search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
i2c: designware: Separate timing parameter setting from HW initalization
[linux/fpc-iii.git] / security / tomoyo / audit.c
blob479b03a7a17effb75a81212f48fa16580dc7fc3a
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * security/tomoyo/audit.c
4 *
5 * Copyright (C) 2005-2011 NTT DATA CORPORATION
6 */
7
8 #include "common.h"
9 #include <linux/slab.h>
10
11 /**
12 * tomoyo_print_bprm - Print "struct linux_binprm" for auditing.
13 *
14 * @bprm: Pointer to "struct linux_binprm".
15 * @dump: Pointer to "struct tomoyo_page_dump".
16 *
17 * Returns the contents of @bprm on success, NULL otherwise.
18 *
19 * This function uses kzalloc(), so caller must kfree() if this function
20 * didn't return NULL.
21 */
22 static char *tomoyo_print_bprm(struct linux_binprm *bprm,
23 struct tomoyo_page_dump *dump)
24 {
25 static const int tomoyo_buffer_len = 4096 * 2;
26 char *buffer = kzalloc(tomoyo_buffer_len, GFP_NOFS);
27 char *cp;
28 char *last_start;
29 int len;
30 unsigned long pos = bprm->p;
31 int offset = pos % PAGE_SIZE;
32 int argv_count = bprm->argc;
33 int envp_count = bprm->envc;
34 bool truncated = false;
35 if (!buffer)
36 return NULL;
37 len = snprintf(buffer, tomoyo_buffer_len - 1, "argv[]={ ");
38 cp = buffer + len;
39 if (!argv_count) {
40 memmove(cp, "} envp[]={ ", 11);
41 cp += 11;
42 }
43 last_start = cp;
44 while (argv_count || envp_count) {
45 if (!tomoyo_dump_page(bprm, pos, dump))
46 goto out;
47 pos += PAGE_SIZE - offset;
48 /* Read. */
49 while (offset < PAGE_SIZE) {
50 const char *kaddr = dump->data;
51 const unsigned char c = kaddr[offset++];
52 if (cp == last_start)
53 *cp++ = '"';
54 if (cp >= buffer + tomoyo_buffer_len - 32) {
55 /* Reserve some room for "..." string. */
56 truncated = true;
57 } else if (c == '\\') {
58 *cp++ = '\\';
59 *cp++ = '\\';
60 } else if (c > ' ' && c < 127) {
61 *cp++ = c;
62 } else if (!c) {
63 *cp++ = '"';
64 *cp++ = ' ';
65 last_start = cp;
66 } else {
67 *cp++ = '\\';
68 *cp++ = (c >> 6) + '0';
69 *cp++ = ((c >> 3) & 7) + '0';
70 *cp++ = (c & 7) + '0';
71 }
72 if (c)
73 continue;
74 if (argv_count) {
75 if (--argv_count == 0) {
76 if (truncated) {
77 cp = last_start;
78 memmove(cp, "... ", 4);
79 cp += 4;
80 }
81 memmove(cp, "} envp[]={ ", 11);
82 cp += 11;
83 last_start = cp;
84 truncated = false;
85 }
86 } else if (envp_count) {
87 if (--envp_count == 0) {
88 if (truncated) {
89 cp = last_start;
90 memmove(cp, "... ", 4);
91 cp += 4;
92 }
93 }
94 }
95 if (!argv_count && !envp_count)
96 break;
97 }
98 offset = 0;
99 }
100 *cp++ = '}';
101 *cp = '\0';
102 return buffer;
103 out:
104 snprintf(buffer, tomoyo_buffer_len - 1,
105 "argv[]={ ... } envp[]= { ... }");
106 return buffer;
107 }
108
109 /**
110 * tomoyo_filetype - Get string representation of file type.
111 *
112 * @mode: Mode value for stat().
113 *
114 * Returns file type string.
115 */
116 static inline const char *tomoyo_filetype(const umode_t mode)
117 {
118 switch (mode & S_IFMT) {
119 case S_IFREG:
120 case 0:
121 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_FILE];
122 case S_IFDIR:
123 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_DIRECTORY];
124 case S_IFLNK:
125 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_SYMLINK];
126 case S_IFIFO:
127 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_FIFO];
128 case S_IFSOCK:
129 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_SOCKET];
130 case S_IFBLK:
131 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_BLOCK_DEV];
132 case S_IFCHR:
133 return tomoyo_condition_keyword[TOMOYO_TYPE_IS_CHAR_DEV];
134 }
135 return "unknown"; /* This should not happen. */
136 }
137
138 /**
139 * tomoyo_print_header - Get header line of audit log.
140 *
141 * @r: Pointer to "struct tomoyo_request_info".
142 *
143 * Returns string representation.
144 *
145 * This function uses kmalloc(), so caller must kfree() if this function
146 * didn't return NULL.
147 */
148 static char *tomoyo_print_header(struct tomoyo_request_info *r)
149 {
150 struct tomoyo_time stamp;
151 const pid_t gpid = task_pid_nr(current);
152 struct tomoyo_obj_info *obj = r->obj;
153 static const int tomoyo_buffer_len = 4096;
154 char *buffer = kmalloc(tomoyo_buffer_len, GFP_NOFS);
155 int pos;
156 u8 i;
157 if (!buffer)
158 return NULL;
159
160 tomoyo_convert_time(ktime_get_real_seconds(), &stamp);
161
162 pos = snprintf(buffer, tomoyo_buffer_len - 1,
163 "#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s "
164 "granted=%s (global-pid=%u) task={ pid=%u ppid=%u "
165 "uid=%u gid=%u euid=%u egid=%u suid=%u sgid=%u "
166 "fsuid=%u fsgid=%u }", stamp.year, stamp.month,
167 stamp.day, stamp.hour, stamp.min, stamp.sec, r->profile,
168 tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid,
169 tomoyo_sys_getpid(), tomoyo_sys_getppid(),
170 from_kuid(&init_user_ns, current_uid()),
171 from_kgid(&init_user_ns, current_gid()),
172 from_kuid(&init_user_ns, current_euid()),
173 from_kgid(&init_user_ns, current_egid()),
174 from_kuid(&init_user_ns, current_suid()),
175 from_kgid(&init_user_ns, current_sgid()),
176 from_kuid(&init_user_ns, current_fsuid()),
177 from_kgid(&init_user_ns, current_fsgid()));
178 if (!obj)
179 goto no_obj_info;
180 if (!obj->validate_done) {
181 tomoyo_get_attributes(obj);
182 obj->validate_done = true;
183 }
184 for (i = 0; i < TOMOYO_MAX_PATH_STAT; i++) {
185 struct tomoyo_mini_stat *stat;
186 unsigned int dev;
187 umode_t mode;
188 if (!obj->stat_valid[i])
189 continue;
190 stat = &obj->stat[i];
191 dev = stat->dev;
192 mode = stat->mode;
193 if (i & 1) {
194 pos += snprintf(buffer + pos,
195 tomoyo_buffer_len - 1 - pos,
196 " path%u.parent={ uid=%u gid=%u "
197 "ino=%lu perm=0%o }", (i >> 1) + 1,
198 from_kuid(&init_user_ns, stat->uid),
199 from_kgid(&init_user_ns, stat->gid),
200 (unsigned long)stat->ino,
201 stat->mode & S_IALLUGO);
202 continue;
203 }
204 pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,
205 " path%u={ uid=%u gid=%u ino=%lu major=%u"
206 " minor=%u perm=0%o type=%s", (i >> 1) + 1,
207 from_kuid(&init_user_ns, stat->uid),
208 from_kgid(&init_user_ns, stat->gid),
209 (unsigned long)stat->ino,
210 MAJOR(dev), MINOR(dev),
211 mode & S_IALLUGO, tomoyo_filetype(mode));
212 if (S_ISCHR(mode) || S_ISBLK(mode)) {
213 dev = stat->rdev;
214 pos += snprintf(buffer + pos,
215 tomoyo_buffer_len - 1 - pos,
216 " dev_major=%u dev_minor=%u",
217 MAJOR(dev), MINOR(dev));
218 }
219 pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,
220 " }");
221 }
222 no_obj_info:
223 if (pos < tomoyo_buffer_len - 1)
224 return buffer;
225 kfree(buffer);
226 return NULL;
227 }
228
229 /**
230 * tomoyo_init_log - Allocate buffer for audit logs.
231 *
232 * @r: Pointer to "struct tomoyo_request_info".
233 * @len: Buffer size needed for @fmt and @args.
234 * @fmt: The printf()'s format string.
235 * @args: va_list structure for @fmt.
236 *
237 * Returns pointer to allocated memory.
238 *
239 * This function uses kzalloc(), so caller must kfree() if this function
240 * didn't return NULL.
