2 * security/tomoyo/file.c
4 * Pathname restriction functions.
6 * Copyright (C) 2005-2010 NTT DATA CORPORATION
10 #include <linux/slab.h>
12 /* Keyword array for operations with one pathname. */
13 const char *tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION] = {
14 [TOMOYO_TYPE_EXECUTE] = "execute",
15 [TOMOYO_TYPE_READ] = "read",
16 [TOMOYO_TYPE_WRITE] = "write",
17 [TOMOYO_TYPE_APPEND] = "append",
18 [TOMOYO_TYPE_UNLINK] = "unlink",
19 [TOMOYO_TYPE_GETATTR] = "getattr",
20 [TOMOYO_TYPE_RMDIR] = "rmdir",
21 [TOMOYO_TYPE_TRUNCATE] = "truncate",
22 [TOMOYO_TYPE_SYMLINK] = "symlink",
23 [TOMOYO_TYPE_CHROOT] = "chroot",
24 [TOMOYO_TYPE_UMOUNT] = "unmount",
27 /* Keyword array for operations with one pathname and three numbers. */
28 const char *tomoyo_mkdev_keyword[TOMOYO_MAX_MKDEV_OPERATION] = {
29 [TOMOYO_TYPE_MKBLOCK] = "mkblock",
30 [TOMOYO_TYPE_MKCHAR] = "mkchar",
33 /* Keyword array for operations with two pathnames. */
34 const char *tomoyo_path2_keyword[TOMOYO_MAX_PATH2_OPERATION] = {
35 [TOMOYO_TYPE_LINK] = "link",
36 [TOMOYO_TYPE_RENAME] = "rename",
37 [TOMOYO_TYPE_PIVOT_ROOT] = "pivot_root",
40 /* Keyword array for operations with one pathname and one number. */
41 const char *tomoyo_path_number_keyword[TOMOYO_MAX_PATH_NUMBER_OPERATION] = {
42 [TOMOYO_TYPE_CREATE] = "create",
43 [TOMOYO_TYPE_MKDIR] = "mkdir",
44 [TOMOYO_TYPE_MKFIFO] = "mkfifo",
45 [TOMOYO_TYPE_MKSOCK] = "mksock",
46 [TOMOYO_TYPE_IOCTL] = "ioctl",
47 [TOMOYO_TYPE_CHMOD] = "chmod",
48 [TOMOYO_TYPE_CHOWN] = "chown",
49 [TOMOYO_TYPE_CHGRP] = "chgrp",
53 * Mapping table from "enum tomoyo_path_acl_index" to "enum tomoyo_mac_index".
55 static const u8 tomoyo_p2mac[TOMOYO_MAX_PATH_OPERATION] = {
56 [TOMOYO_TYPE_EXECUTE] = TOMOYO_MAC_FILE_EXECUTE,
57 [TOMOYO_TYPE_READ] = TOMOYO_MAC_FILE_OPEN,
58 [TOMOYO_TYPE_WRITE] = TOMOYO_MAC_FILE_OPEN,
59 [TOMOYO_TYPE_APPEND] = TOMOYO_MAC_FILE_OPEN,
60 [TOMOYO_TYPE_UNLINK] = TOMOYO_MAC_FILE_UNLINK,
61 [TOMOYO_TYPE_GETATTR] = TOMOYO_MAC_FILE_GETATTR,
62 [TOMOYO_TYPE_RMDIR] = TOMOYO_MAC_FILE_RMDIR,
63 [TOMOYO_TYPE_TRUNCATE] = TOMOYO_MAC_FILE_TRUNCATE,
64 [TOMOYO_TYPE_SYMLINK] = TOMOYO_MAC_FILE_SYMLINK,
65 [TOMOYO_TYPE_CHROOT] = TOMOYO_MAC_FILE_CHROOT,
66 [TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT,
70 * Mapping table from "enum tomoyo_mkdev_acl_index" to "enum tomoyo_mac_index".
72 static const u8 tomoyo_pnnn2mac[TOMOYO_MAX_MKDEV_OPERATION] = {
73 [TOMOYO_TYPE_MKBLOCK] = TOMOYO_MAC_FILE_MKBLOCK,
74 [TOMOYO_TYPE_MKCHAR] = TOMOYO_MAC_FILE_MKCHAR,
78 * Mapping table from "enum tomoyo_path2_acl_index" to "enum tomoyo_mac_index".
80 static const u8 tomoyo_pp2mac[TOMOYO_MAX_PATH2_OPERATION] = {
81 [TOMOYO_TYPE_LINK] = TOMOYO_MAC_FILE_LINK,
82 [TOMOYO_TYPE_RENAME] = TOMOYO_MAC_FILE_RENAME,
83 [TOMOYO_TYPE_PIVOT_ROOT] = TOMOYO_MAC_FILE_PIVOT_ROOT,
87 * Mapping table from "enum tomoyo_path_number_acl_index" to
88 * "enum tomoyo_mac_index".
90 static const u8 tomoyo_pn2mac[TOMOYO_MAX_PATH_NUMBER_OPERATION] = {
91 [TOMOYO_TYPE_CREATE] = TOMOYO_MAC_FILE_CREATE,
92 [TOMOYO_TYPE_MKDIR] = TOMOYO_MAC_FILE_MKDIR,
93 [TOMOYO_TYPE_MKFIFO] = TOMOYO_MAC_FILE_MKFIFO,
94 [TOMOYO_TYPE_MKSOCK] = TOMOYO_MAC_FILE_MKSOCK,
95 [TOMOYO_TYPE_IOCTL] = TOMOYO_MAC_FILE_IOCTL,
96 [TOMOYO_TYPE_CHMOD] = TOMOYO_MAC_FILE_CHMOD,
97 [TOMOYO_TYPE_CHOWN] = TOMOYO_MAC_FILE_CHOWN,
98 [TOMOYO_TYPE_CHGRP] = TOMOYO_MAC_FILE_CHGRP,
102 * tomoyo_put_name_union - Drop reference on "struct tomoyo_name_union".
104 * @ptr: Pointer to "struct tomoyo_name_union".
108 void tomoyo_put_name_union(struct tomoyo_name_union *ptr)
110 tomoyo_put_group(ptr->group);
111 tomoyo_put_name(ptr->filename);
115 * tomoyo_compare_name_union - Check whether a name matches "struct tomoyo_name_union" or not.
117 * @name: Pointer to "struct tomoyo_path_info".
118 * @ptr: Pointer to "struct tomoyo_name_union".
120 * Returns "struct tomoyo_path_info" if @name matches @ptr, NULL otherwise.
122 const struct tomoyo_path_info *
123 tomoyo_compare_name_union(const struct tomoyo_path_info *name,
124 const struct tomoyo_name_union *ptr)
127 return tomoyo_path_matches_group(name, ptr->group);
128 if (tomoyo_path_matches_pattern(name, ptr->filename))
129 return ptr->filename;
134 * tomoyo_put_number_union - Drop reference on "struct tomoyo_number_union".
136 * @ptr: Pointer to "struct tomoyo_number_union".
140 void tomoyo_put_number_union(struct tomoyo_number_union *ptr)
142 tomoyo_put_group(ptr->group);
146 * tomoyo_compare_number_union - Check whether a value matches "struct tomoyo_number_union" or not.
148 * @value: Number to check.
149 * @ptr: Pointer to "struct tomoyo_number_union".
151 * Returns true if @value matches @ptr, false otherwise.
153 bool tomoyo_compare_number_union(const unsigned long value,
154 const struct tomoyo_number_union *ptr)
157 return tomoyo_number_matches_group(value, value, ptr->group);
158 return value >= ptr->values[0] && value <= ptr->values[1];
162 * tomoyo_add_slash - Add trailing '/' if needed.
164 * @buf: Pointer to "struct tomoyo_path_info".
168 * @buf must be generated by tomoyo_encode() because this function does not
169 * allocate memory for adding '/'.
171 static void tomoyo_add_slash(struct tomoyo_path_info *buf)
176 * This is OK because tomoyo_encode() reserves space for appending "/".
178 strcat((char *) buf->name, "/");
179 tomoyo_fill_path_info(buf);
183 * tomoyo_get_realpath - Get realpath.
185 * @buf: Pointer to "struct tomoyo_path_info".
186 * @path: Pointer to "struct path".
188 * Returns true on success, false otherwise.
190 static bool tomoyo_get_realpath(struct tomoyo_path_info *buf, struct path *path)
192 buf->name = tomoyo_realpath_from_path(path);
194 tomoyo_fill_path_info(buf);
201 * tomoyo_audit_path_log - Audit path request log.
203 * @r: Pointer to "struct tomoyo_request_info".
205 * Returns 0 on success, negative value otherwise.
207 static int tomoyo_audit_path_log(struct tomoyo_request_info *r)
209 const char *operation = tomoyo_path_keyword[r->param.path.operation];
210 const struct tomoyo_path_info *filename = r->param.path.filename;
213 tomoyo_warn_log(r, "%s %s", operation, filename->name);
214 return tomoyo_supervisor(r, "allow_%s %s\n", operation,
219 * tomoyo_audit_path2_log - Audit path/path request log.
221 * @r: Pointer to "struct tomoyo_request_info".
223 * Returns 0 on success, negative value otherwise.
225 static int tomoyo_audit_path2_log(struct tomoyo_request_info *r)
227 const char *operation = tomoyo_path2_keyword[r->param.path2.operation];
228 const struct tomoyo_path_info *filename1 = r->param.path2.filename1;
229 const struct tomoyo_path_info *filename2 = r->param.path2.filename2;
232 tomoyo_warn_log(r, "%s %s %s", operation, filename1->name,
234 return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,
235 filename1->name, filename2->name);
239 * tomoyo_audit_mkdev_log - Audit path/number/number/number request log.
241 * @r: Pointer to "struct tomoyo_request_info".
243 * Returns 0 on success, negative value otherwise.
245 static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r)
247 const char *operation = tomoyo_mkdev_keyword[r->param.mkdev.operation];
248 const struct tomoyo_path_info *filename = r->param.mkdev.filename;
249 const unsigned int major = r->param.mkdev.major;
250 const unsigned int minor = r->param.mkdev.minor;
251 const unsigned int mode = r->param.mkdev.mode;
254 tomoyo_warn_log(r, "%s %s 0%o %u %u", operation, filename->name, mode,
256 return tomoyo_supervisor(r, "allow_%s %s 0%o %u %u\n", operation,
257 filename->name, mode, major, minor);
261 * tomoyo_audit_path_number_log - Audit path/number request log.
263 * @r: Pointer to "struct tomoyo_request_info".
265 * Returns 0 on success, negative value otherwise.
267 static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r)
269 const u8 type = r->param.path_number.operation;
271 const struct tomoyo_path_info *filename = r->param.path_number.filename;
272 const char *operation = tomoyo_path_number_keyword[type];
277 case TOMOYO_TYPE_CREATE:
278 case TOMOYO_TYPE_MKDIR:
279 case TOMOYO_TYPE_MKFIFO:
280 case TOMOYO_TYPE_MKSOCK:
281 case TOMOYO_TYPE_CHMOD:
282 radix = TOMOYO_VALUE_TYPE_OCTAL;
284 case TOMOYO_TYPE_IOCTL:
285 radix = TOMOYO_VALUE_TYPE_HEXADECIMAL;
288 radix = TOMOYO_VALUE_TYPE_DECIMAL;
291 tomoyo_print_ulong(buffer, sizeof(buffer), r->param.path_number.number,
293 tomoyo_warn_log(r, "%s %s %s", operation, filename->name, buffer);
294 return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,
295 filename->name, buffer);
299 * tomoyo_check_path_acl - Check permission for path operation.
301 * @r: Pointer to "struct tomoyo_request_info".
302 * @ptr: Pointer to "struct tomoyo_acl_info".
304 * Returns true if granted, false otherwise.
306 * To be able to use wildcard for domain transition, this function sets
307 * matching entry on success. Since the caller holds tomoyo_read_lock(),
308 * it is safe to set matching entry.
310 static bool tomoyo_check_path_acl(struct tomoyo_request_info *r,
311 const struct tomoyo_acl_info *ptr)
313 const struct tomoyo_path_acl *acl = container_of(ptr, typeof(*acl),
315 if (acl->perm & (1 << r->param.path.operation)) {
316 r->param.path.matched_path =
317 tomoyo_compare_name_union(r->param.path.filename,
319 return r->param.path.matched_path != NULL;
325 * tomoyo_check_path_number_acl - Check permission for path number operation.
327 * @r: Pointer to "struct tomoyo_request_info".
328 * @ptr: Pointer to "struct tomoyo_acl_info".
330 * Returns true if granted, false otherwise.
332 static bool tomoyo_check_path_number_acl(struct tomoyo_request_info *r,
333 const struct tomoyo_acl_info *ptr)
335 const struct tomoyo_path_number_acl *acl =
336 container_of(ptr, typeof(*acl), head);
337 return (acl->perm & (1 << r->param.path_number.operation)) &&
338 tomoyo_compare_number_union(r->param.path_number.number,
340 tomoyo_compare_name_union(r->param.path_number.filename,
345 * tomoyo_check_path2_acl - Check permission for path path operation.
347 * @r: Pointer to "struct tomoyo_request_info".
348 * @ptr: Pointer to "struct tomoyo_acl_info".
350 * Returns true if granted, false otherwise.
352 static bool tomoyo_check_path2_acl(struct tomoyo_request_info *r,
353 const struct tomoyo_acl_info *ptr)
355 const struct tomoyo_path2_acl *acl =
356 container_of(ptr, typeof(*acl), head);
357 return (acl->perm & (1 << r->param.path2.operation)) &&
358 tomoyo_compare_name_union(r->param.path2.filename1, &acl->name1)
359 && tomoyo_compare_name_union(r->param.path2.filename2,
364 * tomoyo_check_mkdev_acl - Check permission for path number number number operation.
366 * @r: Pointer to "struct tomoyo_request_info".
367 * @ptr: Pointer to "struct tomoyo_acl_info".
369 * Returns true if granted, false otherwise.
371 static bool tomoyo_check_mkdev_acl(struct tomoyo_request_info *r,
372 const struct tomoyo_acl_info *ptr)
374 const struct tomoyo_mkdev_acl *acl =
375 container_of(ptr, typeof(*acl), head);
376 return (acl->perm & (1 << r->param.mkdev.operation)) &&
377 tomoyo_compare_number_union(r->param.mkdev.mode,
379 tomoyo_compare_number_union(r->param.mkdev.major,
381 tomoyo_compare_number_union(r->param.mkdev.minor,
383 tomoyo_compare_name_union(r->param.mkdev.filename,
388 * tomoyo_same_path_acl - Check for duplicated "struct tomoyo_path_acl" entry.
390 * @a: Pointer to "struct tomoyo_acl_info".
391 * @b: Pointer to "struct tomoyo_acl_info".
393 * Returns true if @a == @b except permission bits, false otherwise.
395 static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a,
396 const struct tomoyo_acl_info *b)
398 const struct tomoyo_path_acl *p1 = container_of(a, typeof(*p1), head);
399 const struct tomoyo_path_acl *p2 = container_of(b, typeof(*p2), head);
400 return tomoyo_same_name_union(&p1->name, &p2->name);
404 * tomoyo_merge_path_acl - Merge duplicated "struct tomoyo_path_acl" entry.
406 * @a: Pointer to "struct tomoyo_acl_info".
407 * @b: Pointer to "struct tomoyo_acl_info".
408 * @is_delete: True for @a &= ~@b, false for @a |= @b.
410 * Returns true if @a is empty, false otherwise.
412 static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
413 struct tomoyo_acl_info *b,
414 const bool is_delete)
416 u16 * const a_perm = &container_of(a, struct tomoyo_path_acl, head)
419 const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm;
429 * tomoyo_update_path_acl - Update "struct tomoyo_path_acl" list.
432 * @param: Pointer to "struct tomoyo_acl_param".
434 * Returns 0 on success, negative value otherwise.
436 * Caller holds tomoyo_read_lock().
438 static int tomoyo_update_path_acl(const u16 perm,
439 struct tomoyo_acl_param *param)
441 struct tomoyo_path_acl e = {
442 .head.type = TOMOYO_TYPE_PATH_ACL,
446 if (!tomoyo_parse_name_union(param, &e.name))
449 error = tomoyo_update_domain(&e.head, sizeof(e), param,
450 tomoyo_same_path_acl,
451 tomoyo_merge_path_acl);
452 tomoyo_put_name_union(&e.name);
457 * tomoyo_same_mkdev_acl - Check for duplicated "struct tomoyo_mkdev_acl" entry.
459 * @a: Pointer to "struct tomoyo_acl_info".
460 * @b: Pointer to "struct tomoyo_acl_info".
462 * Returns true if @a == @b except permission bits, false otherwise.
464 static bool tomoyo_same_mkdev_acl(const struct tomoyo_acl_info *a,
465 const struct tomoyo_acl_info *b)
467 const struct tomoyo_mkdev_acl *p1 = container_of(a, typeof(*p1), head);
468 const struct tomoyo_mkdev_acl *p2 = container_of(b, typeof(*p2), head);
469 return tomoyo_same_name_union(&p1->name, &p2->name) &&
470 tomoyo_same_number_union(&p1->mode, &p2->mode) &&
471 tomoyo_same_number_union(&p1->major, &p2->major) &&
472 tomoyo_same_number_union(&p1->minor, &p2->minor);
476 * tomoyo_merge_mkdev_acl - Merge duplicated "struct tomoyo_mkdev_acl" entry.
