Back to home page

OSCL-LXR
 
 

     

0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * security/tomoyo/securityfs_if.c
0004  *
0005  * Copyright (C) 2005-2011  NTT DATA CORPORATION
0006  */
0007 
0008 #include <linux/security.h>
0009 #include "common.h"
0010 
0011 /**
0012  * tomoyo_check_task_acl - Check permission for task operation.
0013  *
0014  * @r:   Pointer to "struct tomoyo_request_info".
0015  * @ptr: Pointer to "struct tomoyo_acl_info".
0016  *
0017  * Returns true if granted, false otherwise.
0018  */
0019 static bool tomoyo_check_task_acl(struct tomoyo_request_info *r,
0020                   const struct tomoyo_acl_info *ptr)
0021 {
0022     const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
0023                              head);
0024 
0025     return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
0026 }
0027 
0028 /**
0029  * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface.
0030  *
0031  * @file:  Pointer to "struct file".
0032  * @buf:   Domainname to transit to.
0033  * @count: Size of @buf.
0034  * @ppos:  Unused.
0035  *
0036  * Returns @count on success, negative value otherwise.
0037  *
0038  * If domain transition was permitted but the domain transition failed, this
0039  * function returns error rather than terminating current thread with SIGKILL.
0040  */
0041 static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
0042                   size_t count, loff_t *ppos)
0043 {
0044     char *data;
0045     int error;
0046 
0047     if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
0048         return -ENOMEM;
0049     data = memdup_user_nul(buf, count);
0050     if (IS_ERR(data))
0051         return PTR_ERR(data);
0052     tomoyo_normalize_line(data);
0053     if (tomoyo_correct_domain(data)) {
0054         const int idx = tomoyo_read_lock();
0055         struct tomoyo_path_info name;
0056         struct tomoyo_request_info r;
0057 
0058         name.name = data;
0059         tomoyo_fill_path_info(&name);
0060         /* Check "task manual_domain_transition" permission. */
0061         tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
0062         r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL;
0063         r.param.task.domainname = &name;
0064         tomoyo_check_acl(&r, tomoyo_check_task_acl);
0065         if (!r.granted)
0066             error = -EPERM;
0067         else {
0068             struct tomoyo_domain_info *new_domain =
0069                 tomoyo_assign_domain(data, true);
0070             if (!new_domain) {
0071                 error = -ENOENT;
0072             } else {
0073                 struct tomoyo_task *s = tomoyo_task(current);
0074                 struct tomoyo_domain_info *old_domain =
0075                     s->domain_info;
0076 
0077                 s->domain_info = new_domain;
0078                 atomic_inc(&new_domain->users);
0079                 atomic_dec(&old_domain->users);
0080                 error = 0;
0081             }
0082         }
0083         tomoyo_read_unlock(idx);
0084     } else
0085         error = -EINVAL;
0086     kfree(data);
0087     return error ? error : count;
0088 }
0089 
0090 /**
0091  * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface.
0092  *
0093  * @file:  Pointer to "struct file".
0094  * @buf:   Domainname which current thread belongs to.
0095  * @count: Size of @buf.
0096  * @ppos:  Bytes read by now.
0097  *
0098  * Returns read size on success, negative value otherwise.
0099  */
0100 static ssize_t tomoyo_read_self(struct file *file, char __user *buf,
0101                 size_t count, loff_t *ppos)
0102 {
0103     const char *domain = tomoyo_domain()->domainname->name;
0104     loff_t len = strlen(domain);
0105     loff_t pos = *ppos;
0106 
0107     if (pos >= len || !count)
0108         return 0;
0109     len -= pos;
0110     if (count < len)
0111         len = count;
0112     if (copy_to_user(buf, domain + pos, len))
0113         return -EFAULT;
0114     *ppos += len;
0115     return len;
0116 }
0117 
0118 /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */
0119 static const struct file_operations tomoyo_self_operations = {
0120     .write = tomoyo_write_self,
0121     .read  = tomoyo_read_self,
0122 };
0123 
0124 /**
0125  * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
0126  *
0127  * @inode: Pointer to "struct inode".
0128  * @file:  Pointer to "struct file".
0129  *
0130  * Returns 0 on success, negative value otherwise.
0131  */
0132 static int tomoyo_open(struct inode *inode, struct file *file)
0133 {
0134     const u8 key = (uintptr_t) file_inode(file)->i_private;
0135 
0136     return tomoyo_open_control(key, file);
0137 }
0138 
0139 /**
