162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-only 262306a36Sopenharmony_ci/* Updated: Karl MacMillan <kmacmillan@tresys.com> 362306a36Sopenharmony_ci * 462306a36Sopenharmony_ci * Added conditional policy language extensions 562306a36Sopenharmony_ci * 662306a36Sopenharmony_ci * Updated: Hewlett-Packard <paul@paul-moore.com> 762306a36Sopenharmony_ci * 862306a36Sopenharmony_ci * Added support for the policy capability bitmap 962306a36Sopenharmony_ci * 1062306a36Sopenharmony_ci * Copyright (C) 2007 Hewlett-Packard Development Company, L.P. 1162306a36Sopenharmony_ci * Copyright (C) 2003 - 2004 Tresys Technology, LLC 1262306a36Sopenharmony_ci * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> 1362306a36Sopenharmony_ci */ 1462306a36Sopenharmony_ci 1562306a36Sopenharmony_ci#include <linux/kernel.h> 1662306a36Sopenharmony_ci#include <linux/pagemap.h> 1762306a36Sopenharmony_ci#include <linux/slab.h> 1862306a36Sopenharmony_ci#include <linux/vmalloc.h> 1962306a36Sopenharmony_ci#include <linux/fs.h> 2062306a36Sopenharmony_ci#include <linux/fs_context.h> 2162306a36Sopenharmony_ci#include <linux/mount.h> 2262306a36Sopenharmony_ci#include <linux/mutex.h> 2362306a36Sopenharmony_ci#include <linux/namei.h> 2462306a36Sopenharmony_ci#include <linux/init.h> 2562306a36Sopenharmony_ci#include <linux/string.h> 2662306a36Sopenharmony_ci#include <linux/security.h> 2762306a36Sopenharmony_ci#include <linux/major.h> 2862306a36Sopenharmony_ci#include <linux/seq_file.h> 2962306a36Sopenharmony_ci#include <linux/percpu.h> 3062306a36Sopenharmony_ci#include <linux/audit.h> 3162306a36Sopenharmony_ci#include <linux/uaccess.h> 3262306a36Sopenharmony_ci#include <linux/kobject.h> 3362306a36Sopenharmony_ci#include <linux/ctype.h> 3462306a36Sopenharmony_ci 3562306a36Sopenharmony_ci/* selinuxfs pseudo filesystem for exporting the security policy API. 3662306a36Sopenharmony_ci Based on the proc code and the fs/nfsd/nfsctl.c code. */ 3762306a36Sopenharmony_ci 3862306a36Sopenharmony_ci#include "flask.h" 3962306a36Sopenharmony_ci#include "avc.h" 4062306a36Sopenharmony_ci#include "avc_ss.h" 4162306a36Sopenharmony_ci#include "security.h" 4262306a36Sopenharmony_ci#include "objsec.h" 4362306a36Sopenharmony_ci#include "conditional.h" 4462306a36Sopenharmony_ci#include "ima.h" 4562306a36Sopenharmony_ci 4662306a36Sopenharmony_cienum sel_inos { 4762306a36Sopenharmony_ci SEL_ROOT_INO = 2, 4862306a36Sopenharmony_ci SEL_LOAD, /* load policy */ 4962306a36Sopenharmony_ci SEL_ENFORCE, /* get or set enforcing status */ 5062306a36Sopenharmony_ci SEL_CONTEXT, /* validate context */ 5162306a36Sopenharmony_ci SEL_ACCESS, /* compute access decision */ 5262306a36Sopenharmony_ci SEL_CREATE, /* compute create labeling decision */ 5362306a36Sopenharmony_ci SEL_RELABEL, /* compute relabeling decision */ 5462306a36Sopenharmony_ci SEL_USER, /* compute reachable user contexts */ 5562306a36Sopenharmony_ci SEL_POLICYVERS, /* return policy version for this kernel */ 5662306a36Sopenharmony_ci SEL_COMMIT_BOOLS, /* commit new boolean values */ 5762306a36Sopenharmony_ci SEL_MLS, /* return if MLS policy is enabled */ 5862306a36Sopenharmony_ci SEL_DISABLE, /* disable SELinux until next reboot */ 5962306a36Sopenharmony_ci SEL_MEMBER, /* compute polyinstantiation membership decision */ 6062306a36Sopenharmony_ci SEL_CHECKREQPROT, /* check requested protection, not kernel-applied one */ 6162306a36Sopenharmony_ci SEL_COMPAT_NET, /* whether to use old compat network packet controls */ 6262306a36Sopenharmony_ci SEL_REJECT_UNKNOWN, /* export unknown reject handling to userspace */ 6362306a36Sopenharmony_ci SEL_DENY_UNKNOWN, /* export unknown deny handling to userspace */ 6462306a36Sopenharmony_ci SEL_STATUS, /* export current status using mmap() */ 6562306a36Sopenharmony_ci SEL_POLICY, /* allow userspace to read the in kernel policy */ 6662306a36Sopenharmony_ci SEL_VALIDATE_TRANS, /* compute validatetrans decision */ 6762306a36Sopenharmony_ci SEL_INO_NEXT, /* The next inode number to use */ 6862306a36Sopenharmony_ci}; 6962306a36Sopenharmony_ci 7062306a36Sopenharmony_cistruct selinux_fs_info { 7162306a36Sopenharmony_ci struct dentry *bool_dir; 7262306a36Sopenharmony_ci unsigned int bool_num; 7362306a36Sopenharmony_ci char **bool_pending_names; 7462306a36Sopenharmony_ci int *bool_pending_values; 7562306a36Sopenharmony_ci struct dentry *class_dir; 7662306a36Sopenharmony_ci unsigned long last_class_ino; 7762306a36Sopenharmony_ci bool policy_opened; 7862306a36Sopenharmony_ci struct dentry *policycap_dir; 7962306a36Sopenharmony_ci unsigned long last_ino; 8062306a36Sopenharmony_ci struct super_block *sb; 8162306a36Sopenharmony_ci}; 8262306a36Sopenharmony_ci 8362306a36Sopenharmony_cistatic int selinux_fs_info_create(struct super_block *sb) 8462306a36Sopenharmony_ci{ 8562306a36Sopenharmony_ci struct selinux_fs_info *fsi; 8662306a36Sopenharmony_ci 8762306a36Sopenharmony_ci fsi = kzalloc(sizeof(*fsi), GFP_KERNEL); 8862306a36Sopenharmony_ci if (!fsi) 8962306a36Sopenharmony_ci return -ENOMEM; 9062306a36Sopenharmony_ci 9162306a36Sopenharmony_ci fsi->last_ino = SEL_INO_NEXT - 1; 9262306a36Sopenharmony_ci fsi->sb = sb; 9362306a36Sopenharmony_ci sb->s_fs_info = fsi; 9462306a36Sopenharmony_ci return 0; 9562306a36Sopenharmony_ci} 9662306a36Sopenharmony_ci 9762306a36Sopenharmony_cistatic void selinux_fs_info_free(struct super_block *sb) 9862306a36Sopenharmony_ci{ 9962306a36Sopenharmony_ci struct selinux_fs_info *fsi = sb->s_fs_info; 10062306a36Sopenharmony_ci unsigned int i; 10162306a36Sopenharmony_ci 10262306a36Sopenharmony_ci if (fsi) { 10362306a36Sopenharmony_ci for (i = 0; i < fsi->bool_num; i++) 10462306a36Sopenharmony_ci kfree(fsi->bool_pending_names[i]); 10562306a36Sopenharmony_ci kfree(fsi->bool_pending_names); 10662306a36Sopenharmony_ci kfree(fsi->bool_pending_values); 10762306a36Sopenharmony_ci } 10862306a36Sopenharmony_ci kfree(sb->s_fs_info); 10962306a36Sopenharmony_ci sb->s_fs_info = NULL; 11062306a36Sopenharmony_ci} 11162306a36Sopenharmony_ci 11262306a36Sopenharmony_ci#define SEL_INITCON_INO_OFFSET 0x01000000 11362306a36Sopenharmony_ci#define SEL_BOOL_INO_OFFSET 0x02000000 11462306a36Sopenharmony_ci#define SEL_CLASS_INO_OFFSET 0x04000000 11562306a36Sopenharmony_ci#define SEL_POLICYCAP_INO_OFFSET 0x08000000 11662306a36Sopenharmony_ci#define SEL_INO_MASK 0x00ffffff 11762306a36Sopenharmony_ci 11862306a36Sopenharmony_ci#define BOOL_DIR_NAME "booleans" 11962306a36Sopenharmony_ci#define CLASS_DIR_NAME "class" 12062306a36Sopenharmony_ci#define POLICYCAP_DIR_NAME "policy_capabilities" 12162306a36Sopenharmony_ci 12262306a36Sopenharmony_ci#define TMPBUFLEN 12 12362306a36Sopenharmony_cistatic ssize_t sel_read_enforce(struct file *filp, char __user *buf, 12462306a36Sopenharmony_ci size_t count, loff_t *ppos) 12562306a36Sopenharmony_ci{ 12662306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 12762306a36Sopenharmony_ci ssize_t length; 12862306a36Sopenharmony_ci 12962306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%d", 13062306a36Sopenharmony_ci enforcing_enabled()); 13162306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 13262306a36Sopenharmony_ci} 13362306a36Sopenharmony_ci 13462306a36Sopenharmony_ci#ifdef CONFIG_SECURITY_SELINUX_DEVELOP 13562306a36Sopenharmony_cistatic ssize_t sel_write_enforce(struct file *file, const char __user *buf, 13662306a36Sopenharmony_ci size_t count, loff_t *ppos) 13762306a36Sopenharmony_ci 13862306a36Sopenharmony_ci{ 13962306a36Sopenharmony_ci char *page = NULL; 14062306a36Sopenharmony_ci ssize_t length; 14162306a36Sopenharmony_ci int scan_value; 14262306a36Sopenharmony_ci bool old_value, new_value; 14362306a36Sopenharmony_ci 14462306a36Sopenharmony_ci if (count >= PAGE_SIZE) 14562306a36Sopenharmony_ci return -ENOMEM; 14662306a36Sopenharmony_ci 14762306a36Sopenharmony_ci /* No partial writes. */ 14862306a36Sopenharmony_ci if (*ppos != 0) 14962306a36Sopenharmony_ci return -EINVAL; 15062306a36Sopenharmony_ci 15162306a36Sopenharmony_ci page = memdup_user_nul(buf, count); 15262306a36Sopenharmony_ci if (IS_ERR(page)) 15362306a36Sopenharmony_ci return PTR_ERR(page); 15462306a36Sopenharmony_ci 15562306a36Sopenharmony_ci length = -EINVAL; 15662306a36Sopenharmony_ci if (sscanf(page, "%d", &scan_value) != 1) 15762306a36Sopenharmony_ci goto out; 15862306a36Sopenharmony_ci 15962306a36Sopenharmony_ci new_value = !!scan_value; 16062306a36Sopenharmony_ci 16162306a36Sopenharmony_ci old_value = enforcing_enabled(); 16262306a36Sopenharmony_ci if (new_value != old_value) { 16362306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 16462306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__SETENFORCE, 16562306a36Sopenharmony_ci NULL); 16662306a36Sopenharmony_ci if (length) 16762306a36Sopenharmony_ci goto out; 16862306a36Sopenharmony_ci audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS, 16962306a36Sopenharmony_ci "enforcing=%d old_enforcing=%d auid=%u ses=%u" 17062306a36Sopenharmony_ci " enabled=1 old-enabled=1 lsm=selinux res=1", 17162306a36Sopenharmony_ci new_value, old_value, 17262306a36Sopenharmony_ci from_kuid(&init_user_ns, audit_get_loginuid(current)), 17362306a36Sopenharmony_ci audit_get_sessionid(current)); 17462306a36Sopenharmony_ci enforcing_set(new_value); 17562306a36Sopenharmony_ci if (new_value) 17662306a36Sopenharmony_ci avc_ss_reset(0); 17762306a36Sopenharmony_ci selnl_notify_setenforce(new_value); 17862306a36Sopenharmony_ci selinux_status_update_setenforce(new_value); 17962306a36Sopenharmony_ci if (!new_value) 18062306a36Sopenharmony_ci call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL); 18162306a36Sopenharmony_ci 18262306a36Sopenharmony_ci selinux_ima_measure_state(); 18362306a36Sopenharmony_ci } 18462306a36Sopenharmony_ci length = count; 18562306a36Sopenharmony_ciout: 18662306a36Sopenharmony_ci kfree(page); 18762306a36Sopenharmony_ci return length; 18862306a36Sopenharmony_ci} 18962306a36Sopenharmony_ci#else 19062306a36Sopenharmony_ci#define sel_write_enforce NULL 19162306a36Sopenharmony_ci#endif 19262306a36Sopenharmony_ci 19362306a36Sopenharmony_cistatic const struct file_operations sel_enforce_ops = { 19462306a36Sopenharmony_ci .read = sel_read_enforce, 19562306a36Sopenharmony_ci .write = sel_write_enforce, 19662306a36Sopenharmony_ci .llseek = generic_file_llseek, 19762306a36Sopenharmony_ci}; 19862306a36Sopenharmony_ci 19962306a36Sopenharmony_cistatic ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, 20062306a36Sopenharmony_ci size_t count, loff_t *ppos) 20162306a36Sopenharmony_ci{ 20262306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 20362306a36Sopenharmony_ci ssize_t length; 20462306a36Sopenharmony_ci ino_t ino = file_inode(filp)->i_ino; 20562306a36Sopenharmony_ci int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ? 20662306a36Sopenharmony_ci security_get_reject_unknown() : 20762306a36Sopenharmony_ci !security_get_allow_unknown(); 20862306a36Sopenharmony_ci 20962306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown); 21062306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 21162306a36Sopenharmony_ci} 21262306a36Sopenharmony_ci 21362306a36Sopenharmony_cistatic const struct file_operations sel_handle_unknown_ops = { 21462306a36Sopenharmony_ci .read = sel_read_handle_unknown, 21562306a36Sopenharmony_ci .llseek = generic_file_llseek, 21662306a36Sopenharmony_ci}; 21762306a36Sopenharmony_ci 21862306a36Sopenharmony_cistatic int sel_open_handle_status(struct inode *inode, struct file *filp) 21962306a36Sopenharmony_ci{ 22062306a36Sopenharmony_ci struct page *status = selinux_kernel_status_page(); 22162306a36Sopenharmony_ci 22262306a36Sopenharmony_ci if (!status) 22362306a36Sopenharmony_ci return -ENOMEM; 22462306a36Sopenharmony_ci 22562306a36Sopenharmony_ci filp->private_data = status; 22662306a36Sopenharmony_ci 22762306a36Sopenharmony_ci return 0; 22862306a36Sopenharmony_ci} 22962306a36Sopenharmony_ci 23062306a36Sopenharmony_cistatic ssize_t sel_read_handle_status(struct file *filp, char __user *buf, 23162306a36Sopenharmony_ci size_t count, loff_t *ppos) 23262306a36Sopenharmony_ci{ 23362306a36Sopenharmony_ci struct page *status = filp->private_data; 23462306a36Sopenharmony_ci 23562306a36Sopenharmony_ci BUG_ON(!status); 23662306a36Sopenharmony_ci 23762306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, 23862306a36Sopenharmony_ci page_address(status), 23962306a36Sopenharmony_ci sizeof(struct selinux_kernel_status)); 24062306a36Sopenharmony_ci} 24162306a36Sopenharmony_ci 24262306a36Sopenharmony_cistatic int sel_mmap_handle_status(struct file *filp, 24362306a36Sopenharmony_ci struct vm_area_struct *vma) 24462306a36Sopenharmony_ci{ 24562306a36Sopenharmony_ci struct page *status = filp->private_data; 24662306a36Sopenharmony_ci unsigned long size = vma->vm_end - vma->vm_start; 24762306a36Sopenharmony_ci 24862306a36Sopenharmony_ci BUG_ON(!status); 24962306a36Sopenharmony_ci 25062306a36Sopenharmony_ci /* only allows one page from the head */ 25162306a36Sopenharmony_ci if (vma->vm_pgoff > 0 || size != PAGE_SIZE) 25262306a36Sopenharmony_ci return -EIO; 25362306a36Sopenharmony_ci /* disallow writable mapping */ 25462306a36Sopenharmony_ci if (vma->vm_flags & VM_WRITE) 25562306a36Sopenharmony_ci return -EPERM; 25662306a36Sopenharmony_ci /* disallow mprotect() turns it into writable */ 25762306a36Sopenharmony_ci vm_flags_clear(vma, VM_MAYWRITE); 25862306a36Sopenharmony_ci 25962306a36Sopenharmony_ci return remap_pfn_range(vma, vma->vm_start, 26062306a36Sopenharmony_ci page_to_pfn(status), 26162306a36Sopenharmony_ci size, vma->vm_page_prot); 26262306a36Sopenharmony_ci} 26362306a36Sopenharmony_ci 26462306a36Sopenharmony_cistatic const struct file_operations sel_handle_status_ops = { 26562306a36Sopenharmony_ci .open = sel_open_handle_status, 26662306a36Sopenharmony_ci .read = sel_read_handle_status, 26762306a36Sopenharmony_ci .mmap = sel_mmap_handle_status, 26862306a36Sopenharmony_ci .llseek = generic_file_llseek, 26962306a36Sopenharmony_ci}; 27062306a36Sopenharmony_ci 27162306a36Sopenharmony_cistatic ssize_t sel_write_disable(struct file *file, const char __user *buf, 27262306a36Sopenharmony_ci size_t count, loff_t *ppos) 27362306a36Sopenharmony_ci 27462306a36Sopenharmony_ci{ 27562306a36Sopenharmony_ci char *page; 27662306a36Sopenharmony_ci ssize_t length; 27762306a36Sopenharmony_ci int new_value; 27862306a36Sopenharmony_ci 27962306a36Sopenharmony_ci if (count >= PAGE_SIZE) 28062306a36Sopenharmony_ci return -ENOMEM; 28162306a36Sopenharmony_ci 28262306a36Sopenharmony_ci /* No partial writes. */ 28362306a36Sopenharmony_ci if (*ppos != 0) 28462306a36Sopenharmony_ci return -EINVAL; 28562306a36Sopenharmony_ci 28662306a36Sopenharmony_ci page = memdup_user_nul(buf, count); 28762306a36Sopenharmony_ci if (IS_ERR(page)) 28862306a36Sopenharmony_ci return PTR_ERR(page); 28962306a36Sopenharmony_ci 29062306a36Sopenharmony_ci if (sscanf(page, "%d", &new_value) != 1) { 29162306a36Sopenharmony_ci length = -EINVAL; 29262306a36Sopenharmony_ci goto out; 29362306a36Sopenharmony_ci } 29462306a36Sopenharmony_ci length = count; 29562306a36Sopenharmony_ci 29662306a36Sopenharmony_ci if (new_value) { 29762306a36Sopenharmony_ci pr_err("SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-runtime-disable\n"); 29862306a36Sopenharmony_ci pr_err("SELinux: Runtime disable is not supported, use selinux=0 on the kernel cmdline.