241 */
242 char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt,
243 va_list args)
244 {
245 char *buf = NULL;
246 char *bprm_info = NULL;
247 const char *header = NULL;
248 char *realpath = NULL;
249 const char *symlink = NULL;
250 int pos;
251 const char *domainname = r->domain->domainname->name;
252 header = tomoyo_print_header(r);
253 if (!header)
254 return NULL;
255 /* +10 is for '\n' etc. and '\0'. */
256 len += strlen(domainname) + strlen(header) + 10;
257 if (r->ee) {
258 struct file *file = r->ee->bprm->file;
259 realpath = tomoyo_realpath_from_path(&file->f_path);
260 bprm_info = tomoyo_print_bprm(r->ee->bprm, &r->ee->dump);
261 if (!realpath || !bprm_info)
262 goto out;
263 /* +80 is for " exec={ realpath=\"%s\" argc=%d envc=%d %s }" */
264 len += strlen(realpath) + 80 + strlen(bprm_info);
265 } else if (r->obj && r->obj->symlink_target) {
266 symlink = r->obj->symlink_target->name;
267 /* +18 is for " symlink.target=\"%s\"" */
268 len += 18 + strlen(symlink);
269 }
270 len = tomoyo_round2(len);
271 buf = kzalloc(len, GFP_NOFS);
272 if (!buf)
273 goto out;
274 len--;
275 pos = snprintf(buf, len, "%s", header);
276 if (realpath) {
277 struct linux_binprm *bprm = r->ee->bprm;
278 pos += snprintf(buf + pos, len - pos,
279 " exec={ realpath=\"%s\" argc=%d envc=%d %s }",
280 realpath, bprm->argc, bprm->envc, bprm_info);
281 } else if (symlink)
282 pos += snprintf(buf + pos, len - pos, " symlink.target=\"%s\"",
283 symlink);
284 pos += snprintf(buf + pos, len - pos, "\n%s\n", domainname);
285 vsnprintf(buf + pos, len - pos, fmt, args);
286 out:
287 kfree(realpath);
288 kfree(bprm_info);
289 kfree(header);
290 return buf;
291 }
292
293 /* Wait queue for /sys/kernel/security/tomoyo/audit. */
294 static DECLARE_WAIT_QUEUE_HEAD(tomoyo_log_wait);
295
296 /* Structure for audit log. */
297 struct tomoyo_log {
298 struct list_head list;
299 char *log;
300 int size;
301 };
302
303 /* The list for "struct tomoyo_log". */
304 static LIST_HEAD(tomoyo_log);
305
306 /* Lock for "struct list_head tomoyo_log". */
307 static DEFINE_SPINLOCK(tomoyo_log_lock);
308
309 /* Length of "stuct list_head tomoyo_log". */
310 static unsigned int tomoyo_log_count;
311
312 /**
313 * tomoyo_get_audit - Get audit mode.
314 *
315 * @ns: Pointer to "struct tomoyo_policy_namespace".
316 * @profile: Profile number.
317 * @index: Index number of functionality.
318 * @is_granted: True if granted log, false otherwise.
319 *
320 * Returns true if this request should be audited, false otherwise.
321 */
322 static bool tomoyo_get_audit(const struct tomoyo_policy_namespace *ns,
323 const u8 profile, const u8 index,
324 const struct tomoyo_acl_info *matched_acl,
325 const bool is_granted)
326 {
327 u8 mode;
328 const u8 category = tomoyo_index2category[index] +
329 TOMOYO_MAX_MAC_INDEX;
330 struct tomoyo_profile *p;
331 if (!tomoyo_policy_loaded)
332 return false;
333 p = tomoyo_profile(ns, profile);
334 if (tomoyo_log_count >= p->pref[TOMOYO_PREF_MAX_AUDIT_LOG])
335 return false;
336 if (is_granted && matched_acl && matched_acl->cond &&
337 matched_acl->cond->grant_log != TOMOYO_GRANTLOG_AUTO)
338 return matched_acl->cond->grant_log == TOMOYO_GRANTLOG_YES;
339 mode = p->config[index];
340 if (mode == TOMOYO_CONFIG_USE_DEFAULT)
341 mode = p->config[category];
342 if (mode == TOMOYO_CONFIG_USE_DEFAULT)
343 mode = p->default_config;
344 if (is_granted)
345 return mode & TOMOYO_CONFIG_WANT_GRANT_LOG;
346 return mode & TOMOYO_CONFIG_WANT_REJECT_LOG;
347 }
348
349 /**
350 * tomoyo_write_log2 - Write an audit log.
