~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/apparmor/ipc.c

Version: ~ [ linux-5.3-rc4 ] ~ [ linux-5.2.8 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.66 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.138 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.189 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.189 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.71 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * AppArmor security module
  3  *
  4  * This file contains AppArmor ipc mediation
  5  *
  6  * Copyright (C) 1998-2008 Novell/SUSE
  7  * Copyright 2009-2010 Canonical Ltd.
  8  *
  9  * This program is free software; you can redistribute it and/or
 10  * modify it under the terms of the GNU General Public License as
 11  * published by the Free Software Foundation, version 2 of the
 12  * License.
 13  */
 14 
 15 #include <linux/gfp.h>
 16 #include <linux/ptrace.h>
 17 
 18 #include "include/audit.h"
 19 #include "include/capability.h"
 20 #include "include/context.h"
 21 #include "include/policy.h"
 22 #include "include/ipc.h"
 23 
 24 /* call back to audit ptrace fields */
 25 static void audit_cb(struct audit_buffer *ab, void *va)
 26 {
 27         struct common_audit_data *sa = va;
 28         audit_log_format(ab, " peer=");
 29         audit_log_untrustedstring(ab, aad(sa)->peer->base.hname);
 30 }
 31 
 32 /**
 33  * aa_audit_ptrace - do auditing for ptrace
 34  * @profile: profile being enforced  (NOT NULL)
 35  * @target: profile being traced (NOT NULL)
 36  * @error: error condition
 37  *
 38  * Returns: %0 or error code
 39  */
 40 static int aa_audit_ptrace(struct aa_profile *profile,
 41                            struct aa_profile *target, int error)
 42 {
 43         DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_NONE, OP_PTRACE);
 44 
 45         aad(&sa)->peer = target;
 46         aad(&sa)->error = error;
 47 
 48         return aa_audit(AUDIT_APPARMOR_AUTO, profile, &sa, audit_cb);
 49 }
 50 
 51 /**
 52  * aa_may_ptrace - test if tracer task can trace the tracee
 53  * @tracer: profile of the task doing the tracing  (NOT NULL)
 54  * @tracee: task to be traced
 55  * @mode: whether PTRACE_MODE_READ || PTRACE_MODE_ATTACH
 56  *
 57  * Returns: %0 else error code if permission denied or error
 58  */
 59 int aa_may_ptrace(struct aa_profile *tracer, struct aa_profile *tracee,
 60                   unsigned int mode)
 61 {
 62         /* TODO: currently only based on capability, not extended ptrace
 63          *       rules,
 64          *       Test mode for PTRACE_MODE_READ || PTRACE_MODE_ATTACH
 65          */
 66 
 67         if (unconfined(tracer) || tracer == tracee)
 68                 return 0;
 69         /* log this capability request */
 70         return aa_capable(tracer, CAP_SYS_PTRACE, 1);
 71 }
 72 
 73 /**
 74  * aa_ptrace - do ptrace permission check and auditing
 75  * @tracer: task doing the tracing (NOT NULL)
 76  * @tracee: task being traced (NOT NULL)
 77  * @mode: ptrace mode either PTRACE_MODE_READ || PTRACE_MODE_ATTACH
 78  *
 79  * Returns: %0 else error code if permission denied or error
 80  */
 81 int aa_ptrace(struct task_struct *tracer, struct task_struct *tracee,
 82               unsigned int mode)
 83 {
 84         /*
 85          * tracer can ptrace tracee when
 86          * - tracer is unconfined ||
 87          *   - tracer is in complain mode
 88          *   - tracer has rules allowing it to trace tracee currently this is:
 89          *       - confined by the same profile ||
 90          *       - tracer profile has CAP_SYS_PTRACE
 91          */
 92 
 93         struct aa_profile *tracer_p = aa_get_task_profile(tracer);
 94         int error = 0;
 95 
 96         if (!unconfined(tracer_p)) {
 97                 struct aa_profile *tracee_p = aa_get_task_profile(tracee);
 98 
 99                 error = aa_may_ptrace(tracer_p, tracee_p, mode);
100                 error = aa_audit_ptrace(tracer_p, tracee_p, error);
101 
102                 aa_put_profile(tracee_p);
103         }
104         aa_put_profile(tracer_p);
105 
106         return error;
107 }
108 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp