diff options
Diffstat (limited to 'security/selinux/selinuxfs.c')
-rw-r--r-- | security/selinux/selinuxfs.c | 1340 |
1 files changed, 1340 insertions, 0 deletions
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c new file mode 100644 index 000000000000..07221568b505 --- /dev/null +++ b/security/selinux/selinuxfs.c | |||
@@ -0,0 +1,1340 @@ | |||
1 | /* Updated: Karl MacMillan <kmacmillan@tresys.com> | ||
2 | * | ||
3 | * Added conditional policy language extensions | ||
4 | * | ||
5 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC | ||
6 | * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> | ||
7 | * This program is free software; you can redistribute it and/or modify | ||
8 | * it under the terms of the GNU General Public License as published by | ||
9 | * the Free Software Foundation, version 2. | ||
10 | */ | ||
11 | |||
12 | #include <linux/config.h> | ||
13 | #include <linux/kernel.h> | ||
14 | #include <linux/pagemap.h> | ||
15 | #include <linux/slab.h> | ||
16 | #include <linux/vmalloc.h> | ||
17 | #include <linux/fs.h> | ||
18 | #include <linux/init.h> | ||
19 | #include <linux/string.h> | ||
20 | #include <linux/security.h> | ||
21 | #include <linux/major.h> | ||
22 | #include <linux/seq_file.h> | ||
23 | #include <linux/percpu.h> | ||
24 | #include <asm/uaccess.h> | ||
25 | #include <asm/semaphore.h> | ||
26 | |||
27 | /* selinuxfs pseudo filesystem for exporting the security policy API. | ||
28 | Based on the proc code and the fs/nfsd/nfsctl.c code. */ | ||
29 | |||
30 | #include "flask.h" | ||
31 | #include "avc.h" | ||
32 | #include "avc_ss.h" | ||
33 | #include "security.h" | ||
34 | #include "objsec.h" | ||
35 | #include "conditional.h" | ||
36 | |||
37 | unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; | ||
38 | |||
39 | static int __init checkreqprot_setup(char *str) | ||
40 | { | ||
41 | selinux_checkreqprot = simple_strtoul(str,NULL,0) ? 1 : 0; | ||
42 | return 1; | ||
43 | } | ||
44 | __setup("checkreqprot=", checkreqprot_setup); | ||
45 | |||
46 | |||
47 | static DECLARE_MUTEX(sel_sem); | ||
48 | |||
49 | /* global data for booleans */ | ||
50 | static struct dentry *bool_dir = NULL; | ||
51 | static int bool_num = 0; | ||
52 | static int *bool_pending_values = NULL; | ||
53 | |||
54 | extern void selnl_notify_setenforce(int val); | ||
55 | |||
56 | /* Check whether a task is allowed to use a security operation. */ | ||
57 | static int task_has_security(struct task_struct *tsk, | ||
58 | u32 perms) | ||
59 | { | ||
60 | struct task_security_struct *tsec; | ||
61 | |||
62 | tsec = tsk->security; | ||
63 | if (!tsec) | ||
64 | return -EACCES; | ||
65 | |||
66 | return avc_has_perm(tsec->sid, SECINITSID_SECURITY, | ||
67 | SECCLASS_SECURITY, perms, NULL); | ||
68 | } | ||
69 | |||
70 | enum sel_inos { | ||
71 | SEL_ROOT_INO = 2, | ||
72 | SEL_LOAD, /* load policy */ | ||
73 | SEL_ENFORCE, /* get or set enforcing status */ | ||
74 | SEL_CONTEXT, /* validate context */ | ||
75 | SEL_ACCESS, /* compute access decision */ | ||
76 | SEL_CREATE, /* compute create labeling decision */ | ||
77 | SEL_RELABEL, /* compute relabeling decision */ | ||
78 | SEL_USER, /* compute reachable user contexts */ | ||
79 | SEL_POLICYVERS, /* return policy version for this kernel */ | ||
80 | SEL_COMMIT_BOOLS, /* commit new boolean values */ | ||
81 | SEL_MLS, /* return if MLS policy is enabled */ | ||
82 | SEL_DISABLE, /* disable SELinux until next reboot */ | ||
83 | SEL_AVC, /* AVC management directory */ | ||
84 | SEL_MEMBER, /* compute polyinstantiation membership decision */ | ||
85 | SEL_CHECKREQPROT, /* check requested protection, not kernel-applied one */ | ||
86 | }; | ||
87 | |||
88 | #define TMPBUFLEN 12 | ||
89 | static ssize_t sel_read_enforce(struct file *filp, char __user *buf, | ||
90 | size_t count, loff_t *ppos) | ||
91 | { | ||
92 | char tmpbuf[TMPBUFLEN]; | ||
93 | ssize_t length; | ||
94 | |||
95 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_enforcing); | ||
96 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | ||
97 | } | ||
98 | |||
99 | #ifdef CONFIG_SECURITY_SELINUX_DEVELOP | ||
100 | static ssize_t sel_write_enforce(struct file * file, const char __user * buf, | ||
101 | size_t count, loff_t *ppos) | ||
102 | |||
103 | { | ||
104 | char *page; | ||
105 | ssize_t length; | ||
106 | int new_value; | ||
107 | |||
108 | if (count < 0 || count >= PAGE_SIZE) | ||
109 | return -ENOMEM; | ||
110 | if (*ppos != 0) { | ||
111 | /* No partial writes. */ | ||
112 | return -EINVAL; | ||
113 | } | ||
114 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
115 | if (!page) | ||
116 | return -ENOMEM; | ||
117 | length = -EFAULT; | ||
118 | if (copy_from_user(page, buf, count)) | ||
119 | goto out; | ||
120 | |||
121 | length = -EINVAL; | ||
122 | if (sscanf(page, "%d", &new_value) != 1) | ||
123 | goto out; | ||
124 | |||
125 | if (new_value != selinux_enforcing) { | ||
126 | length = task_has_security(current, SECURITY__SETENFORCE); | ||
127 | if (length) | ||
128 | goto out; | ||
129 | selinux_enforcing = new_value; | ||
130 | if (selinux_enforcing) | ||
131 | avc_ss_reset(0); | ||
132 | selnl_notify_setenforce(selinux_enforcing); | ||
133 | } | ||
134 | length = count; | ||
135 | out: | ||
136 | free_page((unsigned long) page); | ||
