1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * drivers/auth_ctl/auth_ctrl.c
4 *
5 * Copyright (c) 2022 Huawei Device Co., Ltd.
6 *
7 */
8
9 #include <linux/cred.h>
10 #include <linux/mutex.h>
11 #include <linux/errno.h>
12 #include <linux/fs.h>
13 #include <linux/miscdevice.h>
14 #include <linux/module.h>
15 #include <linux/sched.h>
16 #include <linux/kernel.h>
17 #include <linux/slab.h>
18 #include <linux/proc_fs.h>
19 #include <linux/seq_file.h>
20 #include <linux/sched/auth_ctrl.h>
21 #include <linux/sched/rtg_auth.h>
22 #include <linux/sched/qos_ctrl.h>
23 #include <linux/sched/qos_auth.h>
24
25 #include "auth_ctrl.h"
26 #ifdef CONFIG_QOS_CTRL
27 #include "qos_ctrl.h"
28 #endif
29
30 typedef long (*auth_ctrl_func)(int abi, void __user *arg);
31
32 static long ctrl_auth_basic_operation(int abi, void __user *uarg);
33
34 static auth_ctrl_func g_func_array[AUTH_CTRL_MAX_NR] = {
35 NULL, /* reserved */
36 ctrl_auth_basic_operation,
37 };
38
39 /*
40 * uid-based authority idr table
41 */
42 static struct idr *ua_idr;
43
get_auth_ctrl_idr(void)44 struct idr *get_auth_ctrl_idr(void)
45 {
46 return ua_idr;
47 }
48
49 static DEFINE_MUTEX(ua_idr_mutex);
50
get_auth_idr_mutex(void)51 struct mutex *get_auth_idr_mutex(void)
52 {
53 return &ua_idr_mutex;
54 }
55
56 static struct auth_struct auth_super;
57
58 /*
59 * change auth's status to SYSTEM and enable all feature access
60 */
change_to_super(struct auth_struct * auth)61 static void change_to_super(struct auth_struct *auth)
62 {
63 #ifdef CONFIG_RTG_AUTHORITY
64 auth->rtg_auth_flag = AF_RTG_ALL;
65 #endif
66 #ifdef CONFIG_QOS_AUTHORITY
67 auth->qos_auth_flag = AF_QOS_ALL;
68 #endif
69 auth->status = AUTH_STATUS_SYSTEM_SERVER;
70 }
71
init_authority_record(struct auth_struct * auth)72 static void init_authority_record(struct auth_struct *auth)
73 {
74 #ifdef CONFIG_QOS_AUTHORITY
75 int i;
76 #endif
77
78 #ifdef CONFIG_RTG_AUTHORITY
79 auth->rtg_auth_flag = 0;
80 #endif
81 #ifdef CONFIG_QOS_AUTHORITY
82 auth->qos_auth_flag = 0;
83 #endif
84 auth->status = AUTH_STATUS_DISABLED;
85 mutex_init(&auth->mutex);
86 refcount_set(&auth->usage, 1);
87 #ifdef CONFIG_QOS_CTRL
88 for (i = QOS_POLICY_MIN_LEVEL; i < NR_QOS; ++i) {
89 INIT_LIST_HEAD(&auth->tasks[i]);
90 auth->num[i] = 0;
91 }
92 #endif
93 }
94
get_auth_struct(struct auth_struct * auth)95 void get_auth_struct(struct auth_struct *auth)
96 {
97 refcount_inc(&auth->usage);
98 }
99
__put_auth_struct(struct auth_struct * auth)100 static void __put_auth_struct(struct auth_struct *auth)
101
102 {
103 WARN_ON(auth->status != AUTH_STATUS_DEAD);
104 WARN_ON(refcount_read(&auth->usage));
105
106 #ifdef CONFIG_QOS_CTRL
107 /* refcount is zero here, no contend, no lock. */
108 remove_qos_tasks(auth);
109 #endif
110 kfree(auth);
111 }
112
put_auth_struct(struct auth_struct * auth)113 void put_auth_struct(struct auth_struct *auth)
114 {
