TOMOYO: Allow using owner/group etc. of file objects as conditions.

This patch adds support for permission checks using file object's DAC attributes (e.g. owner/group) when checking file's pathnames. Hooks for passing file object's pointers are in the last patch of this pathset. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2011-07-08 00:22:41 -0400
committer: James Morris <jmorris@namei.org> 2011-07-10 21:05:32 -0400
commit: 8761afd49ebff8ae04c1a7888af090177441d07d (patch)
tree: f43b52e1b8467eeea465762d2f9d0b81a336faa0 /security/tomoyo/common.h
parent: 2066a36125fcbf5220990173b9d8e8bc49ad7538 (diff)
1 files changed, 91 insertions, 0 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 958d433b0115..5a0fcedb332b 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -54,10 +54,66 @@ enum tomoyo_conditions_index {
        TOMOYO_TASK_FSGID,           /* current_fsgid() */
        TOMOYO_TASK_PID,             /* sys_getpid()   */
        TOMOYO_TASK_PPID,            /* sys_getppid()  */
+        TOMOYO_TYPE_IS_SOCKET,       /* S_IFSOCK */
+        TOMOYO_TYPE_IS_SYMLINK,      /* S_IFLNK */
+        TOMOYO_TYPE_IS_FILE,         /* S_IFREG */
+        TOMOYO_TYPE_IS_BLOCK_DEV,    /* S_IFBLK */
+        TOMOYO_TYPE_IS_DIRECTORY,    /* S_IFDIR */
+        TOMOYO_TYPE_IS_CHAR_DEV,     /* S_IFCHR */
+        TOMOYO_TYPE_IS_FIFO,         /* S_IFIFO */
+        TOMOYO_MODE_SETUID,          /* S_ISUID */
+        TOMOYO_MODE_SETGID,          /* S_ISGID */
+        TOMOYO_MODE_STICKY,          /* S_ISVTX */
+        TOMOYO_MODE_OWNER_READ,      /* S_IRUSR */
+        TOMOYO_MODE_OWNER_WRITE,     /* S_IWUSR */
+        TOMOYO_MODE_OWNER_EXECUTE,   /* S_IXUSR */
+        TOMOYO_MODE_GROUP_READ,      /* S_IRGRP */
+        TOMOYO_MODE_GROUP_WRITE,     /* S_IWGRP */
+        TOMOYO_MODE_GROUP_EXECUTE,   /* S_IXGRP */
+        TOMOYO_MODE_OTHERS_READ,     /* S_IROTH */
+        TOMOYO_MODE_OTHERS_WRITE,    /* S_IWOTH */
+        TOMOYO_MODE_OTHERS_EXECUTE,  /* S_IXOTH */
+        TOMOYO_PATH1_UID,
+        TOMOYO_PATH1_GID,
+        TOMOYO_PATH1_INO,
+        TOMOYO_PATH1_MAJOR,
+        TOMOYO_PATH1_MINOR,
+        TOMOYO_PATH1_PERM,
+        TOMOYO_PATH1_TYPE,
+        TOMOYO_PATH1_DEV_MAJOR,
+        TOMOYO_PATH1_DEV_MINOR,
+        TOMOYO_PATH2_UID,
+        TOMOYO_PATH2_GID,
+        TOMOYO_PATH2_INO,
+        TOMOYO_PATH2_MAJOR,
+        TOMOYO_PATH2_MINOR,
+        TOMOYO_PATH2_PERM,
+        TOMOYO_PATH2_TYPE,
+        TOMOYO_PATH2_DEV_MAJOR,
+        TOMOYO_PATH2_DEV_MINOR,
+        TOMOYO_PATH1_PARENT_UID,
+        TOMOYO_PATH1_PARENT_GID,
+        TOMOYO_PATH1_PARENT_INO,
+        TOMOYO_PATH1_PARENT_PERM,
+        TOMOYO_PATH2_PARENT_UID,
+        TOMOYO_PATH2_PARENT_GID,
+        TOMOYO_PATH2_PARENT_INO,
+        TOMOYO_PATH2_PARENT_PERM,
        TOMOYO_MAX_CONDITION_KEYWORD,
        TOMOYO_NUMBER_UNION,
 };
+/* Index numbers for stat(). */
+enum tomoyo_path_stat_index {
+        /* Do not change this order. */
+        TOMOYO_PATH1,
+        TOMOYO_PATH1_PARENT,
+        TOMOYO_PATH2,
+        TOMOYO_PATH2_PARENT,
+        TOMOYO_MAX_PATH_STAT
+};
 /* Index numbers for operation mode. */
 enum tomoyo_mode_index {
        TOMOYO_CONFIG_DISABLED,
@@ -290,6 +346,11 @@ struct tomoyo_policy_namespace;
 /* Structure for request info. */
 struct tomoyo_request_info {
+        /*
+         * For holding parameters specific to operations which deal files.
