[net-next-2.6.git] / security / integrity / ima / ima_main.c

/*
 * Copyright (C) 2005,2006,2007,2008 IBM Corporation
 *
 * Authors:
 * Reiner Sailer <sailer@watson.ibm.com>
 * Serge Hallyn <serue@us.ibm.com>
 * Kylene Hall <kylene@us.ibm.com>
 * Mimi Zohar <zohar@us.ibm.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation, version 2 of the
 * License.
 *
 * File: ima_main.c
 *             implements the IMA hooks: ima_bprm_check, ima_file_mmap,
 *             and ima_path_check.
 */
#include <linux/module.h>
#include <linux/file.h>
#include <linux/binfmts.h>
#include <linux/mount.h>
#include <linux/mman.h>

#include "ima.h"

int ima_initialized;

char *ima_hash = "sha1";
static int __init hash_setup(char *str)
{
	if (strncmp(str, "md5", 3) == 0)
		ima_hash = "md5";
	return 1;
}
__setup("ima_hash=", hash_setup);

/**
 * ima_file_free - called on __fput()
 * @file: pointer to file structure being freed
 *
 * Flag files that changed, based on i_version;
 * and decrement the iint readcount/writecount.
 */
void ima_file_free(struct file *file)
{
	struct inode *inode = file->f_dentry->d_inode;
	struct ima_iint_cache *iint;

	if (!ima_initialized || !S_ISREG(inode->i_mode))
		return;
	iint = ima_iint_find_get(inode);
	if (!iint)
		return;

	mutex_lock(&iint->mutex);
	if (iint->opencount <= 0) {
		printk(KERN_INFO
		       "%s: %s open/free imbalance (r:%ld w:%ld o:%ld f:%ld)\n",
		       __FUNCTION__, file->f_dentry->d_name.name,
		       iint->readcount, iint->writecount,
		       iint->opencount, atomic_long_read(&file->f_count));
		if (!(iint->flags & IMA_IINT_DUMP_STACK)) {
			dump_stack();
			iint->flags |= IMA_IINT_DUMP_STACK;
		}
	}
	iint->opencount--;

	if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
		iint->readcount--;

	if (file->f_mode & FMODE_WRITE) {
		iint->writecount--;
		if (iint->writecount == 0) {
			if (iint->version != inode->i_version)
				iint->flags &= ~IMA_MEASURED;
		}
	}
	mutex_unlock(&iint->mutex);
	kref_put(&iint->refcount, iint_free);
}

/* ima_read_write_check - reflect possible reading/writing errors in the PCR.
 *
 * When opening a file for read, if the file is already open for write,
 * the file could change, resulting in a file measurement error.
 *
 * Opening a file for write, if the file is already open for read, results
 * in a time of measure, time of use (ToMToU) error.
 *
 * In either case invalidate the PCR.
 */
enum iint_pcr_error { TOMTOU, OPEN_WRITERS };
static void ima_read_write_check(enum iint_pcr_error error,
				 struct ima_iint_cache *iint,
				 struct inode *inode,
				 const unsigned char *filename)
{
	switch (error) {
	case TOMTOU:
		if (iint->readcount > 0)
			ima_add_violation(inode, filename, "invalid_pcr",
					  "ToMToU");
		break;
	case OPEN_WRITERS:
		if (iint->writecount > 0)
			ima_add_violation(inode, filename, "invalid_pcr",
					  "open_writers");
		break;
	}
}

static int get_path_measurement(struct ima_iint_cache *iint, struct file *file,
				const unsigned char *filename)
{
	int rc = 0;

	iint->opencount++;
	iint->readcount++;

	rc = ima_collect_measurement(iint, file);
	if (!rc)
		ima_store_measurement(iint, file, filename);
	return rc;
}

static void ima_update_counts(struct ima_iint_cache *iint, int mask)
{
	iint->opencount++;
	if ((mask & MAY_WRITE) || (mask == 0))
		iint->writecount++;
	else if (mask & (MAY_READ | MAY_EXEC))
		iint->readcount++;
}

