1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* |
3 | * security/tomoyo/common.h |
4 | * |
5 | * Header file for TOMOYO. |
6 | * |
7 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
8 | */ |
9 | |
10 | #ifndef _SECURITY_TOMOYO_COMMON_H |
11 | #define _SECURITY_TOMOYO_COMMON_H |
12 | |
13 | #define pr_fmt(fmt) fmt |
14 | |
15 | #include <linux/ctype.h> |
16 | #include <linux/string.h> |
17 | #include <linux/mm.h> |
18 | #include <linux/file.h> |
19 | #include <linux/kmod.h> |
20 | #include <linux/fs.h> |
21 | #include <linux/sched.h> |
22 | #include <linux/namei.h> |
23 | #include <linux/mount.h> |
24 | #include <linux/list.h> |
25 | #include <linux/cred.h> |
26 | #include <linux/poll.h> |
27 | #include <linux/binfmts.h> |
28 | #include <linux/highmem.h> |
29 | #include <linux/net.h> |
30 | #include <linux/inet.h> |
31 | #include <linux/in.h> |
32 | #include <linux/in6.h> |
33 | #include <linux/un.h> |
34 | #include <linux/lsm_hooks.h> |
35 | #include <net/sock.h> |
36 | #include <net/af_unix.h> |
37 | #include <net/ip.h> |
38 | #include <net/ipv6.h> |
39 | #include <net/udp.h> |
40 | |
41 | /********** Constants definitions. **********/ |
42 | |
43 | /* |
44 | * TOMOYO uses this hash only when appending a string into the string |
45 | * table. Frequency of appending strings is very low. So we don't need |
46 | * large (e.g. 64k) hash size. 256 will be sufficient. |
47 | */ |
48 | #define TOMOYO_HASH_BITS 8 |
49 | #define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS) |
50 | |
51 | /* |
52 | * TOMOYO checks only SOCK_STREAM, SOCK_DGRAM, SOCK_RAW, SOCK_SEQPACKET. |
53 | * Therefore, we don't need SOCK_MAX. |
54 | */ |
55 | #define TOMOYO_SOCK_MAX 6 |
56 | |
57 | #define TOMOYO_EXEC_TMPSIZE 4096 |
58 | |
59 | /* Garbage collector is trying to kfree() this element. */ |
60 | #define TOMOYO_GC_IN_PROGRESS -1 |
61 | |
62 | /* Profile number is an integer between 0 and 255. */ |
63 | #define TOMOYO_MAX_PROFILES 256 |
64 | |
65 | /* Group number is an integer between 0 and 255. */ |
66 | #define TOMOYO_MAX_ACL_GROUPS 256 |
67 | |
68 | /* Index numbers for "struct tomoyo_condition". */ |
69 | enum tomoyo_conditions_index { |
70 | TOMOYO_TASK_UID, /* current_uid() */ |
71 | TOMOYO_TASK_EUID, /* current_euid() */ |
72 | TOMOYO_TASK_SUID, /* current_suid() */ |
73 | TOMOYO_TASK_FSUID, /* current_fsuid() */ |
74 | TOMOYO_TASK_GID, /* current_gid() */ |
75 | TOMOYO_TASK_EGID, /* current_egid() */ |
76 | TOMOYO_TASK_SGID, /* current_sgid() */ |
77 | TOMOYO_TASK_FSGID, /* current_fsgid() */ |
78 | TOMOYO_TASK_PID, /* sys_getpid() */ |
79 | TOMOYO_TASK_PPID, /* sys_getppid() */ |
80 | TOMOYO_EXEC_ARGC, /* "struct linux_binprm *"->argc */ |
81 | TOMOYO_EXEC_ENVC, /* "struct linux_binprm *"->envc */ |
82 | TOMOYO_TYPE_IS_SOCKET, /* S_IFSOCK */ |
83 | TOMOYO_TYPE_IS_SYMLINK, /* S_IFLNK */ |
84 | TOMOYO_TYPE_IS_FILE, /* S_IFREG */ |
85 | TOMOYO_TYPE_IS_BLOCK_DEV, /* S_IFBLK */ |
86 | TOMOYO_TYPE_IS_DIRECTORY, /* S_IFDIR */ |
87 | TOMOYO_TYPE_IS_CHAR_DEV, /* S_IFCHR */ |
88 | TOMOYO_TYPE_IS_FIFO, /* S_IFIFO */ |
89 | TOMOYO_MODE_SETUID, /* S_ISUID */ |
90 | TOMOYO_MODE_SETGID, /* S_ISGID */ |
91 | TOMOYO_MODE_STICKY, /* S_ISVTX */ |
92 | TOMOYO_MODE_OWNER_READ, /* S_IRUSR */ |
93 | TOMOYO_MODE_OWNER_WRITE, /* S_IWUSR */ |
94 | TOMOYO_MODE_OWNER_EXECUTE, /* S_IXUSR */ |
95 | TOMOYO_MODE_GROUP_READ, /* S_IRGRP */ |
96 | TOMOYO_MODE_GROUP_WRITE, /* S_IWGRP */ |
97 | TOMOYO_MODE_GROUP_EXECUTE, /* S_IXGRP */ |
98 | TOMOYO_MODE_OTHERS_READ, /* S_IROTH */ |
99 | TOMOYO_MODE_OTHERS_WRITE, /* S_IWOTH */ |
100 | TOMOYO_MODE_OTHERS_EXECUTE, /* S_IXOTH */ |
101 | TOMOYO_EXEC_REALPATH, |
102 | TOMOYO_SYMLINK_TARGET, |
103 | TOMOYO_PATH1_UID, |
104 | TOMOYO_PATH1_GID, |
105 | TOMOYO_PATH1_INO, |
106 | TOMOYO_PATH1_MAJOR, |
107 | TOMOYO_PATH1_MINOR, |
108 | TOMOYO_PATH1_PERM, |
109 | TOMOYO_PATH1_TYPE, |
110 | TOMOYO_PATH1_DEV_MAJOR, |
111 | TOMOYO_PATH1_DEV_MINOR, |
112 | TOMOYO_PATH2_UID, |
113 | TOMOYO_PATH2_GID, |
114 | TOMOYO_PATH2_INO, |
115 | TOMOYO_PATH2_MAJOR, |
116 | TOMOYO_PATH2_MINOR, |
117 | TOMOYO_PATH2_PERM, |
118 | TOMOYO_PATH2_TYPE, |
119 | TOMOYO_PATH2_DEV_MAJOR, |
120 | TOMOYO_PATH2_DEV_MINOR, |
121 | TOMOYO_PATH1_PARENT_UID, |
122 | TOMOYO_PATH1_PARENT_GID, |
123 | TOMOYO_PATH1_PARENT_INO, |
124 | TOMOYO_PATH1_PARENT_PERM, |
125 | TOMOYO_PATH2_PARENT_UID, |
126 | TOMOYO_PATH2_PARENT_GID, |
127 | TOMOYO_PATH2_PARENT_INO, |
128 | TOMOYO_PATH2_PARENT_PERM, |
129 | TOMOYO_MAX_CONDITION_KEYWORD, |
130 | TOMOYO_NUMBER_UNION, |
131 | TOMOYO_NAME_UNION, |
132 | TOMOYO_ARGV_ENTRY, |
133 | TOMOYO_ENVP_ENTRY, |
134 | }; |
135 | |
136 | |
137 | /* Index numbers for stat(). */ |
138 | enum tomoyo_path_stat_index { |
139 | /* Do not change this order. */ |
140 | TOMOYO_PATH1, |
141 | TOMOYO_PATH1_PARENT, |
142 | TOMOYO_PATH2, |
143 | TOMOYO_PATH2_PARENT, |
144 | TOMOYO_MAX_PATH_STAT |
145 | }; |
146 | |
147 | /* Index numbers for operation mode. */ |
148 | enum tomoyo_mode_index { |
149 | TOMOYO_CONFIG_DISABLED, |
150 | TOMOYO_CONFIG_LEARNING, |
151 | TOMOYO_CONFIG_PERMISSIVE, |
152 | TOMOYO_CONFIG_ENFORCING, |
153 | TOMOYO_CONFIG_MAX_MODE, |
154 | TOMOYO_CONFIG_WANT_REJECT_LOG = 64, |
155 | TOMOYO_CONFIG_WANT_GRANT_LOG = 128, |
156 | TOMOYO_CONFIG_USE_DEFAULT = 255, |
157 | }; |
158 | |
159 | /* Index numbers for entry type. */ |
160 | enum tomoyo_policy_id { |
161 | TOMOYO_ID_GROUP, |
162 | TOMOYO_ID_ADDRESS_GROUP, |
163 | TOMOYO_ID_PATH_GROUP, |
164 | TOMOYO_ID_NUMBER_GROUP, |
165 | TOMOYO_ID_TRANSITION_CONTROL, |
166 | TOMOYO_ID_AGGREGATOR, |
167 | TOMOYO_ID_MANAGER, |
168 | TOMOYO_ID_CONDITION, |
169 | TOMOYO_ID_NAME, |
170 | TOMOYO_ID_ACL, |
171 | TOMOYO_ID_DOMAIN, |
172 | TOMOYO_MAX_POLICY |
173 | }; |
174 | |
175 | /* Index numbers for domain's attributes. */ |
176 | enum tomoyo_domain_info_flags_index { |
177 | /* Quota warnning flag. */ |
178 | TOMOYO_DIF_QUOTA_WARNED, |
179 | /* |
180 | * This domain was unable to create a new domain at |
181 | * tomoyo_find_next_domain() because the name of the domain to be |
182 | * created was too long or it could not allocate memory. |
