1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 4 * 5 * Authors: 6 * Casey Schaufler <casey@schaufler-ca.com> 7 * Ahmed S. Darwish <darwish.07@gmail.com> 8 * 9 * Special thanks to the authors of selinuxfs. 10 * 11 * Karl MacMillan <kmacmillan@tresys.com> 12 * James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/vmalloc.h> 17 #include <linux/security.h> 18 #include <linux/mutex.h> 19 #include <linux/slab.h> 20 #include <net/net_namespace.h> 21 #include <net/cipso_ipv4.h> 22 #include <linux/seq_file.h> 23 #include <linux/ctype.h> 24 #include <linux/audit.h> 25 #include <linux/magic.h> 26 #include <linux/mount.h> 27 #include <linux/fs_context.h> 28 #include "smack.h" 29 30 #define BEBITS (sizeof(__be32) * 8) 31 /* 32 * smackfs pseudo filesystem. 33 */ 34 35 enum smk_inos { 36 SMK_ROOT_INO = 2, 37 SMK_LOAD = 3, /* load policy */ 38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 39 SMK_DOI = 5, /* CIPSO DOI */ 40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 41 SMK_AMBIENT = 7, /* internet ambient label */ 42 SMK_NET4ADDR = 8, /* single label hosts */ 43 SMK_ONLYCAP = 9, /* the only "capable" label */ 44 SMK_LOGGING = 10, /* logging */ 45 SMK_LOAD_SELF = 11, /* task specific rules */ 46 SMK_ACCESSES = 12, /* access policy */ 47 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 48 SMK_LOAD2 = 14, /* load policy with long labels */ 49 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 50 SMK_ACCESS2 = 16, /* make an access check with long labels */ 51 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 52 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 53 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 54 SMK_SYSLOG = 20, /* change syslog label) */ 55 SMK_PTRACE = 21, /* set ptrace rule */ 56 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 57 SMK_UNCONFINED = 22, /* define an unconfined label */ 58 #endif 59 #if IS_ENABLED(CONFIG_IPV6) 60 SMK_NET6ADDR = 23, /* single label IPv6 hosts */ 61 #endif /* CONFIG_IPV6 */ 62 SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */ 63 }; 64 65 /* 66 * List locks 67 */ 68 static DEFINE_MUTEX(smack_cipso_lock); 69 static DEFINE_MUTEX(smack_ambient_lock); 70 static DEFINE_MUTEX(smk_net4addr_lock); 71 #if IS_ENABLED(CONFIG_IPV6) 72 static DEFINE_MUTEX(smk_net6addr_lock); 73 #endif /* CONFIG_IPV6 */ 74 75 /* 76 * This is the "ambient" label for network traffic. 77 * If it isn't somehow marked, use this. 78 * It can be reset via smackfs/ambient 79 */ 80 struct smack_known *smack_net_ambient; 81 82 /* 83 * This is the level in a CIPSO header that indicates a 84 * smack label is contained directly in the category set. 85 * It can be reset via smackfs/direct 86 */ 87 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 88 89 /* 90 * This is the level in a CIPSO header that indicates a 91 * secid is contained directly in the category set. 92 * It can be reset via smackfs/mapped 93 */ 94 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 95 96 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 97 /* 98 * Allow one label to be unconfined. This is for 99 * debugging and application bring-up purposes only. 100 * It is bad and wrong, but everyone seems to expect 101 * to have it. 102 */ 103 struct smack_known *smack_unconfined; 104 #endif 105 106 /* 107 * If this value is set restrict syslog use to the label specified. 108 * It can be reset via smackfs/syslog 109 */ 110 struct smack_known *smack_syslog_label; 111 112 /* 113 * Ptrace current rule 114 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 115 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 116 * CAP_SYS_PTRACE 117 * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect 118 */ 119 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 120 121 /* 122 * Certain IP addresses may be designated as single label hosts. 123 * Packets are sent there unlabeled, but only from tasks that 124 * can write to the specified label. 125 */ 126 127 LIST_HEAD(smk_net4addr_list); 128 #if IS_ENABLED(CONFIG_IPV6) 129 LIST_HEAD(smk_net6addr_list); 130 #endif /* CONFIG_IPV6 */ 131 132 /* 133 * Rule lists are maintained for each label. 134 */ 135 struct smack_parsed_rule { 136 struct smack_known *smk_subject; 137 struct smack_known *smk_object; 138 int smk_access1; 139 int smk_access2; 140 }; 141 142 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 143 144 /* 145 * Values for parsing cipso rules 146 * SMK_DIGITLEN: Length of a digit field in a rule. 147 * SMK_CIPSOMIN: Minimum possible cipso rule length. 148 * SMK_CIPSOMAX: Maximum possible cipso rule length. 149 */ 150 #define SMK_DIGITLEN 4 151 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 152 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 153 154 /* 155 * Values for parsing MAC rules 156 * SMK_ACCESS: Maximum possible combination of access permissions 157 * SMK_ACCESSLEN: Maximum length for a rule access field 158 * SMK_LOADLEN: Smack rule length 159 */ 160 #define SMK_OACCESS "rwxa" 161 #define SMK_ACCESS "rwxatl" 162 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 163 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 164 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 165 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 166 167 /* 168 * Stricly for CIPSO level manipulation. 169 * Set the category bit number in a smack label sized buffer. 170 */ 171 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 172 { 173 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 174 return; 175 176 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 177 } 178 179 /** 180 * smk_netlabel_audit_set - fill a netlbl_audit struct 181 * @nap: structure to fill 182 */ 183 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 184 { 185 nap->loginuid = audit_get_loginuid(current); 186 nap->sessionid = audit_get_sessionid(current); 187 nap->prop.smack.skp = smk_of_current(); 188 } 189 190 /* 191 * Value for parsing single label host rules 192 * "1.2.3.4 X" 193 */ 194 #define SMK_NETLBLADDRMIN 9 195 196 /** 197 * smk_set_access - add a rule to the rule list or replace an old rule 198 * @srp: the rule to add or replace 199 * @rule_list: the list of rules 200 * @rule_lock: the rule list lock 201 * 202 * Looks through the current subject/object/access list for 203 * the subject/object pair and replaces the access that was 204 * there. If the pair isn't found add it with the specified 205 * access. 206 * 207 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 208 * during the allocation of the new pair to add. 209 */ 210 static int smk_set_access(struct smack_parsed_rule *srp, 211 struct list_head *rule_list, 212 struct mutex *rule_lock) 213 { 214 struct smack_rule *sp; 215 int found = 0; 216 int rc = 0; 217 218 mutex_lock(rule_lock); 219 220 /* 221 * Because the object label is less likely to match 222 * than the subject label check it first 223 */ 224 list_for_each_entry_rcu(sp, rule_list, list) { 225 if (sp->smk_object == srp->smk_object && 226 sp->smk_subject == srp->smk_subject) { 227 found = 1; 228 sp->smk_access |= srp->smk_access1; 229 sp->smk_access &= ~srp->smk_access2; 230 break; 231 } 232 } 233 234 if (found == 0) { 235 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); 236 if (sp == NULL) { 237 rc = -ENOMEM; 238 goto out; 239 } 240 241 sp->smk_subject = srp->smk_subject; 242 sp->smk_object = srp->smk_object; 243 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 244 245 list_add_rcu(&sp->list, rule_list); 246 } 247 248 out: 249 mutex_unlock(rule_lock); 250 return rc; 251 } 252 253 /** 254 * smk_perm_from_str - parse smack accesses from a text string 255 * @string: a text string that contains a Smack accesses code 256 * 257 * Returns an integer with respective bits set for specified accesses. 258 */ 259 static int smk_perm_from_str(const char *string) 260 { 261 int perm = 0; 262 const char *cp; 263 264 for (cp = string; ; cp++) 265 switch (*cp) { 266 case '-': 267 break; 268 case 'r': 269 case 'R': 270 perm |= MAY_READ; 271 break; 272 case 'w': 273 case 'W': 274 perm |= MAY_WRITE; 275 break; 276 case 'x': 277 case 'X': 278 perm |= MAY_EXEC; 279 break; 280 case 'a': 281 case 'A': 282 perm |= MAY_APPEND; 283 break; 284 case 't': 285 case 'T': 286 perm |= MAY_TRANSMUTE; 287 break; 288 case 'l': 289 case 'L': 290 perm |= MAY_LOCK; 291 break; 292 case 'b': 293 case 'B': 294 perm |= MAY_BRINGUP; 295 break; 296 default: 297 return perm; 298 } 299 } 300 301 /** 302 * smk_fill_rule - Fill Smack rule from strings 303 * @subject: subject label string 304 * @object: object label string 305 * @access1: access string 306 * @access2: string with permissions to be removed 307 * @rule: Smack rule 308 * @import: if non-zero, import labels 309 * @len: label length limit 310 * 311 * Returns 0 on success, appropriate error code on failure. 312 */ 313 static int smk_fill_rule(const char *subject, const char *object, 314 const char *access1, const char *access2, 315 struct smack_parsed_rule *rule, int import, 316 int len) 317 { 318 const char *cp; 319 struct smack_known *skp; 320 321 if (import) { 322 rule->smk_subject = smk_import_entry(subject, len); 323 if (IS_ERR(rule->smk_subject)) 324 return PTR_ERR(rule->smk_subject); 325 326 rule->smk_object = smk_import_entry(object, len); 327 if (IS_ERR(rule->smk_object)) 328 return PTR_ERR(rule->smk_object); 329 } else { 330 cp = smk_parse_smack(subject, len); 331 if (IS_ERR(cp)) 332 return PTR_ERR(cp); 333 skp = smk_find_entry(cp); 334 kfree(cp); 335 if (skp == NULL) 336 return -ENOENT; 337 rule->smk_subject = skp; 338 339 cp = smk_parse_smack(object, len); 340 if (IS_ERR(cp)) 341 return PTR_ERR(cp); 342 skp = smk_find_entry(cp); 343 kfree(cp); 344 if (skp == NULL) 345 return -ENOENT; 346 rule->smk_object = skp; 347 } 348 349 rule->smk_access1 = smk_perm_from_str(access1); 350 if (access2) 351 rule->smk_access2 = smk_perm_from_str(access2); 352 else 353 rule->smk_access2 = ~rule->smk_access1; 354 355 return 0; 356 } 357 358 /** 359 * smk_parse_rule - parse Smack rule from load string 360 * @data: string to be parsed whose size is SMK_LOADLEN 361 * @rule: Smack rule 362 * @import: if non-zero, import labels 363 * 364 * Returns 0 on success, -1 on errors. 