1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 4 * 5 * Authors: 6 * Casey Schaufler <casey@schaufler-ca.com> 7 * Ahmed S. Darwish <darwish.07@gmail.com> 8 * 9 * Special thanks to the authors of selinuxfs. 10 * 11 * Karl MacMillan <kmacmillan@tresys.com> 12 * James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/vmalloc.h> 17 #include <linux/security.h> 18 #include <linux/mutex.h> 19 #include <linux/slab.h> 20 #include <net/net_namespace.h> 21 #include <net/cipso_ipv4.h> 22 #include <linux/seq_file.h> 23 #include <linux/ctype.h> 24 #include <linux/audit.h> 25 #include <linux/magic.h> 26 #include <linux/mount.h> 27 #include <linux/fs_context.h> 28 #include "smack.h" 29 30 #define BEBITS (sizeof(__be32) * 8) 31 /* 32 * smackfs pseudo filesystem. 33 */ 34 35 enum smk_inos { 36 SMK_ROOT_INO = 2, 37 SMK_LOAD = 3, /* load policy */ 38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 39 SMK_DOI = 5, /* CIPSO DOI */ 40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 41 SMK_AMBIENT = 7, /* internet ambient label */ 42 SMK_NET4ADDR = 8, /* single label hosts */ 43 SMK_ONLYCAP = 9, /* the only "capable" label */ 44 SMK_LOGGING = 10, /* logging */ 45 SMK_LOAD_SELF = 11, /* task specific rules */ 46 SMK_ACCESSES = 12, /* access policy */ 47 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 48 SMK_LOAD2 = 14, /* load policy with long labels */ 49 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 50 SMK_ACCESS2 = 16, /* make an access check with long labels */ 51 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 52 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 53 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 54 SMK_SYSLOG = 20, /* change syslog label) */ 55 SMK_PTRACE = 21, /* set ptrace rule */ 56 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 57 SMK_UNCONFINED = 22, /* define an unconfined label */ 58 #endif 59 #if IS_ENABLED(CONFIG_IPV6) 60 SMK_NET6ADDR = 23, /* single label IPv6 hosts */ 61 #endif /* CONFIG_IPV6 */ 62 SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */ 63 }; 64 65 /* 66 * List locks 67 */ 68 static DEFINE_MUTEX(smack_cipso_lock); 69 static DEFINE_MUTEX(smack_ambient_lock); 70 static DEFINE_MUTEX(smk_net4addr_lock); 71 #if IS_ENABLED(CONFIG_IPV6) 72 static DEFINE_MUTEX(smk_net6addr_lock); 73 #endif /* CONFIG_IPV6 */ 74 75 /* 76 * This is the "ambient" label for network traffic. 77 * If it isn't somehow marked, use this. 78 * It can be reset via smackfs/ambient 79 */ 80 struct smack_known *smack_net_ambient; 81 82 /* 83 * This is the level in a CIPSO header that indicates a 84 * smack label is contained directly in the category set. 85 * It can be reset via smackfs/direct 86 */ 87 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 88 89 /* 90 * This is the level in a CIPSO header that indicates a 91 * secid is contained directly in the category set. 92 * It can be reset via smackfs/mapped 93 */ 94 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 95 96 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 97 /* 98 * Allow one label to be unconfined. This is for 99 * debugging and application bring-up purposes only. 100 * It is bad and wrong, but everyone seems to expect 101 * to have it. 102 */ 103 struct smack_known *smack_unconfined; 104 #endif 105 106 /* 107 * If this value is set restrict syslog use to the label specified. 108 * It can be reset via smackfs/syslog 109 */ 110 struct smack_known *smack_syslog_label; 111 112 /* 113 * Ptrace current rule 114 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 115 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 116 * CAP_SYS_PTRACE 117 * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect 118 */ 119 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 120 121 /* 122 * Certain IP addresses may be designated as single label hosts. 123 * Packets are sent there unlabeled, but only from tasks that 124 * can write to the specified label. 125 */ 126 127 LIST_HEAD(smk_net4addr_list); 128 #if IS_ENABLED(CONFIG_IPV6) 129 LIST_HEAD(smk_net6addr_list); 130 #endif /* CONFIG_IPV6 */ 131 132 /* 133 * Rule lists are maintained for each label. 134 */ 135 struct smack_parsed_rule { 136 struct smack_known *smk_subject; 137 struct smack_known *smk_object; 138 int smk_access1; 139 int smk_access2; 140 }; 141 142 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 143 144 /* 145 * Values for parsing cipso rules 146 * SMK_DIGITLEN: Length of a digit field in a rule. 147 * SMK_CIPSOMIN: Minimum possible cipso rule length. 148 * SMK_CIPSOMAX: Maximum possible cipso rule length. 149 */ 150 #define SMK_DIGITLEN 4 151 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 152 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 153 154 /* 155 * Values for parsing MAC rules 156 * SMK_ACCESS: Maximum possible combination of access permissions 157 * SMK_ACCESSLEN: Maximum length for a rule access field 158 * SMK_LOADLEN: Smack rule length 159 */ 160 #define SMK_OACCESS "rwxa" 161 #define SMK_ACCESS "rwxatl" 162 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 163 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 164 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 165 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 166 167 /* 168 * Stricly for CIPSO level manipulation. 169 * Set the category bit number in a smack label sized buffer. 170 */ 171 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 172 { 173 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 174 return; 175 176 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 177 } 178 179 /** 180 * smk_netlabel_audit_set - fill a netlbl_audit struct 181 * @nap: structure to fill 182 */ 183 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 184 { 185 nap->loginuid = audit_get_loginuid(current); 186 nap->sessionid = audit_get_sessionid(current); 187 nap->prop.smack.skp = smk_of_current(); 188 } 189 190 /* 191 * Value for parsing single label host rules 192 * "1.2.3.4 X" 193 */ 194 #define SMK_NETLBLADDRMIN 9 195 196 /** 197 * smk_set_access - add a rule to the rule list or replace an old rule 198 * @srp: the rule to add or replace 199 * @rule_list: the list of rules 200 * @rule_lock: the rule list lock 201 * 202 * Looks through the current subject/object/access list for 203 * the subject/object pair and replaces the access that was 204 * there. If the pair isn't found add it with the specified 205 * access. 206 * 207 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 208 * during the allocation of the new pair to add. 209 */ 210 static int smk_set_access(struct smack_parsed_rule *srp, 211 struct list_head *rule_list, 212 struct mutex *rule_lock) 213 { 214 struct smack_rule *sp; 215 int found = 0; 216 int rc = 0; 217 218 mutex_lock(rule_lock); 219 220 /* 221 * Because the object label is less likely to match 222 * than the subject label check it first 223 */ 224 list_for_each_entry_rcu(sp, rule_list, list) { 225 if (sp->smk_object == srp->smk_object && 226 sp->smk_subject == srp->smk_subject) { 227 found = 1; 228 sp->smk_access |= srp->smk_access1; 229 sp->smk_access &= ~srp->smk_access2; 230 break; 231 } 232 } 233 234 if (found == 0) { 235 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); 236 if (sp == NULL) { 237 rc = -ENOMEM; 238 goto out; 239 } 240 241 sp->smk_subject = srp->smk_subject; 242 sp->smk_object = srp->smk_object; 243 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 244 245 list_add_rcu(&sp->list, rule_list); 246 } 247 248 out: 249 mutex_unlock(rule_lock); 250 return rc; 251 } 252 253 /** 254 * smk_perm_from_str - parse smack accesses from a text string 255 * @string: a text string that contains a Smack accesses code 256 * 257 * Returns an integer with respective bits set for specified accesses. 258 */ 259 static int smk_perm_from_str(const char *string) 260 { 261 int perm = 0; 262 const char *cp; 263 264 for (cp = string; ; cp++) 265 switch (*cp) { 266 case '-': 267 break; 268 case 'r': 269 case 'R': 270 perm |= MAY_READ; 271 break; 272 case 'w': 273 case 'W': 274 perm |= MAY_WRITE; 275 break; 276 case 'x': 277 case 'X': 278 perm |= MAY_EXEC; 279 break; 280 case 'a': 281 case 'A': 282 perm |= MAY_APPEND; 283 break; 284 case 't': 285 case 'T': 286 perm |= MAY_TRANSMUTE; 287 break; 288 case 'l': 289 case 'L': 290 perm |= MAY_LOCK; 291 break; 292 case 'b': 293 case 'B': 294 perm |= MAY_BRINGUP; 295 break; 296 default: 297 return perm; 298 } 299 } 300 301 /** 302 * smk_fill_rule - Fill Smack rule from strings 303 * @subject: subject label string 304 * @object: object label string 305 * @access1: access string 306 * @access2: string with permissions to be removed 307 * @rule: Smack rule 308 * @import: if non-zero, import labels 309 * @len: label length limit 310 * 311 * Returns 0 on success, appropriate error code on failure. 312 */ 313 static int smk_fill_rule(const char *subject, const char *object, 314 const char *access1, const char *access2, 315 struct smack_parsed_rule *rule, int import, 316 int len) 317 { 318 const char *cp; 319 struct smack_known *skp; 320 321 if (import) { 322 rule->smk_subject = smk_import_entry(subject, len); 323 if (IS_ERR(rule->smk_subject)) 324 return PTR_ERR(rule->smk_subject); 325 326 rule->smk_object = smk_import_entry(object, len); 327 if (IS_ERR(rule->smk_object)) 328 return PTR_ERR(rule->smk_object); 329 } else { 330 cp = smk_parse_smack(subject, len); 331 if (IS_ERR(cp)) 332 return PTR_ERR(cp); 333 skp = smk_find_entry(cp); 334 kfree(cp); 335 if (skp == NULL) 336 return -ENOENT; 337 rule->smk_subject = skp; 338 339 cp = smk_parse_smack(object, len); 340 if (IS_ERR(cp)) 341 return PTR_ERR(cp); 342 skp = smk_find_entry(cp); 343 kfree(cp); 344 if (skp == NULL) 345 return -ENOENT; 346 rule->smk_object = skp; 347 } 348 349 rule->smk_access1 = smk_perm_from_str(access1); 350 if (access2) 351 rule->smk_access2 = smk_perm_from_str(access2); 352 else 353 rule->smk_access2 = ~rule->smk_access1; 354 355 return 0; 356 } 357 358 /** 359 * smk_parse_rule - parse Smack rule from load string 360 * @data: string to be parsed whose size is SMK_LOADLEN 361 * @rule: Smack rule 362 * @import: if non-zero, import labels 363 * 364 * Returns 0 on success, -1 on errors. 