\n"); 29962306a36Sopenharmony_ci } 30062306a36Sopenharmony_ci 30162306a36Sopenharmony_ciout: 30262306a36Sopenharmony_ci kfree(page); 30362306a36Sopenharmony_ci return length; 30462306a36Sopenharmony_ci} 30562306a36Sopenharmony_ci 30662306a36Sopenharmony_cistatic const struct file_operations sel_disable_ops = { 30762306a36Sopenharmony_ci .write = sel_write_disable, 30862306a36Sopenharmony_ci .llseek = generic_file_llseek, 30962306a36Sopenharmony_ci}; 31062306a36Sopenharmony_ci 31162306a36Sopenharmony_cistatic ssize_t sel_read_policyvers(struct file *filp, char __user *buf, 31262306a36Sopenharmony_ci size_t count, loff_t *ppos) 31362306a36Sopenharmony_ci{ 31462306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 31562306a36Sopenharmony_ci ssize_t length; 31662306a36Sopenharmony_ci 31762306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX); 31862306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 31962306a36Sopenharmony_ci} 32062306a36Sopenharmony_ci 32162306a36Sopenharmony_cistatic const struct file_operations sel_policyvers_ops = { 32262306a36Sopenharmony_ci .read = sel_read_policyvers, 32362306a36Sopenharmony_ci .llseek = generic_file_llseek, 32462306a36Sopenharmony_ci}; 32562306a36Sopenharmony_ci 32662306a36Sopenharmony_ci/* declaration for sel_write_load */ 32762306a36Sopenharmony_cistatic int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir, 32862306a36Sopenharmony_ci unsigned int *bool_num, char ***bool_pending_names, 32962306a36Sopenharmony_ci int **bool_pending_values); 33062306a36Sopenharmony_cistatic int sel_make_classes(struct selinux_policy *newpolicy, 33162306a36Sopenharmony_ci struct dentry *class_dir, 33262306a36Sopenharmony_ci unsigned long *last_class_ino); 33362306a36Sopenharmony_ci 33462306a36Sopenharmony_ci/* declaration for sel_make_class_dirs */ 33562306a36Sopenharmony_cistatic struct dentry *sel_make_dir(struct dentry *dir, const char *name, 33662306a36Sopenharmony_ci unsigned long *ino); 33762306a36Sopenharmony_ci 33862306a36Sopenharmony_ci/* declaration for sel_make_policy_nodes */ 33962306a36Sopenharmony_cistatic struct dentry *sel_make_disconnected_dir(struct super_block *sb, 34062306a36Sopenharmony_ci unsigned long *ino); 34162306a36Sopenharmony_ci 34262306a36Sopenharmony_ci/* declaration for sel_make_policy_nodes */ 34362306a36Sopenharmony_cistatic void sel_remove_entries(struct dentry *de); 34462306a36Sopenharmony_ci 34562306a36Sopenharmony_cistatic ssize_t sel_read_mls(struct file *filp, char __user *buf, 34662306a36Sopenharmony_ci size_t count, loff_t *ppos) 34762306a36Sopenharmony_ci{ 34862306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 34962306a36Sopenharmony_ci ssize_t length; 35062306a36Sopenharmony_ci 35162306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%d", 35262306a36Sopenharmony_ci security_mls_enabled()); 35362306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 35462306a36Sopenharmony_ci} 35562306a36Sopenharmony_ci 35662306a36Sopenharmony_cistatic const struct file_operations sel_mls_ops = { 35762306a36Sopenharmony_ci .read = sel_read_mls, 35862306a36Sopenharmony_ci .llseek = generic_file_llseek, 35962306a36Sopenharmony_ci}; 36062306a36Sopenharmony_ci 36162306a36Sopenharmony_cistruct policy_load_memory { 36262306a36Sopenharmony_ci size_t len; 36362306a36Sopenharmony_ci void *data; 36462306a36Sopenharmony_ci}; 36562306a36Sopenharmony_ci 36662306a36Sopenharmony_cistatic int sel_open_policy(struct inode *inode, struct file *filp) 36762306a36Sopenharmony_ci{ 36862306a36Sopenharmony_ci struct selinux_fs_info *fsi = inode->i_sb->s_fs_info; 36962306a36Sopenharmony_ci struct policy_load_memory *plm = NULL; 37062306a36Sopenharmony_ci int rc; 37162306a36Sopenharmony_ci 37262306a36Sopenharmony_ci BUG_ON(filp->private_data); 37362306a36Sopenharmony_ci 37462306a36Sopenharmony_ci mutex_lock(&selinux_state.policy_mutex); 37562306a36Sopenharmony_ci 37662306a36Sopenharmony_ci rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, 37762306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 37862306a36Sopenharmony_ci if (rc) 37962306a36Sopenharmony_ci goto err; 38062306a36Sopenharmony_ci 38162306a36Sopenharmony_ci rc = -EBUSY; 38262306a36Sopenharmony_ci if (fsi->policy_opened) 38362306a36Sopenharmony_ci goto err; 38462306a36Sopenharmony_ci 38562306a36Sopenharmony_ci rc = -ENOMEM; 38662306a36Sopenharmony_ci plm = kzalloc(sizeof(*plm), GFP_KERNEL); 38762306a36Sopenharmony_ci if (!plm) 38862306a36Sopenharmony_ci goto err; 38962306a36Sopenharmony_ci 39062306a36Sopenharmony_ci rc = security_read_policy(&plm->data, &plm->len); 39162306a36Sopenharmony_ci if (rc) 39262306a36Sopenharmony_ci goto err; 39362306a36Sopenharmony_ci 39462306a36Sopenharmony_ci if ((size_t)i_size_read(inode) != plm->len) { 39562306a36Sopenharmony_ci inode_lock(inode); 39662306a36Sopenharmony_ci i_size_write(inode, plm->len); 39762306a36Sopenharmony_ci inode_unlock(inode); 39862306a36Sopenharmony_ci } 39962306a36Sopenharmony_ci 40062306a36Sopenharmony_ci fsi->policy_opened = 1; 40162306a36Sopenharmony_ci 40262306a36Sopenharmony_ci filp->private_data = plm; 40362306a36Sopenharmony_ci 40462306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 40562306a36Sopenharmony_ci 40662306a36Sopenharmony_ci return 0; 40762306a36Sopenharmony_cierr: 40862306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 40962306a36Sopenharmony_ci 41062306a36Sopenharmony_ci if (plm) 41162306a36Sopenharmony_ci vfree(plm->data); 41262306a36Sopenharmony_ci kfree(plm); 41362306a36Sopenharmony_ci return rc; 41462306a36Sopenharmony_ci} 41562306a36Sopenharmony_ci 41662306a36Sopenharmony_cistatic int sel_release_policy(struct inode *inode, struct file *filp) 41762306a36Sopenharmony_ci{ 41862306a36Sopenharmony_ci struct selinux_fs_info *fsi = inode->i_sb->s_fs_info; 41962306a36Sopenharmony_ci struct policy_load_memory *plm = filp->private_data; 42062306a36Sopenharmony_ci 42162306a36Sopenharmony_ci BUG_ON(!plm); 42262306a36Sopenharmony_ci 42362306a36Sopenharmony_ci fsi->policy_opened = 0; 42462306a36Sopenharmony_ci 42562306a36Sopenharmony_ci vfree(plm->data); 42662306a36Sopenharmony_ci kfree(plm); 42762306a36Sopenharmony_ci 42862306a36Sopenharmony_ci return 0; 42962306a36Sopenharmony_ci} 43062306a36Sopenharmony_ci 43162306a36Sopenharmony_cistatic ssize_t sel_read_policy(struct file *filp, char __user *buf, 43262306a36Sopenharmony_ci size_t count, loff_t *ppos) 43362306a36Sopenharmony_ci{ 43462306a36Sopenharmony_ci struct policy_load_memory *plm = filp->private_data; 43562306a36Sopenharmony_ci int ret; 43662306a36Sopenharmony_ci 43762306a36Sopenharmony_ci ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, 43862306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 43962306a36Sopenharmony_ci if (ret) 44062306a36Sopenharmony_ci return ret; 44162306a36Sopenharmony_ci 44262306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, plm->data, plm->len); 44362306a36Sopenharmony_ci} 44462306a36Sopenharmony_ci 44562306a36Sopenharmony_cistatic vm_fault_t sel_mmap_policy_fault(struct vm_fault *vmf) 44662306a36Sopenharmony_ci{ 44762306a36Sopenharmony_ci struct policy_load_memory *plm = vmf->vma->vm_file->private_data; 44862306a36Sopenharmony_ci unsigned long offset; 44962306a36Sopenharmony_ci struct page *page; 45062306a36Sopenharmony_ci 45162306a36Sopenharmony_ci if (vmf->flags & (FAULT_FLAG_MKWRITE | FAULT_FLAG_WRITE)) 45262306a36Sopenharmony_ci return VM_FAULT_SIGBUS; 45362306a36Sopenharmony_ci 45462306a36Sopenharmony_ci offset = vmf->pgoff << PAGE_SHIFT; 45562306a36Sopenharmony_ci if (offset >= roundup(plm->len, PAGE_SIZE)) 45662306a36Sopenharmony_ci return VM_FAULT_SIGBUS; 45762306a36Sopenharmony_ci 45862306a36Sopenharmony_ci page = vmalloc_to_page(plm->data + offset); 45962306a36Sopenharmony_ci get_page(page); 46062306a36Sopenharmony_ci 46162306a36Sopenharmony_ci vmf->page = page; 46262306a36Sopenharmony_ci 46362306a36Sopenharmony_ci return 0; 46462306a36Sopenharmony_ci} 46562306a36Sopenharmony_ci 46662306a36Sopenharmony_cistatic const struct vm_operations_struct sel_mmap_policy_ops = { 46762306a36Sopenharmony_ci .fault = sel_mmap_policy_fault, 46862306a36Sopenharmony_ci .page_mkwrite = sel_mmap_policy_fault, 46962306a36Sopenharmony_ci}; 47062306a36Sopenharmony_ci 47162306a36Sopenharmony_cistatic int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma) 47262306a36Sopenharmony_ci{ 47362306a36Sopenharmony_ci if (vma->vm_flags & VM_SHARED) { 47462306a36Sopenharmony_ci /* do not allow mprotect to make mapping writable */ 47562306a36Sopenharmony_ci vm_flags_clear(vma, VM_MAYWRITE); 47662306a36Sopenharmony_ci 47762306a36Sopenharmony_ci if (vma->vm_flags & VM_WRITE) 47862306a36Sopenharmony_ci return -EACCES; 47962306a36Sopenharmony_ci } 48062306a36Sopenharmony_ci 48162306a36Sopenharmony_ci vm_flags_set(vma, VM_DONTEXPAND | VM_DONTDUMP); 48262306a36Sopenharmony_ci vma->vm_ops = &sel_mmap_policy_ops; 48362306a36Sopenharmony_ci 48462306a36Sopenharmony_ci return 0; 48562306a36Sopenharmony_ci} 48662306a36Sopenharmony_ci 48762306a36Sopenharmony_cistatic const struct file_operations sel_policy_ops = { 48862306a36Sopenharmony_ci .open = sel_open_policy, 48962306a36Sopenharmony_ci .read = sel_read_policy, 49062306a36Sopenharmony_ci .mmap = sel_mmap_policy, 49162306a36Sopenharmony_ci .release = sel_release_policy, 49262306a36Sopenharmony_ci .llseek = generic_file_llseek, 49362306a36Sopenharmony_ci}; 49462306a36Sopenharmony_ci 49562306a36Sopenharmony_cistatic void sel_remove_old_bool_data(unsigned int bool_num, char **bool_names, 49662306a36Sopenharmony_ci int *bool_values) 49762306a36Sopenharmony_ci{ 49862306a36Sopenharmony_ci u32 i; 49962306a36Sopenharmony_ci 50062306a36Sopenharmony_ci /* bool_dir cleanup */ 50162306a36Sopenharmony_ci for (i = 0; i < bool_num; i++) 50262306a36Sopenharmony_ci kfree(bool_names[i]); 50362306a36Sopenharmony_ci kfree(bool_names); 50462306a36Sopenharmony_ci kfree(bool_values); 50562306a36Sopenharmony_ci} 50662306a36Sopenharmony_ci 50762306a36Sopenharmony_cistatic int sel_make_policy_nodes(struct selinux_fs_info *fsi, 50862306a36Sopenharmony_ci struct selinux_policy *newpolicy) 50962306a36Sopenharmony_ci{ 51062306a36Sopenharmony_ci int ret = 0; 51162306a36Sopenharmony_ci struct dentry *tmp_parent, *tmp_bool_dir, *tmp_class_dir, *old_dentry; 51262306a36Sopenharmony_ci unsigned int tmp_bool_num, old_bool_num; 51362306a36Sopenharmony_ci char **tmp_bool_names, **old_bool_names; 51462306a36Sopenharmony_ci int *tmp_bool_values, *old_bool_values; 51562306a36Sopenharmony_ci unsigned long tmp_ino = fsi->last_ino; /* Don't increment last_ino in this function */ 51662306a36Sopenharmony_ci 51762306a36Sopenharmony_ci tmp_parent = sel_make_disconnected_dir(fsi->sb, &tmp_ino); 51862306a36Sopenharmony_ci if (IS_ERR(tmp_parent)) 51962306a36Sopenharmony_ci return PTR_ERR(tmp_parent); 52062306a36Sopenharmony_ci 52162306a36Sopenharmony_ci tmp_ino = fsi->bool_dir->d_inode->i_ino - 1; /* sel_make_dir will increment and set */ 52262306a36Sopenharmony_ci tmp_bool_dir = sel_make_dir(tmp_parent, BOOL_DIR_NAME, &tmp_ino); 52362306a36Sopenharmony_ci if (IS_ERR(tmp_bool_dir)) { 52462306a36Sopenharmony_ci ret = PTR_ERR(tmp_bool_dir); 52562306a36Sopenharmony_ci goto out; 52662306a36Sopenharmony_ci } 52762306a36Sopenharmony_ci 52862306a36Sopenharmony_ci tmp_ino = fsi->class_dir->d_inode->i_ino - 1; /* sel_make_dir will increment and set */ 52962306a36Sopenharmony_ci tmp_class_dir = sel_make_dir(tmp_parent, CLASS_DIR_NAME, &tmp_ino); 53062306a36Sopenharmony_ci if (IS_ERR(tmp_class_dir)) { 53162306a36Sopenharmony_ci ret = PTR_ERR(tmp_class_dir); 53262306a36Sopenharmony_ci goto out; 53362306a36Sopenharmony_ci } 53462306a36Sopenharmony_ci 53562306a36Sopenharmony_ci ret = sel_make_bools(newpolicy, tmp_bool_dir, &tmp_bool_num, 53662306a36Sopenharmony_ci &tmp_bool_names, &tmp_bool_values); 53762306a36Sopenharmony_ci if (ret) 53862306a36Sopenharmony_ci goto out; 53962306a36Sopenharmony_ci 54062306a36Sopenharmony_ci ret = sel_make_classes(newpolicy, tmp_class_dir, 54162306a36Sopenharmony_ci &fsi->last_class_ino); 54262306a36Sopenharmony_ci if (ret) 54362306a36Sopenharmony_ci goto out; 54462306a36Sopenharmony_ci 54562306a36Sopenharmony_ci /* booleans */ 54662306a36Sopenharmony_ci old_dentry = fsi->bool_dir; 54762306a36Sopenharmony_ci lock_rename(tmp_bool_dir, old_dentry); 54862306a36Sopenharmony_ci d_exchange(tmp_bool_dir, fsi->bool_dir); 54962306a36Sopenharmony_ci 55062306a36Sopenharmony_ci old_bool_num = fsi->bool_num; 55162306a36Sopenharmony_ci old_bool_names = fsi->bool_pending_names; 55262306a36Sopenharmony_ci old_bool_values = fsi->bool_pending_values; 55362306a36Sopenharmony_ci 55462306a36Sopenharmony_ci fsi->bool_num = tmp_bool_num; 55562306a36Sopenharmony_ci fsi->bool_pending_names = tmp_bool_names; 55662306a36Sopenharmony_ci fsi->bool_pending_values = tmp_bool_values; 55762306a36Sopenharmony_ci 55862306a36Sopenharmony_ci sel_remove_old_bool_data(old_bool_num, old_bool_names, old_bool_values); 55962306a36Sopenharmony_ci 56062306a36Sopenharmony_ci fsi->bool_dir = tmp_bool_dir; 56162306a36Sopenharmony_ci unlock_rename(tmp_bool_dir, old_dentry); 56262306a36Sopenharmony_ci 56362306a36Sopenharmony_ci /* classes */ 56462306a36Sopenharmony_ci old_dentry = fsi->class_dir; 56562306a36Sopenharmony_ci lock_rename(tmp_class_dir, old_dentry); 56662306a36Sopenharmony_ci d_exchange(tmp_class_dir, fsi->class_dir); 56762306a36Sopenharmony_ci fsi->class_dir = tmp_class_dir; 56862306a36Sopenharmony_ci unlock_rename(tmp_class_dir, old_dentry); 56962306a36Sopenharmony_ci 57062306a36Sopenharmony_ciout: 57162306a36Sopenharmony_ci /* Since the other temporary dirs are children of tmp_parent 57262306a36Sopenharmony_ci * this will handle all the cleanup in the case of a failure before 57362306a36Sopenharmony_ci * the swapover 57462306a36Sopenharmony_ci */ 57562306a36Sopenharmony_ci sel_remove_entries(tmp_parent); 57662306a36Sopenharmony_ci dput(tmp_parent); /* d_genocide() only handles the children */ 57762306a36Sopenharmony_ci 57862306a36Sopenharmony_ci return ret; 57962306a36Sopenharmony_ci} 58062306a36Sopenharmony_ci 58162306a36Sopenharmony_cistatic ssize_t sel_write_load(struct file *file, const char __user *buf, 58262306a36Sopenharmony_ci size_t count, loff_t *ppos) 58362306a36Sopenharmony_ci 58462306a36Sopenharmony_ci{ 58562306a36Sopenharmony_ci struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 58662306a36Sopenharmony_ci struct selinux_load_state load_state; 58762306a36Sopenharmony_ci ssize_t length; 58862306a36Sopenharmony_ci void *data = NULL; 58962306a36Sopenharmony_ci 59062306a36Sopenharmony_ci mutex_lock(&selinux_state.policy_mutex); 59162306a36Sopenharmony_ci 59262306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 59362306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__LOAD_POLICY, NULL); 59462306a36Sopenharmony_ci if (length) 59562306a36Sopenharmony_ci goto out; 59662306a36Sopenharmony_ci 59762306a36Sopenharmony_ci /* No partial writes. */ 59862306a36Sopenharmony_ci length = -EINVAL; 59962306a36Sopenharmony_ci if (*ppos != 0) 60062306a36Sopenharmony_ci goto out; 60162306a36Sopenharmony_ci 60262306a36Sopenharmony_ci length = -ENOMEM; 60362306a36Sopenharmony_ci data = vmalloc(count); 60462306a36Sopenharmony_ci if (!data) 60562306a36Sopenharmony_ci goto out; 60662306a36Sopenharmony_ci 60762306a36Sopenharmony_ci length = -EFAULT; 60862306a36Sopenharmony_ci if (copy_from_user(data, buf, count) != 0) 60962306a36Sopenharmony_ci goto out; 61062306a36Sopenharmony_ci 61162306a36Sopenharmony_ci length = security_load_policy(data, count, &load_state); 61262306a36Sopenharmony_ci if (length) { 61362306a36Sopenharmony_ci pr_warn_ratelimited("SELinux: failed to load policy\n"); 61462306a36Sopenharmony_ci goto out; 61562306a36Sopenharmony_ci } 61662306a36Sopenharmony_ci 61762306a36Sopenharmony_ci length = sel_make_policy_nodes(fsi, load_state.policy); 61862306a36Sopenharmony_ci if (length) { 61962306a36Sopenharmony_ci pr_warn_ratelimited("SELinux: failed to initialize selinuxfs\n"); 62062306a36Sopenharmony_ci selinux_policy_cancel(&load_state); 62162306a36Sopenharmony_ci goto out; 62262306a36Sopenharmony_ci } 62362306a36Sopenharmony_ci 62462306a36Sopenharmony_ci selinux_policy_commit(&load_state); 62562306a36Sopenharmony_ci 62662306a36Sopenharmony_ci length = count; 62762306a36Sopenharmony_ci 62862306a36Sopenharmony_ci audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, 62962306a36Sopenharmony_ci "auid=%u ses=%u lsm=selinux res=1", 63062306a36Sopenharmony_ci from_kuid(&init_user_ns, audit_get_loginuid(current)), 63162306a36Sopenharmony_ci audit_get_sessionid(current)); 63262306a36Sopenharmony_ciout: 63362306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 63462306a36Sopenharmony_ci vfree(data); 63562306a36Sopenharmony_ci return length; 63662306a36Sopenharmony_ci} 63762306a36Sopenharmony_ci 63862306a36Sopenharmony_cistatic const struct file_operations sel_load_ops = { 63962306a36Sopenharmony_ci .write = sel_write_load, 64062306a36Sopenharmony_ci .llseek = generic_file_llseek, 64162306a36Sopenharmony_ci}; 64262306a36Sopenharmony_ci 64362306a36Sopenharmony_cistatic ssize_t sel_write_context(struct file *file, char *buf, size_t size) 64462306a36Sopenharmony_ci{ 64562306a36Sopenharmony_ci char *canon = NULL; 64662306a36Sopenharmony_ci u32 sid, len; 64762306a36Sopenharmony_ci ssize_t length; 64862306a36Sopenharmony_ci 64962306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 65062306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, NULL); 65162306a36Sopenharmony_ci if (length) 65262306a36Sopenharmony_ci goto out; 65362306a36Sopenharmony_ci 65462306a36Sopenharmony_ci length = security_context_to_sid(buf, size, &sid, GFP_KERNEL); 65562306a36Sopenharmony_ci if (length) 65662306a36Sopenharmony_ci goto out; 65762306a36Sopenharmony_ci 65862306a36Sopenharmony_ci length = security_sid_to_context(sid, &canon, &len); 65962306a36Sopenharmony_ci if (length) 66062306a36Sopenharmony_ci goto out; 66162306a36Sopenharmony_ci 66262306a36Sopenharmony_ci length = -ERANGE; 66362306a36Sopenharmony_ci if (len > SIMPLE_TRANSACTION_LIMIT) { 66462306a36Sopenharmony_ci pr_err("SELinux: %s: context size (%u) exceeds " 66562306a36Sopenharmony_ci "payload max\n", __func__, len); 66662306a36Sopenharmony_ci goto out; 66762306a36Sopenharmony_ci } 66862306a36Sopenharmony_ci 66962306a36Sopenharmony_ci memcpy(buf, canon, len); 67062306a36Sopenharmony_ci length = len; 67162306a36Sopenharmony_ciout: 67262306a36Sopenharmony_ci kfree(canon); 67362306a36Sopenharmony_ci return length; 67462306a36Sopenharmony_ci} 67562306a36Sopenharmony_ci 67662306a36Sopenharmony_cistatic ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, 67762306a36Sopenharmony_ci size_t count, loff_t *ppos) 67862306a36Sopenharmony_ci{ 67962306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 68062306a36Sopenharmony_ci ssize_t length; 68162306a36Sopenharmony_ci 68262306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 68362306a36Sopenharmony_ci checkreqprot_get()); 68462306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 68562306a36Sopenharmony_ci} 68662306a36Sopenharmony_ci 68762306a36Sopenharmony_cistatic ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, 68862306a36Sopenharmony_ci size_t count, loff_t *ppos) 68962306a36Sopenharmony_ci{ 69062306a36Sopenharmony_ci char *page; 69162306a36Sopenharmony_ci ssize_t length; 69262306a36Sopenharmony_ci unsigned int new_value; 69362306a36Sopenharmony_ci 69462306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 69562306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, 69662306a36Sopenharmony_ci NULL); 69762306a36Sopenharmony_ci if (length) 69862306a36Sopenharmony_ci return length; 69962306a36Sopenharmony_ci 70062306a36Sopenharmony_ci if (count >= PAGE_SIZE) 70162306a36Sopenharmony_ci return -ENOMEM; 70262306a36Sopenharmony_ci 70362306a36Sopenharmony_ci /* No partial writes. */ 70462306a36Sopenharmony_ci if (*ppos != 0) 70562306a36Sopenharmony_ci return -EINVAL; 70662306a36Sopenharmony_ci 70762306a36Sopenharmony_ci page = memdup_user_nul(buf, count); 70862306a36Sopenharmony_ci if (IS_ERR(page)) 70962306a36Sopenharmony_ci return PTR_ERR(page); 71062306a36Sopenharmony_ci 71162306a36Sopenharmony_ci if (sscanf(page, "%u", &new_value) != 1) { 71262306a36Sopenharmony_ci length = -EINVAL; 71362306a36Sopenharmony_ci goto out; 71462306a36Sopenharmony_ci } 71562306a36Sopenharmony_ci length = count; 71662306a36Sopenharmony_ci 71762306a36Sopenharmony_ci if (new_value) { 71862306a36Sopenharmony_ci char comm[sizeof(current->comm)]; 71962306a36Sopenharmony_ci 72062306a36Sopenharmony_ci memcpy(comm, current->comm, sizeof(comm)); 72162306a36Sopenharmony_ci pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", 72262306a36Sopenharmony_ci comm, current->pid); 72362306a36Sopenharmony_ci } 72462306a36Sopenharmony_ci 72562306a36Sopenharmony_ci selinux_ima_measure_state(); 72662306a36Sopenharmony_ci 72762306a36Sopenharmony_ciout: 72862306a36Sopenharmony_ci kfree(page); 72962306a36Sopenharmony_ci return length; 73062306a36Sopenharmony_ci} 73162306a36Sopenharmony_cistatic const struct file_operations sel_checkreqprot_ops = { 73262306a36Sopenharmony_ci .read = sel_read_checkreqprot, 73362306a36Sopenharmony_ci .write = sel_write_checkreqprot, 73462306a36Sopenharmony_ci .llseek = generic_file_llseek, 73562306a36Sopenharmony_ci}; 73662306a36Sopenharmony_ci 73762306a36Sopenharmony_cistatic ssize_t sel_write_validatetrans(struct file *file, 73862306a36Sopenharmony_ci const char __user *buf, 73962306a36Sopenharmony_ci size_t count, loff_t *ppos) 74062306a36Sopenharmony_ci{ 74162306a36Sopenharmony_ci char *oldcon = NULL, *newcon = NULL, *taskcon = NULL; 74262306a36Sopenharmony_ci char *req = NULL; 74362306a36Sopenharmony_ci u32 osid, nsid, tsid; 74462306a36Sopenharmony_ci u16 tclass; 74562306a36Sopenharmony_ci int rc; 74662306a36Sopenharmony_ci 74762306a36Sopenharmony_ci rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, 74862306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__VALIDATE_TRANS, NULL); 74962306a36Sopenharmony_ci if (rc) 75062306a36Sopenharmony_ci goto out; 75162306a36Sopenharmony_ci 75262306a36Sopenharmony_ci rc = -ENOMEM; 75362306a36Sopenharmony_ci if (count >= PAGE_SIZE) 75462306a36Sopenharmony_ci goto out; 75562306a36Sopenharmony_ci 75662306a36Sopenharmony_ci /* No partial writes. */ 75762306a36Sopenharmony_ci rc = -EINVAL; 75862306a36Sopenharmony_ci if (*ppos != 0) 75962306a36Sopenharmony_ci goto out; 76062306a36Sopenharmony_ci 76162306a36Sopenharmony_ci req = memdup_user_nul(buf, count); 76262306a36Sopenharmony_ci if (IS_ERR(req)) { 76362306a36Sopenharmony_ci rc = PTR_ERR(req); 76462306a36Sopenharmony_ci req = NULL; 76562306a36Sopenharmony_ci goto out; 76662306a36Sopenharmony_ci } 76762306a36Sopenharmony_ci 76862306a36Sopenharmony_ci rc = -ENOMEM; 76962306a36Sopenharmony_ci oldcon = kzalloc(count + 1, GFP_KERNEL); 77062306a36Sopenharmony_ci if (!oldcon) 77162306a36Sopenharmony_ci goto out; 77262306a36Sopenharmony_ci 77362306a36Sopenharmony_ci newcon = kzalloc(count + 1, GFP_KERNEL); 77462306a36Sopenharmony_ci if (!newcon) 77562306a36Sopenharmony_ci goto out; 77662306a36Sopenharmony_ci 77762306a36Sopenharmony_ci taskcon = kzalloc(count + 1, GFP_KERNEL); 77862306a36Sopenharmony_ci if (!taskcon) 77962306a36Sopenharmony_ci goto out; 78062306a36Sopenharmony_ci 78162306a36Sopenharmony_ci rc = -EINVAL; 78262306a36Sopenharmony_ci if (sscanf(req, "%s %s %hu %s", oldcon, newcon, &tclass, taskcon) != 4) 78362306a36Sopenharmony_ci goto out; 78462306a36Sopenharmony_ci 78562306a36Sopenharmony_ci rc = security_context_str_to_sid(oldcon, &osid, GFP_KERNEL); 78662306a36Sopenharmony_ci if (rc) 78762306a36Sopenharmony_ci goto out; 78862306a36Sopenharmony_ci 78962306a36Sopenharmony_ci rc = security_context_str_to_sid(newcon, &nsid, GFP_KERNEL); 79062306a36Sopenharmony_ci if (rc) 79162306a36Sopenharmony_ci goto out; 79262306a36Sopenharmony_ci 79362306a36Sopenharmony_ci rc = security_context_str_to_sid(taskcon, &tsid, GFP_KERNEL); 79462306a36Sopenharmony_ci if (rc) 79562306a36Sopenharmony_ci goto out; 79662306a36Sopenharmony_ci 79762306a36Sopenharmony_ci rc = security_validate_transition_user(osid, nsid, tsid, tclass); 79862306a36Sopenharmony_ci if (!rc) 79962306a36Sopenharmony_ci rc = count; 80062306a36Sopenharmony_ciout: 80162306a36Sopenharmony_ci kfree(req); 80262306a36Sopenharmony_ci kfree(oldcon); 80362306a36Sopenharmony_ci kfree(newcon); 80462306a36Sopenharmony_ci kfree(taskcon); 80562306a36Sopenharmony_ci return rc; 80662306a36Sopenharmony_ci} 80762306a36Sopenharmony_ci 80862306a36Sopenharmony_cistatic const struct file_operations sel_transition_ops = { 80962306a36Sopenharmony_ci .write = sel_write_validatetrans, 81062306a36Sopenharmony_ci .llseek = generic_file_llseek, 81162306a36Sopenharmony_ci}; 