0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015 #include <linux/kernel.h>
0016 #include <linux/pagemap.h>
0017 #include <linux/slab.h>
0018 #include <linux/vmalloc.h>
0019 #include <linux/fs.h>
0020 #include <linux/fs_context.h>
0021 #include <linux/mount.h>
0022 #include <linux/mutex.h>
0023 #include <linux/namei.h>
0024 #include <linux/init.h>
0025 #include <linux/string.h>
0026 #include <linux/security.h>
0027 #include <linux/major.h>
0028 #include <linux/seq_file.h>
0029 #include <linux/percpu.h>
0030 #include <linux/audit.h>
0031 #include <linux/uaccess.h>
0032 #include <linux/kobject.h>
0033 #include <linux/ctype.h>
0034
0035
0036
0037
0038 #include "flask.h"
0039 #include "avc.h"
0040 #include "avc_ss.h"
0041 #include "security.h"
0042 #include "objsec.h"
0043 #include "conditional.h"
0044 #include "ima.h"
0045
0046 enum sel_inos {
0047 SEL_ROOT_INO = 2,
0048 SEL_LOAD,
0049 SEL_ENFORCE,
0050 SEL_CONTEXT,
0051 SEL_ACCESS,
0052 SEL_CREATE,
0053 SEL_RELABEL,
0054 SEL_USER,
0055 SEL_POLICYVERS,
0056 SEL_COMMIT_BOOLS,
0057 SEL_MLS,
0058 SEL_DISABLE,
0059 SEL_MEMBER,
0060 SEL_CHECKREQPROT,
0061 SEL_COMPAT_NET,
0062 SEL_REJECT_UNKNOWN,
0063 SEL_DENY_UNKNOWN,
0064 SEL_STATUS,
0065 SEL_POLICY,
0066 SEL_VALIDATE_TRANS,
0067 SEL_INO_NEXT,
0068 };
0069
0070 struct selinux_fs_info {
0071 struct dentry *bool_dir;
0072 unsigned int bool_num;
0073 char **bool_pending_names;
0074 unsigned int *bool_pending_values;
0075 struct dentry *class_dir;
0076 unsigned long last_class_ino;
0077 bool policy_opened;
0078 struct dentry *policycap_dir;
0079 unsigned long last_ino;
0080 struct selinux_state *state;
0081 struct super_block *sb;
0082 };
0083
0084 static int selinux_fs_info_create(struct super_block *sb)
0085 {
0086 struct selinux_fs_info *fsi;
0087
0088 fsi = kzalloc(sizeof(*fsi), GFP_KERNEL);
0089 if (!fsi)
0090 return -ENOMEM;
0091
0092 fsi->last_ino = SEL_INO_NEXT - 1;
0093 fsi->state = &selinux_state;
0094 fsi->sb = sb;
0095 sb->s_fs_info = fsi;
0096 return 0;
0097 }
0098
0099 static void selinux_fs_info_free(struct super_block *sb)
0100 {
0101 struct selinux_fs_info *fsi = sb->s_fs_info;
0102 int i;
0103
0104 if (fsi) {
0105 for (i = 0; i < fsi->bool_num; i++)
0106 kfree(fsi->bool_pending_names[i]);
0107 kfree(fsi->bool_pending_names);
0108 kfree(fsi->bool_pending_values);
0109 }
0110 kfree(sb->s_fs_info);
0111 sb->s_fs_info = NULL;
0112 }
0113
0114 #define SEL_INITCON_INO_OFFSET 0x01000000
0115 #define SEL_BOOL_INO_OFFSET 0x02000000
0116 #define SEL_CLASS_INO_OFFSET 0x04000000
0117 #define SEL_POLICYCAP_INO_OFFSET 0x08000000
0118 #define SEL_INO_MASK 0x00ffffff
0119
0120 #define BOOL_DIR_NAME "booleans"
0121 #define CLASS_DIR_NAME "class"
0122 #define POLICYCAP_DIR_NAME "policy_capabilities"
0123
0124 #define TMPBUFLEN 12
0125 static ssize_t sel_read_enforce(struct file *filp, char __user *buf,
0126 size_t count, loff_t *ppos)
0127 {
0128 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
0129 char tmpbuf[TMPBUFLEN];
0130 ssize_t length;
0131
0132 length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
0133 enforcing_enabled(fsi->state));
0134 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
0135 }
0136
0137 #ifdef CONFIG_SECURITY_SELINUX_DEVELOP
0138 static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
0139 size_t count, loff_t *ppos)
0140
0141 {
0142 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0143 struct selinux_state *state = fsi->state;
0144 char *page = NULL;
0145 ssize_t length;
0146 int old_value, new_value;
0147
0148 if (count >= PAGE_SIZE)
0149 return -ENOMEM;
0150
0151
0152 if (*ppos != 0)
0153 return -EINVAL;
0154
0155 page = memdup_user_nul(buf, count);
0156 if (IS_ERR(page))
0157 return PTR_ERR(page);
0158
0159 length = -EINVAL;
0160 if (sscanf(page, "%d", &new_value) != 1)
0161 goto out;
0162
0163 new_value = !!new_value;
0164
0165 old_value = enforcing_enabled(state);
0166 if (new_value != old_value) {
0167 length = avc_has_perm(&selinux_state,
0168 current_sid(), SECINITSID_SECURITY,
0169 SECCLASS_SECURITY, SECURITY__SETENFORCE,
0170 NULL);
0171 if (length)
0172 goto out;
0173 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS,
0174 "enforcing=%d old_enforcing=%d auid=%u ses=%u"
0175 " enabled=1 old-enabled=1 lsm=selinux res=1",
0176 new_value, old_value,
0177 from_kuid(&init_user_ns, audit_get_loginuid(current)),
0178 audit_get_sessionid(current));
0179 enforcing_set(state, new_value);
0180 if (new_value)
0181 avc_ss_reset(state->avc, 0);
0182 selnl_notify_setenforce(new_value);
0183 selinux_status_update_setenforce(state, new_value);
0184 if (!new_value)
0185 call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL);
0186
0187 selinux_ima_measure_state(state);
0188 }
0189 length = count;
0190 out:
0191 kfree(page);
0192 return length;
0193 }
0194 #else
0195 #define sel_write_enforce NULL
0196 #endif
0197
0198 static const struct file_operations sel_enforce_ops = {
0199 .read = sel_read_enforce,
0200 .write = sel_write_enforce,
0201 .llseek = generic_file_llseek,
0202 };
0203
0204 static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf,
0205 size_t count, loff_t *ppos)
0206 {
0207 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
0208 struct selinux_state *state = fsi->state;
0209 char tmpbuf[TMPBUFLEN];
0210 ssize_t length;
0211 ino_t ino = file_inode(filp)->i_ino;
0212 int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ?
