2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, version 2.
9 * Casey Schaufler <casey@schaufler-ca.com>
10 * Ahmed S. Darwish <darwish.07@gmail.com>
12 * Special thanks to the authors of selinuxfs.
14 * Karl MacMillan <kmacmillan@tresys.com>
15 * James Morris <jmorris@redhat.com>
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/netlabel.h>
26 #include <net/cipso_ipv4.h>
27 #include <linux/seq_file.h>
28 #include <linux/ctype.h>
29 #include <linux/audit.h>
33 * smackfs pseudo filesystem.
38 SMK_LOAD = 3, /* load policy */
39 SMK_CIPSO = 4, /* load label -> CIPSO mapping */
40 SMK_DOI = 5, /* CIPSO DOI */
41 SMK_DIRECT = 6, /* CIPSO level indicating direct label */
42 SMK_AMBIENT = 7, /* internet ambient label */
43 SMK_NETLBLADDR = 8, /* single label hosts */
44 SMK_ONLYCAP = 9, /* the only "capable" label */
45 SMK_LOGGING = 10, /* logging */
51 static DEFINE_MUTEX(smack_list_lock);
52 static DEFINE_MUTEX(smack_cipso_lock);
53 static DEFINE_MUTEX(smack_ambient_lock);
54 static DEFINE_MUTEX(smk_netlbladdr_lock);
57 * This is the "ambient" label for network traffic.
58 * If it isn't somehow marked, use this.
59 * It can be reset via smackfs/ambient
61 char *smack_net_ambient = smack_known_floor.smk_known;
64 * This is the level in a CIPSO header that indicates a
65 * smack label is contained directly in the category set.
66 * It can be reset via smackfs/direct
68 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
71 * Unless a process is running with this label even
72 * having CAP_MAC_OVERRIDE isn't enough to grant
73 * privilege to violate MAC policy. If no label is
74 * designated (the NULL case) capabilities apply to
75 * everyone. It is expected that the hat (^) label
76 * will be used if any label is used.
81 * Certain IP addresses may be designated as single label hosts.
82 * Packets are sent there unlabeled, but only from tasks that
83 * can write to the specified label.
86 LIST_HEAD(smk_netlbladdr_list);
87 LIST_HEAD(smack_rule_list);
89 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
91 const char *smack_cipso_option = SMACK_CIPSO_OPTION;
94 #define SEQ_READ_FINISHED 1
97 * Values for parsing cipso rules
98 * SMK_DIGITLEN: Length of a digit field in a rule.
99 * SMK_CIPSOMIN: Minimum possible cipso rule length.
100 * SMK_CIPSOMAX: Maximum possible cipso rule length.
102 #define SMK_DIGITLEN 4
103 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
104 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
107 * Values for parsing MAC rules
108 * SMK_ACCESS: Maximum possible combination of access permissions
109 * SMK_ACCESSLEN: Maximum length for a rule access field
110 * SMK_LOADLEN: Smack rule length
112 #define SMK_OACCESS "rwxa"
113 #define SMK_ACCESS "rwxat"
114 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
115 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
116 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
117 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
120 * smk_netlabel_audit_set - fill a netlbl_audit struct
121 * @nap: structure to fill
123 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
125 nap->loginuid = audit_get_loginuid(current);
126 nap->sessionid = audit_get_sessionid(current);
127 nap->secid = smack_to_secid(smk_of_current());
131 * Values for parsing single label host rules
133 * "192.168.138.129/32 abcdefghijklmnopqrstuvw"
135 #define SMK_NETLBLADDRMIN 9
136 #define SMK_NETLBLADDRMAX 42
139 * Seq_file read operations for /smack/load
142 static void *load_seq_start(struct seq_file *s, loff_t *pos)
144 if (*pos == SEQ_READ_FINISHED)
146 if (list_empty(&smack_rule_list))
148 return smack_rule_list.next;
151 static void *load_seq_next(struct seq_file *s, void *v, loff_t *pos)
153 struct list_head *list = v;
155 if (list_is_last(list, &smack_rule_list)) {
156 *pos = SEQ_READ_FINISHED;
162 static int load_seq_show(struct seq_file *s, void *v)
164 struct list_head *list = v;
165 struct smack_rule *srp =
166 list_entry(list, struct smack_rule, list);
168 seq_printf(s, "%s %s", (char *)srp->smk_subject,
169 (char *)srp->smk_object);
173 if (srp->smk_access & MAY_READ)
175 if (srp->smk_access & MAY_WRITE)
177 if (srp->smk_access & MAY_EXEC)
179 if (srp->smk_access & MAY_APPEND)
181 if (srp->smk_access & MAY_TRANSMUTE)
183 if (srp->smk_access == 0)
191 static void load_seq_stop(struct seq_file *s, void *v)
196 static const struct seq_operations load_seq_ops = {
197 .start = load_seq_start,
198 .next = load_seq_next,
199 .show = load_seq_show,
200 .stop = load_seq_stop,
204 * smk_open_load - open() for /smack/load
205 * @inode: inode structure representing file
206 * @file: "load" file pointer
208 * For reading, use load_seq_* seq_file reading operations.
