2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, version 2.
9 * Casey Schaufler <casey@schaufler-ca.com>
10 * Ahmed S. Darwish <darwish.07@gmail.com>
12 * Special thanks to the authors of selinuxfs.
14 * Karl MacMillan <kmacmillan@tresys.com>
15 * James Morris <jmorris@redhat.com>
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/cipso_ipv4.h>
26 #include <linux/seq_file.h>
27 #include <linux/ctype.h>
28 #include <linux/audit.h>
29 #include <linux/magic.h>
33 * smackfs pseudo filesystem.
38 SMK_LOAD = 3, /* load policy */
39 SMK_CIPSO = 4, /* load label -> CIPSO mapping */
40 SMK_DOI = 5, /* CIPSO DOI */
41 SMK_DIRECT = 6, /* CIPSO level indicating direct label */
42 SMK_AMBIENT = 7, /* internet ambient label */
43 SMK_NETLBLADDR = 8, /* single label hosts */
44 SMK_ONLYCAP = 9, /* the only "capable" label */
45 SMK_LOGGING = 10, /* logging */
46 SMK_LOAD_SELF = 11, /* task specific rules */
47 SMK_ACCESSES = 12, /* access policy */
48 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
49 SMK_LOAD2 = 14, /* load policy with long labels */
50 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
51 SMK_ACCESS2 = 16, /* make an access check with long labels */
52 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
53 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
54 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */
55 SMK_SYSLOG = 20, /* change syslog label) */
56 SMK_PTRACE = 21, /* set ptrace rule */
62 static DEFINE_MUTEX(smack_cipso_lock);
63 static DEFINE_MUTEX(smack_ambient_lock);
64 static DEFINE_MUTEX(smack_syslog_lock);
65 static DEFINE_MUTEX(smk_netlbladdr_lock);
68 * This is the "ambient" label for network traffic.
69 * If it isn't somehow marked, use this.
70 * It can be reset via smackfs/ambient
72 struct smack_known *smack_net_ambient;
75 * This is the level in a CIPSO header that indicates a
76 * smack label is contained directly in the category set.
77 * It can be reset via smackfs/direct
79 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
82 * This is the level in a CIPSO header that indicates a
83 * secid is contained directly in the category set.
84 * It can be reset via smackfs/mapped
86 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
89 * Unless a process is running with this label even
90 * having CAP_MAC_OVERRIDE isn't enough to grant
91 * privilege to violate MAC policy. If no label is
92 * designated (the NULL case) capabilities apply to
93 * everyone. It is expected that the hat (^) label
94 * will be used if any label is used.
96 struct smack_known *smack_onlycap;
99 * If this value is set restrict syslog use to the label specified.
100 * It can be reset via smackfs/syslog
102 struct smack_known *smack_syslog_label;
105 * Ptrace current rule
106 * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based)
107 * SMACK_PTRACE_EXACT labels must match, but can be overriden with
109 * SMACK_PTRACE_DRACONIAN lables must match, CAP_SYS_PTRACE has no effect
111 int smack_ptrace_rule = SMACK_PTRACE_DEFAULT;
114 * Certain IP addresses may be designated as single label hosts.
115 * Packets are sent there unlabeled, but only from tasks that
116 * can write to the specified label.
119 LIST_HEAD(smk_netlbladdr_list);
122 * Rule lists are maintained for each label.
123 * This master list is just for reading /smack/load and /smack/load2.
125 struct smack_master_list {
126 struct list_head list;
127 struct smack_rule *smk_rule;
130 LIST_HEAD(smack_rule_list);
132 struct smack_parsed_rule {
133 struct smack_known *smk_subject;
134 struct smack_known *smk_object;
139 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
141 struct smack_known smack_cipso_option = {
142 .smk_known = SMACK_CIPSO_OPTION,
147 * Values for parsing cipso rules
148 * SMK_DIGITLEN: Length of a digit field in a rule.
149 * SMK_CIPSOMIN: Minimum possible cipso rule length.
150 * SMK_CIPSOMAX: Maximum possible cipso rule length.
152 #define SMK_DIGITLEN 4
153 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
154 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
157 * Values for parsing MAC rules
158 * SMK_ACCESS: Maximum possible combination of access permissions
159 * SMK_ACCESSLEN: Maximum length for a rule access field
160 * SMK_LOADLEN: Smack rule length
162 #define SMK_OACCESS "rwxa"
163 #define SMK_ACCESS "rwxatl"
164 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
165 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
166 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
167 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
170 * Stricly for CIPSO level manipulation.
171 * Set the category bit number in a smack label sized buffer.
173 static inline void smack_catset_bit(unsigned int cat, char *catsetp)
175 if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
178 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
182 * smk_netlabel_audit_set - fill a netlbl_audit struct
183 * @nap: structure to fill
185 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
187 struct smack_known *skp = smk_of_current();
189 nap->loginuid = audit_get_loginuid(current);
190 nap->sessionid = audit_get_sessionid(current);
191 nap->secid = skp->smk_secid;
195 * Value for parsing single label host rules
198 #define SMK_NETLBLADDRMIN 9
201 * smk_set_access - add a rule to the rule list or replace an old rule
202 * @srp: the rule to add or replace
203 * @rule_list: the list of rules
204 * @rule_lock: the rule list lock
205 * @global: if non-zero, indicates a global rule
207 * Looks through the current subject/object/access list for
208 * the subject/object pair and replaces the access that was
209 * there. If the pair isn't found add it with the specified
212 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
213 * during the allocation of the new pair to add.
215 static int smk_set_access(struct smack_parsed_rule *srp,
216 struct list_head *rule_list,
217 struct mutex *rule_lock, int global)
219 struct smack_rule *sp;
220 struct smack_master_list *smlp;
224 mutex_lock(rule_lock);
227 * Because the object label is less likely to match
228 * than the subject label check it first
230 list_for_each_entry_rcu(sp, rule_list, list) {
231 if (sp->smk_object == srp->smk_object &&
232 sp->smk_subject == srp->smk_subject) {
234 sp->smk_access |= srp->smk_access1;
235 sp->smk_access &= ~srp->smk_access2;
241 sp = kzalloc(sizeof(*sp), GFP_KERNEL);
247 sp->smk_subject = srp->smk_subject;
248 sp->smk_object = srp->smk_object;
249 sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
251 list_add_rcu(&sp->list, rule_list);
253 * If this is a global as opposed to self and a new rule
254 * it needs to get added for reporting.