115 if (refcount_dec_and_test(&auth->usage))
116 __put_auth_struct(auth);
117 }
118
init_authority_control(void)119 static int init_authority_control(void)
120 {
121 int ret;
122
123 ua_idr = kzalloc(sizeof(*ua_idr), GFP_ATOMIC);
124 if (ua_idr == NULL) {
125 pr_err("[AUTH_CTRL] auth idr init failed, no memory!\n");
126 return -ENOMEM;
127 }
128
129 idr_init(ua_idr);
130
131 init_authority_record(&auth_super);
132 change_to_super(&auth_super);
133
134 ret = idr_alloc(ua_idr, &auth_super, SUPER_UID, SUPER_UID + 1, GFP_ATOMIC);
135 if (ret != SUPER_UID) {
136 pr_err("[AUTH_CTRL] authority for super init failed! ret=%d\n", ret);
137 goto err;
138 }
139
140 return 0;
141
142 err:
143 idr_destroy(ua_idr);
144 kfree(ua_idr);
145
146 return ret;
147 }
148
authority_remove_handler(int id,void * p,void * para)149 int authority_remove_handler(int id, void *p, void *para)
150 {
151 struct auth_struct *auth = (struct auth_struct *)p;
152
153 mutex_lock(&auth->mutex);
154 #ifdef CONFIG_QOS_CTRL
155 qos_switch(auth, AUTH_STATUS_DISABLED);
156 #endif
157 auth->status = AUTH_STATUS_DEAD;
158 mutex_unlock(&auth->mutex);
159 put_auth_struct(auth);
160
161 return 0;
162 }
163
remove_authority_control(void)164 void remove_authority_control(void)
165 {
166 int ret;
167
168 mutex_lock(&ua_idr_mutex);
169 ret = idr_for_each(ua_idr, authority_remove_handler, NULL);
170 if (ret < 0)
171 pr_err("[AUTH_CTRL] authority item remove failed\n");
172
173 idr_destroy(ua_idr);
174 kfree(ua_idr);
175
176 mutex_unlock(&ua_idr_mutex);
177 }
178
179 /*
180 * constrain user assigned auth_flag to kernel accepted auth_flag
181 */
generic_auth_trim(unsigned int orig_flag,unsigned int constrain)182 static int generic_auth_trim(unsigned int orig_flag, unsigned int constrain)
183 {
184 return orig_flag & constrain;
185 }
186
set_auth_flag(struct auth_ctrl_data * data,struct auth_struct * auth_to_enable)187 static inline void set_auth_flag(struct auth_ctrl_data *data, struct auth_struct *auth_to_enable)
188 {
189 #ifdef CONFIG_RTG_AUTHORITY
190 auth_to_enable->rtg_auth_flag = generic_auth_trim(data->rtg_ua_flag, AF_RTG_DELEGATED);
191 #endif
192 #ifdef CONFIG_QOS_AUTHORITY
193 auth_to_enable->qos_auth_flag = generic_auth_trim(data->qos_ua_flag, AF_QOS_ALL);
194 #endif
195 }
196
auth_enable(struct auth_ctrl_data * data)197 static int auth_enable(struct auth_ctrl_data *data)
198 {
199 struct auth_struct *auth_to_enable;
200 unsigned int uid = data->uid;
201 int status = data->status;
202 int ret;
203
204 mutex_lock(&ua_idr_mutex);
205 auth_to_enable = idr_find(ua_idr, uid);
206 /* auth exist, just resume the task's qos request */
207 if (auth_to_enable) {
208 get_auth_struct(auth_to_enable);
209 mutex_unlock(&ua_idr_mutex);
210
211 mutex_lock(&auth_to_enable->mutex);
212 if (auth_to_enable->status == AUTH_STATUS_DEAD) {
213 mutex_unlock(&auth_to_enable->mutex);
214 put_auth_struct(auth_to_enable);
215 return -INVALID_AUTH;
216 }
217
218 set_auth_flag(data, auth_to_enable);
219 #ifdef CONFIG_QOS_CTRL
220 qos_switch(auth_to_enable, status);
221 #endif
222 auth_to_enable->status = status;
223 mutex_unlock(&auth_to_enable->mutex);
224 ret = 0;
225 put_auth_struct(auth_to_enable);
226 goto out;
227 }
228
229 /* auth not exist, build a new auth, then insert to idr */
230 auth_to_enable = kzalloc(sizeof(*auth_to_enable), GFP_ATOMIC);
231 if (!auth_to_enable) {
232 mutex_unlock(&ua_idr_mutex);
233 pr_err("[AUTH_CTRL] alloc auth data failed, no memory!\n");
234 ret = -ENOMEM;
235 goto out;
236 }
237
238 init_authority_record(auth_to_enable);
239
240 /* no one could get the auth from idr now, no need to lock */
241 set_auth_flag(data, auth_to_enable);
242 auth_to_enable->status = status;
243
244 ret = idr_alloc(ua_idr, auth_to_enable, uid, uid + 1, GFP_ATOMIC);
245 if (ret < 0) {
246 pr_err("[AUTH_CTRL] add auth to idr failed, no memory!\n");
247 kfree(auth_to_enable);
248 }
249
250 mutex_unlock(&ua_idr_mutex);
251
252 out:
253 return ret;
254 }
255
auth_delete(struct auth_ctrl_data * data)256 static int auth_delete(struct auth_ctrl_data *data)
257 {
258 struct auth_struct *auth_to_delete;
259 unsigned int uid = data->uid;
260
261 mutex_lock(&ua_idr_mutex);
262 auth_to_delete = (struct auth_struct *)idr_remove(ua_idr, uid);
263 if (!auth_to_delete) {
264 mutex_unlock(&ua_idr_mutex);
265 pr_err("[AUTH_CTRL] no auth data for this uid=%d, delete failed\n", uid);
266 return -UID_NOT_FOUND;
267 }
268 mutex_unlock(&ua_idr_mutex);
269
270 mutex_lock(&auth_to_delete->mutex);
271 #ifdef CONFIG_QOS_CTRL
272 qos_switch(auth_to_delete, AUTH_STATUS_DISABLED);
273 #endif
274 auth_to_delete->status = AUTH_STATUS_DEAD;
275 mutex_unlock(&auth_to_delete->mutex);
276
277 put_auth_struct(auth_to_delete);
278
279 return 0;
280 }
281
auth_get(struct auth_ctrl_data * data)282 static int auth_get(struct auth_ctrl_data *data)
283 {
284 struct auth_struct *auth_to_get;
285 unsigned int uid = data->uid;
286
287 mutex_lock(&ua_idr_mutex);
288 auth_to_get = idr_find(ua_idr, uid);
289 if (!auth_to_get) {
290 mutex_unlock(&ua_idr_mutex);
291 pr_err("[AUTH_CTRL] no auth data for this uid=%d to get\n", uid);
292 return -UID_NOT_FOUND;
293 }
294 get_auth_struct(auth_to_get);
295 mutex_unlock(&ua_idr_mutex);
296
297 mutex_lock(&auth_to_get->mutex);
298 if (auth_to_get->status == AUTH_STATUS_DEAD) {
299 mutex_unlock(&auth_to_get->mutex);
300 put_auth_struct(auth_to_get);
301 return -INVALID_AUTH;
302 }
303 #ifdef CONFIG_RTG_AUTHORITY
304 data->rtg_ua_flag = auth_to_get->rtg_auth_flag;
305 #endif
306 #ifdef CONFIG_QOS_AUTHORITY
307 data->qos_ua_flag = auth_to_get->qos_auth_flag;
308 #endif
309 data->status = auth_to_get->status;
310 mutex_unlock(&auth_to_get->mutex);
311
312 put_auth_struct(auth_to_get);
313
314 return 0;
315 }
316
auth_switch(struct auth_ctrl_data * data)317 static int auth_switch(struct auth_ctrl_data *data)
