cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

smackfs.c (71204B)


      1// SPDX-License-Identifier: GPL-2.0-only
      2/*
      3 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com>
      4 *
      5 * Authors:
      6 * 	Casey Schaufler <casey@schaufler-ca.com>
      7 * 	Ahmed S. Darwish <darwish.07@gmail.com>
      8 *
      9 * Special thanks to the authors of selinuxfs.
     10 *
     11 *	Karl MacMillan <kmacmillan@tresys.com>
     12 *	James Morris <jmorris@redhat.com>
     13 */
     14
     15#include <linux/kernel.h>
     16#include <linux/vmalloc.h>
     17#include <linux/security.h>
     18#include <linux/mutex.h>
     19#include <linux/slab.h>
     20#include <net/net_namespace.h>
     21#include <net/cipso_ipv4.h>
     22#include <linux/seq_file.h>
     23#include <linux/ctype.h>
     24#include <linux/audit.h>
     25#include <linux/magic.h>
     26#include <linux/mount.h>
     27#include <linux/fs_context.h>
     28#include "smack.h"
     29
     30#define BEBITS	(sizeof(__be32) * 8)
     31/*
     32 * smackfs pseudo filesystem.
     33 */
     34
     35enum smk_inos {
     36	SMK_ROOT_INO	= 2,
     37	SMK_LOAD	= 3,	/* load policy */
     38	SMK_CIPSO	= 4,	/* load label -> CIPSO mapping */
     39	SMK_DOI		= 5,	/* CIPSO DOI */
     40	SMK_DIRECT	= 6,	/* CIPSO level indicating direct label */
     41	SMK_AMBIENT	= 7,	/* internet ambient label */
     42	SMK_NET4ADDR	= 8,	/* single label hosts */
     43	SMK_ONLYCAP	= 9,	/* the only "capable" label */
     44	SMK_LOGGING	= 10,	/* logging */
     45	SMK_LOAD_SELF	= 11,	/* task specific rules */
     46	SMK_ACCESSES	= 12,	/* access policy */
     47	SMK_MAPPED	= 13,	/* CIPSO level indicating mapped label */
     48	SMK_LOAD2	= 14,	/* load policy with long labels */
     49	SMK_LOAD_SELF2	= 15,	/* load task specific rules with long labels */
     50	SMK_ACCESS2	= 16,	/* make an access check with long labels */
     51	SMK_CIPSO2	= 17,	/* load long label -> CIPSO mapping */
     52	SMK_REVOKE_SUBJ	= 18,	/* set rules with subject label to '-' */
     53	SMK_CHANGE_RULE	= 19,	/* change or add rules (long labels) */
     54	SMK_SYSLOG	= 20,	/* change syslog label) */
     55	SMK_PTRACE	= 21,	/* set ptrace rule */
     56#ifdef CONFIG_SECURITY_SMACK_BRINGUP
     57	SMK_UNCONFINED	= 22,	/* define an unconfined label */
     58#endif
     59#if IS_ENABLED(CONFIG_IPV6)
     60	SMK_NET6ADDR	= 23,	/* single label IPv6 hosts */
     61#endif /* CONFIG_IPV6 */
     62	SMK_RELABEL_SELF = 24, /* relabel possible without CAP_MAC_ADMIN */
     63};
     64
     65/*
     66 * List locks
     67 */
     68static DEFINE_MUTEX(smack_cipso_lock);
     69static DEFINE_MUTEX(smack_ambient_lock);
     70static DEFINE_MUTEX(smk_net4addr_lock);
     71#if IS_ENABLED(CONFIG_IPV6)
     72static DEFINE_MUTEX(smk_net6addr_lock);
     73#endif /* CONFIG_IPV6 */
     74
     75/*
     76 * This is the "ambient" label for network traffic.
     77 * If it isn't somehow marked, use this.
     78 * It can be reset via smackfs/ambient
     79 */
     80struct smack_known *smack_net_ambient;
     81
     82/*
     83 * This is the level in a CIPSO header that indicates a
     84 * smack label is contained directly in the category set.
     85 * It can be reset via smackfs/direct
     86 */
     87int smack_cipso_direct = SMACK_CIPSO_DIRECT_DEFAULT;
     88
     89/*
     90 * This is the level in a CIPSO header that indicates a
     91 * secid is contained directly in the category set.
     92 * It can be reset via smackfs/mapped
     93 */
     94int smack_cipso_mapped = SMACK_CIPSO_MAPPED_DEFAULT;
     95
     96#ifdef CONFIG_SECURITY_SMACK_BRINGUP
     97/*
     98 * Allow one label to be unconfined. This is for
     99 * debugging and application bring-up purposes only.
    100 * It is bad and wrong, but everyone seems to expect
    101 * to have it.
    102 */
    103struct smack_known *smack_unconfined;
    104#endif
    105
    106/*
    107 * If this value is set restrict syslog use to the label specified.
    108 * It can be reset via smackfs/syslog
    109 */
    110struct smack_known *smack_syslog_label;
    111
    112/*
    113 * Ptrace current rule
    114 * SMACK_PTRACE_DEFAULT    regular smack ptrace rules (/proc based)
    115 * SMACK_PTRACE_EXACT      labels must match, but can be overriden with
    116 *			   CAP_SYS_PTRACE
    117 * SMACK_PTRACE_DRACONIAN  lables must match, CAP_SYS_PTRACE has no effect
    118 */
    119int smack_ptrace_rule = SMACK_PTRACE_DEFAULT;
    120
    121/*
    122 * Certain IP addresses may be designated as single label hosts.
    123 * Packets are sent there unlabeled, but only from tasks that
    124 * can write to the specified label.
    125 */
    126
    127LIST_HEAD(smk_net4addr_list);
    128#if IS_ENABLED(CONFIG_IPV6)
    129LIST_HEAD(smk_net6addr_list);
    130#endif /* CONFIG_IPV6 */
    131
    132/*
    133 * Rule lists are maintained for each label.
    134 */
    135struct smack_parsed_rule {
    136	struct smack_known	*smk_subject;
    137	struct smack_known	*smk_object;
    138	int			smk_access1;
    139	int			smk_access2;
    140};
    141
    142static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;
    143
    144/*
    145 * Values for parsing cipso rules
    146 * SMK_DIGITLEN: Length of a digit field in a rule.
    147 * SMK_CIPSOMIN: Minimum possible cipso rule length.
    148 * SMK_CIPSOMAX: Maximum possible cipso rule length.
    149 */
    150#define SMK_DIGITLEN 4
    151#define SMK_CIPSOMIN (SMK_LABELLEN + 2 * SMK_DIGITLEN)
    152#define SMK_CIPSOMAX (SMK_CIPSOMIN + SMACK_CIPSO_MAXCATNUM * SMK_DIGITLEN)
    153
    154/*
    155 * Values for parsing MAC rules
    156 * SMK_ACCESS: Maximum possible combination of access permissions
    157 * SMK_ACCESSLEN: Maximum length for a rule access field
    158 * SMK_LOADLEN: Smack rule length
    159 */
    160#define SMK_OACCESS	"rwxa"
    161#define SMK_ACCESS	"rwxatl"
    162#define SMK_OACCESSLEN	(sizeof(SMK_OACCESS) - 1)
    163#define SMK_ACCESSLEN	(sizeof(SMK_ACCESS) - 1)
    164#define SMK_OLOADLEN	(SMK_LABELLEN + SMK_LABELLEN + SMK_OACCESSLEN)
    165#define SMK_LOADLEN	(SMK_LABELLEN + SMK_LABELLEN + SMK_ACCESSLEN)
    166
    167/*
    168 * Stricly for CIPSO level manipulation.
    169 * Set the category bit number in a smack label sized buffer.
    170 */
    171static inline void smack_catset_bit(unsigned int cat, char *catsetp)
    172{
    173	if (cat == 0 || cat > (SMK_CIPSOLEN * 8))
    174		return;
    175
    176	catsetp[(cat - 1) / 8] |= 0x80 >> ((cat - 1) % 8);
    177}
    178
    179/**
    180 * smk_netlabel_audit_set - fill a netlbl_audit struct
    181 * @nap: structure to fill
    182 */
    183static void smk_netlabel_audit_set(struct netlbl_audit *nap)
    184{
    185	struct smack_known *skp = smk_of_current();
    186
    187	nap->loginuid = audit_get_loginuid(current);
    188	nap->sessionid = audit_get_sessionid(current);
    189	nap->secid = skp->smk_secid;
    190}
    191
    192/*
    193 * Value for parsing single label host rules
    194 * "1.2.3.4 X"
    195 */
    196#define SMK_NETLBLADDRMIN	9
    197
    198/**
    199 * smk_set_access - add a rule to the rule list or replace an old rule
    200 * @srp: the rule to add or replace
    201 * @rule_list: the list of rules
    202 * @rule_lock: the rule list lock
    203 *
    204 * Looks through the current subject/object/access list for
    205 * the subject/object pair and replaces the access that was
    206 * there. If the pair isn't found add it with the specified
    207 * access.
    208 *
    209 * Returns 0 if nothing goes wrong or -ENOMEM if it fails
    210 * during the allocation of the new pair to add.
    211 */
    212static int smk_set_access(struct smack_parsed_rule *srp,
    213				struct list_head *rule_list,
    214				struct mutex *rule_lock)
    215{
    216	struct smack_rule *sp;
    217	int found = 0;
    218	int rc = 0;
    219
    220	mutex_lock(rule_lock);
    221
    222	/*
    223	 * Because the object label is less likely to match
    224	 * than the subject label check it first
    225	 */
    226	list_for_each_entry_rcu(sp, rule_list, list) {
    227		if (sp->smk_object == srp->smk_object &&
    228		    sp->smk_subject == srp->smk_subject) {
    229			found = 1;
    230			sp->smk_access |= srp->smk_access1;
    231			sp->smk_access &= ~srp->smk_access2;
    232			break;
    233		}
    234	}
    235
    236	if (found == 0) {
    237		sp = kmem_cache_zalloc(smack_rule_cache, GFP_KERNEL);
    238		if (sp == NULL) {
    239			rc = -ENOMEM;
    240			goto out;
    241		}
    242
    243		sp->smk_subject = srp->smk_subject;
    244		sp->smk_object = srp->smk_object;
    245		sp->smk_access = srp->smk_access1 & ~srp->smk_access2;
    246
    247		list_add_rcu(&sp->list, rule_list);
    248	}
    249
    250out:
    251	mutex_unlock(rule_lock);
    252	return rc;
    253}
    254
    255/**
    256 * smk_perm_from_str - parse smack accesses from a text string
    257 * @string: a text string that contains a Smack accesses code
    258 *
    259 * Returns an integer with respective bits set for specified accesses.
    260 */
    261static int smk_perm_from_str(const char *string)
    262{
    263	int perm = 0;
    264	const char *cp;
    265
    266	for (cp = string; ; cp++)
    267		switch (*cp) {
    268		case '-':
    269			break;
    270		case 'r':
    271		case 'R':
    272			perm |= MAY_READ;
    273			break;
    274		case 'w':
    275		case 'W':
    276			perm |= MAY_WRITE;
    277			break;
    278		case 'x':
    279		case 'X':
    280			perm |= MAY_EXEC;
    281			break;
    282		case 'a':
    283		case 'A':
    284			perm |= MAY_APPEND;
    285			break;
    286		case 't':
    287		case 'T':
    288			perm |= MAY_TRANSMUTE;
    289			break;
    290		case 'l':
    291		case 'L':
    292			perm |= MAY_LOCK;
    293			break;
    294		case 'b':
    295		case 'B':
    296			perm |= MAY_BRINGUP;
    297			break;
    298		default:
    299			return perm;
    300		}
    301}
    302
    303/**
    304 * smk_fill_rule - Fill Smack rule from strings
    305 * @subject: subject label string
    306 * @object: object label string
    307 * @access1: access string
    308 * @access2: string with permissions to be removed
    309 * @rule: Smack rule
    310 * @import: if non-zero, import labels
    311 * @len: label length limit
    312 *
    313 * Returns 0 on success, appropriate error code on failure.
    314 */
    315static int smk_fill_rule(const char *subject, const char *object,
    316				const char *access1, const char *access2,
    317				struct smack_parsed_rule *rule, int import,
    318				int len)
    319{
    320	const char *cp;
    321	struct smack_known *skp;
    322
    323	if (import) {
    324		rule->smk_subject = smk_import_entry(subject, len);
    325		if (IS_ERR(rule->smk_subject))
    326			return PTR_ERR(rule->smk_subject);
    327
    328		rule->smk_object = smk_import_entry(object, len);
    329		if (IS_ERR(rule->smk_object))
    330			return PTR_ERR(rule->smk_object);
    331	} else {
    332		cp = smk_parse_smack(subject, len);
    333		if (IS_ERR(cp))
    334			return PTR_ERR(cp);
    335		skp = smk_find_entry(cp);
    336		kfree(cp);
    337		if (skp == NULL)
    338			return -ENOENT;
    339		rule->smk_subject = skp;
    340
    341		cp = smk_parse_smack(object, len);
    342		if (IS_ERR(cp))
    343			return PTR_ERR(cp);
    344		skp = smk_find_entry(cp);
    345		kfree(cp);
    346		if (skp == NULL)
    347			return -ENOENT;
    348		rule->smk_object = skp;
    349	}
    350
    351	rule->smk_access1 = smk_perm_from_str(access1);
    352	if (access2)
    353		rule->smk_access2 = smk_perm_from_str(access2);
    354	else
    355		rule->smk_access2 = ~rule->smk_access1;
    356
    357	return 0;
    358}
    359
    360/**
    361 * smk_parse_rule - parse Smack rule from load string
    362 * @data: string to be parsed whose size is SMK_LOADLEN
    363 * @rule: Smack rule
    364 * @import: if non-zero, import labels
    365 *
    366 * Returns 0 on success, -1 on errors.
    367 */
    368static int smk_parse_rule(const char *data, struct smack_parsed_rule *rule,
    369				int import)
    370{
    371	int rc;
    372
    373	rc = smk_fill_rule(data, data + SMK_LABELLEN,
    374			   data + SMK_LABELLEN + SMK_LABELLEN, NULL, rule,
    375			   import, SMK_LABELLEN);
    376	return rc;
    377}
    378
    379/**
    380 * smk_parse_long_rule - parse Smack rule from rule string
    381 * @data: string to be parsed, null terminated
    382 * @rule: Will be filled with Smack parsed rule
    383 * @import: if non-zero, import labels
    384 * @tokens: number of substrings expected in data
    385 *
    386 * Returns number of processed bytes on success, -ERRNO on failure.
    387 */
    388static ssize_t smk_parse_long_rule(char *data, struct smack_parsed_rule *rule,
    389				int import, int tokens)
    390{
    391	ssize_t cnt = 0;
    392	char *tok[4];
    393	int rc;
    394	int i;
    395
    396	/*
    397	 * Parsing the rule in-place, filling all white-spaces with '\0'
    398	 */
    399	for (i = 0; i < tokens; ++i) {
    400		while (isspace(data[cnt]))
    401			data[cnt++] = '\0';
    402
    403		if (data[cnt] == '\0')
    404			/* Unexpected end of data */
    405			return -EINVAL;
    406
    407		tok[i] = data + cnt;
    408
    409		while (data[cnt] && !isspace(data[cnt]))
    410			++cnt;
    411	}
    412	while (isspace(data[cnt]))
    413		data[cnt++] = '\0';
    414
    415	while (i < 4)
    416		tok[i++] = NULL;
    417
    418	rc = smk_fill_rule(tok[0], tok[1], tok[2], tok[3], rule, import, 0);
    419	return rc == 0 ? cnt : rc;
    420}
    421
    422#define SMK_FIXED24_FMT	0	/* Fixed 24byte label format */
    423#define SMK_LONG_FMT	1	/* Variable long label format */
    424#define SMK_CHANGE_FMT	2	/* Rule modification format */
    425/**
    426 * smk_write_rules_list - write() for any /smack rule file
    427 * @file: file pointer, not actually used
    428 * @buf: where to get the data from
    429 * @count: bytes sent
    430 * @ppos: where to start - must be 0
    431 * @rule_list: the list of rules to write to
    432 * @rule_lock: lock for the rule list
    433 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
    434 *
    435 * Get one smack access rule from above.
    436 * The format for SMK_LONG_FMT is:
    437 *	"subject<whitespace>object<whitespace>access[<whitespace>...]"
    438 * The format for SMK_FIXED24_FMT is exactly:
    439 *	"subject                 object                  rwxat"
    440 * The format for SMK_CHANGE_FMT is:
    441 *	"subject<whitespace>object<whitespace>
    442 *	 acc_enable<whitespace>acc_disable[<whitespace>...]"
    443 */
    444static ssize_t smk_write_rules_list(struct file *file, const char __user *buf,
    445					size_t count, loff_t *ppos,
    446					struct list_head *rule_list,
    447					struct mutex *rule_lock, int format)
    448{
    449	struct smack_parsed_rule rule;
    450	char *data;
    451	int rc;
    452	int trunc = 0;
    453	int tokens;
    454	ssize_t cnt = 0;
    455
    456	/*
    457	 * No partial writes.
    458	 * Enough data must be present.
    459	 */
    460	if (*ppos != 0)
    461		return -EINVAL;
    462
    463	if (format == SMK_FIXED24_FMT) {
    464		/*
    465		 * Minor hack for backward compatibility
    466		 */
    467		if (count < SMK_OLOADLEN || count > SMK_LOADLEN)
    468			return -EINVAL;
    469	} else {
    470		if (count >= PAGE_SIZE) {
    471			count = PAGE_SIZE - 1;
    472			trunc = 1;
    473		}
    474	}
    475
    476	data = memdup_user_nul(buf, count);
    477	if (IS_ERR(data))
    478		return PTR_ERR(data);
    479
    480	/*
    481	 * In case of parsing only part of user buf,
    482	 * avoid having partial rule at the data buffer
    483	 */
    484	if (trunc) {
    485		while (count > 0 && (data[count - 1] != '\n'))
    486			--count;
    487		if (count == 0) {
    488			rc = -EINVAL;
    489			goto out;
    490		}
    491	}
    492
    493	data[count] = '\0';
    494	tokens = (format == SMK_CHANGE_FMT ? 4 : 3);
    495	while (cnt < count) {
    496		if (format == SMK_FIXED24_FMT) {
    497			rc = smk_parse_rule(data, &rule, 1);
    498			if (rc < 0)
    499				goto out;
    500			cnt = count;
    501		} else {
    502			rc = smk_parse_long_rule(data + cnt, &rule, 1, tokens);
    503			if (rc < 0)
    504				goto out;
    505			if (rc == 0) {
    506				rc = -EINVAL;
    507				goto out;
    508			}
    509			cnt += rc;
    510		}
    511
    512		if (rule_list == NULL)
    513			rc = smk_set_access(&rule, &rule.smk_subject->smk_rules,
    514				&rule.smk_subject->smk_rules_lock);
    515		else
    516			rc = smk_set_access(&rule, rule_list, rule_lock);
    517
    518		if (rc)
    519			goto out;
    520	}
    521
    522	rc = cnt;
    523out:
    524	kfree(data);
    525	return rc;
    526}
    527
    528/*
    529 * Core logic for smackfs seq list operations.
    530 */
    531
    532static void *smk_seq_start(struct seq_file *s, loff_t *pos,
    533				struct list_head *head)
    534{
    535	struct list_head *list;
    536	int i = *pos;
    537
    538	rcu_read_lock();
    539	for (list = rcu_dereference(list_next_rcu(head));
    540		list != head;
    541		list = rcu_dereference(list_next_rcu(list))) {
    542		if (i-- == 0)
    543			return list;
    544	}
    545
    546	return NULL;
    547}
    548
    549static void *smk_seq_next(struct seq_file *s, void *v, loff_t *pos,
    550				struct list_head *head)
    551{
    552	struct list_head *list = v;
    553
    554	++*pos;
    555	list = rcu_dereference(list_next_rcu(list));
    556
    557	return (list == head) ? NULL : list;
    558}
    559
    560static void smk_seq_stop(struct seq_file *s, void *v)
    561{
    562	rcu_read_unlock();
    563}
    564
    565static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
    566{
    567	/*
    568	 * Don't show any rules with label names too long for
    569	 * interface file (/smack/load or /smack/load2)
    570	 * because you should expect to be able to write
    571	 * anything you read back.
    572	 */
    573	if (strlen(srp->smk_subject->smk_known) >= max ||
    574	    strlen(srp->smk_object->smk_known) >= max)
    575		return;
    576
    577	if (srp->smk_access == 0)
    578		return;
    579
    580	seq_printf(s, "%s %s",
    581		   srp->smk_subject->smk_known,
    582		   srp->smk_object->smk_known);
    583
    584	seq_putc(s, ' ');
    585
    586	if (srp->smk_access & MAY_READ)
    587		seq_putc(s, 'r');
    588	if (srp->smk_access & MAY_WRITE)
    589		seq_putc(s, 'w');
    590	if (srp->smk_access & MAY_EXEC)
    591		seq_putc(s, 'x');
    592	if (srp->smk_access & MAY_APPEND)
    593		seq_putc(s, 'a');
    594	if (srp->smk_access & MAY_TRANSMUTE)
    595		seq_putc(s, 't');
    596	if (srp->smk_access & MAY_LOCK)
    597		seq_putc(s, 'l');
    598	if (srp->smk_access & MAY_BRINGUP)
    599		seq_putc(s, 'b');
    600
    601	seq_putc(s, '\n');
    602}
    603
    604/*
    605 * Seq_file read operations for /smack/load
    606 */
    607
    608static void *load2_seq_start(struct seq_file *s, loff_t *pos)
    609{
    610	return smk_seq_start(s, pos, &smack_known_list);
    611}
    612
    613static void *load2_seq_next(struct seq_file *s, void *v, loff_t *pos)
    614{
    615	return smk_seq_next(s, v, pos, &smack_known_list);
    616}
    617
    618static int load_seq_show(struct seq_file *s, void *v)
    619{
    620	struct list_head *list = v;
    621	struct smack_rule *srp;
    622	struct smack_known *skp =
    623		list_entry_rcu(list, struct smack_known, list);
    624
    625	list_for_each_entry_rcu(srp, &skp->smk_rules, list)
    626		smk_rule_show(s, srp, SMK_LABELLEN);
    627
    628	return 0;
    629}
    630
    631static const struct seq_operations load_seq_ops = {
    632	.start = load2_seq_start,
    633	.next  = load2_seq_next,
    634	.show  = load_seq_show,
    635	.stop  = smk_seq_stop,
    636};
    637
    638/**
    639 * smk_open_load - open() for /smack/load
    640 * @inode: inode structure representing file
    641 * @file: "load" file pointer
    642 *
    643 * For reading, use load_seq_* seq_file reading operations.
    644 */
    645static int smk_open_load(struct inode *inode, struct file *file)
    646{
    647	return seq_open(file, &load_seq_ops);
    648}
    649
    650/**
    651 * smk_write_load - write() for /smack/load
    652 * @file: file pointer, not actually used
    653 * @buf: where to get the data from
    654 * @count: bytes sent
    655 * @ppos: where to start - must be 0
    656 *
    657 */
    658static ssize_t smk_write_load(struct file *file, const char __user *buf,
    659			      size_t count, loff_t *ppos)
    660{
    661	/*
    662	 * Must have privilege.
    663	 * No partial writes.
    664	 * Enough data must be present.
    665	 */
    666	if (!smack_privileged(CAP_MAC_ADMIN))
    667		return -EPERM;
    668
    669	return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
    670				    SMK_FIXED24_FMT);
    671}
    672
    673static const struct file_operations smk_load_ops = {
    674	.open           = smk_open_load,
    675	.read		= seq_read,
    676	.llseek         = seq_lseek,
    677	.write		= smk_write_load,
    678	.release        = seq_release,
    679};
    680
    681/**
    682 * smk_cipso_doi - initialize the CIPSO domain
    683 */
    684static void smk_cipso_doi(void)
    685{
    686	int rc;
    687	struct cipso_v4_doi *doip;
    688	struct netlbl_audit nai;
    689
    690	smk_netlabel_audit_set(&nai);
    691
    692	rc = netlbl_cfg_map_del(NULL, PF_INET, NULL, NULL, &nai);
    693	if (rc != 0)
    694		printk(KERN_WARNING "%s:%d remove rc = %d\n",
    695		       __func__, __LINE__, rc);
    696
    697	doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL);
    698	doip->map.std = NULL;
    699	doip->doi = smk_cipso_doi_value;
    700	doip->type = CIPSO_V4_MAP_PASS;
    701	doip->tags[0] = CIPSO_V4_TAG_RBITMAP;
    702	for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
    703		doip->tags[rc] = CIPSO_V4_TAG_INVALID;
    704
    705	rc = netlbl_cfg_cipsov4_add(doip, &nai);
    706	if (rc != 0) {
    707		printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
    708		       __func__, __LINE__, rc);
    709		kfree(doip);
    710		return;
    711	}
    712	rc = netlbl_cfg_cipsov4_map_add(doip->doi, NULL, NULL, NULL, &nai);
    713	if (rc != 0) {
    714		printk(KERN_WARNING "%s:%d map add rc = %d\n",
    715		       __func__, __LINE__, rc);
    716		netlbl_cfg_cipsov4_del(doip->doi, &nai);
    717		return;
    718	}
    719}
    720
    721/**
    722 * smk_unlbl_ambient - initialize the unlabeled domain
    723 * @oldambient: previous domain string
    724 */
    725static void smk_unlbl_ambient(char *oldambient)
    726{
    727	int rc;
    728	struct netlbl_audit nai;
    729
    730	smk_netlabel_audit_set(&nai);
    731
    732	if (oldambient != NULL) {
    733		rc = netlbl_cfg_map_del(oldambient, PF_INET, NULL, NULL, &nai);
    734		if (rc != 0)
    735			printk(KERN_WARNING "%s:%d remove rc = %d\n",
    736			       __func__, __LINE__, rc);
    737	}
    738	if (smack_net_ambient == NULL)
    739		smack_net_ambient = &smack_known_floor;
    740
    741	rc = netlbl_cfg_unlbl_map_add(smack_net_ambient->smk_known, PF_INET,
    742				      NULL, NULL, &nai);
    743	if (rc != 0)
    744		printk(KERN_WARNING "%s:%d add rc = %d\n",
    745		       __func__, __LINE__, rc);
    746}
    747
    748/*
    749 * Seq_file read operations for /smack/cipso
    750 */
    751
    752static void *cipso_seq_start(struct seq_file *s, loff_t *pos)
    753{
    754	return smk_seq_start(s, pos, &smack_known_list);
    755}
    756
    757static void *cipso_seq_next(struct seq_file *s, void *v, loff_t *pos)
    758{
    759	return smk_seq_next(s, v, pos, &smack_known_list);
    760}
    761
    762/*
    763 * Print cipso labels in format:
    764 * label level[/cat[,cat]]
    765 */
    766static int cipso_seq_show(struct seq_file *s, void *v)
    767{
    768	struct list_head  *list = v;
    769	struct smack_known *skp =
    770		list_entry_rcu(list, struct smack_known, list);
    771	struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
    772	char sep = '/';
    773	int i;
    774
    775	/*
    776	 * Don't show a label that could not have been set using
    777	 * /smack/cipso. This is in support of the notion that
    778	 * anything read from /smack/cipso ought to be writeable
    779	 * to /smack/cipso.
