1 // SPDX-License-Identifier: GPL-2.0-only 2 /* Updated: Karl MacMillan <kmacmillan@tresys.com> 3 * 4 * Added conditional policy language extensions 5 * 6 * Updated: Hewlett-Packard <paul@paul-moore.com> 7 * 8 * Added support for the policy capability bitmap 9 * 10 * Copyright (C) 2007 Hewlett-Packard Development Company, L.P. 11 * Copyright (C) 2003 - 2004 Tresys Technology, LLC 12 * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/pagemap.h> 17 #include <linux/slab.h> 18 #include <linux/vmalloc.h> 19 #include <linux/fs.h> 20 #include <linux/fs_context.h> 21 #include <linux/mount.h> 22 #include <linux/mutex.h> 23 #include <linux/namei.h> 24 #include <linux/init.h> 25 #include <linux/string.h> 26 #include <linux/security.h> 27 #include <linux/major.h> 28 #include <linux/seq_file.h> 29 #include <linux/percpu.h> 30 #include <linux/audit.h> 31 #include <linux/uaccess.h> 32 #include <linux/kobject.h> 33 #include <linux/ctype.h> 34 35 /* selinuxfs pseudo filesystem for exporting the security policy API. 36 Based on the proc code and the fs/nfsd/nfsctl.c code. */ 37 38 #include "flask.h" 39 #include "avc.h" 40 #include "avc_ss.h" 41 #include "security.h" 42 #include "objsec.h" 43 #include "conditional.h" 44 #include "ima.h" 45 46 enum sel_inos { 47 SEL_ROOT_INO = 2, 48 SEL_LOAD, /* load policy */ 49 SEL_ENFORCE, /* get or set enforcing status */ 50 SEL_CONTEXT, /* validate context */ 51 SEL_ACCESS, /* compute access decision */ 52 SEL_CREATE, /* compute create labeling decision */ 53 SEL_RELABEL, /* compute relabeling decision */ 54 SEL_USER, /* compute reachable user contexts */ 55 SEL_POLICYVERS, /* return policy version for this kernel */ 56 SEL_COMMIT_BOOLS, /* commit new boolean values */ 57 SEL_MLS, /* return if MLS policy is enabled */ 58 SEL_DISABLE, /* disable SELinux until next reboot */ 59 SEL_MEMBER, /* compute polyinstantiation membership decision */ 60 SEL_CHECKREQPROT, /* check requested protection, not kernel-applied one */ 61 SEL_COMPAT_NET, /* whether to use old compat network packet controls */ 62 SEL_REJECT_UNKNOWN, /* export unknown reject handling to userspace */ 63 SEL_DENY_UNKNOWN, /* export unknown deny handling to userspace */ 64 SEL_STATUS, /* export current status using mmap() */ 65 SEL_POLICY, /* allow userspace to read the in kernel policy */ 66 SEL_VALIDATE_TRANS, /* compute validatetrans decision */ 67 SEL_INO_NEXT, /* The next inode number to use */ 68 }; 69 70 struct selinux_fs_info { 71 struct dentry *bool_dir; 72 unsigned int bool_num; 73 char **bool_pending_names; 74 int *bool_pending_values; 75 struct dentry *class_dir; 76 unsigned long last_class_ino; 77 bool policy_opened; 78 struct dentry *policycap_dir; 79 unsigned long last_ino; 80 struct super_block *sb; 81 }; 82 83 static int selinux_fs_info_create(struct super_block *sb) 84 { 85 struct selinux_fs_info *fsi; 86 87 fsi = kzalloc(sizeof(*fsi), GFP_KERNEL); 88 if (!fsi) 89 return -ENOMEM; 90 91 fsi->last_ino = SEL_INO_NEXT - 1; 92 fsi->sb = sb; 93 sb->s_fs_info = fsi; 94 return 0; 95 } 96 97 static void selinux_fs_info_free(struct super_block *sb) 98 { 99 struct selinux_fs_info *fsi = sb->s_fs_info; 100 unsigned int i; 101 102 if (fsi) { 103 for (i = 0; i < fsi->bool_num; i++) 104 kfree(fsi->bool_pending_names[i]); 105 kfree(fsi->bool_pending_names); 106 kfree(fsi->bool_pending_values); 107 } 108 kfree(sb->s_fs_info); 109 sb->s_fs_info = NULL; 110 } 111 112 #define SEL_INITCON_INO_OFFSET 0x01000000 113 #define SEL_BOOL_INO_OFFSET 0x02000000 114 #define SEL_CLASS_INO_OFFSET 0x04000000 115 #define SEL_POLICYCAP_INO_OFFSET 0x08000000 116 #define SEL_INO_MASK 0x00ffffff 117 118 #define BOOL_DIR_NAME "booleans" 119 #define CLASS_DIR_NAME "class" 120 #define POLICYCAP_DIR_NAME "policy_capabilities" 121 122 #define TMPBUFLEN 12 123 static ssize_t sel_read_enforce(struct file *filp, char __user *buf, 124 size_t count, loff_t *ppos) 125 { 126 char tmpbuf[TMPBUFLEN]; 127 ssize_t length; 128 129 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", 130 enforcing_enabled()); 131 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 132 } 133 134 #ifdef CONFIG_SECURITY_SELINUX_DEVELOP 135 static ssize_t sel_write_enforce(struct file *file, const char __user *buf, 136 size_t count, loff_t *ppos) 137 138 { 139 char *page = NULL; 140 ssize_t length; 141 int scan_value; 142 bool old_value, new_value; 143 144 if (count >= PAGE_SIZE) 145 return -ENOMEM; 146 147 /* No partial writes. */ 148 if (*ppos != 0) 149 return -EINVAL; 150 151 page = memdup_user_nul(buf, count); 152 if (IS_ERR(page)) 153 return PTR_ERR(page); 154 155 length = -EINVAL; 156 if (sscanf(page, "%d", &scan_value) != 1) 157 goto out; 158 159 new_value = !!scan_value; 160 161 old_value = enforcing_enabled(); 162 if (new_value != old_value) { 163 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 164 SECCLASS_SECURITY, SECURITY__SETENFORCE, 165 NULL); 166 if (length) 167 goto out; 168 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS, 169 "enforcing=%d old_enforcing=%d auid=%u ses=%u" 170 " enabled=1 old-enabled=1 lsm=selinux res=1", 171 new_value, old_value, 172 from_kuid(&init_user_ns, audit_get_loginuid(current)), 173 audit_get_sessionid(current)); 174 enforcing_set(new_value); 175 if (new_value) 176 avc_ss_reset(0); 177 selnl_notify_setenforce(new_value); 178 selinux_status_update_setenforce(new_value); 179 if (!new_value) 180 call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL); 181 182 selinux_ima_measure_state(); 183 } 184 length = count; 185 out: 186 kfree(page); 187 return length; 188 } 189 #else 190 #define sel_write_enforce NULL 191 #endif 192 193 static const struct file_operations sel_enforce_ops = { 194 .read = sel_read_enforce, 195 .write = sel_write_enforce, 196 .llseek = generic_file_llseek, 197 }; 198 199 static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, 200 size_t count, loff_t *ppos) 201 { 202 char tmpbuf[TMPBUFLEN]; 203 ssize_t length; 204 ino_t ino = file_inode(filp)->i_ino; 205 int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ? 206 security_get_reject_unknown() : 207 !security_get_allow_unknown(); 208 209 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown); 210 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 211 } 212 213 static const struct file_operations sel_handle_unknown_ops = { 214 .read = sel_read_handle_unknown, 215 .llseek = generic_file_llseek, 216 }; 217 218 static int sel_open_handle_status(struct inode *inode, struct file *filp) 219 { 220 struct page *status = selinux_kernel_status_page(); 221 222 if (!status) 223 return -ENOMEM; 224 225 filp->private_data = status; 226 227 return 0; 228 } 229 230 static ssize_t sel_read_handle_status(struct file *filp, char __user *buf, 231 size_t count, loff_t *ppos) 232 { 233 struct page *status = filp->private_data; 234 235 BUG_ON(!status); 236 237 return simple_read_from_buffer(buf, count, ppos, 238 page_address(status), 239 sizeof(struct selinux_kernel_status)); 240 } 241 242 static int sel_mmap_handle_status(struct file *filp, 243 struct vm_area_struct *vma) 244 { 245 struct page *status = filp->private_data; 246 unsigned long size = vma->vm_end - vma->vm_start; 247 