]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - security/security.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: SAUCE: LSM stacking: fixup procsfs: add smack subdir to attrs
[mirror_ubuntu-artful-kernel.git] / security / security.c
1 /*
2 * Security plug functions
3 *
4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
5 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com>
6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
7 * Copyright (C) 2016 Mellanox Technologies
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 */
14
15 #include <linux/capability.h>
16 #include <linux/dcache.h>
17 #include <linux/module.h>
18 #include <linux/init.h>
19 #include <linux/kernel.h>
20 #include <linux/lsm_hooks.h>
21 #include <linux/integrity.h>
22 #include <linux/ima.h>
23 #include <linux/evm.h>
24 #include <linux/fsnotify.h>
25 #include <linux/mman.h>
26 #include <linux/mount.h>
27 #include <linux/personality.h>
28 #include <linux/backing-dev.h>
29 #include <linux/string.h>
30 #include <linux/msg.h>
31 #include <net/flow.h>
32 #include <net/sock.h>
33
34 #define MAX_LSM_EVM_XATTR 2
35
36 /* Maximum number of letters for an LSM name string */
37 #define SECURITY_NAME_MAX 10
38 #define MODULE_STACK "(stacking)"
39
40 struct security_hook_heads security_hook_heads __lsm_ro_after_init;
41 static ATOMIC_NOTIFIER_HEAD(lsm_notifier_chain);
42
43 char *lsm_names;
44 static struct lsm_blob_sizes blob_sizes;
45
46 /* Boot-time LSM user choice */
47 static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] =
48 #ifdef CONFIG_SECURITY_STACKING
49 MODULE_STACK;
50 #else
51 CONFIG_DEFAULT_SECURITY;
52 #endif
53
54 static void __init do_security_initcalls(void)
55 {
56 initcall_t *call;
57 call = __security_initcall_start;
58 while (call < __security_initcall_end) {
59 (*call) ();
60 call++;
61 }
62 }
63
64 /**
65 * security_init - initializes the security framework
66 *
67 * This should be called early in the kernel initialization sequence.
68 */
69 int __init security_init(void)
70 {
71 int i;
72 struct list_head *list = (struct list_head *) &security_hook_heads;
73
74 for (i = 0; i < sizeof(security_hook_heads) / sizeof(struct list_head);
75 i++)
76 INIT_LIST_HEAD(&list[i]);
77 pr_info("Security Framework initialized\n");
78
79 /*
80 * Load minor LSMs, with the capability module always first.
81 */
82 capability_add_hooks();
83 yama_add_hooks();
84 loadpin_add_hooks();
85
86 /*
87 * The first call to a module specific init function
88 * updates the blob size requirements.
89 */
90 do_security_initcalls();
91
92 /*
93 * The second call to a module specific init function
94 * adds hooks to the hook lists and does any other early
95 * initializations required.
96 */
97 do_security_initcalls();
98
99 #ifdef CONFIG_SECURITY_LSM_DEBUG
100 pr_info("LSM: cred blob size = %d\n", blob_sizes.lbs_cred);
101 pr_info("LSM: file blob size = %d\n", blob_sizes.lbs_file);
102 pr_info("LSM: inode blob size = %d\n", blob_sizes.lbs_inode);
103 pr_info("LSM: ipc blob size = %d\n", blob_sizes.lbs_ipc);
104 #ifdef CONFIG_KEYS
105 pr_info("LSM: key blob size = %d\n", blob_sizes.lbs_key);
106 #endif /* CONFIG_KEYS */
107 pr_info("LSM: msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg);
108 pr_info("LSM: sock blob size = %d\n", blob_sizes.lbs_sock);
109 pr_info("LSM: superblock blob size = %d\n", blob_sizes.lbs_superblock);
110 pr_info("LSM: task blob size = %d\n", blob_sizes.lbs_task);
111 #endif /* CONFIG_SECURITY_LSM_DEBUG */
112
113 return 0;
114 }
115
116 /* Save user chosen LSM */
117 static int __init choose_lsm(char *str)
118 {
119 strncpy(chosen_lsm, str, SECURITY_NAME_MAX);
120 return 1;
121 }
122 __setup("security=", choose_lsm);
123
124 static bool match_last_lsm(const char *list, const char *lsm)
125 {
126 const char *last;
127
128 if (WARN_ON(!list || !lsm))
129 return false;
130 last = strrchr(list, ',');
131 if (last)
132 /* Pass the comma, strcmp() will check for '\0' */
133 last++;
134 else
135 last = list;
136 return !strcmp(last, lsm);
137 }
138
139 static int lsm_append(char *new, char **result)
140 {
141 char *cp;
142
143 if (*result == NULL) {
144 *result = kstrdup(new, GFP_KERNEL);
145 } else {
146 /* Check if it is the last registered name */
147 if (match_last_lsm(*result, new))
148 return 0;
149 cp = kasprintf(GFP_KERNEL, "%s,%s", *result, new);
150 if (cp == NULL)
151 return -ENOMEM;
152 kfree(*result);
153 *result = cp;
154 }
155 return 0;
156 }
157
158 /**
159 * security_module_enable - Load given security module on boot ?
160 * @module: the name of the module
161 * @stacked: indicates that the module wants to be stacked
162 *
163 * Each LSM must pass this method before registering its own operations
164 * to avoid security registration races. This method may also be used
165 * to check if your LSM is currently loaded during kernel initialization.
166 *
167 * Returns:
168 *
169 * true if:
170 *
171 * - The passed LSM is the one chosen by user at boot time,
172 * - or the passed LSM is configured as the default and the user did not
173 * choose an alternate LSM at boot time.
174 *
175 * Otherwise, return false.
176 */
177 bool __init security_module_enable(const char *lsm, const bool stacked)
178 {
179 #ifdef CONFIG_SECURITY_STACKING
180 /*
181 * Module defined on the command line security=XXXX
182 */
183 if (strcmp(chosen_lsm, MODULE_STACK)) {
184 if (!strcmp(lsm, chosen_lsm)) {
185 pr_info("Command line sets the %s security module.\n",
186 lsm);
187 return true;
188 }
189 return false;
190 }
191 /*
192 * Module configured as stacked.
193 */
194 return stacked;
195 #else
196 if (strcmp(lsm, chosen_lsm) == 0)
197 return true;
198 return false;
199 #endif
200 }
201
202 /**
203 * security_add_hooks - Add a modules hooks to the hook lists.
204 * @hooks: the hooks to add
205 * @count: the number of hooks to add
206 * @lsm: the name of the security module
207 *
208 * Each LSM has to register its hooks with the infrastructure.
209 */
210 void __init security_add_hooks(struct security_hook_list *hooks, int count,
211 char *lsm)
212 {
213 int i;
214
215 for (i = 0; i < count; i++) {
216 hooks[i].lsm = lsm;
217 list_add_tail_rcu(&hooks[i].list, hooks[i].head);
218 }
219 if (lsm_append(lsm, &lsm_names) < 0)
220 panic("%s - Cannot get early memory.\n", __func__);
221 }
222
223 int call_lsm_notifier(enum lsm_event event, void *data)
224 {
225 return atomic_notifier_call_chain(&lsm_notifier_chain, event, data);
226 }
227 EXPORT_SYMBOL(call_lsm_notifier);
228
229 int register_lsm_notifier(struct notifier_block *nb)
230 {
231 return atomic_notifier_chain_register(&lsm_notifier_chain, nb);
232 }
233 EXPORT_SYMBOL(register_lsm_notifier);
234
235 int unregister_lsm_notifier(struct notifier_block *nb)
236 {
237 return atomic_notifier_chain_unregister(&lsm_notifier_chain, nb);
238 }
239 EXPORT_SYMBOL(unregister_lsm_notifier);
240
241 /**
242 * lsm_cred_alloc - allocate a composite cred blob
243 * @cred: the cred that needs a blob
244 * @gfp: allocation type
245 *
246 * Allocate the cred blob for all the modules
247 *
248 * Returns 0, or -ENOMEM if memory can't be allocated.
249 */
250 int lsm_cred_alloc(struct cred *cred, gfp_t gfp)
251 {
252 #ifdef CONFIG_SECURITY_LSM_DEBUG
253 if (cred->security)
254 pr_info("%s: Inbound cred blob is not NULL.\n", __func__);
255 #endif
256 if (blob_sizes.lbs_cred == 0)
257 return 0;
258
259 cred->security = kzalloc(blob_sizes.lbs_cred, gfp);
260 if (cred->security == NULL)
261 return -ENOMEM;
262 return 0;
263 }
264
265 /**
266 * lsm_early_cred - during initialization allocate a composite cred blob
267 * @cred: the cred that needs a blob
268 *
269 * Allocate the cred blob for all the modules if it's not already there
270 */
271 void lsm_early_cred(struct cred *cred)
272 {
273 int rc;
274
275 if (cred == NULL)
276 panic("%s: NULL cred.\n", __func__);
277 if (cred->security != NULL)
278 return;
279 rc = lsm_cred_alloc(cred, GFP_KERNEL);
280 if (rc)
281 panic("%s: Early cred alloc failed.\n", __func__);
282 }
283
284 static void __init lsm_set_size(int *need, int *lbs)
285 {
286 int offset;
287
288 if (*need > 0) {
289 offset = *lbs;
290 *lbs += *need;
291 *need = offset;
292 }
293 }
294
295 /**
296 * security_add_blobs - Report blob sizes
297 * @needed: the size of blobs needed by the module
298 *
299 * Each LSM has to register its blobs with the infrastructure.
300 * The "needed" data tells the infrastructure how much memory
301 * the module requires for each of its blobs. On return the
302 * structure is filled with the offset that module should use
303 * from the blob pointer.
304 */
305 void __init security_add_blobs(struct lsm_blob_sizes *needed)
306 {
307 lsm_set_size(&needed->lbs_cred, &blob_sizes.lbs_cred);
308 lsm_set_size(&needed->lbs_file, &blob_sizes.lbs_file);
309 lsm_set_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc);
310 lsm_set_size(&needed->lbs_key, &blob_sizes.lbs_key);
311 lsm_set_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg);
312 lsm_set_size(&needed->lbs_sock, &blob_sizes.lbs_sock);
313 lsm_set_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock);
314 lsm_set_size(&needed->lbs_task, &blob_sizes.lbs_task);
315 /*
316 * The inode blob gets an rcu_head in addition to
317 * what the modules might need.
318 */
319 if (needed->lbs_inode && blob_sizes.lbs_inode == 0)
320 blob_sizes.lbs_inode = sizeof(struct rcu_head);
321 lsm_set_size(&needed->lbs_inode, &blob_sizes.lbs_inode);
322 }
323
324 /**
325 * lsm_file_alloc - allocate a composite file blob
326 * @file: the file that needs a blob
327 *
328 * Allocate the file blob for all the modules
329 *
330 * Returns 0, or -ENOMEM if memory can't be allocated.
331 */
332 int lsm_file_alloc(struct file *file)
333 {
334 #ifdef CONFIG_SECURITY_LSM_DEBUG
335 if (file->f_security)
336 pr_info("%s: Inbound file blob is not NULL.\n", __func__);
337 #endif
338 if (blob_sizes.lbs_file == 0)
339 return 0;
340
341 file->f_security = kzalloc(blob_sizes.lbs_file, GFP_KERNEL);
342 if (file->f_security == NULL)
343 return -ENOMEM;
344 return 0;
345 }
346
347 /**
348 * lsm_task_alloc - allocate a composite task blob
349 * @task: the task that needs a blob
350 *
351 * Allocate the task blob for all the modules
352 *
353 * Returns 0, or -ENOMEM if memory can't be allocated.
354 */
355 int lsm_task_alloc(struct task_struct *task)
356 {
357 #ifdef CONFIG_SECURITY_LSM_DEBUG
358 if (task->security)
359 pr_info("%s: Inbound task blob is not NULL.\n", __func__);
360 #endif
361 if (blob_sizes.lbs_task == 0)
362 return 0;
363
364 task->security = kzalloc(blob_sizes.lbs_task, GFP_KERNEL);
365 if (task->security == NULL)
366 return -ENOMEM;
367 return 0;
368 }
369
370 /**
371 * lsm_inode_alloc - allocate a composite inode blob
372 * @inode: the inode that needs a blob
373 *
374 * Allocate the inode blob for all the modules
375 *
376 * Returns 0, or -ENOMEM if memory can't be allocated.
377 */
378 int lsm_inode_alloc(struct inode *inode)
379 {
380 #ifdef CONFIG_SECURITY_LSM_DEBUG
381 if (inode->i_security)
382 pr_info("%s: Inbound inode blob is not NULL.\n", __func__);
383 #endif
384 if (blob_sizes.lbs_inode == 0)
385 return 0;
386
387 inode->i_security = kzalloc(blob_sizes.lbs_inode, GFP_KERNEL);
388 if (inode->i_security == NULL)
389 return -ENOMEM;
390 return 0;
391 }
392
393 /**
394 * lsm_early_inode - during initialization allocate a composite inode blob
395 * @inode: the inode that needs a blob
396 *
397 * Allocate the inode blob for all the modules if it's not already there
398 */
399 void lsm_early_inode(struct inode *inode)
400 {
401 int rc;
402
403 if (inode == NULL)
404 panic("%s: NULL inode.\n", __func__);
405 if (inode->i_security != NULL)
406 return;
407 rc = lsm_inode_alloc(inode);
408 if (rc)
409 panic("%s: Early inode alloc failed.\n", __func__);
410 }
411
412 /**
413 * lsm_ipc_alloc - allocate a composite ipc blob
414 * @kip: the ipc that needs a blob
415 *
416 * Allocate the ipc blob for all the modules
417 *
418 * Returns 0, or -ENOMEM if memory can't be allocated.
419 */
420 int lsm_ipc_alloc(struct kern_ipc_perm *kip)
421 {
422 #ifdef CONFIG_SECURITY_LSM_DEBUG
423 if (kip->security)
424 pr_info("%s: Inbound ipc blob is not NULL.\n", __func__);
425 #endif
426 if (blob_sizes.lbs_ipc == 0)
427 return 0;
428
429 kip->security = kzalloc(blob_sizes.lbs_ipc, GFP_KERNEL);
430 if (kip->security == NULL)
431 return -ENOMEM;
432 return 0;
433 }
434
435 #ifdef CONFIG_KEYS
436 /**
437 * lsm_key_alloc - allocate a composite key blob
438 * @key: the key that needs a blob
439 *
440 * Allocate the key blob for all the modules
441 *
442 * Returns 0, or -ENOMEM if memory can't be allocated.
443 */
444 int lsm_key_alloc(struct key *key)
445 {
446 #ifdef CONFIG_SECURITY_LSM_DEBUG
447 if (key->security)
448 pr_info("%s: Inbound key blob is not NULL.\n", __func__);
449 #endif
450 if (blob_sizes.lbs_key == 0)
451 return 0;
452
453 key->security = kzalloc(blob_sizes.lbs_key, GFP_KERNEL);
454 if (key->security == NULL)
455 return -ENOMEM;
456 return 0;
457 }
458 #endif /* CONFIG_KEYS */
459
460 /**
461 * lsm_msg_msg_alloc - allocate a composite msg_msg blob
462 * @mp: the msg_msg that needs a blob
463 *
464 * Allocate the ipc blob for all the modules
465 *
466 * Returns 0, or -ENOMEM if memory can't be allocated.
467 */
468 int lsm_msg_msg_alloc(struct msg_msg *mp)
469 {
470 #ifdef CONFIG_SECURITY_LSM_DEBUG
471 if (mp->security)
472 pr_info("%s: Inbound msg_msg blob is not NULL.\n", __func__);
473 #endif
474 if (blob_sizes.lbs_msg_msg == 0)
475 return 0;
476
477 mp->security = kzalloc(blob_sizes.lbs_msg_msg, GFP_KERNEL);
478 if (mp->security == NULL)
479 return -ENOMEM;
480 return 0;
481 }
482
483 /**
484 * lsm_sock_alloc - allocate a composite sock blob
485 * @sock: the sock that needs a blob
486 * @priority: allocation mode
487 *
488 * Allocate the sock blob for all the modules
489 *
490 * Returns 0, or -ENOMEM if memory can't be allocated.
491 */
492 int lsm_sock_alloc(struct sock *sock, gfp_t priority)
493 {
494 #ifdef CONFIG_SECURITY_LSM_DEBUG
495 if (sock->sk_security)
496 pr_info("%s: Inbound sock blob is not NULL.\n", __func__);
497 #endif
498 if (blob_sizes.lbs_sock == 0)
499 return 0;
500
501 sock->sk_security = kzalloc(blob_sizes.lbs_sock, priority);
502 if (sock->sk_security == NULL)
503 return -ENOMEM;
504 return 0;
505 }
506
507 /**
508 * lsm_superblock_alloc - allocate a composite superblock blob
509 * @sb: the superblock that needs a blob
510 *
511 * Allocate the superblock blob for all the modules
512 *
513 * Returns 0, or -ENOMEM if memory can't be allocated.
514 */
515 int lsm_superblock_alloc(struct super_block *sb)
516 {
517 #ifdef CONFIG_SECURITY_LSM_DEBUG
518 if (sb->s_security)
519 pr_info("%s: Inbound superblock blob is not NULL.\n", __func__);
520 #endif
521 if (blob_sizes.lbs_superblock == 0)
522 return 0;
523
524 sb->s_security = kzalloc(blob_sizes.lbs_superblock, GFP_KERNEL);
525 if (sb->s_security == NULL)
526 return -ENOMEM;
527 return 0;
528 }
529
530 /*
531 * Hook list operation macros.
532 *
533 * call_void_hook:
534 * This is a hook that does not return a value.
535 *
536 * call_int_hook:
537 * This is a hook that returns a value.
538 */
539
540 #define call_void_hook(FUNC, ...) \
541 do { \
542 struct security_hook_list *P; \
543 \
544 list_for_each_entry(P, &security_hook_heads.FUNC, list) \
545 P->hook.FUNC(__VA_ARGS__); \
546 } while (0)
547
548 #define call_int_hook(FUNC, IRC, ...) ({ \
549 int RC = IRC; \
550 do { \
551 struct security_hook_list *P; \
552 \
553 list_for_each_entry(P, &security_hook_heads.FUNC, list) { \
554 RC = P->hook.FUNC(__VA_ARGS__); \
555 if (RC != 0) \
556 break; \
557 } \
558 } while (0); \
559 RC; \
560 })
561
562 /* Security operations */
563
564 int security_binder_set_context_mgr(struct task_struct *mgr)
565 {
566 return call_int_hook(binder_set_context_mgr, 0, mgr);
567 }
568
569 int security_binder_transaction(struct task_struct *from,
570 struct task_struct *to)
571 {
572 return call_int_hook(binder_transaction, 0, from, to);
573 }
574
575 int security_binder_transfer_binder(struct task_struct *from,
576 struct task_struct *to)
577 {
578 return call_int_hook(binder_transfer_binder, 0, from, to);
579 }
580
581 int security_binder_transfer_file(struct task_struct *from,
582 struct task_struct *to, struct file *file)
583 {
584 return call_int_hook(binder_transfer_file, 0, from, to, file);
585 }
586
587 int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
588 {
589 return call_int_hook(ptrace_access_check, 0, child, mode);
590 }
591
592 int security_ptrace_traceme(struct task_struct *parent)
593 {
594 return call_int_hook(ptrace_traceme, 0, parent);
595 }
596
597 int security_capget(struct task_struct *target,
598 kernel_cap_t *effective,
599 kernel_cap_t *inheritable,
600 kernel_cap_t *permitted)
601 {
602 return call_int_hook(capget, 0, target,
603 effective, inheritable, permitted);
604 }
605
606 int security_capset(struct cred *new, const struct cred *old,
607 const kernel_cap_t *effective,
608 const kernel_cap_t *inheritable,
609 const kernel_cap_t *permitted)
610 {
611 return call_int_hook(capset, 0, new, old,
612 effective, inheritable, permitted);
613 }
614
615 int security_capable(const struct cred *cred, struct user_namespace *ns,
616 int cap)
617 {
618 return call_int_hook(capable, 0, cred, ns, cap, SECURITY_CAP_AUDIT);
619 }
620
621 int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,
622 int cap)
623 {
624 return call_int_hook(capable, 0, cred, ns, cap, SECURITY_CAP_NOAUDIT);
625 }
626
627 int security_quotactl(int cmds, int type, int id, struct super_block *sb)
628 {
629 return call_int_hook(quotactl, 0, cmds, type, id, sb);
630 }
631
632 int security_quota_on(struct dentry *dentry)
633 {
634 return call_int_hook(quota_on, 0, dentry);
635 }
636
637 int security_syslog(int type)
638 {
639 return call_int_hook(syslog, 0, type);
640 }
641
642 int security_settime64(const struct timespec64 *ts, const struct timezone *tz)
643 {
644 return call_int_hook(settime, 0, ts, tz);
645 }
646
647 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
648 {
649 struct security_hook_list *hp;
650 int cap_sys_admin = 1;
651 int rc;
652
653 /*
654 * The module will respond with a positive value if
655 * it thinks the __vm_enough_memory() call should be
656 * made with the cap_sys_admin set. If all of the modules
657 * agree that it should be set it will. If any module
658 * thinks it should not be set it won't.
659 */
660 list_for_each_entry(hp, &security_hook_heads.vm_enough_memory, list) {
661 rc = hp->hook.vm_enough_memory(mm, pages);
662 if (rc <= 0) {
663 cap_sys_admin = 0;
664 break;
665 }
666 }
667 return __vm_enough_memory(mm, pages, cap_sys_admin);
668 }
669
670 int security_bprm_set_creds(struct linux_binprm *bprm)
671 {
672 return call_int_hook(bprm_set_creds, 0, bprm);
673 }
674
675 int security_bprm_check(struct linux_binprm *bprm)
676 {
677 int ret;
678
679 ret = call_int_hook(bprm_check_security, 0, bprm);
680 if (ret)
681 return ret;
682 return ima_bprm_check(bprm);
683 }
684
685 void security_bprm_committing_creds(struct linux_binprm *bprm)
686 {
687 call_void_hook(bprm_committing_creds, bprm);
688 }
689
690 void security_bprm_committed_creds(struct linux_binprm *bprm)
691 {
692 call_void_hook(bprm_committed_creds, bprm);
693 }
694
695 int security_bprm_secureexec(struct linux_binprm *bprm)
696 {
697 return call_int_hook(bprm_secureexec, 0, bprm);
698 }
699
700 int security_sb_alloc(struct super_block *sb)
701 {
702 int rc = lsm_superblock_alloc(sb);
703
704 if (rc)
705 return rc;
706 return call_int_hook(sb_alloc_security, 0, sb);
707 }
708
709 void security_sb_free(struct super_block *sb)
710 {
711 call_void_hook(sb_free_security, sb);
712 kfree(sb->s_security);
713 sb->s_security = NULL;
714 }
715
716 int security_sb_copy_data(char *orig, char *copy)
717 {
718 return call_int_hook(sb_copy_data, 0, orig, copy);
719 }
720 EXPORT_SYMBOL(security_sb_copy_data);
721
722 int security_sb_remount(struct super_block *sb, void *data)
723 {
724 return call_int_hook(sb_remount, 0, sb, data);
725 }
726
727 int security_sb_kern_mount(struct super_block *sb, int flags, void *data)
728 {
729 return call_int_hook(sb_kern_mount, 0, sb, flags, data);
730 }
731
732 int security_sb_show_options(struct seq_file *m, struct super_block *sb)
733 {
734 return call_int_hook(sb_show_options, 0, m, sb);
735 }
736
737 int security_sb_statfs(struct dentry *dentry)
738 {
739 return call_int_hook(sb_statfs, 0, dentry);
740 }
741
742 int security_sb_mount(const char *dev_name, const struct path *path,
743 const char *type, unsigned long flags, void *data)
744 {
745 return call_int_hook(sb_mount, 0, dev_name, path, type, flags, data);
746 }
747
748 int security_sb_umount(struct vfsmount *mnt, int flags)
749 {
750 return call_int_hook(sb_umount, 0, mnt, flags);
751 }
752
753 int security_sb_pivotroot(const struct path *old_path, const struct path *new_path)
754 {
755 return call_int_hook(sb_pivotroot, 0, old_path, new_path);
756 }
757
758 int security_sb_set_mnt_opts(struct super_block *sb,
759 struct security_mnt_opts *opts,
760 unsigned long kern_flags,
761 unsigned long *set_kern_flags)
762 {
763 return call_int_hook(sb_set_mnt_opts,
764 opts->num_mnt_opts ? -EOPNOTSUPP : 0, sb,
765 opts, kern_flags, set_kern_flags);
766 }
767 EXPORT_SYMBOL(security_sb_set_mnt_opts);
768
769 int security_sb_clone_mnt_opts(const struct super_block *oldsb,
770 struct super_block *newsb,
771 unsigned long kern_flags,
772 unsigned long *set_kern_flags)
773 {
774 return call_int_hook(sb_clone_mnt_opts, 0, oldsb, newsb,
775 kern_flags, set_kern_flags);
776 }
777 EXPORT_SYMBOL(security_sb_clone_mnt_opts);
778
779 int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts)
780 {
781 return call_int_hook(sb_parse_opts_str, 0, options, opts);
782 }
783 EXPORT_SYMBOL(security_sb_parse_opts_str);
784
785 int security_inode_alloc(struct inode *inode)
786 {
787 int rc = lsm_inode_alloc(inode);
788
789 if (rc)
790 return rc;
791 return call_int_hook(inode_alloc_security, 0, inode);
792 }
793
794 static void inode_free_by_rcu(struct rcu_head *head)
795 {
796 /*
797 * The rcu head is at the start of the inode blob
798 */
799 kfree(head);
800 }
801
802 void security_inode_free(struct inode *inode)
803 {
804 integrity_inode_free(inode);
805 call_void_hook(inode_free_security, inode);
806 /*
807 * The inode may still be referenced in a path walk and
808 * a call to security_inode_permission() can be made
809 * after inode_free_security() is called. Ideally, the VFS
810 * wouldn't do this, but fixing that is a much harder
811 * job. For now, simply free the i_security via RCU, and
812 * leave the current inode->i_security pointer intact.
813 * The inode will be freed after the RCU grace period too.
814 */
815 if (inode->i_security != NULL) {
816 call_rcu((struct rcu_head *)inode->i_security,
817 inode_free_by_rcu);
818 inode->i_security = NULL;
819 }
820 }
821
822 int security_dentry_init_security(struct dentry *dentry, int mode,
823 const struct qstr *name, void **ctx,
824 u32 *ctxlen)
825 {
826 return call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode,
827 name, ctx, ctxlen);
828 }
829 EXPORT_SYMBOL(security_dentry_init_security);
830
831 int security_dentry_create_files_as(struct dentry *dentry, int mode,
832 struct qstr *name,
833 const struct cred *old, struct cred *new)
834 {
835 return call_int_hook(dentry_create_files_as, 0, dentry, mode,
836 name, old, new);
837 }
838 EXPORT_SYMBOL(security_dentry_create_files_as);
839
840 int security_inode_init_security(struct inode *inode, struct inode *dir,
841 const struct qstr *qstr,
842 const initxattrs initxattrs, void *fs_data)
843 {
844 struct xattr new_xattrs[MAX_LSM_EVM_XATTR + 1];
845 struct xattr *lsm_xattr, *evm_xattr, *xattr;
846 int ret;
847
848 if (unlikely(IS_PRIVATE(inode)))
849 return 0;
850
851 if (!initxattrs)
852 return call_int_hook(inode_init_security, -EOPNOTSUPP, inode,
853 dir, qstr, NULL, NULL, NULL);
854 memset(new_xattrs, 0, sizeof(new_xattrs));
855 lsm_xattr = new_xattrs;
856 ret = call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir, qstr,
857 &lsm_xattr->name,
858 &lsm_xattr->value,
859 &lsm_xattr->value_len);
860 if (ret)
861 goto out;
862
863 evm_xattr = lsm_xattr + 1;
864 ret = evm_inode_init_security(inode, lsm_xattr, evm_xattr);
865 if (ret)
866 goto out;
867 ret = initxattrs(inode, new_xattrs, fs_data);
868 out:
869 for (xattr = new_xattrs; xattr->value != NULL; xattr++)
870 kfree(xattr->value);
871 return (ret == -EOPNOTSUPP) ? 0 : ret;
872 }
873 EXPORT_SYMBOL(security_inode_init_security);
874
875 int security_old_inode_init_security(struct inode *inode, struct inode *dir,
876 const struct qstr *qstr, const char **name,
877 void **value, size_t *len)
878 {
879 if (unlikely(IS_PRIVATE(inode)))
880 return -EOPNOTSUPP;
881 return call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir,
882 qstr, name, value, len);
883 }
884 EXPORT_SYMBOL(security_old_inode_init_security);
885
886 #ifdef CONFIG_SECURITY_PATH
887 int security_path_mknod(const struct path *dir, struct dentry *dentry, umode_t mode,
888 unsigned int dev)
889 {
890 if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
891 return 0;
892 return call_int_hook(path_mknod, 0, dir, dentry, mode, dev);
893 }
894 EXPORT_SYMBOL(security_path_mknod);
895
896 int security_path_mkdir(const struct path *dir, struct dentry *dentry, umode_t mode)
897 {
898 if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
899 return 0;
900 return call_int_hook(path_mkdir, 0, dir, dentry, mode);
901 }
902 EXPORT_SYMBOL(security_path_mkdir);
903
904 int security_path_rmdir(const struct path *dir, struct dentry *dentry)
905 {
906 if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
907 return 0;
908 return call_int_hook(path_rmdir, 0, dir, dentry);
909 }
910 EXPORT_SYMBOL_GPL(security_path_rmdir);
911
912 int security_path_unlink(const struct path *dir, struct dentry *dentry)
913 {
914 if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
915 return 0;
916 return call_int_hook(path_unlink, 0, dir, dentry);
917 }
918 EXPORT_SYMBOL(security_path_unlink);
919
920 int security_path_symlink(const struct path *dir, struct dentry *dentry,
921 const char *old_name)
922 {
923 if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
924 return 0;
925 return call_int_hook(path_symlink, 0, dir, dentry, old_name);
926 }
927 EXPORT_SYMBOL_GPL(security_path_symlink);
928
929 int security_path_link(struct dentry *old_dentry, const struct path *new_dir,
930 struct dentry *new_dentry)
931 {
932 if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry))))
933 return 0;
934 return call_int_hook(path_link, 0, old_dentry, new_dir, new_dentry);
935 }
936 EXPORT_SYMBOL_GPL(security_path_link);
937
938 int security_path_rename(const struct path *old_dir, struct dentry *old_dentry,
939 const struct path *new_dir, struct dentry *new_dentry,
940 unsigned int flags)
941 {
942 if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||
943 (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))
944 return 0;
945
946 if (flags & RENAME_EXCHANGE) {
947 int err = call_int_hook(path_rename, 0, new_dir, new_dentry,
948 old_dir, old_dentry);
949 if (err)
950 return err;
951 }
952
953 return call_int_hook(path_rename, 0, old_dir, old_dentry, new_dir,
954 new_dentry);
955 }
956 EXPORT_SYMBOL(security_path_rename);
957
958 int security_path_truncate(const struct path *path)
959 {
960 if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
961 return 0;
962 return call_int_hook(path_truncate, 0, path);
963 }
964 EXPORT_SYMBOL_GPL(security_path_truncate);
965
966 int security_path_chmod(const struct path *path, umode_t mode)
967 {
968 if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
969 return 0;
970 return call_int_hook(path_chmod, 0, path, mode);
971 }
972 EXPORT_SYMBOL_GPL(security_path_chmod);
973
974 int security_path_chown(const struct path *path, kuid_t uid, kgid_t gid)
975 {
976 if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
977 return 0;
978 return call_int_hook(path_chown, 0, path, uid, gid);
979 }
980 EXPORT_SYMBOL_GPL(security_path_chown);
981
982 int security_path_chroot(const struct path *path)
983 {
984 return call_int_hook(path_chroot, 0, path);
985 }
986 #endif
987
988 int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode)
989 {
990 if (unlikely(IS_PRIVATE(dir)))
991 return 0;
992 return call_int_hook(inode_create, 0, dir, dentry, mode);
993 }
994 EXPORT_SYMBOL_GPL(security_inode_create);
995
996 int security_inode_link(struct dentry *old_dentry, struct inode *dir,
997 struct dentry *new_dentry)
998 {
999 if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry))))
1000 return 0;
1001 return call_int_hook(inode_link, 0, old_dentry, dir, new_dentry);
1002 }
1003
1004 int security_inode_unlink(struct inode *dir, struct dentry *dentry)
1005 {
1006 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1007 return 0;
1008 return call_int_hook(inode_unlink, 0, dir, dentry);
1009 }
1010
1011 int security_inode_symlink(struct inode *dir, struct dentry *dentry,
1012 const char *old_name)
1013 {
1014 if (unlikely(IS_PRIVATE(dir)))
1015 return 0;
1016 return call_int_hook(inode_symlink, 0, dir, dentry, old_name);
1017 }
1018
1019 int security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
1020 {
1021 if (unlikely(IS_PRIVATE(dir)))
1022 return 0;
1023 return call_int_hook(inode_mkdir, 0, dir, dentry, mode);
1024 }
1025 EXPORT_SYMBOL_GPL(security_inode_mkdir);
1026
1027 int security_inode_rmdir(struct inode *dir, struct dentry *dentry)
1028 {
1029 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1030 return 0;
1031 return call_int_hook(inode_rmdir, 0, dir, dentry);
1032 }
1033
1034 int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
1035 {
1036 if (unlikely(IS_PRIVATE(dir)))
1037 return 0;
1038 return call_int_hook(inode_mknod, 0, dir, dentry, mode, dev);
1039 }
1040
1041 int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
1042 struct inode *new_dir, struct dentry *new_dentry,
1043 unsigned int flags)
1044 {
1045 if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||
1046 (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))
1047 return 0;
1048
1049 if (flags & RENAME_EXCHANGE) {
1050 int err = call_int_hook(inode_rename, 0, new_dir, new_dentry,
1051 old_dir, old_dentry);
1052 if (err)
1053 return err;
1054 }
1055
1056 return call_int_hook(inode_rename, 0, old_dir, old_dentry,
1057 new_dir, new_dentry);
1058 }
1059
1060 int security_inode_readlink(struct dentry *dentry)
1061 {
1062 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1063 return 0;
1064 return call_int_hook(inode_readlink, 0, dentry);
1065 }
1066 EXPORT_SYMBOL_GPL(security_inode_readlink);
1067
1068 int security_inode_follow_link(struct dentry *dentry, struct inode *inode,
1069 bool rcu)
1070 {
1071 if (unlikely(IS_PRIVATE(inode)))
1072 return 0;
1073 return call_int_hook(inode_follow_link, 0, dentry, inode, rcu);
1074 }
1075
1076 int security_inode_permission(struct inode *inode, int mask)
1077 {
1078 if (unlikely(IS_PRIVATE(inode)))
1079 return 0;
1080 return call_int_hook(inode_permission, 0, inode, mask);
1081 }
1082 EXPORT_SYMBOL_GPL(security_inode_permission);
1083
1084 int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
1085 {
1086 int ret;
1087
1088 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1089 return 0;
1090 ret = call_int_hook(inode_setattr, 0, dentry, attr);
1091 if (ret)
1092 return ret;
1093 return evm_inode_setattr(dentry, attr);
1094 }
1095 EXPORT_SYMBOL_GPL(security_inode_setattr);
1096
1097 int security_inode_getattr(const struct path *path)
1098 {
1099 if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
1100 return 0;
1101 return call_int_hook(inode_getattr, 0, path);
1102 }
1103
1104 int security_inode_setxattr(struct dentry *dentry, const char *name,
1105 const void *value, size_t size, int flags)
1106 {
1107 int ret;
1108
1109 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1110 return 0;
1111 /*
1112 * SELinux and Smack integrate the cap call,
1113 * so assume that all LSMs supplying this call do so.
1114 */
1115 ret = call_int_hook(inode_setxattr, 1, dentry, name, value, size,
1116 flags);
1117
1118 if (ret == 1)
1119 ret = cap_inode_setxattr(dentry, name, value, size, flags);
1120 if (ret)
1121 return ret;
1122 ret = ima_inode_setxattr(dentry, name, value, size);
1123 if (ret)
1124 return ret;
1125 return evm_inode_setxattr(dentry, name, value, size);
1126 }
1127
1128 void security_inode_post_setxattr(struct dentry *dentry, const char *name,
1129 const void *value, size_t size, int flags)
1130 {
1131 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1132 return;
1133 call_void_hook(inode_post_setxattr, dentry, name, value, size, flags);
1134 evm_inode_post_setxattr(dentry, name, value, size);
1135 }
1136
1137 int security_inode_getxattr(struct dentry *dentry, const char *name)
1138 {
1139 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1140 return 0;
1141 return call_int_hook(inode_getxattr, 0, dentry, name);
1142 }
1143
1144 int security_inode_listxattr(struct dentry *dentry)
1145 {
1146 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1147 return 0;
1148 return call_int_hook(inode_listxattr, 0, dentry);
1149 }
1150
1151 int security_inode_removexattr(struct dentry *dentry, const char *name)
1152 {
1153 int ret;
1154
1155 if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1156 return 0;
1157 /*
1158 * SELinux and Smack integrate the cap call,
1159 * so assume that all LSMs supplying this call do so.
