1
2
3
4
5
6
7#include "common.h"
8#include <linux/slab.h>
9
10
11
12
13static const u8 tomoyo_p2mac[TOMOYO_MAX_PATH_OPERATION] = {
14 [TOMOYO_TYPE_EXECUTE] = TOMOYO_MAC_FILE_EXECUTE,
15 [TOMOYO_TYPE_READ] = TOMOYO_MAC_FILE_OPEN,
16 [TOMOYO_TYPE_WRITE] = TOMOYO_MAC_FILE_OPEN,
17 [TOMOYO_TYPE_APPEND] = TOMOYO_MAC_FILE_OPEN,
18 [TOMOYO_TYPE_UNLINK] = TOMOYO_MAC_FILE_UNLINK,
19 [TOMOYO_TYPE_GETATTR] = TOMOYO_MAC_FILE_GETATTR,
20 [TOMOYO_TYPE_RMDIR] = TOMOYO_MAC_FILE_RMDIR,
21 [TOMOYO_TYPE_TRUNCATE] = TOMOYO_MAC_FILE_TRUNCATE,
22 [TOMOYO_TYPE_SYMLINK] = TOMOYO_MAC_FILE_SYMLINK,
23 [TOMOYO_TYPE_CHROOT] = TOMOYO_MAC_FILE_CHROOT,
24 [TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT,
25};
26
27
28
29
30const u8 tomoyo_pnnn2mac[TOMOYO_MAX_MKDEV_OPERATION] = {
31 [TOMOYO_TYPE_MKBLOCK] = TOMOYO_MAC_FILE_MKBLOCK,
32 [TOMOYO_TYPE_MKCHAR] = TOMOYO_MAC_FILE_MKCHAR,
33};
34
35
36
37
38const u8 tomoyo_pp2mac[TOMOYO_MAX_PATH2_OPERATION] = {
39 [TOMOYO_TYPE_LINK] = TOMOYO_MAC_FILE_LINK,
40 [TOMOYO_TYPE_RENAME] = TOMOYO_MAC_FILE_RENAME,
41 [TOMOYO_TYPE_PIVOT_ROOT] = TOMOYO_MAC_FILE_PIVOT_ROOT,
42};
43
44
45
46
47
48const u8 tomoyo_pn2mac[TOMOYO_MAX_PATH_NUMBER_OPERATION] = {
49 [TOMOYO_TYPE_CREATE] = TOMOYO_MAC_FILE_CREATE,
50 [TOMOYO_TYPE_MKDIR] = TOMOYO_MAC_FILE_MKDIR,
51 [TOMOYO_TYPE_MKFIFO] = TOMOYO_MAC_FILE_MKFIFO,
52 [TOMOYO_TYPE_MKSOCK] = TOMOYO_MAC_FILE_MKSOCK,
53 [TOMOYO_TYPE_IOCTL] = TOMOYO_MAC_FILE_IOCTL,
54 [TOMOYO_TYPE_CHMOD] = TOMOYO_MAC_FILE_CHMOD,
55 [TOMOYO_TYPE_CHOWN] = TOMOYO_MAC_FILE_CHOWN,
56 [TOMOYO_TYPE_CHGRP] = TOMOYO_MAC_FILE_CHGRP,
57};
58
59
60
61
62
63
64
65
66void tomoyo_put_name_union(struct tomoyo_name_union *ptr)
67{
68 tomoyo_put_group(ptr->group);
69 tomoyo_put_name(ptr->filename);
70}
71
72
73
74
75
76
77
78
79
80const struct tomoyo_path_info *
81tomoyo_compare_name_union(const struct tomoyo_path_info *name,
82 const struct tomoyo_name_union *ptr)
83{
84 if (ptr->group)
85 return tomoyo_path_matches_group(name, ptr->group);
86 if (tomoyo_path_matches_pattern(name, ptr->filename))
87 return ptr->filename;
88 return NULL;
89}
90
91
92
93
94
95
96
97
98void tomoyo_put_number_union(struct tomoyo_number_union *ptr)
99{
100 tomoyo_put_group(ptr->group);
101}
102
103
104
105
106
107
108
109
110
111bool tomoyo_compare_number_union(const unsigned long value,
112 const struct tomoyo_number_union *ptr)
113{
114 if (ptr->group)
115 return tomoyo_number_matches_group(value, value, ptr->group);
116 return value >= ptr->values[0] && value <= ptr->values[1];
117}
118
119
120
121
122
123
124
125
126
127
128
129static void tomoyo_add_slash(struct tomoyo_path_info *buf)
130{
131 if (buf->is_dir)
132 return;
133
134
135
136 strcat((char *) buf->name, "/");
137 tomoyo_fill_path_info(buf);
138}
139
140
141
142
143
144
145
146
147
148static bool tomoyo_get_realpath(struct tomoyo_path_info *buf, const struct path *path)
149{
150 buf->name = tomoyo_realpath_from_path(path);
151 if (buf->name) {
152 tomoyo_fill_path_info(buf);
153 return true;
154 }
155 return false;
156}
157
158
159
160
161
162
163
164
165static int tomoyo_audit_path_log(struct tomoyo_request_info *r)
