TOMOYO: Add built-in policy support.

To be able to start using enforcing mode from the early stage of boot sequence, this patch adds support for built-in policy configuration (and next patch adds support for activating access control without calling external policy loader program). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2011-06-26 10:22:18 -0400
committer: James Morris <jmorris@namei.org> 2011-06-28 19:31:22 -0400
commit: efe836ab2b514ae7b59528af36d452978b42d266 (patch)
tree: 5e2434b25b0d53c4852fad7c9c07db9e99a38b07 /security
parent: b22b8b9fd90eecfb7133e56b4e113595f09f4492 (diff)
4 files changed, 108 insertions, 10 deletions
diff --git a/security/tomoyo/Makefile b/security/tomoyo/Makefile
index b13f7f9fbb52..04f676a940ae 100644
--- a/security/tomoyo/Makefile
+++ b/security/tomoyo/Makefile
@@ -1 +1,48 @@
 obj-y = audit.o common.o domain.o file.o gc.o group.o load_policy.o memory.o mount.o realpath.o securityfs_if.o tomoyo.o util.o
+$(obj)/policy/profile.conf:
+        @mkdir -p $(obj)/policy/
+        @echo Creating an empty policy/profile.conf
+        @touch $@
+$(obj)/policy/exception_policy.conf:
+        @mkdir -p $(obj)/policy/
+        @echo Creating a default policy/exception_policy.conf
+        @echo initialize_domain /sbin/modprobe from any >> $@
+        @echo initialize_domain /sbin/hotplug from any >> $@
+$(obj)/policy/domain_policy.conf:
+        @mkdir -p $(obj)/policy/
+        @echo Creating an empty policy/domain_policy.conf
+        @touch $@
+$(obj)/policy/manager.conf:
+        @mkdir -p $(obj)/policy/
+        @echo Creating an empty policy/manager.conf
+        @touch $@
+$(obj)/policy/stat.conf:
+        @mkdir -p $(obj)/policy/
+        @echo Creating an empty policy/stat.conf
+        @touch $@
+$(obj)/builtin-policy.h: $(obj)/policy/profile.conf $(obj)/policy/exception_policy.conf $(obj)/policy/domain_policy.conf $(obj)/policy/manager.conf $(obj)/policy/stat.conf
+        @echo Generating built-in policy for TOMOYO 2.4.x.
+        @echo "static char tomoyo_builtin_profile[] __initdata =" > $@.tmp
+        @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/profile.conf >> $@.tmp
+        @echo "\"\";" >> $@.tmp
+        @echo "static char tomoyo_builtin_exception_policy[] __initdata =" >> $@.tmp
+        @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/exception_policy.conf >> $@.tmp
+        @echo "\"\";" >> $@.tmp
+        @echo "static char tomoyo_builtin_domain_policy[] __initdata =" >> $@.tmp
+        @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/domain_policy.conf >> $@.tmp
+        @echo "\"\";" >> $@.tmp
+        @echo "static char tomoyo_builtin_manager[] __initdata =" >> $@.tmp
+        @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/manager.conf >> $@.tmp
+        @echo "\"\";" >> $@.tmp
+        @echo "static char tomoyo_builtin_stat[] __initdata =" >> $@.tmp
+        @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/stat.conf >> $@.tmp
+        @echo "\"\";" >> $@.tmp
+        @mv $@.tmp $@
+$(obj)/common.o: $(obj)/builtin-policy.h
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 7bc0d1d95867..01e60ad68b3a 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -2361,3 +2361,63 @@ void tomoyo_check_profile(void)
        tomoyo_read_unlock(idx);
        printk(KERN_INFO "Mandatory Access Control activated.\n");
 }
+/**
+ * tomoyo_load_builtin_policy - Load built-in policy.
+ *
+ * Returns nothing.
+ */
+void __init tomoyo_load_builtin_policy(void)
+{
+        /*
+         * This include file is manually created and contains built-in policy
+         * named "tomoyo_builtin_profile", "tomoyo_builtin_exception_policy",
+         * "tomoyo_builtin_domain_policy", "tomoyo_builtin_manager",
+         * "tomoyo_builtin_stat" in the form of "static char [] __initdata".
+         */
+#include "builtin-policy.h"
+        u8 i;
+        const int idx = tomoyo_read_lock();
+        for (i = 0; i < 5; i++) {
+                struct tomoyo_io_buffer head = { };
+                char *start = "";
+                switch (i) {
+                case 0:
+                        start = tomoyo_builtin_profile;
+                        head.type = TOMOYO_PROFILE;
+                        head.write = tomoyo_write_profile;
+                        break;
+                case 1:
+                        start = tomoyo_builtin_exception_policy;
+                        head.type = TOMOYO_EXCEPTIONPOLICY;
+                        head.write = tomoyo_write_exception;
+                        break;
+                case 2:
+                        start = tomoyo_builtin_domain_policy;
+                        head.type = TOMOYO_DOMAINPOLICY;
+                        head.write = tomoyo_write_domain;
+                        break;
+                case 3:
+                        start = tomoyo_builtin_manager;
+                        head.type = TOMOYO_MANAGER;
+                        head.write = tomoyo_write_manager;
+                        break;
+                case 4:
+                        start = tomoyo_builtin_stat;
+                        head.type = TOMOYO_STAT;
+                        head.write = tomoyo_write_stat;
+                        break;
+                }
+                while (1) {
+                        char *end = strchr(start, '\n');
+                        if (!end)
+                                break;
+                        *end = '\0';
+                        tomoyo_normalize_line(start);
+                        head.write_buf = start;
+                        tomoyo_parse_policy(&head, start);
+                        start = end + 1;
+                }
+        }
+        tomoyo_read_unlock(idx);
+}
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 7984a0ed548b..a15fe29740a4 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -662,6 +662,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name);
 void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp);
 void tomoyo_update_stat(const u8 index);
 void __init tomoyo_mm_init(void);
+void __init tomoyo_load_builtin_policy(void);
 int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
                           const struct tomoyo_path_info *filename);
 int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index 78b6143068de..46538ce47d72 100644
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -215,14 +215,4 @@ void __init tomoyo_mm_init(void)
        INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
        tomoyo_kernel_domain.domainname = tomoyo_get_name("<kernel>");
        list_add_tail_rcu(&tomoyo_kernel_domain.list, &tomoyo_domain_list);
-#if 0
-        /* Will be replaced with tomoyo_load_builtin_policy(). */
-        {
-                /* Load built-in policy. */
-                tomoyo_write_transition_control("/sbin/hotplug", false,
-                                        TOMOYO_TRANSITION_CONTROL_INITIALIZE);
-                tomoyo_write_transition_control("/sbin/modprobe", false,
-                                        TOMOYO_TRANSITION_CONTROL_INITIALIZE);
-        }
-#endif
 }
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2011-06-26 10:22:18 -0400
committer	James Morris <jmorris@namei.org>	2011-06-28 19:31:22 -0400
commit	efe836ab2b514ae7b59528af36d452978b42d266 (patch)
tree	5e2434b25b0d53c4852fad7c9c07db9e99a38b07 /security
parent	b22b8b9fd90eecfb7133e56b4e113595f09f4492 (diff)

