2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, version 2.
9 * Casey Schaufler <casey@schaufler-ca.com>
10 * Ahmed S. Darwish <darwish.07@gmail.com>
12 * Special thanks to the authors of selinuxfs.
14 * Karl MacMillan <kmacmillan@tresys.com>
15 * James Morris <jmorris@redhat.com>
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/cipso_ipv4.h>
26 #include <linux/seq_file.h>
27 #include <linux/ctype.h>
28 #include <linux/audit.h>
29 #include <linux/magic.h>
33 * smackfs pseudo filesystem.
38 SMK_LOAD = 3, /* load policy */
39 SMK_CIPSO = 4, /* load label -> CIPSO mapping */
40 SMK_DOI = 5, /* CIPSO DOI */
41 SMK_DIRECT = 6, /* CIPSO level indicating direct label */
42 SMK_AMBIENT = 7, /* internet ambient label */
43 SMK_NETLBLADDR = 8, /* single label hosts */
44 SMK_ONLYCAP = 9, /* the only "capable" label */
45 SMK_LOGGING = 10, /* logging */
46 SMK_LOAD_SELF = 11, /* task specific rules */
47 SMK_ACCESSES = 12, /* access policy */
48 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
49 SMK_LOAD2 = 14, /* load policy with long labels */
50 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
51 SMK_ACCESS2 = 16, /* make an access check with long labels */
52 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
53 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
54 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */
55 #ifdef CONFIG_SECURITY_SMACK_PERMISSIVE_MODE
56 SMK_PERMISSIVE = 20, /* permissive mode */
63 static DEFINE_MUTEX(smack_cipso_lock);
64 static DEFINE_MUTEX(smack_ambient_lock);
65 static DEFINE_MUTEX(smk_netlbladdr_lock);
68 * This is the "ambient" label for network traffic.
69 * If it isn't somehow marked, use this.
70 * It can be reset via smackfs/ambient
72 struct smack_known *smack_net_ambient;
75 * This is the level in a CIPSO header that indicates a
76 * smack label is contained directly in the category set.
77 * It can be reset via smackfs/direct
79 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
82 * This is the level in a CIPSO header that indicates a
83 * secid is contained directly in the category set.
84 * It can be reset via smackfs/mapped
86 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
89 * Unless a process is running with this label even
90 * having CAP_MAC_OVERRIDE isn't enough to grant
91 * privilege to violate MAC policy. If no label is
92 * designated (the NULL case) capabilities apply to
93 * everyone. It is expected that the hat (^) label
94 * will be used if any label is used.
99 * Certain IP addresses may be designated as single label hosts.
100 * Packets are sent there unlabeled, but only from tasks that
101 * can write to the specified label.
104 LIST_HEAD(smk_netlbladdr_list);
107 * Rule lists are maintained for each label.
108 * This master list is just for reading /smack/load and /smack/load2.
110 LIST_HEAD(smack_rule_list);
112 struct smack_parsed_rule {
113 struct smack_known *smk_subject;
119 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
121 const char *smack_cipso_option = SMACK_CIPSO_OPTION;
124 * Values for parsing cipso rules
125 * SMK_DIGITLEN: Length of a digit field in a rule.
126 * SMK_CIPSOMIN: Minimum possible cipso rule length.
127 * SMK_CIPSOMAX: Maximum possible cipso rule length.
129 #define SMK_DIGITLEN 4
130 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
131 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
134 * Values for parsing MAC rules
135 * SMK_ACCESS: Maximum possible combination of access permissions
136 * SMK_ACCESSLEN: Maximum length for a rule access field
137 * SMK_LOADLEN: Smack rule length
139 #define SMK_OACCESS "rwxa"
140 #define SMK_ACCESS "rwxatl"
141 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
142 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
143 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
144 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
147 * Stricly for CIPSO level manipulation.
148 * Set the category bit number in a smack label sized buffer.
150 static inline void smack_catset_bit(unsigned int cat, char *catsetp)
152 if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
155 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
159 * smk_netlabel_audit_set - fill a netlbl_audit struct
160 * @nap: structure to fill
162 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
164 struct smack_known *skp = smk_of_current();
166 nap->loginuid = audit_get_loginuid(current);
167 nap->sessionid = audit_get_sessionid(current);
168 nap->secid = skp->smk_secid;
172 * Value for parsing single label host rules
175 #define SMK_NETLBLADDRMIN 9
178 * smk_set_access - add a rule to the rule list or replace an old rule
179 * @srp: the rule to add or replace
180 * @rule_list: the list of rules
181 * @rule_lock: the rule list lock
182 * @global: if non-zero, indicates a global rule
184 * Looks through the current subject/object/access list for
185 * the subject/object pair and replaces the access that was
186 * there. If the pair isn't found add it with the specified
189 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
190 * during the allocation of the new pair to add.
192 static int smk_set_access(struct smack_parsed_rule *srp,
193 struct list_head *rule_list,
194 struct mutex *rule_lock, int global)
196 struct smack_rule *sp;
197 struct smack_master_list *smlp;
201 mutex_lock(rule_lock);
204 * Because the object label is less likely to match
205 * than the subject label check it first
207 list_for_each_entry_rcu(sp, rule_list, list) {
208 if (sp->smk_object == srp->smk_object &&
209 sp->smk_subject == srp->smk_subject) {
211 sp->smk_access |= srp->smk_access1;
212 sp->smk_access &= ~srp->smk_access2;
218 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL);
224 sp->smk_subject = srp->smk_subject;
225 sp->smk_object = srp->smk_object;
226 sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
228 list_add_rcu(&sp->list, rule_list);
230 * If this is a global as opposed to self and a new rule
231 * it needs to get added for reporting.
234 smlp = kmem_cache_zalloc(smack_master_list_cache,
238 list_add_rcu(&smlp->list, &smack_rule_list);
245 mutex_unlock(rule_lock);
250 * smk_perm_from_str - parse smack accesses from a text string
251 * @string: a text string that contains a Smack accesses code
253 * Returns an integer with respective bits set for specified accesses.