257 smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
260 list_add_rcu(&smlp->list, &smack_rule_list);
267 mutex_unlock(rule_lock);
272 * smk_perm_from_str - parse smack accesses from a text string
273 * @string: a text string that contains a Smack accesses code
275 * Returns an integer with respective bits set for specified accesses.
277 static int smk_perm_from_str(const char *string)
282 for (cp = string; ; cp++)
304 perm |= MAY_TRANSMUTE;
320 * smk_fill_rule - Fill Smack rule from strings
321 * @subject: subject label string
322 * @object: object label string
323 * @access1: access string
324 * @access2: string with permissions to be removed
326 * @import: if non-zero, import labels
327 * @len: label length limit
329 * Returns 0 on success, -EINVAL on failure and -ENOENT when either subject
330 * or object is missing.
332 static int smk_fill_rule(const char *subject, const char *object,
333 const char *access1, const char *access2,
334 struct smack_parsed_rule *rule, int import,
338 struct smack_known *skp;
341 rule->smk_subject = smk_import_entry(subject, len);
342 if (rule->smk_subject == NULL)
345 rule->smk_object = smk_import_entry(object, len);
346 if (rule->smk_object == NULL)
349 cp = smk_parse_smack(subject, len);
352 skp = smk_find_entry(cp);
356 rule->smk_subject = skp;
358 cp = smk_parse_smack(object, len);
361 skp = smk_find_entry(cp);
365 rule->smk_object = skp;
368 rule->smk_access1 = smk_perm_from_str(access1);
370 rule->smk_access2 = smk_perm_from_str(access2);
372 rule->smk_access2 = ~rule->smk_access1;
378 * smk_parse_rule - parse Smack rule from load string
379 * @data: string to be parsed whose size is SMK_LOADLEN
381 * @import: if non-zero, import labels
383 * Returns 0 on success, -1 on errors.
385 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
390 rc = smk_fill_rule(data, data + SMK_LABELLEN,
391 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
392 import, SMK_LABELLEN);
397 * smk_parse_long_rule - parse Smack rule from rule string
398 * @data: string to be parsed, null terminated
399 * @rule: Will be filled with Smack parsed rule
400 * @import: if non-zero, import labels
401 * @tokens: numer of substrings expected in data
403 * Returns number of processed bytes on success, -1 on failure.
405 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule,
406 int import, int tokens)
414 * Parsing the rule in-place, filling all white-spaces with '\0'
416 for (i = 0; i < tokens; ++i) {
417 while (isspace(data[cnt]))
420 if (data[cnt] == '\0')
421 /* Unexpected end of data */
426 while (data[cnt] && !isspace(data[cnt]))
429 while (isspace(data[cnt]))
435 rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0);
436 return rc == 0 ? cnt : rc;
439 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
440 #define SMK_LONG_FMT 1 /* Variable long label format */
441 #define SMK_CHANGE_FMT 2 /* Rule modification format */
443 * smk_write_rules_list - write() for any /smack rule file
444 * @file: file pointer, not actually used
445 * @buf: where to get the data from
447 * @ppos: where to start - must be 0
448 * @rule_list: the list of rules to write to
449 * @rule_lock: lock for the rule list
450 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
452 * Get one smack access rule from above.
453 * The format for SMK_LONG_FMT is:
454 * "subject<whitespace>object<whitespace>access[<whitespace>...]"
455 * The format for SMK_FIXED24_FMT is exactly:
456 * "subject object rwxat"
457 * The format for SMK_CHANGE_FMT is:
458 * "subject<whitespace>object<whitespace>
459 * acc_enable<whitespace>acc_disable[<whitespace>...]"
461 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
462 size_t count, loff_t *ppos,
463 struct list_head *rule_list,
464 struct mutex *rule_lock, int format)
466 struct smack_parsed_rule rule;
475 * Enough data must be present.
480 if (format == SMK_FIXED24_FMT) {
482 * Minor hack for backward compatibility
484 if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
487 if (count >= PAGE_SIZE) {
488 count = PAGE_SIZE - 1;
493 data = kmalloc(count + 1, GFP_KERNEL);
497 if (copy_from_user(data, buf, count) != 0) {
503 * In case of parsing only part of user buf,
504 * avoid having partial rule at the data buffer
507 while (count > 0 && (data[count - 1] != '\n'))
516 tokens = (format == SMK_CHANGE_FMT ? 4 : 3);
517 while (cnt < count) {
518 if (format == SMK_FIXED24_FMT) {
519 rc = smk_parse_rule(data, &rule, 1);
526 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens);
534 if (rule_list == NULL)
535 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules,
536 &rule.smk_subject->smk_rules_lock, 1);
538 rc = smk_set_access(&rule, rule_list, rule_lock, 0);
551 * Core logic for smackfs seq list operations.
554 static void *smk_seq_start(struct seq_file *s, loff_t *pos,
555 struct list_head *head)
557 struct list_head *list;
560 * This is 0 the first time through.
565 if (s->private == NULL)
569 if (list_empty(list))
577 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
578 struct list_head *head)
580 struct list_head *list = v;
582 if (list_is_last(list, head)) {
586 s->private = list->next;
590 static void smk_seq_stop(struct seq_file *s, void *v)
595 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
598 * Don't show any rules with label names too long for
599 * interface file (/smack/load or /smack/load2)
600 * because you should expect to be able to write
601 * anything you read back.
603 if (strlen(srp->smk_subject->smk_known) >= max ||
604 strlen(srp->smk_object->smk_known) >= max)
607 if (srp->smk_access == 0)
610 seq_printf(s, "%s %s",
611 srp->smk_subject->smk_known,
612 srp->smk_object->smk_known);
616 if (srp->smk_access & MAY_READ)
618 if (srp->smk_access & MAY_WRITE)
620 if (srp->smk_access & MAY_EXEC)
622 if (srp->smk_access & MAY_APPEND)
624 if (srp->smk_access & MAY_TRANSMUTE)
626 if (srp->smk_access & MAY_LOCK)
628 if (srp->smk_access & MAY_BRINGUP)
635 * Seq_file read operations for /smack/load
638 static void *load2_seq_start(struct seq_file *s, loff_t *pos)
640 return smk_seq_start(s, pos, &smack_rule_list);
643 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
645 return smk_seq_next(s, v, pos, &smack_rule_list);
648 static int load_seq_show(struct seq_file *s, void *v)
650 struct list_head *list = v;
651 struct smack_master_list *smlp =
652 list_entry(list, struct smack_master_list, list);
654 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN);
659 static const struct seq_operations load_seq_ops = {
660 .start = load2_seq_start,
661 .next = load2_seq_next,
662 .show = load_seq_show,
663 .stop = smk_seq_stop,
667 * smk_open_load - open() for /smack/load
668 * @inode: inode structure representing file
669 * @file: "load" file pointer
671 * For reading, use load_seq_* seq_file reading operations.