    780	 *
    781	 * /smack/cipso2 should be used instead.
    782	 */
    783	if (strlen(skp->smk_known) >= SMK_LABELLEN)
    784		return 0;
    785
    786	seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
    787
    788	for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
    789	     i = netlbl_catmap_walk(cmp, i + 1)) {
    790		seq_printf(s, "%c%d", sep, i);
    791		sep = ',';
    792	}
    793
    794	seq_putc(s, '\n');
    795
    796	return 0;
    797}
    798
    799static const struct seq_operations cipso_seq_ops = {
    800	.start = cipso_seq_start,
    801	.next  = cipso_seq_next,
    802	.show  = cipso_seq_show,
    803	.stop  = smk_seq_stop,
    804};
    805
    806/**
    807 * smk_open_cipso - open() for /smack/cipso
    808 * @inode: inode structure representing file
    809 * @file: "cipso" file pointer
    810 *
    811 * Connect our cipso_seq_* operations with /smack/cipso
    812 * file_operations
    813 */
    814static int smk_open_cipso(struct inode *inode, struct file *file)
    815{
    816	return seq_open(file, &cipso_seq_ops);
    817}
    818
    819/**
    820 * smk_set_cipso - do the work for write() for cipso and cipso2
    821 * @file: file pointer, not actually used
    822 * @buf: where to get the data from
    823 * @count: bytes sent
    824 * @ppos: where to start
    825 * @format: /smack/cipso or /smack/cipso2
    826 *
    827 * Accepts only one cipso rule per write call.
    828 * Returns number of bytes written or error code, as appropriate
    829 */
    830static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
    831				size_t count, loff_t *ppos, int format)
    832{
    833	struct netlbl_lsm_catmap *old_cat;
    834	struct smack_known *skp;
    835	struct netlbl_lsm_secattr ncats;
    836	char mapcatset[SMK_CIPSOLEN];
    837	int maplevel;
    838	unsigned int cat;
    839	int catlen;
    840	ssize_t rc = -EINVAL;
    841	char *data = NULL;
    842	char *rule;
    843	int ret;
    844	int i;
    845
    846	/*
    847	 * Must have privilege.
    848	 * No partial writes.
    849	 * Enough data must be present.
    850	 */
    851	if (!smack_privileged(CAP_MAC_ADMIN))
    852		return -EPERM;
    853	if (*ppos != 0)
    854		return -EINVAL;
    855	if (format == SMK_FIXED24_FMT &&
    856	    (count < SMK_CIPSOMIN || count > SMK_CIPSOMAX))
    857		return -EINVAL;
    858	if (count > PAGE_SIZE)
    859		return -EINVAL;
    860
    861	data = memdup_user_nul(buf, count);
    862	if (IS_ERR(data))
    863		return PTR_ERR(data);
    864
    865	rule = data;
    866	/*
    867	 * Only allow one writer at a time. Writes should be
    868	 * quite rare and small in any case.
    869	 */
    870	mutex_lock(&smack_cipso_lock);
    871
    872	skp = smk_import_entry(rule, 0);
    873	if (IS_ERR(skp)) {
    874		rc = PTR_ERR(skp);
    875		goto out;
    876	}
    877
    878	if (format == SMK_FIXED24_FMT)
    879		rule += SMK_LABELLEN;
    880	else
    881		rule += strlen(skp->smk_known) + 1;
    882
    883	if (rule > data + count) {
    884		rc = -EOVERFLOW;
    885		goto out;
    886	}
    887
    888	ret = sscanf(rule, "%d", &maplevel);
    889	if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL)
    890		goto out;
    891
    892	rule += SMK_DIGITLEN;
    893	if (rule > data + count) {
    894		rc = -EOVERFLOW;
    895		goto out;
    896	}
    897
    898	ret = sscanf(rule, "%d", &catlen);
    899	if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
    900		goto out;
    901
    902	if (format == SMK_FIXED24_FMT &&
    903	    count != (SMK_CIPSOMIN + catlen * SMK_DIGITLEN))
    904		goto out;
    905
    906	memset(mapcatset, 0, sizeof(mapcatset));
    907
    908	for (i = 0; i < catlen; i++) {
    909		rule += SMK_DIGITLEN;
    910		if (rule > data + count) {
    911			rc = -EOVERFLOW;
    912			goto out;
    913		}
    914		ret = sscanf(rule, "%u", &cat);
    915		if (ret != 1 || cat > SMACK_CIPSO_MAXCATNUM)
    916			goto out;
    917
    918		smack_catset_bit(cat, mapcatset);
    919	}
    920
    921	rc = smk_netlbl_mls(maplevel, mapcatset, &ncats, SMK_CIPSOLEN);
    922	if (rc >= 0) {
    923		old_cat = skp->smk_netlabel.attr.mls.cat;
    924		skp->smk_netlabel.attr.mls.cat = ncats.attr.mls.cat;
    925		skp->smk_netlabel.attr.mls.lvl = ncats.attr.mls.lvl;
    926		synchronize_rcu();
    927		netlbl_catmap_free(old_cat);
    928		rc = count;
    929		/*
    930		 * This mapping may have been cached, so clear the cache.
    931		 */
    932		netlbl_cache_invalidate();
    933	}
    934
    935out:
    936	mutex_unlock(&smack_cipso_lock);
    937	kfree(data);
    938	return rc;
    939}
    940
    941/**
    942 * smk_write_cipso - write() for /smack/cipso
    943 * @file: file pointer, not actually used
    944 * @buf: where to get the data from
    945 * @count: bytes sent
    946 * @ppos: where to start
    947 *
    948 * Accepts only one cipso rule per write call.
    949 * Returns number of bytes written or error code, as appropriate
    950 */
    951static ssize_t smk_write_cipso(struct file *file, const char __user *buf,
    952			       size_t count, loff_t *ppos)
    953{
    954	return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT);
    955}
    956
    957static const struct file_operations smk_cipso_ops = {
    958	.open           = smk_open_cipso,
    959	.read		= seq_read,
    960	.llseek         = seq_lseek,
    961	.write		= smk_write_cipso,
    962	.release        = seq_release,
    963};
    964
    965/*
    966 * Seq_file read operations for /smack/cipso2
    967 */
    968
    969/*
    970 * Print cipso labels in format:
    971 * label level[/cat[,cat]]
    972 */
    973static int cipso2_seq_show(struct seq_file *s, void *v)
    974{
    975	struct list_head  *list = v;
    976	struct smack_known *skp =
    977		list_entry_rcu(list, struct smack_known, list);
    978	struct netlbl_lsm_catmap *cmp = skp->smk_netlabel.attr.mls.cat;
    979	char sep = '/';
    980	int i;
    981
    982	seq_printf(s, "%s %3d", skp->smk_known, skp->smk_netlabel.attr.mls.lvl);
    983
    984	for (i = netlbl_catmap_walk(cmp, 0); i >= 0;
    985	     i = netlbl_catmap_walk(cmp, i + 1)) {
    986		seq_printf(s, "%c%d", sep, i);
    987		sep = ',';
    988	}
    989
    990	seq_putc(s, '\n');
    991
    992	return 0;
    993}
    994
    995static const struct seq_operations cipso2_seq_ops = {
    996	.start = cipso_seq_start,
    997	.next  = cipso_seq_next,
    998	.show  = cipso2_seq_show,
    999	.stop  = smk_seq_stop,
   1000};
   1001
   1002/**
   1003 * smk_open_cipso2 - open() for /smack/cipso2
   1004 * @inode: inode structure representing file
   1005 * @file: "cipso2" file pointer
   1006 *
   1007 * Connect our cipso_seq_* operations with /smack/cipso2
   1008 * file_operations
   1009 */
   1010static int smk_open_cipso2(struct inode *inode, struct file *file)
   1011{
   1012	return seq_open(file, &cipso2_seq_ops);
   1013}
   1014
   1015/**
   1016 * smk_write_cipso2 - write() for /smack/cipso2
   1017 * @file: file pointer, not actually used
   1018 * @buf: where to get the data from
   1019 * @count: bytes sent
   1020 * @ppos: where to start
   1021 *
   1022 * Accepts only one cipso rule per write call.
   1023 * Returns number of bytes written or error code, as appropriate
   1024 */
   1025static ssize_t smk_write_cipso2(struct file *file, const char __user *buf,
   1026			      size_t count, loff_t *ppos)
   1027{
   1028	return smk_set_cipso(file, buf, count, ppos, SMK_LONG_FMT);
   1029}
   1030
   1031static const struct file_operations smk_cipso2_ops = {
   1032	.open           = smk_open_cipso2,
   1033	.read		= seq_read,
   1034	.llseek         = seq_lseek,
   1035	.write		= smk_write_cipso2,
   1036	.release        = seq_release,
   1037};
   1038
   1039/*
   1040 * Seq_file read operations for /smack/netlabel
   1041 */
   1042
   1043static void *net4addr_seq_start(struct seq_file *s, loff_t *pos)
   1044{
   1045	return smk_seq_start(s, pos, &smk_net4addr_list);
   1046}
   1047
   1048static void *net4addr_seq_next(struct seq_file *s, void *v, loff_t *pos)
   1049{
   1050	return smk_seq_next(s, v, pos, &smk_net4addr_list);
   1051}
   1052
   1053/*
   1054 * Print host/label pairs
   1055 */
   1056static int net4addr_seq_show(struct seq_file *s, void *v)
   1057{
   1058	struct list_head *list = v;
   1059	struct smk_net4addr *skp =
   1060			list_entry_rcu(list, struct smk_net4addr, list);
   1061	char *kp = SMACK_CIPSO_OPTION;
   1062
   1063	if (skp->smk_label != NULL)
   1064		kp = skp->smk_label->smk_known;
   1065	seq_printf(s, "%pI4/%d %s\n", &skp->smk_host.s_addr,
   1066			skp->smk_masks, kp);
   1067
   1068	return 0;
   1069}
   1070
   1071static const struct seq_operations net4addr_seq_ops = {
   1072	.start = net4addr_seq_start,
   1073	.next  = net4addr_seq_next,
   1074	.show  = net4addr_seq_show,
   1075	.stop  = smk_seq_stop,
   1076};
   1077
   1078/**
   1079 * smk_open_net4addr - open() for /smack/netlabel
   1080 * @inode: inode structure representing file
   1081 * @file: "netlabel" file pointer
   1082 *
   1083 * Connect our net4addr_seq_* operations with /smack/netlabel
   1084 * file_operations
   1085 */
   1086static int smk_open_net4addr(struct inode *inode, struct file *file)
   1087{
   1088	return seq_open(file, &net4addr_seq_ops);
   1089}
   1090
   1091/**
   1092 * smk_net4addr_insert
   1093 * @new : netlabel to insert
   1094 *
   1095 * This helper insert netlabel in the smack_net4addrs list
   1096 * sorted by netmask length (longest to smallest)
   1097 * locked by &smk_net4addr_lock in smk_write_net4addr
   1098 *
   1099 */
   1100static void smk_net4addr_insert(struct smk_net4addr *new)
   1101{
   1102	struct smk_net4addr *m;
   1103	struct smk_net4addr *m_next;
   1104
   1105	if (list_empty(&smk_net4addr_list)) {
   1106		list_add_rcu(&new->list, &smk_net4addr_list);
   1107		return;
   1108	}
   1109
   1110	m = list_entry_rcu(smk_net4addr_list.next,
   1111			   struct smk_net4addr, list);
   1112
   1113	/* the comparison '>' is a bit hacky, but works */
   1114	if (new->smk_masks > m->smk_masks) {
   1115		list_add_rcu(&new->list, &smk_net4addr_list);
   1116		return;
   1117	}
   1118
   1119	list_for_each_entry_rcu(m, &smk_net4addr_list, list) {
   1120		if (list_is_last(&m->list, &smk_net4addr_list)) {
   1121			list_add_rcu(&new->list, &m->list);
   1122			return;
   1123		}
   1124		m_next = list_entry_rcu(m->list.next,
   1125					struct smk_net4addr, list);
   1126		if (new->smk_masks > m_next->smk_masks) {
   1127			list_add_rcu(&new->list, &m->list);
   1128			return;
   1129		}
   1130	}
   1131}
   1132
   1133
   1134/**
   1135 * smk_write_net4addr - write() for /smack/netlabel
   1136 * @file: file pointer, not actually used
   1137 * @buf: where to get the data from
   1138 * @count: bytes sent
   1139 * @ppos: where to start
   1140 *
   1141 * Accepts only one net4addr per write call.
