~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,3 +1,4 @@
	1	+// SPDX-License-Identifier: GPL-2.0-only
1	2	/*
2	3	* AppArmor security module
3	4	*
..	..	@@ -5,17 +6,12 @@
5	6	*
6	7	* Copyright (C) 1998-2008 Novell/SUSE
7	8	* Copyright 2009-2010 Canonical Ltd.
8		- *
9		- * This program is free software; you can redistribute it and/or
10		- * modify it under the terms of the GNU General Public License as
11		- * published by the Free Software Foundation, version 2 of the
12		- * License.
13	9	*/
14	10
15	11	#include <linux/ctype.h>
16	12	#include <linux/security.h>
17	13	#include <linux/vmalloc.h>
18		-#include <linux/module.h>
	14	+#include <linux/init.h>
19	15	#include <linux/seq_file.h>
20	16	#include <linux/uaccess.h>
21	17	#include <linux/mount.h>
..	..	@@ -23,7 +19,9 @@
23	19	#include <linux/capability.h>
24	20	#include <linux/rcupdate.h>
25	21	#include <linux/fs.h>
	22	+#include <linux/fs_context.h>
26	23	#include <linux/poll.h>
	24	+#include <linux/zlib.h>
27	25	#include <uapi/linux/major.h>
28	26	#include <uapi/linux/magic.h>
29	27
..	..	@@ -67,6 +65,35 @@
67	65	/*
68	66	* support fns
69	67	*/
	68	+
	69	+struct rawdata_f_data {
	70	+ struct aa_loaddata *loaddata;
	71	+};
	72	+
	73	+#define RAWDATA_F_DATA_BUF(p) (char *)(p + 1)
	74	+
	75	+static void rawdata_f_data_free(struct rawdata_f_data *private)
	76	+{
	77	+ if (!private)
	78	+ return;
	79	+
	80	+ aa_put_loaddata(private->loaddata);
	81	+ kvfree(private);
	82	+}
	83	+
	84	+static struct rawdata_f_data *rawdata_f_data_alloc(size_t size)
	85	+{
	86	+ struct rawdata_f_data *ret;
	87	+
	88	+ if (size > SIZE_MAX - sizeof(*ret))
	89	+ return ERR_PTR(-EINVAL);
	90	+
	91	+ ret = kvzalloc(sizeof(*ret) + size, GFP_KERNEL);
	92	+ if (!ret)
	93	+ return ERR_PTR(-ENOMEM);
	94	+
	95	+ return ret;
	96	+}
70	97
71	98	/**
72	99	* aa_mangle_name - mangle a profile name to std profile layout form
..	..	@@ -123,26 +150,20 @@
123	150	return 0;
124	151	}
125	152
126		-static void aafs_i_callback(struct rcu_head *head)
	153	+static void aafs_free_inode(struct inode *inode)
127	154	{
128		- struct inode *inode = container_of(head, struct inode, i_rcu);
129	155	if (S_ISLNK(inode->i_mode))
130	156	kfree(inode->i_link);
131	157	free_inode_nonrcu(inode);
132	158	}
133	159
134		-static void aafs_destroy_inode(struct inode *inode)
135		-{
136		- call_rcu(&inode->i_rcu, aafs_i_callback);
137		-}
138		-
139	160	static const struct super_operations aafs_super_ops = {
140	161	.statfs = simple_statfs,
141		- .destroy_inode = aafs_destroy_inode,
	162	+ .free_inode = aafs_free_inode,
142	163	.show_path = aafs_show_path,
143	164	};
144	165
145		-static int fill_super(struct super_block sb, void data, int silent)
	166	+static int apparmorfs_fill_super(struct super_block sb, struct fs_context fc)
146	167	{
147	168	static struct tree_descr files[] = { {""} };
148	169	int error;
..	..	@@ -155,16 +176,25 @@
155	176	return 0;
156	177	}
157	178
158		-static struct dentry aafs_mount(struct file_system_type fs_type,
159		- int flags, const char dev_name, void data)
	179	+static int apparmorfs_get_tree(struct fs_context *fc)
160	180	{
161		- return mount_single(fs_type, flags, data, fill_super);
	181	+ return get_tree_single(fc, apparmorfs_fill_super);
	182	+}
	183	+
	184	+static const struct fs_context_operations apparmorfs_context_ops = {
	185	+ .get_tree = apparmorfs_get_tree,
	186	+};
	187	+
	188	+static int apparmorfs_init_fs_context(struct fs_context *fc)
	189	+{
	190	+ fc->ops = &apparmorfs_context_ops;
	191	+ return 0;
162	192	}
163	193
164	194	static struct file_system_type aafs_ops = {
165	195	.owner = THIS_MODULE,
166	196	.name = AAFS_NAME,
167		- .mount = aafs_mount,
	197	+ .init_fs_context = apparmorfs_init_fs_context,
168	198	.kill_sb = kill_anon_super,
169	199	};
170	200
..	..	@@ -311,38 +341,6 @@
311	341	}
312	342
313	343	/**
314		- * aafs_create_symlink - create a symlink in the apparmorfs filesystem
315		- * @name: name of dentry to create
316		- * @parent: parent directory for this dentry
317		- * @target: if symlink, symlink target string
318		- * @private: private data
319		- * @iops: struct of inode_operations that should be used
320		- *
321		- * If @target parameter is %NULL, then the @iops parameter needs to be
322		- * setup to handle .readlink and .get_link inode_operations.
