1
// SPDX-License-Identifier: GPL-2.0-only
2
/*
3
 * Copyright (C) 2007 Casey Schaufler <[email protected]>
4
 *
5
 * Authors:
6
 * 	Casey Schaufler <[email protected]>
7
 * 	Ahmed S. Darwish <[email protected]>
8
 *
9
 * Special thanks to the authors of selinuxfs.
10
 *
11
 *	Karl MacMillan <[email protected]>
12
 *	James Morris <[email protected]>
13
 */
14

15
#include <linux/kernel.h>
16
#include <linux/vmalloc.h>
17
#include <linux/security.h>
18
#include <linux/mutex.h>
19
#include <linux/slab.h>
20
#include <net/net_namespace.h>
21
#include <net/cipso_ipv4.h>
22
#include <linux/seq_file.h>
23
#include <linux/ctype.h>
24
#include <linux/audit.h>
25
#include <linux/magic.h>
26
#include <linux/mount.h>
27
#include <linux/fs_context.h>
28
#include "smack.h"
29

30
#define BEBITS	(sizeof(__be32) * 8)
31
/*
32
 * smackfs pseudo filesystem.
33
 */
34

35
enum smk_inos {
36
	SMK_ROOT_INO	= 2,
37
	SMK_LOAD	= 3,	/* load policy */
38
	SMK_CIPSO	= 4,	/* load label -> CIPSO mapping */
39
	SMK_DOI		= 5,	/* CIPSO DOI */
40
	SMK_DIRECT	= 6,	/* CIPSO level indicating direct label */
41
	SMK_AMBIENT	= 7,	/* internet ambient label */
42
	SMK_NET4ADDR	= 8,	/* single label hosts */
43
	SMK_ONLYCAP	= 9,	/* the only "capable" label */
44
#ifdef CONFIG_AUDIT
45
	SMK_LOGGING	= 10,	/* logging */
46
#endif /* CONFIG_AUDIT */
47
	SMK_LOAD_SELF	= 11,	/* task specific rules */
48
	SMK_ACCESSES	= 12,	/* access policy */
49
	SMK_MAPPED	= 13,	/* CIPSO level indicating mapped label */
50
	SMK_LOAD2	= 14,	/* load policy with long labels */
51
	SMK_LOAD_SELF2	= 15,	/* load task specific rules with long labels */
52
	SMK_ACCESS2	= 16,	/* make an access check with long labels */
53
	SMK_CIPSO2	= 17,	/* load long label -> CIPSO mapping */
54
	SMK_REVOKE_SUBJ	= 18,	/* set rules with subject label to '-' */
55
	SMK_CHANGE_RULE	= 19,	/* change or add rules (long labels) */
56
	SMK_SYSLOG	= 20,	/* change syslog label) */
57
	SMK_PTRACE	= 21,	/* set ptrace rule */
58
#ifdef CONFIG_SECURITY_SMACK_BRINGUP
59
	SMK_UNCONFINED	= 22,	/* define an unconfined label */
60
#endif
61
#if IS_ENABLED(CONFIG_IPV6)
62
	SMK_NET6ADDR	= 23,	/* single label IPv6 hosts */
63
#endif /* CONFIG_IPV6 */
64
	SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */
65
};
66

67
/*
68
 * List locks
69
 */
70
static DEFINE_MUTEX(smack_cipso_lock);
71
static DEFINE_MUTEX(smack_ambient_lock);
72
static DEFINE_MUTEX(smk_net4addr_lock);
73
#if IS_ENABLED(CONFIG_IPV6)
74
static DEFINE_MUTEX(smk_net6addr_lock);
75
#endif /* CONFIG_IPV6 */
76

77
/*
78
 * This is the "ambient" label for network traffic.
79
 * If it isn't somehow marked, use this.
80
 * It can be reset via smackfs/ambient
81
 */
82
struct smack_known *smack_net_ambient;
83

84
/*
85
 * This is the level in a CIPSO header that indicates a
86
 * smack label is contained directly in the category set.
87
 * It can be reset via smackfs/direct
88
 */
89
int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
90

91
/*
92
 * This is the level in a CIPSO header that indicates a
93
 * secid is contained directly in the category set.
94
 * It can be reset via smackfs/mapped
95
 */
96
int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
97

98
#ifdef CONFIG_SECURITY_SMACK_BRINGUP
99
/*
100
 * Allow one label to be unconfined. This is for
101
 * debugging and application bring-up purposes only.
102
 * It is bad and wrong, but everyone seems to expect
103
 * to have it.
104
 */
105
struct smack_known *smack_unconfined;
106
#endif
107

108
/*
109
 * If this value is set restrict syslog use to the label specified.
110
 * It can be reset via smackfs/syslog
111
 */
112
struct smack_known *smack_syslog_label;
113

114
/*
115
 * Ptrace current rule
116
 * SMACK_PTRACE_DEFAULT    regular smack ptrace rules (/proc based)
117
 * SMACK_PTRACE_EXACT      labels must match, but can be overriden with
118
 *			   CAP_SYS_PTRACE
119
 * SMACK_PTRACE_DRACONIAN  labels must match, CAP_SYS_PTRACE has no effect
120
 */
121
int smack_ptrace_rule = SMACK_PTRACE_DEFAULT;
122

123
/*
124
 * Certain IP addresses may be designated as single label hosts.
125
 * Packets are sent there unlabeled, but only from tasks that
126
 * can write to the specified label.
127
 */
128

129
LIST_HEAD(smk_net4addr_list);
130
#if IS_ENABLED(CONFIG_IPV6)
131
LIST_HEAD(smk_net6addr_list);
132
#endif /* CONFIG_IPV6 */
133

134
/*
135
 * Rule lists are maintained for each label.
136
 */
137
struct smack_parsed_rule {
138
	struct smack_known	*smk_subject;
139
	struct smack_known	*smk_object;
140
	int			smk_access1;
141
	int			smk_access2;
142
};
143

144
static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
145

146
/*
147
 * Values for parsing cipso rules
148
 * SMK_DIGITLEN: Length of a digit field in a rule.
149
 * SMK_CIPSOMIN: Minimum possible cipso rule length.
150
 * SMK_CIPSOMAX: Maximum possible cipso rule length.
151
 */
152
#define SMK_DIGITLEN 4
153
#define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
154
#define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
155

156
/*
157
 * Values for parsing MAC rules
158
 * SMK_ACCESS: Maximum possible combination of access permissions
159
 * SMK_ACCESSLEN: Maximum length for a rule access field
160
 * SMK_LOADLEN: Smack rule length
161
 */
162
#define SMK_OACCESS	"rwxa"
163
#define SMK_ACCESS	"rwxatl"
164
#define SMK_OACCESSLEN	(sizeof(SMK_OACCESS) - 1)
165
#define SMK_ACCESSLEN	(sizeof(SMK_ACCESS) - 1)
166
#define SMK_OLOADLEN	(SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
167
#define SMK_LOADLEN	(SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
168

169
/*
170
 * Strictly for CIPSO level manipulation.
171
 * Set the category bit number in a smack label sized buffer.
172
 */
173
static inline void smack_catset_bit(unsigned int cat, char *catsetp)
174
{
175
	if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
176
		return;
177

178
	catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
179
}
180

181
/**
182
 * smk_netlabel_audit_set - fill a netlbl_audit struct
183
 * @nap: structure to fill
184
 */
185
static void smk_netlabel_audit_set(struct netlbl_audit *nap)
186
{
187
	nap->loginuid = audit_get_loginuid(current);
188
	nap->sessionid = audit_get_sessionid(current);
189
	nap->prop.smack.skp = smk_of_current();
190
}
191

192
/*
193
 * Value for parsing single label host rules
194
 * "1.2.3.4 X"
195
 */
196
#define SMK_NETLBLADDRMIN	9
197

198
/**
199
 * smk_set_access - add a rule to the rule list or replace an old rule
200
 * @srp: the rule to add or replace
201
 * @rule_list: the list of rules
202
 * @rule_lock: the rule list lock
203
 *
204
 * Looks through the current subject/object/access list for
205
 * the subject/object pair and replaces the access that was
206
 * there. If the pair isn't found add it with the specified
207
 * access.
208
 *
209
 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
210
 * during the allocation of the new pair to add.
211
 */
212
static int smk_set_access(struct smack_parsed_rule *srp,
213
				struct list_head *rule_list,
214
				struct mutex *rule_lock)
215
{
216
	struct smack_rule *sp;
217
	int found = 0;
218
	int rc = 0;
219

220
	mutex_lock(rule_lock);
221

222
	/*
223
	 * Because the object label is less likely to match
224
	 * than the subject label check it first
225
	 */
226
	list_for_each_entry_rcu(sp, rule_list, list) {
227
		if (sp->smk_object == srp->smk_object &&
228
		    sp->smk_subject == srp->smk_subject) {
229
			found = 1;
230
			sp->smk_access |= srp->smk_access1;
231
			sp->smk_access &= ~srp->smk_access2;
232
			break;
233
		}
234
	}
235

236
	if (found == 0) {
237
		sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL);
238
		if (sp == NULL) {
239
			rc = -ENOMEM;
240
			goto out;
241
		}
242

243
		sp->smk_subject = srp->smk_subject;
244
		sp->smk_object = srp->smk_object;
245
		sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
246

247
		list_add_rcu(&sp->list, rule_list);
248
	}
249

250
out:
251
	mutex_unlock(rule_lock);
252
	return rc;
253
}
254

255
/**
256
 * smk_perm_from_str - parse smack accesses from a text string
257
 * @string: a text string that contains a Smack accesses code
258
 *
259
 * Returns an integer with respective bits set for specified accesses.
260
 */
261
static int smk_perm_from_str(const char *string)
262
{
263
	int perm = 0;
264
	const char *cp;
265

266
	for (cp = string; ; cp++)
267
		switch (*cp) {
268
		case '-':
269
			break;
270
		case 'r':
271
		case 'R':
272
			perm |= MAY_READ;
273
			break;
274
		case 'w':
275
		case 'W':
276
			perm |= MAY_WRITE;
277
			break;
278
		case 'x':
279
		case 'X':
280
			perm |= MAY_EXEC;
281
			break;
282
		case 'a':
283
		case 'A':
284
			perm |= MAY_APPEND;
285
			break;
286
		case 't':
287
		case 'T':
288
			perm |= MAY_TRANSMUTE;
289
			break;
290
		case 'l':
291
		case 'L':
292
			perm |= MAY_LOCK;
293
			break;
294
		case 'b':
295
		case 'B':
296
			perm |= MAY_BRINGUP;
297
			break;
298
		default:
299
			return perm;
300
		}
301
}
302

303
/**
304
 * smk_fill_rule - Fill Smack rule from strings
305
 * @subject: subject label string
306
 * @object: object label string
307
 * @access1: access string
308
 * @access2: string with permissions to be removed
309
 * @rule: Smack rule
310
 * @import: if non-zero, import labels
311
 * @len: label length limit
312
 *
313
 * Returns 0 on success, appropriate error code on failure.
314
 */
315
static int smk_fill_rule(const char *subject, const char *object,
316
				const char *access1, const char *access2,
317
				struct smack_parsed_rule *rule, int import,
318
				int len)
319
{
320
	const char *cp;
321
	struct smack_known *skp;
322

323
	if (import) {
324
		rule->smk_subject = smk_import_entry(subject, len);
325
		if (IS_ERR(rule->smk_subject))
326
			return PTR_ERR(rule->smk_subject);
327

328
		rule->smk_object = smk_import_entry(object, len);
329
		if (IS_ERR(rule->smk_object))
330
			return PTR_ERR(rule->smk_object);
331
	} else {
332
		cp = smk_parse_smack(subject, len);
333
		if (IS_ERR(cp))
334
			return PTR_ERR(cp);
335
		skp = smk_find_entry(cp);
336
		kfree(cp);
337
		if (skp == NULL)
338
			return -ENOENT;
339
		rule->smk_subject = skp;
340

341
		cp = smk_parse_smack(object, len);
342
		if (IS_ERR(cp))
343
			return PTR_ERR(cp);
344
		skp = smk_find_entry(cp);
345
		kfree(cp);
346
		if (skp == NULL)
347
			return -ENOENT;
348
		rule->smk_object = skp;
349
	}
350

