xref: /linux/security/apparmor/include/policy_unpack.h (revision e5c86679d5e864947a52fb31e45a425dea3e7fa9)
1 /*
2  * AppArmor security module
3  *
4  * This file contains AppArmor policy loading interface function definitions.
5  *
6  * Copyright (C) 1998-2008 Novell/SUSE
7  * Copyright 2009-2010 Canonical Ltd.
8  *
9  * This program is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU General Public License as
11  * published by the Free Software Foundation, version 2 of the
12  * License.
13  */
14 
15 #ifndef __POLICY_INTERFACE_H
16 #define __POLICY_INTERFACE_H
17 
18 #include <linux/list.h>
19 #include <linux/kref.h>
20 
21 struct aa_load_ent {
22 	struct list_head list;
23 	struct aa_profile *new;
24 	struct aa_profile *old;
25 	struct aa_profile *rename;
26 	const char *ns_name;
27 };
28 
29 void aa_load_ent_free(struct aa_load_ent *ent);
30 struct aa_load_ent *aa_load_ent_alloc(void);
31 
32 #define PACKED_FLAG_HAT		1
33 
34 #define PACKED_MODE_ENFORCE	0
35 #define PACKED_MODE_COMPLAIN	1
36 #define PACKED_MODE_KILL	2
37 #define PACKED_MODE_UNCONFINED	3
38 
39 /* struct aa_loaddata - buffer of policy load data set */
40 struct aa_loaddata {
41 	struct kref count;
42 	size_t size;
43 	int abi;
44 	unsigned char *hash;
45 	char data[];
46 };
47 
48 int aa_unpack(struct aa_loaddata *udata, struct list_head *lh, const char **ns);
49 
50 static inline struct aa_loaddata *
51 aa_get_loaddata(struct aa_loaddata *data)
52 {
53 	if (data)
54 		kref_get(&(data->count));
55 	return data;
56 }
57 
58 void aa_loaddata_kref(struct kref *kref);
59 static inline void aa_put_loaddata(struct aa_loaddata *data)
60 {
61 	if (data)
62 		kref_put(&data->count, aa_loaddata_kref);
63 }
64 
65 #endif /* __POLICY_INTERFACE_H */
66