248 BUG_ON(!status); 249 250 /* only allows one page from the head */ 251 if (vma->vm_pgoff > 0 || size != PAGE_SIZE) 252 return -EIO; 253 /* disallow writable mapping */ 254 if (vma->vm_flags & VM_WRITE) 255 return -EPERM; 256 /* disallow mprotect() turns it into writable */ 257 vm_flags_clear(vma, VM_MAYWRITE); 258 259 return remap_pfn_range(vma, vma->vm_start, 260 page_to_pfn(status), 261 size, vma->vm_page_prot); 262 } 263 264 static const struct file_operations sel_handle_status_ops = { 265 .open = sel_open_handle_status, 266 .read = sel_read_handle_status, 267 .mmap = sel_mmap_handle_status, 268 .llseek = generic_file_llseek, 269 }; 270 271 static ssize_t sel_write_disable(struct file *file, const char __user *buf, 272 size_t count, loff_t *ppos) 273 274 { 275 char *page; 276 ssize_t length; 277 int new_value; 278 279 if (count >= PAGE_SIZE) 280 return -ENOMEM; 281 282 /* No partial writes. */ 283 if (*ppos != 0) 284 return -EINVAL; 285 286 page = memdup_user_nul(buf, count); 287 if (IS_ERR(page)) 288 return PTR_ERR(page); 289 290 if (sscanf(page, "%d", &new_value) != 1) { 291 length = -EINVAL; 292 goto out; 293 } 294 length = count; 295 296 if (new_value) { 297 pr_err("SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-runtime-disable\n"); 298 pr_err("SELinux: Runtime disable is not supported, use selinux=0 on the kernel cmdline.\n"); 299 } 300 301 out: 302 kfree(page); 303 return length; 304 } 305 306 static const struct file_operations sel_disable_ops = { 307 .write = sel_write_disable, 308 .llseek = generic_file_llseek, 309 }; 310 311 static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, 312 size_t count, loff_t *ppos) 313 { 314 char tmpbuf[TMPBUFLEN]; 315 ssize_t length; 316 317 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX); 318 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 319 } 320 321 static const struct file_operations sel_policyvers_ops = { 322 .read = sel_read_policyvers, 323 .llseek = generic_file_llseek, 324 }; 325 326 /* declaration for sel_write_load */ 327 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir, 328 unsigned int *bool_num, char ***bool_pending_names, 329 int **bool_pending_values); 330 static int sel_make_classes(struct selinux_policy *newpolicy, 331 struct dentry *class_dir, 332 unsigned long *last_class_ino); 333 334 /* declaration for sel_make_class_dirs */ 335 static struct dentry *sel_make_dir(struct dentry *dir, const char *name, 336 unsigned long *ino); 337 338 /* declaration for sel_make_policy_nodes */ 339 static struct dentry *sel_make_disconnected_dir(struct super_block *sb, 340 unsigned long *ino); 341 342 /* declaration for sel_make_policy_nodes */ 343 static void sel_remove_entries(struct dentry *de); 344 345 static ssize_t sel_read_mls(struct file *filp, char __user *buf, 346 size_t count, loff_t *ppos) 347 { 348 char tmpbuf[TMPBUFLEN]; 349 ssize_t length; 350 351 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", 352 security_mls_enabled()); 353 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 354 } 355 356 static const struct file_operations sel_mls_ops = { 357 .read = sel_read_mls, 358 .llseek = generic_file_llseek, 359 }; 360 361 struct policy_load_memory { 362 size_t len; 363 void *data; 364 }; 365 366 static int sel_open_policy(struct inode *inode, struct file *filp) 367 { 368 struct selinux_fs_info *fsi = inode->i_sb->s_fs_info; 369 struct policy_load_memory *plm = NULL; 370 int rc; 371 372 BUG_ON(filp->private_data); 373 374 mutex_lock(&selinux_state.policy_mutex); 375 376 rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, 377 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 378 if (rc) 379 goto err; 380 381 rc = -EBUSY; 382 if (fsi->policy_opened) 383 goto err; 384 385 rc = -ENOMEM; 386 plm = kzalloc(sizeof(*plm), GFP_KERNEL); 387 if (!plm) 388 goto err; 389 390 rc = security_read_policy(&plm->data, &plm->len); 391 if (rc) 392 goto err; 393 394 if ((size_t)i_size_read(inode) != plm->len) { 395 inode_lock(inode); 396 i_size_write(inode, plm->len); 397 inode_unlock(inode); 398 } 399 400 fsi->policy_opened = 1; 401 402 filp->private_data = plm; 403 404 mutex_unlock(&selinux_state.policy_mutex); 405 406 return 0; 407 err: 408 mutex_unlock(&selinux_state.policy_mutex); 409 410 if (plm) 411 vfree(plm->data); 412 kfree(plm); 413 return rc; 414 } 415 416 static int sel_release_policy(struct inode *inode, struct file *filp) 417 { 418 struct selinux_fs_info *fsi = inode->i_sb->s_fs_info; 419 struct policy_load_memory *plm = filp->private_data; 420 421 BUG_ON(!plm); 422 423 fsi->policy_opened = 0; 424 425 vfree(plm->data); 426 kfree(plm); 427 428 return 0; 429 } 430 431 static ssize_t sel_read_policy(struct file *filp, char __user *buf, 432 size_t count, loff_t *ppos) 433 { 434 struct policy_load_memory *plm = filp->private_data; 435 int ret; 436 437 ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, 438 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 439 if (ret) 440 return ret; 441 442 return simple_read_from_buffer(buf, count, ppos, plm->data, plm->len); 443 } 444 445 static vm_fault_t sel_mmap_policy_fault(struct vm_fault *vmf) 446 { 447 struct policy_load_memory *plm = vmf->vma->vm_file->private_data; 448 unsigned long offset; 449 struct page *page; 450 451 if (vmf->flags & (FAULT_FLAG_MKWRITE | FAULT_FLAG_WRITE)) 452 return VM_FAULT_SIGBUS; 453 454 offset = vmf->pgoff << PAGE_SHIFT; 455 if (offset >= roundup(plm->len, PAGE_SIZE)) 456 return VM_FAULT_SIGBUS; 457 458 page = vmalloc_to_page(plm->data + offset); 459 get_page(page); 460 461 vmf->page = page; 462 463 return 0; 464 } 465 466 static const struct vm_operations_struct sel_mmap_policy_ops = { 467 .fault = sel_mmap_policy_fault, 468 .page_mkwrite = sel_mmap_policy_fault, 469 }; 470 471 static int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma) 472 { 473 if (vma->vm_flags & VM_SHARED) { 474 /* do not allow mprotect to make mapping writable */ 475 vm_flags_clear(vma, VM_MAYWRITE); 476 477 if (vma->vm_flags & VM_WRITE) 478 return -EACCES; 479 } 480 481 vm_flags_set(vma, VM_DONTEXPAND | VM_DONTDUMP); 482 vma->vm_ops = &sel_mmap_policy_ops; 483 484 return 0; 485 } 486 487 static const struct file_operations sel_policy_ops = { 488 .open = sel_open_policy, 489 .read = sel_read_policy, 490 .mmap = sel_mmap_policy, 491 .release = sel_release_policy, 492 .llseek = generic_file_llseek, 493 }; 494 495 static void sel_remove_old_bool_data(unsigned int bool_num, char **bool_names, 496 int *bool_values) 497 { 498 u32 i; 499 500 /* bool_dir cleanup */ 501 for (i = 0; i < bool_num; i++) 502 kfree(bool_names[i]); 503 kfree(bool_names); 504 kfree(bool_values); 505 } 506 507 static int sel_make_policy_nodes(struct selinux_fs_info *fsi, 508 struct selinux_policy *newpolicy) 509 { 510 int ret = 0; 511 struct dentry *tmp_parent, *tmp_bool_dir, *tmp_class_dir, *old_dentry; 512 unsigned int tmp_bool_num, old_bool_num; 513 char **tmp_bool_names, **old_bool_names; 514 int *tmp_bool_values, *old_bool_values; 515 unsigned long tmp_ino = fsi->last_ino; /* Don't increment last_ino in this function */ 516 517 tmp_parent = sel_make_disconnected_dir(fsi->sb, &tmp_ino); 518 if (IS_ERR(tmp_parent)) 519 return PTR_ERR(tmp_parent); 520 521 tmp_ino = fsi->bool_dir->d_inode->i_ino - 1; /* sel_make_dir will increment and set */ 522 tmp_bool_dir = sel_make_dir(tmp_parent, BOOL_DIR_NAME, &tmp_ino); 523 if (IS_ERR(tmp_bool_dir)) { 524 ret = PTR_ERR(tmp_bool_dir); 525 goto out; 526 } 527 528 tmp_ino = fsi->class_dir->d_inode->i_ino - 1; /* sel_make_dir will increment and set */ 529 tmp_class_dir = sel_make_dir(tmp_parent, CLASS_DIR_NAME, &tmp_ino); 530 if (IS_ERR(tmp_class_dir)) { 531 ret = PTR_ERR(tmp_class_dir); 532 goto out; 533 } 534 535 ret = sel_make_bools(newpolicy, tmp_bool_dir, &tmp_bool_num, 536 &tmp_bool_names, &tmp_bool_values); 537 if (ret) 538 goto out; 539 540 ret = sel_make_classes(newpolicy, tmp_class_dir, 541 &fsi->last_class_ino); 542 if (ret) 543 goto out; 544 545 /* booleans */ 546 old_dentry = fsi->bool_dir; 547 lock_rename(tmp_bool_dir, old_dentry); 548 d_exchange(tmp_bool_dir, fsi->bool_dir); 549 550 old_bool_num = fsi->bool_num; 551 old_bool_names = fsi->bool_pending_names; 552 old_bool_values = fsi->bool_pending_values; 553 554 fsi->bool_num = tmp_bool_num; 555 fsi->bool_pending_names = tmp_bool_names; 556 fsi->bool_pending_values = tmp_bool_values; 557 558 sel_remove_old_bool_data(old_bool_num, old_bool_names, old_bool_values); 559 560 fsi->bool_dir = tmp_bool_dir; 561 unlock_rename(tmp_bool_dir, old_dentry); 562 563 /* classes */ 564 old_dentry = fsi->class_dir; 565 lock_rename(tmp_class_dir, old_dentry); 566 d_exchange(tmp_class_dir, fsi->class_dir); 567 fsi->class_dir = tmp_class_dir; 568 unlock_rename(tmp_class_dir, old_dentry); 569 570 out: 571 /* Since the other temporary dirs are children of tmp_parent 572 * this will handle all the cleanup in the case of a failure before 573 * the swapover 574 */ 575 sel_remove_entries(tmp_parent); 576 dput(tmp_parent); /* d_genocide() only handles the children */ 577 578 return ret; 579 } 580 581 static ssize_t sel_write_load(struct file *file, const char __user *buf, 582 size_t count, loff_t *ppos) 583 584 { 585 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 586 struct selinux_load_state load_state; 587 ssize_t length; 588 void *data = NULL; 589 590 mutex_lock(&selinux_state.policy_mutex); 591 592 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 593 SECCLASS_SECURITY, SECURITY__LOAD_POLICY, NULL); 594 if (length) 595 goto out; 596 597 /* No partial writes. */ 598 length = -EINVAL; 599 if (*ppos != 0) 600 goto out; 601 602 length = -ENOMEM; 603 data = vmalloc(count); 604 if (!data) 605 goto out; 606 607 length = -EFAULT; 608 if (copy_from_user(data, buf, count) != 0) 609 goto out; 610 611 length = security_load_policy(data, count, &load_state); 612 if (length) { 613 pr_warn_ratelimited("SELinux: failed to load policy\n"); 614 goto out; 615 } 616 617 length = sel_make_policy_nodes(fsi, load_state.policy); 618 if (length) { 619 pr_warn_ratelimited("SELinux: failed to initialize selinuxfs\n"); 620 selinux_policy_cancel(&load_state); 621 goto out; 622 } 623 624 selinux_policy_commit(&load_state); 625 626 length = count; 627 628 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, 629 "auid=%u ses=%u lsm=selinux res=1", 630 from_kuid(&init_user_ns, audit_get_loginuid(current)), 631 audit_get_sessionid(current)); 632 out: 633 mutex_unlock(&selinux_state.policy_mutex); 634 vfree(data); 635 return length; 636 } 637 638 static const struct file_operations sel_load_ops = { 639 .write = sel_write_load, 640 .llseek = generic_file_llseek, 641 }; 642 643 static ssize_t sel_write_context(struct file *file, char *buf, size_t size) 644 { 645 char *canon = NULL; 646 u32 sid, len; 647 ssize_t length; 648 649 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 650 SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, NULL); 651 if (length) 652 goto out; 653 654 length = security_context_to_sid(buf, size, &sid, GFP_KERNEL); 655 if (length) 656 goto out; 657 658 length = security_sid_to_context(sid, &canon, &len); 659 if (length) 660 goto out; 661 662 length = -ERANGE; 663 if (len > SIMPLE_TRANSACTION_LIMIT) { 664 pr_err("SELinux: %s: context size (%u) exceeds " 665 "payload max\n", __func__, len); 666 goto out; 667 } 668 669 memcpy(buf, canon, len); 670 length = len; 671 out: 672 kfree(canon); 673 return length; 674 } 675 676 static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, 677 size_t count, loff_t *ppos) 678 { 679 char tmpbuf[TMPBUFLEN]; 680 ssize_t length; 681 682 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 683 checkreqprot_get()); 684 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 685 } 686 687 static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, 688 size_t count, loff_t *ppos) 689 { 690 char *page; 691 ssize_t length; 692 unsigned int new_value; 693 694 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 695 SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, 696 NULL); 697 if (length) 698 return length; 699 700 if (count >= PAGE_SIZE) 701 return -ENOMEM; 702 703 /* No partial writes. */ 704 if (*ppos != 0) 705 return -EINVAL; 706 707 page = memdup_user_nul(buf, count); 708 if (IS_ERR(page)) 709 return PTR_ERR(page); 710 711 if (sscanf(page, "%u", &new_value) != 1) { 712 length = -EINVAL; 713 goto out; 714 } 715 length = count; 716 717 if (new_value) { 718 char comm[sizeof(current->comm)]; 719 720 memcpy(comm, current->comm, sizeof(comm)); 721 pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", 722 comm, current->pid); 723 } 724 725 selinux_ima_measure_state(); 726 727 out: 728 kfree(page); 729 return length; 730 } 731 static const struct file_operations sel_checkreqprot_ops = { 732 .read = sel_read_checkreqprot, 733 .write = sel_write_checkreqprot, 734 .llseek = generic_file_llseek, 735 }; 736 737 static ssize_t sel_write_validatetrans(struct file *file, 738 const char __user *buf, 739 size_t count, loff_t *ppos) 740 { 741 char *oldcon = NULL, *newcon = NULL, *taskcon = NULL; 742 char *req = NULL; 743 u32 osid, nsid, tsid; 744 u16 tclass; 745 int rc; 746 747 rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, 748 SECCLASS_SECURITY, SECURITY__VALIDATE_TRANS, NULL); 749 if (rc) 750 goto out; 751 752 rc = -ENOMEM; 753 if (count >= PAGE_SIZE) 754 goto out; 755 756 /* No partial writes. */ 757 rc = -EINVAL; 758 if (*ppos != 0) 759 goto out; 760 761 req = memdup_user_nul(buf, count); 762 if (IS_ERR(req)) { 763 rc = PTR_ERR(req); 764 req = NULL; 765 goto out; 766 } 767 768 rc = -ENOMEM; 769 oldcon = kzalloc(count + 1, GFP_KERNEL); 770 if (!oldcon) 771 goto out; 772 773 newcon = kzalloc(count + 1, GFP_KERNEL); 774 if (!newcon) 775 goto out; 776 777 taskcon = kzalloc(count + 1, GFP_KERNEL); 778 if (!taskcon) 779 goto out; 780 781 rc = -EINVAL; 782 if (sscanf(req, "%s %s %hu %s", oldcon, newcon, &tclass, taskcon) != 4) 783 goto out; 784 785 rc = security_context_str_to_sid(oldcon, &osid, GFP_KERNEL); 786 if (rc) 787 goto out; 788 789 rc = security_context_str_to_sid(newcon, &nsid, GFP_KERNEL); 790 if (rc) 791 goto out; 792 793 rc = security_context_str_to_sid(taskcon, &tsid, GFP_KERNEL); 794 if (rc) 795 goto out; 796 797 rc = security_validate_transition_user(osid, nsid, tsid, tclass); 798 if (!rc) 799 rc = count; 800 out: 801 kfree(req); 802 kfree(oldcon); 803 kfree(newcon); 804 kfree(taskcon); 805 return rc; 806 } 807 808 static const struct file_operations sel_transition_ops = { 809 .write = sel_write_validatetrans, 810 .llseek = generic_file_llseek, 811 }; 812 813 /* 814 * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c 815 */ 816 static ssize_t sel_write_access(struct file *file, char *buf, size_t size); 817 static ssize_t sel_write_create(struct file *file, char *buf, size_t size); 818 static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size); 819 static ssize_t sel_write_user(struct file *file, char *buf, size_t size); 820 static ssize_t sel_write_member(struct file *file, char *buf, size_t size); 821 822 static ssize_t (*const write_op[])(struct file *, char *, size_t) = { 823 [SEL_ACCESS] = sel_write_access, 824 [SEL_CREATE] = sel_write_create, 825 [SEL_RELABEL] = sel_write_relabel, 826 [SEL_USER] = sel_write_user, 827 [SEL_MEMBER] = sel_write_member, 828 [SEL_CONTEXT] = sel_write_context, 829 }; 830 831 static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) 832 { 833 ino_t ino = file_inode(file)->i_ino; 834 char *data; 835 ssize_t rv; 836 837 if (ino >= ARRAY_SIZE(write_op) || !write_op[ino]) 838 return -EINVAL; 839 840 data = simple_transaction_get(file, buf, size); 841 if (IS_ERR(data)) 842 return PTR_ERR(data); 843 844 rv = write_op[ino](file, data, size); 845 if (rv > 0) { 846 simple_transaction_set(file, rv); 847 rv = size; 848 } 849 return rv; 850 } 851 852 static const struct file_operations transaction_ops = { 853 .write = selinux_transaction_write, 854 .read = simple_transaction_read, 855 .release = simple_transaction_release, 856 .llseek = generic_file_llseek, 857 }; 858 859 /* 860 * payload - write methods 861 * If the method has a response, the response should be put in buf, 862 * and the length returned. Otherwise return 0 or and -error. 863 */ 864 865 static ssize_t sel_write_access(struct file *file, char *buf, size_t size) 866 { 867 char *scon = NULL, *tcon = NULL; 868 u32 ssid, tsid; 869 u16 tclass; 870 struct av_decision avd; 871 ssize_t length; 872 873 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 874 SECCLASS_SECURITY, SECURITY__COMPUTE_AV, NULL); 875 if (length) 876 goto out; 877 878 length = -ENOMEM; 879 scon = kzalloc(size + 1, GFP_KERNEL); 880 if (!scon) 881 goto out; 882 883 length = -ENOMEM; 884 tcon = kzalloc(size + 1, GFP_KERNEL); 885 if (!tcon) 886 goto out; 887 888 length = -EINVAL; 889 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 890 goto out; 891 892 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 893 if (length) 894 goto out; 895 896 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 897 if (length) 898 goto out; 899 900 security_compute_av_user(ssid, tsid, tclass, &avd); 901 902 length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, 903 "%x %x %x %x %u %x", 904 avd.allowed, 0xffffffff, 905 avd.auditallow, avd.auditdeny, 906 avd.seqno, avd.flags); 907 out: 908 kfree(tcon); 909 kfree(scon); 910 return length; 911 } 912 913 static ssize_t sel_write_create(struct file *file, char *buf, size_t size) 914 { 915 char *scon = NULL, *tcon = NULL; 916 char *namebuf = NULL, *objname = NULL; 917 u32 ssid, tsid, newsid; 918 u16 tclass; 919 ssize_t length; 920 char *newcon = NULL; 921 u32 len; 922 int nargs; 923 924 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 925 SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, 926 NULL); 927 if (length) 928 goto out; 929 930 length = -ENOMEM; 931 scon = kzalloc(size + 1, GFP_KERNEL); 932 if (!scon) 933 goto out; 934 935 length = -ENOMEM; 936 tcon = kzalloc(size + 1, GFP_KERNEL); 937 if (!tcon) 938 goto out; 939 940 length = -ENOMEM; 941 namebuf = kzalloc(size + 1, GFP_KERNEL); 942 if (!namebuf) 943 goto out; 944 945 length = -EINVAL; 946 nargs = sscanf(buf, "%s %s %hu %s", scon, tcon, &tclass, namebuf); 947 if (nargs < 3 || nargs > 4) 948 goto out; 949 if (nargs == 4) { 950 /* 951 * If and when the name of new object to be queried contains 952 * either whitespace or multibyte characters, they shall be 953 * encoded based on the percentage-encoding rule. 954 * If not encoded, the sscanf logic picks up only left-half 955 * of the supplied name; split by a whitespace unexpectedly. 956 */ 957 char *r, *w; 958 int c1, c2; 959 960 r = w = namebuf; 961 do { 962 c1 = *r++; 963 if (c1 == '+') 964 c1 = ' '; 965 else if (c1 == '%') { 966 c1 = hex_to_bin(*r++); 967 if (c1 < 0) 968 goto out; 969 c2 = hex_to_bin(*r++); 970 if (c2 < 0) 971 goto out; 972 c1 = (c1 << 4) | c2; 973 } 974 *w++ = c1; 975 } while (c1 != '\0'); 976 977 objname = namebuf; 978 } 979 980 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 981 if (length) 982 goto out; 983 984 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 985 if (length) 986 goto out; 987 988 length = security_transition_sid_user(ssid, tsid, tclass, 989 objname, &newsid); 990 if (length) 991 goto out; 992 993 length = security_sid_to_context(newsid, &newcon, &len); 994 if (length) 995 goto out; 996 997 length = -ERANGE; 998 if (len > SIMPLE_TRANSACTION_LIMIT) { 999 pr_err("SELinux: %s: context size (%u) exceeds " 1000 "payload max\n", __func__, len); 1001 goto out; 1002 } 1003 1004 memcpy(buf, newcon, len); 1005 length = len; 1006 out: 1007 kfree(newcon); 1008 kfree(namebuf); 1009 kfree(tcon); 1010 kfree(scon); 1011 return length; 1012 } 1013 1014 static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size) 1015 { 1016 char *scon = NULL, *tcon = NULL; 1017 u32 ssid, tsid, newsid; 1018 u16 tclass; 1019 ssize_t length; 1020 char *newcon = NULL; 1021 u32 len; 1022 1023 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1024 SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, 1025 NULL); 1026 if (length) 1027 goto out; 1028 1029 length = -ENOMEM; 1030 scon = kzalloc(size + 1, GFP_KERNEL); 1031 if (!scon) 1032 goto out; 1033 1034 length = -ENOMEM; 1035 tcon = kzalloc(size + 1, GFP_KERNEL); 1036 if (!tcon) 1037 goto out; 1038 1039 length = -EINVAL; 1040 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 1041 goto out; 1042 1043 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 1044 if (length) 1045 goto out; 1046 1047 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 1048 if (length) 1049 goto out; 1050 1051 length = security_change_sid(ssid, tsid, tclass, &newsid); 1052 if (length) 1053 goto out; 1054 1055 length = security_sid_to_context(newsid, &newcon, &len); 1056 if (length) 1057 goto out; 1058 1059 length = -ERANGE; 1060 if (len > SIMPLE_TRANSACTION_LIMIT) 1061 goto out; 1062 1063 memcpy(buf, newcon, len); 1064 length = len; 1065 out: 1066 kfree(newcon); 1067 kfree(tcon); 1068 kfree(scon); 1069 return length; 1070 } 1071 1072 static ssize_t sel_write_user(struct file *file, char *buf, size_t size) 1073 { 1074 char *con = NULL, *user = NULL, *ptr; 1075 u32 sid, *sids = NULL; 1076 ssize_t length; 1077 char *newcon; 1078 int rc; 1079 u32 i, len, nsids; 1080 1081 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1082 SECCLASS_SECURITY, SECURITY__COMPUTE_USER, 1083 NULL); 1084 if (length) 1085 goto out; 1086 1087 length = -ENOMEM; 