4 * Copyright (C) 2005-2011 NTT DATA CORPORATION
8 #include <linux/kthread.h>
9 #include <linux/slab.h>
11 /* The list for "struct tomoyo_io_buffer". */
12 static LIST_HEAD(tomoyo_io_buffer_list
);
13 /* Lock for protecting tomoyo_io_buffer_list. */
14 static DEFINE_SPINLOCK(tomoyo_io_buffer_list_lock
);
17 * tomoyo_struct_used_by_io_buffer - Check whether the list element is used by /sys/kernel/security/tomoyo/ users or not.
19 * @element: Pointer to "struct list_head".
21 * Returns true if @element is used by /sys/kernel/security/tomoyo/ users,
24 static bool tomoyo_struct_used_by_io_buffer(const struct list_head
*element
)
26 struct tomoyo_io_buffer
*head
;
29 spin_lock(&tomoyo_io_buffer_list_lock
);
30 list_for_each_entry(head
, &tomoyo_io_buffer_list
, list
) {
32 spin_unlock(&tomoyo_io_buffer_list_lock
);
33 mutex_lock(&head
->io_sem
);
34 if (head
->r
.domain
== element
|| head
->r
.group
== element
||
35 head
->r
.acl
== element
|| &head
->w
.domain
->list
== element
)
37 mutex_unlock(&head
->io_sem
);
38 spin_lock(&tomoyo_io_buffer_list_lock
);
43 spin_unlock(&tomoyo_io_buffer_list_lock
);
48 * tomoyo_name_used_by_io_buffer - Check whether the string is used by /sys/kernel/security/tomoyo/ users or not.
50 * @string: String to check.
52 * Returns true if @string is used by /sys/kernel/security/tomoyo/ users,
55 static bool tomoyo_name_used_by_io_buffer(const char *string
)
57 struct tomoyo_io_buffer
*head
;
58 const size_t size
= strlen(string
) + 1;
61 spin_lock(&tomoyo_io_buffer_list_lock
);
62 list_for_each_entry(head
, &tomoyo_io_buffer_list
, list
) {
65 spin_unlock(&tomoyo_io_buffer_list_lock
);
66 mutex_lock(&head
->io_sem
);
67 for (i
= 0; i
< TOMOYO_MAX_IO_READ_QUEUE
; i
++) {
68 const char *w
= head
->r
.w
[i
];
69 if (w
< string
|| w
> string
+ size
)
74 mutex_unlock(&head
->io_sem
);
75 spin_lock(&tomoyo_io_buffer_list_lock
);
80 spin_unlock(&tomoyo_io_buffer_list_lock
);
85 * tomoyo_del_transition_control - Delete members in "struct tomoyo_transition_control".
87 * @element: Pointer to "struct list_head".
91 static inline void tomoyo_del_transition_control(struct list_head
*element
)
93 struct tomoyo_transition_control
*ptr
=
94 container_of(element
, typeof(*ptr
), head
.list
);
95 tomoyo_put_name(ptr
->domainname
);
96 tomoyo_put_name(ptr
->program
);
100 * tomoyo_del_aggregator - Delete members in "struct tomoyo_aggregator".
102 * @element: Pointer to "struct list_head".
106 static inline void tomoyo_del_aggregator(struct list_head
*element
)
108 struct tomoyo_aggregator
*ptr
=
109 container_of(element
, typeof(*ptr
), head
.list
);
110 tomoyo_put_name(ptr
->original_name
);
111 tomoyo_put_name(ptr
->aggregated_name
);
115 * tomoyo_del_manager - Delete members in "struct tomoyo_manager".
117 * @element: Pointer to "struct list_head".
121 static inline void tomoyo_del_manager(struct list_head
*element
)
123 struct tomoyo_manager
*ptr
=
124 container_of(element
, typeof(*ptr
), head
.list
);
125 tomoyo_put_name(ptr
->manager
);
129 * tomoyo_del_acl - Delete members in "struct tomoyo_acl_info".
131 * @element: Pointer to "struct list_head".
