diff options
Diffstat (limited to 'security/tomoyo/common.h')
-rw-r--r-- | security/tomoyo/common.h | 121 |
1 files changed, 111 insertions, 10 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 67bd22dd3e68..9f1ae5e3ba51 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
@@ -54,6 +54,7 @@ struct linux_binprm; | |||
54 | #define TOMOYO_KEYWORD_KEEP_DOMAIN "keep_domain " | 54 | #define TOMOYO_KEYWORD_KEEP_DOMAIN "keep_domain " |
55 | #define TOMOYO_KEYWORD_NO_INITIALIZE_DOMAIN "no_initialize_domain " | 55 | #define TOMOYO_KEYWORD_NO_INITIALIZE_DOMAIN "no_initialize_domain " |
56 | #define TOMOYO_KEYWORD_NO_KEEP_DOMAIN "no_keep_domain " | 56 | #define TOMOYO_KEYWORD_NO_KEEP_DOMAIN "no_keep_domain " |
57 | #define TOMOYO_KEYWORD_PATH_GROUP "path_group " | ||
57 | #define TOMOYO_KEYWORD_SELECT "select " | 58 | #define TOMOYO_KEYWORD_SELECT "select " |
58 | #define TOMOYO_KEYWORD_USE_PROFILE "use_profile " | 59 | #define TOMOYO_KEYWORD_USE_PROFILE "use_profile " |
59 | #define TOMOYO_KEYWORD_IGNORE_GLOBAL_ALLOW_READ "ignore_global_allow_read" | 60 | #define TOMOYO_KEYWORD_IGNORE_GLOBAL_ALLOW_READ "ignore_global_allow_read" |
@@ -204,6 +205,27 @@ struct tomoyo_path_info_with_data { | |||
204 | char barrier2[16]; /* Safeguard for overrun. */ | 205 | char barrier2[16]; /* Safeguard for overrun. */ |
205 | }; | 206 | }; |
206 | 207 | ||
208 | struct tomoyo_name_union { | ||
209 | const struct tomoyo_path_info *filename; | ||
210 | struct tomoyo_path_group *group; | ||
211 | u8 is_group; | ||
212 | }; | ||
213 | |||
214 | /* Structure for "path_group" directive. */ | ||
215 | struct tomoyo_path_group { | ||
216 | struct list_head list; | ||
217 | const struct tomoyo_path_info *group_name; | ||
218 | struct list_head member_list; | ||
219 | atomic_t users; | ||
220 | }; | ||
221 | |||
222 | /* Structure for "path_group" directive. */ | ||
223 | struct tomoyo_path_group_member { | ||
224 | struct list_head list; | ||
225 | bool is_deleted; | ||
226 | const struct tomoyo_path_info *member_name; | ||
227 | }; | ||
228 | |||
207 | /* | 229 | /* |
208 | * tomoyo_acl_info is a structure which is used for holding | 230 | * tomoyo_acl_info is a structure which is used for holding |
209 | * | 231 | * |
@@ -274,7 +296,7 @@ struct tomoyo_domain_info { | |||
274 | * | 296 | * |
275 | * (1) "head" which is a "struct tomoyo_acl_info". | 297 | * (1) "head" which is a "struct tomoyo_acl_info". |
276 | * (2) "perm" which is a bitmask of permitted operations. | 298 | * (2) "perm" which is a bitmask of permitted operations. |
277 | * (3) "filename" is the pathname. | 299 | * (3) "name" is the pathname. |
278 | * | 300 | * |
279 | * Directives held by this structure are "allow_read/write", "allow_execute", | 301 | * Directives held by this structure are "allow_read/write", "allow_execute", |
280 | * "allow_read", "allow_write", "allow_create", "allow_unlink", "allow_mkdir", | 302 | * "allow_read", "allow_write", "allow_create", "allow_unlink", "allow_mkdir", |
@@ -287,8 +309,7 @@ struct tomoyo_path_acl { | |||
287 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */ | 309 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */ |
288 | u8 perm_high; | 310 | u8 perm_high; |
289 | u16 perm; | 311 | u16 perm; |
290 | /* Pointer to single pathname. */ | 312 | struct tomoyo_name_union name; |
291 | const struct tomoyo_path_info *filename; | ||
292 | }; | 313 | }; |
293 | 314 | ||
294 | /* | 315 | /* |
@@ -298,8 +319,8 @@ struct tomoyo_path_acl { | |||
298 | * | 319 | * |
299 | * (1) "head" which is a "struct tomoyo_acl_info". | 320 | * (1) "head" which is a "struct tomoyo_acl_info". |
300 | * (2) "perm" which is a bitmask of permitted operations. | 321 | * (2) "perm" which is a bitmask of permitted operations. |
301 | * (3) "filename1" is the source/old pathname. | 322 | * (3) "name1" is the source/old pathname. |
302 | * (4) "filename2" is the destination/new pathname. | 323 | * (4) "name2" is the destination/new pathname. |
303 | * | 324 | * |
304 | * Directives held by this structure are "allow_rename", "allow_link" and | 325 | * Directives held by this structure are "allow_rename", "allow_link" and |
305 | * "allow_pivot_root". | 326 | * "allow_pivot_root". |
@@ -307,10 +328,8 @@ struct tomoyo_path_acl { | |||
307 | struct tomoyo_path2_acl { | 328 | struct tomoyo_path2_acl { |
308 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH2_ACL */ | 329 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH2_ACL */ |
309 | u8 perm; | 330 | u8 perm; |
310 | /* Pointer to single pathname. */ | 331 | struct tomoyo_name_union name1; |
311 | const struct tomoyo_path_info *filename1; | 332 | struct tomoyo_name_union name2; |
312 | /* Pointer to single pathname. */ | ||
313 | const struct tomoyo_path_info *filename2; | ||
314 | }; | 333 | }; |
315 | 334 | ||
316 | /* | 335 | /* |
@@ -514,6 +533,9 @@ struct tomoyo_policy_manager_entry { | |||
514 | 533 | ||
515 | /********** Function prototypes. **********/ | 534 | /********** Function prototypes. **********/ |
516 | 535 | ||
536 | /* Check whether the given name matches the given name_union. */ | ||
537 | bool tomoyo_compare_name_union(const struct tomoyo_path_info *name, | ||
538 | const struct tomoyo_name_union *ptr); | ||
517 | /* Check whether the domain has too many ACL entries to hold. */ | 539 | /* Check whether the domain has too many ACL entries to hold. */ |
518 | bool tomoyo_domain_quota_is_ok(struct tomoyo_domain_info * const domain); | 540 | bool tomoyo_domain_quota_is_ok(struct tomoyo_domain_info * const domain); |
519 | /* Transactional sprintf() for policy dump. */ | 541 | /* Transactional sprintf() for policy dump. */ |
@@ -526,6 +548,12 @@ bool tomoyo_is_correct_path(const char *filename, const s8 start_type, | |||
526 | const s8 pattern_type, const s8 end_type); | 548 | const s8 pattern_type, const s8 end_type); |
527 | /* Check whether the token can be a domainname. */ | 549 | /* Check whether the token can be a domainname. */ |
528 | bool tomoyo_is_domain_def(const unsigned char *buffer); | 550 | bool tomoyo_is_domain_def(const unsigned char *buffer); |
551 | bool tomoyo_parse_name_union(const char *filename, | ||
552 | struct tomoyo_name_union *ptr); | ||
553 | /* Check whether the given filename matches the given path_group. */ | ||
554 | bool tomoyo_path_matches_group(const struct tomoyo_path_info *pathname, | ||
555 | const struct tomoyo_path_group *group, | ||
556 | const bool may_use_pattern); | ||
529 | /* Check whether the given filename matches the given pattern. */ | 557 | /* Check whether the given filename matches the given pattern. */ |
530 | bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename, | 558 | bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename, |
531 | const struct tomoyo_path_info *pattern); | 559 | const struct tomoyo_path_info *pattern); |
@@ -540,10 +568,14 @@ bool tomoyo_read_domain_initializer_policy(struct tomoyo_io_buffer *head); | |||
540 | bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head); | 568 | bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head); |
541 | /* Read "file_pattern" entry in exception policy. */ | 569 | /* Read "file_pattern" entry in exception policy. */ |
542 | bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head); | 570 | bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head); |
571 | /* Read "path_group" entry in exception policy. */ | ||
572 | bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head); | ||
543 | /* Read "allow_read" entry in exception policy. */ | 573 | /* Read "allow_read" entry in exception policy. */ |
544 | bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head); | 574 | bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head); |
545 | /* Read "deny_rewrite" entry in exception policy. */ | 575 | /* Read "deny_rewrite" entry in exception policy. */ |
546 | bool tomoyo_read_no_rewrite_policy(struct tomoyo_io_buffer *head); | 576 | bool tomoyo_read_no_rewrite_policy(struct tomoyo_io_buffer *head); |
577 | /* Tokenize a line. */ | ||