210 static int smk_open_load(struct inode *inode, struct file *file)
212 return seq_open(file, &load_seq_ops);
216 * smk_set_access - add a rule to the rule list
217 * @srp: the new rule to add
219 * Looks through the current subject/object/access list for
220 * the subject/object pair and replaces the access that was
221 * there. If the pair isn't found add it with the specified
224 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
225 * during the allocation of the new pair to add.
227 static int smk_set_access(struct smack_rule *srp)
229 struct smack_rule *sp;
232 mutex_lock(&smack_list_lock);
235 list_for_each_entry_rcu(sp, &smack_rule_list, list) {
236 if (sp->smk_subject == srp->smk_subject &&
237 sp->smk_object == srp->smk_object) {
239 sp->smk_access = srp->smk_access;
244 list_add_rcu(&srp->list, &smack_rule_list);
246 mutex_unlock(&smack_list_lock);
252 * smk_write_load - write() for /smack/load
253 * @file: file pointer, not actually used
254 * @buf: where to get the data from
256 * @ppos: where to start - must be 0
258 * Get one smack access rule from above.
259 * The format is exactly:
260 * char subject[SMK_LABELLEN]
261 * char object[SMK_LABELLEN]
262 * char access[SMK_ACCESSLEN]
264 * writes must be SMK_LABELLEN+SMK_LABELLEN+SMK_ACCESSLEN bytes.
266 static ssize_t smk_write_load(struct file *file, const char __user *buf,
267 size_t count, loff_t *ppos)
269 struct smack_rule *rule;
274 * Must have privilege.
276 * Enough data must be present.
278 if (!capable(CAP_MAC_ADMIN))
284 * Minor hack for backward compatability
286 if (count < (SMK_OLOADLEN) || count > SMK_LOADLEN)
289 data = kzalloc(SMK_LOADLEN, GFP_KERNEL);
293 if (copy_from_user(data, buf, count) != 0) {
299 * More on the minor hack for backward compatability
301 if (count == (SMK_OLOADLEN))
302 data[SMK_OLOADLEN] = '-';
304 rule = kzalloc(sizeof(*rule), GFP_KERNEL);
310 rule->smk_subject = smk_import(data, 0);
311 if (rule->smk_subject == NULL)
314 rule->smk_object = smk_import(data + SMK_LABELLEN, 0);
315 if (rule->smk_object == NULL)
318 rule->smk_access = 0;
320 switch (data[SMK_LABELLEN + SMK_LABELLEN]) {
325 rule->smk_access |= MAY_READ;
331 switch (data[SMK_LABELLEN + SMK_LABELLEN + 1]) {
336 rule->smk_access |= MAY_WRITE;
342 switch (data[SMK_LABELLEN + SMK_LABELLEN + 2]) {
347 rule->smk_access |= MAY_EXEC;
353 switch (data[SMK_LABELLEN + SMK_LABELLEN + 3]) {
358 rule->smk_access |= MAY_APPEND;
364 switch (data[SMK_LABELLEN + SMK_LABELLEN + 4]) {
369 rule->smk_access |= MAY_TRANSMUTE;
375 rc = smk_set_access(rule);
388 static const struct file_operations smk_load_ops = {
389 .open = smk_open_load,
392 .write = smk_write_load,
393 .release = seq_release,
397 * smk_cipso_doi - initialize the CIPSO domain
399 static void smk_cipso_doi(void)
402 struct cipso_v4_doi *doip;
403 struct netlbl_audit nai;
405 smk_netlabel_audit_set(&nai);
407 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
409 printk(KERN_WARNING "%s:%d remove rc = %d\n",
410 __func__, __LINE__, rc);
412 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
414 panic("smack: Failed to initialize cipso DOI.\n");
415 doip->map.std = NULL;
416 doip->doi = smk_cipso_doi_value;
417 doip->type = CIPSO_V4_MAP_PASS;
418 doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
419 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
420 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
422 rc = netlbl_cfg_cipsov4_add(doip, &nai);
424 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
425 __func__, __LINE__, rc);
429 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
431 printk(KERN_WARNING "%s:%d map add rc = %d\n",
432 __func__, __LINE__, rc);
439 * smk_unlbl_ambient - initialize the unlabeled domain
440 * @oldambient: previous domain string
442 static void smk_unlbl_ambient(char *oldambient)
445 struct netlbl_audit nai;
447 smk_netlabel_audit_set(&nai);
449 if (oldambient != NULL) {
450 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
452 printk(KERN_WARNING "%s:%d remove rc = %d\n",
453 __func__, __LINE__, rc);
456 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient, PF_INET,
459 printk(KERN_WARNING "%s:%d add rc = %d\n",
460 __func__, __LINE__, rc);
464 * Seq_file read operations for /smack/cipso
467 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
469 if (*pos == SEQ_READ_FINISHED)
471 if (list_empty(&smack_known_list))
474 return smack_known_list.next;
477 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
479 struct list_head *list = v;
482 * labels with no associated cipso value wont be printed
485 if (list_is_last(list, &smack_known_list)) {
486 *pos = SEQ_READ_FINISHED;
494 * Print cipso labels in format:
495 * label level[/cat[,cat]]
497 static int cipso_seq_show(struct seq_file *s, void *v)
499 struct list_head *list = v;
500 struct smack_known *skp =
501 list_entry(list, struct smack_known, list);
502 struct smack_cipso *scp = skp->smk_cipso;
512 seq_printf(s, "%s %3d", (char *)&skp->smk_known, scp->smk_level);
514 cbp = scp->smk_catset;
515 for (i = 0; i < SMK_LABELLEN; i++)
516 for (m = 0x80; m != 0; m >>= 1) {
518 seq_printf(s, "%c%d", sep, cat);
529 static void cipso_seq_stop(struct seq_file *s, void *v)
534 static const struct seq_operations cipso_seq_ops = {
535 .start = cipso_seq_start,
536 .stop = cipso_seq_stop,
537 .next = cipso_seq_next,
538 .show = cipso_seq_show,
542 * smk_open_cipso - open() for /smack/cipso
543 * @inode: inode structure representing file
544 * @file: "cipso" file pointer
546 * Connect our cipso_seq_* operations with /smack/cipso
549 static int smk_open_cipso(struct inode *inode, struct file *file)
551 return seq_open(file, &cipso_seq_ops);
555 * smk_write_cipso - write() for /smack/cipso
556 * @file: file pointer, not actually used
557 * @buf: where to get the data from
559 * @ppos: where to start
561 * Accepts only one cipso rule per write call.
562 * Returns number of bytes written or error code, as appropriate
564 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
565 size_t count, loff_t *ppos)
567 struct smack_known *skp;
568 struct smack_cipso *scp = NULL;
569 char mapcatset[SMK_LABELLEN];
573 ssize_t rc = -EINVAL;
580 * Must have privilege.
582 * Enough data must be present.
584 if (!capable(CAP_MAC_ADMIN))
588 if (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)
591 data = kzalloc(count + 1, GFP_KERNEL);
595 if (copy_from_user(data, buf, count) != 0) {
600 /* labels cannot begin with a '-' */
601 if (data[0] == '-') {
608 * Only allow one writer at a time. Writes should be
609 * quite rare and small in any case.
