2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, version 2.
9 * Casey Schaufler <casey@schaufler-ca.com>
10 * Ahmed S. Darwish <darwish.07@gmail.com>
12 * Special thanks to the authors of selinuxfs.
14 * Karl MacMillan <kmacmillan@tresys.com>
15 * James Morris <jmorris@redhat.com>
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/cipso_ipv4.h>
26 #include <linux/seq_file.h>
27 #include <linux/ctype.h>
28 #include <linux/audit.h>
32 * smackfs pseudo filesystem.
37 SMK_LOAD = 3, /* load policy */
38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */
39 SMK_DOI = 5, /* CIPSO DOI */
40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */
41 SMK_AMBIENT = 7, /* internet ambient label */
42 SMK_NETLBLADDR = 8, /* single label hosts */
43 SMK_ONLYCAP = 9, /* the only "capable" label */
44 SMK_LOGGING = 10, /* logging */
45 SMK_LOAD_SELF = 11, /* task specific rules */
46 SMK_ACCESSES = 12, /* access policy */
47 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
48 SMK_LOAD2 = 14, /* load policy with long labels */
49 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
50 SMK_ACCESS2 = 16, /* make an access check with long labels */
51 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
52 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
53 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */
59 static DEFINE_MUTEX(smack_cipso_lock);
60 static DEFINE_MUTEX(smack_ambient_lock);
61 static DEFINE_MUTEX(smk_netlbladdr_lock);
64 * This is the "ambient" label for network traffic.
65 * If it isn't somehow marked, use this.
66 * It can be reset via smackfs/ambient
68 char *smack_net_ambient;
71 * This is the level in a CIPSO header that indicates a
72 * smack label is contained directly in the category set.
73 * It can be reset via smackfs/direct
75 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
78 * This is the level in a CIPSO header that indicates a
79 * secid is contained directly in the category set.
80 * It can be reset via smackfs/mapped
82 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
85 * Unless a process is running with this label even
86 * having CAP_MAC_OVERRIDE isn't enough to grant
87 * privilege to violate MAC policy. If no label is
88 * designated (the NULL case) capabilities apply to
89 * everyone. It is expected that the hat (^) label
90 * will be used if any label is used.
95 * Certain IP addresses may be designated as single label hosts.
96 * Packets are sent there unlabeled, but only from tasks that
97 * can write to the specified label.
100 LIST_HEAD(smk_netlbladdr_list);
103 * Rule lists are maintained for each label.
104 * This master list is just for reading /smack/load and /smack/load2.
106 struct smack_master_list {
107 struct list_head list;
108 struct smack_rule *smk_rule;
111 LIST_HEAD(smack_rule_list);
113 struct smack_parsed_rule {
120 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
122 const char *smack_cipso_option = SMACK_CIPSO_OPTION;
125 * Values for parsing cipso rules
126 * SMK_DIGITLEN: Length of a digit field in a rule.
127 * SMK_CIPSOMIN: Minimum possible cipso rule length.
128 * SMK_CIPSOMAX: Maximum possible cipso rule length.
130 #define SMK_DIGITLEN 4
131 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
132 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
135 * Values for parsing MAC rules
136 * SMK_ACCESS: Maximum possible combination of access permissions
137 * SMK_ACCESSLEN: Maximum length for a rule access field
138 * SMK_LOADLEN: Smack rule length
140 #define SMK_OACCESS "rwxa"
141 #define SMK_ACCESS "rwxatl"
142 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
143 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
144 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
145 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
148 * Stricly for CIPSO level manipulation.
149 * Set the category bit number in a smack label sized buffer.
151 static inline void smack_catset_bit(unsigned int cat, char *catsetp)
153 if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
156 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
160 * smk_netlabel_audit_set - fill a netlbl_audit struct
161 * @nap: structure to fill
163 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
165 nap->loginuid = audit_get_loginuid(current);
166 nap->sessionid = audit_get_sessionid(current);
167 nap->secid = smack_to_secid(smk_of_current());
171 * Value for parsing single label host rules
174 #define SMK_NETLBLADDRMIN 9
177 * smk_set_access - add a rule to the rule list or replace an old rule
178 * @srp: the rule to add or replace
179 * @rule_list: the list of rules
180 * @rule_lock: the rule list lock
181 * @global: if non-zero, indicates a global rule
183 * Looks through the current subject/object/access list for
184 * the subject/object pair and replaces the access that was
185 * there. If the pair isn't found add it with the specified
188 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
189 * during the allocation of the new pair to add.
191 static int smk_set_access(struct smack_parsed_rule *srp,
192 struct list_head *rule_list,
193 struct mutex *rule_lock, int global)
195 struct smack_rule *sp;
196 struct smack_master_list *smlp;
200 mutex_lock(rule_lock);
203 * Because the object label is less likely to match
204 * than the subject label check it first
206 list_for_each_entry_rcu(sp, rule_list, list) {
207 if (sp->smk_object == srp->smk_object &&
208 sp->smk_subject == srp->smk_subject) {
210 sp->smk_access |= srp->smk_access1;
211 sp->smk_access &= ~srp->smk_access2;
217 sp = kzalloc(sizeof(*sp), GFP_KERNEL);
223 sp->smk_subject = srp->smk_subject;
224 sp->smk_object = srp->smk_object;
225 sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
227 list_add_rcu(&sp->list, rule_list);
229 * If this is a global as opposed to self and a new rule
230 * it needs to get added for reporting.
233 smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
236 list_add_rcu(&smlp->list, &smack_rule_list);
243 mutex_unlock(rule_lock);
248 * smk_perm_from_str - parse smack accesses from a text string
249 * @string: a text string that contains a Smack accesses code
251 * Returns an integer with respective bits set for specified accesses.