673 static int smk_open_load(struct inode *inode, struct file *file)
675 return seq_open(file, &load_seq_ops);
679 * smk_write_load - write() for /smack/load
680 * @file: file pointer, not actually used
681 * @buf: where to get the data from
683 * @ppos: where to start - must be 0
686 static ssize_t smk_write_load(struct file *file, const char __user *buf,
687 size_t count, loff_t *ppos)
690 * Must have privilege.
692 * Enough data must be present.
694 if (!smack_privileged(CAP_MAC_ADMIN))
697 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
701 static const struct file_operations smk_load_ops = {
702 .open = smk_open_load,
705 .write = smk_write_load,
706 .release = seq_release,
710 * smk_cipso_doi - initialize the CIPSO domain
712 static void smk_cipso_doi(void)
715 struct cipso_v4_doi *doip;
716 struct netlbl_audit nai;
718 smk_netlabel_audit_set(&nai);
720 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
722 printk(KERN_WARNING "%s:%d remove rc = %d\n",
723 __func__, __LINE__, rc);
725 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
727 panic("smack: Failed to initialize cipso DOI.\n");
728 doip->map.std = NULL;
729 doip->doi = smk_cipso_doi_value;
730 doip->type = CIPSO_V4_MAP_PASS;
731 doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
732 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
733 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
735 rc = netlbl_cfg_cipsov4_add(doip, &nai);
737 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
738 __func__, __LINE__, rc);
742 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
744 printk(KERN_WARNING "%s:%d map add rc = %d\n",
745 __func__, __LINE__, rc);
752 * smk_unlbl_ambient - initialize the unlabeled domain
753 * @oldambient: previous domain string
755 static void smk_unlbl_ambient(char *oldambient)
758 struct netlbl_audit nai;
760 smk_netlabel_audit_set(&nai);
762 if (oldambient != NULL) {
763 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
765 printk(KERN_WARNING "%s:%d remove rc = %d\n",
766 __func__, __LINE__, rc);
768 if (smack_net_ambient == NULL)
769 smack_net_ambient = &smack_known_floor;
771 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET,
774 printk(KERN_WARNING "%s:%d add rc = %d\n",
775 __func__, __LINE__, rc);
779 * Seq_file read operations for /smack/cipso
782 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
784 return smk_seq_start(s, pos, &smack_known_list);
787 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
789 return smk_seq_next(s, v, pos, &smack_known_list);
793 * Print cipso labels in format:
794 * label level[/cat[,cat]]
796 static int cipso_seq_show(struct seq_file *s, void *v)
798 struct list_head *list = v;
799 struct smack_known *skp =
800 list_entry(list, struct smack_known, list);
801 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
806 * Don't show a label that could not have been set using
807 * /smack/cipso. This is in support of the notion that
808 * anything read from /smack/cipso ought to be writeable
811 * /smack/cipso2 should be used instead.
813 if (strlen(skp->smk_known) >= SMK_LABELLEN)
816 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
818 for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
819 i = netlbl_catmap_walk(cmp, i + 1)) {
820 seq_printf(s, "%c%d", sep, i);
829 static const struct seq_operations cipso_seq_ops = {
830 .start = cipso_seq_start,
831 .next = cipso_seq_next,
832 .show = cipso_seq_show,
833 .stop = smk_seq_stop,
837 * smk_open_cipso - open() for /smack/cipso
838 * @inode: inode structure representing file
839 * @file: "cipso" file pointer
841 * Connect our cipso_seq_* operations with /smack/cipso
844 static int smk_open_cipso(struct inode *inode, struct file *file)
846 return seq_open(file, &cipso_seq_ops);
850 * smk_set_cipso - do the work for write() for cipso and cipso2
851 * @file: file pointer, not actually used
852 * @buf: where to get the data from
854 * @ppos: where to start
855 * @format: /smack/cipso or /smack/cipso2
857 * Accepts only one cipso rule per write call.
858 * Returns number of bytes written or error code, as appropriate
860 static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
861 size_t count, loff_t *ppos, int format)
863 struct smack_known *skp;
864 struct netlbl_lsm_secattr ncats;
865 char mapcatset[SMK_CIPSOLEN];
869 ssize_t rc = -EINVAL;
876 * Must have privilege.
878 * Enough data must be present.
880 if (!smack_privileged(CAP_MAC_ADMIN))
884 if (format == SMK_FIXED24_FMT &&
885 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
888 data = kzalloc(count + 1, GFP_KERNEL);
892 if (copy_from_user(data, buf, count) != 0) {
900 * Only allow one writer at a time. Writes should be
901 * quite rare and small in any case.
903 mutex_lock(&smack_cipso_lock);
905 skp = smk_import_entry(rule, 0);
909 if (format == SMK_FIXED24_FMT)
910 rule += SMK_LABELLEN;
912 rule += strlen(skp->smk_known) + 1;
914 ret = sscanf(rule, "%d", &maplevel);
915 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
918 rule += SMK_DIGITLEN;
919 ret = sscanf(rule, "%d", &catlen);
920 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
923 if (format == SMK_FIXED24_FMT &&
924 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
927 memset(mapcatset, 0, sizeof(mapcatset));
929 for (i = 0; i < catlen; i++) {
930 rule += SMK_DIGITLEN;
931 ret = sscanf(rule, "%u", &cat);
932 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
935 smack_catset_bit(cat, mapcatset);
938 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
940 netlbl_catmap_free(skp->smk_netlabel.attr.mls.cat);
941 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
942 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
947 mutex_unlock(&smack_cipso_lock);
954 * smk_write_cipso - write() for /smack/cipso
955 * @file: file pointer, not actually used
956 * @buf: where to get the data from
958 * @ppos: where to start
960 * Accepts only one cipso rule per write call.
