[linux-2.6-block.git] / fs / cachefiles / security.c

// SPDX-License-Identifier: GPL-2.0-or-later
/* CacheFiles security management
 *
 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 */

#include <linux/fs.h>
#include <linux/cred.h>
#include "internal.h"

/*
 * determine the security context within which we access the cache from within
 * the kernel
 */
int cachefiles_get_security_ID(struct cachefiles_cache *cache)
{
	struct cred *new;
	int ret;

	_enter("{%s}", cache->secctx);

	new = prepare_kernel_cred(current);
	if (!new) {
		ret = -ENOMEM;
		goto error;
	}

	if (cache->secctx) {
		ret = set_security_override_from_ctx(new, cache->secctx);
		if (ret < 0) {
			put_cred(new);
			pr_err("Security denies permission to nominate security context: error %d\n",
			       ret);
			goto error;
		}
	}

	cache->cache_cred = new;
	ret = 0;
error:
	_leave(" = %d", ret);
	return ret;
}

/*
 * see if mkdir and create can be performed in the root directory
 */
static int cachefiles_check_cache_dir(struct cachefiles_cache *cache,
				      struct dentry *root)
{
	int ret;

	ret = security_inode_mkdir(d_backing_inode(root), root, 0);
	if (ret < 0) {
		pr_err("Security denies permission to make dirs: error %d",
		       ret);
		return ret;
	}

	ret = security_inode_create(d_backing_inode(root), root, 0);
	if (ret < 0)
		pr_err("Security denies permission to create files: error %d",
		       ret);

	return ret;
}

/*
 * check the security details of the on-disk cache
 * - must be called with security override in force
 * - must return with a security override in force - even in the case of an
 *   error
 */
int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
					struct dentry *root,
					const struct cred **_saved_cred)
{
	struct cred *new;
	int ret;

	_enter("");

	/* duplicate the cache creds for COW (the override is currently in
	 * force, so we can use prepare_creds() to do this) */
	new = prepare_creds();
	if (!new)
		return -ENOMEM;

	cachefiles_end_secure(cache, *_saved_cred);

	/* use the cache root dir's security context as the basis with
	 * which create files */
	ret = set_create_files_as(new, d_backing_inode(root));
	if (ret < 0) {
		abort_creds(new);
		cachefiles_begin_secure(cache, _saved_cred);
		_leave(" = %d [cfa]", ret);
		return ret;
	}

	put_cred(cache->cache_cred);
	cache->cache_cred = new;

	cachefiles_begin_secure(cache, _saved_cred);
	ret = cachefiles_check_cache_dir(cache, root);

	if (ret == -EOPNOTSUPP)
		ret = 0;
	_leave(" = %d", ret);
	return ret;
}
Commit	Line	Data
b4d0d230	1	// SPDX-License-Identifier: GPL-2.0-or-later
9ae326a6 DH	2	/* CacheFiles security management
	3	*
	4	* Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
	5	* Written by David Howells (dhowells@redhat.com)
9ae326a6 DH	6	*/
	7
	8	#include <linux/fs.h>
	9	#include <linux/cred.h>
	10	#include "internal.h"
	11
	12	/*
	13	* determine the security context within which we access the cache from within
	14	* the kernel
	15	*/
	16	int cachefiles_get_security_ID(struct cachefiles_cache *cache)
	17	{
	18	struct cred *new;
	19	int ret;
	20
	21	_enter("{%s}", cache->secctx);
	22
	23	new = prepare_kernel_cred(current);
	24	if (!new) {
	25	ret = -ENOMEM;
	26	goto error;
	27	}
	28
	29	if (cache->secctx) {
	30	ret = set_security_override_from_ctx(new, cache->secctx);
	31	if (ret < 0) {
	32	put_cred(new);
0227d6ab	33	pr_err("Security denies permission to nominate security context: error %d\n",
9ae326a6 DH	34	ret);
	35	goto error;
	36	}
	37	}
	38
	39	cache->cache_cred = new;
	40	ret = 0;
	41	error:
	42	_leave(" = %d", ret);
	43	return ret;
	44	}
	45
	46	/*
	47	* see if mkdir and create can be performed in the root directory
	48	*/
	49	static int cachefiles_check_cache_dir(struct cachefiles_cache *cache,
	50	struct dentry *root)
	51	{
	52	int ret;
	53
466b77bc	54	ret = security_inode_mkdir(d_backing_inode(root), root, 0);
9ae326a6	55	if (ret < 0) {
0227d6ab	56	pr_err("Security denies permission to make dirs: error %d",
9ae326a6 DH	57	ret);
	58	return ret;
	59	}
	60
466b77bc	61	ret = security_inode_create(d_backing_inode(root), root, 0);
9ae326a6	62	if (ret < 0)
0227d6ab	63	pr_err("Security denies permission to create files: error %d",
9ae326a6 DH	64	ret);
	65
	66	return ret;
	67	}
	68
	69	/*
	70	* check the security details of the on-disk cache
	71	* - must be called with security override in force
7ac512aa DH	72	* - must return with a security override in force - even in the case of an
7ac512aa DH	73	* error
9ae326a6 DH	74	*/
	75	int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
	76	struct dentry *root,
	77	const struct cred **_saved_cred)
	78	{
	79	struct cred *new;
	80	int ret;
	81
	82	_enter("");
	83
	84	/* duplicate the cache creds for COW (the override is currently in
	85	* force, so we can use prepare_creds() to do this) */
	86	new = prepare_creds();
	87	if (!new)
	88	return -ENOMEM;
	89
	90	cachefiles_end_secure(cache, *_saved_cred);
	91
	92	/* use the cache root dir's security context as the basis with
	93	* which create files */
466b77bc	94	ret = set_create_files_as(new, d_backing_inode(root));
9ae326a6	95	if (ret < 0) {
7ac512aa DH	96	abort_creds(new);
7ac512aa DH	97	cachefiles_begin_secure(cache, _saved_cred);
9ae326a6 DH	98	_leave(" = %d [cfa]", ret);
	99	return ret;
	100	}
	101
	102	put_cred(cache->cache_cred);
	103	cache->cache_cred = new;
	104
	105	cachefiles_begin_secure(cache, _saved_cred);
	106	ret = cachefiles_check_cache_dir(cache, root);
	107
	108	if (ret == -EOPNOTSUPP)
	109	ret = 0;
	110	_leave(" = %d", ret);
	111	return ret;
	112	}