   1142 * Returns number of bytes written or error code, as appropriate
   1143 */
   1144static ssize_t smk_write_net4addr(struct file *file, const char __user *buf,
   1145				size_t count, loff_t *ppos)
   1146{
   1147	struct smk_net4addr *snp;
   1148	struct sockaddr_in newname;
   1149	char *smack;
   1150	struct smack_known *skp = NULL;
   1151	char *data;
   1152	char *host = (char *)&newname.sin_addr.s_addr;
   1153	int rc;
   1154	struct netlbl_audit audit_info;
   1155	struct in_addr mask;
   1156	unsigned int m;
   1157	unsigned int masks;
   1158	int found;
   1159	u32 mask_bits = (1<<31);
   1160	__be32 nsa;
   1161	u32 temp_mask;
   1162
   1163	/*
   1164	 * Must have privilege.
   1165	 * No partial writes.
   1166	 * Enough data must be present.
   1167	 * "<addr/mask, as a.b.c.d/e><space><label>"
   1168	 * "<addr, as a.b.c.d><space><label>"
   1169	 */
   1170	if (!smack_privileged(CAP_MAC_ADMIN))
   1171		return -EPERM;
   1172	if (*ppos != 0)
   1173		return -EINVAL;
   1174	if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1)
   1175		return -EINVAL;
   1176
   1177	data = memdup_user_nul(buf, count);
   1178	if (IS_ERR(data))
   1179		return PTR_ERR(data);
   1180
   1181	smack = kzalloc(count + 1, GFP_KERNEL);
   1182	if (smack == NULL) {
   1183		rc = -ENOMEM;
   1184		goto free_data_out;
   1185	}
   1186
   1187	rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s",
   1188		&host[0], &host[1], &host[2], &host[3], &masks, smack);
   1189	if (rc != 6) {
   1190		rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s",
   1191			&host[0], &host[1], &host[2], &host[3], smack);
   1192		if (rc != 5) {
   1193			rc = -EINVAL;
   1194			goto free_out;
   1195		}
   1196		masks = 32;
   1197	}
   1198	if (masks > BEBITS) {
   1199		rc = -EINVAL;
   1200		goto free_out;
   1201	}
   1202
   1203	/*
   1204	 * If smack begins with '-', it is an option, don't import it
   1205	 */
   1206	if (smack[0] != '-') {
   1207		skp = smk_import_entry(smack, 0);
   1208		if (IS_ERR(skp)) {
   1209			rc = PTR_ERR(skp);
   1210			goto free_out;
   1211		}
   1212	} else {
   1213		/*
   1214		 * Only the -CIPSO option is supported for IPv4
   1215		 */
   1216		if (strcmp(smack, SMACK_CIPSO_OPTION) != 0) {
   1217			rc = -EINVAL;
   1218			goto free_out;
   1219		}
   1220	}
   1221
   1222	for (m = masks, temp_mask = 0; m > 0; m--) {
   1223		temp_mask |= mask_bits;
   1224		mask_bits >>= 1;
   1225	}
   1226	mask.s_addr = cpu_to_be32(temp_mask);
   1227
   1228	newname.sin_addr.s_addr &= mask.s_addr;
   1229	/*
   1230	 * Only allow one writer at a time. Writes should be
   1231	 * quite rare and small in any case.
   1232	 */
   1233	mutex_lock(&smk_net4addr_lock);
   1234
   1235	nsa = newname.sin_addr.s_addr;
   1236	/* try to find if the prefix is already in the list */
   1237	found = 0;
   1238	list_for_each_entry_rcu(snp, &smk_net4addr_list, list) {
   1239		if (snp->smk_host.s_addr == nsa && snp->smk_masks == masks) {
   1240			found = 1;
   1241			break;
   1242		}
   1243	}
   1244	smk_netlabel_audit_set(&audit_info);
   1245
   1246	if (found == 0) {
   1247		snp = kzalloc(sizeof(*snp), GFP_KERNEL);
   1248		if (snp == NULL)
   1249			rc = -ENOMEM;
   1250		else {
   1251			rc = 0;
   1252			snp->smk_host.s_addr = newname.sin_addr.s_addr;
   1253			snp->smk_mask.s_addr = mask.s_addr;
   1254			snp->smk_label = skp;
   1255			snp->smk_masks = masks;
   1256			smk_net4addr_insert(snp);
   1257		}
   1258	} else {
   1259		/*
   1260		 * Delete the unlabeled entry, only if the previous label
   1261		 * wasn't the special CIPSO option
   1262		 */
   1263		if (snp->smk_label != NULL)
   1264			rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
   1265					&snp->smk_host, &snp->smk_mask,
   1266					PF_INET, &audit_info);
   1267		else
   1268			rc = 0;
   1269		snp->smk_label = skp;
   1270	}
   1271
   1272	/*
   1273	 * Now tell netlabel about the single label nature of
   1274	 * this host so that incoming packets get labeled.
   1275	 * but only if we didn't get the special CIPSO option
   1276	 */
   1277	if (rc == 0 && skp != NULL)
   1278		rc = netlbl_cfg_unlbl_static_add(&init_net, NULL,
   1279			&snp->smk_host, &snp->smk_mask, PF_INET,
   1280			snp->smk_label->smk_secid, &audit_info);
   1281
   1282	if (rc == 0)
   1283		rc = count;
   1284
   1285	mutex_unlock(&smk_net4addr_lock);
   1286
   1287free_out:
   1288	kfree(smack);
   1289free_data_out:
   1290	kfree(data);
   1291
   1292	return rc;
   1293}
   1294
   1295static const struct file_operations smk_net4addr_ops = {
   1296	.open           = smk_open_net4addr,
   1297	.read		= seq_read,
   1298	.llseek         = seq_lseek,
   1299	.write		= smk_write_net4addr,
   1300	.release        = seq_release,
   1301};
   1302
   1303#if IS_ENABLED(CONFIG_IPV6)
   1304/*
   1305 * Seq_file read operations for /smack/netlabel6
   1306 */
   1307
   1308static void *net6addr_seq_start(struct seq_file *s, loff_t *pos)
   1309{
   1310	return smk_seq_start(s, pos, &smk_net6addr_list);
   1311}
   1312
   1313static void *net6addr_seq_next(struct seq_file *s, void *v, loff_t *pos)
   1314{
   1315	return smk_seq_next(s, v, pos, &smk_net6addr_list);
   1316}
   1317
   1318/*
   1319 * Print host/label pairs
   1320 */
   1321static int net6addr_seq_show(struct seq_file *s, void *v)
   1322{
   1323	struct list_head *list = v;
   1324	struct smk_net6addr *skp =
   1325			 list_entry(list, struct smk_net6addr, list);
   1326
   1327	if (skp->smk_label != NULL)
   1328		seq_printf(s, "%pI6/%d %s\n", &skp->smk_host, skp->smk_masks,
   1329				skp->smk_label->smk_known);
   1330
   1331	return 0;
   1332}
   1333
   1334static const struct seq_operations net6addr_seq_ops = {
   1335	.start = net6addr_seq_start,
   1336	.next  = net6addr_seq_next,
   1337	.show  = net6addr_seq_show,
   1338	.stop  = smk_seq_stop,
   1339};
   1340
   1341/**
   1342 * smk_open_net6addr - open() for /smack/netlabel
   1343 * @inode: inode structure representing file
   1344 * @file: "netlabel" file pointer
   1345 *
   1346 * Connect our net6addr_seq_* operations with /smack/netlabel
   1347 * file_operations
   1348 */
   1349static int smk_open_net6addr(struct inode *inode, struct file *file)
   1350{
   1351	return seq_open(file, &net6addr_seq_ops);
   1352}
   1353
   1354/**
   1355 * smk_net6addr_insert
   1356 * @new : entry to insert
   1357 *
   1358 * This inserts an entry in the smack_net6addrs list
   1359 * sorted by netmask length (longest to smallest)
   1360 * locked by &smk_net6addr_lock in smk_write_net6addr
   1361 *
   1362 */
   1363static void smk_net6addr_insert(struct smk_net6addr *new)
   1364{
   1365	struct smk_net6addr *m_next;
   1366	struct smk_net6addr *m;
   1367
   1368	if (list_empty(&smk_net6addr_list)) {
   1369		list_add_rcu(&new->list, &smk_net6addr_list);
   1370		return;
   1371	}
   1372
   1373	m = list_entry_rcu(smk_net6addr_list.next,
   1374			   struct smk_net6addr, list);
   1375
   1376	if (new->smk_masks > m->smk_masks) {
   1377		list_add_rcu(&new->list, &smk_net6addr_list);
   1378		return;
   1379	}
   1380
   1381	list_for_each_entry_rcu(m, &smk_net6addr_list, list) {
   1382		if (list_is_last(&m->list, &smk_net6addr_list)) {
   1383			list_add_rcu(&new->list, &m->list);
   1384			return;
   1385		}
   1386		m_next = list_entry_rcu(m->list.next,
   1387					struct smk_net6addr, list);
   1388		if (new->smk_masks > m_next->smk_masks) {
   1389			list_add_rcu(&new->list, &m->list);
   1390			return;
   1391		}
   1392	}
   1393}
   1394
   1395
   1396/**
   1397 * smk_write_net6addr - write() for /smack/netlabel
   1398 * @file: file pointer, not actually used
   1399 * @buf: where to get the data from
   1400 * @count: bytes sent
   1401 * @ppos: where to start
   1402 *
   1403 * Accepts only one net6addr per write call.
   1404 * Returns number of bytes written or error code, as appropriate
   1405 */
   1406static ssize_t smk_write_net6addr(struct file *file, const char __user *buf,
   1407				size_t count, loff_t *ppos)
   1408{
   1409	struct smk_net6addr *snp;
   1410	struct in6_addr newname;
   1411	struct in6_addr fullmask;
   1412	struct smack_known *skp = NULL;
   1413	char *smack;
   1414	char *data;
   1415	int rc = 0;
   1416	int found = 0;
   1417	int i;
   1418	unsigned int scanned[8];
   1419	unsigned int m;
   1420	unsigned int mask = 128;
   1421
   1422	/*
   1423	 * Must have privilege.
   1424	 * No partial writes.
   1425	 * Enough data must be present.
   1426	 * "<addr/mask, as a:b:c:d:e:f:g:h/e><space><label>"
   1427	 * "<addr, as a:b:c:d:e:f:g:h><space><label>"
   1428	 */
   1429	if (!smack_privileged(CAP_MAC_ADMIN))
   1430		return -EPERM;
   1431	if (*ppos != 0)
   1432		return -EINVAL;
   1433	if (count < SMK_NETLBLADDRMIN || count > PAGE_SIZE - 1)
   1434		return -EINVAL;
   1435
   1436	data = memdup_user_nul(buf, count);
   1437	if (IS_ERR(data))
   1438		return PTR_ERR(data);
   1439
   1440	smack = kzalloc(count + 1, GFP_KERNEL);
   1441	if (smack == NULL) {
   1442		rc = -ENOMEM;
   1443		goto free_data_out;
   1444	}
   1445
   1446	i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s",
   1447			&scanned[0], &scanned[1], &scanned[2], &scanned[3],
   1448			&scanned[4], &scanned[5], &scanned[6], &scanned[7],
   1449			&mask, smack);
   1450	if (i != 10) {
   1451		i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s",
   1452				&scanned[0], &scanned[1], &scanned[2],
   1453				&scanned[3], &scanned[4], &scanned[5],
   1454				&scanned[6], &scanned[7], smack);
   1455		if (i != 9) {
   1456			rc = -EINVAL;
   1457			goto free_out;
   1458		}
   1459	}
   1460	if (mask > 128) {
   1461		rc = -EINVAL;
   1462		goto free_out;
   1463	}
   1464	for (i = 0; i < 8; i++) {
   1465		if (scanned[i] > 0xffff) {
   1466			rc = -EINVAL;
   1467			goto free_out;
   1468		}
   1469		newname.s6_addr16[i] = htons(scanned[i]);
   1470	}
   1471
   1472	/*
   1473	 * If smack begins with '-', it is an option, don't import it
   1474	 */
   1475	if (smack[0] != '-') {
   1476		skp = smk_import_entry(smack, 0);
   1477		if (IS_ERR(skp)) {
   1478			rc = PTR_ERR(skp);
   1479			goto free_out;
   1480		}
   1481	} else {
   1482		/*
   1483		 * Only -DELETE is supported for IPv6
   1484		 */
   1485		if (strcmp(smack, SMACK_DELETE_OPTION) != 0) {
   1486			rc = -EINVAL;
   1487			goto free_out;
   1488		}
   1489	}
   1490
   1491	for (i = 0, m = mask; i < 8; i++) {
   1492		if (m >= 16) {
   1493			fullmask.s6_addr16[i] = 0xffff;
   1494			m -= 16;
   1495		} else if (m > 0) {
   1496			fullmask.s6_addr16[i] = (1 << m) - 1;
   1497			m = 0;
   1498		} else
   1499			fullmask.s6_addr16[i] = 0;
   1500		newname.s6_addr16[i] &= fullmask.s6_addr16[i];
   1501	}
   1502
   1503	/*
   1504	 * Only allow one writer at a time. Writes should be
   1505	 * quite rare and small in any case.
