1 |
--- |
--- |
2 |
security/tomoyo/lsm.c | 512 ++++++++++++++++++++++++++++++++++++++++++++++++++ |
security/tomoyo/lsm.c | 484 ++++++++++++++++++++++++++++++++++++++++++++++++++ |
3 |
1 file changed, 512 insertions(+) |
1 file changed, 484 insertions(+) |
4 |
|
|
5 |
--- /dev/null |
--- /dev/null |
6 |
+++ linux-2.6.31/security/tomoyo/lsm.c |
+++ linux-2.6.32-rc1/security/tomoyo/lsm.c |
7 |
@@ -0,0 +1,512 @@ |
@@ -0,0 +1,484 @@ |
8 |
+/* |
+/* |
9 |
+ * security/tomoyo/lsm.c |
+ * security/tomoyo/lsm.c |
10 |
+ * |
+ * |
14 |
+ */ |
+ */ |
15 |
+#include "internal.h" |
+#include "internal.h" |
16 |
+#include <linux/socket.h> |
+#include <linux/socket.h> |
17 |
|
+#include <net/sock.h> |
18 |
+ |
+ |
19 |
+static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp) |
+static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp) |
20 |
+{ |
+{ |
270 |
+ f->f_flags + 1); |
+ f->f_flags + 1); |
271 |
+} |
+} |
272 |
+ |
+ |
273 |
+#include <net/sock.h> |
+static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, |
274 |
|
+ unsigned long arg) |
275 |
|
+{ |
276 |
|
+ return tomoyo_ioctl_permission(file, cmd, arg); |
277 |
|
+} |
278 |
|
+ |
279 |
|
+static int tomoyo_sb_mount(char *dev_name, struct path *path, |
280 |
|
+ char *type, unsigned long flags, void *data) |
281 |
|
+{ |
282 |
|
+ return tomoyo_mount_permission(dev_name, path, type, flags); |
283 |
|
+} |
284 |
|
+ |
285 |
|
+static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) |
286 |
|
+{ |
287 |
|
+ return tomoyo_umount_permission(mnt); |
288 |
|
+} |
289 |
|
+ |
290 |
|
+static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path) |
291 |
|
+{ |
292 |
|
+ return tomoyo_pivot_root_permission(old_path, new_path); |
293 |
|
+} |
294 |
+ |
+ |
295 |
+#define TOMOYO_SOCKET_KERNEL_SOCKET (void *) 0xFFFFFFFF |
+#define TOMOYO_SOCKET_KERNEL_SOCKET (void *) 0xFFFFFFFF |
296 |
+#define TOMOYO_SOCKET_NOT_YET_AUTHENTICATED (void *) 0xFee1Dead |
+#define TOMOYO_SOCKET_NOT_YET_AUTHORIZED (void *) 0xFee1Dead |
297 |
+#define TOMOYO_SOCKET_NOT_YET_ABORTED (void *) 0xDeadBeef |
+#define TOMOYO_SOCKET_NOT_YET_ABORTED (void *) 0xDeadBeef |
298 |
+ |
+ |
299 |
+static inline bool tomoyo_kern_sock(struct socket *sock) |
+static inline bool tomoyo_kern_sock(struct socket *sock) |
305 |
+{ |
+{ |
306 |
+ if (!sock || !SOCK_INODE(sock) || !SOCK_INODE(sock)->i_security) |
+ if (!sock || !SOCK_INODE(sock) || !SOCK_INODE(sock)->i_security) |
307 |
+ return 0; |
+ return 0; |
308 |
+ if (SOCK_INODE(sock)->i_security == |
+ if (SOCK_INODE(sock)->i_security == TOMOYO_SOCKET_NOT_YET_AUTHORIZED) { |
|
+ TOMOYO_SOCKET_NOT_YET_AUTHENTICATED) { |
|
309 |
+ /* |
+ /* |
310 |
+ * This socket is an accept()ed socket, but not yet |
+ * This socket is an accept()ed socket, but not yet |
311 |
+ * authenticated. Check permission for accept() now. |
+ * authorized. Check permission for accept() now. |
312 |
+ */ |
+ */ |
313 |
+ if (tomoyo_socket_accept_permission(sock) == 0) { |
+ if (tomoyo_socket_accept_permission(sock) == 0) { |
314 |
+ SOCK_INODE(sock)->i_security = NULL; |
+ SOCK_INODE(sock)->i_security = NULL; |
335 |
+ return -EPERM; |
+ return -EPERM; |
336 |
+} |
+} |
337 |
+ |
+ |
338 |
|
+static int tomoyo_socket_create(int family, int type, int protocol, int kern) |
339 |
|
+{ |
340 |
|
+ if (kern) |
341 |
|
+ return 0; |
342 |
|
+ return tomoyo_socket_create_permission(family, type, protocol); |
343 |
|
+} |
344 |
|
+ |
345 |
+static int tomoyo_socket_post_create(struct socket *sock, int family, int type, |
+static int tomoyo_socket_post_create(struct socket *sock, int family, int type, |
346 |
+ int protocol, int kern) |
+ int protocol, int kern) |
347 |
+{ |
+{ |
357 |
+ if (tomoyo_dead_sock(sock)) |
+ if (tomoyo_dead_sock(sock)) |
358 |
+ return -EPERM; |
+ return -EPERM; |
359 |
+ /* Check permission for accept() later. */ |
+ /* Check permission for accept() later. */ |
360 |
+ SOCK_INODE(newsock)->i_security = TOMOYO_SOCKET_NOT_YET_AUTHENTICATED; |
+ SOCK_INODE(newsock)->i_security = TOMOYO_SOCKET_NOT_YET_AUTHORIZED; |
361 |
+ return 0; |
+ return 0; |
362 |
+} |
+} |
363 |
+ |
+ |
|
+static int tomoyo_socket_getsockname(struct socket *sock) |
|
|
+{ |
|
|
+ if (tomoyo_kern_sock(sock)) |
|
|
+ return 0; |
|
|
+ return tomoyo_dead_sock(sock); |
|
|
+} |
|
|
+ |
|
|
+static int tomoyo_socket_getpeername(struct socket *sock) |
|
|
+{ |
|
|
+ if (tomoyo_kern_sock(sock)) |
|
|
+ return 0; |
|
|
+ return tomoyo_dead_sock(sock); |
|
|
+} |
|
|
+ |
|
|
+static int tomoyo_socket_getsockopt(struct socket *sock, int level, |
|
|
+ int optname) |
|
|
+{ |
|
|
+ if (tomoyo_kern_sock(sock)) |
|
|
+ return 0; |
|
|
+ return tomoyo_dead_sock(sock); |
|
|
+} |
|
|
+ |
|
|
+static int tomoyo_socket_setsockopt(struct socket *sock, int level, int optname) |
|
|
+{ |
|
|
+ if (tomoyo_kern_sock(sock)) |
|
|
+ return 0; |
|
|
+ return tomoyo_dead_sock(sock); |
|
|
+} |
|
|
+ |
|
364 |
+static int tomoyo_socket_bind(struct socket *sock, struct sockaddr *address, |
+static int tomoyo_socket_bind(struct socket *sock, struct sockaddr *address, |
365 |
+ int addrlen) |
+ int addrlen) |
366 |
+{ |
+{ |
390 |
+ return tomoyo_socket_listen_permission(sock); |
+ return tomoyo_socket_listen_permission(sock); |
391 |
+} |
+} |
392 |
+ |
+ |
393 |
+static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, |
+static int tomoyo_socket_getsockname(struct socket *sock) |
|
+ int size) |
|
394 |
+{ |
+{ |
395 |
+ if (tomoyo_kern_sock(sock)) |
+ if (tomoyo_kern_sock(sock)) |
396 |
+ return 0; |
+ return 0; |
397 |
+ if (tomoyo_dead_sock(sock)) |
+ return tomoyo_dead_sock(sock); |
|
+ return -EPERM; |
|
|
+ return tomoyo_socket_sendmsg_permission(sock, msg->msg_name, |
|
|
+ msg->msg_namelen); |
|
398 |
+} |
+} |
399 |
+ |
+ |
400 |
+static int tomoyo_socket_create(int family, int type, int protocol, int kern) |
+static int tomoyo_socket_getpeername(struct socket *sock) |
401 |
+{ |
+{ |
402 |
+ if (kern) |
+ if (tomoyo_kern_sock(sock)) |
403 |
+ return 0; |
+ return 0; |
404 |
+ return tomoyo_socket_create_permission(family, type, protocol); |
+ return tomoyo_dead_sock(sock); |
|
+} |
|
|
+ |
|
|
+/* |
|
|
+static int tomoyo_socket_bind(struct socket *sock, struct sockaddr *address, |
|
|
+ int addrlen) |
