2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, version 2.
9 * Casey Schaufler <casey@schaufler-ca.com>
10 * Ahmed S. Darwish <darwish.07@gmail.com>
12 * Special thanks to the authors of selinuxfs.
14 * Karl MacMillan <kmacmillan@tresys.com>
15 * James Morris <jmorris@redhat.com>
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/cipso_ipv4.h>
26 #include <linux/seq_file.h>
27 #include <linux/ctype.h>
28 #include <linux/audit.h>
32 * smackfs pseudo filesystem.
37 SMK_LOAD = 3, /* load policy */
38 SMK_CIPSO = 4, /* load label -> CIPSO mapping */
39 SMK_DOI = 5, /* CIPSO DOI */
40 SMK_DIRECT = 6, /* CIPSO level indicating direct label */
41 SMK_AMBIENT = 7, /* internet ambient label */
42 SMK_NETLBLADDR = 8, /* single label hosts */
43 SMK_ONLYCAP = 9, /* the only "capable" label */
44 SMK_LOGGING = 10, /* logging */
45 SMK_LOAD_SELF = 11, /* task specific rules */
46 SMK_ACCESSES = 12, /* access policy */
47 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
48 SMK_LOAD2 = 14, /* load policy with long labels */
49 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
50 SMK_ACCESS2 = 16, /* make an access check with long labels */
51 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
52 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
53 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */
59 static DEFINE_MUTEX(smack_cipso_lock);
60 static DEFINE_MUTEX(smack_ambient_lock);
61 static DEFINE_MUTEX(smk_netlbladdr_lock);
64 * This is the "ambient" label for network traffic.
65 * If it isn't somehow marked, use this.
66 * It can be reset via smackfs/ambient
68 char *smack_net_ambient;
71 * This is the level in a CIPSO header that indicates a
72 * smack label is contained directly in the category set.
73 * It can be reset via smackfs/direct
75 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
78 * This is the level in a CIPSO header that indicates a
79 * secid is contained directly in the category set.
80 * It can be reset via smackfs/mapped
82 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
85 * Unless a process is running with this label even
86 * having CAP_MAC_OVERRIDE isn't enough to grant
87 * privilege to violate MAC policy. If no label is
88 * designated (the NULL case) capabilities apply to
89 * everyone. It is expected that the hat (^) label
90 * will be used if any label is used.
95 * Certain IP addresses may be designated as single label hosts.
96 * Packets are sent there unlabeled, but only from tasks that
97 * can write to the specified label.
100 LIST_HEAD(smk_netlbladdr_list);
103 * Rule lists are maintained for each label.
104 * This master list is just for reading /smack/load and /smack/load2.
106 struct smack_master_list {
107 struct list_head list;
108 struct smack_rule *smk_rule;
111 LIST_HEAD(smack_rule_list);
113 struct smack_parsed_rule {
120 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
122 const char *smack_cipso_option = SMACK_CIPSO_OPTION;
125 * Values for parsing cipso rules
126 * SMK_DIGITLEN: Length of a digit field in a rule.
127 * SMK_CIPSOMIN: Minimum possible cipso rule length.
128 * SMK_CIPSOMAX: Maximum possible cipso rule length.
130 #define SMK_DIGITLEN 4
131 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
132 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
135 * Values for parsing MAC rules
136 * SMK_ACCESS: Maximum possible combination of access permissions
137 * SMK_ACCESSLEN: Maximum length for a rule access field
138 * SMK_LOADLEN: Smack rule length
140 #define SMK_OACCESS "rwxa"
141 #define SMK_ACCESS "rwxat"
142 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
143 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
144 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
145 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
148 * Stricly for CIPSO level manipulation.
149 * Set the category bit number in a smack label sized buffer.
151 static inline void smack_catset_bit(unsigned int cat, char *catsetp)
153 if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
156 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
160 * smk_netlabel_audit_set - fill a netlbl_audit struct
161 * @nap: structure to fill
163 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
165 nap->loginuid = audit_get_loginuid(current);
166 nap->sessionid = audit_get_sessionid(current);
167 nap->secid = smack_to_secid(smk_of_current());
171 * Value for parsing single label host rules
174 #define SMK_NETLBLADDRMIN 9
177 * smk_set_access - add a rule to the rule list or replace an old rule
178 * @srp: the rule to add or replace
179 * @rule_list: the list of rules
180 * @rule_lock: the rule list lock
181 * @global: if non-zero, indicates a global rule
183 * Looks through the current subject/object/access list for
184 * the subject/object pair and replaces the access that was
185 * there. If the pair isn't found add it with the specified
188 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
189 * during the allocation of the new pair to add.
191 static int smk_set_access(struct smack_parsed_rule *srp,
192 struct list_head *rule_list,
193 struct mutex *rule_lock, int global)
195 struct smack_rule *sp;
196 struct smack_master_list *smlp;
200 mutex_lock(rule_lock);
203 * Because the object label is less likely to match
204 * than the subject label check it first
206 list_for_each_entry_rcu(sp, rule_list, list) {
207 if (sp->smk_object == srp->smk_object &&
208 sp->smk_subject == srp->smk_subject) {
210 sp->smk_access |= srp->smk_access1;
211 sp->smk_access &= ~srp->smk_access2;
217 sp = kzalloc(sizeof(*sp), GFP_KERNEL);
223 sp->smk_subject = srp->smk_subject;
224 sp->smk_object = srp->smk_object;
225 sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
227 list_add_rcu(&sp->list, rule_list);
229 * If this is a global as opposed to self and a new rule
230 * it needs to get added for reporting.
233 smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
236 list_add_rcu(&smlp->list, &smack_rule_list);
243 mutex_unlock(rule_lock);
248 * smk_perm_from_str - parse smack accesses from a text string
249 * @string: a text string that contains a Smack accesses code
251 * Returns an integer with respective bits set for specified accesses.
