Commit | Line | Data |
---|---|---|
c3ef1500 | 1 | /* |
0f2a55d5 | 2 | * security/tomoyo/securityfs_if.c |
c3ef1500 | 3 | * |
0f2a55d5 | 4 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
c3ef1500 TH |
5 | */ |
6 | ||
7 | #include <linux/security.h> | |
8 | #include "common.h" | |
9 | ||
731d37aa TH |
10 | /** |
11 | * tomoyo_check_task_acl - Check permission for task operation. | |
12 | * | |
13 | * @r: Pointer to "struct tomoyo_request_info". | |
14 | * @ptr: Pointer to "struct tomoyo_acl_info". | |
15 | * | |
16 | * Returns true if granted, false otherwise. | |
17 | */ | |
18 | static bool tomoyo_check_task_acl(struct tomoyo_request_info *r, | |
19 | const struct tomoyo_acl_info *ptr) | |
20 | { | |
21 | const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl), | |
22 | head); | |
23 | return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname); | |
24 | } | |
25 | ||
26 | /** | |
27 | * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface. | |
28 | * | |
29 | * @file: Pointer to "struct file". | |
30 | * @buf: Domainname to transit to. | |
31 | * @count: Size of @buf. | |
32 | * @ppos: Unused. | |
33 | * | |
34 | * Returns @count on success, negative value otherwise. | |
35 | * | |
36 | * If domain transition was permitted but the domain transition failed, this | |
37 | * function returns error rather than terminating current thread with SIGKILL. | |
38 | */ | |
39 | static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, | |
40 | size_t count, loff_t *ppos) | |
41 | { | |
42 | char *data; | |
43 | int error; | |
44 | if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10) | |
45 | return -ENOMEM; | |
46 | data = kzalloc(count + 1, GFP_NOFS); | |
47 | if (!data) | |
48 | return -ENOMEM; | |
49 | if (copy_from_user(data, buf, count)) { | |
50 | error = -EFAULT; | |
51 | goto out; | |
52 | } | |
53 | tomoyo_normalize_line(data); | |
54 | if (tomoyo_correct_domain(data)) { | |
55 | const int idx = tomoyo_read_lock(); | |
56 | struct tomoyo_path_info name; | |
57 | struct tomoyo_request_info r; | |
58 | name.name = data; | |
59 | tomoyo_fill_path_info(&name); | |
60 | /* Check "task manual_domain_transition" permission. */ | |
61 | tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE); | |
62 | r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL; | |
63 | r.param.task.domainname = &name; | |
64 | tomoyo_check_acl(&r, tomoyo_check_task_acl); | |
65 | if (!r.granted) | |
66 | error = -EPERM; | |
67 | else { | |
68 | struct tomoyo_domain_info *new_domain = | |
69 | tomoyo_assign_domain(data, true); | |
70 | if (!new_domain) { | |
71 | error = -ENOENT; | |
72 | } else { | |
73 | struct cred *cred = prepare_creds(); | |
74 | if (!cred) { | |
75 | error = -ENOMEM; | |
76 | } else { | |
77 | struct tomoyo_domain_info *old_domain = | |
78 | cred->security; | |
79 | cred->security = new_domain; | |
80 | atomic_inc(&new_domain->users); | |
81 | atomic_dec(&old_domain->users); | |
82 | commit_creds(cred); | |
83 | error = 0; | |
84 | } | |
85 | } | |
86 | } | |
87 | tomoyo_read_unlock(idx); | |
88 | } else | |
89 | error = -EINVAL; | |
90 | out: | |
91 | kfree(data); | |
92 | return error ? error : count; | |
93 | } | |
94 | ||
95 | /** | |
96 | * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface. | |
97 | * | |
98 | * @file: Pointer to "struct file". | |
99 | * @buf: Domainname which current thread belongs to. | |
100 | * @count: Size of @buf. | |
101 | * @ppos: Bytes read by now. | |
102 | * | |
103 | * Returns read size on success, negative value otherwise. | |
104 | */ | |
105 | static ssize_t tomoyo_read_self(struct file *file, char __user *buf, | |
106 | size_t count, loff_t *ppos) | |
107 | { | |
108 | const char *domain = tomoyo_domain()->domainname->name; | |
109 | loff_t len = strlen(domain); | |
110 | loff_t pos = *ppos; | |
111 | if (pos >= len || !count) | |
112 | return 0; | |
113 | len -= pos; | |
114 | if (count < len) | |
115 | len = count; | |
116 | if (copy_to_user(buf, domain + pos, len)) | |
117 | return -EFAULT; | |
118 | *ppos += len; | |
119 | return len; | |
120 | } | |
121 | ||
122 | /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */ | |
123 | static const struct file_operations tomoyo_self_operations = { | |
124 | .write = tomoyo_write_self, | |
125 | .read = tomoyo_read_self, | |
126 | }; | |
127 | ||
c3ef1500 TH |
128 | /** |
129 | * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface. | |
130 | * | |
131 | * @inode: Pointer to "struct inode". | |
132 | * @file: Pointer to "struct file". | |
133 | * | |
134 | * Returns 0 on success, negative value otherwise. | |
135 | */ | |
136 | static int tomoyo_open(struct inode *inode, struct file *file) | |
137 | { | |
138 | const int key = ((u8 *) file->f_path.dentry->d_inode->i_private) | |
139 | - ((u8 *) NULL); | |
140 | return tomoyo_open_control(key, file); | |
141 | } | |
142 | ||
143 | /** | |
144 | * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface. | |
