2 * This file is part of libsmack
4 * Copyright (C) 2010, 2011 Nokia Corporation
5 * Copyright (C) 2011, 2012, 2013 Intel Corporation
6 * Copyright (C) 2012, 2013 Samsung Electronics Co.
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * version 2.1 as published by the Free Software Foundation.
12 * This library is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
23 #include "sys/smack.h"
30 #include <sys/socket.h>
32 #include <sys/types.h>
34 #include <sys/xattr.h>
36 #define SELF_LABEL_FILE "/proc/self/attr/current"
38 #define SHORT_LABEL_LEN 23
40 #define LOAD_LEN (2 * (SMACK_LABEL_LEN + 1) + 2 * ACC_LEN + 1)
41 #define KERNEL_LONG_FORMAT "%s %s %s"
42 #define KERNEL_SHORT_FORMAT "%-23s %-23s %5.5s"
43 #define KERNEL_MODIFY_FORMAT "%s %s %s %s"
48 #define CAT_MAX_COUNT 240
49 #define CAT_MAX_VALUE 63
50 #define CIPSO_POS(i) (SMACK_LABEL_LEN + 1 + NUM_LEN + NUM_LEN + i * NUM_LEN)
51 #define CIPSO_MAX_SIZE CIPSO_POS(CAT_MAX_COUNT)
52 #define CIPSO_NUM_LEN_STR "%-4d"
54 #define ACCESS_TYPE_R 0x01
55 #define ACCESS_TYPE_W 0x02
56 #define ACCESS_TYPE_X 0x04
57 #define ACCESS_TYPE_A 0x08
58 #define ACCESS_TYPE_T 0x10
59 #define ACCESS_TYPE_L 0x20
61 #define ACCESS_TYPE_ALL ((1 << ACC_LEN) - 1)
63 #define DICT_HASH_SIZE 4096
65 extern char *smackfs_mnt;
66 extern int smackfs_mnt_dirfd;
68 extern int init_smackfs_mnt(void);
75 uint16_t allow_deny_code;
79 union smack_perm perm;
81 struct smack_rule *next_rule;
88 struct smack_rule *first_rule;
89 struct smack_rule *last_rule;
90 struct smack_label *next_label;
93 struct smack_hash_entry {
94 struct smack_label *first;
95 struct smack_label *last;
98 struct smack_accesses {
103 struct smack_label **labels;
104 struct smack_hash_entry *label_hash;
105 union smack_perm *merge_perms;
106 int *merge_object_ids;
109 struct cipso_mapping {
110 char label[SMACK_LABEL_LEN + 1];
111 int cats[CAT_MAX_VALUE];
114 struct cipso_mapping *next;
119 struct cipso_mapping *first;
120 struct cipso_mapping *last;
123 struct smack_file_buffer {
130 static int open_smackfs_file(const char *long_name, const char *short_name,
132 static int accesses_apply(struct smack_accesses *handle, int clear);
133 static int accesses_print(struct smack_accesses *handle,
134 int clear, int use_long, int multiline,
135 struct smack_file_buffer *load_buffer,
136 struct smack_file_buffer *change_buffer);
137 static inline ssize_t get_label(char *dest, const char *src, unsigned int *hash);
138 static inline int str_to_access_code(const char *str);
139 static inline void access_code_to_str(unsigned code, char *str);
140 static struct smack_label *label_add(struct smack_accesses *handle, const char *src);
142 int smack_accesses_new(struct smack_accesses **accesses)
144 struct smack_accesses *result;
146 result = calloc(1, sizeof(struct smack_accesses));
150 result->labels_alloc = 128;
151 result->labels = malloc(result->labels_alloc * sizeof(struct smack_label *));
152 if (result->labels == NULL)
154 result->merge_perms = malloc(result->labels_alloc * sizeof(union smack_perm));
155 if (result->merge_perms == NULL)
157 result->merge_object_ids = malloc(result->labels_alloc * sizeof(int));
158 if (result->merge_object_ids == NULL)
