2 * security/tomoyo/realpath.c
4 * Copyright (C) 2005-2011 NTT DATA CORPORATION
7 #include <linux/types.h>
8 #include <linux/mount.h>
9 #include <linux/mnt_namespace.h>
10 #include <linux/fs_struct.h>
11 #include <linux/magic.h>
12 #include <linux/slab.h>
15 #include "../../fs/internal.h"
18 * tomoyo_encode: Convert binary string to ascii string.
20 * @str: String in binary format.
22 * Returns pointer to @str in ascii format on success, NULL otherwise.
24 * This function uses kzalloc(), so caller must kfree() if this function
27 char *tomoyo_encode(const char *str
)
37 const unsigned char c
= *p
++;
40 else if (c
> ' ' && c
< 127)
46 /* Reserve space for appending "/". */
47 cp
= kzalloc(len
+ 10, GFP_NOFS
);
53 const unsigned char c
= *p
++;
58 } else if (c
> ' ' && c
< 127) {
62 *cp
++ = (c
>> 6) + '0';
63 *cp
++ = ((c
>> 3) & 7) + '0';
64 *cp
++ = (c
& 7) + '0';
71 * tomoyo_get_absolute_path - Get the path of a dentry but ignores chroot'ed root.
73 * @path: Pointer to "struct path".
74 * @buffer: Pointer to buffer to return value in.
75 * @buflen: Sizeof @buffer.
77 * Returns the buffer on success, an error code otherwise.
79 * If dentry is a directory, trailing '/' is appended.
81 static char *tomoyo_get_absolute_path(struct path
*path
, char * const buffer
,
84 char *pos
= ERR_PTR(-ENOMEM
);
86 /* go to whatever namespace root we are under */
87 pos
= d_absolute_path(path
, buffer
, buflen
- 1);
88 if (!IS_ERR(pos
) && *pos
== '/' && pos
[1]) {
89 struct inode
*inode
= path
->dentry
->d_inode
;
90 if (inode
&& S_ISDIR(inode
->i_mode
)) {
91 buffer
[buflen
- 2] = '/';
92 buffer
[buflen
- 1] = '\0';
100 * tomoyo_get_dentry_path - Get the path of a dentry.
102 * @dentry: Pointer to "struct dentry".
103 * @buffer: Pointer to buffer to return value in.
104 * @buflen: Sizeof @buffer.
106 * Returns the buffer on success, an error code otherwise.
108 * If dentry is a directory, trailing '/' is appended.
110 static char *tomoyo_get_dentry_path(struct dentry
*dentry
, char * const buffer
,
113 char *pos
= ERR_PTR(-ENOMEM
);
115 pos
= dentry_path_raw(dentry
, buffer
, buflen
- 1);
116 if (!IS_ERR(pos
) && *pos
== '/' && pos
[1]) {
117 struct inode
*inode
= dentry
->d_inode
;
118 if (inode
&& S_ISDIR(inode
->i_mode
)) {
119 buffer
[buflen
- 2] = '/';
120 buffer
[buflen
- 1] = '\0';
128 * tomoyo_get_local_path - Get the path of a dentry.
130 * @dentry: Pointer to "struct dentry".
131 * @buffer: Pointer to buffer to return value in.
132 * @buflen: Sizeof @buffer.
134 * Returns the buffer on success, an error code otherwise.