/**
 * ima_path_check - based on policy, collect/store measurement.
 * @path: contains a pointer to the path to be measured
 * @mask: contains MAY_READ, MAY_WRITE or MAY_EXECUTE
 *
 * Measure the file being open for readonly, based on the
 * ima_must_measure() policy decision.
 *
 * Keep read/write counters for all files, but only
 * invalidate the PCR for measured files:
 * 	- Opening a file for write when already open for read,
 *	  results in a time of measure, time of use (ToMToU) error.
 *	- Opening a file for read when already open for write,
 * 	  could result in a file measurement error.
 *
 * Always return 0 and audit dentry_open failures.
 * (Return code will be based upon measurement appraisal.)
 */
int ima_path_check(struct path *path, int mask, int update_counts)
{
	struct inode *inode = path->dentry->d_inode;
	struct ima_iint_cache *iint;
	struct file *file = NULL;
	int rc;

	if (!ima_initialized || !S_ISREG(inode->i_mode))
		return 0;
	iint = ima_iint_find_insert_get(inode);
	if (!iint)
		return 0;

	mutex_lock(&iint->mutex);
	if (update_counts)
		ima_update_counts(iint, mask);

	rc = ima_must_measure(iint, inode, MAY_READ, PATH_CHECK);
	if (rc < 0)
		goto out;

	if ((mask & MAY_WRITE) || (mask == 0))
		ima_read_write_check(TOMTOU, iint, inode,
				     path->dentry->d_name.name);

	if ((mask & (MAY_WRITE | MAY_READ | MAY_EXEC)) != MAY_READ)
		goto out;

	ima_read_write_check(OPEN_WRITERS, iint, inode,
			     path->dentry->d_name.name);
	if (!(iint->flags & IMA_MEASURED)) {
		struct dentry *dentry = dget(path->dentry);
		struct vfsmount *mnt = mntget(path->mnt);

		file = dentry_open(dentry, mnt, O_RDONLY | O_LARGEFILE,
				   current_cred());
		if (IS_ERR(file)) {
			int audit_info = 0;

			integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode,
					    dentry->d_name.name,
					    "add_measurement",
					    "dentry_open failed",
					    1, audit_info);
			file = NULL;
			goto out;
		}
		rc = get_path_measurement(iint, file, dentry->d_name.name);
	}
out:
	mutex_unlock(&iint->mutex);
	if (file)
		fput(file);
	kref_put(&iint->refcount, iint_free);
	return 0;
}
EXPORT_SYMBOL_GPL(ima_path_check);

static int process_measurement(struct file *file, const unsigned char *filename,
			       int mask, int function)
{
	struct inode *inode = file->f_dentry->d_inode;
	struct ima_iint_cache *iint;
	int rc;

	if (!ima_initialized || !S_ISREG(inode->i_mode))
		return 0;
	iint = ima_iint_find_insert_get(inode);
	if (!iint)
		return -ENOMEM;

	mutex_lock(&iint->mutex);
	rc = ima_must_measure(iint, inode, mask, function);
	if (rc != 0)
		goto out;

	rc = ima_collect_measurement(iint, file);
	if (!rc)
		ima_store_measurement(iint, file, filename);
out:
	mutex_unlock(&iint->mutex);
	kref_put(&iint->refcount, iint_free);
	return rc;
}

/*
 * ima_counts_put - decrement file counts
 *
 * File counts are incremented in ima_path_check. On file open
 * error, such as ETXTBSY, decrement the counts to prevent
 * unnecessary imbalance messages.
 */
void ima_counts_put(struct path *path, int mask)
{
	struct inode *inode = path->dentry->d_inode;
	struct ima_iint_cache *iint;

	/* The inode may already have been freed, freeing the iint
	 * with it. Verify the inode is not NULL before dereferencing
	 * it.
	 */
	if (!ima_initialized || !inode || !S_ISREG(inode->i_mode))
		return;
	iint = ima_iint_find_insert_get(inode);
	if (!iint)
		return;

	mutex_lock(&iint->mutex);
	iint->opencount--;
	if ((mask & MAY_WRITE) || (mask == 0))
		iint->writecount--;
	else if (mask & (MAY_READ | MAY_EXEC))
		iint->readcount--;
	mutex_unlock(&iint->mutex);

	kref_put(&iint->refcount, iint_free);
}

/*
 * ima_counts_get - increment file counts
 *
 * - for IPC shm and shmat file.
 * - for nfsd exported files.
 *
 * Increment the counts for these files to prevent unnecessary
 * imbalance messages.
 */
void ima_counts_get(struct file *file)
{
	struct inode *inode = file->f_dentry->d_inode;
	struct ima_iint_cache *iint;

	if (!ima_initialized || !S_ISREG(inode->i_mode))
		return;
	iint = ima_iint_find_insert_get(inode);
	if (!iint)
		return;
	mutex_lock(&iint->mutex);
	iint->opencount++;
	if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
		iint->readcount++;

	if (file->f_mode & FMODE_WRITE)
		iint->writecount++;
	mutex_unlock(&iint->mutex);

	kref_put(&iint->refcount, iint_free);
}
EXPORT_SYMBOL_GPL(ima_counts_get);

/**
 * ima_file_mmap - based on policy, collect/store measurement.
 * @file: pointer to the file to be measured (May be NULL)
 * @prot: contains the protection that will be applied by the kernel.
 *
 * Measure files being mmapped executable based on the ima_must_measure()
 * policy decision.
 *
 * Return 0 on success, an error code on failure.
 * (Based on the results of appraise_measurement().)
 */
int ima_file_mmap(struct file *file, unsigned long prot)
{
	int rc;

	if (!file)
		return 0;
	if (prot & PROT_EXEC)
		rc = process_measurement(file, file->f_dentry->d_name.name,
					 MAY_EXEC, FILE_MMAP);
	return 0;
}

/**
 * ima_bprm_check - based on policy, collect/store measurement.
 * @bprm: contains the linux_binprm structure
 *
 * The OS protects against an executable file, already open for write,
 * from being executed in deny_write_access() and an executable file,
 * already open for execute, from being modified in get_write_access().
 * So we can be certain that what we verify and measure here is actually
 * what is being executed.
 *
 * Return 0 on success, an error code on failure.
 * (Based on the results of appraise_measurement().)
 */
int ima_bprm_check(struct linux_binprm *bprm)
{
	int rc;

	rc = process_measurement(bprm->file, bprm->filename,
				 MAY_EXEC, BPRM_CHECK);
	return 0;
}

static int __init init_ima(void)
{
	int error;

	ima_iintcache_init();
	error = ima_init();
	ima_initialized = 1;
	return error;
}

