| 3 |
* |
* |
| 4 |
* Copyright (C) 2005-2009 NTT DATA CORPORATION |
* Copyright (C) 2005-2009 NTT DATA CORPORATION |
| 5 |
* |
* |
| 6 |
* Version: 1.7.0-rc 2009/09/01 |
* Version: 1.7.1-pre 2009/10/16 |
| 7 |
* |
* |
| 8 |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
| 9 |
* See README.ccs for ChangeLog. |
* See README.ccs for ChangeLog. |
| 16 |
.learning = &ccs_default_profile.preference, |
.learning = &ccs_default_profile.preference, |
| 17 |
.permissive = &ccs_default_profile.preference, |
.permissive = &ccs_default_profile.preference, |
| 18 |
.enforcing = &ccs_default_profile.preference, |
.enforcing = &ccs_default_profile.preference, |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
| 19 |
.audit = &ccs_default_profile.preference, |
.audit = &ccs_default_profile.preference, |
| 20 |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
| 21 |
.preference.audit_max_grant_log = CONFIG_CCSECURITY_MAX_GRANT_LOG, |
.preference.audit_max_grant_log = CONFIG_CCSECURITY_MAX_GRANT_LOG, |
| 22 |
.preference.audit_max_reject_log = CONFIG_CCSECURITY_MAX_REJECT_LOG, |
.preference.audit_max_reject_log = CONFIG_CCSECURITY_MAX_REJECT_LOG, |
| 23 |
#endif |
#endif |
| 24 |
|
.preference.audit_task_info = true, |
| 25 |
|
.preference.audit_path_info = true, |
| 26 |
.preference.enforcing_penalty = 0, |
.preference.enforcing_penalty = 0, |
| 27 |
.preference.enforcing_verbose = true, |
.preference.enforcing_verbose = true, |
| 28 |
.preference.learning_max_entry = CONFIG_CCSECURITY_MAX_ACCEPT_ENTRY, |
.preference.learning_max_entry = CONFIG_CCSECURITY_MAX_ACCEPT_ENTRY, |
| 265 |
ptr = ccs_profile_ptr[profile]; |
ptr = ccs_profile_ptr[profile]; |
| 266 |
if (!ptr && ccs_memory_ok(entry, sizeof(*entry))) { |
if (!ptr && ccs_memory_ok(entry, sizeof(*entry))) { |
| 267 |
ptr = entry; |
ptr = entry; |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
| 268 |
ptr->audit = &ccs_default_profile.preference; |
ptr->audit = &ccs_default_profile.preference; |
|
#endif |
|
| 269 |
ptr->learning = &ccs_default_profile.preference; |
ptr->learning = &ccs_default_profile.preference; |
| 270 |
ptr->permissive = &ccs_default_profile.preference; |
ptr->permissive = &ccs_default_profile.preference; |
| 271 |
ptr->enforcing = &ccs_default_profile.preference; |
ptr->enforcing = &ccs_default_profile.preference; |
| 283 |
} |
} |
| 284 |
|
|
| 285 |
/** |
/** |
| 286 |
|
* ccs_check_profile - Check all profiles currently assigned to domains are defined. |
| 287 |
|
*/ |
| 288 |
|
void ccs_check_profile(void) |
| 289 |
|
{ |
| 290 |
|
struct ccs_domain_info *domain; |
| 291 |
|
ccs_policy_loaded = true; |
| 292 |
|
list_for_each_entry_rcu(domain, &ccs_domain_list, list) { |
| 293 |
|
const u8 profile = domain->profile; |
| 294 |
|
if (ccs_profile_ptr[profile]) |
| 295 |
|
continue; |
| 296 |
|
