linux/security/apparmor/capability.c
<<
>24.1/spa v 4.1/form v 4.1a >24. href="../linux+v33.19/security/apparmor/capability.c"> >24.1img src="../.static/gfx/right.png" alt=">>"> 1/spa v 1spa class="lxr_search"> >2 ="+search" method="post" onsubmit="return do_search(this);"> >24.1input typ hidden" nam navtarget" on> "> >24.1input typ text" nam search" id search"> >24.1buttptityp submit">Search24. onclick="return ajax_prefs();"> >24.Prefsv 4.1/a> 1/spa v>24. .1/div v>24. .1form ac22> ="ajax+*" method="post" onsubmit="return false;"> 1input typ hidden" nam ajax_lookup" id ajax_lookup" on> "> >24. .1/form v >24. .1div class="headingbottpm">
24.
24. 4. .1div id search_results" class="search_results"v 4 v>24. .1/div v 1div id content">v 1div id file_contents"
. .11/a>1spa  class="comment">/*1/spa  v. .21/a>1spa  class="comment"> * AppArmor security module1/spa  v. .31/a>1spa  class="comment"> *1/spa  v. .41/a>1spa  class="comment"> * This file contains AppArmor capability media/optifunc22> s1/spa  v. .51/a>1spa  class="comment"> *1/spa  v. .61/a>1spa  class="comment"> * Copyright (C) 1998-2008 Novell/SUSE1/spa  v. .71/a>1spa  class="comment"> * Copyright 2009-2010 Canonical Ltd.1/spa  v. .81/a>1spa  class="comment"> *1/spa  v. .91/a>1spa  class="comment"> * This program is free software; you can redistribute it and/or1/spa  v. "2	 a>1spa  class="comment"> * modify it under the terms of the GNU General Public License as1/spa  v. 111/a>1spa  class="comment"> * published by the Free Software Founda/opt, versopti2 of the1/spa  v. 121/a>1spa  class="comment"> * License.1/spa  v. 131/a>1spa  class="comment"> */1/spa  v. 141/a>v. 151/a>#include <linux/capability.h1/a>>v. 161/a>#include <linux/errno.h1/a>>v. 171/a>#include <linux/gfp.h1/a>>v. 181/a>v. 191/a>#include "include/apparmor.h1/a>"v. 201/a>#include "include/capability.h1/a>"v. 211/a>#include "include/context.h1/a>"v. 221/a>#include "include/policy.h1/a>"v. 231/a>#include "include/audit.h1/a>"v. 241/a>v. 251/a>1spa  class="comment">/*1/spa  v. 261/a>1spa  class="comment"> * Table of capability nam s: we generate it from capabilities.h.1/spa  v. 271/a>1spa  class="comment"> */1/spa  v. 281/a>#include "capability_nam s.h1/a>"v. 291/a>v. 301/a>struct.1a href="+code=audit_cache" class="sref">audit_cache1/a> {v. 311/a>        struct.1a href="+code=aa_profile" class="sref">aa_profile1/a> *1a href="+code=profile" class="sref">profile1/a>;v. 321/a>        1a href="+code=kernel_cap_t" class="sref">kernel_cap_t1/a> 1a href="+code=caps" class="sref">caps1/a>;v. 331/a>};v. 341/a>v. 351/a>static 1a href="+code=DEFINE_PER_CPU" class="sref">DEFINE_PER_CPU1/a>(struct.1a href="+code=audit_cache" class="sref">audit_cache1/a>,.1a href="+code=audit_cache" class="sref">audit_cache1/a>);v. 361/a>v. 371/a>1spa  class="comment">/**1/spa  v. 381/a>1spa  class="comment"> * audit_cb - call back for capability components of audit struct1/spa  v. 391/a>1spa  class="comment"> * @ab - audit buffer   (NOT NULL)1/spa  v. 42	 a>1spa  class="comment"> * @va - audit struct.to audit data from  (NOT NULL)1/spa  v. 411/a>1spa  class="comment"> */1/spa  v. 421/a>static void.1a href="+code=audit_cb" class="sref">audit_cb1/a>(struct.1a href="+code=audit_buffer" class="sref">audit_buffer1/a> *1a href="+code=ab" class="sref">ab1/a>,.void.*1a href="+code=va" class="sref">va1/a>)v. 431/a>{v. 441/a>        struct.1a href="+code=common_audit_data" class="sref">common_audit_data1/a> *1a href="+code=sa" class="sref">sa1/a> =.1a href="+code=va" class="sref">va1/a>;v. 451/a>        1a href="+code=audit_log_format" class="sref">audit_log_format1/a>(1a href="+code=ab" class="sref">ab1/a>,.1spa  class="string">" capnam  ". 