183 | * More than one process continued execve() without domain transition. |
184 | */ |
185 | TOMOYO_DIF_TRANSITION_FAILED, |
186 | TOMOYO_MAX_DOMAIN_INFO_FLAGS |
187 | }; |
188 | |
189 | /* Index numbers for audit type. */ |
190 | enum tomoyo_grant_log { |
191 | /* Follow profile's configuration. */ |
192 | TOMOYO_GRANTLOG_AUTO, |
193 | /* Do not generate grant log. */ |
194 | TOMOYO_GRANTLOG_NO, |
195 | /* Generate grant_log. */ |
196 | TOMOYO_GRANTLOG_YES, |
197 | }; |
198 | |
199 | /* Index numbers for group entries. */ |
200 | enum tomoyo_group_id { |
201 | TOMOYO_PATH_GROUP, |
202 | TOMOYO_NUMBER_GROUP, |
203 | TOMOYO_ADDRESS_GROUP, |
204 | TOMOYO_MAX_GROUP |
205 | }; |
206 | |
207 | /* Index numbers for type of numeric values. */ |
208 | enum tomoyo_value_type { |
209 | TOMOYO_VALUE_TYPE_INVALID, |
210 | TOMOYO_VALUE_TYPE_DECIMAL, |
211 | TOMOYO_VALUE_TYPE_OCTAL, |
212 | TOMOYO_VALUE_TYPE_HEXADECIMAL, |
213 | }; |
214 | |
215 | /* Index numbers for domain transition control keywords. */ |
216 | enum tomoyo_transition_type { |
217 | /* Do not change this order, */ |
218 | TOMOYO_TRANSITION_CONTROL_NO_RESET, |
219 | TOMOYO_TRANSITION_CONTROL_RESET, |
220 | TOMOYO_TRANSITION_CONTROL_NO_INITIALIZE, |
221 | TOMOYO_TRANSITION_CONTROL_INITIALIZE, |
222 | TOMOYO_TRANSITION_CONTROL_NO_KEEP, |
223 | TOMOYO_TRANSITION_CONTROL_KEEP, |
224 | TOMOYO_MAX_TRANSITION_TYPE |
225 | }; |
226 | |
227 | /* Index numbers for Access Controls. */ |
228 | enum tomoyo_acl_entry_type_index { |
229 | TOMOYO_TYPE_PATH_ACL, |
230 | TOMOYO_TYPE_PATH2_ACL, |
231 | TOMOYO_TYPE_PATH_NUMBER_ACL, |
232 | TOMOYO_TYPE_MKDEV_ACL, |
233 | TOMOYO_TYPE_MOUNT_ACL, |
234 | TOMOYO_TYPE_INET_ACL, |
235 | TOMOYO_TYPE_UNIX_ACL, |
236 | TOMOYO_TYPE_ENV_ACL, |
237 | TOMOYO_TYPE_MANUAL_TASK_ACL, |
238 | }; |
239 | |
240 | /* Index numbers for access controls with one pathname. */ |
241 | enum tomoyo_path_acl_index { |
242 | TOMOYO_TYPE_EXECUTE, |
243 | TOMOYO_TYPE_READ, |
244 | TOMOYO_TYPE_WRITE, |
245 | TOMOYO_TYPE_APPEND, |
246 | TOMOYO_TYPE_UNLINK, |
247 | TOMOYO_TYPE_GETATTR, |
248 | TOMOYO_TYPE_RMDIR, |
249 | TOMOYO_TYPE_TRUNCATE, |
250 | TOMOYO_TYPE_SYMLINK, |
251 | TOMOYO_TYPE_CHROOT, |
252 | TOMOYO_TYPE_UMOUNT, |
253 | TOMOYO_MAX_PATH_OPERATION |
254 | }; |
255 | |
256 | /* Index numbers for /sys/kernel/security/tomoyo/stat interface. */ |
257 | enum tomoyo_memory_stat_type { |
258 | TOMOYO_MEMORY_POLICY, |
259 | TOMOYO_MEMORY_AUDIT, |
260 | TOMOYO_MEMORY_QUERY, |
261 | TOMOYO_MAX_MEMORY_STAT |
262 | }; |
263 | |
264 | enum tomoyo_mkdev_acl_index { |
265 | TOMOYO_TYPE_MKBLOCK, |
266 | TOMOYO_TYPE_MKCHAR, |
267 | TOMOYO_MAX_MKDEV_OPERATION |
268 | }; |
269 | |
270 | /* Index numbers for socket operations. */ |
271 | enum tomoyo_network_acl_index { |
272 | TOMOYO_NETWORK_BIND, /* bind() operation. */ |
273 | TOMOYO_NETWORK_LISTEN, /* listen() operation. */ |
274 | TOMOYO_NETWORK_CONNECT, /* connect() operation. */ |
275 | TOMOYO_NETWORK_SEND, /* send() operation. */ |
276 | TOMOYO_MAX_NETWORK_OPERATION |
277 | }; |
278 | |
279 | /* Index numbers for access controls with two pathnames. */ |
280 | enum tomoyo_path2_acl_index { |
281 | TOMOYO_TYPE_LINK, |
282 | TOMOYO_TYPE_RENAME, |
283 | TOMOYO_TYPE_PIVOT_ROOT, |
284 | TOMOYO_MAX_PATH2_OPERATION |
285 | }; |
286 | |
287 | /* Index numbers for access controls with one pathname and one number. */ |
288 | enum tomoyo_path_number_acl_index { |
289 | TOMOYO_TYPE_CREATE, |
290 | TOMOYO_TYPE_MKDIR, |
291 | TOMOYO_TYPE_MKFIFO, |
292 | TOMOYO_TYPE_MKSOCK, |
293 | TOMOYO_TYPE_IOCTL, |
294 | TOMOYO_TYPE_CHMOD, |
295 | TOMOYO_TYPE_CHOWN, |
296 | TOMOYO_TYPE_CHGRP, |
297 | TOMOYO_MAX_PATH_NUMBER_OPERATION |
298 | }; |
299 | |
300 | /* Index numbers for /sys/kernel/security/tomoyo/ interfaces. */ |
301 | enum tomoyo_securityfs_interface_index { |
302 | TOMOYO_DOMAINPOLICY, |
303 | TOMOYO_EXCEPTIONPOLICY, |
304 | TOMOYO_PROCESS_STATUS, |
305 | TOMOYO_STAT, |
306 | TOMOYO_AUDIT, |
307 | TOMOYO_VERSION, |
308 | TOMOYO_PROFILE, |
309 | TOMOYO_QUERY, |
310 | TOMOYO_MANAGER |
311 | }; |
312 | |
313 | /* Index numbers for special mount operations. */ |
314 | enum tomoyo_special_mount { |
315 | TOMOYO_MOUNT_BIND, /* mount --bind /source /dest */ |
316 | TOMOYO_MOUNT_MOVE, /* mount --move /old /new */ |
317 | TOMOYO_MOUNT_REMOUNT, /* mount -o remount /dir */ |
318 | TOMOYO_MOUNT_MAKE_UNBINDABLE, /* mount --make-unbindable /dir */ |
319 | TOMOYO_MOUNT_MAKE_PRIVATE, /* mount --make-private /dir */ |
320 | TOMOYO_MOUNT_MAKE_SLAVE, /* mount --make-slave /dir */ |
321 | TOMOYO_MOUNT_MAKE_SHARED, /* mount --make-shared /dir */ |
322 | TOMOYO_MAX_SPECIAL_MOUNT |
323 | }; |
324 | |
325 | /* Index numbers for functionality. */ |
326 | enum tomoyo_mac_index { |
327 | TOMOYO_MAC_FILE_EXECUTE, |
328 | TOMOYO_MAC_FILE_OPEN, |
329 | TOMOYO_MAC_FILE_CREATE, |
330 | TOMOYO_MAC_FILE_UNLINK, |
331 | TOMOYO_MAC_FILE_GETATTR, |
332 | TOMOYO_MAC_FILE_MKDIR, |
333 | TOMOYO_MAC_FILE_RMDIR, |
334 | TOMOYO_MAC_FILE_MKFIFO, |
335 | TOMOYO_MAC_FILE_MKSOCK, |
336 | TOMOYO_MAC_FILE_TRUNCATE, |
337 | TOMOYO_MAC_FILE_SYMLINK, |
338 | TOMOYO_MAC_FILE_MKBLOCK, |
339 | TOMOYO_MAC_FILE_MKCHAR, |
340 | TOMOYO_MAC_FILE_LINK, |
341 | TOMOYO_MAC_FILE_RENAME, |
342 | TOMOYO_MAC_FILE_CHMOD, |
343 | TOMOYO_MAC_FILE_CHOWN, |
344 | TOMOYO_MAC_FILE_CHGRP, |
345 | TOMOYO_MAC_FILE_IOCTL, |
346 | TOMOYO_MAC_FILE_CHROOT, |
347 | TOMOYO_MAC_FILE_MOUNT, |
348 | TOMOYO_MAC_FILE_UMOUNT, |
349 | TOMOYO_MAC_FILE_PIVOT_ROOT, |
350 | TOMOYO_MAC_NETWORK_INET_STREAM_BIND, |
351 | TOMOYO_MAC_NETWORK_INET_STREAM_LISTEN, |
352 | TOMOYO_MAC_NETWORK_INET_STREAM_CONNECT, |
353 | TOMOYO_MAC_NETWORK_INET_DGRAM_BIND, |
354 | TOMOYO_MAC_NETWORK_INET_DGRAM_SEND, |
355 | TOMOYO_MAC_NETWORK_INET_RAW_BIND, |
356 | TOMOYO_MAC_NETWORK_INET_RAW_SEND, |
357 | TOMOYO_MAC_NETWORK_UNIX_STREAM_BIND, |
358 | TOMOYO_MAC_NETWORK_UNIX_STREAM_LISTEN, |
359 | TOMOYO_MAC_NETWORK_UNIX_STREAM_CONNECT, |
360 | TOMOYO_MAC_NETWORK_UNIX_DGRAM_BIND, |
361 | TOMOYO_MAC_NETWORK_UNIX_DGRAM_SEND, |
362 | TOMOYO_MAC_NETWORK_UNIX_SEQPACKET_BIND, |
363 | TOMOYO_MAC_NETWORK_UNIX_SEQPACKET_LISTEN, |
364 | TOMOYO_MAC_NETWORK_UNIX_SEQPACKET_CONNECT, |
