fs/sdcardfs/packagelist.c

   1 /*
   2  * fs/sdcardfs/packagelist.c
   3  *
   4  * Copyright (c) 2013 Samsung Electronics Co. Ltd
   5  *   Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun,
   6  *               Sunghwan Yun, Sungjong Seo
   7  *
   8  * This program has been developed as a stackable file system based on
   9  * the WrapFS which written by
  10  *
  11  * Copyright (c) 1998-2011 Erez Zadok
  12  * Copyright (c) 2009     Shrikar Archak
  13  * Copyright (c) 2003-2011 Stony Brook University
  14  * Copyright (c) 2003-2011 The Research Foundation of SUNY
  15  *
  16  * This file is dual licensed.  It may be redistributed and/or modified
  17  * under the terms of the Apache 2.0 License OR version 2 of the GNU
  18  * General Public License.
  19  */
  20
  21 #include "sdcardfs.h"
  22 #include <linux/hashtable.h>
  23 #include <linux/delay.h>
  24
  25
  26 #include <linux/init.h>
  27 #include <linux/module.h>
  28 #include <linux/slab.h>
  29
  30 #include <linux/configfs.h>
  31
  32 #define STRING_BUF_SIZE         (512)
  33
  34 struct hashtable_entry {
  35         struct hlist_node hlist;
  36         void *key;
  37         unsigned int value;
  38 };
  39
  40 struct sb_list {
  41         struct super_block *sb;
  42         struct list_head list;
  43 };
  44
  45 struct packagelist_data {
  46         DECLARE_HASHTABLE(package_to_appid,8);
  47         struct mutex hashtable_lock;
  48
  49 };
  50
  51 static struct packagelist_data *pkgl_data_all;
  52
  53 static struct kmem_cache *hashtable_entry_cachep;
  54
  55 static unsigned int str_hash(const char *key) {
  56         int i;
  57         unsigned int h = strlen(key);
  58         char *data = (char *)key;
  59
  60         for (i = 0; i < strlen(key); i++) {
  61                 h = h * 31 + *data;
  62                 data++;
  63         }
  64         return h;
  65 }
  66
  67 appid_t get_appid(void *pkgl_id, const char *app_name)
  68 {
  69         struct packagelist_data *pkgl_dat = pkgl_data_all;
  70         struct hashtable_entry *hash_cur;
  71         unsigned int hash = str_hash(app_name);
  72         appid_t ret_id;
  73
  74         mutex_lock(&pkgl_dat->hashtable_lock);
  75         hash_for_each_possible(pkgl_dat->package_to_appid, hash_cur, hlist, hash) {
  76                 if (!strcasecmp(app_name, hash_cur->key)) {
  77                         ret_id = (appid_t)hash_cur->value;
  78                         mutex_unlock(&pkgl_dat->hashtable_lock);
  79                         return ret_id;
  80                 }
  81         }
  82         mutex_unlock(&pkgl_dat->hashtable_lock);
  83         return 0;
  84 }
  85
  86 /* Kernel has already enforced everything we returned through
  87  * derive_permissions_locked(), so this is used to lock down access
  88  * even further, such as enforcing that apps hold sdcard_rw. */
  89 int check_caller_access_to_name(struct inode *parent_node, const char* name) {
  90
  91         /* Always block security-sensitive files at root */
  92         if (parent_node && SDCARDFS_I(parent_node)->perm == PERM_ROOT) {
  93                 if (!strcasecmp(name, "autorun.inf")
  94                         || !strcasecmp(name, ".android_secure")
  95                         || !strcasecmp(name, "android_secure")) {
  96                         return 0;
  97                 }
  98         }
  99
 100         /* Root always has access; access for any other UIDs should always
 101          * be controlled through packages.list. */
 102         if (from_kuid(&init_user_ns, current_fsuid()) == 0) {
 103                 return 1;
 104         }
 105
 106         /* No extra permissions to enforce */
 107         return 1;
 108 }
 109
 110 /* This function is used when file opening. The open flags must be
 111  * checked before calling check_caller_access_to_name() */
 112 int open_flags_to_access_mode(int open_flags) {
 113         if((open_flags & O_ACCMODE) == O_RDONLY) {
