From: Tony Jones <tonyj@suse.de>
To: Pavel Machek <pavel@suse.cz>
Cc: linux-kernel@vger.kernel.org, chrisw@sous-sol.org,
linux-security-module@vger.kernel.org
Subject: Re: [RFC][PATCH 6/11] security: AppArmor - Userspace interface
Date: Fri, 21 Apr 2006 11:01:15 -0700 [thread overview]
Message-ID: <20060421180115.GB740@suse.de> (raw)
In-Reply-To: <20060420213943.GD2360@ucw.cz>
On Thu, Apr 20, 2006 at 09:39:43PM +0000, Pavel Machek wrote:
> Hi!
>
> > This patch implements the interface between the userspace policy loader
> > and the kernel module. It is called by the .load, .remove and .replace
> > file_operations hooks implemented in apparmorfs.c.
> >
> > The code is reponsible for serializing data in a platform independant
> > manner from userspace and creating/activating the necessary apparmor
> > profiles.
>
> Documentation patch describing what kind of data you pass here would
> be nice.
Very true. We will add it.
> > +#include "match/match.h"
> > +
> > +/* aa_code defined in module_interface.h */
> > +
> > +const int aacode_datasize[] = { 1, 2, 4, 8, 2, 2, 4, 0, 0, 0, 0, 0, 0 };
>
> I believe this needs a comment.
Yep.
> > +
> > +/* inlines must be forward of there use in newer version of gcc,
> > + just forward declaring with a prototype won't work anymore */
>
> their use?
Thanks
> > +/**
> > + * aa_activate_profile - unpack a serialized profile
> > + * @e: serialized data extent information
> > + * @error: error code returned if unpacking fails
> > + */
> > +static struct aaprofile *aa_activate_profile(struct aa_ext *e, ssize_t *error)
> > +{
> > + struct aaprofile *profile = NULL;
> > + const char *rulename = "";
> > + const char *error_string = "Invalid Profile";
> > +
> > + *error = -EPROTO;
> > +
> > + profile = alloc_aaprofile();
> > + if (!profile) {
> > + error_string = "Could not allocate profile";
> > + *error = -ENOMEM;
> > + goto fail;
> > + }
> > +
> > + /* check that we have the right struct being passed */
> > + AA_READ_X(e, AA_STRUCT, NULL, "profile");
> > + AA_READ_X(e, AA_DYN_STRING, &profile->name, NULL);
> > +
> > + error_string = "Invalid flags";
> > + /* per profile debug flags (debug, complain, audit) */
> > + AA_READ_X(e, AA_STRUCT, NULL, "flags");
> > + AA_READ_X(e, AA_U32, &(profile->flags.debug), "profile.flags.debug");
> > + AA_READ_X(e, AA_U32, &(profile->flags.complain),
> > + "profile.flags.complain");
> > + AA_READ_X(e, AA_U32, &(profile->flags.audit), "profile.flags.audit");
> > + AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
> > +
> > + error_string = "Invalid capabilities";
> > + AA_READ_X(e, AA_U32, &(profile->capabilities), "profile.capabilities");
> > +
> > + /* get the file entries. */
> > + AA_ENTRY_LIST("pgent"); /* pcre rules */
> > + AA_ENTRY_LIST("sgent"); /* simple globs */
> > + AA_ENTRY_LIST("fent"); /* regular file entries */
> > +
> > + /* get the net entries */
> > + if (aa_is_nameX(e, AA_LIST, NULL, "net")) {
> > + error_string = "Invalid net entry";
> > + while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
> > + if (!aa_activate_net_entry(e))
> > + goto fail;
> > + }
> > + }
> > + rulename = "";
> > +
> > + /* get subprofiles */
> > + if (aa_is_nameX(e, AA_LIST, NULL, "hats")) {
> > + error_string = "Invalid profile hat";
> > + while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
> > + struct aaprofile *subprofile;
> > + subprofile = aa_activate_profile(e, error);
> > + if (!subprofile)
> > + goto fail;
> > + subprofile->parent = profile;
> > + list_add(&subprofile->list, &profile->sub);
> > + }
> > + }
> > +
> > + error_string = "Invalid end of profile";
> > + AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
> > +
> > + return profile;
>
> Is this kind of transltion neccessary?
Don't understand. Please expand/clarify. The code serializes the profile data
from userspace.