81262306a36Sopenharmony_ci 81362306a36Sopenharmony_ci/* 81462306a36Sopenharmony_ci * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c 81562306a36Sopenharmony_ci */ 81662306a36Sopenharmony_cistatic ssize_t sel_write_access(struct file *file, char *buf, size_t size); 81762306a36Sopenharmony_cistatic ssize_t sel_write_create(struct file *file, char *buf, size_t size); 81862306a36Sopenharmony_cistatic ssize_t sel_write_relabel(struct file *file, char *buf, size_t size); 81962306a36Sopenharmony_cistatic ssize_t sel_write_user(struct file *file, char *buf, size_t size); 82062306a36Sopenharmony_cistatic ssize_t sel_write_member(struct file *file, char *buf, size_t size); 82162306a36Sopenharmony_ci 82262306a36Sopenharmony_cistatic ssize_t (*const write_op[])(struct file *, char *, size_t) = { 82362306a36Sopenharmony_ci [SEL_ACCESS] = sel_write_access, 82462306a36Sopenharmony_ci [SEL_CREATE] = sel_write_create, 82562306a36Sopenharmony_ci [SEL_RELABEL] = sel_write_relabel, 82662306a36Sopenharmony_ci [SEL_USER] = sel_write_user, 82762306a36Sopenharmony_ci [SEL_MEMBER] = sel_write_member, 82862306a36Sopenharmony_ci [SEL_CONTEXT] = sel_write_context, 82962306a36Sopenharmony_ci}; 83062306a36Sopenharmony_ci 83162306a36Sopenharmony_cistatic ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) 83262306a36Sopenharmony_ci{ 83362306a36Sopenharmony_ci ino_t ino = file_inode(file)->i_ino; 83462306a36Sopenharmony_ci char *data; 83562306a36Sopenharmony_ci ssize_t rv; 83662306a36Sopenharmony_ci 83762306a36Sopenharmony_ci if (ino >= ARRAY_SIZE(write_op) || !write_op[ino]) 83862306a36Sopenharmony_ci return -EINVAL; 83962306a36Sopenharmony_ci 84062306a36Sopenharmony_ci data = simple_transaction_get(file, buf, size); 84162306a36Sopenharmony_ci if (IS_ERR(data)) 84262306a36Sopenharmony_ci return PTR_ERR(data); 84362306a36Sopenharmony_ci 84462306a36Sopenharmony_ci rv = write_op[ino](file, data, size); 84562306a36Sopenharmony_ci if (rv > 0) { 84662306a36Sopenharmony_ci simple_transaction_set(file, rv); 84762306a36Sopenharmony_ci rv = size; 84862306a36Sopenharmony_ci } 84962306a36Sopenharmony_ci return rv; 85062306a36Sopenharmony_ci} 85162306a36Sopenharmony_ci 85262306a36Sopenharmony_cistatic const struct file_operations transaction_ops = { 85362306a36Sopenharmony_ci .write = selinux_transaction_write, 85462306a36Sopenharmony_ci .read = simple_transaction_read, 85562306a36Sopenharmony_ci .release = simple_transaction_release, 85662306a36Sopenharmony_ci .llseek = generic_file_llseek, 85762306a36Sopenharmony_ci}; 85862306a36Sopenharmony_ci 85962306a36Sopenharmony_ci/* 86062306a36Sopenharmony_ci * payload - write methods 86162306a36Sopenharmony_ci * If the method has a response, the response should be put in buf, 86262306a36Sopenharmony_ci * and the length returned. Otherwise return 0 or and -error. 86362306a36Sopenharmony_ci */ 86462306a36Sopenharmony_ci 86562306a36Sopenharmony_cistatic ssize_t sel_write_access(struct file *file, char *buf, size_t size) 86662306a36Sopenharmony_ci{ 86762306a36Sopenharmony_ci char *scon = NULL, *tcon = NULL; 86862306a36Sopenharmony_ci u32 ssid, tsid; 86962306a36Sopenharmony_ci u16 tclass; 87062306a36Sopenharmony_ci struct av_decision avd; 87162306a36Sopenharmony_ci ssize_t length; 87262306a36Sopenharmony_ci 87362306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 87462306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__COMPUTE_AV, NULL); 87562306a36Sopenharmony_ci if (length) 87662306a36Sopenharmony_ci goto out; 87762306a36Sopenharmony_ci 87862306a36Sopenharmony_ci length = -ENOMEM; 87962306a36Sopenharmony_ci scon = kzalloc(size + 1, GFP_KERNEL); 88062306a36Sopenharmony_ci if (!scon) 88162306a36Sopenharmony_ci goto out; 88262306a36Sopenharmony_ci 88362306a36Sopenharmony_ci length = -ENOMEM; 88462306a36Sopenharmony_ci tcon = kzalloc(size + 1, GFP_KERNEL); 88562306a36Sopenharmony_ci if (!tcon) 88662306a36Sopenharmony_ci goto out; 88762306a36Sopenharmony_ci 88862306a36Sopenharmony_ci length = -EINVAL; 88962306a36Sopenharmony_ci if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 89062306a36Sopenharmony_ci goto out; 89162306a36Sopenharmony_ci 89262306a36Sopenharmony_ci length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 89362306a36Sopenharmony_ci if (length) 89462306a36Sopenharmony_ci goto out; 89562306a36Sopenharmony_ci 89662306a36Sopenharmony_ci length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 89762306a36Sopenharmony_ci if (length) 89862306a36Sopenharmony_ci goto out; 89962306a36Sopenharmony_ci 90062306a36Sopenharmony_ci security_compute_av_user(ssid, tsid, tclass, &avd); 90162306a36Sopenharmony_ci 90262306a36Sopenharmony_ci length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, 90362306a36Sopenharmony_ci "%x %x %x %x %u %x", 90462306a36Sopenharmony_ci avd.allowed, 0xffffffff, 90562306a36Sopenharmony_ci avd.auditallow, avd.auditdeny, 90662306a36Sopenharmony_ci avd.seqno, avd.flags); 90762306a36Sopenharmony_ciout: 90862306a36Sopenharmony_ci kfree(tcon); 90962306a36Sopenharmony_ci kfree(scon); 91062306a36Sopenharmony_ci return length; 91162306a36Sopenharmony_ci} 91262306a36Sopenharmony_ci 91362306a36Sopenharmony_cistatic ssize_t sel_write_create(struct file *file, char *buf, size_t size) 91462306a36Sopenharmony_ci{ 91562306a36Sopenharmony_ci char *scon = NULL, *tcon = NULL; 91662306a36Sopenharmony_ci char *namebuf = NULL, *objname = NULL; 91762306a36Sopenharmony_ci u32 ssid, tsid, newsid; 91862306a36Sopenharmony_ci u16 tclass; 91962306a36Sopenharmony_ci ssize_t length; 92062306a36Sopenharmony_ci char *newcon = NULL; 92162306a36Sopenharmony_ci u32 len; 92262306a36Sopenharmony_ci int nargs; 92362306a36Sopenharmony_ci 92462306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 92562306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, 92662306a36Sopenharmony_ci NULL); 92762306a36Sopenharmony_ci if (length) 92862306a36Sopenharmony_ci goto out; 92962306a36Sopenharmony_ci 93062306a36Sopenharmony_ci length = -ENOMEM; 93162306a36Sopenharmony_ci scon = kzalloc(size + 1, GFP_KERNEL); 93262306a36Sopenharmony_ci if (!scon) 93362306a36Sopenharmony_ci goto out; 93462306a36Sopenharmony_ci 93562306a36Sopenharmony_ci length = -ENOMEM; 93662306a36Sopenharmony_ci tcon = kzalloc(size + 1, GFP_KERNEL); 93762306a36Sopenharmony_ci if (!tcon) 93862306a36Sopenharmony_ci goto out; 93962306a36Sopenharmony_ci 94062306a36Sopenharmony_ci length = -ENOMEM; 94162306a36Sopenharmony_ci namebuf = kzalloc(size + 1, GFP_KERNEL); 94262306a36Sopenharmony_ci if (!namebuf) 94362306a36Sopenharmony_ci goto out; 94462306a36Sopenharmony_ci 94562306a36Sopenharmony_ci length = -EINVAL; 94662306a36Sopenharmony_ci nargs = sscanf(buf, "%s %s %hu %s", scon, tcon, &tclass, namebuf); 94762306a36Sopenharmony_ci if (nargs < 3 || nargs > 4) 94862306a36Sopenharmony_ci goto out; 94962306a36Sopenharmony_ci if (nargs == 4) { 95062306a36Sopenharmony_ci /* 95162306a36Sopenharmony_ci * If and when the name of new object to be queried contains 95262306a36Sopenharmony_ci * either whitespace or multibyte characters, they shall be 95362306a36Sopenharmony_ci * encoded based on the percentage-encoding rule. 95462306a36Sopenharmony_ci * If not encoded, the sscanf logic picks up only left-half 95562306a36Sopenharmony_ci * of the supplied name; split by a whitespace unexpectedly. 95662306a36Sopenharmony_ci */ 95762306a36Sopenharmony_ci char *r, *w; 95862306a36Sopenharmony_ci int c1, c2; 95962306a36Sopenharmony_ci 96062306a36Sopenharmony_ci r = w = namebuf; 96162306a36Sopenharmony_ci do { 96262306a36Sopenharmony_ci c1 = *r++; 96362306a36Sopenharmony_ci if (c1 == '+') 96462306a36Sopenharmony_ci c1 = ' '; 96562306a36Sopenharmony_ci else if (c1 == '%') { 96662306a36Sopenharmony_ci c1 = hex_to_bin(*r++); 96762306a36Sopenharmony_ci if (c1 < 0) 96862306a36Sopenharmony_ci goto out; 96962306a36Sopenharmony_ci c2 = hex_to_bin(*r++); 97062306a36Sopenharmony_ci if (c2 < 0) 97162306a36Sopenharmony_ci goto out; 97262306a36Sopenharmony_ci c1 = (c1 << 4) | c2; 97362306a36Sopenharmony_ci } 97462306a36Sopenharmony_ci *w++ = c1; 97562306a36Sopenharmony_ci } while (c1 != '\0'); 97662306a36Sopenharmony_ci 97762306a36Sopenharmony_ci objname = namebuf; 97862306a36Sopenharmony_ci } 97962306a36Sopenharmony_ci 98062306a36Sopenharmony_ci length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 98162306a36Sopenharmony_ci if (length) 98262306a36Sopenharmony_ci goto out; 98362306a36Sopenharmony_ci 98462306a36Sopenharmony_ci length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 98562306a36Sopenharmony_ci if (length) 98662306a36Sopenharmony_ci goto out; 98762306a36Sopenharmony_ci 98862306a36Sopenharmony_ci length = security_transition_sid_user(ssid, tsid, tclass, 98962306a36Sopenharmony_ci objname, &newsid); 99062306a36Sopenharmony_ci if (length) 99162306a36Sopenharmony_ci goto out; 99262306a36Sopenharmony_ci 99362306a36Sopenharmony_ci length = security_sid_to_context(newsid, &newcon, &len); 99462306a36Sopenharmony_ci if (length) 99562306a36Sopenharmony_ci goto out; 99662306a36Sopenharmony_ci 99762306a36Sopenharmony_ci length = -ERANGE; 99862306a36Sopenharmony_ci if (len > SIMPLE_TRANSACTION_LIMIT) { 99962306a36Sopenharmony_ci pr_err("SELinux: %s: context size (%u) exceeds " 100062306a36Sopenharmony_ci "payload max\n", __func__, len); 100162306a36Sopenharmony_ci goto out; 100262306a36Sopenharmony_ci } 100362306a36Sopenharmony_ci 100462306a36Sopenharmony_ci memcpy(buf, newcon, len); 100562306a36Sopenharmony_ci length = len; 100662306a36Sopenharmony_ciout: 100762306a36Sopenharmony_ci kfree(newcon); 100862306a36Sopenharmony_ci kfree(namebuf); 100962306a36Sopenharmony_ci kfree(tcon); 101062306a36Sopenharmony_ci kfree(scon); 101162306a36Sopenharmony_ci return length; 101262306a36Sopenharmony_ci} 101362306a36Sopenharmony_ci 101462306a36Sopenharmony_cistatic ssize_t sel_write_relabel(struct file *file, char *buf, size_t size) 101562306a36Sopenharmony_ci{ 101662306a36Sopenharmony_ci char *scon = NULL, *tcon = NULL; 101762306a36Sopenharmony_ci u32 ssid, tsid, newsid; 101862306a36Sopenharmony_ci u16 tclass; 101962306a36Sopenharmony_ci ssize_t length; 102062306a36Sopenharmony_ci char *newcon = NULL; 102162306a36Sopenharmony_ci u32 len; 102262306a36Sopenharmony_ci 102362306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 102462306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, 102562306a36Sopenharmony_ci NULL); 102662306a36Sopenharmony_ci if (length) 102762306a36Sopenharmony_ci goto out; 102862306a36Sopenharmony_ci 102962306a36Sopenharmony_ci length = -ENOMEM; 103062306a36Sopenharmony_ci scon = kzalloc(size + 1, GFP_KERNEL); 103162306a36Sopenharmony_ci if (!scon) 103262306a36Sopenharmony_ci goto out; 103362306a36Sopenharmony_ci 103462306a36Sopenharmony_ci length = -ENOMEM; 103562306a36Sopenharmony_ci tcon = kzalloc(size + 1, GFP_KERNEL); 103662306a36Sopenharmony_ci if (!tcon) 103762306a36Sopenharmony_ci goto out; 103862306a36Sopenharmony_ci 103962306a36Sopenharmony_ci length = -EINVAL; 104062306a36Sopenharmony_ci if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 104162306a36Sopenharmony_ci goto out; 104262306a36Sopenharmony_ci 104362306a36Sopenharmony_ci length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 104462306a36Sopenharmony_ci if (length) 104562306a36Sopenharmony_ci goto out; 104662306a36Sopenharmony_ci 104762306a36Sopenharmony_ci length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 104862306a36Sopenharmony_ci if (length) 104962306a36Sopenharmony_ci goto out; 105062306a36Sopenharmony_ci 105162306a36Sopenharmony_ci length = security_change_sid(ssid, tsid, tclass, &newsid); 105262306a36Sopenharmony_ci if (length) 105362306a36Sopenharmony_ci goto out; 105462306a36Sopenharmony_ci 105562306a36Sopenharmony_ci length = security_sid_to_context(newsid, &newcon, &len); 105662306a36Sopenharmony_ci if (length) 105762306a36Sopenharmony_ci goto out; 105862306a36Sopenharmony_ci 105962306a36Sopenharmony_ci length = -ERANGE; 106062306a36Sopenharmony_ci if (len > SIMPLE_TRANSACTION_LIMIT) 106162306a36Sopenharmony_ci goto out; 106262306a36Sopenharmony_ci 106362306a36Sopenharmony_ci memcpy(buf, newcon, len); 106462306a36Sopenharmony_ci length = len; 106562306a36Sopenharmony_ciout: 106662306a36Sopenharmony_ci kfree(newcon); 106762306a36Sopenharmony_ci kfree(tcon); 106862306a36Sopenharmony_ci kfree(scon); 106962306a36Sopenharmony_ci return length; 107062306a36Sopenharmony_ci} 107162306a36Sopenharmony_ci 107262306a36Sopenharmony_cistatic ssize_t sel_write_user(struct file *file, char *buf, size_t size) 107362306a36Sopenharmony_ci{ 107462306a36Sopenharmony_ci char *con = NULL, *user = NULL, *ptr; 107562306a36Sopenharmony_ci u32 sid, *sids = NULL; 107662306a36Sopenharmony_ci ssize_t length; 107762306a36Sopenharmony_ci char *newcon; 107862306a36Sopenharmony_ci int rc; 107962306a36Sopenharmony_ci u32 i, len, nsids; 108062306a36Sopenharmony_ci 108162306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 108262306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__COMPUTE_USER, 108362306a36Sopenharmony_ci NULL); 108462306a36Sopenharmony_ci if (length) 108562306a36Sopenharmony_ci goto out; 108662306a36Sopenharmony_ci 108762306a36Sopenharmony_ci length = -ENOMEM; 108862306a36Sopenharmony_ci con = kzalloc(size + 1, GFP_KERNEL); 108962306a36Sopenharmony_ci if (!con) 109062306a36Sopenharmony_ci goto out; 109162306a36Sopenharmony_ci 