253 static int smk_perm_from_str(const char *string)
258 for (cp = string; ; cp++)
280 perm |= MAY_TRANSMUTE;
292 * smk_fill_rule - Fill Smack rule from strings
293 * @subject: subject label string
294 * @object: object label string
295 * @access1: access string
296 * @access2: string with permissions to be removed
298 * @import: if non-zero, import labels
299 * @len: label length limit
301 * Returns 0 on success, -1 on failure
303 static int smk_fill_rule(const char *subject, const char *object,
304 const char *access1, const char *access2,
305 struct smack_parsed_rule *rule, int import,
309 struct smack_known *skp;
312 rule->smk_subject = smk_import(subject, len);
313 if (rule->smk_subject == NULL)
316 rule->smk_object = smk_import(object, len);
317 if (rule->smk_object == NULL)
320 cp = smk_parse_smack(subject, len);
323 skp = smk_find_entry(cp);
327 rule->smk_subject = skp->smk_known;
329 cp = smk_parse_smack(object, len);
332 skp = smk_find_entry(cp);
336 rule->smk_object = skp->smk_known;
339 rule->smk_access1 = smk_perm_from_str(access1);
341 rule->smk_access2 = smk_perm_from_str(access2);
343 rule->smk_access2 = ~rule->smk_access1;
349 * smk_parse_rule - parse Smack rule from load string
350 * @data: string to be parsed whose size is SMK_LOADLEN
352 * @import: if non-zero, import labels
354 * Returns 0 on success, -1 on errors.
356 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
361 rc = smk_fill_rule(data, data + SMK_LABELLEN,
362 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
363 import, SMK_LABELLEN);
368 * smk_parse_long_rule - parse Smack rule from rule string
369 * @data: string to be parsed, null terminated
370 * @rule: Will be filled with Smack parsed rule
371 * @import: if non-zero, import labels
372 * @change: if non-zero, data is from /smack/change-rule
374 * Returns 0 on success, -1 on failure
376 static int smk_parse_long_rule(const char *data, struct smack_parsed_rule *rule,
377 int import, int change)
386 /* This is inefficient */
387 datalen = strlen(data);
389 /* Our first element can be 64 + \0 with no spaces */
390 subject = kzalloc(datalen + 1, GFP_KERNEL);
393 object = kzalloc(datalen, GFP_KERNEL);
396 access1 = kzalloc(datalen, GFP_KERNEL);
399 access2 = kzalloc(datalen, GFP_KERNEL);
404 if (sscanf(data, "%s %s %s %s",
405 subject, object, access1, access2) == 4)
406 rc = smk_fill_rule(subject, object, access1, access2,
409 if (sscanf(data, "%s %s %s", subject, object, access1) == 3)
410 rc = smk_fill_rule(subject, object, access1, NULL,
424 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
425 #define SMK_LONG_FMT 1 /* Variable long label format */
426 #define SMK_CHANGE_FMT 2 /* Rule modification format */
428 * smk_write_rules_list - write() for any /smack rule file
429 * @file: file pointer, not actually used
430 * @buf: where to get the data from
432 * @ppos: where to start - must be 0
433 * @rule_list: the list of rules to write to
434 * @rule_lock: lock for the rule list
435 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
437 * Get one smack access rule from above.
438 * The format for SMK_LONG_FMT is:
439 * "subject<whitespace>object<whitespace>access[<whitespace>...]"
440 * The format for SMK_FIXED24_FMT is exactly:
441 * "subject object rwxat"
442 * The format for SMK_CHANGE_FMT is:
443 * "subject<whitespace>object<whitespace>
444 * acc_enable<whitespace>acc_disable[<whitespace>...]"
446 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
447 size_t count, loff_t *ppos,
448 struct list_head *rule_list,
449 struct mutex *rule_lock, int format)
451 struct smack_known *skp;
452 struct smack_parsed_rule rule;
461 * Enough data must be present.
466 if (format == SMK_FIXED24_FMT) {
468 * Minor hack for backward compatibility
470 if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
472 datalen = SMK_LOADLEN + 1;
476 data = kzalloc(datalen, GFP_KERNEL);
480 if (copy_from_user(data, buf, count) != 0) {
485 if (format == SMK_LONG_FMT) {
487 * Be sure the data string is terminated.
490 if (smk_parse_long_rule(data, &rule, 1, 0))
492 } else if (format == SMK_CHANGE_FMT) {
494 if (smk_parse_long_rule(data, &rule, 1, 1))
498 * More on the minor hack for backward compatibility
500 if (count == (SMK_OLOADLEN))
501 data[SMK_OLOADLEN] = '-';
502 if (smk_parse_rule(data, &rule, 1))
507 if (rule_list == NULL) {
509 skp = smk_find_entry(rule.smk_subject);
510 rule_list = &skp->smk_rules;
511 rule_lock = &skp->smk_rules_lock;
514 rc = smk_set_access(&rule, rule_list, rule_lock, load);
523 * Core logic for smackfs seq list operations.
526 static void *smk_seq_start(struct seq_file *s, loff_t *pos,
527 struct list_head *head)
529 struct list_head *list;
532 * This is 0 the first time through.
537 if (s->private == NULL)
541 if (list_empty(list))
549 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
550 struct list_head *head)
552 struct list_head *list = v;
554 if (list_is_last(list, head)) {
558 s->private = list->next;
562 static void smk_seq_stop(struct seq_file *s, void *v)
567 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
570 * Don't show any rules with label names too long for
571 * interface file (/smack/load or /smack/load2)
572 * because you should expect to be able to write
573 * anything you read back.