611 mutex_lock(&smack_cipso_lock);
613 skp = smk_import_entry(rule, 0);
617 rule += SMK_LABELLEN;
618 ret = sscanf(rule, "%d", &maplevel);
619 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
622 rule += SMK_DIGITLEN;
623 ret = sscanf(rule, "%d", &catlen);
624 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
627 if (count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
630 memset(mapcatset, 0, sizeof(mapcatset));
632 for (i = 0; i < catlen; i++) {
633 rule += SMK_DIGITLEN;
634 ret = sscanf(rule, "%d", &cat);
635 if (ret != 1 || cat > SMACK_CIPSO_MAXCATVAL)
638 smack_catset_bit(cat, mapcatset);
641 if (skp->smk_cipso == NULL) {
642 scp = kzalloc(sizeof(struct smack_cipso), GFP_KERNEL);
649 spin_lock_bh(&skp->smk_cipsolock);
652 scp = skp->smk_cipso;
654 skp->smk_cipso = scp;
656 scp->smk_level = maplevel;
657 memcpy(scp->smk_catset, mapcatset, sizeof(mapcatset));
659 spin_unlock_bh(&skp->smk_cipsolock);
663 mutex_unlock(&smack_cipso_lock);
669 static const struct file_operations smk_cipso_ops = {
670 .open = smk_open_cipso,
673 .write = smk_write_cipso,
674 .release = seq_release,
678 * Seq_file read operations for /smack/netlabel
681 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
683 if (*pos == SEQ_READ_FINISHED)
685 if (list_empty(&smk_netlbladdr_list))
687 return smk_netlbladdr_list.next;
690 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
692 struct list_head *list = v;
694 if (list_is_last(list, &smk_netlbladdr_list)) {
695 *pos = SEQ_READ_FINISHED;
701 #define BEBITS (sizeof(__be32) * 8)
704 * Print host/label pairs
706 static int netlbladdr_seq_show(struct seq_file *s, void *v)
708 struct list_head *list = v;
709 struct smk_netlbladdr *skp =
710 list_entry(list, struct smk_netlbladdr, list);
711 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
713 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
715 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
717 seq_printf(s, "%u.%u.%u.%u/%d %s\n",
718 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label);
723 static void netlbladdr_seq_stop(struct seq_file *s, void *v)
728 static const struct seq_operations netlbladdr_seq_ops = {
729 .start = netlbladdr_seq_start,
730 .stop = netlbladdr_seq_stop,
731 .next = netlbladdr_seq_next,
732 .show = netlbladdr_seq_show,
736 * smk_open_netlbladdr - open() for /smack/netlabel
737 * @inode: inode structure representing file
738 * @file: "netlabel" file pointer
740 * Connect our netlbladdr_seq_* operations with /smack/netlabel
743 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
745 return seq_open(file, &netlbladdr_seq_ops);
749 * smk_netlbladdr_insert
750 * @new : netlabel to insert
752 * This helper insert netlabel in the smack_netlbladdrs list
753 * sorted by netmask length (longest to smallest)
754 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr
757 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
759 struct smk_netlbladdr *m, *m_next;
761 if (list_empty(&smk_netlbladdr_list)) {
762 list_add_rcu(&new->list, &smk_netlbladdr_list);
766 m = list_entry_rcu(smk_netlbladdr_list.next,
767 struct smk_netlbladdr, list);
769 /* the comparison '>' is a bit hacky, but works */
770 if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
771 list_add_rcu(&new->list, &smk_netlbladdr_list);
775 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
776 if (list_is_last(&m->list, &smk_netlbladdr_list)) {
777 list_add_rcu(&new->list, &m->list);
780 m_next = list_entry_rcu(m->list.next,
781 struct smk_netlbladdr, list);
782 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
783 list_add_rcu(&new->list, &m->list);
791 * smk_write_netlbladdr - write() for /smack/netlabel
792 * @file: file pointer, not actually used
793 * @buf: where to get the data from
795 * @ppos: where to start
797 * Accepts only one netlbladdr per write call.
