1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 4 * 5 * Authors: 6 * Casey Schaufler <casey@schaufler-ca.com> 7 * Ahmed S. Darwish <darwish.07@gmail.com> 8 * 9 * Special thanks to the authors of selinuxfs. 10 * 11 * Karl MacMillan <kmacmillan@tresys.com> 12 * James Morris <jmorris@redhat.com> 13 */ 14 15 #include <linux/kernel.h> 16 #include <linux/vmalloc.h> 17 #include <linux/security.h> 18 #include <linux/mutex.h> 19 #include <linux/slab.h> 20 #include <net/net_namespace.h> 21 #include <net/cipso_ipv4.h> 22 #include <linux/seq_file.h> 23 #include <linux/ctype.h> 24 #include <linux/audit.h> 25 #include <linux/magic.h> 26 #include <linux/mount.h> 27 #include <linux/fs_context.h> 28 #include "smack.h" 29 30 #define BEBITS (sizeof(__be32) * 8) 31 /* 32 * smackfs pseudo filesystem. 33 */ 34 35 enum smk_inos { 36 SMK_ROOT_INO = 2, 37 SMK_LOAD = 3, /* load policy */ 38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */ 39 SMK_DOI = 5, /* CIPSO DOI */ 40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */ 41 SMK_AMBIENT = 7, /* internet ambient label */ 42 SMK_NET4ADDR = 8, /* single label hosts */ 43 SMK_ONLYCAP = 9, /* the only "capable" label */ 44 #ifdef CONFIG_AUDIT 45 SMK_LOGGING = 10, /* logging */ 46 #endif /* CONFIG_AUDIT */ 47 SMK_LOAD_SELF = 11, /* task specific rules */ 48 SMK_ACCESSES = 12, /* access policy */ 49 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */ 50 SMK_LOAD2 = 14, /* load policy with long labels */ 51 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */ 52 SMK_ACCESS2 = 16, /* make an access check with long labels */ 53 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */ 54 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */ 55 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */ 56 SMK_SYSLOG = 20, /* change syslog label) */ 57 SMK_PTRACE = 21, /* set ptrace rule */ 58 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 59 SMK_UNCONFINED = 22, /* define an unconfined label */ 60 #endif 61 #if IS_ENABLED(CONFIG_IPV6) 62 SMK_NET6ADDR = 23, /* single label IPv6 hosts */ 63 #endif /* CONFIG_IPV6 */ 64 SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */ 65 }; 66 67 /* 68 * List locks 69 */ 70 static DEFINE_MUTEX(smack_cipso_lock); 71 static DEFINE_MUTEX(smack_ambient_lock); 72 static DEFINE_MUTEX(smk_net4addr_lock); 73 #if IS_ENABLED(CONFIG_IPV6) 74 static DEFINE_MUTEX(smk_net6addr_lock); 75 #endif /* CONFIG_IPV6 */ 76 77 /* 78 * This is the "ambient" label for network traffic. 79 * If it isn't somehow marked, use this. 80 * It can be reset via smackfs/ambient 81 */ 82 struct smack_known *smack_net_ambient; 83 84 /* 85 * This is the level in a CIPSO header that indicates a 86 * smack label is contained directly in the category set. 87 * It can be reset via smackfs/direct 88 */ 89 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT; 90 91 /* 92 * This is the level in a CIPSO header that indicates a 93 * secid is contained directly in the category set. 94 * It can be reset via smackfs/mapped 95 */ 96 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT; 97 98 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 99 /* 100 * Allow one label to be unconfined. This is for 101 * debugging and application bring-up purposes only. 102 * It is bad and wrong, but everyone seems to expect 103 * to have it. 104 */ 105 struct smack_known *smack_unconfined; 106 #endif 107 108 /* 109 * If this value is set restrict syslog use to the label specified. 110 * It can be reset via smackfs/syslog 111 */ 112 struct smack_known *smack_syslog_label; 113 114 /* 115 * Ptrace current rule 116 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) 117 * SMACK_PTRACE_EXACT labels must match, but can be overriden with 118 * CAP_SYS_PTRACE 119 * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect 120 */ 121 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT; 122 123 /* 124 * Certain IP addresses may be designated as single label hosts. 125 * Packets are sent there unlabeled, but only from tasks that 126 * can write to the specified label. 127 */ 128 129 LIST_HEAD(smk_net4addr_list); 130 #if IS_ENABLED(CONFIG_IPV6) 131 LIST_HEAD(smk_net6addr_list); 132 #endif /* CONFIG_IPV6 */ 133 134 /* 135 * Rule lists are maintained for each label. 136 */ 137 struct smack_parsed_rule { 138 struct smack_known *smk_subject; 139 struct smack_known *smk_object; 140 int smk_access1; 141 int smk_access2; 142 }; 143 144 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT; 145 146 /* 147 * Values for parsing cipso rules 148 * SMK_DIGITLEN: Length of a digit field in a rule. 149 * SMK_CIPSOMIN: Minimum possible cipso rule length. 150 * SMK_CIPSOMAX: Maximum possible cipso rule length. 151 */ 152 #define SMK_DIGITLEN 4 153 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) 154 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN) 155 156 /* 157 * Values for parsing MAC rules 158 * SMK_ACCESS: Maximum possible combination of access permissions 159 * SMK_ACCESSLEN: Maximum length for a rule access field 160 * SMK_LOADLEN: Smack rule length 161 */ 162 #define SMK_OACCESS "rwxa" 163 #define SMK_ACCESS "rwxatl" 164 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) 165 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) 166 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) 167 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN) 168 169 /* 170 * Strictly for CIPSO level manipulation. 171 * Set the category bit number in a smack label sized buffer. 172 */ 173 static inline void smack_catset_bit(unsigned int cat, char *catsetp) 174 { 175 if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) 176 return; 177 178 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8); 179 } 180 181 /** 182 * smk_netlabel_audit_set - fill a netlbl_audit struct 183 * @nap: structure to fill 184 */ 185 static void smk_netlabel_audit_set(struct netlbl_audit *nap) 186 { 187 nap->loginuid = audit_get_loginuid(current); 188 nap->sessionid = audit_get_sessionid(current); 189 nap->prop.smack.skp = smk_of_current(); 190 } 191 192 /* 193 * Value for parsing single label host rules 194 * "1.2.3.4 X" 195 */ 196 #define SMK_NETLBLADDRMIN 9 197 198 /** 199 * smk_set_access - add a rule to the rule list or replace an old rule 200 * @srp: the rule to add or replace 201 * @rule_list: the list of rules 202 * @rule_lock: the rule list lock 203 * 204 * Looks through the current subject/object/access list for 205 * the subject/object pair and replaces the access that was 206 * there. If the pair isn't found add it with the specified 207 * access. 208 * 209 * Returns 0 if nothing goes wrong or -ENOMEM if it fails 210 * during the allocation of the new pair to add. 211 */ 212 static int smk_set_access(struct smack_parsed_rule *srp, 213 struct list_head *rule_list, 214 struct mutex *rule_lock) 215 { 216 struct smack_rule *sp; 217 int found = 0; 218 int rc = 0; 219 220 mutex_lock(rule_lock); 221 222 /* 223 * Because the object label is less likely to match 224 * than the subject label check it first 225 */ 226 list_for_each_entry_rcu(sp, rule_list, list) { 227 if (sp->smk_object == srp->smk_object && 228 sp->smk_subject == srp->smk_subject) { 229 found = 1; 230 sp->smk_access |= srp->smk_access1; 231 sp->smk_access &= ~srp->smk_access2; 232 break; 233 } 234 } 235 236 if (found == 0) { 237 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); 238 if (sp == NULL) { 239 rc = -ENOMEM; 240 goto out; 241 } 242 243 sp->smk_subject = srp->smk_subject; 244 sp->smk_object = srp->smk_object; 245 sp->smk_access = srp->smk_access1 & ~srp->smk_access2; 246 247 list_add_rcu(&sp->list, rule_list); 248 } 249 250 out: 251 mutex_unlock(rule_lock); 252 return rc; 253 } 254 255 /** 256 * smk_perm_from_str - parse smack accesses from a text string 257 * @string: a text string that contains a Smack accesses code 258 * 259 * Returns an integer with respective bits set for specified accesses. 260 */ 261 static int smk_perm_from_str(const char *string) 262 { 263 int perm = 0; 264 const char *cp; 265 266 for (cp = string; ; cp++) 267 switch (*cp) { 268 case '-': 269 break; 270 case 'r': 271 case 'R': 272 perm |= MAY_READ; 273 break; 274 case 'w': 275 case 'W': 276 perm |= MAY_WRITE; 277 break; 278 case 'x': 279 case 'X': 280 perm |= MAY_EXEC; 281 break; 282 case 'a': 283 case 'A': 284 perm |= MAY_APPEND; 285 break; 286 case 't': 287 case 'T': 288 perm |= MAY_TRANSMUTE; 289 break; 290 case 'l': 291 case 'L': 292 perm |= MAY_LOCK; 293 break; 294 case 'b': 295 case 'B': 296 perm |= MAY_BRINGUP; 297 break; 298 default: 299 return perm; 300 } 301 } 302 303 /** 304 * smk_fill_rule - Fill Smack rule from strings 305 * @subject: subject label string 306 * @object: object label string 307 * @access1: access string 308 * @access2: string with permissions to be removed 309 * @rule: Smack rule 310 * @import: if non-zero, import labels 311 * @len: label length limit 312 * 313 * Returns 0 on success, appropriate error code on failure. 314 */ 315 static int smk_fill_rule(const char *subject, const char *object, 316 const char *access1, const char *access2, 317 struct smack_parsed_rule *rule, int import, 318 int len) 319 { 320 const char *cp; 321 struct smack_known *skp; 322 323 if (import) { 324 rule->smk_subject = smk_import_entry(subject, len); 325 if (IS_ERR(rule->smk_subject)) 326 return PTR_ERR(rule->smk_subject); 327 328 rule->smk_object = smk_import_entry(object, len); 329 if (IS_ERR(rule->smk_object)) 330 return PTR_ERR(rule->smk_object); 331 } else { 332 cp = smk_parse_smack(subject, len); 333 if (IS_ERR(cp)) 334 return PTR_ERR(cp); 335 skp = smk_find_entry(cp); 336 kfree(cp); 337 if (skp == NULL) 338 return -ENOENT; 339 rule->smk_subject = skp; 340 341 cp = smk_parse_smack(object, len); 342 if (IS_ERR(cp)) 343 return PTR_ERR(cp); 344 skp = smk_find_entry(cp); 345 kfree(cp); 346 if (skp == NULL) 347 return -ENOENT; 348 rule->smk_object = skp; 349 } 350 351 rule->smk_access1 = smk_perm_from_str(access1); 352 if (access2) 353 rule->smk_access2 = smk_perm_from_str(access2); 354 else 355 rule->smk_access2 = ~rule->smk_access1; 356 357 return 0; 358 } 359 360 /** 361 * smk_parse_rule - parse Smack rule from load string 362 * @data: string to be parsed whose size is SMK_LOADLEN 363 * @rule: Smack rule 364 * @import: if non-zero, import labels 365 * 366 * Returns 0 on success, -1 on errors. 