135 static void tomoyo_del_acl(struct list_head
*element
)
137 struct tomoyo_acl_info
*acl
=
138 container_of(element
, typeof(*acl
), list
);
139 tomoyo_put_condition(acl
->cond
);
141 case TOMOYO_TYPE_PATH_ACL
:
143 struct tomoyo_path_acl
*entry
144 = container_of(acl
, typeof(*entry
), head
);
145 tomoyo_put_name_union(&entry
->name
);
148 case TOMOYO_TYPE_PATH2_ACL
:
150 struct tomoyo_path2_acl
*entry
151 = container_of(acl
, typeof(*entry
), head
);
152 tomoyo_put_name_union(&entry
->name1
);
153 tomoyo_put_name_union(&entry
->name2
);
156 case TOMOYO_TYPE_PATH_NUMBER_ACL
:
158 struct tomoyo_path_number_acl
*entry
159 = container_of(acl
, typeof(*entry
), head
);
160 tomoyo_put_name_union(&entry
->name
);
161 tomoyo_put_number_union(&entry
->number
);
164 case TOMOYO_TYPE_MKDEV_ACL
:
166 struct tomoyo_mkdev_acl
*entry
167 = container_of(acl
, typeof(*entry
), head
);
168 tomoyo_put_name_union(&entry
->name
);
169 tomoyo_put_number_union(&entry
->mode
);
170 tomoyo_put_number_union(&entry
->major
);
171 tomoyo_put_number_union(&entry
->minor
);
174 case TOMOYO_TYPE_MOUNT_ACL
:
176 struct tomoyo_mount_acl
*entry
177 = container_of(acl
, typeof(*entry
), head
);
178 tomoyo_put_name_union(&entry
->dev_name
);
179 tomoyo_put_name_union(&entry
->dir_name
);
180 tomoyo_put_name_union(&entry
->fs_type
);
181 tomoyo_put_number_union(&entry
->flags
);
184 case TOMOYO_TYPE_ENV_ACL
:
186 struct tomoyo_env_acl
*entry
=
187 container_of(acl
, typeof(*entry
), head
);
189 tomoyo_put_name(entry
->env
);
192 case TOMOYO_TYPE_INET_ACL
:
194 struct tomoyo_inet_acl
*entry
=
195 container_of(acl
, typeof(*entry
), head
);
197 tomoyo_put_group(entry
->address
.group
);
198 tomoyo_put_number_union(&entry
->port
);
201 case TOMOYO_TYPE_UNIX_ACL
:
203 struct tomoyo_unix_acl
*entry
=
204 container_of(acl
, typeof(*entry
), head
);
206 tomoyo_put_name_union(&entry
->name
);
213 * tomoyo_del_domain - Delete members in "struct tomoyo_domain_info".
215 * @element: Pointer to "struct list_head".
219 static inline void tomoyo_del_domain(struct list_head
*element
)
221 struct tomoyo_domain_info
*domain
=
222 container_of(element
, typeof(*domain
), list
);
223 struct tomoyo_acl_info
*acl
;
224 struct tomoyo_acl_info
*tmp
;
226 * Since this domain is referenced from neither
227 * "struct tomoyo_io_buffer" nor "struct cred"->security, we can delete
228 * elements without checking for is_deleted flag.
230 list_for_each_entry_safe(acl
, tmp
, &domain
->acl_info_list
, list
) {
231 tomoyo_del_acl(&acl
->list
);
232 tomoyo_memory_free(acl
);
234 tomoyo_put_name(domain
->domainname
);
238 * tomoyo_del_condition - Delete members in "struct tomoyo_condition".
240 * @element: Pointer to "struct list_head".
