Branch data Line data Source code
1 : : /*
2 : : * inode.c - securityfs
3 : : *
4 : : * Copyright (C) 2005 Greg Kroah-Hartman <gregkh@suse.de>
5 : : *
6 : : * This program is free software; you can redistribute it and/or
7 : : * modify it under the terms of the GNU General Public License version
8 : : * 2 as published by the Free Software Foundation.
9 : : *
10 : : * Based on fs/debugfs/inode.c which had the following copyright notice:
11 : : * Copyright (C) 2004 Greg Kroah-Hartman <greg@kroah.com>
12 : : * Copyright (C) 2004 IBM Inc.
13 : : */
14 : :
15 : : /* #define DEBUG */
16 : : #include <linux/module.h>
17 : : #include <linux/fs.h>
18 : : #include <linux/mount.h>
19 : : #include <linux/pagemap.h>
20 : : #include <linux/init.h>
21 : : #include <linux/namei.h>
22 : : #include <linux/security.h>
23 : : #include <linux/magic.h>
24 : :
25 : : static struct vfsmount *mount;
26 : : static int mount_count;
27 : :
28 : : static inline int positive(struct dentry *dentry)
29 : : {
30 [ # # ][ # # ]: 0 : return dentry->d_inode && !d_unhashed(dentry);
31 : : }
32 : :
33 : 0 : static int fill_super(struct super_block *sb, void *data, int silent)
34 : : {
35 : : static struct tree_descr files[] = {{""}};
36 : :
37 : 0 : return simple_fill_super(sb, SECURITYFS_MAGIC, files);
38 : : }
39 : :
40 : 0 : static struct dentry *get_sb(struct file_system_type *fs_type,
41 : : int flags, const char *dev_name,
42 : : void *data)
43 : : {
44 : 0 : return mount_single(fs_type, flags, data, fill_super);
45 : : }
46 : :
47 : : static struct file_system_type fs_type = {
48 : : .owner = THIS_MODULE,
49 : : .name = "securityfs",
50 : : .mount = get_sb,
51 : : .kill_sb = kill_litter_super,
52 : : };
53 : :
54 : : /**
55 : : * securityfs_create_file - create a file in the securityfs filesystem
56 : : *
57 : : * @name: a pointer to a string containing the name of the file to create.
58 : : * @mode: the permission that the file should have
59 : : * @parent: a pointer to the parent dentry for this file. This should be a
60 : : * directory dentry if set. If this parameter is %NULL, then the
61 : : * file will be created in the root of the securityfs filesystem.
62 : : * @data: a pointer to something that the caller will want to get to later
63 : : * on. The inode.i_private pointer will point to this value on
64 : : * the open() call.
65 : : * @fops: a pointer to a struct file_operations that should be used for
66 : : * this file.
67 : : *
68 : : * This is the basic "create a file" function for securityfs. It allows for a
69 : : * wide range of flexibility in creating a file, or a directory (if you
70 : : * want to create a directory, the securityfs_create_dir() function is
71 : : * recommended to be used instead).
72 : : *
73 : : * This function returns a pointer to a dentry if it succeeds. This
74 : : * pointer must be passed to the securityfs_remove() function when the file is
75 : : * to be removed (no automatic cleanup happens if your module is unloaded,
76 : : * you are responsible here). If an error occurs, the function will return
77 : : * the erorr value (via ERR_PTR).
78 : : *
79 : : * If securityfs is not enabled in the kernel, the value %-ENODEV is
80 : : * returned.
81 : : */
82 : 0 : struct dentry *securityfs_create_file(const char *name, umode_t mode,
83 : : struct dentry *parent, void *data,
84 : : const struct file_operations *fops)
85 : : {
86 : : struct dentry *dentry;
87 : 0 : int is_dir = S_ISDIR(mode);
88 : : struct inode *dir, *inode;
89 : : int error;
90 : :
91 [ # # ]: 0 : if (!is_dir) {
92 [ # # ]: 0 : BUG_ON(!fops);
93 : 0 : mode = (mode & S_IALLUGO) | S_IFREG;
94 : : }
95 : :
96 : : pr_debug("securityfs: creating file '%s'\n",name);
97 : :
98 : 0 : error = simple_pin_fs(&fs_type, &mount, &mount_count);
99 [ # # ]: 0 : if (error)
100 : 0 : return ERR_PTR(error);
101 : :
102 [ # # ]: 0 : if (!parent)
103 : 0 : parent = mount->mnt_root;
104 : :
105 : 0 : dir = parent->d_inode;
106 : :
107 : 0 : mutex_lock(&dir->i_mutex);
108 : 0 : dentry = lookup_one_len(name, parent, strlen(name));
109 [ # # ]: 0 : if (IS_ERR(dentry))
110 : : goto out;
111 : :
112 [ # # ]: 0 : if (dentry->d_inode) {
113 : : error = -EEXIST;
114 : : goto out1;
115 : : }
116 : :
117 : 0 : inode = new_inode(dir->i_sb);
118 [ # # ]: 0 : if (!inode) {
119 : : error = -ENOMEM;
120 : : goto out1;
121 : : }
122 : :
123 : 0 : inode->i_ino = get_next_ino();
124 : 0 : inode->i_mode = mode;
125 : 0 : inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
126 : 0 : inode->i_private = data;
127 [ # # ]: 0 : if (is_dir) {
128 : 0 : inode->i_op = &simple_dir_inode_operations;
129 : 0 : inode->i_fop = &simple_dir_operations;
130 : 0 : inc_nlink(inode);
131 : 0 : inc_nlink(dir);
132 : : } else {
133 : 0 : inode->i_fop = fops;
134 : : }
135 : 0 : d_instantiate(dentry, inode);
136 : : dget(dentry);
137 : 0 : mutex_unlock(&dir->i_mutex);
138 : 0 : return dentry;
139 : :
140 : : out1:
141 : 0 : dput(dentry);
142 : : dentry = ERR_PTR(error);
143 : : out:
144 : 0 : mutex_unlock(&dir->i_mutex);
145 : 0 : simple_release_fs(&mount, &mount_count);
146 : 0 : return dentry;
147 : : }
148 : : EXPORT_SYMBOL_GPL(securityfs_create_file);
149 : :
150 : : /**
151 : : * securityfs_create_dir - create a directory in the securityfs filesystem
152 : : *
153 : : * @name: a pointer to a string containing the name of the directory to
154 : : * create.