961 * Returns number of bytes written or error code, as appropriate
963 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
964 size_t count, loff_t *ppos)
966 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
969 static const struct file_operations smk_cipso_ops = {
970 .open = smk_open_cipso,
973 .write = smk_write_cipso,
974 .release = seq_release,
978 * Seq_file read operations for /smack/cipso2
982 * Print cipso labels in format:
983 * label level[/cat[,cat]]
985 static int cipso2_seq_show(struct seq_file *s, void *v)
987 struct list_head *list = v;
988 struct smack_known *skp =
989 list_entry(list, struct smack_known, list);
990 struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
994 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
996 for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
997 i = netlbl_catmap_walk(cmp, i + 1)) {
998 seq_printf(s, "%c%d", sep, i);
1007 static const struct seq_operations cipso2_seq_ops = {
1008 .start = cipso_seq_start,
1009 .next = cipso_seq_next,
1010 .show = cipso2_seq_show,
1011 .stop = smk_seq_stop,
1015 * smk_open_cipso2 - open() for /smack/cipso2
1016 * @inode: inode structure representing file
1017 * @file: "cipso2" file pointer
1019 * Connect our cipso_seq_* operations with /smack/cipso2
1022 static int smk_open_cipso2(struct inode *inode, struct file *file)
1024 return seq_open(file, &cipso2_seq_ops);
1028 * smk_write_cipso2 - write() for /smack/cipso2
1029 * @file: file pointer, not actually used
1030 * @buf: where to get the data from
1031 * @count: bytes sent
1032 * @ppos: where to start
1034 * Accepts only one cipso rule per write call.
1035 * Returns number of bytes written or error code, as appropriate
1037 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
1038 size_t count, loff_t *ppos)
1040 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1043 static const struct file_operations smk_cipso2_ops = {
1044 .open = smk_open_cipso2,
1046 .llseek = seq_lseek,
1047 .write = smk_write_cipso2,
1048 .release = seq_release,
1052 * Seq_file read operations for /smack/netlabel
1055 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
1057 return smk_seq_start(s, pos, &smk_netlbladdr_list);
1060 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1062 return smk_seq_next(s, v, pos, &smk_netlbladdr_list);
1064 #define BEBITS (sizeof(__be32) * 8)
1067 * Print host/label pairs
1069 static int netlbladdr_seq_show(struct seq_file *s, void *v)
1071 struct list_head *list = v;
1072 struct smk_netlbladdr *skp =
1073 list_entry(list, struct smk_netlbladdr, list);
1074 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
1076 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
1078 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
1080 seq_printf(s, "%u.%u.%u.%u/%d %s\n",
1081 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label->smk_known);
1086 static const struct seq_operations netlbladdr_seq_ops = {
1087 .start = netlbladdr_seq_start,
1088 .next = netlbladdr_seq_next,
1089 .show = netlbladdr_seq_show,
1090 .stop = smk_seq_stop,
1094 * smk_open_netlbladdr - open() for /smack/netlabel
1095 * @inode: inode structure representing file
1096 * @file: "netlabel" file pointer
1098 * Connect our netlbladdr_seq_* operations with /smack/netlabel
1101 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
1103 return seq_open(file, &netlbladdr_seq_ops);
1107 * smk_netlbladdr_insert
1108 * @new : netlabel to insert
1110 * This helper insert netlabel in the smack_netlbladdrs list
1111 * sorted by netmask length (longest to smallest)
1112 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr
1115 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
1117 struct smk_netlbladdr *m, *m_next;
1119 if (list_empty(&smk_netlbladdr_list)) {
1120 list_add_rcu(&new->list, &smk_netlbladdr_list);
1124 m = list_entry_rcu(smk_netlbladdr_list.next,
1125 struct smk_netlbladdr, list);
1127 /* the comparison '>' is a bit hacky, but works */
1128 if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
1129 list_add_rcu(&new->list, &smk_netlbladdr_list);
1133 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
1134 if (list_is_last(&m->list, &smk_netlbladdr_list)) {
1135 list_add_rcu(&new->list, &m->list);
1138 m_next = list_entry_rcu(m->list.next,
1139 struct smk_netlbladdr, list);
1140 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
1141 list_add_rcu(&new->list, &m->list);
1149 * smk_write_netlbladdr - write() for /smack/netlabel
1150 * @file: file pointer, not actually used
1151 * @buf: where to get the data from
1152 * @count: bytes sent
1153 * @ppos: where to start
1155 * Accepts only one netlbladdr per write call.
1156 * Returns number of bytes written or error code, as appropriate
1158 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
1159 size_t count, loff_t *ppos)
1161 struct smk_netlbladdr *snp;
1162 struct sockaddr_in newname;
1164 struct smack_known *skp;
1166 char *host = (char *)&newname.sin_addr.s_addr;
1168 struct netlbl_audit audit_info;
1169 struct in_addr mask;
1172 u32 mask_bits = (1<<31);
1177 * Must have privilege.
1178 * No partial writes.
1179 * Enough data must be present.
1180 * "<addr/mask, as a.b.c.d/e><space><label>"
1181 * "<addr, as a.b.c.d><space><label>"
1183 if (!smack_privileged(CAP_MAC_ADMIN))
1187 if (count < SMK_NETLBLADDRMIN)
1190 data = kzalloc(count + 1, GFP_KERNEL);
1194 if (copy_from_user(data, buf, count) != 0) {
1199 smack = kzalloc(count + 1, GFP_KERNEL);
1200 if (smack == NULL) {
1207 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s",
1208 &host[0], &host[1], &host[2], &host[3], &m, smack);
1210 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1211 &host[0], &host[1], &host[2], &host[3], smack);
1224 * If smack begins with '-', it is an option, don't import it
1226 if (smack[0] != '-') {
1227 skp = smk_import_entry(smack, 0);
1233 /* check known options */
1234 if (strcmp(smack, smack_cipso_option.smk_known) == 0)
1235 skp = &smack_cipso_option;
1242 for (temp_mask = 0; m > 0; m--) {
1243 temp_mask |= mask_bits;
1246 mask.s_addr = cpu_to_be32(temp_mask);
1248 newname.sin_addr.s_addr &= mask.s_addr;
1250 * Only allow one writer at a time. Writes should be
1251 * quite rare and small in any case.
1253 mutex_lock(&smk_netlbladdr_lock);
1255 nsa = newname.sin_addr.s_addr;
1256 /* try to find if the prefix is already in the list */
1258 list_for_each_entry_rcu(snp, &smk_netlbladdr_list, list) {
1259 if (snp->smk_host.sin_addr.s_addr == nsa &&
1260 snp->smk_mask.s_addr == mask.s_addr) {
1265 smk_netlabel_audit_set(&audit_info);
1268 snp = kzalloc(sizeof(*snp), GFP_KERNEL);
1273 snp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
1274 snp->smk_mask.s_addr = mask.s_addr;
1275 snp->smk_label = skp;
1276 smk_netlbladdr_insert(snp);
1279 /* we delete the unlabeled entry, only if the previous label
1280 * wasn't the special CIPSO option */
1281 if (snp->smk_label != &smack_cipso_option)
1282 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1283 &snp->smk_host.sin_addr, &snp->smk_mask,
1284 PF_INET, &audit_info);
1287 snp->smk_label = skp;
1291 * Now tell netlabel about the single label nature of
1292 * this host so that incoming packets get labeled.
