security/apparmor/task.c

Source file repositories/reference/linux-study-clean/security/apparmor/task.c

File Facts

System
Linux kernel
Corpus path
security/apparmor/task.c
Extension
.c
Size
9464 bytes
Lines
373
Domain
Core OS
Bucket
Security And Isolation
Inferred role
Core OS: implementation source
Status
source implementation candidate

Why This File Exists

Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.

Dependency Surface

Detected Declarations

Annotated Snippet

if (ad->denied & AA_PTRACE_PERM_MASK) {
			audit_log_format(ab, " denied_mask=\"%s\"",
					 audit_ptrace_mask(ad->denied));
		}
	}
	audit_log_format(ab, " peer=");
	aa_label_xaudit(ab, labels_ns(ad->subj_label), ad->peer,
			FLAGS_NONE, GFP_ATOMIC);
}

/* assumes check for RULE_MEDIATES is already done */
/* TODO: conditionals */
static int profile_ptrace_perm(const struct cred *cred,
			       struct aa_profile *profile,
			       struct aa_label *peer, u32 request,
			       struct apparmor_audit_data *ad)
{
	struct aa_ruleset *rules = profile->label.rules[0];
	struct aa_perms perms = { };

	ad->subj_cred = cred;
	ad->peer = peer;
	aa_profile_match_label(profile, rules, peer, AA_CLASS_PTRACE, request,
			       &perms);
	aa_apply_modes_to_perms(profile, &perms);
	return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb);
}

static int profile_tracee_perm(const struct cred *cred,
			       struct aa_profile *tracee,
			       struct aa_label *tracer, u32 request,
			       struct apparmor_audit_data *ad)
{
	if (profile_unconfined(tracee) || unconfined(tracer) ||
	    !label_mediates(&tracee->label, AA_CLASS_PTRACE))
		return 0;

	return profile_ptrace_perm(cred, tracee, tracer, request, ad);
}

static int profile_tracer_perm(const struct cred *cred,
			       struct aa_profile *tracer,
			       struct aa_label *tracee, u32 request,
			       struct apparmor_audit_data *ad)
{
	if (profile_unconfined(tracer))
		return 0;

	if (label_mediates(&tracer->label, AA_CLASS_PTRACE))
		return profile_ptrace_perm(cred, tracer, tracee, request, ad);

	/* profile uses the old style capability check for ptrace */
	if (&tracer->label == tracee)
		return 0;

	ad->subj_label = &tracer->label;
	ad->peer = tracee;
	ad->request = 0;
	ad->error = aa_capable(cred, &tracer->label, CAP_SYS_PTRACE,
			       CAP_OPT_NONE);

	return aa_audit(AUDIT_APPARMOR_AUTO, tracer, ad, audit_ptrace_cb);
}

/**
 * aa_may_ptrace - test if tracer task can trace the tracee
 * @tracer_cred: cred of task doing the tracing  (NOT NULL)
 * @tracer: label of the task doing the tracing  (NOT NULL)
 * @tracee_cred: cred of task to be traced
 * @tracee: task label to be traced
 * @request: permission request
 *
 * Returns: %0 else error code if permission denied or error
 */
int aa_may_ptrace(const struct cred *tracer_cred, struct aa_label *tracer,
		  const struct cred *tracee_cred, struct aa_label *tracee,
		  u32 request)
{
	struct aa_profile *profile;
	u32 xrequest = request << PTRACE_PERM_SHIFT;
	DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_NONE, AA_CLASS_PTRACE, OP_PTRACE);

	return xcheck_labels(tracer, tracee, profile,
			profile_tracer_perm(tracer_cred, profile, tracee,
					    request, &sa),
			profile_tracee_perm(tracee_cred, profile, tracer,
					    xrequest, &sa));
}

static const char *get_current_exe_path(char *buffer, int buffer_size)

Annotation

Implementation Notes