798 * Returns number of bytes written or error code, as appropriate
800 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
801 size_t count, loff_t *ppos)
803 struct smk_netlbladdr *skp;
804 struct sockaddr_in newname;
805 char smack[SMK_LABELLEN];
807 char data[SMK_NETLBLADDRMAX + 1];
808 char *host = (char *)&newname.sin_addr.s_addr;
810 struct netlbl_audit audit_info;
814 u32 mask_bits = (1<<31);
819 * Must have privilege.
821 * Enough data must be present.
822 * "<addr/mask, as a.b.c.d/e><space><label>"
823 * "<addr, as a.b.c.d><space><label>"
825 if (!capable(CAP_MAC_ADMIN))
829 if (count < SMK_NETLBLADDRMIN || count > SMK_NETLBLADDRMAX)
831 if (copy_from_user(data, buf, count) != 0)
836 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s",
837 &host[0], &host[1], &host[2], &host[3], &m, smack);
839 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
840 &host[0], &host[1], &host[2], &host[3], smack);
848 /* if smack begins with '-', its an option, don't import it */
849 if (smack[0] != '-') {
850 sp = smk_import(smack, 0);
854 /* check known options */
855 if (strcmp(smack, smack_cipso_option) == 0)
856 sp = (char *)smack_cipso_option;
861 for (temp_mask = 0; m > 0; m--) {
862 temp_mask |= mask_bits;
865 mask.s_addr = cpu_to_be32(temp_mask);
867 newname.sin_addr.s_addr &= mask.s_addr;
869 * Only allow one writer at a time. Writes should be
870 * quite rare and small in any case.
872 mutex_lock(&smk_netlbladdr_lock);
874 nsa = newname.sin_addr.s_addr;
875 /* try to find if the prefix is already in the list */
877 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) {
878 if (skp->smk_host.sin_addr.s_addr == nsa &&
879 skp->smk_mask.s_addr == mask.s_addr) {
884 smk_netlabel_audit_set(&audit_info);
887 skp = kzalloc(sizeof(*skp), GFP_KERNEL);
892 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
893 skp->smk_mask.s_addr = mask.s_addr;
895 smk_netlbladdr_insert(skp);
898 /* we delete the unlabeled entry, only if the previous label
899 * wasnt the special CIPSO option */
900 if (skp->smk_label != smack_cipso_option)
901 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
902 &skp->smk_host.sin_addr, &skp->smk_mask,
903 PF_INET, &audit_info);
910 * Now tell netlabel about the single label nature of
911 * this host so that incoming packets get labeled.
912 * but only if we didn't get the special CIPSO option
914 if (rc == 0 && sp != smack_cipso_option)
915 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
916 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET,
917 smack_to_secid(skp->smk_label), &audit_info);
922 mutex_unlock(&smk_netlbladdr_lock);
927 static const struct file_operations smk_netlbladdr_ops = {
928 .open = smk_open_netlbladdr,
931 .write = smk_write_netlbladdr,
932 .release = seq_release,
936 * smk_read_doi - read() for /smack/doi
937 * @filp: file pointer, not actually used
938 * @buf: where to put the result
939 * @count: maximum to send along
940 * @ppos: where to start
942 * Returns number of bytes read or error code, as appropriate
944 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
945 size_t count, loff_t *ppos)
953 sprintf(temp, "%d", smk_cipso_doi_value);
954 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
960 * smk_write_doi - write() for /smack/doi
961 * @file: file pointer, not actually used
962 * @buf: where to get the data from
964 * @ppos: where to start
966 * Returns number of bytes written or error code, as appropriate
968 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
969 size_t count, loff_t *ppos)
974 if (!capable(CAP_MAC_ADMIN))
977 if (count >= sizeof(temp) || count == 0)
980 if (copy_from_user(temp, buf, count) != 0)
985 if (sscanf(temp, "%d", &i) != 1)
988 smk_cipso_doi_value = i;
995 static const struct file_operations smk_doi_ops = {
996 .read = smk_read_doi,
997 .write = smk_write_doi,
998 .llseek = default_llseek,
1002 * smk_read_direct - read() for /smack/direct
1003 * @filp: file pointer, not actually used
1004 * @buf: where to put the result
1005 * @count: maximum to send along
1006 * @ppos: where to start
1008 * Returns number of bytes read or error code, as appropriate
1010 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1011 size_t count, loff_t *ppos)
1019 sprintf(temp, "%d", smack_cipso_direct);
1020 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1026 * smk_write_direct - write() for /smack/direct
1027 * @file: file pointer, not actually used
1028 * @buf: where to get the data from
1029 * @count: bytes sent
1030 * @ppos: where to start
1032 * Returns number of bytes written or error code, as appropriate
1034 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1035 size_t count, loff_t *ppos)
1040 if (!capable(CAP_MAC_ADMIN))
1043 if (count >= sizeof(temp) || count == 0)
1046 if (copy_from_user(temp, buf, count) != 0)
1051 if (sscanf(temp, "%d", &i) != 1)
1054 smack_cipso_direct = i;
1059 static const struct file_operations smk_direct_ops = {
1060 .read = smk_read_direct,
1061 .write = smk_write_direct,
1062 .llseek = default_llseek,
1066 * smk_read_ambient - read() for /smack/ambient
1067 * @filp: file pointer, not actually used
1068 * @buf: where to put the result
1069 * @cn: maximum to send along
1070 * @ppos: where to start
1072 * Returns number of bytes read or error code, as appropriate
1074 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1075 size_t cn, loff_t *ppos)
1083 * Being careful to avoid a problem in the case where
1084 * smack_net_ambient gets changed in midstream.
1086 mutex_lock(&smack_ambient_lock);
1088 asize = strlen(smack_net_ambient) + 1;
1091 rc = simple_read_from_buffer(buf, cn, ppos,
1092 smack_net_ambient, asize);
1096 mutex_unlock(&smack_ambient_lock);
1102 * smk_write_ambient - write() for /smack/ambient
1103 * @file: file pointer, not actually used
1104 * @buf: where to get the data from
1105 * @count: bytes sent
1106 * @ppos: where to start
1108 * Returns number of bytes written or error code, as appropriate
1110 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1111 size_t count, loff_t *ppos)
1113 char in[SMK_LABELLEN];
1117 if (!capable(CAP_MAC_ADMIN))
1120 if (count >= SMK_LABELLEN)
1123 if (copy_from_user(in, buf, count) != 0)
1126 smack = smk_import(in, count);
1130 mutex_lock(&smack_ambient_lock);
1132 oldambient = smack_net_ambient;
1133 smack_net_ambient = smack;
1134 smk_unlbl_ambient(oldambient);
1136 mutex_unlock(&smack_ambient_lock);
1141 static const struct file_operations smk_ambient_ops = {
1142 .read = smk_read_ambient,
1143 .write = smk_write_ambient,
1144 .llseek = default_llseek,
1148 * smk_read_onlycap - read() for /smack/onlycap
1149 * @filp: file pointer, not actually used
1150 * @buf: where to put the result
1151 * @cn: maximum to send along
1152 * @ppos: where to start
1154 * Returns number of bytes read or error code, as appropriate
1156 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf,
1157 size_t cn, loff_t *ppos)
1160 ssize_t rc = -EINVAL;
1166 if (smack_onlycap != NULL)
1167 smack = smack_onlycap;
1169 asize = strlen(smack) + 1;
1172 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
1178 * smk_write_onlycap - write() for /smack/onlycap
1179 * @file: file pointer, not actually used
1180 * @buf: where to get the data from
1181 * @count: bytes sent
1182 * @ppos: where to start
1184 * Returns number of bytes written or error code, as appropriate
1186 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1187 size_t count, loff_t *ppos)
1189 char in[SMK_LABELLEN];
1190 char *sp = smk_of_task(current->cred->security);
1192 if (!capable(CAP_MAC_ADMIN))
1196 * This can be done using smk_access() but is done
1197 * explicitly for clarity. The smk_access() implementation
1198 * would use smk_access(smack_onlycap, MAY_WRITE)
1200 if (smack_onlycap != NULL && smack_onlycap != sp)
1203 if (count >= SMK_LABELLEN)
1206 if (copy_from_user(in, buf, count) != 0)
1210 * Should the null string be passed in unset the onlycap value.