137 | return length; | ||
138 | } | ||
139 | #else | ||
140 | #define sel_write_enforce NULL | ||
141 | #endif | ||
142 | |||
143 | static struct file_operations sel_enforce_ops = { | ||
144 | .read = sel_read_enforce, | ||
145 | .write = sel_write_enforce, | ||
146 | }; | ||
147 | |||
148 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | ||
149 | static ssize_t sel_write_disable(struct file * file, const char __user * buf, | ||
150 | size_t count, loff_t *ppos) | ||
151 | |||
152 | { | ||
153 | char *page; | ||
154 | ssize_t length; | ||
155 | int new_value; | ||
156 | extern int selinux_disable(void); | ||
157 | |||
158 | if (count < 0 || count >= PAGE_SIZE) | ||
159 | return -ENOMEM; | ||
160 | if (*ppos != 0) { | ||
161 | /* No partial writes. */ | ||
162 | return -EINVAL; | ||
163 | } | ||
164 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
165 | if (!page) | ||
166 | return -ENOMEM; | ||
167 | length = -EFAULT; | ||
168 | if (copy_from_user(page, buf, count)) | ||
169 | goto out; | ||
170 | |||
171 | length = -EINVAL; | ||
172 | if (sscanf(page, "%d", &new_value) != 1) | ||
173 | goto out; | ||
174 | |||
175 | if (new_value) { | ||
176 | length = selinux_disable(); | ||
177 | if (length < 0) | ||
178 | goto out; | ||
179 | } | ||
180 | |||
181 | length = count; | ||
182 | out: | ||
183 | free_page((unsigned long) page); | ||
184 | return length; | ||
185 | } | ||
186 | #else | ||
187 | #define sel_write_disable NULL | ||
188 | #endif | ||
189 | |||
190 | static struct file_operations sel_disable_ops = { | ||
191 | .write = sel_write_disable, | ||
192 | }; | ||
193 | |||
194 | static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, | ||
195 | size_t count, loff_t *ppos) | ||
196 | { | ||
197 | char tmpbuf[TMPBUFLEN]; | ||
198 | ssize_t length; | ||
199 | |||
200 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX); | ||
201 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | ||
202 | } | ||
203 | |||
204 | static struct file_operations sel_policyvers_ops = { | ||
205 | .read = sel_read_policyvers, | ||
206 | }; | ||
207 | |||
208 | /* declaration for sel_write_load */ | ||
209 | static int sel_make_bools(void); | ||
210 | |||
211 | static ssize_t sel_read_mls(struct file *filp, char __user *buf, | ||
212 | size_t count, loff_t *ppos) | ||
213 | { | ||
214 | char tmpbuf[TMPBUFLEN]; | ||
215 | ssize_t length; | ||
216 | |||
217 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_mls_enabled); | ||
218 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | ||
219 | } | ||
220 | |||
221 | static struct file_operations sel_mls_ops = { | ||
222 | .read = sel_read_mls, | ||
223 | }; | ||
224 | |||
225 | static ssize_t sel_write_load(struct file * file, const char __user * buf, | ||
226 | size_t count, loff_t *ppos) | ||
227 | |||
228 | { | ||
229 | int ret; | ||
230 | ssize_t length; | ||
231 | void *data = NULL; | ||
232 | |||
233 | down(&sel_sem); | ||
234 | |||
235 | length = task_has_security(current, SECURITY__LOAD_POLICY); | ||
236 | if (length) | ||
237 | goto out; | ||
238 | |||
239 | if (*ppos != 0) { | ||
240 | /* No partial writes. */ | ||
241 | length = -EINVAL; | ||
242 | goto out; | ||
243 | } | ||
244 | |||
245 | if ((count < 0) || (count > 64 * 1024 * 1024) | ||
246 | || (data = vmalloc(count)) == NULL) { | ||
247 | length = -ENOMEM; | ||
248 | goto out; | ||
249 | } | ||
250 | |||
251 | length = -EFAULT; | ||
252 | if (copy_from_user(data, buf, count) != 0) | ||
253 | goto out; | ||
254 | |||
255 | length = security_load_policy(data, count); | ||
256 | if (length) | ||
257 | goto out; | ||
258 | |||
259 | ret = sel_make_bools(); | ||
260 | if (ret) | ||
261 | length = ret; | ||
262 | else | ||
263 | length = count; | ||
264 | out: | ||
265 | up(&sel_sem); | ||
266 | vfree(data); | ||
267 | return length; | ||
268 | } | ||
269 | |||
270 | static struct file_operations sel_load_ops = { | ||
271 | .write = sel_write_load, | ||
272 | }; | ||
273 | |||
274 | |||
275 | static ssize_t sel_write_context(struct file * file, const char __user * buf, | ||
276 | size_t count, loff_t *ppos) | ||
277 | |||
278 | { | ||
279 | char *page; | ||
280 | u32 sid; | ||
281 | ssize_t length; | ||
282 | |||
283 | length = task_has_security(current, SECURITY__CHECK_CONTEXT); | ||
284 | if (length) | ||
285 | return length; | ||
286 | |||
287 | if (count < 0 || count >= PAGE_SIZE) | ||
288 | return -ENOMEM; | ||
289 | if (*ppos != 0) { | ||
290 | /* No partial writes. */ | ||
291 | return -EINVAL; | ||
292 | } | ||
293 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
294 | if (!page) | ||
295 | return -ENOMEM; | ||
296 | length = -EFAULT; | ||
297 | if (copy_from_user(page, buf, count)) | ||
298 | goto out; | ||
299 | |||
300 | length = security_context_to_sid(page, count, &sid); | ||
301 | if (length < 0) | ||
302 | goto out; | ||
303 | |||
304 | length = count; | ||
305 | out: | ||
306 | free_page((unsigned long) page); | ||
307 | return length; | ||
308 | } | ||
309 | |||
310 | static struct file_operations sel_context_ops = { | ||
311 | .write = sel_write_context, | ||
312 | }; | ||
313 | |||
314 | static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, | ||
315 | size_t count, loff_t *ppos) | ||
316 | { | ||
317 | char tmpbuf[TMPBUFLEN]; | ||
318 | ssize_t length; | ||
319 | |||
320 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", selinux_checkreqprot); | ||
321 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | ||
322 | } | ||
323 | |||
324 | static ssize_t sel_write_checkreqprot(struct file * file, const char __user * buf, | ||
325 | size_t count, loff_t *ppos) | ||
326 | { | ||
327 | char *page; | ||
328 | ssize_t length; | ||
329 | unsigned int new_value; | ||
330 | |||
331 | length = task_has_security(current, SECURITY__SETCHECKREQPROT); | ||
332 | if (length) | ||
333 | return length; | ||
334 | |||
335 | if (count < 0 || count >= PAGE_SIZE) | ||
336 | return -ENOMEM; | ||
337 | if (*ppos != 0) { | ||
338 | /* No partial writes. */ | ||
339 | return -EINVAL; | ||
340 | } | ||
341 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
342 | if (!page) | ||
343 | return -ENOMEM; | ||
344 | length = -EFAULT; | ||
345 | if (copy_from_user(page, buf, count)) | ||
346 | goto out; | ||
347 | |||
348 | length = -EINVAL; | ||
349 | if (sscanf(page, "%u", &new_value) != 1) | ||
350 | goto out; | ||
351 | |||
352 | selinux_checkreqprot = new_value ? 1 : 0; | ||
353 | length = count; | ||
354 | out: | ||
355 | free_page((unsigned long) page); | ||
356 | return length; | ||
357 | } | ||
358 | static struct file_operations sel_checkreqprot_ops = { | ||
359 | .read = sel_read_checkreqprot, | ||
360 | .write = sel_write_checkreqprot, | ||
361 | }; | ||
362 | |||
363 | /* | ||
364 | * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c | ||
365 | */ | ||
366 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size); | ||
367 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size); | ||
368 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size); | ||
369 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size); | ||
370 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size); | ||
371 | |||
372 | static ssize_t (*write_op[])(struct file *, char *, size_t) = { | ||
373 | [SEL_ACCESS] = sel_write_access, | ||
374 | [SEL_CREATE] = sel_write_create, | ||
375 | [SEL_RELABEL] = sel_write_relabel, | ||
376 | [SEL_USER] = sel_write_user, | ||
377 | [SEL_MEMBER] = sel_write_member, | ||
378 | }; | ||
379 | |||
380 | static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) | ||
381 | { | ||
382 | ino_t ino = file->f_dentry->d_inode->i_ino; | ||
383 | char *data; | ||
384 | ssize_t rv; | ||
385 | |||
386 | if (ino >= sizeof(write_op)/sizeof(write_op[0]) || !write_op[ino]) | ||
387 | return -EINVAL; | ||
388 | |||
389 | data = simple_transaction_get(file, buf, size); | ||
390 | if (IS_ERR(data)) | ||
391 | return PTR_ERR(data); | ||
392 | |||
393 | rv = write_op[ino](file, data, size); | ||
394 | if (rv>0) { | ||
395 | simple_transaction_set(file, rv); | ||
396 | rv = size; | ||
397 | } | ||
398 | return rv; | ||
399 | } | ||
400 | |||
401 | static struct file_operations transaction_ops = { | ||
402 | .write = selinux_transaction_write, | ||
403 | .read = simple_transaction_read, | ||
404 | .release = simple_transaction_release, | ||
405 | }; | ||
406 | |||
407 | /* | ||
408 | * payload - write methods | ||
409 | * If the method has a response, the response should be put in buf, | ||
410 | * and the length returned. Otherwise return 0 or and -error. | ||
411 | */ | ||
412 | |||
413 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size) | ||
414 | { | ||
415 | char *scon, *tcon; | ||
416 | u32 ssid, tsid; | ||
417 | u16 tclass; | ||
418 | u32 req; | ||
419 | struct av_decision avd; | ||
420 | ssize_t length; | ||
421 | |||
422 | length = task_has_security(current, SECURITY__COMPUTE_AV); | ||
423 | if (length) | ||
424 | return length; | ||
425 | |||
426 | length = -ENOMEM; | ||
427 | scon = kmalloc(size+1, GFP_KERNEL); | ||
428 | if (!scon) | ||
429 | return length; | ||
430 | memset(scon, 0, size+1); | ||
431 | |||
432 | tcon = kmalloc(size+1, GFP_KERNEL); | ||
433 | if (!tcon) | ||
434 | goto out; | ||
435 | memset(tcon, 0, size+1); | ||
436 | |||
437 | length = -EINVAL; | ||
438 | if (sscanf(buf, "%s %s %hu %x", scon, tcon, &tclass, &req) != 4) | ||
439 | goto out2; | ||
440 | |||
441 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | ||
442 | if (length < 0) | ||
443 | goto out2; | ||
444 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | ||
445 | if (length < 0) | ||
446 | goto out2; | ||
447 | |||
448 | length = security_compute_av(ssid, tsid, tclass, req, &avd); | ||
449 | if (length < 0) | ||
450 | goto out2; | ||
451 | |||
452 | length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, | ||
453 | "%x %x %x %x %u", | ||
454 | avd.allowed, avd.decided, | ||
455 | avd.auditallow, avd.auditdeny, | ||
456 | avd.seqno); | ||
457 | out2: | ||
458 | kfree(tcon); | ||
459 | out: | ||
460 | kfree(scon); | ||
461 | return length; | ||
462 | } | ||
463 | |||
464 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size) | ||
465 | { | ||
466 | char *scon, *tcon; | ||
467 | u32 ssid, tsid, newsid; | ||
468 | u16 tclass; | ||
469 | ssize_t length; | ||
470 | char *newcon; | ||
471 | u32 len; | ||
472 | |||
473 | length = task_has_security(current, SECURITY__COMPUTE_CREATE); | ||
474 | if (length) | ||
475 | return length; | ||
476 | |||
477 | length = -ENOMEM; | ||
478 | scon = kmalloc(size+1, GFP_KERNEL); | ||
