1 // SPDX-License-Identifier: GPL-2.0 <<
2 /* 1 /*
3 * security/tomoyo/realpath.c 2 * security/tomoyo/realpath.c
4 * 3 *
5 * Copyright (C) 2005-2011 NTT DATA CORPORATI 4 * Copyright (C) 2005-2011 NTT DATA CORPORATION
6 */ 5 */
7 6
8 #include "common.h" 7 #include "common.h"
9 #include <linux/magic.h> 8 #include <linux/magic.h>
10 #include <linux/proc_fs.h> <<
11 9
12 /** 10 /**
13 * tomoyo_encode2 - Encode binary string to as 11 * tomoyo_encode2 - Encode binary string to ascii string.
14 * 12 *
15 * @str: String in binary format. 13 * @str: String in binary format.
16 * @str_len: Size of @str in byte. 14 * @str_len: Size of @str in byte.
17 * 15 *
18 * Returns pointer to @str in ascii format on 16 * Returns pointer to @str in ascii format on success, NULL otherwise.
19 * 17 *
20 * This function uses kzalloc(), so caller mus 18 * This function uses kzalloc(), so caller must kfree() if this function
21 * didn't return NULL. 19 * didn't return NULL.
22 */ 20 */
23 char *tomoyo_encode2(const char *str, int str_ 21 char *tomoyo_encode2(const char *str, int str_len)
24 { 22 {
25 int i; 23 int i;
26 int len = 0; 24 int len = 0;
27 const char *p = str; 25 const char *p = str;
28 char *cp; 26 char *cp;
29 char *cp0; 27 char *cp0;
30 28
31 if (!p) 29 if (!p)
32 return NULL; 30 return NULL;
33 for (i = 0; i < str_len; i++) { 31 for (i = 0; i < str_len; i++) {
34 const unsigned char c = p[i]; 32 const unsigned char c = p[i];
35 33
36 if (c == '\\') 34 if (c == '\\')
37 len += 2; 35 len += 2;
38 else if (c > ' ' && c < 127) 36 else if (c > ' ' && c < 127)
39 len++; 37 len++;
40 else 38 else
41 len += 4; 39 len += 4;
42 } 40 }
43 len++; 41 len++;
44 /* Reserve space for appending "/". */ 42 /* Reserve space for appending "/". */
45 cp = kzalloc(len + 10, GFP_NOFS); 43 cp = kzalloc(len + 10, GFP_NOFS);
46 if (!cp) 44 if (!cp)
47 return NULL; 45 return NULL;
48 cp0 = cp; 46 cp0 = cp;
49 p = str; 47 p = str;
50 for (i = 0; i < str_len; i++) { 48 for (i = 0; i < str_len; i++) {
51 const unsigned char c = p[i]; 49 const unsigned char c = p[i];
52 50
53 if (c == '\\') { 51 if (c == '\\') {
54 *cp++ = '\\'; 52 *cp++ = '\\';
55 *cp++ = '\\'; 53 *cp++ = '\\';
56 } else if (c > ' ' && c < 127) 54 } else if (c > ' ' && c < 127) {
57 *cp++ = c; 55 *cp++ = c;
58 } else { 56 } else {
59 *cp++ = '\\'; 57 *cp++ = '\\';
60 *cp++ = (c >> 6) + ''; 58 *cp++ = (c >> 6) + '';
61 *cp++ = ((c >> 3) & 7) 59 *cp++ = ((c >> 3) & 7) + '';
62 *cp++ = (c & 7) + ''; 60 *cp++ = (c & 7) + '';
63 } 61 }
64 } 62 }
65 return cp0; 63 return cp0;
66 } 64 }
67 65
68 /** 66 /**
69 * tomoyo_encode - Encode binary string to asc 67 * tomoyo_encode - Encode binary string to ascii string.
70 * 68 *
71 * @str: String in binary format. 69 * @str: String in binary format.
72 * 70 *
73 * Returns pointer to @str in ascii format on 71 * Returns pointer to @str in ascii format on success, NULL otherwise.
