* [PATCH 0/4] AppArmor: refactor securityfs to use structures
@ 2012-01-27 0:29 Kees Cook
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
` (5 more replies)
0 siblings, 6 replies; 13+ messages in thread
From: Kees Cook @ 2012-01-27 0:29 UTC (permalink / raw)
To: linux-security-module; +Cc: linux-kernel, John Johansen
This is the ground-work for expanding the AppArmor securityfs to include
useful information that the userspace tools can more easily interact with.
Presently, this is only static information about the state of AppArmor.
-Kees
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH 1/4] AppArmor: refactor securityfs to use structures
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
@ 2012-01-27 0:29 ` Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 2/4] AppArmor: add initial "features" directory to securityfs Kees Cook
` (4 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Kees Cook @ 2012-01-27 0:29 UTC (permalink / raw)
To: linux-security-module; +Cc: linux-kernel, John Johansen, Kees Cook
From: Kees Cook <kees@outflux.net>
Use a file tree structure to represent the AppArmor securityfs.
Signed-off-by: Kees Cook <kees@ubuntu.com>
---
security/apparmor/apparmorfs.c | 132 ++++++++++++++++++++++----------
security/apparmor/include/apparmorfs.h | 24 ++++++
2 files changed, 114 insertions(+), 42 deletions(-)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index e39df6d..1e22bb3 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -144,36 +144,103 @@ static const struct file_operations aa_fs_profile_remove = {
/** Base file system setup **/
-static struct dentry *aa_fs_dentry __initdata;
+static struct aa_fs_entry aa_fs_entry_apparmor[] = {
+ AA_FS_FILE_FOPS(".load", 0640, &aa_fs_profile_load),
+ AA_FS_FILE_FOPS(".replace", 0640, &aa_fs_profile_replace),
+ AA_FS_FILE_FOPS(".remove", 0640, &aa_fs_profile_remove),
+ { }
+};
-static void __init aafs_remove(const char *name)
-{
- struct dentry *dentry;
+static struct aa_fs_entry aa_fs_entry =
+ AA_FS_DIR("apparmor", aa_fs_entry_apparmor);
- dentry = lookup_one_len(name, aa_fs_dentry, strlen(name));
- if (!IS_ERR(dentry)) {
- securityfs_remove(dentry);
- dput(dentry);
+/**
+ * aafs_create_file - create a file entry in the apparmor securityfs
+ * @fs_file: aa_fs_entry to build an entry for (NOT NULL)
+ * @parent: the parent dentry in the securityfs
+ *
+ * Use aafs_remove_file to remove entries created with this fn.
+ */
+static int __init aafs_create_file(struct aa_fs_entry *fs_file,
+ struct dentry *parent)
+{
+ int error = 0;
+
+ fs_file->dentry = securityfs_create_file(fs_file->name,
+ S_IFREG | fs_file->mode,
+ parent, fs_file,
+ fs_file->file_ops);
+ if (IS_ERR(fs_file->dentry)) {
+ error = PTR_ERR(fs_file->dentry);
+ fs_file->dentry = NULL;
}
+ return error;
}
/**
- * aafs_create - create an entry in the apparmor filesystem
- * @name: name of the entry (NOT NULL)
- * @mask: file permission mask of the file
- * @fops: file operations for the file (NOT NULL)
+ * aafs_create_dir - recursively create a directory entry in the securityfs
+ * @fs_dir: aa_fs_entry (and all child entries) to build (NOT NULL)
+ * @parent: the parent dentry in the securityfs
*
- * Used aafs_remove to remove entries created with this fn.
+ * Use aafs_remove_dir to remove entries created with this fn.
*/
-static int __init aafs_create(const char *name, umode_t mask,
- const struct file_operations *fops)
+static int __init aafs_create_dir(struct aa_fs_entry *fs_dir,
+ struct dentry *parent)
{
- struct dentry *dentry;
+ int error;
+ struct aa_fs_entry *fs_file;
- dentry = securityfs_create_file(name, S_IFREG | mask, aa_fs_dentry,
- NULL, fops);
+ fs_dir->dentry = securityfs_create_dir(fs_dir->name, parent);
+ if (IS_ERR(fs_dir->dentry)) {
+ error = PTR_ERR(fs_dir->dentry);
+ fs_dir->dentry = NULL;
+ goto failed;
+ }
- return IS_ERR(dentry) ? PTR_ERR(dentry) : 0;
+ for (fs_file = fs_dir->v.files; fs_file->name; ++fs_file) {
+ if (fs_file->v_type == AA_FS_TYPE_DIR)
+ error = aafs_create_dir(fs_file, fs_dir->dentry);
+ else
+ error = aafs_create_file(fs_file, fs_dir->dentry);
+ if (error)
+ goto failed;
+ }
+
+ return 0;
+
+failed:
+ return error;
+}
+
+/**
+ * aafs_remove_file - drop a single file entry in the apparmor securityfs
+ * @fs_file: aa_fs_entry to detach from the securityfs (NOT NULL)
+ */
+static void __init aafs_remove_file(struct aa_fs_entry *fs_file)
+{
+ if (!fs_file->dentry)
+ return;
+
+ securityfs_remove(fs_file->dentry);
+ fs_file->dentry = NULL;
+}
+
+/**
+ * aafs_remove_dir - recursively drop a directory entry from the securityfs
+ * @fs_dir: aa_fs_entry (and all child entries) to detach (NOT NULL)
+ */
+static void __init aafs_remove_dir(struct aa_fs_entry *fs_dir)
+{
+ struct aa_fs_entry *fs_file;
+
+ for (fs_file = fs_dir->v.files; fs_file->name; ++fs_file) {
+ if (fs_file->v_type == AA_FS_TYPE_DIR)
+ aafs_remove_dir(fs_file);
+ else
+ aafs_remove_file(fs_file);
+ }
+
+ aafs_remove_file(fs_dir);
}
/**
@@ -183,14 +250,7 @@ static int __init aafs_create(const char *name, umode_t mask,
*/
void __init aa_destroy_aafs(void)
{
- if (aa_fs_dentry) {
- aafs_remove(".remove");
- aafs_remove(".replace");
- aafs_remove(".load");
-
- securityfs_remove(aa_fs_dentry);
- aa_fs_dentry = NULL;
- }
+ aafs_remove_dir(&aa_fs_entry);
}
/**
@@ -207,25 +267,13 @@ static int __init aa_create_aafs(void)
if (!apparmor_initialized)
return 0;
- if (aa_fs_dentry) {
+ if (aa_fs_entry.dentry) {
AA_ERROR("%s: AppArmor securityfs already exists\n", __func__);
return -EEXIST;
}
- aa_fs_dentry = securityfs_create_dir("apparmor", NULL);
- if (IS_ERR(aa_fs_dentry)) {
- error = PTR_ERR(aa_fs_dentry);
- aa_fs_dentry = NULL;
- goto error;
- }
-
- error = aafs_create(".load", 0640, &aa_fs_profile_load);
- if (error)
- goto error;
- error = aafs_create(".replace", 0640, &aa_fs_profile_replace);
- if (error)
- goto error;
- error = aafs_create(".remove", 0640, &aa_fs_profile_remove);
+ /* Populate fs tree. */
+ error = aafs_create_dir(&aa_fs_entry, NULL);
if (error)
goto error;
diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
index cb1e93a..4fdf02f 100644
--- a/security/apparmor/include/apparmorfs.h
+++ b/security/apparmor/include/apparmorfs.h
@@ -15,6 +15,30 @@
#ifndef __AA_APPARMORFS_H
#define __AA_APPARMORFS_H
+enum aa_fs_type {
+ AA_FS_TYPE_FOPS,
+ AA_FS_TYPE_DIR,
+};
+
+struct aa_fs_entry;
+
+struct aa_fs_entry {
+ const char *name;
+ struct dentry *dentry;
+ umode_t mode;
+ enum aa_fs_type v_type;
+ union {
+ struct aa_fs_entry *files;
+ } v;
+ const struct file_operations *file_ops;
+};
+
+#define AA_FS_FILE_FOPS(_name, _mode, _fops) \
+ { .name = (_name), .v_type = AA_FS_TYPE_FOPS, \
+ .mode = (_mode), .file_ops = (_fops) }
+#define AA_FS_DIR(_name, _value) \
+ { .name = (_name), .v_type = AA_FS_TYPE_DIR, .v.files = (_value) }
+
extern void __init aa_destroy_aafs(void);
#endif /* __AA_APPARMORFS_H */
--
1.7.0.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 2/4] AppArmor: add initial "features" directory to securityfs
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
@ 2012-01-27 0:29 ` Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 3/4] AppArmor: add "file" details " Kees Cook
` (3 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Kees Cook @ 2012-01-27 0:29 UTC (permalink / raw)
To: linux-security-module; +Cc: linux-kernel, John Johansen, Kees Cook
From: Kees Cook <kees@outflux.net>
This adds the "features" subdirectory to the AppArmor securityfs
to display boolean features flags and the known capability mask.
Signed-off-by: Kees Cook <kees@ubuntu.com>
---
security/apparmor/apparmorfs.c | 52 ++++++++++++++++++++++++++++++++
security/apparmor/include/apparmorfs.h | 14 ++++++++
2 files changed, 66 insertions(+), 0 deletions(-)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 1e22bb3..36efe64 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -18,6 +18,7 @@
#include <linux/seq_file.h>
#include <linux/uaccess.h>
#include <linux/namei.h>
+#include <linux/capability.h>
#include "include/apparmor.h"
#include "include/apparmorfs.h"
@@ -142,12 +143,63 @@ static const struct file_operations aa_fs_profile_remove = {
.llseek = default_llseek,
};
+static int aa_fs_seq_show(struct seq_file *seq, void *v)
+{
+ struct aa_fs_entry *fs_file = seq->private;
+
+ if (!fs_file)
+ return 0;
+
+ switch (fs_file->v_type) {
+ case AA_FS_TYPE_BOOLEAN:
+ seq_printf(seq, "%s\n", fs_file->v.boolean ? "yes" : "no");
+ break;
+ case AA_FS_TYPE_U64:
+ seq_printf(seq, "%#08lx\n", fs_file->v.u64);
+ break;
+ default:
+ /* Ignore unpritable entry types. */
+ break;
+ }
+
+ return 0;
+}
+
+static int aa_fs_seq_open(struct inode *inode, struct file *file)
+{
+ return single_open(file, aa_fs_seq_show, inode->i_private);
+}
+
+const struct file_operations aa_fs_seq_file_ops = {
+ .owner = THIS_MODULE,
+ .open = aa_fs_seq_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+ .release = single_release,
+};
+
/** Base file system setup **/
+static struct aa_fs_entry aa_fs_entry_domain[] = {
+ AA_FS_FILE_BOOLEAN("change_hat", 1),
+ AA_FS_FILE_BOOLEAN("change_hatv", 1),
+ AA_FS_FILE_BOOLEAN("change_onexec", 1),
+ AA_FS_FILE_BOOLEAN("change_profile", 1),
+ { }
+};
+
+static struct aa_fs_entry aa_fs_entry_features[] = {
+ AA_FS_DIR("domain", aa_fs_entry_domain),
+ AA_FS_FILE_BOOLEAN("namespaces", 1),
+ AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
+ { }
+};
+
static struct aa_fs_entry aa_fs_entry_apparmor[] = {
AA_FS_FILE_FOPS(".load", 0640, &aa_fs_profile_load),
AA_FS_FILE_FOPS(".replace", 0640, &aa_fs_profile_replace),
AA_FS_FILE_FOPS(".remove", 0640, &aa_fs_profile_remove),
+ AA_FS_DIR("features", aa_fs_entry_features),
{ }
};
diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
index 4fdf02f..16e6545 100644
--- a/security/apparmor/include/apparmorfs.h
+++ b/security/apparmor/include/apparmorfs.h
@@ -16,6 +16,8 @@
#define __AA_APPARMORFS_H
enum aa_fs_type {
+ AA_FS_TYPE_BOOLEAN,
+ AA_FS_TYPE_U64,
AA_FS_TYPE_FOPS,
AA_FS_TYPE_DIR,
};
@@ -28,11 +30,23 @@ struct aa_fs_entry {
umode_t mode;
enum aa_fs_type v_type;
union {
+ bool boolean;
+ unsigned long u64;
struct aa_fs_entry *files;
} v;
const struct file_operations *file_ops;
};
+extern const struct file_operations aa_fs_seq_file_ops;
+
+#define AA_FS_FILE_BOOLEAN(_name, _value) \
+ { .name = (_name), .mode = 0444, \
+ .v_type = AA_FS_TYPE_BOOLEAN, .v.boolean = (_value), \
+ .file_ops = &aa_fs_seq_file_ops }
+#define AA_FS_FILE_U64(_name, _value) \
+ { .name = (_name), .mode = 0444, \
+ .v_type = AA_FS_TYPE_U64, .v.u64 = (_value), \
+ .file_ops = &aa_fs_seq_file_ops }
#define AA_FS_FILE_FOPS(_name, _mode, _fops) \
{ .name = (_name), .v_type = AA_FS_TYPE_FOPS, \
.mode = (_mode), .file_ops = (_fops) }
--
1.7.0.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 3/4] AppArmor: add "file" details to securityfs
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
2012-01-27 0:29 ` [PATCH 2/4] AppArmor: add initial "features" directory to securityfs Kees Cook
@ 2012-01-27 0:29 ` Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs Kees Cook
` (2 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Kees Cook @ 2012-01-27 0:29 UTC (permalink / raw)
To: linux-security-module; +Cc: linux-kernel, John Johansen
Create the "file" directory in the securityfs for tracking features
related to files.