479 | if (!scon) | ||
480 | return length; | ||
481 | memset(scon, 0, size+1); | ||
482 | |||
483 | tcon = kmalloc(size+1, GFP_KERNEL); | ||
484 | if (!tcon) | ||
485 | goto out; | ||
486 | memset(tcon, 0, size+1); | ||
487 | |||
488 | length = -EINVAL; | ||
489 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) | ||
490 | goto out2; | ||
491 | |||
492 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | ||
493 | if (length < 0) | ||
494 | goto out2; | ||
495 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | ||
496 | if (length < 0) | ||
497 | goto out2; | ||
498 | |||
499 | length = security_transition_sid(ssid, tsid, tclass, &newsid); | ||
500 | if (length < 0) | ||
501 | goto out2; | ||
502 | |||
503 | length = security_sid_to_context(newsid, &newcon, &len); | ||
504 | if (length < 0) | ||
505 | goto out2; | ||
506 | |||
507 | if (len > SIMPLE_TRANSACTION_LIMIT) { | ||
508 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | ||
509 | "max\n", __FUNCTION__, len); | ||
510 | length = -ERANGE; | ||
511 | goto out3; | ||
512 | } | ||
513 | |||
514 | memcpy(buf, newcon, len); | ||
515 | length = len; | ||
516 | out3: | ||
517 | kfree(newcon); | ||
518 | out2: | ||
519 | kfree(tcon); | ||
520 | out: | ||
521 | kfree(scon); | ||
522 | return length; | ||
523 | } | ||
524 | |||
525 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size) | ||
526 | { | ||
527 | char *scon, *tcon; | ||
528 | u32 ssid, tsid, newsid; | ||
529 | u16 tclass; | ||
530 | ssize_t length; | ||
531 | char *newcon; | ||
532 | u32 len; | ||
533 | |||
534 | length = task_has_security(current, SECURITY__COMPUTE_RELABEL); | ||
535 | if (length) | ||
536 | return length; | ||
537 | |||
538 | length = -ENOMEM; | ||
539 | scon = kmalloc(size+1, GFP_KERNEL); | ||
540 | if (!scon) | ||
541 | return length; | ||
542 | memset(scon, 0, size+1); | ||
543 | |||
544 | tcon = kmalloc(size+1, GFP_KERNEL); | ||
545 | if (!tcon) | ||
546 | goto out; | ||
547 | memset(tcon, 0, size+1); | ||
548 | |||
549 | length = -EINVAL; | ||
550 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) | ||
551 | goto out2; | ||
552 | |||
553 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | ||
554 | if (length < 0) | ||
555 | goto out2; | ||
556 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | ||
557 | if (length < 0) | ||
558 | goto out2; | ||
559 | |||
560 | length = security_change_sid(ssid, tsid, tclass, &newsid); | ||
561 | if (length < 0) | ||
562 | goto out2; | ||
563 | |||
564 | length = security_sid_to_context(newsid, &newcon, &len); | ||
565 | if (length < 0) | ||
566 | goto out2; | ||
567 | |||
568 | if (len > SIMPLE_TRANSACTION_LIMIT) { | ||
569 | length = -ERANGE; | ||
570 | goto out3; | ||
571 | } | ||
572 | |||
573 | memcpy(buf, newcon, len); | ||
574 | length = len; | ||
575 | out3: | ||
576 | kfree(newcon); | ||
577 | out2: | ||
578 | kfree(tcon); | ||
579 | out: | ||
580 | kfree(scon); | ||
581 | return length; | ||
582 | } | ||
583 | |||
584 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size) | ||
585 | { | ||
586 | char *con, *user, *ptr; | ||
587 | u32 sid, *sids; | ||
588 | ssize_t length; | ||
589 | char *newcon; | ||
590 | int i, rc; | ||
591 | u32 len, nsids; | ||
592 | |||
593 | length = task_has_security(current, SECURITY__COMPUTE_USER); | ||
594 | if (length) | ||
595 | return length; | ||
596 | |||
597 | length = -ENOMEM; | ||
598 | con = kmalloc(size+1, GFP_KERNEL); | ||
599 | if (!con) | ||
600 | return length; | ||
601 | memset(con, 0, size+1); | ||
602 | |||
603 | user = kmalloc(size+1, GFP_KERNEL); | ||
604 | if (!user) | ||
605 | goto out; | ||
606 | memset(user, 0, size+1); | ||
607 | |||
608 | length = -EINVAL; | ||
609 | if (sscanf(buf, "%s %s", con, user) != 2) | ||
610 | goto out2; | ||
611 | |||
612 | length = security_context_to_sid(con, strlen(con)+1, &sid); | ||
613 | if (length < 0) | ||
614 | goto out2; | ||
615 | |||
616 | length = security_get_user_sids(sid, user, &sids, &nsids); | ||
617 | if (length < 0) | ||
618 | goto out2; | ||
619 | |||
620 | length = sprintf(buf, "%u", nsids) + 1; | ||
621 | ptr = buf + length; | ||
622 | for (i = 0; i < nsids; i++) { | ||
623 | rc = security_sid_to_context(sids[i], &newcon, &len); | ||
624 | if (rc) { | ||
625 | length = rc; | ||
626 | goto out3; | ||
627 | } | ||
628 | if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) { | ||
629 | kfree(newcon); | ||
630 | length = -ERANGE; | ||
631 | goto out3; | ||
632 | } | ||
633 | memcpy(ptr, newcon, len); | ||
634 | kfree(newcon); | ||
635 | ptr += len; | ||
636 | length += len; | ||
637 | } | ||
638 | out3: | ||
639 | kfree(sids); | ||
640 | out2: | ||
641 | kfree(user); | ||
642 | out: | ||
643 | kfree(con); | ||
644 | return length; | ||
645 | } | ||
646 | |||
647 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size) | ||
648 | { | ||
649 | char *scon, *tcon; | ||
650 | u32 ssid, tsid, newsid; | ||
651 | u16 tclass; | ||
652 | ssize_t length; | ||
653 | char *newcon; | ||
654 | u32 len; | ||
655 | |||
656 | length = task_has_security(current, SECURITY__COMPUTE_MEMBER); | ||
657 | if (length) | ||
658 | return length; | ||
659 | |||
660 | length = -ENOMEM; | ||
661 | scon = kmalloc(size+1, GFP_KERNEL); | ||
662 | if (!scon) | ||
663 | return length; | ||
664 | memset(scon, 0, size+1); | ||
