]>
Commit | Line | Data |
---|---|---|
c3ef1500 | 1 | /* |
0f2a55d5 | 2 | * security/tomoyo/securityfs_if.c |
c3ef1500 | 3 | * |
0f2a55d5 | 4 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
c3ef1500 TH |
5 | */ |
6 | ||
7 | #include <linux/security.h> | |
8 | #include "common.h" | |
9 | ||
731d37aa TH |
10 | /** |
11 | * tomoyo_check_task_acl - Check permission for task operation. | |
12 | * | |
13 | * @r: Pointer to "struct tomoyo_request_info". | |
14 | * @ptr: Pointer to "struct tomoyo_acl_info". | |
15 | * | |
16 | * Returns true if granted, false otherwise. | |
17 | */ | |
18 | static bool tomoyo_check_task_acl(struct tomoyo_request_info *r, | |
19 | const struct tomoyo_acl_info *ptr) | |
20 | { | |
21 | const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl), | |
22 | head); | |
23 | return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname); | |
24 | } | |
25 | ||
26 | /** | |
27 | * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface. | |
28 | * | |
29 | * @file: Pointer to "struct file". | |
30 | * @buf: Domainname to transit to. | |
31 | * @count: Size of @buf. | |
32 | * @ppos: Unused. | |
33 | * | |
34 | * Returns @count on success, negative value otherwise. | |
35 | * | |
36 | * If domain transition was permitted but the domain transition failed, this | |
37 | * function returns error rather than terminating current thread with SIGKILL. | |
38 | */ | |
39 | static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, | |
40 | size_t count, loff_t *ppos) | |
41 | { | |
42 | char *data; | |
43 | int error; | |
44 | if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10) | |
45 | return -ENOMEM; | |
16e5c1fc AV |
46 | data = memdup_user_nul(buf, count); |
47 | if (IS_ERR(data)) | |
48 | return PTR_ERR(data); | |
731d37aa TH |
49 | tomoyo_normalize_line(data); |
50 | if (tomoyo_correct_domain(data)) { | |
51 | const int idx = tomoyo_read_lock(); | |
52 | struct tomoyo_path_info name; | |
53 | struct tomoyo_request_info r; | |
54 | name.name = data; | |
55 | tomoyo_fill_path_info(&name); | |
56 | /* Check "task manual_domain_transition" permission. */ | |
57 | tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE); | |
58 | r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL; | |
59 | r.param.task.domainname = &name; | |
60 | tomoyo_check_acl(&r, tomoyo_check_task_acl); | |
61 | if (!r.granted) | |
62 | error = -EPERM; | |
63 | else { | |
64 | struct tomoyo_domain_info *new_domain = | |
65 | tomoyo_assign_domain(data, true); | |
66 | if (!new_domain) { | |
67 | error = -ENOENT; | |
68 | } else { | |
69 | struct cred *cred = prepare_creds(); | |
70 | if (!cred) { | |
71 | error = -ENOMEM; | |
72 | } else { | |
98738d70 CS |
73 | struct tomoyo_domain_info **blob; |
74 | struct tomoyo_domain_info *old_domain; | |
75 | ||
76 | blob = tomoyo_cred(cred); | |
77 | old_domain = *blob; | |
78 | *blob = new_domain; | |
731d37aa TH |
79 | atomic_inc(&new_domain->users); |
80 | atomic_dec(&old_domain->users); | |
81 | commit_creds(cred); | |
82 | error = 0; | |
83 | } | |
84 | } | |
85 | } | |
86 | tomoyo_read_unlock(idx); | |
87 | } else | |
88 | error = -EINVAL; | |
731d37aa TH |
89 | kfree(data); |
90 | return error ? error : count; | |
91 | } | |
92 | ||
93 | /** | |
94 | * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface. | |
