2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, version 2.
9 * Casey Schaufler <casey@schaufler-ca.com>
10 * Ahmed S. Darwish <darwish.07@gmail.com>
12 * Special thanks to the authors of selinuxfs.
14 * Karl MacMillan <kmacmillan@tresys.com>
15 * James Morris <jmorris@redhat.com>
19 #include <linux/kernel.h>
20 #include <linux/vmalloc.h>
21 #include <linux/security.h>
22 #include <linux/mutex.h>
23 #include <linux/slab.h>
24 #include <net/net_namespace.h>
25 #include <net/cipso_ipv4.h>
26 #include <linux/seq_file.h>
27 #include <linux/ctype.h>
28 #include <linux/audit.h>
29 #include <linux/magic.h>
33 * smackfs pseudo filesystem.
38 SMK_LOAD = 3, /* load policy */
39 SMK_CIPSO = 4, /* load label -> CIPSO mapping */
40 SMK_DOI = 5, /* CIPSO DOI */
41 SMK_DIRECT = 6, /* CIPSO level indicating direct label */
42 SMK_AMBIENT = 7, /* internet ambient label */
43 SMK_NETLBLADDR = 8, /* single label hosts */
44 SMK_ONLYCAP = 9, /* the only "capable" label */
45 SMK_LOGGING = 10, /* logging */
46 SMK_LOAD_SELF = 11, /* task specific rules */
47 SMK_ACCESSES = 12, /* access policy */
48 SMK_MAPPED = 13, /* CIPSO level indicating mapped label */
49 SMK_LOAD2 = 14, /* load policy with long labels */
50 SMK_LOAD_SELF2 = 15, /* load task specific rules with long labels */
51 SMK_ACCESS2 = 16, /* make an access check with long labels */
52 SMK_CIPSO2 = 17, /* load long label -> CIPSO mapping */
53 SMK_REVOKE_SUBJ = 18, /* set rules with subject label to '-' */
54 SMK_CHANGE_RULE = 19, /* change or add rules (long labels) */
55 #ifdef CONFIG_SECURITY_SMACK_PERMISSIVE_MODE
56 SMK_PERMISSIVE = 20, /* permissive mode */
63 static DEFINE_MUTEX(smack_cipso_lock);
64 static DEFINE_MUTEX(smack_ambient_lock);
65 static DEFINE_MUTEX(smk_netlbladdr_lock);
68 * This is the "ambient" label for network traffic.
69 * If it isn't somehow marked, use this.
70 * It can be reset via smackfs/ambient
72 struct smack_known *smack_net_ambient;
75 * This is the level in a CIPSO header that indicates a
76 * smack label is contained directly in the category set.
77 * It can be reset via smackfs/direct
79 int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
82 * This is the level in a CIPSO header that indicates a
83 * secid is contained directly in the category set.
84 * It can be reset via smackfs/mapped
86 int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
89 * Certain IP addresses may be designated as single label hosts.
90 * Packets are sent there unlabeled, but only from tasks that
91 * can write to the specified label.
94 LIST_HEAD(smk_netlbladdr_list);
97 * Rule lists are maintained for each label.
98 * This master list is just for reading /smack/load and /smack/load2.
100 LIST_HEAD(smack_rule_list);
102 struct smack_parsed_rule {
103 struct smack_known *smk_subject;
109 static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
111 const char *smack_cipso_option = SMACK_CIPSO_OPTION;
114 * Values for parsing cipso rules
115 * SMK_DIGITLEN: Length of a digit field in a rule.
116 * SMK_CIPSOMIN: Minimum possible cipso rule length.
117 * SMK_CIPSOMAX: Maximum possible cipso rule length.
119 #define SMK_DIGITLEN 4
120 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
121 #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
124 * Values for parsing MAC rules
125 * SMK_ACCESS: Maximum possible combination of access permissions
126 * SMK_ACCESSLEN: Maximum length for a rule access field
127 * SMK_LOADLEN: Smack rule length
129 #define SMK_OACCESS "rwxa"
130 #define SMK_ACCESS "rwxatl"
131 #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1)
132 #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1)
133 #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
134 #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
137 * Stricly for CIPSO level manipulation.
138 * Set the category bit number in a smack label sized buffer.
140 static inline void smack_catset_bit(unsigned int cat, char *catsetp)
142 if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
145 catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
149 * smk_netlabel_audit_set - fill a netlbl_audit struct
150 * @nap: structure to fill
152 static void smk_netlabel_audit_set(struct netlbl_audit *nap)
154 struct smack_known *skp = smk_of_current();
156 nap->loginuid = audit_get_loginuid(current);
157 nap->sessionid = audit_get_sessionid(current);
158 nap->secid = skp->smk_secid;
162 * Value for parsing single label host rules
165 #define SMK_NETLBLADDRMIN 9
168 * smk_set_access - add a rule to the rule list or replace an old rule
169 * @srp: the rule to add or replace
170 * @rule_list: the list of rules
171 * @rule_lock: the rule list lock
172 * @global: if non-zero, indicates a global rule
174 * Looks through the current subject/object/access list for
175 * the subject/object pair and replaces the access that was
176 * there. If the pair isn't found add it with the specified
179 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
180 * during the allocation of the new pair to add.
182 static int smk_set_access(struct smack_parsed_rule *srp,
183 struct list_head *rule_list,
184 struct mutex *rule_lock, int global)
186 struct smack_rule *sp;
187 struct smack_master_list *smlp;
191 mutex_lock(rule_lock);
194 * Because the object label is less likely to match
195 * than the subject label check it first
197 list_for_each_entry_rcu(sp, rule_list, list) {
198 if (sp->smk_object == srp->smk_object &&
199 sp->smk_subject == srp->smk_subject) {
201 sp->smk_access |= srp->smk_access1;
202 sp->smk_access &= ~srp->smk_access2;
208 sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL);
214 sp->smk_subject = srp->smk_subject;
215 sp->smk_object = srp->smk_object;
216 sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
218 list_add_rcu(&sp->list, rule_list);
220 * If this is a global as opposed to self and a new rule
221 * it needs to get added for reporting.
224 smlp = kmem_cache_zalloc(smack_master_list_cache,
228 list_add_rcu(&smlp->list, &smack_rule_list);
235 mutex_unlock(rule_lock);
240 * smk_perm_from_str - parse smack accesses from a text string
241 * @string: a text string that contains a Smack accesses code
243 * Returns an integer with respective bits set for specified accesses.
