5 * Copyright (C) 2012 BMW Car IT GbmH. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 #include <sys/inotify.h>
30 #include <sys/types.h>
38 #define CONNMAN_API_SUBJECT_TO_CHANGE
39 #include <connman/plugin.h>
40 #include <connman/log.h>
41 #include <connman/session.h>
42 #include <connman/dbus.h>
43 #include <connman/inotify.h>
45 #define POLICYDIR STORAGEDIR "/session_policy_local"
47 #define MODE (S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | \
48 S_IXGRP | S_IROTH | S_IXOTH)
50 static DBusConnection *connection;
52 static GHashTable *file_hash; /* (filename, policy_file) */
53 static GHashTable *session_hash; /* (connman_session, policy_config) */
55 /* Global lookup tables for mapping sessions to policies */
56 static GHashTable *selinux_hash; /* (lsm context, policy_group) */
57 static GHashTable *uid_hash; /* (uid, policy_group) */
58 static GHashTable *gid_hash; /* (gid, policy_group) */
61 * A instance of struct policy_file is created per file in
66 * A valid file is a keyfile with one ore more groups. All
67 * groups are keept in this list.
78 * Each policy_group owns a config and is not shared with
79 * sessions. Instead each session copies the valued from this
82 struct connman_session_config *config;
84 /* All 'users' of this policy. */
88 /* A struct policy_config object is created and owned by a session. */
89 struct policy_config {
94 /* The policy config owned by the session */
95 struct connman_session_config *config;
97 /* To which policy belongs this policy_config */
98 struct connman_session *session;
100 * Points to the policy_group when a config has been applied
103 struct policy_group *group;
106 static void copy_session_config(struct connman_session_config *dst,
107 struct connman_session_config *src)
109 g_slist_free(dst->allowed_bearers);
110 dst->allowed_bearers = g_slist_copy(src->allowed_bearers);
111 dst->ecall = src->ecall;
112 dst->type = src->type;
113 dst->roaming_policy = src->roaming_policy;
114 dst->priority = src->priority;
117 static void set_policy(struct policy_config *policy,
118 struct policy_group *group)
120 DBG("policy %p group %p", policy, group);
122 group->sessions = g_slist_prepend(group->sessions, policy);
123 policy->group = group;
125 copy_session_config(policy->config, group->config);
128 static char *parse_selinux_type(const char *context)
130 char *ident, **tokens;
133 * SELinux combines Role-Based Access Control (RBAC), Type
134 * Enforcment (TE) and optionally Multi-Level Security (MLS).
136 * When SELinux is enabled all processes and files are labeled
137 * with a contex that contains information such as user, role
138 * type (and optionally a level). E.g.
141 * -rwxrwxr-x. wagi wagi unconfined_u:object_r:haifux_exec_t:s0 session_ui.py
143 * For identifyng application we (ab)using the type
144 * information. In the above example the haifux_exec_t type
145 * will be transfered to haifux_t as defined in the domain
146 * transition and thus we are able to identify the application
150 tokens = g_strsplit(context, ":", 0);
151 if (g_strv_length(tokens) < 2) {
156 /* Use the SELinux type as identification token. */
157 ident = g_strdup(tokens[2]);
164 static void cleanup_config(gpointer user_data);
166 static void finish_create(struct policy_config *policy,
167 connman_session_config_func_t cb,
170 struct policy_group *group;
173 group = g_hash_table_lookup(selinux_hash, policy->selinux);
175 set_policy(policy, group);
179 group = g_hash_table_lookup(uid_hash, policy->uid);
181 set_policy(policy, group);
185 for (list = policy->gids; list != NULL; list = list->next) {
186 char *gid = list->data;
188 group = g_hash_table_lookup(gid_hash, gid);
192 set_policy(policy, group);
196 g_hash_table_replace(session_hash, policy->session, policy);
198 (*cb)(policy->session, policy->config, user_data, 0);
201 static void failed_create(struct policy_config *policy,
202 connman_session_config_func_t cb,
203 void *user_data, int err)
205 (*cb)(policy->session, NULL, user_data, err);
207 cleanup_config(policy);
210 static void selinux_context_reply(const unsigned char *context, void *user_data,
213 struct cb_data *cbd = user_data;
214 connman_session_config_func_t cb = cbd->cb;
215 struct policy_config *policy = cbd->data;
218 DBG("session %p", policy->session);
221 failed_create(policy, cb, user_data, err);
225 DBG("SELinux context %s", context);
227 ident = parse_selinux_type((const char*)context);
229 policy->selinux = g_strdup(ident);
231 finish_create(policy, cb, cbd->user_data);
238 static void get_uid_reply(unsigned int uid, void *user_data, int err)
240 struct cb_data *cbd = user_data;
241 connman_session_config_func_t cb = cbd->cb;
242 struct policy_config *policy = cbd->data;
246 gid_t *groups = NULL;
