addr_lock in smk_write_net6addr. 1366 */ 1367 static void smk_net6addr_insert(struct smk_net6addr *new) 1368 { 1369 struct smk_net6addr *m_next; 1370 struct smk_net6addr *m; 1371 1372 if (list_empty(&smk_net6addr_list)) { 1373 list_add_rcu(&new->list, &smk_net6addr_list); 1374 return; 1375 } 1376 1377 m = list_entry_rcu(smk_net6addr_list.next, 1378 struct smk_net6addr, list); 1379 1380 if (new->smk_masks > m->smk_masks) { 1381 list_add_rcu(&new->list, &smk_net6addr_list); 1382 return; 1383 } 1384 1385 list_for_each_entry_rcu(m, &smk_net6addr_list, list) { 1386 if (list_is_last(&m->list, &smk_net6addr_list)) { 1387 list_add_rcu(&new->list, &m->list); 1388 return; 1389 } 1390 m_next = list_entry_rcu(m->list.next, 1391 struct smk_net6addr, list); 1392 if (new->smk_masks > m_next->smk_masks) { 1393 list_add_rcu(&new->list, &m->list); 1394 return; 1395 } 1396 } 1397 } 1398 1399 1400 /** 1401 * smk_write_net6addr - write() for /smack/netlabel 1402 * @file: file pointer, not actually used 1403 * @buf: where to get the data from 1404 * @count: bytes sent 1405 * @ppos: where to start 1406 * 1407 * Accepts only one net6addr per write call. 1408 * Returns number of bytes written or error code, as appropriate 1409 */ 1410 static ssize_t smk_write_net6addr(struct file *file, const char __user *buf, 1411 size_t count, loff_t *ppos) 1412 { 1413 struct smk_net6addr *snp; 1414 struct in6_addr newname; 1415 struct in6_addr fullmask; 1416 struct smack_known *skp = NULL; 1417 char *smack; 1418 char *data; 1419 int rc = 0; 1420 int found = 0; 1421 int i; 1422 unsigned int scanned[8]; 1423 unsigned int m; 1424 unsigned int mask = 128; 1425 1426 /* 1427 * Must have privilege. 1428 * No partial writes. 1429 * Enough data must be present. 1430 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" 1431 * "<addr, as a:b:c:d:e:f:g:h><space><label>" 1432 */ 1433 if (!smack_privileged(CAP_MAC_ADMIN)) 1434 return -EPERM; 1435 if (*ppos != 0) 1436 return -EINVAL; 1437 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1438 return -EINVAL; 1439 1440 data = memdup_user_nul(buf, count); 1441 if (IS_ERR(data)) 1442 return PTR_ERR(data); 1443 1444 smack = kzalloc(count + 1, GFP_KERNEL); 1445 if (smack == NULL) { 1446 rc = -ENOMEM; 1447 goto free_data_out; 1448 } 1449 1450 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", 1451 &scanned[0], &scanned[1], &scanned[2], &scanned[3], 1452 &scanned[4], &scanned[5], &scanned[6], &scanned[7], 1453 &mask, smack); 1454 if (i != 10) { 1455 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", 1456 &scanned[0], &scanned[1], &scanned[2], 1457 &scanned[3], &scanned[4], &scanned[5], 1458 &scanned[6], &scanned[7], smack); 1459 if (i != 9) { 1460 rc = -EINVAL; 1461 goto free_out; 1462 } 1463 } 1464 if (mask > 128) { 1465 rc = -EINVAL; 1466 goto free_out; 1467 } 1468 for (i = 0; i < 8; i++) { 1469 if (scanned[i] > 0xffff) { 1470 rc = -EINVAL; 1471 goto free_out; 1472 } 1473 newname.s6_addr16[i] = htons(scanned[i]); 1474 } 1475 1476 /* 1477 * If smack begins with '-', it is an option, don't import it 1478 */ 1479 if (smack[0] != '-') { 1480 skp = smk_import_entry(smack, 0); 1481 if (IS_ERR(skp)) { 1482 rc = PTR_ERR(skp); 1483 goto free_out; 1484 } 1485 } else { 1486 /* 1487 * Only -DELETE is supported for IPv6 1488 */ 1489 if (strcmp(smack, SMACK_DELETE_OPTION) != 0) { 1490 rc = -EINVAL; 1491 goto free_out; 1492 } 1493 } 1494 1495 for (i = 0, m = mask; i < 8; i++) { 1496 if (m >= 16) { 1497 fullmask.s6_addr16[i] = 0xffff; 1498 m -= 16; 1499 } else if (m > 0) { 1500 fullmask.s6_addr16[i] = (1 << m) - 1; 1501 m = 0; 1502 } else 1503 fullmask.s6_addr16[i] = 0; 1504 newname.s6_addr16[i] &= fullmask.s6_addr16[i]; 1505 } 1506 1507 /* 1508 * Only allow one writer at a time. Writes should be 1509 * quite rare and small in any case. 1510 */ 1511 mutex_lock(&smk_net6addr_lock); 1512 /* 1513 * Try to find the prefix in the list 1514 */ 1515 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { 1516 if (mask != snp->smk_masks) 1517 continue; 1518 for (found = 1, i = 0; i < 8; i++) { 1519 if (newname.s6_addr16[i] != 1520 snp->smk_host.s6_addr16[i]) { 1521 found = 0; 1522 break; 1523 } 1524 } 1525 if (found == 1) 1526 break; 1527 } 1528 if (found == 0) { 1529 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1530 if (snp == NULL) 1531 rc = -ENOMEM; 1532 else { 1533 snp->smk_host = newname; 1534 snp->smk_mask = fullmask; 1535 snp->smk_masks = mask; 1536 snp->smk_label = skp; 1537 smk_net6addr_insert(snp); 1538 } 1539 } else { 1540 snp->smk_label = skp; 1541 } 1542 1543 if (rc == 0) 1544 rc = count; 1545 1546 mutex_unlock(&smk_net6addr_lock); 1547 1548 free_out: 1549 kfree(smack); 1550 free_data_out: 1551 kfree(data); 1552 1553 return rc; 1554 } 1555 1556 static const struct file_operations smk_net6addr_ops = { 1557 .open = smk_open_net6addr, 1558 .read = seq_read, 1559 .llseek = seq_lseek, 1560 .write = smk_write_net6addr, 1561 .release = seq_release, 1562 }; 1563 #endif /* CONFIG_IPV6 */ 1564 1565 /** 1566 * smk_read_doi - read() for /smack/doi 1567 * @filp: file pointer, not actually used 1568 * @buf: where to put the result 1569 * @count: maximum to send along 1570 * @ppos: where to start 1571 * 1572 * Returns number of bytes read or error code, as appropriate 1573 */ 1574 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1575 size_t count, loff_t *ppos) 1576 { 1577 char temp[80]; 1578 ssize_t rc; 1579 1580 if (*ppos != 0) 1581 return 0; 1582 1583 sprintf(temp, "%lu", (unsigned long)smk_cipso_doi_value); 1584 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1585 