0213 security_get_reject_unknown(state) :
0214 !security_get_allow_unknown(state);
0215
0216 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown);
0217 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
0218 }
0219
0220 static const struct file_operations sel_handle_unknown_ops = {
0221 .read = sel_read_handle_unknown,
0222 .llseek = generic_file_llseek,
0223 };
0224
0225 static int sel_open_handle_status(struct inode *inode, struct file *filp)
0226 {
0227 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
0228 struct page *status = selinux_kernel_status_page(fsi->state);
0229
0230 if (!status)
0231 return -ENOMEM;
0232
0233 filp->private_data = status;
0234
0235 return 0;
0236 }
0237
0238 static ssize_t sel_read_handle_status(struct file *filp, char __user *buf,
0239 size_t count, loff_t *ppos)
0240 {
0241 struct page *status = filp->private_data;
0242
0243 BUG_ON(!status);
0244
0245 return simple_read_from_buffer(buf, count, ppos,
0246 page_address(status),
0247 sizeof(struct selinux_kernel_status));
0248 }
0249
0250 static int sel_mmap_handle_status(struct file *filp,
0251 struct vm_area_struct *vma)
0252 {
0253 struct page *status = filp->private_data;
0254 unsigned long size = vma->vm_end - vma->vm_start;
0255
0256 BUG_ON(!status);
0257
0258
0259 if (vma->vm_pgoff > 0 || size != PAGE_SIZE)
0260 return -EIO;
0261
0262 if (vma->vm_flags & VM_WRITE)
0263 return -EPERM;
0264
0265 vma->vm_flags &= ~VM_MAYWRITE;
0266
0267 return remap_pfn_range(vma, vma->vm_start,
0268 page_to_pfn(status),
0269 size, vma->vm_page_prot);
0270 }
0271
0272 static const struct file_operations sel_handle_status_ops = {
0273 .open = sel_open_handle_status,
0274 .read = sel_read_handle_status,
0275 .mmap = sel_mmap_handle_status,
0276 .llseek = generic_file_llseek,
0277 };
0278
0279 #ifdef CONFIG_SECURITY_SELINUX_DISABLE
0280 static ssize_t sel_write_disable(struct file *file, const char __user *buf,
0281 size_t count, loff_t *ppos)
0282
0283 {
0284 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0285 char *page;
0286 ssize_t length;
0287 int new_value;
0288 int enforcing;
0289
0290
0291
0292
0293
0294
0295 pr_err("SELinux: Runtime disable is deprecated, use selinux=0 on the kernel cmdline.\n");
0296 pr_err("SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-runtime-disable\n");
0297 ssleep(5);
0298
0299 if (count >= PAGE_SIZE)
0300 return -ENOMEM;
0301
0302
0303 if (*ppos != 0)
0304 return -EINVAL;
0305
0306 page = memdup_user_nul(buf, count);
0307 if (IS_ERR(page))
0308 return PTR_ERR(page);
0309
0310 length = -EINVAL;
0311 if (sscanf(page, "%d", &new_value) != 1)
0312 goto out;
0313
0314 if (new_value) {
0315 enforcing = enforcing_enabled(fsi->state);
0316 length = selinux_disable(fsi->state);
0317 if (length)
0318 goto out;
0319 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS,
0320 "enforcing=%d old_enforcing=%d auid=%u ses=%u"
0321 " enabled=0 old-enabled=1 lsm=selinux res=1",
0322 enforcing, enforcing,
0323 from_kuid(&init_user_ns, audit_get_loginuid(current)),
0324 audit_get_sessionid(current));
0325 }
0326
0327 length = count;
0328 out:
0329 kfree(page);
0330 return length;
0331 }
0332 #else
0333 #define sel_write_disable NULL
0334 #endif
0335
0336 static const struct file_operations sel_disable_ops = {
0337 .write = sel_write_disable,
0338 .llseek = generic_file_llseek,
0339 };
0340
0341 static ssize_t sel_read_policyvers(struct file *filp, char __user *buf,
0342 size_t count, loff_t *ppos)
0343 {
0344 char tmpbuf[TMPBUFLEN];
0345 ssize_t length;
0346
0347 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX);
0348 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
0349 }
0350
0351 static const struct file_operations sel_policyvers_ops = {
0352 .read = sel_read_policyvers,
0353 .llseek = generic_file_llseek,
0354 };
0355
0356
0357 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir,
0358 unsigned int *bool_num, char ***bool_pending_names,
0359 unsigned int **bool_pending_values);
0360 static int sel_make_classes(struct selinux_policy *newpolicy,
0361 struct dentry *class_dir,
0362 unsigned long *last_class_ino);
0363
0364
0365 static struct dentry *sel_make_dir(struct dentry *dir, const char *name,
0366 unsigned long *ino);
0367
0368
0369 static struct dentry *sel_make_disconnected_dir(struct super_block *sb,
0370 unsigned long *ino);
0371
0372
0373 static void sel_remove_entries(struct dentry *de);
0374
0375 static ssize_t sel_read_mls(struct file *filp, char __user *buf,
0376 size_t count, loff_t *ppos)
0377 {
0378 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
0379 char tmpbuf[TMPBUFLEN];
0380 ssize_t length;
0381
0382 length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
0383 security_mls_enabled(fsi->state));
0384 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
0385 }
0386
0387 static const struct file_operations sel_mls_ops = {
0388 .read = sel_read_mls,
0389 .llseek = generic_file_llseek,
0390 };
0391
0392 struct policy_load_memory {
0393 size_t len;
0394 void *data;
0395 };
0396
0397 static int sel_open_policy(struct inode *inode, struct file *filp)
0398 {
0399 struct selinux_fs_info *fsi = inode->i_sb->s_fs_info;
0400 struct selinux_state *state = fsi->state;
0401 struct policy_load_memory *plm = NULL;
0402 int rc;
0403
0404 BUG_ON(filp->private_data);
0405
0406 mutex_lock(&fsi->state->policy_mutex);
0407
0408 rc = avc_has_perm(&selinux_state,
0409 current_sid(), SECINITSID_SECURITY,
0410 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL);
0411 if (rc)
0412 goto err;
0413
0414 rc = -EBUSY;
0415 if (fsi->policy_opened)
0416 goto err;
0417
0418 rc = -ENOMEM;
0419 plm = kzalloc(sizeof(*plm), GFP_KERNEL);
0420 if (!plm)
0421 goto err;
0422
0423 rc = security_read_policy(state, &plm->data, &plm->len);
0424 if (rc)
0425 goto err;
0426
0427 if ((size_t)i_size_read(inode) != plm->len) {
0428 inode_lock(inode);
0429 i_size_write(inode, plm->len);
0430 inode_unlock(inode);
0431 }
0432
0433 fsi->policy_opened = 1;
0434
0435 filp->private_data = plm;
0436
0437 mutex_unlock(&fsi->state->policy_mutex);
0438
0439 return 0;
0440 err:
0441 mutex_unlock(&fsi->state->policy_mutex);
0442
0443 if (plm)
0444 vfree(plm->data);
0445 kfree(plm);
0446 return rc;
0447 }
0448
0449 static int sel_release_policy(struct inode *inode, struct file *filp)
0450 {
0451 struct selinux_fs_info *fsi = inode->i_sb->s_fs_info;
0452 struct policy_load_memory *plm = filp->private_data;
0453
0454 BUG_ON(!plm);
0455
0456 fsi->policy_opened = 0;
0457
0458 vfree(plm->data);
0459 kfree(plm);
0460
0461 return 0;
0462 }
0463
0464 static ssize_t sel_read_policy(struct file *filp, char __user *buf,
0465 size_t count, loff_t *ppos)
0466 {
0467 struct policy_load_memory *plm = filp->private_data;
0468 int ret;
0469
0470 ret = avc_has_perm(&selinux_state,
0471 current_sid(), SECINITSID_SECURITY,
0472 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL);
0473 if (ret)
0474 return ret;
0475
0476 return simple_read_from_buffer(buf, count, ppos, plm->data, plm->len);
0477 }
0478
0479 static vm_fault_t sel_mmap_policy_fault(struct vm_fault *vmf)
0480 {
0481 struct policy_load_memory *plm = vmf->vma->vm_file->private_data;
0482 unsigned long offset;
0483 struct page *page;
0484
0485 if (vmf->flags & (FAULT_FLAG_MKWRITE | FAULT_FLAG_WRITE))
0486 return VM_FAULT_SIGBUS;
0487
0488 offset = vmf->pgoff << PAGE_SHIFT;
0489 if (offset >= roundup(plm->len, PAGE_SIZE))
0490 return VM_FAULT_SIGBUS;
0491
0492 page = vmalloc_to_page(plm->data + offset);
0493 get_page(page);
0494
0495 vmf->page = page;
0496
0497 return 0;
0498 }
0499
0500 static const struct vm_operations_struct sel_mmap_policy_ops = {
0501 .fault = sel_mmap_policy_fault,
