From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753950Ab2A0TfP (ORCPT <rfc822;w@1wt.eu>);
	Fri, 27 Jan 2012 14:35:15 -0500
Received: from youngberry.canonical.com ([91.189.89.112]:60766 "EHLO
	youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752914Ab2A0TfM (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Fri, 27 Jan 2012 14:35:12 -0500
Message-ID: <4F22FC6D.6090609@canonical.com>
Date: Fri, 27 Jan 2012 11:35:09 -0800
From: John Johansen <john.johansen@canonical.com>
Organization: Canonical
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120119 Thunderbird/10.0
MIME-Version: 1.0
To: Kees Cook <kees@ubuntu.com>
CC: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 4/4] AppArmor: export known rlimit names/value mappings
 in securityfs
References: <1327624163-21576-1-git-send-email-kees@ubuntu.com> <1327624163-21576-5-git-send-email-kees@ubuntu.com>
In-Reply-To: <1327624163-21576-5-git-send-email-kees@ubuntu.com>
X-Enigmail-Version: 1.3.5
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 01/26/2012 04:29 PM, Kees Cook wrote:
> Since the parser needs to know which rlimits are known to the kernel,
> export the list via a mask file in the "rlimit" subdirectory in the
> securityfs "features" directory.
> 
> Signed-off-by: Kees Cook <kees@ubuntu.com>
Acked-by: John Johansen <john.johansen@canonical.com>


> ---
>  security/apparmor/Makefile           |   24 ++++++++++++++++++------
>  security/apparmor/apparmorfs.c       |    2 ++
>  security/apparmor/include/resource.h |    4 ++++
>  security/apparmor/resource.c         |    5 +++++
>  4 files changed, 29 insertions(+), 6 deletions(-)
> 
> diff --git a/security/apparmor/Makefile b/security/apparmor/Makefile
> index 2dafe50..86103ce 100644
> --- a/security/apparmor/Makefile
> +++ b/security/apparmor/Makefile
> @@ -28,25 +28,37 @@ cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ;\
>  #    [RLIMIT_STACK] = "stack",
>  #
>  # and build a second integer table (with the second sed cmd), that maps
> -# RLIMIT defines to the order defined in asm-generic/resource.h  Thi is
> +# RLIMIT defines to the order defined in asm-generic/resource.h  This is
>  # required by policy load to map policy ordering of RLIMITs to internal
>  # ordering for architectures that redefine an RLIMIT.
>  # Transforms lines from
>  #    #define RLIMIT_STACK		3	/* max stack size */
>  # to
>  # RLIMIT_STACK, 
> +#
> +# and build the securityfs entries for the mapping.
> +# Transforms lines from
> +#    #define RLIMIT_FSIZE        1   /* Maximum filesize */
> +#    #define RLIMIT_STACK		3	/* max stack size */
> +# to
> +# #define AA_FS_RLIMIT_MASK "fsize stack"
>  quiet_cmd_make-rlim = GEN     $@
> -cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ;\
> +cmd_make-rlim = echo "static const char *rlim_names[RLIM_NLIMITS] = {" > $@ ;\
>  	sed $< >> $@ -r -n \
>  	    -e 's/^\# ?define[ \t]+(RLIMIT_([A-Z0-9_]+)).*/[\1] = "\L\2",/p';\
>  	echo "};" >> $@ ;\
> -	echo "static const int rlim_map[] = {" >> $@ ;\
> +	echo "static const int rlim_map[RLIM_NLIMITS] = {" >> $@ ;\
>  	sed -r -n "s/^\# ?define[ \t]+(RLIMIT_[A-Z0-9_]+).*/\1,/p" $< >> $@ ;\
> -	echo "};" >> $@
> +	echo "};" >> $@ ; \
> +	echo -n '\#define AA_FS_RLIMIT_MASK "' >> $@ ;\
> +	sed -r -n 's/^\# ?define[ \t]+RLIMIT_([A-Z0-9_]+).*/\L\1/p' $< | \
> +	    tr '\n' ' ' | sed -e 's/ $$/"\n/' >> $@
>  
>  $(obj)/capability.o : $(obj)/capability_names.h
>  $(obj)/resource.o : $(obj)/rlim_names.h
> -$(obj)/capability_names.h : $(srctree)/include/linux/capability.h
> +$(obj)/capability_names.h : $(srctree)/include/linux/capability.h \
> +			    $(src)/Makefile
>  	$(call cmd,make-caps)
> -$(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h
> +$(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h \
> +		      $(src)/Makefile
>  	$(call cmd,make-rlim)
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 68ce771..38d6262 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -25,6 +25,7 @@
>  #include "include/audit.h"
>  #include "include/context.h"
>  #include "include/policy.h"
> +#include "include/resource.h"
>  
>  /**
>   * aa_simple_write_to_buffer - common routine for getting policy from user
> @@ -202,6 +203,7 @@ static struct aa_fs_entry aa_fs_entry_features[] = {
>  	AA_FS_DIR("file",			aa_fs_entry_file),
>  	AA_FS_FILE_BOOLEAN("namespaces",	1),
>  	AA_FS_FILE_U64("capability",		VFS_CAP_FLAGS_MASK),
> +	AA_FS_DIR("rlimit",			aa_fs_entry_rlimit),
>  	{ }
>  };
>  
> diff --git a/security/apparmor/include/resource.h b/security/apparmor/include/resource.h
> index 02baec7..d3f4cf0 100644
> --- a/security/apparmor/include/resource.h
> +++ b/security/apparmor/include/resource.h
> @@ -18,6 +18,8 @@
>  #include <linux/resource.h>
>  #include <linux/sched.h>
>  
> +#include "apparmorfs.h"
> +
>  struct aa_profile;
>  
>  /* struct aa_rlimit - rlimit settings for the profile
> @@ -32,6 +34,8 @@ struct aa_rlimit {
>  	struct rlimit limits[RLIM_NLIMITS];
>  };
>  
> +extern struct aa_fs_entry aa_fs_entry_rlimit[];
> +
>  int aa_map_resource(int resource);
>  int aa_task_setrlimit(struct aa_profile *profile, struct task_struct *,
>  		      unsigned int resource, struct rlimit *new_rlim);
> diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
> index a4136c1..72c25a4 100644
> --- a/security/apparmor/resource.c
> +++ b/security/apparmor/resource.c
> @@ -23,6 +23,11 @@
>   */
>  #include "rlim_names.h"
>  
> +struct aa_fs_entry aa_fs_entry_rlimit[] = {
> +	AA_FS_FILE_STRING("mask", AA_FS_RLIMIT_MASK),
> +	{ }
> +};
> +
>  /* audit callback for resource specific fields */
>  static void audit_cb(struct audit_buffer *ab, void *va)
>  {