^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Simplified MAC Kernel (smack) security module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * This file contains the smack hook function implementations.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) * Authors:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) * Casey Schaufler <casey@schaufler-ca.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * Jarkko Sakkinen <jarkko.sakkinen@intel.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) * Copyright (C) 2009 Hewlett-Packard Development Company, L.P.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) * Paul Moore <paul@paul-moore.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) * Copyright (C) 2010 Nokia Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) * Copyright (C) 2011 Intel Corporation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #include <linux/xattr.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) #include <linux/pagemap.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) #include <linux/mount.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) #include <linux/stat.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) #include <linux/kd.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #include <asm/ioctls.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) #include <linux/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) #include <linux/tcp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) #include <linux/udp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) #include <linux/dccp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) #include <linux/icmpv6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) #include <linux/mutex.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) #include <net/cipso_ipv4.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) #include <net/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) #include <net/ipv6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) #include <linux/audit.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) #include <linux/magic.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) #include <linux/dcache.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) #include <linux/personality.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) #include <linux/msg.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) #include <linux/shm.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) #include <linux/binfmts.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) #include <linux/parser.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) #include <linux/fs_context.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) #include <linux/fs_parser.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) #include <linux/watch_queue.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) #include "smack.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) #define TRANS_TRUE "TRUE"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) #define TRANS_TRUE_SIZE 4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) #define SMK_CONNECTING 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) #define SMK_RECEIVING 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) #define SMK_SENDING 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) static DEFINE_MUTEX(smack_ipv6_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) static LIST_HEAD(smk_ipv6_port_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) struct kmem_cache *smack_rule_cache;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) int smack_enabled;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) #define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) static struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) const char *name;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) int len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) int opt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) } smk_mount_opts[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) {"smackfsdef", sizeof("smackfsdef") - 1, Opt_fsdefault},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) A(fsdefault), A(fsfloor), A(fshat), A(fsroot), A(fstransmute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) #undef A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) static int match_opt_prefix(char *s, int l, char **arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) for (i = 0; i < ARRAY_SIZE(smk_mount_opts); i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) size_t len = smk_mount_opts[i].len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) if (len > l || memcmp(s, smk_mount_opts[i].name, len))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) if (len == l || s[len] != '=')
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) *arg = s + len + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) return smk_mount_opts[i].opt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) return Opt_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) static char *smk_bu_mess[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) "Bringup Error", /* Unused */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) "Bringup", /* SMACK_BRINGUP_ALLOW */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) "Unconfined Subject", /* SMACK_UNCONFINED_SUBJECT */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) "Unconfined Object", /* SMACK_UNCONFINED_OBJECT */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) static void smk_bu_mode(int mode, char *s)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) int i = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) if (mode & MAY_READ)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) s[i++] = 'r';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) if (mode & MAY_WRITE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) s[i++] = 'w';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) if (mode & MAY_EXEC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) s[i++] = 'x';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) if (mode & MAY_APPEND)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) s[i++] = 'a';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) if (mode & MAY_TRANSMUTE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) s[i++] = 't';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) if (mode & MAY_LOCK)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) s[i++] = 'l';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) if (i == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) s[i++] = '-';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) s[i] = '\0';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) static int smk_bu_note(char *note, struct smack_known *sskp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) struct smack_known *oskp, int mode, int rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) char acc[SMK_NUM_ACCESS_TYPE + 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) if (rc <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) if (rc > SMACK_UNCONFINED_OBJECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) smk_bu_mode(mode, acc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) pr_info("Smack %s: (%s %s %s) %s\n", smk_bu_mess[rc],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) sskp->smk_known, oskp->smk_known, acc, note);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) #define smk_bu_note(note, sskp, oskp, mode, RC) (RC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) static int smk_bu_current(char *note, struct smack_known *oskp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) int mode, int rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) struct task_smack *tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) char acc[SMK_NUM_ACCESS_TYPE + 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) if (rc <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) if (rc > SMACK_UNCONFINED_OBJECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) smk_bu_mode(mode, acc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) pr_info("Smack %s: (%s %s %s) %s %s\n", smk_bu_mess[rc],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) tsp->smk_task->smk_known, oskp->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) acc, current->comm, note);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) #define smk_bu_current(note, oskp, mode, RC) (RC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) static int smk_bu_task(struct task_struct *otp, int mode, int rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) struct task_smack *tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) struct smack_known *smk_task = smk_of_task_struct(otp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) char acc[SMK_NUM_ACCESS_TYPE + 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) if (rc <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) if (rc > SMACK_UNCONFINED_OBJECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) smk_bu_mode(mode, acc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) pr_info("Smack %s: (%s %s %s) %s to %s\n", smk_bu_mess[rc],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) tsp->smk_task->smk_known, smk_task->smk_known, acc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) current->comm, otp->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) #define smk_bu_task(otp, mode, RC) (RC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) static int smk_bu_inode(struct inode *inode, int mode, int rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) struct task_smack *tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) struct inode_smack *isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) char acc[SMK_NUM_ACCESS_TYPE + 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) if (isp->smk_flags & SMK_INODE_IMPURE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) inode->i_sb->s_id, inode->i_ino, current->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) if (rc <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) if (rc > SMACK_UNCONFINED_OBJECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) if (rc == SMACK_UNCONFINED_SUBJECT &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) (mode & (MAY_WRITE | MAY_APPEND)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) isp->smk_flags |= SMK_INODE_IMPURE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) smk_bu_mode(mode, acc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) pr_info("Smack %s: (%s %s %s) inode=(%s %ld) %s\n", smk_bu_mess[rc],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) tsp->smk_task->smk_known, isp->smk_inode->smk_known, acc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) inode->i_sb->s_id, inode->i_ino, current->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) #define smk_bu_inode(inode, mode, RC) (RC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) static int smk_bu_file(struct file *file, int mode, int rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) struct task_smack *tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) struct smack_known *sskp = tsp->smk_task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) struct inode_smack *isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) char acc[SMK_NUM_ACCESS_TYPE + 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) if (isp->smk_flags & SMK_INODE_IMPURE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) inode->i_sb->s_id, inode->i_ino, current->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) if (rc <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) if (rc > SMACK_UNCONFINED_OBJECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) smk_bu_mode(mode, acc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) pr_info("Smack %s: (%s %s %s) file=(%s %ld %pD) %s\n", smk_bu_mess[rc],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) sskp->smk_known, smk_of_inode(inode)->smk_known, acc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) inode->i_sb->s_id, inode->i_ino, file,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) current->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) #define smk_bu_file(file, mode, RC) (RC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) #ifdef CONFIG_SECURITY_SMACK_BRINGUP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) static int smk_bu_credfile(const struct cred *cred, struct file *file,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) int mode, int rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) struct task_smack *tsp = smack_cred(cred);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) struct smack_known *sskp = tsp->smk_task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) struct inode_smack *isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) char acc[SMK_NUM_ACCESS_TYPE + 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) if (isp->smk_flags & SMK_INODE_IMPURE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) inode->i_sb->s_id, inode->i_ino, current->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) if (rc <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) if (rc > SMACK_UNCONFINED_OBJECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) smk_bu_mode(mode, acc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) pr_info("Smack %s: (%s %s %s) file=(%s %ld %pD) %s\n", smk_bu_mess[rc],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) sskp->smk_known, smk_of_inode(inode)->smk_known, acc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) inode->i_sb->s_id, inode->i_ino, file,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) current->comm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) #define smk_bu_credfile(cred, file, mode, RC) (RC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) * smk_fetch - Fetch the smack label from a file.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) * @name: type of the label (attribute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) * @ip: a pointer to the inode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) * @dp: a pointer to the dentry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) * Returns a pointer to the master list entry for the Smack label,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) * NULL if there was no label to fetch, or an error code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) static struct smack_known *smk_fetch(const char *name, struct inode *ip,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) struct dentry *dp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) char *buffer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) struct smack_known *skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) if (!(ip->i_opflags & IOP_XATTR))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) return ERR_PTR(-EOPNOTSUPP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) buffer = kzalloc(SMK_LONGLABEL, GFP_NOFS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) if (buffer == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) return ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) rc = __vfs_getxattr(dp, ip, name, buffer, SMK_LONGLABEL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) XATTR_NOSECURITY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) if (rc < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) skp = ERR_PTR(rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) else if (rc == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) skp = smk_import_entry(buffer, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) kfree(buffer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) return skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) * init_inode_smack - initialize an inode security blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) * @inode: inode to extract the info from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) * @skp: a pointer to the Smack label entry to use in the blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) static void init_inode_smack(struct inode *inode, struct smack_known *skp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) struct inode_smack *isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) isp->smk_inode = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) isp->smk_flags = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) * init_task_smack - initialize a task security blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) * @tsp: blob to initialize
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) * @task: a pointer to the Smack label for the running task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) * @forked: a pointer to the Smack label for the forked task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) static void init_task_smack(struct task_smack *tsp, struct smack_known *task,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) struct smack_known *forked)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) tsp->smk_task = task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) tsp->smk_forked = forked;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) INIT_LIST_HEAD(&tsp->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) INIT_LIST_HEAD(&tsp->smk_relabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) mutex_init(&tsp->smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) * smk_copy_rules - copy a rule set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) * @nhead: new rules header pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) * @ohead: old rules header pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) * @gfp: type of the memory for the allocation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) * Returns 0 on success, -ENOMEM on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) static int smk_copy_rules(struct list_head *nhead, struct list_head *ohead,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) gfp_t gfp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) struct smack_rule *nrp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) struct smack_rule *orp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) list_for_each_entry_rcu(orp, ohead, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) nrp = kmem_cache_zalloc(smack_rule_cache, gfp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) if (nrp == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) rc = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) *nrp = *orp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) list_add_rcu(&nrp->list, nhead);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) * smk_copy_relabel - copy smk_relabel labels list
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) * @nhead: new rules header pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) * @ohead: old rules header pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) * @gfp: type of the memory for the allocation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) * Returns 0 on success, -ENOMEM on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) static int smk_copy_relabel(struct list_head *nhead, struct list_head *ohead,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) gfp_t gfp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) struct smack_known_list_elem *nklep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) struct smack_known_list_elem *oklep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) list_for_each_entry(oklep, ohead, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) nklep = kzalloc(sizeof(struct smack_known_list_elem), gfp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) if (nklep == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) smk_destroy_label_list(nhead);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) nklep->smk_label = oklep->smk_label;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) list_add(&nklep->list, nhead);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) * smk_ptrace_mode - helper function for converting PTRACE_MODE_* into MAY_*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) * @mode - input mode in form of PTRACE_MODE_*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) * Returns a converted MAY_* mode usable by smack rules
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) static inline unsigned int smk_ptrace_mode(unsigned int mode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) if (mode & PTRACE_MODE_ATTACH)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) return MAY_READWRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) if (mode & PTRACE_MODE_READ)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) return MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) * smk_ptrace_rule_check - helper for ptrace access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) * @tracer: tracer process
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) * @tracee_known: label entry of the process that's about to be traced
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) * @mode: ptrace attachment mode (PTRACE_MODE_*)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) * @func: name of the function that called us, used for audit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) * Returns 0 on access granted, -error on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) static int smk_ptrace_rule_check(struct task_struct *tracer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) struct smack_known *tracee_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) unsigned int mode, const char *func)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) struct smk_audit_info ad, *saip = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) struct task_smack *tsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) struct smack_known *tracer_known;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) const struct cred *tracercred;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) if ((mode & PTRACE_MODE_NOAUDIT) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) smk_ad_init(&ad, func, LSM_AUDIT_DATA_TASK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) smk_ad_setfield_u_tsk(&ad, tracer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) saip = &ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) tracercred = __task_cred(tracer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) tsp = smack_cred(tracercred);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) tracer_known = smk_of_task(tsp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) if ((mode & PTRACE_MODE_ATTACH) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) (smack_ptrace_rule == SMACK_PTRACE_EXACT ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) if (tracer_known->smk_known == tracee_known->smk_known)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) else if (smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) rc = -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) else if (smack_privileged_cred(CAP_SYS_PTRACE, tracercred))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) rc = -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) if (saip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) smack_log(tracer_known->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) tracee_known->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) 0, rc, saip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) /* In case of rule==SMACK_PTRACE_DEFAULT or mode==PTRACE_MODE_READ */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) rc = smk_tskacc(tsp, tracee_known, smk_ptrace_mode(mode), saip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) * LSM hooks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) * We he, that is fun!
