/* * This is the "ambient" label for network traffic. * If it isn't somehow marked, use this. * It can be reset via smackfs/ambient
*/ struct smack_known *smack_net_ambient;
/* * This is the level in a CIPSO header that indicates a * smack label is contained directly in the category set. * It can be reset via smackfs/direct
*/ int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
/* * This is the level in a CIPSO header that indicates a * secid is contained directly in the category set. * It can be reset via smackfs/mapped
*/ int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
#ifdef CONFIG_SECURITY_SMACK_BRINGUP /* * Allow one label to be unconfined. This is for * debugging and application bring-up purposes only. * It is bad and wrong, but everyone seems to expect * to have it.
*/ struct smack_known *smack_unconfined; #endif
/* * If this value is set restrict syslog use to the label specified. * It can be reset via smackfs/syslog
*/ struct smack_known *smack_syslog_label;
/* * Ptrace current rule * SMACK_PTRACE_DEFAULT regular smack ptrace rules (/proc based) * SMACK_PTRACE_EXACT labels must match, but can be overriden with * CAP_SYS_PTRACE * SMACK_PTRACE_DRACONIAN labels must match, CAP_SYS_PTRACE has no effect
*/ int smack_ptrace_rule = SMACK_PTRACE_DEFAULT;
/* * Certain IP addresses may be designated as single label hosts. * Packets are sent there unlabeled, but only from tasks that * can write to the specified label.
*/
/* * Rule lists are maintained for each label.
*/ struct smack_parsed_rule { struct smack_known *smk_subject; struct smack_known *smk_object; int smk_access1; int smk_access2;
};
/* * Values for parsing cipso rules * SMK_DIGITLEN: Length of a digit field in a rule. * SMK_CIPSOMIN: Minimum possible cipso rule length. * SMK_CIPSOMAX: Maximum possible cipso rule length.
*/ #define SMK_DIGITLEN 4 #define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN) #define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
/* * Values for parsing MAC rules * SMK_ACCESS: Maximum possible combination of access permissions * SMK_ACCESSLEN: Maximum length for a rule access field * SMK_LOADLEN: Smack rule length
*/ #define SMK_OACCESS "rwxa" #define SMK_ACCESS "rwxatl" #define SMK_OACCESSLEN (sizeof(SMK_OACCESS) - 1) #define SMK_ACCESSLEN (sizeof(SMK_ACCESS) - 1) #define SMK_OLOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN) #define SMK_LOADLEN (SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
/* * Strictly for CIPSO level manipulation. * Set the category bit number in a smack label sized buffer.
*/ staticinlinevoid smack_catset_bit(unsignedint cat, char *catsetp)
{ if (cat == 0 || cat > (SMK_CIPSOLEN * 8)) return;
/** * smk_netlabel_audit_set - fill a netlbl_audit struct * @nap: structure to fill
*/ staticvoid smk_netlabel_audit_set(struct netlbl_audit *nap)
{
nap->loginuid = audit_get_loginuid(current);
nap->sessionid = audit_get_sessionid(current);
nap->prop.smack.skp = smk_of_current();
}
/* * Value for parsing single label host rules * "1.2.3.4 X"
*/ #define SMK_NETLBLADDRMIN 9
/** * smk_set_access - add a rule to the rule list or replace an old rule * @srp: the rule to add or replace * @rule_list: the list of rules * @rule_lock: the rule list lock * * Looks through the current subject/object/access list for * the subject/object pair and replaces the access that was * there. If the pair isn't found add it with the specified * access. * * Returns 0 if nothing goes wrong or -ENOMEM if it fails * during the allocation of the new pair to add.
*/ staticint smk_set_access(struct smack_parsed_rule *srp, struct list_head *rule_list, struct mutex *rule_lock)
{ struct smack_rule *sp; int found = 0; int rc = 0;
mutex_lock(rule_lock);
/* * Because the object label is less likely to match * than the subject label check it first
*/
list_for_each_entry_rcu(sp, rule_list, list) { if (sp->smk_object == srp->smk_object &&
sp->smk_subject == srp->smk_subject) {
found = 1;
sp->smk_access |= srp->smk_access1;
sp->smk_access &= ~srp->smk_access2; break;
}
}
if (found == 0) {
sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL); if (sp == NULL) {
rc = -ENOMEM; goto out;
}
/** * smk_perm_from_str - parse smack accesses from a text string * @string: a text string that contains a Smack accesses code * * Returns an integer with respective bits set for specified accesses.