1293 * but only if we didn't get the special CIPSO option
1295 if (rc == 0 && skp != &smack_cipso_option)
1296 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1297 &snp->smk_host.sin_addr, &snp->smk_mask, PF_INET,
1298 snp->smk_label->smk_secid, &audit_info);
1303 mutex_unlock(&smk_netlbladdr_lock);
1313 static const struct file_operations smk_netlbladdr_ops = {
1314 .open = smk_open_netlbladdr,
1316 .llseek = seq_lseek,
1317 .write = smk_write_netlbladdr,
1318 .release = seq_release,
1322 * smk_read_doi - read() for /smack/doi
1323 * @filp: file pointer, not actually used
1324 * @buf: where to put the result
1325 * @count: maximum to send along
1326 * @ppos: where to start
1328 * Returns number of bytes read or error code, as appropriate
1330 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1331 size_t count, loff_t *ppos)
1339 sprintf(temp, "%d", smk_cipso_doi_value);
1340 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1346 * smk_write_doi - write() for /smack/doi
1347 * @file: file pointer, not actually used
1348 * @buf: where to get the data from
1349 * @count: bytes sent
1350 * @ppos: where to start
1352 * Returns number of bytes written or error code, as appropriate
1354 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1355 size_t count, loff_t *ppos)
1360 if (!smack_privileged(CAP_MAC_ADMIN))
1363 if (count >= sizeof(temp) || count == 0)
1366 if (copy_from_user(temp, buf, count) != 0)
1371 if (sscanf(temp, "%d", &i) != 1)
1374 smk_cipso_doi_value = i;
1381 static const struct file_operations smk_doi_ops = {
1382 .read = smk_read_doi,
1383 .write = smk_write_doi,
1384 .llseek = default_llseek,
1388 * smk_read_direct - read() for /smack/direct
1389 * @filp: file pointer, not actually used
1390 * @buf: where to put the result
1391 * @count: maximum to send along
1392 * @ppos: where to start
1394 * Returns number of bytes read or error code, as appropriate
1396 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1397 size_t count, loff_t *ppos)
1405 sprintf(temp, "%d", smack_cipso_direct);
1406 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1412 * smk_write_direct - write() for /smack/direct
1413 * @file: file pointer, not actually used
1414 * @buf: where to get the data from
1415 * @count: bytes sent
1416 * @ppos: where to start
1418 * Returns number of bytes written or error code, as appropriate
1420 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1421 size_t count, loff_t *ppos)
1423 struct smack_known *skp;
1427 if (!smack_privileged(CAP_MAC_ADMIN))
1430 if (count >= sizeof(temp) || count == 0)
1433 if (copy_from_user(temp, buf, count) != 0)
1438 if (sscanf(temp, "%d", &i) != 1)
1442 * Don't do anything if the value hasn't actually changed.
1443 * If it is changing reset the level on entries that were
1444 * set up to be direct when they were created.
1446 if (smack_cipso_direct != i) {
1447 mutex_lock(&smack_known_lock);
1448 list_for_each_entry_rcu(skp, &smack_known_list, list)
1449 if (skp->smk_netlabel.attr.mls.lvl ==
1451 skp->smk_netlabel.attr.mls.lvl = i;
1452 smack_cipso_direct = i;
1453 mutex_unlock(&smack_known_lock);
1459 static const struct file_operations smk_direct_ops = {
1460 .read = smk_read_direct,
1461 .write = smk_write_direct,
1462 .llseek = default_llseek,
1466 * smk_read_mapped - read() for /smack/mapped
1467 * @filp: file pointer, not actually used
1468 * @buf: where to put the result
1469 * @count: maximum to send along
1470 * @ppos: where to start
1472 * Returns number of bytes read or error code, as appropriate
1474 static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1475 size_t count, loff_t *ppos)
1483 sprintf(temp, "%d", smack_cipso_mapped);
1484 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1490 * smk_write_mapped - write() for /smack/mapped
1491 * @file: file pointer, not actually used
1492 * @buf: where to get the data from
1493 * @count: bytes sent
1494 * @ppos: where to start
1496 * Returns number of bytes written or error code, as appropriate
1498 static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1499 size_t count, loff_t *ppos)
1501 struct smack_known *skp;
1505 if (!smack_privileged(CAP_MAC_ADMIN))
1508 if (count >= sizeof(temp) || count == 0)
1511 if (copy_from_user(temp, buf, count) != 0)
1516 if (sscanf(temp, "%d", &i) != 1)
1520 * Don't do anything if the value hasn't actually changed.
1521 * If it is changing reset the level on entries that were
1522 * set up to be mapped when they were created.
1524 if (smack_cipso_mapped != i) {
1525 mutex_lock(&smack_known_lock);
1526 list_for_each_entry_rcu(skp, &smack_known_list, list)
1527 if (skp->smk_netlabel.attr.mls.lvl ==
1529 skp->smk_netlabel.attr.mls.lvl = i;
1530 smack_cipso_mapped = i;
1531 mutex_unlock(&smack_known_lock);
1537 static const struct file_operations smk_mapped_ops = {
1538 .read = smk_read_mapped,
1539 .write = smk_write_mapped,
1540 .llseek = default_llseek,
1544 * smk_read_ambient - read() for /smack/ambient
1545 * @filp: file pointer, not actually used
1546 * @buf: where to put the result
1547 * @cn: maximum to send along
1548 * @ppos: where to start
1550 * Returns number of bytes read or error code, as appropriate
1552 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1553 size_t cn, loff_t *ppos)
1561 * Being careful to avoid a problem in the case where
1562 * smack_net_ambient gets changed in midstream.
