tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
tomoyo: Coding style fix.
Follow many of recommendations by scripts/checkpatch.pl, and follow
"lift switch variables out of switches" by Kees Cook.
This patch makes no functional change.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.morris@microsoft.com>
authored by
Tetsuo Handa
and committed by
James Morris
cdcf6723
8c6cb983
+309
-105
+20
-11
security/tomoyo/audit.c
+20
-11
security/tomoyo/audit.c
···
32
32
int argv_count = bprm->argc;
33
33
int envp_count = bprm->envc;
34
34
bool truncated = false;
35
+
35
36
if (!buffer)
36
37
return NULL;
37
38
len = snprintf(buffer, tomoyo_buffer_len - 1, "argv[]={ ");
···
50
49
while (offset < PAGE_SIZE) {
51
50
const char *kaddr = dump->data;
52
51
const unsigned char c = kaddr[offset++];
52
+
53
53
if (cp == last_start)
54
54
*cp++ = '"';
55
55
if (cp >= buffer + tomoyo_buffer_len - 32) {
···
156
154
char *buffer = kmalloc(tomoyo_buffer_len, GFP_NOFS);
157
155
int pos;
158
156
u8 i;
157
+
159
158
if (!buffer)
160
159
return NULL;
161
160
162
161
tomoyo_convert_time(ktime_get_real_seconds(), &stamp);
163
162
164
163
pos = snprintf(buffer, tomoyo_buffer_len - 1,
165
-
"#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s "
166
-
"granted=%s (global-pid=%u) task={ pid=%u ppid=%u "
167
-
"uid=%u gid=%u euid=%u egid=%u suid=%u sgid=%u "
168
-
"fsuid=%u fsgid=%u }", stamp.year, stamp.month,
169
-
stamp.day, stamp.hour, stamp.min, stamp.sec, r->profile,
170
-
tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid,
171
-
tomoyo_sys_getpid(), tomoyo_sys_getppid(),
164
+
"#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s granted=%s (global-pid=%u) task={ pid=%u ppid=%u uid=%u gid=%u euid=%u egid=%u suid=%u sgid=%u fsuid=%u fsgid=%u }",
165
+
stamp.year, stamp.month, stamp.day, stamp.hour,
166
+
stamp.min, stamp.sec, r->profile, tomoyo_mode[r->mode],
167
+
tomoyo_yesno(r->granted), gpid, tomoyo_sys_getpid(),
168
+
tomoyo_sys_getppid(),
172
169
from_kuid(&init_user_ns, current_uid()),
173
170
from_kgid(&init_user_ns, current_gid()),
174
171
from_kuid(&init_user_ns, current_euid()),
···
186
185
struct tomoyo_mini_stat *stat;
187
186
unsigned int dev;
188
187
umode_t mode;
188
+
189
189
if (!obj->stat_valid[i])
190
190
continue;
191
191
stat = &obj->stat[i];
···
195
193
if (i & 1) {
196
194
pos += snprintf(buffer + pos,
197
195
tomoyo_buffer_len - 1 - pos,
198
-
" path%u.parent={ uid=%u gid=%u "
199
-
"ino=%lu perm=0%o }", (i >> 1) + 1,
196
+
" path%u.parent={ uid=%u gid=%u ino=%lu perm=0%o }",
197
+
(i >> 1) + 1,
200
198
from_kuid(&init_user_ns, stat->uid),
201
199
from_kgid(&init_user_ns, stat->gid),
202
200
(unsigned long)stat->ino,
···
204
202
continue;
205
203
}
206
204
pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,
207
-
" path%u={ uid=%u gid=%u ino=%lu major=%u"
208
-
" minor=%u perm=0%o type=%s", (i >> 1) + 1,
205
+
" path%u={ uid=%u gid=%u ino=%lu major=%u minor=%u perm=0%o type=%s",
206
+
(i >> 1) + 1,
209
207
from_kuid(&init_user_ns, stat->uid),
210
208
from_kgid(&init_user_ns, stat->gid),
211
209
(unsigned long)stat->ino,
···
251
249
const char *symlink = NULL;
252
250
int pos;
253
251
const char *domainname = r->domain->domainname->name;
252
+
254
253
header = tomoyo_print_header(r);
255
254
if (!header)
256
255
return NULL;
···
259
256
len += strlen(domainname) + strlen(header) + 10;
260
257
if (r->ee) {
261
258
struct file *file = r->ee->bprm->file;
259
+
262
260
realpath = tomoyo_realpath_from_path(&file->f_path);
263
261
bprm_info = tomoyo_print_bprm(r->ee->bprm, &r->ee->dump);
264
262
if (!realpath || !bprm_info)
···
279
275
pos = snprintf(buf, len, "%s", header);
280
276
if (realpath) {
281
277
struct linux_binprm *bprm = r->ee->bprm;
278
+
282
279
pos += snprintf(buf + pos, len - pos,
283
280
" exec={ realpath=\"%s\" argc=%d envc=%d %s }",
284
281
realpath, bprm->argc, bprm->envc, bprm_info);
···
333
328
const u8 category = tomoyo_index2category[index] +
334
329
TOMOYO_MAX_MAC_INDEX;
335
330
struct tomoyo_profile *p;
331
+
336
332
if (!tomoyo_policy_loaded)
337
333
return false;
338
334
p = tomoyo_profile(ns, profile);
···
368
362
char *buf;
369
363
struct tomoyo_log *entry;
370
364
bool quota_exceeded = false;
365
+
371
366
if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type,
372
367
r->matched_acl, r->granted))
373
368
goto out;
···
420
413
{
421
414
va_list args;
422
415
int len;
416
+
423
417
va_start(args, fmt);
424
418
len = vsnprintf((char *) &len, 1, fmt, args) + 1;
425
419
va_end(args);
···
439
431
void tomoyo_read_log(struct tomoyo_io_buffer *head)
440
432
{
441
433
struct tomoyo_log *ptr = NULL;
434
+
442
435
if (head->r.w_pos)
443
436
return;
444
437
kfree(head->read_buf);
+99
-39
security/tomoyo/common.c
+99
-39
security/tomoyo/common.c
···
197
197
{
198
198
va_list args;
199
199
const int pos = strlen(buffer);
200
+
200
201
va_start(args, fmt);
201
202
vsnprintf(buffer + pos, len - pos - 1, fmt, args);
202
203
va_end(args);
···
215
214
while (head->r.w_pos) {
216
215
const char *w = head->r.w[0];
217
216
size_t len = strlen(w);
217
+
218
218
if (len) {
219
219
if (len > head->read_user_buf_avail)
220
220
len = head->read_user_buf_avail;
···
281
279
size_t len;
282
280
size_t pos = head->r.avail;
283
281
int size = head->readbuf_size - pos;
282
+
284
283
if (size <= 0)
285
284
return;
286
285
va_start(args, fmt);
···
347
344
void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns)
348
345
{
349
346
unsigned int idx;
347
+
350
348
for (idx = 0; idx < TOMOYO_MAX_ACL_GROUPS; idx++)
351
349
INIT_LIST_HEAD(&ns->acl_group[idx]);
352
350
for (idx = 0; idx < TOMOYO_MAX_GROUP; idx++)
···
437
433
u8 min_type = ptr->value_type[0];
438
434
const u8 max_type = ptr->value_type[1];
439
435
char buffer[128];
436
+
440
437
buffer[0] = '\0';
441
438
for (i = 0; i < 2; i++) {
442
439
switch (min_type) {
···
492
487
{
493
488
struct tomoyo_profile *ptr;
494
489
struct tomoyo_profile *entry;
490
+
495
491
if (profile >= TOMOYO_MAX_PROFILES)
496
492
return NULL;
497
493
ptr = ns->profile_ptr[profile];
···
536
530
{
537
531
static struct tomoyo_profile tomoyo_null_profile;
538
532
struct tomoyo_profile *ptr = ns->profile_ptr[profile];
533
+
539
534
if (!ptr)
540
535
ptr = &tomoyo_null_profile;
541
536
return ptr;
···
553
546
static s8 tomoyo_find_yesno(const char *string, const char *find)
554
547
{
555
548
const char *cp = strstr(string, find);
549
+
556
550
if (cp) {
557
551
cp += strlen(find);
558
552
if (!strncmp(cp, "=yes", 4))
···
577
569
const char *find)
578
570
{
579
571
const char *cp = strstr(string, find);
572
+
580
573
if (cp)
581
574
sscanf(cp + strlen(find), "=%u", i);
582
575
}
···
596
587
{
597
588
u8 i;
598
589
u8 config;
590
+
599
591
if (!strcmp(name, "CONFIG")) {
600
592
i = TOMOYO_MAX_MAC_INDEX + TOMOYO_MAX_MAC_CATEGORY_INDEX;
601
593
config = profile->default_config;
···
605
595
for (i = 0; i < TOMOYO_MAX_MAC_INDEX
606
596
+ TOMOYO_MAX_MAC_CATEGORY_INDEX; i++) {
607
597
int len = 0;
598
+
608
599
if (i < TOMOYO_MAX_MAC_INDEX) {
609
600
const u8 c = tomoyo_index2category[i];
610
601
const char *category =
611
602
tomoyo_category_keywords[c];
603
+
612
604
len = strlen(category);
613
605
if (strncmp(name, category, len) ||
614
606
name[len++] != ':' || name[len++] != ':')
···
630
618
config = TOMOYO_CONFIG_USE_DEFAULT;
631
619
} else {
632
620
u8 mode;
621
+
633
622
for (mode = 0; mode < 4; mode++)
634
623
if (strstr(value, tomoyo_mode[mode]))
635
624
/*
···
677
664
unsigned int i;
678
665
char *cp;
679
666
struct tomoyo_profile *profile;
667
+
680
668
if (sscanf(data, "PROFILE_VERSION=%u", &head->w.ns->profile_version)
681
669
== 1)
682
670
return 0;
···
697
683
const struct tomoyo_path_info *new_comment
698
684
= tomoyo_get_name(cp);
699
685
const struct tomoyo_path_info *old_comment;
686
+
700
687
if (!new_comment)
701
688
return -ENOMEM;
702
689
spin_lock(&lock);
···
747
732
struct tomoyo_policy_namespace *ns =
748
733
container_of(head->r.ns, typeof(*ns), namespace_list);
749
734
const struct tomoyo_profile *profile;
735
+
750
736
if (head->r.eof)
751
737
return;
752
738
next:
···
776
760
u8 i;
777
761
const struct tomoyo_path_info *comment =
778
762
profile->comment;
763
+
779
764
tomoyo_print_namespace(head);
780
765
tomoyo_io_printf(head, "%u-COMMENT=", index);
781
766
tomoyo_set_string(head, comment ? comment->name : "");
···
805
788
+ TOMOYO_MAX_MAC_CATEGORY_INDEX; head->r.bit++) {
806
789
const u8 i = head->r.bit;
807
790
const u8 config = profile->config[i];
791
+
808
792
if (config == TOMOYO_CONFIG_USE_DEFAULT)
809
793
continue;
810
794
tomoyo_print_namespace(head);
···
865
847
struct tomoyo_acl_param param = {
866
848
/* .ns = &tomoyo_kernel_namespace, */
867
849
.is_delete = is_delete,
868
-
.list = &tomoyo_kernel_namespace.
