1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <linux/ctype.h>
16#include <linux/security.h>
17#include <linux/vmalloc.h>
18#include <linux/module.h>
19#include <linux/seq_file.h>
20#include <linux/uaccess.h>
21#include <linux/mount.h>
22#include <linux/namei.h>
23#include <linux/capability.h>
24#include <linux/rcupdate.h>
25#include <linux/fs.h>
26#include <linux/poll.h>
27#include <uapi/linux/major.h>
28#include <uapi/linux/magic.h>
29
30#include "include/apparmor.h"
31#include "include/apparmorfs.h"
32#include "include/audit.h"
33#include "include/context.h"
34#include "include/crypto.h"
35#include "include/policy_ns.h"
36#include "include/label.h"
37#include "include/policy.h"
38#include "include/policy_ns.h"
39#include "include/resource.h"
40#include "include/policy_unpack.h"
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78static int mangle_name(const char *name, char *target)
79{
80 char *t = target;
81
82 while (*name == '/' || *name == '.')
83 name++;
84
85 if (target) {
86 for (; *name; name++) {
87 if (*name == '/')
88 *(t)++ = '.';
89 else if (isspace(*name))
90 *(t)++ = '_';
91 else if (isalnum(*name) || strchr("._-", *name))
92 *(t)++ = *name;
93 }
94
95 *t = 0;
96 } else {
97 int len = 0;
98 for (; *name; name++) {
99 if (isalnum(*name) || isspace(*name) ||
100 strchr("/._-", *name))
101 len++;
102 }
103
104 return len;
105 }
106
107 return t - target;
108}
109
110
111
112
113
114
115#define AAFS_NAME "apparmorfs"
116static struct vfsmount *aafs_mnt;
117static int aafs_count;
118
119
120static int aafs_show_path(struct seq_file *seq, struct dentry *dentry)
121{
122 struct inode *inode = d_inode(dentry);
123
124 seq_printf(seq, "%s:[%lu]", AAFS_NAME, inode->i_ino);
125 return 0;
126}
127
128static void aafs_evict_inode(struct inode *inode)
129{
130 truncate_inode_pages_final(&inode->i_data);
131 clear_inode(inode);
132 if (S_ISLNK(inode->i_mode))
133 kfree(inode->i_link);
134}
135
136static const struct super_operations aafs_super_ops = {
137 .statfs = simple_statfs,
138 .evict_inode = aafs_evict_inode,
139 .show_path = aafs_show_path,
140};
141
142static int fill_super(struct super_block *sb, void *data, int silent)
143{
144 static struct tree_descr files[] = { {""} };
145 int error;
146
147 error = simple_fill_super(sb, AAFS_MAGIC, files);
148 if (error)
149 return error;
150 sb->s_op = &aafs_super_ops;
151
152 return 0;
153}
154
155static struct dentry *aafs_mount(struct file_system_type *fs_type,
156 int flags, const char *dev_name, void *data)
157{
158 return mount_single(fs_type, flags, data, fill_super);
159}
160
161static struct file_system_type aafs_ops = {
162 .owner = THIS_MODULE,
163 .name = AAFS_NAME,
164 .mount = aafs_mount,
165 .kill_sb = kill_anon_super,
166};
167
168
169
170
171
172
173
174
175
176
177
178static int __aafs_setup_d_inode(struct inode *dir, struct dentry *dentry,
179 umode_t mode, void *data, char *link,
180 const struct file_operations *fops,
181 const struct inode_operations *iops)
182{
183 struct inode *inode = new_inode(dir->i_sb);
184
185 AA_BUG(!dir);
186 AA_BUG(!dentry);
187
188 if (!inode)
189 return -ENOMEM;
190
191 inode->i_ino = get_next_ino();
192 inode->i_mode = mode;
193 inode->i_atime = inode->i_mtime = inode->i_ctime = current_time(inode);
194 inode->i_private = data;
195 if (S_ISDIR(mode)) {
196 inode->i_op = iops ? iops : &simple_dir_inode_operations;
197 inode->i_fop = &simple_dir_operations;
198 inc_nlink(inode);
199 inc_nlink(dir);
200 } else if (S_ISLNK(mode)) {
201 inode->i_op = iops ? iops : &simple_symlink_inode_operations;
202 inode->i_link = link;
203 } else {
204 inode->i_fop = fops;
205 }
206 d_instantiate(dentry, inode);
207 dget(dentry);
208
209 return 0;
210}
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228static struct dentry *aafs_create(const char *name, umode_t mode,
229 struct dentry *parent, void *data, void *link,
230 const struct file_operations *fops,
231 const struct inode_operations *iops)
232{
233 struct dentry *dentry;
234 struct inode *dir;
235 int error;
236
237 AA_BUG(!name);
238 AA_BUG(!parent);
239
240 if (!(mode & S_IFMT))
241 mode = (mode & S_IALLUGO) | S_IFREG;
242
243 error = simple_pin_fs(&aafs_ops, &aafs_mnt, &aafs_count);
244 if (error)
245 return ERR_PTR(error);
246
247 dir = d_inode(parent);
248
249 inode_lock(dir);
250 dentry = lookup_one_len(name, parent, strlen(name));
251 if (IS_ERR(dentry))
252 goto fail_lock;
253
254 if (d_really_is_positive(dentry)) {
255 error = -EEXIST;
256 goto fail_dentry;
257 }
258
259 error = __aafs_setup_d_inode(dir, dentry, mode, data, link, fops, iops);
260 if (error)
261 goto fail_dentry;
262 inode_unlock(dir);
263
264 return dentry;
265
266fail_dentry:
267 dput(dentry);
268
269fail_lock:
270 inode_unlock(dir);
271 simple_release_fs(&aafs_mnt, &aafs_count);
272
273 return ERR_PTR(error);
274}
275
276
277
278
279
280
281
282
283
284
285
286
287static struct dentry *aafs_create_file(const char *name, umode_t mode,
288 struct dentry *parent, void *data,
289 const struct file_operations *fops)
290{
291 return aafs_create(name, mode, parent, data, NULL, fops, NULL);
292}
293
294
295
296
297
298
299
300
301
302static struct dentry *aafs_create_dir(const char *name, struct dentry *parent)
303{
304 return aafs_create(name, S_IFDIR | 0755, parent, NULL, NULL, NULL,
305 NULL);
306}
307
308
309
310
311
312
313
314
315
316
317
318static struct dentry *aafs_create_symlink(const char *name,
319 struct dentry *parent,
320 const char *target,
321 const struct inode_operations *iops)
322{
323 struct dentry *dent;
324 char *link = NULL;
325
326 if (target) {
327 link = kstrdup(target, GFP_KERNEL);
328 if (!link)
329 return ERR_PTR(-ENOMEM);
330 }
331 dent = aafs_create(name, S_IFLNK | 0444, parent, NULL, link, NULL,
332 iops);
333 if (IS_ERR(dent))
334 kfree(link);
335
336 return dent;
337}
338
339
340
341
342
343
344static void aafs_remove(struct dentry *dentry)
345{
346 struct inode *dir;
347
348 if (!dentry || IS_ERR(dentry))
349 return;
350
351 dir = d_inode(dentry->d_parent);
352 inode_lock(dir);
353 if (simple_positive(dentry)) {
354 if (d_is_dir(dentry))
355 simple_rmdir(dir, dentry);
356 else
357 simple_unlink(dir, dentry);
358 dput(dentry);
359 }
360 inode_unlock(dir);
361 simple_release_fs(&aafs_mnt, &aafs_count);
362}
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379static struct aa_loaddata *aa_simple_write_to_buffer(const char __user *userbuf,
380 size_t alloc_size,
381 size_t copy_size,
382 loff_t *pos)
383{
384 struct aa_loaddata *data;
385
386 AA_BUG(copy_size > alloc_size);
387
388 if (*pos != 0)
389
390 return ERR_PTR(-ESPIPE);
391
392
393 data = aa_loaddata_alloc(alloc_size);
394 if (IS_ERR(data))
395 return data;
396
397 data->size = copy_size;
398 if (copy_from_user(data->data, userbuf, copy_size)) {
399 kvfree(data);
400 return ERR_PTR(-EFAULT);
401 }
402
403 return data;
404}
405
406static ssize_t policy_update(u32 mask, const char __user *buf, size_t size,
407 loff_t *pos, struct aa_ns *ns)
408{
409 struct aa_loaddata *data;
410 struct aa_label *label;
411 ssize_t error;
412
413 label = begin_current_label_crit_section();
414
415
416
417
418 error = aa_may_manage_policy(label, ns, mask);
419 if (error)
420 return error;
421
422 data = aa_simple_write_to_buffer(buf, size, size, pos);
423 error = PTR_ERR(data);
424 if (!IS_ERR(data)) {
425 error = aa_replace_profiles(ns, label, mask, data);
426 aa_put_loaddata(data);
427 }
428 end_current_label_crit_section(label);
429
430 return error;
431}
432
433
434static ssize_t profile_load(struct file *f, const char __user *buf, size_t size,
435 loff_t *pos)
436{
437 struct aa_ns *ns = aa_get_ns(f->f_inode->i_private);
438 int error = policy_update(AA_MAY_LOAD_POLICY, buf, size, pos, ns);
439
440 aa_put_ns(ns);
441
442 return error;
443}
444
445static const struct file_operations aa_fs_profile_load = {
446 .write = profile_load,
447 .llseek = default_llseek,
448};
449
450
451static ssize_t profile_replace(struct file *f, const char __user *buf,
452 size_t size, loff_t *pos)
453{
454 struct aa_ns *ns = aa_get_ns(f->f_inode->i_private);
455 int error = policy_update(AA_MAY_LOAD_POLICY | AA_MAY_REPLACE_POLICY,
456 buf, size, pos, ns);
457 aa_put_ns(ns);
458
459 return error;
460}
461
462static const struct file_operations aa_fs_profile_replace = {
463 .write = profile_replace,
464 .llseek = default_llseek,
465};
466
467
468static ssize_t profile_remove(struct file *f, const char __user *buf,
469 size_t size, loff_t *pos)
470{
471 struct aa_loaddata *data;
472 struct aa_label *label;
473 ssize_t error;
474 struct aa_ns *ns = aa_get_ns(f->f_inode->i_private);
475
476 label = begin_current_label_crit_section();
477
478
479
480 error = aa_may_manage_policy(label, ns, AA_MAY_REMOVE_POLICY);
481 if (error)
482 goto out;
483
484
485
486
487
488 data = aa_simple_write_to_buffer(buf, size + 1, size, pos);
489
490 error = PTR_ERR(data);
491 if (!IS_ERR(data)) {
492 data->data[size] = 0;
493 error = aa_remove_profiles(ns, label, data->data, size);
494 aa_put_loaddata(data);
495 }
496 out:
497 end_current_label_crit_section(label);
498 aa_put_ns(ns);
499 return error;
500}
501
502static const struct file_operations aa_fs_profile_remove = {
503 .write = profile_remove,
504 .llseek = default_llseek,
505};
506
507struct aa_revision {
508 struct aa_ns *ns;
509 long last_read;
510};
511
512
513static int ns_revision_release(struct inode *inode, struct file *file)
514{
515 struct aa_revision *rev = file->private_data;
516
517 if (rev) {
518 aa_put_ns(rev->ns);
519 kfree(rev);
520 }
521
522 return 0;
523}
524
525static ssize_t ns_revision_read(struct file *file, char __user *buf,
526 size_t size, loff_t *ppos)
527{
528 struct aa_revision *rev = file->private_data;
529 char buffer[32];
530 long last_read;
531 int avail;
532
533 mutex_lock(&rev->ns->lock);
534 last_read = rev->last_read;
535 if (last_read == rev->ns->revision) {
536 mutex_unlock(&rev->ns->lock);
537 if (file->f_flags & O_NONBLOCK)
538 return -EAGAIN;
539 if (wait_event_interruptible(rev->ns->wait,
540 last_read !=
541 READ_ONCE(rev->ns->revision)))
542 return -ERESTARTSYS;
543 mutex_lock(&rev->ns->lock);
544 }
545
546 avail = sprintf(buffer, "%ld\n", rev->ns->revision);
547 if (*ppos + size > avail) {
548 rev->last_read = rev->ns->revision;
549 *ppos = 0;
550 }
551 mutex_unlock(&rev->ns->lock);
552
553 return simple_read_from_buffer(buf, size, ppos, buffer, avail);
554}
555
556static int ns_revision_open(struct inode *inode, struct file *file)
557{
558 struct aa_revision *rev = kzalloc(sizeof(*rev), GFP_KERNEL);
559
560 if (!rev)
561 return -ENOMEM;
562
563 rev->ns = aa_get_ns(inode->i_private);
564 if (!rev->ns)
565 rev->ns = aa_get_current_ns();
566 file->private_data = rev;
567
568 return 0;
569}
570
571static unsigned int ns_revision_poll(struct file *file, poll_table *pt)
572{
573 struct aa_revision *rev = file->private_data;
574 unsigned int mask = 0;
575
576 if (rev) {
577 mutex_lock(&rev->ns->lock);
578 poll_wait(file, &rev->ns->wait, pt);
579 if (rev->last_read < rev->ns->revision)
580 mask |= POLLIN | POLLRDNORM;
581 mutex_unlock(&rev->ns->lock);
582 }
583
584 return mask;
585}
586
587void __aa_bump_ns_revision(struct aa_ns *ns)
588{
589 ns->revision++;
590 wake_up_interruptible(&ns->wait);
591}
592
593static const struct file_operations aa_fs_ns_revision_fops = {
594 .owner = THIS_MODULE,
595 .open = ns_revision_open,
596 .poll = ns_revision_poll,
597 .read = ns_revision_read,
598 .llseek = generic_file_llseek,
599 .release = ns_revision_release,
600};
601
602static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms,
603 const char *match_str, size_t match_len)
604{
605 struct aa_perms tmp;
606 struct aa_dfa *dfa;
607 unsigned int state = 0;
608
609 if (profile_unconfined(profile))
610 return;
611 if (profile->file.dfa && *match_str == AA_CLASS_FILE) {
612 dfa = profile->file.dfa;
613 state = aa_dfa_match_len(dfa, profile->file.start,
614 match_str + 1, match_len - 1);
615 tmp = nullperms;
616 if (state) {
617 struct path_cond cond = { };
618
619 tmp = aa_compute_fperms(dfa, state, &cond);
620 }
621 } else if (profile->policy.dfa) {
622 if (!PROFILE_MEDIATES_SAFE(profile, *match_str))
623 return;
624 dfa = profile->policy.dfa;
625 state = aa_dfa_match_len(dfa, profile->policy.start[0],
626 match_str, match_len);
627 if (state)
628 aa_compute_perms(dfa, state, &tmp);
629 else
630 tmp = nullperms;
631 }
632 aa_apply_modes_to_perms(profile, &tmp);
633 aa_perms_accum_raw(perms, &tmp);
634}
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655static ssize_t query_data(char *buf, size_t buf_len,
656 char *query, size_t query_len)
657{
658 char *out;
659 const char *key;
660 struct label_it i;
661 struct aa_label *label, *curr;
662 struct aa_profile *profile;
663 struct aa_data *data;
664 u32 bytes, blocks;
665 __le32 outle32;
666
667 if (!query_len)
668 return -EINVAL;
669
670 key = query + strnlen(query, query_len) + 1;
671 if (key + 1 >= query + query_len)
672 return -EINVAL;
673 if (key + strnlen(key, query + query_len - key) >= query + query_len)
674 return -EINVAL;
675
676 if (buf_len < sizeof(bytes) + sizeof(blocks))
677 return -EINVAL;
678
679 curr = begin_current_label_crit_section();
680 label = aa_label_parse(curr, query, GFP_KERNEL, false, false);
681 end_current_label_crit_section(curr);
682 if (IS_ERR(label))
683 return PTR_ERR(label);
684
685
686
687
688
689
690
691
692
693 memset(buf, 0, sizeof(bytes) + sizeof(blocks));
694 out = buf + sizeof(bytes) + sizeof(blocks);
695
696 blocks = 0;
697 label_for_each_confined(i, label, profile) {
698 if (!profile->data)
699 continue;
700
701 data = rhashtable_lookup_fast(profile->data, &key,
702 profile->data->p);
703
704 if (data) {
705 if (out + sizeof(outle32) + data->size > buf +
706 buf_len) {
707 aa_put_label(label);
708 return -EINVAL;
709 }
710 outle32 = __cpu_to_le32(data->size);
711 memcpy(out, &outle32, sizeof(outle32));
712 out += sizeof(outle32);
713 memcpy(out, data->data, data->size);
714 out += data->size;
715 blocks++;
716 }
717 }
718 aa_put_label(label);
719
720 outle32 = __cpu_to_le32(out - buf - sizeof(bytes));
721 memcpy(buf, &outle32, sizeof(outle32));
722 outle32 = __cpu_to_le32(blocks);
723 memcpy(buf + sizeof(bytes), &outle32, sizeof(outle32));
724
725 return out - buf;
726}
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748static ssize_t query_label(char *buf, size_t buf_len,
749 char *query, size_t query_len, bool view_only)
750{
751 struct aa_profile *profile;
752 struct aa_label *label, *curr;
753 char *label_name, *match_str;
754 size_t label_name_len, match_len;
755 struct aa_perms perms;
756 struct label_it i;
757
758 if (!query_len)
759 return -EINVAL;
760
761 label_name = query;
762 label_name_len = strnlen(query, query_len);
763 if (!label_name_len || label_name_len == query_len)
764 return -EINVAL;
765
766
767
768
769
770
771
772 match_str = label_name + label_name_len + 1;
773 match_len = query_len - label_name_len - 1;
774
775 curr = begin_current_label_crit_section();
776 label = aa_label_parse(curr, label_name, GFP_KERNEL, false, false);
777 end_current_label_crit_section(curr);
778 if (IS_ERR(label))
779 return PTR_ERR(label);
780
781 perms = allperms;
782 if (view_only) {
783 label_for_each_in_ns(i, labels_ns(label), label, profile) {
784 profile_query_cb(profile, &perms, match_str, match_len);
785 }
786 } else {
787 label_for_each(i, label, profile) {
788 profile_query_cb(profile, &perms, match_str, match_len);
789 }
790 }
791 aa_put_label(label);
792
793 return scnprintf(buf, buf_len,
794 "allow 0x%08x\ndeny 0x%08x\naudit 0x%08x\nquiet 0x%08x\n",
795 perms.allow, perms.deny, perms.audit, perms.quiet);
796}
797
798
799
800
801
802
803
804
805struct multi_transaction {
806 struct kref count;
807 ssize_t size;
808 char data[0];
809};
810
811#define MULTI_TRANSACTION_LIMIT (PAGE_SIZE - sizeof(struct multi_transaction))
812
813static DEFINE_SPINLOCK(multi_transaction_lock);
814
815static void multi_transaction_kref(struct kref *kref)
816{
817 struct multi_transaction *t;
818
819 t = container_of(kref, struct multi_transaction, count);
820 free_page((unsigned long) t);
821}
822
823static struct multi_transaction *
824get_multi_transaction(struct multi_transaction *t)
825{
826 if (t)
827 kref_get(&(t->count));
828
829 return t;
830}
831
832static void put_multi_transaction(struct multi_transaction *t)
833{
834 if (t)
835 kref_put(&(t->count), multi_transaction_kref);
836}
837
838
839static void multi_transaction_set(struct file *file,
840 struct multi_transaction *new, size_t n)
841{
842 struct multi_transaction *old;
843
844 AA_BUG(n > MULTI_TRANSACTION_LIMIT);
845
846 new->size = n;
847 spin_lock(&multi_transaction_lock);
848 old = (struct multi_transaction *) file->private_data;
849 file->private_data = new;
850 spin_unlock(&multi_transaction_lock);
851 put_multi_transaction(old);
852}
853
854static struct multi_transaction *multi_transaction_new(struct file *file,
855 const char __user *buf,
856 size_t size)
857{
858 struct multi_transaction *t;
859
860 if (size > MULTI_TRANSACTION_LIMIT - 1)
861 return ERR_PTR(-EFBIG);
862
863 t = (struct multi_transaction *)get_zeroed_page(GFP_KERNEL);
864 if (!t)
865 return ERR_PTR(-ENOMEM);
866 kref_init(&t->count);
867 if (copy_from_user(t->data, buf, size))
868 return ERR_PTR(-EFAULT);
869
870 return t;
871}
872
873static ssize_t multi_transaction_read(struct file *file, char __user *buf,
874 size_t size, loff_t *pos)
875{
876 struct multi_transaction *t;
877 ssize_t ret;
878
879 spin_lock(&multi_transaction_lock);
880 t = get_multi_transaction(file->private_data);
881 spin_unlock(&multi_transaction_lock);
882 if (!t)
883 return 0;
884
885 ret = simple_read_from_buffer(buf, size, pos, t->data, t->size);
886 put_multi_transaction(t);
887
888 return ret;
889}
890
891static int multi_transaction_release(struct inode *inode, struct file *file)
892{
893 put_multi_transaction(file->private_data);
894
895 return 0;
896}
897
898#define QUERY_CMD_LABEL "label\0"
899#define QUERY_CMD_LABEL_LEN 6
900#define QUERY_CMD_PROFILE "profile\0"
901#define QUERY_CMD_PROFILE_LEN 8
902#define QUERY_CMD_LABELALL "labelall\0"
903#define QUERY_CMD_LABELALL_LEN 9
904#define QUERY_CMD_DATA "data\0"
905#define QUERY_CMD_DATA_LEN 5
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928static ssize_t aa_write_access(struct file *file, const char __user *ubuf,
929 size_t count, loff_t *ppos)
930{
931 struct multi_transaction *t;
932 ssize_t len;
933
934 if (*ppos)
935 return -ESPIPE;
936
937 t = multi_transaction_new(file, ubuf, count);
938 if (IS_ERR(t))
939 return PTR_ERR(t);
940
941 if (count > QUERY_CMD_PROFILE_LEN &&
942 !memcmp(t->data, QUERY_CMD_PROFILE, QUERY_CMD_PROFILE_LEN)) {
943 len = query_label(t->data, MULTI_TRANSACTION_LIMIT,
944 t->data + QUERY_CMD_PROFILE_LEN,
945 count - QUERY_CMD_PROFILE_LEN, true);
946 } else if (count > QUERY_CMD_LABEL_LEN &&
947 !memcmp(t->data, QUERY_CMD_LABEL, QUERY_CMD_LABEL_LEN)) {
948 len = query_label(t->data, MULTI_TRANSACTION_LIMIT,
949 t->data + QUERY_CMD_LABEL_LEN,
950 count - QUERY_CMD_LABEL_LEN, true);
951 } else if (count > QUERY_CMD_LABELALL_LEN &&
952 !memcmp(t->data, QUERY_CMD_LABELALL,
953 QUERY_CMD_LABELALL_LEN)) {
954 len = query_label(t->data, MULTI_TRANSACTION_LIMIT,
955 t->data + QUERY_CMD_LABELALL_LEN,
956 count - QUERY_CMD_LABELALL_LEN, false);
957 } else if (count > QUERY_CMD_DATA_LEN &&
958 !memcmp(t->data, QUERY_CMD_DATA, QUERY_CMD_DATA_LEN)) {
959 len = query_data(t->data, MULTI_TRANSACTION_LIMIT,
960 t->data + QUERY_CMD_DATA_LEN,
961 count - QUERY_CMD_DATA_LEN);
962 } else
963 len = -EINVAL;
964
965 if (len < 0) {
966 put_multi_transaction(t);
967 return len;
968 }
969
970 multi_transaction_set(file, t, len);
971
972 return count;
973}
974
975static const struct file_operations aa_sfs_access = {
976 .write = aa_write_access,
977 .read = multi_transaction_read,
978 .release = multi_transaction_release,
979 .llseek = generic_file_llseek,
980};
981
982static int aa_sfs_seq_show(struct seq_file *seq, void *v)
983{
984 struct aa_sfs_entry *fs_file = seq->private;
985
986 if (!fs_file)
987 return 0;
988
989 switch (fs_file->v_type) {
990 case AA_SFS_TYPE_BOOLEAN:
991 seq_printf(seq, "%s\n", fs_file->v.boolean ? "yes" : "no");
992 break;
993 case AA_SFS_TYPE_STRING:
994 seq_printf(seq, "%s\n", fs_file->v.string);
995 break;
996 case AA_SFS_TYPE_U64:
997 seq_printf(seq, "%#08lx\n", fs_file->v.u64);
998 break;
999 default:
1000
1001 break;
1002 }
1003
1004 return 0;
1005}
1006
1007static int aa_sfs_seq_open(struct inode *inode, struct file *file)
1008{
1009 return single_open(file, aa_sfs_seq_show, inode->i_private);
1010}
1011
1012const struct file_operations aa_sfs_seq_file_ops = {
1013 .owner = THIS_MODULE,
1014 .open = aa_sfs_seq_open,
1015 .read = seq_read,
1016 .llseek = seq_lseek,
1017 .release = single_release,
1018};
1019
1020
1021
1022
1023
1024
1025#define SEQ_PROFILE_FOPS(NAME) \
1026static int seq_profile_ ##NAME ##_open(struct inode *inode, struct file *file)\
1027{ \
1028 return seq_profile_open(inode, file, seq_profile_ ##NAME ##_show); \
1029} \
1030 \
1031static const struct file_operations seq_profile_ ##NAME ##_fops = { \
1032 .owner = THIS_MODULE, \
1033 .open = seq_profile_ ##NAME ##_open, \
1034 .read = seq_read, \
1035 .llseek = seq_lseek, \
1036 .release = seq_profile_release, \
1037} \
1038
1039static int seq_profile_open(struct inode *inode, struct file *file,
1040 int (*show)(struct seq_file *, void *))
1041{
1042 struct aa_proxy *proxy = aa_get_proxy(inode->i_private);
1043 int error = single_open(file, show, proxy);
1044
1045 if (error) {
1046 file->private_data = NULL;
1047 aa_put_proxy(proxy);
1048 }
1049
1050 return error;
1051}
1052
1053static int seq_profile_release(struct inode *inode, struct file *file)
1054{
1055 struct seq_file *seq = (struct seq_file *) file->private_data;
1056 if (seq)
1057 aa_put_proxy(seq->private);
1058 return single_release(inode, file);
1059}
1060
1061static int seq_profile_name_show(struct seq_file *seq, void *v)
1062{
1063 struct aa_proxy *proxy = seq->private;
1064 struct aa_label *label = aa_get_label_rcu(&proxy->label);
1065 struct aa_profile *profile = labels_profile(label);
1066 seq_printf(seq, "%s\n", profile->base.name);
1067 aa_put_label(label);
1068
1069 return 0;
1070}
1071
1072static int seq_profile_mode_show(struct seq_file *seq, void *v)
1073{
1074 struct aa_proxy *proxy = seq->private;
1075 struct aa_label *label = aa_get_label_rcu(&proxy->label);
1076 struct aa_profile *profile = labels_profile(label);
1077 seq_printf(seq, "%s\n", aa_profile_mode_names[profile->mode]);
1078 aa_put_label(label);
1079
1080 return 0;
1081}
1082
1083static int seq_profile_attach_show(struct seq_file *seq, void *v)
1084{
1085 struct aa_proxy *proxy = seq->private;
1086 struct aa_label *label = aa_get_label_rcu(&proxy->label);
1087 struct aa_profile *profile = labels_profile(label);
1088 if (profile->attach)
1089 seq_printf(seq, "%s\n", profile->attach);
1090 else if (profile->xmatch)
1091 seq_puts(seq, "<unknown>\n");
1092 else
1093 seq_printf(seq, "%s\n", profile->base.name);
1094 aa_put_label(label);
1095
1096 return 0;
1097}
1098
1099static int seq_profile_hash_show(struct seq_file *seq, void *v)
1100{
1101 struct aa_proxy *proxy = seq->private;
1102 struct aa_label *label = aa_get_label_rcu(&proxy->label);
1103 struct aa_profile *profile = labels_profile(label);
1104 unsigned int i, size = aa_hash_size();
1105
1106 if (profile->hash) {
1107 for (i = 0; i < size; i++)
1108 seq_printf(seq, "%.2x", profile->hash[i]);
1109 seq_putc(seq, '\n');
1110 }
1111 aa_put_label(label);
1112
1113 return 0;
1114}
1115
1116SEQ_PROFILE_FOPS(name);
1117SEQ_PROFILE_FOPS(mode);
1118SEQ_PROFILE_FOPS(attach);
1119SEQ_PROFILE_FOPS(hash);
1120
1121
1122
1123
1124
1125
1126
1127#define SEQ_NS_FOPS(NAME) \
1128static int seq_ns_ ##NAME ##_open(struct inode *inode, struct file *file) \
1129{ \
1130 return single_open(file, seq_ns_ ##NAME ##_show, inode->i_private); \
1131} \
1132 \
1133static const struct file_operations seq_ns_ ##NAME ##_fops = { \
1134 .owner = THIS_MODULE, \
1135 .open = seq_ns_ ##NAME ##_open, \
1136 .read = seq_read, \
1137 .llseek = seq_lseek, \
1138 .release = single_release, \
1139} \
1140
1141static int seq_ns_stacked_show(struct seq_file *seq, void *v)
1142{
1143 struct aa_label *label;
1144
1145 label = begin_current_label_crit_section();
1146 seq_printf(seq, "%s\n", label->size > 1 ? "yes" : "no");
1147 end_current_label_crit_section(label);
1148
1149 return 0;
1150}
1151
1152static int seq_ns_nsstacked_show(struct seq_file *seq, void *v)
1153{
1154 struct aa_label *label;
1155 struct aa_profile *profile;
1156 struct label_it it;
1157 int count = 1;
1158
1159 label = begin_current_label_crit_section();
1160
1161 if (label->size > 1) {
1162 label_for_each(it, label, profile)
1163 if (profile->ns != labels_ns(label)) {
1164 count++;
1165 break;
1166 }
1167 }
1168
1169 seq_printf(seq, "%s\n", count > 1 ? "yes" : "no");
1170 end_current_label_crit_section(label);
1171
1172 return 0;
1173}
1174
1175static int seq_ns_level_show(struct seq_file *seq, void *v)
1176{
1177 struct aa_label *label;
1178
1179 label = begin_current_label_crit_section();
1180 seq_printf(seq, "%d\n", labels_ns(label)->level);
1181 end_current_label_crit_section(label);
1182
1183 return 0;
1184}
1185
1186static int seq_ns_name_show(struct seq_file *seq, void *v)
1187{
1188 struct aa_label *label = begin_current_label_crit_section();
1189
1190 seq_printf(seq, "%s\n", aa_ns_name(labels_ns(label),
1191 labels_ns(label), true));
1192 end_current_label_crit_section(label);
1193
1194 return 0;
1195}
1196
1197SEQ_NS_FOPS(stacked);
1198SEQ_NS_FOPS(nsstacked);
1199SEQ_NS_FOPS(level);
1200SEQ_NS_FOPS(name);
1201
1202
1203
1204
1205#define SEQ_RAWDATA_FOPS(NAME) \
1206static int seq_rawdata_ ##NAME ##_open(struct inode *inode, struct file *file)\
1207{ \
1208 return seq_rawdata_open(inode, file, seq_rawdata_ ##NAME ##_show); \
1209} \
1210 \
1211static const struct file_operations seq_rawdata_ ##NAME ##_fops = { \
1212 .owner = THIS_MODULE, \
1213 .open = seq_rawdata_ ##NAME ##_open, \
1214 .read = seq_read, \
1215 .llseek = seq_lseek, \
1216 .release = seq_rawdata_release, \
1217} \
1218
1219static int seq_rawdata_open(struct inode *inode, struct file *file,
1220 int (*show)(struct seq_file *, void *))
1221{
1222 struct aa_loaddata *data = __aa_get_loaddata(inode->i_private);
1223 int error;
1224
1225 if (!data)
1226
1227 return -ENOENT;
1228
1229 error = single_open(file, show, data);
1230 if (error) {
1231 AA_BUG(file->private_data &&
1232 ((struct seq_file *)file->private_data)->private);
1233 aa_put_loaddata(data);
1234 }
1235
1236 return error;
1237}
1238
1239static int seq_rawdata_release(struct inode *inode, struct file *file)
1240{
1241 struct seq_file *seq = (struct seq_file *) file->private_data;
1242
1243 if (seq)
1244 aa_put_loaddata(seq->private);
1245
1246 return single_release(inode, file);
1247}
1248
1249static int seq_rawdata_abi_show(struct seq_file *seq, void *v)
1250{
1251 struct aa_loaddata *data = seq->private;
1252
1253 seq_printf(seq, "v%d\n", data->abi);
1254
1255 return 0;
1256}
1257
1258static int seq_rawdata_revision_show(struct seq_file *seq, void *v)
1259{
1260 struct aa_loaddata *data = seq->private;
1261
1262 seq_printf(seq, "%ld\n", data->revision);
1263
1264 return 0;
1265}
1266
1267static int seq_rawdata_hash_show(struct seq_file *seq, void *v)
1268{
1269 struct aa_loaddata *data = seq->private;
1270 unsigned int i, size = aa_hash_size();
1271
1272 if (data->hash) {
1273 for (i = 0; i < size; i++)
1274 seq_printf(seq, "%.2x", data->hash[i]);
1275 seq_putc(seq, '\n');
1276 }
1277
1278 return 0;
1279}
1280
1281SEQ_RAWDATA_FOPS(abi);
1282SEQ_RAWDATA_FOPS(revision);
1283SEQ_RAWDATA_FOPS(hash);
1284
1285static ssize_t rawdata_read(struct file *file, char __user *buf, size_t size,
1286 loff_t *ppos)
1287{
1288 struct aa_loaddata *rawdata = file->private_data;
1289
1290 return simple_read_from_buffer(buf, size, ppos, rawdata->data,
1291 rawdata->size);
1292}
1293
1294static int rawdata_release(struct inode *inode, struct file *file)
1295{
1296 aa_put_loaddata(file->private_data);
1297
1298 return 0;
1299}
1300
1301static int rawdata_open(struct inode *inode, struct file *file)
1302{
1303 if (!policy_view_capable(NULL))
1304 return -EACCES;
1305 file->private_data = __aa_get_loaddata(inode->i_private);
1306 if (!file->private_data)
1307
1308 return -ENOENT;
1309
1310 return 0;
1311}
1312
1313static const struct file_operations rawdata_fops = {
1314 .open = rawdata_open,
1315 .read = rawdata_read,
1316 .llseek = generic_file_llseek,
1317 .release = rawdata_release,
1318};
1319
1320static void remove_rawdata_dents(struct aa_loaddata *rawdata)
1321{
1322 int i;
1323
1324 for (i = 0; i < AAFS_LOADDATA_NDENTS; i++) {
1325 if (!IS_ERR_OR_NULL(rawdata->dents[i])) {
1326
1327 aafs_remove(rawdata->dents[i]);
1328 rawdata->dents[i] = NULL;
1329 }
1330 }
1331}
1332
1333void __aa_fs_remove_rawdata(struct aa_loaddata *rawdata)
1334{
1335 AA_BUG(rawdata->ns && !mutex_is_locked(&rawdata->ns->lock));
1336
1337 if (rawdata->ns) {
1338 remove_rawdata_dents(rawdata);
1339 list_del_init(&rawdata->list);
1340 aa_put_ns(rawdata->ns);
1341 rawdata->ns = NULL;
1342 }
1343}
1344
1345int __aa_fs_create_rawdata(struct aa_ns *ns, struct aa_loaddata *rawdata)
1346{
1347 struct dentry *dent, *dir;
1348
1349 AA_BUG(!ns);
1350 AA_BUG(!rawdata);
1351 AA_BUG(!mutex_is_locked(&ns->lock));
1352 AA_BUG(!ns_subdata_dir(ns));
1353
1354
1355
1356
1357
1358
1359 rawdata->name = kasprintf(GFP_KERNEL, "%ld", ns->revision);
1360 if (!rawdata->name)
1361 return -ENOMEM;
1362
1363 dir = aafs_create_dir(rawdata->name, ns_subdata_dir(ns));
1364 if (IS_ERR(dir))
1365
1366 return PTR_ERR(dir);
1367 rawdata->dents[AAFS_LOADDATA_DIR] = dir;
1368
1369 dent = aafs_create_file("abi", S_IFREG | 0444, dir, rawdata,
1370 &seq_rawdata_abi_fops);
1371 if (IS_ERR(dent))
1372 goto fail;
1373 rawdata->dents[AAFS_LOADDATA_ABI] = dent;
1374
1375 dent = aafs_create_file("revision", S_IFREG | 0444, dir, rawdata,
1376 &seq_rawdata_revision_fops);
1377 if (IS_ERR(dent))
1378 goto fail;
1379 rawdata->dents[AAFS_LOADDATA_REVISION] = dent;
1380
1381 if (aa_g_hash_policy) {
1382 dent = aafs_create_file("sha1", S_IFREG | 0444, dir,
1383 rawdata, &seq_rawdata_hash_fops);
1384 if (IS_ERR(dent))
1385 goto fail;
1386 rawdata->dents[AAFS_LOADDATA_HASH] = dent;
1387 }
1388
1389 dent = aafs_create_file("raw_data", S_IFREG | 0444,
1390 dir, rawdata, &rawdata_fops);
1391 if (IS_ERR(dent))
1392 goto fail;
1393 rawdata->dents[AAFS_LOADDATA_DATA] = dent;
1394 d_inode(dent)->i_size = rawdata->size;
1395
1396 rawdata->ns = aa_get_ns(ns);
1397 list_add(&rawdata->list, &ns->rawdata_list);
1398
1399
1400 return 0;
1401
1402fail:
1403 remove_rawdata_dents(rawdata);
1404
1405 return PTR_ERR(dent);
1406}
1407
1408
1409
1410
1411
1412
1413
1414void __aafs_profile_rmdir(struct aa_profile *profile)
1415{
1416 struct aa_profile *child;
1417 int i;
1418
1419 if (!profile)
1420 return;
1421
1422 list_for_each_entry(child, &profile->base.profiles, base.list)
1423 __aafs_profile_rmdir(child);
1424
1425 for (i = AAFS_PROF_SIZEOF - 1; i >= 0; --i) {
1426 struct aa_proxy *proxy;
1427 if (!profile->dents[i])
1428 continue;
1429
1430 proxy = d_inode(profile->dents[i])->i_private;
1431 aafs_remove(profile->dents[i]);
1432 aa_put_proxy(proxy);
1433 profile->dents[i] = NULL;
1434 }
1435}
1436
1437
1438
1439
1440
1441void __aafs_profile_migrate_dents(struct aa_profile *old,
1442 struct aa_profile *new)
1443{
1444 int i;
1445
1446 for (i = 0; i < AAFS_PROF_SIZEOF; i++) {
1447 new->dents[i] = old->dents[i];
1448 if (new->dents[i])
1449 new->dents[i]->d_inode->i_mtime = current_time(new->dents[i]->d_inode);
1450 old->dents[i] = NULL;
1451 }
1452}
1453
1454static struct dentry *create_profile_file(struct dentry *dir, const char *name,
1455 struct aa_profile *profile,
1456 const struct file_operations *fops)
1457{
1458 struct aa_proxy *proxy = aa_get_proxy(profile->label.proxy);
1459 struct dentry *dent;
1460
1461 dent = aafs_create_file(name, S_IFREG | 0444, dir, proxy, fops);
1462 if (IS_ERR(dent))
1463 aa_put_proxy(proxy);
1464
1465 return dent;
1466}
1467
1468static int profile_depth(struct aa_profile *profile)
1469{
1470 int depth = 0;
1471
1472 rcu_read_lock();
1473 for (depth = 0; profile; profile = rcu_access_pointer(profile->parent))
1474 depth++;
1475 rcu_read_unlock();
1476
1477 return depth;
1478}
1479
1480static int gen_symlink_name(char *buffer, size_t bsize, int depth,
1481 const char *dirname, const char *fname)
1482{
1483 int error;
1484
1485 for (; depth > 0; depth--) {
1486 if (bsize < 7)
1487 return -ENAMETOOLONG;
1488 strcpy(buffer, "../../");
1489 buffer += 6;
1490 bsize -= 6;
1491 }
1492
1493 error = snprintf(buffer, bsize, "raw_data/%s/%s", dirname, fname);
1494 if (error >= bsize || error < 0)
1495 return -ENAMETOOLONG;
1496
1497 return 0;
1498}
1499
1500
1501
1502
1503int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
1504{
1505 struct aa_profile *child;
1506 struct dentry *dent = NULL, *dir;
1507 int error;
1508
1509 if (!parent) {
1510 struct aa_profile *p;
1511 p = aa_deref_parent(profile);
1512 dent = prof_dir(p);
1513
1514 dent = aafs_create_dir("profiles", dent);
1515 if (IS_ERR(dent))
1516 goto fail;
1517 prof_child_dir(p) = parent = dent;
1518 }
1519
1520 if (!profile->dirname) {
1521 int len, id_len;
1522 len = mangle_name(profile->base.name, NULL);
1523 id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
1524
1525 profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
1526 if (!profile->dirname) {
1527 error = -ENOMEM;
1528 goto fail2;
1529 }
1530
1531 mangle_name(profile->base.name, profile->dirname);
1532 sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);
1533 }
1534
1535 dent = aafs_create_dir(profile->dirname, parent);
1536 if (IS_ERR(dent))
1537 goto fail;
1538 prof_dir(profile) = dir = dent;
1539
1540 dent = create_profile_file(dir, "name", profile,
1541 &seq_profile_name_fops);
1542 if (IS_ERR(dent))
1543 goto fail;
1544 profile->dents[AAFS_PROF_NAME] = dent;
1545
1546 dent = create_profile_file(dir, "mode", profile,
1547 &seq_profile_mode_fops);
1548 if (IS_ERR(dent))
1549 goto fail;
1550 profile->dents[AAFS_PROF_MODE] = dent;
1551
1552 dent = create_profile_file(dir, "attach", profile,
1553 &seq_profile_attach_fops);
1554 if (IS_ERR(dent))
1555 goto fail;
1556 profile->dents[AAFS_PROF_ATTACH] = dent;
1557
1558 if (profile->hash) {
1559 dent = create_profile_file(dir, "sha1", profile,
1560 &seq_profile_hash_fops);
1561 if (IS_ERR(dent))
1562 goto fail;
1563 profile->dents[AAFS_PROF_HASH] = dent;
1564 }
1565
1566 if (profile->rawdata) {
1567 char target[64];
1568 int depth = profile_depth(profile);
1569
1570 error = gen_symlink_name(target, sizeof(target), depth,
1571 profile->rawdata->name, "sha1");
1572 if (error < 0)
1573 goto fail2;
1574 dent = aafs_create_symlink("raw_sha1", dir, target, NULL);
1575 if (IS_ERR(dent))
1576 goto fail;
1577 profile->dents[AAFS_PROF_RAW_HASH] = dent;
1578
1579 error = gen_symlink_name(target, sizeof(target), depth,
1580 profile->rawdata->name, "abi");
1581 if (error < 0)
1582 goto fail2;
1583 dent = aafs_create_symlink("raw_abi", dir, target, NULL);
1584 if (IS_ERR(dent))
1585 goto fail;
1586 profile->dents[AAFS_PROF_RAW_ABI] = dent;
1587
1588 error = gen_symlink_name(target, sizeof(target), depth,
1589 profile->rawdata->name, "raw_data");
1590 if (error < 0)
1591 goto fail2;
1592 dent = aafs_create_symlink("raw_data", dir, target, NULL);
1593 if (IS_ERR(dent))
1594 goto fail;
1595 profile->dents[AAFS_PROF_RAW_DATA] = dent;
1596 }
1597
1598 list_for_each_entry(child, &profile->base.profiles, base.list) {
1599 error = __aafs_profile_mkdir(child, prof_child_dir(profile));
1600 if (error)
1601 goto fail2;
1602 }
1603
1604 return 0;
1605
1606fail:
1607 error = PTR_ERR(dent);
1608
1609fail2:
1610 __aafs_profile_rmdir(profile);
1611
1612 return error;
1613}
1614
1615static int ns_mkdir_op(struct inode *dir, struct dentry *dentry, umode_t mode)
1616{
1617 struct aa_ns *ns, *parent;
1618
1619 struct aa_label *label;
1620 int error;
1621
1622 label = begin_current_label_crit_section();
1623 error = aa_may_manage_policy(label, NULL, AA_MAY_LOAD_POLICY);
1624 end_current_label_crit_section(label);
1625 if (error)
1626 return error;
1627
1628 parent = aa_get_ns(dir->i_private);
1629 AA_BUG(d_inode(ns_subns_dir(parent)) != dir);
1630
1631
1632
1633
1634 inode_unlock(dir);
1635 error = simple_pin_fs(&aafs_ops, &aafs_mnt, &aafs_count);
1636 mutex_lock(&parent->lock);
1637 inode_lock_nested(dir, I_MUTEX_PARENT);
1638 if (error)
1639 goto out;
1640
1641 error = __aafs_setup_d_inode(dir, dentry, mode | S_IFDIR, NULL,
1642 NULL, NULL, NULL);
1643 if (error)
1644 goto out_pin;
1645
1646 ns = __aa_find_or_create_ns(parent, READ_ONCE(dentry->d_name.name),
1647 dentry);
1648 if (IS_ERR(ns)) {
1649 error = PTR_ERR(ns);
1650 ns = NULL;
1651 }
1652
1653 aa_put_ns(ns);
1654out_pin:
1655 if (error)
1656 simple_release_fs(&aafs_mnt, &aafs_count);
1657out:
1658 mutex_unlock(&parent->lock);
1659 aa_put_ns(parent);
1660
1661 return error;
1662}
1663
1664static int ns_rmdir_op(struct inode *dir, struct dentry *dentry)
1665{
1666 struct aa_ns *ns, *parent;
1667
1668 struct aa_label *label;
1669 int error;
1670
1671 label = begin_current_label_crit_section();
1672 error = aa_may_manage_policy(label, NULL, AA_MAY_LOAD_POLICY);
1673 end_current_label_crit_section(label);
1674 if (error)
1675 return error;
1676
1677 parent = aa_get_ns(dir->i_private);
1678
1679
1680
1681
1682 inode_unlock(dir);
1683 inode_unlock(dentry->d_inode);
1684
1685 mutex_lock(&parent->lock);
1686 ns = aa_get_ns(__aa_findn_ns(&parent->sub_ns, dentry->d_name.name,
1687 dentry->d_name.len));
1688 if (!ns) {
1689 error = -ENOENT;
1690 goto out;
1691 }
1692 AA_BUG(ns_dir(ns) != dentry);
1693
1694 __aa_remove_ns(ns);
1695 aa_put_ns(ns);
1696
1697out:
1698 mutex_unlock(&parent->lock);
1699 inode_lock_nested(dir, I_MUTEX_PARENT);
1700 inode_lock(dentry->d_inode);
1701 aa_put_ns(parent);
1702
1703 return error;
1704}
1705
1706static const struct inode_operations ns_dir_inode_operations = {
1707 .lookup = simple_lookup,
1708 .mkdir = ns_mkdir_op,
1709 .rmdir = ns_rmdir_op,
1710};
1711
1712static void __aa_fs_list_remove_rawdata(struct aa_ns *ns)
1713{
1714 struct aa_loaddata *ent, *tmp;
1715
1716 AA_BUG(!mutex_is_locked(&ns->lock));
1717
1718 list_for_each_entry_safe(ent, tmp, &ns->rawdata_list, list)
1719 __aa_fs_remove_rawdata(ent);
1720}
1721
1722
1723
1724
1725
1726void __aafs_ns_rmdir(struct aa_ns *ns)
1727{
1728 struct aa_ns *sub;
1729 struct aa_profile *child;
1730 int i;
1731
1732 if (!ns)
1733 return;
1734
1735 list_for_each_entry(child, &ns->base.profiles, base.list)
1736 __aafs_profile_rmdir(child);
1737
1738 list_for_each_entry(sub, &ns->sub_ns, base.list) {
1739 mutex_lock(&sub->lock);
1740 __aafs_ns_rmdir(sub);
1741 mutex_unlock(&sub->lock);
1742 }
1743
1744 __aa_fs_list_remove_rawdata(ns);
1745
1746 if (ns_subns_dir(ns)) {
1747 sub = d_inode(ns_subns_dir(ns))->i_private;
1748 aa_put_ns(sub);
1749 }
1750 if (ns_subload(ns)) {
1751 sub = d_inode(ns_subload(ns))->i_private;
1752 aa_put_ns(sub);
1753 }
1754 if (ns_subreplace(ns)) {
1755 sub = d_inode(ns_subreplace(ns))->i_private;
1756 aa_put_ns(sub);
1757 }
1758 if (ns_subremove(ns)) {
1759 sub = d_inode(ns_subremove(ns))->i_private;
1760 aa_put_ns(sub);
1761 }
1762 if (ns_subrevision(ns)) {
1763 sub = d_inode(ns_subrevision(ns))->i_private;
1764 aa_put_ns(sub);
1765 }
1766
1767 for (i = AAFS_NS_SIZEOF - 1; i >= 0; --i) {
1768 aafs_remove(ns->dents[i]);
1769 ns->dents[i] = NULL;
1770 }
1771}
1772
1773
1774static int __aafs_ns_mkdir_entries(struct aa_ns *ns, struct dentry *dir)
1775{
1776 struct dentry *dent;
1777
1778 AA_BUG(!ns);
1779 AA_BUG(!dir);
1780
1781 dent = aafs_create_dir("profiles", dir);
1782 if (IS_ERR(dent))
1783 return PTR_ERR(dent);
1784 ns_subprofs_dir(ns) = dent;
1785
1786 dent = aafs_create_dir("raw_data", dir);
1787 if (IS_ERR(dent))
1788 return PTR_ERR(dent);
1789 ns_subdata_dir(ns) = dent;
1790
1791 dent = aafs_create_file("revision", 0444, dir, ns,
1792 &aa_fs_ns_revision_fops);
1793 if (IS_ERR(dent))
1794 return PTR_ERR(dent);
1795 aa_get_ns(ns);
1796 ns_subrevision(ns) = dent;
1797
1798 dent = aafs_create_file(".load", 0640, dir, ns,
1799 &aa_fs_profile_load);
1800 if (IS_ERR(dent))
1801 return PTR_ERR(dent);
1802 aa_get_ns(ns);
1803 ns_subload(ns) = dent;
1804
1805 dent = aafs_create_file(".replace", 0640, dir, ns,
1806 &aa_fs_profile_replace);
1807 if (IS_ERR(dent))
1808 return PTR_ERR(dent);
1809 aa_get_ns(ns);
1810 ns_subreplace(ns) = dent;
1811
1812 dent = aafs_create_file(".remove", 0640, dir, ns,
1813 &aa_fs_profile_remove);
1814 if (IS_ERR(dent))
1815 return PTR_ERR(dent);
1816 aa_get_ns(ns);
1817 ns_subremove(ns) = dent;
1818
1819
1820 dent = aafs_create("namespaces", S_IFDIR | 0755, dir, ns, NULL, NULL,
1821 &ns_dir_inode_operations);
1822 if (IS_ERR(dent))
1823 return PTR_ERR(dent);
1824 aa_get_ns(ns);
1825 ns_subns_dir(ns) = dent;
1826
1827 return 0;
1828}
1829
1830
1831
1832
1833int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name,
1834 struct dentry *dent)
1835{
1836 struct aa_ns *sub;
1837 struct aa_profile *child;
1838 struct dentry *dir;
1839 int error;
1840
1841 AA_BUG(!ns);
1842 AA_BUG(!parent);
1843 AA_BUG(!mutex_is_locked(&ns->lock));
1844
1845 if (!name)
1846 name = ns->base.name;
1847
1848 if (!dent) {
1849
1850 dent = aafs_create_dir(name, parent);
1851 if (IS_ERR(dent))
1852 goto fail;
1853 } else
1854 dget(dent);
1855 ns_dir(ns) = dir = dent;
1856 error = __aafs_ns_mkdir_entries(ns, dir);
1857 if (error)
1858 goto fail2;
1859
1860
1861 list_for_each_entry(child, &ns->base.profiles, base.list) {
1862 error = __aafs_profile_mkdir(child, ns_subprofs_dir(ns));
1863 if (error)
1864 goto fail2;
1865 }
1866
1867
1868 list_for_each_entry(sub, &ns->sub_ns, base.list) {
