selinux: fast status update interface (/selinux/status)

const char *security_get_initial_sid_context(u32 sid);

/*

 * status notifier using mmap interface

 */

extern struct page *selinux_kernel_status_page(void);

#define SELINUX_KERNEL_STATUS_VERSION	1

struct selinux_kernel_status

{

	u32	version;	/* version number of thie structure */

	u32	sequence;	/* sequence number of seqlock logic */

	u32	enforcing;	/* current setting of enforcing mode */

	u32	policyload;	/* times of policy reloaded */

	u32	deny_unknown;	/* current setting of deny_unknown */

	/*

	 * The version > 0 supports above members.

	 */

} __attribute__((packed));

extern void selinux_status_update_setenforce(int enforcing);

extern void selinux_status_update_policyload(int seqno);

#endif /* _SELINUX_SECURITY_H_ */

	SEL_COMPAT_NET,	/* whether to use old compat network packet controls */

	SEL_REJECT_UNKNOWN, /* export unknown reject handling to userspace */

	SEL_DENY_UNKNOWN, /* export unknown deny handling to userspace */

	SEL_STATUS,	/* export current status using mmap() */

	SEL_INO_NEXT,	/* The next inode number to use */

};

		if (selinux_enforcing)

			avc_ss_reset(0);

		selnl_notify_setenforce(selinux_enforcing);

		selinux_status_update_setenforce(selinux_enforcing);

	}

	length = count;

out:

	.llseek		= generic_file_llseek,

};

static int sel_open_handle_status(struct inode *inode, struct file *filp)

{

	struct page    *status = selinux_kernel_status_page();

	if (!status)

		return -ENOMEM;

	filp->private_data = status;

	return 0;

}

static ssize_t sel_read_handle_status(struct file *filp, char __user *buf,

				      size_t count, loff_t *ppos)

{

	struct page    *status = filp->private_data;

	BUG_ON(!status);

	return simple_read_from_buffer(buf, count, ppos,

				       page_address(status),

				       sizeof(struct selinux_kernel_status));

}

static int sel_mmap_handle_status(struct file *filp,

				  struct vm_area_struct *vma)

{

	struct page    *status = filp->private_data;

	unsigned long	size = vma->vm_end - vma->vm_start;

	BUG_ON(!status);

	/* only allows one page from the head */

	if (vma->vm_pgoff > 0 || size != PAGE_SIZE)

		return -EIO;

	/* disallow writable mapping */

	if (vma->vm_flags & VM_WRITE)

		return -EPERM;

	/* disallow mprotect() turns it into writable */

	vma->vm_flags &= ~VM_MAYWRITE;

	return remap_pfn_range(vma, vma->vm_start,

			       page_to_pfn(status),

			       size, vma->vm_page_prot);

}

static const struct file_operations sel_handle_status_ops = {

	.open		= sel_open_handle_status,

	.read		= sel_read_handle_status,

	.mmap		= sel_mmap_handle_status,

	.llseek		= generic_file_llseek,

};

#ifdef CONFIG_SECURITY_SELINUX_DISABLE

static ssize_t sel_write_disable(struct file *file, const char __user *buf,

				 size_t count, loff_t *ppos)

		[SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR},

		[SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO},

		[SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO},

		[SEL_STATUS] = {"status", &sel_handle_status_ops, S_IRUGO},

		/* last one */ {""}

	};

	ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files);

EXTRA_CFLAGS += -Isecurity/selinux -Isecurity/selinux/include

obj-y := ss.o

ss-y := ebitmap.o hashtab.o symtab.o sidtab.o avtab.o policydb.o services.o conditional.o mls.o

ss-y := ebitmap.o hashtab.o symtab.o sidtab.o avtab.o policydb.o services.o conditional.o mls.o status.o

		selinux_complete_init();

		avc_ss_reset(seqno);

		selnl_notify_policyload(seqno);

		selinux_status_update_policyload(seqno);

		selinux_netlbl_cache_invalidate();

		selinux_xfrm_notify_policyload();

		return 0;

	avc_ss_reset(seqno);

	selnl_notify_policyload(seqno);

	selinux_status_update_policyload(seqno);

	selinux_netlbl_cache_invalidate();

	selinux_xfrm_notify_policyload();

	if (!rc) {

		avc_ss_reset(seqno);

		selnl_notify_policyload(seqno);

		selinux_status_update_policyload(seqno);

		selinux_xfrm_notify_policyload();