 114                 return 0; /* R_OK */
 115         } else if ((open_flags & O_ACCMODE) == O_WRONLY) {
 116                 return 1; /* W_OK */
 117         } else {
 118                 /* Probably O_RDRW, but treat as default to be safe */
 119                 return 1; /* R_OK | W_OK */
 120         }
 121 }
 122
 123 static int insert_str_to_int_lock(struct packagelist_data *pkgl_dat, char *key,
 124                 unsigned int value)
 125 {
 126         struct hashtable_entry *hash_cur;
 127         struct hashtable_entry *new_entry;
 128         unsigned int hash = str_hash(key);
 129
 130         hash_for_each_possible(pkgl_dat->package_to_appid, hash_cur, hlist, hash) {
 131                 if (!strcasecmp(key, hash_cur->key)) {
 132                         hash_cur->value = value;
 133                         return 0;
 134                 }
 135         }
 136         new_entry = kmem_cache_alloc(hashtable_entry_cachep, GFP_KERNEL);
 137         if (!new_entry)
 138                 return -ENOMEM;
 139         new_entry->key = kstrdup(key, GFP_KERNEL);
 140         new_entry->value = value;
 141         hash_add(pkgl_dat->package_to_appid, &new_entry->hlist, hash);
 142         return 0;
 143 }
 144
 145 static void fixup_perms(struct super_block *sb) {
 146         if (sb && sb->s_magic == SDCARDFS_SUPER_MAGIC) {
 147                 mutex_lock(&sb->s_root->d_inode->i_mutex);
 148                 get_derive_permissions_recursive(sb->s_root);
 149                 mutex_unlock(&sb->s_root->d_inode->i_mutex);
 150         }
 151 }
 152
 153 static int insert_str_to_int(struct packagelist_data *pkgl_dat, char *key,
 154                 unsigned int value) {
 155         int ret;
 156         struct sdcardfs_sb_info *sbinfo;
 157         mutex_lock(&sdcardfs_super_list_lock);
 158         mutex_lock(&pkgl_dat->hashtable_lock);
 159         ret = insert_str_to_int_lock(pkgl_dat, key, value);
 160         mutex_unlock(&pkgl_dat->hashtable_lock);
 161
 162         list_for_each_entry(sbinfo, &sdcardfs_super_list, list) {
 163                 if (sbinfo) {
 164                         fixup_perms(sbinfo->sb);
 165                 }
 166         }
 167         mutex_unlock(&sdcardfs_super_list_lock);
 168         return ret;
 169 }
 170
 171 static void remove_str_to_int_lock(struct hashtable_entry *h_entry) {
 172         kfree(h_entry->key);
 173         hash_del(&h_entry->hlist);
 174         kmem_cache_free(hashtable_entry_cachep, h_entry);
 175 }
 176
 177 static void remove_str_to_int(struct packagelist_data *pkgl_dat, const char *key)
 178 {
 179         struct sdcardfs_sb_info *sbinfo;
 180         struct hashtable_entry *hash_cur;
 181         unsigned int hash = str_hash(key);
 182         mutex_lock(&sdcardfs_super_list_lock);
 183         mutex_lock(&pkgl_dat->hashtable_lock);
 184         hash_for_each_possible(pkgl_dat->package_to_appid, hash_cur, hlist, hash) {
 185                 if (!strcasecmp(key, hash_cur->key)) {
 186                         remove_str_to_int_lock(hash_cur);
 187                         break;
 188                 }
 189         }
 190         mutex_unlock(&pkgl_dat->hashtable_lock);
 191         list_for_each_entry(sbinfo, &sdcardfs_super_list, list) {
 192                 if (sbinfo) {
 193                         fixup_perms(sbinfo->sb);
 194                 }
 195         }
 196         mutex_unlock(&sdcardfs_super_list_lock);
 197         return;
 198 }
 199
 200 static void remove_all_hashentrys(struct packagelist_data *pkgl_dat)
 201 {
 202         struct hashtable_entry *hash_cur;
 203         struct hlist_node *h_t;
 204         int i;
 205         mutex_lock(&pkgl_dat->hashtable_lock);
 206         hash_for_each_safe(pkgl_dat->package_to_appid, i, h_t, hash_cur, hlist)
 207                 remove_str_to_int_lock(hash_cur);
 208         mutex_unlock(&pkgl_dat->hashtable_lock);
 209         hash_init(pkgl_dat->package_to_appid);