diff --git a/security/tomoyo/Makefile b/security/tomoyo/Makefile index b13f7f9fbb52..04f676a940ae 100644 --- a/security/tomoyo/Makefile +++ b/security/tomoyo/Makefile
@@ -1 +1,48 @@
1	obj-y = audit.o common.o domain.o file.o gc.o group.o load_policy.o memory.o mount.o realpath.o securityfs_if.o tomoyo.o util.o	1	obj-y = audit.o common.o domain.o file.o gc.o group.o load_policy.o memory.o mount.o realpath.o securityfs_if.o tomoyo.o util.o
		2
		3	$(obj)/policy/profile.conf:
		4	@mkdir -p $(obj)/policy/
		5	@echo Creating an empty policy/profile.conf
		6	@touch $@
		7
		8	$(obj)/policy/exception_policy.conf:
		9	@mkdir -p $(obj)/policy/
		10	@echo Creating a default policy/exception_policy.conf
		11	@echo initialize_domain /sbin/modprobe from any >> $@
		12	@echo initialize_domain /sbin/hotplug from any >> $@
		13
		14	$(obj)/policy/domain_policy.conf:
		15	@mkdir -p $(obj)/policy/
		16	@echo Creating an empty policy/domain_policy.conf
		17	@touch $@
		18
		19	$(obj)/policy/manager.conf:
		20	@mkdir -p $(obj)/policy/
		21	@echo Creating an empty policy/manager.conf
		22	@touch $@
		23
		24	$(obj)/policy/stat.conf:
		25	@mkdir -p $(obj)/policy/
		26	@echo Creating an empty policy/stat.conf
		27	@touch $@
		28
		29	$(obj)/builtin-policy.h: $(obj)/policy/profile.conf $(obj)/policy/exception_policy.conf $(obj)/policy/domain_policy.conf $(obj)/policy/manager.conf $(obj)/policy/stat.conf
		30	@echo Generating built-in policy for TOMOYO 2.4.x.
		31	@echo "static char tomoyo_builtin_profile[] __initdata =" > $@.tmp
		32	@sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/profile.conf >> $@.tmp
		33	@echo "\"\";" >> $@.tmp
		34	@echo "static char tomoyo_builtin_exception_policy[] __initdata =" >> $@.tmp
		35	@sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/exception_policy.conf >> $@.tmp
		36	@echo "\"\";" >> $@.tmp
		37	@echo "static char tomoyo_builtin_domain_policy[] __initdata =" >> $@.tmp
		38	@sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/domain_policy.conf >> $@.tmp
		39	@echo "\"\";" >> $@.tmp
		40	@echo "static char tomoyo_builtin_manager[] __initdata =" >> $@.tmp
		41	@sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/manager.conf >> $@.tmp
		42	@echo "\"\";" >> $@.tmp
		43	@echo "static char tomoyo_builtin_stat[] __initdata =" >> $@.tmp
		44	@sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/stat.conf >> $@.tmp
		45	@echo "\"\";" >> $@.tmp
		46	@mv $@.tmp $@
		47
		48	$(obj)/common.o: $(obj)/builtin-policy.h


diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 7bc0d1d95867..01e60ad68b3a 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c
@@ -2361,3 +2361,63 @@ void tomoyo_check_profile(void)
2361	tomoyo_read_unlock(idx);	2361	tomoyo_read_unlock(idx);
2362	printk(KERN_INFO "Mandatory Access Control activated.\n");	2362	printk(KERN_INFO "Mandatory Access Control activated.\n");
2363	}	2363	}
		2364
		2365	/**
		2366	* tomoyo_load_builtin_policy - Load built-in policy.
		2367	*
		2368	* Returns nothing.
		2369	*/
		2370	void __init tomoyo_load_builtin_policy(void)
		2371	{
		2372	/*
		2373	* This include file is manually created and contains built-in policy
		2374	* named "tomoyo_builtin_profile", "tomoyo_builtin_exception_policy",
		2375	* "tomoyo_builtin_domain_policy", "tomoyo_builtin_manager",
		2376	* "tomoyo_builtin_stat" in the form of "static char [] __initdata".
		2377	*/
		2378	#include "builtin-policy.h"
		2379	u8 i;
		2380	const int idx = tomoyo_read_lock();
		2381	for (i = 0; i < 5; i++) {
		2382	struct tomoyo_io_buffer head = { };
		2383	char *start = "";
		2384	switch (i) {
		2385	case 0:
		2386	start = tomoyo_builtin_profile;
		2387	head.type = TOMOYO_PROFILE;
		2388	head.write = tomoyo_write_profile;
		2389	break;
		2390	case 1:
		2391	start = tomoyo_builtin_exception_policy;
		2392	head.type = TOMOYO_EXCEPTIONPOLICY;
		2393	head.write = tomoyo_write_exception;
		2394	break;
		2395	case 2:
		2396	start = tomoyo_builtin_domain_policy;
		2397	head.type = TOMOYO_DOMAINPOLICY;
		2398	head.write = tomoyo_write_domain;
		2399	break;
		2400	case 3:
		2401	start = tomoyo_builtin_manager;
		2402	head.type = TOMOYO_MANAGER;
		2403	head.write = tomoyo_write_manager;
		2404	break;
		2405	case 4:
		2406	start = tomoyo_builtin_stat;
		2407	head.type = TOMOYO_STAT;
		2408	head.write = tomoyo_write_stat;
		2409	break;
		2410	}
		2411	while (1) {
		2412	char *end = strchr(start, '\n');
		2413	if (!end)
		2414	break;
		2415	*end = '\0';
		2416	tomoyo_normalize_line(start);
		2417	head.write_buf = start;
		2418	tomoyo_parse_policy(&head, start);
		2419	start = end + 1;
		2420	}
		2421	}
		2422	tomoyo_read_unlock(idx);
		2423	}


diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 7984a0ed548b..a15fe29740a4 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h
@@ -662,6 +662,7 @@ const struct tomoyo_path_info tomoyo_get_name(const char name);
662	void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp);	662	void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp);
663	void tomoyo_update_stat(const u8 index);	663	void tomoyo_update_stat(const u8 index);
664	void __init tomoyo_mm_init(void);	664	void __init tomoyo_mm_init(void);
		665	void __init tomoyo_load_builtin_policy(void);
665	int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,	666	int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
666	const struct tomoyo_path_info *filename);	667	const struct tomoyo_path_info *filename);
667	int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,	668	int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,


diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c index 78b6143068de..46538ce47d72 100644 --- a/security/tomoyo/memory.c +++ b/security/tomoyo/memory.c
@@ -215,14 +215,4 @@ void __init tomoyo_mm_init(void)
215	INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);	215	INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
216	tomoyo_kernel_domain.domainname = tomoyo_get_name("<kernel>");	216	tomoyo_kernel_domain.domainname = tomoyo_get_name("<kernel>");
217	list_add_tail_rcu(&tomoyo_kernel_domain.list, &tomoyo_domain_list);	217	list_add_tail_rcu(&tomoyo_kernel_domain.list, &tomoyo_domain_list);
218	#if 0
219	/* Will be replaced with tomoyo_load_builtin_policy(). */
220	{
221	/* Load built-in policy. */
222	tomoyo_write_transition_control("/sbin/hotplug", false,
223	TOMOYO_TRANSITION_CONTROL_INITIALIZE);
224	tomoyo_write_transition_control("/sbin/modprobe", false,
225	TOMOYO_TRANSITION_CONTROL_INITIALIZE);
226	}
227	#endif
228	}	218	}