318 {
319 struct auth_struct *auth;
320 unsigned int uid = data->uid;
321 unsigned int status = data->status;
322
323 if (status == 0 || status >= AUTH_STATUS_MAX_NR) {
324 pr_err("[AUTH_CTRL] not valied status %d\n", status);
325 return -ARG_INVALID;
326 }
327
328 mutex_lock(&ua_idr_mutex);
329 auth = idr_find(ua_idr, uid);
330 if (!auth) {
331 mutex_unlock(&ua_idr_mutex);
332 pr_err("[AUTH_CTRL] no auth data for this uid to switch=%d\n", uid);
333 return -UID_NOT_FOUND;
334 }
335 get_auth_struct(auth);
336 mutex_unlock(&ua_idr_mutex);
337
338 mutex_lock(&auth->mutex);
339 if (auth->status == AUTH_STATUS_DEAD) {
340 mutex_unlock(&auth->mutex);
341 put_auth_struct(auth);
342 return -INVALID_AUTH;
343 }
344
345 set_auth_flag(data, auth);
346 #ifdef CONFIG_QOS_CTRL
347 qos_switch(auth, status);
348 #endif
349 auth->status = status;
350 mutex_unlock(&auth->mutex);
351
352 put_auth_struct(auth);
353
354 return 0;
355 }
356
357 typedef int (*auth_manipulate_func)(struct auth_ctrl_data *data);
358
359 static auth_manipulate_func auth_func_array[AUTH_MAX_NR] = {
360 /*
361 * auth_enable: Start authority control for specific uid.
362 * auth_delte: End authroity control, remove statistic datas.
363 * auth_get: Get auth info, deprecated.
364 * auth_switch: Change authority flag and status for specific uid.
365 */
366 NULL,
367 auth_enable,
368 auth_delete,
369 auth_get,
370 auth_switch,
371 };
372
do_auth_manipulate(struct auth_ctrl_data * data)373 static long do_auth_manipulate(struct auth_ctrl_data *data)
374 {
375 long ret = 0;
376 unsigned int type = data->type;
377
378 if (type >= AUTH_MAX_NR) {
379 pr_err("[AUTH_CTRL] BASIC_AUTH_CTRL_OPERATION type not valid\n");
380 return -ARG_INVALID;
381 }
382
383 if (auth_func_array[type])
384 ret = (long)(*auth_func_array[type])(data);
385
386 return ret;
387 }
388
ctrl_auth_basic_operation(int abi,void __user * uarg)389 static long ctrl_auth_basic_operation(int abi, void __user *uarg)
390 {
391 struct auth_ctrl_data auth_data;
392 long ret = -1;
393
394 #pragma GCC diagnostic push
395 #pragma GCC diagnostic ignored "-Wpointer-to-int-cast"
396
397 switch (abi) {
398 case AUTH_IOCTL_ABI_ARM32:
399 ret = copy_from_user(&auth_data,
400 (void __user *)compat_ptr((compat_uptr_t)uarg),
401 sizeof(struct auth_ctrl_data));
402 break;
403 case AUTH_IOCTL_ABI_AARCH64:
404 ret = copy_from_user(&auth_data, uarg, sizeof(struct auth_ctrl_data));
405 break;
406 default:
407 pr_err("[AUTH_CTRL] abi format error\n");
408 break;
409 }
410
411 #pragma GCC diagnostic pop
412
413 if (ret) {
414 pr_err("[AUTH_RTG] %s copy user data failed\n", __func__);
415 return ret;
416 }
417
418 ret = do_auth_manipulate(&auth_data);
419 if (ret < 0) {
420 pr_err("[AUTH_CTRL] BASIC_AUTH_CTRL_OPERATION failed\n");
421 return ret;
422 }
423
424 #pragma GCC diagnostic push
425 #pragma GCC diagnostic ignored "-Wpointer-to-int-cast"