869
-
policy_list[TOMOYO_ID_MANAGER],
850
+
.list = &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER],
870
851
};
871
852
int error = is_delete ? -ENOENT : -ENOMEM;
853
+
872
854
if (!tomoyo_correct_domain(manager) &&
873
855
!tomoyo_correct_word(manager))
874
856
return -EINVAL;
···
912
894
{
913
895
if (head->r.eof)
914
896
return;
915
-
list_for_each_cookie(head->r.acl, &tomoyo_kernel_namespace.
916
-
policy_list[TOMOYO_ID_MANAGER]) {
897
+
list_for_each_cookie(head->r.acl, &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER]) {
917
898
struct tomoyo_manager *ptr =
918
899
list_entry(head->r.acl, typeof(*ptr), head.list);
900
+
919
901
if (ptr->head.is_deleted)
920
902
continue;
921
903
if (!tomoyo_flush(head))
···
951
933
exe = tomoyo_get_exe();
952
934
if (!exe)
953
935
return false;
954
-
list_for_each_entry_rcu(ptr, &tomoyo_kernel_namespace.
955
-
policy_list[TOMOYO_ID_MANAGER], head.list) {
936
+
list_for_each_entry_rcu(ptr, &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER], head.list) {
956
937
if (!ptr->head.is_deleted &&
957
938
(!tomoyo_pathcmp(domainname, ptr->manager) ||
958
939
!strcmp(exe, ptr->manager->name))) {
···
962
945
if (!found) { /* Reduce error messages. */
963
946
static pid_t last_pid;
964
947
const pid_t pid = current->pid;
948
+
965
949
if (last_pid != pid) {
966
-
printk(KERN_WARNING "%s ( %s ) is not permitted to "
967
-
"update policies.\n", domainname->name, exe);
950
+
pr_warn("%s ( %s ) is not permitted to update policies.\n",
951
+
domainname->name, exe);
968
952
last_pid = pid;
969
953
}
970
954
}
···
992
974
unsigned int pid;
993
975
struct tomoyo_domain_info *domain = NULL;
994
976
bool global_pid = false;
977
+
995
978
if (strncmp(data, "select ", 7))
996
979
return false;
997
980
data += 7;
998
981
if (sscanf(data, "pid=%u", &pid) == 1 ||
999
982
(global_pid = true, sscanf(data, "global-pid=%u", &pid) == 1)) {
1000
983
struct task_struct *p;
984
+
1001
985
rcu_read_lock();
1002
986
if (global_pid)
1003
987
p = find_task_by_pid_ns(pid, &init_pid_ns);
···
1040
1020
* Returns true if @a == @b, false otherwise.
1041
1021
*/
1042
1022
static bool tomoyo_same_task_acl(const struct tomoyo_acl_info *a,
1043
-
const struct tomoyo_acl_info *b)
1023
+
const struct tomoyo_acl_info *b)
1044
1024
{
1045
1025
const struct tomoyo_task_acl *p1 = container_of(a, typeof(*p1), head);
1046
1026
const struct tomoyo_task_acl *p2 = container_of(b, typeof(*p2), head);
1027
+
1047
1028
return p1->domainname == p2->domainname;
1048
1029
}
1049
1030
···
1060
1039
static int tomoyo_write_task(struct tomoyo_acl_param *param)
1061
1040
{
1062
1041
int error = -EINVAL;
1042
+
1063
1043
if (tomoyo_str_starts(¶m->data, "manual_domain_transition ")) {
1064
1044
struct tomoyo_task_acl e = {
1065
1045
.head.type = TOMOYO_TYPE_MANUAL_TASK_ACL,
1066
1046
.domainname = tomoyo_get_domainname(param),
1067
1047
};
1048
+
1068
1049
if (e.domainname)
1069
1050
error = tomoyo_update_domain(&e.head, sizeof(e), param,
1070
1051
tomoyo_same_task_acl,
···
1133
1110
};
1134
1111
static const struct {
1135
1112
const char *keyword;
1136
-
int (*write) (struct tomoyo_acl_param *);
1113
+
int (*write)(struct tomoyo_acl_param *param);
1137
1114
} tomoyo_callback[5] = {
1138
1115
{ "file ", tomoyo_write_file },
1139
1116
{ "network inet ", tomoyo_write_inet_network },
···
1175
1152
const bool is_delete = head->w.is_delete;
1176
1153
bool is_select = !is_delete && tomoyo_str_starts(&data, "select ");
1177
1154
unsigned int profile;
1155
+
1178
1156
if (*data == '<') {
1179
1157
int ret = 0;
1158
+
1180
1159
domain = NULL;
1181
1160
if (is_delete)
1182
1161
ret = tomoyo_delete_domain(data);
···
1206
1181
}
1207
1182
for (profile = 0; profile < TOMOYO_MAX_DOMAIN_INFO_FLAGS; profile++) {
1208
1183
const char *cp = tomoyo_dif[profile];
1184
+
1209
1185
if (strncmp(data, cp, strlen(cp) - 1))
1210
1186
continue;
1211
1187
domain->flags[profile] = !is_delete;
···
1251
1225
const struct tomoyo_envp *envp =
1252
1226
(typeof(envp)) (argv + cond->argc);
1253
1227
u16 skip;
1228
+
1254
1229
for (skip = 0; skip < head->r.cond_index; skip++) {
1255
1230
const u8 left = condp->left;
1256
1231
const u8 right = condp->right;
1232
+
1257
1233
condp++;
1258
1234
switch (left) {
1259
1235
case TOMOYO_ARGV_ENTRY:
···
1281
1253
const u8 match = condp->equals;
1282
1254
const u8 left = condp->left;
1283
1255
const u8 right = condp->right;
1256
+
1284
1257
if (!tomoyo_flush(head))
1285
1258
return false;
1286
1259
condp++;
···
1291
1262
case TOMOYO_ARGV_ENTRY:
1292
1263
tomoyo_io_printf(head,
1293
1264
"exec.argv[%lu]%s=\"",
1294
-
argv->index, argv->
1295
-
is_not ? "!" : "");
1265
+
argv->index, argv->is_not ? "!" : "");
1296
1266
tomoyo_set_string(head,
1297
1267
argv->value->name);
1298
1268
tomoyo_set_string(head, "\"");
···
1302
1274
"exec.envp[\"");
1303
1275
tomoyo_set_string(head,
1304
1276
envp->name->name);
1305
-
tomoyo_io_printf(head, "\"]%s=", envp->
1306
-
is_not ? "!" : "");
1277
+
tomoyo_io_printf(head, "\"]%s=", envp->is_not ? "!" : "");
1307
1278
if (envp->value) {
1308
1279
tomoyo_set_string(head, "\"");
1309
-
tomoyo_set_string(head, envp->
1310
-
value->name);
1280
+
tomoyo_set_string(head, envp->value->name);
1311
1281
tomoyo_set_string(head, "\"");
1312
1282
} else {
1313
1283
tomoyo_set_string(head,
···
1401
1375
struct tomoyo_path_acl *ptr =
1402
1376
container_of(acl, typeof(*ptr), head);
1403
1377
const u16 perm = ptr->perm;
1378
+
1404
1379
for (bit = 0; bit < TOMOYO_MAX_PATH_OPERATION; bit++) {
1405
1380
if (!(perm & (1 << bit)))
1406
1381
continue;
···
1422
1395
} else if (acl_type == TOMOYO_TYPE_MANUAL_TASK_ACL) {
1423
1396
struct tomoyo_task_acl *ptr =
1424
1397
container_of(acl, typeof(*ptr), head);
1398
+
1425
1399
tomoyo_set_group(head, "task ");
1426
1400
tomoyo_set_string(head, "manual_domain_transition ");
1427
1401
tomoyo_set_string(head, ptr->domainname->name);
···
1432
1404
struct tomoyo_path2_acl *ptr =
1433
1405
container_of(acl, typeof(*ptr), head);
1434
1406
const u8 perm = ptr->perm;
1407
+
1435
1408
for (bit = 0; bit < TOMOYO_MAX_PATH2_OPERATION; bit++) {
1436
1409
if (!(perm & (1 << bit)))
1437
1410
continue;
···
1453
1424
struct tomoyo_path_number_acl *ptr =
1454
1425
container_of(acl, typeof(*ptr), head);
1455
1426
const u8 perm = ptr->perm;
1427
+
1456
1428
for (bit = 0; bit < TOMOYO_MAX_PATH_NUMBER_OPERATION; bit++) {
1457
1429
if (!(perm & (1 << bit)))
1458
1430
continue;
···
1474
1444
struct tomoyo_mkdev_acl *ptr =
1475
1445
container_of(acl, typeof(*ptr), head);
1476
1446
const u8 perm = ptr->perm;
1447
+
1477
1448
for (bit = 0; bit < TOMOYO_MAX_MKDEV_OPERATION; bit++) {
1478
1449
if (!(perm & (1 << bit)))
1479
1450
continue;
···
1521
1490
->name);
1522
1491
} else {
1523
1492
char buf[128];
1493
+
1524
1494
tomoyo_print_ip(buf, sizeof(buf), &ptr->address);
1525
1495
tomoyo_io_printf(head, "%s", buf);
1526
1496
}
···
1551
1519
} else if (acl_type == TOMOYO_TYPE_MOUNT_ACL) {
1552
1520
struct tomoyo_mount_acl *ptr =
1553
1521
container_of(acl, typeof(*ptr), head);
1522
+
1554
1523
tomoyo_set_group(head, "file mount");
1555
1524
tomoyo_print_name_union(head, &ptr->dev_name);
1556
1525
tomoyo_print_name_union(head, &ptr->dir_name);
···
1595
1562
list_for_each_cookie(head->r.acl, list) {
1596
1563
struct tomoyo_acl_info *ptr =
1597
1564
list_entry(head->r.acl, typeof(*ptr), list);
1565
+
1598
1566
if (!tomoyo_print_entry(head, ptr))
1599
1567
return false;
1600
1568
}
···
1617
1583
list_for_each_cookie(head->r.domain, &tomoyo_domain_list) {
1618
1584
struct tomoyo_domain_info *domain =
1619
1585
list_entry(head->r.domain, typeof(*domain), list);
1586
+
u8 i;
1587
+
1620
1588
switch (head->r.step) {
1621
-
u8 i;
1622
1589
case 0:
1623
1590
if (domain->is_deleted &&
1624
1591
!head->r.print_this_domain_only)
···
1746
1711
.data = head->write_buf,
1747
1712
};
1748
1713
u8 i;
1714
+
1749
1715
if (tomoyo_str_starts(¶m.data, "aggregator "))
1750
1716
return tomoyo_write_aggregator(¶m);
1751
1717
for (i = 0; i < TOMOYO_MAX_TRANSITION_TYPE; i++)
···
1758