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) * smack_ptrace_access_check - Smack approval on PTRACE_ATTACH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) * @ctp: child task pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) * @mode: ptrace attachment mode (PTRACE_MODE_*)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) * Returns 0 if access is OK, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) * Do the capability checks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) static int smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) skp = smk_of_task_struct(ctp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) return smk_ptrace_rule_check(current, skp, mode, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) * smack_ptrace_traceme - Smack approval on PTRACE_TRACEME
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) * @ptp: parent task pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) * Returns 0 if access is OK, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) * Do the capability checks, and require PTRACE_MODE_ATTACH.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) static int smack_ptrace_traceme(struct task_struct *ptp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) skp = smk_of_task(smack_cred(current_cred()));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) rc = smk_ptrace_rule_check(ptp, skp, PTRACE_MODE_ATTACH, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) * smack_syslog - Smack approval on syslog
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) * @typefrom_file: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) * Returns 0 on success, error code otherwise.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) static int smack_syslog(int typefrom_file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) struct smack_known *skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) if (smack_privileged(CAP_MAC_OVERRIDE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) if (smack_syslog_label != NULL && smack_syslog_label != skp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) rc = -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) * Superblock Hooks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) * smack_sb_alloc_security - allocate a superblock blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) * @sb: the superblock getting the blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) * Returns 0 on success or -ENOMEM on error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) static int smack_sb_alloc_security(struct super_block *sb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) struct superblock_smack *sbsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) sbsp = kzalloc(sizeof(struct superblock_smack), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) if (sbsp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) sbsp->smk_root = &smack_known_floor;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) sbsp->smk_default = &smack_known_floor;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) sbsp->smk_floor = &smack_known_floor;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) sbsp->smk_hat = &smack_known_hat;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) * SMK_SB_INITIALIZED will be zero from kzalloc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) sb->s_security = sbsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) * smack_sb_free_security - free a superblock blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) * @sb: the superblock getting the blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) static void smack_sb_free_security(struct super_block *sb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) kfree(sb->s_security);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) sb->s_security = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) struct smack_mnt_opts {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) const char *fsdefault, *fsfloor, *fshat, *fsroot, *fstransmute;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) static void smack_free_mnt_opts(void *mnt_opts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) struct smack_mnt_opts *opts = mnt_opts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) kfree(opts->fsdefault);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) kfree(opts->fsfloor);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) kfree(opts->fshat);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) kfree(opts->fsroot);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) kfree(opts->fstransmute);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) kfree(opts);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) static int smack_add_opt(int token, const char *s, void **mnt_opts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) struct smack_mnt_opts *opts = *mnt_opts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) if (!opts) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) opts = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) if (!opts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) *mnt_opts = opts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) if (!s)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) switch (token) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) case Opt_fsdefault:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) if (opts->fsdefault)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) goto out_opt_err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) opts->fsdefault = s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) case Opt_fsfloor:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) if (opts->fsfloor)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) goto out_opt_err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) opts->fsfloor = s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) case Opt_fshat:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) if (opts->fshat)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) goto out_opt_err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) opts->fshat = s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) case Opt_fsroot:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) if (opts->fsroot)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) goto out_opt_err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) opts->fsroot = s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) case Opt_fstransmute:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) if (opts->fstransmute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) goto out_opt_err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) opts->fstransmute = s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) out_opt_err:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) pr_warn("Smack: duplicate mount options\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) * smack_fs_context_dup - Duplicate the security data on fs_context duplication
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) * @fc: The new filesystem context.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) * @src_fc: The source filesystem context being duplicated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) * Returns 0 on success or -ENOMEM on error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) static int smack_fs_context_dup(struct fs_context *fc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) struct fs_context *src_fc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) struct smack_mnt_opts *dst, *src = src_fc->security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) if (!src)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) fc->security = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) if (!fc->security)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) dst = fc->security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) if (src->fsdefault) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) dst->fsdefault = kstrdup(src->fsdefault, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) if (!dst->fsdefault)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) if (src->fsfloor) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) dst->fsfloor = kstrdup(src->fsfloor, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) if (!dst->fsfloor)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) if (src->fshat) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) dst->fshat = kstrdup(src->fshat, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) if (!dst->fshat)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) if (src->fsroot) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) dst->fsroot = kstrdup(src->fsroot, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) if (!dst->fsroot)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) if (src->fstransmute) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) dst->fstransmute = kstrdup(src->fstransmute, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) if (!dst->fstransmute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) static const struct fs_parameter_spec smack_fs_parameters[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) fsparam_string("smackfsdef", Opt_fsdefault),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) fsparam_string("smackfsdefault", Opt_fsdefault),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) fsparam_string("smackfsfloor", Opt_fsfloor),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) fsparam_string("smackfshat", Opt_fshat),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) fsparam_string("smackfsroot", Opt_fsroot),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) fsparam_string("smackfstransmute", Opt_fstransmute),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) {}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) * smack_fs_context_parse_param - Parse a single mount parameter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) * @fc: The new filesystem context being constructed.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) * @param: The parameter.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) * Returns 0 on success, -ENOPARAM to pass the parameter on or anything else on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) * error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) static int smack_fs_context_parse_param(struct fs_context *fc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) struct fs_parameter *param)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) struct fs_parse_result result;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) int opt, rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) opt = fs_parse(fc, smack_fs_parameters, param, &result);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) if (opt < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705) return opt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) rc = smack_add_opt(opt, param->string, &fc->security);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708) if (!rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) param->string = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) static int smack_sb_eat_lsm_opts(char *options, void **mnt_opts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) char *from = options, *to = options;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) bool first = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) while (1) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719) char *next = strchr(from, ',');
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) int token, len, rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) char *arg = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) if (next)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) len = next - from;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) len = strlen(from);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728) token = match_opt_prefix(from, len, &arg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) if (token != Opt_error) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) arg = kmemdup_nul(arg, from + len - arg, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) rc = smack_add_opt(token, arg, mnt_opts);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732) if (unlikely(rc)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) kfree(arg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734) if (*mnt_opts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) smack_free_mnt_opts(*mnt_opts);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) *mnt_opts = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) if (!first) { // copy with preceding comma
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) from--;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) len++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) if (to != from)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) memmove(to, from, len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746) to += len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) first = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749) if (!from[len])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) from += len + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) *to = '\0';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758) * smack_set_mnt_opts - set Smack specific mount options
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759) * @sb: the file system superblock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760) * @mnt_opts: Smack mount options
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) * @kern_flags: mount option from kernel space or user space
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762) * @set_kern_flags: where to store converted mount opts
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764) * Returns 0 on success, an error code on failure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766) * Allow filesystems with binary mount data to explicitly set Smack mount
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767) * labels.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769) static int smack_set_mnt_opts(struct super_block *sb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770) void *mnt_opts,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771) unsigned long kern_flags,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772) unsigned long *set_kern_flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774) struct dentry *root = sb->s_root;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) struct inode *inode = d_backing_inode(root);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776) struct superblock_smack *sp = sb->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779) struct smack_mnt_opts *opts = mnt_opts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780) bool transmute = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782) if (sp->smk_flags & SMK_SB_INITIALIZED)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) if (inode->i_security == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 786) int rc = lsm_inode_alloc(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 787)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 788) if (rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 789) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 790) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 791)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 792) if (!smack_privileged(CAP_MAC_ADMIN)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 793) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 794) * Unprivileged mounts don't get to specify Smack values.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 795) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 796) if (opts)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 797) return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 798) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 799) * Unprivileged mounts get root and default from the caller.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 800) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 801) skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 802) sp->smk_root = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 803) sp->smk_default = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 804) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 805) * For a handful of fs types with no user-controlled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 806) * backing store it's okay to trust security labels
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 807) * in the filesystem. The rest are untrusted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 808) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 809) if (sb->s_user_ns != &init_user_ns &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 810) sb->s_magic != SYSFS_MAGIC && sb->s_magic != TMPFS_MAGIC &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 811) sb->s_magic != RAMFS_MAGIC) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 812) transmute = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 813) sp->smk_flags |= SMK_SB_UNTRUSTED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 814) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 815) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 816)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 817) sp->smk_flags |= SMK_SB_INITIALIZED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 818)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 819) if (opts) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 820) if (opts->fsdefault) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 821) skp = smk_import_entry(opts->fsdefault, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 822) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 823) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 824) sp->smk_default = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 825) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 826) if (opts->fsfloor) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 827) skp = smk_import_entry(opts->fsfloor, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 828) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 829) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 830) sp->smk_floor = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 831) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 832) if (opts->fshat) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 833) skp = smk_import_entry(opts->fshat, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 834) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 835) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 836) sp->smk_hat = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 837) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 838) if (opts->fsroot) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 839) skp = smk_import_entry(opts->fsroot, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 840) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 841) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 842) sp->smk_root = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 843) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 844) if (opts->fstransmute) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 845) skp = smk_import_entry(opts->fstransmute, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 846) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 847) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 848) sp->smk_root = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 849) transmute = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 850) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 851) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 852)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 853) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 854) * Initialize the root inode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 855) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 856) init_inode_smack(inode, sp->smk_root);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 857)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 858) if (transmute) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 859) isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 860) isp->smk_flags |= SMK_INODE_TRANSMUTE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 861) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 862)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 863) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 864) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 865)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 866) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 867) * smack_sb_statfs - Smack check on statfs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 868) * @dentry: identifies the file system in question
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 869) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 870) * Returns 0 if current can read the floor of the filesystem,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 871) * and error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 872) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 873) static int smack_sb_statfs(struct dentry *dentry)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 874) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 875) struct superblock_smack *sbp = dentry->d_sb->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 876) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 877) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 878)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 879) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 880) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 881)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 882) rc = smk_curacc(sbp->smk_floor, MAY_READ, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 883) rc = smk_bu_current("statfs", sbp->smk_floor, MAY_READ, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 884) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 885) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 886)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 887) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 888) * BPRM hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 889) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 890)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 891) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 892) * smack_bprm_creds_for_exec - Update bprm->cred if needed for exec
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 893) * @bprm: the exec information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 894) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 895) * Returns 0 if it gets a blob, -EPERM if exec forbidden and -ENOMEM otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 896) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 897) static int smack_bprm_creds_for_exec(struct linux_binprm *bprm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 898) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 899) struct inode *inode = file_inode(bprm->file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 900) struct task_smack *bsp = smack_cred(bprm->cred);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 901) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 902) struct superblock_smack *sbsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 903) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 904)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 905) isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 906) if (isp->smk_task == NULL || isp->smk_task == bsp->smk_task)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 907) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 908)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 909) sbsp = inode->i_sb->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 910) if ((sbsp->smk_flags & SMK_SB_UNTRUSTED) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 911) isp->smk_task != sbsp->smk_root)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 912) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 913)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 914) if (bprm->unsafe & LSM_UNSAFE_PTRACE) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 915) struct task_struct *tracer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 916) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 917)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 918) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 919) tracer = ptrace_parent(current);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 920) if (likely(tracer != NULL))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 921) rc = smk_ptrace_rule_check(tracer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 922) isp->smk_task,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 923) PTRACE_MODE_ATTACH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 924) __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 925) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 926)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 927) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 928) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 929) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 930) if (bprm->unsafe & ~LSM_UNSAFE_PTRACE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 931) return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 932)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 933) bsp->smk_task = isp->smk_task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 934) bprm->per_clear |= PER_CLEAR_ON_SETID;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 935)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 936) /* Decide if this is a secure exec. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 937) if (bsp->smk_task != bsp->smk_forked)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 938) bprm->secureexec = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 939)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 940) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 941) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 942)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 943) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 944) * Inode hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 945) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 946)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 947) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 948) * smack_inode_alloc_security - allocate an inode blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 949) * @inode: the inode in need of a blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 950) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 951) * Returns 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 952) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 953) static int smack_inode_alloc_security(struct inode *inode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 954) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 955) struct smack_known *skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 956)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 957) init_inode_smack(inode, skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 958) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 959) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 960)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 961) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 962) * smack_inode_init_security - copy out the smack from an inode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 963) * @inode: the newly created inode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 964) * @dir: containing directory object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 965) * @qstr: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 966) * @name: where to put the attribute name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 967) * @value: where to put the attribute value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 968) * @len: where to put the length of the attribute
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 969) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 970) * Returns 0 if it all works out, -ENOMEM if there's no memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 971) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 972) static int smack_inode_init_security(struct inode *inode, struct inode *dir,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 973) const struct qstr *qstr, const char **name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 974) void **value, size_t *len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 975) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 976) struct inode_smack *issp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 977) struct smack_known *skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 978) struct smack_known *isp = smk_of_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 979) struct smack_known *dsp = smk_of_inode(dir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 980) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 981)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 982) if (name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 983) *name = XATTR_SMACK_SUFFIX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 984)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 985) if (value && len) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 986) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 987) may = smk_access_entry(skp->smk_known, dsp->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 988) &skp->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 989) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 990)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 991) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 992) * If the access rule allows transmutation and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 993) * the directory requests transmutation then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 994) * by all means transmute.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 995) * Mark the inode as changed.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 996) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 997) if (may > 0 && ((may & MAY_TRANSMUTE) != 0) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 998) smk_inode_transmutable(dir)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 999) isp = dsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) issp->smk_flags |= SMK_INODE_CHANGED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) *value = kstrdup(isp->smk_known, GFP_NOFS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004) if (*value == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007) *len = strlen(isp->smk_known);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) * smack_inode_link - Smack check on link
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015) * @old_dentry: the existing object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) * @dir: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017) * @new_dentry: the new object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) static int smack_inode_link(struct dentry *old_dentry, struct inode *dir,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022) struct dentry *new_dentry)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) struct smack_known *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031) isp = smk_of_inode(d_backing_inode(old_dentry));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032) rc = smk_curacc(isp, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033) rc = smk_bu_inode(d_backing_inode(old_dentry), MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) if (rc == 0 && d_is_positive(new_dentry)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036) isp = smk_of_inode(d_backing_inode(new_dentry));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037) smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038) rc = smk_curacc(isp, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039) rc = smk_bu_inode(d_backing_inode(new_dentry), MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046) * smack_inode_unlink - Smack check on inode deletion
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047) * @dir: containing directory object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048) * @dentry: file to unlink
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050) * Returns 0 if current can write the containing directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) * and the object, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) static int smack_inode_unlink(struct inode *dir, struct dentry *dentry)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055) struct inode *ip = d_backing_inode(dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063) * You need write access to the thing you're unlinking
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) rc = smk_curacc(smk_of_inode(ip), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) rc = smk_bu_inode(ip, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067) if (rc == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) * You also need write access to the containing directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072) smk_ad_setfield_u_fs_inode(&ad, dir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) rc = smk_bu_inode(dir, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080) * smack_inode_rmdir - Smack check on directory deletion
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) * @dir: containing directory object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) * @dentry: directory to unlink
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084) * Returns 0 if current can write the containing directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) * and the directory, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) static int smack_inode_rmdir(struct inode *dir, struct dentry *dentry)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096) * You need write access to the thing you're removing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100) if (rc == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) * You also need write access to the containing directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105) smk_ad_setfield_u_fs_inode(&ad, dir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107) rc = smk_bu_inode(dir, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114) * smack_inode_rename - Smack check on rename
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) * @old_inode: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) * @old_dentry: the old object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117) * @new_inode: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) * @new_dentry: the new object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) * Read and write access is required on both the old and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) * new directories.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) static int smack_inode_rename(struct inode *old_inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126) struct dentry *old_dentry,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) struct inode *new_inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) struct dentry *new_dentry)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) struct smack_known *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) isp = smk_of_inode(d_backing_inode(old_dentry));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138) rc = smk_curacc(isp, MAY_READWRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139) rc = smk_bu_inode(d_backing_inode(old_dentry), MAY_READWRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141) if (rc == 0 && d_is_positive(new_dentry)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) isp = smk_of_inode(d_backing_inode(new_dentry));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144) rc = smk_curacc(isp, MAY_READWRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145) rc = smk_bu_inode(d_backing_inode(new_dentry), MAY_READWRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) * smack_inode_permission - Smack version of permission()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152) * @inode: the inode in question
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153) * @mask: the access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155) * This is the important Smack hook.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159) static int smack_inode_permission(struct inode *inode, int mask)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) struct superblock_smack *sbsp = inode->i_sb->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163) int no_block = mask & MAY_NOT_BLOCK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166) mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) * No permission to check. Existence test. Yup, it's there.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170) if (mask == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173) if (sbsp->smk_flags & SMK_SB_UNTRUSTED) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) if (smk_of_inode(inode) != sbsp->smk_root)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) return -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) /* May be droppable after audit */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) if (no_block)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180) return -ECHILD;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182) smk_ad_setfield_u_fs_inode(&ad, inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) rc = smk_curacc(smk_of_inode(inode), mask, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) rc = smk_bu_inode(inode, mask, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) * smack_inode_setattr - Smack check for setting attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) * @dentry: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) * @iattr: for the force flag
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195) static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201) * Need to allow for clearing the setuid bit.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203) if (iattr->ia_valid & ATTR_FORCE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208) rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) * smack_inode_getattr - Smack check for getting attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215) * @path: path to extract the info from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1218) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1219) static int smack_inode_getattr(const struct path *path)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1220) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1221) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1222) struct inode *inode = d_backing_inode(path->dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1223) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1224)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1225) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1226) smk_ad_setfield_u_fs_path(&ad, *path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1227) rc = smk_curacc(smk_of_inode(inode), MAY_READ, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1228) rc = smk_bu_inode(inode, MAY_READ, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1229) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1230) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1232) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1233) * smack_inode_setxattr - Smack check for setting xattrs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1234) * @dentry: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1235) * @name: name of the attribute
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1236) * @value: value of the attribute
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1237) * @size: size of the value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1238) * @flags: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1239) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1240) * This protects the Smack attribute explicitly.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1241) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1242) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1243) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1244) static int smack_inode_setxattr(struct dentry *dentry, const char *name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1245) const void *value, size_t size, int flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1246) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1247) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1248) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1249) int check_priv = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1250) int check_import = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1251) int check_star = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1252) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1253)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1254) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1255) * Check label validity here so import won't fail in post_setxattr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1256) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1257) if (strcmp(name, XATTR_NAME_SMACK) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1258) strcmp(name, XATTR_NAME_SMACKIPIN) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1259) strcmp(name, XATTR_NAME_SMACKIPOUT) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1260) check_priv = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1261) check_import = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1262) } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1263) strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1264) check_priv = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1265) check_import = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1266) check_star = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1267) } else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1268) check_priv = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1269) if (size != TRANS_TRUE_SIZE ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1270) strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1271) rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1272) } else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1273) rc = cap_inode_setxattr(dentry, name, value, size, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1274)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1275) if (check_priv && !smack_privileged(CAP_MAC_ADMIN))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1276) rc = -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1277)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1278) if (rc == 0 && check_import) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1279) skp = size ? smk_import_entry(value, size) : NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1280) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1281) rc = PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1282) else if (skp == NULL || (check_star &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1283) (skp == &smack_known_star || skp == &smack_known_web)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1284) rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1285) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1286)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1287) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1288) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1289)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1290) if (rc == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1291) rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1292) rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1293) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1294)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1295) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1296) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1297)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1298) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1299) * smack_inode_post_setxattr - Apply the Smack update approved above
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1300) * @dentry: object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1301) * @name: attribute name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1302) * @value: attribute value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1303) * @size: attribute size
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1304) * @flags: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1305) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1306) * Set the pointer in the inode blob to the entry found
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1307) * in the master label list.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1308) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1309) static void smack_inode_post_setxattr(struct dentry *dentry, const char *name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1310) const void *value, size_t size, int flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1311) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1312) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1313) struct inode_smack *isp = smack_inode(d_backing_inode(dentry));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1314)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1315) if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1316) isp->smk_flags |= SMK_INODE_TRANSMUTE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1317) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1318) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1319)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1320) if (strcmp(name, XATTR_NAME_SMACK) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1321) skp = smk_import_entry(value, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1322) if (!IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1323) isp->smk_inode = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1324) } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1325) skp = smk_import_entry(value, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1326) if (!IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1327) isp->smk_task = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1328) } else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1329) skp = smk_import_entry(value, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1330) if (!IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1331) isp->smk_mmap = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1332) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1333)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1334) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1335) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1336)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1337) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1338) * smack_inode_getxattr - Smack check on getxattr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1339) * @dentry: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1340) * @name: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1341) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1342) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1343) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1344) static int smack_inode_getxattr(struct dentry *dentry, const char *name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1345) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1346) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1347) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1348)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1349) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1350) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1351)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1352) rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_READ, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1353) rc = smk_bu_inode(d_backing_inode(dentry), MAY_READ, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1354) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1355) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1356)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1357) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1358) * smack_inode_removexattr - Smack check on removexattr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1359) * @dentry: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1360) * @name: name of the attribute
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1361) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1362) * Removing the Smack attribute requires CAP_MAC_ADMIN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1363) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1364) * Returns 0 if access is permitted, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1365) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1366) static int smack_inode_removexattr(struct dentry *dentry, const char *name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1367) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1368) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1369) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1370) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1371)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1372) if (strcmp(name, XATTR_NAME_SMACK) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1373) strcmp(name, XATTR_NAME_SMACKIPIN) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1374) strcmp(name, XATTR_NAME_SMACKIPOUT) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1375) strcmp(name, XATTR_NAME_SMACKEXEC) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1376) strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1377) strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1378) if (!smack_privileged(CAP_MAC_ADMIN))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1379) rc = -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1380) } else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1381) rc = cap_inode_removexattr(dentry, name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1382)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1383) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1384) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1385)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1386) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1387) smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1388)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1389) rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1390) rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1391) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1392) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1393)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1394) isp = smack_inode(d_backing_inode(dentry));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1395) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1396) * Don't do anything special for these.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1397) * XATTR_NAME_SMACKIPIN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1398) * XATTR_NAME_SMACKIPOUT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1399) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1400) if (strcmp(name, XATTR_NAME_SMACK) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1401) struct super_block *sbp = dentry->d_sb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1402) struct superblock_smack *sbsp = sbp->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1403)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1404) isp->smk_inode = sbsp->smk_default;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1405) } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1406) isp->smk_task = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1407) else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1408) isp->smk_mmap = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1409) else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1410) isp->smk_flags &= ~SMK_INODE_TRANSMUTE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1411)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1412) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1413) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1414)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1415) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1416) * smack_inode_getsecurity - get smack xattrs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1417) * @inode: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1418) * @name: attribute name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1419) * @buffer: where to put the result
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1420) * @alloc: duplicate memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1421) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1422) * Returns the size of the attribute or an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1423) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1424) static int smack_inode_getsecurity(struct inode *inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1425) const char *name, void **buffer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1426) bool alloc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1427) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1428) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1429) struct socket *sock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1430) struct super_block *sbp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1431) struct inode *ip = (struct inode *)inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1432) struct smack_known *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1433)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1434) if (strcmp(name, XATTR_SMACK_SUFFIX) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1435) isp = smk_of_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1436) else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1437) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1438) * The rest of the Smack xattrs are only on sockets.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1439) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1440) sbp = ip->i_sb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1441) if (sbp->s_magic != SOCKFS_MAGIC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1442) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1444) sock = SOCKET_I(ip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1445) if (sock == NULL || sock->sk == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1446) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1447)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1448) ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1449)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1450) if (strcmp(name, XATTR_SMACK_IPIN) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1451) isp = ssp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1452) else if (strcmp(name, XATTR_SMACK_IPOUT) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1453) isp = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1454) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1455) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1456) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1457)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1458) if (alloc) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1459) *buffer = kstrdup(isp->smk_known, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1460) if (*buffer == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1461) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1462) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1463)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1464) return strlen(isp->smk_known);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1465) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1466)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1468) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1469) * smack_inode_listsecurity - list the Smack attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1470) * @inode: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1471) * @buffer: where they go
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1472) * @buffer_size: size of buffer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1473) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1474) static int smack_inode_listsecurity(struct inode *inode, char *buffer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1475) size_t buffer_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1476) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1477) int len = sizeof(XATTR_NAME_SMACK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1478)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1479) if (buffer != NULL && len <= buffer_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1480) memcpy(buffer, XATTR_NAME_SMACK, len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1481)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1482) return len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1483) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1484)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1485) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1486) * smack_inode_getsecid - Extract inode's security id
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1487) * @inode: inode to extract the info from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1488) * @secid: where result will be saved
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1489) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1490) static void smack_inode_getsecid(struct inode *inode, u32 *secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1491) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1492) struct smack_known *skp = smk_of_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1493)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1494) *secid = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1495) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1496)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1497) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1498) * File Hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1499) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1501) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1502) * There is no smack_file_permission hook
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1503) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1504) * Should access checks be done on each read or write?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1505) * UNICOS and SELinux say yes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1506) * Trusted Solaris, Trusted Irix, and just about everyone else says no.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1507) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1508) * I'll say no for now. Smack does not do the frequent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1509) * label changing that SELinux does.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1510) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1511)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1512) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1513) * smack_file_alloc_security - assign a file security blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1514) * @file: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1515) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1516) * The security blob for a file is a pointer to the master
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1517) * label list, so no allocation is done.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1518) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1519) * f_security is the owner security information. It
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1520) * isn't used on file access checks, it's for send_sigio.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1521) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1522) * Returns 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1523) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1524) static int smack_file_alloc_security(struct file *file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1525) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1526) struct smack_known **blob = smack_file(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1527)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1528) *blob = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1529) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1530) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1531)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1532) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1533) * smack_file_ioctl - Smack check on ioctls
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1534) * @file: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1535) * @cmd: what to do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1536) * @arg: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1537) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1538) * Relies heavily on the correct use of the ioctl command conventions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1539) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1540) * Returns 0 if allowed, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1541) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1542) static int smack_file_ioctl(struct file *file, unsigned int cmd,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1543) unsigned long arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1544) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1545) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1546) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1547) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1548)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1549) if (unlikely(IS_PRIVATE(inode)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1550) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1551)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1552) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1553) smk_ad_setfield_u_fs_path(&ad, file->f_path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1554)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1555) if (_IOC_DIR(cmd) & _IOC_WRITE) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1556) rc = smk_curacc(smk_of_inode(inode), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1557) rc = smk_bu_file(file, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1558) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1559)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1560) if (rc == 0 && (_IOC_DIR(cmd) & _IOC_READ)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1561) rc = smk_curacc(smk_of_inode(inode), MAY_READ, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1562) rc = smk_bu_file(file, MAY_READ, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1563) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1564)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1565) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1566) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1567)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1568) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1569) * smack_file_lock - Smack check on file locking
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1570) * @file: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1571) * @cmd: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1572) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1573) * Returns 0 if current has lock access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1574) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1575) static int smack_file_lock(struct file *file, unsigned int cmd)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1576) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1577) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1578) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1579) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1580)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1581) if (unlikely(IS_PRIVATE(inode)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1582) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1583)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1584) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1585) smk_ad_setfield_u_fs_path(&ad, file->f_path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1586) rc = smk_curacc(smk_of_inode(inode), MAY_LOCK, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1587) rc = smk_bu_file(file, MAY_LOCK, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1588) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1589) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1590)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1591) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1592) * smack_file_fcntl - Smack check on fcntl
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1593) * @file: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1594) * @cmd: what action to check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1595) * @arg: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1596) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1597) * Generally these operations are harmless.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1598) * File locking operations present an obvious mechanism
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1599) * for passing information, so they require write access.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1600) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1601) * Returns 0 if current has access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1602) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1603) static int smack_file_fcntl(struct file *file, unsigned int cmd,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1604) unsigned long arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1605) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1606) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1607) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1608) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1609)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1610) if (unlikely(IS_PRIVATE(inode)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1611) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1612)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1613) switch (cmd) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1614) case F_GETLK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1615) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1616) case F_SETLK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1617) case F_SETLKW:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1618) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1619) smk_ad_setfield_u_fs_path(&ad, file->f_path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1620) rc = smk_curacc(smk_of_inode(inode), MAY_LOCK, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1621) rc = smk_bu_file(file, MAY_LOCK, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1622) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1623) case F_SETOWN:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1624) case F_SETSIG:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1625) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1626) smk_ad_setfield_u_fs_path(&ad, file->f_path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1627) rc = smk_curacc(smk_of_inode(inode), MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1628) rc = smk_bu_file(file, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1629) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1630) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1631) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1632) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1633)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1634) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1635) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1636)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1637) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1638) * smack_mmap_file :
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1639) * Check permissions for a mmap operation. The @file may be NULL, e.g.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1640) * if mapping anonymous memory.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1641) * @file contains the file structure for file to map (may be NULL).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1642) * @reqprot contains the protection requested by the application.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1643) * @prot contains the protection that will be applied by the kernel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1644) * @flags contains the operational flags.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1645) * Return 0 if permission is granted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1646) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1647) static int smack_mmap_file(struct file *file,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1648) unsigned long reqprot, unsigned long prot,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1649) unsigned long flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1650) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1651) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1652) struct smack_known *mkp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1653) struct smack_rule *srp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1654) struct task_smack *tsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1655) struct smack_known *okp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1656) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1657) struct superblock_smack *sbsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1658) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1659) int mmay;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1660) int tmay;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1661) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1662)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1663) if (file == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1664) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1665)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1666) if (unlikely(IS_PRIVATE(file_inode(file))))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1667) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1668)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1669) isp = smack_inode(file_inode(file));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1670) if (isp->smk_mmap == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1671) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1672) sbsp = file_inode(file)->i_sb->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1673) if (sbsp->smk_flags & SMK_SB_UNTRUSTED &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1674) isp->smk_mmap != sbsp->smk_root)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1675) return -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1676) mkp = isp->smk_mmap;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1677)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1678) tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1679) skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1680) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1681)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1682) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1683) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1684) * For each Smack rule associated with the subject
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1685) * label verify that the SMACK64MMAP also has access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1686) * to that rule's object label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1687) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1688) list_for_each_entry_rcu(srp, &skp->smk_rules, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1689) okp = srp->smk_object;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1690) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1691) * Matching labels always allows access.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1692) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1693) if (mkp->smk_known == okp->smk_known)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1694) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1695) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1696) * If there is a matching local rule take
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1697) * that into account as well.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1698) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1699) may = smk_access_entry(srp->smk_subject->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1700) okp->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1701) &tsp->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1702) if (may == -ENOENT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1703) may = srp->smk_access;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1704) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1705) may &= srp->smk_access;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1706) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1707) * If may is zero the SMACK64MMAP subject can't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1708) * possibly have less access.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1709) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1710) if (may == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1711) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1713) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1714) * Fetch the global list entry.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1715) * If there isn't one a SMACK64MMAP subject
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1716) * can't have as much access as current.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1717) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1718) mmay = smk_access_entry(mkp->smk_known, okp->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1719) &mkp->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1720) if (mmay == -ENOENT) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1721) rc = -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1722) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1723) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1724) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1725) * If there is a local entry it modifies the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1726) * potential access, too.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1727) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1728) tmay = smk_access_entry(mkp->smk_known, okp->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1729) &tsp->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1730) if (tmay != -ENOENT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1731) mmay &= tmay;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1732)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1733) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1734) * If there is any access available to current that is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1735) * not available to a SMACK64MMAP subject
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1736) * deny access.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1737) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1738) if ((may | mmay) != mmay) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1739) rc = -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1740) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1741) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1742) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1743)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1744) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1745)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1746) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1747) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1748)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1749) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1750) * smack_file_set_fowner - set the file security blob value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1751) * @file: object in question
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1752) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1753) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1754) static void smack_file_set_fowner(struct file *file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1755) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1756) struct smack_known **blob = smack_file(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1757)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1758) *blob = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1759) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1760)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1761) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1762) * smack_file_send_sigiotask - Smack on sigio
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1763) * @tsk: The target task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1764) * @fown: the object the signal come from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1765) * @signum: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1766) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1767) * Allow a privileged task to get signals even if it shouldn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1768) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1769) * Returns 0 if a subject with the object's smack could
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1770) * write to the task, an error code otherwise.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1771) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1772) static int smack_file_send_sigiotask(struct task_struct *tsk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1773) struct fown_struct *fown, int signum)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1774) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1775) struct smack_known **blob;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1776) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1777) struct smack_known *tkp = smk_of_task(smack_cred(tsk->cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1778) const struct cred *tcred;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1779) struct file *file;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1780) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1781) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1782)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1783) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1784) * struct fown_struct is never outside the context of a struct file
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1785) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1786) file = container_of(fown, struct file, f_owner);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1787)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1788) /* we don't log here as rc can be overriden */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1789) blob = smack_file(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1790) skp = *blob;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1791) rc = smk_access(skp, tkp, MAY_DELIVER, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1792) rc = smk_bu_note("sigiotask", skp, tkp, MAY_DELIVER, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1793)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1794) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1795) tcred = __task_cred(tsk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1796) if (rc != 0 && smack_privileged_cred(CAP_MAC_OVERRIDE, tcred))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1797) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1798) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1799)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1800) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1801) smk_ad_setfield_u_tsk(&ad, tsk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1802) smack_log(skp->smk_known, tkp->smk_known, MAY_DELIVER, rc, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1803) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1804) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1805)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1806) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1807) * smack_file_receive - Smack file receive check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1808) * @file: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1809) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1810) * Returns 0 if current has access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1811) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1812) static int smack_file_receive(struct file *file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1813) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1814) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1815) int may = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1816) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1817) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1818) struct socket *sock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1819) struct task_smack *tsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1820) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1821)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1822) if (unlikely(IS_PRIVATE(inode)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1823) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1824)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1825) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1826) smk_ad_setfield_u_fs_path(&ad, file->f_path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1827)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1828) if (inode->i_sb->s_magic == SOCKFS_MAGIC) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1829) sock = SOCKET_I(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1830) ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1831) tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1832) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1833) * If the receiving process can't write to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1834) * passed socket or if the passed socket can't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1835) * write to the receiving process don't accept
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1836) * the passed socket.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1837) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1838) rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1839) rc = smk_bu_file(file, may, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1840) if (rc < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1841) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1842) rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1843) rc = smk_bu_file(file, may, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1844) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1845) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1846) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1847) * This code relies on bitmasks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1848) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1849) if (file->f_mode & FMODE_READ)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1850) may = MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1851) if (file->f_mode & FMODE_WRITE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1852) may |= MAY_WRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1853)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1854) rc = smk_curacc(smk_of_inode(inode), may, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1855) rc = smk_bu_file(file, may, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1856) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1857) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1858)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1859) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1860) * smack_file_open - Smack dentry open processing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1861) * @file: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1862) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1863) * Set the security blob in the file structure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1864) * Allow the open only if the task has read access. There are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1865) * many read operations (e.g. fstat) that you can do with an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1866) * fd even if you have the file open write-only.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1867) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1868) * Returns 0 if current has access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1869) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1870) static int smack_file_open(struct file *file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1871) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1872) struct task_smack *tsp = smack_cred(file->f_cred);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1873) struct inode *inode = file_inode(file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1874) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1875) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1876)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1877) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1878) smk_ad_setfield_u_fs_path(&ad, file->f_path);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1879) rc = smk_tskacc(tsp, smk_of_inode(inode), MAY_READ, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1880) rc = smk_bu_credfile(file->f_cred, file, MAY_READ, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1881)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1882) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1883) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1884)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1885) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1886) * Task hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1887) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1888)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1889) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1890) * smack_cred_alloc_blank - "allocate" blank task-level security credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1891) * @cred: the new credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1892) * @gfp: the atomicity of any memory allocations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1893) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1894) * Prepare a blank set of credentials for modification. This must allocate all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1895) * the memory the LSM module might require such that cred_transfer() can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1896) * complete without error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1897) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1898) static int smack_cred_alloc_blank(struct cred *cred, gfp_t gfp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1899) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1900) init_task_smack(smack_cred(cred), NULL, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1901) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1902) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1903)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1904)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1905) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1906) * smack_cred_free - "free" task-level security credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1907) * @cred: the credentials in question
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1908) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1909) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1910) static void smack_cred_free(struct cred *cred)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1911) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1912) struct task_smack *tsp = smack_cred(cred);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1913) struct smack_rule *rp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1914) struct list_head *l;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1915) struct list_head *n;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1916)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1917) smk_destroy_label_list(&tsp->smk_relabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1918)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1919) list_for_each_safe(l, n, &tsp->smk_rules) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1920) rp = list_entry(l, struct smack_rule, list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1921) list_del(&rp->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1922) kmem_cache_free(smack_rule_cache, rp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1923) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1924) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1925)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1926) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1927) * smack_cred_prepare - prepare new set of credentials for modification
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1928) * @new: the new credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1929) * @old: the original credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1930) * @gfp: the atomicity of any memory allocations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1931) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1932) * Prepare a new set of credentials for modification.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1933) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1934) static int smack_cred_prepare(struct cred *new, const struct cred *old,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1935) gfp_t gfp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1936) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1937) struct task_smack *old_tsp = smack_cred(old);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1938) struct task_smack *new_tsp = smack_cred(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1939) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1940)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1941) init_task_smack(new_tsp, old_tsp->smk_task, old_tsp->smk_task);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1942)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1943) rc = smk_copy_rules(&new_tsp->smk_rules, &old_tsp->smk_rules, gfp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1944) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1945) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1946)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1947) rc = smk_copy_relabel(&new_tsp->smk_relabel, &old_tsp->smk_relabel,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1948) gfp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1949) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1950) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1951)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1952) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1953) * smack_cred_transfer - Transfer the old credentials to the new credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1954) * @new: the new credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1955) * @old: the original credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1956) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1957) * Fill in a set of blank credentials from another set of credentials.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1958) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1959) static void smack_cred_transfer(struct cred *new, const struct cred *old)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1960) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1961) struct task_smack *old_tsp = smack_cred(old);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1962) struct task_smack *new_tsp = smack_cred(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1963)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1964) new_tsp->smk_task = old_tsp->smk_task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1965) new_tsp->smk_forked = old_tsp->smk_task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1966) mutex_init(&new_tsp->smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1967) INIT_LIST_HEAD(&new_tsp->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1968)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1969) /* cbs copy rule list */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1970) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1971)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1972) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1973) * smack_cred_getsecid - get the secid corresponding to a creds structure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1974) * @cred: the object creds
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1975) * @secid: where to put the result
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1976) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1977) * Sets the secid to contain a u32 version of the smack label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1978) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1979) static void smack_cred_getsecid(const struct cred *cred, u32 *secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1980) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1981) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1982)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1983) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1984) skp = smk_of_task(smack_cred(cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1985) *secid = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1986) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1987) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1988)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1989) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1990) * smack_kernel_act_as - Set the subjective context in a set of credentials
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1991) * @new: points to the set of credentials to be modified.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1992) * @secid: specifies the security ID to be set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1993) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1994) * Set the security data for a kernel service.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1995) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1996) static int smack_kernel_act_as(struct cred *new, u32 secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1997) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1998) struct task_smack *new_tsp = smack_cred(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1999)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2000) new_tsp->smk_task = smack_from_secid(secid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2001) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2002) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2003)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2004) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2005) * smack_kernel_create_files_as - Set the file creation label in a set of creds
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2006) * @new: points to the set of credentials to be modified
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2007) * @inode: points to the inode to use as a reference
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2008) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2009) * Set the file creation context in a set of credentials to the same
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2010) * as the objective context of the specified inode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2011) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2012) static int smack_kernel_create_files_as(struct cred *new,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2013) struct inode *inode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2014) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2015) struct inode_smack *isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2016) struct task_smack *tsp = smack_cred(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2017)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2018) tsp->smk_forked = isp->smk_inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2019) tsp->smk_task = tsp->smk_forked;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2020) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2021) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2022)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2023) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2024) * smk_curacc_on_task - helper to log task related access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2025) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2026) * @access: the access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2027) * @caller: name of the calling function for audit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2028) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2029) * Return 0 if access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2030) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2031) static int smk_curacc_on_task(struct task_struct *p, int access,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2032) const char *caller)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2033) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2034) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2035) struct smack_known *skp = smk_of_task_struct(p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2036) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2037)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2038) smk_ad_init(&ad, caller, LSM_AUDIT_DATA_TASK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2039) smk_ad_setfield_u_tsk(&ad, p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2040) rc = smk_curacc(skp, access, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2041) rc = smk_bu_task(p, access, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2042) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2043) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2044)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2045) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2046) * smack_task_setpgid - Smack check on setting pgid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2047) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2048) * @pgid: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2049) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2050) * Return 0 if write access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2051) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2052) static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2053) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2054) return smk_curacc_on_task(p, MAY_WRITE, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2055) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2056)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2057) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2058) * smack_task_getpgid - Smack access check for getpgid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2059) * @p: the object task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2060) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2061) * Returns 0 if current can read the object task, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2062) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2063) static int smack_task_getpgid(struct task_struct *p)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2064) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2065) return smk_curacc_on_task(p, MAY_READ, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2066) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2067)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2068) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2069) * smack_task_getsid - Smack access check for getsid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2070) * @p: the object task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2071) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2072) * Returns 0 if current can read the object task, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2073) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2074) static int smack_task_getsid(struct task_struct *p)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2075) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2076) return smk_curacc_on_task(p, MAY_READ, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2077) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2078)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2079) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2080) * smack_task_getsecid - get the secid of the task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2081) * @p: the object task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2082) * @secid: where to put the result
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2083) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2084) * Sets the secid to contain a u32 version of the smack label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2085) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2086) static void smack_task_getsecid(struct task_struct *p, u32 *secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2087) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2088) struct smack_known *skp = smk_of_task_struct(p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2089)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2090) *secid = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2091) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2092)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2093) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2094) * smack_task_setnice - Smack check on setting nice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2095) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2096) * @nice: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2097) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2098) * Return 0 if write access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2099) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2100) static int smack_task_setnice(struct task_struct *p, int nice)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2101) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2102) return smk_curacc_on_task(p, MAY_WRITE, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2103) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2104)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2105) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2106) * smack_task_setioprio - Smack check on setting ioprio
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2107) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2108) * @ioprio: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2109) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2110) * Return 0 if write access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2111) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2112) static int smack_task_setioprio(struct task_struct *p, int ioprio)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2113) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2114) return smk_curacc_on_task(p, MAY_WRITE, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2115) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2117) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2118) * smack_task_getioprio - Smack check on reading ioprio
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2119) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2120) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2121) * Return 0 if read access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2122) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2123) static int smack_task_getioprio(struct task_struct *p)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2124) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2125) return smk_curacc_on_task(p, MAY_READ, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2126) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2127)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2128) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2129) * smack_task_setscheduler - Smack check on setting scheduler
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2130) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2131) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2132) * Return 0 if read access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2133) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2134) static int smack_task_setscheduler(struct task_struct *p)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2135) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2136) return smk_curacc_on_task(p, MAY_WRITE, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2137) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2139) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2140) * smack_task_getscheduler - Smack check on reading scheduler
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2141) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2142) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2143) * Return 0 if read access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2144) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2145) static int smack_task_getscheduler(struct task_struct *p)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2146) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2147) return smk_curacc_on_task(p, MAY_READ, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2148) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2150) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2151) * smack_task_movememory - Smack check on moving memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2152) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2153) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2154) * Return 0 if write access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2155) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2156) static int smack_task_movememory(struct task_struct *p)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2157) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2158) return smk_curacc_on_task(p, MAY_WRITE, __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2159) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2160)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2161) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2162) * smack_task_kill - Smack check on signal delivery
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2163) * @p: the task object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2164) * @info: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2165) * @sig: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2166) * @cred: identifies the cred to use in lieu of current's
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2167) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2168) * Return 0 if write access is permitted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2169) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2170) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2171) static int smack_task_kill(struct task_struct *p, struct kernel_siginfo *info,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2172) int sig, const struct cred *cred)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2173) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2174) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2175) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2176) struct smack_known *tkp = smk_of_task_struct(p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2177) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2178)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2179) if (!sig)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2180) return 0; /* null signal; existence test */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2181)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2182) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2183) smk_ad_setfield_u_tsk(&ad, p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2184) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2185) * Sending a signal requires that the sender
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2186) * can write the receiver.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2187) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2188) if (cred == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2189) rc = smk_curacc(tkp, MAY_DELIVER, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2190) rc = smk_bu_task(p, MAY_DELIVER, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2191) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2192) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2193) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2194) * If the cred isn't NULL we're dealing with some USB IO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2195) * specific behavior. This is not clean. For one thing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2196) * we can't take privilege into account.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2197) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2198) skp = smk_of_task(smack_cred(cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2199) rc = smk_access(skp, tkp, MAY_DELIVER, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2200) rc = smk_bu_note("USB signal", skp, tkp, MAY_DELIVER, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2201) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2202) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2204) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2205) * smack_task_to_inode - copy task smack into the inode blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2206) * @p: task to copy from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2207) * @inode: inode to copy to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2208) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2209) * Sets the smack pointer in the inode security blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2210) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2211) static void smack_task_to_inode(struct task_struct *p, struct inode *inode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2212) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2213) struct inode_smack *isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2214) struct smack_known *skp = smk_of_task_struct(p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2215)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2216) isp->smk_inode = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2217) isp->smk_flags |= SMK_INODE_INSTANT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2218) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2219)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2220) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2221) * Socket hooks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2222) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2223)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2224) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2225) * smack_sk_alloc_security - Allocate a socket blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2226) * @sk: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2227) * @family: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2228) * @gfp_flags: memory allocation flags
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2229) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2230) * Assign Smack pointers to current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2231) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2232) * Returns 0 on success, -ENOMEM is there's no memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2233) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2234) static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2235) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2236) struct smack_known *skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2237) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2238)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2239) ssp = kzalloc(sizeof(struct socket_smack), gfp_flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2240) if (ssp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2241) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2242)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2243) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2244) * Sockets created by kernel threads receive web label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2245) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2246) if (unlikely(current->flags & PF_KTHREAD)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2247) ssp->smk_in = &smack_known_web;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2248) ssp->smk_out = &smack_known_web;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2249) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2250) ssp->smk_in = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2251) ssp->smk_out = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2252) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2253) ssp->smk_packet = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2254)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2255) sk->sk_security = ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2256)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2257) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2258) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2259)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2260) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2261) * smack_sk_free_security - Free a socket blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2262) * @sk: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2263) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2264) * Clears the blob pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2265) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2266) static void smack_sk_free_security(struct sock *sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2267) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2268) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2269) struct smk_port_label *spp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2270)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2271) if (sk->sk_family == PF_INET6) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2272) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2273) list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2274) if (spp->smk_sock != sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2275) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2276) spp->smk_can_reuse = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2277) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2278) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2279) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2280) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2281) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2282) kfree(sk->sk_security);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2283) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2284)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2285) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2286) * smack_ipv4host_label - check host based restrictions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2287) * @sip: the object end
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2288) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2289) * looks for host based access restrictions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2290) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2291) * This version will only be appropriate for really small sets of single label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2292) * hosts. The caller is responsible for ensuring that the RCU read lock is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2293) * taken before calling this function.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2294) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2295) * Returns the label of the far end or NULL if it's not special.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2296) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2297) static struct smack_known *smack_ipv4host_label(struct sockaddr_in *sip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2298) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2299) struct smk_net4addr *snp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2300) struct in_addr *siap = &sip->sin_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2301)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2302) if (siap->s_addr == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2303) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2304)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2305) list_for_each_entry_rcu(snp, &smk_net4addr_list, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2306) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2307) * we break after finding the first match because
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2308) * the list is sorted from longest to shortest mask
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2309) * so we have found the most specific match
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2310) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2311) if (snp->smk_host.s_addr ==
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2312) (siap->s_addr & snp->smk_mask.s_addr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2313) return snp->smk_label;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2314)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2315) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2316) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2317)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2318) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2319) * smk_ipv6_localhost - Check for local ipv6 host address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2320) * @sip: the address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2321) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2322) * Returns boolean true if this is the localhost address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2323) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2324) static bool smk_ipv6_localhost(struct sockaddr_in6 *sip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2325) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2326) __be16 *be16p = (__be16 *)&sip->sin6_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2327) __be32 *be32p = (__be32 *)&sip->sin6_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2328)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2329) if (be32p[0] == 0 && be32p[1] == 0 && be32p[2] == 0 && be16p[6] == 0 &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2330) ntohs(be16p[7]) == 1)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2331) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2332) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2333) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2334)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2335) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2336) * smack_ipv6host_label - check host based restrictions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2337) * @sip: the object end
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2338) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2339) * looks for host based access restrictions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2340) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2341) * This version will only be appropriate for really small sets of single label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2342) * hosts. The caller is responsible for ensuring that the RCU read lock is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2343) * taken before calling this function.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2344) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2345) * Returns the label of the far end or NULL if it's not special.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2346) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2347) static struct smack_known *smack_ipv6host_label(struct sockaddr_in6 *sip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2348) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2349) struct smk_net6addr *snp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2350) struct in6_addr *sap = &sip->sin6_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2351) int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2352) int found = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2353)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2354) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2355) * It's local. Don't look for a host label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2356) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2357) if (smk_ipv6_localhost(sip))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2358) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2359)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2360) list_for_each_entry_rcu(snp, &smk_net6addr_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2361) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2362) * If the label is NULL the entry has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2363) * been renounced. Ignore it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2364) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2365) if (snp->smk_label == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2366) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2367) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2368) * we break after finding the first match because
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2369) * the list is sorted from longest to shortest mask
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2370) * so we have found the most specific match
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2371) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2372) for (found = 1, i = 0; i < 8; i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2373) if ((sap->s6_addr16[i] & snp->smk_mask.s6_addr16[i]) !=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2374) snp->smk_host.s6_addr16[i]) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2375) found = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2376) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2377) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2378) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2379) if (found)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2380) return snp->smk_label;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2381) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2382)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2383) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2384) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2385)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2386) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2387) * smack_netlbl_add - Set the secattr on a socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2388) * @sk: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2389) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2390) * Attach the outbound smack value (smk_out) to the socket.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2391) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2392) * Returns 0 on success or an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2393) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2394) static int smack_netlbl_add(struct sock *sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2395) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2396) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2397) struct smack_known *skp = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2398) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2399)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2400) local_bh_disable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2401) bh_lock_sock_nested(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2402)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2403) rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2404) switch (rc) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2405) case 0:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2406) ssp->smk_state = SMK_NETLBL_LABELED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2407) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2408) case -EDESTADDRREQ:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2409) ssp->smk_state = SMK_NETLBL_REQSKB;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2410) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2411) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2412) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2413)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2414) bh_unlock_sock(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2415) local_bh_enable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2416)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2417) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2418) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2419)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2420) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2421) * smack_netlbl_delete - Remove the secattr from a socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2422) * @sk: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2423) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2424) * Remove the outbound smack value from a socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2425) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2426) static void smack_netlbl_delete(struct sock *sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2427) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2428) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2429)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2430) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2431) * Take the label off the socket if one is set.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2432) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2433) if (ssp->smk_state != SMK_NETLBL_LABELED)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2434) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2435)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2436) local_bh_disable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2437) bh_lock_sock_nested(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2438) netlbl_sock_delattr(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2439) bh_unlock_sock(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2440) local_bh_enable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2441) ssp->smk_state = SMK_NETLBL_UNLABELED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2442) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2444) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2445) * smk_ipv4_check - Perform IPv4 host access checks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2446) * @sk: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2447) * @sap: the destination address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2448) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2449) * Set the correct secattr for the given socket based on the destination
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2450) * address and perform any outbound access checks needed.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2451) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2452) * Returns 0 on success or an error code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2453) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2454) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2455) static int smk_ipv4_check(struct sock *sk, struct sockaddr_in *sap)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2456) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2457) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2458) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2459) struct smack_known *hkp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2460) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2461) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2462)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2463) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2464) hkp = smack_ipv4host_label(sap);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2465) if (hkp != NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2466) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2467) struct lsm_network_audit net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2468)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2469) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2470) ad.a.u.net->family = sap->sin_family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2471) ad.a.u.net->dport = sap->sin_port;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2472) ad.a.u.net->v4info.daddr = sap->sin_addr.s_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2473) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2474) skp = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2475) rc = smk_access(skp, hkp, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2476) rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2477) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2478) * Clear the socket netlabel if it's set.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2479) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2480) if (!rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2481) smack_netlbl_delete(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2482) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2483) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2484)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2485) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2486) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2487)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2488) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2489) * smk_ipv6_check - check Smack access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2490) * @subject: subject Smack label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2491) * @object: object Smack label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2492) * @address: address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2493) * @act: the action being taken
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2494) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2495) * Check an IPv6 access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2496) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2497) static int smk_ipv6_check(struct smack_known *subject,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2498) struct smack_known *object,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2499) struct sockaddr_in6 *address, int act)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2500) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2501) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2502) struct lsm_network_audit net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2503) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2504) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2505) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2506)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2507) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2508) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2509) ad.a.u.net->family = PF_INET6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2510) ad.a.u.net->dport = address->sin6_port;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2511) if (act == SMK_RECEIVING)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2512) ad.a.u.net->v6info.saddr = address->sin6_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2513) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2514) ad.a.u.net->v6info.daddr = address->sin6_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2515) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2516) rc = smk_access(subject, object, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2517) rc = smk_bu_note("IPv6 check", subject, object, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2518) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2519) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2520)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2521) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2522) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2523) * smk_ipv6_port_label - Smack port access table management
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2524) * @sock: socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2525) * @address: address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2526) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2527) * Create or update the port list entry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2528) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2529) static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2530) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2531) struct sock *sk = sock->sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2532) struct sockaddr_in6 *addr6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2533) struct socket_smack *ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2534) struct smk_port_label *spp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2535) unsigned short port = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2536)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2537) if (address == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2538) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2539) * This operation is changing the Smack information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2540) * on the bound socket. Take the changes to the port
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2541) * as well.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2542) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2543) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2544) list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2545) if (sk != spp->smk_sock)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2546) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2547) spp->smk_in = ssp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2548) spp->smk_out = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2549) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2550) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2551) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2552) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2553) * A NULL address is only used for updating existing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2554) * bound entries. If there isn't one, it's OK.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2555) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2556) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2557) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2558) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2559)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2560) addr6 = (struct sockaddr_in6 *)address;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2561) port = ntohs(addr6->sin6_port);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2562) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2563) * This is a special case that is safely ignored.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2564) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2565) if (port == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2566) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2567)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2568) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2569) * Look for an existing port list entry.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2570) * This is an indication that a port is getting reused.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2571) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2572) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2573) list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2574) if (spp->smk_port != port || spp->smk_sock_type != sock->type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2575) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2576) if (spp->smk_can_reuse != 1) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2577) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2578) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2579) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2580) spp->smk_port = port;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2581) spp->smk_sock = sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2582) spp->smk_in = ssp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2583) spp->smk_out = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2584) spp->smk_can_reuse = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2585) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2586) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2587) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2588) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2589) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2590) * A new port entry is required.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2591) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2592) spp = kzalloc(sizeof(*spp), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2593) if (spp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2594) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2595)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2596) spp->smk_port = port;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2597) spp->smk_sock = sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2598) spp->smk_in = ssp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2599) spp->smk_out = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2600) spp->smk_sock_type = sock->type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2601) spp->smk_can_reuse = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2602)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2603) mutex_lock(&smack_ipv6_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2604) list_add_rcu(&spp->list, &smk_ipv6_port_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2605) mutex_unlock(&smack_ipv6_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2606) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2607) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2608) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2609)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2610) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2611) * smk_ipv6_port_check - check Smack port access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2612) * @sk: socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2613) * @address: address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2614) * @act: the action being taken
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2615) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2616) * Create or update the port list entry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2617) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2618) static int smk_ipv6_port_check(struct sock *sk, struct sockaddr_in6 *address,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2619) int act)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2620) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2621) struct smk_port_label *spp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2622) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2623) struct smack_known *skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2624) unsigned short port;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2625) struct smack_known *object;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2626)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2627) if (act == SMK_RECEIVING) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2628) skp = smack_ipv6host_label(address);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2629) object = ssp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2630) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2631) skp = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2632) object = smack_ipv6host_label(address);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2633) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2634)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2635) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2636) * The other end is a single label host.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2637) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2638) if (skp != NULL && object != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2639) return smk_ipv6_check(skp, object, address, act);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2640) if (skp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2641) skp = smack_net_ambient;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2642) if (object == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2643) object = smack_net_ambient;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2644)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2645) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2646) * It's remote, so port lookup does no good.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2647) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2648) if (!smk_ipv6_localhost(address))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2649) return smk_ipv6_check(skp, object, address, act);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2650)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2651) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2652) * It's local so the send check has to have passed.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2653) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2654) if (act == SMK_RECEIVING)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2655) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2656)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2657) port = ntohs(address->sin6_port);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2658) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2659) list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2660) if (spp->smk_port != port || spp->smk_sock_type != sk->sk_type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2661) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2662) object = spp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2663) if (act == SMK_CONNECTING)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2664) ssp->smk_packet = spp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2665) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2666) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2667) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2668)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2669) return smk_ipv6_check(skp, object, address, act);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2670) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2672) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2673) * smack_inode_setsecurity - set smack xattrs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2674) * @inode: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2675) * @name: attribute name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2676) * @value: attribute value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2677) * @size: size of the attribute
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2678) * @flags: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2679) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2680) * Sets the named attribute in the appropriate blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2681) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2682) * Returns 0 on success, or an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2683) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2684) static int smack_inode_setsecurity(struct inode *inode, const char *name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2685) const void *value, size_t size, int flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2686) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2687) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2688) struct inode_smack *nsp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2689) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2690) struct socket *sock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2691) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2692)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2693) if (value == NULL || size > SMK_LONGLABEL || size == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2694) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2695)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2696) skp = smk_import_entry(value, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2697) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2698) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2699)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2700) if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2701) nsp->smk_inode = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2702) nsp->smk_flags |= SMK_INODE_INSTANT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2703) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2704) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2705) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2706) * The rest of the Smack xattrs are only on sockets.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2707) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2708) if (inode->i_sb->s_magic != SOCKFS_MAGIC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2709) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2710)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2711) sock = SOCKET_I(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2712) if (sock == NULL || sock->sk == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2713) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2714)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2715) ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2716)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2717) if (strcmp(name, XATTR_SMACK_IPIN) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2718) ssp->smk_in = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2719) else if (strcmp(name, XATTR_SMACK_IPOUT) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2720) ssp->smk_out = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2721) if (sock->sk->sk_family == PF_INET) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2722) rc = smack_netlbl_add(sock->sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2723) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2724) printk(KERN_WARNING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2725) "Smack: \"%s\" netlbl error %d.\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2726) __func__, -rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2727) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2728) } else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2729) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2730)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2731) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2732) if (sock->sk->sk_family == PF_INET6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2733) smk_ipv6_port_label(sock, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2734) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2735)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2736) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2737) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2738)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2739) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2740) * smack_socket_post_create - finish socket setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2741) * @sock: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2742) * @family: protocol family