1564 mutex_lock(&smack_ambient_lock);
1566 asize = strlen(smack_net_ambient->smk_known) + 1;
1569 rc = simple_read_from_buffer(buf, cn, ppos,
1570 smack_net_ambient->smk_known,
1575 mutex_unlock(&smack_ambient_lock);
1581 * smk_write_ambient - write() for /smack/ambient
1582 * @file: file pointer, not actually used
1583 * @buf: where to get the data from
1584 * @count: bytes sent
1585 * @ppos: where to start
1587 * Returns number of bytes written or error code, as appropriate
1589 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1590 size_t count, loff_t *ppos)
1592 struct smack_known *skp;
1597 if (!smack_privileged(CAP_MAC_ADMIN))
1600 data = kzalloc(count + 1, GFP_KERNEL);
1604 if (copy_from_user(data, buf, count) != 0) {
1609 skp = smk_import_entry(data, count);
1615 mutex_lock(&smack_ambient_lock);
1617 oldambient = smack_net_ambient->smk_known;
1618 smack_net_ambient = skp;
1619 smk_unlbl_ambient(oldambient);
1621 mutex_unlock(&smack_ambient_lock);
1628 static const struct file_operations smk_ambient_ops = {
1629 .read = smk_read_ambient,
1630 .write = smk_write_ambient,
1631 .llseek = default_llseek,
1635 * smk_read_onlycap - read() for smackfs/onlycap
1636 * @filp: file pointer, not actually used
1637 * @buf: where to put the result
1638 * @cn: maximum to send along
1639 * @ppos: where to start
1641 * Returns number of bytes read or error code, as appropriate
1643 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf,
1644 size_t cn, loff_t *ppos)
1647 ssize_t rc = -EINVAL;
1653 if (smack_onlycap != NULL)
1654 smack = smack_onlycap->smk_known;
1656 asize = strlen(smack) + 1;
1659 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
1665 * smk_write_onlycap - write() for smackfs/onlycap
1666 * @file: file pointer, not actually used
1667 * @buf: where to get the data from
1668 * @count: bytes sent
1669 * @ppos: where to start
1671 * Returns number of bytes written or error code, as appropriate
1673 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1674 size_t count, loff_t *ppos)
1677 struct smack_known *skp = smk_of_task(current->cred->security);
1680 if (!smack_privileged(CAP_MAC_ADMIN))
1684 * This can be done using smk_access() but is done
1685 * explicitly for clarity. The smk_access() implementation
1686 * would use smk_access(smack_onlycap, MAY_WRITE)
1688 if (smack_onlycap != NULL && smack_onlycap != skp)
1691 data = kzalloc(count + 1, GFP_KERNEL);
1696 * Should the null string be passed in unset the onlycap value.
1697 * This seems like something to be careful with as usually
1698 * smk_import only expects to return NULL for errors. It
1699 * is usually the case that a nullstring or "\n" would be
1700 * bad to pass to smk_import but in fact this is useful here.
1702 * smk_import will also reject a label beginning with '-',
1703 * so "-usecapabilities" will also work.
1705 if (copy_from_user(data, buf, count) != 0)
1708 smack_onlycap = smk_import_entry(data, count);
1714 static const struct file_operations smk_onlycap_ops = {
1715 .read = smk_read_onlycap,
1716 .write = smk_write_onlycap,
1717 .llseek = default_llseek,
1721 * smk_read_logging - read() for /smack/logging
1722 * @filp: file pointer, not actually used
1723 * @buf: where to put the result
1724 * @cn: maximum to send along
1725 * @ppos: where to start
1727 * Returns number of bytes read or error code, as appropriate
1729 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1730 size_t count, loff_t *ppos)
1738 sprintf(temp, "%d\n", log_policy);
1739 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1744 * smk_write_logging - write() for /smack/logging
1745 * @file: file pointer, not actually used
1746 * @buf: where to get the data from
1747 * @count: bytes sent
1748 * @ppos: where to start
1750 * Returns number of bytes written or error code, as appropriate
1752 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1753 size_t count, loff_t *ppos)
1758 if (!smack_privileged(CAP_MAC_ADMIN))
1761 if (count >= sizeof(temp) || count == 0)
1764 if (copy_from_user(temp, buf, count) != 0)
1769 if (sscanf(temp, "%d", &i) != 1)
1779 static const struct file_operations smk_logging_ops = {
1780 .read = smk_read_logging,
1781 .write = smk_write_logging,
1782 .llseek = default_llseek,
1786 * Seq_file read operations for /smack/load-self
1789 static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
1791 struct task_smack *tsp = current_security();
1793 return smk_seq_start(s, pos, &tsp->smk_rules);
1796 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
1798 struct task_smack *tsp = current_security();
1800 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1803 static int load_self_seq_show(struct seq_file *s, void *v)
1805 struct list_head *list = v;
1806 struct smack_rule *srp =
1807 list_entry(list, struct smack_rule, list);
1809 smk_rule_show(s, srp, SMK_LABELLEN);
1814 static const struct seq_operations load_self_seq_ops = {
1815 .start = load_self_seq_start,
1816 .next = load_self_seq_next,
1817 .show = load_self_seq_show,
1818 .stop = smk_seq_stop,
1823 * smk_open_load_self - open() for /smack/load-self2
1824 * @inode: inode structure representing file
1825 * @file: "load" file pointer
1827 * For reading, use load_seq_* seq_file reading operations.
1829 static int smk_open_load_self(struct inode *inode, struct file *file)
1831 return seq_open(file, &load_self_seq_ops);
1835 * smk_write_load_self - write() for /smack/load-self
1836 * @file: file pointer, not actually used
1837 * @buf: where to get the data from
1838 * @count: bytes sent
1839 * @ppos: where to start - must be 0
1842 static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
1843 size_t count, loff_t *ppos)
1845 struct task_smack *tsp = current_security();
1847 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1848 &tsp->smk_rules_lock, SMK_FIXED24_FMT);
1851 static const struct file_operations smk_load_self_ops = {
1852 .open = smk_open_load_self,
1854 .llseek = seq_lseek,
1855 .write = smk_write_load_self,
1856 .release = seq_release,
1860 * smk_user_access - handle access check transaction
1861 * @file: file pointer
1862 * @buf: data from user space
1863 * @count: bytes sent
1864 * @ppos: where to start - must be 0
1866 static ssize_t smk_user_access(struct file *file, const char __user *buf,
1867 size_t count, loff_t *ppos, int format)
1869 struct smack_parsed_rule rule;
1873 data = simple_transaction_get(file, buf, count);
1875 return PTR_ERR(data);
1877 if (format == SMK_FIXED24_FMT) {
1878 if (count < SMK_LOADLEN)
1880 res = smk_parse_rule(data, &rule, 0);
1883 * simple_transaction_get() returns null-terminated data
1885 res = smk_parse_long_rule(data, &rule, 0, 3);
1889 res = smk_access(rule.smk_subject, rule.smk_object,
1890 rule.smk_access1, NULL);
1891 else if (res != -ENOENT)
1895 * smk_access() can return a value > 0 in the "bringup" case.
