Linux/akari/lsm-2.6.0-vfs.c

Version: ~ [ linux-5.5-rc1 ] ~ [ linux-5.4.2 ] ~ [ linux-5.3.15 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.88 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.158 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.206 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.206 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.78 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

1 /* 2 * lsm.c 3 * 4 * Copyright (C) 2010-2015 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 5 * 6 * Version: 1.0.35 2015/11/11 7 */ 8 9 #include "internal.h" 10 #include "probe.h" 11 12 /* Prototype definition. */ 13 14 /* Dummy security context for avoiding NULL pointer dereference. */ 15 extern struct ccs_security ccs_oom_security; 16 /* Dummy security context for avoiding NULL pointer dereference. */ 17 extern struct ccs_security ccs_default_security; 18 /* Dummy marker for calling security_bprm_free(). */ 19 static const unsigned long ccs_bprm_security; 20 21 /* For exporting variables and functions. */ 22 struct ccsecurity_exports ccsecurity_exports; 23 /* Members are updated by loadable kernel module. */ 24 struct ccsecurity_operations ccsecurity_ops; 25 26 /* Function pointers originally registered by register_security(). */ 27 static struct security_operations original_security_ops /* = *security_ops; */; 28 29 #ifdef CONFIG_AKARI_TRACE_EXECVE_COUNT 30 31 /** 32 * ccs_update_ee_counter - Update "struct ccs_execve" counter. 33 * 34 * @count: Count to increment or decrement. 35 * 36 * Returns updated counter. 37 */ 38 static unsigned int ccs_update_ee_counter(int count) 39 { 40 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 10) || defined(atomic_add_return) 41 /* Debug counter for detecting "struct ccs_execve" memory leak. */ 42 static atomic_t ccs_ee_counter = ATOMIC_INIT(0); 43 return atomic_add_return(count, &ccs_ee_counter); 44 #else 45 static DEFINE_SPINLOCK(ccs_ee_lock); 46 static unsigned int ccs_ee_counter; 47 unsigned long flags; 48 spin_lock_irqsave(&ccs_ee_lock, flags); 49 ccs_ee_counter += count; 50 count = ccs_ee_counter; 51 spin_unlock_irqrestore(&ccs_ee_lock, flags); 52 return count; 53 #endif 54 } 55 56 /** 57 * ccs_audit_alloc_execve - Audit allocation of "struct ccs_execve". 58 * 59 * @ee: Pointer to "struct ccs_execve". 60 * 61 * Returns nothing. 62 */ 63 void ccs_audit_alloc_execve(const struct ccs_execve * const ee) 64 { 65 printk(KERN_INFO "AKARI: Allocated %p by pid=%u (count=%u)\n", ee, 66 current->pid, ccs_update_ee_counter(1) - 1); 67 } 68 69 /** 70 * ccs_audit_free_execve - Audit release of "struct ccs_execve". 71 * 72 * @ee: Pointer to "struct ccs_execve". 73 * @task: True if released by current task, false otherwise. 74 * 75 * Returns nothing. 76 */ 77 void ccs_audit_free_execve(const struct ccs_execve * const ee, 78 const bool is_current) 79 { 80 const unsigned int tmp = ccs_update_ee_counter(-1); 81 if (is_current) 82 printk(KERN_INFO "AKARI: Releasing %p by pid=%u (count=%u)\n", 83 ee, current->pid, tmp); 84 else 85 printk(KERN_INFO "AKARI: Releasing %p by kernel (count=%u)\n", 86 ee, tmp); 87 } 88 89 #endif 90 91 #if !defined(CONFIG_AKARI_DEBUG) 92 #define ccs_debug_trace(pos) do { } while (0) 93 #else 94 #define ccs_debug_trace(pos) \ 95 do { \ 96 static bool done; \ 97 if (!done) { \ 98 printk(KERN_INFO \ 99 "AKARI: Debug trace: " pos " of 4\n"); \ 100 done = true; \ 101 } \ 102 } while (0) 103 #endif 104 105 /** 106 * ccs_clear_execve - Release memory used by do_execve(). 107 * 108 * @ret: 0 if do_execve() succeeded, negative value otherwise. 109 * @security: Pointer to "struct ccs_security". 110 * 111 * Returns nothing. 112 */ 113 static void ccs_clear_execve(int ret, struct ccs_security *security) 114 { 115 struct ccs_execve *ee; 116 if (security == &ccs_default_security || security == &ccs_oom_security) 117 return; 118 ee = security->ee; 119 security->ee = NULL; 120 if (!ee) 121 return; 122 ccs_finish_execve(ret, ee); 123 } 124 125 /** 126 * ccs_task_alloc_security - Allocate memory for new tasks. 127 * 128 * @p: Pointer to "struct task_struct". 129 * 130 * Returns 0 on success, negative value otherwise. 131 */ 132 static int ccs_task_alloc_security(struct task_struct *p) 133 { 134 int rc = ccs_alloc_task_security(p); 135 if (rc) 136 return rc; 137 while (!original_security_ops.task_alloc_security); 138 rc = original_security_ops.task_alloc_security(p); 139 if (rc) 140 ccs_free_task_security(p); 141 return rc; 142 } 143 144 /** 145 * ccs_task_free_security - Release memory for "struct task_struct". 146 * 147 * @p: Pointer to "struct task_struct". 148 * 149 * Returns nothing. 150 */ 151 static void ccs_task_free_security(struct task_struct *p) 152 { 153 while (!original_security_ops.task_free_security); 154 original_security_ops.task_free_security(p); 155 ccs_free_task_security(p); 156 } 157 158 /** 159 * ccs_bprm_alloc_security - Allocate memory for "struct linux_binprm". 160 * 161 * @bprm: Pointer to "struct linux_binprm". 162 * 163 * Returns 0 on success, negative value otherwise. 