245 static int smk_perm_from_str(const char *string)
250 for (cp = string; ; cp++)
272 perm |= MAY_TRANSMUTE;
284 * smk_fill_rule - Fill Smack rule from strings
285 * @subject: subject label string
286 * @object: object label string
287 * @access1: access string
288 * @access2: string with permissions to be removed
290 * @import: if non-zero, import labels
291 * @len: label length limit
293 * Returns 0 on success, -1 on failure
295 static int smk_fill_rule(const char *subject, const char *object,
296 const char *access1, const char *access2,
297 struct smack_parsed_rule *rule, int import,
301 struct smack_known *skp;
304 rule->smk_subject = smk_import_entry(subject, len);
305 if (rule->smk_subject == NULL)
308 rule->smk_object = smk_import(object, len);
309 if (rule->smk_object == NULL)
312 cp = smk_parse_smack(subject, len);
315 skp = smk_find_entry(cp);
319 rule->smk_subject = skp;
321 cp = smk_parse_smack(object, len);
324 skp = smk_find_entry(cp);
328 rule->smk_object = skp->smk_known;
331 rule->smk_access1 = smk_perm_from_str(access1);
333 rule->smk_access2 = smk_perm_from_str(access2);
335 rule->smk_access2 = ~rule->smk_access1;
341 * smk_parse_rule - parse Smack rule from load string
342 * @data: string to be parsed whose size is SMK_LOADLEN
344 * @import: if non-zero, import labels
346 * Returns 0 on success, -1 on errors.
348 static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
353 rc = smk_fill_rule(data, data + SMK_LABELLEN,
354 data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
355 import, SMK_LABELLEN);
360 * smk_parse_long_rule - parse Smack rule from rule string
361 * @data: string to be parsed, null terminated
362 * @rule: Will be filled with Smack parsed rule
363 * @import: if non-zero, import labels
364 * @tokens: numer of substrings expected in data
366 * Returns number of processed bytes on success, -1 on failure.
368 static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule,
369 int import, int tokens)
376 * Parsing the rule in-place, filling all white-spaces with '\0'
378 for (i = 0; i < tokens; ++i) {
379 while (isspace(data[cnt]))
382 if (data[cnt] == '\0')
383 /* Unexpected end of data */
388 while (data[cnt] && !isspace(data[cnt]))
391 while (isspace(data[cnt]))
397 if (smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0))
403 #define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */
404 #define SMK_LONG_FMT 1 /* Variable long label format */
405 #define SMK_CHANGE_FMT 2 /* Rule modification format */
407 * smk_write_rules_list - write() for any /smack rule file
408 * @file: file pointer, not actually used
409 * @buf: where to get the data from
411 * @ppos: where to start - must be 0
412 * @rule_list: the list of rules to write to
413 * @rule_lock: lock for the rule list
414 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
416 * Get one smack access rule from above.
417 * The format for SMK_LONG_FMT is:
418 * "subject<whitespace>object<whitespace>access[<whitespace>...]"
419 * The format for SMK_FIXED24_FMT is exactly:
420 * "subject object rwxat"
421 * The format for SMK_CHANGE_FMT is:
422 * "subject<whitespace>object<whitespace>
423 * acc_enable<whitespace>acc_disable[<whitespace>...]"
425 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
426 size_t count, loff_t *ppos,
427 struct list_head *rule_list,
428 struct mutex *rule_lock, int format)
430 struct smack_parsed_rule rule;
439 * Enough data must be present.
444 if (format == SMK_FIXED24_FMT) {
446 * Minor hack for backward compatibility
448 if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
451 if (count >= PAGE_SIZE) {
452 count = PAGE_SIZE - 1;
457 data = kmalloc(count + 1, GFP_KERNEL);
461 if (copy_from_user(data, buf, count) != 0) {
467 * In case of parsing only part of user buf,
468 * avoid having partial rule at the data buffer
471 while (count > 0 && (data[count - 1] != '\n'))
480 tokens = (format == SMK_CHANGE_FMT ? 4 : 3);
481 while (cnt < count) {
482 if (format == SMK_FIXED24_FMT) {
483 rc = smk_parse_rule(data, &rule, 1);
490 rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens);
498 if (rule_list == NULL)
499 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules,
500 &rule.smk_subject->smk_rules_lock, 1);
502 rc = smk_set_access(&rule, rule_list, rule_lock, 0);
515 * Core logic for smackfs seq list operations.
518 static void *smk_seq_start(struct seq_file *s, loff_t *pos,
519 struct list_head *head)
521 struct list_head *list;
525 for (list = rcu_dereference(list_next_rcu(head));
527 list = rcu_dereference(list_next_rcu(list))) {
535 static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
536 struct list_head *head)
538 struct list_head *list = v;
541 list = rcu_dereference(list_next_rcu(list));
543 return (list == head) ? NULL : list;
546 static void smk_seq_stop(struct seq_file *s, void *v)
551 static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
554 * Don't show any rules with label names too long for
555 * interface file (/smack/load or /smack/load2)
556 * because you should expect to be able to write
557 * anything you read back.
559 if (strlen(srp->smk_subject->smk_known) >= max ||
560 strlen(srp->smk_object) >= max)
563 if (srp->smk_access == 0)
566 seq_printf(s, "%s %s", srp->smk_subject->smk_known, srp->smk_object);
570 if (srp->smk_access & MAY_READ)
572 if (srp->smk_access & MAY_WRITE)
574 if (srp->smk_access & MAY_EXEC)
576 if (srp->smk_access & MAY_APPEND)
578 if (srp->smk_access & MAY_TRANSMUTE)
580 if (srp->smk_access & MAY_LOCK)
587 * Seq_file read operations for /smack/load
590 static void *load2_seq_start(struct seq_file *s, loff_t *pos)
592 return smk_seq_start(s, pos, &smack_rule_list);
595 static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
597 return smk_seq_next(s, v, pos, &smack_rule_list);
600 static int load_seq_show(struct seq_file *s, void *v)
602 struct list_head *list = v;
603 struct smack_master_list *smlp =
604 list_entry_rcu(list, struct smack_master_list, list);
606 smk_rule_show(s, smlp->smk_rule, SMK_LABELLEN);
611 static const struct seq_operations load_seq_ops = {
612 .start = load2_seq_start,
613 .next = load2_seq_next,
614 .show = load_seq_show,
615 .stop = smk_seq_stop,
619 * smk_open_load - open() for /smack/load
620 * @inode: inode structure representing file
621 * @file: "load" file pointer
623 * For reading, use load_seq_* seq_file reading operations.
625 static int smk_open_load(struct inode *inode, struct file *file)
627 return seq_open(file, &load_seq_ops);
631 * smk_write_load - write() for /smack/load
632 * @file: file pointer, not actually used
633 * @buf: where to get the data from
635 * @ppos: where to start - must be 0
638 static ssize_t smk_write_load(struct file *file, const char __user *buf,
639 size_t count, loff_t *ppos)
642 * Must have privilege.
644 * Enough data must be present.