Tony
next prev parent reply other threads:[~2006-04-21 18:06 UTC|newest]
Thread overview: 173+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-19 17:49 [RFC][PATCH 0/11] security: AppArmor - Overview Tony Jones
2006-04-19 17:49 ` [RFC][PATCH 1/11] security: AppArmor - Integrate into kbuild Tony Jones
2006-04-19 17:57 ` Arjan van de Ven
2006-04-19 18:10 ` Tony Jones
2006-04-19 18:35 ` Valdis.Kletnieks
2006-04-19 19:55 ` Adrian Bunk
2006-04-19 20:52 ` Tony Jones
2006-04-19 17:49 ` [RFC][PATCH 2/11] security: AppArmor - Core headers Tony Jones
2006-04-19 18:01 ` Arjan van de Ven
2006-04-20 17:43 ` Tony Jones
2006-04-19 17:49 ` [RFC][PATCH 3/11] security: AppArmor - LSM interface Tony Jones
2006-04-19 18:05 ` Arjan van de Ven
2006-04-19 17:49 ` [RFC][PATCH 4/11] security: AppArmor - Core access controls Tony Jones
2006-04-19 18:10 ` Arjan van de Ven
2006-04-19 18:57 ` Crispin Cowan
2006-04-19 23:05 ` Rik van Riel
2006-04-19 23:18 ` Seth Arnold
2006-04-19 23:21 ` Rik van Riel
2006-04-19 23:50 ` Crispin Cowan
2006-04-20 12:33 ` Stephen Smalley
2006-04-20 16:27 ` Lars Marowsky-Bree
2006-04-20 17:39 ` Tony Jones
2006-04-19 19:32 ` Jan Engelhardt
2006-04-19 19:50 ` Stephen Smalley
2006-04-20 9:40 ` Al Viro
2006-04-20 11:40 ` Serge E. Hallyn
2006-04-20 21:39 ` Tony Jones
2006-04-19 17:49 ` [RFC][PATCH 5/11] security: AppArmor - Filesystem Tony Jones
2006-04-21 21:13 ` Amy Griffis
2006-04-19 17:49 ` [RFC][PATCH 6/11] security: AppArmor - Userspace interface Tony Jones
2006-04-20 21:39 ` Pavel Machek
2006-04-21 18:01 ` Tony Jones [this message]
2006-04-21 18:41 ` Pavel Machek
2006-04-19 17:50 ` [RFC][PATCH 7/11] security: AppArmor - Misc (capabilities, data structures) Tony Jones
2006-04-19 18:16 ` Stephen Hemminger
2006-04-19 17:50 ` [RFC][PATCH 8/11] security: AppArmor - Pathname matching submodule Tony Jones
2006-04-19 17:50 ` [RFC][PATCH 9/11] security: AppArmor - Audit changes Tony Jones
2006-04-21 21:21 ` Amy Griffis
2006-04-22 0:13 ` Steve Grubb
2006-04-22 0:19 ` Tony Jones
2006-04-19 17:50 ` [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path Tony Jones
2006-04-19 22:12 ` Christoph Hellwig
2006-04-20 5:36 ` Tony Jones
2006-04-20 8:26 ` Arjan van de Ven
2006-04-20 16:43 ` Tony Jones
2006-04-20 17:04 ` Christoph Hellwig
2006-04-20 17:50 ` Tony Jones
2006-04-21 12:16 ` Stephen Smalley
2006-04-24 13:05 ` Alan Cox
2006-04-19 17:50 ` [RFC][PATCH 11/11] security: AppArmor - Export namespace semaphore Tony Jones
2006-04-19 22:10 ` Christoph Hellwig
2006-04-20 12:39 ` Stephen Smalley
2006-04-20 12:46 ` Serge E. Hallyn
2006-04-20 12:05 ` Stephen Smalley
2006-04-20 13:21 ` Serge E. Hallyn
2006-04-20 12:48 ` Stephen Smalley
2006-04-20 12:58 ` Stephen Smalley
2006-04-20 22:11 ` Linda A. Walsh
2006-04-20 23:05 ` Christoph Hellwig
2006-04-21 1:29 ` Linda A. Walsh
2006-04-21 2:09 ` Chris Wright
2006-04-21 5:10 ` Linda Walsh
2006-04-23 12:11 ` Arjan van de Ven
2006-04-21 14:02 ` Stephen Smalley
2006-04-20 19:45 ` Tony Jones
2006-04-20 20:16 ` Serge E. Hallyn
2006-04-20 20:22 ` James Morris
2006-04-20 21:50 ` Linda Walsh
2006-04-20 21:56 ` Al Viro
2006-04-20 23:54 ` James Morris
2006-04-21 13:59 ` Stephen Smalley
2006-04-19 18:14 ` [RFC][PATCH 0/11] security: AppArmor - Overview Arjan van de Ven
2006-04-19 22:32 ` Andi Kleen
2006-04-19 23:00 ` grundig
2006-04-19 23:38 ` Andi Kleen
2006-04-20 1:32 ` Crispin Cowan
2006-04-20 13:00 ` grundig
2006-04-20 13:09 ` Serge E. Hallyn