351
	rule->smk_access1 = smk_perm_from_str(access1);
352
	if (access2)
353
		rule->smk_access2 = smk_perm_from_str(access2);
354
	else
355
		rule->smk_access2 = ~rule->smk_access1;
356

357
	return 0;
358
}
359

360
/**
361
 * smk_parse_rule - parse Smack rule from load string
362
 * @data: string to be parsed whose size is SMK_LOADLEN
363
 * @rule: Smack rule
364
 * @import: if non-zero, import labels
365
 *
366
 * Returns 0 on success, -1 on errors.
367
 */
368
static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
369
				int import)
370
{
371
	int rc;
372

373
	rc = smk_fill_rule(data, data + SMK_LABELLEN,
374
			   data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
375
			   import, SMK_LABELLEN);
376
	return rc;
377
}
378

379
/**
380
 * smk_parse_long_rule - parse Smack rule from rule string
381
 * @data: string to be parsed, null terminated
382
 * @rule: Will be filled with Smack parsed rule
383
 * @import: if non-zero, import labels
384
 * @tokens: number of substrings expected in data
385
 *
386
 * Returns number of processed bytes on success, -ERRNO on failure.
387
 */
388
static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule,
389
				int import, int tokens)
390
{
391
	ssize_t cnt = 0;
392
	char *tok[4];
393
	int rc;
394
	int i;
395

396
	/*
397
	 * Parsing the rule in-place, filling all white-spaces with '\0'
398
	 */
399
	for (i = 0; i < tokens; ++i) {
400
		while (isspace(data[cnt]))
401
			data[cnt++] = '\0';
402

403
		if (data[cnt] == '\0')
404
			/* Unexpected end of data */
405
			return -EINVAL;
406

407
		tok[i] = data + cnt;
408

409
		while (data[cnt] && !isspace(data[cnt]))
410
			++cnt;
411
	}
412
	while (isspace(data[cnt]))
413
		data[cnt++] = '\0';
414

415
	while (i < 4)
416
		tok[i++] = NULL;
417

418
	rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0);
419
	return rc == 0 ? cnt : rc;
420
}
421

422
#define SMK_FIXED24_FMT	0	/* Fixed 24byte label format */
423
#define SMK_LONG_FMT	1	/* Variable long label format */
424
#define SMK_CHANGE_FMT	2	/* Rule modification format */
425
/**
426
 * smk_write_rules_list - write() for any /smack rule file
427
 * @file: file pointer, not actually used
428
 * @buf: where to get the data from
429
 * @count: bytes sent
430
 * @ppos: where to start - must be 0
431
 * @rule_list: the list of rules to write to
432
 * @rule_lock: lock for the rule list
433
 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
434
 *
435
 * Get one smack access rule from above.
436
 * The format for SMK_LONG_FMT is:
437
 *	"subject<whitespace>object<whitespace>access[<whitespace>...]"
438
 * The format for SMK_FIXED24_FMT is exactly:
439
 *	"subject                 object                  rwxat"
440
 * The format for SMK_CHANGE_FMT is:
441
 *	"subject<whitespace>object<whitespace>
442
 *	 acc_enable<whitespace>acc_disable[<whitespace>...]"
443
 */
444
static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
445
					size_t count, loff_t *ppos,
446
					struct list_head *rule_list,
447
					struct mutex *rule_lock, int format)
448
{
449
	struct smack_parsed_rule rule;
450
	char *data;
451
	int rc;
452
	int trunc = 0;
453
	int tokens;
454
	ssize_t cnt = 0;
455

456
	/*
457
	 * No partial writes.
458
	 * Enough data must be present.
459
	 */
460
	if (*ppos != 0)
461
		return -EINVAL;
462

463
	if (format == SMK_FIXED24_FMT) {
464
		/*
465
		 * Minor hack for backward compatibility
466
		 */
467
		if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
468
			return -EINVAL;
469
	} else {
470
		if (count >= PAGE_SIZE) {
471
			count = PAGE_SIZE - 1;
472
			trunc = 1;
473
		}
474
	}
475

476
	data = memdup_user_nul(buf, count);
477
	if (IS_ERR(data))
478
		return PTR_ERR(data);
479

480
	/*
481
	 * In case of parsing only part of user buf,
482
	 * avoid having partial rule at the data buffer
483
	 */
484
	if (trunc) {
485
		while (count > 0 && (data[count - 1] != '\n'))
486
			--count;
487
		if (count == 0) {
488
			rc = -EINVAL;
489
			goto out;
490
		}
491
	}
492

493
	data[count] = '\0';
494
	tokens = (format == SMK_CHANGE_FMT ? 4 : 3);
495
	while (cnt < count) {
496
		if (format == SMK_FIXED24_FMT) {
497
			rc = smk_parse_rule(data, &rule, 1);
498
			if (rc < 0)
499
				goto out;
500
			cnt = count;
501
		} else {
502
			rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens);
503
			if (rc < 0)
504
				goto out;
505
			if (rc == 0) {
506
				rc = -EINVAL;
507
				goto out;
508
			}
509
			cnt += rc;
510
		}
511

512
		if (rule_list == NULL)
513
			rc = smk_set_access(&rule, &rule.smk_subject->smk_rules,
514
				&rule.smk_subject->smk_rules_lock);
515
		else
516
			rc = smk_set_access(&rule, rule_list, rule_lock);
517

518
		if (rc)
519
			goto out;
520
	}
521

522
	rc = cnt;
523
out:
524
	kfree(data);
525
	return rc;
526
}
527

528
/*
529
 * Core logic for smackfs seq list operations.
530
 */
531

532
static void *smk_seq_start(struct seq_file *s, loff_t *pos,
533
				struct list_head *head)
534
{
535
	struct list_head *list;
536
	int i = *pos;
537

538
	rcu_read_lock();
539
	for (list = rcu_dereference(list_next_rcu(head));
540
		list != head;
541
		list = rcu_dereference(list_next_rcu(list))) {
542
		if (i-- == 0)
543
			return list;
544
	}
545

546
	return NULL;
547
}
548

549
static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
550
				struct list_head *head)
551
{
552
	struct list_head *list = v;
553

554
	++*pos;
555
	list = rcu_dereference(list_next_rcu(list));
556

557
	return (list == head) ? NULL : list;
558
}
559

560
static void smk_seq_stop(struct seq_file *s, void *v)
561
{
562
	rcu_read_unlock();
563
}
564

565
static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
566
{
567
	char acc[SMK_NUM_ACCESS_TYPE + 1];
568
	/*
569
	 * Don't show any rules with label names too long for
570
	 * interface file (/smack/load or /smack/load2)
571
	 * because you should expect to be able to write
572
	 * anything you read back.
573
	 */
574
	if (strlen(srp->smk_subject->smk_known) >= max ||
575
	    strlen(srp->smk_object->smk_known) >= max)
576
		return;
577

578
	if (srp->smk_access == 0)
579
		return;
580

581
	smack_str_from_perm(acc, srp->smk_access);
582
	seq_printf(s, "%s %s %s\n",
583
		   srp->smk_subject->smk_known,
584
		   srp->smk_object->smk_known,
585
		   acc);
586
}
587

588
/*
589
 * Seq_file read operations for /smack/load
590
 */
591

592
static void *load2_seq_start(struct seq_file *s, loff_t *pos)
593
{
594
	return smk_seq_start(s, pos, &smack_known_list);
595
}
596

597
static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
598
{
599
	return smk_seq_next(s, v, pos, &smack_known_list);
600
}
601

602
static int load_seq_show(struct seq_file *s, void *v)
603
{
604
	struct list_head *list = v;
605
	struct smack_rule *srp;
606
	struct smack_known *skp =
607
		list_entry_rcu(list, struct smack_known, list);
608

609
	list_for_each_entry_rcu(srp, &skp->smk_rules, list)
610
		smk_rule_show(s, srp, SMK_LABELLEN);
611

612
	return 0;
613
}
614

615
static const struct seq_operations load_seq_ops = {
616
	.start = load2_seq_start,
617
	.next  = load2_seq_next,
618
	.show  = load_seq_show,
619
	.stop  = smk_seq_stop,
620
};
621

622
/**
623
 * smk_open_load - open() for /smack/load
624
 * @inode: inode structure representing file
625
 * @file: "load" file pointer
626
 *
627
 * For reading, use load_seq_* seq_file reading operations.
628
 */
629
static int smk_open_load(struct inode *inode, struct file *file)
630
{
631
	return seq_open(file, &load_seq_ops);
632
}
633

634
/**
635
 * smk_write_load - write() for /smack/load
636
 * @file: file pointer, not actually used
637
 * @buf: where to get the data from
638
 * @count: bytes sent
639
 * @ppos: where to start - must be 0
640
 *
641
 */
642
static ssize_t smk_write_load(struct file *file, const char __user *buf,
643
			      size_t count, loff_t *ppos)
644
{
645
	/*
646
	 * Must have privilege.
647
	 * No partial writes.
648
	 * Enough data must be present.
649
	 */
650
	if (!smack_privileged(CAP_MAC_ADMIN))
651
		return -EPERM;
652

653
	return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
654
				    SMK_FIXED24_FMT);
655
}
656

657
static const struct file_operations smk_load_ops = {
658
	.open           = smk_open_load,
659
	.read		= seq_read,
660
	.llseek         = seq_lseek,
661
	.write		= smk_write_load,
662
	.release        = seq_release,
663
};
664

665
/**
666
 * smk_cipso_doi - initialize the CIPSO domain
667
 */
668
static void smk_cipso_doi(void)
669
{
670
	int rc;
671
	struct cipso_v4_doi *doip;
672
	struct netlbl_audit nai;
673

674
	smk_netlabel_audit_set(&nai);
675

676
	rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
677
	if (rc != 0)
678
		printk(KERN_WARNING "%s:%d remove rc = %d\n",
679
		       __func__, __LINE__, rc);
680

681
	doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL);
682
	doip->map.std = NULL;
683
	doip->doi = smk_cipso_doi_value;
684
	doip->type = CIPSO_V4_MAP_PASS;
685
	doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
686
	for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
687
		doip->tags[rc] = CIPSO_V4_TAG_INVALID;
688

689
	rc = netlbl_cfg_cipsov4_add(doip, &nai);
690
	if (rc != 0) {
691
		printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
692
		       __func__, __LINE__, rc);
693
		kfree(doip);
694
		return;
695
	}
696
	rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
697
	if (rc != 0) {
698
		printk(KERN_WARNING "%s:%d map add rc = %d\n",
699
		       __func__, __LINE__, rc);
700
		netlbl_cfg_cipsov4_del(doip->doi, &nai);
701
		return;
702
	}
703
}
704

705
/**
706
 * smk_unlbl_ambient - initialize the unlabeled domain
707
 * @oldambient: previous domain string
708
 */
709
static void smk_unlbl_ambient(char *oldambient)
710
{
711
	int rc;
712
	struct netlbl_audit nai;
713

714
	smk_netlabel_audit_set(&nai);
715

716
	if (oldambient != NULL) {
717
		rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
718
		if (rc != 0)
719
			printk(KERN_WARNING "%s:%d remove rc = %d\n",
720
			       __func__, __LINE__, rc);
721
	}
722
	if (smack_net_ambient == NULL)
723
		smack_net_ambient = &smack_known_floor;
724

725
	rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET,
726
				      NULL, NULL, &nai);
727
	if (rc != 0)
728
		printk(KERN_WARNING "%s:%d add rc = %d\n",
729
		       __func__, __LINE__, rc);
730
}
731

732
/*
733
 * Seq_file read operations for /smack/cipso
734
 */
735

736
static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
737
{
738
	return smk_seq_start(s, pos, &smack_known_list);
739
}
740

741
static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
742
{
743
	return smk_seq_next(s, v, pos, &smack_known_list);
744
}
745

746
/*
747
 * Print cipso labels in format:
748
 * label level[/cat[,cat]]
749
 */
750
static int cipso_seq_show(struct seq_file *s, void *v)
751
{
752
	struct list_head  *list = v;
753
	struct smack_known *skp =
754
		list_entry_rcu(list, struct smack_known, list);
755
	struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
756
	char sep = '/';
757
	int i;
758

759
	/*
760
	 * Don't show a label that could not have been set using
761
	 * /smack/cipso. This is in support of the notion that
762
	 * anything read from /smack/cipso ought to be writeable
763
	 * to /smack/cipso.
764
	 *
765
	 * /smack/cipso2 should be used instead.
766
	 */
767
	if (strlen(skp->smk_known) >= SMK_LABELLEN)
768
		return 0;
769

770
	seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
771

772
	for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
773
	     i = netlbl_catmap_walk(cmp, i + 1)) {
774
		seq_printf(s, "%c%d", sep, i);
775
		sep = ',';
776
	}
777

778
	seq_putc(s, '\n');
779

780
	return 0;
781
}
782

783
static const struct seq_operations cipso_seq_ops = {
784
	.start = cipso_seq_start,
785
	.next  = cipso_seq_next,
786
	.show  = cipso_seq_show,
787
	.stop  = smk_seq_stop,
788
};
789

790
/**
791
 * smk_open_cipso - open() for /smack/cipso
792
 * @inode: inode structure representing file
793
 * @file: "cipso" file pointer
794
 *
795
 * Connect our cipso_seq_* operations with /smack/cipso
796
 * file_operations
797
 */
798
static int smk_open_cipso(struct inode *inode, struct file *file)
799
{
800
	return seq_open(file, &cipso_seq_ops);
801
}
802

803
/**
804
 * smk_set_cipso - do the work for write() for cipso and cipso2
805
 * @file: file pointer, not actually used
806
 * @buf: where to get the data from
807
 * @count: bytes sent
808
 * @ppos: where to start
809
 * @format: /smack/cipso or /smack/cipso2
810
 *
811
 * Accepts only one cipso rule per write call.
812
 * Returns number of bytes written or error code, as appropriate
813
 */
814
static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
815
				size_t count, loff_t *ppos, int format)
816
{
817
	struct netlbl_lsm_catmap *old_cat;
818
	struct smack_known *skp;
819
	struct netlbl_lsm_secattr ncats;
820
	char mapcatset[SMK_CIPSOLEN];
821
	int maplevel;
822
	unsigned int cat;
823
	int catlen;
824
	ssize_t rc = -EINVAL;
825
	char *data = NULL;
826
	char *rule;
827
	int ret;
828
	int i;
829

830
	/*
831
	 * Must have privilege.
832
	 * No partial writes.
833
	 * Enough data must be present.
834
	 */
835
	if (!smack_privileged(CAP_MAC_ADMIN))
836
		return -EPERM;
837
	if (*ppos != 0)
838
		return -EINVAL;
839
	if (format == SMK_FIXED24_FMT &&
840
	    (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
841
		return -EINVAL;
842
	if (count > PAGE_SIZE)
843
		return -EINVAL;
844

845
	data = memdup_user_nul(buf, count);
846
	if (IS_ERR(data))
847
		return PTR_ERR(data);
848

849
	rule = data;
850
	/*
851
	 * Only allow one writer at a time. Writes should be
852
	 * quite rare and small in any case.
853
	 */
854
	mutex_lock(&smack_cipso_lock);
855

856
	skp = smk_import_entry(rule, 0);
857
	if (IS_ERR(skp)) {
858
		rc = PTR_ERR(skp);
859
		goto out;
860
	}
861

862
	if (format == SMK_FIXED24_FMT)
863
		rule += SMK_LABELLEN;
864
	else
865
		rule += strlen(skp->smk_known) + 1;
866

867
	if (rule > data + count) {
868
		rc = -EOVERFLOW;
869
		goto out;
870
	}
871

872
	ret = sscanf(rule, "%d", &maplevel);
873
	if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL)
874
		goto out;
875

876
	rule += SMK_DIGITLEN;
877
	if (rule > data + count) {
878
		rc = -EOVERFLOW;
879
		goto out;
880
	}
881

882
	ret = sscanf(rule, "%d", &catlen);
883
	if (ret != 1 || catlen < 0 || catlen > SMACK_CIPSO_MAXCATNUM)
884
		goto out;
885

886
	if (format == SMK_FIXED24_FMT &&
887
	    count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
888
		goto out;
889

890
	memset(mapcatset, 0, sizeof(mapcatset));
891

892
	for (i = 0; i < catlen; i++) {
893
		rule += SMK_DIGITLEN;
894
		if (rule > data + count) {
895
			rc = -EOVERFLOW;
896
			goto out;
897
		}
898
		ret = sscanf(rule, "%u", &cat);
899
		if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
900
			goto out;
901

902
		smack_catset_bit(cat, mapcatset);
903
	}
904

905
	rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
906
	if (rc >= 0) {
907
		old_cat = skp->smk_netlabel.attr.mls.cat;
908
		rcu_assign_pointer(skp->smk_netlabel.attr.mls.cat, ncats.attr.mls.cat);
909
		if (ncats.attr.mls.cat)
910
			skp->smk_netlabel.flags |= NETLBL_SECATTR_MLS_CAT;
911
		else
912
			skp->smk_netlabel.flags &= ~(u32)NETLBL_SECATTR_MLS_CAT;
913
		skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
914
		synchronize_rcu();
915
		netlbl_catmap_free(old_cat);
916
		rc = count;
917
		/*
918
		 * This mapping may have been cached, so clear the cache.
919
		 */
920
		netlbl_cache_invalidate();
921
	}
922

923
out:
924
	mutex_unlock(&smack_cipso_lock);
925
	kfree(data);
926
	return rc;
927
}
928

929
/**
930
 * smk_write_cipso - write() for /smack/cipso
931
 * @file: file pointer, not actually used
932
 * @buf: where to get the data from
933
 * @count: bytes sent
934
 * @ppos: where to start
935
 *
936
 * Accepts only one cipso rule per write call.
937
 * Returns number of bytes written or error code, as appropriate
938
 */
939
static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
940
			       size_t count, loff_t *ppos)
941
{
942
	return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
943
}
944

945
static const struct file_operations smk_cipso_ops = {
946
	.open           = smk_open_cipso,
947
	.read		= seq_read,
948
	.llseek         = seq_lseek,
949
	.write		= smk_write_cipso,
950
	.release        = seq_release,
951
};
952

953
/*
954
 * Seq_file read operations for /smack/cipso2
955
 */
956

957
/*
958
 * Print cipso labels in format:
959
 * label level[/cat[,cat]]
960
 */
961
static int cipso2_seq_show(struct seq_file *s, void *v)
962
{
963
	struct list_head  *list = v;
964
	struct smack_known *skp =
965
		list_entry_rcu(list, struct smack_known, list);
966
	struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
967
	char sep = '/';
968
	int i;
969

970
	seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
971

972
	for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
973
	     i = netlbl_catmap_walk(cmp, i + 1)) {
974
		seq_printf(s, "%c%d", sep, i);
975
		sep = ',';
976
	}
977

978
	seq_putc(s, '\n');
979

980
	return 0;
981
}
982

983
static const struct seq_operations cipso2_seq_ops = {
984
	.start = cipso_seq_start,
985
	.next  = cipso_seq_next,
986
	.show  = cipso2_seq_show,
987
	.stop  = smk_seq_stop,
988
};
989

990
/**
991
 * smk_open_cipso2 - open() for /smack/cipso2
992
 * @inode: inode structure representing file
993
 * @file: "cipso2" file pointer
994
 *
995
 * Connect our cipso_seq_* operations with /smack/cipso2
996
 * file_operations
997
 */
998
static int smk_open_cipso2(struct inode *inode, struct file *file)
999
{
1000
	return seq_open(file, &cipso2_seq_ops);
1001
}
1002

1003
/**
1004
 * smk_write_cipso2 - write() for /smack/cipso2
1005
 * @file: file pointer, not actually used
1006
 * @buf: where to get the data from
1007
 * @count: bytes sent
1008
 * @ppos: where to start
1009
 *
1010
 * Accepts only one cipso rule per write call.
1011
 * Returns number of bytes written or error code, as appropriate
1012
 */
1013
static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
1014
			      size_t count, loff_t *ppos)
1015
{
1016
	return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
1017
}
1018

1019
static const struct file_operations smk_cipso2_ops = {
1020
	.open           = smk_open_cipso2,
1021
	.read		= seq_read,
1022
	.llseek         = seq_lseek,
1023
	.write		= smk_write_cipso2,
1024
	.release        = seq_release,
1025
};
1026

1027
/*
1028
 * Seq_file read operations for /smack/netlabel
1029
 */
1030

1031
static void *net4addr_seq_start(struct seq_file *s, loff_t *pos)
1032
{
1033
	return smk_seq_start(s, pos, &smk_net4addr_list);
1034
}
1035

1036
static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1037
{
1038
	return smk_seq_next(s, v, pos, &smk_net4addr_list);
1039
}
1040

1041
/*
1042
 * Print host/label pairs
1043
 */
1044
static int net4addr_seq_show(struct seq_file *s, void *v)
1045
{
1046
	struct list_head *list = v;
1047
	struct smk_net4addr *skp =
1048
			list_entry_rcu(list, struct smk_net4addr, list);
1049
	char *kp = SMACK_CIPSO_OPTION;
1050

1051
	if (skp->smk_label != NULL)
1052
		kp = skp->smk_label->smk_known;
1053
	seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr,
1054
			skp->smk_masks, kp);
1055

1056
	return 0;
1057
}
1058

1059
static const struct seq_operations net4addr_seq_ops = {
1060
	.start = net4addr_seq_start,
1061
	.next  = net4addr_seq_next,
1062
	.show  = net4addr_seq_show,
1063
	.stop  = smk_seq_stop,
1064
};
1065

1066
/**
1067
 * smk_open_net4addr - open() for /smack/netlabel
1068
 * @inode: inode structure representing file
1069
 * @file: "netlabel" file pointer
1070
 *
1071
 * Connect our net4addr_seq_* operations with /smack/netlabel
1072
 * file_operations
1073
 */
1074
static int smk_open_net4addr(struct inode *inode, struct file *file)
1075
{
1076
	return seq_open(file, &net4addr_seq_ops);
1077
}
1078

1079
/**
1080
 * smk_net4addr_insert - insert a new entry into the net4addrs list
1081
 * @new : netlabel to insert
1082
 *
1083
 * This helper inserts netlabel in the smack_net4addrs list
1084
 * sorted by netmask length (longest to smallest)
1085
 * locked by &smk_net4addr_lock in smk_write_net4addr.
1086
 */
1087
static void smk_net4addr_insert(struct smk_net4addr *new)
1088
{
1089
	struct smk_net4addr *m;
1090
	struct smk_net4addr *m_next;
1091

1092
	if (list_empty(&smk_net4addr_list)) {
1093
		list_add_rcu(&new->list, &smk_net4addr_list);
1094
		return;
1095
	}
1096

1097
	m = list_entry_rcu(smk_net4addr_list.next,
1098
			   struct smk_net4addr, list);
1099

1100
	/* the comparison '>' is a bit hacky, but works */
1101
	if (new->smk_masks > m->smk_masks) {
1102
		list_add_rcu(&new->list, &smk_net4addr_list);
1103
		return;
1104
	}
1105

1106
	list_for_each_entry_rcu(m, &smk_net4addr_list, list) {
1107
		if (list_is_last(&m->list, &smk_net4addr_list)) {
1108
			list_add_rcu(&new->list, &m->list);
1109
			return;
1110
		}
1111
		m_next = list_entry_rcu(m->list.next,
1112
					struct smk_net4addr, list);
1113
		if (new->smk_masks > m_next->smk_masks) {
1114
			list_add_rcu(&new->list, &m->list);
1115
			return;
1116
		}
1117
	}
1118
}
1119

1120

1121
/**
1122
 * smk_write_net4addr - write() for /smack/netlabel
1123
 * @file: file pointer, not actually used
1124
 * @buf: where to get the data from
1125
 * @count: bytes sent
1126
 * @ppos: where to start
1127
 *
1128
 * Accepts only one net4addr per write call.
1129
 * Returns number of bytes written or error code, as appropriate
1130
 */
1131
static ssize_t smk_write_net4addr(struct file *file, const char __user *buf,
1132
				size_t count, loff_t *ppos)
1133
{
1134
	struct smk_net4addr *snp;
1135
	struct sockaddr_in newname;
1136
	char *smack;
1137
	struct smack_known *skp = NULL;
1138
	char *data;
1139
	char *host = (char *)&newname.sin_addr.s_addr;
1140
	int rc;
1141
	struct netlbl_audit audit_info;
1142
	struct in_addr mask;
1143
	unsigned int m;
1144
	unsigned int masks;
1145
	int found;
1146
	u32 mask_bits = (1<<31);
1147
	__be32 nsa;
1148
	u32 temp_mask;
1149

1150
	/*
1151
	 * Must have privilege.
1152
	 * No partial writes.
1153
	 * Enough data must be present.
1154
	 * "<addr/mask, as a.b.c.d/e><space><label>"
1155
	 * "<addr, as a.b.c.d><space><label>"
1156
	 */
1157
	if (!smack_privileged(CAP_MAC_ADMIN))
1158
		return -EPERM;
1159
	if (*ppos != 0)
1160
		return -EINVAL;
1161
	if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1)
1162
		return -EINVAL;
1163

1164
	data = memdup_user_nul(buf, count);
1165
	if (IS_ERR(data))
1166
		return PTR_ERR(data);
1167

1168
	smack = kzalloc(count + 1, GFP_KERNEL);
1169
	if (smack == NULL) {
1170
		rc = -ENOMEM;
1171
		goto free_data_out;
1172
	}
1173

1174
	rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s",
1175
		&host[0], &host[1], &host[2], &host[3], &masks, smack);
1176
	if (rc != 6) {
1177
		rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
1178
			&host[0], &host[1], &host[2], &host[3], smack);
1179
		if (rc != 5) {
1180
			rc = -EINVAL;
1181
			goto free_out;
1182
		}
1183
		masks = 32;
1184
	}
1185
	if (masks > BEBITS) {
1186
		rc = -EINVAL;
1187
		goto free_out;
1188
	}
1189

1190
	/*
1191
	 * If smack begins with '-', it is an option, don't import it
1192
	 */
1193
	if (smack[0] != '-') {
1194
		skp = smk_import_entry(smack, 0);
1195
		if (IS_ERR(skp)) {
1196
			rc = PTR_ERR(skp);
1197
			goto free_out;
1198
		}
1199
	} else {
1200
		/*
1201
		 * Only the -CIPSO option is supported for IPv4
1202
		 */
1203
		if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) {
1204
			rc = -EINVAL;
1205
			goto free_out;
1206
		}
1207
	}
1208

1209
	for (m = masks, temp_mask = 0; m > 0; m--) {
1210
		temp_mask |= mask_bits;
1211
		mask_bits >>= 1;
1212
	}
1213
	mask.s_addr = cpu_to_be32(temp_mask);
1214

1215
	newname.sin_addr.s_addr &= mask.s_addr;
1216
	/*
1217
	 * Only allow one writer at a time. Writes should be
1218
	 * quite rare and small in any case.
1219
	 */
1220
	mutex_lock(&smk_net4addr_lock);
1221

1222
	nsa = newname.sin_addr.s_addr;
1223
	/* try to find if the prefix is already in the list */
1224
	found = 0;
1225
	list_for_each_entry_rcu(snp, &smk_net4addr_list, list) {
1226
		if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) {
1227
			found = 1;
1228
			break;
1229
		}
1230
	}
1231
	smk_netlabel_audit_set(&audit_info);
1232

1233
	if (found == 0) {
1234
		snp = kzalloc(sizeof(*snp), GFP_KERNEL);
1235
		if (snp == NULL)
1236
			rc = -ENOMEM;
1237
		else {
1238
			rc = 0;
1239
			snp->smk_host.s_addr = newname.sin_addr.s_addr;
1240
			snp->smk_mask.s_addr = mask.s_addr;
1241
			snp->smk_label = skp;
1242
			snp->smk_masks = masks;
1243
			smk_net4addr_insert(snp);
1244
		}
1245
	} else {
1246
		/*
1247
		 * Delete the unlabeled entry, only if the previous label
1248
		 * wasn't the special CIPSO option
1249
		 */
1250
		if (snp->smk_label != NULL)
1251
			rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
1252
					&snp->smk_host, &snp->smk_mask,
1253
					PF_INET, &audit_info);
1254
		else
1255
			rc = 0;
1256
		snp->smk_label = skp;
1257
	}
1258

1259
	/*
1260
	 * Now tell netlabel about the single label nature of
1261
	 * this host so that incoming packets get labeled.
1262
	 * but only if we didn't get the special CIPSO option
1263
	 */
1264
	if (rc == 0 && skp != NULL)
1265
		rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
1266
			&snp->smk_host, &snp->smk_mask, PF_INET,
1267
			snp->smk_label->smk_secid, &audit_info);
1268

1269
	if (rc == 0)
1270
		rc = count;
1271

1272
	mutex_unlock(&smk_net4addr_lock);
1273

1274
free_out:
1275
	kfree(smack);
1276
free_data_out:
1277
	kfree(data);
1278

1279
	return rc;
1280
}
1281

1282
static const struct file_operations smk_net4addr_ops = {
1283
	.open           = smk_open_net4addr,
1284
	.read		= seq_read,
1285
	.llseek         = seq_lseek,
1286
	.write		= smk_write_net4addr,
1287
	.release        = seq_release,
1288
};
1289

1290
#if IS_ENABLED(CONFIG_IPV6)
1291
/*
1292
 * Seq_file read operations for /smack/netlabel6
1293
 */
1294

1295
static void *net6addr_seq_start(struct seq_file *s, loff_t *pos)
1296
{
1297
	return smk_seq_start(s, pos, &smk_net6addr_list);
1298
}
1299

1300
static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos)
1301
{
1302
	return smk_seq_next(s, v, pos, &smk_net6addr_list);
1303
}
1304

1305
/*
1306
 * Print host/label pairs
1307
 */
1308
static int net6addr_seq_show(struct seq_file *s, void *v)
1309
{
1310
	struct list_head *list = v;
1311
	struct smk_net6addr *skp =
1312
			 list_entry(list, struct smk_net6addr, list);
1313

1314
	if (skp->smk_label != NULL)
1315
		seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks,
1316
				skp->smk_label->smk_known);
1317

1318
	return 0;
1319
}
1320

1321
static const struct seq_operations net6addr_seq_ops = {
1322
	.start = net6addr_seq_start,
1323
	.next  = net6addr_seq_next,
1324
	.show  = net6addr_seq_show,
1325
	.stop  = smk_seq_stop,
1326
};
1327

1328
/**
1329
 * smk_open_net6addr - open() for /smack/netlabel
1330
 * @inode: inode structure representing file
1331
 * @file: "netlabel" file pointer
1332
 *
1333
 * Connect our net6addr_seq_* operations with /smack/netlabel
1334
 * file_operations
1335
 */
1336
static int smk_open_net6addr(struct inode *inode, struct file *file)
1337
{
1338
	return seq_open(file, &net6addr_seq_ops);
1339
}
1340

1341
/**
1342
 * smk_net6addr_insert - insert a new entry into the net6addrs list
1343
 * @new : entry to insert
1344
 *
1345
 * This inserts an entry in the smack_net6addrs list
1346
 * sorted by netmask length (longest to smallest)
1347
 * locked by &smk_net6addr_lock in smk_write_net6addr.
1348
 */
1349
static void smk_net6addr_insert(struct smk_net6addr *new)
1350
{
1351
	struct smk_net6addr *m_next;
1352
	struct smk_net6addr *m;
1353

1354
	if (list_empty(&smk_net6addr_list)) {
1355
		list_add_rcu(&new->list, &smk_net6addr_list);
1356
		return;
1357
	}
1358

1359
	m = list_entry_rcu(smk_net6addr_list.next,
1360
			   struct smk_net6addr, list);
1361

1362
	if (new->smk_masks > m->smk_masks) {
1363
		list_add_rcu(&new->list, &smk_net6addr_list);
1364
		return;
1365
	}
1366

1367
	list_for_each_entry_rcu(m, &smk_net6addr_list, list) {
1368
		if (list_is_last(&m->list, &smk_net6addr_list)) {
1369
			list_add_rcu(&new->list, &m->list);
1370
			return;
1371
		}
1372
		m_next = list_entry_rcu(m->list.next,
1373
					struct smk_net6addr, list);
1374
		if (new->smk_masks > m_next->smk_masks) {
1375
			list_add_rcu(&new->list, &m->list);
1376
			return;
1377
		}
1378
	}
1379
}
1380

1381

1382
/**
1383
 * smk_write_net6addr - write() for /smack/netlabel
1384
 * @file: file pointer, not actually used
1385
 * @buf: where to get the data from
1386
 * @count: bytes sent
1387
 * @ppos: where to start
1388
 *
1389
 * Accepts only one net6addr per write call.
1390
 * Returns number of bytes written or error code, as appropriate
1391
 */
1392
static ssize_t smk_write_net6addr(struct file *file, const char __user *buf,
1393
				size_t count, loff_t *ppos)
1394
{
1395
	struct smk_net6addr *snp;
1396
	struct in6_addr newname;
1397
	struct in6_addr fullmask;
1398
	struct smack_known *skp = NULL;
1399
	char *smack;
1400
	char *data;
1401
	int rc = 0;
1402
	int found = 0;
1403
	int i;
1404
	unsigned int scanned[8];
1405
	unsigned int m;
1406
	unsigned int mask = 128;
1407

1408
	/*
1409
	 * Must have privilege.
1410
	 * No partial writes.
1411
	 * Enough data must be present.
1412
	 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>"
1413
	 * "<addr, as a:b:c:d:e:f:g:h><space><label>"
1414
	 */
1415
	if (!smack_privileged(CAP_MAC_ADMIN))
1416
		return -EPERM;
1417
	if (*ppos != 0)
1418
		return -EINVAL;
1419
	if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1)
1420
		return -EINVAL;
1421

1422
	data = memdup_user_nul(buf, count);
1423
	if (IS_ERR(data))
1424
		return PTR_ERR(data);
1425

1426
	smack = kzalloc(count + 1, GFP_KERNEL);
1427
	if (smack == NULL) {
1428
		rc = -ENOMEM;
1429
		goto free_data_out;
1430
	}
1431

1432
	i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s",
1433
			&scanned[0], &scanned[1], &scanned[2], &scanned[3],
1434
			&scanned[4], &scanned[5], &scanned[6], &scanned[7],
1435
			&mask, smack);
1436
	if (i != 10) {
1437
		i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s",
1438
				&scanned[0], &scanned[1], &scanned[2],
1439
				&scanned[3], &scanned[4], &scanned[5],
1440
				&scanned[6], &scanned[7], smack);
1441
		if (i != 9) {
1442
			rc = -EINVAL;
1443
			goto free_out;
1444
		}
1445
	}
1446
	if (mask > 128) {
1447
		rc = -EINVAL;
1448
		goto free_out;
1449
	}
1450
	for (i = 0; i < 8; i++) {
1451
		if (scanned[i] > 0xffff) {
1452
			rc = -EINVAL;
1453
			goto free_out;
1454
		}
1455
		newname.s6_addr16[i] = htons(scanned[i]);
1456
	}
1457

1458
	/*
1459
	 * If smack begins with '-', it is an option, don't import it
1460
	 */
1461
	if (smack[0] != '-') {
1462
		skp = smk_import_entry(smack, 0);
1463
		if (IS_ERR(skp)) {
1464
			rc = PTR_ERR(skp);
1465
			goto free_out;
1466
		}
1467
	} else {
1468
		/*
1469
		 * Only -DELETE is supported for IPv6
1470
		 */
1471
		if (strcmp(smack, SMACK_DELETE_OPTION) != 0) {
1472
			rc = -EINVAL;
1473
			goto free_out;
1474
		}
1475
	}
1476

1477
	for (i = 0, m = mask; i < 8; i++) {
1478
		if (m >= 16) {
1479
			fullmask.s6_addr16[i] = 0xffff;
1480
			m -= 16;
1481
		} else if (m > 0) {
1482
			fullmask.s6_addr16[i] = (1 << m) - 1;
1483
			m = 0;
1484
		} else
1485
			fullmask.s6_addr16[i] = 0;
1486
		newname.s6_addr16[i] &= fullmask.s6_addr16[i];
1487
	}
1488

1489
	/*
1490
	 * Only allow one writer at a time. Writes should be
1491
	 * quite rare and small in any case.
1492
	 */
1493
	mutex_lock(&smk_net6addr_lock);
1494
	/*
1495
	 * Try to find the prefix in the list
1496
	 */
1497
	list_for_each_entry_rcu(snp, &smk_net6addr_list, list) {
1498
		if (mask != snp->smk_masks)
1499
			continue;
1500
		for (found = 1, i = 0; i < 8; i++) {
1501
			if (newname.s6_addr16[i] !=
1502
			    snp->smk_host.s6_addr16[i]) {
1503
				found = 0;
1504
				break;
1505
			}
1506
		}
1507
		if (found == 1)
1508
			break;
1509
	}
1510
	if (found == 0) {
1511
		snp = kzalloc(sizeof(*snp), GFP_KERNEL);
1512
		if (snp == NULL)
1513
			rc = -ENOMEM;
1514
		else {
1515
			snp->smk_host = newname;
1516
			snp->smk_mask = fullmask;
1517
			snp->smk_masks = mask;
1518
			snp->smk_label = skp;
1519
			smk_net6addr_insert(snp);
1520
		}
1521
	} else {
1522
		snp->smk_label = skp;
1523
	}
1524

1525
	if (rc == 0)
1526
		rc = count;
1527

1528
	mutex_unlock(&smk_net6addr_lock);
1529

1530
free_out:
1531
	kfree(smack);
1532
free_data_out:
1533
	kfree(data);
1534

1535
	return rc;
1536
}
1537

1538
static const struct file_operations smk_net6addr_ops = {
1539
	.open           = smk_open_net6addr,
1540
	.read		= seq_read,
1541
	.llseek         = seq_lseek,
1542
	.write		= smk_write_net6addr,
1543
	.release        = seq_release,
1544
};
1545
#endif /* CONFIG_IPV6 */
1546

1547
/**
1548
 * smk_read_doi - read() for /smack/doi
1549
 * @filp: file pointer, not actually used
1550
 * @buf: where to put the result
1551
 * @count: maximum to send along
1552
 * @ppos: where to start
1553
 *
1554
 * Returns number of bytes read or error code, as appropriate
1555
 */
1556
static ssize_t smk_read_doi(struct file *filp, char __user *buf,
1557
			    size_t count, loff_t *ppos)
1558
{
1559
	char temp[80];
1560
	ssize_t rc;
1561

1562
	if (*ppos != 0)
1563
		return 0;
1564

1565
	sprintf(temp, "%d", smk_cipso_doi_value);
1566
	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1567

1568
	return rc;
1569
}
1570

1571
/**
1572
 * smk_write_doi - write() for /smack/doi
1573
 * @file: file pointer, not actually used
1574
 * @buf: where to get the data from
1575
 * @count: bytes sent
1576
 * @ppos: where to start
1577
 *
1578
 * Returns number of bytes written or error code, as appropriate
1579
 */
1580
static ssize_t smk_write_doi(struct file *file, const char __user *buf,
1581
			     size_t count, loff_t *ppos)
1582
{
1583
	char temp[80];
1584
	int i;
1585

1586
	if (!smack_privileged(CAP_MAC_ADMIN))
1587
		return -EPERM;
1588

1589
	if (count >= sizeof(temp) || count == 0)
1590
		return -EINVAL;
1591

1592
	if (copy_from_user(temp, buf, count) != 0)
1593
		return -EFAULT;
1594

1595
	temp[count] = '\0';
1596

1597
	if (sscanf(temp, "%d", &i) != 1)
1598
		return -EINVAL;
1599

1600
	smk_cipso_doi_value = i;
1601

1602
	smk_cipso_doi();
1603

1604
	return count;
1605
}
1606

1607
static const struct file_operations smk_doi_ops = {
1608
	.read		= smk_read_doi,
1609
	.write		= smk_write_doi,
1610
	.llseek		= default_llseek,
1611
};
1612

1613
/**
1614
 * smk_read_direct - read() for /smack/direct
1615
 * @filp: file pointer, not actually used
1616
 * @buf: where to put the result
1617
 * @count: maximum to send along
1618
 * @ppos: where to start
1619
 *
1620
 * Returns number of bytes read or error code, as appropriate
1621
 */
1622
static ssize_t smk_read_direct(struct file *filp, char __user *buf,
1623
			       size_t count, loff_t *ppos)
1624
{
1625
	char temp[80];
1626
	ssize_t rc;
1627

1628
	if (*ppos != 0)
1629
		return 0;
1630

1631
	sprintf(temp, "%d", smack_cipso_direct);
1632
	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1633

1634
	return rc;
1635
}
1636

1637
/**
1638
 * smk_write_direct - write() for /smack/direct
1639
 * @file: file pointer, not actually used
1640
 * @buf: where to get the data from
1641
 * @count: bytes sent
1642
 * @ppos: where to start
1643
 *
1644
 * Returns number of bytes written or error code, as appropriate
1645
 */
1646
static ssize_t smk_write_direct(struct file *file, const char __user *buf,
1647
				size_t count, loff_t *ppos)
1648
{
1649
	struct smack_known *skp;
1650
	char temp[80];
1651
	int i;
1652

1653
	if (!smack_privileged(CAP_MAC_ADMIN))
1654
		return -EPERM;
1655

1656
	if (count >= sizeof(temp) || count == 0)
1657
		return -EINVAL;
1658

1659
	if (copy_from_user(temp, buf, count) != 0)
1660
		return -EFAULT;
1661

1662
	temp[count] = '\0';
1663

1664
	if (sscanf(temp, "%d", &i) != 1)
1665
		return -EINVAL;
1666

1667
	/*
1668
	 * Don't do anything if the value hasn't actually changed.
1669
	 * If it is changing reset the level on entries that were
1670
	 * set up to be direct when they were created.
1671
	 */
1672
	if (smack_cipso_direct != i) {
1673
		mutex_lock(&smack_known_lock);
1674
		list_for_each_entry_rcu(skp, &smack_known_list, list)
1675
			if (skp->smk_netlabel.attr.mls.lvl ==
1676
			    smack_cipso_direct)
1677
				skp->smk_netlabel.attr.mls.lvl = i;
1678
		smack_cipso_direct = i;
1679
		mutex_unlock(&smack_known_lock);
1680
	}
1681

1682
	return count;
1683
}
1684

1685
static const struct file_operations smk_direct_ops = {
1686
	.read		= smk_read_direct,
1687
	.write		= smk_write_direct,
1688
	.llseek		= default_llseek,
1689
};
1690

1691
/**
1692
 * smk_read_mapped - read() for /smack/mapped
1693
 * @filp: file pointer, not actually used
1694
 * @buf: where to put the result
1695
 * @count: maximum to send along
1696
 * @ppos: where to start
1697
 *
1698
 * Returns number of bytes read or error code, as appropriate
1699
 */
1700
static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
1701
			       size_t count, loff_t *ppos)
1702
{
1703
	char temp[80];
1704
	ssize_t rc;
1705

1706
	if (*ppos != 0)
1707
		return 0;
1708

1709
	sprintf(temp, "%d", smack_cipso_mapped);
1710
	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
1711

1712
	return rc;
1713
}
1714

1715
/**
1716
 * smk_write_mapped - write() for /smack/mapped
1717
 * @file: file pointer, not actually used
1718
 * @buf: where to get the data from
1719
 * @count: bytes sent
1720
 * @ppos: where to start
1721
 *
1722
 * Returns number of bytes written or error code, as appropriate
1723
 */
1724
static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
1725
				size_t count, loff_t *ppos)
1726
{
1727
	struct smack_known *skp;
1728
	char temp[80];
1729
	int i;
1730

1731
	if (!smack_privileged(CAP_MAC_ADMIN))
1732
		return -EPERM;
1733

1734
	if (count >= sizeof(temp) || count == 0)
1735
		return -EINVAL;
1736

1737
	if (copy_from_user(temp, buf, count) != 0)
1738
		return -EFAULT;
1739

1740
	temp[count] = '\0';
1741

1742
	if (sscanf(temp, "%d", &i) != 1)
1743
		return -EINVAL;
1744

1745
	/*
1746
	 * Don't do anything if the value hasn't actually changed.
1747
	 * If it is changing reset the level on entries that were
1748
	 * set up to be mapped when they were created.
1749
	 */
1750
	if (smack_cipso_mapped != i) {
1751
		mutex_lock(&smack_known_lock);
1752
		list_for_each_entry_rcu(skp, &smack_known_list, list)
1753
			if (skp->smk_netlabel.attr.mls.lvl ==
1754
			    smack_cipso_mapped)
1755
				skp->smk_netlabel.attr.mls.lvl = i;
1756
		smack_cipso_mapped = i;
1757
		mutex_unlock(&smack_known_lock);
1758
	}
1759

1760
	return count;
1761
}
1762

1763
static const struct file_operations smk_mapped_ops = {
1764
	.read		= smk_read_mapped,
1765
	.write		= smk_write_mapped,
1766
	.llseek		= default_llseek,
1767
};
1768

1769
/**
1770
 * smk_read_ambient - read() for /smack/ambient
1771
 * @filp: file pointer, not actually used
1772
 * @buf: where to put the result
1773
 * @cn: maximum to send along
1774
 * @ppos: where to start
1775
 *
1776
 * Returns number of bytes read or error code, as appropriate
1777
 */
1778
static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
1779
				size_t cn, loff_t *ppos)
1780
{
1781
	ssize_t rc;
1782
	int asize;
1783

1784
	if (*ppos != 0)
1785
		return 0;
1786
	/*
1787
	 * Being careful to avoid a problem in the case where
1788
	 * smack_net_ambient gets changed in midstream.
1789
	 */
1790
	mutex_lock(&smack_ambient_lock);
1791

1792
	asize = strlen(smack_net_ambient->smk_known) + 1;
1793

1794
	if (cn >= asize)
1795
		rc = simple_read_from_buffer(buf, cn, ppos,
1796
					     smack_net_ambient->smk_known,
1797
					     asize);
1798
	else
1799
		rc = -EINVAL;
1800

1801
	mutex_unlock(&smack_ambient_lock);
1802

1803
	return rc;
1804
}
1805

1806
/**
1807
 * smk_write_ambient - write() for /smack/ambient
1808
 * @file: file pointer, not actually used
1809
 * @buf: where to get the data from
1810
 * @count: bytes sent
1811
 * @ppos: where to start
1812
 *
1813
 * Returns number of bytes written or error code, as appropriate
1814
 */
1815
static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
1816
				 size_t count, loff_t *ppos)
1817
{
1818
	struct smack_known *skp;
1819
	char *oldambient;
1820
	char *data;
1821
	int rc = count;
1822

1823
	if (!smack_privileged(CAP_MAC_ADMIN))
1824
		return -EPERM;
1825

1826
	/* Enough data must be present */
1827
	if (count == 0 || count > PAGE_SIZE)
1828
		return -EINVAL;
1829

1830
	data = memdup_user_nul(buf, count);
1831
	if (IS_ERR(data))
1832
		return PTR_ERR(data);
1833

1834
	skp = smk_import_entry(data, count);
1835
	if (IS_ERR(skp)) {
1836
		rc = PTR_ERR(skp);
1837
		goto out;
1838
	}
1839

1840
	mutex_lock(&smack_ambient_lock);
1841

1842
	oldambient = smack_net_ambient->smk_known;
1843
	smack_net_ambient = skp;
1844
	smk_unlbl_ambient(oldambient);
1845

1846
	mutex_unlock(&smack_ambient_lock);
1847

1848
out:
1849
	kfree(data);
1850
	return rc;
1851
}
1852

1853
static const struct file_operations smk_ambient_ops = {
1854
	.read		= smk_read_ambient,
1855
	.write		= smk_write_ambient,
1856
	.llseek		= default_llseek,
1857
};
1858

1859
/*
1860
 * Seq_file operations for /smack/onlycap
1861
 */
1862
static void *onlycap_seq_start(struct seq_file *s, loff_t *pos)
1863
{
1864
	return smk_seq_start(s, pos, &smack_onlycap_list);
1865
}
1866

1867
static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos)
1868
{
1869
	return smk_seq_next(s, v, pos, &smack_onlycap_list);
1870
}
1871

1872
static int onlycap_seq_show(struct seq_file *s, void *v)
1873
{
1874
	struct list_head *list = v;
1875
	struct smack_known_list_elem *sklep =
1876
		list_entry_rcu(list, struct smack_known_list_elem, list);
1877

1878
	seq_puts(s, sklep->smk_label->smk_known);
1879
	seq_putc(s, ' ');
1880

1881
	return 0;
1882
}
1883

1884
static const struct seq_operations onlycap_seq_ops = {
1885
	.start = onlycap_seq_start,
1886
	.next  = onlycap_seq_next,
1887
	.show  = onlycap_seq_show,
1888
	.stop  = smk_seq_stop,
1889
};
1890

