]>
git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - security/apparmor/include/file.h
0fb7e0008ac5006b65dd40f2a2531d7b1fddd292
2 * AppArmor security module
4 * This file contains AppArmor file mediation function definitions.
6 * Copyright (C) 1998-2008 Novell/SUSE
7 * Copyright 2009-2010 Canonical Ltd.
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License as
11 * published by the Free Software Foundation, version 2 of the
18 #include <linux/spinlock.h>
28 #define mask_mode_t(X) (X & (MAY_EXEC | MAY_WRITE | MAY_READ | MAY_APPEND))
30 #define AA_AUDIT_FILE_MASK (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND |\
31 AA_MAY_CREATE | AA_MAY_DELETE | \
32 AA_MAY_GETATTR | AA_MAY_SETATTR | \
33 AA_MAY_CHMOD | AA_MAY_CHOWN | AA_MAY_LOCK | \
34 AA_EXEC_MMAP | AA_MAY_LINK)
36 #define file_ctx(X) ((struct aa_file_ctx *)(X)->f_security)
38 /* struct aa_file_ctx - the AppArmor context the file was opened in
39 * @lock: lock to update the ctx
40 * @label: label currently cached on the ctx
41 * @perms: the permission the file was opened with
45 struct aa_label __rcu
*label
;
50 * aa_alloc_file_ctx - allocate file_ctx
51 * @label: initial label of task creating the file
52 * @gfp: gfp flags for allocation
54 * Returns: file_ctx or NULL on failure
56 static inline struct aa_file_ctx
*aa_alloc_file_ctx(struct aa_label
*label
, gfp_t gfp
)
58 struct aa_file_ctx
*ctx
;
60 ctx
= kzalloc(sizeof(struct aa_file_ctx
), gfp
);
62 spin_lock_init(&ctx
->lock
);
63 rcu_assign_pointer(ctx
->label
, aa_get_label(label
));
69 * aa_free_file_ctx - free a file_ctx
70 * @ctx: file_ctx to free (MAYBE_NULL)
72 static inline void aa_free_file_ctx(struct aa_file_ctx
*ctx
)
75 aa_put_label(rcu_access_pointer(ctx
->label
));
80 static inline struct aa_label
*aa_get_file_label(struct aa_file_ctx
*ctx
)
82 return aa_get_label_rcu(&ctx
->label
);
85 #define inode_ctx(X) (X)->i_security
88 * The xindex is broken into 3 parts
89 * - index - an index into either the exec name table or the variable table
90 * - exec type - which determines how the executable name and index are used
91 * - flags - which modify how the destination name is applied
93 #define AA_X_INDEX_MASK 0x03ff
95 #define AA_X_TYPE_MASK 0x0c00
96 #define AA_X_TYPE_SHIFT 10
97 #define AA_X_NONE 0x0000
98 #define AA_X_NAME 0x0400 /* use executable name px */
99 #define AA_X_TABLE 0x0800 /* use a specified name ->n# */
101 #define AA_X_UNSAFE 0x1000
102 #define AA_X_CHILD 0x2000 /* make >AA_X_NONE apply to children */
103 #define AA_X_INHERIT 0x4000
104 #define AA_X_UNCONFINED 0x8000
106 /* AA_SECURE_X_NEEDED - is passed in the bprm->unsafe field */
107 #define AA_SECURE_X_NEEDED 0x8000
109 /* need to make conditional which ones are being set */
115 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
117 /* FIXME: split perms from dfa and match this to description
118 * also add delegation info.