1869 mutex_lock(&sub->lock);
1870 error = __aafs_ns_mkdir(sub, ns_subns_dir(ns), NULL, NULL);
1871 mutex_unlock(&sub->lock);
1872 if (error)
1873 goto fail2;
1874 }
1875
1876 return 0;
1877
1878fail:
1879 error = PTR_ERR(dent);
1880
1881fail2:
1882 __aafs_ns_rmdir(ns);
1883
1884 return error;
1885}
1886
1887
1888#define list_entry_is_head(pos, head, member) (&pos->member == (head))
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902static struct aa_ns *__next_ns(struct aa_ns *root, struct aa_ns *ns)
1903{
1904 struct aa_ns *parent, *next;
1905
1906
1907 if (!list_empty(&ns->sub_ns)) {
1908 next = list_first_entry(&ns->sub_ns, typeof(*ns), base.list);
1909 mutex_lock(&next->lock);
1910 return next;
1911 }
1912
1913
1914 parent = ns->parent;
1915 while (ns != root) {
1916 mutex_unlock(&ns->lock);
1917 next = list_next_entry(ns, base.list);
1918 if (!list_entry_is_head(next, &parent->sub_ns, base.list)) {
1919 mutex_lock(&next->lock);
1920 return next;
1921 }
1922 ns = parent;
1923 parent = parent->parent;
1924 }
1925
1926 return NULL;
1927}
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937static struct aa_profile *__first_profile(struct aa_ns *root,
1938 struct aa_ns *ns)
1939{
1940 for (; ns; ns = __next_ns(root, ns)) {
1941 if (!list_empty(&ns->base.profiles))
1942 return list_first_entry(&ns->base.profiles,
1943 struct aa_profile, base.list);
1944 }
1945 return NULL;
1946}
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957static struct aa_profile *__next_profile(struct aa_profile *p)
1958{
1959 struct aa_profile *parent;
1960 struct aa_ns *ns = p->ns;
1961
1962
1963 if (!list_empty(&p->base.profiles))
1964 return list_first_entry(&p->base.profiles, typeof(*p),
1965 base.list);
1966
1967
1968 parent = rcu_dereference_protected(p->parent,
1969 mutex_is_locked(&p->ns->lock));
1970 while (parent) {
1971 p = list_next_entry(p, base.list);
1972 if (!list_entry_is_head(p, &parent->base.profiles, base.list))
1973 return p;
1974 p = parent;
1975 parent = rcu_dereference_protected(parent->parent,
1976 mutex_is_locked(&parent->ns->lock));
1977 }
1978
1979
1980 p = list_next_entry(p, base.list);
1981 if (!list_entry_is_head(p, &ns->base.profiles, base.list))
1982 return p;
1983
1984 return NULL;
1985}
1986
1987
1988
1989
1990
1991
1992
1993
1994static struct aa_profile *next_profile(struct aa_ns *root,
1995 struct aa_profile *profile)
1996{
1997 struct aa_profile *next = __next_profile(profile);
1998 if (next)
1999 return next;
2000
2001
2002 return __first_profile(root, __next_ns(root, profile->ns));
2003}
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014static void *p_start(struct seq_file *f, loff_t *pos)
2015{
2016 struct aa_profile *profile = NULL;
2017 struct aa_ns *root = aa_get_current_ns();
2018 loff_t l = *pos;
2019 f->private = root;
2020
2021
2022 mutex_lock(&root->lock);
2023 profile = __first_profile(root, root);
2024
2025
2026 for (; profile && l > 0; l--)
2027 profile = next_profile(root, profile);
2028
2029 return profile;
2030}
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042static void *p_next(struct seq_file *f, void *p, loff_t *pos)
2043{
2044 struct aa_profile *profile = p;
2045 struct aa_ns *ns = f->private;
2046 (*pos)++;
2047
2048 return next_profile(ns, profile);
2049}
2050
2051
2052
2053
2054
2055
2056
2057
2058static void p_stop(struct seq_file *f, void *p)
2059{
2060 struct aa_profile *profile = p;
2061 struct aa_ns *root = f->private, *ns;
2062
2063 if (profile) {
2064 for (ns = profile->ns; ns && ns != root; ns = ns->parent)
2065 mutex_unlock(&ns->lock);
2066 }
2067 mutex_unlock(&root->lock);
2068 aa_put_ns(root);
2069}
2070
2071
2072
2073
2074
2075
2076
2077
2078static int seq_show_profile(struct seq_file *f, void *p)
2079{
2080 struct aa_profile *profile = (struct aa_profile *)p;
2081 struct aa_ns *root = f->private;
2082
2083 aa_label_seq_xprint(f, root, &profile->label,
2084 FLAG_SHOW_MODE | FLAG_VIEW_SUBNS, GFP_KERNEL);
2085 seq_putc(f, '\n');
2086
2087 return 0;
2088}
2089
2090static const struct seq_operations aa_sfs_profiles_op = {
2091 .start = p_start,
2092 .next = p_next,
2093 .stop = p_stop,
2094 .show = seq_show_profile,
2095};
2096
2097static int profiles_open(struct inode *inode, struct file *file)
2098{
2099 if (!policy_view_capable(NULL))
2100 return -EACCES;
2101
2102 return seq_open(file, &aa_sfs_profiles_op);
2103}
2104
2105static int profiles_release(struct inode *inode, struct file *file)
2106{
2107 return seq_release(inode, file);
2108}
2109
2110static const struct file_operations aa_sfs_profiles_fops = {
2111 .open = profiles_open,
2112 .read = seq_read,
2113 .llseek = seq_lseek,
2114 .release = profiles_release,
2115};
2116
2117
2118
2119static struct aa_sfs_entry aa_sfs_entry_file[] = {
2120 AA_SFS_FILE_STRING("mask",
2121 "create read write exec append mmap_exec link lock"),
2122 { }
2123};
2124
2125static struct aa_sfs_entry aa_sfs_entry_ptrace[] = {
2126 AA_SFS_FILE_STRING("mask", "read trace"),
2127 { }
2128};
2129
2130static struct aa_sfs_entry aa_sfs_entry_domain[] = {
2131 AA_SFS_FILE_BOOLEAN("change_hat", 1),
2132 AA_SFS_FILE_BOOLEAN("change_hatv", 1),
2133 AA_SFS_FILE_BOOLEAN("change_onexec", 1),
2134 AA_SFS_FILE_BOOLEAN("change_profile", 1),
2135 AA_SFS_FILE_BOOLEAN("stack", 1),
2136 AA_SFS_FILE_BOOLEAN("fix_binfmt_elf_mmap", 1),
2137 AA_SFS_FILE_STRING("version", "1.2"),
2138 { }
2139};
2140
2141static struct aa_sfs_entry aa_sfs_entry_versions[] = {
2142 AA_SFS_FILE_BOOLEAN("v5", 1),
2143 AA_SFS_FILE_BOOLEAN("v6", 1),
2144 AA_SFS_FILE_BOOLEAN("v7", 1),
2145 { }
2146};
2147
2148static struct aa_sfs_entry aa_sfs_entry_policy[] = {
2149 AA_SFS_DIR("versions", aa_sfs_entry_versions),
2150 AA_SFS_FILE_BOOLEAN("set_load", 1),
2151 { }
2152};
2153
2154static struct aa_sfs_entry aa_sfs_entry_ns[] = {
2155 AA_SFS_FILE_BOOLEAN("profile", 1),
2156 AA_SFS_FILE_BOOLEAN("pivot_root", 1),
2157 { }
2158};
2159
2160static struct aa_sfs_entry aa_sfs_entry_query_label[] = {
2161 AA_SFS_FILE_STRING("perms", "allow deny audit quiet"),
2162 AA_SFS_FILE_BOOLEAN("data", 1),
2163 AA_SFS_FILE_BOOLEAN("multi_transaction", 1),
2164 { }
2165};
2166
2167static struct aa_sfs_entry aa_sfs_entry_query[] = {
2168 AA_SFS_DIR("label", aa_sfs_entry_query_label),
2169 { }
2170};
2171static struct aa_sfs_entry aa_sfs_entry_features[] = {
2172 AA_SFS_DIR("policy", aa_sfs_entry_policy),
2173 AA_SFS_DIR("domain", aa_sfs_entry_domain),
2174 AA_SFS_DIR("file", aa_sfs_entry_file),
2175 AA_SFS_DIR("namespaces", aa_sfs_entry_ns),
2176 AA_SFS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
2177 AA_SFS_DIR("rlimit", aa_sfs_entry_rlimit),
2178 AA_SFS_DIR("caps", aa_sfs_entry_caps),
2179 AA_SFS_DIR("ptrace", aa_sfs_entry_ptrace),
2180 AA_SFS_DIR("query", aa_sfs_entry_query),
2181 { }
2182};
2183
2184static struct aa_sfs_entry aa_sfs_entry_apparmor[] = {
2185 AA_SFS_FILE_FOPS(".access", 0640, &aa_sfs_access),
2186 AA_SFS_FILE_FOPS(".stacked", 0444, &seq_ns_stacked_fops),
