mdp.c 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. *
  4. * mdp - make dummy policy
  5. *
  6. * When pointed at a kernel tree, builds a dummy policy for that kernel
  7. * with exactly one type with full rights to itself.
  8. *
  9. * Copyright (C) IBM Corporation, 2006
  10. *
  11. * Authors: Serge E. Hallyn <serue@us.ibm.com>
  12. */
  13. #include <stdio.h>
  14. #include <stdlib.h>
  15. #include <unistd.h>
  16. #include <string.h>
  17. #include <linux/kconfig.h>
  18. static void usage(char *name)
  19. {
  20. printf("usage: %s [-m] policy_file context_file\n", name);
  21. exit(1);
  22. }
  23. /* Class/perm mapping support */
  24. struct security_class_mapping {
  25. const char *name;
  26. const char *perms[sizeof(unsigned) * 8 + 1];
  27. };
  28. #include "classmap.h"
  29. #include "initial_sid_to_string.h"
  30. #include "policycap_names.h"
  31. #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
  32. int main(int argc, char *argv[])
  33. {
  34. int i, j, mls = 0;
  35. int initial_sid_to_string_len;
  36. char **arg, *polout, *ctxout;
  37. FILE *fout;
  38. if (argc < 3)
  39. usage(argv[0]);
  40. arg = argv+1;
  41. if (argc==4 && strcmp(argv[1], "-m") == 0) {
  42. mls = 1;
  43. arg++;
  44. }
  45. polout = *arg++;
  46. ctxout = *arg;
  47. fout = fopen(polout, "w");
  48. if (!fout) {
  49. printf("Could not open %s for writing\n", polout);
  50. usage(argv[0]);
  51. }
  52. /* print out the classes */
  53. for (i = 0; secclass_map[i].name; i++)
  54. fprintf(fout, "class %s\n", secclass_map[i].name);
  55. fprintf(fout, "\n");
  56. initial_sid_to_string_len = sizeof(initial_sid_to_string) / sizeof (char *);
  57. /* print out the sids */
  58. for (i = 1; i < initial_sid_to_string_len; i++) {
  59. const char *name = initial_sid_to_string[i];
  60. if (name)
  61. fprintf(fout, "sid %s\n", name);
  62. else
  63. fprintf(fout, "sid unused%d\n", i);
  64. }
  65. fprintf(fout, "\n");
  66. /* print out the class permissions */
  67. for (i = 0; secclass_map[i].name; i++) {
  68. const struct security_class_mapping *map = &secclass_map[i];
  69. fprintf(fout, "class %s\n", map->name);
  70. fprintf(fout, "{\n");
  71. for (j = 0; map->perms[j]; j++)
  72. fprintf(fout, "\t%s\n", map->perms[j]);
  73. fprintf(fout, "}\n\n");
  74. }
  75. fprintf(fout, "\n");
  76. /* print out mls declarations and constraints */
  77. if (mls) {
  78. fprintf(fout, "sensitivity s0;\n");
  79. fprintf(fout, "sensitivity s1;\n");
  80. fprintf(fout, "dominance { s0 s1 }\n");
  81. fprintf(fout, "category c0;\n");
  82. fprintf(fout, "category c1;\n");
  83. fprintf(fout, "level s0:c0.c1;\n");
  84. fprintf(fout, "level s1:c0.c1;\n");
  85. #define SYSTEMLOW "s0"
  86. #define SYSTEMHIGH "s1:c0.c1"
  87. for (i = 0; secclass_map[i].name; i++) {
  88. const struct security_class_mapping *map = &secclass_map[i];
  89. fprintf(fout, "mlsconstrain %s {\n", map->name);
  90. for (j = 0; map->perms[j]; j++)
  91. fprintf(fout, "\t%s\n", map->perms[j]);
  92. /*
  93. * This requires all subjects and objects to be
  94. * single-level (l2 eq h2), and that the subject
  95. * level dominate the object level (h1 dom h2)
  96. * in order to have any permissions to it.
  97. */
  98. fprintf(fout, "} (l2 eq h2 and h1 dom h2);\n\n");
  99. }
  100. }
  101. /* enable all policy capabilities */
  102. for (i = 0; i < ARRAY_SIZE(selinux_policycap_names); i++)
  103. fprintf(fout, "policycap %s;\n", selinux_policycap_names[i]);
  104. /* types, roles, and allows */
  105. fprintf(fout, "type base_t;\n");
  106. fprintf(fout, "role base_r;\n");
  107. fprintf(fout, "role base_r types { base_t };\n");
  108. for (i = 0; secclass_map[i].name; i++)
  109. fprintf(fout, "allow base_t base_t:%s *;\n",
  110. secclass_map[i].name);
  111. fprintf(fout, "user user_u roles { base_r }");
  112. if (mls)
  113. fprintf(fout, " level %s range %s - %s", SYSTEMLOW,
  114. SYSTEMLOW, SYSTEMHIGH);
  115. fprintf(fout, ";\n");
  116. #define SUBJUSERROLETYPE "user_u:base_r:base_t"
  117. #define OBJUSERROLETYPE "user_u:object_r:base_t"
  118. /* default sids */
  119. for (i = 1; i < initial_sid_to_string_len; i++) {
  120. const char *name = initial_sid_to_string[i];
  121. if (name)
  122. fprintf(fout, "sid %s ", name);
  123. else
  124. fprintf(fout, "sid unused%d\n", i);
  125. fprintf(fout, SUBJUSERROLETYPE "%s\n",
  126. mls ? ":" SYSTEMLOW : "");
  127. }
  128. fprintf(fout, "\n");
  129. #define FS_USE(behavior, fstype) \
  130. fprintf(fout, "fs_use_%s %s " OBJUSERROLETYPE "%s;\n", \
  131. behavior, fstype, mls ? ":" SYSTEMLOW : "")
  132. /*
  133. * Filesystems whose inode labels can be fetched via getxattr.