365 | TOMOYO_MAC_ENVIRON, |
366 | TOMOYO_MAX_MAC_INDEX |
367 | }; |
368 | |
369 | /* Index numbers for category of functionality. */ |
370 | enum tomoyo_mac_category_index { |
371 | TOMOYO_MAC_CATEGORY_FILE, |
372 | TOMOYO_MAC_CATEGORY_NETWORK, |
373 | TOMOYO_MAC_CATEGORY_MISC, |
374 | TOMOYO_MAX_MAC_CATEGORY_INDEX |
375 | }; |
376 | |
377 | /* |
378 | * Retry this request. Returned by tomoyo_supervisor() if policy violation has |
379 | * occurred in enforcing mode and the userspace daemon decided to retry. |
380 | * |
381 | * We must choose a positive value in order to distinguish "granted" (which is |
382 | * 0) and "rejected" (which is a negative value) and "retry". |
383 | */ |
384 | #define TOMOYO_RETRY_REQUEST 1 |
385 | |
386 | /* Index numbers for /sys/kernel/security/tomoyo/stat interface. */ |
387 | enum tomoyo_policy_stat_type { |
388 | /* Do not change this order. */ |
389 | TOMOYO_STAT_POLICY_UPDATES, |
390 | TOMOYO_STAT_POLICY_LEARNING, /* == TOMOYO_CONFIG_LEARNING */ |
391 | TOMOYO_STAT_POLICY_PERMISSIVE, /* == TOMOYO_CONFIG_PERMISSIVE */ |
392 | TOMOYO_STAT_POLICY_ENFORCING, /* == TOMOYO_CONFIG_ENFORCING */ |
393 | TOMOYO_MAX_POLICY_STAT |
394 | }; |
395 | |
396 | /* Index numbers for profile's PREFERENCE values. */ |
397 | enum tomoyo_pref_index { |
398 | TOMOYO_PREF_MAX_AUDIT_LOG, |
399 | TOMOYO_PREF_MAX_LEARNING_ENTRY, |
400 | TOMOYO_MAX_PREF |
401 | }; |
402 | |
403 | /********** Structure definitions. **********/ |
404 | |
405 | /* Common header for holding ACL entries. */ |
406 | struct tomoyo_acl_head { |
407 | struct list_head list; |
408 | s8 is_deleted; /* true or false or TOMOYO_GC_IN_PROGRESS */ |
409 | } __packed; |
410 | |
411 | /* Common header for shared entries. */ |
412 | struct tomoyo_shared_acl_head { |
413 | struct list_head list; |
414 | atomic_t users; |
415 | } __packed; |
416 | |
417 | struct tomoyo_policy_namespace; |
418 | |
419 | /* Structure for request info. */ |
420 | struct tomoyo_request_info { |
421 | /* |
422 | * For holding parameters specific to operations which deal files. |
423 | * NULL if not dealing files. |
424 | */ |
425 | struct tomoyo_obj_info *obj; |
426 | /* |
427 | * For holding parameters specific to execve() request. |
428 | * NULL if not dealing execve(). |
429 | */ |
430 | struct tomoyo_execve *ee; |
431 | struct tomoyo_domain_info *domain; |
432 | /* For holding parameters. */ |
433 | union { |
434 | struct { |
435 | const struct tomoyo_path_info *filename; |
436 | /* For using wildcards at tomoyo_find_next_domain(). */ |
437 | const struct tomoyo_path_info *matched_path; |
438 | /* One of values in "enum tomoyo_path_acl_index". */ |
439 | u8 operation; |
440 | } path; |
441 | struct { |
442 | const struct tomoyo_path_info *filename1; |
443 | const struct tomoyo_path_info *filename2; |
444 | /* One of values in "enum tomoyo_path2_acl_index". */ |
445 | u8 operation; |
446 | } path2; |
447 | struct { |
448 | const struct tomoyo_path_info *filename; |
449 | unsigned int mode; |
450 | unsigned int major; |
451 | unsigned int minor; |
452 | /* One of values in "enum tomoyo_mkdev_acl_index". */ |
453 | u8 operation; |
454 | } mkdev; |
455 | struct { |
456 | const struct tomoyo_path_info *filename; |
457 | unsigned long number; |
458 | /* |
459 | * One of values in |
460 | * "enum tomoyo_path_number_acl_index". |
461 | */ |
462 | u8 operation; |
463 | } path_number; |
464 | struct { |
465 | const struct tomoyo_path_info *name; |
466 | } environ; |
467 | struct { |
468 | const __be32 *address; |
469 | u16 port; |
470 | /* One of values smaller than TOMOYO_SOCK_MAX. */ |
471 | u8 protocol; |
472 | /* One of values in "enum tomoyo_network_acl_index". */ |
473 | u8 operation; |
474 | bool is_ipv6; |
475 | } inet_network; |
476 | struct { |
477 | const struct tomoyo_path_info *address; |
478 | /* One of values smaller than TOMOYO_SOCK_MAX. */ |
479 | u8 protocol; |
480 | /* One of values in "enum tomoyo_network_acl_index". */ |
481 | u8 operation; |
482 | } unix_network; |
483 | struct { |
484 | const struct tomoyo_path_info *type; |
485 | const struct tomoyo_path_info *dir; |
486 | const struct tomoyo_path_info *dev; |
487 | unsigned long flags; |
488 | int need_dev; |
489 | } mount; |
490 | struct { |
491 | const struct tomoyo_path_info *domainname; |
492 | } task; |
493 | } param; |
494 | struct tomoyo_acl_info *matched_acl; |
495 | u8 param_type; |
496 | bool granted; |
497 | u8 retry; |
498 | u8 profile; |
499 | u8 mode; /* One of tomoyo_mode_index . */ |
500 | u8 type; |
501 | }; |
502 | |
503 | /* Structure for holding a token. */ |
504 | struct tomoyo_path_info { |
505 | const char *name; |
506 | u32 hash; /* = full_name_hash(name, strlen(name)) */ |
507 | u16 const_len; /* = tomoyo_const_part_length(name) */ |
508 | bool is_dir; /* = tomoyo_strendswith(name, "/") */ |
509 | bool is_patterned; /* = tomoyo_path_contains_pattern(name) */ |
510 | }; |
511 | |
512 | /* Structure for holding string data. */ |
513 | struct tomoyo_name { |
514 | struct tomoyo_shared_acl_head head; |
515 | struct tomoyo_path_info entry; |
516 | }; |
517 | |
518 | /* Structure for holding a word. */ |
519 | struct tomoyo_name_union { |
520 | /* Either @filename or @group is NULL. */ |
521 | const struct tomoyo_path_info *filename; |
522 | struct tomoyo_group *group; |
523 | }; |
524 | |
525 | /* Structure for holding a number. */ |
526 | struct tomoyo_number_union { |
527 | unsigned long values[2]; |
528 | struct tomoyo_group *group; /* Maybe NULL. */ |
529 | /* One of values in "enum tomoyo_value_type". */ |
530 | u8 value_type[2]; |
531 | }; |
532 | |
533 | /* Structure for holding an IP address. */ |
534 | struct tomoyo_ipaddr_union { |
535 | struct in6_addr ip[2]; /* Big endian. */ |
536 | struct tomoyo_group *group; /* Pointer to address group. */ |
537 | bool is_ipv6; /* Valid only if @group == NULL. */ |
538 | }; |
539 | |
540 | /* Structure for "path_group"/"number_group"/"address_group" directive. */ |
541 | struct tomoyo_group { |
542 | struct tomoyo_shared_acl_head head; |
543 | const struct tomoyo_path_info *group_name; |
