Loading...
1/*
2 * security/tomoyo/securityfs_if.c
3 *
4 * Copyright (C) 2005-2011 NTT DATA CORPORATION
5 */
6
7#include <linux/security.h>
8#include "common.h"
9
10/**
11 * tomoyo_check_task_acl - Check permission for task operation.
12 *
13 * @r: Pointer to "struct tomoyo_request_info".
14 * @ptr: Pointer to "struct tomoyo_acl_info".
15 *
16 * Returns true if granted, false otherwise.
17 */
18static bool tomoyo_check_task_acl(struct tomoyo_request_info *r,
19 const struct tomoyo_acl_info *ptr)
20{
21 const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
22 head);
23 return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
24}
25
26/**
27 * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface.
28 *
29 * @file: Pointer to "struct file".
30 * @buf: Domainname to transit to.
31 * @count: Size of @buf.
32 * @ppos: Unused.
33 *
34 * Returns @count on success, negative value otherwise.
35 *
36 * If domain transition was permitted but the domain transition failed, this
37 * function returns error rather than terminating current thread with SIGKILL.
38 */
39static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
40 size_t count, loff_t *ppos)
41{
42 char *data;
43 int error;
44 if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
45 return -ENOMEM;
46 data = memdup_user_nul(buf, count);
47 if (IS_ERR(data))
48 return PTR_ERR(data);
49 tomoyo_normalize_line(data);
50 if (tomoyo_correct_domain(data)) {
51 const int idx = tomoyo_read_lock();
52 struct tomoyo_path_info name;
53 struct tomoyo_request_info r;
54 name.name = data;
55 tomoyo_fill_path_info(&name);
56 /* Check "task manual_domain_transition" permission. */
57 tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
58 r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL;
59 r.param.task.domainname = &name;
60 tomoyo_check_acl(&r, tomoyo_check_task_acl);
61 if (!r.granted)
62 error = -EPERM;
63 else {
64 struct tomoyo_domain_info *new_domain =
65 tomoyo_assign_domain(data, true);
66 if (!new_domain) {
67 error = -ENOENT;
68 } else {
69 struct cred *cred = prepare_creds();
70 if (!cred) {
71 error = -ENOMEM;
72 } else {
73 struct tomoyo_domain_info *old_domain =
74 cred->security;
75 cred->security = new_domain;
76 atomic_inc(&new_domain->users);
77 atomic_dec(&old_domain->users);
78 commit_creds(cred);
79 error = 0;
80 }
81 }
82 }
83 tomoyo_read_unlock(idx);
84 } else
85 error = -EINVAL;
86 kfree(data);
87 return error ? error : count;
88}
89
90/**
91 * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface.
92 *
93 * @file: Pointer to "struct file".
94 * @buf: Domainname which current thread belongs to.
95 * @count: Size of @buf.
96 * @ppos: Bytes read by now.
97 *
98 * Returns read size on success, negative value otherwise.
99 */
100static ssize_t tomoyo_read_self(struct file *file, char __user *buf,
101 size_t count, loff_t *ppos)
102{
103 const char *domain = tomoyo_domain()->domainname->name;
104 loff_t len = strlen(domain);
105 loff_t pos = *ppos;
106 if (pos >= len || !count)
107 return 0;
108 len -= pos;
109 if (count < len)
110 len = count;
111 if (copy_to_user(buf, domain + pos, len))
112 return -EFAULT;
113 *ppos += len;
114 return len;
115}
116
117/* Operations for /sys/kernel/security/tomoyo/self_domain interface. */
118static const struct file_operations tomoyo_self_operations = {
119 .write = tomoyo_write_self,
120 .read = tomoyo_read_self,
121};
122
123/**
124 * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
125 *
126 * @inode: Pointer to "struct inode".
127 * @file: Pointer to "struct file".
128 *
129 * Returns 0 on success, negative value otherwise.
130 */
131static int tomoyo_open(struct inode *inode, struct file *file)
132{
133 const int key = ((u8 *) file_inode(file)->i_private)
134 - ((u8 *) NULL);
135 return tomoyo_open_control(key, file);
136}
137
138/**
139 * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
140 *
141 * @file: Pointer to "struct file".
142 *
143 */
144static int tomoyo_release(struct inode *inode, struct file *file)
145{
146 tomoyo_close_control(file->private_data);
147 return 0;
148}
149
150/**
151 * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface.