Signed-off-by: Kees Cook <kees@ubuntu.com>
---
security/apparmor/apparmorfs.c | 10 ++++++++++
security/apparmor/include/apparmorfs.h | 6 ++++++
2 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 36efe64..68ce771 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -154,6 +154,9 @@ static int aa_fs_seq_show(struct seq_file *seq, void *v)
case AA_FS_TYPE_BOOLEAN:
seq_printf(seq, "%s\n", fs_file->v.boolean ? "yes" : "no");
break;
+ case AA_FS_TYPE_STRING:
+ seq_printf(seq, "%s\n", fs_file->v.string);
+ break;
case AA_FS_TYPE_U64:
seq_printf(seq, "%#08lx\n", fs_file->v.u64);
break;
@@ -180,6 +183,12 @@ const struct file_operations aa_fs_seq_file_ops = {
/** Base file system setup **/
+static struct aa_fs_entry aa_fs_entry_file[] = {
+ AA_FS_FILE_STRING("mask", "create read write exec append mmap_exec " \
+ "link lock"),
+ { }
+};
+
static struct aa_fs_entry aa_fs_entry_domain[] = {
AA_FS_FILE_BOOLEAN("change_hat", 1),
AA_FS_FILE_BOOLEAN("change_hatv", 1),
@@ -190,6 +199,7 @@ static struct aa_fs_entry aa_fs_entry_domain[] = {
static struct aa_fs_entry aa_fs_entry_features[] = {
AA_FS_DIR("domain", aa_fs_entry_domain),
+ AA_FS_DIR("file", aa_fs_entry_file),
AA_FS_FILE_BOOLEAN("namespaces", 1),
AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
{ }
diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
index 16e6545..7ea4769 100644
--- a/security/apparmor/include/apparmorfs.h
+++ b/security/apparmor/include/apparmorfs.h
@@ -17,6 +17,7 @@
enum aa_fs_type {
AA_FS_TYPE_BOOLEAN,
+ AA_FS_TYPE_STRING,
AA_FS_TYPE_U64,
AA_FS_TYPE_FOPS,
AA_FS_TYPE_DIR,
@@ -31,6 +32,7 @@ struct aa_fs_entry {
enum aa_fs_type v_type;
union {
bool boolean;
+ char *string;
unsigned long u64;
struct aa_fs_entry *files;
} v;
@@ -43,6 +45,10 @@ extern const struct file_operations aa_fs_seq_file_ops;
{ .name = (_name), .mode = 0444, \
.v_type = AA_FS_TYPE_BOOLEAN, .v.boolean = (_value), \
.file_ops = &aa_fs_seq_file_ops }
+#define AA_FS_FILE_STRING(_name, _value) \
+ { .name = (_name), .mode = 0444, \
+ .v_type = AA_FS_TYPE_STRING, .v.string = (_value), \
+ .file_ops = &aa_fs_seq_file_ops }
#define AA_FS_FILE_U64(_name, _value) \
{ .name = (_name), .mode = 0444, \
.v_type = AA_FS_TYPE_U64, .v.u64 = (_value), \
--
1.7.0.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
` (2 preceding siblings ...)
2012-01-27 0:29 ` [PATCH 3/4] AppArmor: add "file" details " Kees Cook
@ 2012-01-27 0:29 ` Kees Cook
2012-01-27 19:35 ` John Johansen
2012-01-27 18:54 ` [PATCH 0/4] AppArmor: refactor securityfs to use structures Casey Schaufler
2012-01-27 19:38 ` John Johansen
5 siblings, 1 reply; 13+ messages in thread
From: Kees Cook @ 2012-01-27 0:29 UTC (permalink / raw)
To: linux-security-module; +Cc: linux-kernel, John Johansen
Since the parser needs to know which rlimits are known to the kernel,
export the list via a mask file in the "rlimit" subdirectory in the
securityfs "features" directory.
Signed-off-by: Kees Cook <kees@ubuntu.com>
---
security/apparmor/Makefile | 24 ++++++++++++++++++------
security/apparmor/apparmorfs.c | 2 ++
security/apparmor/include/resource.h | 4 ++++
security/apparmor/resource.c | 5 +++++
4 files changed, 29 insertions(+), 6 deletions(-)
diff --git a/security/apparmor/Makefile b/security/apparmor/Makefile
index 2dafe50..86103ce 100644
--- a/security/apparmor/Makefile
+++ b/security/apparmor/Makefile
@@ -28,25 +28,37 @@ cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ;\
# [RLIMIT_STACK] = "stack",
#
# and build a second integer table (with the second sed cmd), that maps
-# RLIMIT defines to the order defined in asm-generic/resource.h Thi is
+# RLIMIT defines to the order defined in asm-generic/resource.h This is
# required by policy load to map policy ordering of RLIMITs to internal
# ordering for architectures that redefine an RLIMIT.
# Transforms lines from
# #define RLIMIT_STACK 3 /* max stack size */
# to
# RLIMIT_STACK,
+#
+# and build the securityfs entries for the mapping.
+# Transforms lines from
+# #define RLIMIT_FSIZE 1 /* Maximum filesize */
+# #define RLIMIT_STACK 3 /* max stack size */
+# to
+# #define AA_FS_RLIMIT_MASK "fsize stack"
quiet_cmd_make-rlim = GEN $@
-cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ;\
+cmd_make-rlim = echo "static const char *rlim_names[RLIM_NLIMITS] = {" > $@ ;\
sed $< >> $@ -r -n \
-e 's/^\# ?define[ \t]+(RLIMIT_([A-Z0-9_]+)).*/[\1] = "\L\2",/p';\
echo "};" >> $@ ;\
- echo "static const int rlim_map[] = {" >> $@ ;\
+ echo "static const int rlim_map[RLIM_NLIMITS] = {" >> $@ ;\
sed -r -n "s/^\# ?define[ \t]+(RLIMIT_[A-Z0-9_]+).*/\1,/p" $< >> $@ ;\
- echo "};" >> $@
+ echo "};" >> $@ ; \
+ echo -n '\#define AA_FS_RLIMIT_MASK "' >> $@ ;\
+ sed -r -n 's/^\# ?define[ \t]+RLIMIT_([A-Z0-9_]+).*/\L\1/p' $< | \
+ tr '\n' ' ' | sed -e 's/ $$/"\n/' >> $@
$(obj)/capability.o : $(obj)/capability_names.h
$(obj)/resource.o : $(obj)/rlim_names.h
-$(obj)/capability_names.h : $(srctree)/include/linux/capability.h
+$(obj)/capability_names.h : $(srctree)/include/linux/capability.h \
+ $(src)/Makefile
$(call cmd,make-caps)
-$(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h
+$(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h \
+ $(src)/Makefile
$(call cmd,make-rlim)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 68ce771..38d6262 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -25,6 +25,7 @@
#include "include/audit.h"
#include "include/context.h"
#include "include/policy.h"
+#include "include/resource.h"
/**
* aa_simple_write_to_buffer - common routine for getting policy from user
@@ -202,6 +203,7 @@ static struct aa_fs_entry aa_fs_entry_features[] = {
AA_FS_DIR("file", aa_fs_entry_file),
AA_FS_FILE_BOOLEAN("namespaces", 1),
AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
+ AA_FS_DIR("rlimit", aa_fs_entry_rlimit),
{ }
};
diff --git a/security/apparmor/include/resource.h b/security/apparmor/include/resource.h
index 02baec7..d3f4cf0 100644
--- a/security/apparmor/include/resource.h
+++ b/security/apparmor/include/resource.h
@@ -18,6 +18,8 @@
#include <linux/resource.h>
#include <linux/sched.h>
+#include "apparmorfs.h"
+
struct aa_profile;
/* struct aa_rlimit - rlimit settings for the profile
@@ -32,6 +34,8 @@ struct aa_rlimit {
struct rlimit limits[RLIM_NLIMITS];
};
+extern struct aa_fs_entry aa_fs_entry_rlimit[];
+
int aa_map_resource(int resource);
int aa_task_setrlimit(struct aa_profile *profile, struct task_struct *,
unsigned int resource, struct rlimit *new_rlim);
diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index a4136c1..72c25a4 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -23,6 +23,11 @@
*/
#include "rlim_names.h"
+struct aa_fs_entry aa_fs_entry_rlimit[] = {
+ AA_FS_FILE_STRING("mask", AA_FS_RLIMIT_MASK),
+ { }
+};
+
/* audit callback for resource specific fields */
static void audit_cb(struct audit_buffer *ab, void *va)
{
--
1.7.0.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH 0/4] AppArmor: refactor securityfs to use structures
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
` (3 preceding siblings ...)
2012-01-27 0:29 ` [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs Kees Cook
@ 2012-01-27 18:54 ` Casey Schaufler
2012-01-27 20:05 ` Kees Cook
2012-01-27 19:38 ` John Johansen
5 siblings, 1 reply; 13+ messages in thread
From: Casey Schaufler @ 2012-01-27 18:54 UTC (permalink / raw)
To: Kees Cook
Cc: linux-security-module, linux-kernel, John Johansen, Casey Schaufler
On 1/26/2012 4:29 PM, Kees Cook wrote:
> This is the ground-work for expanding the AppArmor securityfs to include
> useful information that the userspace tools can more easily interact with.
> Presently, this is only static information about the state of AppArmor.
If you're making changes for securityfs do you suppose that
you might do all of us LSM developers a huge favor and add an
entry that reports the active LSM? It's something that has been
on my todo list for ages and would make everyone's life so much
easier. /sys/kernel/security/LSM which contains the name of the
active LSM would be very handy.
>
> -Kees
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 1/4] AppArmor: refactor securityfs to use structures
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
@ 2012-01-27 19:34 ` John Johansen
0 siblings, 0 replies; 13+ messages in thread
From: John Johansen @ 2012-01-27 19:34 UTC (permalink / raw)
To: Kees Cook; +Cc: linux-security-module, linux-kernel, Kees Cook
On 01/26/2012 04:29 PM, Kees Cook wrote:
> From: Kees Cook <kees@outflux.net>
>
> Use a file tree structure to represent the AppArmor securityfs.
>
> Signed-off-by: Kees Cook <kees@ubuntu.com>
Acked-by: John Johansen <john.johansen@canonical.com>
> ---
> security/apparmor/apparmorfs.c | 132 ++++++++++++++++++++++----------
> security/apparmor/include/apparmorfs.h | 24 ++++++
> 2 files changed, 114 insertions(+), 42 deletions(-)
>
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index e39df6d..1e22bb3 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -144,36 +144,103 @@ static const struct file_operations aa_fs_profile_remove = {
>
> /** Base file system setup **/
>
> -static struct dentry *aa_fs_dentry __initdata;
> +static struct aa_fs_entry aa_fs_entry_apparmor[] = {
> + AA_FS_FILE_FOPS(".load", 0640, &aa_fs_profile_load),
> + AA_FS_FILE_FOPS(".replace", 0640, &aa_fs_profile_replace),
> + AA_FS_FILE_FOPS(".remove", 0640, &aa_fs_profile_remove),
> + { }
> +};
>
> -static void __init aafs_remove(const char *name)
> -{
> - struct dentry *dentry;
> +static struct aa_fs_entry aa_fs_entry =
> + AA_FS_DIR("apparmor", aa_fs_entry_apparmor);
>
> - dentry = lookup_one_len(name, aa_fs_dentry, strlen(name));
> - if (!IS_ERR(dentry)) {
> - securityfs_remove(dentry);
> - dput(dentry);
> +/**
> + * aafs_create_file - create a file entry in the apparmor securityfs
> + * @fs_file: aa_fs_entry to build an entry for (NOT NULL)
> + * @parent: the parent dentry in the securityfs
> + *
> + * Use aafs_remove_file to remove entries created with this fn.
> + */
> +static int __init aafs_create_file(struct aa_fs_entry *fs_file,
> + struct dentry *parent)
> +{
> + int error = 0;
> +
> + fs_file->dentry = securityfs_create_file(fs_file->name,
> + S_IFREG | fs_file->mode,
> + parent, fs_file,
> + fs_file->file_ops);
> + if (IS_ERR(fs_file->dentry)) {
> + error = PTR_ERR(fs_file->dentry);
> + fs_file->dentry = NULL;
> }
> + return error;
> }
>
> /**
> - * aafs_create - create an entry in the apparmor filesystem
> - * @name: name of the entry (NOT NULL)
> - * @mask: file permission mask of the file
> - * @fops: file operations for the file (NOT NULL)
> + * aafs_create_dir - recursively create a directory entry in the securityfs
> + * @fs_dir: aa_fs_entry (and all child entries) to build (NOT NULL)
> + * @parent: the parent dentry in the securityfs
> *
> - * Used aafs_remove to remove entries created with this fn.
> + * Use aafs_remove_dir to remove entries created with this fn.
> */
> -static int __init aafs_create(const char *name, umode_t mask,
> - const struct file_operations *fops)
> +static int __init aafs_create_dir(struct aa_fs_entry *fs_dir,
> + struct dentry *parent)
> {
> - struct dentry *dentry;
> + int error;
> + struct aa_fs_entry *fs_file;
>
> - dentry = securityfs_create_file(name, S_IFREG | mask, aa_fs_dentry,
> - NULL, fops);
> + fs_dir->dentry = securityfs_create_dir(fs_dir->name, parent);
> + if (IS_ERR(fs_dir->dentry)) {
> + error = PTR_ERR(fs_dir->dentry);
> + fs_dir->dentry = NULL;
> + goto failed;
> + }
>
> - return IS_ERR(dentry) ? PTR_ERR(dentry) : 0;
> + for (fs_file = fs_dir->v.files; fs_file->name; ++fs_file) {
> + if (fs_file->v_type == AA_FS_TYPE_DIR)
> + error = aafs_create_dir(fs_file, fs_dir->dentry);
> + else
> + error = aafs_create_file(fs_file, fs_dir->dentry);
> + if (error)
> + goto failed;
> + }
> +
> + return 0;
> +
> +failed:
> + return error;
> +}
> +
> +/**
> + * aafs_remove_file - drop a single file entry in the apparmor securityfs
> + * @fs_file: aa_fs_entry to detach from the securityfs (NOT NULL)
> + */
> +static void __init aafs_remove_file(struct aa_fs_entry *fs_file)
> +{
> + if (!fs_file->dentry)
> + return;
> +
> + securityfs_remove(fs_file->dentry);
> + fs_file->dentry = NULL;
> +}
> +
> +/**
> + * aafs_remove_dir - recursively drop a directory entry from the securityfs
> + * @fs_dir: aa_fs_entry (and all child entries) to detach (NOT NULL)
> + */
> +static void __init aafs_remove_dir(struct aa_fs_entry *fs_dir)
> +{
> + struct aa_fs_entry *fs_file;
> +
> + for (fs_file = fs_dir->v.files; fs_file->name; ++fs_file) {
> + if (fs_file->v_type == AA_FS_TYPE_DIR)
> + aafs_remove_dir(fs_file);
> + else
> + aafs_remove_file(fs_file);
> + }
> +
> + aafs_remove_file(fs_dir);
> }
>
> /**
> @@ -183,14 +250,7 @@ static int __init aafs_create(const char *name, umode_t mask,
> */
> void __init aa_destroy_aafs(void)
> {
> - if (aa_fs_dentry) {
> - aafs_remove(".remove");
> - aafs_remove(".replace");
> - aafs_remove(".load");
> -
> - securityfs_remove(aa_fs_dentry);
> - aa_fs_dentry = NULL;
> - }
> + aafs_remove_dir(&aa_fs_entry);
> }
>
> /**
> @@ -207,25 +267,13 @@ static int __init aa_create_aafs(void)
> if (!apparmor_initialized)
> return 0;
>
> - if (aa_fs_dentry) {
> + if (aa_fs_entry.dentry) {
> AA_ERROR("%s: AppArmor securityfs already exists\n", __func__);
> return -EEXIST;
> }
>
> - aa_fs_dentry = securityfs_create_dir("apparmor", NULL);
> - if (IS_ERR(aa_fs_dentry)) {
> - error = PTR_ERR(aa_fs_dentry);
> - aa_fs_dentry = NULL;
> - goto error;
> - }
> -
> - error = aafs_create(".load", 0640, &aa_fs_profile_load);
> - if (error)
> - goto error;
> - error = aafs_create(".replace", 0640, &aa_fs_profile_replace);
> - if (error)
> - goto error;
> - error = aafs_create(".remove", 0640, &aa_fs_profile_remove);
> + /* Populate fs tree. */
> + error = aafs_create_dir(&aa_fs_entry, NULL);
> if (error)
> goto error;
>
> diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
> index cb1e93a..4fdf02f 100644
> --- a/security/apparmor/include/apparmorfs.h
> +++ b/security/apparmor/include/apparmorfs.h
> @@ -15,6 +15,30 @@
> #ifndef __AA_APPARMORFS_H
> #define __AA_APPARMORFS_H
>
> +enum aa_fs_type {
> + AA_FS_TYPE_FOPS,
> + AA_FS_TYPE_DIR,
> +};
> +
> +struct aa_fs_entry;
> +
> +struct aa_fs_entry {
> + const char *name;
> + struct dentry *dentry;
> + umode_t mode;
> + enum aa_fs_type v_type;
> + union {
> + struct aa_fs_entry *files;
> + } v;
> + const struct file_operations *file_ops;
> +};
> +
> +#define AA_FS_FILE_FOPS(_name, _mode, _fops) \
> + { .name = (_name), .v_type = AA_FS_TYPE_FOPS, \
> + .mode = (_mode), .file_ops = (_fops) }
> +#define AA_FS_DIR(_name, _value) \
> + { .name = (_name), .v_type = AA_FS_TYPE_DIR, .v.files = (_value) }
> +
> extern void __init aa_destroy_aafs(void);
>
> #endif /* __AA_APPARMORFS_H */
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 2/4] AppArmor: add initial "features" directory to securityfs
2012-01-27 0:29 ` [PATCH 2/4] AppArmor: add initial "features" directory to securityfs Kees Cook
@ 2012-01-27 19:34 ` John Johansen
0 siblings, 0 replies; 13+ messages in thread
From: John Johansen @ 2012-01-27 19:34 UTC (permalink / raw)
To: Kees Cook; +Cc: linux-security-module, linux-kernel, Kees Cook
On 01/26/2012 04:29 PM, Kees Cook wrote:
> From: Kees Cook <kees@outflux.net>
>
> This adds the "features" subdirectory to the AppArmor securityfs
> to display boolean features flags and the known capability mask.
>
> Signed-off-by: Kees Cook <kees@ubuntu.com>
Acked-by: John Johansen <john.johansen@canonical.com>
> ---
> security/apparmor/apparmorfs.c | 52 ++++++++++++++++++++++++++++++++
> security/apparmor/include/apparmorfs.h | 14 ++++++++
> 2 files changed, 66 insertions(+), 0 deletions(-)
>
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 1e22bb3..36efe64 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -18,6 +18,7 @@
> #include <linux/seq_file.h>
> #include <linux/uaccess.h>
> #include <linux/namei.h>
> +#include <linux/capability.h>
>
> #include "include/apparmor.h"
> #include "include/apparmorfs.h"
> @@ -142,12 +143,63 @@ static const struct file_operations aa_fs_profile_remove = {
> .llseek = default_llseek,
> };
>
> +static int aa_fs_seq_show(struct seq_file *seq, void *v)
> +{
> + struct aa_fs_entry *fs_file = seq->private;
> +
> + if (!fs_file)
> + return 0;
> +
> + switch (fs_file->v_type) {
> + case AA_FS_TYPE_BOOLEAN:
> + seq_printf(seq, "%s\n", fs_file->v.boolean ? "yes" : "no");
> + break;
> + case AA_FS_TYPE_U64:
> + seq_printf(seq, "%#08lx\n", fs_file->v.u64);
> + break;
> + default:
> + /* Ignore unpritable entry types. */
> + break;
> + }
> +
> + return 0;
> +}
> +
> +static int aa_fs_seq_open(struct inode *inode, struct file *file)
> +{
> + return single_open(file, aa_fs_seq_show, inode->i_private);
> +}
> +
> +const struct file_operations aa_fs_seq_file_ops = {
> + .owner = THIS_MODULE,
> + .open = aa_fs_seq_open,
> + .read = seq_read,
> + .llseek = seq_lseek,
> + .release = single_release,
> +};
> +
> /** Base file system setup **/
>
> +static struct aa_fs_entry aa_fs_entry_domain[] = {
> + AA_FS_FILE_BOOLEAN("change_hat", 1),
> + AA_FS_FILE_BOOLEAN("change_hatv", 1),
> + AA_FS_FILE_BOOLEAN("change_onexec", 1),
> + AA_FS_FILE_BOOLEAN("change_profile", 1),
> + { }
> +};
> +
> +static struct aa_fs_entry aa_fs_entry_features[] = {
> + AA_FS_DIR("domain", aa_fs_entry_domain),
> + AA_FS_FILE_BOOLEAN("namespaces", 1),
> + AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
> + { }
> +};
> +
> static struct aa_fs_entry aa_fs_entry_apparmor[] = {
> AA_FS_FILE_FOPS(".load", 0640, &aa_fs_profile_load),
> AA_FS_FILE_FOPS(".replace", 0640, &aa_fs_profile_replace),
> AA_FS_FILE_FOPS(".remove", 0640, &aa_fs_profile_remove),
> + AA_FS_DIR("features", aa_fs_entry_features),
> { }
> };
>
> diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
> index 4fdf02f..16e6545 100644
> --- a/security/apparmor/include/apparmorfs.h
> +++ b/security/apparmor/include/apparmorfs.h
> @@ -16,6 +16,8 @@
> #define __AA_APPARMORFS_H
>
> enum aa_fs_type {
> + AA_FS_TYPE_BOOLEAN,
> + AA_FS_TYPE_U64,
> AA_FS_TYPE_FOPS,
> AA_FS_TYPE_DIR,
> };
> @@ -28,11 +30,23 @@ struct aa_fs_entry {
> umode_t mode;
> enum aa_fs_type v_type;
> union {
> + bool boolean;
> + unsigned long u64;
> struct aa_fs_entry *files;
> } v;
> const struct file_operations *file_ops;
> };
>
> +extern const struct file_operations aa_fs_seq_file_ops;
> +
> +#define AA_FS_FILE_BOOLEAN(_name, _value) \
> + { .name = (_name), .mode = 0444, \
> + .v_type = AA_FS_TYPE_BOOLEAN, .v.boolean = (_value), \
> + .file_ops = &aa_fs_seq_file_ops }
> +#define AA_FS_FILE_U64(_name, _value) \
> + { .name = (_name), .mode = 0444, \
> + .v_type = AA_FS_TYPE_U64, .v.u64 = (_value), \
> + .file_ops = &aa_fs_seq_file_ops }
> #define AA_FS_FILE_FOPS(_name, _mode, _fops) \
> { .name = (_name), .v_type = AA_FS_TYPE_FOPS, \
> .mode = (_mode), .file_ops = (_fops) }
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 3/4] AppArmor: add "file" details to securityfs
2012-01-27 0:29 ` [PATCH 3/4] AppArmor: add "file" details " Kees Cook
@ 2012-01-27 19:34 ` John Johansen
0 siblings, 0 replies; 13+ messages in thread
From: John Johansen @ 2012-01-27 19:34 UTC (permalink / raw)
To: Kees Cook; +Cc: linux-security-module, linux-kernel
On 01/26/2012 04:29 PM, Kees Cook wrote:
> Create the "file" directory in the securityfs for tracking features
> related to files.