1088 con = kzalloc(size + 1, GFP_KERNEL); 1089 if (!con) 1090 goto out; 1091 1092 length = -ENOMEM; 1093 user = kzalloc(size + 1, GFP_KERNEL); 1094 if (!user) 1095 goto out; 1096 1097 length = -EINVAL; 1098 if (sscanf(buf, "%s %s", con, user) != 2) 1099 goto out; 1100 1101 length = security_context_str_to_sid(con, &sid, GFP_KERNEL); 1102 if (length) 1103 goto out; 1104 1105 length = security_get_user_sids(sid, user, &sids, &nsids); 1106 if (length) 1107 goto out; 1108 1109 length = sprintf(buf, "%u", nsids) + 1; 1110 ptr = buf + length; 1111 for (i = 0; i < nsids; i++) { 1112 rc = security_sid_to_context(sids[i], &newcon, &len); 1113 if (rc) { 1114 length = rc; 1115 goto out; 1116 } 1117 if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) { 1118 kfree(newcon); 1119 length = -ERANGE; 1120 goto out; 1121 } 1122 memcpy(ptr, newcon, len); 1123 kfree(newcon); 1124 ptr += len; 1125 length += len; 1126 } 1127 out: 1128 kfree(sids); 1129 kfree(user); 1130 kfree(con); 1131 return length; 1132 } 1133 1134 static ssize_t sel_write_member(struct file *file, char *buf, size_t size) 1135 { 1136 char *scon = NULL, *tcon = NULL; 1137 u32 ssid, tsid, newsid; 1138 u16 tclass; 1139 ssize_t length; 1140 char *newcon = NULL; 1141 u32 len; 1142 1143 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1144 SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, 1145 NULL); 1146 if (length) 1147 goto out; 1148 1149 length = -ENOMEM; 1150 scon = kzalloc(size + 1, GFP_KERNEL); 1151 if (!scon) 1152 goto out; 1153 1154 length = -ENOMEM; 1155 tcon = kzalloc(size + 1, GFP_KERNEL); 1156 if (!tcon) 1157 goto out; 1158 1159 length = -EINVAL; 1160 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 1161 goto out; 1162 1163 length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 1164 if (length) 1165 goto out; 1166 1167 length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 1168 if (length) 1169 goto out; 1170 1171 length = security_member_sid(ssid, tsid, tclass, &newsid); 1172 if (length) 1173 goto out; 1174 1175 length = security_sid_to_context(newsid, &newcon, &len); 1176 if (length) 1177 goto out; 1178 1179 length = -ERANGE; 1180 if (len > SIMPLE_TRANSACTION_LIMIT) { 1181 pr_err("SELinux: %s: context size (%u) exceeds " 1182 "payload max\n", __func__, len); 1183 goto out; 1184 } 1185 1186 memcpy(buf, newcon, len); 1187 length = len; 1188 out: 1189 kfree(newcon); 1190 kfree(tcon); 1191 kfree(scon); 1192 return length; 1193 } 1194 1195 static struct inode *sel_make_inode(struct super_block *sb, umode_t mode) 1196 { 1197 struct inode *ret = new_inode(sb); 1198 1199 if (ret) { 1200 ret->i_mode = mode; 1201 simple_inode_init_ts(ret); 1202 } 1203 return ret; 1204 } 1205 1206 static ssize_t sel_read_bool(struct file *filep, char __user *buf, 1207 size_t count, loff_t *ppos) 1208 { 1209 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1210 char *page = NULL; 1211 ssize_t length; 1212 ssize_t ret; 1213 int cur_enforcing; 1214 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 1215 const char *name = filep->f_path.dentry->d_name.name; 1216 1217 mutex_lock(&selinux_state.policy_mutex); 1218 1219 ret = -EINVAL; 1220 if (index >= fsi->bool_num || strcmp(name, 1221 fsi->bool_pending_names[index])) 1222 goto out_unlock; 1223 1224 ret = -ENOMEM; 1225 page = (char *)get_zeroed_page(GFP_KERNEL); 1226 if (!page) 1227 goto out_unlock; 1228 1229 cur_enforcing = security_get_bool_value(index); 1230 if (cur_enforcing < 0) { 1231 ret = cur_enforcing; 1232 goto out_unlock; 1233 } 1234 length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing, 1235 fsi->bool_pending_values[index]); 1236 mutex_unlock(&selinux_state.policy_mutex); 1237 ret = simple_read_from_buffer(buf, count, ppos, page, length); 1238 out_free: 1239 free_page((unsigned long)page); 1240 return ret; 1241 1242 out_unlock: 1243 mutex_unlock(&selinux_state.policy_mutex); 1244 goto out_free; 1245 } 1246 1247 static ssize_t sel_write_bool(struct file *filep, const char __user *buf, 1248 size_t count, loff_t *ppos) 1249 { 1250 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1251 char *page = NULL; 1252 ssize_t length; 1253 int new_value; 1254 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 1255 const char *name = filep->f_path.dentry->d_name.name; 1256 1257 if (count >= PAGE_SIZE) 1258 return -ENOMEM; 1259 1260 /* No partial writes. */ 1261 if (*ppos != 0) 1262 return -EINVAL; 1263 1264 page = memdup_user_nul(buf, count); 1265 if (IS_ERR(page)) 1266 return PTR_ERR(page); 1267 1268 mutex_lock(&selinux_state.policy_mutex); 1269 1270 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1271 SECCLASS_SECURITY, SECURITY__SETBOOL, 1272 NULL); 1273 if (length) 1274 goto out; 1275 1276 length = -EINVAL; 1277 if (index >= fsi->bool_num || strcmp(name, 1278 fsi->bool_pending_names[index])) 1279 goto out; 1280 1281 length = -EINVAL; 1282 if (sscanf(page, "%d", &new_value) != 1) 1283 goto out; 1284 1285 if (new_value) 1286 new_value = 1; 1287 1288 fsi->bool_pending_values[index] = new_value; 1289 length = count; 1290 1291 out: 1292 mutex_unlock(&selinux_state.policy_mutex); 1293 kfree(page); 1294 return length; 1295 } 1296 1297 static const struct file_operations sel_bool_ops = { 1298 .read = sel_read_bool, 1299 .write = sel_write_bool, 1300 .llseek = generic_file_llseek, 1301 }; 1302 1303 static ssize_t sel_commit_bools_write(struct file *filep, 1304 const char __user *buf, 1305 size_t count, loff_t *ppos) 1306 { 1307 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1308 char *page = NULL; 1309 ssize_t length; 1310 int new_value; 1311 1312 if (count >= PAGE_SIZE) 1313 return -ENOMEM; 1314 1315 /* No partial writes. */ 1316 if (*ppos != 0) 1317 return -EINVAL; 1318 1319 page = memdup_user_nul(buf, count); 1320 if (IS_ERR(page)) 1321 return PTR_ERR(page); 1322 1323 mutex_lock(&selinux_state.policy_mutex); 1324 1325 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1326 SECCLASS_SECURITY, SECURITY__SETBOOL, 1327 NULL); 1328 if (length) 1329 goto out; 1330 1331 length = -EINVAL; 1332 if (sscanf(page, "%d", &new_value) != 1) 1333 goto out; 1334 1335 length = 0; 1336 if (new_value && fsi->bool_pending_values) 1337 length = security_set_bools(fsi->bool_num, 1338 fsi->bool_pending_values); 1339 1340 if (!length) 1341 length = count; 1342 1343 out: 1344 mutex_unlock(&selinux_state.policy_mutex); 1345 kfree(page); 1346 return length; 1347 } 1348 1349 static const struct file_operations sel_commit_bools_ops = { 1350 .write = sel_commit_bools_write, 1351 .llseek = generic_file_llseek, 1352 }; 1353 1354 static void sel_remove_entries(struct dentry *de) 1355 { 1356 d_genocide(de); 1357 shrink_dcache_parent(de); 1358 } 1359 1360 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir, 1361 unsigned int *bool_num, char ***bool_pending_names, 1362 int **bool_pending_values) 1363 { 1364 int ret; 1365 ssize_t len; 1366 struct dentry *dentry = NULL; 1367 struct inode *inode = NULL; 1368 struct inode_security_struct *isec; 1369 char **names = NULL, *page; 1370 u32 i, num; 1371 int *values = NULL; 1372 u32 sid; 1373 1374 ret = -ENOMEM; 1375 page = (char *)get_zeroed_page(GFP_KERNEL); 1376 if (!page) 1377 goto out; 1378 1379 ret = security_get_bools(newpolicy, &num, &names, &values); 1380 if (ret) 1381 goto out; 1382 1383 for (i = 0; i < num; i++) { 1384 ret = -ENOMEM; 1385 dentry = d_alloc_name(bool_dir, names[i]); 1386 if (!dentry) 1387 goto out; 1388 1389 ret = -ENOMEM; 1390 inode = sel_make_inode(bool_dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); 1391 if (!inode) { 1392 dput(dentry); 1393 goto out; 1394 } 1395 1396 ret = -ENAMETOOLONG; 1397 len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); 1398 if (len >= PAGE_SIZE) { 1399 dput(dentry); 1400 iput(inode); 1401 goto out; 1402 } 1403 1404 isec = selinux_inode(inode); 1405 ret = selinux_policy_genfs_sid(newpolicy, "selinuxfs", page, 1406 SECCLASS_FILE, &sid); 1407 if (ret) { 1408 pr_warn_ratelimited("SELinux: no sid found, defaulting to security isid for %s\n", 1409 page); 1410 sid = SECINITSID_SECURITY; 1411 } 1412 1413 isec->sid = sid; 1414 isec->initialized = LABEL_INITIALIZED; 1415 inode->i_fop = &sel_bool_ops; 1416 inode->i_ino = i|SEL_BOOL_INO_OFFSET; 1417 d_add(dentry, inode); 1418 } 1419 *bool_num = num; 1420 *bool_pending_names = names; 1421 *bool_pending_values = values; 1422 1423 free_page((unsigned long)page); 1424 return 0; 1425 out: 1426 free_page((unsigned long)page); 1427 1428 if (names) { 1429 for (i = 0; i < num; i++) 1430 kfree(names[i]); 1431 kfree(names); 1432 } 1433 kfree(values); 1434 sel_remove_entries(bool_dir); 1435 1436 return ret; 1437 } 1438 1439 static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, 1440 size_t count, loff_t *ppos) 1441 { 1442 char tmpbuf[TMPBUFLEN]; 1443 ssize_t length; 1444 1445 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 1446 avc_get_cache_threshold()); 1447 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 1448 } 1449 1450 static ssize_t sel_write_avc_cache_threshold(struct file *file, 1451 const char __user *buf, 1452 size_t count, loff_t *ppos) 1453 1454 { 1455 char *page; 1456 ssize_t ret; 1457 unsigned int new_value; 1458 1459 ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, 1460 SECCLASS_SECURITY, SECURITY__SETSECPARAM, 1461 NULL); 1462 if (ret) 1463 return ret; 1464 1465 if (count >= PAGE_SIZE) 1466 return -ENOMEM; 1467 1468 /* No partial writes. */ 1469 if (*ppos != 0) 1470 return -EINVAL; 1471 1472 page = memdup_user_nul(buf, count); 1473 if (IS_ERR(page)) 1474 return PTR_ERR(page); 1475 1476 ret = -EINVAL; 1477 if (sscanf(page, "%u", &new_value) != 1) 1478 goto out; 1479 1480 avc_set_cache_threshold(new_value); 1481 1482 ret = count; 1483 out: 1484 kfree(page); 1485 return ret; 1486 } 1487 1488 static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, 1489 size_t count, loff_t *ppos) 1490 { 1491 char *page; 1492 ssize_t length; 1493 1494 page = (char *)__get_free_page(GFP_KERNEL); 1495 if (!page) 1496 return -ENOMEM; 1497 1498 length = avc_get_hash_stats(page); 1499 if (length >= 0) 1500 length = simple_read_from_buffer(buf, count, ppos, page, length); 1501 free_page((unsigned long)page); 1502 1503 return length; 1504 } 1505 1506 static ssize_t sel_read_sidtab_hash_stats(struct file *filp, char __user *buf, 1507 size_t count, loff_t *ppos) 1508 { 1509 char *page; 1510 ssize_t length; 1511 1512 page = (char *)__get_free_page(GFP_KERNEL); 1513 if (!page) 1514 return -ENOMEM; 1515 1516 length = security_sidtab_hash_stats(page); 1517 if (length >= 0) 1518 length = simple_read_from_buffer(buf, count, ppos, page, 1519 length); 1520 free_page((unsigned long)page); 1521 1522 return length; 1523 } 1524 1525 static const struct file_operations sel_sidtab_hash_stats_ops = { 1526 .read = sel_read_sidtab_hash_stats, 1527 .llseek = generic_file_llseek, 1528 }; 1529 1530 static const struct file_operations sel_avc_cache_threshold_ops = { 1531 .read = sel_read_avc_cache_threshold, 1532 .write = sel_write_avc_cache_threshold, 1533 .llseek = generic_file_llseek, 1534 }; 1535 1536 static const struct file_operations sel_avc_hash_stats_ops = { 1537 .read = sel_read_avc_hash_stats, 1538 .llseek = generic_file_llseek, 1539 }; 1540 1541 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 1542 static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) 1543 { 1544 int cpu; 1545 1546 for (cpu = *idx; cpu < nr_cpu_ids; ++cpu) { 1547 if (!cpu_possible(cpu)) 1548 continue; 1549 *idx = cpu + 1; 1550 return &per_cpu(avc_cache_stats, cpu); 1551 } 1552 (*idx)++; 1553 return NULL; 1554 } 1555 1556 static void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos) 1557 { 1558 loff_t n = *pos - 1; 1559 1560 if (*pos == 0) 1561 return SEQ_START_TOKEN; 1562 1563 return sel_avc_get_stat_idx(&n); 1564 } 1565 1566 static void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos) 1567 { 1568 return sel_avc_get_stat_idx(pos); 1569 } 1570 1571 static int sel_avc_stats_seq_show(struct seq_file *seq, void *v) 1572 { 1573 struct avc_cache_stats *st = v; 1574 1575 if (v == SEQ_START_TOKEN) { 1576 seq_puts(seq, 1577 "lookups hits misses allocations reclaims frees\n"); 1578 } else { 1579 unsigned int lookups = st->lookups; 1580 unsigned int misses = st->misses; 1581 unsigned int hits = lookups - misses; 1582 seq_printf(seq, "%u %u %u %u %u %u\n", lookups, 1583 hits, misses, st->allocations, 1584 st->reclaims, st->frees); 1585 } 1586 return 0; 1587 } 1588 1589 static void sel_avc_stats_seq_stop(struct seq_file *seq, void *v) 1590 { } 1591 1592 static const struct seq_operations sel_avc_cache_stats_seq_ops = { 1593 .start = sel_avc_stats_seq_start, 1594 .next = sel_avc_stats_seq_next, 1595 .show = sel_avc_stats_seq_show, 1596 .stop = sel_avc_stats_seq_stop, 1597 }; 1598 1599 static int sel_open_avc_cache_stats(struct inode *inode, struct file *file) 1600 { 1601 return seq_open(file, &sel_avc_cache_stats_seq_ops); 1602 } 1603 1604 static const struct file_operations sel_avc_cache_stats_ops = { 1605 .open = sel_open_avc_cache_stats, 1606 .read = seq_read, 1607 .llseek = seq_lseek, 1608 .release = seq_release, 1609 }; 1610 #endif 1611 1612 static int sel_make_avc_files(struct dentry *dir) 1613 { 1614 struct super_block *sb = dir->d_sb; 1615 struct selinux_fs_info *fsi = sb->s_fs_info; 1616 unsigned int i; 1617 static const struct tree_descr files[] = { 1618 { "cache_threshold", 1619 &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, 1620 { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, 1621 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 1622 { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, 1623 #endif 1624 }; 1625 1626 for (i = 0; i < ARRAY_SIZE(files); i++) { 1627 struct inode *inode; 1628 struct dentry *dentry; 1629 1630 dentry = d_alloc_name(dir, files[i].name); 1631 if (!dentry) 1632 return -ENOMEM; 1633 1634 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); 1635 if (!inode) { 1636 dput(dentry); 1637 return -ENOMEM; 1638 } 1639 1640 inode->i_fop = files[i].ops; 1641 inode->i_ino = ++fsi->last_ino; 1642 d_add(dentry, inode); 1643 } 1644 1645 return 0; 1646 } 1647 1648 static int sel_make_ss_files(struct dentry *dir) 1649 { 1650 struct super_block *sb = dir->d_sb; 1651 struct selinux_fs_info *fsi = sb->s_fs_info; 1652 unsigned int i; 1653 static const struct tree_descr files[] = { 1654 { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO }, 1655 }; 1656 1657 for (i = 0; i < ARRAY_SIZE(files); i++) { 1658 struct inode *inode; 1659 struct dentry *dentry; 1660 1661 dentry = d_alloc_name(dir, files[i].name); 1662 if (!dentry) 1663 return -ENOMEM; 1664 1665 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); 1666 if (!inode) { 1667 dput(dentry); 1668 return -ENOMEM; 1669 } 1670 1671 inode->i_fop = files[i].ops; 1672 inode->i_ino = ++fsi->last_ino; 1673 d_add(dentry, inode); 1674 } 1675 1676 return 0; 1677 } 1678 1679 static ssize_t sel_read_initcon(struct file *file, char __user *buf, 1680 size_t count, loff_t *ppos) 1681 { 1682 char *con; 1683 u32 sid, len; 1684 ssize_t ret; 1685 1686 sid = file_inode(file)->i_ino&SEL_INO_MASK; 1687 ret = security_sid_to_context(sid, &con, &len); 1688 if (ret) 1689 return ret; 1690 1691 ret = simple_read_from_buffer(buf, count, ppos, con, len); 1692 kfree(con); 1693 return ret; 1694 } 1695 1696 static const struct file_operations sel_initcon_ops = { 1697 .read = sel_read_initcon, 1698 .llseek = generic_file_llseek, 1699 }; 1700 1701 static int sel_make_initcon_files(struct dentry *dir) 1702 { 1703 unsigned int i; 1704 1705 for (i = 1; i <= SECINITSID_NUM; i++) { 1706 struct inode *inode; 1707 struct dentry *dentry; 1708 const char *s = security_get_initial_sid_context(i); 1709 1710 if (!s) 1711 continue; 1712 dentry = d_alloc_name(dir, s); 1713 if (!dentry) 1714 return -ENOMEM; 1715 1716 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 1717 if (!inode) { 1718 dput(dentry); 1719 return -ENOMEM; 1720 } 1721 1722 inode->i_fop = &sel_initcon_ops; 1723 inode->i_ino = i|SEL_INITCON_INO_OFFSET; 1724 d_add(dentry, inode); 1725 } 1726 1727 return 0; 1728 } 1729 1730 static inline unsigned long sel_class_to_ino(u16 class) 1731 { 1732 return (class * (SEL_VEC_MAX + 1)) | SEL_CLASS_INO_OFFSET; 1733 } 1734 1735 static inline u16 sel_ino_to_class(unsigned long ino) 1736 { 1737 return (ino & SEL_INO_MASK) / (SEL_VEC_MAX + 1); 1738 } 1739 1740 static inline unsigned long sel_perm_to_ino(u16 class, u32 perm) 1741 { 1742 return (class * (SEL_VEC_MAX + 1) + perm) | SEL_CLASS_INO_OFFSET; 1743 } 1744 1745 static inline u32 sel_ino_to_perm(unsigned long ino) 1746 { 1747 return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); 1748 } 1749 1750 static ssize_t sel_read_class(struct file *file, char __user *buf, 1751 size_t count, loff_t *ppos) 1752 { 1753 unsigned long ino = file_inode(file)->i_ino; 1754 char res[TMPBUFLEN]; 1755 ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_class(ino)); 1756 return simple_read_from_buffer(buf, count, ppos, res, len); 1757 } 1758 1759 static const struct file_operations sel_class_ops = { 1760 .read = sel_read_class, 1761 .llseek = generic_file_llseek, 1762 }; 1763 1764 static ssize_t sel_read_perm(struct file *file, char __user *buf, 1765 size_t count, loff_t *ppos) 1766 { 1767 unsigned long ino = file_inode(file)->i_ino; 1768 char res[TMPBUFLEN]; 1769 ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_perm(ino)); 1770 return simple_read_from_buffer(buf, count, ppos, res, len); 1771 } 1772 1773 static const struct file_operations sel_perm_ops = { 1774 .read = sel_read_perm, 1775 .llseek = generic_file_llseek, 1776 }; 1777 1778 static ssize_t sel_read_policycap(struct file *file, char __user *buf, 1779 size_t count, loff_t *ppos) 1780 { 1781 int value; 1782 char tmpbuf[TMPBUFLEN]; 1783 ssize_t length; 1784 unsigned long i_ino = file_inode(file)->i_ino; 1785 1786 value = security_policycap_supported(i_ino & SEL_INO_MASK); 1787 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", value); 1788 1789 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 1790 } 1791 1792 static const struct file_operations sel_policycap_ops = { 1793 .read = sel_read_policycap, 1794 .llseek = generic_file_llseek, 1795 }; 1796 1797 static int sel_make_perm_files(struct selinux_policy *newpolicy, 1798 char *objclass, int classvalue, 1799 struct dentry *dir) 1800 { 1801 u32 i, nperms; 1802 int rc; 1803 char **perms; 1804 1805 rc = security_get_permissions(newpolicy, objclass, &perms, &nperms); 1806 if (rc) 1807 return rc; 1808 1809 for (i = 0; i < nperms; i++) { 1810 struct inode *inode; 1811 struct dentry *dentry; 1812 1813 rc = -ENOMEM; 1814 dentry = d_alloc_name(dir, perms[i]); 1815 if (!dentry) 1816 goto out; 1817 1818 rc = -ENOMEM; 1819 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 1820 if (!inode) { 1821 dput(dentry); 1822 goto out; 1823 } 1824 1825 inode->i_fop = &sel_perm_ops; 1826 /* i+1 since perm values are 1-indexed */ 1827 inode->i_ino = sel_perm_to_ino(classvalue, i + 1); 1828 d_add(dentry, inode); 1829 } 1830 rc = 0; 1831 out: 1832 for (i = 0; i < nperms; i++) 1833 kfree(perms[i]); 1834 kfree(perms); 1835 return rc; 1836 } 1837 1838 static int sel_make_class_dir_entries(struct selinux_policy *newpolicy, 1839 char *classname, int index, 1840 struct dentry *dir) 1841 { 1842 struct super_block *sb = dir->d_sb; 1843 struct selinux_fs_info *fsi = sb->s_fs_info; 1844 struct dentry *dentry = NULL; 1845 struct inode *inode = NULL; 1846 1847 dentry = d_alloc_name(dir, "index"); 1848 if (!dentry) 1849 return -ENOMEM; 1850 1851 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 1852 if (!inode) { 1853 dput(dentry); 1854 return -ENOMEM; 1855 } 1856 1857 inode->i_fop = &sel_class_ops; 1858 inode->i_ino = sel_class_to_ino(index); 1859 d_add(dentry, inode); 1860 1861 dentry = sel_make_dir(dir, "perms", &fsi->last_class_ino); 1862 if (IS_ERR(dentry)) 1863 return PTR_ERR(dentry); 1864 1865 return sel_make_perm_files(newpolicy, classname, index, dentry); 1866 } 1867 1868 static int sel_make_classes(struct selinux_policy *newpolicy, 1869 struct dentry *class_dir, 1870 unsigned long *last_class_ino) 1871 { 1872 u32 i, nclasses; 1873 int rc; 1874 char **classes; 1875 1876 rc = security_get_classes(newpolicy, &classes, &nclasses); 1877 if (rc) 1878 return rc; 1879 1880 /* +2 since classes are 1-indexed */ 1881 *last_class_ino = sel_class_to_ino(nclasses + 2); 1882 1883 for (i = 0; i < nclasses; i++) { 1884 struct dentry *class_name_dir; 1885 1886 class_name_dir = sel_make_dir(class_dir, classes[i], 1887 last_class_ino); 1888 if (IS_ERR(class_name_dir)) { 1889 rc = PTR_ERR(class_name_dir); 1890 goto out; 1891 } 1892 1893 /* i+1 since class values are 1-indexed */ 1894 rc = sel_make_class_dir_entries(newpolicy, classes[i], i + 1, 1895 class_name_dir); 1896 if (rc) 1897 goto out; 1898 } 1899 rc = 0; 1900 out: 1901 for (i = 0; i < nclasses; i++) 1902 kfree(classes[i]); 1903 kfree(classes); 1904 return rc; 1905 } 1906 1907 static int sel_make_policycap(struct selinux_fs_info *fsi) 1908 { 1909 unsigned int iter; 1910 struct dentry *dentry = NULL; 1911 struct inode *inode = NULL; 1912 1913 for (iter = 0; iter <= POLICYDB_CAP_MAX; iter++) { 1914 if (iter < ARRAY_SIZE(selinux_policycap_names)) 1915 dentry = d_alloc_name(fsi->policycap_dir, 1916 selinux_policycap_names[iter]); 1917 else 1918 dentry = d_alloc_name(fsi->policycap_dir, "unknown"); 1919 1920 if (dentry == NULL) 1921 return -ENOMEM; 1922 1923 inode = sel_make_inode(fsi->sb, S_IFREG | 0444); 1924 if (inode == NULL) { 1925 dput(dentry); 1926 return -ENOMEM; 1927 } 1928 1929 inode->i_fop = &sel_policycap_ops; 1930 inode->i_ino = iter | SEL_POLICYCAP_INO_OFFSET; 1931 d_add(dentry, inode); 1932 } 1933 1934 return 0; 1935 } 1936 1937 static struct dentry *sel_make_dir(struct dentry *dir, const char *name, 1938 unsigned long *ino) 1939 { 1940 struct dentry *dentry = d_alloc_name(dir, name); 1941 struct inode *inode; 1942 1943 if (!dentry) 1944 return ERR_PTR(-ENOMEM); 1945 1946 inode = sel_make_inode(dir->d_sb, S_IFDIR | S_IRUGO | S_IXUGO); 1947 if (!inode) { 1948 dput(dentry); 1949 return ERR_PTR(-ENOMEM); 1950 } 1951 1952 inode->i_op = &simple_dir_inode_operations; 1953 inode->i_fop = &simple_dir_operations; 1954 inode->i_ino = ++(*ino); 1955 /* directory inodes start off with i_nlink == 2 (for "." entry) */ 1956 inc_nlink(inode); 1957 d_add(dentry, inode); 1958 /* bump link count on parent directory, too */ 1959 inc_nlink(d_inode(dir)); 1960 1961 return dentry; 1962 } 1963 1964 static struct dentry *sel_make_disconnected_dir(struct super_block *sb, 1965 unsigned long *ino) 1966 { 1967 struct inode *inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO); 1968 1969 if (!inode) 1970 return ERR_PTR(-ENOMEM); 1971 1972 inode->i_op = &simple_dir_inode_operations; 1973 inode->i_fop = &simple_dir_operations; 1974 inode->i_ino = ++(*ino); 1975 /* directory inodes start off with i_nlink == 2 (for "." entry) */ 1976 inc_nlink(inode); 1977 return d_obtain_alias(inode); 1978 } 1979 1980 #define NULL_FILE_NAME "null" 1981 1982 static int sel_fill_super(struct super_block *sb, struct fs_context *fc) 1983 { 1984 struct selinux_fs_info *fsi; 1985 int ret; 1986 struct dentry *dentry; 1987 struct inode *inode; 1988 struct inode_security_struct *isec; 1989 1990 static const struct tree_descr selinux_files[] = { 1991 [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR}, 1992 [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR}, 1993 [SEL_CONTEXT] = {"context", &transaction_ops, S_IRUGO|S_IWUGO}, 1994 [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO}, 1995 [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, 1996 [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, 1997 [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, 1998 [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, 1999 [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR}, 2000 [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO}, 2001 [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR}, 2002 [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO}, 2003 [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR}, 2004 [SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO}, 2005 [SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO}, 2006 [SEL_STATUS] = {"status", &sel_handle_status_ops, S_IRUGO}, 2007 [SEL_POLICY] = {"policy", &sel_policy_ops, S_IRUGO}, 2008 [SEL_VALIDATE_TRANS] = {"validatetrans", &sel_transition_ops, 2009 S_IWUGO}, 2010 /* last one */ {""} 2011 }; 2012 2013 ret = selinux_fs_info_create(sb); 2014 if (ret) 2015 goto err; 2016 2017 ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files); 2018 if (ret) 2019 goto err; 2020 2021 fsi = sb->s_fs_info; 2022 fsi->bool_dir = sel_make_dir(sb->s_root, BOOL_DIR_NAME, &fsi->last_ino); 2023 if (IS_ERR(fsi->bool_dir)) { 2024 ret = PTR_ERR(fsi->bool_dir); 2025 fsi->bool_dir = NULL; 2026 goto err; 2027 } 2028 2029 ret = -ENOMEM; 2030 dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME); 2031 if (!dentry) 2032 goto err; 2033 2034 ret = -ENOMEM; 2035 inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); 2036 if (!inode) { 2037 dput(dentry); 2038 goto err; 2039 } 2040 2041 inode->i_ino = ++fsi->last_ino; 2042 isec = selinux_inode(inode); 2043 isec->sid = SECINITSID_DEVNULL; 2044 isec->sclass = SECCLASS_CHR_FILE; 2045 isec->initialized = LABEL_INITIALIZED; 2046 2047 init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); 2048 d_add(dentry, inode); 2049 2050 dentry = sel_make_dir(sb->s_root, "avc", &fsi->last_ino); 2051 if (IS_ERR(dentry)) { 2052 ret = PTR_ERR(dentry); 2053 goto err; 2054 } 2055 2056 ret = sel_make_avc_files(dentry); 2057 if (ret) 2058 goto err; 2059 2060 dentry = sel_make_dir(sb->s_root, "ss", &fsi->last_ino); 2061 if (IS_ERR(dentry)) { 2062 ret = PTR_ERR(dentry); 2063 goto err; 2064 } 2065 2066 ret = sel_make_ss_files(dentry); 2067 if (ret) 2068 goto err; 2069 2070 dentry = sel_make_dir(sb->s_root, "initial_contexts", &fsi->last_ino); 2071 if (IS_ERR(dentry)) { 2072 ret = PTR_ERR(dentry); 2073 goto err; 2074 } 2075 2076 ret = sel_make_initcon_files(dentry); 2077 if (ret) 2078 goto err; 2079 2080 fsi->class_dir = sel_make_dir(sb->s_root, CLASS_DIR_NAME, &fsi->last_ino); 2081 if (IS_ERR(fsi->class_dir)) { 2082 ret = PTR_ERR(fsi->class_dir); 2083 fsi->class_dir = NULL; 2084 goto err; 2085 } 2086 2087 fsi->policycap_dir = sel_make_dir(sb->s_root, POLICYCAP_DIR_NAME, 2088 &fsi->last_ino); 2089 if (IS_ERR(fsi->policycap_dir)) { 2090 ret = PTR_ERR(fsi->policycap_dir); 2091 fsi->policycap_dir = NULL; 2092 goto err; 2093 } 2094 2095 ret = sel_make_policycap(fsi); 2096 if (ret) { 2097 pr_err("SELinux: failed to load policy capabilities\n"); 2098 goto err; 2099 } 2100 2101 return 0; 2102 err: 2103 pr_err("SELinux: %s: failed while creating inodes\n", 2104 __func__); 2105 2106 selinux_fs_info_free(sb); 2107 2108 return ret; 2109 } 2110 2111 static int sel_get_tree(struct fs_context *fc) 2112 { 2113 return get_tree_single(fc, sel_fill_super); 2114 } 2115 2116 static const struct fs_context_operations sel_context_ops = { 2117 .get_tree = sel_get_tree, 2118 }; 2119 2120 static int sel_init_fs_context(struct fs_context *fc) 2121 { 2122 fc->ops = &sel_context_ops; 2123 return 0; 2124 } 2125 2126 static void sel_kill_sb(struct super_block *sb) 2127 { 2128 selinux_fs_info_free(sb); 2129 kill_litter_super(sb); 2130 } 2131 2132 static struct file_system_type sel_fs_type = { 2133 .name = "selinuxfs", 2134 .init_fs_context = sel_init_fs_context, 2135 .kill_sb = sel_kill_sb, 2136 }; 2137 2138 static struct vfsmount *selinuxfs_mount __ro_after_init; 2139 struct path selinux_null __ro_after_init; 2140 2141 static int __init init_sel_fs(void) 2142 { 2143 struct qstr null_name = QSTR_INIT(NULL_FILE_NAME, 2144 sizeof(NULL_FILE_NAME)-1); 2145 int err; 2146 2147 if (!selinux_enabled_boot) 2148 return 0; 2149 2150 err = sysfs_create_mount_point(fs_kobj, "selinux"); 2151 if (err) 2152 return err; 2153 2154 err = register_filesystem(&sel_fs_type); 2155 if (err) { 2156 sysfs_remove_mount_point(fs_kobj, "selinux"); 2157 return err; 2158 } 2159 2160 selinux_null.mnt = selinuxfs_mount = kern_mount(&sel_fs_type); 2161 if (IS_ERR(selinuxfs_mount)) { 2162 pr_err("selinuxfs: could not mount!\n"); 2163 err = PTR_ERR(selinuxfs_mount); 2164 selinuxfs_mount = NULL; 2165 } 2166 selinux_null.dentry = d_hash_and_lookup(selinux_null.mnt->mnt_root, 2167 &null_name); 2168 if (IS_ERR(selinux_null.dentry)) { 2169 pr_err("selinuxfs: could not lookup null!\n"); 2170 err = PTR_ERR(selinux_null.dentry); 2171 selinux_null.dentry = NULL; 2172 } 2173 2174 return err; 2175 } 2176 2177 __initcall(init_sel_fs); 2178