panic("Profile %u (used by '%s') not defined.\n", |
| 297 |
|
profile, domain->domainname->name); |
| 298 |
|
} |
| 299 |
|
} |
| 300 |
|
|
| 301 |
|
/** |
| 302 |
* ccs_profile - Find a profile. |
* ccs_profile - Find a profile. |
| 303 |
* |
* |
| 304 |
* @profile: Profile number to find. |
* @profile: Profile number to find. |
| 305 |
* |
* |
| 306 |
* Returns pointer to "struct ccs_profile" on success, NULL otherwise. |
* Returns pointer to "struct ccs_profile". |
| 307 |
*/ |
*/ |
| 308 |
struct ccs_profile *ccs_profile(const u8 profile) |
struct ccs_profile *ccs_profile(const u8 profile) |
| 309 |
{ |
{ |
| 354 |
value = 0; |
value = 0; |
| 355 |
else |
else |
| 356 |
value = -1; |
value = -1; |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
| 357 |
if (!strcmp(data, "PREFERENCE::audit")) { |
if (!strcmp(data, "PREFERENCE::audit")) { |
| 358 |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
| 359 |
char *cp2; |
char *cp2; |
| 360 |
|
#endif |
| 361 |
if (use_default) { |
if (use_default) { |
| 362 |
profile->audit = &ccs_default_profile.preference; |
profile->audit = &ccs_default_profile.preference; |
| 363 |
return 0; |
return 0; |
| 364 |
} |
} |
| 365 |
profile->audit = &profile->preference; |
profile->audit = &profile->preference; |
| 366 |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
| 367 |
cp2 = strstr(cp, "max_grant_log="); |
cp2 = strstr(cp, "max_grant_log="); |
| 368 |
if (cp2) |
if (cp2) |
| 369 |
sscanf(cp2 + 14, "%u", |
sscanf(cp2 + 14, "%u", |
| 372 |
if (cp2) |
if (cp2) |
| 373 |
sscanf(cp2 + 15, "%u", |
sscanf(cp2 + 15, "%u", |
| 374 |
&profile->preference.audit_max_reject_log); |
&profile->preference.audit_max_reject_log); |
| 375 |
|
#endif |
| 376 |
|
if (strstr(cp, "task_info=yes")) |
| 377 |
|
profile->preference.audit_task_info = true; |
| 378 |
|
else if (strstr(cp, "task_info=no")) |
| 379 |
|
profile->preference.audit_task_info = false; |
| 380 |
|
if (strstr(cp, "path_info=yes")) |
| 381 |
|
profile->preference.audit_path_info = true; |
| 382 |
|
else if (strstr(cp, "path_info=no")) |
| 383 |
|
profile->preference.audit_path_info = false; |
| 384 |
return 0; |
return 0; |
| 385 |
} |
} |
|
#endif |
|
| 386 |
if (!strcmp(data, "PREFERENCE::enforcing")) { |
if (!strcmp(data, "PREFERENCE::enforcing")) { |
| 387 |
char *cp2; |
char *cp2; |
| 388 |
if (use_default) { |
if (use_default) { |
| 510 |
return; |
return; |
| 511 |
if (head->read_bit) |
if (head->read_bit) |
| 512 |
goto body; |
goto body; |
| 513 |
ccs_io_printf(head, "PROFILE_VERSION=%s\n", "20090827"); |
ccs_io_printf(head, "PROFILE_VERSION=%s\n", "20090903"); |
| 514 |
|
ccs_io_printf(head, "PREFERENCE::audit={ " |
| 515 |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
| 516 |
|
"max_grant_log=%u max_reject_log=%u " |
| 517 |
|
#endif |
| 518 |
|
"task_info=%s path_info=%s }\n", |
| 519 |
