Merge branch 'for-4.5/lightnvm' of git://git.kernel.dk/linux-block

[deliverable/linux.git] / security / tomoyo / securityfs_if.c

/*
 * security/tomoyo/securityfs_if.c
 *
 * Copyright (C) 2005-2011  NTT DATA CORPORATION
 */

#include <linux/security.h>
#include "common.h"

/**
 * tomoyo_check_task_acl - Check permission for task operation.
 *
 * @r:   Pointer to "struct tomoyo_request_info".
 * @ptr: Pointer to "struct tomoyo_acl_info".
 *
 * Returns true if granted, false otherwise.
 */
static bool tomoyo_check_task_acl(struct tomoyo_request_info *r,
                                  const struct tomoyo_acl_info *ptr)
{
        const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
                                                         head);
        return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
}

/**
 * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface.
 *
 * @file:  Pointer to "struct file".
 * @buf:   Domainname to transit to.
 * @count: Size of @buf.
 * @ppos:  Unused.
 *
 * Returns @count on success, negative value otherwise.
 *
 * If domain transition was permitted but the domain transition failed, this
 * function returns error rather than terminating current thread with SIGKILL.
 */
static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
                              size_t count, loff_t *ppos)
{
        char *data;
        int error;
        if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
                return -ENOMEM;
        data = memdup_user_nul(buf, count);
        if (IS_ERR(data))
                return PTR_ERR(data);
        tomoyo_normalize_line(data);
        if (tomoyo_correct_domain(data)) {
                const int idx = tomoyo_read_lock();
                struct tomoyo_path_info name;
                struct tomoyo_request_info r;
                name.name = data;
                tomoyo_fill_path_info(&name);
                /* Check "task manual_domain_transition" permission. */
                tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
                r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL;
                r.param.task.domainname = &name;
                tomoyo_check_acl(&r, tomoyo_check_task_acl);
                if (!r.granted)
                        error = -EPERM;
                else {
                        struct tomoyo_domain_info *new_domain =
                                tomoyo_assign_domain(data, true);
                        if (!new_domain) {
                                error = -ENOENT;
                        } else {
                                struct cred *cred = prepare_creds();
                                if (!cred) {
                                        error = -ENOMEM;
                                } else {
                                        struct tomoyo_domain_info *old_domain =
                                                cred->security;
                                        cred->security = new_domain;
                                        atomic_inc(&new_domain->users);
                                        atomic_dec(&old_domain->users);
                                        commit_creds(cred);
                                        error = 0;
                                }
                        }
                }
                tomoyo_read_unlock(idx);
        } else
                error = -EINVAL;
        kfree(data);
        return error ? error : count;
}

/**
 * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface.
 *
 * @file:  Pointer to "struct file".
 * @buf:   Domainname which current thread belongs to.
 * @count: Size of @buf.
 * @ppos:  Bytes read by now.
 *
 * Returns read size on success, negative value otherwise.
 */
static ssize_t tomoyo_read_self(struct file *file, char __user *buf,
                                size_t count, loff_t *ppos)
{
        const char *domain = tomoyo_domain()->domainname->name;
        loff_t len = strlen(domain);
        loff_t pos = *ppos;
        if (pos >= len || !count)
                return 0;
        len -= pos;
        if (count < len)
                len = count;
        if (copy_to_user(buf, domain + pos, len))
                return -EFAULT;
        *ppos += len;
        return len;
}

/* Operations for /sys/kernel/security/tomoyo/self_domain interface. */
static const struct file_operations tomoyo_self_operations = {
        .write = tomoyo_write_self,
        .read  = tomoyo_read_self,
};

/**
 * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
 *
 * @inode: Pointer to "struct inode".
 * @file:  Pointer to "struct file".
 *
 * Returns 0 on success, negative value otherwise.
 */
static int tomoyo_open(struct inode *inode, struct file *file)
{
        const int key = ((u8 *) file_inode(file)->i_private)
                - ((u8 *) NULL);
        return tomoyo_open_control(key, file);
}

/**
 * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
 *
 * @file:  Pointer to "struct file".
 *
 */
static int tomoyo_release(struct inode *inode, struct file *file)
{
        tomoyo_close_control(file->private_data);
        return 0;
}

/**
 * tomoyo_poll - poll() for /sys/kernel/security/tomoyo/ interface.
 *
 * @file: Pointer to "struct file".
 * @wait: Pointer to "poll_table". Maybe NULL.
 *
 * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write,
 * POLLOUT | POLLWRNORM otherwise.
 */
static unsigned int tomoyo_poll(struct file *file, poll_table *wait)
{
        return tomoyo_poll_control(file, wait);
}

/**
 * tomoyo_read - read() for /sys/kernel/security/tomoyo/ interface.
 *
 * @file:  Pointer to "struct file".
 * @buf:   Pointer to buffer.
 * @count: Size of @buf.
 * @ppos:  Unused.
 *
 * Returns bytes read on success, negative value otherwise.
 */
static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count,
                           loff_t *ppos)
{
        return tomoyo_read_control(file->private_data, buf, count);
}

/**
 * tomoyo_write - write() for /sys/kernel/security/tomoyo/ interface.
 *
 * @file:  Pointer to "struct file".
 * @buf:   Pointer to buffer.
 * @count: Size of @buf.
 * @ppos:  Unused.
 *
 * Returns @count on success, negative value otherwise.
 */
static ssize_t tomoyo_write(struct file *file, const char __user *buf,
                            size_t count, loff_t *ppos)
{
        return tomoyo_write_control(file->private_data, buf, count);
}

/*
 * tomoyo_operations is a "struct file_operations" which is used for handling
 * /sys/kernel/security/tomoyo/ interface.
 *
 * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR).
 * See tomoyo_io_buffer for internals.
 */
static const struct file_operations tomoyo_operations = {
        .open    = tomoyo_open,
        .release = tomoyo_release,
        .poll    = tomoyo_poll,
        .read    = tomoyo_read,
        .write   = tomoyo_write,
        .llseek  = noop_llseek,
};

/**
 * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory.
 *
 * @name:   The name of the interface file.
 * @mode:   The permission of the interface file.
 * @parent: The parent directory.
 * @key:    Type of interface.
 *
 * Returns nothing.
 */
static void __init tomoyo_create_entry(const char *name, const umode_t mode,
                                       struct dentry *parent, const u8 key)
{
        securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key,
                               &tomoyo_operations);
}

/**
 * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface.
 *
 * Returns 0.
 */
static int __init tomoyo_initerface_init(void)
{
        struct dentry *tomoyo_dir;

        /* Don't create securityfs entries unless registered. */
        if (current_cred()->security != &tomoyo_kernel_domain)
                return 0;

        tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
        tomoyo_create_entry("query",            0600, tomoyo_dir,
                            TOMOYO_QUERY);
        tomoyo_create_entry("domain_policy",    0600, tomoyo_dir,
                            TOMOYO_DOMAINPOLICY);
        tomoyo_create_entry("exception_policy", 0600, tomoyo_dir,
                            TOMOYO_EXCEPTIONPOLICY);
        tomoyo_create_entry("audit",            0400, tomoyo_dir,
                            TOMOYO_AUDIT);
        tomoyo_create_entry(".process_status",  0600, tomoyo_dir,
                            TOMOYO_PROCESS_STATUS);
        tomoyo_create_entry("stat",             0644, tomoyo_dir,
                            TOMOYO_STAT);
        tomoyo_create_entry("profile",          0600, tomoyo_dir,
                            TOMOYO_PROFILE);
        tomoyo_create_entry("manager",          0600, tomoyo_dir,
                            TOMOYO_MANAGER);
        tomoyo_create_entry("version",          0400, tomoyo_dir,
                            TOMOYO_VERSION);
        securityfs_create_file("self_domain", 0666, tomoyo_dir, NULL,
                               &tomoyo_self_operations);
        tomoyo_load_builtin_policy();
        return 0;
}

fs_initcall(tomoyo_initerface_init);