diff options
-rw-r--r-- | security/tomoyo/common.h | 2 | ||||
-rw-r--r-- | security/tomoyo/domain.c | 2 | ||||
-rw-r--r-- | security/tomoyo/file.c | 102 |
3 files changed, 22 insertions, 84 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index c8ab7553c48c..203454025410 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
@@ -880,7 +880,7 @@ int tomoyo_write_memory_quota(struct tomoyo_io_buffer *head); | |||
880 | 880 | ||
881 | /* Initialize mm related code. */ | 881 | /* Initialize mm related code. */ |
882 | void __init tomoyo_mm_init(void); | 882 | void __init tomoyo_mm_init(void); |
883 | int tomoyo_check_exec_perm(struct tomoyo_request_info *r, | 883 | int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, |
884 | const struct tomoyo_path_info *filename); | 884 | const struct tomoyo_path_info *filename); |
885 | int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | 885 | int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, |
886 | struct path *path, const int flag); | 886 | struct path *path, const int flag); |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index fe621af46c2e..35317e783f34 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -960,7 +960,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
960 | } | 960 | } |
961 | 961 | ||
962 | /* Check execute permission. */ | 962 | /* Check execute permission. */ |
963 | retval = tomoyo_check_exec_perm(&r, &rn); | 963 | retval = tomoyo_path_permission(&r, TOMOYO_TYPE_EXECUTE, &rn); |
964 | if (retval == TOMOYO_RETRY_REQUEST) | 964 | if (retval == TOMOYO_RETRY_REQUEST) |
965 | goto retry; | 965 | goto retry; |
966 | if (retval < 0) | 966 | if (retval < 0) |
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 8015719926d5..50875d7e8603 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
@@ -670,62 +670,6 @@ static int tomoyo_path_acl(const struct tomoyo_request_info *r, | |||
670 | return error; | 670 | return error; |
671 | } | 671 | } |
672 | 672 | ||
673 | /** | ||
674 | * tomoyo_file_perm - Check permission for opening files. | ||
675 | * | ||
676 | * @r: Pointer to "struct tomoyo_request_info". | ||
677 | * @filename: Filename to check. | ||
678 | * @mode: Mode ("read" or "write" or "read/write" or "execute"). | ||
679 | * | ||
680 | * Returns 0 on success, negative value otherwise. | ||
681 | * | ||
682 | * Caller holds tomoyo_read_lock(). | ||
683 | */ | ||
684 | static int tomoyo_file_perm(struct tomoyo_request_info *r, | ||
685 | const struct tomoyo_path_info *filename, | ||
686 | const u8 mode) | ||
687 | { | ||
688 | const char *msg = "<unknown>"; | ||
689 | int error = 0; | ||
690 | u32 perm = 0; | ||
691 | |||
692 | if (!filename) | ||
693 | return 0; | ||
694 | |||
695 | if (mode == 6) { | ||
696 | msg = tomoyo_path2keyword(TOMOYO_TYPE_READ_WRITE); | ||
697 | perm = 1 << TOMOYO_TYPE_READ_WRITE; | ||
698 | } else if (mode == 4) { | ||
699 | msg = tomoyo_path2keyword(TOMOYO_TYPE_READ); | ||
700 | perm = 1 << TOMOYO_TYPE_READ; | ||
701 | } else if (mode == 2) { | ||
702 | msg = tomoyo_path2keyword(TOMOYO_TYPE_WRITE); | ||
703 | perm = 1 << TOMOYO_TYPE_WRITE; | ||
704 | } else if (mode == 1) { | ||
705 | msg = tomoyo_path2keyword(TOMOYO_TYPE_EXECUTE); | ||
706 | perm = 1 << TOMOYO_TYPE_EXECUTE; | ||
707 | } else | ||
708 | BUG(); | ||
709 | do { | ||
710 | error = tomoyo_path_acl(r, filename, perm); | ||
711 | if (error && mode == 4 && !r->domain->ignore_global_allow_read | ||
712 | && tomoyo_is_globally_readable_file(filename)) | ||
713 | error = 0; | ||
714 | if (!error) | ||
715 | break; | ||
716 | tomoyo_warn_log(r, "%s %s", msg, filename->name); | ||
717 | error = tomoyo_supervisor(r, "allow_%s %s\n", msg, | ||
718 | tomoyo_file_pattern(filename)); | ||
719 | /* | ||
720 | * Do not retry for execute request, for alias may have | ||
721 | * changed. | ||
722 | */ | ||
723 | } while (error == TOMOYO_RETRY_REQUEST && mode != 1); | ||
724 | if (r->mode != TOMOYO_CONFIG_ENFORCING) | ||
725 | error = 0; | ||
726 | return error; | ||
727 | } | ||
728 | |||
729 | static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a, | 673 | static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a, |
730 | const struct tomoyo_acl_info *b) | 674 | const struct tomoyo_acl_info *b) |
731 | { | 675 | { |
@@ -1018,8 +962,8 @@ static int tomoyo_path2_acl(const struct tomoyo_request_info *r, const u8 type, | |||
1018 | * | 962 | * |
1019 | * Caller holds tomoyo_read_lock(). | 963 | * Caller holds tomoyo_read_lock(). |
1020 | */ | 964 | */ |
1021 | static int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, | 965 | int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, |
1022 | const struct tomoyo_path_info *filename) | 966 | const struct tomoyo_path_info *filename) |
1023 | { | 967 | { |
1024 | const char *msg; | 968 | const char *msg; |
1025 | int error; | 969 | int error; |
@@ -1031,15 +975,22 @@ static int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, | |||
1031 | return 0; | 975 | return 0; |
1032 | do { | 976 | do { |
1033 | error = tomoyo_path_acl(r, filename, 1 << operation); | 977 | error = tomoyo_path_acl(r, filename, 1 << operation); |
978 | if (error && operation == TOMOYO_TYPE_READ && | ||
979 | !r->domain->ignore_global_allow_read && | ||
980 | tomoyo_is_globally_readable_file(filename)) | ||
981 | error = 0; | ||
1034 | if (!error) | 982 | if (!error) |
1035 | break; | 983 | break; |
1036 | msg = tomoyo_path2keyword(operation); | 984 | msg = tomoyo_path2keyword(operation); |
1037 | tomoyo_warn_log(r, "%s %s", msg, filename->name); | 985 | tomoyo_warn_log(r, "%s %s", msg, filename->name); |
1038 | error = tomoyo_supervisor(r, "allow_%s %s\n", msg, | 986 | error = tomoyo_supervisor(r, "allow_%s %s\n", msg, |
1039 | tomoyo_file_pattern(filename)); | 987 | tomoyo_file_pattern(filename)); |
1040 | } while (error == TOMOYO_RETRY_REQUEST); | 988 | /* |
1041 | if (r->mode != TOMOYO_CONFIG_ENFORCING) | 989 | * Do not retry for execute request, for alias may have |
1042 | error = 0; | 990 | * changed. |
991 | */ | ||
992 | } while (error == TOMOYO_RETRY_REQUEST && | ||
993 | operation != TOMOYO_TYPE_EXECUTE); | ||
1043 | /* | 994 | /* |
1044 | * Since "allow_truncate" doesn't imply "allow_rewrite" permission, | 995 | * Since "allow_truncate" doesn't imply "allow_rewrite" permission, |
1045 | * we need to check "allow_rewrite" permission if the filename is | 996 | * we need to check "allow_rewrite" permission if the filename is |
@@ -1202,8 +1153,6 @@ static int tomoyo_path_number_perm2(struct tomoyo_request_info *r, | |||
1202 | tomoyo_file_pattern(filename), | 1153 | tomoyo_file_pattern(filename), |
1203 | buffer); | 1154 | buffer); |
1204 | } while (error == TOMOYO_RETRY_REQUEST); | 1155 | } while (error == TOMOYO_RETRY_REQUEST); |
1205 | if (r->mode != TOMOYO_CONFIG_ENFORCING) | ||
1206 | error = 0; | ||
1207 | return error; | 1156 | return error; |
1208 | } | 1157 | } |
1209 | 1158 | ||
@@ -1242,24 +1191,6 @@ int tomoyo_path_number_perm(const u8 type, struct path *path, | |||
1242 | } | 1191 | } |
1243 | 1192 | ||
1244 | /** | 1193 | /** |
1245 | * tomoyo_check_exec_perm - Check permission for "execute". | ||
1246 | * | ||
1247 | * @r: Pointer to "struct tomoyo_request_info". | ||
1248 | * @filename: Check permission for "execute". | ||
1249 | * | ||
1250 | * Returns 0 on success, negativevalue otherwise. | ||
1251 | * | ||
1252 | * Caller holds tomoyo_read_lock(). | ||
1253 | */ | ||
1254 | int tomoyo_check_exec_perm(struct tomoyo_request_info *r, | ||
1255 | const struct tomoyo_path_info *filename) | ||
1256 | { | ||
1257 | if (r->mode == TOMOYO_CONFIG_DISABLED) | ||
1258 | return 0; | ||
1259 | return tomoyo_file_perm(r, filename, 1); | ||
1260 | } | ||
1261 | |||
1262 | /** | ||
1263 | * tomoyo_check_open_permission - Check permission for "read" and "write". | 1194 | * tomoyo_check_open_permission - Check permission for "read" and "write". |
1264 | * | 1195 | * |
1265 | * @domain: Pointer to "struct tomoyo_domain_info". | 1196 | * @domain: Pointer to "struct tomoyo_domain_info". |
@@ -1305,11 +1236,18 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
1305 | if (!error && acc_mode && | 1236 | if (!error && acc_mode && |
1306 | tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN) | 1237 | tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN) |
1307 | != TOMOYO_CONFIG_DISABLED) { | 1238 | != TOMOYO_CONFIG_DISABLED) { |
1239 | u8 operation; | ||
1308 | if (!buf.name && !tomoyo_get_realpath(&buf, path)) { | 1240 | if (!buf.name && !tomoyo_get_realpath(&buf, path)) { |
1309 | error = -ENOMEM; | 1241 | error = -ENOMEM; |
1310 | goto out; | 1242 | goto out; |
1311 | } | 1243 | } |
1312 | error = tomoyo_file_perm(&r, &buf, acc_mode); | 1244 | if (acc_mode == (MAY_READ | MAY_WRITE)) |
1245 | operation = TOMOYO_TYPE_READ_WRITE; | ||
1246 | else if (acc_mode == MAY_READ) | ||
1247 | operation = TOMOYO_TYPE_READ; | ||
1248 | else | ||
1249 | operation = TOMOYO_TYPE_WRITE; | ||
1250 | error = tomoyo_path_permission(&r, operation, &buf); | ||
1313 | } | 1251 | } |
1314 | out: | 1252 | out: |
1315 | kfree(buf.name); | 1253 | kfree(buf.name); |