#ifdef CONFIG_CCSECURITY_AUDIT |
#ifdef CONFIG_CCSECURITY_AUDIT |
|
ccs_io_printf(head, "PREFERENCE::audit={ max_grant_log=%u " |
|
|
"max_reject_log=%u }\n", |
|
| 520 |
ccs_default_profile.preference.audit_max_grant_log, |
ccs_default_profile.preference.audit_max_grant_log, |
| 521 |
ccs_default_profile.preference.audit_max_reject_log); |
ccs_default_profile.preference.audit_max_reject_log, |
| 522 |
#endif |
#endif |
| 523 |
|
ccs_yesno(ccs_default_profile.preference. |
| 524 |
|
audit_task_info), |
| 525 |
|
ccs_yesno(ccs_default_profile.preference. |
| 526 |
|
audit_path_info)); |
| 527 |
ccs_io_printf(head, "PREFERENCE::learning={ verbose=%s max_entry=%u " |
ccs_io_printf(head, "PREFERENCE::learning={ verbose=%s max_entry=%u " |
| 528 |
"exec.realpath=%s exec.argv0=%s symlink.target=%s }\n", |
"exec.realpath=%s exec.argv0=%s symlink.target=%s }\n", |
| 529 |
ccs_yesno(ccs_default_profile.preference. |
ccs_yesno(ccs_default_profile.preference. |
| 601 |
goto out; |
goto out; |
| 602 |
#endif |
#endif |
| 603 |
} |
} |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
| 604 |
if (profile->audit != &ccs_default_profile.preference && |
if (profile->audit != &ccs_default_profile.preference && |
| 605 |
!ccs_io_printf(head, "%u-PREFERENCE::audit={ " |
!ccs_io_printf(head, "%u-PREFERENCE::audit={ " |
| 606 |
"max_grant_log=%u max_reject_log=%u }\n", |
#ifdef CONFIG_CCSECURITY_AUDIT |
| 607 |
index, |
"max_grant_log=%u max_reject_log=%u " |
| 608 |
|
#endif |
| 609 |
|
"task_info=%s path_info=%s }\n", index, |
| 610 |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
| 611 |
profile->preference.audit_max_grant_log, |
profile->preference.audit_max_grant_log, |
| 612 |
profile->preference.audit_max_reject_log)) |
profile->preference.audit_max_reject_log, |
|
goto out; |
|
| 613 |
#endif |
#endif |
| 614 |
|
ccs_yesno(profile->preference. |
| 615 |
|
audit_task_info), |
| 616 |
|
ccs_yesno(profile->preference. |
| 617 |
|
audit_path_info))) |
| 618 |
|
goto out; |
| 619 |
if (profile->learning != &ccs_default_profile.preference && |
if (profile->learning != &ccs_default_profile.preference && |
| 620 |
!ccs_io_printf(head, "%u-PREFERENCE::learning={ " |
!ccs_io_printf(head, "%u-PREFERENCE::learning={ " |
| 621 |
"verbose=%s max_entry=%u exec.realpath=%s " |
"verbose=%s max_entry=%u exec.realpath=%s " |
| 904 |
return ccs_write_env_policy(data, domain, cond, is_delete); |
return ccs_write_env_policy(data, domain, cond, is_delete); |
| 905 |
if (ccs_str_starts(&data, CCS_KEYWORD_ALLOW_MOUNT)) |
if (ccs_str_starts(&data, CCS_KEYWORD_ALLOW_MOUNT)) |
| 906 |
return ccs_write_mount_policy(data, domain, cond, is_delete); |
return ccs_write_mount_policy(data, domain, cond, is_delete); |
|
if (ccs_str_starts(&data, CCS_KEYWORD_ALLOW_UNMOUNT)) |
|
|
return ccs_write_umount_policy(data, domain, cond, is_delete); |
|
|
if (ccs_str_starts(&data, CCS_KEYWORD_ALLOW_CHROOT)) |
|
|
return ccs_write_chroot_policy(data, domain, cond, is_delete); |
|
|
if (ccs_str_starts(&data, CCS_KEYWORD_ALLOW_PIVOT_ROOT)) |
|
|
return ccs_write_pivot_root_policy(data, domain, cond, |
|
|
is_delete); |
|
| 907 |
return ccs_write_file_policy(data, domain, cond, is_delete); |
return ccs_write_file_policy(data, domain, cond, is_delete); |
| 908 |
} |
} |
| 909 |
|
|
| 949 |
|
|
| 950 |
if (sscanf(data, CCS_KEYWORD_USE_PROFILE "%u", &profile) == 1 |
if (sscanf(data, CCS_KEYWORD_USE_PROFILE "%u", &profile) == 1 |
| 951 |
&& profile < CCS_MAX_PROFILES) { |
&& profile < CCS_MAX_PROFILES) { |
| 952 |
if (ccs_profile(profile)) |
if (!ccs_policy_loaded || ccs_profile_ptr[(u8) profile]) |
| 953 |
domain->profile = (u8) profile; |
domain->profile = (u8) profile; |
| 954 |
return 0; |
return 0; |
| 955 |
} |
} |
| 1202 |
} |
} |
| 1203 |
|
|
| 1204 |
/** |
/** |
| 1205 |
* ccs_print_path_acl - Print a single path ACL entry. |
* ccs_print_path_acl - Print a path ACL entry. |
| 1206 |
* |
* |
| 1207 |
* @head: Pointer to "struct ccs_io_buffer". |
* @head: Pointer to "struct ccs_io_buffer". |
| 1208 |
* @ptr: Pointer to "struct ccs_path_acl". |
* @ptr: Pointer to "struct ccs_path_acl". |
| 1553 |
} |
} |
| 1554 |
|
|
| 1555 |
/** |
/** |
|
* ccs_print_umount_acl - Print a mount ACL entry. |
|
|
* |
|
|
* @head: Pointer to "struct ccs_io_buffer". |
|
|
* @ptr: Pointer to "struct ccs_umount_acl". |
|
|
* @cond: Pointer to "struct ccs_condition". May be NULL. |
|
|
* |
|
|
* Returns true on success, false otherwise. |
|
|
*/ |
|
|
static bool ccs_print_umount_acl(struct ccs_io_buffer *head, |
|
|
struct ccs_umount_acl *ptr, |
|
|
const struct ccs_condition *cond) |
|
|
{ |
|
|
const int pos = head->read_avail; |
|
|
if (!ccs_io_printf(head, CCS_KEYWORD_ALLOW_UNMOUNT) || |
|
|
!ccs_print_name_union(head, &ptr->dir) || |
|
|
!ccs_print_condition(head, cond)) { |
|
|
head->read_avail = pos; |
|
|
return false; |
|
|
} |
|
|
return true; |
|
|
} |
|
|
|
|
|
/** |
|
|
* ccs_print_chroot_acl - Print a chroot ACL entry. |
|
|
* |
|
|
* @head: Pointer to "struct ccs_io_buffer". |
|
|
* @ptr: Pointer to "struct ccs_chroot_acl". |
|
|
* @cond: Pointer to "struct ccs_condition". May be NULL. |
|
|
* |
|
|
* Returns true on success, false otherwise. |
|
|
*/ |
|
|
static bool ccs_print_chroot_acl(struct ccs_io_buffer *head, |
|
|
struct ccs_chroot_acl *ptr, |
|
|
const struct ccs_condition *cond) |
|
|
{ |
|
|
const int pos = head->read_avail; |
|
|
if (!ccs_io_printf(head, CCS_KEYWORD_ALLOW_CHROOT) || |
|
|
!ccs_print_name_union(head, &ptr->dir) || |
|
|
!ccs_print_condition(head, cond)) { |
|
|
head->read_avail = pos; |
|
|
return false; |
|
|
} |
|
|
return true; |
|
|
} |
|
|
|
|
|
/** |
|
|
* ccs_print_pivot_root_acl - Print a pivot_root ACL entry. |