95 | * | |
96 | * @file: Pointer to "struct file". | |
97 | * @buf: Domainname which current thread belongs to. | |
98 | * @count: Size of @buf. | |
99 | * @ppos: Bytes read by now. | |
100 | * | |
101 | * Returns read size on success, negative value otherwise. | |
102 | */ | |
103 | static ssize_t tomoyo_read_self(struct file *file, char __user *buf, | |
104 | size_t count, loff_t *ppos) | |
105 | { | |
106 | const char *domain = tomoyo_domain()->domainname->name; | |
107 | loff_t len = strlen(domain); | |
108 | loff_t pos = *ppos; | |
109 | if (pos >= len || !count) | |
110 | return 0; | |
111 | len -= pos; | |
112 | if (count < len) | |
113 | len = count; | |
114 | if (copy_to_user(buf, domain + pos, len)) | |
115 | return -EFAULT; | |
116 | *ppos += len; | |
117 | return len; | |
118 | } | |
119 | ||
120 | /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */ | |
121 | static const struct file_operations tomoyo_self_operations = { | |
122 | .write = tomoyo_write_self, | |
123 | .read = tomoyo_read_self, | |
124 | }; | |
125 | ||
c3ef1500 TH |
126 | /** |
127 | * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface. | |
128 | * | |
129 | * @inode: Pointer to "struct inode". | |
130 | * @file: Pointer to "struct file". | |
131 | * | |
132 | * Returns 0 on success, negative value otherwise. | |
133 | */ | |
134 | static int tomoyo_open(struct inode *inode, struct file *file) | |
135 | { | |
496ad9aa | 136 | const int key = ((u8 *) file_inode(file)->i_private) |
c3ef1500 TH |
137 | - ((u8 *) NULL); |
138 | return tomoyo_open_control(key, file); | |
139 | } | |
140 | ||
141 | /** | |
142 | * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface. | |
143 | * | |
c3ef1500 TH |
144 | * @file: Pointer to "struct file". |
145 | * | |
c3ef1500 TH |
146 | */ |
147 | static int tomoyo_release(struct inode *inode, struct file *file) | |
148 | { | |
e53cfda5 AV |
149 | tomoyo_close_control(file->private_data); |
150 | return 0; | |
c3ef1500 TH |
151 | } |
152 | ||
0849e3ba | 153 | /** |
b5bc60b4 | 154 | * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface. |
0849e3ba TH |
155 | * |
156 | * @file: Pointer to "struct file". | |
6041e834 | 157 | * @wait: Pointer to "poll_table". Maybe NULL. |
0849e3ba | 158 | * |
6041e834 TH |
159 | * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write, |
160 | * POLLOUT | POLLWRNORM otherwise. | |
0849e3ba TH |
161 | */ |
162 | static unsigned int tomoyo_poll(struct file *file, poll_table *wait) | |
163 | { | |
164 | return tomoyo_poll_control(file, wait); | |
165 | } | |
166 | ||
c3ef1500 TH |
167 | /** |
168 | * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface. | |
169 | * | |
170 | * @file: Pointer to "struct file". | |
171 | * @buf: Pointer to buffer. | |
172 | * @count: Size of @buf. | |
173 | * @ppos: Unused. | |
174 | * | |
175 | * Returns bytes read on success, negative value otherwise. | |
176 | */ | |
177 | static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count, | |
178 | loff_t *ppos) | |
179 | { | |
0df7e8b8 | 180 | return tomoyo_read_control(file->private_data, buf, count); |
c3ef1500 TH |
181 | } |
182 | ||
183 | /** | |
184 | * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface. | |
185 | * | |
186 | * @file: Pointer to "struct file". | |
187 | * @buf: Pointer to buffer. | |
188 | * @count: Size of @buf. | |
189 | * @ppos: Unused. | |
190 | * | |
191 | * Returns @count on success, negative value otherwise. | |
192 | */ | |
193 | static ssize_t tomoyo_write(struct file *file, const char __user *buf, | |
194 | size_t count, loff_t *ppos) | |
195 | { | |
0df7e8b8 | 196 | return tomoyo_write_control(file->private_data, buf, count); |
c3ef1500 TH |
197 | } |
198 | ||
199 | /* | |
200 | * tomoyo_operations is a "struct file_operations" which is used for handling | |
201 | * /sys/kernel/security/tomoyo/ interface. | |
202 | * | |
203 | * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR). | |
204 | * See tomoyo_io_buffer for internals. | |
205 | */ | |
206 | static const struct file_operations tomoyo_operations = { | |
207 | .open = tomoyo_open, | |
208 | .release = tomoyo_release, | |
0849e3ba | 209 | .poll = tomoyo_poll, |
c3ef1500 TH |
210 | .read = tomoyo_read, |
211 | .write = tomoyo_write, | |
7e2deb7c | 212 | .llseek = noop_llseek, |
c3ef1500 TH |
213 | }; |
214 | ||
215 | /** | |
216 | * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory. | |
217 | * | |
218 | * @name: The name of the interface file. | |
219 | * @mode: The permission of the interface file. | |
220 | * @parent: The parent directory. | |
221 | * @key: Type of interface. | |
222 | * | |
223 | * Returns nothing. | |
224 | */ | |
52ef0c04 | 225 | static void __init tomoyo_create_entry(const char *name, const umode_t mode, |
c3ef1500 TH |
226 | struct dentry *parent, const u8 key) |
227 | { | |
228 | securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, | |
229 | &tomoyo_operations); | |
230 | } | |
231 | ||
232 | /** | |
233 | * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface. | |
234 | * | |
235 | * Returns 0. | |
236 | */ | |
237 | static int __init tomoyo_initerface_init(void) | |
238 | { | |
98738d70 | 239 | struct tomoyo_domain_info *domain; |
c3ef1500 TH |
240 | struct dentry *tomoyo_dir; |
241 | ||
98738d70 | 242 | domain = tomoyo_domain(); |
c3ef1500 | 243 | /* Don't create securityfs entries unless registered. */ |
98738d70 | 244 | if (domain != &tomoyo_kernel_domain) |
c3ef1500 TH |
245 | return 0; |
246 | ||
247 | tomoyo_dir = securityfs_create_dir("tomoyo", NULL); | |
248 | tomoyo_create_entry("query", 0600, tomoyo_dir, | |
249 | TOMOYO_QUERY); | |
250 | tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, | |
251 | TOMOYO_DOMAINPOLICY); | |
252 | tomoyo_create_entry("exception_policy", 0600, tomoyo_dir, | |
253 | TOMOYO_EXCEPTIONPOLICY); | |
eadd99cc TH |
254 | tomoyo_create_entry("audit", 0400, tomoyo_dir, |
255 | TOMOYO_AUDIT); | |
c3ef1500 TH |
256 | tomoyo_create_entry(".process_status", 0600, tomoyo_dir, |
257 | TOMOYO_PROCESS_STATUS); | |
b22b8b9f TH |
258 | tomoyo_create_entry("stat", 0644, tomoyo_dir, |
259 | TOMOYO_STAT); | |
c3ef1500 TH |
260 | tomoyo_create_entry("profile", 0600, tomoyo_dir, |
261 | TOMOYO_PROFILE); | |
262 | tomoyo_create_entry("manager", 0600, tomoyo_dir, | |
263 | TOMOYO_MANAGER); | |
264 | tomoyo_create_entry("version", 0400, tomoyo_dir, | |
265 | TOMOYO_VERSION); | |
731d37aa TH |
266 | securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL, |
267 | &tomoyo_self_operations); | |
778c4a4d | 268 | tomoyo_load_builtin_policy(); |
c3ef1500 TH |
269 | return 0; |
270 | } | |
271 | ||
272 | fs_initcall(tomoyo_initerface_init); |