367 */ 368 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule, 369 int import) 370 { 371 int rc; 372 373 rc = smk_fill_rule(data, data + SMK_LABELLEN, 374 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule, 375 import, SMK_LABELLEN); 376 return rc; 377 } 378 379 /** 380 * smk_parse_long_rule - parse Smack rule from rule string 381 * @data: string to be parsed, null terminated 382 * @rule: Will be filled with Smack parsed rule 383 * @import: if non-zero, import labels 384 * @tokens: number of substrings expected in data 385 * 386 * Returns number of processed bytes on success, -ERRNO on failure. 387 */ 388 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, 389 int import, int tokens) 390 { 391 ssize_t cnt = 0; 392 char *tok[4]; 393 int rc; 394 int i; 395 396 /* 397 * Parsing the rule in-place, filling all white-spaces with '\0' 398 */ 399 for (i = 0; i < tokens; ++i) { 400 while (isspace(data[cnt])) 401 data[cnt++] = '\0'; 402 403 if (data[cnt] == '\0') 404 /* Unexpected end of data */ 405 return -EINVAL; 406 407 tok[i] = data + cnt; 408 409 while (data[cnt] && !isspace(data[cnt])) 410 ++cnt; 411 } 412 while (isspace(data[cnt])) 413 data[cnt++] = '\0'; 414 415 while (i < 4) 416 tok[i++] = NULL; 417 418 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0); 419 return rc == 0 ? cnt : rc; 420 } 421 422 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ 423 #define SMK_LONG_FMT 1 /* Variable long label format */ 424 #define SMK_CHANGE_FMT 2 /* Rule modification format */ 425 /** 426 * smk_write_rules_list - write() for any /smack rule file 427 * @file: file pointer, not actually used 428 * @buf: where to get the data from 429 * @count: bytes sent 430 * @ppos: where to start - must be 0 431 * @rule_list: the list of rules to write to 432 * @rule_lock: lock for the rule list 433 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 434 * 435 * Get one smack access rule from above. 436 * The format for SMK_LONG_FMT is: 437 * "subject<whitespace>object<whitespace>access[<whitespace>...]" 438 * The format for SMK_FIXED24_FMT is exactly: 439 * "subject object rwxat" 440 * The format for SMK_CHANGE_FMT is: 441 * "subject<whitespace>object<whitespace> 442 * acc_enable<whitespace>acc_disable[<whitespace>...]" 443 */ 444 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, 445 size_t count, loff_t *ppos, 446 struct list_head *rule_list, 447 struct mutex *rule_lock, int format) 448 { 449 struct smack_parsed_rule rule; 450 char *data; 451 int rc; 452 int trunc = 0; 453 int tokens; 454 ssize_t cnt = 0; 455 456 /* 457 * No partial writes. 458 * Enough data must be present. 459 */ 460 if (*ppos != 0) 461 return -EINVAL; 462 463 if (format == SMK_FIXED24_FMT) { 464 /* 465 * Minor hack for backward compatibility 466 */ 467 if (count < SMK_OLOADLEN || count > SMK_LOADLEN) 468 return -EINVAL; 469 } else { 470 if (count >= PAGE_SIZE) { 471 count = PAGE_SIZE - 1; 472 trunc = 1; 473 } 474 } 475 476 data = memdup_user_nul(buf, count); 477 if (IS_ERR(data)) 478 return PTR_ERR(data); 479 480 /* 481 * In case of parsing only part of user buf, 482 * avoid having partial rule at the data buffer 483 */ 484 if (trunc) { 485 while (count > 0 && (data[count - 1] != '\n')) 486 --count; 487 if (count == 0) { 488 rc = -EINVAL; 489 goto out; 490 } 491 } 492 493 data[count] = '\0'; 494 tokens = (format == SMK_CHANGE_FMT ? 4 : 3); 495 while (cnt < count) { 496 if (format == SMK_FIXED24_FMT) { 497 rc = smk_parse_rule(data, &rule, 1); 498 if (rc < 0) 499 goto out; 500 cnt = count; 501 } else { 502 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens); 503 if (rc < 0) 504 goto out; 505 if (rc == 0) { 506 rc = -EINVAL; 507 goto out; 508 } 509 cnt += rc; 510 } 511 512 if (rule_list == NULL) 513 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, 514 &rule.smk_subject->smk_rules_lock); 515 else 516 rc = smk_set_access(&rule, rule_list, rule_lock); 517 518 if (rc) 519 goto out; 520 } 521 522 rc = cnt; 523 out: 524 kfree(data); 525 return rc; 526 } 527 528 /* 529 * Core logic for smackfs seq list operations. 530 */ 531 532 static void *smk_seq_start(struct seq_file *s, loff_t *pos, 533 struct list_head *head) 534 { 535 struct list_head *list; 536 int i = *pos; 537 538 rcu_read_lock(); 539 for (list = rcu_dereference(list_next_rcu(head)); 540 list != head; 541 list = rcu_dereference(list_next_rcu(list))) { 542 if (i-- == 0) 543 return list; 544 } 545 546 return NULL; 547 } 548 549 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos, 550 struct list_head *head) 551 { 552 struct list_head *list = v; 553 554 ++*pos; 555 list = rcu_dereference(list_next_rcu(list)); 556 557 return (list == head) ? NULL : list; 558 } 559 560 static void smk_seq_stop(struct seq_file *s, void *v) 561 { 562 rcu_read_unlock(); 563 } 564 565 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max) 566 { 567 char acc[SMK_NUM_ACCESS_TYPE + 1]; 568 /* 569 * Don't show any rules with label names too long for 570 * interface file (/smack/load or /smack/load2) 571 * because you should expect to be able to write 572 * anything you read back. 573 */ 574 if (strlen(srp->smk_subject->smk_known) >= max || 575 strlen(srp->smk_object->smk_known) >= max) 576 return; 577 578 if (srp->smk_access == 0) 579 return; 580 581 smack_str_from_perm(acc, srp->smk_access); 582 seq_printf(s, "%s %s %s\n", 583 srp->smk_subject->smk_known, 584 srp->smk_object->smk_known, 585 acc); 586 } 587 588 /* 589 * Seq_file read operations for /smack/load 590 */ 591 592 static void *load2_seq_start(struct seq_file *s, loff_t *pos) 593 { 594 return smk_seq_start(s, pos, &smack_known_list); 595 } 596 597 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos) 598 { 599 return smk_seq_next(s, v, pos, &smack_known_list); 600 } 601 602 static int load_seq_show(struct seq_file *s, void *v) 603 { 604 struct list_head *list = v; 605 struct smack_rule *srp; 606 struct smack_known *skp = 607 list_entry_rcu(list, struct smack_known, list); 608 609 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 610 smk_rule_show(s, srp, SMK_LABELLEN); 611 612 return 0; 613 } 614 615 static const struct seq_operations load_seq_ops = { 616 .start = load2_seq_start, 617 .next = load2_seq_next, 618 .show = load_seq_show, 619 .stop = smk_seq_stop, 620 }; 621 622 /** 623 * smk_open_load - open() for /smack/load 624 * @inode: inode structure representing file 625 * @file: "load" file pointer 626 * 627 * For reading, use load_seq_* seq_file reading operations. 628 */ 629 static int smk_open_load(struct inode *inode, struct file *file) 630 { 631 return seq_open(file, &load_seq_ops); 632 } 633 634 /** 635 * smk_write_load - write() for /smack/load 636 * @file: file pointer, not actually used 637 * @buf: where to get the data from 638 * @count: bytes sent 639 * @ppos: where to start - must be 0 640 * 641 */ 642 static ssize_t smk_write_load(struct file *file, const char __user *buf, 643 size_t count, loff_t *ppos) 644 { 645 /* 646 * Must have privilege. 647 * No partial writes. 648 * Enough data must be present. 649 */ 650 if (!smack_privileged(CAP_MAC_ADMIN)) 651 return -EPERM; 652 653 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 654 SMK_FIXED24_FMT); 655 } 656 657 static const struct file_operations smk_load_ops = { 658 .open = smk_open_load, 659 .read = seq_read, 660 .llseek = seq_lseek, 661 .write = smk_write_load, 662 .release = seq_release, 663 }; 664 665 /** 666 * smk_cipso_doi - initialize the CIPSO domain 667 */ 668 static void smk_cipso_doi(void) 669 { 670 int rc; 671 struct cipso_v4_doi *doip; 672 struct netlbl_audit nai; 673 674 smk_netlabel_audit_set(&nai); 675 676 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai); 677 if (rc != 0) 678 printk(KERN_WARNING "%s:%d remove rc = %d\n", 679 __func__, __LINE__, rc); 680 681 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL); 682 doip->map.std = NULL; 683 doip->doi = smk_cipso_doi_value; 684 doip->type = CIPSO_V4_MAP_PASS; 685 doip->tags[0] = CIPSO_V4_TAG_RBITMAP; 686 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 687 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 688 689 rc = netlbl_cfg_cipsov4_add(doip, &nai); 690 if (rc != 0) { 691 printk(KERN_WARNING "%s:%d cipso add rc = %d\n", 692 __func__, __LINE__, rc); 693 kfree(doip); 694 return; 695 } 696 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai); 697 if (rc != 0) { 698 printk(KERN_WARNING "%s:%d map add rc = %d\n", 699 __func__, __LINE__, rc); 700 netlbl_cfg_cipsov4_del(doip->doi, &nai); 701 return; 702 } 703 } 704 705 /** 706 * smk_unlbl_ambient - initialize the unlabeled domain 707 * @oldambient: previous domain string 708 */ 709 static void smk_unlbl_ambient(char *oldambient) 710 { 711 int rc; 712 struct netlbl_audit nai; 713 714 smk_netlabel_audit_set(&nai); 715 716 if (oldambient != NULL) { 717 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai); 718 if (rc != 0) 719 printk(KERN_WARNING "%s:%d remove rc = %d\n", 720 __func__, __LINE__, rc); 721 } 722 if (smack_net_ambient == NULL) 723 smack_net_ambient = &smack_known_floor; 724 725 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET, 726 NULL, NULL, &nai); 727 if (rc != 0) 728 printk(KERN_WARNING "%s:%d add rc = %d\n", 729 __func__, __LINE__, rc); 730 } 731 732 /* 733 * Seq_file read operations for /smack/cipso 734 */ 735 736 static void *cipso_seq_start(struct seq_file *s, loff_t *pos) 737 { 738 return smk_seq_start(s, pos, &smack_known_list); 739 } 740 741 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos) 742 { 743 return smk_seq_next(s, v, pos, &smack_known_list); 744 } 745 746 /* 747 * Print cipso labels in format: 748 * label level[/cat[,cat]] 749 */ 750 static int cipso_seq_show(struct seq_file *s, void *v) 751 { 752 struct list_head *list = v; 753 struct smack_known *skp = 754 list_entry_rcu(list, struct smack_known, list); 755 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 756 char sep = '/'; 757 int i; 758 759 /* 760 * Don't show a label that could not have been set using 761 * /smack/cipso. This is in support of the notion that 762 * anything read from /smack/cipso ought to be writeable 763 * to /smack/cipso. 764 * 765 * /smack/cipso2 should be used instead. 766 */ 767 if (strlen(skp->smk_known) >= SMK_LABELLEN) 768 return 0; 769 770 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 771 772 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 773 i = netlbl_catmap_walk(cmp, i + 1)) { 774 seq_printf(s, "%c%d", sep, i); 775 sep = ','; 776 } 777 778 seq_putc(s, '\n'); 779 780 return 0; 781 } 782 783 static const struct seq_operations cipso_seq_ops = { 784 .start = cipso_seq_start, 785 .next = cipso_seq_next, 786 .show = cipso_seq_show, 787 .stop = smk_seq_stop, 788 }; 789 790 /** 791 * smk_open_cipso - open() for /smack/cipso 792 * @inode: inode structure representing file 793 * @file: "cipso" file pointer 794 * 795 * Connect our cipso_seq_* operations with /smack/cipso 796 * file_operations 797 */ 798 static int smk_open_cipso(struct inode *inode, struct file *file) 799 { 800 return seq_open(file, &cipso_seq_ops); 801 } 802 803 /** 804 * smk_set_cipso - do the work for write() for cipso and cipso2 805 * @file: file pointer, not actually used 806 * @buf: where to get the data from 807 * @count: bytes sent 808 * @ppos: where to start 809 * @format: /smack/cipso or /smack/cipso2 810 * 811 * Accepts only one cipso rule per write call. 812 * Returns number of bytes written or error code, as appropriate 813 */ 814 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, 815 size_t count, loff_t *ppos, int format) 816 { 817 struct netlbl_lsm_catmap *old_cat; 818 struct smack_known *skp; 819 struct netlbl_lsm_secattr ncats; 820 char mapcatset[SMK_CIPSOLEN]; 821 int maplevel; 822 unsigned int cat; 823 int catlen; 824 ssize_t rc = -EINVAL; 825 char *data = NULL; 826 char *rule; 827 int ret; 828 int i; 829 830 /* 831 * Must have privilege. 832 * No partial writes. 833 * Enough data must be present. 834 */ 835 if (!smack_privileged(CAP_MAC_ADMIN)) 836 return -EPERM; 837 if (*ppos != 0) 838 return -EINVAL; 839 if (format == SMK_FIXED24_FMT && 840 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) 841 return -EINVAL; 842 if (count > PAGE_SIZE) 843 return -EINVAL; 844 845 data = memdup_user_nul(buf, count); 846 if (IS_ERR(data)) 847 return PTR_ERR(data); 848 849 rule = data; 850 /* 851 * Only allow one writer at a time. Writes should be 852 * quite rare and small in any case. 853 */ 854 mutex_lock(&smack_cipso_lock); 855 856 skp = smk_import_entry(rule, 0); 857 if (IS_ERR(skp)) { 858 rc = PTR_ERR(skp); 859 goto out; 860 } 861 862 if (format == SMK_FIXED24_FMT) 863 rule += SMK_LABELLEN; 864 else 865 rule += strlen(skp->smk_known) + 1; 866 867 if (rule > data + count) { 868 rc = -EOVERFLOW; 869 goto out; 870 } 871 872 ret = sscanf(rule, "%d", &maplevel); 873 if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL) 874 goto out; 875 876 rule += SMK_DIGITLEN; 877 if (rule > data + count) { 878 rc = -EOVERFLOW; 879 goto out; 880 } 881 882 ret = sscanf(rule, "%d", &catlen); 883 if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM) 884 goto out; 885 886 if (format == SMK_FIXED24_FMT && 887 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN)) 888 goto out; 889 890 memset(mapcatset, 0, sizeof(mapcatset)); 891 892 for (i = 0; i < catlen; i++) { 893 rule += SMK_DIGITLEN; 894 if (rule > data + count) { 895 rc = -EOVERFLOW; 896 goto out; 897 } 898 ret = sscanf(rule, "%u", &cat); 899 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM) 900 goto out; 901 902 smack_catset_bit(cat, mapcatset); 903 } 904 905 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN); 906 if (rc >= 0) { 907 old_cat = skp->smk_netlabel.attr.mls.cat; 908 rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat); 909 if (ncats.attr.mls.cat) 910 skp->smk_netlabel.flags |= NETLBL_SECATTR_MLS_CAT; 911 else 912 skp->smk_netlabel.flags &= ~(u32)NETLBL_SECATTR_MLS_CAT; 913 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl; 914 synchronize_rcu(); 915 netlbl_catmap_free(old_cat); 916 rc = count; 917 /* 918 * This mapping may have been cached, so clear the cache. 919 */ 920 netlbl_cache_invalidate(); 921 } 922 923 out: 924 mutex_unlock(&smack_cipso_lock); 925 kfree(data); 926 return rc; 927 } 928 929 /** 930 * smk_write_cipso - write() for /smack/cipso 931 * @file: file pointer, not actually used 932 * @buf: where to get the data from 933 * @count: bytes sent 934 * @ppos: where to start 935 * 936 * Accepts only one cipso rule per write call. 937 * Returns number of bytes written or error code, as appropriate 938 */ 939 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, 940 size_t count, loff_t *ppos) 941 { 942 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); 943 } 944 945 static const struct file_operations smk_cipso_ops = { 946 .open = smk_open_cipso, 947 .read = seq_read, 948 .llseek = seq_lseek, 949 .write = smk_write_cipso, 950 .release = seq_release, 951 }; 952 953 /* 954 * Seq_file read operations for /smack/cipso2 955 */ 956 957 /* 958 * Print cipso labels in format: 959 * label level[/cat[,cat]] 960 */ 961 static int cipso2_seq_show(struct seq_file *s, void *v) 962 { 963 struct list_head *list = v; 964 struct smack_known *skp = 965 list_entry_rcu(list, struct smack_known, list); 966 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat; 967 char sep = '/'; 968 int i; 969 970 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl); 971 972 for (i = netlbl_catmap_walk(cmp, 0); i >= 0; 973 i = netlbl_catmap_walk(cmp, i + 1)) { 974 seq_printf(s, "%c%d", sep, i); 975 sep = ','; 976 } 977 978 seq_putc(s, '\n'); 979 980 return 0; 981 } 982 983 static const struct seq_operations cipso2_seq_ops = { 984 .start = cipso_seq_start, 985 .next = cipso_seq_next, 986 .show = cipso2_seq_show, 987 .stop = smk_seq_stop, 988 }; 989 990 /** 991 * smk_open_cipso2 - open() for /smack/cipso2 992 * @inode: inode structure representing file 993 * @file: "cipso2" file pointer 994 * 995 * Connect our cipso_seq_* operations with /smack/cipso2 996 * file_operations 997 */ 998 static int smk_open_cipso2(struct inode *inode, struct file *file) 999 { 1000 return seq_open(file, &cipso2_seq_ops); 1001 } 1002 1003 /** 1004 * smk_write_cipso2 - write() for /smack/cipso2 1005 * @file: file pointer, not actually used 1006 * @buf: where to get the data from 1007 * @count: bytes sent 1008 * @ppos: where to start 1009 * 1010 * Accepts only one cipso rule per write call. 1011 * Returns number of bytes written or error code, as appropriate 1012 */ 1013 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf, 1014 size_t count, loff_t *ppos) 1015 { 1016 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT); 1017 } 1018 1019 static const struct file_operations smk_cipso2_ops = { 1020 .open = smk_open_cipso2, 1021 .read = seq_read, 1022 .llseek = seq_lseek, 1023 .write = smk_write_cipso2, 1024 .release = seq_release, 1025 }; 1026 1027 /* 1028 * Seq_file read operations for /smack/netlabel 1029 */ 1030 1031 static void *net4addr_seq_start(struct seq_file *s, loff_t *pos) 1032 { 1033 return smk_seq_start(s, pos, &smk_net4addr_list); 1034 } 1035 1036 static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1037 { 1038 return smk_seq_next(s, v, pos, &smk_net4addr_list); 1039 } 1040 1041 /* 1042 * Print host/label pairs 1043 */ 1044 static int net4addr_seq_show(struct seq_file *s, void *v) 1045 { 1046 struct list_head *list = v; 1047 struct smk_net4addr *skp = 1048 list_entry_rcu(list, struct smk_net4addr, list); 1049 char *kp = SMACK_CIPSO_OPTION; 1050 1051 if (skp->smk_label != NULL) 1052 kp = skp->smk_label->smk_known; 1053 seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr, 1054 skp->smk_masks, kp); 1055 1056 return 0; 1057 } 1058 1059 static const struct seq_operations net4addr_seq_ops = { 1060 .start = net4addr_seq_start, 1061 .next = net4addr_seq_next, 1062 .show = net4addr_seq_show, 1063 .stop = smk_seq_stop, 1064 }; 1065 1066 /** 1067 * smk_open_net4addr - open() for /smack/netlabel 1068 * @inode: inode structure representing file 1069 * @file: "netlabel" file pointer 1070 * 1071 * Connect our net4addr_seq_* operations with /smack/netlabel 1072 * file_operations 1073 */ 1074 static int smk_open_net4addr(struct inode *inode, struct file *file) 1075 { 1076 return seq_open(file, &net4addr_seq_ops); 1077 } 1078 1079 /** 1080 * smk_net4addr_insert - insert a new entry into the net4addrs list 1081 * @new : netlabel to insert 1082 * 1083 * This helper inserts netlabel in the smack_net4addrs list 1084 * sorted by netmask length (longest to smallest) 1085 * locked by &smk_net4addr_lock in smk_write_net4addr. 1086 */ 1087 static void smk_net4addr_insert(struct smk_net4addr *new) 1088 { 1089 struct smk_net4addr *m; 1090 struct smk_net4addr *m_next; 1091 1092 if (list_empty(&smk_net4addr_list)) { 1093 list_add_rcu(&new->list, &smk_net4addr_list); 1094 return; 1095 } 1096 1097 m = list_entry_rcu(smk_net4addr_list.next, 1098 struct smk_net4addr, list); 1099 1100 /* the comparison '>' is a bit hacky, but works */ 1101 if (new->smk_masks > m->smk_masks) { 1102 list_add_rcu(&new->list, &smk_net4addr_list); 1103 return; 1104 } 1105 1106 list_for_each_entry_rcu(m, &smk_net4addr_list, list) { 1107 if (list_is_last(&m->list, &smk_net4addr_list)) { 1108 list_add_rcu(&new->list, &m->list); 1109 return; 1110 } 1111 m_next = list_entry_rcu(m->list.next, 1112 struct smk_net4addr, list); 1113 if (new->smk_masks > m_next->smk_masks) { 1114 list_add_rcu(&new->list, &m->list); 1115 return; 1116 } 1117 } 1118 } 1119 1120 1121 /** 1122 * smk_write_net4addr - write() for /smack/netlabel 1123 * @file: file pointer, not actually used 1124 * @buf: where to get the data from 1125 * @count: bytes sent 1126 * @ppos: where to start 1127 * 1128 * Accepts only one net4addr per write call. 1129 * Returns number of bytes written or error code, as appropriate 1130 */ 1131 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 1132 size_t count, loff_t *ppos) 1133 { 1134 struct smk_net4addr *snp; 1135 struct sockaddr_in newname; 1136 char *smack; 1137 struct smack_known *skp = NULL; 1138 char *data; 1139 char *host = (char *)&newname.sin_addr.s_addr; 1140 int rc; 1141 struct netlbl_audit audit_info; 1142 struct in_addr mask; 1143 unsigned int m; 1144 unsigned int masks; 1145 int found; 1146 u32 mask_bits = (1<<31); 1147 __be32 nsa; 1148 u32 temp_mask; 1149 1150 /* 1151 * Must have privilege. 