1160 */
1161 ret = call_int_hook(inode_removexattr, 1, dentry, name);
1162 if (ret == 1)
1163 ret = cap_inode_removexattr(dentry, name);
1164 if (ret)
1165 return ret;
1166 ret = ima_inode_removexattr(dentry, name);
1167 if (ret)
1168 return ret;
1169 return evm_inode_removexattr(dentry, name);
1170 }
1171
1172 int security_inode_need_killpriv(struct dentry *dentry)
1173 {
1174 return call_int_hook(inode_need_killpriv, 0, dentry);
1175 }
1176
1177 int security_inode_killpriv(struct dentry *dentry)
1178 {
1179 return call_int_hook(inode_killpriv, 0, dentry);
1180 }
1181
1182 int security_inode_getsecurity(struct inode *inode, const char *name, void **buffer, bool alloc)
1183 {
1184 struct security_hook_list *hp;
1185 int rc;
1186
1187 if (unlikely(IS_PRIVATE(inode)))
1188 return -EOPNOTSUPP;
1189 /*
1190 * Only one module will provide an attribute with a given name.
1191 */
1192 list_for_each_entry(hp, &security_hook_heads.inode_getsecurity, list) {
1193 rc = hp->hook.inode_getsecurity(inode, name, buffer, alloc);
1194 if (rc != -EOPNOTSUPP)
1195 return rc;
1196 }
1197 return -EOPNOTSUPP;
1198 }
1199
1200 int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
1201 {
1202 struct security_hook_list *hp;
1203 int rc;
1204
1205 if (unlikely(IS_PRIVATE(inode)))
1206 return -EOPNOTSUPP;
1207 /*
1208 * Only one module will provide an attribute with a given name.
1209 */
1210 list_for_each_entry(hp, &security_hook_heads.inode_setsecurity, list) {
1211 rc = hp->hook.inode_setsecurity(inode, name, value, size,
1212 flags);
1213 if (rc != -EOPNOTSUPP)
1214 return rc;
1215 }
1216 return -EOPNOTSUPP;
1217 }
1218
1219 int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
1220 {
1221 if (unlikely(IS_PRIVATE(inode)))
1222 return 0;
1223 return call_int_hook(inode_listsecurity, 0, inode, buffer, buffer_size);
1224 }
1225 EXPORT_SYMBOL(security_inode_listsecurity);
1226
1227 void security_inode_getsecid(struct inode *inode, u32 *secid)
1228 {
1229 call_void_hook(inode_getsecid, inode, secid);
1230 }
1231
1232 int security_inode_copy_up(struct dentry *src, struct cred **new)
1233 {
1234 return call_int_hook(inode_copy_up, 0, src, new);
1235 }
1236 EXPORT_SYMBOL(security_inode_copy_up);
1237
1238 int security_inode_copy_up_xattr(const char *name)
1239 {
1240 return call_int_hook(inode_copy_up_xattr, -EOPNOTSUPP, name);
1241 }
1242 EXPORT_SYMBOL(security_inode_copy_up_xattr);
1243
1244 int security_file_permission(struct file *file, int mask)
1245 {
1246 int ret;
1247
1248 ret = call_int_hook(file_permission, 0, file, mask);
1249 if (ret)
1250 return ret;
1251
1252 return fsnotify_perm(file, mask);
1253 }
1254 EXPORT_SYMBOL_GPL(security_file_permission);
1255
1256 int security_file_alloc(struct file *file)
1257 {
1258 int rc = lsm_file_alloc(file);
1259
1260 if (rc)
1261 return rc;
1262 return call_int_hook(file_alloc_security, 0, file);
1263 }
1264
1265 void security_file_free(struct file *file)
1266 {
1267 call_void_hook(file_free_security, file);
1268
1269 kfree(file->f_security);
1270 file->f_security = NULL;
1271 }
1272
1273 int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1274 {
1275 return call_int_hook(file_ioctl, 0, file, cmd, arg);
1276 }
1277
1278 static inline unsigned long mmap_prot(struct file *file, unsigned long prot)
1279 {
1280 /*
1281 * Does we have PROT_READ and does the application expect
1282 * it to imply PROT_EXEC? If not, nothing to talk about...
1283 */
1284 if ((prot & (PROT_READ | PROT_EXEC)) != PROT_READ)
1285 return prot;
1286 if (!(current->personality & READ_IMPLIES_EXEC))
1287 return prot;
1288 /*
1289 * if that's an anonymous mapping, let it.
1290 */
1291 if (!file)
1292 return prot | PROT_EXEC;
1293 /*
1294 * ditto if it's not on noexec mount, except that on !MMU we need
1295 * NOMMU_MAP_EXEC (== VM_MAYEXEC) in this case
1296 */
1297 if (!path_noexec(&file->f_path)) {
1298 #ifndef CONFIG_MMU
1299 if (file->f_op->mmap_capabilities) {
1300 unsigned caps = file->f_op->mmap_capabilities(file);
1301 if (!(caps & NOMMU_MAP_EXEC))
1302 return prot;
1303 }
1304 #endif
1305 return prot | PROT_EXEC;
1306 }
1307 /* anything on noexec mount won't get PROT_EXEC */
1308 return prot;
1309 }
1310
1311 int security_mmap_file(struct file *file, unsigned long prot,
1312 unsigned long flags)
1313 {
1314 int ret;
1315 ret = call_int_hook(mmap_file, 0, file, prot,
1316 mmap_prot(file, prot), flags);
1317 if (ret)
1318 return ret;
1319 return ima_file_mmap(file, prot);
1320 }
1321 EXPORT_SYMBOL_GPL(security_mmap_file);
1322
1323 int security_mmap_addr(unsigned long addr)
1324 {
1325 return call_int_hook(mmap_addr, 0, addr);
1326 }
1327
1328 int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
1329 unsigned long prot)
1330 {
1331 return call_int_hook(file_mprotect, 0, vma, reqprot, prot);
1332 }
1333
1334 int security_file_lock(struct file *file, unsigned int cmd)
1335 {
1336 return call_int_hook(file_lock, 0, file, cmd);
1337 }
1338
1339 int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg)
1340 {
1341 return call_int_hook(file_fcntl, 0, file, cmd, arg);
1342 }
1343
1344 void security_file_set_fowner(struct file *file)
1345 {
1346 call_void_hook(file_set_fowner, file);
1347 }
1348
1349 int security_file_send_sigiotask(struct task_struct *tsk,
1350 struct fown_struct *fown, int sig)
1351 {
1352 return call_int_hook(file_send_sigiotask, 0, tsk, fown, sig);
1353 }
1354
1355 int security_file_receive(struct file *file)
1356 {
1357 return call_int_hook(file_receive, 0, file);
1358 }
1359
1360 int security_file_open(struct file *file, const struct cred *cred)
1361 {
1362 int ret;
1363
1364 ret = call_int_hook(file_open, 0, file, cred);
1365 if (ret)
1366 return ret;
1367
1368 return fsnotify_perm(file, MAY_OPEN);
1369 }
1370
1371 int security_task_create(unsigned long clone_flags)
1372 {
1373 return call_int_hook(task_create, 0, clone_flags);
1374 }
1375
1376 int security_task_alloc(struct task_struct *task, unsigned long clone_flags)
1377 {
1378 int rc = lsm_task_alloc(task);
1379
1380 if (rc)
1381 return rc;
1382 return call_int_hook(task_alloc, 0, task, clone_flags);
1383 }
1384
1385 void security_task_free(struct task_struct *task)
1386 {
1387 call_void_hook(task_free, task);
1388
1389 kfree(task->security);
1390 task->security = NULL;
1391 }
1392
1393 int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
1394 {
1395 int rc = lsm_cred_alloc(cred, gfp);
1396
1397 if (rc)
1398 return rc;
1399
1400 return call_int_hook(cred_alloc_blank, 0, cred, gfp);
1401 }
1402
1403 void security_cred_free(struct cred *cred)
1404 {
1405 call_void_hook(cred_free, cred);
1406
1407 kfree(cred->security);
1408 cred->security = NULL;
1409 }
1410
1411 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
1412 {
1413 int rc = lsm_cred_alloc(new, gfp);
1414
1415 if (rc)
1416 return rc;
1417
1418 return call_int_hook(cred_prepare, 0, new, old, gfp);
1419 }
1420
1421 void security_transfer_creds(struct cred *new, const struct cred *old)
1422 {
1423 call_void_hook(cred_transfer, new, old);
1424 }
1425
1426 int security_kernel_act_as(struct cred *new, u32 secid)
1427 {
1428 return call_int_hook(kernel_act_as, 0, new, secid);
1429 }
1430
1431 int security_kernel_create_files_as(struct cred *new, struct inode *inode)
1432 {
1433 return call_int_hook(kernel_create_files_as, 0, new, inode);
1434 }
1435
1436 int security_kernel_module_request(char *kmod_name)
1437 {
1438 return call_int_hook(kernel_module_request, 0, kmod_name);
1439 }
1440
1441 int security_kernel_read_file(struct file *file, enum kernel_read_file_id id)
1442 {
1443 int ret;
1444
1445 ret = call_int_hook(kernel_read_file, 0, file, id);
1446 if (ret)
1447 return ret;
1448 return ima_read_file(file, id);
1449 }
1450 EXPORT_SYMBOL_GPL(security_kernel_read_file);
1451
1452 int security_kernel_post_read_file(struct file *file, char *buf, loff_t size,
1453 enum kernel_read_file_id id)
1454 {
1455 int ret;
1456
1457 ret = call_int_hook(kernel_post_read_file, 0, file, buf, size, id);
1458 if (ret)
1459 return ret;
1460 return ima_post_read_file(file, buf, size, id);
1461 }
1462 EXPORT_SYMBOL_GPL(security_kernel_post_read_file);
1463
1464 int security_task_fix_setuid(struct cred *new, const struct cred *old,
1465 int flags)
1466 {
1467 return call_int_hook(task_fix_setuid, 0, new, old, flags);
1468 }
1469
1470 int security_task_setpgid(struct task_struct *p, pid_t pgid)
1471 {
1472 return call_int_hook(task_setpgid, 0, p, pgid);
1473 }
1474
1475 int security_task_getpgid(struct task_struct *p)
1476 {
1477 return call_int_hook(task_getpgid, 0, p);
1478 }
1479
1480 int security_task_getsid(struct task_struct *p)
1481 {
1482 return call_int_hook(task_getsid, 0, p);
1483 }
1484
1485 void security_task_getsecid(struct task_struct *p, u32 *secid)
1486 {
1487 *secid = 0;
1488 call_void_hook(task_getsecid, p, secid);
1489 }
1490 EXPORT_SYMBOL(security_task_getsecid);
1491
1492 int security_task_setnice(struct task_struct *p, int nice)
1493 {
1494 return call_int_hook(task_setnice, 0, p, nice);
1495 }
1496
1497 int security_task_setioprio(struct task_struct *p, int ioprio)
1498 {
1499 return call_int_hook(task_setioprio, 0, p, ioprio);
1500 }
1501
1502 int security_task_getioprio(struct task_struct *p)
1503 {
1504 return call_int_hook(task_getioprio, 0, p);
1505 }
1506
1507 int security_task_prlimit(const struct cred *cred, const struct cred *tcred,
1508 unsigned int flags)
1509 {
1510 return call_int_hook(task_prlimit, 0, cred, tcred, flags);
1511 }
1512
1513 int security_task_setrlimit(struct task_struct *p, unsigned int resource,
1514 struct rlimit *new_rlim)
1515 {
1516 return call_int_hook(task_setrlimit, 0, p, resource, new_rlim);
1517 }
1518
1519 int security_task_setscheduler(struct task_struct *p)
1520 {
1521 return call_int_hook(task_setscheduler, 0, p);
1522 }
1523
1524 int security_task_getscheduler(struct task_struct *p)
1525 {
1526 return call_int_hook(task_getscheduler, 0, p);
1527 }
1528
1529 int security_task_movememory(struct task_struct *p)
1530 {
1531 return call_int_hook(task_movememory, 0, p);
1532 }
1533
1534 int security_task_kill(struct task_struct *p, struct siginfo *info,
1535 int sig, u32 secid)
1536 {
1537 return call_int_hook(task_kill, 0, p, info, sig, secid);
1538 }
1539
1540 int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
1541 unsigned long arg4, unsigned long arg5)
1542 {
1543 int thisrc;
1544 int rc = -ENOSYS;
1545 struct security_hook_list *hp;
1546
1547 list_for_each_entry(hp, &security_hook_heads.task_prctl, list) {
1548 thisrc = hp->hook.task_prctl(option, arg2, arg3, arg4, arg5);
1549 if (thisrc != -ENOSYS) {
1550 rc = thisrc;
1551 if (thisrc != 0)
1552 break;
1553 }
1554 }
1555 return rc;
1556 }
1557
1558 void security_task_to_inode(struct task_struct *p, struct inode *inode)
1559 {
1560 call_void_hook(task_to_inode, p, inode);
1561 }
1562
1563 int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
1564 {
1565 return call_int_hook(ipc_permission, 0, ipcp, flag);
1566 }
1567
1568 void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
1569 {
1570 *secid = 0;
1571 call_void_hook(ipc_getsecid, ipcp, secid);
1572 }
1573
1574 int security_msg_msg_alloc(struct msg_msg *msg)
1575 {
1576 int rc = lsm_msg_msg_alloc(msg);
1577
1578 if (rc)
1579 return rc;
1580 return call_int_hook(msg_msg_alloc_security, 0, msg);
1581 }
1582
1583 void security_msg_msg_free(struct msg_msg *msg)
1584 {
1585 call_void_hook(msg_msg_free_security, msg);
1586 kfree(msg->security);
1587 msg->security = NULL;
1588 }
1589
1590 int security_msg_queue_alloc(struct msg_queue *msq)
1591 {
1592 int rc = lsm_ipc_alloc(&msq->q_perm);
1593
1594 if (rc)
1595 return rc;
1596 return call_int_hook(msg_queue_alloc_security, 0, msq);
1597 }
1598
1599 void security_msg_queue_free(struct msg_queue *msq)
1600 {
1601 struct kern_ipc_perm *kip = &msq->q_perm;
1602
1603 call_void_hook(msg_queue_free_security, msq);
1604 kfree(kip->security);
1605 kip->security = NULL;
1606 }
1607
1608 int security_msg_queue_associate(struct msg_queue *msq, int msqflg)
1609 {
1610 return call_int_hook(msg_queue_associate, 0, msq, msqflg);
1611 }
1612
1613 int security_msg_queue_msgctl(struct msg_queue *msq, int cmd)
1614 {
1615 return call_int_hook(msg_queue_msgctl, 0, msq, cmd);
1616 }
1617
1618 int security_msg_queue_msgsnd(struct msg_queue *msq,
1619 struct msg_msg *msg, int msqflg)
1620 {
1621 return call_int_hook(msg_queue_msgsnd, 0, msq, msg, msqflg);
1622 }
1623
1624 int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg,
1625 struct task_struct *target, long type, int mode)
1626 {
1627 return call_int_hook(msg_queue_msgrcv, 0, msq, msg, target, type, mode);
1628 }
1629
1630 int security_shm_alloc(struct shmid_kernel *shp)
1631 {
1632 int rc = lsm_ipc_alloc(&shp->shm_perm);
1633
1634 if (rc)
1635 return rc;
1636 return call_int_hook(shm_alloc_security, 0, shp);
1637 }
1638
1639 void security_shm_free(struct shmid_kernel *shp)
1640 {
1641 struct kern_ipc_perm *kip = &shp->shm_perm;
1642
1643 call_void_hook(shm_free_security, shp);
1644 kfree(kip->security);
1645 kip->security = NULL;
1646 }
1647
1648 int security_shm_associate(struct shmid_kernel *shp, int shmflg)
1649 {
1650 return call_int_hook(shm_associate, 0, shp, shmflg);
1651 }
1652
1653 int security_shm_shmctl(struct shmid_kernel *shp, int cmd)
1654 {
1655 return call_int_hook(shm_shmctl, 0, shp, cmd);
1656 }
1657
1658 int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg)
1659 {
1660 return call_int_hook(shm_shmat, 0, shp, shmaddr, shmflg);
1661 }
1662
1663 int security_sem_alloc(struct sem_array *sma)
1664 {
1665 int rc = lsm_ipc_alloc(&sma->sem_perm);
1666
1667 if (rc)
1668 return rc;
1669 return call_int_hook(sem_alloc_security, 0, sma);
1670 }
1671
1672 void security_sem_free(struct sem_array *sma)
1673 {
1674 struct kern_ipc_perm *kip = &sma->sem_perm;
1675
1676 call_void_hook(sem_free_security, sma);
1677 kfree(kip->security);
1678 kip->security = NULL;
1679 }
1680
1681 int security_sem_associate(struct sem_array *sma, int semflg)
1682 {
1683 return call_int_hook(sem_associate, 0, sma, semflg);
1684 }
1685
1686 int security_sem_semctl(struct sem_array *sma, int cmd)
1687 {
1688 return call_int_hook(sem_semctl, 0, sma, cmd);
1689 }
1690
1691 int security_sem_semop(struct sem_array *sma, struct sembuf *sops,
1692 unsigned nsops, int alter)
1693 {
1694 return call_int_hook(sem_semop, 0, sma, sops, nsops, alter);
1695 }
1696
1697 void security_d_instantiate(struct dentry *dentry, struct inode *inode)
1698 {
1699 if (unlikely(inode && IS_PRIVATE(inode)))
1700 return;
1701 call_void_hook(d_instantiate, dentry, inode);
1702 }
1703 EXPORT_SYMBOL(security_d_instantiate);
1704
1705 int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
1706 char **value)
1707 {
1708 struct security_hook_list *hp;
1709 char *vp;
1710 char *cp = NULL;
1711 int trc;
1712 int rc;
1713
1714 /*
1715 * "context" requires work here in addition to what
1716 * the modules provide.