255 static int smk_perm_from_str(const char *string)
260 for (cp = string; ; cp++)
282 perm |= MAY_TRANSMUTE;
294 * smk_fill_rule - Fill Smack rule from strings
295 * @subject: subject label string
296 * @object: object label string
297 * @access1: access string
298 * @access2: string with permissions to be removed
300 * @import: if non-zero, import labels
301 * @len: label length limit
303 * Returns 0 on success, -1 on failure
305 static int smk_fill_rule(const char *subject, const char *object,
306 const char *access1, const char *access2,
307 struct smack_parsed_rule *rule, int import,
311 struct smack_known *skp;
314 rule->smk_subject = smk_import_entry(subject, len);
315 if (rule->smk_subject == NULL)
318 rule->smk_object = smk_import(object, len);
319 if (rule->smk_object == NULL)
322 cp = smk_parse_smack(subject, len);
325 skp = smk_find_entry(cp);
329 rule->smk_subject = skp;
331 cp = smk_parse_smack(object, len);
334 skp = smk_find_entry(cp);
338 rule->smk_object = skp->smk_known;
341 rule->smk_access1 = smk_perm_from_str(access1);
343 rule->smk_access2 = smk_perm_from_str(access2);
345 rule->smk_access2 = ~rule->smk_access1;
351 * smk_parse_rule - parse Smack rule from load string
352 * @data: string to be parsed whose size is SMK_LOADLEN
354 * @import: if non-zero, import labels
356 * Returns 0 on success, -1 on errors.
358 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
363 rc = smk_fill_rule(data, data + SMK_LABELLEN,
364 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
365 import, SMK_LABELLEN);
370 * smk_parse_long_rule - parse Smack rule from rule string
371 * @data: string to be parsed, null terminated
372 * @rule: Will be filled with Smack parsed rule
373 * @import: if non-zero, import labels
374 * @tokens: numer of substrings expected in data
376 * Returns number of processed bytes on success, -1 on failure.
378 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule,
379 int import, int tokens)
386 * Parsing the rule in-place, filling all white-spaces with '\0'
388 for (i = 0; i < tokens; ++i) {
389 while (isspace(data[cnt]))
392 if (data[cnt] == '\0')
393 /* Unexpected end of data */
398 while (data[cnt] && !isspace(data[cnt]))
401 while (isspace(data[cnt]))
407 if (smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0))
413 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
414 #define SMK_LONG_FMT 1 /* Variable long label format */
415 #define SMK_CHANGE_FMT 2 /* Rule modification format */
417 * smk_write_rules_list - write() for any /smack rule file
418 * @file: file pointer, not actually used
419 * @buf: where to get the data from
421 * @ppos: where to start - must be 0
422 * @rule_list: the list of rules to write to
423 * @rule_lock: lock for the rule list
424 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
426 * Get one smack access rule from above.
427 * The format for SMK_LONG_FMT is:
428 * "subject<whitespace>object<whitespace>access[<whitespace>...]"
429 * The format for SMK_FIXED24_FMT is exactly:
430 * "subject object rwxat"
431 * The format for SMK_CHANGE_FMT is:
432 * "subject<whitespace>object<whitespace>
433 * acc_enable<whitespace>acc_disable[<whitespace>...]"
435 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
436 size_t count, loff_t *ppos,
437 struct list_head *rule_list,
438 struct mutex *rule_lock, int format)
440 struct smack_parsed_rule rule;
449 * Enough data must be present.
454 if (format == SMK_FIXED24_FMT) {
456 * Minor hack for backward compatibility
458 if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
461 if (count >= PAGE_SIZE) {
462 count = PAGE_SIZE - 1;
467 data = kmalloc(count + 1, GFP_KERNEL);
471 if (copy_from_user(data, buf, count) != 0) {
477 * In case of parsing only part of user buf,
478 * avoid having partial rule at the data buffer
481 while (count > 0 && (data[count - 1] != '\n'))
490 tokens = (format == SMK_CHANGE_FMT ? 4 : 3);
491 while (cnt < count) {
492 if (format == SMK_FIXED24_FMT) {
493 rc = smk_parse_rule(data, &rule, 1);
500 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens);
508 if (rule_list == NULL)
509 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules,
510 &rule.smk_subject->smk_rules_lock, 1);
512 rc = smk_set_access(&rule, rule_list, rule_lock, 0);
525 * Core logic for smackfs seq list operations.
528 static void *smk_seq_start(struct seq_file *s, loff_t *pos,
529 struct list_head *head)
531 struct list_head *list;
534 * This is 0 the first time through.
539 if (s->private == NULL)
543 if (list_empty(list))
551 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
552 struct list_head *head)
554 struct list_head *list = v;
556 if (list_is_last(list, head)) {
560 s->private = list->next;
564 static void smk_seq_stop(struct seq_file *s, void *v)
569 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
572 * Don't show any rules with label names too long for
573 * interface file (/smack/load or /smack/load2)
574 * because you should expect to be able to write
575 * anything you read back.
577 if (strlen(srp->smk_subject->smk_known) >= max ||
578 strlen(srp->smk_object) >= max)
581 if (srp->smk_access == 0)
584 seq_printf(s, "%s %s", srp->smk_subject->smk_known, srp->smk_object);
588 if (srp->smk_access & MAY_READ)
590 if (srp->smk_access & MAY_WRITE)
592 if (srp->smk_access & MAY_EXEC)
594 if (srp->smk_access & MAY_APPEND)
596 if (srp->smk_access & MAY_TRANSMUTE)
598 if (srp->smk_access & MAY_LOCK)
605 * Seq_file read operations for /smack/load
608 static void *load2_seq_start(struct seq_file *s, loff_t *pos)
610 return smk_seq_start(s, pos, &smack_rule_list);
613 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
615 return smk_seq_next(s, v, pos, &smack_rule_list);
618 static int load_seq_show(struct seq_file *s, void *v)
620 struct list_head *list = v;
621 struct smack_master_list *smlp =
622 list_entry(list, struct smack_master_list, list);
624 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN);
629 static const struct seq_operations load_seq_ops = {
630 .start = load2_seq_start,
631 .next = load2_seq_next,
632 .show = load_seq_show,
633 .stop = smk_seq_stop,
637 * smk_open_load - open() for /smack/load
638 * @inode: inode structure representing file
639 * @file: "load" file pointer
641 * For reading, use load_seq_* seq_file reading operations.
643 static int smk_open_load(struct inode *inode, struct file *file)
645 return seq_open(file, &load_seq_ops);
649 * smk_write_load - write() for /smack/load
650 * @file: file pointer, not actually used
651 * @buf: where to get the data from
653 * @ppos: where to start - must be 0
656 static ssize_t smk_write_load(struct file *file, const char __user *buf,
657 size_t count, loff_t *ppos)
660 * Must have privilege.
662 * Enough data must be present.
664 if (!smack_privileged(CAP_MAC_ADMIN))
667 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
671 static const struct file_operations smk_load_ops = {
672 .open = smk_open_load,
675 .write = smk_write_load,
676 .release = seq_release,
679 #ifdef CONFIG_SECURITY_SMACK_PERMISSIVE_MODE
681 * smk_read_permissive - read() for /smack/permissive
682 * @filp: file pointer, not actually used
683 * @buf: where to put the result
684 * @cn: maximum to send along
685 * @ppos: where to start
687 * Returns number of bytes read or error code, as appropriate
689 static ssize_t smk_read_permissive(struct file *filp, char __user *buf,
690 size_t count, loff_t *ppos)
698 sprintf(temp, "%d\n", permissive_mode);
699 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
704 * smk_write_permissive - write() for /smack/permissive
705 * @file: file pointer, not actually used
706 * @buf: where to get the data from
708 * @ppos: where to start
710 * Returns number of bytes written or error code, as appropriate
712 static ssize_t smk_write_permissive(struct file *file, const char __user *buf,
713 size_t count, loff_t *ppos)
718 if (!capable(CAP_MAC_ADMIN))
721 if (count >= sizeof(temp) || count == 0)
724 if (copy_from_user(temp, buf, count) != 0)
729 if (sscanf(temp, "%d", &i) != 1)
737 static const struct file_operations smk_permissive_ops = {
738 .read = smk_read_permissive,
739 .write = smk_write_permissive,
740 .llseek = default_llseek,
742 #endif /* End of CONFIG_SECURITY_SMACK_PERMISSIVE_MODE */
745 * smk_cipso_doi - initialize the CIPSO domain
747 static void smk_cipso_doi(void)
750 struct cipso_v4_doi *doip;
751 struct netlbl_audit nai;
753 smk_netlabel_audit_set(&nai);
755 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
757 printk(KERN_WARNING "%s:%d remove rc = %d\n",
758 __func__, __LINE__, rc);
760 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
762 panic("smack: Failed to initialize cipso DOI.\n");
763 doip->map.std = NULL;
764 doip->doi = smk_cipso_doi_value;
765 doip->type = CIPSO_V4_MAP_PASS;
766 doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
767 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
768 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
770 rc = netlbl_cfg_cipsov4_add(doip, &nai);
772 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
773 __func__, __LINE__, rc);
777 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
779 printk(KERN_WARNING "%s:%d map add rc = %d\n",
780 __func__, __LINE__, rc);
787 * smk_unlbl_ambient - initialize the unlabeled domain
788 * @oldambient: previous domain string
790 static void smk_unlbl_ambient(char *oldambient)
793 struct netlbl_audit nai;
795 smk_netlabel_audit_set(&nai);
797 if (oldambient != NULL) {
798 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
800 printk(KERN_WARNING "%s:%d remove rc = %d\n",
801 __func__, __LINE__, rc);
803 if (smack_net_ambient == NULL)
804 smack_net_ambient = &smack_known_floor;
806 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET,
809 printk(KERN_WARNING "%s:%d add rc = %d\n",
810 __func__, __LINE__, rc);
814 * Seq_file read operations for /smack/cipso
817 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
819 return smk_seq_start(s, pos, &smack_known_list);
822 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
824 return smk_seq_next(s, v, pos, &smack_known_list);
828 * Print cipso labels in format:
829 * label level[/cat[,cat]]
831 static int cipso_seq_show(struct seq_file *s, void *v)
833 struct list_head *list = v;
834 struct smack_known *skp =
835 list_entry(list, struct smack_known, list);
836 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
841 * Don't show a label that could not have been set using
842 * /smack/cipso. This is in support of the notion that
843 * anything read from /smack/cipso ought to be writeable
846 * /smack/cipso2 should be used instead.
848 if (strlen(skp->smk_known) >= SMK_LABELLEN)
851 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
853 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
854 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
855 seq_printf(s, "%c%d", sep, i);
864 static const struct seq_operations cipso_seq_ops = {
865 .start = cipso_seq_start,
866 .next = cipso_seq_next,
867 .show = cipso_seq_show,
868 .stop = smk_seq_stop,
872 * smk_open_cipso - open() for /smack/cipso
873 * @inode: inode structure representing file
874 * @file: "cipso" file pointer
876 * Connect our cipso_seq_* operations with /smack/cipso
879 static int smk_open_cipso(struct inode *inode, struct file *file)
881 return seq_open(file, &cipso_seq_ops);
885 * smk_set_cipso - do the work for write() for cipso and cipso2
886 * @file: file pointer, not actually used
887 * @buf: where to get the data from
889 * @ppos: where to start
890 * @format: /smack/cipso or /smack/cipso2
892 * Accepts only one cipso rule per write call.
893 * Returns number of bytes written or error code, as appropriate
895 static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
896 size_t count, loff_t *ppos, int format)
898 struct smack_known *skp;
899 struct netlbl_lsm_secattr ncats;
900 char mapcatset[SMK_CIPSOLEN];
904 ssize_t rc = -EINVAL;
911 * Must have privilege.
913 * Enough data must be present.
915 if (!smack_privileged(CAP_MAC_ADMIN))
919 if (format == SMK_FIXED24_FMT &&
920 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
923 data = kzalloc(count + 1, GFP_KERNEL);
927 if (copy_from_user(data, buf, count) != 0) {
935 * Only allow one writer at a time. Writes should be
936 * quite rare and small in any case.