	}

	return rc;

/*

 * mmap based event notifications for SELinux

 *

 * Author: KaiGai Kohei <kaigai@ak.jp.nec.com>

 *

 * Copyright (C) 2010 NEC corporation

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2,

 * as published by the Free Software Foundation.

 */

#include <linux/kernel.h>

#include <linux/gfp.h>

#include <linux/mm.h>

#include <linux/mutex.h>

#include "avc.h"

#include "services.h"

/*

 * The selinux_status_page shall be exposed to userspace applications

 * using mmap interface on /selinux/status.

 * It enables to notify applications a few events that will cause reset

 * of userspace access vector without context switching.

 *

 * The selinux_kernel_status structure on the head of status page is

 * protected from concurrent accesses using seqlock logic, so userspace

 * application should reference the status page according to the seqlock

 * logic.

 *

 * Typically, application checks status->sequence at the head of access

 * control routine. If it is odd-number, kernel is updating the status,

 * so please wait for a moment. If it is changed from the last sequence

 * number, it means something happen, so application will reset userspace

 * avc, if needed.

 * In most cases, application shall confirm the kernel status is not

 * changed without any system call invocations.

 */

static struct page *selinux_status_page = NULL;

static DEFINE_MUTEX(selinux_status_lock);

/*

 * selinux_kernel_status_page

 *

 * It returns a reference to selinux_status_page. If the status page is

 * not allocated yet, it also tries to allocate it at the first time.

 */

struct page *selinux_kernel_status_page(void)

{

	struct selinux_kernel_status   *status;

	struct page		       *result = NULL;

	mutex_lock(&selinux_status_lock);

	if (!selinux_status_page)

	{

		selinux_status_page = alloc_page(GFP_KERNEL|__GFP_ZERO);

		if (selinux_status_page)

		{

			status = page_address(selinux_status_page);

			status->version = SELINUX_KERNEL_STATUS_VERSION;

			status->sequence = 0;

			status->enforcing = selinux_enforcing;

			/*

			 * NOTE: the next policyload event shall set

			 * a positive value on the status->policyload,

			 * although it may not be 1, but never zero.

			 * So, application can know it was updated.

			 */

			status->policyload = 0;

			status->deny_unknown = !security_get_allow_unknown();

		}

	}

	result = selinux_status_page;

	mutex_unlock(&selinux_status_lock);

	return result;

}

/*

 * selinux_status_update_setenforce

 *

 * It updates status of the current enforcing/permissive mode.

 */

void selinux_status_update_setenforce(int enforcing)

{

	struct selinux_kernel_status   *status;

	mutex_lock(&selinux_status_lock);

	if (selinux_status_page)

	{

		status = page_address(selinux_status_page);

		status->sequence++;

		smp_wmb();

		status->enforcing = enforcing;

		smp_wmb();

		status->sequence++;

	}

	mutex_unlock(&selinux_status_lock);

}

/*

 * selinux_status_update_policyload

 *

 * It updates status of the times of policy reloaded, and current

 * setting of deny_unknown.

 */

void selinux_status_update_policyload(int seqno)

{

	struct selinux_kernel_status   *status;

	mutex_lock(&selinux_status_lock);

	if (selinux_status_page)

	{

		status = page_address(selinux_status_page);

		status->sequence++;

		smp_wmb();

		status->policyload = seqno;

		status->deny_unknown = !security_get_allow_unknown();

		smp_wmb();

		status->sequence++;

	}

	mutex_unlock(&selinux_status_lock);

}