544 | struct list_head member_list; |
545 | }; |
546 | |
547 | /* Structure for "path_group" directive. */ |
548 | struct tomoyo_path_group { |
549 | struct tomoyo_acl_head head; |
550 | const struct tomoyo_path_info *member_name; |
551 | }; |
552 | |
553 | /* Structure for "number_group" directive. */ |
554 | struct tomoyo_number_group { |
555 | struct tomoyo_acl_head head; |
556 | struct tomoyo_number_union number; |
557 | }; |
558 | |
559 | /* Structure for "address_group" directive. */ |
560 | struct tomoyo_address_group { |
561 | struct tomoyo_acl_head head; |
562 | /* Structure for holding an IP address. */ |
563 | struct tomoyo_ipaddr_union address; |
564 | }; |
565 | |
566 | /* Subset of "struct stat". Used by conditional ACL and audit logs. */ |
567 | struct tomoyo_mini_stat { |
568 | kuid_t uid; |
569 | kgid_t gid; |
570 | ino_t ino; |
571 | umode_t mode; |
572 | dev_t dev; |
573 | dev_t rdev; |
574 | }; |
575 | |
576 | /* Structure for dumping argv[] and envp[] of "struct linux_binprm". */ |
577 | struct tomoyo_page_dump { |
578 | struct page *page; /* Previously dumped page. */ |
579 | char *data; /* Contents of "page". Size is PAGE_SIZE. */ |
580 | }; |
581 | |
582 | /* Structure for attribute checks in addition to pathname checks. */ |
583 | struct tomoyo_obj_info { |
584 | /* |
585 | * True if tomoyo_get_attributes() was already called, false otherwise. |
586 | */ |
587 | bool validate_done; |
588 | /* True if @stat[] is valid. */ |
589 | bool stat_valid[TOMOYO_MAX_PATH_STAT]; |
590 | /* First pathname. Initialized with { NULL, NULL } if no path. */ |
591 | struct path path1; |
592 | /* Second pathname. Initialized with { NULL, NULL } if no path. */ |
593 | struct path path2; |
594 | /* |
595 | * Information on @path1, @path1's parent directory, @path2, @path2's |
596 | * parent directory. |
597 | */ |
598 | struct tomoyo_mini_stat stat[TOMOYO_MAX_PATH_STAT]; |
599 | /* |
600 | * Content of symbolic link to be created. NULL for operations other |
601 | * than symlink(). |
602 | */ |
603 | struct tomoyo_path_info *symlink_target; |
604 | }; |
605 | |
606 | /* Structure for argv[]. */ |
607 | struct tomoyo_argv { |
608 | unsigned long index; |
609 | const struct tomoyo_path_info *value; |
610 | bool is_not; |
611 | }; |
612 | |
613 | /* Structure for envp[]. */ |
614 | struct tomoyo_envp { |
615 | const struct tomoyo_path_info *name; |
616 | const struct tomoyo_path_info *value; |
617 | bool is_not; |
618 | }; |
619 | |
620 | /* Structure for execve() operation. */ |
621 | struct tomoyo_execve { |
622 | struct tomoyo_request_info r; |
623 | struct tomoyo_obj_info obj; |
624 | struct linux_binprm *bprm; |
625 | const struct tomoyo_path_info *transition; |
626 | /* For dumping argv[] and envp[]. */ |
627 | struct tomoyo_page_dump dump; |
628 | /* For temporary use. */ |
629 | char *tmp; /* Size is TOMOYO_EXEC_TMPSIZE bytes */ |
630 | }; |
631 | |
632 | /* Structure for entries which follows "struct tomoyo_condition". */ |
633 | struct tomoyo_condition_element { |
634 | /* |
635 | * Left hand operand. A "struct tomoyo_argv" for TOMOYO_ARGV_ENTRY, a |
636 | * "struct tomoyo_envp" for TOMOYO_ENVP_ENTRY is attached to the tail |
637 | * of the array of this struct. |
638 | */ |
639 | u8 left; |
640 | /* |
641 | * Right hand operand. A "struct tomoyo_number_union" for |
642 | * TOMOYO_NUMBER_UNION, a "struct tomoyo_name_union" for |
643 | * TOMOYO_NAME_UNION is attached to the tail of the array of this |
644 | * struct. |
645 | */ |
646 | u8 right; |
647 | /* Equation operator. True if equals or overlaps, false otherwise. */ |
648 | bool equals; |
649 | }; |
650 | |
651 | /* Structure for optional arguments. */ |
652 | struct tomoyo_condition { |
653 | struct tomoyo_shared_acl_head head; |
654 | u32 size; /* Memory size allocated for this entry. */ |
655 | u16 condc; /* Number of conditions in this struct. */ |
656 | u16 numbers_count; /* Number of "struct tomoyo_number_union values". */ |
657 | u16 names_count; /* Number of "struct tomoyo_name_union names". */ |
658 | u16 argc; /* Number of "struct tomoyo_argv". */ |
659 | u16 envc; /* Number of "struct tomoyo_envp". */ |
660 | u8 grant_log; /* One of values in "enum tomoyo_grant_log". */ |
661 | const struct tomoyo_path_info *transit; /* Maybe NULL. */ |
662 | /* |
663 | * struct tomoyo_condition_element condition[condc]; |
664 | * struct tomoyo_number_union values[numbers_count]; |
665 | * struct tomoyo_name_union names[names_count]; |
666 | * struct tomoyo_argv argv[argc]; |
667 | * struct tomoyo_envp envp[envc]; |
668 | */ |
669 | }; |
670 | |
671 | /* Common header for individual entries. */ |
672 | struct tomoyo_acl_info { |
673 | struct list_head list; |
674 | struct tomoyo_condition *cond; /* Maybe NULL. */ |
675 | s8 is_deleted; /* true or false or TOMOYO_GC_IN_PROGRESS */ |
676 | u8 type; /* One of values in "enum tomoyo_acl_entry_type_index". */ |
677 | } __packed; |
678 | |
679 | /* Structure for domain information. */ |
680 | struct tomoyo_domain_info { |
681 | struct list_head list; |
682 | struct list_head acl_info_list; |
683 | /* Name of this domain. Never NULL. */ |
684 | const struct tomoyo_path_info *domainname; |
685 | /* Namespace for this domain. Never NULL. */ |
686 | struct tomoyo_policy_namespace *ns; |
687 | /* Group numbers to use. */ |
688 | unsigned long group[TOMOYO_MAX_ACL_GROUPS / BITS_PER_LONG]; |
689 | u8 profile; /* Profile number to use. */ |
690 | bool is_deleted; /* Delete flag. */ |
691 | bool flags[TOMOYO_MAX_DOMAIN_INFO_FLAGS]; |
692 | atomic_t users; /* Number of referring tasks. */ |
693 | }; |
694 | |
695 | /* |
696 | * Structure for "task manual_domain_transition" directive. |
697 | */ |
698 | struct tomoyo_task_acl { |
699 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MANUAL_TASK_ACL */ |
700 | /* Pointer to domainname. */ |
701 | const struct tomoyo_path_info *domainname; |
702 | }; |
703 | |
704 | /* |
705 | * Structure for "file execute", "file read", "file write", "file append", |
706 | * "file unlink", "file getattr", "file rmdir", "file truncate", |