938 mutex_lock(&smack_cipso_lock);
940 skp = smk_import_entry(rule, 0);
944 if (format == SMK_FIXED24_FMT)
945 rule += SMK_LABELLEN;
947 rule += strlen(skp->smk_known) + 1;
949 ret = sscanf(rule, "%d", &maplevel);
950 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
953 rule += SMK_DIGITLEN;
954 ret = sscanf(rule, "%d", &catlen);
955 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
958 if (format == SMK_FIXED24_FMT &&
959 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
962 memset(mapcatset, 0, sizeof(mapcatset));
964 for (i = 0; i < catlen; i++) {
965 rule += SMK_DIGITLEN;
966 ret = sscanf(rule, "%u", &cat);
967 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
970 smack_catset_bit(cat, mapcatset);
973 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
975 netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat);
976 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
977 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
982 mutex_unlock(&smack_cipso_lock);
989 * smk_write_cipso - write() for /smack/cipso
990 * @file: file pointer, not actually used
991 * @buf: where to get the data from
993 * @ppos: where to start
995 * Accepts only one cipso rule per write call.
996 * Returns number of bytes written or error code, as appropriate
998 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
999 size_t count, loff_t *ppos)
1001 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
1004 static const struct file_operations smk_cipso_ops = {
1005 .open = smk_open_cipso,
1007 .llseek = seq_lseek,
1008 .write = smk_write_cipso,
1009 .release = seq_release,
1013 * Seq_file read operations for /smack/cipso2
1017 * Print cipso labels in format:
1018 * label level[/cat[,cat]]
1020 static int cipso2_seq_show(struct seq_file *s, void *v)
1022 struct list_head *list = v;
1023 struct smack_known *skp =
1024 list_entry(list, struct smack_known, list);
1025 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
1029 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
1031 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
1032 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
1033 seq_printf(s, "%c%d", sep, i);
1042 static const struct seq_operations cipso2_seq_ops = {
1043 .start = cipso_seq_start,
1044 .next = cipso_seq_next,
1045 .show = cipso2_seq_show,
1046 .stop = smk_seq_stop,
1050 * smk_open_cipso2 - open() for /smack/cipso2
1051 * @inode: inode structure representing file
1052 * @file: "cipso2" file pointer
1054 * Connect our cipso_seq_* operations with /smack/cipso2
1057 static int smk_open_cipso2(struct inode *inode, struct file *file)
1059 return seq_open(file, &cipso2_seq_ops);
1063 * smk_write_cipso2 - write() for /smack/cipso2
1064 * @file: file pointer, not actually used
1065 * @buf: where to get the data from
1066 * @count: bytes sent
1067 * @ppos: where to start
1069 * Accepts only one cipso rule per write call.
1070 * Returns number of bytes written or error code, as appropriate
1072 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
1073 size_t count, loff_t *ppos)
1075 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1078 static const struct file_operations smk_cipso2_ops = {
1079 .open = smk_open_cipso2,
1081 .llseek = seq_lseek,
1082 .write = smk_write_cipso2,
1083 .release = seq_release,
1087 * Seq_file read operations for /smack/netlabel
1090 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
1092 return smk_seq_start(s, pos, &smk_netlbladdr_list);
1095 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1097 return smk_seq_next(s, v, pos, &smk_netlbladdr_list);
1099 #define BEBITS (sizeof(__be32) * 8)
1102 * Print host/label pairs
1104 static int netlbladdr_seq_show(struct seq_file *s, void *v)
1106 struct list_head *list = v;
1107 struct smk_netlbladdr *skp =
1108 list_entry(list, struct smk_netlbladdr, list);
1109 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
1111 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
1113 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
1115 seq_printf(s, "%u.%u.%u.%u/%d %s\n",
1116 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label);
1121 static const struct seq_operations netlbladdr_seq_ops = {
1122 .start = netlbladdr_seq_start,
1123 .next = netlbladdr_seq_next,
1124 .show = netlbladdr_seq_show,
1125 .stop = smk_seq_stop,
1129 * smk_open_netlbladdr - open() for /smack/netlabel
1130 * @inode: inode structure representing file
1131 * @file: "netlabel" file pointer
1133 * Connect our netlbladdr_seq_* operations with /smack/netlabel
1136 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
1138 return seq_open(file, &netlbladdr_seq_ops);
1142 * smk_netlbladdr_insert
1143 * @new : netlabel to insert
1145 * This helper insert netlabel in the smack_netlbladdrs list
1146 * sorted by netmask length (longest to smallest)
1147 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr
1150 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
1152 struct smk_netlbladdr *m, *m_next;
1154 if (list_empty(&smk_netlbladdr_list)) {
1155 list_add_rcu(&new->list, &smk_netlbladdr_list);
1159 m = list_entry_rcu(smk_netlbladdr_list.next,
1160 struct smk_netlbladdr, list);
1162 /* the comparison '>' is a bit hacky, but works */
1163 if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
1164 list_add_rcu(&new->list, &smk_netlbladdr_list);
1168 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
1169 if (list_is_last(&m->list, &smk_netlbladdr_list)) {
1170 list_add_rcu(&new->list, &m->list);
1173 m_next = list_entry_rcu(m->list.next,
1174 struct smk_netlbladdr, list);
1175 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
1176 list_add_rcu(&new->list, &m->list);
1184 * smk_write_netlbladdr - write() for /smack/netlabel
1185 * @file: file pointer, not actually used
1186 * @buf: where to get the data from
1187 * @count: bytes sent
1188 * @ppos: where to start
1190 * Accepts only one netlbladdr per write call.
1191 * Returns number of bytes written or error code, as appropriate
1193 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
1194 size_t count, loff_t *ppos)
1196 struct smk_netlbladdr *skp;
1197 struct sockaddr_in newname;
1201 char *host = (char *)&newname.sin_addr.s_addr;
1203 struct netlbl_audit audit_info;
1204 struct in_addr mask;
1207 u32 mask_bits = (1<<31);
1212 * Must have privilege.
1213 * No partial writes.
1214 * Enough data must be present.
1215 * "<addr/mask, as a.b.c.d/e><space><label>"
1216 * "<addr, as a.b.c.d><space><label>"
1218 if (!smack_privileged(CAP_MAC_ADMIN))
1222 if (count < SMK_NETLBLADDRMIN)
1225 data = kzalloc(count + 1, GFP_KERNEL);
1229 if (copy_from_user(data, buf, count) != 0) {
1234 smack = kzalloc(count + 1, GFP_KERNEL);
1235 if (smack == NULL) {
1242 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s",
1243 &host[0], &host[1], &host[2], &host[3], &m, smack);
1245 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1246 &host[0], &host[1], &host[2], &host[3], smack);
1259 * If smack begins with '-', it is an option, don't import it
1261 if (smack[0] != '-') {
1262 sp = smk_import(smack, 0);
1268 /* check known options */
1269 if (strcmp(smack, smack_cipso_option) == 0)
1270 sp = (char *)smack_cipso_option;
1277 for (temp_mask = 0; m > 0; m--) {
1278 temp_mask |= mask_bits;
1281 mask.s_addr = cpu_to_be32(temp_mask);
1283 newname.sin_addr.s_addr &= mask.s_addr;
1285 * Only allow one writer at a time. Writes should be
1286 * quite rare and small in any case.
1288 mutex_lock(&smk_netlbladdr_lock);
1290 nsa = newname.sin_addr.s_addr;
1291 /* try to find if the prefix is already in the list */
1293 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) {
1294 if (skp->smk_host.sin_addr.s_addr == nsa &&
1295 skp->smk_mask.s_addr == mask.s_addr) {
1300 smk_netlabel_audit_set(&audit_info);
1303 skp = kzalloc(sizeof(*skp), GFP_KERNEL);
1308 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
1309 skp->smk_mask.s_addr = mask.s_addr;
1310 skp->smk_label = sp;
1311 smk_netlbladdr_insert(skp);
1314 /* we delete the unlabeled entry, only if the previous label
1315 * wasn't the special CIPSO option */
1316 if (skp->smk_label != smack_cipso_option)
1317 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1318 &skp->smk_host.sin_addr, &skp->smk_mask,
1319 PF_INET, &audit_info);
1322 skp->smk_label = sp;
1326 * Now tell netlabel about the single label nature of
1327 * this host so that incoming packets get labeled.
1328 * but only if we didn't get the special CIPSO option
1330 if (rc == 0 && sp != smack_cipso_option)
1331 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1332 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET,
1333 smack_to_secid(skp->smk_label), &audit_info);
1338 mutex_unlock(&smk_netlbladdr_lock);
1348 static const struct file_operations smk_netlbladdr_ops = {
1349 .open = smk_open_netlbladdr,
1351 .llseek = seq_lseek,
1352 .write = smk_write_netlbladdr,
1353 .release = seq_release,
1357 * smk_read_doi - read() for /smack/doi
1358 * @filp: file pointer, not actually used
1359 * @buf: where to put the result
1360 * @count: maximum to send along
1361 * @ppos: where to start
1363 * Returns number of bytes read or error code, as appropriate
1365 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1366 size_t count, loff_t *ppos)
1374 sprintf(temp, "%d", smk_cipso_doi_value);
1375 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1381 * smk_write_doi - write() for /smack/doi
1382 * @file: file pointer, not actually used
1383 * @buf: where to get the data from
1384 * @count: bytes sent
1385 * @ppos: where to start
1387 * Returns number of bytes written or error code, as appropriate
1389 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1390 size_t count, loff_t *ppos)
1395 if (!smack_privileged(CAP_MAC_ADMIN))
1398 if (count >= sizeof(temp) || count == 0)
1401 if (copy_from_user(temp, buf, count) != 0)
1406 if (sscanf(temp, "%d", &i) != 1)
1409 smk_cipso_doi_value = i;
1416 static const struct file_operations smk_doi_ops = {
1417 .read = smk_read_doi,
1418 .write = smk_write_doi,
1419 .llseek = default_llseek,
1423 * smk_read_direct - read() for /smack/direct
1424 * @filp: file pointer, not actually used
1425 * @buf: where to put the result
1426 * @count: maximum to send along
1427 * @ppos: where to start
1429 * Returns number of bytes read or error code, as appropriate
1431 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1432 size_t count, loff_t *ppos)
1440 sprintf(temp, "%d", smack_cipso_direct);
1441 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1447 * smk_write_direct - write() for /smack/direct
1448 * @file: file pointer, not actually used
1449 * @buf: where to get the data from
1450 * @count: bytes sent
1451 * @ppos: where to start
1453 * Returns number of bytes written or error code, as appropriate
1455 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1456 size_t count, loff_t *ppos)
1458 struct smack_known *skp;
1462 if (!smack_privileged(CAP_MAC_ADMIN))
1465 if (count >= sizeof(temp) || count == 0)
1468 if (copy_from_user(temp, buf, count) != 0)
1473 if (sscanf(temp, "%d", &i) != 1)
1477 * Don't do anything if the value hasn't actually changed.
1478 * If it is changing reset the level on entries that were
1479 * set up to be direct when they were created.
1481 if (smack_cipso_direct != i) {
1482 mutex_lock(&smack_known_lock);
1483 list_for_each_entry_rcu(skp, &smack_known_list, list)
1484 if (skp->smk_netlabel.attr.mls.lvl ==
1486 skp->smk_netlabel.attr.mls.lvl = i;
1487 smack_cipso_direct = i;
1488 mutex_unlock(&smack_known_lock);
1494 static const struct file_operations smk_direct_ops = {
1495 .read = smk_read_direct,
1496 .write = smk_write_direct,
1497 .llseek = default_llseek,
1501 * smk_read_mapped - read() for /smack/mapped
1502 * @filp: file pointer, not actually used
1503 * @buf: where to put the result
1504 * @count: maximum to send along
1505 * @ppos: where to start
1507 * Returns number of bytes read or error code, as appropriate
1509 static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1510 size_t count, loff_t *ppos)
1518 sprintf(temp, "%d", smack_cipso_mapped);
1519 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1525 * smk_write_mapped - write() for /smack/mapped
1526 * @file: file pointer, not actually used
1527 * @buf: where to get the data from
1528 * @count: bytes sent
1529 * @ppos: where to start
1531 * Returns number of bytes written or error code, as appropriate
1533 static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1534 size_t count, loff_t *ppos)
1536 struct smack_known *skp;
1540 if (!smack_privileged(CAP_MAC_ADMIN))
1543 if (count >= sizeof(temp) || count == 0)
1546 if (copy_from_user(temp, buf, count) != 0)
1551 if (sscanf(temp, "%d", &i) != 1)
1555 * Don't do anything if the value hasn't actually changed.
1556 * If it is changing reset the level on entries that were
1557 * set up to be mapped when they were created.
1559 if (smack_cipso_mapped != i) {
1560 mutex_lock(&smack_known_lock);
1561 list_for_each_entry_rcu(skp, &smack_known_list, list)
1562 if (skp->smk_netlabel.attr.mls.lvl ==
1564 skp->smk_netlabel.attr.mls.lvl = i;
1565 smack_cipso_mapped = i;
1566 mutex_unlock(&smack_known_lock);
1572 static const struct file_operations smk_mapped_ops = {
1573 .read = smk_read_mapped,
1574 .write = smk_write_mapped,
1575 .llseek = default_llseek,
1579 * smk_read_ambient - read() for /smack/ambient
1580 * @filp: file pointer, not actually used
1581 * @buf: where to put the result
1582 * @cn: maximum to send along
1583 * @ppos: where to start
1585 * Returns number of bytes read or error code, as appropriate
1587 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1588 size_t cn, loff_t *ppos)
1596 * Being careful to avoid a problem in the case where
1597 * smack_net_ambient gets changed in midstream.
1599 mutex_lock(&smack_ambient_lock);
1601 asize = strlen(smack_net_ambient->smk_known) + 1;
1604 rc = simple_read_from_buffer(buf, cn, ppos,
1605 smack_net_ambient->smk_known,
1610 mutex_unlock(&smack_ambient_lock);
1616 * smk_write_ambient - write() for /smack/ambient
1617 * @file: file pointer, not actually used
1618 * @buf: where to get the data from
1619 * @count: bytes sent
1620 * @ppos: where to start
1622 * Returns number of bytes written or error code, as appropriate
1624 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1625 size_t count, loff_t *ppos)
1627 struct smack_known *skp;
1632 if (!smack_privileged(CAP_MAC_ADMIN))
1635 data = kzalloc(count + 1, GFP_KERNEL);
1639 if (copy_from_user(data, buf, count) != 0) {
1644 skp = smk_import_entry(data, count);
1650 mutex_lock(&smack_ambient_lock);
1652 oldambient = smack_net_ambient->smk_known;
1653 smack_net_ambient = skp;
1654 smk_unlbl_ambient(oldambient);
1656 mutex_unlock(&smack_ambient_lock);
1663 static const struct file_operations smk_ambient_ops = {
1664 .read = smk_read_ambient,
1665 .write = smk_write_ambient,
1666 .llseek = default_llseek,
1670 * smk_read_onlycap - read() for /smack/onlycap
1671 * @filp: file pointer, not actually used
1672 * @buf: where to put the result
1673 * @cn: maximum to send along
1674 * @ppos: where to start
1676 * Returns number of bytes read or error code, as appropriate
1678 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf,
1679 size_t cn, loff_t *ppos)
1682 ssize_t rc = -EINVAL;
1688 if (smack_onlycap != NULL)
1689 smack = smack_onlycap;
1691 asize = strlen(smack) + 1;
1694 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
1700 * smk_write_onlycap - write() for /smack/onlycap
1701 * @file: file pointer, not actually used
1702 * @buf: where to get the data from
1703 * @count: bytes sent
1704 * @ppos: where to start
1706 * Returns number of bytes written or error code, as appropriate
1708 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1709 size_t count, loff_t *ppos)
1712 struct smack_known *skp = smk_of_task(current->cred->security);
1715 if (!smack_privileged(CAP_MAC_ADMIN))
1719 * This can be done using smk_access() but is done
1720 * explicitly for clarity. The smk_access() implementation
1721 * would use smk_access(smack_onlycap, MAY_WRITE)
1723 if (smack_onlycap != NULL && smack_onlycap != skp->smk_known)
1726 data = kzalloc(count, GFP_KERNEL);
1731 * Should the null string be passed in unset the onlycap value.
1732 * This seems like something to be careful with as usually
1733 * smk_import only expects to return NULL for errors. It
1734 * is usually the case that a nullstring or "\n" would be
1735 * bad to pass to smk_import but in fact this is useful here.
1737 * smk_import will also reject a label beginning with '-',
1738 * so "-usecapabilities" will also work.
1740 if (copy_from_user(data, buf, count) != 0)
1743 smack_onlycap = smk_import(data, count);
1749 static const struct file_operations smk_onlycap_ops = {
1750 .read = smk_read_onlycap,
1751 .write = smk_write_onlycap,
1752 .llseek = default_llseek,
1756 * smk_read_logging - read() for /smack/logging
1757 * @filp: file pointer, not actually used
1758 * @buf: where to put the result
1759 * @cn: maximum to send along
1760 * @ppos: where to start
1762 * Returns number of bytes read or error code, as appropriate
1764 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1765 size_t count, loff_t *ppos)
1773 sprintf(temp, "%d\n", log_policy);
1774 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1779 * smk_write_logging - write() for /smack/logging
1780 * @file: file pointer, not actually used
1781 * @buf: where to get the data from
1782 * @count: bytes sent
1783 * @ppos: where to start
1785 * Returns number of bytes written or error code, as appropriate
1787 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1788 size_t count, loff_t *ppos)
1793 if (!smack_privileged(CAP_MAC_ADMIN))
1796 if (count >= sizeof(temp) || count == 0)
1799 if (copy_from_user(temp, buf, count) != 0)
1804 if (sscanf(temp, "%d", &i) != 1)
1814 static const struct file_operations smk_logging_ops = {
1815 .read = smk_read_logging,
1816 .write = smk_write_logging,
1817 .llseek = default_llseek,
1821 * Seq_file read operations for /smack/load-self
1824 static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
1826 struct task_smack *tsp = current_security();
1828 return smk_seq_start(s, pos, &tsp->smk_rules);
1831 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
1833 struct task_smack *tsp = current_security();
1835 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1838 static int load_self_seq_show(struct seq_file *s, void *v)
1840 struct list_head *list = v;
1841 struct smack_rule *srp =
1842 list_entry(list, struct smack_rule, list);
1844 smk_rule_show(s, srp, SMK_LABELLEN);
1849 static const struct seq_operations load_self_seq_ops = {
1850 .start = load_self_seq_start,
1851 .next = load_self_seq_next,
1852 .show = load_self_seq_show,
1853 .stop = smk_seq_stop,
1858 * smk_open_load_self - open() for /smack/load-self2
1859 * @inode: inode structure representing file
1860 * @file: "load" file pointer
1862 * For reading, use load_seq_* seq_file reading operations.