1722
if (tomoyo_str_starts(¶m.data, "acl_group ")) {
1759
1723
unsigned int group;
1760
1724
char *data;
1725
+
1761
1726
group = simple_strtoul(param.data, &data, 10);
1762
1727
if (group < TOMOYO_MAX_ACL_GROUPS && *data++ == ' ')
1763
1728
return tomoyo_write_domain2
···
1783
1746
struct tomoyo_policy_namespace *ns =
1784
1747
container_of(head->r.ns, typeof(*ns), namespace_list);
1785
1748
struct list_head *list = &ns->group_list[idx];
1749
+
1786
1750
list_for_each_cookie(head->r.group, list) {
1787
1751
struct tomoyo_group *group =
1788
1752
list_entry(head->r.group, typeof(*group), head.list);
1753
+
1789
1754
list_for_each_cookie(head->r.acl, &group->member_list) {
1790
1755
struct tomoyo_acl_head *ptr =
1791
1756
list_entry(head->r.acl, typeof(*ptr), list);
1757
+
1792
1758
if (ptr->is_deleted)
1793
1759
continue;
1794
1760
if (!tomoyo_flush(head))
···
1811
1771
head)->number);
1812
1772
} else if (idx == TOMOYO_ADDRESS_GROUP) {
1813
1773
char buffer[128];
1814
-
1815
1774
struct tomoyo_address_group *member =
1816
1775
container_of(ptr, typeof(*member),
1817
1776
head);
1777
+
1818
1778
tomoyo_print_ip(buffer, sizeof(buffer),
1819
1779
&member->address);
1820
1780
tomoyo_io_printf(head, " %s", buffer);
···
1842
1802
struct tomoyo_policy_namespace *ns =
1843
1803
container_of(head->r.ns, typeof(*ns), namespace_list);
1844
1804
struct list_head *list = &ns->policy_list[idx];
1805
+
1845
1806
list_for_each_cookie(head->r.acl, list) {
1846
1807
struct tomoyo_acl_head *acl =
1847
1808
container_of(head->r.acl, typeof(*acl), list);
···
1855
1814
{
1856
1815
struct tomoyo_transition_control *ptr =
1857
1816
container_of(acl, typeof(*ptr), head);
1817
+
1858
1818
tomoyo_print_namespace(head);
1859
1819
tomoyo_set_string(head, tomoyo_transition_type
1860
1820
[ptr->type]);
···
1871
1829
{
1872
1830
struct tomoyo_aggregator *ptr =
1873
1831
container_of(acl, typeof(*ptr), head);
1832
+
1874
1833
tomoyo_print_namespace(head);
1875
1834
tomoyo_set_string(head, "aggregator ");
1876
1835
tomoyo_set_string(head,
···
1901
1858
{
1902
1859
struct tomoyo_policy_namespace *ns =
1903
1860
container_of(head->r.ns, typeof(*ns), namespace_list);
1861
+
1904
1862
if (head->r.eof)
1905
1863
return;
1906
1864
while (head->r.step < TOMOYO_MAX_POLICY &&
···
1965
1921
static int tomoyo_truncate(char *str)
1966
1922
{
1967
1923
char *start = str;
1924
+
1968
1925
while (*(unsigned char *) str > (unsigned char) ' ')
1969
1926
str++;
1970
1927
*str = '\0';
···
1988
1943
char *symlink = NULL;
1989
1944
char *cp = strchr(header, '\n');
1990
1945
int len;
1946
+
1991
1947
if (!cp)
1992
1948
return;
1993
1949
cp = strchr(cp + 1, '\n');
···
2048
2002
static unsigned int tomoyo_serial;
2049
2003
struct tomoyo_query entry = { };
2050
2004
bool quota_exceeded = false;
2005
+
2051
2006
va_start(args, fmt);
2052
2007
len = vsnprintf((char *) &len, 1, fmt, args) + 1;
2053
2008
va_end(args);
···
2110
2063
(tomoyo_answer_wait, entry.answer ||
2111
2064
!atomic_read(&tomoyo_query_observers), HZ))
2112
2065
break;
2113
-
else
2114
-
entry.timer++;
2066
+
entry.timer++;
2115
2067
}
2116
2068
spin_lock(&tomoyo_query_list_lock);
2117
2069
list_del(&entry.list);
···
2146
2100
{
2147
2101
struct tomoyo_query *ptr;
2148
2102
struct tomoyo_domain_info *domain = NULL;
2103
+
2149
2104
spin_lock(&tomoyo_query_list_lock);
2150
2105
list_for_each_entry(ptr, &tomoyo_query_list, list) {
2151
2106
if (ptr->serial != serial)
···
2189
2142
unsigned int pos = 0;
2190
2143
size_t len = 0;
2191
2144
char *buf;
2145
+
2192
2146
if (head->r.w_pos)
2193
2147
return;
2194
-
if (head->read_buf) {
2195
-
kfree(head->read_buf);
2196
-
head->read_buf = NULL;
2197
-
}
2148
+
kfree(head->read_buf);
2149
+
head->read_buf = NULL;
2198
2150
spin_lock(&tomoyo_query_list_lock);
2199
2151
list_for_each(tmp, &tomoyo_query_list) {
2200
2152
struct tomoyo_query *ptr = list_entry(tmp, typeof(*ptr), list);
2153
+
2201
2154
if (pos++ != head->r.query_index)
2202
2155
continue;
2203
2156
len = ptr->query_len;
···
2215
2168
spin_lock(&tomoyo_query_list_lock);
2216
2169
list_for_each(tmp, &tomoyo_query_list) {
2217
2170
struct tomoyo_query *ptr = list_entry(tmp, typeof(*ptr), list);
2171
+
2218
2172
if (pos++ != head->r.query_index)
2219
2173
continue;
2220
2174
/*
···
2250
2202
struct list_head *tmp;
2251
2203
unsigned int serial;
2252
2204
unsigned int answer;
2205
+
2253
2206
spin_lock(&tomoyo_query_list_lock);
2254
2207
list_for_each(tmp, &tomoyo_query_list) {
2255
2208
struct tomoyo_query *ptr = list_entry(tmp, typeof(*ptr), list);
2209
+
2256
2210
ptr->timer = 0;
2257
2211
}
2258
2212
spin_unlock(&tomoyo_query_list_lock);
···
2263
2213
spin_lock(&tomoyo_query_list_lock);
2264
2214
list_for_each(tmp, &tomoyo_query_list) {
2265
2215
struct tomoyo_query *ptr = list_entry(tmp, typeof(*ptr), list);
2216
+
2266
2217
if (ptr->serial != serial)
2267
2218
continue;
2268
2219
ptr->answer = answer;
···
2338
2287
{
2339
2288
u8 i;
2340
2289
unsigned int total = 0;
2290
+
2341
2291
if (head->r.eof)
2342
2292
return;
2343
2293
for (i = 0; i < TOMOYO_MAX_POLICY_STAT; i++) {
···
2347
2295
tomoyo_stat_updated[i]);
2348
2296
if (tomoyo_stat_modified[i]) {
2349
2297
struct tomoyo_time stamp;
2298
+
2350
2299
tomoyo_convert_time(tomoyo_stat_modified[i], &stamp);
2351
-
tomoyo_io_printf(head, " (Last: %04u/%02u/%02u "
2352
-
"%02u:%02u:%02u)",
2300
+
tomoyo_io_printf(head, " (Last: %04u/%02u/%02u %02u:%02u:%02u)",
2353
2301
stamp.year, stamp.month, stamp.day,
2354
2302
stamp.hour, stamp.min, stamp.sec);
2355
2303
}
···
2357
2305
}
2358
2306
for (i = 0; i < TOMOYO_MAX_MEMORY_STAT; i++) {
2359
2307
unsigned int used = tomoyo_memory_used[i];
2308
+
2360
2309
total += used;
2361
2310
tomoyo_io_printf(head, "Memory used by %-22s %10u",
2362
2311
tomoyo_memory_headers[i], used);
···
2382
2329
{
2383
2330
char *data = head->write_buf;
2384
2331
u8 i;
2332
+
2385
2333
if (tomoyo_str_starts(&data, "Memory used by "))
2386
2334
for (i = 0; i < TOMOYO_MAX_MEMORY_STAT; i++)
2387
2335
if (tomoyo_str_starts(&data, tomoyo_memory_headers[i]))
···
2511
2457
__poll_t tomoyo_poll_control(struct file *file, poll_table *wait)
2512
2458
{
2513
2459
struct tomoyo_io_buffer *head = file->private_data;
2460
+
2514
2461
if (head->poll)
2515
2462
return head->poll(file, wait) | EPOLLOUT | EPOLLWRNORM;
2516
2463
return EPOLLIN | EPOLLRDNORM | EPOLLOUT | EPOLLWRNORM;
···
2527
2472
static inline void tomoyo_set_namespace_cursor(struct tomoyo_io_buffer *head)
2528
2473
{
2529
2474
struct list_head *ns;
2475
+
2530
2476
if (head->type != TOMOYO_EXCEPTIONPOLICY &&
2531
2477
head->type != TOMOYO_PROFILE)
2532
2478
return;
···
2573
2517
int idx;
2574
2518
2575
2519
if (!head->read)
2576
-
return -ENOSYS;
2520
+
return -EINVAL;
2577
2521
if (mutex_lock_interruptible(&head->io_sem))
2578
2522
return -EINTR;
2579
2523
head->read_user_buf = buffer;
···
2613
2557
head->type == TOMOYO_PROFILE) {
2614
2558
if (*line == '<') {
2615
2559
char *cp = strchr(line, ' ');
2560
+
2616
2561
if (cp) {
2617
2562
*cp++ = '\0';
2618
2563
head->w.ns = tomoyo_assign_namespace(line);
···
2646
2589
size_t avail_len = buffer_len;
2647
2590
char *cp0 = head->write_buf;
2648
2591
int idx;
2592
+
2649
2593
if (!head->write)
2650
-
return -ENOSYS;
2594
+
return -EINVAL;
2651
2595
if (!access_ok(buffer, buffer_len))
2652
2596
return -EFAULT;
2653
2597
if (mutex_lock_interruptible(&head->io_sem))
···
2658
2600
/* Read a line and dispatch it to the policy handler. */
2659
2601
while (avail_len > 0) {
2660
2602
char c;
2603
+
2661
2604
if (head->w.avail >= head->writebuf_size - 1) {
2662
2605
const int len = head->writebuf_size * 2;
2663
2606
char *cp = kzalloc(len, GFP_NOFS);
2607
+
2664
2608
if (!cp) {
2665
2609
error = -ENOMEM;
2666
2610
break;
···
2761
2701
{
2762
2702
struct tomoyo_domain_info *domain;
2763
2703
const int idx = tomoyo_read_lock();
2704
+
2764
2705
tomoyo_policy_loaded = true;
2765
-
printk(KERN_INFO "TOMOYO: 2.5.0\n");
2706
+
pr_info("TOMOYO: 2.5.0\n");
2766
2707
list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