109262306a36Sopenharmony_ci length = -ENOMEM; 109362306a36Sopenharmony_ci user = kzalloc(size + 1, GFP_KERNEL); 109462306a36Sopenharmony_ci if (!user) 109562306a36Sopenharmony_ci goto out; 109662306a36Sopenharmony_ci 109762306a36Sopenharmony_ci length = -EINVAL; 109862306a36Sopenharmony_ci if (sscanf(buf, "%s %s", con, user) != 2) 109962306a36Sopenharmony_ci goto out; 110062306a36Sopenharmony_ci 110162306a36Sopenharmony_ci length = security_context_str_to_sid(con, &sid, GFP_KERNEL); 110262306a36Sopenharmony_ci if (length) 110362306a36Sopenharmony_ci goto out; 110462306a36Sopenharmony_ci 110562306a36Sopenharmony_ci length = security_get_user_sids(sid, user, &sids, &nsids); 110662306a36Sopenharmony_ci if (length) 110762306a36Sopenharmony_ci goto out; 110862306a36Sopenharmony_ci 110962306a36Sopenharmony_ci length = sprintf(buf, "%u", nsids) + 1; 111062306a36Sopenharmony_ci ptr = buf + length; 111162306a36Sopenharmony_ci for (i = 0; i < nsids; i++) { 111262306a36Sopenharmony_ci rc = security_sid_to_context(sids[i], &newcon, &len); 111362306a36Sopenharmony_ci if (rc) { 111462306a36Sopenharmony_ci length = rc; 111562306a36Sopenharmony_ci goto out; 111662306a36Sopenharmony_ci } 111762306a36Sopenharmony_ci if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) { 111862306a36Sopenharmony_ci kfree(newcon); 111962306a36Sopenharmony_ci length = -ERANGE; 112062306a36Sopenharmony_ci goto out; 112162306a36Sopenharmony_ci } 112262306a36Sopenharmony_ci memcpy(ptr, newcon, len); 112362306a36Sopenharmony_ci kfree(newcon); 112462306a36Sopenharmony_ci ptr += len; 112562306a36Sopenharmony_ci length += len; 112662306a36Sopenharmony_ci } 112762306a36Sopenharmony_ciout: 112862306a36Sopenharmony_ci kfree(sids); 112962306a36Sopenharmony_ci kfree(user); 113062306a36Sopenharmony_ci kfree(con); 113162306a36Sopenharmony_ci return length; 113262306a36Sopenharmony_ci} 113362306a36Sopenharmony_ci 113462306a36Sopenharmony_cistatic ssize_t sel_write_member(struct file *file, char *buf, size_t size) 113562306a36Sopenharmony_ci{ 113662306a36Sopenharmony_ci char *scon = NULL, *tcon = NULL; 113762306a36Sopenharmony_ci u32 ssid, tsid, newsid; 113862306a36Sopenharmony_ci u16 tclass; 113962306a36Sopenharmony_ci ssize_t length; 114062306a36Sopenharmony_ci char *newcon = NULL; 114162306a36Sopenharmony_ci u32 len; 114262306a36Sopenharmony_ci 114362306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 114462306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, 114562306a36Sopenharmony_ci NULL); 114662306a36Sopenharmony_ci if (length) 114762306a36Sopenharmony_ci goto out; 114862306a36Sopenharmony_ci 114962306a36Sopenharmony_ci length = -ENOMEM; 115062306a36Sopenharmony_ci scon = kzalloc(size + 1, GFP_KERNEL); 115162306a36Sopenharmony_ci if (!scon) 115262306a36Sopenharmony_ci goto out; 115362306a36Sopenharmony_ci 115462306a36Sopenharmony_ci length = -ENOMEM; 115562306a36Sopenharmony_ci tcon = kzalloc(size + 1, GFP_KERNEL); 115662306a36Sopenharmony_ci if (!tcon) 115762306a36Sopenharmony_ci goto out; 115862306a36Sopenharmony_ci 115962306a36Sopenharmony_ci length = -EINVAL; 116062306a36Sopenharmony_ci if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 116162306a36Sopenharmony_ci goto out; 116262306a36Sopenharmony_ci 116362306a36Sopenharmony_ci length = security_context_str_to_sid(scon, &ssid, GFP_KERNEL); 116462306a36Sopenharmony_ci if (length) 116562306a36Sopenharmony_ci goto out; 116662306a36Sopenharmony_ci 116762306a36Sopenharmony_ci length = security_context_str_to_sid(tcon, &tsid, GFP_KERNEL); 116862306a36Sopenharmony_ci if (length) 116962306a36Sopenharmony_ci goto out; 117062306a36Sopenharmony_ci 117162306a36Sopenharmony_ci length = security_member_sid(ssid, tsid, tclass, &newsid); 117262306a36Sopenharmony_ci if (length) 117362306a36Sopenharmony_ci goto out; 117462306a36Sopenharmony_ci 117562306a36Sopenharmony_ci length = security_sid_to_context(newsid, &newcon, &len); 117662306a36Sopenharmony_ci if (length) 117762306a36Sopenharmony_ci goto out; 117862306a36Sopenharmony_ci 117962306a36Sopenharmony_ci length = -ERANGE; 118062306a36Sopenharmony_ci if (len > SIMPLE_TRANSACTION_LIMIT) { 118162306a36Sopenharmony_ci pr_err("SELinux: %s: context size (%u) exceeds " 118262306a36Sopenharmony_ci "payload max\n", __func__, len); 118362306a36Sopenharmony_ci goto out; 118462306a36Sopenharmony_ci } 118562306a36Sopenharmony_ci 118662306a36Sopenharmony_ci memcpy(buf, newcon, len); 118762306a36Sopenharmony_ci length = len; 118862306a36Sopenharmony_ciout: 118962306a36Sopenharmony_ci kfree(newcon); 119062306a36Sopenharmony_ci kfree(tcon); 119162306a36Sopenharmony_ci kfree(scon); 119262306a36Sopenharmony_ci return length; 119362306a36Sopenharmony_ci} 119462306a36Sopenharmony_ci 119562306a36Sopenharmony_cistatic struct inode *sel_make_inode(struct super_block *sb, umode_t mode) 119662306a36Sopenharmony_ci{ 119762306a36Sopenharmony_ci struct inode *ret = new_inode(sb); 119862306a36Sopenharmony_ci 119962306a36Sopenharmony_ci if (ret) { 120062306a36Sopenharmony_ci ret->i_mode = mode; 120162306a36Sopenharmony_ci ret->i_atime = ret->i_mtime = inode_set_ctime_current(ret); 120262306a36Sopenharmony_ci } 120362306a36Sopenharmony_ci return ret; 120462306a36Sopenharmony_ci} 120562306a36Sopenharmony_ci 120662306a36Sopenharmony_cistatic ssize_t sel_read_bool(struct file *filep, char __user *buf, 120762306a36Sopenharmony_ci size_t count, loff_t *ppos) 120862306a36Sopenharmony_ci{ 120962306a36Sopenharmony_ci struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 121062306a36Sopenharmony_ci char *page = NULL; 121162306a36Sopenharmony_ci ssize_t length; 121262306a36Sopenharmony_ci ssize_t ret; 121362306a36Sopenharmony_ci int cur_enforcing; 121462306a36Sopenharmony_ci unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 121562306a36Sopenharmony_ci const char *name = filep->f_path.dentry->d_name.name; 121662306a36Sopenharmony_ci 121762306a36Sopenharmony_ci mutex_lock(&selinux_state.policy_mutex); 121862306a36Sopenharmony_ci 121962306a36Sopenharmony_ci ret = -EINVAL; 122062306a36Sopenharmony_ci if (index >= fsi->bool_num || strcmp(name, 122162306a36Sopenharmony_ci fsi->bool_pending_names[index])) 122262306a36Sopenharmony_ci goto out_unlock; 122362306a36Sopenharmony_ci 122462306a36Sopenharmony_ci ret = -ENOMEM; 122562306a36Sopenharmony_ci page = (char *)get_zeroed_page(GFP_KERNEL); 122662306a36Sopenharmony_ci if (!page) 122762306a36Sopenharmony_ci goto out_unlock; 122862306a36Sopenharmony_ci 122962306a36Sopenharmony_ci cur_enforcing = security_get_bool_value(index); 123062306a36Sopenharmony_ci if (cur_enforcing < 0) { 123162306a36Sopenharmony_ci ret = cur_enforcing; 123262306a36Sopenharmony_ci goto out_unlock; 123362306a36Sopenharmony_ci } 123462306a36Sopenharmony_ci length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing, 123562306a36Sopenharmony_ci fsi->bool_pending_values[index]); 123662306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 123762306a36Sopenharmony_ci ret = simple_read_from_buffer(buf, count, ppos, page, length); 123862306a36Sopenharmony_ciout_free: 123962306a36Sopenharmony_ci free_page((unsigned long)page); 124062306a36Sopenharmony_ci return ret; 124162306a36Sopenharmony_ci 124262306a36Sopenharmony_ciout_unlock: 124362306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 124462306a36Sopenharmony_ci goto out_free; 124562306a36Sopenharmony_ci} 124662306a36Sopenharmony_ci 124762306a36Sopenharmony_cistatic ssize_t sel_write_bool(struct file *filep, const char __user *buf, 124862306a36Sopenharmony_ci size_t count, loff_t *ppos) 124962306a36Sopenharmony_ci{ 125062306a36Sopenharmony_ci struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 125162306a36Sopenharmony_ci char *page = NULL; 125262306a36Sopenharmony_ci ssize_t length; 125362306a36Sopenharmony_ci int new_value; 125462306a36Sopenharmony_ci unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 125562306a36Sopenharmony_ci const char *name = filep->f_path.dentry->d_name.name; 125662306a36Sopenharmony_ci 125762306a36Sopenharmony_ci if (count >= PAGE_SIZE) 125862306a36Sopenharmony_ci return -ENOMEM; 125962306a36Sopenharmony_ci 126062306a36Sopenharmony_ci /* No partial writes. */ 126162306a36Sopenharmony_ci if (*ppos != 0) 126262306a36Sopenharmony_ci return -EINVAL; 126362306a36Sopenharmony_ci 126462306a36Sopenharmony_ci page = memdup_user_nul(buf, count); 126562306a36Sopenharmony_ci if (IS_ERR(page)) 126662306a36Sopenharmony_ci return PTR_ERR(page); 126762306a36Sopenharmony_ci 126862306a36Sopenharmony_ci mutex_lock(&selinux_state.policy_mutex); 126962306a36Sopenharmony_ci 127062306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 127162306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__SETBOOL, 127262306a36Sopenharmony_ci NULL); 127362306a36Sopenharmony_ci if (length) 127462306a36Sopenharmony_ci goto out; 127562306a36Sopenharmony_ci 127662306a36Sopenharmony_ci length = -EINVAL; 127762306a36Sopenharmony_ci if (index >= fsi->bool_num || strcmp(name, 127862306a36Sopenharmony_ci fsi->bool_pending_names[index])) 127962306a36Sopenharmony_ci goto out; 128062306a36Sopenharmony_ci 128162306a36Sopenharmony_ci length = -EINVAL; 128262306a36Sopenharmony_ci if (sscanf(page, "%d", &new_value) != 1) 128362306a36Sopenharmony_ci goto out; 128462306a36Sopenharmony_ci 128562306a36Sopenharmony_ci if (new_value) 128662306a36Sopenharmony_ci new_value = 1; 128762306a36Sopenharmony_ci 128862306a36Sopenharmony_ci fsi->bool_pending_values[index] = new_value; 128962306a36Sopenharmony_ci length = count; 129062306a36Sopenharmony_ci 129162306a36Sopenharmony_ciout: 129262306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 129362306a36Sopenharmony_ci kfree(page); 129462306a36Sopenharmony_ci return length; 129562306a36Sopenharmony_ci} 129662306a36Sopenharmony_ci 129762306a36Sopenharmony_cistatic const struct file_operations sel_bool_ops = { 129862306a36Sopenharmony_ci .read = sel_read_bool, 129962306a36Sopenharmony_ci .write = sel_write_bool, 130062306a36Sopenharmony_ci .llseek = generic_file_llseek, 130162306a36Sopenharmony_ci}; 130262306a36Sopenharmony_ci 130362306a36Sopenharmony_cistatic ssize_t sel_commit_bools_write(struct file *filep, 130462306a36Sopenharmony_ci const char __user *buf, 130562306a36Sopenharmony_ci size_t count, loff_t *ppos) 130662306a36Sopenharmony_ci{ 130762306a36Sopenharmony_ci struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 130862306a36Sopenharmony_ci char *page = NULL; 130962306a36Sopenharmony_ci ssize_t length; 131062306a36Sopenharmony_ci int new_value; 131162306a36Sopenharmony_ci 131262306a36Sopenharmony_ci if (count >= PAGE_SIZE) 131362306a36Sopenharmony_ci return -ENOMEM; 131462306a36Sopenharmony_ci 131562306a36Sopenharmony_ci /* No partial writes. */ 131662306a36Sopenharmony_ci if (*ppos != 0) 131762306a36Sopenharmony_ci return -EINVAL; 131862306a36Sopenharmony_ci 131962306a36Sopenharmony_ci page = memdup_user_nul(buf, count); 132062306a36Sopenharmony_ci if (IS_ERR(page)) 132162306a36Sopenharmony_ci return PTR_ERR(page); 132262306a36Sopenharmony_ci 132362306a36Sopenharmony_ci mutex_lock(&selinux_state.policy_mutex); 132462306a36Sopenharmony_ci 132562306a36Sopenharmony_ci length = avc_has_perm(current_sid(), SECINITSID_SECURITY, 132662306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__SETBOOL, 132762306a36Sopenharmony_ci NULL); 132862306a36Sopenharmony_ci if (length) 132962306a36Sopenharmony_ci goto out; 133062306a36Sopenharmony_ci 133162306a36Sopenharmony_ci length = -EINVAL; 133262306a36Sopenharmony_ci if (sscanf(page, "%d", &new_value) != 1) 133362306a36Sopenharmony_ci goto out; 133462306a36Sopenharmony_ci 133562306a36Sopenharmony_ci length = 0; 133662306a36Sopenharmony_ci if (new_value && fsi->bool_pending_values) 133762306a36Sopenharmony_ci length = security_set_bools(fsi->bool_num, 133862306a36Sopenharmony_ci fsi->bool_pending_values); 133962306a36Sopenharmony_ci 134062306a36Sopenharmony_ci if (!length) 134162306a36Sopenharmony_ci length = count; 134262306a36Sopenharmony_ci 134362306a36Sopenharmony_ciout: 134462306a36Sopenharmony_ci mutex_unlock(&selinux_state.policy_mutex); 134562306a36Sopenharmony_ci kfree(page); 134662306a36Sopenharmony_ci return length; 134762306a36Sopenharmony_ci} 134862306a36Sopenharmony_ci 134962306a36Sopenharmony_cistatic const struct file_operations sel_commit_bools_ops = { 135062306a36Sopenharmony_ci .write = sel_commit_bools_write, 135162306a36Sopenharmony_ci .llseek = generic_file_llseek, 135262306a36Sopenharmony_ci}; 135362306a36Sopenharmony_ci 135462306a36Sopenharmony_cistatic void sel_remove_entries(struct dentry *de) 135562306a36Sopenharmony_ci{ 135662306a36Sopenharmony_ci d_genocide(de); 135762306a36Sopenharmony_ci shrink_dcache_parent(de); 135862306a36Sopenharmony_ci} 135962306a36Sopenharmony_ci 136062306a36Sopenharmony_cistatic int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir, 136162306a36Sopenharmony_ci unsigned int *bool_num, char ***bool_pending_names, 136262306a36Sopenharmony_ci int **bool_pending_values) 136362306a36Sopenharmony_ci{ 136462306a36Sopenharmony_ci int ret; 136562306a36Sopenharmony_ci ssize_t len; 136662306a36Sopenharmony_ci struct dentry *dentry = NULL; 136762306a36Sopenharmony_ci struct inode *inode = NULL; 136862306a36Sopenharmony_ci struct inode_security_struct *isec; 136962306a36Sopenharmony_ci char **names = NULL, *page; 137062306a36Sopenharmony_ci u32 i, num; 137162306a36Sopenharmony_ci int *values = NULL; 137262306a36Sopenharmony_ci u32 sid; 137362306a36Sopenharmony_ci 137462306a36Sopenharmony_ci ret = -ENOMEM; 137562306a36Sopenharmony_ci page = (char *)get_zeroed_page(GFP_KERNEL); 137662306a36Sopenharmony_ci if (!page) 137762306a36Sopenharmony_ci goto out; 137862306a36Sopenharmony_ci 137962306a36Sopenharmony_ci ret = security_get_bools(newpolicy, &num, &names, &values); 138062306a36Sopenharmony_ci if (ret) 138162306a36Sopenharmony_ci goto out; 138262306a36Sopenharmony_ci 138362306a36Sopenharmony_ci for (i = 0; i < num; i++) { 138462306a36Sopenharmony_ci ret = -ENOMEM; 138562306a36Sopenharmony_ci dentry = d_alloc_name(bool_dir, names[i]); 138662306a36Sopenharmony_ci if (!dentry) 138762306a36Sopenharmony_ci goto out; 138862306a36Sopenharmony_ci 138962306a36Sopenharmony_ci ret = -ENOMEM; 139062306a36Sopenharmony_ci inode = sel_make_inode(bool_dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); 139162306a36Sopenharmony_ci if (!inode) { 139262306a36Sopenharmony_ci dput(dentry); 139362306a36Sopenharmony_ci goto out; 139462306a36Sopenharmony_ci } 139562306a36Sopenharmony_ci 139662306a36Sopenharmony_ci ret = -ENAMETOOLONG; 139762306a36Sopenharmony_ci len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); 139862306a36Sopenharmony_ci if (len >= PAGE_SIZE) { 139962306a36Sopenharmony_ci dput(dentry); 140062306a36Sopenharmony_ci iput(inode); 140162306a36Sopenharmony_ci goto out; 140262306a36Sopenharmony_ci } 140362306a36Sopenharmony_ci 140462306a36Sopenharmony_ci isec = selinux_inode(inode); 140562306a36Sopenharmony_ci ret = selinux_policy_genfs_sid(newpolicy, "selinuxfs", page, 140662306a36Sopenharmony_ci SECCLASS_FILE, &sid); 140762306a36Sopenharmony_ci if (ret) { 140862306a36Sopenharmony_ci pr_warn_ratelimited("SELinux: no sid found, defaulting to security isid for %s\n", 140962306a36Sopenharmony_ci page); 141062306a36Sopenharmony_ci sid = SECINITSID_SECURITY; 141162306a36Sopenharmony_ci } 141262306a36Sopenharmony_ci 141362306a36Sopenharmony_ci isec->sid = sid; 141462306a36Sopenharmony_ci isec->initialized = LABEL_INITIALIZED; 141562306a36Sopenharmony_ci inode->i_fop = &sel_bool_ops; 141662306a36Sopenharmony_ci inode->i_ino = i|SEL_BOOL_INO_OFFSET; 141762306a36Sopenharmony_ci d_add(dentry, inode); 141862306a36Sopenharmony_ci } 141962306a36Sopenharmony_ci *bool_num = num; 142062306a36Sopenharmony_ci *bool_pending_names = names; 142162306a36Sopenharmony_ci *bool_pending_values = values; 142262306a36Sopenharmony_ci 142362306a36Sopenharmony_ci free_page((unsigned long)page); 142462306a36Sopenharmony_ci return 0; 142562306a36Sopenharmony_ciout: 142662306a36Sopenharmony_ci free_page((unsigned long)page); 142762306a36Sopenharmony_ci 142862306a36Sopenharmony_ci if (names) { 142962306a36Sopenharmony_ci for (i = 0; i < num; i++) 143062306a36Sopenharmony_ci kfree(names[i]); 143162306a36Sopenharmony_ci kfree(names); 143262306a36Sopenharmony_ci } 143362306a36Sopenharmony_ci kfree(values); 143462306a36Sopenharmony_ci sel_remove_entries(bool_dir); 143562306a36Sopenharmony_ci 143662306a36Sopenharmony_ci return ret; 143762306a36Sopenharmony_ci} 143862306a36Sopenharmony_ci 143962306a36Sopenharmony_cistatic ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, 144062306a36Sopenharmony_ci size_t count, loff_t *ppos) 144162306a36Sopenharmony_ci{ 144262306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 144362306a36Sopenharmony_ci ssize_t length; 144462306a36Sopenharmony_ci 144562306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 144662306a36Sopenharmony_ci avc_get_cache_threshold()); 144762306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 144862306a36Sopenharmony_ci} 144962306a36Sopenharmony_ci 145062306a36Sopenharmony_cistatic ssize_t sel_write_avc_cache_threshold(struct file *file, 145162306a36Sopenharmony_ci const char __user *buf, 145262306a36Sopenharmony_ci size_t count, loff_t *ppos) 145362306a36Sopenharmony_ci 145462306a36Sopenharmony_ci{ 145562306a36Sopenharmony_ci char *page; 145662306a36Sopenharmony_ci ssize_t ret; 145762306a36Sopenharmony_ci unsigned int new_value; 145862306a36Sopenharmony_ci 145962306a36Sopenharmony_ci ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, 146062306a36Sopenharmony_ci SECCLASS_SECURITY, SECURITY__SETSECPARAM, 146162306a36Sopenharmony_ci NULL); 146262306a36Sopenharmony_ci if (ret) 146362306a36Sopenharmony_ci return ret; 146462306a36Sopenharmony_ci 146562306a36Sopenharmony_ci if (count >= PAGE_SIZE) 146662306a36Sopenharmony_ci return -ENOMEM; 146762306a36Sopenharmony_ci 146862306a36Sopenharmony_ci /* No partial writes. */ 146962306a36Sopenharmony_ci if (*ppos != 0) 147062306a36Sopenharmony_ci return -EINVAL; 147162306a36Sopenharmony_ci 147262306a36Sopenharmony_ci page = memdup_user_nul(buf, count); 147362306a36Sopenharmony_ci if (IS_ERR(page)) 147462306a36Sopenharmony_ci return PTR_ERR(page); 147562306a36Sopenharmony_ci 147662306a36Sopenharmony_ci ret = -EINVAL; 147762306a36Sopenharmony_ci if (sscanf(page, "%u", &new_value) != 1) 147862306a36Sopenharmony_ci goto out; 147962306a36Sopenharmony_ci 148062306a36Sopenharmony_ci avc_set_cache_threshold(new_value); 148162306a36Sopenharmony_ci 148262306a36Sopenharmony_ci ret = count; 148362306a36Sopenharmony_ciout: 148462306a36Sopenharmony_ci kfree(page); 148562306a36Sopenharmony_ci return ret; 148662306a36Sopenharmony_ci} 148762306a36Sopenharmony_ci 148862306a36Sopenharmony_cistatic ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, 148962306a36Sopenharmony_ci size_t count, loff_t *ppos) 149062306a36Sopenharmony_ci{ 149162306a36Sopenharmony_ci char *page; 149262306a36Sopenharmony_ci ssize_t length; 149362306a36Sopenharmony_ci 149462306a36Sopenharmony_ci page = (char *)__get_free_page(GFP_KERNEL); 149562306a36Sopenharmony_ci if (!page) 149662306a36Sopenharmony_ci return -ENOMEM; 149762306a36Sopenharmony_ci 149862306a36Sopenharmony_ci length = avc_get_hash_stats(page); 149962306a36Sopenharmony_ci if (length >= 0) 150062306a36Sopenharmony_ci length = simple_read_from_buffer(buf, count, ppos, page, length); 150162306a36Sopenharmony_ci free_page((unsigned long)page); 150262306a36Sopenharmony_ci 150362306a36Sopenharmony_ci return length; 150462306a36Sopenharmony_ci} 150562306a36Sopenharmony_ci 150662306a36Sopenharmony_cistatic ssize_t sel_read_sidtab_hash_stats(struct file *filp, char __user *buf, 150762306a36Sopenharmony_ci size_t count, loff_t *ppos) 150862306a36Sopenharmony_ci{ 150962306a36Sopenharmony_ci char *page; 151062306a36Sopenharmony_ci ssize_t length; 151162306a36Sopenharmony_ci 151262306a36Sopenharmony_ci page = (char *)__get_free_page(GFP_KERNEL); 151362306a36Sopenharmony_ci if (!page) 151462306a36Sopenharmony_ci return -ENOMEM; 151562306a36Sopenharmony_ci 151662306a36Sopenharmony_ci length = security_sidtab_hash_stats(page); 151762306a36Sopenharmony_ci if (length >= 0) 151862306a36Sopenharmony_ci length = simple_read_from_buffer(buf, count, ppos, page, 151962306a36Sopenharmony_ci length); 152062306a36Sopenharmony_ci free_page((unsigned long)page); 152162306a36Sopenharmony_ci 152262306a36Sopenharmony_ci return length; 152362306a36Sopenharmony_ci} 152462306a36Sopenharmony_ci 152562306a36Sopenharmony_cistatic const struct file_operations sel_sidtab_hash_stats_ops = { 152662306a36Sopenharmony_ci .read = sel_read_sidtab_hash_stats, 152762306a36Sopenharmony_ci .llseek = generic_file_llseek, 152862306a36Sopenharmony_ci}; 152962306a36Sopenharmony_ci 153062306a36Sopenharmony_cistatic const struct file_operations sel_avc_cache_threshold_ops = { 153162306a36Sopenharmony_ci .read = sel_read_avc_cache_threshold, 153262306a36Sopenharmony_ci .write = sel_write_avc_cache_threshold, 153362306a36Sopenharmony_ci .llseek = generic_file_llseek, 153462306a36Sopenharmony_ci}; 153562306a36Sopenharmony_ci 153662306a36Sopenharmony_cistatic const struct file_operations sel_avc_hash_stats_ops = { 153762306a36Sopenharmony_ci .read = sel_read_avc_hash_stats, 153862306a36Sopenharmony_ci .llseek = generic_file_llseek, 153962306a36Sopenharmony_ci}; 154062306a36Sopenharmony_ci 154162306a36Sopenharmony_ci#ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 154262306a36Sopenharmony_cistatic struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) 154362306a36Sopenharmony_ci{ 154462306a36Sopenharmony_ci int cpu; 154562306a36Sopenharmony_ci 154662306a36Sopenharmony_ci for (cpu = *idx; cpu < nr_cpu_ids; ++cpu) { 154762306a36Sopenharmony_ci if (!cpu_possible(cpu)) 154862306a36Sopenharmony_ci continue; 154962306a36Sopenharmony_ci *idx = cpu + 1; 155062306a36Sopenharmony_ci return &per_cpu(avc_cache_stats, cpu); 155162306a36Sopenharmony_ci } 155262306a36Sopenharmony_ci (*idx)++; 155362306a36Sopenharmony_ci return NULL; 155462306a36Sopenharmony_ci} 155562306a36Sopenharmony_ci 155662306a36Sopenharmony_cistatic void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos) 155762306a36Sopenharmony_ci{ 155862306a36Sopenharmony_ci loff_t n = *pos - 1; 155962306a36Sopenharmony_ci 156062306a36Sopenharmony_ci if (*pos == 0) 156162306a36Sopenharmony_ci return SEQ_START_TOKEN; 156262306a36Sopenharmony_ci 156362306a36Sopenharmony_ci return sel_avc_get_stat_idx(&n); 156462306a36Sopenharmony_ci} 156562306a36Sopenharmony_ci 156662306a36Sopenharmony_cistatic void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos) 156762306a36Sopenharmony_ci{ 156862306a36Sopenharmony_ci return sel_avc_get_stat_idx(pos); 156962306a36Sopenharmony_ci} 157062306a36Sopenharmony_ci 157162306a36Sopenharmony_cistatic int sel_avc_stats_seq_show(struct seq_file *seq, void *v) 157262306a36Sopenharmony_ci{ 157362306a36Sopenharmony_ci struct avc_cache_stats *st = v; 157462306a36Sopenharmony_ci 157562306a36Sopenharmony_ci if (v == SEQ_START_TOKEN) { 157662306a36Sopenharmony_ci seq_puts(seq, 157762306a36Sopenharmony_ci "lookups hits misses allocations reclaims frees\n"); 157862306a36Sopenharmony_ci } else { 157962306a36Sopenharmony_ci unsigned int lookups = st->lookups; 158062306a36Sopenharmony_ci unsigned int misses = st->misses; 158162306a36Sopenharmony_ci unsigned int hits = lookups - misses; 158262306a36Sopenharmony_ci seq_printf(seq, "%u %u %u %u %u %u\n", lookups, 158362306a36Sopenharmony_ci hits, misses, st->allocations, 158462306a36Sopenharmony_ci st->reclaims, st->frees); 158562306a36Sopenharmony_ci } 158662306a36Sopenharmony_ci return 0; 158762306a36Sopenharmony_ci} 158862306a36Sopenharmony_ci 158962306a36Sopenharmony_cistatic void sel_avc_stats_seq_stop(struct seq_file *seq, void *v) 159062306a36Sopenharmony_ci{ } 159162306a36Sopenharmony_ci 159262306a36Sopenharmony_cistatic const struct seq_operations sel_avc_cache_stats_seq_ops = { 159362306a36Sopenharmony_ci .start = sel_avc_stats_seq_start, 159462306a36Sopenharmony_ci .next = sel_avc_stats_seq_next, 159562306a36Sopenharmony_ci .show = sel_avc_stats_seq_show, 159662306a36Sopenharmony_ci .stop = sel_avc_stats_seq_stop, 159762306a36Sopenharmony_ci}; 159862306a36Sopenharmony_ci 159962306a36Sopenharmony_cistatic int sel_open_avc_cache_stats(struct inode *inode, struct file *file) 160062306a36Sopenharmony_ci{ 160162306a36Sopenharmony_ci return seq_open(file, &sel_avc_cache_stats_seq_ops); 160262306a36Sopenharmony_ci} 160362306a36Sopenharmony_ci 160462306a36Sopenharmony_cistatic const struct file_operations sel_avc_cache_stats_ops = { 160562306a36Sopenharmony_ci .open = sel_open_avc_cache_stats, 160662306a36Sopenharmony_ci .read = seq_read, 160762306a36Sopenharmony_ci .llseek = seq_lseek, 160862306a36Sopenharmony_ci .release = seq_release, 160962306a36Sopenharmony_ci}; 161062306a36Sopenharmony_ci#endif 161162306a36Sopenharmony_ci 161262306a36Sopenharmony_cistatic int sel_make_avc_files(struct dentry *dir) 161362306a36Sopenharmony_ci{ 161462306a36Sopenharmony_ci struct super_block *sb = dir->d_sb; 161562306a36Sopenharmony_ci struct selinux_fs_info *fsi = sb->s_fs_info; 161662306a36Sopenharmony_ci unsigned int i; 161762306a36Sopenharmony_ci static const struct tree_descr files[] = { 161862306a36Sopenharmony_ci { "cache_threshold", 161962306a36Sopenharmony_ci &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, 162062306a36Sopenharmony_ci { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, 162162306a36Sopenharmony_ci#ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 162262306a36Sopenharmony_ci { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, 162362306a36Sopenharmony_ci#endif 162462306a36Sopenharmony_ci }; 162562306a36Sopenharmony_ci 162662306a36Sopenharmony_ci for (i = 0; i < ARRAY_SIZE(files); i++) { 162762306a36Sopenharmony_ci struct inode *inode; 162862306a36Sopenharmony_ci struct dentry *dentry; 162962306a36Sopenharmony_ci 163062306a36Sopenharmony_ci dentry = d_alloc_name(dir, files[i].name); 163162306a36Sopenharmony_ci if (!dentry) 163262306a36Sopenharmony_ci return -ENOMEM; 163362306a36Sopenharmony_ci 163462306a36Sopenharmony_ci inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); 163562306a36Sopenharmony_ci if (!inode) { 163662306a36Sopenharmony_ci dput(dentry); 163762306a36Sopenharmony_ci return -ENOMEM; 163862306a36Sopenharmony_ci } 163962306a36Sopenharmony_ci 164062306a36Sopenharmony_ci inode->i_fop = files[i].ops; 164162306a36Sopenharmony_ci inode->i_ino = ++fsi->last_ino; 164262306a36Sopenharmony_ci d_add(dentry, inode); 164362306a36Sopenharmony_ci } 164462306a36Sopenharmony_ci 164562306a36Sopenharmony_ci return 0; 