426
427 switch (abi) {
428 case AUTH_IOCTL_ABI_ARM32:
429 ret = copy_to_user((void __user *)compat_ptr((compat_uptr_t)uarg),
430 &auth_data,
431 sizeof(struct auth_ctrl_data));
432 break;
433 case AUTH_IOCTL_ABI_AARCH64:
434 ret = copy_to_user(uarg, &auth_data, sizeof(struct auth_ctrl_data));
435 break;
436 default:
437 pr_err("[AUTH_CTRL] abi format error\n");
438 break;
439 }
440
441 #pragma GCC diagnostic pop
442
443 if (ret) {
444 pr_err("[AUTH_RTG] %s copy user data failed\n", __func__);
445 return ret;
446 }
447
448 return 0;
449 }
450
do_auth_ctrl_ioctl(int abi,struct file * file,unsigned int cmd,unsigned long arg)451 long do_auth_ctrl_ioctl(int abi, struct file *file, unsigned int cmd, unsigned long arg)
452 {
453 void __user *uarg = (void __user *)arg;
454 unsigned int func_cmd = _IOC_NR(cmd);
455
456 if (uarg == NULL) {
457 pr_err("%s: invalid user uarg\n", __func__);
458 return -EINVAL;
459 }
460
461 if (_IOC_TYPE(cmd) != AUTH_CTRL_IPC_MAGIG) {
462 pr_err("%s: authority ctrl magic fail, TYPE=%d\n",
463 __func__, _IOC_TYPE(cmd));
464 return -EINVAL;
465 }
466
467 if (func_cmd >= AUTH_CTRL_MAX_NR) {
468 pr_err("%s: authority ctrl cmd error, cmd:%d\n",
469 __func__, _IOC_TYPE(cmd));
470 return -EINVAL;
471 }
472
473 if (g_func_array[func_cmd])
474 return (*g_func_array[func_cmd])(abi, uarg);
475
476 return -EINVAL;
477 }
478
479 #define get_authority_flag(func_id) (1 << (func_id - 1))
480
get_true_uid(struct task_struct * p)481 static inline unsigned int get_true_uid(struct task_struct *p)
482 {
483 if (!p)
484 return get_uid(current_user())->uid.val;
485
486 return task_uid(p).val;
487 }
488
489 /*
490 * Return 1000 for both SYSTEM and ROOT
491 * Return current's uid if p is NULL
492 */
get_authority_uid(struct task_struct * p)493 static inline unsigned int get_authority_uid(struct task_struct *p)
494 {
495 unsigned int uid = get_true_uid(p);
496
497 if (super_uid(uid))
498 uid = SUPER_UID;
499
500 return uid;
501 }
502
auth_flag(struct auth_struct * auth,unsigned int type)503 static unsigned int auth_flag(struct auth_struct *auth, unsigned int type)
504 {
505 switch (type) {
506 #ifdef CONFIG_RTG_AUTHORITY
507 case RTG_AUTH_FLAG:
508 return auth->rtg_auth_flag;
509 #endif
510 #ifdef CONFIG_QOS_AUTHORITY
511 case QOS_AUTH_FLAG:
512 return auth->qos_auth_flag;
513 #endif
514 default:
515 pr_err("[AUTH_CTRL] not valid auth type\n");
516 return INVALIED_AUTH_FLAG;
517 }
518 }
519
check_authorized(unsigned int func_id,unsigned int type)520 bool check_authorized(unsigned int func_id, unsigned int type)
521 {
522 bool authorized = false;
523 struct auth_struct *auth;
524 unsigned int af = get_authority_flag(func_id);
525 unsigned int uid = get_authority_uid(NULL);
526
527 mutex_lock(&ua_idr_mutex);
528 if (!ua_idr) {
529 mutex_unlock(&ua_idr_mutex);
530 pr_err("[AUTH_CTRL] authority idr table missed, auth failed\n");
531 return authorized;