 210 }
 211
 212 static struct packagelist_data * packagelist_create(void)
 213 {
 214         struct packagelist_data *pkgl_dat;
 215
 216         pkgl_dat = kmalloc(sizeof(*pkgl_dat), GFP_KERNEL | __GFP_ZERO);
 217         if (!pkgl_dat) {
 218                 printk(KERN_ERR "sdcardfs: Failed to create hash\n");
 219                 return ERR_PTR(-ENOMEM);
 220         }
 221
 222         mutex_init(&pkgl_dat->hashtable_lock);
 223         hash_init(pkgl_dat->package_to_appid);
 224
 225         return pkgl_dat;
 226 }
 227
 228 static void packagelist_destroy(struct packagelist_data *pkgl_dat)
 229 {
 230         remove_all_hashentrys(pkgl_dat);
 231         printk(KERN_INFO "sdcardfs: destroyed packagelist pkgld\n");
 232         kfree(pkgl_dat);
 233 }
 234
 235 struct package_appid {
 236         struct config_item item;
 237         int add_pid;
 238 };
 239
 240 static inline struct package_appid *to_package_appid(struct config_item *item)
 241 {
 242         return item ? container_of(item, struct package_appid, item) : NULL;
 243 }
 244
 245 static ssize_t package_appid_attr_show(struct config_item *item,
 246                                       char *page)
 247 {
 248         ssize_t count;
 249         count = sprintf(page, "%d\n", get_appid(pkgl_data_all, item->ci_name));
 250         return count;
 251 }
 252
 253 static ssize_t package_appid_attr_store(struct config_item *item,
 254                                        const char *page, size_t count)
 255 {
 256         struct package_appid *package_appid = to_package_appid(item);
 257         unsigned long tmp;
 258         char *p = (char *) page;
 259         int ret;
 260
 261         tmp = simple_strtoul(p, &p, 10);
 262         if (!p || (*p && (*p != '\n')))
 263                 return -EINVAL;
 264
 265         if (tmp > INT_MAX)
 266                 return -ERANGE;
 267         ret = insert_str_to_int(pkgl_data_all, item->ci_name, (unsigned int)tmp);
 268         package_appid->add_pid = tmp;
 269         if (ret)
 270                 return ret;
 271
 272         return count;
 273 }
 274
 275 static struct configfs_attribute package_appid_attr_add_pid = {
 276         .ca_owner = THIS_MODULE,
 277         .ca_name = "appid",
 278         .ca_mode = S_IRUGO | S_IWUGO,
 279         .show = package_appid_attr_show,
 280         .store = package_appid_attr_store,
 281 };
 282
 283 static struct configfs_attribute *package_appid_attrs[] = {
 284         &package_appid_attr_add_pid,
 285         NULL,
 286 };
 287
 288 static void package_appid_release(struct config_item *item)
 289 {
 290         printk(KERN_INFO "sdcardfs: removing %s\n", item->ci_dentry->d_name.name);
 291         /* item->ci_name is freed already, so we rely on the dentry */
 292         remove_str_to_int(pkgl_data_all, item->ci_dentry->d_name.name);
 293         kfree(to_package_appid(item));
 294 }
 295
 296 static struct configfs_item_operations package_appid_item_ops = {
 297         .release                = package_appid_release,
 298 };
 299
 300 static struct config_item_type package_appid_type = {
 301         .ct_item_ops    = &package_appid_item_ops,
 302         .ct_attrs       = package_appid_attrs,
 303         .ct_owner       = THIS_MODULE,
 304 };
 305
 306
 307 struct sdcardfs_packages {
 308         struct config_group group;
 309 };
 310
 311 static inline struct sdcardfs_packages *to_sdcardfs_packages(struct config_item *item)
 312 {
 313         return item ? container_of(to_config_group(item), struct sdcardfs_packages, group) : NULL;
 314 }
 315
 316 static struct config_item *sdcardfs_packages_make_item(struct config_group *group, const char *name)
 317 {
 318         struct package_appid *package_appid;
 319
 320         package_appid = kzalloc(sizeof(struct package_appid), GFP_KERNEL);
 321         if (!package_appid)
 322                 return ERR_PTR(-ENOMEM);
 323
 324         config_item_init_type_name(&package_appid->item, name,