707 | * "file symlink", "file chroot" and "file unmount" directive. |
708 | */ |
709 | struct tomoyo_path_acl { |
710 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */ |
711 | u16 perm; /* Bitmask of values in "enum tomoyo_path_acl_index". */ |
712 | struct tomoyo_name_union name; |
713 | }; |
714 | |
715 | /* |
716 | * Structure for "file create", "file mkdir", "file mkfifo", "file mksock", |
717 | * "file ioctl", "file chmod", "file chown" and "file chgrp" directive. |
718 | */ |
719 | struct tomoyo_path_number_acl { |
720 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_NUMBER_ACL */ |
721 | /* Bitmask of values in "enum tomoyo_path_number_acl_index". */ |
722 | u8 perm; |
723 | struct tomoyo_name_union name; |
724 | struct tomoyo_number_union number; |
725 | }; |
726 | |
727 | /* Structure for "file mkblock" and "file mkchar" directive. */ |
728 | struct tomoyo_mkdev_acl { |
729 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MKDEV_ACL */ |
730 | u8 perm; /* Bitmask of values in "enum tomoyo_mkdev_acl_index". */ |
731 | struct tomoyo_name_union name; |
732 | struct tomoyo_number_union mode; |
733 | struct tomoyo_number_union major; |
734 | struct tomoyo_number_union minor; |
735 | }; |
736 | |
737 | /* |
738 | * Structure for "file rename", "file link" and "file pivot_root" directive. |
739 | */ |
740 | struct tomoyo_path2_acl { |
741 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH2_ACL */ |
742 | u8 perm; /* Bitmask of values in "enum tomoyo_path2_acl_index". */ |
743 | struct tomoyo_name_union name1; |
744 | struct tomoyo_name_union name2; |
745 | }; |
746 | |
747 | /* Structure for "file mount" directive. */ |
748 | struct tomoyo_mount_acl { |
749 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MOUNT_ACL */ |
750 | struct tomoyo_name_union dev_name; |
751 | struct tomoyo_name_union dir_name; |
752 | struct tomoyo_name_union fs_type; |
753 | struct tomoyo_number_union flags; |
754 | }; |
755 | |
756 | /* Structure for "misc env" directive in domain policy. */ |
757 | struct tomoyo_env_acl { |
758 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_ENV_ACL */ |
759 | const struct tomoyo_path_info *env; /* environment variable */ |
760 | }; |
761 | |
762 | /* Structure for "network inet" directive. */ |
763 | struct tomoyo_inet_acl { |
764 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_INET_ACL */ |
765 | u8 protocol; |
766 | u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ |
767 | struct tomoyo_ipaddr_union address; |
768 | struct tomoyo_number_union port; |
769 | }; |
770 | |
771 | /* Structure for "network unix" directive. */ |
772 | struct tomoyo_unix_acl { |
773 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_UNIX_ACL */ |
774 | u8 protocol; |
775 | u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ |
776 | struct tomoyo_name_union name; |
777 | }; |
778 | |
779 | /* Structure for holding a line from /sys/kernel/security/tomoyo/ interface. */ |
780 | struct tomoyo_acl_param { |
781 | char *data; |
782 | struct list_head *list; |
783 | struct tomoyo_policy_namespace *ns; |
784 | bool is_delete; |
785 | }; |
786 | |
787 | #define TOMOYO_MAX_IO_READ_QUEUE 64 |
788 | |
789 | /* |
790 | * Structure for reading/writing policy via /sys/kernel/security/tomoyo |
791 | * interfaces. |
792 | */ |
793 | struct tomoyo_io_buffer { |
794 | void (*read)(struct tomoyo_io_buffer *head); |
795 | int (*write)(struct tomoyo_io_buffer *head); |
796 | __poll_t (*poll)(struct file *file, poll_table *wait); |
797 | /* Exclusive lock for this structure. */ |
798 | struct mutex io_sem; |
799 | char __user *read_user_buf; |
800 | size_t read_user_buf_avail; |
801 | struct { |
802 | struct list_head *ns; |
803 | struct list_head *domain; |
804 | struct list_head *group; |
805 | struct list_head *acl; |
806 | size_t avail; |
807 | unsigned int step; |
808 | unsigned int query_index; |
809 | u16 index; |
810 | u16 cond_index; |
811 | u8 acl_group_index; |
812 | u8 cond_step; |
813 | u8 bit; |
814 | u8 w_pos; |
815 | bool eof; |
816 | bool print_this_domain_only; |
817 | bool print_transition_related_only; |
818 | bool print_cond_part; |
819 | const char *w[TOMOYO_MAX_IO_READ_QUEUE]; |
820 | } r; |
821 | struct { |
822 | struct tomoyo_policy_namespace *ns; |
823 | /* The position currently writing to. */ |
824 | struct tomoyo_domain_info *domain; |
825 | /* Bytes available for writing. */ |
826 | size_t avail; |
827 | bool is_delete; |
828 | } w; |
829 | /* Buffer for reading. */ |
830 | char *read_buf; |
831 | /* Size of read buffer. */ |
832 | size_t readbuf_size; |
833 | /* Buffer for writing. */ |
834 | char *write_buf; |
835 | /* Size of write buffer. */ |
836 | size_t writebuf_size; |
837 | /* Type of this interface. */ |
838 | enum tomoyo_securityfs_interface_index type; |
839 | /* Users counter protected by tomoyo_io_buffer_list_lock. */ |
840 | u8 users; |
841 | /* List for telling GC not to kfree() elements. */ |
842 | struct list_head list; |
843 | }; |
844 | |
845 | /* |
846 | * Structure for "initialize_domain"/"no_initialize_domain"/"keep_domain"/ |
847 | * "no_keep_domain" keyword. |
848 | */ |
849 | struct tomoyo_transition_control { |
850 | struct tomoyo_acl_head head; |
851 | u8 type; /* One of values in "enum tomoyo_transition_type". */ |
852 | /* True if the domainname is tomoyo_get_last_name(). */ |
853 | bool is_last_name; |
854 | const struct tomoyo_path_info *domainname; /* Maybe NULL */ |
855 | const struct tomoyo_path_info *program; /* Maybe NULL */ |
856 | }; |
857 | |
858 | /* Structure for "aggregator" keyword. */ |
859 | struct tomoyo_aggregator { |
860 | struct tomoyo_acl_head head; |
861 | const struct tomoyo_path_info *original_name; |
862 | const struct tomoyo_path_info *aggregated_name; |
863 | }; |
864 | |
865 | /* Structure for policy manager. */ |
866 | struct tomoyo_manager { |
867 | struct tomoyo_acl_head head; |
868 | /* A path to program or a domainname. */ |
869 | const struct tomoyo_path_info *manager; |
870 | }; |
871 | |
872 | struct tomoyo_preference { |
873 | unsigned int learning_max_entry; |
874 | bool enforcing_verbose; |
875 | bool learning_verbose; |