323		- */
324		-static struct dentry aafs_create_symlink(const char name,
325		- struct dentry *parent,
326		- const char *target,
327		- void *private,
328		- const struct inode_operations *iops)
329		-{
330		- struct dentry *dent;
331		- char *link = NULL;
332		-
333		- if (target) {
334		- if (!link)
335		- return ERR_PTR(-ENOMEM);
336		- }
337		- dent = aafs_create(name, S_IFLNK \| 0444, parent, private, link, NULL,
338		- iops);
339		- if (IS_ERR(dent))
340		- kfree(link);
341		-
342		- return dent;
343		-}
344		-
345		-/**
346	344	* aafs_remove - removes a file or directory from the apparmorfs filesystem
347	345	*
348	346	* @dentry: dentry of the file/directory/symlink to removed.
..	..	@@ -403,7 +401,7 @@
403	401
404	402	data->size = copy_size;
405	403	if (copy_from_user(data->data, userbuf, copy_size)) {
406		- kvfree(data);
	404	+ aa_put_loaddata(data);
407	405	return ERR_PTR(-EFAULT);
408	406	}
409	407
..	..	@@ -594,7 +592,7 @@
594	592
595	593	void __aa_bump_ns_revision(struct aa_ns *ns)
596	594	{
597		- WRITE_ONCE(ns->revision, ns->revision + 1);
	595	+ WRITE_ONCE(ns->revision, READ_ONCE(ns->revision) + 1);
598	596	wake_up_interruptible(&ns->wait);
599	597	}
600	598
..	..	@@ -810,7 +808,7 @@
810	808	struct multi_transaction {
811	809	struct kref count;
812	810	ssize_t size;
813		- char data[0];
	811	+ char data[];
814	812	};
815	813
816	814	#define MULTI_TRANSACTION_LIMIT (PAGE_SIZE - sizeof(struct multi_transaction))
..	..	@@ -1281,36 +1279,117 @@
1281	1279	return 0;
1282	1280	}
1283	1281
	1282	+static int seq_rawdata_compressed_size_show(struct seq_file seq, void v)
	1283	+{
	1284	+ struct aa_loaddata *data = seq->private;
	1285	+
	1286	+ seq_printf(seq, "%zu\n", data->compressed_size);
	1287	+
	1288	+ return 0;
	1289	+}
	1290	+
1284	1291	SEQ_RAWDATA_FOPS(abi);
1285	1292	SEQ_RAWDATA_FOPS(revision);
1286	1293	SEQ_RAWDATA_FOPS(hash);
	1294	+SEQ_RAWDATA_FOPS(compressed_size);
	1295	+
	1296	+static int deflate_decompress(char src, size_t slen, char dst, size_t dlen)
	1297	+{
	1298	+ int error;
	1299	+ struct z_stream_s strm;
	1300	+
	1301	+ if (aa_g_rawdata_compression_level == 0) {
	1302	+ if (dlen < slen)
	1303	+ return -EINVAL;
	1304	+ memcpy(dst, src, slen);
	1305	+ return 0;
	1306	+ }
	1307	+
	1308	+ memset(&strm, 0, sizeof(strm));
	1309	+
	1310	+ strm.workspace = kvzalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
	1311	+ if (!strm.workspace)
	1312	+ return -ENOMEM;
	1313	+
	1314	+ strm.next_in = src;
	1315	+ strm.avail_in = slen;
	1316	+
	1317	+ error = zlib_inflateInit(&strm);
	1318	+ if (error != Z_OK) {
	1319	+ error = -ENOMEM;
	1320	+ goto fail_inflate_init;
	1321	+ }
	1322	+
	1323	+ strm.next_out = dst;
	1324	+ strm.avail_out = dlen;
	1325	+
	1326	+ error = zlib_inflate(&strm, Z_FINISH);
