diff options
author | Etienne Basset <etienne.basset@numericable.fr> | 2009-04-08 14:40:06 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-04-13 19:00:23 -0400 |
commit | ecfcc53fef3c357574bb6143dce6631e6d56295c (patch) | |
tree | d7bee04b64c5ad2ba0ed273bff2c8c7c98b3eee5 /security/smack/smack_lsm.c | |
parent | 6e837fb152410e571a81aaadbd9884f0bc46a55e (diff) |
smack: implement logging V3
the following patch, add logging of Smack security decisions.
This is of course very useful to understand what your current smack policy does.
As suggested by Casey, it also now forbids labels with ', " or \
It introduces a '/smack/logging' switch :
0: no logging
1: log denied (default)
2: log accepted
3: log denied&accepted
Signed-off-by: Etienne Basset <etienne.basset@numericable.fr>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/smack/smack_lsm.c')
-rw-r--r-- | security/smack/smack_lsm.c | 390 |
1 files changed, 298 insertions, 92 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 921514902eca..f557767911c9 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
@@ -30,7 +30,6 @@ | |||
30 | #include <net/netlabel.h> | 30 | #include <net/netlabel.h> |
31 | #include <net/cipso_ipv4.h> | 31 | #include <net/cipso_ipv4.h> |
32 | #include <linux/audit.h> | 32 | #include <linux/audit.h> |
33 | |||
34 | #include "smack.h" | 33 | #include "smack.h" |
35 | 34 | ||
36 | #define task_security(task) (task_cred_xxx((task), security)) | 35 | #define task_security(task) (task_cred_xxx((task), security)) |
@@ -103,14 +102,24 @@ struct inode_smack *new_inode_smack(char *smack) | |||
103 | static int smack_ptrace_may_access(struct task_struct *ctp, unsigned int mode) | 102 | static int smack_ptrace_may_access(struct task_struct *ctp, unsigned int mode) |
104 | { | 103 | { |
105 | int rc; | 104 | int rc; |
105 | struct smk_audit_info ad; | ||
106 | char *sp, *tsp; | ||
106 | 107 | ||
107 | rc = cap_ptrace_may_access(ctp, mode); | 108 | rc = cap_ptrace_may_access(ctp, mode); |
108 | if (rc != 0) | 109 | if (rc != 0) |
109 | return rc; | 110 | return rc; |
110 | 111 | ||
111 | rc = smk_access(current_security(), task_security(ctp), MAY_READWRITE); | 112 | sp = current_security(); |
113 | tsp = task_security(ctp); | ||
114 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); | ||
115 | smk_ad_setfield_u_tsk(&ad, ctp); | ||
116 | |||
117 | /* we won't log here, because rc can be overriden */ | ||
118 | rc = smk_access(sp, tsp, MAY_READWRITE, NULL); | ||
112 | if (rc != 0 && capable(CAP_MAC_OVERRIDE)) | 119 | if (rc != 0 && capable(CAP_MAC_OVERRIDE)) |
113 | return 0; | 120 | rc = 0; |
121 | |||
122 | smack_log(sp, tsp, MAY_READWRITE, rc, &ad); | ||
114 | return rc; | 123 | return rc; |
115 | } | 124 | } |
116 | 125 | ||
@@ -125,14 +134,24 @@ static int smack_ptrace_may_access(struct task_struct *ctp, unsigned int mode) | |||
125 | static int smack_ptrace_traceme(struct task_struct *ptp) | 134 | static int smack_ptrace_traceme(struct task_struct *ptp) |
126 | { | 135 | { |
127 | int rc; | 136 | int rc; |
137 | struct smk_audit_info ad; | ||
138 | char *sp, *tsp; | ||
128 | 139 | ||
129 | rc = cap_ptrace_traceme(ptp); | 140 | rc = cap_ptrace_traceme(ptp); |
130 | if (rc != 0) | 141 | if (rc != 0) |
131 | return rc; | 142 | return rc; |
132 | 143 | ||
133 | rc = smk_access(task_security(ptp), current_security(), MAY_READWRITE); | 144 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); |
145 | smk_ad_setfield_u_tsk(&ad, ptp); | ||
146 | |||
147 | sp = current_security(); | ||
148 | tsp = task_security(ptp); | ||
149 | /* we won't log here, because rc can be overriden */ | ||
150 | rc = smk_access(tsp, sp, MAY_READWRITE, NULL); | ||
134 | if (rc != 0 && has_capability(ptp, CAP_MAC_OVERRIDE)) | 151 | if (rc != 0 && has_capability(ptp, CAP_MAC_OVERRIDE)) |
135 | return 0; | 152 | rc = 0; |
153 | |||
154 | smack_log(tsp, sp, MAY_READWRITE, rc, &ad); | ||
136 | return rc; | 155 | return rc; |
137 | } | 156 | } |
138 | 157 | ||
@@ -327,8 +346,14 @@ static int smack_sb_kern_mount(struct super_block *sb, int flags, void *data) | |||
327 | static int smack_sb_statfs(struct dentry *dentry) | 346 | static int smack_sb_statfs(struct dentry *dentry) |
328 | { | 347 | { |
329 | struct superblock_smack *sbp = dentry->d_sb->s_security; | 348 | struct superblock_smack *sbp = dentry->d_sb->s_security; |
349 | int rc; | ||
350 | struct smk_audit_info ad; | ||
330 | 351 | ||
331 | return smk_curacc(sbp->smk_floor, MAY_READ); | 352 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); |
353 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
354 | |||
355 | rc = smk_curacc(sbp->smk_floor, MAY_READ, &ad); | ||
356 | return rc; | ||
332 | } | 357 | } |
333 | 358 | ||
334 | /** | 359 | /** |
@@ -346,8 +371,12 @@ static int smack_sb_mount(char *dev_name, struct path *path, | |||
346 | char *type, unsigned long flags, void *data) | 371 | char *type, unsigned long flags, void *data) |
347 | { | 372 | { |
348 | struct superblock_smack *sbp = path->mnt->mnt_sb->s_security; | 373 | struct superblock_smack *sbp = path->mnt->mnt_sb->s_security; |
374 | struct smk_audit_info ad; | ||
375 | |||
376 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
377 | smk_ad_setfield_u_fs_path(&ad, *path); | ||
349 | 378 | ||
350 | return smk_curacc(sbp->smk_floor, MAY_WRITE); | 379 | return smk_curacc(sbp->smk_floor, MAY_WRITE, &ad); |
351 | } | 380 | } |
352 | 381 | ||
353 | /** | 382 | /** |
@@ -361,10 +390,14 @@ static int smack_sb_mount(char *dev_name, struct path *path, | |||
361 | static int smack_sb_umount(struct vfsmount *mnt, int flags) | 390 | static int smack_sb_umount(struct vfsmount *mnt, int flags) |
362 | { | 391 | { |
363 | struct superblock_smack *sbp; | 392 | struct superblock_smack *sbp; |
393 | struct smk_audit_info ad; | ||
364 | 394 | ||
365 | sbp = mnt->mnt_sb->s_security; | 395 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); |
396 | smk_ad_setfield_u_fs_path_dentry(&ad, mnt->mnt_mountpoint); | ||