74 * 72 *
75 * This function uses kzalloc(), so caller mus 73 * This function uses kzalloc(), so caller must kfree() if this function
76 * didn't return NULL. 74 * didn't return NULL.
77 */ 75 */
78 char *tomoyo_encode(const char *str) 76 char *tomoyo_encode(const char *str)
79 { 77 {
80 return str ? tomoyo_encode2(str, strle 78 return str ? tomoyo_encode2(str, strlen(str)) : NULL;
81 } 79 }
82 80
83 /** 81 /**
84 * tomoyo_get_absolute_path - Get the path of 82 * tomoyo_get_absolute_path - Get the path of a dentry but ignores chroot'ed root.
85 * 83 *
86 * @path: Pointer to "struct path". 84 * @path: Pointer to "struct path".
87 * @buffer: Pointer to buffer to return value 85 * @buffer: Pointer to buffer to return value in.
88 * @buflen: Sizeof @buffer. 86 * @buflen: Sizeof @buffer.
89 * 87 *
90 * Returns the buffer on success, an error cod 88 * Returns the buffer on success, an error code otherwise.
91 * 89 *
92 * If dentry is a directory, trailing '/' is a 90 * If dentry is a directory, trailing '/' is appended.
93 */ 91 */
94 static char *tomoyo_get_absolute_path(const st !! 92 static char *tomoyo_get_absolute_path(struct path *path, char * const buffer,
95 const in 93 const int buflen)
96 { 94 {
97 char *pos = ERR_PTR(-ENOMEM); 95 char *pos = ERR_PTR(-ENOMEM);
98 <<
99 if (buflen >= 256) { 96 if (buflen >= 256) {
100 /* go to whatever namespace ro 97 /* go to whatever namespace root we are under */
101 pos = d_absolute_path(path, bu 98 pos = d_absolute_path(path, buffer, buflen - 1);
102 if (!IS_ERR(pos) && *pos == '/ 99 if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
103 struct inode *inode = !! 100 struct inode *inode = path->dentry->d_inode;
104 <<
105 if (inode && S_ISDIR(i 101 if (inode && S_ISDIR(inode->i_mode)) {
106 buffer[buflen 102 buffer[buflen - 2] = '/';
107 buffer[buflen 103 buffer[buflen - 1] = '\0';
108 } 104 }
109 } 105 }
110 } 106 }
111 return pos; 107 return pos;
112 } 108 }
113 109
114 /** 110 /**
115 * tomoyo_get_dentry_path - Get the path of a 111 * tomoyo_get_dentry_path - Get the path of a dentry.
116 * 112 *
117 * @dentry: Pointer to "struct dentry". 113 * @dentry: Pointer to "struct dentry".
118 * @buffer: Pointer to buffer to return value 114 * @buffer: Pointer to buffer to return value in.
119 * @buflen: Sizeof @buffer. 115 * @buflen: Sizeof @buffer.
120 * 116 *
121 * Returns the buffer on success, an error cod 117 * Returns the buffer on success, an error code otherwise.
122 * 118 *
123 * If dentry is a directory, trailing '/' is a 119 * If dentry is a directory, trailing '/' is appended.
124 */ 120 */
125 static char *tomoyo_get_dentry_path(struct den 121 static char *tomoyo_get_dentry_path(struct dentry *dentry, char * const buffer,
126 const int 122 const int buflen)
127 { 123 {
128 char *pos = ERR_PTR(-ENOMEM); 124 char *pos = ERR_PTR(-ENOMEM);
129 <<
130 if (buflen >= 256) { 125 if (buflen >= 256) {
131 pos = dentry_path_raw(dentry, 126 pos = dentry_path_raw(dentry, buffer, buflen - 1);
132 if (!IS_ERR(pos) && *pos == '/ 127 if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
133 struct inode *inode = !! 128 struct inode *inode = dentry->d_inode;
134 <<
135 if (inode && S_ISDIR(i 129 if (inode && S_ISDIR(inode->i_mode)) {
136 buffer[buflen 130 buffer[buflen - 2] = '/';
137 buffer[buflen 131 buffer[buflen - 1] = '\0';
138 } 132 }
139 } 133 }
140 } 134 }
141 return pos; 135 return pos;
142 } 136 }
143 137
144 /** 138 /**
145 * tomoyo_get_local_path - Get the path of a d 139 * tomoyo_get_local_path - Get the path of a dentry.