1717 */
1718 if (strcmp(name, "context") == 0) {
1719 *value = NULL;
1720 rc = -EINVAL;
1721 list_for_each_entry(hp,
1722 &security_hook_heads.getprocattr, list) {
1723 if (lsm != NULL && strcmp(lsm, hp->lsm))
1724 continue;
1725 trc = hp->hook.getprocattr(p, "context", &vp);
1726 if (trc == -ENOENT)
1727 continue;
1728 if (trc <= 0) {
1729 kfree(*value);
1730 return trc;
1731 }
1732 rc = trc;
1733 if (*value == NULL) {
1734 *value = vp;
1735 } else {
1736 cp = kasprintf(GFP_KERNEL, "%s,%s", *value, vp);
1737 if (cp == NULL) {
1738 kfree(*value);
1739 kfree(vp);
1740 return -ENOMEM;
1741 }
1742 kfree(*value);
1743 kfree(vp);
1744 *value = cp;
1745 }
1746 }
1747 if (rc > 0)
1748 return strlen(*value);
1749 return rc;
1750 }
1751
1752 list_for_each_entry(hp, &security_hook_heads.getprocattr, list) {
1753 if (lsm != NULL && strcmp(lsm, hp->lsm))
1754 continue;
1755 rc = hp->hook.getprocattr(p, name, value);
1756 if (rc != -ENOSYS)
1757 return rc;
1758 }
1759 return -EINVAL;
1760 }
1761
1762 int security_setprocattr(const char *lsm, const char *name, void *value,
1763 size_t size)
1764 {
1765 struct security_hook_list *hp;
1766 int rc;
1767 char *local;
1768 char *cp;
1769 int slen;
1770 int failed = 0;
1771
1772 /*
1773 * If lsm is NULL look at all the modules to find one
1774 * that processes name. If lsm is not NULL only look at
1775 * that module.
1776 *
1777 * "context" is handled directly here.
1778 */
1779 if (strcmp(name, "context") == 0) {
1780 /*
1781 * First verify that the input is acceptable.
1782 * lsm1='v1'lsm2='v2'lsm3='v3'
1783 *
1784 * A note on the use of strncmp() below.
1785 * The check is for the substring at the beginning of cp.
1786 * The kzalloc of size + 1 ensures a terminated string.
1787 */
1788 rc = -EINVAL;
1789 local = kzalloc(size + 1, GFP_KERNEL);
1790 memcpy(local, value, size);
1791 cp = local;
1792 list_for_each_entry(hp, &security_hook_heads.setprocattr,
1793 list) {
1794 if (lsm != NULL && strcmp(lsm, hp->lsm))
1795 continue;
1796 if (cp[0] == ',') {
1797 if (cp == local)
1798 goto free_out;
1799 cp++;
1800 }
1801 slen = strlen(hp->lsm);
1802 if (strncmp(cp, hp->lsm, slen))
1803 goto free_out;
1804 cp += slen;
1805 if (cp[0] != '=' || cp[1] != '\'' || cp[2] == '\'')
1806 goto free_out;
1807 for (cp += 2; cp[0] != '\''; cp++)
1808 if (cp[0] == '\0')
1809 goto free_out;
1810 cp++;
1811 }
1812
1813 cp = local;
1814 list_for_each_entry(hp, &security_hook_heads.setprocattr,
1815 list) {
1816 if (lsm != NULL && strcmp(lsm, hp->lsm))
1817 continue;
1818 if (cp[0] == ',')
1819 cp++;
1820 cp += strlen(hp->lsm) + 2;
1821 for (slen = 0; cp[slen] != '\''; slen++)
1822 ;
1823 cp[slen] = '\0';
1824
1825 rc = hp->hook.setprocattr("context", cp, slen);
1826 if (rc < 0)
1827 failed = rc;
1828 cp += slen + 1;
1829 }
1830 if (failed != 0)
1831 rc = failed;
1832 else
1833 rc = size;
1834 free_out:
1835 kfree(local);
1836 return rc;
1837 }
1838
1839 list_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
1840 if (lsm != NULL && strcmp(lsm, hp->lsm))
1841 continue;
1842 rc = hp->hook.setprocattr(name, value, size);
1843 if (rc)
1844 return rc;
1845 }
1846 return -EINVAL;
1847 }
1848
1849 int security_netlink_send(struct sock *sk, struct sk_buff *skb)
1850 {
1851 return call_int_hook(netlink_send, 0, sk, skb);
1852 }
1853
1854 int security_ismaclabel(const char *name)
1855 {
1856 return call_int_hook(ismaclabel, 0, name);
1857 }
1858 EXPORT_SYMBOL(security_ismaclabel);
1859
1860 int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
1861 {
1862 return call_int_hook(secid_to_secctx, -EOPNOTSUPP, secid, secdata,
1863 seclen);
1864 }
1865 EXPORT_SYMBOL(security_secid_to_secctx);
1866
1867 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
1868 {
1869 *secid = 0;
1870 return call_int_hook(secctx_to_secid, 0, secdata, seclen, secid);
1871 }
1872 EXPORT_SYMBOL(security_secctx_to_secid);
1873
1874 void security_release_secctx(char *secdata, u32 seclen)
1875 {
1876 call_void_hook(release_secctx, secdata, seclen);
1877 }
1878 EXPORT_SYMBOL(security_release_secctx);
1879
1880 void security_inode_invalidate_secctx(struct inode *inode)
1881 {
1882 call_void_hook(inode_invalidate_secctx, inode);
1883 }
1884 EXPORT_SYMBOL(security_inode_invalidate_secctx);
1885
1886 int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
1887 {
1888 return call_int_hook(inode_notifysecctx, 0, inode, ctx, ctxlen);
1889 }
1890 EXPORT_SYMBOL(security_inode_notifysecctx);
1891
1892 int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
1893 {
1894 return call_int_hook(inode_setsecctx, 0, dentry, ctx, ctxlen);
1895 }
1896 EXPORT_SYMBOL(security_inode_setsecctx);
1897
1898 int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
1899 {
1900 return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, ctx, ctxlen);
1901 }
1902 EXPORT_SYMBOL(security_inode_getsecctx);
1903
1904 #ifdef CONFIG_SECURITY_NETWORK
1905
1906 int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk)
1907 {
1908 return call_int_hook(unix_stream_connect, 0, sock, other, newsk);
1909 }
1910 EXPORT_SYMBOL(security_unix_stream_connect);
1911
1912 int security_unix_may_send(struct socket *sock, struct socket *other)
1913 {
1914 return call_int_hook(unix_may_send, 0, sock, other);
1915 }
1916 EXPORT_SYMBOL(security_unix_may_send);
1917
1918 int security_socket_create(int family, int type, int protocol, int kern)
1919 {
1920 return call_int_hook(socket_create, 0, family, type, protocol, kern);
1921 }
1922
1923 int security_socket_post_create(struct socket *sock, int family,
1924 int type, int protocol, int kern)
1925 {
1926 return call_int_hook(socket_post_create, 0, sock, family, type,
1927 protocol, kern);
1928 }
1929
1930 int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen)
1931 {
1932 return call_int_hook(socket_bind, 0, sock, address, addrlen);
1933 }
1934
1935 int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen)
1936 {
1937 return call_int_hook(socket_connect, 0, sock, address, addrlen);
1938 }
1939
1940 int security_socket_listen(struct socket *sock, int backlog)
1941 {
1942 return call_int_hook(socket_listen, 0, sock, backlog);
1943 }
1944
1945 int security_socket_accept(struct socket *sock, struct socket *newsock)
1946 {
1947 return call_int_hook(socket_accept, 0, sock, newsock);
1948 }
1949
1950 int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size)
1951 {
1952 return call_int_hook(socket_sendmsg, 0, sock, msg, size);
1953 }
1954
1955 int security_socket_recvmsg(struct socket *sock, struct msghdr *msg,
1956 int size, int flags)
1957 {
1958 return call_int_hook(socket_recvmsg, 0, sock, msg, size, flags);
1959 }
1960
1961 int security_socket_getsockname(struct socket *sock)
1962 {
1963 return call_int_hook(socket_getsockname, 0, sock);
1964 }
1965
1966 int security_socket_getpeername(struct socket *sock)
1967 {
1968 return call_int_hook(socket_getpeername, 0, sock);
1969 }
1970
1971 int security_socket_getsockopt(struct socket *sock, int level, int optname)
1972 {
1973 return call_int_hook(socket_getsockopt, 0, sock, level, optname);
1974 }
1975
1976 int security_socket_setsockopt(struct socket *sock, int level, int optname)
1977 {
1978 return call_int_hook(socket_setsockopt, 0, sock, level, optname);
1979 }
1980
1981 int security_socket_shutdown(struct socket *sock, int how)
1982 {
1983 return call_int_hook(socket_shutdown, 0, sock, how);
1984 }
1985
1986 int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
1987 {
1988 return call_int_hook(socket_sock_rcv_skb, 0, sk, skb);
1989 }
1990 EXPORT_SYMBOL(security_sock_rcv_skb);
1991
1992 int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
1993 int __user *optlen, unsigned len)
1994 {
1995 return call_int_hook(socket_getpeersec_stream, -ENOPROTOOPT, sock,
1996 optval, optlen, len);
1997 }
1998
1999 int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
2000 {
2001 return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock,
2002 skb, secid);
2003 }
2004 EXPORT_SYMBOL(security_socket_getpeersec_dgram);
2005
2006 int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
2007 {
2008 int rc = lsm_sock_alloc(sk, priority);
2009
2010 if (rc)
2011 return rc;
2012 return call_int_hook(sk_alloc_security, 0, sk, family, priority);
2013 }
2014
2015 void security_sk_free(struct sock *sk)
2016 {
2017 call_void_hook(sk_free_security, sk);
2018 kfree(sk->sk_security);
2019 sk->sk_security = NULL;
2020 }
2021
2022 void security_sk_clone(const struct sock *sk, struct sock *newsk)
2023 {
2024 call_void_hook(sk_clone_security, sk, newsk);
2025 }
2026 EXPORT_SYMBOL(security_sk_clone);
2027
2028 void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
2029 {
2030 call_void_hook(sk_getsecid, sk, &fl->flowi_secid);
2031 }
2032 EXPORT_SYMBOL(security_sk_classify_flow);
2033
2034 void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
2035 {
2036 call_void_hook(req_classify_flow, req, fl);
2037 }
2038 EXPORT_SYMBOL(security_req_classify_flow);
2039
2040 void security_sock_graft(struct sock *sk, struct socket *parent)
2041 {
2042 call_void_hook(sock_graft, sk, parent);
2043 }
2044 EXPORT_SYMBOL(security_sock_graft);
2045
2046 int security_inet_conn_request(struct sock *sk,
2047 struct sk_buff *skb, struct request_sock *req)
2048 {
2049 return call_int_hook(inet_conn_request, 0, sk, skb, req);
2050 }
2051 EXPORT_SYMBOL(security_inet_conn_request);
2052
2053 void security_inet_csk_clone(struct sock *newsk,
2054 const struct request_sock *req)
2055 {
2056 call_void_hook(inet_csk_clone, newsk, req);
2057 }
2058
2059 void security_inet_conn_established(struct sock *sk,
2060 struct sk_buff *skb)
2061 {
2062 call_void_hook(inet_conn_established, sk, skb);
2063 }
2064
2065 int security_secmark_relabel_packet(u32 secid)
2066 {
2067 return call_int_hook(secmark_relabel_packet, 0, secid);
2068 }
2069 EXPORT_SYMBOL(security_secmark_relabel_packet);
2070
2071 void security_secmark_refcount_inc(void)
2072 {
2073 call_void_hook(secmark_refcount_inc);
2074 }
2075 EXPORT_SYMBOL(security_secmark_refcount_inc);
2076
2077 void security_secmark_refcount_dec(void)
2078 {
2079 call_void_hook(secmark_refcount_dec);
2080 }
2081 EXPORT_SYMBOL(security_secmark_refcount_dec);
2082
2083 int security_tun_dev_alloc_security(void **security)
2084 {
2085 return call_int_hook(tun_dev_alloc_security, 0, security);
2086 }
2087 EXPORT_SYMBOL(security_tun_dev_alloc_security);
2088
2089 void security_tun_dev_free_security(void *security)
2090 {
2091 call_void_hook(tun_dev_free_security, security);
2092 }
2093 EXPORT_SYMBOL(security_tun_dev_free_security);
2094
2095 int security_tun_dev_create(void)
2096 {
2097 return call_int_hook(tun_dev_create, 0);
2098 }
2099 EXPORT_SYMBOL(security_tun_dev_create);
2100
2101 int security_tun_dev_attach_queue(void *security)
2102 {
2103 return call_int_hook(tun_dev_attach_queue, 0, security);
2104 }
2105 EXPORT_SYMBOL(security_tun_dev_attach_queue);
2106
2107 int security_tun_dev_attach(struct sock *sk, void *security)
2108 {
2109 return call_int_hook(tun_dev_attach, 0, sk, security);
2110 }
2111 EXPORT_SYMBOL(security_tun_dev_attach);
2112
2113 int security_tun_dev_open(void *security)
2114 {
2115 return call_int_hook(tun_dev_open, 0, security);
2116 }
2117 EXPORT_SYMBOL(security_tun_dev_open);
2118
2119 #endif /* CONFIG_SECURITY_NETWORK */
2120
2121 #ifdef CONFIG_SECURITY_INFINIBAND
2122
2123 int security_ib_pkey_access(void *sec, u64 subnet_prefix, u16 pkey)
2124 {
2125 return call_int_hook(ib_pkey_access, 0, sec, subnet_prefix, pkey);
2126 }
2127 EXPORT_SYMBOL(security_ib_pkey_access);
2128
2129 int security_ib_endport_manage_subnet(void *sec, const char *dev_name, u8 port_num)
2130 {
2131 return call_int_hook(ib_endport_manage_subnet, 0, sec, dev_name, port_num);
2132 }
2133 EXPORT_SYMBOL(security_ib_endport_manage_subnet);
2134
2135 int security_ib_alloc_security(void **sec)
2136 {
2137 return call_int_hook(ib_alloc_security, 0, sec);
2138 }
2139 EXPORT_SYMBOL(security_ib_alloc_security);
2140
2141 void security_ib_free_security(void *sec)
2142 {
2143 call_void_hook(ib_free_security, sec);
2144 }
2145 EXPORT_SYMBOL(security_ib_free_security);
2146 #endif /* CONFIG_SECURITY_INFINIBAND */
2147
2148 #ifdef CONFIG_SECURITY_NETWORK_XFRM
2149
2150 int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp,
2151 struct xfrm_user_sec_ctx *sec_ctx,
2152 gfp_t gfp)
2153 {
2154 return call_int_hook(xfrm_policy_alloc_security, 0, ctxp, sec_ctx, gfp);
2155 }
2156 EXPORT_SYMBOL(security_xfrm_policy_alloc);
2157
2158 int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx,
2159 struct xfrm_sec_ctx **new_ctxp)
2160 {
2161 return call_int_hook(xfrm_policy_clone_security, 0, old_ctx, new_ctxp);
2162 }
2163
2164 void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx)
2165 {
2166 call_void_hook(xfrm_policy_free_security, ctx);
2167 }
2168 EXPORT_SYMBOL(security_xfrm_policy_free);
2169
2170 int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx)
2171 {
2172 return call_int_hook(xfrm_policy_delete_security, 0, ctx);
2173 }
2174
2175 int security_xfrm_state_alloc(struct xfrm_state *x,
2176 struct xfrm_user_sec_ctx *sec_ctx)
2177 {
2178 return call_int_hook(xfrm_state_alloc, 0, x, sec_ctx);
2179 }
2180 EXPORT_SYMBOL(security_xfrm_state_alloc);
2181
2182 int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
2183 struct xfrm_sec_ctx *polsec, u32 secid)
2184 {
2185 return call_int_hook(xfrm_state_alloc_acquire, 0, x, polsec, secid);
2186 }
2187
2188 int security_xfrm_state_delete(struct xfrm_state *x)
2189 {
2190 return call_int_hook(xfrm_state_delete_security, 0, x);
2191 }
2192 EXPORT_SYMBOL(security_xfrm_state_delete);
2193
2194 void security_xfrm_state_free(struct xfrm_state *x)
2195 {
2196 call_void_hook(xfrm_state_free_security, x);
2197 }
2198
2199 int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir)
2200 {
2201 return call_int_hook(xfrm_policy_lookup, 0, ctx, fl_secid, dir);
2202 }
2203
2204 int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
2205 struct xfrm_policy *xp,
2206 const struct flowi *fl)
2207 {
2208 struct security_hook_list *hp;
2209 int rc = 1;
2210
2211 /*
2212 * Since this function is expected to return 0 or 1, the judgment
2213 * becomes difficult if multiple LSMs supply this call. Fortunately,
2214 * we can use the first LSM's judgment because currently only SELinux
2215 * supplies this call.
2216 *
2217 * For speed optimization, we explicitly break the loop rather than
2218 * using the macro
2219 */
2220 list_for_each_entry(hp, &security_hook_heads.xfrm_state_pol_flow_match,
2221 list) {
2222 rc = hp->hook.xfrm_state_pol_flow_match(x, xp, fl);
2223 break;
2224 }
2225 return rc;
2226 }
2227
2228 int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
2229 {
2230 return call_int_hook(xfrm_decode_session, 0, skb, secid, 1);
2231 }
2232
2233 void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
2234 {
2235 int rc = call_int_hook(xfrm_decode_session, 0, skb, &fl->flowi_secid,
2236 0);
2237
2238 BUG_ON(rc);
2239 }
2240 EXPORT_SYMBOL(security_skb_classify_flow);
2241
2242 #endif /* CONFIG_SECURITY_NETWORK_XFRM */
2243
2244 #ifdef CONFIG_KEYS
2245
2246 int security_key_alloc(struct key *key, const struct cred *cred,
2247 unsigned long flags)
2248 {
2249 int rc = lsm_key_alloc(key);
2250
2251 if (rc)
2252 return rc;
2253 return call_int_hook(key_alloc, 0, key, cred, flags);
2254 }
2255
2256 void security_key_free(struct key *key)
2257 {
2258 call_void_hook(key_free, key);
2259 kfree(key->security);
2260 key->security = NULL;
2261 }
2262
2263 int security_key_permission(key_ref_t key_ref,
2264 const struct cred *cred, unsigned perm)
2265 {
2266 return call_int_hook(key_permission, 0, key_ref, cred, perm);
2267 }
2268
2269 int security_key_getsecurity(struct key *key, char **_buffer)
2270 {
2271 *_buffer = NULL;
2272 return call_int_hook(key_getsecurity, 0, key, _buffer);
2273 }
2274
2275 #endif /* CONFIG_KEYS */
2276
2277 #ifdef CONFIG_AUDIT
2278
2279 int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
2280 {
2281 return call_int_hook(audit_rule_init, 0, field, op, rulestr, lsmrule);
2282 }
2283
2284 int security_audit_rule_known(struct audit_krule *krule)
2285 {
2286 return call_int_hook(audit_rule_known, 0, krule);
2287 }
2288
2289 void security_audit_rule_free(void *lsmrule)
2290 {
2291 call_void_hook(audit_rule_free, lsmrule);
2292 }
2293
2294 int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
2295 struct audit_context *actx)
2296 {
2297 return call_int_hook(audit_rule_match, 0, secid, field, op, lsmrule,
2298 actx);
2299 }
2300 #endif /* CONFIG_AUDIT */
Ubuntu Artful kernel mirror