152 *
153 * @file: Pointer to "struct file".
154 * @wait: Pointer to "poll_table". Maybe NULL.
155 *
156 * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write,
157 * POLLOUT | POLLWRNORM otherwise.
158 */
159static unsigned int tomoyo_poll(struct file *file, poll_table *wait)
160{
161 return tomoyo_poll_control(file, wait);
162}
163
164/**
165 * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface.
166 *
167 * @file: Pointer to "struct file".
168 * @buf: Pointer to buffer.
169 * @count: Size of @buf.
170 * @ppos: Unused.
171 *
172 * Returns bytes read on success, negative value otherwise.
173 */
174static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count,
175 loff_t *ppos)
176{
177 return tomoyo_read_control(file->private_data, buf, count);
178}
179
180/**
181 * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface.
182 *
183 * @file: Pointer to "struct file".
184 * @buf: Pointer to buffer.
185 * @count: Size of @buf.
186 * @ppos: Unused.
187 *
188 * Returns @count on success, negative value otherwise.
189 */
190static ssize_t tomoyo_write(struct file *file, const char __user *buf,
191 size_t count, loff_t *ppos)
192{
193 return tomoyo_write_control(file->private_data, buf, count);
194}
195
196/*
197 * tomoyo_operations is a "struct file_operations" which is used for handling
198 * /sys/kernel/security/tomoyo/ interface.
199 *
200 * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR).
201 * See tomoyo_io_buffer for internals.
202 */
203static const struct file_operations tomoyo_operations = {
204 .open = tomoyo_open,
205 .release = tomoyo_release,
206 .poll = tomoyo_poll,
207 .read = tomoyo_read,
208 .write = tomoyo_write,
209 .llseek = noop_llseek,
210};
211
212/**
213 * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory.
214 *
215 * @name: The name of the interface file.
216 * @mode: The permission of the interface file.
217 * @parent: The parent directory.
218 * @key: Type of interface.
219 *
220 * Returns nothing.
221 */
222static void __init tomoyo_create_entry(const char *name, const umode_t mode,
223 struct dentry *parent, const u8 key)
224{
225 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key,
226 &tomoyo_operations);
227}
228
229/**
230 * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface.
231 *
232 * Returns 0.
233 */
234static int __init tomoyo_initerface_init(void)
235{
236 struct dentry *tomoyo_dir;
237
238 /* Don't create securityfs entries unless registered. */
239 if (current_cred()->security != &tomoyo_kernel_domain)
240 return 0;
241
242 tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
243 tomoyo_create_entry("query", 0600, tomoyo_dir,
244 TOMOYO_QUERY);
245 tomoyo_create_entry("domain_policy", 0600, tomoyo_dir,
246 TOMOYO_DOMAINPOLICY);
247 tomoyo_create_entry("exception_policy", 0600, tomoyo_dir,
248 TOMOYO_EXCEPTIONPOLICY);
249 tomoyo_create_entry("audit", 0400, tomoyo_dir,
250 TOMOYO_AUDIT);
251 tomoyo_create_entry(".process_status", 0600, tomoyo_dir,
252 TOMOYO_PROCESS_STATUS);
253 tomoyo_create_entry("stat", 0644, tomoyo_dir,
254 TOMOYO_STAT);
255 tomoyo_create_entry("profile", 0600, tomoyo_dir,
256 TOMOYO_PROFILE);
257 tomoyo_create_entry("manager", 0600, tomoyo_dir,
258 TOMOYO_MANAGER);
259 tomoyo_create_entry("version", 0400, tomoyo_dir,
260 TOMOYO_VERSION);
261 securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL,
262 &tomoyo_self_operations);
263 tomoyo_load_builtin_policy();
264 return 0;
265}
266
267fs_initcall(tomoyo_initerface_init);
1/*
2 * security/tomoyo/securityfs_if.c
3 *
4 * Copyright (C) 2005-2011 NTT DATA CORPORATION
5 */
6
7#include <linux/security.h>
8#include "common.h"
9
10/**
11 * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
12 *
13 * @inode: Pointer to "struct inode".
14 * @file: Pointer to "struct file".
15 *
16 * Returns 0 on success, negative value otherwise.
17 */
18static int tomoyo_open(struct inode *inode, struct file *file)
19{
20 const int key = ((u8 *) file->f_path.dentry->d_inode->i_private)
21 - ((u8 *) NULL);
22 return tomoyo_open_control(key, file);
23}
24
25/**
26 * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
27 *
28 * @inode: Pointer to "struct inode".
29 * @file: Pointer to "struct file".
30 *
31 * Returns 0 on success, negative value otherwise.
32 */
33static int tomoyo_release(struct inode *inode, struct file *file)
34{
35 return tomoyo_close_control(file->private_data);
36}
37
38/**
39 * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface.
40 *
41 * @file: Pointer to "struct file".
42 * @wait: Pointer to "poll_table".
43 *
44 * Returns 0 on success, negative value otherwise.
45 */
46static unsigned int tomoyo_poll(struct file *file, poll_table *wait)
47{
48 return tomoyo_poll_control(file, wait);
49}
50
51/**
52 * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface.
53 *
54 * @file: Pointer to "struct file".
55 * @buf: Pointer to buffer.
56 * @count: Size of @buf.
57 * @ppos: Unused.
58 *
59 * Returns bytes read on success, negative value otherwise.
60 */
61static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count,
62 loff_t *ppos)
63{
64 return tomoyo_read_control(file->private_data, buf, count);
65}
66
67/**
68 * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface.
69 *
70 * @file: Pointer to "struct file".
71 * @buf: Pointer to buffer.
72 * @count: Size of @buf.
73 * @ppos: Unused.
74 *
75 * Returns @count on success, negative value otherwise.
76 */
77static ssize_t tomoyo_write(struct file *file, const char __user *buf,
78 size_t count, loff_t *ppos)
79{
80 return tomoyo_write_control(file->private_data, buf, count);
81}
82
83/*
84 * tomoyo_operations is a "struct file_operations" which is used for handling
85 * /sys/kernel/security/tomoyo/ interface.
86 *
87 * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR).
88 * See tomoyo_io_buffer for internals.
89 */
90static const struct file_operations tomoyo_operations = {
91 .open = tomoyo_open,
92 .release = tomoyo_release,
93 .poll = tomoyo_poll,
94 .read = tomoyo_read,
95 .write = tomoyo_write,
96 .llseek = noop_llseek,
97};
98
99/**
100 * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory.
101 *
102 * @name: The name of the interface file.
103 * @mode: The permission of the interface file.
104 * @parent: The parent directory.
105 * @key: Type of interface.
106 *
107 * Returns nothing.
108 */
109static void __init tomoyo_create_entry(const char *name, const mode_t mode,
110 struct dentry *parent, const u8 key)
111{
112 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key,
113 &tomoyo_operations);
114}
115
116/**
117 * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface.
118 *
119 * Returns 0.
120 */
121static int __init tomoyo_initerface_init(void)
122{
123 struct dentry *tomoyo_dir;
124
125 /* Don't create securityfs entries unless registered. */
126 if (current_cred()->security != &tomoyo_kernel_domain)
127 return 0;
128
129 tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
130 tomoyo_create_entry("query", 0600, tomoyo_dir,
131 TOMOYO_QUERY);
132 tomoyo_create_entry("domain_policy", 0600, tomoyo_dir,
133 TOMOYO_DOMAINPOLICY);
134 tomoyo_create_entry("exception_policy", 0600, tomoyo_dir,
135 TOMOYO_EXCEPTIONPOLICY);
136 tomoyo_create_entry("audit", 0400, tomoyo_dir,
137 TOMOYO_AUDIT);
138 tomoyo_create_entry("self_domain", 0400, tomoyo_dir,
139 TOMOYO_SELFDOMAIN);
140 tomoyo_create_entry(".process_status", 0600, tomoyo_dir,
141 TOMOYO_PROCESS_STATUS);
142 tomoyo_create_entry("stat", 0644, tomoyo_dir,
143 TOMOYO_STAT);
144 tomoyo_create_entry("profile", 0600, tomoyo_dir,
145 TOMOYO_PROFILE);
146 tomoyo_create_entry("manager", 0600, tomoyo_dir,
147 TOMOYO_MANAGER);
148 tomoyo_create_entry("version", 0400, tomoyo_dir,
149 TOMOYO_VERSION);
150 return 0;
151}
152
153fs_initcall(tomoyo_initerface_init);