1897 data[0] = res >= 0 ? '1' : '0';
1900 simple_transaction_set(file, 2);
1902 if (format == SMK_FIXED24_FMT)
1908 * smk_write_access - handle access check transaction
1909 * @file: file pointer
1910 * @buf: data from user space
1911 * @count: bytes sent
1912 * @ppos: where to start - must be 0
1914 static ssize_t smk_write_access(struct file *file, const char __user *buf,
1915 size_t count, loff_t *ppos)
1917 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
1920 static const struct file_operations smk_access_ops = {
1921 .write = smk_write_access,
1922 .read = simple_transaction_read,
1923 .release = simple_transaction_release,
1924 .llseek = generic_file_llseek,
1929 * Seq_file read operations for /smack/load2
1932 static int load2_seq_show(struct seq_file *s, void *v)
1934 struct list_head *list = v;
1935 struct smack_master_list *smlp =
1936 list_entry(list, struct smack_master_list, list);
1938 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL);
1943 static const struct seq_operations load2_seq_ops = {
1944 .start = load2_seq_start,
1945 .next = load2_seq_next,
1946 .show = load2_seq_show,
1947 .stop = smk_seq_stop,
1951 * smk_open_load2 - open() for /smack/load2
1952 * @inode: inode structure representing file
1953 * @file: "load2" file pointer
1955 * For reading, use load2_seq_* seq_file reading operations.
1957 static int smk_open_load2(struct inode *inode, struct file *file)
1959 return seq_open(file, &load2_seq_ops);
1963 * smk_write_load2 - write() for /smack/load2
1964 * @file: file pointer, not actually used
1965 * @buf: where to get the data from
1966 * @count: bytes sent
1967 * @ppos: where to start - must be 0
1970 static ssize_t smk_write_load2(struct file *file, const char __user *buf,
1971 size_t count, loff_t *ppos)
1974 * Must have privilege.
1976 if (!smack_privileged(CAP_MAC_ADMIN))
1979 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
1983 static const struct file_operations smk_load2_ops = {
1984 .open = smk_open_load2,
1986 .llseek = seq_lseek,
1987 .write = smk_write_load2,
1988 .release = seq_release,
1992 * Seq_file read operations for /smack/load-self2
1995 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
1997 struct task_smack *tsp = current_security();
1999 return smk_seq_start(s, pos, &tsp->smk_rules);
2002 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
2004 struct task_smack *tsp = current_security();
2006 return smk_seq_next(s, v, pos, &tsp->smk_rules);
2009 static int load_self2_seq_show(struct seq_file *s, void *v)
2011 struct list_head *list = v;
2012 struct smack_rule *srp =
2013 list_entry(list, struct smack_rule, list);
2015 smk_rule_show(s, srp, SMK_LONGLABEL);
2020 static const struct seq_operations load_self2_seq_ops = {
2021 .start = load_self2_seq_start,
2022 .next = load_self2_seq_next,
2023 .show = load_self2_seq_show,
2024 .stop = smk_seq_stop,
2028 * smk_open_load_self2 - open() for /smack/load-self2
2029 * @inode: inode structure representing file
2030 * @file: "load" file pointer
2032 * For reading, use load_seq_* seq_file reading operations.
2034 static int smk_open_load_self2(struct inode *inode, struct file *file)
2036 return seq_open(file, &load_self2_seq_ops);
2040 * smk_write_load_self2 - write() for /smack/load-self2
2041 * @file: file pointer, not actually used
2042 * @buf: where to get the data from
2043 * @count: bytes sent
2044 * @ppos: where to start - must be 0
2047 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2048 size_t count, loff_t *ppos)
2050 struct task_smack *tsp = current_security();
2052 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2053 &tsp->smk_rules_lock, SMK_LONG_FMT);
2056 static const struct file_operations smk_load_self2_ops = {
2057 .open = smk_open_load_self2,
2059 .llseek = seq_lseek,
2060 .write = smk_write_load_self2,
2061 .release = seq_release,
2065 * smk_write_access2 - handle access check transaction
2066 * @file: file pointer
2067 * @buf: data from user space
2068 * @count: bytes sent
2069 * @ppos: where to start - must be 0
2071 static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2072 size_t count, loff_t *ppos)
2074 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2077 static const struct file_operations smk_access2_ops = {
2078 .write = smk_write_access2,
2079 .read = simple_transaction_read,
2080 .release = simple_transaction_release,
2081 .llseek = generic_file_llseek,
2085 * smk_write_revoke_subj - write() for /smack/revoke-subject
2086 * @file: file pointer
2087 * @buf: data from user space
2088 * @count: bytes sent
2089 * @ppos: where to start - must be 0
2091 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2092 size_t count, loff_t *ppos)
2095 const char *cp = NULL;
2096 struct smack_known *skp;
2097 struct smack_rule *sp;
2098 struct list_head *rule_list;
2099 struct mutex *rule_lock;
2105 if (!smack_privileged(CAP_MAC_ADMIN))
2108 if (count == 0 || count > SMK_LONGLABEL)
2111 data = kzalloc(count, GFP_KERNEL);
2115 if (copy_from_user(data, buf, count) != 0) {
2120 cp = smk_parse_smack(data, count);
2126 skp = smk_find_entry(cp);
2130 rule_list = &skp->smk_rules;
2131 rule_lock = &skp->smk_rules_lock;
2133 mutex_lock(rule_lock);
2135 list_for_each_entry_rcu(sp, rule_list, list)
2138 mutex_unlock(rule_lock);
2146 static const struct file_operations smk_revoke_subj_ops = {
2147 .write = smk_write_revoke_subj,
2148 .read = simple_transaction_read,
2149 .release = simple_transaction_release,
2150 .llseek = generic_file_llseek,
2153 static struct kset *smackfs_kset;
2155 * smk_init_sysfs - initialize /sys/fs/smackfs
2158 static int smk_init_sysfs(void)
2160 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj);
2167 * smk_write_change_rule - write() for /smack/change-rule
2168 * @file: file pointer
2169 * @buf: data from user space
2170 * @count: bytes sent
2171 * @ppos: where to start - must be 0
2173 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2174 size_t count, loff_t *ppos)
2177 * Must have privilege.