365 */ 366 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 367 int import) 368 { 369 int rc; 370 371 rc = smk_fill_rule(data, data + SMK_LABELLEN, 372 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 373 import, SMK_LABELLEN); 374 return rc; 375 } 376 377 /** 378 * smk_parse_long_rule - parse Smack rule from rule string 379 * @data: string to be parsed, null terminated 380 * @rule: Will be filled with Smack parsed rule 381 * @import: if non-zero, import labels 382 * @tokens: number of substrings expected in data 383 * 384 * Returns number of processed bytes on success, -ERRNO on failure. 385 */ 386 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 387 int import, int tokens) 388 { 389 ssize_t cnt = 0; 390 char *tok[4]; 391 int rc; 392 int i; 393 394 /* 395 * Parsing the rule in-place, filling all white-spaces with '\0' 396 */ 397 for (i = 0; i < tokens; ++i) { 398 while (isspace(data[cnt])) 399 data[cnt++] = '\0'; 400 401 if (data[cnt] == '\0') 402 /* Unexpected end of data */ 403 return -EINVAL; 404 405 tok[i] = data + cnt; 406 407 while (data[cnt] && !isspace(data[cnt])) 408 ++cnt; 409 } 410 while (isspace(data[cnt])) 411 data[cnt++] = '\0'; 412 413 while (i < 4) 414 tok[i++] = NULL; 415 416 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 417 return rc == 0 ? cnt : rc; 418 } 419 420 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 421 #define SMK_LONG_FMT 1 /* Variable long label format */ 422 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 423 /** 424 * smk_write_rules_list - write() for any /smack rule file 425 * @file: file pointer, not actually used 426 * @buf: where to get the data from 427 * @count: bytes sent 428 * @ppos: where to start - must be 0 429 * @rule_list: the list of rules to write to 430 * @rule_lock: lock for the rule list 431 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 432 * 433 * Get one smack access rule from above. 434 * The format for SMK_LONG_FMT is: 435 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 436 * The format for SMK_FIXED24_FMT is exactly: 437 * "subject object rwxat" 438 * The format for SMK_CHANGE_FMT is: 439 * "subject<whitespace>object<whitespace> 440 * acc_enable<whitespace>acc_disable[<whitespace>...]" 441 */ 442 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 443 size_t count, loff_t *ppos, 444 struct list_head *rule_list, 445 struct mutex *rule_lock, int format) 446 { 447 struct smack_parsed_rule rule; 448 char *data; 449 int rc; 450 int trunc = 0; 451 int tokens; 452 ssize_t cnt = 0; 453 454 /* 455 * No partial writes. 456 * Enough data must be present. 457 */ 458 if (*ppos != 0) 459 return -EINVAL; 460 461 if (format == SMK_FIXED24_FMT) { 462 /* 463 * Minor hack for backward compatibility 464 */ 465 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 466 return -EINVAL; 467 } else { 468 if (count >= PAGE_SIZE) { 469 count = PAGE_SIZE - 1; 470 trunc = 1; 471 } 472 } 473 474 data = memdup_user_nul(buf, count); 475 if (IS_ERR(data)) 476 return PTR_ERR(data); 477 478 /* 479 * In case of parsing only part of user buf, 480 * avoid having partial rule at the data buffer 481 */ 482 if (trunc) { 483 while (count > 0 && (data[count - 1] != '\n')) 484 --count; 485 if (count == 0) { 486 rc = -EINVAL; 487 goto out; 488 } 489 } 490 491 data[count] = '\0'; 492 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 493 while (cnt < count) { 494 if (format == SMK_FIXED24_FMT) { 495 rc = smk_parse_rule(data, &rule, 1); 496 if (rc < 0) 497 goto out; 498 cnt = count; 499 } else { 500 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 501 if (rc < 0) 502 goto out; 503 if (rc == 0) { 504 rc = -EINVAL; 505 goto out; 506 } 507 cnt += rc; 508 } 509 510 if (rule_list == NULL) 511 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 512 &rule.smk_subject->smk_rules_lock); 513 else 514 rc = smk_set_access(&rule, rule_list, rule_lock); 515 516 if (rc) 517 goto out; 518 } 519 520 rc = cnt; 521 out: 522 kfree(data); 523 return rc; 524 } 525 526 /* 527 * Core logic for smackfs seq list operations. 528 */ 529 530 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 531 struct list_head *head) 532 { 533 struct list_head *list; 534 int i = *pos; 535 536 rcu_read_lock(); 537 for (list = rcu_dereference(list_next_rcu(head)); 538 list != head; 539 list = rcu_dereference(list_next_rcu(list))) { 540 if (i-- == 0) 541 return list; 542 } 543 544 return NULL; 545 } 546 547 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 548 struct list_head *head) 549 { 550 struct list_head *list = v; 551 552 ++*pos; 553 list = rcu_dereference(list_next_rcu(list)); 554 555 return (list == head) ? NULL : list; 556 } 557 558 static void smk_seq_stop(struct seq_file *s, void *v) 559 { 560 rcu_read_unlock(); 561 } 562 563 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 564 { 565 char acc[SMK_NUM_ACCESS_TYPE + 1]; 566 /* 567 * Don't show any rules with label names too long for 568 * interface file (/smack/load or /smack/load2) 569 * because you should expect to be able to write 570 * anything you read back. 571 */ 572 if (strlen(srp->smk_subject->smk_known) >= max || 573 strlen(srp->smk_object->smk_known) >= max) 574 return; 575 576 if (srp->smk_access == 0) 577 return; 578 579 smack_str_from_perm(acc, srp->smk_access); 580 seq_printf(s, "%s %s %s\n", 581 srp->smk_subject->smk_known, 582 srp->smk_object->smk_known, 583 acc); 584 } 585 586 /* 587 * Seq_file read operations for /smack/load 588 */ 589 590 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 591 { 592 return smk_seq_start(s, pos, &smack_known_list); 593 } 594 595 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 596 { 597 return smk_seq_next(s, v, pos, &smack_known_list); 598 } 599 600 static int load_seq_show(struct seq_file *s, void *v) 601 { 602 struct list_head *list = v; 603 struct smack_rule *srp; 604 struct smack_known *skp = 605 list_entry_rcu(list, struct smack_known, list); 606 607 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 608 smk_rule_show(s, srp, SMK_LABELLEN); 609 610 return 0; 611 } 612 613 static const struct seq_operations load_seq_ops = { 614 .start = load2_seq_start, 615 .next = load2_seq_next, 616 .show = load_seq_show, 617 .stop = smk_seq_stop, 618 }; 619 620 /** 621 * smk_open_load - open() for /smack/load 622 * @inode: inode structure representing file 623 * @file: "load" file pointer 624 * 625 * For reading, use load_seq_* seq_file reading operations. 626 */ 627 static int smk_open_load(struct inode *inode, struct file *file) 628 { 629 return seq_open(file, &load_seq_ops); 630 } 631 632 /** 633 * smk_write_load - write() for /smack/load 634 * @file: file pointer, not actually used 635 * @buf: where to get the data from 636 * @count: bytes sent 637 * @ppos: where to start - must be 0 638 * 639 */ 640 static ssize_t smk_write_load(struct file *file, const char __user *buf, 641 size_t count, loff_t *ppos) 642 { 643 /* 644 * Must have privilege. 645 * No partial writes. 646 * Enough data must be present. 647 */ 648 if (!smack_privileged(CAP_MAC_ADMIN)) 649 return -EPERM; 650 651 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 652 SMK_FIXED24_FMT); 653 } 654 655 static const struct file_operations smk_load_ops = { 656 .open = smk_open_load, 657 .read = seq_read, 658 .llseek = seq_lseek, 659 .write = smk_write_load, 660 .release = seq_release, 661 }; 662 663 /** 664 * smk_cipso_doi - initialize the CIPSO domain 665 */ 666 static void smk_cipso_doi(void) 667 { 668 int rc; 669 struct cipso_v4_doi *doip; 670 struct netlbl_audit nai; 671 672 smk_netlabel_audit_set(&nai); 673 674 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 675 if (rc != 0) 676 printk(KERN_WARNING "%s:%d remove rc = %d\n", 677 __func__, __LINE__, rc); 678 679 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL); 680 doip->map.std = NULL; 681 doip->doi = smk_cipso_doi_value; 682 doip->type = CIPSO_V4_MAP_PASS; 683 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 684 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 685 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 686 687 rc = netlbl_cfg_cipsov4_add(doip, &nai); 688 if (rc != 0) { 689 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 690 __func__, __LINE__, rc); 691 kfree(doip); 692 return; 693 } 694 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 695 if (rc != 0) { 696 printk(KERN_WARNING "%s:%d map add rc = %d\n", 697 __func__, __LINE__, rc); 698 netlbl_cfg_cipsov4_del(doip->doi, &nai); 699 return; 700 } 701 } 702 703 /** 704 * smk_unlbl_ambient - initialize the unlabeled domain 705 * @oldambient: previous domain string 706 */ 707 static void smk_unlbl_ambient(char *oldambient) 708 { 709 int rc; 710 struct netlbl_audit nai; 711 712 smk_netlabel_audit_set(&nai); 713 714 if (oldambient != NULL) { 715 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 716 if (rc != 0) 717 printk(KERN_WARNING "%s:%d remove rc = %d\n", 718 __func__, __LINE__, rc); 719 } 720 if (smack_net_ambient == NULL) 721 smack_net_ambient = &smack_known_floor; 722 723 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 724 NULL, NULL, &nai); 725 if (rc != 0) 726 printk(KERN_WARNING "%s:%d add rc = %d\n", 727 __func__, __LINE__, rc); 728 } 729 730 /* 731 * Seq_file read operations for /smack/cipso 732 */ 733 734 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 735 { 736 return smk_seq_start(s, pos, &smack_known_list); 737 } 738 739 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 740 { 741 return smk_seq_next(s, v, pos, &smack_known_list); 742 } 743 744 /* 745 * Print cipso labels in format: 746 * label level[/cat[,cat]] 747 */ 748 static int cipso_seq_show(struct seq_file *s, void *v) 749 { 750 struct list_head *list = v; 751 struct smack_known *skp = 752 list_entry_rcu(list, struct smack_known, list); 753 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 754 char sep = '/'; 755 int i; 756 757 /* 758 * Don't show a label that could not have been set using 759 * /smack/cipso. This is in support of the notion that 760 * anything read from /smack/cipso ought to be writeable 761 * to /smack/cipso. 