  134. */
  135. #ifdef CONFIG_EXT2_FS_SECURITY
  136. FS_USE("xattr", "ext2");
  137. #endif
  138. #ifdef CONFIG_EXT4_FS_SECURITY
  139. #ifdef CONFIG_EXT4_USE_FOR_EXT2
  140. FS_USE("xattr", "ext2");
  141. #endif
  142. FS_USE("xattr", "ext3");
  143. FS_USE("xattr", "ext4");
  144. #endif
  145. #ifdef CONFIG_JFS_SECURITY
  146. FS_USE("xattr", "jfs");
  147. #endif
  148. #ifdef CONFIG_JFFS2_FS_SECURITY
  149. FS_USE("xattr", "jffs2");
  150. #endif
  151. #ifdef CONFIG_XFS_FS
  152. FS_USE("xattr", "xfs");
  153. #endif
  154. #ifdef CONFIG_GFS2_FS
  155. FS_USE("xattr", "gfs2");
  156. #endif
  157. #ifdef CONFIG_BTRFS_FS
  158. FS_USE("xattr", "btrfs");
  159. #endif
  160. #ifdef CONFIG_F2FS_FS_SECURITY
  161. FS_USE("xattr", "f2fs");
  162. #endif
  163. #ifdef CONFIG_OCFS2_FS
  164. FS_USE("xattr", "ocsfs2");
  165. #endif
  166. #ifdef CONFIG_OVERLAY_FS
  167. FS_USE("xattr", "overlay");
  168. #endif
  169. #ifdef CONFIG_SQUASHFS_XATTR
  170. FS_USE("xattr", "squashfs");
  171. #endif
  172. /*
  173. * Filesystems whose inodes are labeled from allocating task.
  174. */
  175. FS_USE("task", "pipefs");
  176. FS_USE("task", "sockfs");
  177. /*
  178. * Filesystems whose inode labels are computed from both
  179. * the allocating task and the superblock label.
  180. */
  181. #ifdef CONFIG_UNIX98_PTYS
  182. FS_USE("trans", "devpts");
  183. #endif
  184. #ifdef CONFIG_HUGETLBFS
  185. FS_USE("trans", "hugetlbfs");
  186. #endif
  187. #ifdef CONFIG_TMPFS
  188. FS_USE("trans", "tmpfs");
  189. #endif
  190. #ifdef CONFIG_DEVTMPFS
  191. FS_USE("trans", "devtmpfs");
  192. #endif
  193. #ifdef CONFIG_POSIX_MQUEUE
  194. FS_USE("trans", "mqueue");
  195. #endif
  196. #define GENFSCON(fstype, prefix) \
  197. fprintf(fout, "genfscon %s %s " OBJUSERROLETYPE "%s\n", \
  198. fstype, prefix, mls ? ":" SYSTEMLOW : "")
  199. /*
  200. * Filesystems whose inodes are labeled from path prefix match
  201. * relative to the filesystem root. Depending on the filesystem,
  202. * only a single label for all inodes may be supported. Here
  203. * we list the filesystem types for which per-file labeling is
  204. * supported using genfscon; any other filesystem type can also
  205. * be added by only with a single entry for all of its inodes.
  206. */
  207. #ifdef CONFIG_PROC_FS
  208. GENFSCON("proc", "/");
  209. #endif
  210. #ifdef CONFIG_SECURITY_SELINUX
  211. GENFSCON("selinuxfs", "/");
  212. #endif
  213. #ifdef CONFIG_SYSFS
  214. GENFSCON("sysfs", "/");
  215. #endif
  216. #ifdef CONFIG_DEBUG_FS
  217. GENFSCON("debugfs", "/");
  218. #endif
  219. #ifdef CONFIG_TRACING
  220. GENFSCON("tracefs", "/");
  221. #endif
  222. #ifdef CONFIG_PSTORE
  223. GENFSCON("pstore", "/");
  224. #endif
  225. GENFSCON("cgroup", "/");
  226. GENFSCON("cgroup2", "/");
  227. fclose(fout);
  228. fout = fopen(ctxout, "w");
  229. if (!fout) {
  230. printf("Wrote policy, but cannot open %s for writing\n", ctxout);
  231. usage(argv[0]);
  232. }
  233. fprintf(fout, "/ " OBJUSERROLETYPE "%s\n", mls ? ":" SYSTEMLOW : "");
  234. fprintf(fout, "/.* " OBJUSERROLETYPE "%s\n", mls ? ":" SYSTEMLOW : "");
  235. fclose(fout);
  236. return 0;
  237. }