532 }
533
534 auth = (struct auth_struct *)idr_find(ua_idr, uid);
535 if (!auth) {
536 mutex_unlock(&ua_idr_mutex);
537 pr_err("[AUTH_CTRL] no auth data for this uid=%d\n", uid);
538 return authorized;
539 }
540 get_auth_struct(auth);
541 mutex_unlock(&ua_idr_mutex);
542
543 mutex_lock(&auth->mutex);
544 if (auth->status == AUTH_STATUS_DEAD) {
545 mutex_unlock(&auth->mutex);
546 pr_info("[AUTH_CTRL] not valied auth for uid %d\n", uid);
547 put_auth_struct(auth);
548 return authorized;
549 }
550 if (auth && (auth_flag(auth, type) & af))
551 authorized = true;
552
553 mutex_unlock(&auth->mutex);
554
555 put_auth_struct(auth);
556
557 return authorized;
558 }
559
560 /*
561 * Return authority info for given task
562 * return current's auth if p is NULL
563 * recount will inc if this call return the valid auth
564 * make sure to call put_auth_struct before the calling end
565 */
get_authority(struct task_struct * p)566 struct auth_struct *get_authority(struct task_struct *p)
567 {
568 unsigned int uid = get_authority_uid(p);
569 struct auth_struct *auth;
570
571 mutex_lock(&ua_idr_mutex);
572 auth = idr_find(ua_idr, uid);
573 if (auth)
574 get_auth_struct(auth);
575 mutex_unlock(&ua_idr_mutex);
576
577 return auth;
578 }
579
proc_auth_ioctl(struct file * file,unsigned int cmd,unsigned long arg)580 long proc_auth_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
581 {
582 return do_auth_ctrl_ioctl(AUTH_IOCTL_ABI_AARCH64, file, cmd, arg);
583 }
584
585 #ifdef CONFIG_COMPAT
proc_auth_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)586 long proc_auth_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
587 {
588 return do_auth_ctrl_ioctl(AUTH_IOCTL_ABI_ARM32, file, cmd,
589 (unsigned long)(compat_ptr((compat_uptr_t)arg)));
590 }
591 #endif
592
593 static const struct file_operations auth_ctrl_fops = {
594 .owner = THIS_MODULE,
595 .unlocked_ioctl = proc_auth_ioctl,
596 #ifdef CONFIG_COMPAT
597 .compat_ioctl = proc_auth_compat_ioctl,
598 #endif
599 };
600
601 static struct miscdevice auth_ctrl_device = {
602 .minor = MISC_DYNAMIC_MINOR,
603 .name = "auth_ctrl",
604 .fops = &auth_ctrl_fops,
605 };
606
auth_ctrl_init_module(void)607 static __init int auth_ctrl_init_module(void)
608 {
609 int err;
610
611 err = misc_register(&auth_ctrl_device);
612 if (err < 0) {
613 pr_err("auth_ctrl register failed\n");
614 return err;
615 }
616
617 pr_info("auth_ctrl init success\n");
618
619 BUG_ON(init_authority_control());
620
621 #ifdef CONFIG_QOS_CTRL
622 init_qos_ctrl();
623 #endif
624
625 init_sched_auth_debug_procfs();
626
627 return 0;
628 }
629
auth_ctrl_exit_module(void)630 static void auth_ctrl_exit_module(void)
631 {
632 remove_authority_control();
633 misc_deregister(&auth_ctrl_device);
634 }
635
636 /* module entry points */
637 module_init(auth_ctrl_init_module);
638 module_exit(auth_ctrl_exit_module);
639
640 MODULE_LICENSE("GPL v2");
641
642