2767
2708
const u8 profile = domain->profile;
2768
2709
const struct tomoyo_policy_namespace *ns = domain->ns;
2710
+
2769
2711
if (ns->profile_version != 20110903)
2770
-
printk(KERN_ERR
2771
-
"Profile version %u is not supported.\n",
2712
+
pr_err("Profile version %u is not supported.\n",
2772
2713
ns->profile_version);
2773
2714
else if (!ns->profile_ptr[profile])
2774
-
printk(KERN_ERR
2775
-
"Profile %u (used by '%s') is not defined.\n",
2715
+
pr_err("Profile %u (used by '%s') is not defined.\n",
2776
2716
profile, domain->domainname->name);
2777
2717
else
2778
2718
continue;
2779
-
printk(KERN_ERR
2780
-
"Userland tools for TOMOYO 2.5 must be installed and "
2781
-
"policy must be initialized.\n");
2782
-
printk(KERN_ERR "Please see http://tomoyo.sourceforge.jp/2.5/ "
2783
-
"for more information.\n");
2719
+
pr_err("Userland tools for TOMOYO 2.5 must be installed and policy must be initialized.\n");
2720
+
pr_err("Please see http://tomoyo.sourceforge.jp/2.5/ for more information.\n");
2784
2721
panic("STOP!");
2785
2722
}
2786
2723
tomoyo_read_unlock(idx);
2787
-
printk(KERN_INFO "Mandatory Access Control activated.\n");
2724
+
pr_info("Mandatory Access Control activated.\n");
2788
2725
}
2789
2726
2790
2727
/**
···
2800
2743
#include "builtin-policy.h"
2801
2744
u8 i;
2802
2745
const int idx = tomoyo_read_lock();
2746
+
2803
2747
for (i = 0; i < 5; i++) {
2804
2748
struct tomoyo_io_buffer head = { };
2805
2749
char *start = "";
2750
+
2806
2751
switch (i) {
2807
2752
case 0:
2808
2753
start = tomoyo_builtin_profile;
···
2834
2775
}
2835
2776
while (1) {
2836
2777
char *end = strchr(start, '\n');
2778
+
2837
2779
if (!end)
2838
2780
break;
2839
2781
*end = '\0';
+8
-5
security/tomoyo/common.h
+8
-5
security/tomoyo/common.h
···
10
10
#ifndef _SECURITY_TOMOYO_COMMON_H
11
11
#define _SECURITY_TOMOYO_COMMON_H
12
12
13
+
#define pr_fmt(fmt) fmt
14
+
13
15
#include <linux/ctype.h>
14
16
#include <linux/string.h>
15
17
#include <linux/mm.h>
···
790
788
* interfaces.
791
789
*/
792
790
struct tomoyo_io_buffer {
793
-
void (*read) (struct tomoyo_io_buffer *);
794
-
int (*write) (struct tomoyo_io_buffer *);
795
-
__poll_t (*poll) (struct file *file, poll_table *wait);
791
+
void (*read)(struct tomoyo_io_buffer *head);
792
+
int (*write)(struct tomoyo_io_buffer *head);
793
+
__poll_t (*poll)(struct file *file, poll_table *wait);
796
794
/* Exclusive lock for this structure. */
797
795
struct mutex io_sem;
798
796
char __user *read_user_buf;
···
1044
1042
void __init tomoyo_load_builtin_policy(void);
1045
1043
void __init tomoyo_mm_init(void);
1046
1044
void tomoyo_check_acl(struct tomoyo_request_info *r,
1047
-
bool (*check_entry) (struct tomoyo_request_info *,
1048
-
const struct tomoyo_acl_info *));
1045
+
bool (*check_entry)(struct tomoyo_request_info *,
1046
+
const struct tomoyo_acl_info *));
1049
1047
void tomoyo_check_profile(void);
1050
1048
void tomoyo_convert_time(time64_t time, struct tomoyo_time *stamp);
1051
1049
void tomoyo_del_condition(struct list_head *element);
···
1133
1131
static inline pid_t tomoyo_sys_getppid(void)
1134
1132
{
1135
1133
pid_t pid;
1134
+
1136
1135
rcu_read_lock();
1137
1136
pid = task_tgid_vnr(rcu_dereference(current->real_parent));
1138
1137
rcu_read_unlock();
+43
-16
security/tomoyo/condition.c
+43
-16
security/tomoyo/condition.c
···
28
28
{
29
29
int i;
30
30
struct tomoyo_path_info arg;
31
+
31
32
arg.name = arg_ptr;
32
33
for (i = 0; i < argc; argv++, checked++, i++) {
33
34
bool result;
35
+
34
36
if (index != argv->index)
35
37
continue;
36
38
*checked = 1;
···
64
62
int i;
65
63
struct tomoyo_path_info name;
66
64
struct tomoyo_path_info value;
65
+
67
66
name.name = env_name;
68
67
tomoyo_fill_path_info(&name);
69
68
value.name = env_value;
70
69
tomoyo_fill_path_info(&value);
71
70
for (i = 0; i < envc; envp++, checked++, i++) {
72
71
bool result;
72
+
73
73
if (!tomoyo_path_matches_pattern(&name, envp->name))
74
74
continue;
75
75
*checked = 1;
···
117
113
bool result = true;
118
114
u8 local_checked[32];
119
115
u8 *checked;
116
+
120
117
if (argc + envc <= sizeof(local_checked)) {
121
118
checked = local_checked;
122
119
memset(local_checked, 0, sizeof(local_checked));
···
136
131
/* Read. */
137
132
const char *kaddr = dump->data;
138
133
const unsigned char c = kaddr[offset++];
134
+
139
135
if (c && arg_len < TOMOYO_EXEC_TMPSIZE - 10) {
140
136
if (c == '\\') {
141
137
arg_ptr[arg_len++] = '\\';
···
166
160
argv_count--;
167
161
} else if (envp_count) {
168
162
char *cp = strchr(arg_ptr, '=');
163
+
169
164
if (cp) {
170
165
*cp = '\0';
171
166
if (!tomoyo_envp(arg_ptr, cp + 1,
···
189
182
out:
190
183
if (result) {
191
184
int i;
185
+
192
186
/* Check not-yet-checked entries. */
193
187
for (i = 0; i < argc; i++) {
194
188
if (checked[i])
···
237
229
{
238
230
bool result;
239
231
struct tomoyo_path_info exe;
232
+
240
233
if (!file)
241
234
return false;
242
235
exe.name = tomoyo_realpath_from_path(&file->f_path);
···
259
250
static const struct tomoyo_path_info *tomoyo_get_dqword(char *start)
260
251
{
261
252
char *cp = start + strlen(start) - 1;
253
+
262
254
if (cp == start || *start++ != '"' || *cp != '"')
263
255
return NULL;
264
256
*cp = '\0';
···
280
270
struct tomoyo_name_union *ptr)
281
271
{
282
272
char *filename = param->data;
273
+
283
274
if (*filename == '@')
284
275
return tomoyo_parse_name_union(param, ptr);
285
276
ptr->filename = tomoyo_get_dqword(filename);
···
321
310
const struct tomoyo_path_info *name;
322
311
const struct tomoyo_path_info *value;
323
312
char *cp = left + strlen(left) - 1;
313
+
324
314
if (*cp-- != ']' || *cp != '"')
325
315
goto out;
326
316
*cp = '\0';
···
376
364
static u8 tomoyo_condition_type(const char *word)
377
365
{
378
366
u8 i;
367
+
379
368
for (i = 0; i < TOMOYO_MAX_CONDITION_KEYWORD; i++) {
380
369
if (!strcmp(word, tomoyo_condition_keyword[i]))
381
370
break;
···
408
395
{
409
396
struct tomoyo_condition *ptr;
410
397
bool found = false;
398
+
411
399
if (mutex_lock_interruptible(&tomoyo_policy_lock)) {
412
400
dprintk(KERN_WARNING "%u: %s failed\n", __LINE__, __func__);
413
401
ptr = NULL;
···
456
442
{
457
443
char * const pos = param->data;
458
444
bool flag;
445
+
459
446
if (*pos == '<') {
460
447
e->transit = tomoyo_get_domainname(param);
461
448
goto done;
462
449
}
463
450
{
464
451
char *cp = strchr(pos, ' ');
452
+
465
453
if (cp)
466
454
*cp = '\0';
467
455
flag = tomoyo_correct_path(pos) || !strcmp(pos, "keep") ||
···
505
489
tomoyo_get_transit_preference(param, &e);
506
490
char * const end_of_string = start_of_string + strlen(start_of_string);
507
491
char *pos;
492
+
508
493
rerun:
509
494
pos = start_of_string;
510
495
while (1) {
···
515
498
char *cp;
516
499
char *right_word;
517
500
bool is_not;
501
+
518
502
if (!*left_word)
519
503
break;
520
504
/*
···
640
622
}
641
623
store_value:
642
624
if (!condp) {
643
-
dprintk(KERN_WARNING "%u: dry_run left=%u right=%u "
644
-
"match=%u\n", __LINE__, left, right, !is_not);
625
+
dprintk(KERN_WARNING "%u: dry_run left=%u right=%u match=%u\n",
626
+
__LINE__, left, right, !is_not);
645
627
continue;
646
628
}
647
629
condp->left = left;
···
678
660
envp = (struct tomoyo_envp *) (argv + e.argc);
679
661
{
680
662
bool flag = false;
663
+
681
664
for (pos = start_of_string; pos < end_of_string; pos++) {
682
665
if (*pos)
683
666
continue;
···
717
698
718
699
for (i = 0; i < TOMOYO_MAX_PATH_STAT; i++) {
719
700
struct inode *inode;
701
+
720
702
switch (i) {
721
703
case TOMOYO_PATH1:
722
704
dentry = obj->path1.dentry;
···
738
718
inode = d_backing_inode(dentry);
739
719
if (inode) {
740
720
struct tomoyo_mini_stat *stat = &obj->stat[i];
721
+
741
722
stat->uid = inode->i_uid;
742
723
stat->gid = inode->i_gid;
743
724
stat->ino = inode->i_ino;
···
747
726
stat->rdev = inode->i_rdev;
748
727
obj->stat_valid[i] = true;
749
728
}
750
-
if (i & 1) /* i == TOMOYO_PATH1_PARENT ||
751
-
i == TOMOYO_PATH2_PARENT */
729
+
if (i & 1) /* TOMOYO_PATH1_PARENT or TOMOYO_PATH2_PARENT */
752
730
dput(dentry);
753
731
}
754
