security/tomoyo/securityfs_if.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  * security/tomoyo/securityfs_if.c
   4  *
   5  * Copyright (C) 2005-2011  NTT DATA CORPORATION
   6  */
   7
   8 #include <linux/security.h>
   9 #include "common.h"
  10
  11 /**
  12  * tomoyo_check_task_acl - Check permission for task operation.
  13  *
  14  * @r:   Pointer to "struct tomoyo_request_info".
  15  * @ptr: Pointer to "struct tomoyo_acl_info".
  16  *
  17  * Returns true if granted, false otherwise.
  18  */
  19 static bool tomoyo_check_task_acl(struct tomoyo_request_info *r,
  20                                   const struct tomoyo_acl_info *ptr)
  21 {
  22         const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
  23                                                          head);
  24
  25         return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
  26 }
  27
  28 /**
  29  * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface.
  30  *
  31  * @file:  Pointer to "struct file".
  32  * @buf:   Domainname to transit to.
  33  * @count: Size of @buf.
  34  * @ppos:  Unused.
  35  *
  36  * Returns @count on success, negative value otherwise.
  37  *
  38  * If domain transition was permitted but the domain transition failed, this
  39  * function returns error rather than terminating current thread with SIGKILL.
  40  */
  41 static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
  42                               size_t count, loff_t *ppos)
  43 {
  44         char *data;
  45         int error;
  46
  47         if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
  48                 return -ENOMEM;
  49         data = memdup_user_nul(buf, count);
  50         if (IS_ERR(data))
  51                 return PTR_ERR(data);
  52         tomoyo_normalize_line(data);
  53         if (tomoyo_correct_domain(data)) {
  54                 const int idx = tomoyo_read_lock();
  55                 struct tomoyo_path_info name;
  56                 struct tomoyo_request_info r;
  57
  58                 name.name = data;
  59                 tomoyo_fill_path_info(&name);
  60                 /* Check "task manual_domain_transition" permission. */
  61                 tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
  62                 r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL;
  63                 r.param.task.domainname = &name;
  64                 tomoyo_check_acl(&r, tomoyo_check_task_acl);
  65                 if (!r.granted)
  66                         error = -EPERM;
  67                 else {
  68                         struct tomoyo_domain_info *new_domain =
  69                                 tomoyo_assign_domain(data, true);
  70                         if (!new_domain) {
  71                                 error = -ENOENT;
  72                         } else {
  73                                 struct tomoyo_task *s = tomoyo_task(current);
  74                                 struct tomoyo_domain_info *old_domain =
  75                                         s->domain_info;
  76
  77                                 s->domain_info = new_domain;
  78                                 atomic_inc(&new_domain->users);
  79                                 atomic_dec(&old_domain->users);
  80                                 error = 0;
  81                         }
  82                 }
  83                 tomoyo_read_unlock(idx);
  84         } else
  85                 error = -EINVAL;
  86         kfree(data);
  87         return error ? error : count;
  88 }
  89
  90 /**
  91  * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface.
  92  *
  93  * @file:  Pointer to "struct file".
  94  * @buf:   Domainname which current thread belongs to.
  95  * @count: Size of @buf.
  96  * @ppos:  Bytes read by now.
  97  *
  98  * Returns read size on success, negative value otherwise.
  99  */
 100 static ssize_t tomoyo_read_self(struct file *file, char __user *buf,
 101                                 size_t count, loff_t *ppos)
 102 {
 103         const char *domain = tomoyo_domain()->domainname->name;
 104         loff_t len = strlen(domain);
 105         loff_t pos = *ppos;
 106
 107         if (pos >= len || !count)
 108                 return 0;
 109         len -= pos;
 110         if (count < len)
 111                 len = count;
 112         if (copy_to_user(buf, domain + pos, len))
 113                 return -EFAULT;
 114         *ppos += len;
 115         return len;
 116 }
 117
 118 /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */
 119 static const struct file_operations tomoyo_self_operations = {
 120         .write = tomoyo_write_self,
 121         .read  = tomoyo_read_self,
 122 };
 123
 124 /**
 125  * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
 126  *
 127  * @inode: Pointer to "struct inode".
 128  * @file:  Pointer to "struct file".
 129  *
 130  * Returns 0 on success, negative value otherwise.
 131  */
 132 static int tomoyo_open(struct inode *inode, struct file *file)
 133 {
 134         const u8 key = (uintptr_t) file_inode(file)->i_private;
 135
 136         return tomoyo_open_control(key, file);
 137 }
 138
 139 /**
 140  * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
 141  *
 142  * @inode: Pointer to "struct inode".
 143  * @file:  Pointer to "struct file".