1152 * No partial writes. 1153 * Enough data must be present. 1154 * "<addr/mask, as a.b.c.d/e><space><label>" 1155 * "<addr, as a.b.c.d><space><label>" 1156 */ 1157 if (!smack_privileged(CAP_MAC_ADMIN)) 1158 return -EPERM; 1159 if (*ppos != 0) 1160 return -EINVAL; 1161 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1162 return -EINVAL; 1163 1164 data = memdup_user_nul(buf, count); 1165 if (IS_ERR(data)) 1166 return PTR_ERR(data); 1167 1168 smack = kzalloc(count + 1, GFP_KERNEL); 1169 if (smack == NULL) { 1170 rc = -ENOMEM; 1171 goto free_data_out; 1172 } 1173 1174 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", 1175 &host[0], &host[1], &host[2], &host[3], &masks, smack); 1176 if (rc != 6) { 1177 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", 1178 &host[0], &host[1], &host[2], &host[3], smack); 1179 if (rc != 5) { 1180 rc = -EINVAL; 1181 goto free_out; 1182 } 1183 masks = 32; 1184 } 1185 if (masks > BEBITS) { 1186 rc = -EINVAL; 1187 goto free_out; 1188 } 1189 1190 /* 1191 * If smack begins with '-', it is an option, don't import it 1192 */ 1193 if (smack[0] != '-') { 1194 skp = smk_import_entry(smack, 0); 1195 if (IS_ERR(skp)) { 1196 rc = PTR_ERR(skp); 1197 goto free_out; 1198 } 1199 } else { 1200 /* 1201 * Only the -CIPSO option is supported for IPv4 1202 */ 1203 if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) { 1204 rc = -EINVAL; 1205 goto free_out; 1206 } 1207 } 1208 1209 for (m = masks, temp_mask = 0; m > 0; m--) { 1210 temp_mask |= mask_bits; 1211 mask_bits >>= 1; 1212 } 1213 mask.s_addr = cpu_to_be32(temp_mask); 1214 1215 newname.sin_addr.s_addr &= mask.s_addr; 1216 /* 1217 * Only allow one writer at a time. Writes should be 1218 * quite rare and small in any case. 1219 */ 1220 mutex_lock(&smk_net4addr_lock); 1221 1222 nsa = newname.sin_addr.s_addr; 1223 /* try to find if the prefix is already in the list */ 1224 found = 0; 1225 list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { 1226 if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) { 1227 found = 1; 1228 break; 1229 } 1230 } 1231 smk_netlabel_audit_set(&audit_info); 1232 1233 if (found == 0) { 1234 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1235 if (snp == NULL) 1236 rc = -ENOMEM; 1237 else { 1238 rc = 0; 1239 snp->smk_host.s_addr = newname.sin_addr.s_addr; 1240 snp->smk_mask.s_addr = mask.s_addr; 1241 snp->smk_label = skp; 1242 snp->smk_masks = masks; 1243 smk_net4addr_insert(snp); 1244 } 1245 } else { 1246 /* 1247 * Delete the unlabeled entry, only if the previous label 1248 * wasn't the special CIPSO option 1249 */ 1250 if (snp->smk_label != NULL) 1251 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL, 1252 &snp->smk_host, &snp->smk_mask, 1253 PF_INET, &audit_info); 1254 else 1255 rc = 0; 1256 snp->smk_label = skp; 1257 } 1258 1259 /* 1260 * Now tell netlabel about the single label nature of 1261 * this host so that incoming packets get labeled. 1262 * but only if we didn't get the special CIPSO option 1263 */ 1264 if (rc == 0 && skp != NULL) 1265 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL, 1266 &snp->smk_host, &snp->smk_mask, PF_INET, 1267 snp->smk_label->smk_secid, &audit_info); 1268 1269 if (rc == 0) 1270 rc = count; 1271 1272 mutex_unlock(&smk_net4addr_lock); 1273 1274 free_out: 1275 kfree(smack); 1276 free_data_out: 1277 kfree(data); 1278 1279 return rc; 1280 } 1281 1282 static const struct file_operations smk_net4addr_ops = { 1283 .open = smk_open_net4addr, 1284 .read = seq_read, 1285 .llseek = seq_lseek, 1286 .write = smk_write_net4addr, 1287 .release = seq_release, 1288 }; 1289 1290 #if IS_ENABLED(CONFIG_IPV6) 1291 /* 1292 * Seq_file read operations for /smack/netlabel6 1293 */ 1294 1295 static void *net6addr_seq_start(struct seq_file *s, loff_t *pos) 1296 { 1297 return smk_seq_start(s, pos, &smk_net6addr_list); 1298 } 1299 1300 static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos) 1301 { 1302 return smk_seq_next(s, v, pos, &smk_net6addr_list); 1303 } 1304 1305 /* 1306 * Print host/label pairs 1307 */ 1308 static int net6addr_seq_show(struct seq_file *s, void *v) 1309 { 1310 struct list_head *list = v; 1311 struct smk_net6addr *skp = 1312 list_entry(list, struct smk_net6addr, list); 1313 1314 if (skp->smk_label != NULL) 1315 seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks, 1316 skp->smk_label->smk_known); 1317 1318 return 0; 1319 } 1320 1321 static const struct seq_operations net6addr_seq_ops = { 1322 .start = net6addr_seq_start, 1323 .next = net6addr_seq_next, 1324 .show = net6addr_seq_show, 1325 .stop = smk_seq_stop, 1326 }; 1327 1328 /** 1329 * smk_open_net6addr - open() for /smack/netlabel 1330 * @inode: inode structure representing file 1331 * @file: "netlabel" file pointer 1332 * 1333 * Connect our net6addr_seq_* operations with /smack/netlabel 1334 * file_operations 1335 */ 1336 static int smk_open_net6addr(struct inode *inode, struct file *file) 1337 { 1338 return seq_open(file, &net6addr_seq_ops); 1339 } 1340 1341 /** 1342 * smk_net6addr_insert - insert a new entry into the net6addrs list 1343 * @new : entry to insert 1344 * 1345 * This inserts an entry in the smack_net6addrs list 1346 * sorted by netmask length (longest to smallest) 1347 * locked by &smk_net6addr_lock in smk_write_net6addr. 1348 */ 1349 static void smk_net6addr_insert(struct smk_net6addr *new) 1350 { 1351 struct smk_net6addr *m_next; 1352 struct smk_net6addr *m; 1353 1354 if (list_empty(&smk_net6addr_list)) { 1355 list_add_rcu(&new->list, &smk_net6addr_list); 1356 return; 1357 } 1358 1359 m = list_entry_rcu(smk_net6addr_list.next, 1360 struct smk_net6addr, list); 1361 1362 if (new->smk_masks > m->smk_masks) { 1363 list_add_rcu(&new->list, &smk_net6addr_list); 1364 return; 1365 } 1366 1367 list_for_each_entry_rcu(m, &smk_net6addr_list, list) { 1368 if (list_is_last(&m->list, &smk_net6addr_list)) { 1369 list_add_rcu(&new->list, &m->list); 1370 return; 1371 } 1372 m_next = list_entry_rcu(m->list.next, 1373 struct smk_net6addr, list); 1374 if (new->smk_masks > m_next->smk_masks) { 1375 list_add_rcu(&new->list, &m->list); 1376 return; 1377 } 1378 } 1379 } 1380 1381 1382 /** 1383 * smk_write_net6addr - write() for /smack/netlabel 1384 * @file: file pointer, not actually used 1385 * @buf: where to get the data from 1386 * @count: bytes sent 1387 * @ppos: where to start 1388 * 1389 * Accepts only one net6addr per write call. 1390 * Returns number of bytes written or error code, as appropriate 1391 */ 1392 static ssize_t smk_write_net6addr(struct file *file, const char __user *buf, 1393 size_t count, loff_t *ppos) 1394 { 1395 struct smk_net6addr *snp; 1396 struct in6_addr newname; 1397 struct in6_addr fullmask; 1398 struct smack_known *skp = NULL; 1399 char *smack; 1400 char *data; 1401 int rc = 0; 1402 int found = 0; 1403 int i; 1404 unsigned int scanned[8]; 1405 unsigned int m; 1406 unsigned int mask = 128; 1407 1408 /* 1409 * Must have privilege. 1410 * No partial writes. 1411 * Enough data must be present. 1412 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" 1413 * "<addr, as a:b:c:d:e:f:g:h><space><label>" 1414 */ 1415 if (!smack_privileged(CAP_MAC_ADMIN)) 1416 return -EPERM; 1417 if (*ppos != 0) 1418 return -EINVAL; 1419 if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) 1420 return -EINVAL; 1421 1422 data = memdup_user_nul(buf, count); 1423 if (IS_ERR(data)) 1424 return PTR_ERR(data); 1425 1426 smack = kzalloc(count + 1, GFP_KERNEL); 1427 if (smack == NULL) { 1428 rc = -ENOMEM; 1429 goto free_data_out; 1430 } 1431 1432 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", 1433 &scanned[0], &scanned[1], &scanned[2], &scanned[3], 1434 &scanned[4], &scanned[5], &scanned[6], &scanned[7], 1435 &mask, smack); 1436 if (i != 10) { 1437 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", 1438 &scanned[0], &scanned[1], &scanned[2], 1439 &scanned[3], &scanned[4], &scanned[5], 1440 &scanned[6], &scanned[7], smack); 1441 if (i != 9) { 1442 rc = -EINVAL; 1443 goto free_out; 1444 } 1445 } 1446 if (mask > 128) { 1447 rc = -EINVAL; 1448 goto free_out; 1449 } 1450 for (i = 0; i < 8; i++) { 1451 if (scanned[i] > 0xffff) { 1452 rc = -EINVAL; 1453 goto free_out; 1454 } 1455 newname.s6_addr16[i] = htons(scanned[i]); 1456 } 1457 1458 /* 1459 * If smack begins with '-', it is an option, don't import it 1460 */ 1461 if (smack[0] != '-') { 1462 skp = smk_import_entry(smack, 0); 1463 if (IS_ERR(skp)) { 1464 rc = PTR_ERR(skp); 1465 goto free_out; 1466 } 1467 } else { 1468 /* 1469 * Only -DELETE is supported for IPv6 1470 */ 1471 if (strcmp(smack, SMACK_DELETE_OPTION) != 0) { 1472 rc = -EINVAL; 1473 goto free_out; 1474 } 1475 } 1476 1477 for (i = 0, m = mask; i < 8; i++) { 1478 if (m >= 16) { 1479 fullmask.s6_addr16[i] = 0xffff; 1480 m -= 16; 1481 } else if (m > 0) { 1482 fullmask.s6_addr16[i] = (1 << m) - 1; 1483 m = 0; 1484 } else 1485 fullmask.s6_addr16[i] = 0; 1486 newname.s6_addr16[i] &= fullmask.s6_addr16[i]; 1487 } 1488 1489 /* 1490 * Only allow one writer at a time. Writes should be 1491 * quite rare and small in any case. 1492 */ 1493 mutex_lock(&smk_net6addr_lock); 1494 /* 1495 * Try to find the prefix in the list 1496 */ 1497 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { 1498 if (mask != snp->smk_masks) 1499 continue; 1500 for (found = 1, i = 0; i < 8; i++) { 1501 if (newname.s6_addr16[i] != 1502 snp->smk_host.s6_addr16[i]) { 1503 found = 0; 1504 break; 1505 } 1506 } 1507 if (found == 1) 1508 break; 1509 } 1510 if (found == 0) { 1511 snp = kzalloc(sizeof(*snp), GFP_KERNEL); 1512 if (snp == NULL) 1513 rc = -ENOMEM; 1514 else { 1515 snp->smk_host = newname; 1516 