646 if (!smack_privileged(CAP_MAC_ADMIN))
649 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
653 static const struct file_operations smk_load_ops = {
654 .open = smk_open_load,
657 .write = smk_write_load,
658 .release = seq_release,
661 #ifdef CONFIG_SECURITY_SMACK_PERMISSIVE_MODE
663 * smk_read_permissive - read() for /smack/permissive
664 * @filp: file pointer, not actually used
665 * @buf: where to put the result
666 * @cn: maximum to send along
667 * @ppos: where to start
669 * Returns number of bytes read or error code, as appropriate
671 static ssize_t smk_read_permissive(struct file *filp, char __user *buf,
672 size_t count, loff_t *ppos)
680 sprintf(temp, "%d\n", permissive_mode);
681 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
686 * smk_write_permissive - write() for /smack/permissive
687 * @file: file pointer, not actually used
688 * @buf: where to get the data from
690 * @ppos: where to start
692 * Returns number of bytes written or error code, as appropriate
694 static ssize_t smk_write_permissive(struct file *file, const char __user *buf,
695 size_t count, loff_t *ppos)
700 if (!capable(CAP_MAC_ADMIN))
703 if (count >= sizeof(temp) || count == 0)
706 if (copy_from_user(temp, buf, count) != 0)
711 if (sscanf(temp, "%d", &i) != 1)
719 static const struct file_operations smk_permissive_ops = {
720 .read = smk_read_permissive,
721 .write = smk_write_permissive,
722 .llseek = default_llseek,
724 #endif /* End of CONFIG_SECURITY_SMACK_PERMISSIVE_MODE */
727 * smk_cipso_doi - initialize the CIPSO domain
729 static void smk_cipso_doi(void)
732 struct cipso_v4_doi *doip;
733 struct netlbl_audit nai;
735 smk_netlabel_audit_set(&nai);
737 rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
739 printk(KERN_WARNING "%s:%d remove rc = %d\n",
740 __func__, __LINE__, rc);
742 doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
744 panic("smack: Failed to initialize cipso DOI.\n");
745 doip->map.std = NULL;
746 doip->doi = smk_cipso_doi_value;
747 doip->type = CIPSO_V4_MAP_PASS;
748 doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
749 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
750 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
752 rc = netlbl_cfg_cipsov4_add(doip, &nai);
754 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
755 __func__, __LINE__, rc);
759 rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
761 printk(KERN_WARNING "%s:%d map add rc = %d\n",
762 __func__, __LINE__, rc);
769 * smk_unlbl_ambient - initialize the unlabeled domain
770 * @oldambient: previous domain string
772 static void smk_unlbl_ambient(char *oldambient)
775 struct netlbl_audit nai;
777 smk_netlabel_audit_set(&nai);
779 if (oldambient != NULL) {
780 rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
782 printk(KERN_WARNING "%s:%d remove rc = %d\n",
783 __func__, __LINE__, rc);
785 if (smack_net_ambient == NULL)
786 smack_net_ambient = &smack_known_floor;
788 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET,
791 printk(KERN_WARNING "%s:%d add rc = %d\n",
792 __func__, __LINE__, rc);
796 * Seq_file read operations for /smack/cipso
799 static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
801 return smk_seq_start(s, pos, &smack_known_list);
804 static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
806 return smk_seq_next(s, v, pos, &smack_known_list);
810 * Print cipso labels in format:
811 * label level[/cat[,cat]]
813 static int cipso_seq_show(struct seq_file *s, void *v)
815 struct list_head *list = v;
816 struct smack_known *skp =
817 list_entry_rcu(list, struct smack_known, list);
818 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
823 * Don't show a label that could not have been set using
824 * /smack/cipso. This is in support of the notion that
825 * anything read from /smack/cipso ought to be writeable
828 * /smack/cipso2 should be used instead.
830 if (strlen(skp->smk_known) >= SMK_LABELLEN)
833 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
835 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
836 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
837 seq_printf(s, "%c%d", sep, i);
846 static const struct seq_operations cipso_seq_ops = {
847 .start = cipso_seq_start,
848 .next = cipso_seq_next,
849 .show = cipso_seq_show,
850 .stop = smk_seq_stop,
854 * smk_open_cipso - open() for /smack/cipso
855 * @inode: inode structure representing file
856 * @file: "cipso" file pointer
858 * Connect our cipso_seq_* operations with /smack/cipso
861 static int smk_open_cipso(struct inode *inode, struct file *file)
863 return seq_open(file, &cipso_seq_ops);
867 * smk_set_cipso - do the work for write() for cipso and cipso2
868 * @file: file pointer, not actually used
869 * @buf: where to get the data from
871 * @ppos: where to start
872 * @format: /smack/cipso or /smack/cipso2
874 * Accepts only one cipso rule per write call.
875 * Returns number of bytes written or error code, as appropriate
877 static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
878 size_t count, loff_t *ppos, int format)
880 struct smack_known *skp;
881 struct netlbl_lsm_secattr ncats;
882 char mapcatset[SMK_CIPSOLEN];
886 ssize_t rc = -EINVAL;
893 * Must have privilege.
895 * Enough data must be present.
897 if (!smack_privileged(CAP_MAC_ADMIN))
901 if (format == SMK_FIXED24_FMT &&
902 (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
905 data = kzalloc(count + 1, GFP_KERNEL);
909 if (copy_from_user(data, buf, count) != 0) {
917 * Only allow one writer at a time. Writes should be
918 * quite rare and small in any case.
920 mutex_lock(&smack_cipso_lock);
922 skp = smk_import_entry(rule, 0);
926 if (format == SMK_FIXED24_FMT)
927 rule += SMK_LABELLEN;
929 rule += strlen(skp->smk_known) + 1;
931 ret = sscanf(rule, "%d", &maplevel);
932 if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
935 rule += SMK_DIGITLEN;
936 ret = sscanf(rule, "%d", &catlen);
937 if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
940 if (format == SMK_FIXED24_FMT &&
941 count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
944 memset(mapcatset, 0, sizeof(mapcatset));
946 for (i = 0; i < catlen; i++) {
947 rule += SMK_DIGITLEN;
948 ret = sscanf(rule, "%u", &cat);
949 if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
952 smack_catset_bit(cat, mapcatset);
955 rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
957 netlbl_secattr_catmap_free(skp->smk_netlabel.attr.mls.cat);
958 skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
959 skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
964 mutex_unlock(&smack_cipso_lock);
971 * smk_write_cipso - write() for /smack/cipso
972 * @file: file pointer, not actually used
973 * @buf: where to get the data from
975 * @ppos: where to start
977 * Accepts only one cipso rule per write call.