static void __exit cleanup_ima(void)
{
	ima_cleanup();
}

late_initcall(init_ima);	/* Start IMA after the TPM is available */

MODULE_DESCRIPTION("Integrity Measurement Architecture");
MODULE_LICENSE("GPL");
Commit	Line	Data
3323eec9 MZ	1	/*
	2	* Copyright (C) 2005,2006,2007,2008 IBM Corporation
	3	*
	4	* Authors:
	5	* Reiner Sailer <sailer@watson.ibm.com>
	6	* Serge Hallyn <serue@us.ibm.com>
	7	* Kylene Hall <kylene@us.ibm.com>
	8	* Mimi Zohar <zohar@us.ibm.com>
	9	*
	10	* This program is free software; you can redistribute it and/or
	11	* modify it under the terms of the GNU General Public License as
	12	* published by the Free Software Foundation, version 2 of the
	13	* License.
	14	*
	15	* File: ima_main.c
	16	* implements the IMA hooks: ima_bprm_check, ima_file_mmap,
	17	* and ima_path_check.
	18	*/
	19	#include <linux/module.h>
	20	#include <linux/file.h>
	21	#include <linux/binfmts.h>
	22	#include <linux/mount.h>
	23	#include <linux/mman.h>
	24
	25	#include "ima.h"
	26
	27	int ima_initialized;
	28
	29	char *ima_hash = "sha1";
	30	static int __init hash_setup(char *str)
	31	{
07ff7a0b MZ	32	if (strncmp(str, "md5", 3) == 0)
07ff7a0b MZ	33	ima_hash = "md5";
3323eec9 MZ	34	return 1;
	35	}
	36	__setup("ima_hash=", hash_setup);
	37
	38	/**
	39	* ima_file_free - called on __fput()
	40	* @file: pointer to file structure being freed
	41	*
	42	* Flag files that changed, based on i_version;
	43	* and decrement the iint readcount/writecount.
	44	*/
	45	void ima_file_free(struct file *file)
	46	{
	47	struct inode *inode = file->f_dentry->d_inode;
	48	struct ima_iint_cache *iint;
	49
	50	if (!ima_initialized \|\| !S_ISREG(inode->i_mode))
	51	return;
	52	iint = ima_iint_find_get(inode);
	53	if (!iint)
	54	return;
	55
	56	mutex_lock(&iint->mutex);
1df9f0a7 MZ	57	if (iint->opencount <= 0) {
	58	printk(KERN_INFO
	59	"%s: %s open/free imbalance (r:%ld w:%ld o:%ld f:%ld)\n",
	60	__FUNCTION__, file->f_dentry->d_name.name,
	61	iint->readcount, iint->writecount,
	62	iint->opencount, atomic_long_read(&file->f_count));
	63	if (!(iint->flags & IMA_IINT_DUMP_STACK)) {
	64	dump_stack();
	65	iint->flags \|= IMA_IINT_DUMP_STACK;
	66	}
	67	}
	68	iint->opencount--;
	69
3323eec9 MZ	70	if ((file->f_mode & (FMODE_READ \| FMODE_WRITE)) == FMODE_READ)
	71	iint->readcount--;
	72
	73	if (file->f_mode & FMODE_WRITE) {
	74	iint->writecount--;
	75	if (iint->writecount == 0) {
	76	if (iint->version != inode->i_version)
	77	iint->flags &= ~IMA_MEASURED;
	78	}
	79	}
	80	mutex_unlock(&iint->mutex);
	81	kref_put(&iint->refcount, iint_free);
	82	}
	83
	84	/* ima_read_write_check - reflect possible reading/writing errors in the PCR.
	85	*
	86	* When opening a file for read, if the file is already open for write,
	87	* the file could change, resulting in a file measurement error.
	88	*
	89	* Opening a file for write, if the file is already open for read, results
	90	* in a time of measure, time of use (ToMToU) error.
	91	*
	92	* In either case invalidate the PCR.
	93	*/
	94	enum iint_pcr_error { TOMTOU, OPEN_WRITERS };
	95	static void ima_read_write_check(enum iint_pcr_error error,
	96	struct ima_iint_cache *iint,
	97	struct inode *inode,
	98	const unsigned char *filename)
	99	{
	100	switch (error) {
	101	case TOMTOU:
	102	if (iint->readcount > 0)
	103	ima_add_violation(inode, filename, "invalid_pcr",
	104	"ToMToU");
	105	break;
	106	case OPEN_WRITERS:
	107	if (iint->writecount > 0)
	108	ima_add_violation(inode, filename, "invalid_pcr",
	109	"open_writers");
	110	break;
	111	}
	112	}
	113
	114	static int get_path_measurement(struct ima_iint_cache iint, struct file file,
	115	const unsigned char *filename)
	116	{
	117	int rc = 0;
	118
1df9f0a7	119	iint->opencount++;
3323eec9 MZ	120	iint->readcount++;
	121
	122	rc = ima_collect_measurement(iint, file);
	123	if (!rc)
	124	ima_store_measurement(iint, file, filename);
	125	return rc;
	126	}
	127
b9fc745d MZ	128	static void ima_update_counts(struct ima_iint_cache *iint, int mask)
	129	{
	130	iint->opencount++;
	131	if ((mask & MAY_WRITE) \|\| (mask == 0))
	132	iint->writecount++;
	133	else if (mask & (MAY_READ \| MAY_EXEC))
	134	iint->readcount++;
	135	}
	136
3323eec9 MZ	137	/**
	138	* ima_path_check - based on policy, collect/store measurement.
	139	* @path: contains a pointer to the path to be measured
	140	* @mask: contains MAY_READ, MAY_WRITE or MAY_EXECUTE
	141	*
	142	* Measure the file being open for readonly, based on the
	143	* ima_must_measure() policy decision.
	144	*
	145	* Keep read/write counters for all files, but only
	146	* invalidate the PCR for measured files:
	147	* - Opening a file for write when already open for read,
	148	* results in a time of measure, time of use (ToMToU) error.
	149	* - Opening a file for read when already open for write,
	150	* could result in a file measurement error.
	151	*
04288f42 MZ	152	* Always return 0 and audit dentry_open failures.
04288f42 MZ	153	* (Return code will be based upon measurement appraisal.)
3323eec9	154	*/
b9fc745d	155	int ima_path_check(struct path *path, int mask, int update_counts)
3323eec9 MZ	156	{
	157	struct inode *inode = path->dentry->d_inode;
	158	struct ima_iint_cache *iint;
	159	struct file *file = NULL;
	160	int rc;
	161
	162	if (!ima_initialized \|\| !S_ISREG(inode->i_mode))
	163	return 0;
	164	iint = ima_iint_find_insert_get(inode);
	165	if (!iint)
	166	return 0;
	167
	168	mutex_lock(&iint->mutex);
b9fc745d MZ	169	if (update_counts)
b9fc745d MZ	170	ima_update_counts(iint, mask);
3323eec9 MZ	171
	172	rc = ima_must_measure(iint, inode, MAY_READ, PATH_CHECK);
	173	if (rc < 0)
	174	goto out;
	175
	176	if ((mask & MAY_WRITE) \|\| (mask == 0))
	177	ima_read_write_check(TOMTOU, iint, inode,
	178	path->dentry->d_name.name);
	179
	180	if ((mask & (MAY_WRITE \| MAY_READ \| MAY_EXEC)) != MAY_READ)
	181	goto out;
	182
	183	ima_read_write_check(OPEN_WRITERS, iint, inode,
	184	path->dentry->d_name.name);
	185	if (!(iint->flags & IMA_MEASURED)) {
	186	struct dentry *dentry = dget(path->dentry);
	187	struct vfsmount *mnt = mntget(path->mnt);
	188
1a62e958 EP	189	file = dentry_open(dentry, mnt, O_RDONLY \| O_LARGEFILE,
1a62e958 EP	190	current_cred());
f06dd16a	191	if (IS_ERR(file)) {
04288f42 MZ	192	int audit_info = 0;
	193
	194	integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode,
	195	dentry->d_name.name,
	196	"add_measurement",
	197	"dentry_open failed",
	198	1, audit_info);
f06dd16a EP	199	file = NULL;
	200	goto out;
	201	}
3323eec9 MZ	202	rc = get_path_measurement(iint, file, dentry->d_name.name);
	203	}
	204	out:
	205	mutex_unlock(&iint->mutex);
	206	if (file)
	207	fput(file);
	208	kref_put(&iint->refcount, iint_free);
	209	return 0;
	210	}
b9fc745d	211	EXPORT_SYMBOL_GPL(ima_path_check);
3323eec9 MZ	212
	213	static int process_measurement(struct file file, const unsigned char filename,
	214	int mask, int function)
	215	{
	216	struct inode *inode = file->f_dentry->d_inode;
	217	struct ima_iint_cache *iint;
	218	int rc;
	219
	220	if (!ima_initialized \|\| !S_ISREG(inode->i_mode))
	221	return 0;
	222	iint = ima_iint_find_insert_get(inode);
	223	if (!iint)
	224	return -ENOMEM;
	225
	226	mutex_lock(&iint->mutex);
	227	rc = ima_must_measure(iint, inode, mask, function);
	228	if (rc != 0)
	229	goto out;
	230
	231	rc = ima_collect_measurement(iint, file);
	232	if (!rc)
	233	ima_store_measurement(iint, file, filename);
	234	out:
	235	mutex_unlock(&iint->mutex);
	236	kref_put(&iint->refcount, iint_free);
	237	return rc;
	238	}
	239
b9fc745d	240	/*
94e5d714 MZ	241	* ima_counts_put - decrement file counts
	242	*
	243	* File counts are incremented in ima_path_check. On file open