351 *
352 * @r: Pointer to "struct tomoyo_request_info".
353 * @len: Buffer size needed for @fmt and @args.
354 * @fmt: The printf()'s format string.
355 * @args: va_list structure for @fmt.
356 *
357 * Returns nothing.
358 */
359 void tomoyo_write_log2(struct tomoyo_request_info *r, int len, const char *fmt,
360 va_list args)
361 {
362 char *buf;
363 struct tomoyo_log *entry;
364 bool quota_exceeded = false;
365 if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type,
366 r->matched_acl, r->granted))
367 goto out;
368 buf = tomoyo_init_log(r, len, fmt, args);
369 if (!buf)
370 goto out;
371 entry = kzalloc(sizeof(*entry), GFP_NOFS);
372 if (!entry) {
373 kfree(buf);
374 goto out;
375 }
376 entry->log = buf;
377 len = tomoyo_round2(strlen(buf) + 1);
378 /*
379 * The entry->size is used for memory quota checks.
380 * Don't go beyond strlen(entry->log).
381 */
382 entry->size = len + tomoyo_round2(sizeof(*entry));
383 spin_lock(&tomoyo_log_lock);
384 if (tomoyo_memory_quota[TOMOYO_MEMORY_AUDIT] &&
385 tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] + entry->size >=
386 tomoyo_memory_quota[TOMOYO_MEMORY_AUDIT]) {
387 quota_exceeded = true;
388 } else {
389 tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] += entry->size;
390 list_add_tail(&entry->list, &tomoyo_log);
391 tomoyo_log_count++;
392 }
393 spin_unlock(&tomoyo_log_lock);
394 if (quota_exceeded) {
395 kfree(buf);
396 kfree(entry);
397 goto out;
398 }
399 wake_up(&tomoyo_log_wait);
400 out:
401 return;
402 }
403
404 /**
405 * tomoyo_write_log - Write an audit log.
406 *
407 * @r: Pointer to "struct tomoyo_request_info".
408 * @fmt: The printf()'s format string, followed by parameters.
409 *
410 * Returns nothing.
411 */
412 void tomoyo_write_log(struct tomoyo_request_info *r, const char *fmt, ...)
413 {
414 va_list args;
415 int len;
416 va_start(args, fmt);
417 len = vsnprintf((char *) &len, 1, fmt, args) + 1;
418 va_end(args);
419 va_start(args, fmt);
420 tomoyo_write_log2(r, len, fmt, args);
421 va_end(args);
422 }
423
424 /**
425 * tomoyo_read_log - Read an audit log.
426 *
427 * @head: Pointer to "struct tomoyo_io_buffer".
428 *
429 * Returns nothing.
430 */
431 void tomoyo_read_log(struct tomoyo_io_buffer *head)
432 {
433 struct tomoyo_log *ptr = NULL;
434 if (head->r.w_pos)
435 return;
436 kfree(head->read_buf);
437 head->read_buf = NULL;
438 spin_lock(&tomoyo_log_lock);
439 if (!list_empty(&tomoyo_log)) {
440 ptr = list_entry(tomoyo_log.next, typeof(*ptr), list);
441 list_del(&ptr->list);
442 tomoyo_log_count--;
443 tomoyo_memory_used[TOMOYO_MEMORY_AUDIT] -= ptr->size;
444 }
445 spin_unlock(&tomoyo_log_lock);
446 if (ptr) {
447 head->read_buf = ptr->log;
448 head->r.w[head->r.w_pos++] = head->read_buf;
449 kfree(ptr);
450 }
451 }
452
453 /**
454 * tomoyo_poll_log - Wait for an audit log.
455 *
456 * @file: Pointer to "struct file".
457 * @wait: Pointer to "poll_table". Maybe NULL.
458 *
459 * Returns EPOLLIN | EPOLLRDNORM when ready to read an audit log.
460 */
461 __poll_t tomoyo_poll_log(struct file *file, poll_table *wait)
462 {
463 if (tomoyo_log_count)
464 return EPOLLIN | EPOLLRDNORM;
465 poll_wait(file, &tomoyo_log_wait, wait);
466 if (tomoyo_log_count)
467 return EPOLLIN | EPOLLRDNORM;
468 return 0;
469 }
Linux with added FPC-III support