164 */ 165 static int ccs_bprm_alloc_security(struct linux_binprm *bprm) 166 { 167 int rc; 168 while (!original_security_ops.bprm_alloc_security); 169 rc = original_security_ops.bprm_alloc_security(bprm); 170 if (bprm->security || rc) 171 return rc; 172 /* 173 * Update bprm->security to &ccs_bprm_security so that 174 * security_bprm_free() is called even if do_execve() failed at 175 * search_binary_handler() without allocating memory at 176 * security_bprm_alloc(). This trick assumes that active LSM module 177 * does not access bprm->security if that module did not allocate 178 * memory at security_bprm_alloc(). 179 */ 180 bprm->security = (void *) &ccs_bprm_security; 181 return 0; 182 } 183 184 /** 185 * ccs_bprm_free_security - Release memory for "struct linux_binprm". 186 * 187 * @bprm: Pointer to "struct linux_binprm". 188 * 189 * Returns nothing. 190 */ 191 static void ccs_bprm_free_security(struct linux_binprm *bprm) 192 { 193 /* 194 * If do_execve() succeeded, bprm->security will be updated to NULL at 195 * security_bprm_compute_creds()/security_bprm_apply_creds() if 196 * bprm->security was set to &ccs_bprm_security at 197 * security_bprm_alloc(). 198 * 199 * If do_execve() failed, bprm->security remains at &ccs_bprm_security 200 * if bprm->security was set to &ccs_bprm_security at 201 * security_bprm_alloc(). 202 * 203 * And do_execve() does not call security_bprm_free() if do_execve() 204 * failed and bprm->security == NULL. Therefore, do not call 205 * original_security_ops.bprm_free_security() if bprm->security remains 206 * at &ccs_bprm_security . 207 */ 208 if (bprm->security != &ccs_bprm_security) { 209 while (!original_security_ops.bprm_free_security); 210 original_security_ops.bprm_free_security(bprm); 211 } 212 /* 213 * If do_execve() succeeded, 214 * ccs_clear_execve(0, ccs_current_security()); 215 * is called before calling below one. 216 * Thus, below call becomes no-op if do_execve() succeeded. 217 */ 218 ccs_clear_execve(-1, ccs_current_security()); 219 } 220 221 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 6) 222 223 /** 224 * ccs_bprm_compute_creds - A hook which is called when do_execve() succeeded. 225 * 226 * @bprm: Pointer to "struct linux_binprm". 227 * 228 * Returns nothing. 229 */ 230 static void ccs_bprm_compute_creds(struct linux_binprm *bprm) 231 { 232 if (bprm->security == &ccs_bprm_security) 233 bprm->security = NULL; 234 while (!original_security_ops.bprm_compute_creds); 235 original_security_ops.bprm_compute_creds(bprm); 236 ccs_clear_execve(0, ccs_current_security()); 237 } 238 239 #else 240 241 /** 242 * ccs_bprm_apply_creds - A hook which is called when do_execve() succeeded. 243 * 244 * @bprm: Pointer to "struct linux_binprm". 245 * @unsafe: Unsafe flag. 246 * 247 * Returns nothing. 248 */ 249 static void ccs_bprm_apply_creds(struct linux_binprm *bprm, int unsafe) 250 { 251 if (bprm->security == &ccs_bprm_security) 252 bprm->security = NULL; 253 while (!original_security_ops.bprm_apply_creds); 254 original_security_ops.bprm_apply_creds(bprm, unsafe); 255 ccs_clear_execve(0, ccs_current_security()); 256 } 257 258 #endif 259 260 /** 261 * ccs_bprm_check_security - Check permission for execve(). 262 * 263 * @bprm: Pointer to "struct linux_binprm". 264 * 265 * Returns 0 on success, negative value otherwise. 266 */ 267 static int ccs_bprm_check_security(struct linux_binprm *bprm) 268 { 269 struct ccs_security *security = ccs_current_security(); 270 if (security == &ccs_default_security || security == &ccs_oom_security) 271 return -ENOMEM; 272 if (!security->ee) { 273 int rc; 274 #ifndef CONFIG_CCSECURITY_OMIT_USERSPACE_LOADER 275 if (!ccs_policy_loaded) 276 ccs_load_policy(bprm->filename); 277 #endif 278 rc = ccs_start_execve(bprm, &security->ee); 279 if (rc) 280 return rc; 281 } 282 while (!original_security_ops.bprm_check_security); 283 return original_security_ops.bprm_check_security(bprm); 284 } 285 286 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 24) 287 288 /** 289 * ccs_open - Check permission for open(). 290 * 291 * @f: Pointer to "struct file". 292 * 293 * Returns 0 on success, negative value otherwise. 294 */ 295 static int ccs_open(struct file *f) 296 { 297 return ccs_open_permission(f->f_path.dentry, f->f_path.mnt, 298 f->f_flags + 1); 299 } 300 301 #endif 302 303 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 24) 304 305 /** 306 * ccs_dentry_open - Check permission for open(). 307 * 308 * @f: Pointer to "struct file". 309 * 310 * Returns 0 on success, negative value otherwise. 311 */ 312 static int ccs_dentry_open(struct file *f) 313 { 314 int rc = ccs_open(f); 315 if (rc) 316 return rc; 317 while (!original_security_ops.dentry_open); 318 return original_security_ops.dentry_open(f); 319 } 320 321 #else 322 323 /** 324 * ccs_open - Check permission for open(). 325 * 326 * @inode: Pointer to "struct inode". 327 * @mask: Open mode. 328 * @nd: Pointer to "struct nameidata". 329 * 330 * Returns 0 on success, negative value otherwise. 331 */ 332 static int ccs_open(struct inode *inode, int mask, struct nameidata *nd) 333 { 334 int flags; 335 if (!nd || !nd->dentry) 336 return 0; 337 /* open_exec() passes MAY_EXEC . */ 338 if (mask == MAY_EXEC && inode && S_ISREG(inode->i_mode) && 339 (ccs_current_flags() & CCS_TASK_IS_IN_EXECVE)) 340 mask = MAY_READ; 341 /* 342 * This flags value is passed to ACC_MODE(). 343 * ccs_open_permission() for older versions uses old ACC_MODE(). 344 */ 345 switch (mask & (MAY_READ | MAY_WRITE)) { 346 case MAY_READ: 347 flags = 01; 348 break; 349 case MAY_WRITE: 350 flags = 02; 351 break; 352 case MAY_READ | MAY_WRITE: 353 flags = 03; 354 break; 355 default: 356 return 0; 357 } 358 return ccs_open_permission(nd->dentry, nd->mnt, flags); 359 } 360 361 /** 362 * ccs_inode_permission - Check permission for open(). 363 * 364 * @inode: Pointer to "struct inode". 365 * @mask: Open mode. 366 * @nd: Pointer to "struct nameidata". 367 * 368 * Returns 0 on success, negative value otherwise. 369 * 370 * Note that this hook is called from permission(), and may not be called for 371 * open(). Maybe it is better to use security_file_permission(). 372 */ 373 static int ccs_inode_permission(struct inode *inode, int mask, 374 struct nameidata *nd) 375 { 376 int rc = ccs_open(inode, mask, nd); 377 if (rc) 378 return rc; 379 while (!original_security_ops.inode_permission); 380 return original_security_ops.inode_permission(inode, mask, nd); 381 } 382 383 #endif 384 385 /** 386 * ccs_inode_setattr - Check permission for chown()/chgrp()/chmod()/truncate(). 387 * 388 * @dentry: Pointer to "struct dentry". 389 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 390 * @attr: Pointer to "struct iattr". 391 * 392 * Returns 0 on success, negative value otherwise. 393 */ 394 static int ccs_inode_setattr(struct dentry *dentry, struct vfsmount *mnt, 395 struct iattr *attr) 396 { 397 int rc = 0; 398 if (attr->ia_valid & ATTR_UID) 399 rc = ccs_chown_permission(dentry, mnt, attr->ia_uid, -1); 400 if (!rc && (attr->ia_valid & ATTR_GID)) 401 rc = ccs_chown_permission(dentry, mnt, -1, attr->ia_gid); 402 if (!rc && (attr->ia_valid & ATTR_MODE)) 403 rc = ccs_chmod_permission(dentry, mnt, attr->ia_mode); 404 if (!rc && (attr->ia_valid & ATTR_SIZE)) 405 rc = ccs_truncate_permission(dentry, mnt); 406 if (rc) 407 return rc; 408 while (!original_security_ops.inode_setattr); 409 return original_security_ops.inode_setattr(dentry, mnt, attr); 410 } 411 412 /** 413 * ccs_inode_getattr - Check permission for stat(). 414 * 415 * @mnt: Pointer to "struct vfsmount". 416 * @dentry: Pointer to "struct dentry". 417 * 418 * Returns 0 on success, negative value otherwise. 419 */ 420 static int ccs_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) 421 { 422 int rc = ccs_getattr_permission(mnt, dentry); 423 if (rc) 424 return rc; 425 while (!original_security_ops.inode_getattr); 426 return original_security_ops.inode_getattr(mnt, dentry); 427 } 428 429 /** 430 * ccs_inode_mknod - Check permission for mknod(). 431 * 432 * @dir: Pointer to "struct inode". 433 * @dentry: Pointer to "struct dentry". 434 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 435 * @mode: Create mode. 436 * @dev: Device major/minor number. 437 * 438 * Returns 0 on success, negative value otherwise. 439 */ 440 static int ccs_inode_mknod(struct inode *dir, struct dentry *dentry, 441 struct vfsmount *mnt, int mode, dev_t dev) 442 { 443 int rc = ccs_mknod_permission(dentry, mnt, mode, dev); 444 if (rc) 445 return rc; 446 while (!original_security_ops.inode_mknod); 447 return original_security_ops.inode_mknod(dir, dentry, mnt, mode, dev); 448 } 449 450 /** 451 * ccs_inode_mkdir - Check permission for mkdir(). 452 * 453 * @dir: Pointer to "struct inode". 454 * @dentry: Pointer to "struct dentry". 455 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 456 * @mode: Create mode. 457 * 458 * Returns 0 on success, negative value otherwise. 459 */ 460 static int ccs_inode_mkdir(struct inode *dir, struct dentry *dentry, 461 struct vfsmount *mnt, int mode) 462 { 463 int rc = ccs_mkdir_permission(dentry, mnt, mode); 464 if (rc) 465 return rc; 466 while (!original_security_ops.inode_mkdir); 467 return original_security_ops.inode_mkdir(dir, dentry, mnt, mode); 468 } 469 470 /** 471 * ccs_inode_rmdir - Check permission for rmdir(). 472 * 473 * @dir: Pointer to "struct inode". 474 * @dentry: Pointer to "struct dentry". 475 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 476 * 477 * Returns 0 on success, negative value otherwise. 478 */ 479 static int ccs_inode_rmdir(struct inode *dir, struct dentry *dentry, 480 struct vfsmount *mnt) 481 { 482 int rc = ccs_rmdir_permission(dentry, mnt); 483 if (rc) 484 return rc; 485 while (!original_security_ops.inode_rmdir); 486 return original_security_ops.inode_rmdir(dir, dentry, mnt); 487 } 488 489 /** 490 * ccs_inode_unlink - Check permission for unlink(). 491 * 492 * @dir: Pointer to "struct inode". 493 * @dentry: Pointer to "struct dentry". 494 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 495 * 496 * Returns 0 on success, negative value otherwise. 497 */ 498 static int ccs_inode_unlink(struct inode *dir, struct dentry *dentry, 499 struct vfsmount *mnt) 500 { 501 int rc = ccs_unlink_permission(dentry, mnt); 502 if (rc) 503 return rc; 504 while (!original_security_ops.inode_unlink); 505 return original_security_ops.inode_unlink(dir, dentry, mnt); 506 } 507 508 /** 509 * ccs_inode_symlink - Check permission for symlink(). 510 * 511 * @dir: Pointer to "struct inode". 512 * @dentry: Pointer to "struct dentry". 513 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 514 * @old_name: Content of symbolic link. 515 * 516 * Returns 0 on success, negative value otherwise. 517 */ 518 static int ccs_inode_symlink(struct inode *dir, struct dentry *dentry, 519 struct vfsmount *mnt, const char *old_name) 520 { 521 int rc = ccs_symlink_permission(dentry, mnt, old_name); 522 if (rc) 523 return rc; 524 while (!original_security_ops.inode_symlink); 525 return original_security_ops.inode_symlink(dir, dentry, mnt, old_name); 526 } 527 528 /** 529 * ccs_inode_rename - Check permission for rename(). 