1211 * This seems like something to be careful with as usually
1212 * smk_import only expects to return NULL for errors. It
1213 * is usually the case that a nullstring or "\n" would be
1214 * bad to pass to smk_import but in fact this is useful here.
1216 smack_onlycap = smk_import(in, count);
1221 static const struct file_operations smk_onlycap_ops = {
1222 .read = smk_read_onlycap,
1223 .write = smk_write_onlycap,
1224 .llseek = default_llseek,
1228 * smk_read_logging - read() for /smack/logging
1229 * @filp: file pointer, not actually used
1230 * @buf: where to put the result
1231 * @cn: maximum to send along
1232 * @ppos: where to start
1234 * Returns number of bytes read or error code, as appropriate
1236 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1237 size_t count, loff_t *ppos)
1245 sprintf(temp, "%d\n", log_policy);
1246 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1251 * smk_write_logging - write() for /smack/logging
1252 * @file: file pointer, not actually used
1253 * @buf: where to get the data from
1254 * @count: bytes sent
1255 * @ppos: where to start
1257 * Returns number of bytes written or error code, as appropriate
1259 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1260 size_t count, loff_t *ppos)
1265 if (!capable(CAP_MAC_ADMIN))
1268 if (count >= sizeof(temp) || count == 0)
1271 if (copy_from_user(temp, buf, count) != 0)
1276 if (sscanf(temp, "%d", &i) != 1)
1286 static const struct file_operations smk_logging_ops = {
1287 .read = smk_read_logging,
1288 .write = smk_write_logging,
1289 .llseek = default_llseek,
1292 * smk_fill_super - fill the /smackfs superblock
1293 * @sb: the empty superblock
1297 * Fill in the well known entries for /smack
1299 * Returns 0 on success, an error code on failure
1301 static int smk_fill_super(struct super_block *sb, void *data, int silent)
1304 struct inode *root_inode;
1306 static struct tree_descr smack_files[] = {
1308 {"load", &smk_load_ops, S_IRUGO|S_IWUSR},
1310 {"cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
1312 {"doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
1314 {"direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
1316 {"ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
1318 {"netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
1320 {"onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
1322 {"logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
1326 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
1328 printk(KERN_ERR "%s failed %d while creating inodes\n",
1333 root_inode = sb->s_root->d_inode;
1334 root_inode->i_security = new_inode_smack(smack_known_floor.smk_known);
1340 * smk_mount - get the smackfs superblock
1341 * @fs_type: passed along without comment
1342 * @flags: passed along without comment
1343 * @dev_name: passed along without comment
1344 * @data: passed along without comment
1346 * Just passes everything along.
1348 * Returns what the lower level code does.
1350 static struct dentry *smk_mount(struct file_system_type *fs_type,
1351 int flags, const char *dev_name, void *data)
1353 return mount_single(fs_type, flags, data, smk_fill_super);
1356 static struct file_system_type smk_fs_type = {
1359 .kill_sb = kill_litter_super,
1362 static struct vfsmount *smackfs_mount;
1365 * init_smk_fs - get the smackfs superblock
1367 * register the smackfs
1369 * Do not register smackfs if Smack wasn't enabled
1370 * on boot. We can not put this method normally under the
1371 * smack_init() code path since the security subsystem get
1372 * initialized before the vfs caches.
1374 * Returns true if we were not chosen on boot or if
1375 * we were chosen and filesystem registration succeeded.
1377 static int __init init_smk_fs(void)
1381 if (!security_module_enable(&smack_ops))
1384 err = register_filesystem(&smk_fs_type);
1386 smackfs_mount = kern_mount(&smk_fs_type);
1387 if (IS_ERR(smackfs_mount)) {
1388 printk(KERN_ERR "smackfs: could not mount!\n");
1389 err = PTR_ERR(smackfs_mount);
1390 smackfs_mount = NULL;
1395 smk_unlbl_ambient(NULL);
1400 __initcall(init_smk_fs);
projects / linux-flexiantxendom0-natty.git / blob