155 : : * @parent: a pointer to the parent dentry for this file. This should be a
156 : : * directory dentry if set. If this parameter is %NULL, then the
157 : : * directory will be created in the root of the securityfs filesystem.
158 : : *
159 : : * This function creates a directory in securityfs with the given @name.
160 : : *
161 : : * This function returns a pointer to a dentry if it succeeds. This
162 : : * pointer must be passed to the securityfs_remove() function when the file is
163 : : * to be removed (no automatic cleanup happens if your module is unloaded,
164 : : * you are responsible here). If an error occurs, %NULL will be returned.
165 : : *
166 : : * If securityfs is not enabled in the kernel, the value %-ENODEV is
167 : : * returned. It is not wise to check for this value, but rather, check for
168 : : * %NULL or !%NULL instead as to eliminate the need for #ifdef in the calling
169 : : * code.
170 : : */
171 : 0 : struct dentry *securityfs_create_dir(const char *name, struct dentry *parent)
172 : : {
173 : 0 : return securityfs_create_file(name,
174 : : S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO,
175 : : parent, NULL, NULL);
176 : : }
177 : : EXPORT_SYMBOL_GPL(securityfs_create_dir);
178 : :
179 : : /**
180 : : * securityfs_remove - removes a file or directory from the securityfs filesystem
181 : : *
182 : : * @dentry: a pointer to a the dentry of the file or directory to be removed.
183 : : *
184 : : * This function removes a file or directory in securityfs that was previously
185 : : * created with a call to another securityfs function (like
186 : : * securityfs_create_file() or variants thereof.)
187 : : *
188 : : * This function is required to be called in order for the file to be
189 : : * removed. No automatic cleanup of files will happen when a module is
190 : : * removed; you are responsible here.
191 : : */
192 : 0 : void securityfs_remove(struct dentry *dentry)
193 : : {
194 : : struct dentry *parent;
195 : :
196 [ # # ][ # # ]: 0 : if (!dentry || IS_ERR(dentry))
197 : : return;
198 : :
199 : 0 : parent = dentry->d_parent;
200 [ # # ][ # # ]: 0 : if (!parent || !parent->d_inode)
201 : : return;
202 : :
203 : 0 : mutex_lock(&parent->d_inode->i_mutex);
204 [ # # ]: 0 : if (positive(dentry)) {
205 [ # # ]: 0 : if (dentry->d_inode) {
206 [ # # ]: 0 : if (S_ISDIR(dentry->d_inode->i_mode))
207 : 0 : simple_rmdir(parent->d_inode, dentry);
208 : : else
209 : 0 : simple_unlink(parent->d_inode, dentry);
210 : 0 : dput(dentry);
211 : : }
212 : : }
213 : 0 : mutex_unlock(&parent->d_inode->i_mutex);
214 : 0 : simple_release_fs(&mount, &mount_count);
215 : : }
216 : : EXPORT_SYMBOL_GPL(securityfs_remove);
217 : :
218 : : static struct kobject *security_kobj;
219 : :
220 : 0 : static int __init securityfs_init(void)
221 : : {
222 : : int retval;
223 : :
224 : 0 : security_kobj = kobject_create_and_add("security", kernel_kobj);
225 [ # # ]: 0 : if (!security_kobj)
226 : : return -EINVAL;
227 : :
228 : 0 : retval = register_filesystem(&fs_type);
229 [ # # ]: 0 : if (retval)
230 : 0 : kobject_put(security_kobj);
231 : 0 : return retval;
232 : : }
233 : :
234 : : core_initcall(securityfs_init);
235 : : MODULE_LICENSE("GPL");
236 : :
|
