Commit | Line | Data |
---|---|---|
9590837b KT |
1 | /* |
2 | * security/tomoyo/common.h | |
3 | * | |
76bb0895 | 4 | * Header file for TOMOYO. |
9590837b | 5 | * |
76bb0895 | 6 | * Copyright (C) 2005-2010 NTT DATA CORPORATION |
9590837b KT |
7 | */ |
8 | ||
9 | #ifndef _SECURITY_TOMOYO_COMMON_H | |
10 | #define _SECURITY_TOMOYO_COMMON_H | |
11 | ||
12 | #include <linux/ctype.h> | |
13 | #include <linux/string.h> | |
14 | #include <linux/mm.h> | |
15 | #include <linux/file.h> | |
16 | #include <linux/kmod.h> | |
17 | #include <linux/fs.h> | |
18 | #include <linux/sched.h> | |
19 | #include <linux/namei.h> | |
20 | #include <linux/mount.h> | |
21 | #include <linux/list.h> | |
76bb0895 | 22 | #include <linux/cred.h> |
17fcfbd9 | 23 | #include <linux/poll.h> |
76bb0895 TH |
24 | struct linux_binprm; |
25 | ||
26 | /********** Constants definitions. **********/ | |
27 | ||
28 | /* | |
29 | * TOMOYO uses this hash only when appending a string into the string | |
30 | * table. Frequency of appending strings is very low. So we don't need | |
31 | * large (e.g. 64k) hash size. 256 will be sufficient. | |
32 | */ | |
33 | #define TOMOYO_HASH_BITS 8 | |
34 | #define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS) | |
35 | ||
c8c57e84 | 36 | #define TOMOYO_EXEC_TMPSIZE 4096 |
76bb0895 TH |
37 | |
38 | /* Profile number is an integer between 0 and 255. */ | |
39 | #define TOMOYO_MAX_PROFILES 256 | |
40 | ||
32997144 TH |
41 | /* Group number is an integer between 0 and 255. */ |
42 | #define TOMOYO_MAX_ACL_GROUPS 256 | |
43 | ||
b5bc60b4 | 44 | /* Index numbers for operation mode. */ |
cb0abe6a TH |
45 | enum tomoyo_mode_index { |
46 | TOMOYO_CONFIG_DISABLED, | |
47 | TOMOYO_CONFIG_LEARNING, | |
48 | TOMOYO_CONFIG_PERMISSIVE, | |
57c2590f | 49 | TOMOYO_CONFIG_ENFORCING, |
eadd99cc TH |
50 | TOMOYO_CONFIG_MAX_MODE, |
51 | TOMOYO_CONFIG_WANT_REJECT_LOG = 64, | |
52 | TOMOYO_CONFIG_WANT_GRANT_LOG = 128, | |
53 | TOMOYO_CONFIG_USE_DEFAULT = 255, | |
cb0abe6a TH |
54 | }; |
55 | ||
b5bc60b4 | 56 | /* Index numbers for entry type. */ |
a230f9e7 TH |
57 | enum tomoyo_policy_id { |
58 | TOMOYO_ID_GROUP, | |
59 | TOMOYO_ID_PATH_GROUP, | |
60 | TOMOYO_ID_NUMBER_GROUP, | |
5448ec4f | 61 | TOMOYO_ID_TRANSITION_CONTROL, |
a230f9e7 | 62 | TOMOYO_ID_AGGREGATOR, |
a230f9e7 TH |
63 | TOMOYO_ID_MANAGER, |
64 | TOMOYO_ID_NAME, | |
65 | TOMOYO_ID_ACL, | |
66 | TOMOYO_ID_DOMAIN, | |
67 | TOMOYO_MAX_POLICY | |
68 | }; | |
69 | ||
b5bc60b4 | 70 | /* Index numbers for group entries. */ |
a230f9e7 TH |
71 | enum tomoyo_group_id { |
72 | TOMOYO_PATH_GROUP, | |
73 | TOMOYO_NUMBER_GROUP, | |
74 | TOMOYO_MAX_GROUP | |
75 | }; | |
76 | ||
76bb0895 TH |
77 | /* A domain definition starts with <kernel>. */ |
78 | #define TOMOYO_ROOT_NAME "<kernel>" | |
79 | #define TOMOYO_ROOT_NAME_LEN (sizeof(TOMOYO_ROOT_NAME) - 1) | |
80 | ||
b5bc60b4 TH |
81 | /* Index numbers for type of numeric values. */ |
82 | enum tomoyo_value_type { | |
83 | TOMOYO_VALUE_TYPE_INVALID, | |
84 | TOMOYO_VALUE_TYPE_DECIMAL, | |
85 | TOMOYO_VALUE_TYPE_OCTAL, | |
86 | TOMOYO_VALUE_TYPE_HEXADECIMAL, | |
87 | }; | |
4c3e9e2d | 88 | |
b5bc60b4 | 89 | /* Index numbers for domain transition control keywords. */ |
5448ec4f TH |
90 | enum tomoyo_transition_type { |
91 | /* Do not change this order, */ | |
92 | TOMOYO_TRANSITION_CONTROL_NO_INITIALIZE, | |
93 | TOMOYO_TRANSITION_CONTROL_INITIALIZE, | |
94 | TOMOYO_TRANSITION_CONTROL_NO_KEEP, | |
95 | TOMOYO_TRANSITION_CONTROL_KEEP, | |
96 | TOMOYO_MAX_TRANSITION_TYPE | |
97 | }; | |
98 | ||
76bb0895 | 99 | /* Index numbers for Access Controls. */ |
084da356 | 100 | enum tomoyo_acl_entry_type_index { |
7ef61233 TH |
101 | TOMOYO_TYPE_PATH_ACL, |
102 | TOMOYO_TYPE_PATH2_ACL, | |
a1f9bb6a | 103 | TOMOYO_TYPE_PATH_NUMBER_ACL, |
75093152 | 104 | TOMOYO_TYPE_MKDEV_ACL, |
2106ccd9 | 105 | TOMOYO_TYPE_MOUNT_ACL, |
084da356 | 106 | }; |
76bb0895 | 107 | |
b5bc60b4 | 108 | /* Index numbers for access controls with one pathname. */ |
084da356 | 109 | enum tomoyo_path_acl_index { |
7ef61233 TH |
110 | TOMOYO_TYPE_EXECUTE, |
111 | TOMOYO_TYPE_READ, | |
112 | TOMOYO_TYPE_WRITE, | |
7c75964f | 113 | TOMOYO_TYPE_APPEND, |
7ef61233 | 114 | TOMOYO_TYPE_UNLINK, |
7c75964f | 115 | TOMOYO_TYPE_GETATTR, |
7ef61233 | 116 | TOMOYO_TYPE_RMDIR, |
7ef61233 TH |
117 | TOMOYO_TYPE_TRUNCATE, |
118 | TOMOYO_TYPE_SYMLINK, | |
7ef61233 | 119 | TOMOYO_TYPE_CHROOT, |
7ef61233 TH |
120 | TOMOYO_TYPE_UMOUNT, |
121 | TOMOYO_MAX_PATH_OPERATION | |
084da356 TH |
122 | }; |
123 | ||
eadd99cc TH |
124 | enum tomoyo_memory_stat_type { |