166{
167 return tomoyo_supervisor(r, "file %s %s\n", tomoyo_path_keyword
168 [r->param.path.operation],
169 r->param.path.filename->name);
170}
171
172
173
174
175
176
177
178
179static int tomoyo_audit_path2_log(struct tomoyo_request_info *r)
180{
181 return tomoyo_supervisor(r, "file %s %s %s\n", tomoyo_mac_keywords
182 [tomoyo_pp2mac[r->param.path2.operation]],
183 r->param.path2.filename1->name,
184 r->param.path2.filename2->name);
185}
186
187
188
189
190
191
192
193
194static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r)
195{
196 return tomoyo_supervisor(r, "file %s %s 0%o %u %u\n",
197 tomoyo_mac_keywords
198 [tomoyo_pnnn2mac[r->param.mkdev.operation]],
199 r->param.mkdev.filename->name,
200 r->param.mkdev.mode, r->param.mkdev.major,
201 r->param.mkdev.minor);
202}
203
204
205
206
207
208
209
210
211static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r)
212{
213 const u8 type = r->param.path_number.operation;
214 u8 radix;
215 char buffer[64];
216 switch (type) {
217 case TOMOYO_TYPE_CREATE:
218 case TOMOYO_TYPE_MKDIR:
219 case TOMOYO_TYPE_MKFIFO:
220 case TOMOYO_TYPE_MKSOCK:
221 case TOMOYO_TYPE_CHMOD:
222 radix = TOMOYO_VALUE_TYPE_OCTAL;
223 break;
224 case TOMOYO_TYPE_IOCTL:
225 radix = TOMOYO_VALUE_TYPE_HEXADECIMAL;
226 break;
227 default:
228 radix = TOMOYO_VALUE_TYPE_DECIMAL;
229 break;
230 }
231 tomoyo_print_ulong(buffer, sizeof(buffer), r->param.path_number.number,
232 radix);
233 return tomoyo_supervisor(r, "file %s %s %s\n", tomoyo_mac_keywords
234 [tomoyo_pn2mac[type]],
235 r->param.path_number.filename->name, buffer);
236}
237
238
239
240
241
242
243
244
245
246
247
248
249
250static bool tomoyo_check_path_acl(struct tomoyo_request_info *r,
251 const struct tomoyo_acl_info *ptr)
252{
253 const struct tomoyo_path_acl *acl = container_of(ptr, typeof(*acl),
254 head);
255 if (acl->perm & (1 << r->param.path.operation)) {
256 r->param.path.matched_path =
257 tomoyo_compare_name_union(r->param.path.filename,
258 &acl->name);
259 return r->param.path.matched_path != NULL;
260 }
261 return false;
262}
263
264
265
266
267
268
269
270
271
272static bool tomoyo_check_path_number_acl(struct tomoyo_request_info *r,
273 const struct tomoyo_acl_info *ptr)
274{
275 const struct tomoyo_path_number_acl *acl =
276 container_of(ptr, typeof(*acl), head);
277 return (acl->perm & (1 << r->param.path_number.operation)) &&
278 tomoyo_compare_number_union(r->param.path_number.number,
279 &acl->number) &&
280 tomoyo_compare_name_union(r->param.path_number.filename,
281 &acl->name);
282}
283
284
285
286
287
288
289
290
291
292static bool tomoyo_check_path2_acl(struct tomoyo_request_info *r,
293 const struct tomoyo_acl_info *ptr)
294{
295 const struct tomoyo_path2_acl *acl =
296 container_of(ptr, typeof(*acl), head);
297 return (acl->perm & (1 << r->param.path2.operation)) &&
298 tomoyo_compare_name_union(r->param.path2.filename1, &acl->name1)
299 && tomoyo_compare_name_union(r->param.path2.filename2,
300 &acl->name2);
301}
302
303
304
305
306
307
308
309
310
311static bool tomoyo_check_mkdev_acl(struct tomoyo_request_info *r,
312 const struct tomoyo_acl_info *ptr)
313{
314 const struct tomoyo_mkdev_acl *acl =
315 container_of(ptr, typeof(*acl), head);
316 return (acl->perm & (1 << r->param.mkdev.operation)) &&
317 tomoyo_compare_number_union(r->param.mkdev.mode,
318 &acl->mode) &&
319 tomoyo_compare_number_union(r->param.mkdev.major,
320 &acl->major) &&
321 tomoyo_compare_number_union(r->param.mkdev.minor,
322 &acl->minor) &&
323 tomoyo_compare_name_union(r->param.mkdev.filename,
324 &acl->name);
325}
326
327
328
329
330
331
332
333
334
335static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a,
336 const struct tomoyo_acl_info *b)
337{
338 const struct tomoyo_path_acl *p1 = container_of(a, typeof(*p1), head);
339 const struct tomoyo_path_acl *p2 = container_of(b, typeof(*p2), head);
340 return tomoyo_same_name_union(&p1->name, &p2->name);
341}
342
343
344
345
346
347
348
349
350
351
352static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
353 struct tomoyo_acl_info *b,
354 const bool is_delete)
355{
356 u16 * const a_perm = &container_of(a, struct tomoyo_path_acl, head)
357 ->perm;
358 u16 perm = *a_perm;
359 const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm;
360 if (is_delete)
361 perm &= ~b_perm;
362 else
363 perm |= b_perm;
364 *a_perm = perm;
365 return !perm;
366}
367
368
369
370
371
372
373
374
375
376
377
378static int tomoyo_update_path_acl(const u16 perm,
379 struct tomoyo_acl_param *param)
380{
381 struct tomoyo_path_acl e = {
382 .head.type = TOMOYO_TYPE_PATH_ACL,
383 .perm = perm
384 };
385 int error;
386 if (!tomoyo_parse_name_union(param, &e.name))
387 error = -EINVAL;
388 else
389 error = tomoyo_update_domain(&e.head, sizeof(e), param,
390 tomoyo_same_path_acl,
391 tomoyo_merge_path_acl);
392 tomoyo_put_name_union(&e.name);
393 return error;
394}
395
396
397
398
399
400
401
402
403
404static bool tomoyo_same_mkdev_acl(const struct tomoyo_acl_info *a,
405 const struct tomoyo_acl_info *b)
406{
407 const struct tomoyo_mkdev_acl *p1 = container_of(a, typeof(*p1), head);
408 const struct tomoyo_mkdev_acl *p2 = container_of(b, typeof(*p2), head);
409 return tomoyo_same_name_union(&p1->name, &p2->name) &&
410 tomoyo_same_number_union(&p1->mode, &p2->mode) &&
411 tomoyo_same_number_union(&p1->major, &p2->major) &&
412 tomoyo_same_number_union(&p1->minor, &p2->minor);
413}
414
415
416
417
418
419
420
421
422
423
424static bool tomoyo_merge_mkdev_acl(struct tomoyo_acl_info *a,
425 struct tomoyo_acl_info *b,
426 const bool is_delete)
427{
428 u8 *const a_perm = &container_of(a, struct tomoyo_mkdev_acl,
429 head)->perm;
430 u8 perm = *a_perm;
431 const u8 b_perm = container_of(b, struct tomoyo_mkdev_acl, head)
432 ->perm;
433 if (is_delete)
434 perm &= ~b_perm;
435 else
436 perm |= b_perm;
437 *a_perm = perm;
438 return !perm;
439}
440
441
442
443
444
445
446
447
448
449
450
451static int tomoyo_update_mkdev_acl(const u8 perm,
452 struct tomoyo_acl_param *param)
453{
454 struct tomoyo_mkdev_acl e = {
455 .head.type = TOMOYO_TYPE_MKDEV_ACL,
456 .perm = perm
457 };
458 int error;
459 if (!tomoyo_parse_name_union(param, &e.name) ||
460 !tomoyo_parse_number_union(param, &e.mode) ||
461 !tomoyo_parse_number_union(param, &e.major) ||
462 !tomoyo_parse_number_union(param, &e.minor))
463 error = -EINVAL;
464 else
465 error = tomoyo_update_domain(&e.head, sizeof(e), param,
466 tomoyo_same_mkdev_acl,
467 tomoyo_merge_mkdev_acl);
468 tomoyo_put_name_union(&e.name);
469 tomoyo_put_number_union(&e.mode);
470 tomoyo_put_number_union(&e.major);
471 tomoyo_put_number_union(&e.minor);
472 return error;
473}
474
475
476
477
478
479
480
481
482
483static bool tomoyo_same_path2_acl(const struct tomoyo_acl_info *a,
484 const struct tomoyo_acl_info *b)
485{
486 const struct tomoyo_path2_acl *p1 = container_of(a, typeof(*p1), head);
487 const struct tomoyo_path2_acl *p2 = container_of(b, typeof(*p2), head);
488 return tomoyo_same_name_union(&p1->name1, &p2->name1) &&
489 tomoyo_same_name_union(&p1->name2, &p2->name2);
490}
491
492
493
494
495
496
497
498
499
500
501static bool tomoyo_merge_path2_acl(struct tomoyo_acl_info *a,
502 struct tomoyo_acl_info *b,
503 const bool is_delete)
504{
505 u8 * const a_perm = &container_of(a, struct tomoyo_path2_acl, head)
506 ->perm;
507 u8 perm = *a_perm;
508 const u8 b_perm = container_of(b, struct tomoyo_path2_acl, head)->perm;
509 if (is_delete)
510 perm &= ~b_perm;
511 else
512 perm |= b_perm;
513 *a_perm = perm;
514 return !perm;
515}
516
517
518
519
520
521
522
523
524
525
526
527static int tomoyo_update_path2_acl(const u8 perm,
528 struct tomoyo_acl_param *param)
529{
530 struct tomoyo_path2_acl e = {
531 .head.type = TOMOYO_TYPE_PATH2_ACL,
532 .perm = perm
533 };
534 int error;
535 if (!tomoyo_parse_name_union(param, &e.name1) ||
536 !tomoyo_parse_name_union(param, &e.name2))
537 error = -EINVAL;
538 else
539 error = tomoyo_update_domain(&e.head, sizeof(e), param,
540 tomoyo_same_path2_acl,
541 tomoyo_merge_path2_acl);
542 tomoyo_put_name_union(&e.name1);
543 tomoyo_put_name_union(&e.name2);
544 return error;
545}
546
547
548
549
550
551
552
553
554
555
556
557
558static int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
559 const struct tomoyo_path_info *filename)
560{
561 int error;
562
563 r->type = tomoyo_p2mac[operation];
564 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type);
565 if (r->mode == TOMOYO_CONFIG_DISABLED)
566 return 0;
567 r->param_type = TOMOYO_TYPE_PATH_ACL;
568 r->param.path.filename = filename;
569 r->param.path.operation = operation;
570 do {
571 tomoyo_check_acl(r, tomoyo_check_path_acl);
572 error = tomoyo_audit_path_log(r);
573 } while (error == TOMOYO_RETRY_REQUEST);
574 return error;
575}
576
577
578
579
580
581
582
583
584
585
586
587int tomoyo_execute_permission(struct tomoyo_request_info *r,
588 const struct tomoyo_path_info *filename)
589{
590
591
592
593
594
595 r->type = TOMOYO_MAC_FILE_EXECUTE;
596 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type);
597 r->param_type = TOMOYO_TYPE_PATH_ACL;
598 r->param.path.filename = filename;
599 r->param.path.operation = TOMOYO_TYPE_EXECUTE;
600 tomoyo_check_acl(r, tomoyo_check_path_acl);
601 r->ee->transition = r->matched_acl && r->matched_acl->cond ?
602 r->matched_acl->cond->transit : NULL;
603 if (r->mode != TOMOYO_CONFIG_DISABLED)
604 return tomoyo_audit_path_log(r);
605 return 0;
606}
607
608
609
610
611
612
613
614
615
616static bool tomoyo_same_path_number_acl(const struct tomoyo_acl_info *a,
617 const struct tomoyo_acl_info *b)
618{
619 const struct tomoyo_path_number_acl *p1 = container_of(a, typeof(*p1),
620 head);
621 const struct tomoyo_path_number_acl *p2 = container_of(b, typeof(*p2),
622 head);
623 return tomoyo_same_name_union(&p1->name, &p2->name) &&
624 tomoyo_same_number_union(&p1->number, &p2->number);
625}
626
627
628
629
630
631
632
633
634
635
636static bool tomoyo_merge_path_number_acl(struct tomoyo_acl_info *a,
637 struct tomoyo_acl_info *b,
638 const bool is_delete)
639{
640 u8 * const a_perm = &container_of(a, struct tomoyo_path_number_acl,
641 head)->perm;
642 u8 perm = *a_perm;
643 const u8 b_perm = container_of(b, struct tomoyo_path_number_acl, head)
644 ->perm;
645 if (is_delete)
646 perm &= ~b_perm;
647 else
648 perm |= b_perm;
649 *a_perm = perm;
650 return !perm;
651}
652
653
654
655
656
657
658
659
660
661static int tomoyo_update_path_number_acl(const u8 perm,
662 struct tomoyo_acl_param *param)
663{
664 struct tomoyo_path_number_acl e = {
665 .head.type = TOMOYO_TYPE_PATH_NUMBER_ACL,
666 .perm = perm
667 };
668 int error;
669 if (!tomoyo_parse_name_union(param, &e.name) ||
670 !tomoyo_parse_number_union(param, &e.number))
671 error = -EINVAL;
672 else
673 error = tomoyo_update_domain(&e.head, sizeof(e), param,
674 tomoyo_same_path_number_acl,
675 tomoyo_merge_path_number_acl);
676 tomoyo_put_name_union(&e.name);
677 tomoyo_put_number_union(&e.number);
678 return error;
679}
680
681
682
683
684
685
686
687
688
689
690int tomoyo_path_number_perm(const u8 type, struct path *path,
691 unsigned long number)
692{
693 struct tomoyo_request_info r;
694 struct tomoyo_obj_info obj = {
695 .path1 = *path,
696 };
697 int error = -ENOMEM;
698 struct tomoyo_path_info buf;
699 int idx;
700
701 if (tomoyo_init_request_info(&r, NULL, tomoyo_pn2mac[type])
702 == TOMOYO_CONFIG_DISABLED || !path->dentry)
703 return 0;
704 idx = tomoyo_read_lock();
705 if (!tomoyo_get_realpath(&buf, path))
706 goto out;
707 r.obj = &obj;
708 if (type == TOMOYO_TYPE_MKDIR)
709 tomoyo_add_slash(&buf);
710 r.param_type = TOMOYO_TYPE_PATH_NUMBER_ACL;
711 r.param.path_number.operation = type;
712 r.param.path_number.filename = &buf;
713 r.param.path_number.number = number;
714 do {
715 tomoyo_check_acl(&r, tomoyo_check_path_number_acl);
716 error = tomoyo_audit_path_number_log(&r);
717 } while (error == TOMOYO_RETRY_REQUEST);
718 kfree(buf.name);
719 out:
720 tomoyo_read_unlock(idx);
721 if (r.mode != TOMOYO_CONFIG_ENFORCING)
722 error = 0;
723 return error;
724}
725
726
727
728
729
730
731
732
733
734
735int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
736 struct path *path, const int flag)
737{
738 const u8 acc_mode = ACC_MODE(flag);
739 int error = 0;
740 struct tomoyo_path_info buf;
741 struct tomoyo_request_info r;
742 struct tomoyo_obj_info obj = {
743 .path1 = *path,
744 };
745 int idx;
746
747 buf.name = NULL;
748 r.mode = TOMOYO_CONFIG_DISABLED;
749 idx = tomoyo_read_lock();
750 if (acc_mode &&
751 tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN)
752 != TOMOYO_CONFIG_DISABLED) {
753 if (!tomoyo_get_realpath(&buf, path)) {
754 error = -ENOMEM;
755 goto out;
756 }
757 r.obj = &obj;
758 if (acc_mode & MAY_READ)
759 error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ,
760 &buf);
761 if (!error && (acc_mode & MAY_WRITE))
762 error = tomoyo_path_permission(&r, (flag & O_APPEND) ?
763 TOMOYO_TYPE_APPEND :
764 TOMOYO_TYPE_WRITE,
765 &buf);
766 }
767 out:
768 kfree(buf.name);
769 tomoyo_read_unlock(idx);
770 if (r.mode != TOMOYO_CONFIG_ENFORCING)
771 error = 0;
772 return error;
773}
774
775
776
777
778
779
780
781
782
783
784
785int tomoyo_path_perm(const u8 operation, const struct path *path, const char *target)
786{
787 struct tomoyo_request_info r;
788 struct tomoyo_obj_info obj = {
789 .path1 = *path,
790 };
791 int error;
792 struct tomoyo_path_info buf;
793 bool is_enforce;
794 struct tomoyo_path_info symlink_target;
795 int idx;
796
797 if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation])
798 == TOMOYO_CONFIG_DISABLED)
799 return 0;
800 is_enforce = (r.mode == TOMOYO_CONFIG_ENFORCING);
801 error = -ENOMEM;
802 buf.name = NULL;
803 idx = tomoyo_read_lock();
804 if (!tomoyo_get_realpath(&buf, path))
805 goto out;
806 r.obj = &obj;
807 switch (operation) {
808 case TOMOYO_TYPE_RMDIR:
809 case TOMOYO_TYPE_CHROOT:
810 tomoyo_add_slash(&buf);
811 break;
812 case TOMOYO_TYPE_SYMLINK:
813 symlink_target.name = tomoyo_encode(target);
814 if (!symlink_target.name)
815 goto out;
816 tomoyo_fill_path_info(&symlink_target);
817 obj.symlink_target = &symlink_target;
818 break;
819 }
820 error = tomoyo_path_permission(&r, operation, &buf);
821 if (operation == TOMOYO_TYPE_SYMLINK)
822 kfree(symlink_target.name);
823 out:
824 kfree(buf.name);
825 tomoyo_read_unlock(idx);
826 if (!is_enforce)
827 error = 0;
828 return error;
829}
830
831
832
833
834
835
836
837
838
839
840
841int tomoyo_mkdev_perm(const u8 operation, struct path *path,
842 const unsigned int mode, unsigned int dev)
843{
844 struct tomoyo_request_info r;
845 struct tomoyo_obj_info obj = {
846 .path1 = *path,
847 };
848 int error = -ENOMEM;
849 struct tomoyo_path_info buf;
850 int idx;
851
852 if (tomoyo_init_request_info(&r, NULL, tomoyo_pnnn2mac[operation])
853 == TOMOYO_CONFIG_DISABLED)
854 return 0;
855 idx = tomoyo_read_lock();
856 error = -ENOMEM;
857 if (tomoyo_get_realpath(&buf, path)) {
858 r.obj = &obj;
859 dev = new_decode_dev(dev);
860 r.param_type = TOMOYO_TYPE_MKDEV_ACL;
861 r.param.mkdev.filename = &buf;
862 r.param.mkdev.operation = operation;
863 r.param.mkdev.mode = mode;
864 r.param.mkdev.major = MAJOR(dev);
865 r.param.mkdev.minor = MINOR(dev);
866 tomoyo_check_acl(&r, tomoyo_check_mkdev_acl);
867 error = tomoyo_audit_mkdev_log(&r);
868 kfree(buf.name);
869 }
870 tomoyo_read_unlock(idx);
871 if (r.mode != TOMOYO_CONFIG_ENFORCING)
872 error = 0;
873 return error;
874}
875
876
877
878
879
880
881
882
883
884
885int tomoyo_path2_perm(const u8 operation, struct path *path1,
886 struct path *path2)
887{
888 int error = -ENOMEM;
889 struct tomoyo_path_info buf1;
890 struct tomoyo_path_info buf2;
891 struct tomoyo_request_info r;
892 struct tomoyo_obj_info obj = {
893 .path1 = *path1,
894 .path2 = *path2,
895 };
896 int idx;
897
898 if (tomoyo_init_request_info(&r, NULL, tomoyo_pp2mac[operation])
899 == TOMOYO_CONFIG_DISABLED)
900 return 0;
901 buf1.name = NULL;
902 buf2.name = NULL;
903 idx = tomoyo_read_lock();
904 if (!tomoyo_get_realpath(&buf1, path1) ||
905 !tomoyo_get_realpath(&buf2, path2))
906 goto out;
907 switch (operation) {
908 case TOMOYO_TYPE_RENAME:
909 case TOMOYO_TYPE_LINK:
910 if (!d_is_dir(path1->dentry))
911 break;
912
913 case TOMOYO_TYPE_PIVOT_ROOT:
914 tomoyo_add_slash(&buf1);
915 tomoyo_add_slash(&buf2);
916 break;
917 }
918 r.obj = &obj;
919 r.param_type = TOMOYO_TYPE_PATH2_ACL;
920 r.param.path2.operation = operation;
921 r.param.path2.filename1 = &buf1;
922 r.param.path2.filename2 = &buf2;
923 do {
924 tomoyo_check_acl(&r, tomoyo_check_path2_acl);
925 error = tomoyo_audit_path2_log(&r);
926 } while (error == TOMOYO_RETRY_REQUEST);
927 out:
928 kfree(buf1.name);
929 kfree(buf2.name);
930 tomoyo_read_unlock(idx);
931 if (r.mode != TOMOYO_CONFIG_ENFORCING)
932 error = 0;
933 return error;
934}
935
936
937
938
939
940
941
942
943
944static bool tomoyo_same_mount_acl(const struct tomoyo_acl_info *a,
945 const struct tomoyo_acl_info *b)
946{
947 const struct tomoyo_mount_acl *p1 = container_of(a, typeof(*p1), head);
948 const struct tomoyo_mount_acl *p2 = container_of(b, typeof(*p2), head);
949 return tomoyo_same_name_union(&p1->dev_name, &p2->dev_name) &&
950 tomoyo_same_name_union(&p1->dir_name, &p2->dir_name) &&
951 tomoyo_same_name_union(&p1->fs_type, &p2->fs_type) &&
952 tomoyo_same_number_union(&p1->flags, &p2->flags);
953}
954
955
956
957
958
959
960
961
962
963
964static int tomoyo_update_mount_acl(struct tomoyo_acl_param *param)
965{
966 struct tomoyo_mount_acl e = { .head.type = TOMOYO_TYPE_MOUNT_ACL };
967 int error;
968 if (!tomoyo_parse_name_union(param, &e.dev_name) ||
969 !tomoyo_parse_name_union(param, &e.dir_name) ||
970 !tomoyo_parse_name_union(param, &e.fs_type) ||
971 !tomoyo_parse_number_union(param, &e.flags))
972 error = -EINVAL;
973 else
974 error = tomoyo_update_domain(&e.head, sizeof(e), param,
975 tomoyo_same_mount_acl, NULL);
976 tomoyo_put_name_union(&e.dev_name);
977 tomoyo_put_name_union(&e.dir_name);
978 tomoyo_put_name_union(&e.fs_type);
979 tomoyo_put_number_union(&e.flags);
980 return error;
981}
982
983
984
985
986
987
988
989
990
991
992int tomoyo_write_file(struct tomoyo_acl_param *param)
993{
994 u16 perm = 0;
995 u8 type;
996 const char *operation = tomoyo_read_token(param);
997 for (type = 0; type < TOMOYO_MAX_PATH_OPERATION; type++)
998 if (tomoyo_permstr(operation, tomoyo_path_keyword[type]))
999 perm |= 1 << type;
1000 if (perm)
1001 return tomoyo_update_path_acl(perm, param);
1002 for (type = 0; type < TOMOYO_MAX_PATH2_OPERATION; type++)
1003 if (tomoyo_permstr(operation,
1004 tomoyo_mac_keywords[tomoyo_pp2mac[type]]))
1005 perm |= 1 << type;
1006 if (perm)
1007 return tomoyo_update_path2_acl(perm, param);
1008 for (type = 0; type < TOMOYO_MAX_PATH_NUMBER_OPERATION; type++)
1009 if (tomoyo_permstr(operation,
1010 tomoyo_mac_keywords[tomoyo_pn2mac[type]]))
1011 perm |= 1 << type;
1012 if (perm)
1013 return tomoyo_update_path_number_acl(perm, param);
1014 for (type = 0; type < TOMOYO_MAX_MKDEV_OPERATION; type++)
1015 if (tomoyo_permstr(operation,
1016 tomoyo_mac_keywords[tomoyo_pnnn2mac[type]]))
1017 perm |= 1 << type;
1018 if (perm)
1019 return tomoyo_update_mkdev_acl(perm, param);
1020 if (tomoyo_permstr(operation,
1021 tomoyo_mac_keywords[TOMOYO_MAC_FILE_MOUNT]))
1022 return tomoyo_update_mount_acl(param);
1023 return -EINVAL;
1024}
1025