 144  *
 145  */
 146 static int tomoyo_release(struct inode *inode, struct file *file)
 147 {
 148         tomoyo_close_control(file->private_data);
 149         return 0;
 150 }
 151
 152 /**
 153  * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface.
 154  *
 155  * @file: Pointer to "struct file".
 156  * @wait: Pointer to "poll_table". Maybe NULL.
 157  *
 158  * Returns EPOLLIN | EPOLLRDNORM | EPOLLOUT | EPOLLWRNORM if ready to read/write,
 159  * EPOLLOUT | EPOLLWRNORM otherwise.
 160  */
 161 static __poll_t tomoyo_poll(struct file *file, poll_table *wait)
 162 {
 163         return tomoyo_poll_control(file, wait);
 164 }
 165
 166 /**
 167  * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface.
 168  *
 169  * @file:  Pointer to "struct file".
 170  * @buf:   Pointer to buffer.
 171  * @count: Size of @buf.
 172  * @ppos:  Unused.
 173  *
 174  * Returns bytes read on success, negative value otherwise.
 175  */
 176 static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count,
 177                            loff_t *ppos)
 178 {
 179         return tomoyo_read_control(file->private_data, buf, count);
 180 }
 181
 182 /**
 183  * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface.
 184  *
 185  * @file:  Pointer to "struct file".
 186  * @buf:   Pointer to buffer.
 187  * @count: Size of @buf.
 188  * @ppos:  Unused.
 189  *
 190  * Returns @count on success, negative value otherwise.
 191  */
 192 static ssize_t tomoyo_write(struct file *file, const char __user *buf,
 193                             size_t count, loff_t *ppos)
 194 {
 195         return tomoyo_write_control(file->private_data, buf, count);
 196 }
 197
 198 /*
 199  * tomoyo_operations is a "struct file_operations" which is used for handling
 200  * /sys/kernel/security/tomoyo/ interface.
 201  *
 202  * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR).
 203  * See tomoyo_io_buffer for internals.
 204  */
 205 static const struct file_operations tomoyo_operations = {
 206         .open    = tomoyo_open,
 207         .release = tomoyo_release,
 208         .poll    = tomoyo_poll,
 209         .read    = tomoyo_read,
 210         .write   = tomoyo_write,
 211         .llseek  = noop_llseek,
 212 };
 213
 214 /**
 215  * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory.
 216  *
 217  * @name:   The name of the interface file.
 218  * @mode:   The permission of the interface file.
 219  * @parent: The parent directory.
 220  * @key:    Type of interface.
 221  *
 222  * Returns nothing.
 223  */
 224 static void __init tomoyo_create_entry(const char *name, const umode_t mode,
 225                                        struct dentry *parent, const u8 key)
 226 {
 227         securityfs_create_file(name, mode, parent, (void *) (uintptr_t) key,
 228                                &tomoyo_operations);
 229 }
 230
 231 /**
 232  * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface.
 233  *
 234  * Returns 0.
 235  */
 236 static int __init tomoyo_initerface_init(void)
 237 {
 238         struct tomoyo_domain_info *domain;
 239         struct dentry *tomoyo_dir;
 240
 241         if (!tomoyo_enabled)
 242                 return 0;
 243         domain = tomoyo_domain();
 244         /* Don't create securityfs entries unless registered. */
 245         if (domain != &tomoyo_kernel_domain)
 246                 return 0;
 247
 248         tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
 249         tomoyo_create_entry("query",            0600, tomoyo_dir,
 250                             TOMOYO_QUERY);
 251         tomoyo_create_entry("domain_policy",    0600, tomoyo_dir,
 252                             TOMOYO_DOMAINPOLICY);
 253         tomoyo_create_entry("exception_policy", 0600, tomoyo_dir,
 254                             TOMOYO_EXCEPTIONPOLICY);
 255         tomoyo_create_entry("audit",            0400, tomoyo_dir,
 256                             TOMOYO_AUDIT);
 257         tomoyo_create_entry(".process_status",  0600, tomoyo_dir,
 258                             TOMOYO_PROCESS_STATUS);
 259         tomoyo_create_entry("stat",             0644, tomoyo_dir,
 260                             TOMOYO_STAT);
 261         tomoyo_create_entry("profile",          0600, tomoyo_dir,
 262                             TOMOYO_PROFILE);
 263         tomoyo_create_entry("manager",          0600, tomoyo_dir,
 264                             TOMOYO_MANAGER);
 265         tomoyo_create_entry("version",          0400, tomoyo_dir,
 266                             TOMOYO_VERSION);
 267         securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL,
 268                                &tomoyo_self_operations);
 269         tomoyo_load_builtin_policy();
 270         return 0;
 271 }
 272
 273 fs_initcall(tomoyo_initerface_init);