478 * @a: Pointer to "struct tomoyo_acl_info".
479 * @b: Pointer to "struct tomoyo_acl_info".
480 * @is_delete: True for @a &= ~@b, false for @a |= @b.
482 * Returns true if @a is empty, false otherwise.
484 static bool tomoyo_merge_mkdev_acl(struct tomoyo_acl_info *a,
485 struct tomoyo_acl_info *b,
486 const bool is_delete)
488 u8 *const a_perm = &container_of(a, struct tomoyo_mkdev_acl,
491 const u8 b_perm = container_of(b, struct tomoyo_mkdev_acl, head)
502 * tomoyo_update_mkdev_acl - Update "struct tomoyo_mkdev_acl" list.
505 * @param: Pointer to "struct tomoyo_acl_param".
507 * Returns 0 on success, negative value otherwise.
509 * Caller holds tomoyo_read_lock().
511 static int tomoyo_update_mkdev_acl(const u8 perm,
512 struct tomoyo_acl_param *param)
514 struct tomoyo_mkdev_acl e = {
515 .head.type = TOMOYO_TYPE_MKDEV_ACL,
519 if (!tomoyo_parse_name_union(param, &e.name) ||
520 !tomoyo_parse_number_union(param, &e.mode) ||
521 !tomoyo_parse_number_union(param, &e.major) ||
522 !tomoyo_parse_number_union(param, &e.minor))
525 error = tomoyo_update_domain(&e.head, sizeof(e), param,
526 tomoyo_same_mkdev_acl,
527 tomoyo_merge_mkdev_acl);
528 tomoyo_put_name_union(&e.name);
529 tomoyo_put_number_union(&e.mode);
530 tomoyo_put_number_union(&e.major);
531 tomoyo_put_number_union(&e.minor);
536 * tomoyo_same_path2_acl - Check for duplicated "struct tomoyo_path2_acl" entry.
538 * @a: Pointer to "struct tomoyo_acl_info".
539 * @b: Pointer to "struct tomoyo_acl_info".
541 * Returns true if @a == @b except permission bits, false otherwise.
543 static bool tomoyo_same_path2_acl(const struct tomoyo_acl_info *a,
544 const struct tomoyo_acl_info *b)
546 const struct tomoyo_path2_acl *p1 = container_of(a, typeof(*p1), head);
547 const struct tomoyo_path2_acl *p2 = container_of(b, typeof(*p2), head);
548 return tomoyo_same_name_union(&p1->name1, &p2->name1) &&
549 tomoyo_same_name_union(&p1->name2, &p2->name2);
553 * tomoyo_merge_path2_acl - Merge duplicated "struct tomoyo_path2_acl" entry.
555 * @a: Pointer to "struct tomoyo_acl_info".
556 * @b: Pointer to "struct tomoyo_acl_info".
557 * @is_delete: True for @a &= ~@b, false for @a |= @b.
559 * Returns true if @a is empty, false otherwise.
561 static bool tomoyo_merge_path2_acl(struct tomoyo_acl_info *a,
562 struct tomoyo_acl_info *b,
563 const bool is_delete)
565 u8 * const a_perm = &container_of(a, struct tomoyo_path2_acl, head)
568 const u8 b_perm = container_of(b, struct tomoyo_path2_acl, head)->perm;
578 * tomoyo_update_path2_acl - Update "struct tomoyo_path2_acl" list.
581 * @param: Pointer to "struct tomoyo_acl_param".
583 * Returns 0 on success, negative value otherwise.
585 * Caller holds tomoyo_read_lock().
587 static int tomoyo_update_path2_acl(const u8 perm,
588 struct tomoyo_acl_param *param)
590 struct tomoyo_path2_acl e = {
591 .head.type = TOMOYO_TYPE_PATH2_ACL,
595 if (!tomoyo_parse_name_union(param, &e.name1) ||
596 !tomoyo_parse_name_union(param, &e.name2))
599 error = tomoyo_update_domain(&e.head, sizeof(e), param,
600 tomoyo_same_path2_acl,
601 tomoyo_merge_path2_acl);
602 tomoyo_put_name_union(&e.name1);
603 tomoyo_put_name_union(&e.name2);
608 * tomoyo_path_permission - Check permission for single path operation.
610 * @r: Pointer to "struct tomoyo_request_info".
611 * @operation: Type of operation.
612 * @filename: Filename to check.
614 * Returns 0 on success, negative value otherwise.
616 * Caller holds tomoyo_read_lock().
618 int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
619 const struct tomoyo_path_info *filename)
623 r->type = tomoyo_p2mac[operation];
624 r->mode = tomoyo_get_mode(r->profile, r->type);
625 if (r->mode == TOMOYO_CONFIG_DISABLED)
627 r->param_type = TOMOYO_TYPE_PATH_ACL;
628 r->param.path.filename = filename;
629 r->param.path.operation = operation;
631 tomoyo_check_acl(r, tomoyo_check_path_acl);
632 error = tomoyo_audit_path_log(r);
634 * Do not retry for execute request, for alias may have
637 } while (error == TOMOYO_RETRY_REQUEST &&
638 operation != TOMOYO_TYPE_EXECUTE);
643 * tomoyo_same_path_number_acl - Check for duplicated "struct tomoyo_path_number_acl" entry.
645 * @a: Pointer to "struct tomoyo_acl_info".
646 * @b: Pointer to "struct tomoyo_acl_info".
648 * Returns true if @a == @b except permission bits, false otherwise.
650 static bool tomoyo_same_path_number_acl(const struct tomoyo_acl_info *a,
651 const struct tomoyo_acl_info *b)
653 const struct tomoyo_path_number_acl *p1 = container_of(a, typeof(*p1),
655 const struct tomoyo_path_number_acl *p2 = container_of(b, typeof(*p2),
657 return tomoyo_same_name_union(&p1->name, &p2->name) &&
658 tomoyo_same_number_union(&p1->number, &p2->number);
662 * tomoyo_merge_path_number_acl - Merge duplicated "struct tomoyo_path_number_acl" entry.
664 * @a: Pointer to "struct tomoyo_acl_info".
665 * @b: Pointer to "struct tomoyo_acl_info".
666 * @is_delete: True for @a &= ~@b, false for @a |= @b.
668 * Returns true if @a is empty, false otherwise.
670 static bool tomoyo_merge_path_number_acl(struct tomoyo_acl_info *a,
671 struct tomoyo_acl_info *b,
672 const bool is_delete)
674 u8 * const a_perm = &container_of(a, struct tomoyo_path_number_acl,
677 const u8 b_perm = container_of(b, struct tomoyo_path_number_acl, head)
688 * tomoyo_update_path_number_acl - Update ioctl/chmod/chown/chgrp ACL.
691 * @param: Pointer to "struct tomoyo_acl_param".
693 * Returns 0 on success, negative value otherwise.
695 static int tomoyo_update_path_number_acl(const u8 perm,
696 struct tomoyo_acl_param *param)
698 struct tomoyo_path_number_acl e = {
699 .head.type = TOMOYO_TYPE_PATH_NUMBER_ACL,
703 if (!tomoyo_parse_name_union(param, &e.name) ||
704 !tomoyo_parse_number_union(param, &e.number))
707 error = tomoyo_update_domain(&e.head, sizeof(e), param,
708 tomoyo_same_path_number_acl,
709 tomoyo_merge_path_number_acl);
710 tomoyo_put_name_union(&e.name);
711 tomoyo_put_number_union(&e.number);
716 * tomoyo_path_number_perm - Check permission for "create", "mkdir", "mkfifo", "mksock", "ioctl", "chmod", "chown", "chgrp".
718 * @type: Type of operation.
719 * @path: Pointer to "struct path".
722 * Returns 0 on success, negative value otherwise.
724 int tomoyo_path_number_perm(const u8 type, struct path *path,
725 unsigned long number)
727 struct tomoyo_request_info r;
729 struct tomoyo_path_info buf;
732 if (tomoyo_init_request_info(&r, NULL, tomoyo_pn2mac[type])
733 == TOMOYO_CONFIG_DISABLED || !path->mnt || !path->dentry)
735 idx = tomoyo_read_lock();
736 if (!tomoyo_get_realpath(&buf, path))
738 if (type == TOMOYO_TYPE_MKDIR)
739 tomoyo_add_slash(&buf);
740 r.param_type = TOMOYO_TYPE_PATH_NUMBER_ACL;
741 r.param.path_number.operation = type;
742 r.param.path_number.filename = &buf;
743 r.param.path_number.number = number;
745 tomoyo_check_acl(&r, tomoyo_check_path_number_acl);
746 error = tomoyo_audit_path_number_log(&r);
747 } while (error == TOMOYO_RETRY_REQUEST);
750 tomoyo_read_unlock(idx);
751 if (r.mode != TOMOYO_CONFIG_ENFORCING)
757 * tomoyo_check_open_permission - Check permission for "read" and "write".
759 * @domain: Pointer to "struct tomoyo_domain_info".
760 * @path: Pointer to "struct path".
761 * @flag: Flags for open().
763 * Returns 0 on success, negative value otherwise.
765 int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
766 struct path *path, const int flag)
768 const u8 acc_mode = ACC_MODE(flag);
770 struct tomoyo_path_info buf;
771 struct tomoyo_request_info r;
777 r.mode = TOMOYO_CONFIG_DISABLED;
778 idx = tomoyo_read_lock();
780 tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN)
781 != TOMOYO_CONFIG_DISABLED) {
782 if (!tomoyo_get_realpath(&buf, path)) {
786 if (acc_mode & MAY_READ)
787 error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ,
789 if (!error && (acc_mode & MAY_WRITE))
790 error = tomoyo_path_permission(&r, (flag & O_APPEND) ?
797 tomoyo_read_unlock(idx);
798 if (r.mode != TOMOYO_CONFIG_ENFORCING)
804 * tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "append", "chroot" and "unmount".
806 * @operation: Type of operation.
807 * @path: Pointer to "struct path".
809 * Returns 0 on success, negative value otherwise.
811 int tomoyo_path_perm(const u8 operation, struct path *path)
813 struct tomoyo_request_info r;
815 struct tomoyo_path_info buf;
821 if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation])
822 == TOMOYO_CONFIG_DISABLED)
824 is_enforce = (r.mode == TOMOYO_CONFIG_ENFORCING);
827 idx = tomoyo_read_lock();
828 if (!tomoyo_get_realpath(&buf, path))
831 case TOMOYO_TYPE_RMDIR:
832 case TOMOYO_TYPE_CHROOT:
833 tomoyo_add_slash(&buf);
836 error = tomoyo_path_permission(&r, operation, &buf);
839 tomoyo_read_unlock(idx);
846 * tomoyo_mkdev_perm - Check permission for "mkblock" and "mkchar".
848 * @operation: Type of operation. (TOMOYO_TYPE_MKCHAR or TOMOYO_TYPE_MKBLOCK)
849 * @path: Pointer to "struct path".
850 * @mode: Create mode.
851 * @dev: Device number.
853 * Returns 0 on success, negative value otherwise.
855 int tomoyo_mkdev_perm(const u8 operation, struct path *path,
856 const unsigned int mode, unsigned int dev)
858 struct tomoyo_request_info r;
860 struct tomoyo_path_info buf;
864 tomoyo_init_request_info(&r, NULL, tomoyo_pnnn2mac[operation])
865 == TOMOYO_CONFIG_DISABLED)
867 idx = tomoyo_read_lock();
869 if (tomoyo_get_realpath(&buf, path)) {
870 dev = new_decode_dev(dev);
871 r.param_type = TOMOYO_TYPE_MKDEV_ACL;
872 r.param.mkdev.filename = &buf;
873 r.param.mkdev.operation = operation;
874 r.param.mkdev.mode = mode;
875 r.param.mkdev.major = MAJOR(dev);
876 r.param.mkdev.minor = MINOR(dev);
877 tomoyo_check_acl(&r, tomoyo_check_mkdev_acl);
878 error = tomoyo_audit_mkdev_log(&r);
881 tomoyo_read_unlock(idx);
882 if (r.mode != TOMOYO_CONFIG_ENFORCING)
888 * tomoyo_path2_perm - Check permission for "rename", "link" and "pivot_root".
890 * @operation: Type of operation.
891 * @path1: Pointer to "struct path".
892 * @path2: Pointer to "struct path".
894 * Returns 0 on success, negative value otherwise.
896 int tomoyo_path2_perm(const u8 operation, struct path *path1,
900 struct tomoyo_path_info buf1;
901 struct tomoyo_path_info buf2;
902 struct tomoyo_request_info r;
905 if (!path1->mnt || !path2->mnt ||
906 tomoyo_init_request_info(&r, NULL, tomoyo_pp2mac[operation])
907 == TOMOYO_CONFIG_DISABLED)
911 idx = tomoyo_read_lock();
912 if (!tomoyo_get_realpath(&buf1, path1) ||
913 !tomoyo_get_realpath(&buf2, path2))
916 struct dentry *dentry;
917 case TOMOYO_TYPE_RENAME:
918 case TOMOYO_TYPE_LINK:
919 dentry = path1->dentry;
920 if (!dentry->d_inode || !S_ISDIR(dentry->d_inode->i_mode))
923 case TOMOYO_TYPE_PIVOT_ROOT:
924 tomoyo_add_slash(&buf1);
925 tomoyo_add_slash(&buf2);
928 r.param_type = TOMOYO_TYPE_PATH2_ACL;
929 r.param.path2.operation = operation;
930 r.param.path2.filename1 = &buf1;
931 r.param.path2.filename2 = &buf2;
933 tomoyo_check_acl(&r, tomoyo_check_path2_acl);
934 error = tomoyo_audit_path2_log(&r);
935 } while (error == TOMOYO_RETRY_REQUEST);
939 tomoyo_read_unlock(idx);
940 if (r.mode != TOMOYO_CONFIG_ENFORCING)
946 * tomoyo_same_mount_acl - Check for duplicated "struct tomoyo_mount_acl" entry.
948 * @a: Pointer to "struct tomoyo_acl_info".
949 * @b: Pointer to "struct tomoyo_acl_info".
951 * Returns true if @a == @b, false otherwise.
953 static bool tomoyo_same_mount_acl(const struct tomoyo_acl_info *a,
954 const struct tomoyo_acl_info *b)
956 const struct tomoyo_mount_acl *p1 = container_of(a, typeof(*p1), head);
957 const struct tomoyo_mount_acl *p2 = container_of(b, typeof(*p2), head);
958 return tomoyo_same_name_union(&p1->dev_name, &p2->dev_name) &&
959 tomoyo_same_name_union(&p1->dir_name, &p2->dir_name) &&
960 tomoyo_same_name_union(&p1->fs_type, &p2->fs_type) &&
961 tomoyo_same_number_union(&p1->flags, &p2->flags);
965 * tomoyo_update_mount_acl - Write "struct tomoyo_mount_acl" list.
967 * @param: Pointer to "struct tomoyo_acl_param".
969 * Returns 0 on success, negative value otherwise.
971 * Caller holds tomoyo_read_lock().
973 static int tomoyo_update_mount_acl(struct tomoyo_acl_param *param)
975 struct tomoyo_mount_acl e = { .head.type = TOMOYO_TYPE_MOUNT_ACL };
977 if (!tomoyo_parse_name_union(param, &e.dev_name) ||
978 !tomoyo_parse_name_union(param, &e.dir_name) ||
979 !tomoyo_parse_name_union(param, &e.fs_type) ||
980 !tomoyo_parse_number_union(param, &e.flags))
983 error = tomoyo_update_domain(&e.head, sizeof(e), param,
984 tomoyo_same_mount_acl, NULL);
985 tomoyo_put_name_union(&e.dev_name);
986 tomoyo_put_name_union(&e.dir_name);
987 tomoyo_put_name_union(&e.fs_type);
988 tomoyo_put_number_union(&e.flags);
993 * tomoyo_write_file - Update file related list.
995 * @param: Pointer to "struct tomoyo_acl_param".
997 * Returns 0 on success, negative value otherwise.
999 * Caller holds tomoyo_read_lock().
1001 int tomoyo_write_file(struct tomoyo_acl_param *param)
1005 const char *operation = tomoyo_read_token(param);
1006 for (type = 0; type < TOMOYO_MAX_PATH_OPERATION; type++)
1007 if (tomoyo_permstr(operation, tomoyo_path_keyword[type]))
1010 return tomoyo_update_path_acl(perm, param);
1011 for (type = 0; type < TOMOYO_MAX_PATH2_OPERATION; type++)
1012 if (tomoyo_permstr(operation, tomoyo_path2_keyword[type]))
1015 return tomoyo_update_path2_acl(perm, param);
1016 for (type = 0; type < TOMOYO_MAX_PATH_NUMBER_OPERATION; type++)
1017 if (tomoyo_permstr(operation,
1018 tomoyo_path_number_keyword[type]))
1021 return tomoyo_update_path_number_acl(perm, param);
1022 for (type = 0; type < TOMOYO_MAX_MKDEV_OPERATION; type++)
1023 if (tomoyo_permstr(operation, tomoyo_mkdev_keyword[type]))
1026 return tomoyo_update_mkdev_acl(perm, param);
1027 if (tomoyo_permstr(operation, "mount"))
1028 return tomoyo_update_mount_acl(param);