253 static int smk_perm_from_str(const char *string)
258 for (cp = string; ; cp++)
280 perm |= MAY_TRANSMUTE;
288 * smk_fill_rule - Fill Smack rule from strings
289 * @subject: subject label string
290 * @object: object label string
291 * @access1: access string
292 * @access2: string with permissions to be removed
294 * @import: if non-zero, import labels
295 * @len: label length limit
297 * Returns 0 on success, -1 on failure
299 static int smk_fill_rule(const char *subject, const char *object,
300 const char *access1, const char *access2,
301 struct smack_parsed_rule *rule, int import,
305 struct smack_known *skp;
308 rule->smk_subject = smk_import(subject, len);
309 if (rule->smk_subject == NULL)
312 rule->smk_object = smk_import(object, len);
313 if (rule->smk_object == NULL)
316 cp = smk_parse_smack(subject, len);
319 skp = smk_find_entry(cp);
323 rule->smk_subject = skp->smk_known;
325 cp = smk_parse_smack(object, len);
328 skp = smk_find_entry(cp);
332 rule->smk_object = skp->smk_known;
335 rule->smk_access1 = smk_perm_from_str(access1);
337 rule->smk_access2 = smk_perm_from_str(access2);
339 rule->smk_access2 = ~rule->smk_access1;
345 * smk_parse_rule - parse Smack rule from load string
346 * @data: string to be parsed whose size is SMK_LOADLEN
348 * @import: if non-zero, import labels
350 * Returns 0 on success, -1 on errors.
352 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
357 rc = smk_fill_rule(data, data + SMK_LABELLEN,
358 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
359 import, SMK_LABELLEN);
364 * smk_parse_long_rule - parse Smack rule from rule string
365 * @data: string to be parsed, null terminated
366 * @rule: Will be filled with Smack parsed rule
367 * @import: if non-zero, import labels
368 * @change: if non-zero, data is from /smack/change-rule
370 * Returns 0 on success, -1 on failure
372 static int smk_parse_long_rule(const char *data, struct smack_parsed_rule *rule,
373 int import, int change)
382 /* This is inefficient */
383 datalen = strlen(data);
385 /* Our first element can be 64 + \0 with no spaces */
386 subject = kzalloc(datalen + 1, GFP_KERNEL);
389 object = kzalloc(datalen, GFP_KERNEL);
392 access1 = kzalloc(datalen, GFP_KERNEL);
395 access2 = kzalloc(datalen, GFP_KERNEL);
400 if (sscanf(data, "%s %s %s %s",
401 subject, object, access1, access2) == 4)
402 rc = smk_fill_rule(subject, object, access1, access2,
405 if (sscanf(data, "%s %s %s", subject, object, access1) == 3)
406 rc = smk_fill_rule(subject, object, access1, NULL,
420 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
421 #define SMK_LONG_FMT 1 /* Variable long label format */
422 #define SMK_CHANGE_FMT 2 /* Rule modification format */
424 * smk_write_rules_list - write() for any /smack rule file
425 * @file: file pointer, not actually used
426 * @buf: where to get the data from
428 * @ppos: where to start - must be 0
429 * @rule_list: the list of rules to write to
430 * @rule_lock: lock for the rule list
431 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
433 * Get one smack access rule from above.
434 * The format for SMK_LONG_FMT is:
435 * "subject<whitespace>object<whitespace>access[<whitespace>...]"
436 * The format for SMK_FIXED24_FMT is exactly:
437 * "subject object rwxat"
438 * The format for SMK_CHANGE_FMT is:
439 * "subject<whitespace>object<whitespace>
440 * acc_enable<whitespace>acc_disable[<whitespace>...]"
442 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
443 size_t count, loff_t *ppos,
444 struct list_head *rule_list,
445 struct mutex *rule_lock, int format)
447 struct smack_known *skp;
448 struct smack_parsed_rule rule;
456 * Enough data must be present.
461 if (format == SMK_FIXED24_FMT) {
463 * Minor hack for backward compatibility
465 if (count != SMK_OLOADLEN && count != SMK_LOADLEN)
467 datalen = SMK_LOADLEN;
471 data = kzalloc(datalen, GFP_KERNEL);
475 if (copy_from_user(data, buf, count) != 0) {
480 if (format == SMK_LONG_FMT) {
482 * Be sure the data string is terminated.
485 if (smk_parse_long_rule(data, &rule, 1, 0))
487 } else if (format == SMK_CHANGE_FMT) {
489 if (smk_parse_long_rule(data, &rule, 1, 1))
493 * More on the minor hack for backward compatibility
495 if (count == (SMK_OLOADLEN))
496 data[SMK_OLOADLEN] = '-';
497 if (smk_parse_rule(data, &rule, 1))
502 if (rule_list == NULL) {
504 skp = smk_find_entry(rule.smk_subject);
505 rule_list = &skp->smk_rules;
506 rule_lock = &skp->smk_rules_lock;
509 rc = smk_set_access(&rule, rule_list, rule_lock, load);
518 * Core logic for smackfs seq list operations.
521 static void *smk_seq_start(struct seq_file *s, loff_t *pos,
522 struct list_head *head)
524 struct list_head *list;
527 * This is 0 the first time through.
532 if (s->private == NULL)
536 if (list_empty(list))
544 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
545 struct list_head *head)
547 struct list_head *list = v;
549 if (list_is_last(list, head)) {
553 s->private = list->next;
557 static void smk_seq_stop(struct seq_file *s, void *v)
562 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
565 * Don't show any rules with label names too long for
566 * interface file (/smack/load or /smack/load2)
567 * because you should expect to be able to write
568 * anything you read back.
570 if (strlen(srp->smk_subject) >= max || strlen(srp->smk_object) >= max)
573 if (srp->smk_access == 0)
576 seq_printf(s, "%s %s", srp->smk_subject, srp->smk_object);
580 if (srp->smk_access & MAY_READ)
582 if (srp->smk_access & MAY_WRITE)
584 if (srp->smk_access & MAY_EXEC)
586 if (srp->smk_access & MAY_APPEND)
588 if (srp->smk_access & MAY_TRANSMUTE)
595 * Seq_file read operations for /smack/load
598 static void *load2_seq_start(struct seq_file *s, loff_t *pos)
600 return smk_seq_start(s, pos, &smack_rule_list);
603 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
605 return smk_seq_next(s, v, pos, &smack_rule_list);
608 static int load_seq_show(struct seq_file *s, void *v)
610 struct list_head *list = v;
611 struct smack_master_list *smlp =
612 list_entry(list, struct smack_master_list, list);
614 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN);
619 static const struct seq_operations load_seq_ops = {
620 .start = load2_seq_start,
621 .next = load2_seq_next,
622 .show = load_seq_show,
623 .stop = smk_seq_stop,
627 * smk_open_load - open() for /smack/load
628 * @inode: inode structure representing file
629 * @file: "load" file pointer
631 * For reading, use load_seq_* seq_file reading operations.
633 static int smk_open_load(struct inode *inode, struct file *file)
635 return seq_open(file, &load_seq_ops);
639 * smk_write_load - write() for /smack/load
640 * @file: file pointer, not actually used
641 * @buf: where to get the data from
643 * @ppos: where to start - must be 0
646 static ssize_t smk_write_load(struct file *file, const char __user *buf,
647 size_t count, loff_t *ppos)
650 * Must have privilege.
652 * Enough data must be present.
654 if (!smack_privileged(CAP_MAC_ADMIN))
657 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
661 static const struct file_operations smk_load_ops = {
662 .open = smk_open_load,
665 .write = smk_write_load,
666 .release = seq_release,
670 * smk_cipso_doi - initialize the CIPSO domain
672 static void smk_cipso_doi(void)
675 struct cipso_v4_doi *doip;
676 struct netlbl_audit nai;
678 smk_netlabel_audit_set(&nai);
680 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
682 printk(KERN_WARNING "%s:%d remove rc = %d\n",
683 __func__, __LINE__, rc);
685 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
687 panic("smack: Failed to initialize cipso DOI.\n");
688 doip->map.std = NULL;
689 doip->doi = smk_cipso_doi_value;
690 doip->type = CIPSO_V4_MAP_PASS;
691 doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
692 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
693 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
695 rc = netlbl_cfg_cipsov4_add(doip, &nai);
697 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
698 __func__, __LINE__, rc);
702 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
704 printk(KERN_WARNING "%s:%d map add rc = %d\n",
705 __func__, __LINE__, rc);
712 * smk_unlbl_ambient - initialize the unlabeled domain
713 * @oldambient: previous domain string
715 static void smk_unlbl_ambient(char *oldambient)
718 struct netlbl_audit nai;
720 smk_netlabel_audit_set(&nai);
722 if (oldambient != NULL) {
723 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
725 printk(KERN_WARNING "%s:%d remove rc = %d\n",
726 __func__, __LINE__, rc);
728 if (smack_net_ambient == NULL)
729 smack_net_ambient = smack_known_floor.smk_known;
731 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient, PF_INET,
734 printk(KERN_WARNING "%s:%d add rc = %d\n",
735 __func__, __LINE__, rc);
739 * Seq_file read operations for /smack/cipso
742 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
744 return smk_seq_start(s, pos, &smack_known_list);
747 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
749 return smk_seq_next(s, v, pos, &smack_known_list);
753 * Print cipso labels in format:
754 * label level[/cat[,cat]]
756 static int cipso_seq_show(struct seq_file *s, void *v)
758 struct list_head *list = v;
759 struct smack_known *skp =
760 list_entry(list, struct smack_known, list);
761 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
766 * Don't show a label that could not have been set using
767 * /smack/cipso. This is in support of the notion that
768 * anything read from /smack/cipso ought to be writeable
771 * /smack/cipso2 should be used instead.
773 if (strlen(skp->smk_known) >= SMK_LABELLEN)
776 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
778 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
779 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
780 seq_printf(s, "%c%d", sep, i);
789 static const struct seq_operations cipso_seq_ops = {
790 .start = cipso_seq_start,
791 .next = cipso_seq_next,
792 .show = cipso_seq_show,
793 .stop = smk_seq_stop,
797 * smk_open_cipso - open() for /smack/cipso
798 * @inode: inode structure representing file
799 * @file: "cipso" file pointer
801 * Connect our cipso_seq_* operations with /smack/cipso
804 static int smk_open_cipso(struct inode *inode, struct file *file)
806 return seq_open(file, &cipso_seq_ops);
810 * smk_set_cipso - do the work for write() for cipso and cipso2
811 * @file: file pointer, not actually used
812 * @buf: where to get the data from
814 * @ppos: where to start
815 * @format: /smack/cipso or /smack/cipso2
817 * Accepts only one cipso rule per write call.
818 * Returns number of bytes written or error code, as appropriate
820 static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
821 size_t count, loff_t *ppos, int format)
823 struct smack_known *skp;
824 struct netlbl_lsm_secattr ncats;
825 char mapcatset[SMK_CIPSOLEN];
829 ssize_t rc = -EINVAL;
836 * Must have privilege.
838 * Enough data must be present.
840 if (!smack_privileged(CAP_MAC_ADMIN))
844 if (format == SMK_FIXED24_FMT &&
845 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
848 data = kzalloc(count + 1, GFP_KERNEL);
852 if (copy_from_user(data, buf, count) != 0) {
860 * Only allow one writer at a time. Writes should be
861 * quite rare and small in any case.
863 mutex_lock(&smack_cipso_lock);
865 skp = smk_import_entry(rule, 0);
869 if (format == SMK_FIXED24_FMT)
870 rule += SMK_LABELLEN;
872 rule += strlen(skp->smk_known) + 1;
874 ret = sscanf(rule, "%d", &maplevel);
875 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
878 rule += SMK_DIGITLEN;
879 ret = sscanf(rule, "%d", &catlen);
880 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
883 if (format == SMK_FIXED24_FMT &&
884 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
887 memset(mapcatset, 0, sizeof(mapcatset));
889 for (i = 0; i < catlen; i++) {
890 rule += SMK_DIGITLEN;
891 ret = sscanf(rule, "%u", &cat);
892 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
895 smack_catset_bit(cat, mapcatset);
898 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
900 netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat);
901 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
902 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
907 mutex_unlock(&smack_cipso_lock);
914 * smk_write_cipso - write() for /smack/cipso
915 * @file: file pointer, not actually used
916 * @buf: where to get the data from
918 * @ppos: where to start
920 * Accepts only one cipso rule per write call.