145 | * | |
146 | * @inode: Pointer to "struct inode". | |
147 | * @file: Pointer to "struct file". | |
148 | * | |
149 | * Returns 0 on success, negative value otherwise. | |
150 | */ | |
151 | static int tomoyo_release(struct inode *inode, struct file *file) | |
152 | { | |
0df7e8b8 | 153 | return tomoyo_close_control(file->private_data); |
c3ef1500 TH |
154 | } |
155 | ||
0849e3ba | 156 | /** |
b5bc60b4 | 157 | * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface. |
0849e3ba TH |
158 | * |
159 | * @file: Pointer to "struct file". | |
6041e834 | 160 | * @wait: Pointer to "poll_table". Maybe NULL. |
0849e3ba | 161 | * |
6041e834 TH |
162 | * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write, |
163 | * POLLOUT | POLLWRNORM otherwise. | |
0849e3ba TH |
164 | */ |
165 | static unsigned int tomoyo_poll(struct file *file, poll_table *wait) | |
166 | { | |
167 | return tomoyo_poll_control(file, wait); | |
168 | } | |
169 | ||
c3ef1500 TH |
170 | /** |
171 | * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface. | |
172 | * | |
173 | * @file: Pointer to "struct file". | |
174 | * @buf: Pointer to buffer. | |
175 | * @count: Size of @buf. | |
176 | * @ppos: Unused. | |
177 | * | |
178 | * Returns bytes read on success, negative value otherwise. | |
179 | */ | |
180 | static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count, | |
181 | loff_t *ppos) | |
182 | { | |
0df7e8b8 | 183 | return tomoyo_read_control(file->private_data, buf, count); |
c3ef1500 TH |
184 | } |
185 | ||
186 | /** | |
187 | * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface. | |
188 | * | |
189 | * @file: Pointer to "struct file". | |
190 | * @buf: Pointer to buffer. | |
191 | * @count: Size of @buf. | |
192 | * @ppos: Unused. | |
193 | * | |
194 | * Returns @count on success, negative value otherwise. | |
195 | */ | |
196 | static ssize_t tomoyo_write(struct file *file, const char __user *buf, | |
197 | size_t count, loff_t *ppos) | |
198 | { | |
0df7e8b8 | 199 | return tomoyo_write_control(file->private_data, buf, count); |
c3ef1500 TH |
200 | } |
201 | ||
202 | /* | |
203 | * tomoyo_operations is a "struct file_operations" which is used for handling | |
204 | * /sys/kernel/security/tomoyo/ interface. | |
205 | * | |
206 | * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR). | |
207 | * See tomoyo_io_buffer for internals. | |
208 | */ | |
209 | static const struct file_operations tomoyo_operations = { | |
210 | .open = tomoyo_open, | |
211 | .release = tomoyo_release, | |
0849e3ba | 212 | .poll = tomoyo_poll, |
c3ef1500 TH |
213 | .read = tomoyo_read, |
214 | .write = tomoyo_write, | |
7e2deb7c | 215 | .llseek = noop_llseek, |
c3ef1500 TH |
216 | }; |
217 | ||
218 | /** | |
219 | * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory. | |
220 | * | |
221 | * @name: The name of the interface file. | |
222 | * @mode: The permission of the interface file. | |
223 | * @parent: The parent directory. | |
224 | * @key: Type of interface. | |
225 | * | |
226 | * Returns nothing. | |
227 | */ | |
52ef0c04 | 228 | static void __init tomoyo_create_entry(const char *name, const umode_t mode, |
c3ef1500 TH |
229 | struct dentry *parent, const u8 key) |
230 | { | |
231 | securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, | |
232 | &tomoyo_operations); | |
233 | } | |
234 | ||
235 | /** | |
236 | * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface. | |
237 | * | |
238 | * Returns 0. | |
239 | */ | |
240 | static int __init tomoyo_initerface_init(void) | |
241 | { | |
242 | struct dentry *tomoyo_dir; | |
243 | ||
244 | /* Don't create securityfs entries unless registered. */ | |
245 | if (current_cred()->security != &tomoyo_kernel_domain) | |
246 | return 0; | |
247 | ||
248 | tomoyo_dir = securityfs_create_dir("tomoyo", NULL); | |
249 | tomoyo_create_entry("query", 0600, tomoyo_dir, | |
250 | TOMOYO_QUERY); | |
251 | tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, | |
252 | TOMOYO_DOMAINPOLICY); | |
253 | tomoyo_create_entry("exception_policy", 0600, tomoyo_dir, | |
254 | TOMOYO_EXCEPTIONPOLICY); | |
eadd99cc TH |
255 | tomoyo_create_entry("audit", 0400, tomoyo_dir, |
256 | TOMOYO_AUDIT); | |
c3ef1500 TH |
257 | tomoyo_create_entry(".process_status", 0600, tomoyo_dir, |
258 | TOMOYO_PROCESS_STATUS); | |
b22b8b9f TH |
259 | tomoyo_create_entry("stat", 0644, tomoyo_dir, |
260 | TOMOYO_STAT); | |
c3ef1500 TH |
261 | tomoyo_create_entry("profile", 0600, tomoyo_dir, |
262 | TOMOYO_PROFILE); | |
263 | tomoyo_create_entry("manager", 0600, tomoyo_dir, | |
264 | TOMOYO_MANAGER); | |
265 | tomoyo_create_entry("version", 0400, tomoyo_dir, | |
266 | TOMOYO_VERSION); | |
731d37aa TH |
267 | securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL, |
268 | &tomoyo_self_operations); | |
778c4a4d | 269 | tomoyo_load_builtin_policy(); |
c3ef1500 TH |
270 | return 0; |
271 | } | |
272 | ||
273 | fs_initcall(tomoyo_initerface_init); |