397 | smk_ad_setfield_u_fs_path_mnt(&ad, mnt); | ||
366 | 398 | ||
367 | return smk_curacc(sbp->smk_floor, MAY_WRITE); | 399 | sbp = mnt->mnt_sb->s_security; |
400 | return smk_curacc(sbp->smk_floor, MAY_WRITE, &ad); | ||
368 | } | 401 | } |
369 | 402 | ||
370 | /* | 403 | /* |
@@ -441,15 +474,20 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir, | |||
441 | static int smack_inode_link(struct dentry *old_dentry, struct inode *dir, | 474 | static int smack_inode_link(struct dentry *old_dentry, struct inode *dir, |
442 | struct dentry *new_dentry) | 475 | struct dentry *new_dentry) |
443 | { | 476 | { |
444 | int rc; | ||
445 | char *isp; | 477 | char *isp; |
478 | struct smk_audit_info ad; | ||
479 | int rc; | ||
480 | |||
481 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
482 | smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry); | ||
446 | 483 | ||
447 | isp = smk_of_inode(old_dentry->d_inode); | 484 | isp = smk_of_inode(old_dentry->d_inode); |
448 | rc = smk_curacc(isp, MAY_WRITE); | 485 | rc = smk_curacc(isp, MAY_WRITE, &ad); |
449 | 486 | ||
450 | if (rc == 0 && new_dentry->d_inode != NULL) { | 487 | if (rc == 0 && new_dentry->d_inode != NULL) { |
451 | isp = smk_of_inode(new_dentry->d_inode); | 488 | isp = smk_of_inode(new_dentry->d_inode); |
452 | rc = smk_curacc(isp, MAY_WRITE); | 489 | smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry); |
490 | rc = smk_curacc(isp, MAY_WRITE, &ad); | ||
453 | } | 491 | } |
454 | 492 | ||
455 | return rc; | 493 | return rc; |
@@ -466,18 +504,24 @@ static int smack_inode_link(struct dentry *old_dentry, struct inode *dir, | |||
466 | static int smack_inode_unlink(struct inode *dir, struct dentry *dentry) | 504 | static int smack_inode_unlink(struct inode *dir, struct dentry *dentry) |
467 | { | 505 | { |
468 | struct inode *ip = dentry->d_inode; | 506 | struct inode *ip = dentry->d_inode; |
507 | struct smk_audit_info ad; | ||
469 | int rc; | 508 | int rc; |
470 | 509 | ||
510 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
511 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
512 | |||
471 | /* | 513 | /* |
472 | * You need write access to the thing you're unlinking | 514 | * You need write access to the thing you're unlinking |
473 | */ | 515 | */ |
474 | rc = smk_curacc(smk_of_inode(ip), MAY_WRITE); | 516 | rc = smk_curacc(smk_of_inode(ip), MAY_WRITE, &ad); |
475 | if (rc == 0) | 517 | if (rc == 0) { |
476 | /* | 518 | /* |
477 | * You also need write access to the containing directory | 519 | * You also need write access to the containing directory |
478 | */ | 520 | */ |
479 | rc = smk_curacc(smk_of_inode(dir), MAY_WRITE); | 521 | smk_ad_setfield_u_fs_path_dentry(&ad, NULL); |
480 | 522 | smk_ad_setfield_u_fs_inode(&ad, dir); | |
523 | rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad); | ||
524 | } | ||
481 | return rc; | 525 | return rc; |
482 | } | 526 | } |
483 | 527 | ||
@@ -491,17 +535,24 @@ static int smack_inode_unlink(struct inode *dir, struct dentry *dentry) | |||
491 | */ | 535 | */ |
492 | static int smack_inode_rmdir(struct inode *dir, struct dentry *dentry) | 536 | static int smack_inode_rmdir(struct inode *dir, struct dentry *dentry) |
493 | { | 537 | { |
538 | struct smk_audit_info ad; | ||
494 | int rc; | 539 | int rc; |
495 | 540 | ||
541 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
542 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
543 | |||
496 | /* | 544 | /* |
497 | * You need write access to the thing you're removing | 545 | * You need write access to the thing you're removing |
498 | */ | 546 | */ |
499 | rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE); | 547 | rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad); |
500 | if (rc == 0) | 548 | if (rc == 0) { |
501 | /* | 549 | /* |
502 | * You also need write access to the containing directory | 550 | * You also need write access to the containing directory |
503 | */ | 551 | */ |
504 | rc = smk_curacc(smk_of_inode(dir), MAY_WRITE); | 552 | smk_ad_setfield_u_fs_path_dentry(&ad, NULL); |
553 | smk_ad_setfield_u_fs_inode(&ad, dir); | ||
554 | rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad); | ||
555 | } | ||
505 | 556 | ||
506 | return rc; | 557 | return rc; |
507 | } | 558 | } |
@@ -525,15 +576,19 @@ static int smack_inode_rename(struct inode *old_inode, | |||
525 | { | 576 | { |
526 | int rc; | 577 | int rc; |
527 | char *isp; | 578 | char *isp; |
579 | struct smk_audit_info ad; | ||
580 | |||
581 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
582 | smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry); | ||
528 | 583 | ||
529 | isp = smk_of_inode(old_dentry->d_inode); | 584 | isp = smk_of_inode(old_dentry->d_inode); |
530 | rc = smk_curacc(isp, MAY_READWRITE); | 585 | rc = smk_curacc(isp, MAY_READWRITE, &ad); |
531 | 586 | ||
532 | if (rc == 0 && new_dentry->d_inode != NULL) { | 587 | if (rc == 0 && new_dentry->d_inode != NULL) { |
533 | isp = smk_of_inode(new_dentry->d_inode); | 588 | isp = smk_of_inode(new_dentry->d_inode); |
534 | rc = smk_curacc(isp, MAY_READWRITE); | 589 | smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry); |
590 | rc = smk_curacc(isp, MAY_READWRITE, &ad); | ||
535 | } | 591 | } |
536 | |||
537 | return rc; | 592 | return rc; |
538 | } | 593 | } |
539 | 594 | ||
@@ -548,13 +603,15 @@ static int smack_inode_rename(struct inode *old_inode, | |||
548 | */ | 603 | */ |
549 | static int smack_inode_permission(struct inode *inode, int mask) | 604 | static int smack_inode_permission(struct inode *inode, int mask) |
550 | { | 605 | { |
606 | struct smk_audit_info ad; | ||
551 | /* | 607 | /* |
552 | * No permission to check. Existence test. Yup, it's there. | 608 | * No permission to check. Existence test. Yup, it's there. |
553 | */ | 609 | */ |
554 | if (mask == 0) | 610 | if (mask == 0) |
555 | return 0; | 611 | return 0; |
556 | 612 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | |
557 | return smk_curacc(smk_of_inode(inode), mask); | 613 | smk_ad_setfield_u_fs_inode(&ad, inode); |
614 | return smk_curacc(smk_of_inode(inode), mask, &ad); | ||
558 | } | 615 | } |
559 | 616 | ||
560 | /** | 617 | /** |
@@ -566,13 +623,16 @@ static int smack_inode_permission(struct inode *inode, int mask) | |||
566 | */ | 623 | */ |
567 | static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr) | 624 | static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr) |
568 | { | 625 | { |
626 | struct smk_audit_info ad; | ||
569 | /* | 627 | /* |
570 | * Need to allow for clearing the setuid bit. | 628 | * Need to allow for clearing the setuid bit. |
571 | */ | 629 | */ |
572 | if (iattr->ia_valid & ATTR_FORCE) | 630 | if (iattr->ia_valid & ATTR_FORCE) |
573 | return 0; | 631 | return 0; |
632 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
633 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
574 | 634 | ||
575 | return smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE); | 635 | return smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad); |
576 | } | 636 | } |
577 | 637 | ||
578 | /** | 638 | /** |
@@ -584,7 +644,12 @@ static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr) | |||
584 | */ | 644 | */ |
585 | static int smack_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) | 645 | static int smack_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) |
586 | { | 646 | { |
587 | return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ); | 647 | struct smk_audit_info ad; |
648 | |||
649 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
650 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
651 | smk_ad_setfield_u_fs_path_mnt(&ad, mnt); | ||
652 | return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad); | ||
588 | } | 653 | } |
589 | 654 | ||
590 | /** | 655 | /** |
@@ -602,6 +667,7 @@ static int smack_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) | |||
602 | static int smack_inode_setxattr(struct dentry *dentry, const char *name, | 667 | static int smack_inode_setxattr(struct dentry *dentry, const char *name, |
603 | const void *value, size_t size, int flags) | 668 | const void *value, size_t size, int flags) |
604 | { | 669 | { |
670 | struct smk_audit_info ad; | ||
605 | int rc = 0; | 671 | int rc = 0; |
606 | 672 | ||
607 | if (strcmp(name, XATTR_NAME_SMACK) == 0 || | 673 | if (strcmp(name, XATTR_NAME_SMACK) == 0 || |
@@ -615,8 +681,11 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name, | |||
615 | } else | 681 | } else |
616 | rc = cap_inode_setxattr(dentry, name, value, size, flags); | 682 | rc = cap_inode_setxattr(dentry, name, value, size, flags); |
617 | 683 | ||
684 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
685 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
686 | |||
618 | if (rc == 0) | 687 | if (rc == 0) |
619 | rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE); | 688 | rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad); |
620 | 689 | ||
621 | return rc; | 690 | return rc; |
622 | } | 691 | } |
@@ -671,7 +740,12 @@ static void smack_inode_post_setxattr(struct dentry *dentry, const char *name, | |||
671 | */ | 740 | */ |
672 | static int smack_inode_getxattr(struct dentry *dentry, const char *name) | 741 | static int smack_inode_getxattr(struct dentry *dentry, const char *name) |
673 | { | 742 | { |
674 | return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ); | 743 | struct smk_audit_info ad; |
744 | |||
745 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
746 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
747 | |||
748 | return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad); | ||
675 | } | 749 | } |
676 | 750 | ||
677 | /* | 751 | /* |
@@ -685,6 +759,7 @@ static int smack_inode_getxattr(struct dentry *dentry, const char *name) | |||
685 | */ | 759 | */ |
686 | static int smack_inode_removexattr(struct dentry *dentry, const char *name) | 760 | static int smack_inode_removexattr(struct dentry *dentry, const char *name) |
687 | { | 761 | { |
762 | struct smk_audit_info ad; | ||
688 | int rc = 0; | 763 | int rc = 0; |
689 | 764 | ||
690 | if (strcmp(name, XATTR_NAME_SMACK) == 0 || | 765 | if (strcmp(name, XATTR_NAME_SMACK) == 0 || |
@@ -695,8 +770,10 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) | |||
695 | } else | 770 | } else |
696 | rc = cap_inode_removexattr(dentry, name); | 771 | rc = cap_inode_removexattr(dentry, name); |
697 | 772 | ||
773 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
774 | smk_ad_setfield_u_fs_path_dentry(&ad, dentry); | ||
698 | if (rc == 0) | 775 | if (rc == 0) |
699 | rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE); | 776 | rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad); |
700 | 777 | ||
701 | return rc; | 778 | return rc; |
702 | } | 779 | } |
@@ -855,12 +932,16 @@ static int smack_file_ioctl(struct file *file, unsigned int cmd, | |||
855 | unsigned long arg) | 932 | unsigned long arg) |
856 | { | 933 | { |
857 | int rc = 0; | 934 | int rc = 0; |
935 | struct smk_audit_info ad; | ||
936 | |||
937 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
938 | smk_ad_setfield_u_fs_path(&ad, file->f_path); | ||
858 | 939 | ||
859 | if (_IOC_DIR(cmd) & _IOC_WRITE) | 940 | if (_IOC_DIR(cmd) & _IOC_WRITE) |
860 | rc = smk_curacc(file->f_security, MAY_WRITE); | 941 | rc = smk_curacc(file->f_security, MAY_WRITE, &ad); |
861 | 942 | ||
862 | if (rc == 0 && (_IOC_DIR(cmd) & _IOC_READ)) | 943 | if (rc == 0 && (_IOC_DIR(cmd) & _IOC_READ)) |
863 | rc = smk_curacc(file->f_security, MAY_READ); | 944 | rc = smk_curacc(file->f_security, MAY_READ, &ad); |
864 | 945 | ||
865 | return rc; | 946 | return rc; |
866 | } | 947 | } |
@@ -874,7 +955,11 @@ static int smack_file_ioctl(struct file *file, unsigned int cmd, | |||
874 | */ | 955 | */ |
875 | static int smack_file_lock(struct file *file, unsigned int cmd) | 956 | static int smack_file_lock(struct file *file, unsigned int cmd) |
876 | { | 957 | { |