244 void tomoyo_del_condition(struct list_head
*element
)
246 struct tomoyo_condition
*cond
= container_of(element
, typeof(*cond
),
248 const u16 condc
= cond
->condc
;
249 const u16 numbers_count
= cond
->numbers_count
;
250 const u16 names_count
= cond
->names_count
;
251 const u16 argc
= cond
->argc
;
252 const u16 envc
= cond
->envc
;
254 const struct tomoyo_condition_element
*condp
255 = (const struct tomoyo_condition_element
*) (cond
+ 1);
256 struct tomoyo_number_union
*numbers_p
257 = (struct tomoyo_number_union
*) (condp
+ condc
);
258 struct tomoyo_name_union
*names_p
259 = (struct tomoyo_name_union
*) (numbers_p
+ numbers_count
);
260 const struct tomoyo_argv
*argv
261 = (const struct tomoyo_argv
*) (names_p
+ names_count
);
262 const struct tomoyo_envp
*envp
263 = (const struct tomoyo_envp
*) (argv
+ argc
);
264 for (i
= 0; i
< numbers_count
; i
++)
265 tomoyo_put_number_union(numbers_p
++);
266 for (i
= 0; i
< names_count
; i
++)
267 tomoyo_put_name_union(names_p
++);
268 for (i
= 0; i
< argc
; argv
++, i
++)
269 tomoyo_put_name(argv
->value
);
270 for (i
= 0; i
< envc
; envp
++, i
++) {
271 tomoyo_put_name(envp
->name
);
272 tomoyo_put_name(envp
->value
);
277 * tomoyo_del_name - Delete members in "struct tomoyo_name".
279 * @element: Pointer to "struct list_head".
283 static inline void tomoyo_del_name(struct list_head
*element
)
289 * tomoyo_del_path_group - Delete members in "struct tomoyo_path_group".
291 * @element: Pointer to "struct list_head".
295 static inline void tomoyo_del_path_group(struct list_head
*element
)
297 struct tomoyo_path_group
*member
=
298 container_of(element
, typeof(*member
), head
.list
);
299 tomoyo_put_name(member
->member_name
);
303 * tomoyo_del_group - Delete "struct tomoyo_group".
305 * @element: Pointer to "struct list_head".
309 static inline void tomoyo_del_group(struct list_head
*element
)
311 struct tomoyo_group
*group
=
312 container_of(element
, typeof(*group
), head
.list
);
313 tomoyo_put_name(group
->group_name
);
317 * tomoyo_del_address_group - Delete members in "struct tomoyo_address_group".
319 * @element: Pointer to "struct list_head".
323 static inline void tomoyo_del_address_group(struct list_head
*element
)
329 * tomoyo_del_number_group - Delete members in "struct tomoyo_number_group".
331 * @element: Pointer to "struct list_head".
335 static inline void tomoyo_del_number_group(struct list_head
*element
)
341 * tomoyo_try_to_gc - Try to kfree() an entry.
343 * @type: One of values in "enum tomoyo_policy_id".
344 * @element: Pointer to "struct list_head".
348 * Caller holds tomoyo_policy_lock mutex.
350 static void tomoyo_try_to_gc(const enum tomoyo_policy_id type
,
351 struct list_head
*element
)
354 * __list_del_entry() guarantees that the list element became no longer
355 * reachable from the list which the element was originally on (e.g.
356 * tomoyo_domain_list). Also, synchronize_srcu() guarantees that the
357 * list element became no longer referenced by syscall users.
359 __list_del_entry(element
);
360 mutex_unlock(&tomoyo_policy_lock
);
361 synchronize_srcu(&tomoyo_ss
);
363 * However, there are two users which may still be using the list
364 * element. We need to defer until both users forget this element.
366 * Don't kfree() until "struct tomoyo_io_buffer"->r.{domain,group,acl}
367 * and "struct tomoyo_io_buffer"->w.domain forget this element.
369 if (tomoyo_struct_used_by_io_buffer(element
))
372 case TOMOYO_ID_TRANSITION_CONTROL
:
373 tomoyo_del_transition_control(element
);
375 case TOMOYO_ID_MANAGER
:
376 tomoyo_del_manager(element
);
378 case TOMOYO_ID_AGGREGATOR
:
379 tomoyo_del_aggregator(element
);
381 case TOMOYO_ID_GROUP
:
382 tomoyo_del_group(element
);
384 case TOMOYO_ID_PATH_GROUP
:
385 tomoyo_del_path_group(element
);
387 case TOMOYO_ID_ADDRESS_GROUP
:
388 tomoyo_del_address_group(element
);
390 case TOMOYO_ID_NUMBER_GROUP
:
391 tomoyo_del_number_group(element
);
393 case TOMOYO_ID_CONDITION
:
394 tomoyo_del_condition(element
);
398 * Don't kfree() until all "struct tomoyo_io_buffer"->r.w[]
399 * forget this element.