978 * Returns number of bytes written or error code, as appropriate
980 static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
981 size_t count, loff_t *ppos)
983 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
986 static const struct file_operations smk_cipso_ops = {
987 .open = smk_open_cipso,
990 .write = smk_write_cipso,
991 .release = seq_release,
995 * Seq_file read operations for /smack/cipso2
999 * Print cipso labels in format:
1000 * label level[/cat[,cat]]
1002 static int cipso2_seq_show(struct seq_file *s, void *v)
1004 struct list_head *list = v;
1005 struct smack_known *skp =
1006 list_entry_rcu(list, struct smack_known, list);
1007 struct netlbl_lsm_secattr_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
1011 seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
1013 for (i = netlbl_secattr_catmap_walk(cmp, 0); i >= 0;
1014 i = netlbl_secattr_catmap_walk(cmp, i + 1)) {
1015 seq_printf(s, "%c%d", sep, i);
1024 static const struct seq_operations cipso2_seq_ops = {
1025 .start = cipso_seq_start,
1026 .next = cipso_seq_next,
1027 .show = cipso2_seq_show,
1028 .stop = smk_seq_stop,
1032 * smk_open_cipso2 - open() for /smack/cipso2
1033 * @inode: inode structure representing file
1034 * @file: "cipso2" file pointer
1036 * Connect our cipso_seq_* operations with /smack/cipso2
1039 static int smk_open_cipso2(struct inode *inode, struct file *file)
1041 return seq_open(file, &cipso2_seq_ops);
1045 * smk_write_cipso2 - write() for /smack/cipso2
1046 * @file: file pointer, not actually used
1047 * @buf: where to get the data from
1048 * @count: bytes sent
1049 * @ppos: where to start
1051 * Accepts only one cipso rule per write call.
1052 * Returns number of bytes written or error code, as appropriate
1054 static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
1055 size_t count, loff_t *ppos)
1057 return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1060 static const struct file_operations smk_cipso2_ops = {
1061 .open = smk_open_cipso2,
1063 .llseek = seq_lseek,
1064 .write = smk_write_cipso2,
1065 .release = seq_release,
1069 * Seq_file read operations for /smack/netlabel
1072 static void *netlbladdr_seq_start(struct seq_file *s, loff_t *pos)
1074 return smk_seq_start(s, pos, &smk_netlbladdr_list);
1077 static void *netlbladdr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1079 return smk_seq_next(s, v, pos, &smk_netlbladdr_list);
1081 #define BEBITS (sizeof(__be32) * 8)
1084 * Print host/label pairs
1086 static int netlbladdr_seq_show(struct seq_file *s, void *v)
1088 struct list_head *list = v;
1089 struct smk_netlbladdr *skp =
1090 list_entry_rcu(list, struct smk_netlbladdr, list);
1091 unsigned char *hp = (char *) &skp->smk_host.sin_addr.s_addr;
1093 u32 temp_mask = be32_to_cpu(skp->smk_mask.s_addr);
1095 for (maskn = 0; temp_mask; temp_mask <<= 1, maskn++);
1097 seq_printf(s, "%u.%u.%u.%u/%d %s\n",
1098 hp[0], hp[1], hp[2], hp[3], maskn, skp->smk_label);
1103 static const struct seq_operations netlbladdr_seq_ops = {
1104 .start = netlbladdr_seq_start,
1105 .next = netlbladdr_seq_next,
1106 .show = netlbladdr_seq_show,
1107 .stop = smk_seq_stop,
1111 * smk_open_netlbladdr - open() for /smack/netlabel
1112 * @inode: inode structure representing file
1113 * @file: "netlabel" file pointer
1115 * Connect our netlbladdr_seq_* operations with /smack/netlabel
1118 static int smk_open_netlbladdr(struct inode *inode, struct file *file)
1120 return seq_open(file, &netlbladdr_seq_ops);
1124 * smk_netlbladdr_insert
1125 * @new : netlabel to insert
1127 * This helper insert netlabel in the smack_netlbladdrs list
1128 * sorted by netmask length (longest to smallest)
1129 * locked by &smk_netlbladdr_lock in smk_write_netlbladdr
1132 static void smk_netlbladdr_insert(struct smk_netlbladdr *new)
1134 struct smk_netlbladdr *m, *m_next;
1136 if (list_empty(&smk_netlbladdr_list)) {
1137 list_add_rcu(&new->list, &smk_netlbladdr_list);
1141 m = list_entry_rcu(smk_netlbladdr_list.next,
1142 struct smk_netlbladdr, list);
1144 /* the comparison '>' is a bit hacky, but works */
1145 if (new->smk_mask.s_addr > m->smk_mask.s_addr) {
1146 list_add_rcu(&new->list, &smk_netlbladdr_list);
1150 list_for_each_entry_rcu(m, &smk_netlbladdr_list, list) {
1151 if (list_is_last(&m->list, &smk_netlbladdr_list)) {
1152 list_add_rcu(&new->list, &m->list);
1155 m_next = list_entry_rcu(m->list.next,
1156 struct smk_netlbladdr, list);
1157 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) {
1158 list_add_rcu(&new->list, &m->list);
1166 * smk_write_netlbladdr - write() for /smack/netlabel
1167 * @file: file pointer, not actually used
1168 * @buf: where to get the data from
1169 * @count: bytes sent
1170 * @ppos: where to start
1172 * Accepts only one netlbladdr per write call.
1173 * Returns number of bytes written or error code, as appropriate
1175 static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
1176 size_t count, loff_t *ppos)
1178 struct smk_netlbladdr *skp;
1179 struct sockaddr_in newname;
1183 char *host = (char *)&newname.sin_addr.s_addr;
1185 struct netlbl_audit audit_info;
1186 struct in_addr mask;
1189 u32 mask_bits = (1<<31);
1194 * Must have privilege.
1195 * No partial writes.
1196 * Enough data must be present.
1197 * "<addr/mask, as a.b.c.d/e><space><label>"
1198 * "<addr, as a.b.c.d><space><label>"
1200 if (!smack_privileged(CAP_MAC_ADMIN))
1204 if (count < SMK_NETLBLADDRMIN)
1207 data = kzalloc(count + 1, GFP_KERNEL);
1211 if (copy_from_user(data, buf, count) != 0) {
1216 smack = kzalloc(count + 1, GFP_KERNEL);
1217 if (smack == NULL) {
1224 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%d %s",
1225 &host[0], &host[1], &host[2], &host[3], &m, smack);
1227 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1228 &host[0], &host[1], &host[2], &host[3], smack);
1241 * If smack begins with '-', it is an option, don't import it
1243 if (smack[0] != '-') {
1244 sp = smk_import(smack, 0);
1250 /* check known options */
1251 if (strcmp(smack, smack_cipso_option) == 0)
1252 sp = (char *)smack_cipso_option;
1259 for (temp_mask = 0; m > 0; m--) {
1260 temp_mask |= mask_bits;
1263 mask.s_addr = cpu_to_be32(temp_mask);
1265 newname.sin_addr.s_addr &= mask.s_addr;
1267 * Only allow one writer at a time. Writes should be
1268 * quite rare and small in any case.