762 * 763 * /smack/cipso2 should be used instead. 764 */ 765 if (strlen(skp->smk_known) >= SMK_LABELLEN) 766 return 0; 767 768 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 769 770 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 771 i = netlbl_catmap_walk(cmp, i + 1)) { 772 seq_printf(s, "%c%d", sep, i); 773 sep = ','; 774 } 775 776 seq_putc(s, '\n'); 777 778 return 0; 779 } 780 781 static const struct seq_operations cipso_seq_ops = { 782 .start = cipso_seq_start, 783 .next = cipso_seq_next, 784 .show = cipso_seq_show, 785 .stop = smk_seq_stop, 786 }; 787 788 /** 789 * smk_open_cipso - open() for /smack/cipso 790 * @inode: inode structure representing file 791 * @file: "cipso" file pointer 792 * 793 * Connect our cipso_seq_* operations with /smack/cipso 794 * file_operations 795 */ 796 static int smk_open_cipso(struct inode *inode, struct file *file) 797 { 798 return seq_open(file, &cipso_seq_ops); 799 } 800 801 /** 802 * smk_set_cipso - do the work for write() for cipso and cipso2 803 * @file: file pointer, not actually used 804 * @buf: where to get the data from 805 * @count: bytes sent 806 * @ppos: where to start 807 * @format: /smack/cipso or /smack/cipso2 808 * 809 * Accepts only one cipso rule per write call. 810 * Returns number of bytes written or error code, as appropriate 811 */ 812 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 813 size_t count, loff_t *ppos, int format) 814 { 815 struct netlbl_lsm_catmap *old_cat, *new_cat = NULL; 816 struct smack_known *skp; 817 struct netlbl_lsm_secattr ncats; 818 char mapcatset[SMK_CIPSOLEN]; 819 int maplevel; 820 unsigned int cat; 821 int catlen; 822 ssize_t rc = -EINVAL; 823 char *data = NULL; 824 char *rule; 825 int ret; 826 int i; 827 828 /* 829 * Must have privilege. 830 * No partial writes. 831 * Enough data must be present. 832 */ 833 if (!smack_privileged(CAP_MAC_ADMIN)) 834 return -EPERM; 835 if (*ppos != 0) 836 return -EINVAL; 837 if (format == SMK_FIXED24_FMT && 838 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 839 return -EINVAL; 840 if (count > PAGE_SIZE) 841 return -EINVAL; 842 843 data = memdup_user_nul(buf, count); 844 if (IS_ERR(data)) 845 return PTR_ERR(data); 846 847 rule = data; 848 /* 849 * Only allow one writer at a time. Writes should be 850 * quite rare and small in any case. 851 */ 852 mutex_lock(&smack_cipso_lock); 853 854 skp = smk_import_entry(rule, 0); 855 if (IS_ERR(skp)) { 856 rc = PTR_ERR(skp); 857 goto out; 858 } 859 860 if (format == SMK_FIXED24_FMT) 861 rule += SMK_LABELLEN; 862 else 863 rule += strlen(skp->smk_known) + 1; 864 865 if (rule > data + count) { 866 rc = -EOVERFLOW; 867 goto out; 868 } 869 870 ret = sscanf(rule, "%d", &maplevel); 871 if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL) 872 goto out; 873 874 rule += SMK_DIGITLEN; 875 if (rule > data + count) { 876 rc = -EOVERFLOW; 877 goto out; 878 } 879 880 ret = sscanf(rule, "%d", &catlen); 881 if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM) 882 goto out; 883 884 if (format == SMK_FIXED24_FMT && 885 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 886 goto out; 887 888 memset(mapcatset, 0, sizeof(mapcatset)); 889 890 for (i = 0; i < catlen; i++) { 891 rule += SMK_DIGITLEN; 892 if (rule > data + count) { 893 rc = -EOVERFLOW; 894 goto out; 895 } 896 ret = sscanf(rule, "%u", &cat); 897 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 898 goto out; 899 900 smack_catset_bit(cat, mapcatset); 901 } 902 ncats.flags = 0; 903 if (catlen == 0) { 904 ncats.attr.mls.cat = NULL; 905 ncats.attr.mls.lvl = maplevel; 906 new_cat = netlbl_catmap_alloc(GFP_ATOMIC); 907 if (new_cat) 908 new_cat->next = ncats.attr.mls.cat; 909 ncats.attr.mls.cat = new_cat; 910 skp->smk_netlabel.flags &= ~(1U << 3); 911 rc = 0; 912 } else { 913 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 914 } 915 if (rc >= 0) { 916 old_cat = skp->smk_netlabel.attr.mls.cat; 917 rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat); 918 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 919 synchronize_rcu(); 920 netlbl_catmap_free(old_cat); 921 rc = count; 922 /* 923 * This mapping may have been cached, so clear the cache. 924 */ 925 netlbl_cache_invalidate(); 926 } 927 928 out: 929 mutex_unlock(&smack_cipso_lock); 930 kfree(data); 931 return rc; 932 } 933 934 /** 935 * smk_write_cipso - write() for /smack/cipso 936 * @file: file pointer, not actually used 937 * @buf: where to get the data from 938 * @count: bytes sent 939 * @ppos: where to start 940 * 941 * Accepts only one cipso rule per write call. 942 * Returns number of bytes written or error code, as appropriate 943 */ 944 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 945 size_t count, loff_t *ppos) 946 { 947 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 948 } 949 950 static const struct file_operations smk_cipso_ops = { 951 .open = smk_open_cipso, 952 .read = seq_read, 953 .llseek = seq_lseek, 954 .write = smk_write_cipso, 955 .release = seq_release, 956 }; 957 958 /* 959 * Seq_file read operations for /smack/cipso2 960 */ 961 962 /* 963 * Print cipso labels in format: 964 * label level[/cat[,cat]] 965 */ 966 static int cipso2_seq_show(struct seq_file *s, void *v) 967 { 968 struct list_head *list = v; 969 struct smack_known *skp = 970 list_entry_rcu(list, struct smack_known, list); 971 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 972 char sep = '/'; 973 int i; 974 975 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 976 977 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 978 i = netlbl_catmap_walk(cmp, i + 1)) { 979 seq_printf(s, "%c%d", sep, i); 980 sep = ','; 981 } 982 983 seq_putc(s, '\n'); 984 985 return 0; 986 } 987 988 static const struct seq_operations cipso2_seq_ops = { 989 .start = cipso_seq_start, 990 .next = cipso_seq_next, 991 .show = cipso2_seq_show, 992 .stop = smk_seq_stop, 993 }; 994 995 /** 996 * smk_open_cipso2 - open() for /smack/cipso2 997 * @inode: inode structure representing file 998 * @file: "cipso2" file pointer 999 * 1000 * Connect our cipso_seq_* operations with /smack/cipso2 1001 * file_operations 1002 */ 1003 static int smk_open_cipso2(struct inode *inode, struct file *file) 1004 { 1005 return seq_open(file, &cipso2_seq_ops); 1006 } 1007 1008 /** 1009 * smk_write_cipso2 - write() for /smack/cipso2 1010 * @file: file pointer, not actually used 1011 * @buf: where to get the data from 1012 * @count: bytes sent 1013 * @ppos: where to start 1014 * 1015 * Accepts only one cipso rule per write call. 1016 * Returns number of bytes written or error code, as appropriate 1017 */ 1018 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1019 size_t count, loff_t *ppos) 1020 { 1021 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1022 } 1023 1024 static const struct file_operations smk_cipso2_ops = { 1025 .open = smk_open_cipso2, 1026 .read = seq_read, 1027 .llseek = seq_lseek, 1028 .write = smk_write_cipso2, 1029 .release = seq_release, 1030 }; 1031 1032 /* 1033 * Seq_file read operations for /smack/netlabel 1034 */ 1035 1036 static void *net4addr_seq_start(struct seq_file *s, loff_t *pos) 1037 { 1038 return smk_seq_start(s, pos, &smk_net4addr_list); 1039 } 1040 1041 static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1042 { 1043 return smk_seq_next(s, v, pos, &smk_net4addr_list); 1044 } 1045 1046 /* 1047 * Print host/label pairs 1048 */ 1049 static int net4addr_seq_show(struct seq_file *s, void *v) 1050 { 1051 struct list_head *list = v; 1052 struct smk_net4addr *skp = 1053 list_entry_rcu(list, struct smk_net4addr, list); 1054 char *kp = SMACK_CIPSO_OPTION; 1055 1056 if (skp->smk_label != NULL) 1057 kp = skp->smk_label->smk_known; 1058 seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr, 1059 skp->smk_masks, kp); 1060 1061 return 0; 1062 } 1063 1064 static const struct seq_operations net4addr_seq_ops = { 1065 .start = net4addr_seq_start, 1066 .next = net4addr_seq_next, 1067 .show = net4addr_seq_show, 1068 .stop = smk_seq_stop, 1069 }; 1070 1071 /** 1072 * smk_open_net4addr - open() for /smack/netlabel 1073 * @inode: inode structure representing file 1074 * @file: "netlabel" file pointer 1075 * 1076 * Connect our net4addr_seq_* operations with /smack/netlabel 1077 * file_operations 1078 */ 1079 static int smk_open_net4addr(struct inode *inode, struct file *file) 1080 { 1081 return seq_open(file, &net4addr_seq_ops); 1082 } 1083 1084 /** 1085 * smk_net4addr_insert 1086 * @new : netlabel to insert 1087 * 1088 * This helper insert netlabel in the smack_net4addrs list 1089 * sorted by netmask length (longest to smallest) 1090 * locked by &smk_net4addr_lock in smk_write_net4addr 1091 * 1092 */ 1093 static void smk_net4addr_insert(struct smk_net4addr *new) 1094 { 1095 struct smk_net4addr *m; 1096 struct smk_net4addr *m_next; 1097 1098 if (list_empty(&smk_net4addr_list)) { 1099 list_add_rcu(&new->list, &smk_net4addr_list); 1100 return; 1101 } 1102 1103 m = list_entry_rcu(smk_net4addr_list.next, 1104 struct smk_net4addr, list); 1105 1106 /* the comparison '>' is a bit hacky, but works */ 1107 if (new->smk_masks > m->smk_masks) { 1108 list_add_rcu(&new->list, &smk_net4addr_list); 1109 return; 1110 } 1111 1112 list_for_each_entry_rcu(m, &smk_net4addr_list, list) { 1113 if (list_is_last(&m->list, &smk_net4addr_list)) { 1114 list_add_rcu(&new->list, &m->list); 1115 return; 1116 } 1117 m_next = list_entry_rcu(m->list.next, 1118 struct smk_net4addr, list); 1119 if (new->smk_masks > m_next->smk_masks) { 1120 list_add_rcu(&new->list, &m->list); 1121 return; 1122 } 1123 } 1124 } 1125 1126 1127 /** 1128 * smk_write_net4addr - write() for /smack/netlabel 1129 * @file: file pointer, not actually used 1130 * @buf: where to get the data from 1131 * @count: bytes sent 1132 * @ppos: where to start 1133 * 1134 * Accepts only one net4addr per write call. 1135 * Returns number of bytes written or error code, as appropriate 1136 */ 1137 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 1138 size_t count, loff_t *ppos) 1139 { 1140 struct smk_net4addr *snp; 1141 struct sockaddr_in newname; 1142 char *smack; 1143 struct smack_known *skp = NULL; 1144 char *data; 1145 char *host = (char *)&newname.sin_addr.s_addr; 1146 int rc; 1147 struct netlbl_audit audit_info; 1148 struct in_addr mask; 1149 unsigned int m; 1150 unsigned int masks; 1151 int found; 1152 u32 mask_bits = (1<<31); 1153 __be32 nsa; 1154 u32 temp_mask; 1155 1156 /* 1157 * Must have privilege. 