732
}
···
778
758
u16 argc;
779
759
u16 envc;
780
760
struct linux_binprm *bprm = NULL;
761
+
781
762
if (!cond)
782
763
return true;
783
764
condc = cond->condc;
···
801
780
const u8 right = condp->right;
802
781
bool is_bitop[2] = { false, false };
803
782
u8 j;
783
+
804
784
condp++;
805
785
/* Check argv[] and envp[] later. */
806
786
if (left == TOMOYO_ARGV_ENTRY || left == TOMOYO_ENVP_ENTRY)
···
809
787
/* Check string expressions. */
810
788
if (right == TOMOYO_NAME_UNION) {
811
789
const struct tomoyo_name_union *ptr = names_p++;
790
+
struct tomoyo_path_info *symlink;
791
+
struct tomoyo_execve *ee;
792
+
struct file *file;
793
+
812
794
switch (left) {
813
-
struct tomoyo_path_info *symlink;
814
-
struct tomoyo_execve *ee;
815
-
struct file *file;
816
795
case TOMOYO_SYMLINK_TARGET:
817
796
symlink = obj ? obj->symlink_target : NULL;
818
797
if (!symlink ||
···
835
812
for (j = 0; j < 2; j++) {
836
813
const u8 index = j ? right : left;
837
814
unsigned long value = 0;
815
+
838
816
switch (index) {
839
817
case TOMOYO_TASK_UID:
840
818
value = from_kuid(&init_user_ns, current_uid());
···
898
874
value = S_ISVTX;
899
875
break;
900
876
case TOMOYO_MODE_OWNER_READ:
901
-
value = S_IRUSR;
877
+
value = 0400;
902
878
break;
903
879
case TOMOYO_MODE_OWNER_WRITE:
904
-
value = S_IWUSR;
880
+
value = 0200;
905
881
break;
906
882
case TOMOYO_MODE_OWNER_EXECUTE:
907
-
value = S_IXUSR;
883
+
value = 0100;
908
884
break;
909
885
case TOMOYO_MODE_GROUP_READ:
910
-
value = S_IRGRP;
886
+
value = 0040;
911
887
break;
912
888
case TOMOYO_MODE_GROUP_WRITE:
913
-
value = S_IWGRP;
889
+
value = 0020;
914
890
break;
915
891
case TOMOYO_MODE_GROUP_EXECUTE:
916
-
value = S_IXGRP;
892
+
value = 0010;
917
893
break;
918
894
case TOMOYO_MODE_OTHERS_READ:
919
-
value = S_IROTH;
895
+
value = 0004;
920
896
break;
921
897
case TOMOYO_MODE_OTHERS_WRITE:
922
-
value = S_IWOTH;
898
+
value = 0002;
923
899
break;
924
900
case TOMOYO_MODE_OTHERS_EXECUTE:
925
-
value = S_IXOTH;
901
+
value = 0001;
926
902
break;
927
903
case TOMOYO_EXEC_ARGC:
928
904
if (!bprm)
···
947
923
{
948
924
u8 stat_index;
949
925
struct tomoyo_mini_stat *stat;
926
+
950
927
switch (index) {
951
928
case TOMOYO_PATH1_UID:
952
929
case TOMOYO_PATH1_GID:
···
1061
1036
if (left == TOMOYO_NUMBER_UNION) {
1062
1037
/* Fetch values now. */
1063
1038
const struct tomoyo_number_union *ptr = numbers_p++;
1039
+
1064
1040
min_v[0] = ptr->values[0];
1065
1041
max_v[0] = ptr->values[1];
1066
1042
}
1067
1043
if (right == TOMOYO_NUMBER_UNION) {
1068
1044
/* Fetch values now. */
1069
1045
const struct tomoyo_number_union *ptr = numbers_p++;
1046
+
1070
1047
if (ptr->group) {
1071
1048
if (tomoyo_number_matches_group(min_v[0],
1072
1049
max_v[0],
+33
-17
security/tomoyo/domain.c
+33
-17
security/tomoyo/domain.c
···
30
30
*/
31
31
int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size,
32
32
struct tomoyo_acl_param *param,
33
-
bool (*check_duplicate) (const struct tomoyo_acl_head
34
-
*,
35
-
const struct tomoyo_acl_head
36
-
*))
33
+
bool (*check_duplicate)(const struct tomoyo_acl_head
34
+
*,
35
+
const struct tomoyo_acl_head
36
+
*))
37
37
{
38
38
int error = param->is_delete ? -ENOENT : -ENOMEM;
39
39
struct tomoyo_acl_head *entry;
···
90
90
*/
91
91
int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size,
92
92
struct tomoyo_acl_param *param,
93
-
bool (*check_duplicate) (const struct tomoyo_acl_info
94
-
*,
95
-
const struct tomoyo_acl_info
96
-
*),
97
-
bool (*merge_duplicate) (struct tomoyo_acl_info *,
98
-
struct tomoyo_acl_info *,
99
-
const bool))
93
+
bool (*check_duplicate)(const struct tomoyo_acl_info
94
+
*,
95
+
const struct tomoyo_acl_info
96
+
*),
97
+
bool (*merge_duplicate)(struct tomoyo_acl_info *,
98
+
struct tomoyo_acl_info *,
99
+
const bool))
100
100
{
101
101
const bool is_delete = param->is_delete;
102
102
int error = is_delete ? -ENOENT : -ENOMEM;
···
157
157
* Caller holds tomoyo_read_lock().
158
158
*/
159
159
void tomoyo_check_acl(struct tomoyo_request_info *r,
160
-
bool (*check_entry) (struct tomoyo_request_info *,
161
-
const struct tomoyo_acl_info *))
160
+
bool (*check_entry)(struct tomoyo_request_info *,
161
+
const struct tomoyo_acl_info *))
162
162
{
163
163
const struct tomoyo_domain_info *domain = r->domain;
164
164
struct tomoyo_acl_info *ptr;
···
198
198
static const char *tomoyo_last_word(const char *name)
199
199
{
200
200
const char *cp = strrchr(name, ' ');
201
+
201
202
if (cp)
202
203
return cp + 1;
203
204
return name;
···
221
220
const struct tomoyo_transition_control *p2 = container_of(b,
222
221
typeof(*p2),
223
222
head);
223
+
224
224
return p1->type == p2->type && p1->is_last_name == p2->is_last_name
225
225
&& p1->domainname == p2->domainname
226
226
&& p1->program == p2->program;
···
242
240
int error = param->is_delete ? -ENOENT : -ENOMEM;
243
241
char *program = param->data;
244
242
char *domainname = strstr(program, " from ");
243
+
245
244
if (domainname) {
246
245
*domainname = '\0';
247
246
domainname += 6;
···
296
293
const enum tomoyo_transition_type type)
297
294
{
298
295
const struct tomoyo_transition_control *ptr;
296
+
299
297
list_for_each_entry_rcu(ptr, list, head.list) {
300
298
if (ptr->head.is_deleted || ptr->type != type)
301
299
continue;
···
342
338
{
343
339
const char *last_name = tomoyo_last_word(domainname->name);
344
340
enum tomoyo_transition_type type = TOMOYO_TRANSITION_CONTROL_NO_RESET;
341
+
345
342
while (type < TOMOYO_MAX_TRANSITION_TYPE) {
346
343
const struct list_head * const list =
347
344
&ns->policy_list[TOMOYO_ID_TRANSITION_CONTROL];
345
+
348
346
if (!tomoyo_scan_transition(list, domainname, program,
349
347
last_name, type)) {
350
348
type++;
···
381
375
head);
382
376
const struct tomoyo_aggregator *p2 = container_of(b, typeof(*p2),
383
377
head);
378
+
384
379
return p1->original_name == p2->original_name &&
385
380
p1->aggregated_name == p2->aggregated_name;
386
381
}
···
401
394
int error = param->is_delete ? -ENOENT : -ENOMEM;
402
395
const char *original_name = tomoyo_read_token(param);
403
396
const char *aggregated_name = tomoyo_read_token(param);
397
+
404
398
if (!tomoyo_correct_word(original_name) ||
405
399
!tomoyo_correct_path(aggregated_name))
406
400
return -EINVAL;
···
434
426
(const char *name, const unsigned int len)
435
427
{
436
428
struct tomoyo_policy_namespace *ns;
429
+
437
430
list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) {
438
431
if (strncmp(name, ns->name, len) ||
439
432
(name[len] && name[len] != ' '))
···
460
451
struct tomoyo_policy_namespace *entry;
461
452
const char *cp = domainname;
462
453
unsigned int len = 0;
454
+
463
455
while (*cp && *cp++ != ' ')
464
456
len++;
465
457
ptr = tomoyo_find_namespace(domainname, len);
···
476
466
ptr = tomoyo_find_namespace(domainname, len);
477
467
if (!ptr && tomoyo_memory_ok(entry)) {
478
468
char *name = (char *) (entry + 1);
469
+
479
470
ptr = entry;
480
471
memmove(name, domainname, len);
481
472
name[len] = '\0';
···
501
490
{
502
491
const char *namespace = tomoyo_current_namespace()->name;
503
492
const int len = strlen(namespace);
493
+
504
494
return strncmp(domainname, namespace, len) ||
505
495
(domainname[len] && domainname[len] != ' ');
506
496
}
···
522
510
struct tomoyo_domain_info e = { };
523
511
struct tomoyo_domain_info *entry = tomoyo_find_domain(domainname);
524
512
bool created = false;
513
+
525
514
if (entry) {
526
515
if (transit) {
527
516
/*
···
559
546
*/
560
547
if (transit) {
561
548
const struct tomoyo_domain_info *domain = tomoyo_domain();
549
+
562
550
e.profile = domain->profile;
563
551
e.group = domain->group;
564
552
}
···
583
569
if (entry && transit) {
584
570
if (created) {
585
571
struct tomoyo_request_info r;
572
+
586
573
tomoyo_init_request_info(&r, entry,
587
574
TOMOYO_MAC_FILE_EXECUTE);
588
575
r.granted = false;
···
727
712
struct tomoyo_aggregator *ptr;
728
713
struct list_head *list =
729
714
&old_domain->ns->policy_list[TOMOYO_ID_AGGREGATOR];
715
+
730
716
/* Check 'aggregator' directive. */
731