2187 AA_SFS_FILE_FOPS(".ns_stacked", 0444, &seq_ns_nsstacked_fops),
2188 AA_SFS_FILE_FOPS(".ns_level", 0666, &seq_ns_level_fops),
2189 AA_SFS_FILE_FOPS(".ns_name", 0640, &seq_ns_name_fops),
2190 AA_SFS_FILE_FOPS("profiles", 0440, &aa_sfs_profiles_fops),
2191 AA_SFS_DIR("features", aa_sfs_entry_features),
2192 { }
2193};
2194
2195static struct aa_sfs_entry aa_sfs_entry =
2196 AA_SFS_DIR("apparmor", aa_sfs_entry_apparmor);
2197
2198
2199
2200
2201
2202
2203
2204
2205static int __init entry_create_file(struct aa_sfs_entry *fs_file,
2206 struct dentry *parent)
2207{
2208 int error = 0;
2209
2210 fs_file->dentry = securityfs_create_file(fs_file->name,
2211 S_IFREG | fs_file->mode,
2212 parent, fs_file,
2213 fs_file->file_ops);
2214 if (IS_ERR(fs_file->dentry)) {
2215 error = PTR_ERR(fs_file->dentry);
2216 fs_file->dentry = NULL;
2217 }
2218 return error;
2219}
2220
2221static void __init entry_remove_dir(struct aa_sfs_entry *fs_dir);
2222
2223
2224
2225
2226
2227
2228
2229static int __init entry_create_dir(struct aa_sfs_entry *fs_dir,
2230 struct dentry *parent)
2231{
2232 struct aa_sfs_entry *fs_file;
2233 struct dentry *dir;
2234 int error;
2235
2236 dir = securityfs_create_dir(fs_dir->name, parent);
2237 if (IS_ERR(dir))
2238 return PTR_ERR(dir);
2239 fs_dir->dentry = dir;
2240
2241 for (fs_file = fs_dir->v.files; fs_file && fs_file->name; ++fs_file) {
2242 if (fs_file->v_type == AA_SFS_TYPE_DIR)
2243 error = entry_create_dir(fs_file, fs_dir->dentry);
2244 else
2245 error = entry_create_file(fs_file, fs_dir->dentry);
2246 if (error)
2247 goto failed;
2248 }
2249
2250 return 0;
2251
2252failed:
2253 entry_remove_dir(fs_dir);
2254
2255 return error;
2256}
2257
2258
2259
2260
2261
2262static void __init entry_remove_file(struct aa_sfs_entry *fs_file)
2263{
2264 if (!fs_file->dentry)
2265 return;
2266
2267 securityfs_remove(fs_file->dentry);
2268 fs_file->dentry = NULL;
2269}
2270
2271
2272
2273
2274
2275static void __init entry_remove_dir(struct aa_sfs_entry *fs_dir)
2276{
2277 struct aa_sfs_entry *fs_file;
2278
2279 for (fs_file = fs_dir->v.files; fs_file && fs_file->name; ++fs_file) {
2280 if (fs_file->v_type == AA_SFS_TYPE_DIR)
2281 entry_remove_dir(fs_file);
2282 else
2283 entry_remove_file(fs_file);
2284 }
2285
2286 entry_remove_file(fs_dir);
2287}
2288
2289
2290
2291
2292
2293
2294void __init aa_destroy_aafs(void)
2295{
2296 entry_remove_dir(&aa_sfs_entry);
2297}
2298
2299
2300#define NULL_FILE_NAME ".null"
2301struct path aa_null;
2302
2303static int aa_mk_null_file(struct dentry *parent)
2304{
2305 struct vfsmount *mount = NULL;
2306 struct dentry *dentry;
2307 struct inode *inode;
2308 int count = 0;
2309 int error = simple_pin_fs(parent->d_sb->s_type, &mount, &count);
2310
2311 if (error)
2312 return error;
2313
2314 inode_lock(d_inode(parent));
2315 dentry = lookup_one_len(NULL_FILE_NAME, parent, strlen(NULL_FILE_NAME));
2316 if (IS_ERR(dentry)) {
2317 error = PTR_ERR(dentry);
2318 goto out;
2319 }
2320 inode = new_inode(parent->d_inode->i_sb);
2321 if (!inode) {
2322 error = -ENOMEM;
2323 goto out1;
2324 }
2325
2326 inode->i_ino = get_next_ino();
2327 inode->i_mode = S_IFCHR | S_IRUGO | S_IWUGO;
2328 inode->i_atime = inode->i_mtime = inode->i_ctime = current_time(inode);
2329 init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO,
2330 MKDEV(MEM_MAJOR, 3));
2331 d_instantiate(dentry, inode);
2332 aa_null.dentry = dget(dentry);
2333 aa_null.mnt = mntget(mount);
2334
2335 error = 0;
2336
2337out1:
2338 dput(dentry);
2339out:
2340 inode_unlock(d_inode(parent));
2341 simple_release_fs(&mount, &count);
2342 return error;
2343}
2344
2345
2346
2347static const char *policy_get_link(struct dentry *dentry,
2348 struct inode *inode,
2349 struct delayed_call *done)
2350{
2351 struct aa_ns *ns;
2352 struct path path;
2353
2354 if (!dentry)
2355 return ERR_PTR(-ECHILD);
2356 ns = aa_get_current_ns();
2357 path.mnt = mntget(aafs_mnt);
2358 path.dentry = dget(ns_dir(ns));
2359 nd_jump_link(&path);
2360 aa_put_ns(ns);
2361
2362 return NULL;
2363}
2364
2365static int ns_get_name(char *buf, size_t size, struct aa_ns *ns,
2366 struct inode *inode)
2367{
2368 int res = snprintf(buf, size, "%s:[%lu]", AAFS_NAME, inode->i_ino);
2369
2370 if (res < 0 || res >= size)
2371 res = -ENOENT;
2372
2373 return res;
2374}
2375
2376static int policy_readlink(struct dentry *dentry, char __user *buffer,
2377 int buflen)
2378{
2379 struct aa_ns *ns;
2380 char name[32];
2381 int res;
2382
2383 ns = aa_get_current_ns();
2384 res = ns_get_name(name, sizeof(name), ns, d_inode(dentry));
2385 if (res >= 0)
2386 res = readlink_copy(buffer, buflen, name);
2387 aa_put_ns(ns);
2388
2389 return res;
2390}
2391
2392static const struct inode_operations policy_link_iops = {
2393 .readlink = policy_readlink,
2394 .get_link = policy_get_link,
2395};
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405static int __init aa_create_aafs(void)
2406{
2407 struct dentry *dent;
2408 int error;
2409
2410 if (!apparmor_initialized)
2411 return 0;
2412
2413 if (aa_sfs_entry.dentry) {
2414 AA_ERROR("%s: AppArmor securityfs already exists\n", __func__);
2415 return -EEXIST;
2416 }
2417
2418
2419 aafs_mnt = kern_mount(&aafs_ops);
2420 if (IS_ERR(aafs_mnt))
2421 panic("can't set apparmorfs up\n");
2422 aafs_mnt->mnt_sb->s_flags &= ~MS_NOUSER;
2423
2424
2425 error = entry_create_dir(&aa_sfs_entry, NULL);
2426 if (error)
2427 goto error;
2428
2429 dent = securityfs_create_file(".load", 0666, aa_sfs_entry.dentry,
2430 NULL, &aa_fs_profile_load);
2431 if (IS_ERR(dent)) {
2432 error = PTR_ERR(dent);
2433 goto error;
2434 }
2435 ns_subload(root_ns) = dent;
2436
2437 dent = securityfs_create_file(".replace", 0666, aa_sfs_entry.dentry,
2438 NULL, &aa_fs_profile_replace);
2439 if (IS_ERR(dent)) {
2440 error = PTR_ERR(dent);
2441 goto error;
2442 }
2443 ns_subreplace(root_ns) = dent;
2444
2445 dent = securityfs_create_file(".remove", 0666, aa_sfs_entry.dentry,
2446 NULL, &aa_fs_profile_remove);
2447 if (IS_ERR(dent)) {
2448 error = PTR_ERR(dent);
2449 goto error;
2450 }
2451 ns_subremove(root_ns) = dent;
2452
2453 dent = securityfs_create_file("revision", 0444, aa_sfs_entry.dentry,
2454 NULL, &aa_fs_ns_revision_fops);
2455 if (IS_ERR(dent)) {
2456 error = PTR_ERR(dent);
2457 goto error;
2458 }
2459 ns_subrevision(root_ns) = dent;
2460
2461
2462 mutex_lock(&root_ns->lock);
2463 error = __aafs_ns_mkdir(root_ns, aafs_mnt->mnt_root, ".policy",
2464 aafs_mnt->mnt_root);
2465 mutex_unlock(&root_ns->lock);
2466 if (error)
2467 goto error;
2468
2469
2470 dent = securityfs_create_symlink("policy", aa_sfs_entry.dentry,
2471 NULL, &policy_link_iops);
2472 if (IS_ERR(dent)) {
2473 error = PTR_ERR(dent);
2474 goto error;
2475 }
2476
2477 error = aa_mk_null_file(aa_sfs_entry.dentry);
2478 if (error)
2479 goto error;
2480
2481
2482
2483
2484 aa_info_message("AppArmor Filesystem Enabled");
2485 return 0;
2486
2487error:
2488 aa_destroy_aafs();
2489 AA_ERROR("Error creating AppArmor securityfs\n");
2490 return error;
2491}
2492
2493fs_initcall(aa_create_aafs);
2494