120 static inline u16
dfa_map_xindex(u16 mask
)
122 u16 old_index
= (mask
>> 10) & 0xf;
126 index
|= AA_X_UNSAFE
;
128 index
|= AA_X_INHERIT
;
130 index
|= AA_X_UNCONFINED
;
132 if (old_index
== 1) {
133 index
|= AA_X_UNCONFINED
;
134 } else if (old_index
== 2) {
136 } else if (old_index
== 3) {
137 index
|= AA_X_NAME
| AA_X_CHILD
;
138 } else if (old_index
) {
140 index
|= old_index
- 4;
147 * map old dfa inline permissions to new format
149 #define dfa_user_allow(dfa, state) (((ACCEPT_TABLE(dfa)[state]) & 0x7f) | \
150 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
151 #define dfa_user_audit(dfa, state) ((ACCEPT_TABLE2(dfa)[state]) & 0x7f)
152 #define dfa_user_quiet(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 7) & 0x7f)
153 #define dfa_user_xindex(dfa, state) \
154 (dfa_map_xindex(ACCEPT_TABLE(dfa)[state] & 0x3fff))
156 #define dfa_other_allow(dfa, state) ((((ACCEPT_TABLE(dfa)[state]) >> 14) & \
158 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
159 #define dfa_other_audit(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 14) & 0x7f)
160 #define dfa_other_quiet(dfa, state) \
161 ((((ACCEPT_TABLE2(dfa)[state]) >> 7) >> 14) & 0x7f)
162 #define dfa_other_xindex(dfa, state) \
163 dfa_map_xindex((ACCEPT_TABLE(dfa)[state] >> 14) & 0x3fff)
165 int aa_audit_file(struct aa_profile
*profile
, struct aa_perms
*perms
,
166 const char *op
, u32 request
, const char *name
, const char *target
, struct aa_label
*tlabel
,
167 kuid_t ouid
, const char *info
, int error
);
170 * struct aa_file_rules - components used for file rule permissions
171 * @dfa: dfa to match path names and conditionals against
172 * @perms: permission table indexed by the matched state accept entry of @dfa
173 * @trans: transition table for indexed by named x transitions
175 * File permission are determined by matching a path against @dfa and then
176 * then using the value of the accept entry for the matching state as
177 * an index into @perms. If a named exec transition is required it is
178 * looked up in the transition table.
180 struct aa_file_rules
{
183 /* struct perms perms; */
184 struct aa_domain trans
;
185 /* TODO: add delegate table */
188 struct aa_perms
aa_compute_fperms(struct aa_dfa
*dfa
, unsigned int state
,
189 struct path_cond
*cond
);
190 unsigned int aa_str_perms(struct aa_dfa
*dfa
, unsigned int start
,
191 const char *name
, struct path_cond
*cond
,
192 struct aa_perms
*perms
);
194 int __aa_path_perm(const char *op
, struct aa_profile
*profile
, const char *name
,
195 u32 request
, struct path_cond
*cond
, int flags
,
196 struct aa_perms
*perms
);
197 int aa_path_perm(const char *op
, struct aa_label
*label
,
198 const struct path
*path
, int flags
, u32 request
,
199 struct path_cond
*cond
);
201 int aa_path_link(struct aa_label
*label
, struct dentry
*old_dentry
,
202 const struct path
*new_dir
, struct dentry
*new_dentry
);
204 int aa_file_perm(const char *op
, struct aa_label
*label
, struct file
*file
,
207 void aa_inherit_files(const struct cred
*cred
, struct files_struct
*files
);
209 static inline void aa_free_file_rules(struct aa_file_rules
*rules
)
211 aa_put_dfa(rules
->dfa
);
212 aa_free_domain_entries(&rules
->trans
);
216 * aa_map_file_perms - map file flags to AppArmor permissions
217 * @file: open file to map flags to AppArmor permissions
219 * Returns: apparmor permission set for the file
221 static inline u32
aa_map_file_to_perms(struct file
*file
)
223 int flags
= file
->f_flags
;
226 if (file
->f_mode
& FMODE_WRITE
)
228 if (file
->f_mode
& FMODE_READ
)
231 if ((flags
& O_APPEND
) && (perms
& MAY_WRITE
))
232 perms
= (perms
& ~MAY_WRITE
) | MAY_APPEND
;
233 /* trunc implies write permission */
237 perms
|= AA_MAY_CREATE
;
242 #endif /* __AA_FILE_H */