   1506	 */
   1507	mutex_lock(&smk_net6addr_lock);
   1508	/*
   1509	 * Try to find the prefix in the list
   1510	 */
   1511	list_for_each_entry_rcu(snp, &smk_net6addr_list, list) {
   1512		if (mask != snp->smk_masks)
   1513			continue;
   1514		for (found = 1, i = 0; i < 8; i++) {
   1515			if (newname.s6_addr16[i] !=
   1516			    snp->smk_host.s6_addr16[i]) {
   1517				found = 0;
   1518				break;
   1519			}
   1520		}
   1521		if (found == 1)
   1522			break;
   1523	}
   1524	if (found == 0) {
   1525		snp = kzalloc(sizeof(*snp), GFP_KERNEL);
   1526		if (snp == NULL)
   1527			rc = -ENOMEM;
   1528		else {
   1529			snp->smk_host = newname;
   1530			snp->smk_mask = fullmask;
   1531			snp->smk_masks = mask;
   1532			snp->smk_label = skp;
   1533			smk_net6addr_insert(snp);
   1534		}
   1535	} else {
   1536		snp->smk_label = skp;
   1537	}
   1538
   1539	if (rc == 0)
   1540		rc = count;
   1541
   1542	mutex_unlock(&smk_net6addr_lock);
   1543
   1544free_out:
   1545	kfree(smack);
   1546free_data_out:
   1547	kfree(data);
   1548
   1549	return rc;
   1550}
   1551
   1552static const struct file_operations smk_net6addr_ops = {
   1553	.open           = smk_open_net6addr,
   1554	.read		= seq_read,
   1555	.llseek         = seq_lseek,
   1556	.write		= smk_write_net6addr,
   1557	.release        = seq_release,
   1558};
   1559#endif /* CONFIG_IPV6 */
   1560
   1561/**
   1562 * smk_read_doi - read() for /smack/doi
   1563 * @filp: file pointer, not actually used
   1564 * @buf: where to put the result
   1565 * @count: maximum to send along
   1566 * @ppos: where to start
   1567 *
   1568 * Returns number of bytes read or error code, as appropriate
   1569 */
   1570static ssize_t smk_read_doi(struct file *filp, char __user *buf,
   1571			    size_t count, loff_t *ppos)
   1572{
   1573	char temp[80];
   1574	ssize_t rc;
   1575
   1576	if (*ppos != 0)
   1577		return 0;
   1578
   1579	sprintf(temp, "%d", smk_cipso_doi_value);
   1580	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
   1581
   1582	return rc;
   1583}
   1584
   1585/**
   1586 * smk_write_doi - write() for /smack/doi
   1587 * @file: file pointer, not actually used
   1588 * @buf: where to get the data from
   1589 * @count: bytes sent
   1590 * @ppos: where to start
   1591 *
   1592 * Returns number of bytes written or error code, as appropriate
   1593 */
   1594static ssize_t smk_write_doi(struct file *file, const char __user *buf,
   1595			     size_t count, loff_t *ppos)
   1596{
   1597	char temp[80];
   1598	int i;
   1599
   1600	if (!smack_privileged(CAP_MAC_ADMIN))
   1601		return -EPERM;
   1602
   1603	if (count >= sizeof(temp) || count == 0)
   1604		return -EINVAL;
   1605
   1606	if (copy_from_user(temp, buf, count) != 0)
   1607		return -EFAULT;
   1608
   1609	temp[count] = '\0';
   1610
   1611	if (sscanf(temp, "%d", &i) != 1)
   1612		return -EINVAL;
   1613
   1614	smk_cipso_doi_value = i;
   1615
   1616	smk_cipso_doi();
   1617
   1618	return count;
   1619}
   1620
   1621static const struct file_operations smk_doi_ops = {
   1622	.read		= smk_read_doi,
   1623	.write		= smk_write_doi,
   1624	.llseek		= default_llseek,
   1625};
   1626
   1627/**
   1628 * smk_read_direct - read() for /smack/direct
   1629 * @filp: file pointer, not actually used
   1630 * @buf: where to put the result
   1631 * @count: maximum to send along
   1632 * @ppos: where to start
   1633 *
   1634 * Returns number of bytes read or error code, as appropriate
   1635 */
   1636static ssize_t smk_read_direct(struct file *filp, char __user *buf,
   1637			       size_t count, loff_t *ppos)
   1638{
   1639	char temp[80];
   1640	ssize_t rc;
   1641
   1642	if (*ppos != 0)
   1643		return 0;
   1644
   1645	sprintf(temp, "%d", smack_cipso_direct);
   1646	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
   1647
   1648	return rc;
   1649}
   1650
   1651/**
   1652 * smk_write_direct - write() for /smack/direct
   1653 * @file: file pointer, not actually used
   1654 * @buf: where to get the data from
   1655 * @count: bytes sent
   1656 * @ppos: where to start
   1657 *
   1658 * Returns number of bytes written or error code, as appropriate
   1659 */
   1660static ssize_t smk_write_direct(struct file *file, const char __user *buf,
   1661				size_t count, loff_t *ppos)
   1662{
   1663	struct smack_known *skp;
   1664	char temp[80];
   1665	int i;
   1666
   1667	if (!smack_privileged(CAP_MAC_ADMIN))
   1668		return -EPERM;
   1669
   1670	if (count >= sizeof(temp) || count == 0)
   1671		return -EINVAL;
   1672
   1673	if (copy_from_user(temp, buf, count) != 0)
   1674		return -EFAULT;
   1675
   1676	temp[count] = '\0';
   1677
   1678	if (sscanf(temp, "%d", &i) != 1)
   1679		return -EINVAL;
   1680
   1681	/*
   1682	 * Don't do anything if the value hasn't actually changed.
   1683	 * If it is changing reset the level on entries that were
   1684	 * set up to be direct when they were created.
   1685	 */
   1686	if (smack_cipso_direct != i) {
   1687		mutex_lock(&smack_known_lock);
   1688		list_for_each_entry_rcu(skp, &smack_known_list, list)
   1689			if (skp->smk_netlabel.attr.mls.lvl ==
   1690			    smack_cipso_direct)
   1691				skp->smk_netlabel.attr.mls.lvl = i;
   1692		smack_cipso_direct = i;
   1693		mutex_unlock(&smack_known_lock);
   1694	}
   1695
   1696	return count;
   1697}
   1698
   1699static const struct file_operations smk_direct_ops = {
   1700	.read		= smk_read_direct,
   1701	.write		= smk_write_direct,
   1702	.llseek		= default_llseek,
   1703};
   1704
   1705/**
   1706 * smk_read_mapped - read() for /smack/mapped
   1707 * @filp: file pointer, not actually used
   1708 * @buf: where to put the result
   1709 * @count: maximum to send along
   1710 * @ppos: where to start
   1711 *
   1712 * Returns number of bytes read or error code, as appropriate
   1713 */
   1714static ssize_t smk_read_mapped(struct file *filp, char __user *buf,
   1715			       size_t count, loff_t *ppos)
   1716{
   1717	char temp[80];
   1718	ssize_t rc;
   1719
   1720	if (*ppos != 0)
   1721		return 0;
   1722
   1723	sprintf(temp, "%d", smack_cipso_mapped);
   1724	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
   1725
   1726	return rc;
   1727}
   1728
   1729/**
   1730 * smk_write_mapped - write() for /smack/mapped
   1731 * @file: file pointer, not actually used
   1732 * @buf: where to get the data from
   1733 * @count: bytes sent
   1734 * @ppos: where to start
   1735 *
   1736 * Returns number of bytes written or error code, as appropriate
   1737 */
   1738static ssize_t smk_write_mapped(struct file *file, const char __user *buf,
   1739				size_t count, loff_t *ppos)
   1740{
   1741	struct smack_known *skp;
   1742	char temp[80];
   1743	int i;
   1744
   1745	if (!smack_privileged(CAP_MAC_ADMIN))
   1746		return -EPERM;
   1747
   1748	if (count >= sizeof(temp) || count == 0)
   1749		return -EINVAL;
   1750
   1751	if (copy_from_user(temp, buf, count) != 0)
   1752		return -EFAULT;
   1753
   1754	temp[count] = '\0';
   1755
   1756	if (sscanf(temp, "%d", &i) != 1)
   1757		return -EINVAL;
   1758
   1759	/*
   1760	 * Don't do anything if the value hasn't actually changed.
   1761	 * If it is changing reset the level on entries that were
   1762	 * set up to be mapped when they were created.
   1763	 */
   1764	if (smack_cipso_mapped != i) {
   1765		mutex_lock(&smack_known_lock);
   1766		list_for_each_entry_rcu(skp, &smack_known_list, list)
   1767			if (skp->smk_netlabel.attr.mls.lvl ==
   1768			    smack_cipso_mapped)
   1769				skp->smk_netlabel.attr.mls.lvl = i;
   1770		smack_cipso_mapped = i;
   1771		mutex_unlock(&smack_known_lock);
   1772	}
   1773
   1774	return count;
   1775}
   1776
   1777static const struct file_operations smk_mapped_ops = {
   1778	.read		= smk_read_mapped,
   1779	.write		= smk_write_mapped,
   1780	.llseek		= default_llseek,
   1781};
   1782
   1783/**
   1784 * smk_read_ambient - read() for /smack/ambient
   1785 * @filp: file pointer, not actually used
   1786 * @buf: where to put the result
   1787 * @cn: maximum to send along
   1788 * @ppos: where to start
   1789 *
   1790 * Returns number of bytes read or error code, as appropriate
   1791 */
   1792static ssize_t smk_read_ambient(struct file *filp, char __user *buf,
   1793				size_t cn, loff_t *ppos)
   1794{
   1795	ssize_t rc;
   1796	int asize;
   1797
   1798	if (*ppos != 0)
   1799		return 0;
   1800	/*
   1801	 * Being careful to avoid a problem in the case where
   1802	 * smack_net_ambient gets changed in midstream.
   1803	 */
   1804	mutex_lock(&smack_ambient_lock);
   1805
   1806	asize = strlen(smack_net_ambient->smk_known) + 1;
   1807
   1808	if (cn >= asize)
   1809		rc = simple_read_from_buffer(buf, cn, ppos,
   1810					     smack_net_ambient->smk_known,
   1811					     asize);
   1812	else
   1813		rc = -EINVAL;
   1814
   1815	mutex_unlock(&smack_ambient_lock);
   1816
   1817	return rc;
   1818}
   1819
   1820/**
   1821 * smk_write_ambient - write() for /smack/ambient
   1822 * @file: file pointer, not actually used
   1823 * @buf: where to get the data from
   1824 * @count: bytes sent
   1825 * @ppos: where to start
   1826 *
   1827 * Returns number of bytes written or error code, as appropriate
   1828 */
   1829static ssize_t smk_write_ambient(struct file *file, const char __user *buf,
   1830				 size_t count, loff_t *ppos)
   1831{
   1832	struct smack_known *skp;
   1833	char *oldambient;
   1834	char *data;
   1835	int rc = count;
   1836
   1837	if (!smack_privileged(CAP_MAC_ADMIN))
   1838		return -EPERM;
   1839
   1840	/* Enough data must be present */
   1841	if (count == 0 || count > PAGE_SIZE)
   1842		return -EINVAL;
   1843
   1844	data = memdup_user_nul(buf, count);
   1845	if (IS_ERR(data))
   1846		return PTR_ERR(data);
   1847
   1848	skp = smk_import_entry(data, count);
   1849	if (IS_ERR(skp)) {
   1850		rc = PTR_ERR(skp);
   1851		goto out;
   1852	}
   1853
   1854	mutex_lock(&smack_ambient_lock);
   1855
   1856	oldambient = smack_net_ambient->smk_known;
   1857	smack_net_ambient = skp;
   1858	smk_unlbl_ambient(oldambient);
   1859
   1860	mutex_unlock(&smack_ambient_lock);
   1861
   1862out:
   1863	kfree(data);
   1864	return rc;
   1865}
   1866
   1867static const struct file_operations smk_ambient_ops = {
   1868	.read		= smk_read_ambient,
   1869	.write		= smk_write_ambient,
   1870	.llseek		= default_llseek,
   1871};
   1872
   1873/*
   1874 * Seq_file operations for /smack/onlycap
   1875 */
   1876static void *onlycap_seq_start(struct seq_file *s, loff_t *pos)
   1877{
   1878	return smk_seq_start(s, pos, &smack_onlycap_list);
   1879}
   1880
   1881static void *onlycap_seq_next(struct seq_file *s, void *v, loff_t *pos)
   1882{
   1883	return smk_seq_next(s, v, pos, &smack_onlycap_list);
   1884}
   1885
   1886static int onlycap_seq_show(struct seq_file *s, void *v)
   1887{
   1888	struct list_head *list = v;
   1889	struct smack_known_list_elem *sklep =
   1890		list_entry_rcu(list, struct smack_known_list_elem, list);
   1891
   1892	seq_puts(s, sklep->smk_label->smk_known);
   1893	seq_putc(s, ' ');
   1894
   1895	return 0;
   1896}
   1897
   1898static const struct seq_operations onlycap_seq_ops = {
   1899	.start = onlycap_seq_start,
   1900	.next  = onlycap_seq_next,
   1901	.show  = onlycap_seq_show,
   1902	.stop  = smk_seq_stop,
   1903};
   1904
   1905static int smk_open_onlycap(struct inode *inode, struct file *file)
   1906{
   1907	return seq_open(file, &onlycap_seq_ops);
   1908}
   1909
   1910/**
   1911 * smk_list_swap_rcu - swap public list with a private one in RCU-safe way
   1912 * The caller must hold appropriate mutex to prevent concurrent modifications
   1913 * to the public list.