1864 static int smk_open_load_self(struct inode *inode, struct file *file)
1866 return seq_open(file, &load_self_seq_ops);
1870 * smk_write_load_self - write() for /smack/load-self
1871 * @file: file pointer, not actually used
1872 * @buf: where to get the data from
1873 * @count: bytes sent
1874 * @ppos: where to start - must be 0
1877 static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
1878 size_t count, loff_t *ppos)
1880 struct task_smack *tsp = current_security();
1882 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1883 &tsp->smk_rules_lock, SMK_FIXED24_FMT);
1886 static const struct file_operations smk_load_self_ops = {
1887 .open = smk_open_load_self,
1889 .llseek = seq_lseek,
1890 .write = smk_write_load_self,
1891 .release = seq_release,
1895 * smk_user_access - handle access check transaction
1896 * @file: file pointer
1897 * @buf: data from user space
1898 * @count: bytes sent
1899 * @ppos: where to start - must be 0
1901 static ssize_t smk_user_access(struct file *file, const char __user *buf,
1902 size_t count, loff_t *ppos, int format)
1904 struct smack_parsed_rule rule;
1908 data = simple_transaction_get(file, buf, count);
1910 return PTR_ERR(data);
1912 if (format == SMK_FIXED24_FMT) {
1913 if (count < SMK_LOADLEN)
1915 res = smk_parse_rule(data, &rule, 0);
1918 * simple_transaction_get() returns null-terminated data
1920 res = smk_parse_long_rule(data, &rule, 0, 3);
1926 res = smk_access(rule.smk_subject, rule.smk_object,
1927 rule.smk_access1, NULL);
1928 data[0] = res == 0 ? '1' : '0';
1931 simple_transaction_set(file, 2);
1937 * smk_write_access - handle access check transaction
1938 * @file: file pointer
1939 * @buf: data from user space
1940 * @count: bytes sent
1941 * @ppos: where to start - must be 0
1943 static ssize_t smk_write_access(struct file *file, const char __user *buf,
1944 size_t count, loff_t *ppos)
1946 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
1949 static const struct file_operations smk_access_ops = {
1950 .write = smk_write_access,
1951 .read = simple_transaction_read,
1952 .release = simple_transaction_release,
1953 .llseek = generic_file_llseek,
1958 * Seq_file read operations for /smack/load2
1961 static int load2_seq_show(struct seq_file *s, void *v)
1963 struct list_head *list = v;
1964 struct smack_master_list *smlp =
1965 list_entry(list, struct smack_master_list, list);
1967 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL);
1972 static const struct seq_operations load2_seq_ops = {
1973 .start = load2_seq_start,
1974 .next = load2_seq_next,
1975 .show = load2_seq_show,
1976 .stop = smk_seq_stop,
1980 * smk_open_load2 - open() for /smack/load2
1981 * @inode: inode structure representing file
1982 * @file: "load2" file pointer
1984 * For reading, use load2_seq_* seq_file reading operations.
1986 static int smk_open_load2(struct inode *inode, struct file *file)
1988 return seq_open(file, &load2_seq_ops);
1992 * smk_write_load2 - write() for /smack/load2
1993 * @file: file pointer, not actually used
1994 * @buf: where to get the data from
1995 * @count: bytes sent
1996 * @ppos: where to start - must be 0
1999 static ssize_t smk_write_load2(struct file *file, const char __user *buf,
2000 size_t count, loff_t *ppos)
2003 * Must have privilege.
2005 if (!smack_privileged(CAP_MAC_ADMIN))
2008 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2012 static const struct file_operations smk_load2_ops = {
2013 .open = smk_open_load2,
2015 .llseek = seq_lseek,
2016 .write = smk_write_load2,
2017 .release = seq_release,
2021 * Seq_file read operations for /smack/load-self2
2024 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
2026 struct task_smack *tsp = current_security();
2028 return smk_seq_start(s, pos, &tsp->smk_rules);
2031 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
2033 struct task_smack *tsp = current_security();
2035 return smk_seq_next(s, v, pos, &tsp->smk_rules);
2038 static int load_self2_seq_show(struct seq_file *s, void *v)
2040 struct list_head *list = v;
2041 struct smack_rule *srp =
2042 list_entry(list, struct smack_rule, list);
2044 smk_rule_show(s, srp, SMK_LONGLABEL);
2049 static const struct seq_operations load_self2_seq_ops = {
2050 .start = load_self2_seq_start,
2051 .next = load_self2_seq_next,
2052 .show = load_self2_seq_show,
2053 .stop = smk_seq_stop,
2057 * smk_open_load_self2 - open() for /smack/load-self2
2058 * @inode: inode structure representing file
2059 * @file: "load" file pointer
2061 * For reading, use load_seq_* seq_file reading operations.