>
> Signed-off-by: Kees Cook <kees@ubuntu.com>
Acked-by: John Johansen <john.johansen@canonical.com>
> ---
> security/apparmor/apparmorfs.c | 10 ++++++++++
> security/apparmor/include/apparmorfs.h | 6 ++++++
> 2 files changed, 16 insertions(+), 0 deletions(-)
>
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 36efe64..68ce771 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -154,6 +154,9 @@ static int aa_fs_seq_show(struct seq_file *seq, void *v)
> case AA_FS_TYPE_BOOLEAN:
> seq_printf(seq, "%s\n", fs_file->v.boolean ? "yes" : "no");
> break;
> + case AA_FS_TYPE_STRING:
> + seq_printf(seq, "%s\n", fs_file->v.string);
> + break;
> case AA_FS_TYPE_U64:
> seq_printf(seq, "%#08lx\n", fs_file->v.u64);
> break;
> @@ -180,6 +183,12 @@ const struct file_operations aa_fs_seq_file_ops = {
>
> /** Base file system setup **/
>
> +static struct aa_fs_entry aa_fs_entry_file[] = {
> + AA_FS_FILE_STRING("mask", "create read write exec append mmap_exec " \
> + "link lock"),
> + { }
> +};
> +
> static struct aa_fs_entry aa_fs_entry_domain[] = {
> AA_FS_FILE_BOOLEAN("change_hat", 1),
> AA_FS_FILE_BOOLEAN("change_hatv", 1),
> @@ -190,6 +199,7 @@ static struct aa_fs_entry aa_fs_entry_domain[] = {
>
> static struct aa_fs_entry aa_fs_entry_features[] = {
> AA_FS_DIR("domain", aa_fs_entry_domain),
> + AA_FS_DIR("file", aa_fs_entry_file),
> AA_FS_FILE_BOOLEAN("namespaces", 1),
> AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
> { }
> diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
> index 16e6545..7ea4769 100644
> --- a/security/apparmor/include/apparmorfs.h
> +++ b/security/apparmor/include/apparmorfs.h
> @@ -17,6 +17,7 @@
>
> enum aa_fs_type {
> AA_FS_TYPE_BOOLEAN,
> + AA_FS_TYPE_STRING,
> AA_FS_TYPE_U64,
> AA_FS_TYPE_FOPS,
> AA_FS_TYPE_DIR,
> @@ -31,6 +32,7 @@ struct aa_fs_entry {
> enum aa_fs_type v_type;
> union {
> bool boolean;
> + char *string;
> unsigned long u64;
> struct aa_fs_entry *files;
> } v;
> @@ -43,6 +45,10 @@ extern const struct file_operations aa_fs_seq_file_ops;
> { .name = (_name), .mode = 0444, \
> .v_type = AA_FS_TYPE_BOOLEAN, .v.boolean = (_value), \
> .file_ops = &aa_fs_seq_file_ops }
> +#define AA_FS_FILE_STRING(_name, _value) \
> + { .name = (_name), .mode = 0444, \
> + .v_type = AA_FS_TYPE_STRING, .v.string = (_value), \
> + .file_ops = &aa_fs_seq_file_ops }
> #define AA_FS_FILE_U64(_name, _value) \
> { .name = (_name), .mode = 0444, \
> .v_type = AA_FS_TYPE_U64, .v.u64 = (_value), \
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs
2012-01-27 0:29 ` [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs Kees Cook
@ 2012-01-27 19:35 ` John Johansen
0 siblings, 0 replies; 13+ messages in thread
From: John Johansen @ 2012-01-27 19:35 UTC (permalink / raw)
To: Kees Cook; +Cc: linux-security-module, linux-kernel
On 01/26/2012 04:29 PM, Kees Cook wrote:
> Since the parser needs to know which rlimits are known to the kernel,
> export the list via a mask file in the "rlimit" subdirectory in the
> securityfs "features" directory.
>
> Signed-off-by: Kees Cook <kees@ubuntu.com>
Acked-by: John Johansen <john.johansen@canonical.com>
> ---
> security/apparmor/Makefile | 24 ++++++++++++++++++------
> security/apparmor/apparmorfs.c | 2 ++
> security/apparmor/include/resource.h | 4 ++++
> security/apparmor/resource.c | 5 +++++
> 4 files changed, 29 insertions(+), 6 deletions(-)
>
> diff --git a/security/apparmor/Makefile b/security/apparmor/Makefile
> index 2dafe50..86103ce 100644
> --- a/security/apparmor/Makefile
> +++ b/security/apparmor/Makefile
> @@ -28,25 +28,37 @@ cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ;\
> # [RLIMIT_STACK] = "stack",
> #
> # and build a second integer table (with the second sed cmd), that maps
> -# RLIMIT defines to the order defined in asm-generic/resource.h Thi is
> +# RLIMIT defines to the order defined in asm-generic/resource.h This is
> # required by policy load to map policy ordering of RLIMITs to internal
> # ordering for architectures that redefine an RLIMIT.
> # Transforms lines from
> # #define RLIMIT_STACK 3 /* max stack size */
> # to
> # RLIMIT_STACK,
> +#
> +# and build the securityfs entries for the mapping.
