Commit | Line | Data |
---|---|---|
c3ef1500 | 1 | /* |
0f2a55d5 | 2 | * security/tomoyo/securityfs_if.c |
c3ef1500 | 3 | * |
0f2a55d5 | 4 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
c3ef1500 TH |
5 | */ |
6 | ||
7 | #include <linux/security.h> | |
8 | #include "common.h" | |
9 | ||
731d37aa TH |
10 | /** |
11 | * tomoyo_check_task_acl - Check permission for task operation. | |
12 | * | |
13 | * @r: Pointer to "struct tomoyo_request_info". | |
14 | * @ptr: Pointer to "struct tomoyo_acl_info". | |
15 | * | |
16 | * Returns true if granted, false otherwise. | |
17 | */ | |
18 | static bool tomoyo_check_task_acl(struct tomoyo_request_info *r, | |
19 | const struct tomoyo_acl_info *ptr) | |
20 | { | |
21 | const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl), | |
22 | head); | |
23 | return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname); | |
24 | } | |
25 | ||
26 | /** | |
27 | * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface. | |
28 | * | |
29 | * @file: Pointer to "struct file". | |
30 | * @buf: Domainname to transit to. | |
31 | * @count: Size of @buf. | |
32 | * @ppos: Unused. | |
33 | * | |
34 | * Returns @count on success, negative value otherwise. | |
35 | * | |
36 | * If domain transition was permitted but the domain transition failed, this | |
37 | * function returns error rather than terminating current thread with SIGKILL. | |
38 | */ | |
39 | static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, | |
40 | size_t count, loff_t *ppos) | |
41 | { | |
42 | char *data; | |
43 | int error; | |
44 | if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10) | |
45 | return -ENOMEM; | |
16e5c1fc AV |
46 | data = memdup_user_nul(buf, count); |
47 | if (IS_ERR(data)) | |
48 | return PTR_ERR(data); | |
731d37aa TH |
49 | tomoyo_normalize_line(data); |
50 | if (tomoyo_correct_domain(data)) { | |
51 | const int idx = tomoyo_read_lock(); | |
52 | struct tomoyo_path_info name; | |
53 | struct tomoyo_request_info r; | |
54 | name.name = data; | |
55 | tomoyo_fill_path_info(&name); | |
56 | /* Check "task manual_domain_transition" permission. */ | |
57 | tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE); | |
58 | r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL; | |
59 | r.param.task.domainname = &name; | |
60 | tomoyo_check_acl(&r, tomoyo_check_task_acl); | |
61 | if (!r.granted) | |
62 | error = -EPERM; | |
63 | else { | |
64 | struct tomoyo_domain_info *new_domain = | |
65 | tomoyo_assign_domain(data, true); | |
66 | if (!new_domain) { | |
67 | error = -ENOENT; | |
68 | } else { | |
69 | struct cred *cred = prepare_creds(); | |
70 | if (!cred) { | |
71 | error = -ENOMEM; | |
72 | } else { | |
73 | struct tomoyo_domain_info *old_domain = | |
74 | cred->security; | |
75 | cred->security = new_domain; | |
76 | atomic_inc(&new_domain->users); | |
77 | atomic_dec(&old_domain->users); | |
78 | commit_creds(cred); | |
79 | error = 0; | |
80 | } | |
81 | } | |
82 | } | |
83 | tomoyo_read_unlock(idx); | |
84 | } else | |
85 | error = -EINVAL; | |
731d37aa TH |
86 | kfree(data); |
87 | return error ? error : count; | |
88 | } | |
89 | ||
90 | /** | |
91 | * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface. | |
92 | * | |
93 | * @file: Pointer to "struct file". | |
94 | * @buf: Domainname which current thread belongs to. | |
95 | * @count: Size of @buf. | |
96 | * @ppos: Bytes read by now. | |
97 | * | |
98 | * Returns read size on success, negative value otherwise. | |
99 | */ | |
100 | static ssize_t tomoyo_read_self(struct file *file, char __user *buf, | |
101 | size_t count, loff_t *ppos) | |
102 | { | |
103 | const char *domain = tomoyo_domain()->domainname->name; | |
104 | loff_t len = strlen(domain); | |
105 | loff_t pos = *ppos; | |
106 | if (pos >= len || !count) | |
107 | return 0; | |
108 | len -= pos; | |
109 | if (count < len) | |
110 | len = count; | |
111 | if (copy_to_user(buf, domain + pos, len)) | |
112 | return -EFAULT; | |
113 | *ppos += len; | |
114 | return len; | |
115 | } | |
116 | ||
117 | /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */ | |
118 | static const struct file_operations tomoyo_self_operations = { | |
119 | .write = tomoyo_write_self, | |
120 | .read = tomoyo_read_self, | |
121 | }; | |
122 | ||
c3ef1500 TH |
123 | /** |
124 | * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface. | |
125 | * | |
126 | * @inode: Pointer to "struct inode". | |
127 | * @file: Pointer to "struct file". | |
128 | * | |
129 | * Returns 0 on success, negative value otherwise. | |
130 | */ | |
131 | static int tomoyo_open(struct inode *inode, struct file *file) | |
132 | { | |
496ad9aa | 133 | const int key = ((u8 *) file_inode(file)->i_private) |
c3ef1500 TH |
134 | - ((u8 *) NULL); |
135 | return tomoyo_open_control(key, file); | |
136 | } | |
137 | ||
138 | /** | |
139 | * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface. | |