530 * 531 * @old_dir: Pointer to "struct inode". 532 * @old_dentry: Pointer to "struct dentry". 533 * @old_mnt: Pointer to "struct vfsmount". Maybe NULL. 534 * @new_dir: Pointer to "struct inode". 535 * @new_dentry: Pointer to "struct dentry". 536 * @new_mnt: Pointer to "struct vfsmount". Maybe NULL. 537 * 538 * Returns 0 on success, negative value otherwise. 539 */ 540 static int ccs_inode_rename(struct inode *old_dir, struct dentry *old_dentry, 541 struct vfsmount *old_mnt, struct inode *new_dir, 542 struct dentry *new_dentry, 543 struct vfsmount *new_mnt) 544 { 545 int rc = ccs_rename_permission(old_dentry, new_dentry, new_mnt); 546 if (rc) 547 return rc; 548 while (!original_security_ops.inode_rename); 549 return original_security_ops.inode_rename(old_dir, old_dentry, old_mnt, 550 new_dir, new_dentry, 551 new_mnt); 552 } 553 554 /** 555 * ccs_inode_link - Check permission for link(). 556 * 557 * @old_dentry: Pointer to "struct dentry". 558 * @old_mnt: Pointer to "struct vfsmount". Maybe NULL. 559 * @dir: Pointer to "struct inode". 560 * @new_dentry: Pointer to "struct dentry". 561 * @new_mnt: Pointer to "struct vfsmount". Maybe NULL. 562 * 563 * Returns 0 on success, negative value otherwise. 564 */ 565 static int ccs_inode_link(struct dentry *old_dentry, struct vfsmount *old_mnt, 566 struct inode *dir, struct dentry *new_dentry, 567 struct vfsmount *new_mnt) 568 { 569 int rc = ccs_link_permission(old_dentry, new_dentry, new_mnt); 570 if (rc) 571 return rc; 572 while (!original_security_ops.inode_link); 573 return original_security_ops.inode_link(old_dentry, old_mnt, dir, 574 new_dentry, new_mnt); 575 } 576 577 /** 578 * ccs_inode_create - Check permission for creat(). 579 * 580 * @dir: Pointer to "struct inode". 581 * @dentry: Pointer to "struct dentry". 582 * @mnt: Pointer to "struct vfsmount". Maybe NULL. 583 * @mode: Create mode. 584 * 585 * Returns 0 on success, negative value otherwise. 586 */ 587 static int ccs_inode_create(struct inode *dir, struct dentry *dentry, 588 struct vfsmount *mnt, int mode) 589 { 590 int rc = ccs_mknod_permission(dentry, mnt, mode, 0); 591 if (rc) 592 return rc; 593 while (!original_security_ops.inode_create); 594 return original_security_ops.inode_create(dir, dentry, mnt, mode); 595 } 596 597 #ifdef CONFIG_SECURITY_NETWORK 598 599 #include <net/sock.h> 600 601 /* Structure for remembering an accept()ed socket's status. */ 602 struct ccs_socket_tag { 603 struct list_head list; 604 struct inode *inode; 605 int status; 606 struct rcu_head rcu; 607 }; 608 609 /* 610 * List for managing accept()ed sockets. 611 * Since we don't need to keep an accept()ed socket into this list after 612 * once the permission was granted, the number of entries in this list is 613 * likely small. Therefore, we don't use hash tables. 614 */ 615 static LIST_HEAD(ccs_accepted_socket_list); 616 /* Lock for protecting ccs_accepted_socket_list . */ 617 static DEFINE_SPINLOCK(ccs_accepted_socket_list_lock); 618 619 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 8) 620 621 /** 622 * ccs_socket_rcu_free - RCU callback for releasing "struct ccs_socket_tag". 623 * 624 * @rcu: Pointer to "struct rcu_head". 625 * 626 * Returns nothing. 627 */ 628 static void ccs_socket_rcu_free(struct rcu_head *rcu) 629 { 630 struct ccs_socket_tag *ptr = container_of(rcu, typeof(*ptr), rcu); 631 kfree(ptr); 632 } 633 634 #else 635 636 /** 637 * ccs_socket_rcu_free - RCU callback for releasing "struct ccs_socket_tag". 638 * 639 * @arg: Pointer to "void". 640 * 641 * Returns nothing. 642 */ 643 static void ccs_socket_rcu_free(void *arg) 644 { 645 struct ccs_socket_tag *ptr = arg; 646 kfree(ptr); 647 } 648 649 #endif 650 651 /** 652 * ccs_update_socket_tag - Update tag associated with accept()ed sockets. 653 * 654 * @inode: Pointer to "struct inode". 655 * @status: New status. 656 * 657 * Returns nothing. 658 * 659 * If @status == 0, memory for that socket will be released after RCU grace 660 * period. 661 */ 662 static void ccs_update_socket_tag(struct inode *inode, int status) 663 { 664 struct ccs_socket_tag *ptr; 665 /* 666 * Protect whole section because multiple threads may call this 667 * function with same "sock" via ccs_validate_socket(). 668 */ 669 spin_lock(&ccs_accepted_socket_list_lock); 670 rcu_read_lock(); 671 list_for_each_entry_rcu(ptr, &ccs_accepted_socket_list, list) { 672 if (ptr->inode != inode) 673 continue; 674 ptr->status = status; 675 if (status) 676 break; 677 list_del_rcu(&ptr->list); 678 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 8) 679 call_rcu(&ptr->rcu, ccs_socket_rcu_free); 680 #else 681 call_rcu(&ptr->rcu, ccs_socket_rcu_free, ptr); 682 #endif 683 break; 684 } 685 rcu_read_unlock(); 686 spin_unlock(&ccs_accepted_socket_list_lock); 687 } 688 689 /** 690 * ccs_validate_socket - Check post accept() permission if needed. 691 * 692 * @sock: Pointer to "struct socket". 693 * 694 * Returns 0 on success, negative value otherwise. 