1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* CacheFiles security management
3  *
4  * Copyright (C) 2007, 2021 Red Hat, Inc. All Rights Reserved.
5  * Written by David Howells (dhowells@redhat.com)
6  */
7 
8 #include <linux/fs.h>
9 #include <linux/cred.h>
10 #include "internal.h"
11 
12 /*
13  * determine the security context within which we access the cache from within
14  * the kernel
15  */
cachefiles_get_security_ID(struct cachefiles_cache * cache)16 int cachefiles_get_security_ID(struct cachefiles_cache *cache)
17 {
18 	struct cred *new;
19 	int ret;
20 
21 	_enter("{%s}", cache->secctx);
22 
23 	new = prepare_kernel_cred(current);
24 	if (!new) {
25 		ret = -ENOMEM;
26 		goto error;
27 	}
28 
29 	if (cache->secctx) {
30 		ret = set_security_override_from_ctx(new, cache->secctx);
31 		if (ret < 0) {
32 			put_cred(new);
33 			pr_err("Security denies permission to nominate security context: error %d\n",
34 			       ret);
35 			goto error;
36 		}
37 	}
38 
39 	cache->cache_cred = new;
40 	ret = 0;
41 error:
42 	_leave(" = %d", ret);
43 	return ret;
44 }
45 
46 /*
47  * see if mkdir and create can be performed in the root directory
48  */
cachefiles_check_cache_dir(struct cachefiles_cache * cache,struct dentry * root)49 static int cachefiles_check_cache_dir(struct cachefiles_cache *cache,
50 				      struct dentry *root)
51 {
52 	int ret;
53 
54 	ret = security_inode_mkdir(d_backing_inode(root), root, 0);
55 	if (ret < 0) {
56 		pr_err("Security denies permission to make dirs: error %d",
57 		       ret);
58 		return ret;
59 	}
60 
61 	ret = security_inode_create(d_backing_inode(root), root, 0);
62 	if (ret < 0)
63 		pr_err("Security denies permission to create files: error %d",
64 		       ret);
65 
66 	return ret;
67 }
68 
69 /*
70  * check the security details of the on-disk cache
71  * - must be called with security override in force
72  * - must return with a security override in force - even in the case of an
73  *   error
74  */
cachefiles_determine_cache_security(struct cachefiles_cache * cache,struct dentry * root,const struct cred ** _saved_cred)75 int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
76 					struct dentry *root,
77 					const struct cred **_saved_cred)
78 {
79 	struct cred *new;
80 	int ret;
81 
82 	_enter("");
83 
84 	/* duplicate the cache creds for COW (the override is currently in
85 	 * force, so we can use prepare_creds() to do this) */
86 	new = prepare_creds();
87 	if (!new)
88 		return -ENOMEM;
89 
90 	cachefiles_end_secure(cache, *_saved_cred);
91 
92 	/* use the cache root dir's security context as the basis with
93 	 * which create files */
94 	ret = set_create_files_as(new, d_backing_inode(root));
95 	if (ret < 0) {
96 		abort_creds(new);
97 		cachefiles_begin_secure(cache, _saved_cred);
98 		_leave(" = %d [cfa]", ret);
99 		return ret;
100 	}
101 
102 	put_cred(cache->cache_cred);
103 	cache->cache_cred = new;
104 
105 	cachefiles_begin_secure(cache, _saved_cred);
106 	ret = cachefiles_check_cache_dir(cache, root);
107 
108 	if (ret == -EOPNOTSUPP)
109 		ret = 0;
110 	_leave(" = %d", ret);
111 	return ret;
112 }
113