snp->smk_mask = fullmask; 1517 snp->smk_masks = mask; 1518 snp->smk_label = skp; 1519 smk_net6addr_insert(snp); 1520 } 1521 } else { 1522 snp->smk_label = skp; 1523 } 1524 1525 if (rc == 0) 1526 rc = count; 1527 1528 mutex_unlock(&smk_net6addr_lock); 1529 1530 free_out: 1531 kfree(smack); 1532 free_data_out: 1533 kfree(data); 1534 1535 return rc; 1536 } 1537 1538 static const struct file_operations smk_net6addr_ops = { 1539 .open = smk_open_net6addr, 1540 .read = seq_read, 1541 .llseek = seq_lseek, 1542 .write = smk_write_net6addr, 1543 .release = seq_release, 1544 }; 1545 #endif /* CONFIG_IPV6 */ 1546 1547 /** 1548 * smk_read_doi - read() for /smack/doi 1549 * @filp: file pointer, not actually used 1550 * @buf: where to put the result 1551 * @count: maximum to send along 1552 * @ppos: where to start 1553 * 1554 * Returns number of bytes read or error code, as appropriate 1555 */ 1556 static ssize_t smk_read_doi(struct file *filp, char __user *buf, 1557 size_t count, loff_t *ppos) 1558 { 1559 char temp[80]; 1560 ssize_t rc; 1561 1562 if (*ppos != 0) 1563 return 0; 1564 1565 sprintf(temp, "%d", smk_cipso_doi_value); 1566 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1567 1568 return rc; 1569 } 1570 1571 /** 1572 * smk_write_doi - write() for /smack/doi 1573 * @file: file pointer, not actually used 1574 * @buf: where to get the data from 1575 * @count: bytes sent 1576 * @ppos: where to start 1577 * 1578 * Returns number of bytes written or error code, as appropriate 1579 */ 1580 static ssize_t smk_write_doi(struct file *file, const char __user *buf, 1581 size_t count, loff_t *ppos) 1582 { 1583 char temp[80]; 1584 int i; 1585 1586 if (!smack_privileged(CAP_MAC_ADMIN)) 1587 return -EPERM; 1588 1589 if (count >= sizeof(temp) || count == 0) 1590 return -EINVAL; 1591 1592 if (copy_from_user(temp, buf, count) != 0) 1593 return -EFAULT; 1594 1595 temp[count] = '\0'; 1596 1597 if (sscanf(temp, "%d", &i) != 1) 1598 return -EINVAL; 1599 1600 smk_cipso_doi_value = i; 1601 1602 smk_cipso_doi(); 1603 1604 return count; 1605 } 1606 1607 static const struct file_operations smk_doi_ops = { 1608 .read = smk_read_doi, 1609 .write = smk_write_doi, 1610 .llseek = default_llseek, 1611 }; 1612 1613 /** 1614 * smk_read_direct - read() for /smack/direct 1615 * @filp: file pointer, not actually used 1616 * @buf: where to put the result 1617 * @count: maximum to send along 1618 * @ppos: where to start 1619 * 1620 * Returns number of bytes read or error code, as appropriate 1621 */ 1622 static ssize_t smk_read_direct(struct file *filp, char __user *buf, 1623 size_t count, loff_t *ppos) 1624 { 1625 char temp[80]; 1626 ssize_t rc; 1627 1628 if (*ppos != 0) 1629 return 0; 1630 1631 sprintf(temp, "%d", smack_cipso_direct); 1632 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1633 1634 return rc; 1635 } 1636 1637 /** 1638 * smk_write_direct - write() for /smack/direct 1639 * @file: file pointer, not actually used 1640 * @buf: where to get the data from 1641 * @count: bytes sent 1642 * @ppos: where to start 1643 * 1644 * Returns number of bytes written or error code, as appropriate 1645 */ 1646 static ssize_t smk_write_direct(struct file *file, const char __user *buf, 1647 size_t count, loff_t *ppos) 1648 { 1649 struct smack_known *skp; 1650 char temp[80]; 1651 int i; 1652 1653 if (!smack_privileged(CAP_MAC_ADMIN)) 1654 return -EPERM; 1655 1656 if (count >= sizeof(temp) || count == 0) 1657 return -EINVAL; 1658 1659 if (copy_from_user(temp, buf, count) != 0) 1660 return -EFAULT; 1661 1662 temp[count] = '\0'; 1663 1664 if (sscanf(temp, "%d", &i) != 1) 1665 return -EINVAL; 1666 1667 /* 1668 * Don't do anything if the value hasn't actually changed. 1669 * If it is changing reset the level on entries that were 1670 * set up to be direct when they were created. 1671 */ 1672 if (smack_cipso_direct != i) { 1673 mutex_lock(&smack_known_lock); 1674 list_for_each_entry_rcu(skp, &smack_known_list, list) 1675 if (skp->smk_netlabel.attr.mls.lvl == 1676 smack_cipso_direct) 1677 skp->smk_netlabel.attr.mls.lvl = i; 1678 smack_cipso_direct = i; 1679 mutex_unlock(&smack_known_lock); 1680 } 1681 1682 return count; 1683 } 1684 1685 static const struct file_operations smk_direct_ops = { 1686 .read = smk_read_direct, 1687 .write = smk_write_direct, 1688 .llseek = default_llseek, 1689 }; 1690 1691 /** 1692 * smk_read_mapped - read() for /smack/mapped 1693 * @filp: file pointer, not actually used 1694 * @buf: where to put the result 1695 * @count: maximum to send along 1696 * @ppos: where to start 1697 * 1698 * Returns number of bytes read or error code, as appropriate 1699 */ 1700 static ssize_t smk_read_mapped(struct file *filp, char __user *buf, 1701 size_t count, loff_t *ppos) 1702 { 1703 char temp[80]; 1704 ssize_t rc; 1705 1706 if (*ppos != 0) 1707 return 0; 1708 1709 sprintf(temp, "%d", smack_cipso_mapped); 1710 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 1711 1712 return rc; 1713 } 1714 1715 /** 1716 * smk_write_mapped - write() for /smack/mapped 1717 * @file: file pointer, not actually used 1718 * @buf: where to get the data from 1719 * @count: bytes sent 1720 * @ppos: where to start 1721 * 1722 * Returns number of bytes written or error code, as appropriate 1723 */ 1724 static ssize_t smk_write_mapped(struct file *file, const char __user *buf, 1725 size_t count, loff_t *ppos) 1726 { 1727 struct smack_known *skp; 1728 char temp[80]; 1729 int i; 1730 1731 if (!smack_privileged(CAP_MAC_ADMIN)) 1732 return -EPERM; 1733 1734 if (count >= sizeof(temp) || count == 0) 1735 return -EINVAL; 1736 1737 if (copy_from_user(temp, buf, count) != 0) 1738 return -EFAULT; 1739 1740 temp[count] = '\0'; 1741 1742 if (sscanf(temp, "%d", &i) != 1) 1743 return -EINVAL; 1744 1745 /* 1746 * Don't do anything if the value hasn't actually changed. 1747 * If it is changing reset the level on entries that were 1748 * set up to be mapped when they were created. 1749 */ 1750 if (smack_cipso_mapped != i) { 1751 mutex_lock(&smack_known_lock); 1752 list_for_each_entry_rcu(skp, &smack_known_list, list) 1753 if (skp->smk_netlabel.attr.mls.lvl == 1754 smack_cipso_mapped) 1755 skp->smk_netlabel.attr.mls.lvl = i; 1756 smack_cipso_mapped = i; 1757 mutex_unlock(&smack_known_lock); 1758 } 1759 1760 return count; 1761 } 1762 1763 static const struct file_operations smk_mapped_ops = { 1764 .read = smk_read_mapped, 1765 .write = smk_write_mapped, 1766 .llseek = default_llseek, 1767 }; 1768 1769 /** 1770 * smk_read_ambient - read() for /smack/ambient 1771 * @filp: file pointer, not actually used 1772 * @buf: where to put the result 1773 * @cn: maximum to send along 1774 * @ppos: where to start 1775 * 1776 * Returns number of bytes read or error code, as appropriate 1777 */ 1778 static ssize_t smk_read_ambient(struct file *filp, char __user *buf, 1779 size_t cn, loff_t *ppos) 1780 { 1781 ssize_t rc; 1782 int asize; 1783 1784 if (*ppos != 0) 1785 return 0; 1786 /* 1787 * Being careful to avoid a problem in the case where 1788 * smack_net_ambient gets changed in midstream. 1789 */ 1790 mutex_lock(&smack_ambient_lock); 1791 1792 asize = strlen(smack_net_ambient->smk_known) + 1; 1793 1794 if (cn >= asize) 1795 rc = simple_read_from_buffer(buf, cn, ppos, 1796 smack_net_ambient->smk_known, 1797 asize); 1798 else 1799 rc = -EINVAL; 1800 1801 mutex_unlock(&smack_ambient_lock); 1802 1803 return rc; 1804 } 1805 1806 /** 1807 * smk_write_ambient - write() for /smack/ambient 1808 * @file: file pointer, not actually used 1809 * @buf: where to get the data from 1810 * @count: bytes sent 1811 * @ppos: where to start 1812 * 1813 * Returns number of bytes written or error code, as appropriate 1814 */ 1815 static ssize_t smk_write_ambient(struct file *file, const char __user *buf, 1816 size_t count, loff_t *ppos) 1817 { 1818 struct smack_known *skp; 1819 char *oldambient; 1820 char *data; 1821 int rc = count; 1822 1823 if (!smack_privileged(CAP_MAC_ADMIN)) 1824 return -EPERM; 1825 1826 /* Enough data must be present */ 1827 if (count == 0 || count > PAGE_SIZE) 1828 return -EINVAL; 1829 1830 data = memdup_user_nul(buf, count); 1831 if (IS_ERR(data)) 1832 return PTR_ERR(data); 1833 1834 skp = smk_import_entry(data, count); 1835 if (IS_ERR(skp)) { 1836 rc = PTR_ERR(skp); 1837 goto out; 1838 } 1839 1840 mutex_lock(&smack_ambient_lock); 1841 1842 oldambient = smack_net_ambient->smk_known; 1843 smack_net_ambient = skp; 1844 smk_unlbl_ambient(oldambient); 1845 1846 mutex_unlock(&smack_ambient_lock); 1847 1848 out: 1849 kfree(data); 1850 return rc; 1851 } 1852 1853 static const struct file_operations smk_ambient_ops = { 1854 .read = smk_read_ambient, 1855 .write = smk_write_ambient, 1856 .llseek = default_llseek, 1857 }; 1858 1859 /* 1860 * Seq_file operations for /smack/onlycap 1861 */ 1862 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos) 1863 { 1864 return smk_seq_start(s, pos, &smack_onlycap_list); 1865 } 1866 1867 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos) 1868 { 1869 return smk_seq_next(s, v, pos, &smack_onlycap_list); 1870 } 1871 1872 static int onlycap_seq_show(struct seq_file *s, void *v) 1873 { 1874 struct list_head *list = v; 1875 struct smack_known_list_elem *sklep = 1876 list_entry_rcu(list, struct smack_known_list_elem, list); 1877 1878 seq_puts(s, sklep->smk_label->smk_known); 1879 seq_putc(s, ' '); 1880 1881 return 0; 1882 } 1883 1884 static const struct seq_operations onlycap_seq_ops = { 1885 .start = onlycap_seq_start, 1886 .next = onlycap_seq_next, 1887 .show = onlycap_seq_show, 1888 .stop = smk_seq_stop, 1889 }; 1890 1891 static int smk_open_onlycap(struct inode *inode, struct file *file) 1892 { 1893 return seq_open(file, &onlycap_seq_ops); 1894 } 1895 1896 /** 1897 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way 1898 * The caller must hold appropriate mutex to prevent concurrent modifications 1899 * to the public list. 1900 * Private list is assumed to be not accessible to other threads yet. 1901 * 1902 * @public: public list 1903 * @private: private list 1904 */ 1905 static void smk_list_swap_rcu(struct list_head *public, 1906 struct list_head *private) 1907 { 1908 struct list_head *first, *last; 1909 1910 if (list_empty(public)) { 1911 list_splice_init_rcu(private, public, synchronize_rcu); 1912 } else { 1913 /* Remember public list before replacing it */ 1914 first = public->next; 1915 last = public->prev; 1916 1917 /* Publish private list in place of public in RCU-safe way */ 1918 private->prev->next = public; 1919 private->next->prev = public; 1920 rcu_assign_pointer(public->next, private->next); 1921 public->prev = private->prev; 1922 1923 synchronize_rcu(); 1924 1925 /* When all readers are done with the old public list, 1926 * attach it in place of private */ 1927 private->next = first; 1928 private->prev = last; 1929 first->prev = private; 1930 last->next = private; 1931 } 1932 } 1933 1934 /** 1935 * smk_parse_label_list - parse list of Smack labels, separated by spaces 1936 * 1937 * @data: the string to parse 1938 * @list: destination list 1939 * 1940 * Returns zero on success or error code, as appropriate 1941 */ 1942 static int smk_parse_label_list(char *data, struct list_head *list) 1943 { 1944 char *tok; 1945 struct smack_known *skp; 1946 struct smack_known_list_elem *sklep; 1947 1948 while ((tok = strsep(&data, " ")) != NULL) { 1949 if (!