164662306a36Sopenharmony_ci} 164762306a36Sopenharmony_ci 164862306a36Sopenharmony_cistatic int sel_make_ss_files(struct dentry *dir) 164962306a36Sopenharmony_ci{ 165062306a36Sopenharmony_ci struct super_block *sb = dir->d_sb; 165162306a36Sopenharmony_ci struct selinux_fs_info *fsi = sb->s_fs_info; 165262306a36Sopenharmony_ci unsigned int i; 165362306a36Sopenharmony_ci static const struct tree_descr files[] = { 165462306a36Sopenharmony_ci { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO }, 165562306a36Sopenharmony_ci }; 165662306a36Sopenharmony_ci 165762306a36Sopenharmony_ci for (i = 0; i < ARRAY_SIZE(files); i++) { 165862306a36Sopenharmony_ci struct inode *inode; 165962306a36Sopenharmony_ci struct dentry *dentry; 166062306a36Sopenharmony_ci 166162306a36Sopenharmony_ci dentry = d_alloc_name(dir, files[i].name); 166262306a36Sopenharmony_ci if (!dentry) 166362306a36Sopenharmony_ci return -ENOMEM; 166462306a36Sopenharmony_ci 166562306a36Sopenharmony_ci inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); 166662306a36Sopenharmony_ci if (!inode) { 166762306a36Sopenharmony_ci dput(dentry); 166862306a36Sopenharmony_ci return -ENOMEM; 166962306a36Sopenharmony_ci } 167062306a36Sopenharmony_ci 167162306a36Sopenharmony_ci inode->i_fop = files[i].ops; 167262306a36Sopenharmony_ci inode->i_ino = ++fsi->last_ino; 167362306a36Sopenharmony_ci d_add(dentry, inode); 167462306a36Sopenharmony_ci } 167562306a36Sopenharmony_ci 167662306a36Sopenharmony_ci return 0; 167762306a36Sopenharmony_ci} 167862306a36Sopenharmony_ci 167962306a36Sopenharmony_cistatic ssize_t sel_read_initcon(struct file *file, char __user *buf, 168062306a36Sopenharmony_ci size_t count, loff_t *ppos) 168162306a36Sopenharmony_ci{ 168262306a36Sopenharmony_ci char *con; 168362306a36Sopenharmony_ci u32 sid, len; 168462306a36Sopenharmony_ci ssize_t ret; 168562306a36Sopenharmony_ci 168662306a36Sopenharmony_ci sid = file_inode(file)->i_ino&SEL_INO_MASK; 168762306a36Sopenharmony_ci ret = security_sid_to_context(sid, &con, &len); 168862306a36Sopenharmony_ci if (ret) 168962306a36Sopenharmony_ci return ret; 169062306a36Sopenharmony_ci 169162306a36Sopenharmony_ci ret = simple_read_from_buffer(buf, count, ppos, con, len); 169262306a36Sopenharmony_ci kfree(con); 169362306a36Sopenharmony_ci return ret; 169462306a36Sopenharmony_ci} 169562306a36Sopenharmony_ci 169662306a36Sopenharmony_cistatic const struct file_operations sel_initcon_ops = { 169762306a36Sopenharmony_ci .read = sel_read_initcon, 169862306a36Sopenharmony_ci .llseek = generic_file_llseek, 169962306a36Sopenharmony_ci}; 170062306a36Sopenharmony_ci 170162306a36Sopenharmony_cistatic int sel_make_initcon_files(struct dentry *dir) 170262306a36Sopenharmony_ci{ 170362306a36Sopenharmony_ci unsigned int i; 170462306a36Sopenharmony_ci 170562306a36Sopenharmony_ci for (i = 1; i <= SECINITSID_NUM; i++) { 170662306a36Sopenharmony_ci struct inode *inode; 170762306a36Sopenharmony_ci struct dentry *dentry; 170862306a36Sopenharmony_ci const char *s = security_get_initial_sid_context(i); 170962306a36Sopenharmony_ci 171062306a36Sopenharmony_ci if (!s) 171162306a36Sopenharmony_ci continue; 171262306a36Sopenharmony_ci dentry = d_alloc_name(dir, s); 171362306a36Sopenharmony_ci if (!dentry) 171462306a36Sopenharmony_ci return -ENOMEM; 171562306a36Sopenharmony_ci 171662306a36Sopenharmony_ci inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 171762306a36Sopenharmony_ci if (!inode) { 171862306a36Sopenharmony_ci dput(dentry); 171962306a36Sopenharmony_ci return -ENOMEM; 172062306a36Sopenharmony_ci } 172162306a36Sopenharmony_ci 172262306a36Sopenharmony_ci inode->i_fop = &sel_initcon_ops; 172362306a36Sopenharmony_ci inode->i_ino = i|SEL_INITCON_INO_OFFSET; 172462306a36Sopenharmony_ci d_add(dentry, inode); 172562306a36Sopenharmony_ci } 172662306a36Sopenharmony_ci 172762306a36Sopenharmony_ci return 0; 172862306a36Sopenharmony_ci} 172962306a36Sopenharmony_ci 173062306a36Sopenharmony_cistatic inline unsigned long sel_class_to_ino(u16 class) 173162306a36Sopenharmony_ci{ 173262306a36Sopenharmony_ci return (class * (SEL_VEC_MAX + 1)) | SEL_CLASS_INO_OFFSET; 173362306a36Sopenharmony_ci} 173462306a36Sopenharmony_ci 173562306a36Sopenharmony_cistatic inline u16 sel_ino_to_class(unsigned long ino) 173662306a36Sopenharmony_ci{ 173762306a36Sopenharmony_ci return (ino & SEL_INO_MASK) / (SEL_VEC_MAX + 1); 173862306a36Sopenharmony_ci} 173962306a36Sopenharmony_ci 174062306a36Sopenharmony_cistatic inline unsigned long sel_perm_to_ino(u16 class, u32 perm) 174162306a36Sopenharmony_ci{ 174262306a36Sopenharmony_ci return (class * (SEL_VEC_MAX + 1) + perm) | SEL_CLASS_INO_OFFSET; 174362306a36Sopenharmony_ci} 174462306a36Sopenharmony_ci 174562306a36Sopenharmony_cistatic inline u32 sel_ino_to_perm(unsigned long ino) 174662306a36Sopenharmony_ci{ 174762306a36Sopenharmony_ci return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); 174862306a36Sopenharmony_ci} 174962306a36Sopenharmony_ci 175062306a36Sopenharmony_cistatic ssize_t sel_read_class(struct file *file, char __user *buf, 175162306a36Sopenharmony_ci size_t count, loff_t *ppos) 175262306a36Sopenharmony_ci{ 175362306a36Sopenharmony_ci unsigned long ino = file_inode(file)->i_ino; 175462306a36Sopenharmony_ci char res[TMPBUFLEN]; 175562306a36Sopenharmony_ci ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_class(ino)); 175662306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, res, len); 175762306a36Sopenharmony_ci} 175862306a36Sopenharmony_ci 175962306a36Sopenharmony_cistatic const struct file_operations sel_class_ops = { 176062306a36Sopenharmony_ci .read = sel_read_class, 176162306a36Sopenharmony_ci .llseek = generic_file_llseek, 176262306a36Sopenharmony_ci}; 176362306a36Sopenharmony_ci 176462306a36Sopenharmony_cistatic ssize_t sel_read_perm(struct file *file, char __user *buf, 176562306a36Sopenharmony_ci size_t count, loff_t *ppos) 176662306a36Sopenharmony_ci{ 176762306a36Sopenharmony_ci unsigned long ino = file_inode(file)->i_ino; 176862306a36Sopenharmony_ci char res[TMPBUFLEN]; 176962306a36Sopenharmony_ci ssize_t len = scnprintf(res, sizeof(res), "%d", sel_ino_to_perm(ino)); 177062306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, res, len); 177162306a36Sopenharmony_ci} 177262306a36Sopenharmony_ci 177362306a36Sopenharmony_cistatic const struct file_operations sel_perm_ops = { 177462306a36Sopenharmony_ci .read = sel_read_perm, 177562306a36Sopenharmony_ci .llseek = generic_file_llseek, 177662306a36Sopenharmony_ci}; 177762306a36Sopenharmony_ci 177862306a36Sopenharmony_cistatic ssize_t sel_read_policycap(struct file *file, char __user *buf, 177962306a36Sopenharmony_ci size_t count, loff_t *ppos) 178062306a36Sopenharmony_ci{ 178162306a36Sopenharmony_ci int value; 178262306a36Sopenharmony_ci char tmpbuf[TMPBUFLEN]; 178362306a36Sopenharmony_ci ssize_t length; 178462306a36Sopenharmony_ci unsigned long i_ino = file_inode(file)->i_ino; 178562306a36Sopenharmony_ci 178662306a36Sopenharmony_ci value = security_policycap_supported(i_ino & SEL_INO_MASK); 178762306a36Sopenharmony_ci length = scnprintf(tmpbuf, TMPBUFLEN, "%d", value); 178862306a36Sopenharmony_ci 178962306a36Sopenharmony_ci return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 179062306a36Sopenharmony_ci} 179162306a36Sopenharmony_ci 179262306a36Sopenharmony_cistatic const struct file_operations sel_policycap_ops = { 179362306a36Sopenharmony_ci .read = sel_read_policycap, 179462306a36Sopenharmony_ci .llseek = generic_file_llseek, 179562306a36Sopenharmony_ci}; 179662306a36Sopenharmony_ci 179762306a36Sopenharmony_cistatic int sel_make_perm_files(struct selinux_policy *newpolicy, 179862306a36Sopenharmony_ci char *objclass, int classvalue, 179962306a36Sopenharmony_ci struct dentry *dir) 180062306a36Sopenharmony_ci{ 180162306a36Sopenharmony_ci u32 i, nperms; 180262306a36Sopenharmony_ci int rc; 180362306a36Sopenharmony_ci char **perms; 180462306a36Sopenharmony_ci 180562306a36Sopenharmony_ci rc = security_get_permissions(newpolicy, objclass, &perms, &nperms); 180662306a36Sopenharmony_ci if (rc) 180762306a36Sopenharmony_ci return rc; 180862306a36Sopenharmony_ci 180962306a36Sopenharmony_ci for (i = 0; i < nperms; i++) { 181062306a36Sopenharmony_ci struct inode *inode; 181162306a36Sopenharmony_ci struct dentry *dentry; 181262306a36Sopenharmony_ci 181362306a36Sopenharmony_ci rc = -ENOMEM; 181462306a36Sopenharmony_ci dentry = d_alloc_name(dir, perms[i]); 181562306a36Sopenharmony_ci if (!dentry) 181662306a36Sopenharmony_ci goto out; 181762306a36Sopenharmony_ci 181862306a36Sopenharmony_ci rc = -ENOMEM; 181962306a36Sopenharmony_ci inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 182062306a36Sopenharmony_ci if (!inode) { 182162306a36Sopenharmony_ci dput(dentry); 182262306a36Sopenharmony_ci goto out; 182362306a36Sopenharmony_ci } 182462306a36Sopenharmony_ci 182562306a36Sopenharmony_ci inode->i_fop = &sel_perm_ops; 182662306a36Sopenharmony_ci /* i+1 since perm values are 1-indexed */ 182762306a36Sopenharmony_ci inode->i_ino = sel_perm_to_ino(classvalue, i + 1); 182862306a36Sopenharmony_ci d_add(dentry, inode); 182962306a36Sopenharmony_ci } 183062306a36Sopenharmony_ci rc = 0; 183162306a36Sopenharmony_ciout: 183262306a36Sopenharmony_ci for (i = 0; i < nperms; i++) 183362306a36Sopenharmony_ci kfree(perms[i]); 183462306a36Sopenharmony_ci kfree(perms); 183562306a36Sopenharmony_ci return rc; 183662306a36Sopenharmony_ci} 183762306a36Sopenharmony_ci 183862306a36Sopenharmony_cistatic int sel_make_class_dir_entries(struct selinux_policy *newpolicy, 183962306a36Sopenharmony_ci char *classname, int index, 184062306a36Sopenharmony_ci struct dentry *dir) 184162306a36Sopenharmony_ci{ 184262306a36Sopenharmony_ci struct super_block *sb = dir->d_sb; 184362306a36Sopenharmony_ci struct selinux_fs_info *fsi = sb->s_fs_info; 184462306a36Sopenharmony_ci struct dentry *dentry = NULL; 184562306a36Sopenharmony_ci struct inode *inode = NULL; 184662306a36Sopenharmony_ci 184762306a36Sopenharmony_ci dentry = d_alloc_name(dir, "index"); 184862306a36Sopenharmony_ci if (!dentry) 184962306a36Sopenharmony_ci return -ENOMEM; 185062306a36Sopenharmony_ci 185162306a36Sopenharmony_ci inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); 185262306a36Sopenharmony_ci if (!inode) { 185362306a36Sopenharmony_ci dput(dentry); 185462306a36Sopenharmony_ci return -ENOMEM; 185562306a36Sopenharmony_ci } 185662306a36Sopenharmony_ci 185762306a36Sopenharmony_ci inode->i_fop = &sel_class_ops; 185862306a36Sopenharmony_ci inode->i_ino = sel_class_to_ino(index); 185962306a36Sopenharmony_ci d_add(dentry, inode); 186062306a36Sopenharmony_ci 186162306a36Sopenharmony_ci dentry = sel_make_dir(dir, "perms", &fsi->last_class_ino); 186262306a36Sopenharmony_ci if (IS_ERR(dentry)) 186362306a36Sopenharmony_ci return PTR_ERR(dentry); 186462306a36Sopenharmony_ci 186562306a36Sopenharmony_ci return sel_make_perm_files(newpolicy, classname, index, dentry); 186662306a36Sopenharmony_ci} 186762306a36Sopenharmony_ci 186862306a36Sopenharmony_cistatic int sel_make_classes(struct selinux_policy *newpolicy, 186962306a36Sopenharmony_ci struct dentry *class_dir, 187062306a36Sopenharmony_ci unsigned long *last_class_ino) 187162306a36Sopenharmony_ci{ 187262306a36Sopenharmony_ci u32 i, nclasses; 187362306a36Sopenharmony_ci int rc; 187462306a36Sopenharmony_ci char **classes; 187562306a36Sopenharmony_ci 187662306a36Sopenharmony_ci rc = security_get_classes(newpolicy, &classes, &nclasses); 187762306a36Sopenharmony_ci if (rc) 187862306a36Sopenharmony_ci return rc; 187962306a36Sopenharmony_ci 188062306a36Sopenharmony_ci /* +2 since classes are 1-indexed */ 188162306a36Sopenharmony_ci *last_class_ino = sel_class_to_ino(nclasses + 2); 188262306a36Sopenharmony_ci 188362306a36Sopenharmony_ci for (i = 0; i < nclasses; i++) { 188462306a36Sopenharmony_ci struct dentry *class_name_dir; 188562306a36Sopenharmony_ci 188662306a36Sopenharmony_ci class_name_dir = sel_make_dir(class_dir, classes[i], 188762306a36Sopenharmony_ci last_class_ino); 188862306a36Sopenharmony_ci if (IS_ERR(class_name_dir)) { 188962306a36Sopenharmony_ci rc = PTR_ERR(class_name_dir); 189062306a36Sopenharmony_ci goto out; 189162306a36Sopenharmony_ci } 189262306a36Sopenharmony_ci 189362306a36Sopenharmony_ci /* i+1 since class values are 1-indexed */ 189462306a36Sopenharmony_ci rc = sel_make_class_dir_entries(newpolicy, classes[i], i + 1, 189562306a36Sopenharmony_ci class_name_dir); 189662306a36Sopenharmony_ci if (rc) 189762306a36Sopenharmony_ci goto out; 189862306a36Sopenharmony_ci } 189962306a36Sopenharmony_ci rc = 0; 190062306a36Sopenharmony_ciout: 190162306a36Sopenharmony_ci for (i = 0; i < nclasses; i++) 190262306a36Sopenharmony_ci kfree(classes[i]); 190362306a36Sopenharmony_ci kfree(classes); 190462306a36Sopenharmony_ci return rc; 190562306a36Sopenharmony_ci} 190662306a36Sopenharmony_ci 190762306a36Sopenharmony_cistatic int sel_make_policycap(struct selinux_fs_info *fsi) 190862306a36Sopenharmony_ci{ 190962306a36Sopenharmony_ci unsigned int iter; 191062306a36Sopenharmony_ci struct dentry *dentry = NULL; 191162306a36Sopenharmony_ci struct inode *inode = NULL; 191262306a36Sopenharmony_ci 191362306a36Sopenharmony_ci for (iter = 0; iter <= POLICYDB_CAP_MAX; iter++) { 191462306a36Sopenharmony_ci if (iter < ARRAY_SIZE(selinux_policycap_names)) 191562306a36Sopenharmony_ci dentry = d_alloc_name(fsi->policycap_dir, 191662306a36Sopenharmony_ci