140 | * | |
c3ef1500 TH |
141 | * @file: Pointer to "struct file". |
142 | * | |
c3ef1500 TH |
143 | */ |
144 | static int tomoyo_release(struct inode *inode, struct file *file) | |
145 | { | |
e53cfda5 AV |
146 | tomoyo_close_control(file->private_data); |
147 | return 0; | |
c3ef1500 TH |
148 | } |
149 | ||
0849e3ba | 150 | /** |
b5bc60b4 | 151 | * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface. |
0849e3ba TH |
152 | * |
153 | * @file: Pointer to "struct file". | |
6041e834 | 154 | * @wait: Pointer to "poll_table". Maybe NULL. |
0849e3ba | 155 | * |
6041e834 TH |
156 | * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write, |
157 | * POLLOUT | POLLWRNORM otherwise. | |
0849e3ba TH |
158 | */ |
159 | static unsigned int tomoyo_poll(struct file *file, poll_table *wait) | |
160 | { | |
161 | return tomoyo_poll_control(file, wait); | |
162 | } | |
163 | ||
c3ef1500 TH |
164 | /** |
165 | * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface. | |
166 | * | |
167 | * @file: Pointer to "struct file". | |
168 | * @buf: Pointer to buffer. | |
169 | * @count: Size of @buf. | |
170 | * @ppos: Unused. | |
171 | * | |
172 | * Returns bytes read on success, negative value otherwise. | |
173 | */ | |
174 | static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count, | |
175 | loff_t *ppos) | |
176 | { | |
0df7e8b8 | 177 | return tomoyo_read_control(file->private_data, buf, count); |
c3ef1500 TH |
178 | } |
179 | ||
180 | /** | |
181 | * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface. | |
182 | * | |
183 | * @file: Pointer to "struct file". | |
184 | * @buf: Pointer to buffer. | |
185 | * @count: Size of @buf. | |
186 | * @ppos: Unused. | |
187 | * | |
188 | * Returns @count on success, negative value otherwise. | |
189 | */ | |
190 | static ssize_t tomoyo_write(struct file *file, const char __user *buf, | |
191 | size_t count, loff_t *ppos) | |
192 | { | |
0df7e8b8 | 193 | return tomoyo_write_control(file->private_data, buf, count); |
c3ef1500 TH |
194 | } |
195 | ||
196 | /* | |
197 | * tomoyo_operations is a "struct file_operations" which is used for handling | |
198 | * /sys/kernel/security/tomoyo/ interface. | |
199 | * | |
200 | * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR). | |
201 | * See tomoyo_io_buffer for internals. | |
202 | */ | |
203 | static const struct file_operations tomoyo_operations = { | |
204 | .open = tomoyo_open, | |
205 | .release = tomoyo_release, | |
0849e3ba | 206 | .poll = tomoyo_poll, |
c3ef1500 TH |
207 | .read = tomoyo_read, |
208 | .write = tomoyo_write, | |
7e2deb7c | 209 | .llseek = noop_llseek, |
c3ef1500 TH |
210 | }; |
211 | ||
212 | /** | |
213 | * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory. | |
214 | * | |
215 | * @name: The name of the interface file. | |
216 | * @mode: The permission of the interface file. | |
217 | * @parent: The parent directory. | |
218 | * @key: Type of interface. | |
219 | * | |
220 | * Returns nothing. | |
221 | */ | |
52ef0c04 | 222 | static void __init tomoyo_create_entry(const char *name, const umode_t mode, |
c3ef1500 TH |
223 | struct dentry *parent, const u8 key) |
224 | { | |
225 | securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, | |
226 | &tomoyo_operations); | |
227 | } | |
228 | ||
229 | /** | |
230 | * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface. | |
231 | * | |
232 | * Returns 0. | |
233 | */ | |
234 | static int __init tomoyo_initerface_init(void) | |
235 | { | |
236 | struct dentry *tomoyo_dir; | |
237 | ||
238 | /* Don't create securityfs entries unless registered. */ | |
239 | if (current_cred()->security != &tomoyo_kernel_domain) | |
240 | return 0; | |
241 | ||
242 | tomoyo_dir = securityfs_create_dir("tomoyo", NULL); | |
243 | tomoyo_create_entry("query", 0600, tomoyo_dir, | |
244 | TOMOYO_QUERY); | |
245 | tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, | |
246 | TOMOYO_DOMAINPOLICY); | |
247 | tomoyo_create_entry("exception_policy", 0600, tomoyo_dir, | |
248 | TOMOYO_EXCEPTIONPOLICY); | |
eadd99cc TH |
249 | tomoyo_create_entry("audit", 0400, tomoyo_dir, |
250 | TOMOYO_AUDIT); | |
c3ef1500 TH |
251 | tomoyo_create_entry(".process_status", 0600, tomoyo_dir, |
252 | TOMOYO_PROCESS_STATUS); | |
b22b8b9f TH |
253 | tomoyo_create_entry("stat", 0644, tomoyo_dir, |
254 | TOMOYO_STAT); | |
c3ef1500 TH |
255 | tomoyo_create_entry("profile", 0600, tomoyo_dir, |
256 | TOMOYO_PROFILE); | |
257 | tomoyo_create_entry("manager", 0600, tomoyo_dir, | |
258 | TOMOYO_MANAGER); | |
259 | tomoyo_create_entry("version", 0400, tomoyo_dir, | |
260 | TOMOYO_VERSION); | |
731d37aa TH |
261 | securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL, |
262 | &tomoyo_self_operations); | |
778c4a4d | 263 | tomoyo_load_builtin_policy(); |
c3ef1500 TH |
264 | return 0; |
265 | } | |
266 | ||
267 | fs_initcall(tomoyo_initerface_init); |