18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-only 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * AppArmor security module 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * This file contains AppArmor security identifier (secid) manipulation fns 68c2ecf20Sopenharmony_ci * 78c2ecf20Sopenharmony_ci * Copyright 2009-2017 Canonical Ltd. 88c2ecf20Sopenharmony_ci * 98c2ecf20Sopenharmony_ci * AppArmor allocates a unique secid for every label used. If a label 108c2ecf20Sopenharmony_ci * is replaced it receives the secid of the label it is replacing. 118c2ecf20Sopenharmony_ci */ 128c2ecf20Sopenharmony_ci 138c2ecf20Sopenharmony_ci#include <linux/errno.h> 148c2ecf20Sopenharmony_ci#include <linux/err.h> 158c2ecf20Sopenharmony_ci#include <linux/gfp.h> 168c2ecf20Sopenharmony_ci#include <linux/idr.h> 178c2ecf20Sopenharmony_ci#include <linux/slab.h> 188c2ecf20Sopenharmony_ci#include <linux/spinlock.h> 198c2ecf20Sopenharmony_ci 208c2ecf20Sopenharmony_ci#include "include/cred.h" 218c2ecf20Sopenharmony_ci#include "include/lib.h" 228c2ecf20Sopenharmony_ci#include "include/secid.h" 238c2ecf20Sopenharmony_ci#include "include/label.h" 248c2ecf20Sopenharmony_ci#include "include/policy_ns.h" 258c2ecf20Sopenharmony_ci 268c2ecf20Sopenharmony_ci/* 278c2ecf20Sopenharmony_ci * secids - do not pin labels with a refcount. They rely on the label 288c2ecf20Sopenharmony_ci * properly updating/freeing them 298c2ecf20Sopenharmony_ci */ 308c2ecf20Sopenharmony_ci#define AA_FIRST_SECID 2 318c2ecf20Sopenharmony_ci 328c2ecf20Sopenharmony_cistatic DEFINE_IDR(aa_secids); 338c2ecf20Sopenharmony_cistatic DEFINE_SPINLOCK(secid_lock); 348c2ecf20Sopenharmony_ci 358c2ecf20Sopenharmony_ci/* 368c2ecf20Sopenharmony_ci * TODO: allow policy to reserve a secid range? 378c2ecf20Sopenharmony_ci * TODO: add secid pinning 388c2ecf20Sopenharmony_ci * TODO: use secid_update in label replace 398c2ecf20Sopenharmony_ci */ 408c2ecf20Sopenharmony_ci 418c2ecf20Sopenharmony_ci/** 428c2ecf20Sopenharmony_ci * aa_secid_update - update a secid mapping to a new label 438c2ecf20Sopenharmony_ci * @secid: secid to update 448c2ecf20Sopenharmony_ci * @label: label the secid will now map to 458c2ecf20Sopenharmony_ci */ 468c2ecf20Sopenharmony_civoid aa_secid_update(u32 secid, struct aa_label *label) 478c2ecf20Sopenharmony_ci{ 488c2ecf20Sopenharmony_ci unsigned long flags; 498c2ecf20Sopenharmony_ci 508c2ecf20Sopenharmony_ci spin_lock_irqsave(&secid_lock, flags); 518c2ecf20Sopenharmony_ci idr_replace(&aa_secids, label, secid); 528c2ecf20Sopenharmony_ci spin_unlock_irqrestore(&secid_lock, flags); 538c2ecf20Sopenharmony_ci} 548c2ecf20Sopenharmony_ci 558c2ecf20Sopenharmony_ci/** 568c2ecf20Sopenharmony_ci * 578c2ecf20Sopenharmony_ci * see label for inverse aa_label_to_secid 588c2ecf20Sopenharmony_ci */ 598c2ecf20Sopenharmony_cistruct aa_label *aa_secid_to_label(u32 secid) 608c2ecf20Sopenharmony_ci{ 618c2ecf20Sopenharmony_ci struct aa_label *label; 628c2ecf20Sopenharmony_ci 638c2ecf20Sopenharmony_ci rcu_read_lock(); 648c2ecf20Sopenharmony_ci label = idr_find(&aa_secids, secid); 658c2ecf20Sopenharmony_ci rcu_read_unlock(); 668c2ecf20Sopenharmony_ci 678c2ecf20Sopenharmony_ci return label; 688c2ecf20Sopenharmony_ci} 698c2ecf20Sopenharmony_ci 708c2ecf20Sopenharmony_ciint apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) 718c2ecf20Sopenharmony_ci{ 728c2ecf20Sopenharmony_ci /* TODO: cache secctx and ref count so we don't have to recreate */ 738c2ecf20Sopenharmony_ci struct aa_label *label = aa_secid_to_label(secid); 748c2ecf20Sopenharmony_ci int len; 758c2ecf20Sopenharmony_ci 768c2ecf20Sopenharmony_ci AA_BUG(!seclen); 778c2ecf20Sopenharmony_ci 788c2ecf20Sopenharmony_ci if (!label) 798c2ecf20Sopenharmony_ci return -EINVAL; 808c2ecf20Sopenharmony_ci 818c2ecf20Sopenharmony_ci