|
|
* |
|
|
* @head: Pointer to "struct ccs_io_buffer". |
|
|
* @ptr: Pointer to "struct ccs_pivot_root_acl". |
|
|
* @cond: Pointer to "struct ccs_condition". May be NULL. |
|
|
* |
|
|
* Returns true on success, false otherwise. |
|
|
*/ |
|
|
static bool ccs_print_pivot_root_acl(struct ccs_io_buffer *head, |
|
|
struct ccs_pivot_root_acl *ptr, |
|
|
const struct ccs_condition *cond) |
|
|
{ |
|
|
const int pos = head->read_avail; |
|
|
if (!ccs_io_printf(head, CCS_KEYWORD_ALLOW_PIVOT_ROOT) || |
|
|
!ccs_print_name_union(head, &ptr->new_root) || |
|
|
!ccs_print_name_union(head, &ptr->old_root) || |
|
|
!ccs_print_condition(head, cond)) { |
|
|
head->read_avail = pos; |
|
|
return false; |
|
|
} |
|
|
return true; |
|
|
} |
|
|
|
|
|
/** |
|
| 1556 |
* ccs_print_entry - Print an ACL entry. |
* ccs_print_entry - Print an ACL entry. |
| 1557 |
* |
* |
| 1558 |
* @head: Pointer to "struct ccs_io_buffer". |
* @head: Pointer to "struct ccs_io_buffer". |
| 1569 |
return true; |
return true; |
| 1570 |
if (acl_type == CCS_TYPE_PATH_ACL) { |
if (acl_type == CCS_TYPE_PATH_ACL) { |
| 1571 |
struct ccs_path_acl *acl |
struct ccs_path_acl *acl |
| 1572 |
= container_of(ptr, struct ccs_path_acl, |
= container_of(ptr, struct ccs_path_acl, head); |
|
head); |
|
| 1573 |
return ccs_print_path_acl(head, acl, cond); |
return ccs_print_path_acl(head, acl, cond); |
| 1574 |
} |
} |
| 1575 |
if (acl_type == CCS_TYPE_EXECUTE_HANDLER) { |
if (acl_type == CCS_TYPE_EXECUTE_HANDLER) { |
| 1595 |
} |
} |
| 1596 |
if (acl_type == CCS_TYPE_PATH2_ACL) { |
if (acl_type == CCS_TYPE_PATH2_ACL) { |
| 1597 |
struct ccs_path2_acl *acl |
struct ccs_path2_acl *acl |
| 1598 |
= container_of(ptr, struct ccs_path2_acl, |
= container_of(ptr, struct ccs_path2_acl, head); |
|
head); |
|
| 1599 |
return ccs_print_path2_acl(head, acl, cond); |
return ccs_print_path2_acl(head, acl, cond); |
| 1600 |
} |
} |
| 1601 |
if (acl_type == CCS_TYPE_PATH_NUMBER_ACL) { |
if (acl_type == CCS_TYPE_PATH_NUMBER_ACL) { |
| 1602 |
struct ccs_path_number_acl *acl |
struct ccs_path_number_acl *acl |
| 1603 |
= container_of(ptr, struct ccs_path_number_acl, |
= container_of(ptr, struct ccs_path_number_acl, head); |
|
head); |
|
| 1604 |
return ccs_print_path_number_acl(head, acl, cond); |
return ccs_print_path_number_acl(head, acl, cond); |
| 1605 |
} |
} |
| 1606 |
if (acl_type == CCS_TYPE_ENV_ACL) { |
if (acl_type == CCS_TYPE_ENV_ACL) { |
| 1610 |
} |
} |
| 1611 |
if (acl_type == CCS_TYPE_CAPABILITY_ACL) { |
if (acl_type == CCS_TYPE_CAPABILITY_ACL) { |
| 1612 |
struct ccs_capability_acl *acl |
struct ccs_capability_acl *acl |
| 1613 |
= container_of(ptr, struct ccs_capability_acl, |
= container_of(ptr, struct ccs_capability_acl, head); |
|
head); |
|
| 1614 |
return ccs_print_capability_acl(head, acl, cond); |
return ccs_print_capability_acl(head, acl, cond); |