578 | bool tomoyo_tokenize(char *buffer, char *w[], size_t size); | ||
547 | /* Write domain policy violation warning message to console? */ | 579 | /* Write domain policy violation warning message to console? */ |
548 | bool tomoyo_verbose_mode(const struct tomoyo_domain_info *domain); | 580 | bool tomoyo_verbose_mode(const struct tomoyo_domain_info *domain); |
549 | /* Convert double path operation to operation name. */ | 581 | /* Convert double path operation to operation name. */ |
@@ -580,12 +612,18 @@ int tomoyo_write_globally_readable_policy(char *data, const bool is_delete); | |||
580 | int tomoyo_write_no_rewrite_policy(char *data, const bool is_delete); | 612 | int tomoyo_write_no_rewrite_policy(char *data, const bool is_delete); |
581 | /* Create "file_pattern" entry in exception policy. */ | 613 | /* Create "file_pattern" entry in exception policy. */ |
582 | int tomoyo_write_pattern_policy(char *data, const bool is_delete); | 614 | int tomoyo_write_pattern_policy(char *data, const bool is_delete); |
615 | /* Create "path_group" entry in exception policy. */ | ||
616 | int tomoyo_write_path_group_policy(char *data, const bool is_delete); | ||
583 | /* Find a domain by the given name. */ | 617 | /* Find a domain by the given name. */ |
584 | struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname); | 618 | struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname); |
585 | /* Find or create a domain by the given name. */ | 619 | /* Find or create a domain by the given name. */ |
586 | struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | 620 | struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * |
587 | domainname, | 621 | domainname, |
588 | const u8 profile); | 622 | const u8 profile); |
623 | |||
624 | /* Allocate memory for "struct tomoyo_path_group". */ | ||
625 | struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name); | ||
626 | |||
589 | /* Check mode for specified functionality. */ | 627 | /* Check mode for specified functionality. */ |
590 | unsigned int tomoyo_check_flags(const struct tomoyo_domain_info *domain, | 628 | unsigned int tomoyo_check_flags(const struct tomoyo_domain_info *domain, |
591 | const u8 index); | 629 | const u8 index); |
@@ -616,6 +654,7 @@ char *tomoyo_realpath_from_path(struct path *path); | |||
616 | 654 | ||
617 | /* Check memory quota. */ | 655 | /* Check memory quota. */ |
618 | bool tomoyo_memory_ok(void *ptr); | 656 | bool tomoyo_memory_ok(void *ptr); |
657 | void *tomoyo_commit_ok(void *data, const unsigned int size); | ||
619 | 658 | ||
620 | /* | 659 | /* |
621 | * Keep the given name on the RAM. | 660 | * Keep the given name on the RAM. |
@@ -641,6 +680,9 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, | |||
641 | int tomoyo_check_rewrite_permission(struct file *filp); | 680 | int tomoyo_check_rewrite_permission(struct file *filp); |
642 | int tomoyo_find_next_domain(struct linux_binprm *bprm); | 681 | int tomoyo_find_next_domain(struct linux_binprm *bprm); |
643 | 682 | ||
683 | /* Drop refcount on tomoyo_name_union. */ | ||
684 | void tomoyo_put_name_union(struct tomoyo_name_union *ptr); | ||
685 | |||
644 | /* Run garbage collector. */ | 686 | /* Run garbage collector. */ |
645 | void tomoyo_run_gc(void); | 687 | void tomoyo_run_gc(void); |
646 | 688 | ||
@@ -654,6 +696,7 @@ extern struct srcu_struct tomoyo_ss; | |||
654 | /* The list for "struct tomoyo_domain_info". */ | 696 | /* The list for "struct tomoyo_domain_info". */ |
655 | extern struct list_head tomoyo_domain_list; | 697 | extern struct list_head tomoyo_domain_list; |
656 | 698 | ||
699 | extern struct list_head tomoyo_path_group_list; | ||
657 | extern struct list_head tomoyo_domain_initializer_list; | 700 | extern struct list_head tomoyo_domain_initializer_list; |
658 | extern struct list_head tomoyo_domain_keeper_list; | 701 | extern struct list_head tomoyo_domain_keeper_list; |
659 | extern struct list_head tomoyo_alias_list; | 702 | extern struct list_head tomoyo_alias_list; |
@@ -662,7 +705,6 @@ extern struct list_head tomoyo_pattern_list; | |||
662 | extern struct list_head tomoyo_no_rewrite_list; | 705 | extern struct list_head tomoyo_no_rewrite_list; |
663 | extern struct list_head tomoyo_policy_manager_list; | 706 | extern struct list_head tomoyo_policy_manager_list; |
664 | extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; | 707 | extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; |
665 | extern struct mutex tomoyo_name_list_lock; | ||
666 | 708 | ||
667 | /* Lock for protecting policy. */ | 709 | /* Lock for protecting policy. */ |
668 | extern struct mutex tomoyo_policy_lock; | 710 | extern struct mutex tomoyo_policy_lock; |
@@ -725,6 +767,12 @@ static inline void tomoyo_put_name(const struct tomoyo_path_info *name) | |||
725 | } | 767 | } |
726 | } | 768 | } |
727 | 769 | ||
770 | static inline void tomoyo_put_path_group(struct tomoyo_path_group *group) | ||
771 | { | ||
772 | if (group) | ||
773 | atomic_dec(&group->users); | ||
774 | } | ||
775 | |||
728 | static inline struct tomoyo_domain_info *tomoyo_domain(void) | 776 | static inline struct tomoyo_domain_info *tomoyo_domain(void) |
729 | { | 777 | { |
730 | return current_cred()->security; | 778 | return current_cred()->security; |
@@ -736,6 +784,59 @@ static inline struct tomoyo_domain_info *tomoyo_real_domain(struct task_struct | |||
736 | return task_cred_xxx(task, security); | 784 | return task_cred_xxx(task, security); |
737 | } | 785 | } |
738 | 786 | ||
787 | static inline bool tomoyo_is_same_acl_head(const struct tomoyo_acl_info *p1, | ||
788 | const struct tomoyo_acl_info *p2) | ||
789 | { | ||
790 | return p1->type == p2->type; | ||
791 | } | ||
792 | |||
793 | static inline bool tomoyo_is_same_name_union | ||
794 | (const struct tomoyo_name_union *p1, const struct tomoyo_name_union *p2) | ||
795 | { | ||
796 | return p1->filename == p2->filename && p1->group == p2->group && | ||
797 | p1->is_group == p2->is_group; | ||
798 | } | ||
799 | |||
800 | static inline bool tomoyo_is_same_path_acl(const struct tomoyo_path_acl *p1, | ||
801 | const struct tomoyo_path_acl *p2) | ||
802 | { | ||
803 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) && | ||
804 | tomoyo_is_same_name_union(&p1->name, &p2->name); | ||
805 | } | ||
806 | |||
807 | static inline bool tomoyo_is_same_path2_acl(const struct tomoyo_path2_acl *p1, | ||
808 | const struct tomoyo_path2_acl *p2) | ||
809 | { | ||
810 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) && | ||
811 | tomoyo_is_same_name_union(&p1->name1, &p2->name1) && | ||
812 | tomoyo_is_same_name_union(&p1->name2, &p2->name2); | ||
813 | } | ||
814 | |||
815 | static inline bool tomoyo_is_same_domain_initializer_entry | ||
816 | (const struct tomoyo_domain_initializer_entry *p1, | ||
817 | const struct tomoyo_domain_initializer_entry *p2) | ||
818 | { | ||
819 | return p1->is_not == p2->is_not && p1->is_last_name == p2->is_last_name | ||
820 | && p1->domainname == p2->domainname | ||
821 | && p1->program == p2->program; | ||
822 | } | ||
823 | |||
824 | static inline bool tomoyo_is_same_domain_keeper_entry | ||
825 | (const struct tomoyo_domain_keeper_entry *p1, | ||
826 | const struct tomoyo_domain_keeper_entry *p2) | ||
827 | { | ||
828 | return p1->is_not == p2->is_not && p1->is_last_name == p2->is_last_name | ||
829 | && p1->domainname == p2->domainname | ||
830 | && p1->program == p2->program; | ||
831 | } | ||
832 | |||
833 | static inline bool tomoyo_is_same_alias_entry | ||
834 | (const struct tomoyo_alias_entry *p1, const struct tomoyo_alias_entry *p2) | ||
835 | { | ||
836 | return p1->original_name == p2->original_name && | ||
837 | p1->aliased_name == p2->aliased_name; | ||
838 | } | ||
839 | |||
739 | /** | 840 | /** |
740 | * list_for_each_cookie - iterate over a list with cookie. | 841 | * list_for_each_cookie - iterate over a list with cookie. |
741 | * @pos: the &struct list_head to use as a loop cursor. | 842 | * @pos: the &struct list_head to use as a loop cursor. |