| Tetsuo Handa | c3ef150 | 2010-05-17 10:12:46 +0900 | [diff] [blame] | 1 | /* |
| 2 | * security/tomoyo/load_policy.c |
| 3 | * |
| 4 | * Policy loader launcher for TOMOYO. |
| 5 | * |
| 6 | * Copyright (C) 2005-2010 NTT DATA CORPORATION |
| 7 | */ |
| 8 | |
| 9 | #include "common.h" |
| 10 | |
| 11 | /* path to policy loader */ |
| 12 | static const char *tomoyo_loader = "/sbin/tomoyo-init"; |
| 13 | |
| 14 | /** |
| 15 | * tomoyo_policy_loader_exists - Check whether /sbin/tomoyo-init exists. |
| 16 | * |
| 17 | * Returns true if /sbin/tomoyo-init exists, false otherwise. |
| 18 | */ |
| 19 | static bool tomoyo_policy_loader_exists(void) |
| 20 | { |
| 21 | /* |
| 22 | * Don't activate MAC if the policy loader doesn't exist. |
| 23 | * If the initrd includes /sbin/init but real-root-dev has not |
| 24 | * mounted on / yet, activating MAC will block the system since |
| 25 | * policies are not loaded yet. |
| 26 | * Thus, let do_execve() call this function everytime. |
| 27 | */ |
| 28 | struct path path; |
| 29 | |
| 30 | if (kern_path(tomoyo_loader, LOOKUP_FOLLOW, &path)) { |
| 31 | printk(KERN_INFO "Not activating Mandatory Access Control now " |
| 32 | "since %s doesn't exist.\n", tomoyo_loader); |
| 33 | return false; |
| 34 | } |
| 35 | path_put(&path); |
| 36 | return true; |
| 37 | } |
| 38 | |
| 39 | /** |
| 40 | * tomoyo_load_policy - Run external policy loader to load policy. |
| 41 | * |
| 42 | * @filename: The program about to start. |
| 43 | * |
| 44 | * This function checks whether @filename is /sbin/init , and if so |
| 45 | * invoke /sbin/tomoyo-init and wait for the termination of /sbin/tomoyo-init |
| 46 | * and then continues invocation of /sbin/init. |
| 47 | * /sbin/tomoyo-init reads policy files in /etc/tomoyo/ directory and |
| 48 | * writes to /sys/kernel/security/tomoyo/ interfaces. |
| 49 | * |
| 50 | * Returns nothing. |
| 51 | */ |
| 52 | void tomoyo_load_policy(const char *filename) |
| 53 | { |
| 54 | char *argv[2]; |
| 55 | char *envp[3]; |
| 56 | |
| 57 | if (tomoyo_policy_loaded) |
| 58 | return; |
| 59 | /* |
| 60 | * Check filename is /sbin/init or /sbin/tomoyo-start. |
| 61 | * /sbin/tomoyo-start is a dummy filename in case where /sbin/init can't |
| 62 | * be passed. |
| 63 | * You can create /sbin/tomoyo-start by |
| 64 | * "ln -s /bin/true /sbin/tomoyo-start". |
| 65 | */ |
| 66 | if (strcmp(filename, "/sbin/init") && |
| 67 | strcmp(filename, "/sbin/tomoyo-start")) |
| 68 | return; |
| 69 | if (!tomoyo_policy_loader_exists()) |
| 70 | return; |
| 71 | |
| 72 | printk(KERN_INFO "Calling %s to load policy. Please wait.\n", |
| 73 | tomoyo_loader); |
| 74 | argv[0] = (char *) tomoyo_loader; |
| 75 | argv[1] = NULL; |
| 76 | envp[0] = "HOME=/"; |
| 77 | envp[1] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin"; |
| 78 | envp[2] = NULL; |
| 79 | call_usermodehelper(argv[0], argv, envp, 1); |
| 80 | tomoyo_check_profile(); |
| 81 | } |