0502 .page_mkwrite = sel_mmap_policy_fault,
0503 };
0504
0505 static int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma)
0506 {
0507 if (vma->vm_flags & VM_SHARED) {
0508
0509 vma->vm_flags &= ~VM_MAYWRITE;
0510
0511 if (vma->vm_flags & VM_WRITE)
0512 return -EACCES;
0513 }
0514
0515 vma->vm_flags |= VM_DONTEXPAND | VM_DONTDUMP;
0516 vma->vm_ops = &sel_mmap_policy_ops;
0517
0518 return 0;
0519 }
0520
0521 static const struct file_operations sel_policy_ops = {
0522 .open = sel_open_policy,
0523 .read = sel_read_policy,
0524 .mmap = sel_mmap_policy,
0525 .release = sel_release_policy,
0526 .llseek = generic_file_llseek,
0527 };
0528
0529 static void sel_remove_old_bool_data(unsigned int bool_num, char **bool_names,
0530 unsigned int *bool_values)
0531 {
0532 u32 i;
0533
0534
0535 for (i = 0; i < bool_num; i++)
0536 kfree(bool_names[i]);
0537 kfree(bool_names);
0538 kfree(bool_values);
0539 }
0540
0541 static int sel_make_policy_nodes(struct selinux_fs_info *fsi,
0542 struct selinux_policy *newpolicy)
0543 {
0544 int ret = 0;
0545 struct dentry *tmp_parent, *tmp_bool_dir, *tmp_class_dir, *old_dentry;
0546 unsigned int tmp_bool_num, old_bool_num;
0547 char **tmp_bool_names, **old_bool_names;
0548 unsigned int *tmp_bool_values, *old_bool_values;
0549 unsigned long tmp_ino = fsi->last_ino;
0550
0551 tmp_parent = sel_make_disconnected_dir(fsi->sb, &tmp_ino);
0552 if (IS_ERR(tmp_parent))
0553 return PTR_ERR(tmp_parent);
0554
0555 tmp_ino = fsi->bool_dir->d_inode->i_ino - 1;
0556 tmp_bool_dir = sel_make_dir(tmp_parent, BOOL_DIR_NAME, &tmp_ino);
0557 if (IS_ERR(tmp_bool_dir)) {
0558 ret = PTR_ERR(tmp_bool_dir);
0559 goto out;
0560 }
0561
0562 tmp_ino = fsi->class_dir->d_inode->i_ino - 1;
0563 tmp_class_dir = sel_make_dir(tmp_parent, CLASS_DIR_NAME, &tmp_ino);
0564 if (IS_ERR(tmp_class_dir)) {
0565 ret = PTR_ERR(tmp_class_dir);
0566 goto out;
0567 }
0568
0569 ret = sel_make_bools(newpolicy, tmp_bool_dir, &tmp_bool_num,
0570 &tmp_bool_names, &tmp_bool_values);
0571 if (ret)
0572 goto out;
0573
0574 ret = sel_make_classes(newpolicy, tmp_class_dir,
0575 &fsi->last_class_ino);
0576 if (ret)
0577 goto out;
0578
0579
0580 old_dentry = fsi->bool_dir;
0581 lock_rename(tmp_bool_dir, old_dentry);
0582 d_exchange(tmp_bool_dir, fsi->bool_dir);
0583
0584 old_bool_num = fsi->bool_num;
0585 old_bool_names = fsi->bool_pending_names;
0586 old_bool_values = fsi->bool_pending_values;
0587
0588 fsi->bool_num = tmp_bool_num;
0589 fsi->bool_pending_names = tmp_bool_names;
0590 fsi->bool_pending_values = tmp_bool_values;
0591
0592 sel_remove_old_bool_data(old_bool_num, old_bool_names, old_bool_values);
0593
0594 fsi->bool_dir = tmp_bool_dir;
0595 unlock_rename(tmp_bool_dir, old_dentry);
0596
0597
0598 old_dentry = fsi->class_dir;
0599 lock_rename(tmp_class_dir, old_dentry);
0600 d_exchange(tmp_class_dir, fsi->class_dir);
0601 fsi->class_dir = tmp_class_dir;
0602 unlock_rename(tmp_class_dir, old_dentry);
0603
0604 out:
0605
0606
0607
0608
0609 sel_remove_entries(tmp_parent);
0610 dput(tmp_parent);
0611
0612 return ret;
0613 }
0614
0615 static ssize_t sel_write_load(struct file *file, const char __user *buf,
0616 size_t count, loff_t *ppos)
0617
0618 {
0619 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0620 struct selinux_load_state load_state;
0621 ssize_t length;
0622 void *data = NULL;
0623
0624 mutex_lock(&fsi->state->policy_mutex);
0625
0626 length = avc_has_perm(&selinux_state,
0627 current_sid(), SECINITSID_SECURITY,
0628 SECCLASS_SECURITY, SECURITY__LOAD_POLICY, NULL);
0629 if (length)
0630 goto out;
0631
0632
0633 length = -EINVAL;
0634 if (*ppos != 0)
0635 goto out;
0636
0637 length = -ENOMEM;
0638 data = vmalloc(count);
0639 if (!data)
0640 goto out;
0641
0642 length = -EFAULT;
0643 if (copy_from_user(data, buf, count) != 0)
0644 goto out;
0645
0646 length = security_load_policy(fsi->state, data, count, &load_state);
0647 if (length) {
0648 pr_warn_ratelimited("SELinux: failed to load policy\n");
0649 goto out;
0650 }
0651
0652 length = sel_make_policy_nodes(fsi, load_state.policy);
0653 if (length) {
0654 pr_warn_ratelimited("SELinux: failed to initialize selinuxfs\n");
0655 selinux_policy_cancel(fsi->state, &load_state);
0656 goto out;
0657 }
0658
0659 selinux_policy_commit(fsi->state, &load_state);
0660
0661 length = count;
0662
0663 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
0664 "auid=%u ses=%u lsm=selinux res=1",
0665 from_kuid(&init_user_ns, audit_get_loginuid(current)),
0666 audit_get_sessionid(current));
0667 out:
0668 mutex_unlock(&fsi->state->policy_mutex);
0669 vfree(data);
0670 return length;
0671 }
0672
0673 static const struct file_operations sel_load_ops = {
0674 .write = sel_write_load,
0675 .llseek = generic_file_llseek,
0676 };
0677
0678 static ssize_t sel_write_context(struct file *file, char *buf, size_t size)
0679 {
0680 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0681 struct selinux_state *state = fsi->state;
0682 char *canon = NULL;
0683 u32 sid, len;
0684 ssize_t length;
0685
0686 length = avc_has_perm(&selinux_state,
0687 current_sid(), SECINITSID_SECURITY,
0688 SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, NULL);
0689 if (length)
0690 goto out;
0691
0692 length = security_context_to_sid(state, buf, size, &sid, GFP_KERNEL);
0693 if (length)
0694 goto out;
0695
0696 length = security_sid_to_context(state, sid, &canon, &len);
0697 if (length)
0698 goto out;
0699
0700 length = -ERANGE;
0701 if (len > SIMPLE_TRANSACTION_LIMIT) {
0702 pr_err("SELinux: %s: context size (%u) exceeds "
0703 "payload max\n", __func__, len);
0704 goto out;
0705 }
0706
0707 memcpy(buf, canon, len);
0708 length = len;
0709 out:
0710 kfree(canon);
0711 return length;
0712 }
0713
0714 static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf,
0715 size_t count, loff_t *ppos)
0716 {
0717 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
0718 char tmpbuf[TMPBUFLEN];
0719 ssize_t length;
0720
0721 length = scnprintf(tmpbuf, TMPBUFLEN, "%u",
0722 checkreqprot_get(fsi->state));
0723 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
0724 }
0725
0726 static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf,
0727 size_t count, loff_t *ppos)
0728 {
0729 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0730 char *page;
0731 ssize_t length;
0732 unsigned int new_value;
0733
0734 length = avc_has_perm(&selinux_state,
0735 current_sid(), SECINITSID_SECURITY,
0736 SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT,
0737 NULL);
0738 if (length)
0739 return length;
0740
0741 if (count >= PAGE_SIZE)
0742 return -ENOMEM;
0743
0744
0745 if (*ppos != 0)
0746 return -EINVAL;
0747
0748 page = memdup_user_nul(buf, count);
0749 if (IS_ERR(page))
0750 return PTR_ERR(page);
0751
0752 length = -EINVAL;
0753 if (sscanf(page, "%u", &new_value) != 1)
0754 goto out;
0755
0756 if (new_value) {
0757 char comm[sizeof(current->comm)];
0758
0759 memcpy(comm, current->comm, sizeof(comm));
0760 pr_err("SELinux: %s (%d) set checkreqprot to 1. This is deprecated and will be rejected in a future kernel release.\n",
0761 comm, current->pid);
0762 }
0763
0764 checkreqprot_set(fsi->state, (new_value ? 1 : 0));
0765 if (new_value)
0766 ssleep(5);
0767 length = count;
0768
0769 selinux_ima_measure_state(fsi->state);
0770
0771 out:
0772 kfree(page);
0773 return length;
0774 }
0775 static const struct file_operations sel_checkreqprot_ops = {
0776 .read = sel_read_checkreqprot,
0777 .write = sel_write_checkreqprot,
0778 .llseek = generic_file_llseek,
0779 };
0780
0781 static ssize_t sel_write_validatetrans(struct file *file,
0782 const char __user *buf,
0783 size_t count, loff_t *ppos)
0784 {
0785 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0786 struct selinux_state *state = fsi->state;
0787 char *oldcon = NULL, *newcon = NULL, *taskcon = NULL;
0788 char *req = NULL;
0789 u32 osid, nsid, tsid;
0790 u16 tclass;
0791 int rc;
0792
0793 rc = avc_has_perm(&selinux_state,
0794 current_sid(), SECINITSID_SECURITY,
0795 SECCLASS_SECURITY, SECURITY__VALIDATE_TRANS, NULL);
0796 if (rc)
0797 goto out;
0798
0799 rc = -ENOMEM;
0800 if (count >= PAGE_SIZE)
0801 goto out;
0802
0803
0804 rc = -EINVAL;
0805 if (*ppos != 0)
0806 goto out;
0807
0808 req = memdup_user_nul(buf, count);
0809 if (IS_ERR(req)) {
0810 rc = PTR_ERR(req);
0811 req = NULL;
0812 goto out;
0813 }
0814
0815 rc = -ENOMEM;
0816 oldcon = kzalloc(count + 1, GFP_KERNEL);
0817 if (!oldcon)
0818 goto out;
0819
0820 newcon = kzalloc(count + 1, GFP_KERNEL);
0821 if (!newcon)
0822 goto out;
0823
0824 taskcon = kzalloc(count + 1, GFP_KERNEL);
0825 if (!taskcon)
0826 goto out;
0827
0828 rc = -EINVAL;
0829 if (sscanf(req, "%s %s %hu %s", oldcon, newcon, &tclass, taskcon) != 4)
0830 goto out;
0831
0832 rc = security_context_str_to_sid(state, oldcon, &osid, GFP_KERNEL);
0833 if (rc)
0834 goto out;
0835
0836 rc = security_context_str_to_sid(state, newcon, &nsid, GFP_KERNEL);
0837 if (rc)
0838 goto out;
0839
0840 rc = security_context_str_to_sid(state, taskcon, &tsid, GFP_KERNEL);
0841 if (rc)
0842 goto out;
0843
0844 rc = security_validate_transition_user(state, osid, nsid, tsid, tclass);
0845 if (!rc)
0846 rc = count;
0847 out:
0848 kfree(req);
0849 kfree(oldcon);
0850 kfree(newcon);
0851 kfree(taskcon);
0852 return rc;
0853 }
0854
0855 static const struct file_operations sel_transition_ops = {
0856 .write = sel_write_validatetrans,
0857 .llseek = generic_file_llseek,
0858 };
0859
0860
0861
0862
0863 static ssize_t sel_write_access(struct file *file, char *buf, size_t size);
0864 static ssize_t sel_write_create(struct file *file, char *buf, size_t size);
0865 static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size);
0866 static ssize_t sel_write_user(struct file *file, char *buf, size_t size);
0867 static ssize_t sel_write_member(struct file *file, char *buf, size_t size);
0868
0869 static ssize_t (*const write_op[])(struct file *, char *, size_t) = {
0870 [SEL_ACCESS] = sel_write_access,
0871 [SEL_CREATE] = sel_write_create,
0872 [SEL_RELABEL] = sel_write_relabel,
0873 [SEL_USER] = sel_write_user,
0874 [SEL_MEMBER] = sel_write_member,
0875 [SEL_CONTEXT] = sel_write_context,
0876 };
0877
0878 static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos)
0879 {
0880 ino_t ino = file_inode(file)->i_ino;
0881 char *data;
0882 ssize_t rv;
0883
0884 if (ino >= ARRAY_SIZE(write_op) || !write_op[ino])
0885 return -EINVAL;
0886
0887 data = simple_transaction_get(file, buf, size);
0888 if (IS_ERR(data))
0889 return PTR_ERR(data);
0890
0891 rv = write_op[ino](file, data, size);
0892 if (rv > 0) {
0893 simple_transaction_set(file, rv);
0894 rv = size;
0895 }
0896 return rv;
0897 }
0898
0899 static const struct file_operations transaction_ops = {
0900 .write = selinux_transaction_write,
0901 .read = simple_transaction_read,
0902 .release = simple_transaction_release,
0903 .llseek = generic_file_llseek,
0904 };
0905
0906
0907
0908
0909
0910
0911
0912 static ssize_t sel_write_access(struct file *file, char *buf, size_t size)
0913 {
0914 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0915 struct selinux_state *state = fsi->state;
0916 char *scon = NULL, *tcon = NULL;
0917 u32 ssid, tsid;
0918 u16 tclass;
0919 struct av_decision avd;
0920 ssize_t length;
0921
0922 length = avc_has_perm(&selinux_state,
0923 current_sid(), SECINITSID_SECURITY,
0924 SECCLASS_SECURITY, SECURITY__COMPUTE_AV, NULL);
0925 if (length)
0926 goto out;
0927
0928 length = -ENOMEM;
0929 scon = kzalloc(size + 1, GFP_KERNEL);
0930 if (!scon)
0931 goto out;
0932
0933 length = -ENOMEM;
0934 tcon = kzalloc(size + 1, GFP_KERNEL);
0935 if (!tcon)
0936 goto out;
0937
0938 length = -EINVAL;
0939 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
0940 goto out;
0941
0942 length = security_context_str_to_sid(state, scon, &ssid, GFP_KERNEL);
0943 if (length)
0944 goto out;
0945
0946 length = security_context_str_to_sid(state, tcon, &tsid, GFP_KERNEL);
0947 if (length)
0948 goto out;
0949
0950 security_compute_av_user(state, ssid, tsid, tclass, &avd);
0951
0952 length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT,
0953 "%x %x %x %x %u %x",
0954 avd.allowed, 0xffffffff,
0955 avd.auditallow, avd.auditdeny,
0956 avd.seqno, avd.flags);
0957 out:
0958 kfree(tcon);
0959 kfree(scon);
0960 return length;
0961 }
0962
0963 static ssize_t sel_write_create(struct file *file, char *buf, size_t size)
0964 {
0965 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
0966 struct selinux_state *state = fsi->state;
0967 char *scon = NULL, *tcon = NULL;
0968 char *namebuf = NULL, *objname = NULL;
0969 u32 ssid, tsid, newsid;
0970 u16 tclass;
0971 ssize_t length;
0972 char *newcon = NULL;
0973 u32 len;
0974 int nargs;
0975
0976 length = avc_has_perm(&selinux_state,
0977 current_sid(), SECINITSID_SECURITY,
0978 SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE,
0979 NULL);
0980 if (length)
0981 goto out;
0982
0983 length = -ENOMEM;
0984 scon = kzalloc(size + 1, GFP_KERNEL);
0985 if (!scon)
0986 goto out;
0987
0988 length = -ENOMEM;
0989 tcon = kzalloc(size + 1, GFP_KERNEL);
0990 if (!tcon)
0991 goto out;
0992
0993 length = -ENOMEM;
0994 namebuf = kzalloc(size + 1, GFP_KERNEL);
0995 if (!namebuf)
0996 goto out;
0997
0998 length = -EINVAL;
0999 nargs = sscanf(buf, "%s %s %hu %s", scon, tcon, &tclass, namebuf);
1000 if (nargs < 3 || nargs > 4)
1001 goto out;
1002 if (nargs == 4) {
1003
1004
1005
1006
1007
1008
1009
1010 char *r, *w;
1011 int c1, c2;
1012
1013 r = w = namebuf;
1014 do {
1015 c1 = *r++;
1016 if (c1 == '+')
1017 c1 = ' ';
1018 else if (c1 == '%') {
1019 c1 = hex_to_bin(*r++);
1020 if (c1 < 0)
1021 goto out;
1022 c2 = hex_to_bin(*r++);
1023 if (c2 < 0)
1024 goto out;
1025 c1 = (c1 << 4) | c2;
1026 }
1027 *w++ = c1;
1028 } while (c1 != '\0');
1029
1030 objname = namebuf;
1031 }
1032
1033 length = security_context_str_to_sid(state, scon, &ssid, GFP_KERNEL);
1034 if (length)
1035 goto out;
1036
1037 length = security_context_str_to_sid(state, tcon, &tsid, GFP_KERNEL);
1038 if (length)
1039 goto out;
1040
1041 length = security_transition_sid_user(state, ssid, tsid, tclass,
1042 objname, &newsid);
1043 if (length)
1044 goto out;
1045
1046 length = security_sid_to_context(state, newsid, &newcon, &len);
1047 if (length)
1048 goto out;
1049
1050 length = -ERANGE;
1051 if (len > SIMPLE_TRANSACTION_LIMIT) {
1052 pr_err("SELinux: %s: context size (%u) exceeds "
1053 "payload max\n", __func__, len);
1054 goto out;
1055 }
1056
1057 memcpy(buf, newcon, len);
1058 length = len;
1059 out:
1060 kfree(newcon);
1061 kfree(namebuf);
1062 kfree(tcon);
1063 kfree(scon);
1064 return length;
1065 }
1066
1067 static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size)
1068 {
1069 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
1070 struct selinux_state *state = fsi->state;
1071 char *scon = NULL, *tcon = NULL;
1072 u32 ssid, tsid, newsid;
1073 u16 tclass;
1074 ssize_t length;
1075 char *newcon = NULL;
1076 u32 len;
1077
1078 length = avc_has_perm(&selinux_state,
1079 current_sid(), SECINITSID_SECURITY,
1080 SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL,
1081 NULL);
1082 if (length)
1083 goto out;
1084
1085 length = -ENOMEM;
1086 scon = kzalloc(size + 1, GFP_KERNEL);
1087 if (!scon)
1088 goto out;
1089
1090 length = -ENOMEM;
1091 tcon = kzalloc(size + 1, GFP_KERNEL);
1092 if (!tcon)
1093 goto out;
1094
1095 length = -EINVAL;
1096 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