877 | return smk_curacc(file->f_security, MAY_WRITE); | 958 | struct smk_audit_info ad; |
959 | |||
960 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
961 | smk_ad_setfield_u_fs_path_dentry(&ad, file->f_path.dentry); | ||
962 | return smk_curacc(file->f_security, MAY_WRITE, &ad); | ||
878 | } | 963 | } |
879 | 964 | ||
880 | /** | 965 | /** |
@@ -888,8 +973,12 @@ static int smack_file_lock(struct file *file, unsigned int cmd) | |||
888 | static int smack_file_fcntl(struct file *file, unsigned int cmd, | 973 | static int smack_file_fcntl(struct file *file, unsigned int cmd, |
889 | unsigned long arg) | 974 | unsigned long arg) |
890 | { | 975 | { |
976 | struct smk_audit_info ad; | ||
891 | int rc; | 977 | int rc; |
892 | 978 | ||
979 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | ||
980 | smk_ad_setfield_u_fs_path(&ad, file->f_path); | ||
981 | |||
893 | switch (cmd) { | 982 | switch (cmd) { |
894 | case F_DUPFD: | 983 | case F_DUPFD: |
895 | case F_GETFD: | 984 | case F_GETFD: |
@@ -897,7 +986,7 @@ static int smack_file_fcntl(struct file *file, unsigned int cmd, | |||
897 | case F_GETLK: | 986 | case F_GETLK: |
898 | case F_GETOWN: | 987 | case F_GETOWN: |
899 | case F_GETSIG: | 988 | case F_GETSIG: |
900 | rc = smk_curacc(file->f_security, MAY_READ); | 989 | rc = smk_curacc(file->f_security, MAY_READ, &ad); |
901 | break; | 990 | break; |
902 | case F_SETFD: | 991 | case F_SETFD: |
903 | case F_SETFL: | 992 | case F_SETFL: |
@@ -905,10 +994,10 @@ static int smack_file_fcntl(struct file *file, unsigned int cmd, | |||
905 | case F_SETLKW: | 994 | case F_SETLKW: |
906 | case F_SETOWN: | 995 | case F_SETOWN: |
907 | case F_SETSIG: | 996 | case F_SETSIG: |
908 | rc = smk_curacc(file->f_security, MAY_WRITE); | 997 | rc = smk_curacc(file->f_security, MAY_WRITE, &ad); |
909 | break; | 998 | break; |
910 | default: | 999 | default: |
911 | rc = smk_curacc(file->f_security, MAY_READWRITE); | 1000 | rc = smk_curacc(file->f_security, MAY_READWRITE, &ad); |
912 | } | 1001 | } |
913 | 1002 | ||
914 | return rc; | 1003 | return rc; |
@@ -943,14 +1032,21 @@ static int smack_file_send_sigiotask(struct task_struct *tsk, | |||
943 | { | 1032 | { |
944 | struct file *file; | 1033 | struct file *file; |
945 | int rc; | 1034 | int rc; |
1035 | char *tsp = tsk->cred->security; | ||
1036 | struct smk_audit_info ad; | ||
946 | 1037 | ||
947 | /* | 1038 | /* |
948 | * struct fown_struct is never outside the context of a struct file | 1039 | * struct fown_struct is never outside the context of a struct file |
949 | */ | 1040 | */ |
950 | file = container_of(fown, struct file, f_owner); | 1041 | file = container_of(fown, struct file, f_owner); |
951 | rc = smk_access(file->f_security, tsk->cred->security, MAY_WRITE); | 1042 | /* we don't log here as rc can be overriden */ |
1043 | rc = smk_access(file->f_security, tsp, MAY_WRITE, NULL); | ||
952 | if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE)) | 1044 | if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE)) |
953 | return 0; | 1045 | rc = 0; |
1046 | |||
1047 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); | ||
1048 | smk_ad_setfield_u_tsk(&ad, tsk); | ||
1049 | smack_log(file->f_security, tsp, MAY_WRITE, rc, &ad); | ||
954 | return rc; | 1050 | return rc; |
955 | } | 1051 | } |
956 | 1052 | ||
@@ -963,7 +1059,10 @@ static int smack_file_send_sigiotask(struct task_struct *tsk, | |||
963 | static int smack_file_receive(struct file *file) | 1059 | static int smack_file_receive(struct file *file) |
964 | { | 1060 | { |
965 | int may = 0; | 1061 | int may = 0; |
1062 | struct smk_audit_info ad; | ||
966 | 1063 | ||
1064 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); | ||
1065 | smk_ad_setfield_u_fs_path(&ad, file->f_path); | ||
967 | /* | 1066 | /* |
968 | * This code relies on bitmasks. | 1067 | * This code relies on bitmasks. |
969 | */ | 1068 | */ |
@@ -972,7 +1071,7 @@ static int smack_file_receive(struct file *file) | |||
972 | if (file->f_mode & FMODE_WRITE) | 1071 | if (file->f_mode & FMODE_WRITE) |
973 | may |= MAY_WRITE; | 1072 | may |= MAY_WRITE; |
974 | 1073 | ||
975 | return smk_curacc(file->f_security, may); | 1074 | return smk_curacc(file->f_security, may, &ad); |
976 | } | 1075 | } |
977 | 1076 | ||
978 | /* | 1077 | /* |
@@ -1052,6 +1151,22 @@ static int smack_kernel_create_files_as(struct cred *new, | |||
1052 | } | 1151 | } |
1053 | 1152 | ||
1054 | /** | 1153 | /** |
1154 | * smk_curacc_on_task - helper to log task related access | ||
1155 | * @p: the task object | ||
1156 | * @access : the access requested | ||
1157 | * | ||
1158 | * Return 0 if access is permitted | ||
1159 | */ | ||
1160 | static int smk_curacc_on_task(struct task_struct *p, int access) | ||
1161 | { | ||
1162 | struct smk_audit_info ad; | ||
1163 | |||
1164 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); | ||
1165 | smk_ad_setfield_u_tsk(&ad, p); | ||
1166 | return smk_curacc(task_security(p), access, &ad); | ||
1167 | } | ||
1168 | |||
1169 | /** | ||
1055 | * smack_task_setpgid - Smack check on setting pgid | 1170 | * smack_task_setpgid - Smack check on setting pgid |
1056 | * @p: the task object | 1171 | * @p: the task object |
1057 | * @pgid: unused | 1172 | * @pgid: unused |
@@ -1060,7 +1175,7 @@ static int smack_kernel_create_files_as(struct cred *new, | |||
1060 | */ | 1175 | */ |
1061 | static int smack_task_setpgid(struct task_struct *p, pid_t pgid) | 1176 | static int smack_task_setpgid(struct task_struct *p, pid_t pgid) |
1062 | { | 1177 | { |
1063 | return smk_curacc(task_security(p), MAY_WRITE); | 1178 | return smk_curacc_on_task(p, MAY_WRITE); |
1064 | } | 1179 | } |
1065 | 1180 | ||
1066 | /** | 1181 | /** |
@@ -1071,7 +1186,7 @@ static int smack_task_setpgid(struct task_struct *p, pid_t pgid) | |||
1071 | */ | 1186 | */ |
1072 | static int smack_task_getpgid(struct task_struct *p) | 1187 | static int smack_task_getpgid(struct task_struct *p) |
1073 | { | 1188 | { |
1074 | return smk_curacc(task_security(p), MAY_READ); | 1189 | return smk_curacc_on_task(p, MAY_READ); |