665 | |||
666 | tcon = kmalloc(size+1, GFP_KERNEL); | ||
667 | if (!tcon) | ||
668 | goto out; | ||
669 | memset(tcon, 0, size+1); | ||
670 | |||
671 | length = -EINVAL; | ||
672 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) | ||
673 | goto out2; | ||
674 | |||
675 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | ||
676 | if (length < 0) | ||
677 | goto out2; | ||
678 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | ||
679 | if (length < 0) | ||
680 | goto out2; | ||
681 | |||
682 | length = security_member_sid(ssid, tsid, tclass, &newsid); | ||
683 | if (length < 0) | ||
684 | goto out2; | ||
685 | |||
686 | length = security_sid_to_context(newsid, &newcon, &len); | ||
687 | if (length < 0) | ||
688 | goto out2; | ||
689 | |||
690 | if (len > SIMPLE_TRANSACTION_LIMIT) { | ||
691 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | ||
692 | "max\n", __FUNCTION__, len); | ||
693 | length = -ERANGE; | ||
694 | goto out3; | ||
695 | } | ||
696 | |||
697 | memcpy(buf, newcon, len); | ||
698 | length = len; | ||
699 | out3: | ||
700 | kfree(newcon); | ||
701 | out2: | ||
702 | kfree(tcon); | ||
703 | out: | ||
704 | kfree(scon); | ||
705 | return length; | ||
706 | } | ||
707 | |||
708 | static struct inode *sel_make_inode(struct super_block *sb, int mode) | ||
709 | { | ||
710 | struct inode *ret = new_inode(sb); | ||
711 | |||
712 | if (ret) { | ||
713 | ret->i_mode = mode; | ||
714 | ret->i_uid = ret->i_gid = 0; | ||
715 | ret->i_blksize = PAGE_CACHE_SIZE; | ||
716 | ret->i_blocks = 0; | ||
717 | ret->i_atime = ret->i_mtime = ret->i_ctime = CURRENT_TIME; | ||
718 | } | ||
719 | return ret; | ||
720 | } | ||
721 | |||
722 | #define BOOL_INO_OFFSET 30 | ||
723 | |||
724 | static ssize_t sel_read_bool(struct file *filep, char __user *buf, | ||
725 | size_t count, loff_t *ppos) | ||
726 | { | ||
727 | char *page = NULL; | ||
728 | ssize_t length; | ||
729 | ssize_t end; | ||
730 | ssize_t ret; | ||
731 | int cur_enforcing; | ||
732 | struct inode *inode; | ||
733 | |||
734 | down(&sel_sem); | ||
735 | |||
736 | ret = -EFAULT; | ||
737 | |||
738 | /* check to see if this file has been deleted */ | ||
739 | if (!filep->f_op) | ||
740 | goto out; | ||
741 | |||
742 | if (count < 0 || count > PAGE_SIZE) { | ||
743 | ret = -EINVAL; | ||
744 | goto out; | ||
745 | } | ||
746 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) { | ||
747 | ret = -ENOMEM; | ||
748 | goto out; | ||
749 | } | ||
750 | |||
751 | inode = filep->f_dentry->d_inode; | ||
752 | cur_enforcing = security_get_bool_value(inode->i_ino - BOOL_INO_OFFSET); | ||
753 | if (cur_enforcing < 0) { | ||
754 | ret = cur_enforcing; | ||
755 | goto out; | ||
756 | } | ||
757 | |||
758 | length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing, | ||
759 | bool_pending_values[inode->i_ino - BOOL_INO_OFFSET]); | ||
760 | if (length < 0) { | ||
761 | ret = length; | ||
762 | goto out; | ||
763 | } | ||
764 | |||
765 | if (*ppos >= length) { | ||
766 | ret = 0; | ||
767 | goto out; | ||
768 | } | ||
769 | if (count + *ppos > length) | ||
770 | count = length - *ppos; | ||
771 | end = count + *ppos; | ||
772 | if (copy_to_user(buf, (char *) page + *ppos, count)) { | ||
773 | ret = -EFAULT; | ||
774 | goto out; | ||
775 | } | ||
776 | *ppos = end; | ||
777 | ret = count; | ||
778 | out: | ||
779 | up(&sel_sem); | ||
780 | if (page) | ||
781 | free_page((unsigned long)page); | ||
782 | return ret; | ||
783 | } | ||
784 | |||
785 | static ssize_t sel_write_bool(struct file *filep, const char __user *buf, | ||
786 | size_t count, loff_t *ppos) | ||
787 | { | ||
788 | char *page = NULL; | ||
789 | ssize_t length = -EFAULT; | ||
790 | int new_value; | ||
791 | struct inode *inode; | ||
792 | |||
793 | down(&sel_sem); | ||
794 | |||
795 | length = task_has_security(current, SECURITY__SETBOOL); | ||
796 | if (length) | ||
797 | goto out; | ||
798 | |||
799 | /* check to see if this file has been deleted */ | ||
800 | if (!filep->f_op) | ||
801 | goto out; | ||
802 | |||
803 | if (count < 0 || count >= PAGE_SIZE) { | ||
804 | length = -ENOMEM; | ||
805 | goto out; | ||
806 | } | ||
807 | if (*ppos != 0) { | ||
808 | /* No partial writes. */ | ||
809 | goto out; | ||
810 | } | ||
811 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
812 | if (!page) { | ||
813 | length = -ENOMEM; | ||
814 | goto out; | ||
815 | } | ||
816 | |||
817 | if (copy_from_user(page, buf, count)) | ||
818 | goto out; | ||
819 | |||
820 | length = -EINVAL; | ||
821 | if (sscanf(page, "%d", &new_value) != 1) | ||
822 | goto out; | ||
823 | |||
824 | if (new_value) | ||
825 | new_value = 1; | ||
826 | |||
827 | inode = filep->f_dentry->d_inode; | ||
828 | bool_pending_values[inode->i_ino - BOOL_INO_OFFSET] = new_value; | ||
829 | length = count; | ||
830 | |||
831 | out: | ||
832 | up(&sel_sem); | ||
833 | if (page) | ||
834 | free_page((unsigned long) page); | ||
835 | return length; | ||
836 | } | ||
837 | |||
838 | static struct file_operations sel_bool_ops = { | ||
839 | .read = sel_read_bool, | ||
840 | .write = sel_write_bool, | ||
841 | }; | ||
842 | |||
843 | static ssize_t sel_commit_bools_write(struct file *filep, | ||
844 | const char __user *buf, | ||
845 | size_t count, loff_t *ppos) | ||
846 | { | ||
847 | char *page = NULL; | ||
848 | ssize_t length = -EFAULT; | ||
849 | int new_value; | ||
850 | |||
851 | down(&sel_sem); | ||
852 | |||
853 | length = task_has_security(current, SECURITY__SETBOOL); | ||
854 | if (length) | ||
855 | goto out; | ||
856 | |||
857 | /* check to see if this file has been deleted */ | ||
858 | if (!filep->f_op) | ||
859 | goto out; | ||
860 | |||
861 | if (count < 0 || count >= PAGE_SIZE) { | ||
862 | length = -ENOMEM; | ||
863 | goto out; | ||
864 | } | ||
865 | if (*ppos != 0) { | ||
866 | /* No partial writes. */ | ||
867 | goto out; | ||
868 | } | ||
869 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
870 | if (!page) { | ||
871 | length = -ENOMEM; | ||
872 | goto out; | ||
873 | } | ||
874 | |||
875 | if (copy_from_user(page, buf, count)) | ||
876 | goto out; | ||
877 | |||
878 | length = -EINVAL; | ||
879 | if (sscanf(page, "%d", &new_value) != 1) | ||
880 | goto out; | ||
881 | |||
882 | if (new_value) { | ||
883 | security_set_bools(bool_num, bool_pending_values); | ||
884 | } | ||
885 | |||
886 | length = count; | ||
887 | |||
888 | out: | ||
889 | up(&sel_sem); | ||
890 | if (page) | ||
891 | free_page((unsigned long) page); | ||
892 | return length; | ||
893 | } | ||
894 | |||
895 | static struct file_operations sel_commit_bools_ops = { | ||
896 | .write = sel_commit_bools_write, | ||
897 | }; | ||
898 | |||
899 | /* delete booleans - partial revoke() from | ||
900 | * fs/proc/generic.c proc_kill_inodes */ | ||
901 | static void sel_remove_bools(struct dentry *de) | ||
902 | { | ||
903 | struct list_head *p, *node; | ||
904 | struct super_block *sb = de->d_sb; | ||
905 | |||
906 | spin_lock(&dcache_lock); | ||
907 | node = de->d_subdirs.next; | ||
908 | while (node != &de->d_subdirs) { | ||
909 | struct dentry *d = list_entry(node, struct dentry, d_child); | ||
910 | list_del_init(node); | ||
911 | |||
912 | if (d->d_inode) { | ||
913 | d = dget_locked(d); | ||
914 | spin_unlock(&dcache_lock); | ||
915 | d_delete(d); | ||
916 | simple_unlink(de->d_inode, d); | ||
917 | dput(d); | ||
918 | spin_lock(&dcache_lock); | ||
919 | } | ||
920 | node = de->d_subdirs.next; | ||
921 | } | ||
922 | |||
923 | spin_unlock(&dcache_lock); | ||
924 | |||
925 | file_list_lock(); | ||
926 | list_for_each(p, &sb->s_files) { | ||
927 | struct file * filp = list_entry(p, struct file, f_list); | ||
928 | struct dentry * dentry = filp->f_dentry; | ||
929 | |||
930 | if (dentry->d_parent != de) { | ||
931 | continue; | ||
932 | } | ||
933 | filp->f_op = NULL; | ||
934 | } | ||
935 | file_list_unlock(); | ||
936 | } | ||
937 | |||
938 | #define BOOL_DIR_NAME "booleans" | ||
939 | |||
940 | static int sel_make_bools(void) | ||
941 | { | ||
942 | int i, ret = 0; | ||
943 | ssize_t len; | ||
944 | struct dentry *dentry = NULL; | ||
945 | struct dentry *dir = bool_dir; | ||
946 | struct inode *inode = NULL; | ||
947 | struct inode_security_struct *isec; | ||
948 | char **names = NULL, *page; | ||
949 | int num; | ||
950 | int *values = NULL; | ||
951 | u32 sid; | ||
952 | |||
953 | /* remove any existing files */ | ||
954 | if (bool_pending_values) | ||
955 | kfree(bool_pending_values); | ||
956 | |||
957 | sel_remove_bools(dir); | ||
958 | |||
959 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) | ||
960 | return -ENOMEM; | ||
961 | |||
962 | ret = security_get_bools(&num, &names, &values); | ||
963 | if (ret != 0) | ||
964 | goto out; | ||
965 | |||
966 | for (i = 0; i < num; i++) { | ||
967 | dentry = d_alloc_name(dir, names[i]); | ||
968 | if (!dentry) { | ||
969 | ret = -ENOMEM; | ||
970 | goto err; | ||
971 | } | ||
972 | inode = sel_make_inode(dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); | ||
973 | if (!inode) { | ||
974 | ret = -ENOMEM; | ||
975 | goto err; | ||
976 | } | ||
977 | |||
978 | len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); | ||
979 | if (len < 0) { | ||
980 | ret = -EINVAL; | ||
981 | goto err; | ||
982 | } else if (len >= PAGE_SIZE) { | ||
983 | ret = -ENAMETOOLONG; | ||
984 | goto err; | ||
985 | } | ||
986 | isec = (struct inode_security_struct*)inode->i_security; | ||
987 | if ((ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid))) | ||
988 | goto err; | ||
989 | isec->sid = sid; | ||
990 | isec->initialized = 1; | ||
991 | inode->i_fop = &sel_bool_ops; | ||
992 | inode->i_ino = i + BOOL_INO_OFFSET; | ||
993 | d_add(dentry, inode); | ||
994 | } | ||
995 | bool_num = num; | ||
996 | bool_pending_values = values; | ||
997 | out: | ||
998 | free_page((unsigned long)page); | ||
999 | if (names) { | ||
1000 | for (i = 0; i < num; i++) { | ||
1001 | if (names[i]) | ||
1002 | kfree(names[i]); | ||
1003 | } | ||
1004 | kfree(names); | ||
1005 | } | ||
1006 | return ret; | ||
1007 | err: | ||
1008 | d_genocide(dir); | ||
1009 | ret = -ENOMEM; | ||
1010 | goto out; | ||
1011 | } | ||
1012 | |||
1013 | #define NULL_FILE_NAME "null" | ||
1014 | |||
1015 | struct dentry *selinux_null = NULL; | ||
1016 | |||
1017 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, | ||
1018 | size_t count, loff_t *ppos) | ||
1019 | { | ||
1020 | char tmpbuf[TMPBUFLEN]; | ||
1021 | ssize_t length; | ||
1022 | |||
1023 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", avc_cache_threshold); | ||
1024 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | ||