2179 if (!smack_privileged(CAP_MAC_ADMIN))
2182 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2186 static const struct file_operations smk_change_rule_ops = {
2187 .write = smk_write_change_rule,
2188 .read = simple_transaction_read,
2189 .release = simple_transaction_release,
2190 .llseek = generic_file_llseek,
2194 * smk_read_syslog - read() for smackfs/syslog
2195 * @filp: file pointer, not actually used
2196 * @buf: where to put the result
2197 * @cn: maximum to send along
2198 * @ppos: where to start
2200 * Returns number of bytes read or error code, as appropriate
2202 static ssize_t smk_read_syslog(struct file *filp, char __user *buf,
2203 size_t cn, loff_t *ppos)
2205 struct smack_known *skp;
2206 ssize_t rc = -EINVAL;
2212 if (smack_syslog_label == NULL)
2213 skp = &smack_known_star;
2215 skp = smack_syslog_label;
2217 asize = strlen(skp->smk_known) + 1;
2220 rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known,
2227 * smk_write_syslog - write() for smackfs/syslog
2228 * @file: file pointer, not actually used
2229 * @buf: where to get the data from
2230 * @count: bytes sent
2231 * @ppos: where to start
2233 * Returns number of bytes written or error code, as appropriate
2235 static ssize_t smk_write_syslog(struct file *file, const char __user *buf,
2236 size_t count, loff_t *ppos)
2239 struct smack_known *skp;
2242 if (!smack_privileged(CAP_MAC_ADMIN))
2245 data = kzalloc(count + 1, GFP_KERNEL);
2249 if (copy_from_user(data, buf, count) != 0)
2252 skp = smk_import_entry(data, count);
2256 smack_syslog_label = smk_import_entry(data, count);
2263 static const struct file_operations smk_syslog_ops = {
2264 .read = smk_read_syslog,
2265 .write = smk_write_syslog,
2266 .llseek = default_llseek,
2271 * smk_read_ptrace - read() for /smack/ptrace
2272 * @filp: file pointer, not actually used
2273 * @buf: where to put the result
2274 * @count: maximum to send along
2275 * @ppos: where to start
2277 * Returns number of bytes read or error code, as appropriate
2279 static ssize_t smk_read_ptrace(struct file *filp, char __user *buf,
2280 size_t count, loff_t *ppos)
2288 sprintf(temp, "%d\n", smack_ptrace_rule);
2289 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
2294 * smk_write_ptrace - write() for /smack/ptrace
2295 * @file: file pointer
2296 * @buf: data from user space
2297 * @count: bytes sent
2298 * @ppos: where to start - must be 0
2300 static ssize_t smk_write_ptrace(struct file *file, const char __user *buf,
2301 size_t count, loff_t *ppos)
2306 if (!smack_privileged(CAP_MAC_ADMIN))
2309 if (*ppos != 0 || count >= sizeof(temp) || count == 0)
2312 if (copy_from_user(temp, buf, count) != 0)
2317 if (sscanf(temp, "%d", &i) != 1)
2319 if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX)
2321 smack_ptrace_rule = i;
2326 static const struct file_operations smk_ptrace_ops = {
2327 .write = smk_write_ptrace,
2328 .read = smk_read_ptrace,
2329 .llseek = default_llseek,
2333 * smk_fill_super - fill the smackfs superblock
2334 * @sb: the empty superblock
2338 * Fill in the well known entries for the smack filesystem
2340 * Returns 0 on success, an error code on failure
2342 static int smk_fill_super(struct super_block *sb, void *data, int silent)
2345 struct inode *root_inode;
2347 static struct tree_descr smack_files[] = {
2349 "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2351 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2353 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2355 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2357 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2358 [SMK_NETLBLADDR] = {
2359 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
2361 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2363 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2365 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2367 "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2369 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2371 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2372 [SMK_LOAD_SELF2] = {
2373 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2375 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2377 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2378 [SMK_REVOKE_SUBJ] = {
2379 "revoke-subject", &smk_revoke_subj_ops,
2381 [SMK_CHANGE_RULE] = {
2382 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2384 "syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR},
2386 "ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR},
2391 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2393 printk(KERN_ERR "%s failed %d while creating inodes\n",
2398 root_inode = d_inode(sb->s_root);
2404 * smk_mount - get the smackfs superblock
2405 * @fs_type: passed along without comment
2406 * @flags: passed along without comment
2407 * @dev_name: passed along without comment
2408 * @data: passed along without comment
2410 * Just passes everything along.
2412 * Returns what the lower level code does.
2414 static struct dentry *smk_mount(struct file_system_type *fs_type,
2415 int flags, const char *dev_name, void *data)
2417 return mount_single(fs_type, flags, data, smk_fill_super);
2420 static struct file_system_type smk_fs_type = {
2423 .kill_sb = kill_litter_super,
2426 static struct vfsmount *smackfs_mount;
2428 static int __init smk_preset_netlabel(struct smack_known *skp)
2430 skp->smk_netlabel.domain = skp->smk_known;
2431 skp->smk_netlabel.flags =
2432 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
2433 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known,
2434 &skp->smk_netlabel, strlen(skp->smk_known));
2438 * init_smk_fs - get the smackfs superblock
2440 * register the smackfs
2442 * Do not register smackfs if Smack wasn't enabled
2443 * on boot. We can not put this method normally under the
2444 * smack_init() code path since the security subsystem get
2445 * initialized before the vfs caches.
2447 * Returns true if we were not chosen on boot or if
2448 * we were chosen and filesystem registration succeeded.
2450 static int __init init_smk_fs(void)
2455 if (!security_module_enable(&smack_ops))
2458 err = smk_init_sysfs();
2460 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
2462 err = register_filesystem(&smk_fs_type);
2464 smackfs_mount = kern_mount(&smk_fs_type);
2465 if (IS_ERR(smackfs_mount)) {
2466 printk(KERN_ERR "smackfs: could not mount!\n");
2467 err = PTR_ERR(smackfs_mount);
2468 smackfs_mount = NULL;
2473 smk_unlbl_ambient(NULL);
2475 rc = smk_preset_netlabel(&smack_known_floor);
2476 if (err == 0 && rc < 0)
2478 rc = smk_preset_netlabel(&smack_known_hat);
2479 if (err == 0 && rc < 0)
2481 rc = smk_preset_netlabel(&smack_known_huh);
2482 if (err == 0 && rc < 0)
2484 rc = smk_preset_netlabel(&smack_known_invalid);
2485 if (err == 0 && rc < 0)
2487 rc = smk_preset_netlabel(&smack_known_star);
2488 if (err == 0 && rc < 0)
2490 rc = smk_preset_netlabel(&smack_known_web);
2491 if (err == 0 && rc < 0)
2497 __initcall(init_smk_fs);
projects / linux-block.git / blob