575 if (strlen(srp->smk_subject) >= max || strlen(srp->smk_object) >= max)
578 if (srp->smk_access == 0)
581 seq_printf(s, "%s %s", srp->smk_subject, srp->smk_object);
585 if (srp->smk_access & MAY_READ)
587 if (srp->smk_access & MAY_WRITE)
589 if (srp->smk_access & MAY_EXEC)
591 if (srp->smk_access & MAY_APPEND)
593 if (srp->smk_access & MAY_TRANSMUTE)
595 if (srp->smk_access & MAY_LOCK)
602 * Seq_file read operations for /smack/load
605 static void *load2_seq_start(struct seq_file *s, loff_t *pos)
607 return smk_seq_start(s, pos, &smack_rule_list);
610 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
612 return smk_seq_next(s, v, pos, &smack_rule_list);
615 static int load_seq_show(struct seq_file *s, void *v)
617 struct list_head *list = v;
618 struct smack_master_list *smlp =
619 list_entry(list, struct smack_master_list, list);
621 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN);
626 static const struct seq_operations load_seq_ops = {
627 .start = load2_seq_start,
628 .next = load2_seq_next,
629 .show = load_seq_show,
630 .stop = smk_seq_stop,
634 * smk_open_load - open() for /smack/load
635 * @inode: inode structure representing file
636 * @file: "load" file pointer
638 * For reading, use load_seq_* seq_file reading operations.
640 static int smk_open_load(struct inode *inode, struct file *file)
642 return seq_open(file, &load_seq_ops);
646 * smk_write_load - write() for /smack/load
647 * @file: file pointer, not actually used
648 * @buf: where to get the data from
650 * @ppos: where to start - must be 0
653 static ssize_t smk_write_load(struct file *file, const char __user *buf,
654 size_t count, loff_t *ppos)
657 * Must have privilege.
659 * Enough data must be present.
661 if (!smack_privileged(CAP_MAC_ADMIN))
664 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
668 static const struct file_operations smk_load_ops = {
669 .open = smk_open_load,
672 .write = smk_write_load,
673 .release = seq_release,
677 * smk_cipso_doi - initialize the CIPSO domain
679 static void smk_cipso_doi(void)
682 struct cipso_v4_doi *doip;
683 struct netlbl_audit nai;
685 smk_netlabel_audit_set(&nai);
687 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
689 printk(KERN_WARNING "%s:%d remove rc = %d\n",
690 __func__, __LINE__, rc);
692 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
694 panic("smack: Failed to initialize cipso DOI.\n");
695 doip->map.std = NULL;
696 doip->doi = smk_cipso_doi_value;
697 doip->type = CIPSO_V4_MAP_PASS;
698 doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
699 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
700 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
702 rc = netlbl_cfg_cipsov4_add(doip, &nai);
704 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
705 __func__, __LINE__, rc);
709 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
711 printk(KERN_WARNING "%s:%d map add rc = %d\n",
712 __func__, __LINE__, rc);
719 * smk_unlbl_ambient - initialize the unlabeled domain
720 * @oldambient: previous domain string
722 static void smk_unlbl_ambient(char *oldambient)
725 struct netlbl_audit nai;
727 smk_netlabel_audit_set(&nai);
729 if (oldambient != NULL) {
730 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
732 printk(KERN_WARNING "%s:%d remove rc = %d\n",
733 __func__, __LINE__, rc);
735 if (smack_net_ambient == NULL)
736 smack_net_ambient = smack_known_floor.smk_known;
738 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient, PF_INET,
741 printk(KERN_WARNING "%s:%d add rc = %d\n",
742 __func__, __LINE__, rc);
746 * Seq_file read operations for /smack/cipso
749 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
751 return smk_seq_start(s, pos, &smack_known_list);
754 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
756 return smk_seq_next(s, v, pos, &smack_known_list);
760 * Print cipso labels in format:
761 * label level[/cat[,cat]]
763 static int cipso_seq_show(struct seq_file *s, void *v)
765 struct list_head *list = v;
766 struct smack_known *skp =
767 list_entry(list, struct smack_known, list);
768 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
773 * Don't show a label that could not have been set using
774 * /smack/cipso. This is in support of the notion that
775 * anything read from /smack/cipso ought to be writeable
778 * /smack/cipso2 should be used instead.
780 if (strlen(skp->smk_known) >= SMK_LABELLEN)
783 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
785 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
786 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
787 seq_printf(s, "%c%d", sep, i);
796 static const struct seq_operations cipso_seq_ops = {
797 .start = cipso_seq_start,
798 .next = cipso_seq_next,
799 .show = cipso_seq_show,
800 .stop = smk_seq_stop,
804 * smk_open_cipso - open() for /smack/cipso
805 * @inode: inode structure representing file
806 * @file: "cipso" file pointer
808 * Connect our cipso_seq_* operations with /smack/cipso
811 static int smk_open_cipso(struct inode *inode, struct file *file)
813 return seq_open(file, &cipso_seq_ops);
817 * smk_set_cipso - do the work for write() for cipso and cipso2
818 * @file: file pointer, not actually used
819 * @buf: where to get the data from
821 * @ppos: where to start
822 * @format: /smack/cipso or /smack/cipso2
824 * Accepts only one cipso rule per write call.
825 * Returns number of bytes written or error code, as appropriate
827 static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
828 size_t count, loff_t *ppos, int format)
830 struct smack_known *skp;
831 struct netlbl_lsm_secattr ncats;
832 char mapcatset[SMK_CIPSOLEN];
836 ssize_t rc = -EINVAL;
843 * Must have privilege.
845 * Enough data must be present.
847 if (!smack_privileged(CAP_MAC_ADMIN))
851 if (format == SMK_FIXED24_FMT &&
852 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
855 data = kzalloc(count + 1, GFP_KERNEL);
859 if (copy_from_user(data, buf, count) != 0) {
867 * Only allow one writer at a time. Writes should be
868 * quite rare and small in any case.
870 mutex_lock(&smack_cipso_lock);
872 skp = smk_import_entry(rule, 0);
876 if (format == SMK_FIXED24_FMT)
877 rule += SMK_LABELLEN;
879 rule += strlen(skp->smk_known) + 1;
881 ret = sscanf(rule, "%d", &maplevel);
882 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
885 rule += SMK_DIGITLEN;
886 ret = sscanf(rule, "%d", &catlen);
887 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
890 if (format == SMK_FIXED24_FMT &&
891 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
894 memset(mapcatset, 0, sizeof(mapcatset));
896 for (i = 0; i < catlen; i++) {
897 rule += SMK_DIGITLEN;
898 ret = sscanf(rule, "%u", &cat);
899 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
902 smack_catset_bit(cat, mapcatset);
905 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
907 netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat);
908 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
909 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
914 mutex_unlock(&smack_cipso_lock);
921 * smk_write_cipso - write() for /smack/cipso
922 * @file: file pointer, not actually used
923 * @buf: where to get the data from
925 * @ppos: where to start
927 * Accepts only one cipso rule per write call.