1158 * No partial writes. 1159 * Enough data must be present. 1160 * "<addr/mask, as a.b.c.d/e><space><label>" 1161 * "<addr, as a.b.c.d><space><label>" 1162 */ 1163 if (!smack_privileged(CAP_MAC_ADMIN)) 1164 return -EPERM; 1165 if (*ppos != 0) 1166 return -EINVAL; 1167 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1168 return -EINVAL; 1169 1170 data = memdup_user_nul(buf, count); 1171 if (IS_ERR(data)) 1172 return PTR_ERR(data); 1173 1174 smack = kzalloc(count + 1, GFP_KERNEL); 1175 if (smack == NULL) { 1176 rc = -ENOMEM; 1177 goto free_data_out; 1178 } 1179 1180 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1181 &host[0], &host[1], &host[2], &host[3], &masks, smack); 1182 if (rc != 6) { 1183 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1184 &host[0], &host[1], &host[2], &host[3], smack); 1185 if (rc != 5) { 1186 rc = -EINVAL; 1187 goto free_out; 1188 } 1189 masks = 32; 1190 } 1191 if (masks > BEBITS) { 1192 rc = -EINVAL; 1193 goto free_out; 1194 } 1195 1196 /* 1197 * If smack begins with '-', it is an option, don't import it 1198 */ 1199 if (smack[0] != '-') { 1200 skp = smk_import_entry(smack, 0); 1201 if (IS_ERR(skp)) { 1202 rc = PTR_ERR(skp); 1203 goto free_out; 1204 } 1205 } else { 1206 /* 1207 * Only the -CIPSO option is supported for IPv4 1208 */ 1209 if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) { 1210 rc = -EINVAL; 1211 goto free_out; 1212 } 1213 } 1214 1215 for (m = masks, temp_mask = 0; m > 0; m--) { 1216 temp_mask |= mask_bits; 1217 mask_bits >>= 1; 1218 } 1219 mask.s_addr = cpu_to_be32(temp_mask); 1220 1221 newname.sin_addr.s_addr &= mask.s_addr; 1222 /* 1223 * Only allow one writer at a time. Writes should be 1224 * quite rare and small in any case. 1225 */ 1226 mutex_lock(&smk_net4addr_lock); 1227 1228 nsa = newname.sin_addr.s_addr; 1229 /* try to find if the prefix is already in the list */ 1230 found = 0; 1231 list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { 1232 if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) { 1233 found = 1; 1234 break; 1235 } 1236 } 1237 smk_netlabel_audit_set(&audit_info); 1238 1239 if (found == 0) { 1240 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1241 if (snp == NULL) 1242 rc = -ENOMEM; 1243 else { 1244 rc = 0; 1245 snp->smk_host.s_addr = newname.sin_addr.s_addr; 1246 snp->smk_mask.s_addr = mask.s_addr; 1247 snp->smk_label = skp; 1248 snp->smk_masks = masks; 1249 smk_net4addr_insert(snp); 1250 } 1251 } else { 1252 /* 1253 * Delete the unlabeled entry, only if the previous label 1254 * wasn't the special CIPSO option 1255 */ 1256 if (snp->smk_label != NULL) 1257 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1258 &snp->smk_host, &snp->smk_mask, 1259 PF_INET, &audit_info); 1260 else 1261 rc = 0; 1262 snp->smk_label = skp; 1263 } 1264 1265 /* 1266 * Now tell netlabel about the single label nature of 1267 * this host so that incoming packets get labeled. 1268 * but only if we didn't get the special CIPSO option 1269 */ 1270 if (rc == 0 && skp != NULL) 1271 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1272 &snp->smk_host, &snp->smk_mask, PF_INET, 1273 snp->smk_label->smk_secid, &audit_info); 1274 1275 if (rc == 0) 1276 rc = count; 1277 1278 mutex_unlock(&smk_net4addr_lock); 1279 1280 free_out: 1281 kfree(smack); 1282 free_data_out: 1283 kfree(data); 1284 1285 return rc; 1286 } 1287 1288 static const struct file_operations smk_net4addr_ops = { 1289 .open = smk_open_net4addr, 1290 .read = seq_read, 1291 .llseek = seq_lseek, 1292 .write = smk_write_net4addr, 1293 .release = seq_release, 1294 }; 1295 1296 #if IS_ENABLED(CONFIG_IPV6) 1297 /* 1298 * Seq_file read operations for /smack/netlabel6 1299 */ 1300 1301 static void *net6addr_seq_start(struct seq_file *s, loff_t *pos) 1302 { 1303 return smk_seq_start(s, pos, &smk_net6addr_list); 1304 } 1305 1306 static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1307 { 1308 return smk_seq_next(s, v, pos, &smk_net6addr_list); 1309 } 1310 1311 /* 1312 * Print host/label pairs 1313 */ 1314 static int net6addr_seq_show(struct seq_file *s, void *v) 1315 { 1316 struct list_head *list = v; 1317 struct smk_net6addr *skp = 1318 list_entry(list, struct smk_net6addr, list); 1319 1320 if (skp->smk_label != NULL) 1321 seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks, 1322 skp->smk_label->smk_known); 1323 1324 return 0; 1325 } 1326 1327 static const struct seq_operations net6addr_seq_ops = { 1328 .start = net6addr_seq_start, 1329 .next = net6addr_seq_next, 1330 .show = net6addr_seq_show, 1331 .stop = smk_seq_stop, 1332 }; 1333 1334 /** 1335 * smk_open_net6addr - open() for /smack/netlabel 1336 * @inode: inode structure representing file 1337 * @file: "netlabel" file pointer 1338 * 1339 * Connect our net6addr_seq_* operations with /smack/netlabel 1340 * file_operations 1341 */ 1342 static int smk_open_net6addr(struct inode *inode, struct file *file) 1343 { 1344 return seq_open(file, &net6addr_seq_ops); 1345 } 1346 1347 /** 1348 * smk_net6addr_insert 1349 * @new : entry to insert 1350 * 1351 * This inserts an entry in the smack_net6addrs list 1352 * sorted by netmask length (longest to smallest) 1353 * locked by &smk_net6addr_lock in smk_write_net6addr 1354 * 1355 */ 1356 static void smk_net6addr_insert(struct smk_net6addr *new) 1357 { 1358 struct smk_net6addr *m_next; 1359 struct smk_net6addr *m; 1360 1361 if (list_empty(&smk_net6addr_list)) { 1362 list_add_rcu(&new->list, &smk_net6addr_list); 1363 return; 1364 } 1365 1366 m = list_entry_rcu(smk_net6addr_list.next, 1367 struct smk_net6addr, list); 1368 1369 if (new->smk_masks > m->smk_masks) { 1370 list_add_rcu(&new->list, &smk_net6addr_list); 1371 return; 1372 } 1373 1374 list_for_each_entry_rcu(m, &smk_net6addr_list, list) { 1375 if (list_is_last(&m->list, &smk_net6addr_list)) { 1376 list_add_rcu(&new->list, &m->list); 1377 return; 1378 } 1379 m_next = list_entry_rcu(m->list.next, 1380 struct smk_net6addr, list); 1381 if (new->smk_masks > m_next->smk_masks) { 1382 list_add_rcu(&new->list, &m->list); 1383 return; 1384 } 1385 } 1386 } 1387 1388 1389 /** 1390 * smk_write_net6addr - write() for /smack/netlabel 1391 * @file: file pointer, not actually used 1392 * @buf: where to get the data from 1393 * @count: bytes sent 1394 * @ppos: where to start 1395 * 1396 * Accepts only one net6addr per write call. 1397 * Returns number of bytes written or error code, as appropriate 1398 */ 1399 static ssize_t smk_write_net6addr(struct file *file, const char __user *buf, 1400 size_t count, loff_t *ppos) 1401 { 1402 struct smk_net6addr *snp; 1403 struct in6_addr newname; 1404 struct in6_addr fullmask; 1405 struct smack_known *skp = NULL; 1406 char *smack; 1407 char *data; 1408 int rc = 0; 1409 int found = 0; 1410 int i; 1411 unsigned int scanned[8]; 1412 unsigned int m; 1413 unsigned int mask = 128; 1414 1415 /* 1416 * Must have privilege. 1417 * No partial writes. 1418 * Enough data must be present. 1419 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" 1420 * "<addr, as a:b:c:d:e:f:g:h><space><label>" 1421 */ 1422 if (!smack_privileged(CAP_MAC_ADMIN)) 1423 return -EPERM; 1424 if (*ppos != 0) 1425 return -EINVAL; 1426 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1427 return -EINVAL; 1428 1429 data = memdup_user_nul(buf, count); 1430 if (IS_ERR(data)) 1431 return PTR_ERR(data); 1432 1433 smack = kzalloc(count + 1, GFP_KERNEL); 1434 if (smack == NULL) { 1435 rc = -ENOMEM; 1436 goto free_data_out; 1437 } 1438 1439 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", 1440 &scanned[0], &scanned[1], &scanned[2], &scanned[3], 1441 &scanned[4], &scanned[5], &scanned[6], &scanned[7], 1442 &mask, smack); 1443 if (i != 10) { 1444 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", 1445 &scanned[0], &scanned[1], &scanned[2], 1446 &scanned[3], &scanned[4], &scanned[5], 1447 &scanned[6], &scanned[7], smack); 1448 if (i != 9) { 1449 rc = -EINVAL; 1450 goto free_out; 1451 } 1452 } 1453 if (mask > 128) { 1454 rc = -EINVAL; 1455 goto free_out; 1456 } 1457 for (i = 0; i < 8; i++) { 1458 if (scanned[i] > 0xffff) { 1459 rc = -EINVAL; 1460 goto free_out; 1461 } 1462 newname.s6_addr16[i] = htons(scanned[i]); 1463 } 1464 1465 /* 1466 * If smack begins with '-', it is an option, don't import it 1467 */ 1468 if (smack[0] != '-') { 1469 skp = smk_import_entry(smack, 0); 1470 if (IS_ERR(skp)) { 1471 rc = PTR_ERR(skp); 1472 goto free_out; 1473 } 1474 } else { 1475 /* 1476 * Only -DELETE is supported for IPv6 1477 */ 1478 if (strcmp(smack, SMACK_DELETE_OPTION) != 0) { 1479 rc = -EINVAL; 1480 goto free_out; 1481 } 1482 } 1483 1484 for (i = 0, m = mask; i < 8; i++) { 1485 if (m >= 16) { 1486 fullmask.s6_addr16[i] = 0xffff; 1487 m -= 16; 1488 } else if (m > 0) { 1489 fullmask.s6_addr16[i] = (1 << m) - 1; 1490 m = 0; 1491 } else 1492 fullmask.s6_addr16[i] = 0; 1493 newname.s6_addr16[i] &= fullmask.s6_addr16[i]; 1494 } 1495 1496 /* 1497 * Only allow one writer at a time. Writes should be 1498 * quite rare and small in any case. 1499 */ 1500 mutex_lock(&smk_net6addr_lock); 1501 /* 1502 * Try to find the prefix in the list 1503 */ 1504 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { 1505 if (mask != snp->smk_masks) 1506 continue; 1507 for (found = 1, i = 0; i < 8; i++) { 1508 if (newname.s6_addr16[i] != 1509 snp->smk_host.s6_addr16[i]) { 1510 found = 0; 1511 break; 1512 } 1513 } 1514 if (found == 