717
candidate = &exename;
732
718
list_for_each_entry_rcu(ptr, list, head.list) {
···
763
747
*/
764
748
if (ee->transition) {
765
749
const char *domainname = ee->transition->name;
750
+
766
751
reject_on_transition_failure = true;
767
752
if (!strcmp(domainname, "keep"))
768
753
goto force_keep_domain;
···
775
758
goto force_initialize_domain;
776
759
if (!strcmp(domainname, "parent")) {
777
760
char *cp;
761
+
778
762
strncpy(ee->tmp, old_domain->domainname->name,
779
763
TOMOYO_EXEC_TMPSIZE - 1);
780
764
cp = strrchr(ee->tmp, ' ');
···
840
822
if (domain)
841
823
retval = 0;
842
824
else if (reject_on_transition_failure) {
843
-
printk(KERN_WARNING "ERROR: Domain '%s' not ready.\n",
844
-
ee->tmp);
825
+
pr_warn("ERROR: Domain '%s' not ready.\n", ee->tmp);
845
826
retval = -ENOMEM;
846
827
} else if (ee->r.mode == TOMOYO_CONFIG_ENFORCING)
847
828
retval = -ENOMEM;
···
851
834
ee->r.granted = false;
852
835
tomoyo_write_log(&ee->r, "%s", tomoyo_dif
853
836
[TOMOYO_DIF_TRANSITION_FAILED]);
854
-
printk(KERN_WARNING
855
-
"ERROR: Domain '%s' not defined.\n", ee->tmp);
837
+
pr_warn("ERROR: Domain '%s' not defined.\n", ee->tmp);
856
838
}
857
839
}
858
840
out:
+20
security/tomoyo/file.c
+20
security/tomoyo/file.c
···
214
214
const u8 type = r->param.path_number.operation;
215
215
u8 radix;
216
216
char buffer[64];
217
+
217
218
switch (type) {
218
219
case TOMOYO_TYPE_CREATE:
219
220
case TOMOYO_TYPE_MKDIR:
···
254
253
{
255
254
const struct tomoyo_path_acl *acl = container_of(ptr, typeof(*acl),
256
255
head);
256
+
257
257
if (acl->perm & (1 << r->param.path.operation)) {
258
258
r->param.path.matched_path =
259
259
tomoyo_compare_name_union(r->param.path.filename,
···
277
275
{
278
276
const struct tomoyo_path_number_acl *acl =
279
277
container_of(ptr, typeof(*acl), head);
278
+
280
279
return (acl->perm & (1 << r->param.path_number.operation)) &&
281
280
tomoyo_compare_number_union(r->param.path_number.number,
282
281
&acl->number) &&
···
298
295
{
299
296
const struct tomoyo_path2_acl *acl =
300
297
container_of(ptr, typeof(*acl), head);
298
+
301
299
return (acl->perm & (1 << r->param.path2.operation)) &&
302
300
tomoyo_compare_name_union(r->param.path2.filename1, &acl->name1)
303
301
&& tomoyo_compare_name_union(r->param.path2.filename2,
···
318
314
{
319
315
const struct tomoyo_mkdev_acl *acl =
320
316
container_of(ptr, typeof(*acl), head);
317
+
321
318
return (acl->perm & (1 << r->param.mkdev.operation)) &&
322
319
tomoyo_compare_number_union(r->param.mkdev.mode,
323
320
&acl->mode) &&
···
343
338
{
344
339
const struct tomoyo_path_acl *p1 = container_of(a, typeof(*p1), head);
345
340
const struct tomoyo_path_acl *p2 = container_of(b, typeof(*p2), head);
341
+
346
342
return tomoyo_same_name_union(&p1->name, &p2->name);
347
343
}
348
344
···
364
358
->perm;
365
359
u16 perm = *a_perm;
366
360
const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm;
361
+
367
362
if (is_delete)
368
363
perm &= ~b_perm;
369
364
else
···
391
384
.perm = perm
392
385
};
393
386
int error;
387
+
394
388
if (!tomoyo_parse_name_union(param, &e.name))
395
389
error = -EINVAL;
396
390
else
···
415
407
{
416
408
const struct tomoyo_mkdev_acl *p1 = container_of(a, typeof(*p1), head);
417
409
const struct tomoyo_mkdev_acl *p2 = container_of(b, typeof(*p2), head);
410
+
418
411
return tomoyo_same_name_union(&p1->name, &p2->name) &&
419
412
tomoyo_same_number_union(&p1->mode, &p2->mode) &&
420
413
tomoyo_same_number_union(&p1->major, &p2->major) &&
···
440
431
u8 perm = *a_perm;
441
432
const u8 b_perm = container_of(b, struct tomoyo_mkdev_acl, head)
442
433
->perm;
434
+
443
435
if (is_delete)
444
436
perm &= ~b_perm;
445
437
else
···
467
457
.perm = perm
468
458
};
469
459
int error;
460
+
470
461
if (!tomoyo_parse_name_union(param, &e.name) ||
471
462
!tomoyo_parse_number_union(param, &e.mode) ||
472
463
!tomoyo_parse_number_union(param, &e.major) ||
···
497
486
{
498
487
const struct tomoyo_path2_acl *p1 = container_of(a, typeof(*p1), head);
499
488
const struct tomoyo_path2_acl *p2 = container_of(b, typeof(*p2), head);
489
+
500
490
return tomoyo_same_name_union(&p1->name1, &p2->name1) &&
501
491
tomoyo_same_name_union(&p1->name2, &p2->name2);
502
492
}
···
519
507
->perm;
520
508
u8 perm = *a_perm;
521
509
const u8 b_perm = container_of(b, struct tomoyo_path2_acl, head)->perm;
510
+
522
511
if (is_delete)
523
512
perm &= ~b_perm;
524
513
else
···
546
533
.perm = perm
547
534
};
548
535
int error;
536
+
549
537
if (!tomoyo_parse_name_union(param, &e.name1) ||
550
538
!tomoyo_parse_name_union(param, &e.name2))
551
539
error = -EINVAL;
···
635
621
head);
636
622
const struct tomoyo_path_number_acl *p2 = container_of(b, typeof(*p2),
637
623
head);
624
+
638
625
return tomoyo_same_name_union(&p1->name, &p2->name) &&
639
626
tomoyo_same_number_union(&p1->number, &p2->number);
640
627
}
···
658
643
u8 perm = *a_perm;
659
644
const u8 b_perm = container_of(b, struct tomoyo_path_number_acl, head)
660
645
->perm;
646
+
661
647
if (is_delete)
662
648
perm &= ~b_perm;
663
649
else
···
683
667
.perm = perm
684
668
};
685
669
int error;
670
+
686
671
if (!tomoyo_parse_name_union(param, &e.name) ||
687
672
!tomoyo_parse_number_union(param, &e.number))
688
673
error = -EINVAL;
···
964
947
{
965
948
const struct tomoyo_mount_acl *p1 = container_of(a, typeof(*p1), head);
966
949
const struct tomoyo_mount_acl *p2 = container_of(b, typeof(*p2), head);
950
+
967
951
return tomoyo_same_name_union(&p1->dev_name, &p2->dev_name) &&
968
952
tomoyo_same_name_union(&p1->dir_name, &p2->dir_name) &&
969
953
tomoyo_same_name_union(&p1->fs_type, &p2->fs_type) &&
···
984
966
{
985
967
struct tomoyo_mount_acl e = { .head.type = TOMOYO_TYPE_MOUNT_ACL };
986
968
int error;
969
+
987
970
if (!tomoyo_parse_name_union(param, &e.dev_name) ||
988
971
!tomoyo_parse_name_union(param, &e.dir_name) ||
989
972
!tomoyo_parse_name_union(param, &e.fs_type) ||
···
1014
995
u16 perm = 0;
1015
996
u8 type;
1016
997
const char *operation = tomoyo_read_token(param);
998
+
1017
999
for (type = 0; type < TOMOYO_MAX_PATH_OPERATION; type++)
1018
1000
if (tomoyo_permstr(operation, tomoyo_path_keyword[type]))
1019
1001
perm |= 1 << type;
+19
security/tomoyo/gc.c
+19
security/tomoyo/gc.c
···
77
77
spin_lock(&tomoyo_io_buffer_list_lock);
78
78
list_for_each_entry(head, &tomoyo_io_buffer_list, list) {
79
79
int i;
80
+
80
81
head->users++;
81
82
spin_unlock(&tomoyo_io_buffer_list_lock);
82
83
mutex_lock(&head->io_sem);
83
84
for (i = 0; i < TOMOYO_MAX_IO_READ_QUEUE; i++) {
84
85
const char *w = head->r.w[i];
86
+
85
87
if (w < string || w > string + size)
86
88
continue;
87
89
in_use = true;
···
110
108
{
111
109
struct tomoyo_transition_control *ptr =
112
110
container_of(element, typeof(*ptr), head.list);
111
+
113
112
tomoyo_put_name(ptr->domainname);
114
113
tomoyo_put_name(ptr->program);
115
114
}
···
126
123
{
127
124
struct tomoyo_aggregator *ptr =
128
125
container_of(element, typeof(*ptr), head.list);
126
+
129
127
tomoyo_put_name(ptr->original_name);
130
128
tomoyo_put_name(ptr->aggregated_name);
131
129
}
···
142
138
{
143
139
struct tomoyo_manager *ptr =
144
140
container_of(element, typeof(*ptr), head.list);
141
+
145
142
tomoyo_put_name(ptr->manager);
146
143
}
147
144
···
157
152
{
158
153
struct tomoyo_acl_info *acl =
159
154
container_of(element, typeof(*acl), list);
155
+
160
156
tomoyo_put_condition(acl->cond);
161
157
switch (acl->type) {
162
158
case TOMOYO_TYPE_PATH_ACL:
···
232
226
{
233
227
struct tomoyo_task_acl *entry =
234
228
container_of(acl, typeof(*entry), head);
229
+
235
230
tomoyo_put_name(entry->domainname);
236
231
}
237
232
break;
···
254
247
container_of(element, typeof(*domain), list);
255
248
struct tomoyo_acl_info *acl;
256
249
struct tomoyo_acl_info *tmp;
250
+
257
251
/*
258
252
* Since this domain is referenced from neither
259
253
* "struct tomoyo_io_buffer" nor "struct cred"->security, we can delete
···
294
286
= (const struct tomoyo_argv *) (names_p + names_count);
295
287
const struct tomoyo_envp *envp