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2743) * @type: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2744) * @protocol: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2745) * @kern: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2746) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2747) * Sets the netlabel information on the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2748) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2749) * Returns 0 on success, and error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2750) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2751) static int smack_socket_post_create(struct socket *sock, int family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2752) int type, int protocol, int kern)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2753) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2754) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2755)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2756) if (sock->sk == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2757) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2758)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2759) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2760) * Sockets created by kernel threads receive web label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2761) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2762) if (unlikely(current->flags & PF_KTHREAD)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2763) ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2764) ssp->smk_in = &smack_known_web;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2765) ssp->smk_out = &smack_known_web;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2766) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2767)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2768) if (family != PF_INET)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2769) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2770) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2771) * Set the outbound netlbl.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2772) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2773) return smack_netlbl_add(sock->sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2774) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2775)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2776) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2777) * smack_socket_socketpair - create socket pair
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2778) * @socka: one socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2779) * @sockb: another socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2780) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2781) * Cross reference the peer labels for SO_PEERSEC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2782) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2783) * Returns 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2784) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2785) static int smack_socket_socketpair(struct socket *socka,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2786) struct socket *sockb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2787) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2788) struct socket_smack *asp = socka->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2789) struct socket_smack *bsp = sockb->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2790)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2791) asp->smk_packet = bsp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2792) bsp->smk_packet = asp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2793)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2794) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2795) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2796)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2797) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2798) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2799) * smack_socket_bind - record port binding information.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2800) * @sock: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2801) * @address: the port address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2802) * @addrlen: size of the address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2803) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2804) * Records the label bound to a port.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2805) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2806) * Returns 0 on success, and error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2807) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2808) static int smack_socket_bind(struct socket *sock, struct sockaddr *address,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2809) int addrlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2810) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2811) if (sock->sk != NULL && sock->sk->sk_family == PF_INET6) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2812) if (addrlen < SIN6_LEN_RFC2133 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2813) address->sa_family != AF_INET6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2814) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2815) smk_ipv6_port_label(sock, address);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2816) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2817) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2818) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2819) #endif /* SMACK_IPV6_PORT_LABELING */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2820)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2821) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2822) * smack_socket_connect - connect access check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2823) * @sock: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2824) * @sap: the other end
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2825) * @addrlen: size of sap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2826) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2827) * Verifies that a connection may be possible
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2828) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2829) * Returns 0 on success, and error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2830) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2831) static int smack_socket_connect(struct socket *sock, struct sockaddr *sap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2832) int addrlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2833) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2834) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2835)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2836) if (sock->sk == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2837) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2838) if (sock->sk->sk_family != PF_INET &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2839) (!IS_ENABLED(CONFIG_IPV6) || sock->sk->sk_family != PF_INET6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2840) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2841) if (addrlen < offsetofend(struct sockaddr, sa_family))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2842) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2843) if (IS_ENABLED(CONFIG_IPV6) && sap->sa_family == AF_INET6) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2844) struct sockaddr_in6 *sip = (struct sockaddr_in6 *)sap;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2845) struct smack_known *rsp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2846)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2847) if (addrlen < SIN6_LEN_RFC2133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2848) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2849) if (__is_defined(SMACK_IPV6_SECMARK_LABELING))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2850) rsp = smack_ipv6host_label(sip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2851) if (rsp != NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2852) struct socket_smack *ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2853)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2854) rc = smk_ipv6_check(ssp->smk_out, rsp, sip,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2855) SMK_CONNECTING);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2856) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2857) if (__is_defined(SMACK_IPV6_PORT_LABELING))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2858) rc = smk_ipv6_port_check(sock->sk, sip, SMK_CONNECTING);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2859)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2860) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2861) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2862) if (sap->sa_family != AF_INET || addrlen < sizeof(struct sockaddr_in))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2863) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2864) rc = smk_ipv4_check(sock->sk, (struct sockaddr_in *)sap);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2865) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2866) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2867)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2868) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2869) * smack_flags_to_may - convert S_ to MAY_ values
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2870) * @flags: the S_ value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2871) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2872) * Returns the equivalent MAY_ value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2873) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2874) static int smack_flags_to_may(int flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2875) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2876) int may = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2877)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2878) if (flags & S_IRUGO)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2879) may |= MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2880) if (flags & S_IWUGO)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2881) may |= MAY_WRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2882) if (flags & S_IXUGO)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2883) may |= MAY_EXEC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2884)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2885) return may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2886) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2887)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2888) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2889) * smack_msg_msg_alloc_security - Set the security blob for msg_msg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2890) * @msg: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2891) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2892) * Returns 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2893) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2894) static int smack_msg_msg_alloc_security(struct msg_msg *msg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2895) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2896) struct smack_known **blob = smack_msg_msg(msg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2897)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2898) *blob = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2899) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2900) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2901)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2902) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2903) * smack_of_ipc - the smack pointer for the ipc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2904) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2905) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2906) * Returns a pointer to the smack value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2907) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2908) static struct smack_known *smack_of_ipc(struct kern_ipc_perm *isp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2909) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2910) struct smack_known **blob = smack_ipc(isp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2911)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2912) return *blob;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2913) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2914)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2915) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2916) * smack_ipc_alloc_security - Set the security blob for ipc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2917) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2918) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2919) * Returns 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2920) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2921) static int smack_ipc_alloc_security(struct kern_ipc_perm *isp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2922) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2923) struct smack_known **blob = smack_ipc(isp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2924)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2925) *blob = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2926) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2927) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2928)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2929) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2930) * smk_curacc_shm : check if current has access on shm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2931) * @isp : the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2932) * @access : access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2933) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2934) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2935) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2936) static int smk_curacc_shm(struct kern_ipc_perm *isp, int access)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2937) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2938) struct smack_known *ssp = smack_of_ipc(isp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2939) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2940) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2941)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2942) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2943) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2944) ad.a.u.ipc_id = isp->id;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2945) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2946) rc = smk_curacc(ssp, access, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2947) rc = smk_bu_current("shm", ssp, access, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2948) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2949) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2950)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2951) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2952) * smack_shm_associate - Smack access check for shm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2953) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2954) * @shmflg: access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2955) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2956) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2957) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2958) static int smack_shm_associate(struct kern_ipc_perm *isp, int shmflg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2959) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2960) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2961)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2962) may = smack_flags_to_may(shmflg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2963) return smk_curacc_shm(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2964) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2965)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2966) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2967) * smack_shm_shmctl - Smack access check for shm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2968) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2969) * @cmd: what it wants to do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2970) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2971) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2972) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2973) static int smack_shm_shmctl(struct kern_ipc_perm *isp, int cmd)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2974) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2975) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2976)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2977) switch (cmd) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2978) case IPC_STAT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2979) case SHM_STAT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2980) case SHM_STAT_ANY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2981) may = MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2982) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2983) case IPC_SET:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2984) case SHM_LOCK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2985) case SHM_UNLOCK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2986) case IPC_RMID:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2987) may = MAY_READWRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2988) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2989) case IPC_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2990) case SHM_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2991) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2992) * System level information.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2993) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2994) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2995) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2996) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2997) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2998) return smk_curacc_shm(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2999) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3000)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3001) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3002) * smack_shm_shmat - Smack access for shmat
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3003) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3004) * @shmaddr: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3005) * @shmflg: access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3006) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3007) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3008) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3009) static int smack_shm_shmat(struct kern_ipc_perm *isp, char __user *shmaddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3010) int shmflg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3011) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3012) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3013)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3014) may = smack_flags_to_may(shmflg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3015) return smk_curacc_shm(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3016) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3017)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3018) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3019) * smk_curacc_sem : check if current has access on sem
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3020) * @isp : the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3021) * @access : access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3022) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3023) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3024) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3025) static int smk_curacc_sem(struct kern_ipc_perm *isp, int access)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3026) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3027) struct smack_known *ssp = smack_of_ipc(isp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3028) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3029) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3030)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3031) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3032) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3033) ad.a.u.ipc_id = isp->id;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3034) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3035) rc = smk_curacc(ssp, access, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3036) rc = smk_bu_current("sem", ssp, access, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3037) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3038) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3039)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3040) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3041) * smack_sem_associate - Smack access check for sem
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3042) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3043) * @semflg: access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3044) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3045) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3046) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3047) static int smack_sem_associate(struct kern_ipc_perm *isp, int semflg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3048) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3049) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3050)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3051) may = smack_flags_to_may(semflg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3052) return smk_curacc_sem(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3053) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3054)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3055) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3056) * smack_sem_shmctl - Smack access check for sem
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3057) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3058) * @cmd: what it wants to do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3059) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3060) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3061) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3062) static int smack_sem_semctl(struct kern_ipc_perm *isp, int cmd)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3063) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3064) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3065)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3066) switch (cmd) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3067) case GETPID:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3068) case GETNCNT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3069) case GETZCNT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3070) case GETVAL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3071) case GETALL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3072) case IPC_STAT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3073) case SEM_STAT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3074) case SEM_STAT_ANY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3075) may = MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3076) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3077) case SETVAL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3078) case SETALL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3079) case IPC_RMID:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3080) case IPC_SET:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3081) may = MAY_READWRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3082) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3083) case IPC_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3084) case SEM_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3085) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3086) * System level information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3087) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3088) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3089) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3090) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3091) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3092)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3093) return smk_curacc_sem(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3094) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3095)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3096) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3097) * smack_sem_semop - Smack checks of semaphore operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3098) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3099) * @sops: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3100) * @nsops: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3101) * @alter: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3102) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3103) * Treated as read and write in all cases.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3104) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3105) * Returns 0 if access is allowed, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3106) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3107) static int smack_sem_semop(struct kern_ipc_perm *isp, struct sembuf *sops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3108) unsigned nsops, int alter)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3109) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3110) return smk_curacc_sem(isp, MAY_READWRITE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3111) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3112)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3113) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3114) * smk_curacc_msq : helper to check if current has access on msq
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3115) * @isp : the msq
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3116) * @access : access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3117) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3118) * return 0 if current has access, error otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3119) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3120) static int smk_curacc_msq(struct kern_ipc_perm *isp, int access)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3121) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3122) struct smack_known *msp = smack_of_ipc(isp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3123) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3124) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3125)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3126) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3127) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3128) ad.a.u.ipc_id = isp->id;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3129) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3130) rc = smk_curacc(msp, access, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3131) rc = smk_bu_current("msq", msp, access, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3132) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3133) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3134)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3135) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3136) * smack_msg_queue_associate - Smack access check for msg_queue
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3137) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3138) * @msqflg: access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3139) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3140) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3141) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3142) static int smack_msg_queue_associate(struct kern_ipc_perm *isp, int msqflg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3143) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3144) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3145)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3146) may = smack_flags_to_may(msqflg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3147) return smk_curacc_msq(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3148) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3150) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3151) * smack_msg_queue_msgctl - Smack access check for msg_queue
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3152) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3153) * @cmd: what it wants to do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3154) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3155) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3156) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3157) static int smack_msg_queue_msgctl(struct kern_ipc_perm *isp, int cmd)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3158) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3159) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3160)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3161) switch (cmd) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3162) case IPC_STAT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3163) case MSG_STAT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3164) case MSG_STAT_ANY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3165) may = MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3166) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3167) case IPC_SET:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3168) case IPC_RMID:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3169) may = MAY_READWRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3170) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3171) case IPC_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3172) case MSG_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3173) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3174) * System level information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3175) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3176) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3177) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3178) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3179) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3180)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3181) return smk_curacc_msq(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3182) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3183)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3184) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3185) * smack_msg_queue_msgsnd - Smack access check for msg_queue
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3186) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3187) * @msg: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3188) * @msqflg: access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3189) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3190) * Returns 0 if current has the requested access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3191) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3192) static int smack_msg_queue_msgsnd(struct kern_ipc_perm *isp, struct msg_msg *msg,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3193) int msqflg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3194) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3195) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3196)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3197) may = smack_flags_to_may(msqflg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3198) return smk_curacc_msq(isp, may);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3199) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3200)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3201) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3202) * smack_msg_queue_msgsnd - Smack access check for msg_queue
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3203) * @isp: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3204) * @msg: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3205) * @target: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3206) * @type: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3207) * @mode: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3208) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3209) * Returns 0 if current has read and write access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3210) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3211) static int smack_msg_queue_msgrcv(struct kern_ipc_perm *isp, struct msg_msg *msg,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3212) struct task_struct *target, long type, int mode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3213) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3214) return smk_curacc_msq(isp, MAY_READWRITE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3215) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3216)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3217) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3218) * smack_ipc_permission - Smack access for ipc_permission()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3219) * @ipp: the object permissions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3220) * @flag: access requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3221) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3222) * Returns 0 if current has read and write access, error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3223) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3224) static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3225) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3226) struct smack_known **blob = smack_ipc(ipp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3227) struct smack_known *iskp = *blob;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3228) int may = smack_flags_to_may(flag);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3229) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3230) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3232) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3233) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3234) ad.a.u.ipc_id = ipp->id;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3235) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3236) rc = smk_curacc(iskp, may, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3237) rc = smk_bu_current("svipc", iskp, may, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3238) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3239) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3240)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3241) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3242) * smack_ipc_getsecid - Extract smack security id
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3243) * @ipp: the object permissions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3244) * @secid: where result will be saved
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3245) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3246) static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3247) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3248) struct smack_known **blob = smack_ipc(ipp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3249) struct smack_known *iskp = *blob;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3250)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3251) *secid = iskp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3252) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3253)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3254) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3255) * smack_d_instantiate - Make sure the blob is correct on an inode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3256) * @opt_dentry: dentry where inode will be attached
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3257) * @inode: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3258) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3259) * Set the inode's security blob if it hasn't been done already.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3260) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3261) static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3262) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3263) struct super_block *sbp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3264) struct superblock_smack *sbsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3265) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3266) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3267) struct smack_known *ckp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3268) struct smack_known *final;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3269) char trattr[TRANS_TRUE_SIZE];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3270) int transflag = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3271) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3272) struct dentry *dp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3273)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3274) if (inode == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3275) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3276)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3277) isp = smack_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3278)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3279) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3280) * If the inode is already instantiated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3281) * take the quick way out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3282) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3283) if (isp->smk_flags & SMK_INODE_INSTANT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3284) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3285)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3286) sbp = inode->i_sb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3287) sbsp = sbp->s_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3288) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3289) * We're going to use the superblock default label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3290) * if there's no label on the file.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3291) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3292) final = sbsp->smk_default;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3293)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3294) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3295) * If this is the root inode the superblock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3296) * may be in the process of initialization.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3297) * If that is the case use the root value out
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3298) * of the superblock.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3299) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3300) if (opt_dentry->d_parent == opt_dentry) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3301) switch (sbp->s_magic) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3302) case CGROUP_SUPER_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3303) case CGROUP2_SUPER_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3304) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3305) * The cgroup filesystem is never mounted,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3306) * so there's no opportunity to set the mount
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3307) * options.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3308) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3309) sbsp->smk_root = &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3310) sbsp->smk_default = &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3311) isp->smk_inode = sbsp->smk_root;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3312) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3313) case TMPFS_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3314) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3315) * What about shmem/tmpfs anonymous files with dentry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3316) * obtained from d_alloc_pseudo()?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3317) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3318) isp->smk_inode = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3319) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3320) case PIPEFS_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3321) isp->smk_inode = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3322) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3323) case SOCKFS_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3324) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3325) * Socket access is controlled by the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3326) * structures associated with the task involved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3327) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3328) isp->smk_inode = &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3329) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3330) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3331) isp->smk_inode = sbsp->smk_root;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3332) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3333) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3334) isp->smk_flags |= SMK_INODE_INSTANT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3335) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3336) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3337)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3338) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3339) * This is pretty hackish.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3340) * Casey says that we shouldn't have to do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3341) * file system specific code, but it does help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3342) * with keeping it simple.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3343) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3344) switch (sbp->s_magic) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3345) case SMACK_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3346) case CGROUP_SUPER_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3347) case CGROUP2_SUPER_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3348) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3349) * Casey says that it's a little embarrassing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3350) * that the smack file system doesn't do
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3351) * extended attributes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3352) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3353) * Cgroupfs is special
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3354) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3355) final = &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3356) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3357) case DEVPTS_SUPER_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3358) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3359) * devpts seems content with the label of the task.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3360) * Programs that change smack have to treat the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3361) * pty with respect.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3362) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3363) final = ckp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3364) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3365) case PROC_SUPER_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3366) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3367) * Casey says procfs appears not to care.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3368) * The superblock default suffices.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3369) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3370) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3371) case TMPFS_MAGIC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3372) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3373) * Device labels should come from the filesystem,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3374) * but watch out, because they're volitile,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3375) * getting recreated on every reboot.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3376) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3377) final = &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3378) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3379) * If a smack value has been set we want to use it,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3380) * but since tmpfs isn't giving us the opportunity
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3381) * to set mount options simulate setting the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3382) * superblock default.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3383) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3384) fallthrough;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3385) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3386) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3387) * This isn't an understood special case.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3388) * Get the value from the xattr.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3389) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3390)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3391) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3392) * UNIX domain sockets use lower level socket data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3393) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3394) if (S_ISSOCK(inode->i_mode)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3395) final = &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3396) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3397) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3398) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3399) * No xattr support means, alas, no SMACK label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3400) * Use the aforeapplied default.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3401) * It would be curious if the label of the task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3402) * does not match that assigned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3403) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3404) if (!(inode->i_opflags & IOP_XATTR))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3405) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3406) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3407) * Get the dentry for xattr.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3408) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3409) dp = dget(opt_dentry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3410) skp = smk_fetch(XATTR_NAME_SMACK, inode, dp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3411) if (!IS_ERR_OR_NULL(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3412) final = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3413)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3414) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3415) * Transmuting directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3416) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3417) if (S_ISDIR(inode->i_mode)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3418) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3419) * If this is a new directory and the label was
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3420) * transmuted when the inode was initialized
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3421) * set the transmute attribute on the directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3422) * and mark the inode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3423) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3424) * If there is a transmute attribute on the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3425) * directory mark the inode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3426) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3427) if (isp->smk_flags & SMK_INODE_CHANGED) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3428) isp->smk_flags &= ~SMK_INODE_CHANGED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3429) rc = __vfs_setxattr(dp, inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3430) XATTR_NAME_SMACKTRANSMUTE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3431) TRANS_TRUE, TRANS_TRUE_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3432) 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3433) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3434) rc = __vfs_getxattr(dp, inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3435) XATTR_NAME_SMACKTRANSMUTE, trattr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3436) TRANS_TRUE_SIZE, XATTR_NOSECURITY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3437) if (rc >= 0 && strncmp(trattr, TRANS_TRUE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3438) TRANS_TRUE_SIZE) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3439) rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3440) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3441) if (rc >= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3442) transflag = SMK_INODE_TRANSMUTE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3443) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3444) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3445) * Don't let the exec or mmap label be "*" or "@".