if (secdata) 828c2ecf20Sopenharmony_ci len = aa_label_asxprint(secdata, root_ns, label, 838c2ecf20Sopenharmony_ci FLAG_SHOW_MODE | FLAG_VIEW_SUBNS | 848c2ecf20Sopenharmony_ci FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT, 858c2ecf20Sopenharmony_ci GFP_ATOMIC); 868c2ecf20Sopenharmony_ci else 878c2ecf20Sopenharmony_ci len = aa_label_snxprint(NULL, 0, root_ns, label, 888c2ecf20Sopenharmony_ci FLAG_SHOW_MODE | FLAG_VIEW_SUBNS | 898c2ecf20Sopenharmony_ci FLAG_HIDDEN_UNCONFINED | FLAG_ABS_ROOT); 908c2ecf20Sopenharmony_ci if (len < 0) 918c2ecf20Sopenharmony_ci return -ENOMEM; 928c2ecf20Sopenharmony_ci 938c2ecf20Sopenharmony_ci *seclen = len; 948c2ecf20Sopenharmony_ci 958c2ecf20Sopenharmony_ci return 0; 968c2ecf20Sopenharmony_ci} 978c2ecf20Sopenharmony_ci 988c2ecf20Sopenharmony_ciint apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) 998c2ecf20Sopenharmony_ci{ 1008c2ecf20Sopenharmony_ci struct aa_label *label; 1018c2ecf20Sopenharmony_ci 1028c2ecf20Sopenharmony_ci label = aa_label_strn_parse(&root_ns->unconfined->label, secdata, 1038c2ecf20Sopenharmony_ci seclen, GFP_KERNEL, false, false); 1048c2ecf20Sopenharmony_ci if (IS_ERR(label)) 1058c2ecf20Sopenharmony_ci return PTR_ERR(label); 1068c2ecf20Sopenharmony_ci *secid = label->secid; 1078c2ecf20Sopenharmony_ci 1088c2ecf20Sopenharmony_ci return 0; 1098c2ecf20Sopenharmony_ci} 1108c2ecf20Sopenharmony_ci 1118c2ecf20Sopenharmony_civoid apparmor_release_secctx(char *secdata, u32 seclen) 1128c2ecf20Sopenharmony_ci{ 1138c2ecf20Sopenharmony_ci kfree(secdata); 1148c2ecf20Sopenharmony_ci} 1158c2ecf20Sopenharmony_ci 1168c2ecf20Sopenharmony_ci/** 1178c2ecf20Sopenharmony_ci * aa_alloc_secid - allocate a new secid for a profile 1188c2ecf20Sopenharmony_ci * @label: the label to allocate a secid for 1198c2ecf20Sopenharmony_ci * @gfp: memory allocation flags 1208c2ecf20Sopenharmony_ci * 1218c2ecf20Sopenharmony_ci * Returns: 0 with @label->secid initialized 1228c2ecf20Sopenharmony_ci * <0 returns error with @label->secid set to AA_SECID_INVALID 1238c2ecf20Sopenharmony_ci */ 1248c2ecf20Sopenharmony_ciint aa_alloc_secid(struct aa_label *label, gfp_t gfp) 1258c2ecf20Sopenharmony_ci{ 1268c2ecf20Sopenharmony_ci unsigned long flags; 1278c2ecf20Sopenharmony_ci int ret; 1288c2ecf20Sopenharmony_ci 1298c2ecf20Sopenharmony_ci idr_preload(gfp); 1308c2ecf20Sopenharmony_ci spin_lock_irqsave(&secid_lock, flags); 1318c2ecf20Sopenharmony_ci ret = idr_alloc(&aa_secids, label, AA_FIRST_SECID, 0, GFP_ATOMIC); 1328c2ecf20Sopenharmony_ci spin_unlock_irqrestore(&secid_lock, flags); 1338c2ecf20Sopenharmony_ci idr_preload_end(); 1348c2ecf20Sopenharmony_ci 1358c2ecf20Sopenharmony_ci if (ret < 0) { 1368c2ecf20Sopenharmony_ci label->secid = AA_SECID_INVALID; 1378c2ecf20Sopenharmony_ci return ret; 1388c2ecf20Sopenharmony_ci } 1398c2ecf20Sopenharmony_ci 1408c2ecf20Sopenharmony_ci AA_BUG(ret == AA_SECID_INVALID); 1418c2ecf20Sopenharmony_ci label->secid = ret; 1428c2ecf20Sopenharmony_ci return 0; 1438c2ecf20Sopenharmony_ci} 1448c2ecf20Sopenharmony_ci 1458c2ecf20Sopenharmony_ci/** 1468c2ecf20Sopenharmony_ci * aa_free_secid - free a secid 1478c2ecf20Sopenharmony_ci * @secid: secid to free 1488c2ecf20Sopenharmony_ci */ 1498c2ecf20Sopenharmony_civoid aa_free_secid(u32 secid) 1508c2ecf20Sopenharmony_ci{ 1518c2ecf20Sopenharmony_ci unsigned long flags; 1528c2ecf20Sopenharmony_ci 1538c2ecf20Sopenharmony_ci spin_lock_irqsave(&secid_lock, flags); 1548c2ecf20Sopenharmony_ci idr_remove(&aa_secids, secid); 1558c2ecf20Sopenharmony_ci spin_unlock_irqrestore(&secid_lock, flags); 1568c2ecf20Sopenharmony_ci} 1578c2ecf20Sopenharmony_ci 1588c2ecf20Sopenharmony_civoid aa_secids_init(void) 1598c2ecf20Sopenharmony_ci{ 1608c2ecf20Sopenharmony_ci idr_init_base(&aa_secids, AA_FIRST_SECID); 1618c2ecf20Sopenharmony_ci} 162