1097 goto out;
1098
1099 length = security_context_str_to_sid(state, scon, &ssid, GFP_KERNEL);
1100 if (length)
1101 goto out;
1102
1103 length = security_context_str_to_sid(state, tcon, &tsid, GFP_KERNEL);
1104 if (length)
1105 goto out;
1106
1107 length = security_change_sid(state, ssid, tsid, tclass, &newsid);
1108 if (length)
1109 goto out;
1110
1111 length = security_sid_to_context(state, newsid, &newcon, &len);
1112 if (length)
1113 goto out;
1114
1115 length = -ERANGE;
1116 if (len > SIMPLE_TRANSACTION_LIMIT)
1117 goto out;
1118
1119 memcpy(buf, newcon, len);
1120 length = len;
1121 out:
1122 kfree(newcon);
1123 kfree(tcon);
1124 kfree(scon);
1125 return length;
1126 }
1127
1128 static ssize_t sel_write_user(struct file *file, char *buf, size_t size)
1129 {
1130 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
1131 struct selinux_state *state = fsi->state;
1132 char *con = NULL, *user = NULL, *ptr;
1133 u32 sid, *sids = NULL;
1134 ssize_t length;
1135 char *newcon;
1136 int i, rc;
1137 u32 len, nsids;
1138
1139 length = avc_has_perm(&selinux_state,
1140 current_sid(), SECINITSID_SECURITY,
1141 SECCLASS_SECURITY, SECURITY__COMPUTE_USER,
1142 NULL);
1143 if (length)
1144 goto out;
1145
1146 length = -ENOMEM;
1147 con = kzalloc(size + 1, GFP_KERNEL);
1148 if (!con)
1149 goto out;
1150
1151 length = -ENOMEM;
1152 user = kzalloc(size + 1, GFP_KERNEL);
1153 if (!user)
1154 goto out;
1155
1156 length = -EINVAL;
1157 if (sscanf(buf, "%s %s", con, user) != 2)
1158 goto out;
1159
1160 length = security_context_str_to_sid(state, con, &sid, GFP_KERNEL);
1161 if (length)
1162 goto out;
1163
1164 length = security_get_user_sids(state, sid, user, &sids, &nsids);
1165 if (length)
1166 goto out;
1167
1168 length = sprintf(buf, "%u", nsids) + 1;
1169 ptr = buf + length;
1170 for (i = 0; i < nsids; i++) {
1171 rc = security_sid_to_context(state, sids[i], &newcon, &len);
1172 if (rc) {
1173 length = rc;
1174 goto out;
1175 }
1176 if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) {
1177 kfree(newcon);
1178 length = -ERANGE;
1179 goto out;
1180 }
1181 memcpy(ptr, newcon, len);
1182 kfree(newcon);
1183 ptr += len;
1184 length += len;
1185 }
1186 out:
1187 kfree(sids);
1188 kfree(user);
1189 kfree(con);
1190 return length;
1191 }
1192
1193 static ssize_t sel_write_member(struct file *file, char *buf, size_t size)
1194 {
1195 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
1196 struct selinux_state *state = fsi->state;
1197 char *scon = NULL, *tcon = NULL;
1198 u32 ssid, tsid, newsid;
1199 u16 tclass;
1200 ssize_t length;
1201 char *newcon = NULL;
1202 u32 len;
1203
1204 length = avc_has_perm(&selinux_state,
1205 current_sid(), SECINITSID_SECURITY,
1206 SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER,
1207 NULL);
1208 if (length)
1209 goto out;
1210
1211 length = -ENOMEM;
1212 scon = kzalloc(size + 1, GFP_KERNEL);
1213 if (!scon)
1214 goto out;
1215
1216 length = -ENOMEM;
1217 tcon = kzalloc(size + 1, GFP_KERNEL);
1218 if (!tcon)
1219 goto out;
1220
1221 length = -EINVAL;
1222 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
1223 goto out;
1224
1225 length = security_context_str_to_sid(state, scon, &ssid, GFP_KERNEL);
1226 if (length)
1227 goto out;
1228
1229 length = security_context_str_to_sid(state, tcon, &tsid, GFP_KERNEL);
1230 if (length)
1231 goto out;
1232
1233 length = security_member_sid(state, ssid, tsid, tclass, &newsid);
1234 if (length)
1235 goto out;
1236
1237 length = security_sid_to_context(state, newsid, &newcon, &len);
1238 if (length)
1239 goto out;
1240
1241 length = -ERANGE;
1242 if (len > SIMPLE_TRANSACTION_LIMIT) {
1243 pr_err("SELinux: %s: context size (%u) exceeds "
1244 "payload max\n", __func__, len);
1245 goto out;
1246 }
1247
1248 memcpy(buf, newcon, len);
1249 length = len;
1250 out:
1251 kfree(newcon);
1252 kfree(tcon);
1253 kfree(scon);
1254 return length;
1255 }
1256
1257 static struct inode *sel_make_inode(struct super_block *sb, int mode)
1258 {
1259 struct inode *ret = new_inode(sb);
1260
1261 if (ret) {
1262 ret->i_mode = mode;
1263 ret->i_atime = ret->i_mtime = ret->i_ctime = current_time(ret);
1264 }
1265 return ret;
1266 }
1267
1268 static ssize_t sel_read_bool(struct file *filep, char __user *buf,
1269 size_t count, loff_t *ppos)
1270 {
1271 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info;
1272 char *page = NULL;
1273 ssize_t length;
1274 ssize_t ret;
1275 int cur_enforcing;
1276 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK;
1277 const char *name = filep->f_path.dentry->d_name.name;
1278
1279 mutex_lock(&fsi->state->policy_mutex);
1280
1281 ret = -EINVAL;
1282 if (index >= fsi->bool_num || strcmp(name,
1283 fsi->bool_pending_names[index]))
1284 goto out_unlock;
1285
1286 ret = -ENOMEM;
1287 page = (char *)get_zeroed_page(GFP_KERNEL);
1288 if (!page)
1289 goto out_unlock;
1290
1291 cur_enforcing = security_get_bool_value(fsi->state, index);
1292 if (cur_enforcing < 0) {
1293 ret = cur_enforcing;
1294 goto out_unlock;
1295 }
1296 length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing,
1297 fsi->bool_pending_values[index]);
1298 mutex_unlock(&fsi->state->policy_mutex);
1299 ret = simple_read_from_buffer(buf, count, ppos, page, length);
1300 out_free:
1301 free_page((unsigned long)page);
1302 return ret;
1303
1304 out_unlock:
1305 mutex_unlock(&fsi->state->policy_mutex);
1306 goto out_free;
1307 }
1308
1309 static ssize_t sel_write_bool(struct file *filep, const char __user *buf,
1310 size_t count, loff_t *ppos)
1311 {
1312 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info;
1313 char *page = NULL;
1314 ssize_t length;
1315 int new_value;
1316 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK;
1317 const char *name = filep->f_path.dentry->d_name.name;
1318
1319 if (count >= PAGE_SIZE)
1320 return -ENOMEM;
1321
1322
1323 if (*ppos != 0)
1324 return -EINVAL;
1325
1326 page = memdup_user_nul(buf, count);
1327 if (IS_ERR(page))
1328 return PTR_ERR(page);
1329
1330 mutex_lock(&fsi->state->policy_mutex);
1331
1332 length = avc_has_perm(&selinux_state,
1333 current_sid(), SECINITSID_SECURITY,
1334 SECCLASS_SECURITY, SECURITY__SETBOOL,
1335 NULL);
1336 if (length)
1337 goto out;
1338
1339 length = -EINVAL;
1340 if (index >= fsi->bool_num || strcmp(name,
1341 fsi->bool_pending_names[index]))
1342 goto out;
1343
1344 length = -EINVAL;
1345 if (sscanf(page, "%d", &new_value) != 1)
1346 goto out;
1347
1348 if (new_value)
1349 new_value = 1;
1350
1351 fsi->bool_pending_values[index] = new_value;
1352 length = count;
1353
1354 out:
1355 mutex_unlock(&fsi->state->policy_mutex);
1356 kfree(page);
1357 return length;
1358 }
1359
1360 static const struct file_operations sel_bool_ops = {
1361 .read = sel_read_bool,
1362 .write = sel_write_bool,
1363 .llseek = generic_file_llseek,
1364 };
1365
1366 static ssize_t sel_commit_bools_write(struct file *filep,
1367 const char __user *buf,
1368 size_t count, loff_t *ppos)
1369 {
1370 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info;
1371 char *page = NULL;
1372 ssize_t length;
1373 int new_value;
1374
1375 if (count >= PAGE_SIZE)
1376 return -ENOMEM;
1377
1378
1379 if (*ppos != 0)
1380 return -EINVAL;
1381
1382 page = memdup_user_nul(buf, count);
1383 if (IS_ERR(page))
1384 return PTR_ERR(page);
1385
1386 mutex_lock(&fsi->state->policy_mutex);
1387
1388 length = avc_has_perm(&selinux_state,
1389 current_sid(), SECINITSID_SECURITY,
1390 SECCLASS_SECURITY, SECURITY__SETBOOL,
1391 NULL);
1392 if (length)
1393 goto out;
1394
1395 length = -EINVAL;
1396 if (sscanf(page, "%d", &new_value) != 1)
1397 goto out;
1398
1399 length = 0;
1400 if (new_value && fsi->bool_pending_values)
1401 length = security_set_bools(fsi->state, fsi->bool_num,
1402 fsi->bool_pending_values);
1403
1404 if (!length)
1405 length = count;
1406
1407 out:
1408 mutex_unlock(&fsi->state->policy_mutex);
1409 kfree(page);
1410 return length;
1411 }
1412
1413 static const struct file_operations sel_commit_bools_ops = {
1414 .write = sel_commit_bools_write,
1415 .llseek = generic_file_llseek,
1416 };
1417
1418 static void sel_remove_entries(struct dentry *de)
1419 {
1420 d_genocide(de);
1421 shrink_dcache_parent(de);
1422 }
1423
1424 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir,
1425 unsigned int *bool_num, char ***bool_pending_names,
1426 unsigned int **bool_pending_values)
1427 {
1428 int ret;
1429 ssize_t len;
1430 struct dentry *dentry = NULL;
1431 struct inode *inode = NULL;
1432 struct inode_security_struct *isec;
1433 char **names = NULL, *page;
1434 u32 i, num;
1435 int *values = NULL;
1436 u32 sid;
1437
1438 ret = -ENOMEM;
1439 page = (char *)get_zeroed_page(GFP_KERNEL);
1440 if (!page)
1441 goto out;
1442
1443 ret = security_get_bools(newpolicy, &num, &names, &values);
1444 if (ret)
1445 goto out;
1446
1447 for (i = 0; i < num; i++) {
1448 ret = -ENOMEM;
1449 dentry = d_alloc_name(bool_dir, names[i]);
1450 if (!dentry)
1451 goto out;
1452
1453 ret = -ENOMEM;
1454 inode = sel_make_inode(bool_dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR);
1455 if (!inode) {
1456 dput(dentry);
1457 goto out;
1458 }
1459
1460 ret = -ENAMETOOLONG;
1461 len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]);
1462 if (len >= PAGE_SIZE) {
1463 dput(dentry);
1464 iput(inode);
1465 goto out;
1466 }
1467
1468 isec = selinux_inode(inode);
1469 ret = selinux_policy_genfs_sid(newpolicy, "selinuxfs", page,
1470 SECCLASS_FILE, &sid);
1471 if (ret) {
1472 pr_warn_ratelimited("SELinux: no sid found, defaulting to security isid for %s\n",
1473 page);
1474 sid = SECINITSID_SECURITY;
1475 }
1476
1477 isec->sid = sid;
1478 isec->initialized = LABEL_INITIALIZED;
1479 inode->i_fop = &sel_bool_ops;
1480 inode->i_ino = i|SEL_BOOL_INO_OFFSET;
1481 d_add(dentry, inode);
1482 }
1483 *bool_num = num;
1484 *bool_pending_names = names;
1485 *bool_pending_values = values;
1486
1487 free_page((unsigned long)page);
1488 return 0;
1489 out:
1490 free_page((unsigned long)page);
1491
1492 if (names) {
1493 for (i = 0; i < num; i++)
1494 kfree(names[i]);
1495 kfree(names);
1496 }
1497 kfree(values);
1498 sel_remove_entries(bool_dir);
1499
1500 return ret;
1501 }
1502
1503 static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf,
1504 size_t count, loff_t *ppos)
1505 {
1506 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
1507 struct selinux_state *state = fsi->state;
1508 char tmpbuf[TMPBUFLEN];
1509 ssize_t length;
1510
1511 length = scnprintf(tmpbuf, TMPBUFLEN, "%u",
1512 avc_get_cache_threshold(state->avc));
1513 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
1514 }
1515
1516 static ssize_t sel_write_avc_cache_threshold(struct file *file,
1517 const char __user *buf,
1518 size_t count, loff_t *ppos)
1519
1520 {
1521 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
1522 struct selinux_state *state = fsi->state;
1523 char *page;
1524 ssize_t ret;
1525 unsigned int new_value;
1526
1527 ret = avc_has_perm(&selinux_state,
1528 current_sid(), SECINITSID_SECURITY,
1529 SECCLASS_SECURITY, SECURITY__SETSECPARAM,
1530 NULL);
1531 if (ret)
1532 return ret;
1533
1534 if (count >= PAGE_SIZE)
1535 return -ENOMEM;
1536
1537
1538 if (*ppos != 0)
1539 return -EINVAL;
1540
1541 page = memdup_user_nul(buf, count);
1542 if (IS_ERR(page))
1543 return PTR_ERR(page);
1544
1545 ret = -EINVAL;
1546 if (sscanf(page, "%u", &new_value) != 1)
1547 goto out;
1548
1549 avc_set_cache_threshold(state->avc, new_value);
1550
1551 ret = count;
1552 out:
1553 kfree(page);
1554 return ret;
1555 }
1556
1557 static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf,
1558 size_t count, loff_t *ppos)
1559 {
1560 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
1561 struct selinux_state *state = fsi->state;
1562 char *page;
1563 ssize_t length;
1564
1565 page = (char *)__get_free_page(GFP_KERNEL);
1566 if (!page)
1567 return -ENOMEM;
1568
1569 length = avc_get_hash_stats(state->avc, page);
1570 if (length >= 0)
1571 length = simple_read_from_buffer(buf, count, ppos, page, length);
1572 free_page((unsigned long)page);
1573
1574 return length;
1575 }
1576
1577 static ssize_t sel_read_sidtab_hash_stats(struct file *filp, char __user *buf,
1578 size_t count, loff_t *ppos)
1579 {
1580 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info;
1581 struct selinux_state *state = fsi->state;
1582 char *page;
1583 ssize_t length;
1584
1585 page = (char *)__get_free_page(GFP_KERNEL);
1586 if (!page)
1587 return -ENOMEM;
1588
1589 length = security_sidtab_hash_stats(state, page);
1590 if (length >= 0)
1591 length = simple_read_from_buffer(buf, count, ppos, page,
1592 length);
1593 free_page((unsigned long)page);
1594
1595 return length;
1596 }
1597
1598 static const struct file_operations sel_sidtab_hash_stats_ops = {
1599 .read = sel_read_sidtab_hash_stats,
1600 .llseek = generic_file_llseek,
1601 };
1602
1603 static const struct file_operations sel_avc_cache_threshold_ops = {
1604 .read = sel_read_avc_cache_threshold,
1605 .write = sel_write_avc_cache_threshold,
1606 .llseek = generic_file_llseek,
1607 };
1608
1609 static const struct file_operations sel_avc_hash_stats_ops = {
1610 .read = sel_read_avc_hash_stats,
1611 .llseek = generic_file_llseek,
1612 };
1613
1614 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS
1615 static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx)
1616 {
1617 int cpu;
1618
1619 for (cpu = *idx; cpu < nr_cpu_ids; ++cpu) {
1620 if (!cpu_possible(cpu))
1621 continue;
1622 *idx = cpu + 1;
1623 return &per_cpu(avc_cache_stats, cpu);
1624 }
1625 (*idx)++;
1626 return NULL;
1627 }
1628
1629 static void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos)
1630 {
1631 loff_t n = *pos - 1;
1632
1633 if (*pos == 0)
1634 return SEQ_START_TOKEN;
1635
1636 return sel_avc_get_stat_idx(&n);
1637 }
1638
1639 static void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1640 {
1641 return sel_avc_get_stat_idx(pos);
1642 }
1643
1644 static int sel_avc_stats_seq_show(struct seq_file *seq, void *v)
1645 {
1646 struct avc_cache_stats *st = v;
1647
1648 if (v == SEQ_START_TOKEN) {
1649 seq_puts(seq,
1650 "lookups hits misses allocations reclaims frees\n");
1651 } else {
1652 unsigned int lookups = st->lookups;
1653 unsigned int misses = st->misses;
1654 unsigned int hits = lookups - misses;
1655 seq_printf(seq, "%u %u %u %u %u %u\n", lookups,
1656 hits, misses, st->allocations,
1657 st->reclaims, st->frees);
1658 }
1659 return 0;
1660 }
1661
1662 static void sel_avc_stats_seq_stop(struct seq_file *seq, void *v)
1663 { }
1664
1665 static const struct seq_operations sel_avc_cache_stats_seq_ops = {
1666 .start = sel_avc_stats_seq_start,
1667 .next = sel_avc_stats_seq_next,
1668 .show = sel_avc_stats_seq_show,
1669 .stop = sel_avc_stats_seq_stop,
1670 };
1671
1672 static int sel_open_avc_cache_stats(struct inode *inode, struct file *file)
1673 {
1674 return seq_open(file, &sel_avc_cache_stats_seq_ops);
1675 }
1676
1677 static const struct file_operations sel_avc_cache_stats_ops = {
1678 .open = sel_open_avc_cache_stats,
1679 .read = seq_read,
1680 .llseek = seq_lseek,
1681 .release = seq_release,
1682 };
1683 #endif
1684
1685 static int sel_make_avc_files(struct dentry *dir)
1686 {
1687 struct super_block *sb = dir->d_sb;
1688 struct selinux_fs_info *fsi = sb->s_fs_info;
1689 int i;
1690 static const struct tree_descr files[] = {
1691 { "cache_threshold",
1692 &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR },
1693 { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO },
1694 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS
1695 { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO },
1696 #endif
1697 };
1698
1699 for (i = 0; i < ARRAY_SIZE(files); i++) {
1700 struct inode *inode;
1701 struct dentry *dentry;
1702
1703 dentry = d_alloc_name(dir, files[i].name);
1704 if (!dentry)
1705 return -ENOMEM;
1706
1707 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
1708 if (!inode) {
1709 dput(dentry);
1710 return -ENOMEM;
1711 }
1712
1713 inode->i_fop = files[i].ops;
1714 inode->i_ino = ++fsi->last_ino;
1715 d_add(dentry, inode);
1716 }
1717
1718 return 0;
1719 }
1720
1721 static int sel_make_ss_files(struct dentry *dir)
1722 {
1723 struct super_block *sb = dir->d_sb;
1724 struct selinux_fs_info *fsi = sb->s_fs_info;
1725 int i;
1726 static struct tree_descr files[] = {
1727 { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO },
1728 };
1729
1730 for (i = 0; i < ARRAY_SIZE(files); i++) {
1731 struct inode *inode;
1732 struct dentry *dentry;
1733
1734 dentry = d_alloc_name(dir, files[i].name);
1735 if (!dentry)
1736 return -ENOMEM;
1737
1738 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
1739 if (!inode) {
1740 dput(dentry);
1741 return -ENOMEM;
1742 }
1743
1744 inode->i_fop = files[i].ops;
1745 inode->i_ino = ++fsi->last_ino;
1746 d_add(dentry, inode);
1747 }
1748
1749 return 0;
1750 }
1751
1752 static ssize_t sel_read_initcon(struct file *file, char __user *buf,
1753 size_t count, loff_t *ppos)
1754 {
1755 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
1756 char *con;
1757 u32 sid, len;
1758 ssize_t ret;
1759
1760 sid = file_inode(file)->i_ino&SEL_INO_MASK;
1761 ret = security_sid_to_context(fsi->state, sid, &con, &len);
1762 if (ret)
1763 return ret;
1764
1765 ret = simple_read_from_buffer(buf, count, ppos, con, len);
1766 kfree(con);
1767 return ret;
1768 }
1769
1770 static const struct file_operations sel_initcon_ops = {
1771 .read = sel_read_initcon,
1772 .llseek = generic_file_llseek,
1773 };
1774
1775 static int sel_make_initcon_files(struct dentry *dir)
1776 {
1777 int i;
1778
1779 for (i = 1; i <= SECINITSID_NUM; i++) {
1780 struct inode *inode;
1781 struct dentry *dentry;
1782 const char *s = security_get_initial_sid_context(i);
1783
1784 if (!s)
1785 continue;
1786 dentry = d_alloc_name(dir, s);
1787 if (!dentry)
1788 return -ENOMEM;
1789
1790 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO);
1791 if (!inode) {
1792 dput(dentry);
1793 return -ENOMEM;
1794 }
1795
1796 inode->i_fop = &sel_initcon_ops;
1797 inode->i_ino = i|SEL_INITCON_INO_OFFSET;
1798 d_add(dentry, inode);
1799 }
1800
1801 return 0;
1802 }
1803
1804 static inline unsigned long sel_class_to_ino(u16 class)
1805 {
1806 return (class * (SEL_VEC_MAX + 1)) | SEL_CLASS_INO_OFFSET;
1807 }
1808
1809 static inline u16 sel_ino_to_class(unsigned long ino)
1810 {
1811 return (ino & SEL_INO_MASK) / (SEL_VEC_MAX + 1);
1812 }
1813
1814 static inline unsigned long sel_perm_to_ino(u16 class, u32 perm)
1815 {
1816 return (class * (SEL_VEC_MAX + 1) + perm) | SEL_CLASS_INO_OFFSET;
1817 }
1818
1819 static inline u32 sel_ino_to_perm(unsigned long ino)
1820 {
1821 return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1);
1822 }
1823
1824 static ssize_t sel_read_class(struct file *file, char __user *buf,
1825 size_t count, loff_t *ppos)
1826 {
1827 unsigned long ino = file_inode(file)->i_ino;
1828 char res[TMPBUFLEN];
1829 ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_class(ino));
1830 return simple_read_from_buffer(buf, count, ppos, res, len);
1831 }
1832
1833 static const struct file_operations sel_class_ops = {
1834 .read = sel_read_class,
1835 .llseek = generic_file_llseek,
1836 };
1837
1838 static ssize_t sel_read_perm(struct file *file, char __user *buf,
1839 size_t count, loff_t *ppos)
1840 {
1841 unsigned long ino = file_inode(file)->i_ino;
1842 char res[TMPBUFLEN];
1843 ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_perm(ino));
1844 return simple_read_from_buffer(buf, count, ppos, res, len);
1845 }
1846
1847 static const struct file_operations sel_perm_ops = {
1848 .read = sel_read_perm,
1849 .llseek = generic_file_llseek,
1850 };
1851
1852 static ssize_t sel_read_policycap(struct file *file, char __user *buf,
1853 size_t count, loff_t *ppos)
1854 {
1855 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
1856 int value;
1857 char tmpbuf[TMPBUFLEN];
1858 ssize_t length;
1859 unsigned long i_ino = file_inode(file)->i_ino;
1860
1861 value = security_policycap_supported(fsi->state, i_ino & SEL_INO_MASK);
1862 length = scnprintf(tmpbuf, TMPBUFLEN, "%d", value);
1863
1864 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
1865 }
1866
1867 static const struct file_operations sel_policycap_ops = {
1868 .read = sel_read_policycap,
1869 .llseek = generic_file_llseek,
1870 };
1871
1872 static int sel_make_perm_files(struct selinux_policy *newpolicy,
1873 char *objclass, int classvalue,
1874 struct dentry *dir)
1875 {
1876 int i, rc, nperms;
1877 char **perms;
1878
1879 rc = security_get_permissions(newpolicy, objclass, &perms, &nperms);
1880 if (rc)
1881 return rc;
1882
1883 for (i = 0; i < nperms; i++) {
1884 struct inode *inode;
1885 struct dentry *dentry;
1886
1887 rc = -ENOMEM;
1888 dentry = d_alloc_name(dir, perms[i]);
1889 if (!dentry)
1890 goto out;
1891
1892 rc = -ENOMEM;
1893 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO);
1894 if (!inode) {
1895 dput(dentry);
1896 goto out;
1897 }
1898
1899 inode->i_fop = &sel_perm_ops;
1900
1901 inode->i_ino = sel_perm_to_ino(classvalue, i + 1);
1902 d_add(dentry, inode);
1903 }
1904 rc = 0;
1905 out:
1906 for (i = 0; i < nperms; i++)
1907 kfree(perms[i]);
1908 kfree(perms);
1909 return rc;
1910 }
1911
1912 static int sel_make_class_dir_entries(struct selinux_policy *newpolicy,
1913 char *classname, int index,
1914 struct dentry *dir)
1915 {
1916 struct super_block *sb = dir->d_sb;
1917 struct selinux_fs_info *fsi = sb->s_fs_info;
1918 struct dentry *dentry = NULL;
1919 struct inode *inode = NULL;
1920 int rc;
1921
1922 dentry = d_alloc_name(dir, "index");
1923 if (!dentry)
1924 return -ENOMEM;
1925
1926 inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO);
1927 if (!inode) {
1928 dput(dentry);
1929 return -ENOMEM;
1930 }
1931
1932 inode->i_fop = &sel_class_ops;
1933 inode->i_ino = sel_class_to_ino(index);
1934 d_add(dentry, inode);
1935
1936 dentry = sel_make_dir(dir, "perms", &fsi->last_class_ino);
1937 if (IS_ERR(dentry))
1938 return PTR_ERR(dentry);
1939
1940 rc = sel_make_perm_files(newpolicy, classname, index, dentry);
1941
1942 return rc;
1943 }
1944
1945 static int sel_make_classes(struct selinux_policy *newpolicy,
1946 struct dentry *class_dir,
1947 unsigned long *last_class_ino)
1948 {
1949
1950 int rc, nclasses, i;
1951 char **classes;
1952
1953 rc = security_get_classes(newpolicy, &classes, &nclasses);
1954 if (rc)
1955 return rc;
1956
1957
1958 *last_class_ino = sel_class_to_ino(nclasses + 2);
1959
1960 for (i = 0; i < nclasses; i++) {
1961 struct dentry *class_name_dir;
1962
1963 class_name_dir = sel_make_dir(class_dir, classes[i],
1964 last_class_ino);
1965 if (IS_ERR(class_name_dir)) {
1966 rc = PTR_ERR(class_name_dir);
1967 goto out;
1968 }
1969
1970
1971 rc = sel_make_class_dir_entries(newpolicy, classes[i], i + 1,
1972 class_name_dir);
1973 if (rc)
1974 goto out;
1975 }
1976 rc = 0;
1977 out:
1978 for (i = 0; i < nclasses; i++)
1979 kfree(classes[i]);
1980 kfree(classes);
1981 return rc;
1982 }
1983
1984 static int sel_make_policycap(struct selinux_fs_info *fsi)
1985 {
1986 unsigned int iter;