365 */ 366 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 367 int import) 368 { 369 int rc; 370 371 rc = smk_fill_rule(data, data + SMK_LABELLEN, 372 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 373 import, SMK_LABELLEN); 374 return rc; 375 } 376 377 /** 378 * smk_parse_long_rule - parse Smack rule from rule string 379 * @data: string to be parsed, null terminated 380 * @rule: Will be filled with Smack parsed rule 381 * @import: if non-zero, import labels 382 * @tokens: number of substrings expected in data 383 * 384 * Returns number of processed bytes on success, -ERRNO on failure. 385 */ 386 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 387 int import, int tokens) 388 { 389 ssize_t cnt = 0; 390 char *tok[4]; 391 int rc; 392 int i; 393 394 /* 395 * Parsing the rule in-place, filling all white-spaces with '\0' 396 */ 397 for (i = 0; i < tokens; ++i) { 398 while (isspace(data[cnt])) 399 data[cnt++] = '\0'; 400 401 if (data[cnt] == '\0') 402 /* Unexpected end of data */ 403 return -EINVAL; 404 405 tok[i] = data + cnt; 406 407 while (data[cnt] && !isspace(data[cnt])) 408 ++cnt; 409 } 410 while (isspace(data[cnt])) 411 data[cnt++] = '\0'; 412 413 while (i < 4) 414 tok[i++] = NULL; 415 416 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 417 return rc == 0 ? cnt : rc; 418 } 419 420 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 421 #define SMK_LONG_FMT 1 /* Variable long label format */ 422 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 423 /** 424 * smk_write_rules_list - write() for any /smack rule file 425 * @file: file pointer, not actually used 426 * @buf: where to get the data from 427 * @count: bytes sent 428 * @ppos: where to start - must be 0 429 * @rule_list: the list of rules to write to 430 * @rule_lock: lock for the rule list 431 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 432 * 433 * Get one smack access rule from above. 434 * The format for SMK_LONG_FMT is: 435 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 436 * The format for SMK_FIXED24_FMT is exactly: 437 * "subject object rwxat" 438 * The format for SMK_CHANGE_FMT is: 439 * "subject<whitespace>object<whitespace> 440 * acc_enable<whitespace>acc_disable[<whitespace>...]" 441 */ 442 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 443 size_t count, loff_t *ppos, 444 struct list_head *rule_list, 445 struct mutex *rule_lock, int format) 446 { 447 struct smack_parsed_rule rule; 448 char *data; 449 int rc; 450 int trunc = 0; 451 int tokens; 452 ssize_t cnt = 0; 453 454 /* 455 * No partial writes. 456 * Enough data must be present. 457 */ 458 if (*ppos != 0) 459 return -EINVAL; 460 461 if (format == SMK_FIXED24_FMT) { 462 /* 463 * Minor hack for backward compatibility 464 */ 465 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 466 return -EINVAL; 467 } else { 468 if (count >= PAGE_SIZE) { 469 count = PAGE_SIZE - 1; 470 trunc = 1; 471 } 472 } 473 474 data = memdup_user_nul(buf, count); 475 if (IS_ERR(data)) 476 return PTR_ERR(data); 477 478 /* 479 * In case of parsing only part of user buf, 480 * avoid having partial rule at the data buffer 481 */ 482 if (trunc) { 483 while (count > 0 && (data[count - 1] != '\n')) 484 --count; 485 if (count == 0) { 486 rc = -EINVAL; 487 goto out; 488 } 489 } 490 491 data[count] = '\0'; 492 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 493 while (cnt < count) { 494 if (format == SMK_FIXED24_FMT) { 495 rc = smk_parse_rule(data, &rule, 1); 496 if (rc < 0) 497 goto out; 498 cnt = count; 499 } else { 500 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 501 if (rc < 0) 502 goto out; 503 if (rc == 0) { 504 rc = -EINVAL; 505 goto out; 506 } 507 cnt += rc; 508 } 509 510 if (rule_list == NULL) 511 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 512 &rule.smk_subject->smk_rules_lock); 513 else 514 rc = smk_set_access(&rule, rule_list, rule_lock); 515 516 if (rc) 517 goto out; 518 } 519 520 rc = cnt; 521 out: 522 kfree(data); 523 return rc; 524 } 525 526 /* 527 * Core logic for smackfs seq list operations. 528 */ 529 530 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 531 struct list_head *head) 532 { 533 struct list_head *list; 534 int i = *pos; 535 536 rcu_read_lock(); 537 for (list = rcu_dereference(list_next_rcu(head)); 538 list != head; 539 list = rcu_dereference(list_next_rcu(list))) { 540 if (i-- == 0) 541 return list; 542 } 543 544 return NULL; 545 } 546 547 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 548 struct list_head *head) 549 { 550 struct list_head *list = v; 551 552 ++*pos; 553 list = rcu_dereference(list_next_rcu(list)); 554 555 return (list == head) ? NULL : list; 556 } 557 558 static void smk_seq_stop(struct seq_file *s, void *v) 559 { 560 rcu_read_unlock(); 561 } 562 563 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 564 { 565 /* 566 * Don't show any rules with label names too long for 567 * interface file (/smack/load or /smack/load2) 568 * because you should expect to be able to write 569 * anything you read back. 570 */ 571 if (strlen(srp->smk_subject->smk_known) >= max || 572 strlen(srp->smk_object->smk_known) >= max) 573 return; 574 575 if (srp->smk_access == 0) 576 return; 577 578 seq_printf(s, "%s %s", 579 srp->smk_subject->smk_known, 580 srp->smk_object->smk_known); 581 582 seq_putc(s, ' '); 583 584 if (srp->smk_access & MAY_READ) 585 seq_putc(s, 'r'); 586 if (srp->smk_access & MAY_WRITE) 587 seq_putc(s, 'w'); 588 if (srp->smk_access & MAY_EXEC) 589 seq_putc(s, 'x'); 590 if (srp->smk_access & MAY_APPEND) 591 seq_putc(s, 'a'); 592 if (srp->smk_access & MAY_TRANSMUTE) 593 seq_putc(s, 't'); 594 if (srp->smk_access & MAY_LOCK) 595 seq_putc(s, 'l'); 596 if (srp->smk_access & MAY_BRINGUP) 597 seq_putc(s, 'b'); 598 599 seq_putc(s, '\n'); 600 } 601 602 /* 603 * Seq_file read operations for /smack/load 604 */ 605 606 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 607 { 608 return smk_seq_start(s, pos, &smack_known_list); 609 } 610 611 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 612 { 613 return smk_seq_next(s, v, pos, &smack_known_list); 614 } 615 616 static int load_seq_show(struct seq_file *s, void *v) 617 { 618 struct list_head *list = v; 619 struct smack_rule *srp; 620 struct smack_known *skp = 621 list_entry_rcu(list, struct smack_known, list); 622 623 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 624 smk_rule_show(s, srp, SMK_LABELLEN); 625 626 return 0; 627 } 628 629 static const struct seq_operations load_seq_ops = { 630 .start = load2_seq_start, 631 .next = load2_seq_next, 632 .show = load_seq_show, 633 .stop = smk_seq_stop, 634 }; 635 636 /** 637 * smk_open_load - open() for /smack/load 638 * @inode: inode structure representing file 639 * @file: "load" file pointer 640 * 641 * For reading, use load_seq_* seq_file reading operations. 642 */ 643 static int smk_open_load(struct inode *inode, struct file *file) 644 { 645 return seq_open(file, &load_seq_ops); 646 } 647 648 /** 649 * smk_write_load - write() for /smack/load 650 * @file: file pointer, not actually used 651 * @buf: where to get the data from 652 * @count: bytes sent 653 * @ppos: where to start - must be 0 654 * 655 */ 656 static ssize_t smk_write_load(struct file *file, const char __user *buf, 657 size_t count, loff_t *ppos) 658 { 659 /* 660 * Must have privilege. 661 * No partial writes. 662 * Enough data must be present. 663 */ 664 if (!smack_privileged(CAP_MAC_ADMIN)) 665 return -EPERM; 666 667 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 668 SMK_FIXED24_FMT); 669 } 670 671 static const struct file_operations smk_load_ops = { 672 .open = smk_open_load, 673 .read = seq_read, 674 .llseek = seq_lseek, 675 .write = smk_write_load, 676 .release = seq_release, 677 }; 678 679 /** 680 * smk_cipso_doi - initialize the CIPSO domain 681 */ 682 static void smk_cipso_doi(void) 683 { 684 int rc; 685 struct cipso_v4_doi *doip; 686 struct netlbl_audit nai; 687 688 smk_netlabel_audit_set(&nai); 689 690 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 691 if (rc != 0) 692 printk(KERN_WARNING "%s:%d remove rc = %d\n", 693 __func__, __LINE__, rc); 694 695 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL); 696 doip->map.std = NULL; 697 doip->doi = smk_cipso_doi_value; 698 doip->type = CIPSO_V4_MAP_PASS; 699 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 700 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 701 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 702 703 rc = netlbl_cfg_cipsov4_add(doip, &nai); 704 if (rc != 0) { 705 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 706 __func__, __LINE__, rc); 707 kfree(doip); 708 return; 709 } 710 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 711 if (rc != 0) { 712 printk(KERN_WARNING "%s:%d map add rc = %d\n", 713 __func__, __LINE__, rc); 714 netlbl_cfg_cipsov4_del(doip->doi, &nai); 715 return; 716 } 717 } 718 719 /** 720 * smk_unlbl_ambient - initialize the unlabeled domain 721 * @oldambient: previous domain string 722 */ 723 static void smk_unlbl_ambient(char *oldambient) 724 { 725 int rc; 726 struct netlbl_audit nai; 727 728 smk_netlabel_audit_set(&nai); 729 730 if (oldambient != NULL) { 731 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 732 if (rc != 0) 733 printk(KERN_WARNING "%s:%d remove rc = %d\n", 734 __func__, __LINE__, rc); 735 } 736 if (smack_net_ambient == NULL) 737 smack_net_ambient = &smack_known_floor; 738 739 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 740 NULL, NULL, &nai); 741 if (rc != 0) 742 printk(KERN_WARNING "%s:%d add rc = %d\n", 743 __func__, __LINE__, rc); 744 } 745 746 /* 747 * Seq_file read operations for /smack/cipso 748 */ 749 750 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 751 { 752 return smk_seq_start(s, pos, &smack_known_list); 753 } 754 755 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 756 { 757 return smk_seq_next(s, v, pos, &smack_known_list); 758 } 759 760 /* 761 * Print cipso labels in format: 762 * label level[/cat[,cat]] 763 */ 764 static int cipso_seq_show(struct seq_file *s, void *v) 765 { 766 struct list_head *list = v; 767 struct smack_known *skp = 768 list_entry_rcu(list, struct smack_known, list); 769 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 770 char sep = '/'; 771 int i; 772 773 /* 774 * Don't show a label that could not have been set using 775 * /smack/cipso. This is in support of the notion that 776 * anything read from /smack/cipso ought to be writeable 777 * to /smack/cipso. 778 * 779 * /smack/cipso2 should be used instead. 780 */ 781 if (strlen(skp->smk_known) >= SMK_LABELLEN) 782 return 0; 783 784 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 785 786 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 787 i = netlbl_catmap_walk(cmp, i + 1)) { 788 seq_printf(s, "%c%d", sep, i); 789 sep = ','; 790 } 791 792 seq_putc(s, '\n'); 793 794 return 0; 795 } 796 797 static const struct seq_operations cipso_seq_ops = { 798 .start = cipso_seq_start, 799 .next = cipso_seq_next, 800 .show = cipso_seq_show, 801 .stop = smk_seq_stop, 802 }; 803 804 /** 805 * smk_open_cipso - open() for /smack/cipso 806 * @inode: inode structure representing file 807 * @file: "cipso" file pointer 808 * 809 * Connect our cipso_seq_* operations with /smack/cipso 810 * file_operations 811 */ 812 static int smk_open_cipso(struct inode *inode, struct file *file) 813 { 814 return seq_open(file, &cipso_seq_ops); 815 } 816 817 /** 818 * smk_set_cipso - do the work for write() for cipso and cipso2 819 * @file: file pointer, not actually used 820 * @buf: where to get the data from 821 * @count: bytes sent 822 * @ppos: where to start 823 * @format: /smack/cipso or /smack/cipso2 824 * 825 * Accepts only one cipso rule per write call. 826 * Returns number of bytes written or error code, as appropriate 827 */ 828 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 829 size_t count, loff_t *ppos, int format) 830 { 831 struct netlbl_lsm_catmap *old_cat, *new_cat = NULL; 832 struct smack_known *skp; 833 struct netlbl_lsm_secattr ncats; 834 char mapcatset[SMK_CIPSOLEN]; 835 int maplevel; 836 unsigned int cat; 837 int catlen; 838 ssize_t rc = -EINVAL; 839 char *data = NULL; 840 char *rule; 841 int ret; 842 int i; 843 844 /* 845 * Must have privilege. 846 * No partial writes. 847 * Enough data must be present. 848 */ 849 if (!smack_privileged(CAP_MAC_ADMIN)) 850 return -EPERM; 851 if (*ppos != 0) 852 return -EINVAL; 853 if (format == SMK_FIXED24_FMT && 854 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 855 return -EINVAL; 856 if (count > PAGE_SIZE) 857 return -EINVAL; 858 859 data = memdup_user_nul(buf, count); 860 if (IS_ERR(data)) 861 return PTR_ERR(data); 862 863 rule = data; 864 /* 865 * Only allow one writer at a time. Writes should be 866 * quite rare and small in any case. 867 */ 868 mutex_lock(&smack_cipso_lock); 869 870 skp = smk_import_entry(rule, 0); 871 if (IS_ERR(skp)) { 872 rc = PTR_ERR(skp); 873 goto out; 874 } 875 876 if (format == SMK_FIXED24_FMT) 877 rule += SMK_LABELLEN; 878 else 879 rule += strlen(skp->smk_known) + 1; 880 881 if (rule > data + count) { 882 rc = -EOVERFLOW; 883 goto out; 884 } 885 886 ret = sscanf(rule, "%d", &maplevel); 887 if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL) 888 goto out; 889 890 rule += SMK_DIGITLEN; 891 if (rule > data + count) { 892 rc = -EOVERFLOW; 893 goto out; 894 } 895 896 ret = sscanf(rule, "%d", &catlen); 897 if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM) 898 goto out; 899 900 if (format == SMK_FIXED24_FMT && 901 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 902 goto out; 903 904 memset(mapcatset, 0, sizeof(mapcatset)); 905 906 for (i = 0; i < catlen; i++) { 907 rule += SMK_DIGITLEN; 908 if (rule > data + count) { 909 rc = -EOVERFLOW; 910 goto out; 911 } 912 ret = sscanf(rule, "%u", &cat); 913 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 914 goto out; 915 916 smack_catset_bit(cat, mapcatset); 917 } 918 ncats.flags = 0; 919 if (catlen == 0) { 920 ncats.attr.mls.cat = NULL; 921 ncats.attr.mls.lvl = maplevel; 922 new_cat = netlbl_catmap_alloc(GFP_ATOMIC); 923 if (new_cat) 924 new_cat->next = ncats.attr.mls.cat; 925 ncats.attr.mls.cat = new_cat; 926 skp->smk_netlabel.flags &= ~(1U << 3); 927 rc = 0; 928 } else { 929 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 930 } 931 if (rc >= 0) { 932 old_cat = skp->smk_netlabel.attr.mls.cat; 933 rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat); 934 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 935 synchronize_rcu(); 936 netlbl_catmap_free(old_cat); 937 rc = count; 938 /* 939 * This mapping may have been cached, so clear the cache. 940 */ 941 netlbl_cache_invalidate(); 942 } 943 944 out: 945 mutex_unlock(&smack_cipso_lock); 946 kfree(data); 947 return rc; 948 } 949 950 /** 951 * smk_write_cipso - write() for /smack/cipso 952 * @file: file pointer, not actually used 953 * @buf: where to get the data from 954 * @count: bytes sent 955 * @ppos: where to start 956 * 957 * Accepts only one cipso rule per write call. 958 * Returns number of bytes written or error code, as appropriate 959 */ 960 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 961 size_t count, loff_t *ppos) 962 { 963 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 964 } 965 966 static const struct file_operations smk_cipso_ops = { 967 .open = smk_open_cipso, 968 .read = seq_read, 969 .llseek = seq_lseek, 970 .write = smk_write_cipso, 971 .release = seq_release, 972 }; 973 974 /* 975 * Seq_file read operations for /smack/cipso2 976 */ 977 978 /* 979 * Print cipso labels in format: 980 * label level[/cat[,cat]] 981 */ 982 static int cipso2_seq_show(struct seq_file *s, void *v) 983 { 984 struct list_head *list = v; 985 struct smack_known *skp = 986 list_entry_rcu(list, struct smack_known, list); 987 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 988 char sep = '/'; 989 int i; 990 991 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 992 993 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 994 i = netlbl_catmap_walk(cmp, i + 1)) { 995 seq_printf(s, "%c%d", sep, i); 996 sep = ','; 997 } 998 999 seq_putc(s, '\n'); 1000 1001 return 0; 1002 } 1003 1004 static const struct seq_operations cipso2_seq_ops = { 1005 .start = cipso_seq_start, 1006 .next = cipso_seq_next, 1007 .show = cipso2_seq_show, 1008 .stop = smk_seq_stop, 1009 }; 1010 1011 /** 1012 * smk_open_cipso2 - open() for /smack/cipso2 1013 * @inode: inode structure representing file 1014 * @file: "cipso2" file pointer 1015 * 1016 * Connect our cipso_seq_* operations with /smack/cipso2 1017 * file_operations 1018 */ 1019 static int smk_open_cipso2(struct inode *inode, struct file *file) 1020 { 1021 return seq_open(file, &cipso2_seq_ops); 1022 } 1023 1024 /** 1025 * smk_write_cipso2 - write() for /smack/cipso2 1026 * @file: file pointer, not actually used 1027 * @buf: where to get the data from 1028 * @count: bytes sent 1029 * @ppos: where to start 1030 * 1031 * Accepts only one cipso rule per write call. 1032 * Returns number of bytes written or error code, as appropriate 1033 */ 1034 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1035 size_t count, loff_t *ppos) 1036 { 1037 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1038 } 1039 1040 static const struct file_operations smk_cipso2_ops = { 1041 .open = smk_open_cipso2, 1042 .read = seq_read, 1043 .llseek = seq_lseek, 1044 .write = smk_write_cipso2, 1045 .release = seq_release, 1046 }; 1047 1048 /* 1049 * Seq_file read operations for /smack/netlabel 1050 */ 1051 1052 static void *net4addr_seq_start(struct seq_file *s, loff_t *pos) 1053 { 1054 return smk_seq_start(s, pos, &smk_net4addr_list); 1055 } 1056 1057 static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1058 { 1059 return smk_seq_next(s, v, pos, &smk_net4addr_list); 1060 } 1061 1062 /* 1063 * Print host/label pairs 1064 */ 1065 static int net4addr_seq_show(struct seq_file *s, void *v) 1066 { 1067 struct list_head *list = v; 1068 struct smk_net4addr *skp = 1069 list_entry_rcu(list, struct smk_net4addr, list); 1070 char *kp = SMACK_CIPSO_OPTION; 1071 1072 if (skp->smk_label != NULL) 1073 kp = skp->smk_label->smk_known; 1074 seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr, 1075 skp->smk_masks, kp); 1076 1077 return 0; 1078 } 1079 1080 static const struct seq_operations net4addr_seq_ops = { 1081 .start = net4addr_seq_start, 1082 .next = net4addr_seq_next, 1083 .show = net4addr_seq_show, 1084 .stop = smk_seq_stop, 1085 }; 1086 1087 /** 1088 * smk_open_net4addr - open() for /smack/netlabel 1089 * @inode: inode structure representing file 1090 * @file: "netlabel" file pointer 1091 * 1092 * Connect our net4addr_seq_* operations with /smack/netlabel 1093 * file_operations 1094 */ 1095 static int smk_open_net4addr(struct inode *inode, struct file *file) 1096 { 1097 return seq_open(file, &net4addr_seq_ops); 1098 } 1099 1100 /** 1101 * smk_net4addr_insert 1102 * @new : netlabel to insert 1103 * 1104 * This helper insert netlabel in the smack_net4addrs list 1105 * sorted by netmask length (longest to smallest) 1106 * locked by &smk_net4addr_lock in smk_write_net4addr 1107 * 1108 */ 1109 static void smk_net4addr_insert(struct smk_net4addr *new) 1110 { 1111 struct smk_net4addr *m; 1112 struct smk_net4addr *m_next; 1113 1114 if (list_empty(&smk_net4addr_list)) { 1115 list_add_rcu(&new->list, &smk_net4addr_list); 1116 return; 1117 } 1118 1119 m = list_entry_rcu(smk_net4addr_list.next, 1120 struct smk_net4addr, list); 1121 1122 /* the comparison '>' is a bit hacky, but works */ 1123 if (new->smk_masks > m->smk_masks) { 1124 list_add_rcu(&new->list, &smk_net4addr_list); 1125 return; 1126 } 1127 1128 list_for_each_entry_rcu(m, &smk_net4addr_list, list) { 1129 if (list_is_last(&m->list, &smk_net4addr_list)) { 1130 list_add_rcu(&new->list, &m->list); 1131 return; 1132 } 1133 m_next = list_entry_rcu(m->list.next, 1134 struct smk_net4addr, list); 1135 if (new->smk_masks > m_next->smk_masks) { 1136 list_add_rcu(&new->list, &m->list); 1137 return; 1138 } 1139 } 1140 } 1141 1142 1143 /** 1144 * smk_write_net4addr - write() for /smack/netlabel 1145 * @file: file pointer, not actually used 1146 * @buf: where to get the data from 1147 * @count: bytes sent 1148 * @ppos: where to start 1149 * 1150 * Accepts only one net4addr per write call. 1151 * Returns number of bytes written or error code, as appropriate 1152 */ 1153 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 1154 size_t count, loff_t *ppos) 1155 { 1156 struct smk_net4addr *snp; 1157 struct sockaddr_in newname; 1158 char *smack; 1159 struct smack_known *skp = NULL; 1160 char *data; 1161 char *host = (char *)&newname.sin_addr.s_addr; 1162 int rc; 1163 struct netlbl_audit audit_info; 1164 struct in_addr mask; 1165 unsigned int m; 1166 unsigned int masks; 1167 int found; 1168 u32 mask_bits = (1<<31); 1169 __be32 nsa; 1170 u32 temp_mask; 1171 1172 /* 1173 * Must have privilege. 1174 * No partial writes. 1175 * Enough data must be present. 1176 * "<addr/mask, as a.b.c.d/e><space><label>" 1177 * "<addr, as a.b.c.d><space><label>" 1178 */ 1179 if (!smack_privileged(CAP_MAC_ADMIN)) 1180 return -EPERM; 1181 if (*ppos != 0) 1182 return -EINVAL; 1183 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1184 return -EINVAL; 1185 1186 data = memdup_user_nul(buf, count); 1187 if (IS_ERR(data)) 1188 return PTR_ERR(data); 1189 1190 smack = kzalloc(count + 1, GFP_KERNEL); 1191 if (smack == NULL) { 1192 rc = -ENOMEM; 1193 goto free_data_out; 1194 } 1195 1196 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1197 &host[0], &host[1], &host[2], &host[3], &masks, smack); 1198 if (rc != 6) { 1199 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1200 &host[0], &host[1], &host[2], &host[3], smack); 1201 if (rc != 5) { 1202 rc = -EINVAL; 1203 goto free_out; 1204 } 1205 masks = 32; 1206 } 1207 if (masks > BEBITS) { 1208 rc = -EINVAL; 1209 goto free_out; 1210 } 1211 1212 /* 1213 * If smack begins with '-', it is an option, don't import it 1214 */ 1215 if (smack[0] != '-') { 1216 skp = smk_import_entry(smack, 0); 1217 if (IS_ERR(skp)) { 1218 rc = PTR_ERR(skp); 1219 goto free_out; 1220 } 1221 } else { 1222 /* 1223 * Only the -CIPSO option is supported for IPv4 1224 */ 1225 if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) { 1226 rc = -EINVAL; 1227 goto free_out; 1228 } 1229 } 1230 1231 for (m = masks, temp_mask = 0; m > 0; m--) { 1232 temp_mask |= mask_bits; 1233 mask_bits >>= 1; 1234 } 1235 mask.s_addr = cpu_to_be32(temp_mask); 1236 1237 newname.sin_addr.s_addr &= mask.s_addr; 1238 /* 1239 * Only allow one writer at a time. Writes should be 1240 * quite rare and small in any case. 1241 */ 1242 mutex_lock(&smk_net4addr_lock); 1243 1244 nsa = newname.sin_addr.s_addr; 1245 /* try to find if the prefix is already in the list */ 1246 found = 0; 1247 list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { 1248 if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) { 1249 found = 1; 1250 break; 1251 } 1252 } 1253 smk_netlabel_audit_set(&audit_info); 1254 1255 if (found == 0) { 1256 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1257 if (snp == NULL) 1258 rc = -ENOMEM; 1259 else { 1260 rc = 0; 1261 snp->smk_host.s_addr = newname.sin_addr.s_addr; 1262 snp->smk_mask.s_addr = mask.s_addr; 1263 snp->smk_label = skp; 1264 snp->smk_masks = masks; 1265 smk_net4addr_insert(snp); 1266 } 1267 } else { 1268 /* 1269 * Delete the unlabeled entry, only if the previous label 1270 * wasn't the special CIPSO option 1271 */ 1272 if (snp->smk_label != NULL) 1273 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1274 &snp->smk_host, &snp->smk_mask, 1275 PF_INET, &audit_info); 1276 else 1277 rc = 0; 1278 snp->smk_label = skp; 1279 } 1280 1281 /* 1282 * Now tell netlabel about the single label nature of 1283 * this host so that incoming packets get labeled. 1284 * but only if we didn't get the special CIPSO option 1285 */ 1286 if (rc == 0 && skp != NULL) 1287 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1288 &snp->smk_host, &snp->smk_mask, PF_INET, 1289 snp->smk_label->smk_secid, &audit_info); 1290 1291 if (rc == 0) 1292 rc = count; 1293 1294 mutex_unlock(&smk_net4addr_lock); 1295 1296 free_out: 1297 kfree(smack); 1298 free_data_out: 1299 kfree(data); 1300 1301 return rc; 1302 } 1303 1304 static const struct file_operations smk_net4addr_ops = { 1305 .open = smk_open_net4addr, 1306 .read = seq_read, 1307 .llseek = seq_lseek, 1308 .write = smk_write_net4addr, 1309 .release = seq_release, 1310 }; 1311 1312 #if IS_ENABLED(CONFIG_IPV6) 1313 /* 1314 * Seq_file read operations for /smack/netlabel6 1315 */ 1316 1317 static void *net6addr_seq_start(struct seq_file *s, loff_t *pos) 1318 { 1319 return smk_seq_start(s, pos, &smk_net6addr_list); 1320 } 1321 1322 static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1323 { 1324 return smk_seq_next(s, v, pos, &smk_net6addr_list); 1325 } 1326 1327 /* 1328 * Print host/label pairs 1329 */ 1330 static int net6addr_seq_show(struct seq_file *s, void *v) 1331 { 1332 struct list_head *list = v; 1333 struct smk_net6addr *skp = 1334 list_entry(list, struct smk_net6addr, list); 1335 1336 if (skp->smk_label != NULL) 1337 seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks, 1338 skp->smk_label->smk_known); 1339 1340 return 0; 1341 } 1342 1343 static const struct seq_operations net6addr_seq_ops = { 1344 .start = net6addr_seq_start, 1345 .next = net6addr_seq_next, 1346 .show = net6addr_seq_show, 1347 .stop = smk_seq_stop, 1348 }; 1349 1350 /** 1351 * smk_open_net6addr - open() for /smack/netlabel 1352 * @inode: inode structure representing file 1353 * @file: "netlabel" file pointer 1354 * 1355 * Connect our net6addr_seq_* operations with /smack/netlabel 1356 * file_operations 1357 */ 1358 static int smk_open_net6addr(struct inode *inode, struct file *file) 1359 { 1360 return seq_open(file, &net6addr_seq_ops); 1361 } 1362 1363 /** 1364 * smk_net6addr_insert 1365 * @new : entry to insert 1366 * 1367 * This inserts an entry in the smack_net6addrs list 1368 * sorted by netmask length (longest to smallest) 1369 * locked by &smk_net6addr_lock in smk_write_net6addr 1370 * 1371 */ 1372 static void smk_net6addr_insert(struct smk_net6addr *new) 1373 { 1374 struct smk_net6addr *m_next; 1375 struct smk_net6addr *m; 1376 1377 if (list_empty(&smk_net6addr_list)) { 1378 list_add_rcu(&new->list, &smk_net6addr_list); 1379 return; 1380 } 1381 1382 m = list_entry_rcu(smk_net6addr_list.next, 1383 struct smk_net6addr, list); 1384 1385 if (new->smk_masks > m->smk_masks) { 1386 list_add_rcu(&new->list, &smk_net6addr_list); 1387 return; 1388 } 1389 1390 list_for_each_entry_rcu(m, &smk_net6addr_list, list) { 1391 if (list_is_last(&m->list, &smk_net6addr_list)) { 1392 list_add_rcu(&new->list, &m->list); 1393 return; 1394 } 1395 m_next = list_entry_rcu(m->list.next, 1396 struct smk_net6addr, list); 1397 if (new->smk_masks > m_next->smk_masks) { 1398 list_add_rcu(&new->list, &m->list); 1399 return; 1400 } 1401 } 1402 } 1403 1404 1405 /** 1406 * smk_write_net6addr - write() for /smack/netlabel 1407 * @file: file pointer, not actually used 1408 * @buf: where to get the data from 1409 * @count: bytes sent 1410 * @ppos: where to start 1411 * 1412 * Accepts only one net6addr per write call. 1413 * Returns number of bytes written or error code, as appropriate 1414 */ 1415 static ssize_t smk_write_net6addr(struct file *file, const char __user *buf, 1416 size_t count, loff_t *ppos) 1417 { 1418 struct smk_net6addr *snp; 1419 struct in6_addr newname; 1420 struct in6_addr fullmask; 1421 struct smack_known *skp = NULL; 1422 char *smack; 1423 char *data; 1424 int rc = 0; 1425 int found = 0; 1426 int i; 1427 unsigned int scanned[8]; 1428 unsigned int m; 1429 unsigned int mask = 128; 1430 1431 /* 1432 * Must have privilege. 1433 * No partial writes. 1434 * Enough data must be present. 1435 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" 1436 * "<addr, as a:b:c:d:e:f:g:h><space><label>" 1437 */ 1438 if (!smack_privileged(CAP_MAC_ADMIN)) 1439 return -EPERM; 1440 if (*ppos != 0) 1441 return -EINVAL; 1442 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1443 return -EINVAL; 1444 1445 data = memdup_user_nul(buf, count); 1446 if (IS_ERR(data)) 1447 return PTR_ERR(data); 1448 1449 smack = kzalloc(count + 1, GFP_KERNEL); 1450 if (smack == NULL) { 1451 rc = -ENOMEM; 1452 goto free_data_out; 1453 } 1454 1455 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", 1456 &scanned[0], &scanned[1], &scanned[2], &scanned[3], 1457 &scanned[4], &scanned[5], &scanned[6], &scanned[7], 1458 &mask, smack); 1459 if (i != 10) { 1460 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", 1461 &scanned[0], &scanned[1], &scanned[2], 1462 &scanned[3], &scanned[4], &scanned[5], 1463 &scanned[6], &scanned[7], smack); 1464 if (i != 9) { 1465 rc = -EINVAL; 1466 goto free_out; 1467 } 1468 } 1469 if (mask > 128) { 1470 rc = -EINVAL; 1471 goto free_out; 1472 } 1473 for (i = 0; i < 8; i++) { 1474 if (scanned[i] > 0xffff) { 1475 rc = -EINVAL; 1476 goto free_out; 1477 } 1478 newname.s6_addr16[i] = htons(scanned[i]); 1479 } 1480 1481 /* 1482 * If smack begins with '-', it is an option, don't import it 1483 */ 1484 if (smack[0] != '-') { 1485 skp = smk_import_entry(smack, 0); 1486 if (IS_ERR(skp)) { 1487 rc = PTR_ERR(skp); 1488 goto free_out; 1489 } 1490 } else { 1491 /* 1492 * Only -DELETE is supported for IPv6 1493 */ 1494 if (strcmp(smack, SMACK_DELETE_OPTION) != 0) { 1495 rc = -EINVAL; 1496 goto free_out; 1497 } 1498 } 1499 1500 for (i = 0, m = mask; i < 8; i++) { 1501 if (m >= 16) { 1502 fullmask.s6_addr16[i] = 0xffff; 1503 m -= 16; 1504 } else if (m > 0) { 1505 fullmask.s6_addr16[i] = (1 << m) - 1; 1506 m = 0; 1507 } else 1508 fullmask.s6_addr16[i] = 0; 1509 newname.s6_addr16[i] &= fullmask.s6_addr16[i]; 1510 } 1511 1512 /* 1513 * Only allow one writer at a time. Writes should be 1514 * quite rare and small in any case. 1515 */ 1516 mutex_lock(&smk_net6addr_lock); 1517 /* 1518 * Try to find the prefix in the list 1519 */ 1520 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { 1521 if (mask != snp->smk_masks) 1522 continue; 1523 for (found = 1, i = 0; i < 8; i++) { 1524 if (newname.s6_addr16[i] != 1525 snp->smk_host.s6_addr16[i]) { 1526 found = 0; 1527 break; 1528 } 1529 } 1530 if (found == 1) 1531 break; 1532 } 1533 if (found == 0) { 1534 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1535 if (snp == NULL) 1536 rc = -ENOMEM; 1537 else { 1538 snp->smk_host = newname; 1539 snp->smk_mask = fullmask; 1540 snp->smk_masks = mask; 1541 snp->smk_label = skp; 1542 smk_net6addr_insert(snp); 1543 } 1544 } else { 1545 snp->smk_label = skp; 1546 } 1547 1548 if (rc == 0) 1549 rc = count; 1550 1551 mutex_unlock(&smk_net6addr_lock); 1552 1553 free_out: 1554 kfree(smack); 1555 free_data_out: 1556 kfree(data); 1557 1558 return rc; 1559 } 1560 1561 static const struct file_operations smk_net6addr_ops = { 1562 .open = smk_open_net6addr, 1563 .read = seq_read, 1564 .llseek = seq_lseek, 1565 .write = smk_write_net6addr, 1566 .release = seq_release, 1567 }; 1568 #endif /* CONFIG_IPV6 */ 1569 1570 /** 1571 * smk_read_doi - read() for /smack/doi 1572 * @filp: file pointer, not actually used 1573 * @buf: where to put the result 1574 * @count: maximum to send along 1575 * @ppos: where to start 1576 * 1577 * Returns number of bytes read or error code, as appropriate 1578 */ 1579 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1580 size_t count, loff_t *ppos) 1581 { 1582 char temp[80]; 1583 ssize_t rc; 1584 1585 if (*ppos != 0) 1586 return 0; 1587 1588 sprintf(temp, "%d", smk_cipso_doi_value); 1589 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1590 1591 return rc; 1592 } 1593 1594 /** 1595 * smk_write_doi - write() for /smack/doi 1596 * @file: file pointer, not actually used 1597 * @buf: where to get the data from 1598 * @count: bytes sent 1599 * @ppos: where to start 1600 * 1601 * Returns number of bytes written or error code, as appropriate 1602 */ 1603 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1604 size_t count, loff_t *ppos) 1605 { 1606 char temp[80]; 1607 int i; 1608 1609 if (!smack_privileged(CAP_MAC_ADMIN)) 1610 return -EPERM; 1611 1612 if (count >= sizeof(temp) || count == 0) 1613 return -EINVAL; 1614 1615 if (copy_from_user(temp, buf, count) != 0) 1616 return -EFAULT; 1617 1618 temp[count] = '\0'; 1619 1620 if (sscanf(temp, "%d", &i) != 1) 1621 return -EINVAL; 1622 1623 smk_cipso_doi_value = i; 1624 1625 smk_cipso_doi(); 1626 1627 return count; 1628 } 1629 1630 static const struct file_operations smk_doi_ops = { 1631 .read = smk_read_doi, 1632 .write = smk_write_doi, 1633 .llseek = default_llseek, 1634 }; 1635 1636 /** 1637 * smk_read_direct - read() for /smack/direct 1638 * @filp: file pointer, not actually used 1639 * @buf: where to put the result 1640 * @count: maximum to send along 1641 * @ppos: where to start 1642 * 1643 * Returns number of bytes read or error code, as appropriate 1644 */ 1645 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1646 size_t count, loff_t *ppos) 1647 { 1648 char temp[80]; 1649 ssize_t rc; 1650 1651 if (*ppos != 0) 1652 return 0; 1653 1654 sprintf(temp, "%d", smack_cipso_direct); 1655 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1656 1657 return rc; 1658 } 1659 1660 /** 1661 * smk_write_direct - write() for /smack/direct 1662 * @file: file pointer, not actually used 1663 * @buf: where to get the data from 1664 * @count: bytes sent 1665 * @ppos: where to start 1666 * 1667 * Returns number of bytes written or error code, as appropriate 1668 */ 1669 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1670 size_t count, loff_t *ppos) 1671 { 1672 struct smack_known *skp; 1673 char temp[80]; 1674 int i; 1675 1676 if (!smack_privileged(CAP_MAC_ADMIN)) 1677 return -EPERM; 1678 1679 if (count >= sizeof(temp) || count == 0) 1680 return -EINVAL; 1681 1682 if (copy_from_user(temp, buf, count) != 0) 1683 return -EFAULT; 1684 1685 temp[count] = '\0'; 1686 1687 if (sscanf(temp, "%d", &i) != 1) 1688 return -EINVAL; 1689 1690 /* 1691 * Don't do anything if the value hasn't actually changed. 1692 * If it is changing reset the level on entries that were 1693 * set up to be direct when they were created. 1694 */ 1695 if (smack_cipso_direct != i) { 1696 mutex_lock(&smack_known_lock); 1697 list_for_each_entry_rcu(skp, &smack_known_list, list) 1698 if (skp->smk_netlabel.attr.mls.lvl == 1699 smack_cipso_direct) 1700 skp->smk_netlabel.attr.mls.lvl = i; 1701 smack_cipso_direct = i; 1702 mutex_unlock(&smack_known_lock); 1703 } 1704 1705 return count; 1706 } 1707 1708 static const struct file_operations smk_direct_ops = { 1709 .read = smk_read_direct, 1710 .write = smk_write_direct, 1711 .llseek = default_llseek, 1712 }; 1713 1714 /** 1715 * smk_read_mapped - read() for /smack/mapped 1716 * @filp: file pointer, not actually used 1717 * @buf: where to put the result 1718 * @count: maximum to send along 1719 * @ppos: where to start 1720 * 1721 * Returns number of bytes read or error code, as appropriate 1722 */ 1723 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1724 size_t count, loff_t *ppos) 1725 { 1726 char temp[80]; 1727 ssize_t rc; 1728 1729 if (*ppos != 0) 1730 return 0; 1731 1732 sprintf(temp, "%d", smack_cipso_mapped); 1733 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1734 1735 return rc; 1736 } 1737 1738 /** 1739 * smk_write_mapped - write() for /smack/mapped 1740 * @file: file pointer, not actually used 1741 * @buf: where to get the data from 1742 * @count: bytes sent 1743 * @ppos: where to start 1744 * 1745 * Returns number of bytes written or error code, as appropriate 1746 */ 1747 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1748 size_t count, loff_t *ppos) 1749 { 1750 struct smack_known *skp; 1751 char temp[80]; 1752 int i; 1753 1754 if (!smack_privileged(CAP_MAC_ADMIN)) 1755 return -EPERM; 1756 1757 if (count >= sizeof(temp) || count == 0) 1758 return -EINVAL; 1759 1760 if (copy_from_user(temp, buf, count) != 0) 1761 return -EFAULT; 1762 1763 temp[count] = '\0'; 1764 1765 if (sscanf(temp, "%d", &i) != 1) 1766 return -EINVAL; 1767 1768 /* 1769 * Don't do anything if the value hasn't actually changed. 1770 * If it is changing reset the level on entries that were 1771 * set up to be mapped when they were created. 1772 */ 1773 if (smack_cipso_mapped != i) { 1774 mutex_lock(&smack_known_lock); 1775 list_for_each_entry_rcu(skp, &smack_known_list, list) 1776 if (skp->smk_netlabel.attr.mls.lvl == 1777 smack_cipso_mapped) 1778 skp->smk_netlabel.attr.mls.lvl = i; 1779 smack_cipso_mapped = i; 1780 mutex_unlock(&smack_known_lock); 1781 } 1782 1783 return count; 1784 } 1785 1786 static const struct file_operations smk_mapped_ops = { 1787 .read = smk_read_mapped, 1788 .write = smk_write_mapped, 1789 .llseek = default_llseek, 1790 }; 1791 1792 /** 1793 * smk_read_ambient - read() for /smack/ambient 1794 * @filp: file pointer, not actually used 1795 * @buf: where to put the result 1796 * @cn: maximum to send along 1797 * @ppos: where to start 1798 * 1799 * Returns number of bytes read or error code, as appropriate 1800 */ 1801 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1802 size_t cn, loff_t *ppos) 1803 { 1804 ssize_t rc; 1805 int asize; 1806 1807 if (*ppos != 0) 1808 return 0; 1809 /* 1810 * Being careful to avoid a problem in the case where 1811 * smack_net_ambient gets changed in midstream. 1812 */ 1813 mutex_lock(&smack_ambient_lock); 1814 1815 asize = strlen(smack_net_ambient->smk_known) + 1; 1816 1817 if (cn >= asize) 1818 rc = simple_read_from_buffer(buf, cn, ppos, 1819 smack_net_ambient->smk_known, 1820 asize); 1821 else 1822 rc = -EINVAL; 1823 1824 mutex_unlock(&smack_ambient_lock); 1825 1826 return rc; 1827 } 1828 1829 /** 1830 * smk_write_ambient - write() for /smack/ambient 1831 * @file: file pointer, not actually used 1832 * @buf: where to get the data from 1833 * @count: bytes sent 1834 * @ppos: where to start 1835 * 1836 * Returns number of bytes written or error code, as appropriate 1837 */ 1838 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1839 size_t count, loff_t *ppos) 1840 { 1841 struct smack_known *skp; 1842 char *oldambient; 1843 char *data; 1844 int rc = count; 1845 1846 if (!smack_privileged(CAP_MAC_ADMIN)) 1847 return -EPERM; 1848 1849 /* Enough data must be present */ 1850 if (count == 0 || count > PAGE_SIZE) 1851 return -EINVAL; 1852 1853 data = memdup_user_nul(buf, count); 1854 if (IS_ERR(data)) 1855 return PTR_ERR(data); 1856 1857 skp = smk_import_entry(data, count); 1858 if (IS_ERR(skp)) { 1859 rc = PTR_ERR(skp); 1860 goto out; 1861 } 1862 1863 mutex_lock(&smack_ambient_lock); 1864 1865 oldambient = smack_net_ambient->smk_known; 1866 smack_net_ambient = skp; 1867 smk_unlbl_ambient(oldambient); 1868 1869 mutex_unlock(&smack_ambient_lock); 1870 1871 out: 1872 kfree(data); 1873 return rc; 1874 } 1875 1876 static const struct file_operations smk_ambient_ops = { 1877 .read = smk_read_ambient, 1878 .write = smk_write_ambient, 1879 .llseek = default_llseek, 1880 }; 1881 1882 /* 1883 * Seq_file operations for /smack/onlycap 1884 */ 1885 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos) 1886 { 1887 return smk_seq_start(s, pos, &smack_onlycap_list); 1888 } 1889 1890 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos) 1891 { 1892 return smk_seq_next(s, v, pos, &smack_onlycap_list); 1893 } 1894 1895 static int onlycap_seq_show(struct seq_file *s, void *v) 1896 { 1897 struct list_head *list = v; 1898 struct smack_known_list_elem *sklep = 1899 list_entry_rcu(list, struct smack_known_list_elem, list); 1900 1901 seq_puts(s, sklep->smk_label->smk_known); 1902 seq_putc(s, ' '); 1903 1904 return 0; 1905 } 1906 1907 static const struct seq_operations onlycap_seq_ops = { 1908 .start = onlycap_seq_start, 1909 .next = onlycap_seq_next, 1910 .show = onlycap_seq_show, 1911 .stop = smk_seq_stop, 1912 }; 1913 1914 static int smk_open_onlycap(struct inode *inode, struct file *file) 1915 { 1916 return seq_open(file, &onlycap_seq_ops); 1917 } 1918 1919 /** 1920 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way 1921 * The caller must hold appropriate mutex to prevent concurrent modifications 1922 * to the public list. 1923 * Private list is assumed to be not accessible to other threads yet. 1924 * 1925 * @public: public list 1926 * @private: private list 1927 */ 1928 static void smk_list_swap_rcu(struct list_head *public, 1929 struct list_head *private) 1930 { 1931 struct list_head *first, *last; 1932 1933 if (list_empty(public)) { 1934 list_splice_init_rcu(private, public, synchronize_rcu); 1935 } else { 1936 /* Remember public list before replacing it */ 1937 first = public->next; 1938 last = public->prev; 1939 1940 /* Publish private list in place of public in RCU-safe way */ 1941 private->prev->next = public; 1942 private->next->prev = public; 1943 rcu_assign_pointer(public->next, private->next); 1944 public->prev = private->prev; 1945 1946 synchronize_rcu(); 1947 1948 /* When all readers are done with the old public list, 1949 * attach it in place of private */ 1950 private->next = first; 1951 private->prev = last; 1952 first->prev = private; 1953 last->next = private; 1954 } 1955 } 1956 1957 /** 1958 * smk_parse_label_list - parse list of Smack labels, separated by spaces 1959 * 1960 * @data: the string to parse 1961 * @list: destination list 1962 * 1963 * Returns zero on success or error code, as appropriate 1964 */ 1965 static int smk_parse_label_list(char *data, struct list_head *list) 1966 { 1967 char *tok; 1968 struct smack_known *skp; 1969 struct smack_known_list_elem *sklep; 1970 1971 while ((tok = strsep(&data, " ")) != NULL) { 1972 if (!*tok) 1973 continue; 1974 1975 skp = smk_import_entry(tok, 0); 1976 if (IS_ERR(skp)) 1977 return PTR_ERR(skp); 1978 1979 sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); 1980 if (sklep == NULL) 1981 return -ENOMEM; 1982 1983 sklep->smk_label = skp; 1984 list_add(&sklep->list, list); 1985 } 1986 1987 return 0; 1988 } 1989 1990 /** 1991 * smk_destroy_label_list - destroy a list of smack_known_list_elem 1992 * @list: header pointer of the list to destroy 1993 */ 1994 void smk_destroy_label_list(struct list_head *list) 1995 { 1996 struct smack_known_list_elem *sklep; 1997 struct smack_known_list_elem *sklep2; 1998 1999 list_for_each_entry_safe(sklep, sklep2, list, list) 2000 kfree(sklep); 2001 2002 INIT_LIST_HEAD(list); 2003 } 2004 2005 /** 2006 * smk_write_onlycap - write() for smackfs/onlycap 2007 * @file: file pointer, not actually used 2008 * @buf: where to get the data from 2009 * @count: bytes sent 2010 * @ppos: where to start 2011 * 2012 * Returns number of bytes written or error code, as appropriate 2013 */ 2014 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 2015 size_t count, loff_t *ppos) 2016 { 2017 char *data; 2018 LIST_HEAD(list_tmp); 2019 int rc; 2020 2021 if (!smack_privileged(CAP_MAC_ADMIN)) 2022 return -EPERM; 2023 2024 if (count > PAGE_SIZE) 2025 return -EINVAL; 2026 2027 data = memdup_user_nul(buf, count); 2028 if (IS_ERR(data)) 2029 return PTR_ERR(data); 2030 2031 rc = smk_parse_label_list(data, &list_tmp); 2032 kfree(data); 2033 2034 /* 2035 * Clear the smack_onlycap on invalid label errors. This means 2036 * that we can pass a null string to unset the onlycap value. 2037 * 2038 * Importing will also reject a label beginning with '-', 2039 * so "-usecapabilities" will also work. 2040 * 2041 * But do so only on invalid label, not on system errors. 2042 * The invalid label must be first to count as clearing attempt. 2043 */ 2044 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2045 mutex_lock(&smack_onlycap_lock); 2046 smk_list_swap_rcu(&smack_onlycap_list, &list_tmp); 2047 mutex_unlock(&smack_onlycap_lock); 2048 rc = count; 2049 } 2050 2051 smk_destroy_label_list(&list_tmp); 2052 2053 return rc; 2054 } 2055 2056 static const struct file_operations smk_onlycap_ops = { 2057 .open = smk_open_onlycap, 2058 .read = seq_read, 2059 .write = smk_write_onlycap, 2060 .llseek = seq_lseek, 2061 .release = seq_release, 2062 }; 2063 2064 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2065 /** 2066 * smk_read_unconfined - read() for smackfs/unconfined 2067 * @filp: file pointer, not actually used 2068 * @buf: where to put the result 2069 * @cn: maximum to send along 2070 * @ppos: where to start 2071 * 2072 * Returns number of bytes read or error code, as appropriate 2073 */ 2074 static ssize_t smk_read_unconfined(struct file *filp, char __user *buf, 2075 size_t cn, loff_t *ppos) 2076 { 2077 char *smack = ""; 2078 ssize_t rc = -EINVAL; 2079 int asize; 2080 2081 if (*ppos != 0) 2082 return 0; 2083 2084 if (smack_unconfined != NULL) 2085 smack = smack_unconfined->smk_known; 2086 2087 asize = strlen(smack) + 1; 2088 2089 if (cn >= asize) 2090 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 2091 2092 return rc; 2093 } 2094 2095 /** 2096 * smk_write_unconfined - write() for smackfs/unconfined 2097 * @file: file pointer, not actually used 2098 * @buf: where to get the data from 2099 * @count: bytes sent 2100 * @ppos: where to start 2101 * 2102 * Returns number of bytes written or error code, as appropriate 2103 */ 2104 static ssize_t smk_write_unconfined(struct file *file, const char __user *buf, 2105 size_t count, loff_t *ppos) 2106 { 2107 char *data; 2108 struct smack_known *skp; 2109 int rc = count; 2110 2111 if (!smack_privileged(CAP_MAC_ADMIN)) 2112 return -EPERM; 2113 2114 if (count > PAGE_SIZE) 2115 return -EINVAL; 2116 2117 data = memdup_user_nul(buf, count); 2118 if (IS_ERR(data)) 2119 return PTR_ERR(data); 2120 2121 /* 2122 * Clear the smack_unconfined on invalid label errors. This means 2123 * that we can pass a null string to unset the unconfined value. 2124 * 2125 * Importing will also reject a label beginning with '-', 2126 * so "-confine" will also work. 2127 * 2128 * But do so only on invalid label, not on system errors. 2129 */ 2130 skp = smk_import_entry(data, count); 2131 if (PTR_ERR(skp) == -EINVAL) 2132 skp = NULL; 2133 else if (IS_ERR(skp)) { 2134 rc = PTR_ERR(skp); 2135 goto freeout; 2136 } 2137 2138 smack_unconfined = skp; 2139 2140 freeout: 2141 kfree(data); 2142 return rc; 2143 } 2144 2145 static const struct file_operations smk_unconfined_ops = { 2146 .read = smk_read_unconfined, 2147 .write = smk_write_unconfined, 2148 .llseek = default_llseek, 2149 }; 2150 #endif /* CONFIG_SECURITY_SMACK_BRINGUP */ 2151 2152 /** 2153 * smk_read_logging - read() for /smack/logging 2154 * @filp: file pointer, not actually used 2155 * @buf: where to put the result 2156 * @count: maximum to send along 2157 * @ppos: where to start 2158 * 2159 * Returns number of bytes read or error code, as appropriate 2160 */ 2161 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 2162 size_t count, loff_t *ppos) 2163 { 2164 char temp[32]; 2165 ssize_t rc; 2166 2167 if (*ppos != 0) 2168 return 0; 2169 2170 sprintf(temp, "%d\n", log_policy); 2171 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2172 return rc; 2173 } 2174 2175 /** 2176 * smk_write_logging - write() for /smack/logging 2177 * @file: file pointer, not actually used 2178 * @buf: where to get the data from 2179 * @count: bytes sent 2180 * @ppos: where to start 2181 * 2182 * Returns number of bytes written or error code, as appropriate 2183 */ 2184 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 2185 size_t count, loff_t *ppos) 2186 { 2187 char temp[32]; 2188 int i; 2189 2190 if (!smack_privileged(CAP_MAC_ADMIN)) 2191 return -EPERM; 2192 2193 if (count >= sizeof(temp) || count == 0) 2194 return -EINVAL; 2195 2196 if (copy_from_user(temp, buf, count) != 0) 2197 return -EFAULT; 2198 2199 temp[count] = '\0'; 2200 2201 if (sscanf(temp, "%d", &i) != 1) 2202 return -EINVAL; 2203 if (i < 0 || i > 3) 2204 return -EINVAL; 2205 log_policy = i; 2206 return count; 2207 } 2208 2209 2210 2211 static const struct file_operations smk_logging_ops = { 2212 .read = smk_read_logging, 2213 .write = smk_write_logging, 2214 .llseek = default_llseek, 2215 }; 2216 2217 /* 2218 * Seq_file read operations for /smack/load-self 2219 */ 2220 2221 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 2222 { 2223 struct task_smack *tsp = smack_cred(current_cred()); 2224 2225 return smk_seq_start(s, pos, &tsp->smk_rules); 2226 } 2227 2228 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2229 { 2230 struct task_smack *tsp = smack_cred(current_cred()); 2231 2232 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2233 } 2234 2235 static int load_self_seq_show(struct seq_file *s, void *v) 2236 { 2237 struct list_head *list = v; 2238 struct smack_rule *srp = 2239 list_entry_rcu(list, struct smack_rule, list); 2240 2241 smk_rule_show(s, srp, SMK_LABELLEN); 2242 2243 return 0; 2244 } 2245 2246 static const struct seq_operations load_self_seq_ops = { 2247 .start = load_self_seq_start, 2248 .next = load_self_seq_next, 2249 .show = load_self_seq_show, 2250 .stop = smk_seq_stop, 2251 }; 2252 2253 2254 /** 2255 * smk_open_load_self - open() for /smack/load-self2 2256 * @inode: inode structure representing file 2257 * @file: "load" file pointer 2258 * 2259 * For reading, use load_seq_* seq_file reading operations. 2260 */ 2261 static int smk_open_load_self(struct inode *inode, struct file *file) 2262 { 2263 return seq_open(file, &load_self_seq_ops); 2264 } 2265 2266 /** 2267 * smk_write_load_self - write() for /smack/load-self 2268 * @file: file pointer, not actually used 2269 * @buf: where to get the data from 2270 * @count: bytes sent 2271 * @ppos: where to start - must be 0 2272 * 2273 */ 2274 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 2275 size_t count, loff_t *ppos) 2276 { 2277 struct task_smack *tsp = smack_cred(current_cred()); 2278 2279 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2280 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 2281 } 2282 2283 static const struct file_operations smk_load_self_ops = { 2284 .open = smk_open_load_self, 2285 .read = seq_read, 2286 .llseek = seq_lseek, 2287 .write = smk_write_load_self, 2288 .release = seq_release, 2289 }; 2290 2291 /** 2292 * smk_user_access - handle access check transaction 2293 * @file: file pointer 2294 * @buf: data from user space 2295 * @count: bytes sent 2296 * @ppos: where to start - must be 0 2297 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 2298 */ 2299 static ssize_t smk_user_access(struct file *file, const char __user *buf, 2300 size_t count, loff_t *ppos, int format) 2301 { 2302 struct smack_parsed_rule rule; 2303 char *data; 2304 int res; 2305 2306 data = simple_transaction_get(file, buf, count); 2307 if (IS_ERR(data)) 2308 return PTR_ERR(data); 2309 2310 if (format == SMK_FIXED24_FMT) { 2311 if (count < SMK_LOADLEN) 2312 return -EINVAL; 2313 res = smk_parse_rule(data, &rule, 0); 2314 } else { 2315 /* 2316 * simple_transaction_get() returns null-terminated data 2317 */ 2318 res = smk_parse_long_rule(data, &rule, 0, 3); 2319 } 2320 2321 if (res >= 0) 2322 res = smk_access(rule.smk_subject, rule.smk_object, 2323 rule.smk_access1, NULL); 2324 else if (res != -ENOENT) 2325 return res; 2326 2327 /* 2328 * smk_access() can return a value > 0 in the "bringup" case. 2329 */ 2330 data[0] = res >= 0 ? '1' : '0'; 2331 data[1] = '\0'; 2332 2333 simple_transaction_set(file, 2); 2334 2335 if (format == SMK_FIXED24_FMT) 2336 return SMK_LOADLEN; 2337 return count; 2338 } 2339 2340 /** 2341 * smk_write_access - handle access check transaction 2342 * @file: file pointer 2343 * @buf: data from user space 2344 * @count: bytes sent 2345 * @ppos: where to start - must be 0 2346 */ 2347 static ssize_t smk_write_access(struct file *file, const char __user *buf, 2348 size_t count, loff_t *ppos) 2349 { 2350 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 2351 } 2352 2353 static const struct file_operations smk_access_ops = { 2354 .write = smk_write_access, 2355 .read = simple_transaction_read, 2356 .release = simple_transaction_release, 2357 .llseek = generic_file_llseek, 2358 }; 2359 2360 2361 /* 2362 * Seq_file read operations for /smack/load2 2363 */ 2364 2365 static int load2_seq_show(struct seq_file *s, void *v) 2366 { 2367 struct list_head *list = v; 2368 struct smack_rule *srp; 2369 struct smack_known *skp = 2370 list_entry_rcu(list, struct smack_known, list); 2371 2372 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 2373 smk_rule_show(s, srp, SMK_LONGLABEL); 2374 2375 return 0; 2376 } 2377 2378 static const struct seq_operations load2_seq_ops = { 2379 .start = load2_seq_start, 2380 .next = load2_seq_next, 2381 .show = load2_seq_show, 2382 .stop = smk_seq_stop, 2383 }; 2384 2385 /** 2386 * smk_open_load2 - open() for /smack/load2 2387 * @inode: inode structure representing file 2388 * @file: "load2" file pointer 2389 * 2390 * For reading, use load2_seq_* seq_file reading operations. 2391 */ 2392 static int smk_open_load2(struct inode *inode, struct file *file) 2393 { 2394 return seq_open(file, &load2_seq_ops); 2395 } 2396 2397 /** 2398 * smk_write_load2 - write() for /smack/load2 2399 * @file: file pointer, not actually used 2400 * @buf: where to get the data from 2401 * @count: bytes sent 2402 * @ppos: where to start - must be 0 2403 * 2404 */ 2405 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 2406 size_t count, loff_t *ppos) 2407 { 2408 /* 2409 * Must have privilege. 2410 */ 2411 if (!smack_privileged(CAP_MAC_ADMIN)) 2412 return -EPERM; 2413 2414 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2415 SMK_LONG_FMT); 2416 } 2417 2418 static const struct file_operations smk_load2_ops = { 2419 .open = smk_open_load2, 2420 .read = seq_read, 2421 .llseek = seq_lseek, 2422 .write = smk_write_load2, 2423 .release = seq_release, 2424 }; 2425 2426 /* 2427 * Seq_file read operations for /smack/load-self2 2428 */ 2429 2430 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 2431 { 2432 struct task_smack *tsp = smack_cred(current_cred()); 2433 2434 return smk_seq_start(s, pos, &tsp->smk_rules); 2435 } 2436 2437 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 2438 { 2439 struct task_smack *tsp = smack_cred(current_cred()); 2440 2441 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2442 } 2443 2444 static int load_self2_seq_show(struct seq_file *s, void *v) 2445 { 2446 struct list_head *list = v; 2447 struct smack_rule *srp = 2448 list_entry_rcu(list, struct smack_rule, list); 2449 2450 smk_rule_show(s, srp, SMK_LONGLABEL); 2451 2452 return 0; 2453 } 2454 2455 static const struct seq_operations load_self2_seq_ops = { 2456 .start = load_self2_seq_start, 2457 .next = load_self2_seq_next, 2458 .show = load_self2_seq_show, 2459 .stop = smk_seq_stop, 2460 }; 2461 2462 /** 2463 * smk_open_load_self2 - open() for /smack/load-self2 2464 * @inode: inode structure representing file 2465 * @file: "load" file pointer 2466 * 2467 * For reading, use load_seq_* seq_file reading operations. 2468 */ 2469 static int smk_open_load_self2(struct inode *inode, struct file *file) 2470 { 2471 return seq_open(file, &load_self2_seq_ops); 2472 } 2473 2474 /** 2475 * smk_write_load_self2 - write() for /smack/load-self2 2476 * @file: file pointer, not actually used 2477 * @buf: where to get the data from 2478 * @count: bytes sent 2479 * @ppos: where to start - must be 0 2480 * 2481 */ 2482 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2483 size_t count, loff_t *ppos) 2484 { 2485 struct task_smack *tsp = smack_cred(current_cred()); 2486 2487 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2488 &tsp->smk_rules_lock, SMK_LONG_FMT); 2489 } 2490 2491 static const struct file_operations smk_load_self2_ops = { 2492 .open = smk_open_load_self2, 2493 .read = seq_read, 2494 .llseek = seq_lseek, 2495 .write = smk_write_load_self2, 2496 .release = seq_release, 2497 }; 2498 2499 /** 2500 * smk_write_access2 - handle access check transaction 2501 * @file: file pointer 2502 * @buf: data from user space 2503 * @count: bytes sent 2504 * @ppos: where to start - must be 0 2505 */ 2506 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2507 size_t count, loff_t *ppos) 2508 { 2509 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2510 } 2511 2512 static const struct file_operations smk_access2_ops = { 2513 .write = smk_write_access2, 2514 .read = simple_transaction_read, 2515 .release = simple_transaction_release, 2516 .llseek = generic_file_llseek, 2517 }; 2518 2519 /** 2520 * smk_write_revoke_subj - write() for /smack/revoke-subject 2521 * @file: file pointer 2522 * @buf: data from user space 2523 * @count: bytes sent 2524 * @ppos: where to start - must be 0 2525 */ 2526 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2527 size_t count, loff_t *ppos) 2528 { 2529 char *data; 2530 const char *cp; 2531 struct smack_known *skp; 2532 struct smack_rule *sp; 2533 struct list_head *rule_list; 2534 struct mutex *rule_lock; 2535 int rc = count; 2536 2537 if (*ppos != 0) 2538 return -EINVAL; 2539 2540 if (!smack_privileged(CAP_MAC_ADMIN)) 2541 return -EPERM; 2542 2543 if (count == 0 || count > SMK_LONGLABEL) 2544 return -EINVAL; 2545 2546 data = memdup_user(buf, count); 2547 if (IS_ERR(data)) 2548 return PTR_ERR(data); 2549 2550 cp = smk_parse_smack(data, count); 2551 if (IS_ERR(cp)) { 2552 rc = PTR_ERR(cp); 2553 goto out_data; 2554 } 2555 2556 skp = smk_find_entry(cp); 2557 if (skp == NULL) 2558 goto out_cp; 2559 2560 rule_list = &skp->smk_rules; 2561 rule_lock = &skp->smk_rules_lock; 2562 2563 mutex_lock(rule_lock); 2564 2565 list_for_each_entry_rcu(sp, rule_list, list) 2566 sp->smk_access = 0; 2567 2568 mutex_unlock(rule_lock); 2569 2570 out_cp: 2571 kfree(cp); 2572 out_data: 2573 kfree(data); 2574 2575 return rc; 2576 } 2577 2578 static const struct file_operations smk_revoke_subj_ops = { 2579 .write = smk_write_revoke_subj, 2580 .read = simple_transaction_read, 2581 .release = simple_transaction_release, 2582 .llseek = generic_file_llseek, 2583 }; 2584 2585 /** 2586 * smk_init_sysfs - initialize /sys/fs/smackfs 2587 * 2588 */ 2589 static int smk_init_sysfs(void) 2590 { 2591 return sysfs_create_mount_point(fs_kobj, "smackfs"); 2592 } 2593 2594 /** 2595 * smk_write_change_rule - write() for /smack/change-rule 2596 * @file: file pointer 2597 * @buf: data from user space 2598 * @count: bytes sent 2599 * @ppos: where to start - must be 0 2600 */ 2601 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2602 size_t count, loff_t *ppos) 2603 { 2604 /* 2605 * Must have privilege. 2606 */ 2607 if (!smack_privileged(CAP_MAC_ADMIN)) 2608 return -EPERM; 2609 2610 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2611 SMK_CHANGE_FMT); 2612 } 2613 2614 static const struct file_operations smk_change_rule_ops = { 2615 .write = smk_write_change_rule, 2616 .read = simple_transaction_read, 2617 .release = simple_transaction_release, 2618 .llseek = generic_file_llseek, 2619 }; 2620 2621 /** 2622 * smk_read_syslog - read() for smackfs/syslog 2623 * @filp: file pointer, not actually used 2624 * @buf: where to put the result 2625 * @cn: maximum to send along 2626 * @ppos: where to start 2627 * 2628 * Returns number of bytes read or error code, as appropriate 2629 */ 2630 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2631 size_t cn, loff_t *ppos) 2632 { 2633 struct smack_known *skp; 2634 ssize_t rc = -EINVAL; 2635 int asize; 2636 2637 if (*ppos != 0) 2638 return 0; 2639 2640 if (smack_syslog_label == NULL) 2641 skp = &smack_known_star; 2642 else 2643 skp = smack_syslog_label; 2644 2645 asize = strlen(skp->smk_known) + 1; 2646 2647 if (cn >= asize) 2648 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2649 asize); 2650 2651 return rc; 2652 } 2653 2654 /** 2655 * smk_write_syslog - write() for smackfs/syslog 2656 * @file: file pointer, not actually used 2657 * @buf: where to get the data from 2658 * @count: bytes sent 2659 * @ppos: where to start 2660 * 2661 * Returns number of bytes written or error code, as appropriate 2662 */ 2663 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2664 size_t count, loff_t *ppos) 2665 { 2666 char *data; 2667 struct smack_known *skp; 2668 int rc = count; 2669 2670 if (!smack_privileged(CAP_MAC_ADMIN)) 2671 return -EPERM; 2672 2673 /* Enough data must be present */ 2674 if (count == 0 || count > PAGE_SIZE) 2675 return -EINVAL; 2676 2677 data = memdup_user_nul(buf, count); 2678 if (IS_ERR(data)) 