695 */ 696 static int ccs_validate_socket(struct socket *sock) 697 { 698 struct inode *inode = SOCK_INODE(sock); 699 struct ccs_socket_tag *ptr; 700 int ret = 0; 701 rcu_read_lock(); 702 list_for_each_entry_rcu(ptr, &ccs_accepted_socket_list, list) { 703 if (ptr->inode != inode) 704 continue; 705 ret = ptr->status; 706 break; 707 } 708 rcu_read_unlock(); 709 if (ret <= 0) 710 /* 711 * This socket is not an accept()ed socket or this socket is 712 * an accept()ed socket and post accept() permission is done. 713 */ 714 return ret; 715 /* 716 * Check post accept() permission now. 717 * 718 * Strictly speaking, we need to pass both listen()ing socket and 719 * accept()ed socket to __ccs_socket_post_accept_permission(). 720 * But since socket's family and type are same for both sockets, 721 * passing the accept()ed socket in place for the listen()ing socket 722 * will work. 723 */ 724 ret = ccs_socket_post_accept_permission(sock, sock); 725 /* 726 * If permission was granted, we forget that this is an accept()ed 727 * socket. Otherwise, we remember that this socket needs to return 728 * error for subsequent socketcalls. 729 */ 730 ccs_update_socket_tag(inode, ret); 731 return ret; 732 } 733 734 /** 735 * ccs_socket_accept - Check permission for accept(). 736 * 737 * @sock: Pointer to "struct socket". 738 * @newsock: Pointer to "struct socket". 739 * 740 * Returns 0 on success, negative value otherwise. 741 * 742 * This hook is used for setting up environment for doing post accept() 743 * permission check. If dereferencing sock->ops->something() were ordered by 744 * rcu_dereference(), we could replace sock->ops with "a copy of original 745 * sock->ops with modified sock->ops->accept()" using rcu_assign_pointer() 746 * in order to do post accept() permission check before returning to userspace. 747 * If we make the copy in security_socket_post_create(), it would be possible 748 * to safely replace sock->ops here, but we don't do so because we don't want 749 * to allocate memory for sockets which do not call sock->ops->accept(). 750 * Therefore, we do post accept() permission check upon next socket syscalls 751 * rather than between sock->ops->accept() and returning to userspace. 752 * This means that if a socket was close()d before calling some socket 753 * syscalls, post accept() permission check will not be done. 754 */ 755 static int ccs_socket_accept(struct socket *sock, struct socket *newsock) 756 { 757 struct ccs_socket_tag *ptr; 758 int rc = ccs_validate_socket(sock); 759 if (rc < 0) 760 return rc; 761 ptr = kzalloc(sizeof(*ptr), GFP_KERNEL); 762 if (!ptr) 763 return -ENOMEM; 764 while (!original_security_ops.socket_accept); 765 rc = original_security_ops.socket_accept(sock, newsock); 766 if (rc) { 767 kfree(ptr); 768 return rc; 769 } 770 /* 771 * Subsequent LSM hooks will receive "newsock". Therefore, I mark 772 * "newsock" as "an accept()ed socket but post accept() permission 773 * check is not done yet" by allocating memory using inode of the 774 * "newsock" as a search key. 775 */ 776 ptr->inode = SOCK_INODE(newsock); 777 ptr->status = 1; /* Check post accept() permission later. */ 778 spin_lock(&ccs_accepted_socket_list_lock); 779 list_add_tail_rcu(&ptr->list, &ccs_accepted_socket_list); 780 spin_unlock(&ccs_accepted_socket_list_lock); 781 return 0; 782 } 783 784 /** 785 * ccs_socket_listen - Check permission for listen(). 786 * 787 * @sock: Pointer to "struct socket". 788 * @backlog: Backlog parameter. 789 * 790 * Returns 0 on success, negative value otherwise. 791 */ 792 static int ccs_socket_listen(struct socket *sock, int backlog) 793 { 794 int rc = ccs_validate_socket(sock); 795 if (rc < 0) 796 return rc; 797 rc = ccs_socket_listen_permission(sock); 798 if (rc) 799 return rc; 800 while (!original_security_ops.socket_listen); 801 return original_security_ops.socket_listen(sock, backlog); 802 } 803 804 /** 805 * ccs_socket_connect - Check permission for connect(). 806 * 807 * @sock: Pointer to "struct socket". 808 * @addr: Pointer to "struct sockaddr". 809 * @addr_len: Size of @addr. 810 * 811 * Returns 0 on success, negative value otherwise. 812 */ 813 static int ccs_socket_connect(struct socket *sock, struct sockaddr *addr, 814 int addr_len) 815 { 816 int rc = ccs_validate_socket(sock); 817 if (rc < 0) 818 return rc; 819 rc = ccs_socket_connect_permission(sock, addr, addr_len); 820 if (rc) 821 return rc; 822 while (!original_security_ops.socket_connect); 823 return original_security_ops.socket_connect(sock, addr, addr_len); 824 } 825 826 /** 827 * ccs_socket_bind - Check permission for bind(). 828 * 829 * @sock: Pointer to "struct socket". 830 * @addr: Pointer to "struct sockaddr". 831 * @addr_len: Size of @addr. 832 * 833 * Returns 0 on success, negative value otherwise. 834 */ 835 static int ccs_socket_bind(struct socket *sock, struct sockaddr *addr, 836 int addr_len) 837 { 838 int rc = ccs_validate_socket(sock); 839 if (rc < 0) 840 return rc; 841 rc = ccs_socket_bind_permission(sock, addr, addr_len); 842 if (rc) 843 return rc; 844 while (!original_security_ops.socket_bind); 845 return original_security_ops.socket_bind(sock, addr, addr_len); 846 } 847 848 /** 849 * ccs_socket_sendmsg - Check permission for sendmsg(). 850 * 851 * @sock: Pointer to "struct socket". 852 * @msg: Pointer to "struct msghdr". 853 * @size: Size of message. 854 * 855 * Returns 0 on success, negative value otherwise. 856 */ 857 static int ccs_socket_sendmsg(struct socket *sock, struct msghdr *msg, 858 int size) 859 { 860 int rc = ccs_validate_socket(sock); 861 if (rc < 0) 862 return rc; 863 rc = ccs_socket_sendmsg_permission(sock, msg, size); 864 if (rc) 865 return rc; 866 while (!original_security_ops.socket_sendmsg); 867 return original_security_ops.socket_sendmsg(sock, msg, size); 868 } 869 870 /** 871 * ccs_socket_recvmsg - Check permission for recvmsg(). 872 * 873 * @sock: Pointer to "struct socket". 874 * @msg: Pointer to "struct msghdr". 875 * @size: Size of message. 876 * @flags: Flags. 877 * 878 * Returns 0 on success, negative value otherwise. 879 */ 880 static int ccs_socket_recvmsg(struct socket *sock, struct msghdr *msg, 881 int size, int flags) 882 { 883 int rc = ccs_validate_socket(sock); 884 if (rc < 0) 885 return rc; 886 while (!original_security_ops.socket_recvmsg); 887 return original_security_ops.socket_recvmsg(sock, msg, size, flags); 888 } 889 890 /** 891 * ccs_socket_getsockname - Check permission for getsockname(). 892 * 893 * @sock: Pointer to "struct socket". 894 * 895 * Returns 0 on success, negative value otherwise. 896 */ 897 static int ccs_socket_getsockname(struct socket *sock) 898 { 899 int rc = ccs_validate_socket(sock); 900 if (rc < 0) 901 return rc; 902 while (!original_security_ops.socket_getsockname); 903 return original_security_ops.socket_getsockname(sock); 904 } 905 906 /** 907 * ccs_socket_getpeername - Check permission for getpeername(). 908 * 909 * @sock: Pointer to "struct socket". 910 * 911 * Returns 0 on success, negative value otherwise. 912 */ 913 static int ccs_socket_getpeername(struct socket *sock) 914 { 915 int rc = ccs_validate_socket(sock); 916 if (rc < 0) 917 return rc; 918 while (!original_security_ops.socket_getpeername); 919 return original_security_ops.socket_getpeername(sock); 920 } 921 922 /** 923 * ccs_socket_getsockopt - Check permission for getsockopt(). 924 * 925 * @sock: Pointer to "struct socket". 926 * @level: Level. 927 * @optname: Option's name, 928 * 929 * Returns 0 on success, negative value otherwise. 930 */ 931 static int ccs_socket_getsockopt(struct socket *sock, int level, int optname) 932 { 933 int rc = ccs_validate_socket(sock); 934 if (rc < 0) 935 return rc; 936 while (!original_security_ops.socket_getsockopt); 937 return original_security_ops.socket_getsockopt(sock, level, optname); 938 } 939 940 /** 941 * ccs_socket_setsockopt - Check permission for setsockopt(). 942 * 943 * @sock: Pointer to "struct socket". 944 * @level: Level. 945 * @optname: Option's name, 946 * 947 * Returns 0 on success, negative value otherwise. 948 */ 949 static int ccs_socket_setsockopt(struct socket *sock, int level, int optname) 950 { 951 int rc = ccs_validate_socket(sock); 952 if (rc < 0) 953 return rc; 954 while (!original_security_ops.socket_setsockopt); 955 return original_security_ops.socket_setsockopt(sock, level, optname); 956 } 957 958 /** 959 * ccs_socket_shutdown - Check permission for shutdown(). 960 * 961 * @sock: Pointer to "struct socket". 962 * @how: Shutdown mode. 963 * 964 * Returns 0 on success, negative value otherwise. 965 */ 966 static int ccs_socket_shutdown(struct socket *sock, int how) 967 { 968 int rc = ccs_validate_socket(sock); 969 if (rc < 0) 970 return rc; 971 while (!original_security_ops.socket_shutdown); 972 return original_security_ops.socket_shutdown(sock, how); 973 } 974 975 #define SOCKFS_MAGIC 0x534F434B 976 977 /** 978 * ccs_inode_free_security - Release memory associated with an inode. 979 * 980 * @inode: Pointer to "struct inode". 981 * 982 * Returns nothing. 983 * 984 * We use this hook for releasing memory associated with an accept()ed socket. 985 */ 986 static void ccs_inode_free_security(struct inode *inode) 987 { 988 while (!original_security_ops.inode_free_security); 989 original_security_ops.inode_free_security(inode); 990 if (inode->i_sb && inode->i_sb->s_magic == SOCKFS_MAGIC) 991 ccs_update_socket_tag(inode, 0); 992 } 993 994 #endif 995 996 #if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 24) 997 998 /** 999 * ccs_sb_pivotroot - Check permission for pivot_root(). 1000 * 1001 * @old_nd: Pointer to "struct nameidata". 1002 * @new_nd: Pointer to "struct nameidata". 1003 * 1004 * Returns 0 on success, negative value otherwise. 1005 */ 1006 static int ccs_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd) 1007 { 1008 int rc = ccs_pivot_root_permission(old_nd, new_nd); 1009 if (rc) 1010 return rc; 1011 while (!original_security_ops.sb_pivotroot); 1012 return original_security_ops.sb_pivotroot(old_nd, new_nd); 1013 } 1014 1015 /** 1016 * ccs_sb_mount - Check permission for mount(). 1017 * 1018 * @dev_name: Name of device file. 1019 * @nd: Pointer to "struct nameidata". 1020 * @type: Name of filesystem type. Maybe NULL. 1021 * @flags: Mount options. 1022 * @data_page: Optional data. Maybe NULL. 1023 * 1024 * Returns 0 on success, negative value otherwise. 1025 */ 1026 static int ccs_sb_mount(char *dev_name, struct nameidata *nd, char *type, 1027 unsigned long flags, void *data_page) 1028 { 1029 int rc = ccs_mount_permission(dev_name, nd, type, flags, data_page); 1030 if (rc) 1031 return rc; 1032 while (!original_security_ops.sb_mount); 1033 return original_security_ops.sb_mount(dev_name, nd, type, flags, 1034 data_page); 1035 } 1036 1037 #elif LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 26) 1038 1039 /** 1040 * ccs_sb_pivotroot - Check permission for pivot_root(). 1041 * 1042 * @old_nd: Pointer to "struct nameidata". 1043 * @new_nd: Pointer to "struct nameidata". 1044 * 1045 * Returns 0 on success, negative value otherwise. 