921 * Returns number of bytes written or error code, as appropriate
923 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
924 size_t count, loff_t *ppos)
926 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
929 static const struct file_operations smk_cipso_ops = {
930 .open = smk_open_cipso,
933 .write = smk_write_cipso,
934 .release = seq_release,
938 * Seq_file read operations for /smack/cipso2
942 * Print cipso labels in format:
943 * label level[/cat[,cat]]
945 static int cipso2_seq_show(struct seq_file *s, void *v)
947 struct list_head *list = v;
948 struct smack_known *skp =
949 list_entry(list, struct smack_known, list);
950 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
954 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
956 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
957 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
958 seq_printf(s, "%c%d", sep, i);
967 static const struct seq_operations cipso2_seq_ops = {
968 .start = cipso_seq_start,
969 .next = cipso_seq_next,
970 .show = cipso2_seq_show,
971 .stop = smk_seq_stop,
975 * smk_open_cipso2 - open() for /smack/cipso2
976 * @inode: inode structure representing file
977 * @file: "cipso2" file pointer
979 * Connect our cipso_seq_* operations with /smack/cipso2
982 static int smk_open_cipso2(struct inode *inode, struct file *file)
984 return seq_open(file, &cipso2_seq_ops);
988 * smk_write_cipso2 - write() for /smack/cipso2
989 * @file: file pointer, not actually used
990 * @buf: where to get the data from
992 * @ppos: where to start
994 * Accepts only one cipso rule per write call.
995 * Returns number of bytes written or error code, as appropriate
997 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
998 size_t count, loff_t *ppos)
1000 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1003 static const struct file_operations smk_cipso2_ops = {
1004 .open = smk_open_cipso2,
1006 .llseek = seq_lseek,
1007 .write = smk_write_cipso2,
1008 .release = seq_release,
1012 * Seq_file read operations for /smack/netlabel
1015 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
1017 return smk_seq_start(s, pos, &smk_netlbladdr_list);
1020 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1022 return smk_seq_next(s, v, pos, &smk_netlbladdr_list);
1024 #define BEBITS (sizeof(__be32) * 8)
1027 * Print host/label pairs
1029 static int netlbladdr_seq_show(struct seq_file *s, void *v)
1031 struct list_head *list = v;
1032 struct smk_netlbladdr *skp =
1033 list_entry(list, struct smk_netlbladdr, list);
1034 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
1036 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
1038 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
1040 seq_printf(s, "%u.%u.%u.%u/%d %s\n",
1041 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label);
1046 static const struct seq_operations netlbladdr_seq_ops = {
1047 .start = netlbladdr_seq_start,
1048 .next = netlbladdr_seq_next,
1049 .show = netlbladdr_seq_show,
1050 .stop = smk_seq_stop,
1054 * smk_open_netlbladdr - open() for /smack/netlabel
1055 * @inode: inode structure representing file
1056 * @file: "netlabel" file pointer
1058 * Connect our netlbladdr_seq_* operations with /smack/netlabel
1061 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
1063 return seq_open(file, &netlbladdr_seq_ops);
1067 * smk_netlbladdr_insert
1068 * @new : netlabel to insert
1070 * This helper insert netlabel in the smack_netlbladdrs list
1071 * sorted by netmask length (longest to smallest)
1072 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr
1075 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
1077 struct smk_netlbladdr *m, *m_next;
1079 if (list_empty(&smk_netlbladdr_list)) {
1080 list_add_rcu(&new->list, &smk_netlbladdr_list);
1084 m = list_entry_rcu(smk_netlbladdr_list.next,
1085 struct smk_netlbladdr, list);
1087 /* the comparison '>' is a bit hacky, but works */
1088 if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
1089 list_add_rcu(&new->list, &smk_netlbladdr_list);
1093 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
1094 if (list_is_last(&m->list, &smk_netlbladdr_list)) {
1095 list_add_rcu(&new->list, &m->list);
1098 m_next = list_entry_rcu(m->list.next,
1099 struct smk_netlbladdr, list);
1100 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
1101 list_add_rcu(&new->list, &m->list);
1109 * smk_write_netlbladdr - write() for /smack/netlabel
1110 * @file: file pointer, not actually used
1111 * @buf: where to get the data from
1112 * @count: bytes sent
1113 * @ppos: where to start
1115 * Accepts only one netlbladdr per write call.
1116 * Returns number of bytes written or error code, as appropriate
1118 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
1119 size_t count, loff_t *ppos)
1121 struct smk_netlbladdr *skp;
1122 struct sockaddr_in newname;
1126 char *host = (char *)&newname.sin_addr.s_addr;
1128 struct netlbl_audit audit_info;
1129 struct in_addr mask;
1132 u32 mask_bits = (1<<31);
1137 * Must have privilege.
1138 * No partial writes.
1139 * Enough data must be present.
1140 * "<addr/mask, as a.b.c.d/e><space><label>"
1141 * "<addr, as a.b.c.d><space><label>"
1143 if (!smack_privileged(CAP_MAC_ADMIN))
1147 if (count < SMK_NETLBLADDRMIN)
1150 data = kzalloc(count + 1, GFP_KERNEL);
1154 if (copy_from_user(data, buf, count) != 0) {
1159 smack = kzalloc(count + 1, GFP_KERNEL);
1160 if (smack == NULL) {
1167 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s",
1168 &host[0], &host[1], &host[2], &host[3], &m, smack);
1170 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1171 &host[0], &host[1], &host[2], &host[3], smack);
1184 * If smack begins with '-', it is an option, don't import it
1186 if (smack[0] != '-') {
1187 sp = smk_import(smack, 0);
1193 /* check known options */
1194 if (strcmp(smack, smack_cipso_option) == 0)
1195 sp = (char *)smack_cipso_option;
1202 for (temp_mask = 0; m > 0; m--) {
1203 temp_mask |= mask_bits;
1206 mask.s_addr = cpu_to_be32(temp_mask);
1208 newname.sin_addr.s_addr &= mask.s_addr;
1210 * Only allow one writer at a time. Writes should be
1211 * quite rare and small in any case.