1) 1515 break; 1516 } 1517 if (found == 0) { 1518 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1519 if (snp == NULL) 1520 rc = -ENOMEM; 1521 else { 1522 snp->smk_host = newname; 1523 snp->smk_mask = fullmask; 1524 snp->smk_masks = mask; 1525 snp->smk_label = skp; 1526 smk_net6addr_insert(snp); 1527 } 1528 } else { 1529 snp->smk_label = skp; 1530 } 1531 1532 if (rc == 0) 1533 rc = count; 1534 1535 mutex_unlock(&smk_net6addr_lock); 1536 1537 free_out: 1538 kfree(smack); 1539 free_data_out: 1540 kfree(data); 1541 1542 return rc; 1543 } 1544 1545 static const struct file_operations smk_net6addr_ops = { 1546 .open = smk_open_net6addr, 1547 .read = seq_read, 1548 .llseek = seq_lseek, 1549 .write = smk_write_net6addr, 1550 .release = seq_release, 1551 }; 1552 #endif /* CONFIG_IPV6 */ 1553 1554 /** 1555 * smk_read_doi - read() for /smack/doi 1556 * @filp: file pointer, not actually used 1557 * @buf: where to put the result 1558 * @count: maximum to send along 1559 * @ppos: where to start 1560 * 1561 * Returns number of bytes read or error code, as appropriate 1562 */ 1563 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1564 size_t count, loff_t *ppos) 1565 { 1566 char temp[80]; 1567 ssize_t rc; 1568 1569 if (*ppos != 0) 1570 return 0; 1571 1572 sprintf(temp, "%d", smk_cipso_doi_value); 1573 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1574 1575 return rc; 1576 } 1577 1578 /** 1579 * smk_write_doi - write() for /smack/doi 1580 * @file: file pointer, not actually used 1581 * @buf: where to get the data from 1582 * @count: bytes sent 1583 * @ppos: where to start 1584 * 1585 * Returns number of bytes written or error code, as appropriate 1586 */ 1587 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1588 size_t count, loff_t *ppos) 1589 { 1590 char temp[80]; 1591 int i; 1592 1593 if (!smack_privileged(CAP_MAC_ADMIN)) 1594 return -EPERM; 1595 1596 if (count >= sizeof(temp) || count == 0) 1597 return -EINVAL; 1598 1599 if (copy_from_user(temp, buf, count) != 0) 1600 return -EFAULT; 1601 1602 temp[count] = '\0'; 1603 1604 if (sscanf(temp, "%d", &i) != 1) 1605 return -EINVAL; 1606 1607 smk_cipso_doi_value = i; 1608 1609 smk_cipso_doi(); 1610 1611 return count; 1612 } 1613 1614 static const struct file_operations smk_doi_ops = { 1615 .read = smk_read_doi, 1616 .write = smk_write_doi, 1617 .llseek = default_llseek, 1618 }; 1619 1620 /** 1621 * smk_read_direct - read() for /smack/direct 1622 * @filp: file pointer, not actually used 1623 * @buf: where to put the result 1624 * @count: maximum to send along 1625 * @ppos: where to start 1626 * 1627 * Returns number of bytes read or error code, as appropriate 1628 */ 1629 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1630 size_t count, loff_t *ppos) 1631 { 1632 char temp[80]; 1633 ssize_t rc; 1634 1635 if (*ppos != 0) 1636 return 0; 1637 1638 sprintf(temp, "%d", smack_cipso_direct); 1639 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1640 1641 return rc; 1642 } 1643 1644 /** 1645 * smk_write_direct - write() for /smack/direct 1646 * @file: file pointer, not actually used 1647 * @buf: where to get the data from 1648 * @count: bytes sent 1649 * @ppos: where to start 1650 * 1651 * Returns number of bytes written or error code, as appropriate 1652 */ 1653 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1654 size_t count, loff_t *ppos) 1655 { 1656 struct smack_known *skp; 1657 char temp[80]; 1658 int i; 1659 1660 if (!smack_privileged(CAP_MAC_ADMIN)) 1661 return -EPERM; 1662 1663 if (count >= sizeof(temp) || count == 0) 1664 return -EINVAL; 1665 1666 if (copy_from_user(temp, buf, count) != 0) 1667 return -EFAULT; 1668 1669 temp[count] = '\0'; 1670 1671 if (sscanf(temp, "%d", &i) != 1) 1672 return -EINVAL; 1673 1674 /* 1675 * Don't do anything if the value hasn't actually changed. 1676 * If it is changing reset the level on entries that were 1677 * set up to be direct when they were created. 1678 */ 1679 if (smack_cipso_direct != i) { 1680 mutex_lock(&smack_known_lock); 1681 list_for_each_entry_rcu(skp, &smack_known_list, list) 1682 if (skp->smk_netlabel.attr.mls.lvl == 1683 smack_cipso_direct) 1684 skp->smk_netlabel.attr.mls.lvl = i; 1685 smack_cipso_direct = i; 1686 mutex_unlock(&smack_known_lock); 1687 } 1688 1689 return count; 1690 } 1691 1692 static const struct file_operations smk_direct_ops = { 1693 .read = smk_read_direct, 1694 .write = smk_write_direct, 1695 .llseek = default_llseek, 1696 }; 1697 1698 /** 1699 * smk_read_mapped - read() for /smack/mapped 1700 * @filp: file pointer, not actually used 1701 * @buf: where to put the result 1702 * @count: maximum to send along 1703 * @ppos: where to start 1704 * 1705 * Returns number of bytes read or error code, as appropriate 1706 */ 1707 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1708 size_t count, loff_t *ppos) 1709 { 1710 char temp[80]; 1711 ssize_t rc; 1712 1713 if (*ppos != 0) 1714 return 0; 1715 1716 sprintf(temp, "%d", smack_cipso_mapped); 1717 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1718 1719 return rc; 1720 } 1721 1722 /** 1723 * smk_write_mapped - write() for /smack/mapped 1724 * @file: file pointer, not actually used 1725 * @buf: where to get the data from 1726 * @count: bytes sent 1727 * @ppos: where to start 1728 * 1729 * Returns number of bytes written or error code, as appropriate 1730 */ 1731 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1732 size_t count, loff_t *ppos) 1733 { 1734 struct smack_known *skp; 1735 char temp[80]; 1736 int i; 1737 1738 if (!smack_privileged(CAP_MAC_ADMIN)) 1739 return -EPERM; 1740 1741 if (count >= sizeof(temp) || count == 0) 1742 return -EINVAL; 1743 1744 if (copy_from_user(temp, buf, count) != 0) 1745 return -EFAULT; 1746 1747 temp[count] = '\0'; 1748 1749 if (sscanf(temp, "%d", &i) != 1) 1750 return -EINVAL; 1751 1752 /* 1753 * Don't do anything if the value hasn't actually changed. 1754 * If it is changing reset the level on entries that were 1755 * set up to be mapped when they were created. 1756 */ 1757 if (smack_cipso_mapped != i) { 1758 mutex_lock(&smack_known_lock); 1759 list_for_each_entry_rcu(skp, &smack_known_list, list) 1760 if (skp->smk_netlabel.attr.mls.lvl == 1761 smack_cipso_mapped) 1762 skp->smk_netlabel.attr.mls.lvl = i; 1763 smack_cipso_mapped = i; 1764 mutex_unlock(&smack_known_lock); 1765 } 1766 1767 return count; 1768 } 1769 1770 static const struct file_operations smk_mapped_ops = { 1771 .read = smk_read_mapped, 1772 .write = smk_write_mapped, 1773 .llseek = default_llseek, 1774 }; 1775 1776 /** 1777 * smk_read_ambient - read() for /smack/ambient 1778 * @filp: file pointer, not actually used 1779 * @buf: where to put the result 1780 * @cn: maximum to send along 1781 * @ppos: where to start 1782 * 1783 * Returns number of bytes read or error code, as appropriate 1784 */ 1785 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1786 size_t cn, loff_t *ppos) 1787 { 1788 ssize_t rc; 1789 int asize; 1790 1791 if (*ppos != 0) 1792 return 0; 1793 /* 1794 * Being careful to avoid a problem in the case where 1795 * smack_net_ambient gets changed in midstream. 1796 */ 1797 mutex_lock(&smack_ambient_lock); 1798 1799 asize = strlen(smack_net_ambient->smk_known) + 1; 1800 1801 if (cn >= asize) 1802 rc = simple_read_from_buffer(buf, cn, ppos, 1803 smack_net_ambient->smk_known, 1804 asize); 1805 else 1806 rc = -EINVAL; 1807 1808 mutex_unlock(&smack_ambient_lock); 1809 1810 return rc; 1811 } 1812 1813 /** 1814 * smk_write_ambient - write() for /smack/ambient 1815 * @file: file pointer, not actually used 1816 * @buf: where to get the data from 1817 * @count: bytes sent 1818 * @ppos: where to start 1819 * 1820 * Returns number of bytes written or error code, as appropriate 1821 */ 1822 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1823 size_t count, loff_t *ppos) 1824 { 1825 struct smack_known *skp; 1826 char *oldambient; 1827 char *data; 1828 int rc = count; 1829 1830 if (!smack_privileged(CAP_MAC_ADMIN)) 1831 return -EPERM; 1832 1833 /* Enough data must be present */ 1834 if (count == 0 || count > PAGE_SIZE) 1835 return -EINVAL; 1836 1837 data = memdup_user_nul(buf, count); 1838 if (IS_ERR(data)) 1839 return PTR_ERR(data); 1840 1841 skp = smk_import_entry(data, count); 1842 if (IS_ERR(skp)) { 1843 rc = PTR_ERR(skp); 1844 goto out; 1845 } 1846 1847 mutex_lock(&smack_ambient_lock); 1848 1849 oldambient = smack_net_ambient->smk_known; 1850 smack_net_ambient = skp; 1851 smk_unlbl_ambient(oldambient); 1852 1853 mutex_unlock(&smack_ambient_lock); 1854 1855 out: 1856 kfree(data); 1857 return rc; 1858 } 1859 1860 static const struct file_operations smk_ambient_ops = { 1861 .read = smk_read_ambient, 1862 .write = smk_write_ambient, 1863 .llseek = default_llseek, 1864 }; 1865 1866 /* 1867 * Seq_file operations for /smack/onlycap 1868 */ 1869 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos) 1870 { 1871 return smk_seq_start(s, pos, &smack_onlycap_list); 1872 } 1873 1874 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos) 1875 { 1876 return smk_seq_next(s, v, pos, &smack_onlycap_list); 1877 } 1878 1879 static int onlycap_seq_show(struct seq_file *s, void *v) 1880 { 1881 struct list_head *list = v; 1882 struct smack_known_list_elem *sklep = 1883 list_entry_rcu(list, struct smack_known_list_elem, list); 1884 1885 seq_puts(s, sklep->smk_label->smk_known); 1886 seq_putc(s, ' '); 1887 1888 return 0; 1889 } 1890 1891 static const struct seq_operations onlycap_seq_ops = { 1892 .start = onlycap_seq_start, 1893 .next = onlycap_seq_next, 1894 .show = onlycap_seq_show, 1895 .stop = smk_seq_stop, 1896 }; 1897 1898 static int smk_open_onlycap(struct inode *inode, struct file *file) 1899 { 1900 return seq_open(file, &onlycap_seq_ops); 1901 } 1902 1903 /** 1904 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way 1905 * The caller must hold appropriate mutex to prevent concurrent modifications 1906 * to the public list. 1907 * Private list is assumed to be not accessible to other threads yet. 1908 * 1909 * @public: public list 1910 * @private: private list 1911 */ 1912 static void smk_list_swap_rcu(struct list_head *public, 1913 struct list_head *private) 1914 { 1915 struct list_head *first, *last; 1916 1917 if (list_empty(public)) { 1918 list_splice_init_rcu(private, public, synchronize_rcu); 1919 } else { 1920 /* Remember public list before replacing it */ 1921 first = public->next; 1922 last = public->prev; 1923 1924 /* Publish private list in place of public in RCU-safe way */ 1925 private->prev->next = public; 1926 private->next->prev = public; 1927 rcu_assign_pointer(public->next, private->next); 1928 public->prev = private->prev; 1929 1930 synchronize_rcu(); 1931 1932 /* When all readers are done with the old public list, 1933 * attach it in place of private */ 1934 private->next = first; 1935 private->prev = last; 1936 first->prev = private; 1937 last->next = private; 1938 } 1939 } 1940 1941 /** 1942 * smk_parse_label_list - parse list of Smack labels, separated by spaces 1943 * 1944 * @data: the string to parse 1945 * @list: destination list 1946 * 1947 * Returns zero on success or error code, as appropriate 1948 */ 1949 static int smk_parse_label_list(char *data, struct list_head *list) 1950 { 1951 char *tok; 1952 struct smack_known *skp; 1953 struct smack_known_list_elem *sklep; 1954 1955 while ((tok = strsep(&data, " ")) != NULL) { 1956 if (!