*tok) 1950 continue; 1951 1952 skp = smk_import_entry(tok, 0); 1953 if (IS_ERR(skp)) 1954 return PTR_ERR(skp); 1955 1956 sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); 1957 if (sklep == NULL) 1958 return -ENOMEM; 1959 1960 sklep->smk_label = skp; 1961 list_add(&sklep->list, list); 1962 } 1963 1964 return 0; 1965 } 1966 1967 /** 1968 * smk_destroy_label_list - destroy a list of smack_known_list_elem 1969 * @list: header pointer of the list to destroy 1970 */ 1971 void smk_destroy_label_list(struct list_head *list) 1972 { 1973 struct smack_known_list_elem *sklep; 1974 struct smack_known_list_elem *sklep2; 1975 1976 list_for_each_entry_safe(sklep, sklep2, list, list) 1977 kfree(sklep); 1978 1979 INIT_LIST_HEAD(list); 1980 } 1981 1982 /** 1983 * smk_write_onlycap - write() for smackfs/onlycap 1984 * @file: file pointer, not actually used 1985 * @buf: where to get the data from 1986 * @count: bytes sent 1987 * @ppos: where to start 1988 * 1989 * Returns number of bytes written or error code, as appropriate 1990 */ 1991 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf, 1992 size_t count, loff_t *ppos) 1993 { 1994 char *data; 1995 LIST_HEAD(list_tmp); 1996 int rc; 1997 1998 if (!smack_privileged(CAP_MAC_ADMIN)) 1999 return -EPERM; 2000 2001 if (count > PAGE_SIZE) 2002 return -EINVAL; 2003 2004 data = memdup_user_nul(buf, count); 2005 if (IS_ERR(data)) 2006 return PTR_ERR(data); 2007 2008 rc = smk_parse_label_list(data, &list_tmp); 2009 kfree(data); 2010 2011 /* 2012 * Clear the smack_onlycap on invalid label errors. This means 2013 * that we can pass a null string to unset the onlycap value. 2014 * 2015 * Importing will also reject a label beginning with '-', 2016 * so "-usecapabilities" will also work. 2017 * 2018 * But do so only on invalid label, not on system errors. 2019 * The invalid label must be first to count as clearing attempt. 2020 */ 2021 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2022 mutex_lock(&smack_onlycap_lock); 2023 smk_list_swap_rcu(&smack_onlycap_list, &list_tmp); 2024 mutex_unlock(&smack_onlycap_lock); 2025 rc = count; 2026 } 2027 2028 smk_destroy_label_list(&list_tmp); 2029 2030 return rc; 2031 } 2032 2033 static const struct file_operations smk_onlycap_ops = { 2034 .open = smk_open_onlycap, 2035 .read = seq_read, 2036 .write = smk_write_onlycap, 2037 .llseek = seq_lseek, 2038 .release = seq_release, 2039 }; 2040 2041 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2042 /** 2043 * smk_read_unconfined - read() for smackfs/unconfined 2044 * @filp: file pointer, not actually used 2045 * @buf: where to put the result 2046 * @cn: maximum to send along 2047 * @ppos: where to start 2048 * 2049 * Returns number of bytes read or error code, as appropriate 2050 */ 2051 static ssize_t smk_read_unconfined(struct file *filp, char __user *buf, 2052 size_t cn, loff_t *ppos) 2053 { 2054 char *smack = ""; 2055 ssize_t rc = -EINVAL; 2056 int asize; 2057 2058 if (*ppos != 0) 2059 return 0; 2060 2061 if (smack_unconfined != NULL) 2062 smack = smack_unconfined->smk_known; 2063 2064 asize = strlen(smack) + 1; 2065 2066 if (cn >= asize) 2067 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize); 2068 2069 return rc; 2070 } 2071 2072 /** 2073 * smk_write_unconfined - write() for smackfs/unconfined 2074 * @file: file pointer, not actually used 2075 * @buf: where to get the data from 2076 * @count: bytes sent 2077 * @ppos: where to start 2078 * 2079 * Returns number of bytes written or error code, as appropriate 2080 */ 2081 static ssize_t smk_write_unconfined(struct file *file, const char __user *buf, 2082 size_t count, loff_t *ppos) 2083 { 2084 char *data; 2085 struct smack_known *skp; 2086 int rc = count; 2087 2088 if (!smack_privileged(CAP_MAC_ADMIN)) 2089 return -EPERM; 2090 2091 if (count > PAGE_SIZE) 2092 return -EINVAL; 2093 2094 data = memdup_user_nul(buf, count); 2095 if (IS_ERR(data)) 2096 return PTR_ERR(data); 2097 2098 /* 2099 * Clear the smack_unconfined on invalid label errors. This means 2100 * that we can pass a null string to unset the unconfined value. 2101 * 2102 * Importing will also reject a label beginning with '-', 2103 * so "-confine" will also work. 2104 * 2105 * But do so only on invalid label, not on system errors. 2106 */ 2107 skp = smk_import_entry(data, count); 2108 if (PTR_ERR(skp) == -EINVAL) 2109 skp = NULL; 2110 else if (IS_ERR(skp)) { 2111 rc = PTR_ERR(skp); 2112 goto freeout; 2113 } 2114 2115 smack_unconfined = skp; 2116 2117 freeout: 2118 kfree(data); 2119 return rc; 2120 } 2121 2122 static const struct file_operations smk_unconfined_ops = { 2123 .read = smk_read_unconfined, 2124 .write = smk_write_unconfined, 2125 .llseek = default_llseek, 2126 }; 2127 #endif /* CONFIG_SECURITY_SMACK_BRINGUP */ 2128 2129 #ifdef CONFIG_AUDIT 2130 /** 2131 * smk_read_logging - read() for /smack/logging 2132 * @filp: file pointer, not actually used 2133 * @buf: where to put the result 2134 * @count: maximum to send along 2135 * @ppos: where to start 2136 * 2137 * Returns number of bytes read or error code, as appropriate 2138 */ 2139 static ssize_t smk_read_logging(struct file *filp, char __user *buf, 2140 size_t count, loff_t *ppos) 2141 { 2142 char temp[32]; 2143 ssize_t rc; 2144 2145 if (*ppos != 0) 2146 return 0; 2147 2148 sprintf(temp, "%d\n", log_policy); 2149 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2150 return rc; 2151 } 2152 2153 /** 2154 * smk_write_logging - write() for /smack/logging 2155 * @file: file pointer, not actually used 2156 * @buf: where to get the data from 2157 * @count: bytes sent 2158 * @ppos: where to start 2159 * 2160 * Returns number of bytes written or error code, as appropriate 2161 */ 2162 static ssize_t smk_write_logging(struct file *file, const char __user *buf, 2163 size_t count, loff_t *ppos) 2164 { 2165 char temp[32]; 2166 int i; 2167 2168 if (!smack_privileged(CAP_MAC_ADMIN)) 2169 return -EPERM; 2170 2171 if (count >= sizeof(temp) || count == 0) 2172 return -EINVAL; 2173 2174 if (copy_from_user(temp, buf, count) != 0) 2175 return -EFAULT; 2176 2177 temp[count] = '\0'; 2178 2179 if (sscanf(temp, "%d", &i) != 1) 2180 return -EINVAL; 2181 if (i < 0 || i > 3) 2182 return -EINVAL; 2183 log_policy = i; 2184 return count; 2185 } 2186 2187 2188 2189 static const struct file_operations smk_logging_ops = { 2190 .read = smk_read_logging, 2191 .write = smk_write_logging, 2192 .llseek = default_llseek, 2193 }; 2194 #endif /* CONFIG_AUDIT */ 2195 2196 /* 2197 * Seq_file read operations for /smack/load-self 2198 */ 2199 2200 static void *load_self_seq_start(struct seq_file *s, loff_t *pos) 2201 { 2202 struct task_smack *tsp = smack_cred(current_cred()); 2203 2204 return smk_seq_start(s, pos, &tsp->smk_rules); 2205 } 2206 2207 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2208 { 2209 struct task_smack *tsp = smack_cred(current_cred()); 2210 2211 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2212 } 2213 2214 static int load_self_seq_show(struct seq_file *s, void *v) 2215 { 2216 struct list_head *list = v; 2217 struct smack_rule *srp = 2218 list_entry_rcu(list, struct smack_rule, list); 2219 2220 smk_rule_show(s, srp, SMK_LABELLEN); 2221 2222 return 0; 2223 } 2224 2225 static const struct seq_operations load_self_seq_ops = { 2226 .start = load_self_seq_start, 2227 .next = load_self_seq_next, 2228 .show = load_self_seq_show, 2229 .stop = smk_seq_stop, 2230 }; 2231 2232 2233 /** 2234 * smk_open_load_self - open() for /smack/load-self2 2235 * @inode: inode structure representing file 2236 * @file: "load" file pointer 2237 * 2238 * For reading, use load_seq_* seq_file reading operations. 2239 */ 2240 static int smk_open_load_self(struct inode *inode, struct file *file) 2241 { 2242 return seq_open(file, &load_self_seq_ops); 2243 } 2244 2245 /** 2246 * smk_write_load_self - write() for /smack/load-self 2247 * @file: file pointer, not actually used 2248 * @buf: where to get the data from 2249 * @count: bytes sent 2250 * @ppos: where to start - must be 0 2251 * 2252 */ 2253 static ssize_t smk_write_load_self(struct file *file, const char __user *buf, 2254 size_t count, loff_t *ppos) 2255 { 2256 struct task_smack *tsp = smack_cred(current_cred()); 2257 2258 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2259 &tsp->smk_rules_lock, SMK_FIXED24_FMT); 2260 } 2261 2262 static const struct file_operations smk_load_self_ops = { 2263 .open = smk_open_load_self, 2264 .read = seq_read, 2265 .llseek = seq_lseek, 2266 .write = smk_write_load_self, 2267 .release = seq_release, 2268 }; 2269 2270 /** 2271 * smk_user_access - handle access check transaction 2272 * @file: file pointer 2273 * @buf: data from user space 2274 * @count: bytes sent 2275 * @ppos: where to start - must be 0 2276 * @format: /smack/load or /smack/load2 or /smack/change-rule format. 