1213 mutex_lock(&smk_netlbladdr_lock);
1215 nsa = newname.sin_addr.s_addr;
1216 /* try to find if the prefix is already in the list */
1218 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) {
1219 if (skp->smk_host.sin_addr.s_addr == nsa &&
1220 skp->smk_mask.s_addr == mask.s_addr) {
1225 smk_netlabel_audit_set(&audit_info);
1228 skp = kzalloc(sizeof(*skp), GFP_KERNEL);
1233 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
1234 skp->smk_mask.s_addr = mask.s_addr;
1235 skp->smk_label = sp;
1236 smk_netlbladdr_insert(skp);
1239 /* we delete the unlabeled entry, only if the previous label
1240 * wasn't the special CIPSO option */
1241 if (skp->smk_label != smack_cipso_option)
1242 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1243 &skp->smk_host.sin_addr, &skp->smk_mask,
1244 PF_INET, &audit_info);
1247 skp->smk_label = sp;
1251 * Now tell netlabel about the single label nature of
1252 * this host so that incoming packets get labeled.
1253 * but only if we didn't get the special CIPSO option
1255 if (rc == 0 && sp != smack_cipso_option)
1256 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1257 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET,
1258 smack_to_secid(skp->smk_label), &audit_info);
1263 mutex_unlock(&smk_netlbladdr_lock);
1273 static const struct file_operations smk_netlbladdr_ops = {
1274 .open = smk_open_netlbladdr,
1276 .llseek = seq_lseek,
1277 .write = smk_write_netlbladdr,
1278 .release = seq_release,
1282 * smk_read_doi - read() for /smack/doi
1283 * @filp: file pointer, not actually used
1284 * @buf: where to put the result
1285 * @count: maximum to send along
1286 * @ppos: where to start
1288 * Returns number of bytes read or error code, as appropriate
1290 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1291 size_t count, loff_t *ppos)
1299 sprintf(temp, "%d", smk_cipso_doi_value);
1300 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1306 * smk_write_doi - write() for /smack/doi
1307 * @file: file pointer, not actually used
1308 * @buf: where to get the data from
1309 * @count: bytes sent
1310 * @ppos: where to start
1312 * Returns number of bytes written or error code, as appropriate
1314 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1315 size_t count, loff_t *ppos)
1320 if (!smack_privileged(CAP_MAC_ADMIN))
1323 if (count >= sizeof(temp) || count == 0)
1326 if (copy_from_user(temp, buf, count) != 0)
1331 if (sscanf(temp, "%d", &i) != 1)
1334 smk_cipso_doi_value = i;
1341 static const struct file_operations smk_doi_ops = {
1342 .read = smk_read_doi,
1343 .write = smk_write_doi,
1344 .llseek = default_llseek,
1348 * smk_read_direct - read() for /smack/direct
1349 * @filp: file pointer, not actually used
1350 * @buf: where to put the result
1351 * @count: maximum to send along
1352 * @ppos: where to start
1354 * Returns number of bytes read or error code, as appropriate
1356 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1357 size_t count, loff_t *ppos)
1365 sprintf(temp, "%d", smack_cipso_direct);
1366 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1372 * smk_write_direct - write() for /smack/direct
1373 * @file: file pointer, not actually used
1374 * @buf: where to get the data from
1375 * @count: bytes sent
1376 * @ppos: where to start
1378 * Returns number of bytes written or error code, as appropriate
1380 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1381 size_t count, loff_t *ppos)
1383 struct smack_known *skp;
1387 if (!smack_privileged(CAP_MAC_ADMIN))
1390 if (count >= sizeof(temp) || count == 0)
1393 if (copy_from_user(temp, buf, count) != 0)
1398 if (sscanf(temp, "%d", &i) != 1)
1402 * Don't do anything if the value hasn't actually changed.
1403 * If it is changing reset the level on entries that were
1404 * set up to be direct when they were created.
1406 if (smack_cipso_direct != i) {
1407 mutex_lock(&smack_known_lock);
1408 list_for_each_entry_rcu(skp, &smack_known_list, list)
1409 if (skp->smk_netlabel.attr.mls.lvl ==
1411 skp->smk_netlabel.attr.mls.lvl = i;
1412 smack_cipso_direct = i;
1413 mutex_unlock(&smack_known_lock);
1419 static const struct file_operations smk_direct_ops = {
1420 .read = smk_read_direct,
1421 .write = smk_write_direct,
1422 .llseek = default_llseek,
1426 * smk_read_mapped - read() for /smack/mapped
1427 * @filp: file pointer, not actually used
1428 * @buf: where to put the result
1429 * @count: maximum to send along
1430 * @ppos: where to start
1432 * Returns number of bytes read or error code, as appropriate
1434 static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1435 size_t count, loff_t *ppos)
1443 sprintf(temp, "%d", smack_cipso_mapped);
1444 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1450 * smk_write_mapped - write() for /smack/mapped
1451 * @file: file pointer, not actually used
1452 * @buf: where to get the data from
1453 * @count: bytes sent
1454 * @ppos: where to start
1456 * Returns number of bytes written or error code, as appropriate
1458 static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1459 size_t count, loff_t *ppos)
1461 struct smack_known *skp;
1465 if (!smack_privileged(CAP_MAC_ADMIN))
1468 if (count >= sizeof(temp) || count == 0)
1471 if (copy_from_user(temp, buf, count) != 0)
1476 if (sscanf(temp, "%d", &i) != 1)
1480 * Don't do anything if the value hasn't actually changed.
1481 * If it is changing reset the level on entries that were
1482 * set up to be mapped when they were created.
1484 if (smack_cipso_mapped != i) {
1485 mutex_lock(&smack_known_lock);
1486 list_for_each_entry_rcu(skp, &smack_known_list, list)
1487 if (skp->smk_netlabel.attr.mls.lvl ==
1489 skp->smk_netlabel.attr.mls.lvl = i;
1490 smack_cipso_mapped = i;
1491 mutex_unlock(&smack_known_lock);
1497 static const struct file_operations smk_mapped_ops = {
1498 .read = smk_read_mapped,
1499 .write = smk_write_mapped,
1500 .llseek = default_llseek,
1504 * smk_read_ambient - read() for /smack/ambient
1505 * @filp: file pointer, not actually used
1506 * @buf: where to put the result
1507 * @cn: maximum to send along
1508 * @ppos: where to start
1510 * Returns number of bytes read or error code, as appropriate
1512 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1513 size_t cn, loff_t *ppos)
1521 * Being careful to avoid a problem in the case where
1522 * smack_net_ambient gets changed in midstream.
1524 mutex_lock(&smack_ambient_lock);
1526 asize = strlen(smack_net_ambient) + 1;
1529 rc = simple_read_from_buffer(buf, cn, ppos,
1530 smack_net_ambient, asize);
1534 mutex_unlock(&smack_ambient_lock);
1540 * smk_write_ambient - write() for /smack/ambient
1541 * @file: file pointer, not actually used
1542 * @buf: where to get the data from
1543 * @count: bytes sent
1544 * @ppos: where to start
1546 * Returns number of bytes written or error code, as appropriate
1548 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1549 size_t count, loff_t *ppos)
1556 if (!smack_privileged(CAP_MAC_ADMIN))
1559 data = kzalloc(count + 1, GFP_KERNEL);
1563 if (copy_from_user(data, buf, count) != 0) {
1568 smack = smk_import(data, count);
1569 if (smack == NULL) {
1574 mutex_lock(&smack_ambient_lock);
1576 oldambient = smack_net_ambient;
1577 smack_net_ambient = smack;
1578 smk_unlbl_ambient(oldambient);
1580 mutex_unlock(&smack_ambient_lock);
1587 static const struct file_operations smk_ambient_ops = {
1588 .read = smk_read_ambient,
1589 .write = smk_write_ambient,
1590 .llseek = default_llseek,
1594 * smk_read_onlycap - read() for /smack/onlycap
1595 * @filp: file pointer, not actually used
1596 * @buf: where to put the result
1597 * @cn: maximum to send along
1598 * @ppos: where to start
1600 * Returns number of bytes read or error code, as appropriate
1602 static ssize_t smk_read_onlycap(struct file *filp, char __user *buf,
1603 size_t cn, loff_t *ppos)
1606 ssize_t rc = -EINVAL;
1612 if (smack_onlycap != NULL)
1613 smack = smack_onlycap;
1615 asize = strlen(smack) + 1;
1618 rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
1624 * smk_write_onlycap - write() for /smack/onlycap
1625 * @file: file pointer, not actually used
1626 * @buf: where to get the data from
1627 * @count: bytes sent
1628 * @ppos: where to start
1630 * Returns number of bytes written or error code, as appropriate
1632 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1633 size_t count, loff_t *ppos)
1636 char *sp = smk_of_task(current->cred->security);
1639 if (!smack_privileged(CAP_MAC_ADMIN))
1643 * This can be done using smk_access() but is done
1644 * explicitly for clarity. The smk_access() implementation
1645 * would use smk_access(smack_onlycap, MAY_WRITE)
1647 if (smack_onlycap != NULL && smack_onlycap != sp)
1650 data = kzalloc(count, GFP_KERNEL);
1655 * Should the null string be passed in unset the onlycap value.
1656 * This seems like something to be careful with as usually
1657 * smk_import only expects to return NULL for errors. It
1658 * is usually the case that a nullstring or "\n" would be
1659 * bad to pass to smk_import but in fact this is useful here.
1661 * smk_import will also reject a label beginning with '-',
1662 * so "-usecapabilities" will also work.
1664 if (copy_from_user(data, buf, count) != 0)
1667 smack_onlycap = smk_import(data, count);
1673 static const struct file_operations smk_onlycap_ops = {
1674 .read = smk_read_onlycap,
1675 .write = smk_write_onlycap,
1676 .llseek = default_llseek,
1680 * smk_read_logging - read() for /smack/logging
1681 * @filp: file pointer, not actually used
1682 * @buf: where to put the result
1683 * @cn: maximum to send along
1684 * @ppos: where to start
1686 * Returns number of bytes read or error code, as appropriate
1688 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1689 size_t count, loff_t *ppos)
1697 sprintf(temp, "%d\n", log_policy);
1698 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1703 * smk_write_logging - write() for /smack/logging
1704 * @file: file pointer, not actually used
1705 * @buf: where to get the data from
1706 * @count: bytes sent
1707 * @ppos: where to start
1709 * Returns number of bytes written or error code, as appropriate
1711 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1712 size_t count, loff_t *ppos)
1717 if (!smack_privileged(CAP_MAC_ADMIN))
1720 if (count >= sizeof(temp) || count == 0)
1723 if (copy_from_user(temp, buf, count) != 0)
1728 if (sscanf(temp, "%d", &i) != 1)
1738 static const struct file_operations smk_logging_ops = {
1739 .read = smk_read_logging,
1740 .write = smk_write_logging,
1741 .llseek = default_llseek,
1745 * Seq_file read operations for /smack/load-self
1748 static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
1750 struct task_smack *tsp = current_security();
1752 return smk_seq_start(s, pos, &tsp->smk_rules);
1755 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
1757 struct task_smack *tsp = current_security();
1759 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1762 static int load_self_seq_show(struct seq_file *s, void *v)
1764 struct list_head *list = v;
1765 struct smack_rule *srp =
1766 list_entry(list, struct smack_rule, list);
1768 smk_rule_show(s, srp, SMK_LABELLEN);
1773 static const struct seq_operations load_self_seq_ops = {
1774 .start = load_self_seq_start,
1775 .next = load_self_seq_next,
1776 .show = load_self_seq_show,
1777 .stop = smk_seq_stop,
1782 * smk_open_load_self - open() for /smack/load-self2
1783 * @inode: inode structure representing file
1784 * @file: "load" file pointer
1786 * For reading, use load_seq_* seq_file reading operations.