	1327	+ if (error != Z_STREAM_END)
	1328	+ error = -EINVAL;
	1329	+ else
	1330	+ error = 0;
	1331	+
	1332	+ zlib_inflateEnd(&strm);
	1333	+fail_inflate_init:
	1334	+ kvfree(strm.workspace);
	1335	+ return error;
	1336	+}
1287	1337
1288	1338	static ssize_t rawdata_read(struct file file, char __user buf, size_t size,
1289	1339	loff_t *ppos)
1290	1340	{
1291		- struct aa_loaddata *rawdata = file->private_data;
	1341	+ struct rawdata_f_data *private = file->private_data;
1292	1342
1293		- return simple_read_from_buffer(buf, size, ppos, rawdata->data,
1294		- rawdata->size);
	1343	+ return simple_read_from_buffer(buf, size, ppos,
	1344	+ RAWDATA_F_DATA_BUF(private),
	1345	+ private->loaddata->size);
1295	1346	}
1296	1347
1297	1348	static int rawdata_release(struct inode inode, struct file file)
1298	1349	{
1299		- aa_put_loaddata(file->private_data);
	1350	+ rawdata_f_data_free(file->private_data);
1300	1351
1301	1352	return 0;
1302	1353	}
1303	1354
1304	1355	static int rawdata_open(struct inode inode, struct file file)
1305	1356	{
	1357	+ int error;
	1358	+ struct aa_loaddata *loaddata;
	1359	+ struct rawdata_f_data *private;
	1360	+
1306	1361	if (!policy_view_capable(NULL))
1307	1362	return -EACCES;
1308		- file->private_data = __aa_get_loaddata(inode->i_private);
1309		- if (!file->private_data)
	1363	+
	1364	+ loaddata = __aa_get_loaddata(inode->i_private);
	1365	+ if (!loaddata)
1310	1366	/* lost race: this entry is being reaped */
1311	1367	return -ENOENT;
1312	1368
	1369	+ private = rawdata_f_data_alloc(loaddata->size);
	1370	+ if (IS_ERR(private)) {
	1371	+ error = PTR_ERR(private);
	1372	+ goto fail_private_alloc;
	1373	+ }
	1374	+
	1375	+ private->loaddata = loaddata;
	1376	+
	1377	+ error = deflate_decompress(loaddata->data, loaddata->compressed_size,
	1378	+ RAWDATA_F_DATA_BUF(private),
	1379	+ loaddata->size);
	1380	+ if (error)
	1381	+ goto fail_decompress;
	1382	+
	1383	+ file->private_data = private;
1313	1384	return 0;
	1385	+
	1386	+fail_decompress:
	1387	+ rawdata_f_data_free(private);
	1388	+ return error;
	1389	+
	1390	+fail_private_alloc:
	1391	+ aa_put_loaddata(loaddata);
	1392	+ return error;
1314	1393	}
1315	1394
1316	1395	static const struct file_operations rawdata_fops = {
..	..	@@ -1388,6 +1467,13 @@
1388	1467	goto fail;
1389	1468	rawdata->dents[AAFS_LOADDATA_HASH] = dent;
1390	1469	}
	1470	+
	1471	+ dent = aafs_create_file("compressed_size", S_IFREG \| 0444, dir,
	1472	+ rawdata,
	1473	+ &seq_rawdata_compressed_size_fops);
	1474	+ if (IS_ERR(dent))
	1475	+ goto fail;
	1476	+ rawdata->dents[AAFS_LOADDATA_COMPRESSED_SIZE] = dent;
1391	1477
1392	1478	dent = aafs_create_file("raw_data", S_IFREG \| 0444,
1393	1479	dir, rawdata, &rawdata_fops);
..	..	@@ -1645,25 +1731,25 @@