928 * Returns number of bytes written or error code, as appropriate
930 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
931 size_t count, loff_t *ppos)
933 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
936 static const struct file_operations smk_cipso_ops = {
937 .open = smk_open_cipso,
940 .write = smk_write_cipso,
941 .release = seq_release,
945 * Seq_file read operations for /smack/cipso2
949 * Print cipso labels in format:
950 * label level[/cat[,cat]]
952 static int cipso2_seq_show(struct seq_file *s, void *v)
954 struct list_head *list = v;
955 struct smack_known *skp =
956 list_entry(list, struct smack_known, list);
957 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
961 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
963 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
964 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
965 seq_printf(s, "%c%d", sep, i);
974 static const struct seq_operations cipso2_seq_ops = {
975 .start = cipso_seq_start,
976 .next = cipso_seq_next,
977 .show = cipso2_seq_show,
978 .stop = smk_seq_stop,
982 * smk_open_cipso2 - open() for /smack/cipso2
983 * @inode: inode structure representing file
984 * @file: "cipso2" file pointer
986 * Connect our cipso_seq_* operations with /smack/cipso2
989 static int smk_open_cipso2(struct inode *inode, struct file *file)
991 return seq_open(file, &cipso2_seq_ops);
995 * smk_write_cipso2 - write() for /smack/cipso2
996 * @file: file pointer, not actually used
997 * @buf: where to get the data from
999 * @ppos: where to start
1001 * Accepts only one cipso rule per write call.
1002 * Returns number of bytes written or error code, as appropriate
1004 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
1005 size_t count, loff_t *ppos)
1007 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1010 static const struct file_operations smk_cipso2_ops = {
1011 .open = smk_open_cipso2,
1013 .llseek = seq_lseek,
1014 .write = smk_write_cipso2,
1015 .release = seq_release,
1019 * Seq_file read operations for /smack/netlabel
1022 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
1024 return smk_seq_start(s, pos, &smk_netlbladdr_list);
1027 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1029 return smk_seq_next(s, v, pos, &smk_netlbladdr_list);
1031 #define BEBITS (sizeof(__be32) * 8)
1034 * Print host/label pairs
1036 static int netlbladdr_seq_show(struct seq_file *s, void *v)
1038 struct list_head *list = v;
1039 struct smk_netlbladdr *skp =
1040 list_entry(list, struct smk_netlbladdr, list);
1041 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
1043 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
1045 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
1047 seq_printf(s, "%u.%u.%u.%u/%d %s\n",
1048 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label);
1053 static const struct seq_operations netlbladdr_seq_ops = {
1054 .start = netlbladdr_seq_start,
1055 .next = netlbladdr_seq_next,
1056 .show = netlbladdr_seq_show,
1057 .stop = smk_seq_stop,
1061 * smk_open_netlbladdr - open() for /smack/netlabel
1062 * @inode: inode structure representing file
1063 * @file: "netlabel" file pointer
1065 * Connect our netlbladdr_seq_* operations with /smack/netlabel
1068 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
1070 return seq_open(file, &netlbladdr_seq_ops);
1074 * smk_netlbladdr_insert
1075 * @new : netlabel to insert
1077 * This helper insert netlabel in the smack_netlbladdrs list
1078 * sorted by netmask length (longest to smallest)
1079 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr
1082 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
1084 struct smk_netlbladdr *m, *m_next;
1086 if (list_empty(&smk_netlbladdr_list)) {
1087 list_add_rcu(&new->list, &smk_netlbladdr_list);
1091 m = list_entry_rcu(smk_netlbladdr_list.next,
1092 struct smk_netlbladdr, list);
1094 /* the comparison '>' is a bit hacky, but works */
1095 if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
1096 list_add_rcu(&new->list, &smk_netlbladdr_list);
1100 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
1101 if (list_is_last(&m->list, &smk_netlbladdr_list)) {
1102 list_add_rcu(&new->list, &m->list);
1105 m_next = list_entry_rcu(m->list.next,
1106 struct smk_netlbladdr, list);
1107 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
1108 list_add_rcu(&new->list, &m->list);
1116 * smk_write_netlbladdr - write() for /smack/netlabel
1117 * @file: file pointer, not actually used
1118 * @buf: where to get the data from
1119 * @count: bytes sent
1120 * @ppos: where to start
1122 * Accepts only one netlbladdr per write call.
1123 * Returns number of bytes written or error code, as appropriate
1125 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
1126 size_t count, loff_t *ppos)
1128 struct smk_netlbladdr *skp;
1129 struct sockaddr_in newname;
1133 char *host = (char *)&newname.sin_addr.s_addr;
1135 struct netlbl_audit audit_info;
1136 struct in_addr mask;
1139 u32 mask_bits = (1<<31);
1144 * Must have privilege.
1145 * No partial writes.
1146 * Enough data must be present.
1147 * "<addr/mask, as a.b.c.d/e><space><label>"
1148 * "<addr, as a.b.c.d><space><label>"
1150 if (!smack_privileged(CAP_MAC_ADMIN))
1154 if (count < SMK_NETLBLADDRMIN)
1157 data = kzalloc(count + 1, GFP_KERNEL);
1161 if (copy_from_user(data, buf, count) != 0) {
1166 smack = kzalloc(count + 1, GFP_KERNEL);
1167 if (smack == NULL) {
1174 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s",
1175 &host[0], &host[1], &host[2], &host[3], &m, smack);
1177 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1178 &host[0], &host[1], &host[2], &host[3], smack);
1191 * If smack begins with '-', it is an option, don't import it
1193 if (smack[0] != '-') {
1194 sp = smk_import(smack, 0);
1200 /* check known options */
1201 if (strcmp(smack, smack_cipso_option) == 0)
1202 sp = (char *)smack_cipso_option;
1209 for (temp_mask = 0; m > 0; m--) {
1210 temp_mask |= mask_bits;
1213 mask.s_addr = cpu_to_be32(temp_mask);
1215 newname.sin_addr.s_addr &= mask.s_addr;
1217 * Only allow one writer at a time. Writes should be
1218 * quite rare and small in any case.
1220 mutex_lock(&smk_netlbladdr_lock);
1222 nsa = newname.sin_addr.s_addr;
1223 /* try to find if the prefix is already in the list */
1225 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) {
1226 if (skp->smk_host.sin_addr.s_addr == nsa &&
1227 skp->smk_mask.s_addr == mask.s_addr) {
1232 smk_netlabel_audit_set(&audit_info);
1235 skp = kzalloc(sizeof(*skp), GFP_KERNEL);
1240 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
1241 skp->smk_mask.s_addr = mask.s_addr;
1242 skp->smk_label = sp;
1243 smk_netlbladdr_insert(skp);
1246 /* we delete the unlabeled entry, only if the previous label
1247 * wasn't the special CIPSO option */
1248 if (skp->smk_label != smack_cipso_option)
1249 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1250 &skp->smk_host.sin_addr, &skp->smk_mask,
1251 PF_INET, &audit_info);
1254 skp->smk_label = sp;
1258 * Now tell netlabel about the single label nature of
1259 * this host so that incoming packets get labeled.
1260 * but only if we didn't get the special CIPSO option
1262 if (rc == 0 && sp != smack_cipso_option)
1263 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1264 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET,
1265 smack_to_secid(skp->smk_label), &audit_info);
1270 mutex_unlock(&smk_netlbladdr_lock);
1280 static const struct file_operations smk_netlbladdr_ops = {
1281 .open = smk_open_netlbladdr,
1283 .llseek = seq_lseek,
1284 .write = smk_write_netlbladdr,
1285 .release = seq_release,
1289 * smk_read_doi - read() for /smack/doi
1290 * @filp: file pointer, not actually used
1291 * @buf: where to put the result
1292 * @count: maximum to send along
1293 * @ppos: where to start
1295 * Returns number of bytes read or error code, as appropriate
1297 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1298 size_t count, loff_t *ppos)
1306 sprintf(temp, "%d", smk_cipso_doi_value);
1307 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1313 * smk_write_doi - write() for /smack/doi
1314 * @file: file pointer, not actually used
1315 * @buf: where to get the data from
1316 * @count: bytes sent
1317 * @ppos: where to start
1319 * Returns number of bytes written or error code, as appropriate
1321 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1322 size_t count, loff_t *ppos)
1327 if (!smack_privileged(CAP_MAC_ADMIN))
1330 if (count >= sizeof(temp) || count == 0)
1333 if (copy_from_user(temp, buf, count) != 0)
1338 if (sscanf(temp, "%d", &i) != 1)
1341 smk_cipso_doi_value = i;
1348 static const struct file_operations smk_doi_ops = {
1349 .read = smk_read_doi,
1350 .write = smk_write_doi,
1351 .llseek = default_llseek,
1355 * smk_read_direct - read() for /smack/direct
1356 * @filp: file pointer, not actually used
1357 * @buf: where to put the result
1358 * @count: maximum to send along
1359 * @ppos: where to start
1361 * Returns number of bytes read or error code, as appropriate
1363 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1364 size_t count, loff_t *ppos)
1372 sprintf(temp, "%d", smack_cipso_direct);
1373 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1379 * smk_write_direct - write() for /smack/direct
1380 * @file: file pointer, not actually used
1381 * @buf: where to get the data from
1382 * @count: bytes sent
1383 * @ppos: where to start
1385 * Returns number of bytes written or error code, as appropriate
1387 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1388 size_t count, loff_t *ppos)
1390 struct smack_known *skp;
1394 if (!smack_privileged(CAP_MAC_ADMIN))
1397 if (count >= sizeof(temp) || count == 0)
1400 if (copy_from_user(temp, buf, count) != 0)
1405 if (sscanf(temp, "%d", &i) != 1)
1409 * Don't do anything if the value hasn't actually changed.
1410 * If it is changing reset the level on entries that were
1411 * set up to be direct when they were created.
1413 if (smack_cipso_direct != i) {
1414 mutex_lock(&smack_known_lock);
1415 list_for_each_entry_rcu(skp, &smack_known_list, list)
1416 if (skp->smk_netlabel.attr.mls.lvl ==
1418 skp->smk_netlabel.attr.mls.lvl = i;
1419 smack_cipso_direct = i;
1420 mutex_unlock(&smack_known_lock);
1426 static const struct file_operations smk_direct_ops = {
1427 .read = smk_read_direct,
1428 .write = smk_write_direct,
1429 .llseek = default_llseek,
1433 * smk_read_mapped - read() for /smack/mapped
1434 * @filp: file pointer, not actually used
1435 * @buf: where to put the result
1436 * @count: maximum to send along
1437 * @ppos: where to start
1439 * Returns number of bytes read or error code, as appropriate
1441 static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1442 size_t count, loff_t *ppos)
1450 sprintf(temp, "%d", smack_cipso_mapped);
1451 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1457 * smk_write_mapped - write() for /smack/mapped
1458 * @file: file pointer, not actually used
1459 * @buf: where to get the data from
1460 * @count: bytes sent
1461 * @ppos: where to start
1463 * Returns number of bytes written or error code, as appropriate
1465 static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1466 size_t count, loff_t *ppos)
1468 struct smack_known *skp;
1472 if (!smack_privileged(CAP_MAC_ADMIN))
1475 if (count >= sizeof(temp) || count == 0)
1478 if (copy_from_user(temp, buf, count) != 0)
1483 if (sscanf(temp, "%d", &i) != 1)
1487 * Don't do anything if the value hasn't actually changed.