1987 struct dentry *dentry = NULL;
1988 struct inode *inode = NULL;
1989
1990 for (iter = 0; iter <= POLICYDB_CAP_MAX; iter++) {
1991 if (iter < ARRAY_SIZE(selinux_policycap_names))
1992 dentry = d_alloc_name(fsi->policycap_dir,
1993 selinux_policycap_names[iter]);
1994 else
1995 dentry = d_alloc_name(fsi->policycap_dir, "unknown");
1996
1997 if (dentry == NULL)
1998 return -ENOMEM;
1999
2000 inode = sel_make_inode(fsi->sb, S_IFREG | 0444);
2001 if (inode == NULL) {
2002 dput(dentry);
2003 return -ENOMEM;
2004 }
2005
2006 inode->i_fop = &sel_policycap_ops;
2007 inode->i_ino = iter | SEL_POLICYCAP_INO_OFFSET;
2008 d_add(dentry, inode);
2009 }
2010
2011 return 0;
2012 }
2013
2014 static struct dentry *sel_make_dir(struct dentry *dir, const char *name,
2015 unsigned long *ino)
2016 {
2017 struct dentry *dentry = d_alloc_name(dir, name);
2018 struct inode *inode;
2019
2020 if (!dentry)
2021 return ERR_PTR(-ENOMEM);
2022
2023 inode = sel_make_inode(dir->d_sb, S_IFDIR | S_IRUGO | S_IXUGO);
2024 if (!inode) {
2025 dput(dentry);
2026 return ERR_PTR(-ENOMEM);
2027 }
2028
2029 inode->i_op = &simple_dir_inode_operations;
2030 inode->i_fop = &simple_dir_operations;
2031 inode->i_ino = ++(*ino);
2032
2033 inc_nlink(inode);
2034 d_add(dentry, inode);
2035
2036 inc_nlink(d_inode(dir));
2037
2038 return dentry;
2039 }
2040
2041 static struct dentry *sel_make_disconnected_dir(struct super_block *sb,
2042 unsigned long *ino)
2043 {
2044 struct inode *inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO);
2045
2046 if (!inode)
2047 return ERR_PTR(-ENOMEM);
2048
2049 inode->i_op = &simple_dir_inode_operations;
2050 inode->i_fop = &simple_dir_operations;
2051 inode->i_ino = ++(*ino);
2052
2053 inc_nlink(inode);
2054 return d_obtain_alias(inode);
2055 }
2056
2057 #define NULL_FILE_NAME "null"
2058
2059 static int sel_fill_super(struct super_block *sb, struct fs_context *fc)
2060 {
2061 struct selinux_fs_info *fsi;
2062 int ret;
2063 struct dentry *dentry;
2064 struct inode *inode;
2065 struct inode_security_struct *isec;
2066
2067 static const struct tree_descr selinux_files[] = {
2068 [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR},
2069 [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR},
2070 [SEL_CONTEXT] = {"context", &transaction_ops, S_IRUGO|S_IWUGO},
2071 [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO},
2072 [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO},
2073 [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO},
2074 [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO},
2075 [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO},
2076 [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR},
2077 [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO},
2078 [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR},
2079 [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO},
2080 [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR},
2081 [SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO},
2082 [SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO},
2083 [SEL_STATUS] = {"status", &sel_handle_status_ops, S_IRUGO},
2084 [SEL_POLICY] = {"policy", &sel_policy_ops, S_IRUGO},
2085 [SEL_VALIDATE_TRANS] = {"validatetrans", &sel_transition_ops,
2086 S_IWUGO},
2087 {""}
2088 };
2089
2090 ret = selinux_fs_info_create(sb);
2091 if (ret)
2092 goto err;
2093
2094 ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files);
2095 if (ret)
2096 goto err;
2097
2098 fsi = sb->s_fs_info;
2099 fsi->bool_dir = sel_make_dir(sb->s_root, BOOL_DIR_NAME, &fsi->last_ino);
2100 if (IS_ERR(fsi->bool_dir)) {
2101 ret = PTR_ERR(fsi->bool_dir);
2102 fsi->bool_dir = NULL;
2103 goto err;
2104 }
2105
2106 ret = -ENOMEM;
2107 dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME);
2108 if (!dentry)
2109 goto err;
2110
2111 ret = -ENOMEM;
2112 inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO);
2113 if (!inode) {
2114 dput(dentry);
2115 goto err;
2116 }
2117
2118 inode->i_ino = ++fsi->last_ino;
2119 isec = selinux_inode(inode);
2120 isec->sid = SECINITSID_DEVNULL;
2121 isec->sclass = SECCLASS_CHR_FILE;
2122 isec->initialized = LABEL_INITIALIZED;
2123
2124 init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3));
2125 d_add(dentry, inode);
2126
2127 dentry = sel_make_dir(sb->s_root, "avc", &fsi->last_ino);
2128 if (IS_ERR(dentry)) {
2129 ret = PTR_ERR(dentry);
2130 goto err;
2131 }
2132
2133 ret = sel_make_avc_files(dentry);
2134 if (ret)
2135 goto err;
2136
2137 dentry = sel_make_dir(sb->s_root, "ss", &fsi->last_ino);
2138 if (IS_ERR(dentry)) {
2139 ret = PTR_ERR(dentry);
2140 goto err;
2141 }
2142
2143 ret = sel_make_ss_files(dentry);
2144 if (ret)
2145 goto err;
2146
2147 dentry = sel_make_dir(sb->s_root, "initial_contexts", &fsi->last_ino);
2148 if (IS_ERR(dentry)) {
2149 ret = PTR_ERR(dentry);
2150 goto err;
2151 }
2152
2153 ret = sel_make_initcon_files(dentry);
2154 if (ret)
2155 goto err;
2156
2157 fsi->class_dir = sel_make_dir(sb->s_root, CLASS_DIR_NAME, &fsi->last_ino);
2158 if (IS_ERR(fsi->class_dir)) {
2159 ret = PTR_ERR(fsi->class_dir);
2160 fsi->class_dir = NULL;
2161 goto err;
2162 }
2163
2164 fsi->policycap_dir = sel_make_dir(sb->s_root, POLICYCAP_DIR_NAME,
2165 &fsi->last_ino);
2166 if (IS_ERR(fsi->policycap_dir)) {
2167 ret = PTR_ERR(fsi->policycap_dir);
2168 fsi->policycap_dir = NULL;
2169 goto err;
2170 }
2171
2172 ret = sel_make_policycap(fsi);
2173 if (ret) {
2174 pr_err("SELinux: failed to load policy capabilities\n");
2175 goto err;
2176 }
2177
2178 return 0;
2179 err:
2180 pr_err("SELinux: %s: failed while creating inodes\n",
2181 __func__);
2182
2183 selinux_fs_info_free(sb);
2184
2185 return ret;
2186 }
2187
2188 static int sel_get_tree(struct fs_context *fc)
2189 {
2190 return get_tree_single(fc, sel_fill_super);
2191 }
2192
2193 static const struct fs_context_operations sel_context_ops = {
2194 .get_tree = sel_get_tree,
2195 };
2196
2197 static int sel_init_fs_context(struct fs_context *fc)
2198 {
2199 fc->ops = &sel_context_ops;
2200 return 0;
2201 }
2202
2203 static void sel_kill_sb(struct super_block *sb)
2204 {
2205 selinux_fs_info_free(sb);
2206 kill_litter_super(sb);
2207 }
2208
2209 static struct file_system_type sel_fs_type = {
2210 .name = "selinuxfs",
2211 .init_fs_context = sel_init_fs_context,
2212 .kill_sb = sel_kill_sb,
2213 };
2214
2215 static struct vfsmount *selinuxfs_mount __ro_after_init;
2216 struct path selinux_null __ro_after_init;
2217
2218 static int __init init_sel_fs(void)
2219 {
2220 struct qstr null_name = QSTR_INIT(NULL_FILE_NAME,
2221 sizeof(NULL_FILE_NAME)-1);
2222 int err;
2223
2224 if (!selinux_enabled_boot)
2225 return 0;
2226
2227 err = sysfs_create_mount_point(fs_kobj, "selinux");
2228 if (err)
2229 return err;
2230
2231 err = register_filesystem(&sel_fs_type);
2232 if (err) {
2233 sysfs_remove_mount_point(fs_kobj, "selinux");
2234 return err;
2235 }
2236
2237 selinux_null.mnt = selinuxfs_mount = kern_mount(&sel_fs_type);
2238 if (IS_ERR(selinuxfs_mount)) {
2239 pr_err("selinuxfs: could not mount!\n");
2240 err = PTR_ERR(selinuxfs_mount);
2241 selinuxfs_mount = NULL;
2242 }
2243 selinux_null.dentry = d_hash_and_lookup(selinux_null.mnt->mnt_root,
2244 &null_name);
2245 if (IS_ERR(selinux_null.dentry)) {
2246 pr_err("selinuxfs: could not lookup null!\n");
2247 err = PTR_ERR(selinux_null.dentry);
2248 selinux_null.dentry = NULL;
2249 }
2250
2251 return err;
2252 }
2253
2254 __initcall(init_sel_fs);
2255
2256 #ifdef CONFIG_SECURITY_SELINUX_DISABLE
2257 void exit_sel_fs(void)
2258 {
2259 sysfs_remove_mount_point(fs_kobj, "selinux");
2260 dput(selinux_null.dentry);
2261 kern_unmount(selinuxfs_mount);
2262 unregister_filesystem(&sel_fs_type);
2263 }
2264 #endif