401 if (tomoyo_name_used_by_io_buffer
402 (container_of(element
, typeof(struct tomoyo_name
),
403 head
.list
)->entry
.name
))
405 tomoyo_del_name(element
);
408 tomoyo_del_acl(element
);
410 case TOMOYO_ID_DOMAIN
:
412 * Don't kfree() until all "struct cred"->security forget this
415 if (atomic_read(&container_of
416 (element
, typeof(struct tomoyo_domain_info
),
419 tomoyo_del_domain(element
);
421 case TOMOYO_MAX_POLICY
:
424 mutex_lock(&tomoyo_policy_lock
);
425 tomoyo_memory_free(element
);
429 * We can safely reinject this element here bacause
430 * (1) Appending list elements and removing list elements are protected
431 * by tomoyo_policy_lock mutex.
432 * (2) Only this function removes list elements and this function is
433 * exclusively executed by tomoyo_gc_mutex mutex.
436 mutex_lock(&tomoyo_policy_lock
);
437 list_add_rcu(element
, element
->prev
);
441 * tomoyo_collect_member - Delete elements with "struct tomoyo_acl_head".
443 * @id: One of values in "enum tomoyo_policy_id".
444 * @member_list: Pointer to "struct list_head".
448 static void tomoyo_collect_member(const enum tomoyo_policy_id id
,
449 struct list_head
*member_list
)
451 struct tomoyo_acl_head
*member
;
452 struct tomoyo_acl_head
*tmp
;
453 list_for_each_entry_safe(member
, tmp
, member_list
, list
) {
454 if (!member
->is_deleted
)
456 member
->is_deleted
= TOMOYO_GC_IN_PROGRESS
;
457 tomoyo_try_to_gc(id
, &member
->list
);
462 * tomoyo_collect_acl - Delete elements in "struct tomoyo_domain_info".
464 * @list: Pointer to "struct list_head".
468 static void tomoyo_collect_acl(struct list_head
*list
)
470 struct tomoyo_acl_info
*acl
;
471 struct tomoyo_acl_info
*tmp
;
472 list_for_each_entry_safe(acl
, tmp
, list
, list
) {
473 if (!acl
->is_deleted
)
475 acl
->is_deleted
= TOMOYO_GC_IN_PROGRESS
;
476 tomoyo_try_to_gc(TOMOYO_ID_ACL
, &acl
->list
);
481 * tomoyo_collect_entry - Try to kfree() deleted elements.
485 static void tomoyo_collect_entry(void)
488 enum tomoyo_policy_id id
;
489 struct tomoyo_policy_namespace
*ns
;
490 mutex_lock(&tomoyo_policy_lock
);
492 struct tomoyo_domain_info
*domain
;
493 struct tomoyo_domain_info
*tmp
;
494 list_for_each_entry_safe(domain
, tmp
, &tomoyo_domain_list
,
496 tomoyo_collect_acl(&domain
->acl_info_list
);
497 if (!domain
->is_deleted
|| atomic_read(&domain
->users
))
499 tomoyo_try_to_gc(TOMOYO_ID_DOMAIN
, &domain
->list
);
502 list_for_each_entry(ns
, &tomoyo_namespace_list
, namespace_list
) {
503 for (id
= 0; id
< TOMOYO_MAX_POLICY
; id
++)
504 tomoyo_collect_member(id
, &ns
->policy_list
[id
]);
505 for (i
= 0; i
< TOMOYO_MAX_ACL_GROUPS
; i
++)
506 tomoyo_collect_acl(&ns
->acl_group
[i
]);
509 struct tomoyo_shared_acl_head
*ptr
;
510 struct tomoyo_shared_acl_head
*tmp
;
511 list_for_each_entry_safe(ptr
, tmp
, &tomoyo_condition_list
,
513 if (atomic_read(&ptr
->users
) > 0)
515 atomic_set(&ptr
->users
, TOMOYO_GC_IN_PROGRESS
);
516 tomoyo_try_to_gc(TOMOYO_ID_CONDITION
, &ptr
->list
);
519 list_for_each_entry(ns
, &tomoyo_namespace_list
, namespace_list
) {
520 for (i
= 0; i
< TOMOYO_MAX_GROUP
; i
++) {
521 struct list_head
*list
= &ns
->group_list
[i
];
522 struct tomoyo_group
*group
;
523 struct tomoyo_group
*tmp
;
526 id
= TOMOYO_ID_PATH_GROUP
;
529 id
= TOMOYO_ID_NUMBER_GROUP
;
532 id
= TOMOYO_ID_ADDRESS_GROUP
;
535 list_for_each_entry_safe(group
, tmp
, list
, head
.list
) {
536 tomoyo_collect_member(id
, &group
->member_list
);
537 if (!list_empty(&group
->member_list
) ||
538 atomic_read(&group
->head
.users
) > 0)
540 atomic_set(&group
->head
.users
,
541 TOMOYO_GC_IN_PROGRESS
);
542 tomoyo_try_to_gc(TOMOYO_ID_GROUP
,
547 for (i
= 0; i
< TOMOYO_MAX_HASH
; i
++) {
548 struct list_head
*list
= &tomoyo_name_list
[i
];
549 struct tomoyo_shared_acl_head
*ptr
;
550 struct tomoyo_shared_acl_head
*tmp
;
551 list_for_each_entry_safe(ptr
, tmp
, list
, list
) {
552 if (atomic_read(&ptr
->users
) > 0)
554 atomic_set(&ptr
->users
, TOMOYO_GC_IN_PROGRESS
);
555 tomoyo_try_to_gc(TOMOYO_ID_NAME
, &ptr
->list
);
558 mutex_unlock(&tomoyo_policy_lock
);
562 * tomoyo_gc_thread - Garbage collector thread function.
568 static int tomoyo_gc_thread(void *unused
)
570 /* Garbage collector thread is exclusive. */
571 static DEFINE_MUTEX(tomoyo_gc_mutex
);
572 if (!mutex_trylock(&tomoyo_gc_mutex
))
574 tomoyo_collect_entry();
576 struct tomoyo_io_buffer
*head
;
577 struct tomoyo_io_buffer
*tmp
;
579 spin_lock(&tomoyo_io_buffer_list_lock
);
580 list_for_each_entry_safe(head
, tmp
, &tomoyo_io_buffer_list
,
584 list_del(&head
->list
);
585 kfree(head
->read_buf
);
586 kfree(head
->write_buf
);
589 spin_unlock(&tomoyo_io_buffer_list_lock
);
591 mutex_unlock(&tomoyo_gc_mutex
);
593 /* This acts as do_exit(0). */
598 * tomoyo_notify_gc - Register/unregister /sys/kernel/security/tomoyo/ users.
600 * @head: Pointer to "struct tomoyo_io_buffer".
601 * @is_register: True if register, false if unregister.
605 void tomoyo_notify_gc(struct tomoyo_io_buffer
*head
, const bool is_register
)
607 bool is_write
= false;
609 spin_lock(&tomoyo_io_buffer_list_lock
);
612 list_add(&head
->list
, &tomoyo_io_buffer_list
);
614 is_write
= head
->write_buf
!= NULL
;
615 if (!--head
->users
) {
616 list_del(&head
->list
);
617 kfree(head
->read_buf
);
618 kfree(head
->write_buf
);
622 spin_unlock(&tomoyo_io_buffer_list_lock
);
624 struct task_struct
*task
= kthread_create(tomoyo_gc_thread
,
628 wake_up_process(task
);