1645	1731	}
1646	1732
1647	1733	if (profile->rawdata) {
1648		- dent = aafs_create_symlink("raw_sha1", dir, NULL,
1649		- profile->label.proxy,
1650		- &rawdata_link_sha1_iops);
	1734	+ dent = aafs_create("raw_sha1", S_IFLNK \| 0444, dir,
	1735	+ profile->label.proxy, NULL, NULL,
	1736	+ &rawdata_link_sha1_iops);
1651	1737	if (IS_ERR(dent))
1652	1738	goto fail;
1653	1739	aa_get_proxy(profile->label.proxy);
1654	1740	profile->dents[AAFS_PROF_RAW_HASH] = dent;
1655	1741
1656		- dent = aafs_create_symlink("raw_abi", dir, NULL,
1657		- profile->label.proxy,
1658		- &rawdata_link_abi_iops);
	1742	+ dent = aafs_create("raw_abi", S_IFLNK \| 0444, dir,
	1743	+ profile->label.proxy, NULL, NULL,
	1744	+ &rawdata_link_abi_iops);
1659	1745	if (IS_ERR(dent))
1660	1746	goto fail;
1661	1747	aa_get_proxy(profile->label.proxy);
1662	1748	profile->dents[AAFS_PROF_RAW_ABI] = dent;
1663	1749
1664		- dent = aafs_create_symlink("raw_data", dir, NULL,
1665		- profile->label.proxy,
1666		- &rawdata_link_data_iops);
	1750	+ dent = aafs_create("raw_data", S_IFLNK \| 0444, dir,
	1751	+ profile->label.proxy, NULL, NULL,
	1752	+ &rawdata_link_data_iops);
1667	1753	if (IS_ERR(dent))
1668	1754	goto fail;
1669	1755	aa_get_proxy(profile->label.proxy);
..	..	@@ -1749,7 +1835,7 @@
1749	1835	if (error)
1750	1836	return error;
1751	1837
1752		- parent = aa_get_ns(dir->i_private);
	1838	+ parent = aa_get_ns(dir->i_private);
1753	1839	/* rmdir calls the generic securityfs functions to remove files
1754	1840	* from the apparmor dir. It is up to the apparmor ns locking
1755	1841	* to avoid races.
..	..	@@ -1959,6 +2045,9 @@
1959	2045
1960	2046	return error;
1961	2047	}
	2048	+
	2049	+
	2050	+#define list_entry_is_head(pos, head, member) (&pos->member == (head))
1962	2051
1963	2052	/**
1964	2053	* __next_ns - find the next namespace to list
..	..	@@ -2243,6 +2332,8 @@
2243	2332	static struct aa_sfs_entry aa_sfs_entry_policy[] = {
2244	2333	AA_SFS_DIR("versions", aa_sfs_entry_versions),
2245	2334	AA_SFS_FILE_BOOLEAN("set_load", 1),
	2335	+ /* number of out of band transitions supported */
	2336	+ AA_SFS_FILE_U64("outofband", MAX_OOB_SUPPORTED),
2246	2337	{ }
2247	2338	};
2248	2339
..	..	@@ -2453,16 +2544,18 @@
2453	2544	{
2454	2545	struct aa_ns *ns;
2455	2546	struct path path;
	2547	+ int error;
2456	2548
2457	2549	if (!dentry)
2458	2550	return ERR_PTR(-ECHILD);
	2551	+
2459	2552	ns = aa_get_current_ns();
2460	2553	path.mnt = mntget(aafs_mnt);
2461	2554	path.dentry = dget(ns_dir(ns));
2462		- nd_jump_link(&path);
	2555	+ error = nd_jump_link(&path);
2463	2556	aa_put_ns(ns);
2464	2557
2465		- return NULL;
	2558	+ return ERR_PTR(error);
2466	2559	}
2467	2560
2468	2561	static int policy_readlink(struct dentry dentry, char __user buffer,