161 result->label_hash = calloc(DICT_HASH_SIZE, sizeof(struct smack_hash_entry));
162 if (result->label_hash == NULL)
165 result->page_size = sysconf(_SC_PAGESIZE);
170 free(result->merge_object_ids);
171 free(result->merge_perms);
172 free(result->labels);
177 void smack_accesses_free(struct smack_accesses *handle)
179 struct smack_rule *rule;
180 struct smack_rule *next_rule;
186 for (i = 0; i < handle->labels_cnt; ++i) {
187 rule = handle->labels[i]->first_rule;
188 while (rule != NULL) {
189 next_rule = rule->next_rule;
193 free(handle->labels[i]->label);
194 free(handle->labels[i]);
197 free(handle->label_hash);
198 free(handle->merge_object_ids);
199 free(handle->merge_perms);
200 free(handle->labels);
204 int smack_accesses_save(struct smack_accesses *handle, int fd)
206 struct smack_file_buffer buffer;
210 buffer.buf = malloc(handle->page_size + LOAD_LEN);
211 if (buffer.buf == NULL)
214 ret = accesses_print(handle, 0, 1, 1, &buffer, &buffer);
219 int smack_accesses_apply(struct smack_accesses *handle)
221 return accesses_apply(handle, 0);
224 int smack_accesses_clear(struct smack_accesses *handle)
226 return accesses_apply(handle, 1);
229 static int accesses_add(struct smack_accesses *handle, const char *subject,
230 const char *object, const char *allow_access_type,
231 const char *deny_access_type)
233 struct smack_rule *rule;
234 struct smack_label *subject_label;
235 struct smack_label *object_label;
237 rule = calloc(sizeof(struct smack_rule), 1);
241 subject_label = label_add(handle, subject);
242 if (subject_label == NULL)
244 object_label = label_add(handle, object);
245 if (object_label == NULL)
248 if (subject_label->len > SHORT_LABEL_LEN ||
249 object_label->len > SHORT_LABEL_LEN)
250 handle->has_long = 1;
252 rule->object_id = object_label->id;
254 rule->perm.allow_code = str_to_access_code(allow_access_type);
255 if (rule->perm.allow_code == -1)
258 if (deny_access_type != NULL) {
259 rule->perm.deny_code = str_to_access_code(deny_access_type);
260 if (rule->perm.deny_code == -1)
263 rule->perm.deny_code = ACCESS_TYPE_ALL & ~rule->perm.allow_code;
265 if (subject_label->first_rule == NULL) {
266 subject_label->first_rule = subject_label->last_rule = rule;
268 subject_label->last_rule->next_rule = rule;
269 subject_label->last_rule = rule;
278 int smack_accesses_add(struct smack_accesses *handle, const char *subject,
279 const char *object, const char *access_type)
281 return accesses_add(handle, subject, object, access_type, NULL);
284 int smack_accesses_add_modify(struct smack_accesses *handle,
287 const char *allow_access_type,
288 const char *deny_access_type)
290 return accesses_add(handle, subject, object,
291 allow_access_type, deny_access_type);
294 int smack_accesses_add_from_file(struct smack_accesses *accesses, int fd)
297 char buf[LOAD_LEN + 1];
299 const char *subject, *object, *access, *access2;
307 file = fdopen(newfd, "r");
313 while (fgets(buf, LOAD_LEN + 1, file) != NULL) {
314 if (strcmp(buf, "\n") == 0)
316 subject = strtok_r(buf, " \t\n", &ptr);
317 object = strtok_r(NULL, " \t\n", &ptr);
318 access = strtok_r(NULL, " \t\n", &ptr);
319 access2 = strtok_r(NULL, " \t\n", &ptr);
321 if (subject == NULL || object == NULL || access == NULL ||
322 strtok_r(NULL, " \t\n", &ptr) != NULL) {
328 ret = smack_accesses_add(accesses, subject, object, access);
330 ret = smack_accesses_add_modify(accesses, subject, object, access, access2);
347 int smack_have_access(const char *subject, const char *object,
348 const char *access_type)
350 char buf[LOAD_LEN + 1];
351 char str[ACC_LEN + 1];
359 if (init_smackfs_mnt())
362 slen = get_label(NULL, subject, NULL);
363 olen = get_label(NULL, object, NULL);
365 if (slen < 0 || olen < 0)
368 fd = open_smackfs_file("access2", "access", &use_long);
372 if (!use_long && (slen > SHORT_LABEL_LEN || olen > SHORT_LABEL_LEN)) {
377 if ((code = str_to_access_code(access_type)) < 0)
379 access_code_to_str(code, str);
382 ret = snprintf(buf, LOAD_LEN + 1, KERNEL_LONG_FORMAT,
383 subject, object, str);
385 ret = snprintf(buf, LOAD_LEN + 1, KERNEL_SHORT_FORMAT,
386 subject, object, str);
393 ret = write(fd, buf, strlen(buf));
399 ret = read(fd, buf, 1);
404 return buf[0] == '1';
407 int smack_cipso_new(struct smack_cipso **cipso)
409 struct smack_cipso *result;
411 result = calloc(sizeof(struct smack_cipso), 1);
419 void smack_cipso_free(struct smack_cipso *cipso)
424 struct cipso_mapping *mapping = cipso->first;
425 struct cipso_mapping *next_mapping = NULL;
427 while (mapping != NULL) {
428 next_mapping = mapping->next;
430 mapping = next_mapping;
436 int smack_cipso_apply(struct smack_cipso *cipso)
438 struct cipso_mapping *m = NULL;
439 char buf[CIPSO_MAX_SIZE];
445 if (init_smackfs_mnt())
448 fd = open_smackfs_file("cipso2", "cipso", &use_long);
452 if (!use_long && cipso->has_long)
455 memset(buf,0,CIPSO_MAX_SIZE);
456 for (m = cipso->first; m != NULL; m = m->next) {
457 snprintf(buf, SMACK_LABEL_LEN + 1, use_long ? "%s" : "%-23s",
459 offset = strlen(buf) + 1;
461 sprintf(&buf[offset], CIPSO_NUM_LEN_STR, m->level);
464 sprintf(&buf[offset], CIPSO_NUM_LEN_STR, m->ncats);
467 for (i = 0; i < m->ncats; i++){
468 sprintf(&buf[offset], CIPSO_NUM_LEN_STR, m->cats[i]);
472 if (write(fd, buf, offset) < 0) {
482 int smack_cipso_add_from_file(struct smack_cipso *cipso, int fd)
484 struct cipso_mapping *mapping = NULL;
487 char *label, *level, *cat, *ptr;
496 file = fdopen(newfd, "r");
502 while (fgets(buf, BUF_SIZE, file) != NULL) {
503 mapping = calloc(sizeof(struct cipso_mapping), 1);
507 label = strtok_r(buf, " \t\n", &ptr);
508 level = strtok_r(NULL, " \t\n", &ptr);
509 cat = strtok_r(NULL, " \t\n", &ptr);
514 val = get_label(mapping->label, label, NULL);
517 if (val > SHORT_LABEL_LEN)
521 val = strtol(level, NULL, 10);
525 if (val < 0 || val > LEVEL_MAX)
528 mapping->level = val;
530 for (i = 0; i < CAT_MAX_COUNT && cat != NULL; i++) {
532 val = strtol(cat, NULL, 10);
536 if (val < 0 || val > CAT_MAX_VALUE)
539 mapping->cats[i] = val;
541 cat = strtok_r(NULL, " \t\n", &ptr);
546 if (cipso->first == NULL) {
547 cipso->first = cipso->last = mapping;
549 cipso->last->next = mapping;
550 cipso->last = mapping;
565 const char *smack_smackfs_path(void)
571 ssize_t smack_new_label_from_self(char **label)
577 result = calloc(SMACK_LABEL_LEN + 1, 1);
581 fd = open(SELF_LABEL_FILE, O_RDONLY);
587 ret = read(fd, result, SMACK_LABEL_LEN);
598 ssize_t smack_new_label_from_socket(int fd, char **label)
