Re: [RFC][PATCH 6/11] security: AppArmor - Userspace interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

> This patch implements the interface between the userspace policy loader
> and the kernel module.   It is called by the .load, .remove and .replace
> file_operations hooks implemented in apparmorfs.c.
> 
> The code is reponsible for serializing data in a platform independant 
> manner from userspace and creating/activating the necessary apparmor 
> profiles.

Documentation patch describing what kind of data you pass here would
be nice.


> +#include "match/match.h"
> +
> +/* aa_code defined in module_interface.h */
> +
> +const int aacode_datasize[] = { 1, 2, 4, 8, 2, 2, 4, 0, 0, 0, 0, 0, 0 };

I believe this needs a comment.

> +
> +/* inlines must be forward of there use in newer version of gcc,
> +   just forward declaring with a prototype won't work anymore */

their use?

> +/**
> + * aa_activate_profile - unpack a serialized profile
> + * @e: serialized data extent information
> + * @error: error code returned if unpacking fails
> + */
> +static struct aaprofile *aa_activate_profile(struct aa_ext *e, ssize_t *error)
> +{
> +	struct aaprofile *profile = NULL;
> +	const char *rulename = "";
> +	const char *error_string = "Invalid Profile";
> +
> +	*error = -EPROTO;
> +
> +	profile = alloc_aaprofile();
> +	if (!profile) {
> +		error_string = "Could not allocate profile";
> +		*error = -ENOMEM;
> +		goto fail;
> +	}
> +
> +	/* check that we have the right struct being passed */
> +	AA_READ_X(e, AA_STRUCT, NULL, "profile");
> +	AA_READ_X(e, AA_DYN_STRING, &profile->name, NULL);
> +
> +	error_string = "Invalid flags";
> +	/* per profile debug flags (debug, complain, audit) */
> +	AA_READ_X(e, AA_STRUCT, NULL, "flags");
> +	AA_READ_X(e, AA_U32, &(profile->flags.debug), "profile.flags.debug");
> +	AA_READ_X(e, AA_U32, &(profile->flags.complain),
> +		  "profile.flags.complain");
> +	AA_READ_X(e, AA_U32, &(profile->flags.audit), "profile.flags.audit");
> +	AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
> +
> +	error_string = "Invalid capabilities";
> +	AA_READ_X(e, AA_U32, &(profile->capabilities), "profile.capabilities");
> +
> +	/* get the file entries. */
> +	AA_ENTRY_LIST("pgent");		/* pcre rules */
> +	AA_ENTRY_LIST("sgent");		/* simple globs */
> +	AA_ENTRY_LIST("fent");		/* regular file entries */
> +
> +	/* get the net entries */
> +	if (aa_is_nameX(e, AA_LIST, NULL, "net")) {
> +		error_string = "Invalid net entry";
> +		while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
> +			if (!aa_activate_net_entry(e))
> +				goto fail;
> +		}
> +	}
> +	rulename = "";
> +
> +	/* get subprofiles */
> +	if (aa_is_nameX(e, AA_LIST, NULL, "hats")) {
> +		error_string = "Invalid profile hat";
> +		while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
> +			struct aaprofile *subprofile;
> +			subprofile = aa_activate_profile(e, error);
> +			if (!subprofile)
> +				goto fail;
> +			subprofile->parent = profile;
> +			list_add(&subprofile->list, &profile->sub);
> +		}
> +	}
> +
> +	error_string = "Invalid end of profile";
> +	AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
> +
> +	return profile;

Is this kind of transltion neccessary?
								Pavel
-- 
Thanks, Sharp!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux