1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 4 * 5 * Authors: 6 * Casey Schaufler <casey@schaufler-ca.com> 7 * Ahmed S. Darwish <darwish.07@gmail.com> 8 * 9 * Special thanks to the authors of selinuxfs. 10 * 11 * Karl MacMillan <kmacmillan@tresys.com> 12 * James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/vmalloc.h> 17 #include <linux/security.h> 18 #include <linux/mutex.h> 19 #include <linux/slab.h> 20 #include <net/net_namespace.h> 21 #include <net/cipso_ipv4.h> 22 #include <linux/seq_file.h> 23 #include <linux/ctype.h> 24 #include <linux/audit.h> 25 #include <linux/magic.h> 26 #include <linux/mount.h> 27 #include <linux/fs_context.h> 28 #include "smack.h" 29 30 #define BEBITS (sizeof(__be32) * 8) 31 /* 32 * smackfs pseudo filesystem. 33 */ 34 35 enum smk_inos { 36 SMK_ROOT_INO = 2, 37 SMK_LOAD = 3, /* load policy */ 38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 39 SMK_DOI = 5, /* CIPSO DOI */ 40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 41 SMK_AMBIENT = 7, /* internet ambient label */ 42 SMK_NET4ADDR = 8, /* single label hosts */ 43 SMK_ONLYCAP = 9, /* the only "capable" label */ 44 #ifdef CONFIG_AUDIT 45 SMK_LOGGING = 10, /* logging */ 46 #endif /* CONFIG_AUDIT */ 47 SMK_LOAD_SELF = 11, /* task specific rules */ 48 SMK_ACCESSES = 12, /* access policy */ 49 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 50 SMK_LOAD2 = 14, /* load policy with long labels */ 51 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 52 SMK_ACCESS2 = 16, /* make an access check with long labels */ 53 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 54 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 55 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 56 SMK_SYSLOG = 20, /* change syslog label) */ 57 SMK_PTRACE = 21, /* set ptrace rule */ 58 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 59 SMK_UNCONFINED = 22, /* define an unconfined label */ 60 #endif 61 #if IS_ENABLED(CONFIG_IPV6) 62 SMK_NET6ADDR = 23, /* single label IPv6 hosts */ 63 #endif /* CONFIG_IPV6 */ 64 SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */ 65 }; 66 67 /* 68 * List locks 69 */ 70 static DEFINE_MUTEX(smack_cipso_lock); 71 static DEFINE_MUTEX(smack_ambient_lock); 72 static DEFINE_MUTEX(smk_net4addr_lock); 73 #if IS_ENABLED(CONFIG_IPV6) 74 static DEFINE_MUTEX(smk_net6addr_lock); 75 #endif /* CONFIG_IPV6 */ 76 77 /* 78 * This is the "ambient" label for network traffic. 79 * If it isn't somehow marked, use this. 80 * It can be reset via smackfs/ambient 81 */ 82 struct smack_known *smack_net_ambient; 83 84 /* 85 * This is the level in a CIPSO header that indicates a 86 * smack label is contained directly in the category set. 87 * It can be reset via smackfs/direct 88 */ 89 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 90 91 /* 92 * This is the level in a CIPSO header that indicates a 93 * secid is contained directly in the category set. 94 * It can be reset via smackfs/mapped 95 */ 96 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 97 98 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 99 /* 100 * Allow one label to be unconfined. This is for 101 * debugging and application bring-up purposes only. 102 * It is bad and wrong, but everyone seems to expect 103 * to have it. 104 */ 105 struct smack_known *smack_unconfined; 106 #endif 107 108 /* 109 * If this value is set restrict syslog use to the label specified. 110 * It can be reset via smackfs/syslog 111 */ 112 struct smack_known *smack_syslog_label; 113 114 /* 115 * Ptrace current rule 116 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 117 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 118 * CAP_SYS_PTRACE 119 * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect 120 */ 121 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 122 123 /* 124 * Certain IP addresses may be designated as single label hosts. 125 * Packets are sent there unlabeled, but only from tasks that 126 * can write to the specified label. 127 */ 128 129 LIST_HEAD(smk_net4addr_list); 130 #if IS_ENABLED(CONFIG_IPV6) 131 LIST_HEAD(smk_net6addr_list); 132 #endif /* CONFIG_IPV6 */ 133 134 /* 135 * Rule lists are maintained for each label. 136 */ 137 struct smack_parsed_rule { 138 struct smack_known *smk_subject; 139 struct smack_known *smk_object; 140 int smk_access1; 141 int smk_access2; 142 }; 143 144 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 145 146 /* 147 * Values for parsing cipso rules 148 * SMK_DIGITLEN: Length of a digit field in a rule. 149 * SMK_CIPSOMIN: Minimum possible cipso rule length. 150 * SMK_CIPSOMAX: Maximum possible cipso rule length. 151 */ 152 #define SMK_DIGITLEN 4 153 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 154 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 155 156 /* 157 * Values for parsing MAC rules 158 * SMK_ACCESS: Maximum possible combination of access permissions 159 * SMK_ACCESSLEN: Maximum length for a rule access field 160 * SMK_LOADLEN: Smack rule length 161 */ 162 #define SMK_OACCESS "rwxa" 163 #define SMK_ACCESS "rwxatl" 164 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 165 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 166 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 167 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 168 169 /* 170 * Strictly for CIPSO level manipulation. 171 * Set the category bit number in a smack label sized buffer. 172 */ 173 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 174 { 175 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 176 return; 177 178 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 179 } 180 181 /** 182 * smk_netlabel_audit_set - fill a netlbl_audit struct 183 * @nap: structure to fill 184 */ 185 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 186 { 187 nap->loginuid = audit_get_loginuid(current); 188 nap->sessionid = audit_get_sessionid(current); 189 nap->prop.smack.skp = smk_of_current(); 190 } 191 192 /* 193 * Value for parsing single label host rules 194 * "1.2.3.4 X" 195 */ 196 #define SMK_NETLBLADDRMIN 9 197 198 /** 199 * smk_set_access - add a rule to the rule list or replace an old rule 200 * @srp: the rule to add or replace 201 * @rule_list: the list of rules 202 * @rule_lock: the rule list lock 203 * 204 * Looks through the current subject/object/access list for 205 * the subject/object pair and replaces the access that was 206 * there. If the pair isn't found add it with the specified 207 * access. 208 * 209 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 210 * during the allocation of the new pair to add. 211 */ 212 static int smk_set_access(struct smack_parsed_rule *srp, 213 struct list_head *rule_list, 214 struct mutex *rule_lock) 215 { 216 struct smack_rule *sp; 217 int found = 0; 218 int rc = 0; 219 220 mutex_lock(rule_lock); 221 222 /* 223 * Because the object label is less likely to match 224 * than the subject label check it first 225 */ 226 list_for_each_entry_rcu(sp, rule_list, list) { 227 if (sp->smk_object == srp->smk_object && 228 sp->smk_subject == srp->smk_subject) { 229 found = 1; 230 sp->smk_access |= srp->smk_access1; 231 sp->smk_access &= ~srp->smk_access2; 232 break; 233 } 234 } 235 236 if (found == 0) { 237 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); 238 if (sp == NULL) { 239 rc = -ENOMEM; 240 goto out; 241 } 242 243 sp->smk_subject = srp->smk_subject; 244 sp->smk_object = srp->smk_object; 245 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 246 247 list_add_rcu(&sp->list, rule_list); 248 } 249 250 out: 251 mutex_unlock(rule_lock); 252 return rc; 253 } 254 255 /** 256 * smk_perm_from_str - parse smack accesses from a text string 257 * @string: a text string that contains a Smack accesses code 258 * 259 * Returns an integer with respective bits set for specified accesses. 260 */ 261 static int smk_perm_from_str(const char *string) 262 { 263 int perm = 0; 264 const char *cp; 265 266 for (cp = string; ; cp++) 267 switch (*cp) { 268 case '-': 269 break; 270 case 'r': 271 case 'R': 272 perm |= MAY_READ; 273 break; 274 case 'w': 275 case 'W': 276 perm |= MAY_WRITE; 277 break; 278 case 'x': 279 case 'X': 280 perm |= MAY_EXEC; 281 break; 282 case 'a': 283 case 'A': 284 perm |= MAY_APPEND; 285 break; 286 case 't': 287 case 'T': 288 perm |= MAY_TRANSMUTE; 289 break; 290 case 'l': 291 case 'L': 292 perm |= MAY_LOCK; 293 break; 294 case 'b': 295 case 'B': 296 perm |= MAY_BRINGUP; 297 break; 298 default: 299 return perm; 300 } 301 } 302 303 /** 304 * smk_fill_rule - Fill Smack rule from strings 305 * @subject: subject label string 306 * @object: object label string 307 * @access1: access string 308 * @access2: string with permissions to be removed 309 * @rule: Smack rule 310 * @import: if non-zero, import labels 311 * @len: label length limit 312 * 313 * Returns 0 on success, appropriate error code on failure. 314 */ 315 static int smk_fill_rule(const char *subject, const char *object, 316 const char *access1, const char *access2, 317 struct smack_parsed_rule *rule, int import, 318 int len) 319 { 320 const char *cp; 321 struct smack_known *skp; 322 323 if (import) { 324 rule->smk_subject = smk_import_entry(subject, len); 325 if (IS_ERR(rule->smk_subject)) 326 return PTR_ERR(rule->smk_subject); 327 328 rule->smk_object = smk_import_entry(object, len); 329 if (IS_ERR(rule->smk_object)) 330 return PTR_ERR(rule->smk_object); 331 } else { 332 cp = smk_parse_smack(subject, len); 333 if (IS_ERR(cp)) 334 return PTR_ERR(cp); 335 skp = smk_find_entry(cp); 336 kfree(cp); 337 if (skp == NULL) 338 return -ENOENT; 339 rule->smk_subject = skp; 340 341 cp = smk_parse_smack(object, len); 342 if (IS_ERR(cp)) 343 return PTR_ERR(cp); 344 skp = smk_find_entry(cp); 345 kfree(cp); 346 if (skp == NULL) 347 return -ENOENT; 348 rule->smk_object = skp; 349 } 350 351 rule->smk_access1 = smk_perm_from_str(access1); 352 if (access2) 353 rule->smk_access2 = smk_perm_from_str(access2); 354 else 355 rule->smk_access2 = ~rule->smk_access1; 356 357 return 0; 358 } 359 360 /** 361 * smk_parse_rule - parse Smack rule from load string 362 * @data: string to be parsed whose size is SMK_LOADLEN 363 * @rule: Smack rule 364 * @import: if non-zero, import labels 365 * 366 * Returns 0 on success, -1 on errors. 367 */ 368 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 369 int import) 370 { 371 int rc; 372 373 rc = smk_fill_rule(data, data + SMK_LABELLEN, 374 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 375 import, SMK_LABELLEN); 376 return rc; 377 } 378 379 /** 380 * smk_parse_long_rule - parse Smack rule from rule string 381 * @data: string to be parsed, null terminated 382 * @rule: Will be filled with Smack parsed rule 383 * @import: if non-zero, import labels 384 * @tokens: number of substrings expected in data 385 * 386 * Returns number of processed bytes on success, -ERRNO on failure. 387 */ 388 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 389 int import, int tokens) 390 { 391 ssize_t cnt = 0; 392 char *tok[4]; 393 int rc; 394 int i; 395 396 /* 397 * Parsing the rule in-place, filling all white-spaces with '\0' 398 */ 399 for (i = 0; i < tokens; ++i) { 400 while (isspace(data[cnt])) 401 data[cnt++] = '\0'; 402 403 if (data[cnt] == '\0') 404 /* Unexpected end of data */ 405 return -EINVAL; 406 407 tok[i] = data + cnt; 408 409 while (data[cnt] && !isspace(data[cnt])) 410 ++cnt; 411 } 412 while (isspace(data[cnt])) 413 data[cnt++] = '\0'; 414 415 while (i < 4) 416 tok[i++] = NULL; 417 418 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 419 return rc == 0 ? cnt : rc; 420 } 421 422 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 423 #define SMK_LONG_FMT 1 /* Variable long label format */ 424 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 425 /** 426 * smk_write_rules_list - write() for any /smack rule file 427 * @file: file pointer, not actually used 428 * @buf: where to get the data from 429 * @count: bytes sent 430 * @ppos: where to start - must be 0 431 * @rule_list: the list of rules to write to 432 * @rule_lock: lock for the rule list 433 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 434 * 435 * Get one smack access rule from above. 436 * The format for SMK_LONG_FMT is: 437 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 438 * The format for SMK_FIXED24_FMT is exactly: 439 * "subject object rwxat" 440 * The format for SMK_CHANGE_FMT is: 441 * "subject<whitespace>object<whitespace> 442 * acc_enable<whitespace>acc_disable[<whitespace>...]" 443 */ 444 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 445 size_t count, loff_t *ppos, 446 struct list_head *rule_list, 447 struct mutex *rule_lock, int format) 448 { 449 struct smack_parsed_rule rule; 450 char *data; 451 int rc; 452 int trunc = 0; 453 int tokens; 454 ssize_t cnt = 0; 455 456 /* 457 * No partial writes. 458 * Enough data must be present. 459 */ 460 if (*ppos != 0) 461 return -EINVAL; 462 463 if (format == SMK_FIXED24_FMT) { 464 /* 465 * Minor hack for backward compatibility 466 */ 467 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 468 return -EINVAL; 469 } else { 470 if (count >= PAGE_SIZE) { 471 count = PAGE_SIZE - 1; 472 trunc = 1; 473 } 474 } 475 476 data = memdup_user_nul(buf, count); 477 if (IS_ERR(data)) 478 return PTR_ERR(data); 479 480 /* 481 * In case of parsing only part of user buf, 482 * avoid having partial rule at the data buffer 483 */ 484 if (trunc) { 485 while (count > 0 && (data[count - 1] != '\n')) 486 --count; 487 if (count == 0) { 488 rc = -EINVAL; 489 goto out; 490 } 491 } 492 493 data[count] = '\0'; 494 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 495 while (cnt < count) { 496 if (format == SMK_FIXED24_FMT) { 497 rc = smk_parse_rule(data, &rule, 1); 498 if (rc < 0) 499 goto out; 500 cnt = count; 501 } else { 502 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 503 if (rc < 0) 504 goto out; 505 if (rc == 0) { 506 rc = -EINVAL; 507 goto out; 508 } 509 cnt += rc; 510 } 511 512 if (rule_list == NULL) 513 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 514 &rule.smk_subject->smk_rules_lock); 515 else 516 rc = smk_set_access(&rule, rule_list, rule_lock); 517 518 if (rc) 519 goto out; 520 } 521 522 rc = cnt; 523 out: 524 kfree(data); 525 return rc; 526 } 527 528 /* 529 * Core logic for smackfs seq list operations. 530 */ 531 532 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 533 struct list_head *head) 534 { 535 struct list_head *list; 536 int i = *pos; 537 538 rcu_read_lock(); 539 for (list = rcu_dereference(list_next_rcu(head)); 540 list != head; 541 list = rcu_dereference(list_next_rcu(list))) { 542 if (i-- == 0) 543 return list; 544 } 545 546 return NULL; 547 } 548 549 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 550 struct list_head *head) 551 { 552 struct list_head *list = v; 553 554 ++*pos; 555 list = rcu_dereference(list_next_rcu(list)); 556 557 return (list == head) ? NULL : list; 558 } 559 560 static void smk_seq_stop(struct seq_file *s, void *v) 561 { 562 rcu_read_unlock(); 563 } 564 565 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 566 { 567 char acc[SMK_NUM_ACCESS_TYPE + 1]; 568 /* 569 * Don't show any rules with label names too long for 570 * interface file (/smack/load or /smack/load2) 571 * because you should expect to be able to write 572 * anything you read back. 573 */ 574 if (strlen(srp->smk_subject->smk_known) >= max || 575 strlen(srp->smk_object->smk_known) >= max) 576 return; 577 578 if (srp->smk_access == 0) 579 return; 580 581 smack_str_from_perm(acc, srp->smk_access); 582 seq_printf(s, "%s %s %s\n", 583 srp->smk_subject->smk_known, 584 srp->smk_object->smk_known, 585 acc); 586 } 587 588 /* 589 * Seq_file read operations for /smack/load 590 */ 591 592 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 593 { 594 return smk_seq_start(s, pos, &smack_known_list); 595 } 596 597 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 598 { 599 return smk_seq_next(s, v, pos, &smack_known_list); 600 } 601 602 static int load_seq_show(struct seq_file *s, void *v) 603 { 604 struct list_head *list = v; 605 struct smack_rule *srp; 606 struct smack_known *skp = 607 list_entry_rcu(list, struct smack_known, list); 608 609 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 610 smk_rule_show(s, srp, SMK_LABELLEN); 611 612 return 0; 613 } 614 615 static const struct seq_operations load_seq_ops = { 616 .start = load2_seq_start, 617 .next = load2_seq_next, 618 .show = load_seq_show, 619 .stop = smk_seq_stop, 620 }; 621 622 /** 623 * smk_open_load - open() for /smack/load 624 * @inode: inode structure representing file 625 * @file: "load" file pointer 626 * 627 * For reading, use load_seq_* seq_file reading operations. 628 */ 629 static int smk_open_load(struct inode *inode, struct file *file) 630 { 631 return seq_open(file, &load_seq_ops); 632 } 633 634 /** 635 * smk_write_load - write() for /smack/load 636 * @file: file pointer, not actually used 637 * @buf: where to get the data from 638 * @count: bytes sent 639 * @ppos: where to start - must be 0 640 * 641 */ 642 static ssize_t smk_write_load(struct file *file, const char __user *buf, 643 size_t count, loff_t *ppos) 644 { 645 /* 646 * Must have privilege. 647 * No partial writes. 648 * Enough data must be present. 649 */ 650 if (!smack_privileged(CAP_MAC_ADMIN)) 651 return -EPERM; 652 653 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 654 SMK_FIXED24_FMT); 655 } 656 657 static const struct file_operations smk_load_ops = { 658 .open = smk_open_load, 659 .read = seq_read, 660 .llseek = seq_lseek, 661 .write = smk_write_load, 662 .release = seq_release, 663 }; 664 665 /** 666 * smk_cipso_doi - initialize the CIPSO domain 667 */ 668 static void smk_cipso_doi(void) 669 { 670 int rc; 671 struct cipso_v4_doi *doip; 672 struct netlbl_audit nai; 673 674 smk_netlabel_audit_set(&nai); 675 676 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 677 if (rc != 0) 678 printk(KERN_WARNING "%s:%d remove rc = %d\n", 679 __func__, __LINE__, rc); 680 681 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL); 682 doip->map.std = NULL; 683 doip->doi = smk_cipso_doi_value; 684 doip->type = CIPSO_V4_MAP_PASS; 685 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 686 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 687 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 688 689 rc = netlbl_cfg_cipsov4_add(doip, &nai); 690 if (rc != 0) { 691 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 692 __func__, __LINE__, rc); 693 kfree(doip); 694 return; 695 } 696 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 697 if (rc != 0) { 698 printk(KERN_WARNING "%s:%d map add rc = %d\n", 699 __func__, __LINE__, rc); 700 netlbl_cfg_cipsov4_del(doip->doi, &nai); 701 return; 702 } 703 } 704 705 /** 706 * smk_unlbl_ambient - initialize the unlabeled domain 707 * @oldambient: previous domain string 708 */ 709 static void smk_unlbl_ambient(char *oldambient) 710 { 711 int rc; 712 struct netlbl_audit nai; 713 714 smk_netlabel_audit_set(&nai); 715 716 if (oldambient != NULL) { 717 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 718 if (rc != 0) 719 printk(KERN_WARNING "%s:%d remove rc = %d\n", 720 __func__, __LINE__, rc); 721 } 722 if (smack_net_ambient == NULL) 723 smack_net_ambient = &smack_known_floor; 724 725 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 726 NULL, NULL, &nai); 727 if (rc != 0) 728 printk(KERN_WARNING "%s:%d add rc = %d\n", 729 __func__, __LINE__, rc); 730 } 731 732 /* 733 * Seq_file read operations for /smack/cipso 734 */ 735 736 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 737 { 738 return smk_seq_start(s, pos, &smack_known_list); 739 } 740 741 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 742 { 743 return smk_seq_next(s, v, pos, &smack_known_list); 744 } 745 746 /* 747 * Print cipso labels in format: 748 * label level[/cat[,cat]] 749 */ 750 static int cipso_seq_show(struct seq_file *s, void *v) 751 { 752 struct list_head *list = v; 753 struct smack_known *skp = 754 list_entry_rcu(list, struct smack_known, list); 755 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 756 char sep = '/'; 757 int i; 758 759 /* 760 * Don't show a label that could not have been set using 761 * /smack/cipso. This is in support of the notion that 762 * anything read from /smack/cipso ought to be writeable 763 * to /smack/cipso. 764 * 765 * /smack/cipso2 should be used instead. 766 */ 767 if (strlen(skp->smk_known) >= SMK_LABELLEN) 768 return 0; 769 770 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 771 772 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 773 i = netlbl_catmap_walk(cmp, i + 1)) { 774 seq_printf(s, "%c%d", sep, i); 775 sep = ','; 776 } 777 778 seq_putc(s, '\n'); 779 780 return 0; 781 } 782 783 static const struct seq_operations cipso_seq_ops = { 784 .start = cipso_seq_start, 785 .next = cipso_seq_next, 786 .show = cipso_seq_show, 787 .stop = smk_seq_stop, 788 }; 789 790 /** 791 * smk_open_cipso - open() for /smack/cipso 792 * @inode: inode structure representing file 793 * @file: "cipso" file pointer 794 * 795 * Connect our cipso_seq_* operations with /smack/cipso 796 * file_operations 797 */ 798 static int smk_open_cipso(struct inode *inode, struct file *file) 799 { 800 return seq_open(file, &cipso_seq_ops); 801 } 802 803 /** 804 * smk_set_cipso - do the work for write() for cipso and cipso2 805 * @file: file pointer, not actually used 806 * @buf: where to get the data from 807 * @count: bytes sent 808 * @ppos: where to start 809 * @format: /smack/cipso or /smack/cipso2 810 * 811 * Accepts only one cipso rule per write call. 812 * Returns number of bytes written or error code, as appropriate 813 */ 814 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 815 size_t count, loff_t *ppos, int format) 816 { 817 struct netlbl_lsm_catmap *old_cat; 818 struct smack_known *skp; 819 struct netlbl_lsm_secattr ncats; 820 char mapcatset[SMK_CIPSOLEN]; 821 int maplevel; 822 unsigned int cat; 823 int catlen; 824 ssize_t rc = -EINVAL; 825 char *data = NULL; 826 char *rule; 827 int ret; 828 int i; 829 830 /* 831 * Must have privilege. 832 * No partial writes. 833 * Enough data must be present. 834 */ 835 if (!smack_privileged(CAP_MAC_ADMIN)) 836 return -EPERM; 837 if (*ppos != 0) 838 return -EINVAL; 839 if (format == SMK_FIXED24_FMT && 840 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 841 return -EINVAL; 842 if (count > PAGE_SIZE) 843 return -EINVAL; 844 845 data = memdup_user_nul(buf, count); 846 if (IS_ERR(data)) 847 return PTR_ERR(data); 848 849 rule = data; 850 /* 851 * Only allow one writer at a time. Writes should be 852 * quite rare and small in any case. 853 */ 854 mutex_lock(&smack_cipso_lock); 855 856 skp = smk_import_entry(rule, 0); 857 if (IS_ERR(skp)) { 858 rc = PTR_ERR(skp); 859 goto out; 860 } 861 862 if (format == SMK_FIXED24_FMT) 863 rule += SMK_LABELLEN; 864 else 865 rule += strlen(skp->smk_known) + 1; 866 867 if (rule > data + count) { 868 rc = -EOVERFLOW; 869 goto out; 870 } 871 872 ret = sscanf(rule, "%d", &maplevel); 873 if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL) 874 goto out; 875 876 rule += SMK_DIGITLEN; 877 if (rule > data + count) { 878 rc = -EOVERFLOW; 879 goto out; 880 } 881 882 ret = sscanf(rule, "%d", &catlen); 883 if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM) 884 goto out; 885 886 if (format == SMK_FIXED24_FMT && 887 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 888 goto out; 889 890 memset(mapcatset, 0, sizeof(mapcatset)); 891 892 for (i = 0; i < catlen; i++) { 893 rule += SMK_DIGITLEN; 894 if (rule > data + count) { 895 rc = -EOVERFLOW; 896 goto out; 897 } 898 ret = sscanf(rule, "%u", &cat); 899 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 900 goto out; 901 902 smack_catset_bit(cat, mapcatset); 903 } 904 905 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 906 if (rc >= 0) { 907 old_cat = skp->smk_netlabel.attr.mls.cat; 908 rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat); 909 if (ncats.attr.mls.cat) 910 skp->smk_netlabel.flags |= NETLBL_SECATTR_MLS_CAT; 911 else 912 skp->smk_netlabel.flags &= ~(u32)NETLBL_SECATTR_MLS_CAT; 913 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 914 synchronize_rcu(); 915 netlbl_catmap_free(old_cat); 916 rc = count; 917 /* 918 * This mapping may have been cached, so clear the cache. 919 */ 920 netlbl_cache_invalidate(); 921 } 922 923 out: 924 mutex_unlock(&smack_cipso_lock); 925 kfree(data); 926 return rc; 927 } 928 929 /** 930 * smk_write_cipso - write() for /smack/cipso 931 * @file: file pointer, not actually used 932 * @buf: where to get the data from 933 * @count: bytes sent 934 * @ppos: where to start 935 * 936 * Accepts only one cipso rule per write call. 937 * Returns number of bytes written or error code, as appropriate 938 */ 939 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 940 size_t count, loff_t *ppos) 941 { 942 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 943 } 944 945 static const struct file_operations smk_cipso_ops = { 946 .open = smk_open_cipso, 947 .read = seq_read, 948 .llseek = seq_lseek, 949 .write = smk_write_cipso, 950 .release = seq_release, 951 }; 952 953 /* 954 * Seq_file read operations for /smack/cipso2 955 */ 956 957 /* 958 * Print cipso labels in format: 959 * label level[/cat[,cat]] 960 */ 961 static int cipso2_seq_show(struct seq_file *s, void *v) 962 { 963 struct list_head *list = v; 964 struct smack_known *skp = 965 list_entry_rcu(list, struct smack_known, list); 966 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 967 char sep = '/'; 968 int i; 969 970 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 971 972 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 973 i = netlbl_catmap_walk(cmp, i + 1)) { 974 seq_printf(s, "%c%d", sep, i); 975 sep = ','; 976 } 977 978 seq_putc(s, '\n'); 979 980 return 0; 981 } 982 983 static const struct seq_operations cipso2_seq_ops = { 984 .start = cipso_seq_start, 985 .next = cipso_seq_next, 986 .show = cipso2_seq_show, 987 .stop = smk_seq_stop, 988 }; 989 990 /** 991 * smk_open_cipso2 - open() for /smack/cipso2 992 * @inode: inode structure representing file 993 * @file: "cipso2" file pointer 994 * 995 * Connect our cipso_seq_* operations with /smack/cipso2 996 * file_operations 997 */ 998 static int smk_open_cipso2(struct inode *inode, struct file *file) 999 { 1000 return seq_open(file, &cipso2_seq_ops); 1001 } 1002 1003 /** 1004 * smk_write_cipso2 - write() for /smack/cipso2 1005 * @file: file pointer, not actually used 1006 * @buf: where to get the data from 1007 * @count: bytes sent 1008 * @ppos: where to start 1009 * 1010 * Accepts only one cipso rule per write call. 1011 * Returns number of bytes written or error code, as appropriate 1012 */ 1013 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1014 size_t count, loff_t *ppos) 1015 { 1016 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1017 } 1018 1019 static const struct file_operations smk_cipso2_ops = { 1020 .open = smk_open_cipso2, 1021 .read = seq_read, 1022 .llseek = seq_lseek, 1023 .write = smk_write_cipso2, 1024 .release = seq_release, 1025 }; 1026 1027 /* 1028 * Seq_file read operations for /smack/netlabel 1029 */ 1030 1031 static void *net4addr_seq_start(struct seq_file *s, loff_t *pos) 1032 { 1033 return smk_seq_start(s, pos, &smk_net4addr_list); 1034 } 1035 1036 static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1037 { 1038 return smk_seq_next(s, v, pos, &smk_net4addr_list); 1039 } 1040 1041 /* 1042 * Print host/label pairs 1043 */ 1044 static int net4addr_seq_show(struct seq_file *s, void *v) 1045 { 1046 struct list_head *list = v; 1047 struct smk_net4addr *skp = 1048 list_entry_rcu(list, struct smk_net4addr, list); 1049 char *kp = SMACK_CIPSO_OPTION; 1050 1051 if (skp->smk_label != NULL) 1052 kp = skp->smk_label->smk_known; 1053 seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr, 1054 skp->smk_masks, kp); 1055 1056 return 0; 1057 } 1058 1059 static const struct seq_operations net4addr_seq_ops = { 1060 .start = net4addr_seq_start, 1061 .next = net4addr_seq_next, 1062 .show = net4addr_seq_show, 1063 .stop = smk_seq_stop, 1064 }; 1065 1066 /** 1067 * smk_open_net4addr - open() for /smack/netlabel 1068 * @inode: inode structure representing file 1069 * @file: "netlabel" file pointer 1070 * 1071 * Connect our net4addr_seq_* operations with /smack/netlabel 1072 * file_operations 1073 */ 1074 static int smk_open_net4addr(struct inode *inode, struct file *file) 1075 { 1076 return seq_open(file, &net4addr_seq_ops); 1077 } 1078 1079 /** 1080 * smk_net4addr_insert 1081 * @new : netlabel to insert 1082 * 1083 * This helper insert netlabel in the smack_net4addrs list 1084 * sorted by netmask length (longest to smallest) 1085 * locked by &smk_net4addr_lock in smk_write_net4addr 1086 * 1087 */ 1088 static void smk_net4addr_insert(struct smk_net4addr *new) 1089 { 1090 struct smk_net4addr *m; 1091 struct smk_net4addr *m_next; 1092 1093 if (list_empty(&smk_net4addr_list)) { 1094 list_add_rcu(&new->list, &smk_net4addr_list); 1095 return; 1096 } 1097 1098 m = list_entry_rcu(smk_net4addr_list.next, 1099 struct smk_net4addr, list); 1100 1101 /* the comparison '>' is a bit hacky, but works */ 1102 if (new->smk_masks > m->smk_masks) { 1103 list_add_rcu(&new->list, &smk_net4addr_list); 1104 return; 1105 } 1106 1107 list_for_each_entry_rcu(m, &smk_net4addr_list, list) { 1108 if (list_is_last(&m->list, &smk_net4addr_list)) { 1109 list_add_rcu(&new->list, &m->list); 1110 return; 1111 } 1112 m_next = list_entry_rcu(m->list.next, 1113 struct smk_net4addr, list); 1114 if (new->smk_masks > m_next->smk_masks) { 1115 list_add_rcu(&new->list, &m->list); 1116 return; 1117 } 1118 } 1119 } 1120 1121 1122 /** 1123 * smk_write_net4addr - write() for /smack/netlabel 1124 * @file: file pointer, not actually used 1125 * @buf: where to get the data from 1126 * @count: bytes sent 1127 * @ppos: where to start 1128 * 1129 * Accepts only one net4addr per write call. 1130 * Returns number of bytes written or error code, as appropriate 1131 */ 1132 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 1133 size_t count, loff_t *ppos) 1134 { 1135 struct smk_net4addr *snp; 1136 struct sockaddr_in newname; 1137 char *smack; 1138 struct smack_known *skp = NULL; 1139 char *data; 1140 char *host = (char *)&newname.sin_addr.s_addr; 1141 int rc; 1142 struct netlbl_audit audit_info; 1143 struct in_addr mask; 1144 unsigned int m; 1145 unsigned int masks; 1146 int found; 1147 u32 mask_bits = (1<<31); 1148 __be32 nsa; 1149 u32 temp_mask; 1150 1151 /* 1152 * Must have privilege. 1153 * No partial writes. 1154 * Enough data must be present. 1155 * "<addr/mask, as a.b.c.d/e><space><label>" 1156 * "<addr, as a.b.c.d><space><label>" 1157 */ 1158 if (!smack_privileged(CAP_MAC_ADMIN)) 1159 return -EPERM; 1160 if (*ppos != 0) 1161 return -EINVAL; 1162 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1163 return -EINVAL; 1164 1165 data = memdup_user_nul(buf, count); 1166 if (IS_ERR(data)) 1167 return PTR_ERR(data); 1168 1169 smack = kzalloc(count + 1, GFP_KERNEL); 1170 if (smack == NULL) { 1171 rc = -ENOMEM; 1172 goto free_data_out; 1173 } 1174 1175 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1176 &host[0], &host[1], &host[2], &host[3], &masks, smack); 1177 if (rc != 6) { 1178 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1179 &host[0], &host[1], &host[2], &host[3], smack); 1180 if (rc != 5) { 1181 rc = -EINVAL; 1182 goto free_out; 1183 } 1184 masks = 32; 1185 } 1186 if (masks > BEBITS) { 1187 rc = -EINVAL; 1188 goto free_out; 1189 } 1190 1191 /* 1192 * If smack begins with '-', it is an option, don't import it 1193 */ 1194 if (smack[0] != '-') { 1195 skp = smk_import_entry(smack, 0); 1196 if (IS_ERR(skp)) { 1197 rc = PTR_ERR(skp); 1198 goto free_out; 1199 } 1200 } else { 1201 /* 1202 * Only the -CIPSO option is supported for IPv4 1203 */ 1204 if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) { 1205 rc = -EINVAL; 1206 goto free_out; 1207 } 1208 } 1209 1210 for (m = masks, temp_mask = 0; m > 0; m--) { 1211 temp_mask |= mask_bits; 1212 mask_bits >>= 1; 1213 } 1214 mask.s_addr = cpu_to_be32(temp_mask); 1215 1216 newname.sin_addr.s_addr &= mask.s_addr; 1217 /* 1218 * Only allow one writer at a time. Writes should be 1219 * quite rare and small in any case. 1220 */ 1221 mutex_lock(&smk_net4addr_lock); 1222 1223 nsa = newname.sin_addr.s_addr; 1224 /* try to find if the prefix is already in the list */ 1225 found = 0; 1226 list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { 1227 if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) { 1228 found = 1; 1229 break; 1230 } 1231 } 1232 smk_netlabel_audit_set(&audit_info); 1233 1234 if (found == 0) { 1235 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1236 if (snp == NULL) 1237 rc = -ENOMEM; 1238 else { 1239 rc = 0; 1240 snp->smk_host.s_addr = newname.sin_addr.s_addr; 1241 snp->smk_mask.s_addr = mask.s_addr; 1242 snp->smk_label = skp; 1243 snp->smk_masks = masks; 1244 smk_net4addr_insert(snp); 1245 } 1246 } else { 1247 /* 1248 * Delete the unlabeled entry, only if the previous label 1249 * wasn't the special CIPSO option 1250 */ 1251 if (snp->smk_label != NULL) 1252 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1253 &snp->smk_host, &snp->smk_mask, 1254 PF_INET, &audit_info); 1255 else 1256 rc = 0; 1257 snp->smk_label = skp; 1258 } 1259 1260 /* 1261 * Now tell netlabel about the single label nature of 1262 * this host so that incoming packets get labeled. 1263 * but only if we didn't get the special CIPSO option 1264 */ 1265 if (rc == 0 && skp != NULL) 1266 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1267 &snp->smk_host, &snp->smk_mask, PF_INET, 1268 snp->smk_label->smk_secid, &audit_info); 1269 1270 if (rc == 0) 1271 rc = count; 1272 1273 mutex_unlock(&smk_net4addr_lock); 1274 1275 free_out: 1276 kfree(smack); 1277 free_data_out: 1278 kfree(data); 1279 1280 return rc; 1281 } 1282 1283 static const struct file_operations smk_net4addr_ops = { 1284 .open = smk_open_net4addr, 1285 .read = seq_read, 1286 .llseek = seq_lseek, 1287 .write = smk_write_net4addr, 1288 .release = seq_release, 1289 }; 1290 1291 #if IS_ENABLED(CONFIG_IPV6) 1292 /* 1293 * Seq_file read operations for /smack/netlabel6 1294 */ 1295 1296 static void *net6addr_seq_start(struct seq_file *s, loff_t *pos) 1297 { 1298 return smk_seq_start(s, pos, &smk_net6addr_list); 1299 } 1300 1301 static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1302 { 1303 return smk_seq_next(s, v, pos, &smk_net6addr_list); 1304 } 1305 1306 /* 1307 * Print host/label pairs 1308 */ 1309 static int net6addr_seq_show(struct seq_file *s, void *v) 1310 { 1311 struct list_head *list = v; 1312 struct smk_net6addr *skp = 1313 list_entry(list, struct smk_net6addr, list); 1314 1315 if (skp->smk_label != NULL) 1316 seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks, 1317 skp->smk_label->smk_known); 1318 1319 return 0; 1320 } 1321 1322 static const struct seq_operations net6addr_seq_ops = { 1323 .start = net6addr_seq_start, 1324 .next = net6addr_seq_next, 1325 .show = net6addr_seq_show, 1326 .stop = smk_seq_stop, 1327 }; 1328 1329 /** 1330 * smk_open_net6addr - open() for /smack/netlabel 1331 * @inode: inode structure representing file 1332 * @file: "netlabel" file pointer 1333 * 1334 * Connect our net6addr_seq_* operations with /smack/netlabel 1335 * file_operations 1336 */ 1337 static int smk_open_net6addr(struct inode *inode, struct file *file) 1338 { 1339 return seq_open(file, &net6addr_seq_ops); 1340 } 1341 1342 /** 1343 * smk_net6addr_insert 1344 * @new : entry to insert 1345 * 1346 * This inserts an entry in the smack_net6addrs list 1347 * sorted by netmask length (longest to smallest) 1348 * locked by &smk_net6addr_lock in smk_write_net6addr 1349 * 1350 */ 1351 static void smk_net6addr_insert(struct smk_net6addr *new) 1352 { 1353 struct smk_net6addr *m_next; 1354 struct smk_net6addr *m; 1355 1356 if (list_empty(&smk_net6addr_list)) { 1357 list_add_rcu(&new->list, &smk_net6addr_list); 1358 return; 1359 } 1360 1361 m = list_entry_rcu(smk_net6addr_list.next, 1362 struct smk_net6addr, list); 1363 1364 if (new->smk_masks > m->smk_masks) { 1365 list_add_rcu(&new->list, &smk_net6addr_list); 1366 return; 1367 } 1368 1369 list_for_each_entry_rcu(m, &smk_net6addr_list, list) { 1370 if (list_is_last(&m->list, &smk_net6addr_list)) { 1371 list_add_rcu(&new->list, &m->list); 1372 return; 1373 } 1374 m_next = list_entry_rcu(m->list.next, 1375 struct smk_net6addr, list); 1376 if (new->smk_masks > m_next->smk_masks) { 1377 list_add_rcu(&new->list, &m->list); 1378 return; 1379 } 1380 } 1381 } 1382 1383 1384 /** 1385 * smk_write_net6addr - write() for /smack/netlabel 1386 * @file: file pointer, not actually used 1387 * @buf: where to get the data from 1388 * @count: bytes sent 1389 * @ppos: where to start 1390 * 1391 * Accepts only one net6addr per write call. 1392 * Returns number of bytes written or error code, as appropriate 1393 */ 1394 static ssize_t smk_write_net6addr(struct file *file, const char __user *buf, 1395 size_t count, loff_t *ppos) 1396 { 1397 struct smk_net6addr *snp; 1398 struct in6_addr newname; 1399 struct in6_addr fullmask; 1400 struct smack_known *skp = NULL; 1401 char *smack; 1402 char *data; 1403 int rc = 0; 1404 int found = 0; 1405 int i; 1406 unsigned int scanned[8]; 1407 unsigned int m; 1408 unsigned int mask = 128; 1409 1410 /* 1411 * Must have privilege. 1412 * No partial writes. 1413 * Enough data must be present. 1414 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" 1415 * "<addr, as a:b:c:d:e:f:g:h><space><label>" 1416 */ 1417 if (!smack_privileged(CAP_MAC_ADMIN)) 1418 return -EPERM; 1419 if (*ppos != 0) 1420 return -EINVAL; 1421 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1422 return -EINVAL; 1423 1424 data = memdup_user_nul(buf, count); 1425 if (IS_ERR(data)) 1426 return PTR_ERR(data); 1427 1428 smack = kzalloc(count + 1, GFP_KERNEL); 1429 if (smack == NULL) { 1430 rc = -ENOMEM; 1431 goto free_data_out; 1432 } 1433 1434 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", 1435 &scanned[0], &scanned[1], &scanned[2], &scanned[3], 1436 &scanned[4], &scanned[5], &scanned[6], &scanned[7], 1437 &mask, smack); 1438 if (i != 10) { 1439 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", 1440 &scanned[0], &scanned[1], &scanned[2], 1441 &scanned[3], &scanned[4], &scanned[5], 1442 &scanned[6], &scanned[7], smack); 1443 if (i != 9) { 1444 rc = -EINVAL; 1445 goto free_out; 1446 } 1447 } 1448 if (mask > 128) { 1449 rc = -EINVAL; 1450 goto free_out; 1451 } 1452 for (i = 0; i < 8; i++) { 1453 if (scanned[i] > 0xffff) { 1454 rc = -EINVAL; 1455 goto free_out; 1456 } 1457 newname.s6_addr16[i] = htons(scanned[i]); 1458 } 1459 1460 /* 1461 * If smack begins with '-', it is an option, don't import it 1462 */ 1463 if (smack[0] != '-') { 1464 skp = smk_import_entry(smack, 0); 1465 if (IS_ERR(skp)) { 1466 rc = PTR_ERR(skp); 1467 goto free_out; 1468 } 1469 } else { 1470 /* 1471 * Only -DELETE is supported for IPv6 1472 */ 1473 if (strcmp(smack, SMACK_DELETE_OPTION) != 0) { 1474 rc = -EINVAL; 1475 goto free_out; 1476 } 1477 } 1478 1479 for (i = 0, m = mask; i < 8; i++) { 1480 if (m >= 16) { 1481 fullmask.s6_addr16[i] = 0xffff; 1482 m -= 16; 1483 } else if (m > 0) { 1484 fullmask.s6_addr16[i] = (1 << m) - 1; 1485 m = 0; 1486 } else 1487 fullmask.s6_addr16[i] = 0; 1488 newname.s6_addr16[i] &= fullmask.s6_addr16[i]; 1489 } 1490 1491 /* 1492 * Only allow one writer at a time. Writes should be 1493 * quite rare and small in any case. 1494 */ 1495 mutex_lock(&smk_net6addr_lock); 1496 /* 1497 * Try to find the prefix in the list 1498 */ 1499 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { 1500 if (mask != snp->smk_masks) 1501 continue; 1502 for (found = 1, i = 0; i < 8; i++) { 1503 if (newname.s6_addr16[i] != 1504 snp->smk_host.s6_addr16[i]) { 1505 found = 0; 1506 break; 1507 } 1508 } 1509 if (found == 1) 1510 break; 1511 } 1512 if (found == 0) { 1513 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1514 if (snp == NULL) 1515 rc = -ENOMEM; 1516 else { 1517 snp->smk_host = newname; 1518 snp->smk_mask = fullmask; 1519 snp->smk_masks = mask; 1520 snp->smk_label = skp; 1521 smk_net6addr_insert(snp); 1522 } 1523 } else { 1524 snp->smk_label = skp; 1525 } 1526 1527 if (rc == 0) 1528 rc = count; 1529 1530 mutex_unlock(&smk_net6addr_lock); 1531 1532 free_out: 1533 kfree(smack); 1534 free_data_out: 1535 kfree(data); 1536 1537 return rc; 1538 } 1539 1540 static const struct file_operations smk_net6addr_ops = { 1541 .open = smk_open_net6addr, 1542 .read = seq_read, 1543 .llseek = seq_lseek, 1544 .write = smk_write_net6addr, 1545 .release = seq_release, 1546 }; 1547 #endif /* CONFIG_IPV6 */ 1548 1549 /** 1550 * smk_read_doi - read() for /smack/doi 1551 * @filp: file pointer, not actually used 1552 * @buf: where to put the result 1553 * @count: maximum to send along 1554 * @ppos: where to start 1555 * 1556 * Returns number of bytes read or error code, as appropriate 1557 */ 1558 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1559 size_t count, loff_t *ppos) 1560 { 1561 char temp[80]; 1562 ssize_t rc; 1563 1564 if (*ppos != 0) 1565 return 0; 1566 1567 sprintf(temp, "%d", smk_cipso_doi_value); 1568 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1569 1570 return rc; 1571 } 1572 1573 /** 1574 * smk_write_doi - write() for /smack/doi 1575 * @file: file pointer, not actually used 1576 * @buf: where to get the data from 1577 * @count: bytes sent 1578 * @ppos: where to start 1579 * 1580 * Returns number of bytes written or error code, as appropriate 1581 */ 1582 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1583 size_t count, loff_t *ppos) 1584 { 1585 char temp[80]; 1586 int i; 1587 1588 if (!smack_privileged(CAP_MAC_ADMIN)) 1589 return -EPERM; 1590 1591 if (count >= sizeof(temp) || count == 0) 1592 return -EINVAL; 1593 1594 if (copy_from_user(temp, buf, count) != 0) 1595 return -EFAULT; 1596 1597 temp[count] = '\0'; 1598 1599 if (sscanf(temp, "%d", &i) != 1) 1600 return -EINVAL; 1601 1602 smk_cipso_doi_value = i; 1603 1604 smk_cipso_doi(); 1605 1606 return count; 1607 } 1608 1609 static const struct file_operations smk_doi_ops = { 1610 .read = smk_read_doi, 1611 .write = smk_write_doi, 1612 .llseek = default_llseek, 1613 }; 1614 1615 /** 1616 * smk_read_direct - read() for /smack/direct 1617 * @filp: file pointer, not actually used 1618 * @buf: where to put the result 1619 * @count: maximum to send along 1620 * @ppos: where to start 1621 * 1622 * Returns number of bytes read or error code, as appropriate 1623 */ 1624 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1625 size_t count, loff_t *ppos) 1626 { 1627 char temp[80]; 1628 ssize_t rc; 1629 1630 if (*ppos != 0) 1631 return 0; 1632 1633 sprintf(temp, "%d", smack_cipso_direct); 1634 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1635 1636 return rc; 1637 } 1638 1639 /** 1640 * smk_write_direct - write() for /smack/direct 1641 * @file: file pointer, not actually used 1642 * @buf: where to get the data from 1643 * @count: bytes sent 1644 * @ppos: where to start 1645 * 1646 * Returns number of bytes written or error code, as appropriate 1647 */ 1648 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1649 size_t count, loff_t *ppos) 1650 { 1651 struct smack_known *skp; 1652 char temp[80]; 1653 int i; 1654 1655 if (!smack_privileged(CAP_MAC_ADMIN)) 1656 return -EPERM; 1657 1658 if (count >= sizeof(temp) || count == 0) 1659 return -EINVAL; 1660 1661 if (copy_from_user(temp, buf, count) != 0) 1662 return -EFAULT; 1663 1664 temp[count] = '\0'; 1665 1666 if (sscanf(temp, "%d", &i) != 1) 1667 return -EINVAL; 1668 1669 /* 1670 * Don't do anything if the value hasn't actually changed. 1671 * If it is changing reset the level on entries that were 1672 * set up to be direct when they were created. 1673 */ 1674 if (smack_cipso_direct != i) { 1675 mutex_lock(&smack_known_lock); 1676 list_for_each_entry_rcu(skp, &smack_known_list, list) 1677 if (skp->smk_netlabel.attr.mls.lvl == 1678 smack_cipso_direct) 1679 skp->smk_netlabel.attr.mls.lvl = i; 1680 smack_cipso_direct = i; 1681 mutex_unlock(&smack_known_lock); 1682 } 1683 1684 return count; 1685 } 1686 1687 static const struct file_operations smk_direct_ops = { 1688 .read = smk_read_direct, 1689 .write = smk_write_direct, 1690 .llseek = default_llseek, 1691 }; 1692 1693 /** 1694 * smk_read_mapped - read() for /smack/mapped 1695 * @filp: file pointer, not actually used 1696 * @buf: where to put the result 1697 * @count: maximum to send along 1698 * @ppos: where to start 1699 * 1700 * Returns number of bytes read or error code, as appropriate 1701 */ 1702 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1703 size_t count, loff_t *ppos) 1704 { 1705 char temp[80]; 1706 ssize_t rc; 1707 1708 if (*ppos != 0) 1709 return 0; 1710 1711 sprintf(temp, "%d", smack_cipso_mapped); 1712 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1713 1714 return rc; 1715 } 1716 1717 /** 1718 * smk_write_mapped - write() for /smack/mapped 1719 * @file: file pointer, not actually used 1720 * @buf: where to get the data from 1721 * @count: bytes sent 1722 * @ppos: where to start 1723 * 1724 * Returns number of bytes written or error code, as appropriate 1725 */ 1726 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1727 size_t count, loff_t *ppos) 1728 { 1729 struct smack_known *skp; 1730 char temp[80]; 1731 int i; 1732 1733 if (!smack_privileged(CAP_MAC_ADMIN)) 1734 return -EPERM; 1735 1736 if (count >= sizeof(temp) || count == 0) 1737 return -EINVAL; 1738 1739 if (copy_from_user(temp, buf, count) != 0) 1740 return -EFAULT; 1741 1742 temp[count] = '\0'; 1743 1744 if (sscanf(temp, "%d", &i) != 1) 1745 return -EINVAL; 1746 1747 /* 1748 * Don't do anything if the value hasn't actually changed. 1749 * If it is changing reset the level on entries that were 1750 * set up to be mapped when they were created. 1751 */ 1752 if (smack_cipso_mapped != i) { 1753 mutex_lock(&smack_known_lock); 1754 list_for_each_entry_rcu(skp, &smack_known_list, list) 1755 if (skp->smk_netlabel.attr.mls.lvl == 1756 smack_cipso_mapped) 1757 skp->smk_netlabel.attr.mls.lvl = i; 1758 smack_cipso_mapped = i; 1759 mutex_unlock(&smack_known_lock); 1760 } 1761 1762 return count; 1763 } 1764 1765 static const struct file_operations smk_mapped_ops = { 1766 .read = smk_read_mapped, 1767 .write = smk_write_mapped, 1768 .llseek = default_llseek, 1769 }; 1770 1771 /** 1772 * smk_read_ambient - read() for /smack/ambient 1773 * @filp: file pointer, not actually used 1774 * @buf: where to put the result 1775 * @cn: maximum to send along 1776 * @ppos: where to start 1777 * 1778 * Returns number of bytes read or error code, as appropriate 1779 */ 1780 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1781 size_t cn, loff_t *ppos) 1782 { 1783 ssize_t rc; 1784 int asize; 1785 1786 if (*ppos != 0) 1787 return 0; 1788 /* 1789 * Being careful to avoid a problem in the case where 1790 * smack_net_ambient gets changed in midstream. 1791 */ 1792 mutex_lock(&smack_ambient_lock); 1793 1794 asize = strlen(smack_net_ambient->smk_known) + 1; 1795 1796 if (cn >= asize) 1797 rc = simple_read_from_buffer(buf, cn, ppos, 1798 smack_net_ambient->smk_known, 1799 asize); 1800 else 1801 rc = -EINVAL; 1802 1803 mutex_unlock(&smack_ambient_lock); 1804 1805 return rc; 1806 } 1807 1808 /** 1809 * smk_write_ambient - write() for /smack/ambient 1810 * @file: file pointer, not actually used 1811 * @buf: where to get the data from 1812 * @count: bytes sent 1813 * @ppos: where to start 1814 * 1815 * Returns number of bytes written or error code, as appropriate 1816 */ 1817 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1818 size_t count, loff_t *ppos) 1819 { 1820 struct smack_known *skp; 1821 char *oldambient; 1822 char *data; 1823 int rc = count; 1824 1825 if (!smack_privileged(CAP_MAC_ADMIN)) 1826 return -EPERM; 1827 1828 /* Enough data must be present */ 1829 if (count == 0 || count > PAGE_SIZE) 1830 return -EINVAL; 1831 1832 data = memdup_user_nul(buf, count); 1833 if (IS_ERR(data)) 1834 return PTR_ERR(data); 1835 1836 skp = smk_import_entry(data, count); 1837 if (IS_ERR(skp)) { 1838 rc = PTR_ERR(skp); 1839 goto out; 1840 } 1841 1842 mutex_lock(&smack_ambient_lock); 1843 1844 oldambient = smack_net_ambient->smk_known; 1845 smack_net_ambient = skp; 1846 smk_unlbl_ambient(oldambient); 1847 1848 mutex_unlock(&smack_ambient_lock); 1849 1850 out: 1851 kfree(data); 1852 return rc; 1853 } 1854 1855 static const struct file_operations smk_ambient_ops = { 1856 .read = smk_read_ambient, 1857 .write = smk_write_ambient, 1858 .llseek = default_llseek, 1859 }; 1860 1861 /* 1862 * Seq_file operations for /smack/onlycap 1863 */ 1864 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos) 1865 { 1866 return smk_seq_start(s, pos, &smack_onlycap_list); 1867 } 1868 1869 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos) 1870 { 1871 return smk_seq_next(s, v, pos, &smack_onlycap_list); 1872 } 1873 1874 static int onlycap_seq_show(struct seq_file *s, void *v) 1875 { 1876 struct list_head *list = v; 1877 struct smack_known_list_elem *sklep = 1878 list_entry_rcu(list, struct smack_known_list_elem, list); 1879 1880 seq_puts(s, sklep->smk_label->smk_known); 1881 seq_putc(s, ' '); 1882 1883 return 0; 1884 } 1885 1886 static const struct seq_operations onlycap_seq_ops = { 1887 .start = onlycap_seq_start, 1888 .next = onlycap_seq_next, 1889 .show = onlycap_seq_show, 1890 .stop = smk_seq_stop, 1891 }; 1892 1893 static int smk_open_onlycap(struct inode *inode, struct file *file) 1894 { 1895 return seq_open(file, &onlycap_seq_ops); 1896 } 1897 1898 /** 1899 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way 1900 * The caller must hold appropriate mutex to prevent concurrent modifications 1901 * to the public list. 1902 * Private list is assumed to be not accessible to other threads yet. 1903 * 1904 * @public: public list 1905 * @private: private list 1906 */ 1907 static void smk_list_swap_rcu(struct list_head *public, 1908 struct list_head *private) 1909 { 1910 struct list_head *first, *last; 1911 1912 if (list_empty(public)) { 1913 list_splice_init_rcu(private, public, synchronize_rcu); 1914 } else { 1915 /* Remember public list before replacing it */ 1916 first = public->next; 1917 last = public->prev; 1918 1919 /* Publish private list in place of public in RCU-safe way */ 1920 private->prev->next = public; 1921 private->next->prev = public; 1922 rcu_assign_pointer(public->next, private->next); 1923 public->prev = private->prev; 1924 1925 synchronize_rcu(); 1926 1927 /* When all readers are done with the old public list, 1928 * attach it in place of private */ 1929 private->next = first; 1930 private->prev = last; 1931 first->prev = private; 1932 last->next = private; 1933 } 1934 } 1935 1936 /** 1937 * smk_parse_label_list - parse list of Smack labels, separated by spaces 1938 * 1939 * @data: the string to parse 1940 * @list: destination list 1941 * 1942 * Returns zero on success or error code, as appropriate 1943 */ 1944 static int smk_parse_label_list(char *data, struct list_head *list) 1945 { 1946 char *tok; 1947 struct smack_known *skp; 1948 struct smack_known_list_elem *sklep; 1949 1950 while ((tok = strsep(&data, " ")) != NULL) { 1951 if (!*tok) 1952 continue; 1953 1954 skp = smk_import_entry(tok, 0); 1955 if (IS_ERR(skp)) 1956 return PTR_ERR(skp); 1957 1958 sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); 1959 if (sklep == NULL) 1960 return -ENOMEM; 1961 1962 sklep->smk_label = skp; 1963 list_add(&sklep->list, list); 1964 } 1965 1966 return 0; 1967 } 1968 1969 /** 1970 * smk_destroy_label_list - destroy a list of smack_known_list_elem 1971 * @list: header pointer of the list to destroy 1972 */ 1973 void smk_destroy_label_list(struct list_head *list) 1974 { 1975 struct smack_known_list_elem *sklep; 1976 struct smack_known_list_elem *sklep2; 1977 1978 list_for_each_entry_safe(sklep, sklep2, list, list) 1979 kfree(sklep); 1980 1981 INIT_LIST_HEAD(list); 1982 } 1983 1984 /** 1985 * smk_write_onlycap - write() for smackfs/onlycap 1986 * @file: file pointer, not actually used 1987 * @buf: where to get the data from 1988 * @count: bytes sent 1989 * @ppos: where to start 1990 * 1991 * Returns number of bytes written or error code, as appropriate 1992 */ 1993 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 1994 size_t count, loff_t *ppos) 1995 { 1996 char *data; 1997 LIST_HEAD(list_tmp); 1998 int rc; 1999 2000 if (!smack_privileged(CAP_MAC_ADMIN)) 2001 return -EPERM; 2002 2003 if (count > PAGE_SIZE) 2004 return -EINVAL; 2005 2006 data = memdup_user_nul(buf, count); 2007 if (IS_ERR(data)) 2008 return PTR_ERR(data); 2009 2010 rc = smk_parse_label_list(data, &list_tmp); 2011 kfree(data); 2012 2013 /* 2014 * Clear the smack_onlycap on invalid label errors. This means 2015 * that we can pass a null string to unset the onlycap value. 2016 * 2017 * Importing will also reject a label beginning with '-', 2018 * so "-usecapabilities" will also work. 2019 * 2020 * But do so only on invalid label, not on system errors. 2021 * The invalid label must be first to count as clearing attempt. 2022 */ 2023 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2024 mutex_lock(&smack_onlycap_lock); 2025 smk_list_swap_rcu(&smack_onlycap_list, &list_tmp); 2026 mutex_unlock(&smack_onlycap_lock); 2027 rc = count; 2028 } 2029 2030 smk_destroy_label_list(&list_tmp); 2031 2032 return rc; 2033 } 2034 2035 static const struct file_operations smk_onlycap_ops = { 2036 .open = smk_open_onlycap, 2037 .read = seq_read, 2038 .write = smk_write_onlycap, 2039 .llseek = seq_lseek, 2040 .release = seq_release, 2041 }; 2042 2043 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2044 /** 2045 * smk_read_unconfined - read() for smackfs/unconfined 2046 * @filp: file pointer, not actually used 2047 * @buf: where to put the result 2048 * @cn: maximum to send along 2049 * @ppos: where to start 2050 * 2051 * Returns number of bytes read or error code, as appropriate 2052 */ 2053 static ssize_t smk_read_unconfined(struct file *filp, char __user *buf, 2054 size_t cn, loff_t *ppos) 2055 { 2056 char *smack = ""; 2057 ssize_t rc = -EINVAL; 2058 int asize; 2059 2060 if (*ppos != 0) 2061 return 0; 2062 2063 if (smack_unconfined != NULL) 2064 smack = smack_unconfined->smk_known; 2065 2066 asize = strlen(smack) + 1; 2067 2068 if (cn >= asize) 2069 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 2070 2071 return rc; 2072 } 2073 2074 /** 2075 * smk_write_unconfined - write() for smackfs/unconfined 2076 * @file: file pointer, not actually used 2077 * @buf: where to get the data from 2078 * @count: bytes sent 2079 * @ppos: where to start 2080 * 2081 * Returns number of bytes written or error code, as appropriate 2082 */ 2083 static ssize_t smk_write_unconfined(struct file *file, const char __user *buf, 2084 size_t count, loff_t *ppos) 2085 { 2086 char *data; 2087 struct smack_known *skp; 2088 int rc = count; 2089 2090 if (!smack_privileged(CAP_MAC_ADMIN)) 2091 return -EPERM; 2092 2093 if (count > PAGE_SIZE) 2094 return -EINVAL; 2095 2096 data = memdup_user_nul(buf, count); 2097 if (IS_ERR(data)) 2098 return PTR_ERR(data); 2099 2100 /* 2101 * Clear the smack_unconfined on invalid label errors. This means 2102 * that we can pass a null string to unset the unconfined value. 2103 * 2104 * Importing will also reject a label beginning with '-', 2105 * so "-confine" will also work. 2106 * 2107 * But do so only on invalid label, not on system errors. 2108 */ 2109 skp = smk_import_entry(data, count); 2110 if (PTR_ERR(skp) == -EINVAL) 2111 skp = NULL; 2112 else if (IS_ERR(skp)) { 2113 rc = PTR_ERR(skp); 2114 goto freeout; 2115 } 2116 2117 smack_unconfined = skp; 2118 2119 freeout: 2120 kfree(data); 2121 return rc; 2122 } 2123 2124 static const struct file_operations smk_unconfined_ops = { 2125 .read = smk_read_unconfined, 2126 .write = smk_write_unconfined, 2127 .llseek = default_llseek, 2128 }; 2129 #endif /* CONFIG_SECURITY_SMACK_BRINGUP */ 2130 2131 #ifdef CONFIG_AUDIT 2132 /** 2133 * smk_read_logging - read() for /smack/logging 2134 * @filp: file pointer, not actually used 2135 * @buf: where to put the result 2136 * @count: maximum to send along 2137 * @ppos: where to start 2138 * 2139 * Returns number of bytes read or error code, as appropriate 2140 */ 2141 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 2142 size_t count, loff_t *ppos) 2143 { 2144 char temp[32]; 2145 ssize_t rc; 2146 2147 if (*ppos != 0) 2148 return 0; 2149 2150 sprintf(temp, "%d\n", log_policy); 2151 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2152 return rc; 2153 } 2154 2155 /** 2156 * smk_write_logging - write() for /smack/logging 2157 * @file: file pointer, not actually used 2158 * @buf: where to get the data from 2159 * @count: bytes sent 2160 * @ppos: where to start 2161 * 2162 * Returns number of bytes written or error code, as appropriate 2163 */ 2164 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 2165 size_t count, loff_t *ppos) 2166 { 2167 char temp[32]; 2168 int i; 2169 2170 if (!smack_privileged(CAP_MAC_ADMIN)) 2171 return -EPERM; 2172 2173 if (count >= sizeof(temp) || count == 0) 2174 return -EINVAL; 2175 2176 if (copy_from_user(temp, buf, count) != 0) 2177 return -EFAULT; 2178 2179 temp[count] = '\0'; 2180 2181 if (sscanf(temp, "%d", &i) != 1) 2182 return -EINVAL; 2183 if (i < 0 || i > 3) 2184 return -EINVAL; 2185 log_policy = i; 2186 return count; 2187 } 2188 2189 2190 2191 static const struct file_operations smk_logging_ops = { 2192 .read = smk_read_logging, 2193 .write = smk_write_logging, 2194 .llseek = default_llseek, 2195 }; 2196 #endif /* CONFIG_AUDIT */ 2197 2198 /* 2199 * Seq_file read operations for /smack/load-self 2200 */ 2201 2202 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 2203 { 2204 struct task_smack *tsp = smack_cred(current_cred()); 2205 2206 return smk_seq_start(s, pos, &tsp->smk_rules); 2207 } 2208 2209 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2210 { 2211 struct task_smack *tsp = smack_cred(current_cred()); 2212 2213 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2214 } 2215 2216 static int load_self_seq_show(struct seq_file *s, void *v) 2217 { 2218 struct list_head *list = v; 2219 struct smack_rule *srp = 2220 list_entry_rcu(list, struct smack_rule, list); 2221 2222 smk_rule_show(s, srp, SMK_LABELLEN); 2223 2224 return 0; 2225 } 2226 2227 static const struct seq_operations load_self_seq_ops = { 2228 .start = load_self_seq_start, 2229 .next = load_self_seq_next, 2230 .show = load_self_seq_show, 2231 .stop = smk_seq_stop, 2232 }; 2233 2234 2235 /** 2236 * smk_open_load_self - open() for /smack/load-self2 2237 * @inode: inode structure representing file 2238 * @file: "load" file pointer 2239 * 2240 * For reading, use load_seq_* seq_file reading operations. 2241 */ 2242 static int smk_open_load_self(struct inode *inode, struct file *file) 2243 { 2244 return seq_open(file, &load_self_seq_ops); 2245 } 2246 2247 /** 2248 * smk_write_load_self - write() for /smack/load-self 2249 * @file: file pointer, not actually used 2250 * @buf: where to get the data from 2251 * @count: bytes sent 2252 * @ppos: where to start - must be 0 2253 * 2254 */ 2255 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 2256 size_t count, loff_t *ppos) 2257 { 2258 struct task_smack *tsp = smack_cred(current_cred()); 2259 2260 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2261 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 2262 } 2263 2264 static const struct file_operations smk_load_self_ops = { 2265 .open = smk_open_load_self, 2266 .read = seq_read, 2267 .llseek = seq_lseek, 2268 .write = smk_write_load_self, 2269 .release = seq_release, 2270 }; 2271 2272 /** 2273 * smk_user_access - handle access check transaction 2274 * @file: file pointer 2275 * @buf: data from user space 2276 * @count: bytes sent 2277 * @ppos: where to start - must be 0 2278 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 2279 */ 2280 static ssize_t smk_user_access(struct file *file, const char __user *buf, 2281 size_t count, loff_t *ppos, int format) 2282 { 2283 struct smack_parsed_rule rule; 2284 char *data; 2285 int res; 2286 2287 data = simple_transaction_get(file, buf, count); 2288 if (IS_ERR(data)) 2289 return PTR_ERR(data); 2290 2291 if (format == SMK_FIXED24_FMT) { 2292 if (count < SMK_LOADLEN) 2293 return -EINVAL; 2294 res = smk_parse_rule(data, &rule, 0); 2295 } else { 2296 /* 2297 * simple_transaction_get() returns null-terminated data 2298 */ 2299 res = smk_parse_long_rule(data, &rule, 0, 3); 2300 } 2301 2302 if (res >= 0) 2303 res = smk_access(rule.smk_subject, rule.smk_object, 2304 rule.smk_access1, NULL); 2305 else if (res != -ENOENT) 2306 return res; 2307 2308 /* 2309 * smk_access() can return a value > 0 in the "bringup" case. 2310 */ 2311 data[0] = res >= 0 ? '1' : '0'; 2312 data[1] = '\0'; 2313 2314 simple_transaction_set(file, 2); 2315 2316 if (format == SMK_FIXED24_FMT) 2317 return SMK_LOADLEN; 2318 return count; 2319 } 2320 2321 /** 2322 * smk_write_access - handle access check transaction 2323 * @file: file pointer 2324 * @buf: data from user space 2325 * @count: bytes sent 2326 * @ppos: where to start - must be 0 2327 */ 2328 static ssize_t smk_write_access(struct file *file, const char __user *buf, 2329 size_t count, loff_t *ppos) 2330 { 2331 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 2332 } 2333 2334 static const struct file_operations smk_access_ops = { 2335 .write = smk_write_access, 2336 .read = simple_transaction_read, 2337 .release = simple_transaction_release, 2338 .llseek = generic_file_llseek, 2339 }; 2340 2341 2342 /* 2343 * Seq_file read operations for /smack/load2 2344 */ 2345 2346 static int load2_seq_show(struct seq_file *s, void *v) 2347 { 2348 struct list_head *list = v; 2349 struct smack_rule *srp; 2350 struct smack_known *skp = 2351 list_entry_rcu(list, struct smack_known, list); 2352 2353 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 2354 smk_rule_show(s, srp, SMK_LONGLABEL); 2355 2356 return 0; 2357 } 2358 2359 static const struct seq_operations load2_seq_ops = { 2360 .start = load2_seq_start, 2361 .next = load2_seq_next, 2362 .show = load2_seq_show, 2363 .stop = smk_seq_stop, 2364 }; 2365 2366 /** 2367 * smk_open_load2 - open() for /smack/load2 2368 * @inode: inode structure representing file 2369 * @file: "load2" file pointer 2370 * 2371 * For reading, use load2_seq_* seq_file reading operations. 2372 */ 2373 static int smk_open_load2(struct inode *inode, struct file *file) 2374 { 2375 return seq_open(file, &load2_seq_ops); 2376 } 2377 2378 /** 2379 * smk_write_load2 - write() for /smack/load2 2380 * @file: file pointer, not actually used 2381 * @buf: where to get the data from 2382 * @count: bytes sent 2383 * @ppos: where to start - must be 0 2384 * 2385 */ 2386 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 2387 size_t count, loff_t *ppos) 2388 { 2389 /* 2390 * Must have privilege. 2391 */ 2392 if (!smack_privileged(CAP_MAC_ADMIN)) 2393 return -EPERM; 2394 2395 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2396 SMK_LONG_FMT); 2397 } 2398 2399 static const struct file_operations smk_load2_ops = { 2400 .open = smk_open_load2, 2401 .read = seq_read, 2402 .llseek = seq_lseek, 2403 .write = smk_write_load2, 2404 .release = seq_release, 2405 }; 2406 2407 /* 2408 * Seq_file read operations for /smack/load-self2 2409 */ 2410 2411 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 2412 { 2413 struct task_smack *tsp = smack_cred(current_cred()); 2414 2415 return smk_seq_start(s, pos, &tsp->smk_rules); 2416 } 2417 2418 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 2419 { 2420 struct task_smack *tsp = smack_cred(current_cred()); 2421 2422 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2423 } 2424 2425 static int load_self2_seq_show(struct seq_file *s, void *v) 2426 { 2427 struct list_head *list = v; 2428 struct smack_rule *srp = 2429 list_entry_rcu(list, struct smack_rule, list); 2430 2431 smk_rule_show(s, srp, SMK_LONGLABEL); 2432 2433 return 0; 2434 } 2435 2436 static const struct seq_operations load_self2_seq_ops = { 2437 .start = load_self2_seq_start, 2438 .next = load_self2_seq_next, 2439 .show = load_self2_seq_show, 2440 .stop = smk_seq_stop, 2441 }; 2442 2443 /** 2444 * smk_open_load_self2 - open() for /smack/load-self2 2445 * @inode: inode structure representing file 2446 * @file: "load" file pointer 2447 * 2448 * For reading, use load_seq_* seq_file reading operations. 2449 */ 2450 static int smk_open_load_self2(struct inode *inode, struct file *file) 2451 { 2452 return seq_open(file, &load_self2_seq_ops); 2453 } 2454 2455 /** 2456 * smk_write_load_self2 - write() for /smack/load-self2 2457 * @file: file pointer, not actually used 2458 * @buf: where to get the data from 2459 * @count: bytes sent 2460 * @ppos: where to start - must be 0 2461 * 2462 */ 2463 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2464 size_t count, loff_t *ppos) 2465 { 2466 struct task_smack *tsp = smack_cred(current_cred()); 2467 2468 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2469 &tsp->smk_rules_lock, SMK_LONG_FMT); 2470 } 2471 2472 static const struct file_operations smk_load_self2_ops = { 2473 .open = smk_open_load_self2, 2474 .read = seq_read, 2475 .llseek = seq_lseek, 2476 .write = smk_write_load_self2, 2477 .release = seq_release, 2478 }; 2479 2480 /** 2481 * smk_write_access2 - handle access check transaction 2482 * @file: file pointer 2483 * @buf: data from user space 2484 * @count: bytes sent 2485 * @ppos: where to start - must be 0 2486 */ 2487 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2488 size_t count, loff_t *ppos) 2489 { 2490 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2491 } 2492 2493 static const struct file_operations smk_access2_ops = { 2494 .write = smk_write_access2, 2495 .read = simple_transaction_read, 2496 .release = simple_transaction_release, 2497 .llseek = generic_file_llseek, 2498 }; 2499 2500 /** 2501 * smk_write_revoke_subj - write() for /smack/revoke-subject 2502 * @file: file pointer 2503 * @buf: data from user space 2504 * @count: bytes sent 2505 * @ppos: where to start - must be 0 2506 */ 2507 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2508 size_t count, loff_t *ppos) 2509 { 2510 char *data; 2511 const char *cp; 2512 struct smack_known *skp; 2513 struct smack_rule *sp; 2514 struct list_head *rule_list; 2515 struct mutex *rule_lock; 2516 int rc = count; 2517 2518 if (*ppos != 0) 2519 return -EINVAL; 2520 2521 if (!smack_privileged(CAP_MAC_ADMIN)) 2522 return -EPERM; 2523 2524 if (count == 0 || count > SMK_LONGLABEL) 2525 return -EINVAL; 2526 2527 data = memdup_user(buf, count); 2528 if (IS_ERR(data)) 2529 return PTR_ERR(data); 2530 2531 cp = smk_parse_smack(data, count); 2532 if (IS_ERR(cp)) { 2533 rc = PTR_ERR(cp); 2534 goto out_data; 2535 } 2536 2537 skp = smk_find_entry(cp); 2538 if (skp == NULL) 2539 goto out_cp; 2540 2541 rule_list = &skp->smk_rules; 2542 rule_lock = &skp->smk_rules_lock; 2543 2544 mutex_lock(rule_lock); 2545 2546 list_for_each_entry_rcu(sp, rule_list, list) 2547 sp->smk_access = 0; 2548 2549 mutex_unlock(rule_lock); 2550 2551 out_cp: 2552 kfree(cp); 2553 out_data: 2554 kfree(data); 2555 2556 return rc; 2557 } 2558 2559 static const struct file_operations smk_revoke_subj_ops = { 2560 .write = smk_write_revoke_subj, 2561 .read = simple_transaction_read, 2562 .release = simple_transaction_release, 2563 .llseek = generic_file_llseek, 2564 }; 2565 2566 /** 2567 * smk_init_sysfs - initialize /sys/fs/smackfs 2568 * 2569 */ 2570 static int smk_init_sysfs(void) 2571 { 2572 return sysfs_create_mount_point(fs_kobj, "smackfs"); 2573 } 2574 2575 /** 2576 * smk_write_change_rule - write() for /smack/change-rule 2577 * @file: file pointer 2578 * @buf: data from user space 2579 * @count: bytes sent 2580 * @ppos: where to start - must be 0 2581 */ 2582 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2583 size_t count, loff_t *ppos) 2584 { 2585 /* 2586 * Must have privilege. 2587 */ 2588 if (!smack_privileged(CAP_MAC_ADMIN)) 2589 return -EPERM; 2590 2591 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2592 SMK_CHANGE_FMT); 2593 } 2594 2595 static const struct file_operations smk_change_rule_ops = { 2596 .write = smk_write_change_rule, 2597 .read = simple_transaction_read, 2598 .release = simple_transaction_release, 2599 .llseek = generic_file_llseek, 2600 }; 2601 2602 /** 2603 * smk_read_syslog - read() for smackfs/syslog 2604 * @filp: file pointer, not actually used 2605 * @buf: where to put the result 2606 * @cn: maximum to send along 2607 * @ppos: where to start 2608 * 2609 * Returns number of bytes read or error code, as appropriate 2610 */ 2611 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2612 size_t cn, loff_t *ppos) 2613 { 2614 struct smack_known *skp; 2615 ssize_t rc = -EINVAL; 2616 int asize; 2617 2618 if (*ppos != 0) 2619 return 0; 2620 2621 if (smack_syslog_label == NULL) 2622 skp = &smack_known_star; 2623 else 2624 skp = smack_syslog_label; 2625 2626 asize = strlen(skp->smk_known) + 1; 2627 2628 if (cn >= asize) 2629 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2630 asize); 2631 2632 return rc; 2633 } 2634 2635 /** 2636 * smk_write_syslog - write() for smackfs/syslog 2637 * @file: file pointer, not actually used 2638 * @buf: where to get the data from 2639 * @count: bytes sent 2640 * @ppos: where to start 2641 * 2642 * Returns number of bytes written or error code, as appropriate 2643 */ 2644 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2645 size_t count, loff_t *ppos) 2646 { 2647 char *data; 2648 struct smack_known *skp; 2649 int rc = count; 2650 2651 if (!smack_privileged(CAP_MAC_ADMIN)) 2652 return -EPERM; 2653 2654 /* Enough data must be present */ 2655 if (count == 0 || count > PAGE_SIZE) 2656 return -EINVAL; 2657 2658 data = memdup_user_nul(buf, count); 2659 if (IS_ERR(data)) 2660 return PTR_ERR(data); 2661 2662 skp = smk_import_entry(data, count); 2663 if (IS_ERR(skp)) 2664 rc = PTR_ERR(skp); 2665 else 2666 smack_syslog_label = skp; 2667 2668 kfree(data); 2669 return rc; 2670 } 2671 2672 static const struct file_operations smk_syslog_ops = { 2673 .read = smk_read_syslog, 2674 .write = smk_write_syslog, 2675 .llseek = default_llseek, 2676 }; 2677 2678 /* 2679 * Seq_file read operations for /smack/relabel-self 2680 */ 2681 2682 static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos) 2683 { 2684 struct task_smack *tsp = smack_cred(current_cred()); 2685 2686 return smk_seq_start(s, pos, &tsp->smk_relabel); 2687 } 2688 2689 static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2690 { 2691 struct task_smack *tsp = smack_cred(current_cred()); 2692 2693 return smk_seq_next(s, v, pos, &tsp->smk_relabel); 2694 } 2695 2696 static int relabel_self_seq_show(struct seq_file *s, void *v) 2697 { 2698 struct list_head *list = v; 2699 struct smack_known_list_elem *sklep = 2700 list_entry(list, struct smack_known_list_elem, list); 2701 2702 seq_puts(s, sklep->smk_label->smk_known); 2703 seq_putc(s, ' '); 2704 2705 return 0; 2706 } 2707 2708 static const struct seq_operations relabel_self_seq_ops = { 2709 .start = relabel_self_seq_start, 2710 .next = relabel_self_seq_next, 2711 .show = relabel_self_seq_show, 2712 .stop = smk_seq_stop, 2713 }; 2714 2715 /** 2716 * smk_open_relabel_self - open() for /smack/relabel-self 2717 * @inode: inode structure representing file 2718 * @file: "relabel-self" file pointer 2719 * 2720 * Connect our relabel_self_seq_* operations with /smack/relabel-self 2721 * file_operations 2722 */ 2723 static int smk_open_relabel_self(struct inode *inode, struct file *file) 2724 { 2725 return seq_open(file, &relabel_self_seq_ops); 2726 } 2727 2728 /** 2729 * smk_write_relabel_self - write() for /smack/relabel-self 2730 * @file: file pointer, not actually used 2731 * @buf: where to get the data from 2732 * @count: bytes sent 2733 * @ppos: where to start - must be 0 2734 * 2735 */ 2736 static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf, 2737 size_t count, loff_t *ppos) 2738 { 2739 char *data; 2740 int rc; 2741 LIST_HEAD(list_tmp); 2742 2743 /* 2744 * Must have privilege. 2745 */ 2746 if (!smack_privileged(CAP_MAC_ADMIN)) 2747 return -EPERM; 2748 2749 /* 2750 * No partial write. 2751 * Enough data must be present. 2752 */ 2753 if (*ppos != 0) 2754 return -EINVAL; 2755 if (count == 0 || count > PAGE_SIZE) 2756 return -EINVAL; 2757 2758 data = memdup_user_nul(buf, count); 2759 if (IS_ERR(data)) 2760 return PTR_ERR(data); 2761 2762 rc = smk_parse_label_list(data, &list_tmp); 2763 kfree(data); 2764 2765 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2766 struct cred *new; 2767 struct task_smack *tsp; 2768 2769 new = prepare_creds(); 2770 if (!new) { 2771 rc = -ENOMEM; 2772 goto out; 2773 } 2774 tsp = smack_cred(new); 2775 smk_destroy_label_list(&tsp->smk_relabel); 2776 list_splice(&list_tmp, &tsp->smk_relabel); 2777 commit_creds(new); 2778 return count; 2779 } 2780 out: 2781 smk_destroy_label_list(&list_tmp); 2782 return rc; 2783 } 2784 2785 static const struct file_operations smk_relabel_self_ops = { 2786 .open = smk_open_relabel_self, 2787 .read = seq_read, 2788 .llseek = seq_lseek, 2789 .write = smk_write_relabel_self, 2790 .release = seq_release, 2791 }; 2792 2793 /** 2794 * smk_read_ptrace - read() for /smack/ptrace 2795 * @filp: file pointer, not actually used 2796 * @buf: where to put the result 2797 * @count: maximum to send along 2798 * @ppos: where to start 2799 * 2800 * Returns number of bytes read or error code, as appropriate 2801 */ 2802 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2803 size_t count, loff_t *ppos) 2804 { 2805 char temp[32]; 2806 ssize_t rc; 2807 2808 if (*ppos != 0) 2809 return 0; 2810 2811 sprintf(temp, "%d\n", smack_ptrace_rule); 2812 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2813 return rc; 2814 } 2815 2816 /** 2817 * smk_write_ptrace - write() for /smack/ptrace 2818 * @file: file pointer 2819 * @buf: data from user space 2820 * @count: bytes sent 2821 * @ppos: where to start - must be 0 2822 */ 2823 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2824 size_t count, loff_t *ppos) 2825 { 2826 char temp[32]; 2827 int i; 2828 2829 if (!smack_privileged(CAP_MAC_ADMIN)) 2830 return -EPERM; 2831 2832 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2833 return -EINVAL; 2834 2835 if (copy_from_user(temp, buf, count) != 0) 2836 return -EFAULT; 2837 2838 temp[count] = '\0'; 2839 2840 if (sscanf(temp, "%d", &i) != 1) 2841 return -EINVAL; 2842 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2843 return -EINVAL; 2844 smack_ptrace_rule = i; 2845 2846 return count; 2847 } 2848 2849 static const struct file_operations smk_ptrace_ops = { 2850 .write = smk_write_ptrace, 2851 .read = smk_read_ptrace, 2852 .llseek = default_llseek, 2853 }; 2854 2855 /** 2856 * smk_fill_super - fill the smackfs superblock 2857 * @sb: the empty superblock 2858 * @fc: unused 2859 * 2860 * Fill in the well known entries for the smack filesystem 2861 * 2862 * Returns 0 on success, an error code on failure 2863 */ 2864 static int smk_fill_super(struct super_block *sb, struct fs_context *fc) 2865 { 2866 int rc; 2867 2868 static const struct tree_descr smack_files[] = { 2869 [SMK_LOAD] = { 2870 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2871 [SMK_CIPSO] = { 2872 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2873 [SMK_DOI] = { 2874 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2875 [SMK_DIRECT] = { 2876 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2877 [SMK_AMBIENT] = { 2878 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2879 [SMK_NET4ADDR] = { 2880 "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR}, 2881 [SMK_ONLYCAP] = { 2882 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2883 #ifdef CONFIG_AUDIT 2884 [SMK_LOGGING] = { 2885 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2886 #endif /* CONFIG_AUDIT */ 2887 [SMK_LOAD_SELF] = { 2888 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2889 [SMK_ACCESSES] = { 2890 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2891 [SMK_MAPPED] = { 2892 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2893 [SMK_LOAD2] = { 2894 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2895 [SMK_LOAD_SELF2] = { 2896 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2897 [SMK_ACCESS2] = { 2898 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2899 [SMK_CIPSO2] = { 2900 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2901 [SMK_REVOKE_SUBJ] = { 2902 "revoke-subject", &smk_revoke_subj_ops, 2903 S_IRUGO|S_IWUSR}, 2904 [SMK_CHANGE_RULE] = { 2905 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2906 [SMK_SYSLOG] = { 2907 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2908 [SMK_PTRACE] = { 2909 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2910 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2911 [SMK_UNCONFINED] = { 2912 "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR}, 2913 #endif 2914 #if IS_ENABLED(CONFIG_IPV6) 2915 [SMK_NET6ADDR] = { 2916 "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR}, 2917 #endif /* CONFIG_IPV6 */ 2918 [SMK_RELABEL_SELF] = { 2919 "relabel-self", &smk_relabel_self_ops, 2920 S_IRUGO|S_IWUGO}, 2921 /* last one */ 2922 {""} 2923 }; 2924 2925 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2926 if (rc != 0) { 2927 printk(KERN_ERR "%s failed %d while creating inodes\n", 2928 __func__, rc); 2929 return rc; 2930 } 2931 2932 return 0; 2933 } 2934 2935 /** 2936 * smk_get_tree - get the smackfs superblock 2937 * @fc: The mount context, including any options 2938 * 2939 * Just passes everything along. 2940 * 2941 * Returns what the lower level code does. 2942 */ 2943 static int smk_get_tree(struct fs_context *fc) 2944 { 2945 return get_tree_single(fc, smk_fill_super); 2946 } 2947 2948 static const struct fs_context_operations smk_context_ops = { 2949 .get_tree = smk_get_tree, 2950 }; 2951 2952 /** 2953 * smk_init_fs_context - Initialise a filesystem context for smackfs 2954 * @fc: The blank mount context 2955 */ 2956 static int smk_init_fs_context(struct fs_context *fc) 2957 { 2958 fc->ops = &smk_context_ops; 2959 return 0; 2960 } 2961 2962 static struct file_system_type smk_fs_type = { 2963 .name = "smackfs", 2964 .init_fs_context = smk_init_fs_context, 2965 .kill_sb = kill_litter_super, 2966 }; 2967 2968 static struct vfsmount *smackfs_mount; 2969 2970 /** 2971 * init_smk_fs - get the smackfs superblock 2972 * 2973 * register the smackfs 2974 * 2975 * Do not register smackfs if Smack wasn't enabled 2976 * on boot. We can not put this method normally under the 2977 * smack_init() code path since the security subsystem get 2978 * initialized before the vfs caches. 2979 * 2980 * Returns true if we were not chosen on boot or if 2981 * we were chosen and filesystem registration succeeded. 2982 */ 2983 static int __init init_smk_fs(void) 2984 { 2985 int err; 2986 int rc; 2987 2988 if (smack_enabled == 0) 2989 return 0; 2990 2991 err = smk_init_sysfs(); 2992 if (err) 2993 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 2994 2995 err = register_filesystem(&smk_fs_type); 2996 if (!err) { 2997 smackfs_mount = kern_mount(&smk_fs_type); 2998 if (IS_ERR(smackfs_mount)) { 2999 printk(KERN_ERR "smackfs: could not mount!\n"); 3000 err = PTR_ERR(smackfs_mount); 3001 smackfs_mount = NULL; 3002 } 3003 } 3004 3005 smk_cipso_doi(); 3006 smk_unlbl_ambient(NULL); 3007 3008 rc = smack_populate_secattr(&smack_known_floor); 3009 if (err == 0 && rc < 0) 3010 err = rc; 3011 rc = smack_populate_secattr(&smack_known_hat); 3012 if (err == 0 && rc < 0) 3013 err = rc; 3014 rc = smack_populate_secattr(&smack_known_huh); 3015 if (err == 0 && rc < 0) 3016 err = rc; 3017 rc = smack_populate_secattr(&smack_known_star); 3018 if (err == 0 && rc < 0) 3019 err = rc; 3020 rc = smack_populate_secattr(&smack_known_web); 3021 if (err == 0 && rc < 0) 3022 err = rc; 3023 3024 return err; 3025 } 3026 3027 __initcall(init_smk_fs); 3028