1270 mutex_lock(&smk_netlbladdr_lock);
1272 nsa = newname.sin_addr.s_addr;
1273 /* try to find if the prefix is already in the list */
1275 list_for_each_entry_rcu(skp, &smk_netlbladdr_list, list) {
1276 if (skp->smk_host.sin_addr.s_addr == nsa &&
1277 skp->smk_mask.s_addr == mask.s_addr) {
1282 smk_netlabel_audit_set(&audit_info);
1285 skp = kzalloc(sizeof(*skp), GFP_KERNEL);
1290 skp->smk_host.sin_addr.s_addr = newname.sin_addr.s_addr;
1291 skp->smk_mask.s_addr = mask.s_addr;
1292 skp->smk_label = sp;
1293 smk_netlbladdr_insert(skp);
1296 /* we delete the unlabeled entry, only if the previous label
1297 * wasn't the special CIPSO option */
1298 if (skp->smk_label != smack_cipso_option)
1299 rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1300 &skp->smk_host.sin_addr, &skp->smk_mask,
1301 PF_INET, &audit_info);
1304 skp->smk_label = sp;
1308 * Now tell netlabel about the single label nature of
1309 * this host so that incoming packets get labeled.
1310 * but only if we didn't get the special CIPSO option
1312 if (rc == 0 && sp != smack_cipso_option)
1313 rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1314 &skp->smk_host.sin_addr, &skp->smk_mask, PF_INET,
1315 smack_to_secid(skp->smk_label), &audit_info);
1320 mutex_unlock(&smk_netlbladdr_lock);
1330 static const struct file_operations smk_netlbladdr_ops = {
1331 .open = smk_open_netlbladdr,
1333 .llseek = seq_lseek,
1334 .write = smk_write_netlbladdr,
1335 .release = seq_release,
1339 * smk_read_doi - read() for /smack/doi
1340 * @filp: file pointer, not actually used
1341 * @buf: where to put the result
1342 * @count: maximum to send along
1343 * @ppos: where to start
1345 * Returns number of bytes read or error code, as appropriate
1347 static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1348 size_t count, loff_t *ppos)
1356 sprintf(temp, "%d", smk_cipso_doi_value);
1357 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1363 * smk_write_doi - write() for /smack/doi
1364 * @file: file pointer, not actually used
1365 * @buf: where to get the data from
1366 * @count: bytes sent
1367 * @ppos: where to start
1369 * Returns number of bytes written or error code, as appropriate
1371 static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1372 size_t count, loff_t *ppos)
1377 if (!smack_privileged(CAP_MAC_ADMIN))
1380 if (count >= sizeof(temp) || count == 0)
1383 if (copy_from_user(temp, buf, count) != 0)
1388 if (sscanf(temp, "%d", &i) != 1)
1391 smk_cipso_doi_value = i;
1398 static const struct file_operations smk_doi_ops = {
1399 .read = smk_read_doi,
1400 .write = smk_write_doi,
1401 .llseek = default_llseek,
1405 * smk_read_direct - read() for /smack/direct
1406 * @filp: file pointer, not actually used
1407 * @buf: where to put the result
1408 * @count: maximum to send along
1409 * @ppos: where to start
1411 * Returns number of bytes read or error code, as appropriate
1413 static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1414 size_t count, loff_t *ppos)
1422 sprintf(temp, "%d", smack_cipso_direct);
1423 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1429 * smk_write_direct - write() for /smack/direct
1430 * @file: file pointer, not actually used
1431 * @buf: where to get the data from
1432 * @count: bytes sent
1433 * @ppos: where to start
1435 * Returns number of bytes written or error code, as appropriate
1437 static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1438 size_t count, loff_t *ppos)
1440 struct smack_known *skp;
1444 if (!smack_privileged(CAP_MAC_ADMIN))
1447 if (count >= sizeof(temp) || count == 0)
1450 if (copy_from_user(temp, buf, count) != 0)
1455 if (sscanf(temp, "%d", &i) != 1)
1459 * Don't do anything if the value hasn't actually changed.
1460 * If it is changing reset the level on entries that were
1461 * set up to be direct when they were created.
1463 if (smack_cipso_direct != i) {
1464 mutex_lock(&smack_known_lock);
1465 list_for_each_entry_rcu(skp, &smack_known_list, list)
1466 if (skp->smk_netlabel.attr.mls.lvl ==
1468 skp->smk_netlabel.attr.mls.lvl = i;
1469 smack_cipso_direct = i;
1470 mutex_unlock(&smack_known_lock);
1476 static const struct file_operations smk_direct_ops = {
1477 .read = smk_read_direct,
1478 .write = smk_write_direct,
1479 .llseek = default_llseek,
1483 * smk_read_mapped - read() for /smack/mapped
1484 * @filp: file pointer, not actually used
1485 * @buf: where to put the result
1486 * @count: maximum to send along
1487 * @ppos: where to start
1489 * Returns number of bytes read or error code, as appropriate
1491 static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1492 size_t count, loff_t *ppos)
1500 sprintf(temp, "%d", smack_cipso_mapped);
1501 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1507 * smk_write_mapped - write() for /smack/mapped
1508 * @file: file pointer, not actually used
1509 * @buf: where to get the data from
1510 * @count: bytes sent
1511 * @ppos: where to start
1513 * Returns number of bytes written or error code, as appropriate
1515 static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1516 size_t count, loff_t *ppos)
1518 struct smack_known *skp;
1522 if (!smack_privileged(CAP_MAC_ADMIN))
1525 if (count >= sizeof(temp) || count == 0)
1528 if (copy_from_user(temp, buf, count) != 0)
1533 if (sscanf(temp, "%d", &i) != 1)
1537 * Don't do anything if the value hasn't actually changed.
1538 * If it is changing reset the level on entries that were
1539 * set up to be mapped when they were created.
1541 if (smack_cipso_mapped != i) {
1542 mutex_lock(&smack_known_lock);
1543 list_for_each_entry_rcu(skp, &smack_known_list, list)
1544 if (skp->smk_netlabel.attr.mls.lvl ==
1546 skp->smk_netlabel.attr.mls.lvl = i;
1547 smack_cipso_mapped = i;
1548 mutex_unlock(&smack_known_lock);
1554 static const struct file_operations smk_mapped_ops = {
1555 .read = smk_read_mapped,
1556 .write = smk_write_mapped,
1557 .llseek = default_llseek,
1561 * smk_read_ambient - read() for /smack/ambient
1562 * @filp: file pointer, not actually used
1563 * @buf: where to put the result
1564 * @cn: maximum to send along
1565 * @ppos: where to start
1567 * Returns number of bytes read or error code, as appropriate
1569 static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1570 size_t cn, loff_t *ppos)
1578 * Being careful to avoid a problem in the case where
1579 * smack_net_ambient gets changed in midstream.