1586 return rc; 1587 } 1588 1589 /** 1590 * smk_write_doi - write() for /smack/doi 1591 * @file: file pointer, not actually used 1592 * @buf: where to get the data from 1593 * @count: bytes sent 1594 * @ppos: where to start 1595 * 1596 * Returns number of bytes written or error code, as appropriate 1597 */ 1598 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1599 size_t count, loff_t *ppos) 1600 { 1601 char temp[80]; 1602 unsigned long u; 1603 1604 if (!smack_privileged(CAP_MAC_ADMIN)) 1605 return -EPERM; 1606 1607 if (count >= sizeof(temp) || count == 0) 1608 return -EINVAL; 1609 1610 if (copy_from_user(temp, buf, count) != 0) 1611 return -EFAULT; 1612 1613 temp[count] = '\0'; 1614 1615 if (kstrtoul(temp, 10, &u)) 1616 return -EINVAL; 1617 1618 if (u == CIPSO_V4_DOI_UNKNOWN || u > U32_MAX) 1619 return -EINVAL; 1620 1621 return smk_cipso_doi(u, GFP_KERNEL) ? : count; 1622 } 1623 1624 static const struct file_operations smk_doi_ops = { 1625 .read = smk_read_doi, 1626 .write = smk_write_doi, 1627 .llseek = default_llseek, 1628 }; 1629 1630 /** 1631 * smk_read_direct - read() for /smack/direct 1632 * @filp: file pointer, not actually used 1633 * @buf: where to put the result 1634 * @count: maximum to send along 1635 * @ppos: where to start 1636 * 1637 * Returns number of bytes read or error code, as appropriate 1638 */ 1639 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1640 size_t count, loff_t *ppos) 1641 { 1642 char temp[80]; 1643 ssize_t rc; 1644 1645 if (*ppos != 0) 1646 return 0; 1647 1648 sprintf(temp, "%d", smack_cipso_direct); 1649 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1650 1651 return rc; 1652 } 1653 1654 /** 1655 * smk_write_direct - write() for /smack/direct 1656 * @file: file pointer, not actually used 1657 * @buf: where to get the data from 1658 * @count: bytes sent 1659 * @ppos: where to start 1660 * 1661 * Returns number of bytes written or error code, as appropriate 1662 */ 1663 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1664 size_t count, loff_t *ppos) 1665 { 1666 struct smack_known *skp; 1667 char temp[80]; 1668 int i; 1669 1670 if (!smack_privileged(CAP_MAC_ADMIN)) 1671 return -EPERM; 1672 1673 if (count >= sizeof(temp) || count == 0) 1674 return -EINVAL; 1675 1676 if (copy_from_user(temp, buf, count) != 0) 1677 return -EFAULT; 1678 1679 temp[count] = '\0'; 1680 1681 if (sscanf(temp, "%d", &i) != 1) 1682 return -EINVAL; 1683 1684 /* 1685 * Don't do anything if the value hasn't actually changed. 1686 * If it is changing reset the level on entries that were 1687 * set up to be direct when they were created. 1688 */ 1689 if (smack_cipso_direct != i) { 1690 mutex_lock(&smack_known_lock); 1691 list_for_each_entry_rcu(skp, &smack_known_list, list) 1692 if (skp->smk_netlabel.attr.mls.lvl == 1693 smack_cipso_direct) 1694 skp->smk_netlabel.attr.mls.lvl = i; 1695 smack_cipso_direct = i; 1696 mutex_unlock(&smack_known_lock); 1697 } 1698 1699 return count; 1700 } 1701 1702 static const struct file_operations smk_direct_ops = { 1703 .read = smk_read_direct, 1704 .write = smk_write_direct, 1705 .llseek = default_llseek, 1706 }; 1707 1708 /** 1709 * smk_read_mapped - read() for /smack/mapped 1710 * @filp: file pointer, not actually used 1711 * @buf: where to put the result 1712 * @count: maximum to send along 1713 * @ppos: where to start 1714 * 1715 * Returns number of bytes read or error code, as appropriate 1716 */ 1717 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1718 size_t count, loff_t *ppos) 1719 { 1720 char temp[80]; 1721 ssize_t rc; 1722 1723 if (*ppos != 0) 1724 return 0; 1725 1726 sprintf(temp, "%d", smack_cipso_mapped); 1727 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1728 1729 return rc; 1730 } 1731 1732 /** 1733 * smk_write_mapped - write() for /smack/mapped 1734 * @file: file pointer, not actually used 1735 * @buf: where to get the data from 1736 * @count: bytes sent 1737 * @ppos: where to start 1738 * 1739 * Returns number of bytes written or error code, as appropriate 1740 */ 1741 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1742 size_t count, loff_t *ppos) 1743 { 1744 struct smack_known *skp; 1745 char temp[80]; 1746 int i; 1747 1748 if (!smack_privileged(CAP_MAC_ADMIN)) 1749 return -EPERM; 1750 1751 if (count >= sizeof(temp) || count == 0) 1752 return -EINVAL; 1753 1754 if (copy_from_user(temp, buf, count) != 0) 1755 return -EFAULT; 1756 1757 temp[count] = '\0'; 1758 1759 if (sscanf(temp, "%d", &i) != 1) 1760 return -EINVAL; 1761 1762 /* 1763 * Don't do anything if the value hasn't actually changed. 1764 * If it is changing reset the level on entries that were 1765 * set up to be mapped when they were created. 1766 */ 1767 if (smack_cipso_mapped != i) { 1768 mutex_lock(&smack_known_lock); 1769 list_for_each_entry_rcu(skp, &smack_known_list, list) 1770 if (skp->smk_netlabel.attr.mls.lvl == 1771 smack_cipso_mapped) 1772 skp->smk_netlabel.attr.mls.lvl = i; 1773 smack_cipso_mapped = i; 1774 mutex_unlock(&smack_known_lock); 1775 } 1776 1777 return count; 1778 } 1779 1780 static const struct file_operations smk_mapped_ops = { 1781 .read = smk_read_mapped, 1782 .write = smk_write_mapped, 1783 .llseek = default_llseek, 1784 }; 1785 1786 /** 1787 * smk_read_ambient - read() for /smack/ambient 1788 * @filp: file pointer, not actually used 1789 * @buf: where to put the result 1790 * @cn: maximum to send along 1791 * @ppos: where to start 1792 * 1793 * Returns number of bytes read or error code, as appropriate 1794 */ 1795 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1796 size_t cn, loff_t *ppos) 1797 { 1798 ssize_t rc; 1799 int asize; 1800 1801 if (*ppos != 0) 1802 return 0; 1803 /* 1804 * Being careful to avoid a problem in the case where 1805 * smack_net_ambient gets changed in midstream. 