1046 */ 1047 static int ccs_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd) 1048 { 1049 int rc = ccs_pivot_root_permission(&old_nd->path, &new_nd->path); 1050 if (rc) 1051 return rc; 1052 while (!original_security_ops.sb_pivotroot); 1053 return original_security_ops.sb_pivotroot(old_nd, new_nd); 1054 } 1055 1056 /** 1057 * ccs_sb_mount - Check permission for mount(). 1058 * 1059 * @dev_name: Name of device file. 1060 * @nd: Pointer to "struct nameidata". 1061 * @type: Name of filesystem type. Maybe NULL. 1062 * @flags: Mount options. 1063 * @data_page: Optional data. Maybe NULL. 1064 * 1065 * Returns 0 on success, negative value otherwise. 1066 */ 1067 static int ccs_sb_mount(char *dev_name, struct nameidata *nd, char *type, 1068 unsigned long flags, void *data_page) 1069 { 1070 int rc = ccs_mount_permission(dev_name, &nd->path, type, flags, 1071 data_page); 1072 if (rc) 1073 return rc; 1074 while (!original_security_ops.sb_mount); 1075 return original_security_ops.sb_mount(dev_name, nd, type, flags, 1076 data_page); 1077 } 1078 1079 #else 1080 1081 /** 1082 * ccs_sb_pivotroot - Check permission for pivot_root(). 1083 * 1084 * @old_path: Pointer to "struct path". 1085 * @new_path: Pointer to "struct path". 1086 * 1087 * Returns 0 on success, negative value otherwise. 1088 */ 1089 static int ccs_sb_pivotroot(struct path *old_path, struct path *new_path) 1090 { 1091 int rc = ccs_pivot_root_permission(old_path, new_path); 1092 if (rc) 1093 return rc; 1094 while (!original_security_ops.sb_pivotroot); 1095 return original_security_ops.sb_pivotroot(old_path, new_path); 1096 } 1097 1098 /** 1099 * ccs_sb_mount - Check permission for mount(). 1100 * 1101 * @dev_name: Name of device file. 1102 * @path: Pointer to "struct path". 1103 * @type: Name of filesystem type. Maybe NULL. 1104 * @flags: Mount options. 1105 * @data_page: Optional data. Maybe NULL. 1106 * 1107 * Returns 0 on success, negative value otherwise. 1108 */ 1109 static int ccs_sb_mount(char *dev_name, struct path *path, char *type, 1110 unsigned long flags, void *data_page) 1111 { 1112 int rc = ccs_mount_permission(dev_name, path, type, flags, data_page); 1113 if (rc) 1114 return rc; 1115 while (!original_security_ops.sb_mount); 1116 return original_security_ops.sb_mount(dev_name, path, type, flags, 1117 data_page); 1118 } 1119 1120 #endif 1121 1122 /** 1123 * ccs_sb_umount - Check permission for umount(). 1124 * 1125 * @mnt: Pointer to "struct vfsmount". 1126 * @flags: Unmount flags. 1127 * 1128 * Returns 0 on success, negative value otherwise. 1129 */ 1130 static int ccs_sb_umount(struct vfsmount *mnt, int flags) 1131 { 1132 int rc = ccs_umount_permission(mnt, flags); 1133 if (rc) 1134 return rc; 1135 while (!original_security_ops.sb_umount); 1136 return original_security_ops.sb_umount(mnt, flags); 1137 } 1138 1139 /** 1140 * ccs_file_fcntl - Check permission for fcntl(). 1141 * 1142 * @file: Pointer to "struct file". 1143 * @cmd: Command number. 1144 * @arg: Value for @cmd. 1145 * 1146 * Returns 0 on success, negative value otherwise. 1147 */ 1148 static int ccs_file_fcntl(struct file *file, unsigned int cmd, 1149 unsigned long arg) 1150 { 1151 int rc = ccs_fcntl_permission(file, cmd, arg); 1152 if (rc) 1153 return rc; 1154 while (!original_security_ops.file_fcntl); 1155 return original_security_ops.file_fcntl(file, cmd, arg); 1156 } 1157 1158 /** 1159 * ccs_file_ioctl - Check permission for ioctl(). 1160 * 1161 * @filp: Pointer to "struct file". 1162 * @cmd: Command number. 1163 * @arg: Value for @cmd. 1164 * 1165 * Returns 0 on success, negative value otherwise. 1166 */ 1167 static int ccs_file_ioctl(struct file *filp, unsigned int cmd, 1168 unsigned long arg) 1169 { 1170 int rc = ccs_ioctl_permission(filp, cmd, arg); 1171 if (rc) 1172 return rc; 1173 while (!original_security_ops.file_ioctl); 1174 return original_security_ops.file_ioctl(filp, cmd, arg); 1175 } 1176 1177 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 21) && defined(CONFIG_SYSCTL_SYSCALL) 1178 int ccs_path_permission(struct ccs_request_info *r, u8 operation, 1179 const struct ccs_path_info *filename); 1180 1181 /** 1182 * ccs_prepend - Copy of prepend() in fs/dcache.c. 1183 * 1184 * @buffer: Pointer to "struct char *". 1185 * @buflen: Pointer to int which holds size of @buffer. 1186 * @str: String to copy. 1187 * 1188 * Returns 0 on success, negative value otherwise. 1189 * 1190 * @buffer and @buflen are updated upon success. 1191 */ 1192 static int ccs_prepend(char **buffer, int *buflen, const char *str) 1193 { 1194 int namelen = strlen(str); 1195 if (*buflen < namelen) 1196 return -ENOMEM; 1197 *buflen -= namelen; 1198 *buffer -= namelen; 1199 memcpy(*buffer, str, namelen); 1200 return 0; 1201 } 1202 1203 /** 1204 * ccs_sysctl_permission - Check permission for sysctl(). 1205 * 1206 * @table: Pointer to "struct ctl_table". 1207 * @op: Operation. (MAY_READ and/or MAY_WRITE) 1208 * 1209 * Returns 0 on success, negative value otherwise. 