146 * 140 *
147 * @dentry: Pointer to "struct dentry". 141 * @dentry: Pointer to "struct dentry".
148 * @buffer: Pointer to buffer to return value 142 * @buffer: Pointer to buffer to return value in.
149 * @buflen: Sizeof @buffer. 143 * @buflen: Sizeof @buffer.
150 * 144 *
151 * Returns the buffer on success, an error cod 145 * Returns the buffer on success, an error code otherwise.
152 */ 146 */
153 static char *tomoyo_get_local_path(struct dent 147 static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer,
154 const int b 148 const int buflen)
155 { 149 {
156 struct super_block *sb = dentry->d_sb; 150 struct super_block *sb = dentry->d_sb;
157 char *pos = tomoyo_get_dentry_path(den 151 char *pos = tomoyo_get_dentry_path(dentry, buffer, buflen);
158 <<
159 if (IS_ERR(pos)) 152 if (IS_ERR(pos))
160 return pos; 153 return pos;
161 /* Convert from $PID to self if $PID i 154 /* Convert from $PID to self if $PID is current thread. */
162 if (sb->s_magic == PROC_SUPER_MAGIC && 155 if (sb->s_magic == PROC_SUPER_MAGIC && *pos == '/') {
163 char *ep; 156 char *ep;
164 const pid_t pid = (pid_t) simp 157 const pid_t pid = (pid_t) simple_strtoul(pos + 1, &ep, 10);
165 struct pid_namespace *proc_pid <<
166 <<
167 if (*ep == '/' && pid && pid = 158 if (*ep == '/' && pid && pid ==
168 task_tgid_nr_ns(current, p !! 159 task_tgid_nr_ns(current, sb->s_fs_info)) {
169 pos = ep - 5; 160 pos = ep - 5;
170 if (pos < buffer) 161 if (pos < buffer)
171 goto out; 162 goto out;
172 memmove(pos, "/self", 163 memmove(pos, "/self", 5);
173 } 164 }
174 goto prepend_filesystem_name; 165 goto prepend_filesystem_name;
175 } 166 }
176 /* Use filesystem name for unnamed dev 167 /* Use filesystem name for unnamed devices. */
177 if (!MAJOR(sb->s_dev)) 168 if (!MAJOR(sb->s_dev))
178 goto prepend_filesystem_name; 169 goto prepend_filesystem_name;
179 { 170 {
180 struct inode *inode = d_backin !! 171 struct inode *inode = sb->s_root->d_inode;
181 <<
182 /* 172 /*
183 * Use filesystem name if file 173 * Use filesystem name if filesystem does not support rename()
184 * operation. 174 * operation.
185 */ 175 */
186 if (!inode->i_op->rename) !! 176 if (inode->i_op && !inode->i_op->rename)
187 goto prepend_filesyste 177 goto prepend_filesystem_name;
188 } 178 }
189 /* Prepend device name. */ 179 /* Prepend device name. */
190 { 180 {
191 char name[64]; 181 char name[64];
192 int name_len; 182 int name_len;
193 const dev_t dev = sb->s_dev; 183 const dev_t dev = sb->s_dev;
194 <<
195 name[sizeof(name) - 1] = '\0'; 184 name[sizeof(name) - 1] = '\0';
196 snprintf(name, sizeof(name) - 185 snprintf(name, sizeof(name) - 1, "dev(%u,%u):", MAJOR(dev),
197 MINOR(dev)); 186 MINOR(dev));
198 name_len = strlen(name); 187 name_len = strlen(name);
199 pos -= name_len; 188 pos -= name_len;
200 if (pos < buffer) 189 if (pos < buffer)
201 goto out; 190 goto out;
202 memmove(pos, name, name_len); 191 memmove(pos, name, name_len);
203 return pos; 192 return pos;
204 } 193 }
205 /* Prepend filesystem name. */ 194 /* Prepend filesystem name. */
206 prepend_filesystem_name: 195 prepend_filesystem_name:
207 { 196 {
208 const char *name = sb->s_type- 197 const char *name = sb->s_type->name;
209 const int name_len = strlen(na 198 const int name_len = strlen(name);
210 <<
211 pos -= name_len + 1; 199 pos -= name_len + 1;
212 if (pos < buffer) 200 if (pos < buffer)
213 goto out; 201 goto out;
214 memmove(pos, name, name_len); 202 memmove(pos, name, name_len);
215 pos[name_len] = ':'; 203 pos[name_len] = ':';
216 } 204 }
217 return pos; 205 return pos;
218 out: 206 out:
219 return ERR_PTR(-ENOMEM); 207 return ERR_PTR(-ENOMEM);
220 } 208 }
221 209
222 /** 210 /**
>> 211 * tomoyo_get_socket_name - Get the name of a socket.
>> 212 *
>> 213 * @path: Pointer to "struct path".
>> 214 * @buffer: Pointer to buffer to return value in.
>> 215 * @buflen: Sizeof @buffer.
>> 216 *
>> 217 * Returns the buffer.
>> 218 */
>> 219 static char *tomoyo_get_socket_name(struct path *path, char * const buffer,
>> 220 const int buflen)
>> 221 {
>> 222 struct inode *inode = path->dentry->d_inode;
>> 223 struct socket *sock = inode ? SOCKET_I(inode) : NULL;
>> 224 struct sock *sk = sock ? sock->sk : NULL;
>> 225 if (sk) {
>> 226 snprintf(buffer, buflen, "socket:[family=%u:type=%u:"
>> 227 "protocol=%u]", sk->sk_family, sk->sk_type,
>> 228 sk->sk_protocol);
>> 229 } else {
>> 230 snprintf(buffer, buflen, "socket:[unknown]");
>> 231 }
>> 232 return buffer;
>> 233 }
>> 234
>> 235 /**
223 * tomoyo_realpath_from_path - Returns realpat 236 * tomoyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root.
224 * 237 *
225 * @path: Pointer to "struct path". 238 * @path: Pointer to "struct path".
226 * 239 *
227 * Returns the realpath of the given @path on 240 * Returns the realpath of the given @path on success, NULL otherwise.
228 * 241 *
229 * If dentry is a directory, trailing '/' is a 242 * If dentry is a directory, trailing '/' is appended.
230 * Characters out of 0x20 < c < 0x7F range are 243 * Characters out of 0x20 < c < 0x7F range are converted to
231 * \ooo style octal string. 244 * \ooo style octal string.
232 * Character \ is converted to \\ string. 245 * Character \ is converted to \\ string.
233 * 246 *
234 * These functions use kzalloc(), so the calle 247 * These functions use kzalloc(), so the caller must call kfree()
235 * if these functions didn't return NULL. 248 * if these functions didn't return NULL.
236 */ 249 */
237 char *tomoyo_realpath_from_path(const struct p !! 250 char *tomoyo_realpath_from_path(struct path *path)
238 { 251 {
239 char *buf = NULL; 252 char *buf = NULL;
240 char *name = NULL; 253 char *name = NULL;
241 unsigned int buf_len = PAGE_SIZE / 2; 254 unsigned int buf_len = PAGE_SIZE / 2;
242 struct dentry *dentry = path->dentry; 255 struct dentry *dentry = path->dentry;
243 struct super_block *sb = dentry->d_sb; !! 256 struct super_block *sb;
244 !! 257 if (!dentry)
>> 258 return NULL;
>> 259 sb = dentry->d_sb;
245 while (1) { 260 while (1) {
246 char *pos; 261 char *pos;
247 struct inode *inode; 262 struct inode *inode;
248 <<
249 buf_len <<= 1; 263 buf_len <<= 1;
250 kfree(buf); 264 kfree(buf);
251 buf = kmalloc(buf_len, GFP_NOF 265 buf = kmalloc(buf_len, GFP_NOFS);
252 if (!buf) 266 if (!buf)
253 break; 267 break;
254 /* To make sure that pos is '\ 268 /* To make sure that pos is '\0' terminated. */
255 buf[buf_len - 1] = '\0'; 269 buf[buf_len - 1] = '\0';
256 /* For "pipe:[\$]" and "socket !! 270 /* Get better name for socket. */
>> 271 if (sb->s_magic == SOCKFS_MAGIC) {
>> 272 pos = tomoyo_get_socket_name(path, buf, buf_len - 1);
>> 273 goto encode;
>> 274 }
>> 275 /* For "pipe:[\$]". */
257 if (dentry->d_op && dentry->d_ 276 if (dentry->d_op && dentry->d_op->d_dname) {
258 pos = dentry->d_op->d_ 277 pos = dentry->d_op->d_dname(dentry, buf, buf_len - 1);
259 goto encode; 278 goto encode;
260 } 279 }
261 inode = d_backing_inode(sb->s_ !! 280 inode = sb->s_root->d_inode;
262 /* 281 /*
263 * Get local name for filesyst 282 * Get local name for filesystems without rename() operation
>> 283 * or dentry without vfsmount.
264 */ 284 */
265 if ((!inode->i_op->rename && !! 285 if (!path->mnt || (inode->i_op && !inode->i_op->rename))
266 !(sb->s_type->fs_flags & <<
267 pos = tomoyo_get_local 286 pos = tomoyo_get_local_path(path->dentry, buf,
268 287 buf_len - 1);
269 /* Get absolute name for the r 288 /* Get absolute name for the rest. */
270 else { 289 else {
271 pos = tomoyo_get_absol 290 pos = tomoyo_get_absolute_path(path, buf, buf_len - 1);
272 /* 291 /*
273 * Fall back to local 292 * Fall back to local name if absolute name is not
274 * available. 293 * available.
275 */ 294 */
276 if (pos == ERR_PTR(-EI 295 if (pos == ERR_PTR(-EINVAL))
277 pos = tomoyo_g 296 pos = tomoyo_get_local_path(path->dentry, buf,
278 297 buf_len - 1);
279 } 298 }
280 encode: 299 encode:
281 if (IS_ERR(pos)) 300 if (IS_ERR(pos))
282 continue; 301 continue;
283 name = tomoyo_encode(pos); 302 name = tomoyo_encode(pos);
284 break; 303 break;
285 } 304 }
286 kfree(buf); 305 kfree(buf);
287 if (!name) 306 if (!name)
288 tomoyo_warn_oom(__func__); 307 tomoyo_warn_oom(__func__);
289 return name; 308 return name;
290 } 309 }
291 310
292 /** 311 /**
293 * tomoyo_realpath_nofollow - Get realpath of 312 * tomoyo_realpath_nofollow - Get realpath of a pathname.
294 * 313 *
295 * @pathname: The pathname to solve. 314 * @pathname: The pathname to solve.
296 * 315 *
297 * Returns the realpath of @pathname on succes 316 * Returns the realpath of @pathname on success, NULL otherwise.
298 */ 317 */
299 char *tomoyo_realpath_nofollow(const char *pat 318 char *tomoyo_realpath_nofollow(const char *pathname)
300 { 319 {
301 struct path path; 320 struct path path;
302 321
303 if (pathname && kern_path(pathname, 0, 322 if (pathname && kern_path(pathname, 0, &path) == 0) {
304 char *buf = tomoyo_realpath_fr 323 char *buf = tomoyo_realpath_from_path(&path);
305 <<
306 path_put(&path); 324 path_put(&path);
307 return buf; 325 return buf;
308 } 326 }
309 return NULL; 327 return NULL;
310 } 328 }
311 329
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.