*/ staticint smk_perm_from_str(constchar *string)
{ int perm = 0; constchar *cp;
/** * smk_parse_rule - parse Smack rule from load string * @data: string to be parsed whose size is SMK_LOADLEN * @rule: Smack rule * @import: if non-zero, import labels * * Returns 0 on success, -1 on errors.
*/ staticint smk_parse_rule(constchar *data, struct smack_parsed_rule *rule, int import)
{ int rc;
rc = smk_fill_rule(data, data + SMK_LABELLEN,
data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
import, SMK_LABELLEN); return rc;
}
/** * smk_parse_long_rule - parse Smack rule from rule string * @data: string to be parsed, null terminated * @rule: Will be filled with Smack parsed rule * @import: if non-zero, import labels * @tokens: number of substrings expected in data * * Returns number of processed bytes on success, -ERRNO on failure.
*/ static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule, int import, int tokens)
{
ssize_t cnt = 0; char *tok[4]; int rc; int i;
/* * Parsing the rule in-place, filling all white-spaces with '\0'
*/ for (i = 0; i < tokens; ++i) { while (isspace(data[cnt]))
data[cnt++] = '\0';
if (data[cnt] == '\0') /* Unexpected end of data */ return -EINVAL;
tok[i] = data + cnt;
while (data[cnt] && !isspace(data[cnt]))
++cnt;
} while (isspace(data[cnt]))
data[cnt++] = '\0';
#define SMK_FIXED24_FMT 0 /* Fixed 24byte label format */ #define SMK_LONG_FMT 1 /* Variable long label format */ #define SMK_CHANGE_FMT 2 /* Rule modification format */ /** * smk_write_rules_list - write() for any /smack rule file * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start - must be 0 * @rule_list: the list of rules to write to * @rule_lock: lock for the rule list * @format: /smack/load or /smack/load2 or /smack/change-rule format. * * Get one smack access rule from above. * The format for SMK_LONG_FMT is: * "subject<whitespace>object<whitespace>access[<whitespace>...]" * The format for SMK_FIXED24_FMT is exactly: * "subject object rwxat" * The format for SMK_CHANGE_FMT is: * "subject<whitespace>object<whitespace> * acc_enable<whitespace>acc_disable[<whitespace>...]"
*/ static ssize_t smk_write_rules_list(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos, struct list_head *rule_list, struct mutex *rule_lock, int format)
{ struct smack_parsed_rule rule; char *data; int rc; int trunc = 0; int tokens;
ssize_t cnt = 0;
/* * No partial writes. * Enough data must be present.
*/ if (*ppos != 0) return -EINVAL;
if (format == SMK_FIXED24_FMT) { /* * Minor hack for backward compatibility
*/ if (count < SMK_OLOADLEN || count > SMK_LOADLEN) return -EINVAL;
} else { if (count >= PAGE_SIZE) {
count = PAGE_SIZE - 1;
trunc = 1;
}
}
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/* * In case of parsing only part of user buf, * avoid having partial rule at the data buffer
*/ if (trunc) { while (count > 0 && (data[count - 1] != '\n'))
--count; if (count == 0) {
rc = -EINVAL; goto out;
}
}
/* * Core logic for smackfs seq list operations.
*/
staticvoid *smk_seq_start(struct seq_file *s, loff_t *pos, struct list_head *head)
{ struct list_head *list; int i = *pos;
rcu_read_lock(); for (list = rcu_dereference(list_next_rcu(head));
list != head;
list = rcu_dereference(list_next_rcu(list))) { if (i-- == 0) return list;
}
staticvoid smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
{ char acc[SMK_NUM_ACCESS_TYPE + 1]; /* * Don't show any rules with label names too long for * interface file (/smack/load or /smack/load2) * because you should expect to be able to write * anything you read back.