*tok) 1957 continue; 1958 1959 skp = smk_import_entry(tok, 0); 1960 if (IS_ERR(skp)) 1961 return PTR_ERR(skp); 1962 1963 sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); 1964 if (sklep == NULL) 1965 return -ENOMEM; 1966 1967 sklep->smk_label = skp; 1968 list_add(&sklep->list, list); 1969 } 1970 1971 return 0; 1972 } 1973 1974 /** 1975 * smk_destroy_label_list - destroy a list of smack_known_list_elem 1976 * @list: header pointer of the list to destroy 1977 */ 1978 void smk_destroy_label_list(struct list_head *list) 1979 { 1980 struct smack_known_list_elem *sklep; 1981 struct smack_known_list_elem *sklep2; 1982 1983 list_for_each_entry_safe(sklep, sklep2, list, list) 1984 kfree(sklep); 1985 1986 INIT_LIST_HEAD(list); 1987 } 1988 1989 /** 1990 * smk_write_onlycap - write() for smackfs/onlycap 1991 * @file: file pointer, not actually used 1992 * @buf: where to get the data from 1993 * @count: bytes sent 1994 * @ppos: where to start 1995 * 1996 * Returns number of bytes written or error code, as appropriate 1997 */ 1998 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 1999 size_t count, loff_t *ppos) 2000 { 2001 char *data; 2002 LIST_HEAD(list_tmp); 2003 int rc; 2004 2005 if (!smack_privileged(CAP_MAC_ADMIN)) 2006 return -EPERM; 2007 2008 if (count > PAGE_SIZE) 2009 return -EINVAL; 2010 2011 data = memdup_user_nul(buf, count); 2012 if (IS_ERR(data)) 2013 return PTR_ERR(data); 2014 2015 rc = smk_parse_label_list(data, &list_tmp); 2016 kfree(data); 2017 2018 /* 2019 * Clear the smack_onlycap on invalid label errors. This means 2020 * that we can pass a null string to unset the onlycap value. 2021 * 2022 * Importing will also reject a label beginning with '-', 2023 * so "-usecapabilities" will also work. 2024 * 2025 * But do so only on invalid label, not on system errors. 2026 * The invalid label must be first to count as clearing attempt. 2027 */ 2028 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2029 mutex_lock(&smack_onlycap_lock); 2030 smk_list_swap_rcu(&smack_onlycap_list, &list_tmp); 2031 mutex_unlock(&smack_onlycap_lock); 2032 rc = count; 2033 } 2034 2035 smk_destroy_label_list(&list_tmp); 2036 2037 return rc; 2038 } 2039 2040 static const struct file_operations smk_onlycap_ops = { 2041 .open = smk_open_onlycap, 2042 .read = seq_read, 2043 .write = smk_write_onlycap, 2044 .llseek = seq_lseek, 2045 .release = seq_release, 2046 }; 2047 2048 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2049 /** 2050 * smk_read_unconfined - read() for smackfs/unconfined 2051 * @filp: file pointer, not actually used 2052 * @buf: where to put the result 2053 * @cn: maximum to send along 2054 * @ppos: where to start 2055 * 2056 * Returns number of bytes read or error code, as appropriate 2057 */ 2058 static ssize_t smk_read_unconfined(struct file *filp, char __user *buf, 2059 size_t cn, loff_t *ppos) 2060 { 2061 char *smack = ""; 2062 ssize_t rc = -EINVAL; 2063 int asize; 2064 2065 if (*ppos != 0) 2066 return 0; 2067 2068 if (smack_unconfined != NULL) 2069 smack = smack_unconfined->smk_known; 2070 2071 asize = strlen(smack) + 1; 2072 2073 if (cn >= asize) 2074 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 2075 2076 return rc; 2077 } 2078 2079 /** 2080 * smk_write_unconfined - write() for smackfs/unconfined 2081 * @file: file pointer, not actually used 2082 * @buf: where to get the data from 2083 * @count: bytes sent 2084 * @ppos: where to start 2085 * 2086 * Returns number of bytes written or error code, as appropriate 2087 */ 2088 static ssize_t smk_write_unconfined(struct file *file, const char __user *buf, 2089 size_t count, loff_t *ppos) 2090 { 2091 char *data; 2092 struct smack_known *skp; 2093 int rc = count; 2094 2095 if (!smack_privileged(CAP_MAC_ADMIN)) 2096 return -EPERM; 2097 2098 if (count > PAGE_SIZE) 2099 return -EINVAL; 2100 2101 data = memdup_user_nul(buf, count); 2102 if (IS_ERR(data)) 2103 return PTR_ERR(data); 2104 2105 /* 2106 * Clear the smack_unconfined on invalid label errors. This means 2107 * that we can pass a null string to unset the unconfined value. 2108 * 2109 * Importing will also reject a label beginning with '-', 2110 * so "-confine" will also work. 2111 * 2112 * But do so only on invalid label, not on system errors. 2113 */ 2114 skp = smk_import_entry(data, count); 2115 if (PTR_ERR(skp) == -EINVAL) 2116 skp = NULL; 2117 else if (IS_ERR(skp)) { 2118 rc = PTR_ERR(skp); 2119 goto freeout; 2120 } 2121 2122 smack_unconfined = skp; 2123 2124 freeout: 2125 kfree(data); 2126 return rc; 2127 } 2128 2129 static const struct file_operations smk_unconfined_ops = { 2130 .read = smk_read_unconfined, 2131 .write = smk_write_unconfined, 2132 .llseek = default_llseek, 2133 }; 2134 #endif /* CONFIG_SECURITY_SMACK_BRINGUP */ 2135 2136 /** 2137 * smk_read_logging - read() for /smack/logging 2138 * @filp: file pointer, not actually used 2139 * @buf: where to put the result 2140 * @count: maximum to send along 2141 * @ppos: where to start 2142 * 2143 * Returns number of bytes read or error code, as appropriate 2144 */ 2145 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 2146 size_t count, loff_t *ppos) 2147 { 2148 char temp[32]; 2149 ssize_t rc; 2150 2151 if (*ppos != 0) 2152 return 0; 2153 2154 sprintf(temp, "%d\n", log_policy); 2155 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2156 return rc; 2157 } 2158 2159 /** 2160 * smk_write_logging - write() for /smack/logging 2161 * @file: file pointer, not actually used 2162 * @buf: where to get the data from 2163 * @count: bytes sent 2164 * @ppos: where to start 2165 * 2166 * Returns number of bytes written or error code, as appropriate 2167 */ 2168 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 2169 size_t count, loff_t *ppos) 2170 { 2171 char temp[32]; 2172 int i; 2173 2174 if (!smack_privileged(CAP_MAC_ADMIN)) 2175 return -EPERM; 2176 2177 if (count >= sizeof(temp) || count == 0) 2178 return -EINVAL; 2179 2180 if (copy_from_user(temp, buf, count) != 0) 2181 return -EFAULT; 2182 2183 temp[count] = '\0'; 2184 2185 if (sscanf(temp, "%d", &i) != 1) 2186 return -EINVAL; 2187 if (i < 0 || i > 3) 2188 return -EINVAL; 2189 log_policy = i; 2190 return count; 2191 } 2192 2193 2194 2195 static const struct file_operations smk_logging_ops = { 2196 .read = smk_read_logging, 2197 .write = smk_write_logging, 2198 .llseek = default_llseek, 2199 }; 2200 2201 /* 2202 * Seq_file read operations for /smack/load-self 2203 */ 2204 2205 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 2206 { 2207 struct task_smack *tsp = smack_cred(current_cred()); 2208 2209 return smk_seq_start(s, pos, &tsp->smk_rules); 2210 } 2211 2212 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2213 { 2214 struct task_smack *tsp = smack_cred(current_cred()); 2215 2216 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2217 } 2218 2219 static int load_self_seq_show(struct seq_file *s, void *v) 2220 { 2221 struct list_head *list = v; 2222 struct smack_rule *srp = 2223 list_entry_rcu(list, struct smack_rule, list); 2224 2225 smk_rule_show(s, srp, SMK_LABELLEN); 2226 2227 return 0; 2228 } 2229 2230 static const struct seq_operations load_self_seq_ops = { 2231 .start = load_self_seq_start, 2232 .next = load_self_seq_next, 2233 .show = load_self_seq_show, 2234 .stop = smk_seq_stop, 2235 }; 2236 2237 2238 /** 2239 * smk_open_load_self - open() for /smack/load-self2 2240 * @inode: inode structure representing file 2241 * @file: "load" file pointer 2242 * 2243 * For reading, use load_seq_* seq_file reading operations. 