1075 | } | 1190 | } |
1076 | 1191 | ||
1077 | /** | 1192 | /** |
@@ -1082,7 +1197,7 @@ static int smack_task_getpgid(struct task_struct *p) | |||
1082 | */ | 1197 | */ |
1083 | static int smack_task_getsid(struct task_struct *p) | 1198 | static int smack_task_getsid(struct task_struct *p) |
1084 | { | 1199 | { |
1085 | return smk_curacc(task_security(p), MAY_READ); | 1200 | return smk_curacc_on_task(p, MAY_READ); |
1086 | } | 1201 | } |
1087 | 1202 | ||
1088 | /** | 1203 | /** |
@@ -1110,7 +1225,7 @@ static int smack_task_setnice(struct task_struct *p, int nice) | |||
1110 | 1225 | ||
1111 | rc = cap_task_setnice(p, nice); | 1226 | rc = cap_task_setnice(p, nice); |
1112 | if (rc == 0) | 1227 | if (rc == 0) |
1113 | rc = smk_curacc(task_security(p), MAY_WRITE); | 1228 | rc = smk_curacc_on_task(p, MAY_WRITE); |
1114 | return rc; | 1229 | return rc; |
1115 | } | 1230 | } |
1116 | 1231 | ||
@@ -1127,7 +1242,7 @@ static int smack_task_setioprio(struct task_struct *p, int ioprio) | |||
1127 | 1242 | ||
1128 | rc = cap_task_setioprio(p, ioprio); | 1243 | rc = cap_task_setioprio(p, ioprio); |
1129 | if (rc == 0) | 1244 | if (rc == 0) |
1130 | rc = smk_curacc(task_security(p), MAY_WRITE); | 1245 | rc = smk_curacc_on_task(p, MAY_WRITE); |
1131 | return rc; | 1246 | return rc; |
1132 | } | 1247 | } |
1133 | 1248 | ||
@@ -1139,7 +1254,7 @@ static int smack_task_setioprio(struct task_struct *p, int ioprio) | |||
1139 | */ | 1254 | */ |
1140 | static int smack_task_getioprio(struct task_struct *p) | 1255 | static int smack_task_getioprio(struct task_struct *p) |
1141 | { | 1256 | { |
1142 | return smk_curacc(task_security(p), MAY_READ); | 1257 | return smk_curacc_on_task(p, MAY_READ); |
1143 | } | 1258 | } |
1144 | 1259 | ||
1145 | /** | 1260 | /** |
@@ -1157,7 +1272,7 @@ static int smack_task_setscheduler(struct task_struct *p, int policy, | |||
1157 | 1272 | ||
1158 | rc = cap_task_setscheduler(p, policy, lp); | 1273 | rc = cap_task_setscheduler(p, policy, lp); |
1159 | if (rc == 0) | 1274 | if (rc == 0) |
1160 | rc = smk_curacc(task_security(p), MAY_WRITE); | 1275 | rc = smk_curacc_on_task(p, MAY_WRITE); |
1161 | return rc; | 1276 | return rc; |
1162 | } | 1277 | } |
1163 | 1278 | ||
@@ -1169,7 +1284,7 @@ static int smack_task_setscheduler(struct task_struct *p, int policy, | |||
1169 | */ | 1284 | */ |
1170 | static int smack_task_getscheduler(struct task_struct *p) | 1285 | static int smack_task_getscheduler(struct task_struct *p) |
1171 | { | 1286 | { |
1172 | return smk_curacc(task_security(p), MAY_READ); | 1287 | return smk_curacc_on_task(p, MAY_READ); |
1173 | } | 1288 | } |
1174 | 1289 | ||
1175 | /** | 1290 | /** |
@@ -1180,7 +1295,7 @@ static int smack_task_getscheduler(struct task_struct *p) | |||
1180 | */ | 1295 | */ |
1181 | static int smack_task_movememory(struct task_struct *p) | 1296 | static int smack_task_movememory(struct task_struct *p) |
1182 | { | 1297 | { |
1183 | return smk_curacc(task_security(p), MAY_WRITE); | 1298 | return smk_curacc_on_task(p, MAY_WRITE); |
1184 | } | 1299 | } |
1185 | 1300 | ||
1186 | /** | 1301 | /** |
@@ -1198,18 +1313,23 @@ static int smack_task_movememory(struct task_struct *p) | |||
1198 | static int smack_task_kill(struct task_struct *p, struct siginfo *info, | 1313 | static int smack_task_kill(struct task_struct *p, struct siginfo *info, |
1199 | int sig, u32 secid) | 1314 | int sig, u32 secid) |
1200 | { | 1315 | { |
1316 | struct smk_audit_info ad; | ||
1317 | |||
1318 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); | ||
1319 | smk_ad_setfield_u_tsk(&ad, p); | ||
1201 | /* | 1320 | /* |
1202 | * Sending a signal requires that the sender | 1321 | * Sending a signal requires that the sender |
1203 | * can write the receiver. | 1322 | * can write the receiver. |
1204 | */ | 1323 | */ |
1205 | if (secid == 0) | 1324 | if (secid == 0) |
1206 | return smk_curacc(task_security(p), MAY_WRITE); | 1325 | return smk_curacc(task_security(p), MAY_WRITE, &ad); |
1207 | /* | 1326 | /* |
1208 | * If the secid isn't 0 we're dealing with some USB IO | 1327 | * If the secid isn't 0 we're dealing with some USB IO |
1209 | * specific behavior. This is not clean. For one thing | 1328 | * specific behavior. This is not clean. For one thing |
1210 | * we can't take privilege into account. | 1329 | * we can't take privilege into account. |
1211 | */ | 1330 | */ |
1212 | return smk_access(smack_from_secid(secid), task_security(p), MAY_WRITE); | 1331 | return smk_access(smack_from_secid(secid), task_security(p), |
1332 | MAY_WRITE, &ad); | ||
1213 | } | 1333 | } |
1214 | 1334 | ||
1215 | /** | 1335 | /** |
@@ -1220,11 +1340,15 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info, | |||
1220 | */ | 1340 | */ |
1221 | static int smack_task_wait(struct task_struct *p) | 1341 | static int smack_task_wait(struct task_struct *p) |
1222 | { | 1342 | { |
1343 | struct smk_audit_info ad; | ||
1344 | char *sp = current_security(); | ||
1345 | char *tsp = task_security(p); | ||
1223 | int rc; | 1346 | int rc; |
1224 | 1347 | ||
1225 | rc = smk_access(current_security(), task_security(p), MAY_WRITE); | 1348 | /* we don't log here, we can be overriden */ |
1349 | rc = smk_access(sp, tsp, MAY_WRITE, NULL); | ||
1226 | if (rc == 0) | 1350 | if (rc == 0) |
1227 | return 0; | 1351 | goto out_log; |
1228 | 1352 | ||
1229 | /* | 1353 | /* |
1230 | * Allow the operation to succeed if either task | 1354 | * Allow the operation to succeed if either task |
@@ -1238,8 +1362,12 @@ static int smack_task_wait(struct task_struct *p) | |||
1238 | * the smack value. | 1362 | * the smack value. |
1239 | */ | 1363 | */ |
1240 | if (capable(CAP_MAC_OVERRIDE) || has_capability(p, CAP_MAC_OVERRIDE)) | 1364 | if (capable(CAP_MAC_OVERRIDE) || has_capability(p, CAP_MAC_OVERRIDE)) |
1241 | return 0; | 1365 | rc = 0; |
1242 | 1366 | /* we log only if we didn't get overriden */ | |
1367 | out_log: | ||
1368 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); | ||