125 | TOMOYO_MEMORY_POLICY, | |
126 | TOMOYO_MEMORY_AUDIT, | |
127 | TOMOYO_MEMORY_QUERY, | |
128 | TOMOYO_MAX_MEMORY_STAT | |
129 | }; | |
130 | ||
75093152 | 131 | enum tomoyo_mkdev_acl_index { |
a1f9bb6a TH |
132 | TOMOYO_TYPE_MKBLOCK, |
133 | TOMOYO_TYPE_MKCHAR, | |
75093152 | 134 | TOMOYO_MAX_MKDEV_OPERATION |
a1f9bb6a TH |
135 | }; |
136 | ||
b5bc60b4 | 137 | /* Index numbers for access controls with two pathnames. */ |
084da356 | 138 | enum tomoyo_path2_acl_index { |
7ef61233 TH |
139 | TOMOYO_TYPE_LINK, |
140 | TOMOYO_TYPE_RENAME, | |
141 | TOMOYO_TYPE_PIVOT_ROOT, | |
142 | TOMOYO_MAX_PATH2_OPERATION | |
084da356 TH |
143 | }; |
144 | ||
b5bc60b4 | 145 | /* Index numbers for access controls with one pathname and one number. */ |
a1f9bb6a TH |
146 | enum tomoyo_path_number_acl_index { |
147 | TOMOYO_TYPE_CREATE, | |
148 | TOMOYO_TYPE_MKDIR, | |
149 | TOMOYO_TYPE_MKFIFO, | |
150 | TOMOYO_TYPE_MKSOCK, | |
151 | TOMOYO_TYPE_IOCTL, | |
152 | TOMOYO_TYPE_CHMOD, | |
153 | TOMOYO_TYPE_CHOWN, | |
154 | TOMOYO_TYPE_CHGRP, | |
155 | TOMOYO_MAX_PATH_NUMBER_OPERATION | |
156 | }; | |
157 | ||
b5bc60b4 | 158 | /* Index numbers for /sys/kernel/security/tomoyo/ interfaces. */ |
084da356 TH |
159 | enum tomoyo_securityfs_interface_index { |
160 | TOMOYO_DOMAINPOLICY, | |
161 | TOMOYO_EXCEPTIONPOLICY, | |
162 | TOMOYO_DOMAIN_STATUS, | |
163 | TOMOYO_PROCESS_STATUS, | |
164 | TOMOYO_MEMINFO, | |
165 | TOMOYO_SELFDOMAIN, | |
eadd99cc | 166 | TOMOYO_AUDIT, |
084da356 TH |
167 | TOMOYO_VERSION, |
168 | TOMOYO_PROFILE, | |
17fcfbd9 | 169 | TOMOYO_QUERY, |
084da356 TH |
170 | TOMOYO_MANAGER |
171 | }; | |
9590837b | 172 | |
b5bc60b4 TH |
173 | /* Index numbers for special mount operations. */ |
174 | enum tomoyo_special_mount { | |
175 | TOMOYO_MOUNT_BIND, /* mount --bind /source /dest */ | |
176 | TOMOYO_MOUNT_MOVE, /* mount --move /old /new */ | |
177 | TOMOYO_MOUNT_REMOUNT, /* mount -o remount /dir */ | |
178 | TOMOYO_MOUNT_MAKE_UNBINDABLE, /* mount --make-unbindable /dir */ | |
179 | TOMOYO_MOUNT_MAKE_PRIVATE, /* mount --make-private /dir */ | |
180 | TOMOYO_MOUNT_MAKE_SLAVE, /* mount --make-slave /dir */ | |
181 | TOMOYO_MOUNT_MAKE_SHARED, /* mount --make-shared /dir */ | |
182 | TOMOYO_MAX_SPECIAL_MOUNT | |
183 | }; | |
184 | ||
185 | /* Index numbers for functionality. */ | |
57c2590f TH |
186 | enum tomoyo_mac_index { |
187 | TOMOYO_MAC_FILE_EXECUTE, | |
188 | TOMOYO_MAC_FILE_OPEN, | |
189 | TOMOYO_MAC_FILE_CREATE, | |
190 | TOMOYO_MAC_FILE_UNLINK, | |
7c75964f | 191 | TOMOYO_MAC_FILE_GETATTR, |
57c2590f TH |
192 | TOMOYO_MAC_FILE_MKDIR, |
193 | TOMOYO_MAC_FILE_RMDIR, | |
194 | TOMOYO_MAC_FILE_MKFIFO, | |
195 | TOMOYO_MAC_FILE_MKSOCK, | |
196 | TOMOYO_MAC_FILE_TRUNCATE, | |
197 | TOMOYO_MAC_FILE_SYMLINK, | |
57c2590f TH |
198 | TOMOYO_MAC_FILE_MKBLOCK, |
199 | TOMOYO_MAC_FILE_MKCHAR, | |
200 | TOMOYO_MAC_FILE_LINK, | |
201 | TOMOYO_MAC_FILE_RENAME, | |
202 | TOMOYO_MAC_FILE_CHMOD, | |
203 | TOMOYO_MAC_FILE_CHOWN, | |
204 | TOMOYO_MAC_FILE_CHGRP, | |
205 | TOMOYO_MAC_FILE_IOCTL, | |
206 | TOMOYO_MAC_FILE_CHROOT, | |
207 | TOMOYO_MAC_FILE_MOUNT, | |
208 | TOMOYO_MAC_FILE_UMOUNT, | |
209 | TOMOYO_MAC_FILE_PIVOT_ROOT, | |
210 | TOMOYO_MAX_MAC_INDEX | |
211 | }; | |
212 | ||
b5bc60b4 | 213 | /* Index numbers for category of functionality. */ |
57c2590f TH |
214 | enum tomoyo_mac_category_index { |
215 | TOMOYO_MAC_CATEGORY_FILE, | |
216 | TOMOYO_MAX_MAC_CATEGORY_INDEX | |
217 | }; | |
218 | ||
82e0f001 | 219 | /* |
b5bc60b4 TH |
220 | * Retry this request. Returned by tomoyo_supervisor() if policy violation has |
221 | * occurred in enforcing mode and the userspace daemon decided to retry. | |
82e0f001 | 222 | * |
b5bc60b4 TH |
223 | * We must choose a positive value in order to distinguish "granted" (which is |
224 | * 0) and "rejected" (which is a negative value) and "retry". | |
82e0f001 | 225 | */ |
b5bc60b4 TH |
226 | #define TOMOYO_RETRY_REQUEST 1 |
227 | ||
d5ca1725 TH |
228 | /* Index numbers for profile's PREFERENCE values. */ |
229 | enum tomoyo_pref_index { | |
eadd99cc | 230 | TOMOYO_PREF_MAX_AUDIT_LOG, |
d5ca1725 TH |
231 | TOMOYO_PREF_MAX_LEARNING_ENTRY, |
232 | TOMOYO_MAX_PREF | |
233 | }; | |
234 | ||
b5bc60b4 TH |
235 | /********** Structure definitions. **********/ |
236 | ||
237 | /* Common header for holding ACL entries. */ | |
82e0f001 TH |
238 | struct tomoyo_acl_head { |
239 | struct list_head list; | |
240 | bool is_deleted; | |
241 | } __packed; | |
242 | ||
0df7e8b8 TH |
243 | /* Common header for shared entries. */ |
244 | struct tomoyo_shared_acl_head { | |
245 | struct list_head list; | |
246 | atomic_t users; | |
247 | } __packed; | |
248 | ||
b5bc60b4 | 249 | /* Structure for request info. */ |
cb0abe6a TH |
250 | struct tomoyo_request_info { |
251 | struct tomoyo_domain_info *domain; | |
cf6e9a64 TH |
252 | /* For holding parameters. */ |
253 | union { | |
254 | struct { | |
255 | const struct tomoyo_path_info *filename; | |
484ca79c TH |
256 | /* For using wildcards at tomoyo_find_next_domain(). */ |
257 | const struct tomoyo_path_info *matched_path; | |
b5bc60b4 | 258 | /* One of values in "enum tomoyo_path_acl_index". */ |
cf6e9a64 TH |
259 | u8 operation; |
260 | } path; | |
261 | struct { | |
262 | const struct tomoyo_path_info *filename1; | |
263 | const struct tomoyo_path_info *filename2; | |
b5bc60b4 | 264 | /* One of values in "enum tomoyo_path2_acl_index". */ |
cf6e9a64 TH |
265 | u8 operation; |
266 | } path2; | |
267 | struct { | |
268 | const struct tomoyo_path_info *filename; | |
269 | unsigned int mode; | |
270 | unsigned int major; | |
271 | unsigned int minor; | |
b5bc60b4 | 272 | /* One of values in "enum tomoyo_mkdev_acl_index". */ |
cf6e9a64 TH |
273 | u8 operation; |
274 | } mkdev; | |
275 | struct { | |
276 | const struct tomoyo_path_info *filename; | |
277 | unsigned long number; | |
b5bc60b4 TH |
278 | /* |
279 | * One of values in | |
280 | * "enum tomoyo_path_number_acl_index". | |
281 | */ | |
cf6e9a64 TH |
282 | u8 operation; |
283 | } path_number; | |
284 | struct { | |
285 | const struct tomoyo_path_info *type; | |
286 | const struct tomoyo_path_info *dir; | |
287 | const struct tomoyo_path_info *dev; | |
288 | unsigned long flags; | |
289 | int need_dev; | |
290 | } mount; | |
291 | } param; | |
292 | u8 param_type; | |
293 | bool granted; | |
17fcfbd9 TH |
294 | u8 retry; |
295 | u8 profile; | |
cb0abe6a | 296 | u8 mode; /* One of tomoyo_mode_index . */ |
57c2590f | 297 | u8 type; |
cb0abe6a TH |
298 | }; |
299 | ||
b5bc60b4 | 300 | /* Structure for holding a token. */ |
9590837b KT |
301 | struct tomoyo_path_info { |
302 | const char *name; | |
303 | u32 hash; /* = full_name_hash(name, strlen(name)) */ | |
9590837b KT |
304 | u16 const_len; /* = tomoyo_const_part_length(name) */ |
305 | bool is_dir; /* = tomoyo_strendswith(name, "/") */ | |
306 | bool is_patterned; /* = tomoyo_path_contains_pattern(name) */ | |
9590837b KT |
307 | }; |
308 | ||
b5bc60b4 | 309 | /* Structure for holding string data. */ |
e2bf6907 | 310 | struct tomoyo_name { |
0df7e8b8 | 311 | struct tomoyo_shared_acl_head head; |
76bb0895 TH |
312 | struct tomoyo_path_info entry; |
313 | }; | |
9590837b | 314 | |
b5bc60b4 | 315 | /* Structure for holding a word. */ |
7762fbff | 316 | struct tomoyo_name_union { |
b5bc60b4 | 317 | /* Either @filename or @group is NULL. */ |
7762fbff | 318 | const struct tomoyo_path_info *filename; |
a98aa4de | 319 | struct tomoyo_group *group; |
7762fbff TH |
320 | }; |
321 | ||
b5bc60b4 | 322 | /* Structure for holding a number. */ |
4c3e9e2d TH |
323 | struct tomoyo_number_union { |
324 | unsigned long values[2]; | |
b5bc60b4 TH |
325 | struct tomoyo_group *group; /* Maybe NULL. */ |
326 | /* One of values in "enum tomoyo_value_type". */ | |
0df7e8b8 | 327 | u8 value_type[2]; |
4c3e9e2d TH |
328 | }; |
329 | ||
a98aa4de TH |
330 | /* Structure for "path_group"/"number_group" directive. */ |
331 | struct tomoyo_group { | |
0df7e8b8 | 332 | struct tomoyo_shared_acl_head head; |
4c3e9e2d TH |
333 | const struct tomoyo_path_info *group_name; |
334 | struct list_head member_list; | |
4c3e9e2d TH |
335 | }; |
336 | ||
7762fbff | 337 | /* Structure for "path_group" directive. */ |
a98aa4de | 338 | struct tomoyo_path_group { |
82e0f001 | 339 | struct tomoyo_acl_head head; |
7762fbff TH |
340 | const struct tomoyo_path_info *member_name; |
341 | }; | |
342 | ||
4c3e9e2d | 343 | /* Structure for "number_group" directive. */ |
a98aa4de | 344 | struct tomoyo_number_group { |
82e0f001 | 345 | struct tomoyo_acl_head head; |
4c3e9e2d TH |
346 | struct tomoyo_number_union number; |
347 | }; | |
348 | ||
b5bc60b4 | 349 | /* Common header for individual entries. */ |
9590837b KT |
350 | struct tomoyo_acl_info { |
351 | struct list_head list; | |
237ab459 | 352 | bool is_deleted; |
b5bc60b4 | 353 | u8 type; /* One of values in "enum tomoyo_acl_entry_type_index". */ |
9590837b KT |
354 | } __packed; |
355 | ||
b5bc60b4 | 356 | /* Structure for domain information. */ |
9590837b KT |
357 | struct tomoyo_domain_info { |
358 | struct list_head list; | |
359 | struct list_head acl_info_list; | |
360 | /* Name of this domain. Never NULL. */ | |
361 | const struct tomoyo_path_info *domainname; | |
362 | u8 profile; /* Profile number to use. */ | |
32997144 | 363 | u8 group; /* Group number to use. */ |
a0558fc3 | 364 | bool is_deleted; /* Delete flag. */ |
9590837b | 365 | bool quota_warned; /* Quota warnning flag. */ |
ea13ddba | 366 | bool transition_failed; /* Domain transition failed flag. */ |
ec8e6a4e | 367 | atomic_t users; /* Number of referring credentials. */ |
9590837b KT |
368 | }; |
369 | ||
9590837b | 370 | /* |
b5bc60b4 TH |
371 | * Structure for "file execute", "file read", "file write", "file append", |
372 | * "file unlink", "file getattr", "file rmdir", "file truncate", | |
373 | * "file symlink", "file chroot" and "file unmount" directive. | |
9590837b | 374 | */ |
7ef61233 TH |
375 | struct tomoyo_path_acl { |
376 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */ | |
b5bc60b4 | 377 | u16 perm; /* Bitmask of values in "enum tomoyo_path_acl_index". */ |
7762fbff | 378 | struct tomoyo_name_union name; |
9590837b KT |
379 | }; |
380 | ||
a1f9bb6a | 381 | /* |
b5bc60b4 TH |
382 | * Structure for "file create", "file mkdir", "file mkfifo", "file mksock", |
383 | * "file ioctl", "file chmod", "file chown" and "file chgrp" directive. | |
a1f9bb6a TH |
384 | */ |
385 | struct tomoyo_path_number_acl { | |
386 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_NUMBER_ACL */ | |
b5bc60b4 | 387 | /* Bitmask of values in "enum tomoyo_path_number_acl_index". */ |
a1f9bb6a TH |
388 | u8 perm; |
389 | struct tomoyo_name_union name; | |
390 | struct tomoyo_number_union number; | |
391 | }; | |
392 | ||
b5bc60b4 | 393 | /* Structure for "file mkblock" and "file mkchar" directive. */ |
75093152 TH |
394 | struct tomoyo_mkdev_acl { |
395 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MKDEV_ACL */ | |
b5bc60b4 | 396 | u8 perm; /* Bitmask of values in "enum tomoyo_mkdev_acl_index". */ |
a1f9bb6a TH |
397 | struct tomoyo_name_union name; |
398 | struct tomoyo_number_union mode; | |
399 | struct tomoyo_number_union major; | |
400 | struct tomoyo_number_union minor; | |
401 | }; | |
402 | ||
c3fa109a | 403 | /* |
b5bc60b4 | 404 | * Structure for "file rename", "file link" and "file pivot_root" directive. |
c3fa109a | 405 | */ |
7ef61233 TH |
406 | struct tomoyo_path2_acl { |
407 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH2_ACL */ | |
b5bc60b4 | 408 | u8 perm; /* Bitmask of values in "enum tomoyo_path2_acl_index". */ |
7762fbff TH |
409 | struct tomoyo_name_union name1; |
410 | struct tomoyo_name_union name2; | |
9590837b KT |
411 | }; |
412 | ||
b5bc60b4 | 413 | /* Structure for "file mount" directive. */ |
2106ccd9 TH |
414 | struct tomoyo_mount_acl { |
415 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MOUNT_ACL */ | |
2106ccd9 TH |
416 | struct tomoyo_name_union dev_name; |
417 | struct tomoyo_name_union dir_name; | |
418 | struct tomoyo_name_union fs_type; | |
419 | struct tomoyo_number_union flags; | |
420 | }; | |
421 | ||
a238cf5b TH |
422 | /* Structure for holding a line from /sys/kernel/security/tomoyo/ interface. */ |
423 | struct tomoyo_acl_param { | |
424 | char *data; | |
425 | struct list_head *list; | |
426 | bool is_delete; | |
427 | }; | |
428 | ||
0d2171d7 | 429 | #define TOMOYO_MAX_IO_READ_QUEUE 64 |
f23571e8 | 430 | |
c3fa109a | 431 | /* |
f23571e8 TH |
432 | * Structure for reading/writing policy via /sys/kernel/security/tomoyo |
433 | * interfaces. | |
c3fa109a | 434 | */ |
9590837b | 435 | struct tomoyo_io_buffer { |
8fbe71f0 | 436 | void (*read) (struct tomoyo_io_buffer *); |
9590837b | 437 | int (*write) (struct tomoyo_io_buffer *); |
17fcfbd9 | 438 | int (*poll) (struct file *file, poll_table *wait); |
9590837b KT |
439 | /* Exclusive lock for this structure. */ |
440 | struct mutex io_sem; | |
fdb8ebb7 TH |
441 | /* Index returned by tomoyo_read_lock(). */ |
442 | int reader_idx; | |
f23571e8 TH |
443 | char __user *read_user_buf; |
444 | int read_user_buf_avail; | |
445 | struct { | |
446 | struct list_head *domain; | |
447 | struct list_head *group; | |
448 | struct list_head *acl; | |
449 | int avail; | |
450 | int step; | |
451 | int query_index; | |
452 | u16 index; | |
32997144 | 453 | u8 acl_group_index; |
f23571e8 TH |
454 | u8 bit; |
455 | u8 w_pos; | |
456 | bool eof; | |
457 | bool print_this_domain_only; | |
458 | bool print_execute_only; | |
459 | const char *w[TOMOYO_MAX_IO_READ_QUEUE]; | |
460 | } r; | |
0df7e8b8 TH |
461 | struct { |
462 | /* The position currently writing to. */ | |
463 | struct tomoyo_domain_info *domain; | |
464 | /* Bytes available for writing. */ | |
465 | int avail; | |
466 | } w; | |
9590837b KT |
467 | /* Buffer for reading. */ |
468 | char *read_buf; | |
9590837b KT |
469 | /* Size of read buffer. */ |
470 | int readbuf_size; | |
471 | /* Buffer for writing. */ | |
472 | char *write_buf; | |
9590837b KT |
473 | /* Size of write buffer. */ |
474 | int writebuf_size; | |
17fcfbd9 TH |
475 | /* Type of this interface. */ |
476 | u8 type; | |
9590837b KT |
477 | }; |
478 | ||
76bb0895 | 479 | /* |
b5bc60b4 TH |
480 | * Structure for "initialize_domain"/"no_initialize_domain"/"keep_domain"/ |
481 | * "no_keep_domain" keyword. | |
76bb0895 | 482 | */ |
5448ec4f | 483 | struct tomoyo_transition_control { |
82e0f001 | 484 | struct tomoyo_acl_head head; |
5448ec4f | 485 | u8 type; /* One of values in "enum tomoyo_transition_type". */ |
76bb0895 TH |
486 | /* True if the domainname is tomoyo_get_last_name(). */ |
487 | bool is_last_name; | |
5448ec4f TH |
488 | const struct tomoyo_path_info *domainname; /* Maybe NULL */ |
489 | const struct tomoyo_path_info *program; /* Maybe NULL */ | |
76bb0895 TH |
490 | }; |
491 | ||
b5bc60b4 | 492 | /* Structure for "aggregator" keyword. */ |
e2bf6907 | 493 | struct tomoyo_aggregator { |
82e0f001 | 494 | struct tomoyo_acl_head head; |
1084307c TH |
495 | const struct tomoyo_path_info *original_name; |
496 | const struct tomoyo_path_info *aggregated_name; | |
1084307c TH |
497 | }; |
498 | ||
b5bc60b4 | 499 | /* Structure for policy manager. */ |
e2bf6907 | 500 | struct tomoyo_manager { |
82e0f001 TH |
501 | struct tomoyo_acl_head head; |
502 | bool is_domain; /* True if manager is a domainname. */ | |
76bb0895 TH |
503 | /* A path to program or a domainname. */ |
504 | const struct tomoyo_path_info *manager; | |
76bb0895 TH |
505 | }; |
506 | ||
57c2590f TH |
507 | struct tomoyo_preference { |
508 | unsigned int learning_max_entry; | |
509 | bool enforcing_verbose; | |
510 | bool learning_verbose; | |
511 | bool permissive_verbose; | |
512 | }; | |
513 | ||
b5bc60b4 | 514 | /* Structure for /sys/kernel/security/tomnoyo/profile interface. */ |
57c2590f TH |
515 | struct tomoyo_profile { |
516 | const struct tomoyo_path_info *comment; | |
517 | struct tomoyo_preference *learning; | |
518 | struct tomoyo_preference *permissive; | |
519 | struct tomoyo_preference *enforcing; | |
520 | struct tomoyo_preference preference; | |
521 | u8 default_config; | |
522 | u8 config[TOMOYO_MAX_MAC_INDEX + TOMOYO_MAX_MAC_CATEGORY_INDEX]; | |
d5ca1725 | 523 | unsigned int pref[TOMOYO_MAX_PREF]; |
57c2590f TH |
524 | }; |
525 | ||
eadd99cc TH |
526 | /* Structure for representing YYYY/MM/DD hh/mm/ss. */ |
527 | struct tomoyo_time { | |
528 | u16 year; | |
529 | u8 month; | |
530 | u8 day; | |
531 | u8 hour; | |
532 | u8 min; | |
533 | u8 sec; | |
534 | }; | |
535 | ||
76bb0895 TH |
536 | /********** Function prototypes. **********/ |
537 | ||
c3ef1500 | 538 | bool tomoyo_str_starts(char **src, const char *find); |
c3ef1500 | 539 | const char *tomoyo_get_exe(void); |
c3ef1500 | 540 | void tomoyo_normalize_line(unsigned char *buffer); |
c3ef1500 | 541 | void tomoyo_check_profile(void); |
c3ef1500 | 542 | int tomoyo_open_control(const u8 type, struct file *file); |
0df7e8b8 | 543 | int tomoyo_close_control(struct tomoyo_io_buffer *head); |
0849e3ba | 544 | int tomoyo_poll_control(struct file *file, poll_table *wait); |
0df7e8b8 | 545 | int tomoyo_read_control(struct tomoyo_io_buffer *head, char __user *buffer, |
c3ef1500 | 546 | const int buffer_len); |
0df7e8b8 TH |
547 | int tomoyo_write_control(struct tomoyo_io_buffer *head, |
548 | const char __user *buffer, const int buffer_len); | |
c3ef1500 | 549 | bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r); |
c3ef1500 | 550 | void tomoyo_warn_oom(const char *function); |
484ca79c TH |
551 | const struct tomoyo_path_info * |
552 | tomoyo_compare_name_union(const struct tomoyo_path_info *name, | |
553 | const struct tomoyo_name_union *ptr); | |
2106ccd9 TH |
554 | bool tomoyo_compare_number_union(const unsigned long value, |
555 | const struct tomoyo_number_union *ptr); | |
57c2590f | 556 | int tomoyo_get_mode(const u8 profile, const u8 index); |
f23571e8 | 557 | void tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...) |
9590837b | 558 | __attribute__ ((format(printf, 2, 3))); |
75093152 | 559 | bool tomoyo_correct_domain(const unsigned char *domainname); |
75093152 TH |
560 | bool tomoyo_correct_path(const char *filename); |
561 | bool tomoyo_correct_word(const char *string); | |
75093152 | 562 | bool tomoyo_domain_def(const unsigned char *buffer); |
a238cf5b | 563 | bool tomoyo_parse_name_union(struct tomoyo_acl_param *param, |
7762fbff | 564 | struct tomoyo_name_union *ptr); |
484ca79c TH |
565 | const struct tomoyo_path_info * |
566 | tomoyo_path_matches_group(const struct tomoyo_path_info *pathname, | |
567 | const struct tomoyo_group *group); | |
4c3e9e2d TH |
568 | bool tomoyo_number_matches_group(const unsigned long min, |
569 | const unsigned long max, | |
a98aa4de | 570 | const struct tomoyo_group *group); |
9590837b KT |
571 | bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename, |
572 | const struct tomoyo_path_info *pattern); | |
a238cf5b TH |
573 | bool tomoyo_parse_number_union(struct tomoyo_acl_param *param, |
574 | struct tomoyo_number_union *ptr); | |
7762fbff | 575 | bool tomoyo_tokenize(char *buffer, char *w[], size_t size); |
9590837b | 576 | bool tomoyo_verbose_mode(const struct tomoyo_domain_info *domain); |
2106ccd9 | 577 | int tomoyo_init_request_info(struct tomoyo_request_info *r, |
57c2590f TH |
578 | struct tomoyo_domain_info *domain, |
579 | const u8 index); | |
b5bc60b4 TH |
580 | int tomoyo_mount_permission(char *dev_name, struct path *path, |
581 | const char *type, unsigned long flags, | |
582 | void *data_page); | |
a238cf5b TH |
583 | int tomoyo_write_aggregator(struct tomoyo_acl_param *param); |
584 | int tomoyo_write_transition_control(struct tomoyo_acl_param *param, | |
5448ec4f | 585 | const u8 type); |
a238cf5b TH |
586 | int tomoyo_write_file(struct tomoyo_acl_param *param); |
587 | int tomoyo_write_group(struct tomoyo_acl_param *param, const u8 type); | |
17fcfbd9 TH |
588 | int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...) |
589 | __attribute__ ((format(printf, 2, 3))); | |
9590837b | 590 | struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname); |
e2bf6907 TH |
591 | struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname, |
592 | const u8 profile); | |
57c2590f | 593 | struct tomoyo_profile *tomoyo_profile(const u8 profile); |
a238cf5b TH |
594 | struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param, |
595 | const u8 idx); | |
9590837b KT |
596 | unsigned int tomoyo_check_flags(const struct tomoyo_domain_info *domain, |
597 | const u8 index); | |
9590837b | 598 | void tomoyo_fill_path_info(struct tomoyo_path_info *ptr); |
9590837b | 599 | void tomoyo_load_policy(const char *filename); |
4c3e9e2d | 600 | void tomoyo_put_number_union(struct tomoyo_number_union *ptr); |
c8c57e84 | 601 | char *tomoyo_encode(const char *str); |
0617c7ff | 602 | char *tomoyo_realpath_nofollow(const char *pathname); |
76bb0895 | 603 | char *tomoyo_realpath_from_path(struct path *path); |
76bb0895 | 604 | bool tomoyo_memory_ok(void *ptr); |
9e4b50e9 | 605 | void *tomoyo_commit_ok(void *data, const unsigned int size); |
76bb0895 | 606 | const struct tomoyo_path_info *tomoyo_get_name(const char *name); |
8fbe71f0 | 607 | void tomoyo_read_memory_counter(struct tomoyo_io_buffer *head); |
76bb0895 | 608 | int tomoyo_write_memory_quota(struct tomoyo_io_buffer *head); |
c3ef1500 | 609 | void __init tomoyo_mm_init(void); |
05336dee | 610 | int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, |
76bb0895 TH |
611 | const struct tomoyo_path_info *filename); |
612 | int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |
613 | struct path *path, const int flag); | |
a1f9bb6a TH |
614 | int tomoyo_path_number_perm(const u8 operation, struct path *path, |
615 | unsigned long number); | |
75093152 TH |
616 | int tomoyo_mkdev_perm(const u8 operation, struct path *path, |
617 | const unsigned int mode, unsigned int dev); | |
97d6931e TH |
618 | int tomoyo_path_perm(const u8 operation, struct path *path); |
619 | int tomoyo_path2_perm(const u8 operation, struct path *path1, | |
620 | struct path *path2); | |
76bb0895 | 621 | int tomoyo_find_next_domain(struct linux_binprm *bprm); |
a1f9bb6a TH |
622 | void tomoyo_print_ulong(char *buffer, const int buffer_len, |
623 | const unsigned long value, const u8 type); | |
7762fbff | 624 | void tomoyo_put_name_union(struct tomoyo_name_union *ptr); |
847b173e | 625 | void tomoyo_run_gc(void); |
847b173e | 626 | void tomoyo_memory_free(void *ptr); |
237ab459 | 627 | int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, |
a238cf5b | 628 | struct tomoyo_acl_param *param, |
237ab459 TH |
629 | bool (*check_duplicate) (const struct tomoyo_acl_info |
630 | *, | |
631 | const struct tomoyo_acl_info | |
632 | *), | |
633 | bool (*merge_duplicate) (struct tomoyo_acl_info *, | |
634 | struct tomoyo_acl_info *, | |
635 | const bool)); | |
36f5e1ff | 636 | int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, |
a238cf5b | 637 | struct tomoyo_acl_param *param, |
36f5e1ff TH |
638 | bool (*check_duplicate) (const struct tomoyo_acl_head |
639 | *, | |
640 | const struct tomoyo_acl_head | |
641 | *)); | |
99a85259 | 642 | void tomoyo_check_acl(struct tomoyo_request_info *r, |
484ca79c | 643 | bool (*check_entry) (struct tomoyo_request_info *, |
99a85259 | 644 | const struct tomoyo_acl_info *)); |
a238cf5b TH |
645 | char *tomoyo_read_token(struct tomoyo_acl_param *param); |
646 | bool tomoyo_permstr(const char *string, const char *keyword); | |
237ab459 | 647 | |
eadd99cc TH |
648 | const char *tomoyo_yesno(const unsigned int value); |
649 | void tomoyo_write_log2(struct tomoyo_request_info *r, int len, const char *fmt, | |
650 | va_list args); | |
651 | void tomoyo_read_log(struct tomoyo_io_buffer *head); | |
652 | int tomoyo_poll_log(struct file *file, poll_table *wait); | |
653 | char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt, | |
654 | va_list args); | |
655 | ||
76bb0895 TH |
656 | /********** External variable definitions. **********/ |
657 | ||
658 | /* Lock for GC. */ | |
659 | extern struct srcu_struct tomoyo_ss; | |
660 | ||
661 | /* The list for "struct tomoyo_domain_info". */ | |
662 | extern struct list_head tomoyo_domain_list; | |
663 | ||
a230f9e7 TH |
664 | extern struct list_head tomoyo_policy_list[TOMOYO_MAX_POLICY]; |
665 | extern struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP]; | |
847b173e | 666 | extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; |
847b173e | 667 | |
76bb0895 TH |
668 | /* Lock for protecting policy. */ |
669 | extern struct mutex tomoyo_policy_lock; | |
670 | ||
671 | /* Has /sbin/init started? */ | |
672 | extern bool tomoyo_policy_loaded; | |
673 | ||
32997144 TH |
674 | extern struct list_head tomoyo_acl_group[TOMOYO_MAX_ACL_GROUPS]; |
675 | ||
76bb0895 TH |
676 | /* The kernel's domain. */ |
677 | extern struct tomoyo_domain_info tomoyo_kernel_domain; | |
678 | ||
71c28236 TH |
679 | extern const char *tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION]; |
680 | extern const char *tomoyo_mkdev_keyword[TOMOYO_MAX_MKDEV_OPERATION]; | |
681 | extern const char *tomoyo_path2_keyword[TOMOYO_MAX_PATH2_OPERATION]; | |
682 | extern const char *tomoyo_path_number_keyword[TOMOYO_MAX_PATH_NUMBER_OPERATION]; | |
683 | ||
0d2171d7 TH |
684 | extern const u8 tomoyo_pnnn2mac[TOMOYO_MAX_MKDEV_OPERATION]; |
685 | extern const u8 tomoyo_pp2mac[TOMOYO_MAX_PATH2_OPERATION]; | |
686 | extern const u8 tomoyo_pn2mac[TOMOYO_MAX_PATH_NUMBER_OPERATION]; | |
687 | ||
eadd99cc TH |
688 | extern const char * const tomoyo_mode[TOMOYO_CONFIG_MAX_MODE]; |
689 | extern unsigned int tomoyo_memory_quota[TOMOYO_MAX_MEMORY_STAT]; | |
690 | extern unsigned int tomoyo_memory_used[TOMOYO_MAX_MEMORY_STAT]; | |
17fcfbd9 | 691 | |
76bb0895 TH |
692 | /********** Inlined functions. **********/ |
693 | ||
b5bc60b4 TH |
694 | /** |
695 | * tomoyo_read_lock - Take lock for protecting policy. | |
696 | * | |
697 | * Returns index number for tomoyo_read_unlock(). | |
698 | */ | |
76bb0895 TH |
699 | static inline int tomoyo_read_lock(void) |
700 | { | |
701 | return srcu_read_lock(&tomoyo_ss); | |
702 | } | |
703 | ||
b5bc60b4 TH |
704 | /** |
705 | * tomoyo_read_unlock - Release lock for protecting policy. | |
706 | * | |
707 | * @idx: Index number returned by tomoyo_read_lock(). | |
708 | * | |
709 | * Returns nothing. | |
710 | */ | |
76bb0895 TH |
711 | static inline void tomoyo_read_unlock(int idx) |
712 | { | |
713 | srcu_read_unlock(&tomoyo_ss, idx); | |
714 | } | |
715 | ||
b5bc60b4 TH |
716 | /** |
717 | * tomoyo_pathcmp - strcmp() for "struct tomoyo_path_info" structure. | |
718 | * | |
719 | * @a: Pointer to "struct tomoyo_path_info". | |
720 | * @b: Pointer to "struct tomoyo_path_info". | |
721 | * | |
722 | * Returns true if @a == @b, false otherwise. | |
723 | */ | |
9590837b KT |
724 | static inline bool tomoyo_pathcmp(const struct tomoyo_path_info *a, |
725 | const struct tomoyo_path_info *b) | |
726 | { | |
727 | return a->hash != b->hash || strcmp(a->name, b->name); | |
728 | } | |
729 | ||
b5bc60b4 TH |
730 | /** |
731 | * tomoyo_put_name - Drop reference on "struct tomoyo_name". | |
732 | * | |
733 | * @name: Pointer to "struct tomoyo_path_info". Maybe NULL. | |
734 | * | |
735 | * Returns nothing. | |
736 | */ | |
76bb0895 TH |
737 | static inline void tomoyo_put_name(const struct tomoyo_path_info *name) |
738 | { | |
739 | if (name) { | |
e2bf6907 TH |
740 | struct tomoyo_name *ptr = |
741 | container_of(name, typeof(*ptr), entry); | |
0df7e8b8 | 742 | atomic_dec(&ptr->head.users); |
76bb0895 TH |
743 | } |
744 | } | |
9590837b | 745 | |
b5bc60b4 TH |
746 | /** |
747 | * tomoyo_put_group - Drop reference on "struct tomoyo_group". | |
748 | * | |
749 | * @group: Pointer to "struct tomoyo_group". Maybe NULL. | |
750 | * | |
751 | * Returns nothing. | |
752 | */ | |
a98aa4de | 753 | static inline void tomoyo_put_group(struct tomoyo_group *group) |
4c3e9e2d TH |
754 | { |
755 | if (group) | |
0df7e8b8 | 756 | atomic_dec(&group->head.users); |
4c3e9e2d TH |
757 | } |
758 | ||
b5bc60b4 TH |
759 | /** |
760 | * tomoyo_domain - Get "struct tomoyo_domain_info" for current thread. | |
761 | * | |
762 | * Returns pointer to "struct tomoyo_domain_info" for current thread. | |
763 | */ | |
76bb0895 TH |
764 | static inline struct tomoyo_domain_info *tomoyo_domain(void) |
765 | { | |
766 | return current_cred()->security; | |
767 | } | |
9590837b | 768 | |
b5bc60b4 TH |
769 | /** |
770 | * tomoyo_real_domain - Get "struct tomoyo_domain_info" for specified thread. | |
771 | * | |
772 | * @task: Pointer to "struct task_struct". | |
773 | * | |
774 | * Returns pointer to "struct tomoyo_security" for specified thread. | |
775 | */ | |
76bb0895 TH |
776 | static inline struct tomoyo_domain_info *tomoyo_real_domain(struct task_struct |
777 | *task) | |
778 | { | |
779 | return task_cred_xxx(task, security); | |
780 | } | |
9590837b | 781 | |
b5bc60b4 TH |
782 | /** |
783 | * tomoyo_same_name_union - Check for duplicated "struct tomoyo_name_union" entry. | |
784 | * | |
785 | * @a: Pointer to "struct tomoyo_name_union". | |
786 | * @b: Pointer to "struct tomoyo_name_union". | |
787 | * | |
788 | * Returns true if @a == @b, false otherwise. | |
789 | */ | |
75093152 | 790 | static inline bool tomoyo_same_name_union |
b5bc60b4 | 791 | (const struct tomoyo_name_union *a, const struct tomoyo_name_union *b) |
7762fbff | 792 | { |
0df7e8b8 | 793 | return a->filename == b->filename && a->group == b->group; |
7762fbff TH |
794 | } |
795 | ||
b5bc60b4 TH |
796 | /** |
797 | * tomoyo_same_number_union - Check for duplicated "struct tomoyo_number_union" entry. | |
798 | * | |
799 | * @a: Pointer to "struct tomoyo_number_union". | |
800 | * @b: Pointer to "struct tomoyo_number_union". | |
801 | * | |
802 | * Returns true if @a == @b, false otherwise. | |
803 | */ | |
75093152 | 804 | static inline bool tomoyo_same_number_union |
b5bc60b4 | 805 | (const struct tomoyo_number_union *a, const struct tomoyo_number_union *b) |
4c3e9e2d | 806 | { |
b5bc60b4 | 807 | return a->values[0] == b->values[0] && a->values[1] == b->values[1] && |
0df7e8b8 TH |
808 | a->group == b->group && a->value_type[0] == b->value_type[0] && |
809 | a->value_type[1] == b->value_type[1]; | |
4c3e9e2d TH |
810 | } |
811 | ||
eadd99cc TH |
812 | #if defined(CONFIG_SLOB) |
813 | ||
814 | /** | |
815 | * tomoyo_round2 - Round up to power of 2 for calculating memory usage. | |
816 | * | |
817 | * @size: Size to be rounded up. | |
818 | * | |
819 | * Returns @size. | |
820 | * | |
821 | * Since SLOB does not round up, this function simply returns @size. | |
822 | */ | |
823 | static inline int tomoyo_round2(size_t size) | |
824 | { | |
825 | return size; | |
826 | } | |
827 | ||
828 | #else | |
829 | ||
830 | /** | |
831 | * tomoyo_round2 - Round up to power of 2 for calculating memory usage. | |
832 | * | |
833 | * @size: Size to be rounded up. | |
834 | * | |
835 | * Returns rounded size. | |
836 | * | |
837 | * Strictly speaking, SLAB may be able to allocate (e.g.) 96 bytes instead of | |
838 | * (e.g.) 128 bytes. | |
839 | */ | |
840 | static inline int tomoyo_round2(size_t size) | |
841 | { | |
842 | #if PAGE_SIZE == 4096 | |
843 | size_t bsize = 32; | |
844 | #else | |
845 | size_t bsize = 64; | |
846 | #endif | |
847 | if (!size) | |
848 | return 0; | |
849 | while (size > bsize) | |
850 | bsize <<= 1; | |
851 | return bsize; | |
852 | } | |
853 | ||
854 | #endif | |
855 | ||
9590837b KT |
856 | /** |
857 | * list_for_each_cookie - iterate over a list with cookie. | |
858 | * @pos: the &struct list_head to use as a loop cursor. | |
9590837b | 859 | * @head: the head for your list. |
9590837b | 860 | */ |
475e6fa3 TH |
861 | #define list_for_each_cookie(pos, head) \ |
862 | if (!pos) \ | |
863 | pos = srcu_dereference((head)->next, &tomoyo_ss); \ | |
864 | for ( ; pos != (head); pos = srcu_dereference(pos->next, &tomoyo_ss)) | |
fdb8ebb7 | 865 | |
9590837b | 866 | #endif /* !defined(_SECURITY_TOMOYO_COMMON_H) */ |