|
|
+{ |
|
|
+ return tomoyo_socket_bind_permission(sock, address, addrlen); |
|
405 |
+} |
+} |
406 |
+ |
+ |
407 |
+static int tomoyo_socket_connect(struct socket *sock, struct sockaddr *address, |
+static int tomoyo_socket_getsockopt(struct socket *sock, int level, |
408 |
+ int addrlen) |
+ int optname) |
409 |
+{ |
+{ |
410 |
+ return tomoyo_socket_connect_permission(sock, address, addrlen); |
+ if (tomoyo_kern_sock(sock)) |
411 |
|
+ return 0; |
412 |
|
+ return tomoyo_dead_sock(sock); |
413 |
+} |
+} |
414 |
+ |
+ |
415 |
+static int tomoyo_socket_listen(struct socket *sock, int backlog) |
+static int tomoyo_socket_setsockopt(struct socket *sock, int level, int optname) |
416 |
+{ |
+{ |
417 |
+ return tomoyo_socket_listen_permission(sock); |
+ if (tomoyo_kern_sock(sock)) |
418 |
|
+ return 0; |
419 |
|
+ return tomoyo_dead_sock(sock); |
420 |
+} |
+} |
421 |
+ |
+ |
422 |
+static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, |
+static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, |
423 |
+ int size) |
+ int size) |
424 |
+{ |
+{ |
425 |
|
+ if (tomoyo_kern_sock(sock)) |
426 |
|
+ return 0; |
427 |
|
+ if (tomoyo_dead_sock(sock)) |
428 |
|
+ return -EPERM; |
429 |
+ return tomoyo_socket_sendmsg_permission(sock, msg->msg_name, |
+ return tomoyo_socket_sendmsg_permission(sock, msg->msg_name, |
430 |
+ msg->msg_namelen); |
+ msg->msg_namelen); |
431 |
+} |
+} |
|
+*/ |
|
|
+ |
|
|
+static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, |
|
|
+ unsigned long arg) |
|
|
+{ |
|
|
+ return tomoyo_ioctl_permission(file, cmd, arg); |
|
|
+} |
|
|
+ |
|
|
+static int tomoyo_sb_mount(char *dev_name, struct path *path, |
|
|
+ char *type, unsigned long flags, void *data) |
|
|
+{ |
|
|
+ return tomoyo_mount_permission(dev_name, path, type, flags); |
|
|
+} |
|
|
+ |
|
|
+static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) |
|
|
+{ |
|
|
+ return tomoyo_umount_permission(mnt); |
|
|
+} |
|
|
+ |
|
|
+static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path) |
|
|
+{ |
|
|
+ return tomoyo_pivot_root_permission(old_path, new_path); |
|
|
+} |
|
432 |
+ |
+ |
433 |
+/* |
+/* |
434 |
+ * tomoyo_security_ops is a "struct security_operations" which is used for |
+ * tomoyo_security_ops is a "struct security_operations" which is used for |
436 |
+ */ |
+ */ |
437 |
+static struct security_operations tomoyo_security_ops = { |
+static struct security_operations tomoyo_security_ops = { |
438 |
+ .name = "tomoyo", |
+ .name = "tomoyo", |
439 |
+ /* .cred_alloc_blank = tomoyo_cred_alloc_blank, */ |
+ .cred_alloc_blank = tomoyo_cred_alloc_blank, |
440 |
+ .cred_prepare = tomoyo_cred_prepare, |
+ .cred_prepare = tomoyo_cred_prepare, |
441 |
+ /* .cred_transfer = tomoyo_cred_transfer, */ |
+ .cred_transfer = tomoyo_cred_transfer, |
442 |
+ .bprm_check_security = tomoyo_bprm_check_security, |
+ .bprm_check_security = tomoyo_bprm_check_security, |
443 |
+ .bprm_committing_creds = tomoyo_bprm_committing_creds, |
+ .bprm_committing_creds = tomoyo_bprm_committing_creds, |
444 |
+ .cred_free = tomoyo_cred_free, |
+ .cred_free = tomoyo_cred_free, |