| 1615 |
} |
} |
| 1616 |
if (acl_type == CCS_TYPE_IP_NETWORK_ACL) { |
if (acl_type == CCS_TYPE_IP_NETWORK_ACL) { |
| 1617 |
struct ccs_ip_network_acl *acl |
struct ccs_ip_network_acl *acl |
| 1618 |
= container_of(ptr, struct ccs_ip_network_acl, |
= container_of(ptr, struct ccs_ip_network_acl, head); |
|
head); |
|
| 1619 |
return ccs_print_network_acl(head, acl, cond); |
return ccs_print_network_acl(head, acl, cond); |
| 1620 |
} |
} |
| 1621 |
if (acl_type == CCS_TYPE_SIGNAL_ACL) { |
if (acl_type == CCS_TYPE_SIGNAL_ACL) { |
| 1628 |
= container_of(ptr, struct ccs_mount_acl, head); |
= container_of(ptr, struct ccs_mount_acl, head); |
| 1629 |
return ccs_print_mount_acl(head, acl, cond); |
return ccs_print_mount_acl(head, acl, cond); |
| 1630 |
} |
} |
|
if (acl_type == CCS_TYPE_UMOUNT_ACL) { |
|
|
struct ccs_umount_acl *acl |
|
|
= container_of(ptr, struct ccs_umount_acl, head); |
|
|
return ccs_print_umount_acl(head, acl, cond); |
|
|
} |
|
|
if (acl_type == CCS_TYPE_CHROOT_ACL) { |
|
|
struct ccs_chroot_acl *acl |
|
|
= container_of(ptr, struct ccs_chroot_acl, head); |
|
|
return ccs_print_chroot_acl(head, acl, cond); |
|
|
} |
|
|
if (acl_type == CCS_TYPE_PIVOT_ROOT_ACL) { |
|
|
struct ccs_pivot_root_acl *acl |
|
|
= container_of(ptr, struct ccs_pivot_root_acl, |
|
|
head); |
|
|
return ccs_print_pivot_root_acl(head, acl, cond); |
|
|
} |
|
| 1631 |
BUG(); /* This must not happen. */ |
BUG(); /* This must not happen. */ |
| 1632 |
return false; |
return false; |
| 1633 |
} |
} |
| 1726 |
if (profile >= CCS_MAX_PROFILES) |
if (profile >= CCS_MAX_PROFILES) |
| 1727 |
return -EINVAL; |
return -EINVAL; |
| 1728 |
domain = ccs_find_domain(cp + 1); |
domain = ccs_find_domain(cp + 1); |
| 1729 |
if (domain && ccs_profile(profile)) |
if (domain && (!ccs_policy_loaded || ccs_profile_ptr[(u8) profile])) |
| 1730 |
domain->profile = (u8) profile; |
domain->profile = (u8) profile; |
| 1731 |
return 0; |
return 0; |
| 1732 |
} |
} |
| 2411 |
{ |
{ |
| 2412 |
if (head->read_eof) |
if (head->read_eof) |
| 2413 |
return; |
return; |
| 2414 |
ccs_io_printf(head, "1.7.0-rc"); |
ccs_io_printf(head, "1.7.1-pre"); |
| 2415 |
head->read_eof = true; |
head->read_eof = true; |
| 2416 |
} |
} |
| 2417 |
|
|
| 2569 |
* Waits for read readiness. |
* Waits for read readiness. |
| 2570 |
* /proc/ccs/query is handled by /usr/sbin/ccs-queryd and |
* /proc/ccs/query is handled by /usr/sbin/ccs-queryd and |
| 2571 |
* /proc/ccs/grant_log and /proc/ccs/reject_log are handled by |
* /proc/ccs/grant_log and /proc/ccs/reject_log are handled by |
| 2572 |
* /usr/sbin/ccs-auditd. |
* /usr/sbin/ccs-auditd . |
| 2573 |
*/ |
*/ |
| 2574 |
int ccs_poll_control(struct file *file, poll_table *wait) |
int ccs_poll_control(struct file *file, poll_table *wait) |
| 2575 |
{ |
{ |
TOMOYO
Parent Directory
Revision Log
Patch