602 socklen_t length = 1;
605 ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, &dummy, &length);
606 if (ret < 0 && errno != ERANGE)
609 result = calloc(length + 1, 1);
613 ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, result, &length);
623 ssize_t smack_new_label_from_path(const char *path, const char *xattr,
624 int follow, char **label)
626 char buf[SMACK_LABEL_LEN + 1];
631 getxattr(path, xattr, buf, SMACK_LABEL_LEN + 1) :
632 lgetxattr(path, xattr, buf, SMACK_LABEL_LEN + 1);
636 result = calloc(ret + 1, 1);
640 ret = get_label(result, buf, NULL);
650 int smack_set_label_for_self(const char *label)
656 len = get_label(NULL, label, NULL);
660 fd = open(SELF_LABEL_FILE, O_WRONLY);
664 ret = write(fd, label, len);
667 return (ret < 0) ? -1 : 0;
670 int smack_revoke_subject(const char *subject)
676 if (init_smackfs_mnt())
679 len = get_label(NULL, subject, NULL);
683 fd = openat(smackfs_mnt_dirfd, "revoke-subject", O_WRONLY);
687 ret = write(fd, subject, len);
690 return (ret < 0) ? -1 : 0;
693 static int open_smackfs_file(const char *long_name, const char *short_name,
698 fd = openat(smackfs_mnt_dirfd, long_name, O_WRONLY);
703 fd = openat(smackfs_mnt_dirfd, short_name, O_WRONLY);
715 static inline int check_multiline(int change_fd)
717 /* This string will be written to kernel Smack "change-rule" interface
718 * to check if it can handle multiple rules in one write.
719 * It consists of two rules, separated by '\n': first that does nothing
720 * and second that has invalid format. If kernel parses only the first
721 * line (pre-3.12 behavior), it won't see the invalid rule and succeed.
722 * If it parses both lines, an error will be returned.
724 static const char test_str[] = "^ ^ - -\n-";
727 ret = write(change_fd, test_str, sizeof(test_str) - 1);
728 if (ret == -1 && errno == EINVAL)
733 static int accesses_apply(struct smack_accesses *handle, int clear)
738 struct smack_file_buffer load_buffer = {.fd = -1, .buf = NULL};
739 struct smack_file_buffer change_buffer = {.fd = -1, .buf = NULL};
741 if (init_smackfs_mnt())
744 load_buffer.fd = open_smackfs_file("load2", "load", &use_long);
745 if (load_buffer.fd < 0)
747 load_buffer.buf = malloc(handle->page_size + LOAD_LEN);
748 if (load_buffer.buf == NULL)
751 change_buffer.fd = openat(smackfs_mnt_dirfd, "change-rule", O_WRONLY);
752 if (change_buffer.fd >= 0) {
753 change_buffer.buf = malloc(handle->page_size + LOAD_LEN);
754 if (change_buffer.buf == NULL)
757 multiline = check_multiline(change_buffer.fd);
759 /* Try to continue if "change-rule" doesn't exist, we might
765 ret = accesses_print(handle, clear, use_long, multiline,
766 &load_buffer, &change_buffer);
772 if (load_buffer.fd >= 0)
773 close(load_buffer.fd);
774 if (change_buffer.fd >= 0)
775 close(change_buffer.fd);
776 free(load_buffer.buf);
777 free(change_buffer.buf);
781 static int buffer_flush(struct smack_file_buffer *buf)
786 /* Write buffered bytes to kernel, up to flush_pos */
787 for (pos = 0; pos < buf->flush_pos; ) {
788 ret = write(buf->fd, buf->buf + pos, buf->flush_pos - pos);
796 /* Move remaining, not flushed bytes to the buffer start */
797 memcpy(buf->buf, buf->buf + pos, buf->pos - pos);
804 static inline void rule_print_long(char *buf, int *pos,
805 struct smack_label *subject_label, struct smack_label *object_label,
806 const char *allow_str, const char *deny_str)
808 memcpy(buf + *pos, subject_label->label, subject_label->len);
809 *pos += subject_label->len;
811 memcpy(buf + *pos, object_label->label, object_label->len);
812 *pos += object_label->len;
814 memcpy(buf + *pos, allow_str, ACC_LEN);
816 if (deny_str != NULL) {
818 memcpy(buf + *pos, deny_str, ACC_LEN);
823 static int accesses_print(struct smack_accesses *handle, int clear,
824 int use_long, int multiline,
825 struct smack_file_buffer *load_buffer,
826 struct smack_file_buffer *change_buffer)
828 struct smack_file_buffer *buffer;
829 char allow_str[ACC_LEN + 1];
830 char deny_str[ACC_LEN + 1];
831 struct smack_label *subject_label;
832 struct smack_label *object_label;
833 struct smack_rule *rule;
834 union smack_perm *perm;
839 if (!use_long && handle->has_long)
842 load_buffer->pos = 0;
843 change_buffer->pos = 0;
844 bzero(handle->merge_perms, handle->labels_cnt * sizeof(union smack_perm));
845 for (x = 0; x < handle->labels_cnt; ++x) {
846 subject_label = handle->labels[x];
848 for (rule = subject_label->first_rule; rule != NULL; rule = rule->next_rule) {
849 perm = &(handle->merge_perms[rule->object_id]);
850 if (perm->allow_deny_code == 0)
851 handle->merge_object_ids[merge_cnt++] = rule->object_id;
854 perm->allow_code = 0;
855 perm->deny_code = ACCESS_TYPE_ALL;
857 perm->allow_code |= rule->perm.allow_code;
858 perm->allow_code &= ~rule->perm.deny_code;
859 perm->deny_code &= ~rule->perm.allow_code;
860 perm->deny_code |= rule->perm.deny_code;
864 for (y = 0; y < merge_cnt; ++y) {
865 object_label = handle->labels[handle->merge_object_ids[y]];
866 perm = &(handle->merge_perms[object_label->id]);
867 access_code_to_str(perm->allow_code, allow_str);
869 if ((perm->allow_code | perm->deny_code) != ACCESS_TYPE_ALL) {
870 /* Fail immediately without doing any further processing
871 if modify rules are not supported. */
872 if (change_buffer->fd < 0)
875 buffer = change_buffer;
876 buffer->flush_pos = buffer->pos;
877 access_code_to_str(perm->deny_code, deny_str);
878 rule_print_long(buffer->buf, &(buffer->pos),
879 subject_label, object_label, allow_str, deny_str);
881 buffer = load_buffer;
882 buffer->flush_pos = buffer->pos;
884 rule_print_long(buffer->buf, &(buffer->pos),
885 subject_label, object_label, allow_str, NULL);
887 buffer->pos += sprintf(buffer->buf + buffer->pos,
889 subject_label->label, object_label->label,
892 perm->allow_deny_code = 0;
895 buffer->buf[buffer->pos++] = '\n';
896 if (buffer->pos >= handle->page_size)
897 if (buffer_flush(buffer))
900 /* When no multi-line is supported, just flush
901 * the rule that was just generated */
902 buffer->flush_pos = buffer->pos;
903 if (buffer_flush(buffer))
909 if (load_buffer->pos > 0) {
910 load_buffer->flush_pos = load_buffer->pos;
911 if (buffer_flush(load_buffer))
914 if (change_buffer->pos > 0) {
915 change_buffer->flush_pos = change_buffer->pos;
916 if (buffer_flush(change_buffer))
923 static inline ssize_t get_label(char *dest, const char *src, unsigned int *hash)
926 unsigned int h = 5381;/*DJB2 hashing function magic number*/;