461/a>        1a href="+code=audit_log_untrustedstring" class="sref">audit_log_untrustedstring1/a>(1a href="+code=ab" class="sref">ab1/a>,.1a href="+code=capability_nam s" class="sref">capability_nam s1/a>[1a href="+code=sa" class="sref">sa1/a>->1a href="+code=u" class="sref">u1/a>.1a href="+code=cap" class="sref">cap1/a>]);v. 471/a>}v. 481/a>v. 491/a>1spa  class="comment">/**1/spa  v. 52	 a>1spa  class="comment"> * audit_caps - audit a capability1/spa  v. 511/a>1spa  class="comment"> * @profile: profile confining task (NOT NULL)1/spa  v. 521/a>1spa  class="comment"> * @task: task capability test was performed against (NOT NULL)1/spa  v. 531/a>1spa  class="comment"> * @cap: capability tested1/spa  v. 541/a>1spa  class="comment"> * @error: error code returned by test1/spa  v. 551/a>1spa  class="comment"> *1/spa  v. 561/a>1spa  class="comment"> * Do auditing of capability and handle, audit/complain/kill modes switching1/spa  v. 571/a>1spa  class="comment"> * and duplicate m ssage elimina/opt.1/spa  v. 581/a>1spa  class="comment"> *1/spa  v. 591/a>1spa  class="comment"> * Returns: 0 or sa->error on succ ss,  error code ptifailure1/spa  v. 62	 a>1spa  class="comment"> */1/spa  v. 611/a>static int.1a href="+code=audit_caps" class="sref">audit_caps1/a>(struct.1a href="+code=aa_profile" class="sref">aa_profile1/a> *1a href="+code=profile" class="sref">profile1/a>, struct.1a href="+code=task_struct" class="sref">task_struct1/a> *1a href="+code=task" class="sref">task1/a>,v. 621/a>                      int.1a href="+code=cap" class="sref">cap1/a>, int.1a href="+code=error" class="sref">error1/a>)v. 631/a>{v. 641/a>        struct.1a href="+code=audit_cache" class="sref">audit_cache1/a> *1a href="+code=ent" class="sref">ent1/a>;v. 651/a>        int.1a href="+code=typ " class="sref">typ 1/a> =.1a href="+code=AUDIT_APPARMOR_AUTO" class="sref">AUDIT_APPARMOR_AUTO1/a>;v. 661/a>        struct.1a href="+code=common_audit_data" class="sref">common_audit_data1/a> 1a href="+code=sa" class="sref">sa1/a>;v. 671/a>        struct.1a href="+code=apparmor_audit_data" class="sref">apparmor_audit_data1/a> 1a href="+code=aad" class="sref">aad1/a> =.{0,};v. 681/a>        1a href="+code=sa" class="sref">sa1/a>.1a href="+code=typ " class="sref">typ 1/a> =.1a href="+code=LSM_AUDIT_DATA_CAP" class="sref">LSM_AUDIT_DATA_CAP1/a>;v. 691/a>        1a href="+code=sa" class="sref">sa1/a>.1a href="+code=aad" class="sref">aad1/a> =.&1a href="+code=aad" class="sref">aad1/a>;v. 701/a>        1a href="+code=sa" class="sref">sa1/a>.1a href="+code=u" class="sref">u1/a>.1a href="+code=cap" class="sref">cap1/a> =.1a href="+code=cap" class="sref">cap1/a>;v. 711/a>        1a href="+code=sa" class="sref">sa1/a>.1a href="+code=aad" class="sref">aad1/a>->1a href="+code=tsk" class="sref">tsk1/a> =.1a href="+code=task" class="sref">task1/a>;v. 721/a>        1a href="+code=sa" class="sref">sa1/a>.1a href="+code=aad" class="sref">aad1/a>->1a href="+code=op" class="sref">op1/a> =.1a href="+code=OP_CAPABLE" class="sref">OP_CAPABLE1/a>;v. 731/a>        1a href="+code=sa" class="sref">sa1/a>.1a href="+code=aad" class="sref">aad1/a>->1a href="+code=error" class="sref">error1/a> =.1a href="+code=error" class="sref">error1/a>;v. 741/a>v. 751/a>        if (1a href="+code=likely" class="sref">likely1/a>(!1a href="+code=error" class="sref">error1/a>)) {v. 761/a>                1spa  class="comment">/* test if auditing is being forced */1/spa  v. 771/a>                if (1a href="+code=likely" class="sref">likely1/a>((1a href="+code=AUDIT_MODE" class="sref">AUDIT_MODE1/a>(1a href="+code=profile" class="sref">profile1/a>) !