136 static char *tomoyo_get_local_path(struct dentry
*dentry
, char * const buffer
,
139 struct super_block
*sb
= dentry
->d_sb
;
140 char *pos
= tomoyo_get_dentry_path(dentry
, buffer
, buflen
);
143 /* Convert from $PID to self if $PID is current thread. */
144 if (sb
->s_magic
== PROC_SUPER_MAGIC
&& *pos
== '/') {
146 const pid_t pid
= (pid_t
) simple_strtoul(pos
+ 1, &ep
, 10);
147 if (*ep
== '/' && pid
&& pid
==
148 task_tgid_nr_ns(current
, sb
->s_fs_info
)) {
152 memmove(pos
, "/self", 5);
154 goto prepend_filesystem_name
;
156 /* Use filesystem name for unnamed devices. */
157 if (!MAJOR(sb
->s_dev
))
158 goto prepend_filesystem_name
;
160 struct inode
*inode
= sb
->s_root
->d_inode
;
162 * Use filesystem name if filesystem does not support rename()
165 if (inode
->i_op
&& !inode
->i_op
->rename
)
166 goto prepend_filesystem_name
;
168 /* Prepend device name. */
172 const dev_t dev
= sb
->s_dev
;
173 name
[sizeof(name
) - 1] = '\0';
174 snprintf(name
, sizeof(name
) - 1, "dev(%u,%u):", MAJOR(dev
),
176 name_len
= strlen(name
);
180 memmove(pos
, name
, name_len
);
183 /* Prepend filesystem name. */
184 prepend_filesystem_name
:
186 const char *name
= sb
->s_type
->name
;
187 const int name_len
= strlen(name
);
191 memmove(pos
, name
, name_len
);
196 return ERR_PTR(-ENOMEM
);
200 * tomoyo_get_socket_name - Get the name of a socket.
202 * @path: Pointer to "struct path".
203 * @buffer: Pointer to buffer to return value in.
204 * @buflen: Sizeof @buffer.
206 * Returns the buffer.
208 static char *tomoyo_get_socket_name(struct path
*path
, char * const buffer
,
211 struct inode
*inode
= path
->dentry
->d_inode
;
212 struct socket
*sock
= inode
? SOCKET_I(inode
) : NULL
;
213 struct sock
*sk
= sock
? sock
->sk
: NULL
;
215 snprintf(buffer
, buflen
, "socket:[family=%u:type=%u:"
216 "protocol=%u]", sk
->sk_family
, sk
->sk_type
,
219 snprintf(buffer
, buflen
, "socket:[unknown]");
225 * tomoyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root.
227 * @path: Pointer to "struct path".
229 * Returns the realpath of the given @path on success, NULL otherwise.
231 * If dentry is a directory, trailing '/' is appended.
232 * Characters out of 0x20 < c < 0x7F range are converted to
233 * \ooo style octal string.
234 * Character \ is converted to \\ string.
236 * These functions use kzalloc(), so the caller must call kfree()
237 * if these functions didn't return NULL.
239 char *tomoyo_realpath_from_path(struct path
*path
)
243 unsigned int buf_len
= PAGE_SIZE
/ 2;
244 struct dentry
*dentry
= path
->dentry
;
245 struct super_block
*sb
;
254 buf
= kmalloc(buf_len
, GFP_NOFS
);
257 /* To make sure that pos is '\0' terminated. */
258 buf
[buf_len
- 1] = '\0';
259 /* Get better name for socket. */
260 if (sb
->s_magic
== SOCKFS_MAGIC
) {
261 pos
= tomoyo_get_socket_name(path
, buf
, buf_len
- 1);
264 /* For "pipe:[\$]". */
265 if (dentry
->d_op
&& dentry
->d_op
->d_dname
) {
266 pos
= dentry
->d_op
->d_dname(dentry
, buf
, buf_len
- 1);
269 inode
= sb
->s_root
->d_inode
;
271 * Get local name for filesystems without rename() operation
272 * or dentry without vfsmount.
274 if (!path
->mnt
|| (inode
->i_op
&& !inode
->i_op
->rename
))
275 pos
= tomoyo_get_local_path(path
->dentry
, buf
,
277 /* Get absolute name for the rest. */
279 pos
= tomoyo_get_absolute_path(path
, buf
, buf_len
- 1);
281 * Fall back to local name if absolute name is not
284 if (pos
== ERR_PTR(-EINVAL
))
285 pos
= tomoyo_get_local_path(path
->dentry
, buf
,
291 name
= tomoyo_encode(pos
);
296 tomoyo_warn_oom(__func__
);
301 * tomoyo_realpath_nofollow - Get realpath of a pathname.
303 * @pathname: The pathname to solve.
305 * Returns the realpath of @pathname on success, NULL otherwise.
307 char *tomoyo_realpath_nofollow(const char *pathname
)
311 if (pathname
&& kern_path(pathname
, 0, &path
) == 0) {
312 char *buf
= tomoyo_realpath_from_path(&path
);