2063 static int smk_open_load_self2(struct inode *inode, struct file *file)
2065 return seq_open(file, &load_self2_seq_ops);
2069 * smk_write_load_self2 - write() for /smack/load-self2
2070 * @file: file pointer, not actually used
2071 * @buf: where to get the data from
2072 * @count: bytes sent
2073 * @ppos: where to start - must be 0
2076 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2077 size_t count, loff_t *ppos)
2079 struct task_smack *tsp = current_security();
2081 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2082 &tsp->smk_rules_lock, SMK_LONG_FMT);
2085 static const struct file_operations smk_load_self2_ops = {
2086 .open = smk_open_load_self2,
2088 .llseek = seq_lseek,
2089 .write = smk_write_load_self2,
2090 .release = seq_release,
2094 * smk_write_access2 - handle access check transaction
2095 * @file: file pointer
2096 * @buf: data from user space
2097 * @count: bytes sent
2098 * @ppos: where to start - must be 0
2100 static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2101 size_t count, loff_t *ppos)
2103 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2106 static const struct file_operations smk_access2_ops = {
2107 .write = smk_write_access2,
2108 .read = simple_transaction_read,
2109 .release = simple_transaction_release,
2110 .llseek = generic_file_llseek,
2114 * smk_write_revoke_subj - write() for /smack/revoke-subject
2115 * @file: file pointer
2116 * @buf: data from user space
2117 * @count: bytes sent
2118 * @ppos: where to start - must be 0
2120 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2121 size_t count, loff_t *ppos)
2124 const char *cp = NULL;
2125 struct smack_known *skp;
2126 struct smack_rule *sp;
2127 struct list_head *rule_list;
2128 struct mutex *rule_lock;
2134 if (!smack_privileged(CAP_MAC_ADMIN))
2137 if (count == 0 || count > SMK_LONGLABEL)
2140 data = kzalloc(count, GFP_KERNEL);
2144 if (copy_from_user(data, buf, count) != 0) {
2149 cp = smk_parse_smack(data, count);
2155 skp = smk_find_entry(cp);
2159 rule_list = &skp->smk_rules;
2160 rule_lock = &skp->smk_rules_lock;
2162 mutex_lock(rule_lock);
2164 list_for_each_entry_rcu(sp, rule_list, list)
2167 mutex_unlock(rule_lock);
2175 static const struct file_operations smk_revoke_subj_ops = {
2176 .write = smk_write_revoke_subj,
2177 .read = simple_transaction_read,
2178 .release = simple_transaction_release,
2179 .llseek = generic_file_llseek,
2182 static struct kset *smackfs_kset;
2184 * smk_init_sysfs - initialize /sys/fs/smackfs
2187 static int smk_init_sysfs(void)
2189 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj);
2196 * smk_write_change_rule - write() for /smack/change-rule
2197 * @file: file pointer
2198 * @buf: data from user space
2199 * @count: bytes sent
2200 * @ppos: where to start - must be 0
2202 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2203 size_t count, loff_t *ppos)
2206 * Must have privilege.
2208 if (!capable(CAP_MAC_ADMIN))
2211 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2215 static const struct file_operations smk_change_rule_ops = {
2216 .write = smk_write_change_rule,
2217 .read = simple_transaction_read,
2218 .release = simple_transaction_release,
2219 .llseek = generic_file_llseek,
2223 * smk_fill_super - fill the /smackfs superblock
2224 * @sb: the empty superblock
2228 * Fill in the well known entries for /smack
2230 * Returns 0 on success, an error code on failure
2232 static int smk_fill_super(struct super_block *sb, void *data, int silent)
2235 struct inode *root_inode;
2237 static struct tree_descr smack_files[] = {
2239 "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2241 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2243 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2245 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2247 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2248 [SMK_NETLBLADDR] = {
2249 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
2251 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2253 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2255 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2257 "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2259 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2261 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2262 [SMK_LOAD_SELF2] = {
2263 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2265 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2267 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2268 [SMK_REVOKE_SUBJ] = {
2269 "revoke-subject", &smk_revoke_subj_ops,
2271 [SMK_CHANGE_RULE] = {
2272 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2273 #ifdef CONFIG_SECURITY_SMACK_PERMISSIVE_MODE
2274 [SMK_PERMISSIVE] = {
2275 "permissive", &smk_permissive_ops, S_IRUGO|S_IWUSR},
2282 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2284 printk(KERN_ERR "%s failed %d while creating inodes\n",
2289 root_inode = sb->s_root->d_inode;
2295 * smk_mount - get the smackfs superblock
2296 * @fs_type: passed along without comment
2297 * @flags: passed along without comment
2298 * @dev_name: passed along without comment
2299 * @data: passed along without comment
2301 * Just passes everything along.
2303 * Returns what the lower level code does.
2305 static struct dentry *smk_mount(struct file_system_type *fs_type,
2306 int flags, const char *dev_name, void *data)
2308 return mount_single(fs_type, flags, data, smk_fill_super);
2311 static struct file_system_type smk_fs_type = {
2314 .kill_sb = kill_litter_super,
2317 static struct vfsmount *smackfs_mount;
2319 static int __init smk_preset_netlabel(struct smack_known *skp)
2321 skp->smk_netlabel.domain = skp->smk_known;
2322 skp->smk_netlabel.flags =
2323 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
2324 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known,
2325 &skp->smk_netlabel, strlen(skp->smk_known));
2329 * init_smk_fs - get the smackfs superblock
2331 * register the smackfs
2333 * Do not register smackfs if Smack wasn't enabled
2334 * on boot. We can not put this method normally under the
2335 * smack_init() code path since the security subsystem get
2336 * initialized before the vfs caches.
2338 * Returns true if we were not chosen on boot or if
2339 * we were chosen and filesystem registration succeeded.
2341 static int __init init_smk_fs(void)
2346 if (!security_module_enable(&smack_ops))
2349 err = smk_init_sysfs();
2351 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
2353 err = register_filesystem(&smk_fs_type);
2355 smackfs_mount = kern_mount(&smk_fs_type);
2356 if (IS_ERR(smackfs_mount)) {
2357 printk(KERN_ERR "smackfs: could not mount!\n");
2358 err = PTR_ERR(smackfs_mount);
2359 smackfs_mount = NULL;
2364 smk_unlbl_ambient(NULL);
2366 rc = smk_preset_netlabel(&smack_known_floor);
2367 if (err == 0 && rc < 0)
2369 rc = smk_preset_netlabel(&smack_known_hat);
2370 if (err == 0 && rc < 0)
2372 rc = smk_preset_netlabel(&smack_known_huh);
2373 if (err == 0 && rc < 0)
2375 rc = smk_preset_netlabel(&smack_known_invalid);
2376 if (err == 0 && rc < 0)
2378 rc = smk_preset_netlabel(&smack_known_star);
2379 if (err == 0 && rc < 0)
2381 rc = smk_preset_netlabel(&smack_known_web);
2382 if (err == 0 && rc < 0)
2388 __initcall(init_smk_fs);