   1914 * Private list is assumed to be not accessible to other threads yet.
   1915 *
   1916 * @public: public list
   1917 * @private: private list
   1918 */
   1919static void smk_list_swap_rcu(struct list_head *public,
   1920			      struct list_head *private)
   1921{
   1922	struct list_head *first, *last;
   1923
   1924	if (list_empty(public)) {
   1925		list_splice_init_rcu(private, public, synchronize_rcu);
   1926	} else {
   1927		/* Remember public list before replacing it */
   1928		first = public->next;
   1929		last = public->prev;
   1930
   1931		/* Publish private list in place of public in RCU-safe way */
   1932		private->prev->next = public;
   1933		private->next->prev = public;
   1934		rcu_assign_pointer(public->next, private->next);
   1935		public->prev = private->prev;
   1936
   1937		synchronize_rcu();
   1938
   1939		/* When all readers are done with the old public list,
   1940		 * attach it in place of private */
   1941		private->next = first;
   1942		private->prev = last;
   1943		first->prev = private;
   1944		last->next = private;
   1945	}
   1946}
   1947
   1948/**
   1949 * smk_parse_label_list - parse list of Smack labels, separated by spaces
   1950 *
   1951 * @data: the string to parse
   1952 * @list: destination list
   1953 *
   1954 * Returns zero on success or error code, as appropriate
   1955 */
   1956static int smk_parse_label_list(char *data, struct list_head *list)
   1957{
   1958	char *tok;
   1959	struct smack_known *skp;
   1960	struct smack_known_list_elem *sklep;
   1961
   1962	while ((tok = strsep(&data, " ")) != NULL) {
   1963		if (!*tok)
   1964			continue;
   1965
   1966		skp = smk_import_entry(tok, 0);
   1967		if (IS_ERR(skp))
   1968			return PTR_ERR(skp);
   1969
   1970		sklep = kzalloc(sizeof(*sklep), GFP_KERNEL);
   1971		if (sklep == NULL)
   1972			return -ENOMEM;
   1973
   1974		sklep->smk_label = skp;
   1975		list_add(&sklep->list, list);
   1976	}
   1977
   1978	return 0;
   1979}
   1980
   1981/**
   1982 * smk_destroy_label_list - destroy a list of smack_known_list_elem
   1983 * @list: header pointer of the list to destroy
   1984 */
   1985void smk_destroy_label_list(struct list_head *list)
   1986{
   1987	struct smack_known_list_elem *sklep;
   1988	struct smack_known_list_elem *sklep2;
   1989
   1990	list_for_each_entry_safe(sklep, sklep2, list, list)
   1991		kfree(sklep);
   1992
   1993	INIT_LIST_HEAD(list);
   1994}
   1995
   1996/**
   1997 * smk_write_onlycap - write() for smackfs/onlycap
   1998 * @file: file pointer, not actually used
   1999 * @buf: where to get the data from
   2000 * @count: bytes sent
   2001 * @ppos: where to start
   2002 *
   2003 * Returns number of bytes written or error code, as appropriate
   2004 */
   2005static ssize_t smk_write_onlycap(struct file *file, const char __user *buf,
   2006				 size_t count, loff_t *ppos)
   2007{
   2008	char *data;
   2009	LIST_HEAD(list_tmp);
   2010	int rc;
   2011
   2012	if (!smack_privileged(CAP_MAC_ADMIN))
   2013		return -EPERM;
   2014
   2015	if (count > PAGE_SIZE)
   2016		return -EINVAL;
   2017
   2018	data = memdup_user_nul(buf, count);
   2019	if (IS_ERR(data))
   2020		return PTR_ERR(data);
   2021
   2022	rc = smk_parse_label_list(data, &list_tmp);
   2023	kfree(data);
   2024
   2025	/*
   2026	 * Clear the smack_onlycap on invalid label errors. This means
   2027	 * that we can pass a null string to unset the onlycap value.
   2028	 *
   2029	 * Importing will also reject a label beginning with '-',
   2030	 * so "-usecapabilities" will also work.
   2031	 *
   2032	 * But do so only on invalid label, not on system errors.
   2033	 * The invalid label must be first to count as clearing attempt.
   2034	 */
   2035	if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
   2036		mutex_lock(&smack_onlycap_lock);
   2037		smk_list_swap_rcu(&smack_onlycap_list, &list_tmp);
   2038		mutex_unlock(&smack_onlycap_lock);
   2039		rc = count;
   2040	}
   2041
   2042	smk_destroy_label_list(&list_tmp);
   2043
   2044	return rc;
   2045}
   2046
   2047static const struct file_operations smk_onlycap_ops = {
   2048	.open		= smk_open_onlycap,
   2049	.read		= seq_read,
   2050	.write		= smk_write_onlycap,
   2051	.llseek		= seq_lseek,
   2052	.release	= seq_release,
   2053};
   2054
   2055#ifdef CONFIG_SECURITY_SMACK_BRINGUP
   2056/**
   2057 * smk_read_unconfined - read() for smackfs/unconfined
   2058 * @filp: file pointer, not actually used
   2059 * @buf: where to put the result
   2060 * @cn: maximum to send along
   2061 * @ppos: where to start
   2062 *
   2063 * Returns number of bytes read or error code, as appropriate
   2064 */
   2065static ssize_t smk_read_unconfined(struct file *filp, char __user *buf,
   2066					size_t cn, loff_t *ppos)
   2067{
   2068	char *smack = "";
   2069	ssize_t rc = -EINVAL;
   2070	int asize;
   2071
   2072	if (*ppos != 0)
   2073		return 0;
   2074
   2075	if (smack_unconfined != NULL)
   2076		smack = smack_unconfined->smk_known;
   2077
   2078	asize = strlen(smack) + 1;
   2079
   2080	if (cn >= asize)
   2081		rc = simple_read_from_buffer(buf, cn, ppos, smack, asize);
   2082
   2083	return rc;
   2084}
   2085
   2086/**
   2087 * smk_write_unconfined - write() for smackfs/unconfined
   2088 * @file: file pointer, not actually used
   2089 * @buf: where to get the data from
   2090 * @count: bytes sent
   2091 * @ppos: where to start
   2092 *
   2093 * Returns number of bytes written or error code, as appropriate
   2094 */
   2095static ssize_t smk_write_unconfined(struct file *file, const char __user *buf,
   2096					size_t count, loff_t *ppos)
   2097{
   2098	char *data;
   2099	struct smack_known *skp;
   2100	int rc = count;
   2101
   2102	if (!smack_privileged(CAP_MAC_ADMIN))
   2103		return -EPERM;
   2104
   2105	if (count > PAGE_SIZE)
   2106		return -EINVAL;
   2107
   2108	data = memdup_user_nul(buf, count);
   2109	if (IS_ERR(data))
   2110		return PTR_ERR(data);
   2111
   2112	/*
   2113	 * Clear the smack_unconfined on invalid label errors. This means
   2114	 * that we can pass a null string to unset the unconfined value.
   2115	 *
   2116	 * Importing will also reject a label beginning with '-',
   2117	 * so "-confine" will also work.
   2118	 *
   2119	 * But do so only on invalid label, not on system errors.
   2120	 */
   2121	skp = smk_import_entry(data, count);
   2122	if (PTR_ERR(skp) == -EINVAL)
   2123		skp = NULL;
   2124	else if (IS_ERR(skp)) {
   2125		rc = PTR_ERR(skp);
   2126		goto freeout;
   2127	}
   2128
   2129	smack_unconfined = skp;
   2130
   2131freeout:
   2132	kfree(data);
   2133	return rc;
   2134}
   2135
   2136static const struct file_operations smk_unconfined_ops = {
   2137	.read		= smk_read_unconfined,
   2138	.write		= smk_write_unconfined,
   2139	.llseek		= default_llseek,
   2140};
   2141#endif /* CONFIG_SECURITY_SMACK_BRINGUP */
   2142
   2143/**
   2144 * smk_read_logging - read() for /smack/logging
   2145 * @filp: file pointer, not actually used
   2146 * @buf: where to put the result
   2147 * @count: maximum to send along
   2148 * @ppos: where to start
   2149 *
   2150 * Returns number of bytes read or error code, as appropriate
   2151 */
   2152static ssize_t smk_read_logging(struct file *filp, char __user *buf,
   2153				size_t count, loff_t *ppos)
   2154{
   2155	char temp[32];
   2156	ssize_t rc;
   2157
   2158	if (*ppos != 0)
   2159		return 0;
   2160
   2161	sprintf(temp, "%d\n", log_policy);
   2162	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
   2163	return rc;
   2164}
   2165
   2166/**
   2167 * smk_write_logging - write() for /smack/logging
   2168 * @file: file pointer, not actually used
   2169 * @buf: where to get the data from
   2170 * @count: bytes sent
   2171 * @ppos: where to start
   2172 *
   2173 * Returns number of bytes written or error code, as appropriate
   2174 */
   2175static ssize_t smk_write_logging(struct file *file, const char __user *buf,
   2176				size_t count, loff_t *ppos)
   2177{
   2178	char temp[32];
   2179	int i;
   2180
   2181	if (!smack_privileged(CAP_MAC_ADMIN))
   2182		return -EPERM;
   2183
   2184	if (count >= sizeof(temp) || count == 0)
   2185		return -EINVAL;
   2186
   2187	if (copy_from_user(temp, buf, count) != 0)
   2188		return -EFAULT;
   2189
   2190	temp[count] = '\0';
   2191
   2192	if (sscanf(temp, "%d", &i) != 1)
   2193		return -EINVAL;
   2194	if (i < 0 || i > 3)
   2195		return -EINVAL;
   2196	log_policy = i;
   2197	return count;
   2198}
   2199
   2200
   2201
   2202static const struct file_operations smk_logging_ops = {
   2203	.read		= smk_read_logging,
   2204	.write		= smk_write_logging,
   2205	.llseek		= default_llseek,
   2206};
   2207
   2208/*
   2209 * Seq_file read operations for /smack/load-self
   2210 */
   2211
   2212static void *load_self_seq_start(struct seq_file *s, loff_t *pos)
   2213{
   2214	struct task_smack *tsp = smack_cred(current_cred());
   2215
   2216	return smk_seq_start(s, pos, &tsp->smk_rules);
   2217}
   2218
   2219static void *load_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
   2220{
   2221	struct task_smack *tsp = smack_cred(current_cred());
   2222
   2223	return smk_seq_next(s, v, pos, &tsp->smk_rules);
   2224}
   2225
   2226static int load_self_seq_show(struct seq_file *s, void *v)
   2227{
   2228	struct list_head *list = v;
   2229	struct smack_rule *srp =
   2230		list_entry_rcu(list, struct smack_rule, list);
   2231
   2232	smk_rule_show(s, srp, SMK_LABELLEN);
   2233
   2234	return 0;
   2235}
   2236
   2237static const struct seq_operations load_self_seq_ops = {
   2238	.start = load_self_seq_start,
   2239	.next  = load_self_seq_next,
   2240	.show  = load_self_seq_show,
   2241	.stop  = smk_seq_stop,
   2242};
   2243
   2244
   2245/**
   2246 * smk_open_load_self - open() for /smack/load-self2
   2247 * @inode: inode structure representing file
   2248 * @file: "load" file pointer
   2249 *
   2250 * For reading, use load_seq_* seq_file reading operations.
   2251 */
   2252static int smk_open_load_self(struct inode *inode, struct file *file)
   2253{
   2254	return seq_open(file, &load_self_seq_ops);
   2255}
   2256
   2257/**
   2258 * smk_write_load_self - write() for /smack/load-self
   2259 * @file: file pointer, not actually used
   2260 * @buf: where to get the data from
   2261 * @count: bytes sent
   2262 * @ppos: where to start - must be 0
   2263 *
   2264 */
   2265static ssize_t smk_write_load_self(struct file *file, const char __user *buf,
   2266			      size_t count, loff_t *ppos)
   2267{
   2268	struct task_smack *tsp = smack_cred(current_cred());
   2269
   2270	return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
   2271				    &tsp->smk_rules_lock, SMK_FIXED24_FMT);
   2272}
   2273
   2274static const struct file_operations smk_load_self_ops = {
   2275	.open           = smk_open_load_self,
   2276	.read		= seq_read,
   2277	.llseek         = seq_lseek,
   2278	.write		= smk_write_load_self,
   2279	.release        = seq_release,
   2280};
   2281
   2282/**
   2283 * smk_user_access - handle access check transaction
   2284 * @file: file pointer
   2285 * @buf: data from user space
   2286 * @count: bytes sent
   2287 * @ppos: where to start - must be 0
   2288 * @format: /smack/load or /smack/load2 or /smack/change-rule format.