1488 * If it is changing reset the level on entries that were
1489 * set up to be mapped when they were created.
1491 if (smack_cipso_mapped != i) {
1492 mutex_lock(&smack_known_lock);
1493 list_for_each_entry_rcu(skp, &smack_known_list, list)
1494 if (skp->smk_netlabel.attr.mls.lvl ==
1496 skp->smk_netlabel.attr.mls.lvl = i;
1497 smack_cipso_mapped = i;
1498 mutex_unlock(&smack_known_lock);
1504 static const struct file_operations smk_mapped_ops = {
1505 .read = smk_read_mapped,
1506 .write = smk_write_mapped,
1507 .llseek = default_llseek,
1511 * smk_read_ambient - read() for /smack/ambient
1512 * @filp: file pointer, not actually used
1513 * @buf: where to put the result
1514 * @cn: maximum to send along
1515 * @ppos: where to start
1517 * Returns number of bytes read or error code, as appropriate
1519 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1520 size_t cn, loff_t *ppos)
1528 * Being careful to avoid a problem in the case where
1529 * smack_net_ambient gets changed in midstream.
1531 mutex_lock(&smack_ambient_lock);
1533 asize = strlen(smack_net_ambient) + 1;
1536 rc = simple_read_from_buffer(buf, cn, ppos,
1537 smack_net_ambient, asize);
1541 mutex_unlock(&smack_ambient_lock);
1547 * smk_write_ambient - write() for /smack/ambient
1548 * @file: file pointer, not actually used
1549 * @buf: where to get the data from
1550 * @count: bytes sent
1551 * @ppos: where to start
1553 * Returns number of bytes written or error code, as appropriate
1555 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1556 size_t count, loff_t *ppos)
1563 if (!smack_privileged(CAP_MAC_ADMIN))
1566 data = kzalloc(count + 1, GFP_KERNEL);
1570 if (copy_from_user(data, buf, count) != 0) {
1575 smack = smk_import(data, count);
1576 if (smack == NULL) {
1581 mutex_lock(&smack_ambient_lock);
1583 oldambient = smack_net_ambient;
1584 smack_net_ambient = smack;
1585 smk_unlbl_ambient(oldambient);
1587 mutex_unlock(&smack_ambient_lock);
1594 static const struct file_operations smk_ambient_ops = {
1595 .read = smk_read_ambient,
1596 .write = smk_write_ambient,
1597 .llseek = default_llseek,
1601 * smk_read_onlycap - read() for /smack/onlycap
1602 * @filp: file pointer, not actually used
1603 * @buf: where to put the result
1604 * @cn: maximum to send along
1605 * @ppos: where to start
1607 * Returns number of bytes read or error code, as appropriate
1609 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf,
1610 size_t cn, loff_t *ppos)
1613 ssize_t rc = -EINVAL;
1619 if (smack_onlycap != NULL)
1620 smack = smack_onlycap;
1622 asize = strlen(smack) + 1;
1625 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
1631 * smk_write_onlycap - write() for /smack/onlycap
1632 * @file: file pointer, not actually used
1633 * @buf: where to get the data from
1634 * @count: bytes sent
1635 * @ppos: where to start
1637 * Returns number of bytes written or error code, as appropriate
1639 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1640 size_t count, loff_t *ppos)
1643 char *sp = smk_of_task(current->cred->security);
1646 if (!smack_privileged(CAP_MAC_ADMIN))
1650 * This can be done using smk_access() but is done
1651 * explicitly for clarity. The smk_access() implementation
1652 * would use smk_access(smack_onlycap, MAY_WRITE)
1654 if (smack_onlycap != NULL && smack_onlycap != sp)
1657 data = kzalloc(count, GFP_KERNEL);
1662 * Should the null string be passed in unset the onlycap value.
1663 * This seems like something to be careful with as usually
1664 * smk_import only expects to return NULL for errors. It
1665 * is usually the case that a nullstring or "\n" would be
1666 * bad to pass to smk_import but in fact this is useful here.
1668 * smk_import will also reject a label beginning with '-',
1669 * so "-usecapabilities" will also work.
1671 if (copy_from_user(data, buf, count) != 0)
1674 smack_onlycap = smk_import(data, count);
1680 static const struct file_operations smk_onlycap_ops = {
1681 .read = smk_read_onlycap,
1682 .write = smk_write_onlycap,
1683 .llseek = default_llseek,
1687 * smk_read_logging - read() for /smack/logging
1688 * @filp: file pointer, not actually used
1689 * @buf: where to put the result
1690 * @cn: maximum to send along
1691 * @ppos: where to start
1693 * Returns number of bytes read or error code, as appropriate
1695 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1696 size_t count, loff_t *ppos)
1704 sprintf(temp, "%d\n", log_policy);
1705 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1710 * smk_write_logging - write() for /smack/logging
1711 * @file: file pointer, not actually used
1712 * @buf: where to get the data from
1713 * @count: bytes sent
1714 * @ppos: where to start
1716 * Returns number of bytes written or error code, as appropriate
1718 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1719 size_t count, loff_t *ppos)
1724 if (!smack_privileged(CAP_MAC_ADMIN))
1727 if (count >= sizeof(temp) || count == 0)
1730 if (copy_from_user(temp, buf, count) != 0)
1735 if (sscanf(temp, "%d", &i) != 1)
1745 static const struct file_operations smk_logging_ops = {
1746 .read = smk_read_logging,
1747 .write = smk_write_logging,
1748 .llseek = default_llseek,
1752 * Seq_file read operations for /smack/load-self
1755 static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
1757 struct task_smack *tsp = current_security();
1759 return smk_seq_start(s, pos, &tsp->smk_rules);
1762 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
1764 struct task_smack *tsp = current_security();
1766 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1769 static int load_self_seq_show(struct seq_file *s, void *v)
1771 struct list_head *list = v;
1772 struct smack_rule *srp =
1773 list_entry(list, struct smack_rule, list);
1775 smk_rule_show(s, srp, SMK_LABELLEN);
1780 static const struct seq_operations load_self_seq_ops = {
1781 .start = load_self_seq_start,
1782 .next = load_self_seq_next,
1783 .show = load_self_seq_show,
1784 .stop = smk_seq_stop,
1789 * smk_open_load_self - open() for /smack/load-self2
1790 * @inode: inode structure representing file
1791 * @file: "load" file pointer
1793 * For reading, use load_seq_* seq_file reading operations.
1795 static int smk_open_load_self(struct inode *inode, struct file *file)
1797 return seq_open(file, &load_self_seq_ops);
1801 * smk_write_load_self - write() for /smack/load-self
1802 * @file: file pointer, not actually used
1803 * @buf: where to get the data from
1804 * @count: bytes sent
1805 * @ppos: where to start - must be 0
1808 static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
1809 size_t count, loff_t *ppos)
1811 struct task_smack *tsp = current_security();
1813 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1814 &tsp->smk_rules_lock, SMK_FIXED24_FMT);
1817 static const struct file_operations smk_load_self_ops = {
1818 .open = smk_open_load_self,
1820 .llseek = seq_lseek,
1821 .write = smk_write_load_self,
1822 .release = seq_release,
1826 * smk_user_access - handle access check transaction
1827 * @file: file pointer
1828 * @buf: data from user space
1829 * @count: bytes sent
1830 * @ppos: where to start - must be 0
1832 static ssize_t smk_user_access(struct file *file, const char __user *buf,
1833 size_t count, loff_t *ppos, int format)
1835 struct smack_parsed_rule rule;
1840 data = simple_transaction_get(file, buf, count);
1842 return PTR_ERR(data);
1844 if (format == SMK_FIXED24_FMT) {
1845 if (count < SMK_LOADLEN)
1847 res = smk_parse_rule(data, &rule, 0);
1850 * Copy the data to make sure the string is terminated.
1852 cod = kzalloc(count + 1, GFP_KERNEL);
1855 memcpy(cod, data, count);
1857 res = smk_parse_long_rule(cod, &rule, 0, 0);
1864 res = smk_access(rule.smk_subject, rule.smk_object, rule.smk_access1,
1866 data[0] = res == 0 ? '1' : '0';
1869 simple_transaction_set(file, 2);
1875 * smk_write_access - handle access check transaction
1876 * @file: file pointer
1877 * @buf: data from user space
1878 * @count: bytes sent
1879 * @ppos: where to start - must be 0
1881 static ssize_t smk_write_access(struct file *file, const char __user *buf,
1882 size_t count, loff_t *ppos)
1884 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
1887 static const struct file_operations smk_access_ops = {
1888 .write = smk_write_access,
1889 .read = simple_transaction_read,
1890 .release = simple_transaction_release,
1891 .llseek = generic_file_llseek,
1896 * Seq_file read operations for /smack/load2
1899 static int load2_seq_show(struct seq_file *s, void *v)
1901 struct list_head *list = v;
1902 struct smack_master_list *smlp =
1903 list_entry(list, struct smack_master_list, list);
1905 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL);
1910 static const struct seq_operations load2_seq_ops = {
1911 .start = load2_seq_start,
1912 .next = load2_seq_next,
1913 .show = load2_seq_show,
1914 .stop = smk_seq_stop,
1918 * smk_open_load2 - open() for /smack/load2
1919 * @inode: inode structure representing file
1920 * @file: "load2" file pointer
1922 * For reading, use load2_seq_* seq_file reading operations.
1924 static int smk_open_load2(struct inode *inode, struct file *file)
1926 return seq_open(file, &load2_seq_ops);
1930 * smk_write_load2 - write() for /smack/load2
1931 * @file: file pointer, not actually used
1932 * @buf: where to get the data from
1933 * @count: bytes sent
1934 * @ppos: where to start - must be 0
1937 static ssize_t smk_write_load2(struct file *file, const char __user *buf,
1938 size_t count, loff_t *ppos)
1941 * Must have privilege.
1943 if (!smack_privileged(CAP_MAC_ADMIN))
1946 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
1950 static const struct file_operations smk_load2_ops = {
1951 .open = smk_open_load2,
1953 .llseek = seq_lseek,
1954 .write = smk_write_load2,
1955 .release = seq_release,
1959 * Seq_file read operations for /smack/load-self2
1962 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
1964 struct task_smack *tsp = current_security();
1966 return smk_seq_start(s, pos, &tsp->smk_rules);
1969 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
1971 struct task_smack *tsp = current_security();
1973 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1976 static int load_self2_seq_show(struct seq_file *s, void *v)
1978 struct list_head *list = v;
1979 struct smack_rule *srp =
1980 list_entry(list, struct smack_rule, list);
1982 smk_rule_show(s, srp, SMK_LONGLABEL);
1987 static const struct seq_operations load_self2_seq_ops = {
1988 .start = load_self2_seq_start,
1989 .next = load_self2_seq_next,
1990 .show = load_self2_seq_show,
1991 .stop = smk_seq_stop,
1995 * smk_open_load_self2 - open() for /smack/load-self2
1996 * @inode: inode structure representing file
1997 * @file: "load" file pointer
1999 * For reading, use load_seq_* seq_file reading operations.
2001 static int smk_open_load_self2(struct inode *inode, struct file *file)
2003 return seq_open(file, &load_self2_seq_ops);
2007 * smk_write_load_self2 - write() for /smack/load-self2
2008 * @file: file pointer, not actually used
2009 * @buf: where to get the data from
2010 * @count: bytes sent
2011 * @ppos: where to start - must be 0
2014 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2015 size_t count, loff_t *ppos)
2017 struct task_smack *tsp = current_security();
2019 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2020 &tsp->smk_rules_lock, SMK_LONG_FMT);
2023 static const struct file_operations smk_load_self2_ops = {
2024 .open = smk_open_load_self2,
2026 .llseek = seq_lseek,
2027 .write = smk_write_load_self2,
2028 .release = seq_release,
2032 * smk_write_access2 - handle access check transaction
2033 * @file: file pointer
2034 * @buf: data from user space
2035 * @count: bytes sent
2036 * @ppos: where to start - must be 0
2038 static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2039 size_t count, loff_t *ppos)
2041 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2044 static const struct file_operations smk_access2_ops = {
2045 .write = smk_write_access2,
2046 .read = simple_transaction_read,
2047 .release = simple_transaction_release,
2048 .llseek = generic_file_llseek,
2052 * smk_write_revoke_subj - write() for /smack/revoke-subject
2053 * @file: file pointer
2054 * @buf: data from user space
2055 * @count: bytes sent
2056 * @ppos: where to start - must be 0
2058 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2059 size_t count, loff_t *ppos)
2062 const char *cp = NULL;
2063 struct smack_known *skp;
2064 struct smack_rule *sp;
2065 struct list_head *rule_list;
2066 struct mutex *rule_lock;
2072 if (!smack_privileged(CAP_MAC_ADMIN))
2075 if (count == 0 || count > SMK_LONGLABEL)
2078 data = kzalloc(count, GFP_KERNEL);
2082 if (copy_from_user(data, buf, count) != 0) {
2087 cp = smk_parse_smack(data, count);
2093 skp = smk_find_entry(cp);
2097 rule_list = &skp->smk_rules;
2098 rule_lock = &skp->smk_rules_lock;
2100 mutex_lock(rule_lock);
2102 list_for_each_entry_rcu(sp, rule_list, list)
2105 mutex_unlock(rule_lock);
2113 static const struct file_operations smk_revoke_subj_ops = {
2114 .write = smk_write_revoke_subj,
2115 .read = simple_transaction_read,
2116 .release = simple_transaction_release,
2117 .llseek = generic_file_llseek,
2120 static struct kset *smackfs_kset;
2122 * smk_init_sysfs - initialize /sys/fs/smackfs
2125 static int smk_init_sysfs(void)
2127 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj);
2134 * smk_write_change_rule - write() for /smack/change-rule
2135 * @file: file pointer
2136 * @buf: data from user space
2137 * @count: bytes sent
2138 * @ppos: where to start - must be 0
2140 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2141 size_t count, loff_t *ppos)
2144 * Must have privilege.
2146 if (!capable(CAP_MAC_ADMIN))
2149 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2153 static const struct file_operations smk_change_rule_ops = {
2154 .write = smk_write_change_rule,
2155 .read = simple_transaction_read,
2156 .release = simple_transaction_release,
2157 .llseek = generic_file_llseek,
2161 * smk_fill_super - fill the /smackfs superblock
2162 * @sb: the empty superblock
2166 * Fill in the well known entries for /smack
2168 * Returns 0 on success, an error code on failure
2170 static int smk_fill_super(struct super_block *sb, void *data, int silent)
2173 struct inode *root_inode;
2175 static struct tree_descr smack_files[] = {
2177 "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2179 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2181 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2183 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2185 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2186 [SMK_NETLBLADDR] = {
2187 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
2189 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2191 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2193 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2195 "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2197 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2199 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2200 [SMK_LOAD_SELF2] = {
2201 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2203 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2205 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2206 [SMK_REVOKE_SUBJ] = {
2207 "revoke-subject", &smk_revoke_subj_ops,
2209 [SMK_CHANGE_RULE] = {
2210 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2215 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2217 printk(KERN_ERR "%s failed %d while creating inodes\n",
2222 root_inode = sb->s_root->d_inode;
2228 * smk_mount - get the smackfs superblock
2229 * @fs_type: passed along without comment
2230 * @flags: passed along without comment
2231 * @dev_name: passed along without comment
2232 * @data: passed along without comment
2234 * Just passes everything along.
2236 * Returns what the lower level code does.
2238 static struct dentry *smk_mount(struct file_system_type *fs_type,
2239 int flags, const char *dev_name, void *data)
2241 return mount_single(fs_type, flags, data, smk_fill_super);
2244 static struct file_system_type smk_fs_type = {
2247 .kill_sb = kill_litter_super,
2250 static struct vfsmount *smackfs_mount;
2252 static int __init smk_preset_netlabel(struct smack_known *skp)
2254 skp->smk_netlabel.domain = skp->smk_known;
2255 skp->smk_netlabel.flags =
2256 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
2257 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known,
2258 &skp->smk_netlabel, strlen(skp->smk_known));
2262 * init_smk_fs - get the smackfs superblock
2264 * register the smackfs
2266 * Do not register smackfs if Smack wasn't enabled
2267 * on boot. We can not put this method normally under the
2268 * smack_init() code path since the security subsystem get
2269 * initialized before the vfs caches.
2271 * Returns true if we were not chosen on boot or if
2272 * we were chosen and filesystem registration succeeded.
2274 static int __init init_smk_fs(void)
2279 if (!security_module_enable(&smack_ops))
2282 err = smk_init_sysfs();
2284 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
2286 err = register_filesystem(&smk_fs_type);
2288 smackfs_mount = kern_mount(&smk_fs_type);
2289 if (IS_ERR(smackfs_mount)) {
2290 printk(KERN_ERR "smackfs: could not mount!\n");
2291 err = PTR_ERR(smackfs_mount);
2292 smackfs_mount = NULL;
2297 smk_unlbl_ambient(NULL);
2299 rc = smk_preset_netlabel(&smack_known_floor);
2300 if (err == 0 && rc < 0)
2302 rc = smk_preset_netlabel(&smack_known_hat);
2303 if (err == 0 && rc < 0)
2305 rc = smk_preset_netlabel(&smack_known_huh);
2306 if (err == 0 && rc < 0)
2308 rc = smk_preset_netlabel(&smack_known_invalid);
2309 if (err == 0 && rc < 0)
2311 rc = smk_preset_netlabel(&smack_known_star);
2312 if (err == 0 && rc < 0)
2314 rc = smk_preset_netlabel(&smack_known_web);
2315 if (err == 0 && rc < 0)
2321 __initcall(init_smk_fs);