1025 | } | ||
1026 | |||
1027 | static ssize_t sel_write_avc_cache_threshold(struct file * file, | ||
1028 | const char __user * buf, | ||
1029 | size_t count, loff_t *ppos) | ||
1030 | |||
1031 | { | ||
1032 | char *page; | ||
1033 | ssize_t ret; | ||
1034 | int new_value; | ||
1035 | |||
1036 | if (count < 0 || count >= PAGE_SIZE) { | ||
1037 | ret = -ENOMEM; | ||
1038 | goto out; | ||
1039 | } | ||
1040 | |||
1041 | if (*ppos != 0) { | ||
1042 | /* No partial writes. */ | ||
1043 | ret = -EINVAL; | ||
1044 | goto out; | ||
1045 | } | ||
1046 | |||
1047 | page = (char*)get_zeroed_page(GFP_KERNEL); | ||
1048 | if (!page) { | ||
1049 | ret = -ENOMEM; | ||
1050 | goto out; | ||
1051 | } | ||
1052 | |||
1053 | if (copy_from_user(page, buf, count)) { | ||
1054 | ret = -EFAULT; | ||
1055 | goto out_free; | ||
1056 | } | ||
1057 | |||
1058 | if (sscanf(page, "%u", &new_value) != 1) { | ||
1059 | ret = -EINVAL; | ||
1060 | goto out; | ||
1061 | } | ||
1062 | |||
1063 | if (new_value != avc_cache_threshold) { | ||
1064 | ret = task_has_security(current, SECURITY__SETSECPARAM); | ||
1065 | if (ret) | ||
1066 | goto out_free; | ||
1067 | avc_cache_threshold = new_value; | ||
1068 | } | ||
1069 | ret = count; | ||
1070 | out_free: | ||
1071 | free_page((unsigned long)page); | ||
1072 | out: | ||
1073 | return ret; | ||
1074 | } | ||
1075 | |||
1076 | static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, | ||
1077 | size_t count, loff_t *ppos) | ||
1078 | { | ||
1079 | char *page; | ||
1080 | ssize_t ret = 0; | ||
1081 | |||
1082 | page = (char *)__get_free_page(GFP_KERNEL); | ||
1083 | if (!page) { | ||
1084 | ret = -ENOMEM; | ||
1085 | goto out; | ||
1086 | } | ||
1087 | ret = avc_get_hash_stats(page); | ||
1088 | if (ret >= 0) | ||
1089 | ret = simple_read_from_buffer(buf, count, ppos, page, ret); | ||
1090 | free_page((unsigned long)page); | ||
1091 | out: | ||
1092 | return ret; | ||
1093 | } | ||
1094 | |||
1095 | static struct file_operations sel_avc_cache_threshold_ops = { | ||
1096 | .read = sel_read_avc_cache_threshold, | ||
1097 | .write = sel_write_avc_cache_threshold, | ||
1098 | }; | ||
1099 | |||
1100 | static struct file_operations sel_avc_hash_stats_ops = { | ||
1101 | .read = sel_read_avc_hash_stats, | ||
1102 | }; | ||
1103 | |||
1104 | #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS | ||
1105 | static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) | ||
1106 | { | ||
1107 | int cpu; | ||
1108 | |||
1109 | for (cpu = *idx; cpu < NR_CPUS; ++cpu) { | ||
1110 | if (!cpu_possible(cpu)) | ||
1111 | continue; | ||
1112 | *idx = cpu + 1; | ||
1113 | return &per_cpu(avc_cache_stats, cpu); | ||
1114 | } | ||
1115 | return NULL; | ||
1116 | } | ||
1117 | |||
1118 | static void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos) | ||
1119 | { | ||
1120 | loff_t n = *pos - 1; | ||
1121 | |||
1122 | if (*pos == 0) | ||
1123 | return SEQ_START_TOKEN; | ||
1124 | |||
1125 | return sel_avc_get_stat_idx(&n); | ||
1126 | } | ||
1127 | |||
1128 | static void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos) | ||
1129 | { | ||
1130 | return sel_avc_get_stat_idx(pos); | ||
1131 | } | ||
1132 | |||
1133 | static int sel_avc_stats_seq_show(struct seq_file *seq, void *v) | ||
1134 | { | ||
1135 | struct avc_cache_stats *st = v; | ||
1136 | |||
1137 | if (v == SEQ_START_TOKEN) | ||
1138 | seq_printf(seq, "lookups hits misses allocations reclaims " | ||
1139 | "frees\n"); | ||
1140 | else | ||
1141 | seq_printf(seq, "%u %u %u %u %u %u\n", st->lookups, | ||
1142 | st->hits, st->misses, st->allocations, | ||
1143 | st->reclaims, st->frees); | ||
1144 | return 0; | ||
1145 | } | ||
1146 | |||
1147 | static void sel_avc_stats_seq_stop(struct seq_file *seq, void *v) | ||
1148 | { } | ||
1149 | |||
1150 | static struct seq_operations sel_avc_cache_stats_seq_ops = { | ||
1151 | .start = sel_avc_stats_seq_start, | ||
1152 | .next = sel_avc_stats_seq_next, | ||
1153 | .show = sel_avc_stats_seq_show, | ||
1154 | .stop = sel_avc_stats_seq_stop, | ||
1155 | }; | ||
1156 | |||
1157 | static int sel_open_avc_cache_stats(struct inode *inode, struct file *file) | ||
1158 | { | ||
1159 | return seq_open(file, &sel_avc_cache_stats_seq_ops); | ||
1160 | } | ||
1161 | |||
1162 | static struct file_operations sel_avc_cache_stats_ops = { | ||
1163 | .open = sel_open_avc_cache_stats, | ||
1164 | .read = seq_read, | ||
1165 | .llseek = seq_lseek, | ||
1166 | .release = seq_release, | ||
1167 | }; | ||
1168 | #endif | ||
1169 | |||
1170 | static int sel_make_avc_files(struct dentry *dir) | ||
1171 | { | ||
1172 | int i, ret = 0; | ||
1173 | static struct tree_descr files[] = { | ||
1174 | { "cache_threshold", | ||
1175 | &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, | ||
1176 | { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, | ||
1177 | #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS | ||
1178 | { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, | ||
1179 | #endif | ||
1180 | }; | ||
1181 | |||
1182 | for (i = 0; i < sizeof (files) / sizeof (files[0]); i++) { | ||
1183 | struct inode *inode; | ||
1184 | struct dentry *dentry; | ||
1185 | |||
1186 | dentry = d_alloc_name(dir, files[i].name); | ||
1187 | if (!dentry) { | ||
1188 | ret = -ENOMEM; | ||
1189 | goto err; | ||
1190 | } | ||
1191 | |||
1192 | inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); | ||
1193 | if (!inode) { | ||
1194 | ret = -ENOMEM; | ||
1195 | goto err; | ||
1196 | } | ||
1197 | inode->i_fop = files[i].ops; | ||
1198 | d_add(dentry, inode); | ||
1199 | } | ||
1200 | out: | ||
1201 | return ret; | ||
1202 | err: | ||
1203 | d_genocide(dir); | ||
1204 | goto out; | ||
1205 | } | ||
1206 | |||
1207 | static int sel_make_dir(struct super_block *sb, struct dentry *dentry) | ||
1208 | { | ||
1209 | int ret = 0; | ||
1210 | struct inode *inode; | ||
1211 | |||
1212 | inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO); | ||
1213 | if (!inode) { | ||
1214 | ret = -ENOMEM; | ||
1215 | goto out; | ||
1216 | } | ||
1217 | inode->i_op = &simple_dir_inode_operations; | ||
1218 | inode->i_fop = &simple_dir_operations; | ||
1219 | d_add(dentry, inode); | ||
1220 | out: | ||
1221 | return ret; | ||
1222 | } | ||
1223 | |||
1224 | static int sel_fill_super(struct super_block * sb, void * data, int silent) | ||
1225 | { | ||
1226 | int ret; | ||
1227 | struct dentry *dentry; | ||
1228 | struct inode *inode; | ||
1229 | struct inode_security_struct *isec; | ||
1230 | |||
1231 | static struct tree_descr selinux_files[] = { | ||
1232 | [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR}, | ||
1233 | [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR}, | ||
1234 | [SEL_CONTEXT] = {"context", &sel_context_ops, S_IRUGO|S_IWUGO}, | ||
1235 | [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO}, | ||
1236 | [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, | ||
1237 | [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, | ||
1238 | [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, | ||
1239 | [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, | ||
1240 | [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR}, | ||
1241 | [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO}, | ||
1242 | [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR}, | ||
1243 | [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO}, | ||
1244 | [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR}, | ||
1245 | /* last one */ {""} | ||
1246 | }; | ||
1247 | ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files); | ||
1248 | if (ret) | ||
1249 | return ret; | ||
1250 | |||
1251 | dentry = d_alloc_name(sb->s_root, BOOL_DIR_NAME); | ||
1252 | if (!dentry) | ||
1253 | return -ENOMEM; | ||
1254 | |||
1255 | inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO); | ||
1256 | if (!inode) | ||
1257 | goto out; | ||
1258 | inode->i_op = &simple_dir_inode_operations; | ||
1259 | inode->i_fop = &simple_dir_operations; | ||
1260 | d_add(dentry, inode); | ||
1261 | bool_dir = dentry; | ||
1262 | ret = sel_make_bools(); | ||
1263 | if (ret) | ||
1264 | goto out; | ||
1265 | |||
1266 | dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME); | ||
1267 | if (!dentry) | ||
1268 | return -ENOMEM; | ||
1269 | |||
1270 | inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); | ||
1271 | if (!inode) | ||
1272 | goto out; | ||
1273 | isec = (struct inode_security_struct*)inode->i_security; | ||
1274 | isec->sid = SECINITSID_DEVNULL; | ||
1275 | isec->sclass = SECCLASS_CHR_FILE; | ||
1276 | isec->initialized = 1; | ||
1277 | |||
1278 | init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); | ||
1279 | d_add(dentry, inode); | ||
1280 | selinux_null = dentry; | ||
1281 | |||
1282 | dentry = d_alloc_name(sb->s_root, "avc"); | ||
1283 | if (!dentry) | ||
1284 | return -ENOMEM; | ||
1285 | |||
1286 | ret = sel_make_dir(sb, dentry); | ||
1287 | if (ret) | ||
1288 | goto out; | ||
1289 | |||
1290 | ret = sel_make_avc_files(dentry); | ||
1291 | if (ret) | ||
1292 | goto out; | ||
1293 | |||
1294 | return 0; | ||
1295 | out: | ||
1296 | dput(dentry); | ||
1297 | printk(KERN_ERR "%s: failed while creating inodes\n", __FUNCTION__); | ||
1298 | return -ENOMEM; | ||
1299 | } | ||
1300 | |||
1301 | static struct super_block *sel_get_sb(struct file_system_type *fs_type, | ||
1302 | int flags, const char *dev_name, void *data) | ||
1303 | { | ||
1304 | return get_sb_single(fs_type, flags, data, sel_fill_super); | ||
1305 | } | ||
1306 | |||
1307 | static struct file_system_type sel_fs_type = { | ||
1308 | .name = "selinuxfs", | ||
1309 | .get_sb = sel_get_sb, | ||
1310 | .kill_sb = kill_litter_super, | ||
1311 | }; | ||
1312 | |||
1313 | struct vfsmount *selinuxfs_mount; | ||
1314 | |||
1315 | static int __init init_sel_fs(void) | ||
1316 | { | ||
1317 | int err; | ||
1318 | |||
1319 | if (!selinux_enabled) | ||
1320 | return 0; | ||
1321 | err = register_filesystem(&sel_fs_type); | ||
1322 | if (!err) { | ||
1323 | selinuxfs_mount = kern_mount(&sel_fs_type); | ||
1324 | if (IS_ERR(selinuxfs_mount)) { | ||
1325 | printk(KERN_ERR "selinuxfs: could not mount!\n"); | ||
1326 | err = PTR_ERR(selinuxfs_mount); | ||
1327 | selinuxfs_mount = NULL; | ||
1328 | } | ||
1329 | } | ||
1330 | return err; | ||
1331 | } | ||
1332 | |||
1333 | __initcall(init_sel_fs); | ||
1334 | |||
1335 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | ||
1336 | void exit_sel_fs(void) | ||
1337 | { | ||
1338 | unregister_filesystem(&sel_fs_type); | ||
1339 | } | ||
1340 | #endif | ||