*/ if (strlen(srp->smk_subject->smk_known) >= max ||
strlen(srp->smk_object->smk_known) >= max) return;
/** * smk_write_load - write() for /smack/load * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start - must be 0 *
*/ static ssize_t smk_write_load(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ /* * Must have privilege. * No partial writes. * Enough data must be present.
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
/* * Don't show a label that could not have been set using * /smack/cipso. This is in support of the notion that * anything read from /smack/cipso ought to be writeable * to /smack/cipso. * * /smack/cipso2 should be used instead.
*/ if (strlen(skp->smk_known) >= SMK_LABELLEN) return 0;
/** * smk_set_cipso - do the work for write() for cipso and cipso2 * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * @format: /smack/cipso or /smack/cipso2 * * Accepts only one cipso rule per write call. * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_set_cipso(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos, int format)
{ struct netlbl_lsm_catmap *old_cat; struct smack_known *skp; struct netlbl_lsm_secattr ncats; char mapcatset[SMK_CIPSOLEN]; int maplevel; unsignedint cat; int catlen;
ssize_t rc = -EINVAL; char *data = NULL; char *rule; int ret; int i;
/* * Must have privilege. * No partial writes. * Enough data must be present.
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM; if (*ppos != 0) return -EINVAL; if (format == SMK_FIXED24_FMT &&
(count < SMK_CIPSOMIN || count > SMK_CIPSOMAX)) return -EINVAL; if (count > PAGE_SIZE) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
rule = data; /* * Only allow one writer at a time. Writes should be * quite rare and small in any case.
*/
mutex_lock(&smack_cipso_lock);
/** * smk_write_cipso - write() for /smack/cipso * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Accepts only one cipso rule per write call. * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_cipso(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
}
/** * smk_write_cipso2 - write() for /smack/cipso2 * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Accepts only one cipso rule per write call. * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_cipso2(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
}
/** * smk_net4addr_insert - insert a new entry into the net4addrs list * @new : netlabel to insert * * This helper inserts netlabel in the smack_net4addrs list * sorted by netmask length (longest to smallest) * locked by &smk_net4addr_lock in smk_write_net4addr.
*/ staticvoid smk_net4addr_insert(struct smk_net4addr *new)
{ struct smk_net4addr *m; struct smk_net4addr *m_next;
if (list_empty(&smk_net4addr_list)) {
list_add_rcu(&new->list, &smk_net4addr_list); return;
}
m = list_entry_rcu(smk_net4addr_list.next, struct smk_net4addr, list);
/* the comparison '>' is a bit hacky, but works */ if (new->smk_masks > m->smk_masks) {
list_add_rcu(&new->list, &smk_net4addr_list); return;
}
/** * smk_write_net4addr - write() for /smack/netlabel * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Accepts only one net4addr per write call. * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_net4addr(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct smk_net4addr *snp; struct sockaddr_in newname; char *smack; struct smack_known *skp = NULL; char *data; char *host = (char *)&newname.sin_addr.s_addr; int rc; struct netlbl_audit audit_info; struct in_addr mask; unsignedint m; unsignedint masks; int found;
u32 mask_bits = (1<<31);
__be32 nsa;
u32 temp_mask;
/* * Must have privilege. * No partial writes. * Enough data must be present. * "<addr/mask, as a.b.c.d/e><space><label>" * "<addr, as a.b.c.d><space><label>"
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM; if (*ppos != 0) return -EINVAL; if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/* * If smack begins with '-', it is an option, don't import it
*/ if (smack[0] != '-') {
skp = smk_import_entry(smack, 0); if (IS_ERR(skp)) {
rc = PTR_ERR(skp); goto free_out;
}
} else { /* * Only the -CIPSO option is supported for IPv4
*/ if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) {
rc = -EINVAL; goto free_out;
}
}
newname.sin_addr.s_addr &= mask.s_addr; /* * Only allow one writer at a time. Writes should be * quite rare and small in any case.