876 | bool permissive_verbose; |
877 | }; |
878 | |
879 | /* Structure for /sys/kernel/security/tomnoyo/profile interface. */ |
880 | struct tomoyo_profile { |
881 | const struct tomoyo_path_info *; |
882 | struct tomoyo_preference *learning; |
883 | struct tomoyo_preference *permissive; |
884 | struct tomoyo_preference *enforcing; |
885 | struct tomoyo_preference preference; |
886 | u8 default_config; |
887 | u8 config[TOMOYO_MAX_MAC_INDEX + TOMOYO_MAX_MAC_CATEGORY_INDEX]; |
888 | unsigned int pref[TOMOYO_MAX_PREF]; |
889 | }; |
890 | |
891 | /* Structure for representing YYYY/MM/DD hh/mm/ss. */ |
892 | struct tomoyo_time { |
893 | u16 year; |
894 | u8 month; |
895 | u8 day; |
896 | u8 hour; |
897 | u8 min; |
898 | u8 sec; |
899 | }; |
900 | |
901 | /* Structure for policy namespace. */ |
902 | struct tomoyo_policy_namespace { |
903 | /* Profile table. Memory is allocated as needed. */ |
904 | struct tomoyo_profile *profile_ptr[TOMOYO_MAX_PROFILES]; |
905 | /* List of "struct tomoyo_group". */ |
906 | struct list_head group_list[TOMOYO_MAX_GROUP]; |
907 | /* List of policy. */ |
908 | struct list_head policy_list[TOMOYO_MAX_POLICY]; |
909 | /* The global ACL referred by "use_group" keyword. */ |
910 | struct list_head acl_group[TOMOYO_MAX_ACL_GROUPS]; |
911 | /* List for connecting to tomoyo_namespace_list list. */ |
912 | struct list_head namespace_list; |
913 | /* Profile version. Currently only 20150505 is defined. */ |
914 | unsigned int profile_version; |
915 | /* Name of this namespace (e.g. "<kernel>", "</usr/sbin/httpd>" ). */ |
916 | const char *name; |
917 | }; |
918 | |
919 | /* Structure for "struct task_struct"->security. */ |
920 | struct tomoyo_task { |
921 | struct tomoyo_domain_info *domain_info; |
922 | struct tomoyo_domain_info *old_domain_info; |
923 | }; |
924 | |
925 | /********** Function prototypes. **********/ |
926 | |
927 | bool tomoyo_address_matches_group(const bool is_ipv6, const __be32 *address, |
928 | const struct tomoyo_group *group); |
929 | bool tomoyo_compare_number_union(const unsigned long value, |
930 | const struct tomoyo_number_union *ptr); |
931 | bool tomoyo_condition(struct tomoyo_request_info *r, |
932 | const struct tomoyo_condition *cond); |
933 | bool tomoyo_correct_domain(const unsigned char *domainname); |
934 | bool tomoyo_correct_path(const char *filename); |
935 | bool tomoyo_correct_word(const char *string); |
936 | bool tomoyo_domain_def(const unsigned char *buffer); |
937 | bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r); |
938 | bool tomoyo_dump_page(struct linux_binprm *bprm, unsigned long pos, |
939 | struct tomoyo_page_dump *dump); |
940 | bool tomoyo_memory_ok(void *ptr); |
941 | bool tomoyo_number_matches_group(const unsigned long min, |
942 | const unsigned long max, |
943 | const struct tomoyo_group *group); |
944 | bool tomoyo_parse_ipaddr_union(struct tomoyo_acl_param *param, |
945 | struct tomoyo_ipaddr_union *ptr); |
946 | bool tomoyo_parse_name_union(struct tomoyo_acl_param *param, |
947 | struct tomoyo_name_union *ptr); |
948 | bool tomoyo_parse_number_union(struct tomoyo_acl_param *param, |
949 | struct tomoyo_number_union *ptr); |
950 | bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename, |
951 | const struct tomoyo_path_info *pattern); |
952 | bool tomoyo_permstr(const char *string, const char *keyword); |
953 | bool tomoyo_str_starts(char **src, const char *find); |
954 | char *tomoyo_encode(const char *str); |
955 | char *tomoyo_encode2(const char *str, int str_len); |
956 | char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt, |
957 | va_list args) __printf(3, 0); |
958 | char *tomoyo_read_token(struct tomoyo_acl_param *param); |
959 | char *tomoyo_realpath_from_path(const struct path *path); |
960 | char *tomoyo_realpath_nofollow(const char *pathname); |
961 | const char *tomoyo_get_exe(void); |
962 | const struct tomoyo_path_info *tomoyo_compare_name_union |
963 | (const struct tomoyo_path_info *name, const struct tomoyo_name_union *ptr); |
964 | const struct tomoyo_path_info *tomoyo_get_domainname |
965 | (struct tomoyo_acl_param *param); |
966 | const struct tomoyo_path_info *tomoyo_get_name(const char *name); |
967 | const struct tomoyo_path_info *tomoyo_path_matches_group |
968 | (const struct tomoyo_path_info *pathname, const struct tomoyo_group *group); |
969 | int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, |
970 | const struct path *path, const int flag); |
971 | void tomoyo_close_control(struct tomoyo_io_buffer *head); |
972 | int tomoyo_env_perm(struct tomoyo_request_info *r, const char *env); |
973 | int tomoyo_execute_permission(struct tomoyo_request_info *r, |
974 | const struct tomoyo_path_info *filename); |
975 | int tomoyo_find_next_domain(struct linux_binprm *bprm); |
976 | int tomoyo_get_mode(const struct tomoyo_policy_namespace *ns, const u8 profile, |
977 | const u8 index); |
978 | int tomoyo_init_request_info(struct tomoyo_request_info *r, |
979 | struct tomoyo_domain_info *domain, |
980 | const u8 index); |
981 | int tomoyo_mkdev_perm(const u8 operation, const struct path *path, |
982 | const unsigned int mode, unsigned int dev); |
983 | int tomoyo_mount_permission(const char *dev_name, const struct path *path, |
984 | const char *type, unsigned long flags, |
985 | void *data_page); |
986 | int tomoyo_open_control(const u8 type, struct file *file); |
987 | int tomoyo_path2_perm(const u8 operation, const struct path *path1, |
988 | const struct path *path2); |
989 | int tomoyo_path_number_perm(const u8 operation, const struct path *path, |
990 | unsigned long number); |
991 | int tomoyo_path_perm(const u8 operation, const struct path *path, |
992 | const char *target); |
993 | __poll_t tomoyo_poll_control(struct file *file, poll_table *wait); |
994 | __poll_t tomoyo_poll_log(struct file *file, poll_table *wait); |
995 | int tomoyo_socket_bind_permission(struct socket *sock, struct sockaddr *addr, |
996 | int addr_len); |
997 | int tomoyo_socket_connect_permission(struct socket *sock, |
998 | struct sockaddr *addr, int addr_len); |
