1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18#include <linux/xattr.h>
19#include <linux/pagemap.h>
20#include <linux/mount.h>
21#include <linux/stat.h>
22#include <linux/kd.h>
23#include <asm/ioctls.h>
24#include <linux/ip.h>
25#include <linux/tcp.h>
26#include <linux/udp.h>
27#include <linux/dccp.h>
28#include <linux/icmpv6.h>
29#include <linux/slab.h>
30#include <linux/mutex.h>
31#include <net/cipso_ipv4.h>
32#include <net/ip.h>
33#include <net/ipv6.h>
34#include <linux/audit.h>
35#include <linux/magic.h>
36#include <linux/dcache.h>
37#include <linux/personality.h>
38#include <linux/msg.h>
39#include <linux/shm.h>
40#include <linux/binfmts.h>
41#include <linux/parser.h>
42#include <linux/fs_context.h>
43#include <linux/fs_parser.h>
44#include <linux/watch_queue.h>
45#include "smack.h"
46
47#define TRANS_TRUE "TRUE"
48#define TRANS_TRUE_SIZE 4
49
50#define SMK_CONNECTING 0
51#define SMK_RECEIVING 1
52#define SMK_SENDING 2
53
54static DEFINE_MUTEX(smack_ipv6_lock);
55static LIST_HEAD(smk_ipv6_port_list);
56struct kmem_cache *smack_rule_cache;
57int smack_enabled;
58
59#define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s}
60static struct {
61 const char *name;
62 int len;
63 int opt;
64} smk_mount_opts[] = {
65 {"smackfsdef", sizeof("smackfsdef") - 1, Opt_fsdefault},
66 A(fsdefault), A(fsfloor), A(fshat), A(fsroot), A(fstransmute)
67};
68#undef A
69
70static int match_opt_prefix(char *s, int l, char **arg)
71{
72 int i;
73
74 for (i = 0; i < ARRAY_SIZE(smk_mount_opts); i++) {
75 size_t len = smk_mount_opts[i].len;
76 if (len > l || memcmp(s, smk_mount_opts[i].name, len))
77 continue;
78 if (len == l || s[len] != '=')
79 continue;
80 *arg = s + len + 1;
81 return smk_mount_opts[i].opt;
82 }
83 return Opt_error;
84}
85
86#ifdef CONFIG_SECURITY_SMACK_BRINGUP
87static char *smk_bu_mess[] = {
88 "Bringup Error",
89 "Bringup",
90 "Unconfined Subject",
91 "Unconfined Object",
92};
93
94static void smk_bu_mode(int mode, char *s)
95{
96 int i = 0;
97
98 if (mode & MAY_READ)
99 s[i++] = 'r';
100 if (mode & MAY_WRITE)
101 s[i++] = 'w';
102 if (mode & MAY_EXEC)
103 s[i++] = 'x';
104 if (mode & MAY_APPEND)
105 s[i++] = 'a';
106 if (mode & MAY_TRANSMUTE)
107 s[i++] = 't';
108 if (mode & MAY_LOCK)
109 s[i++] = 'l';
110 if (i == 0)
111 s[i++] = '-';
112 s[i] = '\0';
113}
114#endif
115
116#ifdef CONFIG_SECURITY_SMACK_BRINGUP
117static int smk_bu_note(char *note, struct smack_known *sskp,
118 struct smack_known *oskp, int mode, int rc)
119{
120 char acc[SMK_NUM_ACCESS_TYPE + 1];
121
122 if (rc <= 0)
123 return rc;
124 if (rc > SMACK_UNCONFINED_OBJECT)
125 rc = 0;
126
127 smk_bu_mode(mode, acc);
128 pr_info("Smack %s: (%s %s %s) %s\n", smk_bu_mess[rc],
129 sskp->smk_known, oskp->smk_known, acc, note);
130 return 0;
131}
132#else
133#define smk_bu_note(note, sskp, oskp, mode, RC) (RC)
134#endif
135
136#ifdef CONFIG_SECURITY_SMACK_BRINGUP
137static int smk_bu_current(char *note, struct smack_known *oskp,
138 int mode, int rc)
139{
140 struct task_smack *tsp = smack_cred(current_cred());
141 char acc[SMK_NUM_ACCESS_TYPE + 1];
142
143 if (rc <= 0)
144 return rc;
145 if (rc > SMACK_UNCONFINED_OBJECT)
146 rc = 0;
147
148 smk_bu_mode(mode, acc);
149 pr_info("Smack %s: (%s %s %s) %s %s\n", smk_bu_mess[rc],
150 tsp->smk_task->smk_known, oskp->smk_known,
151 acc, current->comm, note);
152 return 0;
153}
154#else
155#define smk_bu_current(note, oskp, mode, RC) (RC)
156#endif
157
158#ifdef CONFIG_SECURITY_SMACK_BRINGUP
159static int smk_bu_task(struct task_struct *otp, int mode, int rc)
160{
161 struct task_smack *tsp = smack_cred(current_cred());
162 struct smack_known *smk_task = smk_of_task_struct_obj(otp);
163 char acc[SMK_NUM_ACCESS_TYPE + 1];
164
165 if (rc <= 0)
166 return rc;
167 if (rc > SMACK_UNCONFINED_OBJECT)
168 rc = 0;
169
170 smk_bu_mode(mode, acc);
171 pr_info("Smack %s: (%s %s %s) %s to %s\n", smk_bu_mess[rc],
172 tsp->smk_task->smk_known, smk_task->smk_known, acc,
173 current->comm, otp->comm);
174 return 0;
175}
176#else
177#define smk_bu_task(otp, mode, RC) (RC)
178#endif
179
180#ifdef CONFIG_SECURITY_SMACK_BRINGUP
181static int smk_bu_inode(struct inode *inode, int mode, int rc)
182{
183 struct task_smack *tsp = smack_cred(current_cred());
184 struct inode_smack *isp = smack_inode(inode);
185 char acc[SMK_NUM_ACCESS_TYPE + 1];
186
187 if (isp->smk_flags & SMK_INODE_IMPURE)
188 pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n",
189 inode->i_sb->s_id, inode->i_ino, current->comm);
190
191 if (rc <= 0)
192 return rc;
193 if (rc > SMACK_UNCONFINED_OBJECT)
194 rc = 0;
195 if (rc == SMACK_UNCONFINED_SUBJECT &&
196 (mode & (MAY_WRITE | MAY_APPEND)))
197 isp->smk_flags |= SMK_INODE_IMPURE;
198
199 smk_bu_mode(mode, acc);
200
201 pr_info("Smack %s: (%s %s %s) inode=(%s %ld) %s\n", smk_bu_mess[rc],
202 tsp->smk_task->smk_known, isp->smk_inode->smk_known, acc,
203 inode->i_sb->s_id, inode->i_ino, current->comm);
204 return 0;
205}
206#else
207#define smk_bu_inode(inode, mode, RC) (RC)
208#endif
209
210#ifdef CONFIG_SECURITY_SMACK_BRINGUP
211static int smk_bu_file(struct file *file, int mode, int rc)
212{
213 struct task_smack *tsp = smack_cred(current_cred());
214 struct smack_known *sskp = tsp->smk_task;
215 struct inode *inode = file_inode(file);
216 struct inode_smack *isp = smack_inode(inode);
217 char acc[SMK_NUM_ACCESS_TYPE + 1];
218
219 if (isp->smk_flags & SMK_INODE_IMPURE)
220 pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n",
221 inode->i_sb->s_id, inode->i_ino, current->comm);
222
223 if (rc <= 0)
224 return rc;
225 if (rc > SMACK_UNCONFINED_OBJECT)
226 rc = 0;
227
228 smk_bu_mode(mode, acc);
229 pr_info("Smack %s: (%s %s %s) file=(%s %ld %pD) %s\n", smk_bu_mess[rc],
230 sskp->smk_known, smk_of_inode(inode)->smk_known, acc,
231 inode->i_sb->s_id, inode->i_ino, file,
232 current->comm);
233 return 0;
234}
235#else
236#define smk_bu_file(file, mode, RC) (RC)
237#endif
238
239#ifdef CONFIG_SECURITY_SMACK_BRINGUP
240static int smk_bu_credfile(const struct cred *cred, struct file *file,
241 int mode, int rc)
242{
243 struct task_smack *tsp = smack_cred(cred);
244 struct smack_known *sskp = tsp->smk_task;
245 struct inode *inode = file_inode(file);
246 struct inode_smack *isp = smack_inode(inode);
247 char acc[SMK_NUM_ACCESS_TYPE + 1];
248
249 if (isp->smk_flags & SMK_INODE_IMPURE)
250 pr_info("Smack Unconfined Corruption: inode=(%s %ld) %s\n",
251 inode->i_sb->s_id, inode->i_ino, current->comm);
252
253 if (rc <= 0)
254 return rc;
255 if (rc > SMACK_UNCONFINED_OBJECT)
256 rc = 0;
257
258 smk_bu_mode(mode, acc);
259 pr_info("Smack %s: (%s %s %s) file=(%s %ld %pD) %s\n", smk_bu_mess[rc],
260 sskp->smk_known, smk_of_inode(inode)->smk_known, acc,
261 inode->i_sb->s_id, inode->i_ino, file,
262 current->comm);
263 return 0;
264}
265#else
266#define smk_bu_credfile(cred, file, mode, RC) (RC)
267#endif
268
269
270
271
272
273
274
275
276
277
278static struct smack_known *smk_fetch(const char *name, struct inode *ip,
279 struct dentry *dp)
280{
281 int rc;
282 char *buffer;
283 struct smack_known *skp = NULL;
284
285 if (!(ip->i_opflags & IOP_XATTR))
286 return ERR_PTR(-EOPNOTSUPP);
287
288 buffer = kzalloc(SMK_LONGLABEL, GFP_NOFS);
289 if (buffer == NULL)
290 return ERR_PTR(-ENOMEM);
291
292 rc = __vfs_getxattr(dp, ip, name, buffer, SMK_LONGLABEL);
293 if (rc < 0)
294 skp = ERR_PTR(rc);
295 else if (rc == 0)
296 skp = NULL;
297 else
298 skp = smk_import_entry(buffer, rc);
299
300 kfree(buffer);
301
302 return skp;
303}
304
305
306
307
308
309
310
311static void init_inode_smack(struct inode *inode, struct smack_known *skp)
312{
313 struct inode_smack *isp = smack_inode(inode);
314
315 isp->smk_inode = skp;
316 isp->smk_flags = 0;
317}
318
319
320
321
322
323
324
325
326static void init_task_smack(struct task_smack *tsp, struct smack_known *task,
327 struct smack_known *forked)
328{
329 tsp->smk_task = task;
330 tsp->smk_forked = forked;
331 INIT_LIST_HEAD(&tsp->smk_rules);
332 INIT_LIST_HEAD(&tsp->smk_relabel);
333 mutex_init(&tsp->smk_rules_lock);
334}
335
336
337
338
339
340
341
342
343
344static int smk_copy_rules(struct list_head *nhead, struct list_head *ohead,
345 gfp_t gfp)
346{
347 struct smack_rule *nrp;
348 struct smack_rule *orp;
349 int rc = 0;
350
351 list_for_each_entry_rcu(orp, ohead, list) {
352 nrp = kmem_cache_zalloc(smack_rule_cache, gfp);
353 if (nrp == NULL) {
354 rc = -ENOMEM;
355 break;
356 }
357 *nrp = *orp;
358 list_add_rcu(&nrp->list, nhead);
359 }
360 return rc;
361}
362
363
364
365
366
367
368
369
370
371static int smk_copy_relabel(struct list_head *nhead, struct list_head *ohead,
372 gfp_t gfp)
373{
374 struct smack_known_list_elem *nklep;
375 struct smack_known_list_elem *oklep;
376
377 list_for_each_entry(oklep, ohead, list) {
378 nklep = kzalloc(sizeof(struct smack_known_list_elem), gfp);
379 if (nklep == NULL) {
380 smk_destroy_label_list(nhead);
381 return -ENOMEM;
382 }
383 nklep->smk_label = oklep->smk_label;
384 list_add(&nklep->list, nhead);
385 }
386
387 return 0;
388}
389
390
391
392
393
394
395
396static inline unsigned int smk_ptrace_mode(unsigned int mode)
397{
398 if (mode & PTRACE_MODE_ATTACH)
399 return MAY_READWRITE;
400 if (mode & PTRACE_MODE_READ)
401 return MAY_READ;
402
403 return 0;
404}
405
406
407
408
409
410
411
412
413
414
415static int smk_ptrace_rule_check(struct task_struct *tracer,
416 struct smack_known *tracee_known,
417 unsigned int mode, const char *func)
418{
419 int rc;
420 struct smk_audit_info ad, *saip = NULL;
421 struct task_smack *tsp;
422 struct smack_known *tracer_known;
423 const struct cred *tracercred;
424
425 if ((mode & PTRACE_MODE_NOAUDIT) == 0) {
426 smk_ad_init(&ad, func, LSM_AUDIT_DATA_TASK);
427 smk_ad_setfield_u_tsk(&ad, tracer);
428 saip = &ad;
429 }
430
431 rcu_read_lock();
432 tracercred = __task_cred(tracer);
433 tsp = smack_cred(tracercred);
434 tracer_known = smk_of_task(tsp);
435
436 if ((mode & PTRACE_MODE_ATTACH) &&
437 (smack_ptrace_rule == SMACK_PTRACE_EXACT ||
438 smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)) {
439 if (tracer_known->smk_known == tracee_known->smk_known)
440 rc = 0;
441 else if (smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)
442 rc = -EACCES;
443 else if (smack_privileged_cred(CAP_SYS_PTRACE, tracercred))
444 rc = 0;
445 else
446 rc = -EACCES;
447
448 if (saip)
449 smack_log(tracer_known->smk_known,
450 tracee_known->smk_known,
451 0, rc, saip);
452
453 rcu_read_unlock();
454 return rc;
455 }
456
457
458 rc = smk_tskacc(tsp, tracee_known, smk_ptrace_mode(mode), saip);
459
460 rcu_read_unlock();
461 return rc;
462}
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478static int smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode)
479{
480 struct smack_known *skp;
481
482 skp = smk_of_task_struct_obj(ctp);
483
484 return smk_ptrace_rule_check(current, skp, mode, __func__);
485}
486
487
488
489
490
491
492
493
494
495static int smack_ptrace_traceme(struct task_struct *ptp)
496{
497 int rc;
498 struct smack_known *skp;
499
500 skp = smk_of_task(smack_cred(current_cred()));
501
502 rc = smk_ptrace_rule_check(ptp, skp, PTRACE_MODE_ATTACH, __func__);
503 return rc;
504}
505
506
507
508
509
510
511
512static int smack_syslog(int typefrom_file)
513{
514 int rc = 0;
515 struct smack_known *skp = smk_of_current();
516
517 if (smack_privileged(CAP_MAC_OVERRIDE))
518 return 0;
519
520 if (smack_syslog_label != NULL && smack_syslog_label != skp)
521 rc = -EACCES;
522
523 return rc;
524}
525
526
527
528
529
530
531
532
533
534
535
536static int smack_sb_alloc_security(struct super_block *sb)
537{
538 struct superblock_smack *sbsp = smack_superblock(sb);
539
540 sbsp->smk_root = &smack_known_floor;
541 sbsp->smk_default = &smack_known_floor;
542 sbsp->smk_floor = &smack_known_floor;
543 sbsp->smk_hat = &smack_known_hat;
544
545
546
547
548 return 0;
549}
550
551struct smack_mnt_opts {
552 const char *fsdefault, *fsfloor, *fshat, *fsroot, *fstransmute;
553};
554
555static void smack_free_mnt_opts(void *mnt_opts)
556{
557 struct smack_mnt_opts *opts = mnt_opts;
558 kfree(opts->fsdefault);
559 kfree(opts->fsfloor);
560 kfree(opts->fshat);
561 kfree(opts->fsroot);
562 kfree(opts->fstransmute);
563 kfree(opts);
564}
565
566static int smack_add_opt(int token, const char *s, void **mnt_opts)
567{
568 struct smack_mnt_opts *opts = *mnt_opts;
569
570 if (!opts) {
571 opts = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
572 if (!opts)
573 return -ENOMEM;
574 *mnt_opts = opts;
575 }
576 if (!s)
577 return -ENOMEM;
578
579 switch (token) {
580 case Opt_fsdefault:
581 if (opts->fsdefault)
582 goto out_opt_err;
583 opts->fsdefault = s;
584 break;
585 case Opt_fsfloor:
586 if (opts->fsfloor)
587 goto out_opt_err;
588 opts->fsfloor = s;
589 break;
590 case Opt_fshat:
591 if (opts->fshat)
592 goto out_opt_err;
593 opts->fshat = s;
594 break;
595 case Opt_fsroot:
596 if (opts->fsroot)
597 goto out_opt_err;
598 opts->fsroot = s;
599 break;
600 case Opt_fstransmute:
601 if (opts->fstransmute)
602 goto out_opt_err;
603 opts->fstransmute = s;
604 break;
605 }
606 return 0;
607
608out_opt_err:
609 pr_warn("Smack: duplicate mount options\n");
610 return -EINVAL;
611}
612
613
614
615
616
617
618
619
620static int smack_fs_context_dup(struct fs_context *fc,
621 struct fs_context *src_fc)
622{
623 struct smack_mnt_opts *dst, *src = src_fc->security;
624
625 if (!src)
626 return 0;
627
628 fc->security = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
629 if (!fc->security)
630 return -ENOMEM;
631 dst = fc->security;
632
633 if (src->fsdefault) {
634 dst->fsdefault = kstrdup(src->fsdefault, GFP_KERNEL);
635 if (!dst->fsdefault)
636 return -ENOMEM;
637 }
638 if (src->fsfloor) {
639 dst->fsfloor = kstrdup(src->fsfloor, GFP_KERNEL);
640 if (!dst->fsfloor)
641 return -ENOMEM;
642 }
643 if (src->fshat) {
644 dst->fshat = kstrdup(src->fshat, GFP_KERNEL);
645 if (!dst->fshat)
646 return -ENOMEM;
647 }
648 if (src->fsroot) {
649 dst->fsroot = kstrdup(src->fsroot, GFP_KERNEL);
650 if (!dst->fsroot)
651 return -ENOMEM;
652 }
653 if (src->fstransmute) {
654 dst->fstransmute = kstrdup(src->fstransmute, GFP_KERNEL);
655 if (!dst->fstransmute)
656 return -ENOMEM;
657 }
658 return 0;
659}
660
661static const struct fs_parameter_spec smack_fs_parameters[] = {
662 fsparam_string("smackfsdef", Opt_fsdefault),
663 fsparam_string("smackfsdefault", Opt_fsdefault),
664 fsparam_string("smackfsfloor", Opt_fsfloor),
665 fsparam_string("smackfshat", Opt_fshat),
666 fsparam_string("smackfsroot", Opt_fsroot),
667 fsparam_string("smackfstransmute", Opt_fstransmute),
668 {}
669};
670
671
672
673
674
675
676
677
678
679static int smack_fs_context_parse_param(struct fs_context *fc,
680 struct fs_parameter *param)
681{
682 struct fs_parse_result result;
683 int opt, rc;
684
685 opt = fs_parse(fc, smack_fs_parameters, param, &result);
686 if (opt < 0)
687 return opt;
688
689 rc = smack_add_opt(opt, param->string, &fc->security);
690 if (!rc)
691 param->string = NULL;
692 return rc;
693}
694
695static int smack_sb_eat_lsm_opts(char *options, void **mnt_opts)
696{
697 char *from = options, *to = options;
698 bool first = true;
699
700 while (1) {
701 char *next = strchr(from, ',');
702 int token, len, rc;
703 char *arg = NULL;
704
705 if (next)
706 len = next - from;
707 else
708 len = strlen(from);
709
710 token = match_opt_prefix(from, len, &arg);
711 if (token != Opt_error) {
712 arg = kmemdup_nul(arg, from + len - arg, GFP_KERNEL);
713 rc = smack_add_opt(token, arg, mnt_opts);
714 if (unlikely(rc)) {
715 kfree(arg);
716 if (*mnt_opts)
717 smack_free_mnt_opts(*mnt_opts);
718 *mnt_opts = NULL;
719 return rc;
720 }
721 } else {
722 if (!first) {
723 from--;
724 len++;
725 }
726 if (to != from)
727 memmove(to, from, len);
728 to += len;
729 first = false;
730 }
731 if (!from[len])
732 break;
733 from += len + 1;
734 }
735 *to = '\0';
736 return 0;
737}
738
739
740
741
742
743
744
745
746
747
748
749
750
751static int smack_set_mnt_opts(struct super_block *sb,
752 void *mnt_opts,
753 unsigned long kern_flags,
754 unsigned long *set_kern_flags)
755{
756 struct dentry *root = sb->s_root;
757 struct inode *inode = d_backing_inode(root);
758 struct superblock_smack *sp = smack_superblock(sb);
759 struct inode_smack *isp;
760 struct smack_known *skp;
761 struct smack_mnt_opts *opts = mnt_opts;
762 bool transmute = false;
763
764 if (sp->smk_flags & SMK_SB_INITIALIZED)
765 return 0;
766
767 if (inode->i_security == NULL) {
768 int rc = lsm_inode_alloc(inode);
769
770 if (rc)
771 return rc;
772 }
773
774 if (!smack_privileged(CAP_MAC_ADMIN)) {
775
776
777
778 if (opts)
779 return -EPERM;
780
781
782
783 skp = smk_of_current();
784 sp->smk_root = skp;
785 sp->smk_default = skp;
786
787
788
789
790
791 if (sb->s_user_ns != &init_user_ns &&
792 sb->s_magic != SYSFS_MAGIC && sb->s_magic != TMPFS_MAGIC &&
793 sb->s_magic != RAMFS_MAGIC) {
794 transmute = true;
795 sp->smk_flags |= SMK_SB_UNTRUSTED;
796 }
797 }
798
799 sp->smk_flags |= SMK_SB_INITIALIZED;
800
801 if (opts) {
802 if (opts->fsdefault) {
803 skp = smk_import_entry(opts->fsdefault, 0);
804 if (IS_ERR(skp))
805 return PTR_ERR(skp);
806 sp->smk_default = skp;
807 }
808 if (opts->fsfloor) {
809 skp = smk_import_entry(opts->fsfloor, 0);
810 if (IS_ERR(skp))
811 return PTR_ERR(skp);
812 sp->smk_floor = skp;
813 }
814 if (opts->fshat) {
815 skp = smk_import_entry(opts->fshat, 0);
816 if (IS_ERR(skp))
817 return PTR_ERR(skp);
818 sp->smk_hat = skp;
819 }
820 if (opts->fsroot) {
821 skp = smk_import_entry(opts->fsroot, 0);
822 if (IS_ERR(skp))
823 return PTR_ERR(skp);
824 sp->smk_root = skp;
825 }
826 if (opts->fstransmute) {
827 skp = smk_import_entry(opts->fstransmute, 0);
828 if (IS_ERR(skp))
829 return PTR_ERR(skp);
830 sp->smk_root = skp;
831 transmute = true;
832 }
833 }
834
835
836
837
838 init_inode_smack(inode, sp->smk_root);
839
840 if (transmute) {
841 isp = smack_inode(inode);
842 isp->smk_flags |= SMK_INODE_TRANSMUTE;
843 }
844
845 return 0;
846}
847
848
849
850
851
852
853
854
855static int smack_sb_statfs(struct dentry *dentry)
856{
857 struct superblock_smack *sbp = smack_superblock(dentry->d_sb);
858 int rc;
859 struct smk_audit_info ad;
860
861 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
862 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
863
864 rc = smk_curacc(sbp->smk_floor, MAY_READ, &ad);
865 rc = smk_bu_current("statfs", sbp->smk_floor, MAY_READ, rc);
866 return rc;
867}
868
869
870
871
872
873
874
875
876
877
878
879static int smack_bprm_creds_for_exec(struct linux_binprm *bprm)
880{
881 struct inode *inode = file_inode(bprm->file);
882 struct task_smack *bsp = smack_cred(bprm->cred);
883 struct inode_smack *isp;
884 struct superblock_smack *sbsp;
885 int rc;
886
887 isp = smack_inode(inode);
888 if (isp->smk_task == NULL || isp->smk_task == bsp->smk_task)
889 return 0;
890
891 sbsp = smack_superblock(inode->i_sb);
892 if ((sbsp->smk_flags & SMK_SB_UNTRUSTED) &&
893 isp->smk_task != sbsp->smk_root)
894 return 0;
895
896 if (bprm->unsafe & LSM_UNSAFE_PTRACE) {
897 struct task_struct *tracer;
898 rc = 0;
899
900 rcu_read_lock();
901 tracer = ptrace_parent(current);
902 if (likely(tracer != NULL))
903 rc = smk_ptrace_rule_check(tracer,
904 isp->smk_task,
905 PTRACE_MODE_ATTACH,
906 __func__);
907 rcu_read_unlock();
908
909 if (rc != 0)
910 return rc;
911 }
912 if (bprm->unsafe & ~LSM_UNSAFE_PTRACE)
913 return -EPERM;
914
915 bsp->smk_task = isp->smk_task;
916 bprm->per_clear |= PER_CLEAR_ON_SETID;
917
918
919 if (bsp->smk_task != bsp->smk_forked)
920 bprm->secureexec = 1;
921
922 return 0;
923}
924
925
926
927
928
929
930
931
932
933
934
935static int smack_inode_alloc_security(struct inode *inode)
936{
937 struct smack_known *skp = smk_of_current();
938
939 init_inode_smack(inode, skp);
940 return 0;
941}
942
943
944
945
946
947
948
949
950
951
952
953
954static int smack_inode_init_security(struct inode *inode, struct inode *dir,
955 const struct qstr *qstr, const char **name,
956 void **value, size_t *len)
957{
958 struct inode_smack *issp = smack_inode(inode);
959 struct smack_known *skp = smk_of_current();
960 struct smack_known *isp = smk_of_inode(inode);
961 struct smack_known *dsp = smk_of_inode(dir);
962 int may;
963
964 if (name)
965 *name = XATTR_SMACK_SUFFIX;
966
967 if (value && len) {
968 rcu_read_lock();
969 may = smk_access_entry(skp->smk_known, dsp->smk_known,
970 &skp->smk_rules);
971 rcu_read_unlock();
972
973
974
975
976
977
978
979 if (may > 0 && ((may & MAY_TRANSMUTE) != 0) &&
980 smk_inode_transmutable(dir)) {
981 isp = dsp;
982 issp->smk_flags |= SMK_INODE_CHANGED;
983 }
984
985 *value = kstrdup(isp->smk_known, GFP_NOFS);
986 if (*value == NULL)
987 return -ENOMEM;
988
989 *len = strlen(isp->smk_known);
990 }
991
992 return 0;
993}
994
995
996
997
998
999
1000
1001
1002
1003static int smack_inode_link(struct dentry *old_dentry, struct inode *dir,
1004 struct dentry *new_dentry)
1005{
1006 struct smack_known *isp;
1007 struct smk_audit_info ad;
1008 int rc;
1009
1010 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1011 smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
1012
1013 isp = smk_of_inode(d_backing_inode(old_dentry));
1014 rc = smk_curacc(isp, MAY_WRITE, &ad);
1015 rc = smk_bu_inode(d_backing_inode(old_dentry), MAY_WRITE, rc);
1016
1017 if (rc == 0 && d_is_positive(new_dentry)) {
1018 isp = smk_of_inode(d_backing_inode(new_dentry));
1019 smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
1020 rc = smk_curacc(isp, MAY_WRITE, &ad);
1021 rc = smk_bu_inode(d_backing_inode(new_dentry), MAY_WRITE, rc);
1022 }
1023
1024 return rc;
1025}
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035static int smack_inode_unlink(struct inode *dir, struct dentry *dentry)
1036{
1037 struct inode *ip = d_backing_inode(dentry);
1038 struct smk_audit_info ad;
1039 int rc;
1040
1041 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1042 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
1043
1044
1045
1046
1047 rc = smk_curacc(smk_of_inode(ip), MAY_WRITE, &ad);
1048 rc = smk_bu_inode(ip, MAY_WRITE, rc);
1049 if (rc == 0) {
1050
1051
1052
1053 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
1054 smk_ad_setfield_u_fs_inode(&ad, dir);
1055 rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
1056 rc = smk_bu_inode(dir, MAY_WRITE, rc);
1057 }
1058 return rc;
1059}
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069static int smack_inode_rmdir(struct inode *dir, struct dentry *dentry)
1070{
1071 struct smk_audit_info ad;
1072 int rc;
1073
1074 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1075 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
1076
1077
1078
1079
1080 rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
1081 rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
1082 if (rc == 0) {
1083
1084
1085
1086 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
1087 smk_ad_setfield_u_fs_inode(&ad, dir);
1088 rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
1089 rc = smk_bu_inode(dir, MAY_WRITE, rc);
1090 }
1091
1092 return rc;
1093}
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107static int smack_inode_rename(struct inode *old_inode,
1108 struct dentry *old_dentry,
1109 struct inode *new_inode,
1110 struct dentry *new_dentry)
1111{
1112 int rc;
1113 struct smack_known *isp;
1114 struct smk_audit_info ad;
1115
1116 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1117 smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
1118
1119 isp = smk_of_inode(d_backing_inode(old_dentry));
1120 rc = smk_curacc(isp, MAY_READWRITE, &ad);
1121 rc = smk_bu_inode(d_backing_inode(old_dentry), MAY_READWRITE, rc);
1122
1123 if (rc == 0 && d_is_positive(new_dentry)) {
1124 isp = smk_of_inode(d_backing_inode(new_dentry));
1125 smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
1126 rc = smk_curacc(isp, MAY_READWRITE, &ad);
1127 rc = smk_bu_inode(d_backing_inode(new_dentry), MAY_READWRITE, rc);
1128 }
1129 return rc;
1130}
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141static int smack_inode_permission(struct inode *inode, int mask)
1142{
1143 struct superblock_smack *sbsp = smack_superblock(inode->i_sb);
1144 struct smk_audit_info ad;
1145 int no_block = mask & MAY_NOT_BLOCK;
1146 int rc;
1147
1148 mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
1149
1150
1151
1152 if (mask == 0)
1153 return 0;
1154
1155 if (sbsp->smk_flags & SMK_SB_UNTRUSTED) {
1156 if (smk_of_inode(inode) != sbsp->smk_root)
1157 return -EACCES;
1158 }
1159
1160
1161 if (no_block)
1162 return -ECHILD;
1163 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
1164 smk_ad_setfield_u_fs_inode(&ad, inode);
1165 rc = smk_curacc(smk_of_inode(inode), mask, &ad);
1166 rc = smk_bu_inode(inode, mask, rc);
1167 return rc;
1168}
1169
1170
1171
1172
1173
1174
1175
1176
1177static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
1178{
1179 struct smk_audit_info ad;
1180 int rc;
1181
1182
1183
1184
1185 if (iattr->ia_valid & ATTR_FORCE)
1186 return 0;
1187 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1188 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
1189
1190 rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
1191 rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
1192 return rc;
1193}
1194
1195
1196
1197
1198
1199
1200
1201static int smack_inode_getattr(const struct path *path)
1202{
1203 struct smk_audit_info ad;
1204 struct inode *inode = d_backing_inode(path->dentry);
1205 int rc;
1206
1207 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1208 smk_ad_setfield_u_fs_path(&ad, *path);
1209 rc = smk_curacc(smk_of_inode(inode), MAY_READ, &ad);
1210 rc = smk_bu_inode(inode, MAY_READ, rc);
1211 return rc;
1212}
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226static int smack_inode_setxattr(struct user_namespace *mnt_userns,
1227 struct dentry *dentry, const char *name,
1228 const void *value, size_t size, int flags)
1229{
1230 struct smk_audit_info ad;
1231 struct smack_known *skp;
1232 int check_priv = 0;
1233 int check_import = 0;
1234 int check_star = 0;
1235 int rc = 0;
1236
1237
1238
1239
1240 if (strcmp(name, XATTR_NAME_SMACK) == 0 ||
1241 strcmp(name, XATTR_NAME_SMACKIPIN) == 0 ||
1242 strcmp(name, XATTR_NAME_SMACKIPOUT) == 0) {
1243 check_priv = 1;
1244 check_import = 1;
1245 } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0 ||
1246 strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
1247 check_priv = 1;
1248 check_import = 1;
1249 check_star = 1;
1250 } else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
1251 check_priv = 1;
1252 if (size != TRANS_TRUE_SIZE ||
1253 strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0)
1254 rc = -EINVAL;
1255 } else
1256 rc = cap_inode_setxattr(dentry, name, value, size, flags);
1257
1258 if (check_priv && !smack_privileged(CAP_MAC_ADMIN))
1259 rc = -EPERM;
1260
1261 if (rc == 0 && check_import) {
1262 skp = size ? smk_import_entry(value, size) : NULL;
1263 if (IS_ERR(skp))
1264 rc = PTR_ERR(skp);
1265 else if (skp == NULL || (check_star &&
1266 (skp == &smack_known_star || skp == &smack_known_web)))
1267 rc = -EINVAL;
1268 }
1269
1270 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1271 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
1272
1273 if (rc == 0) {
1274 rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
1275 rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
1276 }
1277
1278 return rc;
1279}
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292static void smack_inode_post_setxattr(struct dentry *dentry, const char *name,
1293 const void *value, size_t size, int flags)
1294{
1295 struct smack_known *skp;
1296 struct inode_smack *isp = smack_inode(d_backing_inode(dentry));
1297
1298 if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
1299 isp->smk_flags |= SMK_INODE_TRANSMUTE;
1300 return;
1301 }
1302
1303 if (strcmp(name, XATTR_NAME_SMACK) == 0) {
1304 skp = smk_import_entry(value, size);
1305 if (!IS_ERR(skp))
1306 isp->smk_inode = skp;
1307 } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) {
1308 skp = smk_import_entry(value, size);
1309 if (!IS_ERR(skp))
1310 isp->smk_task = skp;
1311 } else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
1312 skp = smk_import_entry(value, size);
1313 if (!IS_ERR(skp))
1314 isp->smk_mmap = skp;
1315 }
1316
1317 return;
1318}
1319
1320
1321
1322
1323
1324
1325
1326
1327static int smack_inode_getxattr(struct dentry *dentry, const char *name)
1328{
1329 struct smk_audit_info ad;
1330 int rc;
1331
1332 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1333 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
1334
1335 rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_READ, &ad);
1336 rc = smk_bu_inode(d_backing_inode(dentry), MAY_READ, rc);
1337 return rc;
1338}
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349static int smack_inode_removexattr(struct user_namespace *mnt_userns,
1350 struct dentry *dentry, const char *name)
1351{
1352 struct inode_smack *isp;
1353 struct smk_audit_info ad;
1354 int rc = 0;
1355
1356 if (strcmp(name, XATTR_NAME_SMACK) == 0 ||
1357 strcmp(name, XATTR_NAME_SMACKIPIN) == 0 ||
1358 strcmp(name, XATTR_NAME_SMACKIPOUT) == 0 ||
1359 strcmp(name, XATTR_NAME_SMACKEXEC) == 0 ||
1360 strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0 ||
1361 strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
1362 if (!smack_privileged(CAP_MAC_ADMIN))
1363 rc = -EPERM;
1364 } else
1365 rc = cap_inode_removexattr(mnt_userns, dentry, name);
1366
1367 if (rc != 0)
1368 return rc;
1369
1370 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
1371 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
1372
1373 rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
1374 rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
1375 if (rc != 0)
1376 return rc;
1377
1378 isp = smack_inode(d_backing_inode(dentry));
1379
1380
1381
1382
1383
1384 if (strcmp(name, XATTR_NAME_SMACK) == 0) {
1385 struct super_block *sbp = dentry->d_sb;
1386 struct superblock_smack *sbsp = smack_superblock(sbp);
1387
1388 isp->smk_inode = sbsp->smk_default;
1389 } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0)
1390 isp->smk_task = NULL;
1391 else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0)
1392 isp->smk_mmap = NULL;
1393 else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0)
1394 isp->smk_flags &= ~SMK_INODE_TRANSMUTE;
1395
1396 return 0;
1397}
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408static int smack_inode_getsecurity(struct user_namespace *mnt_userns,
1409 struct inode *inode, const char *name,
1410 void **buffer, bool alloc)
1411{
1412 struct socket_smack *ssp;
1413 struct socket *sock;
1414 struct super_block *sbp;
1415 struct inode *ip = (struct inode *)inode;
1416 struct smack_known *isp;
1417
1418 if (strcmp(name, XATTR_SMACK_SUFFIX) == 0)
1419 isp = smk_of_inode(inode);
1420 else {
1421
1422
1423
1424 sbp = ip->i_sb;
1425 if (sbp->s_magic != SOCKFS_MAGIC)
1426 return -EOPNOTSUPP;
1427
1428 sock = SOCKET_I(ip);
1429 if (sock == NULL || sock->sk == NULL)
1430 return -EOPNOTSUPP;
1431
1432 ssp = sock->sk->sk_security;
1433
1434 if (strcmp(name, XATTR_SMACK_IPIN) == 0)
1435 isp = ssp->smk_in;
1436 else if (strcmp(name, XATTR_SMACK_IPOUT) == 0)
1437 isp = ssp->smk_out;
1438 else
1439 return -EOPNOTSUPP;
1440 }
1441
1442 if (alloc) {
1443 *buffer = kstrdup(isp->smk_known, GFP_KERNEL);
1444 if (*buffer == NULL)
1445 return -ENOMEM;
1446 }
1447
1448 return strlen(isp->smk_known);
1449}
1450
1451
1452
1453
1454
1455
1456
1457
1458static int smack_inode_listsecurity(struct inode *inode, char *buffer,
1459 size_t buffer_size)
1460{
1461 int len = sizeof(XATTR_NAME_SMACK);
1462
1463 if (buffer != NULL && len <= buffer_size)
1464 memcpy(buffer, XATTR_NAME_SMACK, len);
1465
1466 return len;
1467}
1468
1469
1470
1471
1472
1473
1474static void smack_inode_getsecid(struct inode *inode, u32 *secid)
1475{
1476 struct smack_known *skp = smk_of_inode(inode);
1477
1478 *secid = skp->smk_secid;
1479}
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508static int smack_file_alloc_security(struct file *file)
1509{
1510 struct smack_known **blob = smack_file(file);
1511
1512 *blob = smk_of_current();
1513 return 0;
1514}
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526static int smack_file_ioctl(struct file *file, unsigned int cmd,
1527 unsigned long arg)
1528{
1529 int rc = 0;
1530 struct smk_audit_info ad;
1531 struct inode *inode = file_inode(file);
1532
1533 if (unlikely(IS_PRIVATE(inode)))
1534 return 0;
1535
1536 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1537 smk_ad_setfield_u_fs_path(&ad, file->f_path);
1538
1539 if (_IOC_DIR(cmd) & _IOC_WRITE) {
1540 rc = smk_curacc(smk_of_inode(inode), MAY_WRITE, &ad);
1541 rc = smk_bu_file(file, MAY_WRITE, rc);
1542 }
1543
1544 if (rc == 0 && (_IOC_DIR(cmd) & _IOC_READ)) {
1545 rc = smk_curacc(smk_of_inode(inode), MAY_READ, &ad);
1546 rc = smk_bu_file(file, MAY_READ, rc);
1547 }
1548
1549 return rc;
1550}
1551
1552
1553
1554
1555
1556
1557
1558
1559static int smack_file_lock(struct file *file, unsigned int cmd)
1560{
1561 struct smk_audit_info ad;
1562 int rc;
1563 struct inode *inode = file_inode(file);
1564
1565 if (unlikely(IS_PRIVATE(inode)))
1566 return 0;
1567
1568 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1569 smk_ad_setfield_u_fs_path(&ad, file->f_path);
1570 rc = smk_curacc(smk_of_inode(inode), MAY_LOCK, &ad);
1571 rc = smk_bu_file(file, MAY_LOCK, rc);
1572 return rc;
1573}
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587static int smack_file_fcntl(struct file *file, unsigned int cmd,
1588 unsigned long arg)
1589{
1590 struct smk_audit_info ad;
1591 int rc = 0;
1592 struct inode *inode = file_inode(file);
1593
1594 if (unlikely(IS_PRIVATE(inode)))
1595 return 0;
1596
1597 switch (cmd) {
1598 case F_GETLK:
1599 break;
1600 case F_SETLK:
1601 case F_SETLKW:
1602 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1603 smk_ad_setfield_u_fs_path(&ad, file->f_path);
1604 rc = smk_curacc(smk_of_inode(inode), MAY_LOCK, &ad);
1605 rc = smk_bu_file(file, MAY_LOCK, rc);
1606 break;
1607 case F_SETOWN:
1608 case F_SETSIG:
1609 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1610 smk_ad_setfield_u_fs_path(&ad, file->f_path);
1611 rc = smk_curacc(smk_of_inode(inode), MAY_WRITE, &ad);
1612 rc = smk_bu_file(file, MAY_WRITE, rc);
1613 break;
1614 default:
1615 break;
1616 }
1617
1618 return rc;
1619}
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631static int smack_mmap_file(struct file *file,
1632 unsigned long reqprot, unsigned long prot,
1633 unsigned long flags)
1634{
1635 struct smack_known *skp;
1636 struct smack_known *mkp;
1637 struct smack_rule *srp;
1638 struct task_smack *tsp;
1639 struct smack_known *okp;
1640 struct inode_smack *isp;
1641 struct superblock_smack *sbsp;
1642 int may;
1643 int mmay;
1644 int tmay;
1645 int rc;
1646
1647 if (file == NULL)
1648 return 0;
1649
1650 if (unlikely(IS_PRIVATE(file_inode(file))))
1651 return 0;
1652
1653 isp = smack_inode(file_inode(file));
1654 if (isp->smk_mmap == NULL)
1655 return 0;
1656 sbsp = smack_superblock(file_inode(file)->i_sb);
1657 if (sbsp->smk_flags & SMK_SB_UNTRUSTED &&
1658 isp->smk_mmap != sbsp->smk_root)
1659 return -EACCES;
1660 mkp = isp->smk_mmap;
1661
1662 tsp = smack_cred(current_cred());
1663 skp = smk_of_current();
1664 rc = 0;
1665
1666 rcu_read_lock();
1667
1668
1669
1670
1671
1672 list_for_each_entry_rcu(srp, &skp->smk_rules, list) {
1673 okp = srp->smk_object;
1674
1675
1676
1677 if (mkp->smk_known == okp->smk_known)
1678 continue;
1679
1680
1681
1682
1683 may = smk_access_entry(srp->smk_subject->smk_known,
1684 okp->smk_known,
1685 &tsp->smk_rules);
1686 if (may == -ENOENT)
1687 may = srp->smk_access;
1688 else
1689 may &= srp->smk_access;
1690
1691
1692
1693
1694 if (may == 0)
1695 continue;
1696
1697
1698
1699
1700
1701
1702 mmay = smk_access_entry(mkp->smk_known, okp->smk_known,
1703 &mkp->smk_rules);
1704 if (mmay == -ENOENT) {
1705 rc = -EACCES;
1706 break;
1707 }
1708
1709
1710
1711
1712 tmay = smk_access_entry(mkp->smk_known, okp->smk_known,
1713 &tsp->smk_rules);
1714 if (tmay != -ENOENT)
1715 mmay &= tmay;
1716
1717
1718
1719
1720
1721
1722 if ((may | mmay) != mmay) {
1723 rc = -EACCES;
1724 break;
1725 }
1726 }
1727
1728 rcu_read_unlock();
1729
1730 return rc;
1731}
1732
1733
1734
1735
1736
1737
1738static void smack_file_set_fowner(struct file *file)
1739{
1740 struct smack_known **blob = smack_file(file);
1741
1742 *blob = smk_of_current();
1743}
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756static int smack_file_send_sigiotask(struct task_struct *tsk,
1757 struct fown_struct *fown, int signum)
1758{
1759 struct smack_known **blob;
1760 struct smack_known *skp;
1761 struct smack_known *tkp = smk_of_task(smack_cred(tsk->cred));
1762 const struct cred *tcred;
1763 struct file *file;
1764 int rc;
1765 struct smk_audit_info ad;
1766
1767
1768
1769
1770 file = container_of(fown, struct file, f_owner);
1771
1772
1773 blob = smack_file(file);
1774 skp = *blob;
1775 rc = smk_access(skp, tkp, MAY_DELIVER, NULL);
1776 rc = smk_bu_note("sigiotask", skp, tkp, MAY_DELIVER, rc);
1777
1778 rcu_read_lock();
1779 tcred = __task_cred(tsk);
1780 if (rc != 0 && smack_privileged_cred(CAP_MAC_OVERRIDE, tcred))
1781 rc = 0;
1782 rcu_read_unlock();
1783
1784 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
1785 smk_ad_setfield_u_tsk(&ad, tsk);
1786 smack_log(skp->smk_known, tkp->smk_known, MAY_DELIVER, rc, &ad);
1787 return rc;
1788}
1789
1790
1791
1792
1793
1794
1795
1796static int smack_file_receive(struct file *file)
1797{
1798 int rc;
1799 int may = 0;
1800 struct smk_audit_info ad;
1801 struct inode *inode = file_inode(file);
1802 struct socket *sock;
1803 struct task_smack *tsp;
1804 struct socket_smack *ssp;
1805
1806 if (unlikely(IS_PRIVATE(inode)))
1807 return 0;
1808
1809 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1810 smk_ad_setfield_u_fs_path(&ad, file->f_path);
1811
1812 if (inode->i_sb->s_magic == SOCKFS_MAGIC) {
1813 sock = SOCKET_I(inode);
1814 ssp = sock->sk->sk_security;
1815 tsp = smack_cred(current_cred());
1816
1817
1818
1819
1820
1821
1822 rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad);
1823 rc = smk_bu_file(file, may, rc);
1824 if (rc < 0)
1825 return rc;
1826 rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad);
1827 rc = smk_bu_file(file, may, rc);
1828 return rc;
1829 }
1830
1831
1832
1833 if (file->f_mode & FMODE_READ)
1834 may = MAY_READ;
1835 if (file->f_mode & FMODE_WRITE)
1836 may |= MAY_WRITE;
1837
1838 rc = smk_curacc(smk_of_inode(inode), may, &ad);
1839 rc = smk_bu_file(file, may, rc);
1840 return rc;
1841}
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854static int smack_file_open(struct file *file)
1855{
1856 struct task_smack *tsp = smack_cred(file->f_cred);
1857 struct inode *inode = file_inode(file);
1858 struct smk_audit_info ad;
1859 int rc;
1860
1861 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
1862 smk_ad_setfield_u_fs_path(&ad, file->f_path);
1863 rc = smk_tskacc(tsp, smk_of_inode(inode), MAY_READ, &ad);
1864 rc = smk_bu_credfile(file->f_cred, file, MAY_READ, rc);
1865
1866 return rc;
1867}
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882static int smack_cred_alloc_blank(struct cred *cred, gfp_t gfp)
1883{
1884 init_task_smack(smack_cred(cred), NULL, NULL);
1885 return 0;
1886}
1887
1888
1889
1890
1891
1892
1893
1894static void smack_cred_free(struct cred *cred)
1895{
1896 struct task_smack *tsp = smack_cred(cred);
1897 struct smack_rule *rp;
1898 struct list_head *l;
1899 struct list_head *n;
1900
1901 smk_destroy_label_list(&tsp->smk_relabel);
1902
1903 list_for_each_safe(l, n, &tsp->smk_rules) {
1904 rp = list_entry(l, struct smack_rule, list);
1905 list_del(&rp->list);
1906 kmem_cache_free(smack_rule_cache, rp);
1907 }
1908}
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918static int smack_cred_prepare(struct cred *new, const struct cred *old,
1919 gfp_t gfp)
1920{
1921 struct task_smack *old_tsp = smack_cred(old);
1922 struct task_smack *new_tsp = smack_cred(new);
1923 int rc;
1924
1925 init_task_smack(new_tsp, old_tsp->smk_task, old_tsp->smk_task);
1926
1927 rc = smk_copy_rules(&new_tsp->smk_rules, &old_tsp->smk_rules, gfp);
1928 if (rc != 0)
1929 return rc;
1930
1931 rc = smk_copy_relabel(&new_tsp->smk_relabel, &old_tsp->smk_relabel,
1932 gfp);
1933 return rc;
1934}
1935
1936
1937
1938
1939
1940
1941
1942
1943static void smack_cred_transfer(struct cred *new, const struct cred *old)
1944{
1945 struct task_smack *old_tsp = smack_cred(old);
1946 struct task_smack *new_tsp = smack_cred(new);
1947
1948 new_tsp->smk_task = old_tsp->smk_task;
1949 new_tsp->smk_forked = old_tsp->smk_task;
1950 mutex_init(&new_tsp->smk_rules_lock);
1951 INIT_LIST_HEAD(&new_tsp->smk_rules);
1952
1953
1954}
1955
1956
1957
1958
1959
1960
1961
1962
1963static void smack_cred_getsecid(const struct cred *cred, u32 *secid)
1964{
1965 struct smack_known *skp;
1966
1967 rcu_read_lock();
1968 skp = smk_of_task(smack_cred(cred));
1969 *secid = skp->smk_secid;
1970 rcu_read_unlock();
1971}
1972
1973
1974
1975
1976
1977
1978
1979
1980static int smack_kernel_act_as(struct cred *new, u32 secid)
1981{
1982 struct task_smack *new_tsp = smack_cred(new);
1983
1984 new_tsp->smk_task = smack_from_secid(secid);
1985 return 0;
1986}
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996static int smack_kernel_create_files_as(struct cred *new,
1997 struct inode *inode)
1998{
1999 struct inode_smack *isp = smack_inode(inode);
2000 struct task_smack *tsp = smack_cred(new);
2001
2002 tsp->smk_forked = isp->smk_inode;
2003 tsp->smk_task = tsp->smk_forked;
2004 return 0;
2005}
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015static int smk_curacc_on_task(struct task_struct *p, int access,
2016 const char *caller)
2017{
2018 struct smk_audit_info ad;
2019 struct smack_known *skp = smk_of_task_struct_subj(p);
2020 int rc;
2021
2022 smk_ad_init(&ad, caller, LSM_AUDIT_DATA_TASK);
2023 smk_ad_setfield_u_tsk(&ad, p);
2024 rc = smk_curacc(skp, access, &ad);
2025 rc = smk_bu_task(p, access, rc);
2026 return rc;
2027}
2028
2029
2030
2031
2032
2033
2034
2035
2036static int smack_task_setpgid(struct task_struct *p, pid_t pgid)
2037{
2038 return smk_curacc_on_task(p, MAY_WRITE, __func__);
2039}
2040
2041
2042
2043
2044
2045
2046
2047static int smack_task_getpgid(struct task_struct *p)
2048{
2049 return smk_curacc_on_task(p, MAY_READ, __func__);
2050}
2051
2052
2053
2054
2055
2056
2057
2058static int smack_task_getsid(struct task_struct *p)
2059{
2060 return smk_curacc_on_task(p, MAY_READ, __func__);
2061}
2062
2063
2064
2065
2066
2067
2068
2069
2070static void smack_task_getsecid_subj(struct task_struct *p, u32 *secid)
2071{
2072 struct smack_known *skp = smk_of_task_struct_subj(p);
2073
2074 *secid = skp->smk_secid;
2075}
2076
2077
2078
2079
2080
2081
2082
2083
2084static void smack_task_getsecid_obj(struct task_struct *p, u32 *secid)
2085{
2086 struct smack_known *skp = smk_of_task_struct_obj(p);
2087
2088 *secid = skp->smk_secid;
2089}
2090
2091
2092
2093
2094
2095
2096
2097
2098static int smack_task_setnice(struct task_struct *p, int nice)
2099{
2100 return smk_curacc_on_task(p, MAY_WRITE, __func__);
2101}
2102
2103
2104
2105
2106
2107
2108
2109
2110static int smack_task_setioprio(struct task_struct *p, int ioprio)
2111{
2112 return smk_curacc_on_task(p, MAY_WRITE, __func__);
2113}
2114
2115
2116
2117
2118
2119
2120
2121static int smack_task_getioprio(struct task_struct *p)
2122{
2123 return smk_curacc_on_task(p, MAY_READ, __func__);
2124}
2125
2126
2127
2128
2129
2130
2131
2132static int smack_task_setscheduler(struct task_struct *p)
2133{
2134 return smk_curacc_on_task(p, MAY_WRITE, __func__);
2135}
2136
2137
2138
2139
2140
2141
2142
2143static int smack_task_getscheduler(struct task_struct *p)
2144{
2145 return smk_curacc_on_task(p, MAY_READ, __func__);
2146}
2147
2148
2149
2150
2151
2152
2153
2154static int smack_task_movememory(struct task_struct *p)
2155{
2156 return smk_curacc_on_task(p, MAY_WRITE, __func__);
2157}
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169static int smack_task_kill(struct task_struct *p, struct kernel_siginfo *info,
2170 int sig, const struct cred *cred)
2171{
2172 struct smk_audit_info ad;
2173 struct smack_known *skp;
2174 struct smack_known *tkp = smk_of_task_struct_obj(p);
2175 int rc;
2176
2177 if (!sig)
2178 return 0;
2179
2180 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
2181 smk_ad_setfield_u_tsk(&ad, p);
2182
2183
2184
2185
2186 if (cred == NULL) {
2187 rc = smk_curacc(tkp, MAY_DELIVER, &ad);
2188 rc = smk_bu_task(p, MAY_DELIVER, rc);
2189 return rc;
2190 }
2191
2192
2193
2194
2195
2196 skp = smk_of_task(smack_cred(cred));
2197 rc = smk_access(skp, tkp, MAY_DELIVER, &ad);
2198 rc = smk_bu_note("USB signal", skp, tkp, MAY_DELIVER, rc);
2199 return rc;
2200}
2201
2202
2203
2204
2205
2206
2207
2208
2209static void smack_task_to_inode(struct task_struct *p, struct inode *inode)
2210{
2211 struct inode_smack *isp = smack_inode(inode);
2212 struct smack_known *skp = smk_of_task_struct_obj(p);
2213
2214 isp->smk_inode = skp;
2215 isp->smk_flags |= SMK_INODE_INSTANT;
2216}
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags)
2233{
2234 struct smack_known *skp = smk_of_current();
2235 struct socket_smack *ssp;
2236
2237 ssp = kzalloc(sizeof(struct socket_smack), gfp_flags);
2238 if (ssp == NULL)
2239 return -ENOMEM;
2240
2241
2242
2243
2244 if (unlikely(current->flags & PF_KTHREAD)) {
2245 ssp->smk_in = &smack_known_web;
2246 ssp->smk_out = &smack_known_web;
2247 } else {
2248 ssp->smk_in = skp;
2249 ssp->smk_out = skp;
2250 }
2251 ssp->smk_packet = NULL;
2252
2253 sk->sk_security = ssp;
2254
2255 return 0;
2256}
2257
2258
2259
2260
2261
2262
2263
2264static void smack_sk_free_security(struct sock *sk)
2265{
2266#ifdef SMACK_IPV6_PORT_LABELING
2267 struct smk_port_label *spp;
2268
2269 if (sk->sk_family == PF_INET6) {
2270 rcu_read_lock();
2271 list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
2272 if (spp->smk_sock != sk)
2273 continue;
2274 spp->smk_can_reuse = 1;
2275 break;
2276 }
2277 rcu_read_unlock();
2278 }
2279#endif
2280 kfree(sk->sk_security);
2281}
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295static struct smack_known *smack_ipv4host_label(struct sockaddr_in *sip)
2296{
2297 struct smk_net4addr *snp;
2298 struct in_addr *siap = &sip->sin_addr;
2299
2300 if (siap->s_addr == 0)
2301 return NULL;
2302
2303 list_for_each_entry_rcu(snp, &smk_net4addr_list, list)
2304
2305
2306
2307
2308
2309 if (snp->smk_host.s_addr ==
2310 (siap->s_addr & snp->smk_mask.s_addr))
2311 return snp->smk_label;
2312
2313 return NULL;
2314}
2315
2316
2317
2318
2319
2320
2321
2322static bool smk_ipv6_localhost(struct sockaddr_in6 *sip)
2323{
2324 __be16 *be16p = (__be16 *)&sip->sin6_addr;
2325 __be32 *be32p = (__be32 *)&sip->sin6_addr;
2326
2327 if (be32p[0] == 0 && be32p[1] == 0 && be32p[2] == 0 && be16p[6] == 0 &&
2328 ntohs(be16p[7]) == 1)
2329 return true;
2330 return false;
2331}
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345static struct smack_known *smack_ipv6host_label(struct sockaddr_in6 *sip)
2346{
2347 struct smk_net6addr *snp;
2348 struct in6_addr *sap = &sip->sin6_addr;
2349 int i;
2350 int found = 0;
2351
2352
2353
2354
2355 if (smk_ipv6_localhost(sip))
2356 return NULL;
2357
2358 list_for_each_entry_rcu(snp, &smk_net6addr_list, list) {
2359
2360
2361
2362
2363 if (snp->smk_label == NULL)
2364 continue;
2365
2366
2367
2368
2369
2370 for (found = 1, i = 0; i < 8; i++) {
2371 if ((sap->s6_addr16[i] & snp->smk_mask.s6_addr16[i]) !=
2372 snp->smk_host.s6_addr16[i]) {
2373 found = 0;
2374 break;
2375 }
2376 }
2377 if (found)
2378 return snp->smk_label;
2379 }
2380
2381 return NULL;
2382}
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392static int smack_netlbl_add(struct sock *sk)
2393{
2394 struct socket_smack *ssp = sk->sk_security;
2395 struct smack_known *skp = ssp->smk_out;
2396 int rc;
2397
2398 local_bh_disable();
2399 bh_lock_sock_nested(sk);
2400
2401 rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel);
2402 switch (rc) {
2403 case 0:
2404 ssp->smk_state = SMK_NETLBL_LABELED;
2405 break;
2406 case -EDESTADDRREQ:
2407 ssp->smk_state = SMK_NETLBL_REQSKB;
2408 rc = 0;
2409 break;
2410 }
2411
2412 bh_unlock_sock(sk);
2413 local_bh_enable();
2414
2415 return rc;
2416}
2417
2418
2419
2420
2421
2422
2423
2424static void smack_netlbl_delete(struct sock *sk)
2425{
2426 struct socket_smack *ssp = sk->sk_security;
2427
2428
2429
2430
2431 if (ssp->smk_state != SMK_NETLBL_LABELED)
2432 return;
2433
2434 local_bh_disable();
2435 bh_lock_sock_nested(sk);
2436 netlbl_sock_delattr(sk);
2437 bh_unlock_sock(sk);
2438 local_bh_enable();
2439 ssp->smk_state = SMK_NETLBL_UNLABELED;
2440}
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453static int smk_ipv4_check(struct sock *sk, struct sockaddr_in *sap)
2454{
2455 struct smack_known *skp;
2456 int rc = 0;
2457 struct smack_known *hkp;
2458 struct socket_smack *ssp = sk->sk_security;
2459 struct smk_audit_info ad;
2460
2461 rcu_read_lock();
2462 hkp = smack_ipv4host_label(sap);
2463 if (hkp != NULL) {
2464#ifdef CONFIG_AUDIT
2465 struct lsm_network_audit net;
2466
2467 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
2468 ad.a.u.net->family = sap->sin_family;
2469 ad.a.u.net->dport = sap->sin_port;
2470 ad.a.u.net->v4info.daddr = sap->sin_addr.s_addr;
2471#endif
2472 skp = ssp->smk_out;
2473 rc = smk_access(skp, hkp, MAY_WRITE, &ad);
2474 rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc);
2475
2476
2477
2478 if (!rc)
2479 smack_netlbl_delete(sk);
2480 }
2481 rcu_read_unlock();
2482
2483 return rc;
2484}
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495static int smk_ipv6_check(struct smack_known *subject,
2496 struct smack_known *object,
2497 struct sockaddr_in6 *address, int act)
2498{
2499#ifdef CONFIG_AUDIT
2500 struct lsm_network_audit net;
2501#endif
2502 struct smk_audit_info ad;
2503 int rc;
2504
2505#ifdef CONFIG_AUDIT
2506 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
2507 ad.a.u.net->family = PF_INET6;
2508 ad.a.u.net->dport = ntohs(address->sin6_port);
2509 if (act == SMK_RECEIVING)
2510 ad.a.u.net->v6info.saddr = address->sin6_addr;
2511 else
2512 ad.a.u.net->v6info.daddr = address->sin6_addr;
2513#endif
2514 rc = smk_access(subject, object, MAY_WRITE, &ad);
2515 rc = smk_bu_note("IPv6 check", subject, object, MAY_WRITE, rc);
2516 return rc;
2517}
2518
2519#ifdef SMACK_IPV6_PORT_LABELING
2520
2521
2522
2523
2524
2525
2526
2527static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address)
2528{
2529 struct sock *sk = sock->sk;
2530 struct sockaddr_in6 *addr6;
2531 struct socket_smack *ssp = sock->sk->sk_security;
2532 struct smk_port_label *spp;
2533 unsigned short port = 0;
2534
2535 if (address == NULL) {
2536
2537
2538
2539
2540
2541 rcu_read_lock();
2542 list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
2543 if (sk != spp->smk_sock)
2544 continue;
2545 spp->smk_in = ssp->smk_in;
2546 spp->smk_out = ssp->smk_out;
2547 rcu_read_unlock();
2548 return;
2549 }
2550
2551
2552
2553
2554 rcu_read_unlock();
2555 return;
2556 }
2557
2558 addr6 = (struct sockaddr_in6 *)address;
2559 port = ntohs(addr6->sin6_port);
2560
2561
2562
2563 if (port == 0)
2564 return;
2565
2566
2567
2568
2569
2570 rcu_read_lock();
2571 list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
2572 if (spp->smk_port != port || spp->smk_sock_type != sock->type)
2573 continue;
2574 if (spp->smk_can_reuse != 1) {
2575 rcu_read_unlock();
2576 return;
2577 }
2578 spp->smk_port = port;
2579 spp->smk_sock = sk;
2580 spp->smk_in = ssp->smk_in;
2581 spp->smk_out = ssp->smk_out;
2582 spp->smk_can_reuse = 0;
2583 rcu_read_unlock();
2584 return;
2585 }
2586 rcu_read_unlock();
2587
2588
2589
2590 spp = kzalloc(sizeof(*spp), GFP_KERNEL);
2591 if (spp == NULL)
2592 return;
2593
2594 spp->smk_port = port;
2595 spp->smk_sock = sk;
2596 spp->smk_in = ssp->smk_in;
2597 spp->smk_out = ssp->smk_out;
2598 spp->smk_sock_type = sock->type;
2599 spp->smk_can_reuse = 0;
2600
2601 mutex_lock(&smack_ipv6_lock);
2602 list_add_rcu(&spp->list, &smk_ipv6_port_list);
2603 mutex_unlock(&smack_ipv6_lock);
2604 return;
2605}
2606#endif
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616static int smk_ipv6_port_check(struct sock *sk, struct sockaddr_in6 *address,
2617 int act)
2618{
2619 struct smk_port_label *spp;
2620 struct socket_smack *ssp = sk->sk_security;
2621 struct smack_known *skp = NULL;
2622 unsigned short port;
2623 struct smack_known *object;
2624
2625 if (act == SMK_RECEIVING) {
2626 skp = smack_ipv6host_label(address);
2627 object = ssp->smk_in;
2628 } else {
2629 skp = ssp->smk_out;
2630 object = smack_ipv6host_label(address);
2631 }
2632
2633
2634
2635
2636 if (skp != NULL && object != NULL)
2637 return smk_ipv6_check(skp, object, address, act);
2638 if (skp == NULL)
2639 skp = smack_net_ambient;
2640 if (object == NULL)
2641 object = smack_net_ambient;
2642
2643
2644
2645
2646 if (!smk_ipv6_localhost(address))
2647 return smk_ipv6_check(skp, object, address, act);
2648
2649
2650
2651
2652 if (act == SMK_RECEIVING)
2653 return 0;
2654
2655 port = ntohs(address->sin6_port);
2656 rcu_read_lock();
2657 list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
2658 if (spp->smk_port != port || spp->smk_sock_type != sk->sk_type)
2659 continue;
2660 object = spp->smk_in;
2661 if (act == SMK_CONNECTING)
2662 ssp->smk_packet = spp->smk_out;
2663 break;
2664 }
2665 rcu_read_unlock();
2666
2667 return smk_ipv6_check(skp, object, address, act);
2668}
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682static int smack_inode_setsecurity(struct inode *inode, const char *name,
2683 const void *value, size_t size, int flags)
2684{
2685 struct smack_known *skp;
2686 struct inode_smack *nsp = smack_inode(inode);
2687 struct socket_smack *ssp;
2688 struct socket *sock;
2689 int rc = 0;
2690
2691 if (value == NULL || size > SMK_LONGLABEL || size == 0)
2692 return -EINVAL;
2693
2694 skp = smk_import_entry(value, size);
2695 if (IS_ERR(skp))
2696 return PTR_ERR(skp);
2697
2698 if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
2699 nsp->smk_inode = skp;
2700 nsp->smk_flags |= SMK_INODE_INSTANT;
2701 return 0;
2702 }
2703
2704
2705
2706 if (inode->i_sb->s_magic != SOCKFS_MAGIC)
2707 return -EOPNOTSUPP;
2708
2709 sock = SOCKET_I(inode);
2710 if (sock == NULL || sock->sk == NULL)
2711 return -EOPNOTSUPP;
2712
2713 ssp = sock->sk->sk_security;
2714
2715 if (strcmp(name, XATTR_SMACK_IPIN) == 0)
2716 ssp->smk_in = skp;
2717 else if (strcmp(name, XATTR_SMACK_IPOUT) == 0) {
2718 ssp->smk_out = skp;
2719 if (sock->sk->sk_family == PF_INET) {
2720 rc = smack_netlbl_add(sock->sk);
2721 if (rc != 0)
2722 printk(KERN_WARNING
2723 "Smack: \"%s\" netlbl error %d.\n",
2724 __func__, -rc);
2725 }
2726 } else
2727 return -EOPNOTSUPP;
2728
2729#ifdef SMACK_IPV6_PORT_LABELING
2730 if (sock->sk->sk_family == PF_INET6)
2731 smk_ipv6_port_label(sock, NULL);
2732#endif
2733
2734 return 0;
2735}
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749static int smack_socket_post_create(struct socket *sock, int family,
2750 int type, int protocol, int kern)
2751{
2752 struct socket_smack *ssp;
2753
2754 if (sock->sk == NULL)
2755 return 0;
2756
2757
2758
2759
2760 if (unlikely(current->flags & PF_KTHREAD)) {
2761 ssp = sock->sk->sk_security;
2762 ssp->smk_in = &smack_known_web;
2763 ssp->smk_out = &smack_known_web;
2764 }
2765
2766 if (family != PF_INET)
2767 return 0;
2768
2769
2770
2771 return smack_netlbl_add(sock->sk);
2772}
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783static int smack_socket_socketpair(struct socket *socka,
2784 struct socket *sockb)
2785{
2786 struct socket_smack *asp = socka->sk->sk_security;
2787 struct socket_smack *bsp = sockb->sk->sk_security;
2788
2789 asp->smk_packet = bsp->smk_out;
2790 bsp->smk_packet = asp->smk_out;
2791
2792 return 0;
2793}
2794
2795#ifdef SMACK_IPV6_PORT_LABELING
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806static int smack_socket_bind(struct socket *sock, struct sockaddr *address,
2807 int addrlen)
2808{
2809 if (sock->sk != NULL && sock->sk->sk_family == PF_INET6) {
2810 if (addrlen < SIN6_LEN_RFC2133 ||
2811 address->sa_family != AF_INET6)
2812 return -EINVAL;
2813 smk_ipv6_port_label(sock, address);
2814 }
2815 return 0;
2816}
2817#endif
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829static int smack_socket_connect(struct socket *sock, struct sockaddr *sap,
2830 int addrlen)
2831{
2832 int rc = 0;
2833
2834 if (sock->sk == NULL)
2835 return 0;
2836 if (sock->sk->sk_family != PF_INET &&
2837 (!IS_ENABLED(CONFIG_IPV6) || sock->sk->sk_family != PF_INET6))
2838 return 0;
2839 if (addrlen < offsetofend(struct sockaddr, sa_family))
2840 return 0;
2841 if (IS_ENABLED(CONFIG_IPV6) && sap->sa_family == AF_INET6) {
2842 struct sockaddr_in6 *sip = (struct sockaddr_in6 *)sap;
2843 struct smack_known *rsp = NULL;
2844
2845 if (addrlen < SIN6_LEN_RFC2133)
2846 return 0;
2847 if (__is_defined(SMACK_IPV6_SECMARK_LABELING))
2848 rsp = smack_ipv6host_label(sip);
2849 if (rsp != NULL) {
2850 struct socket_smack *ssp = sock->sk->sk_security;
2851
2852 rc = smk_ipv6_check(ssp->smk_out, rsp, sip,
2853 SMK_CONNECTING);
2854 }
2855 if (__is_defined(SMACK_IPV6_PORT_LABELING))
2856 rc = smk_ipv6_port_check(sock->sk, sip, SMK_CONNECTING);
2857
2858 return rc;
2859 }
2860 if (sap->sa_family != AF_INET || addrlen < sizeof(struct sockaddr_in))
2861 return 0;
2862 rc = smk_ipv4_check(sock->sk, (struct sockaddr_in *)sap);
2863 return rc;
2864}
2865
2866
2867
2868
2869
2870
2871
2872static int smack_flags_to_may(int flags)
2873{
2874 int may = 0;
2875
2876 if (flags & S_IRUGO)
2877 may |= MAY_READ;
2878 if (flags & S_IWUGO)
2879 may |= MAY_WRITE;
2880 if (flags & S_IXUGO)
2881 may |= MAY_EXEC;
2882
2883 return may;
2884}
2885
2886
2887
2888
2889
2890
2891
2892static int smack_msg_msg_alloc_security(struct msg_msg *msg)
2893{
2894 struct smack_known **blob = smack_msg_msg(msg);
2895
2896 *blob = smk_of_current();
2897 return 0;
2898}
2899
2900
2901
2902
2903
2904
2905
2906static struct smack_known *smack_of_ipc(struct kern_ipc_perm *isp)
2907{
2908 struct smack_known **blob = smack_ipc(isp);
2909
2910 return *blob;
2911}
2912
2913
2914
2915
2916
2917
2918
2919static int smack_ipc_alloc_security(struct kern_ipc_perm *isp)
2920{
2921 struct smack_known **blob = smack_ipc(isp);
2922
2923 *blob = smk_of_current();
2924 return 0;
2925}
2926
2927
2928
2929
2930
2931
2932
2933
2934static int smk_curacc_shm(struct kern_ipc_perm *isp, int access)
2935{
2936 struct smack_known *ssp = smack_of_ipc(isp);
2937 struct smk_audit_info ad;
2938 int rc;
2939
2940#ifdef CONFIG_AUDIT
2941 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
2942 ad.a.u.ipc_id = isp->id;
2943#endif
2944 rc = smk_curacc(ssp, access, &ad);
2945 rc = smk_bu_current("shm", ssp, access, rc);
2946 return rc;
2947}
2948
2949
2950
2951
2952
2953
2954
2955
2956static int smack_shm_associate(struct kern_ipc_perm *isp, int shmflg)
2957{
2958 int may;
2959
2960 may = smack_flags_to_may(shmflg);
2961 return smk_curacc_shm(isp, may);
2962}
2963
2964
2965
2966
2967
2968
2969
2970
2971static int smack_shm_shmctl(struct kern_ipc_perm *isp, int cmd)
2972{
2973 int may;
2974
2975 switch (cmd) {
2976 case IPC_STAT:
2977 case SHM_STAT:
2978 case SHM_STAT_ANY:
2979 may = MAY_READ;
2980 break;
2981 case IPC_SET:
2982 case SHM_LOCK:
2983 case SHM_UNLOCK:
2984 case IPC_RMID:
2985 may = MAY_READWRITE;
2986 break;
2987 case IPC_INFO:
2988 case SHM_INFO:
2989
2990
2991
2992 return 0;
2993 default:
2994 return -EINVAL;
2995 }
2996 return smk_curacc_shm(isp, may);
2997}
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007static int smack_shm_shmat(struct kern_ipc_perm *isp, char __user *shmaddr,
3008 int shmflg)
3009{
3010 int may;
3011
3012 may = smack_flags_to_may(shmflg);
3013 return smk_curacc_shm(isp, may);
3014}
3015
3016
3017
3018
3019
3020
3021
3022
3023static int smk_curacc_sem(struct kern_ipc_perm *isp, int access)
3024{
3025 struct smack_known *ssp = smack_of_ipc(isp);
3026 struct smk_audit_info ad;
3027 int rc;
3028
3029#ifdef CONFIG_AUDIT
3030 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
3031 ad.a.u.ipc_id = isp->id;
3032#endif
3033 rc = smk_curacc(ssp, access, &ad);
3034 rc = smk_bu_current("sem", ssp, access, rc);
3035 return rc;
3036}
3037
3038
3039
3040
3041
3042
3043
3044
3045static int smack_sem_associate(struct kern_ipc_perm *isp, int semflg)
3046{
3047 int may;
3048
3049 may = smack_flags_to_may(semflg);
3050 return smk_curacc_sem(isp, may);
3051}
3052
3053
3054
3055
3056
3057
3058
3059
3060static int smack_sem_semctl(struct kern_ipc_perm *isp, int cmd)
3061{
3062 int may;
3063
3064 switch (cmd) {
3065 case GETPID:
3066 case GETNCNT:
3067 case GETZCNT:
3068 case GETVAL:
3069 case GETALL:
3070 case IPC_STAT:
3071 case SEM_STAT:
3072 case SEM_STAT_ANY:
3073 may = MAY_READ;
3074 break;
3075 case SETVAL:
3076 case SETALL:
3077 case IPC_RMID:
3078 case IPC_SET:
3079 may = MAY_READWRITE;
3080 break;
3081 case IPC_INFO:
3082 case SEM_INFO:
3083
3084
3085
3086 return 0;
3087 default:
3088 return -EINVAL;
3089 }
3090
3091 return smk_curacc_sem(isp, may);
3092}
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105static int smack_sem_semop(struct kern_ipc_perm *isp, struct sembuf *sops,
3106 unsigned nsops, int alter)
3107{
3108 return smk_curacc_sem(isp, MAY_READWRITE);
3109}
3110
3111
3112
3113
3114
3115
3116
3117
3118static int smk_curacc_msq(struct kern_ipc_perm *isp, int access)
3119{
3120 struct smack_known *msp = smack_of_ipc(isp);
3121 struct smk_audit_info ad;
3122 int rc;
3123
3124#ifdef CONFIG_AUDIT
3125 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
3126 ad.a.u.ipc_id = isp->id;
3127#endif
3128 rc = smk_curacc(msp, access, &ad);
3129 rc = smk_bu_current("msq", msp, access, rc);
3130 return rc;
3131}
3132
3133
3134
3135
3136
3137
3138
3139
3140static int smack_msg_queue_associate(struct kern_ipc_perm *isp, int msqflg)
3141{
3142 int may;
3143
3144 may = smack_flags_to_may(msqflg);
3145 return smk_curacc_msq(isp, may);
3146}
3147
3148
3149
3150
3151
3152
3153
3154
3155static int smack_msg_queue_msgctl(struct kern_ipc_perm *isp, int cmd)
3156{
3157 int may;
3158
3159 switch (cmd) {
3160 case IPC_STAT:
3161 case MSG_STAT:
3162 case MSG_STAT_ANY:
3163 may = MAY_READ;
3164 break;
3165 case IPC_SET:
3166 case IPC_RMID:
3167 may = MAY_READWRITE;
3168 break;
3169 case IPC_INFO:
3170 case MSG_INFO:
3171
3172
3173
3174 return 0;
3175 default:
3176 return -EINVAL;
3177 }
3178
3179 return smk_curacc_msq(isp, may);
3180}
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190static int smack_msg_queue_msgsnd(struct kern_ipc_perm *isp, struct msg_msg *msg,
3191 int msqflg)
3192{
3193 int may;
3194
3195 may = smack_flags_to_may(msqflg);
3196 return smk_curacc_msq(isp, may);
3197}
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209static int smack_msg_queue_msgrcv(struct kern_ipc_perm *isp, struct msg_msg *msg,
3210 struct task_struct *target, long type, int mode)
3211{
3212 return smk_curacc_msq(isp, MAY_READWRITE);
3213}
3214
3215
3216
3217
3218
3219
3220
3221
3222static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag)
3223{
3224 struct smack_known **blob = smack_ipc(ipp);
3225 struct smack_known *iskp = *blob;
3226 int may = smack_flags_to_may(flag);
3227 struct smk_audit_info ad;
3228 int rc;
3229
3230#ifdef CONFIG_AUDIT
3231 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
3232 ad.a.u.ipc_id = ipp->id;
3233#endif
3234 rc = smk_curacc(iskp, may, &ad);
3235 rc = smk_bu_current("svipc", iskp, may, rc);
3236 return rc;
3237}
3238
3239
3240
3241
3242
3243
3244static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
3245{
3246 struct smack_known **blob = smack_ipc(ipp);
3247 struct smack_known *iskp = *blob;
3248
3249 *secid = iskp->smk_secid;
3250}
3251
3252
3253
3254
3255
3256
3257
3258
3259static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
3260{
3261 struct super_block *sbp;
3262 struct superblock_smack *sbsp;
3263 struct inode_smack *isp;
3264 struct smack_known *skp;
3265 struct smack_known *ckp = smk_of_current();
3266 struct smack_known *final;
3267 char trattr[TRANS_TRUE_SIZE];
3268 int transflag = 0;
3269 int rc;
3270 struct dentry *dp;
3271
3272 if (inode == NULL)
3273 return;
3274
3275 isp = smack_inode(inode);
3276
3277
3278
3279
3280
3281 if (isp->smk_flags & SMK_INODE_INSTANT)
3282 return;
3283
3284 sbp = inode->i_sb;
3285 sbsp = smack_superblock(sbp);
3286
3287
3288
3289
3290 final = sbsp->smk_default;
3291
3292
3293
3294
3295
3296
3297
3298 if (opt_dentry->d_parent == opt_dentry) {
3299 switch (sbp->s_magic) {
3300 case CGROUP_SUPER_MAGIC:
3301 case CGROUP2_SUPER_MAGIC:
3302
3303
3304
3305
3306
3307 sbsp->smk_root = &smack_known_star;
3308 sbsp->smk_default = &smack_known_star;
3309 isp->smk_inode = sbsp->smk_root;
3310 break;
3311 case TMPFS_MAGIC:
3312
3313
3314
3315
3316 isp->smk_inode = smk_of_current();
3317 break;
3318 case PIPEFS_MAGIC:
3319 isp->smk_inode = smk_of_current();
3320 break;
3321 case SOCKFS_MAGIC:
3322
3323
3324
3325
3326 isp->smk_inode = &smack_known_star;
3327 break;
3328 default:
3329 isp->smk_inode = sbsp->smk_root;
3330 break;
3331 }
3332 isp->smk_flags |= SMK_INODE_INSTANT;
3333 return;
3334 }
3335
3336
3337
3338
3339
3340
3341
3342 switch (sbp->s_magic) {
3343 case SMACK_MAGIC:
3344 case CGROUP_SUPER_MAGIC:
3345 case CGROUP2_SUPER_MAGIC:
3346
3347
3348
3349
3350
3351
3352
3353 final = &smack_known_star;
3354 break;
3355 case DEVPTS_SUPER_MAGIC:
3356
3357
3358
3359
3360
3361 final = ckp;
3362 break;
3363 case PROC_SUPER_MAGIC:
3364
3365
3366
3367
3368 break;
3369 case TMPFS_MAGIC:
3370
3371
3372
3373
3374
3375 final = &smack_known_star;
3376
3377
3378
3379
3380
3381
3382 fallthrough;
3383 default:
3384
3385
3386
3387
3388
3389
3390
3391
3392 if (S_ISSOCK(inode->i_mode)) {
3393 final = &smack_known_star;
3394 break;
3395 }
3396
3397
3398
3399
3400
3401
3402 if (!(inode->i_opflags & IOP_XATTR))
3403 break;
3404
3405
3406
3407 dp = dget(opt_dentry);
3408 skp = smk_fetch(XATTR_NAME_SMACK, inode, dp);
3409 if (!IS_ERR_OR_NULL(skp))
3410 final = skp;
3411
3412
3413
3414
3415 if (S_ISDIR(inode->i_mode)) {
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425 if (isp->smk_flags & SMK_INODE_CHANGED) {
3426 isp->smk_flags &= ~SMK_INODE_CHANGED;
3427 rc = __vfs_setxattr(&init_user_ns, dp, inode,
3428 XATTR_NAME_SMACKTRANSMUTE,
3429 TRANS_TRUE, TRANS_TRUE_SIZE,
3430 0);
3431 } else {
3432 rc = __vfs_getxattr(dp, inode,
3433 XATTR_NAME_SMACKTRANSMUTE, trattr,
3434 TRANS_TRUE_SIZE);
3435 if (rc >= 0 && strncmp(trattr, TRANS_TRUE,
3436 TRANS_TRUE_SIZE) != 0)
3437 rc = -EINVAL;
3438 }
3439 if (rc >= 0)
3440 transflag = SMK_INODE_TRANSMUTE;
3441 }
3442
3443
3444
3445 skp = smk_fetch(XATTR_NAME_SMACKEXEC, inode, dp);
3446 if (IS_ERR(skp) || skp == &smack_known_star ||
3447 skp == &smack_known_web)
3448 skp = NULL;
3449 isp->smk_task = skp;
3450
3451 skp = smk_fetch(XATTR_NAME_SMACKMMAP, inode, dp);
3452 if (IS_ERR(skp) || skp == &smack_known_star ||
3453 skp == &smack_known_web)
3454 skp = NULL;
3455 isp->smk_mmap = skp;
3456
3457 dput(dp);
3458 break;
3459 }
3460
3461 if (final == NULL)
3462 isp->smk_inode = ckp;
3463 else
3464 isp->smk_inode = final;
3465
3466 isp->smk_flags |= (SMK_INODE_INSTANT | transflag);
3467
3468 return;
3469}
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481static int smack_getprocattr(struct task_struct *p, char *name, char **value)
3482{
3483 struct smack_known *skp = smk_of_task_struct_subj(p);
3484 char *cp;
3485 int slen;
3486
3487 if (strcmp(name, "current") != 0)
3488 return -EINVAL;
3489
3490 cp = kstrdup(skp->smk_known, GFP_KERNEL);
3491 if (cp == NULL)
3492 return -ENOMEM;
3493
3494 slen = strlen(cp);
3495 *value = cp;
3496 return slen;
3497}
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510static int smack_setprocattr(const char *name, void *value, size_t size)
3511{
3512 struct task_smack *tsp = smack_cred(current_cred());
3513 struct cred *new;
3514 struct smack_known *skp;
3515 struct smack_known_list_elem *sklep;
3516 int rc;
3517
3518 if (!smack_privileged(CAP_MAC_ADMIN) && list_empty(&tsp->smk_relabel))
3519 return -EPERM;
3520
3521 if (value == NULL || size == 0 || size >= SMK_LONGLABEL)
3522 return -EINVAL;
3523
3524 if (strcmp(name, "current") != 0)
3525 return -EINVAL;
3526
3527 skp = smk_import_entry(value, size);
3528 if (IS_ERR(skp))
3529 return PTR_ERR(skp);
3530
3531
3532
3533
3534
3535 if (skp == &smack_known_web || skp == &smack_known_star)
3536 return -EINVAL;
3537
3538 if (!smack_privileged(CAP_MAC_ADMIN)) {
3539 rc = -EPERM;
3540 list_for_each_entry(sklep, &tsp->smk_relabel, list)
3541 if (sklep->smk_label == skp) {
3542 rc = 0;
3543 break;
3544 }
3545 if (rc)
3546 return rc;
3547 }
3548
3549 new = prepare_creds();
3550 if (new == NULL)
3551 return -ENOMEM;
3552
3553 tsp = smack_cred(new);
3554 tsp->smk_task = skp;
3555
3556
3557
3558 smk_destroy_label_list(&tsp->smk_relabel);
3559
3560 commit_creds(new);
3561 return size;
3562}
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573static int smack_unix_stream_connect(struct sock *sock,
3574 struct sock *other, struct sock *newsk)
3575{
3576 struct smack_known *skp;
3577 struct smack_known *okp;
3578 struct socket_smack *ssp = sock->sk_security;
3579 struct socket_smack *osp = other->sk_security;
3580 struct socket_smack *nsp = newsk->sk_security;
3581 struct smk_audit_info ad;
3582 int rc = 0;
3583#ifdef CONFIG_AUDIT
3584 struct lsm_network_audit net;
3585#endif
3586
3587 if (!smack_privileged(CAP_MAC_OVERRIDE)) {
3588 skp = ssp->smk_out;
3589 okp = osp->smk_in;
3590#ifdef CONFIG_AUDIT
3591 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
3592 smk_ad_setfield_u_net_sk(&ad, other);
3593#endif
3594 rc = smk_access(skp, okp, MAY_WRITE, &ad);
3595 rc = smk_bu_note("UDS connect", skp, okp, MAY_WRITE, rc);
3596 if (rc == 0) {
3597 okp = osp->smk_out;
3598 skp = ssp->smk_in;
3599 rc = smk_access(okp, skp, MAY_WRITE, &ad);
3600 rc = smk_bu_note("UDS connect", okp, skp,
3601 MAY_WRITE, rc);
3602 }
3603 }
3604
3605
3606
3607
3608 if (rc == 0) {
3609 nsp->smk_packet = ssp->smk_out;
3610 ssp->smk_packet = osp->smk_out;
3611 }
3612
3613 return rc;
3614}
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624static int smack_unix_may_send(struct socket *sock, struct socket *other)
3625{
3626 struct socket_smack *ssp = sock->sk->sk_security;
3627 struct socket_smack *osp = other->sk->sk_security;
3628 struct smk_audit_info ad;
3629 int rc;
3630
3631#ifdef CONFIG_AUDIT
3632 struct lsm_network_audit net;
3633
3634 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
3635 smk_ad_setfield_u_net_sk(&ad, other->sk);
3636#endif
3637
3638 if (smack_privileged(CAP_MAC_OVERRIDE))
3639 return 0;
3640
3641 rc = smk_access(ssp->smk_out, osp->smk_in, MAY_WRITE, &ad);
3642 rc = smk_bu_note("UDS send", ssp->smk_out, osp->smk_in, MAY_WRITE, rc);
3643 return rc;
3644}
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656static int smack_socket_sendmsg(struct socket *sock, struct msghdr *msg,
3657 int size)
3658{
3659 struct sockaddr_in *sip = (struct sockaddr_in *) msg->msg_name;
3660#if IS_ENABLED(CONFIG_IPV6)
3661 struct sockaddr_in6 *sap = (struct sockaddr_in6 *) msg->msg_name;
3662#endif
3663#ifdef SMACK_IPV6_SECMARK_LABELING
3664 struct socket_smack *ssp = sock->sk->sk_security;
3665 struct smack_known *rsp;
3666#endif
3667 int rc = 0;
3668
3669
3670
3671
3672 if (sip == NULL)
3673 return 0;
3674
3675 switch (sock->sk->sk_family) {
3676 case AF_INET:
3677 if (msg->msg_namelen < sizeof(struct sockaddr_in) ||
3678 sip->sin_family != AF_INET)
3679 return -EINVAL;
3680 rc = smk_ipv4_check(sock->sk, sip);
3681 break;
3682#if IS_ENABLED(CONFIG_IPV6)
3683 case AF_INET6:
3684 if (msg->msg_namelen < SIN6_LEN_RFC2133 ||
3685 sap->sin6_family != AF_INET6)
3686 return -EINVAL;
3687#ifdef SMACK_IPV6_SECMARK_LABELING
3688 rsp = smack_ipv6host_label(sap);
3689 if (rsp != NULL)
3690 rc = smk_ipv6_check(ssp->smk_out, rsp, sap,
3691 SMK_CONNECTING);
3692#endif
3693#ifdef SMACK_IPV6_PORT_LABELING
3694 rc = smk_ipv6_port_check(sock->sk, sap, SMK_SENDING);
3695#endif
3696#endif
3697 break;
3698 }
3699 return rc;
3700}
3701
3702
3703
3704
3705
3706
3707
3708
3709static struct smack_known *smack_from_secattr(struct netlbl_lsm_secattr *sap,
3710 struct socket_smack *ssp)
3711{
3712 struct smack_known *skp;
3713 int found = 0;
3714 int acat;
3715 int kcat;
3716
3717
3718
3719
3720 if ((sap->flags & NETLBL_SECATTR_CACHE) != 0)
3721 return (struct smack_known *)sap->cache->data;
3722
3723 if ((sap->flags & NETLBL_SECATTR_SECID) != 0)
3724
3725
3726
3727 return smack_from_secid(sap->attr.secid);
3728
3729 if ((sap->flags & NETLBL_SECATTR_MLS_LVL) != 0) {
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740 rcu_read_lock();
3741 list_for_each_entry_rcu(skp, &smack_known_list, list) {
3742 if (sap->attr.mls.lvl != skp->smk_netlabel.attr.mls.lvl)
3743 continue;
3744
3745
3746
3747 if ((sap->flags & NETLBL_SECATTR_MLS_CAT) == 0) {
3748 if ((skp->smk_netlabel.flags &
3749 NETLBL_SECATTR_MLS_CAT) == 0)
3750 found = 1;
3751 break;
3752 }
3753 for (acat = -1, kcat = -1; acat == kcat; ) {
3754 acat = netlbl_catmap_walk(sap->attr.mls.cat,
3755 acat + 1);
3756 kcat = netlbl_catmap_walk(
3757 skp->smk_netlabel.attr.mls.cat,
3758 kcat + 1);
3759 if (acat < 0 || kcat < 0)
3760 break;
3761 }
3762 if (acat == kcat) {
3763 found = 1;
3764 break;
3765 }
3766 }
3767 rcu_read_unlock();
3768
3769 if (found)
3770 return skp;
3771
3772 if (ssp != NULL && ssp->smk_in == &smack_known_star)
3773 return &smack_known_web;
3774 return &smack_known_star;
3775 }
3776
3777
3778
3779
3780
3781 return smack_net_ambient;
3782}
3783
3784#if IS_ENABLED(CONFIG_IPV6)
3785static int smk_skb_to_addr_ipv6(struct sk_buff *skb, struct sockaddr_in6 *sip)
3786{
3787 u8 nexthdr;
3788 int offset;
3789 int proto = -EINVAL;
3790 struct ipv6hdr _ipv6h;
3791 struct ipv6hdr *ip6;
3792 __be16 frag_off;
3793 struct tcphdr _tcph, *th;
3794 struct udphdr _udph, *uh;
3795 struct dccp_hdr _dccph, *dh;
3796
3797 sip->sin6_port = 0;
3798
3799 offset = skb_network_offset(skb);
3800 ip6 = skb_header_pointer(skb, offset, sizeof(_ipv6h), &_ipv6h);
3801 if (ip6 == NULL)
3802 return -EINVAL;
3803 sip->sin6_addr = ip6->saddr;
3804
3805 nexthdr = ip6->nexthdr;
3806 offset += sizeof(_ipv6h);
3807 offset = ipv6_skip_exthdr(skb, offset, &nexthdr, &frag_off);
3808 if (offset < 0)
3809 return -EINVAL;
3810
3811 proto = nexthdr;
3812 switch (proto) {
3813 case IPPROTO_TCP:
3814 th = skb_header_pointer(skb, offset, sizeof(_tcph), &_tcph);
3815 if (th != NULL)
3816 sip->sin6_port = th->source;
3817 break;
3818 case IPPROTO_UDP:
3819 case IPPROTO_UDPLITE:
3820 uh = skb_header_pointer(skb, offset, sizeof(_udph), &_udph);
3821 if (uh != NULL)
3822 sip->sin6_port = uh->source;
3823 break;
3824 case IPPROTO_DCCP:
3825 dh = skb_header_pointer(skb, offset, sizeof(_dccph), &_dccph);
3826 if (dh != NULL)
3827 sip->sin6_port = dh->dccph_sport;
3828 break;
3829 }
3830 return proto;
3831}
3832#endif
3833
3834
3835
3836
3837
3838
3839
3840#ifdef CONFIG_NETWORK_SECMARK
3841static struct smack_known *smack_from_skb(struct sk_buff *skb)
3842{
3843 if (skb == NULL || skb->secmark == 0)
3844 return NULL;
3845
3846 return smack_from_secid(skb->secmark);
3847}
3848#else
3849static inline struct smack_known *smack_from_skb(struct sk_buff *skb)
3850{
3851 return NULL;
3852}
3853#endif
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866static struct smack_known *smack_from_netlbl(const struct sock *sk, u16 family,
3867 struct sk_buff *skb)
3868{
3869 struct netlbl_lsm_secattr secattr;
3870 struct socket_smack *ssp = NULL;
3871 struct smack_known *skp = NULL;
3872
3873 netlbl_secattr_init(&secattr);
3874
3875 if (sk)
3876 ssp = sk->sk_security;
3877
3878 if (netlbl_skbuff_getattr(skb, family, &secattr) == 0) {
3879 skp = smack_from_secattr(&secattr, ssp);
3880 if (secattr.flags & NETLBL_SECATTR_CACHEABLE)
3881 netlbl_cache_add(skb, family, &skp->smk_netlabel);
3882 }
3883
3884 netlbl_secattr_destroy(&secattr);
3885
3886 return skp;
3887}
3888
3889
3890
3891
3892
3893
3894
3895
3896static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
3897{
3898 struct socket_smack *ssp = sk->sk_security;
3899 struct smack_known *skp = NULL;
3900 int rc = 0;
3901 struct smk_audit_info ad;
3902 u16 family = sk->sk_family;
3903#ifdef CONFIG_AUDIT
3904 struct lsm_network_audit net;
3905#endif
3906#if IS_ENABLED(CONFIG_IPV6)
3907 struct sockaddr_in6 sadd;
3908 int proto;
3909
3910 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP))
3911 family = PF_INET;
3912#endif
3913
3914 switch (family) {
3915 case PF_INET:
3916
3917
3918
3919
3920
3921 skp = smack_from_skb(skb);
3922 if (skp == NULL) {
3923 skp = smack_from_netlbl(sk, family, skb);
3924 if (skp == NULL)
3925 skp = smack_net_ambient;
3926 }
3927
3928#ifdef CONFIG_AUDIT
3929 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
3930 ad.a.u.net->family = family;
3931 ad.a.u.net->netif = skb->skb_iif;
3932 ipv4_skb_to_auditdata(skb, &ad.a, NULL);
3933#endif
3934
3935
3936
3937
3938
3939
3940 rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
3941 rc = smk_bu_note("IPv4 delivery", skp, ssp->smk_in,
3942 MAY_WRITE, rc);
3943 if (rc != 0)
3944 netlbl_skbuff_err(skb, family, rc, 0);
3945 break;
3946#if IS_ENABLED(CONFIG_IPV6)
3947 case PF_INET6:
3948 proto = smk_skb_to_addr_ipv6(skb, &sadd);
3949 if (proto != IPPROTO_UDP && proto != IPPROTO_UDPLITE &&
3950 proto != IPPROTO_TCP && proto != IPPROTO_DCCP)
3951 break;
3952#ifdef SMACK_IPV6_SECMARK_LABELING
3953 skp = smack_from_skb(skb);
3954 if (skp == NULL) {
3955 if (smk_ipv6_localhost(&sadd))
3956 break;
3957 skp = smack_ipv6host_label(&sadd);
3958 if (skp == NULL)
3959 skp = smack_net_ambient;
3960 }
3961#ifdef CONFIG_AUDIT
3962 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
3963 ad.a.u.net->family = family;
3964 ad.a.u.net->netif = skb->skb_iif;
3965 ipv6_skb_to_auditdata(skb, &ad.a, NULL);
3966#endif
3967 rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
3968 rc = smk_bu_note("IPv6 delivery", skp, ssp->smk_in,
3969 MAY_WRITE, rc);
3970#endif
3971#ifdef SMACK_IPV6_PORT_LABELING
3972 rc = smk_ipv6_port_check(sk, &sadd, SMK_RECEIVING);
3973#endif
3974 if (rc != 0)
3975 icmpv6_send(skb, ICMPV6_DEST_UNREACH,
3976 ICMPV6_ADM_PROHIBITED, 0);
3977 break;
3978#endif
3979 }
3980
3981 return rc;
3982}
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993static int smack_socket_getpeersec_stream(struct socket *sock,
3994 char __user *optval,
3995 int __user *optlen, unsigned len)
3996{
3997 struct socket_smack *ssp;
3998 char *rcp = "";
3999 int slen = 1;
4000 int rc = 0;
4001
4002 ssp = sock->sk->sk_security;
4003 if (ssp->smk_packet != NULL) {
4004 rcp = ssp->smk_packet->smk_known;
4005 slen = strlen(rcp) + 1;
4006 }
4007
4008 if (slen > len)
4009 rc = -ERANGE;
4010 else if (copy_to_user(optval, rcp, slen) != 0)
4011 rc = -EFAULT;
4012
4013 if (put_user(slen, optlen) != 0)
4014 rc = -EFAULT;
4015
4016 return rc;
4017}
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028static int smack_socket_getpeersec_dgram(struct socket *sock,
4029 struct sk_buff *skb, u32 *secid)
4030
4031{
4032 struct socket_smack *ssp = NULL;
4033 struct smack_known *skp;
4034 struct sock *sk = NULL;
4035 int family = PF_UNSPEC;
4036 u32 s = 0;
4037
4038 if (skb != NULL) {
4039 if (skb->protocol == htons(ETH_P_IP))
4040 family = PF_INET;
4041#if IS_ENABLED(CONFIG_IPV6)
4042 else if (skb->protocol == htons(ETH_P_IPV6))
4043 family = PF_INET6;
4044#endif
4045 }
4046 if (family == PF_UNSPEC && sock != NULL)
4047 family = sock->sk->sk_family;
4048
4049 switch (family) {
4050 case PF_UNIX:
4051 ssp = sock->sk->sk_security;
4052 s = ssp->smk_out->smk_secid;
4053 break;
4054 case PF_INET:
4055 skp = smack_from_skb(skb);
4056 if (skp) {
4057 s = skp->smk_secid;
4058 break;
4059 }
4060
4061
4062
4063 if (sock != NULL)
4064 sk = sock->sk;
4065 skp = smack_from_netlbl(sk, family, skb);
4066 if (skp != NULL)
4067 s = skp->smk_secid;
4068 break;
4069 case PF_INET6:
4070#ifdef SMACK_IPV6_SECMARK_LABELING
4071 skp = smack_from_skb(skb);
4072 if (skp)
4073 s = skp->smk_secid;
4074#endif
4075 break;
4076 }
4077 *secid = s;
4078 if (s == 0)
4079 return -EINVAL;
4080 return 0;
4081}
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091static void smack_sock_graft(struct sock *sk, struct socket *parent)
4092{
4093 struct socket_smack *ssp;
4094 struct smack_known *skp = smk_of_current();
4095
4096 if (sk == NULL ||
4097 (sk->sk_family != PF_INET && sk->sk_family != PF_INET6))
4098 return;
4099
4100 ssp = sk->sk_security;
4101 ssp->smk_in = skp;
4102 ssp->smk_out = skp;
4103
4104}
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115static int smack_inet_conn_request(const struct sock *sk, struct sk_buff *skb,
4116 struct request_sock *req)
4117{
4118 u16 family = sk->sk_family;
4119 struct smack_known *skp;
4120 struct socket_smack *ssp = sk->sk_security;
4121 struct sockaddr_in addr;
4122 struct iphdr *hdr;
4123 struct smack_known *hskp;
4124 int rc;
4125 struct smk_audit_info ad;
4126#ifdef CONFIG_AUDIT
4127 struct lsm_network_audit net;
4128#endif
4129
4130#if IS_ENABLED(CONFIG_IPV6)
4131 if (family == PF_INET6) {
4132
4133
4134
4135
4136
4137 if (skb->protocol == htons(ETH_P_IP))
4138 family = PF_INET;
4139 else
4140 return 0;
4141 }
4142#endif
4143
4144
4145
4146
4147
4148
4149 skp = smack_from_skb(skb);
4150 if (skp == NULL) {
4151 skp = smack_from_netlbl(sk, family, skb);
4152 if (skp == NULL)
4153 skp = &smack_known_huh;
4154 }
4155
4156#ifdef CONFIG_AUDIT
4157 smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
4158 ad.a.u.net->family = family;
4159 ad.a.u.net->netif = skb->skb_iif;
4160 ipv4_skb_to_auditdata(skb, &ad.a, NULL);
4161#endif
4162
4163
4164
4165
4166 rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
4167 rc = smk_bu_note("IPv4 connect", skp, ssp->smk_in, MAY_WRITE, rc);
4168 if (rc != 0)
4169 return rc;
4170
4171
4172
4173
4174
4175 req->peer_secid = skp->smk_secid;
4176
4177
4178
4179
4180
4181
4182 hdr = ip_hdr(skb);
4183 addr.sin_addr.s_addr = hdr->saddr;
4184 rcu_read_lock();
4185 hskp = smack_ipv4host_label(&addr);
4186 rcu_read_unlock();
4187
4188 if (hskp == NULL)
4189 rc = netlbl_req_setattr(req, &skp->smk_netlabel);
4190 else
4191 netlbl_req_delattr(req);
4192
4193 return rc;
4194}
4195
4196
4197
4198
4199
4200
4201
4202
4203static void smack_inet_csk_clone(struct sock *sk,
4204 const struct request_sock *req)
4205{
4206 struct socket_smack *ssp = sk->sk_security;
4207 struct smack_known *skp;
4208
4209 if (req->peer_secid != 0) {
4210 skp = smack_from_secid(req->peer_secid);
4211 ssp->smk_packet = skp;
4212 } else
4213 ssp->smk_packet = NULL;
4214}
4215
4216
4217
4218
4219
4220
4221
4222
4223#ifdef CONFIG_KEYS
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235static int smack_key_alloc(struct key *key, const struct cred *cred,
4236 unsigned long flags)
4237{
4238 struct smack_known *skp = smk_of_task(smack_cred(cred));
4239
4240 key->security = skp;
4241 return 0;
4242}
4243
4244
4245
4246
4247
4248
4249
4250static void smack_key_free(struct key *key)
4251{
4252 key->security = NULL;
4253}
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264static int smack_key_permission(key_ref_t key_ref,
4265 const struct cred *cred,
4266 enum key_need_perm need_perm)
4267{
4268 struct key *keyp;
4269 struct smk_audit_info ad;
4270 struct smack_known *tkp = smk_of_task(smack_cred(cred));
4271 int request = 0;
4272 int rc;
4273
4274
4275
4276
4277 switch (need_perm) {
4278 case KEY_NEED_READ:
4279 case KEY_NEED_SEARCH:
4280 case KEY_NEED_VIEW:
4281 request |= MAY_READ;
4282 break;
4283 case KEY_NEED_WRITE:
4284 case KEY_NEED_LINK:
4285 case KEY_NEED_SETATTR:
4286 request |= MAY_WRITE;
4287 break;
4288 case KEY_NEED_UNSPECIFIED:
4289 case KEY_NEED_UNLINK:
4290 case KEY_SYSADMIN_OVERRIDE:
4291 case KEY_AUTHTOKEN_OVERRIDE:
4292 case KEY_DEFER_PERM_CHECK:
4293 return 0;
4294 default:
4295 return -EINVAL;
4296 }
4297
4298 keyp = key_ref_to_ptr(key_ref);
4299 if (keyp == NULL)
4300 return -EINVAL;
4301
4302
4303
4304
4305 if (keyp->security == NULL)
4306 return 0;
4307
4308
4309
4310 if (tkp == NULL)
4311 return -EACCES;
4312
4313 if (smack_privileged(CAP_MAC_OVERRIDE))
4314 return 0;
4315
4316#ifdef CONFIG_AUDIT
4317 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY);
4318 ad.a.u.key_struct.key = keyp->serial;
4319 ad.a.u.key_struct.key_desc = keyp->description;
4320#endif
4321 rc = smk_access(tkp, keyp->security, request, &ad);
4322 rc = smk_bu_note("key access", tkp, keyp->security, request, rc);
4323 return rc;
4324}
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335static int smack_key_getsecurity(struct key *key, char **_buffer)
4336{
4337 struct smack_known *skp = key->security;
4338 size_t length;
4339 char *copy;
4340
4341 if (key->security == NULL) {
4342 *_buffer = NULL;
4343 return 0;
4344 }
4345
4346 copy = kstrdup(skp->smk_known, GFP_KERNEL);
4347 if (copy == NULL)
4348 return -ENOMEM;
4349 length = strlen(copy) + 1;
4350
4351 *_buffer = copy;
4352 return length;
4353}
4354
4355
4356#ifdef CONFIG_KEY_NOTIFICATIONS
4357
4358
4359
4360
4361
4362
4363
4364static int smack_watch_key(struct key *key)
4365{
4366 struct smk_audit_info ad;
4367 struct smack_known *tkp = smk_of_current();
4368 int rc;
4369
4370 if (key == NULL)
4371 return -EINVAL;
4372
4373
4374
4375
4376 if (key->security == NULL)
4377 return 0;
4378
4379
4380
4381 if (tkp == NULL)
4382 return -EACCES;
4383
4384 if (smack_privileged_cred(CAP_MAC_OVERRIDE, current_cred()))
4385 return 0;
4386
4387#ifdef CONFIG_AUDIT
4388 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_KEY);
4389 ad.a.u.key_struct.key = key->serial;
4390 ad.a.u.key_struct.key_desc = key->description;
4391#endif
4392 rc = smk_access(tkp, key->security, MAY_READ, &ad);
4393 rc = smk_bu_note("key watch", tkp, key->security, MAY_READ, rc);
4394 return rc;
4395}
4396#endif
4397#endif
4398
4399#ifdef CONFIG_WATCH_QUEUE
4400
4401
4402
4403
4404
4405
4406static int smack_post_notification(const struct cred *w_cred,
4407 const struct cred *cred,
4408 struct watch_notification *n)
4409{
4410 struct smk_audit_info ad;
4411 struct smack_known *subj, *obj;
4412 int rc;
4413
4414
4415 if (n->type == WATCH_TYPE_META)
4416 return 0;
4417
4418 if (!cred)
4419 return 0;
4420 subj = smk_of_task(smack_cred(cred));
4421 obj = smk_of_task(smack_cred(w_cred));
4422
4423 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_NOTIFICATION);
4424 rc = smk_access(subj, obj, MAY_WRITE, &ad);
4425 rc = smk_bu_note("notification", subj, obj, MAY_WRITE, rc);
4426 return rc;
4427}
4428#endif
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443#ifdef CONFIG_AUDIT
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455static int smack_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
4456{
4457 struct smack_known *skp;
4458 char **rule = (char **)vrule;
4459 *rule = NULL;
4460
4461 if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER)
4462 return -EINVAL;
4463
4464 if (op != Audit_equal && op != Audit_not_equal)
4465 return -EINVAL;
4466
4467 skp = smk_import_entry(rulestr, 0);
4468 if (IS_ERR(skp))
4469 return PTR_ERR(skp);
4470
4471 *rule = skp->smk_known;
4472
4473 return 0;
4474}
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484static int smack_audit_rule_known(struct audit_krule *krule)
4485{
4486 struct audit_field *f;
4487 int i;
4488
4489 for (i = 0; i < krule->field_count; i++) {
4490 f = &krule->fields[i];
4491
4492 if (f->type == AUDIT_SUBJ_USER || f->type == AUDIT_OBJ_USER)
4493 return 1;
4494 }
4495
4496 return 0;
4497}
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule)
4510{
4511 struct smack_known *skp;
4512 char *rule = vrule;
4513
4514 if (unlikely(!rule)) {
4515 WARN_ONCE(1, "Smack: missing rule\n");
4516 return -ENOENT;
4517 }
4518
4519 if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER)
4520 return 0;
4521
4522 skp = smack_from_secid(secid);
4523
4524
4525
4526
4527
4528
4529 if (op == Audit_equal)
4530 return (rule == skp->smk_known);
4531 if (op == Audit_not_equal)
4532 return (rule != skp->smk_known);
4533
4534 return 0;
4535}
4536
4537
4538
4539
4540
4541
4542#endif
4543
4544
4545
4546
4547