security/apparmor/task.c
Source file repositories/reference/linux-study-clean/security/apparmor/task.c
File Facts
- System
- Linux kernel
- Corpus path
security/apparmor/task.c- Extension
.c- Size
- 9464 bytes
- Lines
- 373
- Domain
- Core OS
- Bucket
- Security And Isolation
- Inferred role
- Core OS: implementation source
- Status
- source implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Uses kernel synchronization; read lock ordering, sleepability, and interrupt context assumptions before translating.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/gfp.hlinux/ptrace.hinclude/path.hinclude/audit.hinclude/cred.hinclude/policy.hinclude/task.h
Detected Declarations
function aa_replace_current_labelfunction aa_set_current_onexecfunction aa_set_current_hatfunction aa_restore_previous_labelfunction audit_ptrace_cbfunction profile_ptrace_permfunction profile_tracee_permfunction profile_tracer_permfunction aa_may_ptracefunction audit_ns_cbfunction aa_profile_ns_perm
Annotated Snippet
if (ad->denied & AA_PTRACE_PERM_MASK) {
audit_log_format(ab, " denied_mask=\"%s\"",
audit_ptrace_mask(ad->denied));
}
}
audit_log_format(ab, " peer=");
aa_label_xaudit(ab, labels_ns(ad->subj_label), ad->peer,
FLAGS_NONE, GFP_ATOMIC);
}
/* assumes check for RULE_MEDIATES is already done */
/* TODO: conditionals */
static int profile_ptrace_perm(const struct cred *cred,
struct aa_profile *profile,
struct aa_label *peer, u32 request,
struct apparmor_audit_data *ad)
{
struct aa_ruleset *rules = profile->label.rules[0];
struct aa_perms perms = { };
ad->subj_cred = cred;
ad->peer = peer;
aa_profile_match_label(profile, rules, peer, AA_CLASS_PTRACE, request,
&perms);
aa_apply_modes_to_perms(profile, &perms);
return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb);
}
static int profile_tracee_perm(const struct cred *cred,
struct aa_profile *tracee,
struct aa_label *tracer, u32 request,
struct apparmor_audit_data *ad)
{
if (profile_unconfined(tracee) || unconfined(tracer) ||
!label_mediates(&tracee->label, AA_CLASS_PTRACE))
return 0;
return profile_ptrace_perm(cred, tracee, tracer, request, ad);
}
static int profile_tracer_perm(const struct cred *cred,
struct aa_profile *tracer,
struct aa_label *tracee, u32 request,
struct apparmor_audit_data *ad)
{
if (profile_unconfined(tracer))
return 0;
if (label_mediates(&tracer->label, AA_CLASS_PTRACE))
return profile_ptrace_perm(cred, tracer, tracee, request, ad);
/* profile uses the old style capability check for ptrace */
if (&tracer->label == tracee)
return 0;
ad->subj_label = &tracer->label;
ad->peer = tracee;
ad->request = 0;
ad->error = aa_capable(cred, &tracer->label, CAP_SYS_PTRACE,
CAP_OPT_NONE);
return aa_audit(AUDIT_APPARMOR_AUTO, tracer, ad, audit_ptrace_cb);
}
/**
* aa_may_ptrace - test if tracer task can trace the tracee
* @tracer_cred: cred of task doing the tracing (NOT NULL)
* @tracer: label of the task doing the tracing (NOT NULL)
* @tracee_cred: cred of task to be traced
* @tracee: task label to be traced
* @request: permission request
*
* Returns: %0 else error code if permission denied or error
*/
int aa_may_ptrace(const struct cred *tracer_cred, struct aa_label *tracer,
const struct cred *tracee_cred, struct aa_label *tracee,
u32 request)
{
struct aa_profile *profile;
u32 xrequest = request << PTRACE_PERM_SHIFT;
DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_NONE, AA_CLASS_PTRACE, OP_PTRACE);
return xcheck_labels(tracer, tracee, profile,
profile_tracer_perm(tracer_cred, profile, tracee,
request, &sa),
profile_tracee_perm(tracee_cred, profile, tracer,
xrequest, &sa));
}
static const char *get_current_exe_path(char *buffer, int buffer_size)
Annotation
- Immediate include surface: `linux/gfp.h`, `linux/ptrace.h`, `include/path.h`, `include/audit.h`, `include/cred.h`, `include/policy.h`, `include/task.h`.
- Detected declarations: `function aa_replace_current_label`, `function aa_set_current_onexec`, `function aa_set_current_hat`, `function aa_restore_previous_label`, `function audit_ptrace_cb`, `function profile_ptrace_perm`, `function profile_tracee_perm`, `function profile_tracer_perm`, `function aa_may_ptrace`, `function audit_ns_cb`.
- Atlas domain: Core OS / Security And Isolation.
- Implementation status: source implementation candidate.
- Synchronization appears in or near this file; preserve lock ordering, sleepability, and interrupt-context constraints.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.