999 | int tomoyo_socket_listen_permission(struct socket *sock); |
1000 | int tomoyo_socket_sendmsg_permission(struct socket *sock, struct msghdr *msg, |
1001 | int size); |
1002 | int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...) |
1003 | __printf(2, 3); |
1004 | int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, |
1005 | struct tomoyo_acl_param *param, |
1006 | bool (*check_duplicate) |
1007 | (const struct tomoyo_acl_info *, |
1008 | const struct tomoyo_acl_info *), |
1009 | bool (*merge_duplicate) |
1010 | (struct tomoyo_acl_info *, struct tomoyo_acl_info *, |
1011 | const bool)); |
1012 | int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, |
1013 | struct tomoyo_acl_param *param, |
1014 | bool (*check_duplicate) |
1015 | (const struct tomoyo_acl_head *, |
1016 | const struct tomoyo_acl_head *)); |
1017 | int tomoyo_write_aggregator(struct tomoyo_acl_param *param); |
1018 | int tomoyo_write_file(struct tomoyo_acl_param *param); |
1019 | int tomoyo_write_group(struct tomoyo_acl_param *param, const u8 type); |
1020 | int tomoyo_write_misc(struct tomoyo_acl_param *param); |
1021 | int tomoyo_write_inet_network(struct tomoyo_acl_param *param); |
1022 | int tomoyo_write_transition_control(struct tomoyo_acl_param *param, |
1023 | const u8 type); |
1024 | int tomoyo_write_unix_network(struct tomoyo_acl_param *param); |
1025 | ssize_t tomoyo_read_control(struct tomoyo_io_buffer *head, char __user *buffer, |
1026 | const int buffer_len); |
1027 | ssize_t tomoyo_write_control(struct tomoyo_io_buffer *head, |
1028 | const char __user *buffer, const int buffer_len); |
1029 | struct tomoyo_condition *tomoyo_get_condition(struct tomoyo_acl_param *param); |
1030 | struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname, |
1031 | const bool transit); |
1032 | struct tomoyo_domain_info *tomoyo_domain(void); |
1033 | struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname); |
1034 | struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param, |
1035 | const u8 idx); |
1036 | struct tomoyo_policy_namespace *tomoyo_assign_namespace |
1037 | (const char *domainname); |
1038 | struct tomoyo_profile *tomoyo_profile(const struct tomoyo_policy_namespace *ns, |
1039 | const u8 profile); |
1040 | u8 tomoyo_parse_ulong(unsigned long *result, char **str); |
1041 | void *tomoyo_commit_ok(void *data, const unsigned int size); |
1042 | void __init tomoyo_load_builtin_policy(void); |
1043 | void __init tomoyo_mm_init(void); |
1044 | void tomoyo_check_acl(struct tomoyo_request_info *r, |
1045 | bool (*check_entry)(struct tomoyo_request_info *, |
1046 | const struct tomoyo_acl_info *)); |
1047 | void tomoyo_check_profile(void); |
1048 | void tomoyo_convert_time(time64_t time, struct tomoyo_time *stamp); |
1049 | void tomoyo_del_condition(struct list_head *element); |
1050 | void tomoyo_fill_path_info(struct tomoyo_path_info *ptr); |
1051 | void tomoyo_get_attributes(struct tomoyo_obj_info *obj); |
1052 | void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns); |
1053 | void tomoyo_load_policy(const char *filename); |
1054 | void tomoyo_normalize_line(unsigned char *buffer); |
1055 | void tomoyo_notify_gc(struct tomoyo_io_buffer *head, const bool is_register); |
1056 | void tomoyo_print_ip(char *buf, const unsigned int size, |
1057 | const struct tomoyo_ipaddr_union *ptr); |
1058 | void tomoyo_print_ulong(char *buffer, const int buffer_len, |
1059 | const unsigned long value, const u8 type); |
1060 | void tomoyo_put_name_union(struct tomoyo_name_union *ptr); |
1061 | void tomoyo_put_number_union(struct tomoyo_number_union *ptr); |
1062 | void tomoyo_read_log(struct tomoyo_io_buffer *head); |
1063 | void tomoyo_update_stat(const u8 index); |
1064 | void tomoyo_warn_oom(const char *function); |
1065 | void tomoyo_write_log(struct tomoyo_request_info *r, const char *fmt, ...) |
1066 | __printf(2, 3); |
1067 | void tomoyo_write_log2(struct tomoyo_request_info *r, int len, const char *fmt, |
1068 | va_list args) __printf(3, 0); |
1069 | |
1070 | /********** External variable definitions. **********/ |
1071 | |
1072 | extern bool tomoyo_policy_loaded; |
1073 | extern int tomoyo_enabled; |
1074 | extern const char * const tomoyo_condition_keyword |
1075 | [TOMOYO_MAX_CONDITION_KEYWORD]; |
1076 | extern const char * const tomoyo_dif[TOMOYO_MAX_DOMAIN_INFO_FLAGS]; |
1077 | extern const char * const tomoyo_mac_keywords[TOMOYO_MAX_MAC_INDEX |
1078 | + TOMOYO_MAX_MAC_CATEGORY_INDEX]; |
1079 | extern const char * const tomoyo_mode[TOMOYO_CONFIG_MAX_MODE]; |
1080 | extern const char * const tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION]; |
1081 | extern const char * const tomoyo_proto_keyword[TOMOYO_SOCK_MAX]; |
1082 | extern const char * const tomoyo_socket_keyword[TOMOYO_MAX_NETWORK_OPERATION]; |
1083 | extern const u8 tomoyo_index2category[TOMOYO_MAX_MAC_INDEX]; |
1084 | extern const u8 tomoyo_pn2mac[TOMOYO_MAX_PATH_NUMBER_OPERATION]; |
1085 | extern const u8 tomoyo_pnnn2mac[TOMOYO_MAX_MKDEV_OPERATION]; |
1086 | extern const u8 tomoyo_pp2mac[TOMOYO_MAX_PATH2_OPERATION]; |
1087 | extern struct list_head tomoyo_condition_list; |
1088 | extern struct list_head tomoyo_domain_list; |
1089 | extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; |
1090 | extern struct list_head tomoyo_namespace_list; |
1091 | extern struct mutex tomoyo_policy_lock; |
1092 | extern struct srcu_struct tomoyo_ss; |
1093 | extern struct tomoyo_domain_info tomoyo_kernel_domain; |
1094 | extern struct tomoyo_policy_namespace tomoyo_kernel_namespace; |
1095 | extern unsigned int tomoyo_memory_quota[TOMOYO_MAX_MEMORY_STAT]; |
1096 | extern unsigned int tomoyo_memory_used[TOMOYO_MAX_MEMORY_STAT]; |
1097 | extern struct lsm_blob_sizes tomoyo_blob_sizes; |
1098 | |
1099 | /********** Inlined functions. **********/ |
1100 | |
1101 | /** |
1102 | * tomoyo_read_lock - Take lock for protecting policy. |
1103 | * |
1104 | * Returns index number for tomoyo_read_unlock(). |
1105 | */ |
1106 | static inline int tomoyo_read_lock(void) |
1107 | { |
1108 | return srcu_read_lock(ssp: &tomoyo_ss); |
1109 | } |
1110 | |
1111 | /** |