928 if (!src || src[0] == '\0' || src[0] == '-')
931 for (i = 0; i < (SMACK_LABEL_LEN + 1) && src[i]; i++) {
932 if (src[i] <= ' ' || src[i] > '~')
947 /* This efficient hash function,
948 * created by Daniel J. Bernstein,
949 * is known as DJB2 algorithm */
950 h = (h << 5) + h + src[i];
953 if (dest && i < (SMACK_LABEL_LEN + 1))
956 *hash = h % DICT_HASH_SIZE;
958 return i < (SMACK_LABEL_LEN + 1) ? i : -1;
962 static inline int str_to_access_code(const char *str)
965 unsigned int code = 0;
967 for (i = 0; str[i] != '\0'; i++) {
971 code |= ACCESS_TYPE_R;
975 code |= ACCESS_TYPE_W;
979 code |= ACCESS_TYPE_X;
983 code |= ACCESS_TYPE_A;
987 code |= ACCESS_TYPE_T;
991 code |= ACCESS_TYPE_L;
1003 static inline void access_code_to_str(unsigned int code, char *str)
1005 str[0] = ((code & ACCESS_TYPE_R) != 0) ? 'r' : '-';
1006 str[1] = ((code & ACCESS_TYPE_W) != 0) ? 'w' : '-';
1007 str[2] = ((code & ACCESS_TYPE_X) != 0) ? 'x' : '-';
1008 str[3] = ((code & ACCESS_TYPE_A) != 0) ? 'a' : '-';
1009 str[4] = ((code & ACCESS_TYPE_T) != 0) ? 't' : '-';
1010 str[5] = ((code & ACCESS_TYPE_L) != 0) ? 'l' : '-';
1014 static inline struct smack_label *
1015 is_label_known(struct smack_accesses *handle, const char *label, int hash)
1017 struct smack_label *lab = handle->label_hash[hash].first;
1018 while (lab != NULL && strcmp(label, lab->label) != 0)
1019 lab = lab->next_label;
1023 static inline int accesses_resize(struct smack_accesses *handle)
1025 struct smack_label **labels;
1026 union smack_perm *merge_perms;
1027 int *merge_object_ids;
1028 int alloc = handle->labels_alloc << 1;
1030 labels = realloc(handle->labels, alloc * sizeof(struct smack_label *));
1033 handle->labels = labels;
1035 merge_perms = realloc(handle->merge_perms, alloc * sizeof(union smack_perm));
1036 if (merge_perms == NULL)
1038 handle->merge_perms = merge_perms;
1040 merge_object_ids = realloc(handle->merge_object_ids, alloc * sizeof(int));
1041 if (merge_object_ids == NULL)
1043 handle->merge_object_ids = merge_object_ids;
1045 handle->labels_alloc = alloc;
1049 static struct smack_label *label_add(struct smack_accesses *handle, const char *label)
1051 struct smack_hash_entry *hash_entry;
1052 unsigned int hash_value = 0;
1053 struct smack_label *new_label;
1056 len = get_label(NULL, label, &hash_value);
1060 new_label = is_label_known(handle, label, hash_value);
1061 if (new_label == NULL) {/*no entry added yet*/
1062 if (handle->labels_cnt == handle->labels_alloc)
1063 if (accesses_resize(handle))
1066 new_label = malloc(sizeof(struct smack_label));
1067 if (new_label == NULL)
1069 new_label->label = malloc(len + 1);
1070 if (new_label->label == NULL)
1073 memcpy(new_label->label, label, len + 1);
1074 new_label->id = handle->labels_cnt;
1075 new_label->len = len;
1076 new_label->first_rule = NULL;
1077 new_label->last_rule = NULL;
1078 new_label->next_label = NULL;
1079 hash_entry = &(handle->label_hash[hash_value]);
1080 if (hash_entry->first == NULL) {
1081 hash_entry->first = new_label;
1082 hash_entry->last = new_label;
1084 hash_entry->last->next_label = new_label;
1085 hash_entry->last = new_label;
1087 handle->labels[handle->labels_cnt++] = new_label;
projects / framework / security / smack.git / blob