1788 static int smk_open_load_self(struct inode *inode, struct file *file)
1790 return seq_open(file, &load_self_seq_ops);
1794 * smk_write_load_self - write() for /smack/load-self
1795 * @file: file pointer, not actually used
1796 * @buf: where to get the data from
1797 * @count: bytes sent
1798 * @ppos: where to start - must be 0
1801 static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
1802 size_t count, loff_t *ppos)
1804 struct task_smack *tsp = current_security();
1806 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1807 &tsp->smk_rules_lock, SMK_FIXED24_FMT);
1810 static const struct file_operations smk_load_self_ops = {
1811 .open = smk_open_load_self,
1813 .llseek = seq_lseek,
1814 .write = smk_write_load_self,
1815 .release = seq_release,
1819 * smk_user_access - handle access check transaction
1820 * @file: file pointer
1821 * @buf: data from user space
1822 * @count: bytes sent
1823 * @ppos: where to start - must be 0
1825 static ssize_t smk_user_access(struct file *file, const char __user *buf,
1826 size_t count, loff_t *ppos, int format)
1828 struct smack_parsed_rule rule;
1833 data = simple_transaction_get(file, buf, count);
1835 return PTR_ERR(data);
1837 if (format == SMK_FIXED24_FMT) {
1838 if (count < SMK_LOADLEN)
1840 res = smk_parse_rule(data, &rule, 0);
1843 * Copy the data to make sure the string is terminated.
1845 cod = kzalloc(count + 1, GFP_KERNEL);
1848 memcpy(cod, data, count);
1850 res = smk_parse_long_rule(cod, &rule, 0, 0);
1857 res = smk_access(rule.smk_subject, rule.smk_object, rule.smk_access1,
1859 data[0] = res == 0 ? '1' : '0';
1862 simple_transaction_set(file, 2);
1864 if (format == SMK_FIXED24_FMT)
1870 * smk_write_access - handle access check transaction
1871 * @file: file pointer
1872 * @buf: data from user space
1873 * @count: bytes sent
1874 * @ppos: where to start - must be 0
1876 static ssize_t smk_write_access(struct file *file, const char __user *buf,
1877 size_t count, loff_t *ppos)
1879 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
1882 static const struct file_operations smk_access_ops = {
1883 .write = smk_write_access,
1884 .read = simple_transaction_read,
1885 .release = simple_transaction_release,
1886 .llseek = generic_file_llseek,
1891 * Seq_file read operations for /smack/load2
1894 static int load2_seq_show(struct seq_file *s, void *v)
1896 struct list_head *list = v;
1897 struct smack_master_list *smlp =
1898 list_entry(list, struct smack_master_list, list);
1900 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL);
1905 static const struct seq_operations load2_seq_ops = {
1906 .start = load2_seq_start,
1907 .next = load2_seq_next,
1908 .show = load2_seq_show,
1909 .stop = smk_seq_stop,
1913 * smk_open_load2 - open() for /smack/load2
1914 * @inode: inode structure representing file
1915 * @file: "load2" file pointer
1917 * For reading, use load2_seq_* seq_file reading operations.
1919 static int smk_open_load2(struct inode *inode, struct file *file)
1921 return seq_open(file, &load2_seq_ops);
1925 * smk_write_load2 - write() for /smack/load2
1926 * @file: file pointer, not actually used
1927 * @buf: where to get the data from
1928 * @count: bytes sent
1929 * @ppos: where to start - must be 0
1932 static ssize_t smk_write_load2(struct file *file, const char __user *buf,
1933 size_t count, loff_t *ppos)
1936 * Must have privilege.
1938 if (!smack_privileged(CAP_MAC_ADMIN))
1941 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
1945 static const struct file_operations smk_load2_ops = {
1946 .open = smk_open_load2,
1948 .llseek = seq_lseek,
1949 .write = smk_write_load2,
1950 .release = seq_release,
1954 * Seq_file read operations for /smack/load-self2
1957 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
1959 struct task_smack *tsp = current_security();
1961 return smk_seq_start(s, pos, &tsp->smk_rules);
1964 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
1966 struct task_smack *tsp = current_security();
1968 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1971 static int load_self2_seq_show(struct seq_file *s, void *v)
1973 struct list_head *list = v;
1974 struct smack_rule *srp =
1975 list_entry(list, struct smack_rule, list);
1977 smk_rule_show(s, srp, SMK_LONGLABEL);
1982 static const struct seq_operations load_self2_seq_ops = {
1983 .start = load_self2_seq_start,
1984 .next = load_self2_seq_next,
1985 .show = load_self2_seq_show,
1986 .stop = smk_seq_stop,
1990 * smk_open_load_self2 - open() for /smack/load-self2
1991 * @inode: inode structure representing file
1992 * @file: "load" file pointer
1994 * For reading, use load_seq_* seq_file reading operations.
1996 static int smk_open_load_self2(struct inode *inode, struct file *file)
1998 return seq_open(file, &load_self2_seq_ops);
2002 * smk_write_load_self2 - write() for /smack/load-self2
2003 * @file: file pointer, not actually used
2004 * @buf: where to get the data from
2005 * @count: bytes sent
2006 * @ppos: where to start - must be 0
2009 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2010 size_t count, loff_t *ppos)
2012 struct task_smack *tsp = current_security();
2014 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2015 &tsp->smk_rules_lock, SMK_LONG_FMT);
2018 static const struct file_operations smk_load_self2_ops = {
2019 .open = smk_open_load_self2,
2021 .llseek = seq_lseek,
2022 .write = smk_write_load_self2,
2023 .release = seq_release,
2027 * smk_write_access2 - handle access check transaction
2028 * @file: file pointer
2029 * @buf: data from user space
2030 * @count: bytes sent
2031 * @ppos: where to start - must be 0
2033 static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2034 size_t count, loff_t *ppos)
2036 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2039 static const struct file_operations smk_access2_ops = {
2040 .write = smk_write_access2,
2041 .read = simple_transaction_read,
2042 .release = simple_transaction_release,
2043 .llseek = generic_file_llseek,
2047 * smk_write_revoke_subj - write() for /smack/revoke-subject
2048 * @file: file pointer
2049 * @buf: data from user space
2050 * @count: bytes sent
2051 * @ppos: where to start - must be 0
2053 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2054 size_t count, loff_t *ppos)
2057 const char *cp = NULL;
2058 struct smack_known *skp;
2059 struct smack_rule *sp;
2060 struct list_head *rule_list;
2061 struct mutex *rule_lock;
2067 if (!smack_privileged(CAP_MAC_ADMIN))
2070 if (count == 0 || count > SMK_LONGLABEL)
2073 data = kzalloc(count, GFP_KERNEL);
2077 if (copy_from_user(data, buf, count) != 0) {
2082 cp = smk_parse_smack(data, count);
2088 skp = smk_find_entry(cp);
2092 rule_list = &skp->smk_rules;
2093 rule_lock = &skp->smk_rules_lock;
2095 mutex_lock(rule_lock);
2097 list_for_each_entry_rcu(sp, rule_list, list)
2100 mutex_unlock(rule_lock);
2108 static const struct file_operations smk_revoke_subj_ops = {
2109 .write = smk_write_revoke_subj,
2110 .read = simple_transaction_read,
2111 .release = simple_transaction_release,
2112 .llseek = generic_file_llseek,
2115 static struct kset *smackfs_kset;
2117 * smk_init_sysfs - initialize /sys/fs/smackfs
2120 static int smk_init_sysfs(void)
2122 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj);
2129 * smk_write_change_rule - write() for /smack/change-rule
2130 * @file: file pointer
2131 * @buf: data from user space
2132 * @count: bytes sent
2133 * @ppos: where to start - must be 0
2135 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2136 size_t count, loff_t *ppos)
2139 * Must have privilege.
2141 if (!capable(CAP_MAC_ADMIN))
2144 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2148 static const struct file_operations smk_change_rule_ops = {
2149 .write = smk_write_change_rule,
2150 .read = simple_transaction_read,
2151 .release = simple_transaction_release,
2152 .llseek = generic_file_llseek,
2156 * smk_fill_super - fill the /smackfs superblock
2157 * @sb: the empty superblock
2161 * Fill in the well known entries for /smack
2163 * Returns 0 on success, an error code on failure
2165 static int smk_fill_super(struct super_block *sb, void *data, int silent)
2168 struct inode *root_inode;
2170 static struct tree_descr smack_files[] = {
2172 "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2174 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2176 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2178 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2180 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2181 [SMK_NETLBLADDR] = {
2182 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
2184 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2186 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2188 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2190 "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2192 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2194 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2195 [SMK_LOAD_SELF2] = {
2196 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2198 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2200 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2201 [SMK_REVOKE_SUBJ] = {
2202 "revoke-subject", &smk_revoke_subj_ops,
2204 [SMK_CHANGE_RULE] = {
2205 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2210 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2212 printk(KERN_ERR "%s failed %d while creating inodes\n",
2217 root_inode = sb->s_root->d_inode;
2223 * smk_mount - get the smackfs superblock
2224 * @fs_type: passed along without comment
2225 * @flags: passed along without comment
2226 * @dev_name: passed along without comment
2227 * @data: passed along without comment
2229 * Just passes everything along.
2231 * Returns what the lower level code does.
2233 static struct dentry *smk_mount(struct file_system_type *fs_type,
2234 int flags, const char *dev_name, void *data)
2236 return mount_single(fs_type, flags, data, smk_fill_super);
2239 static struct file_system_type smk_fs_type = {
2242 .kill_sb = kill_litter_super,
2245 static struct vfsmount *smackfs_mount;
2247 static int __init smk_preset_netlabel(struct smack_known *skp)
2249 skp->smk_netlabel.domain = skp->smk_known;
2250 skp->smk_netlabel.flags =
2251 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
2252 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known,
2253 &skp->smk_netlabel, strlen(skp->smk_known));
2257 * init_smk_fs - get the smackfs superblock
2259 * register the smackfs
2261 * Do not register smackfs if Smack wasn't enabled
2262 * on boot. We can not put this method normally under the
2263 * smack_init() code path since the security subsystem get
2264 * initialized before the vfs caches.
2266 * Returns true if we were not chosen on boot or if
2267 * we were chosen and filesystem registration succeeded.
2269 static int __init init_smk_fs(void)
2274 if (!security_module_enable(&smack_ops))
2277 err = smk_init_sysfs();
2279 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
2281 err = register_filesystem(&smk_fs_type);
2283 smackfs_mount = kern_mount(&smk_fs_type);
2284 if (IS_ERR(smackfs_mount)) {
2285 printk(KERN_ERR "smackfs: could not mount!\n");
2286 err = PTR_ERR(smackfs_mount);
2287 smackfs_mount = NULL;
2292 smk_unlbl_ambient(NULL);
2294 rc = smk_preset_netlabel(&smack_known_floor);
2295 if (err == 0 && rc < 0)
2297 rc = smk_preset_netlabel(&smack_known_hat);
2298 if (err == 0 && rc < 0)
2300 rc = smk_preset_netlabel(&smack_known_huh);
2301 if (err == 0 && rc < 0)
2303 rc = smk_preset_netlabel(&smack_known_invalid);
2304 if (err == 0 && rc < 0)
2306 rc = smk_preset_netlabel(&smack_known_star);
2307 if (err == 0 && rc < 0)
2309 rc = smk_preset_netlabel(&smack_known_web);
2310 if (err == 0 && rc < 0)
2316 __initcall(init_smk_fs);