	244	* error, such as ETXTBSY, decrement the counts to prevent
	245	* unnecessary imbalance messages.
	246	*/
	247	void ima_counts_put(struct path *path, int mask)
	248	{
	249	struct inode *inode = path->dentry->d_inode;
	250	struct ima_iint_cache *iint;
	251
acd0c935 MZ	252	/* The inode may already have been freed, freeing the iint
	253	* with it. Verify the inode is not NULL before dereferencing
	254	* it.
	255	*/
	256	if (!ima_initialized \|\| !inode \|\| !S_ISREG(inode->i_mode))
94e5d714 MZ	257	return;
	258	iint = ima_iint_find_insert_get(inode);
	259	if (!iint)
	260	return;
	261
	262	mutex_lock(&iint->mutex);
	263	iint->opencount--;
	264	if ((mask & MAY_WRITE) \|\| (mask == 0))
	265	iint->writecount--;
	266	else if (mask & (MAY_READ \| MAY_EXEC))
	267	iint->readcount--;
	268	mutex_unlock(&iint->mutex);
53a7197a EP	269
53a7197a EP	270	kref_put(&iint->refcount, iint_free);
94e5d714 MZ	271	}
	272
	273	/*
	274	* ima_counts_get - increment file counts
b9fc745d MZ	275	*
	276	* - for IPC shm and shmat file.
	277	* - for nfsd exported files.
	278	*
	279	* Increment the counts for these files to prevent unnecessary
	280	* imbalance messages.
	281	*/
	282	void ima_counts_get(struct file *file)
1df9f0a7 MZ	283	{
	284	struct inode *inode = file->f_dentry->d_inode;
	285	struct ima_iint_cache *iint;
	286
	287	if (!ima_initialized \|\| !S_ISREG(inode->i_mode))
	288	return;
	289	iint = ima_iint_find_insert_get(inode);
	290	if (!iint)
	291	return;
	292	mutex_lock(&iint->mutex);
	293	iint->opencount++;
b9fc745d MZ	294	if ((file->f_mode & (FMODE_READ \| FMODE_WRITE)) == FMODE_READ)
	295	iint->readcount++;
	296
	297	if (file->f_mode & FMODE_WRITE)
	298	iint->writecount++;
1df9f0a7	299	mutex_unlock(&iint->mutex);
53a7197a EP	300
53a7197a EP	301	kref_put(&iint->refcount, iint_free);
1df9f0a7	302	}
b9fc745d	303	EXPORT_SYMBOL_GPL(ima_counts_get);
1df9f0a7	304
3323eec9 MZ	305	/**
	306	* ima_file_mmap - based on policy, collect/store measurement.
	307	* @file: pointer to the file to be measured (May be NULL)
	308	* @prot: contains the protection that will be applied by the kernel.
	309	*
	310	* Measure files being mmapped executable based on the ima_must_measure()
	311	* policy decision.
	312	*
	313	* Return 0 on success, an error code on failure.
	314	* (Based on the results of appraise_measurement().)
	315	*/
	316	int ima_file_mmap(struct file *file, unsigned long prot)
	317	{
	318	int rc;
	319
	320	if (!file)
	321	return 0;
	322	if (prot & PROT_EXEC)
	323	rc = process_measurement(file, file->f_dentry->d_name.name,
	324	MAY_EXEC, FILE_MMAP);
	325	return 0;
	326	}
	327
	328	/**
	329	* ima_bprm_check - based on policy, collect/store measurement.
	330	* @bprm: contains the linux_binprm structure
	331	*
	332	* The OS protects against an executable file, already open for write,
	333	* from being executed in deny_write_access() and an executable file,
	334	* already open for execute, from being modified in get_write_access().
	335	* So we can be certain that what we verify and measure here is actually
	336	* what is being executed.
	337	*
	338	* Return 0 on success, an error code on failure.
	339	* (Based on the results of appraise_measurement().)
	340	*/
	341	int ima_bprm_check(struct linux_binprm *bprm)
	342	{
	343	int rc;
	344
	345	rc = process_measurement(bprm->file, bprm->filename,
	346	MAY_EXEC, BPRM_CHECK);
	347	return 0;
	348	}
	349
	350	static int __init init_ima(void)
	351	{
	352	int error;
	353
	354	ima_iintcache_init();
	355	error = ima_init();
	356	ima_initialized = 1;
	357	return error;
	358	}
	359
bab73937 MZ	360	static void __exit cleanup_ima(void)
	361	{
	362	ima_cleanup();
	363	}
	364
3323eec9 MZ	365	late_initcall(init_ima); /* Start IMA after the TPM is available */
	366
	367	MODULE_DESCRIPTION("Integrity Measurement Architecture");
	368	MODULE_LICENSE("GPL");