// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (C) 2007 Casey Schaufler <[email protected]> * * Author: * Casey Schaufler <[email protected]> */ #include <linux/types.h> #include <linux/slab.h> #include <linux/fs.h> #include <linux/sched.h> #include "smack.h" struct smack_known smack_known_huh = …; struct smack_known smack_known_hat = …; struct smack_known smack_known_star = …; struct smack_known smack_known_floor = …; struct smack_known smack_known_web = …; LIST_HEAD(…); /* * The initial value needs to be bigger than any of the * known values above. */ static u32 smack_next_secid = …; /* * what events do we log * can be overwritten at run-time by /smack/logging */ int log_policy = …; /** * smk_access_entry - look up matching access rule * @subject_label: a pointer to the subject's Smack label * @object_label: a pointer to the object's Smack label * @rule_list: the list of rules to search * * This function looks up the subject/object pair in the * access rule list and returns the access mode. If no * entry is found returns -ENOENT. * * NOTE: * * Earlier versions of this function allowed for labels that * were not on the label list. This was done to allow for * labels to come over the network that had never been seen * before on this host. Unless the receiving socket has the * star label this will always result in a failure check. The * star labeled socket case is now handled in the networking * hooks so there is no case where the label is not on the * label list. Checking to see if the address of two labels * is the same is now a reliable test. * * Do the object check first because that is more * likely to differ. * * Allowing write access implies allowing locking. */ int smk_access_entry(char *subject_label, char *object_label, struct list_head *rule_list) { … } /** * smk_access - determine if a subject has a specific access to an object * @subject: a pointer to the subject's Smack label entry * @object: a pointer to the object's Smack label entry * @request: the access requested, in "MAY" format * @a : a pointer to the audit data * * This function looks up the subject/object pair in the * access rule list and returns 0 if the access is permitted, * non zero otherwise. * * Smack labels are shared on smack_list */ int smk_access(struct smack_known *subject, struct smack_known *object, int request, struct smk_audit_info *a) { … } /** * smk_tskacc - determine if a task has a specific access to an object * @tsp: a pointer to the subject's task * @obj_known: a pointer to the object's label entry * @mode: the access requested, in "MAY" format * @a : common audit data * * This function checks the subject task's label/object label pair * in the access rule list and returns 0 if the access is permitted, * non zero otherwise. It allows that the task may have the capability * to override the rules. */ int smk_tskacc(struct task_smack *tsp, struct smack_known *obj_known, u32 mode, struct smk_audit_info *a) { … } /** * smk_curacc - determine if current has a specific access to an object * @obj_known: a pointer to the object's Smack label entry * @mode: the access requested, in "MAY" format * @a : common audit data * * This function checks the current subject label/object label pair * in the access rule list and returns 0 if the access is permitted, * non zero otherwise. It allows that current may have the capability * to override the rules. */ int smk_curacc(struct smack_known *obj_known, u32 mode, struct smk_audit_info *a) { … } #ifdef CONFIG_AUDIT /** * smack_str_from_perm : helper to transalate an int to a * readable string * @string : the string to fill * @access : the int * */ static inline void smack_str_from_perm(char *string, int access) { … } /** * smack_log_callback - SMACK specific information * will be called by generic audit code * @ab : the audit_buffer * @a : audit_data * */ static void smack_log_callback(struct audit_buffer *ab, void *a) { … } /** * smack_log - Audit the granting or denial of permissions. * @subject_label : smack label of the requester * @object_label : smack label of the object being accessed * @request: requested permissions * @result: result from smk_access * @ad: auxiliary audit data * * Audit the granting or denial of permissions in accordance * with the policy. */ void smack_log(char *subject_label, char *object_label, int request, int result, struct smk_audit_info *ad) { … } #else /* #ifdef CONFIG_AUDIT */ void smack_log(char *subject_label, char *object_label, int request, int result, struct smk_audit_info *ad) { } #endif DEFINE_MUTEX(…) …; struct hlist_head smack_known_hash[SMACK_HASH_SLOTS]; /** * smk_insert_entry - insert a smack label into a hash map, * @skp: smack label * * this function must be called under smack_known_lock */ void smk_insert_entry(struct smack_known *skp) { … } /** * smk_find_entry - find a label on the list, return the list entry * @string: a text string that might be a Smack label * * Returns a pointer to the entry in the label list that * matches the passed string or NULL if not found. */ struct smack_known *smk_find_entry(const char *string) { … } /** * smk_parse_smack - parse smack label from a text string * @string: a text string that might contain a Smack label * @len: the maximum size, or zero if it is NULL terminated. * * Returns a pointer to the clean label or an error code. */ char *smk_parse_smack(const char *string, int len) { … } /** * smk_netlbl_mls - convert a catset to netlabel mls categories * @level: MLS sensitivity level * @catset: the Smack categories * @sap: where to put the netlabel categories * @len: number of bytes for the levels in a CIPSO IP option * * Allocates and fills attr.mls * Returns 0 on success, error code on failure. */ int smk_netlbl_mls(int level, char *catset, struct netlbl_lsm_secattr *sap, int len) { … } /** * smack_populate_secattr - fill in the smack_known netlabel information * @skp: pointer to the structure to fill * * Populate the netlabel secattr structure for a Smack label. * * Returns 0 unless creating the category mapping fails */ int smack_populate_secattr(struct smack_known *skp) { … } /** * smk_import_entry - import a label, return the list entry * @string: a text string that might be a Smack label * @len: the maximum size, or zero if it is NULL terminated. * * Returns a pointer to the entry in the label list that * matches the passed string, adding it if necessary, * or an error code. */ struct smack_known *smk_import_entry(const char *string, int len) { … } /** * smack_from_secid - find the Smack label associated with a secid * @secid: an integer that might be associated with a Smack label * * Returns a pointer to the appropriate Smack label entry if there is one, * otherwise a pointer to the invalid Smack label. */ struct smack_known *smack_from_secid(const u32 secid) { … } /* * Unless a process is running with one of these labels * even having CAP_MAC_OVERRIDE isn't enough to grant * privilege to violate MAC policy. If no labels are * designated (the empty list case) capabilities apply to * everyone. */ LIST_HEAD(…); DEFINE_MUTEX(…) …; /** * smack_privileged_cred - are all privilege requirements met by cred * @cap: The requested capability * @cred: the credential to use * * Is the task privileged and allowed to be privileged * by the onlycap rule. * * Returns true if the task is allowed to be privileged, false if it's not. */ bool smack_privileged_cred(int cap, const struct cred *cred) { … } /** * smack_privileged - are all privilege requirements met * @cap: The requested capability * * Is the task privileged and allowed to be privileged * by the onlycap rule. * * Returns true if the task is allowed to be privileged, false if it's not. */ bool smack_privileged(int cap) { … }
Codebase Browser
linux