1581 mutex_lock(&smack_ambient_lock);
1583 asize = strlen(smack_net_ambient->smk_known) + 1;
1586 rc = simple_read_from_buffer(buf, cn, ppos,
1587 smack_net_ambient->smk_known,
1592 mutex_unlock(&smack_ambient_lock);
1598 * smk_write_ambient - write() for /smack/ambient
1599 * @file: file pointer, not actually used
1600 * @buf: where to get the data from
1601 * @count: bytes sent
1602 * @ppos: where to start
1604 * Returns number of bytes written or error code, as appropriate
1606 static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1607 size_t count, loff_t *ppos)
1609 struct smack_known *skp;
1614 if (!smack_privileged(CAP_MAC_ADMIN))
1617 data = kzalloc(count + 1, GFP_KERNEL);
1621 if (copy_from_user(data, buf, count) != 0) {
1626 skp = smk_import_entry(data, count);
1632 mutex_lock(&smack_ambient_lock);
1634 oldambient = smack_net_ambient->smk_known;
1635 smack_net_ambient = skp;
1636 smk_unlbl_ambient(oldambient);
1638 mutex_unlock(&smack_ambient_lock);
1645 static const struct file_operations smk_ambient_ops = {
1646 .read = smk_read_ambient,
1647 .write = smk_write_ambient,
1648 .llseek = default_llseek,
1652 * Seq_file operations for /smack/onlycap
1654 static void *onlycap_seq_start(struct seq_file *s, loff_t *pos)
1656 return smk_seq_start(s, pos, &smack_onlycap_list);
1659 static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos)
1661 return smk_seq_next(s, v, pos, &smack_onlycap_list);
1664 static int onlycap_seq_show(struct seq_file *s, void *v)
1666 struct list_head *list = v;
1667 struct smack_onlycap *sop =
1668 list_entry_rcu(list, struct smack_onlycap, list);
1670 seq_puts(s, sop->smk_label->smk_known);
1676 static const struct seq_operations onlycap_seq_ops = {
1677 .start = onlycap_seq_start,
1678 .next = onlycap_seq_next,
1679 .show = onlycap_seq_show,
1680 .stop = smk_seq_stop,
1683 static int smk_open_onlycap(struct inode *inode, struct file *file)
1685 return seq_open(file, &onlycap_seq_ops);
1689 * list_swap_rcu - swap public list with a private one in RCU-safe way
1690 * The caller must hold appropriate mutex to prevent concurrent modifications
1691 * to the public list.
1692 * Private list is assumed to be not accessible to other threads yet.
1694 * @public: public list
1695 * @private: private list
1697 static void list_swap_rcu(struct list_head *public, struct list_head *private)
1699 struct list_head *first, *last;
1701 if (list_empty(public)) {
1702 list_splice_init_rcu(private, public, synchronize_rcu);
1704 /* Remember public list before replacing it */
1705 first = public->next;
1706 last = public->prev;
1708 /* Publish private list in place of public in RCU-safe way */
1709 private->prev->next = public;
1710 private->next->prev = public;
1711 rcu_assign_pointer(public->next, private->next);
1712 public->prev = private->prev;
1716 /* When all readers are done with the old public list,
1717 * attach it in place of private */
1718 private->next = first;
1719 private->prev = last;
1720 first->prev = private;
1721 last->next = private;
1726 * smk_write_onlycap - write() for /smack/onlycap
1727 * @file: file pointer, not actually used
1728 * @buf: where to get the data from
1729 * @count: bytes sent
1730 * @ppos: where to start
1732 * Returns number of bytes written or error code, as appropriate
1734 static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1735 size_t count, loff_t *ppos)
1740 struct smack_known *skp;
1741 struct smack_onlycap *sop;
1742 struct smack_onlycap *sop2;
1743 LIST_HEAD(list_tmp);
1746 if (!smack_privileged(CAP_MAC_ADMIN))
1749 data = kzalloc(count + 1, GFP_KERNEL);
1753 if (copy_from_user(data, buf, count) != 0) {
1759 while ((tok = strsep(&data_parse, " ")) != NULL) {
1763 skp = smk_import_entry(tok, 0);
1769 sop = kzalloc(sizeof(*sop), GFP_KERNEL);
1775 sop->smk_label = skp;
1776 list_add_rcu(&sop->list, &list_tmp);
1781 * Should the null string be passed in unset the onlycap value.
1782 * This seems like something to be careful with as usually
1783 * smk_import only expects to return NULL for errors. It
1784 * is usually the case that a nullstring or "\n" would be
1785 * bad to pass to smk_import but in fact this is useful here.
1787 * smk_import will also reject a label beginning with '-',
1788 * so "-usecapabilities" will also work.
1790 * But do so only on invalid label, not on system errors.
1791 * The invalid label must be first to count as clearing attempt.
1793 if (rc == -EINVAL && list_empty(&list_tmp))
1797 mutex_lock(&smack_onlycap_lock);
1798 list_swap_rcu(&smack_onlycap_list, &list_tmp);
1799 mutex_unlock(&smack_onlycap_lock);
1802 list_for_each_entry_safe(sop, sop2, &list_tmp, list)
1808 static const struct file_operations smk_onlycap_ops = {
1809 .open = smk_open_onlycap,
1811 .write = smk_write_onlycap,
1812 .llseek = seq_lseek,
1813 .release = seq_release,
1817 * smk_read_logging - read() for /smack/logging
1818 * @filp: file pointer, not actually used
1819 * @buf: where to put the result
1820 * @cn: maximum to send along
1821 * @ppos: where to start
1823 * Returns number of bytes read or error code, as appropriate
1825 static ssize_t smk_read_logging(struct file *filp, char __user *buf,
1826 size_t count, loff_t *ppos)
1834 sprintf(temp, "%d\n", log_policy);
1835 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1840 * smk_write_logging - write() for /smack/logging
1841 * @file: file pointer, not actually used
1842 * @buf: where to get the data from
1843 * @count: bytes sent
1844 * @ppos: where to start
1846 * Returns number of bytes written or error code, as appropriate
1848 static ssize_t smk_write_logging(struct file *file, const char __user *buf,
1849 size_t count, loff_t *ppos)
1854 if (!smack_privileged(CAP_MAC_ADMIN))
1857 if (count >= sizeof(temp) || count == 0)
1860 if (copy_from_user(temp, buf, count) != 0)
1865 if (sscanf(temp, "%d", &i) != 1)
1875 static const struct file_operations smk_logging_ops = {
1876 .read = smk_read_logging,
1877 .write = smk_write_logging,
1878 .llseek = default_llseek,
1882 * Seq_file read operations for /smack/load-self
1885 static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
1887 struct task_smack *tsp = current_security();
1889 return smk_seq_start(s, pos, &tsp->smk_rules);
1892 static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
1894 struct task_smack *tsp = current_security();
1896 return smk_seq_next(s, v, pos, &tsp->smk_rules);
1899 static int load_self_seq_show(struct seq_file *s, void *v)
1901 struct list_head *list = v;
1902 struct smack_rule *srp =
1903 list_entry_rcu(list, struct smack_rule, list);
1905 smk_rule_show(s, srp, SMK_LABELLEN);
1910 static const struct seq_operations load_self_seq_ops = {
1911 .start = load_self_seq_start,
1912 .next = load_self_seq_next,
1913 .show = load_self_seq_show,
1914 .stop = smk_seq_stop,
1919 * smk_open_load_self - open() for /smack/load-self2
1920 * @inode: inode structure representing file
1921 * @file: "load" file pointer
1923 * For reading, use load_seq_* seq_file reading operations.