2006-04-20 13:15 ` Al Viro
2006-04-21 0:11 ` Tony Jones
2006-04-24 13:01 ` Alan Cox
2006-04-20 8:42 ` Arjan van de Ven
2006-04-20 19:26 ` Crispin Cowan
2006-04-20 19:27 ` Chris Wright
2006-04-21 12:18 ` Stephen Smalley
2006-04-21 17:30 ` Chris Wright
2006-04-21 18:07 ` Stephen Smalley
2006-04-21 20:06 ` Valdis.Kletnieks
2006-04-21 20:35 ` Stephen Smalley
2006-04-21 20:44 ` Stephen Smalley
2006-04-21 21:38 ` Dave Neuer
2006-04-22 10:01 ` Thomas Bleher
2006-04-24 4:18 ` Neil Brown
2006-04-24 7:03 ` Theodore Ts'o
2006-04-24 13:04 ` Pavel Machek
2006-04-24 13:43 ` Joshua Brindle
2006-04-24 21:07 ` Stephen Smalley
2006-04-24 23:52 ` Theodore Ts'o
2006-04-25 6:22 ` Arjan van de Ven
2006-04-25 16:45 ` Stephen Smalley
2006-04-25 16:52 ` Arjan van de Ven
2006-04-25 17:43 ` Seth Arnold
2006-04-25 18:34 ` Valdis.Kletnieks
2006-04-25 18:48 ` Stephen Smalley
2006-04-25 18:56 ` Valdis.Kletnieks
2006-04-25 4:25 ` Casey Schaufler
2006-04-25 7:50 ` James Morris
2006-04-25 12:46 ` Theodore Ts'o
2006-04-25 15:06 ` Stephen Smalley
2006-04-25 16:00 ` Casey Schaufler
2006-04-25 16:21 ` Randy.Dunlap
2006-04-26 3:42 ` Casey Schaufler
2006-04-26 12:15 ` Stephen Smalley
2006-04-27 0:21 ` Casey Schaufler
2006-04-27 14:47 ` Karl MacMillan
2006-04-25 17:29 ` Stephen Smalley
2006-04-26 3:56 ` Casey Schaufler
2006-04-26 11:32 ` Stephen Smalley
2006-04-25 16:47 ` Stephen Smalley
2006-04-24 7:14 ` Arjan van de Ven
2006-04-24 8:11 ` Lars Marowsky-Bree
2006-04-25 19:27 ` Seth Arnold
2006-04-24 13:11 ` Joshua Brindle
2006-04-24 13:26 ` Andi Kleen
2006-04-24 13:39 ` Joshua Brindle
2006-04-24 15:16 ` Joshua Brindle
2006-04-24 15:50 ` Tony Jones
2006-04-24 17:03 ` Joshua Brindle
2006-04-25 17:12 ` Valdis.Kletnieks
2006-04-25 17:34 ` Tony Jones
2006-04-24 13:52 ` Alan Cox
2006-04-24 14:09 ` Andi Kleen
2006-04-24 20:45 ` Stephen Smalley
2006-04-25 8:10 ` Neil Brown
2006-04-25 8:28 ` Al Viro
2006-04-25 12:42 ` James Carter
2006-04-25 12:43 ` Andi Kleen
2006-04-25 14:50 ` James Carter
2006-04-25 15:01 ` Stephen Smalley
2006-04-25 18:11 ` Tony Jones
2006-04-25 21:25 ` Stephen Smalley
2006-04-25 17:07 ` Stephen Smalley
2006-04-26 22:15 ` Some Concrete AppArmor Questions - was " Neil Brown
2006-04-26 23:06 ` Ken Brush
2006-04-27 4:15 ` Andi Kleen
2006-04-27 6:52 ` Arjan van de Ven
2006-04-27 7:40 ` Chris Wright
2006-04-27 10:17 ` Chris Wright
2006-04-27 14:42 ` Karl MacMillan
2006-04-27 23:44 ` Chris Wright
2006-04-28 13:02 ` Stephen Smalley
2006-04-28 15:49 ` Casey Schaufler
2006-04-28 16:04 ` Stephen Hemminger
2006-04-28 21:49 ` James Morris
2006-04-28 16:56 ` Karl MacMillan
2006-04-27 16:03 ` Stephen Smalley
2006-04-27 22:38 ` Chris Wright
2006-04-28 13:00 ` Stephen Smalley
2006-04-27 17:43 ` Stephen Smalley
2006-04-27 17:58 ` Ken Brush
2006-04-28 11:28 ` Stephen Smalley
2006-04-28 11:47 ` Andi Kleen
2006-04-28 12:28 ` Stephen Smalley
2006-04-27 11:02 ` Christoph Hellwig
2006-04-27 11:05 ` Andi Kleen
2006-04-20 11:29 ` Serge E. Hallyn
2006-04-20 13:24 ` Christoph Hellwig
2006-04-20 22:32 ` Linda A. Walsh
2006-04-20 12:17 ` Stephen Smalley
2006-04-20 15:38 ` Joshua Brindle
2006-04-20 19:57 ` Crispin Cowan
2006-04-21 13:34 ` Stephen Smalley
2006-04-22 12:27 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060421180115.GB740@suse.de \
--to=tonyj@suse.de \
--cc=chrisw@sous-sol.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=pavel@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).