2244 */ 2245 static int smk_open_load_self(struct inode *inode, struct file *file) 2246 { 2247 return seq_open(file, &load_self_seq_ops); 2248 } 2249 2250 /** 2251 * smk_write_load_self - write() for /smack/load-self 2252 * @file: file pointer, not actually used 2253 * @buf: where to get the data from 2254 * @count: bytes sent 2255 * @ppos: where to start - must be 0 2256 * 2257 */ 2258 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 2259 size_t count, loff_t *ppos) 2260 { 2261 struct task_smack *tsp = smack_cred(current_cred()); 2262 2263 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2264 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 2265 } 2266 2267 static const struct file_operations smk_load_self_ops = { 2268 .open = smk_open_load_self, 2269 .read = seq_read, 2270 .llseek = seq_lseek, 2271 .write = smk_write_load_self, 2272 .release = seq_release, 2273 }; 2274 2275 /** 2276 * smk_user_access - handle access check transaction 2277 * @file: file pointer 2278 * @buf: data from user space 2279 * @count: bytes sent 2280 * @ppos: where to start - must be 0 2281 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 2282 */ 2283 static ssize_t smk_user_access(struct file *file, const char __user *buf, 2284 size_t count, loff_t *ppos, int format) 2285 { 2286 struct smack_parsed_rule rule; 2287 char *data; 2288 int res; 2289 2290 data = simple_transaction_get(file, buf, count); 2291 if (IS_ERR(data)) 2292 return PTR_ERR(data); 2293 2294 if (format == SMK_FIXED24_FMT) { 2295 if (count < SMK_LOADLEN) 2296 return -EINVAL; 2297 res = smk_parse_rule(data, &rule, 0); 2298 } else { 2299 /* 2300 * simple_transaction_get() returns null-terminated data 2301 */ 2302 res = smk_parse_long_rule(data, &rule, 0, 3); 2303 } 2304 2305 if (res >= 0) 2306 res = smk_access(rule.smk_subject, rule.smk_object, 2307 rule.smk_access1, NULL); 2308 else if (res != -ENOENT) 2309 return res; 2310 2311 /* 2312 * smk_access() can return a value > 0 in the "bringup" case. 2313 */ 2314 data[0] = res >= 0 ? '1' : '0'; 2315 data[1] = '\0'; 2316 2317 simple_transaction_set(file, 2); 2318 2319 if (format == SMK_FIXED24_FMT) 2320 return SMK_LOADLEN; 2321 return count; 2322 } 2323 2324 /** 2325 * smk_write_access - handle access check transaction 2326 * @file: file pointer 2327 * @buf: data from user space 2328 * @count: bytes sent 2329 * @ppos: where to start - must be 0 2330 */ 2331 static ssize_t smk_write_access(struct file *file, const char __user *buf, 2332 size_t count, loff_t *ppos) 2333 { 2334 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 2335 } 2336 2337 static const struct file_operations smk_access_ops = { 2338 .write = smk_write_access, 2339 .read = simple_transaction_read, 2340 .release = simple_transaction_release, 2341 .llseek = generic_file_llseek, 2342 }; 2343 2344 2345 /* 2346 * Seq_file read operations for /smack/load2 2347 */ 2348 2349 static int load2_seq_show(struct seq_file *s, void *v) 2350 { 2351 struct list_head *list = v; 2352 struct smack_rule *srp; 2353 struct smack_known *skp = 2354 list_entry_rcu(list, struct smack_known, list); 2355 2356 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 2357 smk_rule_show(s, srp, SMK_LONGLABEL); 2358 2359 return 0; 2360 } 2361 2362 static const struct seq_operations load2_seq_ops = { 2363 .start = load2_seq_start, 2364 .next = load2_seq_next, 2365 .show = load2_seq_show, 2366 .stop = smk_seq_stop, 2367 }; 2368 2369 /** 2370 * smk_open_load2 - open() for /smack/load2 2371 * @inode: inode structure representing file 2372 * @file: "load2" file pointer 2373 * 2374 * For reading, use load2_seq_* seq_file reading operations. 2375 */ 2376 static int smk_open_load2(struct inode *inode, struct file *file) 2377 { 2378 return seq_open(file, &load2_seq_ops); 2379 } 2380 2381 /** 2382 * smk_write_load2 - write() for /smack/load2 2383 * @file: file pointer, not actually used 2384 * @buf: where to get the data from 2385 * @count: bytes sent 2386 * @ppos: where to start - must be 0 2387 * 2388 */ 2389 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 2390 size_t count, loff_t *ppos) 2391 { 2392 /* 2393 * Must have privilege. 2394 */ 2395 if (!smack_privileged(CAP_MAC_ADMIN)) 2396 return -EPERM; 2397 2398 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2399 SMK_LONG_FMT); 2400 } 2401 2402 static const struct file_operations smk_load2_ops = { 2403 .open = smk_open_load2, 2404 .read = seq_read, 2405 .llseek = seq_lseek, 2406 .write = smk_write_load2, 2407 .release = seq_release, 2408 }; 2409 2410 /* 2411 * Seq_file read operations for /smack/load-self2 2412 */ 2413 2414 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 2415 { 2416 struct task_smack *tsp = smack_cred(current_cred()); 2417 2418 return smk_seq_start(s, pos, &tsp->smk_rules); 2419 } 2420 2421 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 2422 { 2423 struct task_smack *tsp = smack_cred(current_cred()); 2424 2425 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2426 } 2427 2428 static int load_self2_seq_show(struct seq_file *s, void *v) 2429 { 2430 struct list_head *list = v; 2431 struct smack_rule *srp = 2432 list_entry_rcu(list, struct smack_rule, list); 2433 2434 smk_rule_show(s, srp, SMK_LONGLABEL); 2435 2436 return 0; 2437 } 2438 2439 static const struct seq_operations load_self2_seq_ops = { 2440 .start = load_self2_seq_start, 2441 .next = load_self2_seq_next, 2442 .show = load_self2_seq_show, 2443 .stop = smk_seq_stop, 2444 }; 2445 2446 /** 2447 * smk_open_load_self2 - open() for /smack/load-self2 2448 * @inode: inode structure representing file 2449 * @file: "load" file pointer 2450 * 2451 * For reading, use load_seq_* seq_file reading operations. 2452 */ 2453 static int smk_open_load_self2(struct inode *inode, struct file *file) 2454 { 2455 return seq_open(file, &load_self2_seq_ops); 2456 } 2457 2458 /** 2459 * smk_write_load_self2 - write() for /smack/load-self2 2460 * @file: file pointer, not actually used 2461 * @buf: where to get the data from 2462 * @count: bytes sent 2463 * @ppos: where to start - must be 0 2464 * 2465 */ 2466 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2467 size_t count, loff_t *ppos) 2468 { 2469 struct task_smack *tsp = smack_cred(current_cred()); 2470 2471 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2472 &tsp->smk_rules_lock, SMK_LONG_FMT); 2473 } 2474 2475 static const struct file_operations smk_load_self2_ops = { 2476 .open = smk_open_load_self2, 2477 .read = seq_read, 2478 .llseek = seq_lseek, 2479 .write = smk_write_load_self2, 2480 .release = seq_release, 2481 }; 2482 2483 /** 2484 * smk_write_access2 - handle access check transaction 2485 * @file: file pointer 2486 * @buf: data from user space 2487 * @count: bytes sent 2488 * @ppos: where to start - must be 0 2489 */ 2490 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2491 size_t count, loff_t *ppos) 2492 { 2493 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2494 } 2495 2496 static const struct file_operations smk_access2_ops = { 2497 .write = smk_write_access2, 2498 .read = simple_transaction_read, 2499 .release = simple_transaction_release, 2500 .llseek = generic_file_llseek, 2501 }; 2502 2503 /** 2504 * smk_write_revoke_subj - write() for /smack/revoke-subject 2505 * @file: file pointer 2506 * @buf: data from user space 2507 * @count: bytes sent 2508 * @ppos: where to start - must be 0 2509 */ 2510 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2511 size_t count, loff_t *ppos) 2512 { 2513 char *data; 2514 const char *cp; 2515 struct smack_known *skp; 2516 struct smack_rule *sp; 2517 struct list_head *rule_list; 2518 struct mutex *rule_lock; 2519 int rc = count; 2520 2521 if (*ppos != 0) 2522 return -EINVAL; 2523 2524 if (!smack_privileged(CAP_MAC_ADMIN)) 2525 return -EPERM; 2526 2527 if (count == 0 || count > SMK_LONGLABEL) 2528 return -EINVAL; 2529 2530 data = memdup_user(buf, count); 2531 if (IS_ERR(data)) 2532 return PTR_ERR(data); 2533 2534 cp = smk_parse_smack(data, count); 2535 if (IS_ERR(cp)) { 2536 rc = PTR_ERR(cp); 2537 goto out_data; 2538 } 2539 2540 skp = smk_find_entry(cp); 2541 if (skp == NULL) 2542 goto out_cp; 2543 2544 rule_list = &skp->smk_rules; 2545 rule_lock = &skp->smk_rules_lock; 2546 2547 mutex_lock(rule_lock); 2548 2549 list_for_each_entry_rcu(sp, rule_list, list) 2550 sp->smk_access = 0; 2551 2552 mutex_unlock(rule_lock); 2553 2554 out_cp: 2555 kfree(cp); 2556 out_data: 2557 kfree(data); 2558 2559 return rc; 2560 } 2561 2562 static const struct file_operations smk_revoke_subj_ops = { 2563 .write = smk_write_revoke_subj, 2564 .read = simple_transaction_read, 2565 .release = simple_transaction_release, 2566 .llseek = generic_file_llseek, 2567 }; 2568 2569 /** 2570 * smk_init_sysfs - initialize /sys/fs/smackfs 2571 * 2572 */ 2573 static int smk_init_sysfs(void) 2574 { 2575 return sysfs_create_mount_point(fs_kobj, "smackfs"); 2576 } 2577 2578 /** 2579 * smk_write_change_rule - write() for /smack/change-rule 2580 * @file: file pointer 2581 * @buf: data from user space 2582 * @count: bytes sent 2583 * @ppos: where to start - must be 0 2584 */ 2585 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2586 size_t count, loff_t *ppos) 2587 { 2588 /* 2589 * Must have privilege. 2590 */ 2591 if (!smack_privileged(CAP_MAC_ADMIN)) 2592 return -EPERM; 2593 2594 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2595 SMK_CHANGE_FMT); 2596 } 2597 2598 static const struct file_operations smk_change_rule_ops = { 2599 .write = smk_write_change_rule, 2600 .read = simple_transaction_read, 2601 .release = simple_transaction_release, 2602 .llseek = generic_file_llseek, 2603 }; 2604 2605 /** 2606 * smk_read_syslog - read() for smackfs/syslog 2607 * @filp: file pointer, not actually used 2608 * @buf: where to put the result 2609 * @cn: maximum to send along 2610 * @ppos: where to start 2611 * 2612 * Returns number of bytes read or error code, as appropriate 2613 */ 2614 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2615 size_t cn, loff_t *ppos) 2616 { 2617 struct smack_known *skp; 2618 ssize_t rc = -EINVAL; 2619 int asize; 2620 2621 if (*ppos != 0) 2622 return 0; 2623 2624 if (smack_syslog_label == NULL) 2625 skp = &smack_known_star; 2626 else 2627 skp = smack_syslog_label; 2628 2629 asize = strlen(skp->smk_known) + 1; 2630 2631 if (cn >= asize) 2632 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2633 asize); 2634 2635 return rc; 2636 } 2637 2638 /** 2639 * smk_write_syslog - write() for smackfs/syslog 2640 * @file: file pointer, not actually used 2641 * @buf: where to get the data from 2642 * @count: bytes sent 2643 * @ppos: where to start 2644 * 2645 * Returns number of bytes written or error code, as appropriate 2646 */ 2647 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2648 size_t count, loff_t *ppos) 2649 { 2650 char *data; 2651 struct smack_known *skp; 2652 int rc = count; 2653 2654 if (!smack_privileged(CAP_MAC_ADMIN)) 2655 return -EPERM; 2656 2657 /* Enough data must be present */ 2658 if (count == 0 || count > PAGE_SIZE) 2659 return -EINVAL; 2660 2661 data = memdup_user_nul(buf, count); 2662 if (IS_ERR(data)) 2663 return PTR_ERR(data); 2664 2665 skp = smk_import_entry(data, count); 2666 if (IS_ERR(skp)) 2667 rc = PTR_ERR(skp); 2668 else 2669 smack_syslog_label = skp; 2670 2671 kfree(data); 2672 return rc; 2673 } 2674 2675 static const struct file_operations smk_syslog_ops = { 2676 .read = smk_read_syslog, 2677 .write = smk_write_syslog, 2678 .llseek = default_llseek, 2679 }; 2680 2681 /* 2682 * Seq_file read operations for /smack/relabel-self 2683 */ 2684 2685 static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos) 2686 { 2687 struct task_smack *tsp = smack_cred(current_cred()); 2688 2689 return smk_seq_start(s, pos, &tsp->smk_relabel); 2690 } 2691 2692 static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2693 { 2694 struct task_smack *tsp = smack_cred(current_cred()); 2695 2696 return smk_seq_next(s, v, pos, &tsp->smk_relabel); 2697 } 2698 2699 static int relabel_self_seq_show(struct seq_file *s, void *v) 2700 { 2701 struct list_head *list = v; 2702 struct smack_known_list_elem *sklep = 2703 list_entry(list, struct smack_known_list_elem, list); 2704 2705 seq_puts(s, sklep->smk_label->smk_known); 2706 seq_putc(s, ' '); 2707 2708 return 0; 2709 } 2710 2711 static const struct seq_operations relabel_self_seq_ops = { 2712 .start = relabel_self_seq_start, 2713 .next = relabel_self_seq_next, 2714 .show = relabel_self_seq_show, 2715 .stop = smk_seq_stop, 2716 }; 2717 2718 /** 2719 * smk_open_relabel_self - open() for /smack/relabel-self 2720 * @inode: inode structure representing file 2721 * @file: "relabel-self" file pointer 2722 * 2723 * Connect our relabel_self_seq_* operations with /smack/relabel-self 2724 * file_operations 2725 */ 2726 static int smk_open_relabel_self(struct inode *inode, struct file *file) 2727 { 2728 return seq_open(file, &relabel_self_seq_ops); 2729 } 2730 2731 /** 2732 * smk_write_relabel_self - write() for /smack/relabel-self 2733 * @file: file pointer, not actually used 2734 * @buf: where to get the data from 2735 * @count: bytes sent 2736 * @ppos: where to start - must be 0 2737 * 2738 */ 2739 static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf, 2740 size_t count, loff_t *ppos) 2741 { 2742 char *data; 2743 int rc; 2744 LIST_HEAD(list_tmp); 2745 2746 /* 2747 * Must have privilege. 2748 */ 2749 if (!smack_privileged(CAP_MAC_ADMIN)) 2750 return -EPERM; 2751 2752 /* 2753 * No partial write. 2754 * Enough data must be present. 2755 */ 2756 if (*ppos != 0) 2757 return -EINVAL; 2758 if (count == 0 || count > PAGE_SIZE) 2759 return -EINVAL; 2760 2761 data = memdup_user_nul(buf, count); 2762 if (IS_ERR(data)) 2763 return PTR_ERR(data); 2764 2765 rc = smk_parse_label_list(data, &list_tmp); 2766 kfree(data); 2767 2768 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2769 struct cred *new; 2770 struct task_smack *tsp; 2771 2772 new = prepare_creds(); 2773 if (!new) { 2774 rc = -ENOMEM; 2775 goto out; 2776 } 2777 tsp = smack_cred(new); 2778 smk_destroy_label_list(&tsp->smk_relabel); 2779 list_splice(&list_tmp, &tsp->smk_relabel); 2780 commit_creds(new); 2781 return count; 2782 } 2783 out: 2784 smk_destroy_label_list(&list_tmp); 2785 return rc; 2786 } 2787 2788 static const struct file_operations smk_relabel_self_ops = { 2789 .open = smk_open_relabel_self, 2790 .read = seq_read, 2791 .llseek = seq_lseek, 2792 .write = smk_write_relabel_self, 2793 .release = seq_release, 2794 }; 2795 2796 /** 2797 * smk_read_ptrace - read() for /smack/ptrace 2798 * @filp: file pointer, not actually used 2799 * @buf: where to put the result 2800 * @count: maximum to send along 2801 * @ppos: where to start 2802 * 2803 * Returns number of bytes read or error code, as appropriate 2804 */ 2805 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2806 size_t count, loff_t *ppos) 2807 { 2808 char temp[32]; 2809 ssize_t rc; 2810 2811 if (*ppos != 0) 2812 return 0; 2813 2814 sprintf(temp, "%d\n", smack_ptrace_rule); 2815 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2816 return rc; 2817 } 2818 2819 /** 2820 * smk_write_ptrace - write() for /smack/ptrace 2821 * @file: file pointer 2822 * @buf: data from user space 2823 * @count: bytes sent 2824 * @ppos: where to start - must be 0 2825 */ 2826 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2827 size_t count, loff_t *ppos) 2828 { 2829 char temp[32]; 2830 int i; 2831 2832 if (!smack_privileged(CAP_MAC_ADMIN)) 2833 return -EPERM; 2834 2835 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2836 return -EINVAL; 2837 2838 if (copy_from_user(temp, buf, count) != 0) 2839 return -EFAULT; 2840 2841 temp[count] = '\0'; 2842 2843 if (sscanf(temp, "%d", &i) != 1) 2844 return -EINVAL; 2845 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2846 return -EINVAL; 2847 smack_ptrace_rule = i; 2848 2849 return count; 2850 } 2851 2852 static const struct file_operations smk_ptrace_ops = { 2853 .write = smk_write_ptrace, 2854 .read = smk_read_ptrace, 2855 .llseek = default_llseek, 2856 }; 2857 2858 /** 2859 * smk_fill_super - fill the smackfs superblock 2860 * @sb: the empty superblock 2861 * @fc: unused 2862 * 2863 * Fill in the well known entries for the smack filesystem 2864 * 2865 * Returns 0 on success, an error code on failure 2866 */ 2867 static int smk_fill_super(struct super_block *sb, struct fs_context *fc) 2868 { 2869 int rc; 2870 2871 static const struct tree_descr smack_files[] = { 2872 [SMK_LOAD] = { 2873 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2874 [SMK_CIPSO] = { 2875 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2876 [SMK_DOI] = { 2877 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2878 [SMK_DIRECT] = { 2879 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2880 [SMK_AMBIENT] = { 2881 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2882 [SMK_NET4ADDR] = { 2883 "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR}, 2884 [SMK_ONLYCAP] = { 2885 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2886 [SMK_LOGGING] = { 2887 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2888 [SMK_LOAD_SELF] = { 2889 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2890 [SMK_ACCESSES] = { 2891 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2892 [SMK_MAPPED] = { 2893 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2894 [SMK_LOAD2] = { 2895 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2896 [SMK_LOAD_SELF2] = { 2897 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2898 [SMK_ACCESS2] = { 2899 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2900 [SMK_CIPSO2] = { 2901 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2902 [SMK_REVOKE_SUBJ] = { 2903 "revoke-subject", &smk_revoke_subj_ops, 2904 S_IRUGO|S_IWUSR}, 2905 [SMK_CHANGE_RULE] = { 2906 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2907 [SMK_SYSLOG] = { 2908 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2909 [SMK_PTRACE] = { 2910 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2911 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2912 [SMK_UNCONFINED] = { 2913 "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR}, 2914 #endif 2915 #if IS_ENABLED(CONFIG_IPV6) 2916 [SMK_NET6ADDR] = { 2917 "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR}, 2918 #endif /* CONFIG_IPV6 */ 2919 [SMK_RELABEL_SELF] = { 2920 "relabel-self", &smk_relabel_self_ops, 2921 S_IRUGO|S_IWUGO}, 2922 /* last one */ 2923 {""} 2924 }; 2925 2926 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2927 if (rc != 0) { 2928 printk(KERN_ERR "%s failed %d while creating inodes\n", 2929 __func__, rc); 2930 return rc; 2931 } 2932 2933 return 0; 2934 } 2935 2936 /** 2937 * smk_get_tree - get the smackfs superblock 2938 * @fc: The mount context, including any options 2939 * 2940 * Just passes everything along. 2941 * 2942 * Returns what the lower level code does. 2943 */ 2944 static int smk_get_tree(struct fs_context *fc) 2945 { 2946 return get_tree_single(fc, smk_fill_super); 2947 } 2948 2949 static const struct fs_context_operations smk_context_ops = { 2950 .get_tree = smk_get_tree, 2951 }; 2952 2953 /** 2954 * smk_init_fs_context - Initialise a filesystem context for smackfs 2955 * @fc: The blank mount context 2956 */ 2957 static int smk_init_fs_context(struct fs_context *fc) 2958 { 2959 fc->ops = &smk_context_ops; 2960 return 0; 2961 } 2962 2963 static struct file_system_type smk_fs_type = { 2964 .name = "smackfs", 2965 .init_fs_context = smk_init_fs_context, 2966 .kill_sb = kill_litter_super, 2967 }; 2968 2969 static struct vfsmount *smackfs_mount; 2970 2971 /** 2972 * init_smk_fs - get the smackfs superblock 2973 * 2974 * register the smackfs 2975 * 2976 * Do not register smackfs if Smack wasn't enabled 2977 * on boot. We can not put this method normally under the 2978 * smack_init() code path since the security subsystem get 2979 * initialized before the vfs caches. 2980 * 2981 * Returns true if we were not chosen on boot or if 2982 * we were chosen and filesystem registration succeeded. 2983 */ 2984 static int __init init_smk_fs(void) 2985 { 2986 int err; 2987 int rc; 2988 2989 if (smack_enabled == 0) 2990 return 0; 2991 2992 err = smk_init_sysfs(); 2993 if (err) 2994 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 2995 2996 err = register_filesystem(&smk_fs_type); 2997 if (!err) { 2998 smackfs_mount = kern_mount(&smk_fs_type); 2999 if (IS_ERR(smackfs_mount)) { 3000 printk(KERN_ERR "smackfs: could not mount!\n"); 3001 err = PTR_ERR(smackfs_mount); 3002 smackfs_mount = NULL; 3003 } 3004 } 3005 3006 smk_cipso_doi(); 3007 smk_unlbl_ambient(NULL); 3008 3009 rc = smack_populate_secattr(&smack_known_floor); 3010 if (err == 0 && rc < 0) 3011 err = rc; 3012 rc = smack_populate_secattr(&smack_known_hat); 3013 if (err == 0 && rc < 0) 3014 err = rc; 3015 rc = smack_populate_secattr(&smack_known_huh); 3016 if (err == 0 && rc < 0) 3017 err = rc; 3018 rc = smack_populate_secattr(&smack_known_star); 3019 if (err == 0 && rc < 0) 3020 err = rc; 3021 rc = smack_populate_secattr(&smack_known_web); 3022 if (err == 0 && rc < 0) 3023 err = rc; 3024 3025 return err; 3026 } 3027 3028 __initcall(init_smk_fs); 3029