1925 static int smk_open_load_self(struct inode *inode, struct file *file)
1927 return seq_open(file, &load_self_seq_ops);
1931 * smk_write_load_self - write() for /smack/load-self
1932 * @file: file pointer, not actually used
1933 * @buf: where to get the data from
1934 * @count: bytes sent
1935 * @ppos: where to start - must be 0
1938 static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
1939 size_t count, loff_t *ppos)
1941 struct task_smack *tsp = current_security();
1943 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
1944 &tsp->smk_rules_lock, SMK_FIXED24_FMT);
1947 static const struct file_operations smk_load_self_ops = {
1948 .open = smk_open_load_self,
1950 .llseek = seq_lseek,
1951 .write = smk_write_load_self,
1952 .release = seq_release,
1956 * smk_user_access - handle access check transaction
1957 * @file: file pointer
1958 * @buf: data from user space
1959 * @count: bytes sent
1960 * @ppos: where to start - must be 0
1962 static ssize_t smk_user_access(struct file *file, const char __user *buf,
1963 size_t count, loff_t *ppos, int format)
1965 struct smack_parsed_rule rule;
1969 data = simple_transaction_get(file, buf, count);
1971 return PTR_ERR(data);
1973 if (format == SMK_FIXED24_FMT) {
1974 if (count < SMK_LOADLEN)
1976 res = smk_parse_rule(data, &rule, 0);
1979 * simple_transaction_get() returns null-terminated data
1981 res = smk_parse_long_rule(data, &rule, 0, 3);
1987 res = smk_access(rule.smk_subject, rule.smk_object,
1988 rule.smk_access1, NULL);
1989 data[0] = res == 0 ? '1' : '0';
1992 simple_transaction_set(file, 2);
1998 * smk_write_access - handle access check transaction
1999 * @file: file pointer
2000 * @buf: data from user space
2001 * @count: bytes sent
2002 * @ppos: where to start - must be 0
2004 static ssize_t smk_write_access(struct file *file, const char __user *buf,
2005 size_t count, loff_t *ppos)
2007 return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
2010 static const struct file_operations smk_access_ops = {
2011 .write = smk_write_access,
2012 .read = simple_transaction_read,
2013 .release = simple_transaction_release,
2014 .llseek = generic_file_llseek,
2019 * Seq_file read operations for /smack/load2
2022 static int load2_seq_show(struct seq_file *s, void *v)
2024 struct list_head *list = v;
2025 struct smack_master_list *smlp =
2026 list_entry_rcu(list, struct smack_master_list, list);
2028 smk_rule_show(s, smlp->smk_rule, SMK_LONGLABEL);
2033 static const struct seq_operations load2_seq_ops = {
2034 .start = load2_seq_start,
2035 .next = load2_seq_next,
2036 .show = load2_seq_show,
2037 .stop = smk_seq_stop,
2041 * smk_open_load2 - open() for /smack/load2
2042 * @inode: inode structure representing file
2043 * @file: "load2" file pointer
2045 * For reading, use load2_seq_* seq_file reading operations.
2047 static int smk_open_load2(struct inode *inode, struct file *file)
2049 return seq_open(file, &load2_seq_ops);
2053 * smk_write_load2 - write() for /smack/load2
2054 * @file: file pointer, not actually used
2055 * @buf: where to get the data from
2056 * @count: bytes sent
2057 * @ppos: where to start - must be 0
2060 static ssize_t smk_write_load2(struct file *file, const char __user *buf,
2061 size_t count, loff_t *ppos)
2064 * Must have privilege.
2066 if (!smack_privileged(CAP_MAC_ADMIN))
2069 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2073 static const struct file_operations smk_load2_ops = {
2074 .open = smk_open_load2,
2076 .llseek = seq_lseek,
2077 .write = smk_write_load2,
2078 .release = seq_release,
2082 * Seq_file read operations for /smack/load-self2
2085 static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
2087 struct task_smack *tsp = current_security();
2089 return smk_seq_start(s, pos, &tsp->smk_rules);
2092 static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
2094 struct task_smack *tsp = current_security();
2096 return smk_seq_next(s, v, pos, &tsp->smk_rules);
2099 static int load_self2_seq_show(struct seq_file *s, void *v)
2101 struct list_head *list = v;
2102 struct smack_rule *srp =
2103 list_entry_rcu(list, struct smack_rule, list);
2105 smk_rule_show(s, srp, SMK_LONGLABEL);
2110 static const struct seq_operations load_self2_seq_ops = {
2111 .start = load_self2_seq_start,
2112 .next = load_self2_seq_next,
2113 .show = load_self2_seq_show,
2114 .stop = smk_seq_stop,
2118 * smk_open_load_self2 - open() for /smack/load-self2
2119 * @inode: inode structure representing file
2120 * @file: "load" file pointer
2122 * For reading, use load_seq_* seq_file reading operations.