   2289 */
   2290static ssize_t smk_user_access(struct file *file, const char __user *buf,
   2291				size_t count, loff_t *ppos, int format)
   2292{
   2293	struct smack_parsed_rule rule;
   2294	char *data;
   2295	int res;
   2296
   2297	data = simple_transaction_get(file, buf, count);
   2298	if (IS_ERR(data))
   2299		return PTR_ERR(data);
   2300
   2301	if (format == SMK_FIXED24_FMT) {
   2302		if (count < SMK_LOADLEN)
   2303			return -EINVAL;
   2304		res = smk_parse_rule(data, &rule, 0);
   2305	} else {
   2306		/*
   2307		 * simple_transaction_get() returns null-terminated data
   2308		 */
   2309		res = smk_parse_long_rule(data, &rule, 0, 3);
   2310	}
   2311
   2312	if (res >= 0)
   2313		res = smk_access(rule.smk_subject, rule.smk_object,
   2314				 rule.smk_access1, NULL);
   2315	else if (res != -ENOENT)
   2316		return res;
   2317
   2318	/*
   2319	 * smk_access() can return a value > 0 in the "bringup" case.
   2320	 */
   2321	data[0] = res >= 0 ? '1' : '0';
   2322	data[1] = '\0';
   2323
   2324	simple_transaction_set(file, 2);
   2325
   2326	if (format == SMK_FIXED24_FMT)
   2327		return SMK_LOADLEN;
   2328	return count;
   2329}
   2330
   2331/**
   2332 * smk_write_access - handle access check transaction
   2333 * @file: file pointer
   2334 * @buf: data from user space
   2335 * @count: bytes sent
   2336 * @ppos: where to start - must be 0
   2337 */
   2338static ssize_t smk_write_access(struct file *file, const char __user *buf,
   2339				size_t count, loff_t *ppos)
   2340{
   2341	return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT);
   2342}
   2343
   2344static const struct file_operations smk_access_ops = {
   2345	.write		= smk_write_access,
   2346	.read		= simple_transaction_read,
   2347	.release	= simple_transaction_release,
   2348	.llseek		= generic_file_llseek,
   2349};
   2350
   2351
   2352/*
   2353 * Seq_file read operations for /smack/load2
   2354 */
   2355
   2356static int load2_seq_show(struct seq_file *s, void *v)
   2357{
   2358	struct list_head *list = v;
   2359	struct smack_rule *srp;
   2360	struct smack_known *skp =
   2361		list_entry_rcu(list, struct smack_known, list);
   2362
   2363	list_for_each_entry_rcu(srp, &skp->smk_rules, list)
   2364		smk_rule_show(s, srp, SMK_LONGLABEL);
   2365
   2366	return 0;
   2367}
   2368
   2369static const struct seq_operations load2_seq_ops = {
   2370	.start = load2_seq_start,
   2371	.next  = load2_seq_next,
   2372	.show  = load2_seq_show,
   2373	.stop  = smk_seq_stop,
   2374};
   2375
   2376/**
   2377 * smk_open_load2 - open() for /smack/load2
   2378 * @inode: inode structure representing file
   2379 * @file: "load2" file pointer
   2380 *
   2381 * For reading, use load2_seq_* seq_file reading operations.
   2382 */
   2383static int smk_open_load2(struct inode *inode, struct file *file)
   2384{
   2385	return seq_open(file, &load2_seq_ops);
   2386}
   2387
   2388/**
   2389 * smk_write_load2 - write() for /smack/load2
   2390 * @file: file pointer, not actually used
   2391 * @buf: where to get the data from
   2392 * @count: bytes sent
   2393 * @ppos: where to start - must be 0
   2394 *
   2395 */
   2396static ssize_t smk_write_load2(struct file *file, const char __user *buf,
   2397				size_t count, loff_t *ppos)
   2398{
   2399	/*
   2400	 * Must have privilege.
   2401	 */
   2402	if (!smack_privileged(CAP_MAC_ADMIN))
   2403		return -EPERM;
   2404
   2405	return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
   2406				    SMK_LONG_FMT);
   2407}
   2408
   2409static const struct file_operations smk_load2_ops = {
   2410	.open           = smk_open_load2,
   2411	.read		= seq_read,
   2412	.llseek         = seq_lseek,
   2413	.write		= smk_write_load2,
   2414	.release        = seq_release,
   2415};
   2416
   2417/*
   2418 * Seq_file read operations for /smack/load-self2
   2419 */
   2420
   2421static void *load_self2_seq_start(struct seq_file *s, loff_t *pos)
   2422{
   2423	struct task_smack *tsp = smack_cred(current_cred());
   2424
   2425	return smk_seq_start(s, pos, &tsp->smk_rules);
   2426}
   2427
   2428static void *load_self2_seq_next(struct seq_file *s, void *v, loff_t *pos)
   2429{
   2430	struct task_smack *tsp = smack_cred(current_cred());
   2431
   2432	return smk_seq_next(s, v, pos, &tsp->smk_rules);
   2433}
   2434
   2435static int load_self2_seq_show(struct seq_file *s, void *v)
   2436{
   2437	struct list_head *list = v;
   2438	struct smack_rule *srp =
   2439		list_entry_rcu(list, struct smack_rule, list);
   2440
   2441	smk_rule_show(s, srp, SMK_LONGLABEL);
   2442
   2443	return 0;
   2444}
   2445
   2446static const struct seq_operations load_self2_seq_ops = {
   2447	.start = load_self2_seq_start,
   2448	.next  = load_self2_seq_next,
   2449	.show  = load_self2_seq_show,
   2450	.stop  = smk_seq_stop,
   2451};
   2452
   2453/**
   2454 * smk_open_load_self2 - open() for /smack/load-self2
   2455 * @inode: inode structure representing file
   2456 * @file: "load" file pointer
   2457 *
   2458 * For reading, use load_seq_* seq_file reading operations.
   2459 */
   2460static int smk_open_load_self2(struct inode *inode, struct file *file)
   2461{
   2462	return seq_open(file, &load_self2_seq_ops);
   2463}
   2464
   2465/**
   2466 * smk_write_load_self2 - write() for /smack/load-self2
   2467 * @file: file pointer, not actually used
   2468 * @buf: where to get the data from
   2469 * @count: bytes sent
   2470 * @ppos: where to start - must be 0
   2471 *
   2472 */
   2473static ssize_t smk_write_load_self2(struct file *file, const char __user *buf,
   2474			      size_t count, loff_t *ppos)
   2475{
   2476	struct task_smack *tsp = smack_cred(current_cred());
   2477
   2478	return smk_write_rules_list(file, buf, count, ppos, &tsp->smk_rules,
   2479				    &tsp->smk_rules_lock, SMK_LONG_FMT);
   2480}
   2481
   2482static const struct file_operations smk_load_self2_ops = {
   2483	.open           = smk_open_load_self2,
   2484	.read		= seq_read,
   2485	.llseek         = seq_lseek,
   2486	.write		= smk_write_load_self2,
   2487	.release        = seq_release,
   2488};
   2489
   2490/**
   2491 * smk_write_access2 - handle access check transaction
   2492 * @file: file pointer
   2493 * @buf: data from user space
   2494 * @count: bytes sent
   2495 * @ppos: where to start - must be 0
   2496 */
   2497static ssize_t smk_write_access2(struct file *file, const char __user *buf,
   2498					size_t count, loff_t *ppos)
   2499{
   2500	return smk_user_access(file, buf, count, ppos, SMK_LONG_FMT);
   2501}
   2502
   2503static const struct file_operations smk_access2_ops = {
   2504	.write		= smk_write_access2,
   2505	.read		= simple_transaction_read,
   2506	.release	= simple_transaction_release,
   2507	.llseek		= generic_file_llseek,
   2508};
   2509
   2510/**
   2511 * smk_write_revoke_subj - write() for /smack/revoke-subject
   2512 * @file: file pointer
   2513 * @buf: data from user space
   2514 * @count: bytes sent
   2515 * @ppos: where to start - must be 0
   2516 */
   2517static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
   2518				size_t count, loff_t *ppos)
   2519{
   2520	char *data;
   2521	const char *cp;
   2522	struct smack_known *skp;
   2523	struct smack_rule *sp;
   2524	struct list_head *rule_list;
   2525	struct mutex *rule_lock;
   2526	int rc = count;
   2527
   2528	if (*ppos != 0)
   2529		return -EINVAL;
   2530
   2531	if (!smack_privileged(CAP_MAC_ADMIN))
   2532		return -EPERM;
   2533
   2534	if (count == 0 || count > SMK_LONGLABEL)
   2535		return -EINVAL;
   2536
   2537	data = memdup_user(buf, count);
   2538	if (IS_ERR(data))
   2539		return PTR_ERR(data);
   2540
   2541	cp = smk_parse_smack(data, count);
   2542	if (IS_ERR(cp)) {
   2543		rc = PTR_ERR(cp);
   2544		goto out_data;
   2545	}
   2546
   2547	skp = smk_find_entry(cp);
   2548	if (skp == NULL)
   2549		goto out_cp;
   2550
   2551	rule_list = &skp->smk_rules;
   2552	rule_lock = &skp->smk_rules_lock;
   2553
   2554	mutex_lock(rule_lock);
   2555
   2556	list_for_each_entry_rcu(sp, rule_list, list)
   2557		sp->smk_access = 0;
   2558
   2559	mutex_unlock(rule_lock);
   2560
   2561out_cp:
   2562	kfree(cp);
   2563out_data:
   2564	kfree(data);
   2565
   2566	return rc;
   2567}
   2568
   2569static const struct file_operations smk_revoke_subj_ops = {
   2570	.write		= smk_write_revoke_subj,
   2571	.read		= simple_transaction_read,
   2572	.release	= simple_transaction_release,
   2573	.llseek		= generic_file_llseek,
   2574};
   2575
   2576/**
   2577 * smk_init_sysfs - initialize /sys/fs/smackfs
   2578 *
   2579 */
   2580static int smk_init_sysfs(void)
   2581{
   2582	return sysfs_create_mount_point(fs_kobj, "smackfs");
   2583}
   2584
   2585/**
   2586 * smk_write_change_rule - write() for /smack/change-rule
   2587 * @file: file pointer
   2588 * @buf: data from user space
   2589 * @count: bytes sent
   2590 * @ppos: where to start - must be 0
   2591 */
   2592static ssize_t smk_write_change_rule(struct file *file, const char __user *buf,
   2593				size_t count, loff_t *ppos)
   2594{
   2595	/*
   2596	 * Must have privilege.
   2597	 */
   2598	if (!smack_privileged(CAP_MAC_ADMIN))
   2599		return -EPERM;
   2600
   2601	return smk_write_rules_list(file, buf, count, ppos, NULL, NULL,
   2602				    SMK_CHANGE_FMT);
   2603}
   2604
   2605static const struct file_operations smk_change_rule_ops = {
   2606	.write		= smk_write_change_rule,
   2607	.read		= simple_transaction_read,
   2608	.release	= simple_transaction_release,
   2609	.llseek		= generic_file_llseek,
   2610};
   2611
   2612/**
   2613 * smk_read_syslog - read() for smackfs/syslog
   2614 * @filp: file pointer, not actually used
   2615 * @buf: where to put the result
   2616 * @cn: maximum to send along
   2617 * @ppos: where to start
   2618 *
   2619 * Returns number of bytes read or error code, as appropriate
   2620 */
   2621static ssize_t smk_read_syslog(struct file *filp, char __user *buf,
   2622				size_t cn, loff_t *ppos)
   2623{
   2624	struct smack_known *skp;
   2625	ssize_t rc = -EINVAL;
   2626	int asize;
   2627
   2628	if (*ppos != 0)
   2629		return 0;
   2630
   2631	if (smack_syslog_label == NULL)
   2632		skp = &smack_known_star;
   2633	else
   2634		skp = smack_syslog_label;
   2635
   2636	asize = strlen(skp->smk_known) + 1;
   2637
   2638	if (cn >= asize)
   2639		rc = simple_read_from_buffer(buf, cn, ppos, skp->smk_known,
   2640						asize);
   2641
   2642	return rc;
   2643}
   2644
   2645/**
   2646 * smk_write_syslog - write() for smackfs/syslog
   2647 * @file: file pointer, not actually used
   2648 * @buf: where to get the data from
   2649 * @count: bytes sent
   2650 * @ppos: where to start
   2651 *
   2652 * Returns number of bytes written or error code, as appropriate
   2653 */
   2654static ssize_t smk_write_syslog(struct file *file, const char __user *buf,
   2655				size_t count, loff_t *ppos)
   2656{
   2657	char *data;
   2658	struct smack_known *skp;
   2659	int rc = count;
   2660
   2661	if (!smack_privileged(CAP_MAC_ADMIN))
   2662		return -EPERM;
   2663
   2664	/* Enough data must be present */
   2665	if (count == 0 || count > PAGE_SIZE)
   2666		return -EINVAL;
   2667
   2668	data = memdup_user_nul(buf, count);
   2669	if (IS_ERR(data))
   2670		return PTR_ERR(data);
   2671
   2672	skp = smk_import_entry(data, count);
   2673	if (IS_ERR(skp))
   2674		rc = PTR_ERR(skp);
   2675	else
   2676		smack_syslog_label = skp;
   2677
   2678	kfree(data);
   2679	return rc;
   2680}
   2681
   2682static const struct file_operations smk_syslog_ops = {
   2683	.read		= smk_read_syslog,
   2684	.write		= smk_write_syslog,
   2685	.llseek		= default_llseek,
   2686};
   2687
   2688/*
   2689 * Seq_file read operations for /smack/relabel-self
   2690 */
   2691
   2692static void *relabel_self_seq_start(struct seq_file *s, loff_t *pos)
   2693{
   2694	struct task_smack *tsp = smack_cred(current_cred());
   2695
   2696	return smk_seq_start(s, pos, &tsp->smk_relabel);
   2697}
   2698
   2699static void *relabel_self_seq_next(struct seq_file *s, void *v, loff_t *pos)
   2700{
   2701	struct task_smack *tsp = smack_cred(current_cred());
   2702
   2703	return smk_seq_next(s, v, pos, &tsp->smk_relabel);
   2704}
   2705
   2706static int relabel_self_seq_show(struct seq_file *s, void *v)
   2707{
   2708	struct list_head *list = v;
   2709	struct smack_known_list_elem *sklep =
   2710		list_entry(list, struct smack_known_list_elem, list);
   2711
   2712	seq_puts(s, sklep->smk_label->smk_known);
   2713	seq_putc(s, ' ');
   2714
   2715	return 0;
   2716}
   2717
   2718static const struct seq_operations relabel_self_seq_ops = {
   2719	.start = relabel_self_seq_start,
   2720	.next  = relabel_self_seq_next,
   2721	.show  = relabel_self_seq_show,
   2722	.stop  = smk_seq_stop,
   2723};
   2724
   2725/**
   2726 * smk_open_relabel_self - open() for /smack/relabel-self
   2727 * @inode: inode structure representing file
   2728 * @file: "relabel-self" file pointer
   2729 *
   2730 * Connect our relabel_self_seq_* operations with /smack/relabel-self
   2731 * file_operations
   2732 */
   2733static int smk_open_relabel_self(struct inode *inode, struct file *file)
   2734{
   2735	return seq_open(file, &relabel_self_seq_ops);
   2736}
   2737
   2738/**
   2739 * smk_write_relabel_self - write() for /smack/relabel-self
   2740 * @file: file pointer, not actually used
   2741 * @buf: where to get the data from
   2742 * @count: bytes sent
   2743 * @ppos: where to start - must be 0
   2744 *
   2745 */
   2746static ssize_t smk_write_relabel_self(struct file *file, const char __user *buf,
   2747				size_t count, loff_t *ppos)
   2748{
   2749	char *data;
   2750	int rc;
   2751	LIST_HEAD(list_tmp);
   2752
   2753	/*
   2754	 * Must have privilege.
   2755	 */
   2756	if (!smack_privileged(CAP_MAC_ADMIN))
   2757		return -EPERM;
   2758
   2759	/*
   2760	 * No partial write.
   2761	 * Enough data must be present.
   2762	 */
   2763	if (*ppos != 0)
   2764		return -EINVAL;
   2765	if (count == 0 || count > PAGE_SIZE)
   2766		return -EINVAL;
   2767
   2768	data = memdup_user_nul(buf, count);
   2769	if (IS_ERR(data))
   2770		return PTR_ERR(data);
   2771
   2772	rc = smk_parse_label_list(data, &list_tmp);
   2773	kfree(data);
   2774
   2775	if (!rc || (rc == -EINVAL && list_empty(&list_tmp))) {
   2776		struct cred *new;
   2777		struct task_smack *tsp;
   2778
   2779		new = prepare_creds();
   2780		if (!new) {
   2781			rc = -ENOMEM;
   2782			goto out;
   2783		}
   2784		tsp = smack_cred(new);
   2785		smk_destroy_label_list(&tsp->smk_relabel);
   2786		list_splice(&list_tmp, &tsp->smk_relabel);
   2787		commit_creds(new);
   2788		return count;
   2789	}
   2790out:
   2791	smk_destroy_label_list(&list_tmp);
   2792	return rc;
   2793}
   2794
   2795static const struct file_operations smk_relabel_self_ops = {
   2796	.open		= smk_open_relabel_self,
   2797	.read		= seq_read,
   2798	.llseek		= seq_lseek,
   2799	.write		= smk_write_relabel_self,
   2800	.release	= seq_release,
   2801};
   2802
   2803/**
   2804 * smk_read_ptrace - read() for /smack/ptrace
   2805 * @filp: file pointer, not actually used
   2806 * @buf: where to put the result
   2807 * @count: maximum to send along
   2808 * @ppos: where to start
   2809 *
   2810 * Returns number of bytes read or error code, as appropriate
   2811 */
   2812static ssize_t smk_read_ptrace(struct file *filp, char __user *buf,
   2813			       size_t count, loff_t *ppos)
   2814{
   2815	char temp[32];
   2816	ssize_t rc;
   2817
   2818	if (*ppos != 0)
   2819		return 0;
   2820
   2821	sprintf(temp, "%d\n", smack_ptrace_rule);
   2822	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
   2823	return rc;
   2824}
   2825
   2826/**
   2827 * smk_write_ptrace - write() for /smack/ptrace
   2828 * @file: file pointer
   2829 * @buf: data from user space
   2830 * @count: bytes sent
   2831 * @ppos: where to start - must be 0
   2832 */
   2833static ssize_t smk_write_ptrace(struct file *file, const char __user *buf,
   2834				size_t count, loff_t *ppos)
   2835{
   2836	char temp[32];
   2837	int i;
   2838
   2839	if (!smack_privileged(CAP_MAC_ADMIN))
   2840		return -EPERM;
   2841
   2842	if (*ppos != 0 || count >= sizeof(temp) || count == 0)
   2843		return -EINVAL;
   2844
   2845	if (copy_from_user(temp, buf, count) != 0)
   2846		return -EFAULT;
   2847
   2848	temp[count] = '\0';
   2849
   2850	if (sscanf(temp, "%d", &i) != 1)
   2851		return -EINVAL;
   2852	if (i < SMACK_PTRACE_DEFAULT || i > SMACK_PTRACE_MAX)
   2853		return -EINVAL;
   2854	smack_ptrace_rule = i;
   2855
   2856	return count;
   2857}
   2858
   2859static const struct file_operations smk_ptrace_ops = {
   2860	.write		= smk_write_ptrace,
   2861	.read		= smk_read_ptrace,
   2862	.llseek		= default_llseek,
   2863};
   2864
   2865/**
   2866 * smk_fill_super - fill the smackfs superblock
   2867 * @sb: the empty superblock
   2868 * @fc: unused
   2869 *
   2870 * Fill in the well known entries for the smack filesystem
   2871 *
   2872 * Returns 0 on success, an error code on failure
   2873 */
   2874static int smk_fill_super(struct super_block *sb, struct fs_context *fc)
   2875{
   2876	int rc;
   2877
   2878	static const struct tree_descr smack_files[] = {
   2879		[SMK_LOAD] = {
   2880			"load", &smk_load_ops, S_IRUGO|S_IWUSR},
   2881		[SMK_CIPSO] = {
   2882			"cipso", &smk_cipso_ops, S_IRUGO|S_IWUSR},
   2883		[SMK_DOI] = {
   2884			"doi", &smk_doi_ops, S_IRUGO|S_IWUSR},
   2885		[SMK_DIRECT] = {
   2886			"direct", &smk_direct_ops, S_IRUGO|S_IWUSR},
   2887		[SMK_AMBIENT] = {
   2888			"ambient", &smk_ambient_ops, S_IRUGO|S_IWUSR},
   2889		[SMK_NET4ADDR] = {
   2890			"netlabel", &smk_net4addr_ops, S_IRUGO|S_IWUSR},
   2891		[SMK_ONLYCAP] = {
   2892			"onlycap", &smk_onlycap_ops, S_IRUGO|S_IWUSR},
   2893		[SMK_LOGGING] = {
   2894			"logging", &smk_logging_ops, S_IRUGO|S_IWUSR},
   2895		[SMK_LOAD_SELF] = {
   2896			"load-self", &smk_load_self_ops, S_IRUGO|S_IWUGO},
   2897		[SMK_ACCESSES] = {
   2898			"access", &smk_access_ops, S_IRUGO|S_IWUGO},
   2899		[SMK_MAPPED] = {
   2900			"mapped", &smk_mapped_ops, S_IRUGO|S_IWUSR},
   2901		[SMK_LOAD2] = {
   2902			"load2", &smk_load2_ops, S_IRUGO|S_IWUSR},
   2903		[SMK_LOAD_SELF2] = {
   2904			"load-self2", &smk_load_self2_ops, S_IRUGO|S_IWUGO},
   2905		[SMK_ACCESS2] = {
   2906			"access2", &smk_access2_ops, S_IRUGO|S_IWUGO},
   2907		[SMK_CIPSO2] = {
   2908			"cipso2", &smk_cipso2_ops, S_IRUGO|S_IWUSR},
   2909		[SMK_REVOKE_SUBJ] = {
   2910			"revoke-subject", &smk_revoke_subj_ops,
   2911			S_IRUGO|S_IWUSR},
   2912		[SMK_CHANGE_RULE] = {
   2913			"change-rule", &smk_change_rule_ops, S_IRUGO|S_IWUSR},
   2914		[SMK_SYSLOG] = {
   2915			"syslog", &smk_syslog_ops, S_IRUGO|S_IWUSR},
   2916		[SMK_PTRACE] = {
   2917			"ptrace", &smk_ptrace_ops, S_IRUGO|S_IWUSR},
   2918#ifdef CONFIG_SECURITY_SMACK_BRINGUP
   2919		[SMK_UNCONFINED] = {
   2920			"unconfined", &smk_unconfined_ops, S_IRUGO|S_IWUSR},
   2921#endif
   2922#if IS_ENABLED(CONFIG_IPV6)
   2923		[SMK_NET6ADDR] = {
   2924			"ipv6host", &smk_net6addr_ops, S_IRUGO|S_IWUSR},
   2925#endif /* CONFIG_IPV6 */
   2926		[SMK_RELABEL_SELF] = {
   2927			"relabel-self", &smk_relabel_self_ops,
   2928				S_IRUGO|S_IWUGO},
   2929		/* last one */
   2930			{""}
   2931	};
   2932
   2933	rc = simple_fill_super(sb, SMACK_MAGIC, smack_files);
   2934	if (rc != 0) {
   2935		printk(KERN_ERR "%s failed %d while creating inodes\n",
   2936			__func__, rc);
   2937		return rc;
   2938	}
   2939
   2940	return 0;
   2941}
   2942
   2943/**
   2944 * smk_get_tree - get the smackfs superblock
   2945 * @fc: The mount context, including any options
   2946 *
   2947 * Just passes everything along.
   2948 *
   2949 * Returns what the lower level code does.
   2950 */
   2951static int smk_get_tree(struct fs_context *fc)
   2952{
   2953	return get_tree_single(fc, smk_fill_super);
   2954}
   2955
   2956static const struct fs_context_operations smk_context_ops = {
   2957	.get_tree	= smk_get_tree,
   2958};
   2959
   2960/**
   2961 * smk_init_fs_context - Initialise a filesystem context for smackfs
   2962 * @fc: The blank mount context
   2963 */
   2964static int smk_init_fs_context(struct fs_context *fc)
   2965{
   2966	fc->ops = &smk_context_ops;
   2967	return 0;
   2968}
   2969
   2970static struct file_system_type smk_fs_type = {
   2971	.name		= "smackfs",
   2972	.init_fs_context = smk_init_fs_context,
   2973	.kill_sb	= kill_litter_super,
   2974};
   2975
   2976static struct vfsmount *smackfs_mount;
   2977
   2978/**
   2979 * init_smk_fs - get the smackfs superblock
   2980 *
   2981 * register the smackfs
   2982 *
   2983 * Do not register smackfs if Smack wasn't enabled
   2984 * on boot. We can not put this method normally under the
   2985 * smack_init() code path since the security subsystem get
   2986 * initialized before the vfs caches.
   2987 *
   2988 * Returns true if we were not chosen on boot or if
   2989 * we were chosen and filesystem registration succeeded.
   2990 */
   2991static int __init init_smk_fs(void)
   2992{
   2993	int err;
   2994	int rc;
   2995
   2996	if (smack_enabled == 0)
   2997		return 0;
   2998
   2999	err = smk_init_sysfs();
   3000	if (err)
   3001		printk(KERN_ERR "smackfs: sysfs mountpoint problem.\n");
   3002
   3003	err = register_filesystem(&smk_fs_type);
   3004	if (!err) {
   3005		smackfs_mount = kern_mount(&smk_fs_type);
   3006		if (IS_ERR(smackfs_mount)) {
   3007			printk(KERN_ERR "smackfs:  could not mount!\n");
   3008			err = PTR_ERR(smackfs_mount);
   3009			smackfs_mount = NULL;
   3010		}
   3011	}
   3012
   3013	smk_cipso_doi();
   3014	smk_unlbl_ambient(NULL);
   3015
   3016	rc = smack_populate_secattr(&smack_known_floor);
   3017	if (err == 0 && rc < 0)
   3018		err = rc;
   3019	rc = smack_populate_secattr(&smack_known_hat);
   3020	if (err == 0 && rc < 0)
   3021		err = rc;
   3022	rc = smack_populate_secattr(&smack_known_huh);
   3023	if (err == 0 && rc < 0)
   3024		err = rc;
   3025	rc = smack_populate_secattr(&smack_known_star);
   3026	if (err == 0 && rc < 0)
   3027		err = rc;
   3028	rc = smack_populate_secattr(&smack_known_web);
   3029	if (err == 0 && rc < 0)
   3030		err = rc;
   3031
   3032	return err;
   3033}
   3034
   3035__initcall(init_smk_fs);