1806 */ 1807 mutex_lock(&smack_ambient_lock); 1808 1809 asize = strlen(smack_net_ambient->smk_known) + 1; 1810 1811 if (cn >= asize) 1812 rc = simple_read_from_buffer(buf, cn, ppos, 1813 smack_net_ambient->smk_known, 1814 asize); 1815 else 1816 rc = -EINVAL; 1817 1818 mutex_unlock(&smack_ambient_lock); 1819 1820 return rc; 1821 } 1822 1823 /** 1824 * smk_write_ambient - write() for /smack/ambient 1825 * @file: file pointer, not actually used 1826 * @buf: where to get the data from 1827 * @count: bytes sent 1828 * @ppos: where to start 1829 * 1830 * Returns number of bytes written or error code, as appropriate 1831 */ 1832 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1833 size_t count, loff_t *ppos) 1834 { 1835 struct smack_known *skp; 1836 char *oldambient; 1837 char *data; 1838 int rc = count; 1839 1840 if (!smack_privileged(CAP_MAC_ADMIN)) 1841 return -EPERM; 1842 1843 /* Enough data must be present */ 1844 if (count == 0 || count > PAGE_SIZE) 1845 return -EINVAL; 1846 1847 data = memdup_user_nul(buf, count); 1848 if (IS_ERR(data)) 1849 return PTR_ERR(data); 1850 1851 skp = smk_import_entry(data, count); 1852 if (IS_ERR(skp)) { 1853 rc = PTR_ERR(skp); 1854 goto out; 1855 } 1856 1857 mutex_lock(&smack_ambient_lock); 1858 1859 oldambient = smack_net_ambient->smk_known; 1860 smack_net_ambient = skp; 1861 smk_unlbl_ambient(oldambient); 1862 1863 mutex_unlock(&smack_ambient_lock); 1864 1865 out: 1866 kfree(data); 1867 return rc; 1868 } 1869 1870 static const struct file_operations smk_ambient_ops = { 1871 .read = smk_read_ambient, 1872 .write = smk_write_ambient, 1873 .llseek = default_llseek, 1874 }; 1875 1876 /* 1877 * Seq_file operations for /smack/onlycap 1878 */ 1879 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos) 1880 { 1881 return smk_seq_start(s, pos, &smack_onlycap_list); 1882 } 1883 1884 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos) 1885 { 1886 return smk_seq_next(s, v, pos, &smack_onlycap_list); 1887 } 1888 1889 static int onlycap_seq_show(struct seq_file *s, void *v) 1890 { 1891 struct list_head *list = v; 1892 struct smack_known_list_elem *sklep = 1893 list_entry_rcu(list, struct smack_known_list_elem, list); 1894 1895 seq_puts(s, sklep->smk_label->smk_known); 1896 seq_putc(s, ' '); 1897 1898 return 0; 1899 } 1900 1901 static const struct seq_operations onlycap_seq_ops = { 1902 .start = onlycap_seq_start, 1903 .next = onlycap_seq_next, 1904 .show = onlycap_seq_show, 1905 .stop = smk_seq_stop, 1906 }; 1907 1908 static int smk_open_onlycap(struct inode *inode, struct file *file) 1909 { 1910 return seq_open(file, &onlycap_seq_ops); 1911 } 1912 1913 /** 1914 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way 1915 * The caller must hold appropriate mutex to prevent concurrent modifications 1916 * to the public list. 1917 * Private list is assumed to be not accessible to other threads yet. 1918 * 1919 * @public: public list 1920 * @private: private list 1921 */ 1922 static void smk_list_swap_rcu(struct list_head *public, 1923 struct list_head *private) 1924 { 1925 struct list_head *first, *last; 1926 1927 if (list_empty(public)) { 1928 list_splice_init_rcu(private, public, synchronize_rcu); 1929 } else { 1930 /* Remember public list before replacing it */ 1931 first = public->next; 1932 last = public->prev; 1933 1934 /* Publish private list in place of public in RCU-safe way */ 1935 private->prev->next = public; 1936 private->next->prev = public; 1937 rcu_assign_pointer(public->next, private->next); 1938 public->prev = private->prev; 1939 1940 synchronize_rcu(); 1941 1942 /* When all readers are done with the old public list, 1943 * attach it in place of private */ 1944 private->next = first; 1945 private->prev = last; 1946 first->prev = private; 1947 last->next = private; 1948 } 1949 } 1950 1951 /** 1952 * smk_parse_label_list - parse list of Smack labels, separated by spaces 1953 * 1954 * @data: the string to parse 1955 * @list: destination list 1956 * 1957 * Returns zero on success or error code, as appropriate 1958 */ 1959 static int smk_parse_label_list(char *data, struct list_head *list) 1960 { 1961 char *tok; 1962 struct smack_known *skp; 1963 struct smack_known_list_elem *sklep; 1964 1965 while ((tok = strsep(&data, " ")) != NULL) { 1966 if (!*tok) 1967 continue; 1968 1969 skp = smk_import_entry(tok, 0); 1970 if (IS_ERR(skp)) 1971 return PTR_ERR(skp); 1972 1973 sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); 1974 if (sklep == NULL) 1975 return -ENOMEM; 1976 1977 sklep->smk_label = skp; 1978 list_add(&sklep->list, list); 1979 } 1980 1981 return 0; 1982 } 1983 1984 /** 1985 * smk_destroy_label_list - destroy a list of smack_known_list_elem 1986 * @list: header pointer of the list to destroy 1987 */ 1988 void smk_destroy_label_list(struct list_head *list) 1989 { 1990 struct smack_known_list_elem *sklep; 1991 struct smack_known_list_elem *sklep2; 1992 1993 list_for_each_entry_safe(sklep, sklep2, list, list) 1994 kfree(sklep); 1995 1996 INIT_LIST_HEAD(list); 1997 } 1998 1999 /** 2000 * smk_write_onlycap - write() for smackfs/onlycap 2001 * @file: file pointer, not actually used 2002 * @buf: where to get the data from 2003 * @count: bytes sent 2004 * @ppos: where to start 2005 * 2006 * Returns number of bytes written or error code, as appropriate 2007 */ 2008 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 2009 size_t count, loff_t *ppos) 2010 { 2011 char *data; 2012 LIST_HEAD(list_tmp); 2013 int rc; 2014 2015 if (!smack_privileged(CAP_MAC_ADMIN)) 2016 return -EPERM; 2017 2018 if (count > PAGE_SIZE) 2019 return -EINVAL; 2020 2021 data = memdup_user_nul(buf, count); 2022 if (IS_ERR(data)) 2023 return PTR_ERR(data); 2024 2025 rc = smk_parse_label_list(data, &list_tmp); 2026 kfree(data); 2027 2028 /* 2029 * Clear the smack_onlycap on invalid label errors. This means 2030 * that we can pass a null string to unset the onlycap value. 2031 * 2032 * Importing will also reject a label beginning with '-', 2033 * so "-usecapabilities" will also work. 2034 * 2035 * But do so only on invalid label, not on system errors. 2036 * The invalid label must be first to count as clearing attempt. 2037 */ 2038 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2039 mutex_lock(&smack_onlycap_lock); 2040 smk_list_swap_rcu(&smack_onlycap_list, &list_tmp); 2041 mutex_unlock(&smack_onlycap_lock); 2042 rc = count; 2043 } 2044 2045 smk_destroy_label_list(&list_tmp); 2046 2047 return rc; 2048 } 2049 2050 static const struct file_operations smk_onlycap_ops = { 2051 .open = smk_open_onlycap, 2052 .read = seq_read, 2053 .write = smk_write_onlycap, 2054 .llseek = seq_lseek, 2055 .release = seq_release, 2056 }; 2057 2058 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2059 /** 2060 * smk_read_unconfined - read() for smackfs/unconfined 2061 * @filp: file pointer, not actually used 2062 * @buf: where to put the result 2063 * @cn: maximum to send along 2064 * @ppos: where to start 2065 * 2066 * Returns number of bytes read or error code, as appropriate 2067 */ 2068 static ssize_t smk_read_unconfined(struct file *filp, char __user *buf, 2069 size_t cn, loff_t *ppos) 2070 { 2071 char *smack = ""; 2072 ssize_t rc = -EINVAL; 2073 int asize; 2074 2075 if (*ppos != 0) 2076 return 0; 2077 2078 if (smack_unconfined != NULL) 2079 smack = smack_unconfined->smk_known; 2080 2081 asize = strlen(smack) + 1; 2082 2083 if (cn >= asize) 2084 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 2085 2086 return rc; 2087 } 2088 2089 /** 2090 * smk_write_unconfined - write() for smackfs/unconfined 2091 * @file: file pointer, not actually used 2092 * @buf: where to get the data from 2093 * @count: bytes sent 2094 * @ppos: where to start 2095 * 2096 * Returns number of bytes written or error code, as appropriate 2097 */ 2098 static ssize_t smk_write_unconfined(struct file *file, const char __user *buf, 2099 size_t count, loff_t *ppos) 2100 { 2101 char *data; 2102 struct smack_known *skp; 2103 int rc = count; 2104 2105 if (!smack_privileged(CAP_MAC_ADMIN)) 2106 return -EPERM; 2107 2108 if (count > PAGE_SIZE) 2109 return -EINVAL; 2110 2111 data = memdup_user_nul(buf, count); 2112 if (IS_ERR(data)) 2113 return PTR_ERR(data); 2114 2115 /* 2116 * Clear the smack_unconfined on invalid label errors. This means 2117 * that we can pass a null string to unset the unconfined value. 2118 * 2119 * Importing will also reject a label beginning with '-', 2120 * so "-confine" will also work. 2121 * 2122 * But do so only on invalid label, not on system errors. 2123 */ 2124 skp = smk_import_entry(data, count); 2125 if (PTR_ERR(skp) == -EINVAL) 2126 skp = NULL; 2127 else if (IS_ERR(skp)) { 2128 rc = PTR_ERR(skp); 2129 goto freeout; 2130 } 2131 2132 smack_unconfined = skp; 2133 2134 freeout: 2135 kfree(data); 2136 return rc; 2137 } 2138 2139 static const struct file_operations smk_unconfined_ops = { 2140 .read = smk_read_unconfined, 2141 .write = smk_write_unconfined, 2142 .llseek = default_llseek, 2143 }; 2144 #endif /* CONFIG_SECURITY_SMACK_BRINGUP */ 2145 2146 #ifdef CONFIG_AUDIT 2147 /** 2148 * smk_read_logging - read() for /smack/logging 2149 * @filp: file pointer, not actually used 2150 * @buf: where to put the result 2151 * @count: maximum to send along 2152 * @ppos: where to start 2153 * 2154 * Returns number of bytes read or error code, as appropriate 2155 */ 2156 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 2157 size_t count, loff_t *ppos) 2158 { 2159 char temp[32]; 2160 ssize_t rc; 2161 2162 if (*ppos != 0) 2163 return 0; 2164 2165 sprintf(temp, "%d\n", log_policy); 2166 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2167 return rc; 2168 } 2169 2170 /** 2171 * smk_write_logging - write() for /smack/logging 2172 * @file: file pointer, not actually used 2173 * @buf: where to get the data from 2174 * @count: bytes sent 2175 * @ppos: where to start 2176 * 2177 * Returns number of bytes written or error code, as appropriate 2178 */ 2179 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 2180 size_t count, loff_t *ppos) 2181 { 2182 char temp[32]; 2183 int i; 2184 2185 if (!smack_privileged(CAP_MAC_ADMIN)) 2186 return -EPERM; 2187 2188 if (count >= sizeof(temp) || count == 0) 2189 return -EINVAL; 2190 2191 if (copy_from_user(temp, buf, count) != 0) 2192 return -EFAULT; 2193 2194 temp[count] = '\0'; 2195 2196 if (sscanf(temp, "%d", &i) != 1) 2197 return -EINVAL; 2198 if (i < 0 || i > 3) 2199 return -EINVAL; 2200 log_policy = i; 2201 return count; 2202 } 2203 2204 2205 2206 static const struct file_operations smk_logging_ops = { 2207 .read = smk_read_logging, 2208 .write = smk_write_logging, 2209 .llseek = default_llseek, 2210 }; 2211 #endif /* CONFIG_AUDIT */ 2212 2213 /* 2214 * Seq_file read operations for /smack/load-self 2215 */ 2216 2217 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 2218 { 2219 struct task_smack *tsp = smack_cred(current_cred()); 2220 2221 return smk_seq_start(s, pos, &tsp->smk_rules); 2222 } 2223 2224 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2225 { 2226 struct task_smack *tsp = smack_cred(current_cred()); 2227 2228 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2229 } 2230 2231 static int load_self_seq_show(struct seq_file *s, void *v) 2232 { 2233 struct list_head *list = v; 2234 struct smack_rule *srp = 2235 list_entry_rcu(list, struct smack_rule, list); 2236 2237 smk_rule_show(s, srp, SMK_LABELLEN); 2238 2239 return 0; 2240 } 2241 2242 static const struct seq_operations load_self_seq_ops = { 2243 .start = load_self_seq_start, 2244 .next = load_self_seq_next, 2245 .show = load_self_seq_show, 2246 .stop = smk_seq_stop, 2247 }; 2248 2249 2250 /** 2251 * smk_open_load_self - open() for /smack/load-self2 2252 * @inode: inode structure representing file 2253 * @file: "load" file pointer 2254 * 2255 * For reading, use load_seq_* seq_file reading operations. 2256 */ 2257 static int smk_open_load_self(struct inode *inode, struct file *file) 2258 { 2259 return seq_open(file, &load_self_seq_ops); 2260 } 2261 2262 /** 2263 * smk_write_load_self - write() for /smack/load-self 2264 * @file: file pointer, not actually used 2265 * @buf: where to get the data from 2266 * @count: bytes sent 2267 * @ppos: where to start - must be 0 2268 * 2269 */ 2270 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 2271 size_t count, loff_t *ppos) 2272 { 2273 struct task_smack *tsp = smack_cred(current_cred()); 2274 2275 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2276 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 2277 } 2278 2279 static const struct file_operations smk_load_self_ops = { 2280 .open = smk_open_load_self, 2281 .read = seq_read, 2282 .llseek = seq_lseek, 2283 .write = smk_write_load_self, 2284 .release = seq_release, 2285 }; 2286 2287 /** 2288 * smk_user_access - handle access check transaction 2289 * @file: file pointer 2290 * @buf: data from user space 2291 * @count: bytes sent 2292 * @ppos: where to start - must be 0 2293 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 2294 */ 2295 static ssize_t smk_user_access(struct file *file, const char __user *buf, 2296 size_t count, loff_t *ppos, int format) 2297 { 2298 struct smack_parsed_rule rule; 2299 char *data; 2300 int res; 2301 2302 data = simple_transaction_get(file, buf, count); 2303 if (IS_ERR(data)) 2304 return PTR_ERR(data); 2305 2306 if (format == SMK_FIXED24_FMT) { 2307 if (count < SMK_LOADLEN) 2308 return -EINVAL; 2309 res = smk_parse_rule(data, &rule, 0); 2310 } else { 2311 /* 2312 * simple_transaction_get() returns null-terminated data 2313 */ 2314 res = smk_parse_long_rule(data, &rule, 0, 3); 2315 } 2316 2317 if (res >= 0) 2318 res = smk_access(rule.smk_subject, rule.smk_object, 2319 rule.smk_access1, NULL); 2320 else if (res != -ENOENT) 2321 return res; 2322 2323 /* 2324 * smk_access() can return a value > 0 in the "bringup" case. 2325 */ 2326 data[0] = res >= 0 ? '1' : '0'; 2327 data[1] = '\0'; 2328 2329 simple_transaction_set(file, 2); 2330 2331 if (format == SMK_FIXED24_FMT) 2332 return SMK_LOADLEN; 2333 return count; 2334 } 2335 2336 /** 2337 * smk_write_access - handle access check transaction 2338 * @file: file pointer 2339 * @buf: data from user space 2340 * @count: bytes sent 2341 * @ppos: where to start - must be 0 2342 */ 2343 static ssize_t smk_write_access(struct file *file, const char __user *buf, 2344 size_t count, loff_t *ppos) 2345 { 2346 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 2347 } 2348 2349 static const struct file_operations smk_access_ops = { 2350 .write = smk_write_access, 2351 .read = simple_transaction_read, 2352 .release = simple_transaction_release, 2353 .llseek = generic_file_llseek, 2354 }; 2355 2356 2357 /* 2358 * Seq_file read operations for /smack/load2 2359 */ 2360 2361 static int load2_seq_show(struct seq_file *s, void *v) 2362 { 2363 struct list_head *list = v; 2364 struct smack_rule *srp; 2365 struct smack_known *skp = 2366 list_entry_rcu(list, struct smack_known, list); 2367 2368 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 2369 smk_rule_show(s, srp, SMK_LONGLABEL); 2370 2371 return 0; 2372 } 2373 2374 static const struct seq_operations load2_seq_ops = { 2375 .start = load2_seq_start, 2376 .next = load2_seq_next, 2377 .show = load2_seq_show, 2378 .stop = smk_seq_stop, 2379 }; 2380 2381 /** 2382 * smk_open_load2 - open() for /smack/load2 2383 * @inode: inode structure representing file 2384 * @file: "load2" file pointer 2385 * 2386 * For reading, use load2_seq_* seq_file reading operations. 2387 */ 2388 static int smk_open_load2(struct inode *inode, struct file *file) 2389 { 2390 return seq_open(file, &load2_seq_ops); 2391 } 2392 2393 /** 2394 * smk_write_load2 - write() for /smack/load2 2395 * @file: file pointer, not actually used 2396 * @buf: where to get the data from 2397 * @count: bytes sent 2398 * @ppos: where to start - must be 0 2399 * 2400 */ 2401 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 2402 size_t count, loff_t *ppos) 2403 { 2404 /* 2405 * Must have privilege. 