1 /*
2  * AppArmor security module
3  *
4  * This file contains AppArmor contexts used to associate "labels" to objects.
5  *
6  * Copyright (C) 1998-2008 Novell/SUSE
7  * Copyright 2009-2010 Canonical Ltd.
8  *
9  * This program is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU General Public License as
11  * published by the Free Software Foundation, version 2 of the
12  * License.
13  */
14 
15 #ifndef __AA_CONTEXT_H
16 #define __AA_CONTEXT_H
17 
18 #include <linux/cred.h>
19 #include <linux/slab.h>
20 #include <linux/sched.h>
21 
22 #include "policy.h"
23 
24 /* struct aa_file_cxt - the AppArmor context the file was opened in
25  * @perms: the permission the file was opened with
26  *
27  * The file_cxt could currently be directly stored in file->f_security
28  * as the profile reference is now stored in the f_cred.  However the
29  * cxt struct will expand in the future so we keep the struct.
30  */
31 struct aa_file_cxt {
32 	u16 allow;
33 };
34 
35 /**
36  * aa_alloc_file_context - allocate file_cxt
37  * @gfp: gfp flags for allocation
38  *
39  * Returns: file_cxt or NULL on failure
40  */
aa_alloc_file_context(gfp_t gfp)41 static inline struct aa_file_cxt *aa_alloc_file_context(gfp_t gfp)
42 {
43 	return kzalloc(sizeof(struct aa_file_cxt), gfp);
44 }
45 
46 /**
47  * aa_free_file_context - free a file_cxt
48  * @cxt: file_cxt to free  (MAYBE_NULL)
49  */
aa_free_file_context(struct aa_file_cxt * cxt)50 static inline void aa_free_file_context(struct aa_file_cxt *cxt)
51 {
52 	if (cxt)
53 		kzfree(cxt);
54 }
55 
56 /**
57  * struct aa_task_cxt - primary label for confined tasks
58  * @profile: the current profile   (NOT NULL)
59  * @exec: profile to transition to on next exec  (MAYBE NULL)
60  * @previous: profile the task may return to     (MAYBE NULL)
61  * @token: magic value the task must know for returning to @previous_profile
62  *
63  * Contains the task's current profile (which could change due to
64  * change_hat).  Plus the hat_magic needed during change_hat.
65  *
66  * TODO: make so a task can be confined by a stack of contexts
67  */
68 struct aa_task_cxt {
69 	struct aa_profile *profile;
70 	struct aa_profile *onexec;
71 	struct aa_profile *previous;
72 	u64 token;
73 };
74 
75 struct aa_task_cxt *aa_alloc_task_context(gfp_t flags);
76 void aa_free_task_context(struct aa_task_cxt *cxt);
77 void aa_dup_task_context(struct aa_task_cxt *new,
78 			 const struct aa_task_cxt *old);
79 int aa_replace_current_profile(struct aa_profile *profile);
80 int aa_set_current_onexec(struct aa_profile *profile);
81 int aa_set_current_hat(struct aa_profile *profile, u64 token);
82 int aa_restore_previous_profile(u64 cookie);
83 
84 /**
85  * __aa_task_is_confined - determine if @task has any confinement
86  * @task: task to check confinement of  (NOT NULL)
87  *
88  * If @task != current needs to be called in RCU safe critical section
89  */
__aa_task_is_confined(struct task_struct * task)90 static inline bool __aa_task_is_confined(struct task_struct *task)
91 {
92 	struct aa_task_cxt *cxt = __task_cred(task)->security;
93 
94 	BUG_ON(!cxt || !cxt->profile);
95 	if (unconfined(aa_newest_version(cxt->profile)))
96 		return 0;
97 
98 	return 1;
99 }
100 
101 /**
102  * aa_cred_profile - obtain cred's profiles
103  * @cred: cred to obtain profiles from  (NOT NULL)
104  *
105  * Returns: confining profile
106  *
107  * does NOT increment reference count
108  */
aa_cred_profile(const struct cred * cred)109 static inline struct aa_profile *aa_cred_profile(const struct cred *cred)
110 {
111 	struct aa_task_cxt *cxt = cred->security;
112 	BUG_ON(!cxt || !cxt->profile);
113 	return aa_newest_version(cxt->profile);
114 }
115 
116 /**
117  * __aa_current_profile - find the current tasks confining profile
118  *
119  * Returns: up to date confining profile or the ns unconfined profile (NOT NULL)
120  *
121  * This fn will not update the tasks cred to the most up to date version
122  * of the profile so it is safe to call when inside of locks.
123  */
__aa_current_profile(void)124 static inline struct aa_profile *__aa_current_profile(void)
125 {
126 	return aa_cred_profile(current_cred());
127 }
128 
129 /**
130  * aa_current_profile - find the current tasks confining profile and do updates
131  *
132  * Returns: up to date confining profile or the ns unconfined profile (NOT NULL)
133  *
134  * This fn will update the tasks cred structure if the profile has been
135  * replaced.  Not safe to call inside locks
136  */
aa_current_profile(void)137 static inline struct aa_profile *aa_current_profile(void)
138 {
139 	const struct aa_task_cxt *cxt = current_cred()->security;
140 	struct aa_profile *profile;
141 	BUG_ON(!cxt || !cxt->profile);
142 
143 	profile = aa_newest_version(cxt->profile);
144 	/*
145 	 * Whether or not replacement succeeds, use newest profile so
146 	 * there is no need to update it after replacement.
147 	 */
148 	if (unlikely((cxt->profile != profile)))
149 		aa_replace_current_profile(profile);
150 
151 	return profile;
152 }
153 
154 #endif /* __AA_CONTEXT_H */
155