2124 static int smk_open_load_self2(struct inode *inode, struct file *file)
2126 return seq_open(file, &load_self2_seq_ops);
2130 * smk_write_load_self2 - write() for /smack/load-self2
2131 * @file: file pointer, not actually used
2132 * @buf: where to get the data from
2133 * @count: bytes sent
2134 * @ppos: where to start - must be 0
2137 static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2138 size_t count, loff_t *ppos)
2140 struct task_smack *tsp = current_security();
2142 return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2143 &tsp->smk_rules_lock, SMK_LONG_FMT);
2146 static const struct file_operations smk_load_self2_ops = {
2147 .open = smk_open_load_self2,
2149 .llseek = seq_lseek,
2150 .write = smk_write_load_self2,
2151 .release = seq_release,
2155 * smk_write_access2 - handle access check transaction
2156 * @file: file pointer
2157 * @buf: data from user space
2158 * @count: bytes sent
2159 * @ppos: where to start - must be 0
2161 static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2162 size_t count, loff_t *ppos)
2164 return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2167 static const struct file_operations smk_access2_ops = {
2168 .write = smk_write_access2,
2169 .read = simple_transaction_read,
2170 .release = simple_transaction_release,
2171 .llseek = generic_file_llseek,
2175 * smk_write_revoke_subj - write() for /smack/revoke-subject
2176 * @file: file pointer
2177 * @buf: data from user space
2178 * @count: bytes sent
2179 * @ppos: where to start - must be 0
2181 static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2182 size_t count, loff_t *ppos)
2185 const char *cp = NULL;
2186 struct smack_known *skp;
2187 struct smack_rule *sp;
2188 struct list_head *rule_list;
2189 struct mutex *rule_lock;
2195 if (!smack_privileged(CAP_MAC_ADMIN))
2198 if (count == 0 || count > SMK_LONGLABEL)
2201 data = kzalloc(count, GFP_KERNEL);
2205 if (copy_from_user(data, buf, count) != 0) {
2210 cp = smk_parse_smack(data, count);
2216 skp = smk_find_entry(cp);
2220 rule_list = &skp->smk_rules;
2221 rule_lock = &skp->smk_rules_lock;
2223 mutex_lock(rule_lock);
2225 list_for_each_entry_rcu(sp, rule_list, list)
2228 mutex_unlock(rule_lock);
2236 static const struct file_operations smk_revoke_subj_ops = {
2237 .write = smk_write_revoke_subj,
2238 .read = simple_transaction_read,
2239 .release = simple_transaction_release,
2240 .llseek = generic_file_llseek,
2243 static struct kset *smackfs_kset;
2245 * smk_init_sysfs - initialize /sys/fs/smackfs
2248 static int smk_init_sysfs(void)
2250 smackfs_kset = kset_create_and_add("smackfs", NULL, fs_kobj);
2257 * smk_write_change_rule - write() for /smack/change-rule
2258 * @file: file pointer
2259 * @buf: data from user space
2260 * @count: bytes sent
2261 * @ppos: where to start - must be 0
2263 static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2264 size_t count, loff_t *ppos)
2267 * Must have privilege.
2269 if (!capable(CAP_MAC_ADMIN))
2272 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2276 static const struct file_operations smk_change_rule_ops = {
2277 .write = smk_write_change_rule,
2278 .read = simple_transaction_read,
2279 .release = simple_transaction_release,
2280 .llseek = generic_file_llseek,
2284 * smk_fill_super - fill the /smackfs superblock
2285 * @sb: the empty superblock
2289 * Fill in the well known entries for /smack
2291 * Returns 0 on success, an error code on failure
2293 static int smk_fill_super(struct super_block *sb, void *data, int silent)
2296 struct inode *root_inode;
2298 static struct tree_descr smack_files[] = {
2300 "load", &smk_load_ops, S_IRUGO|S_IWUSR},
2302 "cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2304 "doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2306 "direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2308 "ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2309 [SMK_NETLBLADDR] = {
2310 "netlabel", &smk_netlbladdr_ops, S_IRUGO|S_IWUSR},
2312 "onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2314 "logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2316 "load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2318 "access", &smk_access_ops, S_IRUGO|S_IWUGO},
2320 "mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2322 "load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2323 [SMK_LOAD_SELF2] = {
2324 "load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2326 "access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2328 "cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2329 [SMK_REVOKE_SUBJ] = {
2330 "revoke-subject", &smk_revoke_subj_ops,
2332 [SMK_CHANGE_RULE] = {
2333 "change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2334 #ifdef CONFIG_SECURITY_SMACK_PERMISSIVE_MODE
2335 [SMK_PERMISSIVE] = {
2336 "permissive", &smk_permissive_ops, S_IRUGO|S_IWUSR},
2343 rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2345 printk(KERN_ERR "%s failed %d while creating inodes\n",
2350 root_inode = sb->s_root->d_inode;
2356 * smk_mount - get the smackfs superblock
2357 * @fs_type: passed along without comment
2358 * @flags: passed along without comment
2359 * @dev_name: passed along without comment
2360 * @data: passed along without comment
2362 * Just passes everything along.
2364 * Returns what the lower level code does.
2366 static struct dentry *smk_mount(struct file_system_type *fs_type,
2367 int flags, const char *dev_name, void *data)
2369 return mount_single(fs_type, flags, data, smk_fill_super);
2372 static struct file_system_type smk_fs_type = {
2375 .kill_sb = kill_litter_super,
2378 static struct vfsmount *smackfs_mount;
2380 static int __init smk_preset_netlabel(struct smack_known *skp)
2382 skp->smk_netlabel.domain = skp->smk_known;
2383 skp->smk_netlabel.flags =
2384 NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL;
2385 return smk_netlbl_mls(smack_cipso_direct, skp->smk_known,
2386 &skp->smk_netlabel, strlen(skp->smk_known));
2390 * init_smk_fs - get the smackfs superblock
2392 * register the smackfs
2394 * Do not register smackfs if Smack wasn't enabled
2395 * on boot. We can not put this method normally under the
2396 * smack_init() code path since the security subsystem get
2397 * initialized before the vfs caches.
2399 * Returns true if we were not chosen on boot or if
2400 * we were chosen and filesystem registration succeeded.
2402 static int __init init_smk_fs(void)
2407 if (!security_module_enable(&smack_ops))
2410 err = smk_init_sysfs();
2412 printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
2414 err = register_filesystem(&smk_fs_type);
2416 smackfs_mount = kern_mount(&smk_fs_type);
2417 if (IS_ERR(smackfs_mount)) {
2418 printk(KERN_ERR "smackfs: could not mount!\n");
2419 err = PTR_ERR(smackfs_mount);
2420 smackfs_mount = NULL;
2425 smk_unlbl_ambient(NULL);
2427 rc = smk_preset_netlabel(&smack_known_floor);
2428 if (err == 0 && rc < 0)
2430 rc = smk_preset_netlabel(&smack_known_hat);
2431 if (err == 0 && rc < 0)
2433 rc = smk_preset_netlabel(&smack_known_huh);
2434 if (err == 0 && rc < 0)
2436 rc = smk_preset_netlabel(&smack_known_invalid);
2437 if (err == 0 && rc < 0)
2439 rc = smk_preset_netlabel(&smack_known_star);
2440 if (err == 0 && rc < 0)
2442 rc = smk_preset_netlabel(&smack_known_web);
2443 if (err == 0 && rc < 0)
2449 __initcall(init_smk_fs);