2406 */ 2407 if (!smack_privileged(CAP_MAC_ADMIN)) 2408 return -EPERM; 2409 2410 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2411 SMK_LONG_FMT); 2412 } 2413 2414 static const struct file_operations smk_load2_ops = { 2415 .open = smk_open_load2, 2416 .read = seq_read, 2417 .llseek = seq_lseek, 2418 .write = smk_write_load2, 2419 .release = seq_release, 2420 }; 2421 2422 /* 2423 * Seq_file read operations for /smack/load-self2 2424 */ 2425 2426 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 2427 { 2428 struct task_smack *tsp = smack_cred(current_cred()); 2429 2430 return smk_seq_start(s, pos, &tsp->smk_rules); 2431 } 2432 2433 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 2434 { 2435 struct task_smack *tsp = smack_cred(current_cred()); 2436 2437 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2438 } 2439 2440 static int load_self2_seq_show(struct seq_file *s, void *v) 2441 { 2442 struct list_head *list = v; 2443 struct smack_rule *srp = 2444 list_entry_rcu(list, struct smack_rule, list); 2445 2446 smk_rule_show(s, srp, SMK_LONGLABEL); 2447 2448 return 0; 2449 } 2450 2451 static const struct seq_operations load_self2_seq_ops = { 2452 .start = load_self2_seq_start, 2453 .next = load_self2_seq_next, 2454 .show = load_self2_seq_show, 2455 .stop = smk_seq_stop, 2456 }; 2457 2458 /** 2459 * smk_open_load_self2 - open() for /smack/load-self2 2460 * @inode: inode structure representing file 2461 * @file: "load" file pointer 2462 * 2463 * For reading, use load_seq_* seq_file reading operations. 2464 */ 2465 static int smk_open_load_self2(struct inode *inode, struct file *file) 2466 { 2467 return seq_open(file, &load_self2_seq_ops); 2468 } 2469 2470 /** 2471 * smk_write_load_self2 - write() for /smack/load-self2 2472 * @file: file pointer, not actually used 2473 * @buf: where to get the data from 2474 * @count: bytes sent 2475 * @ppos: where to start - must be 0 2476 * 2477 */ 2478 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2479 size_t count, loff_t *ppos) 2480 { 2481 struct task_smack *tsp = smack_cred(current_cred()); 2482 2483 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2484 &tsp->smk_rules_lock, SMK_LONG_FMT); 2485 } 2486 2487 static const struct file_operations smk_load_self2_ops = { 2488 .open = smk_open_load_self2, 2489 .read = seq_read, 2490 .llseek = seq_lseek, 2491 .write = smk_write_load_self2, 2492 .release = seq_release, 2493 }; 2494 2495 /** 2496 * smk_write_access2 - handle access check transaction 2497 * @file: file pointer 2498 * @buf: data from user space 2499 * @count: bytes sent 2500 * @ppos: where to start - must be 0 2501 */ 2502 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2503 size_t count, loff_t *ppos) 2504 { 2505 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2506 } 2507 2508 static const struct file_operations smk_access2_ops = { 2509 .write = smk_write_access2, 2510 .read = simple_transaction_read, 2511 .release = simple_transaction_release, 2512 .llseek = generic_file_llseek, 2513 }; 2514 2515 /** 2516 * smk_write_revoke_subj - write() for /smack/revoke-subject 2517 * @file: file pointer 2518 * @buf: data from user space 2519 * @count: bytes sent 2520 * @ppos: where to start - must be 0 2521 */ 2522 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2523 size_t count, loff_t *ppos) 2524 { 2525 char *data; 2526 const char *cp; 2527 struct smack_known *skp; 2528 struct smack_rule *sp; 2529 struct list_head *rule_list; 2530 struct mutex *rule_lock; 2531 int rc = count; 2532 2533 if (*ppos != 0) 2534 return -EINVAL; 2535 2536 if (!smack_privileged(CAP_MAC_ADMIN)) 2537 return -EPERM; 2538 2539 if (count == 0 || count > SMK_LONGLABEL) 2540 return -EINVAL; 2541 2542 data = memdup_user(buf, count); 2543 if (IS_ERR(data)) 2544 return PTR_ERR(data); 2545 2546 cp = smk_parse_smack(data, count); 2547 if (IS_ERR(cp)) { 2548 rc = PTR_ERR(cp); 2549 goto out_data; 2550 } 2551 2552 skp = smk_find_entry(cp); 2553 if (skp == NULL) 2554 goto out_cp; 2555 2556 rule_list = &skp->smk_rules; 2557 rule_lock = &skp->smk_rules_lock; 2558 2559 mutex_lock(rule_lock); 2560 2561 list_for_each_entry_rcu(sp, rule_list, list) 2562 sp->smk_access = 0; 2563 2564 mutex_unlock(rule_lock); 2565 2566 out_cp: 2567 kfree(cp); 2568 out_data: 2569 kfree(data); 2570 2571 return rc; 2572 } 2573 2574 static const struct file_operations smk_revoke_subj_ops = { 2575 .write = smk_write_revoke_subj, 2576 .read = simple_transaction_read, 2577 .release = simple_transaction_release, 2578 .llseek = generic_file_llseek, 2579 }; 2580 2581 /** 2582 * smk_init_sysfs - initialize /sys/fs/smackfs 2583 * 2584 */ 2585 static int smk_init_sysfs(void) 2586 { 2587 return sysfs_create_mount_point(fs_kobj, "smackfs"); 2588 } 2589 2590 /** 2591 * smk_write_change_rule - write() for /smack/change-rule 2592 * @file: file pointer 2593 * @buf: data from user space 2594 * @count: bytes sent 2595 * @ppos: where to start - must be 0 2596 */ 2597 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2598 size_t count, loff_t *ppos) 2599 { 2600 /* 2601 * Must have privilege. 2602 */ 2603 if (!smack_privileged(CAP_MAC_ADMIN)) 2604 return -EPERM; 2605 2606 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2607 SMK_CHANGE_FMT); 2608 } 2609 2610 static const struct file_operations smk_change_rule_ops = { 2611 .write = smk_write_change_rule, 2612 .read = simple_transaction_read, 2613 .release = simple_transaction_release, 2614 .llseek = generic_file_llseek, 2615 }; 2616 2617 /** 2618 * smk_read_syslog - read() for smackfs/syslog 2619 * @filp: file pointer, not actually used 2620 * @buf: where to put the result 2621 * @cn: maximum to send along 2622 * @ppos: where to start 2623 * 2624 * Returns number of bytes read or error code, as appropriate 2625 */ 2626 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2627 size_t cn, loff_t *ppos) 2628 { 2629 struct smack_known *skp; 2630 ssize_t rc = -EINVAL; 2631 int asize; 2632 2633 if (*ppos != 0) 2634 return 0; 2635 2636 if (smack_syslog_label == NULL) 2637 skp = &smack_known_star; 2638 else 2639 skp = smack_syslog_label; 2640 2641 asize = strlen(skp->smk_known) + 1; 2642 2643 if (cn >= asize) 2644 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2645 asize); 2646 2647 return rc; 2648 } 2649 2650 /** 2651 * smk_write_syslog - write() for smackfs/syslog 2652 * @file: file pointer, not actually used 2653 * @buf: where to get the data from 2654 * @count: bytes sent 2655 * @ppos: where to start 2656 * 2657 * Returns number of bytes written or error code, as appropriate 2658 */ 2659 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2660 size_t count, loff_t *ppos) 2661 { 2662 char *data; 2663 struct smack_known *skp; 2664 int rc = count; 2665 2666 if (!smack_privileged(CAP_MAC_ADMIN)) 2667 return -EPERM; 2668 2669 /* Enough data must be present */ 2670 if (count == 0 || count > PAGE_SIZE) 2671 return -EINVAL; 2672 2673 data = memdup_user_nul(buf, count); 2674 if (IS_ERR(data)) 2675 return PTR_ERR(data); 2676 2677 skp = smk_import_entry(data, count); 2678 if (IS_ERR(skp)) 2679 rc = PTR_ERR(skp); 2680 else 2681 smack_syslog_label = skp; 2682 2683 kfree(data); 2684 return rc; 2685 } 2686 2687 static const struct file_operations smk_syslog_ops = { 2688 .read = smk_read_syslog, 2689 .write = smk_write_syslog, 2690 .llseek = default_llseek, 2691 }; 2692 2693 /* 2694 * Seq_file read operations for /smack/relabel-self 2695 */ 2696 2697 static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos) 2698 { 2699 struct task_smack *tsp = smack_cred(current_cred()); 2700 2701 return smk_seq_start(s, pos, &tsp->smk_relabel); 2702 } 2703 2704 static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2705 { 2706 struct task_smack *tsp = smack_cred(current_cred()); 2707 2708 return smk_seq_next(s, v, pos, &tsp->smk_relabel); 2709 } 2710 2711 static int relabel_self_seq_show(struct seq_file *s, void *v) 2712 { 2713 struct list_head *list = v; 2714 struct smack_known_list_elem *sklep = 2715 list_entry(list, struct smack_known_list_elem, list); 2716 2717 seq_puts(s, sklep->smk_label->smk_known); 2718 seq_putc(s, ' '); 2719 2720 return 0; 2721 } 2722 2723 static const struct seq_operations relabel_self_seq_ops = { 2724 .start = relabel_self_seq_start, 2725 .next = relabel_self_seq_next, 2726 .show = relabel_self_seq_show, 2727 .stop = smk_seq_stop, 2728 }; 2729 2730 /** 2731 * smk_open_relabel_self - open() for /smack/relabel-self 2732 * @inode: inode structure representing file 2733 * @file: "relabel-self" file pointer 2734 * 2735 * Connect our relabel_self_seq_* operations with /smack/relabel-self 2736 * file_operations 2737 */ 2738 static int smk_open_relabel_self(struct inode *inode, struct file *file) 2739 { 2740 return seq_open(file, &relabel_self_seq_ops); 2741 } 2742 2743 /** 2744 * smk_write_relabel_self - write() for /smack/relabel-self 2745 * @file: file pointer, not actually used 2746 * @buf: where to get the data from 2747 * @count: bytes sent 2748 * @ppos: where to start - must be 0 2749 * 2750 */ 2751 static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf, 2752 size_t count, loff_t *ppos) 2753 { 2754 char *data; 2755 int rc; 2756 LIST_HEAD(list_tmp); 2757 2758 /* 2759 * Must have privilege. 2760 */ 2761 if (!smack_privileged(CAP_MAC_ADMIN)) 2762 return -EPERM; 2763 2764 /* 2765 * No partial write. 2766 * Enough data must be present. 2767 */ 2768 if (*ppos != 0) 2769 return -EINVAL; 2770 if (count == 0 || count > PAGE_SIZE) 2771 return -EINVAL; 2772 2773 data = memdup_user_nul(buf, count); 2774 if (IS_ERR(data)) 2775 return PTR_ERR(data); 2776 2777 rc = smk_parse_label_list(data, &list_tmp); 2778 kfree(data); 2779 2780 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2781 struct cred *new; 2782 struct task_smack *tsp; 2783 2784 new = prepare_creds(); 2785 if (!new) { 2786 rc = -ENOMEM; 2787 goto out; 2788 } 2789 tsp = smack_cred(new); 2790 smk_destroy_label_list(&tsp->smk_relabel); 2791 list_splice(&list_tmp, &tsp->smk_relabel); 2792 commit_creds(new); 2793 return count; 2794 } 2795 out: 2796 smk_destroy_label_list(&list_tmp); 2797 return rc; 2798 } 2799 2800 static const struct file_operations smk_relabel_self_ops = { 2801 .open = smk_open_relabel_self, 2802 .read = seq_read, 2803 .llseek = seq_lseek, 2804 .write = smk_write_relabel_self, 2805 .release = seq_release, 2806 }; 2807 2808 /** 2809 * smk_read_ptrace - read() for /smack/ptrace 2810 * @filp: file pointer, not actually used 2811 * @buf: where to put the result 2812 * @count: maximum to send along 2813 * @ppos: where to start 2814 * 2815 * Returns number of bytes read or error code, as appropriate 2816 */ 2817 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2818 size_t count, loff_t *ppos) 2819 { 2820 char temp[32]; 2821 ssize_t rc; 2822 2823 if (*ppos != 0) 2824 return 0; 2825 2826 sprintf(temp, "%d\n", smack_ptrace_rule); 2827 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2828 return rc; 2829 } 2830 2831 /** 2832 * smk_write_ptrace - write() for /smack/ptrace 2833 * @file: file pointer 2834 * @buf: data from user space 2835 * @count: bytes sent 2836 * @ppos: where to start - must be 0 2837 */ 2838 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2839 size_t count, loff_t *ppos) 2840 { 2841 char temp[32]; 2842 int i; 2843 2844 if (!smack_privileged(CAP_MAC_ADMIN)) 2845 return -EPERM; 2846 2847 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2848 return -EINVAL; 2849 2850 if (copy_from_user(temp, buf, count) != 0) 2851 return -EFAULT; 2852 2853 temp[count] = '\0'; 2854 2855 if (sscanf(temp, "%d", &i) != 1) 2856 return -EINVAL; 2857 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2858 return -EINVAL; 2859 smack_ptrace_rule = i; 2860 2861 return count; 2862 } 2863 2864 static const struct file_operations smk_ptrace_ops = { 2865 .write = smk_write_ptrace, 2866 .read = smk_read_ptrace, 2867 .llseek = default_llseek, 2868 }; 2869 2870 /** 2871 * smk_fill_super - fill the smackfs superblock 2872 * @sb: the empty superblock 2873 * @fc: unused 2874 * 2875 * Fill in the well known entries for the smack filesystem 2876 * 2877 * Returns 0 on success, an error code on failure 2878 */ 2879 static int smk_fill_super(struct super_block *sb, struct fs_context *fc) 2880 { 2881 int rc; 2882 2883 static const struct tree_descr smack_files[] = { 2884 [SMK_LOAD] = { 2885 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2886 [SMK_CIPSO] = { 2887 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2888 [SMK_DOI] = { 2889 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2890 [SMK_DIRECT] = { 2891 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2892 [SMK_AMBIENT] = { 2893 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2894 [SMK_NET4ADDR] = { 2895 "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR}, 2896 [SMK_ONLYCAP] = { 2897 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2898 #ifdef CONFIG_AUDIT 2899 [SMK_LOGGING] = { 2900 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2901 #endif /* CONFIG_AUDIT */ 2902 [SMK_LOAD_SELF] = { 2903 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2904 [SMK_ACCESSES] = { 2905 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2906 [SMK_MAPPED] = { 2907 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2908 [SMK_LOAD2] = { 2909 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2910 [SMK_LOAD_SELF2] = { 2911 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2912 [SMK_ACCESS2] = { 2913 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2914 [SMK_CIPSO2] = { 2915 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2916 [SMK_REVOKE_SUBJ] = { 2917 "revoke-subject", &smk_revoke_subj_ops, 2918 S_IRUGO|S_IWUSR}, 2919 [SMK_CHANGE_RULE] = { 2920 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2921 [SMK_SYSLOG] = { 2922 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2923 [SMK_PTRACE] = { 2924 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2925 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2926 [SMK_UNCONFINED] = { 2927 "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR}, 2928 #endif 2929 #if IS_ENABLED(CONFIG_IPV6) 2930 [SMK_NET6ADDR] = { 2931 "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR}, 2932 #endif /* CONFIG_IPV6 */ 2933 [SMK_RELABEL_SELF] = { 2934 "relabel-self", &smk_relabel_self_ops, 2935 S_IRUGO|S_IWUGO}, 2936 /* last one */ 2937 {""} 2938 }; 2939 2940 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2941 if (rc != 0) { 2942 printk(KERN_ERR "%s failed %d while creating inodes\n", 2943 __func__, rc); 2944 return rc; 2945 } 2946 2947 return 0; 2948 } 2949 2950 /** 2951 * smk_get_tree - get the smackfs superblock 2952 * @fc: The mount context, including any options 2953 * 2954 * Just passes everything along. 2955 * 2956 * Returns what the lower level code does. 2957 */ 2958 static int smk_get_tree(struct fs_context *fc) 2959 { 2960 return get_tree_single(fc, smk_fill_super); 2961 } 2962 2963 static const struct fs_context_operations smk_context_ops = { 2964 .get_tree = smk_get_tree, 2965 }; 2966 2967 /** 2968 * smk_init_fs_context - Initialise a filesystem context for smackfs 2969 * @fc: The blank mount context 2970 */ 2971 static int smk_init_fs_context(struct fs_context *fc) 2972 { 2973 fc->ops = &smk_context_ops; 2974 return 0; 2975 } 2976 2977 static struct file_system_type smk_fs_type = { 2978 .name = "smackfs", 2979 .init_fs_context = smk_init_fs_context, 2980 .kill_sb = kill_anon_super, 2981 }; 2982 2983 static struct vfsmount *smackfs_mount; 2984 2985 /** 2986 * init_smk_fs - get the smackfs superblock 2987 * 2988 * register the smackfs 2989 * 2990 * Do not register smackfs if Smack wasn't enabled 2991 * on boot. We can not put this method normally under the 2992 * smack_init() code path since the security subsystem get 2993 * initialized before the vfs caches. 2994 * 2995 * Returns true if we were not chosen on boot or if 2996 * we were chosen and filesystem registration succeeded. 2997 */ 2998 int __init init_smk_fs(void) 2999 { 3000 int err; 3001 int rc; 3002 struct netlbl_audit nai; 3003 3004 if (smack_enabled == 0) 3005 return 0; 3006 3007 err = smk_init_sysfs(); 3008 if (err) 3009 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 3010 3011 err = register_filesystem(&smk_fs_type); 3012 if (!err) { 3013 smackfs_mount = kern_mount(&smk_fs_type); 3014 if (IS_ERR(smackfs_mount)) { 3015 printk(KERN_ERR "smackfs: could not mount!\n"); 3016 err = PTR_ERR(smackfs_mount); 3017 smackfs_mount = NULL; 3018 } 3019 } 3020 3021 smk_netlabel_audit_set(&nai); 3022 (void) netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 3023 (void) smk_cipso_doi(SMACK_CIPSO_DOI_DEFAULT, 3024 GFP_KERNEL | __GFP_NOFAIL); 3025 smk_unlbl_ambient(NULL); 3026 3027 rc = smack_populate_secattr(&smack_known_floor); 3028 if (err == 0 && rc < 0) 3029 err = rc; 3030 rc = smack_populate_secattr(&smack_known_hat); 3031 if (err == 0 && rc < 0) 3032 err = rc; 3033 rc = smack_populate_secattr(&smack_known_huh); 3034 if (err == 0 && rc < 0) 3035 err = rc; 3036 rc = smack_populate_secattr(&smack_known_star); 3037 if (err == 0 && rc < 0) 3038 err = rc; 3039 rc = smack_populate_secattr(&smack_known_web); 3040 if (err == 0 && rc < 0) 3041 err = rc; 3042 3043 return err; 3044 } 3045