> +# Transforms lines from
> +# #define RLIMIT_FSIZE 1 /* Maximum filesize */
> +# #define RLIMIT_STACK 3 /* max stack size */
> +# to
> +# #define AA_FS_RLIMIT_MASK "fsize stack"
> quiet_cmd_make-rlim = GEN $@
> -cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ;\
> +cmd_make-rlim = echo "static const char *rlim_names[RLIM_NLIMITS] = {" > $@ ;\
> sed $< >> $@ -r -n \
> -e 's/^\# ?define[ \t]+(RLIMIT_([A-Z0-9_]+)).*/[\1] = "\L\2",/p';\
> echo "};" >> $@ ;\
> - echo "static const int rlim_map[] = {" >> $@ ;\
> + echo "static const int rlim_map[RLIM_NLIMITS] = {" >> $@ ;\
> sed -r -n "s/^\# ?define[ \t]+(RLIMIT_[A-Z0-9_]+).*/\1,/p" $< >> $@ ;\
> - echo "};" >> $@
> + echo "};" >> $@ ; \
> + echo -n '\#define AA_FS_RLIMIT_MASK "' >> $@ ;\
> + sed -r -n 's/^\# ?define[ \t]+RLIMIT_([A-Z0-9_]+).*/\L\1/p' $< | \
> + tr '\n' ' ' | sed -e 's/ $$/"\n/' >> $@
>
> $(obj)/capability.o : $(obj)/capability_names.h
> $(obj)/resource.o : $(obj)/rlim_names.h
> -$(obj)/capability_names.h : $(srctree)/include/linux/capability.h
> +$(obj)/capability_names.h : $(srctree)/include/linux/capability.h \
> + $(src)/Makefile
> $(call cmd,make-caps)
> -$(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h
> +$(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h \
> + $(src)/Makefile
> $(call cmd,make-rlim)
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 68ce771..38d6262 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -25,6 +25,7 @@
> #include "include/audit.h"
> #include "include/context.h"
> #include "include/policy.h"
> +#include "include/resource.h"
>
> /**
> * aa_simple_write_to_buffer - common routine for getting policy from user
> @@ -202,6 +203,7 @@ static struct aa_fs_entry aa_fs_entry_features[] = {
> AA_FS_DIR("file", aa_fs_entry_file),
> AA_FS_FILE_BOOLEAN("namespaces", 1),
> AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
> + AA_FS_DIR("rlimit", aa_fs_entry_rlimit),
> { }
> };
>
> diff --git a/security/apparmor/include/resource.h b/security/apparmor/include/resource.h
> index 02baec7..d3f4cf0 100644
> --- a/security/apparmor/include/resource.h
> +++ b/security/apparmor/include/resource.h
> @@ -18,6 +18,8 @@
> #include <linux/resource.h>
> #include <linux/sched.h>
>
> +#include "apparmorfs.h"
> +
> struct aa_profile;
>
> /* struct aa_rlimit - rlimit settings for the profile
> @@ -32,6 +34,8 @@ struct aa_rlimit {
> struct rlimit limits[RLIM_NLIMITS];
> };
>
> +extern struct aa_fs_entry aa_fs_entry_rlimit[];
> +
> int aa_map_resource(int resource);
> int aa_task_setrlimit(struct aa_profile *profile, struct task_struct *,
> unsigned int resource, struct rlimit *new_rlim);
> diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
> index a4136c1..72c25a4 100644
> --- a/security/apparmor/resource.c
> +++ b/security/apparmor/resource.c
> @@ -23,6 +23,11 @@
> */
> #include "rlim_names.h"
>
> +struct aa_fs_entry aa_fs_entry_rlimit[] = {
> + AA_FS_FILE_STRING("mask", AA_FS_RLIMIT_MASK),
> + { }
> +};
> +
> /* audit callback for resource specific fields */
> static void audit_cb(struct audit_buffer *ab, void *va)
> {
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 0/4] AppArmor: refactor securityfs to use structures
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
` (4 preceding siblings ...)
2012-01-27 18:54 ` [PATCH 0/4] AppArmor: refactor securityfs to use structures Casey Schaufler
@ 2012-01-27 19:38 ` John Johansen
2012-01-30 1:09 ` James Morris
5 siblings, 1 reply; 13+ messages in thread
From: John Johansen @ 2012-01-27 19:38 UTC (permalink / raw)
To: James Morris; +Cc: Kees Cook, linux-security-module, linux-kernel
On 01/26/2012 04:29 PM, Kees Cook wrote:
> This is the ground-work for expanding the AppArmor securityfs to include
> useful information that the userspace tools can more easily interact with.
> Presently, this is only static information about the state of AppArmor.
>
James,
if no one else has issues with these, I will pull these patches into the
apparmor tree to batch them together as pull request with some other
apparmor patches
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 0/4] AppArmor: refactor securityfs to use structures
2012-01-27 18:54 ` [PATCH 0/4] AppArmor: refactor securityfs to use structures Casey Schaufler
@ 2012-01-27 20:05 ` Kees Cook
0 siblings, 0 replies; 13+ messages in thread
From: Kees Cook @ 2012-01-27 20:05 UTC (permalink / raw)
To: Casey Schaufler; +Cc: linux-security-module, linux-kernel, John Johansen
Hi Casey,
On Fri, Jan 27, 2012 at 10:54:12AM -0800, Casey Schaufler wrote:
> On 1/26/2012 4:29 PM, Kees Cook wrote:
> >This is the ground-work for expanding the AppArmor securityfs to include
> >useful information that the userspace tools can more easily interact with.
> >Presently, this is only static information about the state of AppArmor.
>
> If you're making changes for securityfs do you suppose that
> you might do all of us LSM developers a huge favor and add an
> entry that reports the active LSM? It's something that has been
> on my todo list for ages and would make everyone's life so much
> easier. /sys/kernel/security/LSM which contains the name of the
> active LSM would be very handy.
Should that appear in the securityfs? Normally one can just mount it
and look to see what's in there. And, I'm nervous to add a file here
without a good LSM stacking plan yet. I'd hate to create another interface
that needs to be redefined later. :)
-Kees
--
Kees Cook
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 0/4] AppArmor: refactor securityfs to use structures
2012-01-27 19:38 ` John Johansen
@ 2012-01-30 1:09 ` James Morris
0 siblings, 0 replies; 13+ messages in thread
From: James Morris @ 2012-01-30 1:09 UTC (permalink / raw)
To: John Johansen; +Cc: Kees Cook, linux-security-module, linux-kernel
On Fri, 27 Jan 2012, John Johansen wrote:
> On 01/26/2012 04:29 PM, Kees Cook wrote:
> > This is the ground-work for expanding the AppArmor securityfs to include
> > useful information that the userspace tools can more easily interact with.
> > Presently, this is only static information about the state of AppArmor.
> >
> James,
>
> if no one else has issues with these, I will pull these patches into the
> apparmor tree to batch them together as pull request with some other
> apparmor patches
Great.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2012-01-30 1:09 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 2/4] AppArmor: add initial "features" directory to securityfs Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 3/4] AppArmor: add "file" details " Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs Kees Cook
2012-01-27 19:35 ` John Johansen
2012-01-27 18:54 ` [PATCH 0/4] AppArmor: refactor securityfs to use structures Casey Schaufler
2012-01-27 20:05 ` Kees Cook
2012-01-27 19:38 ` John Johansen
2012-01-30 1:09 ` James Morris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).