1210 */ 1211 static int ccs_sysctl(struct ctl_table *table, int op) 1212 { 1213 int error; 1214 struct ccs_path_info buf; 1215 struct ccs_request_info r; 1216 int buflen; 1217 char *buffer; 1218 int idx; 1219 while (!original_security_ops.sysctl); 1220 error = original_security_ops.sysctl(table, op); 1221 if (error) 1222 return error; 1223 op &= MAY_READ | MAY_WRITE; 1224 if (!op) 1225 return 0; 1226 buffer = NULL; 1227 buf.name = NULL; 1228 idx = ccs_read_lock(); 1229 if (ccs_init_request_info(&r, CCS_MAC_FILE_OPEN) 1230 == CCS_CONFIG_DISABLED) 1231 goto out; 1232 error = -ENOMEM; 1233 buflen = 4096; 1234 buffer = kmalloc(buflen, CCS_GFP_FLAGS); 1235 if (buffer) { 1236 char *end = buffer + buflen; 1237 *--end = '\0'; 1238 buflen--; 1239 while (table) { 1240 char num[32]; 1241 const char *sp = table->procname; 1242 if (!sp) { 1243 memset(num, 0, sizeof(num)); 1244 snprintf(num, sizeof(num) - 1, "=%d=", 1245 table->ctl_name); 1246 sp = num; 1247 } 1248 if (ccs_prepend(&end, &buflen, sp) || 1249 ccs_prepend(&end, &buflen, "/")) 1250 goto out; 1251 table = table->parent; 1252 } 1253 if (ccs_prepend(&end, &buflen, "proc:/sys")) 1254 goto out; 1255 buf.name = ccs_encode(end); 1256 } 1257 if (buf.name) { 1258 ccs_fill_path_info(&buf); 1259 if (op & MAY_READ) 1260 error = ccs_path_permission(&r, CCS_TYPE_READ, &buf); 1261 else 1262 error = 0; 1263 if (!error && (op & MAY_WRITE)) 1264 error = ccs_path_permission(&r, CCS_TYPE_WRITE, &buf); 1265 } 1266 out: 1267 ccs_read_unlock(idx); 1268 kfree(buf.name); 1269 kfree(buffer); 1270 return error; 1271 } 1272 1273 #endif 1274 1275 /* 1276 * Why not to copy all operations by "original_security_ops = *ops" ? 1277 * Because copying byte array is not atomic. Reader checks 1278 * original_security_ops.op != NULL before doing original_security_ops.op(). 1279 * Thus, modifying original_security_ops.op has to be atomic. 1280 */ 1281 #define swap_security_ops(op) \ 1282 original_security_ops.op = ops->op; smp_wmb(); ops->op = ccs_##op; 1283 1284 /** 1285 * ccs_update_security_ops - Overwrite original "struct security_operations". 1286 * 1287 * @ops: Pointer to "struct security_operations". 1288 * 1289 * Returns nothing. 1290 */ 1291 static void __init ccs_update_security_ops(struct security_operations *ops) 1292 { 1293 /* Security context allocator. */ 1294 swap_security_ops(task_alloc_security); 1295 swap_security_ops(task_free_security); 1296 swap_security_ops(bprm_alloc_security); 1297 swap_security_ops(bprm_free_security); 1298 /* Security context updater for successful execve(). */ 1299 swap_security_ops(bprm_check_security); 1300 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 6) 1301 swap_security_ops(bprm_compute_creds); 1302 #else 1303 swap_security_ops(bprm_apply_creds); 1304 #endif 1305 /* Various permission checker. */ 1306 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 24) 1307 swap_security_ops(dentry_open); 1308 #else 1309 swap_security_ops(inode_permission); 1310 #endif 1311 swap_security_ops(file_fcntl); 1312 swap_security_ops(file_ioctl); 1313 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 21) && defined(CONFIG_SYSCTL_SYSCALL) 1314 swap_security_ops(sysctl); 1315 #endif 1316 swap_security_ops(sb_pivotroot); 1317 swap_security_ops(sb_mount); 1318 swap_security_ops(sb_umount); 1319 swap_security_ops(inode_mknod); 1320 swap_security_ops(inode_mkdir); 1321 swap_security_ops(inode_rmdir); 1322 swap_security_ops(inode_unlink); 1323 swap_security_ops(inode_symlink); 1324 swap_security_ops(inode_rename); 1325 swap_security_ops(inode_link); 1326 swap_security_ops(inode_create); 1327 swap_security_ops(inode_setattr); 1328 swap_security_ops(inode_getattr); 1329 #ifdef CONFIG_SECURITY_NETWORK 1330 swap_security_ops(socket_bind); 1331 swap_security_ops(socket_connect); 1332 swap_security_ops(socket_listen); 1333 swap_security_ops(socket_sendmsg); 1334 swap_security_ops(socket_recvmsg); 1335 swap_security_ops(socket_getsockname); 1336 swap_security_ops(socket_getpeername); 1337 swap_security_ops(socket_getsockopt); 1338 swap_security_ops(socket_setsockopt); 1339 swap_security_ops(socket_shutdown); 1340 swap_security_ops(socket_accept); 1341 swap_security_ops(inode_free_security); 1342 #endif 1343 } 1344 1345 #undef swap_security_ops 1346 1347 /** 1348 * ccs_init - Initialize this module. 1349 * 1350 * Returns 0 on success, negative value otherwise. 1351 */ 1352 static int __init ccs_init(void) 1353 { 1354 struct security_operations *ops = probe_security_ops(); 1355 if (!ops) 1356 goto out; 1357 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 24) 1358 ccsecurity_exports.find_task_by_vpid = probe_find_task_by_vpid(); 1359 if (!ccsecurity_exports.find_task_by_vpid) 1360 goto out; 1361 ccsecurity_exports.find_task_by_pid_ns = probe_find_task_by_pid_ns(); 1362 if (!ccsecurity_exports.find_task_by_pid_ns) 1363 goto out; 1364 #endif 1365 ccsecurity_exports.vfsmount_lock = probe_vfsmount_lock(); 1366 if (!ccsecurity_exports.vfsmount_lock) 1367 goto out; 1368 ccs_main_init(); 1369 ccs_update_security_ops(ops); 1370 printk(KERN_INFO "AKARI: 1.0.35 2015/11/11\n"); 1371 printk(KERN_INFO 1372 "Access Keeping And Regulating Instrument registered.\n"); 1373 return 0; 1374 out: 1375 return -EINVAL; 1376 } 1377 1378 module_init(ccs_init); 1379 MODULE_LICENSE("GPL"); 1380 1381 /** 1382 * ccs_used_by_cred - Check whether the given domain is in use or not. 1383 * 1384 * @domain: Pointer to "struct ccs_domain_info". 1385 * 1386 * Returns true if @domain is in use, false otherwise. 1387 * 1388 * Caller holds rcu_read_lock(). 1389 */ 1390 bool ccs_used_by_cred(const struct ccs_domain_info *domain) 1391 { 1392 return false; 1393 } 1394

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference Linux/akari/lsm-2.6.0-vfs.c

TOMOYO Linux Cross Reference
Linux/akari/lsm-2.6.0-vfs.c