*/
mutex_lock(&smk_net4addr_lock);
nsa = newname.sin_addr.s_addr; /* try to find if the prefix is already in the list */
found = 0;
list_for_each_entry_rcu(snp, &smk_net4addr_list, list) { if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) {
found = 1; break;
}
}
smk_netlabel_audit_set(&audit_info);
if (found == 0) {
snp = kzalloc(sizeof(*snp), GFP_KERNEL); if (snp == NULL)
rc = -ENOMEM; else {
rc = 0;
snp->smk_host.s_addr = newname.sin_addr.s_addr;
snp->smk_mask.s_addr = mask.s_addr;
snp->smk_label = skp;
snp->smk_masks = masks;
smk_net4addr_insert(snp);
}
} else { /* * Delete the unlabeled entry, only if the previous label * wasn't the special CIPSO option
*/ if (snp->smk_label != NULL)
rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
&snp->smk_host, &snp->smk_mask,
PF_INET, &audit_info); else
rc = 0;
snp->smk_label = skp;
}
/* * Now tell netlabel about the single label nature of * this host so that incoming packets get labeled. * but only if we didn't get the special CIPSO option
*/ if (rc == 0 && skp != NULL)
rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
&snp->smk_host, &snp->smk_mask, PF_INET,
snp->smk_label->smk_secid, &audit_info);
/** * smk_net6addr_insert - insert a new entry into the net6addrs list * @new : entry to insert * * This inserts an entry in the smack_net6addrs list * sorted by netmask length (longest to smallest) * locked by &smk_net6addr_lock in smk_write_net6addr.
*/ staticvoid smk_net6addr_insert(struct smk_net6addr *new)
{ struct smk_net6addr *m_next; struct smk_net6addr *m;
if (list_empty(&smk_net6addr_list)) {
list_add_rcu(&new->list, &smk_net6addr_list); return;
}
m = list_entry_rcu(smk_net6addr_list.next, struct smk_net6addr, list);
if (new->smk_masks > m->smk_masks) {
list_add_rcu(&new->list, &smk_net6addr_list); return;
}
/** * smk_write_net6addr - write() for /smack/netlabel * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Accepts only one net6addr per write call. * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_net6addr(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct smk_net6addr *snp; struct in6_addr newname; struct in6_addr fullmask; struct smack_known *skp = NULL; char *smack; char *data; int rc = 0; int found = 0; int i; unsignedint scanned[8]; unsignedint m; unsignedint mask = 128;
/* * Must have privilege. * No partial writes. * Enough data must be present. * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>" * "<addr, as a:b:c:d:e:f:g:h><space><label>"
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM; if (*ppos != 0) return -EINVAL; if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s",
&scanned[0], &scanned[1], &scanned[2], &scanned[3],
&scanned[4], &scanned[5], &scanned[6], &scanned[7],
&mask, smack); if (i != 10) {
i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s",
&scanned[0], &scanned[1], &scanned[2],
&scanned[3], &scanned[4], &scanned[5],
&scanned[6], &scanned[7], smack); if (i != 9) {
rc = -EINVAL; goto free_out;
}
} if (mask > 128) {
rc = -EINVAL; goto free_out;
} for (i = 0; i < 8; i++) { if (scanned[i] > 0xffff) {
rc = -EINVAL; goto free_out;
}
newname.s6_addr16[i] = htons(scanned[i]);
}
/* * If smack begins with '-', it is an option, don't import it
*/ if (smack[0] != '-') {
skp = smk_import_entry(smack, 0); if (IS_ERR(skp)) {
rc = PTR_ERR(skp); goto free_out;
}
} else { /* * Only -DELETE is supported for IPv6
*/ if (strcmp(smack, SMACK_DELETE_OPTION) != 0) {
rc = -EINVAL; goto free_out;
}
}
for (i = 0, m = mask; i < 8; i++) { if (m >= 16) {
fullmask.s6_addr16[i] = 0xffff;
m -= 16;
} elseif (m > 0) {
fullmask.s6_addr16[i] = (1 << m) - 1;
m = 0;
} else
fullmask.s6_addr16[i] = 0;
newname.s6_addr16[i] &= fullmask.s6_addr16[i];
}
/* * Only allow one writer at a time. Writes should be * quite rare and small in any case.