0140  * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
0141  *
0142  * @inode: Pointer to "struct inode".
0143  * @file:  Pointer to "struct file".
0144  *
0145  */
0146 static int tomoyo_release(struct inode *inode, struct file *file)
0147 {
0148     tomoyo_close_control(file->private_data);
0149     return 0;
0150 }
0151 
0152 /**
0153  * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface.
0154  *
0155  * @file: Pointer to "struct file".
0156  * @wait: Pointer to "poll_table". Maybe NULL.
0157  *
0158  * Returns EPOLLIN | EPOLLRDNORM | EPOLLOUT | EPOLLWRNORM if ready to read/write,
0159  * EPOLLOUT | EPOLLWRNORM otherwise.
0160  */
0161 static __poll_t tomoyo_poll(struct file *file, poll_table *wait)
0162 {
0163     return tomoyo_poll_control(file, wait);
0164 }
0165 
0166 /**
0167  * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface.
0168  *
0169  * @file:  Pointer to "struct file".
0170  * @buf:   Pointer to buffer.
0171  * @count: Size of @buf.
0172  * @ppos:  Unused.
0173  *
0174  * Returns bytes read on success, negative value otherwise.
0175  */
0176 static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count,
0177                loff_t *ppos)
0178 {
0179     return tomoyo_read_control(file->private_data, buf, count);
0180 }
0181 
0182 /**
0183  * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface.
0184  *
0185  * @file:  Pointer to "struct file".
0186  * @buf:   Pointer to buffer.
0187  * @count: Size of @buf.
0188  * @ppos:  Unused.
0189  *
0190  * Returns @count on success, negative value otherwise.
0191  */
0192 static ssize_t tomoyo_write(struct file *file, const char __user *buf,
0193                 size_t count, loff_t *ppos)
0194 {
0195     return tomoyo_write_control(file->private_data, buf, count);
0196 }
0197 
0198 /*
0199  * tomoyo_operations is a "struct file_operations" which is used for handling
0200  * /sys/kernel/security/tomoyo/ interface.
0201  *
0202  * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR).
0203  * See tomoyo_io_buffer for internals.
0204  */
0205 static const struct file_operations tomoyo_operations = {
0206     .open    = tomoyo_open,
0207     .release = tomoyo_release,
0208     .poll    = tomoyo_poll,
0209     .read    = tomoyo_read,
0210     .write   = tomoyo_write,
0211     .llseek  = noop_llseek,
0212 };
0213 
0214 /**
0215  * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory.
0216  *
0217  * @name:   The name of the interface file.
0218  * @mode:   The permission of the interface file.
0219  * @parent: The parent directory.
0220  * @key:    Type of interface.
0221  *
0222  * Returns nothing.
0223  */
0224 static void __init tomoyo_create_entry(const char *name, const umode_t mode,
0225                        struct dentry *parent, const u8 key)
0226 {
0227     securityfs_create_file(name, mode, parent, (void *) (uintptr_t) key,
0228                    &tomoyo_operations);
0229 }
0230 
0231 /**
0232  * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface.
0233  *
0234  * Returns 0.
0235  */
0236 static int __init tomoyo_initerface_init(void)
0237 {
0238     struct tomoyo_domain_info *domain;
0239     struct dentry *tomoyo_dir;
0240 
0241     if (!tomoyo_enabled)
0242         return 0;
0243     domain = tomoyo_domain();
0244     /* Don't create securityfs entries unless registered. */
0245     if (domain != &tomoyo_kernel_domain)
0246         return 0;
0247 
0248     tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
0249     tomoyo_create_entry("query",            0600, tomoyo_dir,
0250                 TOMOYO_QUERY);
0251     tomoyo_create_entry("domain_policy",    0600, tomoyo_dir,
0252                 TOMOYO_DOMAINPOLICY);
0253     tomoyo_create_entry("exception_policy", 0600, tomoyo_dir,
0254                 TOMOYO_EXCEPTIONPOLICY);
0255     tomoyo_create_entry("audit",            0400, tomoyo_dir,
0256                 TOMOYO_AUDIT);
0257     tomoyo_create_entry(".process_status",  0600, tomoyo_dir,
0258                 TOMOYO_PROCESS_STATUS);
0259     tomoyo_create_entry("stat",             0644, tomoyo_dir,
0260                 TOMOYO_STAT);
0261     tomoyo_create_entry("profile",          0600, tomoyo_dir,
0262                 TOMOYO_PROFILE);
0263     tomoyo_create_entry("manager",          0600, tomoyo_dir,
0264                 TOMOYO_MANAGER);
0265     tomoyo_create_entry("version",          0400, tomoyo_dir,
0266                 TOMOYO_VERSION);
0267     securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL,
0268                    &tomoyo_self_operations);
0269     tomoyo_load_builtin_policy();
0270     return 0;
0271 }
0272 
0273 fs_initcall(tomoyo_initerface_init);
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!