1891
static int smk_open_onlycap(struct inode *inode, struct file *file)
1892
{
1893
	return seq_open(file, &onlycap_seq_ops);
1894
}
1895

1896
/**
1897
 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way
1898
 * The caller must hold appropriate mutex to prevent concurrent modifications
1899
 * to the public list.
1900
 * Private list is assumed to be not accessible to other threads yet.
1901
 *
1902
 * @public: public list
1903
 * @private: private list
1904
 */
1905
static void smk_list_swap_rcu(struct list_head *public,
1906
			      struct list_head *private)
1907
{
1908
	struct list_head *first, *last;
1909

1910
	if (list_empty(public)) {
1911
		list_splice_init_rcu(private, public, synchronize_rcu);
1912
	} else {
1913
		/* Remember public list before replacing it */
1914
		first = public->next;
1915
		last = public->prev;
1916

1917
		/* Publish private list in place of public in RCU-safe way */
1918
		private->prev->next = public;
1919
		private->next->prev = public;
1920
		rcu_assign_pointer(public->next, private->next);
1921
		public->prev = private->prev;
1922

1923
		synchronize_rcu();
1924

1925
		/* When all readers are done with the old public list,
1926
		 * attach it in place of private */
1927
		private->next = first;
1928
		private->prev = last;
1929
		first->prev = private;
1930
		last->next = private;
1931
	}
1932
}
1933

1934
/**
1935
 * smk_parse_label_list - parse list of Smack labels, separated by spaces
1936
 *
1937
 * @data: the string to parse
1938
 * @list: destination list
1939
 *
1940
 * Returns zero on success or error code, as appropriate
1941
 */
1942
static int smk_parse_label_list(char *data, struct list_head *list)
1943
{
1944
	char *tok;
1945
	struct smack_known *skp;
1946
	struct smack_known_list_elem *sklep;
1947

1948
	while ((tok = strsep(&data, " ")) != NULL) {
1949
		if (!*tok)
1950
			continue;
1951

1952
		skp = smk_import_entry(tok, 0);
1953
		if (IS_ERR(skp))
1954
			return PTR_ERR(skp);
1955

1956
		sklep = kzalloc(sizeof(*sklep), GFP_KERNEL);
1957
		if (sklep == NULL)
1958
			return -ENOMEM;
1959

1960
		sklep->smk_label = skp;
1961
		list_add(&sklep->list, list);
1962
	}
1963

1964
	return 0;
1965
}
1966

1967
/**
1968
 * smk_destroy_label_list - destroy a list of smack_known_list_elem
1969
 * @list: header pointer of the list to destroy
1970
 */
1971
void smk_destroy_label_list(struct list_head *list)
1972
{
1973
	struct smack_known_list_elem *sklep;
1974
	struct smack_known_list_elem *sklep2;
1975

1976
	list_for_each_entry_safe(sklep, sklep2, list, list)
1977
		kfree(sklep);
1978

1979
	INIT_LIST_HEAD(list);
1980
}
1981

1982
/**
1983
 * smk_write_onlycap - write() for smackfs/onlycap
1984
 * @file: file pointer, not actually used
1985
 * @buf: where to get the data from
1986
 * @count: bytes sent
1987
 * @ppos: where to start
1988
 *
1989
 * Returns number of bytes written or error code, as appropriate
1990
 */
1991
static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
1992
				 size_t count, loff_t *ppos)
1993
{
1994
	char *data;
1995
	LIST_HEAD(list_tmp);
1996
	int rc;
1997

1998
	if (!smack_privileged(CAP_MAC_ADMIN))
1999
		return -EPERM;
2000

2001
	if (count > PAGE_SIZE)
2002
		return -EINVAL;
2003

2004
	data = memdup_user_nul(buf, count);
2005
	if (IS_ERR(data))
2006
		return PTR_ERR(data);
2007

2008
	rc = smk_parse_label_list(data, &list_tmp);
2009
	kfree(data);
2010

2011
	/*
2012
	 * Clear the smack_onlycap on invalid label errors. This means
2013
	 * that we can pass a null string to unset the onlycap value.
2014
	 *
2015
	 * Importing will also reject a label beginning with '-',
2016
	 * so "-usecapabilities" will also work.
2017
	 *
2018
	 * But do so only on invalid label, not on system errors.
2019
	 * The invalid label must be first to count as clearing attempt.
2020
	 */
2021
	if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
2022
		mutex_lock(&smack_onlycap_lock);
2023
		smk_list_swap_rcu(&smack_onlycap_list, &list_tmp);
2024
		mutex_unlock(&smack_onlycap_lock);
2025
		rc = count;
2026
	}
2027

2028
	smk_destroy_label_list(&list_tmp);
2029

2030
	return rc;
2031
}
2032

2033
static const struct file_operations smk_onlycap_ops = {
2034
	.open		= smk_open_onlycap,
2035
	.read		= seq_read,
2036
	.write		= smk_write_onlycap,
2037
	.llseek		= seq_lseek,
2038
	.release	= seq_release,
2039
};
2040

2041
#ifdef CONFIG_SECURITY_SMACK_BRINGUP
2042
/**
2043
 * smk_read_unconfined - read() for smackfs/unconfined
2044
 * @filp: file pointer, not actually used
2045
 * @buf: where to put the result
2046
 * @cn: maximum to send along
2047
 * @ppos: where to start
2048
 *
2049
 * Returns number of bytes read or error code, as appropriate
2050
 */
2051
static ssize_t smk_read_unconfined(struct file *filp, char __user *buf,
2052
					size_t cn, loff_t *ppos)
2053
{
2054
	char *smack = "";
2055
	ssize_t rc = -EINVAL;
2056
	int asize;
2057

2058
	if (*ppos != 0)
2059
		return 0;
2060

2061
	if (smack_unconfined != NULL)
2062
		smack = smack_unconfined->smk_known;
2063

2064
	asize = strlen(smack) + 1;
2065

2066
	if (cn >= asize)
2067
		rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
2068

2069
	return rc;
2070
}
2071

2072
/**
2073
 * smk_write_unconfined - write() for smackfs/unconfined
2074
 * @file: file pointer, not actually used
2075
 * @buf: where to get the data from
2076
 * @count: bytes sent
2077
 * @ppos: where to start
2078
 *
2079
 * Returns number of bytes written or error code, as appropriate
2080
 */
2081
static ssize_t smk_write_unconfined(struct file *file, const char __user *buf,
2082
					size_t count, loff_t *ppos)
2083
{
2084
	char *data;
2085
	struct smack_known *skp;
2086
	int rc = count;
2087

2088
	if (!smack_privileged(CAP_MAC_ADMIN))
2089
		return -EPERM;
2090

2091
	if (count > PAGE_SIZE)
2092
		return -EINVAL;
2093

2094
	data = memdup_user_nul(buf, count);
2095
	if (IS_ERR(data))
2096
		return PTR_ERR(data);
2097

2098
	/*
2099
	 * Clear the smack_unconfined on invalid label errors. This means
2100
	 * that we can pass a null string to unset the unconfined value.
2101
	 *
2102
	 * Importing will also reject a label beginning with '-',
2103
	 * so "-confine" will also work.
2104
	 *
2105
	 * But do so only on invalid label, not on system errors.
2106
	 */
2107
	skp = smk_import_entry(data, count);
2108
	if (PTR_ERR(skp) == -EINVAL)
2109
		skp = NULL;
2110
	else if (IS_ERR(skp)) {
2111
		rc = PTR_ERR(skp);
2112
		goto freeout;
2113
	}
2114

2115
	smack_unconfined = skp;
2116

2117
freeout:
2118
	kfree(data);
2119
	return rc;
2120
}
2121

2122
static const struct file_operations smk_unconfined_ops = {
2123
	.read		= smk_read_unconfined,
2124
	.write		= smk_write_unconfined,
2125
	.llseek		= default_llseek,
2126
};
2127
#endif /* CONFIG_SECURITY_SMACK_BRINGUP */
2128

2129
#ifdef CONFIG_AUDIT
2130
/**
2131
 * smk_read_logging - read() for /smack/logging
2132
 * @filp: file pointer, not actually used
2133
 * @buf: where to put the result
2134
 * @count: maximum to send along
2135
 * @ppos: where to start
2136
 *
2137
 * Returns number of bytes read or error code, as appropriate
2138
 */
2139
static ssize_t smk_read_logging(struct file *filp, char __user *buf,
2140
				size_t count, loff_t *ppos)
2141
{
2142
	char temp[32];
2143
	ssize_t rc;
2144

2145
	if (*ppos != 0)
2146
		return 0;
2147

2148
	sprintf(temp, "%d\n", log_policy);
2149
	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
2150
	return rc;
2151
}
2152

2153
/**
2154
 * smk_write_logging - write() for /smack/logging
2155
 * @file: file pointer, not actually used
2156
 * @buf: where to get the data from
2157
 * @count: bytes sent
2158
 * @ppos: where to start
2159
 *
2160
 * Returns number of bytes written or error code, as appropriate
2161
 */
2162
static ssize_t smk_write_logging(struct file *file, const char __user *buf,
2163
				size_t count, loff_t *ppos)
2164
{
2165
	char temp[32];
2166
	int i;
2167

2168
	if (!smack_privileged(CAP_MAC_ADMIN))
2169
		return -EPERM;
2170

2171
	if (count >= sizeof(temp) || count == 0)
2172
		return -EINVAL;
2173

2174
	if (copy_from_user(temp, buf, count) != 0)
2175
		return -EFAULT;
2176

2177
	temp[count] = '\0';
2178

2179
	if (sscanf(temp, "%d", &i) != 1)
2180
		return -EINVAL;
2181
	if (i < 0 || i > 3)
2182
		return -EINVAL;
2183
	log_policy = i;
2184
	return count;
2185
}
2186

2187

2188

2189
static const struct file_operations smk_logging_ops = {
2190
	.read		= smk_read_logging,
2191
	.write		= smk_write_logging,
2192
	.llseek		= default_llseek,
2193
};
2194
#endif /* CONFIG_AUDIT */
2195

2196
/*
2197
 * Seq_file read operations for /smack/load-self
2198
 */
2199

2200
static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
2201
{
2202
	struct task_smack *tsp = smack_cred(current_cred());
2203

2204
	return smk_seq_start(s, pos, &tsp->smk_rules);
2205
}
2206

2207
static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
2208
{
2209
	struct task_smack *tsp = smack_cred(current_cred());
2210

2211
	return smk_seq_next(s, v, pos, &tsp->smk_rules);
2212
}
2213

2214
static int load_self_seq_show(struct seq_file *s, void *v)
2215
{
2216
	struct list_head *list = v;
2217
	struct smack_rule *srp =
2218
		list_entry_rcu(list, struct smack_rule, list);
2219

2220
	smk_rule_show(s, srp, SMK_LABELLEN);
2221

2222
	return 0;
2223
}
2224

2225
static const struct seq_operations load_self_seq_ops = {
2226
	.start = load_self_seq_start,
2227
	.next  = load_self_seq_next,
2228
	.show  = load_self_seq_show,
2229
	.stop  = smk_seq_stop,
2230
};
2231

2232

2233
/**
2234
 * smk_open_load_self - open() for /smack/load-self2
2235
 * @inode: inode structure representing file
2236
 * @file: "load" file pointer
2237
 *
2238
 * For reading, use load_seq_* seq_file reading operations.
2239
 */
2240
static int smk_open_load_self(struct inode *inode, struct file *file)
2241
{
2242
	return seq_open(file, &load_self_seq_ops);
2243
}
2244

2245
/**
2246
 * smk_write_load_self - write() for /smack/load-self
2247
 * @file: file pointer, not actually used
2248
 * @buf: where to get the data from
2249
 * @count: bytes sent
2250
 * @ppos: where to start - must be 0
2251
 *
2252
 */
2253
static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
2254
			      size_t count, loff_t *ppos)
2255
{
2256
	struct task_smack *tsp = smack_cred(current_cred());
2257

2258
	return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2259
				    &tsp->smk_rules_lock, SMK_FIXED24_FMT);
2260
}
2261

2262
static const struct file_operations smk_load_self_ops = {
2263
	.open           = smk_open_load_self,
2264
	.read		= seq_read,
2265
	.llseek         = seq_lseek,
2266
	.write		= smk_write_load_self,
2267
	.release        = seq_release,
2268
};
2269

2270
/**
2271
 * smk_user_access - handle access check transaction
2272
 * @file: file pointer
2273
 * @buf: data from user space
2274
 * @count: bytes sent
2275
 * @ppos: where to start - must be 0
2276
 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
2277
 */
2278
static ssize_t smk_user_access(struct file *file, const char __user *buf,
2279
				size_t count, loff_t *ppos, int format)
2280
{
2281
	struct smack_parsed_rule rule;
2282
	char *data;
2283
	int res;
2284

2285
	data = simple_transaction_get(file, buf, count);
2286
	if (IS_ERR(data))
2287
		return PTR_ERR(data);
2288

2289
	if (format == SMK_FIXED24_FMT) {
2290
		if (count < SMK_LOADLEN)
2291
			return -EINVAL;
2292
		res = smk_parse_rule(data, &rule, 0);
2293
	} else {
2294
		/*
2295
		 * simple_transaction_get() returns null-terminated data
2296
		 */
2297
		res = smk_parse_long_rule(data, &rule, 0, 3);
2298
	}
2299

2300
	if (res >= 0)
2301
		res = smk_access(rule.smk_subject, rule.smk_object,
2302
				 rule.smk_access1, NULL);
2303
	else if (res != -ENOENT)
2304
		return res;
2305

2306
	/*
2307
	 * smk_access() can return a value > 0 in the "bringup" case.
2308
	 */
2309
	data[0] = res >= 0 ? '1' : '0';
2310
	data[1] = '\0';
2311

2312
	simple_transaction_set(file, 2);
2313

2314
	if (format == SMK_FIXED24_FMT)
2315
		return SMK_LOADLEN;
2316
	return count;
2317
}
2318

2319
/**
2320
 * smk_write_access - handle access check transaction
2321
 * @file: file pointer
2322
 * @buf: data from user space
2323
 * @count: bytes sent
2324
 * @ppos: where to start - must be 0
2325
 */
2326
static ssize_t smk_write_access(struct file *file, const char __user *buf,
2327
				size_t count, loff_t *ppos)
2328
{
2329
	return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
2330
}
2331

2332
static const struct file_operations smk_access_ops = {
2333
	.write		= smk_write_access,
2334
	.read		= simple_transaction_read,
2335
	.release	= simple_transaction_release,
2336
	.llseek		= generic_file_llseek,
2337
};
2338

2339

2340
/*
2341
 * Seq_file read operations for /smack/load2
2342
 */
2343

2344
static int load2_seq_show(struct seq_file *s, void *v)
2345
{
2346
	struct list_head *list = v;
2347
	struct smack_rule *srp;
2348
	struct smack_known *skp =
2349
		list_entry_rcu(list, struct smack_known, list);
2350

2351
	list_for_each_entry_rcu(srp, &skp->smk_rules, list)
2352
		smk_rule_show(s, srp, SMK_LONGLABEL);
2353

2354
	return 0;
2355
}
2356

2357
static const struct seq_operations load2_seq_ops = {
2358
	.start = load2_seq_start,
2359
	.next  = load2_seq_next,
2360
	.show  = load2_seq_show,
2361
	.stop  = smk_seq_stop,
2362
};
2363

2364
/**
2365
 * smk_open_load2 - open() for /smack/load2
2366
 * @inode: inode structure representing file
2367
 * @file: "load2" file pointer
2368
 *
2369
 * For reading, use load2_seq_* seq_file reading operations.
2370
 */
2371
static int smk_open_load2(struct inode *inode, struct file *file)
2372
{
2373
	return seq_open(file, &load2_seq_ops);
2374
}
2375

2376
/**
2377
 * smk_write_load2 - write() for /smack/load2
2378
 * @file: file pointer, not actually used
2379
 * @buf: where to get the data from
2380
 * @count: bytes sent
2381
 * @ppos: where to start - must be 0
2382
 *
2383
 */
2384
static ssize_t smk_write_load2(struct file *file, const char __user *buf,
2385
				size_t count, loff_t *ppos)
2386
{
2387
	/*
2388
	 * Must have privilege.
2389
	 */
2390
	if (!smack_privileged(CAP_MAC_ADMIN))
2391
		return -EPERM;
2392

2393
	return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2394
				    SMK_LONG_FMT);
2395
}
2396

2397
static const struct file_operations smk_load2_ops = {
2398
	.open           = smk_open_load2,
2399
	.read		= seq_read,
2400
	.llseek         = seq_lseek,
2401
	.write		= smk_write_load2,
2402
	.release        = seq_release,
2403
};
2404

2405
/*
2406
 * Seq_file read operations for /smack/load-self2
2407
 */
2408

2409
static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
2410
{
2411
	struct task_smack *tsp = smack_cred(current_cred());
2412

2413
	return smk_seq_start(s, pos, &tsp->smk_rules);
2414
}
2415

2416
static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
2417
{
2418
	struct task_smack *tsp = smack_cred(current_cred());
2419

2420
	return smk_seq_next(s, v, pos, &tsp->smk_rules);
2421
}
2422

2423
static int load_self2_seq_show(struct seq_file *s, void *v)
2424
{
2425
	struct list_head *list = v;
2426
	struct smack_rule *srp =
2427
		list_entry_rcu(list, struct smack_rule, list);
2428

2429
	smk_rule_show(s, srp, SMK_LONGLABEL);
2430

2431
	return 0;
2432
}
2433

2434
static const struct seq_operations load_self2_seq_ops = {
2435
	.start = load_self2_seq_start,
2436
	.next  = load_self2_seq_next,
2437
	.show  = load_self2_seq_show,
2438
	.stop  = smk_seq_stop,
2439
};
2440

2441
/**
2442
 * smk_open_load_self2 - open() for /smack/load-self2
2443
 * @inode: inode structure representing file
2444
 * @file: "load" file pointer
2445
 *
2446
 * For reading, use load_seq_* seq_file reading operations.
2447
 */
2448
static int smk_open_load_self2(struct inode *inode, struct file *file)
2449
{
2450
	return seq_open(file, &load_self2_seq_ops);
2451
}
2452

2453
/**
2454
 * smk_write_load_self2 - write() for /smack/load-self2
2455
 * @file: file pointer, not actually used
2456
 * @buf: where to get the data from
2457
 * @count: bytes sent
2458
 * @ppos: where to start - must be 0
2459
 *
2460
 */
2461
static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
2462
			      size_t count, loff_t *ppos)
2463
{
2464
	struct task_smack *tsp = smack_cred(current_cred());
2465

2466
	return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
2467
				    &tsp->smk_rules_lock, SMK_LONG_FMT);
2468
}
2469

2470
static const struct file_operations smk_load_self2_ops = {
2471
	.open           = smk_open_load_self2,
2472
	.read		= seq_read,
2473
	.llseek         = seq_lseek,
2474
	.write		= smk_write_load_self2,
2475
	.release        = seq_release,
2476
};
2477

2478
/**
2479
 * smk_write_access2 - handle access check transaction
2480
 * @file: file pointer
2481
 * @buf: data from user space
2482
 * @count: bytes sent
2483
 * @ppos: where to start - must be 0
2484
 */
2485
static ssize_t smk_write_access2(struct file *file, const char __user *buf,
2486
					size_t count, loff_t *ppos)
2487
{
2488
	return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
2489
}
2490

2491
static const struct file_operations smk_access2_ops = {
2492
	.write		= smk_write_access2,
2493
	.read		= simple_transaction_read,
2494
	.release	= simple_transaction_release,
2495
	.llseek		= generic_file_llseek,
2496
};
2497

2498
/**
2499
 * smk_write_revoke_subj - write() for /smack/revoke-subject
2500
 * @file: file pointer
2501
 * @buf: data from user space
2502
 * @count: bytes sent
2503
 * @ppos: where to start - must be 0
2504
 */
2505
static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
2506
				size_t count, loff_t *ppos)
2507
{
2508
	char *data;
2509
	const char *cp;
2510
	struct smack_known *skp;
2511
	struct smack_rule *sp;
2512
	struct list_head *rule_list;
2513
	struct mutex *rule_lock;
2514
	int rc = count;
2515

2516
	if (*ppos != 0)
2517
		return -EINVAL;
2518

2519
	if (!smack_privileged(CAP_MAC_ADMIN))
2520
		return -EPERM;
2521

2522
	if (count == 0 || count > SMK_LONGLABEL)
2523
		return -EINVAL;
2524

2525
	data = memdup_user(buf, count);
2526
	if (IS_ERR(data))
2527
		return PTR_ERR(data);
2528

2529
	cp = smk_parse_smack(data, count);
2530
	if (IS_ERR(cp)) {
2531
		rc = PTR_ERR(cp);
2532
		goto out_data;
2533
	}
2534

2535
	skp = smk_find_entry(cp);
2536
	if (skp == NULL)
2537
		goto out_cp;
2538

2539
	rule_list = &skp->smk_rules;
2540
	rule_lock = &skp->smk_rules_lock;
2541

2542
	mutex_lock(rule_lock);
2543

2544
	list_for_each_entry_rcu(sp, rule_list, list)
2545
		sp->smk_access = 0;
2546

2547
	mutex_unlock(rule_lock);
2548

2549
out_cp:
2550
	kfree(cp);
2551
out_data:
2552
	kfree(data);
2553

2554
	return rc;
2555
}
2556

2557
static const struct file_operations smk_revoke_subj_ops = {
2558
	.write		= smk_write_revoke_subj,
2559
	.read		= simple_transaction_read,
2560
	.release	= simple_transaction_release,
2561
	.llseek		= generic_file_llseek,
2562
};
2563

2564
/**
2565
 * smk_init_sysfs - initialize /sys/fs/smackfs
2566
 *
2567
 */
2568
static int smk_init_sysfs(void)
2569
{
2570
	return sysfs_create_mount_point(fs_kobj, "smackfs");
2571
}
2572

2573
/**
2574
 * smk_write_change_rule - write() for /smack/change-rule
2575
 * @file: file pointer
2576
 * @buf: data from user space
2577
 * @count: bytes sent
2578
 * @ppos: where to start - must be 0
2579
 */
2580
static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
2581
				size_t count, loff_t *ppos)
2582
{
2583
	/*
2584
	 * Must have privilege.
2585
	 */
2586
	if (!smack_privileged(CAP_MAC_ADMIN))
2587
		return -EPERM;
2588

2589
	return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
2590
				    SMK_CHANGE_FMT);
2591
}
2592

2593
static const struct file_operations smk_change_rule_ops = {
2594
	.write		= smk_write_change_rule,
2595
	.read		= simple_transaction_read,
2596
	.release	= simple_transaction_release,
2597
	.llseek		= generic_file_llseek,
2598
};
2599

2600
/**
2601
 * smk_read_syslog - read() for smackfs/syslog
2602
 * @filp: file pointer, not actually used
2603
 * @buf: where to put the result
2604
 * @cn: maximum to send along
2605
 * @ppos: where to start
2606
 *
2607
 * Returns number of bytes read or error code, as appropriate
2608
 */
2609
static ssize_t smk_read_syslog(struct file *filp, char __user *buf,
2610
				size_t cn, loff_t *ppos)
2611
{
2612
	struct smack_known *skp;
2613
	ssize_t rc = -EINVAL;
2614
	int asize;
2615

2616
	if (*ppos != 0)
2617
		return 0;
2618

2619
	if (smack_syslog_label == NULL)
2620
		skp = &smack_known_star;
2621
	else
2622
		skp = smack_syslog_label;
2623

2624
	asize = strlen(skp->smk_known) + 1;
2625

2626
	if (cn >= asize)
2627
		rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known,
2628
						asize);
2629

2630
	return rc;
2631
}
2632

2633
/**
2634
 * smk_write_syslog - write() for smackfs/syslog
2635
 * @file: file pointer, not actually used
2636
 * @buf: where to get the data from
2637
 * @count: bytes sent
2638
 * @ppos: where to start
2639
 *
2640
 * Returns number of bytes written or error code, as appropriate
2641
 */
2642
static ssize_t smk_write_syslog(struct file *file, const char __user *buf,
2643
				size_t count, loff_t *ppos)
2644
{
2645
	char *data;
2646
	struct smack_known *skp;
2647
	int rc = count;
2648

2649
	if (!smack_privileged(CAP_MAC_ADMIN))
2650
		return -EPERM;
2651

2652
	/* Enough data must be present */
2653
	if (count == 0 || count > PAGE_SIZE)
2654
		return -EINVAL;
2655

2656
	data = memdup_user_nul(buf, count);
2657
	if (IS_ERR(data))
2658
		return PTR_ERR(data);
2659

2660
	skp = smk_import_entry(data, count);
2661
	if (IS_ERR(skp))
2662
		rc = PTR_ERR(skp);
2663
	else
2664
		smack_syslog_label = skp;
2665

2666
	kfree(data);
2667
	return rc;
2668
}
2669

2670
static const struct file_operations smk_syslog_ops = {
2671
	.read		= smk_read_syslog,
2672
	.write		= smk_write_syslog,
2673
	.llseek		= default_llseek,
2674
};
2675

2676
/*
2677
 * Seq_file read operations for /smack/relabel-self
2678
 */
2679

2680
static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos)
2681
{
2682
	struct task_smack *tsp = smack_cred(current_cred());
2683

2684
	return smk_seq_start(s, pos, &tsp->smk_relabel);
2685
}
2686

2687
static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
2688
{
2689
	struct task_smack *tsp = smack_cred(current_cred());
2690

2691
	return smk_seq_next(s, v, pos, &tsp->smk_relabel);
2692
}
2693

2694
static int relabel_self_seq_show(struct seq_file *s, void *v)
2695
{
2696
	struct list_head *list = v;
2697
	struct smack_known_list_elem *sklep =
2698
		list_entry(list, struct smack_known_list_elem, list);
2699

2700
	seq_puts(s, sklep->smk_label->smk_known);
2701
	seq_putc(s, ' ');
2702

2703
	return 0;
2704
}
2705

2706
static const struct seq_operations relabel_self_seq_ops = {
2707
	.start = relabel_self_seq_start,
2708
	.next  = relabel_self_seq_next,
2709
	.show  = relabel_self_seq_show,
2710
	.stop  = smk_seq_stop,
2711
};
2712

2713
/**
2714
 * smk_open_relabel_self - open() for /smack/relabel-self
2715
 * @inode: inode structure representing file
2716
 * @file: "relabel-self" file pointer
2717
 *
2718
 * Connect our relabel_self_seq_* operations with /smack/relabel-self
2719
 * file_operations
2720
 */
2721
static int smk_open_relabel_self(struct inode *inode, struct file *file)
2722
{
2723
	return seq_open(file, &relabel_self_seq_ops);
2724
}
2725

2726
/**
2727
 * smk_write_relabel_self - write() for /smack/relabel-self
2728
 * @file: file pointer, not actually used
2729
 * @buf: where to get the data from
2730
 * @count: bytes sent
2731
 * @ppos: where to start - must be 0
2732
 *
2733
 */
2734
static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf,
2735
				size_t count, loff_t *ppos)
2736
{
2737
	char *data;
2738
	int rc;
2739
	LIST_HEAD(list_tmp);
2740

2741
	/*
2742
	 * Must have privilege.
2743
	 */
2744
	if (!smack_privileged(CAP_MAC_ADMIN))
2745
		return -EPERM;
2746

2747
	/*
2748
	 * No partial write.
2749
	 * Enough data must be present.
2750
	 */
2751
	if (*ppos != 0)
2752
		return -EINVAL;
2753
	if (count == 0 || count > PAGE_SIZE)
2754
		return -EINVAL;
2755

2756
	data = memdup_user_nul(buf, count);
2757
	if (IS_ERR(data))
2758
		return PTR_ERR(data);
2759

2760
	rc = smk_parse_label_list(data, &list_tmp);
2761
	kfree(data);
2762

2763
	if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
2764
		struct cred *new;
2765
		struct task_smack *tsp;
2766

2767
		new = prepare_creds();
2768
		if (!new) {
2769
			rc = -ENOMEM;
2770
			goto out;
2771
		}
2772
		tsp = smack_cred(new);
2773
		smk_destroy_label_list(&tsp->smk_relabel);
2774
		list_splice(&list_tmp, &tsp->smk_relabel);
2775
		commit_creds(new);
2776
		return count;
2777
	}
2778
out:
2779
	smk_destroy_label_list(&list_tmp);
2780
	return rc;
2781
}
2782

2783
static const struct file_operations smk_relabel_self_ops = {
2784
	.open		= smk_open_relabel_self,
2785
	.read		= seq_read,
2786
	.llseek		= seq_lseek,
2787
	.write		= smk_write_relabel_self,
2788
	.release	= seq_release,
2789
};
2790

2791
/**
2792
 * smk_read_ptrace - read() for /smack/ptrace
2793
 * @filp: file pointer, not actually used
2794
 * @buf: where to put the result
2795
 * @count: maximum to send along
2796
 * @ppos: where to start
2797
 *
2798
 * Returns number of bytes read or error code, as appropriate
2799
 */
2800
static ssize_t smk_read_ptrace(struct file *filp, char __user *buf,
2801
			       size_t count, loff_t *ppos)
2802
{
2803
	char temp[32];
2804
	ssize_t rc;
2805

2806
	if (*ppos != 0)
2807
		return 0;
2808

2809
	sprintf(temp, "%d\n", smack_ptrace_rule);
2810
	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
2811
	return rc;
2812
}
2813

2814
/**
2815
 * smk_write_ptrace - write() for /smack/ptrace
2816
 * @file: file pointer
2817
 * @buf: data from user space
2818
 * @count: bytes sent
2819
 * @ppos: where to start - must be 0
2820
 */
2821
static ssize_t smk_write_ptrace(struct file *file, const char __user *buf,
2822
				size_t count, loff_t *ppos)
2823
{
2824
	char temp[32];
2825
	int i;
2826

2827
	if (!smack_privileged(CAP_MAC_ADMIN))
2828
		return -EPERM;
2829

2830
	if (*ppos != 0 || count >= sizeof(temp) || count == 0)
2831
		return -EINVAL;
2832

2833
	if (copy_from_user(temp, buf, count) != 0)
2834
		return -EFAULT;
2835

2836
	temp[count] = '\0';
2837

2838
	if (sscanf(temp, "%d", &i) != 1)
2839
		return -EINVAL;
2840
	if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX)
2841
		return -EINVAL;
2842
	smack_ptrace_rule = i;
2843

2844
	return count;
2845
}
2846

2847
static const struct file_operations smk_ptrace_ops = {
2848
	.write		= smk_write_ptrace,
2849
	.read		= smk_read_ptrace,
2850
	.llseek		= default_llseek,
2851
};
2852

2853
/**
2854
 * smk_fill_super - fill the smackfs superblock
2855
 * @sb: the empty superblock
2856
 * @fc: unused
2857
 *
2858
 * Fill in the well known entries for the smack filesystem
2859
 *
2860
 * Returns 0 on success, an error code on failure
2861
 */
2862
static int smk_fill_super(struct super_block *sb, struct fs_context *fc)
2863
{
2864
	int rc;
2865

2866
	static const struct tree_descr smack_files[] = {
2867
		[SMK_LOAD] = {
2868
			"load", &smk_load_ops, S_IRUGO|S_IWUSR},
2869
		[SMK_CIPSO] = {
2870
			"cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
2871
		[SMK_DOI] = {
2872
			"doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
2873
		[SMK_DIRECT] = {
2874
			"direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
2875
		[SMK_AMBIENT] = {
2876
			"ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
2877
		[SMK_NET4ADDR] = {
2878
			"netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR},
2879
		[SMK_ONLYCAP] = {
2880
			"onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
2881
#ifdef CONFIG_AUDIT
2882
		[SMK_LOGGING] = {
2883
			"logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
2884
#endif /* CONFIG_AUDIT */
2885
		[SMK_LOAD_SELF] = {
2886
			"load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
2887
		[SMK_ACCESSES] = {
2888
			"access", &smk_access_ops, S_IRUGO|S_IWUGO},
2889
		[SMK_MAPPED] = {
2890
			"mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
2891
		[SMK_LOAD2] = {
2892
			"load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
2893
		[SMK_LOAD_SELF2] = {
2894
			"load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
2895
		[SMK_ACCESS2] = {
2896
			"access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
2897
		[SMK_CIPSO2] = {
2898
			"cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
2899
		[SMK_REVOKE_SUBJ] = {
2900
			"revoke-subject", &smk_revoke_subj_ops,
2901
			S_IRUGO|S_IWUSR},
2902
		[SMK_CHANGE_RULE] = {
2903
			"change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
2904
		[SMK_SYSLOG] = {
2905
			"syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR},
2906
		[SMK_PTRACE] = {
2907
			"ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR},
2908
#ifdef CONFIG_SECURITY_SMACK_BRINGUP
2909
		[SMK_UNCONFINED] = {
2910
			"unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR},
2911
#endif
2912
#if IS_ENABLED(CONFIG_IPV6)
2913
		[SMK_NET6ADDR] = {
2914
			"ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR},
2915
#endif /* CONFIG_IPV6 */
2916
		[SMK_RELABEL_SELF] = {
2917
			"relabel-self", &smk_relabel_self_ops,
2918
				S_IRUGO|S_IWUGO},
2919
		/* last one */
2920
			{""}
2921
	};
2922

2923
	rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
2924
	if (rc != 0) {
2925
		printk(KERN_ERR "%s failed %d while creating inodes\n",
2926
			__func__, rc);
2927
		return rc;
2928
	}
2929

2930
	return 0;
2931
}
2932

2933
/**
2934
 * smk_get_tree - get the smackfs superblock
2935
 * @fc: The mount context, including any options
2936
 *
2937
 * Just passes everything along.
2938
 *
2939
 * Returns what the lower level code does.
2940
 */
2941
static int smk_get_tree(struct fs_context *fc)
2942
{
2943
	return get_tree_single(fc, smk_fill_super);
2944
}
2945

2946
static const struct fs_context_operations smk_context_ops = {
2947
	.get_tree	= smk_get_tree,
2948
};
2949

2950
/**
2951
 * smk_init_fs_context - Initialise a filesystem context for smackfs
2952
 * @fc: The blank mount context
2953
 */
2954
static int smk_init_fs_context(struct fs_context *fc)
2955
{
2956
	fc->ops = &smk_context_ops;
2957
	return 0;
2958
}
2959

2960
static struct file_system_type smk_fs_type = {
2961
	.name		= "smackfs",
2962
	.init_fs_context = smk_init_fs_context,
2963
	.kill_sb	= kill_litter_super,
2964
};
2965

2966
static struct vfsmount *smackfs_mount;
2967

2968
/**
2969
 * init_smk_fs - get the smackfs superblock
2970
 *
2971
 * register the smackfs
2972
 *
2973
 * Do not register smackfs if Smack wasn't enabled
2974
 * on boot. We can not put this method normally under the
2975
 * smack_init() code path since the security subsystem get
2976
 * initialized before the vfs caches.
2977
 *
2978
 * Returns true if we were not chosen on boot or if
2979
 * we were chosen and filesystem registration succeeded.
2980
 */
2981
static int __init init_smk_fs(void)
2982
{
2983
	int err;
2984
	int rc;
2985

2986
	if (smack_enabled == 0)
2987
		return 0;
2988

2989
	err = smk_init_sysfs();
2990
	if (err)
2991
		printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
2992

2993
	err = register_filesystem(&smk_fs_type);
2994
	if (!err) {
2995
		smackfs_mount = kern_mount(&smk_fs_type);
2996
		if (IS_ERR(smackfs_mount)) {
2997
			printk(KERN_ERR "smackfs:  could not mount!\n");
2998
			err = PTR_ERR(smackfs_mount);
2999
			smackfs_mount = NULL;
3000
		}
3001
	}
3002

3003
	smk_cipso_doi();
3004
	smk_unlbl_ambient(NULL);
3005

3006
	rc = smack_populate_secattr(&smack_known_floor);
3007
	if (err == 0 && rc < 0)
3008
		err = rc;
3009
	rc = smack_populate_secattr(&smack_known_hat);
3010
	if (err == 0 && rc < 0)
3011
		err = rc;
3012
	rc = smack_populate_secattr(&smack_known_huh);
3013
	if (err == 0 && rc < 0)
3014
		err = rc;
3015
	rc = smack_populate_secattr(&smack_known_star);
3016
	if (err == 0 && rc < 0)
3017
		err = rc;
3018
	rc = smack_populate_secattr(&smack_known_web);
3019
	if (err == 0 && rc < 0)
3020
		err = rc;
3021

3022
	return err;
3023
}
3024

3025
__initcall(init_smk_fs);
3026

3027