1369 | smk_ad_setfield_u_tsk(&ad, p); | ||
1370 | smack_log(sp, tsp, MAY_WRITE, rc, &ad); | ||
1243 | return rc; | 1371 | return rc; |
1244 | } | 1372 | } |
1245 | 1373 | ||
@@ -1455,12 +1583,19 @@ static int smack_netlabel_send(struct sock *sk, struct sockaddr_in *sap) | |||
1455 | int sk_lbl; | 1583 | int sk_lbl; |
1456 | char *hostsp; | 1584 | char *hostsp; |
1457 | struct socket_smack *ssp = sk->sk_security; | 1585 | struct socket_smack *ssp = sk->sk_security; |
1586 | struct smk_audit_info ad; | ||
1458 | 1587 | ||
1459 | rcu_read_lock(); | 1588 | rcu_read_lock(); |
1460 | hostsp = smack_host_label(sap); | 1589 | hostsp = smack_host_label(sap); |
1461 | if (hostsp != NULL) { | 1590 | if (hostsp != NULL) { |
1462 | sk_lbl = SMACK_UNLABELED_SOCKET; | 1591 | sk_lbl = SMACK_UNLABELED_SOCKET; |
1463 | rc = smk_access(ssp->smk_out, hostsp, MAY_WRITE); | 1592 | #ifdef CONFIG_AUDIT |
1593 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); | ||
1594 | ad.a.u.net.family = sap->sin_family; | ||
1595 | ad.a.u.net.dport = sap->sin_port; | ||
1596 | ad.a.u.net.v4info.daddr = sap->sin_addr.s_addr; | ||
1597 | #endif | ||
1598 | rc = smk_access(ssp->smk_out, hostsp, MAY_WRITE, &ad); | ||
1464 | } else { | 1599 | } else { |
1465 | sk_lbl = SMACK_CIPSO_SOCKET; | 1600 | sk_lbl = SMACK_CIPSO_SOCKET; |
1466 | rc = 0; | 1601 | rc = 0; |
@@ -1656,6 +1791,25 @@ static void smack_shm_free_security(struct shmid_kernel *shp) | |||
1656 | } | 1791 | } |
1657 | 1792 | ||
1658 | /** | 1793 | /** |
1794 | * smk_curacc_shm : check if current has access on shm | ||
1795 | * @shp : the object | ||
1796 | * @access : access requested | ||
1797 | * | ||
1798 | * Returns 0 if current has the requested access, error code otherwise | ||
1799 | */ | ||
1800 | static int smk_curacc_shm(struct shmid_kernel *shp, int access) | ||
1801 | { | ||
1802 | char *ssp = smack_of_shm(shp); | ||
1803 | struct smk_audit_info ad; | ||
1804 | |||
1805 | #ifdef CONFIG_AUDIT | ||
1806 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); | ||
1807 | ad.a.u.ipc_id = shp->shm_perm.id; | ||
1808 | #endif | ||
1809 | return smk_curacc(ssp, access, &ad); | ||
1810 | } | ||
1811 | |||
1812 | /** | ||
1659 | * smack_shm_associate - Smack access check for shm | 1813 | * smack_shm_associate - Smack access check for shm |
1660 | * @shp: the object | 1814 | * @shp: the object |
1661 | * @shmflg: access requested | 1815 | * @shmflg: access requested |
@@ -1664,11 +1818,10 @@ static void smack_shm_free_security(struct shmid_kernel *shp) | |||
1664 | */ | 1818 | */ |
1665 | static int smack_shm_associate(struct shmid_kernel *shp, int shmflg) | 1819 | static int smack_shm_associate(struct shmid_kernel *shp, int shmflg) |
1666 | { | 1820 | { |
1667 | char *ssp = smack_of_shm(shp); | ||
1668 | int may; | 1821 | int may; |
1669 | 1822 | ||
1670 | may = smack_flags_to_may(shmflg); | 1823 | may = smack_flags_to_may(shmflg); |
1671 | return smk_curacc(ssp, may); | 1824 | return smk_curacc_shm(shp, may); |
1672 | } | 1825 | } |
1673 | 1826 | ||
1674 | /** | 1827 | /** |
@@ -1680,7 +1833,6 @@ static int smack_shm_associate(struct shmid_kernel *shp, int shmflg) | |||
1680 | */ | 1833 | */ |
1681 | static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) | 1834 | static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) |
1682 | { | 1835 | { |
1683 | char *ssp; | ||
1684 | int may; | 1836 | int may; |
1685 | 1837 | ||
1686 | switch (cmd) { | 1838 | switch (cmd) { |
@@ -1703,9 +1855,7 @@ static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) | |||
1703 | default: | 1855 | default: |
1704 | return -EINVAL; | 1856 | return -EINVAL; |
1705 | } | 1857 | } |
1706 | 1858 | return smk_curacc_shm(shp, may); | |
1707 | ssp = smack_of_shm(shp); | ||
1708 | return smk_curacc(ssp, may); | ||
1709 | } | 1859 | } |
1710 | 1860 | ||
1711 | /** | 1861 | /** |
@@ -1719,11 +1869,10 @@ static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) | |||
1719 | static int smack_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, | 1869 | static int smack_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, |
1720 | int shmflg) | 1870 | int shmflg) |
1721 | { | 1871 | { |
1722 | char *ssp = smack_of_shm(shp); | ||
1723 | int may; | 1872 | int may; |
1724 | 1873 | ||
1725 | may = smack_flags_to_may(shmflg); | 1874 | may = smack_flags_to_may(shmflg); |
1726 | return smk_curacc(ssp, may); | 1875 | return smk_curacc_shm(shp, may); |
1727 | } | 1876 | } |
1728 | 1877 | ||
1729 | /** | 1878 | /** |
@@ -1765,6 +1914,25 @@ static void smack_sem_free_security(struct sem_array *sma) | |||
1765 | } | 1914 | } |
1766 | 1915 | ||
1767 | /** | 1916 | /** |
1917 | * smk_curacc_sem : check if current has access on sem | ||
1918 | * @sma : the object | ||
1919 | * @access : access requested | ||
1920 | * | ||
1921 | * Returns 0 if current has the requested access, error code otherwise | ||
1922 | */ | ||
1923 | static int smk_curacc_sem(struct sem_array *sma, int access) | ||
1924 | { | ||
1925 | char *ssp = smack_of_sem(sma); | ||
1926 | struct smk_audit_info ad; | ||
1927 | |||
1928 | #ifdef CONFIG_AUDIT | ||
1929 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); | ||
1930 | ad.a.u.ipc_id = sma->sem_perm.id; | ||
1931 | #endif | ||
1932 | return smk_curacc(ssp, access, &ad); | ||
1933 | } | ||
1934 | |||
1935 | /** | ||
1768 | * smack_sem_associate - Smack access check for sem | 1936 | * smack_sem_associate - Smack access check for sem |
1769 | * @sma: the object | 1937 | * @sma: the object |
1770 | * @semflg: access requested | 1938 | * @semflg: access requested |
@@ -1773,11 +1941,10 @@ static void smack_sem_free_security(struct sem_array *sma) | |||
1773 | */ | 1941 | */ |
1774 | static int smack_sem_associate(struct sem_array *sma, int semflg) | 1942 | static int smack_sem_associate(struct sem_array *sma, int semflg) |
1775 | { | 1943 | { |
1776 | char *ssp = smack_of_sem(sma); | ||
1777 | int may; | 1944 | int may; |
1778 | 1945 | ||
1779 | may = smack_flags_to_may(semflg); | 1946 | may = smack_flags_to_may(semflg); |
1780 | return smk_curacc(ssp, may); | 1947 | return smk_curacc_sem(sma, may); |
1781 | } | 1948 | } |
1782 | 1949 | ||
1783 | /** | 1950 | /** |
@@ -1789,7 +1956,6 @@ static int smack_sem_associate(struct sem_array *sma, int semflg) | |||
1789 | */ | 1956 | */ |
1790 | static int smack_sem_semctl(struct sem_array *sma, int cmd) | 1957 | static int smack_sem_semctl(struct sem_array *sma, int cmd) |
1791 | { | 1958 | { |
1792 | char *ssp; | ||
1793 | int may; | 1959 | int may; |
1794 | 1960 | ||
1795 | switch (cmd) { | 1961 | switch (cmd) { |
@@ -1818,8 +1984,7 @@ static int smack_sem_semctl(struct sem_array *sma, int cmd) | |||
1818 | return -EINVAL; | 1984 | return -EINVAL; |
1819 | } | 1985 | } |
1820 | 1986 | ||
1821 | ssp = smack_of_sem(sma); | 1987 | return smk_curacc_sem(sma, may); |
1822 | return smk_curacc(ssp, may); | ||
1823 | } | 1988 | } |
1824 | 1989 | ||
1825 | /** | 1990 | /** |
@@ -1836,9 +2001,7 @@ static int smack_sem_semctl(struct sem_array *sma, int cmd) | |||
1836 | static int smack_sem_semop(struct sem_array *sma, struct sembuf *sops, | 2001 | static int smack_sem_semop(struct sem_array *sma, struct sembuf *sops, |
1837 | unsigned nsops, int alter) | 2002 | unsigned nsops, int alter) |
1838 | { | 2003 | { |
1839 | char *ssp = smack_of_sem(sma); | 2004 | return smk_curacc_sem(sma, MAY_READWRITE); |
1840 | |||
1841 | return smk_curacc(ssp, MAY_READWRITE); | ||
1842 | } | 2005 | } |
1843 | 2006 | ||
1844 | /** | 2007 | /** |
@@ -1880,6 +2043,25 @@ static char *smack_of_msq(struct msg_queue *msq) | |||
1880 | } | 2043 | } |
1881 | 2044 | ||
1882 | /** | 2045 | /** |
2046 | * smk_curacc_msq : helper to check if current has access on msq | ||
2047 | * @msq : the msq | ||
2048 | * @access : access requested | ||
2049 | * | ||
2050 | * return 0 if current has access, error otherwise | ||
2051 | */ | ||
2052 | static int smk_curacc_msq(struct msg_queue *msq, int access) | ||
2053 | { | ||
2054 | char *msp = smack_of_msq(msq); | ||
2055 | struct smk_audit_info ad; | ||
2056 | |||
2057 | #ifdef CONFIG_AUDIT | ||
2058 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); | ||
2059 | ad.a.u.ipc_id = msq->q_perm.id; | ||
2060 | #endif | ||
2061 | return smk_curacc(msp, access, &ad); | ||
2062 | } | ||
2063 | |||
2064 | /** | ||
1883 | * smack_msg_queue_associate - Smack access check for msg_queue | 2065 | * smack_msg_queue_associate - Smack access check for msg_queue |
1884 | * @msq: the object | 2066 | * @msq: the object |
1885 | * @msqflg: access requested | 2067 | * @msqflg: access requested |
@@ -1888,11 +2070,10 @@ static char *smack_of_msq(struct msg_queue *msq) | |||
1888 | */ | 2070 | */ |
1889 | static int smack_msg_queue_associate(struct msg_queue *msq, int msqflg) | 2071 | static int smack_msg_queue_associate(struct msg_queue *msq, int msqflg) |
1890 | { | 2072 | { |
1891 | char *msp = smack_of_msq(msq); | ||
1892 | int may; | 2073 | int may; |
1893 | 2074 | ||
1894 | may = smack_flags_to_may(msqflg); | 2075 | may = smack_flags_to_may(msqflg); |
1895 | return smk_curacc(msp, may); | 2076 | return smk_curacc_msq(msq, may); |
1896 | } | 2077 | } |
1897 | 2078 | ||
1898 | /** | 2079 | /** |
@@ -1904,7 +2085,6 @@ static int smack_msg_queue_associate(struct msg_queue *msq, int msqflg) | |||
1904 | */ | 2085 | */ |
1905 | static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) | 2086 | static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) |
1906 | { | 2087 | { |
1907 | char *msp; | ||
1908 | int may; | 2088 | int may; |
1909 | 2089 | ||
1910 | switch (cmd) { | 2090 | switch (cmd) { |
@@ -1926,8 +2106,7 @@ static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) | |||
1926 | return -EINVAL; | 2106 | return -EINVAL; |
1927 | } | 2107 | } |
1928 | 2108 | ||
1929 | msp = smack_of_msq(msq); | 2109 | return smk_curacc_msq(msq, may); |
1930 | return smk_curacc(msp, may); | ||
1931 | } | 2110 | } |
1932 | 2111 | ||
1933 | /** | 2112 | /** |
@@ -1941,11 +2120,10 @@ static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) | |||
1941 | static int smack_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, | 2120 | static int smack_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, |
1942 | int msqflg) | 2121 | int msqflg) |
1943 | { | 2122 | { |
1944 | char *msp = smack_of_msq(msq); | 2123 | int may; |
1945 | int rc; | ||
1946 | 2124 | ||
1947 | rc = smack_flags_to_may(msqflg); | 2125 | may = smack_flags_to_may(msqflg); |
1948 | return smk_curacc(msp, rc); | 2126 | return smk_curacc_msq(msq, may); |
1949 | } | 2127 | } |
1950 | 2128 | ||
1951 | /** | 2129 | /** |
@@ -1961,9 +2139,7 @@ static int smack_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg, | |||
1961 | static int smack_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, | 2139 | static int smack_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, |
1962 | struct task_struct *target, long type, int mode) | 2140 | struct task_struct *target, long type, int mode) |
1963 | { | 2141 | { |
1964 | char *msp = smack_of_msq(msq); | 2142 | return smk_curacc_msq(msq, MAY_READWRITE); |
1965 | |||
1966 | return smk_curacc(msp, MAY_READWRITE); | ||
1967 | } | 2143 | } |
1968 | 2144 | ||
1969 | /** | 2145 | /** |
@@ -1976,10 +2152,14 @@ static int smack_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, | |||
1976 | static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) | 2152 | static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag) |
1977 | { | 2153 | { |
1978 | char *isp = ipp->security; | 2154 | char *isp = ipp->security; |
1979 | int may; | 2155 | int may = smack_flags_to_may(flag); |
2156 | struct smk_audit_info ad; | ||
1980 | 2157 | ||
1981 | may = smack_flags_to_may(flag); | 2158 | #ifdef CONFIG_AUDIT |
1982 | return smk_curacc(isp, may); | 2159 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC); |
2160 | ad.a.u.ipc_id = ipp->id; | ||
2161 | #endif | ||