2277 */ 2278 static ssize_t smk_user_access(struct file *file, const char __user *buf, 2279 size_t count, loff_t *ppos, int format) 2280 { 2281 struct smack_parsed_rule rule; 2282 char *data; 2283 int res; 2284 2285 data = simple_transaction_get(file, buf, count); 2286 if (IS_ERR(data)) 2287 return PTR_ERR(data); 2288 2289 if (format == SMK_FIXED24_FMT) { 2290 if (count < SMK_LOADLEN) 2291 return -EINVAL; 2292 res = smk_parse_rule(data, &rule, 0); 2293 } else { 2294 /* 2295 * simple_transaction_get() returns null-terminated data 2296 */ 2297 res = smk_parse_long_rule(data, &rule, 0, 3); 2298 } 2299 2300 if (res >= 0) 2301 res = smk_access(rule.smk_subject, rule.smk_object, 2302 rule.smk_access1, NULL); 2303 else if (res != -ENOENT) 2304 return res; 2305 2306 /* 2307 * smk_access() can return a value > 0 in the "bringup" case. 2308 */ 2309 data[0] = res >= 0 ? '1' : '0'; 2310 data[1] = '\0'; 2311 2312 simple_transaction_set(file, 2); 2313 2314 if (format == SMK_FIXED24_FMT) 2315 return SMK_LOADLEN; 2316 return count; 2317 } 2318 2319 /** 2320 * smk_write_access - handle access check transaction 2321 * @file: file pointer 2322 * @buf: data from user space 2323 * @count: bytes sent 2324 * @ppos: where to start - must be 0 2325 */ 2326 static ssize_t smk_write_access(struct file *file, const char __user *buf, 2327 size_t count, loff_t *ppos) 2328 { 2329 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); 2330 } 2331 2332 static const struct file_operations smk_access_ops = { 2333 .write = smk_write_access, 2334 .read = simple_transaction_read, 2335 .release = simple_transaction_release, 2336 .llseek = generic_file_llseek, 2337 }; 2338 2339 2340 /* 2341 * Seq_file read operations for /smack/load2 2342 */ 2343 2344 static int load2_seq_show(struct seq_file *s, void *v) 2345 { 2346 struct list_head *list = v; 2347 struct smack_rule *srp; 2348 struct smack_known *skp = 2349 list_entry_rcu(list, struct smack_known, list); 2350 2351 list_for_each_entry_rcu(srp, &skp->smk_rules, list) 2352 smk_rule_show(s, srp, SMK_LONGLABEL); 2353 2354 return 0; 2355 } 2356 2357 static const struct seq_operations load2_seq_ops = { 2358 .start = load2_seq_start, 2359 .next = load2_seq_next, 2360 .show = load2_seq_show, 2361 .stop = smk_seq_stop, 2362 }; 2363 2364 /** 2365 * smk_open_load2 - open() for /smack/load2 2366 * @inode: inode structure representing file 2367 * @file: "load2" file pointer 2368 * 2369 * For reading, use load2_seq_* seq_file reading operations. 2370 */ 2371 static int smk_open_load2(struct inode *inode, struct file *file) 2372 { 2373 return seq_open(file, &load2_seq_ops); 2374 } 2375 2376 /** 2377 * smk_write_load2 - write() for /smack/load2 2378 * @file: file pointer, not actually used 2379 * @buf: where to get the data from 2380 * @count: bytes sent 2381 * @ppos: where to start - must be 0 2382 * 2383 */ 2384 static ssize_t smk_write_load2(struct file *file, const char __user *buf, 2385 size_t count, loff_t *ppos) 2386 { 2387 /* 2388 * Must have privilege. 2389 */ 2390 if (!smack_privileged(CAP_MAC_ADMIN)) 2391 return -EPERM; 2392 2393 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2394 SMK_LONG_FMT); 2395 } 2396 2397 static const struct file_operations smk_load2_ops = { 2398 .open = smk_open_load2, 2399 .read = seq_read, 2400 .llseek = seq_lseek, 2401 .write = smk_write_load2, 2402 .release = seq_release, 2403 }; 2404 2405 /* 2406 * Seq_file read operations for /smack/load-self2 2407 */ 2408 2409 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos) 2410 { 2411 struct task_smack *tsp = smack_cred(current_cred()); 2412 2413 return smk_seq_start(s, pos, &tsp->smk_rules); 2414 } 2415 2416 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos) 2417 { 2418 struct task_smack *tsp = smack_cred(current_cred()); 2419 2420 return smk_seq_next(s, v, pos, &tsp->smk_rules); 2421 } 2422 2423 static int load_self2_seq_show(struct seq_file *s, void *v) 2424 { 2425 struct list_head *list = v; 2426 struct smack_rule *srp = 2427 list_entry_rcu(list, struct smack_rule, list); 2428 2429 smk_rule_show(s, srp, SMK_LONGLABEL); 2430 2431 return 0; 2432 } 2433 2434 static const struct seq_operations load_self2_seq_ops = { 2435 .start = load_self2_seq_start, 2436 .next = load_self2_seq_next, 2437 .show = load_self2_seq_show, 2438 .stop = smk_seq_stop, 2439 }; 2440 2441 /** 2442 * smk_open_load_self2 - open() for /smack/load-self2 2443 * @inode: inode structure representing file 2444 * @file: "load" file pointer 2445 * 2446 * For reading, use load_seq_* seq_file reading operations. 2447 */ 2448 static int smk_open_load_self2(struct inode *inode, struct file *file) 2449 { 2450 return seq_open(file, &load_self2_seq_ops); 2451 } 2452 2453 /** 2454 * smk_write_load_self2 - write() for /smack/load-self2 2455 * @file: file pointer, not actually used 2456 * @buf: where to get the data from 2457 * @count: bytes sent 2458 * @ppos: where to start - must be 0 2459 * 2460 */ 2461 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf, 2462 size_t count, loff_t *ppos) 2463 { 2464 struct task_smack *tsp = smack_cred(current_cred()); 2465 2466 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules, 2467 &tsp->smk_rules_lock, SMK_LONG_FMT); 2468 } 2469 2470 static const struct file_operations smk_load_self2_ops = { 2471 .open = smk_open_load_self2, 2472 .read = seq_read, 2473 .llseek = seq_lseek, 2474 .write = smk_write_load_self2, 2475 .release = seq_release, 2476 }; 2477 2478 /** 2479 * smk_write_access2 - handle access check transaction 2480 * @file: file pointer 2481 * @buf: data from user space 2482 * @count: bytes sent 2483 * @ppos: where to start - must be 0 2484 */ 2485 static ssize_t smk_write_access2(struct file *file, const char __user *buf, 2486 size_t count, loff_t *ppos) 2487 { 2488 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT); 2489 } 2490 2491 static const struct file_operations smk_access2_ops = { 2492 .write = smk_write_access2, 2493 .read = simple_transaction_read, 2494 .release = simple_transaction_release, 2495 .llseek = generic_file_llseek, 2496 }; 2497 2498 /** 2499 * smk_write_revoke_subj - write() for /smack/revoke-subject 2500 * @file: file pointer 2501 * @buf: data from user space 2502 * @count: bytes sent 2503 * @ppos: where to start - must be 0 2504 */ 2505 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf, 2506 size_t count, loff_t *ppos) 2507 { 2508 char *data; 2509 const char *cp; 2510 struct smack_known *skp; 2511 struct smack_rule *sp; 2512 struct list_head *rule_list; 2513 struct mutex *rule_lock; 2514 int rc = count; 2515 2516 if (*ppos != 0) 2517 return -EINVAL; 2518 2519 if (!smack_privileged(CAP_MAC_ADMIN)) 2520 return -EPERM; 2521 2522 if (count == 0 || count > SMK_LONGLABEL) 2523 return -EINVAL; 2524 2525 data = memdup_user(buf, count); 2526 if (IS_ERR(data)) 2527 return PTR_ERR(data); 2528 2529 cp = smk_parse_smack(data, count); 2530 if (IS_ERR(cp)) { 2531 rc = PTR_ERR(cp); 2532 goto out_data; 2533 } 2534 2535 skp = smk_find_entry(cp); 2536 if (skp == NULL) 2537 goto out_cp; 2538 2539 rule_list = &skp->smk_rules; 2540 rule_lock = &skp->smk_rules_lock; 2541 2542 mutex_lock(rule_lock); 2543 2544 list_for_each_entry_rcu(sp, rule_list, list) 2545 sp->smk_access = 0; 2546 2547 mutex_unlock(rule_lock); 2548 2549 out_cp: 2550 kfree(cp); 2551 out_data: 2552 kfree(data); 2553 2554 return rc; 2555 } 2556 2557 static const struct file_operations smk_revoke_subj_ops = { 2558 .write = smk_write_revoke_subj, 2559 .read = simple_transaction_read, 2560 .release = simple_transaction_release, 2561 .llseek = generic_file_llseek, 2562 }; 2563 2564 /** 2565 * smk_init_sysfs - initialize /sys/fs/smackfs 2566 * 2567 */ 2568 static int smk_init_sysfs(void) 2569 { 2570 return sysfs_create_mount_point(fs_kobj, "smackfs"); 2571 } 2572 2573 /** 2574 * smk_write_change_rule - write() for /smack/change-rule 2575 * @file: file pointer 2576 * @buf: data from user space 2577 * @count: bytes sent 2578 * @ppos: where to start - must be 0 2579 */ 2580 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf, 2581 size_t count, loff_t *ppos) 2582 { 2583 /* 2584 * Must have privilege. 2585 */ 2586 if (!smack_privileged(CAP_MAC_ADMIN)) 2587 return -EPERM; 2588 2589 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, 2590 SMK_CHANGE_FMT); 2591 } 2592 2593 static const struct file_operations smk_change_rule_ops = { 2594 .write = smk_write_change_rule, 2595 .read = simple_transaction_read, 2596 .release = simple_transaction_release, 2597 .llseek = generic_file_llseek, 2598 }; 2599 2600 /** 2601 * smk_read_syslog - read() for smackfs/syslog 2602 * @filp: file pointer, not actually used 2603 * @buf: where to put the result 2604 * @cn: maximum to send along 2605 * @ppos: where to start 2606 * 2607 * Returns number of bytes read or error code, as appropriate 2608 */ 2609 static ssize_t smk_read_syslog(struct file *filp, char __user *buf, 2610 size_t cn, loff_t *ppos) 2611 { 2612 struct smack_known *skp; 2613 ssize_t rc = -EINVAL; 2614 int asize; 2615 2616 if (*ppos != 0) 2617 return 0; 2618 2619 if (smack_syslog_label == NULL) 2620 skp = &smack_known_star; 2621 else 2622 skp = smack_syslog_label; 2623 2624 asize = strlen(skp->smk_known) + 1; 2625 2626 if (cn >= asize) 2627 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known, 2628 asize); 2629 2630 return rc; 2631 } 2632 2633 /** 2634 * smk_write_syslog - write() for smackfs/syslog 2635 * @file: file pointer, not actually used 2636 * @buf: where to get the data from 2637 * @count: bytes sent 2638 * @ppos: where to start 2639 * 2640 * Returns number of bytes written or error code, as appropriate 2641 */ 2642 static ssize_t smk_write_syslog(struct file *file, const char __user *buf, 2643 size_t count, loff_t *ppos) 2644 { 2645 char *data; 2646 struct smack_known *skp; 2647 int rc = count; 2648 2649 if (!smack_privileged(CAP_MAC_ADMIN)) 2650 return -EPERM; 2651 2652 /* Enough data must be present */ 2653 if (count == 0 || count > PAGE_SIZE) 2654 return -EINVAL; 2655 2656 data = memdup_user_nul(buf, count); 2657 if (IS_ERR(data)) 2658 return PTR_ERR(data); 2659 2660 skp = smk_import_entry(data, count); 2661 if (IS_ERR(skp)) 2662 rc = PTR_ERR(skp); 2663 else 2664 smack_syslog_label = skp; 2665 2666 kfree(data); 2667 return rc; 2668 } 2669 2670 static const struct file_operations smk_syslog_ops = { 2671 .read = smk_read_syslog, 2672 .write = smk_write_syslog, 2673 .llseek = default_llseek, 2674 }; 2675 2676 /* 2677 * Seq_file read operations for /smack/relabel-self 2678 */ 2679 2680 static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos) 2681 { 2682 struct task_smack *tsp = smack_cred(current_cred()); 2683 2684 return smk_seq_start(s, pos, &tsp->smk_relabel); 2685 } 2686 2687 static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos) 2688 { 2689 struct task_smack *tsp = smack_cred(current_cred()); 2690 2691 return smk_seq_next(s, v, pos, &tsp->smk_relabel); 2692 } 2693 2694 static int relabel_self_seq_show(struct seq_file *s, void *v) 2695 { 2696 struct list_head *list = v; 2697 struct smack_known_list_elem *sklep = 2698 list_entry(list, struct smack_known_list_elem, list); 2699 2700 seq_puts(s, sklep->smk_label->smk_known); 2701 seq_putc(s, ' '); 2702 2703 return 0; 2704 } 2705 2706 static const struct seq_operations relabel_self_seq_ops = { 2707 .start = relabel_self_seq_start, 2708 .next = relabel_self_seq_next, 2709 .show = relabel_self_seq_show, 2710 .stop = smk_seq_stop, 2711 }; 2712 2713 /** 2714 * smk_open_relabel_self - open() for /smack/relabel-self 2715 * @inode: inode structure representing file 2716 * @file: "relabel-self" file pointer 2717 * 2718 * Connect our relabel_self_seq_* operations with /smack/relabel-self 2719 * file_operations 2720 */ 2721 static int smk_open_relabel_self(struct inode *inode, struct file *file) 2722 { 2723 return seq_open(file, &relabel_self_seq_ops); 2724 } 2725 2726 /** 2727 * smk_write_relabel_self - write() for /smack/relabel-self 2728 * @file: file pointer, not actually used 2729 * @buf: where to get the data from 2730 * @count: bytes sent 2731 * @ppos: where to start - must be 0 2732 * 2733 */ 2734 static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf, 2735 size_t count, loff_t *ppos) 2736 { 2737 char *data; 2738 int rc; 2739 LIST_HEAD(list_tmp); 2740 2741 /* 2742 * Must have privilege. 2743 */ 2744 if (!smack_privileged(CAP_MAC_ADMIN)) 2745 return -EPERM; 2746 2747 /* 2748 * No partial write. 2749 * Enough data must be present. 2750 */ 2751 if (*ppos != 0) 2752 return -EINVAL; 2753 if (count == 0 || count > PAGE_SIZE) 2754 return -EINVAL; 2755 2756 data = memdup_user_nul(buf, count); 2757 if (IS_ERR(data)) 2758 return PTR_ERR(data); 2759 2760 rc = smk_parse_label_list(data, &list_tmp); 2761 kfree(data); 2762 2763 if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) { 2764 struct cred *new; 2765 struct task_smack *tsp; 2766 2767 new = prepare_creds(); 2768 if (!new) { 2769 rc = -ENOMEM; 2770 goto out; 2771 } 2772 tsp = smack_cred(new); 2773 smk_destroy_label_list(&tsp->smk_relabel); 2774 list_splice(&list_tmp, &tsp->smk_relabel); 2775 commit_creds(new); 2776 return count; 2777 } 2778 out: 2779 smk_destroy_label_list(&list_tmp); 2780 return rc; 2781 } 2782 2783 static const struct file_operations smk_relabel_self_ops = { 2784 .open = smk_open_relabel_self, 2785 .read = seq_read, 2786 .llseek = seq_lseek, 2787 .write = smk_write_relabel_self, 2788 .release = seq_release, 2789 }; 2790 2791 /** 2792 * smk_read_ptrace - read() for /smack/ptrace 2793 * @filp: file pointer, not actually used 2794 * @buf: where to put the result 2795 * @count: maximum to send along 2796 * @ppos: where to start 2797 * 2798 * Returns number of bytes read or error code, as appropriate 2799 */ 2800 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf, 2801 size_t count, loff_t *ppos) 2802 { 2803 char temp[32]; 2804 ssize_t rc; 2805 2806 if (*ppos != 0) 2807 return 0; 2808 2809 sprintf(temp, "%d\n", smack_ptrace_rule); 2810 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp)); 2811 return rc; 2812 } 2813 2814 /** 2815 * smk_write_ptrace - write() for /smack/ptrace 2816 * @file: file pointer 2817 * @buf: data from user space 2818 * @count: bytes sent 2819 * @ppos: where to start - must be 0 2820 */ 2821 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf, 2822 size_t count, loff_t *ppos) 2823 { 2824 char temp[32]; 2825 int i; 2826 2827 if (!smack_privileged(CAP_MAC_ADMIN)) 2828 return -EPERM; 2829 2830 if (*ppos != 0 || count >= sizeof(temp) || count == 0) 2831 return -EINVAL; 2832 2833 if (copy_from_user(temp, buf, count) != 0) 2834 return -EFAULT; 2835 2836 temp[count] = '\0'; 2837 2838 if (sscanf(temp, "%d", &i) != 1) 2839 return -EINVAL; 2840 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX) 2841 return -EINVAL; 2842 smack_ptrace_rule = i; 2843 2844 return count; 2845 } 2846 2847 static const struct file_operations smk_ptrace_ops = { 2848 .write = smk_write_ptrace, 2849 .read = smk_read_ptrace, 2850 .llseek = default_llseek, 2851 }; 2852 2853 /** 2854 * smk_fill_super - fill the smackfs superblock 2855 * @sb: the empty superblock 2856 * @fc: unused 2857 * 2858 * Fill in the well known entries for the smack filesystem 2859 * 2860 * Returns 0 on success, an error code on failure 2861 */ 2862 static int smk_fill_super(struct super_block *sb, struct fs_context *fc) 2863 { 2864 int rc; 2865 2866 static const struct tree_descr smack_files[] = { 2867 [SMK_LOAD] = { 2868 "load", &smk_load_ops, S_IRUGO|S_IWUSR}, 2869 [SMK_CIPSO] = { 2870 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR}, 2871 [SMK_DOI] = { 2872 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR}, 2873 [SMK_DIRECT] = { 2874 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR}, 2875 [SMK_AMBIENT] = { 2876 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR}, 2877 [SMK_NET4ADDR] = { 2878 "netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR}, 2879 [SMK_ONLYCAP] = { 2880 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR}, 2881 #ifdef CONFIG_AUDIT 2882 [SMK_LOGGING] = { 2883 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR}, 2884 #endif /* CONFIG_AUDIT */ 2885 [SMK_LOAD_SELF] = { 2886 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO}, 2887 [SMK_ACCESSES] = { 2888 "access", &smk_access_ops, S_IRUGO|S_IWUGO}, 2889 [SMK_MAPPED] = { 2890 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR}, 2891 [SMK_LOAD2] = { 2892 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR}, 2893 [SMK_LOAD_SELF2] = { 2894 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO}, 2895 [SMK_ACCESS2] = { 2896 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO}, 2897 [SMK_CIPSO2] = { 2898 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR}, 2899 [SMK_REVOKE_SUBJ] = { 2900 "revoke-subject", &smk_revoke_subj_ops, 2901 S_IRUGO|S_IWUSR}, 2902 [SMK_CHANGE_RULE] = { 2903 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR}, 2904 [SMK_SYSLOG] = { 2905 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR}, 2906 [SMK_PTRACE] = { 2907 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR}, 2908 #ifdef CONFIG_SECURITY_SMACK_BRINGUP 2909 [SMK_UNCONFINED] = { 2910 "unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR}, 2911 #endif 2912 #if IS_ENABLED(CONFIG_IPV6) 2913 [SMK_NET6ADDR] = { 2914 "ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR}, 2915 #endif /* CONFIG_IPV6 */ 2916 [SMK_RELABEL_SELF] = { 2917 "relabel-self", &smk_relabel_self_ops, 2918 S_IRUGO|S_IWUGO}, 2919 /* last one */ 2920 {""} 2921 }; 2922 2923 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files); 2924 if (rc != 0) { 2925 printk(KERN_ERR "%s failed %d while creating inodes\n", 2926 __func__, rc); 2927 return rc; 2928 } 2929 2930 return 0; 2931 } 2932 2933 /** 2934 * smk_get_tree - get the smackfs superblock 2935 * @fc: The mount context, including any options 2936 * 2937 * Just passes everything along. 2938 * 2939 * Returns what the lower level code does. 2940 */ 2941 static int smk_get_tree(struct fs_context *fc) 2942 { 2943 return get_tree_single(fc, smk_fill_super); 2944 } 2945 2946 static const struct fs_context_operations smk_context_ops = { 2947 .get_tree = smk_get_tree, 2948 }; 2949 2950 /** 2951 * smk_init_fs_context - Initialise a filesystem context for smackfs 2952 * @fc: The blank mount context 2953 */ 2954 static int smk_init_fs_context(struct fs_context *fc) 2955 { 2956 fc->ops = &smk_context_ops; 2957 return 0; 2958 } 2959 2960 static struct file_system_type smk_fs_type = { 2961 .name = "smackfs", 2962 .init_fs_context = smk_init_fs_context, 2963 .kill_sb = kill_litter_super, 2964 }; 2965 2966 static struct vfsmount *smackfs_mount; 2967 2968 /** 2969 * init_smk_fs - get the smackfs superblock 2970 * 2971 * register the smackfs 2972 * 2973 * Do not register smackfs if Smack wasn't enabled 2974 * on boot. We can not put this method normally under the 2975 * smack_init() code path since the security subsystem get 2976 * initialized before the vfs caches. 2977 * 2978 * Returns true if we were not chosen on boot or if 2979 * we were chosen and filesystem registration succeeded. 2980 */ 2981 static int __init init_smk_fs(void) 2982 { 2983 int err; 2984 int rc; 2985 2986 if (smack_enabled == 0) 2987 return 0; 2988 2989 err = smk_init_sysfs(); 2990 if (err) 2991 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n"); 2992 2993 err = register_filesystem(&smk_fs_type); 2994 if (!err) { 2995 smackfs_mount = kern_mount(&smk_fs_type); 2996 if (IS_ERR(smackfs_mount)) { 2997 printk(KERN_ERR "smackfs: could not mount!\n"); 2998 err = PTR_ERR(smackfs_mount); 2999 smackfs_mount = NULL; 3000 } 3001 } 3002 3003 smk_cipso_doi(); 3004 smk_unlbl_ambient(NULL); 3005 3006 rc = smack_populate_secattr(&smack_known_floor); 3007 if (err == 0 && rc < 0) 3008 err = rc; 3009 rc = smack_populate_secattr(&smack_known_hat); 3010 if (err == 0 && rc < 0) 3011 err = rc; 3012 rc = smack_populate_secattr(&smack_known_huh); 3013 if (err == 0 && rc < 0) 3014 err = rc; 3015 rc = smack_populate_secattr(&smack_known_star); 3016 if (err == 0 && rc < 0) 3017 err = rc; 3018 rc = smack_populate_secattr(&smack_known_web); 3019 if (err == 0 && rc < 0) 3020 err = rc; 3021 3022 return err; 3023 } 3024 3025 __initcall(init_smk_fs); 3026