xref: /linux/security/security.c

99 static bool __init is_enabled(struct lsm_info *lsm)  in is_enabled()  argument
101 	if (!lsm->enabled)  in is_enabled()
104 	return *lsm->enabled;  in is_enabled()
110 static void __init set_enabled(struct lsm_info *lsm, bool enabled)  in set_enabled()  argument
116 	if (!lsm->enabled) {  in set_enabled()
118 			lsm->enabled = &lsm_enabled_true;  in set_enabled()
120 			lsm->enabled = &lsm_enabled_false;  in set_enabled()
121 	} else if (lsm->enabled == &lsm_enabled_true) {  in set_enabled()
123 			lsm->enabled = &lsm_enabled_false;  in set_enabled()
124 	} else if (lsm->enabled == &lsm_enabled_false) {  in set_enabled()
126 			lsm->enabled = &lsm_enabled_true;  in set_enabled()
128 		*lsm->enabled = enabled;  in set_enabled()
133 static bool __init exists_ordered_lsm(struct lsm_info *lsm)  in exists_ordered_lsm()  argument
138 		if (*check == lsm)  in exists_ordered_lsm()
146 static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from)  in append_ordered_lsm()  argument
149 	if (exists_ordered_lsm(lsm))  in append_ordered_lsm()
156 	if (!lsm->enabled)  in append_ordered_lsm()
157 		lsm->enabled = &lsm_enabled_true;  in append_ordered_lsm()
158 	ordered_lsms[last_lsm++] = lsm;  in append_ordered_lsm()
160 	init_debug("%s ordering: %s (%sabled)\n", from, lsm->name,  in append_ordered_lsm()
161 		   is_enabled(lsm) ? "en" : "dis");  in append_ordered_lsm()
165 static bool __init lsm_allowed(struct lsm_info *lsm)  in lsm_allowed()  argument
168 	if (!is_enabled(lsm))  in lsm_allowed()
172 	if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) {  in lsm_allowed()
173 		init_debug("exclusive disabled: %s\n", lsm->name);  in lsm_allowed()
212 static void __init prepare_lsm(struct lsm_info *lsm)  in prepare_lsm()  argument
214 	int enabled = lsm_allowed(lsm);  in prepare_lsm()
217 	set_enabled(lsm, enabled);  in prepare_lsm()
221 		if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) {  in prepare_lsm()
222 			exclusive = lsm;  in prepare_lsm()
223 			init_debug("exclusive chosen: %s\n", lsm->name);  in prepare_lsm()
226 		lsm_set_blob_sizes(lsm->blobs);  in prepare_lsm()
231 static void __init initialize_lsm(struct lsm_info *lsm)  in initialize_lsm()  argument
233 	if (is_enabled(lsm)) {  in initialize_lsm()
236 		init_debug("initializing %s\n", lsm->name);  in initialize_lsm()
237 		ret = lsm->init();  in initialize_lsm()
238 		WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret);  in initialize_lsm()
245 	struct lsm_info *lsm;  in ordered_lsm_parse()  local
249 	for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {  in ordered_lsm_parse()
250 		if (lsm->order == LSM_ORDER_FIRST)  in ordered_lsm_parse()
251 			append_ordered_lsm(lsm, "first");  in ordered_lsm_parse()
281 		for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {  in ordered_lsm_parse()
282 			if (lsm->order == LSM_ORDER_MUTABLE &&  in ordered_lsm_parse()
283 			    strcmp(lsm->name, name) == 0) {  in ordered_lsm_parse()
284 				append_ordered_lsm(lsm, origin);  in ordered_lsm_parse()
295 		for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {  in ordered_lsm_parse()
296 			if (exists_ordered_lsm(lsm))  in ordered_lsm_parse()
298 			if (strcmp(lsm->name, chosen_major_lsm) == 0)  in ordered_lsm_parse()
299 				append_ordered_lsm(lsm, "security=");  in ordered_lsm_parse()
304 	for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {  in ordered_lsm_parse()
305 		if (exists_ordered_lsm(lsm))  in ordered_lsm_parse()
307 		set_enabled(lsm, false);  in ordered_lsm_parse()
308 		init_debug("%s disabled: %s\n", origin, lsm->name);  in ordered_lsm_parse()
321 	struct lsm_info **lsm;  in ordered_lsm_init()  local
335 	for (lsm = ordered_lsms; *lsm; lsm++)  in ordered_lsm_init()
336 		prepare_lsm(*lsm);  in ordered_lsm_init()
360 	for (lsm = ordered_lsms; *lsm; lsm++)  in ordered_lsm_init()
361 		initialize_lsm(*lsm);  in ordered_lsm_init()
370 	struct lsm_info *lsm;  in early_security_init()  local
376 	for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) {  in early_security_init()
377 		if (!lsm->enabled)  in early_security_init()
378 			lsm->enabled = &lsm_enabled_true;  in early_security_init()
379 		prepare_lsm(lsm);  in early_security_init()
380 		initialize_lsm(lsm);  in early_security_init()
393 	struct lsm_info *lsm;  in security_init()  local
401 	for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) {  in security_init()
402 		if (lsm->enabled)  in security_init()
403 			lsm_append(lsm->name, &lsm_names);  in security_init()
436 static bool match_last_lsm(const char *list, const char *lsm)  in match_last_lsm()  argument
440 	if (WARN_ON(!list || !lsm))  in match_last_lsm()
448 	return !strcmp(last, lsm);  in match_last_lsm()
481 				char *lsm)  in security_add_hooks()  argument
486 		hooks[i].lsm = lsm;  in security_add_hooks()
495 		if (lsm_append(lsm, &lsm_names) < 0)  in security_add_hooks()
2044 int security_getprocattr(struct task_struct *p, const char *lsm, char *name,  in security_getprocattr()  argument
2050 		if (lsm != NULL && strcmp(lsm, hp->lsm))  in security_getprocattr()
2057 int security_setprocattr(const char *lsm, const char *name, void *value,  in security_setprocattr()  argument
2063 		if (lsm != NULL && strcmp(lsm, hp->lsm))  in security_setprocattr()

Last Index update Sat Jun 03 09:59:21 CST 2023