Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awilliam
GitHub Repository: awilliam/linux-vfio
 Path: blob/master/security/apparmor/ipc.c
10814 views
1
/*

2
 * AppArmor security module

3
 *

4
 * This file contains AppArmor ipc mediation

5
 *

6
 * Copyright (C) 1998-2008 Novell/SUSE

7
 * Copyright 2009-2010 Canonical Ltd.

8
 *

9
 * This program is free software; you can redistribute it and/or

10
 * modify it under the terms of the GNU General Public License as

11
 * published by the Free Software Foundation, version 2 of the

12
 * License.

13
 */

14


15
#include <linux/gfp.h>

16
#include <linux/ptrace.h>

17


18
#include "include/audit.h"

19
#include "include/capability.h"

20
#include "include/context.h"

21
#include "include/policy.h"

22


23
/* call back to audit ptrace fields */

24
static void audit_cb(struct audit_buffer *ab, void *va)

25
{

26
	struct common_audit_data *sa = va;

27
	audit_log_format(ab, " target=");

28
	audit_log_untrustedstring(ab, sa->aad.target);

29
}

30


31
/**

32
 * aa_audit_ptrace - do auditing for ptrace

33
 * @profile: profile being enforced  (NOT NULL)

34
 * @target: profile being traced (NOT NULL)

35
 * @error: error condition

36
 *

37
 * Returns: %0 or error code

38
 */

39
static int aa_audit_ptrace(struct aa_profile *profile,

40
			   struct aa_profile *target, int error)

41
{

42
	struct common_audit_data sa;

43
	COMMON_AUDIT_DATA_INIT(&sa, NONE);

44
	sa.aad.op = OP_PTRACE;

45
	sa.aad.target = target;

46
	sa.aad.error = error;

47


48
	return aa_audit(AUDIT_APPARMOR_AUTO, profile, GFP_ATOMIC, &sa,

49
			audit_cb);

50
}

51


52
/**

53
 * aa_may_ptrace - test if tracer task can trace the tracee

54
 * @tracer_task: task who will do the tracing  (NOT NULL)

55
 * @tracer: profile of the task doing the tracing  (NOT NULL)

56
 * @tracee: task to be traced

57
 * @mode: whether PTRACE_MODE_READ || PTRACE_MODE_ATTACH

58
 *

59
 * Returns: %0 else error code if permission denied or error

60
 */

61
int aa_may_ptrace(struct task_struct *tracer_task, struct aa_profile *tracer,

62
		  struct aa_profile *tracee, unsigned int mode)

63
{

64
	/* TODO: currently only based on capability, not extended ptrace

65
	 *       rules,

66
	 *       Test mode for PTRACE_MODE_READ || PTRACE_MODE_ATTACH

67
	 */

68


69
	if (unconfined(tracer) || tracer == tracee)

70
		return 0;

71
	/* log this capability request */

72
	return aa_capable(tracer_task, tracer, CAP_SYS_PTRACE, 1);

73
}

74


75
/**

76
 * aa_ptrace - do ptrace permission check and auditing

77
 * @tracer: task doing the tracing (NOT NULL)

78
 * @tracee: task being traced (NOT NULL)

79
 * @mode: ptrace mode either PTRACE_MODE_READ || PTRACE_MODE_ATTACH

80
 *

81
 * Returns: %0 else error code if permission denied or error

82
 */

83
int aa_ptrace(struct task_struct *tracer, struct task_struct *tracee,

84
	      unsigned int mode)

85
{

86
	/*

87
	 * tracer can ptrace tracee when

88
	 * - tracer is unconfined ||

89
	 *   - tracer is in complain mode

90
	 *   - tracer has rules allowing it to trace tracee currently this is:

91
	 *       - confined by the same profile ||

92
	 *       - tracer profile has CAP_SYS_PTRACE

93
	 */

94


95
	struct aa_profile *tracer_p;

96
	/* cred released below */

97
	const struct cred *cred = get_task_cred(tracer);

98
	int error = 0;

99
	tracer_p = aa_cred_profile(cred);

100


101
	if (!unconfined(tracer_p)) {

102
		/* lcred released below */

103
		const struct cred *lcred = get_task_cred(tracee);

104
		struct aa_profile *tracee_p = aa_cred_profile(lcred);

105


106
		error = aa_may_ptrace(tracer, tracer_p, tracee_p, mode);

107
		error = aa_audit_ptrace(tracer_p, tracee_p, error);

108


109
		put_cred(lcred);

110
	}

111
	put_cred(cred);

112


113
	return error;

114
}

115


116