296
288
= (const struct tomoyo_envp *) (argv + argc);
289
+
297
290
for (i = 0; i < numbers_count; i++)
298
291
tomoyo_put_number_union(numbers_p++);
299
292
for (i = 0; i < names_count; i++)
···
330
321
{
331
322
struct tomoyo_path_group *member =
332
323
container_of(element, typeof(*member), head.list);
324
+
333
325
tomoyo_put_name(member->member_name);
334
326
}
335
327
···
345
335
{
346
336
struct tomoyo_group *group =
347
337
container_of(element, typeof(*group), head.list);
338
+
348
339
tomoyo_put_name(group->group_name);
349
340
}
350
341
···
487
476
{
488
477
struct tomoyo_acl_head *member;
489
478
struct tomoyo_acl_head *tmp;
479
+
490
480
list_for_each_entry_safe(member, tmp, member_list, list) {
491
481
if (!member->is_deleted)
492
482
continue;
···
507
495
{
508
496
struct tomoyo_acl_info *acl;
509
497
struct tomoyo_acl_info *tmp;
498
+
510
499
list_for_each_entry_safe(acl, tmp, list, list) {
511
500
if (!acl->is_deleted)
512
501
continue;
···
526
513
int i;
527
514
enum tomoyo_policy_id id;
528
515
struct tomoyo_policy_namespace *ns;
516
+
529
517
mutex_lock(&tomoyo_policy_lock);
530
518
{
531
519
struct tomoyo_domain_info *domain;
532
520
struct tomoyo_domain_info *tmp;
521
+
533
522
list_for_each_entry_safe(domain, tmp, &tomoyo_domain_list,
534
523
list) {
535
524
tomoyo_collect_acl(&domain->acl_info_list);
···
549
534
{
550
535
struct tomoyo_shared_acl_head *ptr;
551
536
struct tomoyo_shared_acl_head *tmp;
537
+
552
538
list_for_each_entry_safe(ptr, tmp, &tomoyo_condition_list,
553
539
list) {
554
540
if (atomic_read(&ptr->users) > 0)
···
563
547
struct list_head *list = &ns->group_list[i];
564
548
struct tomoyo_group *group;
565
549
struct tomoyo_group *tmp;
550
+
566
551
switch (i) {
567
552
case 0:
568
553
id = TOMOYO_ID_PATH_GROUP;
···
591
574
struct list_head *list = &tomoyo_name_list[i];
592
575
struct tomoyo_shared_acl_head *ptr;
593
576
struct tomoyo_shared_acl_head *tmp;
577
+
594
578
list_for_each_entry_safe(ptr, tmp, list, list) {
595
579
if (atomic_read(&ptr->users) > 0)
596
580
continue;
···
613
595
{
614
596
/* Garbage collector thread is exclusive. */
615
597
static DEFINE_MUTEX(tomoyo_gc_mutex);
598
+
616
599
if (!mutex_trylock(&tomoyo_gc_mutex))
617
600
goto out;
618
601
tomoyo_collect_entry();
+5
security/tomoyo/group.c
+5
security/tomoyo/group.c
···
75
75
{
76
76
struct tomoyo_group *group = tomoyo_get_group(param, type);
77
77
int error = -EINVAL;
78
+
78
79
if (!group)
79
80
return -ENOMEM;
80
81
param->list = &group->member_list;
81
82
if (type == TOMOYO_PATH_GROUP) {
82
83
struct tomoyo_path_group e = { };
84
+
83
85
e.member_name = tomoyo_get_name(tomoyo_read_token(param));
84
86
if (!e.member_name) {
85
87
error = -ENOMEM;
···
92
90
tomoyo_put_name(e.member_name);
93
91
} else if (type == TOMOYO_NUMBER_GROUP) {
94
92
struct tomoyo_number_group e = { };
93
+
95
94
if (param->data[0] == '@' ||
96
95
!tomoyo_parse_number_union(param, &e.number))
97
96
goto out;
···
132
129
const struct tomoyo_group *group)
133
130
{
134
131
struct tomoyo_path_group *member;
132
+
135
133
list_for_each_entry_rcu(member, &group->member_list, head.list) {
136
134
if (member->head.is_deleted)
137
135
continue;
···
160
156
{
161
157
struct tomoyo_number_group *member;
162
158
bool matched = false;
159
+
163
160
list_for_each_entry_rcu(member, &group->member_list, head.list) {
164
161
if (member->head.is_deleted)
165
162
continue;
+4
-4
security/tomoyo/load_policy.c
+4
-4
security/tomoyo/load_policy.c
···
37
37
static bool tomoyo_policy_loader_exists(void)
38
38
{
39
39
struct path path;
40
+
40
41
if (!tomoyo_loader)
41
42
tomoyo_loader = CONFIG_SECURITY_TOMOYO_POLICY_LOADER;
42
43
if (kern_path(tomoyo_loader, LOOKUP_FOLLOW, &path)) {
43
-
printk(KERN_INFO "Not activating Mandatory Access Control "
44
-
"as %s does not exist.\n", tomoyo_loader);
44
+
pr_info("Not activating Mandatory Access Control as %s does not exist.\n",
45
+
tomoyo_loader);
45
46
return false;
46
47
}
47
48
path_put(&path);
···
97
96
if (!tomoyo_policy_loader_exists())
98
97
return;
99
98
done = true;
100
-
printk(KERN_INFO "Calling %s to load policy. Please wait.\n",
101
-
tomoyo_loader);
99
+
pr_info("Calling %s to load policy. Please wait.\n", tomoyo_loader);
102
100
argv[0] = (char *) tomoyo_loader;
103
101
argv[1] = NULL;
104
102
envp[0] = "HOME=/";
+7
-2
security/tomoyo/memory.c
+7
-2
security/tomoyo/memory.c
···
19
19
/* Reduce error messages. */
20
20
static pid_t tomoyo_last_pid;
21
21
const pid_t pid = current->pid;
22
+
22
23
if (tomoyo_last_pid != pid) {
23
-
printk(KERN_WARNING "ERROR: Out of memory at %s.\n",
24
-
function);
24
+
pr_warn("ERROR: Out of memory at %s.\n", function);
25
25
tomoyo_last_pid = pid;
26
26
}
27
27
if (!tomoyo_policy_loaded)
···
48
48
{
49
49
if (ptr) {
50
50
const size_t s = ksize(ptr);
51
+
51
52
tomoyo_memory_used[TOMOYO_MEMORY_POLICY] += s;
52
53
if (!tomoyo_memory_quota[TOMOYO_MEMORY_POLICY] ||
53
54
tomoyo_memory_used[TOMOYO_MEMORY_POLICY] <=
···
74
73
void *tomoyo_commit_ok(void *data, const unsigned int size)
75
74
{
76
75
void *ptr = kzalloc(size, GFP_NOFS);
76
+
77
77
if (tomoyo_memory_ok(ptr)) {
78
78
memmove(ptr, data, size);
79
79
memset(data, 0, size);
···
100
98
struct list_head *list;
101
99
const char *group_name = tomoyo_read_token(param);
102
100
bool found = false;
101
+
103
102
if (!tomoyo_correct_word(group_name) || idx >= TOMOYO_MAX_GROUP)
104
103
return NULL;
105
104
e.group_name = tomoyo_get_name(group_name);
···
119
116
}
120
117
if (!found) {
121
118
struct tomoyo_group *entry = tomoyo_commit_ok(&e, sizeof(e));
119
+
122
120
if (entry) {
123
121
INIT_LIST_HEAD(&entry->member_list);
124
122
atomic_set(&entry->head.users, 1);
···
195
191
void __init tomoyo_mm_init(void)
196
192
{
197
193
int idx;
194
+
198
195
for (idx = 0; idx < TOMOYO_MAX_HASH; idx++)
199
196
INIT_LIST_HEAD(&tomoyo_name_list[idx]);
200
197
tomoyo_kernel_namespace.name = "<kernel>";
+2
security/tomoyo/mount.c
+2
security/tomoyo/mount.c
···
49
49
{
50
50
const struct tomoyo_mount_acl *acl =
51
51
container_of(ptr, typeof(*acl), head);
52
+
52
53
return tomoyo_compare_number_union(r->param.mount.flags,
53
54
&acl->flags) &&
54
55
tomoyo_compare_name_union(r->param.mount.type,
···
90
89
struct tomoyo_path_info rdir;
91
90
int need_dev = 0;
92
91
int error = -ENOMEM;
92
+
93
93
r->obj = &obj;
94
94
95
95
/* Get fstype. */
+15
-3
security/tomoyo/realpath.c
+15
-3
security/tomoyo/realpath.c
···
94
94
const int buflen)
95
95
{
96
96
char *pos = ERR_PTR(-ENOMEM);
97
+
97
98
if (buflen >= 256) {
98
99
/* go to whatever namespace root we are under */
99
100
pos = d_absolute_path(path, buffer, buflen - 1);
100
101
if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
101
102
struct inode *inode = d_backing_inode(path->dentry);
103
+
102
104
if (inode && S_ISDIR(inode->i_mode)) {
103
105
buffer[buflen - 2] = '/';
104
106
buffer[buflen - 1] = '\0';
···
125
123
const int buflen)
126
124
{
127
125
char *pos = ERR_PTR(-ENOMEM);
126
+
128
127
if (buflen >= 256) {
129
128
pos = dentry_path_raw(dentry, buffer, buflen - 1);
130
129
if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
131
130
struct inode *inode = d_backing_inode(dentry);
131
+
132
132
if (inode && S_ISDIR(inode->i_mode)) {
133
133
buffer[buflen - 2] = '/';
134
134
buffer[buflen - 1] = '\0';
···
154
150
{
155
151
struct super_block *sb = dentry->d_sb;
156
152
char *pos = tomoyo_get_dentry_path(dentry, buffer, buflen);
153
+
157
154
if (IS_ERR(pos))
158
155
return pos;
159
156
/* Convert from $PID to self if $PID is current thread. */
160
157
if (sb->s_magic == PROC_SUPER_MAGIC && *pos == '/') {
161
158
char *ep;
162
159
const pid_t pid = (pid_t) simple_strtoul(pos + 1, &ep, 10);
160
+
163
161
if (*ep == '/' && pid && pid ==
164
162
task_tgid_nr_ns(current, sb->s_fs_info)) {
165
163
pos = ep - 5;
···
176
170
goto prepend_filesystem_name;
177
171
{
178
172
struct inode *inode = d_backing_inode(sb->s_root);
173
+
179
174
/*
180
175
* Use filesystem name if filesystem does not support rename()
181
176
* operation.
···
189
182
char name[64];
190
183
int name_len;
191
184
const dev_t dev = sb->s_dev;
185
+
192
186
name[sizeof(name) - 1] = '\0';
193
187
snprintf(name, sizeof(name) - 1, "dev(%u,%u):", MAJOR(dev),
194
188
MINOR(dev));
···
205
197
{
206
198
const char *name = sb->s_type->name;
207
199
const int name_len = strlen(name);
200
+
208
201
pos -= name_len + 1;
209
202
if (pos < buffer)
210
203
goto out;
···
232
223
struct inode *inode = d_backing_inode(path->dentry);
233
224
struct socket *sock = inode ? SOCKET_I(inode) : NULL;
234
225
struct sock *sk = sock ? sock->sk : NULL;
226
+
235
227
if (sk) {
236
-
snprintf(buffer, buflen, "socket:[family=%u:type=%u:"
237
-
"protocol=%u]", sk->sk_family, sk->sk_type,
238
-
sk->sk_protocol);
228
+
snprintf(buffer, buflen, "socket:[family=%u:type=%u:protocol=%u]",
229
+
sk->sk_family, sk->sk_type, sk->sk_protocol);
239
230
} else {
240
231
snprintf(buffer, buflen, "socket:[unknown]");
241
232
}
···
264
255
unsigned int buf_len = PAGE_SIZE / 2;
265
256
struct dentry *dentry = path->dentry;
266
257
struct super_block *sb;
258
+
267
259
if (!dentry)
268
260
return NULL;
269
261
sb = dentry->d_sb;
270
262
while (1) {
271
263
char *pos;
272
264
struct inode *inode;
265
+
273
266
buf_len <<= 1;
274
267
kfree(buf);
275
268
buf = kmalloc(buf_len, GFP_NOFS);
···
334
323
335
324
if (pathname && kern_path(pathname, 0, &path) == 0) {
336
325
char *buf = tomoyo_realpath_from_path(&path);
326
+
337
327
path_put(&path);
338
328
return buf;
339
329
}
+4
security/tomoyo/securityfs_if.c
+4
security/tomoyo/securityfs_if.c
···
21
21
{
22
22
const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
23
23
head);
24
+
24
25
return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
25
26
}
26
27
···
43
42
{
44
43
char *data;
45
44
int error;
45
+
46
46
if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
47
47
return -ENOMEM;
48
48
data = memdup_user_nul(buf, count);
···
54
52
const int idx = tomoyo_read_lock();
55
53
struct tomoyo_path_info name;
56
54
struct tomoyo_request_info r;
55
+
57
56
name.name = data;
58
57
tomoyo_fill_path_info(&name);
59
58
/* Check "task manual_domain_transition" permission. */
···
103
100
const char *domain = tomoyo_domain()->domainname->name;
104
101
loff_t len = strlen(domain);
105
102
loff_t pos = *ppos;
103
+
106
104
if (pos >= len || !count)
107
105
return 0;
108
106
len -= pos;
+12
-3
security/tomoyo/tomoyo.c
+12
-3
security/tomoyo/tomoyo.c
···
105
105
if (!s->old_domain_info) {
106
106
const int idx = tomoyo_read_lock();
107
107
const int err = tomoyo_find_next_domain(bprm);
108
+
108
109
tomoyo_read_unlock(idx);
109
110
return err;
110
111
}
···
152
151
static int tomoyo_path_unlink(const struct path *parent, struct dentry *dentry)
153
152
{
154
153
struct path path = { .mnt = parent->mnt, .dentry = dentry };
154
+
155
155
return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL);
156
156
}
157
157
···
169
167
umode_t mode)
170
168
{
171
169
struct path path = { .mnt = parent->mnt, .dentry = dentry };
170
+
172
171
return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path,
173
172
mode & S_IALLUGO);
174
173
}
···
185
182
static int tomoyo_path_rmdir(const struct path *parent, struct dentry *dentry)
186
183
{
187
184
struct path path = { .mnt = parent->mnt, .dentry = dentry };
185
+
188
186
return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL);
189
187
}
190
188
···
202
198
const char *old_name)
203
199
{
204
200
struct path path = { .mnt = parent->mnt, .dentry = dentry };
201
+
205
202
return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name);
206
203
}
207
204
···
260
255
{
261
256
struct path path1 = { .mnt = new_dir->mnt, .dentry = old_dentry };
262
257
struct path path2 = { .mnt = new_dir->mnt, .dentry = new_dentry };
258
+
263
259
return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2);
264
260
}
265
261
···
281
275
{
282
276
struct path path1 = { .mnt = old_parent->mnt, .dentry = old_dentry };
283
277
struct path path2 = { .mnt = new_parent->mnt, .dentry = new_dentry };
278
+
284
279
return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2);
285
280
}
286
281
···
313
306
*/
314
307
static int tomoyo_file_open(struct file *f)
315
308
{
316
-
int flags = f->f_flags;
317
309
/* Don't check read permission here if called from do_execve(). */
318
310
if (current->in_execve)
319
311
return 0;
320
-
return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags);
312
+
return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path,
313
+
f->f_flags);
321
314
}
322
315
323
316
/**
···
361
354
static int tomoyo_path_chown(const struct path *path, kuid_t uid, kgid_t gid)
362
355
{
363
356
int error = 0;
357
+
364
358
if (uid_valid(uid))
365
359
error = tomoyo_path_number_perm(TOMOYO_TYPE_CHOWN, path,
366
360
from_kuid(&init_user_ns, uid));
···
411
403
static int tomoyo_sb_umount(struct vfsmount *mnt, int flags)
412
404
{
413
405
struct path path = { .mnt = mnt, .dentry = mnt->mnt_root };
406
+
414
407
return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL);
415
408
}
416
409
···
582
573
583
574
/* register ourselves with the security framework */
584
575
security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo");
585
-
printk(KERN_INFO "TOMOYO Linux initialized\n");
576
+
pr_info("TOMOYO Linux initialized\n");
586
577
s->domain_info = &tomoyo_kernel_domain;
587
578
atomic_inc(&tomoyo_kernel_domain.users);
588
579
s->old_domain_info = NULL;
+18
-5
security/tomoyo/util.c
+18
-5
security/tomoyo/util.c
···
91
91
void tomoyo_convert_time(time64_t time64, struct tomoyo_time *stamp)
92
92
{
93
93
struct tm tm;
94
+
94
95
time64_to_tm(time64, 0, &tm);
95
96
stamp->sec = tm.tm_sec;
96
97
stamp->min = tm.tm_min;
···
114
113
bool tomoyo_permstr(const char *string, const char *keyword)
115
114
{
116
115
const char *cp = strstr(string, keyword);
116
+
117
117
if (cp)
118
118
return cp == string || *(cp - 1) == '/';
119
119
return false;
···
134
132
{
135
133
char *pos = param->data;
136
134
char *del = strchr(pos, ' ');
135
+
137
136
if (del)
138
137
*del++ = '\0';
139
138
else
···
155
152
{
156
153
char *start = param->data;
157
154
char *pos = start;
155
+
158
156
while (*pos) {
159
157
if (*pos++ != ' ' || *pos++ == '/')
160
158
continue;
···
185
181
const char *cp = *str;
186
182
char *ep;
187
183
int base = 10;
184
+
188
185
if (*cp == '0') {
189
186
char c = *(cp + 1);
187
+
190
188
if (c == 'x' || c == 'X') {
191
189
base = 16;
192
190
cp += 2;
···
246
240
struct tomoyo_name_union *ptr)
247
241
{
248
242
char *filename;
243
+
249
244
if (param->data[0] == '@') {
250
245
param->data++;
251
246
ptr->group = tomoyo_get_group(param, TOMOYO_PATH_GROUP);
···
273
266
char *data;
274
267
u8 type;
275
268
unsigned long v;
269
+
276
270
memset(ptr, 0, sizeof(*ptr));
277
271
if (param->data[0] == '@') {
278
272
param->data++;
···
437
429
unsigned char c;
438
430
unsigned char d;
439
431
unsigned char e;
432
+
440
433
if (!len)
441
434
goto out;
442
435
while (len--) {
···
542
533
return true;
543
534
while (1) {
544
535
const unsigned char *cp = strchr(domainname, ' ');
536
+
545
537
if (!cp)
546
538
break;
547
539
if (*domainname != '/' ||
···
564
554
{
565
555
const unsigned char *cp;
566
556
int len;
557
+
567
558
if (*buffer != '<')
568
559
return false;
569
560
cp = strchr(buffer, ' ');
···
679
668
{
680
669
while (filename < filename_end && pattern < pattern_end) {
681
670
char c;
671
+
int i;
672
+
int j;
673
+
682
674
if (*pattern != '\\') {
683
675
if (*filename++ != *pattern++)
684
676
return false;
···
690
676
c = *filename;
691
677
pattern++;
692
678
switch (*pattern) {
693
-
int i;
694
-
int j;
695
679
case '?':
696
680
if (c == '/') {
697
681
return false;
···
997
985
struct tomoyo_domain_info *domain, const u8 index)
998
986
{
999
987
u8 profile;
988
+
1000
989
memset(r, 0, sizeof(*r));
1001
990
if (!domain)
1002
991
domain = tomoyo_domain();
···
1031
1018
list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
1032
1019
u16 perm;
1033
1020
u8 i;
1021
+
1034
1022
if (ptr->is_deleted)
1035
1023
continue;
1036
1024
switch (ptr->type) {
···
1076
1062
domain->flags[TOMOYO_DIF_QUOTA_WARNED] = true;
1077
1063
/* r->granted = false; */
1078
1064
tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]);
1079
-
printk(KERN_WARNING "WARNING: "
1080
-
"Domain '%s' has too many ACLs to hold. "
1081
-
"Stopped learning mode.\n", domain->domainname->name);
1065
+
pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n",
1066
+
domain->domainname->name);
1082
1067
}
1083
1068
return false;
1084
1069
}