1112 | * tomoyo_read_unlock - Release lock for protecting policy. |
1113 | * |
1114 | * @idx: Index number returned by tomoyo_read_lock(). |
1115 | * |
1116 | * Returns nothing. |
1117 | */ |
1118 | static inline void tomoyo_read_unlock(int idx) |
1119 | { |
1120 | srcu_read_unlock(ssp: &tomoyo_ss, idx); |
1121 | } |
1122 | |
1123 | /** |
1124 | * tomoyo_sys_getppid - Copy of getppid(). |
1125 | * |
1126 | * Returns parent process's PID. |
1127 | * |
1128 | * Alpha does not have getppid() defined. To be able to build this module on |
1129 | * Alpha, I have to copy getppid() from kernel/timer.c. |
1130 | */ |
1131 | static inline pid_t tomoyo_sys_getppid(void) |
1132 | { |
1133 | pid_t pid; |
1134 | |
1135 | rcu_read_lock(); |
1136 | pid = task_tgid_vnr(rcu_dereference(current->real_parent)); |
1137 | rcu_read_unlock(); |
1138 | return pid; |
1139 | } |
1140 | |
1141 | /** |
1142 | * tomoyo_sys_getpid - Copy of getpid(). |
1143 | * |
1144 | * Returns current thread's PID. |
1145 | * |
1146 | * Alpha does not have getpid() defined. To be able to build this module on |
1147 | * Alpha, I have to copy getpid() from kernel/timer.c. |
1148 | */ |
1149 | static inline pid_t tomoyo_sys_getpid(void) |
1150 | { |
1151 | return task_tgid_vnr(current); |
1152 | } |
1153 | |
1154 | /** |
1155 | * tomoyo_pathcmp - strcmp() for "struct tomoyo_path_info" structure. |
1156 | * |
1157 | * @a: Pointer to "struct tomoyo_path_info". |
1158 | * @b: Pointer to "struct tomoyo_path_info". |
1159 | * |
1160 | * Returns true if @a == @b, false otherwise. |
1161 | */ |
1162 | static inline bool tomoyo_pathcmp(const struct tomoyo_path_info *a, |
1163 | const struct tomoyo_path_info *b) |
1164 | { |
1165 | return a->hash != b->hash || strcmp(a->name, b->name); |
1166 | } |
1167 | |
1168 | /** |
1169 | * tomoyo_put_name - Drop reference on "struct tomoyo_name". |
1170 | * |
1171 | * @name: Pointer to "struct tomoyo_path_info". Maybe NULL. |
1172 | * |
1173 | * Returns nothing. |
1174 | */ |
1175 | static inline void tomoyo_put_name(const struct tomoyo_path_info *name) |
1176 | { |
1177 | if (name) { |
1178 | struct tomoyo_name *ptr = |
1179 | container_of(name, typeof(*ptr), entry); |
1180 | atomic_dec(v: &ptr->head.users); |
1181 | } |
1182 | } |
1183 | |
1184 | /** |
1185 | * tomoyo_put_condition - Drop reference on "struct tomoyo_condition". |
1186 | * |
1187 | * @cond: Pointer to "struct tomoyo_condition". Maybe NULL. |
1188 | * |
1189 | * Returns nothing. |
1190 | */ |
1191 | static inline void tomoyo_put_condition(struct tomoyo_condition *cond) |
1192 | { |
1193 | if (cond) |
1194 | atomic_dec(v: &cond->head.users); |
1195 | } |
1196 | |
1197 | /** |
1198 | * tomoyo_put_group - Drop reference on "struct tomoyo_group". |
1199 | * |
1200 | * @group: Pointer to "struct tomoyo_group". Maybe NULL. |
1201 | * |
1202 | * Returns nothing. |
1203 | */ |
1204 | static inline void tomoyo_put_group(struct tomoyo_group *group) |
1205 | { |
1206 | if (group) |
1207 | atomic_dec(v: &group->head.users); |
1208 | } |
1209 | |
1210 | /** |
1211 | * tomoyo_task - Get "struct tomoyo_task" for specified thread. |
1212 | * |
1213 | * @task - Pointer to "struct task_struct". |
1214 | * |
1215 | * Returns pointer to "struct tomoyo_task" for specified thread. |
1216 | */ |
1217 | static inline struct tomoyo_task *tomoyo_task(struct task_struct *task) |
1218 | { |
1219 | return task->security + tomoyo_blob_sizes.lbs_task; |
1220 | } |
1221 | |
1222 | /** |
1223 | * tomoyo_same_name_union - Check for duplicated "struct tomoyo_name_union" entry. |
1224 | * |
1225 | * @a: Pointer to "struct tomoyo_name_union". |
1226 | * @b: Pointer to "struct tomoyo_name_union". |
1227 | * |
1228 | * Returns true if @a == @b, false otherwise. |
1229 | */ |
1230 | static inline bool tomoyo_same_name_union |
1231 | (const struct tomoyo_name_union *a, const struct tomoyo_name_union *b) |
1232 | { |
1233 | return a->filename == b->filename && a->group == b->group; |
1234 | } |
1235 | |
1236 | /** |
1237 | * tomoyo_same_number_union - Check for duplicated "struct tomoyo_number_union" entry. |
1238 | * |
1239 | * @a: Pointer to "struct tomoyo_number_union". |
1240 | * @b: Pointer to "struct tomoyo_number_union". |
1241 | * |
1242 | * Returns true if @a == @b, false otherwise. |
1243 | */ |
1244 | static inline bool tomoyo_same_number_union |
1245 | (const struct tomoyo_number_union *a, const struct tomoyo_number_union *b) |
1246 | { |
1247 | return a->values[0] == b->values[0] && a->values[1] == b->values[1] && |
1248 | a->group == b->group && a->value_type[0] == b->value_type[0] && |
1249 | a->value_type[1] == b->value_type[1]; |
1250 | } |
1251 | |
1252 | /** |
1253 | * tomoyo_same_ipaddr_union - Check for duplicated "struct tomoyo_ipaddr_union" entry. |
1254 | * |
1255 | * @a: Pointer to "struct tomoyo_ipaddr_union". |
1256 | * @b: Pointer to "struct tomoyo_ipaddr_union". |
1257 | * |
1258 | * Returns true if @a == @b, false otherwise. |
1259 | */ |
1260 | static inline bool tomoyo_same_ipaddr_union |
1261 | (const struct tomoyo_ipaddr_union *a, const struct tomoyo_ipaddr_union *b) |
1262 | { |
1263 | return !memcmp(p: a->ip, q: b->ip, size: sizeof(a->ip)) && a->group == b->group && |
1264 | a->is_ipv6 == b->is_ipv6; |
1265 | } |
1266 | |
1267 | /** |
1268 | * tomoyo_current_namespace - Get "struct tomoyo_policy_namespace" for current thread. |
1269 | * |
1270 | * Returns pointer to "struct tomoyo_policy_namespace" for current thread. |
1271 | */ |
1272 | static inline struct tomoyo_policy_namespace *tomoyo_current_namespace(void) |
1273 | { |
1274 | return tomoyo_domain()->ns; |
1275 | } |
1276 | |
1277 | /** |
1278 | * list_for_each_cookie - iterate over a list with cookie. |
1279 | * @pos: the &struct list_head to use as a loop cursor. |
1280 | * @head: the head for your list. |
1281 | */ |
1282 | #define list_for_each_cookie(pos, head) \ |
1283 | if (!pos) \ |
1284 | pos = srcu_dereference((head)->next, &tomoyo_ss); \ |
1285 | for ( ; pos != (head); pos = srcu_dereference(pos->next, &tomoyo_ss)) |
1286 | |
1287 | #endif /* !defined(_SECURITY_TOMOYO_COMMON_H) */ |
1288 | |