selinux_policycap_names[iter]); 191762306a36Sopenharmony_ci else 191862306a36Sopenharmony_ci dentry = d_alloc_name(fsi->policycap_dir, "unknown"); 191962306a36Sopenharmony_ci 192062306a36Sopenharmony_ci if (dentry == NULL) 192162306a36Sopenharmony_ci return -ENOMEM; 192262306a36Sopenharmony_ci 192362306a36Sopenharmony_ci inode = sel_make_inode(fsi->sb, S_IFREG | 0444); 192462306a36Sopenharmony_ci if (inode == NULL) { 192562306a36Sopenharmony_ci dput(dentry); 192662306a36Sopenharmony_ci return -ENOMEM; 192762306a36Sopenharmony_ci } 192862306a36Sopenharmony_ci 192962306a36Sopenharmony_ci inode->i_fop = &sel_policycap_ops; 193062306a36Sopenharmony_ci inode->i_ino = iter | SEL_POLICYCAP_INO_OFFSET; 193162306a36Sopenharmony_ci d_add(dentry, inode); 193262306a36Sopenharmony_ci } 193362306a36Sopenharmony_ci 193462306a36Sopenharmony_ci return 0; 193562306a36Sopenharmony_ci} 193662306a36Sopenharmony_ci 193762306a36Sopenharmony_cistatic struct dentry *sel_make_dir(struct dentry *dir, const char *name, 193862306a36Sopenharmony_ci unsigned long *ino) 193962306a36Sopenharmony_ci{ 194062306a36Sopenharmony_ci struct dentry *dentry = d_alloc_name(dir, name); 194162306a36Sopenharmony_ci struct inode *inode; 194262306a36Sopenharmony_ci 194362306a36Sopenharmony_ci if (!dentry) 194462306a36Sopenharmony_ci return ERR_PTR(-ENOMEM); 194562306a36Sopenharmony_ci 194662306a36Sopenharmony_ci inode = sel_make_inode(dir->d_sb, S_IFDIR | S_IRUGO | S_IXUGO); 194762306a36Sopenharmony_ci if (!inode) { 194862306a36Sopenharmony_ci dput(dentry); 194962306a36Sopenharmony_ci return ERR_PTR(-ENOMEM); 195062306a36Sopenharmony_ci } 195162306a36Sopenharmony_ci 195262306a36Sopenharmony_ci inode->i_op = &simple_dir_inode_operations; 195362306a36Sopenharmony_ci inode->i_fop = &simple_dir_operations; 195462306a36Sopenharmony_ci inode->i_ino = ++(*ino); 195562306a36Sopenharmony_ci /* directory inodes start off with i_nlink == 2 (for "." entry) */ 195662306a36Sopenharmony_ci inc_nlink(inode); 195762306a36Sopenharmony_ci d_add(dentry, inode); 195862306a36Sopenharmony_ci /* bump link count on parent directory, too */ 195962306a36Sopenharmony_ci inc_nlink(d_inode(dir)); 196062306a36Sopenharmony_ci 196162306a36Sopenharmony_ci return dentry; 196262306a36Sopenharmony_ci} 196362306a36Sopenharmony_ci 196462306a36Sopenharmony_cistatic struct dentry *sel_make_disconnected_dir(struct super_block *sb, 196562306a36Sopenharmony_ci unsigned long *ino) 196662306a36Sopenharmony_ci{ 196762306a36Sopenharmony_ci struct inode *inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO); 196862306a36Sopenharmony_ci 196962306a36Sopenharmony_ci if (!inode) 197062306a36Sopenharmony_ci return ERR_PTR(-ENOMEM); 197162306a36Sopenharmony_ci 197262306a36Sopenharmony_ci inode->i_op = &simple_dir_inode_operations; 197362306a36Sopenharmony_ci inode->i_fop = &simple_dir_operations; 197462306a36Sopenharmony_ci inode->i_ino = ++(*ino); 197562306a36Sopenharmony_ci /* directory inodes start off with i_nlink == 2 (for "." entry) */ 197662306a36Sopenharmony_ci inc_nlink(inode); 197762306a36Sopenharmony_ci return d_obtain_alias(inode); 197862306a36Sopenharmony_ci} 197962306a36Sopenharmony_ci 198062306a36Sopenharmony_ci#define NULL_FILE_NAME "null" 198162306a36Sopenharmony_ci 198262306a36Sopenharmony_cistatic int sel_fill_super(struct super_block *sb, struct fs_context *fc) 198362306a36Sopenharmony_ci{ 198462306a36Sopenharmony_ci struct selinux_fs_info *fsi; 198562306a36Sopenharmony_ci int ret; 198662306a36Sopenharmony_ci struct dentry *dentry; 198762306a36Sopenharmony_ci struct inode *inode; 198862306a36Sopenharmony_ci struct inode_security_struct *isec; 198962306a36Sopenharmony_ci 199062306a36Sopenharmony_ci static const struct tree_descr selinux_files[] = { 199162306a36Sopenharmony_ci [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR}, 199262306a36Sopenharmony_ci [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR}, 199362306a36Sopenharmony_ci [SEL_CONTEXT] = {"context", &transaction_ops, S_IRUGO|S_IWUGO}, 199462306a36Sopenharmony_ci [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO}, 199562306a36Sopenharmony_ci [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, 199662306a36Sopenharmony_ci [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, 199762306a36Sopenharmony_ci [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, 199862306a36Sopenharmony_ci [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, 199962306a36Sopenharmony_ci [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR}, 200062306a36Sopenharmony_ci [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO}, 200162306a36Sopenharmony_ci [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR}, 200262306a36Sopenharmony_ci [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO}, 200362306a36Sopenharmony_ci [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR}, 200462306a36Sopenharmony_ci [SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO}, 200562306a36Sopenharmony_ci [SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO}, 200662306a36Sopenharmony_ci [SEL_STATUS] = {"status", &sel_handle_status_ops, S_IRUGO}, 200762306a36Sopenharmony_ci [SEL_POLICY] = {"policy", &sel_policy_ops, S_IRUGO}, 200862306a36Sopenharmony_ci [SEL_VALIDATE_TRANS] = {"validatetrans", &sel_transition_ops, 200962306a36Sopenharmony_ci S_IWUGO}, 201062306a36Sopenharmony_ci /* last one */ {""} 201162306a36Sopenharmony_ci }; 201262306a36Sopenharmony_ci 201362306a36Sopenharmony_ci ret = selinux_fs_info_create(sb); 201462306a36Sopenharmony_ci if (ret) 201562306a36Sopenharmony_ci goto err; 201662306a36Sopenharmony_ci 201762306a36Sopenharmony_ci ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files); 201862306a36Sopenharmony_ci if (ret) 201962306a36Sopenharmony_ci goto err; 202062306a36Sopenharmony_ci 202162306a36Sopenharmony_ci fsi = sb->s_fs_info; 202262306a36Sopenharmony_ci fsi->bool_dir = sel_make_dir(sb->s_root, BOOL_DIR_NAME, &fsi->last_ino); 202362306a36Sopenharmony_ci if (IS_ERR(fsi->bool_dir)) { 202462306a36Sopenharmony_ci ret = PTR_ERR(fsi->bool_dir); 202562306a36Sopenharmony_ci fsi->bool_dir = NULL; 202662306a36Sopenharmony_ci goto err; 202762306a36Sopenharmony_ci } 202862306a36Sopenharmony_ci 202962306a36Sopenharmony_ci ret = -ENOMEM; 203062306a36Sopenharmony_ci dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME); 203162306a36Sopenharmony_ci if (!dentry) 203262306a36Sopenharmony_ci goto err; 203362306a36Sopenharmony_ci 203462306a36Sopenharmony_ci ret = -ENOMEM; 203562306a36Sopenharmony_ci inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); 203662306a36Sopenharmony_ci if (!inode) { 203762306a36Sopenharmony_ci dput(dentry); 203862306a36Sopenharmony_ci goto err; 203962306a36Sopenharmony_ci } 204062306a36Sopenharmony_ci 204162306a36Sopenharmony_ci inode->i_ino = ++fsi->last_ino; 204262306a36Sopenharmony_ci isec = selinux_inode(inode); 204362306a36Sopenharmony_ci isec->sid = SECINITSID_DEVNULL; 204462306a36Sopenharmony_ci isec->sclass = SECCLASS_CHR_FILE; 204562306a36Sopenharmony_ci isec->initialized = LABEL_INITIALIZED; 204662306a36Sopenharmony_ci 204762306a36Sopenharmony_ci init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); 204862306a36Sopenharmony_ci d_add(dentry, inode); 204962306a36Sopenharmony_ci 205062306a36Sopenharmony_ci dentry = sel_make_dir(sb->s_root, "avc", &fsi->last_ino); 205162306a36Sopenharmony_ci if (IS_ERR(dentry)) { 205262306a36Sopenharmony_ci ret = PTR_ERR(dentry); 205362306a36Sopenharmony_ci goto err; 205462306a36Sopenharmony_ci } 205562306a36Sopenharmony_ci 205662306a36Sopenharmony_ci ret = sel_make_avc_files(dentry); 205762306a36Sopenharmony_ci if (ret) 205862306a36Sopenharmony_ci goto err; 205962306a36Sopenharmony_ci 206062306a36Sopenharmony_ci dentry = sel_make_dir(sb->s_root, "ss", &fsi->last_ino); 206162306a36Sopenharmony_ci if (IS_ERR(dentry)) { 206262306a36Sopenharmony_ci ret = PTR_ERR(dentry); 206362306a36Sopenharmony_ci goto err; 206462306a36Sopenharmony_ci } 206562306a36Sopenharmony_ci 206662306a36Sopenharmony_ci ret = sel_make_ss_files(dentry); 206762306a36Sopenharmony_ci if (ret) 206862306a36Sopenharmony_ci goto err; 206962306a36Sopenharmony_ci 207062306a36Sopenharmony_ci dentry = sel_make_dir(sb->s_root, "initial_contexts", &fsi->last_ino); 207162306a36Sopenharmony_ci if (IS_ERR(dentry)) { 207262306a36Sopenharmony_ci ret = PTR_ERR(dentry); 207362306a36Sopenharmony_ci goto err; 207462306a36Sopenharmony_ci } 207562306a36Sopenharmony_ci 207662306a36Sopenharmony_ci ret = sel_make_initcon_files(dentry); 207762306a36Sopenharmony_ci if (ret) 207862306a36Sopenharmony_ci goto err; 207962306a36Sopenharmony_ci 208062306a36Sopenharmony_ci fsi->class_dir = sel_make_dir(sb->s_root, CLASS_DIR_NAME, &fsi->last_ino); 208162306a36Sopenharmony_ci if (IS_ERR(fsi->class_dir)) { 208262306a36Sopenharmony_ci ret = PTR_ERR(fsi->class_dir); 208362306a36Sopenharmony_ci fsi->class_dir = NULL; 208462306a36Sopenharmony_ci goto err; 208562306a36Sopenharmony_ci } 208662306a36Sopenharmony_ci 208762306a36Sopenharmony_ci fsi->policycap_dir = sel_make_dir(sb->s_root, POLICYCAP_DIR_NAME, 208862306a36Sopenharmony_ci &fsi->last_ino); 208962306a36Sopenharmony_ci if (IS_ERR(fsi->policycap_dir)) { 209062306a36Sopenharmony_ci ret = PTR_ERR(fsi->policycap_dir); 209162306a36Sopenharmony_ci fsi->policycap_dir = NULL; 209262306a36Sopenharmony_ci goto err; 209362306a36Sopenharmony_ci } 209462306a36Sopenharmony_ci 209562306a36Sopenharmony_ci ret = sel_make_policycap(fsi); 209662306a36Sopenharmony_ci if (ret) { 209762306a36Sopenharmony_ci pr_err("SELinux: failed to load policy capabilities\n"); 209862306a36Sopenharmony_ci goto err; 209962306a36Sopenharmony_ci } 210062306a36Sopenharmony_ci 210162306a36Sopenharmony_ci return 0; 210262306a36Sopenharmony_cierr: 210362306a36Sopenharmony_ci pr_err("SELinux: %s: failed while creating inodes\n", 210462306a36Sopenharmony_ci __func__); 210562306a36Sopenharmony_ci 210662306a36Sopenharmony_ci selinux_fs_info_free(sb); 210762306a36Sopenharmony_ci 210862306a36Sopenharmony_ci return ret; 210962306a36Sopenharmony_ci} 211062306a36Sopenharmony_ci 211162306a36Sopenharmony_cistatic int sel_get_tree(struct fs_context *fc) 211262306a36Sopenharmony_ci{ 211362306a36Sopenharmony_ci return get_tree_single(fc, sel_fill_super); 211462306a36Sopenharmony_ci} 211562306a36Sopenharmony_ci 211662306a36Sopenharmony_cistatic const struct fs_context_operations sel_context_ops = { 211762306a36Sopenharmony_ci .get_tree = sel_get_tree, 211862306a36Sopenharmony_ci}; 211962306a36Sopenharmony_ci 212062306a36Sopenharmony_cistatic int sel_init_fs_context(struct fs_context *fc) 212162306a36Sopenharmony_ci{ 212262306a36Sopenharmony_ci fc->ops = &sel_context_ops; 212362306a36Sopenharmony_ci return 0; 212462306a36Sopenharmony_ci} 212562306a36Sopenharmony_ci 212662306a36Sopenharmony_cistatic void sel_kill_sb(struct super_block *sb) 212762306a36Sopenharmony_ci{ 212862306a36Sopenharmony_ci selinux_fs_info_free(sb); 212962306a36Sopenharmony_ci kill_litter_super(sb); 213062306a36Sopenharmony_ci} 213162306a36Sopenharmony_ci 213262306a36Sopenharmony_cistatic struct file_system_type sel_fs_type = { 213362306a36Sopenharmony_ci .name = "selinuxfs", 213462306a36Sopenharmony_ci .init_fs_context = sel_init_fs_context, 213562306a36Sopenharmony_ci .kill_sb = sel_kill_sb, 213662306a36Sopenharmony_ci}; 213762306a36Sopenharmony_ci 213862306a36Sopenharmony_cistatic struct vfsmount *selinuxfs_mount __ro_after_init; 213962306a36Sopenharmony_cistruct path selinux_null __ro_after_init; 214062306a36Sopenharmony_ci 214162306a36Sopenharmony_cistatic int __init init_sel_fs(void) 214262306a36Sopenharmony_ci{ 214362306a36Sopenharmony_ci struct qstr null_name = QSTR_INIT(NULL_FILE_NAME, 214462306a36Sopenharmony_ci sizeof(NULL_FILE_NAME)-1); 214562306a36Sopenharmony_ci int err; 214662306a36Sopenharmony_ci 214762306a36Sopenharmony_ci if (!selinux_enabled_boot) 214862306a36Sopenharmony_ci return 0; 214962306a36Sopenharmony_ci 215062306a36Sopenharmony_ci err = sysfs_create_mount_point(fs_kobj, "selinux"); 215162306a36Sopenharmony_ci if (err) 215262306a36Sopenharmony_ci return err; 215362306a36Sopenharmony_ci 215462306a36Sopenharmony_ci err = register_filesystem(&sel_fs_type); 215562306a36Sopenharmony_ci if (err) { 215662306a36Sopenharmony_ci sysfs_remove_mount_point(fs_kobj, "selinux"); 215762306a36Sopenharmony_ci return err; 215862306a36Sopenharmony_ci } 215962306a36Sopenharmony_ci 216062306a36Sopenharmony_ci selinux_null.mnt = selinuxfs_mount = kern_mount(&sel_fs_type); 216162306a36Sopenharmony_ci if (IS_ERR(selinuxfs_mount)) { 216262306a36Sopenharmony_ci pr_err("selinuxfs: could not mount!\n"); 216362306a36Sopenharmony_ci err = PTR_ERR(selinuxfs_mount); 216462306a36Sopenharmony_ci selinuxfs_mount = NULL; 216562306a36Sopenharmony_ci } 216662306a36Sopenharmony_ci selinux_null.dentry = d_hash_and_lookup(selinux_null.mnt->mnt_root, 216762306a36Sopenharmony_ci &null_name); 216862306a36Sopenharmony_ci if (IS_ERR(selinux_null.dentry)) { 216962306a36Sopenharmony_ci pr_err("selinuxfs: could not lookup null!\n"); 217062306a36Sopenharmony_ci err = PTR_ERR(selinux_null.dentry); 217162306a36Sopenharmony_ci selinux_null.dentry = NULL; 217262306a36Sopenharmony_ci } 217362306a36Sopenharmony_ci 217462306a36Sopenharmony_ci return err; 217562306a36Sopenharmony_ci} 217662306a36Sopenharmony_ci 217762306a36Sopenharmony_ci__initcall(init_sel_fs); 2178