 325                                    &package_appid_type);
 326
 327         package_appid->add_pid = 0;
 328
 329         return &package_appid->item;
 330 }
 331
 332 static ssize_t packages_attr_show(struct config_item *item,
 333                                          char *page)
 334 {
 335         struct hashtable_entry *hash_cur;
 336         struct hlist_node *h_t;
 337         int i;
 338         int count = 0;
 339         mutex_lock(&pkgl_data_all->hashtable_lock);
 340         hash_for_each_safe(pkgl_data_all->package_to_appid, i, h_t, hash_cur, hlist)
 341                 count += snprintf(page + count, PAGE_SIZE - count, "%s %d\n", (char *)hash_cur->key, hash_cur->value);
 342         mutex_unlock(&pkgl_data_all->hashtable_lock);
 343
 344
 345         return count;
 346 }
 347
 348 static struct configfs_attribute sdcardfs_packages_attr_description = {
 349         .ca_owner = THIS_MODULE,
 350         .ca_name = "packages_gid.list",
 351         .ca_mode = S_IRUGO,
 352         .show = packages_attr_show,
 353 };
 354
 355 static struct configfs_attribute *sdcardfs_packages_attrs[] = {
 356         &sdcardfs_packages_attr_description,
 357         NULL,
 358 };
 359
 360 static void sdcardfs_packages_release(struct config_item *item)
 361 {
 362
 363         printk(KERN_INFO "sdcardfs: destroyed something?\n");
 364         kfree(to_sdcardfs_packages(item));
 365 }
 366
 367 static struct configfs_item_operations sdcardfs_packages_item_ops = {
 368         .release        = sdcardfs_packages_release,
 369 };
 370
 371 /*
 372  * Note that, since no extra work is required on ->drop_item(),
 373  * no ->drop_item() is provided.
 374  */
 375 static struct configfs_group_operations sdcardfs_packages_group_ops = {
 376         .make_item      = sdcardfs_packages_make_item,
 377 };
 378
 379 static struct config_item_type sdcardfs_packages_type = {
 380         .ct_item_ops    = &sdcardfs_packages_item_ops,
 381         .ct_group_ops   = &sdcardfs_packages_group_ops,
 382         .ct_attrs       = sdcardfs_packages_attrs,
 383         .ct_owner       = THIS_MODULE,
 384 };
 385
 386 static struct configfs_subsystem sdcardfs_packages_subsys = {
 387         .su_group = {
 388                 .cg_item = {
 389                         .ci_namebuf = "sdcardfs",
 390                         .ci_type = &sdcardfs_packages_type,
 391                 },
 392         },
 393 };
 394
 395 static int __init configfs_sdcardfs_init(void)
 396 {
 397         int ret;
 398         struct configfs_subsystem *subsys = &sdcardfs_packages_subsys;
 399
 400         config_group_init(&subsys->su_group);
 401         mutex_init(&subsys->su_mutex);
 402         ret = configfs_register_subsystem(subsys);
 403         if (ret) {
 404                 printk(KERN_ERR "Error %d while registering subsystem %s\n",
 405                        ret,
 406                        subsys->su_group.cg_item.ci_namebuf);
 407         }
 408         return ret;
 409 }
 410
 411 static void __exit configfs_sdcardfs_exit(void)
 412 {
 413         configfs_unregister_subsystem(&sdcardfs_packages_subsys);
 414 }
 415
 416 int packagelist_init(void)
 417 {
 418         hashtable_entry_cachep =
 419                 kmem_cache_create("packagelist_hashtable_entry",
 420                                         sizeof(struct hashtable_entry), 0, 0, NULL);
 421         if (!hashtable_entry_cachep) {
 422                 printk(KERN_ERR "sdcardfs: failed creating pkgl_hashtable entry slab cache\n");
 423                 return -ENOMEM;
 424         }
 425
 426         pkgl_data_all = packagelist_create();
 427         configfs_sdcardfs_init();
 428         return 0;
 429 }
 430
 431 void packagelist_exit(void)
 432 {
 433         configfs_sdcardfs_exit();
 434         packagelist_destroy(pkgl_data_all);
 435         if (hashtable_entry_cachep)
 436                 kmem_cache_destroy(hashtable_entry_cachep);
 437 }