tomoyo.c revision 39826a1e17c1957bd7b5cd7815b83940e5e3a230
1f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda/* 2f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * security/tomoyo/tomoyo.c 3f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 4f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * LSM hooks for TOMOYO Linux. 5f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 6f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Copyright (C) 2005-2009 NTT DATA CORPORATION 7f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 839826a1e17c1957bd7b5cd7815b83940e5e3a230Tetsuo Handa * Version: 2.2.0 2009/04/01 9f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 10f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 11f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 12f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include <linux/security.h> 13f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include "common.h" 14f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include "tomoyo.h" 15f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include "realpath.h" 16f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 17f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_cred_prepare(struct cred *new, const struct cred *old, 18f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda gfp_t gfp) 19f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 20f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 21f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Since "struct tomoyo_domain_info *" is a sharable pointer, 22f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * we don't need to duplicate. 23f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 24f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda new->security = old->security; 25f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 26f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 27f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 28f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_bprm_set_creds(struct linux_binprm *bprm) 29f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 30f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 31f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Do only if this function is called for the first time of an execve 32f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * operation. 33f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 34f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (bprm->cred_prepared) 35f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 36f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 37f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Load policy if /sbin/tomoyo-init exists and /sbin/init is requested 38f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * for the first time. 39f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 40f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!tomoyo_policy_loaded) 41f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_load_policy(bprm->filename); 42f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 43f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Tell tomoyo_bprm_check_security() is called for the first time of an 44f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * execve operation. 45f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 46f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda bprm->cred->security = NULL; 47f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 48f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 49f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 50f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_bprm_check_security(struct linux_binprm *bprm) 51f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 52f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct tomoyo_domain_info *domain = bprm->cred->security; 53f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 54f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 55f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Execute permission is checked against pathname passed to do_execve() 56f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * using current domain. 57f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 58f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!domain) { 59f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct tomoyo_domain_info *next_domain = NULL; 60f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int retval = tomoyo_find_next_domain(bprm, &next_domain); 61f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 62f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!retval) 63f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda bprm->cred->security = next_domain; 64f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return retval; 65f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 66f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 67f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Read permission is checked against interpreters using next domain. 68f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * '1' is the result of open_to_namei_flags(O_RDONLY). 69f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 70f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); 71f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 72f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 73f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#ifdef CONFIG_SYSCTL 74f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 75f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_prepend(char **buffer, int *buflen, const char *str) 76f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 77f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int namelen = strlen(str); 78f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 79f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (*buflen < namelen) 80f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return -ENOMEM; 81f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda *buflen -= namelen; 82f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda *buffer -= namelen; 83f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda memcpy(*buffer, str, namelen); 84f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 85f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 86f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 87f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda/** 88f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * tomoyo_sysctl_path - return the realpath of a ctl_table. 89f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * @table: pointer to "struct ctl_table". 90f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 91f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Returns realpath(3) of the @table on success. 92f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Returns NULL on failure. 93f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 94f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * This function uses tomoyo_alloc(), so the caller must call tomoyo_free() 95f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * if this function didn't return NULL. 96f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 97f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic char *tomoyo_sysctl_path(struct ctl_table *table) 98f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 99f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int buflen = TOMOYO_MAX_PATHNAME_LEN; 100f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda char *buf = tomoyo_alloc(buflen); 101f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda char *end = buf + buflen; 102f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int error = -ENOMEM; 103f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 104f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!buf) 105f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return NULL; 106f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 107f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda *--end = '\0'; 108f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda buflen--; 109f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda while (table) { 11035d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa char num[32]; 111f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda const char *sp = table->procname; 112f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 113f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!sp) { 11435d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa memset(num, 0, sizeof(num)); 11535d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa snprintf(num, sizeof(num) - 1, "=%d=", table->ctl_name); 11635d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa sp = num; 117f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 118f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (tomoyo_prepend(&end, &buflen, sp) || 119f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_prepend(&end, &buflen, "/")) 120f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda goto out; 121f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda table = table->parent; 122f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 123f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (tomoyo_prepend(&end, &buflen, "/proc/sys")) 124f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda goto out; 125f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda error = tomoyo_encode(buf, end - buf, end); 126f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda out: 127f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!error) 128f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return buf; 129f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_free(buf); 130f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return NULL; 131f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 132f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 133f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_sysctl(struct ctl_table *table, int op) 134f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 135f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int error; 136f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda char *name; 137f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 138f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda op &= MAY_READ | MAY_WRITE; 139f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!op) 140f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 141f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda name = tomoyo_sysctl_path(table); 142f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!name) 143f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return -ENOMEM; 144f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda error = tomoyo_check_file_perm(tomoyo_domain(), name, op); 145f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_free(name); 146f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return error; 147f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 148f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#endif 149f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 150f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_truncate(struct path *path, loff_t length, 151f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda unsigned int time_attrs) 152f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 153f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 154f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_TRUNCATE_ACL, 155f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda path); 156f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 157f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 158f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) 159f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 160f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 161f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 162f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_UNLINK_ACL, 163f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 164f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 165f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 166f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, 167f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int mode) 168f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 169f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 170f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 171f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_MKDIR_ACL, 172f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 173f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 174f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 175f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) 176f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 177f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 178f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 179f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_RMDIR_ACL, 180f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 181f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 182f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 183f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, 184f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda const char *old_name) 185f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 186f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 187f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 188f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_SYMLINK_ACL, 189f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 190f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 191f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 192f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, 193f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int mode, unsigned int dev) 194f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 195f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 196f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int type = TOMOYO_TYPE_CREATE_ACL; 197f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 198f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda switch (mode & S_IFMT) { 199f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFCHR: 200f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKCHAR_ACL; 201f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 202f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFBLK: 203f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKBLOCK_ACL; 204f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 205f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFIFO: 206f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKFIFO_ACL; 207f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 208f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFSOCK: 209f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKSOCK_ACL; 210f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 211f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 212f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 213f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type, &path); 214f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 215f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 216f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir, 217f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct dentry *new_dentry) 218f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 219f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path1 = { new_dir->mnt, old_dentry }; 220f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path2 = { new_dir->mnt, new_dentry }; 221f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_2path_perm(tomoyo_domain(), 222f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_LINK_ACL, 223f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path1, &path2); 224f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 225f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 226f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_rename(struct path *old_parent, 227f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct dentry *old_dentry, 228f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path *new_parent, 229f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct dentry *new_dentry) 230f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 231f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path1 = { old_parent->mnt, old_dentry }; 232f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path2 = { new_parent->mnt, new_dentry }; 233f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_2path_perm(tomoyo_domain(), 234f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_RENAME_ACL, 235f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path1, &path2); 236f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 237f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 238f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_file_fcntl(struct file *file, unsigned int cmd, 239f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda unsigned long arg) 240f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 241f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (cmd == F_SETFL && ((arg ^ file->f_flags) & O_APPEND)) 242f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_rewrite_permission(tomoyo_domain(), file); 243f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 244f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 245f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 246f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_dentry_open(struct file *f, const struct cred *cred) 247f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 248f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int flags = f->f_flags; 249f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 250f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if ((flags + 1) & O_ACCMODE) 251f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda flags++; 252f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda flags |= f->f_flags & (O_APPEND | O_TRUNC); 253f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* Don't check read permission here if called from do_execve(). */ 254f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (current->in_execve) 255f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 256f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags); 257f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 258f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 259f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic struct security_operations tomoyo_security_ops = { 260f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .name = "tomoyo", 261f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .cred_prepare = tomoyo_cred_prepare, 262f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .bprm_set_creds = tomoyo_bprm_set_creds, 263f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .bprm_check_security = tomoyo_bprm_check_security, 264f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#ifdef CONFIG_SYSCTL 265f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .sysctl = tomoyo_sysctl, 266f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#endif 267f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .file_fcntl = tomoyo_file_fcntl, 268f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .dentry_open = tomoyo_dentry_open, 269f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_truncate = tomoyo_path_truncate, 270f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_unlink = tomoyo_path_unlink, 271f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_mkdir = tomoyo_path_mkdir, 272f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_rmdir = tomoyo_path_rmdir, 273f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_symlink = tomoyo_path_symlink, 274f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_mknod = tomoyo_path_mknod, 275f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_link = tomoyo_path_link, 276f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_rename = tomoyo_path_rename, 277f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda}; 278f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 279f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int __init tomoyo_init(void) 280f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 281f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct cred *cred = (struct cred *) current_cred(); 282f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 283f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!security_module_enable(&tomoyo_security_ops)) 284f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 285f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* register ourselves with the security framework */ 286f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (register_security(&tomoyo_security_ops)) 287f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda panic("Failure registering TOMOYO Linux"); 288f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda printk(KERN_INFO "TOMOYO Linux initialized\n"); 289f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda cred->security = &tomoyo_kernel_domain; 2901581e7ddbdd97443a134e1a0cc9d81256baf77a4Tetsuo Handa tomoyo_realpath_init(); 291f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 292f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 293f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 294f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedasecurity_initcall(tomoyo_init); 295