249 DBG("session %p uid %d", policy->session, uid);
252 cleanup_config(policy);
256 pwd = getpwuid((uid_t)uid);
265 policy->uid = g_strdup(pwd->pw_name);
268 getgrouplist(pwd->pw_name, pwd->pw_gid, NULL, &nrgroups);
269 groups = g_try_new0(gid_t, nrgroups);
270 if (groups == NULL) {
275 err = getgrouplist(pwd->pw_name, pwd->pw_gid, groups, &nrgroups);
279 for (i = 0; i < nrgroups; i++) {
280 grp = getgrgid(groups[i]);
289 policy->gids = g_slist_prepend(policy->gids,
290 g_strdup(grp->gr_name));
294 owner = connman_session_get_owner(policy->session);
296 err = connman_dbus_get_selinux_context(connection, owner,
297 selinux_context_reply, cbd);
300 * We are able to ask for a SELinux context. Let's defer the
301 * creation of the session config until we get the answer
307 finish_create(policy, cb, cbd->user_data);
313 failed_create(NULL, cb, user_data, err);
318 static int policy_local_create(struct connman_session *session,
319 connman_session_config_func_t cb,
322 struct cb_data *cbd = cb_data_new(cb, user_data);
323 struct policy_config *policy;
327 DBG("session %p", session);
329 policy = g_new0(struct policy_config, 1);
330 policy->config = connman_session_create_default_config();
331 policy->session = session;
335 owner = connman_session_get_owner(session);
337 err = connman_dbus_get_connection_unix_user(connection, owner,
340 connman_error("Could not get UID");
341 cleanup_config(policy);
349 static void policy_local_destroy(struct connman_session *session)
351 struct policy_data *policy;
353 DBG("session %p", session);
355 policy = g_hash_table_lookup(session_hash, session);
359 g_hash_table_remove(session_hash, session);
362 static struct connman_session_policy session_policy_local = {
363 .name = "session local policy configuration",
364 .priority = CONNMAN_SESSION_POLICY_PRIORITY_DEFAULT,
365 .create = policy_local_create,
366 .destroy = policy_local_destroy,
369 static int load_keyfile(const char *pathname, GKeyFile **keyfile)
371 GError *error = NULL;
374 *keyfile = g_key_file_new();
376 if (g_key_file_load_from_file(*keyfile, pathname, 0, &error) == FALSE)
383 * The fancy G_FILE_ERROR_* codes are identical to the native
388 DBG("Unable to load %s: %s", pathname, error->message);
389 g_clear_error(&error);
391 g_key_file_free(*keyfile);
397 static int load_policy(GKeyFile *keyfile, const char *groupname,
398 struct policy_group *group)
400 struct connman_session_config *config = group->config;
404 group->selinux = g_key_file_get_string(keyfile, groupname,
407 group->gid = g_key_file_get_string(keyfile, groupname,
410 group->uid = g_key_file_get_string(keyfile, groupname,
413 if (group->selinux == NULL && group->gid == NULL && group->uid == NULL)
416 config->priority = g_key_file_get_boolean(keyfile, groupname,
419 str = g_key_file_get_string(keyfile, groupname, "RoamingPolicy",
422 config->roaming_policy = connman_session_parse_roaming_policy(str);
426 str = g_key_file_get_string(keyfile, groupname, "ConnectionType",
429 config->type = connman_session_parse_connection_type(str);
433 config->ecall = g_key_file_get_boolean(keyfile, groupname,
434 "EmergencyCall", NULL);
436 str = g_key_file_get_string(keyfile, groupname, "AllowedBearers",
439 tokens = g_strsplit(str, " ", 0);
441 for (i = 0; tokens[i] != NULL; i++) {
442 err = connman_session_parse_bearers(tokens[i],
443 &config->allowed_bearers);
452 DBG("group %p selinux %s uid %s gid %s", group, group->selinux,
453 group->uid, group->gid);
458 static void update_session(struct policy_config *policy)
460 DBG("policy %p session %p", policy, policy->session);
462 if (policy->session == NULL)
465 if (connman_session_config_update(policy->session) < 0)
466 connman_session_destroy(policy->session);
469 static void set_default_config(gpointer user_data)
471 struct policy_config *policy = user_data;
473 connman_session_set_default_config(policy->config);
474 policy->group = NULL;
475 update_session(policy);
478 static void cleanup_config(gpointer user_data)
480 struct policy_config *policy = user_data;
482 DBG("policy %p group %p", policy, policy->group);
484 if (policy->group != NULL)
485 policy->group->sessions =
486 g_slist_remove(policy->group->sessions, policy);
488 g_slist_free(policy->config->allowed_bearers);
489 g_free(policy->config);
490 g_free(policy->selinux);
492 g_slist_free_full(policy->gids, g_free);
496 static void cleanup_group(gpointer user_data)
498 struct policy_group *group = user_data;
500 DBG("group %p", group);
502 g_slist_free_full(group->sessions, set_default_config);
504 g_slist_free(group->config->allowed_bearers);
505 g_free(group->config);
506 if (group->selinux != NULL)
507 g_hash_table_remove(selinux_hash, group->selinux);
508 if (group->uid != NULL)
509 g_hash_table_remove(uid_hash, group->uid);
510 if (group->gid != NULL)
511 g_hash_table_remove(gid_hash, group->gid);
512 g_free(group->selinux);
518 static void cleanup_file(gpointer user_data)
520 struct policy_file *file = user_data;
522 DBG("file %p", file);
524 g_slist_free_full(file->groups, cleanup_group);
528 static void recheck_sessions(void)
532 struct policy_group *group = NULL;
534 g_hash_table_iter_init(&iter, session_hash);
535 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE) {
536 struct policy_config *policy = value;
538 if (policy->group != NULL)
541 group = g_hash_table_lookup(selinux_hash, policy->selinux);
543 set_policy(policy, group);
544 update_session(policy);
549 static int load_file(const char *filename, struct policy_file *file)
552 struct policy_group *group;
559 pathname = g_strdup_printf("%s/%s", POLICYDIR, filename);
560 err = load_keyfile(pathname, &keyfile);
566 groupnames = g_key_file_get_groups(keyfile, NULL);
568 for (i = 0; groupnames[i] != NULL; i++) {
569 group = g_new0(struct policy_group, 1);
570 group->config = g_new0(struct connman_session_config, 1);
572 err = load_policy(keyfile, groupnames[i], group);
574 g_free(group->config);
578 if (group->selinux != NULL)
579 g_hash_table_replace(selinux_hash, group->selinux, group);
581 if (group->uid != NULL)
582 g_hash_table_replace(uid_hash, group->uid, group);
584 if (group->gid != NULL)
585 g_hash_table_replace(gid_hash, group->gid, group);
587 file->groups = g_slist_prepend(file->groups, group);
590 g_strfreev(groupnames);
593 g_slist_free_full(file->groups, cleanup_group);
595 g_key_file_free(keyfile);
600 static connman_bool_t is_filename_valid(const char *filename)
602 if (filename == NULL)
605 if (filename[0] == '.')
608 return g_str_has_suffix(filename, ".policy");
611 static int read_policies()
614 const gchar *filename;
615 struct policy_file *file;
619 dir = g_dir_open(POLICYDIR, 0, NULL);
623 while ((filename = g_dir_read_name(dir)) != NULL) {
624 if (is_filename_valid(filename) == FALSE)
627 file = g_new0(struct policy_file, 1);
628 if (load_file(filename, file) < 0) {
633 g_hash_table_replace(file_hash, g_strdup(filename), file);
642 static void notify_handler(struct inotify_event *event,
643 const char *filename)
645 struct policy_file *file;
647 DBG("event %x file %s", event->mask, filename);
649 if (event->mask & IN_CREATE)
652 if (is_filename_valid(filename) == FALSE)
656 * load_file() will modify the global selinux/uid/gid hash
657 * tables. We need to remove the old entries first before
658 * else the table points to the wrong entries.
660 g_hash_table_remove(file_hash, filename);
662 if (event->mask & (IN_DELETE | IN_MOVED_FROM))
665 if (event->mask & (IN_MOVED_TO | IN_MODIFY)) {
666 connman_info("Policy update for '%s'", filename);
668 file = g_new0(struct policy_file, 1);
669 if (load_file(filename, file) < 0) {
674 g_hash_table_replace(file_hash, g_strdup(filename), file);
679 static int session_policy_local_init(void)
685 /* If the dir doesn't exist, create it */
686 if (g_file_test(POLICYDIR, G_FILE_TEST_IS_DIR) == FALSE) {
687 if (mkdir(POLICYDIR, MODE) < 0) {
693 connection = connman_dbus_get_connection();
694 if (connection == NULL)
697 file_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
698 g_free, cleanup_file);
699 session_hash = g_hash_table_new_full(g_direct_hash, g_direct_equal,
700 NULL, cleanup_config);
701 selinux_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
703 uid_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
705 gid_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
708 err = connman_inotify_register(POLICYDIR, notify_handler);
712 err = connman_session_policy_register(&session_policy_local);
722 connman_inotify_unregister(POLICYDIR, notify_handler);
725 if (file_hash != NULL)
726 g_hash_table_destroy(file_hash);
728 if (session_hash != NULL)
729 g_hash_table_destroy(session_hash);
731 if (selinux_hash != NULL)
732 g_hash_table_destroy(selinux_hash);
734 if (uid_hash != NULL)
735 g_hash_table_destroy(uid_hash);
737 if (gid_hash != NULL)
738 g_hash_table_destroy(gid_hash);
740 connman_session_policy_unregister(&session_policy_local);
742 dbus_connection_unref(connection);
747 static void session_policy_local_exit(void)
751 g_hash_table_destroy(file_hash);
752 g_hash_table_destroy(session_hash);
753 g_hash_table_destroy(selinux_hash);
754 g_hash_table_destroy(uid_hash);
755 g_hash_table_destroy(gid_hash);
757 connman_session_policy_unregister(&session_policy_local);
759 dbus_connection_unref(connection);
761 connman_inotify_unregister(POLICYDIR, notify_handler);
764 CONNMAN_PLUGIN_DEFINE(session_policy_local,
765 "Session local file policy configuration plugin",
766 VERSION, CONNMAN_PLUGIN_PRIORITY_DEFAULT,
767 session_policy_local_init, session_policy_local_exit)