=.1a href="+code=AUDIT_ALL" class="sref">AUDIT_ALL1/a>) &&v. 781/a>                           !1a href="+code=cap_raised" class="sref">cap_raised1/a>(1a href="+code=profile" class="sref">profile1/a>->1a href="+code=caps" class="sref">caps1/a>.1a href="+code=audit" class="sref">audit1/a>,.1a href="+code=cap" class="sref">cap1/a>)))v. 791/a>                        return 0;v. 801/a>                1a href="+code=typ " class="sref">typ 1/a> =.1a href="+code=AUDIT_APPARMOR_AUDIT" class="sref">AUDIT_APPARMOR_AUDIT1/a>;v. 811/a>        } else if (1a href="+code=KILL_MODE" class="sref">KILL_MODE1/a>(1a href="+code=profile" class="sref">profile1/a>) ||v. 821/a>                   1a href="+code=cap_raised" class="sref">cap_raised1/a>(1a href="+code=profile" class="sref">profile1/a>->1a href="+code=caps" class="sref">caps1/a>.1a href="+code=kill" class="sref">kill1/a>,.1a href="+code=cap" class="sref">cap1/a>)) {v. 831/a>                1a href="+code=typ " class="sref">typ 1/a> =.1a href="+code=AUDIT_APPARMOR_KILL" class="sref">AUDIT_APPARMOR_KILL1/a>;v. 841/a>        } else if (1a href="+code=cap_raised" class="sref">cap_raised1/a>(1a href="+code=profile" class="sref">profile1/a>->1a href="+code=caps" class="sref">caps1/a>.1a href="+code=quiet" class="sref">quiet1/a>,.1a href="+code=cap" class="sref">cap1/a>) &&v. 851/a>                   1a href="+code=AUDIT_MODE" class="sref">AUDIT_MODE1/a>(1a href="+code=profile" class="sref">profile1/a>) !=.1a href="+code=AUDIT_NOQUIET" class="sref">AUDIT_NOQUIET1/a> &&v. 861/a>                   1a href="+code=AUDIT_MODE" class="sref">AUDIT_MODE1/a>(1a href="+code=profile" class="sref">profile1/a>) !=.1a href="+code=AUDIT_ALL" class="sref">AUDIT_ALL1/a>) {v. 871/a>                1spa  class="comment">/* quiet auditing */1/spa  v. 881/a>                return 1a href="+code=error" class="sref">error1/a>;v. 891/a>        }v. 901/a>v. 911/a>        1spa  class="comment">/* Do simple duplicate m ssage elimina/opt */1/spa  v. 921/a>        1a href="+code=ent" class="sref">ent1/a> =.&1a href="+code=get_cpu_var" class="sref">get_cpu_var1/a>(1a href="+code=audit_cache" class="sref">audit_cache1/a>);v. 931/a>        if (1a href="+code=profile" class="sref">profile1/a> ==.1a href="+code=ent" class="sref">ent1/a>->1a href="+code=profile" class="sref">profile1/a> && 1a href="+code=cap_raised" class="sref">cap_raised1/a>(1a href="+code=ent" class="sref">ent1/a>->1a href="+code=caps" class="sref">caps1/a>,.1a href="+code=cap" class="sref">cap1/a>)) {v. 941/a>                1a href="+code=put_cpu_var" class="sref">put_cpu_var1/a>(1a href="+code=audit_cache" class="sref">audit_cache1/a>);v. 951/a>                if (1a href="+code=COMPLAIN_MODE" class="sref">COMPLAIN_MODE1/a>(1a href="+code=profile" class="sref">profile1/a>))v. 961/a>                        return 1a href="+code=complain_error" class="sref">complain_error1/a>(1a href="+code=error" class="sref">error1/a>);v. 971/a>                return 1a href="+code=error" class="sref">error1/a>;v. 981/a>        } else {v. 991/a>                1a href="+code=aa_put_profile" class="sref">aa_put_profile1/a>(1a href="+code=ent" class="sref">ent1/a>->1a href="+code=profile" class="sref">profile1/a>);v.1001/a>                1a href="+code=ent" class="sref">ent1/a>->1a href="+code=profile" class="sref">profile1/a> =.1a href="+code=aa_get_profile" class="sref">aa_get_profile1/a>(1a href="+code=profile" class="sref">profile1/a>);v.1011/a>                1a href="+code=cap_raise" class="sref">cap_raise1/a>(1a href="+code=ent" class="sref">ent1/a>->1a href="+code=caps" class="sref">caps1/a>,.1a href="+code=cap" class="sref">cap1/a>);v.1021/a>        }v.1031/a>        1a href="+code=put_cpu_var" class="sref">put_cpu_var1/a>(1a href="+code=audit_cache" class="sref">audit_cache1/a>);v.1041/a>v.1051/a>        return 1a href="+code=aa_audit" class="sref">aa_audit1/a>(1a href="+code=typ " class="sref">typ 1/a>,.1a href="+code=profile" class="sref">profile1/a>, 1a href="+code=GFP_ATOMIC" class="sref">GFP_ATOMIC1/a>, &1a href="+code=sa" class="sref">sa1/a>,.1a href="+code=audit_cb" class="sref">audit_cb1/a>);v.1061/a>}v.1071/a>v.1081/a>1spa  class="comment">/**1/spa  v.1091/a>1spa  class="comment"> * profile_capable - test if profile allows use of capability @cap1/spa  v.1"2	 a>1spa  class="comment"> * @profile: profile being enforced    (NOT NULL, NOT unconfined)1/spa  v.1111/a>1spa  class="comment"> * @cap: capability to test if allowed1/spa  v.1121/a>1spa  class="comment"> *1/spa  v.1131/a>1spa  class="comment"> * Returns: 0 if allowed else -EPERM1/spa  v.1141/a>1spa  class="comment"> */1/spa  v.1151/a>static int.1a href="+code=profile_capable" class="sref">profile_capable1/a>(struct.1a href="+code=aa_profile" class="sref">aa_profile1/a> *1a href="+code=profile" class="sref">profile1/a>, int.1a href="+code=cap" class="sref">cap1/a>)v.1161/a>{v.1171/a>        return 1a href="+code=cap_raised" class="sref">cap_raised1/a>(1a href="+code=profile" class="sref">profile1/a>->1a href="+code=caps" class="sref">caps1/a>.1a href="+code=allow" class="sref">allow1/a>,.1a href="+code=cap" class="sref">cap1/a>) ? 0 : -1a href="+code=EPERM" class="sref">EPERM1/a>;v.1181/a>}v.1191/a>v.122	 a>1spa  class="comment">/**1/spa  v.1211/a>1spa  class="comment"> * aa_capable - test permissoptito use capability1/spa  v.1221/a>1spa  class="comment"> * @task: task doing capability test against (NOT NULL)1/spa  v.1231/a>1spa  class="comment"> * @profile: profile confining @task (NOT NULL)1/spa  v.1241/a>1spa  class="comment"> * @cap: capability to be tested1/spa  v.1251/a>1spa  class="comment"> * @audit: whether a  audit record should be generated1/spa  v.1261/a>1spa  class="comment"> *1/spa  v.1271/a>1spa  class="comment"> * Look up capability in profile capability set.1/spa  v.1281/a>1spa  class="comment"> *1/spa  v.1291/a>1spa  class="comment"> * Returns: 0 on succ ss, or else a  error code.1/spa  v.132	 a>1spa  class="comment"> */1/spa  v.1311/a>int.1a href="+code=aa_capable" class="sref">aa_capable1/a>(struct.1a href="+code=task_struct" class="sref">task_struct1/a> *1a href="+code=task" class="sref">task1/a>, struct.1a href="+code=aa_profile" class="sref">aa_profile1/a> *1a href="+code=profile" class="sref">profile1/a>, int.1a href="+code=cap" class="sref">cap1/a>,v.1321/a>               int.1a href="+code=audit" class="sref">audit1/a>)v.1331/a>{v.1341/a>        int.1a href="+code=error" class="sref">error1/a> =.1a href="+code=profile_capable" class="sref">profile_capable1/a>(1a href="+code=profile" class="sref">profile1/a>, 1a href="+code=cap" class="sref">cap1/a>);v.1351/a>v.1361/a>        if (!1a href="+code=audit" class="sref">audit1/a>) {v.1371/a>                if (1a href="+code=COMPLAIN_MODE" class="sref">COMPLAIN_MODE1/a>(1a href="+code=profile" class="sref">profile1/a>))v.1381/a>                        return 1a href="+code=complain_error" class="sref">complain_error1/a>(1a href="+code=error" class="sref">error1/a>);v.1391/a>                return 1a href="+code=error" class="sref">error1/a>;v.1401/a>        }v.1411/a>v.1421/a>        return 1a href="+code=audit_caps" class="sref">audit_caps1/a>(1a href="+code=profile" class="sref">profile1/a>, 1a href="+code=task" class="sref">task1/a>, 1a href="+code=cap" class="sref">cap1/a>,.1a href="+code=error" class="sref">error1/a>);v.1431/a>}v.1441/a>
The original LXR software by the LXR community1/a>,.this experimental versoptiby lxr@linux.no1/a>. 1/div v1div class="subfooter"> lxr.linux.no kindly hostediby Redpill Linpro AS1/a>,.provider of Linux consulting and operat2> s services since 1995. 1/div v 1/body v1/html v