2162 | return smk_curacc(isp, may, &ad); | ||
1983 | } | 2163 | } |
1984 | 2164 | ||
1985 | /** | 2165 | /** |
@@ -2238,8 +2418,12 @@ static int smack_unix_stream_connect(struct socket *sock, | |||
2238 | { | 2418 | { |
2239 | struct inode *sp = SOCK_INODE(sock); | 2419 | struct inode *sp = SOCK_INODE(sock); |
2240 | struct inode *op = SOCK_INODE(other); | 2420 | struct inode *op = SOCK_INODE(other); |
2421 | struct smk_audit_info ad; | ||
2241 | 2422 | ||
2242 | return smk_access(smk_of_inode(sp), smk_of_inode(op), MAY_READWRITE); | 2423 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); |
2424 | smk_ad_setfield_u_net_sk(&ad, other->sk); | ||
2425 | return smk_access(smk_of_inode(sp), smk_of_inode(op), | ||
2426 | MAY_READWRITE, &ad); | ||
2243 | } | 2427 | } |
2244 | 2428 | ||
2245 | /** | 2429 | /** |
@@ -2254,8 +2438,11 @@ static int smack_unix_may_send(struct socket *sock, struct socket *other) | |||
2254 | { | 2438 | { |
2255 | struct inode *sp = SOCK_INODE(sock); | 2439 | struct inode *sp = SOCK_INODE(sock); |
2256 | struct inode *op = SOCK_INODE(other); | 2440 | struct inode *op = SOCK_INODE(other); |
2441 | struct smk_audit_info ad; | ||
2257 | 2442 | ||
2258 | return smk_access(smk_of_inode(sp), smk_of_inode(op), MAY_WRITE); | 2443 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); |
2444 | smk_ad_setfield_u_net_sk(&ad, other->sk); | ||
2445 | return smk_access(smk_of_inode(sp), smk_of_inode(op), MAY_WRITE, &ad); | ||
2259 | } | 2446 | } |
2260 | 2447 | ||
2261 | /** | 2448 | /** |
@@ -2370,7 +2557,7 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) | |||
2370 | char smack[SMK_LABELLEN]; | 2557 | char smack[SMK_LABELLEN]; |
2371 | char *csp; | 2558 | char *csp; |
2372 | int rc; | 2559 | int rc; |
2373 | 2560 | struct smk_audit_info ad; | |
2374 | if (sk->sk_family != PF_INET && sk->sk_family != PF_INET6) | 2561 | if (sk->sk_family != PF_INET && sk->sk_family != PF_INET6) |
2375 | return 0; | 2562 | return 0; |
2376 | 2563 | ||
@@ -2388,13 +2575,19 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) | |||
2388 | 2575 | ||
2389 | netlbl_secattr_destroy(&secattr); | 2576 | netlbl_secattr_destroy(&secattr); |
2390 | 2577 | ||
2578 | #ifdef CONFIG_AUDIT | ||
2579 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); | ||
2580 | ad.a.u.net.family = sk->sk_family; | ||
2581 | ad.a.u.net.netif = skb->iif; | ||
2582 | ipv4_skb_to_auditdata(skb, &ad.a, NULL); | ||
2583 | #endif | ||
2391 | /* | 2584 | /* |
2392 | * Receiving a packet requires that the other end | 2585 | * Receiving a packet requires that the other end |
2393 | * be able to write here. Read access is not required. | 2586 | * be able to write here. Read access is not required. |
2394 | * This is the simplist possible security model | 2587 | * This is the simplist possible security model |
2395 | * for networking. | 2588 | * for networking. |
2396 | */ | 2589 | */ |
2397 | rc = smk_access(csp, ssp->smk_in, MAY_WRITE); | 2590 | rc = smk_access(csp, ssp->smk_in, MAY_WRITE, &ad); |
2398 | if (rc != 0) | 2591 | if (rc != 0) |
2399 | netlbl_skbuff_err(skb, rc, 0); | 2592 | netlbl_skbuff_err(skb, rc, 0); |
2400 | return rc; | 2593 | return rc; |
@@ -2523,6 +2716,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, | |||
2523 | struct iphdr *hdr; | 2716 | struct iphdr *hdr; |
2524 | char smack[SMK_LABELLEN]; | 2717 | char smack[SMK_LABELLEN]; |
2525 | int rc; | 2718 | int rc; |
2719 | struct smk_audit_info ad; | ||
2526 | 2720 | ||
2527 | /* handle mapped IPv4 packets arriving via IPv6 sockets */ | 2721 | /* handle mapped IPv4 packets arriving via IPv6 sockets */ |
2528 | if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) | 2722 | if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) |
@@ -2536,11 +2730,17 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, | |||
2536 | strncpy(smack, smack_known_huh.smk_known, SMK_MAXLEN); | 2730 | strncpy(smack, smack_known_huh.smk_known, SMK_MAXLEN); |
2537 | netlbl_secattr_destroy(&secattr); | 2731 | netlbl_secattr_destroy(&secattr); |
2538 | 2732 | ||
2733 | #ifdef CONFIG_AUDIT | ||
2734 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NET); | ||
2735 | ad.a.u.net.family = family; | ||
2736 | ad.a.u.net.netif = skb->iif; | ||
2737 | ipv4_skb_to_auditdata(skb, &ad.a, NULL); | ||
2738 | #endif | ||
2539 | /* | 2739 | /* |
2540 | * Receiving a packet requires that the other end be able to write | 2740 | * Receiving a packet requires that the other end be able to write |
2541 | * here. Read access is not required. | 2741 | * here. Read access is not required. |
2542 | */ | 2742 | */ |
2543 | rc = smk_access(smack, ssp->smk_in, MAY_WRITE); | 2743 | rc = smk_access(smack, ssp->smk_in, MAY_WRITE, &ad); |
2544 | if (rc != 0) | 2744 | if (rc != 0) |
2545 | return rc; | 2745 | return rc; |
2546 | 2746 | ||
@@ -2642,6 +2842,7 @@ static int smack_key_permission(key_ref_t key_ref, | |||
2642 | const struct cred *cred, key_perm_t perm) | 2842 | const struct cred *cred, key_perm_t perm) |
2643 | { | 2843 | { |
2644 | struct key *keyp; | 2844 | struct key *keyp; |
2845 | struct smk_audit_info ad; | ||
2645 | 2846 | ||
2646 | keyp = key_ref_to_ptr(key_ref); | 2847 | keyp = key_ref_to_ptr(key_ref); |
2647 | if (keyp == NULL) | 2848 | if (keyp == NULL) |
@@ -2657,8 +2858,13 @@ static int smack_key_permission(key_ref_t key_ref, | |||
2657 | */ | 2858 | */ |
2658 | if (cred->security == NULL) | 2859 | if (cred->security == NULL) |
2659 | return -EACCES; | 2860 | return -EACCES; |
2660 | 2861 | #ifdef CONFIG_AUDIT | |
2661 | return smk_access(cred->security, keyp->security, MAY_READWRITE); | 2862 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY); |
2863 | ad.a.u.key_struct.key = keyp->serial; | ||
2864 | ad.a.u.key_struct.key_desc = keyp->description; | ||
2865 | #endif | ||
2866 | return smk_access(cred->security, keyp->security, | ||
2867 | MAY_READWRITE, &ad); | ||
2662 | } | 2868 | } |
2663 | #endif /* CONFIG_KEYS */ | 2869 | #endif /* CONFIG_KEYS */ |
2664 | 2870 | ||