security/tomoyo/securityfs_if.c

   1 /*
   2  * security/tomoyo/securityfs_if.c
   3  *
   4  * Copyright (C) 2005-2011  NTT DATA CORPORATION
   5  */
   6
   7 #include <linux/security.h>
   8 #include "common.h"
   9
  10 /**
  11  * tomoyo_check_task_acl - Check permission for task operation.
  12  *
  13  * @r:   Pointer to "struct tomoyo_request_info".
  14  * @ptr: Pointer to "struct tomoyo_acl_info".
  15  *
  16  * Returns true if granted, false otherwise.
  17  */
  18 static bool tomoyo_check_task_acl(struct tomoyo_request_info *r,
  19                                   const struct tomoyo_acl_info *ptr)
  20 {
  21         const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
  22                                                          head);
  23         return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
  24 }
  25
  26 /**
  27  * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface.
  28  *
  29  * @file:  Pointer to "struct file".
  30  * @buf:   Domainname to transit to.
  31  * @count: Size of @buf.
  32  * @ppos:  Unused.
  33  *
  34  * Returns @count on success, negative value otherwise.
  35  *
  36  * If domain transition was permitted but the domain transition failed, this
  37  * function returns error rather than terminating current thread with SIGKILL.
  38  */
  39 static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
  40                               size_t count, loff_t *ppos)
  41 {
  42         char *data;
  43         int error;
  44         if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
  45                 return -ENOMEM;
  46         data = kzalloc(count + 1, GFP_NOFS);
  47         if (!data)
  48                 return -ENOMEM;
  49         if (copy_from_user(data, buf, count)) {
  50                 error = -EFAULT;
  51                 goto out;
  52         }
  53         tomoyo_normalize_line(data);
  54         if (tomoyo_correct_domain(data)) {
  55                 const int idx = tomoyo_read_lock();
  56                 struct tomoyo_path_info name;
  57                 struct tomoyo_request_info r;
  58                 name.name = data;
  59                 tomoyo_fill_path_info(&name);
  60                 /* Check "task manual_domain_transition" permission. */
  61                 tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
  62                 r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL;
  63                 r.param.task.domainname = &name;
  64                 tomoyo_check_acl(&r, tomoyo_check_task_acl);
  65                 if (!r.granted)
  66                         error = -EPERM;
  67                 else {
  68                         struct tomoyo_domain_info *new_domain =
  69                                 tomoyo_assign_domain(data, true);
  70                         if (!new_domain) {
  71                                 error = -ENOENT;
  72                         } else {
  73                                 struct cred *cred = prepare_creds();
  74                                 if (!cred) {
  75                                         error = -ENOMEM;
  76                                 } else {
  77                                         struct tomoyo_domain_info *old_domain =
  78                                                 cred->security;
  79                                         cred->security = new_domain;
  80                                         atomic_inc(&new_domain->users);
  81                                         atomic_dec(&old_domain->users);
  82                                         commit_creds(cred);
  83                                         error = 0;
  84                                 }
  85                         }
  86                 }
  87                 tomoyo_read_unlock(idx);
  88         } else
  89                 error = -EINVAL;
  90 out:
  91         kfree(data);
  92         return error ? error : count;
  93 }
  94
  95 /**
  96  * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface.
  97  *
  98  * @file:  Pointer to "struct file".
  99  * @buf:   Domainname which current thread belongs to.
 100  * @count: Size of @buf.
 101  * @ppos:  Bytes read by now.
 102  *
 103  * Returns read size on success, negative value otherwise.
 104  */
 105 static ssize_t tomoyo_read_self(struct file *file, char __user *buf,
 106                                 size_t count, loff_t *ppos)
 107 {
 108         const char *domain = tomoyo_domain()->domainname->name;
 109         loff_t len = strlen(domain);
 110         loff_t pos = *ppos;
 111         if (pos >= len || !count)
 112                 return 0;
 113         len -= pos;
 114         if (count < len)
 115                 len = count;
 116         if (copy_to_user(buf, domain + pos, len))
 117                 return -EFAULT;
 118         *ppos += len;
 119         return len;
 120 }
 121
 122 /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */
 123 static const struct file_operations tomoyo_self_operations = {
 124         .write = tomoyo_write_self,
 125         .read  = tomoyo_read_self,
 126 };
 127
 128 /**
 129  * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
 130  *
 131  * @inode: Pointer to "struct inode".
 132  * @file:  Pointer to "struct file".
 133  *
 134  * Returns 0 on success, negative value otherwise.
 135  */
 136 static int tomoyo_open(struct inode *inode, struct file *file)
 137 {
 138         const int key = ((u8 *) file->f_path.dentry->d_inode->i_private)
 139                 - ((u8 *) NULL);
 140         return tomoyo_open_control(key, file);
 141 }
 142
 143 /**
 144  * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
 145  *
 146  * @inode: Pointer to "struct inode".
 147  * @file:  Pointer to "struct file".
 148  *
 149  * Returns 0 on success, negative value otherwise.
 150  */
 151 static int tomoyo_release(struct inode *inode, struct file *file)
 152 {
 153         return tomoyo_close_control(file->private_data);
 154 }
 155
 156 /**
 157  * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface.
 158  *
 159  * @file: Pointer to "struct file".
 160  * @wait: Pointer to "poll_table". Maybe NULL.
 161  *
 162  * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write,
 163  * POLLOUT | POLLWRNORM otherwise.
 164  */
 165 static unsigned int tomoyo_poll(struct file *file, poll_table *wait)
 166 {
 167         return tomoyo_poll_control(file, wait);
 168 }
 169
 170 /**
 171  * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface.
 172  *
 173  * @file:  Pointer to "struct file".
 174  * @buf:   Pointer to buffer.
 175  * @count: Size of @buf.
 176  * @ppos:  Unused.
 177  *
 178  * Returns bytes read on success, negative value otherwise.
 179  */
 180 static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count,
 181                            loff_t *ppos)
 182 {
 183         return tomoyo_read_control(file->private_data, buf, count);
 184 }
 185
 186 /**
 187  * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface.
 188  *
 189  * @file:  Pointer to "struct file".
 190  * @buf:   Pointer to buffer.
 191  * @count: Size of @buf.
 192  * @ppos:  Unused.
 193  *
 194  * Returns @count on success, negative value otherwise.
 195  */
 196 static ssize_t tomoyo_write(struct file *file, const char __user *buf,
 197                             size_t count, loff_t *ppos)
 198 {
 199         return tomoyo_write_control(file->private_data, buf, count);
 200 }
 201
 202 /*
 203  * tomoyo_operations is a "struct file_operations" which is used for handling
 204  * /sys/kernel/security/tomoyo/ interface.
 205  *
 206  * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR).
 207  * See tomoyo_io_buffer for internals.
 208  */
 209 static const struct file_operations tomoyo_operations = {
 210         .open    = tomoyo_open,
 211         .release = tomoyo_release,
 212         .poll    = tomoyo_poll,
 213         .read    = tomoyo_read,
 214         .write   = tomoyo_write,
 215         .llseek  = noop_llseek,
 216 };
 217
 218 /**
 219  * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory.
 220  *
 221  * @name:   The name of the interface file.
 222  * @mode:   The permission of the interface file.
 223  * @parent: The parent directory.
 224  * @key:    Type of interface.
 225  *
 226  * Returns nothing.
 227  */
 228 static void __init tomoyo_create_entry(const char *name, const umode_t mode,
 229                                        struct dentry *parent, const u8 key)
 230 {
 231         securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key,
 232                                &tomoyo_operations);
 233 }
 234
 235 /**
 236  * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface.
 237  *
 238  * Returns 0.
 239  */
 240 static int __init tomoyo_initerface_init(void)
 241 {
 242         struct dentry *tomoyo_dir;
 243
 244         /* Don't create securityfs entries unless registered. */
 245         if (current_cred()->security != &tomoyo_kernel_domain)
 246                 return 0;
 247
 248         tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
 249         tomoyo_create_entry("query",            0600, tomoyo_dir,
 250                             TOMOYO_QUERY);
 251         tomoyo_create_entry("domain_policy",    0600, tomoyo_dir,
 252                             TOMOYO_DOMAINPOLICY);
 253         tomoyo_create_entry("exception_policy", 0600, tomoyo_dir,
 254                             TOMOYO_EXCEPTIONPOLICY);
 255         tomoyo_create_entry("audit",            0400, tomoyo_dir,
 256                             TOMOYO_AUDIT);
 257         tomoyo_create_entry(".process_status",  0600, tomoyo_dir,
 258                             TOMOYO_PROCESS_STATUS);
 259         tomoyo_create_entry("stat",             0644, tomoyo_dir,
 260                             TOMOYO_STAT);
 261         tomoyo_create_entry("profile",          0600, tomoyo_dir,
 262                             TOMOYO_PROFILE);
 263         tomoyo_create_entry("manager",          0600, tomoyo_dir,
 264                             TOMOYO_MANAGER);
 265         tomoyo_create_entry("version",          0400, tomoyo_dir,
 266                             TOMOYO_VERSION);
 267         securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL,
 268                                &tomoyo_self_operations);
 269         tomoyo_load_builtin_policy();
 270         return 0;
 271 }
 272
 273 fs_initcall(tomoyo_initerface_init);