*/
mutex_lock(&smk_net6addr_lock); /* * Try to find the prefix in the list
*/
list_for_each_entry_rcu(snp, &smk_net6addr_list, list) { if (mask != snp->smk_masks) continue; for (found = 1, i = 0; i < 8; i++) { if (newname.s6_addr16[i] !=
snp->smk_host.s6_addr16[i]) {
found = 0; break;
}
} if (found == 1) break;
} if (found == 0) {
snp = kzalloc(sizeof(*snp), GFP_KERNEL); if (snp == NULL)
rc = -ENOMEM; else {
snp->smk_host = newname;
snp->smk_mask = fullmask;
snp->smk_masks = mask;
snp->smk_label = skp;
smk_net6addr_insert(snp);
}
} else {
snp->smk_label = skp;
}
/** * smk_read_doi - read() for /smack/doi * @filp: file pointer, not actually used * @buf: where to put the result * @count: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_doi(struct file *filp, char __user *buf,
size_t count, loff_t *ppos)
{ char temp[80];
ssize_t rc;
/** * smk_write_doi - write() for /smack/doi * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_doi(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ char temp[80]; int i;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
if (count >= sizeof(temp) || count == 0) return -EINVAL;
if (copy_from_user(temp, buf, count) != 0) return -EFAULT;
/** * smk_read_direct - read() for /smack/direct * @filp: file pointer, not actually used * @buf: where to put the result * @count: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_direct(struct file *filp, char __user *buf,
size_t count, loff_t *ppos)
{ char temp[80];
ssize_t rc;
/** * smk_write_direct - write() for /smack/direct * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_direct(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct smack_known *skp; char temp[80]; int i;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
if (count >= sizeof(temp) || count == 0) return -EINVAL;
if (copy_from_user(temp, buf, count) != 0) return -EFAULT;
temp[count] = '\0';
if (sscanf(temp, "%d", &i) != 1) return -EINVAL;
/* * Don't do anything if the value hasn't actually changed. * If it is changing reset the level on entries that were * set up to be direct when they were created.
*/ if (smack_cipso_direct != i) {
mutex_lock(&smack_known_lock);
list_for_each_entry_rcu(skp, &smack_known_list, list) if (skp->smk_netlabel.attr.mls.lvl ==
smack_cipso_direct)
skp->smk_netlabel.attr.mls.lvl = i;
smack_cipso_direct = i;
mutex_unlock(&smack_known_lock);
}
/** * smk_read_mapped - read() for /smack/mapped * @filp: file pointer, not actually used * @buf: where to put the result * @count: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
size_t count, loff_t *ppos)
{ char temp[80];
ssize_t rc;
/** * smk_write_mapped - write() for /smack/mapped * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_mapped(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct smack_known *skp; char temp[80]; int i;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
if (count >= sizeof(temp) || count == 0) return -EINVAL;
if (copy_from_user(temp, buf, count) != 0) return -EFAULT;
temp[count] = '\0';
if (sscanf(temp, "%d", &i) != 1) return -EINVAL;
/* * Don't do anything if the value hasn't actually changed. * If it is changing reset the level on entries that were * set up to be mapped when they were created.
*/ if (smack_cipso_mapped != i) {
mutex_lock(&smack_known_lock);
list_for_each_entry_rcu(skp, &smack_known_list, list) if (skp->smk_netlabel.attr.mls.lvl ==
smack_cipso_mapped)
skp->smk_netlabel.attr.mls.lvl = i;
smack_cipso_mapped = i;
mutex_unlock(&smack_known_lock);
}
/** * smk_read_ambient - read() for /smack/ambient * @filp: file pointer, not actually used * @buf: where to put the result * @cn: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
size_t cn, loff_t *ppos)
{
ssize_t rc; int asize;
if (*ppos != 0) return 0; /* * Being careful to avoid a problem in the case where * smack_net_ambient gets changed in midstream.
*/
mutex_lock(&smack_ambient_lock);
/** * smk_write_ambient - write() for /smack/ambient * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_ambient(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct smack_known *skp; char *oldambient; char *data; int rc = count;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
/* Enough data must be present */ if (count == 0 || count > PAGE_SIZE) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/** * smk_list_swap_rcu - swap public list with a private one in RCU-safe way * The caller must hold appropriate mutex to prevent concurrent modifications * to the public list. * Private list is assumed to be not accessible to other threads yet. * * @public: public list * @private: private list
*/ staticvoid smk_list_swap_rcu(struct list_head *public, struct list_head *private)
{ struct list_head *first, *last;
if (list_empty(public)) {
list_splice_init_rcu(private, public, synchronize_rcu);
} else { /* Remember public list before replacing it */
first = public->next;
last = public->prev;
/* Publish private list in place of public in RCU-safe way */
private->prev->next = public;
private->next->prev = public;
rcu_assign_pointer(public->next, private->next);
public->prev = private->prev;
synchronize_rcu();
/* When all readers are done with the old public list,
* attach it in place of private */
private->next = first;
private->prev = last;
first->prev = private;
last->next = private;
}
}
/** * smk_parse_label_list - parse list of Smack labels, separated by spaces * * @data: the string to parse * @list: destination list * * Returns zero on success or error code, as appropriate
*/ staticint smk_parse_label_list(char *data, struct list_head *list)
{ char *tok; struct smack_known *skp; struct smack_known_list_elem *sklep;
while ((tok = strsep(&data, " ")) != NULL) { if (!*tok) continue;
skp = smk_import_entry(tok, 0); if (IS_ERR(skp)) return PTR_ERR(skp);
sklep = kzalloc(sizeof(*sklep), GFP_KERNEL); if (sklep == NULL) return -ENOMEM;
/** * smk_destroy_label_list - destroy a list of smack_known_list_elem * @list: header pointer of the list to destroy
*/ void smk_destroy_label_list(struct list_head *list)
{ struct smack_known_list_elem *sklep; struct smack_known_list_elem *sklep2;
/** * smk_write_onlycap - write() for smackfs/onlycap * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_onlycap(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ char *data;
LIST_HEAD(list_tmp); int rc;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
if (count > PAGE_SIZE) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/* * Clear the smack_onlycap on invalid label errors. This means * that we can pass a null string to unset the onlycap value. * * Importing will also reject a label beginning with '-', * so "-usecapabilities" will also work. * * But do so only on invalid label, not on system errors. * The invalid label must be first to count as clearing attempt.
*/ if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
mutex_lock(&smack_onlycap_lock);
smk_list_swap_rcu(&smack_onlycap_list, &list_tmp);
mutex_unlock(&smack_onlycap_lock);
rc = count;
}
#ifdef CONFIG_SECURITY_SMACK_BRINGUP /** * smk_read_unconfined - read() for smackfs/unconfined * @filp: file pointer, not actually used * @buf: where to put the result * @cn: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_unconfined(struct file *filp, char __user *buf,
size_t cn, loff_t *ppos)
{ char *smack = "";
ssize_t rc = -EINVAL; int asize;
if (*ppos != 0) return 0;
if (smack_unconfined != NULL)
smack = smack_unconfined->smk_known;
/** * smk_write_unconfined - write() for smackfs/unconfined * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_unconfined(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ char *data; struct smack_known *skp; int rc = count;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
if (count > PAGE_SIZE) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/* * Clear the smack_unconfined on invalid label errors. This means * that we can pass a null string to unset the unconfined value. * * Importing will also reject a label beginning with '-', * so "-confine" will also work. * * But do so only on invalid label, not on system errors.
*/
skp = smk_import_entry(data, count); if (PTR_ERR(skp) == -EINVAL)
skp = NULL; elseif (IS_ERR(skp)) {
rc = PTR_ERR(skp); goto freeout;
}
#ifdef CONFIG_AUDIT /** * smk_read_logging - read() for /smack/logging * @filp: file pointer, not actually used * @buf: where to put the result * @count: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_logging(struct file *filp, char __user *buf,
size_t count, loff_t *ppos)
{ char temp[32];
ssize_t rc;
/** * smk_write_logging - write() for /smack/logging * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_logging(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ char temp[32]; int i;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
if (count >= sizeof(temp) || count == 0) return -EINVAL;
if (copy_from_user(temp, buf, count) != 0) return -EFAULT;
temp[count] = '\0';
if (sscanf(temp, "%d", &i) != 1) return -EINVAL; if (i < 0 || i > 3) return -EINVAL;
log_policy = i; return count;
}
/** * smk_write_load_self - write() for /smack/load-self * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start - must be 0 *
*/ static ssize_t smk_write_load_self(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct task_smack *tsp = smack_cred(current_cred());
/** * smk_user_access - handle access check transaction * @file: file pointer * @buf: data from user space * @count: bytes sent * @ppos: where to start - must be 0 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
*/ static ssize_t smk_user_access(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos, int format)
{ struct smack_parsed_rule rule; char *data; int res;
data = simple_transaction_get(file, buf, count); if (IS_ERR(data)) return PTR_ERR(data);
if (format == SMK_FIXED24_FMT) { if (count < SMK_LOADLEN) return -EINVAL;
res = smk_parse_rule(data, &rule, 0);
} else { /* * simple_transaction_get() returns null-terminated data
*/
res = smk_parse_long_rule(data, &rule, 0, 3);
}
if (res >= 0)
res = smk_access(rule.smk_subject, rule.smk_object,
rule.smk_access1, NULL); elseif (res != -ENOENT) return res;
/* * smk_access() can return a value > 0 in the "bringup" case.
*/
data[0] = res >= 0 ? '1' : '0';
data[1] = '\0';
simple_transaction_set(file, 2);
if (format == SMK_FIXED24_FMT) return SMK_LOADLEN; return count;
}
/** * smk_write_access - handle access check transaction * @file: file pointer * @buf: data from user space * @count: bytes sent * @ppos: where to start - must be 0
*/ static ssize_t smk_write_access(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
}
/** * smk_write_load2 - write() for /smack/load2 * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start - must be 0 *
*/ static ssize_t smk_write_load2(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ /* * Must have privilege.
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
/** * smk_write_load_self2 - write() for /smack/load-self2 * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start - must be 0 *
*/ static ssize_t smk_write_load_self2(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ struct task_smack *tsp = smack_cred(current_cred());
/** * smk_write_change_rule - write() for /smack/change-rule * @file: file pointer * @buf: data from user space * @count: bytes sent * @ppos: where to start - must be 0
*/ static ssize_t smk_write_change_rule(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ /* * Must have privilege.
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
/** * smk_read_syslog - read() for smackfs/syslog * @filp: file pointer, not actually used * @buf: where to put the result * @cn: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate
*/ static ssize_t smk_read_syslog(struct file *filp, char __user *buf,
size_t cn, loff_t *ppos)
{ struct smack_known *skp;
ssize_t rc = -EINVAL; int asize;
/** * smk_write_syslog - write() for smackfs/syslog * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate
*/ static ssize_t smk_write_syslog(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ char *data; struct smack_known *skp; int rc = count;
if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
/* Enough data must be present */ if (count == 0 || count > PAGE_SIZE) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/** * smk_write_relabel_self - write() for /smack/relabel-self * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start - must be 0 *
*/ static ssize_t smk_write_relabel_self(struct file *file, constchar __user *buf,
size_t count, loff_t *ppos)
{ char *data; int rc;
LIST_HEAD(list_tmp);
/* * Must have privilege.
*/ if (!smack_privileged(CAP_MAC_ADMIN)) return -EPERM;
/* * No partial write. * Enough data must be present.
*/ if (*ppos != 0) return -EINVAL; if (count == 0 || count > PAGE_SIZE) return -EINVAL;
data = memdup_user_nul(buf, count); if (IS_ERR(data)) return PTR_ERR(data);
/** * smk_read_ptrace - read() for /smack/ptrace
--> --------------------
--> maximum size reached
--> --------------------
Messung V0.5
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.24Bemerkung:
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