+         * NULL if not dealing files.
+         */
+        struct tomoyo_obj_info *obj;
        struct tomoyo_domain_info *domain;
        /* For holding parameters. */
        union {
@@ -388,6 +449,35 @@ struct tomoyo_number_group {
        struct tomoyo_number_union number;
 };
+/* Subset of "struct stat". Used by conditional ACL and audit logs. */
+struct tomoyo_mini_stat {
+        uid_t uid;
+        gid_t gid;
+        ino_t ino;
+        mode_t mode;
+        dev_t dev;
+        dev_t rdev;
+};
+/* Structure for attribute checks in addition to pathname checks. */
+struct tomoyo_obj_info {
+        /*
+         * True if tomoyo_get_attributes() was already called, false otherwise.
+         */
+        bool validate_done;
+        /* True if @stat[] is valid. */
+        bool stat_valid[TOMOYO_MAX_PATH_STAT];
+        /* First pathname. Initialized with { NULL, NULL } if no path. */
+        struct path path1;
+        /* Second pathname. Initialized with { NULL, NULL } if no path. */
+        struct path path2;
+        /*
+         * Information on @path1, @path1's parent directory, @path2, @path2's
+         * parent directory.
+         */
+        struct tomoyo_mini_stat stat[TOMOYO_MAX_PATH_STAT];
+};
 /* Structure for entries which follows "struct tomoyo_condition". */
 struct tomoyo_condition_element {
        /* Left hand operand. */
@@ -733,6 +823,7 @@ void tomoyo_check_profile(void);
 void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp);
 void tomoyo_del_condition(struct list_head *element);
 void tomoyo_fill_path_info(struct tomoyo_path_info *ptr);
+void tomoyo_get_attributes(struct tomoyo_obj_info *obj);
 void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns);
 void tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...)
         __printf(2, 3);
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2011-07-08 00:22:41 -0400
committer	James Morris <jmorris@namei.org>	2011-07-10 21:05:32 -0400
commit	8761afd49ebff8ae04c1a7888af090177441d07d (patch)
tree	f43b52e1b8467eeea465762d2f9d0b81a336faa0 /security/tomoyo/common.h
parent	2066a36125fcbf5220990173b9d8e8bc49ad7538 (diff)

diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 958d433b0115..5a0fcedb332b 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h
@@ -54,10 +54,66 @@ enum tomoyo_conditions_index {
54	TOMOYO_TASK_FSGID, /* current_fsgid() */	54	TOMOYO_TASK_FSGID, /* current_fsgid() */
55	TOMOYO_TASK_PID, /* sys_getpid() */	55	TOMOYO_TASK_PID, /* sys_getpid() */
56	TOMOYO_TASK_PPID, /* sys_getppid() */	56	TOMOYO_TASK_PPID, /* sys_getppid() */
		57	TOMOYO_TYPE_IS_SOCKET, /* S_IFSOCK */
		58	TOMOYO_TYPE_IS_SYMLINK, /* S_IFLNK */
		59	TOMOYO_TYPE_IS_FILE, /* S_IFREG */
		60	TOMOYO_TYPE_IS_BLOCK_DEV, /* S_IFBLK */
		61	TOMOYO_TYPE_IS_DIRECTORY, /* S_IFDIR */
		62	TOMOYO_TYPE_IS_CHAR_DEV, /* S_IFCHR */
		63	TOMOYO_TYPE_IS_FIFO, /* S_IFIFO */
		64	TOMOYO_MODE_SETUID, /* S_ISUID */
		65	TOMOYO_MODE_SETGID, /* S_ISGID */
		66	TOMOYO_MODE_STICKY, /* S_ISVTX */
		67	TOMOYO_MODE_OWNER_READ, /* S_IRUSR */
		68	TOMOYO_MODE_OWNER_WRITE, /* S_IWUSR */
		69	TOMOYO_MODE_OWNER_EXECUTE, /* S_IXUSR */
		70	TOMOYO_MODE_GROUP_READ, /* S_IRGRP */
		71	TOMOYO_MODE_GROUP_WRITE, /* S_IWGRP */
		72	TOMOYO_MODE_GROUP_EXECUTE, /* S_IXGRP */
		73	TOMOYO_MODE_OTHERS_READ, /* S_IROTH */
		74	TOMOYO_MODE_OTHERS_WRITE, /* S_IWOTH */
		75	TOMOYO_MODE_OTHERS_EXECUTE, /* S_IXOTH */
		76	TOMOYO_PATH1_UID,
		77	TOMOYO_PATH1_GID,
		78	TOMOYO_PATH1_INO,
		79	TOMOYO_PATH1_MAJOR,
		80	TOMOYO_PATH1_MINOR,
		81	TOMOYO_PATH1_PERM,
		82	TOMOYO_PATH1_TYPE,
		83	TOMOYO_PATH1_DEV_MAJOR,
		84	TOMOYO_PATH1_DEV_MINOR,
		85	TOMOYO_PATH2_UID,
		86	TOMOYO_PATH2_GID,
		87	TOMOYO_PATH2_INO,
		88	TOMOYO_PATH2_MAJOR,
		89	TOMOYO_PATH2_MINOR,
		90	TOMOYO_PATH2_PERM,
		91	TOMOYO_PATH2_TYPE,
		92	TOMOYO_PATH2_DEV_MAJOR,
		93	TOMOYO_PATH2_DEV_MINOR,
		94	TOMOYO_PATH1_PARENT_UID,
		95	TOMOYO_PATH1_PARENT_GID,
		96	TOMOYO_PATH1_PARENT_INO,
		97	TOMOYO_PATH1_PARENT_PERM,
		98	TOMOYO_PATH2_PARENT_UID,
		99	TOMOYO_PATH2_PARENT_GID,
		100	TOMOYO_PATH2_PARENT_INO,
		101	TOMOYO_PATH2_PARENT_PERM,
57	TOMOYO_MAX_CONDITION_KEYWORD,	102	TOMOYO_MAX_CONDITION_KEYWORD,
58	TOMOYO_NUMBER_UNION,	103	TOMOYO_NUMBER_UNION,
59	};	104	};
60		105
		106
		107	/* Index numbers for stat(). */
		108	enum tomoyo_path_stat_index {
		109	/* Do not change this order. */
		110	TOMOYO_PATH1,
		111	TOMOYO_PATH1_PARENT,
		112	TOMOYO_PATH2,
		113	TOMOYO_PATH2_PARENT,
		114	TOMOYO_MAX_PATH_STAT
		115	};
		116
61	/* Index numbers for operation mode. */	117	/* Index numbers for operation mode. */
62	enum tomoyo_mode_index {	118	enum tomoyo_mode_index {
63	TOMOYO_CONFIG_DISABLED,	119	TOMOYO_CONFIG_DISABLED,
@@ -290,6 +346,11 @@ struct tomoyo_policy_namespace;
290		346
291	/* Structure for request info. */	347	/* Structure for request info. */
292	struct tomoyo_request_info {	348	struct tomoyo_request_info {
		349	/*
		350	* For holding parameters specific to operations which deal files.
		351	* NULL if not dealing files.
		352	*/
		353	struct tomoyo_obj_info *obj;
293	struct tomoyo_domain_info *domain;	354	struct tomoyo_domain_info *domain;
294	/* For holding parameters. */	355	/* For holding parameters. */
295	union {	356	union {
@@ -388,6 +449,35 @@ struct tomoyo_number_group {
388	struct tomoyo_number_union number;	449	struct tomoyo_number_union number;
389	};	450	};
390		451
		452	/* Subset of "struct stat". Used by conditional ACL and audit logs. */
		453	struct tomoyo_mini_stat {
		454	uid_t uid;
		455	gid_t gid;
		456	ino_t ino;
		457	mode_t mode;
		458	dev_t dev;
		459	dev_t rdev;
		460	};
		461
		462	/* Structure for attribute checks in addition to pathname checks. */
		463	struct tomoyo_obj_info {
		464	/*
		465	* True if tomoyo_get_attributes() was already called, false otherwise.
		466	*/
		467	bool validate_done;
		468	/* True if @stat[] is valid. */
		469	bool stat_valid[TOMOYO_MAX_PATH_STAT];
		470	/* First pathname. Initialized with { NULL, NULL } if no path. */
		471	struct path path1;
		472	/* Second pathname. Initialized with { NULL, NULL } if no path. */
		473	struct path path2;
		474	/*
		475	* Information on @path1, @path1's parent directory, @path2, @path2's
		476	* parent directory.
		477	*/
		478	struct tomoyo_mini_stat stat[TOMOYO_MAX_PATH_STAT];
		479	};
		480
391	/* Structure for entries which follows "struct tomoyo_condition". */	481	/* Structure for entries which follows "struct tomoyo_condition". */
392	struct tomoyo_condition_element {	482	struct tomoyo_condition_element {
393	/* Left hand operand. */	483	/* Left hand operand. */
@@ -733,6 +823,7 @@ void tomoyo_check_profile(void);
733	void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp);	823	void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp);
734	void tomoyo_del_condition(struct list_head *element);	824	void tomoyo_del_condition(struct list_head *element);
735	void tomoyo_fill_path_info(struct tomoyo_path_info *ptr);	825	void tomoyo_fill_path_info(struct tomoyo_path_info *ptr);
		826	void tomoyo_get_attributes(struct tomoyo_obj_info *obj);
736	void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns);	827	void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns);
737	void tomoyo_io_printf(struct tomoyo_io_buffer head, const char fmt, ...)	828	void tomoyo_io_printf(struct tomoyo_io_buffer head, const char fmt, ...)
738	__printf(2, 3);	829	__printf(2, 3);