tomoyo.c revision b1338d199dda6681d9af0297928af0a7eb9cba7b
1f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda/* 2f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * security/tomoyo/tomoyo.c 3f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 4f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * LSM hooks for TOMOYO Linux. 5f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 6f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Copyright (C) 2005-2009 NTT DATA CORPORATION 7f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 839826a1e17c1957bd7b5cd7815b83940e5e3a230Tetsuo Handa * Version: 2.2.0 2009/04/01 9f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 10f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 11f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 12f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include <linux/security.h> 13f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include "common.h" 14f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include "tomoyo.h" 15f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#include "realpath.h" 16f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 17f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_cred_prepare(struct cred *new, const struct cred *old, 18f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda gfp_t gfp) 19f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 20f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 21f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Since "struct tomoyo_domain_info *" is a sharable pointer, 22f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * we don't need to duplicate. 23f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 24f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda new->security = old->security; 25f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 26f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 27f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 28f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_bprm_set_creds(struct linux_binprm *bprm) 29f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 30b1338d199dda6681d9af0297928af0a7eb9cba7bHerton Ronaldo Krzesinski int rc; 31b1338d199dda6681d9af0297928af0a7eb9cba7bHerton Ronaldo Krzesinski 32b1338d199dda6681d9af0297928af0a7eb9cba7bHerton Ronaldo Krzesinski rc = cap_bprm_set_creds(bprm); 33b1338d199dda6681d9af0297928af0a7eb9cba7bHerton Ronaldo Krzesinski if (rc) 34b1338d199dda6681d9af0297928af0a7eb9cba7bHerton Ronaldo Krzesinski return rc; 35b1338d199dda6681d9af0297928af0a7eb9cba7bHerton Ronaldo Krzesinski 36f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 37f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Do only if this function is called for the first time of an execve 38f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * operation. 39f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 40f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (bprm->cred_prepared) 41f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 42f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 43f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Load policy if /sbin/tomoyo-init exists and /sbin/init is requested 44f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * for the first time. 45f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 46f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!tomoyo_policy_loaded) 47f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_load_policy(bprm->filename); 48f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 49f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Tell tomoyo_bprm_check_security() is called for the first time of an 50f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * execve operation. 51f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 52f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda bprm->cred->security = NULL; 53f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 54f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 55f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 56f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_bprm_check_security(struct linux_binprm *bprm) 57f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 58f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct tomoyo_domain_info *domain = bprm->cred->security; 59f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 60f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 61f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Execute permission is checked against pathname passed to do_execve() 62f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * using current domain. 63f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 64f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!domain) { 65f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct tomoyo_domain_info *next_domain = NULL; 66f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int retval = tomoyo_find_next_domain(bprm, &next_domain); 67f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 68f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!retval) 69f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda bprm->cred->security = next_domain; 70f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return retval; 71f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 72f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* 73f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Read permission is checked against interpreters using next domain. 74f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * '1' is the result of open_to_namei_flags(O_RDONLY). 75f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 76f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); 77f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 78f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 79f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#ifdef CONFIG_SYSCTL 80f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 81f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_prepend(char **buffer, int *buflen, const char *str) 82f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 83f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int namelen = strlen(str); 84f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 85f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (*buflen < namelen) 86f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return -ENOMEM; 87f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda *buflen -= namelen; 88f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda *buffer -= namelen; 89f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda memcpy(*buffer, str, namelen); 90f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 91f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 92f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 93f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda/** 94f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * tomoyo_sysctl_path - return the realpath of a ctl_table. 95f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * @table: pointer to "struct ctl_table". 96f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 97f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Returns realpath(3) of the @table on success. 98f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * Returns NULL on failure. 99f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * 100f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * This function uses tomoyo_alloc(), so the caller must call tomoyo_free() 101f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda * if this function didn't return NULL. 102f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda */ 103f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic char *tomoyo_sysctl_path(struct ctl_table *table) 104f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 105f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int buflen = TOMOYO_MAX_PATHNAME_LEN; 106f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda char *buf = tomoyo_alloc(buflen); 107f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda char *end = buf + buflen; 108f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int error = -ENOMEM; 109f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 110f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!buf) 111f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return NULL; 112f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 113f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda *--end = '\0'; 114f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda buflen--; 115f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda while (table) { 11635d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa char num[32]; 117f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda const char *sp = table->procname; 118f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 119f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!sp) { 12035d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa memset(num, 0, sizeof(num)); 12135d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa snprintf(num, sizeof(num) - 1, "=%d=", table->ctl_name); 12235d50e60e8b12e4adc2fa317343a176d87294a72Tetsuo Handa sp = num; 123f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 124f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (tomoyo_prepend(&end, &buflen, sp) || 125f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_prepend(&end, &buflen, "/")) 126f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda goto out; 127f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda table = table->parent; 128f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 129f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (tomoyo_prepend(&end, &buflen, "/proc/sys")) 130f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda goto out; 131f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda error = tomoyo_encode(buf, end - buf, end); 132f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda out: 133f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!error) 134f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return buf; 135f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_free(buf); 136f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return NULL; 137f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 138f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 139f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_sysctl(struct ctl_table *table, int op) 140f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 141f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int error; 142f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda char *name; 143f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 144f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda op &= MAY_READ | MAY_WRITE; 145f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!op) 146f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 147f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda name = tomoyo_sysctl_path(table); 148f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!name) 149f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return -ENOMEM; 150f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda error = tomoyo_check_file_perm(tomoyo_domain(), name, op); 151f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda tomoyo_free(name); 152f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return error; 153f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 154f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#endif 155f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 156f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_truncate(struct path *path, loff_t length, 157f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda unsigned int time_attrs) 158f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 159f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 160f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_TRUNCATE_ACL, 161f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda path); 162f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 163f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 164f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) 165f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 166f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 167f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 168f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_UNLINK_ACL, 169f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 170f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 171f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 172f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, 173f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int mode) 174f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 175f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 176f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 177f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_MKDIR_ACL, 178f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 179f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 180f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 181f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) 182f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 183f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 184f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 185f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_RMDIR_ACL, 186f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 187f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 188f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 189f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, 190f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda const char *old_name) 191f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 192f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 193f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 194f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_SYMLINK_ACL, 195f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path); 196f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 197f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 198f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, 199f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int mode, unsigned int dev) 200f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 201f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path = { parent->mnt, dentry }; 202f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int type = TOMOYO_TYPE_CREATE_ACL; 203f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 204f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda switch (mode & S_IFMT) { 205f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFCHR: 206f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKCHAR_ACL; 207f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 208f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFBLK: 209f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKBLOCK_ACL; 210f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 211f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFIFO: 212f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKFIFO_ACL; 213f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 214f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda case S_IFSOCK: 215f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type = TOMOYO_TYPE_MKSOCK_ACL; 216f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda break; 217f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda } 218f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_1path_perm(tomoyo_domain(), 219f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda type, &path); 220f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 221f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 222f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir, 223f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct dentry *new_dentry) 224f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 225f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path1 = { new_dir->mnt, old_dentry }; 226f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path2 = { new_dir->mnt, new_dentry }; 227f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_2path_perm(tomoyo_domain(), 228f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_LINK_ACL, 229f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path1, &path2); 230f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 231f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 232f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_path_rename(struct path *old_parent, 233f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct dentry *old_dentry, 234f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path *new_parent, 235f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct dentry *new_dentry) 236f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 237f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path1 = { old_parent->mnt, old_dentry }; 238f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct path path2 = { new_parent->mnt, new_dentry }; 239f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_2path_perm(tomoyo_domain(), 240f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda TOMOYO_TYPE_RENAME_ACL, 241f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda &path1, &path2); 242f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 243f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 244f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_file_fcntl(struct file *file, unsigned int cmd, 245f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda unsigned long arg) 246f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 247f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (cmd == F_SETFL && ((arg ^ file->f_flags) & O_APPEND)) 248f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_rewrite_permission(tomoyo_domain(), file); 249f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 250f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 251f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 252f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int tomoyo_dentry_open(struct file *f, const struct cred *cred) 253f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 254f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda int flags = f->f_flags; 255f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 256f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if ((flags + 1) & O_ACCMODE) 257f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda flags++; 258f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda flags |= f->f_flags & (O_APPEND | O_TRUNC); 259f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* Don't check read permission here if called from do_execve(). */ 260f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (current->in_execve) 261f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 262f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags); 263f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 264f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 265f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic struct security_operations tomoyo_security_ops = { 266f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .name = "tomoyo", 267f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .cred_prepare = tomoyo_cred_prepare, 268f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .bprm_set_creds = tomoyo_bprm_set_creds, 269f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .bprm_check_security = tomoyo_bprm_check_security, 270f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#ifdef CONFIG_SYSCTL 271f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .sysctl = tomoyo_sysctl, 272f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda#endif 273f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .file_fcntl = tomoyo_file_fcntl, 274f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .dentry_open = tomoyo_dentry_open, 275f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_truncate = tomoyo_path_truncate, 276f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_unlink = tomoyo_path_unlink, 277f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_mkdir = tomoyo_path_mkdir, 278f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_rmdir = tomoyo_path_rmdir, 279f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_symlink = tomoyo_path_symlink, 280f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_mknod = tomoyo_path_mknod, 281f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_link = tomoyo_path_link, 282f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda .path_rename = tomoyo_path_rename, 283f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda}; 284f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 285f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedastatic int __init tomoyo_init(void) 286f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda{ 287f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda struct cred *cred = (struct cred *) current_cred(); 288f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 289f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (!security_module_enable(&tomoyo_security_ops)) 290f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 291f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda /* register ourselves with the security framework */ 292f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda if (register_security(&tomoyo_security_ops)) 293f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda panic("Failure registering TOMOYO Linux"); 294f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda printk(KERN_INFO "TOMOYO Linux initialized\n"); 295f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda cred->security = &tomoyo_kernel_domain; 2961581e7ddbdd97443a134e1a0cc9d81256baf77a4Tetsuo Handa tomoyo_realpath_init(); 297f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda return 0; 298f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda} 299f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takeda 300f7433243770c77979c396b4c7449a10e9b3521dbKentaro Takedasecurity_initcall(tomoyo_init); 301