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3446) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3447) skp = smk_fetch(XATTR_NAME_SMACKEXEC, inode, dp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3448) if (IS_ERR(skp) || skp == &smack_known_star ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3449) skp == &smack_known_web)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3450) skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3451) isp->smk_task = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3452)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3453) skp = smk_fetch(XATTR_NAME_SMACKMMAP, inode, dp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3454) if (IS_ERR(skp) || skp == &smack_known_star ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3455) skp == &smack_known_web)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3456) skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3457) isp->smk_mmap = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3458)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3459) dput(dp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3460) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3461) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3462)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3463) if (final == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3464) isp->smk_inode = ckp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3465) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3466) isp->smk_inode = final;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3468) isp->smk_flags |= (SMK_INODE_INSTANT | transflag);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3469)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3470) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3471) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3472)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3473) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3474) * smack_getprocattr - Smack process attribute access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3475) * @p: the object task
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3476) * @name: the name of the attribute in /proc/.../attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3477) * @value: where to put the result
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3478) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3479) * Places a copy of the task Smack into value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3480) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3481) * Returns the length of the smack label or an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3482) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3483) static int smack_getprocattr(struct task_struct *p, char *name, char **value)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3484) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3485) struct smack_known *skp = smk_of_task_struct(p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3486) char *cp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3487) int slen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3488)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3489) if (strcmp(name, "current") != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3490) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3491)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3492) cp = kstrdup(skp->smk_known, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3493) if (cp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3494) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3495)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3496) slen = strlen(cp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3497) *value = cp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3498) return slen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3499) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3501) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3502) * smack_setprocattr - Smack process attribute setting
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3503) * @name: the name of the attribute in /proc/.../attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3504) * @value: the value to set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3505) * @size: the size of the value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3506) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3507) * Sets the Smack value of the task. Only setting self
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3508) * is permitted and only with privilege
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3509) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3510) * Returns the length of the smack label or an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3511) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3512) static int smack_setprocattr(const char *name, void *value, size_t size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3513) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3514) struct task_smack *tsp = smack_cred(current_cred());
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3515) struct cred *new;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3516) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3517) struct smack_known_list_elem *sklep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3518) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3519)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3520) if (!smack_privileged(CAP_MAC_ADMIN) && list_empty(&tsp->smk_relabel))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3521) return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3522)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3523) if (value == NULL || size == 0 || size >= SMK_LONGLABEL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3524) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3525)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3526) if (strcmp(name, "current") != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3527) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3528)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3529) skp = smk_import_entry(value, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3530) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3531) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3532)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3533) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3534) * No process is ever allowed the web ("@") label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3535) * and the star ("*") label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3536) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3537) if (skp == &smack_known_web || skp == &smack_known_star)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3538) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3540) if (!smack_privileged(CAP_MAC_ADMIN)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3541) rc = -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3542) list_for_each_entry(sklep, &tsp->smk_relabel, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3543) if (sklep->smk_label == skp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3544) rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3545) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3546) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3547) if (rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3548) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3549) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3550)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3551) new = prepare_creds();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3552) if (new == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3553) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3554)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3555) tsp = smack_cred(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3556) tsp->smk_task = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3557) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3558) * process can change its label only once
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3559) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3560) smk_destroy_label_list(&tsp->smk_relabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3561)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3562) commit_creds(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3563) return size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3564) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3565)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3566) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3567) * smack_unix_stream_connect - Smack access on UDS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3568) * @sock: one sock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3569) * @other: the other sock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3570) * @newsk: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3571) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3572) * Return 0 if a subject with the smack of sock could access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3573) * an object with the smack of other, otherwise an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3574) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3575) static int smack_unix_stream_connect(struct sock *sock,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3576) struct sock *other, struct sock *newsk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3577) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3578) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3579) struct smack_known *okp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3580) struct socket_smack *ssp = sock->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3581) struct socket_smack *osp = other->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3582) struct socket_smack *nsp = newsk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3583) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3584) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3585) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3586) struct lsm_network_audit net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3587) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3588)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3589) if (!smack_privileged(CAP_MAC_OVERRIDE)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3590) skp = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3591) okp = osp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3592) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3593) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3594) smk_ad_setfield_u_net_sk(&ad, other);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3595) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3596) rc = smk_access(skp, okp, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3597) rc = smk_bu_note("UDS connect", skp, okp, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3598) if (rc == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3599) okp = osp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3600) skp = ssp->smk_in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3601) rc = smk_access(okp, skp, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3602) rc = smk_bu_note("UDS connect", okp, skp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3603) MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3604) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3605) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3606)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3607) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3608) * Cross reference the peer labels for SO_PEERSEC.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3609) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3610) if (rc == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3611) nsp->smk_packet = ssp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3612) ssp->smk_packet = osp->smk_out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3613) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3614)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3615) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3616) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3617)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3618) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3619) * smack_unix_may_send - Smack access on UDS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3620) * @sock: one socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3621) * @other: the other socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3622) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3623) * Return 0 if a subject with the smack of sock could access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3624) * an object with the smack of other, otherwise an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3625) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3626) static int smack_unix_may_send(struct socket *sock, struct socket *other)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3627) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3628) struct socket_smack *ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3629) struct socket_smack *osp = other->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3630) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3631) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3632)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3633) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3634) struct lsm_network_audit net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3635)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3636) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3637) smk_ad_setfield_u_net_sk(&ad, other->sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3638) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3639)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3640) if (smack_privileged(CAP_MAC_OVERRIDE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3641) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3642)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3643) rc = smk_access(ssp->smk_out, osp->smk_in, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3644) rc = smk_bu_note("UDS send", ssp->smk_out, osp->smk_in, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3645) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3646) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3647)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3648) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3649) * smack_socket_sendmsg - Smack check based on destination host
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3650) * @sock: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3651) * @msg: the message
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3652) * @size: the size of the message
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3653) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3654) * Return 0 if the current subject can write to the destination host.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3655) * For IPv4 this is only a question if the destination is a single label host.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3656) * For IPv6 this is a check against the label of the port.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3657) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3658) static int smack_socket_sendmsg(struct socket *sock, struct msghdr *msg,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3659) int size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3660) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3661) struct sockaddr_in *sip = (struct sockaddr_in *) msg->msg_name;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3662) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3663) struct sockaddr_in6 *sap = (struct sockaddr_in6 *) msg->msg_name;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3664) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3665) #ifdef SMACK_IPV6_SECMARK_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3666) struct socket_smack *ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3667) struct smack_known *rsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3668) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3669) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3670)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3671) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3672) * Perfectly reasonable for this to be NULL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3673) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3674) if (sip == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3675) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3676)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3677) switch (sock->sk->sk_family) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3678) case AF_INET:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3679) if (msg->msg_namelen < sizeof(struct sockaddr_in) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3680) sip->sin_family != AF_INET)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3681) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3682) rc = smk_ipv4_check(sock->sk, sip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3683) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3684) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3685) case AF_INET6:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3686) if (msg->msg_namelen < SIN6_LEN_RFC2133 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3687) sap->sin6_family != AF_INET6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3688) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3689) #ifdef SMACK_IPV6_SECMARK_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3690) rsp = smack_ipv6host_label(sap);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3691) if (rsp != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3692) rc = smk_ipv6_check(ssp->smk_out, rsp, sap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3693) SMK_CONNECTING);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3694) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3695) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3696) rc = smk_ipv6_port_check(sock->sk, sap, SMK_SENDING);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3697) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3698) #endif /* IS_ENABLED(CONFIG_IPV6) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3699) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3700) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3701) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3702) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3703)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3704) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3705) * smack_from_secattr - Convert a netlabel attr.mls.lvl/attr.mls.cat pair to smack
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3706) * @sap: netlabel secattr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3707) * @ssp: socket security information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3708) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3709) * Returns a pointer to a Smack label entry found on the label list.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3710) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3711) static struct smack_known *smack_from_secattr(struct netlbl_lsm_secattr *sap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3712) struct socket_smack *ssp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3713) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3714) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3715) int found = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3716) int acat;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3717) int kcat;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3718)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3719) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3720) * Netlabel found it in the cache.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3721) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3722) if ((sap->flags & NETLBL_SECATTR_CACHE) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3723) return (struct smack_known *)sap->cache->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3724)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3725) if ((sap->flags & NETLBL_SECATTR_SECID) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3726) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3727) * Looks like a fallback, which gives us a secid.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3728) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3729) return smack_from_secid(sap->attr.secid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3730)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3731) if ((sap->flags & NETLBL_SECATTR_MLS_LVL) != 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3732) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3733) * Looks like a CIPSO packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3734) * If there are flags but no level netlabel isn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3735) * behaving the way we expect it to.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3736) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3737) * Look it up in the label table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3738) * Without guidance regarding the smack value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3739) * for the packet fall back on the network
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3740) * ambient value.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3741) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3742) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3743) list_for_each_entry_rcu(skp, &smack_known_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3744) if (sap->attr.mls.lvl != skp->smk_netlabel.attr.mls.lvl)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3745) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3746) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3747) * Compare the catsets. Use the netlbl APIs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3748) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3749) if ((sap->flags & NETLBL_SECATTR_MLS_CAT) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3750) if ((skp->smk_netlabel.flags &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3751) NETLBL_SECATTR_MLS_CAT) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3752) found = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3753) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3754) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3755) for (acat = -1, kcat = -1; acat == kcat; ) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3756) acat = netlbl_catmap_walk(sap->attr.mls.cat,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3757) acat + 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3758) kcat = netlbl_catmap_walk(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3759) skp->smk_netlabel.attr.mls.cat,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3760) kcat + 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3761) if (acat < 0 || kcat < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3762) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3763) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3764) if (acat == kcat) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3765) found = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3766) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3767) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3768) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3769) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3770)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3771) if (found)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3772) return skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3773)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3774) if (ssp != NULL && ssp->smk_in == &smack_known_star)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3775) return &smack_known_web;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3776) return &smack_known_star;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3777) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3778) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3779) * Without guidance regarding the smack value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3780) * for the packet fall back on the network
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3781) * ambient value.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3782) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3783) return smack_net_ambient;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3784) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3785)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3786) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3787) static int smk_skb_to_addr_ipv6(struct sk_buff *skb, struct sockaddr_in6 *sip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3788) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3789) u8 nexthdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3790) int offset;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3791) int proto = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3792) struct ipv6hdr _ipv6h;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3793) struct ipv6hdr *ip6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3794) __be16 frag_off;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3795) struct tcphdr _tcph, *th;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3796) struct udphdr _udph, *uh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3797) struct dccp_hdr _dccph, *dh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3798)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3799) sip->sin6_port = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3800)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3801) offset = skb_network_offset(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3802) ip6 = skb_header_pointer(skb, offset, sizeof(_ipv6h), &_ipv6h);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3803) if (ip6 == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3804) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3805) sip->sin6_addr = ip6->saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3806)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3807) nexthdr = ip6->nexthdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3808) offset += sizeof(_ipv6h);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3809) offset = ipv6_skip_exthdr(skb, offset, &nexthdr, &frag_off);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3810) if (offset < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3811) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3812)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3813) proto = nexthdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3814) switch (proto) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3815) case IPPROTO_TCP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3816) th = skb_header_pointer(skb, offset, sizeof(_tcph), &_tcph);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3817) if (th != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3818) sip->sin6_port = th->source;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3819) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3820) case IPPROTO_UDP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3821) case IPPROTO_UDPLITE:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3822) uh = skb_header_pointer(skb, offset, sizeof(_udph), &_udph);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3823) if (uh != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3824) sip->sin6_port = uh->source;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3825) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3826) case IPPROTO_DCCP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3827) dh = skb_header_pointer(skb, offset, sizeof(_dccph), &_dccph);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3828) if (dh != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3829) sip->sin6_port = dh->dccph_sport;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3830) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3831) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3832) return proto;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3833) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3834) #endif /* CONFIG_IPV6 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3835)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3836) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3837) * smack_from_skb - Smack data from the secmark in an skb
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3838) * @skb: packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3839) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3840) * Returns smack_known of the secmark or NULL if that won't work.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3841) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3842) #ifdef CONFIG_NETWORK_SECMARK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3843) static struct smack_known *smack_from_skb(struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3844) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3845) if (skb == NULL || skb->secmark == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3846) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3847)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3848) return smack_from_secid(skb->secmark);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3849) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3850) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3851) static inline struct smack_known *smack_from_skb(struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3852) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3853) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3854) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3855) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3856)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3857) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3858) * smack_from_netlbl - Smack data from the IP options in an skb
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3859) * @sk: socket data came in on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3860) * @family: address family
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3861) * @skb: packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3862) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3863) * Find the Smack label in the IP options. If it hasn't been
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3864) * added to the netlabel cache, add it here.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3865) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3866) * Returns smack_known of the IP options or NULL if that won't work.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3867) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3868) static struct smack_known *smack_from_netlbl(struct sock *sk, u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3869) struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3870) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3871) struct netlbl_lsm_secattr secattr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3872) struct socket_smack *ssp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3873) struct smack_known *skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3874) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3875)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3876) netlbl_secattr_init(&secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3877)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3878) if (sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3879) ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3880)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3881) if (netlbl_skbuff_getattr(skb, family, &secattr) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3882) skp = smack_from_secattr(&secattr, ssp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3883) if (secattr.flags & NETLBL_SECATTR_CACHEABLE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3884) rc = netlbl_cache_add(skb, family, &skp->smk_netlabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3885) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3886)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3887) netlbl_secattr_destroy(&secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3888)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3889) return skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3890) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3891)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3892) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3893) * smack_socket_sock_rcv_skb - Smack packet delivery access check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3894) * @sk: socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3895) * @skb: packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3896) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3897) * Returns 0 if the packet should be delivered, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3898) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3899) static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3900) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3901) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3902) struct smack_known *skp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3903) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3904) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3905) u16 family = sk->sk_family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3906) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3907) struct lsm_network_audit net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3908) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3909) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3910) struct sockaddr_in6 sadd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3911) int proto;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3912)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3913) if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3914) family = PF_INET;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3915) #endif /* CONFIG_IPV6 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3916)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3917) switch (family) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3918) case PF_INET:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3919) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3920) * If there is a secmark use it rather than the CIPSO label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3921) * If there is no secmark fall back to CIPSO.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3922) * The secmark is assumed to reflect policy better.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3923) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3924) skp = smack_from_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3925) if (skp == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3926) skp = smack_from_netlbl(sk, family, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3927) if (skp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3928) skp = smack_net_ambient;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3929) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3930)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3931) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3932) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3933) ad.a.u.net->family = family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3934) ad.a.u.net->netif = skb->skb_iif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3935) ipv4_skb_to_auditdata(skb, &ad.a, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3936) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3937) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3938) * Receiving a packet requires that the other end
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3939) * be able to write here. Read access is not required.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3940) * This is the simplist possible security model