2679 return PTR_ERR(data); 2680 2681 skp = smk_import_entry(data, count); 2682 if (IS_ERR(skp)) 2683 rc = PTR_ERR(skp); 2684 else 2685 smack_syslog_label = skp; 2686 2687 kfree(data); 2688 return rc; 2689 } 2690 2691 static const struct file_operations smk_syslog_ops = { 2692 .read = smk_read_syslog, 2693 .write = smk_write_syslog, 2694 .llseek = default_llseek, 2695 }; 2696 2697 /* 2698 * Seq_file read operations for /smack/relabel-self 2699 */ 2700 2701 static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos) 2702 { 2703 struct task_smack *tsp = smack_cred(current_cred()); 2704 2705 return smk_seq_start(s, pos, &tsp->smk_relabel); 2706 } 2707 2708 static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2709 { 2710 struct task_smack *tsp = smack_cred(current_cred()); 2711 2712 return smk_seq_next(s, v, pos, &tsp->smk_relabel); 2713 } 2714 2715 static int relabel_self_seq_show(struct seq_file *s, void *v) 2716 { 2717 struct list_head *list = v; 2718 struct smack_known_list_elem *sklep = 2719 list_entry(list, struct smack_known_list_elem, list); 2720 2721 seq_puts(s, sklep->smk_label->smk_known); 2722 seq_putc(s, ' '); 2723 2724 return 0; 2725 } 2726 2727 static const struct seq_operations relabel_self_seq_ops = { 2728 .start = relabel_self_seq_start, 2729 .next = relabel_self_seq_next, 2730 .show = relabel_self_seq_show, 2731 .stop = smk_seq_stop, 2732 }; 2733 2734 /** 2735 * smk_open_relabel_self - open() for /smack/relabel-self 2736 * @inode: inode structure representing file 2737 * @file: "relabel-self" file pointer 2738 * 2739 * Connect our relabel_self_seq_* operations with /smack/relabel-self 2740 * file_operations 2741 */ 2742 static int smk_open_relabel_self(struct inode *inode, struct file *file) 2743 { 2744 return seq_open(file, &relabel_self_seq_ops); 2745 } 2746 2747 /** 2748 * smk_write_relabel_self - write() for /smack/relabel-self 2749 * @file: file pointer, not actually used 2750 * @buf: where to get the data from 2751 * @count: bytes sent 2752 * @ppos: where to start - must be 0 2753 * 2754 */ 2755 static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf, 2756 size_t count, loff_t *ppos) 2757 { 2758 char *data; 2759 int rc; 2760 LIST_HEAD(list_tmp); 2761 2762 /* 2763 * Must have privilege. 2764 */ 2765 if (!smack_privileged(CAP_MAC_ADMIN)) 2766 return -EPERM; 2767 2768 /* 2769 * No partial write. 2770 * Enough data must be present. 2771 */ 2772 if (*ppos != 0) 2773 return -EINVAL; 2774 if (count == 0 || count > PAGE_SIZE) 2775 return -EINVAL; 2776 2777 data = memdup_user_nul(buf, count); 2778 if (IS_ERR(data)) 2779 return PTR_ERR(data); 2780 2781 rc = smk_parse_label_list(data, &list_tmp); 2782 kfree(data); 2783 2784 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2785 struct cred *new; 2786 struct task_smack *tsp; 2787 2788 new = prepare_creds(); 2789 if (!new) { 2790 rc = -ENOMEM; 2791 goto out; 2792 } 2793 tsp = smack_cred(new); 2794 smk_destroy_label_list(&tsp->smk_relabel); 2795 list_splice(&list_tmp, &tsp->smk_relabel); 2796 commit_creds(new); 2797 return count; 2798 } 2799 out: 2800 smk_destroy_label_list(&list_tmp); 2801 return rc; 2802 } 2803 2804 static const struct file_operations smk_relabel_self_ops = { 2805 .open = smk_open_relabel_self, 2806 .read = seq_read, 2807 .llseek = seq_lseek, 2808 .write = smk_write_relabel_self, 2809 .release = seq_release, 2810 }; 2811 2812 /** 2813 * smk_read_ptrace - read() for /smack/ptrace 2814 * @filp: file pointer, not actually used 2815 * @buf: where to put the result 2816 * @count: maximum to send along 2817 * @ppos: where to start 2818 * 2819 * Returns number of bytes read or error code, as appropriate 2820 */ 2821 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2822 size_t count, loff_t *ppos) 2823 { 2824 char temp[32]; 2825 ssize_t rc; 2826 2827 if (*ppos != 0) 2828 return 0; 2829 2830 sprintf(temp, "%d\n", smack_ptrace_rule); 2831 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2832 return rc; 2833 } 2834 2835 /** 2836 * smk_write_ptrace - write() for /smack/ptrace 2837 * @file: file pointer 2838 * @buf: data from user space 2839 * @count: bytes sent 2840 * @ppos: where to start - must be 0 2841 */ 2842 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2843 size_t count, loff_t *ppos) 2844 { 2845 char temp[32]; 2846 int i; 2847 2848 if (!smack_privileged(CAP_MAC_ADMIN)) 2849 return -EPERM; 2850 2851 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2852 return -EINVAL; 2853 2854 if (copy_from_user(temp, buf, count) != 0) 2855 return -EFAULT; 2856 2857 temp[count] = '\0'; 2858 2859 if (sscanf(temp, "%d", &i) != 1) 2860 return -EINVAL; 2861 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2862 return -EINVAL; 2863 smack_ptrace_rule = i; 2864 2865 return count; 2866 } 2867 2868 static const struct file_operations smk_ptrace_ops = { 2869 .write = smk_write_ptrace, 2870 .read = smk_read_ptrace, 2871 .llseek = default_llseek, 2872 }; 2873 2874 /** 2875 * smk_fill_super - fill the smackfs superblock 2876 * @sb: the empty superblock 2877 * @fc: unused 2878 * 2879 * Fill in the well known entries for the smack filesystem 2880 * 2881 * Returns 0 on success, an error code on failure 2882 */ 2883 static int smk_fill_super(struct super_block *sb, struct fs_context *fc) 2884 { 2885 int rc; 2886 2887 static const struct tree_descr smack_files[] = { 2888 [SMK_LOAD] = { 2889 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2890 [SMK_CIPSO] = { 2891 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2892 [SMK_DOI] = { 2893 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2894 [SMK_DIRECT] = { 2895 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2896 [SMK_AMBIENT] = { 2897 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2898 [SMK_NET4ADDR] = { 2899 "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR}, 2900 [SMK_ONLYCAP] = { 2901 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2902 [SMK_LOGGING] = { 2903 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2904 [SMK_LOAD_SELF] = { 2905 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2906 [SMK_ACCESSES] = { 2907 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2908 [SMK_MAPPED] = { 2909 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2910 [SMK_LOAD2] = { 2911 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2912 [SMK_LOAD_SELF2] = { 2913 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2914 [SMK_ACCESS2] = { 2915 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2916 [SMK_CIPSO2] = { 2917 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2918 [SMK_REVOKE_SUBJ] = { 2919 "revoke-subject", &smk_revoke_subj_ops, 2920 S_IRUGO|S_IWUSR}, 2921 [SMK_CHANGE_RULE] = { 2922 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2923 [SMK_SYSLOG] = { 2924 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2925 [SMK_PTRACE] = { 2926 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2927 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2928 [SMK_UNCONFINED] = { 2929 "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR}, 2930 #endif 2931 #if IS_ENABLED(CONFIG_IPV6) 2932 [SMK_NET6ADDR] = { 2933 "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR}, 2934 #endif /* CONFIG_IPV6 */ 2935 [SMK_RELABEL_SELF] = { 2936 "relabel-self", &smk_relabel_self_ops, 2937 S_IRUGO|S_IWUGO}, 2938 /* last one */ 2939 {""} 2940 }; 2941 2942 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2943 if (rc != 0) { 2944 printk(KERN_ERR "%s failed %d while creating inodes\n", 2945 __func__, rc); 2946 return rc; 2947 } 2948 2949 return 0; 2950 } 2951 2952 /** 2953 * smk_get_tree - get the smackfs superblock 2954 * @fc: The mount context, including any options 2955 * 2956 * Just passes everything along. 2957 * 2958 * Returns what the lower level code does. 2959 */ 2960 static int smk_get_tree(struct fs_context *fc) 2961 { 2962 return get_tree_single(fc, smk_fill_super); 2963 } 2964 2965 static const struct fs_context_operations smk_context_ops = { 2966 .get_tree = smk_get_tree, 2967 }; 2968 2969 /** 2970 * smk_init_fs_context - Initialise a filesystem context for smackfs 2971 * @fc: The blank mount context 2972 */ 2973 static int smk_init_fs_context(struct fs_context *fc) 2974 { 2975 fc->ops = &smk_context_ops; 2976 return 0; 2977 } 2978 2979 static struct file_system_type smk_fs_type = { 2980 .name = "smackfs", 2981 .init_fs_context = smk_init_fs_context, 2982 .kill_sb = kill_litter_super, 2983 }; 2984 2985 static struct vfsmount *smackfs_mount; 2986 2987 /** 2988 * init_smk_fs - get the smackfs superblock 2989 * 2990 * register the smackfs 2991 * 2992 * Do not register smackfs if Smack wasn't enabled 2993 * on boot. We can not put this method normally under the 2994 * smack_init() code path since the security subsystem get 2995 * initialized before the vfs caches. 2996 * 2997 * Returns true if we were not chosen on boot or if 2998 * we were chosen and filesystem registration succeeded. 2999 */ 3000 static int __init init_smk_fs(void) 3001 { 3002 int err; 3003 int rc; 3004 3005 if (smack_enabled == 0) 3006 return 0; 3007 3008 err = smk_init_sysfs(); 3009 if (err) 3010 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 3011 3012 err = register_filesystem(&smk_fs_type); 3013 if (!err) { 3014 smackfs_mount = kern_mount(&smk_fs_type); 3015 if (IS_ERR(smackfs_mount)) { 3016 printk(KERN_ERR "smackfs: could not mount!\n"); 3017 err = PTR_ERR(smackfs_mount); 3018 smackfs_mount = NULL; 3019 } 3020 } 3021 3022 smk_cipso_doi(); 3023 smk_unlbl_ambient(NULL); 3024 3025 rc = smack_populate_secattr(&smack_known_floor); 3026 if (err == 0 && rc < 0) 3027 err = rc; 3028 rc = smack_populate_secattr(&smack_known_hat); 3029 if (err == 0 && rc < 0) 3030 err = rc; 3031 rc = smack_populate_secattr(&smack_known_huh); 3032 if (err == 0 && rc < 0) 3033 err = rc; 3034 rc = smack_populate_secattr(&smack_known_star); 3035 if (err == 0 && rc < 0) 3036 err = rc; 3037 rc = smack_populate_secattr(&smack_known_web); 3038 if (err == 0 && rc < 0) 3039 err = rc; 3040 3041 return err; 3042 } 3043 3044 __initcall(init_smk_fs); 3045