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3941) * for networking.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3942) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3943) rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3944) rc = smk_bu_note("IPv4 delivery", skp, ssp->smk_in,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3945) MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3946) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3947) netlbl_skbuff_err(skb, family, rc, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3948) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3949) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3950) case PF_INET6:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3951) proto = smk_skb_to_addr_ipv6(skb, &sadd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3952) if (proto != IPPROTO_UDP && proto != IPPROTO_UDPLITE &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3953) proto != IPPROTO_TCP && proto != IPPROTO_DCCP)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3954) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3955) #ifdef SMACK_IPV6_SECMARK_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3956) skp = smack_from_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3957) if (skp == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3958) if (smk_ipv6_localhost(&sadd))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3959) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3960) skp = smack_ipv6host_label(&sadd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3961) if (skp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3962) skp = smack_net_ambient;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3963) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3964) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3965) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3966) ad.a.u.net->family = family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3967) ad.a.u.net->netif = skb->skb_iif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3968) ipv6_skb_to_auditdata(skb, &ad.a, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3969) #endif /* CONFIG_AUDIT */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3970) rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3971) rc = smk_bu_note("IPv6 delivery", skp, ssp->smk_in,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3972) MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3973) #endif /* SMACK_IPV6_SECMARK_LABELING */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3974) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3975) rc = smk_ipv6_port_check(sk, &sadd, SMK_RECEIVING);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3976) #endif /* SMACK_IPV6_PORT_LABELING */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3977) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3978) icmpv6_send(skb, ICMPV6_DEST_UNREACH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3979) ICMPV6_ADM_PROHIBITED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3980) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3981) #endif /* CONFIG_IPV6 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3982) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3983)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3984) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3985) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3986)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3987) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3988) * smack_socket_getpeersec_stream - pull in packet label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3989) * @sock: the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3990) * @optval: user's destination
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3991) * @optlen: size thereof
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3992) * @len: max thereof
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3993) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3994) * returns zero on success, an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3995) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3996) static int smack_socket_getpeersec_stream(struct socket *sock,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3997) char __user *optval,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3998) int __user *optlen, unsigned len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3999) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4000) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4001) char *rcp = "";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4002) int slen = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4003) int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4004)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4005) ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4006) if (ssp->smk_packet != NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4007) rcp = ssp->smk_packet->smk_known;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4008) slen = strlen(rcp) + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4009) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4010)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4011) if (slen > len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4012) rc = -ERANGE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4013) else if (copy_to_user(optval, rcp, slen) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4014) rc = -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4015)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4016) if (put_user(slen, optlen) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4017) rc = -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4018)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4019) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4020) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4021)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4022)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4023) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4024) * smack_socket_getpeersec_dgram - pull in packet label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4025) * @sock: the peer socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4026) * @skb: packet data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4027) * @secid: pointer to where to put the secid of the packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4028) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4029) * Sets the netlabel socket state on sk from parent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4030) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4031) static int smack_socket_getpeersec_dgram(struct socket *sock,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4032) struct sk_buff *skb, u32 *secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4033)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4034) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4035) struct socket_smack *ssp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4036) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4037) struct sock *sk = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4038) int family = PF_UNSPEC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4039) u32 s = 0; /* 0 is the invalid secid */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4040)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4041) if (skb != NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4042) if (skb->protocol == htons(ETH_P_IP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4043) family = PF_INET;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4044) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4045) else if (skb->protocol == htons(ETH_P_IPV6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4046) family = PF_INET6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4047) #endif /* CONFIG_IPV6 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4048) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4049) if (family == PF_UNSPEC && sock != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4050) family = sock->sk->sk_family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4051)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4052) switch (family) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4053) case PF_UNIX:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4054) ssp = sock->sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4055) s = ssp->smk_out->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4056) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4057) case PF_INET:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4058) skp = smack_from_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4059) if (skp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4060) s = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4061) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4062) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4063) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4064) * Translate what netlabel gave us.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4065) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4066) if (sock != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4067) sk = sock->sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4068) skp = smack_from_netlbl(sk, family, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4069) if (skp != NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4070) s = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4071) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4072) case PF_INET6:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4073) #ifdef SMACK_IPV6_SECMARK_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4074) skp = smack_from_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4075) if (skp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4076) s = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4077) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4078) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4079) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4080) *secid = s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4081) if (s == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4082) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4083) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4084) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4085)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4086) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4087) * smack_sock_graft - Initialize a newly created socket with an existing sock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4088) * @sk: child sock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4089) * @parent: parent socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4090) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4091) * Set the smk_{in,out} state of an existing sock based on the process that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4092) * is creating the new socket.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4093) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4094) static void smack_sock_graft(struct sock *sk, struct socket *parent)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4095) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4096) struct socket_smack *ssp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4097) struct smack_known *skp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4098)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4099) if (sk == NULL ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4100) (sk->sk_family != PF_INET && sk->sk_family != PF_INET6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4101) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4103) ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4104) ssp->smk_in = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4105) ssp->smk_out = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4106) /* cssp->smk_packet is already set in smack_inet_csk_clone() */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4107) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4108)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4109) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4110) * smack_inet_conn_request - Smack access check on connect
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4111) * @sk: socket involved
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4112) * @skb: packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4113) * @req: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4114) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4115) * Returns 0 if a task with the packet label could write to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4116) * the socket, otherwise an error code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4117) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4118) static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4119) struct request_sock *req)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4120) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4121) u16 family = sk->sk_family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4122) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4123) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4124) struct sockaddr_in addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4125) struct iphdr *hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4126) struct smack_known *hskp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4127) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4128) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4129) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4130) struct lsm_network_audit net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4131) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4132)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4133) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4134) if (family == PF_INET6) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4135) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4136) * Handle mapped IPv4 packets arriving
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4137) * via IPv6 sockets. Don't set up netlabel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4138) * processing on IPv6.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4139) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4140) if (skb->protocol == htons(ETH_P_IP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4141) family = PF_INET;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4142) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4143) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4144) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4145) #endif /* CONFIG_IPV6 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4147) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4148) * If there is a secmark use it rather than the CIPSO label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4149) * If there is no secmark fall back to CIPSO.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4150) * The secmark is assumed to reflect policy better.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4151) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4152) skp = smack_from_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4153) if (skp == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4154) skp = smack_from_netlbl(sk, family, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4155) if (skp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4156) skp = &smack_known_huh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4157) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4158)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4159) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4160) smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4161) ad.a.u.net->family = family;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4162) ad.a.u.net->netif = skb->skb_iif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4163) ipv4_skb_to_auditdata(skb, &ad.a, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4164) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4165) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4166) * Receiving a packet requires that the other end be able to write
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4167) * here. Read access is not required.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4168) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4169) rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4170) rc = smk_bu_note("IPv4 connect", skp, ssp->smk_in, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4171) if (rc != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4172) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4173)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4174) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4175) * Save the peer's label in the request_sock so we can later setup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4176) * smk_packet in the child socket so that SO_PEERCRED can report it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4177) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4178) req->peer_secid = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4180) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4181) * We need to decide if we want to label the incoming connection here
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4182) * if we do we only need to label the request_sock and the stack will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4183) * propagate the wire-label to the sock when it is created.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4184) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4185) hdr = ip_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4186) addr.sin_addr.s_addr = hdr->saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4187) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4188) hskp = smack_ipv4host_label(&addr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4189) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4190)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4191) if (hskp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4192) rc = netlbl_req_setattr(req, &skp->smk_netlabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4193) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4194) netlbl_req_delattr(req);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4195)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4196) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4197) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4198)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4199) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4200) * smack_inet_csk_clone - Copy the connection information to the new socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4201) * @sk: the new socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4202) * @req: the connection's request_sock
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4203) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4204) * Transfer the connection's peer label to the newly created socket.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4205) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4206) static void smack_inet_csk_clone(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4207) const struct request_sock *req)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4208) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4209) struct socket_smack *ssp = sk->sk_security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4210) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4211)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4212) if (req->peer_secid != 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4213) skp = smack_from_secid(req->peer_secid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4214) ssp->smk_packet = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4215) } else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4216) ssp->smk_packet = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4217) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4218)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4219) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4220) * Key management security hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4221) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4222) * Casey has not tested key support very heavily.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4223) * The permission check is most likely too restrictive.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4224) * If you care about keys please have a look.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4225) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4226) #ifdef CONFIG_KEYS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4227)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4228) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4229) * smack_key_alloc - Set the key security blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4230) * @key: object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4231) * @cred: the credentials to use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4232) * @flags: unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4233) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4234) * No allocation required
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4235) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4236) * Returns 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4237) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4238) static int smack_key_alloc(struct key *key, const struct cred *cred,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4239) unsigned long flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4240) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4241) struct smack_known *skp = smk_of_task(smack_cred(cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4242)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4243) key->security = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4244) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4245) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4246)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4247) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4248) * smack_key_free - Clear the key security blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4249) * @key: the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4250) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4251) * Clear the blob pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4252) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4253) static void smack_key_free(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4254) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4255) key->security = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4256) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4257)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4258) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4259) * smack_key_permission - Smack access on a key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4260) * @key_ref: gets to the object
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4261) * @cred: the credentials to use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4262) * @need_perm: requested key permission
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4263) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4264) * Return 0 if the task has read and write to the object,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4265) * an error code otherwise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4266) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4267) static int smack_key_permission(key_ref_t key_ref,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4268) const struct cred *cred,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4269) enum key_need_perm need_perm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4270) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4271) struct key *keyp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4272) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4273) struct smack_known *tkp = smk_of_task(smack_cred(cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4274) int request = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4275) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4276)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4277) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4278) * Validate requested permissions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4279) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4280) switch (need_perm) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4281) case KEY_NEED_READ:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4282) case KEY_NEED_SEARCH:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4283) case KEY_NEED_VIEW:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4284) request |= MAY_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4285) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4286) case KEY_NEED_WRITE:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4287) case KEY_NEED_LINK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4288) case KEY_NEED_SETATTR:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4289) request |= MAY_WRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4290) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4291) case KEY_NEED_UNSPECIFIED:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4292) case KEY_NEED_UNLINK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4293) case KEY_SYSADMIN_OVERRIDE:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4294) case KEY_AUTHTOKEN_OVERRIDE:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4295) case KEY_DEFER_PERM_CHECK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4296) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4297) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4298) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4299) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4300)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4301) keyp = key_ref_to_ptr(key_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4302) if (keyp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4303) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4304) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4305) * If the key hasn't been initialized give it access so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4306) * it may do so.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4307) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4308) if (keyp->security == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4309) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4310) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4311) * This should not occur
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4312) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4313) if (tkp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4314) return -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4315)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4316) if (smack_privileged(CAP_MAC_OVERRIDE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4317) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4318)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4319) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4320) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4321) ad.a.u.key_struct.key = keyp->serial;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4322) ad.a.u.key_struct.key_desc = keyp->description;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4323) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4324) rc = smk_access(tkp, keyp->security, request, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4325) rc = smk_bu_note("key access", tkp, keyp->security, request, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4326) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4327) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4328)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4329) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4330) * smack_key_getsecurity - Smack label tagging the key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4331) * @key points to the key to be queried
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4332) * @_buffer points to a pointer that should be set to point to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4333) * resulting string (if no label or an error occurs).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4334) * Return the length of the string (including terminating NUL) or -ve if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4335) * an error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4336) * May also return 0 (and a NULL buffer pointer) if there is no label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4337) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4338) static int smack_key_getsecurity(struct key *key, char **_buffer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4339) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4340) struct smack_known *skp = key->security;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4341) size_t length;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4342) char *copy;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4343)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4344) if (key->security == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4345) *_buffer = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4346) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4347) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4348)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4349) copy = kstrdup(skp->smk_known, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4350) if (copy == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4351) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4352) length = strlen(copy) + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4353)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4354) *_buffer = copy;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4355) return length;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4356) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4357)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4358)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4359) #ifdef CONFIG_KEY_NOTIFICATIONS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4360) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4361) * smack_watch_key - Smack access to watch a key for notifications.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4362) * @key: The key to be watched
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4363) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4364) * Return 0 if the @watch->cred has permission to read from the key object and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4365) * an error otherwise.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4366) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4367) static int smack_watch_key(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4368) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4369) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4370) struct smack_known *tkp = smk_of_current();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4371) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4372)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4373) if (key == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4374) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4375) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4376) * If the key hasn't been initialized give it access so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4377) * it may do so.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4378) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4379) if (key->security == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4380) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4381) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4382) * This should not occur
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4383) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4384) if (tkp == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4385) return -EACCES;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4386)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4387) if (smack_privileged_cred(CAP_MAC_OVERRIDE, current_cred()))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4388) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4389)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4390) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4391) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4392) ad.a.u.key_struct.key = key->serial;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4393) ad.a.u.key_struct.key_desc = key->description;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4394) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4395) rc = smk_access(tkp, key->security, MAY_READ, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4396) rc = smk_bu_note("key watch", tkp, key->security, MAY_READ, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4397) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4398) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4399) #endif /* CONFIG_KEY_NOTIFICATIONS */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4400) #endif /* CONFIG_KEYS */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4401)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4402) #ifdef CONFIG_WATCH_QUEUE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4403) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4404) * smack_post_notification - Smack access to post a notification to a queue
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4405) * @w_cred: The credentials of the watcher.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4406) * @cred: The credentials of the event source (may be NULL).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4407) * @n: The notification message to be posted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4408) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4409) static int smack_post_notification(const struct cred *w_cred,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4410) const struct cred *cred,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4411) struct watch_notification *n)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4412) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4413) struct smk_audit_info ad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4414) struct smack_known *subj, *obj;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4415) int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4416)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4417) /* Always let maintenance notifications through. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4418) if (n->type == WATCH_TYPE_META)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4419) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4420)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4421) if (!cred)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4422) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4423) subj = smk_of_task(smack_cred(cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4424) obj = smk_of_task(smack_cred(w_cred));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4425)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4426) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NOTIFICATION);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4427) rc = smk_access(subj, obj, MAY_WRITE, &ad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4428) rc = smk_bu_note("notification", subj, obj, MAY_WRITE, rc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4429) return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4430) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4431) #endif /* CONFIG_WATCH_QUEUE */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4432)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4433) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4434) * Smack Audit hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4435) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4436) * Audit requires a unique representation of each Smack specific
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4437) * rule. This unique representation is used to distinguish the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4438) * object to be audited from remaining kernel objects and also
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4439) * works as a glue between the audit hooks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4440) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4441) * Since repository entries are added but never deleted, we'll use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4442) * the smack_known label address related to the given audit rule as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4443) * the needed unique representation. This also better fits the smack
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4444) * model where nearly everything is a label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4445) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4446) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4447)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4448) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4449) * smack_audit_rule_init - Initialize a smack audit rule
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4450) * @field: audit rule fields given from user-space (audit.h)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4451) * @op: required testing operator (=, !=, >, <, ...)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4452) * @rulestr: smack label to be audited
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4453) * @vrule: pointer to save our own audit rule representation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4454) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4455) * Prepare to audit cases where (@field @op @rulestr) is true.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4456) * The label to be audited is created if necessay.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4457) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4458) static int smack_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4459) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4460) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4461) char **rule = (char **)vrule;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4462) *rule = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4463)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4464) if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4465) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4466)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4467) if (op != Audit_equal && op != Audit_not_equal)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4468) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4469)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4470) skp = smk_import_entry(rulestr, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4471) if (IS_ERR(skp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4472) return PTR_ERR(skp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4473)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4474) *rule = skp->smk_known;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4475)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4476) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4477) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4478)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4479) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4480) * smack_audit_rule_known - Distinguish Smack audit rules
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4481) * @krule: rule of interest, in Audit kernel representation format
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4482) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4483) * This is used to filter Smack rules from remaining Audit ones.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4484) * If it's proved that this rule belongs to us, the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4485) * audit_rule_match hook will be called to do the final judgement.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4486) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4487) static int smack_audit_rule_known(struct audit_krule *krule)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4488) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4489) struct audit_field *f;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4490) int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4491)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4492) for (i = 0; i < krule->field_count; i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4493) f = &krule->fields[i];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4494)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4495) if (f->type == AUDIT_SUBJ_USER || f->type == AUDIT_OBJ_USER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4496) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4497) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4498)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4499) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4500) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4501)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4502) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4503) * smack_audit_rule_match - Audit given object ?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4504) * @secid: security id for identifying the object to test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4505) * @field: audit rule flags given from user-space
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4506) * @op: required testing operator
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4507) * @vrule: smack internal rule presentation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4508) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4509) * The core Audit hook. It's used to take the decision of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4510) * whether to audit or not to audit a given object.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4511) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4512) static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4513) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4514) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4515) char *rule = vrule;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4516)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4517) if (unlikely(!rule)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4518) WARN_ONCE(1, "Smack: missing rule\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4519) return -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4520) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4521)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4522) if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4523) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4524)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4525) skp = smack_from_secid(secid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4526)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4527) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4528) * No need to do string comparisons. If a match occurs,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4529) * both pointers will point to the same smack_known
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4530) * label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4531) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4532) if (op == Audit_equal)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4533) return (rule == skp->smk_known);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4534) if (op == Audit_not_equal)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4535) return (rule != skp->smk_known);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4536)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4537) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4538) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4540) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4541) * There is no need for a smack_audit_rule_free hook.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4542) * No memory was allocated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4543) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4544)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4545) #endif /* CONFIG_AUDIT */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4546)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4547) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4548) * smack_ismaclabel - check if xattr @name references a smack MAC label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4549) * @name: Full xattr name to check.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4550) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4551) static int smack_ismaclabel(const char *name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4552) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4553) return (strcmp(name, XATTR_SMACK_SUFFIX) == 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4554) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4555)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4556)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4557) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4558) * smack_secid_to_secctx - return the smack label for a secid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4559) * @secid: incoming integer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4560) * @secdata: destination
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4561) * @seclen: how long it is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4562) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4563) * Exists for networking code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4564) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4565) static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4566) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4567) struct smack_known *skp = smack_from_secid(secid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4568)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4569) if (secdata)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4570) *secdata = skp->smk_known;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4571) *seclen = strlen(skp->smk_known);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4572) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4573) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4574)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4575) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4576) * smack_secctx_to_secid - return the secid for a smack label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4577) * @secdata: smack label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4578) * @seclen: how long result is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4579) * @secid: outgoing integer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4580) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4581) * Exists for audit and networking code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4582) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4583) static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4584) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4585) struct smack_known *skp = smk_find_entry(secdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4586)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4587) if (skp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4588) *secid = skp->smk_secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4589) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4590) *secid = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4591) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4592) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4593)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4594) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4595) * There used to be a smack_release_secctx hook
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4596) * that did nothing back when hooks were in a vector.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4597) * Now that there's a list such a hook adds cost.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4598) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4599)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4600) static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4601) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4602) return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, ctx, ctxlen, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4603) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4604)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4605) static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4606) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4607) return __vfs_setxattr_noperm(dentry, XATTR_NAME_SMACK, ctx, ctxlen, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4608) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4609)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4610) static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4611) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4612) struct smack_known *skp = smk_of_inode(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4613)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4614) *ctx = skp->smk_known;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4615) *ctxlen = strlen(skp->smk_known);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4616) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4617) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4618)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4619) static int smack_inode_copy_up(struct dentry *dentry, struct cred **new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4620) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4621)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4622) struct task_smack *tsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4623) struct smack_known *skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4624) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4625) struct cred *new_creds = *new;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4626)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4627) if (new_creds == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4628) new_creds = prepare_creds();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4629) if (new_creds == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4630) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4631) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4632)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4633) tsp = smack_cred(new_creds);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4634)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4635) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4636) * Get label from overlay inode and set it in create_sid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4637) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4638) isp = smack_inode(d_inode(dentry->d_parent));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4639) skp = isp->smk_inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4640) tsp->smk_task = skp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4641) *new = new_creds;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4642) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4643) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4644)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4645) static int smack_inode_copy_up_xattr(const char *name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4646) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4647) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4648) * Return 1 if this is the smack access Smack attribute.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4649) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4650) if (strcmp(name, XATTR_NAME_SMACK) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4651) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4652)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4653) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4654) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4655)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4656) static int smack_dentry_create_files_as(struct dentry *dentry, int mode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4657) struct qstr *name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4658) const struct cred *old,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4659) struct cred *new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4660) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4661) struct task_smack *otsp = smack_cred(old);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4662) struct task_smack *ntsp = smack_cred(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4663) struct inode_smack *isp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4664) int may;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4665)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4666) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4667) * Use the process credential unless all of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4668) * the transmuting criteria are met
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4669) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4670) ntsp->smk_task = otsp->smk_task;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4672) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4673) * the attribute of the containing directory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4674) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4675) isp = smack_inode(d_inode(dentry->d_parent));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4676)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4677) if (isp->smk_flags & SMK_INODE_TRANSMUTE) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4678) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4679) may = smk_access_entry(otsp->smk_task->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4680) isp->smk_inode->smk_known,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4681) &otsp->smk_task->smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4682) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4683)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4684) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4685) * If the directory is transmuting and the rule
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4686) * providing access is transmuting use the containing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4687) * directory label instead of the process label.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4688) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4689) if (may > 0 && (may & MAY_TRANSMUTE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4690) ntsp->smk_task = isp->smk_inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4691) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4692) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4693) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4694)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4695) struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4696) .lbs_cred = sizeof(struct task_smack),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4697) .lbs_file = sizeof(struct smack_known *),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4698) .lbs_inode = sizeof(struct inode_smack),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4699) .lbs_ipc = sizeof(struct smack_known *),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4700) .lbs_msg_msg = sizeof(struct smack_known *),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4701) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4702)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4703) static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4704) LSM_HOOK_INIT(ptrace_access_check, smack_ptrace_access_check),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4705) LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4706) LSM_HOOK_INIT(syslog, smack_syslog),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4707)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4708) LSM_HOOK_INIT(fs_context_dup, smack_fs_context_dup),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4709) LSM_HOOK_INIT(fs_context_parse_param, smack_fs_context_parse_param),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4710)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4711) LSM_HOOK_INIT(sb_alloc_security, smack_sb_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4712) LSM_HOOK_INIT(sb_free_security, smack_sb_free_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4713) LSM_HOOK_INIT(sb_free_mnt_opts, smack_free_mnt_opts),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4714) LSM_HOOK_INIT(sb_eat_lsm_opts, smack_sb_eat_lsm_opts),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4715) LSM_HOOK_INIT(sb_statfs, smack_sb_statfs),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4716) LSM_HOOK_INIT(sb_set_mnt_opts, smack_set_mnt_opts),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4717)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4718) LSM_HOOK_INIT(bprm_creds_for_exec, smack_bprm_creds_for_exec),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4720) LSM_HOOK_INIT(inode_alloc_security, smack_inode_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4721) LSM_HOOK_INIT(inode_init_security, smack_inode_init_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4722) LSM_HOOK_INIT(inode_link, smack_inode_link),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4723) LSM_HOOK_INIT(inode_unlink, smack_inode_unlink),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4724) LSM_HOOK_INIT(inode_rmdir, smack_inode_rmdir),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4725) LSM_HOOK_INIT(inode_rename, smack_inode_rename),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4726) LSM_HOOK_INIT(inode_permission, smack_inode_permission),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4727) LSM_HOOK_INIT(inode_setattr, smack_inode_setattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4728) LSM_HOOK_INIT(inode_getattr, smack_inode_getattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4729) LSM_HOOK_INIT(inode_setxattr, smack_inode_setxattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4730) LSM_HOOK_INIT(inode_post_setxattr, smack_inode_post_setxattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4731) LSM_HOOK_INIT(inode_getxattr, smack_inode_getxattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4732) LSM_HOOK_INIT(inode_removexattr, smack_inode_removexattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4733) LSM_HOOK_INIT(inode_getsecurity, smack_inode_getsecurity),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4734) LSM_HOOK_INIT(inode_setsecurity, smack_inode_setsecurity),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4735) LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4736) LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4737)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4738) LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4739) LSM_HOOK_INIT(file_ioctl, smack_file_ioctl),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4740) LSM_HOOK_INIT(file_lock, smack_file_lock),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4741) LSM_HOOK_INIT(file_fcntl, smack_file_fcntl),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4742) LSM_HOOK_INIT(mmap_file, smack_mmap_file),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4743) LSM_HOOK_INIT(mmap_addr, cap_mmap_addr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4744) LSM_HOOK_INIT(file_set_fowner, smack_file_set_fowner),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4745) LSM_HOOK_INIT(file_send_sigiotask, smack_file_send_sigiotask),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4746) LSM_HOOK_INIT(file_receive, smack_file_receive),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4747)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4748) LSM_HOOK_INIT(file_open, smack_file_open),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4749)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4750) LSM_HOOK_INIT(cred_alloc_blank, smack_cred_alloc_blank),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4751) LSM_HOOK_INIT(cred_free, smack_cred_free),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4752) LSM_HOOK_INIT(cred_prepare, smack_cred_prepare),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4753) LSM_HOOK_INIT(cred_transfer, smack_cred_transfer),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4754) LSM_HOOK_INIT(cred_getsecid, smack_cred_getsecid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4755) LSM_HOOK_INIT(kernel_act_as, smack_kernel_act_as),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4756) LSM_HOOK_INIT(kernel_create_files_as, smack_kernel_create_files_as),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4757) LSM_HOOK_INIT(task_setpgid, smack_task_setpgid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4758) LSM_HOOK_INIT(task_getpgid, smack_task_getpgid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4759) LSM_HOOK_INIT(task_getsid, smack_task_getsid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4760) LSM_HOOK_INIT(task_getsecid, smack_task_getsecid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4761) LSM_HOOK_INIT(task_setnice, smack_task_setnice),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4762) LSM_HOOK_INIT(task_setioprio, smack_task_setioprio),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4763) LSM_HOOK_INIT(task_getioprio, smack_task_getioprio),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4764) LSM_HOOK_INIT(task_setscheduler, smack_task_setscheduler),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4765) LSM_HOOK_INIT(task_getscheduler, smack_task_getscheduler),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4766) LSM_HOOK_INIT(task_movememory, smack_task_movememory),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4767) LSM_HOOK_INIT(task_kill, smack_task_kill),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4768) LSM_HOOK_INIT(task_to_inode, smack_task_to_inode),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4769)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4770) LSM_HOOK_INIT(ipc_permission, smack_ipc_permission),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4771) LSM_HOOK_INIT(ipc_getsecid, smack_ipc_getsecid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4772)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4773) LSM_HOOK_INIT(msg_msg_alloc_security, smack_msg_msg_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4774)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4775) LSM_HOOK_INIT(msg_queue_alloc_security, smack_ipc_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4776) LSM_HOOK_INIT(msg_queue_associate, smack_msg_queue_associate),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4777) LSM_HOOK_INIT(msg_queue_msgctl, smack_msg_queue_msgctl),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4778) LSM_HOOK_INIT(msg_queue_msgsnd, smack_msg_queue_msgsnd),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4779) LSM_HOOK_INIT(msg_queue_msgrcv, smack_msg_queue_msgrcv),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4780)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4781) LSM_HOOK_INIT(shm_alloc_security, smack_ipc_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4782) LSM_HOOK_INIT(shm_associate, smack_shm_associate),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4783) LSM_HOOK_INIT(shm_shmctl, smack_shm_shmctl),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4784) LSM_HOOK_INIT(shm_shmat, smack_shm_shmat),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4785)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4786) LSM_HOOK_INIT(sem_alloc_security, smack_ipc_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4787) LSM_HOOK_INIT(sem_associate, smack_sem_associate),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4788) LSM_HOOK_INIT(sem_semctl, smack_sem_semctl),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4789) LSM_HOOK_INIT(sem_semop, smack_sem_semop),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4790)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4791) LSM_HOOK_INIT(d_instantiate, smack_d_instantiate),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4792)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4793) LSM_HOOK_INIT(getprocattr, smack_getprocattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4794) LSM_HOOK_INIT(setprocattr, smack_setprocattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4795)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4796) LSM_HOOK_INIT(unix_stream_connect, smack_unix_stream_connect),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4797) LSM_HOOK_INIT(unix_may_send, smack_unix_may_send),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4798)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4799) LSM_HOOK_INIT(socket_post_create, smack_socket_post_create),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4800) LSM_HOOK_INIT(socket_socketpair, smack_socket_socketpair),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4801) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4802) LSM_HOOK_INIT(socket_bind, smack_socket_bind),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4803) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4804) LSM_HOOK_INIT(socket_connect, smack_socket_connect),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4805) LSM_HOOK_INIT(socket_sendmsg, smack_socket_sendmsg),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4806) LSM_HOOK_INIT(socket_sock_rcv_skb, smack_socket_sock_rcv_skb),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4807) LSM_HOOK_INIT(socket_getpeersec_stream, smack_socket_getpeersec_stream),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4808) LSM_HOOK_INIT(socket_getpeersec_dgram, smack_socket_getpeersec_dgram),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4809) LSM_HOOK_INIT(sk_alloc_security, smack_sk_alloc_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4810) LSM_HOOK_INIT(sk_free_security, smack_sk_free_security),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4811) LSM_HOOK_INIT(sock_graft, smack_sock_graft),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4812) LSM_HOOK_INIT(inet_conn_request, smack_inet_conn_request),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4813) LSM_HOOK_INIT(inet_csk_clone, smack_inet_csk_clone),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4814)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4815) /* key management security hooks */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4816) #ifdef CONFIG_KEYS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4817) LSM_HOOK_INIT(key_alloc, smack_key_alloc),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4818) LSM_HOOK_INIT(key_free, smack_key_free),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4819) LSM_HOOK_INIT(key_permission, smack_key_permission),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4820) LSM_HOOK_INIT(key_getsecurity, smack_key_getsecurity),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4821) #ifdef CONFIG_KEY_NOTIFICATIONS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4822) LSM_HOOK_INIT(watch_key, smack_watch_key),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4823) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4824) #endif /* CONFIG_KEYS */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4825)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4826) #ifdef CONFIG_WATCH_QUEUE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4827) LSM_HOOK_INIT(post_notification, smack_post_notification),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4828) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4829)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4830) /* Audit hooks */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4831) #ifdef CONFIG_AUDIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4832) LSM_HOOK_INIT(audit_rule_init, smack_audit_rule_init),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4833) LSM_HOOK_INIT(audit_rule_known, smack_audit_rule_known),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4834) LSM_HOOK_INIT(audit_rule_match, smack_audit_rule_match),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4835) #endif /* CONFIG_AUDIT */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4836)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4837) LSM_HOOK_INIT(ismaclabel, smack_ismaclabel),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4838) LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4839) LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4840) LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4841) LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4842) LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4843) LSM_HOOK_INIT(inode_copy_up, smack_inode_copy_up),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4844) LSM_HOOK_INIT(inode_copy_up_xattr, smack_inode_copy_up_xattr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4845) LSM_HOOK_INIT(dentry_create_files_as, smack_dentry_create_files_as),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4846) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4847)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4848)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4849) static __init void init_smack_known_list(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4850) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4851) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4852) * Initialize rule list locks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4853) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4854) mutex_init(&smack_known_huh.smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4855) mutex_init(&smack_known_hat.smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4856) mutex_init(&smack_known_floor.smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4857) mutex_init(&smack_known_star.smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4858) mutex_init(&smack_known_web.smk_rules_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4859) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4860) * Initialize rule lists
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4861) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4862) INIT_LIST_HEAD(&smack_known_huh.smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4863) INIT_LIST_HEAD(&smack_known_hat.smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4864) INIT_LIST_HEAD(&smack_known_star.smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4865) INIT_LIST_HEAD(&smack_known_floor.smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4866) INIT_LIST_HEAD(&smack_known_web.smk_rules);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4867) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4868) * Create the known labels list
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4869) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4870) smk_insert_entry(&smack_known_huh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4871) smk_insert_entry(&smack_known_hat);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4872) smk_insert_entry(&smack_known_star);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4873) smk_insert_entry(&smack_known_floor);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4874) smk_insert_entry(&smack_known_web);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4875) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4876)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4877) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4878) * smack_init - initialize the smack system
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4879) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4880) * Returns 0 on success, -ENOMEM is there's no memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4881) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4882) static __init int smack_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4883) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4884) struct cred *cred = (struct cred *) current->cred;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4885) struct task_smack *tsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4886)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4887) smack_rule_cache = KMEM_CACHE(smack_rule, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4888) if (!smack_rule_cache)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4889) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4890)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4891) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4892) * Set the security state for the initial task.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4893) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4894) tsp = smack_cred(cred);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4895) init_task_smack(tsp, &smack_known_floor, &smack_known_floor);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4896)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4897) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4898) * Register with LSM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4899) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4900) security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4901) smack_enabled = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4902)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4903) pr_info("Smack: Initializing.\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4904) #ifdef CONFIG_SECURITY_SMACK_NETFILTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4905) pr_info("Smack: Netfilter enabled.\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4906) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4907) #ifdef SMACK_IPV6_PORT_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4908) pr_info("Smack: IPv6 port labeling enabled.\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4909) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4910) #ifdef SMACK_IPV6_SECMARK_LABELING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4911) pr_info("Smack: IPv6 Netfilter enabled.\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4912) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4913)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4914) /* initialize the smack_known_list */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4915) init_smack_known_list();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4916)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4917) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4918) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4919)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4920) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4921) * Smack requires early initialization in order to label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4922) * all processes and objects when they are created.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4923) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4924) DEFINE_LSM(smack) = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4925) .name = "smack",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4926) .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4927) .blobs = &smack_blob_sizes,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4928) .init = smack_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4929) };
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags